Compare releases

• 5651 - Added validation to the IIS configuration to ensure a hostname is entered when SNI is enabled
• 5650 - Show error message when kubectl returns error message

• 4964 - Added special variable OctopusUseBundledAwsCLI to allow opting out of using the bundled AWS CLI
• 5360 - Added special variable OctopusUseBundledAwsPowerShellModules to allow opting out of using the bundled AWS PowerShell modules
• 5395 - Update bundled AWS CLI to 1.16.178
• 5466 - Variable selector on tenant variables now includes variables from the selected project
• 5467 - Variables supplied from parent to child projects with Deploy Release steps will correctly have a higher specificity score now allowing them to always overwrite child variables
• 5474 - Added an option to merge instead of replace IIS bindings
• 5575 - Fix for TypeError on certificate search, when certificate data was in an unexpected state
• 5584 - If SMTP is configured to use SSL/TLS and initial connection using SSL fails, we try to connect using TLS instead. If SMTP is not configured to use SSL/TLS we intially try to connect using TLS but if that fails we connect using an insecure connection
• 5589 - Fix for audit entries on variables where no changes were made
• 5608 - Fixed bug that was preventing Automatic Release Creation from running when an unrelated package was of a higher version than the package specified for ARC
• 5621 - Fix issue where filter in dropdown can’t be focused
• 5624 - Bugfix paging through docker registry results
• 5626 - Tentacle has wriggled into the Linux category for deployment targets and workers
• 5630 - Fixed issue where usage of Token account variables was not shown correctly in the UI
• 5631 - Updated bundled Tentacle which has improved connection retry logic and certificate import improvements
• 5632 - Fixed an issue with boolean handling in the Azure Resource Group template step's code editor
• 5637 - Service Fabric profile flag to disable upgrades is now honoured
• 5638 - Added report about executing threads stacks as part of Diagnostics zip
• 5641 - Fixed a bug where Octopus can take a long time to connect to deployment targets

• 4227 - Fixed a memory leak that occurs when WebSocket polling tentacles do not trust the server's certificate
• 4822 - Allow updating worker pool on child steps
• 5619 - Scheduled, Triggered and Auto-Promoted deployments now always respect the guided failure setting on the project and environment

• 4209 - Show "Update variables" button on a release even if it doesn't have existing variables
• 4836 - Fix error on Scheduled Triggers if user doesn't have access to all environments for project
• 5372 - Fix for auto-deploy machines becoming available during a deployment
• 5484 - Add support for dynamic project IDs in Deploy Release steps when working with package metadata in releases
• 5577 - Add support for dynamic package IDs when working with package metadata in releases
• 5584 - If SMTP is configured to use SSL/TLS and initial connection using SSL fails, we try to connect using TLS instead. If SMTP is not configured to use SSL/TLS we intially try to connect using TLS but if that fails we connect using an insecure connection
• 5600 - Display escape characters in log if an Azure account can't be found by ID
• 5609 - Fix for Object reference not set to an instance of an object. when saving ARC, project settings, Life Cycles, Library Variable Sets when ARC is configured with a step that doesn't have a primary package
• 5611 - Incorrect permission elevation error when saving a team
• 5612 - UI introducing a help sidebar to provide more context
• 5613 - Improved handling of login identity checks when using Directory Services, to accommodate cases where users have ended up with multiple attached identities
• 5614 - Redeployments now include package metadata for the releases used the first time the deployment's release was deployed to the given environment/tenant
• 5616 - Use native kubectl config masking for verbose logs
• 5618 - Active directory group search now works on the group name containing the entered value, rather than only starting with the entered value

• 4564 - Deployments awaiting manual intervention block other deployments to the same environment
• 4619 - Update Calamari to .Net Core 2.2
• 4781 - When deleting or purging a directory, once the retry limit has been exceeded once, subsequent deletes will only be tried once
• 5197 - The CertificateReplace, TaskState, and VersionRuleTest endpoints no longer treat the requests JSON properties as case sensitive
• 5566 - Fixed order of tenant tagset tags on Infrastructure dashboard
• 5578 - Server configuration files can now be referenced using a UNC path
• 5599 - Expanded the input fields for command parameters
• 5603 - Fix an issue where tabs pushed onto the browser history a number of times causing issues when navigating back

• 5592 - Labels in custom resources now take precedence over the global labels defined in the container deployment step
• 5596 - Projects with no alpha-numeric characters will now generate a non-blank slug
• 5598 - Fixes a bug introduced in 2019.5.4 that prevented most API requests from being handled in parallel, causing slow downs of the API and UI

• 3859 - IIS bindings with upper case protocols are now show correctly in the IIS Manager
• 3903 - The IIS binding list on the step edit now shows the value of the enabled flag
• 4735 - Provide warning if email body fails to evaluate variables
• 4779 - API keys are now immediately removed from the server cache when a user is disabled or deleted
• 5228 - Offline drops now escape Windows and Linux special characters on all platforms
• 5264 - UI fix for dialog overflow and scrolling issues
• 5342 - Support escaped quotes in octostache variable filter parameters
• 5558 - Now when a Tentacle is deleted from Octopus all connections to that machine will be closed
• 5568 - Fix for the migration API pushing packages to a destination server
• 5572 - Fixed bug that caused automatic release creation failures to return 400 and 500 on package push
• 5579 - Fix for API key not being copied to the clipboard in the generate new API key dialog
• 5581 - Fix an issue where autocomplete popover does not close after selecting an item
• 5582 - Fix an issue where autocomplete and multi selects would not select an item when pressing enter after focusing an item in the list
• 5584 - Fixed bug where emails fail due to certificate error when SSL/TLS is disabled in SMTP configuration
• 5586 - Guest authentication provider now supports automatic logins
• 5588 - Allow all feed types to select non acquisition option during script steps
• 5464 - Cleanup tasks are no longer scheduled when the task queue for a space is stopped
• 5583 - Package build metadata, e.g. VcsCommitNumber, is now included in deployment variables
• 5587 - Label validation in K8S steps does not allow for prefixes
• 5591 - Editing a space is now validated and space name length validation messages improved

• 5476 - Fixed high CPU usage on deployment task page
• 5512 - Prompted variables without a label can now only be scoped to environments
• 5513 - Fix an issue where multiple error panels will be displayed when server is unreachable
• 5538 - Updates and usage telemetry settings were moved from the setup wizard to the Portal
• 5545 - Fixed an issue where the Tentacle poll-server command was unable to successfully configure polling on second and subsequent HA nodes
• 5547 - ARM template parsing handles parameter types in a case insensitive manner
• 5560 - Fix terraform commands not generating any output during deployments
• 5562 - Update CloudFormation change set fields to be bindable
• 5564 - Automatic release creation can no longer be configured to use a package sourced from an external feed
• 5569 - Adds a summary view of variable set usage in projects and releases
• 5570 - UI adding a typed confirmation to the delete project action for additional safety
• 5573 - Added ability to turn off variable substitution for Terraform default files in package

• 5567 - Rolled back the logging changes in 2019.4.3 that are likely causing deployments, tasks and server shutdown to hang

• 5539 - Fixed missing navigation menus when creating a new Deployment Target or Worker

• 5550 - Fixed an issue where multi-select and auto completion fields would render popovers partially offscreen when close to the edge
• 5551 - Deployment retention no longer requires exclusive access to the tentacle (this bug was introduced in 2019.4.5)
• 5555 - Fixed "Sequence contains no elements" error when viewing releases that don't match the current project release versioning settings
• 5556 - Fix terraform steps unable to asume AWS service roles
• 5557 - Only load script module usage on demand
• 5559 - Include monthly active user count in usage statistics

• 3590 - Choosing a certificate no longer shows the binding expression toggle in the UI
• 5462 - Added variables for trigger which caused a deployment
• 5486 - UI improving delta highlighting on the audit screen
• 5499 - Script modules are now supported for Bash, C#, F# and Python
• 5502 - Fixed an issue where the file picker window would not trigger from the replace certificate dialog
• 5507 - UI improving onboarding for new users and team membership and including a list of teams on the users page
• 5508 - Can now step into script modules while debugging PowerShell script steps
• 5520 - UI Dashboard screen search bar will no longer render if there are no Environments in the instance
• 5522 - Release notes evaluation now also happens for automatic release creation and scheduled release triggers
• 5523 - Fixed an issue where Deploy CloudFormation template step would fail when using the change sets feature and no changes need to be applied
• 5524 - Fixed bug where retrieving release notes from GitHub would throw an exception if the VcsRoot ended with .git
• 5526 - Improved how the Portal retries connecting when the Octopus Server is not contactable
• 5533 - Health check may fail on windows machines with failure to load TimeZoneInfo type
• 5534 - The Test button on the Create Feed screen no longer crashes when invalid data entered
• 5536 - Fixed error when attempting to delete an Octopus Server node
• 5537 - Modifying teams and roles enforces all permissions and scoping in elevation checks
• 5540 - Added confirmation dialog before deleting an API Key
• 5542 - Fixed an issue preventing the selection of the Specific Version radio button when using variables for the package feed
• 5544 - Breaking change Some machine policy properties have been renamed to better accommodate Linux Tentacle
• 5546 - Fixed TypeError on Kubernetes step when adding a volume
• 5549 - Octopus no longer enforces email uniqueness across users, in order to support Active Directory scenarios where users can share an email address

• 4567 - Automatic Release Creation now creates releases after a step rename
• 5394 - K8S deploy step supports external secrets to be used for ingress TLS
• 5458 - Improved the speed of the automatic release creation after a package upload
• 5488 - Release note accumulation honors the Discrete Channel release setting on the project
• 5494 - Raw commit details as an Octopus variable for release notes
• 5495 - Work item release notes from GitHub / Jira
• 5498 - Improved error message when attempting to acquire helm charts but helm is missing
• 5501 - Fixed an issue preventing the cloning of a step into the current project
• 5506 - Fixed issue with creating releases when multiple packages exist on the versioning step

• 5483 - Changed all popover components to use the new MUI component which is reported to fix the positioning delay
• 5487 - Return a more helpful error message on the release page if a package / version combination cannot be found in the built-in repository
• 5490 - Make package published date format in UI consistent and include tooltip with timezone info
• 5491 - Fixed exception on Project settings page if auto release creation is enabled and a package step is configured to use a versioning template instead of package step
• 5493 - BugFix: DockerHub feeds fail to authenticate during acquisition

• 5223 - Fixed an issue where redeploying a SF application of the same app/type/version would fail regardless of override behavior
• 5386 - UI adding categories to make step template selection more intuitive
• 5402 - Related to 5468, Azure Resource Group template parser updated to handle non-string types
• 5415 - Added warning when user is creating/editing an Email Step or a Subscription and SMTP hasn't been configured yet
• 5431 - Prevented disabled steps from being used for release versioning and automatic release creation
• 5437 - Updated health check messages to better reflect plural and singular
• 5444 - Octopus Server can no longer be started against a database with a newer schema
• 5468 - Azure Resource Group step fixed to handle the templates correctly when bool and integer types are used
• 5472 - Corrected read-only summary label for container volume mount in k8s deploy containers step
• 5473 - Ensure only distinct package versions are included when running package metadata retention
• 5475 - Button styling has been updated to improve accessibility
• 5478 - Resolved spurious validation failure related to secret volume on deploy k8s containers step
• 5480 - Add certificate variable validation for HTTPS binding on the Deploy to IIS step
• 5481 - Bug: Unable to pull docker image on some ssh targets
• 5485 - Kubernetes step resource validation is over-eager and not allowing variables

• 5159 - Add Octo.exe argument --noDeployAfter to set QueueTimeExpiry
• 5419 - An event is now logged to the audit log when a task is cancelled due to the server shutting down unexpectedly
• 5426 - Certificate with private-key being displayed as not having private-key
• 5427 - UI adding default role chips to the variable editor when no target roles exist yet
• 5429 - Adding project group filtering for events/subscriptions
• 5430 - Fixed an issue where an excessive amount of requests were being made for tenant tag sets when on the deployment target settings page
• 5435 - UI show the step type while editing a step
• 5436 - Tenant tag selection now shows an appropriate message when all tag sets are empty
• 5440 - Prevented duplicate validation messages
• 5452 - Improve Performance of Dashboard by indexing temp table
• 5455 - Improved the performance the Projects API when many projects use features that are based on step names
• 5461 - UI adding form expander animations

• 4236 - Auto Release Creation and Scheduled Triggers now evaluate variables in package names
• 5412 - Auto Release Creation and Scheduled Triggers can now create releases for projects using Step Templates that reference packages other than the one uploaded
• 5421 - Improved the speed of the Machine status triggered AutoDeploy
• 5424 - UI trimming roles on data-entry to avoid white-space issues during machine scoping
• 5445 - Package push with overwrite now updates metadata
• 5447 - Swagger file should use string for enums
• 5449 - Integrate Octopus with Jira to get deployment feedback on your Jira work items
• 5450 - Projects can now specify a release notes template, complete with variable binding, that gets applied during release creation
• 5465 - Fixed bug in release creation when steps are scoped to channels

• 5615 - More defensive error handling when docker acquisition fails

• 5553 - Improve Performance of Dashboard by indexing temp table
• 5565 - Azure Resource Group step fixed to handle the templates correctly when bool and integer types are used
• 5571 - Fixed bug that caused automatic release creation failures to return 400 and 500 on package push
• 5576 - Fixed high CPU usage on deployment task page
• 5580 - Resolved issue where certificates with private keys were being shown as not having a private key

• 5531 - Fixed a bug preventing deployment target triggers from working when any project has more than one deployment target trigger defined

• 5457 - Improved the speed of the automatic release creation after a package upload
• 5516 - Automatic Release Creation now creates releases after a step rename
• 5517 - Fix up some UserRoles that were not set up correctly in 2019.1 and could not be saved
• 5433 - Update to Halibut to ignore unnecessary ACL failures that were causing deployments to fail
• 5529 - Fixed an access control bug where project scoping was not being applied for VariableViewUnscoped and VariableEditUnscoped permissions (CVE-2019-11632)

• 5446 - Fix for users seeing a blank screen when they were set up with no permissions
• 5454 - Improved the performance the Projects API when many projects use features that are based on step names
• 5459 - Auto Release Creation and Scheduled Triggers can now create releases for projects using Step Templates that reference packages other than the one uploaded. Improved the speed of the Machine status triggered AutoDeploy

2019.3 LTS

• 3748 - Fix for editing a release with a package that doesn't match channel rules
• 5272 - Octopus Cloud Octopus Manager team doesn't have permissions to export users permission structure
• 5404 - Fix for broken Project settings page if project was cloned from another project that's not available due to permission/deletion/migration
• 5422 - Made the getting started guidance available to hosted customers and space managers
• 5423 - Adding null checking around database upgrade script
• 5425 - Docker acquisition script moved from Server to Calamari

• 5285 - Added validation to ensure machine policy timeouts
• 5407 - Added ability to supply additional arguments in Upgrade Helm Chart step
• 5409 - Tags entered but not added are now auto-added when saving a tenant tag set
• 5413 - Added the ability to filter by project and environment on the tenants overview
• 5417 - Removed unnecessary Tenant Preview buton on Tenant Overview page
• 5418 - Fix issue where side bar navigation was missing on the Create Subscription page
• 5420 - Improved the processing speed of the auto-deploy triggers background process

• 5410 - Fixed crash on node --drain command
• 5411 - Fixed issue with subscription webhooks using wrong http header type
• 5414 - Fixed startup issue for a subset of customers by a data consistency script in 2019.2.5

Changes in 2019.2.5 (release was disabled/hidden due to a bug found)

• 4821 - Fixed issue where expired cron expressions for scheduled deployments were throwing exceptions
• 4916 - Renamed 'Run a Helm Update' step to 'Upgrade Helm Chart'
• 5140 - Fixed issue where worker health checks run for deployment targets instead
• 5370 - Cleaned up callouts in Space Edit screen to improve UX
• 5379 - fixes scoping for projects when a different project group is scoped on the user role
• 5381 - Environment section text only shows up if there are environments created on that Octopus instance
• 5387 - fixes project scoping for user roles when scoped to the projects' group
• 5391 - fixes dashboard bug when accessing projects in a group the user doesn't have access to
• 5400 - Added target name to Calamari/Tentacle upgrade task name
• 5401 - Fix for permission errors when trying to view another users permissions if you do not have access in another space
• 5405 - Improved cross document links for ScopedUserRoles to Teams and UserRoles in Audit

• 5208 - Fixed an issue where guided failure does not fail a deployment on the first attempt
• 5356 - Re-wording message that shows up when a task is suspended because the space queue was stopped
• 5373 - Added client side input validation for retry attempts in external feeds
• 5375 - Filter in Teams page should only render after all teams have loaded
• 5380 - UsernamePassword authentication now accepts email address
• 5383 - Fixed feed refresh button crashes in several built-in steps
• 5392 - Sorted the output of show-configuration and the root api responder to make it easier to find things
• 5393 - fixes an exception during some upgrades due to incorrect assumptions in the UserRole data model
• 5396 - Migrator.exe no longer fails when importing snapshot VariableSet referencing deleted certificate
• 5397 - Migrator now remaps deployment action worker pool ID when importing

