v3.20.2
Latest
Released Mar 15, 2026·Supported until Dec 14, 2026·Community 1.20.2·Enterprise 0.23.2
Breaking
2 to verify
Security
Clean
Changes
3F · 5B
Downtime
Zero
Upgrade Impact
Breaking:one breaking change to API response format. Database migration required (~30s).
Chat completion API response envelope changedThe `data` wrapper is removed from streaming responses. Clients using `response.data.choices` must update to `response.choices`.
New required environment variable VECTOR_STORE_POOL_SIZEDefaults to 10 if unset, but explicit configuration is recommended for production deployments.
What Changed
9New Feature
Multi-modal file upload in chatUsers can now attach images, PDFs, and spreadsheets directly in the chat input. Files are automatically parsed and injected into the LLM context.
Workflow branch merge nodeA new 'Merge' node allows joining parallel workflow branches with configurable aggregation strategies (first-wins, all-complete, majority).
Organisation-level API key managementAdmins can now create and rotate API keys at the organisation scope, with per-key rate limits and audit logging.
Bug Fixes
Fixed SSO SAML assertion replay vulnerabilityAdded one-time-use token validation for SAML assertions to prevent replay attacks.
Resolved race condition in concurrent workflow executionsParallel node executions no longer intermittently overwrite shared context variables.
Corrected pagination in knowledge base document listOffset-based pagination now returns consistent results when documents are added during browsing.
Fixed dark mode rendering of code blocks in chatSyntax-highlighted code blocks now use the correct background colour in dark mode.
Resolved Helm chart PVC naming collision on upgradePersistent volume claims are now suffixed with the release revision to prevent conflicts during rolling updates.
Improvements
Reduced cold-start latency for workflow executionPre-warmed connection pools and lazy plugin loading reduce first-request latency by ~40%.
Upgrade Guide
Pre-Upgrade Checklist
Verify current version is v3.20.x or v3.19.x (direct upgrade path supported)
Back up PostgreSQL database and Redis data
Set VECTOR_STORE_POOL_SIZE in your values.yaml
Update API clients that rely on streaming response envelope (see breaking change above)
Confirm Kubernetes cluster has sufficient resources for rolling update
Zero-downtime rolling upgrade supported
Upgrade Command
# Back up database first, then:
$ helm upgrade -i dify -f values.yaml dify-ee/dify --version 3.20.2
Rollback
$ helm rollback dify 0
Security & CVE
No security vulnerabilities fixed in this release.0 Critical · 0 High CVE across all container images
Image
dify-enterprise-api
dify-enterprise-gateway
dify-enterprise-frontend
dify-enterprise-backend
dify-enterprise-worker
critical
0
0
0
0
0
high
0
0
0
0
0
medium
2
0
1
0
1
low
3
1
4
2
0
Status
PASS
PASS
PASS
PASS
PASS
ScannerTrivy v0.62.0
Scanned
Mar 15, 2026
Data Source
Docker
Benchmark Report
TTFE – Time To First Event (ms)
AVG
61.45
MIN
42
MAX
298
P50
55
P90
68.1
P95
105
Connections
Max Concurrent
72
Avg Active
41.8
Empty Workflow QPS
Max QPS
78.5
Avg QPS
45.12
Avg Duration (ms)
72.36
License Compliance
All dependencies compliant- no copyleft issues detected
MITApache-2.0BSD