diff --git a/CHANGELOG.md b/CHANGELOG.md
index 07a1ff9a40..5747bcf16f 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -1,3 +1,548 @@
+Changelog for reva 2.17.0 (2023-12-12)
+=======================================
+
+The following sections list the changes in reva 2.17.0 relevant to
+reva users. The changes are ordered by importance.
+
+Summary
+-------
+
+*   Fix #4278: Disable DEPTH infinity in PROPFIND
+*   Fix #4318: Do not allow moves between shares
+*   Fix #4290: Prevent panic when trying to move a non-existent file
+*   Fix #4241: Allow an empty credentials chain in the auth middleware
+*   Fix #4216: Fix an error message
+*   Fix #4324: Fix capabilities decoding
+*   Fix #4267: Fix concurrency issue
+*   Fix #4362: Fix concurrent lookup
+*   Fix #4336: Fix definition of "file-editor" role
+*   Fix #4302: Fix checking of filename length
+*   Fix #4366: Fix CS3 status code when looking up non existing share
+*   Fix #4299: Fix HTTP verb of the generate-invite endpoint
+*   Fix #4249: GetUserByClaim not working with MSAD for claim "userid"
+*   Fix #4217: Fix missing case for "hide" in UpdateShares
+*   Fix #4140: Fix missing etag in shares jail
+*   Fix #4229: Fix destroying the Personal and Project spaces data
+*   Fix #4193: Fix overwrite a file with an empty file
+*   Fix #4365: Fix create public share
+*   Fix #4380: Fix the public link update
+*   Fix #4250: Fix race condition
+*   Fix #4345: Fix conversion of custom ocs permissions to roles
+*   Fix #4134: Fix share jail
+*   Fix #4335: Fix public shares cleanup config
+*   Fix #4338: Fix unlock via space API
+*   Fix #4341: Fix spaceID in meta endpoint response
+*   Fix #4351: Fix 500 when open public link
+*   Fix #4352: Fix the tgz mime type
+*   Fix #4388: Allow UpdateUserShare() to update just the expiration date
+*   Fix #4214: Always pass adjusted default nats options
+*   Fix #4291: Release lock when expired
+*   Fix #4386: Remove dead enable_home config
+*   Fix #4292: Return 403 when user is not permitted to log
+*   Enh #4389: Add audio and location props
+*   Enh #4337: Check permissions before creating shares
+*   Enh #4326: Add search mediatype filter
+*   Enh #4367: Add GGS mime type
+*   Enh #4295: Add hide flag to shares
+*   Enh #4358: Add default permissions capability for links
+*   Enh #4133: Add more metadata to locks
+*   Enh #4353: Add support for .docxf files
+*   Enh #4363: Add nats-js-kv store
+*   Enh #4197: Add the Banned-Passwords List
+*   Enh #4190: Add the password policies
+*   Enh #4384: Add a retry postprocessing outcome and event
+*   Enh #4271: Add search capability
+*   Enh #4119: Add sse event
+*   Enh #4392: Add additional permissions to service accounts
+*   Enh #4344: Add url extension to mime type list
+*   Enh #4372: Add validation to the public share provider
+*   Enh #4244: Allow listing reveived shares by service accounts
+*   Enh #4129: Auto-Accept Shares through ServiceAccounts
+*   Enh #4374: Handle trashbin file listings concurrently
+*   Enh #4325: Enforce Permissions
+*   Enh #4368: Extract log initialization
+*   Enh #4375: Introduce UploadSessionLister interface
+*   Enh #4268: Implement sharing roles
+*   Enh #4160: Improve utils pkg
+*   Enh #4335: Add sufficient permissions check function
+*   Enh #4281: Port OCM changes from master
+*   Enh #4270: Opt out of public link password enforcement
+*   Enh #4181: The password policies change request
+*   Enh #4256: Rename hidden share variable name
+*   Enh #3315: Accept reva token as a bearer authentication
+*   Enh #3926: Service Accounts
+*   Enh #4359: Update go-ldap to v3.4.6
+*   Enh #4170: Update password policies
+*   Enh #4232: Improve error handling in utils package
+
+Details
+-------
+
+*   Bugfix #4278: Disable DEPTH infinity in PROPFIND
+
+   Disabled DEPTH infinity in PROPFIND for Personal /remote.php/dav/files/admin Public link
+   share /remote.php/dav/public-files/<token> Trashbin
+   /remote.php/dav/spaces/trash-bin/<personal-space-id>
+
+   https://github.com/owncloud/ocis/issues/7359
+   https://github.com/cs3org/reva/pull/4278
+
+*   Bugfix #4318: Do not allow moves between shares
+
+   We no longer allow moves between shares, even if they resolve to the same space.
+
+   https://github.com/cs3org/reva/pull/4318
+
+*   Bugfix #4290: Prevent panic when trying to move a non-existent file
+
+   We fixed a panic when the user tried to move a file which does not exist.
+
+   https://github.com/cs3org/reva/pull/4290
+   https://github.com/cs3org/reva/pull/4283
+
+*   Bugfix #4241: Allow an empty credentials chain in the auth middleware
+
+   When running with ocis, all external http-authentication is handled by the proxy service. So
+   the reva auth middleware should not try to do any basic or bearer auth.
+
+   https://github.com/owncloud/ocis/issues/6692
+   https://github.com/cs3org/reva/pull/4241
+
+*   Bugfix #4216: Fix an error message
+
+   Capitalize an error message for Banned-Passwords List OCIS-3809
+
+   https://github.com/cs3org/reva/pull/4216
+
+*   Bugfix #4324: Fix capabilities decoding
+
+   We have fixed a bug when the mapstructure is ignored the embedded structure when decode
+
+   https://github.com/cs3org/reva/pull/4324
+
+*   Bugfix #4267: Fix concurrency issue
+
+   We fixed a concurrency issue when listing received shares.
+
+   https://github.com/cs3org/reva/pull/4267
+
+*   Bugfix #4362: Fix concurrent lookup
+
+   We have fixed a bug that overwrites existing variables, leading to flaky lookup of spaces
+
+   https://github.com/cs3org/reva/pull/4362
+
+*   Bugfix #4336: Fix definition of "file-editor" role
+
+   The "file-editor" role was missing the AddGrant resource permission, which caused a broken
+   mapping from ResourcePermissions to roles in certain cases.
+
+   https://github.com/cs3org/reva/pull/4336
+
+*   Bugfix #4302: Fix checking of filename length
+
+   Instead of checking for length of the filename the ocdav handler would sometimes check for
+   complete file path.
+
+   https://github.com/cs3org/reva/pull/4302
+
+*   Bugfix #4366: Fix CS3 status code when looking up non existing share
+
+   When trying to lookup a share that does not exist we now return a proper "not found" error instead
+   of just an "internal error.
+
+   https://github.com/cs3org/reva/pull/4366
+
+*   Bugfix #4299: Fix HTTP verb of the generate-invite endpoint
+
+   We changed the HTTP verb of the /generate-invite endpoint of the sciencemesh service to POST as
+   it clearly has side effects for the system, it's not just a read-only call.
+
+   https://github.com/cs3org/reva/pull/4299
+
+*   Bugfix #4249: GetUserByClaim not working with MSAD for claim "userid"
+
+   We fixed GetUserByClaim to correctly deal with binary encoded userid as e.g. used for Active
+   Directory.
+
+   https://github.com/owncloud/ocis/issues/7469
+   https://github.com/cs3org/reva/pull/4249
+
+*   Bugfix #4217: Fix missing case for "hide" in UpdateShares
+
+   We fixed a bug that caused ocs to throw a 996 on update of permissions.
+
+   https://github.com/cs3org/reva/pull/4217
+
+*   Bugfix #4140: Fix missing etag in shares jail
+
+   The shares jail can miss the etag if the first `receivedShare` is not accepted.
+
+   https://github.com/cs3org/reva/pull/4140
+
+*   Bugfix #4229: Fix destroying the Personal and Project spaces data
+
+   We fixed a bug that caused destroying the Personal and Project spaces data when providing as a
+   destination while move/copy file. Disallow use the Personal and Project spaces root as a
+   source while move/copy file.
+
+   https://github.com/owncloud/ocis/issues/6739
+   https://github.com/cs3org/reva/pull/4229
+
+*   Bugfix #4193: Fix overwrite a file with an empty file
+
+   Fix the error when the user trying to overwrite a file with an empty file
+
+   https://github.com/cs3org/reva/pull/4193
+
+*   Bugfix #4365: Fix create public share
+
+   If public link creation failed, it now returns a status error instead of sending ok.
+
+   https://github.com/cs3org/reva/pull/4365
+
+*   Bugfix #4380: Fix the public link update
+
+   We fixed a bug when normal users can update the public link to delete its password if permission
+   is not sent in data.
+
+   https://github.com/owncloud/ocis/issues/7821
+   https://github.com/cs3org/reva/pull/4380
+
+*   Bugfix #4250: Fix race condition
+
+   We have fixed a race condition when setting the default tracing provider.
+
+   https://github.com/owncloud/ocis/issues/4088
+   https://github.com/cs3org/reva/pull/4250
+
+*   Bugfix #4345: Fix conversion of custom ocs permissions to roles
+
+   When creating shares with custom permissions they were under certain conditions converted
+   into the wrong corrensponding sharing role
+
+   https://github.com/owncloud/enterprise/issues/6209
+   https://github.com/cs3org/reva/pull/4345
+   https://github.com/cs3org/reva/pull/4343
+   https://github.com/cs3org/reva/pull/4342
+
+*   Bugfix #4134: Fix share jail
+
+   Make matching mountpoints deterministic by comparing whole path segments of mountpoints
+
+   https://github.com/cs3org/reva/pull/4134
+
+*   Bugfix #4335: Fix public shares cleanup config
+
+   The public shares cleanup for expired shares was not configurable via ocis.
+
+   https://github.com/cs3org/reva/pull/4335/
+
+*   Bugfix #4338: Fix unlock via space API
+
+   We fixed a bug that caused Error 500 when user try to unlock file using fileid The
+   handleSpaceUnlock has been added
+
+   https://github.com/owncloud/ocis/issues/7708
+   https://github.com/cs3org/reva/pull/4338
+
+*   Bugfix #4341: Fix spaceID in meta endpoint response
+
+   When doing a `PROPFIND` on the meta endpoint the spaceID would not be rendered correctly. That
+   is fixed now
+
+   https://github.com/cs3org/reva/pull/4341
+
+*   Bugfix #4351: Fix 500 when open public link
+
+   We fixed a bug that caused nil pointer and Error 500 when open a public link from a deleted user
+
+   https://github.com/owncloud/ocis/issues/7740
+   https://github.com/cs3org/reva/pull/4351
+
+*   Bugfix #4352: Fix the tgz mime type
+
+   We have fixed a bug when the tgz mime type was not "application/gzip"
+
+   https://github.com/cs3org/reva/pull/4352
+
+*   Bugfix #4388: Allow UpdateUserShare() to update just the expiration date
+
+   The UpdateUserShare Request now works if it just contains an update of the expiration date.
+
+   https://github.com/cs3org/reva/pull/4388
+
+*   Bugfix #4214: Always pass adjusted default nats options
+
+   The nats-js store will now automatically reconnect.
+
+   https://github.com/cs3org/reva/pull/4214
+
+*   Bugfix #4291: Release lock when expired
+
+   Release an expired lock when stating the resource
+
+   https://github.com/cs3org/reva/pull/4291
+
+*   Bugfix #4386: Remove dead enable_home config
+
+   https://github.com/cs3org/reva/pull/4386
+
+*   Bugfix #4292: Return 403 when user is not permitted to log
+
+   When a user tries to lock a file, but doesn't have write access, the correct status code is `403`
+   not `500` like we did until now
+
+   https://github.com/cs3org/reva/pull/4292
+
+*   Enhancement #4389: Add audio and location props
+
+   Add `oc:audio` and `oc:location` props to PROPFIND responses for propall requests or when
+   they are explicitly requested.
+
+   https://github.com/cs3org/reva/pull/4389
+
+*   Enhancement #4337: Check permissions before creating shares
+
+   The user share provider now checks if the user has sufficient permissions to create a share.
+
+   https://github.com/cs3org/reva/pull/4337/
+
+*   Enhancement #4326: Add search mediatype filter
+
+   Add filter MediaType filter shortcuts to search for specific document types. For example, a
+   search query MimeType:documents will search for files with the following mimetypes:
+
+   Application/msword
+   MimeType:application/vnd.openxmlformats-officedocument.wordprocessingml.document
+   MimeType:application/vnd.oasis.opendocument.text MimeType:text/plain
+   MimeType:text/markdown MimeType:application/rtf
+   MimeType:application/vnd.apple.pages
+
+   https://github.com/owncloud/ocis/issues/7432
+   https://github.com/cs3org/reva/pull/4326
+   https://github.com/cs3org/reva/pull/4320
+
+*   Enhancement #4367: Add GGS mime type
+
+   We have added a new mime type for GGS files. This is a new file type that is used by geogebra
+   application.
+
+   https://github.com/owncloud/ocis/issues/7768
+   https://github.com/cs3org/reva/pull/4367
+   https://github.com/owncloud/ocis/pull/7804
+
+*   Enhancement #4295: Add hide flag to shares
+
+   We have added the ability to hide shares through the
+   ocs/v2.php/apps/files_sharing/api/v1/shares/pending/ endpoint by appending a
+   POST-Variable called hide which can be true or false.
+
+   https://github.com/owncloud/ocis/issues/7589
+   https://github.com/cs3org/reva/pull/4295
+   https://github.com/cs3org/reva/pull/4289
+   https://github.com/cs3org/reva/pull/4194
+
+*   Enhancement #4358: Add default permissions capability for links
+
+   A capability for default permissions for links has been added.
+
+   https://github.com/owncloud/web/issues/9919
+   https://github.com/cs3org/reva/pull/4358
+
+*   Enhancement #4133: Add more metadata to locks
+
+   Adds the owners name and the time of locking to the lock metadata
+
+   https://github.com/cs3org/reva/pull/4133
+
+*   Enhancement #4353: Add support for .docxf files
+
+   We have added the missing .docxf mime-type to the list of supported mime-types.
+
+   https://github.com/owncloud/ocis/issues/6989
+   https://github.com/cs3org/reva/pull/4353
+
+*   Enhancement #4363: Add nats-js-kv store
+
+   Add a store using the nats-js key value storage. Also fixes a panic when locking files.
+
+   https://github.com/cs3org/reva/pull/4363
+
+*   Enhancement #4197: Add the Banned-Passwords List
+
+   Add ability to validation against the Banned-Passwords List OCIS-3809
+
+   https://github.com/cs3org/reva/pull/4197
+
+*   Enhancement #4190: Add the password policies
+
+   Add the password policies OCIS-3767
+
+   https://github.com/cs3org/reva/pull/4190
+   https://github.com/cs3org/reva/pull/4147
+
+*   Enhancement #4384: Add a retry postprocessing outcome and event
+
+   We added a retry postprocessing outcome and event. This enhancement provides the ability to
+   handle retry scenarios during postprocessing.
+
+   https://github.com/cs3org/reva/pull/4384
+
+*   Enhancement #4271: Add search capability
+
+   We have added the ability to define search specific capabilities.
+
+   https://github.com/cs3org/reva/pull/4271
+
+*   Enhancement #4119: Add sse event
+
+   Adds an event to issue sse notifications
+
+   https://github.com/cs3org/reva/pull/4119
+
+*   Enhancement #4392: Add additional permissions to service accounts
+
+   We added the `RestoreRecycleItem` and `Delete` permissions to service accounts
+
+   https://github.com/owncloud/ocis/issues/7845
+   https://github.com/cs3org/reva/pull/4392
+
+*   Enhancement #4344: Add url extension to mime type list
+
+   We have added the url extension to the mime type list
+
+   https://github.com/cs3org/reva/pull/4344
+
+*   Enhancement #4372: Add validation to the public share provider
+
+   We added validation to the public share provider. The idea behind it is that the cs3 clients will
+   become much simpler. The provider can do the validation and return different status codes. The
+   API clients then just need to convert CS3 status codes to http status codes.
+
+   https://github.com/owncloud/ocis/issues/6993
+   https://github.com/cs3org/reva/pull/4372/
+
+*   Enhancement #4244: Allow listing reveived shares by service accounts
+
+   Similar to UpdateReceivedShare we now pass a forUser parameter to list received shares when
+   using service accounts
+
+   https://github.com/cs3org/reva/pull/4244
+
+*   Enhancement #4129: Auto-Accept Shares through ServiceAccounts
+
+   Auto accept shares with service accounts
+
+   https://github.com/cs3org/reva/pull/4129
+
+*   Enhancement #4374: Handle trashbin file listings concurrently
+
+   We now use a concurrent walker to list files in the trashbin. This improves performance when
+   listing files in the trashbin.
+
+   https://github.com/owncloud/ocis/issues/7844
+   https://github.com/cs3org/reva/pull/4374
+
+*   Enhancement #4325: Enforce Permissions
+
+   Enforce the new `Favorites.List` `Favorites.Write` and `Shares.Write` Permissions
+
+   https://github.com/cs3org/reva/pull/4325
+
+*   Enhancement #4368: Extract log initialization
+
+   To prepare reinitializing a logger for uploads we refactored the loginitialization into its
+   own package
+
+   https://github.com/cs3org/reva/pull/4368
+
+*   Enhancement #4375: Introduce UploadSessionLister interface
+
+   We introduced a new UploadSessionLister interface that allows better control of upload
+   sessions. Upload sessions include the processing state and can be used to filter and purge the
+   list of currently ongoing upload sessions.
+
+   https://github.com/cs3org/reva/pull/4375
+
+*   Enhancement #4268: Implement sharing roles
+
+   Implement libre graph sharing roles
+
+   https://github.com/owncloud/ocis/issues/7418
+   https://github.com/cs3org/reva/pull/4268
+
+*   Enhancement #4160: Improve utils pkg
+
+   Add more function to utils pkg so they don't need to be copy/pasted everywhere
+
+   https://github.com/cs3org/reva/pull/4160
+
+*   Enhancement #4335: Add sufficient permissions check function
+
+   We added a helper function to check for sufficient CS3 resource permissions.
+
+   https://github.com/owncloud/ocis/issues/6993
+   https://github.com/cs3org/reva/pull/4335/
+
+*   Enhancement #4281: Port OCM changes from master
+
+   We pulled in the latest ocm changes from master and are now compatible with the main go-cs3apis
+   again.
+
+   https://github.com/cs3org/reva/pull/4281
+   https://github.com/cs3org/reva/pull/4239
+
+*   Enhancement #4270: Opt out of public link password enforcement
+
+   Users with special permissions can now delete passwords on read-only public links.
+
+   https://github.com/owncloud/ocis/issues/7538
+   https://github.com/cs3org/reva/pull/4270
+
+*   Enhancement #4181: The password policies change request
+
+   The variables renaming OCIS-3767
+
+   https://github.com/cs3org/reva/pull/4181
+
+*   Enhancement #4256: Rename hidden share variable name
+
+   We have renamed the hidden flag on shares from Hide -> Hidden to align to the cs3api
+
+   https://github.com/cs3org/reva/pull/4256
+   https://github.com/cs3org/cs3apis/pull/214
+
+*   Enhancement #3315: Accept reva token as a bearer authentication
+
+   https://github.com/cs3org/reva/pull/3315
+
+*   Enhancement #3926: Service Accounts
+
+   Makes reva ready for service accounts by introducing an serviceaccounts auth manager
+
+   https://github.com/cs3org/reva/pull/3926
+
+*   Enhancement #4359: Update go-ldap to v3.4.6
+
+   Updated go-ldap/ldap/v3 to the latest upstream release to include the latest bugfixes and
+   enhancements.
+
+   https://github.com/cs3org/reva/pull/4359
+
+*   Enhancement #4170: Update password policies
+
+   The Password policies have been updated. The special characters list became constant.
+   OCIS-3767
+
+   https://github.com/cs3org/reva/pull/4170
+
+*   Enhancement #4232: Improve error handling in utils package
+
+   Improves error handling in the utils package. This has no impact on users.
+
+   https://github.com/cs3org/reva/pull/4232
+
 Changelog for reva 2.16.0 (2023-08-21)
 =======================================
 
