Release version 5.2.0

Author: namedgraph

.github/workflows/http-tests.yml

@@ -49,7 +49,7 @@ jobs:
         run: ./run.sh "$PWD/ssl/owner/cert.pem" "${{ secrets.HTTP_TEST_OWNER_CERT_PASSWORD }}" "$PWD/ssl/secretary/cert.pem" "${{ secrets.HTTP_TEST_SECRETARY_CERT_PASSWORD }}"
         shell: bash
         working-directory: http-tests
-      - name: Stop Docker containers
-        run: docker compose --env-file ./http-tests/.env down
+      - name: Stop Docker containers and remove volumes
+        run: docker compose --env-file ./http-tests/.env down -v
       - name: Remove Docker containers
         run: docker compose --env-file ./http-tests/.env rm -f

CHANGELOG.md

@@ -1,8 +1,22 @@
+## [5.2.0] - 2026-01-14
+### Added
+- Application settings form with modal UI for editing dataspace configuration
+- Settings endpoint (`/settings`) with `GET` and `PATCH` support for dataspace settings
+- HTTP tests for the settings endpoint
+- LinkedDataHub packages system with install/uninstall functionality
+
+### Changed
+- Core library refactored Graph Store Protocol implementation - split into `GraphStoreBase` (common functionality), `DirectGraphStoreImpl` (direct graph identification), and `GraphStoreImpl` (indirect graph identification with query parameters)
+- Incorporated AtomGraph Server code directly into LinkedDataHub codebase
+- System configuration dataset now uses named graphs instead of default graph
+- Web-Client dependency version bump
+- CLI scripts improved for better parameter handling
+
 ## [5.1.0] - 2025-12-12
 ### Added
 - ORCID OpenID Connect login support with JWT token verification
 - `CORSFilter` response filter for cross-origin resource sharing on static assets
-- Cache invalidation (BAN requests) for agent and user account lookup queries
+- Cache invalidation (`BAN` requests) for agent and user account lookup queries
 - New `Application::normalizeOrigin` method for origin normalization
 - `ldh:parent-origin` XPath function for parent origin retrieval
 - HTTP tests for CORS functionality, internal IP blocking, and form proxying

CLAUDE.md

@@ -112,4 +112,26 @@ export PATH="$(find bin -type d -exec realpath {} \; | tr '\n' ':')$PATH"
 - XSLT stylesheets are processed during build to inline XML entities
 - Saxon-JS SEF files are generated during Maven package phase for client-side XSLT
 - WebID certificates are required for authenticated API access
-- The system expects Jena CLI tools to be available (`JENA_HOME` environment variable)
+- The system expects Jena CLI tools to be available (`JENA_HOME` environment variable)
+
+## Debugging Test Failures
+
+When HTTP tests fail:
+1. NEVER speculate about failures - always add debug output first
+2. Add echo statements showing:
+    - The actual values being tested
+    - The expected values
+    - HTTP response codes and bodies where relevant
+3. Run the test to see actual output
+4. Only then diagnose and fix
+
+Example debug pattern:
+```bash
+result=$(curl ...)
+expected="..."
+echo "DEBUG: Expected: $expected"
+echo "DEBUG: Got: $result"
+if [ "$result" != "$expected" ]; then
+echo "DEBUG: Mismatch!"
+exit 1
+fi

README.md

@@ -105,6 +105,21 @@ The following tools are required for CLI scripts in the `bin/` directory:
   * There might go up to a minute before the web server is available because the nginx server depends on healthy LinkedDataHub and the healthcheck is done every 20s
   * You will likely get a browser warning such as `Your connection is not private` in Chrome or `Warning: Potential Security Risk Ahead` in Firefox due to the self-signed server certificate. Ignore it: click `Advanced` and `Proceed` or `Accept the risk` to proceed.
     * If this option does not appear in Chrome (as observed on some MacOS), you can open `chrome://flags/#allow-insecure-localhost`, switch `Allow invalid certificates for resources loaded from localhost` to `Enabled` and restart Chrome
+  * MacOS: Chrome subdomain support: Chrome on macOS requires the server certificate to be installed to the System keychain to properly load resources from dataspace subdomains (e.g., `admin.localhost:4443`). Firefox is more lenient and will work without this step.
+    1. Open **Keychain Access** (Applications > Utilities > Keychain Access)
+    2. Select **System** keychain in the left sidebar
+    3. **File** → **Import Items** → select `ssl/server/server.crt`
+    4. Enter your admin password when prompted
+    5. Double-click the "localhost" certificate
+    6. Expand the **Trust** section
+    7. Set "When using this certificate:" to **Always Trust**
+    8. Close the window (enter password again)
+    9. Completely quit Chrome (Cmd+Q) and restart
+
+    Alternatively, use the command line:
+    ```shell
+    sudo security add-trusted-cert -d -r trustRoot -k /Library/Keychains/System.keychain ssl/server/server.crt
+    ```
   * `.env_sample` and `.env` files might be invisible in MacOS Finder which hides filenames starting with a dot. You should be able to [create it using Terminal](https://stackoverflow.com/questions/5891365/mac-os-x-doesnt-allow-to-name-files-starting-with-a-dot-how-do-i-name-the-hta) however.
   * On Linux your user may need to be a member of the `docker` group. Add it using
   ```shell
@@ -187,7 +202,7 @@ The options are described in more detail in the [configuration documentation](ht
 
   If you need to start fresh and wipe the existing setup (e.g. after configuring a new base URI), you can do that using
   ```shell
-  sudo rm -rf data uploads && docker-compose down -v
+  sudo rm -rf fuseki uploads ssl datasets && docker-compose down -v
   ```
 
 _:warning: This will **remove the persisted data and files** as well as Docker volumes._
@@ -266,7 +281,6 @@ See the [Web-Algebra repository](https://github.com/AtomGraph/Web-Algebra) for s
 
 LinkedDataHub includes an HTTP [test suite](https://github.com/AtomGraph/LinkedDataHub/tree/master/http-tests). The server implementation is also covered by the [Processor test suite](https://github.com/AtomGraph/Processor/tree/master/http-tests).
 
-![HTTP-tests](https://github.com/AtomGraph/LinkedDataHub/actions/workflows/http-tests.yml/badge.svg)
 ![HTTP-tests](https://github.com/AtomGraph/LinkedDataHub/actions/workflows/http-tests.yml/badge.svg)
 
 ## Dependencies
@@ -287,8 +301,9 @@ LinkedDataHub includes an HTTP [test suite](https://github.com/AtomGraph/LinkedD
 * [java-jwt](https://github.com/auth0/java-jwt)
 * [ExpiringMap](https://github.com/jhalterman/expiringmap)
 * [CSV2RDF](https://github.com/AtomGraph/CSV2RDF)
-* [Processor](https://github.com/AtomGraph/Processor)
 * [Web-Client](https://github.com/AtomGraph/Web-Client)
+* [Twirl](https://github.com/AtomGraph/Twirl)
+* [jena-shacl](https://mvnrepository.com/artifact/org.apache.jena/jena-shacl)
 
 ### Docker
 

bin/admin/clear-ontology.sh

@@ -1,4 +1,5 @@
 #!/usr/bin/env bash
+set -eo pipefail
 
 print_usage()
 {