* BUGFIXES
  * Fix possbile mysql invalid connnection error (#7051) (#7071)
  * Handle invalid administrator username on install page (#7060) (#7063)
  * Disable arm7 builds (#7037) (#7042)
  * Fix default for allowing new organization creation for new users (#7017) (#7034)
  * SearchRepositoryByName improvements and unification (#6897) (#7002)
  * Fix u2f registrationlist ToRegistrations() method (#6980) (#6982)
  * Allow collaborators to view repo owned by private org (#6965) (#6968)
  * Use AppURL for Oauth user link (#6894) (#6925)
  * Escape the commit message on issues update (#6901) (#6902)
  * Fix regression for API users search (#6882) (#6885)
  * Handle early git version's lack of get-url (#7065) (#7076)
  * Fix wrong init dependency on markup extensions (#7038) (#7074)

* BUGFIXES
  * Fix 404 when sending pull requests in some situations (#6871) (#6873)
  * Enforce osusergo build tag for releases (#6862) (#6869)
  * Don't post process commit summary in templates (#6842) (#6868)
  * Fix 500 when reviewer is deleted (#6856) (#6860)
  * Fix v78 migration for MSSQL (#6823) (#6854)
  * Added tags pull step to drone config to show correct version hashes (#6836) (#6839)
  * Fix double-generation of scratch token (#6833) (#6835)
  * When mirroring we should set the remote to mirror (#6824) (#6834)
  * Show scrollbar only when needed (#6802) (#6803)
  * Service worker js is missing a comma (#6788) (#6795)
  * Set user search base field optional in LDAP (simple auth) edit page (#6779) (#6789)
  * Fix team edit API panic (#6780) (#6785)
  * Minor CSS cleanup for the navbar (#6553) (#6781)
  * Stricter domain name pattern in email regex (#6739) (#6768)
  * Detect and restore encoding and BOM in content (#6727) (#6765)
  * Fix org visibility bug when git cloning (#6743) (#6762)
  * OAuth2 token can be used in basic auth (#6747) (#6761)
  * Fix missing return (#6751) (#6756)
  * Fix sorting repos on org home page with non-admin login (#6741) (#6746)
  * Drop is_bare IDX only when it exists for MySQL and MariaDB (#6736) (#6744)
  * Fix team members API (#6714) (#6729)
  * Load issue attributes when editing an issue with API (#6723) (#6725)
  * Fix config ui error about cache ttl (#6861) (#6865)

