trigger full-ci

2025-12-25 15:19:48 -05:00 · 2025-11-06 17:44:21 +01:00
195 changed files with 12453 additions and 14247 deletions
--- a/.codacy.yml
+++ b/.codacy.yml
@@ -16,7 +16,7 @@ exclude_paths:
  - 'tests/acceptance/expected-failures-*.md'
  - 'tests/acceptance/bootstrap/**'
  - 'tests/acceptance/TestHelpers/**'
-  - 'tests/acceptance/scripts/run.sh'
+  - 'tests/acceptance/run.sh'
  - 'vendor/**/*'
  - 'tests/ocwrapper/vendor/**'
 ...
--- a/.gitignore
+++ b/.gitignore
@@ -38,7 +38,6 @@ vendor-php
 # API acceptance tests - auto-generated files
 .php-cs-fixer.cache
 suite-logs
-tests/acceptance/filesForUpload/filesWithVirus/

 # QA activity reports
 tests/qa-activity-report/reports/
--- a/.vscode/launch.json
+++ b/.vscode/launch.json
@@ -53,7 +53,7 @@
        "OC_MACHINE_AUTH_API_KEY": "some-opencloud-machine-auth-api-key",
        "OC_TRANSFER_SECRET": "some-opencloud-transfer-secret",
        // collaboration
-        "COLLABORATION_WOPI_SECRET": "some-wopi-secret",
+        "COLLABORATION_WOPIAPP_SECRET": "some-wopi-secret",
        // idm ldap
        "IDM_SVC_PASSWORD": "some-ldap-idm-password",
        "GRAPH_LDAP_BIND_PASSWORD": "some-ldap-idm-password",
@@ -193,21 +193,20 @@
        "OC_LOG_COLOR": "true",
        "PROXY_ENABLE_BASIC_AUTH": "true",
        "IDM_CREATE_DEMO_USERS": "true",
-        "OC_ADMIN_USER_ID": "fed-admin-user-id-0000-000000000000",
+        "OC_ADMIN_USER_ID": "some-admin-user-id-0000-000000000000",
        "IDM_ADMIN_PASSWORD": "admin",
-        "OC_SYSTEM_USER_ID": "fed-system-user-id-000-000000000000",
-        "OC_SYSTEM_USER_API_KEY": "fed-system-user-machine-auth-api-key",
-        "OC_JWT_SECRET": "fed-opencloud-jwt-secret",
-        "OC_MACHINE_AUTH_API_KEY": "fed-opencloud-machine-auth-api-key",
-        "OC_TRANSFER_SECRET": "fed-opencloud-transfer-secret",
-        "COLLABORATION_WOPI_SECRET": "fed-wopi-secret",
-        "IDM_SVC_PASSWORD": "fed-ldap-idm-password",
-        "GRAPH_LDAP_BIND_PASSWORD": "fed-ldap-idm-password",
-        "IDM_REVASVC_PASSWORD": "fed-ldap-reva-password",
-        "GROUPS_LDAP_BIND_PASSWORD": "fed-ldap-reva-password",
-        "USERS_LDAP_BIND_PASSWORD": "fed-ldap-reva-password",
-        "AUTH_BASIC_LDAP_BIND_PASSWORD": "fed-ldap-reva-password",
-        "IDM_IDPSVC_PASSWORD": "fed-ldap-idp-password",
+        "OC_SYSTEM_USER_ID": "some-system-user-id-000-000000000000",
+        "OC_SYSTEM_USER_API_KEY": "some-system-user-machine-auth-api-key",
+        "OC_JWT_SECRET": "some-opencloud-jwt-secret",
+        "OC_MACHINE_AUTH_API_KEY": "some-opencloud-machine-auth-api-key",
+        "OC_TRANSFER_SECRET": "some-opencloud-transfer-secret",
+        "IDM_SVC_PASSWORD": "some-ldap-idm-password",
+        "GRAPH_LDAP_BIND_PASSWORD": "some-ldap-idm-password",
+        "IDM_REVASVC_PASSWORD": "some-ldap-reva-password",
+        "GROUPS_LDAP_BIND_PASSWORD": "some-ldap-reva-password",
+        "USERS_LDAP_BIND_PASSWORD": "some-ldap-reva-password",
+        "AUTH_BASIC_LDAP_BIND_PASSWORD": "some-ldap-reva-password",
+        "IDM_IDPSVC_PASSWORD": "some-ldap-idp-password",
        "IDP_LDAP_BIND_PASSWORD": "some-ldap-idp-password",
        "GRAPH_APPLICATION_ID": "application-1"
      }
--- a/.woodpecker.star
+++ b/.woodpecker.star
@@ -233,7 +233,6 @@ config = {
            ],
            "skip": False,
            "antivirusNeeded": True,
-            "generateVirusFiles": True,
            "extraServerEnvironment": {
                "ANTIVIRUS_SCANNER_TYPE": "clamav",
                "ANTIVIRUS_CLAMAV_SOCKET": "tcp://clamav:3310",
@@ -300,7 +299,6 @@ config = {
            "skip": False,
            "withRemotePhp": [True],
            "antivirusNeeded": True,
-            "generateVirusFiles": True,
            "extraServerEnvironment": {
                "ANTIVIRUS_SCANNER_TYPE": "clamav",
                "ANTIVIRUS_CLAMAV_SOCKET": "tcp://clamav:3310",
@@ -1018,7 +1016,6 @@ def localApiTestPipeline(ctx):
        "withRemotePhp": with_remote_php,
        "enableWatchFs": enable_watch_fs,
        "ldapNeeded": False,
-        "generateVirusFiles": False,
    }

    if "localApiTests" in config:
@@ -1043,7 +1040,7 @@ def localApiTestPipeline(ctx):
                                         (opencloudServer(storage, params["accounts_hash_difficulty"], deploy_type = "federation", extra_server_environment = params["extraServerEnvironment"], watch_fs_enabled = run_with_watch_fs_enabled) if params["federationServer"] else []) +
                                         ((wopiCollaborationService("fakeoffice") + wopiCollaborationService("collabora") + wopiCollaborationService("onlyoffice")) if params["collaborationServiceNeeded"] else []) +
                                         (openCloudHealthCheck("wopi", ["wopi-collabora:9304", "wopi-onlyoffice:9304", "wopi-fakeoffice:9304"]) if params["collaborationServiceNeeded"] else []) +
-                                         localApiTests(name, params["suites"], storage, params["extraTestEnvironment"], run_with_remote_php, params["generateVirusFiles"]) +
+                                         localApiTests(name, params["suites"], storage, params["extraTestEnvironment"], run_with_remote_php) +
                                         logRequests(),
                                "services": (emailService() if params["emailNeeded"] else []) +
                                            (clamavService() if params["antivirusNeeded"] else []) +
@@ -1063,7 +1060,7 @@ def localApiTestPipeline(ctx):
                        pipelines.append(pipeline)
    return pipelines

-def localApiTests(name, suites, storage = "decomposed", extra_environment = {}, with_remote_php = False, generate_virus_files = False):
+def localApiTests(name, suites, storage = "decomposed", extra_environment = {}, with_remote_php = False):
    test_dir = "%s/tests/acceptance" % dirs["base"]
    expected_failures_file = "%s/expected-failures-localAPI-on-%s-storage.md" % (test_dir, storage)

@@ -1086,25 +1083,15 @@ def localApiTests(name, suites, storage = "decomposed", extra_environment = {},
    for item in extra_environment:
        environment[item] = extra_environment[item]

-    commands = []
-
-    # Generate EICAR virus test files if needed
-    if generate_virus_files:
-        commands.append("chmod +x %s/tests/acceptance/scripts/generate-virus-files.sh" % dirs["base"])
-        commands.append("bash %s/tests/acceptance/scripts/generate-virus-files.sh" % dirs["base"])
-
-    # Merge expected failures
-    if not with_remote_php:
-        commands.append("cat %s/expected-failures-without-remotephp.md >> %s" % (test_dir, expected_failures_file))
-
-    # Run tests
-    commands.append("make -C %s test-acceptance-api" % (dirs["base"]))
-
    return [{
        "name": "localApiTests-%s" % name,
        "image": OC_CI_PHP % DEFAULT_PHP_VERSION,
        "environment": environment,
-        "commands": commands,
+        "commands": [
+            # merge the expected failures
+            "" if with_remote_php else "cat %s/expected-failures-without-remotephp.md >> %s" % (test_dir, expected_failures_file),
+            "make -C %s test-acceptance-api" % (dirs["base"]),
+        ],
    }]

 def cs3ApiTests(ctx, storage, accounts_hash_difficulty = 4):
@@ -1667,7 +1654,6 @@ def dockerRelease(ctx, repo, build_type):
                "name": "dryrun",
                "image": PLUGINS_DOCKER_BUILDX,
                "settings": {
-                    "context": "..",
                    "dry_run": True,
                    "platforms": "linux/amd64",  # do dry run only on the native platform
                    "repo": "%s,quay.io/%s" % (repo, repo),
@@ -1690,7 +1676,6 @@ def dockerRelease(ctx, repo, build_type):
                "name": "build-and-push",
                "image": PLUGINS_DOCKER_BUILDX,
                "settings": {
-                    "context": "..",
                    "repo": "%s,quay.io/%s" % (repo, repo),
                    "platforms": "linux/amd64,linux/arm64",  # we can add remote builders
                    "auto_tag": False if build_type == "daily" else True,
--- a/2
+++ b/2
@@ -124,7 +124,7 @@ BEHAT_BIN=vendor-bin/behat/vendor/bin/behat

 .PHONY: test-acceptance-api
 test-acceptance-api: vendor-bin/behat/vendor
-	BEHAT_BIN=$(BEHAT_BIN) tests/acceptance/scripts/run.sh
+	BEHAT_BIN=$(BEHAT_BIN) tests/acceptance/run.sh

