Jump to >
Happy 10th Birthday, Review Board!

Happy Birthday!

10 years ago, David Trowbridge and I (Christian Hammond) began talking about the problems and annoyances with code review, and how it could be better. Code review at the time was (usually) a very tedious process where you'd e-mail diff files around and reply to them, and while there were a couple of tools on the market, they were expensive and cumbersome.

So on September 27, 2006, ten years ago today, we landed our first commit.

r1 | chipx86 | 2006-09-27 00:25:53 -0700 (Wed, 27 Sep 2006) | 2 lines

    Add the reviewboard.

Where we were back then

Back in 2006, there was no GitHub or Bitbucket. Git was just around a year old. Subversion and Google Code were the tools choice of most open source projects. Many companies performed code reviews on whiteboards or projectors.

And people still e-mailed diffs around.

We just knew things could be better, so we began writing Review Board. We didn't know if it'd be a short-lived toy project, our new excuse for staying up all night coding, or if it could truly be more. It started off as just an experiment in improving how code review could be made better, could evolve, to make lives easier for developers.

The experiment was a success.

Pre-1.0 Dashboard

(We've come a long way since.)

Where we are today

Fast forward 10 years (!) and we have a product that we're proud to call our day job, a product that thousands of companies depend on every day. Hundreds of thousands of developers.

Over the years we've learned what works and what doesn't. We've greatly enhanced our code review capabilities, added support for many more types of code hosting services, wrote a powerful and comprehensive extension infrastructure and API, and helped change the world of code review for the better.

Our core team has expanded. We've put out 142 releases of Review Board alone (that's over 14 a year!), built a Review Board SaaS (RBCommons), added new enterprise-level features through Power Pack, and established support contracts with companies to help them through the good times and bad.

There are many code review tools on the market these days, and we're so glad to see that most developers no longer have to live in the dark ages of e-mailing diffs and projecting code up on walls. Throughout it all, Review Board has remained a strong, powerful, and beloved tool for so many, and we couldn't be happier.

Our users have been truly great. One company 3D printed Sparkly and Fish Trophies for us. Someone once wrote a poem for us ("Ode to Review Board"). We've been invited to give talks at big tech companies. We've mentored over 100 students as part of UCOSP and Open Academy, using Review Board development to help them prepare for their careers as software engineers.

3D Fish Trophy!

It's been an amazing ride, and we're nowhere close to done.

Where we're going

We have several very exciting features in the works to bring your code quality to a new level. Our focus right now is on Review Board 3.0, which is bringing:

  • A new and improved (but still familiar!) review experience
  • Support for integrating with third-party services (like Slack, Asana, and more), allowing for as many distinct integration configurations as you need
  • Built-in support for showing and handling feedback from automated code review services
  • Improved search results and on-the-fly indexing, with support for Elasticsearch
  • OAuth2 provider support
  • Custom avatar services
  • And much, much, much more

Automated Review

It's going to be a fantastic release. RBCommons users will get to see some of this soon!

In parallel, we've also been working on features for Review Board 4.0. The big highlight (and the feature being worked on now) is DVCS support, featuring some really useful takes on multi-commit review. We have some other great features planned, but aren't ready to announce them yet.

We've had an amazing 10 years, watching our little experiment grow and make a difference to customers around the world. We can't wait to see what the next 10 years have in store.

Happy birthday, Review Board!

New Django Security Releases

Django released a new set of security releases today, designed to fix a vulnerability in the cookie parsing code when combined with usage of Google Analytics that could allow an attacker to bypass CSRF protection. (See their announcement for more details.)

We maintain security-hardened builds of Django 1.6.x, the version series we use for Review Board 2.0 through 2.5. We have put out a Django 1.6.11.4 release containing these security fixes.

To upgrade to this release, run:

$ pip install -U https://downloads.reviewboard.org/releases/Django/1.6/Django-1.6.11.4.tar.gz

Or:

$ easy_install -U https://downloads.reviewboard.org/releases/Django/1.6/Django-1.6.11.4.tar.gz

This particular vulnerability is unlikely to affect most of our users (at least as documented in Django's release notes), but we still recommend upgrading, to be safe.

You can always keep up on the latest Review Board security announcements by subscribing to Official Announcements mailing list.