diff --git a/RELEASE_DATE b/RELEASE_DATE
index 58d195a38c..1c2469d6a3 100644
--- a/RELEASE_DATE
+++ b/RELEASE_DATE
@@ -1 +1 @@
-2023-08-21
\ No newline at end of file
+2023-12-12
\ No newline at end of file
diff --git a/VERSION b/VERSION
index 79a00e9a07..6618ab5451 100644
--- a/VERSION
+++ b/VERSION
@@ -1 +1 @@
-2.16.0
\ No newline at end of file
+2.17.0
\ No newline at end of file
diff --git a/changelog/unreleased/add-audio-and-location-props.md b/changelog/2.17.0_2023-12-12/add-audio-and-location-props.md
similarity index 100%
rename from changelog/unreleased/add-audio-and-location-props.md
rename to changelog/2.17.0_2023-12-12/add-audio-and-location-props.md
diff --git a/changelog/unreleased/add-create-share-permission-check.md b/changelog/2.17.0_2023-12-12/add-create-share-permission-check.md
similarity index 100%
rename from changelog/unreleased/add-create-share-permission-check.md
rename to changelog/2.17.0_2023-12-12/add-create-share-permission-check.md
diff --git a/changelog/unreleased/add-file-type-filter-chip.md b/changelog/2.17.0_2023-12-12/add-file-type-filter-chip.md
similarity index 100%
rename from changelog/unreleased/add-file-type-filter-chip.md
rename to changelog/2.17.0_2023-12-12/add-file-type-filter-chip.md
diff --git a/changelog/unreleased/add-ggs-mime.md b/changelog/2.17.0_2023-12-12/add-ggs-mime.md
similarity index 100%
rename from changelog/unreleased/add-ggs-mime.md
rename to changelog/2.17.0_2023-12-12/add-ggs-mime.md
diff --git a/changelog/unreleased/add-hide-flag-to-shares.md b/changelog/2.17.0_2023-12-12/add-hide-flag-to-shares.md
similarity index 100%
rename from changelog/unreleased/add-hide-flag-to-shares.md
rename to changelog/2.17.0_2023-12-12/add-hide-flag-to-shares.md
diff --git a/changelog/unreleased/add-links-default-permissions-capability.md b/changelog/2.17.0_2023-12-12/add-links-default-permissions-capability.md
similarity index 100%
rename from changelog/unreleased/add-links-default-permissions-capability.md
rename to changelog/2.17.0_2023-12-12/add-links-default-permissions-capability.md
diff --git a/changelog/unreleased/add-lock-metadata.md b/changelog/2.17.0_2023-12-12/add-lock-metadata.md
similarity index 100%
rename from changelog/unreleased/add-lock-metadata.md
rename to changelog/2.17.0_2023-12-12/add-lock-metadata.md
diff --git a/changelog/unreleased/add-missing-form-mime.md b/changelog/2.17.0_2023-12-12/add-missing-form-mime.md
similarity index 100%
rename from changelog/unreleased/add-missing-form-mime.md
rename to changelog/2.17.0_2023-12-12/add-missing-form-mime.md
diff --git a/changelog/unreleased/add-natsjs-kv-store.md b/changelog/2.17.0_2023-12-12/add-natsjs-kv-store.md
similarity index 100%
rename from changelog/unreleased/add-natsjs-kv-store.md
rename to changelog/2.17.0_2023-12-12/add-natsjs-kv-store.md
diff --git a/changelog/unreleased/add-passwod-banned-password-list.md b/changelog/2.17.0_2023-12-12/add-passwod-banned-password-list.md
similarity index 100%
rename from changelog/unreleased/add-passwod-banned-password-list.md
rename to changelog/2.17.0_2023-12-12/add-passwod-banned-password-list.md
diff --git a/changelog/unreleased/add-passwod-policies.md b/changelog/2.17.0_2023-12-12/add-passwod-policies.md
similarity index 100%
rename from changelog/unreleased/add-passwod-policies.md
rename to changelog/2.17.0_2023-12-12/add-passwod-policies.md
diff --git a/changelog/unreleased/add-retry-pp-outcome.md b/changelog/2.17.0_2023-12-12/add-retry-pp-outcome.md
similarity index 100%
rename from changelog/unreleased/add-retry-pp-outcome.md
rename to changelog/2.17.0_2023-12-12/add-retry-pp-outcome.md
diff --git a/changelog/unreleased/add-search-capability.md b/changelog/2.17.0_2023-12-12/add-search-capability.md
similarity index 100%
rename from changelog/unreleased/add-search-capability.md
rename to changelog/2.17.0_2023-12-12/add-search-capability.md
diff --git a/changelog/unreleased/add-sse-event.md b/changelog/2.17.0_2023-12-12/add-sse-event.md
similarity index 100%
rename from changelog/unreleased/add-sse-event.md
rename to changelog/2.17.0_2023-12-12/add-sse-event.md
diff --git a/changelog/unreleased/add-trach-bin-cli.md b/changelog/2.17.0_2023-12-12/add-trach-bin-cli.md
similarity index 100%
rename from changelog/unreleased/add-trach-bin-cli.md
rename to changelog/2.17.0_2023-12-12/add-trach-bin-cli.md
diff --git a/changelog/unreleased/add-url-extension-to-mime-type-list.md b/changelog/2.17.0_2023-12-12/add-url-extension-to-mime-type-list.md
similarity index 100%
rename from changelog/unreleased/add-url-extension-to-mime-type-list.md
rename to changelog/2.17.0_2023-12-12/add-url-extension-to-mime-type-list.md
diff --git a/changelog/unreleased/add-validation-to-public-share-provider.md b/changelog/2.17.0_2023-12-12/add-validation-to-public-share-provider.md
similarity index 100%
rename from changelog/unreleased/add-validation-to-public-share-provider.md
rename to changelog/2.17.0_2023-12-12/add-validation-to-public-share-provider.md
diff --git a/changelog/unreleased/allow-listreceivedshares-serviceaccounts.md b/changelog/2.17.0_2023-12-12/allow-listreceivedshares-serviceaccounts.md
similarity index 100%
rename from changelog/unreleased/allow-listreceivedshares-serviceaccounts.md
rename to changelog/2.17.0_2023-12-12/allow-listreceivedshares-serviceaccounts.md
diff --git a/changelog/unreleased/auto-accept-shares.md b/changelog/2.17.0_2023-12-12/auto-accept-shares.md
similarity index 100%
rename from changelog/unreleased/auto-accept-shares.md
rename to changelog/2.17.0_2023-12-12/auto-accept-shares.md
diff --git a/changelog/unreleased/concurrent-trashbin.md b/changelog/2.17.0_2023-12-12/concurrent-trashbin.md
similarity index 100%
rename from changelog/unreleased/concurrent-trashbin.md
rename to changelog/2.17.0_2023-12-12/concurrent-trashbin.md
diff --git a/changelog/unreleased/disable-depth-infinity.md b/changelog/2.17.0_2023-12-12/disable-depth-infinity.md
similarity index 100%
rename from changelog/unreleased/disable-depth-infinity.md
rename to changelog/2.17.0_2023-12-12/disable-depth-infinity.md
diff --git a/changelog/unreleased/disallow-moves-between-shares.md b/changelog/2.17.0_2023-12-12/disallow-moves-between-shares.md
similarity index 100%
rename from changelog/unreleased/disallow-moves-between-shares.md
rename to changelog/2.17.0_2023-12-12/disallow-moves-between-shares.md
diff --git a/changelog/unreleased/do-not-panic-when-moving-missing-files.md b/changelog/2.17.0_2023-12-12/do-not-panic-when-moving-missing-files.md
similarity index 100%
rename from changelog/unreleased/do-not-panic-when-moving-missing-files.md
rename to changelog/2.17.0_2023-12-12/do-not-panic-when-moving-missing-files.md
diff --git a/changelog/unreleased/enforce-permissions.md b/changelog/2.17.0_2023-12-12/enforce-permissions.md
similarity index 100%
rename from changelog/unreleased/enforce-permissions.md
rename to changelog/2.17.0_2023-12-12/enforce-permissions.md
diff --git a/changelog/unreleased/extract-log-initialization.md b/changelog/2.17.0_2023-12-12/extract-log-initialization.md
similarity index 100%
rename from changelog/unreleased/extract-log-initialization.md
rename to changelog/2.17.0_2023-12-12/extract-log-initialization.md
diff --git a/changelog/unreleased/extract-uploadsessionlister-interface.md b/changelog/2.17.0_2023-12-12/extract-uploadsessionlister-interface.md
similarity index 100%
rename from changelog/unreleased/extract-uploadsessionlister-interface.md
rename to changelog/2.17.0_2023-12-12/extract-uploadsessionlister-interface.md
diff --git a/changelog/unreleased/fix-auth-allow-empty-cred-chain.md b/changelog/2.17.0_2023-12-12/fix-auth-allow-empty-cred-chain.md
similarity index 100%
rename from changelog/unreleased/fix-auth-allow-empty-cred-chain.md
rename to changelog/2.17.0_2023-12-12/fix-auth-allow-empty-cred-chain.md
diff --git a/changelog/unreleased/fix-banned-password.md b/changelog/2.17.0_2023-12-12/fix-banned-password.md
similarity index 100%
rename from changelog/unreleased/fix-banned-password.md
rename to changelog/2.17.0_2023-12-12/fix-banned-password.md
diff --git a/changelog/unreleased/fix-capabilities.md b/changelog/2.17.0_2023-12-12/fix-capabilities.md
similarity index 100%
rename from changelog/unreleased/fix-capabilities.md
rename to changelog/2.17.0_2023-12-12/fix-capabilities.md
diff --git a/changelog/unreleased/fix-concurrency-issue.md b/changelog/2.17.0_2023-12-12/fix-concurrency-issue.md
similarity index 100%
rename from changelog/unreleased/fix-concurrency-issue.md
rename to changelog/2.17.0_2023-12-12/fix-concurrency-issue.md
diff --git a/changelog/unreleased/fix-concurrent-lookup.md b/changelog/2.17.0_2023-12-12/fix-concurrent-lookup.md
similarity index 100%
rename from changelog/unreleased/fix-concurrent-lookup.md
rename to changelog/2.17.0_2023-12-12/fix-concurrent-lookup.md
diff --git a/changelog/unreleased/fix-editor-role-resharing.md b/changelog/2.17.0_2023-12-12/fix-editor-role-resharing.md
similarity index 100%
rename from changelog/unreleased/fix-editor-role-resharing.md
rename to changelog/2.17.0_2023-12-12/fix-editor-role-resharing.md
diff --git a/changelog/unreleased/fix-filename-length-check.md b/changelog/2.17.0_2023-12-12/fix-filename-length-check.md
