diff --git a/CHANGELOG.md b/CHANGELOG.md
index a0f90ebca6..8d68f180c8 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -1,5 +1,6 @@
 # Table of Contents
 
+* [Changelog for unreleased](#changelog-for-unreleased-unreleased)
 * [Changelog for 5.0.0-rc.3](#changelog-for-500-rc3-2024-01-26)
 * [Changelog for 4.0.4](#changelog-for-404-2023-12-07)
 * [Changelog for 4.0.3](#changelog-for-403-2023-11-24)
@@ -31,6 +32,54 @@
 * [Changelog for 1.1.0](#changelog-for-110-2021-01-22)
 * [Changelog for 1.0.0](#changelog-for-100-2020-12-17)
 
+# Changelog for [unreleased] (UNRELEASED)
+
+The following sections list the changes for unreleased.
+
+[unreleased]: https://github.com/owncloud/ocis/compare/v5.0.0-rc.3...master
+
+## Summary
+
+* Bugfix - Remove invalid environment variables: [#8303](https://github.com/owncloud/ocis/pull/8303)
+* Bugfix - Fix concurrent shares config: [#8317](https://github.com/owncloud/ocis/pull/8317)
+* Enhancement - Support login page background configuration: [#7674](https://github.com/owncloud/ocis/issues/7674)
+* Enhancement - Modify the concurrency default: [#8309](https://github.com/owncloud/ocis/pull/8309)
+
+## Details
+
+* Bugfix - Remove invalid environment variables: [#8303](https://github.com/owncloud/ocis/pull/8303)
+
+   We have removed two spaces related environment variables (whether project spaces
+   and the share jail are enabled) and hardcoded the only allowed options. Misusing
+   those variables would have resulted in invalid config.
+
+   https://github.com/owncloud/ocis/pull/8303
+
+* Bugfix - Fix concurrent shares config: [#8317](https://github.com/owncloud/ocis/pull/8317)
+
+   We fixed setting the config for concurrent web requests, which did not work as
+   expected before.
+
+   https://github.com/owncloud/ocis/pull/8317
+
+* Enhancement - Support login page background configuration: [#7674](https://github.com/owncloud/ocis/issues/7674)
+
+   Introduce a new environment variable `IDP_LOGIN_BACKGROUND_URL` that overrides
+   the default background image of the IDP login page when present.
+
+   https://github.com/owncloud/ocis/issues/7674
+   https://github.com/owncloud/ocis/pull/7900
+
+* Enhancement - Modify the concurrency default: [#8309](https://github.com/owncloud/ocis/pull/8309)
+
+   We have changed the default MaxConcurrency value from 100 to 5 to prevent too
+   frequent gc runs on low memory systems. We have also bumped reva to pull in the
+   related changes from there.
+
+   https://github.com/owncloud/ocis/issues/8257
+   https://github.com/owncloud/ocis/pull/8309
+   https://github.com/cs3org/reva/pull/4485
+
 # Changelog for [5.0.0-rc.3] (2024-01-26)
 
 The following sections list the changes for 5.0.0-rc.3.
@@ -155,9 +204,9 @@ The following sections list the changes for 5.0.0-rc.3.
 * Enhancement - Update antivirus service: [#8062](https://github.com/owncloud/ocis/pull/8062)
 * Enhancement - Remove deprecated environment variables: [#8149](https://github.com/owncloud/ocis/pull/8149)
 * Enhancement - Disable the password policy: [#8152](https://github.com/owncloud/ocis/pull/8152)
-* Enhancement - Update web to v8.0.0-rc.2: [#8154](https://github.com/owncloud/ocis/pull/8154)
 * Enhancement - Update reva to latest edge version: [#8287](https://github.com/owncloud/ocis/pull/8287)
 * Enhancement - Allow restarting multiple uploads with one command: [#8287](https://github.com/owncloud/ocis/pull/8287)
+* Enhancement - Update web to v8.0.0-rc.3: [#8342](https://github.com/owncloud/ocis/pull/8342)
 
 ## Details
 
@@ -1243,10 +1292,170 @@ The following sections list the changes for 5.0.0-rc.3.
    https://github.com/owncloud/ocis/pull/8152
    https://github.com/cs3org/reva/pull/4453
 
-* Enhancement - Update web to v8.0.0-rc.2: [#8154](https://github.com/owncloud/ocis/pull/8154)
+* Enhancement - Update reva to latest edge version: [#8287](https://github.com/owncloud/ocis/pull/8287)
+
+   We update reva to the latest edge version to get the latest fixes and features.