* SECURITY
  * Prevent remote code execution vulnerability with mirror repo URL settings (#6593) (#6594)
  * Resolve 2FA bypass on API (#6676) (#6674)
  * Prevent the creation of empty sessions for non-logged in users (#6690) (#6677)
* BREAKING
  * Add "ghost" and "notifications" to list of reserved user names. (#6208)
  * Change sqlite DB path default to data directory (#6198)
  * Adds MustChangePassword to user create/edit API (#6193)
  * Disable redirect for i18n (#5910)
  * Releases API paging (#5831)
  * Allow Macaron to be set to log through to gitea.log (#5667)
  * Don't close issues via commits on non-default branch (#5622)
* FEATURE
  * Add regenerate secret feature for oauth2 (#6291)
  * Expose issue stopwatch toggling via API (#5970)
  * Add other session providers (#5963)
  * Pull request conflict files detection (#5951)
  * Integrate OAuth2 Provider (#5378)
  * Implement "conversation lock" for issue comments (#5073)
  * Feature: Archive repos (#5009)
  * Discord Oauth2 support (#4476)
  * Allow to set organization visibility (public, internal, private) (#1763)
  * Added URL mapping for Release attachments like on github.com (#1707)
* ENHANCEMENT
  * Add support for client basic auth for exchanging access tokens (#6293)
  * Add ability to sort issues by due date (#6206) (#6244)
  * Style tweaks to issue selection (#6196)
  * Increase Username and Orgname MaxSize 35 -> 40 (#6178)
  * Coverage profile with multiple packages (#6167)
  * Split setting.go to multiple files (#6154)
  * Allow labels to contain emoji (#6063)
  * Disable git fsck for mirrored repos by default (#6018)
  * Add default time out for git operations (#6015)
  * Split setting.go as multiple files (#6014)
  * Make dashboard navbar and footer full-width (#6013)
  * Add lang specific font stacks for CJK (#6007)
  * Fix header menu misalignment (#6002)
  * Enhance closed PR and Issue status in the list (#6000)
  * Make navbar full width (#5998)
  * Add option to close issues via commit on a non master branch (#5992)
  * Support n as a line highlight prefix (#5987)
  * Search for org repos (#3031) (#5986)
  * Minor UI tweaks (#5980)
  * Use native golang SSH library but ssh-keygen when enable built-in SSH server to remove dependent on that command lines (#5976)
  * Dashboard tweaks (#5974)
  * Fixes for repo topic editor (#5971)
  * Display the branch name in the commit view (#5950)
  * handle milestone events for issues and PR (#5947)
  * Add label names as filter in issue search api (#5946)
  * Repo header tweaks (#5945)
  * Better support for long repo names (#5932)
  * Fix wrapping long code lines (#5927)
  * Change GPG Validation colors and remove inline CSS (#5404) (#5896)
  * Fix "pulls.blocked_by_approvals" text (#5879)
  * Rename reject to 'request changes' (#5858)
  * Move input fields to add members to a team and repos to a team (#5853)
  * Config option to disable automatic repo watching (#5852)
  * New Issue ?body= query (#5851)
  * Add API to list tags (#5850)
  * Pagination for git tree API (#5838)
  * Add InternalTokenURI to load InternalToken from an external file (#5812)
  * Allow markdown files to read from the LFS (#5787)
  * Add the ability to use multiple labels as filters (#5786)
  * Adjust log settings when a user is not found. (#5771)
  * Log IP of failed ssh connection (#5766)
  * Moved defaults in defaults.go to setting.go (#5764)
  * Make DB connect more robust (#5738)
  * Add Default Pull Request Title (#5735)
  * Refactor repo.isBare to repo.isEmpty #5629 (#5714)
  * Add flag to skip repository dumping (#5695)
  * Prioritize "readme.md" (#5691)
  * Improve "Fork button" for guests by showing a pop up asking them to log in before forking (#5690)
  * Allow for user specific themes (#5668)
  * Display branch name in delete branch confirmation modal. (#5654)
  * New API routes added (#5594)
  * Refactor notification for indexer (#5111)
  * Refactor mail notification (#5110)
  * Show email if the authenticated user owns the profile page being requested for (#4981)
  * Optimize pulls merging (#4921)
  * Sort Repositories widget by most recently updated (#3963) (#4599)
  * Allow markdown table to scroll (#4401)
  * Automatically clear stopwatch on merging a PR (#4327)
  * Add the Owner Name to differentiate when merging (#3807)
  * Add title attributes to all items in the repo list viewer (#6258) (#6650)
* BUGFIXES
  * Fix dropdown icon padding (#6651) (#6654)
  * Fix wrong GPG expire date (#6643) (#6644)
  * Fix forking an empty repository (#6637) (#6653)
  * Remove call to EscapePound .Link as it is already escaped (#6656) (#6666)
  * Properly escape on the redirect from the web editor (#6657) (#6667)
  * Allow resend of confirmation email when logged in (#6482) (#6486)
  * Fix mail notification when close/reopen issue (#6581) (#6588)
  * Change API commit summary to full message (#6591) (#6592)
  * Add option to disable refresh token invalidation (#6584) (#6587)
  * Fix bug user search API pagesize didn't obey ExplorePagingNum (#6579) (#6586)
  * Fix new repo alignment (#6583) (#6585)
  * Prevent server 500 on compare branches with no common history (#6555) (#6558)
  * Properly escape release attachment URL (#6512) (#6523)
  * Hacky fix for alignment of the create-organization dialog (#6455) (#6462)
  * Disable benchmarking during tag events on DroneIO (#6365) (#6366)
  * Make sure units of a team are returned (#6379) (#6381)
  * Don't Unescape redirect_to cookie value (#6399) (#6401)
  * Fix dump table name error and add some test for dump database (#6394) (#6402)
  * Fix migration v82 to ignore unsynced tags between database and git data; Add missing is_archived column on repository table (#6387) (#6403)
  * Display correct error for invalid mirror interval (#6414) (#6429)
  * Clean up ref name rules (#6437) (#6439)
  * Fix Hook & HookList in Swagger (#6432) (#6440)
  * Change order that PostProcess Processors are run (#6445) (#6447)
  * Clean up various use of escape/unescape functions for URL generation (#6334)
  * Return 409 when creating repo if it already exists. (#6330)
  * Add same changes from issues page to milestone->issues page (#6328)
  * Fix ParsePatch function to work with quoted diff --git strings (#6323)
  * Fix reported issue in repo description (#6306)
  * Use url.PathEscape to escape the branchname (#6304)
  * Add robots.txt as reserved username (#6272)
  * Replace linkRegex with xurls library (#6261)
  * Remove visitLinksForShortLinks features (#6257)
  * Add unit types to repo action URL to correctly show 404 when archived (#6247)
  * Check organization visibility before everything else (#6234) (#6235)
  * Prevent double-close of issues (#6233)
  * Override xorm type mapping for U2F counter (#6232)
  * Add isAdmin to user API response (#6231)
  * Update git vendor to fix wrong release commit id and add migrations (#6224)
  * Fix fork button (#6223)
  * Fix renames over redirects (#6216)
  * Fix display dashboard even if require to change password (#6214)
  * Create a repo redirect when transferring ownership (#6210) (#6211)
  * Fix issue update race condition (#6194)
  * Fix bug when migrate repository 500 when repo is existed (#6188)
  * Fix scrollbar always present on page body (#6177)
  * Fix bug when set indexer as db and add tests (#6173)
  * Modify linkRegex to require http|https (#6171)
  * Fix bug user could change private repository to public when force private enabled. (#6156)
  * Fix admin list user/org API (#6143)
  * Make repo creation for API similar to UI (#6142)
  * Make document body a flexbox (#6139)
  * Refactor issue indexer, add some testing and fix a bug (#6131)
  * Load Issue attributes for API call (#6122)
  * Fix bug when update owner team then visit team's repo return 404 (#6119)
  * Fix heatmap and repository menu display in Internet Explorer 9+ (#6117)
  * Show private organization for admin, fix #6111 (#6112)
  * Fix prohibit login check on authorization (#6106)
  * Move to ldap.v3 to fix #5928 (#6105)
  * Remove use MakeAssigneeList in webhooks to fix deadlock (#6102)
  * Allow display of LFS stored Readme.md on directory page (#6073) (#6099)
  * Make sure labels are actually returned (#6053)
  * Fix panic: template: repo/issue/list:210: unexpected "=" in operand (#6041)
  * After deleting a repo on admin panel, UI should remember the last sort type (#6033)
  * Default create repository on organisation on its dashboard (#6026)
  * Swagger: Remove spaces in MergePullRequestOption enum (#6016)
  * Fix metrics auth token detection (#6006)
  * Fix repo header issues (#5995)
  * Fix bug when deleting a linked account will removed all (#5989)
  * Make organization dropdown scrollable when using mouse wheel (#5988)
  * Fix empty ssh key importing in ldap (#5984)
  * Admin config page mailertype setting option update (#5973)
  * Fix redirect loop during forced password change (#5965)
  * Show user who created the repository instead of the organisation in action feed (#5948)
  * Remove all CommitStatus when a repo is deleted (#5940)
  * Fix ssh deploy and user key constraints (#1357) (#5939)
  * Fix log output (#5938)
  * Set PusherName and PusherID to owner on deploy key to fix pushing with deploy keys (#5935)
  * Fix compare button (#5929)
  * Fix bug when read public repo lfs file (#5912)
  * Only allow local login if password is non-empty (#5906)
  * Recover panic in orgmode.Render if bad orgfile (#4982) (#5903)
  * Provide better panic handling (#5902)
  * Respect value of REQUIRE_SIGNIN_VIEW (#5901)
  * Show a 404 not a 500 if a repo does not exist (#5900)
  * Ensure repo is loaded in mailer (Completely fix #5891) (#5895)
  * Ensure issue.Poster is loaded in mailIssueCommentToParticipants (#5891)
  * Correct footer height if screen-width is to small (fixes #5878) (#5889)
  * In gitea serv switch off console logger to fix #5866 (#5887)
  * Don't allow pull requests to be created on an archived repository (#5883)
  * Support reviews on a deleted file path (#5880)
  * Fix compare button on upstream repo leading to 404 (#5877)
  * Fix null pointer on not logged in attempt to Sudo (#5872)
  * Fix new release creation API to allow empty target (#5870)
  * Fix an error while adding a dependency via UI. (#5862)
  * Fix failing migration v67 (#5849)
  * Fix delete correct temp directory (#5839)
  * Make sure .git/info is created before generating .git/info/sparse-che… (#5825)
  * Fix topics saving internal error and disable for archived repos (#5821)
  * Fix TLS errors when using acme/autocert for local connections (#5820)
  * When creating new repository fsck option should be enabled (#5817)
  * Request for public keys only if LDAP attribute is set  (#5816)
  * Fix serving of raw wiki files other than .md (#5814)
  * Fix migration 78 error mssql (#5791)
  * Disallow empty titles (#5785)
  * Fix the v78 migration script (#5776)
  * Ensure valid git author names passed in signatures (#5774)
  * Fix wrong assumption where a user is always said to have unassigned (her)himself (#5769)
  * Upgrade go-sql-driver/mysql to fix invalid connection error (#5748)
  * Fixing PostgreSQL dump creation (#5747)
  * Add proper CORS preflight origin validation (#5740)
  * Disable auto-migrate in docker container (#5730)
  * In basic auth check for tokens before call UserSignIn (#5725)
  * Pooled and buffered gzip implementation (#5722)
  * Ensure that sessions are passed into queries that could use the database to prevent deadlocks (#5718)
  * Keep file permissions during database migration (#5707)
  * Use correct value for "MSpan Structures Obtained" #4742 (#5706)
  * Refactor editor upload, update and delete to use git plumbing and add LFS support (#5702)
  * Update xorm to fix issue #5659 and #5651 (#5680)
  * Fix public will not be reused as public key after deleting as deploy key (#5671)
  * When redirecting, clean the path (#5669)
  * Don't list an issue on its own dependency list UI. (#5658)
  * Fix commit page showing status for current default branch (#5649) (#5650)
  * Only count users own actions for heatmap contributions (#5647)
  * Fix sqlite deadlock when assigning to a PR (#5640)
  * Refactor issue indexer (#5363)
* TESTING
  * Run benchmark at tag to track performances (#6035)
  * Add test environment for MySQL8 (#5234)
* BUILD
  * Use go 1.12 for tests and deprecate go 1.9 (#6186)
  * Makefile changes for Windows and easier development (#6103)
  * Update bleve dependency to latest master revision (#6100)
  * Switch to more recent build of xgo (#6070)
  * Add autoprefixer to css build (#6029)
  * Update the version of less (#6010)
  * Make log mailer for testing (#5893)
* DOCS
  * Add more tests and docs for issue indexer, add db indexer type for searching from database (#6144)
  * update default value of `--must-change-password` cli flag (#6032)
  * Update and expand information about building Gitea (#6019)
  * Update U2F Section of app.ini.sample (#5994)
  * Update swagger for release API pagination (#5841)
  * Added docs for the tree api (#5834)
* MISC
  * Add single commit API support (#5843)
  * Add missing GET teams endpoints (#5382)
  * Migrate database if app.ini found (#5290)

