You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@lucy.apache.org by ma...@apache.org on 2011/06/02 03:52:26 UTC

[lucy-commits] svn commit: r1130372 - /incubator/lucy/site/trunk/content/lucy/download.mdtext

Author: marvin
Date: Thu Jun  2 01:52:26 2011
New Revision: 1130372

URL: http://svn.apache.org/viewvc?rev=1130372&view=rev
Log:
Update downloads page for 0.1.0.

- Install links to inaugural release 0.1.0.
- Change title to "Apache Lucy Downloads".
- Insert section on verifying signatures, derived from content on CouchDB's
  downloads page.
- Remove prominent link to development code.

Modified:
    incubator/lucy/site/trunk/content/lucy/download.mdtext

Modified: incubator/lucy/site/trunk/content/lucy/download.mdtext
URL: http://svn.apache.org/viewvc/incubator/lucy/site/trunk/content/lucy/download.mdtext?rev=1130372&r1=1130371&r2=1130372&view=diff
==============================================================================
--- incubator/lucy/site/trunk/content/lucy/download.mdtext (original)
+++ incubator/lucy/site/trunk/content/lucy/download.mdtext Thu Jun  2 01:52:26 2011
@@ -1,13 +1,44 @@
-Title: Apache Lucy Releases
+Title: Apache Lucy Downloads
 
-#### Releases
+#### Release 0.1.0
 
-Lucy has no official releases as of yet.
+ - [apache-lucy-incubating-0.1.0.tar.gz](http://www.apache.org/dyn/closer.cgi?path=/incubator/lucy/apache-lucy-incubating-0.1.0.tar.gz)
+ - [[OpenPGP]](http://www.apache.org/dist/incubator/lucy/apache-lucy-incubating-0.1.0.tar.gz.asc)
+ - [[MD5]](http://www.apache.org/dist/incubator/lucy/apache-lucy-incubating-0.1.0.tar.gz.md5)
+ - [[SHA1]](http://www.apache.org/dist/incubator/lucy/apache-lucy-incubating-0.1.0.tar.gz.sha1)
+ - [CHANGES](http://www.apache.org/dyn/closer.cgi?path=/incubator/lucy/CHANGES-0.1.0.txt)
+ - [KEYS](http://www.apache.org/dist/incubator/lucy/KEYS-0.1.0.txt)
 
-#### Development code
 
-Development code, which comes with all of the necessary caveats, can be
-obtained [here](/lucy/version_control.html).
+#### Verifying downloaded files
 
+After downloading release files from a mirror, please check the MD5 and SHA
+checksums as well as verifying the OpenPGP compatible signature available from
+the main Apache download site. The KEYS file contains the public keys used for
+signing release. It is recommended that a web of trust is used to confirm the
+identity of these keys.
 
+To verify the OpenPGP signature:
+
+        $ pgpk -a KEYS
+        $ pgpv apache-lucy-incubating-X.Y.Z.tar.gz.asc
+
+*or*
+
+        $ pgp -ka KEYS
+        $ pgp apache-lucy-incubating-X.Y.Z.tar.gz.asc
+
+*or*
+
+        $ gpg --import KEYS
+        $ gpg --verify apache-lucy-incubating-X.Y.Z.tar.gz.asc
+
+
+To verify the MD5 checksum:
+
+        $ md5sum --check apache-lucy-*.tar.gz.md5
+
+To verify the SHA1 checksum:
+
+        $ sha1sum --check apache-lucy-*.tar.gz.sha1