AtomGraph · namedgraph · Apr 5, 2026 · Apr 1, 2026 · Apr 4, 2026 · Apr 5, 2026
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -1,3 +1,31 @@
+## [5.3.4] - 2026-04-05
+### Fixed
+- Do not append facet well into left-nav when there are no BGP triples
+- Hide progress bars when errors need to be shown in blocks
+- Exempt proxy requests from local ACL checks in `AuthorizationFilter` (#280)
+
+## [5.3.3] - 2026-04-01
+### Added
+- New HTTP test for non-existing namespaces
+- New HTTP test for not found files
+
+### Changed
+- Removed unused namespaces
+- More XSLT fixes related to optional applications
+- Making application optional in XSLT writer
+- Preserve URL fragment identifier in history `pushState`
+- `varnish_end_user_cache` volume (#279)
+
+### Fixed
+- Progress bar CSS fix
+- Throw 404 when file description is not found
+- Fix NPE in `CacheInvalidationFilter` when request scope is unavailable
+- Fixed WebID URI logging in entrypoint
+
+## [5.3.2] - 2026-03-30
+### Fixed
+- Fix `ClientUriRewriteFilter` host (#277)
+
 ## [5.3.1] - 2026-03-29
 ### Added
 - Namespace endpoint handles queries with relative URIs, resolved against the endpoint URL (#276 related)

diff --git a/http-tests/run.sh b/http-tests/run.sh
@@ -150,7 +150,7 @@ run_tests $(find ./imports/ -type f -name '*.sh')
 (( error_count += $? ))
 run_tests $(find ./document-hierarchy/ -type f -name '*.sh')
 (( error_count += $? ))
-run_tests $(find ./misc/ -type f -name 'PATCH-settings.sh')
+run_tests $(find ./misc/ -type f -name '*.sh')
 (( error_count += $? ))
 run_tests $(find ./proxy/ -type f -name '*.sh')
 (( error_count += $? ))

diff --git a/pom.xml b/pom.xml
@@ -3,7 +3,7 @@
 
     <groupId>com.atomgraph</groupId>
     <artifactId>linkeddatahub</artifactId>
-    <version>5.3.3</version>
+    <version>5.3.4-SNAPSHOT</version>
     <packaging>${packaging.type}</packaging>
 
     <name>AtomGraph LinkedDataHub</name>
@@ -46,7 +46,7 @@
         <url>https://github.com/AtomGraph/LinkedDataHub</url>
         <connection>scm:git:git://github.com/AtomGraph/LinkedDataHub.git</connection>
         <developerConnection>scm:git:git@github.com:AtomGraph/LinkedDataHub.git</developerConnection>
-        <tag>linkeddatahub-5.3.3</tag>
+        <tag>linkeddatahub-2.1.1</tag>
     </scm>
 
     <repositories>

diff --git a/src/main/java/com/atomgraph/linkeddatahub/Application.java b/src/main/java/com/atomgraph/linkeddatahub/Application.java
@@ -101,6 +101,7 @@
 import com.atomgraph.linkeddatahub.server.factory.OntologyFactory;
 import com.atomgraph.linkeddatahub.server.factory.ServiceFactory;
 import com.atomgraph.linkeddatahub.server.filter.request.OntologyFilter;
+import com.atomgraph.linkeddatahub.server.filter.request.ProxyRequestFilter;
 import com.atomgraph.linkeddatahub.server.filter.request.AuthorizationFilter;
 import com.atomgraph.linkeddatahub.server.filter.request.ContentLengthLimitFilter;
 import com.atomgraph.linkeddatahub.server.filter.request.auth.ProxiedWebIDFilter;
@@ -1098,6 +1099,7 @@ protected void registerContainerRequestFilters()
         register(ApplicationFilter.class);
         register(OntologyFilter.class);
         register(ProxiedWebIDFilter.class);
+        register(ProxyRequestFilter.class);
         register(AuthorizationFilter.class);
         if (getMaxContentLength() != null) register(new ContentLengthLimitFilter(getMaxContentLength()));
         register(new RDFPostMediaTypeInterceptor()); // for application/x-www-form-urlencoded

diff --git a/src/main/java/com/atomgraph/linkeddatahub/server/filter/request/AuthorizationFilter.java b/src/main/java/com/atomgraph/linkeddatahub/server/filter/request/AuthorizationFilter.java
@@ -16,7 +16,6 @@
  */
 package com.atomgraph.linkeddatahub.server.filter.request;
 
-import com.atomgraph.client.vocabulary.AC;
 import com.atomgraph.linkeddatahub.apps.model.EndUserApplication;
 import com.atomgraph.linkeddatahub.client.SesameProtocolClient;
 import com.atomgraph.linkeddatahub.server.exception.auth.AuthorizationException;
@@ -106,13 +105,6 @@ public void filter(ContainerRequestContext request) throws IOException
         if (request == null) throw new IllegalArgumentException("ContainerRequestContext cannot be null");
         if (log.isDebugEnabled()) log.debug("Authorizing request URI: {}", request.getUriInfo().getRequestUri());
 
-        // allow proxied URIs that are mapped to local files
-        if (request.getMethod().equals(HttpMethod.GET) && request.getUriInfo().getQueryParameters().containsKey(AC.uri.getLocalName()))
-        {
-            String proxiedURI = request.getUriInfo().getQueryParameters().getFirst(AC.uri.getLocalName());
-            if (getSystem().getDataManager().isMapped(proxiedURI)) return;
-        }
-
         Resource accessMode = ACCESS_MODES.get(request.getMethod());
         if (log.isDebugEnabled()) log.debug("Request method: {} ACL access mode: {}", request.getMethod(), accessMode);
         if (accessMode == null)
@@ -130,8 +122,6 @@ public void filter(ContainerRequestContext request) throws IOException
             }
         }
 
-        if (getDataset().isPresent()) return; // skip proxied dataspaces
-
         final Agent agent;
         if (request.getSecurityContext().getUserPrincipal() instanceof Agent) agent = ((Agent)(request.getSecurityContext().getUserPrincipal()));
         else agent = null; // public access
@@ -458,4 +448,4 @@ public ParameterizedSparqlString getOwnerACLQuery()
         return ownerAclQuery.copy();
     }
 
-}
+}