* SECURITY * Prevent git operations for inactive users (#13527) (#13537) * Disallow urlencoded new lines in git protocol paths if there is a port (#13521) (#13525) * BUGFIXES * API should only return Json (#13511) (#13564) * Fix before and since query arguments at API (#13559) (#13560) * Prevent panic on git blame by limiting lines to 4096 bytes at most (#13470) (#13492) * Fix link detection in repository description with tailing '_' (#13407) (#13408) * Remove obsolete change of email on profile page (#13341) (#13348) * Fix permission check on get Reactions API endpoints (#13344) (#13346) * Add migrated pulls to pull request task queue (#13331) (#13335) * API deny wrong pull creation options (#13308) (#13327) * Fix initial commit page & binary munching problem (#13249) (#13259) * Fix diff parsing (#13157) (#13136) (#13139) * Return error 404 not 500 from API if team does not exist (#13118) (#13119) * Prohibit automatic downgrades (#13108) (#13111) * Fix GitLab Migration Option AuthToken (#13101) * GitLab Label Color Normalizer (#12793) (#13100) * Log the underlying panic in runMigrateTask (#13096) (#13098) * Fix attachments list in edit comment (#13036) (#13097) * Fix deadlock when deleting team user (#13093) * Fix error create comment on outdated file (#13041) (#13042) * Fix repository create/delete event webhooks (#13008) (#13027) * Fix internal server error on README in submodule (#13006) (#13016)