Today's release of Review Bot, our automated code review extension for Review Board, introduces a few new features and fixes several compatibility issues and other bugs. Most of these wouldn't have happened without our wonderful community of contributors and early adopters. Thank you!

Let's look at the highlights.

Full-Repository Review for Mercurial

Some tools (such as the Clang Static Analyzer) need a full checkout of the repository in order to perform a full review. These now work with Mercurial repositories in addition to Git.

Cppcheck Language Selection

Cppcheck can now be forced to check source files as either C or C++ code. This is helpful for codebases that treat .h files as C++. By default, it will continue to auto-detect the file type based on the extension.

Compatibility Fixes

Review Bot now authenticates properly with Review Board 3.0.8.

Dependency conflicts involving pyflakes, pycodestyle, or flake8 when installing the Review Bot Worker have been resolved. Not everyone hit these, but it was common on newer installs due to changes in newer versions of these packages.

And More

We've smoothed out communication between the Review Bot extension and worker services, added better error handling when saving a configuration form without all required data, removed unwanted temporary files, and fixed error reporting in flake8 and cpplint.

For the full list of changes, see the release notes.

Today’s release of RBTools fixes some of the most common issues experienced in the recent 1.0 release:

Improved Windows compatibility

This release fixes some regressions on Windows, namely a crash when prompting for a password for Review Board.

If you're continuing to hit problems on Windows, please let us know in our community support tracker so we can collect additional information on your setup.

Fixes for Empty Diff errors on Git

While RBTools 1.0 greatly improved how diffs were generated for Git repositories under many scenarios, it broke one important workflow.

Posting a branch for review after pushing that branch upstream no longer results in errors about empty diffs when a tracking branch is configured. Instead, the tracking branch is once again respected, allowing your topic branch to be posted for review in full.

See the release notes for the full list of changes.

Today's release of Review Board 3.0.8 features a few small bug fixes:

• Invisible search filters in the search results
• Crashes in the API when working with automated code review
• Deleting draft replies prematurely when deleting the reply to a review header
• Compatibility problems using Subvertpy and HTTPS-backed repositories

(See the release notes for the full list of changes.)

The big announcement today, though, is a new companion to Review Board that we'd like to introduce you to.

Meet RB Gateway

RB Gateway is a microservice used by Review Board that's built to address shortcomings in Git and Mercurial's APIs. Git, in particular, is quite limited. It doesn't provide fine-grained access to the contents of repositories, meaning that tools like Review Board typically have to depend on specific hosting services (like GitHub Enterprise or GitLab) or hacks to work.

When using RB Gateway, Review Board can access your self-hosted repositories in new ways, enabling users to browse for commits, close review requests when a commit is pushed, and more cleanly managing your repositories. It works just like other hosting services, but is simple to set up and configure on all major platforms.

This means no more GitWeb, cgit, or hgweb hacks! Just install RB Gateway, point it to your repositories, and tell Review Board about them. You're done.

RB Gateway can be installed on Linux, macOS, or Windows. Installation is easy, and we have instructions to help you get started.

For the best experience, we recommend Review Board 3.0.8 with RB Gateway. Older 2.5.x and 3.0.x releases support it, but are limited in functionality and only support Git.

RBTools has been an important part of the life of Review Board users for many years. While it started off as a single tool for posting review requests, its feature set has evolved with time, turning into an extensible set of tools and APIs for talking to Review Board.

Today, we're finally pulling RBTools out of the 0.x era with the release of RBTools 1.0.

Compatible with Python 3

Both the RBTools commands and the Python API now support Python 2.7 and 3.5+.

(Please let us know if you hit any issues on Python 3, as this is still pretty new.)

Better Repository Detection and Git Support

RBTools now does a better job determining which repository it's working with, in case there's confusion. For example, a Mercurial repository nested in a Git-managed home directory will no longer cause problems.

Git repositories in particular are now easier to work with. When generating a diff, RBTools now looks for the nearest upstream parent commit or branch, instead of requiring that users or repositories configure a specific tracking branch.

Publish Automated Reviews

Writing your own automated review solutions for Review Board 3.0 or RBCommons just became easier through the new rbt status-update command. Your scripts can use it to file a pending status update on a review request (showing that checks are being performed) and then update it to say that all is well or to report issues that need to be fixed.

This is useful for in-house continuous integration setups where you're analyzing code for errors, style issues, documentation, or any other requirements you might have.

Easily Land Complex Dependent Changes

rbt land can now land multiple review requests tied together using the Depends On field.

