diff --git a/.codespellrc b/.codespellrc
index 613604461..299f3f76f 100644
--- a/.codespellrc
+++ b/.codespellrc
@@ -1,3 +1,3 @@
 [codespell]
 skip = ./www/docs/reference/api/*.mdx,./erl_crash.dump,./apps/fz_http/erl_crash.dump,./cover,./vendor,./omnibus,*.json,yarn.lock,seeds.exs,./**/node_modules,./deps,./priv/static,./priv/plts,./**/priv/static,./.git,./www/build,./_build
-ignore-words-list = keypair,keypairs,iif,statics,wee
+ignore-words-list = crate,keypair,keypairs,iif,statics,wee
diff --git a/CODE_OF_CONDUCT.md b/CODE_OF_CONDUCT.md
index 8f92dae80..81b2a4bb8 100644
--- a/CODE_OF_CONDUCT.md
+++ b/CODE_OF_CONDUCT.md
@@ -17,23 +17,23 @@ diverse, inclusive, and healthy community.
 Examples of behavior that contributes to a positive environment for our
 community include:
 
-* Demonstrating empathy and kindness toward other people
-* Being respectful of differing opinions, viewpoints, and experiences
-* Giving and gracefully accepting constructive feedback
-* Accepting responsibility and apologizing to those affected by our mistakes,
+- Demonstrating empathy and kindness toward other people
+- Being respectful of differing opinions, viewpoints, and experiences
+- Giving and gracefully accepting constructive feedback
+- Accepting responsibility and apologizing to those affected by our mistakes,
   and learning from the experience
-* Focusing on what is best not just for us as individuals, but for the
+- Focusing on what is best not just for us as individuals, but for the
   overall community
 
 Examples of unacceptable behavior include:
 
-* The use of sexualized language or imagery, and sexual attention or
+- The use of sexualized language or imagery, and sexual attention or
   advances of any kind
-* Trolling, insulting or derogatory comments, and personal or political attacks
-* Public or private harassment
-* Publishing others' private information, such as a physical or email
+- Trolling, insulting or derogatory comments, and personal or political attacks
+- Public or private harassment
+- Publishing others' private information, such as a physical or email
   address, without their explicit permission
-* Other conduct which could reasonably be considered inappropriate in a
+- Other conduct which could reasonably be considered inappropriate in a
   professional setting
 
 ## Enforcement Responsibilities
@@ -106,7 +106,7 @@ Violating these terms may lead to a permanent ban.
 ### 4. Permanent Ban
 
 **Community Impact**: Demonstrating a pattern of violation of community
-standards, including sustained inappropriate behavior,  harassment of an
+standards, including sustained inappropriate behavior, harassment of an
 individual, or aggression toward or disparagement of classes of individuals.
 
 **Consequence**: A permanent ban from any sort of public interaction within
diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md
index b67e860d8..041c21146 100644
--- a/CONTRIBUTING.md
+++ b/CONTRIBUTING.md
@@ -5,25 +5,25 @@ started.
 
 ## Table of Contents
 
-* [Overview](#overview)
-* [Developer Environment Setup](#developer-environment-setup)
-  * [Docker Setup](#docker-setup)
-    * [Docker Caveat](#docker-caveat)
-  * [Local HTTPS](#local-https)
-  * [asdf-vm](#asdf-vm)
-  * [Pre-commit](#pre-commit)
-  * [The .env File](#the-env-file)
-  * [Bootstrapping](#bootstrapping)
-  * [Ensure Everything Works](#ensure-everything-works)
-* [Reporting Bugs](#reporting-bugs)
-* [Opening a Pull Request](#opening-a-pull-request)
-  * [Run Tests](#run-tests)
-    * [Unit Tests](#unit-tests)
-    * [End-to-end Tests](#end-to-end-tests)
-  * [Use Detailed Commit Messages](#use-detailed-commit-messages)
-  * [Ensure Static Analysis Checks Pass](#ensure-static-analysis-checks-pass)
-* [Code of Conduct](#code-of-conduct)
-* [Asking for Help](#asking-for-help)
+- [Overview](#overview)
+- [Developer Environment Setup](#developer-environment-setup)
+  - [Docker Setup](#docker-setup)
+    - [Docker Caveat](#docker-caveat)
+  - [Local HTTPS](#local-https)
+  - [asdf-vm](#asdf-vm)
+  - [Pre-commit](#pre-commit)
+  - [The .env File](#the-env-file)
+  - [Bootstrapping](#bootstrapping)
+  - [Ensure Everything Works](#ensure-everything-works)
+- [Reporting Bugs](#reporting-bugs)
+- [Opening a Pull Request](#opening-a-pull-request)
+  - [Run Tests](#run-tests)
+    - [Unit Tests](#unit-tests)
+    - [End-to-end Tests](#end-to-end-tests)
+  - [Use Detailed Commit Messages](#use-detailed-commit-messages)
+  - [Ensure Static Analysis Checks Pass](#ensure-static-analysis-checks-pass)
+- [Code of Conduct](#code-of-conduct)
+- [Asking for Help](#asking-for-help)
 
 ## Overview
 
@@ -50,8 +50,7 @@ environment with working nftables and WireGuard subsystems for live development.
 
 ### Docker Setup
 
-We recommend [Docker Desktop](
-https://docs.docker.com/engine/install/#desktop)
+We recommend [Docker Desktop](https://docs.docker.com/engine/install/#desktop)
 even if you're developing on Linux. This is what the Firezone core devs use and
 comes with `compose` included.
 
@@ -61,8 +60,7 @@ Routing packets from the host's WireGuard client through the Firezone compose
 cluster and out to the external network will not work. This is because Docker
 Desktop
 [rewrites the source address from containers to appear as if they originated the
-host](
-https://www.docker.com/blog/how-docker-desktop-networking-works-under-the-hood/)
+host](https://www.docker.com/blog/how-docker-desktop-networking-works-under-the-hood/)
 , causing a routing loop:
 
 1. Packet originates on Host
@@ -138,8 +136,8 @@ Firezone Docker services. By connecting to Firezone from the `client`
 container, you can test the WireGuard tunnel is set up correctly by pinging the
 `caddy` container:
 
-* `docker compose exec client ping 172.28.0.99`
-* `docker compose exec client curl -k 172.28.0.99:8443/hello`: this
+- `docker compose exec client ping 172.28.0.99`
+- `docker compose exec client curl -k 172.28.0.99:8443/hello`: this
   should return `HELLO` text.
 
 If the above commands indicate success, you should be good to go!
@@ -154,19 +152,19 @@ issues as well.
 
 If it's not there, please open a new issue and include the following:
 
-* Description of the problem
-* Expected behavior
-* Steps to reproduce
-* Estimated impact: High/Medium/Low
-* Firezone version
-* Platform architecture (amd64, aarch64, etc)
-* Linux distribution
-* Linux kernel version
+- Description of the problem
+- Expected behavior
+- Steps to reproduce
+- Estimated impact: High/Medium/Low
+- Firezone version
+- Platform architecture (amd64, aarch64, etc)
+- Linux distribution
+- Linux kernel version
 
 ## Opening a Pull Request
 
 We love pull requests! To ensure your pull request gets reviewed and merged
-swiftly, please read the below *before* opening a pull request.
+swiftly, please read the below _before_ opening a pull request.
 
 ### Run Tests
 
@@ -218,5 +216,4 @@ pre-commit run --all-files
 
 ## Asking For Help
 
-If you get stuck, don't hesitate to ask for help on our [community forums](
-https://discourse.firez.one/?utm_source=contributing).
+If you get stuck, don't hesitate to ask for help on our [community forums](https://discourse.firez.one/?utm_source=contributing).
diff --git a/README.md b/README.md
index 2a177cb37..f25ac417f 100644
--- a/README.md
+++ b/README.md
@@ -77,7 +77,7 @@ community support options:
   or make a contribution to Firezone.
 
 If you need help deploying or maintaining Firezone for your business, consider
-[contacting us about our paid support plan](https://www.firezone.dev/contact/sales?utm_source=readme).
+[contacting us about our paid support plan](https://www.firezone.dev/sales?utm_source=readme).
 
 ## Star History
 
diff --git a/apps/fz_http/lib/fz_http_web/live/setting_live/account_live.ex b/apps/fz_http/lib/fz_http_web/live/setting_live/account_live.ex
index 7ecb376df..40dda766e 100644
--- a/apps/fz_http/lib/fz_http_web/live/setting_live/account_live.ex
+++ b/apps/fz_http/lib/fz_http_web/live/setting_live/account_live.ex
@@ -108,6 +108,6 @@ defmodule FzHttpWeb.SettingLive.Account do
 