 vendor/bamarni/composer-bin-plugin: composer.lock
 	composer install
--- a/go.mod
+++ b/go.mod
@@ -5,7 +5,7 @@ go 1.24.6
 require (
 	dario.cat/mergo v1.0.2
 	github.com/CiscoM31/godata v1.0.11
-	github.com/KimMachineGun/automemlimit v0.7.5
+	github.com/KimMachineGun/automemlimit v0.7.4
 	github.com/Masterminds/semver v1.5.0
 	github.com/MicahParks/keyfunc/v2 v2.1.0
 	github.com/Nerzal/gocloak/v13 v13.9.0
@@ -34,6 +34,7 @@ require (
 	github.com/go-micro/plugins/v4/wrapper/monitoring/prometheus v1.2.0
 	github.com/go-micro/plugins/v4/wrapper/trace/opentelemetry v1.2.0
 	github.com/go-playground/validator/v10 v10.28.0
+	github.com/gofrs/uuid v4.4.0+incompatible
 	github.com/golang-jwt/jwt/v5 v5.3.0
 	github.com/golang/protobuf v1.5.4
 	github.com/google/go-cmp v0.7.0
@@ -61,10 +62,10 @@ require (
 	github.com/onsi/ginkgo v1.16.5
 	github.com/onsi/ginkgo/v2 v2.27.2
 	github.com/onsi/gomega v1.38.2
-	github.com/open-policy-agent/opa v1.10.1
+	github.com/open-policy-agent/opa v1.9.0
 	github.com/opencloud-eu/icap-client v0.0.0-20250930132611-28a2afe62d89
 	github.com/opencloud-eu/libre-graph-api-go v1.0.8-0.20250724122329-41ba6b191e76
-	github.com/opencloud-eu/reva/v2 v2.39.3-0.20251113164418-9fd6b6864c10
+	github.com/opencloud-eu/reva/v2 v2.39.2-0.20251106122902-c13e27f55362
 	github.com/opensearch-project/opensearch-go/v4 v4.5.0
 	github.com/orcaman/concurrent-map v1.0.0
 	github.com/pkg/errors v0.9.1
@@ -105,8 +106,8 @@ require (
 	golang.org/x/exp v0.0.0-20250210185358-939b2ce775ac
 	golang.org/x/image v0.32.0
 	golang.org/x/net v0.46.0
-	golang.org/x/oauth2 v0.33.0
-	golang.org/x/sync v0.18.0
+	golang.org/x/oauth2 v0.32.0
+	golang.org/x/sync v0.17.0
 	golang.org/x/term v0.36.0
 	golang.org/x/text v0.30.0
 	google.golang.org/genproto/googleapis/api v0.0.0-20250929231259-57b25ae835d4
@@ -169,7 +170,7 @@ require (
 	github.com/containerd/log v0.1.0 // indirect
 	github.com/containerd/platforms v1.0.0-rc.1 // indirect
 	github.com/coreos/go-semver v0.3.1 // indirect
-	github.com/coreos/go-systemd/v22 v22.6.0 // indirect
+	github.com/coreos/go-systemd/v22 v22.5.0 // indirect
 	github.com/cornelk/hashmap v1.0.8 // indirect
 	github.com/cpuguy83/dockercfg v0.3.2 // indirect
 	github.com/cpuguy83/go-md2man/v2 v2.0.7 // indirect
@@ -229,7 +230,6 @@ require (
 	github.com/goccy/go-json v0.10.5 // indirect
 	github.com/goccy/go-yaml v1.18.0 // indirect
 	github.com/gofrs/flock v0.13.0 // indirect
-	github.com/gofrs/uuid v4.4.0+incompatible // indirect
 	github.com/gogo/protobuf v1.3.2 // indirect
 	github.com/golang-jwt/jwt/v4 v4.5.2 // indirect
 	github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da // indirect
@@ -319,9 +319,9 @@ require (
 	github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2 // indirect
 	github.com/power-devops/perfstat v0.0.0-20210106213030-5aafc221ea8c // indirect
 	github.com/pquerna/cachecontrol v0.2.0 // indirect
-	github.com/prometheus/alertmanager v0.29.0 // indirect
+	github.com/prometheus/alertmanager v0.28.1 // indirect
 	github.com/prometheus/client_model v0.6.2 // indirect
-	github.com/prometheus/common v0.67.1 // indirect
+	github.com/prometheus/common v0.66.1 // indirect
 	github.com/prometheus/procfs v0.17.0 // indirect
 	github.com/prometheus/statsd_exporter v0.22.8 // indirect
 	github.com/rcrowley/go-metrics v0.0.0-20250401214520-65e299d6c5c9 // indirect
@@ -368,18 +368,18 @@ require (
 	go.etcd.io/etcd/client/pkg/v3 v3.6.5 // indirect
 	go.etcd.io/etcd/client/v3 v3.6.5 // indirect
 	go.opencensus.io v0.24.0 // indirect
-	go.opentelemetry.io/auto/sdk v1.2.1 // indirect
+	go.opentelemetry.io/auto/sdk v1.1.0 // indirect
 	go.opentelemetry.io/otel/exporters/otlp/otlptrace v1.38.0 // indirect
 	go.opentelemetry.io/otel/metric v1.38.0 // indirect
 	go.opentelemetry.io/proto/otlp v1.7.1 // indirect
 	go.uber.org/multierr v1.11.0 // indirect
 	go.uber.org/zap v1.27.0 // indirect
-	go.yaml.in/yaml/v2 v2.4.3 // indirect
+	go.yaml.in/yaml/v2 v2.4.2 // indirect
 	go.yaml.in/yaml/v3 v3.0.4 // indirect
-	golang.org/x/mod v0.29.0 // indirect
-	golang.org/x/sys v0.38.0 // indirect
+	golang.org/x/mod v0.28.0 // indirect
+	golang.org/x/sys v0.37.0 // indirect
 	golang.org/x/time v0.14.0 // indirect
-	golang.org/x/tools v0.38.0 // indirect
+	golang.org/x/tools v0.37.0 // indirect
 	google.golang.org/genproto v0.0.0-20250303144028-a0af3efb3deb // indirect
 	google.golang.org/genproto/googleapis/rpc v0.0.0-20250929231259-57b25ae835d4 // indirect
 	gopkg.in/cenkalti/backoff.v1 v1.1.0 // indirect
--- a/go.sum
+++ b/go.sum
@@ -72,8 +72,8 @@ github.com/CiscoM31/godata v1.0.11 h1:w7y8twuW02LdH6mak3/GJ5i0GrCv2IoZUJVqa/g5Ye
 github.com/CiscoM31/godata v1.0.11/go.mod h1:ZMiT6JuD3Rm83HEtiTx4JEChsd25YCrxchKGag/sdTc=
 github.com/DeepDiver1975/secure v0.0.0-20240611112133-abc838fb797c h1:ocsNvQ2tNHme4v/lTs17HROamc7mFzZfzWcg4m+UXN0=
 github.com/DeepDiver1975/secure v0.0.0-20240611112133-abc838fb797c/go.mod h1:BmF5hyM6tXczk3MpQkFf1hpKSRqCyhqcbiQtiAF7+40=
-github.com/KimMachineGun/automemlimit v0.7.5 h1:RkbaC0MwhjL1ZuBKunGDjE/ggwAX43DwZrJqVwyveTk=
-github.com/KimMachineGun/automemlimit v0.7.5/go.mod h1:QZxpHaGOQoYvFhv/r4u3U0JTC2ZcOwbSr11UZF46UBM=
+github.com/KimMachineGun/automemlimit v0.7.4 h1:UY7QYOIfrr3wjjOAqahFmC3IaQCLWvur9nmfIn6LnWk=
+github.com/KimMachineGun/automemlimit v0.7.4/go.mod h1:QZxpHaGOQoYvFhv/r4u3U0JTC2ZcOwbSr11UZF46UBM=
 github.com/Masterminds/goutils v1.1.1 h1:5nUrii3FMTL5diU80unEVvNevw1nH4+ZV4DSLVJLSYI=
 github.com/Masterminds/goutils v1.1.1/go.mod h1:8cTjp+g8YejhMuvIA5y2vz3BpJxksy863GQaJW2MFNU=
 github.com/Masterminds/semver v1.5.0 h1:H65muMkzWKEuNDnfl9d70GUjFniHKHRbFPGBuZ3QEww=
@@ -198,8 +198,8 @@ github.com/bufbuild/protocompile v0.14.1 h1:iA73zAf/fyljNjQKwYzUHD6AD4R8KMasmwa/
 github.com/bufbuild/protocompile v0.14.1/go.mod h1:ppVdAIhbr2H8asPk6k4pY7t9zB1OU5DoEw9xY/FUi1c=
 github.com/butonic/go-micro/v4 v4.11.1-0.20241115112658-b5d4de5ed9b3 h1:h8Z0hBv5tg/uZMKu8V47+DKWYVQg0lYP8lXDQq7uRpE=
 github.com/butonic/go-micro/v4 v4.11.1-0.20241115112658-b5d4de5ed9b3/go.mod h1:eE/tD53n3KbVrzrWxKLxdkGw45Fg1qaNLWjpJMvIUF4=
-github.com/bytecodealliance/wasmtime-go/v37 v37.0.0 h1:DPjdn2V3JhXHMoZ2ymRqGK+y1bDyr9wgpyYCvhjMky8=
-github.com/bytecodealliance/wasmtime-go/v37 v37.0.0/go.mod h1:Pf1l2JCTUFMnOqDIwkjzx1qfVJ09xbaXETKgRVE4jZ0=
+github.com/bytecodealliance/wasmtime-go/v3 v3.0.2 h1:3uZCA/BLTIu+DqCfguByNMJa2HVHpXvjfy0Dy7g6fuA=
+github.com/bytecodealliance/wasmtime-go/v3 v3.0.2/go.mod h1:RnUjnIXxEJcL6BgCvNyzCCRzZcxCgsZCi+RNlvYor5Q=
 github.com/c-bata/go-prompt v0.2.5/go.mod h1:vFnjEGDIIA/Lib7giyE4E9c50Lvl8j0S+7FVlAwDAVw=
 github.com/cenkalti/backoff v2.2.1+incompatible h1:tNowT99t7UNflLxfYYSlKYsBpXdEet03Pg2g16Swow4=
 github.com/cenkalti/backoff v2.2.1+incompatible/go.mod h1:90ReRw6GdpyfrHakVjL/QHaoyV4aDUVVkXQJJJ3NXXM=
@@ -243,9 +243,8 @@ github.com/coreos/go-semver v0.3.0/go.mod h1:nnelYz7RCh+5ahJtPPxZlU+153eP4D4r3Ee
 github.com/coreos/go-semver v0.3.1 h1:yi21YpKnrx1gt5R+la8n5WgS0kCrsPp33dmEyHReZr4=
 github.com/coreos/go-semver v0.3.1/go.mod h1:irMmmIw/7yzSRPWryHsK7EYSg09caPQL03VsM8rvUec=
 github.com/coreos/go-systemd v0.0.0-20190321100706-95778dfbb74e/go.mod h1:F5haX7vjVVG0kc13fIWeqUViNPyEJxv/OmvnBo0Yme4=
+github.com/coreos/go-systemd/v22 v22.5.0 h1:RrqgGjYQKalulkV8NGVIfkXQf6YYmOyiJKk8iXXhfZs=
 github.com/coreos/go-systemd/v22 v22.5.0/go.mod h1:Y58oyj3AT4RCenI/lSvhwexgC+NSVTIJ3seZv2GcEnc=
-github.com/coreos/go-systemd/v22 v22.6.0 h1:aGVa/v8B7hpb0TKl0MWoAavPDmHvobFe5R5zn0bCJWo=
-github.com/coreos/go-systemd/v22 v22.6.0/go.mod h1:iG+pp635Fo7ZmV/j14KUcmEyWF+0X7Lua8rrTWzYgWU=
 github.com/coreos/pkg v0.0.0-20180928190104-399ea9e2e55f/go.mod h1:E3G3o1h8I7cfcXa63jLwjI0eiQQMgzzUDFVpN/nH/eA=
 github.com/cornelk/hashmap v1.0.8 h1:nv0AWgw02n+iDcawr5It4CjQIAcdMMKRrs10HOJYlrc=
 github.com/cornelk/hashmap v1.0.8/go.mod h1:RfZb7JO3RviW/rT6emczVuC/oxpdz4UsSB2LJSclR1k=
@@ -943,16 +942,16 @@ github.com/onsi/gomega v1.7.1/go.mod h1:XdKZgCCFLUoM/7CFJVPcG8C1xQ1AJ0vpAezJrB7J
 github.com/onsi/gomega v1.10.1/go.mod h1:iN09h71vgCQne3DLsj+A5owkum+a2tYe+TOCB1ybHNo=
 github.com/onsi/gomega v1.38.2 h1:eZCjf2xjZAqe+LeWvKb5weQ+NcPwX84kqJ0cZNxok2A=
 github.com/onsi/gomega v1.38.2/go.mod h1:W2MJcYxRGV63b418Ai34Ud0hEdTVXq9NW9+Sx6uXf3k=
-github.com/open-policy-agent/opa v1.10.1 h1:haIvxZSPky8HLjRrvQwWAjCPLg8JDFSZMbbG4yyUHgY=
-github.com/open-policy-agent/opa v1.10.1/go.mod h1:7uPI3iRpOalJ0BhK6s1JALWPU9HvaV1XeBSSMZnr/PM=
+github.com/open-policy-agent/opa v1.9.0 h1:QWFNwbcc29IRy0xwD3hRrMc/RtSersLY1Z6TaID3vgI=
+github.com/open-policy-agent/opa v1.9.0/go.mod h1:72+lKmTda0O48m1VKAxxYl7MjP/EWFZu9fxHQK2xihs=
 github.com/opencloud-eu/go-micro-plugins/v4/store/nats-js-kv v0.0.0-20250512152754-23325793059a h1:Sakl76blJAaM6NxylVkgSzktjo2dS504iDotEFJsh3M=
 github.com/opencloud-eu/go-micro-plugins/v4/store/nats-js-kv v0.0.0-20250512152754-23325793059a/go.mod h1:pjcozWijkNPbEtX5SIQaxEW/h8VAVZYTLx+70bmB3LY=
 github.com/opencloud-eu/icap-client v0.0.0-20250930132611-28a2afe62d89 h1:W1ms+lP5lUUIzjRGDg93WrQfZJZCaV1ZP3KeyXi8bzY=
 github.com/opencloud-eu/icap-client v0.0.0-20250930132611-28a2afe62d89/go.mod h1:vigJkNss1N2QEceCuNw/ullDehncuJNFB6mEnzfq9UI=
 github.com/opencloud-eu/libre-graph-api-go v1.0.8-0.20250724122329-41ba6b191e76 h1:vD/EdfDUrv4omSFjrinT8Mvf+8D7f9g4vgQ2oiDrVUI=
 github.com/opencloud-eu/libre-graph-api-go v1.0.8-0.20250724122329-41ba6b191e76/go.mod h1:pzatilMEHZFT3qV7C/X3MqOa3NlRQuYhlRhZTL+hN6Q=
-github.com/opencloud-eu/reva/v2 v2.39.3-0.20251113164418-9fd6b6864c10 h1:9b5O3lzYHmR+aDNo81UYMcDGfUARrHw5Suk4YmqNgJA=
-github.com/opencloud-eu/reva/v2 v2.39.3-0.20251113164418-9fd6b6864c10/go.mod h1:YxP7b+8olAhgbQBUUnsRQokgf1RkwpEBLq614XXXXHA=
+github.com/opencloud-eu/reva/v2 v2.39.2-0.20251106122902-c13e27f55362 h1:O9oHbqPnC+tAQTbaLD4Tj6I5jmSmTLaQCynTHkFP+cI=
+github.com/opencloud-eu/reva/v2 v2.39.2-0.20251106122902-c13e27f55362/go.mod h1:hOCR1OHAhGY8ecpq6sIS5Ru1ZOC/hBgNz+sYf6CrO9Y=
 github.com/opencontainers/go-digest v1.0.0 h1:apOUWs51W5PlhuyGyz9FCeeBIOUDA/6nW8Oi/yOhh5U=
 github.com/opencontainers/go-digest v1.0.0/go.mod h1:0JzlMkj0TRzQZfJkVvzbP0HBR3IKzErnv2BNG4W4MAM=
 github.com/opencontainers/image-spec v1.1.1 h1:y0fUlFfIZhPF1W537XOLg0/fcx6zcHCJwooC2xJA040=
@@ -1004,8 +1003,8 @@ github.com/power-devops/perfstat v0.0.0-20210106213030-5aafc221ea8c/go.mod h1:Om
 github.com/pquerna/cachecontrol v0.2.0 h1:vBXSNuE5MYP9IJ5kjsdo8uq+w41jSPgvba2DEnkRx9k=
 github.com/pquerna/cachecontrol v0.2.0/go.mod h1:NrUG3Z7Rdu85UNR3vm7SOsl1nFIeSiQnrHV5K9mBcUI=
 github.com/pquerna/otp v1.3.0/go.mod h1:dkJfzwRKNiegxyNb54X/3fLwhCynbMspSyWKnvi1AEg=
-github.com/prometheus/alertmanager v0.29.0 h1:/ET4NmAGx2Dv9kStrXIBqBgHyiSgIk4OetY+hoZRfgc=
-github.com/prometheus/alertmanager v0.29.0/go.mod h1:SjI2vhrfdWg10UaRUxTz27rgdJVG3HXrhI5WFjCdBgs=
+github.com/prometheus/alertmanager v0.28.1 h1:BK5pCoAtaKg01BYRUJhEDV1tqJMEtYBGzPw8QdvnnvA=
+github.com/prometheus/alertmanager v0.28.1/go.mod h1:0StpPUDDHi1VXeM7p2yYfeZgLVi/PPlt39vo9LQUHxM=
 github.com/prometheus/client_golang v0.8.0/go.mod h1:7SWBe2y4D6OKWSNQJUaRYU/AaXPKyh/dDVn+NZz0KFw=
 github.com/prometheus/client_golang v0.9.1/go.mod h1:7SWBe2y4D6OKWSNQJUaRYU/AaXPKyh/dDVn+NZz0KFw=
 github.com/prometheus/client_golang v0.9.3-0.20190127221311-3c4408c8b829/go.mod h1:p2iRAGwDERtqlqzRXnrOVns+ignqQo//hLXqYxZYVNs=
@@ -1038,8 +1037,8 @@ github.com/prometheus/common v0.26.0/go.mod h1:M7rCNAaPfAosfx8veZJCuw84e35h3Cfd9
 github.com/prometheus/common v0.32.1/go.mod h1:vu+V0TpY+O6vW9J44gczi3Ap/oXXR10b+M/gUGO4Hls=
 github.com/prometheus/common v0.35.0/go.mod h1:phzohg0JFMnBEFGxTDbfu3QyL5GI8gTQJFhYO5B3mfA=
 github.com/prometheus/common v0.37.0/go.mod h1:phzohg0JFMnBEFGxTDbfu3QyL5GI8gTQJFhYO5B3mfA=
-github.com/prometheus/common v0.67.1 h1:OTSON1P4DNxzTg4hmKCc37o4ZAZDv0cfXLkOt0oEowI=
-github.com/prometheus/common v0.67.1/go.mod h1:RpmT9v35q2Y+lsieQsdOh5sXZ6ajUGC8NjZAmr8vb0Q=
+github.com/prometheus/common v0.66.1 h1:h5E0h5/Y8niHc5DlaLlWLArTQI7tMrsfQjHV+d9ZoGs=
+github.com/prometheus/common v0.66.1/go.mod h1:gcaUsgf3KfRSwHY4dIMXLPV0K/Wg1oZ8+SbZk/HH/dA=
 github.com/prometheus/procfs v0.0.0-20170703101242-e645f4e5aaa8/go.mod h1:c3At6R/oaqEKCNdg8wHV1ftS6bRYblBhIjjI8uT2IGk=
 github.com/prometheus/procfs v0.0.0-20181005140218-185b4288413d/go.mod h1:c3At6R/oaqEKCNdg8wHV1ftS6bRYblBhIjjI8uT2IGk=
 github.com/prometheus/procfs v0.0.0-20190117184657-bf6a532e95b1/go.mod h1:c3At6R/oaqEKCNdg8wHV1ftS6bRYblBhIjjI8uT2IGk=
@@ -1278,8 +1277,8 @@ go.opencensus.io v0.22.4/go.mod h1:yxeiOL68Rb0Xd1ddK5vPZ/oVn4vY4Ynel7k9FzqtOIw=
 go.opencensus.io v0.23.0/go.mod h1:XItmlyltB5F7CS4xOC1DcqMoFqwtC6OG2xF7mCv7P7E=
 go.opencensus.io v0.24.0 h1:y73uSU6J157QMP2kn2r30vwW1A2W2WFwSCGnAVxeaD0=
 go.opencensus.io v0.24.0/go.mod h1:vNK8G9p7aAivkbmorf4v+7Hgx+Zs0yY+0fOtgBfjQKo=
-go.opentelemetry.io/auto/sdk v1.2.1 h1:jXsnJ4Lmnqd11kwkBV2LgLoFMZKizbCi5fNZ/ipaZ64=
-go.opentelemetry.io/auto/sdk v1.2.1/go.mod h1:KRTj+aOaElaLi+wW1kO/DZRXwkF4C5xPbEe3ZiIhN7Y=
+go.opentelemetry.io/auto/sdk v1.1.0 h1:cH53jehLUN6UFLY71z+NDOiNJqDdPRaXzTel0sJySYA=
+go.opentelemetry.io/auto/sdk v1.1.0/go.mod h1:3wSPjt5PWp2RhlCcmmOial7AvC4DQqZb7a7wCow3W8A=
 go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc v0.63.0 h1:YH4g8lQroajqUwWbq/tr2QX1JFmEXaDLgG+ew9bLMWo=
 go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc v0.63.0/go.mod h1:fvPi2qXDqFs8M4B4fmJhE92TyQs9Ydjlg3RvfUp+NbQ=
 go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.63.0 h1:RbKq8BG0FI8OiXhBfcRtqqHcZcka+gU3cskNuf05R18=
@@ -1321,8 +1320,8 @@ go.uber.org/zap v1.10.0/go.mod h1:vwi/ZaCAaUcBkycHslxD9B2zi4UTXhF60s6SWpuDF0Q=
 go.uber.org/zap v1.18.1/go.mod h1:xg/QME4nWcxGxrpdeYfq7UvYrLh66cuVKdrbD1XF/NI=
 go.uber.org/zap v1.27.0 h1:aJMhYGrd5QSmlpLMr2MftRKl7t8J8PTZPA732ud/XR8=
 go.uber.org/zap v1.27.0/go.mod h1:GB2qFLM7cTU87MWRP2mPIjqfIDnGu+VIO4V/SdhGo2E=
-go.yaml.in/yaml/v2 v2.4.3 h1:6gvOSjQoTB3vt1l+CU+tSyi/HOjfOjRLJ4YwYZGwRO0=
-go.yaml.in/yaml/v2 v2.4.3/go.mod h1:zSxWcmIDjOzPXpjlTTbAsKokqkDNAVtZO0WOMiT90s8=
+go.yaml.in/yaml/v2 v2.4.2 h1:DzmwEr2rDGHl7lsFgAHxmNz/1NlQ7xLIrlN2h5d1eGI=
+go.yaml.in/yaml/v2 v2.4.2/go.mod h1:081UH+NErpNdqlCXm3TtEran0rJZGxAYx9hb/ELlsPU=
 go.yaml.in/yaml/v3 v3.0.4 h1:tfq32ie2Jv2UxXFdLJdh3jXuOzWiL1fo0bu/FbuKpbc=
 go.yaml.in/yaml/v3 v3.0.4/go.mod h1:DhzuOOF2ATzADvBadXxruRBLzYTpT36CKvDb3+aBEFg=
 golang.org/x/crypto v0.0.0-20180621125126-a49355c7e3f8/go.mod h1:6SG95UA2DQfeDnfUPMdvaQW0Q7yPrPDi9nlGo2tz2b4=
@@ -1389,8 +1388,8 @@ golang.org/x/mod v0.8.0/go.mod h1:iBbtSCu2XBx23ZKBPSOrRkjjQPZFPuis4dIYUhu/chs=
 golang.org/x/mod v0.12.0/go.mod h1:iBbtSCu2XBx23ZKBPSOrRkjjQPZFPuis4dIYUhu/chs=
 golang.org/x/mod v0.15.0/go.mod h1:hTbmBsO62+eylJbnUtE2MGJUyE7QWk4xUqPFrRgJ+7c=
 golang.org/x/mod v0.17.0/go.mod h1:hTbmBsO62+eylJbnUtE2MGJUyE7QWk4xUqPFrRgJ+7c=
-golang.org/x/mod v0.29.0 h1:HV8lRxZC4l2cr3Zq1LvtOsi/ThTgWnUk/y64QSs8GwA=
-golang.org/x/mod v0.29.0/go.mod h1:NyhrlYXJ2H4eJiRy/WDBO6HMqZQ6q9nk4JzS3NuCK+w=
+golang.org/x/mod v0.28.0 h1:gQBtGhjxykdjY9YhZpSlZIsbnaE2+PgjfLWUQTnoZ1U=
+golang.org/x/mod v0.28.0/go.mod h1:yfB/L0NOf/kmEbXjzCPOx1iK1fRutOydrCMsqRhEBxI=
 golang.org/x/net v0.0.0-20180724234803-3673e40ba225/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
 golang.org/x/net v0.0.0-20180826012351-8a410e7b638d/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
 golang.org/x/net v0.0.0-20180906233101-161cd47e91fd/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
@@ -1453,8 +1452,8 @@ golang.org/x/oauth2 v0.0.0-20191202225959-858c2ad4c8b6/go.mod h1:gOpvHmFTYa4Iltr
 golang.org/x/oauth2 v0.0.0-20200107190931-bf48bf16ab8d/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw=
 golang.org/x/oauth2 v0.0.0-20210514164344-f6687ab2804c/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A=
 golang.org/x/oauth2 v0.0.0-20220223155221-ee480838109b/go.mod h1:DAh4E804XQdzx2j+YRIaUnCqCV2RuMz24cGBJ5QYIrc=
-golang.org/x/oauth2 v0.33.0 h1:4Q+qn+E5z8gPRJfmRy7C2gGG3T4jIprK6aSYgTXGRpo=
-golang.org/x/oauth2 v0.33.0/go.mod h1:lzm5WQJQwKZ3nwavOZ3IS5Aulzxi68dUSgRHujetwEA=
+golang.org/x/oauth2 v0.32.0 h1:jsCblLleRMDrxMN29H3z/k1KliIvpLgCkE6R8FXXNgY=
+golang.org/x/oauth2 v0.32.0/go.mod h1:lzm5WQJQwKZ3nwavOZ3IS5Aulzxi68dUSgRHujetwEA=
 golang.org/x/sync v0.0.0-20180314180146-1d60e4601c6f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
 golang.org/x/sync v0.0.0-20181108010431-42b317875d0f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
 golang.org/x/sync v0.0.0-20181221193216-37e7f081c4d4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
@@ -1472,8 +1471,8 @@ golang.org/x/sync v0.1.0/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
 golang.org/x/sync v0.3.0/go.mod h1:FU7BRWz2tNW+3quACPkgCx/L+uEAv1htQ0V83Z9Rj+Y=
 golang.org/x/sync v0.6.0/go.mod h1:Czt+wKu1gCyEFDUtn0jG5QVvpJ6rzVqr5aXyt9drQfk=
 golang.org/x/sync v0.7.0/go.mod h1:Czt+wKu1gCyEFDUtn0jG5QVvpJ6rzVqr5aXyt9drQfk=
-golang.org/x/sync v0.18.0 h1:kr88TuHDroi+UVf+0hZnirlk8o8T+4MrK6mr60WkH/I=
-golang.org/x/sync v0.18.0/go.mod h1:9KTHXmSnoGruLpwFjVSX0lNNA75CykiMECbovNTZqGI=
+golang.org/x/sync v0.17.0 h1:l60nONMj9l5drqw6jlhIELNv9I0A4OFgRsG9k2oT9Ug=
+golang.org/x/sync v0.17.0/go.mod h1:9KTHXmSnoGruLpwFjVSX0lNNA75CykiMECbovNTZqGI=
 golang.org/x/sys v0.0.0-20180622082034-63fc586f45fe/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
 golang.org/x/sys v0.0.0-20180823144017-11551d06cbcc/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
 golang.org/x/sys v0.0.0-20180830151530-49385e6e1522/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
@@ -1557,8 +1556,8 @@ golang.org/x/sys v0.17.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
 golang.org/x/sys v0.18.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
 golang.org/x/sys v0.20.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
 golang.org/x/sys v0.21.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
-golang.org/x/sys v0.38.0 h1:3yZWxaJjBmCWXqhN1qh02AkOnCQ1poK6oF+a7xWL6Gc=
-golang.org/x/sys v0.38.0/go.mod h1:OgkHotnGiDImocRcuBABYBEXf8A9a87e/uXjp9XT3ks=
+golang.org/x/sys v0.37.0 h1:fdNQudmxPjkdUTPnLn5mdQv7Zwvbvpaxqs831goi9kQ=
+golang.org/x/sys v0.37.0/go.mod h1:OgkHotnGiDImocRcuBABYBEXf8A9a87e/uXjp9XT3ks=
 golang.org/x/telemetry v0.0.0-20240228155512-f48c80bd79b2/go.mod h1:TeRTkGYfJXctD9OcfyVLyj2J3IxLnKwHJR8f4D8a3YE=
 golang.org/x/term v0.0.0-20201117132131-f5c789dd3221/go.mod h1:Nr5EML6q2oocZ2LXRh80K7BxOlk5/8JxuGnuhpl+muw=
 golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo=
@@ -1650,8 +1649,8 @@ golang.org/x/tools v0.1.12/go.mod h1:hNGJHUnrk76NpqgfD5Aqm5Crs+Hm0VOH/i9J2+nxYbc
 golang.org/x/tools v0.6.0/go.mod h1:Xwgl3UAJ/d3gWutnCtw505GrjyAbvKui8lOU390QaIU=
 golang.org/x/tools v0.13.0/go.mod h1:HvlwmtVNQAhOuCjW7xxvovg8wbNq7LwfXh/k7wXUl58=
 golang.org/x/tools v0.21.1-0.20240508182429-e35e4ccd0d2d/go.mod h1:aiJjzUbINMkxbQROHiO6hDPo2LHcIPhhQsa9DLh0yGk=
-golang.org/x/tools v0.38.0 h1:Hx2Xv8hISq8Lm16jvBZ2VQf+RLmbd7wVUsALibYI/IQ=
-golang.org/x/tools v0.38.0/go.mod h1:yEsQ/d/YK8cjh0L6rZlY8tgtlKiBNTL14pGDJPJpYQs=
+golang.org/x/tools v0.37.0 h1:DVSRzp7FwePZW356yEAChSdNcQo6Nsp+fex1SUW09lE=
+golang.org/x/tools v0.37.0/go.mod h1:MBN5QPQtLMHVdvsbtarmTNukZDdgwdwlO5qGacAzF0w=
 golang.org/x/tools/godoc v0.1.0-deprecated h1:o+aZ1BOj6Hsx/GBdJO/s815sqftjSnrZZwyYTHODvtk=
 golang.org/x/tools/godoc v0.1.0-deprecated/go.mod h1:qM63CriJ961IHWmnWa9CjZnBndniPt4a3CK0PVB9bIg=
 golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
--- a/opencloud/Makefile
+++ b/opencloud/Makefile
@@ -17,7 +17,7 @@ include ../.make/docs.mk

 .PHONY: dev-docker
 dev-docker:
-	docker build -f docker/Dockerfile.multiarch -t opencloudeu/opencloud:dev ../..
+	docker build -f docker/Dockerfile.multiarch -t opencloudeu/opencloud:dev ..

 .PHONY: dev-docker-multiarch
 dev-docker-multiarch:
@@ -28,7 +28,7 @@ dev-docker-multiarch:
 	docker buildx rm opencloudbuilder || true
 	docker buildx create --platform linux/arm64,linux/amd64 --name opencloudbuilder
 	docker buildx use opencloudbuilder
-	docker buildx build --platform linux/arm64,linux/amd64 --output type=docker --file docker/Dockerfile.multiarch --tag opencloudeu/opencloud:dev-multiarch ../..
+	cd .. && docker buildx build --platform linux/arm64,linux/amd64 --output type=docker --file opencloud/docker/Dockerfile.multiarch --tag opencloudeu/opencloud:dev-multiarch .
 	docker buildx rm opencloudbuilder

 .PHONY: debug-docker
--- a/opencloud/docker/Dockerfile.multiarch
+++ b/opencloud/docker/Dockerfile.multiarch
@@ -6,12 +6,12 @@ ARG STRING

 RUN apk add bash make git curl gcc musl-dev libc-dev binutils-gold inotify-tools vips-dev

-WORKDIR /build
-RUN --mount=type=bind,target=/build,rw \
+WORKDIR /opencloud
+RUN --mount=type=bind,target=/opencloud \
    --mount=type=cache,target=/go/pkg/mod \
    --mount=type=cache,target=/root/.cache \
    GOOS="${TARGETOS:-linux}" GOARCH="${TARGETARCH:-amd64}" ; \
-    make -C opencloud/opencloud release-linux-docker-${TARGETARCH} ENABLE_VIPS=true DIST=/dist
+    make -C opencloud release-linux-docker-${TARGETARCH} ENABLE_VIPS=true DIST=/dist

 FROM alpine:3.21
 ARG VERSION
--- a/opencloud/pkg/init/init.go
+++ b/opencloud/pkg/init/init.go
@@ -5,7 +5,7 @@ import (
 	"os"
 	"path"

-	"github.com/google/uuid"
+	"github.com/gofrs/uuid"
 	"gopkg.in/yaml.v2"

 	"github.com/opencloud-eu/opencloud/pkg/generators"
@@ -103,11 +103,11 @@ func CreateConfig(insecure, forceOverwrite, diff bool, configPath, adminPassword
 			}
 		}
 	} else {
-		systemUserID = uuid.NewString()
-		adminUserID = uuid.NewString()
-		graphApplicationID = uuid.NewString()
-		storageUsersMountID = uuid.NewString()
-		serviceAccountID = uuid.NewString()
+		systemUserID = uuid.Must(uuid.NewV4()).String()
+		adminUserID = uuid.Must(uuid.NewV4()).String()
+		graphApplicationID = uuid.Must(uuid.NewV4()).String()
+		storageUsersMountID = uuid.Must(uuid.NewV4()).String()
+		serviceAccountID = uuid.Must(uuid.NewV4()).String()

 		idmServicePassword, err = generators.GenerateRandomPassword(passwordLength)
 		if err != nil {
--- a/opencloud/pkg/runtime/service/service.go
+++ b/opencloud/pkg/runtime/service/service.go
@@ -3,6 +3,7 @@ package service
 import (
 	"context"
 	"errors"
+	"fmt"
 	"net"
 	"net/http"
 	"net/rpc"
@@ -381,32 +382,7 @@ func Start(ctx context.Context, o ...Option) error {
 					cancel()
 				}
 			}
-			switch ev := e.(type) {
-			case suture.EventServicePanic:
-				l := s.Log.Fatal()
-				if ev.Restarting {
-					l = s.Log.Error()
-				}
-				l.Str("event", e.String()).Str("service", ev.ServiceName).Str("supervisor", ev.SupervisorName).
-					Bool("restarting", ev.Restarting).Float64("failures", ev.CurrentFailures).Float64("threshold", ev.FailureThreshold).
-					Str("message", ev.PanicMsg).Msg("service panic")
-			case suture.EventServiceTerminate:
-				l := s.Log.Fatal()
-				if ev.Restarting {
-					l = s.Log.Error()
-				}
-				l.Str("event", e.String()).Str("service", ev.ServiceName).Str("supervisor", ev.SupervisorName).
-					Bool("restarting", ev.Restarting).Float64("failures", ev.CurrentFailures).Float64("threshold", ev.FailureThreshold).
-					Interface("error", ev.Err).Msg("service terminated")
-			case suture.EventBackoff:
-				s.Log.Warn().Str("event", e.String()).Str("supervisor", ev.SupervisorName).Msg("service backoff")
-			case suture.EventResume:
-				s.Log.Info().Str("event", e.String()).Str("supervisor", ev.SupervisorName).Msg("service resume")
-			case suture.EventStopTimeout:
-				s.Log.Warn().Str("event", e.String()).Str("service", ev.ServiceName).Str("supervisor", ev.SupervisorName).Msg("service resume")
-			default:
-				s.Log.Warn().Str("event", e.String()).Msgf("supervisor: %v", e.Map()["supervisor_name"])
-			}
+			s.Log.Info().Str("event", e.String()).Msg(fmt.Sprintf("supervisor: %v", e.Map()["supervisor_name"]))
 		},
 		FailureThreshold: 5,
 		FailureBackoff:   3 * time.Second,
--- a/pkg/version/version.go
+++ b/pkg/version/version.go
@@ -16,7 +16,7 @@ var (
 	// LatestTag is the latest released version plus the dev meta version.
 	// Will be overwritten by the release pipeline
 	// Needs a manual change for every tagged release
-	LatestTag = "4.0.0-rc.1+dev"
+	LatestTag = "3.7.0+dev"