• 4243 - Cloning a project now copies all project settings correctly
• 4349 - Reduce confusion around the select and deselect options for steps excluded from a deployment
• 4685 - Fixed issue where the "new server version" notification was not appearing
• 5322 - Fixed issue where Check Tentacle Health summary was not showing details when all targets ended up as HasWarnings or Unhealthy
• 5357 - Modified the tooltip text for Space and System team chips to make it easier to understand
• 5363 - Re-indexing the in-built package repository can now run on any node in a multi-node cluster
• 5364 - Fixed an issue where users without TeamView could not view the configuration for a Space
• 5366 - Allow deployment of raw YAML to K8S Cluster
• 5367 - Corrected an issue where the certificate archive would show incorrect results when loading the second and subsequent pages
• 5368 - Updated the Space Switcher to highlight the active Space
• 5369 - Added a link to the Space Switcher to allow easy space creation
• 5371 - Fixed a bug where you could not fetch artifacts for releases with a large number of deployments
• 5374 - Fixed an issue where the AWS Account variable selector wasn't being displayed
• 5377 - Allow collapsing environment variables for project variable templates when browsing project variables on a tenant
• 5378 - Task Queue startup code handles now exceptions correctly

• 2852 - Added warning to Sensitive text fields regarding ##{ characters escaping
• 4373 - The environments drop down now updates when selecting a different channel on the variable preview
• 5340 - No longer logging warnings when private keys are not available when doing a Service Fabric deployment
• 5344 - UI adding a confirmation to all "Upgrade Tentacle/Calamari" bulk actions
• 5345 - Resolved issue with HCL templates failing validation in Apply Terraform step
• 5358 - Fixed "Object reference not set to an instance of an object" when calling /api/projects/all
• 5359 - Invalid certificates already present before 2018.2.0 release may cause /api/certificates/all request to fail
• 5362 - Fixed a bug where upgrading from old versions of Octopus (pre 3.15.0) would fail

• 4897 - Add validation for drop down options for variable templates of type "select"
• 5303 - 2100 SQL parameter limit hit when updating usages of step templates fixed
• 5325 - Fixed the api/reporting/deployments/xml endpoint, a bug introduced in 2019.1.0
• 5338 - Corrupt builtinrepositoryconfigurations-single configuration json column fixed
• 5343 - Delete project error message does now display the teams blocking the deletion
• 5346 - Automatic lifecycle promotion after automatic release creation works regardless of the permissions of the user that pushed the package, fixing an issue introduced in 2019.1.0
• 5349 - Expose ephemeral storage requests and limits in K8S
• 5351 - Using Tentacle Manager to configure a polling Tentacle does not authenticate with username/password has been fixed
• 5352 - Fixed an issue where nodes with very long names would show StringTooLongException warnings in the log and were unable to elect a Leader node
• 5354 - Improve user experience adding a worker when at license limit

• 5332 - Fix for release promotion being blocked when user could not see complete set of environments that are part of the phases
• 5334 - JSON formatted output broken by non-formatted message

• 4384 - Fix for error in Variable Preview when a Tenant is connected to multiple environments
• 4396 - Render Subject Alternate Names on certificates correctly
• 4864 - Octopus instance management no longer relies on the Windows registry
• 5150 - Added validation to make sure releases cannot be created without version numbers for all packages
• 5299 - Fixed an issue where ACR as a docker feed would not resolve to the latest version when the number of tags exceed the default page limit
• 5302 - Fix an issue where S3 step would not properly set special headers such as Cache-Control when provided as metadata
• 5318 - Fixed bad link on Web Request Proxy settings page
• 5321 - Improved validation messages for creating an SSH Connection target
• 5323 - Fix an issue with S3 where the file metadata would not be updated if file contents did not change
• 5324 - Resolved a High CPU issues triggered by retrieving package notes
• 5326 - Incorrect load more and search inside Library Variable Sets and Script Modules
• 5330 - Add additional logging when a K8S deployment fails

• 4515 - Certificate filter doesn't work when there is more than 1 page or results
• 5307 - Run Condition and Start Trigger sections no longer disappear when a validation error happens when saving a step
• 5308 - Fix for audit screen and audit shortcuts reporting incorrect lack of permission for users who have EventView scoped
• 5309 - Expose the K8S Pod termination grace period field
• 5310 - Allow K8S TLS certificate to be empty
• 5316 - UI fixing route issues that were causing pages to re-render when filtering
• 5317 - Fix for server startup error (Error converting value “TaskViewLog”)
• 5319 - Can't save previously created K8S container definitions

Changes in 2019.1.8 (release was disabled/hidden due to a bug found)

• 4392 - Fixed the variable preview grid to expand columns to all available space
• 5295 - Prevent SQL timeouts for auto-deploy triggers
• 5298 - Fixed "Unbound variable" error when using set_octopusvariable with set -euo pipefail
• 5305 - Rename "machine name" field on deployment targets to "display name"
• 5306 - Show type (Polling Tentacle/Listening Tentacle/Cloud Region/etc) when viewing a deployment target
• 5311 - Removed extraneous slashes in placeholder text for offline drop targets
• 5313 - Outdated OctopusClient warnings now include user and agent type
• 5315 - Save terraform sensitive values as Octopus sensitive values (CVE-2019-8944)
• 4873 - Fix an escaping issue causing Authentication issues with Azure CLI when an Azure Service Principal Account key contains special characters such as those generated by the new Azure App registrations preview blade.

Changes in 2019.1.7 (release was disabled/hidden due to a bug found)

• 5261 - Fix for Tenant scoped users who were incorrectly blocked from exporting certificates
• 5280 - "Deploy a Release" steps now collect output variables from failed child deployments
• 5289 - Fixed a bug where Project Viewers could not assign and submit interruptions
• 5290 - Fixed error "This SqlTransaction has completed; it is no longer usable"
• 5291 - Added warning logs for situations where an IIS web site deployment will fail to start the web site
• 5293 - The built-in repository settings are now retained correctly when upgrading from versions prior to 2019.1.x
• 5294 - Fixed a bug where Packages could be cleaned up by retention policies while still in use by Releases
• 5296 - No longer leaving orphaned DeploymentActionId when deleting a step as part of deleting a channel
• 5297 - Resolved performance problem writing to log files introduced in 2019.1.2
• 5304 - Breaking change Removed the TaskViewLog permission. Any user that has been granted access to a Task through the TaskView permission can also view that Task's logs

• 3198 - Added support for variable substitution in ARM templates for complex types including array types
• 4469 - Links in AWS error messages are now rendered as proper links
• 4618 - Better error handling for Azure steps that display information from Azure
• 5207 - Prevented infinite polling loop when navigation happens while request is in flight
• 5243 - Add CAPABILITYAUTOEXPAND to CloudFormation step and ability to choose multiple IAM capabilities
• 5265 - The correct artifacts now show on the release screen, fixing a bug introduced in 2019.1.0
• 5269 - Fixed a bug where members of teams with no permissions could not assign interruption to themselves, even if that team was designated the responsible team for the interruption
• 5271 - Fix an issue where deleting a CloudFormation stack would not wait until completion
• 5278 - Allow ingress rules to be reordered
• 5279 - Support Downward API for environment variables in Deploy Kubernetes Containers step
• 5282 - Create release via Client API now works for .net standard
• 5283 - Fix for Task screen incorrectly reporting lack of TaskView permission when it was granted only at the Space level
• 5284 - Fixed various issues around permissions that allows access to projects through connected tenants

• 5267 - Resolved error when cloning a channel-scoped step to another project
• 5273 - Fix a bug when navigating to a community action template
• 5275 - Fix for scheduled deployments that contain a deploy a release step failing with a permission exception

• 5266 - Fixed error when health checking Tenant scoped targets in 2019.1.0 and later
• 5268 - Fixed UI bug with exclude unhealthy targets setting

• 5258 - Fix for update deployment process returning incorrect error for missing ProcessEdit permission when it's Tenant scoped
• 5259 - Resolved migrator issue where attachments were causing '$' to be left in IDs
• 5260 - Fix for Tenant scoped ProcessEdit permission warning when updating Action Templates
• 5262 - Fixes errors during upgrade for instances that cannot access the package roots parent directory

• 5247 - Fixed a bug where the Feeds endpoints would not return a backwards compatible FeedResource for old versions of octo.exe
• 5253 - AWS now correctly uses the EC2 instance role metadata
• 5254 - Package upload dates are now shown again (when available) on the previous versions dialog
• 5255 - The refresh feed list button on the Run a Helm Update step no longer crashes
• 5256 - Stopped showing the (unsupported) built in feed for the Run a Helm Update step
• 5257 - Fix for permission error on Releases screen when user had valid Tenant scoped ReleaseView and ProcessView permissions

• 4562 - Added option to exclude unhealthy targets at the beginning of a deployment
• 5141 - Allow overriding namespace in Helm Upgrade step
• 5234 - Added Python 3 support for script steps, ad-hoc scripts and custom deployment scripts
• 5238 - Steps that are skipped due to not finding any deployment targets to run on are now marked as skipped rather than successful, resolving an issue where the incorrect run time was shown
• 5240 - UI fix for package version rendering issues on Create Release screen
• 5241 - Octopus.Migrator.exe now uses the ID to name exported certificate files to ensure all certifcates are exported correctly, even superseded certificates
• 5244 - New-OctopusAzureWebAppTarget command slot name parameter is now honoured
• 5245 - Variable expressions that reference a non existent JSON property now evaluate to an empty string
• 5248 - The server now completes it startup sequence before processing a shutdown request
• 5249 - Fix for a user with Tenant scoped ProcessEdit would prevent UI from showing Create Release action
• 5250 - Fix for ProcessEdit permission correctly operating with Tenant dimension to show add channel button
• 5251 - Fix for ProjectEdit permission correctly operating with Project Group dimension to allow settings editing and tenant linking
• 5252 - Fix to ensure post installation scripts correctly refresh views

• 5226 - Breaking change Increased the speed of artifact retrieval and cascade deletion when there are many artifacts
• 6084 - Breaking change TeamResource structure change - improved scoping ability per team
• 5239 - Added Tentacle support for spaces. Breaking change Deregister commands no longer remove trust for the server
• 3055 - Fix for inconsistencies in EventView permission calculations.
• 4362 - Tentacle Manager no longer overwrites Tentacle instances with the same name.
• 4831 - Tentacle Manager now properly handles selecting and creating of Roles that include spaces

• 2521 - Polling Tentacle timeout can now be configured via the machine policy, replacing the Octopus.Server.exe.config settings. If you are using those settings, open each machine policy, check the settings and save the policy
• 5124 - Added support for touch screens when reordering lists (e.g. when re-ordering steps)
• 5174 - Attempt to cancel any running tasks when shutting down the Octopus service
• 5204 - SSH and Tentacle connection timeouts and limits can now be configured via the machine policy
• 5229 - External feed URLs are now trimmed to prevent validation errors
• 5231 - Squashed null reference error in Deploy Kubernetes Containers step when secret has no data
• 5233 - Added support for AWS S3 and CloudFormation steps to run on ssh Linux targets
• 5237 - Fix for incorrect permission warning on Project overview screen if user only had ProjectView scoped on group dimension

• 5045 - Reduced the key size of the index IXServerTask_Common so it no longer exceeds the maximum key size
• 5205 - Upgrade to latest version of Azure libraries in Octopus Server means breaking some management certificate support
• 5216 - Turn off context autosave in AzureRM powershell scripts
• 5219 - Allow step templates to be created from a step
• 5222 - Server can now download all NuGet packages created with the latest version of NuGet
• 5227 - Bugfix - Referencing PackageVersion variable from another step is not evaluating correctly
• 4287 - Fix for TaskView check incorrectly operating on health check tasks when scoped.

• 5210 - Resolved JSON encoding issue with k8s config maps and secrets
• 5215 - Improved handling of transient I/O errors when writing server logs
• 5217 - Steps can now be cloned to a different project
• 5218 - Fix for resource searching that incorrectly escaped left square brace, resulting in incomplete query results
• 5221 - Downgraded Octopus.Dependencies.AzureCmdlets to v6.8.1

• 4891 - Fix an issue meaning Infrastructure tab didn't load correctly for some permission scoping combinations
• 4929 - TLS certificates can now be configured on Kubernetes Ingress
• 5118 - Resolved issue preventing Kubernetes custom resource YAML containing variable expression from being saved
• 5146 - Bugfix: Support additional values file sourced from helm chart package
• 5177 - Fix and issue where deployments to cloud services would fail to authenticate after migrating from old versions of octopus
• 5179 - Squashed bug resulting from removing package references from cloned steps
• 5199 - Made the capitalization of headings on the project settings page consistent
• 5200 - Fixed an issue on slow connections where attempting to edit a newly cloned step caused a page refresh rather than navigating to the edit step page
• 5201 - Made the Machine Policy field on a new deployment target always visible to reduce confusion
• 5202 - Kubernetes Service fields now displayed before Ingress fields on Deploy Kubernetes Containers step
• 5203 - Ensure K8S lifecycle hooks encode each command line as a string
• 5209 - Fixed an issue preventing new steps from being added and or modified when a step uses an account variable selector such as AWS and Terraform steps
• 5212 - Fix grammar in the summary text for a child step when used in a rolling deployment

• 5194 - UI wording updates to SSH target and .NET framework options
• 5195 - Fixed a bug where deleting an unsaved step from the overflow menu would delete the last step in the deployment process instead

• 5128 - Provide support for --tiller-namespace, --tiller-connection-timeout and --timeout on helm upgrade command
• 5134 - Added --user as an alias for --username to the command line interface
• 5138 - Improved how the task log is displayed, most notably when conditions are used and in failure scenarios
• 5162 - Added an overflow menu to the step edit page to delete and enable/disable the step
• 5168 - Corrected the order of Tenant Tags in the summary text for step conditions to match the order defined on the Tenant Tag Set
• 5169 - Updated the task list task type filter to support the full range of task types
• 5172 - Improved the UI layout for checkbox validation messages and fixed overlapping validation and actions on tenant variables
• 5176 - Flag HA server node as offline when shutting down
• 5178 - Fixed an issue that prevented script types other than PowerShell from running during Azure steps
• 5180 - Okta authentication provider now allows override of the claim used to determine the user's username
• 5181 - Fragmented database indexes are automatically rebuilt or reorganized after other upgrade script have run
• 5182 - Included a link to the project group on the project edit screen
• 5183 - Added code folding support to the code editor
• 5184 - Task re-run permission corrected in user interface, now operates same as the original adhoc-task run
• 5185 - Cloned K8S deployment steps no longer delete K8S resources deployed by other projects
• 5186 - Fixed an issue where the incorrect radio button for certificates on a HTTPS binding was selected by default
• 5188 - Remove ability to use old (pre 4.0) portal
• 5189 - Added missing validation for packages to the Deploy to NGINX step
• 5190 - UI fix for variable editor popover menus being visually cut off
• 5193 - Updated a number of dev dependencies and run-time dependencies including moment and lodash
• 5012 - Updated Web App deployments to use XML publish endpoint enabling deployments for Linux based Web Apps using web deploy

• 5126 - Fix for error saying unable to delete a step template that's in use

• 5133 - UI Simplifying the Getting Started / Onboarding guides
• 5144 - Resolved issue with migrator partial-export command exceeding 2100 SQL parameters
• 5145 - Added the ability to choose how inlined scripts in deployment processes are exported by Octopus.Migrator.exe including CopyInlineScripts (current behaviour), ExtractInlineScripts, and LeaveInline - learn more
• 5147 - Fixed issue where editing an offline drop removes the encryption password
• 5154 - Updated task logs for subscription processing and auto-deploy to use nesting and add links to the related project / trigger / release
• 5163 - Fix error on project process screen when user does not have LifecyleView permissions
• 5164 - Show empty state info boxes when connecting a tenant to a project or tag set and none exist
• 5165 - Made the Azure account type expander look and work in the same way as other expanders
• 5166 - Improved layout of Upload Package dialog
• 5170 - OctopusClient updated to include information in it's calls that allow filtering in the audit log
• 5171 - Octopus Cloud instances can now be licensed by deployment target just like self-hosted Octopus Server licenses
• 5167 - Gracefully stop Octopus Server if running in terminal and process terminated

• 5143 - Added the Strict-Transport-Security HTTP header to the page shown when Octopus Tentacle is accessed from a Web Browser
• 5148 - migrator.exe import will no longer fail with a unique constraint violation on name when it mistakenly tried to insert a new MachinePolicy or Subscription or Account or Feed with the same name, now it will correctly overwrite the existing document
• 5149 - Clicking on a step in the task summary now navigates you to the correct element in the task log
• 5152 - Added a new update-trust command for Tentacle, this command allows you to update a server thumbprint, without having to remove and then add a new thumbprint which doesn't work for polling Tentacles
• 5153 - Fixed a regression in Octopus.Migrator.exe partial-export introduced in 2018.9.13 which would incorrectly fail to validate the arguments related to exporting releases
• 5155 - Support for Kubernetes Container Lifecycle Events

• 5135 - Resolved script step package references being incorrectly deleted by retention policy
• 5136 - Create release page shows project ID rather than name for Deploy Release steps
• 5139 - Extend brute force login protection to cover API keys

• 5137 - We fixed how the database collation is calculated while upgrading Octopus Server, which was previously reported to fail under certain circumstances using Azure SQL Database