   defp subscribe_link do
     tid = Application.get_env(:fz_http, :telemetry_id)
-    "https://www.firezone.dev/contact/sales?utm_source=product&uid=#{tid}"
+    "https://www.firezone.dev/sales?utm_source=product&uid=#{tid}"
   end
 end
diff --git a/www/CNAME b/www/CNAME
index 63b975484..795296e60 100644
--- a/www/CNAME
+++ b/www/CNAME
@@ -1 +1 @@
-docs.firezone.dev
+www.firezone.dev
diff --git a/www/blog/2022-07-25-release-0-5-0/index.mdx b/www/blog/2022-07-25-release-0-5-0/index.mdx
new file mode 100644
index 000000000..ba254b989
--- /dev/null
+++ b/www/blog/2022-07-25-release-0-5-0/index.mdx
@@ -0,0 +1,138 @@
+---
+slug: release-0-5-0
+title: Release 0.5.0
+authors: [jamil]
+tags: [release, beta, acme, reverse proxy, docs]
+---
+
+## Firezone 0.5 Released!
+
+As the first post on our new blog, we thought it'd be fitting to kick things
+off with a release announcement. So without further ado, we're excited to
+announce: Firezone [0.5.0 is
+here](https://github.com/firezone/firezone/releases)!  It's packed with new
+features, bug fixes, and other improvements — more on that below.
+
+But first, we'd like to clarify our plan for plan for pricing.
+
+### Free as in… forever?
+
+One question we often get asked is, how much does Firezone cost? Well, now
+we're able to offer some clarification around pricing. **Starting with 0.5.0,
+Firezone will be entering public beta.** What's that mean for you? Two things:
+
+- We'll be experimenting with different tiers and pricing structures based on
+  an open-core business model. We plan to **always** have a version of the
+  product free to use, forever. See our [new pricing
+  page](https://firezone.dev/pricing) for more information.
+- **Edit**: The Beta program is now closed. Thanks to all who participated!
+  ~~Anyone participating in the public beta program **will receive a license key good
+  for up to one year of** Firezone Team or Business. It's our way of saying
+  thanks for being an early adopter and joining the program.~~
+
+Now that that's out of the way, let's talk about all the new features in
+0.5.0!
+
+### User-scoped egress rules
+
+Rules can now optionally receive a user scope, limiting the rule's application
+only to devices owned by that user. This allows you to selectively allow or
+deny traffic from a particular user to an IP, set of IPs, or CIDR range.
+
+### Auto-renewed, ECDSA-backed, ACME-powered SSL certificates
+
+One of our most-requested features is now available — Firezone 0.5.0 supports
+ACME SSL certificate renewal backed by Let's Encrypt's new ECDSA key type.
+Other providers and key types are available too. See all ACME configuration
+options in our [configuration file
+reference](/docs/reference/configuration-file/).
+
+**Note**: ACME is disabled by default to remain compatible with existing
+Firezone installations. To enable, set the following in your config file:
+
+```
+default['firezone']['ssl']['acme']['enabled'] = true
+```
+
+### BYORP: Bring Your Own Reverse Proxy
+
+Want to disable Nginx and deploy Firezone under your own reverse proxy or HTTP
+load balancer? Well, now you can! We've documented the required headers and
+other configuration necessary to make this happen. [Check the
+docs](/docs/deploy/advanced/reverse-proxy) for some configuration
+examples for popular proxies. In short:
+
+Set the
+`default['firezone']['phoenix']['external_trusted_proxies']`
+configuration variable to a comma-separated list containing the proxies
+you'd like to receive forwarded requests from. If your proxy uses an
+[RFC1918 address](https://en.wikipedia.org/wiki/Private_network), add its
+IP to `default['firezone']['phoenix']['private_clients']` instead of
+`default['firezone']['phoenix']['external_trusted_proxies']`.
+Update your proxy's configuration to point to Firezone, making sure to set
+the `X-Forwarded-For` header and enable WebSocket connection upgrades.
+
+**Note:** ACME support is tied to Nginx. If you disable the bundled
+Firezone Nginx service, you'll need to provide your own SSL certificates
+(or configure ACME renewal manually).
+
+**Additional note:** If you go this route, you'll need to terminate SSL
+yourself — Firezone sets the secure attribute on all cookies and thus
+requires the downstream proxy to terminate SSL.
+
+### Runtime configuration available in the UI
+
+Some Firezone configuration settings are now configurable in the product UI
+under the Security settings. This will override anything you have set in the
+config file. Moving runtime configuration into the application itself brings us
+a step closer to Docker-based deployments (coming Soon™).
+
+### New and improved documentation
+
+Our docs have been migrated from Jekyll to [Docusaurus](https://docusaurus.io).
+Aside from all the Formatting is improved, user guides are updated and many
+pages have been edited for clarify and further detail. As an added bonus, our
+docs are feature improved search thanks to the powerful search functionality
+provided by [DocSearch by Algolia](https://docsearch.algolia.com/).
+Contributions welcome!
+
+### Red Hat and Debian package repositories
+
+If you're on one of our [supported
+distros](/docs/deploy/omnibus/supported-platforms/) (or its
+derivatives), the one-line install script will automatically install Firezone
+from our package repository and track further updates from there. This means
+your Firezone installation can be managed like any other package on your system
+and will be marked for upgrades by the same apt and yum tools you're already
+familiar with. Be sure to check the [upgrade
+notes](/docs/administer/upgrade/) prior to each
+upgrade in case there are any backwards-incompatible changes or manual steps
+involved.
+
+If you've got an existing installation and still want to add our package
+repository for easier package management, just follow the [relevant
+section](/docs/deploy/omnibus) in the manual
+install guide.
+
+### Smaller package sizes
+
+Speaking of packages, we've done a bit of work reducing the size of our Omnibus
+release package. The Nodejs, Python, Erlang, and Elixir runtimes have all been
+removed, reducing the package size by 50% and total installed size by even
+more. There's still lots of work to be done to be done here —  we expect
+package sizes to be reduced even further moving forward.
+
+### Custom landing page logo
+
+In the first round of what we hope to be the start of a full-featured
+customization experience, it's now possible to change the landing page logo.
+Upload an image up to 1 MB or specify a URL to an image your end users will see
+when landing at your Firezone portal.
+
+## Conclusion
+
+That's all we've got for now. If you'd like to spin up Firezone to try it out,
+head to the [deploy guide](/docs/deploy) in our docs.
+
+If you're interested in using Firezone in production for your Team or Business,
+[contact us](/sales) about our Business tier.
diff --git a/www/blog/2022-10-17-release-0-6-0/index.mdx b/www/blog/2022-10-17-release-0-6-0/index.mdx
new file mode 100644
index 000000000..8a3f31274
--- /dev/null
+++ b/www/blog/2022-10-17-release-0-6-0/index.mdx
@@ -0,0 +1,127 @@
+---
+slug: release-0-6-0
+title: Release 0.6.0
+authors: [jamil]
+tags: [release, docker, saml]
+---
+
+## Firezone 0.6 Released!
+
+Today, I'm excited to announce we've closed the [first public issue
+](https://github.com/firezone/firezone/issues/260) on our GitHub repository,
+more than a year after it was originally opened: Containerization support!
+We're also releasing preliminary support for SAML 2.0 identity providers
+like Okta and OneLogin.
+
+### Docker Support
+
+Docker is now the preferred method for deploying Firezone. Our [
+automatic install script](https://raw.githubusercontent.com/firezone/firezone/master/scripts/docker_install.sh)
+now uses Docker by default, and we even have a new [Docker migration script
+](https://raw.githubusercontent.com/firezone/firezone/master/scripts/docker_migrate.sh)
+that will non-destructively migrate your Omnibus-based Firezone installation
+to a Docker-based one with minimal downtime.
+
+#### How to Deploy
+
+You can now deploy Firezone complete with valid SSL certificates and a
+provisioned administrator in just a couple minutes:
+
+<AsciinemaPlayer
+  src="https://asciinema.org/a/530197.cast"
+  autoplay={true}
+  rows={30}
+  idleTimeLimit={3}
+  preload={true}
+/>
+
+This also means Firezone runs on any platform that supports Docker,
+like my Mac in the video above. The automatic install script will _probably_
+barf on Windows, though. In that case, try the
+[manual install method](/docs/deploy/docker/#option-2-manual-install)!
+
+#### Why Docker?
+
+Docker offers a number of benefits over the old Omnibus-based method of deploying
+Firezone:
+
+- **Simpler, more robust upgrades**: In most cases, simply pull the latest `firezone/firezone`
+  image and restart the container.
+- **Simpler configuration**: Most day-to-day configuration of Firezone can now
+  be done in the web UI instead of the `/etc/firezone/firezone.rb` configuration
+  file. All other configuration variables can be specified as ENV vars to the
+  Firezone container.
+- **Smaller footprint**: The Firezone image weighs in at a couple dozen
+  megabytes versus hundreds of megabytes for the Omnibus package.
+- **Portability**: Firezone now runs on any platform that supports Docker.
+- **Security**: Containerization providers better security isolation than
+  simply running as an unprivileged local user.
+
+It also makes it easier to build and test Firezone. CI pipelines rejoice!
+No more 4-hour long compiles and intermittent build failures.
+
+#### What about Omnibus?
+
+[Chef Omnibus](https://github.com/chef/omnibus) is a Ruby-based build system
+designed to make building and distributing complex software easier. You define
+your dependencies as source tarballs, configure options, and platform-specific
+build flags, and Omnibus automatically fetches, builds, and links all your
+dependencies automagically, emitting an OS-native installer artifact when
+complete.
+
+Omnibus was a popular choice for distributing self-hosted software before
+Docker was popular -- GitLab and Mattermost are two popular self-hosted products
+that still support Omnibus-based deployments today. It's still used in many
+cases where Docker can't be used (on the \*BSDs, for example).
+
+But, since Omnibus is [effectively EOL in 2024](https://docs.chef.io/versions/)
+due to its reliance on Chef Infra Client, we've decided to deprioritize
+reliance on it, and dedicate those resources to containerized deployments
+instead.
+
+**Note**: Beginning with 0.6, Omnibus support in Firezone is **deprecated**.
+We'll be removing support for it completely in a future Firezone release.
+
+#### How to migrate from Omnibus to Docker
+
+We've written an in-depth migration guide to migrate your instance from Omnibus
+to Docker:
+
+https://www.firezone.dev/docs/administer/migrate
+
+Most instances will migrate without issue. If you're running Firezone in production
+for your team or business, [contact us](/sales)
+so we can better understand how we can help with your migration.
+
+### SAML 2.0
+
+Also in 0.6 is preliminary support for SAML 2.0 authentication. You'll need the
+IdP Metadata XML document to set it up. In most cases the identity provider
+will provide it for you. If not, you should be able to build it manually or
+using a tool such as
+[this nifty online IdP builder](https://www.samltool.com/idp_metadata.php).
+
+In general we recommend using OpenID Connect integration over SAML whenever possible.
+It's simpler, tends to be implemented more consistently across identity providers,
+and much easier to debug when things go wrong.
+
+Speaking of OIDC, 0.6 also introduces a couple improvements to make integrating
+your identity provider a more pleasant experience:
+
+- `auto_create_oidc_users` is now a per-provider configuration setting. Enable or disable
+  autocreation of users when logging into Firezone via that provider.
+- New web form for entering OIDC details, with improved validation and error checking:
+
+<center>
+  <img
+    width="500"
+    src="https://user-images.githubusercontent.com/167144/196735853-b2c8d505-285f-40ac-9d73-4b568358c5c3.png"
+    alt="OIDC Form"
+  />
+</center>
+
+#### IdP not supported?
+
+If your IdP isn't supported or you'd like to learn about your options for
+custom integrations, [contact us](/sales) to
+learn more about our Business plan features.
diff --git a/www/blog/2023-01-10-first-offsite/index.mdx b/www/blog/2023-01-10-first-offsite/index.mdx
new file mode 100644
index 000000000..b8497ab60
--- /dev/null
+++ b/www/blog/2023-01-10-first-offsite/index.mdx
@@ -0,0 +1,138 @@
+---
+slug: first-offsite-retro
+title: Lessons from Firezone’s first off-site
+description: In December, Firezone organized an off-site in California. Here's what we learned.
+authors: [jason]
+tags: [company, off-site]
+---
+
+My first tech job was at [Strong](https://www.strong.app/), a workout journal app that was pretty popular at the time. The founders were “digital nomads,” and the team was fully remote.
+
+Back in 2016, this was highly uncommon.
+
+We spent a lot of time creating processes to work together effectively on opposite sides of the world. One of these was meeting up in person regularly.
+
+<center>
+  <img
+    width="800"
+    src="https://user-images.githubusercontent.com/52545545/211626078-6f64a4f4-ec37-40cd-8bb5-a6b9b122f351.png"
+    alt="digital nomads"
+  />
+</center>
+
+At first, it was by accident. Since everyone was traveling anyway, we would coordinate being in the same city at the same time.
+
+After working in person, we quickly noticed the way we worked remotely improved. People were more comfortable sharing their ideas, better at giving constructive criticism, and happier in general.
+
+It just _felt_ better to work together in person.
+
+## Why try this at Firezone?
+
+If you believe Firezone can take a sizable bite out of the usual suspects of legacy remote access products, we’ll need to use every advantage.
+
+As a startup, our biggest advantage is the ability to move quickly as a team.
+
+This is much easier when everyone is comfortable sharing ideas and engaging in lively debate. Plus, it’s a lot more fun.
+
+So we decided to try it out. After much planning, canceled bookings, and a few long flights, our team met in Santa Rosa, California.
+
+<center>
+  <img
+    width="600"
+    src="https://user-images.githubusercontent.com/52545545/216130487-bde66005-e3e0-4d88-a2d0-f9a842efc715.png"
+    alt="offsite office"
+  />
+</center>
+
+## What did we do?
+
+Our itinerary included architecture planning, a multi-day hackathon, and plenty of fun activities around the Bay Area.
+
+<center>
+  <img
+    width="600"
+    src="https://user-images.githubusercontent.com/52545545/211988059-02f3083a-116b-462e-a5ff-90af4fab63fc.png"
+    alt="offsite office"
+  />
+</center>
+
+The focus of the off-site was building. We each defined a few tasks that could realistically be completed by the end of the trip. So what did we work on?
+
+- A new Firezone gateway (coming in 0.8!) that will eventually allow decoupling the web portal from the WireGuard data plane. A single Firezone web portal will soon be able to manage hundreds or even thousands of little Firezone gateways securing access to their respective private resources. More details to come!
+- A [new REST API in 0.7](https://github.com/firezone/firezone/releases) to allow configuring Firezone in a more automatable way. Users love our snappy web portal, but nothing beats the power of an API for automation.
+- Various documentation improvements to improve consistency between Omnibus and Docker sections, detail logging, and implement a v1 style guide.
+
+Of course, no visit to the Bay Area would be complete without a tour of San Francisco. It rained most of the time, so we missed out on much of the picturesque hiking. But we still managed to snap some photos of the Golden Gate bridge and devour a few In-N-Out burgers.
+
+Of special mention are the team dinners. Remote companies lack that familiar bond typically formed over team lunches in the office, so we sought to recreate that when we met in person. As an added bonus, we also split cooking duties. In many ways preparing food for your teammates is like opening a pull request: make something, request feedback on it, then merge and enjoy.
+
+As someone whose culinary talents rival his passion for building security products, our resident chef [Jamil](https://twitter.com/jamilbk) led most of the culinary endeavors, including a 2-hour drive around Santa Rosa in search of live Dungeness crab.
+
+<center>
+  <img
+    width="400"
+    src="https://user-images.githubusercontent.com/167144/214394961-ecbff7d8-2f9c-48a6-a906-c387366169f3.jpeg"
+    alt="team dinner"
+  />
+</center>
+
+## Lessons learned for next time
+
+Since this was our first off-site, some things could have gone better. Here’s a small list of hiccups and other things we’d do differently next time.
+
+### Turn on low power mode
+
+<center>
+  <img
+    width="400"
+    src="https://user-images.githubusercontent.com/52545545/211503302-4b2e2e74-06e8-4929-aa5b-a336af25a450.png"
+    alt="team dinner"
+  />
+</center>
+
+If you’re booking an Airbnb, check for planned maintenance and outages! We were notified three days before arrival the power would be out during two full workdays.
+
+Fortunately, we had a small power bank and mobile hotspot with unlimited data. Unfortunately, our lead Rust engineer’s beefy Linux machine only gets a single hour of battery life on a full charge.
+
+When his machine died, we migrated to our local coffee shop, where power and WiFi were surprisingly abundant. _Editor’s note: Coffee shops in Santa Rosa are much more accommodating as a makeshift office than most in San Francisco._
+
+When you’re building software, electricity and internet are vital -- splurge for that bigger battery bank and faster hotspot!
+
+### Lumbar support is underrated
+
+You’ll sacrifice some ergonomics when you work out of an Airbnb. Put a premium on large work surfaces, open common areas, and comfortable chairs. After a few days of working hunched over on a sofa, we learned the hard way.
+
+Even better, leave heads down work until after the off-site. Instead, prioritize architecture discussions, brainstorming sessions, and design sprints.
+
+### Stock the right fuel
+
+We got carried away at Costco. Our out-of-town guests had never witnessed the spectacle of an American snack aisle. Fortunately, our talented engineers can turn Funyuns into elegant lines of Rust code (shoutout [@Gabi](https://github.com/conectado)).
+
+All jokes aside, you’ll need the right fuel for your hackathons and deep product discussions. We recommend stocking up with plenty of coffee and healthy snacks.
+
+### Plan ahead: it’ll pay off
+
+As is often the case with startups, we planned the trip on short notice. This meant many last-minute restaurant bookings and trips to the store for basic supplies.
+
+So, make a shopping list, book a few restaurants in advance, and have a backup plan. If you’re looking for a template, take a look at this [guide](https://posthog.com/handbook/company/offsites#how-to-plan-an-offsite-in-8-weeks---a-checklist) from our friends at PostHog. A great checklist is hard to beat.
+
+## What’s next?
+
+In a few short days, we:
+
+- Aligned on Firezone’s product direction
+- Made critical architecture decisions for the gateway and client apps
+- Made significant progress on a few key features
+- Bonded over great food, conversation, and Mario Kart
+
+We could have accomplished some of these over a few long Zoom calls and chat threads, but not as quickly. There’s something about mind melding over a few days of intense work that’s hard to replicate.
+
+So, will we have another off-site? Definitely!
+
+Until next time!
+
+:::info 👋 thanks for reading
+Firezone secures remote access to private resources. This post doesn't have much to do about security, networking, or a fancy new feature. But hey, our product improves the remote work experience - organizing a great off-site helps too.
+
