Jump to >
RBTools 0.7.9 has been released

Earlier this week, we released RBTools 0.7.8 with some great improvements to the macOS and Windows installers. Unfortunately, the macOS installer build was built in the wrong environment, leading to incorrect paths and a failing rbt.

The new 0.7.9 release contains a fix to the installer generation process to prevent this from happening again. We've rebuilt and carefully checked the new installer build, and it should be good to go.

If you tried upgrading to the 0.7.8 installer using macOS and had trouble, please give 0.7.9 a try. You can get it from the downloads page. If you installed on Linux or Windows, you don't need to worry about this release.

Note that you might also find a /Users/chipx86 directory on your filesystem from the bad installer. This is an artifact of the broken build. You can safely remove it.

See the release notes for more details.

RBTools 0.7.8 is now out!

We have a new RBTools release for you today, with some major improvements to the macOS/Windows installers and a few bug fixes and feature improvements.

Let's break it down.

A non-broken macOS installer

We fixed a problem that many of you have reported to us, where one of the dependencies (tqdm) could show up missing, breaking RBTools. We've fixed this and made sure it can't happen again.

We've also improved the installer for modern versions of macOS. For compatibility reasons, we install RBTools for both Python 2.6 and 2.7, and the way we installed it used to favor Python 2.6 for the actual rbt binary. Now, the preferred Python version for your system is now used, helping with various compatibility problems that have been reported.

A more modern Python on Windows

We've updated Python on our Windows RBTools installer. We now ship Python 2.7.13, which has a number of improvements over the older 2.7.6 release. If you've had issues with SSL certificate verification before, this should help address those problems.

A few other improvements

Such as:

  • rbt setup-repo now sets the REPOSITORY_TYPE setting for your repository in .reviewboardrc, speeding up posting changes for review.
  • rbt patch --print can now be run outside of a source tree.
  • Some various crashes involving Unicode characters on the command line and in Team Foundation Server diffs.

For the complete list, see the release notes.

To upgrade RBTools, visit the downloads page.

RBTools 0.7.7 is released!

We've just put out an all-new release of RBTools. Version 0.7.7 features compatibility fixes for various types of repositories, better support for TFS, and some new features to help with common usage and automation.

You can see the release notes for the full list of changes. We'll go over the highlights here.

Compatibility/bug fixes

In this release, we've aimed to fix a handful of compatibility problems that have been reported to us. Thanks to all the contributors who sent patches!

  • RBTools is once again compatible with Mercurial 2.x. This regressed in 0.7.6.
  • Some error displays are fixed when using the version of Python shipped with macOS 10.11.
  • Perforce gained the ability to post against null client roots, and fixed posting ranges of submitted changelists.
  • Repository lookups utilizing mirror paths or Subversion UUIDs now work once again. These regressed in 0.7.6.
  • rbt post for Git now supports --exclude-patterns when using git-svn or git-p4.
  • rbt land no longer crashes if it can't determine the approval state on a review request.

Improved Team Foundation Server support

The old TFS support was a bit slow, due to the way we had to interact with the Team Foundation Server command line tools. It also presented compatibility problems, as different versions of Visual Studio shipped different, incompatible versions of these tools.

We've now introduced new support that doesn't depend on their tools and is optimized for our use cases. This means better compatibility everywhere, faster posting, and new features.

To start with, we're adding the ability to post shelved changesets! You can do this by simply running:

rbt post <shelveset-name>

To begin using RBTools 0.7.7 with TFS, you will need to install our new TFS adapter by typing:

rbt install tfs

New features

We've added the ability to specify a destination tracking branch for rbt land. To choose something other than the default (say, origin/master on Git), you can now specify:

rbt land --tracking-branch <branch-name>

Want to set some some data for custom extension-provided fields on your review request when posting a new change? You're in luck! We've added a --field NAME=VALUE option to rbt post that does exactly this:

rbt post --field my_custom_field="Some value"

You'll need to use the name of the field that was registered by the extension. If this extension was written in-house, ask your administrator to give you the field IDs.

If you find yourself needing to pass --svn-prompt-password all the time for your Subversion setup, you can set SVN_PROMPT_PASSWORD in your project's or user's .reviewboardrc instead. Just set this and you'll never have to type it again:

SVN_PROMPT_PASSWORD = True

What's coming next

We're working toward a RBTools 1.0 release, which will feature enhanced support for Mercurial, new automation commands for use in the upcoming Review Board 3.0, easier setup and installation, and better display of progress when posting changes.