+
+   ## Changelog for reva edge
+
+  *   Bugfix [cs3org/reva#4454](https://github.com/cs3org/reva/pull/4454): Skip unnecessary share retrieval
+  *   Bugfix [cs3org/reva#4461](https://github.com/cs3org/reva/pull/4461): CORS handling for WebDAV requests fixed
+  *   Bugfix [cs3org/reva#4462](https://github.com/cs3org/reva/pull/4462): Prevent setting container specific permissions on files
+  *   Bugfix [cs3org/reva#4463](https://github.com/cs3org/reva/pull/4463): Fix the resource name
+  *   Bugfix [cs3org/reva#4466](https://github.com/cs3org/reva/pull/4466): Fix natsjskv store
+  *   Bugfix [cs3org/reva#4469](https://github.com/cs3org/reva/pull/4469): Handle interrupted uploads
+  *   Bugfix [cs3org/reva#4472](https://github.com/cs3org/reva/pull/4472): Fix concurrent access to a map
+  *   Bugfix [cs3org/reva#4473](https://github.com/cs3org/reva/pull/4473): Decomposedfs now correctly lists sessions
+  *   Bugfix [cs3org/reva#4474](https://github.com/cs3org/reva/pull/4474): Make /dav/meta consistent
+  *   Bugfix [cs3org/reva#4475](https://github.com/cs3org/reva/pull/4475): Upload session specific processing flag
+  *   Bugfix [cs3org/reva#4476](https://github.com/cs3org/reva/pull/4476): No need to unmark postprocessing when it was not started
+  *   Bugfix [cs3org/reva#4479](https://github.com/cs3org/reva/pull/4479): Fix creating documents in the approvider
+  *   Bugfix [cs3org/reva#4481](https://github.com/cs3org/reva/pull/4481): Distinguish failure and node metadata reversal
+  *   Bugfix [cs3org/reva#4434](https://github.com/cs3org/reva/pull/4434): Fix the upload postprocessing
+  *   Bugfix [cs3org/reva#4443](https://github.com/cs3org/reva/pull/4443): Fixed wrong status code when moving a file to a denied path
+  *   Bugfix [cs3org/reva#4446](https://github.com/cs3org/reva/pull/4446): Disallow to delete a file during the processing
+  *   Bugfix [cs3org/reva#4448](https://github.com/cs3org/reva/pull/4448): Fix truncating existing files
+  *   Bugfix [cs3org/reva#4449](https://github.com/cs3org/reva/pull/4449): Keep failed processing status
+  *   Bugfix [cs3org/reva#4452](https://github.com/cs3org/reva/pull/4452): More efficient share jail
+  *   Bugfix [cs3org/reva#4456](https://github.com/cs3org/reva/pull/4456): Do not lose revisions when restoring the first revision
+  *   Bugfix [cs3org/reva#4457](https://github.com/cs3org/reva/pull/4457): Fix concurrent map access in sharecache
+  *   Enhancement [cs3org/reva#4453](https://github.com/cs3org/reva/pull/4453): Disable the password policy
+  *   Enhancement [cs3org/reva#4477](https://github.com/cs3org/reva/pull/4477): Extend ResumePostprocessing event
+
+   ## Changelog for reva 2.18.0 (2023-12-22)
+
+   The following sections list the changes in reva 2.18.0 relevant to reva users.
+   The changes are ordered by importance.
+
+  *   Bugfix [cs3org/reva#4424](https://github.com/cs3org/reva/pull/4424): Fixed panic in receivedsharecache pkg
+  *   Bugfix [cs3org/reva#4425](https://github.com/cs3org/reva/pull/4425): Fix overwriting files with empty files
+  *   Bugfix [cs3org/reva#4432](https://github.com/cs3org/reva/pull/4432): Fix /dav/meta endpoint for shares
+  *   Bugfix [cs3org/reva#4422](https://github.com/cs3org/reva/pull/4422): Fix disconnected traces
+  *   Bugfix [cs3org/reva#4429](https://github.com/cs3org/reva/pull/4429): Internal link creation
+  *   Bugfix [cs3org/reva#4407](https://github.com/cs3org/reva/pull/4407): Make ocdav return correct oc:spaceid
+  *   Bugfix [cs3org/reva#4410](https://github.com/cs3org/reva/pull/4410): Improve OCM support
+  *   Bugfix [cs3org/reva#4402](https://github.com/cs3org/reva/pull/4402): Refactor upload session
+  *   Enhancement [cs3org/reva#4421](https://github.com/cs3org/reva/pull/4421): Check permissions before adding, deleting or updating shares
+  *   Enhancement [cs3org/reva#4403](https://github.com/cs3org/reva/pull/4403): Add validation to update public share
+  *   Enhancement [cs3org/reva#4409](https://github.com/cs3org/reva/pull/4409): Disable the password policy
+  *   Enhancement [cs3org/reva#4412](https://github.com/cs3org/reva/pull/4412): Allow authentication for nats connections
+  *   Enhancement [cs3org/reva#4411](https://github.com/cs3org/reva/pull/4411): Add option to configure streams non durable
+  *   Enhancement [cs3org/reva#4406](https://github.com/cs3org/reva/pull/4406): Rework cache configuration
+  *   Enhancement [cs3org/reva#4414](https://github.com/cs3org/reva/pull/4414): Track more upload session metrics
+
+   ## Changelog for reva 2.17.0 (2023-12-12)
+
+   The following sections list the changes in reva 2.17.0 relevant to reva users.
