RBTools 2.0.1 introduces two new features:
rbt patch --writeWe'll be adding support for Breezy to Review Board in an upcoming release.
Along with these improvements, there's a fix for rbt land on Mercurial, and the removal of some harmless but noisy warnings when running on Python 3 with warnings enabled.
See the release notes for the complete list of changes.
Review Board 4.0.3 fixes an assortment of bugs throughout the product, some of which are specific to running on Python 3. The highlights include:
For the full list of changes, see the release notes.
Today's releases of Review Board 3.0.24 and 4.0.2 fix a handful of bugs and one security issue, and introduces support for defining safe URL protocols for Markdown text.
Attackers could post a Markdown document for review that contained bad links that, when clicked, could invoke JavaScript code. We fixed a similar issue in 3.0.21, but this is specific to the Markdown Review UI.
Though this is a pretty small attack vector, we do strongly recommend that everyone upgrades as a precaution.
Administrators can now set a list of URL protocols (like eclipse://. ftp://, gopher://, etc.) they consider safe for their environment by modifying conf/settings_local.py: These will then be preserved when building links. For example:
ALLOWED_MARKDOWN_URL_PROTOCOLS = ['eclipse', 'ftp', 'gopher']
There are also fixes for:
(nonexistent) revisionsSee the 3.0.24 release notes and 4.0.2 release notes for the full lists of changes.
Note: If you're upgrading to 3.0.24, please follow the installation instructions in the release notes so you don't end up on 4.0.2.
Review Board 4.0.1 is a small bug fix release that fixes a few regressions and add some new polish.
Highlights:
rb-site manage no longer breaks with custom commands in the $sitedir/commands/ directory.For the full list of changes, see the release notes.
We've been working toward Review Board 4.0 for some time now, and we're happy to announce that it's finally here!
This is a big release with a lot of user-facing, behind-the-scenes, and administrative changes. Let's dig into the highlights.
When working with Git or Mercurial, review requests now track each and every commit that went into the change.
This provides reviewers with the freedom to review code in the way that makes the most sense to them. They can review each commit individually or select a range of commits to see and review at once.
Review requests can be landed to a repository or applied locally in either a squashed (single commit) form, or preserving each individual commit.
Review Board 4.0 is the first version to support Python 3. As of now, Python 3.6 through 3.9 can be used.
Python 2.7 is still supported. However, we will be dropping support in Review Board 5.0, so we recommend that people prepare an upgrade to Python 3 soon.
If you're an extension author, please be aware that you may need to update your extensions for both Python 3 and Django 1.11 compatibility. See the release notes for more information.
The Jenkins integration can run automated tests and builds any time a new review request is posted or updated.
To get set up, follow the documentation and make sure you set up the Review Board plugin for Jenkins.
The new Discord integration will post activity and discussions on review requests to your Discord channel. Teams using Discord can now stay informed on what's out for review, and what feedback's coming in.
The new "Overview" tab on the dashboard will show you all the review requests you have out for review, along with all the review requests that are in your review queue.
There's a new "Publish review and archive the review request" option available when reviewing a change. Click this to publish your review and then hide it from your dashboard until you get a reply.
Preparing for some downtime? Administrators can now place their Review Board server in read-only mode. This will prevent people from uploading new review requests, reviewing code, or changing their profiles, while you take care of your maintenance tasks.
We've completely rewritten the administration UI to give you a better experience. It's mobile-friendly, with simpler navigation, a cleaner administrative dashboard, and screen reader support.
It's now easier than ever to install optional dependencies for Review Board. We've added several special packages that will help install the right versions of the right dependencies:
ReviewBoard[ldap]ReviewBoard[mercurial]ReviewBoard[mysql]ReviewBoard[swift]ReviewBoard[p4]ReviewBoard[postgres]ReviewBoard[subvertpy]ReviewBoard[s3]Site installation and management has also been revamped, making it easier and faster to create new Review Board sites and to run common management tasks (like search index updates).
First, make sure you have a backup of your database and site directory, and have tested an upgrade on a test server.