+If you want to try it out, our [Docker install script](/docs/deploy) gets Firezone running in just a few minutes.
+:::
diff --git a/www/blog/_2022-10-21-3000-stars/index.mdx b/www/blog/_2022-10-21-3000-stars/index.mdx
new file mode 100644
index 000000000..a6025a879
--- /dev/null
+++ b/www/blog/_2022-10-21-3000-stars/index.mdx
@@ -0,0 +1,8 @@
+---
+slug: 3000-stars
+title: 3,000 GitHub Stars
+authors: [jamil]
+tags: [open-source, github]
+---
+
+## 3,000 GitHub Stars
diff --git a/www/blog/_2022-12-23-yc-as-oss-company/index.mdx b/www/blog/_2022-12-23-yc-as-oss-company/index.mdx
new file mode 100644
index 000000000..ae9e546bb
--- /dev/null
+++ b/www/blog/_2022-12-23-yc-as-oss-company/index.mdx
@@ -0,0 +1,181 @@
+---
+slug: yc-oss-experience
+title: Going through YC as an open source company
+authors: [jason]
+tags: [open-source, ycombinator, company]
+---
+
+# Going through YC as an open source company
+
+During YC's three-month bootcamp, your goal is simple. Make meaningful progress.
+
+In our batch, we met a company that made powdered breast milk. Multiple hospital networks as customers and $150k+ of MRR. Their problems were scaling production and FDA approval.
+
+Firezone, our company, had launched a few weeks prior on HN. We had no revenue and only a small handful of users.
+
+YC's challenge is to give advice that helps these two companies and everything in between.
+
+Open-source security is a relatively new category for YC investments. About half of the 240 open-source YC investments made by YC since S05 (17 years ago) were made in the past 2 years. Only 7 are security companies.
+
+During the batch, we had come up with our own interpretation of advice meant for traditional enterprise Saas or B2B freemium software companies. This post is my attempt at sharing what we did and learned in our journey.
+
+## How it all started
+
+As a business guy, I have long felt the business pains of a slow, clunky VPN.
+
+Slow VPN speeds are an eroding pain. One that makes every task 10% slower. Like loading my Kibana dashboard, and having to wait an extra few seconds, so I go check my email or my phone. A 2 second wait that triggers a few minutes of lost productivity. A hiccup of 1 minute at the start of every zoom call that throws off all the prep I had coming into it. “How does my mic sound?”.
+
+Big pains come from blockers. Halting the onboarding of a new contractor because our internal resources have not been segmented for least privilege. The contractor needs to build a website, but would get access to customer data and network access to production servers. There was no way we'd adopt a new tool for just this problem. In a past company we spent weeks installing a firewall appliance
+
+When I met my co-founder Jamil last summer, he showed me a solution to these problems. A new faster VPN protocol called WireGuard (read more about that here) and a modern UX built for end users. One that's easy to self-serve for IT admins, SREs, and DevOps engineers.
+
+The latter may seem like a silly differentiator, but it isn't. In the past software was sold top-down to large companies. The buyer was often not the user, so products with a laundry list of features won. They checked all the boxes.
+
+In fact, for many of Firezone's users, a VPN was a checkbox. A feature that came with their legacy firewall that's cumbersome to deploy and configure. Not to mention that firewall is now sitting in an empty office as employees move to remote work.
+
+This wasn't apparent to us at the beginning, but after we posted our project to HN, we quickly realized technical IT staff needed a product like Firezone.
+
+## Why open-source?
+
+Firezone is core IT infrastructure. It deals with network security and cryptography, and runs in pretty sensitive environments. On your employee's laptops and behind firewalls on your servers. Private data about your company and customers flow through our gateways and apps. And with remote work, almost every employee relies on it to get work done.
+
+We don't expect many organization to run such critical software without knowing what's in it.
+
+We also don't expect all organizations to leave control of their network to a third party. One that can experience outages, be targeted by hackers, or even snoop on your data themselves.
+
+So we leave it all open for you to see and make it easy to host yourself.
+
+Of course, there are other benefits of building in the open. We hired world class engineers, but with such a complex product mistakes can happen. More eyes on our code means vulnerabilities are spotted and resolved faster. As we've grown, we are even getting contributions from the community.
+
+## Why Y Combinator?
+
+After our ShowHN, a long list of feature requests appeared in our GitHub repo. A list we couldn't close alone. At least not within a reasonable amount of time.
+
+For a new product with no revenue (yet), VC funding seemed to fit. It would allow us to create something for the community and in parallel investigate the right model to build a sustainable business. As first time founders, YC seemed like a good fit. After all, they helped GitLab and Mattermost get off the ground.
+
+A brief summary for those that don't know. For a stake in your company, YC offers 3 things: capital, advice, and community.
+
+When we accepted the invitation, YC's investment was $125k for 7% of our company. A few weeks into the batch we were offered an additional $375k as an uncapped MFN safe. Lucky us! You can read more about it here.
+
+Advice comes in the form of interactive workshops and long-form posts. They are invaluable resources and often come with snappy titles, like “how not to fail”.
+
+Community is YC's magic. Thousands of past founders who can make introductions to investors, give advice, and even become users of your product. They can help you understand what “how not to fail” should mean to an open-source security company. Same with general advice on setting metrics, talking to users, and pricing.
+
+Here's some of our learnings.
+
+## Should I collect telemetry?
+
+As a VC backed-startup, probably yes.
+
+Even with a crystal ball on what users want, metrics can still help identify reliability issues and add insight to reported bugs.
+
+From a business point of view, they tell you who and how many people like your product and which features are getting used.
+
+It's a great way to focus the team on what matters.
+
+Best of all when the data-points start lining up like a hockey stick, it can get you the funding you need to build a great product.
+
+YC's advice is to set a primary metric that accurately captures the value you're delivering to users. This primary metric should be paired with secondary metrics that drive the primary metric and you can actionably move and iterate on.
+
+In case you're curious, we've set users in production as our primary metric. Our secondary metrics help add context to the growth.
+
+For example, here are 3 different graphs of our progress near demo day. Our star count, number of live instances, and number of devices. Each graph tells a slightly different story. Star count shows growing awareness in the open-source community. Instances show steady growth in actual adoption. Number of users tell us more about the deployments of Firezone. Since it outpaced the growth of instances, we knew larger teams were adopting Firezone over time and existing deployments were growing inside organizations.
+
+![](https://user-images.githubusercontent.com/52545545/207409346-27c11ed2-9660-4c7a-af7b-f286ffac3dd0.png)
+
+So, how do you measure usage? Not as simple as you think.
+
+For most software products, telemetry is a small script in the header of your website and an annoying cookie banner. Sometimes it's also a few lines of code sprinkled through the backend. Most users expect to be tracked by the hosted services they use. They may not like it, but they generally won't fuss about it.
+
+Open-source is different.
+
+Though it's getting more common, not everyone expects a self-hosted open-source project to report their usage. We had to be careful what we tracked, how we anonymized it, and how we communicate it to users.
+
+We spoke to a few other open source companies we respected. Here's the advice we received.
+
+- Explain why you do it: Document what you track, how it's stored, and what you use it for. We took heavy inspiration from companies like Mattermost and made our own page in our documentation.
+- Make it clear and easy to opt-out: To make it simple for users, we created a deployment script that streamlines the install process. In the script we explicitly ask for permission and make it easy to switch off later directly in the UI.
+- Don't unnecessarily expose user data to third parties: Those annoying cookie banners on websites you visit generally mean one thing. You're being tracked, and your information is being sent to third party tools like CRMs and ad platforms. If you've signed up for an account and checked the box for terms and conditions, you're agreeing to that as well. With Firezone, we try to use open-source and self-hosted products whenever possible. This includes our telemetry platform as well.
+
+So, now we know about users in aggregate.
+
+But, our product is early and legacy VPNs are painful in many ways. We need more information to prioritize what to build first. The best way to do that is by talking to users.
+
+## We don't know who our users are
+
+“Write code and talk to users” is consistently echoed during YC.
+
+A great summary why is in “do things that don't scale”. I recommend reading the article, but it boils down to this:
+
+You often build the initial product for yourself. The MVP is usually not good enough - it's never quite right. You should get it in front of users as soon as it provides utility so you can get feedback to iterate and improve.
+
+The average user of Firezone is technical. Usually a system admin, IT manager, or DevOps engineer. They're fully capable of setting up Firezone and reading our docs to figure out what the product can do.
+
+We get frequent GitHub issues and Discourse posts pointing at issues or desired features. Sometimes they'll even fix it for us!
+
+However, Firezone does not require a valid email to sign up. It's hosted entirely on your infrastructure. It would be weird to lock anything behind a signup.
+
+I would be equally distasteful to hijack discussions with requests for a user interview.
+
+So, to generate more conversations, we increased the surface area of how users can reach us. It's important to note who you're getting feedback from as well. Often for developer facing products, the person that's deploying the product is not the person who decides what to use, what the budget is, or even the only one benefiting from it.
+
+Firezone ties into security playbooks, compliance requirements, hiring plans for contractors globally, and risk planning from risk departments.
+
+Here's how we're currently reaching them:
+Source	Types of conversations	Who we speak with
+Install script email (opt-in)	Deployment issues	ICs, IT Managers
+Slack Group and Discourse threads	Deployment and configuration issues	ICs, IT Managers
+GitHub issues	Feature requests	ICs, IT Managers, IT Leaders
+Inbound sales leads	Required functionality, pricing discussions 	CTO, CISO, IT Leaders
+Outbound leads	Problem discovery, product roadmap planning	CTO, CISO, IT Leaders
+
+One example of why it's important to dig deeper involves a request to “load a custom logo”. When we got on a Zoom call, we would uncover a group of re-sellers who want to white-label our product with their clients. Turns out they have other requirements they'd be happy to pay for if we had them.
+
+These conversations helped make the product better and form our view on our business model.
+
+This leads into the final piece of advice from YC, pricing.
+
+## Paying user feedback > free users
+
+Figuring out your pricing model and generating meaningful revenue is the great filter between early MVPs and successful companies.
+
+The main question however is when.
+
+With limited resources, generating revenue is almost always a tradeoff. Less growth, slower development of features, and the potential to ruin a perfectly good story for investors. Queue Silicon Valley:
+
+<iframe width="560" height="315" src="https://www.youtube.com/embed/BzAdXyPYKQo" title="YouTube video player" frameborder="0" allow="accelerometer; autoplay; clipboard-write; encrypted-media; gyroscope; picture-in-picture" allowfullscreen></iframe>
+
+So, when to figure out revenue?
+
+For B2B software, the answer should probably be “right now”.
+
+Steering early user conversations toward pricing tells you if the product is viable and solves a big enough pain. YC echoes this advice.
+
+A startup I previously worked at, Kite, failed partly because we punted the question of “will people pay?” too many times. It was an AI powered co-pilot, an early iteration of GitHub Copilot.
+
+When we finally tried, it was clear the product needed to evolve to generate meaningful revenue. By the time we realized that, it was too late. Adam, the founder of Kite and an investor in Firezone, recently open-sourced the codebase and wrote a great post-mortem:
+
+https://www.kite.com/blog/product/kite-is-saying-farewell/
+
+For self-hosted open-source software the answer is not as clear.
+
+[As a self-hosted security product, layering feature gating logic into the core product is problematic. Feature flags are complex to write, and even harder to maintain as our product evolves. Being critical infrastructure for remote work, we also don't want your company to come to a halt when your credit card expires. There's more to say here, but I'll leave this to a future deep-dive from my co-founder, Jamil.]
+
+So, similar to other successful open-source projects, our early goal was to grow the community. During YC we focused on building out the core parts of our platform, driving adoption, and optimizing for learning from our users. One of things we wanted to learn was how to build a business around Firezone.
+
+As usage grew, a pattern emerged when talking to users. Our largest deployments all started with an individual spinning Firezone up without ever speaking to us.
+
+As usage grew, they reached out to inquire about additional features and services.
+
+As we continue to develop our pricing model, we want to ensure the following:
+- Individuals and hobbyists can use Firezone for free
+- Small teams can use Firezone for free (if they support it themselves)
+- Large organizations can run a PoC without any calls with sales
+
+If this sounds familiar, it's similar to how GitLab thinks about their pricing. We're obviously big fans.
+
+## Paying it forward (still writing this part...)
+
+[not sure how to end this]
+
+- https://a16z.com/2019/10/04/open-source-from-community-to-commercialization/
diff --git a/www/blog/_2023-02-13-ebpf-firewall/index.mdx b/www/blog/_2023-02-13-ebpf-firewall/index.mdx
new file mode 100644
index 000000000..37b255358
--- /dev/null
+++ b/www/blog/_2023-02-13-ebpf-firewall/index.mdx
@@ -0,0 +1,544 @@
+---
+slug: ebpf-firewall
+title: How We Built an eBPF-based General Purpose Packet Filter
+authors: [conectado]
+tags: [ebpf, firewall, rust, aya]
+---
+
+## Introduction
+
+As part of our migration to multi-site in Firezone the VPN and Firewall were rewritten in Rust. As part of that rewrite we decided to improve how we were handling the firewall.
+
+In the past we were using [nftables](https://netfilter.org/projects/nftables/), the way we did this was shelling-out to the console and use the nft cli.
+
+This has a number of problems, for one shelling out can be prone to error, inefficient and hard to unit-test, also there's no Rust lib to call into nftables and even the existing libraries in C can be too complicated to use. Furthermore, we were limited to nft's data structure which meant doing a lot of work to not mess up the rules, this in turn made doing improvements really slow.
+
+So after a lot of consideration we decided that creating our own firewall using [ebpf](https://ebpf.io/).
+
+## eBPF
+
+We will briefly go into what eBPF is, however If you want a more detailed introduction you can take a look at [the official introduction](https://ebpf.io/what-is-ebpf).
+
+### What is eBPF
+
+eBPF stands for extended Berkeley Packet Filter, which is an upgrade from BPF(Berkely Packet Filter), while eBPF brings a lot of improvements over BPF the gist is the same, run user-defined packet-filtering code inside of the kernel as part of the packet processing pipeline.
+
+This is an oversimplification because eBPF programs can be hooked into multiple different events in the kernel but for our intent and purposes, we just want to hook into the packet-classifier pipeline.
+
+
+### How the kernel safely run user-defined code
+
+eBPF has its own ISA and there is a runtime for said ISA in the kernel (JIT'd), the instructions allows calling into parts of the kernel that we might need and gives us the necessary context to process a given packet.
+
+Furthermore, to prevent crashes in the kernel and hogging out resources before an eBPF program gets loaded into the kernel it goes through a verification process, a verificator program sets a bunch of limitations to the program to prevent situations like infinite loops and crashes:
+
+* It sets an upper-bound for the number of times a loop within the code can run (or strictly prohibits them in older kernel versions).
+* An upper-bound in the number of instructions the program can execute in total.
+* Keeps tracks of read/writes to know that you are using valid memory locations.
+
+To know the specifics of how it works, you should take a look at the [kernel's doc](https://www.kernel.org/doc/Documentation/networking/filter.txt) and even more in details you can take a look at [cillium's docs](https://docs.cilium.io/en/stable/bpf/#bpf-guide).
+
+### Packet pipeline
+
+Without getting into the specific an eBPF program can be hooked into different hooks on the packet processing pipeline for the linux kernel. eBPF allows hooking into [XDP](https://www.iovisor.org/technology/xdp) which runs just after the packet reached the NIC. However, [XDP doesn't support Wireguard](https://lore.kernel.org/netdev/20200813195816.67222-1-Jason@zx2c4.com/T/) since wireguard doesn't have L2 headers, for more info on this see [this fly.io blogpost](https://fly.io/blog/bpf-xdp-packet-filters-and-udp/#xdp).
+
+Fret not, for eBPF can also hook into the network's [TC Ingress](https://man7.org/linux/man-pages/man8/tc-bpf.8.html) that doesn't make any assumption about the packet's header.
+
+### Maps
+
+Maps are the kernel structures that enables us to share data between the eBPF kernel program and a user-space program. Maps, as their name suggest allow us to store relations as `Key -> Value` the types of maps offered by eBPF is limited however there are a lot of them. For our use case we just need to concern us with [trie](https://github.com/torvalds/linux/blob/master/kernel/bpf/lpm_trie.c) and hash maps.
+
+Again I reffer to [cillium's documentation](https://docs.cilium.io/en/v1.12/bpf/#maps) for more information.
+
+### TL;DR
+
+eBPF is an ISA and its corresponding implementation for user-defined programs that run in the kernel that we used for filtering packets, however, the programs we can run have some severe limitations so that they don't crash the kernel.
+
+## Firewall
+
+With this in mind we wanted to write a Firewall that can allow/deny traffic based on the following:
+
+- Destination CIDR
+- Possibly multiple sender IPs
+- Possibly a port-range along associated with UDP, TCP or both
+
+We took an additional simplification to make the implementation easier(we will see why further along), you can configure the firewall to allow all or deny all, then when a packet match a rule it'd invert that behavior:
+> A firewall that denies all traffic with a rule for destination `10.20.30.40`, would deny all traffic from all sources to all destinations except for traffic for `10.20.30.40` from any destination.
+
+### Aya
+
+When implementing the firewall in Rust two possible libraries:
+
+- [aya](https://github.com/aya-rs/aya)
+- [redbpf](https://github.com/foniod/redbpf)
