Review Board 7 is coming soon. To get ready, we're putting out a series of releases that you can upgrade to today, starting with Power Pack 5.2.3.

What is Power Pack?

Power Pack is licensed add-on for Review Board, offering:

• PDF document review and diffing, allowing you to review documents, schematics, designs, contracts, and code all in one place.
• Report generation, giving you insight into code review practices in your organization.
• Advanced server management for scalability, database management, and splitting/merging installs
• Support for enterprise source code management systems, including AWS CodeCommit, Azure DevOps/TFS, Bitbucket Server, Cliosoft SOS, GitHub Enterprise, HCL VersionVault, and IBM Rational ClearCase.

You can try Power Pack free for 60 days or purchase a license for your server.

What's New in Power Pack 5.2.3

Power Pack 5.2.3 now supports Review Board 3 through 7, and makes the following improvements:

• When paid licenses expire, they'll convert to a free perpetual 2-user license.
• Installation issues with certain combinations of boto3, urllib3, and requests package dependencies have been fixed.
• Fixed an issue with draft comment visibility on PDFs.

For the complete list of changes and installation instructions, see the release notes.

We’ve launched a new installer for Review Board, with support for over 50 different system environments.

With a single command, you can be up and running in minutes, on nearly any Linux system, providing a virtually hassle-free experience, whether you’re installing Review Board for the first time or moving your install to a new server.

Using the new installer

It’s as simple as running the following as root:

$ curl https://install.reviewboard.org | python3

Or, if you prefer not to use curl and have pipx installed:

$ pipx run rbinstall

The installer will check your system for the latest compatible release of Review Board. From there, you can get an overview of the commands the installer will run, and then run them.

The installer also sets up:

• Automated code review with Review Bot, which can automatically review code using a wide variety of code checking tools, saving your engineers time during review and catching important issues quickly.

• A free 2-user tier of Power Pack, providing:

  Document Review, to help review your documentation, mockups, schematics, and designs alongside your code.

  Reports/Analytics, to gain a better understanding of how well your teams are using code review to improve your products.

  Additional repository support, letting you integrate with Azure DevOps, GitHub Enterprise, ClearCase, Cliosoft SOS, and other solutions you may depend on.

Automated/Unattended installs

The installer was built with automation in mind. You can set up entire fleets by running a single command:

$ curl https://install.reviewboard.org | python3 - --noinput

Or, with pipx:

$ pipx run rbinstall --noinput

To learn more, see the Unattended Installs documentation.

Docker is another great option

If you’re looking to simplify maintenance even further, we have official Docker images available.

This is a simple option for spinning up new Review Board servers for deployment or testing, complete with Review Bot and Power Pack. No manual installation required, and kept up-to-date as we release new versions.

Fully supported

Support for the installer, Docker images, and your whole deployment are included with a Review Board support contract.

This comes with 24/7 coverage for any emergencies or assistance you need, keeping you protected and ensuring you’re never on your own when things go wrong. We’re here for any questions you have, any problems you encounter, and any guidance you need.

If your server is currently unprotected, contact us about a support contract to take care of that today.

Learn more

See our guide to the Review Board Installer to learn how to run the installer, automate installation, and prepare older Linux distributions for installation. It’ll help ensure a seamless install the next time you’re setting up Review Board.

Have any questions or feedback about the installer? We’d love to hear from you! Contact us at questions@beanbaginc.com.

Today's releases fix an important security vulnerability we've found in-house, and improve stability overall in Review Board 6.

API Security Fix

We discovered a security issue with two of our APIs while performing an in-house performance audit of our code. This allows a user with legitimate access to a Review Board server to craft a specific API request that returns diff content they wouldn't normally have permission to access (draft diffs or published diffs associated with a private repository or invite-only review group).

Users cannot exploit this bug without legitimate access to the Review Board server (or the Local Site server partition, if used).

We aren't aware of this vulnerability being used in the wild. It requires making use of an optional header when accessing these APIs, plus knowledge of internal database APIs for published diffs.

As part of fixing this security issue, we've done the following:

1. We sent patches (and custom builds as needed) to our customers with Premium Support contracts.
2. We audited the remainder of our APIs. This type of issue was not found anywhere else.
3. We improved our testing infrastructure so that this type of issue would be found automatically going forward.

We recommend that everyone upgrade to the appropriate release of Review Board.

Review Board 6 Stability

We've addressed a few regressions introduced in Review Board 6.0:

• Manually uploading diffs (either to new or existing review requests) should now work on all types of repositories.
• Batch publishing will now work when using Local Site server partitions.
• Empty reviews will no longer be posted if creating a review, leaving comments, and then deleting the comments.
• Switching between search engine backends no longer require restarting the web server.
• Logging in from the Log Out page now takes you to the dashboard, instead of logging you back out.
• Some minor UI issues in the Administration UI have been fixed.

