Trailing slash is actually significant, fixed that and i've now tested
it as well.

Ref: https://github.com/go-gitea/gitea/issues/11839#issuecomment-646203505

* Changelog v1.11.7

* Update CHANGELOG.md

Backport #11925

Use ID or Where to instead directly use Get when load object from database
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>

Fixes: https://github.com/go-gitea/gitea/issues/11839

Backport #11713

* Fix verification of subkeys of default gpg key

Fix #10309
Signed-off-by: Andrew Thornton <art27@cantab.net>

* Remove debug log

* Update models/gpg_key.go

* As per @6543
Signed-off-by: Andrew Thornton <art27@cantab.net>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>

* make it similar to v1.12&master

* workaround from xorm bug

* CI.restart()

It's a backport of #10583 to version 1.11.
Co-authored-by: techknowlogick <techknowlogick@gitea.io>

* Add changelog for 1.11.6

* Update CHANGELOG.md
Co-authored-by: techknowlogick <matti@mdranta.net>

* Update CHANGELOG.md
Co-authored-by: techknowlogick <matti@mdranta.net>

* Apply suggestions from @lafriks

* #11459 is bugfix
Co-authored-by: Guillermo Prandi <guillep2k@users.noreply.github.com>
Co-authored-by: techknowlogick <matti@mdranta.net>

Co-authored-by: Guillermo Prandi <guillep2k@users.noreply.github.com>

Fixes #11651

(cherry picked from commit 02fa329a)

Backports the tracked-time fix from #11111 (part of #11111)

Fixes tracked time errors following repo deletion (#10280) and adds the fix to the default doctor tasks

Previously, we had only set __webpack_public_path__ to a path which
caused webpack chunks to be loaded from the current origin which is
incorrect when STATIC_URL_PREFIX points to another origin.

This should fix the issue curretnly seen on gitea.com.
Co-authored-by: zeripath <art27@cantab.net>
Co-authored-by: Lauris BH <lauris@nix.lv>
Co-authored-by: zeripath <art27@cantab.net>
Co-authored-by: Lauris BH <lauris@nix.lv>

Backport #11574

add API specific InternalServerError()

InternalServerError

Backport #11590

Unfortunately when the virtual session is released it requires that the
real session does not exist. This worked fine when sessions were only
saved at the end of request/response cycle however, now sessions are
saved proactively this does not hold.

The result is a caught panic in the logs during every log-in.  This
panic has no significant side-effects but should not occur.

This PR marks the virtual session as released when released and updates
it if the same session is released again.
Signed-off-by: Andrew Thornton <art27@cantab.net>

Backport of #11596
Signed-off-by: Gary Kim <gary@garykim.dev>

Partial backport of https://github.com/go-gitea/gitea/commit/fd094eea959a235654b7591da066dcbbee11fc25 to 1.11.

Fixes: https://github.com/go-gitea/gitea/issues/11518

* use media links for img in post-process

* do not visit text of anchors

This fixes the error on "Page Revision" page, similar to #10552.

Ensure public repositories in private organizations are visible and fix admin organizations list (#11465) (#11475)

Partial Backport of #11465
Co-authored-by: zeripath <art27@cantab.net>

* Allow all members of private orgs to see public repos (#11442)

Backport (#11442)

Allow all members of private orgs to see public repos

Fix #10144
Signed-off-by: Andrew Thornton <art27@cantab.net>

* Update models/repo_list.go

* Oops missed the repos we own!
Signed-off-by: Andrew Thornton <art27@cantab.net>

The content_type value was defaulting to the string value of the
ContentType, not the integer value as expected by the backend.
Co-authored-by: Jeff Stein <jeff@jeffvstein.org>

Whenever the ctx.Session is updated, release it to save it before sending the redirect (#11456) (#11457)
Signed-off-by: Andrew Thornton <art27@cantab.net>
Co-authored-by: Lauris BH <lauris@nix.lv>
Co-authored-by: Lauris BH <lauris@nix.lv>

Backport #11447
Signed-off-by: Andrew Thornton <art27@cantab.net>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>

Co-authored-by: Guillermo Prandi <guillep2k@users.noreply.github.com>

* Update Changelog for 1.11.5

* bumb version in docs

* Update CHANGELOG.md
Co-authored-by: zeripath <art27@cantab.net>

Backport #11349 

* Fix tracked time issues (#11349)

* Fix nil exeption: #11313

* fix 500

* activate test 



* move logic

* Add missing import
Co-authored-by: 6543 <6543@obermui.de>
Co-authored-by: Guillermo Prandi <guillep2k@users.noreply.github.com>

Thanks to @simon-on-gh for tracking down the issue.

Fix #11200
Signed-off-by: Andrew Thornton <art27@cantab.net>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>

There is a potential memory leak in `Workerpool` due to the intricacies of
`time.Timer` stopping.

Whenever a `time.Timer` is `Stop`ped its channel must be cleared using a
`select` if the result of the `Stop()` is `false`.

Unfortunately in `Workerpool` these were checked the wrong way round.

However, there were a few other places that were not being checked.
Signed-off-by: Andrew Thornton <art27@cantab.net>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Changelog v1.11.5

* Apply suggestions from code review
Co-authored-by: guillep2k <18600385+guillep2k@users.noreply.github.com>
Co-authored-by: zeripath <art27@cantab.net>
Co-authored-by: guillep2k <18600385+guillep2k@users.noreply.github.com>

Backport #11303 

Prevent multiple listings of organization when creating a repository (#11303)

prevent double entries in results of GetOrgsCanCreateRepoByUserID

I first try to only add GroupBy directly but xorm return broken user objects ...

... solution was to just query related UserIDs(OrgIDs) first and return OrgUsers based on this IDs

close #11258
Co-authored-by: zeripath <art27@cantab.net>

* Manage port in submodule refurl

Fix #11304
Signed-off-by: Andrew Thornton <art27@cantab.net>

* fix lint
Signed-off-by: Andrew Thornton <art27@cantab.net>

* URLJoin is causes a cyclic dependency and possibly isn't what what we want anyway
Signed-off-by: Andrew Thornton <art27@cantab.net>

* Protect against leading .. in scp syntax
Signed-off-by: Andrew Thornton <art27@cantab.net>
Co-authored-by: Lauris BH <lauris@nix.lv>
Co-authored-by: Lauris BH <lauris@nix.lv>

There is an unfortunate signature change with the api.Context
NotFound function; whereas the normal modules/context/Context
NotFound function requires an error or nil, the api.Context
variant will panic with an NPE if a nil is provided.

This PR will allow api.Context.NotFound to tolerate a being
passed a nil.
Signed-off-by: Andrew Thornton <art27@cantab.net>
Co-authored-by: Lauris BH <lauris@nix.lv>

Fix #10525
Signed-off-by: Andrew Thornton <art27@cantab.net>
Co-authored-by: guillep2k <18600385+guillep2k@users.noreply.github.com>

Previously, this required authentication, but there's not actually
any privileged information on this page.  Move the endpoint out of
the group that requires sign-in.  It still requires the ability to
read issues and pull requests, so private repositories (for instance)
will not be exposed.

Fixes #10312 
Fixes #11233
Co-authored-by: guillep2k <18600385+guillep2k@users.noreply.github.com>

Backport #11098

Fix #11002
Signed-off-by: Andrew Thornton <art27@cantab.net>