+
+`redbpf` relies on bindings to `libbpf` while `aya` only relies on `libc`, also, aya's tooling seems to be easier to use and it uses cargo's target for ebpf instead of relying on `cargo bpf` which is easier when writing the Firewall as a library.
+
+So taking that into account we went with `aya`.
+
+Normally, the way an aya program is structured: we have a user-space crate that loads the eBPF program and is a proxy between it and the user and a crate that targets eBPF which has more limitations(such as being `no-std`).
+
+Aya normally expects to be run as a binary and not as a library or as a separate userspace/bpf library, so we needed to do some tuning for the template to be able to run it as we wanted, a single library crate that you include.
+
+More about how we did this in a separate blogpost.
+
+### Architecture
+
+** TODO: ** Add diagrams
+
+So, with this information, we can plan an architecture.
+
+Thinking about the steps how ideally, the firewall would work:
+
+1. A packet arrives
+2. The source is classified into a `user_id` if any
+3. Check existing rules if match
+4. Decide REJECT/ACCEPT action based on previous step
+
+Let's go over how we can achieve this.
+
+### The anatomy of a rule
+
+As we said before a rule has 3 components
+
+- Associated `user_id`
+- Destination CIDR
+- Destination Port Ranges
+
+The `user_id` is an arbitrary name, the idea is that a single rule can associate multiple source ips, so we can associate a rule with an `id` and then we can update the `id` association with multiple ips during runtime.
+
+Rules need to be stored in eBPF's maps, that way we can update the maps during run-time from userspace to be able to update the rules.
+
+And we need to be able to lookup those maps using information from the incoming packets.
+
+The way we did this is having the following maps:
+
+- `SOURCE_MAP`: A hashmap mapping source ips to `id`s
+- `RULE_MAP`: A trie mapping CIDR to port ranges
+
+** Note: ** There is actually an ipv6 and ipv4 version for both of those maps, so we have 4 maps in total.
+
+### `SOURCE_MAP`
+
+The `SOURCE_MAP` is really simple, we store the mapping IP -> ID, so we can associate let's say IP `10.10.10.3` and `10.10.10.4` with id `4` and `10.1.1.5` with id `7`. Now when a packet comes from `10.10.10.4` we lookup the map and get `4` and for `10.1.1.5` we get `7`.
+
+### `RULE_MAP`
+
+[Tries](https://en.wikipedia.org/wiki/Trie) are prefix-matching trees, they let us efficiently store and lookup ranges grouped by prefix. For ips this is exactly how [CIDR](https://en.wikipedia.org/wiki/Classless_Inter-Domain_Routing) works.
+
+The nodes in the trie tree correspond to a an ip and a prefix, so `10.5.8.0/24` corresponds to to the bits of `10.5.8.0` and 24 bits so that node would match with `10.5.8.0` to `10.5.8.255` but if you store `10.5.8.128/25` that'd match with `10.5.8.128` to `10.5.8.255`.
+
+Both nodes, `10.5.8.0/24 and `10.5.8.128/25`, could be stored but the `lookup` method in the `trie` only allows us to find the node with the most specific match. so `10.5.8.110` would match with `10.5.8.0/24` and `10.5.8.170` would match with `10.5.8.128/25` but we would never learn that it also match with `10.5.8.0/24`.
+
+So a trie would give us a way to associate CIDR with... something? The question is what's this "something".
+
+Well, we don't need an action, since we know the action is just inverting the default one. What we still lack to know if the rule matches is a port-range(With its protocol) and the associated `id`.
+
+However, if we store multiple rules, all associated with the same destination IP we would need to lookup all the rules for each packet and this is incredibly inefficient. But there's a solution, we can easily store the ID and protocol in the key!
+
+So instead of storing as the key `10.5.8.0/24` and when we do lookup we get all the other data we store as the key `6.TCP.10.5.8.0` and the prefix instead of 24 is 33, 4 extra bytes for the id, 1 for the protocol(We use the protocol number).
+
+If this is still unclear we will see more when we discuss the specific of the code, just know that we store the id and protocol as part of the key, so we can compose the number `id.protocol.ip` with the prefix and look that up.
+
+The result value will be the port range, which we have to map to the port of the incoming packet, we will talk more about how we do this below.
+
+For sources with no id we use `0` as the id. For non-TCP/UDP packets, we store the rule in both the TCP and UDP key and look up TCP(arbitrarily) but only match for port 0 (which we use to encode all ports), for rules with both protocols, we store the rule twice once for TCP and once for UDP.
+
+### Another look at the ip matching
+
+Let's look again at the steps when a packet arrives:
+
+1. Packet arrives
+2. Lookup destination IP get an ID or use 0
+3. Create the lookup key (ID.PROTOCOL.DESTINATION_IP)
+4. Use the lookup key to get the port ranges
+5. Lookup the port in the port ranges
+6. REJECT/ACCEPT based on that
+
+Basically, this is a high-level on how the ebpf side works. Now, let's take a look at the userspace-side.
+
+### Userspace
+
+Now that we know how we access the rules let's see how we need to store them from userspace.
+
+Remember, that the Trie map provided by the kernel, for search, only have its lookup method that let us know the longest prefix. So let's think about this scenario:
+
+We store these rules:
+
+```
+10.0.0.0/24 port 80 Allowed
+10.0.0.1/32 port 23 Allowed
+```
+
+now a packet comes from 10.0.0.1 with port 80, and we use the Trie lookup method to see if it's allowed, the lookup method returns all the ports from the longest prefix, meaning port 23 is allowed but the packet has port 80 so it's denied.
+
+This is of course, erroneous because IP `10.0.0.1` is part of range `10.0.0.0/24` which has port 80 is allowed. So what do we do about this? Changing the trie API is impossible without modifying the kernel and even if we submit the PR for that the new API would only be included in the latest kernels.
+
+We could lookup manually each range before deciding an action, so when packet with `10.0.0.1` comes we check `10.0.0.1/32` then `10.0.0.0/31` the `10.0.0.0/30` so on and so on before taking a decision. The performance of this is bad, specially if we are going to do that about each packet.
+
+What we can do, is from userspace present an API that when adding rules, it propagates them to all pertinent ips, so:
+
+If you have:
+
+```
+10.0.0.1/32 port 23 Allowed
+```
+
+and you want to add `10.0.0.0/24 port 80`, the API would automatically propagate it to:
+
+```
+10.0.0.1/32 port 23, 80 Allowed
+10.0.0.0/24 port 80 Allowed
+```
+
+and if you have:
+
+```
+10.0.0.0/24 port 80 Allowed
+```
+
+then you add `10.0.0.1/32 port 23` the api actually updates the rules like:
+
+```
+10.0.0.1/32 port 23, 80 Allowed
+10.0.0.0/24 port 80 allowed
+```
+
+So you see, how the api automatically propagates rules to have a consistent table.
+
+### Port Ranges
+
+## At last, CODE!
+
+With the previous section you should have a clear picture at the architecture of what we built and why but from now on we will **need** to see code.
+
+Will not go over how Aya's API or eBPF code works, hopefully it will be self-evident with the explanations until now enough to understand the gist of it.
+
+### Code structure
+
+We have 3 crates in our repo:
+* Userspace
+* Common (This contains the codebase shared by both)
+* eBPF
+
+From userspace we have the `Firewall` which is the entrypoint for everything. You first initialize and load a firewall by calling `Firewall::new` for a given interface.
+
+The most interesting part is the `RuleTracker` this is an internal struct (which is almost directly exposed by `Firewall` using pass-through methods), this is where the magic happens, userspace `Rule`s are converted into valid eBPF `Rule`, we keep track of them to propagate them and obviously add them to the maps in eBPF.
+
+So let's see how that happens.
+
+### A rule
+
+#### eBPF
+
+So, how does a rule looks in reality:
+
+```rs
+#[repr(C)]
+pub struct RuleStore {
+    // Sorted non-overlapping ranges
+    // bit 0-15: port-start
+    // bit 16-31: port-end
+    rules: [u32; MAX_RULES],
+    rules_len: u32,
+}
+```
+
+Structs in eBPF need to be `repr(C)`, which just means it uses C's ABI, eBPF structs need to be simple array of bytes (with no padding to convince the eBPF verifier that we never read uninitialized memory).
+
+So, let's analyze this struct, this is the value that we are going to store in the map. This only need to be the port-ranges (remember that the key already stores the `id`, `destination`, `protocol`).
+
+So we store the rules as an array of port-ranges. With a range being the inclusive intervals of the port covered by the rule. we use the first 2 bytes for the starting port and the last 2 bytes for the ending port.
+
+Then in `rules_len` we just have the number of rules stored (the rest is padded with 0).
+
+#### Useraspace
+
+From userspace we have many different structs that represent a rule at different stage of processing, these are not complex but we have different parts of the code that require different information for what to do with the rule.
+
+But for user-facing API a rule looks like:
+
+```rs
+pub enum Rule {
+    V4(RuleImpl<Ipv4Net>),
+    V6(RuleImpl<Ipv6Net>),
+}
+```
+
+Alright, not very interesting without knowing how `RuleImpl` looks:
+
+```rs
+pub struct RuleImpl<T> {
+    pub(crate) id: Option<u32>,
+    pub(crate) dest: T,
+    pub(crate) port_range: Option<PortRange>,
+}
+```
+
+So we see that a rule in userspace contains all the information for a rule but the important part is:
+
+```rs
+pub(crate) struct PortRange {
+    pub(crate) ports: RangeInclusive<u16>,
+    pub(crate) proto: Protocol,
+}
+```
+
+Cool! Use rust's `RangeInclusive<T>` to represent ports with `u16` as a port and a `Protocol` (which is just an enum to indicate the kind of rule)
+
+So when we do `Firewall::add_rule(rule)` we need to make it arrive to eBPF with the struct we previously saw.
+
+We also need to propagate correctly like we saw in the previous userspace architecture, so let's walk through how does that work!
+
+#### Translation
+
+So at some point we want to add the `rule` to the eBPF map. For that, we first need to determine the key that we are going to use.
+
+That's easy:
+
+```rs
+// Convert the id to big endian bytes
+let key_id = id.to_be_bytes();
+
+// Convert the ip to bytes
+let key_cidr = ip.normalize().as_octets();
+let mut key_data = [0u8; N];
+
+// Store in a new `key_data`: protocol.id.ip
+let (left_key_data, cidr) = key_data.split_at_mut(5);
+let (id, prot) = left_key_data.split_at_mut(4);
+prot[0] = proto;
+id.copy_from_slice(&key_id);
+cidr.copy_from_slice(key_cidr.as_ref());
+
+// Calculate the prefix and return the eBPF key
+Key::new(
+    u32::from(ip.prefix()) + (left_key_data.len() * 8) as u32,
+    key_data,
+)
+```
+
+Cool, this is the key that we are going to insert to the eBPF map
+
+Now we need to calculate the value that we are going to insert.
+
+Remember that the `rule` field in the ebpf `RuleStore` looked like this:
+
+```rs
+    rules: [u32; MAX_RULES],
+```
+
+So we have a maximum number of rules, one reason for this, is that we need to store an array, we can't store a vector (we can't share heap allocations). But this number is also limited by the lookup algorithm.
+
+Remember, that the verifier imposes a limit on the number of times a loop can run, so if we linearly search all ranges we were getting capped at around 1000 intervals we would reach the upper limit on loops, this is okay, this would be enough but we can do better.
+
+If we can somehow sort the port ranges we could do binary search, this means less loop iterations and faster lookup in general. But how to sort it exactly?
+
+This is actually the reason each rule, doesn't have an Accept/Reject instead it only inverts the default behavior, also why we store all UDP rules together and TCP rules together.
+
+To sort, we just need to merge intervals. Merging intervals is a well studied problem that can be done in `O(N)` and since it's from userspace we could afford worse performance.
+
+Mergining intervals just means that from the existing intervals we create a series of new non-overlapping intervals that cover the same area and we sort them.
+
+So `[10-20, 15-30, 6-9]` would become `[6-9, 10-30]`. Then we can do binary search on this interval. We will see below the specific of that but this is the code to get the intervals from a series of port ranges:
+
+
+```rs
+fn resolve_overlap(port_ranges: &mut [&PortRange<T>]) -> Vec<(u16, u16)>
+{
+    let mut res = Vec::new();
+
+    // Sort the ranges by the starting potr
+    port_ranges.sort_by_key(|p| p.ports.ports.start());
+
+    Get the first prot into the result
+    if let Some(range) = port_ranges.first() {
+        res.push((*range.ports.ports.start(), *range.ports.ports.end()));
+    } else {
+        return res;
+    }
+
+    // Go through each range
+    for range in &port_ranges[1..] {
+        let last_res = res
+            .last_mut()
+            .expect("should contain at least the first element of port_ranges");
+
+        // If the new range fall within the last one extend it
+        if last_res.1 >= *range.ports.ports.start() {
+            *last_res = (last_res.0, last_res.1.max(*range.ports.ports.end()));
+        // Otherwise, add a new range
+        } else {
+            res.push((*range.ports.ports.start(), *range.ports.ports.end()));
+        }
+    }
+
+    res
+}
+```
+
+As you see doing this is really easy. We still need to do some small work to get it from `Vec<(u16, u16)>` to  `[u32; RULE_MAX]` but you can imagine it's pretty trivial.
+
+### Propagating Rules
+
+Then the last interesting part from userspace is how to propagate the rules.
+
+So when you insert a new rule, you need to keep track of all the rules that would include it, since when a lookup happen it would return the new rule because it's more specific. So basically the gist is traverse all rules and include all the port ranges from those "above" in the new rule.
+
+```rs
+(The code here requires a lot of context on the specifics of how we did this but it's nothing interesting, check if you can rewrite it in a "context-free" way)
+```
+
+And then there could be more specific rules that are included in the new rule, you need to propagate the new rule (the port-range) to those.
+
+```rs
+(The code here requires a lot of context on the specifics of how we did this but it's nothing interesting, check if you can rewrite it in a "context-free" way)
+```
+
+### eBPF Rule lookup
+
+
+When a packet arrives we first extract the network headers (source, destination, protocol and port).
+
+```rs
+    let (source, dest, proto) = load_ntw_headers(&ctx, version)?;
+    let port = get_port(&ctx, version, proto)?;
+    let class = source_class(source_map, source);
+    let action = get_action(class, dest, rule_map, port, proto);
+```
+
+Then, we get the source id:
+
+```rs
+unsafe fn source_class<const N: usize>(
+    source_map: &HashMap<[u8; N], u32>,
+    address: [u8; N],
+) -> Option<[u8; 4]> {
+    source_map.get(&address).map(|x| u32::to_be_bytes(*x))
+}
+```
+Then we try to calculate what action we should take:
+
+```rs
+fn get_action<const N: usize, const M: usize>(
+    group: Option<[u8; 4]>,
+    address: [u8; N],
+    rule_map: &LpmTrie<[u8; M], RuleStore>,
+    port: u16,
+    proto: u8,
+) -> i32 {
+    let proto = if port == 0 { TCP } else { proto };
+    let default_action = get_default_action();
+
+    let rule_store = rule_map.get(&Key::new((M * 8) as u32, get_key(group, proto, address)));
+    if is_stored(&rule_store, port) {
+        return invert_action(default_action);
+    }
+
+    if group.is_some() {
+        let rule_store = rule_map.get(&Key::new((M * 8) as u32, get_key(None, proto, address)));
+        if is_stored(&rule_store, port) {
+            return invert_action(default_action);
+        }
+    }
+
+    default_action
+}
+```
+
+Here we try to extract the action from the existing map, we get the `RuleStore` by constructing the key corresponding to that packet:
+
+```rs
+fn get_key<const N: usize, const M: usize>(
+    group: Option<[u8; 4]>,
+    proto: u8,
+    address: [u8; N],
+) -> [u8; M] {
+    let group = group.unwrap_or_default();
+    let mut res = [0; M];
+    let (res_left, res_address) = res.split_at_mut(5);
+    let (res_group, res_proto) = res_left.split_at_mut(4);
+    res_group.copy_from_slice(&group);
+    res_proto[0] = proto;
+    res_address.copy_from_slice(&address);
+    res
+}
+```
+And most importantly we lookup in the rulestore if the `port` that arrived exists.
+
+```rs
+    pub fn lookup(&self, val: u16) -> bool {
+        // 0 means all ports
+        if self.rules_len > 0 {
+            // SAFETY: We know that rules_len < MAX_RULES
+            if start(*unsafe { self.rules.get_unchecked(0) }) == 0 {
+                return true;
+            }
+        }
+
+        // We test for 0 in all non tcp/udp packets
+        // it's worth returning early for those cases.
+        if val == 0 {
+            return false;
+        }
+
+        // Reimplementation of partition_point to satisfy verifier
+        let mut size = self.rules_len as usize;
+        // appeasing the verifier
+        if size >= MAX_RULES {
+            return false;
+        }
+        let mut left = 0;
+        let mut right = size;
+        #[cfg(not(feature = "user"))]
+        let mut i = 0;
+        while left < right {
+            let mid = left + size / 2;
+
+            // This can never happen but we need the verifier to believe us
+            let r = if mid < MAX_RULES {
+                // SAFETY: We are already bound checking
+                *unsafe { self.rules.get_unchecked(mid) }
+            } else {
+                return false;
+            };
+            let cmp = start(r) <= val;
+            if cmp {
+                left = mid + 1;
+            } else {
+                right = mid;
+            }
+            size = right - left;
+
+            #[cfg(not(feature = "user"))]
+            {
+                i += 1;
+                // This should never happen, here just to satisfy verifier
+                if i >= MAX_ITER {
+                    return false;
+                }
+            }
+        }
+
+        if left == 0 {
+            false
+        } else {
+            let indx = left - 1;
+            if indx >= MAX_RULES {
+                return false;
+            }
+            // SAFETY: Again, we are already bound checking
+            end(*unsafe { self.rules.get_unchecked(indx) }) >= val
+        }
+    }
+```
+
+If 0 is included we consider it to be "all ports".
+
+Otherwise we basically do binary search on the starting port to see the maximum starting port that is less than the port we are checking for and then we check for the ending port to see if it's more than the port we are checking.
+
+Binary search for the maximum that keeps a predicate as true is an algorithm that already exists in Rust called partition point, we needed to reimplement it to make it compatible with eBPF due to the verifier limitations.
+
+## Conclusion
+
+ebpf is awesome but complicated! (something along those lines) and future for firezone rearchitecture and check it out!
diff --git a/www/blog/authors.yml b/www/blog/authors.yml
new file mode 100644
index 000000000..189b7469c
--- /dev/null
+++ b/www/blog/authors.yml
@@ -0,0 +1,16 @@
+jamil:
+  name: Jamil Bou Kheir
+  title: Co-founder
+  url: https://github.com/jamilbk
+  image_url: https://www.gravatar.com/avatar/3c8434814eec26026718e992322648c8
+
+jason:
+  name: Jason Gong
+  title: Co-founder
+  url: https://github.com/gongjason
+  image_url: https://www.gravatar.com/avatar/d688e2280a36287f61c4426334dce065
+
+conectado:
+  name: Gabriel Steinberg
+  title: Senior Rust Engineer
+  url: https://github.com/conectado
diff --git a/www/docs/README.mdx b/www/docs/README.mdx
index eff96b975..a7ccb391c 100644
--- a/www/docs/README.mdx
+++ b/www/docs/README.mdx
@@ -3,7 +3,7 @@ title: Overview
 sidebar_position: 1
 ---
 