 	// Date indicates the build date.
 	// This has been removed, it looks like you can only replace static strings with recent go versions
--- a/services/activitylog/pkg/service/l10n/locale/ca/LC_MESSAGES/activitylog.po
+++ b/services/activitylog/pkg/service/l10n/locale/ca/LC_MESSAGES/activitylog.po
@@ -11,7 +11,7 @@ msgid ""
 msgstr ""
 "Project-Id-Version: \n"
 "Report-Msgid-Bugs-To: EMAIL\n"
-"POT-Creation-Date: 2025-11-09 00:02+0000\n"
+"POT-Creation-Date: 2025-10-20 00:01+0000\n"
 "PO-Revision-Date: 2025-01-27 10:17+0000\n"
 "Last-Translator: Ivan Fustero, 2025\n"
 "Language-Team: Catalan (https://app.transifex.com/opencloud-eu/teams/204053/ca/)\n"
--- a/services/activitylog/pkg/service/l10n/locale/de/LC_MESSAGES/activitylog.po
+++ b/services/activitylog/pkg/service/l10n/locale/de/LC_MESSAGES/activitylog.po
@@ -11,7 +11,7 @@ msgid ""
 msgstr ""
 "Project-Id-Version: \n"
 "Report-Msgid-Bugs-To: EMAIL\n"
-"POT-Creation-Date: 2025-11-09 00:02+0000\n"
+"POT-Creation-Date: 2025-10-20 00:01+0000\n"
 "PO-Revision-Date: 2025-01-27 10:17+0000\n"
 "Last-Translator: Jörn Friedrich Dreyer <jfd@butonic.de>, 2025\n"
 "Language-Team: German (https://app.transifex.com/opencloud-eu/teams/204053/de/)\n"
--- a/services/activitylog/pkg/service/l10n/locale/es/LC_MESSAGES/activitylog.po
+++ b/services/activitylog/pkg/service/l10n/locale/es/LC_MESSAGES/activitylog.po
@@ -11,7 +11,7 @@ msgid ""
 msgstr ""
 "Project-Id-Version: \n"
 "Report-Msgid-Bugs-To: EMAIL\n"
-"POT-Creation-Date: 2025-11-09 00:02+0000\n"
+"POT-Creation-Date: 2025-10-20 00:01+0000\n"
 "PO-Revision-Date: 2025-01-27 10:17+0000\n"
 "Last-Translator: Elías Martín, 2025\n"
 "Language-Team: Spanish (https://app.transifex.com/opencloud-eu/teams/204053/es/)\n"
--- a/services/activitylog/pkg/service/l10n/locale/fr/LC_MESSAGES/activitylog.po
+++ b/services/activitylog/pkg/service/l10n/locale/fr/LC_MESSAGES/activitylog.po
@@ -11,7 +11,7 @@ msgid ""
 msgstr ""
 "Project-Id-Version: \n"
 "Report-Msgid-Bugs-To: EMAIL\n"
-"POT-Creation-Date: 2025-11-09 00:02+0000\n"
+"POT-Creation-Date: 2025-10-20 00:01+0000\n"
 "PO-Revision-Date: 2025-01-27 10:17+0000\n"
 "Last-Translator: eric_G <junk.eg@free.fr>, 2025\n"
 "Language-Team: French (https://app.transifex.com/opencloud-eu/teams/204053/fr/)\n"
--- a/services/activitylog/pkg/service/l10n/locale/it/LC_MESSAGES/activitylog.po
+++ b/services/activitylog/pkg/service/l10n/locale/it/LC_MESSAGES/activitylog.po
@@ -11,7 +11,7 @@ msgid ""
 msgstr ""
 "Project-Id-Version: \n"
 "Report-Msgid-Bugs-To: EMAIL\n"
-"POT-Creation-Date: 2025-11-09 00:02+0000\n"
+"POT-Creation-Date: 2025-10-20 00:01+0000\n"
 "PO-Revision-Date: 2025-01-27 10:17+0000\n"
 "Last-Translator: Simone Broglia, 2025\n"
 "Language-Team: Italian (https://app.transifex.com/opencloud-eu/teams/204053/it/)\n"
--- a/services/activitylog/pkg/service/l10n/locale/ko/LC_MESSAGES/activitylog.po
+++ b/services/activitylog/pkg/service/l10n/locale/ko/LC_MESSAGES/activitylog.po
@@ -12,7 +12,7 @@ msgid ""
 msgstr ""
 "Project-Id-Version: \n"
 "Report-Msgid-Bugs-To: EMAIL\n"
-"POT-Creation-Date: 2025-11-09 00:02+0000\n"
+"POT-Creation-Date: 2025-10-20 00:01+0000\n"
 "PO-Revision-Date: 2025-01-27 10:17+0000\n"
 "Last-Translator: Junghyuk Kwon <kwon@junghy.uk>, 2025\n"
 "Language-Team: Korean (https://app.transifex.com/opencloud-eu/teams/204053/ko/)\n"
--- a/services/activitylog/pkg/service/l10n/locale/nl/LC_MESSAGES/activitylog.po
+++ b/services/activitylog/pkg/service/l10n/locale/nl/LC_MESSAGES/activitylog.po
@@ -11,7 +11,7 @@ msgid ""
 msgstr ""
 "Project-Id-Version: \n"
 "Report-Msgid-Bugs-To: EMAIL\n"
-"POT-Creation-Date: 2025-11-12 00:01+0000\n"
+"POT-Creation-Date: 2025-10-23 00:01+0000\n"
 "PO-Revision-Date: 2025-01-27 10:17+0000\n"
 "Last-Translator: Stephan Paternotte <stephan@paternottes.net>, 2025\n"
 "Language-Team: Dutch (https://app.transifex.com/opencloud-eu/teams/204053/nl/)\n"
--- a/services/activitylog/pkg/service/l10n/locale/ru/LC_MESSAGES/activitylog.po
+++ b/services/activitylog/pkg/service/l10n/locale/ru/LC_MESSAGES/activitylog.po
@@ -12,7 +12,7 @@ msgid ""
 msgstr ""
 "Project-Id-Version: \n"
 "Report-Msgid-Bugs-To: EMAIL\n"
-"POT-Creation-Date: 2025-11-12 00:01+0000\n"
+"POT-Creation-Date: 2025-10-23 00:01+0000\n"
 "PO-Revision-Date: 2025-01-27 10:17+0000\n"
 "Last-Translator: Lulufox, 2025\n"
 "Language-Team: Russian (https://app.transifex.com/opencloud-eu/teams/204053/ru/)\n"
--- a/services/activitylog/pkg/service/l10n/locale/sv/LC_MESSAGES/activitylog.po
+++ b/services/activitylog/pkg/service/l10n/locale/sv/LC_MESSAGES/activitylog.po
@@ -1,102 +0,0 @@
-# SOME DESCRIPTIVE TITLE.
-# Copyright (C) YEAR THE PACKAGE'S COPYRIGHT HOLDER
-# This file is distributed under the same license as the PACKAGE package.
-# FIRST AUTHOR <EMAIL@ADDRESS>, YEAR.
-# 
-# Translators:
-# Daniel Nylander <po@danielnylander.se>, 2025
-# 
-#, fuzzy
-msgid ""
-msgstr ""
-"Project-Id-Version: \n"
-"Report-Msgid-Bugs-To: EMAIL\n"
-"POT-Creation-Date: 2025-11-08 00:02+0000\n"
-"PO-Revision-Date: 2025-01-27 10:17+0000\n"
-"Last-Translator: Daniel Nylander <po@danielnylander.se>, 2025\n"
-"Language-Team: Swedish (https://app.transifex.com/opencloud-eu/teams/204053/sv/)\n"
-"MIME-Version: 1.0\n"
-"Content-Type: text/plain; charset=UTF-8\n"
-"Content-Transfer-Encoding: 8bit\n"
-"Language: sv\n"
-"Plural-Forms: nplurals=2; plural=(n != 1);\n"
-
-#: pkg/service/response.go:44
-msgid "description"
-msgstr "beskrivning"
-
-#: pkg/service/response.go:43
-msgid "display name"
-msgstr "visningsnamn"
-
-#: pkg/service/response.go:42
-msgid "expiration date"
-msgstr "utgångsdatum"
-
-#: pkg/service/response.go:41
-msgid "password"
-msgstr "lösenord"
-
-#: pkg/service/response.go:40
-msgid "permission"
-msgstr "behörighet"
-
-#: pkg/service/response.go:39
-msgid "some field"
-msgstr "något fält"
-
-#: pkg/service/response.go:26
-msgid "{resource} was downloaded via public link {token}"
-msgstr "{resource} hämtades via en offentlig länk {token}"
-
-#: pkg/service/response.go:24
-msgid "{user} added {resource} to {folder}"
-msgstr "{user} lade till {resource} till {folder}"
-
-#: pkg/service/response.go:36
-msgid "{user} added {sharee} as member of {space}"
-msgstr "{user} lade till {sharee} som medlem av {space}"
-
-#: pkg/service/response.go:27
-msgid "{user} deleted {resource} from {folder}"
-msgstr "{user} raderade {resource} från {folder}"
-
-#: pkg/service/response.go:28
-msgid "{user} moved {resource} to {folder}"
-msgstr "{user} flyttade {resource} till {folder}"
-
-#: pkg/service/response.go:35
-msgid "{user} removed link to {resource}"
-msgstr "{user} tog bort länk till {resource}"
-
-#: pkg/service/response.go:32
-msgid "{user} removed {sharee} from {resource}"
-msgstr "{user} tog bort {sharee} från {resource}"
-
-#: pkg/service/response.go:37
-msgid "{user} removed {sharee} from {space}"
-msgstr "{user} tog bort {sharee} från {space}"
-
-#: pkg/service/response.go:29
-msgid "{user} renamed {oldResource} to {resource}"
-msgstr "{user} döpte om {oldResource} till {resource}"
-
-#: pkg/service/response.go:33
-msgid "{user} shared {resource} via link"
-msgstr "{user} delade {resource} via länk"
-
-#: pkg/service/response.go:30
-msgid "{user} shared {resource} with {sharee}"
-msgstr "{user} delade {resource} med {sharee}"
-
-#: pkg/service/response.go:34
-msgid "{user} updated {field} for a link {token} on {resource}"
-msgstr "{user} uppdaterade {field} för en länk {token} på {resource}"
-
-#: pkg/service/response.go:31
-msgid "{user} updated {field} for the {resource}"
-msgstr "{user} uppdaterade {field} för {resource}"
-
-#: pkg/service/response.go:25
-msgid "{user} updated {resource} in {folder}"
-msgstr "{user} uppdaterade {resource} i {folder}"
--- a/services/activitylog/pkg/service/l10n/locale/zh/LC_MESSAGES/activitylog.po
+++ b/services/activitylog/pkg/service/l10n/locale/zh/LC_MESSAGES/activitylog.po
@@ -11,7 +11,7 @@ msgid ""
 msgstr ""
 "Project-Id-Version: \n"
 "Report-Msgid-Bugs-To: EMAIL\n"
-"POT-Creation-Date: 2025-11-09 00:02+0000\n"
+"POT-Creation-Date: 2025-10-20 00:01+0000\n"
 "PO-Revision-Date: 2025-01-27 10:17+0000\n"
 "Last-Translator: YQS Yang, 2025\n"
 "Language-Team: Chinese (https://app.transifex.com/opencloud-eu/teams/204053/zh/)\n"
--- a/services/auth-app/README.md
+++ b/services/auth-app/README.md
@@ -60,20 +60,20 @@ The `auth-app` service provides an API to create (POST), list (GET) and delete (
  ```

  Note that the `token` value in the response to the "List Tokens` request is not the actual
-  app token, but the UUID of the token. So this value cannot be used for authenticating
+  app token, but a hashed value of the token. So this value cannot be used for authenticating
  with the token.

  Example output:
  ```
  [
    {
-      "token": "155f402e-1c5c-411c-92d4-92f3b612cd99"
+      "token": "$2a$11$EyudDGAJ18bBf5NG6PL9Ru9gygZAu0oPyLawdieNjGozcbXyyuUhG",
      "expiration_date": "2024-08-08T13:44:31.025199075+02:00",
      "created_date": "2024-08-07T13:44:31+02:00",
      "label": "Generated via Impersonation API"
    },
    {
-      "token": "8c606bdb-e22e-4094-9304-732fd4702bc9"
+      "token": "$2a$11$dfRBQrxRMPg8fvyvkFwaX.IPoIUiokvhzK.YNI/pCafk0us3MyPzy",
      "expiration_date": "2024-08-08T13:46:41.936052281+02:00",
      "created_date": "2024-08-07T13:46:42+02:00",
      "label": "Generated via Impersonation API"
@@ -84,7 +84,7 @@ The `auth-app` service provides an API to create (POST), list (GET) and delete (
 * **Delete a token**\
  The DELETE request requires:
  * A `token` key/value pair in the form of `token=<token_issued>`. The value needs to be the hashed value as returned by the `List Tokens` respone.\
-    Example: `token=8c606bdb-e22e-4094-9304-732fd4702bc9`
+    Example: `token=$2$Z3s2K7816M4vuSpd5`
  ```bash
  curl --request DELETE 'https://<your host:9200>/auth-app/tokens?token={value}' \
       --header 'accept: application/json'
--- a/services/frontend/README.md
+++ b/services/frontend/README.md
@@ -77,7 +77,7 @@ In OpenCloud, the password policy is always enabled because the max-length restr

 With the password policy, mandatory criteria for the password can be defined via the environment variables listed below.

-Generally, a password can contain any UTF-8 characters, however some characters are regarded as special since they are not used in ordinary texts. Which characters should be treated as special is defined by "The OWASP® Foundation" [password-special-characters](https://owasp.org/www-community/password-special-characters) (between double quotes): ```" !"#$%&'()*+,-./:;<=>?@[\]^_`{|}~"```
+Generally, a password can contain any UTF-8 characters, however some characters are regarded as special since they are not used in ordinary texts. Which characters should be treated as special is defined by "The OWASP® Foundation" [password-special-characters](https://owasp.org/www-community/password-special-characters) (between double quotes): " !"#$%&'()*+,-./:;<=>?@[\]^_`{|}~"

 The validation against the banned passwords list can be configured via a text file with words separated by new lines. If a user tries to set a password listed in the banned passwords list, the password can not be used (is invalid) even if the other mandatory criteria are passed. The admin can define the path of the banned passwords list file. If the file doesn't exist in a location, OpenCloud tries to load a file from the `OC_CONFIG_DIR/OC_PASSWORD_POLICY_BANNED_PASSWORDS_LIST`. An option will be enabled when the file has been loaded successfully.

--- a/services/gateway/README.md
+++ b/services/gateway/README.md
@@ -40,9 +40,9 @@ The scheme for this setup is the following. Note that there is, except storage,

 | **envvar** | **default** | **alternative** |
 |------|------|------|
-| OC_GRPC_PROTOCOL or <br /> `<service>`_GRPC_PROTOCOL | tcp | unix |
+| OC_GRPC_PROTOCOL or <br> `<service>`_GRPC_PROTOCOL | tcp | unix |
 | `<service>`_GRPC_ADDR | 127.0.0.1:`<port>` | /var/run/opencloud/`<service>`.sock |
-| GATEWAY_`<service>`_ENDPOINT | eu.opencloud.api.`<service>` | unix:/var/run/opencloud/`<service>`.sock <br /> dns: ... <br /> kubernetes: ... |
+| GATEWAY_`<service>`_ENDPOINT | eu.opencloud.api.`<service>` | unix:/var/run/opencloud/`<service>`.sock <br> dns: ... <br> kubernetes: ... |

 ```console
 USERS_GRPC_PROTOCOL=unix"
--- a/services/graph/pkg/identity/cache/cache.go
+++ b/services/graph/pkg/identity/cache/cache.go
@@ -1,4 +1,4 @@
-package cache
+package identity

 import (
 	"context"
@@ -12,7 +12,6 @@ import (
 	"github.com/jellydator/ttlcache/v3"
 	libregraph "github.com/opencloud-eu/libre-graph-api-go"
 	"github.com/opencloud-eu/opencloud/services/graph/pkg/errorcode"
-	"github.com/opencloud-eu/opencloud/services/graph/pkg/identity"
 	"github.com/opencloud-eu/reva/v2/pkg/rgrpc/todo/pool"
 	revautils "github.com/opencloud-eu/reva/v2/pkg/utils"
 )
@@ -86,38 +85,33 @@ func NewIdentityCache(opts ...IdentityCacheOption) IdentityCache {
 }

 // GetUser looks up a user by id, if the user is not cached, yet it will do a lookup via the CS3 API
-func (cache IdentityCache) GetUser(ctx context.Context, tenantId, userid string) (libregraph.User, error) {
-	// can we get the tenant from the context or do we have to pass it?
-	u, err := cache.GetCS3User(ctx, tenantId, userid)
+func (cache IdentityCache) GetUser(ctx context.Context, userid string) (libregraph.User, error) {
+	u, err := cache.GetCS3User(ctx, userid)
 	if err != nil {
 		return libregraph.User{}, err
 	}
-	if tenantId != u.GetId().GetTenantId() {
-		return libregraph.User{}, identity.ErrNotFound
-	}
-	return *identity.CreateUserModelFromCS3(u), nil
+	return *CreateUserModelFromCS3(u), nil
 }

-func (cache IdentityCache) GetCS3User(ctx context.Context, tenantId, userid string) (*cs3User.User, error) {
+func (cache IdentityCache) GetCS3User(ctx context.Context, userid string) (*cs3User.User, error) {
 	var user *cs3User.User
-	if item := cache.users.Get(tenantId + "|" + userid); item == nil {
+	if item := cache.users.Get(userid); item == nil {
 		gatewayClient, err := cache.gatewaySelector.Next()
 		if err != nil {
 			return nil, errorcode.New(errorcode.GeneralException, err.Error())
 		}
 		cs3UserID := &cs3User.UserId{
 			OpaqueId: userid,
-			TenantId: tenantId,
 		}
 		user, err = revautils.GetUserNoGroups(ctx, cs3UserID, gatewayClient)
 		if err != nil {
 			if revautils.IsErrNotFound(err) {
-				return nil, identity.ErrNotFound
+				return nil, ErrNotFound
 			}
 			return nil, errorcode.New(errorcode.GeneralException, err.Error())
 		}
+		cache.users.Set(userid, user, ttlcache.DefaultTTL)

-		cache.users.Set(tenantId+"|"+userid, user, ttlcache.DefaultTTL)
 	} else {
 		user = item.Value()
 	}
@@ -130,7 +124,7 @@ func (cache IdentityCache) GetAcceptedUser(ctx context.Context, userid string) (
 	if err != nil {
 		return libregraph.User{}, err
 	}
-	return *identity.CreateUserModelFromCS3(u), nil
+	return *CreateUserModelFromCS3(u), nil
 }

 func (cache IdentityCache) GetAcceptedCS3User(ctx context.Context, userid string) (*cs3User.User, error) {
@@ -146,7 +140,7 @@ func (cache IdentityCache) GetAcceptedCS3User(ctx context.Context, userid string
 		user, err = revautils.GetAcceptedUserWithContext(ctx, cs3UserID, gatewayClient)
 		if err != nil {
 			if revautils.IsErrNotFound(err) {
-				return nil, identity.ErrNotFound
+				return nil, ErrNotFound
 			}
 			return nil, errorcode.New(errorcode.GeneralException, err.Error())
 		}
@@ -179,10 +173,10 @@ func (cache IdentityCache) GetGroup(ctx context.Context, groupID string) (libreg
 		switch res.Status.Code {
 		case rpc.Code_CODE_OK:
 			g := res.GetGroup()
-			group = *identity.CreateGroupModelFromCS3(g)
+			group = *CreateGroupModelFromCS3(g)
 			cache.groups.Set(groupID, group, ttlcache.DefaultTTL)
 		case rpc.Code_CODE_NOT_FOUND:
-			return group, identity.ErrNotFound
+			return group, ErrNotFound
 		default:
 			return group, errorcode.New(errorcode.GeneralException, res.Status.Message)
 		}
--- a/services/graph/pkg/identity/cache/cache_suite_test.go
+++ b/services/graph/pkg/identity/cache/cache_suite_test.go
@@ -1,13 +0,0 @@
-package cache_test
-
-import (
-	"testing"
-
-	. "github.com/onsi/ginkgo/v2"
-	. "github.com/onsi/gomega"
-)
-
-func TestCache(t *testing.T) {
-	RegisterFailHandler(Fail)
-	RunSpecs(t, "Cache Suite")
-}
--- a/services/graph/pkg/identity/cache/cache_test.go
+++ b/services/graph/pkg/identity/cache/cache_test.go
@@ -1,106 +0,0 @@
-package cache
-
-import (
-	"context"
-	"time"
-
-	gateway "github.com/cs3org/go-cs3apis/cs3/gateway/v1beta1"
-	cs3User "github.com/cs3org/go-cs3apis/cs3/identity/user/v1beta1"
-	. "github.com/onsi/ginkgo/v2"
-	. "github.com/onsi/gomega"
-	"github.com/opencloud-eu/reva/v2/pkg/rgrpc/todo/pool"
-)
-
-// mockGatewaySelector is a mock implementation of pool.Selectable[gateway.GatewayAPIClient]
-type mockGatewaySelector struct {
-	client gateway.GatewayAPIClient
-}
-
-func (m *mockGatewaySelector) Next(opts ...pool.Option) (gateway.GatewayAPIClient, error) {
-	return m.client, nil
-}
-
-var _ = Describe("Cache", func() {
-	var (
-		ctx            context.Context
-		idc            IdentityCache
-		mockGwSelector pool.Selectable[gateway.GatewayAPIClient]
-	)
-
-	BeforeEach(func() {
-		// Create a mock gateway selector (client can be nil for cached tests)
-		mockGwSelector = &mockGatewaySelector{
-			client: nil,
-		}
-
-		idc = NewIdentityCache(
-			IdentityCacheWithGatewaySelector(mockGwSelector),
-		)
-		ctx = context.Background()
-	})
-
-	Describe("GetUser", func() {
-		It("should return no error", func() {
-			alan := &cs3User.User{
-				Id: &cs3User.UserId{
-					OpaqueId: "alan",
-					TenantId: "",
-				},
-				DisplayName: "Alan",
-			}
-			// Persist the user to the cache for 1 hour
-			idc.users.Set(alan.GetId().GetTenantId()+"|"+alan.GetId().GetOpaqueId(), alan, time.Hour)
-
-			// getting the cache item in cache.go line 103 does not work
-			ru, err := idc.GetUser(ctx, "", "alan")
-			Expect(err).To(BeNil())
-			Expect(ru).ToNot(BeNil())
-			Expect(ru.GetId()).To(Equal(alan.GetId().GetOpaqueId()))
-			Expect(ru.GetDisplayName()).To(Equal(alan.GetDisplayName()))
-		})
-
-		It("should return the correct user if two users with the same uid and different tennant ids exist", func() {
-			alan1 := &cs3User.User{
-				Id: &cs3User.UserId{
-					OpaqueId: "alan",
-					TenantId: "1234",
-				},
-				DisplayName: "Alan1",
-			}
-
-			alan2 := &cs3User.User{
-				Id: &cs3User.UserId{
-					OpaqueId: "alan",
-					TenantId: "5678",
-				},
-				DisplayName: "Alan2",
-			}
-			// Persist the user to the cache for 1 hour
-			idc.users.Set(alan1.GetId().GetTenantId()+"|"+alan1.GetId().GetOpaqueId(), alan1, time.Hour)
-			idc.users.Set(alan2.GetId().GetTenantId()+"|"+alan2.GetId().GetOpaqueId(), alan2, time.Hour)
-			ru, err := idc.GetUser(ctx, "5678", "alan")
-			Expect(err).To(BeNil())
-			Expect(ru.GetDisplayName()).To(Equal(alan2.GetDisplayName()))
-			ru, err = idc.GetUser(ctx, "1234", "alan")
-			Expect(err).To(BeNil())
-			Expect(ru.GetDisplayName()).To(Equal(alan1.GetDisplayName()))
-		})
-
-		It("should not return an error, if the tenant id does match", func() {
-			alan := &cs3User.User{
-				Id: &cs3User.UserId{
-					OpaqueId: "alan",
-					TenantId: "1234",
-				},
-				DisplayName: "Alan",
-			}
-			// Persist the user to the cache for 1 hour
-			cu := idc.users.Set(alan.GetId().GetTenantId()+"|"+alan.GetId().GetOpaqueId(), alan, time.Hour)
-			// Test if element has been persisted in the cache
-			Expect(cu.Value().GetId().GetOpaqueId()).To(Equal(alan.GetId().GetOpaqueId()))
-			ru, err := idc.GetUser(ctx, "1234", "alan")
-			Expect(err).To(BeNil())
-			Expect(ru.GetDisplayName()).To(Equal(alan.GetDisplayName()))
-		})
-	})
-})
--- a/services/graph/pkg/identity/ldap_education_school.go
+++ b/services/graph/pkg/identity/ldap_education_school.go
@@ -7,7 +7,7 @@ import (
 	"time"