• 4156 - Fixed highlighting of the selected element in drop downs that allowed filtering (e.g. the Add Member to Team dialog)
• 5116 - Fixed validation around Java package steps that could be saved without selecting a package
• 5117 - migrator.exe now correctly exports all dependencies used by a project and any of its releases, where beforehand any dependencies removed from the project would not be exported subsequently causing the import to fail
• 5119 - migrator.exe now correctly exports all versions of any action templates used by a project and any of its releases, where beforehand only the specific versions in use were exported causing potential errors after import
• 5122 - Tweaked shortcut menu for package feeds to make common actions more discoverable
• 5125 - Long project names will now wrap in the project quick search dropdown
• 5127 - migrator.exe partial-export now supports exporting multiple projects by specifying the --project="MyProjectName argument multiple times, or by project groups using the new --projectGroup="MyProjectGroup1" argument or in any combination of the two
• 5132 - The count of releases and deployments sent to octopus.com as telemetry has been corrected to use the DeploymentHistory table

• 4411 - Fix text color of Tenant Tag tooltip so description is visible
• 4672 - Fix an issue where enter causes the variable editor to save when adding a new variable
• 4947 - Fix an issue where bottom action buttons for lists would be duplicated or constantly appear and disappear
• 5060 - Changing a projects lifecycle now correctly re-renders the phases and environments
• 5091 - Fix F# compatibility with mono version 5.16
• 5103 - Improved summary text for subscription filters
• 5104 - Added Octopus.Machine.Hostname to automatic variable completion list
• 5105 - Added help text for User Profile -> Api Keys
• 5106 - Ensure deployment target icons are shown at smaller screen resolutions
• 5107 - The icon on disabled chips is now grayed out in the same way as the text
• 5108 - Infrastructure page now correctly shows worker pools and workers tabs when user has permission
• 5109 - Fixed missing variable icon overlapping the project name on the tenant variable screen
• 5111 - Long project names no longer overlap the selected environments on the tenant variable screen
• 5112 - Fix an issue where default ports were not provided for ssh and listening tentacles during creation
• 5113 - Helm deployments fail with target using cloud account
• 5114 - API key creation now creates an audit log, regardless of who you create the key for
• 5120 - New NGINX feature available when deploying a package to SSH Deployment targets

• 5095 - Resolved issue where project versioning-strategy was being cleared when upgrading from Octopus 2018.8.x to 2018.9
• 5097 - Fix a bug where VariableSet cannot be retrieved through Deployment.ManifestVariableSetId when there is variable scoped to channel
• 5098 - Fix for Service Fabric targets API failing to retrieve store location/name override
• 5100 - migrator.exe now correctly exports library variable sets used by a project and any of its releases, where beforehand any library variable sets removed from the project would not be exported subsequently causing the import to fail
• 5101 - Migrator now correctly remaps tenant tag references when the tag-set exists on the destination

• 4817 - Subscription emails now display events in ascending order by the time the event occurred
• 4846 - Reduced queue time in some instances for tasks resuming from manual intervention
• 4941 - Guided failure for required steps no longer presents the option to skip the step or exclude a machine from the step
• 5077 - Exposed image pull policy settings for K8S containers
• 5078 - Standalone ingress rules now accept variable host names
• 5080 - Fix a bug where wrong permission is used when try changing lifecycle for a project
• 5082 - migrator.exe now correctly handles importing accounts restricted to environments or tenants where some of those environments or tenants do not exist in the target
• 5084 - migrator.exe now correctly handles importing project triggers which filter events for certain environments where some of those environments do not exist in the target
• 5085 - migrator.exe now correctly handles importing deployment targets belonging to certain environments or tenants where some of those environments or tenants do not exist in the target
• 5086 - migrator.exe now correctly handles importing account variables, where before the account variable was not remapped correctly from source to target
• 5090 - Fixed issue with subscription webhooks using wrong http header type
• 5093 - Octopus Cloud licenses are excluded from compliance pre-condition checks when upgrading the database or applying a new license
• 5094 - If a database upgrade script is running for a long time without showing any progress messages, we now log a "still working" message every minute until the script completes

• 5021 - Kubernetes target certificates now reported in certificate usage
• 5052 - User accounts for Octopus Support Staff can now be added to an Octopus Server regardless of license limits
• 5054 - Resolved issue introduced in 2018.9.0 where updating step template usages was causing exception when viewing project
• 5079 - Resolved logging format exception when executing database upgrade script
• 5080 - Fix a bug where wrong permission is used when try changing lifecycle for a project
• 5087 - migrator.exe now correctly handles importing variable values scoped to tenants via tenant tags

• 4920 - Fixed issue with packages not being listed when using TeamCity 2018.1.x legacy NuGet feeds
• 5066 - Fixed an issue with the S3 step where invalid bucket keys were being used when using multiple file selections
• 5072 - migrator.exe now gracefully handles the importing tenant + project + environment connections when the project or environment does not exist in the target
• 5081 - migrator.exe now correctly handles importing subscriptions which are filtered by tenant tags

• 5020 - fixed some rare cases of certificate read failures after upgrading to 2018.8.7
• 5032 - Fix a bug where IE 11 does not render artifacts URL correctly
• 5056 - UI legacy toggle on Azure steps to access older template functionality
• 5058 - Fixed issue with Deploy Release step not always failing when the release fails
• 5061 - Enable full screen mode for the variable editor dialog
• 5065 - migrator.exe now correctly handles the default worker pool selected by certain deployment targets, where the selection would have been dropped during the import process
• 5068 - Folders with Junctions can now be deleted again
• 5069 - migrator.exe now correctly handles the worker pool selected for actions in a deployment process, where the selection would have been dropped during the import process
• 5070 - kubectl config file is now displayed in the verbose logs
• 5071 - The package cache and working directory can now be configured
• 5076 - Fixed up integration with http://Quay.io|Quay.io docker repo

• 5013 - Significant decrease in the amount of data persisted with deployments, especially when using a large number of certificates
• 5059 - Increased the database connection timeout and transaction commit/rollback timeout for database upgrades to 3 minutes, just like it was before 2018.9.0
• 5063 - Fixed validation for kubernetes volumes that referenced external configmaps or secrets

• 5024 - Database upgrade scripts now consistently roll back to the last known good state regardless of which specific kind of upgrade script fails
• 5038 - Database upgrade scripts now use an infinite SQL command timeout consistently - we really want the upgrade to complete even if a particular command takes a longer time than expected
• 5055 - K8S standalone Secret and ConfigMap steps deploy as expected now

• 4849 - Deployments are now removed from the dashboard again when they or their release is deleted
• 4957 - The dashboard now correctly shows the updated version number of a release again when it is changed
• 5054 - Resolved issue introduced in 2018.9.0 where updating step template usages was causing exception when viewing project

• 4969 - Dashboard can be cached longer than 2 seconds
• 5037 - Step template usages are now sorted alphabetically
• 5043 - Show more informative summary text for an Active Directory identity when the specified account has no email address set
• 5048 - Added pod and node affinity settings to the k8s container deployment step
• 5050 - Only show the channel chip on the task summary page if the project has more than one channel
• 5051 - Migrator now remaps Deploy Release step projects

• 5029 - UI improve the lifecycles list for long lifecycles
• 5039 - Updated the UI design and user-experience when adding new deployment targets/workers
• 5041 - The task summary page now shows the channel chip
• 5044 - Resolved issue with multiple channel rules introduced in 2018.9.0
• 5046 - Instead of limiting workers and worker pools by licensing, we now only limit workers themselves, allowing you to create as many worker pools as you want
• 5047 - Sensitive output variables are now masked in the task logs of child steps (CVE-2018-18900)

• 5023 - User accounts from certain email domains can be excluded from billing at the discretion of the service provider
• 5025 - Improvements to concurrency protection on variable sets
• 5026 - Call to api/projects?name=[test] fails because of the special chars
• 5027 - Sensitive Template Project variables on a Tenant will now show "value required" warning when they are empty
• 5028 - Now preventing the SQL Database connection string from containing both Integrated Security and SQL Authentication with User ID or Password to prevent confusion
• 5035 - Bundled Tentacle 3.23.2 which fixes a bug in the Tentacle Manager that was preventing showing instances
• 5036 - 2018.9.0 introduced an issue where upgrading was converting offline-package-drop targets to use artifact mode
• 5042 - 2018.8.0 introduced an RCE flaw in YAML parsing (CVE-2018-18850) which is now rectified

• 4302 - The built-in worker command-line interface handles machine\user and domain\user formats more gracefully
• 4574 - Updated the Azure PS bundle to 6.8.1 and the Azure CLI to 2.0.45
• 4774 - Offline-Drop targets can now store the bundle as an Octopus Artifact
• 4871 - The interruption and artifact APIs now have an ETag, lessening the load on the database
• 4953 - In 2018.8 it was possible to corrupt auto-release-creation and channel rules by renaming package references on script steps
• 4954 - Allow script step package references to be used for project versioning
• 4970 - Updated the AWS PS bundle to 3.3.343.0 and the AWS CLI to 1.16.15
• 4971 - Updated Terraform to 0.11.8, the AzureRM plugin to 1.16.0, and the AWS plugin to 1.39.0
• 4989 - Fix for error reporting missing variable set snapshot NullReferenceException during deployments and variable set editing
• 4990 - Built-In Worker settings are now displayed on the Configuration->Nodes->Server Settings page
• 4995 - Exposed annotations for the pod resources created by the Kubernetes deployment resource
• 4997 - The path command-line interface now validates paths and tries to create the path if it does not exist
• 5017 - The Octopus.Server.exe database --upgrade --skipLicenseCheck command actually skips the license check properly now
• 5018 - Fixed a bug with auto login when only the Active Directory provider was enabled
• 5019 - K8S service annotations now exposed like Ingress and Deployment annotations

• 4958 - Fixed an issue with NuGet feeds when migrating from 2.6 to versions later than 2018.8.0
• 4973 - Machines that trigger an auto deploy event while a tenanted deployment is in progress will now receive that deployment when it finishes
• 4975 - Fixed a rare crash that occurred when attempting to write log files
• 4991 - Add backwards support to deploy Service Fabric applications using CloudRegion targets
• 4998 - Terraform Apply step now supports multi-line output variables
• 4999 - Added a null check for a missing ActionName in GetPackageVersionsUsedInReleases
• 5005 - Bugfix: Kubernetes volume mount validation when using raw YAML

• 4949 - Allow additional Kubernetes resources to participate in the Deploy Containers lifecycle
• 4994 - Validation rules now prevent creating an Ingress without a Service in the Deploy Kubernetes containers step
• 4996 - Fixed a race condition in the UI during onboarding
• 5001 - Fix for tenant variable loading issues with > 2100 tenants

• 4982 - Search field on “Include a Script Module” is now case-insensitive
• 4983 - K8S Secret and ConfigMap resources no longer deployed when the feature is disabled
• 4984 - K8S suggestion lists are now case insensitive
• 4985 - K8S Ingress host allowed variable substitution
• 4986 - Exposed annotations on the K8S deployment resource
• 4987 - Added extra help to the OpenID Connect authentication providers
• 4988 - BugFix: Acquisition of Helm charts fails when the username is empty
• 4992 - Fix for migrator importing proxies

• 4404 - Fixed issue with running scriptcs on mono version 5.10 or newer
• 4620 - Fixed exception when using Tentacle show-configuration command when no certificate is configured
• 4703 - Made the license command more resilient and added a command-line switch to --skipLicenseCheck
• 4875 - Improved how the license command handles encodings with the --licenseBase64 parameter
• 4900 - Fixed proxy environment variables for authenticated proxies
• 4903 - Fix a bug where project cannot be cloned when it has a scheduled trigger
• 4918 - Fixed issue with application assembly references clashing with Azure PS references
• 4924 - UI fix for Library Certificates paging issue
• 4927 - Added add\refresh button to feed selection
• 4931 - Ensure Helm values supplied by the Key/Value option are properly exploded
• 4932 - Variable Sets used by a large number of snapshots no longer produce an error when deletion is attempted
• 4934 - Exposed pod and container security context options for Kubernetes steps
• 4935 - Tenant tags and tag sets are now correctly displayed in the order defined in the tag set
• 4943 - Okta authentication provider updated so SSO now triggers login in Octopus portal
• 4945 - The --instance command line argument is now case insensitive and required in fewer circumstances
• 4946 - Multi-select drop downs (as used on the Manage Tenant Tags dialog) no longer open by default
• 4950 - Fix a bug where project setting and create deployment page should not require TenantView permission for untenanted project
• 4951 - Fixed a bug where onboarding would make duplicate requests after navigating around the UI
• 4952 - Kubernetes authentication options are now more clearly defined
• 4955 - Added better error message when kubectl could not be found
• 4960 - Fixed backwards compatibility in Octopus.Client ProjectEditor.CreateOrModify function
• 4961 - Azure and AWS logins supported for K8S targets
• 4962 - The license command now allows licence as an alias
• 4963 - The license command can now accept the license via a file
• 4965 - SSH health checks no longer block other scripts from running on the same target
• 4972 - Added filters to the api/reporting/deployments/xml endpoint
• 4974 - Fixed an edge case where the ETag would not update
• 4977 - The Configuration->Nodes page can now be filtered if there are multiple nodes
• 4978 - New-OctopusKubernetesTarget can now be used to create new K8S targets
• 4980 - Remove support for Ssl3.0
• 4981 - Allowed Recreate and Rolling Update strategies to wait for the K8S deployment to finish

• 4785 - Added ability to run script console on workers or worker pools
• 4917 - Fix to show some missing usage reporting of Azure accounts in release snapshots
• 4923 - Fix an issue where editing a lifecycle does not show correctly if the phase does not override the default retention policy
• 4926 - Fix an issue where default worker pool wasn't selected by default for some steps when first created
• 4936 - Kubernetes liveness probe scheme selection fixed
• 4937 - Added additional validation for the Kubernetes target cluster URL
• 4938 - Resolved issue with channel version rules for script step package references being lost when modifying deployment process
• 4939 - Fix for incorrect warnings from migrator about missing machines

• 4616 - Log additional detail for failure messages on ARM deployments
• 4764 - Encrypt and write output variables to a file instead of passing them as a base64 encoded string for offline drop targets
• 4894 - Resolved issue with absolute paths to staged packages in offline-drops
• 4905 - Enable the ECR feed type for use in the kubernetes steps
• 4909 - Fix a bug where WorkerPool and Environment is not populated when adding Worker and Deployment Target
• 4912 - Newly added environments now appear on the dashboard correctly
• 4913 - Resolved issue with terraform steps not working through a proxy
• 4914 - Kubernetes Ingress host now accepts plain subdomains (e.g. http://example.org|example.org)
• 4916 - Reword 'Helm Update' command as 'Helm Upgrade'
• 4919 - Fixed an bug that stopped deployments from completing when an error occurred writing to the system log
• 4921 - Fixed "forcibly closed" error occurring in tentacle communications
• 4922 - Resolved issue migrating releases which contain named package references
• 4933 - Resolved issue where packages were not being displayed in release for Deploy a Release steps

• 4467 - UI improving the messaging/intuitiveness around the “Include all Tenants” checkbox on the deployment screen
• 4877 - Remove trailing white space from folder paths when using Octopus.Migrator.exe export
• 4892 - Fix to orphaned project reference for cloned projects
• 4899 - Provide the ECR registry URL as a variable when using an image from the ECR or Docker feed type
• 4901 - Fixed a bug with "Deploy a release" steps not being available for selection in channel version rules
• 4904 - UI improvements to client-side rendering for tenants screen and project overviews
• 4906 - Resolved issue with Tomcat and WildFly steps not being performed during deployments
• 4907 - Azure web app with scoped AccountView permission can now modify the Azure account

• 4266 - Fixed Halibut issue where connections were kept open by the server
• 4824 - Fixed memory issue in Halibut
• 4844 - Fix for Azure Web App query not returning resource groups
• 4872 - Fixed a error on the tenants screen after updating the name of a tag
• 4888 - Fixed a bug where triggers could create releases with invalid versions
• 4893 - Helm step now visible when Kubernetes steps are enabled
• 4895 - Fixed an issue where a package is reported as not acquired on a Worker even though it was
• 4896 - Variable-substitution and config-transform features enabled for Azure PowerShell script steps and Azure Service Fabric script steps

• 4855 - Support for proxies in Azure CLI commands in Azure PowerShell script steps
• 4859 - Variable substitution syntax now support replacement of text using regular expressions
• 4860 - Support for proxies in AWS CLI in AWS CLI script steps
• 4861 - Fixed a UI exception when deleting a user
• 4865 - Added validation to ensure the project is entered on the Deploy Release step
• 4876 - Added validation to the Windows Service step
• 4879 - Azure CLI configuration written to subdirectory of Calamari working directory to avoid clashes with Variable Substitution
• 4880 - Navigation shortcut via overflow menu from User Profile and User Listing pages to the Test Permissions page
• 4881 - Create a user invite link directly from the Team edit page
• 4882 - Improved handling of variable merging when using Octopus.Migrator.exe to import to a server where the project already exists
• 4886 - The Octopus.Upgrader.exe file is now digitally signed allowing automatic Tentacle upgrades to work in environments where untrusted/unsigned executables are prevented from running
• 4889 - Resolved issue with packages not being acquired when role matched no targets

