Review Board 2.0.4 发布了,该版本改进记录包括:
安全更新值得关注的有: Fixed a vulnerability where a URL to a diff fragment could be crafted thatwould inject custom HTML into the page. An attacker could send such a URLto another user and execute code in their browser session. This was reported by Uchida. A CVE number is pending. The Original File and Patched File resources could be used to access fileson a private review request that the user did not have access to, if theyknew the approciate database IDs. A CVE number is pending.
新特性Added support for parent diffs in the New Review Request page. When uploading a diff, Review Board will now detect if a parent diff isneeded for the patch to apply. If so, the user will be shown an appropriateerror and then shown fields for uploading a parent diff.
LocalizationBug FixesReview RequestsFixed the display of errors when failing to publish a draft reviewrequest. Patch by Mark Côté. When uploading file attachments, malformed mimetypes provided by thebrowser will be ignored, and a proper mimetype will be guessed.(Bug #3427) Long strings in the right-hand review request fields no longer causefields to overlap. (Bug #3371) Fixed the display of errors in the Upload Diff and Add File dialogs.(Bug #3413)
Subversion
同时发布的还有 1.7.27 版本。
代码审查(Code Review)不但可以提高质量,而且还是一个知识共享和指导的极好的手段。不幸的是,准备工作的辛苦和工具支持的缺乏让代码审查很容易被延至“稍后再议”。Review Board的目标便是改变这一现状,它所提供的应用程序可以支持代码审查流程。
| 
