The most recent source and binary releases for the Apache Commons project are available from this directory listing. For older releases, please use the archives.
Name Last modified Size Description
Parent Directory - bcel/ 08-Dec-2017 13:08 - beanutils/ 20-Jun-2017 06:59 - bsf/ 20-Jun-2017 06:58 - chain/ 20-Jun-2017 06:58 - cli/ 20-Jun-2017 06:57 - codec/ 23-Oct-2017 16:04 - collections/ 20-Jun-2017 06:57 - commons-build-plugin/ 06-Apr-2018 07:09 - commons-parent/ 16-Apr-2018 07:23 - commons-release-plugin/ 05-Apr-2018 11:21 - compress/ 10-Feb-2018 02:18 - configuration/ 12-Oct-2017 14:35 - crypto/ 20-Jun-2017 06:57 - csv/ 03-Sep-2017 00:14 - daemon/ 22-Nov-2017 13:22 - dbcp/ 26-Dec-2017 19:51 - dbutils/ 20-Jul-2017 22:43 - digester/ 20-Jun-2017 06:58 - email/ 01-Aug-2017 13:32 - exec/ 20-Jun-2017 06:57 - fileupload/ 20-Jun-2017 06:57 - httpclient/ 20-Jun-2017 06:58 - io/ 20-Oct-2017 01:19 - jci/ 20-Jun-2017 06:58 - jcs/ 16-Aug-2017 13:08 - jelly/ 27-Sep-2017 07:30 - jexl/ 20-Jun-2017 06:58 - jxpath/ 20-Jun-2017 06:57 - lang/ 08-Nov-2017 10:02 - logging/ 20-Jun-2017 06:59 - math/ 20-Jun-2017 06:59 - net/ 20-Jun-2017 06:59 - pool/ 19-Dec-2017 17:48 - proxy/ 20-Jun-2017 06:57 - rdf/ 23-Dec-2017 13:57 - rng/ 20-Jun-2017 06:58 - sanselan/ 20-Jun-2017 06:58 - scxml/ 20-Jun-2017 06:59 - text/ 21-Mar-2018 18:27 - validator/ 20-Jun-2017 06:58 - vfs/ 06-Oct-2017 13:46 - weaver/ 20-Jun-2017 06:58 -
Do not download from www.apache.org. Please use a nearby mirror site to help us save apache.org bandwidth.
All of the release distribution packages have been digitally
signed (using PGP or GPG) by the ASF committers that constructed
There will be an accompanying distribution.asc file in the same directory as the distribution.
The PGP/GPG keys can be found at the MIT key repository and within this project's KEYS file at https://www.apache.org/dist/commons/KEYS
Always use the signature to validate package authenticity, e.g., $ pgpk -a KEYS $ pgpv commons-logging-1.2-bin.tar.gz.asc or, $ pgp -ka KEYS $ pgp commons-logging-1.2-bin.tar.gz.asc or $ gpg --import KEYS $ gpg --verify commons-logging-1.2-bin.tar.gz.asc commons-logging-1.2-bin.tar.gz
See also Verifying Apache Software Foundation Releases
We also offer MD5/SHA hashes as an alternative to validate the
integrity of the downloaded files. See the
Note that such hashes are only useful as a check that the file has been downloaded OK. They do not provide any guarantee that the downloaded file is authentic.