* SECURITY
  * Prevent remote code execution vulnerability with mirror repo URL settings (#6593) (#6594)
* BUGFIXES
  * Allow resend of confirmation email when logged in (#6482) (#6486)
  * Fix mail notification when close/reopen issue (#6581) (#6588)
  * Change API commit summary to full message (#6591) (#6592)
  * Add option to disable refresh token invalidation (#6584) (#6587)
  * Fix bug user search API pagesize didn't obey ExplorePagingNum (#6579) (#6586)
  * Fix new repo alignment (#6583) (#6585)
  * Prevent server 500 on compare branches with no common history (#6555) (#6558)
  * Properly escape release attachment URL (#6512) (#6523)
  * Hacky fix for alignment of the create-organization dialog (#6455) (#6462)

* SECURITY
  * Prevent remote code execution vulnerability with mirror repo URL settings (#6593) (#6595)
* BUGFIXES
  * Allow resend of confirmation email when logged in (#6482) (#6487)

* BUGFIXES
  * Disable benchmarking during tag events on DroneIO (#6365) (#6366)
  * Make sure units of a team are returned (#6379) (#6381)
  * Don't Unescape redirect_to cookie value (#6399) (#6401)
  * Fix dump table name error and add some test for dump database (#6394) (#6402)
  * Fix migration v82 to ignore unsynced tags between database and git data; Add missing is_archived column on repository table (#6387) (#6403)
  * Display correct error for invalid mirror interval (#6414) (#6429)
  * Clean up ref name rules (#6437) (#6439)
  * Fix Hook & HookList in Swagger (#6432) (#6440)
  * Change order that PostProcess Processors are run (#6445) (#6447)

* BUGFIXES
  * Fix unitTypeCode not being used in accessLevelUnit (#6419) (#6423)
  * Fix bug where manifest.json was being requested without cookies and continuously creating new sessions (#6372) (#6383)·
  * Fix ParsePatch function to work with quoted diff --git strings (#6323) (#6332)