-[Firezone](https://www.firezone.dev/?utm_source=docs.firezone.dev) is an open-source secure remote access
+[Firezone](/) is an open-source secure remote access
 platform that can be deployed on your own infrastructure in minutes.
 Use it to **quickly and easily** secure access to
 your private network and internal applications from an intuitive web UI.
@@ -15,28 +15,28 @@ These docs explain how to deploy, configure, and use Firezone.
 ## Quick start
 
 1. [Deploy](deploy): A step-by-step walk-through setting up Firezone.
-  Start here if you are new.
+   Start here if you are new.
 1. [Authenticate](authenticate): Set up authentication using local
-  email/password, OpenID Connect, or SAML 2.0 and optionally enable
-  TOTP-based MFA.
+   email/password, OpenID Connect, or SAML 2.0 and optionally enable
+   TOTP-based MFA.
 1. [Administer](administer): Day to day administration of the Firezone
-  server.
+   server.
 1. [User Guides](user-guides): Useful guides to help you learn how to use
-  Firezone and troubleshoot common issues. Consult this section
+   Firezone and troubleshoot common issues. Consult this section
    after you successfully deploy the Firezone server.
 
 ## Common configuration guides
 
 1. [Split Tunneling](./user-guides/use-cases/split-tunnel):
-  Only route traffic to certain IP ranges through the VPN.
+   Only route traffic to certain IP ranges through the VPN.
 1. [Setting up a NAT Gateway with a Static IP](./user-guides/use-cases/nat-gateway):
-  Configure Firezone with a static IP address to provide
-  a single egress IP for your team's traffic.
+   Configure Firezone with a static IP address to provide
+   a single egress IP for your team's traffic.
 1. [Reverse Tunnels](./user-guides/use-cases/reverse-tunnel):
-  Establish tunnels between multiple peers.
+   Establish tunnels between multiple peers.
 
