* SECURITY * Check that repositories can only be migrated to own user or organizations (#4366) (#4370) * Limit uploaded avatar image-size to 4096px x 3072px by default (#4353) * Do not allow to reuse TOTP passcode (#3878) * BUGFIXES * Fix column droping for MSSQL that need new transaction for that (#4440) (#4484) * Redirect to correct page after using scratch token (#4458) (#4472) * Replace src with raw to fix image paths (#4377) (#4386) * Fixes repo membership check in API (#4341) (#4379) * Add default merge options when adding new repository (#4369) (#4373) * Fix repository last updated time update when delete a user who watched the repo (#4363) (#4371) * Fix html entity escaping in branch deletion message (#4471) (#4485) * Fix out-of-transaction query in removeOrgUser (#4521) (#4524) * Fix incorrect MergeWhitelistTeamIDs check in CanUserMerge function (#4519) * Fix panic issue on update avatar email (#4580) (#4590) * Fix bugs when too many IN variables (#4594) (#4597) * Push whitelist now doesn't apply to branch deletion (#4601) (#4640) * Site admin could create repos even MAX_CREATION_LIMIT=0 (#4645) (#4650) * FEATURE * Add cli commands to regen hooks & keys (#3979) * Add support for FIDO U2F (#3971) * Added user language setting (#3875) * LDAP Public SSH Keys synchronization (#1844) * Add topic support (#3711) * Multiple assignees (#3705) * Add protected branch whitelists for merging (#3689) * Global code search support (#3664) * Add label descriptions (#3662) * Add issue search via API (#3612) * Add repository setting to enable/disable health checks (#3607) * Emoji Autocomplete (#3433) * Implements generator cli for secrets (#3531) * ENHANCEMENT * Add more webhooks support and refactor webhook templates directory (#3929) * Add new option to allow only OAuth2/OpenID user registration (#3910) * Add option to use paged LDAP search when synchronizing users (#3895) * Symlink icons (#1416) * Improve release page UI (#3693) * Add admin dashboard option to run health checks (#3606) * Add branch link in branch list (#3576) * Reduce sql query times in retrieveFeeds (#3547) * Option to enable or disable swagger endpoints (#3502) * Add missing licenses (#3497) * Reduce repo indexer disk usage (#3452) * Enable caching on assets and avatars (#3376) * Add repository search ordered by stars/forks. Forks column in admin repo list (#3969) * Add Environment Variables to Docker template (#4012) * LFS: make HTTP auth period configurable (#4035) * Add config path as an optionial flag when changing pass via CLI (#4184) * Refactor User Settings sections (#3900) * Allow square brackets in external issue patterns (#3408) * Add Attachment API (#3478) * Add EnableTimetracking option to app settings (#3719) * Add config option to enable or disable log executed SQL (#3726) * Shows total tracked time in issue and milestone list (#3341) * TRANSLATION * Improve English grammar and consistency (#3614) * DEPLOYMENT * Allow Gitea to run as different USER in Docker (#3961) * Provide compressed release binaries (#3991) * Sign release binaries (#4188)