Please make sure you're downloading from a nearby +mirror site, not directly from www.apache.org.
+-The tar files in the distribution use GNU tar extensions +
The tar files in the distribution use GNU tar extensions and must be untarred with a GNU compatible version of tar. The version -of tar on Solaris and Mac OS X will not work with these files
- +of tar on Solaris will not work with these files +The changes in this release are detailed in the release notes.
Thank you for using Lucene.
-Many of the files have been digitally signed using GnuPG. If so, -there will be an accompanying file.asc signature -file in the same directory as the file (binaries/ or source/). The -signing keys can be found in the distribution directory at <http://www.apache.org/dist/lucene/java/KEYS>.
+All official source and binary releases are digitally signed using GnuPG. + You are encouraged to verify that your download is the official one by verifying + the digital signature. To do this you need, in addition to the downloaded file: +
-Always download the KEYS file directly from the Apache site, never from a mirror site.
+Always download the KEYS and .asc files directly from the Apache site at + <https://www.apache.org/dist/lucene/java/>, + and always over HTTPS. Never trust KEYS from a mirror site.
Always test available signatures, e.g., $ pgpk -a KEYS -$ pgpk lucene-1.4.tar.gz.asc +$ pgpk lucene-x.y.z.tar.gz.asc or, $ pgp -ka KEYS -$ pgp lucence-1.4.tar.gz.asc +$ pgp lucene-x.y.z.tar.gz.asc or, $ gpg --import KEYS -$ gpg --verify lucene-1.4.tar.gz.asc +$ gpg --verify lucene-x.y.z.tar.gz.asc ++ +
+ Alongside the release artifacts in the official Apache dist site you will also find other + files providing checksum hashes for each file, with suffix .sha1, .sha512 or .md5. + E.g. for lucene-x.y.z.tgz the lucene-x.y.z.tgz.sha1 file provides + the SHA-1 checksum. These are useful to verify that your download was complete and valid, + but will not prove that your download was digitally signed by an actual Apache committer. + For that you must check the .asc signature. +
+ +Calculate the checksum of your download and compare to the contents of the checksum files +$ shasum [-a 512] lucene-x.y.z.tgz +$ md5 lucene-x.y.z.tgz
+Please make sure you're downloading from a nearby +href="http://www.apache.org/dyn/closer.lua/lucene/solr/">a nearby mirror site, not directly from www.apache.org.
-For information about working with the most current (unofficial, unreleased)
-source code for Solr, please see the Solr Wiki.
+Note About tar.gz Files
+
The tar files in the distribution use GNU tar extensions +and must be untarred with a GNU compatible version of tar. The version +of tar on Solaris will not work with these files
+The official Solr Reference Guide can be downloaded from the ref-guide folder.
+The changes in each release are detailed in the release notes, to be found in the changes folder for the release.
Thank you for using Solr.
+ +All official source and binary releases are digitally signed using GnuPG. + You are encouraged to verify that your download is the official one by verifying + the digital signature. To do this you need, in addition to the downloaded file: +
+ +Always download the KEYS and .asc files directly from the Apache site at + <https://www.apache.org/dist/lucene/solr/>, + and always over HTTPS. Never trust KEYS from a mirror site.
+ +Always test available signatures, e.g., +$ pgpk -a KEYS +$ pgpk solr-x.y.z.tar.gz.asc +or, +$ pgp -ka KEYS +$ pgp solr-x.y.z.tar.gz.asc +or, +$ gpg --import KEYS +$ gpg --verify solr-x.y.z.tar.gz.asc ++ +
+ Alongside the release artifacts in the official Apache dist site you will also find other + files providing checksum hashes for each file, with suffix .sha1, .sha512 or .md5. + E.g. for solr-x.y.z.tgz the solr-x.y.z.tgz.sha1 file provides + the SHA-1 checksum. These are useful to verify that your download was complete and valid, + but will not prove that your download was digitally signed by an actual Apache committer. + For that you must check the .asc signature. +
+ +Calculate the checksum of your download and compare to the contents of the checksum files +$ shasum [-a 512] solr-x.y.z.tgz +$ md5 solr-x.y.z.tgz ++ +
+Older versions of Solr can be found on archive.apache.org. +
+ + Index: pylucene/README.html IDEA additional info: Subsystem: com.intellij.openapi.diff.impl.patch.CharsetEP <+>UTF-8 =================================================================== --- pylucene/README.html (revision 21239) +++ pylucene/README.html (revision ) @@ -27,19 +27,19 @@ there will be an accompanying file.asc signature file in the same directory as the file. The signing keys can be found in the distribution directory at <http://www.apache.org/dist/lucene/pylucene/KEYS>. +HREF="https://www.apache.org/dist/lucene/pylucene/KEYS">https://www.apache.org/dist/lucene/pylucene/KEYS>.Always download the KEYS file directly from the Apache site, never from a mirror site.
Always test available signatures, e.g., $ pgpk -a KEYS -$ pgpk pylucene-2.4.1-1-src.tar.gz.asc +$ pgpk pylucene-x.y.z-src.tar.gz.asc or, $ pgp -ka KEYS -$ pgp pylucene-2.4.1-1-src.tar.gz.asc +$ pgp pylucene-x.y.z-src.tar.gz.asc or, $ gpg --import KEYS -$ gpg --verify pylucene-2.4.1-src.tar.gz.asc +$ gpg --verify pylucene-x.y.z-src.tar.gz.asc