Privacy has been a big topic in the tech world over the past few months, with the news surrounding Facebook and Cambridge Analytica, the deadline for the GDPR, and all those Privacy Policy e-mails we've all be getting/sending out. We've written about this recently.

Today's release of Review Board 3.0.7 is focused on enhancing privacy options and protection in Review Board, improving defaults and adding optional GDPR-compliant privacy settings for servers. There's also the usual assortment of bug fixes.

Better Private Profiles

7 years ago, we introduced Private Profiles in Review Board. When enabled by a user, their full name and e-mail address would be hidden in the API when accessed by other users. In this release, we've expanded the protections of Private Profiles:

• Enabling Private Profiles now hides full names and e-mail addresses throughout the UI and API
• Private Profile behavior is always on when viewed by anonymous users (keeping information from public servers off of search engines)

Users can enable Private Profiles through the My Account -> Profile page.

User Consent and Privacy Rights

Some features making use of personal information now require consent before that information can be used. This is managed in the My Account -> My Privacy Rights page, and decisions on consent can be changed at any point. If configured, users will also be prompted for acceptance of a Privacy Policy and Terms and Conditions on this same page.

By default, Review Board only requests consent for Gravatars, but extensions can register their own features requiring consent. We'll be providing guides on incorporating this soon.

Review Board administrators can enable this support for consent, acceptance of Privacy Policies and Terms of Services through the new...

GDPR-Compliant Privacy Settings

These new privacy settings can be changed in Admin UI -> User Privacy Settings:

• Terms of service URL and Privacy policy URL can be set to the URLs of the server's respective URLs.

  When either of these are set, users will be prompted to view and approve the terms before they can use the server next, or when registering a new account.

• Privacy information is a text field for providing privacy details specific to your server or organization.

  This will be shown to users in the My Account page or when prompted for terms or consent. It accepts HTML, letting you provide links to important information in your network.

• Require consent for usage of personal information enables GDPR-compliant consent checks for features.

  Which enables the new consent management seen above.

Bug Fixes Aplenty For

• A handful of crashes when bad data is fed into the URLs for the dashboard and internal diff viewer URLs (usually caused by search bots)
• Some more crashes when avatars aren't available when configuring users in review groups
• Regressions when configuring bug trackers
• Communication problems with newer versions of Gerrit
• Bad error messages when failing to find files on local Git repositories

See the release notes for the complete list of changes.

Today's release of Power Pack 2.0.1 is a small bug fix and maintenance release.

Licensing Fixes

The primary fix addresses various access issues with repositories hosted on Bitbucket Server and Visual Studio Team Services when transitioning license states (such as from a valid trial license to an expired one), which can cause future problems for users who need to use these repositories.

Python Compatibility

We've also dropped support for Python 2.6, allowing us to focus on bringing Python 3.x support to both Power Pack and Review Board in future releases. Python 2.6 hasn't been maintained in years, and support was recently dropped in Review Board 3.0. The last release to support Python 2.6 is Power Pack 2.0.

If you're still on Python 2.6, we can help you upgrade.

Update Today

Power Pack 2.0.1 is recommended for all Power Pack users, particularly those using Bitbucket Server and Visual Studio Team Services. Power Pack 2.0.1 supports Review Board 2.5 and up on Python 2.7.

To upgrade, or to install for the first time, see the installation instructions.

Learn more about Power Pack 2.0.

Today's release of Review Board 3.0.6 fixes a handful of small issues throughout the product, from better source code management compatibility to more polished UI interactions.

Better E-Mails

• Using rbt post --submit-as and then publishing the review request once again sends out e-mails on behalf of the owner of the review request instead of the logged-in user.
• Links to comments in e-mails resolve correctly.

Compatibility Improvements

• Fixed problems fetching some files using GitLab API version 4, depending on how the diff was uploaded.
• Fixed timezone-related problems looking up or posting Bazaar changes and browsing Mercurial commits.

Fixes for UI Regressions

• The Description/Testing Done text fields once again grow to fit when adding lines and shrink when removing them.
• Revoking a Ship It now immediately crosses out the "Ship It" text on a review.

For the full list of changes, see the release notes.

I know what you're thinking. "Another Review Board release? Didn't we just have one this week?"

We did, and it was pretty great, but not perfect. A regression with repository configuration slipped in and broke things, and we didn't want you to wait any longer for a fix.

We've also been busy fixing other bugs this week, and felt it was as good a time as any to get those into your hands. So here they are.

Fixes for repository settings

Some bad logic broke repository configuration, causing options to show up that shouldn't and others to not show up when they should. It was confusing, both for administrators and for Review Board when trying to sort out what was set.

