Title: Downloads

Apache BVal provides an implementation of the Java Bean Validation (JSR380) Specification which is TCK compliant and works on Java SE 8 or later.

Apache BVal artifacts are distributed in source and binary form under the terms of the Apache License, Version 2.0. See the included LICENSE and NOTICE files included in each artifact for additional license information. Please read the Verifying Releases section below on how to verify the integrity of downloaded files.

Current Releases

Apache BVal 2.0.5 - Java 8 - Bean Validation v2.0 - Released October 26 2020

ModuleArtifactSignaturesComments
Source Distributionbval-parent-2.0.5-source-release.zipasc sha512-
JSR380 Implementationbval-jsr-2.0.5.jarasc md5 sha1javax.validation.spi.ValidationProvider
Implementation Bundleorg.apache.bval.bundle-2.0.5.jarasc md5 sha1javax.validation.spi.ValidationProvider w/ OSGi metadata (includes bval-jsr)
Extra Routines and Constraintsbval-extras-2.0.5.jarasc md5 sha1Optional module

Apache BVal 1.1.2 - Java 6 - Bean Validation v1.1 - Released Nov 3 2016

ModuleArtifactSignaturesComments
Source Distributionbval-parent-1.1.2-source-release.zipasc md5 sha1-
Core Frameworkbval-core-1.1.2.jarasc md5 sha1-
JSR349 Implementationbval-jsr-1.1.2.jarasc md5 sha1javax.validation.spi.ValidationProvider (requires bval-core)
Implementation Bundleorg.apache.bval.bundle-1.1.2.jarasc md5 sha1javax.validation.spi.ValidationProvider w/ OSGi metadata (includes bval-core and bval-jsr)
Extra Routines and Constraintsbval-extras-1.1.2.jarasc md5 sha1Optional module
Legacy Agimatec JSON supportbval-json-1.1.2.jarasc md5 sha1Optional integration module
Legacy Agimatec XML supportbval-xstream-1.1.2.jarasc md5 sha1Optional integration module

Note: this release depends on geronimo-validation_1.1_spec API jar or any official bean validation API. EL API is optional but enables new Bean Validation 1.1 features.

Apache BVal 0.5 - Java 5 - Bean Validation v1.0 - Released September 21, 2012

ModuleArtifactSignaturesComments
Source Distributionbval-parent-0.5-source-release.zipasc md5 sha1-
Core Frameworkbval-core-0.5.jarasc md5 sha1-
JSR303 Implementationbval-jsr303-0.5.jarasc md5 sha1javax.validation.spi.ValidationProvider (requires bval-core)
Implementation Bundleorg.apache.bval.bundle-0.5.jarasc md5 sha1javax.validation.spi.ValidationProvider w/ OSGi metadata (includes bval-core and bval-jsr303)
Google Guice Integrationbval-guice-0.5.jarasc md5 sha1Optional integration module
Extra Routines and Constraintsbval-extras-0.5.jarasc md5 sha1Optional module
Legacy Agimatec JSON supportbval-json-0.5.jarasc md5 sha1Optional integration module
Legacy Agimatec XML supportbval-xstream-0.5.jarasc md5 sha1Optional integration module

Older Releases

Apache BVal 1.1.0 - Released June 2015

Available at the Apache release archive.

Apache BVal 0.4 - Released April 13, 2012

Available at the Apache release archive.

Apache Bean Validation 0.3-incubating - Released April 28, 2011

Available at the Apache release archive.

Apache Bean Validation 0.2-incubating - Released August 18, 2010

Available at the Apache release archive.

Apache Bean Validation 0.1-incubating - Released June 11, 2010

Available at the Apache release archive.

Maven Users

Our artifacts are published to the Maven Central repository and can be found under the org.apache.bval groupId.

You'll need to add the following dependencies in your builds (and Maven will automatically include the additional transitive dependencies for you):

<dependency>
  <groupId>org.apache.geronimo.specs</groupId>
  <artifactId>geronimo-validation_1.0_spec</artifactId>
  <version>1.1</version>
</dependency>
<dependency>
  <groupId>org.apache.bval</groupId>
  <artifactId>org.apache.bval.bundle</artifactId>
  <version>0.5</version>
</dependency>

Maven will determine the transitive dependencies for the artifacts, but if you are not using Maven to build your project, then you will also need the following dependencies on the classpath:

<dependency>
  <groupId>org.apache.commons</groupId>
  <artifactId>commons-lang3</artifactId>
  <version>3.1</version>
</dependency>
<dependency>
  <groupId>org.slf4j</groupId>
  <artifactId>slf4j-simple</artifactId>
  <version>1.6.1</version>
</dependency>
<dependency>
  <groupId>commons-beanutils</groupId>
  <artifactId>commons-beanutils</artifactId>
  <version>1.8.3</version>
</dependency>

Verifying Releases

It is essential that you verify the integrity of any downloaded files using the PGP or MD5 signatures. For more information on signing artifacts and why we do it, check out the Release Signing FAQ.

The PGP signatures can be verified using PGP or GPG. First download the KEYS as well as the asc signature file for the artifact. Make sure you get these files from the main distribution directory, rather than from a mirror. Then verify the signatures using:

$ pgpk -a KEYS
$ pgpv bval-parent-0.5-source-release.zip.asc

or

$ pgp -ka KEYS
$ pgp bval-parent-0.5-source-release.zip.asc

or

$ gpg --import KEYS
$ gpg --verify bval-parent-0.5-source-release.zip.asc

Alternatively, you can verify the MD5 signature on the files. A Unix/Linux program called md5 or md5sum is included in most distributions. It is also available as part of GNU Textutils. Windows users can get binary md5 programs from these (and likely other) places: