Release Hashes

Verify you are using genuine After Dark software.

After Dark utilizes the NPM CLI to produce a unique cryptographic hash each release, enabling any copy to be uniquely identified regardless of its source.

Release hashes use the SHA-512 algorithm and look like this:

VWcn7AxXUkZRGsRIM/6A5RjqW7DOPH+XbnLGRp7hpr0TCH/9l31ug2h2JaIlEvsDzOPRcZDBdyZvJ4mSm/Rqjg==

Each release a new hash is generated in the following locations:

Embedded using PGP in the release source git tag message.
Codified into the latest or version-specific NPM package metadata.
Embedded inside the After Dark Online Help documentation.

Upon receiving your copy of After Dark you may use the release hash to verify you are using an unadulterated version of the software.

Run the Release Validator to quickly check your release offline:

Interactive Release Validator

For a more thorough inspection do the following:

Install the npm cli on your machine.
Navigate to themes/after-dark from within your site.
Run npm i && npm run integrity to generate your SHA-512 hash.
Compare your hash to the hash generated during a signed release.
If equal, verify the GPG signature used to sign that release.

If inspection fails run the Upgrade Script and try again.