Bitbucket Server was showing up as a hosting service option twice if Power Pack was enabled. It was pretty excited to even be considered.

Fixes for search settings

Trying to enable Elasticsearch support without having the right module installed was causing a not-so-friendly error. Now it causes a very friendly error, telling you exactly to do to install compatible Elasticsearch support.

It should also help clear up the confusion around versions. We require Elasticsearch 2.x (5.x or higher won't work) because the search framework we use is capped at that. That's... not ideal, and we're considering options here.

Fixes for API token policies

Crafting a custom API token policy and hitting Save now properly switches the displayed policy type to "Custom" instead of "Full Access."

While a reload would have fixed that, that was pretty misleading, and led to more problems than it solved (which was none — no problems were solved by that bug).

Fixes for some other things

• The field used to select available avatar backends should no longer appear blank at times
• Using the submit-as option when posting review requests no longer shows (harmless but annoying) errors when Active Directory is enabled
• Logging extension media installation errors no longer triggers its own errors

As always, see the release notes for the full list of changes.

Today's Review Board release is full of new features, integrations, and improved hosting service support. Let's dive right in.

Link to your Asana and Trello tasks

You can now enable Asana and Trello integrations, adding new fields to your review request for linking up any Asana and Trello tasks your review request relates to.

This works similarly to the Bugs field right now, and opens the doors for tighter integration later.

Post updates to Mattermost and I Done This

Review Board can now post updates about review requests and reviews to Mattermost channels, keeping your team up-to-date. This brings all the benefits that Slack users enjoy, while keeping all updates within your own network.

Updates can also be posted to I Done This, which helps team members build up daily and weekly status reports as they work.

Review code stored on Gerrit

If your company uses Gerrit for hosting, but teams want the code review benefits of Review Board, we have you covered. Review Board can now link up to your Git repositories hosted on Gerrit, letting you post changes for review the same way you would on other services.

This does require the use of a special plugin to enhance Gerrit's API, so see the installation instructions to get started.

Better compatibility with GitLab

We've rewritten our GitLab support to take advantage of the benefits of their latest API. Nested groups and large numbers of repositories are now supported, and edge cases have been addressed. Overall, your GitLab experience should be better now and going forward.

Supporting self-signed SSL certs

If you're using a self-hosted service like GitLab, GitHub Enterprise, Bitbucket Server, or Gerrit, you can now use self-signed SSL certificates without workarounds. You'll be prompted to confirm the certificate when adding the repository, and then you're set.

And lots more

• Custom file-based filters in the diff viewer
• A command for creating new extensions
• New extension template hook points for the review request box
• Many bug fixes, logging additions, and compatibility improvements

For the full list of changes, see the release notes

Django released a new set of security releases that protect against swamping a server when passing certain strings to a few different functions used for building URLs and truncating content. See their announcement for the details on the fixes.

We maintain security-hardened builds of Django 1.6.x, the version series we use for Review Board 2.0 through 3.0. We've put out a new Django 1.6.11.7 release that contains these fixes.

To upgrade to this release, run:

$ pip install -U https://downloads.reviewboard.org/releases/Django/1.6/Django-1.6.11.7.tar.gz

Or:

$ easy_install -U http://downloads.reviewboard.org/releases/Django/1.6/Django-1.6.11.7.tar.gz

You can always keep up on the latest Review Board security announcements by subscribing to our Official Announcements mailing list, joining our Subreddit, or following us on Twitter.

For years, companies have come to depend on Power Pack to track and report on the effectiveness of code review in their teams, to review code managed by GitHub Enterprise and Microsoft's Team Foundation Services, and to incorporate document review into their workflows.

Today, we're ready to announce the next generation of Power Pack. On the surface, this brings a number of substantial quality-of-life improvements to Reports and PDF Document Review and new support for AWS CodeCommit and Bitbucket Server. Under the hood, we're in position to bring new collaboration features that we'll be announcing this year.

Let's dig in to what Power Pack 2.0 has to offer.

Revamped Reports

Generating reports for teams has never been easier. Our new UI lets you quickly locate the users and groups you want included in your report and to save those selections for future reports.

Choose a reporting period (such as "This quarter to date," "Last week," or "Since 1 year ago") to instantly see a new report for the period. Bookmark the weekly report in your browser to always keep track of how your team's doing this week.

Download a CSV file for any report to gain better insights using Excel or other tools.

A Polished PDF Experience

PDF document review has been completely redone to better fit in with the look and feel of Review Board 2.5 and 3.0, and to help you see more of your document at once.

Pop open the sidebar to see thumbnails for each page in the document. The active page you're reviewing will be highlighted so you always know where you are and how much you have left to read.

