Download the newest release of Apache Gora. Please Note Gora is ONLY released as source code and NOT binary. This is because you will most likely want to recompile various aspects of the codebase during or as a prerequisite to using Gora in your stack.
See the CHANGES file for more information on the list of updates in this release.
Gora is always distributed under the Apache License, version 2.0.
You require Apache Maven to build the Gora source code. Maven can either be downloaded and installed manually or alternatively via command line via your operating system package manager.
N.B. Gora is NOT tested against the Windows platform.
The link in the Mirrors column below should display a default mirror selection based on your inferred location. If (when you browse to it) you do not see that page, try a different browser. The checksum and signature are links to the originals on the main distribution server.
|Version||Mirrors||MD5 Checksum||Signature||SHA Checksum|
|Apache Gora 0.8 (tar.gz)||gora-0.8-src.tar.gz||gora-0.8-src.tar.gz.md5||gora-0.8-src.tar.gz.asc||gora-0.8-src.tar.gz.sha|
|Apache Gora 0.8 (zip)||gora-0.8-src.zip||gora-0.8-src.zip.md5||gora-0.8-src.zip.asc||gora-0.8-src.zip.sha|
It is essential that you verify the integrity of the downloaded files using the PGP, MD5 and/or SHA signatures. published with every Gora release.
Please read Verifying Apache HTTP Server Releases for more information on why you should verify our releases.
We strongly recommend you verify your downloads with at least both PGP and MD5. Guidance for doing so is provided below.
The PGP signatures can be verified using PGP or GPG. First download the KEYS as well as the asc signature file for the relevant distribution.
N.B.Make sure you get these files from the main distribution directory, rather than from a mirror. Then verify the signatures using the following
$ gpg --import KEYS $ gpg --verify gora-X.Y.Z-src.tar.gz.asc
The files in the most recent release are signed by Lewis John McGibbney (CODE SIGNING KEY) firstname.lastname@example.org 48BAEBF6
Alternatively, you can verify the MD5 signature on the files. A unix program called md5 or md5sum is included in many unix distributions.
$ md5sum apache-gora-X.Y.Z-src.tar.gz
or if you are on Mac OSX you can do
$ md5 apache-gora-X.Y.Z-src.tar.gz
... output should match the string in apache-gora-X.Y.Z.tar.gz.md5
All Apache Gora releases are available under the Apache License, Version 2.0. See the NOTICE.txt file contained in each release artifact for applicable copyright attribution notices.