+   The changes are ordered by importance.
+
+  *   Bugfix [cs3org/reva#4278](https://github.com/cs3org/reva/pull/4278): Disable DEPTH infinity in PROPFIND
+  *   Bugfix [cs3org/reva#4318](https://github.com/cs3org/reva/pull/4318): Do not allow moves between shares
+  *   Bugfix [cs3org/reva#4290](https://github.com/cs3org/reva/pull/4290): Prevent panic when trying to move a non-existent file
+  *   Bugfix [cs3org/reva#4241](https://github.com/cs3org/reva/pull/4241): Allow an empty credentials chain in the auth middleware
+  *   Bugfix [cs3org/reva#4216](https://github.com/cs3org/reva/pull/4216): Fix an error message
+  *   Bugfix [cs3org/reva#4324](https://github.com/cs3org/reva/pull/4324): Fix capabilities decoding
+  *   Bugfix [cs3org/reva#4267](https://github.com/cs3org/reva/pull/4267): Fix concurrency issue
+  *   Bugfix [cs3org/reva#4362](https://github.com/cs3org/reva/pull/4362): Fix concurrent lookup
+  *   Bugfix [cs3org/reva#4336](https://github.com/cs3org/reva/pull/4336): Fix definition of "file-editor" role
+  *   Bugfix [cs3org/reva#4302](https://github.com/cs3org/reva/pull/4302): Fix checking of filename length
+  *   Bugfix [cs3org/reva#4366](https://github.com/cs3org/reva/pull/4366): Fix CS3 status code when looking up non existing share
+  *   Bugfix [cs3org/reva#4299](https://github.com/cs3org/reva/pull/4299): Fix HTTP verb of the generate-invite endpoint
+  *   Bugfix [cs3org/reva#4249](https://github.com/cs3org/reva/pull/4249): GetUserByClaim not working with MSAD for claim "userid"
+  *   Bugfix [cs3org/reva#4217](https://github.com/cs3org/reva/pull/4217): Fix missing case for "hide" in UpdateShares
+  *   Bugfix [cs3org/reva#4140](https://github.com/cs3org/reva/pull/4140): Fix missing etag in shares jail
+  *   Bugfix [cs3org/reva#4229](https://github.com/cs3org/reva/pull/4229): Fix destroying the Personal and Project spaces data
+  *   Bugfix [cs3org/reva#4193](https://github.com/cs3org/reva/pull/4193): Fix overwrite a file with an empty file
+  *   Bugfix [cs3org/reva#4365](https://github.com/cs3org/reva/pull/4365): Fix create public share
+  *   Bugfix [cs3org/reva#4380](https://github.com/cs3org/reva/pull/4380): Fix the public link update
+  *   Bugfix [cs3org/reva#4250](https://github.com/cs3org/reva/pull/4250): Fix race condition
+  *   Bugfix [cs3org/reva#4345](https://github.com/cs3org/reva/pull/4345): Fix conversion of custom ocs permissions to roles
+  *   Bugfix [cs3org/reva#4134](https://github.com/cs3org/reva/pull/4134): Fix share jail
+  *   Bugfix [cs3org/reva#4335](https://github.com/cs3org/reva/pull/4335): Fix public shares cleanup config
+  *   Bugfix [cs3org/reva#4338](https://github.com/cs3org/reva/pull/4338): Fix unlock via space API
+  *   Bugfix [cs3org/reva#4341](https://github.com/cs3org/reva/pull/4341): Fix spaceID in meta endpoint response
+  *   Bugfix [cs3org/reva#4351](https://github.com/cs3org/reva/pull/4351): Fix 500 when open public link
+  *   Bugfix [cs3org/reva#4352](https://github.com/cs3org/reva/pull/4352): Fix the tgz mime type
+  *   Bugfix [cs3org/reva#4388](https://github.com/cs3org/reva/pull/4388): Allow UpdateUserShare() to update just the expiration date
+  *   Bugfix [cs3org/reva#4214](https://github.com/cs3org/reva/pull/4214): Always pass adjusted default nats options
+  *   Bugfix [cs3org/reva#4291](https://github.com/cs3org/reva/pull/4291): Release lock when expired
+  *   Bugfix [cs3org/reva#4386](https://github.com/cs3org/reva/pull/4386): Remove dead enable_home config
+  *   Bugfix [cs3org/reva#4292](https://github.com/cs3org/reva/pull/4292): Return 403 when user is not permitted to lock
+  *   Enhancement [cs3org/reva#4389](https://github.com/cs3org/reva/pull/4389): Add audio and location props
+  *   Enhancement [cs3org/reva#4337](https://github.com/cs3org/reva/pull/4337): Check permissions before creating shares
+  *   Enhancement [cs3org/reva#4326](https://github.com/cs3org/reva/pull/4326): Add search mediatype filter
+  *   Enhancement [cs3org/reva#4367](https://github.com/cs3org/reva/pull/4367): Add GGS mime type
+  *   Enhancement [cs3org/reva#4194](https://github.com/cs3org/reva/pull/4194): Add hide flag to shares