 	"github.com/go-ldap/ldap/v3"
-	"github.com/google/uuid"
+	"github.com/gofrs/uuid"
 	libregraph "github.com/opencloud-eu/libre-graph-api-go"
 	"github.com/opencloud-eu/opencloud/pkg/log"
 	"github.com/opencloud-eu/opencloud/services/graph/pkg/config"
@@ -148,7 +148,7 @@ func (i *LDAP) CreateEducationSchool(ctx context.Context, school libregraph.Educ
 		ar.Attribute(i.educationConfig.schoolAttributeMap.schoolNumber, []string{school.GetSchoolNumber()})
 	}
 	if !i.useServerUUID {
-		ar.Attribute(i.educationConfig.schoolAttributeMap.id, []string{uuid.NewString()})
+		ar.Attribute(i.educationConfig.schoolAttributeMap.id, []string{uuid.Must(uuid.NewV4()).String()})
 	}
 	objectClasses := []string{"organizationalUnit", i.educationConfig.schoolObjectClass, "top"}
 	ar.Attribute("objectClass", objectClasses)
--- a/services/graph/pkg/identity/ldap_group.go
+++ b/services/graph/pkg/identity/ldap_group.go
@@ -10,7 +10,7 @@ import (

 	"github.com/CiscoM31/godata"
 	"github.com/go-ldap/ldap/v3"
-	"github.com/google/uuid"
+	"github.com/gofrs/uuid"
 	"github.com/libregraph/idm/pkg/ldapdn"
 	libregraph "github.com/opencloud-eu/libre-graph-api-go"

@@ -448,7 +448,7 @@ func (i *LDAP) groupToLDAPAttrValues(group libregraph.Group) (map[string][]strin
 	}

 	if !i.useServerUUID {
-		attrs["openCloudUUID"] = []string{uuid.NewString()}
+		attrs["openCloudUUID"] = []string{uuid.Must(uuid.NewV4()).String()}
 		attrs["objectClass"] = append(attrs["objectClass"], "openCloudObject")
 	}
 	return attrs, nil
--- a/services/graph/pkg/l10n/locale/ca/LC_MESSAGES/graph.po
+++ b/services/graph/pkg/l10n/locale/ca/LC_MESSAGES/graph.po
@@ -11,7 +11,7 @@ msgid ""
 msgstr ""
 "Project-Id-Version: \n"
 "Report-Msgid-Bugs-To: EMAIL\n"
-"POT-Creation-Date: 2025-11-09 00:02+0000\n"
+"POT-Creation-Date: 2025-10-20 00:01+0000\n"
 "PO-Revision-Date: 2025-01-27 10:17+0000\n"
 "Last-Translator: Ivan Fustero, 2025\n"
 "Language-Team: Catalan (https://app.transifex.com/opencloud-eu/teams/204053/ca/)\n"
--- a/services/graph/pkg/l10n/locale/de/LC_MESSAGES/graph.po
+++ b/services/graph/pkg/l10n/locale/de/LC_MESSAGES/graph.po
@@ -11,7 +11,7 @@ msgid ""
 msgstr ""
 "Project-Id-Version: \n"
 "Report-Msgid-Bugs-To: EMAIL\n"
-"POT-Creation-Date: 2025-11-09 00:02+0000\n"
+"POT-Creation-Date: 2025-10-20 00:01+0000\n"
 "PO-Revision-Date: 2025-01-27 10:17+0000\n"
 "Last-Translator: Jörn Friedrich Dreyer <jfd@butonic.de>, 2025\n"
 "Language-Team: German (https://app.transifex.com/opencloud-eu/teams/204053/de/)\n"
--- a/services/graph/pkg/l10n/locale/es/LC_MESSAGES/graph.po
+++ b/services/graph/pkg/l10n/locale/es/LC_MESSAGES/graph.po
@@ -11,7 +11,7 @@ msgid ""
 msgstr ""
 "Project-Id-Version: \n"
 "Report-Msgid-Bugs-To: EMAIL\n"
-"POT-Creation-Date: 2025-11-09 00:02+0000\n"
+"POT-Creation-Date: 2025-10-20 00:01+0000\n"
 "PO-Revision-Date: 2025-01-27 10:17+0000\n"
 "Last-Translator: Elías Martín, 2025\n"
 "Language-Team: Spanish (https://app.transifex.com/opencloud-eu/teams/204053/es/)\n"
--- a/services/graph/pkg/l10n/locale/fr/LC_MESSAGES/graph.po
+++ b/services/graph/pkg/l10n/locale/fr/LC_MESSAGES/graph.po
@@ -11,7 +11,7 @@ msgid ""
 msgstr ""
 "Project-Id-Version: \n"
 "Report-Msgid-Bugs-To: EMAIL\n"
-"POT-Creation-Date: 2025-11-09 00:02+0000\n"
+"POT-Creation-Date: 2025-10-20 00:01+0000\n"
 "PO-Revision-Date: 2025-01-27 10:17+0000\n"
 "Last-Translator: eric_G <junk.eg@free.fr>, 2025\n"
 "Language-Team: French (https://app.transifex.com/opencloud-eu/teams/204053/fr/)\n"
--- a/services/graph/pkg/l10n/locale/it/LC_MESSAGES/graph.po
+++ b/services/graph/pkg/l10n/locale/it/LC_MESSAGES/graph.po
@@ -11,7 +11,7 @@ msgid ""
 msgstr ""
 "Project-Id-Version: \n"
 "Report-Msgid-Bugs-To: EMAIL\n"
-"POT-Creation-Date: 2025-11-09 00:02+0000\n"
+"POT-Creation-Date: 2025-10-20 00:01+0000\n"
 "PO-Revision-Date: 2025-01-27 10:17+0000\n"
 "Last-Translator: Simone Broglia, 2025\n"
 "Language-Team: Italian (https://app.transifex.com/opencloud-eu/teams/204053/it/)\n"
--- a/services/graph/pkg/l10n/locale/ko/LC_MESSAGES/graph.po
+++ b/services/graph/pkg/l10n/locale/ko/LC_MESSAGES/graph.po
@@ -11,7 +11,7 @@ msgid ""
 msgstr ""
 "Project-Id-Version: \n"
 "Report-Msgid-Bugs-To: EMAIL\n"
-"POT-Creation-Date: 2025-11-09 00:02+0000\n"
+"POT-Creation-Date: 2025-10-20 00:01+0000\n"
 "PO-Revision-Date: 2025-01-27 10:17+0000\n"
 "Last-Translator: gapho shin, 2025\n"
 "Language-Team: Korean (https://app.transifex.com/opencloud-eu/teams/204053/ko/)\n"
--- a/services/graph/pkg/l10n/locale/sv/LC_MESSAGES/graph.po
+++ b/services/graph/pkg/l10n/locale/sv/LC_MESSAGES/graph.po
@@ -1,137 +0,0 @@
-# SOME DESCRIPTIVE TITLE.
-# Copyright (C) YEAR THE PACKAGE'S COPYRIGHT HOLDER
-# This file is distributed under the same license as the PACKAGE package.
-# FIRST AUTHOR <EMAIL@ADDRESS>, YEAR.
-# 
-# Translators:
-# Daniel Nylander <po@danielnylander.se>, 2025
-# 
-#, fuzzy
-msgid ""
-msgstr ""
-"Project-Id-Version: \n"
-"Report-Msgid-Bugs-To: EMAIL\n"
-"POT-Creation-Date: 2025-11-08 00:02+0000\n"
-"PO-Revision-Date: 2025-01-27 10:17+0000\n"
-"Last-Translator: Daniel Nylander <po@danielnylander.se>, 2025\n"
-"Language-Team: Swedish (https://app.transifex.com/opencloud-eu/teams/204053/sv/)\n"
-"MIME-Version: 1.0\n"
-"Content-Type: text/plain; charset=UTF-8\n"
-"Content-Transfer-Encoding: 8bit\n"
-"Language: sv\n"
-"Plural-Forms: nplurals=2; plural=(n != 1);\n"
-
-#. UnifiedRole Editor, Role DisplayName (resolves directly)
-#. UnifiedRole EditorListGrants, Role DisplayName (resolves directly)
-#. UnifiedRole SpaseEditor, Role DisplayName (resolves directly)
-#. UnifiedRole FileEditor, Role DisplayName (resolves directly)
-#. UnifiedRole FileEditorListGrants, Role DisplayName (resolves directly)
-#: pkg/unifiedrole/roles.go:116 pkg/unifiedrole/roles.go:122
-#: pkg/unifiedrole/roles.go:128 pkg/unifiedrole/roles.go:140
-#: pkg/unifiedrole/roles.go:146
-msgid "Can edit"
-msgstr "Kan redigera"
-
-#. UnifiedRole SpaseEditorWithoutVersions, Role DisplayName (resolves
-#. directly)
-#: pkg/unifiedrole/roles.go:134
-msgid "Can edit without versions"
-msgstr "Kan redigera utan versioner"
-
-#. UnifiedRole Manager, Role DisplayName (resolves directly)
-#: pkg/unifiedrole/roles.go:158
-msgid "Can manage"
-msgstr "Kan hantera"
-
-#. UnifiedRole EditorLite, Role DisplayName (resolves directly)
-#: pkg/unifiedrole/roles.go:152
-msgid "Can upload"
-msgstr "Kan skicka upp"
-
-#. UnifiedRole Viewer, Role DisplayName (resolves directly)
-#. UnifiedRole Viewer, Role DisplayName (resolves directly)
-#. UnifiedRole SpaseViewer, Role DisplayName (resolves directly)
-#: pkg/unifiedrole/roles.go:98 pkg/unifiedrole/roles.go:104
-#: pkg/unifiedrole/roles.go:110
-msgid "Can view"
-msgstr "Kan visa"
-
-#. UnifiedRole SecureViewer, Role DisplayName (resolves directly)
-#: pkg/unifiedrole/roles.go:164
-msgid "Can view (secure)"
-msgstr "Kan visa (säkert)"
-
-#. UnifiedRole FullDenial, Role DisplayName (resolves directly)
-#: pkg/unifiedrole/roles.go:170
-msgid "Cannot access"
-msgstr "Kan inte komma åt"
-
-#. UnifiedRole FullDenial, Role Description (resolves directly)
-#: pkg/unifiedrole/roles.go:167
-msgid "Deny all access."
-msgstr "Neka all åtkomst."
-
-#. default description for new spaces
-#: pkg/service/v0/spacetemplates.go:32
-msgid "Here you can add a description for this Space."
-msgstr "Här kan du lägga till en beskrivning av denna arbetsyta."
-
-#. UnifiedRole Viewer, Role Description (resolves directly)
-#. UnifiedRole SpaceViewer, Role Description (resolves directly)
-#: pkg/unifiedrole/roles.go:95 pkg/unifiedrole/roles.go:107
-msgid "View and download."
-msgstr "Visa och hämta ner."
-
-#. UnifiedRole SecureViewer, Role Description (resolves directly)
-#: pkg/unifiedrole/roles.go:161
-msgid "View only documents, images and PDFs. Watermarks will be applied."
-msgstr ""
-"Visa endast dokument, bilder och PDF. Vattenstämplar kommer att tillämpas."
-
-#. UnifiedRole FileEditor, Role Description (resolves directly)
-#: pkg/unifiedrole/roles.go:137
-msgid "View, download and edit."
-msgstr "Visa, hämta ner och redigera."
-
-#. UnifiedRole ViewerListGrants, Role Description (resolves directly)
-#: pkg/unifiedrole/roles.go:101
-msgid "View, download and show all invited people."
-msgstr "Visa, hämta ner och visa alla inbjudna personer."
-
-#. UnifiedRole EditorLite, Role Description (resolves directly)
-#: pkg/unifiedrole/roles.go:149
-msgid "View, download and upload."
-msgstr "Visa. hämta ner och skicka upp."
-
-#. UnifiedRole FileEditorListGrants, Role Description (resolves directly)
-#: pkg/unifiedrole/roles.go:143
-msgid "View, download, edit and show all invited people."
-msgstr "Visa, hämta ner, redigera och visa alla inbjudna personer."
-
-#. UnifiedRole Editor, Role Description (resolves directly)
-#. UnifiedRole SpaseEditorWithoutVersions, Role Description (resolves
-#. directly)
-#: pkg/unifiedrole/roles.go:113 pkg/unifiedrole/roles.go:131
-msgid "View, download, upload, edit, add and delete."
-msgstr "Visa, hämta ner, skicka upp, redigera, lägga till och ta bort."
-
-#. UnifiedRole Manager, Role Description (resolves directly)
-#: pkg/unifiedrole/roles.go:155
-msgid "View, download, upload, edit, add, delete and manage members."
-msgstr ""
-"Visa, hämta ner, skicka upp, redigera, lägga till, ta bort och hantera "
-"medlemmar."
-
-#. UnifiedRoleListGrants Editor, Role Description (resolves directly)
-#: pkg/unifiedrole/roles.go:119
-msgid "View, download, upload, edit, add, delete and show all invited people."
-msgstr ""
-"Visa, hämta ner, skicka upp, redigera, lägga till, ta bort och visa alla "
-"inbjudna personer."
-
-#. UnifiedRole SpaseEditor, Role Description (resolves directly)
-#: pkg/unifiedrole/roles.go:125
-msgid "View, download, upload, edit, add, delete including the history."
-msgstr ""
-"Visa, hämta ner, skicka upp, redigera, lägga till, ta bort inklusive "
-"historiken."
--- a/services/graph/pkg/l10n/locale/zh/LC_MESSAGES/graph.po
+++ b/services/graph/pkg/l10n/locale/zh/LC_MESSAGES/graph.po
@@ -11,7 +11,7 @@ msgid ""
 msgstr ""
 "Project-Id-Version: \n"
 "Report-Msgid-Bugs-To: EMAIL\n"
-"POT-Creation-Date: 2025-11-09 00:02+0000\n"
+"POT-Creation-Date: 2025-10-20 00:01+0000\n"
 "PO-Revision-Date: 2025-01-27 10:17+0000\n"
 "Last-Translator: YQS Yang, 2025\n"
 "Language-Team: Chinese (https://app.transifex.com/opencloud-eu/teams/204053/zh/)\n"
--- a/services/graph/pkg/service/v0/api_driveitem_permissions.go
+++ b/services/graph/pkg/service/v0/api_driveitem_permissions.go
@@ -38,7 +38,6 @@ import (
 	"github.com/opencloud-eu/opencloud/services/graph/pkg/config"
 	"github.com/opencloud-eu/opencloud/services/graph/pkg/errorcode"
 	"github.com/opencloud-eu/opencloud/services/graph/pkg/identity"
-	"github.com/opencloud-eu/opencloud/services/graph/pkg/identity/cache"
 	"github.com/opencloud-eu/opencloud/services/graph/pkg/unifiedrole"
 	"github.com/opencloud-eu/opencloud/services/graph/pkg/validate"
 )
@@ -90,7 +89,7 @@ type ListPermissionsQueryOptions struct {
 }

 // NewDriveItemPermissionsService creates a new DriveItemPermissionsService
-func NewDriveItemPermissionsService(logger log.Logger, gatewaySelector pool.Selectable[gateway.GatewayAPIClient], identityCache cache.IdentityCache, config *config.Config) (DriveItemPermissionsService, error) {
+func NewDriveItemPermissionsService(logger log.Logger, gatewaySelector pool.Selectable[gateway.GatewayAPIClient], identityCache identity.IdentityCache, config *config.Config) (DriveItemPermissionsService, error) {
 	return DriveItemPermissionsService{
 		BaseGraphService: BaseGraphService{
 			logger:          &log.Logger{Logger: logger.With().Str("graph api", "DrivesDriveItemService").Logger()},
@@ -104,7 +103,6 @@ func NewDriveItemPermissionsService(logger log.Logger, gatewaySelector pool.Sele

 // Invite invites a user to a drive item.
 func (s DriveItemPermissionsService) Invite(ctx context.Context, resourceId *storageprovider.ResourceId, invite libregraph.DriveItemInvite) (libregraph.Permission, error) {
-	tenantId := revactx.ContextMustGetUser(ctx).GetId().GetTenantId()
 	gatewayClient, err := s.gatewaySelector.Next()
 	if err != nil {
 		return libregraph.Permission{}, err
@@ -186,7 +184,7 @@ func (s DriveItemPermissionsService) Invite(ctx context.Context, resourceId *sto
 		cTime = createShareResponse.GetShare().GetCtime()
 		expiration = createShareResponse.GetShare().GetExpiration()
 	default:
-		user, err := s.identityCache.GetCS3User(ctx, tenantId, objectID)
+		user, err := s.identityCache.GetCS3User(ctx, objectID)
 		if errors.Is(err, identity.ErrNotFound) && s.config.IncludeOCMSharees {
 			user, err = s.identityCache.GetAcceptedCS3User(ctx, objectID)
 			if err == nil && IsSpaceRoot(statResponse.GetInfo().GetId()) {
@@ -261,14 +259,14 @@ func (s DriveItemPermissionsService) Invite(ctx context.Context, resourceId *sto
 	}

 	if user, ok := revactx.ContextGetUser(ctx); ok {
-		userIdentity, err := userIdToIdentity(ctx, s.identityCache, tenantId, user.GetId().GetOpaqueId())
+		identity, err := userIdToIdentity(ctx, s.identityCache, user.GetId().GetOpaqueId())
 		if err != nil {
 			s.logger.Error().Err(err).Msg("identity lookup failed")
 			return libregraph.Permission{}, errorcode.New(errorcode.InvalidRequest, err.Error())
 		}
 		permission.SetInvitation(libregraph.SharingInvitation{
 			InvitedBy: &libregraph.IdentitySet{
-				User: &userIdentity,
+				User: &identity,
 			},
 		})
 	}
--- a/services/graph/pkg/service/v0/api_driveitem_permissions_links_test.go
+++ b/services/graph/pkg/service/v0/api_driveitem_permissions_links_test.go
@@ -11,18 +11,18 @@ import (
 	provider "github.com/cs3org/go-cs3apis/cs3/storage/provider/v1beta1"
 	. "github.com/onsi/ginkgo/v2"
 	. "github.com/onsi/gomega"
-	libregraph "github.com/opencloud-eu/libre-graph-api-go"
 	"github.com/opencloud-eu/opencloud/pkg/log"
 	"github.com/opencloud-eu/opencloud/services/graph/mocks"
 	"github.com/opencloud-eu/opencloud/services/graph/pkg/config/defaults"
 	"github.com/opencloud-eu/opencloud/services/graph/pkg/errorcode"
-	"github.com/opencloud-eu/opencloud/services/graph/pkg/identity/cache"
+	"github.com/opencloud-eu/opencloud/services/graph/pkg/identity"
 	"github.com/opencloud-eu/opencloud/services/graph/pkg/linktype"
 	service "github.com/opencloud-eu/opencloud/services/graph/pkg/service/v0"
 	revactx "github.com/opencloud-eu/reva/v2/pkg/ctx"
 	"github.com/opencloud-eu/reva/v2/pkg/rgrpc/status"
 	"github.com/opencloud-eu/reva/v2/pkg/utils"
 	cs3mocks "github.com/opencloud-eu/reva/v2/tests/cs3mocks/mocks"
+	libregraph "github.com/opencloud-eu/libre-graph-api-go"
 	"github.com/stretchr/testify/mock"
 )

@@ -51,7 +51,7 @@ var _ = Describe("createLinkTests", func() {
 		gatewaySelector = mocks.NewSelectable[gateway.GatewayAPIClient](GinkgoT())
 		gatewaySelector.On("Next").Return(gatewayClient, nil)

-		cache := cache.NewIdentityCache(cache.IdentityCacheWithGatewaySelector(gatewaySelector))
+		cache := identity.NewIdentityCache(identity.IdentityCacheWithGatewaySelector(gatewaySelector))

 		cfg := defaults.FullDefaultConfig()
 		svc, err = service.NewDriveItemPermissionsService(logger, gatewaySelector, cache, cfg)
--- a/services/graph/pkg/service/v0/api_driveitem_permissions_test.go
+++ b/services/graph/pkg/service/v0/api_driveitem_permissions_test.go
@@ -37,7 +37,7 @@ import (
 	"github.com/opencloud-eu/opencloud/services/graph/mocks"
 	"github.com/opencloud-eu/opencloud/services/graph/pkg/config/defaults"
 	"github.com/opencloud-eu/opencloud/services/graph/pkg/errorcode"
-	identitycache "github.com/opencloud-eu/opencloud/services/graph/pkg/identity/cache"
+	"github.com/opencloud-eu/opencloud/services/graph/pkg/identity"
 	"github.com/opencloud-eu/opencloud/services/graph/pkg/linktype"
 	svc "github.com/opencloud-eu/opencloud/services/graph/pkg/service/v0"
 	"github.com/opencloud-eu/opencloud/services/graph/pkg/unifiedrole"
@@ -56,7 +56,7 @@ var _ = Describe("DriveItemPermissionsService", func() {
 				OpaqueId: "user",
 			},
 		}
-		cache        identitycache.IdentityCache
+		cache        identity.IdentityCache
 		statResponse *provider.StatResponse
 		driveItemId  *provider.ResourceId
 		ctx          context.Context
@@ -70,7 +70,7 @@ var _ = Describe("DriveItemPermissionsService", func() {
 		gatewaySelector = mocks.NewSelectable[gateway.GatewayAPIClient](GinkgoT())
 		gatewaySelector.On("Next").Return(gatewayClient, nil)

