MonetDB Download area

Select by OS

Type Name Description
Fedora MonetDB Fedora RPMs & YUM repository
MacOS MonetDB Mac OS X installers
Debian and Ubuntu MonetDB Debian and Ubuntu repository
RHEL, CentOS, SL MonetDB EPEL (Red Hat, CentOS, Scientific Linux) RPMs & YUM repository
Windows MonetDB Windows installers

MonetDB/e (embeddable versions of MonetDB)

Type Name Description
MonetDBe-C MonetDB/e for C
MonetDBe-Java MonetDB/e for Java
MonetDBe-Python MonetDB/e for Python

Extensions

Type Name Description
Java MonetDB JDBC driver and JdbcClient CLI application
Python Python database driver for MonetDB/SQL
PHP PHP database driver for MonetDB/SQL
Perl Perl database driver for MonetDB/SQL
Ruby Ruby database driver for MonetDB/SQL

Developers area

Type Name Description
Sources MonetDB source distributions
MonetDB-GPG-KEY MonetDB public key
MonetDB-GPG-KEY.gpg MonetDB public key, binary
Testing area MonetDB release candidates

In various directories there is a file SHA256SUM which contains the sha256 checksum of the files in that directory. This SHA256SUM file is signed using one of the keys of which the public parts are available in the file MonetDB-GPG-KEY.

Starting with the 11.49.X release (a.k.a. Dec2023), files will be signed with a key with key ID 0x5521A603. Older files were signed with a key with key ID 0xDF0E54F3.

The keys are also available from keyservers:

	      gpg --recv-key 0x5521A603 0xDF0E54F3
	    

You should check the fingerprint of the keys:

	      gpg --fingerprint 0x5521A603 0xDF0E54F3
	    

The fingerprint are: key ID 0x5521A603: DBCE 5625 94D7 1959 7B54 CE85 3F1A D47F 5521 A603; key ID 0xDF0E54F3: 8289 A5F5 75C4 9F50 22F8 EE20 F654 63E2 DF0E 54F3.

You can then download the SHA256SUM file and check that it hasn't been tampered with:

gpg --verify SHA256SUM

Among other output, you should see the message

gpg: Good signature from "MonetDB Database System Packager <info@monetdb.org>"

You should also see the message that the signature was made using the RSA key ID 8289A5F575C49F5022F8EE20F65463E2DF0E54F3, or the RSA key ID DBCE562594D719597B54CE853F1AD47F5521A603 (or perhaps the short form consisting of the last 8 hexadecimal digits of these key IDs).

After this, you can verify that the downloaded files are correct:

sha256sum --check SHA256SUM

For all files you downloaded, you should see the name of the file followed by the word "OK".

In addition, all RPM files and DEB packages are also signed with one of the keys. See the Fedora, epel (for Enterprise Linux), and deb (for Debian and Ubuntu) directories for more details.

Further information about the "Dec2023-SP1" release is available in the release notes.