• 4266 - Fixed Halibut issue where connections were kept open by the server
• 4812 - Improved messaging for different failure scenarios when running the database schema upgrades to be clearer about the state of their database, what they can do to get back up and running, and how to get help if they need it
• 4824 - Fixed memory issue in Halibut
• 4833 - Octo.exe, Octopus.Client and the TeamCity plugin (version 4.41.0+) now use delta compression when pushing packages to the Octopus Server
• 4866 - Kubernetes container name validation now accepts variables
• 4867 - Helm Kubernetes Release Name now shows the variable bindings
• 4868 - Kubernetes service port names now accept variables
• 4870 - Fixed an error on the project dashboard if project ids on releases are lowercase

• 4746 - Provide a bigger dialog when editing in-line ARM, CF and Terraform templates
• 4838 - The data migration API /api/migrations/import now runs under the correct security context
• 4847 - Markdown links are now shown correctly in highlight and fatal messages on the the Task Summary tab
• 4856 - Fix for Azure Resource Group (ARM) step bug
• 4858 - Packages from AWS ECR feeds will now show option to 'Not Acquire'
• 4862 - UI adding concept images to help visualise the execution location/strategy in steps
• 4863 - Server Web Request Proxy configuration now shown in Configuration - Settings
• 4744 - Fixed null reference when viewing community step templates
• 4767 - Check if worker pools are available to prevent null reference in summary UI

• 4850 - Fixed a bug where environments filter wasn't shown on the tasks page for users with scoped EnvironmentView permission
• 4851 - Updated AWS CLI to version 1.16.6
• 4852 - Fix an issue where a legacy azure web app would show an error when account or web site is bound
• 4853 - Token account type is now visible in the UI

• 4560 - Allow CloudFormation steps to specify RoleARN for the stack
• 4695 - Add CloudFormation change set feature and add apply change set step
• 4736 - UI to show cloned project information
• 4793 - Fix an issue where s3 multiple file selections would not retain folder structures
• 4800 - Fixed script syntax warning when no script syntax provided
• 4828 - Fixed issue with logging in to non-default Azure Clouds with Azure CLI
• 4842 - Reference Packages from Script Steps
• 4843 - Variable Substitution Features from Script Steps
• 4848 - Initial Kubernetes Support

• 4720 - Fixed an issue when cloning a project with scheduled triggers scoped to channel
• 4766 - Fixed an issue where we were trying to deploy a child project after resuming from a manual intervention when that child project shouldn't be deployed due to deployment condition selected
• 4771 - UI Optimise wasted space on the dashboards
• 4790 - Octopus Server logs are now manually flushed when shutting down to avoid losing any messages written just prior to shut down
• 4835 - Added DeploymentProcess link to deployment api response
• 4837 - Improved descriptiveness of the scheduled task cleaner when it cleans up old task logs

• 4751 - Service Fabric Script steps now use the new Service Fabric targets
• 4768 - UI make re-deploy actions more discoverable and deploy actions less scary
• 4799 - Fixed an issue where a large number of queued tasks would increase the time to start each of those tasks
• 4816 - Lifecycle phase Required to Progress now respects value entered for Minimum # must complete option
• 4818 - Added a warning when the first Worker is added to the default pool
• 4825 - Resolved an issue that caused tasks and background processes to hang and also not cancel
• 4829 - Reduced the number of times all machines are retrieved from the database

• 4580 - Fix for Audit/Event filtering where permissions conflicted or didn't return expected results - CVE-2018-15575
• 4775 - Allow Azure dropdowns to be refreshed
• 4806 - Fixed a bug where tenant variable events were not associated with tenant variable documents
• 4808 - Fixed a bug where removing the sensitive value from a tenant variable would not update the value
• 4809 - Fixed a bug where the step template side panel showed incorrect data when creating a new step template
• 4813 - Fixed incorrect usages of Azure APIs that affected Azure private clouds
• 4819 - Automatic release creation no longer attempts to write to auto deploy logs
• 4823 - Data subject deletion info and export options as part of user management screens

• 4738 - Azure PowerShell Script step now includes Azure CLI
• 4804 - Added a description of the scripts we plan to run when upgrading the database schema
• 4807 - UI soften layout transitions with a fade animation
• 4814 - Subscription number not being picked up when using management certificates

• 4698 - Remove virtual scrolling (and scrollbars) from dashboards and project overviews by default, with an option to turn them on
• 4797 - Fixed a bug where scopes were sometimes not shown in the variable editor for read only values
• 4798 - Fixed error when management certificate were being used for Azure Web App targets
• 4801 - Fixed incorrect account scoping error during health checks when cloud targets were using an account with scope restrictions
• 4803 - Fix incorrect package upload examples

• 4765 - Cloud targets now run health checks via workers
• 4769 - Fix for dashboard crashes for users who had it configured to show an incompatible set of projects and environments
• 4770 - Fixed issue with Allow auto user creation being shown as disabled in the portal when it hadn't been explicitly set
• 4773 - Fixed a performance bug where the SQL Connection Pool could be exhausted by when clients are watching the progress of lots of tasks and the task log storage (usually network storage) is saturated
• 4777 - UI adding a save option to the 'unsaved changes' dialog
• 4780 - Fixed an issue that caused cloud target default worker pools to not be used in some situations
• 4786 - Fixed issue with upgrading the database causing a timeout
• 4788 - Reworked the dashboard backends to make them quicker and lighten the load on the SQL server

• 4750 - Fixed issue where Deployment Target Triggers didn't trigger for projects with Deploy a release steps
• 4759 - Removed the extra logging blocks in the deployment log when delta compression is performed
• 4760 - UI refining both the accounts list and on-boarding panels and reintroducing our green primary buttons (#WooHoo)
• 4762 - Performance improvements to Project Dashboard query

• 4761 - Halved the performance impact of the project dashboard for instances with many deployments

• 4513 - Fixed exception when setting up a scheduled trigger for a specific day of the month
• 4714 - Reduced the CPU usage when deploying to many machine in parallel within the same deployment
• 4733 - Fixed preservation of JAR manifest info during deployment
• 4748 - Reduced the amount of data that is retrieved from the database throughout the application
• 4749 - UI adding an overflow menu option from various documents to the auditing screen
• 4752 - Fixed Azure Web App deployment failure when no Resource Group is provided
• 4753 - Run package scripts during Azure Resource Group deployment
• 4754 - Fixed a bug which limited trial licenses to a single worker and worker pool, when trials are meant to get unlimited workers and worker pools
• 4755 - Target retention during deployment no longer retrieves all the machines multiple times
• 4757 - Send additional licensing and usage details back to octopus.com in addition to existing telemetry
• 4758 - The proxy selection is no longer cleared when expanding the proxy section on the Tentacle details page

• 4708 - Fixed bug preventing cancelling a deployment that is waiting for manual intervention
• 4718 - Reduced the amount of data retrieved from the database server for the the project dashboard and process pages, which reduces load on the database server and makes those pages faster when there are many environments
• 4719 - Fixed a rare issue where equal variable scopes were not be considered equal leading to a variable being added instead of replaced
• 4727 - UI adding a "HasWarningsOrErrors" flag to the tasks screen filters
• 4745 - Added an index to the User table
• 4747 - Fix an issue where OctopusUseBundledAzureModules variable was being ignored

• 4599 - Fixed issue where using Network Service or Local Service account for Windows Service accounts didn't work on non-English systems
• 4704 - UI indication of default values in project variable templates
• 4711 - Improved auditing on actions performed by the node command line operation
• 4715 - Manual intervention completion time is now recorded and logged
• 4716 - UI fix for environment vs target name filtering on the environments screen
• 4722 - Fix a bug where leading zero of a certificate's SerialNumber is truncated
• 4724 - Default to last version during deployment when no valid semver versions exist
• 4725 - Fixed compatibility issues in our Calamari update script using the -Directory parameter on the Get-ChildItem cmdlet on PowerShell 2.0
• 4726 - Fixed compatibility issues in Calamari using unsupported security protocols on servers that only have .NET 4.0 installed
• 4729 - UI adding a delete option to the release overview screen's overflow menu
• 4730 - Fix a bug where project variables not included in binding dropdowns in Start/Stop App in Tomcat step
• 4732 - Fix a bug where a null reference exception is thrown when try to save a project in add project dialog before all data are fully loaded
• 4734 - Fixed Dashboard error "Cannot read property 'projectIndex' of undefined"
• 4737 - Fix for UI bug in channel design rules
• 4740 - Fixed script syntax warning message in Azure and AWS PowerShell steps

• 4742 - Fixed a bug preventing upgrades to Octopus Server 2018.7.0 or 2018.7.1 with a message like Unrecognised document prefix Accounts- - please upgrade directly to 2018.7.2 or newer
• 4743 - Fixed a bug which mistakenly deleted non-orphaned library variable set snapshots when upgrading to Octopus Server 2018.7.0 or 2018.7.1 - please upgrade to 2018.7.2 or newer

• 4739 - Fixed a bug preventing upgrades from Octopus Server 2018.5.7 or earlier directly to 2018.7.0 - please upgrade directly to 2018.7.1 or newer

• 4158 - Octopus now allows multiple external workers, grouped into pools
• 4561 - Added support for specifying slots on Azure Web App targets and steps
• 4634 - Fixed query performance for Azure Web Apps
• 4710 - Fixing an edge-case with Service Fabric targets to deal with self-signed (and password-protected) certificates
• 4712 - Changed S3 multi file selections bucket key prefix to be optional
• 4622 - Increased the speed of the Account Usage query

• 4436 - UI improvements to removable list components (for consistency and easy-of-use)
• 4546 - Cloudformation and Terraform inline script permission required changed to ProcessEdit
• 4647 - Fixed an issue where legacy variable Octopus.Action.Azure.UseBundledAzurePowerShellModule wasn't being honoured
• 4669 - Add an option to exclude a machine from the rest of the deployment when using guided failure
• 4700 - UI improvements to update variable snapshot to make this feature more accessible
• 4705 - Fixed issue where randomly getting "Cannot read property 'projectIndex' of undefined" error
• 4706 - Fixed issue where urls referenced in task logs were converted to lowercase during render

• 4696 - Fatal error messages are now displayed on the task summary
• 4702 - Fixed the "Load more" paging button, broken in 2018.6.12

• 4304 - Tasks running on a node that no longer exists are now marked as failed
• 4466 - Variables to be passed to a Deploy a Release step are only evaluated after being deserialized from JSON
• 4500 - Output variables are now collected when resuming a child project from an interruption that is deployed using a Deploy a Release step
• 4553 - Scheduled Trigger for project with Deploy a Release step no longer fails deployment with error The resource 'users-system' was not found.
• 4646 - Multiple simultaneous interruptions no longer block a deployment from proceeding
• 4690 - Send email step and test email can now be cancelled
• 4699 - Server Task Cap and Maintenance Mode state are now included in the output of the show-configuration command
• 4701 - The UI now caches the available roles, making editing projects quicker when there are a large number of deployment targets

• 4655 - Automatic machine removal no longer logs a warning if a machine doesn't have a machine policy
• 4657 - Project overview advanced filters now include filter by environment
• 4666 - Release version filters out spaces now
• 4678 - Selected packages in a release is now properly populated when migrating a 2.6 instance
• 4689 - Deployment creation is now faster when there are many previous deployments for that release
• 4692 - Infrastructure|Environments now uses paging to improve rendering performance on large lists

• 4538 - Octopus Server node deletion is now vetoed when tasks are still running on the node
• 4588 - The command Octopus.Server.exe node can now be used to configure Octopus Server nodes
• 4589 - Creation and deletion of Octopus Server nodes are now audited
• 4680 - Email step and subscriptions correctly account for team membership via external security groups
• 4686 - Deployment error variables are now cleared when a new auto-deployment is queued up
• 4693 - Reinstate variable substitution in TF template files from packages

• 4684 - this.replaceLoop is not a function javascript error is now fixed
• 4683 - Restore ability to substitute additional files when running an inline script
• 4643 - Fixed issue with trailing spaces on step template names during migrator export

• 4682 - Reduce polling frequency of project and main dashboards when page is hidden

• 2672 - Lifecycle auto-deploy-environment now work with tenants
• 4533 - Octopus high availability clusters are no longer susceptible to military coup when tasks running on the leader node take too long
• 4677 - "Script0001 - Release to VariableSet RelatedDocument.sql" can now handle migration of large numbers of library variable sets in releases

• 4652 - Output variables created by deployment steps, such as package installation directory, are now passed through to subsequent steps for offline drop targets
• 4654 - Fixed a bug with channel scoping when evaluating certificate variables
• 4658 - The dashboard overview is now much quicker if lots of tags are in use
• 4663 - Fixed an exception loading feeds in Azure steps when lacking the AccountView permission
• 4670 - Variable evaluation speed has been improved, making (among lots of other things) built-in repository retention much quicker when there are many variables
• 4674 - Fixed the permissions checks when creating an account ( CVE-2018-12884 )

• 4632 - Special characters in package names are now escaped for offline drops
• 4656 - Bugfix - Avoid double variable replacement of scripts. Introduced in 2018.5.5
• 4662 - Dashboard groups are now appropriately resized when filters are applied

• 4659 - Fixed error when updating releases on sql servers with case-sensitive collations

• 4547 - Project Switcher filter no longer selects the wrong item
• 4636 - Fix for HashTable parameter error in Service Fabric Deploy Step
• 4642 - Fixed an error in the accounts overview in Internet Explorer
• 4651 - Dashboard groups that don't require a scrollbar no longer scroll a few pixel with the mouse wheel
• 4653 - Improved the speed of Release deletion
• 4638 - The variable substitution syntax now supports encoding a variable as Base64

• 4641 - Set Package Transfer file name with standard name format
• 4648 - Now correctly excluding disabled deployment targets from licensing limits

• 4383 - Specific and Excluded targets are retained when a deployment fails and it is then re-tried
• 4415 - Improvements for when choosing a tag with a large number of tenants on the create deployment screen
• 4590 - Trials started after 30 March 2018 will not fall back to the free Community Edition https://octopus.com/blog/removing-free-tier
• 4606 - Fix for unknown environment/certificate issue on Service Fabric targets
• 4627 - Fixing some daily UX frustrations
• 4631 - The markdown renderer now ignores _ in the middle of words for formatting purposes
• 4639 - Fixes an issue preventing auto machine cleaning from adding events for machine deletion

• 4518 - Improved the rendering performance of the dashboard and project overview when there are a large number of cells to display
• 4608 - ApiKeys API paging links corrected to stop error in Octopus.Clients and load all keys in the UI when a user has > 30 keys
• 4610 - Server now checks whether there is enough free space before writing the configuration file
• 4624 - Fixed a bug that prevented Team Add/Edit page from loading
• 4626 - The “running tasks” link on the Configuration->Nodes page now filters for running tasks for that node, rather than all tasks on that node
• 4629 - Added step number to the step edit page

• 4496 - Added RegisterApplicationTypeTimeoutSec to Service Fabric deploy step
• 4531 - Support for checkbox and drop-down control-types for prompted variables
• 4571 - Allow migrations by the API between Octopus instances
• 4605 - External workers have been converted to workers in the default pool and the command line options have been removed, see our documentation on how to manage them
• 4617 - Fix a bug where confirm dialog is missing when deleting a parent step from the deployment process

• 4565 - Fixed the managed account hint text on the terraform step
• 4609 - BugFix - DockerRun command on Windows failing
• 4612 - Extra options on the setup wizard when requesting a trial key
• 4613 - Bugfix - Properly encode non-ASCII characters in scripts
• 4615 - Added ability to attach Terraform logs as artifacts

• 4576 - Fixes for target ordering in multi-selects and various UX improvements, including minor updates for customers operating at lower resolutions
• 4600 - Fix project variable helper not including project variables for S3 step
• 4603 - BugFix - Tentacle upgrade process fails in 2018.5.5
• 4604 - Fixed bug with custom scripts on Azure RM template step
• 4509 - Fixed an issue upgrading from versions prior to 3.4 to versions after 2018.4
• 4548 - Fixed problem where offline drop packages were not using the right escape characters for quoting the variable file as part of the Calamari command
• 4568 - Fixed bug when updating an existing Service Fabric or Cloud Service target from cmdlets
• 4572 - Steps now correctly load PowerShell modules when running on the external worker
• 4587 - Changed behaviour for project with no healthy targets and environment with no dynamic infrastructure
• 4592 - Corrected values in Azure Environment configuration
• 4593 - Fixed a bug which prevented Team Edit page from loading
• 4594 - Perform variable replacement for inline scripts on the Target rather than Server
• 4596 - Fixed bug where variable usage was not showing on Azure Accounts
• 4597 - Fixed errors displayed in console relating to missing machine icons
• 4598 - Fixed error with rendering Azure Account variables

Changes in 2018.5.5 (release was disabled/hidden due to a bug found)

• 4509 - Fixed an issue upgrading from versions prior to 3.4 to versions after 2018.4
• 4548 - Fixed problem where offline drop packages were not using the right escape characters for quoting the variable file as part of the Calamari command
• 4568 - Fixed bug when updating an existing Service Fabric or Cloud Service target from cmdlets
• 4572 - Steps now correctly load PowerShell modules when running on the external worker
• 4587 - Changed behaviour for project with no healthy targets and environment with no dynamic infrastructure
• 4592 - Corrected values in Azure Environment configuration
• 4593 - Fixed a bug which prevented Team Edit page from loading
• 4594 - Perform variable replacement for inline scripts on the Target rather than Server
• 4596 - Fixed bug where variable usage was not showing on Azure Accounts
• 4597 - Fixed errors displayed in console relating to missing machine icons
• 4598 - Fixed error with rendering Azure Account variables
• Azure PowerShell Modules - To configure the version of Azure PowerShell modules, we have made a change to the name of the variable. You can now set OctopusUseBundledAzureModules to False.