-		cache = identitycache.NewIdentityCache(identitycache.IdentityCacheWithGatewaySelector(gatewaySelector))
+		cache = identity.NewIdentityCache(identity.IdentityCacheWithGatewaySelector(gatewaySelector))

 		cfg = defaults.FullDefaultConfig()
 		service, err := svc.NewDriveItemPermissionsService(logger, gatewaySelector, cache, cfg)
@@ -139,7 +139,7 @@ var _ = Describe("DriveItemPermissionsService", func() {
 				Expiration: utils.TimeToTS(*driveItemInvite.ExpirationDateTime),
 			}

-			permission, err := driveItemPermissionsService.Invite(ctx, driveItemId, driveItemInvite)
+			permission, err := driveItemPermissionsService.Invite(context.Background(), driveItemId, driveItemInvite)
 			Expect(err).ToNot(HaveOccurred())
 			Expect(permission.GetId()).To(Equal("123"))
 			Expect(permission.GetExpirationDateTime().Equal(*driveItemInvite.ExpirationDateTime)).To(BeTrue())
@@ -149,7 +149,6 @@ var _ = Describe("DriveItemPermissionsService", func() {

 		It("creates group shares as expected (happy path)", func() {
 			gatewayClient.On("GetGroup", mock.Anything, mock.Anything).Return(getGroupResponse, nil)
-			gatewayClient.On("GetUser", mock.Anything, mock.Anything).Return(getUserResponse, nil)
 			gatewayClient.On("CreateShare", mock.Anything, mock.Anything).Return(createShareResponse, nil)
 			driveItemInvite.Recipients = []libregraph.DriveRecipient{
 				{ObjectId: libregraph.PtrString("2"), LibreGraphRecipientType: libregraph.PtrString("group")},
@@ -160,7 +159,7 @@ var _ = Describe("DriveItemPermissionsService", func() {
 				Expiration: utils.TimeToTS(*driveItemInvite.ExpirationDateTime),
 			}

-			permission, err := driveItemPermissionsService.Invite(ctx, driveItemId, driveItemInvite)
+			permission, err := driveItemPermissionsService.Invite(context.Background(), driveItemId, driveItemInvite)
 			Expect(err).ToNot(HaveOccurred())
 			Expect(permission.GetId()).To(Equal("123"))
 			Expect(permission.GetExpirationDateTime().Equal(*driveItemInvite.ExpirationDateTime)).To(BeTrue())
@@ -176,7 +175,7 @@ var _ = Describe("DriveItemPermissionsService", func() {
 			}
 			driveItemInvite.Roles = []string{unifiedrole.UnifiedRoleViewerID}

-			permission, err := driveItemPermissionsService.Invite(ctx, driveItemId, driveItemInvite)
+			permission, err := driveItemPermissionsService.Invite(context.Background(), driveItemId, driveItemInvite)
 			Expect(err).ToNot(HaveOccurred())

 			Expect(permission.GetRoles()).To(HaveLen(1))
@@ -192,7 +191,7 @@ var _ = Describe("DriveItemPermissionsService", func() {
 			}
 			driveItemInvite.Roles = []string{unifiedrole.UnifiedRoleEditorID}

-			permission, err := driveItemPermissionsService.Invite(ctx, driveItemId, driveItemInvite)
+			permission, err := driveItemPermissionsService.Invite(context.Background(), driveItemId, driveItemInvite)
 			Expect(err).ToNot(HaveOccurred())

 			Expect(permission.GetRoles()).To(HaveLen(1))
@@ -204,7 +203,7 @@ var _ = Describe("DriveItemPermissionsService", func() {
 				{ObjectId: libregraph.PtrString("1"), LibreGraphRecipientType: libregraph.PtrString("user")},
 			}
 			driveItemInvite.Roles = []string{unifiedrole.UnifiedRoleManagerID}
-			permission, err := driveItemPermissionsService.Invite(ctx, driveItemId, driveItemInvite)
+			permission, err := driveItemPermissionsService.Invite(context.Background(), driveItemId, driveItemInvite)

 			Expect(err).To(MatchError(errorcode.New(errorcode.InvalidRequest, "role not applicable to this resource")))
 			Expect(permission).To(BeZero())
@@ -215,7 +214,7 @@ var _ = Describe("DriveItemPermissionsService", func() {
 				{ObjectId: libregraph.PtrString("1"), LibreGraphRecipientType: libregraph.PtrString("user")},
 			}
 			driveItemInvite.Roles = []string{unifiedrole.UnifiedRoleEditorID}
-			permission, err := driveItemPermissionsService.Invite(ctx, driveItemId, driveItemInvite)
+			permission, err := driveItemPermissionsService.Invite(context.Background(), driveItemId, driveItemInvite)

 			Expect(err).To(MatchError(errorcode.New(errorcode.InvalidRequest, "role not applicable to this resource")))
 			Expect(permission).To(BeZero())
@@ -227,7 +226,7 @@ var _ = Describe("DriveItemPermissionsService", func() {
 				{ObjectId: libregraph.PtrString("1"), LibreGraphRecipientType: libregraph.PtrString("user")},
 			}
 			driveItemInvite.Roles = []string{unifiedrole.UnifiedRoleFileEditorID}
-			permission, err := driveItemPermissionsService.Invite(ctx, driveItemId, driveItemInvite)
+			permission, err := driveItemPermissionsService.Invite(context.Background(), driveItemId, driveItemInvite)

 			Expect(err).To(MatchError(errorcode.New(errorcode.InvalidRequest, "role not applicable to this resource")))
 			Expect(permission).To(BeZero())
@@ -242,7 +241,7 @@ var _ = Describe("DriveItemPermissionsService", func() {
 			driveItemInvite.Roles = nil
 			driveItemInvite.LibreGraphPermissionsActions = []string{unifiedrole.DriveItemContentRead}

-			permission, err := driveItemPermissionsService.Invite(ctx, driveItemId, driveItemInvite)
+			permission, err := driveItemPermissionsService.Invite(context.Background(), driveItemId, driveItemInvite)
 			Expect(err).ToNot(HaveOccurred())

 			Expect(permission).NotTo(BeZero())
@@ -253,7 +252,7 @@ var _ = Describe("DriveItemPermissionsService", func() {

 		It("fails with a missing driveritem", func() {
 			statResponse.Status = status.NewNotFound(context.Background(), "not found")
-			permission, err := driveItemPermissionsService.Invite(ctx, driveItemId, driveItemInvite)
+			permission, err := driveItemPermissionsService.Invite(context.Background(), driveItemId, driveItemInvite)
 			Expect(err).To(HaveOccurred())
 			Expect(err).To(MatchError(errorcode.New(errorcode.ItemNotFound, "not found").WithOrigin(errorcode.ErrorOriginCS3)))
 			Expect(permission).To(BeZero())
@@ -269,7 +268,7 @@ var _ = Describe("DriveItemPermissionsService", func() {
 			Expect(err).ToNot(HaveOccurred())

 			driveItemInvite.Roles = []string{unifiedrole.UnifiedRoleViewerID, unifiedrole.UnifiedRoleSecureViewerID}
-			_, err = service.Invite(ctx, driveItemId, driveItemInvite)
+			_, err = service.Invite(context.Background(), driveItemId, driveItemInvite)
 			Expect(err).To(MatchError(unifiedrole.ErrUnknownRole))
 		})
 	})
@@ -337,7 +336,7 @@ var _ = Describe("DriveItemPermissionsService", func() {
 				Expiration: utils.TimeToTS(*driveItemInvite.ExpirationDateTime),
 			}

-			permission, err := driveItemPermissionsService.SpaceRootInvite(ctx, driveId, driveItemInvite)
+			permission, err := driveItemPermissionsService.SpaceRootInvite(context.Background(), driveId, driveItemInvite)
 			Expect(err).ToNot(HaveOccurred())
 			Expect(permission.GetId()).To(Equal("123"))
 			Expect(permission.GetExpirationDateTime().Equal(*driveItemInvite.ExpirationDateTime)).To(BeTrue())
@@ -355,7 +354,7 @@ var _ = Describe("DriveItemPermissionsService", func() {
 				Expiration: utils.TimeToTS(*driveItemInvite.ExpirationDateTime),
 			}

-			permission, err := driveItemPermissionsService.SpaceRootInvite(ctx, driveId, driveItemInvite)
+			permission, err := driveItemPermissionsService.SpaceRootInvite(context.Background(), driveId, driveItemInvite)
 			Expect(err).To(HaveOccurred())
 			Expect(err).To(MatchError(errorcode.New(errorcode.InvalidRequest, "unsupported space type")))
 			Expect(permission).To(BeZero())
@@ -1062,7 +1061,7 @@ var _ = Describe("DriveItemPermissionsService", func() {
 				SpaceId:   "2",
 				OpaqueId:  "2",
 			}
-			res, err := driveItemPermissionsService.UpdatePermission(ctx, spaceId, "u:userid", driveItemPermission)
+			res, err := driveItemPermissionsService.UpdatePermission(context.Background(), spaceId, "u:userid", driveItemPermission)
 			Expect(err).To(MatchError(errorcode.New(errorcode.InvalidRequest, "role not applicable to this resource")))
 			Expect(res).To(BeZero())
 		})
--- a/services/graph/pkg/service/v0/base.go
+++ b/services/graph/pkg/service/v0/base.go
@@ -17,7 +17,6 @@ import (
 	storageprovider "github.com/cs3org/go-cs3apis/cs3/storage/provider/v1beta1"
 	types "github.com/cs3org/go-cs3apis/cs3/types/v1beta1"
 	libregraph "github.com/opencloud-eu/libre-graph-api-go"
-	revactx "github.com/opencloud-eu/reva/v2/pkg/ctx"
 	"golang.org/x/sync/errgroup"
 	"google.golang.org/protobuf/types/known/fieldmaskpb"

@@ -30,7 +29,6 @@ import (
 	"github.com/opencloud-eu/opencloud/services/graph/pkg/config"
 	"github.com/opencloud-eu/opencloud/services/graph/pkg/errorcode"
 	"github.com/opencloud-eu/opencloud/services/graph/pkg/identity"
-	"github.com/opencloud-eu/opencloud/services/graph/pkg/identity/cache"
 	"github.com/opencloud-eu/opencloud/services/graph/pkg/linktype"
 	"github.com/opencloud-eu/opencloud/services/graph/pkg/unifiedrole"
 )
@@ -46,7 +44,7 @@ type BaseGraphProvider interface {
 type BaseGraphService struct {
 	logger          *log.Logger
 	gatewaySelector pool.Selectable[gateway.GatewayAPIClient]
-	identityCache   cache.IdentityCache
+	identityCache   identity.IdentityCache
 	config          *config.Config
 	availableRoles  []*libregraph.UnifiedRoleDefinition
 }
@@ -172,8 +170,7 @@ func (g BaseGraphService) cs3SpacePermissionsToLibreGraph(ctx context.Context, s
 			}
 			isGroup = true
 		} else {
-			tenantId := revactx.ContextMustGetUser(ctx).GetId().GetTenantId()
-			cs3Identity, err = userIdToIdentity(ctx, g.identityCache, tenantId, tmp)
+			cs3Identity, err = userIdToIdentity(ctx, g.identityCache, tmp)
 			if err != nil {
 				g.logger.Warn().Str("userid", tmp).Msg("User not found by id")
 			}
--- a/services/graph/pkg/service/v0/service.go
+++ b/services/graph/pkg/service/v0/service.go
@@ -15,7 +15,6 @@ import (
 	"github.com/go-chi/chi/v5/middleware"
 	ldapv3 "github.com/go-ldap/ldap/v3"
 	"github.com/jellydator/ttlcache/v3"
-	"github.com/opencloud-eu/opencloud/services/graph/pkg/identity/cache"
 	"github.com/riandyrn/otelchi"
 	microstore "go-micro.dev/v4/store"

@@ -148,10 +147,10 @@ func NewService(opts ...Option) (Graph, error) { //nolint:maintidx
 	)
 	go spacePropertiesCache.Start()

-	identityCache := cache.NewIdentityCache(
-		cache.IdentityCacheWithGatewaySelector(options.GatewaySelector),
-		cache.IdentityCacheWithUsersTTL(time.Duration(options.Config.Spaces.UsersCacheTTL)),
-		cache.IdentityCacheWithGroupsTTL(time.Duration(options.Config.Spaces.GroupsCacheTTL)),
+	identityCache := identity.NewIdentityCache(
+		identity.IdentityCacheWithGatewaySelector(options.GatewaySelector),
+		identity.IdentityCacheWithUsersTTL(time.Duration(options.Config.Spaces.UsersCacheTTL)),
+		identity.IdentityCacheWithGroupsTTL(time.Duration(options.Config.Spaces.GroupsCacheTTL)),
 	)

 	baseGraphService := BaseGraphService{
--- a/services/graph/pkg/service/v0/utils.go
+++ b/services/graph/pkg/service/v0/utils.go
@@ -20,7 +20,7 @@ import (

 	"github.com/opencloud-eu/opencloud/pkg/log"
 	"github.com/opencloud-eu/opencloud/services/graph/pkg/errorcode"
-	"github.com/opencloud-eu/opencloud/services/graph/pkg/identity/cache"
+	"github.com/opencloud-eu/opencloud/services/graph/pkg/identity"
 	"github.com/opencloud-eu/opencloud/services/graph/pkg/unifiedrole"
 )

@@ -92,11 +92,11 @@ func IsShareJail(id *storageprovider.ResourceId) bool {

 // userIdToIdentity looks the user for the supplied id using the cache and returns it
 // as a libregraph.Identity
-func userIdToIdentity(ctx context.Context, cache cache.IdentityCache, tennantId, userID string) (libregraph.Identity, error) {
+func userIdToIdentity(ctx context.Context, cache identity.IdentityCache, userID string) (libregraph.Identity, error) {
 	identity := libregraph.Identity{
 		Id: libregraph.PtrString(userID),
 	}
-	user, err := cache.GetUser(ctx, tennantId, userID)
+	user, err := cache.GetUser(ctx, userID)
 	if err == nil {
 		identity.SetDisplayName(user.GetDisplayName())
 		identity.SetLibreGraphUserType(user.GetUserType())
@@ -106,7 +106,7 @@ func userIdToIdentity(ctx context.Context, cache cache.IdentityCache, tennantId,

 // federatedIdToIdentity looks the user for the supplied id using the cache and returns it
 // as a libregraph.Identity
-func federatedIdToIdentity(ctx context.Context, cache cache.IdentityCache, userID string) (libregraph.Identity, error) {
+func federatedIdToIdentity(ctx context.Context, cache identity.IdentityCache, userID string) (libregraph.Identity, error) {
 	identity := libregraph.Identity{
 		Id:                 libregraph.PtrString(userID),
 		LibreGraphUserType: libregraph.PtrString("Federated"),
@@ -121,19 +121,19 @@ func federatedIdToIdentity(ctx context.Context, cache cache.IdentityCache, userI

 // cs3UserIdToIdentity looks up the user for the supplied cs3 userid using the cache and returns it
 // as a libregraph.Identity. Skips the user lookup if the id type is USER_TYPE_SPACE_OWNER
-func cs3UserIdToIdentity(ctx context.Context, cache cache.IdentityCache, cs3UserID *cs3User.UserId) (libregraph.Identity, error) {
+func cs3UserIdToIdentity(ctx context.Context, cache identity.IdentityCache, cs3UserID *cs3User.UserId) (libregraph.Identity, error) {
 	if cs3UserID.GetType() == cs3User.UserType_USER_TYPE_FEDERATED {
 		return federatedIdToIdentity(ctx, cache, cs3UserID.GetOpaqueId())
 	}
 	if cs3UserID.GetType() != cs3User.UserType_USER_TYPE_SPACE_OWNER {
-		return userIdToIdentity(ctx, cache, cs3UserID.GetTenantId(), cs3UserID.GetOpaqueId())
+		return userIdToIdentity(ctx, cache, cs3UserID.GetOpaqueId())
 	}
 	return libregraph.Identity{Id: libregraph.PtrString(cs3UserID.GetOpaqueId())}, nil
 }

 // groupIdToIdentity looks up the group for the supplied cs3 groupid using the cache and returns it
 // as a libregraph.Identity.
-func groupIdToIdentity(ctx context.Context, cache cache.IdentityCache, groupID string) (libregraph.Identity, error) {
+func groupIdToIdentity(ctx context.Context, cache identity.IdentityCache, groupID string) (libregraph.Identity, error) {
 	identity := libregraph.Identity{
 		Id: libregraph.PtrString(groupID),
 	}
@@ -162,7 +162,7 @@ func identitySetToSpacePermissionID(identitySet libregraph.SharePointIdentitySet
 func cs3ReceivedSharesToDriveItems(ctx context.Context,
 	logger *log.Logger,
 	gatewayClient gateway.GatewayAPIClient,
-	identityCache cache.IdentityCache,
+	identityCache identity.IdentityCache,
 	receivedShares []*collaboration.ReceivedShare,
 	availableRoles []*libregraph.UnifiedRoleDefinition,
 ) ([]libregraph.DriveItem, error) {
@@ -341,7 +341,7 @@ func cs3ReceivedSharesToDriveItems(ctx context.Context,
 }

 func fillDriveItemPropertiesFromReceivedShare(ctx context.Context, logger *log.Logger,
-	identityCache cache.IdentityCache, receivedShares []*collaboration.ReceivedShare,
+	identityCache identity.IdentityCache, receivedShares []*collaboration.ReceivedShare,
 	resourceInfo *storageprovider.ResourceInfo, availableRoles []*libregraph.UnifiedRoleDefinition) (*libregraph.DriveItem, error) {

 	driveItem := libregraph.NewDriveItem()
@@ -416,7 +416,7 @@ func fillDriveItemPropertiesFromReceivedShare(ctx context.Context, logger *log.L
 }

 func cs3ReceivedShareToLibreGraphPermissions(ctx context.Context, logger *log.Logger,
-	identityCache cache.IdentityCache, receivedShare *collaboration.ReceivedShare,
+	identityCache identity.IdentityCache, receivedShare *collaboration.ReceivedShare,
 	resourceInfo *storageprovider.ResourceInfo, availableRoles []*libregraph.UnifiedRoleDefinition) (*libregraph.Permission, error) {
 	permission := libregraph.NewPermission()
 	if id := receivedShare.GetShare().GetId().GetOpaqueId(); id != "" {
@@ -510,7 +510,7 @@ func ExtractShareIdFromResourceId(rid *storageprovider.ResourceId) *collaboratio
 func cs3ReceivedOCMSharesToDriveItems(ctx context.Context,
 	logger *log.Logger,
 	gatewayClient gateway.GatewayAPIClient,
-	identityCache cache.IdentityCache,
+	identityCache identity.IdentityCache,
 	receivedShares []*ocm.ReceivedShare, availableRoles []*libregraph.UnifiedRoleDefinition) ([]libregraph.DriveItem, error) {

 	group := new(errgroup.Group)
@@ -696,7 +696,7 @@ func cs3ReceivedOCMSharesToDriveItems(ctx context.Context,
 }

 func fillDriveItemPropertiesFromReceivedOCMShare(ctx context.Context, logger *log.Logger,
-	identityCache cache.IdentityCache, receivedShares []*ocm.ReceivedShare,
+	identityCache identity.IdentityCache, receivedShares []*ocm.ReceivedShare,
 	resourceInfo *storageprovider.ResourceInfo, availableRoles []*libregraph.UnifiedRoleDefinition) (*libregraph.DriveItem, error) {

 	driveItem := libregraph.NewDriveItem()
@@ -775,7 +775,7 @@ func fillDriveItemPropertiesFromReceivedOCMShare(ctx context.Context, logger *lo
 }

 func cs3ReceivedOCMShareToLibreGraphPermissions(ctx context.Context, logger *log.Logger,
-	identityCache cache.IdentityCache, receivedShare *ocm.ReceivedShare,
+	identityCache identity.IdentityCache, receivedShare *ocm.ReceivedShare,
 	resourceInfo *storageprovider.ResourceInfo, availableRoles []*libregraph.UnifiedRoleDefinition) (*libregraph.Permission, error) {
 	permission := libregraph.NewPermission()
 	if id := receivedShare.GetId().GetOpaqueId(); id != "" {
--- a/services/graph/pkg/service/v0/utils_test.go
+++ b/services/graph/pkg/service/v0/utils_test.go
@@ -9,9 +9,9 @@ import (
 	"github.com/go-chi/chi/v5"
 	. "github.com/onsi/ginkgo/v2"
 	. "github.com/onsi/gomega"
-	libregraph "github.com/opencloud-eu/libre-graph-api-go"
 	rConversions "github.com/opencloud-eu/reva/v2/pkg/conversions"
 	"github.com/opencloud-eu/reva/v2/pkg/utils"
+	libregraph "github.com/opencloud-eu/libre-graph-api-go"

 	provider "github.com/cs3org/go-cs3apis/cs3/storage/provider/v1beta1"
 	"github.com/opencloud-eu/reva/v2/pkg/storagespace"
@@ -19,7 +19,7 @@ import (