We're also hard at work on a rewrite of our documentation, with the aim of providing more practical, detailed setup and usage guides for RBTools. These will begin to land over the next month.

If you have any bug reports or feature requests for either RBTools or the documentation, we'd love to hear them! You can file a bug or reach out to us on our reviewboard-dev discussion list.

New Django 1.6.11.5 Security Releases

Earlier today, Django released a new set of security releases that address issues when running unit tests against Oracle databases and when running a Django-based application when setting DEBUG = True and ALLOWED_HOSTS = [] in a server's settings file.

Review Board should not be impacted by the Oracle issue (which would not occur in production), and we don't recommend running with DEBUG = True (plus, new sites created with Review Board 2.0+ will have a safe default for ALLOWED_HOSTS, keeping you safe). Still, we recommend that you always update to the latest Django 1.6.11.x security release anyway.

We maintain security-hardened builds of Django 1.6.x, the version series we use for Review Board 2.0 through 2.5. We've put out a new Django 1.6.11.5 release that contains these two fixes.

To upgrade to this release, run:

$ pip install -U https://downloads.reviewboard.org/releases/Django/1.6/Django-1.6.11.5.tar.gz

Or:

$ easy_install -U https://downloads.reviewboard.org/releases/Django/1.6/Django-1.6.11.5.tar.gz

We then recommend that you visit your Administration -> Security Checklist page to ensure that your ALLOWED_HOSTS and other security settings are correct.

You can always keep up on the latest Review Board security announcements by subscribing to our Official Announcements mailing list.

New Review Board 2.0.25 and 2.5.7 releases

We have a couple of new Review Board releases for you today, including the biggest 2.5.x release yet.

Review Board 2.5.7 brings new administrative features, improvements to e-mail sending (including DMARC compatibility) and content, extension unit testing, usability enhancements, and over 40 bug fixes.

Review Board 2.0.25 brings many of those same bug fixes, along with the new extension unit testing support, for users who have not yet upgraded to 2.5.

Let's take a look at some of the major new changes in these releases.

More reliable e-mail

  • E-mail has been evolving in recent years, with new starts forming to help combat spam and fraudulent e-mails. Some of these standards, like the Sender Policy Framework and DMARC, can prevent Review Board from reliably sending e-mail on behalf of users.

    In Review Board 2.5.7, we've added compatibility with these standards, ensuring that all Review Board e-mails will safely reach their destination.

  • We've also added a handy new link in the Review Request Updated e-mails in Review Board 2.5.7 for showing the changes made since the previous diff. That's one less click to view an interdiff.

Easier administration

Review Board 2.5.7 adds a few new features to help administer users and settings on your install:

  • It's now easier to manage users belonging to review groups, default reviewer rules, repository access lists, and other places in the administration UI. We've introduced a new widget for managing lists of users, which scales well and simplifies locating and adding new users.

  • You can now safely grant users fine-grained access to the administration UI without giving them access to global Review Board settings. Simply set them as a "staff" user instead of "superuser."

Both 2.5.7 and 2.0.25 have made it easier to work with repository credentials and authentication servers:

  • Hosting service credentials for repositories can now be edited simply by clicking "Edit Credentials" by the desired account on the repository page. This should make things a lot easier in the event of a password or token change on a service.

  • Authentication forms for LDAP, Active Directory, and more have been organized, making it a lot easier to get going for the first time.

Extension unit testing

When writing extensions for your server, you want to make sure you can catch any breakages or changes in functionality when preparing to upgrade to the next version of Review Board. We've made it easy to write and run unit tests for your extension, using the new rbext command. Now you can make sure your extension works as expected before doing your next big server upgrade.

Lots of bug fixes

We've fixed quite a lot of bugs in these releases. We have fixes for CVS, Bitbucket, GitLab, webhooks, the API, e-mail contents, file attachment display and review, Power Pack compatibility, post-commit review, custom Markdown text fields, dashboard columns, and much more.

You can see the 2.0.25 and 2.5.7 release notes for the whole list of changes, along with upgrade instructions.

New Django Security Releases

Django released a new set of security releases today, designed to fix a vulnerability in the cookie parsing code when combined with usage of Google Analytics that could allow an attacker to bypass CSRF protection. (See their announcement for more details.)