This works with -r to take the ID of the review request you want to land. It will figure out which review requests must land before it and in which order. For example, if review request 3 depends on 2, which depends on 1, you can run:

$ rbt land --recursive -r 3

Instead of:

$ rbt land -r 1
$ rbt land -r 2
$ rbt land -r 3

This is a precursor to the new DVCS support coming soon in Review Board 4.0.

And That's Not All

• rbt setup-completion was added to enable auto-completion of RBTools commands and arguments in Bash and ZSH shells.

• rbt alias was added to help you list and test out your custom aliases.

• rbt post --submit-as can now automate posting review request updates, and not just new review requests, on a user's behalf.

• rbt post -m and rbt publish -m let you specify a custom description of your draft's changes when publishing (equivalent to filling out the "Describe your changes" box when publishing in the browser).

• rbt post --trivial-publish and rbt publish --trivial let you publish trivial updates to a review request without sending out e-mails to everyone (when using Review Board 3.0 or RBCommons).

• rbt status now lists the review state and local branch for each review request you have up for review.

• Warnings and errors in command output is now specially highlighted to help it stand out.

• Several fixes and improvements for Git and Subversion compatibility.

• The API has been improved, supporting extra_data fields and easier pagination of resources.

And plenty of other fixes and improvements. See the release notes for the full list of changes in 1.0.

Download It Today!

RBTools is out today for Windows, Linux, and Mac. Head on over to the downloads page for installation instructions.

Privacy has been a big topic in the tech world over the past few months, with the news surrounding Facebook and Cambridge Analytica, the deadline for the GDPR, and all those Privacy Policy e-mails we've all be getting/sending out. We've written about this recently.

Today's release of Review Board 3.0.7 is focused on enhancing privacy options and protection in Review Board, improving defaults and adding optional GDPR-compliant privacy settings for servers. There's also the usual assortment of bug fixes.

Better Private Profiles

7 years ago, we introduced Private Profiles in Review Board. When enabled by a user, their full name and e-mail address would be hidden in the API when accessed by other users. In this release, we've expanded the protections of Private Profiles:

• Enabling Private Profiles now hides full names and e-mail addresses throughout the UI and API
• Private Profile behavior is always on when viewed by anonymous users (keeping information from public servers off of search engines)

Users can enable Private Profiles through the My Account -> Profile page.

User Consent and Privacy Rights

Some features making use of personal information now require consent before that information can be used. This is managed in the My Account -> My Privacy Rights page, and decisions on consent can be changed at any point. If configured, users will also be prompted for acceptance of a Privacy Policy and Terms and Conditions on this same page.

By default, Review Board only requests consent for Gravatars, but extensions can register their own features requiring consent. We'll be providing guides on incorporating this soon.

Review Board administrators can enable this support for consent, acceptance of Privacy Policies and Terms of Services through the new...

GDPR-Compliant Privacy Settings

These new privacy settings can be changed in Admin UI -> User Privacy Settings:

• Terms of service URL and Privacy policy URL can be set to the URLs of the server's respective URLs.

  When either of these are set, users will be prompted to view and approve the terms before they can use the server next, or when registering a new account.

• Privacy information is a text field for providing privacy details specific to your server or organization.

  This will be shown to users in the My Account page or when prompted for terms or consent. It accepts HTML, letting you provide links to important information in your network.

• Require consent for usage of personal information enables GDPR-compliant consent checks for features.

  Which enables the new consent management seen above.

Bug Fixes Aplenty For

• A handful of crashes when bad data is fed into the URLs for the dashboard and internal diff viewer URLs (usually caused by search bots)
• Some more crashes when avatars aren't available when configuring users in review groups
• Regressions when configuring bug trackers
• Communication problems with newer versions of Gerrit
• Bad error messages when failing to find files on local Git repositories

See the release notes for the complete list of changes.

Today's release of Power Pack 2.0.1 is a small bug fix and maintenance release.

Licensing Fixes

The primary fix addresses various access issues with repositories hosted on Bitbucket Server and Visual Studio Team Services when transitioning license states (such as from a valid trial license to an expired one), which can cause future problems for users who need to use these repositories.

Python Compatibility

We've also dropped support for Python 2.6, allowing us to focus on bringing Python 3.x support to both Power Pack and Review Board in future releases. Python 2.6 hasn't been maintained in years, and support was recently dropped in Review Board 3.0. The last release to support Python 2.6 is Power Pack 2.0.

If you're still on Python 2.6, we can help you upgrade.

Update Today

Power Pack 2.0.1 is recommended for all Power Pack users, particularly those using Bitbucket Server and Visual Studio Team Services. Power Pack 2.0.1 supports Review Board 2.5 and up on Python 2.7.

To upgrade, or to install for the first time, see the installation instructions.

Learn more about Power Pack 2.0.