 	"github.com/opencloud-eu/opencloud/pkg/conversions"
 	"github.com/opencloud-eu/opencloud/pkg/log"
-	"github.com/opencloud-eu/opencloud/services/graph/pkg/identity/cache"
+	"github.com/opencloud-eu/opencloud/services/graph/pkg/identity"
 	service "github.com/opencloud-eu/opencloud/services/graph/pkg/service/v0"
 	"github.com/opencloud-eu/opencloud/services/graph/pkg/unifiedrole"
 )
@@ -116,7 +116,7 @@ var _ = Describe("Utils", func() {
 			permission, err := service.CS3ReceivedShareToLibreGraphPermissions(
 				context.Background(),
 				nil,
-				cache.IdentityCache{},
+				identity.IdentityCache{},
 				&collaboration.ReceivedShare{
 					Share: &collaboration.Share{
 						Permissions: &collaboration.SharePermissions{
--- a/services/notifications/pkg/email/l10n/locale/ca/LC_MESSAGES/notifications.po
+++ b/services/notifications/pkg/email/l10n/locale/ca/LC_MESSAGES/notifications.po
@@ -11,7 +11,7 @@ msgid ""
 msgstr ""
 "Project-Id-Version: \n"
 "Report-Msgid-Bugs-To: EMAIL\n"
-"POT-Creation-Date: 2025-11-09 00:02+0000\n"
+"POT-Creation-Date: 2025-10-20 00:01+0000\n"
 "PO-Revision-Date: 2025-01-27 10:17+0000\n"
 "Last-Translator: Ivan Fustero, 2025\n"
 "Language-Team: Catalan (https://app.transifex.com/opencloud-eu/teams/204053/ca/)\n"
--- a/services/notifications/pkg/email/l10n/locale/de/LC_MESSAGES/notifications.po
+++ b/services/notifications/pkg/email/l10n/locale/de/LC_MESSAGES/notifications.po
@@ -12,7 +12,7 @@ msgid ""
 msgstr ""
 "Project-Id-Version: \n"
 "Report-Msgid-Bugs-To: EMAIL\n"
-"POT-Creation-Date: 2025-11-09 00:02+0000\n"
+"POT-Creation-Date: 2025-10-20 00:01+0000\n"
 "PO-Revision-Date: 2025-01-27 10:17+0000\n"
 "Last-Translator: Jonas, 2025\n"
 "Language-Team: German (https://app.transifex.com/opencloud-eu/teams/204053/de/)\n"
--- a/services/notifications/pkg/email/l10n/locale/fi/LC_MESSAGES/notifications.po
+++ b/services/notifications/pkg/email/l10n/locale/fi/LC_MESSAGES/notifications.po
@@ -1,162 +0,0 @@
-# SOME DESCRIPTIVE TITLE.
-# Copyright (C) YEAR THE PACKAGE'S COPYRIGHT HOLDER
-# This file is distributed under the same license as the PACKAGE package.
-# FIRST AUTHOR <EMAIL@ADDRESS>, YEAR.
-# 
-# Translators:
-# Jiri Grönroos <jiri.gronroos@iki.fi>, 2025
-# 
-#, fuzzy
-msgid ""
-msgstr ""
-"Project-Id-Version: \n"
-"Report-Msgid-Bugs-To: EMAIL\n"
-"POT-Creation-Date: 2025-11-07 00:02+0000\n"
-"PO-Revision-Date: 2025-01-27 10:17+0000\n"
-"Last-Translator: Jiri Grönroos <jiri.gronroos@iki.fi>, 2025\n"
-"Language-Team: Finnish (https://app.transifex.com/opencloud-eu/teams/204053/fi/)\n"
-"MIME-Version: 1.0\n"
-"Content-Type: text/plain; charset=UTF-8\n"
-"Content-Transfer-Encoding: 8bit\n"
-"Language: fi\n"
-"Plural-Forms: nplurals=2; plural=(n != 1);\n"
-
-#. UnsharedSpace email template, resolves via {{ .CallToAction }}
-#: pkg/email/templates.go:65
-msgid "Click here to check it: {ShareLink}"
-msgstr "Napsauta tästä tarkistaaksesi sen: {ShareLink}"
-
-#. ShareCreated email template, resolves via {{ .CallToAction }}
-#. SharedSpace email template, resolves via {{ .CallToAction }}
-#: pkg/email/templates.go:23 pkg/email/templates.go:50
-msgid "Click here to view it: {ShareLink}"
-msgstr "Napsauta tästä nähdäksesi sen: {ShareLink}"
-
-#. ShareCreated email template, resolves via {{ .Greeting }}
-#: pkg/email/templates.go:19
-msgid "Hello {ShareGrantee}"
-msgstr "Hei {ShareGrantee}"
-
-#. ShareExpired email template, resolves via {{ .Greeting }}
-#: pkg/email/templates.go:32
-msgid "Hello {ShareGrantee},"
-msgstr "Hei {ShareGrantee}"
-
-#. SharedSpace email template, resolves via {{ .Greeting }}
-#. UnsharedSpace email template, resolves via {{ .Greeting }}
-#. MembershipExpired email template, resolves via {{ .Greeting }}
-#: pkg/email/templates.go:46 pkg/email/templates.go:59
-#: pkg/email/templates.go:74
-msgid "Hello {SpaceGrantee},"
-msgstr "Hei {SpaceGrantee}"
-
-#. Grouped email template, resolves via {{ .Greeting }}
-#: pkg/email/templates.go:118
-msgid "Hi {DisplayName},"
-msgstr "Hei {DisplayName}"
-
-#. ScienceMeshInviteTokenGenerated email template, resolves via {{ .Greeting
-#. }}
-#. ScienceMeshInviteTokenGeneratedWithoutShareLink email template, resolves
-#. via {{ .Greeting }}
-#: pkg/email/templates.go:87 pkg/email/templates.go:104
-msgid "Hi,"
-msgstr "Hei"
-
-#. MembershipExpired email template, Subject field (resolves directly)
-#: pkg/email/templates.go:72
-msgid "Membership of '{SpaceName}' expired at {ExpiredAt}"
-msgstr "Avaruuden '{SpaceName}' jäsenyys vanheni {ExpiredAt}"
-
-#. Grouped email template, Subject field (resolves directly)
-#: pkg/email/templates.go:116
-msgid "Report"
-msgstr "Ilmoita"
-
-#. ScienceMeshInviteTokenGenerated email template, Subject field (resolves
-#. directly)
-#. ScienceMeshInviteTokenGeneratedWithoutShareLink email template, Subject
-#. field (resolves directly)
-#: pkg/email/templates.go:85 pkg/email/templates.go:102
-msgid "ScienceMesh: {InitiatorName} wants to collaborate with you"
-msgstr "ScienceMesh: {InitiatorName} haluaa tehdä yhteistyötä kanssasi"
-
-#. ShareExpired email template, Subject field (resolves directly)
-#: pkg/email/templates.go:30
-msgid "Share to '{ShareFolder}' expired at {ExpiredAt}"
-msgstr ""
-
-#. MembershipExpired email template, resolves via {{ .MessageBody }}
-#: pkg/email/templates.go:76
-msgid ""
-"Your membership of space {SpaceName} has expired at {ExpiredAt}\n"
-"\n"
-"Even though this membership has expired you still might have access through other shares and/or space memberships"
-msgstr ""
-
-#. ShareExpired email template, resolves via {{ .MessageBody }}
-#: pkg/email/templates.go:34
-msgid ""
-"Your share to {ShareFolder} has expired at {ExpiredAt}\n"
-"\n"
-"Even though this share has been revoked you still might have access through other shares and/or space memberships."
-msgstr ""
-
-#. ScienceMeshInviteTokenGeneratedWithoutShareLink email template, resolves
-#. via {{ .MessageBody }}
-#: pkg/email/templates.go:106
-msgid ""
-"{ShareSharer} ({ShareSharerMail}) wants to start sharing collaboration resources with you.\n"
-"Please visit your federation settings and use the following details:\n"
-"  Token: {Token}\n"
-"  ProviderDomain: {ProviderDomain}"
-msgstr ""
-
-#. ScienceMeshInviteTokenGenerated email template, resolves via {{
-#. .MessageBody }}
-#: pkg/email/templates.go:89
-msgid ""
-"{ShareSharer} ({ShareSharerMail}) wants to start sharing collaboration resources with you.\n"
-"To accept the invite, please visit the following URL:\n"
-"{ShareLink}\n"
-"\n"
-"Alternatively, you can visit your federation settings and use the following details:\n"
-"  Token: {Token}\n"
-"  ProviderDomain: {ProviderDomain}"
-msgstr ""
-
-#. ShareCreated email template, resolves via {{ .MessageBody }}
-#: pkg/email/templates.go:21
-msgid "{ShareSharer} has shared \"{ShareFolder}\" with you."
-msgstr "{ShareSharer} on jakanut kansion \"{ShareFolder}\" kanssasi."
-
-#. ShareCreated email template, Subject field (resolves directly)
-#: pkg/email/templates.go:17
-msgid "{ShareSharer} shared '{ShareFolder}' with you"
-msgstr "{ShareSharer} jakoi '{ShareFolder}' kanssasi"
-
-#. SharedSpace email template, resolves via {{ .MessageBody }}
-#: pkg/email/templates.go:48
-msgid "{SpaceSharer} has invited you to join \"{SpaceName}\"."
-msgstr "{SpaceSharer} kutsui sinut avaruuteen \"{SpaceName}\"."
-
-#. UnsharedSpace email template, resolves via {{ .MessageBody }}
-#: pkg/email/templates.go:61
-msgid ""
-"{SpaceSharer} has removed you from \"{SpaceName}\".\n"
-"\n"
-"You might still have access through your other groups or direct membership."
-msgstr ""
-"{SpaceSharer} on poistanut sinut avaruudesta \"{SpaceName}\".\n"
-"\n"
-"Sinulla saattaa silti olla pääsy muiden ryhmien tai suoran jäsenyyden kautta."
-
-#. SharedSpace email template, Subject field (resolves directly)
-#: pkg/email/templates.go:44
-msgid "{SpaceSharer} invited you to join {SpaceName}"
-msgstr "{SpaceSharer} kutsui sinut avaruuteen {SpaceName}"
-
-#. UnsharedSpace email template, Subject field (resolves directly)
-#: pkg/email/templates.go:57
-msgid "{SpaceSharer} removed you from {SpaceName}"
-msgstr "{SpaceSharer} poisti sinut avaruudesta {SpaceName}"
--- a/services/notifications/pkg/email/l10n/locale/fr/LC_MESSAGES/notifications.po
+++ b/services/notifications/pkg/email/l10n/locale/fr/LC_MESSAGES/notifications.po
@@ -11,7 +11,7 @@ msgid ""
 msgstr ""
 "Project-Id-Version: \n"
 "Report-Msgid-Bugs-To: EMAIL\n"
-"POT-Creation-Date: 2025-11-09 00:02+0000\n"
+"POT-Creation-Date: 2025-10-20 00:01+0000\n"
 "PO-Revision-Date: 2025-01-27 10:17+0000\n"
 "Last-Translator: eric_G <junk.eg@free.fr>, 2025\n"
 "Language-Team: French (https://app.transifex.com/opencloud-eu/teams/204053/fr/)\n"
--- a/services/notifications/pkg/email/l10n/locale/it/LC_MESSAGES/notifications.po
+++ b/services/notifications/pkg/email/l10n/locale/it/LC_MESSAGES/notifications.po
@@ -11,7 +11,7 @@ msgid ""
 msgstr ""
 "Project-Id-Version: \n"
 "Report-Msgid-Bugs-To: EMAIL\n"
-"POT-Creation-Date: 2025-11-09 00:02+0000\n"
+"POT-Creation-Date: 2025-10-20 00:01+0000\n"
 "PO-Revision-Date: 2025-01-27 10:17+0000\n"
 "Last-Translator: Simone Broglia, 2025\n"
 "Language-Team: Italian (https://app.transifex.com/opencloud-eu/teams/204053/it/)\n"
--- a/services/notifications/pkg/email/l10n/locale/ko/LC_MESSAGES/notifications.po
+++ b/services/notifications/pkg/email/l10n/locale/ko/LC_MESSAGES/notifications.po
@@ -11,7 +11,7 @@ msgid ""
 msgstr ""
 "Project-Id-Version: \n"
 "Report-Msgid-Bugs-To: EMAIL\n"
-"POT-Creation-Date: 2025-11-09 00:02+0000\n"
+"POT-Creation-Date: 2025-10-20 00:01+0000\n"
 "PO-Revision-Date: 2025-01-27 10:17+0000\n"
 "Last-Translator: gapho shin, 2025\n"
 "Language-Team: Korean (https://app.transifex.com/opencloud-eu/teams/204053/ko/)\n"
--- a/services/notifications/pkg/email/l10n/locale/sv/LC_MESSAGES/notifications.po
+++ b/services/notifications/pkg/email/l10n/locale/sv/LC_MESSAGES/notifications.po
@@ -5,16 +5,15 @@
 # 
 # Translators:
 # Davis Kaza, 2025
-# Daniel Nylander <po@danielnylander.se>, 2025
 # 
 #, fuzzy
 msgid ""
 msgstr ""
 "Project-Id-Version: \n"
 "Report-Msgid-Bugs-To: EMAIL\n"
-"POT-Creation-Date: 2025-11-08 00:02+0000\n"
+"POT-Creation-Date: 2025-10-20 00:01+0000\n"
 "PO-Revision-Date: 2025-01-27 10:17+0000\n"
-"Last-Translator: Daniel Nylander <po@danielnylander.se>, 2025\n"
+"Last-Translator: Davis Kaza, 2025\n"
 "Language-Team: Swedish (https://app.transifex.com/opencloud-eu/teams/204053/sv/)\n"
 "MIME-Version: 1.0\n"
 "Content-Type: text/plain; charset=UTF-8\n"
@@ -107,7 +106,7 @@ msgid ""
 msgstr ""
 "Din delning till {ShareFolder} har löpt ut {ExpiredAt}\n"
 "\n"
-"Även om denna delning har löpt ut kan du fortfarande ha tillgång via andra delningar och/eller medlemskap i arbetsytor."
+"Även om denna delning har löpt ut kan du fortfarande ha tillgång via andra delningar och/eller medlemskap i arbetsytor"

 #. ScienceMeshInviteTokenGeneratedWithoutShareLink email template, resolves
 #. via {{ .MessageBody }}
@@ -119,7 +118,7 @@ msgid ""
 "  ProviderDomain: {ProviderDomain}"
 msgstr ""
 "{ShareSharer} ({ShareSharerMail}) vill börja dela samarbetsresurser med dig.\n"
-"Kolla dina federationsinställningar och använd följande uppgifter:\n"
+"Var vänlig och kolla dina federationsinställningar och använd följande uppgifter:\n"
 "Token: {Token}\n"
 "ProviderDomain: {ProviderDomain}"

@@ -136,7 +135,7 @@ msgid ""
 "  ProviderDomain: {ProviderDomain}"
 msgstr ""
 "{ShareSharer} ({ShareSharerMail}) vill börja dela samarbetsresurser med dig.\n"
-"Besök följande URL för att acceptera inbjudan:\n"
+"Var vänlig och besök följande URL för att acceptera inbjudan:\n"
 "{ShareLink}\n"
 "\n"
 "Alternativt kan du kolla dina federationsinställningar och använda följande uppgifter:\n"
--- a/services/notifications/pkg/email/l10n/locale/zh/LC_MESSAGES/notifications.po
+++ b/services/notifications/pkg/email/l10n/locale/zh/LC_MESSAGES/notifications.po
@@ -11,7 +11,7 @@ msgid ""
 msgstr ""
 "Project-Id-Version: \n"
 "Report-Msgid-Bugs-To: EMAIL\n"
-"POT-Creation-Date: 2025-11-09 00:02+0000\n"
+"POT-Creation-Date: 2025-10-20 00:01+0000\n"
 "PO-Revision-Date: 2025-01-27 10:17+0000\n"
 "Last-Translator: YQS Yang, 2025\n"
 "Language-Team: Chinese (https://app.transifex.com/opencloud-eu/teams/204053/zh/)\n"
--- a/services/settings/pkg/service/v0/l10n/locale/ca/LC_MESSAGES/settings.po
+++ b/services/settings/pkg/service/v0/l10n/locale/ca/LC_MESSAGES/settings.po
@@ -11,7 +11,7 @@ msgid ""
 msgstr ""
 "Project-Id-Version: \n"
 "Report-Msgid-Bugs-To: EMAIL\n"
-"POT-Creation-Date: 2025-11-09 00:02+0000\n"
+"POT-Creation-Date: 2025-10-20 00:01+0000\n"
 "PO-Revision-Date: 2025-01-27 10:17+0000\n"
 "Last-Translator: Ivan Fustero, 2025\n"
 "Language-Team: Catalan (https://app.transifex.com/opencloud-eu/teams/204053/ca/)\n"
--- a/services/settings/pkg/service/v0/l10n/locale/de/LC_MESSAGES/settings.po
+++ b/services/settings/pkg/service/v0/l10n/locale/de/LC_MESSAGES/settings.po
@@ -11,7 +11,7 @@ msgid ""
 msgstr ""
 "Project-Id-Version: \n"
 "Report-Msgid-Bugs-To: EMAIL\n"
-"POT-Creation-Date: 2025-11-09 00:02+0000\n"
+"POT-Creation-Date: 2025-10-20 00:01+0000\n"
 "PO-Revision-Date: 2025-01-27 10:17+0000\n"
 "Last-Translator: Jörn Friedrich Dreyer <jfd@butonic.de>, 2025\n"
 "Language-Team: German (https://app.transifex.com/opencloud-eu/teams/204053/de/)\n"
--- a/services/settings/pkg/service/v0/l10n/locale/es/LC_MESSAGES/settings.po
+++ b/services/settings/pkg/service/v0/l10n/locale/es/LC_MESSAGES/settings.po
@@ -12,7 +12,7 @@ msgid ""
 msgstr ""
 "Project-Id-Version: \n"
 "Report-Msgid-Bugs-To: EMAIL\n"
-"POT-Creation-Date: 2025-11-09 00:02+0000\n"
+"POT-Creation-Date: 2025-10-20 00:01+0000\n"
 "PO-Revision-Date: 2025-01-27 10:17+0000\n"
 "Last-Translator: Alejandro Robles, 2025\n"
 "Language-Team: Spanish (https://app.transifex.com/opencloud-eu/teams/204053/es/)\n"
--- a/services/settings/pkg/service/v0/l10n/locale/fi/LC_MESSAGES/settings.po
+++ b/services/settings/pkg/service/v0/l10n/locale/fi/LC_MESSAGES/settings.po
@@ -11,7 +11,7 @@ msgid ""
 msgstr ""
 "Project-Id-Version: \n"
 "Report-Msgid-Bugs-To: EMAIL\n"
-"POT-Creation-Date: 2025-11-07 00:02+0000\n"
+"POT-Creation-Date: 2025-11-06 00:02+0000\n"
 "PO-Revision-Date: 2025-01-27 10:17+0000\n"
 "Last-Translator: Jiri Grönroos <jiri.gronroos@iki.fi>, 2025\n"
 "Language-Team: Finnish (https://app.transifex.com/opencloud-eu/teams/204053/fi/)\n"
@@ -72,8 +72,6 @@ msgid ""
 "Notify when a file I uploaded was rejected because of a virus infection or "
 "policy violation"
 msgstr ""
-"Ilmoita, kun lähettämäni tiedosto hylättiin joko virustartunnan tai "
-"käytäntöloukkauksen vuoksi"

 #. description of the notification option 'Share Removed'
 #: pkg/store/defaults/templates.go:14
@@ -88,17 +86,17 @@ msgstr "Ilmoita kun vastaanotettu jako on vanhentunut"
 #. description of the notification option 'Space Deleted'
 #: pkg/store/defaults/templates.go:38
 msgid "Notify when a space I am member of has been deleted"
-msgstr "Ilmoita, kun avaruus, jonka jäsen olen, on poistettu"
+msgstr ""

 #. description of the notification option 'Space Disabled'
 #: pkg/store/defaults/templates.go:34
 msgid "Notify when a space I am member of has been disabled"
-msgstr "Ilmoita, kun avaruus, jonka jäsen olen, on poistettu käytöstä"
+msgstr ""

 #. description of the notification option 'Space Membership Expired'
 #: pkg/store/defaults/templates.go:30
 msgid "Notify when a space membership has expired"
-msgstr "Ilmoita, kun avaruuden jäsenyys on vanhentunut"
+msgstr ""

 #. name of the notification option 'Space Unshared'
 #: pkg/store/defaults/templates.go:24
--- a/services/settings/pkg/service/v0/l10n/locale/fr/LC_MESSAGES/settings.po
+++ b/services/settings/pkg/service/v0/l10n/locale/fr/LC_MESSAGES/settings.po
@@ -11,7 +11,7 @@ msgid ""
 msgstr ""
 "Project-Id-Version: \n"
 "Report-Msgid-Bugs-To: EMAIL\n"
-"POT-Creation-Date: 2025-11-09 00:02+0000\n"
+"POT-Creation-Date: 2025-10-20 00:01+0000\n"
 "PO-Revision-Date: 2025-01-27 10:17+0000\n"
 "Last-Translator: eric_G <junk.eg@free.fr>, 2025\n"
 "Language-Team: French (https://app.transifex.com/opencloud-eu/teams/204053/fr/)\n"
--- a/services/settings/pkg/service/v0/l10n/locale/it/LC_MESSAGES/settings.po
+++ b/services/settings/pkg/service/v0/l10n/locale/it/LC_MESSAGES/settings.po
@@ -11,7 +11,7 @@ msgid ""
 msgstr ""
 "Project-Id-Version: \n"
 "Report-Msgid-Bugs-To: EMAIL\n"
-"POT-Creation-Date: 2025-11-09 00:02+0000\n"
+"POT-Creation-Date: 2025-10-20 00:01+0000\n"
 "PO-Revision-Date: 2025-01-27 10:17+0000\n"
 "Last-Translator: Simone Pagano, 2025\n"
 "Language-Team: Italian (https://app.transifex.com/opencloud-eu/teams/204053/it/)\n"
--- a/services/settings/pkg/service/v0/l10n/locale/ko/LC_MESSAGES/settings.po
+++ b/services/settings/pkg/service/v0/l10n/locale/ko/LC_MESSAGES/settings.po
@@ -11,7 +11,7 @@ msgid ""
 msgstr ""
 "Project-Id-Version: \n"
 "Report-Msgid-Bugs-To: EMAIL\n"
-"POT-Creation-Date: 2025-11-09 00:02+0000\n"
+"POT-Creation-Date: 2025-10-20 00:01+0000\n"
 "PO-Revision-Date: 2025-01-27 10:17+0000\n"
 "Last-Translator: gapho shin, 2025\n"
 "Language-Team: Korean (https://app.transifex.com/opencloud-eu/teams/204053/ko/)\n"
--- a/services/settings/pkg/service/v0/l10n/locale/nl/LC_MESSAGES/settings.po
+++ b/services/settings/pkg/service/v0/l10n/locale/nl/LC_MESSAGES/settings.po
@@ -11,7 +11,7 @@ msgid ""
 msgstr ""
 "Project-Id-Version: \n"
 "Report-Msgid-Bugs-To: EMAIL\n"
-"POT-Creation-Date: 2025-11-12 00:01+0000\n"
+"POT-Creation-Date: 2025-10-23 00:01+0000\n"
 "PO-Revision-Date: 2025-01-27 10:17+0000\n"
 "Last-Translator: Stephan Paternotte <stephan@paternottes.net>, 2025\n"
 "Language-Team: Dutch (https://app.transifex.com/opencloud-eu/teams/204053/nl/)\n"
--- a/services/settings/pkg/service/v0/l10n/locale/ru/LC_MESSAGES/settings.po
+++ b/services/settings/pkg/service/v0/l10n/locale/ru/LC_MESSAGES/settings.po
@@ -12,7 +12,7 @@ msgid ""
 msgstr ""
 "Project-Id-Version: \n"
 "Report-Msgid-Bugs-To: EMAIL\n"
-"POT-Creation-Date: 2025-11-09 00:02+0000\n"
+"POT-Creation-Date: 2025-10-20 00:01+0000\n"
 "PO-Revision-Date: 2025-01-27 10:17+0000\n"
 "Last-Translator: Lulufox, 2025\n"
 "Language-Team: Russian (https://app.transifex.com/opencloud-eu/teams/204053/ru/)\n"
--- a/services/settings/pkg/service/v0/l10n/locale/sv/LC_MESSAGES/settings.po
+++ b/services/settings/pkg/service/v0/l10n/locale/sv/LC_MESSAGES/settings.po
@@ -11,7 +11,7 @@ msgid ""
 msgstr ""
 "Project-Id-Version: \n"
 "Report-Msgid-Bugs-To: EMAIL\n"
-"POT-Creation-Date: 2025-11-09 00:02+0000\n"
+"POT-Creation-Date: 2025-10-20 00:01+0000\n"
 "PO-Revision-Date: 2025-01-27 10:17+0000\n"
 "Last-Translator: Davis Kaza, 2025\n"
 "Language-Team: Swedish (https://app.transifex.com/opencloud-eu/teams/204053/sv/)\n"
--- a/services/settings/pkg/service/v0/l10n/locale/zh/LC_MESSAGES/settings.po
+++ b/services/settings/pkg/service/v0/l10n/locale/zh/LC_MESSAGES/settings.po
@@ -11,7 +11,7 @@ msgid ""
 msgstr ""
 "Project-Id-Version: \n"
 "Report-Msgid-Bugs-To: EMAIL\n"
-"POT-Creation-Date: 2025-11-09 00:02+0000\n"
+"POT-Creation-Date: 2025-10-20 00:01+0000\n"
 "PO-Revision-Date: 2025-01-27 10:17+0000\n"
 "Last-Translator: YQS Yang, 2025\n"
 "Language-Team: Chinese (https://app.transifex.com/opencloud-eu/teams/204053/zh/)\n"
--- a/services/settings/pkg/store/metadata/assignments.go
+++ b/services/settings/pkg/store/metadata/assignments.go
@@ -6,7 +6,7 @@ import (
 	"encoding/json"
 	"fmt"

