Apache Atlas release artifacts are distributed via mirror sites and should be checked for tampering using GPG or SHA-256.
The table below lists release artifacts and their associated signatures and hashes. The keys used to sign the release artifacts can be found in our published KEYS file.
Version | Release Date | Tarball | GPG | Hash |
---|---|---|---|---|
0.8.1 | 2017-08-29 | source | signature | SHA512 |
0.8.0-incubating | 2017-03-16 | source | signature | SHA512 |
0.7.1-incubating | 2017-01-29 | source | signature | checksum |
0.7.0-incubating | 2016-07-09 | source | signature | SHA512 |
0.6.0-incubating | 2015-12-31 | source | signature | SHA |
0.5.0-incubating | 2015-06-22 | source | signature | SHA |
It is essential that you verify the integrity of the downloaded file using the PGP signature (.asc file) or a hash (.md5 or .sha* file). Please read Verifying Apache Software Foundation Releases for more information on why you should verify our releases.
The PGP signature can be verified using PGP or GPG, with the following steps:
% gpg --import KEYS % gpg --verify downloaded_file.asc downloaded_file
or
% pgpk -a KEYS % pgpv downloaded_file.asc
or
% pgp -ka KEYS % pgp downloaded_file.asc
Atlas 0.8.1 (Released on 2017/08/29)
Atlas 0.8-incubating (Released on 2017/03/16)
Atlas 0.7.1-incubating (Released on 2017/01/29)
Atlas 0.7-incubating (Released on 2016/07/09)
Atlas 0.6-incubating (Released on 2015/12/30)
Atlas 0.5-incubating (Released on 2015/07/09)