-import SupportOptions from '@site/src/partials/_support_options.mdx';
-<SupportOptions />
+import SupportOptions from "@site/src/partials/_support_options.mdx";
+<SupportOptions />;
 
 ## Contribute to firezone
 
diff --git a/www/docs/administer/backup.mdx b/www/docs/administer/backup.mdx
index ae9f1de8e..cf5aaa934 100644
--- a/www/docs/administer/backup.mdx
+++ b/www/docs/administer/backup.mdx
@@ -17,7 +17,7 @@ running Firezone instance will **most likely** result in data loss when restored
 you have been warned.
 
 After stopping Firezone, backing up Firezone is mostly a matter of copying the relevant
-[files and directories](/reference/file-and-directory-locations/) to a location of your
+[files and directories](/docs/reference/file-and-directory-locations/) to a location of your
 choosing.
 
 See the steps below for specific examples for Docker and Omnibus.
@@ -33,11 +33,14 @@ directory along with the Postgres data directory, typically located at
 Docker compose template.
 
 1. Stop Firezone (warning: this **will** disconnect any users connected to the VPN):
+
 ```
 docker compose -f $HOME/.firezone/docker-compose.yml down
 ```
+
 2. Copy relevant files and folders. If your made any customizations to `/etc/docker/daemon.json`
-(for example, for IPv6 support), be sure to include that in the backup as well.
+   (for example, for IPv6 support), be sure to include that in the backup as well.
+
 ```
 tar -zcvfp $HOME/firezone-back-$(date +'%F-%H-%M').tgz $HOME/.firezone /var/lib/docker/volumes/firezone_postgres-data
 ```
@@ -47,10 +50,13 @@ A backup file named `firezone-back-TIMESTAMP.tgz` will then be stored in `$HOME/
 ### Restore
 
 1. Copy the files back to their original location:
+
 ```
 tar -zxvfp /path/to/firezone-back.tgz -C / --numeric-owner
 ```
+
 2. Optionally, enable Docker to boot on startup:
+
 ```
 systemctl enable docker
 ```
@@ -61,10 +67,13 @@ systemctl enable docker
 ### Backup
 
 1. Stop Firezone (warning: this **will** disconnect any users connected to the VPN):
+
 ```
 firezone-ctl stop
 ```
+
 2. Copy relevant files and folders:
+
 ```
 tar -zcvfp $HOME/firezone-back-$(date +'%F-%H-%M').tgz /var/opt/firezone /opt/firezone /usr/bin/firezone-ctl /etc/systemd/system/firezone-runsvdir-start.service /etc/firezone
 ```
@@ -74,10 +83,13 @@ A backup file named `firezone-back-TIMESTAMP.tgz` will then be stored in `$HOME/
 ### Restore
 
 1. Copy the files back to their original location:
+
 ```
 tar -zxvfp /path/to/firezone-back.tgz -C / --numeric-owner
 ```
+
 2. Reconfigure Firezone to ensure configuration is applied to the host system:
+
 ```
 firezone-ctl reconfigure
 ```
@@ -85,5 +97,5 @@ firezone-ctl reconfigure
 </TabItem>
 </Tabs>
 
-import SupportOptions from '@site/src/partials/_support_options.mdx';
-<SupportOptions />
+import SupportOptions from "@site/src/partials/_support_options.mdx";
+<SupportOptions />;
diff --git a/www/docs/administer/debug-logs.mdx b/www/docs/administer/debug-logs.mdx
index 17b409a8e..31e840933 100644
--- a/www/docs/administer/debug-logs.mdx
+++ b/www/docs/administer/debug-logs.mdx
@@ -13,7 +13,7 @@ This article is written for Docker based deployments of Firezone.
 Docker deployments of Firezone consist of 3 running containers:
 
 | Container | Function      | Example logs                                  |
-|-----------|---------------|-----------------------------------------------|
+| --------- | ------------- | --------------------------------------------- |
 | firezone  | Web portal    | HTTP requests received and responses provided |
 | postgres  | Database      |                                               |
 | caddy     | Reverse proxy |                                               |
@@ -32,7 +32,7 @@ See additional options of the `docker compose logs` command
 :::note
 Audit logs are in early Beta on the Enterprise plan. These track configuration
 changes by admins and network activity by users.
-[Contact us](https://www.firezone.dev/contact/sales?utm_source=docs.firezone.dev)
+[Contact us](/sales)
 to learn more.
 :::
 
@@ -51,11 +51,11 @@ to collect information from running containers and services.
 
 Examples of popular plugins, configurations, and use cases are:
 
-* Export container logs to your SIEM or observability platform (i.e.
-[Splunk](https://docs.docker.com/config/containers/logging/splunk/)
-or
-[Google Cloud Logging](https://docs.docker.com/config/containers/logging/gcplogs/)
-)
-* Enable log rotation and max file size.
-* [Customize log driver output](https://docs.docker.com/config/containers/logging/log_tags/)
-with tags.
+- Export container logs to your SIEM or observability platform (i.e.
+  [Splunk](https://docs.docker.com/config/containers/logging/splunk/)
+  or
+  [Google Cloud Logging](https://docs.docker.com/config/containers/logging/gcplogs/)
+  )
+- Enable log rotation and max file size.
+- [Customize log driver output](https://docs.docker.com/config/containers/logging/log_tags/)
+  with tags.
diff --git a/www/docs/administer/migrate.mdx b/www/docs/administer/migrate.mdx
index 371b86def..b9bb0d9a6 100644
--- a/www/docs/administer/migrate.mdx
+++ b/www/docs/administer/migrate.mdx
@@ -35,23 +35,25 @@ Estimated time to complete: **2 hours**.
 ## Steps to migrate
 
 1. **Back up** your server. This ensures you have a working state to roll back to
-in case anything goes terribly wrong. At a _bare minimum_ you'll want to back up the
-[file and directories Firezone uses
-](/reference/file-and-directory-locations/), but we recommend taking a full
-snapshot of your VPS if possible.
+   in case anything goes terribly wrong. At a _bare minimum_ you'll want to back up the
+   [file and directories Firezone uses
+   ](/docs/reference/file-and-directory-locations/), but we recommend taking a full
+   snapshot of your VPS if possible.
 1. Ensure you're running the latest version of Firezone. See our [upgrade guide
-](/administer/upgrade/) if not.
+   ](/docs/administer/upgrade/) if not.
 1. Install the latest version of [**Docker**
-](https://docs.docker.com/engine/install/) and [Docker Compose
-](https://docs.docker.com/compose/install/linux/#install-compose)
-for your OS. **Docker Compose version 2 or higher is required**.
-We recommend using Docker Server for Linux. Docker Desktop will work too, but is not
-preferred for production use cases at this time because it rewrites packets under
-some conditions and may cause unexpected issues with Firezone.
+   ](https://docs.docker.com/engine/install/) and [Docker Compose
+   ](https://docs.docker.com/compose/install/linux/#install-compose)
+   for your OS. **Docker Compose version 2 or higher is required**.
+   We recommend using Docker Server for Linux. Docker Desktop will work too, but is not
+   preferred for production use cases at this time because it rewrites packets under
+   some conditions and may cause unexpected issues with Firezone.
 1. Download and run the migration script:
+
 ```bash
 bash <(curl -fsSL https://github.com/firezone/firezone/raw/master/scripts/docker_migrate.sh)
 ```
+
 This will ask you a few questions, then attempt to migrate your installation to
 Docker. If all goes well, your Firezone instance should be running with Docker, data intact.
 
@@ -65,9 +67,8 @@ docker-compose down
 sudo firezone-ctl start
 ```
 
-If you've found a bug, please [open a GitHub issue](
-https://github.com/firezone/firezone/issues) with the error output and
+If you've found a bug, please [open a GitHub issue](https://github.com/firezone/firezone/issues) with the error output and
 any steps needed to reproduce.
 
-import SupportOptions from '@site/src/partials/_support_options.mdx';
-<SupportOptions />
+import SupportOptions from "@site/src/partials/_support_options.mdx";
+<SupportOptions />;
diff --git a/www/docs/administer/troubleshoot.mdx b/www/docs/administer/troubleshoot.mdx
index 1f5d95791..0c63feebb 100644
--- a/www/docs/administer/troubleshoot.mdx
+++ b/www/docs/administer/troubleshoot.mdx
@@ -83,9 +83,9 @@ In most cases, you'll find clues in one or more of the following locations:
 <Tabs>
 <TabItem value="omnibus" label="Omnibus">
 
-* Your browser's developer tool logs, specifically the `Network` tab.
-* `sudo firezone-ctl tail nginx`
-* `sudo firezone-ctl tail phoenix`
+- Your browser's developer tool logs, specifically the `Network` tab.
+- `sudo firezone-ctl tail nginx`
+- `sudo firezone-ctl tail phoenix`
 
 If the websocket connection is successful, you should see output in the
 `phoenix` service logs similar the following:
@@ -185,13 +185,13 @@ sudo firezone-ctl create-or-reset-admin
 
 ## Re-enable local authentication via CLI
 
-If you've configured an [OIDC](/authenticate/oidc/) or [SAML](/authenticate/saml/)
+If you've configured an [OIDC](/docs/authenticate/oidc/) or [SAML](/docs/authenticate/saml/)
 provider, you can consider disabling local authentication for additional security.
 
 If, however, issues arise with your identity provider integration, it's possible you
 could be locked out of the admin portal. To re-enable local authentication so
 you can log in and resolve the issue, you can temporarily re-enable local authentication
-via the [REST API](/reference/rest-api/configurations).
+via the [REST API](/docs/reference/rest-api/configurations).
 
 If that's not an option, you can re-enable local authentication by
 running the following commands on the host of your Firezone instance:
@@ -201,5 +201,5 @@ cd $HOME/.firezone
 docker compose exec postgres psql -U postgres -h 127.0.0.1 -d firezone -c "UPDATE configurations SET local_auth_enabled = 't'"
 ```
 
-import SupportOptions from '@site/src/partials/_support_options.mdx';
-<SupportOptions />
+import SupportOptions from "@site/src/partials/_support_options.mdx";
+<SupportOptions />;
diff --git a/www/docs/administer/upgrade.mdx b/www/docs/administer/upgrade.mdx
index 4d37859f8..ee2504b12 100644
--- a/www/docs/administer/upgrade.mdx
+++ b/www/docs/administer/upgrade.mdx
@@ -8,7 +8,7 @@ down the web UI.
 
 :::info
 Automatic rollbacks are still under development. We recommend backing up
-relevant [files and folders](/reference/file-and-directory-locations/)
+relevant [files and folders](/docs/reference/file-and-directory-locations/)
 before upgrading in case anything goes wrong.
 :::
 
@@ -18,18 +18,23 @@ Follow the steps below to upgrade Firezone:
 <TabItem label="Docker" value="docker" default>
 
 1. Change to your Firezone installation directory, by default `$HOME/.firezone`:
+
 ```
 cd $HOME/.firezone
 ```
+
 1. If your `.env` file has a `VERSION` variable, update it to the desired version.
-By default `latest` is assumed if not set. This variable is read in newer versions
-of the docker-compose.yml template to populate the `image:` key for the `firezone`
-service.
+   By default `latest` is assumed if not set. This variable is read in newer versions
+   of the docker-compose.yml template to populate the `image:` key for the `firezone`
+   service.
 1. Update service images:
+
 ```
 docker compose pull
 ```
+
 1. Re-up the services (**warning: this will restart updated services**):
+
 ```
 docker compose up -d
 ```
@@ -38,9 +43,11 @@ docker compose up -d
 <TabItem label="Omnibus" value="omnibus">
 
 1. If not setup already, install our package repository based on your distro's
-  package format:
-  - [deb packages](https://cloudsmith.io/~firezone/repos/firezone/setup/#formats-deb)
-  - [rpm packages](https://cloudsmith.io/~firezone/repos/firezone/setup/#formats-rpm)
+   package format:
+
+- [deb packages](https://cloudsmith.io/~firezone/repos/firezone/setup/#formats-deb)
+- [rpm packages](https://cloudsmith.io/~firezone/repos/firezone/setup/#formats-rpm)
+
 1. Upgrade the `firezone` package using your distro's package manager.
 1. Run `firezone-ctl reconfigure` to pick up the new changes.
 1. Run `firezone-ctl restart` to restart services.
@@ -53,7 +60,7 @@ issue](https://github.com/firezone/firezone/issues/new/choose).
 