Today's release of Review Board 3.0.6 fixes a handful of small issues throughout the product, from better source code management compatibility to more polished UI interactions.

Better E-Mails

• Using rbt post --submit-as and then publishing the review request once again sends out e-mails on behalf of the owner of the review request instead of the logged-in user.
• Links to comments in e-mails resolve correctly.

Compatibility Improvements

• Fixed problems fetching some files using GitLab API version 4, depending on how the diff was uploaded.
• Fixed timezone-related problems looking up or posting Bazaar changes and browsing Mercurial commits.

Fixes for UI Regressions

• The Description/Testing Done text fields once again grow to fit when adding lines and shrink when removing them.
• Revoking a Ship It now immediately crosses out the "Ship It" text on a review.

For the full list of changes, see the release notes.

I know what you're thinking. "Another Review Board release? Didn't we just have one this week?"

We did, and it was pretty great, but not perfect. A regression with repository configuration slipped in and broke things, and we didn't want you to wait any longer for a fix.

We've also been busy fixing other bugs this week, and felt it was as good a time as any to get those into your hands. So here they are.

Fixes for repository settings

Some bad logic broke repository configuration, causing options to show up that shouldn't and others to not show up when they should. It was confusing, both for administrators and for Review Board when trying to sort out what was set.

Bitbucket Server was showing up as a hosting service option twice if Power Pack was enabled. It was pretty excited to even be considered.

Fixes for search settings

Trying to enable Elasticsearch support without having the right module installed was causing a not-so-friendly error. Now it causes a very friendly error, telling you exactly to do to install compatible Elasticsearch support.

It should also help clear up the confusion around versions. We require Elasticsearch 2.x (5.x or higher won't work) because the search framework we use is capped at that. That's... not ideal, and we're considering options here.

Fixes for API token policies

Crafting a custom API token policy and hitting Save now properly switches the displayed policy type to "Custom" instead of "Full Access."

While a reload would have fixed that, that was pretty misleading, and led to more problems than it solved (which was none — no problems were solved by that bug).

Fixes for some other things

• The field used to select available avatar backends should no longer appear blank at times
• Using the submit-as option when posting review requests no longer shows (harmless but annoying) errors when Active Directory is enabled
• Logging extension media installation errors no longer triggers its own errors

As always, see the release notes for the full list of changes.

Today's Review Board release is full of new features, integrations, and improved hosting service support. Let's dive right in.

Link to your Asana and Trello tasks

You can now enable Asana and Trello integrations, adding new fields to your review request for linking up any Asana and Trello tasks your review request relates to.

This works similarly to the Bugs field right now, and opens the doors for tighter integration later.

Post updates to Mattermost and I Done This

Review Board can now post updates about review requests and reviews to Mattermost channels, keeping your team up-to-date. This brings all the benefits that Slack users enjoy, while keeping all updates within your own network.

Updates can also be posted to I Done This, which helps team members build up daily and weekly status reports as they work.

Review code stored on Gerrit

If your company uses Gerrit for hosting, but teams want the code review benefits of Review Board, we have you covered. Review Board can now link up to your Git repositories hosted on Gerrit, letting you post changes for review the same way you would on other services.

This does require the use of a special plugin to enhance Gerrit's API, so see the installation instructions to get started.

Better compatibility with GitLab

We've rewritten our GitLab support to take advantage of the benefits of their latest API. Nested groups and large numbers of repositories are now supported, and edge cases have been addressed. Overall, your GitLab experience should be better now and going forward.

Supporting self-signed SSL certs

If you're using a self-hosted service like GitLab, GitHub Enterprise, Bitbucket Server, or Gerrit, you can now use self-signed SSL certificates without workarounds. You'll be prompted to confirm the certificate when adding the repository, and then you're set.

And lots more

• Custom file-based filters in the diff viewer
• A command for creating new extensions
• New extension template hook points for the review request box
• Many bug fixes, logging additions, and compatibility improvements

For the full list of changes, see the release notes

Django released a new set of security releases that protect against swamping a server when passing certain strings to a few different functions used for building URLs and truncating content. See their announcement for the details on the fixes.

We maintain security-hardened builds of Django 1.6.x, the version series we use for Review Board 2.0 through 3.0. We've put out a new Django 1.6.11.7 release that contains these fixes.

To upgrade to this release, run:

$ pip install -U https://downloads.reviewboard.org/releases/Django/1.6/Django-1.6.11.7.tar.gz

Or:

$ easy_install -U http://downloads.reviewboard.org/releases/Django/1.6/Django-1.6.11.7.tar.gz

You can always keep up on the latest Review Board security announcements by subscribing to our Official Announcements mailing list, joining our Subreddit, or following us on Twitter.