Apache TinkerPop provides three packaged downloads per release version. The Gremlin Console and Gremlin Server downloads are binary distributions, which contain pre-packaged versions of these important TinkerPop applications that are designed to work out-of-the-box when unpackaged. The source distribution is a snapshot of the source code and files used in the building of those binary distributions.
|3.4.2 (latest, stable)||28-May-2019||release notes | upgrade | documentation | contributors||Gremlin Console Gremlin Server Source|
|3.3.7 (maintenance)||28-May-2019||release notes | upgrade | documentation | contributors||Gremlin Console Gremlin Server Source|
|release notes | upgrade | documentation | contributors||Gremlin Console Gremlin Server Source|
Note that upgrade documentation was only introduced at 3.1.1-incubating which is why there are no "upgrade" links in versions prior to that one.
As a convenience, TinkerPop also deploys packaged artifacts to the following locations:
Note this page lists official Apache releases only. TinkerPop occasionally produces unofficial binary release candidates (denoted by the suffix "-RC") which are NOT promoted or announced as actual release versions. Such releases are for early development and evaluation purposes only.
All downloads have associated PGP and SHA512 signatures to help verify a distribution provided by a mirror. To verify a distribution via PGP or GPG first download the KEYS file (it is important to use the linked file which is from the main distribution directory and not a mirror. Next download the appropriate "asc" signature file for the relevant distribution (again, this file should come from the main distribution directory - note that older releases will have such files in the archives or if released under Apache Incubator then they will be found in the Incubator archives).
Then verify the signatures as follows:
pgpk -a KEYS pgpv apache-gremlin-console-x.y.z-bin.zip.asc
pgpk -ka KEYS pgp apache-gremlin-console-x.y.z-bin.zip.asc
gpg --import KEYS gpg --verify apache-gremlin-console-x.y.z-bin.zip.asc apache-gremlin-console-x.y.z-bin.zip
Alternatively, consider verifying the SHA512 signature on the files. An SHA512 signature consists of 128 hex characters. Ensure that the generated signature string matches the signature string published in the files above.