* BREAKING
  * Add "ghost" and "notifications" to list of reserved user names. (#6208)
  * Change sqlite DB path default to data directory (#6198)
  * Adds MustChangePassword to user create/edit API (#6193)
  * Disable redirect for i18n (#5910)
  * Releases API paging (#5831)
  * Allow Macaron to be set to log through to gitea.log (#5667)
  * Don't close issues via commits on non-default branch (#5622)
* FEATURE
  * Add regenerate secret feature for oauth2 (#6291)
  * Expose issue stopwatch toggling via API (#5970)
  * Add other session providers (#5963)
  * Pull request conflict files detection (#5951)
  * Integrate OAuth2 Provider (#5378)
  * Implement "conversation lock" for issue comments (#5073)
  * Feature: Archive repos (#5009)
  * Discord Oauth2 support (#4476)
  * Allow to set organization visibility (public, internal, private) (#1763)
  * Added URL mapping for Release attachments like on github.com (#1707)
* ENHANCEMENT
  * Add support for client basic auth for exchanging access tokens (#6293)
  * Add ability to sort issues by due date (#6206) (#6244)
  * Style tweaks to issue selection (#6196)
  * Increase Username and Orgname MaxSize 35 -> 40 (#6178)
  * Coverage profile with multiple packages (#6167)
  * Split setting.go to multiple files (#6154)
  * Allow labels to contain emoji (#6063)
  * Disable git fsck for mirrored repos by default (#6018)
  * Add default time out for git operations (#6015)
  * Split setting.go as multiple files (#6014)
  * Make dashboard navbar and footer full-width (#6013)
  * Add lang specific font stacks for CJK (#6007)
  * Fix header menu misalignment (#6002)
  * Enhance closed PR and Issue status in the list (#6000)
  * Make navbar full width (#5998)
  * Add option to close issues via commit on a non master branch (#5992)
  * Support n as a line highlight prefix (#5987)
  * Search for org repos (#3031) (#5986)
  * Minor UI tweaks (#5980)
  * Use native golang SSH library but ssh-keygen when enable built-in SSH server to remove dependent on that command lines (#5976)
  * Dashboard tweaks (#5974)
  * Fixes for repo topic editor (#5971)
  * Display the branch name in the commit view (#5950)
  * handle milestone events for issues and PR (#5947)
  * Add label names as filter in issue search api (#5946)
  * Repo header tweaks (#5945)
  * Better support for long repo names (#5932)
  * Fix wrapping long code lines (#5927)
  * Change GPG Validation colors and remove inline CSS (#5404) (#5896)
  * Fix "pulls.blocked_by_approvals" text (#5879)
  * Rename reject to 'request changes' (#5858)
  * Move input fields to add members to a team and repos to a team (#5853)
  * Config option to disable automatic repo watching (#5852)
  * New Issue ?body= query (#5851)
  * Add API to list tags (#5850)
  * Pagination for git tree API (#5838)
  * Add InternalTokenURI to load InternalToken from an external file (#5812)
  * Allow markdown files to read from the LFS (#5787)
  * Add the ability to use multiple labels as filters (#5786)
  * Adjust log settings when a user is not found. (#5771)
  * Log IP of failed ssh connection (#5766)
  * Moved defaults in defaults.go to setting.go (#5764)
  * Make DB connect more robust (#5738)
  * Add Default Pull Request Title (#5735)
  * Refactor repo.isBare to repo.isEmpty #5629 (#5714)
  * Add flag to skip repository dumping (#5695)
  * Prioritize "readme.md" (#5691)
  * Improve "Fork button" for guests by showing a pop up asking them to log in before forking (#5690)
  * Allow for user specific themes (#5668)
  * Display branch name in delete branch confirmation modal. (#5654)
  * New API routes added (#5594)
  * Refactor notification for indexer (#5111)
  * Refactor mail notification (#5110)
  * Show email if the authenticated user owns the profile page being requested for (#4981)
  * Optimize pulls merging (#4921)
  * Sort Repositories widget by most recently updated (#3963) (#4599)
  * Allow markdown table to scroll (#4401)
  * Automatically clear stopwatch on merging a PR (#4327)
  * Add the Owner Name to differentiate when merging (#3807)
* BUGFIXES
  * Clean up various use of escape/unescape functions for URL generation (#6334)
  * Return 409 when creating repo if it already exists. (#6330)
  * Add same changes from issues page to milestone->issues page (#6328)
  * Fix ParsePatch function to work with quoted diff --git strings (#6323)
  * Fix reported issue in repo description (#6306)
  * Use url.PathEscape to escape the branchname (#6304)
  * Add robots.txt as reserved username (#6272)
  * Replace linkRegex with xurls library (#6261)
  * Remove visitLinksForShortLinks features (#6257)
  * Add unit types to repo action URL to correctly show 404 when archived (#6247)
  * Check organization visibility before everything else (#6234) (#6235)
  * Prevent double-close of issues (#6233)
  * Override xorm type mapping for U2F counter (#6232)
  * Add isAdmin to user API response (#6231)
  * Update git vendor to fix wrong release commit id and add migrations (#6224)
  * Fix fork button (#6223)
  * Fix renames over redirects (#6216)
  * Fix display dashboard even if require to change password (#6214)
  * Create a repo redirect when transferring ownership (#6210) (#6211)
  * Fix issue update race condition (#6194)
  * Fix bug when migrate repository 500 when repo is existed (#6188)
  * Fix scrollbar always present on page body (#6177)
  * Fix bug when set indexer as db and add tests (#6173)
  * Modify linkRegex to require http|https (#6171)
  * Fix bug user could change private repository to public when force private enabled. (#6156)
  * Fix admin list user/org API (#6143)
  * Make repo creation for API similar to UI (#6142)
  * Make document body a flexbox (#6139)
  * Refactor issue indexer, add some testing and fix a bug (#6131)
  * Load Issue attributes for API call (#6122)
  * Fix bug when update owner team then visit team's repo return 404 (#6119)
  * Fix heatmap and repository menu display in Internet Explorer 9+ (#6117)
  * Show private organization for admin, fix #6111 (#6112)
  * Fix prohibit login check on authorization (#6106)
  * Move to ldap.v3 to fix #5928 (#6105)
  * Remove use MakeAssigneeList in webhooks to fix deadlock (#6102)
  * Allow display of LFS stored Readme.md on directory page (#6073) (#6099)
  * Make sure labels are actually returned (#6053)
  * Fix panic: template: repo/issue/list:210: unexpected "=" in operand (#6041)
  * After deleting a repo on admin panel, UI should remember the last sort type (#6033)
  * Default create repository on organisation on its dashboard (#6026)
  * Swagger: Remove spaces in MergePullRequestOption enum (#6016)
  * Fix metrics auth token detection (#6006)
  * Fix repo header issues (#5995)
  * Fix bug when deleting a linked account will removed all (#5989)
  * Make organization dropdown scrollable when using mouse wheel (#5988)
  * Fix empty ssh key importing in ldap (#5984)
  * Admin config page mailertype setting option update (#5973)
  * Fix redirect loop during forced password change (#5965)
  * Show user who created the repository instead of the organisation in action feed (#5948)
  * Remove all CommitStatus when a repo is deleted (#5940)
  * Fix ssh deploy and user key constraints (#1357) (#5939)
  * Fix log output (#5938)
  * Set PusherName and PusherID to owner on deploy key to fix pushing with deploy keys (#5935)
  * Fix compare button (#5929)
  * Fix bug when read public repo lfs file (#5912)
  * Only allow local login if password is non-empty (#5906)
  * Recover panic in orgmode.Render if bad orgfile (#4982) (#5903)
  * Provide better panic handling (#5902)
  * Respect value of REQUIRE_SIGNIN_VIEW (#5901)
  * Show a 404 not a 500 if a repo does not exist (#5900)
  * Ensure repo is loaded in mailer (Completely fix #5891) (#5895)
  * Ensure issue.Poster is loaded in mailIssueCommentToParticipants (#5891)
  * Correct footer height if screen-width is to small (fixes #5878) (#5889)
  * In gitea serv switch off console logger to fix #5866 (#5887)
  * Don't allow pull requests to be created on an archived repository (#5883)
  * Support reviews on a deleted file path (#5880)
  * Fix compare button on upstream repo leading to 404 (#5877)
  * Fix null pointer on not logged in attempt to Sudo (#5872)
  * Fix new release creation API to allow empty target (#5870)
  * Fix an error while adding a dependency via UI. (#5862)
  * Fix failing migration v67 (#5849)
  * Fix delete correct temp directory (#5839)
  * Make sure .git/info is created before generating .git/info/sparse-che… (#5825)
  * Fix topics saving internal error and disable for archived repos (#5821)
  * Fix TLS errors when using acme/autocert for local connections (#5820)
  * When creating new repository fsck option should be enabled (#5817)
  * Request for public keys only if LDAP attribute is set  (#5816)
  * Fix serving of raw wiki files other than .md (#5814)
  * Fix migration 78 error mssql (#5791)
  * Disallow empty titles (#5785)
  * Fix the v78 migration script (#5776)
  * Ensure valid git author names passed in signatures (#5774)
  * Fix wrong assumption where a user is always said to have unassigned (her)himself (#5769)
  * Upgrade go-sql-driver/mysql to fix invalid connection error (#5748)
  * Fixing PostgreSQL dump creation (#5747)
  * Add proper CORS preflight origin validation (#5740)
  * Disable auto-migrate in docker container (#5730)
  * In basic auth check for tokens before call UserSignIn (#5725)
  * Pooled and buffered gzip implementation (#5722)
  * Ensure that sessions are passed into queries that could use the database to prevent deadlocks (#5718)
  * Keep file permissions during database migration (#5707)
  * Use correct value for "MSpan Structures Obtained" #4742 (#5706)
  * Refactor editor upload, update and delete to use git plumbing and add LFS support (#5702)
  * Update xorm to fix issue #5659 and #5651 (#5680)
  * Fix public will not be reused as public key after deleting as deploy key (#5671)
  * When redirecting, clean the path (#5669)
  * Don't list an issue on its own dependency list UI. (#5658)
  * Fix commit page showing status for current default branch (#5649) (#5650)
  * Only count users own actions for heatmap contributions (#5647)
  * Fix sqlite deadlock when assigning to a PR (#5640)
  * Refactor issue indexer (#5363)
* TESTING
  * Run benchmark at tag to track performances (#6035)
  * Add test environment for MySQL8 (#5234)
* BUILD
  * Use go 1.12 for tests and deprecate go 1.9 (#6186)
  * Makefile changes for Windows and easier development (#6103)
  * Update bleve dependency to latest master revision (#6100)
  * Switch to more recent build of xgo (#6070)
  * Add autoprefixer to css build (#6029)
  * Update the version of less (#6010)
  * Make log mailer for testing (#5893)
* DOCS
  * Add more tests and docs for issue indexer, add db indexer type for searching from database (#6144)
  * update default value of `--must-change-password` cli flag (#6032)
  * Update and expand information about building Gitea (#6019)
  * Update U2F Section of app.ini.sample (#5994)
  * Update swagger for release API pagination (#5841)
  * Added docs for the tree api (#5834)
* MISC
  * Add single commit API support (#5843)
  * Add missing GET teams endpoints (#5382)
  * Migrate database if app.ini found (#5290)

v1.9.0-dev

* SECURITY
  * Fix potential XSS vulnerability in repository description. (#6306) (#6308)
* BUGFIXES
  * Fix wrong release commit id (#6224) (#6300)
  * Fix panic on empty signed commits (#6292) (#6300)
  * Fix organization dropdown not being scrollable when using mouse wheel (#5988) (#6246)
  * Fix displaying dashboard even if required to change password (#6214) (#6215)