similarity index 100%
rename from changelog/unreleased/fix-filename-length-check.md
rename to changelog/2.17.0_2023-12-12/fix-filename-length-check.md
diff --git a/changelog/unreleased/fix-getshare-statuscode.md b/changelog/2.17.0_2023-12-12/fix-getshare-statuscode.md
similarity index 100%
rename from changelog/unreleased/fix-getshare-statuscode.md
rename to changelog/2.17.0_2023-12-12/fix-getshare-statuscode.md
diff --git a/changelog/unreleased/fix-http-verb.md b/changelog/2.17.0_2023-12-12/fix-http-verb.md
similarity index 100%
rename from changelog/unreleased/fix-http-verb.md
rename to changelog/2.17.0_2023-12-12/fix-http-verb.md
diff --git a/changelog/unreleased/fix-ldap-getuserbyclaim-userid.md b/changelog/2.17.0_2023-12-12/fix-ldap-getuserbyclaim-userid.md
similarity index 100%
rename from changelog/unreleased/fix-ldap-getuserbyclaim-userid.md
rename to changelog/2.17.0_2023-12-12/fix-ldap-getuserbyclaim-userid.md
diff --git a/changelog/unreleased/fix-missing-case.md b/changelog/2.17.0_2023-12-12/fix-missing-case.md
similarity index 100%
rename from changelog/unreleased/fix-missing-case.md
rename to changelog/2.17.0_2023-12-12/fix-missing-case.md
diff --git a/changelog/unreleased/fix-missing-sharesjail-etag.md b/changelog/2.17.0_2023-12-12/fix-missing-sharesjail-etag.md
similarity index 100%
rename from changelog/unreleased/fix-missing-sharesjail-etag.md
rename to changelog/2.17.0_2023-12-12/fix-missing-sharesjail-etag.md
diff --git a/changelog/unreleased/fix-move-copy.md b/changelog/2.17.0_2023-12-12/fix-move-copy.md
similarity index 100%
rename from changelog/unreleased/fix-move-copy.md
rename to changelog/2.17.0_2023-12-12/fix-move-copy.md
diff --git a/changelog/unreleased/fix-overwrite-file.md b/changelog/2.17.0_2023-12-12/fix-overwrite-file.md
similarity index 100%
rename from changelog/unreleased/fix-overwrite-file.md
rename to changelog/2.17.0_2023-12-12/fix-overwrite-file.md
diff --git a/changelog/unreleased/fix-public-link-creation-err.md b/changelog/2.17.0_2023-12-12/fix-public-link-creation-err.md
similarity index 100%
rename from changelog/unreleased/fix-public-link-creation-err.md
rename to changelog/2.17.0_2023-12-12/fix-public-link-creation-err.md
diff --git a/changelog/unreleased/fix-publick-link-update.md b/changelog/2.17.0_2023-12-12/fix-publick-link-update.md
similarity index 100%
rename from changelog/unreleased/fix-publick-link-update.md
rename to changelog/2.17.0_2023-12-12/fix-publick-link-update.md
diff --git a/changelog/unreleased/fix-race-condition.md b/changelog/2.17.0_2023-12-12/fix-race-condition.md
similarity index 100%
rename from changelog/unreleased/fix-race-condition.md
rename to changelog/2.17.0_2023-12-12/fix-race-condition.md
diff --git a/changelog/unreleased/fix-roleconversion-custompermissions.md b/changelog/2.17.0_2023-12-12/fix-roleconversion-custompermissions.md
similarity index 100%
rename from changelog/unreleased/fix-roleconversion-custompermissions.md
rename to changelog/2.17.0_2023-12-12/fix-roleconversion-custompermissions.md
diff --git a/changelog/unreleased/fix-share-jail.md b/changelog/2.17.0_2023-12-12/fix-share-jail.md
similarity index 100%
rename from changelog/unreleased/fix-share-jail.md
rename to changelog/2.17.0_2023-12-12/fix-share-jail.md
diff --git a/changelog/unreleased/fix-shares-cleanup-config.md b/changelog/2.17.0_2023-12-12/fix-shares-cleanup-config.md
similarity index 100%
rename from changelog/unreleased/fix-shares-cleanup-config.md
rename to changelog/2.17.0_2023-12-12/fix-shares-cleanup-config.md
diff --git a/changelog/unreleased/fix-space-unlock.md b/changelog/2.17.0_2023-12-12/fix-space-unlock.md
similarity index 100%
rename from changelog/unreleased/fix-space-unlock.md
rename to changelog/2.17.0_2023-12-12/fix-space-unlock.md
diff --git a/changelog/unreleased/fix-spaceid-in-metaresponse.md b/changelog/2.17.0_2023-12-12/fix-spaceid-in-metaresponse.md
similarity index 100%
rename from changelog/unreleased/fix-spaceid-in-metaresponse.md
rename to changelog/2.17.0_2023-12-12/fix-spaceid-in-metaresponse.md
diff --git a/changelog/unreleased/fix-status-code.md b/changelog/2.17.0_2023-12-12/fix-status-code.md
similarity index 100%
rename from changelog/unreleased/fix-status-code.md
rename to changelog/2.17.0_2023-12-12/fix-status-code.md
diff --git a/changelog/unreleased/fix-tgz-mimetype.md b/changelog/2.17.0_2023-12-12/fix-tgz-mimetype.md
similarity index 100%
rename from changelog/unreleased/fix-tgz-mimetype.md
rename to changelog/2.17.0_2023-12-12/fix-tgz-mimetype.md
diff --git a/changelog/unreleased/fix-update-userhare.md b/changelog/2.17.0_2023-12-12/fix-update-userhare.md
similarity index 100%
rename from changelog/unreleased/fix-update-userhare.md
rename to changelog/2.17.0_2023-12-12/fix-update-userhare.md
diff --git a/changelog/unreleased/implement-sharing-roles.md b/changelog/2.17.0_2023-12-12/implement-sharing-roles.md
similarity index 100%
rename from changelog/unreleased/implement-sharing-roles.md
rename to changelog/2.17.0_2023-12-12/implement-sharing-roles.md
diff --git a/changelog/unreleased/improve-utils.md b/changelog/2.17.0_2023-12-12/improve-utils.md
similarity index 100%
rename from changelog/unreleased/improve-utils.md
rename to changelog/2.17.0_2023-12-12/improve-utils.md
diff --git a/changelog/unreleased/new-permission-helper-function.md b/changelog/2.17.0_2023-12-12/new-permission-helper-function.md
similarity index 100%
rename from changelog/unreleased/new-permission-helper-function.md
rename to changelog/2.17.0_2023-12-12/new-permission-helper-function.md
diff --git a/changelog/unreleased/ocm.md b/changelog/2.17.0_2023-12-12/ocm.md
similarity index 100%
rename from changelog/unreleased/ocm.md
rename to changelog/2.17.0_2023-12-12/ocm.md
diff --git a/changelog/unreleased/opt-out-public-link-pw.md b/changelog/2.17.0_2023-12-12/opt-out-public-link-pw.md
similarity index 100%
rename from changelog/unreleased/opt-out-public-link-pw.md
rename to changelog/2.17.0_2023-12-12/opt-out-public-link-pw.md
diff --git a/changelog/unreleased/pass-default-nats-options.md b/changelog/2.17.0_2023-12-12/pass-default-nats-options.md
similarity index 100%
rename from changelog/unreleased/pass-default-nats-options.md
rename to changelog/2.17.0_2023-12-12/pass-default-nats-options.md
diff --git a/changelog/unreleased/passwod-policies-renaming.md b/changelog/2.17.0_2023-12-12/passwod-policies-renaming.md
similarity index 100%
rename from changelog/unreleased/passwod-policies-renaming.md
rename to changelog/2.17.0_2023-12-12/passwod-policies-renaming.md
diff --git a/changelog/unreleased/release-lock-when-expired.md b/changelog/2.17.0_2023-12-12/release-lock-when-expired.md
similarity index 100%
rename from changelog/unreleased/release-lock-when-expired.md
rename to changelog/2.17.0_2023-12-12/release-lock-when-expired.md
diff --git a/changelog/unreleased/remove-dead-enable-home-config.md b/changelog/2.17.0_2023-12-12/remove-dead-enable-home-config.md
similarity index 100%
rename from changelog/unreleased/remove-dead-enable-home-config.md
rename to changelog/2.17.0_2023-12-12/remove-dead-enable-home-config.md
diff --git a/changelog/unreleased/rename-hidden-share-vaue.md b/changelog/2.17.0_2023-12-12/rename-hidden-share-vaue.md
similarity index 100%
rename from changelog/unreleased/rename-hidden-share-vaue.md
rename to changelog/2.17.0_2023-12-12/rename-hidden-share-vaue.md
diff --git a/changelog/unreleased/return-403-when-not-lock-permitted.md b/changelog/2.17.0_2023-12-12/return-403-when-not-lock-permitted.md
similarity index 100%
rename from changelog/unreleased/return-403-when-not-lock-permitted.md
rename to changelog/2.17.0_2023-12-12/return-403-when-not-lock-permitted.md
diff --git a/changelog/unreleased/reva-token-bearer.md b/changelog/2.17.0_2023-12-12/reva-token-bearer.md
similarity index 100%
rename from changelog/unreleased/reva-token-bearer.md
rename to changelog/2.17.0_2023-12-12/reva-token-bearer.md
diff --git a/changelog/unreleased/service-accounts.md b/changelog/2.17.0_2023-12-12/service-accounts.md
similarity index 100%
rename from changelog/unreleased/service-accounts.md
rename to changelog/2.17.0_2023-12-12/service-accounts.md
diff --git a/changelog/unreleased/update-go-ldap.md b/changelog/2.17.0_2023-12-12/update-go-ldap.md
similarity index 100%
rename from changelog/unreleased/update-go-ldap.md
rename to changelog/2.17.0_2023-12-12/update-go-ldap.md
diff --git a/changelog/unreleased/update-passwod-policies.md b/changelog/2.17.0_2023-12-12/update-passwod-policies.md
similarity index 100%
rename from changelog/unreleased/update-passwod-policies.md
rename to changelog/2.17.0_2023-12-12/update-passwod-policies.md
diff --git a/changelog/unreleased/utils-error-handling.md b/changelog/2.17.0_2023-12-12/utils-error-handling.md
similarity index 100%
rename from changelog/unreleased/utils-error-handling.md
rename to changelog/2.17.0_2023-12-12/utils-error-handling.md
diff --git a/changelog/NOTE.md b/changelog/NOTE.md
index 1ee5932798..383d12f172 100644
--- a/changelog/NOTE.md
+++ b/changelog/NOTE.md
@@ -1,251 +1,545 @@
-Changelog for reva 2.16.0 (2023-08-21)
+Changelog for reva 2.17.0 (2023-12-12)
 =======================================
 
