In relation to https://hackerone.com/reports/1177353
The audit log is used to get a full trail of the actions which is now incompletely. With possible important information.
It seems to be also listed on https://portal.nextcloud.com/article/using-the-audit-log-44.html
From my point of view a declined share is unshared again.