* BUGFIXES
  * Fix server 500 when trying to migrate to an already existing repository (#6188) (#6197)
  * Load Issue attributes for API /repos/{owner}/{repo}/issues/{index} (#6122) (#6185)
  * Fix bug whereby user could change private repository to public when force private enabled. (#6156) (#6165)
  * Fix bug when update owner team then visit team's repo return 404 (#6119) (#6166)
  * Fix heatmap and repository menu display in Internet Explorer 9+ (#6117) (#6137)
  * Fix prohibit login check on authorization (#6106) (#6115)
  * Fix LDAP protocol error regression by moving to ldap.v3 (#6105) (#6107)
  * Fix deadlock in webhook PullRequest (#6102) (#6104)
  * Fix redirect loop when password change is required and Gitea is installed as a suburl (#5965) (#6101)
  * Fix compare button regression (#5929) (#6098)
  * Recover panic in orgmode.Render if bad orgfile (#4982) (#5903) (#6097)

* BUGFIXES
  * Remove all CommitStatus when a repo is deleted (#5940) (#5941)
  * Fix notifications on pushing with deploy keys by setting hook environment variables (#5935) (#5944)
  * Silence console logger in gitea serv (#5887) (#5943)
  * Handle milestone webhook events for issues and PR (#5947) (#5955)
  * Show user who created the repository instead of the organization in action feed (#5948) (#5956)
  * Fix ssh deploy and user key constraints (#1357) (#5939) (#5966)
  * Fix bug when deleting a linked account will removed all (#5989) (#5990)
  * Fix empty ssh key importing in ldap (#5984) (#6009)
  * Fix metrics auth token detection (#6006) (#6017)
  * Create repository on organisation by default on its dashboard (#6026) (#6048)
  * Make sure labels are actually returned in API (#6053) (#6059)
  * Switch to more recent build of xgo (#6070) (#6072)
  * In basic auth check for tokens before call UserSignIn (#5725) (#6083)

* SECURITY
  * Disable redirect for i18n (#5910) (#5916)
  * Only allow local login if password is non-empty (#5906) (#5908)
  * Fix go-get URL generation (#5905) (#5907)
* BUGFIXES
  * Fix TLS errors when using acme/autocert for local connections (#5820) (#5826)
  * Request for public keys only if LDAP attribute is set (#5816) (#5819)
  * Fix delete correct temp directory (#5840) (#5839)
  * Fix an error while adding a dependency via UI (#5862) (#5876)
  * Fix null pointer in attempt to Sudo if not logged in (#5872) (#5884)
  * When creating new repository fsck option should be enabled (#5817) (#5885)
  * Prevent nil dereference in mailIssueCommentToParticipants (#5891) (#5895) (#5894)
  * Fix bug when read public repo lfs file (#5913) (#5912)
  * Respect value of REQUIRE_SIGNIN_VIEW (#5901) (#5915)
  * Fix compare button on upstream repo leading to 404 (#5877) (#5914)
* DOCS
  * Added docs for the tree api (#5835)
* MISC
  * Include Go toolchain to --version (#5832) (#5830)