-The following sections list the changes in reva 2.16.0 relevant to
+The following sections list the changes in reva 2.17.0 relevant to
 reva users. The changes are ordered by importance.
 
 Summary
 -------
 
-*   Fix #4051: Set treesize when creating a storage space
-*   Fix #4093: Fix the error handling
-*   Fix #4111: Return already exists error when child already exists
-*   Fix #4086: Fix ocs status code for not enough permission response
-*   Fix #4101: Make the jsoncs3 share manager indexes more robust
-*   Fix #4099: Fix logging upload errors
-*   Fix #4078: Fix the default document language for OnlyOffice
-*   Fix #4082: Fix propfind permissions
-*   Fix #4100: S3ng include md5 checksum on put
-*   Fix #4096: Fix the user shares list
-*   Fix #4076: Fix WebDAV permissions for space managers
-*   Fix #4117: Fix jsoncs3 atomic persistence
-*   Fix #4081: Propagate sizeDiff
-*   Fix #4091: Register WebDAV HTTP methods with chi
-*   Fix #4107: Return lock when requested
-*   Fix #4075: Revert 4065 - bypass proxy on upload
-*   Enh #4089: Async propagation (experimental)
-*   Enh #4074: Allow configuring the max size of grpc messages
-*   Enh #4083: Allow for rolling back migrations
-*   Enh #4014: En-/Disable DEPTH:inifinity in PROPFIND
-*   Enh #4072: Allow to specify a shutdown timeout
-*   Enh #4103: Add .oform mimetype
-*   Enh #4098: Allow naming nats connections
-*   Enh #4085: Add registry refresh
-*   Enh #4097: Remove app ticker logs
-*   Enh #4090: Add Capability for sse
-*   Enh #4110: Tracing events propgation
+*   Fix #4278: Disable DEPTH infinity in PROPFIND
+*   Fix #4318: Do not allow moves between shares
+*   Fix #4290: Prevent panic when trying to move a non-existent file
+*   Fix #4241: Allow an empty credentials chain in the auth middleware
+*   Fix #4216: Fix an error message
+*   Fix #4324: Fix capabilities decoding
+*   Fix #4267: Fix concurrency issue
+*   Fix #4362: Fix concurrent lookup
+*   Fix #4336: Fix definition of "file-editor" role
+*   Fix #4302: Fix checking of filename length
+*   Fix #4366: Fix CS3 status code when looking up non existing share
+*   Fix #4299: Fix HTTP verb of the generate-invite endpoint
+*   Fix #4249: GetUserByClaim not working with MSAD for claim "userid"
+*   Fix #4217: Fix missing case for "hide" in UpdateShares
+*   Fix #4140: Fix missing etag in shares jail
+*   Fix #4229: Fix destroying the Personal and Project spaces data
+*   Fix #4193: Fix overwrite a file with an empty file
+*   Fix #4365: Fix create public share
+*   Fix #4380: Fix the public link update
+*   Fix #4250: Fix race condition
+*   Fix #4345: Fix conversion of custom ocs permissions to roles
+*   Fix #4134: Fix share jail
+*   Fix #4335: Fix public shares cleanup config
+*   Fix #4338: Fix unlock via space API
+*   Fix #4341: Fix spaceID in meta endpoint response
+*   Fix #4351: Fix 500 when open public link
+*   Fix #4352: Fix the tgz mime type
+*   Fix #4388: Allow UpdateUserShare() to update just the expiration date
+*   Fix #4214: Always pass adjusted default nats options
+*   Fix #4291: Release lock when expired
+*   Fix #4386: Remove dead enable_home config
+*   Fix #4292: Return 403 when user is not permitted to log
+*   Enh #4389: Add audio and location props
+*   Enh #4337: Check permissions before creating shares
+*   Enh #4326: Add search mediatype filter
+*   Enh #4367: Add GGS mime type
+*   Enh #4295: Add hide flag to shares
+*   Enh #4358: Add default permissions capability for links
+*   Enh #4133: Add more metadata to locks
+*   Enh #4353: Add support for .docxf files
+*   Enh #4363: Add nats-js-kv store
+*   Enh #4197: Add the Banned-Passwords List
+*   Enh #4190: Add the password policies
+*   Enh #4384: Add a retry postprocessing outcome and event
+*   Enh #4271: Add search capability
+*   Enh #4119: Add sse event
+*   Enh #4392: Add additional permissions to service accounts
+*   Enh #4344: Add url extension to mime type list
+*   Enh #4372: Add validation to the public share provider
+*   Enh #4244: Allow listing reveived shares by service accounts
+*   Enh #4129: Auto-Accept Shares through ServiceAccounts
+*   Enh #4374: Handle trashbin file listings concurrently
+*   Enh #4325: Enforce Permissions
+*   Enh #4368: Extract log initialization
+*   Enh #4375: Introduce UploadSessionLister interface
+*   Enh #4268: Implement sharing roles
+*   Enh #4160: Improve utils pkg
+*   Enh #4335: Add sufficient permissions check function
+*   Enh #4281: Port OCM changes from master
+*   Enh #4270: Opt out of public link password enforcement
+*   Enh #4181: The password policies change request
+*   Enh #4256: Rename hidden share variable name
+*   Enh #3315: Accept reva token as a bearer authentication
+*   Enh #3926: Service Accounts
+*   Enh #4359: Update go-ldap to v3.4.6
+*   Enh #4170: Update password policies
+*   Enh #4232: Improve error handling in utils package
 
 Details
 -------
 
-*   Bugfix #4051: Set treesize when creating a storage space
+*   Bugfix #4278: Disable DEPTH infinity in PROPFIND
 
-   We now explicitly set the treesize metadata to zero when creating a new storage space. This
-   prevents empty treesize values for spaces with out any data.
+   Disabled DEPTH infinity in PROPFIND for Personal /remote.php/dav/files/admin Public link
+   share /remote.php/dav/public-files/<token> Trashbin
+   /remote.php/dav/spaces/trash-bin/<personal-space-id>
 
-   https://github.com/cs3org/reva/pull/4051
+   https://github.com/owncloud/ocis/issues/7359
+   https://github.com/cs3org/reva/pull/4278
 
-*   Bugfix #4093: Fix the error handling
+*   Bugfix #4318: Do not allow moves between shares
 
-   Fix the error handling and prevent the nil pointer error
+   We no longer allow moves between shares, even if they resolve to the same space.
 
