Page History

...

A maven project can access the snapshot builds by adding the following repository in pom.xml :

<repository>
    <id>people.apache.org.snapshots</id>
    <name>people.apache.org.snapshots</name>
    <url>http://people.apache.org/repo/m2-snapshot-repository</url>
</repository>

...

Verifying Release Version and Revision

OpenJPA jar is self-describing and after downloading a release or nightly snapshot, you can find out the latest revision number included in the build by:

% java -jar your/path/to/openjpa.jar | grep revision

which will print the version and revision numbers, for example, as:

OpenJPA 2.1.0-SNAPSHOT
version id: openjpa-2.1.0-SNAPSHOT-r422266:935231

Apache svn revision: 422266:686421935231

which designates that the nightly build includes Apache SVN revision 686421 935231 as the latest.

Verifying Releases

We strongly recommend you verify the integrity of the downloaded files with both PGP and MD5. The PGP signatures can be verified using PGP or GPG. First download the KEYS as well as the *.asc signature file for the particular distribution. Make sure you get these files from the main distribution directory, rather than from a mirror. Then verify the signatures using one of the following sets of commands:

...

...

Verifying Release Files using the pgpk Utility

% pgpk -a KEYS
% pgpv openjpa-*.zip.asc

Verifying Release Files using the pgp Utility

% pgp -ka KEYS
% pgp openjpa-*.zip.asc

Verifying Release Files using the gpg Utility

% gpg --import KEYS
% gpg --verify openjpa-*.zip.asc

...