Upgrading

If you're using our official releases, follow the upgrade instructions in the release notes below:

• Review Board 6.0.2
• Review Board 5.0.7
• Review Board 4.0.13
• Review Board 3.0.26

If you're using releases provided by your Linux distribution or a third-party, you will need to inquire with them about your upgrade options and support.

If you need assistance with your server, we can help under a support contract. This entitles you to on-going support for your server, custom builds, backported fixes, pre-release security patches, and solutions tailored for your company's needs.

Review Board 6.0.1 fixes a handful of bugs found in the recent 6.0 release:

• Reviews and replies should now successfully publish in all cases.

• Administrators can once again see and edit another user's draft review requests.

• Compatibility issues with subdirectory installs or Local Site partitioning have been resolved.

• Plus other bug fixes throughout the product.

All the details can be found in the release notes.

Asana and Trello integrations updates

We've also released Review Board Integrations 3.1.1, which fixes compatibility with Trello and Asana. This must be upgraded manually for now:

$ pip3 install rbintegrations==3.1.1

This is compatible with both Review Board 5 and 6.

Let's get started!

To learn more about upgrading your server, see our upgrade instructions. You can also use our official Docker images.

If you need assistance with your server, we can help under a support contract.

Review Board 6 is all about focusing on your code review experience in a pleasant environment.

The UI is bright, soft, and colorful. The diffs are easier on the eyes, and easier to navigate. The review process is streamlined, a new review banner guiding you through creating, managing, and publishing your review request, reviews, and replies. Rich commenting is effortless, with Markdown formatting aided by a helpful new toolbar.

And that's just the beginning. Let us introduce you to Review Board 6.

A bright start

We’ve been improving the look and feel of Review Board, softening and brightening the visuals, giving content some breathing room, and sanding down rough edges.

The color palette and font size used in diffs have been refined to make it easier to read long blocks of code.

Much of our UI has been made more accessible and mobile-friendly.

This is the first step toward a larger UI refresh planned for Review Board 7.

Looking for something less bright? Say, a dark mode? That's in the works, but for now, we find Dark Reader to be pretty useful ourselves!

An improved review experience

In past versions of Review Board, your draft review requests, reviews, and replies were all managed separately, each with its own green draft banner.

Review Board 6 now includes a new Unified Review Banner, which summarizes every draft that still needs to be published on a review request.

This banner allows you to:

• See all your drafts in one place
• Publish all your drafts together with fewer e-mails, or publish them independently as before
• Create new reviews on a review request

This banner is always visible on the screen, and will help guide you through the review process.

The old Review, Add Comment, and Ship It! buttons on the review request’s action bar have been moved to a new Review menu on the banner, helping you create, manage, and publish your reviews from anywhere on a review request.

To help get going, we’ve added new tips and tricks to the Review Dialog, shown when clicking Review -> Create a New Review.

And finally, you can review your own diffs and files before they’re published, helping make comments that guide reviewers through your change.

Craft Markdown comments with a click

It’s easier than ever to compose Markdown text for your reviews, comments, and review requests through the new Markdown formatting toolbar.

Toggle between bold, italic, strike-through, and code literals. Create lists, link to URLs, and then go beyond text by uploading and embedding images.

Better file attachment management

File attachments are an important part of many people's workflows. Review Board 6 now makes it easier to track which files are published, which you're introducing in a draft, and which are pending deletion.

When adding, updating, or deleting file attachments, a label is now placed on the thumbnail showing its status:

• New: The file attachment was newly-added in this draft.
• New Revision: A new, updated revision of a file attachment was added in this draft.
• Pending Deletion: The file attachment will be deleted when the draft is published.
• Draft: The file attachment’s caption has been updated in the draft.

If a file attachment is pending deletion, you can now restore it by clicking Undo Delete in the file attachment’s actions menu.

Take action with extensions

Review Board’s extension abilities have grown once again.

The new Actions system makes it easier to add, hide, and reorder actions on the review request’s action bar, on the page header, and the navigation bar.

Client-side extensions can now be written using TypeScript and Spina, and bound together using ES Modules.

Server-side extensions can benefit from enhanced Python type hints and pytest-based unit tests.

Important compatibility updates

We’ve dropped support for Python 3.7 and added 3.12. Please note that not all third-party repository support is compatible yet with 3.12.

We’ve also dropped Subvertpy support. To use Subversion with Review Board, make sure to install PySVN.