+  *   Enhancement [cs3org/reva#4358](https://github.com/cs3org/reva/pull/4358): Add default permissions capability for links
+  *   Enhancement [cs3org/reva#4133](https://github.com/cs3org/reva/pull/4133): Add more metadata to locks
+  *   Enhancement [cs3org/reva#4353](https://github.com/cs3org/reva/pull/4353): Add support for .docxf files
+  *   Enhancement [cs3org/reva#4363](https://github.com/cs3org/reva/pull/4363): Add nats-js-kv store
+  *   Enhancement [cs3org/reva#4197](https://github.com/cs3org/reva/pull/4197): Add the Banned-Passwords List
+  *   Enhancement [cs3org/reva#4190](https://github.com/cs3org/reva/pull/4190): Add the password policies
+  *   Enhancement [cs3org/reva#4384](https://github.com/cs3org/reva/pull/4384): Add a retry postprocessing outcome and event
+  *   Enhancement [cs3org/reva#4271](https://github.com/cs3org/reva/pull/4271): Add search capability
+  *   Enhancement [cs3org/reva#4119](https://github.com/cs3org/reva/pull/4119): Add sse event
+  *   Enhancement [cs3org/reva#4392](https://github.com/cs3org/reva/pull/4392): Add additional permissions to service accounts
+  *   Enhancement [cs3org/reva#4344](https://github.com/cs3org/reva/pull/4344): Add url extension to mime type list
+  *   Enhancement [cs3org/reva#4372](https://github.com/cs3org/reva/pull/4372): Add validation to the public share provider
+  *   Enhancement [cs3org/reva#4244](https://github.com/cs3org/reva/pull/4244): Allow listing reveived shares by service accounts
+  *   Enhancement [cs3org/reva#4129](https://github.com/cs3org/reva/pull/4129): Auto-Accept Shares through ServiceAccounts
+  *   Enhancement [cs3org/reva#4374](https://github.com/cs3org/reva/pull/4374): Handle trashbin file listings concurrently
+  *   Enhancement [cs3org/reva#4325](https://github.com/cs3org/reva/pull/4325): Enforce Permissions
+  *   Enhancement [cs3org/reva#4368](https://github.com/cs3org/reva/pull/4368): Extract log initialization
+  *   Enhancement [cs3org/reva#4375](https://github.com/cs3org/reva/pull/4375): Introduce UploadSessionLister interface
+  *   Enhancement [cs3org/reva#4268](https://github.com/cs3org/reva/pull/4268): Implement sharing roles
+  *   Enhancement [cs3org/reva#4160](https://github.com/cs3org/reva/pull/4160): Improve utils pkg
+  *   Enhancement [cs3org/reva#4335](https://github.com/cs3org/reva/pull/4335): Add sufficient permissions check function
+  *   Enhancement [cs3org/reva#4281](https://github.com/cs3org/reva/pull/4281): Port OCM changes from master
+  *   Enhancement [cs3org/reva#4270](https://github.com/cs3org/reva/pull/4270): Opt out of public link password enforcement
+  *   Enhancement [cs3org/reva#4181](https://github.com/cs3org/reva/pull/4181): Change the variable names for the password policy
+  *   Enhancement [cs3org/reva#4256](https://github.com/cs3org/reva/pull/4256): Rename hidden share variable name
+  *   Enhancement [cs3org/reva#3926](https://github.com/cs3org/reva/pull/3926): Service Accounts
+  *   Enhancement [cs3org/reva#4359](https://github.com/cs3org/reva/pull/4359): Update go-ldap to v3.4.6
+  *   Enhancement [cs3org/reva#4170](https://github.com/cs3org/reva/pull/4170): Update password policies
+  *   Enhancement [cs3org/reva#4232](https://github.com/cs3org/reva/pull/4232): Improve error handling in utils package
+
+   https://github.com/owncloud/ocis/pull/8287
+   https://github.com/owncloud/ocis/pull/8278
+   https://github.com/owncloud/ocis/pull/8264
+   https://github.com/owncloud/ocis/pull/8100
+   https://github.com/owncloud/ocis/pull/8100
+   https://github.com/owncloud/ocis/pull/8038
+   https://github.com/owncloud/ocis/pull/8056
+   https://github.com/owncloud/ocis/pull/7949
+   https://github.com/owncloud/ocis/pull/7793
+   https://github.com/owncloud/ocis/pull/7978
+   https://github.com/owncloud/ocis/pull/7979
+   https://github.com/owncloud/ocis/pull/7963
+   https://github.com/owncloud/ocis/pull/7986
+   https://github.com/owncloud/ocis/pull/7721
+   https://github.com/owncloud/ocis/pull/7727
+   https://github.com/owncloud/ocis/pull/7752
+
+* Enhancement - Allow restarting multiple uploads with one command: [#8287](https://github.com/owncloud/ocis/pull/8287)
+
+   Allows to restart all commands in a specific state.
