Download
Apache Pekko™ releases are available under the Apache License, Version 2.0. See the NOTICE file contained in each release artifact for applicable copyright attribution notices.
To ensure that you have downloaded the true release, you should verify the integrity of the files using the signatures and checksums available from this page.
Jars
We publish jars to Maven Central with the groupId org.apache.pekko
(list). These jars relate to the source downloads you find linked below.
Pekko Core
-
apache-pekko-1.0.3-src-20240619.tgz signature: (asc) checksum: (sha512)
-
apache-pekko-1.1.2-src-20241004.tgz signature: (asc) checksum: (sha512)
Pekko HTTP
-
apache-pekko-http-1.0.1-incubating-src-20240128.tgz signature: (asc) checksum: (sha512)
-
apache-pekko-http-1.1.0-src-20240922.tgz signature: (asc) checksum: (sha512)
Pekko gRPC
-
apache-pekko-grpc-1.0.2-incubating-src-20231229.tgz signature: (asc) checksum: (sha512)
-
apache-pekko-grpc-1.1.0-src-20241002.tgz signature: (asc) checksum: (sha512)
Pekko Management
- apache-pekko-management-1.0.0-incubating-src-20230805.tgz signature: (asc) checksum: (sha512)
There is also a milestone release. This release should not be used in production.
- apache-pekko-management-1.1.0-M1-src-20240613.tgz signature: (asc) checksum: (sha512)
Pekko Connectors
- apache-pekko-connectors-1.0.2-incubating-src-20240109.tgz signature: (asc) checksum: (sha512)
There is also a milestone release. This release should not be used in production.
- apache-pekko-connectors-1.1.0-M1-src-20240704.tgz signature: (asc) checksum: (sha512)
Pekko Connectors Kafka
-
apache-pekko-connectors-kafka-1.0.0-incubating-src-20230726.tgz signature: (asc) checksum: (sha512)
-
apache-pekko-connectors-kafka-1.1.0-src-20240916.tgz signature: (asc) checksum: (sha512)
Pekko Persistence Cassandra
- apache-pekko-persistence-cassandra-1.0.0-incubating-src-20230916.tgz signature: (asc) checksum: (sha512)
There is also a milestone release. This release should not be used in production.
- apache-pekko-persistence-cassandra-1.1.0-M1-src-20240715.tgz signature: (asc) checksum: (sha512)
Pekko Persistence DynamoDB
- apache-pekko-persistence-dynamodb-1.0.0-incubating-src-20231110.tgz signature: (asc) checksum: (sha512)
Pekko Persistence JDBC
-
apache-pekko-persistence-jdbc-1.0.0-incubating-src-20230829.tgz signature: (asc) checksum: (sha512)
-
apache-pekko-persistence-jdbc-1.1.0-src-20240914.tgz signature: (asc) checksum: (sha512)
Pekko Persistence R2DBC
- apache-pekko-persistence-r2dbc-1.0.0-incubating-src-20231209.tgz signature: (asc) checksum: (sha512)
Pekko Projection
- apache-pekko-projection-1.0.0-incubating-src-20231012.tgz signature: (asc) checksum: (sha512)
There is also a milestone release. This release should not be used in production.
- apache-pekko-projection-1.1.0-M1-src-20240823.tgz signature: (asc) checksum: (sha512)
Pekko SBT Paradox
- apache-pekko-sbt-paradox-1.0.1-incubating-src-20240305.tgz signature: (asc) checksum: (sha512)
Archives
Older releases can be found at:
Verifying Downloads
It is highly recommended that you verify the files that you download.
We provide SHA digest files for all the files that we host on the download site. These files are named after the files they relate to but have .sha512
extensions.
We also provide PGP signature files that can be verified using PGP or GPG. These files are named after the files they relate to but have .asc
.
Verifying Checksums
To verify the SHA digests, you need the .tgz
and its associated .tgz.sha512
file. An example command:
sha512sum -c apache-pekko-sbt-paradox-1.0.1-incubating-src-20240305.tgz.sha512
Returns:
apache-pekko-sbt-paradox-1.0.1-incubating-src-20240305.tgz: OK
Verifying Signatures
To verify the PGP signatures, you will need to get the KEYS file. This will be in the source archive or can be fetched from https://downloads.apache.org/pekko/KEYS.
gpg --import KEYS
To verify the SHA digests, you need the .tgz
and its associated .tgz.asc
file. An example command:
gpg --verify apache-pekko-sbt-paradox-1.0.1-incubating-src-20240305.tgz.asc apache-pekko-sbt-paradox-1.0.1-incubating-src-20240305.tgz
Returns:
gpg: Signature made Tue 5 Mar 11:36:27 2024 CET
gpg: using RSA key 3FD458B4420059F1F97C2563F6A21ED3A05F7F7B
gpg: Good signature from "Matthew de Detrich (CODE SIGNING KEY) <mdedetrich@apache.org>" [unknown]
gpg: WARNING: This key is not certified with a trusted signature!
gpg: There is no indication that the signature belongs to the owner.
Primary key fingerprint: 3FD4 58B4 4200 59F1 F97C 2563 F6A2 1ED3 A05F 7F7B
You should also verify the key using a command like:
% gpg --fingerprint 3FD458B4420059F1F97C2563F6A21ED3A05F7F7B
pub rsa4096 2023-06-16 [SC]
3FD4 58B4 4200 59F1 F97C 2563 F6A2 1ED3 A05F 7F7B
uid [ unknown] Matthew de Detrich (CODE SIGNING KEY) <mdedetrich@apache.org>
sub rsa4096 2023-06-16 [E]
sub rsa4096 2023-06-16 [A]