We maintain security-hardened builds of Django 1.6.x, the version series we use for Review Board 2.0 through 2.5. We have put out a Django 1.6.11.4 release containing these security fixes.

To upgrade to this release, run:

$ pip install -U https://downloads.reviewboard.org/releases/Django/1.6/Django-1.6.11.4.tar.gz

Or:

$ easy_install -U https://downloads.reviewboard.org/releases/Django/1.6/Django-1.6.11.4.tar.gz

This particular vulnerability is unlikely to affect most of our users (at least as documented in Django's release notes), but we still recommend upgrading, to be safe.

You can always keep up on the latest Review Board security announcements by subscribing to Official Announcements mailing list.

Power Pack 1.4.2 is out, with Visual Studio Team Services and more!

Today's release of Power Pack brings a brand new feature: Support for Visual Studio Team Services.

Formerly known as Visual Studio Online, this service provided by Microsoft allows you and your team to easily set up and work with Team Foundation Server repositories. Now, using Power Pack, you can add your repositories to Review Board and take advantage of all of our enhanced code review capabilities. See the documentation for more information on getting set up.

Visual Studio Team Services Configuration

We've also improved the UI for PDF Review. Previously, the PDF Review UI would appear as its own independent box, separate from the rest of the review request page (including the header with the "Close," "Review," etc. actions). Now, when using Review Board 2.0 or higher, it will fit in more naturally with the rest of the page.

PDF Review UI

There are also a handful of other bug fixes for TFS-Git, anonymous users, and more. See the release notes for more information.

We messed up, so here's Review Board 2.5.6.1!

Review Board 2.5.6 shipped in a bit of a broken state, due to a packaging error that wasn't caught by our automated tests. This led to JavaScript failures on certain pages, like the New Review Request page.

Review Board 2.5.6.1 is out now and fixes the error. If 2.5.6 broke you, just install 2.5.6.1 and you'll be back up and running.

We're expanding our automated testing to ensure this particular problem won't happen again. Sorry for the trouble, and thanks for using Review Board!

Review Board 2.0.24 and 2.5.6 are released!

We have a couple of new releases for you today, mostly focused on bug and compatibility fixes.

Both releases have important fixes for GitLab and compatibility fixes for Subversion 1.9 diffs, both of which we've received numerous bug reports about.

Review Board 2.5.6 also has an important dependency update for django-haystack. If you recently installed Review Board 2.5.x on a new server and had issues creating a site, this should take care of it.

Review Board 2.0.24 now has the improved support for Codebase HQ, which we previously introduced in Review Board 2.5.5. This allows you to work with Subversion and Mercurial repositories hosted there.

Both releases contain several other bug fixes that are worth getting. See the release notes for more information:

Also remember that if you're upgrading to 2.0.24, you need to follow the instructions in the release notes to ensure you're getting the right version.

Review Board 2.5.5 released

We have a new release for you all today that introduces a couple of new features and fixes some important bugs. In particular, if you're a PostgreSQL user and are running an earlier 2.5.x release, you'll want to upgrade today.

Here are some of the highlights:

Improved Codebase HQ support

We've enhanced our support for repositories hosted on Codebase, adding on Mercurial and Subversion support, along with improving support for Git. If you use Codebase already, you'll be prompted to supply new credentials the next time you create or edit a repository.

PostgreSQL diff condensing improvements

A critical defect was found in the condensediffs command when being run against a PostgreSQL database that could cause data loss. This was introduced in 2.5. We haven't received any reports to date about data loss, but have witnessed it in-house. If you're using 2.5.x on PostgreSQL, please update immediately.

Usability regression fixes

There's also a fix for a usability regression introduced in a previous release for the Review Groups configuration page. The user membership selector was replaced with a text field containing internal database IDs for users. This was based on an attempt to work around a performance defect on very large servers. We've reverted back to the user selector for this release, and will be introducing a new selector that increases usability and fixes performance problems in a future 2.5.x release.

If this was a problem for you, and you are not bitten by the PostgreSQL bug, you may want to stay on 2.5.4 for now.

E-mails for API tokens

In order to enhance security and help with audit trails, we've introduced e-mail notifications when creating, deleting, or modifying API tokens. If someone manages to gain access to your account and create an API token, or tricks you into creating one in some way, you'll be notified.

There's also a handful of other fixes. See the release notes for all the details.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 pages