 ## Upgrading to 0.7.x
 
-Firezone 0.7.0 introduces a new [REST API](/reference/rest-api/) that allows administrators
+Firezone 0.7.0 introduces a new [REST API](/docs/reference/rest-api/) that allows administrators
 to automate much of the day to day configuration of Firezone.
 
 The REST API `/v0/configuration` endpoint supersedes some of the previous environment
@@ -64,12 +71,12 @@ If you're running Firezone &lt; 0.6, we recommend updating to the latest
 are properly parsed and migrated into the DB as runtime `configurations`.
 
 **Note**: Omnibus deployments are deprecated in 0.7.x and will be removed in Firezone
-0.8 and above. We recommend [migrating your installation](/administer/migrate/) to
+0.8 and above. We recommend [migrating your installation](/docs/administer/migrate/) to
 Docker if you haven't done so already.
 
 ## Upgrading to >= 0.6.12
 
-### WIREGUARD_* env vars
+### WIREGUARD\_\* env vars
 
 Firezone 0.6.12 moves the `WIREGUARD_ALLOWED_IPS`, `WIREGUARD_PERSISTENT_KEEPALIVE`,
 and `WIREGUARD_DNS` environment variables to the database to be configured in the
@@ -84,7 +91,7 @@ variables to the DB.
 
 Similar to the `WIREGUARD_*` env vars above, the `AUTH_OIDC_JSON` env var has similarly
 been moved to the database and can be configured at `/settings/site`. In Firezone 0.7 this
-is now configurable via the [REST API](/reference/rest-api/configurations) as well.
+is now configurable via the [REST API](/docs/reference/rest-api/configurations) as well.
 
 ### Fix IPv6
 
@@ -107,8 +114,7 @@ networks:
         - gateway: 2001:3990:3990::1
 ```
 
-You also need to update the Docker daemon to enable IPv6. See our [IPv6 guide](
-https://docs.firezone.dev/deploy/docker/#step-4-enable-ipv6-optional) for more info.
+You also need to update the Docker daemon to enable IPv6. See our [IPv6 guide](/docs/deploy/docker/#step-4-enable-ipv6-optional) for more info.
 
 ## Upgrading from 0.5.x to 0.6.x
 
@@ -118,13 +124,13 @@ more granular user provisioning options, and a slew of minor improvements and bu
 ### Migrate to Docker
 
 Docker is now the preferred way to deploy and manage Firezone. See the [migration
-guide](/administer/migrate/) to migrate today. In most cases this can be done in a few minutes
+guide](/docs/administer/migrate/) to migrate today. In most cases this can be done in a few minutes
 using our automatic migration script.
 
 ### Update Configuration
 
 Some configuration variables have recently moved to the DB in order to be configurable
-at runtime. Check the [configure guide](/deploy/configure/) for more information.
+at runtime. Check the [configure guide](/docs/deploy/configure/) for more information.
 
 ## Upgrading from < 0.5.0 to >= 0.5.0
 
@@ -140,7 +146,7 @@ by setting `default['firezone']['nginx']['enabled'] = false` and pointing your
 reverse proxy directly to the Phoenix app on port 13000 (by default).
 
 Read more about setting up a custom reverse proxy
-[here](/deploy/advanced/reverse-proxy/).
+[here](/docs/deploy/advanced/reverse-proxy/).
 
 ### ACME protocol support
 
@@ -186,7 +192,7 @@ default['firezone']['authentication']['google']['client_secret']
 default['firezone']['authentication']['google']['redirect_uri']
 ```
 
-Then, follow the instructions [here](/authenticate/oidc/google/) to configure Google
+Then, follow the instructions [here](/docs/authenticate/oidc/google/) to configure Google
 as an OIDC provider.
 