• 4591 - Fix for a timing problem that was causing browser redirect issues on slow connections

• 4480 - Improved long path support, including package extraction and offline drops, see https://octopus.com/docs/deploying-applications/custom-scripts/long-paths for more details
• 4528 - Allow password to be passed as parameter to offline-drop scripts
• 4582 - Viewing of Library Variable Sets will now check for VariableViewUnscoped instead of incorrectly checking for VariableEditUnscoped
• 4583 - Added project groups to configuration options for dashboard filtering
• 4584 - Add project dialog updated to guide the user to group and life-cycle selection once there are multiple groups or life-cycles, or there is at least one existing project
• 4586 - SMTP Configuration save and test action is now available in UI to users with ConfigureServer permission

• 4541 - Output-variables can now be flagged as sensitive
• 4555 - Users can now modify tenant Common Variables if they have access to all projects and/or all environments this tenant is connected to with VariableEdit permission
• 4557 - Resolved issue using version mask in pre-release tag when creating release
• 4569 - Fixed issue preventing a script console scripts targeting more than one tenant
• 4570 - Improved task log messages when a server task is blocked by another server task
• 4578 - Enforce obfuscation in deployment logs of sensitive variables contributed via machines (CVE-2018-11320)
• 4579 - The built-in repository now applied retention rules to packages that are dynamically referenced

Carried forwards from 2018.5.0:

• 3637 - Updated Azure SDK dependencies to latest. Updated Azure PowerShell Modules to v5.7.0
• 3731 - Added warnings about Management Certificates for Azure's up-coming June 30th deprecation deadline
• 3821 - Restricting Cloud Services to Management Certificate accounts at the API
• 3860 - Updating Calamari to include latest Azure PowerShell cmdlets
• 4195 - Updating Calamari to .NET452 for latest Azure ARM templates
• 4461 - Adding support for uploading and exporting certificate chains in the PEM format
• 4532 - Updated bundled AWS cli to version 1.15.18
• 3544 - Automatically uploading certificates for Service Fabric clusters

Specific to 2018.5.1:

• 4346 - Server retention policy now deletes releases as part of the retention policy task instead of creating a task for each document to be deleted
• 4426 - Improvements to package and release search UX
• 4520 - Fixes an issue in using inline Terraform templates
• 4527 - Fixes an issue preventing Terraform steps running on external workers
• 4535 - Fixes an issue preventing AWS S3 steps running on external workers
• 4536 - Fixes an issue in using AWS CLI step on external workers
• 4554 - Refactored Calamari to support multiple authentication contexts
• 4556 - Fixed an issue introduced in 2018.5.0 which prevented including/excluding specific deployment targets in a deployment

• 4391 - Fixed error causing tentacles to remove tenanted mode when registered multiple times from the command line
• 4545 - Tomcat network timeouts increased to 5 minutes

• 4526 - Fix issue where local project variables weren't shown for both terraform and cloud formation templates
• 4534 - Fixed timezone conversion issue with weekly & monthly scheduled triggers

• 4439 - Fix a bug where Project Switcher highlights the entire container rather than the selected project
• 4523 - Resolved issue with automatic-release-creation when project contains a Deploy Release step
• 4529 - Fix for incorrect start time shown on Scheduled Project Trigger summary

• 4486 - Fixed a problem which prevented you from deleting/revoking an API Key which was introduced in 2018.1.0

• 4524 - When debugging Octopus Variables as part of a deployment, the variables are now printed in alphabetical order by name instead of the order they are added to the variable dictionary
• 4525 - Fix issue where CloudFormation step wasn't properly registered in the UI

• 4454 - Fixed a security hole where target and tenant tag variable scopes were not checked against the list of tenants the user has access to (CVE-2018-10550)
• 4474 - Fix a bug where users without VariableEdit permission can save tenant variable (CVE-2018-10581)
• 4517 - Fixed a bug where conversion from Sensitive variable type to Certificate variable type was broken
• 4522 - Fixed error when a new pipeline step resumes from manual intervention

• 4506 - Fixed timezone conversion issue with scheduled project trigger start time
• 4512 - Offline Drops now escape script parameters, fixing a bug introduced in 2018.3.8

• 4468 - The Tentacle included in this release registers faster when the Octopus Server has many environments or tenants
• 4503 - Fix S3 Package.FileName output variable not set

• 4498 - Removed parts of the old deployment pipeline, as well as the Octopus.Action.UseNewExecutionDispatcher variable
• 4505 - Compatibility fix for Offline Drop output variables on PowerShell 2
• 4507 - Regression in Terraform destroy step is resolved
• 4510 - Removed -var-file options from terraform init command

• 4489 - Deep links containing filters are preserved correctly across the login process
• 4494 - Use FQDN examples for built-in repository examples
• 4495 - Fixed a problem where run-on-server-on-behalf-of scoped AWS and Azure steps would sometimes run on the target instead of the server
• 4499 - The IIS, Windows Server, Terraform and VHD steps now use the new pipeline
• 4501 - Fixed migration that was deleting library variable snapshots even when they were still in use
• 4502 - Resolved exception when a null variable is defined as a CloudFormation output
• 4504 - Fixed an exception in the Configuration, Settings page

• 4178 - The built-in repository can now delete unused packages that are dynamically referenced. See the details of this issue for instructions on how to enable this feature
• 4393 - Offline drop now only includes each package once per release
• 4456 - Individual variable files can now be listed in the Terraform step, and the apply and init terraform actions can have additional arguments passed to them
• 4471 - Added tenant selector for running ad-hoc scripts per tenant
• 4477 - The permission required to delete users has been relaxed from AdministerSystem to UserEdit, with the caveat that you cannot delete yourself, and only System Administrators can delete other System Administrators
• 4479 - Fixed SQL error when using taskState in deployments API
• 4481 - Octopus.Action.Terraform.CustomTerraformExecutable can be set to the location of a customer terraform executable
• 4483 - Task details page doesn't crash anymore when the log contains PowerShell code that invokes a static method
• 4485 - Improved performance in reading the stream from SSH targets
• 4488 - The Server Extensibility API has changed and custom extensions will need to be updated
• 4490 - Convert OfflineDrop Write-Host to Write-Output in bootstrapper
• 4491 - Resolved a step execution performance issue when there are lots of variables that was introduced in 2018.3.8
• 4493 - Terraform updated to 0.11.7

• 4335 - Breaking change Automatic release creation now selects packages appropriate for the channel the release is created in
• 3633 - Added a new project trigger for recurring scheduled deployments
• 4365 - Deployment Steps can be marked as required, meaning they cannot be skipped when customizing a deployment
• 4422 - Fixed a problem where Variable Sets were deleted even when they were used by existing releases
• 4433 - Release version search in Deploy a Release now displays Load More
• 4448 - Fix for error when filtering Tenants and user does not have view permissions for some Environments
• 4463 - Fix for show and hide empty groups on Project dashboard
• 4473 - Fixes for “Deploy To” button popover on mobile
• 4482 - Added the new AWS S3 upload step for uploading files to an S3 bucket with all the bells and whistles

• 4445 - Various accessibility updates and improvements to the UX (and fixing broken avatar images on closed networks)
• 4451 - Fixed a performance problem in Variable Editor where rendering of variables with a lot of values was slow
• 4464 - HCL parsing logic moved into separate open source library

• 4399 - Fixed error when viewing tenant variables if user lacked permission to see other associated environments
• 4449 - Fixes an error that stopped users from health checking all environments they had permission to
• 4455 - Update Terraform to 0.11.6
• 4460 - Variable replacement occurs for scripts sourced from packages, fixing a bug introduced in 2018.3.8
• 4462 - Scripts sourced from packages are no longer executed with incorrect arguments, fixing a bug introduced in 2018.3.8

• 4452 - Fixed an error loading variables, step templates and script modules when there are many machines

• 3690 - We warn user now when they select a cert file that is empty
• 4147 - Lists with parameters can now be manually ordered
• 4220 - Dashboard filters are now stored in the query string in the URL
• 4330 - Fix a bug where deployment process page crashed if there is an IIS step that has no bindings
• 4382 - Do not open new window when clicking on links in task log page
• 4398 - Library variable set filter when including a library variable set in a project is now case insensitive
• 4432 - When using the service command to start and stop the Octopus Server service and the service does not exist, Octopus and Tentacle will now report an error
• 4443 - Improved performance when validating tenant connections
• 4444 - The variable editor now only warns on specific zero width characters, and no longer has false positive warnings for non-ASCII characters
• 4447 - Fix for events/audit not being returned when user had scoped permissions applied

• 4118 - Switched from 4 to 2 spaces for list indentation in markdown
• 4203 - Fix for issue where when filtering projects or dashboard would cause the header title to disappear
• 4397 - Fix a bug where project variables are not showing in Run a Docker Container step
• 4401 - The Secure flag is now set consistently for Cookies regardless of whether the incoming HTTP request is behind a proxy using SSL offloading
• 4428 - Certificate expiry events are now generated for a certificate that has replaced another certificate if the original certificate had either of the certificate expiry events created
• 4431 - AWS steps now acquire packages correctly when used as child steps
• 4441 - The OctopusBypassDeploymentMutex now does what it is supposed to do, fixing a bug introduced in 2018.3.8
• 4175 - Fixed display issue on Project descriptions that have markdown

• 4291 - Swagger spec now takes virtual directories into account
• 4354 - Package notes now show if they are missing, or if the notes can not be retrieved
• 4361 - Fix a bug where dashboard environment scrollbar loses its position when data updated
• 4419 - Fixed broken links to triggers and channels in the audit log
• 4420 - Implemented a new deployment pipeline which lays the groundwork for future features. It is enabled for Run Script, Deploy Package and Run AWS Script steps
• 4421 - The Step Template -> Run feature now treats sensitive parameters correctly instead of passing them to the server as clear-text
• 4423 - Support Output Variables for Offline Drop
• 4424 - Insert variable doesn't throw an error when filter contains regex characters
• 4429 - Fixed up the package acquisition for AWS CloudFormation steps when workers are used

• 4405 - Release creation page combines requests for the same package + channel filter combination
• 4407 - Fix a bug where users can see machines beyond their team’s scoped environments in variable editor - CVE-2018-9039
• 4410 - Default the GitHub Feed url with public GitHub api endpoint
• 4413 - Updated Terraform executable to 0.11.5
• 4414 - Fixed the parameters file used when deploying cloudformation templates from a package

• 4402 - A 400 Bad Request error with reason in response body instead of a 500 Internal Server Error is now returned when trying to create a release on a disabled project
• 4408 - Added additional logging when a TaskCanceledException is thrown
• 4409 - Fixed configuration migration issue when upgrading from 3.x
• 4083 - No longer displaying two horizontal scrollbars in project dashboard
• 4260 - Admin command line now supports adding groups from Active Directory, and groups/roles from AzureAD and Okta
• 4306 - Administrators can now control whether users are allowed to edit their own external Logins
• 4331 - Password required validation no longer appears when creating service account users
• 4342 - Group claim handling fixed in the Okta and Azure AD authentication providers
• 4348 - Added steps for planning to apply or destroy Terraform templates
• 4360 - Fixed bug causing exceptions for offline drops when path is too long
• 4364 - Teams with EventView scoped to Projects will not receive Subscription output
• 4376 - "Prompt for value" checkbox in the variable editor is working again
• 4377 - If you lose your master key you can now use the Octopus.Server.exe lost-master-key command to generate a new master key, scrub all your sensitive data, and get back up and running again
• 4378 - It is no longer possible to select an invalid value for a certificate variable
• 4379 - Project ID in Deploy Release step is now correctly mapped when migrating
• 4380 - Variable channel scopes are now correctly mapped when migrating
• 4381 - Github external feed testing and object reference null error
• 4387 - Github feed trailing whitespace
• 4395 - Checkbox-type variable templates now correctly display default values

• 4363 - Fixed a bug with row heights in the project overview
• 4375 - Fixed an exception when a user signs out

• 4269 - Sort deployment targets by name during rolling deployments so the deployment order is deterministic
• 4309 - Fixed an issue where the tenants page may sometimes fail to load when there is a large number of projects
• 4366 - Fixed exception when downloading packages with 4 part version numbers on SSH targets without mono
• 4367 - Fix for errors incorrectly showing user lacks VariableEdit if that permission was scoped to Projects
• 4368 - Permanently enabled the Docker and Browser Caching features, and multi-tenancy is enabled when a tenant is first created
• 4370 - Increased network timeouts when interacting with Tomcat from 30 to 60 seconds
• 4371 - Terraform steps now include a field to allow a workspace to be defined

• 4369 - Fixed a bug where the dashboard would repeatedly request all releases from the Octopus server, and adversely impact performance

• 4119 - Fixed problem with Variable Editor creating values that can't be saved
• 4218 - Audit log filtering would error in some cases and this is fixed now
• 4234 - Ensuring we can render old releases in project overview
• 4264 - A new log level Highlight has been added that highlights the message in the log and shows it on the Task Summary tab
• 4275 - Fixed a bug where in some situations, the read only table of variables would extend beyond the available screen width
• 4300 - Added an upgrade script to clean up orphaned channel version rules
• 4307 - Fixed subscriptions and web hooks that were not firing for users who had scoped permissions
• 4308 - Fixed issue when upgrading a system with an Octopus Managers team
• 4312 - Fixed issue with the AzureAD authentication provider sometimes getting a signature error while validating tokens
• 4314 - Release page navigation links now work regardless of whether the current URL contains a trailing slash
• 4316 - Open markdown links in a new window
• 4322 - Fixed a bug where the tenant tags would be pre-filled on the create deployment page if you had navigated to a create deployment url for deploying to specific tenants
• 4326 - Stop showing a delete option in the UI if you don't have access to view a particular user
• 4332 - Additional error logging is generated for network errors when deploying CloudFormation templates
• 4333 - Fixed error in queueing tasks when 1000's of tasks are ready to run
• 4336 - Add #{else} to the existing #{if} statement in the variable substitution syntax
• 4337 - Artifacts now appear under the step heading on the Task Summary page
• 4339 - Add terraform apply and destroy steps
• 4344 - Cloudformation dynamic variables form does not recognise specilised lists
• 4345 - Cloudformation step will exit early if there are nested stacks
• 4347 - Fixed a bug where the environments filters would disappear if no environments matched the current filter
• 4351 - Fixed an issue where searching through certificates might fail for some types of certificates
• 4352 - Removed redundant call to /api/projects/all from getting-started component
• 4353 - Fixed metrics logging to not use quotes around numbers
• 4356 - Added a field to allow additional files to have variable substitution applied to them from Terraform packages
• 4357 - Additional file extensions are now downloaded from Maven repositories
• 4358 - Null reference exception removed when the AWS region is incorrect
• 4359 - Fix for the error about missing EventView permission on the release page when it is scoped to Projects

• 4311 - Removed the MaxParallelism of 10 for steps - Octopus will run an unlimited number of steps at the same time if you configure your deployment process this way
• 4338 - Add aes256-ctr to the list of allowed SSH ciphers when in FIPS mode

• 3441 - Each Octopus server node may execute one (non deployment or health check) task beyond its task cap, so that tasks such as subscriptions are not blocked by long running deployments or health checks
• 3475 - Use octopurls for documentation urls
• 3556 - "MaxConcurrentTasks" is now the sum of all server node's task caps. Command option Octopus.Server.exe configure --maxConcurrentTasks ... is deprecated
• 4088 - Tentacle auto-upgrades are now blocked for a machine that is being auto-deployed to
• 4168 - Tasks are allocated more evenly to Octopus server nodes in High Availability Octopus
• 4281 - Displayed the deployment start time instead of the queued time on the dashboard and release pages
• 4289 - Deploy Release step task log now includes link to child deployment
• 4295 - Only run autocomplete hack for Chrome on Sign-In screen
• 4298 - CloudFormation steps now populate the proxy configuration
• 4303 - Correctly handle missing deployments when processing auto deploy events
• 4305 - Disabled child steps can no longer have a duplicate name
• 4310 - Fixed an error on the Release Detail page when a user does not have TaskView permission
• 4125 - Improved log message when importing certificate-chain which already exists
• 4163 - User login bans, due to too many failed attempts, now appear in the Audit log
• 4197 - Update our SSH library so that it works on Octopus servers with FIPS enabled
• 4315 - Explicitly reject all HTTP TRACE requests rather than treating them as a GET in some cases
• 4317 - Tenanted deployments will always be executed in the order that they appear in the task queue
• 4318 - Account Edit page now loads usage data asynchronously to avoid blocking the UI
• 4320 - Default values on Tenant Variables are not displayed on V4 Variable Editor
• 4321 - Fix for TypeError: Cannot read property 'State' of undefined on Release page, for users with TaskView permissions scoped to Environments
• 4323 - Added metrics command for configuring metrics logging
• 4324 - Fixed High CPU usage when there are not tasks in the queue or the node is in maintenance mode
• 4325 - "Deploy a package" step now has access to Maven feeds
• 4329 - Removed the word "anonymous" from the installation wizard's consent to collect usage data - the word "anonymous" was mistakenly added in Octopus 3.12.0