-	"github.com/google/uuid"
+	"github.com/gofrs/uuid"
 	settingsmsg "github.com/opencloud-eu/opencloud/protogen/gen/opencloud/messages/settings/v0"
 	"github.com/opencloud-eu/opencloud/services/settings/pkg/settings"
 	"github.com/opencloud-eu/opencloud/services/settings/pkg/store/defaults"
@@ -20,7 +20,7 @@ func (s *Store) ListRoleAssignments(accountUUID string) ([]*settingsmsg.UserRole
 		if accountUUID == serviceAccountID {
 			return []*settingsmsg.UserRoleAssignment{
 				{
-					Id:          uuid.NewString(), // should we hardcode this id too?
+					Id:          uuid.Must(uuid.NewV4()).String(), // should we hardcode this id too?
 					AccountUuid: accountUUID,
 					RoleId:      defaults.BundleUUIDServiceAccount,
 				},
@@ -136,7 +136,7 @@ func (s *Store) WriteRoleAssignment(accountUUID, roleID string) (*settingsmsg.Us
 	}

 	ass := &settingsmsg.UserRoleAssignment{
-		Id:          uuid.NewString(),
+		Id:          uuid.Must(uuid.NewV4()).String(),
 		AccountUuid: accountUUID,
 		RoleId:      roleID,
 	}
--- a/services/settings/pkg/store/metadata/assignments_test.go
+++ b/services/settings/pkg/store/metadata/assignments_test.go
@@ -5,7 +5,7 @@ import (
 	"sync"
 	"testing"

-	"github.com/google/uuid"
+	"github.com/gofrs/uuid"
 	olog "github.com/opencloud-eu/opencloud/pkg/log"
 	"github.com/opencloud-eu/opencloud/pkg/shared"
 	settingsmsg "github.com/opencloud-eu/opencloud/protogen/gen/opencloud/messages/settings/v0"
@@ -95,7 +95,7 @@ func initStore() *Store {
 		cfg:    defaults.DefaultConfig(),
 	}
 	s.cfg.Commons = &shared.Commons{
-		AdminUserID: uuid.NewString(),
+		AdminUserID: uuid.Must(uuid.NewV4()).String(),
 	}

 	_ = NewMDC(s)
--- a/services/settings/pkg/store/metadata/bundles.go
+++ b/services/settings/pkg/store/metadata/bundles.go
@@ -7,7 +7,7 @@ import (
 	"errors"
 	"fmt"

-	"github.com/google/uuid"
+	"github.com/gofrs/uuid"
 	settingsmsg "github.com/opencloud-eu/opencloud/protogen/gen/opencloud/messages/settings/v0"
 	"github.com/opencloud-eu/opencloud/services/settings/pkg/settings"
 	"github.com/opencloud-eu/opencloud/services/settings/pkg/store/defaults"
@@ -146,7 +146,7 @@ func (s *Store) AddSettingToBundle(bundleID string, setting *settingsmsg.Setting
 	}

 	if setting.Id == "" {
-		setting.Id = uuid.NewString()
+		setting.Id = uuid.Must(uuid.NewV4()).String()
 	}

 	b.Settings = append(b.Settings, setting)
--- a/services/settings/pkg/store/metadata/bundles_test.go
+++ b/services/settings/pkg/store/metadata/bundles_test.go
@@ -3,7 +3,7 @@ package store
 import (
 	"testing"

-	"github.com/google/uuid"
+	"github.com/gofrs/uuid"
 	settingsmsg "github.com/opencloud-eu/opencloud/protogen/gen/opencloud/messages/settings/v0"
 	"github.com/stretchr/testify/require"
 )
@@ -102,7 +102,7 @@ var bundleScenarios = []struct {
 }

 var (
-	appendTestBundleID = uuid.NewString()
+	appendTestBundleID = uuid.Must(uuid.NewV4()).String()

 	appendTestSetting1 = &settingsmsg.Setting{
 		Id:          "append-test-setting-1",
--- a/services/settings/pkg/store/metadata/store.go
+++ b/services/settings/pkg/store/metadata/store.go
@@ -7,7 +7,7 @@ import (
 	"log"
 	"sync"

-	"github.com/google/uuid"
+	"github.com/gofrs/uuid"
 	olog "github.com/opencloud-eu/opencloud/pkg/log"
 	settingsmsg "github.com/opencloud-eu/opencloud/protogen/gen/opencloud/messages/settings/v0"
 	"github.com/opencloud-eu/opencloud/services/settings/pkg/config"
@@ -21,7 +21,7 @@ var (
 	// Name is the default name for the settings store
 	Name                   = "opencloud-settings"
 	managerName            = "metadata"
-	settingsSpaceID        = "f1bdd61a-da7c-49fc-8203-0558109d1b4f" // uuid.NewString()
+	settingsSpaceID        = "f1bdd61a-da7c-49fc-8203-0558109d1b4f" // uuid.Must(uuid.NewV4()).String()
 	rootFolderLocation     = "settings"
 	bundleFolderLocation   = "settings/bundles"
 	accountsFolderLocation = "settings/accounts"
@@ -156,7 +156,7 @@ func (s *Store) initMetadataClient(mdc MetadataClient) error {
 		}

 		ass := &settingsmsg.UserRoleAssignment{
-			Id:          uuid.NewString(),
+			Id:          uuid.Must(uuid.NewV4()).String(),
 			AccountUuid: accountUUID,
 			RoleId:      roleID,
 		}
@@ -220,7 +220,7 @@ func (s *Store) userMustHaveAdminRole(accountUUID string, assIDs []string, mdc M
 		}

 		ass := &settingsmsg.UserRoleAssignment{
-			Id:          uuid.NewString(),
+			Id:          uuid.Must(uuid.NewV4()).String(),
 			AccountUuid: accountUUID,
 			RoleId:      defaults.BundleUUIDRoleAdmin,
 		}
--- a/services/settings/pkg/store/metadata/values.go
+++ b/services/settings/pkg/store/metadata/values.go
@@ -6,7 +6,7 @@ import (
 	"encoding/json"
 	"fmt"

-	"github.com/google/uuid"
+	"github.com/gofrs/uuid"
 	settingsmsg "github.com/opencloud-eu/opencloud/protogen/gen/opencloud/messages/settings/v0"
 	"github.com/opencloud-eu/opencloud/services/settings/pkg/settings"
 	"github.com/opencloud-eu/reva/v2/pkg/errtypes"
@@ -127,7 +127,7 @@ func (s *Store) WriteValue(value *settingsmsg.Value) (*settingsmsg.Value, error)
 	ctx := context.TODO()

 	if value.Id == "" {
-		value.Id = uuid.NewString()
+		value.Id = uuid.Must(uuid.NewV4()).String()
 	}
 	b, err := json.Marshal(value)
 	if err != nil {
--- a/services/userlog/pkg/service/l10n/locale/ca/LC_MESSAGES/userlog.po
+++ b/services/userlog/pkg/service/l10n/locale/ca/LC_MESSAGES/userlog.po
@@ -11,7 +11,7 @@ msgid ""
 msgstr ""
 "Project-Id-Version: \n"
 "Report-Msgid-Bugs-To: EMAIL\n"
-"POT-Creation-Date: 2025-11-09 00:02+0000\n"
+"POT-Creation-Date: 2025-10-20 00:01+0000\n"
 "PO-Revision-Date: 2025-01-27 10:17+0000\n"
 "Last-Translator: Ivan Fustero, 2025\n"
 "Language-Team: Catalan (https://app.transifex.com/opencloud-eu/teams/204053/ca/)\n"
--- a/services/userlog/pkg/service/l10n/locale/de/LC_MESSAGES/userlog.po
+++ b/services/userlog/pkg/service/l10n/locale/de/LC_MESSAGES/userlog.po
@@ -11,7 +11,7 @@ msgid ""
 msgstr ""
 "Project-Id-Version: \n"
 "Report-Msgid-Bugs-To: EMAIL\n"
-"POT-Creation-Date: 2025-11-09 00:02+0000\n"
+"POT-Creation-Date: 2025-10-20 00:01+0000\n"
 "PO-Revision-Date: 2025-01-27 10:17+0000\n"
 "Last-Translator: Jörn Friedrich Dreyer <jfd@butonic.de>, 2025\n"
 "Language-Team: German (https://app.transifex.com/opencloud-eu/teams/204053/de/)\n"
--- a/services/userlog/pkg/service/l10n/locale/es/LC_MESSAGES/userlog.po
+++ b/services/userlog/pkg/service/l10n/locale/es/LC_MESSAGES/userlog.po
@@ -11,7 +11,7 @@ msgid ""
 msgstr ""
 "Project-Id-Version: \n"
 "Report-Msgid-Bugs-To: EMAIL\n"
-"POT-Creation-Date: 2025-11-09 00:02+0000\n"
+"POT-Creation-Date: 2025-10-20 00:01+0000\n"
 "PO-Revision-Date: 2025-01-27 10:17+0000\n"
 "Last-Translator: Elías Martín, 2025\n"
 "Language-Team: Spanish (https://app.transifex.com/opencloud-eu/teams/204053/es/)\n"
--- a/services/userlog/pkg/service/l10n/locale/fr/LC_MESSAGES/userlog.po
+++ b/services/userlog/pkg/service/l10n/locale/fr/LC_MESSAGES/userlog.po
@@ -11,7 +11,7 @@ msgid ""
 msgstr ""
 "Project-Id-Version: \n"
 "Report-Msgid-Bugs-To: EMAIL\n"
-"POT-Creation-Date: 2025-11-09 00:02+0000\n"
+"POT-Creation-Date: 2025-10-20 00:01+0000\n"
 "PO-Revision-Date: 2025-01-27 10:17+0000\n"
 "Last-Translator: eric_G <junk.eg@free.fr>, 2025\n"
 "Language-Team: French (https://app.transifex.com/opencloud-eu/teams/204053/fr/)\n"
--- a/services/userlog/pkg/service/l10n/locale/it/LC_MESSAGES/userlog.po
+++ b/services/userlog/pkg/service/l10n/locale/it/LC_MESSAGES/userlog.po
@@ -11,7 +11,7 @@ msgid ""
 msgstr ""
 "Project-Id-Version: \n"
 "Report-Msgid-Bugs-To: EMAIL\n"
-"POT-Creation-Date: 2025-11-09 00:02+0000\n"
+"POT-Creation-Date: 2025-10-20 00:01+0000\n"
 "PO-Revision-Date: 2025-01-27 10:17+0000\n"
 "Last-Translator: Simone Broglia, 2025\n"
 "Language-Team: Italian (https://app.transifex.com/opencloud-eu/teams/204053/it/)\n"
--- a/services/userlog/pkg/service/l10n/locale/ko/LC_MESSAGES/userlog.po
+++ b/services/userlog/pkg/service/l10n/locale/ko/LC_MESSAGES/userlog.po
@@ -11,7 +11,7 @@ msgid ""
 msgstr ""
 "Project-Id-Version: \n"
 "Report-Msgid-Bugs-To: EMAIL\n"
-"POT-Creation-Date: 2025-11-09 00:02+0000\n"
+"POT-Creation-Date: 2025-10-20 00:01+0000\n"
 "PO-Revision-Date: 2025-01-27 10:17+0000\n"
 "Last-Translator: gapho shin, 2025\n"
 "Language-Team: Korean (https://app.transifex.com/opencloud-eu/teams/204053/ko/)\n"
--- a/services/userlog/pkg/service/l10n/locale/ru/LC_MESSAGES/userlog.po
+++ b/services/userlog/pkg/service/l10n/locale/ru/LC_MESSAGES/userlog.po
@@ -11,7 +11,7 @@ msgid ""
 msgstr ""
 "Project-Id-Version: \n"
 "Report-Msgid-Bugs-To: EMAIL\n"
-"POT-Creation-Date: 2025-11-09 00:02+0000\n"
+"POT-Creation-Date: 2025-10-20 00:01+0000\n"
 "PO-Revision-Date: 2025-01-27 10:17+0000\n"
 "Last-Translator: Lulufox, 2025\n"
 "Language-Team: Russian (https://app.transifex.com/opencloud-eu/teams/204053/ru/)\n"
--- a/services/userlog/pkg/service/l10n/locale/sv/LC_MESSAGES/userlog.po
+++ b/services/userlog/pkg/service/l10n/locale/sv/LC_MESSAGES/userlog.po
@@ -1,116 +0,0 @@
-# SOME DESCRIPTIVE TITLE.
-# Copyright (C) YEAR THE PACKAGE'S COPYRIGHT HOLDER
-# This file is distributed under the same license as the PACKAGE package.
-# FIRST AUTHOR <EMAIL@ADDRESS>, YEAR.
-# 
-# Translators:
-# Daniel Nylander <po@danielnylander.se>, 2025
-# 
-#, fuzzy
-msgid ""
-msgstr ""
-"Project-Id-Version: \n"
-"Report-Msgid-Bugs-To: EMAIL\n"
-"POT-Creation-Date: 2025-11-08 00:02+0000\n"
-"PO-Revision-Date: 2025-01-27 10:17+0000\n"
-"Last-Translator: Daniel Nylander <po@danielnylander.se>, 2025\n"
-"Language-Team: Swedish (https://app.transifex.com/opencloud-eu/teams/204053/sv/)\n"
-"MIME-Version: 1.0\n"
-"Content-Type: text/plain; charset=UTF-8\n"
-"Content-Transfer-Encoding: 8bit\n"
-"Language: sv\n"
-"Plural-Forms: nplurals=2; plural=(n != 1);\n"
-
-#: pkg/service/templates.go:39
-msgid "Access to Space {space} lost"
-msgstr "Tillgång till arbetsytan {space} förlorades"
-
-#: pkg/service/templates.go:54
-msgid "Access to {resource} expired"
-msgstr "Åtkomst till {resource} har gått ut"
-
-#: pkg/service/templates.go:59
-msgid ""
-"Attention! The instance will be shut down and deprovisioned on {date}. "
-"Download all your data before that date as no access past that date is "
-"possible."
-msgstr ""
-"Observera! Instansen kommer att stängas ned och avprovisioneras den {date}. "
-"Ladda ner alla dina data före det datumet, eftersom det inte går att komma "
-"åt dem efter det datumet."
-
-#: pkg/service/templates.go:14
-msgid "File {resource} was deleted because it violates the policies"
-msgstr "Filen {resource} har raderats eftersom den bryter mot riktlinjerna"
-
-#: pkg/service/templates.go:58
-msgid "Instance will be shut down and deprovisioned"
-msgstr "Instansen kommer att stängas av och avprovisioneras"
-
-#: pkg/service/templates.go:38
-msgid "Membership expired"
-msgstr "Medlemskapet har gått ut"
-
-#: pkg/service/templates.go:13
-msgid "Policies enforced"
-msgstr "Genomdrivna riktlinjer"
-
-#: pkg/service/templates.go:23
-msgid "Removed from Space"
-msgstr "Togs bort från arbetsytan"
-
-#: pkg/service/templates.go:43
-msgid "Resource shared"
-msgstr "Resurs delad"
-
-#: pkg/service/templates.go:48
-msgid "Resource unshared"
-msgstr "Resursen delas inte"
-
-#: pkg/service/templates.go:53
-msgid "Share expired"
-msgstr "Delning har löpt ut"
-
-#: pkg/service/templates.go:33
-msgid "Space deleted"
-msgstr "Arbetsytan togs bort"
-
-#: pkg/service/templates.go:28
-msgid "Space disabled"
-msgstr "Arbetsytan inaktiverad"
-
-#: pkg/service/templates.go:18
-msgid "Space shared"
-msgstr "Arbetsytan delad"
-
-#: pkg/service/templates.go:8
-msgid "Virus found"
-msgstr "Virus hittades"
-
-#: pkg/service/templates.go:9
-msgid "Virus found in {resource}. Upload not possible. Virus: {virus}"
-msgstr "Virus hittades i {resource}. Uppladdning omöjlig. Virus: {virus}"
-
-#: pkg/service/templates.go:19
-msgid "{user} added you to Space {space}"
-msgstr "{user} har lagt till dig i arbetsytan {space}"
-
-#: pkg/service/templates.go:34
-msgid "{user} deleted Space {space}"
-msgstr "{user} tog bort arbetsytan {space}"
-
-#: pkg/service/templates.go:29
-msgid "{user} disabled Space {space}"
-msgstr "{user} inaktiverade arbetsytan {space}"
-
-#: pkg/service/templates.go:24
-msgid "{user} removed you from Space {space}"
-msgstr "{user} har tagit bort dig från arbetsytan {space}"
-
-#: pkg/service/templates.go:44
-msgid "{user} shared {resource} with you"
-msgstr "{user} delade {resource} med dig"
-
-#: pkg/service/templates.go:49
-msgid "{user} unshared {resource} with you"
-msgstr "{user} tog bort delning av {resource} med dig"
--- a/services/userlog/pkg/service/l10n/locale/zh/LC_MESSAGES/userlog.po
+++ b/services/userlog/pkg/service/l10n/locale/zh/LC_MESSAGES/userlog.po
@@ -11,7 +11,7 @@ msgid ""
 msgstr ""
 "Project-Id-Version: \n"
 "Report-Msgid-Bugs-To: EMAIL\n"
-"POT-Creation-Date: 2025-11-09 00:02+0000\n"
+"POT-Creation-Date: 2025-10-20 00:01+0000\n"
 "PO-Revision-Date: 2025-01-27 10:17+0000\n"
 "Last-Translator: YQS Yang, 2025\n"
 "Language-Team: Chinese (https://app.transifex.com/opencloud-eu/teams/204053/zh/)\n"
--- a/services/web/Makefile
+++ b/services/web/Makefile
@@ -1,6 +1,6 @@
 SHELL := bash
 NAME := web
-WEB_ASSETS_VERSION = v4.2.1-alpha.1
+WEB_ASSETS_VERSION = v4.2.0
 WEB_ASSETS_BRANCH = main

 ifneq (, $(shell command -v go 2> /dev/null)) # suppress `command not found warnings` for non go targets in CI
--- a/tests/README.md
+++ b/tests/README.md
@@ -477,15 +477,6 @@ For antivirus running localy on Linux OS, use `ANTIVIRUS_CLAMAV_SOCKET= "/var/ru
 For antivirus running localy on Mac OS, use `ANTIVIRUS_CLAMAV_SOCKET= "/tmp/clamd.sock"`.
 For antivirus running with docker, use `ANTIVIRUS_CLAMAV_SOCKET= "tcp://host.docker.internal:3310"`

-### Create virus files
-
-The antivirus tests require EICAR test files which are not stored in the repository
-They are generated dynamically when needed for testing.
-
-```bash
-tests/acceptance/scripts/generate-virus-files.sh
-```
-
 #### Run the Acceptance Test

 Run the acceptance test with the following command:
--- a/tests/acceptance/bootstrap/NotificationContext.php
+++ b/tests/acceptance/bootstrap/NotificationContext.php
@@ -399,7 +399,7 @@ class NotificationContext implements Context {
 			$this->featureContext->theHTTPStatusCodeShouldBe(200, "", $response);
 			++$count;
 		} while (!isset($this->filterResponseAccordingToNotificationSubject($subject, $response)->message)
-			&& $count <= 10
+			&& $count <= 5
 		);
 		if (isset($this->filterResponseAccordingToNotificationSubject($subject, $response)->message)) {
 			$actualMessage = str_replace(
--- a/tests/acceptance/bootstrap/SearchContext.php
+++ b/tests/acceptance/bootstrap/SearchContext.php
@@ -147,7 +147,7 @@ class SearchContext implements Context {
 	): void {
 		// NOTE: because indexing of newly uploaded files or directories with OpenCloud is decoupled and occurs asynchronously
 		// short wait is necessary before searching
-		sleep(10);
+		sleep(5);
 		$response = $this->searchFiles($user, $pattern, $limit, null, null, null, $properties);
 		$this->featureContext->setResponse($response);
 	}
--- a/tests/acceptance/features/apiAntivirus/antivirus.feature
+++ b/tests/acceptance/features/apiAntivirus/antivirus.feature
@@ -37,11 +37,11 @@ Feature: antivirus
    And as "Alice" file "<new-file-name>" should not exist
    Examples:
      | dav-path-version | file-name     | new-file-name  | message                                                                         |
-      | old              | eicar.com     | virusFile1.txt | Virus found in virusFile1.txt. Upload not possible. Virus: Win.Test.EICAR_HDB-1 |
+      | old              | eicar.com     | virusFile1.txt | Virus found in virusFile1.txt. Upload not possible. Virus: Eicar-Signature      |
      | old              | eicar_com.zip | virusFile2.zip | Virus found in virusFile2.zip. Upload not possible. Virus: Win.Test.EICAR_HDB-1 |
-      | new              | eicar.com     | virusFile1.txt | Virus found in virusFile1.txt. Upload not possible. Virus: Win.Test.EICAR_HDB-1 |
+      | new              | eicar.com     | virusFile1.txt | Virus found in virusFile1.txt. Upload not possible. Virus: Eicar-Signature      |
      | new              | eicar_com.zip | virusFile2.zip | Virus found in virusFile2.zip. Upload not possible. Virus: Win.Test.EICAR_HDB-1 |
-      | spaces           | eicar.com     | virusFile1.txt | Virus found in virusFile1.txt. Upload not possible. Virus: Win.Test.EICAR_HDB-1 |
+      | spaces           | eicar.com     | virusFile1.txt | Virus found in virusFile1.txt. Upload not possible. Virus: Eicar-Signature      |
      | spaces           | eicar_com.zip | virusFile2.zip | Virus found in virusFile2.zip. Upload not possible. Virus: Win.Test.EICAR_HDB-1 |


@@ -65,11 +65,11 @@ Feature: antivirus
      """
    Examples:
      | dav-path-version | file-name     | new-file-name  | message                                                                         |
-      | old              | eicar.com     | virusFile1.txt | Virus found in virusFile1.txt. Upload not possible. Virus: Win.Test.EICAR_HDB-1 |
+      | old              | eicar.com     | virusFile1.txt | Virus found in virusFile1.txt. Upload not possible. Virus: Eicar-Signature      |
      | old              | eicar_com.zip | virusFile2.zip | Virus found in virusFile2.zip. Upload not possible. Virus: Win.Test.EICAR_HDB-1 |
-      | new              | eicar.com     | virusFile1.txt | Virus found in virusFile1.txt. Upload not possible. Virus: Win.Test.EICAR_HDB-1 |
+      | new              | eicar.com     | virusFile1.txt | Virus found in virusFile1.txt. Upload not possible. Virus: Eicar-Signature      |
      | new              | eicar_com.zip | virusFile2.zip | Virus found in virusFile2.zip. Upload not possible. Virus: Win.Test.EICAR_HDB-1 |
-      | spaces           | eicar.com     | virusFile1.txt | Virus found in virusFile1.txt. Upload not possible. Virus: Win.Test.EICAR_HDB-1 |
+      | spaces           | eicar.com     | virusFile1.txt | Virus found in virusFile1.txt. Upload not possible. Virus: Eicar-Signature      |
      | spaces           | eicar_com.zip | virusFile2.zip | Virus found in virusFile2.zip. Upload not possible. Virus: Win.Test.EICAR_HDB-1 |


