Apache POI - Download Release Artifacts
This page provides instructions on how to download and verify the Apache POI release artifacts. There are different versions available depending on how stable your code should be.
Apache POI releases are available under the Apache License, Version 2.0. See the NOTICE file contained in each release artifact for applicable copyright attribution notices.
To ensure that you have downloaded the true release you should verify the integrity of the files using the signatures and checksums available from this page.
16 September 2022 - POI 5.2.3 available
The Apache POI team is pleased to announce the release of 5.2.3. Featured are a handful of new areas of functionality and numerous bug fixes.
The POI source release is listed below. Pre-built versions of all POI components are available in the central Maven repository under Group ID "org.apache.poi" and Version "5.2.3".
POI 5.2.3 is the last version where we produced a set of poi-bin*.zip and poi-bin*.tgz files. We will continue to publish jars to Maven Central. If you are not using a build tool like Apache Maven or Gradle, you can still find these jars by traversing the directories at https://repo1.maven.org/maven2/org/apache/poi/.
If you want to download a legacy poi-bin archive, see the archives of all prior releases.
It is essential that you verify the integrity of the downloaded files using the PGP and SHA2 signatures. Please read Verifying Apache HTTP Server Releases for more information on why you should verify our releases. This page provides detailed instructions which you can use for POI artifacts.
The PGP signatures can be verified using PGP or GPG. First download the KEYS file as well as the .asc signature files for the relevant release packages. Make sure you get these files from the main distribution directory, rather than from a mirror. Then verify the signatures.
Batch check of all distribution files:
Sample verification of poi-bin-3.5-FINAL-20090928.tgz