The next generation of Review Board has arrived! Well, the beta, anyway.

Review Board 3.0 is being built to take the code review experience further, integrating with other tools and services you use (such as Slack), adding support for automated code reviews, and introducing new features to better craft quality reviews.

Let's dive into some of the features in Review Board 3.0 beta 1.

Third-Party Integrations (Hi Slack!)

Review Board 3.0 supports a new integrations model, allowing administrators to connect Review Board to other third-party tools and services. Integrations can have multiple configurations governed by rules, allowing you to, for instance, post changes/discussion from different groups to different Slack channels, or sending code changes on different repositories to different Continuous Integration services.

Beta 1 ships with Slack support! You can make as many Slack configurations as you like to help follow updates and discussions on your review request without having to check e-mail.

We're working on adding integrations for HipChat, Asana, Travis CI, iDoneThis, and more for future releases.

Automated Code Review and Status Updates

Beta 1 introduces a new API for attaching status updates on a review request. These can be used to indicate whether there are automated checks in progress (builds, lintian checks, etc.), if they've succeeded, or if they've failed (along with a review opening issues for each of the failures). This helps take the load off of users, letting automated tools do more of the work.

Third-party services, extensions, or in-house scripts can use this API today. We'll be releasing updates to RBTools in the future to help record status updates from shell scripts.

We're also working toward an official release of Review Bot, an automated code review tool for Review Board that makes use of various command line lintian tools to help check your code for problems and report them through the new API.

Improvements for Reviewers

General Comments

Beta 1 introduces General Comments, which are not tied to any file or line of code. You can file a General Comment about anything: Missing files, feedback about the review request's description, requests for screenshots, or anything else. Like other comments, these can open issues, ensuring your comment is resolved. General Comments can be added by clicking "Add Comment" on the review request or in the review dialog.

Better File Attachment Navigation

When working your way through a large number of file attachments, it's annoying to have to go back to the review request each time to click the next thumbnail. Instead, the file attachment pages now have navigation buttons to the previous or next file attachment.

Uploaded Images in Comments

Ever review a UI or artwork change and want to show how you would do it? You can now drag-and-drop images right into the text field (if using Markdown). They'll upload to Review Board and become available in your comment.

This also works for other text fields, such as the review request description or in replies to reviews.

High-DPI Image Review

Working with High-DPI images, like @2x or @3x images? Review Board will now scale the image down during review, instead of presenting you with a gigantic image to look at. You can also change the zoom level for any image file, helping you see as much or as little as you want at once.

It also does a better job of showing other large images, giving you a scrollable area to look at instead of overflowing the page.

And So Much More!

• Elasticsearch is now available as a search backend.
• Users can upload their own avatars, instead of using Gravatars, and extensions can provide custom avatar backends.
• Optional desktop notifications when there's new activity on any review requests you have opened in your browser.
• Ownership of a review request can be re-assigned to another user.
• The content of deleted files can now be viewed in the diff viewer.
• User infoboxes (shown when hovering over a username) are cleaner and can be enhanced by extensions.
• Pasting a review request URL in services like Slack now shows detailed information on the review request, including any uploaded screenshots.
• Numerous enhancements for our API and extension capabilities.

That's still not everything. You can read through the complete list of changes in the release notes.

Installing 3.0 Beta 1

Want to give beta 1 a try? Great! You can install it by running:

$ sudo pip install \
    --trusted-host downloads.reviewboard.org \
    -f http://downloads.reviewboard.org/releases/Djblets/0.10/ \
    -f http://downloads.reviewboard.org/releases/ReviewBoard/3.0/ \
    -f http://downloads.reviewboard.org/releases/rbintegrations/0.5/ \
    --pre -U ReviewBoard

Or:

$ sudo easy_install \
    -f http://downloads.reviewboard.org/releases/Djblets/0.10/ \
    -f http://downloads.reviewboard.org/releases/ReviewBoard/3.0/ \
    -f http://downloads.reviewboard.org/releases/rbintegrations/0.5/ \
    -U ReviewBoard

Make sure you're deploying on a test server with a copy of your database in case anything goes wrong! You can't downgrade.