+
+   https://github.com/owncloud/ocis/pull/8287
+
+* Enhancement - Update web to v8.0.0-rc.3: [#8342](https://github.com/owncloud/ocis/pull/8342)
 
    Tags: web
 
+   We updated ownCloud Web to v8.0.0-rc.3. Please refer to the changelog (linked)
+   for details on the web release.
+
+   ## Summary * Bugfix
+   [owncloud/web#10318](https://github.com/owncloud/web/pull/10318): Scrollable
+   account page * Bugfix
+   [owncloud/web#10321](https://github.com/owncloud/web/pull/10321): Private link
+   error messages * Bugfix
+   [owncloud/web#10347](https://github.com/owncloud/web/pull/10347): Readonly user
+   attributes have no effect on group memberships * Bugfix
+   [owncloud/web#10424](https://github.com/owncloud/web/pull/10424): Restore space
+   * Enhancement [owncloud/web#10356](https://github.com/owncloud/web/pull/10356):
+   Preview app add reset button for images
+
    We updated ownCloud Web to v8.0.0-rc.2. Please refer to the changelog (linked)
    for details on the web release.
 
@@ -1475,12 +1684,16 @@ The following sections list the changes for 5.0.0-rc.3.
    [owncloud/web#10102](https://github.com/owncloud/web/pull/10102): Registering
    quick actions as extension
 
+   https://github.com/owncloud/ocis/pull/8342
+   https://github.com/owncloud/ocis/pull/8154
    https://github.com/owncloud/ocis/pull/8154
    https://github.com/owncloud/ocis/pull/8055
    https://github.com/owncloud/ocis/pull/7930
    https://github.com/owncloud/ocis/pull/7952
    https://github.com/owncloud/ocis/pull/7918
    https://github.com/owncloud/ocis/pull/7883
+   https://github.com/owncloud/web/releases/tag/v8.0.0-rc.3
+   https://github.com/owncloud/web/releases/tag/v8.0.0-rc.2
    https://github.com/owncloud/web/releases/tag/v8.0.0-rc.2
    https://github.com/owncloud/web/releases/tag/v8.0.0-rc.1
    https://github.com/owncloud/web/releases/tag/v8.0.0-beta.1
@@ -1488,152 +1701,6 @@ The following sections list the changes for 5.0.0-rc.3.
    https://github.com/owncloud/web/releases/tag/v8.0.0-alpha.13
    https://github.com/owncloud/web/releases/tag/v8.0.0-alpha.12
 
-* Enhancement - Update reva to latest edge version: [#8287](https://github.com/owncloud/ocis/pull/8287)
-
-   We update reva to the latest edge version to get the latest fixes and features.
