The new 2.0.16 release is a nice mix of security fixes, performance, and bug fixes.
First off, this release fixes a security vulnerability recently reported that allows a user to craft a string that can, under the right circumstances, execute a malicious script. If you're running 2.0.x, we highly recommend that you upgrade, particularly if your server is public on the Internet.
Okay, now on to the fun parts.
A faster Review Board
The diff viewer is now fast. Very fast. You'll find some major speed improvements in loading and expanding diffs and viewing diff comment fragments.
Most other pages are a bit faster too. We've fixed and improved client-side caching behavior across the site. The speed improvement should be noticeable.
Lastly, in the performance category, we've identified and fixed a bug that could trigger unnecessary reloads of extension configuration, particularly when using Power Pack.
A more stable Review Board
We've fixed over 25 bugs in this release, spanning search, Unicode conversion, diff navigation, interdiffs, the API, extensions, Bitbucket, Git, Subversion, and more.
There are compatibility fixes for the latest versions of Whoosh and Haystack (both needed for search).
New features!
We've added support for browsing and posting commits on GitLab for review on the New Review Request page.
Using Mercurial? We've added compatibility with Git-formatted Mercurial diffs, which contain more useful information that Review Board can work with.
Extension authors can now choose to block review requests from closing or reopening, and can add new UI to the top of the review dialog.
Better installation through pip and Wheels
Like with RBTools, we're now officially releasing Python Wheel packages for Review Board, supporting the latest versions of pip. To install Review Board, simply type:
$ pip install --allow-all-external ReviewBoard
(In the future, we're hoping to eliminate the need for --allow-all-external.)
Signed releases
As of this release, we're now signing all Djblets and Review Board builds with our official PGP key. We discussed this previously in the RBTools 0.7.3 release announcement, so check that out to learn how to take advantage of this.
Final notes
If you're using search today, make sure to do a full rebuild of your search index. We've made some changes to the index format, which will break search results until reindexed.
For the full list of improvements, see the release notes.