Plus…

• Faster automated code review results
• A better default view for dashboards, showing all your incoming and outgoing review requests
• A service health check URL (/health/) for monitoring, scaling, and fault tolerance
• New Single Sign-On options, for wider Identity Provider compatibility
• Enhanced API error reporting, with string-based error types
• Performance and usability improvements all throughout Review Board
• And more!

The Review Board 6 release notes cover all the changes in this release in detail.

Ready to upgrade?

For most users of Review Board 5, Review Board 6 will be a drop-in replacement with minimal downtime.

Still, make sure you have a backup of your database and site directory, and please perform a test upgrade on a test server. Then follow the upgrade instructions.

If you’re using Docker, follow our Docker instructions to deploy new containers. Review Board 6’s official Docker images are based on Ubuntu 22.04 LTS and Python 3.11.

If you need assistance, we can help support your Review Board server with a plan that meets your needs.

Review Board 5.0.6 is a bug fix release, featuring:

• MySQL installation fixes
• Review Group API improvements
• Several bug fixes

Let's take a look.

MySQL Installation Fixes

The recent versions of mysqlclient fail to install on many Linux distributions, and this makes for a frustrating Review Board installation experience.

Now, when installing the ReviewBoard[mysql] package, we now cap this to the 2.1.x series, which installs the same way as prior versions.

You can learn more about this issue on the mysqlclient GitHub, and in our MySQL installation instructions. We'll continue to track development around this issue, and update our documentation and requirements if the situation changes.

Review Group API Improvements

The Review Group API now supports querying for:

• Hidden accessible review groups
• Review groups based on the invite_only flag
• Hidden invite-only review groups when using the special reviews.can_view_invite_only_groups user permission

Plus...

• Improvements for the upgrade process
• Fixes for file attachment diffs
• Fixes for updating file attachments with new revisions
• Showing hidden review groups and repositories for Default Reviewers, integration conditions, and more

All the details can be found in the release notes.

To learn more about upgrading your server, see our upgrade instructions. You can also use our official Docker images.

If you need assistance with your server, we can help under a support contract.

Beta 3 is here, with a more polished Review Board look and feel, a toolbar to help format your Markdown text and attach images, a better experience for the new Review Banner, and numerous fixes and improvements throughout the product.

If you're discovering 6.0 for the first time, look at our announcements for 6.0 beta 1 and 6.0 beta 2 to learn about the new features, like the Review Banner, improved diff navigation, and all the new extension capabilities that can help tailor Review Board for your team.

A more pleasing experience

We’ve refined Review Board’s look, making small adjustments throughout the product to help it feel lighter, with easier-to-read diffs and more apparent controls.

This is the beginnings of a larger effort that we’ll be continuing through Review Board 7 to help modernize the UI and give users more control over how Review Board looks on their system.

Format Markdown and upload images with just a click

We’ve made it easier to work with Markdown text anywhere you see a text field. The new Markdown formatting toolbar helps you format your reviews, comments, and review requests using Markdown.

Toggle between bold, italic, strike-through, and code literals. Create lists, link to URLs, and then go beyond text by uploading and embedding images.

Guiding you to better reviews

We’ve added useful tips and tricks for helping compose your reviews, right at the top of the Review Dialog.

In addition, the new Review Banner is now available any time you see a review request, regardless of whether it’s in draft form, published, or closed. You can also publish all reviews and review requests with one click.

Plus…

• Usability improvements for working with text fields
• Performance improvements for publishing drafts
• New APIs and extension capabilities
• Better repository validation for Git and Subversion
• And lots of bug fixes!

See the release notes for the full list of changes and installation/upgrade instructions.

Next release will be RC1, our release candidate. We’d love to get some more testing, and have a handy Docker image you can try to get started. Your feedback will help us make 6.0 a rock-solid release.

Review Board 6 beta 2 builds upon the new review and extension functionality in Review Board 6 beta 1 to bring better diff navigation, self-review of draft diffs and files, improved SAML support, and even more extension options.

Better Diff Navigation

When viewing diffs, the file you’re currently looking at is now shown in the Review Banner at the top of the page. This helps you keep track of where you are in the review process.

You can also use this to quickly jump to any other file in the diff.

Use the colored dots to get a sense of the inserted, deleted, and replaced sections of the file, and to quickly jump to them.

Self-Review of Drafts

It’s now easier than ever to leave notes on your diffs for others, or to practice effective self-review.

Before publishing your change, you can now comment on your draft diffs and files, helping give other reviewers a heads up about how the code works or what problems you’ve already spotted that they can ignore.

Simply comment like normal, and then click Publish All to publish your draft change and comments all at the same time.

Improved SAML Single Sign-On

Review Board 5 introduced Single Sign-On with SAML, and Review Board 6 is giving you more options to better integrate with your Identity Provider.