* SECURITY
  * Do not display the raw OpenID error in the UI (#5705) (#5712)
  * When redirecting clean the path to avoid redirecting to external site (#5669) (#5679)
  * Prevent DeleteFilePost doing arbitrary deletion (#5631)
* BREAKING
  * Restrict permission check on repositories and fix some problems (#5314)
  * Show only opened milestones on issues page milestone filter (#5051)
* FEATURE
  * Implement git refs API for listing references (branches, tags and other) (#5354)
  * Approvals at Branch Protection (#5350)
  * Add raw blob endpoint to get objects by SHA ID (#5334)
  * Add api for user to create org (#5268)
  * Create AuthorizedKeysCommand (#5236)
  * User action heatmap (#5131)
  * Refactor heatmap to vue component (#5401)
  * Webhook for Pull Request approval/rejection (#5027)
  * Add command for migrating database (#4954)
  * Search keyword by splitting provided values by , (#4939)
  * Create Progressive Web App (#4730)
  * Give user a link to create PR after push (#4716)
  * Add rebase with merge commit merge style (#3844) (#4052)
* BUGFIXES
  * Disallow empty titles (#5785) (#5794)
  * Fix sqlite deadlock when assigning to a PR (#5640) (#5642)
  * Don't close issues via commits on non-default branch. (#5622) (#5643)
  * Fix commit page showing status for current default branch (#5650) (#5653)
  * Only count users own actions for heatmap contributions (#5647) (#5655)
  * Update xorm to fix issue postgresql dumping issues (#5680) (#5692)
  * Use correct value for "MSpan Structures Obtained" (#5706) (#5716)
  * Fix bug on modifying sshd username (#5624)
  * Delete tags in mirror which are removed for original repo. (#5609)
  * Fix wrong text getting saved on editing second comment on an issue. (#5608)
  * Fix nil pointer when adding a due date  (#5587)
  * Fix type mismatch of format string (#5574)
  * Fix bug on upload file name (#5571)
  * Issue is not overdue when it is on the same date #5566 (#5568)
  * Fix indexer reindex bug when gitea restart (#5563)
  * Fix table name typo on SQL (#5562)
  * Synchronize SSH keys on login with LDAP + Fix SQLite deadlock on ldap ssh key deletion (#5557)
  * Fix makefile generate buildstep (#5556)
  * Fix nil pointer base branch bug (#5555)
  * Fix permission check on api create org (#5523)
  * Fix detect force push failure on deletion of protected branches (#5522)
  * Fix approvals limitation (#5521)
  * Fix bug when a read perm user to edit his issue (#5516)
  * Fix adding reaction fail for read permission user (#5515)
  * Fixing MSSQL timestamp type (#5511)
  * Fix forgot deletion of notification when delete repository (#5506)
  * Fix empty wiki (#5504)
  * Fix clone wiki failed via ssh (#5503)
  * Fix code review on mssql (#5502)
  * Fix lfs version check warning log when using ssh protocol (#5501)
  * Fix topic name length on database (#5493)
  * Ensure that the `closed_at` is set for closed issues (#5449)
  * Admin should be able to delete repos via the API even if he is not a member of the organization (#5443)
  * Word-Break the WebHook url to prevent a ui-break (#5432)
  * Fix forgot removed records when deleting user (#5429)
  * Fix repository deletion when there is large number of issues in it (#5426)
  * Fix heatmap colors for Chrome/Safari (#5421)
  * Fix password variable shadowing (#5405)
  * Fix dependent issue searching when gitea is run in subpath (#5392)
  * Don't force a password change for the admin user when creating an account via cli (#5391)
  * API: '/orgs/:org/repos': return private repos with read access (#5383)
  * Don't send assign webhooks when creating issue (#5365)
  * Removing Labels via EditPullRequest API (#5348)
  * Migration fixes for gogs (0.11.66) to gitea (1.6.0) #5318 (#5341)
  * Fix bug when users have serval teams with different units on different repositories (#5307)
  * Fix U2F if gitea is configured in subpath (#5302)
  * Fix file edit change preview functionality (#5300)
  * Update gitignore list (#5258)
  * Fixed heatmap not working in mssql (#5248)
  * Fixed wrong api request url for instances running in subfolders (#5247)
  * Fix compatibility heatmap with mysql 8 (#5232)
  * Fix data race on migrate repository (#5224)
  * Fix sqlite and mssql lock (#5214)
  * Fix sqlite lock (#5210)
  * Fix: Accept web-command cli flags if web-command is commited (#5200)
  * Fix: Add secret to all webhook's payload where it has been missing (#5199)
  * Fix race on updatesize (#5190)
  * Fix create team, update team missing units (#5188)
  * Fix sqlite lock (#5184 & #5176)
  * Fix showing pull request link when delete a branch (#5166)
  * Fix JSON result of empty array in heatmap data array (#5154)
  * Update build tags for sqlite_unlock notify (#5144)
  * This commit will reduce join star, repo_topic, topic tables on repo search, so that fix extra columns problem on mssql (#5136)
  * Fix deadlock when sqlite (#5118)
  * Add comment replies (#5104)
  * Fix home page template regression (#5102)
  * Fix regex to support optional end line of old section in diff hunk (#5096)
  * LDAP via simple auth separate bind user and search base (#5055)
  * Fix markdown image with link (#4675)
  * Fix to 3819 - Filtering issues by tags on main screen issues (#3824)
* ENHANCEMENT
  * Delete organization endpoint added (#5601)
  * Update Licenses (#5558)
  * Support reverse proxy providing email (#5554)
  * Add git protocol v2 support via SSH on Docker image (#5520)
  * Add tests for api user orgs (#5494)
  * Allow link verification for services like Mastodon (#5481)
  * Improve team members and repositories settings UI (#5457)
  * Remove the required class from optional ssh port in installation page (#5428)
  * Explicitly disable Git credential helper (#5367)
  * Setting Labels via EditPullRequest API (#5347)
  * Implement pasting image from clipboard for browsers that supports that (#5317)
  * Milestone issues and pull requests (#5293)
  * Support envs on external render commands (#5278)
  * Add option to disable automatic mirror syncing. (#5242)
  * Remove unused db init on commands serv, update, hooks (#5225)
  * Serve audio files using HTML5 audio tag (#5221)
  * Pass link prefixes to external markup parsers (#5201)
  * Add AutoHead functionality. (#5186)
  * Fix emojis not showing in commit messages (#5168)
  * Block registration based on email domain (#5157)
  * Update vendor/go-sqlite3 (#5133 & #5162)
  * Update x/net lib (#5169)
  * Show review summary in pull requests (#5132)
  * Use type switch (#5122)
  * Remove duplicated if bodies (#5121)
  * Remove check for negative length (#5120)
  * Make switch more clear (#5119)
  * Use named const instead of a raw string (#5115)
  * Fix issue where ecdsa and other key types are not synced from LDAP (#5092) (#5094)
  * Refactor: err != nil check, just return error instead (#5093)
  * Add notification interface and refactor UI notifications (#5085)
  * Use APP_NAME on home page (#5048)
  * Explicitly decide whether to  use TLS in mailer's configuration (#5024)
  * Generate random password (#5023)
  * UX of link account (Step 1) (#5006)
  * Make sure argsSet verifies string isn't empty too (#4980)
  * Improve performance of dashboard (#4977)
  * Keys API changes (#4960)
  * Add must-change-password flag to cli for creating a user (#4955)
  * Use native go method to get current user rather than environment variable (#4930)
  * Make gitea serv use api/internal (#4886)
  * Add support for search by uid (#4876)
  * Allow to add organization members as collaborators on organization owned repositories (#4748)
* TESTING
  * Kill testing processes if the test takes too long (#5174)
  * Update outdated Go toolchain version for .drone.yml (#5146)
  * Increase the retry limit to 20 times and the interval to 200ms (#5134)
  * Retry test-fixtures loading in case of transaction rollback (#5125)
  * Added test environment for mssql (#4282)
* BUILD
  * Replace lint to revive (#5422)
  * Update golang version in Dockerfile (#5246)
* DOCS
  * Typo in routers/api/v1/org/org.go fixed. (#5598)
  * Update the docs for sqlite_unlock_notify (#5145)
  * CN translation of docs part (#5049)
  * Kubernetes deployment file (#5046)
* MISC
  * Upgrade alpine to 3.8 (#5423)
  * Git-Trees API (#5403)
  * Only chown directories during docker setup if necessary. Fix #4425 (#5064)

* SECURITY
  * Do not display the raw OpenID error in the UI (#5705) (#5712)
  * When redirecting clean the path to avoid redirecting to external site (#5669) (#5679)
* BUGFIX
  * Fix sqlite deadlock when assigning to a PR (#5640) (#5642)
  * Don't close issues via commits on non-default branch. (#5622) (#5643)
  * Fix commit page showing status for current default branch (#5650) (#5653)
  * Only count users own actions for heatmap contributions (#5647) (#5655)
  * Update xorm to fix issue postgresql dumping issues (#5680) (#5692)
  * Use correct value for "MSpan Structures Obtained" (#5706) (#5716)

* BUGFIX
  * Fix SSH key now can be reused as public key after deleting as deploy key (#5671) (#5685)
  * When redirecting clean the path to avoid redirecting to external site (#5669) (#5703)
  * Fix to use correct value for "MSpan Structures Obtained" (#5706) (#5715)

* SECURITY
  * Prevent DeleteFilePost doing arbitrary deletion (#5631)

* SECURITY
  * Prevent DeleteFilePost doing arbitrary deletion (#5631)
* BUGFIX
  * Fix wrong text getting saved on editing second comment on an issue (#5608)