Navigation is smoother. Switching pages or zooming in or out of the document will keep your scroll position steady, so you don't lose your place.

Connect to AWS CodeCommit and Bitbucket Server

With Power Pack, you can now review changes in your Git repositories hosted on AWS CodeCommit and Bitbucket Server. Moving private repositories into CodeCommit or migrating from Bitbucket.org into an in-house Bitbucket Server no longer means changing code review tools.

Get Started

If you're new to Power Pack, why not give it a try? A 30 day free trial covers your whole server, and converts to a free 2-person license once expired. Ready to buy? A full license costs only $8.33 a user a month, for as many or as few users as you choose.

Existing user? Follow the simple upgrade instructions to begin using Power Pack 2.0 today.

Today's release of Review Board 3.0.3 focuses on a series of fixes and improvements for avatars, diffs for comments, extension packaging, and a few other things. The big highlights are with the new avatar upload UI and stability improvements.

Avatars

It's now easier to upload custom avatars. The UI has been completely redone, and gives you a better idea of how your avatar will look. Simply drag-and-drop any image to upload it.

We've also fixed a handful of problems with custom avatar backends, to prevent them from occasionally disappearing or not being used. If you're building custom backends, we're interested in hearing if you're encountering any problems with this release.

Some other things we've fixed

• The Review Request API resource now includes the number of issues pending verification.
• Diffs shown alongside comments work once again under Python 2.7.6 and older.
• Subversion support is no longer broken when using modern versions of Subvertpy.
• Extensions providing LessCSS stylesheets will now package correctly when including stylesheets outside the extension.

For the full list of changes, see the release notes.

For over a decade, we've been building Review Board with the goal of making your code, UI, and documentation review process easier, helping you weigh in and spot problems before your customers do.

But we know you're busy — we all are — and there's better uses for your time than checking every change for syntax errors, unused variables, bad imports, style consistency, and other problems that could have been caught ahead of time by code analysis tools.

So we'd like to help you out.

Meet Review Bot.

Review Bot is a self-installed service and extension for Review Board 3.0 that automatically reviews code changes posted for review. It integrates with a handful of popular command line code analysis tools, gathering results and posting reviews for issues found in the code.

You can create as many Review Bot configurations as needed for your organization, running different tools for different repositories or review groups, and customizing the settings for each tool.

Review Bot 1.0 supports the following tools:

• BuildBot "try" — automated builds
• Checkstyle — Static analysis for Java
• Clang Static Analyzer — Static analysis for C, C++, and Objective-C
• Cppcheck — Static analysis for C and C++
• CppLint — Style checker for C and C++ using Google's style guide
• flake8 — Style checker and static analysis for Python
• JSHint — Static analysis for JavaScript
• PMD — Static analysis and duplicate code detector for a wide variety of languages
• pycodestyle — Style checker for Python
• pyflakes — Static analysis for Python

More are coming soon, but you're not limited to what Review Bot ships with. You can also write your own integrations for tools used in your organization using Python.

Get started with Review Bot

Review Bot is ready and eager to start reviewing your code today. To get set up, there are three components you'll need to install:

• A compatible message broker service, such as RabbitMQ or Redis, which tracks automated code review requests
• The Review Bot worker service, which runs any configured tools against your code
• The Review Bot extension for Review Board 3.0

The message broker and Review Bot worker can be installed on the server running Review Board or on a dedicated server. Follow your preferred broker's instructions and the Review Bot installation guide to get everything set up. Please note that some tools may have their own installation requirements as well.

If you have any questions or hit any problems as you get going, you can reach out to us on our community support forum. Priority support for Review Bot is also included as part of a Review Board support contract.

We have a new release of RBTools for you today. Version 0.7.11 brings a number of fixes and improvements for posting reviews and working with Git, Mercurial, Subversion, and Team Foundation Services repositories.

Here are some of the highlights:

• rbt post --diff-only, which used to be specific to Perforce and regressed there recently, now works for all types of repositories.
• Mercurial changes are now posted as Git-style diffs, leading to a better experience on Review Board.
• Crashes running svn info with certain locales when scanning the type of repository will no longer occur.
• Team Foundation Services support should work correctly when Visual Studio 2017 is installed.
• The help output for rbt post --tracking-branch is no longer incomplete and misleading.

The complete list of changes are available in the release notes.

See the RBTools Downloads page for installation instructions for your operating system.

We're working toward a release of RBTools 1.0, with many new features for working with automated code review, intelligently computing tracking branches for Git, landing sets of changes at once, and more. Stay tuned for that, and as always, if you hit any problems, please let us know on our community support forum or bug tracker.