Now, administrators can better link up user accounts by configuring the NameID format and user attribute names to match what your Identity Provider expects.

New Extension Features

We’ve added two new extension hooks to help you customize your Review Board and to build new features:

• HideActionHook helps Python extensions hide built-in actions (like “Ship It!”), making it easier to replace them with your own custom actions.
• FileAttachmentThumbnailContainerHook gives JavaScript extensions the ability to add new items to the file attachment thumbnail menu.

We’ve also added support for using pytest to unit test your extensions with rbext test. Simply run rbext test --pytest. This will become the default in Review Board 7.

Plus…

• Multiple tabs/windows showing the same review request will reload when publishing or discarding a review in one.
• We’ve made several usability improvements to the new Review Banner and the Review Dialog.
• We’ve improved API performance across the board with better caching logic.

There’s more in the works for Review Board 6, including better self-signed SSL/TLS certificate management for repositories, LDAP, and Active Directory.

We expect the next beta to be the last. If you’d like to help us test, please reach out with your feedback! You can use the beta 2 Docker image to get you started. Betas are also covered under an active support contract.

See the release notes for the full list of changes.

Review Board 5.0.5 offers improvements and fixes to Single Sign-On, web-based login for the upcoming RBTools 5, improved support for installing with Python Virtual Environments (required in this year's Linux distributions), and more.

Let's dig in.

Improved Single Sign-On

We've fixed a handful of bugs in the Review Board 5's new Single Sign-On support, improving compatibility with most services.

Now, if a page requires you to log in first, you'll be taken back to that page once successfully logged in. Thanks to everyone who let us know this wasn't working right.

Web-Based Login for RBTools 5

RBTools 5 is in development, and includes the ability to log in using the Review Board website. This means you can finally use your standard Single Sign-On authentication for RBTools.

We're hard at work on RBTools 5, and will be shipping it later this year. If you'd like to beta test this, please reach out to support for pre-release builds.

Python Virtual Environments

Python Virtual Environments provide a way to isolate Python applications and services from the system or other Python applications. They help you avoid various forms of installation problems, and they're required in Ubuntu 23.04, Debian Bookworm, and Fedora 39 (with other Linux distros soon to follow).

Starting in 5.0.5, Review Board can now help you install into a Virtual Environment and will automatically make use of it no matter what web server you're using.

We've updated our installation documentation to help you install and use Review Board in either Virtual Environments or in traditional setups.

Please note: If you're not using a Virtual Environment today, you don't need to switch to one unless you're planning to upgrade to this year's Linux distributions.

Plus...

• It's now easier to manage review groups and repositories when configuring an integration, such as Slack or Jenkins.
• New python and pip site management commands for running the correct versions for your environment.
• Compatibility fixes for modern Python packaging support.

All the details can be found in the release notes.

To learn more about upgrading your server, see our upgrade instructions. You can also use our official Docker images.

If you need assistance with your server, we can help under a support contract.

RBTools 4.1 is ready for Review Board 6, and comes with a host of new features improvements for working with Windows and your source code repositories. Including new integrations for Perforce setups.

Ready for Review Board 6

Review Board 6 is coming soon. We've updated RBTools 4.1 to ensure your upgrade to Review Board 6 is as smooth as possible, without dropping support for any prior versions of Review Board.

We recommend that all users upgrade to RBTools 4.1 before you deploy Review Board 6 for the best experience.

SSL Improvements

RBTools 4.1 simplifies SSL management by including up-to-date root SSL certificates, making it effortless to work with newer SSL certificates even on older Python installations.

When SSL issues do occur, you're not left in the dark. A complete description of the problem, along with steps to rectify it, will be displayed. This includes guidance on how to register self-signed certificates with Python, and how to update root certificates. This way, you're empowered to address SSL issues swiftly and effectively.

Enhanced Perforce Integration

RBTools 4.1 provides a new Perforce trigger script to better automate your review process.

With this trigger script, Perforce administrators can ensure that a review request has been reviewed and approved before acceptance. The default is set to a "Ship It!" status with no open issues, and extensions can customize this.

The script will also update the changeset with the URL to the review request and then close the review request upon submission. See the trigger script for instructions, and our guide on using RBTools with Perforce to learn how to use Perforce with Review Board.

A Better Experience on Windows

The Windows installer now bundles GNU Diff, eliminating the need for a separate installation and providing a more streamlined experience. We've also updated to the latest Python 3.10.11 release.

Plus...

• Improved diff generation for ClearCase and VersionVault.
• Fixes for stamping Perforce changes with a review request URL.
• Fixes for API caching issues.

See the release notes for the full list of changes, including changes affecting script authors.

To learn more about RBTools, see the RBTools downloads page and RBTools 4 documentation.