* BREAKING
  * Restrict permission check on repositories and fix some problems (#5314)
  * Show only opened milestones on issues page milestone filter (#5051)
* FEATURE
  * Implement git refs API for listing references (branches, tags and other) (#5354)
  * Approvals at Branch Protection (#5350)
  * Add raw blob endpoint to get objects by SHA ID (#5334)
  * Add api for user to create org (#5268)
  * Create AuthorizedKeysCommand (#5236)
  * User action heatmap (#5131)
  * Refactor heatmap to vue component (#5401)
  * Webhook for Pull Request approval/rejection (#5027)
  * Add command for migrating database (#4954)
  * Search keyword by splitting provided values by , (#4939)
  * Create Progressive Web App (#4730)
  * Give user a link to create PR after push (#4716)
  * Add rebase with merge commit merge style (#3844) (#4052)
* BUGFIXES
  * Fix bug on modifying sshd username (#5624)
  * Delete tags in mirror which are removed for original repo. (#5609)
  * Fix wrong text getting saved on editing second comment on an issue. (#5608)
  * Fix nil pointer when adding a due date  (#5587)
  * Fix type mismatch of format string (#5574)
  * Fix bug on upload file name (#5571)
  * Issue is not overdue when it is on the same date #5566 (#5568)
  * Fix indexer reindex bug when gitea restart (#5563)
  * Fix table name typo on SQL (#5562)
  * Synchronize SSH keys on login with LDAP + Fix SQLite deadlock on ldap ssh key deletion (#5557)
  * Fix makefile generate buildstep (#5556)
  * Fix nil pointer base branch bug (#5555)
  * Fix permission check on api create org (#5523)
  * Fix detect force push failure on deletion of protected branches (#5522)
  * Fix approvals limitation (#5521)
  * Fix bug when a read perm user to edit his issue (#5516)
  * Fix adding reaction fail for read permission user (#5515)
  * Fixing MSSQL timestamp type (#5511)
  * Fix forgot deletion of notification when delete repository (#5506)
  * Fix empty wiki (#5504)
  * Fix clone wiki failed via ssh (#5503)
  * Fix code review on mssql (#5502)
  * Fix lfs version check warning log when using ssh protocol (#5501)
  * Fix topic name length on database (#5493)
  * Ensure that the `closed_at` is set for closed issues (#5449)
  * Admin should be able to delete repos via the API even if he is not a member of the organization (#5443)
  * Word-Break the WebHook url to prevent a ui-break (#5432)
  * Fix forgot removed records when deleting user (#5429)
  * Fix repository deletion when there is large number of issues in it (#5426)
  * Fix heatmap colors for Chrome/Safari (#5421)
  * Fix password variable shadowing (#5405)
  * Fix dependent issue searching when gitea is run in subpath (#5392)
  * Don't force a password change for the admin user when creating an account via cli (#5391)
  * API: '/orgs/:org/repos': return private repos with read access (#5383)
  * Don't send assign webhooks when creating issue (#5365)
  * Removing Labels via EditPullRequest API (#5348)
  * Migration fixes for gogs (0.11.66) to gitea (1.6.0) #5318 (#5341)
  * Fix bug when users have serval teams with different units on different repositories (#5307)
  * Fix U2F if gitea is configured in subpath (#5302)
  * Fix file edit change preview functionality (#5300)
  * Update gitignore list (#5258)
  * Fixed heatmap not working in mssql (#5248)
  * Fixed wrong api request url for instances running in subfolders (#5247)
  * Fix compatibility heatmap with mysql 8 (#5232)
  * Fix data race on migrate repository (#5224)
  * Fix sqlite and mssql lock (#5214)
  * Fix sqlite lock (#5210)
  * Fix: Accept web-command cli flags if web-command is commited (#5200)
  * Fix: Add secret to all webhook's payload where it has been missing (#5199)
  * Fix race on updatesize (#5190)
  * Fix create team, update team missing units (#5188)
  * Fix sqlite lock (#5184 & #5176)
  * Fix showing pull request link when delete a branch (#5166)
  * Fix JSON result of empty array in heatmap data array (#5154)
  * Update build tags for sqlite_unlock notify (#5144)
  * This commit will reduce join star, repo_topic, topic tables on repo search, so that fix extra columns problem on mssql (#5136)
  * Fix deadlock when sqlite (#5118)
  * Add comment replies (#5104)
  * Fix home page template regression (#5102)
  * Fix regex to support optional end line of old section in diff hunk (#5096)
  * LDAP via simple auth separate bind user and search base (#5055)
  * Fix markdown image with link (#4675)
  * Fix to 3819 - Filtering issues by tags on main screen issues (#3824)
* ENHANCEMENT
  * Delete organization endpoint added (#5601)
  * Update Licenses (#5558)
  * Support reverse proxy providing email (#5554)
  * Add git protocol v2 support via SSH on Docker image (#5520)
  * Add tests for api user orgs (#5494)
  * Allow link verification for services like Mastodon (#5481)
  * Improve team members and repositories settings UI (#5457)
  * Remove the required class from optional ssh port in installation page (#5428)
  * Explicitly disable Git credential helper (#5367)
  * Setting Labels via EditPullRequest API (#5347)
  * Implement pasting image from clipboard for browsers that supports that (#5317)
  * Milestone issues and pull requests (#5293)
  * Support envs on external render commands (#5278)
  * Add option to disable automatic mirror syncing. (#5242)
  * Remove unused db init on commands serv, update, hooks (#5225)
  * Serve audio files using HTML5 audio tag (#5221)
  * Pass link prefixes to external markup parsers (#5201)
  * Add AutoHead functionality. (#5186)
  * Fix emojis not showing in commit messages (#5168)
  * Block registration based on email domain (#5157)
  * Update vendor/go-sqlite3 (#5133 & #5162)
  * Update x/net lib (#5169)
  * Show review summary in pull requests (#5132)
  * Use type switch (#5122)
  * Remove duplicated if bodies (#5121)
  * Remove check for negative length (#5120)
  * Make switch more clear (#5119)
  * Use named const instead of a raw string (#5115)
  * Fix issue where ecdsa and other key types are not synced from LDAP (#5092) (#5094)
  * Refactor: err != nil check, just return error instead (#5093)
  * Add notification interface and refactor UI notifications (#5085)
  * Use APP_NAME on home page (#5048)
  * Explicitly decide whether to  use TLS in mailer's configuration (#5024)
  * Generate random password (#5023)
  * UX of link account (Step 1) (#5006)
  * Make sure argsSet verifies string isn't empty too (#4980)
  * Improve performance of dashboard (#4977)
  * Keys API changes (#4960)
  * Add must-change-password flag to cli for creating a user (#4955)
  * Use native go method to get current user rather than environment variable (#4930)
  * Make gitea serv use api/internal (#4886)
  * Add support for search by uid (#4876)
  * Allow to add organization members as collaborators on organization owned repositories (#4748)
* TESTING
  * Kill testing processes if the test takes too long (#5174)
  * Update outdated Go toolchain version for .drone.yml (#5146)
  * Increase the retry limit to 20 times and the interval to 200ms (#5134)
  * Retry test-fixtures loading in case of transaction rollback (#5125)
  * Added test environment for mssql (#4282)
* BUILD
  * Replace lint to revive (#5422)
  * Update golang version in Dockerfile (#5246)
* DOCS
  * Typo in routers/api/v1/org/org.go fixed. (#5598)
  * Update the docs for sqlite_unlock_notify (#5145)
  * CN translation of docs part (#5049)
  * Kubernetes deployment file (#5046)
* MISC
  * Upgrade alpine to 3.8 (#5423)
  * Git-Trees API (#5403)
  * Only chown directories during docker setup if necessary. Fix #4425 (#5064)