@@ -111,11 +111,11 @@ Feature: antivirus
    And as "Alice" file "/uploadFolder/<new-file-name>" should not exist
    Examples:
      | dav-path-version | file-name     | new-file-name  | message                                                                         |
-      | old              | eicar.com     | virusFile1.txt | Virus found in virusFile1.txt. Upload not possible. Virus: Win.Test.EICAR_HDB-1 |
+      | old              | eicar.com     | virusFile1.txt | Virus found in virusFile1.txt. Upload not possible. Virus: Eicar-Signature      |
      | old              | eicar_com.zip | virusFile2.zip | Virus found in virusFile2.zip. Upload not possible. Virus: Win.Test.EICAR_HDB-1 |
-      | new              | eicar.com     | virusFile1.txt | Virus found in virusFile1.txt. Upload not possible. Virus: Win.Test.EICAR_HDB-1 |
+      | new              | eicar.com     | virusFile1.txt | Virus found in virusFile1.txt. Upload not possible. Virus: Eicar-Signature      |
      | new              | eicar_com.zip | virusFile2.zip | Virus found in virusFile2.zip. Upload not possible. Virus: Win.Test.EICAR_HDB-1 |
-      | spaces           | eicar.com     | virusFile1.txt | Virus found in virusFile1.txt. Upload not possible. Virus: Win.Test.EICAR_HDB-1 |
+      | spaces           | eicar.com     | virusFile1.txt | Virus found in virusFile1.txt. Upload not possible. Virus: Eicar-Signature      |
      | spaces           | eicar_com.zip | virusFile2.zip | Virus found in virusFile2.zip. Upload not possible. Virus: Win.Test.EICAR_HDB-1 |

  @issue-10331
@@ -137,11 +137,11 @@ Feature: antivirus
    And as "Alice" file "/uploadFolder/<new-file-name>" should not exist
    Examples:
      | dav-path-version | file-name     | new-file-name  | message                                                                         |
-      | old              | eicar.com     | virusFile1.txt | Virus found in virusFile1.txt. Upload not possible. Virus: Win.Test.EICAR_HDB-1 |
+      | old              | eicar.com     | virusFile1.txt | Virus found in virusFile1.txt. Upload not possible. Virus: Eicar-Signature      |
      | old              | eicar_com.zip | virusFile2.zip | Virus found in virusFile2.zip. Upload not possible. Virus: Win.Test.EICAR_HDB-1 |
-      | new              | eicar.com     | virusFile1.txt | Virus found in virusFile1.txt. Upload not possible. Virus: Win.Test.EICAR_HDB-1 |
+      | new              | eicar.com     | virusFile1.txt | Virus found in virusFile1.txt. Upload not possible. Virus: Eicar-Signature      |
      | new              | eicar_com.zip | virusFile2.zip | Virus found in virusFile2.zip. Upload not possible. Virus: Win.Test.EICAR_HDB-1 |
-      | spaces           | eicar.com     | virusFile1.txt | Virus found in virusFile1.txt. Upload not possible. Virus: Win.Test.EICAR_HDB-1 |
+      | spaces           | eicar.com     | virusFile1.txt | Virus found in virusFile1.txt. Upload not possible. Virus: Eicar-Signature      |
      | spaces           | eicar_com.zip | virusFile2.zip | Virus found in virusFile2.zip. Upload not possible. Virus: Win.Test.EICAR_HDB-1 |


@@ -165,11 +165,11 @@ Feature: antivirus
    And as "Alice" file "/uploadFolder/<new-file-name>" should not exist
    Examples:
      | dav-path-version | file-name     | new-file-name  | message                                                                         |
-      | old              | eicar.com     | virusFile1.txt | Virus found in virusFile1.txt. Upload not possible. Virus: Win.Test.EICAR_HDB-1 |
+      | old              | eicar.com     | virusFile1.txt | Virus found in virusFile1.txt. Upload not possible. Virus: Eicar-Signature      |
      | old              | eicar_com.zip | virusFile2.zip | Virus found in virusFile2.zip. Upload not possible. Virus: Win.Test.EICAR_HDB-1 |
-      | new              | eicar.com     | virusFile1.txt | Virus found in virusFile1.txt. Upload not possible. Virus: Win.Test.EICAR_HDB-1 |
+      | new              | eicar.com     | virusFile1.txt | Virus found in virusFile1.txt. Upload not possible. Virus: Eicar-Signature      |
      | new              | eicar_com.zip | virusFile2.zip | Virus found in virusFile2.zip. Upload not possible. Virus: Win.Test.EICAR_HDB-1 |
-      | spaces           | eicar.com     | virusFile1.txt | Virus found in virusFile1.txt. Upload not possible. Virus: Win.Test.EICAR_HDB-1 |
+      | spaces           | eicar.com     | virusFile1.txt | Virus found in virusFile1.txt. Upload not possible. Virus: Eicar-Signature      |
      | spaces           | eicar_com.zip | virusFile2.zip | Virus found in virusFile2.zip. Upload not possible. Virus: Win.Test.EICAR_HDB-1 |


@@ -195,11 +195,11 @@ Feature: antivirus
    And as "Alice" file "/uploadFolder/<new-file-name>" should not exist
    Examples:
      | dav-path-version | file-name     | new-file-name  | message                                                                         |
-      | old              | eicar.com     | virusFile1.txt | Virus found in virusFile1.txt. Upload not possible. Virus: Win.Test.EICAR_HDB-1 |
+      | old              | eicar.com     | virusFile1.txt | Virus found in virusFile1.txt. Upload not possible. Virus: Eicar-Signature      |
      | old              | eicar_com.zip | virusFile2.zip | Virus found in virusFile2.zip. Upload not possible. Virus: Win.Test.EICAR_HDB-1 |
-      | new              | eicar.com     | virusFile1.txt | Virus found in virusFile1.txt. Upload not possible. Virus: Win.Test.EICAR_HDB-1 |
+      | new              | eicar.com     | virusFile1.txt | Virus found in virusFile1.txt. Upload not possible. Virus: Eicar-Signature      |
      | new              | eicar_com.zip | virusFile2.zip | Virus found in virusFile2.zip. Upload not possible. Virus: Win.Test.EICAR_HDB-1 |
-      | spaces           | eicar.com     | virusFile1.txt | Virus found in virusFile1.txt. Upload not possible. Virus: Win.Test.EICAR_HDB-1 |
+      | spaces           | eicar.com     | virusFile1.txt | Virus found in virusFile1.txt. Upload not possible. Virus: Eicar-Signature      |
      | spaces           | eicar_com.zip | virusFile2.zip | Virus found in virusFile2.zip. Upload not possible. Virus: Win.Test.EICAR_HDB-1 |


@@ -224,7 +224,7 @@ Feature: antivirus
      | /<new-file-name> |
    Examples:
      | file-name     | new-file-name  | message                                                                         |
-      | eicar.com     | virusFile1.txt | Virus found in virusFile1.txt. Upload not possible. Virus: Win.Test.EICAR_HDB-1 |
+      | eicar.com     | virusFile1.txt | Virus found in virusFile1.txt. Upload not possible. Virus: Eicar-Signature      |
      | eicar_com.zip | virusFile2.zip | Virus found in virusFile2.zip. Upload not possible. Virus: Win.Test.EICAR_HDB-1 |


@@ -249,7 +249,7 @@ Feature: antivirus
      | /<new-file-name> |
    Examples:
      | file-name     | new-file-name  | message                                                                         |
-      | eicar.com     | virusFile1.txt | Virus found in virusFile1.txt. Upload not possible. Virus: Win.Test.EICAR_HDB-1 |
+      | eicar.com     | virusFile1.txt | Virus found in virusFile1.txt. Upload not possible. Virus: Eicar-Signature      |
      | eicar_com.zip | virusFile2.zip | Virus found in virusFile2.zip. Upload not possible. Virus: Win.Test.EICAR_HDB-1 |

  @env-config  @issue-6494
@@ -273,7 +273,7 @@ Feature: antivirus
    Then the HTTP status code should be "201"
    And user "Alice" should get a notification with subject "Virus found" and message:
      | message                                                                             |
-      | Virus found in aFileWithVirus.txt. Upload not possible. Virus: Win.Test.EICAR_HDB-1 |
+      | Virus found in aFileWithVirus.txt. Upload not possible. Virus: Eicar-Signature |
    And as "Alice" file "/aFileWithVirus.txt" should not exist
    Examples:
      | dav-path-version |
@@ -305,13 +305,13 @@ Feature: antivirus
      | <message> |
    And as "Alice" file "/aFileWithVirus.txt" should not exist
    Examples:
-      | dav-path-version | language | subject          | message                                                                                                                        |
-      | old              | es       | Virus encontrado | Virus encontrado en aFileWithVirus.txt. La subida no ha sido posible. Virus: Win.Test.EICAR_HDB-1                              |
-      | new              | es       | Virus encontrado | Virus encontrado en aFileWithVirus.txt. La subida no ha sido posible. Virus: Win.Test.EICAR_HDB-1                              |
-      | spaces           | es       | Virus encontrado | Virus encontrado en aFileWithVirus.txt. La subida no ha sido posible. Virus: Win.Test.EICAR_HDB-1                              |
-      | old              | de       | Virus gefunden   | In aFileWithVirus.txt wurde potenziell schädlicher Code gefunden. Das Hochladen wurde abgebrochen. Grund: Win.Test.EICAR_HDB-1 |
-      | new              | de       | Virus gefunden   | In aFileWithVirus.txt wurde potenziell schädlicher Code gefunden. Das Hochladen wurde abgebrochen. Grund: Win.Test.EICAR_HDB-1 |
-      | spaces           | de       | Virus gefunden   | In aFileWithVirus.txt wurde potenziell schädlicher Code gefunden. Das Hochladen wurde abgebrochen. Grund: Win.Test.EICAR_HDB-1 |
+      | dav-path-version | language | subject          | message                                                                                                                   |
+      | old              | es       | Virus encontrado | Virus encontrado en aFileWithVirus.txt. La subida no ha sido posible. Virus: Eicar-Signature                              |
+      | new              | es       | Virus encontrado | Virus encontrado en aFileWithVirus.txt. La subida no ha sido posible. Virus: Eicar-Signature                              |
+      | spaces           | es       | Virus encontrado | Virus encontrado en aFileWithVirus.txt. La subida no ha sido posible. Virus: Eicar-Signature                                     |
+      | old              | de       | Virus gefunden   | In aFileWithVirus.txt wurde potenziell schädlicher Code gefunden. Das Hochladen wurde abgebrochen. Grund: Eicar-Signature |
+      | new              | de       | Virus gefunden   | In aFileWithVirus.txt wurde potenziell schädlicher Code gefunden. Das Hochladen wurde abgebrochen. Grund: Eicar-Signature |
+      | spaces           | de       | Virus gefunden   | In aFileWithVirus.txt wurde potenziell schädlicher Code gefunden. Das Hochladen wurde abgebrochen. Grund: Eicar-Signature |

  @issue-enterprise-5709
  Scenario Outline: try to create a version of file by uploading virus content
@@ -477,7 +477,7 @@ Feature: antivirus
    When user "Brian" uploads a file "filesForUpload/filesWithVirus/eicar.com" to "text.txt" in space "new-space" using the WebDAV API
    Then the HTTP status code should be "204"
    And user "Brian" should get a notification with subject "Virus found" and message:
-      | message                                                                   |
-      | Virus found in text.txt. Upload not possible. Virus: Win.Test.EICAR_HDB-1 |
+      | message                                                              |
+      | Virus found in text.txt. Upload not possible. Virus: Eicar-Signature |
    And for user "Brian" the content of the file "/text.txt" of the space "new-space" should be "hello world"
    And for user "Alice" the content of the file "/text.txt" of the space "new-space" should be "hello world"
--- a/tests/acceptance/features/cliCommands/removeFileVersions.feature
+++ b/tests/acceptance/features/cliCommands/removeFileVersions.feature
@@ -11,7 +11,7 @@ Feature: remove file versions via CLI command
    And user "Alice" has uploaded file with content "This is version 3" to "textfile.txt"
    When the administrator removes all the file versions using the CLI
    Then the command should be successful
-    And the command output should contain "✅ Deleted 2 revisions (6 files / 2 blobs)"
+    And the command output should contain "✅ Deleted 2 revisions (4 files / 2 blobs)"
    When user "Alice" gets the number of versions of file "textfile.txt"
    Then the HTTP status code should be "207"
    And the number of versions should be "0"
@@ -26,7 +26,7 @@ Feature: remove file versions via CLI command
    And user "Alice" has uploaded file with content "This is version 3" to "anotherFile.txt"
    When the administrator removes the versions of file "randomFile.txt" of user "Alice" from space "Personal" using the CLI
    Then the command should be successful
-    And the command output should contain "✅ Deleted 2 revisions (6 files / 2 blobs)"
+    And the command output should contain "✅ Deleted 2 revisions (4 files / 2 blobs)"
    When user "Alice" gets the number of versions of file "randomFile.txt"
    Then the HTTP status code should be "207"
    And the number of versions should be "0"
@@ -52,7 +52,7 @@ Feature: remove file versions via CLI command
    And we save it into "EPSUM_FILEID"
    When the administrator removes the file versions of space "projectSpace" using the CLI
    Then the command should be successful
-    And the command output should contain "✅ Deleted 4 revisions (12 files / 4 blobs)"
+    And the command output should contain "✅ Deleted 4 revisions (8 files / 4 blobs)"
    When user "Alice" gets the number of versions of file "file.txt"
    Then the HTTP status code should be "207"
    And the number of versions should be "2"
--- a/tests/acceptance/features/collaborativePosix/collaborativePosixFS.feature
+++ b/tests/acceptance/features/collaborativePosix/collaborativePosixFS.feature
@@ -155,7 +155,6 @@ Feature: create a resources using collaborative posixfs
      | sharee          | Brian        |
      | shareType       | user         |
      | permissionsRole | Viewer       |
-    And user "Brian" has a share "textfile.txt" synced
    When the administrator renames the file "textfile.txt" to "new-name.txt" for user "Alice" on the POSIX filesystem
    Then the command should be successful
    And user "Brian" should have a share "textfile.txt" shared by user "Alice" from space "Personal"
--- a/tests/acceptance/features/coreApiShareOperationsToShares2/uploadToShare.feature
+++ b/tests/acceptance/features/coreApiShareOperationsToShares2/uploadToShare.feature
@@ -18,7 +18,6 @@ Feature: sharing
      | sharee          | Brian    |
      | shareType       | user     |
      | permissionsRole | Viewer   |
-    And user "Brian" has a share "FOLDER" synced
    When user "Brian" uploads file "filesForUpload/textfile.txt" to "/Shares/FOLDER/textfile.txt" using the WebDAV API
    Then the HTTP status code should be "403"
    And as "Alice" file "/FOLDER/textfile.txt" should not exist
--- a/tests/acceptance/filesForUpload/filesWithVirus/eicar.com
+++ b/tests/acceptance/filesForUpload/filesWithVirus/eicar.com
@@ -0,0 +1 @@
+X5O!P%@AP[4\PZX54(P^)7CC)7}$EICAR-STANDARD-ANTIVIRUS-TEST-FILE!$H+H*
--- a/tests/acceptance/filesForUpload/filesWithVirus/eicar_com.zip
+++ b/tests/acceptance/filesForUpload/filesWithVirus/eicar_com.zip
--- a/tests/acceptance/scripts/lint-expected-failures.sh
+++ b/tests/acceptance/scripts/lint-expected-failures.sh
--- a/tests/acceptance/scripts/run.sh
+++ b/tests/acceptance/scripts/run.sh
@@ -11,7 +11,7 @@ echo 'Script path: '${SCRIPT_PATH}
 # This gives flexibility for callers that have installed their own behat
 if [ -z "${BEHAT_BIN}" ]
 then
-	BEHAT=${SCRIPT_PATH}/../../../vendor-bin/behat/vendor/bin/behat
+	BEHAT=${SCRIPT_PATH}/../../vendor-bin/behat/vendor/bin/behat
 else
 	BEHAT=${BEHAT_BIN}
 fi
--- a/tests/acceptance/scripts/run_api_tests.sh
+++ b/tests/acceptance/scripts/run_api_tests.sh
--- a/tests/acceptance/scripts/run_e2e_tests.sh
+++ b/tests/acceptance/scripts/run_e2e_tests.sh
--- a/tests/acceptance/scripts/generate-virus-files.sh
+++ b/tests/acceptance/scripts/generate-virus-files.sh
@@ -1,19 +0,0 @@
-#!/bin/bash
-# tests/acceptance/scripts/generate-virus-files.sh
-
-set -e
-
-SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
-TARGET_DIR="$SCRIPT_DIR/../filesForUpload/filesWithVirus"
-
-echo "Generating EICAR test files..."
-
-mkdir -p "$TARGET_DIR"
-
-cd "$TARGET_DIR"
-
-echo "Downloading eicar.com..."
-curl -s -o eicar.com https://secure.eicar.org/eicar.com
-
-echo "Downloading eicar_com.zip..."
-curl -s -o eicar_com.zip https://secure.eicar.org/eicar_com.zip
--- a/vendor/github.com/KimMachineGun/automemlimit/memlimit/cgroups.go
+++ b/vendor/github.com/KimMachineGun/automemlimit/memlimit/cgroups.go
@@ -103,8 +103,8 @@ func getMemoryLimitV2(chs []cgroupHierarchy, mis []mountInfo) (uint64, error) {
 		return 0, err
 	}

-	// retrieve the memory limit from the memory.max recursively.
-	return walkCgroupV2Hierarchy(cgroupPath, mountPoint)
+	// retrieve the memory limit from the memory.max file
+	return readMemoryLimitV2FromPath(filepath.Join(cgroupPath, "memory.max"))
 }

 // readMemoryLimitV2FromPath reads the memory limit for cgroup v2 from the given path.
@@ -131,39 +131,6 @@ func readMemoryLimitV2FromPath(path string) (uint64, error) {
 	return limit, nil
 }

-// walkCgroupV2Hierarchy walks up the cgroup v2 hierarchy to find the most restrictive memory limit.
-func walkCgroupV2Hierarchy(cgroupPath, mountPoint string) (uint64, error) {
-	var (
-		found              = false
-		minLimit    uint64 = math.MaxUint64
-		currentPath        = cgroupPath
-	)
-	for {
-		limit, err := readMemoryLimitV2FromPath(filepath.Join(currentPath, "memory.max"))
-		if err != nil && !errors.Is(err, ErrNoLimit) {
-			return 0, err
-		} else if err == nil {
-			found = true
-			minLimit = min(minLimit, limit)
-		}
-
-		if currentPath == mountPoint {
-			break
-		}
-
-		parent := filepath.Dir(currentPath)
-		if parent == currentPath {
-			break
-		}
-		currentPath = parent
-	}
-	if !found {
-		return 0, ErrNoLimit
-	}
-
-	return minLimit, nil
-}
-
 // getMemoryLimitV1 retrieves the memory limit from the cgroup v1 controller.
 func getMemoryLimitV1(chs []cgroupHierarchy, mis []mountInfo) (uint64, error) {
 	// find the cgroup v1 path for the memory controller.
--- a/vendor/github.com/coreos/go-systemd/v22/journal/journal.go
+++ b/vendor/github.com/coreos/go-systemd/v22/journal/journal.go
@@ -41,6 +41,6 @@ const (
 )

 // Print prints a message to the local systemd journal using Send().
-func Print(priority Priority, format string, a ...any) error {
+func Print(priority Priority, format string, a ...interface{}) error {
 	return Send(fmt.Sprintf(format, a...), priority, nil)
 }
--- a/vendor/github.com/coreos/go-systemd/v22/journal/journal_unix.go
+++ b/vendor/github.com/coreos/go-systemd/v22/journal/journal_unix.go
@@ -13,6 +13,7 @@
 // limitations under the License.

 //go:build !windows
+// +build !windows

 // Package journal provides write bindings to the local systemd journal.
 // It is implemented in pure Go and connects to the journal directly over its
@@ -30,6 +31,7 @@ import (
 	"errors"
 	"fmt"
 	"io"
+	"io/ioutil"
 	"net"
 	"os"
 	"strconv"
@@ -192,7 +194,7 @@ func appendVariable(w io.Writer, name, value string) {
 		 * - the data, followed by a newline
 		 */
 		fmt.Fprintln(w, name)
-		_ = binary.Write(w, binary.LittleEndian, uint64(len(value)))
+		binary.Write(w, binary.LittleEndian, uint64(len(value)))
 		fmt.Fprintln(w, value)
 	} else {
 		/* just write the variable and value all on one line */
@@ -212,7 +214,7 @@ func validVarName(name string) error {
 	}

 	for _, c := range name {
-		if ('A' > c || c > 'Z') && ('0' > c || c > '9') && c != '_' {
+		if !(('A' <= c && c <= 'Z') || ('0' <= c && c <= '9') || c == '_') {
 			return errors.New("Variable name contains invalid characters")
 		}
 	}
@@ -237,7 +239,7 @@ func isSocketSpaceError(err error) bool {

 // tempFd creates a temporary, unlinked file under `/dev/shm`.
 func tempFd() (*os.File, error) {
-	file, err := os.CreateTemp("/dev/shm/", "journal.XXXXX")
+	file, err := ioutil.TempFile("/dev/shm/", "journal.XXXXX")
 	if err != nil {
 		return nil, err
 	}
--- a/vendor/github.com/open-policy-agent/opa/capabilities/v1.10.0.json
+++ b/vendor/github.com/open-policy-agent/opa/capabilities/v1.10.0.json
--- a/vendor/github.com/open-policy-agent/opa/capabilities/v1.10.1.json
+++ b/vendor/github.com/open-policy-agent/opa/capabilities/v1.10.1.json
--- a/vendor/github.com/open-policy-agent/opa/internal/bundle/utils.go
+++ b/vendor/github.com/open-policy-agent/opa/internal/bundle/utils.go
@@ -72,7 +72,7 @@ func LoadWasmResolversFromStore(ctx context.Context, store storage.Store, txn st
 	var resolvers []*wasm.Resolver
 	if len(resolversToLoad) > 0 {
 		// Get a full snapshot of the current data (including any from "outside" the bundles)
-		data, err := store.Read(ctx, txn, storage.RootPath)
+		data, err := store.Read(ctx, txn, storage.Path{})
 		if err != nil {
 			return nil, fmt.Errorf("failed to initialize wasm runtime: %s", err)
 		}
--- a/Show More
+++ b/Show More
				`@@ -0,0 +1 @@`
				`X5O!P%@AP[4\PZX54(P^)7CC)7}$EICAR-STANDARD-ANTIVIRUS-TEST-FILE!$H+H*`