• 4285 - Reducing reflow of dashboard status tables to improve performance
• 4292 - Disabling keyboard form submissions on Script Console / AdHoc script
• 4294 - Bring back predictable order to the Add Step page
• 4296 - Fixed a deployment error when using script modules with paths that have ' in them
• 4297 - Improve the database indexes used during auto deploy creation
• 4299 - Fixed bug introduced in 2018.2.0 that caused Calamari upgrade to loop indefinitely if the customBundledPackageDirectory option is used

• 4131 - Fix a bug where Deploy to button is missing from the Task page
• 4132 - Excluded steps are now preserved between retries
• 4142 - Fixed a problem where teams scoped to an environment couldn't add project variable templates
• 4231 - Now you can add an environment to a lifecycle phase without having EnvironmentCreate permission
• 4245 - Added inline note that explains when tenanted deployments are available
• 4246 - Code editor full screen toggle no longer overlays scrollbar
• 4254 - Custom Install Directory feature shows now correctly whether files will be purged or not
• 4259 - Don't specify /bin/bash when performing a raw file transfer to an SSH target
• 4273 - Prevent child releases to many tenants exhausting the task cap
• 4280 - Fixed text-wrapping behaviour in long section titles
• 4282 - Allow channel version rules based on deploy release steps
• 4283 - Variable Template heading displays now Label instead of Name when Label is available
• 4284 - Azure account scoped to both tenanted and untenanted can now deploy to untenanted deployments
• 4286 - Prevent the deploy release step from being added as a child step
• 4288 - Fixed UI issue where changing settings asked for AdministerSystem permission instead of ConfigureServer
• 4290 - Reduce strictness of package filename encoding to allow + characters in path

• 4250 - Project name is now a link (when not bound to a variable)
• 4271 - Added metric logging to track api calls and tasks
• 4276 - Resolved error when creating release for projects containing a Deploy Release step

• 4202 - Package selector and Release selector are not showing double scrollbars anymore
• 4233 - Added validation to ensure that Deploy to IIS steps include package details
• 4248 - Powershell AWS modules are now exposed to the AWS CLI script step
• 4262 - Fix a frontend crash when the project dashboard can't find the channel for a dashboard item
• 4263 - Fixed a bug which prevented variable value from being displayed in the variable editor popup
• 4267 - Fix a frontend crash on the project triggers page when an invalid ARC step is selected
• 4268 - Allow prompted variables in child deployments to be bound from variables on the parent
• 4272 - Fix bug causing channels with version rules to sometimes not auto-select latest package

• 3494 - When scrolling through many environments in project overview, the releases column is now fixed
• 3900 - Fixed missing audit entry when a variable scoped to a single environment and that environment is deleted
• 3930 - Fixed role deletion mechanism, it will now be removed from teams that were referencing it, after the user is shown a warning
• 3980 - Add account usage UI to /infrastructure/accounts/[account]
• 4114 - Packages API does not meet the requirements of our expanding feed types
• 4176 - Projects overview table first column is now fixed width
• 4180 - Added new step: Deploy a Release
• 4211 - Modify the cache naming format to allow for new feed formats
• 4216 - Added additional steps and account types to support AWS scripts and CloudFormation deployments
• 4222 - Fixed a bug where deleting a channel could result in orphaned channel version rules and break the project dashboard
• 4238 - Fixed a bug with incorrect target counts on the infrastructure dashboard under tenant target sets
• 4239 - When AutoDeployLastProcessedEventAutoId is null Octopus attempts to process all previous events
• 4255 - 2018.2 Bug Bash Feeback: Delete Account
• 4257 - Fixed permission issue where users deploying a project they had permissions for would fail

• 4208 - Fixed issue where task creation required higher level permissions than needed
• 4225 - The built-in repository can now be configured by a user with the ConfigureServer permission instead of requiring the AdministerSystem permission
• 4235 - All nodes can now be drained at the same time
• 4242 - Scrollbars are restored after using code editor in fullscreen

• 4123 - Package Acquisition no longer fails with a Object reference not set error when multiple deployments attempt to access the package cache
• 4189 - Ensure the artifact list does not reset when the page auto-refreshes
• 4196 - Octopus.Machine.Hostname system variable is now available on transient target
• 4199 - Fix a bug where ‘Include Library Variable Sets’ in Project Library Sets page deselects existing Library Variable Sets when opened before Sets are rendered
• 4201 - Run-on-server script steps can now be run on a Tentacle that runs a under a different user account
• 4212 - The project dashboard release filter can now be specified by version number in the query string
• 4226 - Making deployment target discovery UI more intuitive
• 4232 - Replaced the Start Mode section in the IIS deployment step with bindable checkboxes in the Web Site and Application Pool sections

• 4137 - Allow configuration of LicenseNotificationMode via configure command
• 4179 - Fixed issue where tag sets re-order feature is missing from the portal
• 4184 - When collecting an artifact using New-OctopusArtifact, we now allow other processes to access the file
• 4207 - Fixed issue where updating Calamari required higher permissions than necessary
• 4217 - Add Feed button not visible without AdministerSystem permission
• 4224 - Fixed a bug in JsonEscape variable substitution filter
• 4182 - Fixed issue where manual intervention instructions couldn't be bound to a variable

• 4213 - Database upgrade licence check now detects pre-3.4 versions and is skipped
• 4214 - Fixed the validation error when a variable is used for authentication method in the IIS step

• 4204 - Add configuration setting to enable long path support in Calamari.Azure
• 4206 - Fixes an issue introduced in 2018.1.0 that prevents IIS steps from being saved if the website or app pool name fields use a variable binding expression

• 3317 - When installing Octopus Server and using a Custom Windows Account to run the service, the installation wizard will configure SQL Server correctly so the Custom Windows Account can access the database
• 3924 - Auto machine removal now happens as part of health checks. Minor breaking change API endpoint for machine removal logs is removed and machine removal logs are no longer stored on the Octopus server
• 3974 - Steps may now be explicitly configured to run before or after package acquisition
• 4070 - The built-in worker, which executes deployment steps and scripts on the Octopus Server, can now be configured to run using a different, lower-privileged user account
• 4143 - Fix for infrastructure overview not correctly flowing tag sets from associated tenants
• 4144 - Import using the Octopus migrator finds the correct deployment process for scripts from similarly named projects
• 4157 - Existing orphaned channels and releases are removed from the database
• 4183 - The check to see whether a step template is in use is now much quicker
• 4185 - Environments, channels and tags now cannot be deleted if they are used by a disabled step in a project's current process
• 4192 - Package notes are fetched in bulk and in async, meaning a release can be deployed without all notes being downloaded first
• 4194 - The installed version of Octopus Server is now tracked to help us provide support when data issues occur and is a precursor to raising and event on upgrade

• 2668 - The database upgrade now checks whether the licence would be non-compliant after upgrade and aborts the upgrade in order to prevent getting stuck with an expired licence and not being able to deploy
• 3454 - Digitally signed Octo.exe and Octopus.Clients.dll so that AV respects it more
• 3802 - Added support for passing password on the commandline to docker login
• 3910 - Added option to filter by phase name in lifecycles page
• 4040 - Minor breaking changes Project and tenant name cannot include unsupported file system characters
• 4102 - Now we only test the connection to the master database when creating or deleting the Octopus database, which in turn fixes a problem we introduced in 4.1.0 with upgrading Octopus in certain situations
• 4130 - PowerShell script parameters with a trailing slash no longer break script execution
• 4155 - Fix a bug where metadata component in release version is not working with SemVer 2.0 template
• 4162 - Added the ability to prevent package scripts from being run by specifying the Octopus.Action.Package.RunScripts variable and setting it to false
• 4165 - We no longer attempt to deploy packages when acquisition fails
• 4169 - Fix for deployment process screen where viewing email step that references a deleted team
• 4171 - Don`t show username for external groups in teams area
• 4174 - Dynamic package feeds now working again with channel rules
• 4187 - Check for $JAVAHOME now uses [[ -n "${JAVAHOME}" ]] instead of -v to support older versions of bash

• 3827 - Fix a bug where tasks with manual intervention are listed as the queued behind tasks on Task page
• 3913 - Increased number of possible PowerShell variables in scripts to maximum available
• 3963 - Corrected the help message explaining what a valid version number looks like
• 3990 - Increased contrast of form elements and content hierarchy
• 4032 - Validate that environment and project ids exist when creating or modifying tenants
• 4072 - Swagger documentation now works if Octopus is running in a virtual directory
• 4085 - Improved the performance of the project Library Variable Sets page when there are many variable sets
• 4087 - Fix a bug where task summary does not show on Task page when it is waiting for manual intervention
• 4090 - Selecting a single date on the Audit page now shows the correct date range
• 4146 - Prevented the filter panel from opening when you set a quick filter
• 4161 - Improve performance of tenant variables when large number present
• 4164 - UI data refresh is now triggered almost immediately after a tab becomes active again if it has been longer than the normal refresh interval; The refresh will also occur if the tab is in the background at a 12th the normal rate
• 4167 - Fixed a security vulnerability where incorrectly configured user roles and teams would allow members of those teams to escalate their own permissions - Octopus now actively prevents any user from escalating their own effective set of permissions - CVE-2018-5706

• 3950 - Deployment page will now show the explanation for tenanted deployment if the channel has tenant restriction
• 3951 - Deployment page now has the ability to deploy to all applicable tenants and skip those which already have the release as the current version for the environment
• 4052 - Fixes for paging parameters in API link collections
• 4101 - The full value is now displayed for variable template TextBox controls
• 4103 - Default value on the multiline text variable template no longer overlays
• 4112 - Make the following scenarios easier:
• Deploying to all applicable tenants for the environment
• Skipping those tenants which already have the release as the current version for the environment
• 4116 - Added warning and error text hints to Checkboxes
• 4129 - Channel rules testing no longer fails when feedId is a bounded value
• 4136 - Logo missing on the previous step template version no longer prevents the current version from being saved
• 4145 - Fix problem in Firefox where selects required two clicks
• 4148 - Removed empty value warning/info icons from variable editor

• 3755 - Disabling a step no longer deletes the channel version rules for that step
• 4092 - Fixed package selection in IE 11
• 4100 - Create step template now renders the selection text

• 3724 - Azure account verification is now deferred until the step runs, which means output variables from earlier steps can be used to resolve the account
• 3856 - Azure account verification is now deferred until the step runs, so that Cloud Region scoped variables can be used to resolve the account
• 4109 - Variable filters are now persisted to the query string
• 4110 - Enable long path support for the Migrator
• 4111 - Add release notes to Releases page
• 4113 - Fixed a bug where package versions would give an exception for a package with >2100 versions
• 4115 - Fix a bug where Release page will crash if the package feed type is resolved from a scoped variable
• 4121 - Packages with a + can now be deleted via the API
• 4134 - Fixed potential scoping bypass when referencing Azure accounts (CVE-2018-4862)

• 4093 - Retries during SSH deployments will now re-attempt to establish the connection
• 4094 - Rolling deployment window size can now be set using bound fields selector
• 4096 - Healty Check step now shows the correct mandatory roles for execution plan
• 4098 - Fixes for dashboard width and alignment issues
• 4106 - Fixed an issue that caused deployments to disconnected SSH targets to run forever

• 3956 - Making variable groups and overflow actions clearer in the variable editor
• 4022 - Do not collapse the lifecycle in Release page if there is pending interruption
• 4058 - Machine events now include show/hide details
• 4066 - Accessing phases containing Environments outside of logged in User's Team Scope not longer throws an exception
• 4067 - Lifecycle automatic deployment logs can now be found in Configuration > Diagnostics > Auto Deploy Logs
• 4068 - Lifecycle automatic deployments may now take up to 30 seconds to respond, instead of immediately
• 4075 - Steps used in Automatic Release Creation can't be disabled anymore
• 4077 - Show full channel name on releases list and deployment details pages
• 4079 - Tenant Tag Sets and Tenants in Infrastructure Summary now show the correct deployment target counts
• 4080 - Release filter doesn't truncate long release numbers any more
• 4081 - Adding or removing a variable set from a project no longer removes script modules from the project
• 4084 - Group by Channel in Project Overview screen no longer throws error
• 4089 - Variables can now be inserted to bound text fields via the list picker
• 4091 - Users can now see environments that are scoped at the team level
• 4097 - Missing resource tooltip displays the correct resource id now
• 4108 - Update to version 3.0.1 of the versioning library

• 3923 - HEAD http requests now return the correct status code instead of 500
• 4019 - Release progression section now shows "Redeploy" and "Try Again" buttons against each environment
• 4021 - Sort variable values predictably in the variable editor based on their scope, value and source
• 4053 - /api/machines and /api/machines/all API endpoints now allows filtering by machine IDs by way of the querstring ids passed in as a comma-separated list of IDs or specified multiple times
• 4056 - Fixed community step update process
• 4057 - Only include IIS related information if we're running on Windows when using a custom installation directory and encounter an unauthorized access exception
• 4062 - Updated versioning library
• 4064 - Common Variables in v4 no longer shows Variable Sets with no templates
• 4069 - The output of the show-configuration command now includes license details
• 4071 - Provide a column specific error message if two projects with different names resolve to the same Slug during migration and failed on the unique constraint check
• 4073 - Fixed security vulnerability in machine update process by checking that the user has access to all environments (CVE-2017-17665)

• 2448 - SSH Targets now support transferring data larger than 2GB
• 4012 - Fixed a bug introduced in Octopus 3.17.8 that would cause the Octopus Server to crash if the SQL Server connection became unavailable for a period of time
• 4025 - Better experience when changing variable type to certificate
• 4039 - Fix for the DateRange component’s width calculations (causing wrapping of day-cells in Firefox)
• 4043 - User password complexity enforcement in the API is now being applied correctly
• 4045 - Environment names in v4 dashboard no longer overlap
• 4050 - Guest user gets created/enabled correctly when the authentication provider is enabled/disabled via the API
• 4051 - Resolved issue with incorrect password when downloading certificates
• 4060 - New portal updated to not allow password change for service accounts or the Guest account

• 3892 - The timeout for subscription webhooks can now be configured
• 3909 - Windows Service deployments now retry starting and stopping services
• 4005 - Sorting environments will now be reflected immediately on previous screen when you perform save action
• 4008 - Reducing excessive warnings in variable editor for empty value scenarios
• 4014 - Any orphaned tenanted deployments will be cleaned up when you upgrade to this version of Octopus Server
• 4028 - Fixed a bug where the cursor would jump to the end of an input while typing in the variable editor dialog
• 4031 - The email priority can now be chosen for email steps and email subscriptions
• 4036 - Fix for test permission exporting failing if the users teams had permissions restricted using empty groups
• 4041 - Allow users to remove a variable set from a project within the variable set row
• 4046 - Fixed a race condition that could cause the list of steps to exclude in a deployment to be empty
• 4047 - Fix tenant chips are not showing correctly in deployment page preview section
• 4048 - Fix regression where steps that should not be able to be excluded from a deployment could be excluded

• 3569 - Added event group MachineHealthChanged, replacing the event category of the same name
• 3652 - Task log, package feed and artifacts folders are now shown in the show-configuration command and in the settings UI
• 3846 - Task log, package feed and artifacts folders are stored as relative to the Home directory when they can be, to make moving the folder structure easier
• 3943 - Add support for exporting certificates for Java app servers
• 3944 - Add support for Maven repos as external feeds
• 4023 - F# and ScriptCS support fixed in Azure script steps
• 4030 - Fixed an API exception from occurring when a variable name was null
• 4033 - Fix for audit screen’s default date range not including today
• 4034 - Fix for maintenance mode banner’s transparency problems
• 4035 - All SQL Server and Database management is now performed through a single component for consistency

• 3954 - Added the ability to resize columns in the variable editor
• 4010 - Getting started no longer crashes Octopus if the first release is not on one of the first 5 created projects
• 4015 - Introduce a delay between connection retries if the connection to the Tentacle is refused as the Tentacle might not be ready to accept connections just yet. Many thanks to @frese for the contribution!
• 4016 - Updating project overview to include wildcard for finer-scoped EnvironmentView permissions
• 4017 - Removed unnecessary word-breaking CSS that was causing the design to break in various scenarios
• 4020 - Update the mouseover popup on scheduled tasks to display the precise scheduled time, and display the scheduled task time in the tasks table
• 4024 - Added missing option for re-deploying already installed packages
• 4026 - Fix for showing you an error when you have 2 certificates variables with same name and both are missing from the library