* BREAKING
  * Restrict permission check on repositories and fix some problems (#5314)
  * Show only opened milestones on issues page milestone filter (#5051)
* FEATURE
  * Implement git refs API for listing references (branches, tags and other) (#5354)
  * Approvals at Branch Protection (#5350)
  * Add raw blob endpoint to get objects by SHA ID (#5334)
  * Add api for user to create org (#5268)
  * Create AuthorizedKeysCommand (#5236)
  * User action heatmap (#5131)
  * Refactor heatmap to vue component (#5401)
  * Webhook for Pull Request approval/rejection (#5027)
  * Add command for migrating database (#4954)
  * Search keyword by splitting provided values by , (#4939)
  * Create Progressive Web App (#4730)
  * Give user a link to create PR after push (#4716)
  * Add rebase with merge commit merge style (#3844) (#4052)
* BUGFIXES
  * Fix bug on modifying sshd username (#5624)
  * Delete tags in mirror which are removed for original repo. (#5609)
  * Fix wrong text getting saved on editing second comment on an issue. (#5608)
  * Fix nil pointer when adding a due date  (#5587)
  * Fix type mismatch of format string (#5574)
  * Fix bug on upload file name (#5571)
  * Issue is not overdue when it is on the same date #5566 (#5568)
  * Fix indexer reindex bug when gitea restart (#5563)
  * Fix table name typo on SQL (#5562)
  * Synchronize SSH keys on login with LDAP + Fix SQLite deadlock on ldap ssh key deletion (#5557)
  * Fix makefile generate buildstep (#5556)
  * Fix nil pointer base branch bug (#5555)
  * Fix permission check on api create org (#5523)
  * Fix detect force push failure on deletion of protected branches (#5522)
  * Fix approvals limitation (#5521)
  * Fix bug when a read perm user to edit his issue (#5516)
  * Fix adding reaction fail for read permission user (#5515)
  * Fixing MSSQL timestamp type (#5511)
  * Fix forgot deletion of notification when delete repository (#5506)
  * Fix empty wiki (#5504)
  * Fix clone wiki failed via ssh (#5503)
  * Fix code review on mssql (#5502)
  * Fix lfs version check warning log when using ssh protocol (#5501)
  * Fix topic name length on database (#5493)
  * Ensure that the `closed_at` is set for closed issues (#5449)
  * Admin should be able to delete repos via the API even if he is not a member of the organization (#5443)
  * Word-Break the WebHook url to prevent a ui-break (#5432)
  * Fix forgot removed records when deleting user (#5429)
  * Fix repository deletion when there is large number of issues in it (#5426)
  * Fix heatmap colors for Chrome/Safari (#5421)
  * Fix password variable shadowing (#5405)
  * Fix dependent issue searching when gitea is run in subpath (#5392)
  * Don't force a password change for the admin user when creating an account via cli (#5391)
  * API: '/orgs/:org/repos': return private repos with read access (#5383)
  * Don't send assign webhooks when creating issue (#5365)
  * Removing Labels via EditPullRequest API (#5348)
  * Migration fixes for gogs (0.11.66) to gitea (1.6.0) #5318 (#5341)
  * Fix bug when users have serval teams with different units on different repositories (#5307)
  * Fix U2F if gitea is configured in subpath (#5302)
  * Fix file edit change preview functionality (#5300)
  * Update gitignore list (#5258)
  * Fixed heatmap not working in mssql (#5248)
  * Fixed wrong api request url for instances running in subfolders (#5247)
  * Fix compatibility heatmap with mysql 8 (#5232)
  * Fix data race on migrate repository (#5224)
  * Fix sqlite and mssql lock (#5214)
  * Fix sqlite lock (#5210)
  * Fix: Accept web-command cli flags if web-command is commited (#5200)
  * Fix: Add secret to all webhook's payload where it has been missing (#5199)
  * Fix race on updatesize (#5190)
  * Fix create team, update team missing units (#5188)
  * Fix sqlite lock (#5184 & #5176)
  * Fix showing pull request link when delete a branch (#5166)
  * Fix JSON result of empty array in heatmap data array (#5154)
  * Update build tags for sqlite_unlock notify (#5144)
  * This commit will reduce join star, repo_topic, topic tables on repo search, so that fix extra columns problem on mssql (#5136)
  * Fix deadlock when sqlite (#5118)
  * Add comment replies (#5104)
  * Fix home page template regression (#5102)
  * Fix regex to support optional end line of old section in diff hunk (#5096)
  * LDAP via simple auth separate bind user and search base (#5055)
  * Fix markdown image with link (#4675)
  * Fix to 3819 - Filtering issues by tags on main screen issues (#3824)
* ENHANCEMENT
  * Delete organization endpoint added (#5601)
  * Update Licenses (#5558)
  * Support reverse proxy providing email (#5554)
  * Add git protocol v2 support via SSH on Docker image (#5520)
  * Add tests for api user orgs (#5494)
  * Allow link verification for services like Mastodon (#5481)
  * Improve team members and repositories settings UI (#5457)
  * Remove the required class from optional ssh port in installation page (#5428)
  * Explicitly disable Git credential helper (#5367)
  * Setting Labels via EditPullRequest API (#5347)
  * Implement pasting image from clipboard for browsers that supports that (#5317)
  * Milestone issues and pull requests (#5293)
  * Support envs on external render commands (#5278)
  * Add option to disable automatic mirror syncing. (#5242)
  * Remove unused db init on commands serv, update, hooks (#5225)
  * Serve audio files using HTML5 audio tag (#5221)
  * Pass link prefixes to external markup parsers (#5201)
  * Add AutoHead functionality. (#5186)
  * Fix emojis not showing in commit messages (#5168)
  * Block registration based on email domain (#5157)
  * Update vendor/go-sqlite3 (#5133 & #5162)
  * Update x/net lib (#5169)
  * Show review summary in pull requests (#5132)
  * Use type switch (#5122)
  * Remove duplicated if bodies (#5121)
  * Remove check for negative length (#5120)
  * Make switch more clear (#5119)
  * Use named const instead of a raw string (#5115)
  * Fix issue where ecdsa and other key types are not synced from LDAP (#5092) (#5094)
  * Refactor: err != nil check, just return error instead (#5093)
  * Add notification interface and refactor UI notifications (#5085)
  * Use APP_NAME on home page (#5048)
  * Explicitly decide whether to  use TLS in mailer's configuration (#5024)
  * Generate random password (#5023)
  * UX of link account (Step 1) (#5006)
  * Make sure argsSet verifies string isn't empty too (#4980)
  * Improve performance of dashboard (#4977)
  * Keys API changes (#4960)
  * Add must-change-password flag to cli for creating a user (#4955)
  * Use native go method to get current user rather than environment variable (#4930)
  * Make gitea serv use api/internal (#4886)
  * Add support for search by uid (#4876)
  * Allow to add organization members as collaborators on organization owned repositories (#4748)
* TESTING
  * Kill testing processes if the test takes too long (#5174)
  * Update outdated Go toolchain version for .drone.yml (#5146)
  * Increase the retry limit to 20 times and the interval to 200ms (#5134)
  * Retry test-fixtures loading in case of transaction rollback (#5125)
  * Added test environment for mssql (#4282)
* BUILD
  * Replace lint to revive (#5422)
  * Update golang version in Dockerfile (#5246)
* DOCS
  * Typo in routers/api/v1/org/org.go fixed. (#5598)
  * Update the docs for sqlite_unlock_notify (#5145)
  * CN translation of docs part (#5049)
  * Kubernetes deployment file (#5046)
* MISC
  * Upgrade alpine to 3.8 (#5423)
  * Git-Trees API (#5403)
  * Only chown directories during docker setup if necessary. Fix #4425 (#5064)