What's Next?

We're already working hard on features for Beta 2, including:

• A new review experience, helping first-time users and making the review process smoother and more informative.
• Some clever improvements to navigation in the diff viewer.
• OAuth2 support, letting other services talk to Review Board on your behalf, safely.
• Private review requests.
• On-the-fly search indexing.
• Many more integrations.

If you try Review Board 3.0 beta 1 and have any feedback, please reach out to us on the community support forum or our bug tracker.

Power Pack 1.4.3 is out, with several important fixes and compatibility improvements for Microsoft Team Foundation Server, Visual Studio Team Services, PDF document review, Review Board compatibility, and more.

Visual Studio Team Services and Team Foundation Server

We've added new support for using Git repositories hosted on Visual Studio Team Services, for those of you who are moving off of TFS repositories or using Git alongside those repositories.

Using Team Foundation Services in your network? We've fixed some bugs with post-commit review (selecting an existing commit to put up for review), improved error information when authentication fails, and fixed *.snp files being mistakenly reported as binary files.

Better PDF Document Review

PDF document review received a handful of fixes for PDF compatibility. Along with this, we've fixed some CORS (Cross Resource Origin Sharing) errors when hosting uploaded PDFs on a CDN when Review Board is in debug mode, and fixed the display of commented regions from a PDF in e-mails.

Licenses and Review Board Compatibility

User license management has received fixes as well. If a user previously added to your license is deleted from the database, it will no longer take up a seat in your license. If you have any stale deleted users in your license from before, you can now remove them without problems.

And finally, we've added compatibility for the in-development Review Board 3.0 release. Speaking of that, expect a beta very soon!

See the release notes for the full list of changes.

Ready to upgrade?

Just run:

$ pip install -U ReviewBoardPowerPack

Or:

$ easy_install -U ReviewBoardPowerPack

Restart your web server to complete the upgrade.

We have two new Review Board releases for you today, containing some large bug fixes and a couple new features.

Last week, we released Review Board 2.0.26 and 2.5.8, which had quite a number of important bug fixes for the product. Unfortunately, some of those fixes regressed other features, and we didn't want to go too long without fixing those. Specifically, we broke support for API tokens and we unintentionally altered the ordering of comments in drafts from the API.

These releases fix both of these problems, along with a handful of other bugs we've fixed during the week:

• Text selection in the diff viewer once again works properly on Firefox.
• We've worked around a bug in Python's logging.exception() (fixed in Python 2.7.6) that resulted in crashes for users on older systems.
• Extensions adding forms to the My Account page will no longer have problems setting the forms as invisible.
• Bumped up our minimum required version of pytz, to fix compatibility issues on older systems.

Along with this, Review Board 2.5.9 adds a few new features:

• Mercurial users can now browse and post existing commits in the New Review Request page (requires Mercurial 3.9 or higher).
• Extension authors are now given the old status of a review request that's been reopened in the review_request_reopened signal.
• API users can now view and query for inactive (disabled) users.

See the release notes for the full details and installation instructions:

• 2.5.9 release notes
• 2.0.27 release notes

We have two new Review Board releases for you today, full of bug fixes, new features, and a security fix.

An Important Security Fix

Both the 2.0.x and 2.5.x series had a bug in one of our APIs that could overload a server. We weren't properly limiting the amount of data being fetched and serialized in one case.

While this doesn't result in any form of access to the system or leaked information from the database, it can cause crashes on the server. We recommend that everyone upgrades to 2.0.26 or 2.5.8 to prevent this problem.

Some New Features

Review Board 2.5.8 introduces a number of improvements for repository configuration:

• We've made it easier to get started and resolve problems with Bitbucket repositories.
• Self-hosted Gitorious servers are now supported.
• Bug trackers on Codebase are now supported.
• It's easier to set up repositories hosted on GitLab.com.