• 3972 - Made it easier to skip steps on the deployment page
• 3993 - Project overview now shows the executing status for a redeploy
• 3996 - Fixed various issues with time and date selection for scheduled deployments
• 3998 - Fix for Tenant edit screen where error would prevent editing connections to Projects
• 3999 - Reduced the verbosity of auto deploy logs
• 4000 - Text search on the Users multiselect dropdown no longer crashes due to name being undefined
• 4002 - Fix to restore the missing Add Channel, Add Trigger, Create Release actions for users who had sufficient but not admin permissions
• 4003 - Adding null checks to fix multi-selects and the Add Certificate screen
• 4004 - Fixed a bug where new roles would always be added in lower case

• 3984 - Fixed a bug where filtering by tenant tags in dashboards might give you no results if you were also grouping by a tenant tag
• 3986 - Fixes for the audit screen to remember filters when paging
• 3988 - Save button is now enabled by default for steps based on a custom template
• 3991 - Fixes problem where Markdown lists where not rendered correctly
• 3992 - Updating task detail cells so they don’t wrap long version numbers

• 2754 - Tenant configuration transform files are now run automatically by naming convention, just like environment configuration transform files
• 3447 - Migrator skips machine events that relate to missing (deleted) machines
• 3971 - Fix for dashboard configuration screen where a filter on a project which is no longer visible due to permissions would crash the screen
• 3975 - Add the ability to set the default failure mode action on a project
• 3979 - Fix for a crashing active deployment screen for users who could had a set of view only permissions, and could not action interruptions
• 3981 - Fix users with permissions restricted to a project group not having those permissions on newly created projects
• 3985 - Multiselect can display thousands of items now (e.g. Projects, Environments, Tenants)
• 3987 - Active Directory integrated authentication cookie timeout has been increased from 20min to 20days

• 3509 - Improved error handling and message related to incorrect configuration of OpenID Connect Issuer values
• 3955 - Made the user experience and messaging more consistent for associating tenants with deployment targets, accounts, certificates, steps, and channels
• 3959 - Code editor in 4.0 now inserts variable at cursor position
• 3969 - Making loading bars less intrusive and changing to a refresh indicator for task screen refresh intervals
• 3970 - Checkbox can now be unchecked in Action Template Parameters
• 3973 - Fixed a bug where you could not edit tenant tags on variable scopes in library variable sets

• 3939 - Fixed a performance problem with very large installations related to the on boarding features we shipped in Octopus 3.12, which would cause high memory use and higher load on the Octopus database
• 3952 - Output variables are now correctly scoped to Cloud Regions when they are being used for Azure deployments
• 3953 - The template for the machines/{id}/tasks endpoint now includes the take parameter
• 3957 - Now we don't strip invalid characters when SSL thumbprint in IIS Step is bound to a variable
• 3958 - Fixed a bug which stopped you from adding an HTTPS binding for the Octopus Server using a certificate in the WebHosting certificate store via the command-line or using the Octopus Server Manager UI
• 3960 - Fix disabled steps are able to be added to excluded steps list during deployment which causing server cannot identify the step action
• 3961 - Fix for UI error preventing the Add a Deployment Target screen from loading, when accessed on a slower connection
• 3964 - Fix for displaying errors correctly, usually seen while trying to deploy and lacking permission or data for deployment process is flawed
• 3965 - Fix on test permissions screen where quick successive user changes would result in an error
• 3966 - Project releases list is now paging data correctly when filtered by channel

• 3871 - Packages on deployment targets can now be found in the package cache when delta compression is disabled
• 3945 - Fix step templates having some values reset to their defaults when loaded
• 3947 - We are now displaying all available channels in filter dropdowns and as chips

• 3928 - Viewing releases and creating deployments for Tenanted projects will now correctly factor in permissions
• 3932 - For all new installations of Octopus Server, the ProjectViewer user role will be granted the ProcessView permission by default
• 3935 - Fix not handling %2F in URLs
• 3940 - Fixes disabled deploy release button, it was disabled incorrectly even when users had correct permissions
• 3941 - Fixed show/hide empty groups button
• 3942 - Value is now used instead of 1 when Display Value is not defined in Drop down parameter/variable
• 3889 - Test permissions now includes teams based on external group membership

• 3727 - The Octopus Server and Tentacle certificates are now created more reliably across all of the supported Windows Servers using the SHA256RSA algorithm
• 3897 - Added a check to Tentacle to only set the window title when the process is run interactively
• 3927 - If a team references deleted user roles, these will now be highlighted and will need to be removed when making modifications to the team
• 3934 - IIS binding migration script will now handle old and simpler bindings that may have been migrated as not-enabled

• 3907 - Improvements to guided failure and manual intervention experience
• 3918 - Removed an error being recorded in auto deploy logs when machines do not match any project triggers
• 3925 - Tenant, Team, Project, Role, amd Channel chips can now be removed if added to filters, deployments, subscription and notification configurations
• 3926 - Certificate and Account step template parameters can be now used in steps

• 3920 - Deploy action no longer visible for users who lack the ability on project overview page
• 3921 - Fix for audit filter buttons overlapping

• 2576 - Octopus UI shouldn't leak memory any more
• 2606 - The variable editor has been overhauled
• 2636 - The Wait for packages to be downloaded option only appears for steps ordered before a package step, and the checkbox now retains it's value
• 2667 - Deploy release page now displays the version previously deployed for each selected environment and tenant
• 2725 - Added an extra option to the run on option of a step to better differentiate steps that run on the server and those that run on the server on behalf of roles
• 2729 - It is now easy to create deployments for all tenants which do not currently have the selected version deployed to the selected environment
• 2739 - Collapsed the tenant tag filter section by default to declutter the UI
• 2741 - Ctrl-F will now open the browser search function while editing a script
• 2772 - We have improved the Project Overview when the Project uses multi-tenancy and multiple channels
• 2773 - Saving and testing of azure accounts shows result more clearly
• 2843 - The project overview version filter now allows filtering of releases created after the page was loaded
• 2844 - Resolved issue where selecting both the tenant and a matching tenant-tag resulted in a mis-match
• 2857 - We have added a gutter to the versions preview that explicitly shows what versions are included or excluded from Channel Version Rules designer
• 2871 - Clarified what the Run default XML transforms checkbox does when setting up XML Configuration Transforms as part of your deployment process
• 2973 - We fixed a problem where the introduction to Tenant Tag Sets wasn't displayed properly when hosting the Octopus Server in a virtual directory
• 3010 - We have fixed a bug where the code editor would not allow you to scroll down to the very bottom in certain circumstances
• 3012 - We fixed a bug with the Promote button so the options actually make sense for multi-tenanted projects
• 3062 - We updated the Configuration > License page to show more information relevant to your current license, including usage counts so you know if you are reaching your license limits
• 3103 - The environments on the Project Overview are now sorted by Lifecycle phase order, then by their order within each phase
• 3107 - We fixed some noisy JavaScript errors which were appearing in the browser logs
• 3115 - Updated project sidebar to make it clear when a project is disabled
• 3170 - Tenant logos now size correctly in Internet Explorer
• 3177 - The matching tenant count is now shown correctly when reopening the scope of a variable
• 3217 - Deployment preview now shows which steps will run on a per-tenant basis
• 3349 - The unsaved changes warning is no longer shown when a step with a run condition is viewed without being edited
• 3358 - Breaking Change Auto deploy now always re-deploys the most recent successful deployment
• 3368 - The project search and group filter now always appears on the dashboard
• 3417 - Breaking Change We removed the Page.N entries from the Links list of collection responses from the REST API and replaced them with some alternatives
• 3423 - Users can now create projects if they are only members of empty project groups
• 3424 - Deprecated StepName property in Release.SelectedPackages has been deprecated (and will be removed in a future release) in favor of the new ActionName property
• 3461 - Run on Failure steps now show on the task summary tab if it is executed
• 3555 - The url in the address bar is now formatted correctly when the tenant tag filter is applied on the project overview page,
• 3593 - We added a new Octopus Server command called ssl-certificate to bind an SSL/TLS certificate to an IP address/port
• 3602 - Azure errors are now displayed at the top of the page when editing a Cloud Service step
• 3611 - We changed the audit log so it shows the full date and time instead of a summary like 1 hour ago
• 3619 - We fixed a bug in the Releases list where the Channel tags would fail to be displayed next to each release
• 3647 - Breaking Change Removed unused properties from the BuiltInFeedStats API
• 3648 - Clarified how the package retention settings work on the dialog
• 3650 - Added an icon for Unhealthy Azure cloud services
• 3655 - The target machines for a deployment are now shown per tenant and environment
• 3658 - Removed ResourceCollection.IsStale
• 3664 - On deployment creation, tenants that do not match the channel tenant tags can't be selected, and those channel tags are no longer pre-filled on the deployment
• 3684 - We fixed a series of small bugs that would cause unexpected results when searching for Tenants
• 3700 - We improved the user experience for editing sensitive variables for tenants
• 3715 - We fixed several bugs with the Deployment preview and which deployment targets will be included in the deployment
• 3716 - The machine edit page now makes it clearer that a machine will not be considered for a tenanted deployment if it is not allocated to any tenants
• 3717 - Improved auto-deploy machine evaluation to prevent machines being missed due to timing issues
• 3720 - Breaking Change Removed the /api/letsencryptconfiguration/disable API
• 3747 - Breaking Change The get_octopusvariable bash function now returns an empty string if the variable does not exist
• 3750 - The docker steps no longer disappear from the step list when the page is refreshed
• 3753 - Fixed error that occurs when saving IIS related project steps that were created by earlier versions of Octopus
• 3763 - The links to Accounts, Users and Proxies now show when you only have the relevant view permissions
• 3772 - We overhauled the Deploy Release page to make it easier to use when deploying a release to multiple environments or multiple tenants
• 3778 - The step names now appear correctly in Reorder Steps after removing the all steps from a parent step
• 3783 - Multiple Exit full screen buttons are no longer shown when editing scripts
• 3786 - Clarified how to exclude directories when purging a custom installation directory
• 3794 - We fixed a bug which would incorrectly display the introduction to tenants in the Tenant list screen even if you already have tenants defined
• 3795 - The variable editor no longer hides unscoped variables when a variable with the same name is scoped to the filter condition
• 3803 - Breaking Change Authentication provider information is now treated as a resource and served through it's own API
• 3810 - When cloning a project, you can now choose a different Lifecycle for the cloned project
• 3825 - Improved Octopus ‘new release’ notifications for expired trial licenses
• 3831 - Breaking Change Removed previously deprecated Octopus.Server.exe configure options --masterKey, --storageConnectionString and --webAuthenticationMode
• 3832 - Breaking Change Octopus.Server.exe regenerate-certificate has been replaced with Octopus.Server.exe new-certificate
• 3833 - Breaking Change The --thumbprint-only option has been removed from the Octopus.Server.exe show-thumbprint command since it is no longer needed
• 3834 - Breaking Change The NancyCookie AuthCookieService.CreateAuthCookie() used by custom authentication providers has been replaced with NancyCookie[] AuthCookieService.CreateAuthCookies(). This will only impact customers who have written custom authentication providers
• 3842 - Breaking Change Removed the SynchronizationStatus and IndexingStatus properties returned by the /api/serverstatus/nuget API
• 3847 - Fixed a bug with the /api/releases/[ReleasesId]/deployments/preview/[EnvironmentId] API which resulted in steps that are scoped to tenants to be returned for un-tenanted deployments
• 3861 - Breaking Change By default Octopus will only attempt to run a step on up to 10 deployment targets at the same time, instead of attempting to run on every matching deployment target simultaneously
• 3883 - The package used by a Script Step can now be downloaded directly on the deployment target just like the package used by a Deploy Package Step
• 3898 - Fixed a bug on the Project Overview screen which would result in an error if you filtered by tenants before filtering by a release
• 3901 - Snapshotted variables referencing deleted resources will clearly state that the resource is missing from the scope, instead of just not showing it and causing errors downstream
• 3916 - Root document in Octopus API returns now all links
• 3917 - Made it easier to deploy a release to multiple environments or multiple tenants using the Octopus UI
• 3938 - Breaking Change Octopus UI supports now only the latest versions of major web browsers: Internet Explorer 11, Edge, Firefox, Chrome and Safari.

• 3912 - Major improvements to migrator memory and speed performance
• 3915 - Fixed a XSS vulnerability with the Step Template Name (CVE-2017-16801)

• 2834 - Release Notes are now read from external NuGet feeds if the are returned
• 3487 - NuGet packages with unsupported metadata elements in its .nuspec file no longer break package transfers
• 3884 - Return browser security headers when viewing the communications port diagnostic page
• 3886 - Packages used multiple times in the same project are no longer duplicated in package retention logs
• 3905 - Server no longer blocks save of the Everyone team if the member list is out of sync with the user table
• 3906 - Package acquisition will no longer run in parallel with manual intervention

• 3839 - Fixed swagger.json using ints instead of strings for enums
• 3848 - Added operationId to swagger document for better code gen
• 3895 - Script module files now gets cleaned up after being imported by the PowerShell bootstrap script
• 3896 - Variable substitution works now with JSON files that have an array as the root object
• 3899 - Resolved issue introduced in 3.17.11 where Release Assembled date was being set to the beginning of time when created via octo.exe

• 3682 - Resolved issue where Octopus Manager was not correctly binding 'Include Task Logs' option when migrating 2.6 backups
• 3792 - Added CommonName certificate variable
• 3800 - When creating a Release, if Assembled date supplied then use it
• 3855 - Resolved issue when migrating ServerTask with single MachineId where array was expected
• 3885 - Fix for Octopus.Server.exe admin command passing email to display name field when creating a user, resulting in blank email

• 2919 - The Audit log will now show no events instead of all events when filtering by a tenant tag that matches no tenants
• 3830 - Fix for the issue where query string params are missing from all pages besides page 1
• 3880 - Validated that the arguments for a task created via the API are at least in the right shape

• 3875 - The Octopus Server Manager now starts automatically after the installer completes, just like it used to before we introduced a bug in Octopus 3.17.6
• 3876 - Tasks that were running or cancelling during a server upgrade are now no longer stuck in cancelling

• 3213 - Variables now allow escaped strings in conditionals in JSON
• 3757 - Fixed an issue where the current Octopus Server node could not be found during the heartbeat
• 3863 - OpenID Connect security groups no longer get cleared by the sync task when AD isn't also enabled
• 3865 - User permissions cache is updated on OpenID Connect login, so groups changes take effect immediately
• 3866 - Failing a heartbeat now persists demotion to follower
• 3872 - Fixed a Mutex exception when deploying IIS steps on PowerShell 2.0
• 3873 - Fixed an exception loading script modules containing certain characters

• 3864 - Prevent a potential security vulnerability (CVE-2017-15611) by further restricting User Invite action to those with TeamEdit and TeamCreate permissions
• 3868 - When an offline drop target has defined the Encryption password all variables will now be encrypted into the sensitive variables (CVE-2017-15610)
• 3869 - The special Guest account is now denied access to certificate private keys, even if that user has been granted the CertificateExportPrivateKey permission (CVE-2017-15610)

• 2575 - The API now returns a 400 instead of 500 response when an empty body is posted or putted
• 2639 - Fixed UAC permission elevation in management tool
• 2662 - Error message when importing a script module that contains a syntax error now points to the actual script module that caused the error
• 3579 - Fixed issue where adding last node in HA cluster broke the management tool
• 3808 - Fix Octopus upgrade failure caused by empty value in table Event RelatedDocumentIds column
• 3812 - Resolved migrator issue where project was prevented from being migrated by deployment step with hidden empty package ID
• 3814 - Clarified the duplicate variable message to emphasise a user variable is overwriting a step field
• 3819 - Duplicate variable warning no longer returns a false positive when a variable is scoped to a role
• 3850 - Fixed an issue that caused unavailable machines to be re-included in a deployment
• 3851 - Prevented IIS semaphore releasing too many times during high contention deployments
• 3852 - Added support for down-level login names (domain\user) when performing Tentacle upgrades with a specific account
• 3853 - OpenID Connect authentication providers correctly update groups from roles on user login

• 3840 - Fixes Missing permission: VariableView error when viewing Library Variable Sets
• 3844 - New API added for reporting the usages of an account across Machines, Deployment Processes and Releases

• 2572 - The node ping page api/octopusservernodes/ping now returns name, status and version information for the node
• 2915 - Added a Octopus-Node HTTP header that shows which server served the request
• 3497 - Added variables for Octopus.Task.QueueTime and Octopus.Task.QueueTimeExpiry
• 3780 - Scheduled deployments now deploy to the machines available when the deployment is executed (instead of when the deployment is created)
• 3781 - Fixed a memory issue with LogContext and sensitive variables
• 3809 - Add retry logic to the send email step to reduce chance of failing a deployment due to sporadic connectivity issues with SMTP server
• 3815 - Bundled tentacle 3.16.0 that includes --proxy option on Tentacle.exe register-with so a proxy server can be set when registering a tentacle on the command line
• 3816 - Fixed an error when updating steps after changing a step template variable name
• 3817 - Package acquisition better accommodates parallel steps
• 3818 - Guided failure details now display which action and machine failed
• 3824 - Added the variable Octopus.Action.Output.Manual.Approved to indicate if a manual intervention action was approved
• 3826 - API returns the correct status codes again for loadbalancer ping (418 when draining) and resource creation (201)
• 3838 - Fixed an issue collecting machine variables during multi tenant deployments