-
-   ## Changelog for reva edge
-
-  *   Bugfix [cs3org/reva#4454](https://github.com/cs3org/reva/pull/4454): Skip unnecessary share retrieval
-  *   Bugfix [cs3org/reva#4461](https://github.com/cs3org/reva/pull/4461): CORS handling for WebDAV requests fixed
-  *   Bugfix [cs3org/reva#4462](https://github.com/cs3org/reva/pull/4462): Prevent setting container specific permissions on files
-  *   Bugfix [cs3org/reva#4463](https://github.com/cs3org/reva/pull/4463): Fix the resource name
-  *   Bugfix [cs3org/reva#4466](https://github.com/cs3org/reva/pull/4466): Fix natsjskv store
-  *   Bugfix [cs3org/reva#4469](https://github.com/cs3org/reva/pull/4469): Handle interrupted uploads
-  *   Bugfix [cs3org/reva#4472](https://github.com/cs3org/reva/pull/4472): Fix concurrent access to a map
-  *   Bugfix [cs3org/reva#4473](https://github.com/cs3org/reva/pull/4473): Decomposedfs now correctly lists sessions
-  *   Bugfix [cs3org/reva#4474](https://github.com/cs3org/reva/pull/4474): Make /dav/meta consistent
-  *   Bugfix [cs3org/reva#4475](https://github.com/cs3org/reva/pull/4475): Upload session specific processing flag
-  *   Bugfix [cs3org/reva#4476](https://github.com/cs3org/reva/pull/4476): No need to unmark postprocessing when it was not started
-  *   Bugfix [cs3org/reva#4479](https://github.com/cs3org/reva/pull/4479): Fix creating documents in the approvider
-  *   Bugfix [cs3org/reva#4481](https://github.com/cs3org/reva/pull/4481): Distinguish failure and node metadata reversal
-  *   Bugfix [cs3org/reva#4434](https://github.com/cs3org/reva/pull/4434): Fix the upload postprocessing
-  *   Bugfix [cs3org/reva#4443](https://github.com/cs3org/reva/pull/4443): Fixed wrong status code when moving a file to a denied path
-  *   Bugfix [cs3org/reva#4446](https://github.com/cs3org/reva/pull/4446): Disallow to delete a file during the processing
-  *   Bugfix [cs3org/reva#4448](https://github.com/cs3org/reva/pull/4448): Fix truncating existing files
-  *   Bugfix [cs3org/reva#4449](https://github.com/cs3org/reva/pull/4449): Keep failed processing status
-  *   Bugfix [cs3org/reva#4452](https://github.com/cs3org/reva/pull/4452): More efficient share jail
-  *   Bugfix [cs3org/reva#4456](https://github.com/cs3org/reva/pull/4456): Do not lose revisions when restoring the first revision
-  *   Bugfix [cs3org/reva#4457](https://github.com/cs3org/reva/pull/4457): Fix concurrent map access in sharecache
-  *   Enhancement [cs3org/reva#4453](https://github.com/cs3org/reva/pull/4453): Disable the password policy
-  *   Enhancement [cs3org/reva#4477](https://github.com/cs3org/reva/pull/4477): Extend ResumePostprocessing event
-
-   ## Changelog for reva 2.18.0 (2023-12-22)
-
-   The following sections list the changes in reva 2.18.0 relevant to reva users.
-   The changes are ordered by importance.
-
-  *   Bugfix [cs3org/reva#4424](https://github.com/cs3org/reva/pull/4424): Fixed panic in receivedsharecache pkg
-  *   Bugfix [cs3org/reva#4425](https://github.com/cs3org/reva/pull/4425): Fix overwriting files with empty files
-  *   Bugfix [cs3org/reva#4432](https://github.com/cs3org/reva/pull/4432): Fix /dav/meta endpoint for shares
-  *   Bugfix [cs3org/reva#4422](https://github.com/cs3org/reva/pull/4422): Fix disconnected traces
-  *   Bugfix [cs3org/reva#4429](https://github.com/cs3org/reva/pull/4429): Internal link creation
-  *   Bugfix [cs3org/reva#4407](https://github.com/cs3org/reva/pull/4407): Make ocdav return correct oc:spaceid
-  *   Bugfix [cs3org/reva#4410](https://github.com/cs3org/reva/pull/4410): Improve OCM support
-  *   Bugfix [cs3org/reva#4402](https://github.com/cs3org/reva/pull/4402): Refactor upload session
-  *   Enhancement [cs3org/reva#4421](https://github.com/cs3org/reva/pull/4421): Check permissions before adding, deleting or updating shares
-  *   Enhancement [cs3org/reva#4403](https://github.com/cs3org/reva/pull/4403): Add validation to update public share
-  *   Enhancement [cs3org/reva#4409](https://github.com/cs3org/reva/pull/4409): Disable the password policy
-  *   Enhancement [cs3org/reva#4412](https://github.com/cs3org/reva/pull/4412): Allow authentication for nats connections
-  *   Enhancement [cs3org/reva#4411](https://github.com/cs3org/reva/pull/4411): Add option to configure streams non durable
-  *   Enhancement [cs3org/reva#4406](https://github.com/cs3org/reva/pull/4406): Rework cache configuration
-  *   Enhancement [cs3org/reva#4414](https://github.com/cs3org/reva/pull/4414): Track more upload session metrics
-
-   ## Changelog for reva 2.17.0 (2023-12-12)
-
-   The following sections list the changes in reva 2.17.0 relevant to reva users.
-   The changes are ordered by importance.