We've also made a few other improvements across the product:

• E-mail addresses are accepted as usernames in the API. These were already accepted in the web UI.
• Extensions can add content to review e-mails.
• The "New Updates" dashboard column is now available on the All Review Requests page.

Lots of Bug Fixes

Both 2.0.26 and 2.5.8 contain many bug fixes for repository compatibility, the API, administrative settings, usability, and more.

The full details, plus installation/upgrade instructions, can be found in the release notes:

• 2.0.26 release notes
• 2.5.8 release notes

Earlier this week, we released RBTools 0.7.8 with some great improvements to the macOS and Windows installers. Unfortunately, the macOS installer build was built in the wrong environment, leading to incorrect paths and a failing rbt.

The new 0.7.9 release contains a fix to the installer generation process to prevent this from happening again. We've rebuilt and carefully checked the new installer build, and it should be good to go.

If you tried upgrading to the 0.7.8 installer using macOS and had trouble, please give 0.7.9 a try. You can get it from the downloads page. If you installed on Linux or Windows, you don't need to worry about this release.

Note that you might also find a /Users/chipx86 directory on your filesystem from the bad installer. This is an artifact of the broken build. You can safely remove it.

See the release notes for more details.

We have a new RBTools release for you today, with some major improvements to the macOS/Windows installers and a few bug fixes and feature improvements.

Let's break it down.

A non-broken macOS installer

We fixed a problem that many of you have reported to us, where one of the dependencies (tqdm) could show up missing, breaking RBTools. We've fixed this and made sure it can't happen again.

We've also improved the installer for modern versions of macOS. For compatibility reasons, we install RBTools for both Python 2.6 and 2.7, and the way we installed it used to favor Python 2.6 for the actual rbt binary. Now, the preferred Python version for your system is now used, helping with various compatibility problems that have been reported.

A more modern Python on Windows

We've updated Python on our Windows RBTools installer. We now ship Python 2.7.13, which has a number of improvements over the older 2.7.6 release. If you've had issues with SSL certificate verification before, this should help address those problems.

A few other improvements

Such as:

• rbt setup-repo now sets the REPOSITORY_TYPE setting for your repository in .reviewboardrc, speeding up posting changes for review.
• rbt patch --print can now be run outside of a source tree.
• Some various crashes involving Unicode characters on the command line and in Team Foundation Server diffs.

For the complete list, see the release notes.

To upgrade RBTools, visit the downloads page.

We've just put out an all-new release of RBTools. Version 0.7.7 features compatibility fixes for various types of repositories, better support for TFS, and some new features to help with common usage and automation.

You can see the release notes for the full list of changes. We'll go over the highlights here.

Compatibility/bug fixes

In this release, we've aimed to fix a handful of compatibility problems that have been reported to us. Thanks to all the contributors who sent patches!

• RBTools is once again compatible with Mercurial 2.x. This regressed in 0.7.6.
• Some error displays are fixed when using the version of Python shipped with macOS 10.11.
• Perforce gained the ability to post against null client roots, and fixed posting ranges of submitted changelists.
• Repository lookups utilizing mirror paths or Subversion UUIDs now work once again. These regressed in 0.7.6.
• rbt post for Git now supports --exclude-patterns when using git-svn or git-p4.
• rbt land no longer crashes if it can't determine the approval state on a review request.

Improved Team Foundation Server support

The old TFS support was a bit slow, due to the way we had to interact with the Team Foundation Server command line tools. It also presented compatibility problems, as different versions of Visual Studio shipped different, incompatible versions of these tools.

We've now introduced new support that doesn't depend on their tools and is optimized for our use cases. This means better compatibility everywhere, faster posting, and new features.

