The 1.5.1 release is our latest release. For more information please see the release notes.
The 1.4.6 release is our latest release on the older 1.4.x branch. For more information please see the release notes. This is anticipated to be the last release of 1.4.x, and upgrading to the newer 1.5.x series of releases is encouraged.
When downloading from a mirror it is recommended to verify the integrity of the downloads. This should preferably be done by verifying the OpenPGP compatible signature available from the main Apache site. The KEYS file contains the public keys used for signing the release. It is recommended that a web of trust is used to confirm the identity of these keys.
You can check the OpenPGP signature with GnuPG via:
gpg --import KEYS
gpg --verify apache-fediz-*.zip.asc
It is also possible to verify the integrity of the downloads using the SHA512 checksum with:
sha512sum --check apache-fediz-*.zip.sha512
Previous releases are all archived in the Apache archive: https://archive.apache.org/dist/cxf/fediz
Maven 2 Repositories
If you use Maven for building your applications, all supported Fediz releases are synced into the maven central repository: https://repo1.maven.org/maven2/