-
-  *   Bugfix [cs3org/reva#4278](https://github.com/cs3org/reva/pull/4278): Disable DEPTH infinity in PROPFIND
-  *   Bugfix [cs3org/reva#4318](https://github.com/cs3org/reva/pull/4318): Do not allow moves between shares
-  *   Bugfix [cs3org/reva#4290](https://github.com/cs3org/reva/pull/4290): Prevent panic when trying to move a non-existent file
-  *   Bugfix [cs3org/reva#4241](https://github.com/cs3org/reva/pull/4241): Allow an empty credentials chain in the auth middleware
-  *   Bugfix [cs3org/reva#4216](https://github.com/cs3org/reva/pull/4216): Fix an error message
-  *   Bugfix [cs3org/reva#4324](https://github.com/cs3org/reva/pull/4324): Fix capabilities decoding
-  *   Bugfix [cs3org/reva#4267](https://github.com/cs3org/reva/pull/4267): Fix concurrency issue
-  *   Bugfix [cs3org/reva#4362](https://github.com/cs3org/reva/pull/4362): Fix concurrent lookup
-  *   Bugfix [cs3org/reva#4336](https://github.com/cs3org/reva/pull/4336): Fix definition of "file-editor" role
-  *   Bugfix [cs3org/reva#4302](https://github.com/cs3org/reva/pull/4302): Fix checking of filename length
-  *   Bugfix [cs3org/reva#4366](https://github.com/cs3org/reva/pull/4366): Fix CS3 status code when looking up non existing share
-  *   Bugfix [cs3org/reva#4299](https://github.com/cs3org/reva/pull/4299): Fix HTTP verb of the generate-invite endpoint
-  *   Bugfix [cs3org/reva#4249](https://github.com/cs3org/reva/pull/4249): GetUserByClaim not working with MSAD for claim "userid"
-  *   Bugfix [cs3org/reva#4217](https://github.com/cs3org/reva/pull/4217): Fix missing case for "hide" in UpdateShares
-  *   Bugfix [cs3org/reva#4140](https://github.com/cs3org/reva/pull/4140): Fix missing etag in shares jail
-  *   Bugfix [cs3org/reva#4229](https://github.com/cs3org/reva/pull/4229): Fix destroying the Personal and Project spaces data
-  *   Bugfix [cs3org/reva#4193](https://github.com/cs3org/reva/pull/4193): Fix overwrite a file with an empty file
-  *   Bugfix [cs3org/reva#4365](https://github.com/cs3org/reva/pull/4365): Fix create public share
-  *   Bugfix [cs3org/reva#4380](https://github.com/cs3org/reva/pull/4380): Fix the public link update
-  *   Bugfix [cs3org/reva#4250](https://github.com/cs3org/reva/pull/4250): Fix race condition
-  *   Bugfix [cs3org/reva#4345](https://github.com/cs3org/reva/pull/4345): Fix conversion of custom ocs permissions to roles
-  *   Bugfix [cs3org/reva#4134](https://github.com/cs3org/reva/pull/4134): Fix share jail
-  *   Bugfix [cs3org/reva#4335](https://github.com/cs3org/reva/pull/4335): Fix public shares cleanup config
-  *   Bugfix [cs3org/reva#4338](https://github.com/cs3org/reva/pull/4338): Fix unlock via space API
-  *   Bugfix [cs3org/reva#4341](https://github.com/cs3org/reva/pull/4341): Fix spaceID in meta endpoint response
-  *   Bugfix [cs3org/reva#4351](https://github.com/cs3org/reva/pull/4351): Fix 500 when open public link
-  *   Bugfix [cs3org/reva#4352](https://github.com/cs3org/reva/pull/4352): Fix the tgz mime type
-  *   Bugfix [cs3org/reva#4388](https://github.com/cs3org/reva/pull/4388): Allow UpdateUserShare() to update just the expiration date
-  *   Bugfix [cs3org/reva#4214](https://github.com/cs3org/reva/pull/4214): Always pass adjusted default nats options
-  *   Bugfix [cs3org/reva#4291](https://github.com/cs3org/reva/pull/4291): Release lock when expired
-  *   Bugfix [cs3org/reva#4386](https://github.com/cs3org/reva/pull/4386): Remove dead enable_home config
-  *   Bugfix [cs3org/reva#4292](https://github.com/cs3org/reva/pull/4292): Return 403 when user is not permitted to lock
-  *   Enhancement [cs3org/reva#4389](https://github.com/cs3org/reva/pull/4389): Add audio and location props
-  *   Enhancement [cs3org/reva#4337](https://github.com/cs3org/reva/pull/4337): Check permissions before creating shares
-  *   Enhancement [cs3org/reva#4326](https://github.com/cs3org/reva/pull/4326): Add search mediatype filter
-  *   Enhancement [cs3org/reva#4367](https://github.com/cs3org/reva/pull/4367): Add GGS mime type
-  *   Enhancement [cs3org/reva#4194](https://github.com/cs3org/reva/pull/4194): Add hide flag to shares
-  *   Enhancement [cs3org/reva#4358](https://github.com/cs3org/reva/pull/4358): Add default permissions capability for links