To start with, we're adding the ability to post shelved changesets! You can do this by simply running:

rbt post <shelveset-name>

To begin using RBTools 0.7.7 with TFS, you will need to install our new TFS adapter by typing:

rbt install tfs

New features

We've added the ability to specify a destination tracking branch for rbt land. To choose something other than the default (say, origin/master on Git), you can now specify:

rbt land --tracking-branch <branch-name>

Want to set some some data for custom extension-provided fields on your review request when posting a new change? You're in luck! We've added a --field NAME=VALUE option to rbt post that does exactly this:

rbt post --field my_custom_field="Some value"

You'll need to use the name of the field that was registered by the extension. If this extension was written in-house, ask your administrator to give you the field IDs.

If you find yourself needing to pass --svn-prompt-password all the time for your Subversion setup, you can set SVN_PROMPT_PASSWORD in your project's or user's .reviewboardrc instead. Just set this and you'll never have to type it again:

SVN_PROMPT_PASSWORD = True

What's coming next

We're working toward a RBTools 1.0 release, which will feature enhanced support for Mercurial, new automation commands for use in the upcoming Review Board 3.0, easier setup and installation, and better display of progress when posting changes.

We're also hard at work on a rewrite of our documentation, with the aim of providing more practical, detailed setup and usage guides for RBTools. These will begin to land over the next month.

If you have any bug reports or feature requests for either RBTools or the documentation, we'd love to hear them! You can file a bug or reach out to us on our reviewboard-dev discussion list.

Earlier today, Django released a new set of security releases that address issues when running unit tests against Oracle databases and when running a Django-based application when setting DEBUG = True and ALLOWED_HOSTS = [] in a server's settings file.

Review Board should not be impacted by the Oracle issue (which would not occur in production), and we don't recommend running with DEBUG = True (plus, new sites created with Review Board 2.0+ will have a safe default for ALLOWED_HOSTS, keeping you safe). Still, we recommend that you always update to the latest Django 1.6.11.x security release anyway.

We maintain security-hardened builds of Django 1.6.x, the version series we use for Review Board 2.0 through 2.5. We've put out a new Django 1.6.11.5 release that contains these two fixes.

To upgrade to this release, run:

$ pip install -U https://downloads.reviewboard.org/releases/Django/1.6/Django-1.6.11.5.tar.gz

Or:

$ easy_install -U https://downloads.reviewboard.org/releases/Django/1.6/Django-1.6.11.5.tar.gz

We then recommend that you visit your Administration -> Security Checklist page to ensure that your ALLOWED_HOSTS and other security settings are correct.

You can always keep up on the latest Review Board security announcements by subscribing to our Official Announcements mailing list.

We have a couple of new Review Board releases for you today, including the biggest 2.5.x release yet.

Review Board 2.5.7 brings new administrative features, improvements to e-mail sending (including DMARC compatibility) and content, extension unit testing, usability enhancements, and over 40 bug fixes.

Review Board 2.0.25 brings many of those same bug fixes, along with the new extension unit testing support, for users who have not yet upgraded to 2.5.

Let's take a look at some of the major new changes in these releases.

More reliable e-mail

• E-mail has been evolving in recent years, with new starts forming to help combat spam and fraudulent e-mails. Some of these standards, like the Sender Policy Framework and DMARC, can prevent Review Board from reliably sending e-mail on behalf of users.

  In Review Board 2.5.7, we've added compatibility with these standards, ensuring that all Review Board e-mails will safely reach their destination.

• We've also added a handy new link in the Review Request Updated e-mails in Review Board 2.5.7 for showing the changes made since the previous diff. That's one less click to view an interdiff.

Easier administration

Review Board 2.5.7 adds a few new features to help administer users and settings on your install:

• It's now easier to manage users belonging to review groups, default reviewer rules, repository access lists, and other places in the administration UI. We've introduced a new widget for managing lists of users, which scales well and simplifies locating and adding new users.

• You can now safely grant users fine-grained access to the administration UI without giving them access to global Review Board settings. Simply set them as a "staff" user instead of "superuser."

Both 2.5.7 and 2.0.25 have made it easier to work with repository credentials and authentication servers:

• Hosting service credentials for repositories can now be edited simply by clicking "Edit Credentials" by the desired account on the repository page. This should make things a lot easier in the event of a password or token change on a service.