• 3560 - Empty string may now be provided to override the default value of optional prompted variables
• 3796 - Server startup migrates users to the new Logins structure
• 3811 - The API endpoint /api/tasks?running=False now returns the correct results

• 3591 - Fix for permission combination that allowed viewing of variables that user did not have access to
• 3762 - Fixed Unable to parse sensitive-variables as valid JSON. error in Transfer package step on SSH targets due to decryption password was not being passed correctly
• 3784 - Sensitive tenant variables that use variable expression can now be changed and set to a custom value
• 3785 - The system task 'Fail orphaned tasks' has been renamed 'Clean orphaned tasks'

• 3506 - Service account users can be linked to an Active Directory account and will use that account's groups for team membership in Octopus
• 3667 - External security group synchronization, with authentication providers like Active Directory, has been moved into a scheduled task to fix performance and stability problems
• 3740 - On startup Octopus will delete obsolete files leftover from old Octopus Server installations
• 3744 - Maintain certificate friendly-name
• 3758 - Fixed a bug where the scheduled deployment icon and tooltip in the dashboard would not display
• 3760 - Added variable OctopusSuppressDuplicateVariableWarning to allow logging duplicate variables warning as verbose
• 3761 - show-configuration command now includes watchdog status
• 3764 - Set initial project filter on tenant-project-variables page to alleviate performance issues with large variable count
• 3766 - Remove 'beta' label from 'Mono not installed' option for SSH targets
• 3767 - Support for java packages in the built-in package feed
• 3768 - Deploy Java Archive deployment step
• 3769 - Tomcat deployment steps
• 3770 - WildFly/JBoss EAP deployment steps
• 3771 - Resolved issue with incorrect certificate thumbprint being copied to clipboard
• 3776 - Fixed a bug where the duplicate variable warning is logged when auto-deploying a release to a machine when redeploy on the trigger is enabled
• 3777 - Swagger Documentation of live system
• 3779 - Reduced the frequency of the 'Fail orphaned tasks' task

• 3759 - Fixed an issue causing too much verbose output in the task log

• 3734 - Fixed a problem preventing the Octopus Server from starting successfully which affected customers where their SQL Server Collation is case-sensitive (CS) even if the Database Collation is case-insensitive (CI)
• 3736 - Adhere to PowerShell common preferences when writing verbose and warning output
• 3749 - Log warning for duplicate variables between step template and project for steps that run on the server

• 3728 - Teams scoped to empty project groups have access to no projects now
• 3742 - Fixed a SQL query that was passing too many parameters to SQL, hitting the limit
• 3746 - API accepts now channel version rules that reference actions by Id or Name
• 3752 - Fix for error Unexpected character encountered while parsing value when saving deployment process
• 3754 - All steps types that have roles can both have and be child steps
• 3756 - Added missing dll required for the watchdog command to the server package

• 3751 - Fixed an issue creating deployments for tenants that was introduced in 3.16.3

• 2578 - Fix binding to ARM template fields that have allowedValues
• 3247 - Add supported OS versions to app manifest to ensure correct OS is reported in logs
• 3512 - Validation on required bindings for IIS related deployment steps
• 3523 - Deployments triggered by auto-deploy environment in lifecycle should be assigned the user that created the release
• 3527 - Release retention policy now correctly considers all deployments to all tenants when deciding which releases are “still on the dashboard”
• 3623 - Add a check to the Octopus server startup to ensure that the Octopus database is using a case-insensitive collation
• 3638 - Data on extra step features will be cleared when feature is disabled
• 3641 - The SQL Database schema upgrades are now performed within a single transaction, meaning all upgrades will either succeed, or roll-back as a whole returning the database to its last known good state
• 3713 - Fix for unexpected deployment errors when steps or actions had the same name by now ignoring case when validating that steps and actions have unique names
• 3719 - Clarified log message when Calamari is not installed on a target
• 3725 - Add help text to environment selector on Run Step template page to make it clear no environment variables are available
• 3733 - Resolved issue migrating ExtensionConfiguration
• 3735 - Provide helpful error message if package file with length of 0 is pushed
• 3737 - Allow azure script steps to have child steps

• 3546 - The server side cross check of downloaded packages versions now uses semantic version rules instead of a strict string comparison
• 3626 - Octopus now ensures only a single database schema upgrade is running at any given time, making Octopus HA upgrades more robust
• 3708 - Tentacle retention policy now applies to packages used in Run a Script steps
• 3723 - The task page now provides better insights into why a task hasn't started yet

• 3697 - Fall back to SHA1 certificates on Windows 2008 32 bit if SHA256 is not supported
• 3699 - Duplicate variable message is now logged as a warning to make it more discoverable for customers
• 3701 - Polling tentacles now log errors in the main connection retry loop
• 3722 - Include guest account enabled state in anonymous metrics reporting

• 3621 - Improved handling of key retrieval and caching in the OpenID Connect provider
• 3624 - Tentacle installer download links on Create deployment target for Listening or Polling Tentacles now point to the correct URL
• 3673 - Allow the use of Virtual Directories when configuring Let's Encrypt
• 3676 - Ensure advanced settings are expanded by default on Let's Encrypt dialog when previous values exist
• 3677 - Minor Breaking Change Updated ScriptCS to 17.1, which contains some minor breaking changes
• 3688 - Changed the ServerTask table to refer to OctopusServerNode by Id instead of Name
• 3691 - Fixed a potential memory leak when making heavy use of subscriptions under certain circumstances
• 3692 - Redesigned SQL Indexes for ServerTask to improve performance of everything that queries tasks
• 3694 - Ensure 'restart required' message is shown when disabling web sockets
• 3696 - Allow using self-contained .NET Calamari for SSH Targets (this means no Mono dependency)
• 3698 - Added support for Okta as an authentication provider
• 3702 - Resolved issue that caused the WebUI to become unresponsive when deploying to 100+ tentacles
• 3705 - Fixed Let's Encrypt support after a breaking change in the Let's Encrypt API

• 3522 - Add audit events when a package is deleted from the built-in repository and keep 1 weeks worth of package repository retention logs
• 3630 - The --console switch is no longer required by scripts automating the Octopus or Tentacle command-line interface, but is still supported for starting either service interactively if so desired
• 3665 - Fixed a bug that would sometimes result in a null reference exception when setting a password in a step
• 3675 - Life Cycle listing in the Library will now be available to those with permission LifecycleView, it used to require LifecycleEdit
• 3678 - Fixed a bug which was preventing the task list from being filtered by Server Node after upgrading to Octopus 3.15.x
• 3680 - Corrected Azure account variables masking in log
• 3681 - Add an audit event when the server retention policy deletes a release
• 3686 - Ensure 'restart required' message is shown for all relevant configure commands
• 3687 - Improve error message when Docker feed test cant connect successfully

• 3629 - You can now filter audit events for specific tenants
• 3666 - Fixed a problem which could cause a SQL Connection leak when synchronizing Active Directory groups under certain circumstances
• 3669 - Fixed a problem where certificate variables were not being scoped by tenant tags
• 3671 - Default value of sensitive project variable templates is now preserved between updates
• 3762 - Using our production certificate when signing the Tentacle files in TeamCity
• 3674 - Fix for ids filtering in projects, tenants and library-variable-sets API

• 3547 - Avoid requirement to load project information on tenant project variables screen
• 3613 - Project Variable Templates are now also cloned along with the other project properties and data
• 3622 - Adding ‘ids’ filtering to the API (added to CustomQuery and Index responders)
• 3645 - Updated Let's Encrypt integration to support specific IP certificate bindings
• 3651 - Default value of sensitive variable templates is now preserved between updates
• 3659 - Handle Let's Encrypt http challenge when ForceSSL is enabled and https is configured on a custom port
• 3660 - Fixed a problem where the project settings page took a long time to load on large installations after installing any Octopus versions between 3.14.15926 and 3.15.5
• 3663 - Update the ForceSSL redirection to redirect from HTTP -> HTTPS before redirecting the the /app endpoint

• 3533 - Project release filter now searches all versions
• 3594 - Lifecycle must have at least one phase that is not optional
• 3615 - Both API and UI for Library Variable Set enforce now the same scoping rules
• 3644 - Fixed a problem causing intermittent System.AccessViolationException errors when using the built-in Octopus Certificate features
• 3657 - The permissions for cancelling a task have been simplified, so now you only require the TaskCancel permission in order to cancel a running task

• 3649 - Fixed missing Microsoft.Threading.Tasks error when setting up or health checking Azure steps
• 3654 - Prevent a potential security vulnerability (CVE-2017-11348) in the Built-In package repository by validating supplied PackageId’s according to the same rules as NuGet. .

• 3096 - First steps in a deployment process can now have run conditions
• 3639 - Corrected "learn more" link for the Let's Encrypt integration
• 3643 - Improved validation messages around Let's Encrypt bindings and no longer prevent configuration when using reverse proxy

• 3642 - Windows Service step no longer double escapes additional parameters

• 3505 - Backslash character in windows service password are now escaped
• 3513 - Quotes around window service exe path were missing
• 3515 - Start-Service was treating [ as a special character and was unable to start the service
• 3540 - Passwords with $ characters in Windows Service deployments are now escaped properly
• 3587 - Corrected VariableEdit permission description
• 3631 - Fix JS bug introduced in 3.15.0 causing portal loading issues in IE11
• 3632 - Resolved spurious 'No enabled deployment targets' warning on tenanted deployment previews

• 2722 - Enable untenanted projects to be deployed to tenanted deployment targets
• 3428 - Acquire package and retention policy steps now show step number and name in variables
• 3570 - Unscoped variables deleted when user doesn't have VariableViewUnscoped permission
• 3597 - Added support for managing the Portal SSL certificate using Let’s Encrypt
• 3598 - Resolved issue with Azure Service-Principal accounts not being available for selection as value of tenant variable template
• 3605 - The command-line interface for Octopus and Tentacle will now warn you if a service restart is required after certain configuration changes
• 3606 - Clean up corrupt entries in the events table left behind by a previously resolved issue
• 3609 - Migrator now maps TenantId when migrating Deployments
• 3610 - Improved command-line interface for Octopus and Tentacle
• 3612 - Prevent automatic Tentacle upgrades from restarting the host machine
• 3614 - Bugfix: Release filtered dashboard does not show environments that deployment can be progressed to
• 3620 - Certificates with long IDs can now be assigned as Tenant Variable values without throwing a StringTooLongException

• 3520 - Advanced project settings are shown by default after a users first successful deployment
• 3558 - Added Support to override Azure Service Management (Storage) Endpoint Suffix
• 3575 - Tentacle will now ignore partially downloaded packages that are a result of network failure or deployment cancellation
• 3584 - Improved UI to make it clearer that steps run ‘on behalf’ of roles are optional
• 3601 - Cloud Service Storage account list handles Azure service management endpoint override correctly
• 3607 - Resolved an exception starting Octopus Server when the current node name contains certain characters

• 3586 - Tasks running on an HA node that fails to check in will be marked as failed
• 3589 - Offline drops now detect if a sensitive variables file is available, and prompts for the password automatically
• 3599 - Fixed a problem that would show an annoying error message when trying to upgrade from Octopus 2.6.5 to Octopus 3.14.x
• 3600 - Fixed an issue introduced in 3.14.159 that caused prompted variable not to be set at deployment time

• 3330 - Improved the performance of the update variables process at the end of each deployment step
• 3545 - Azure resource group deployment names are unique and less than 64 characters long
• 3567 - Task log headers now indicate whether an action was run on behalf of a targer instead of on the target itself
• 3572 - Most list api endpoints now support a take query parameter to control the page size, allowing more than 30 results to be returned at a time
• 3577 - Azure Web App step correctly reloads the site list when editing
• 3578 - Show additional configuration values on the Configuration -> Nodes -> Configuration Settings page
• 3580 - User invitations can be used only once now
• 3583 - Step Update works now when the update is performed while the template is being modified

• 3094 - Running a step template now populates its default parameter values
• 3524 - Cloned projects now include the correct lifecycle
• 3552 - OpenID Connect authentication provider now supports IPs that only use RSA keys
• 3559 - A new HA node leader will be elected when there are only follower nodes
• 3561 - Recover from hung state when IIS based deployments are cancelled
• 3562 - All error messages are now written to stderr even if the --noconsolelogging switch is used with Octopus.Server.exe or Tentacle.exe
• 3563 - Improved the master key validation we apply when connecting an Octopus Server instance to an existing database
• 3565 - Octopus Server, as part of upgrading, now detects if the SQL Database schema upgrade can be performed before attempting them
• 3566 - Fixed a problem where an audit event could be formatted incorrectly, causing the audit query to break
• 3568 - Clarified that Roles group Permissions
• 3574 - Add commands to create and backup certificates used by the Server for Tentacle communication
• 3576 - Azure Cloud Service deployments will now set OctopusAzureCloudServiceDeploymentID and OctopusAzureCloudServiceDeploymentUrl output variables when the deployment is completed. Many thanks to @micsco for the contribution!

• 3459 - IIS application pools and websites can optionally be started as part of the deployment step
• 3549 - Fix to the Certificate table to help avoid primary key violations
• 3554 - Octopus Server and Tentacle will now be released on a separate cadence
• 3147 - Improved the database schema upgrade experience

• 3493 - User onboarding progress bar no longer appears after upgrading from 3.3.27 or earlier
• 3531 - Performance improvements to the deployment manifest clean up queries
• 3542 - Show the custom installation directory purge exclusions section when the Purge setting is bound to a variable
• 3543 - Resolved error creating deployment when certificate step-template parameters not supplied

• 3433 - Improved Lifecycle API validation to ensure environments are valid
• 3449 - Only child steps can be moved into rolling deployments. Azure Resource Group steps can now be child steps as well
• 3473 - Azure Resource Group deployments now generate unique deployment names
• 3519 - Bugfix allowing blocked deployments to continue phase progression
• 3529 - Fixed error 65532 when running Tentacle upgrades on PowerShell v2
• 3530 - You can now upgrade the database schema using the Octopus.Server.exe database --upgrade command
• 3534 - Fixed orphaned tenanted deployment integrity check - now it ignores un-tenanted deployments from the test
• 3536 - Improved performance of writing task logs by about 10%
• 3537 - Fixed a JavaScript problem with the Azure Service Fabric step's hamburger menu
• 3539 - Improved performance for each HTTP request by reducing memory allocations

• 2943 - Allow some files to be retained when purging a custom installation directory
• 3048 - Selecting release on multi-tenant project dashboard will now update the dashboard
• 3101 - Tenanted deployments are now cascade deleted when the tenant is deleted
• 3210 - Errors when applying retention-policy on deployments targets now treated as warnings, and will not fail the deployment
• 3249 - Resolved issues with filtering tenants list in portal
• 3347 - Log relevant error message if trying to import certificate into Root store for user
• 3401 - "Document type" added as filter for audit log and subscriptions
• 3402 - Improved description of the permissions table on the permission test page
• 3479 - Added a link to help for dynamic package feeds
• 3496 - We now explicitly mention that IIS step supports Websites, Web Applications and Virtual Directories
• 3504 - Add the ability to export the audit log as a CSV file
• 3508 - 'Send an Email' step summary shows now only teams selected by the user
• 3510 - We now explicitly tell the user that release deletion will remove deployments from all dashboards
• 3514 - Fix Lifecycle required to progress details not saving correctly
• 3516 - Made it easier to see the options to upload packages to the built-in package repository
• 3528 - Ensuring a channel belongs to a project upon release creation is now case insensitive

• 3435 - Step template can't be deleted now if any of its versions are in use
• 3469 - Resolved slow deployment times introduced in 3.12.8, caused by Calamari checking certificate-revocation-lists for signed assemblies
• 3919 - Fixed a XSS vulnerability with the All Variables Tab (CVE-2017-16810)

• 3500 - Display help text for project variable template when viewing tenant variables
• 3502 - Fix syntax highlighting for variable value editor

• 3498 - Resolved error when deploying old versions of step templates introduced in 3.13.4
• 3286 - Editing ‘environment scoped’ variables in a variable set no longer needs EnvironmentEdit permission
• 3357 - Enabled certificate parameters to step templates
• 3396 - Removed broken 'Create variable' link from certificate step template parameters
• 3414 - Only remove SSL certitificate from the website that the HTTPS binding is removed from
• 3467 - Auto deploy will no longer attempt deployment to machines without roles relevant to the deployment
• 3478 - Error reason will be shown when license signature could not be verified
• 3480 - Health checks now log any machines that could not be checked because of tenant permission restrictions
• 3484 - Variables with colons can now be used as Web Site and App Pool names
• 3485 - 0 will no longer be repeatedly written to deployment logs for IIS deployments
• 3486 - Fixed typo in the scheduled task tip
• 3490 - Fixed a performance problem where both an unbounded and paginated SQL query were issued for some requests
• 3492 - Fixed a Service Fabric upgrade bug where we were using an incorrect argument

• 3460 - IIS Website Step no longer hides Physical Path after upgrading
• 3481 - The web UI now detects a missing anti-forgery cookie as part of signing in and shows a helpful error message
• 3482 - Fixed issue where tenants could not skip optional Lifecycle phases

• 3463 - Existing action data is displayed correctly and community step updates are versioned now
• 3468 - Tweaks to Tentacle upgrade process to diagnose error 65532
• 3471 - Manual action template merge updates now all relevant properties