-   https://github.com/owncloud/ocis/issues/6929
-   https://github.com/cs3org/reva/pull/4093
+   https://github.com/cs3org/reva/pull/4318
 
-*   Bugfix #4111: Return already exists error when child already exists
+*   Bugfix #4290: Prevent panic when trying to move a non-existent file
 
-   Prevents two concurrent requests from creating the same file
+   We fixed a panic when the user tried to move a file which does not exist.
 
-   https://github.com/cs3org/reva/pull/4111
+   https://github.com/cs3org/reva/pull/4290
+   https://github.com/cs3org/reva/pull/4283
 
-*   Bugfix #4086: Fix ocs status code for not enough permission response
+*   Bugfix #4241: Allow an empty credentials chain in the auth middleware
 
-   Request to re-share a resource or update a share by a user who does not have enough permission on
-   the resource returned a 404 status code. This is fixed and a 403 status code is returned instead.
+   When running with ocis, all external http-authentication is handled by the proxy service. So
+   the reva auth middleware should not try to do any basic or bearer auth.
 
-   https://github.com/owncloud/ocis/issues/6670
-   https://github.com/cs3org/reva/pull/4086
+   https://github.com/owncloud/ocis/issues/6692
+   https://github.com/cs3org/reva/pull/4241
 
-*   Bugfix #4101: Make the jsoncs3 share manager indexes more robust
+*   Bugfix #4216: Fix an error message
 
-   We fixed a problem where the jsoncs3 share manager indexes could get out of sync.
+   Capitalize an error message for Banned-Passwords List OCIS-3809
 
-   https://github.com/cs3org/reva/pull/4101
+   https://github.com/cs3org/reva/pull/4216
 
-*   Bugfix #4099: Fix logging upload errors
+*   Bugfix #4324: Fix capabilities decoding
 
-   We fixed a problem where problems with uploading blobs to the blobstore weren't logged.
+   We have fixed a bug when the mapstructure is ignored the embedded structure when decode
 
-   https://github.com/cs3org/reva/pull/4099
+   https://github.com/cs3org/reva/pull/4324
 
-*   Bugfix #4078: Fix the default document language for OnlyOffice
+*   Bugfix #4267: Fix concurrency issue
 
-   Fix the default document language for OnlyOffice
+   We fixed a concurrency issue when listing received shares.
 
-   https://github.com/owncloud/enterprise/issues/5807
-   https://github.com/cs3org/reva/pull/4078
+   https://github.com/cs3org/reva/pull/4267
 
-*   Bugfix #4082: Fix propfind permissions
+*   Bugfix #4362: Fix concurrent lookup
 
-   Propfinds permissions field would always contain the permissions of the requested resource,
-   even for its children This is fixed.
+   We have fixed a bug that overwrites existing variables, leading to flaky lookup of spaces
 
-   https://github.com/cs3org/reva/pull/4082
+   https://github.com/cs3org/reva/pull/4362
 
-*   Bugfix #4100: S3ng include md5 checksum on put
+*   Bugfix #4336: Fix definition of "file-editor" role
 
-   We've fixed the S3 put operation of the S3ng storage to include a md5 checksum.
+   The "file-editor" role was missing the AddGrant resource permission, which caused a broken
+   mapping from ResourcePermissions to roles in certain cases.
 
-   This md5 checksum is needed when a bucket has a retention period configured (see
-   https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutObject.html).
+   https://github.com/cs3org/reva/pull/4336
 
-   https://github.com/cs3org/reva/pull/4100
+*   Bugfix #4302: Fix checking of filename length
 
-*   Bugfix #4096: Fix the user shares list
+   Instead of checking for length of the filename the ocdav handler would sometimes check for
+   complete file path.
 
-   Filter out a share if ShareWith is not found because the user or group already deleted
+   https://github.com/cs3org/reva/pull/4302
 
-   https://github.com/owncloud/ocis/issues/6730
-   https://github.com/cs3org/reva/pull/4096
+*   Bugfix #4366: Fix CS3 status code when looking up non existing share
 
-*   Bugfix #4076: Fix WebDAV permissions for space managers
+   When trying to lookup a share that does not exist we now return a proper "not found" error instead
+   of just an "internal error.
 
-   Sub shares of a space were shown as incoming shares for space manager incorrectly.
+   https://github.com/cs3org/reva/pull/4366
 
-   https://github.com/cs3org/reva/pull/4076
+*   Bugfix #4299: Fix HTTP verb of the generate-invite endpoint
 
-*   Bugfix #4117: Fix jsoncs3 atomic persistence
+   We changed the HTTP verb of the /generate-invite endpoint of the sciencemesh service to POST as
+   it clearly has side effects for the system, it's not just a read-only call.
 
-   The jsoncs3 share manager now uses etags instead of mtimes to determine when metadata needs to
-   be updated. As a precondtition we had to change decomposedfs as well: to consistently
-   calculate the etag for the file content we now store the mtime in the metadata and use the
-   metadata lock for atomicity.
+   https://github.com/cs3org/reva/pull/4299
 
-   https://github.com/cs3org/reva/pull/4117
+*   Bugfix #4249: GetUserByClaim not working with MSAD for claim "userid"
 
-*   Bugfix #4081: Propagate sizeDiff
+   We fixed GetUserByClaim to correctly deal with binary encoded userid as e.g. used for Active
+   Directory.
 
-   When postprocessing failed the sizeDiff would not be propagated correctly. This is fixed
+   https://github.com/owncloud/ocis/issues/7469
+   https://github.com/cs3org/reva/pull/4249
 
-   https://github.com/cs3org/reva/pull/4081
+*   Bugfix #4217: Fix missing case for "hide" in UpdateShares
 
-*   Bugfix #4091: Register WebDAV HTTP methods with chi
+   We fixed a bug that caused ocs to throw a 996 on update of permissions.
 
-   We now correctly register the WebDAV methods with chi during init.
+   https://github.com/cs3org/reva/pull/4217
 
-   https://github.com/owncloud/ocis/issues/6924
-   https://github.com/cs3org/reva/pull/4091
+*   Bugfix #4140: Fix missing etag in shares jail
 
-*   Bugfix #4107: Return lock when requested
+   The shares jail can miss the etag if the first `receivedShare` is not accepted.
 
-   We did not explictly return the lock when it was requested. This lead to the lock only being
-   included when no other metadata was requested. We fixed it by explictly returning the lock when
-   requested.
+   https://github.com/cs3org/reva/pull/4140
 
-   https://github.com/cs3org/reva/pull/4107
+*   Bugfix #4229: Fix destroying the Personal and Project spaces data
 
-*   Bugfix #4075: Revert 4065 - bypass proxy on upload
+   We fixed a bug that caused destroying the Personal and Project spaces data when providing as a
+   destination while move/copy file. Disallow use the Personal and Project spaces root as a
+   source while move/copy file.
 
-   We have reverted PR #4065 to bypass proxy on upload, because it caused issues with oCis.
+   https://github.com/owncloud/ocis/issues/6739
+   https://github.com/cs3org/reva/pull/4229
 
-   https://github.com/cs3org/reva/pull/4075
-   https://github.com/cs3org/reva/pull/4065
+*   Bugfix #4193: Fix overwrite a file with an empty file
 
-*   Enhancement #4089: Async propagation (experimental)
+   Fix the error when the user trying to overwrite a file with an empty file
 
-   Decomposedfs can now be configured to propagate treetime/treesize changes asynchronously.
+   https://github.com/cs3org/reva/pull/4193
 
-   https://github.com/cs3org/reva/pull/4089
-   https://github.com/cs3org/reva/pull/4070
+*   Bugfix #4365: Fix create public share
 
-*   Enhancement #4074: Allow configuring the max size of grpc messages
+   If public link creation failed, it now returns a status error instead of sending ok.
 
-   We added a possibility to make the max size of grpc messsages configurable. It is only
-   configurable via envvar `OCIS_GRPC_MAX_RECEIVED_MESSAGE_SIZE` . It is recommended to use
-   this envvar only temporarily.
+   https://github.com/cs3org/reva/pull/4365
 
-   https://github.com/cs3org/reva/pull/4074
+*   Bugfix #4380: Fix the public link update
 
-*   Enhancement #4083: Allow for rolling back migrations
+   We fixed a bug when normal users can update the public link to delete its password if permission
+   is not sent in data.
 
-   The decomposedfs now supports rolling back migrations (starting with 0004). It also got a
-   Migrations() method which returns the list of migrations incl. their states.
+   https://github.com/owncloud/ocis/issues/7821
+   https://github.com/cs3org/reva/pull/4380
 
-   https://github.com/cs3org/reva/pull/4083
+*   Bugfix #4250: Fix race condition
 
-*   Enhancement #4014: En-/Disable DEPTH:inifinity in PROPFIND
+   We have fixed a race condition when setting the default tracing provider.
 
-   We have added the ability to en-/disable DEPTH:infinitiy in PROPFIND requests for spaces
+   https://github.com/owncloud/ocis/issues/4088
+   https://github.com/cs3org/reva/pull/4250
 
-   https://github.com/owncloud/ocis/issues/4188
-   https://github.com/cs3org/reva/pull/4014
+*   Bugfix #4345: Fix conversion of custom ocs permissions to roles
 
-*   Enhancement #4072: Allow to specify a shutdown timeout
+   When creating shares with custom permissions they were under certain conditions converted
+   into the wrong corrensponding sharing role
 
-   When setting `graceful_shutdown_timeout` revad will try to shutdown in a graceful manner
-   when receiving an INT or TERM signal (similar to how it already behaves on SIGQUIT). This allows
-   ongoing operations to complete before exiting.
+   https://github.com/owncloud/enterprise/issues/6209
+   https://github.com/cs3org/reva/pull/4345
+   https://github.com/cs3org/reva/pull/4343
+   https://github.com/cs3org/reva/pull/4342
 
-   If the shutdown didn't finish before `graceful_shutdown_timeout` seconds the process will
-   exit with an error code (1).
+*   Bugfix #4134: Fix share jail
 
-   https://github.com/cs3org/reva/pull/4072
+   Make matching mountpoints deterministic by comparing whole path segments of mountpoints
 
-*   Enhancement #4103: Add .oform mimetype
+   https://github.com/cs3org/reva/pull/4134
 
-   We switched to a local list of mimetypes and added support for the .oform file extension.
+*   Bugfix #4335: Fix public shares cleanup config
 
-   https://github.com/cs3org/reva/pull/4103
-   https://github.com/cs3org/reva/pull/4092
+   The public shares cleanup for expired shares was not configurable via ocis.
 