Please be aware that an upgrade can take time. You should also make sure your extensions have been updated to work with Review Board 4.0.
Then follow the upgrade instructions.
To learn more about Review Board 4.0, please read the release notes.
Power Pack 3.0.5 is a small bug fix release that addresses an important issue with PDFs.
Depending on the Review Board setup, a crucial file used to process PDFs would sometimes fail to load. This would result in a blank thumbnail or an empty PDF review UI.
We've tracked down this corner case and fixed it once and for all (hopefully). If you encounter any issues with PDFs, please reach out to us for support. Power Pack licenses entitle you to free support for any and all Power Pack features.
In recent releases, we've added compatibility with the upcoming Review Board 4.0 release, fixed CSV export for Reports, and improved PDF compatibility.
Now's a great time to upgrade, or to start using Power Pack for the first time.
We're working on Power Pack 4.0, with new authentication features and database import/export. We should have more to show in a few months.
Learn more about Power Pack or upgrade your copy today!
Updated May 5th: We've followed this up with 3.0.23 to fix another regression impacting users who hadn't yet upgraded to 3.0.21.
This release fixes regressions in Markdown rendering, introduced by the security fix in 3.0.21.
The following Markdown features have been restored:
:thumbsup:)Any broken Markdown introduced on 3.0.21 will render correctly after upgrading.
See the release notes for more details.
Review Board 3.0.21 and 4.0 RC 2 are out. These releases fix a security vulnerability, along with other bug fixes.
3.0.21 also introduces Docker support.
Both releases fix a XSS vulnerability in Markdown rendering, which could allow an attacker to craft a link that executes arbitrary JavaScript code when clicked.
The attacker would need to be someone who already has legitimate access to your server, and can perform reviews or otherwise access your code.
We recommend that everyone (especially those running public servers) upgrades to address this vulnerability, though the seriousness of the issue will vary from company to company.
Review Board 3.0.21 ships with new Docker support, helping you set up and deploy servers quickly without need to manually install anything.
This is still young. If you hit any issues, please report them to us.
Going forward, all Review Board 3.x and higher releases will include Docker images.
Both releases fix installation issues on Python 2.7, along with a handful of bug fixes and improvements.
See the 3.0.21 release notes and 4.0 RC 2 release notes for the full lists of changes.
Today's release of Review Bot 2.0.1 offers compatibility improvements for Python 3 and the upcoming Review Board 4.0.
If you're planning to upgrade to Review Board 4.0 upon release, we recommend upgrading to Review Bot 2.0.1 today.
Review Bot is an automated code review tool that connects to Review Board, interfacing with many different code linting tools:
We're preparing a much larger 3.0 release with all-new tools, configuration options, and official Docker support. We expect this to be available in the next few months.
For now, see the release notes for the details on 2.0.1, or download Review Bot today.
Development is coming to a close with today's release of the first Release Candidate for 4.0.
If you're planning an upgrade to 4.0 upon release, please give 4.0 RC 1 and report any feedback you find.
Review Board 4.0 RC 1 ships along with a Docker image, making it easy to get set up quickly and to scale out as your needs grow.
Going forward, every new release of Review Board will ship with Docker images. We're also building them for Review Bot.
See our documentation to get started.
We've refined the rb-site install experience, offering better guidance all throughout.
New options have been added for automated installs, including specifying the site's SECRET_KEY, allowed hostnames for accessing the server, and even custom settings_local.py templates.
rb-site manage --help now shows all the most common management commands used with Review Board.
The rbext tool has been updated with new options to make it easy to test your extensions.
The new --extension option takes the extension class name and sets up a full test environment around it. Combined with the new --app option for adding additional Django apps, testing extensions has never been easier.
rb-site manage resolve-check no longer needs to be called after setting up a new site.The full details, along with installation/upgrade instructions, are in the release notes.
Please report any issues (or successes!) you hit with either Review Board 4.0 RC 1 or the new Docker image. If all goes well, we'll be releasing 4.0 very soon.