v1.16.4

* SECURITY
  * Restrict email address validation (#17688) (#19085)
  * Fix lfs bug (#19072) (#19080)
* ENHANCEMENTS
  * Improve SyncMirrors logging (#19045) (#19050)
* BUGFIXES
  * Refactor mirror code & fix `StartToMirror` (#18904) (#19075)
  * Update the webauthn_credential_id_sequence in Postgres (#19048) (#19060)
  * Prevent 500 when there is an error during new auth source post (#19041) (#19059)
  * If rendering has failed due to a net.OpError stop rendering (attempt 2) (#19049) (#19056)
  * Fix flag validation (#19046) (#19051)
  * Add pam account authorization check (#19040) (#19047)
  * Ignore missing comment for user notifications (#18954) (#19043)
  * Set `rel="nofollow noindex"` on new issue links (#19023) (#19042)
  * Upgrading binding package (#19034) (#19035)
  * Don't show context cancelled errors in attribute reader (#19006) (#19027)
  * Fix update hint bug (#18996) (#19002)
* MISC
  *  Fix potential assignee query for repo (#18994) (#18999)
-----BEGIN PGP SIGNATURE-----

iQIzBAABCAAdFiEEtfCRWBNVTDLB1ZnCyZuC5AsCe64FAmIvr1QACgkQyZuC5AsC
e66IaBAA2KeE0B8UqhFtUEV3o3xotNh33BoYVlDf3AB3sdz2jbIoTb7ECnoQWjOU
G7z2aJXPTufsZRytcp5M0ZMySbTsUv7qChBpn0N2aYAuoxTJ9A/KdSYx5ha8Bftb
/eBvvRMfId17b8YdhRdWH7wkS/E8LlfmVpfgHS9ol3Uv0ZTdgrAN0mFVWl8em72N
ZcAmFG1EzbbRrTszp5TuTiLUVrtR5cskCW5uZLjr5TH/m+WqQ67XbiUYZJcGXvpf
jfBYYk2+DIDGWDw/zVW2K7SjaVu3w3AHKSU1lCoo8aWZfu7BGiCZv9rg3pzkXn31
1WzLW5ZhHVaDbU41R04ThBI4P270Pm/ARShwXbD7uj7xfnLjS3sDbCRxoP6Z2HDo
6T+Q4Ch94HB6TYdyaekkldbcAL4qWGBMCQ4mgKyePsf1JW738feX3LudIfCKFtu/
SR7EbxwyVB9aTPQO/06eDAesTumFYxgTDF7xq/YpWVZClyG0GAfFObeu08xzzGqR
jaycf/O/PH9kE/7nvRBlqMvETAYx3Ffn8e9lEs83c2xUmA3QTDfIHtDm8rbTKF33
XlLABsTgsR0SCi9S2rWUvc95cobdaqYqTRW3+Oc/l5jIhWQxH3Z2YD3htbg1MObq
nrntRylcO4k++8AdaPHDlgEIJNGCgCBQ60aBwCXUtXBJt2TaUro=
=DM97
-----END PGP SIGNATURE-----