-*   Enhancement #4098: Allow naming nats connections
+   https://github.com/cs3org/reva/pull/4335/
 
-   Bump go-micro and use new `Name` option to pass a connection name
+*   Bugfix #4338: Fix unlock via space API
 
-   https://github.com/cs3org/reva/pull/4098
+   We fixed a bug that caused Error 500 when user try to unlock file using fileid The
+   handleSpaceUnlock has been added
 
-*   Enhancement #4085: Add registry refresh
+   https://github.com/owncloud/ocis/issues/7708
+   https://github.com/cs3org/reva/pull/4338
 
-   We have added registry auto-refresh and made it configurable
+*   Bugfix #4341: Fix spaceID in meta endpoint response
 
-   https://github.com/owncloud/ocis/issues/6793
-   https://github.com/owncloud/ocis/issues/3832
-   https://github.com/cs3org/reva/pull/4085
-   https://github.com/owncloud/ocis/pull/6910
+   When doing a `PROPFIND` on the meta endpoint the spaceID would not be rendered correctly. That
+   is fixed now
 
-*   Enhancement #4097: Remove app ticker logs
+   https://github.com/cs3org/reva/pull/4341
 
-   https://github.com/cs3org/reva/pull/4097
-   Logs
-   would
-   show
-   regardless
-   of
-   log
-   level
-   as
-   there
-   is
-   no
-   configuration
-   done
-   beforehand.
-   We
-   remove
-   the
-   logs
-   for
-   now.
+*   Bugfix #4351: Fix 500 when open public link
 
-*   Enhancement #4090: Add Capability for sse
+   We fixed a bug that caused nil pointer and Error 500 when open a public link from a deleted user
 
-   Add a capability for server sent events
+   https://github.com/owncloud/ocis/issues/7740
+   https://github.com/cs3org/reva/pull/4351
 
-   https://github.com/cs3org/reva/pull/4090
+*   Bugfix #4352: Fix the tgz mime type
 
-*   Enhancement #4110: Tracing events propgation
+   We have fixed a bug when the tgz mime type was not "application/gzip"
 
-   Tracing information will now be propagated via events
+   https://github.com/cs3org/reva/pull/4352
 
-   https://github.com/cs3org/reva/pull/4110
+*   Bugfix #4388: Allow UpdateUserShare() to update just the expiration date
+
+   The UpdateUserShare Request now works if it just contains an update of the expiration date.
+
+   https://github.com/cs3org/reva/pull/4388
+
+*   Bugfix #4214: Always pass adjusted default nats options
+
+   The nats-js store will now automatically reconnect.
+
+   https://github.com/cs3org/reva/pull/4214
+
+*   Bugfix #4291: Release lock when expired
+
+   Release an expired lock when stating the resource
+
+   https://github.com/cs3org/reva/pull/4291
+
+*   Bugfix #4386: Remove dead enable_home config
+
+   https://github.com/cs3org/reva/pull/4386
+
+*   Bugfix #4292: Return 403 when user is not permitted to log
+
+   When a user tries to lock a file, but doesn't have write access, the correct status code is `403`
+   not `500` like we did until now
+
+   https://github.com/cs3org/reva/pull/4292
+
+*   Enhancement #4389: Add audio and location props
+
+   Add `oc:audio` and `oc:location` props to PROPFIND responses for propall requests or when
+   they are explicitly requested.
+
+   https://github.com/cs3org/reva/pull/4389
+
+*   Enhancement #4337: Check permissions before creating shares
+
+   The user share provider now checks if the user has sufficient permissions to create a share.
+
+   https://github.com/cs3org/reva/pull/4337/
+
+*   Enhancement #4326: Add search mediatype filter
+
+   Add filter MediaType filter shortcuts to search for specific document types. For example, a
+   search query MimeType:documents will search for files with the following mimetypes:
+
+   Application/msword
+   MimeType:application/vnd.openxmlformats-officedocument.wordprocessingml.document
+   MimeType:application/vnd.oasis.opendocument.text MimeType:text/plain
+   MimeType:text/markdown MimeType:application/rtf
+   MimeType:application/vnd.apple.pages
+
+   https://github.com/owncloud/ocis/issues/7432
+   https://github.com/cs3org/reva/pull/4326
+   https://github.com/cs3org/reva/pull/4320
+
+*   Enhancement #4367: Add GGS mime type
+
+   We have added a new mime type for GGS files. This is a new file type that is used by geogebra
+   application.
+
+   https://github.com/owncloud/ocis/issues/7768
+   https://github.com/cs3org/reva/pull/4367
+   https://github.com/owncloud/ocis/pull/7804
+
+*   Enhancement #4295: Add hide flag to shares
+
+   We have added the ability to hide shares through the
+   ocs/v2.php/apps/files_sharing/api/v1/shares/pending/ endpoint by appending a
+   POST-Variable called hide which can be true or false.
+
+   https://github.com/owncloud/ocis/issues/7589
+   https://github.com/cs3org/reva/pull/4295
+   https://github.com/cs3org/reva/pull/4289
+   https://github.com/cs3org/reva/pull/4194
+
+*   Enhancement #4358: Add default permissions capability for links
+
+   A capability for default permissions for links has been added.
+
+   https://github.com/owncloud/web/issues/9919
+   https://github.com/cs3org/reva/pull/4358
+
+*   Enhancement #4133: Add more metadata to locks
+
+   Adds the owners name and the time of locking to the lock metadata
+
+   https://github.com/cs3org/reva/pull/4133
+
+*   Enhancement #4353: Add support for .docxf files
+
+   We have added the missing .docxf mime-type to the list of supported mime-types.
+
+   https://github.com/owncloud/ocis/issues/6989
+   https://github.com/cs3org/reva/pull/4353
+
+*   Enhancement #4363: Add nats-js-kv store
+
+   Add a store using the nats-js key value storage. Also fixes a panic when locking files.
+
+   https://github.com/cs3org/reva/pull/4363
+
+*   Enhancement #4197: Add the Banned-Passwords List
+
+   Add ability to validation against the Banned-Passwords List OCIS-3809
+
+   https://github.com/cs3org/reva/pull/4197
+
+*   Enhancement #4190: Add the password policies
+
+   Add the password policies OCIS-3767
+
+   https://github.com/cs3org/reva/pull/4190
+   https://github.com/cs3org/reva/pull/4147
+
+*   Enhancement #4384: Add a retry postprocessing outcome and event
+
+   We added a retry postprocessing outcome and event. This enhancement provides the ability to
+   handle retry scenarios during postprocessing.
+
+   https://github.com/cs3org/reva/pull/4384
+
+*   Enhancement #4271: Add search capability
+
+   We have added the ability to define search specific capabilities.
+
+   https://github.com/cs3org/reva/pull/4271
+
+*   Enhancement #4119: Add sse event
+
+   Adds an event to issue sse notifications
+
+   https://github.com/cs3org/reva/pull/4119
+
+*   Enhancement #4392: Add additional permissions to service accounts
+
+   We added the `RestoreRecycleItem` and `Delete` permissions to service accounts
+
+   https://github.com/owncloud/ocis/issues/7845
+   https://github.com/cs3org/reva/pull/4392
+
+*   Enhancement #4344: Add url extension to mime type list
+
+   We have added the url extension to the mime type list
+
+   https://github.com/cs3org/reva/pull/4344
+
+*   Enhancement #4372: Add validation to the public share provider
+
+   We added validation to the public share provider. The idea behind it is that the cs3 clients will
+   become much simpler. The provider can do the validation and return different status codes. The
+   API clients then just need to convert CS3 status codes to http status codes.
+
+   https://github.com/owncloud/ocis/issues/6993
+   https://github.com/cs3org/reva/pull/4372/
+
+*   Enhancement #4244: Allow listing reveived shares by service accounts
+
+   Similar to UpdateReceivedShare we now pass a forUser parameter to list received shares when
+   using service accounts
+
+   https://github.com/cs3org/reva/pull/4244
+
+*   Enhancement #4129: Auto-Accept Shares through ServiceAccounts
+
+   Auto accept shares with service accounts
+
+   https://github.com/cs3org/reva/pull/4129
+
+*   Enhancement #4374: Handle trashbin file listings concurrently
+
+   We now use a concurrent walker to list files in the trashbin. This improves performance when
+   listing files in the trashbin.
+
+   https://github.com/owncloud/ocis/issues/7844
+   https://github.com/cs3org/reva/pull/4374
+
+*   Enhancement #4325: Enforce Permissions
+
+   Enforce the new `Favorites.List` `Favorites.Write` and `Shares.Write` Permissions
+
+   https://github.com/cs3org/reva/pull/4325
+
+*   Enhancement #4368: Extract log initialization
+
+   To prepare reinitializing a logger for uploads we refactored the loginitialization into its
+   own package
+
+   https://github.com/cs3org/reva/pull/4368
+
+*   Enhancement #4375: Introduce UploadSessionLister interface
+
+   We introduced a new UploadSessionLister interface that allows better control of upload
+   sessions. Upload sessions include the processing state and can be used to filter and purge the
+   list of currently ongoing upload sessions.
+
+   https://github.com/cs3org/reva/pull/4375
+
+*   Enhancement #4268: Implement sharing roles
+
+   Implement libre graph sharing roles
+
+   https://github.com/owncloud/ocis/issues/7418
+   https://github.com/cs3org/reva/pull/4268
+
+*   Enhancement #4160: Improve utils pkg
+
+   Add more function to utils pkg so they don't need to be copy/pasted everywhere
+
+   https://github.com/cs3org/reva/pull/4160
+
+*   Enhancement #4335: Add sufficient permissions check function
+
+   We added a helper function to check for sufficient CS3 resource permissions.
+
+   https://github.com/owncloud/ocis/issues/6993
+   https://github.com/cs3org/reva/pull/4335/
+
+*   Enhancement #4281: Port OCM changes from master
+
+   We pulled in the latest ocm changes from master and are now compatible with the main go-cs3apis
+   again.
+
+   https://github.com/cs3org/reva/pull/4281
+   https://github.com/cs3org/reva/pull/4239
+
+*   Enhancement #4270: Opt out of public link password enforcement
+
+   Users with special permissions can now delete passwords on read-only public links.
+
+   https://github.com/owncloud/ocis/issues/7538
+   https://github.com/cs3org/reva/pull/4270
+
+*   Enhancement #4181: The password policies change request
+
+   The variables renaming OCIS-3767
+
+   https://github.com/cs3org/reva/pull/4181
+
+*   Enhancement #4256: Rename hidden share variable name
+
+   We have renamed the hidden flag on shares from Hide -> Hidden to align to the cs3api
+
+   https://github.com/cs3org/reva/pull/4256
+   https://github.com/cs3org/cs3apis/pull/214
+
+*   Enhancement #3315: Accept reva token as a bearer authentication
+
+   https://github.com/cs3org/reva/pull/3315
+
+*   Enhancement #3926: Service Accounts
+
+   Makes reva ready for service accounts by introducing an serviceaccounts auth manager
+
+   https://github.com/cs3org/reva/pull/3926
+
+*   Enhancement #4359: Update go-ldap to v3.4.6
+
+   Updated go-ldap/ldap/v3 to the latest upstream release to include the latest bugfixes and
+   enhancements.
+
+   https://github.com/cs3org/reva/pull/4359
+
+*   Enhancement #4170: Update password policies
+
+   The Password policies have been updated. The special characters list became constant.
+   OCIS-3767
+
+   https://github.com/cs3org/reva/pull/4170
+
+*   Enhancement #4232: Improve error handling in utils package
+
+   Improves error handling in the utils package. This has no impact on users.
+
+   https://github.com/cs3org/reva/pull/4232
 
