Calcite is released as a source artifact, and also through Maven.
To download a source distribution for a particular release, click on the tar link (for older releases, zip format is also available).
The commit hash links to github, which contains the release’s version control history but does not contain the definitive source artifacts.
For fast downloads, current source distributions are hosted on mirror servers; older source distributions are in the archive or incubator archive. If a download from a mirror fails, retry, and the second download will likely succeed.
For security, hash and signature files are always hosted at Apache.
Verify the integrity of the files
You must verify the integrity of the downloaded file using the PGP signature (.asc file) or a hash (.sha256; .md5 for older releases). For more information why this must be done, please read Verifying Apache Software Foundation Releases.
To verify the signature using GPG or PGP, please do the following:
- Download the release artifact and the corresponding PGP signature from the table above.
- Download the Apache Calcite KEYS file.
- Import the KEYS file and verify the downloaded artifact using one of the following methods:
Add the following to the dependencies section of your
<dependency> elements for any extension modules you
calcite-splunk, and so