• Authentication forms for LDAP, Active Directory, and more have been organized, making it a lot easier to get going for the first time.

Extension unit testing

When writing extensions for your server, you want to make sure you can catch any breakages or changes in functionality when preparing to upgrade to the next version of Review Board. We've made it easy to write and run unit tests for your extension, using the new rbext command. Now you can make sure your extension works as expected before doing your next big server upgrade.

Lots of bug fixes

We've fixed quite a lot of bugs in these releases. We have fixes for CVS, Bitbucket, GitLab, webhooks, the API, e-mail contents, file attachment display and review, Power Pack compatibility, post-commit review, custom Markdown text fields, dashboard columns, and much more.

You can see the 2.0.25 and 2.5.7 release notes for the whole list of changes, along with upgrade instructions.

10 years ago, David Trowbridge and I (Christian Hammond) began talking about the problems and annoyances with code review, and how it could be better. Code review at the time was (usually) a very tedious process where you'd e-mail diff files around and reply to them, and while there were a couple of tools on the market, they were expensive and cumbersome.

So on September 27, 2006, ten years ago today, we landed our first commit.

r1 | chipx86 | 2006-09-27 00:25:53 -0700 (Wed, 27 Sep 2006) | 2 lines

    Add the reviewboard.

Where we were back then

Back in 2006, there was no GitHub or Bitbucket. Git was just around a year old. Subversion and Google Code were the tools choice of most open source projects. Many companies performed code reviews on whiteboards or projectors.

And people still e-mailed diffs around.

We just knew things could be better, so we began writing Review Board. We didn't know if it'd be a short-lived toy project, our new excuse for staying up all night coding, or if it could truly be more. It started off as just an experiment in improving how code review could be made better, could evolve, to make lives easier for developers.

The experiment was a success.

(We've come a long way since.)

Where we are today

Fast forward 10 years (!) and we have a product that we're proud to call our day job, a product that thousands of companies depend on every day. Hundreds of thousands of developers.

Over the years we've learned what works and what doesn't. We've greatly enhanced our code review capabilities, added support for many more types of code hosting services, wrote a powerful and comprehensive extension infrastructure and API, and helped change the world of code review for the better.

Our core team has expanded. We've put out 142 releases of Review Board alone (that's over 14 a year!), built a Review Board SaaS (RBCommons), added new enterprise-level features through Power Pack, and established support contracts with companies to help them through the good times and bad.

There are many code review tools on the market these days, and we're so glad to see that most developers no longer have to live in the dark ages of e-mailing diffs and projecting code up on walls. Throughout it all, Review Board has remained a strong, powerful, and beloved tool for so many, and we couldn't be happier.

Our users have been truly great. One company 3D printed Sparkly and Fish Trophies for us. Someone once wrote a poem for us ("Ode to Review Board"). We've been invited to give talks at big tech companies. We've mentored over 100 students as part of UCOSP and Open Academy, using Review Board development to help them prepare for their careers as software engineers.

It's been an amazing ride, and we're nowhere close to done.

Where we're going

We have several very exciting features in the works to bring your code quality to a new level. Our focus right now is on Review Board 3.0, which is bringing:

• A new and improved (but still familiar!) review experience
• Support for integrating with third-party services (like Slack, Asana, and more), allowing for as many distinct integration configurations as you need
• Built-in support for showing and handling feedback from automated code review services
• Improved search results and on-the-fly indexing, with support for Elasticsearch
• OAuth2 provider support
• Custom avatar services
• And much, much, much more

It's going to be a fantastic release. RBCommons users will get to see some of this soon!

In parallel, we've also been working on features for Review Board 4.0. The big highlight (and the feature being worked on now) is DVCS support, featuring some really useful takes on multi-commit review. We have some other great features planned, but aren't ready to announce them yet.

We've had an amazing 10 years, watching our little experiment grow and make a difference to customers around the world. We can't wait to see what the next 10 years have in store.

Happy birthday, Review Board!