diff --git a/docs/content/en/docs/changelog/2.17.0/_index.md b/docs/content/en/docs/changelog/2.17.0/_index.md
new file mode 100644
index 0000000000..6ee309fa42
--- /dev/null
+++ b/docs/content/en/docs/changelog/2.17.0/_index.md
@@ -0,0 +1,554 @@
+
+---
+title: "v2.17.0"
+linkTitle: "v2.17.0"
+weight: 40
+description: >
+  Changelog for Reva v2.17.0 (2023-12-12)
+---
+
+Changelog for reva 2.17.0 (2023-12-12)
+=======================================
+
+The following sections list the changes in reva 2.17.0 relevant to
+reva users. The changes are ordered by importance.
+
+Summary
+-------
+
+*   Fix #4278: Disable DEPTH infinity in PROPFIND
+*   Fix #4318: Do not allow moves between shares
+*   Fix #4290: Prevent panic when trying to move a non-existent file
+*   Fix #4241: Allow an empty credentials chain in the auth middleware
+*   Fix #4216: Fix an error message
+*   Fix #4324: Fix capabilities decoding
+*   Fix #4267: Fix concurrency issue
+*   Fix #4362: Fix concurrent lookup
+*   Fix #4336: Fix definition of "file-editor" role
+*   Fix #4302: Fix checking of filename length
+*   Fix #4366: Fix CS3 status code when looking up non existing share
+*   Fix #4299: Fix HTTP verb of the generate-invite endpoint
+*   Fix #4249: GetUserByClaim not working with MSAD for claim "userid"
+*   Fix #4217: Fix missing case for "hide" in UpdateShares
+*   Fix #4140: Fix missing etag in shares jail
+*   Fix #4229: Fix destroying the Personal and Project spaces data
+*   Fix #4193: Fix overwrite a file with an empty file
+*   Fix #4365: Fix create public share
+*   Fix #4380: Fix the public link update
+*   Fix #4250: Fix race condition
+*   Fix #4345: Fix conversion of custom ocs permissions to roles
+*   Fix #4134: Fix share jail
+*   Fix #4335: Fix public shares cleanup config
+*   Fix #4338: Fix unlock via space API
+*   Fix #4341: Fix spaceID in meta endpoint response
+*   Fix #4351: Fix 500 when open public link
+*   Fix #4352: Fix the tgz mime type
+*   Fix #4388: Allow UpdateUserShare() to update just the expiration date
+*   Fix #4214: Always pass adjusted default nats options
+*   Fix #4291: Release lock when expired
+*   Fix #4386: Remove dead enable_home config
+*   Fix #4292: Return 403 when user is not permitted to log
+*   Enh #4389: Add audio and location props
+*   Enh #4337: Check permissions before creating shares
+*   Enh #4326: Add search mediatype filter
+*   Enh #4367: Add GGS mime type
+*   Enh #4295: Add hide flag to shares
+*   Enh #4358: Add default permissions capability for links
+*   Enh #4133: Add more metadata to locks
+*   Enh #4353: Add support for .docxf files
+*   Enh #4363: Add nats-js-kv store
+*   Enh #4197: Add the Banned-Passwords List
+*   Enh #4190: Add the password policies
+*   Enh #4384: Add a retry postprocessing outcome and event
+*   Enh #4271: Add search capability
+*   Enh #4119: Add sse event
+*   Enh #4392: Add additional permissions to service accounts
+*   Enh #4344: Add url extension to mime type list
+*   Enh #4372: Add validation to the public share provider
+*   Enh #4244: Allow listing reveived shares by service accounts
+*   Enh #4129: Auto-Accept Shares through ServiceAccounts
+*   Enh #4374: Handle trashbin file listings concurrently
+*   Enh #4325: Enforce Permissions
+*   Enh #4368: Extract log initialization
+*   Enh #4375: Introduce UploadSessionLister interface
+*   Enh #4268: Implement sharing roles
+*   Enh #4160: Improve utils pkg
+*   Enh #4335: Add sufficient permissions check function
+*   Enh #4281: Port OCM changes from master
+*   Enh #4270: Opt out of public link password enforcement
+*   Enh #4181: The password policies change request
+*   Enh #4256: Rename hidden share variable name
+*   Enh #3315: Accept reva token as a bearer authentication
+*   Enh #3926: Service Accounts
+*   Enh #4359: Update go-ldap to v3.4.6
+*   Enh #4170: Update password policies
+*   Enh #4232: Improve error handling in utils package
+
+Details
+-------
+
+*   Bugfix #4278: Disable DEPTH infinity in PROPFIND
+
+   Disabled DEPTH infinity in PROPFIND for Personal /remote.php/dav/files/admin Public link
+   share /remote.php/dav/public-files/<token> Trashbin
+   /remote.php/dav/spaces/trash-bin/<personal-space-id>
+
+   https://github.com/owncloud/ocis/issues/7359
+   https://github.com/cs3org/reva/pull/4278
+
+*   Bugfix #4318: Do not allow moves between shares
+
+   We no longer allow moves between shares, even if they resolve to the same space.
+
+   https://github.com/cs3org/reva/pull/4318
+
+*   Bugfix #4290: Prevent panic when trying to move a non-existent file
+
+   We fixed a panic when the user tried to move a file which does not exist.
+
+   https://github.com/cs3org/reva/pull/4290
+   https://github.com/cs3org/reva/pull/4283
+
+*   Bugfix #4241: Allow an empty credentials chain in the auth middleware
+
+   When running with ocis, all external http-authentication is handled by the proxy service. So
+   the reva auth middleware should not try to do any basic or bearer auth.
+
+   https://github.com/owncloud/ocis/issues/6692
+   https://github.com/cs3org/reva/pull/4241
+
+*   Bugfix #4216: Fix an error message
+
+   Capitalize an error message for Banned-Passwords List OCIS-3809
+
+   https://github.com/cs3org/reva/pull/4216
+
+*   Bugfix #4324: Fix capabilities decoding
+
+   We have fixed a bug when the mapstructure is ignored the embedded structure when decode
+
+   https://github.com/cs3org/reva/pull/4324
+
+*   Bugfix #4267: Fix concurrency issue
+
+   We fixed a concurrency issue when listing received shares.
+
+   https://github.com/cs3org/reva/pull/4267
+
+*   Bugfix #4362: Fix concurrent lookup
+
+   We have fixed a bug that overwrites existing variables, leading to flaky lookup of spaces
+
+   https://github.com/cs3org/reva/pull/4362
+
+*   Bugfix #4336: Fix definition of "file-editor" role
+
+   The "file-editor" role was missing the AddGrant resource permission, which caused a broken
+   mapping from ResourcePermissions to roles in certain cases.
+
+   https://github.com/cs3org/reva/pull/4336
+
+*   Bugfix #4302: Fix checking of filename length
+
+   Instead of checking for length of the filename the ocdav handler would sometimes check for
+   complete file path.
+
+   https://github.com/cs3org/reva/pull/4302
+
+*   Bugfix #4366: Fix CS3 status code when looking up non existing share
+
+   When trying to lookup a share that does not exist we now return a proper "not found" error instead
+   of just an "internal error.
+
+   https://github.com/cs3org/reva/pull/4366
+
+*   Bugfix #4299: Fix HTTP verb of the generate-invite endpoint
+
+   We changed the HTTP verb of the /generate-invite endpoint of the sciencemesh service to POST as
+   it clearly has side effects for the system, it's not just a read-only call.
+
+   https://github.com/cs3org/reva/pull/4299
+
+*   Bugfix #4249: GetUserByClaim not working with MSAD for claim "userid"
+
+   We fixed GetUserByClaim to correctly deal with binary encoded userid as e.g. used for Active
+   Directory.
+
+   https://github.com/owncloud/ocis/issues/7469
+   https://github.com/cs3org/reva/pull/4249
+
+*   Bugfix #4217: Fix missing case for "hide" in UpdateShares
+
+   We fixed a bug that caused ocs to throw a 996 on update of permissions.
+
+   https://github.com/cs3org/reva/pull/4217
+
+*   Bugfix #4140: Fix missing etag in shares jail
+
+   The shares jail can miss the etag if the first `receivedShare` is not accepted.
+
+   https://github.com/cs3org/reva/pull/4140
+
+*   Bugfix #4229: Fix destroying the Personal and Project spaces data
+
+   We fixed a bug that caused destroying the Personal and Project spaces data when providing as a
+   destination while move/copy file. Disallow use the Personal and Project spaces root as a
+   source while move/copy file.
+
+   https://github.com/owncloud/ocis/issues/6739
+   https://github.com/cs3org/reva/pull/4229
+
+*   Bugfix #4193: Fix overwrite a file with an empty file
+
+   Fix the error when the user trying to overwrite a file with an empty file
+
+   https://github.com/cs3org/reva/pull/4193
+
+*   Bugfix #4365: Fix create public share
+
+   If public link creation failed, it now returns a status error instead of sending ok.
+
+   https://github.com/cs3org/reva/pull/4365
+
+*   Bugfix #4380: Fix the public link update
+
+   We fixed a bug when normal users can update the public link to delete its password if permission
+   is not sent in data.
+
+   https://github.com/owncloud/ocis/issues/7821
+   https://github.com/cs3org/reva/pull/4380
+
+*   Bugfix #4250: Fix race condition
+
+   We have fixed a race condition when setting the default tracing provider.
+
+   https://github.com/owncloud/ocis/issues/4088
+   https://github.com/cs3org/reva/pull/4250
+
+*   Bugfix #4345: Fix conversion of custom ocs permissions to roles
+
+   When creating shares with custom permissions they were under certain conditions converted
+   into the wrong corrensponding sharing role
+
+   https://github.com/owncloud/enterprise/issues/6209
+   https://github.com/cs3org/reva/pull/4345
+   https://github.com/cs3org/reva/pull/4343
+   https://github.com/cs3org/reva/pull/4342
+
+*   Bugfix #4134: Fix share jail
+
+   Make matching mountpoints deterministic by comparing whole path segments of mountpoints
+
+   https://github.com/cs3org/reva/pull/4134
+
+*   Bugfix #4335: Fix public shares cleanup config
+
+   The public shares cleanup for expired shares was not configurable via ocis.
+
+   https://github.com/cs3org/reva/pull/4335/
+
+*   Bugfix #4338: Fix unlock via space API
+
+   We fixed a bug that caused Error 500 when user try to unlock file using fileid The
+   handleSpaceUnlock has been added
+
+   https://github.com/owncloud/ocis/issues/7708
+   https://github.com/cs3org/reva/pull/4338
+
+*   Bugfix #4341: Fix spaceID in meta endpoint response
+
+   When doing a `PROPFIND` on the meta endpoint the spaceID would not be rendered correctly. That
+   is fixed now
+
+   https://github.com/cs3org/reva/pull/4341
+
+*   Bugfix #4351: Fix 500 when open public link
+
+   We fixed a bug that caused nil pointer and Error 500 when open a public link from a deleted user
+
+   https://github.com/owncloud/ocis/issues/7740
+   https://github.com/cs3org/reva/pull/4351
+
+*   Bugfix #4352: Fix the tgz mime type
+
+   We have fixed a bug when the tgz mime type was not "application/gzip"
+
+   https://github.com/cs3org/reva/pull/4352
+
+*   Bugfix #4388: Allow UpdateUserShare() to update just the expiration date
+
+   The UpdateUserShare Request now works if it just contains an update of the expiration date.
+
+   https://github.com/cs3org/reva/pull/4388
+
+*   Bugfix #4214: Always pass adjusted default nats options
+
+   The nats-js store will now automatically reconnect.
+
+   https://github.com/cs3org/reva/pull/4214
+
+*   Bugfix #4291: Release lock when expired
+
+   Release an expired lock when stating the resource
+
+   https://github.com/cs3org/reva/pull/4291
+
+*   Bugfix #4386: Remove dead enable_home config
+
+   https://github.com/cs3org/reva/pull/4386
+
+*   Bugfix #4292: Return 403 when user is not permitted to log
+
+   When a user tries to lock a file, but doesn't have write access, the correct status code is `403`
+   not `500` like we did until now
+
+   https://github.com/cs3org/reva/pull/4292
+
+*   Enhancement #4389: Add audio and location props
+
+   Add `oc:audio` and `oc:location` props to PROPFIND responses for propall requests or when
+   they are explicitly requested.
+
+   https://github.com/cs3org/reva/pull/4389
+
+*   Enhancement #4337: Check permissions before creating shares
+
+   The user share provider now checks if the user has sufficient permissions to create a share.
+
+   https://github.com/cs3org/reva/pull/4337/
+
+*   Enhancement #4326: Add search mediatype filter
+
+   Add filter MediaType filter shortcuts to search for specific document types. For example, a
+   search query MimeType:documents will search for files with the following mimetypes:
+
+   Application/msword
+   MimeType:application/vnd.openxmlformats-officedocument.wordprocessingml.document
+   MimeType:application/vnd.oasis.opendocument.text MimeType:text/plain