-  *   Enhancement [cs3org/reva#4133](https://github.com/cs3org/reva/pull/4133): Add more metadata to locks
-  *   Enhancement [cs3org/reva#4353](https://github.com/cs3org/reva/pull/4353): Add support for .docxf files
-  *   Enhancement [cs3org/reva#4363](https://github.com/cs3org/reva/pull/4363): Add nats-js-kv store
-  *   Enhancement [cs3org/reva#4197](https://github.com/cs3org/reva/pull/4197): Add the Banned-Passwords List
-  *   Enhancement [cs3org/reva#4190](https://github.com/cs3org/reva/pull/4190): Add the password policies
-  *   Enhancement [cs3org/reva#4384](https://github.com/cs3org/reva/pull/4384): Add a retry postprocessing outcome and event
-  *   Enhancement [cs3org/reva#4271](https://github.com/cs3org/reva/pull/4271): Add search capability
-  *   Enhancement [cs3org/reva#4119](https://github.com/cs3org/reva/pull/4119): Add sse event
-  *   Enhancement [cs3org/reva#4392](https://github.com/cs3org/reva/pull/4392): Add additional permissions to service accounts
-  *   Enhancement [cs3org/reva#4344](https://github.com/cs3org/reva/pull/4344): Add url extension to mime type list
-  *   Enhancement [cs3org/reva#4372](https://github.com/cs3org/reva/pull/4372): Add validation to the public share provider
-  *   Enhancement [cs3org/reva#4244](https://github.com/cs3org/reva/pull/4244): Allow listing reveived shares by service accounts
-  *   Enhancement [cs3org/reva#4129](https://github.com/cs3org/reva/pull/4129): Auto-Accept Shares through ServiceAccounts
-  *   Enhancement [cs3org/reva#4374](https://github.com/cs3org/reva/pull/4374): Handle trashbin file listings concurrently
-  *   Enhancement [cs3org/reva#4325](https://github.com/cs3org/reva/pull/4325): Enforce Permissions
-  *   Enhancement [cs3org/reva#4368](https://github.com/cs3org/reva/pull/4368): Extract log initialization
-  *   Enhancement [cs3org/reva#4375](https://github.com/cs3org/reva/pull/4375): Introduce UploadSessionLister interface
-  *   Enhancement [cs3org/reva#4268](https://github.com/cs3org/reva/pull/4268): Implement sharing roles
-  *   Enhancement [cs3org/reva#4160](https://github.com/cs3org/reva/pull/4160): Improve utils pkg
-  *   Enhancement [cs3org/reva#4335](https://github.com/cs3org/reva/pull/4335): Add sufficient permissions check function
-  *   Enhancement [cs3org/reva#4281](https://github.com/cs3org/reva/pull/4281): Port OCM changes from master
-  *   Enhancement [cs3org/reva#4270](https://github.com/cs3org/reva/pull/4270): Opt out of public link password enforcement
-  *   Enhancement [cs3org/reva#4181](https://github.com/cs3org/reva/pull/4181): Change the variable names for the password policy
-  *   Enhancement [cs3org/reva#4256](https://github.com/cs3org/reva/pull/4256): Rename hidden share variable name
-  *   Enhancement [cs3org/reva#3926](https://github.com/cs3org/reva/pull/3926): Service Accounts
-  *   Enhancement [cs3org/reva#4359](https://github.com/cs3org/reva/pull/4359): Update go-ldap to v3.4.6
-  *   Enhancement [cs3org/reva#4170](https://github.com/cs3org/reva/pull/4170): Update password policies
-  *   Enhancement [cs3org/reva#4232](https://github.com/cs3org/reva/pull/4232): Improve error handling in utils package
-
-   https://github.com/owncloud/ocis/pull/8287
-   https://github.com/owncloud/ocis/pull/8278
-   https://github.com/owncloud/ocis/pull/8264
-   https://github.com/owncloud/ocis/pull/8100
-   https://github.com/owncloud/ocis/pull/8100
-   https://github.com/owncloud/ocis/pull/8038
-   https://github.com/owncloud/ocis/pull/8056
-   https://github.com/owncloud/ocis/pull/7949
-   https://github.com/owncloud/ocis/pull/7793
-   https://github.com/owncloud/ocis/pull/7978
-   https://github.com/owncloud/ocis/pull/7979
-   https://github.com/owncloud/ocis/pull/7963
-   https://github.com/owncloud/ocis/pull/7986
-   https://github.com/owncloud/ocis/pull/7721
-   https://github.com/owncloud/ocis/pull/7727
-   https://github.com/owncloud/ocis/pull/7752
-
-* Enhancement - Allow restarting multiple uploads with one command: [#8287](https://github.com/owncloud/ocis/pull/8287)
-
-   Allows to restart all commands in a specific state.
-
-   https://github.com/owncloud/ocis/pull/8287
-
 # Changelog for [4.0.4] (2023-12-07)
 
 The following sections list the changes for 4.0.4.