+   MimeType:text/markdown MimeType:application/rtf
+   MimeType:application/vnd.apple.pages
+
+   https://github.com/owncloud/ocis/issues/7432
+   https://github.com/cs3org/reva/pull/4326
+   https://github.com/cs3org/reva/pull/4320
+
+*   Enhancement #4367: Add GGS mime type
+
+   We have added a new mime type for GGS files. This is a new file type that is used by geogebra
+   application.
+
+   https://github.com/owncloud/ocis/issues/7768
+   https://github.com/cs3org/reva/pull/4367
+   https://github.com/owncloud/ocis/pull/7804
+
+*   Enhancement #4295: Add hide flag to shares
+
+   We have added the ability to hide shares through the
+   ocs/v2.php/apps/files_sharing/api/v1/shares/pending/ endpoint by appending a
+   POST-Variable called hide which can be true or false.
+
+   https://github.com/owncloud/ocis/issues/7589
+   https://github.com/cs3org/reva/pull/4295
+   https://github.com/cs3org/reva/pull/4289
+   https://github.com/cs3org/reva/pull/4194
+
+*   Enhancement #4358: Add default permissions capability for links
+
+   A capability for default permissions for links has been added.
+
+   https://github.com/owncloud/web/issues/9919
+   https://github.com/cs3org/reva/pull/4358
+
+*   Enhancement #4133: Add more metadata to locks
+
+   Adds the owners name and the time of locking to the lock metadata
+
+   https://github.com/cs3org/reva/pull/4133
+
+*   Enhancement #4353: Add support for .docxf files
+
+   We have added the missing .docxf mime-type to the list of supported mime-types.
+
+   https://github.com/owncloud/ocis/issues/6989
+   https://github.com/cs3org/reva/pull/4353
+
+*   Enhancement #4363: Add nats-js-kv store
+
+   Add a store using the nats-js key value storage. Also fixes a panic when locking files.
+
+   https://github.com/cs3org/reva/pull/4363
+
+*   Enhancement #4197: Add the Banned-Passwords List
+
+   Add ability to validation against the Banned-Passwords List OCIS-3809
+
+   https://github.com/cs3org/reva/pull/4197
+
+*   Enhancement #4190: Add the password policies
+
+   Add the password policies OCIS-3767
+
+   https://github.com/cs3org/reva/pull/4190
+   https://github.com/cs3org/reva/pull/4147
+
+*   Enhancement #4384: Add a retry postprocessing outcome and event
+
+   We added a retry postprocessing outcome and event. This enhancement provides the ability to
+   handle retry scenarios during postprocessing.
+
+   https://github.com/cs3org/reva/pull/4384
+
+*   Enhancement #4271: Add search capability
+
+   We have added the ability to define search specific capabilities.
+
+   https://github.com/cs3org/reva/pull/4271
+
+*   Enhancement #4119: Add sse event
+
+   Adds an event to issue sse notifications
+
+   https://github.com/cs3org/reva/pull/4119
+
+*   Enhancement #4392: Add additional permissions to service accounts
+
+   We added the `RestoreRecycleItem` and `Delete` permissions to service accounts
+
+   https://github.com/owncloud/ocis/issues/7845
+   https://github.com/cs3org/reva/pull/4392
+
+*   Enhancement #4344: Add url extension to mime type list
+
+   We have added the url extension to the mime type list
+
+   https://github.com/cs3org/reva/pull/4344
+
+*   Enhancement #4372: Add validation to the public share provider
+
+   We added validation to the public share provider. The idea behind it is that the cs3 clients will
+   become much simpler. The provider can do the validation and return different status codes. The
+   API clients then just need to convert CS3 status codes to http status codes.
+
+   https://github.com/owncloud/ocis/issues/6993
+   https://github.com/cs3org/reva/pull/4372/
+
+*   Enhancement #4244: Allow listing reveived shares by service accounts
+
+   Similar to UpdateReceivedShare we now pass a forUser parameter to list received shares when
+   using service accounts
+
+   https://github.com/cs3org/reva/pull/4244
+
+*   Enhancement #4129: Auto-Accept Shares through ServiceAccounts
+
+   Auto accept shares with service accounts
+
+   https://github.com/cs3org/reva/pull/4129
+
+*   Enhancement #4374: Handle trashbin file listings concurrently
+
+   We now use a concurrent walker to list files in the trashbin. This improves performance when
+   listing files in the trashbin.
+
+   https://github.com/owncloud/ocis/issues/7844
+   https://github.com/cs3org/reva/pull/4374
+
+*   Enhancement #4325: Enforce Permissions
+
+   Enforce the new `Favorites.List` `Favorites.Write` and `Shares.Write` Permissions
+
+   https://github.com/cs3org/reva/pull/4325
+
+*   Enhancement #4368: Extract log initialization
+
+   To prepare reinitializing a logger for uploads we refactored the loginitialization into its
+   own package
+
+   https://github.com/cs3org/reva/pull/4368
+
+*   Enhancement #4375: Introduce UploadSessionLister interface
+
+   We introduced a new UploadSessionLister interface that allows better control of upload
+   sessions. Upload sessions include the processing state and can be used to filter and purge the
+   list of currently ongoing upload sessions.
+
+   https://github.com/cs3org/reva/pull/4375
+
+*   Enhancement #4268: Implement sharing roles
+
+   Implement libre graph sharing roles
+
+   https://github.com/owncloud/ocis/issues/7418
+   https://github.com/cs3org/reva/pull/4268
+
+*   Enhancement #4160: Improve utils pkg
+
+   Add more function to utils pkg so they don't need to be copy/pasted everywhere
+
+   https://github.com/cs3org/reva/pull/4160
+
+*   Enhancement #4335: Add sufficient permissions check function
+
+   We added a helper function to check for sufficient CS3 resource permissions.
+
+   https://github.com/owncloud/ocis/issues/6993
+   https://github.com/cs3org/reva/pull/4335/
+
+*   Enhancement #4281: Port OCM changes from master
+
+   We pulled in the latest ocm changes from master and are now compatible with the main go-cs3apis
+   again.
+
+   https://github.com/cs3org/reva/pull/4281
+   https://github.com/cs3org/reva/pull/4239
+
+*   Enhancement #4270: Opt out of public link password enforcement
+
+   Users with special permissions can now delete passwords on read-only public links.
+
+   https://github.com/owncloud/ocis/issues/7538
+   https://github.com/cs3org/reva/pull/4270
+
+*   Enhancement #4181: The password policies change request
+
+   The variables renaming OCIS-3767
+
+   https://github.com/cs3org/reva/pull/4181
+
+*   Enhancement #4256: Rename hidden share variable name
+
+   We have renamed the hidden flag on shares from Hide -> Hidden to align to the cs3api
+
+   https://github.com/cs3org/reva/pull/4256
+   https://github.com/cs3org/cs3apis/pull/214
+
+*   Enhancement #3315: Accept reva token as a bearer authentication
+
+   https://github.com/cs3org/reva/pull/3315
+
+*   Enhancement #3926: Service Accounts
+
+   Makes reva ready for service accounts by introducing an serviceaccounts auth manager
+
+   https://github.com/cs3org/reva/pull/3926
+
+*   Enhancement #4359: Update go-ldap to v3.4.6
+
+   Updated go-ldap/ldap/v3 to the latest upstream release to include the latest bugfixes and
+   enhancements.
+
+   https://github.com/cs3org/reva/pull/4359
+
+*   Enhancement #4170: Update password policies
+
+   The Password policies have been updated. The special characters list became constant.
+   OCIS-3767
+
+   https://github.com/cs3org/reva/pull/4170
+
+*   Enhancement #4232: Improve error handling in utils package
+
+   Improves error handling in the utils package. This has no impact on users.
+
+   https://github.com/cs3org/reva/pull/4232
+
diff --git a/docs/content/en/docs/config/grpc/services/ocminvitemanager/_index.md b/docs/content/en/docs/config/grpc/services/ocminvitemanager/_index.md
new file mode 100644
index 0000000000..15975b937d
--- /dev/null
+++ b/docs/content/en/docs/config/grpc/services/ocminvitemanager/_index.md
@@ -0,0 +1,18 @@
+---
+title: "ocminvitemanager"
+linkTitle: "ocminvitemanager"
+weight: 10
+description: >
+  Configuration for the ocminvitemanager service
+---
+
+# _struct: config_
+
+{{% dir name="provider_domain" type="string" default="The same domain registered in the provider authorizer" %}}
+ [[Ref]](https://github.com/cs3org/reva/tree/master/internal/grpc/services/ocminvitemanager/ocminvitemanager.go#L56)
+{{< highlight toml >}}
+[grpc.services.ocminvitemanager]
+provider_domain = "The same domain registered in the provider authorizer"
+{{< /highlight >}}
+{{% /dir %}}
+
diff --git a/docs/content/en/docs/config/grpc/services/ocmshareprovider/_index.md b/docs/content/en/docs/config/grpc/services/ocmshareprovider/_index.md
new file mode 100644
index 0000000000..f1681c4e2d
--- /dev/null
+++ b/docs/content/en/docs/config/grpc/services/ocmshareprovider/_index.md
@@ -0,0 +1,18 @@
+---
+title: "ocmshareprovider"
+linkTitle: "ocmshareprovider"
+weight: 10
+description: >
+  Configuration for the ocmshareprovider service
+---
+
+# _struct: config_
+
+{{% dir name="provider_domain" type="string" default="The same domain registered in the provider authorizer" %}}
+ [[Ref]](https://github.com/cs3org/reva/tree/master/internal/grpc/services/ocmshareprovider/ocmshareprovider.go#L64)
+{{< highlight toml >}}
+[grpc.services.ocmshareprovider]
+provider_domain = "The same domain registered in the provider authorizer"
+{{< /highlight >}}
+{{% /dir %}}
+
diff --git a/docs/content/en/docs/config/packages/ocm/provider/_index.md b/docs/content/en/docs/config/packages/ocm/provider/_index.md
new file mode 100644
index 0000000000..bc8d3e3121
--- /dev/null
+++ b/docs/content/en/docs/config/packages/ocm/provider/_index.md
@@ -0,0 +1,7 @@
+---
+title: "provider"
+linkTitle: "provider"
+weight: 10
+description: >
+  Configuration for the provider service
+---
\ No newline at end of file
diff --git a/docs/content/en/docs/config/packages/ocm/provider/authorizer/_index.md b/docs/content/en/docs/config/packages/ocm/provider/authorizer/_index.md
new file mode 100644
index 0000000000..8f470c425e
--- /dev/null
+++ b/docs/content/en/docs/config/packages/ocm/provider/authorizer/_index.md
@@ -0,0 +1,7 @@
+---
+title: "authorizer"
+linkTitle: "authorizer"
+weight: 10
+description: >
+  Configuration for the authorizer service
+---
\ No newline at end of file
diff --git a/docs/content/en/docs/config/packages/ocm/provider/authorizer/mentix/_index.md b/docs/content/en/docs/config/packages/ocm/provider/authorizer/mentix/_index.md
new file mode 100644
index 0000000000..fe12cab3b7
--- /dev/null
+++ b/docs/content/en/docs/config/packages/ocm/provider/authorizer/mentix/_index.md
@@ -0,0 +1,18 @@
+---
+title: "mentix"
+linkTitle: "mentix"
+weight: 10
+description: >
+  Configuration for the mentix service
+---
+
+# _struct: config_
+
+{{% dir name="insecure" type="bool" default=false %}}
+Whether to skip certificate checks when sending requests. [[Ref]](https://github.com/cs3org/reva/tree/master/pkg/ocm/provider/authorizer/mentix/mentix.go#L79)
+{{< highlight toml >}}
+[ocm.provider.authorizer.mentix]
+insecure = false
+{{< /highlight >}}
+{{% /dir %}}
+
diff --git a/docs/content/en/docs/config/packages/ocm/share/repository/_index.md b/docs/content/en/docs/config/packages/ocm/share/repository/_index.md
new file mode 100644
index 0000000000..49f372a256
--- /dev/null
+++ b/docs/content/en/docs/config/packages/ocm/share/repository/_index.md
@@ -0,0 +1,7 @@
+---
+title: "repository"
+linkTitle: "repository"
+weight: 10
+description: >
+  Configuration for the repository service
+---
\ No newline at end of file
diff --git a/docs/content/en/docs/config/packages/ocm/share/repository/nextcloud/_index.md b/docs/content/en/docs/config/packages/ocm/share/repository/nextcloud/_index.md
new file mode 100644
index 0000000000..e1688d6eae
--- /dev/null
+++ b/docs/content/en/docs/config/packages/ocm/share/repository/nextcloud/_index.md
@@ -0,0 +1,18 @@
+---
+title: "nextcloud"
+linkTitle: "nextcloud"
+weight: 10
+description: >
+  Configuration for the nextcloud service
+---
+
+# _struct: ShareManagerConfig_
+
+{{% dir name="endpoint" type="string" default="" %}}
+The Nextcloud backend endpoint for user check [[Ref]](https://github.com/cs3org/reva/tree/master/pkg/ocm/share/repository/nextcloud/nextcloud.go#L60)
+{{< highlight toml >}}
+[ocm.share.repository.nextcloud]
+endpoint = ""
+{{< /highlight >}}
+{{% /dir %}}
+