 #### Existing Okta OAuth configuration
@@ -201,7 +207,7 @@ default['firezone']['authentication']['okta']['client_secret']
 default['firezone']['authentication']['okta']['site']
 ```
 
-Then, follow the instructions [here](/authenticate/oidc/okta/) to configure Okta as
+Then, follow the instructions [here](/docs/authenticate/oidc/okta/) to configure Okta as
 an OIDC provider.
 
 ## Upgrading from 0.3.x to >= 0.3.16
@@ -230,17 +236,17 @@ users authenticated through your OIDC provider.
 
 If this does not work, you will need to delete your existing OAuth app
 and repeat the OIDC setup steps to
-[create a new app integration](/authenticate/oidc/) .
+[create a new app integration](/docs/authenticate/oidc/) .
 
 ### I have an existing OAuth integration
 
 Prior to 0.3.11, Firezone used pre-configured OAuth2 providers. Follow the
-instructions [here](/authenticate/oidc/) to migrate to OIDC.
+instructions [here](/docs/authenticate/oidc/) to migrate to OIDC.
 
 ### I have not integrated an identity provider
 
 No action needed. You can follow the instructions
-[here](/authenticate/oidc)
+[here](/docs/authenticate/oidc)
 to enable SSO through an OIDC provider.
 
 ## Upgrading from 0.3.1 to >= 0.3.2
@@ -252,7 +258,7 @@ default to `https://` + the FQDN of your server.
 
 Reminder, the configuration file can be found at `/etc/firezone/firezone.rb`.
 For an exhaustive list of configuration variables and their descriptions, see the
-[configuration file reference](/reference/configuration-file).
+[configuration file reference](/docs/reference/configuration-file).
 
 ## Upgrading from 0.2.x to 0.3.x
 
diff --git a/www/docs/authenticate/README.mdx b/www/docs/authenticate/README.mdx
index 3d262501b..651974f05 100644
--- a/www/docs/authenticate/README.mdx
+++ b/www/docs/authenticate/README.mdx
@@ -11,7 +11,7 @@ Firezone supports the following authentication methods:
 
 :::note
 If your Identity Provider doesn't work with the methods listed above,
-[contact us](https://www.firezone.dev/contact/sales?utm_source=docs.firezone.dev) about custom integrations.
+[contact us](/sales) about custom integrations.
 :::
 
 ## Integrate an SSO provider
@@ -19,14 +19,14 @@ If your Identity Provider doesn't work with the methods listed above,
 We've included instructions on how to set up Firezone with several popular
 identity providers using our Generic OIDC integration:
 
-* [Okta](oidc/okta)
-* [Azure Active Directory](oidc/azuread)
-* [Google](oidc/google)
-* [Onelogin](oidc/onelogin)
-* [JumpCloud](saml/jumpcloud)
-* [Keycloak](oidc/keycloak)
-* [Zitadel](oidc/zitadel)
-* [Auth0](oidc/auth0)
+- [Okta](oidc/okta)
+- [Azure Active Directory](oidc/azuread)
+- [Google](oidc/google)
+- [Onelogin](oidc/onelogin)
+- [JumpCloud](saml/jumpcloud)
+- [Keycloak](oidc/keycloak)
+- [Zitadel](oidc/zitadel)
+- [Auth0](oidc/auth0)
 
 If your identity provider is not listed above, but has a generic OIDC or SAML
 connector, please consult their documentation to find instructions on obtaining
@@ -46,12 +46,16 @@ where `CONFIG_ID` is the OIDC Config ID for that particular provider.
 For example, the OIDC config below:
 
 <center>
-  <img width="509" alt="config-oidc" src="https://user-images.githubusercontent.com/167144/216438674-a2b64b3b-2ed6-43dc-b554-de9c055dc741.png"/>
+  <img
+    width="509"
+    alt="config-oidc"
+    src="https://user-images.githubusercontent.com/167144/216438674-a2b64b3b-2ed6-43dc-b554-de9c055dc741.png"
+  />
 </center>
 
 would generate the following OIDC login URL:
 
-* `https://firezone.example.com/auth/oidc/google`
+- `https://firezone.example.com/auth/oidc/google`
 
 This URL could then be distributed to end users for direct navigation to
 the identity provider's login portal for authentication to Firezone.
@@ -80,10 +84,10 @@ See detailed Client Instructions on how to re-authenticate your session
 A user's connection status is shown on the Users page under the table column
 `VPN Connection`. The connection statuses are:
 
-* ENABLED - The connection is enabled.
-* DISABLED - The connection is disabled by an administrator or OIDC refresh failure.
-* EXPIRED - The connection is disabled due to authentication expiration or a user
-has not signed in for the first time.
+- ENABLED - The connection is enabled.
+- DISABLED - The connection is disabled by an administrator or OIDC refresh failure.
+- EXPIRED - The connection is disabled due to authentication expiration or a user
+  has not signed in for the first time.
 
-import SupportOptions from '@site/src/partials/_support_options.mdx';
-<SupportOptions />
+import SupportOptions from "@site/src/partials/_support_options.mdx";
+<SupportOptions />;
diff --git a/www/docs/authenticate/local-auth.mdx b/www/docs/authenticate/local-auth.mdx
index d7c47bba6..ce3c2c94e 100644
--- a/www/docs/authenticate/local-auth.mdx
+++ b/www/docs/authenticate/local-auth.mdx
@@ -7,24 +7,24 @@ sidebar_position: 1
 
 By default, Firezone will use local email / password for authenticating users to
 the Firezone portal. Administrators can add users and assign their passwords on
-the `/users` page. See [Add users](/user-guides/add-users/) for more details.
+the `/users` page. See [Add users](/docs/user-guides/add-users/) for more details.
 
 :::caution
 Although local authentication is quick and easy to get started with, you can
 limit attack surface by [disabling local authentication](#disabling-local-authentication)
-altogether. See our [OIDC](/authenticate/oidc/) or [SAML](/authenticate/saml/) guides
+altogether. See our [OIDC](/docs/authenticate/oidc/) or [SAML](/docs/authenticate/saml/) guides
 for details. For production deployments it's usually a good idea to **disable
 local authentication** and enforce MFA through your identity provider.
 :::
 
 If you choose to keep Local authentication enabled, we recommend [enabling TOTP-based MFA
-](/authenticate/multi-factor/) for any accounts that use the local authentication method.
+](/docs/authenticate/multi-factor/) for any accounts that use the local authentication method.
 
 ## Disabling local authentication
 
 Local authentication can be enabled or disabled from the `/settings/security` page
-or via the [REST API](/reference/rest-api/configurations).
+or via the [REST API](/docs/reference/rest-api/configurations).
 If you've disabled local authentication and can no longer authenticate to the portal
 to re-enable it, see our [troubleshooting guide
-](/administer/troubleshoot#re-enable-local-authentication-via-cli) for re-enabling
+](/docs/administer/troubleshoot#re-enable-local-authentication-via-cli) for re-enabling
 local authentication from the CLI.
diff --git a/www/docs/authenticate/oidc/README.mdx b/www/docs/authenticate/oidc/README.mdx
index d3f6bf2b1..1a822f12d 100644
--- a/www/docs/authenticate/oidc/README.mdx
+++ b/www/docs/authenticate/oidc/README.mdx
@@ -1,8 +1,7 @@
 ---
 title: OpenID Connect
 sidebar_position: 10
-description:
-  Setup single sign-on with your identity provider. Integrate
+description: Setup single sign-on with your identity provider. Integrate
   providers like Okta, Google, Azure, and JumpCloud using Firezone's
   OpenID Connect (OIDC) connector.
 ---
@@ -16,20 +15,20 @@ Firezone supports Single Sign-On (SSO) via OpenID Connect (OIDC).
 In general, most identity providers that offer OIDC support work with Firezone. Some providers
 that only implement the OIDC partially or use uncommon configurations may have
 issues, however. If your identity provider falls into this category, [contact us
-](https://www.firezone.dev/contact/sales?utm_source=docs.firezone.dev) about a custom integration.
+](/sales) about a custom integration.
 
 The following OIDC providers are known to work well with Firezone:
 
-| Provider                                                                          | Support Status                 | Notes                                                                                                                                                  |
-| ---                                                                               | ---                            | ---                                                                                                                                                    |
-| [Azure Active Directory](azuread)                                                 | **Fully tested and supported** | Ensure the [`email` claim](https://learn.microsoft.com/en-us/azure/active-directory/develop/active-directory-optional-claims) is present in the token. |
-| [Okta](okta)                                                                      | **Fully tested and supported** |                                                                                                                                                        |
-| [Onelogin](onelogin)                                                              | **Fully tested and supported** |                                                                                                                                                        |
-| [Keycloak](https://www.keycloak.org/)                                             | **Fully tested and supported** |                                                                                                                                                        |
-| [Auth0](auth0)                                                                    | **Fully tested and supported** | Auth0 does not provide an `end_session_uri` in its OIDC discovery document. Signing out of Auth0 from Firezone is not supported.                                                                                                                                                       |
-| [Google Workspace](google)                                                        | **Fully tested and supported** | Google does not provide an `end_session_uri` in its OIDC discovery document. Signing out of Google Workspace from Firezone is not supported.         |
-| [Zitadel](zitadel)                                                                | Untested but known to work     |                                                                                                                                                        |
-| [Authentik](https://goauthentik.io/)                                              | Untested but known to work     |                                                                                                                                                        |
+| Provider                              | Support Status                 | Notes                                                                                                                                                  |
+| ------------------------------------- | ------------------------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------ |
+| [Azure Active Directory](azuread)     | **Fully tested and supported** | Ensure the [`email` claim](https://learn.microsoft.com/en-us/azure/active-directory/develop/active-directory-optional-claims) is present in the token. |
+| [Okta](okta)                          | **Fully tested and supported** |                                                                                                                                                        |
+| [Onelogin](onelogin)                  | **Fully tested and supported** |                                                                                                                                                        |
+| [Keycloak](https://www.keycloak.org/) | **Fully tested and supported** |                                                                                                                                                        |
+| [Auth0](auth0)                        | **Fully tested and supported** | Auth0 does not provide an `end_session_uri` in its OIDC discovery document. Signing out of Auth0 from Firezone is not supported.                       |
+| [Google Workspace](google)            | **Fully tested and supported** | Google does not provide an `end_session_uri` in its OIDC discovery document. Signing out of Google Workspace from Firezone is not supported.           |
+| [Zitadel](zitadel)                    | Untested but known to work     |                                                                                                                                                        |
+| [Authentik](https://goauthentik.io/)  | Untested but known to work     |                                                                                                                                                        |
 
 ## General setup guide
 
@@ -37,18 +36,18 @@ If you're using an OIDC provider not listed above, the following OIDC attributes
 are required for setting up an OIDC provider in Firezone:
 
 1. `discovery_document_uri`: The
-[OpenID Connect provider configuration URI](https://openid.net/specs/openid-connect-discovery-1_0.html#ProviderConfig)
-which returns a JSON document used to construct subsequent requests to this
-OIDC provider. Some providers refer to this as the "well-known URL".
+   [OpenID Connect provider configuration URI](https://openid.net/specs/openid-connect-discovery-1_0.html#ProviderConfig)
+   which returns a JSON document used to construct subsequent requests to this
+   OIDC provider. Some providers refer to this as the "well-known URL".
 1. `client_id`: The client ID of the application.
 1. `client_secret`: The client secret of the application.
 1. `redirect_uri`: Instructs OIDC provider where to redirect after authentication.
-This should be your Firezone `EXTERNAL_URL + /auth/oidc/<provider_key>/callback/`
-(e.g. `https://firezone.example.com/auth/oidc/google/callback/`).
+   This should be your Firezone `EXTERNAL_URL + /auth/oidc/<provider_key>/callback/`
+   (e.g. `https://firezone.example.com/auth/oidc/google/callback/`).
 1. `response_type`: Set to `code`.
 1. `scope`: [OIDC scopes](https://openid.net/specs/openid-connect-basic-1_0.html#Scopes)
-to obtain from your OIDC provider. At a minimum, Firezone requires the `openid`
-and `email` scopes.
+   to obtain from your OIDC provider. At a minimum, Firezone requires the `openid`
+   and `email` scopes.
 1. `label`: The button label text displayed on the Firezone portal login page.
 
 ### PKCE
diff --git a/www/docs/authenticate/saml/README.mdx b/www/docs/authenticate/saml/README.mdx
index 233e4e736..f737655b2 100644
--- a/www/docs/authenticate/saml/README.mdx
+++ b/www/docs/authenticate/saml/README.mdx
@@ -1,8 +1,7 @@
 ---
 title: SAML 2.0
 sidebar_position: 11
-description:
-  Enforce single sign-on with your identity provider. Integrate
+description: Enforce single sign-on with your identity provider. Integrate
   providers like Okta, Google, OneLogin, and JumpCloud using Firezone's
   SAML 2.0 connector.
 ---
@@ -17,15 +16,14 @@ In general, most identity providers that support SAML 2.0 should work with
 Firezone.
 
 | Provider                   | Support Status           | Notes                              |
-| ---                        | ---                      | ---                                |
+| -------------------------- | ------------------------ | ---------------------------------- |
 | [Okta](okta)               | **Tested and supported** |                                    |
 | [Google Workspace](google) | **Tested and supported** | Uncheck `Require signed envelopes` |
 | [OneLogin](onelogin)       | **Tested and supported** |                                    |
 | [JumpCloud](jumpcloud)     | **Tested and supported** | Uncheck `Require signed envelopes` |
 
 Occasionally, providers that don't implement the full SAML 2.0 standard or use
-uncommon configurations may be problematic. If this is the case, [contact us](
-https://www.firezone.dev/contact/sales?utm_source=docs.firezone.dev) about a custom integration.
+uncommon configurations may be problematic. If this is the case, [contact us](/sales) about a custom integration.
 
 ## Custom SAML cert and keyfile
 
@@ -91,4 +89,4 @@ e.g. `https://firezone.company.com/auth/saml/sp/consume/okta`.
 The Firezone Entity ID can be configured with the `SAML_ENTITY_ID` environment variable
 and defaults to `urn:firezone.dev:firezone-app` if not set.
 
-See the [environment variable reference](/reference/env-vars) for more information.
+See the [environment variable reference](/docs/reference/env-vars) for more information.
diff --git a/www/docs/authenticate/saml/jumpcloud.mdx b/www/docs/authenticate/saml/jumpcloud.mdx
index 729f3934d..58762e035 100644
--- a/www/docs/authenticate/saml/jumpcloud.mdx
+++ b/www/docs/authenticate/saml/jumpcloud.mdx
@@ -11,7 +11,7 @@ description:
 
 :::note
 This guide assumes you have completed the prerequisite steps
-(e.g. generate self-signed X.509 certificates) outlined [here](/authenticate/saml#prerequisites).
+(e.g. generate self-signed X.509 certificates) outlined [here](/docs/authenticate/saml#prerequisites).
 :::
 
 Firezone supports Single Sign-On (SSO) using JumpCloud through the generic SAML 2.0 connector.
@@ -25,16 +25,16 @@ the SSO tab. At the bottom of the popup window, click `Custom SAML App`.
 After entering your desired value for `Display Label`, click the `SSO` tab,
 then use the following configuration values:
 
-| Setting                   | Value                                                                                                                                     |
-| ---                       | ---                                                                                                                                       |
-| IdP Entity ID             | Any unique string will work, e.g. `firezone-jumpcloud`.                                                                                   |
-| SP Entity ID              | This should be the same as your Firezone `SAML_ENTITY_ID`, defaults to `urn:firezone.dev:firezone-app`.                                   |
-| ACS URL                   | This is your Firezone `EXTERNAL_URL/auth/saml/sp/consume/:config_id`, e.g. `https://firezone.company.com/auth/saml/sp/consume/jumpcloud`. |
-| SAMLSubject NameID        | `email`                                                                                                                                   |
-| SAMLSubject NameID Format | Leave at the default.                                                                                                                     |
-| Signature Algorithm       | `RSA-SHA256`                                                                                                                              |
-| Sign Assertion            | **Checked**.                                                                                                                              |
-| Login URL                 | This is your Firezone `EXTERNAL_URL/auth/saml/auth/signin/:config_id`, e.g. `https://firezone.company.com/auth/saml/auth/signin/jumpcloud`|
+| Setting                   | Value                                                                                                                                      |
+| ------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------ |
+| IdP Entity ID             | Any unique string will work, e.g. `firezone-jumpcloud`.                                                                                    |
+| SP Entity ID              | This should be the same as your Firezone `SAML_ENTITY_ID`, defaults to `urn:firezone.dev:firezone-app`.                                    |
+| ACS URL                   | This is your Firezone `EXTERNAL_URL/auth/saml/sp/consume/:config_id`, e.g. `https://firezone.company.com/auth/saml/sp/consume/jumpcloud`.  |
+| SAMLSubject NameID        | `email`                                                                                                                                    |
+| SAMLSubject NameID Format | Leave at the default.                                                                                                                      |
+| Signature Algorithm       | `RSA-SHA256`                                                                                                                               |
+| Sign Assertion            | **Checked**.                                                                                                                               |
+| Login URL                 | This is your Firezone `EXTERNAL_URL/auth/saml/auth/signin/:config_id`, e.g. `https://firezone.company.com/auth/saml/auth/signin/jumpcloud` |
 
 Leave the rest of the settings unchanged, then click the `activate` button at the bottom-right.
 
@@ -52,7 +52,7 @@ In the Firezone portal, add a SAML identity provider under the Security tab
 by filling out the following information:
 
 | Setting                   | Value            | Notes                                                                                                                                       |
-| ---                       | ---              | ---                                                                                                                                         |
+| ------------------------- | ---------------- | ------------------------------------------------------------------------------------------------------------------------------------------- |
 | Config ID                 | `jumpcloud`      | Firezone uses this value to construct endpoints required in the SAML authentication flow (e.g., receiving assertions, login requests).      |
 | Label                     | `JumpCloud`      | Appears on the sign in button for authentication.                                                                                           |
 | Base URL                  | Leave unchanged. |                                                                                                                                             |
diff --git a/www/docs/authenticate/saml/okta.mdx b/www/docs/authenticate/saml/okta.mdx
index 6fccef038..a1ead36cc 100644
--- a/www/docs/authenticate/saml/okta.mdx
+++ b/www/docs/authenticate/saml/okta.mdx
@@ -1,8 +1,7 @@
 ---
 title: Okta
 sidebar_position: 1
-description:
-  Enforce 2FA/MFA using Okta for users of Firezone's WireGuard®-based
+description: Enforce 2FA/MFA using Okta for users of Firezone's WireGuard®-based
   secure access platform. This guide walks through integrating Okta
   for single sign-on using the SAML 2.0 connector.
 ---
@@ -11,7 +10,7 @@ description:
 
 :::note
 This guide assumes you have completed the prerequisite steps
-(e.g. generate self-signed X.509 certificates) outlined [here](/authenticate/saml#prerequisites).
+(e.g. generate self-signed X.509 certificates) outlined [here](/docs/authenticate/saml#prerequisites).
 :::
 
 Firezone supports Single Sign-On (SSO) using Okta through the generic SAML 2.0 connector. This guide will walk you through how to configure the integration.
@@ -22,15 +21,15 @@ In the Okta admin portal, create a new app integration under
 the Application tab. Select `SAML 2.0` as the authentication method.
 Use the following config values during setup:
 
-| Setting                        | Value                                                                                                                                 |
-|--------------------------------|---------------------------------------------------------------------------------------------------------------------------------------|
-| App name                       | Firezone                                                                                                                              |
-| App logo                       | [save link as](https://user-images.githubusercontent.com/52545545/155907625-a4f6c8c2-3952-488d-b244-3c37400846cf.png)                 |
-| Single sign on URL             | This is your Firezone `EXTERNAL_URL/auth/saml/sp/consume/:config_id` (e.g., `https://firezone.company.com/auth/saml/sp/consume/okta`).|
-| Audience (EntityID)            | This should be the same as your Firezone `SAML_ENTITY_ID`, defaults to `urn:firezone.dev:firezone-app`.                               |
-| Name ID format                 | EmailAddress                                                                                                                          |
-| Application username           | Email                                                                                                                                 |
-| Update application username on | Create and update                                                                                                                     |
+| Setting                        | Value                                                                                                                                  |
+| ------------------------------ | -------------------------------------------------------------------------------------------------------------------------------------- |
+| App name                       | Firezone                                                                                                                               |
+| App logo                       | [save link as](https://user-images.githubusercontent.com/52545545/155907625-a4f6c8c2-3952-488d-b244-3c37400846cf.png)                  |
+| Single sign on URL             | This is your Firezone `EXTERNAL_URL/auth/saml/sp/consume/:config_id` (e.g., `https://firezone.company.com/auth/saml/sp/consume/okta`). |
+| Audience (EntityID)            | This should be the same as your Firezone `SAML_ENTITY_ID`, defaults to `urn:firezone.dev:firezone-app`.                                |
+| Name ID format                 | EmailAddress                                                                                                                           |
+| Application username           | Email                                                                                                                                  |
+| Update application username on | Create and update                                                                                                                      |
 
 [Okta's documentation](https://help.okta.com/oie/en-us/Content/Topics/Apps/Apps_App_Integration_Wizard_SAML.htm)
 contains additional details on the purpose of each configuration setting.
@@ -46,16 +45,16 @@ to copy-paste the contents of this document into the Firezone portal in the next
 In the Firezone portal, add a SAML identity provider under the Security tab
 by filling out the following information:
 
-| Setting                     | Value           | Notes                                                                                                                                       |
-| --------------------------- | ----------      | --------------------------------------------------------------------------------------------------------------------                        |
-| Config ID                   | Okta            | Used to construct endpoints required in the SAML authentication flow (e.g., receiving assertions, login requests).                          |
-| Label                       | Okta            | Appears on the sign in button for authentication.                                                                                           |
-| Metadata                    | see note        | Paste the contents of the SAML metadata document you downloaded in the previous step from Okta.                                             |
-| Sign assertions             | Checked.        |                                                                                                                                             |
-| Sign metadata               | Checked.        |                                                                                                                                             |
-| Require signed assertions   | Checked.        |                                                                                                                                             |
-| Required signed envelopes   | Checked.        |                                                                                                                                             |
-| Auto create users           | Default `false` | Enable this setting to automatically create users when signing in with this connector for the first time. Disable to manually create users. |
+| Setting                   | Value           | Notes                                                                                                                                       |
+| ------------------------- | --------------- | ------------------------------------------------------------------------------------------------------------------------------------------- |
+| Config ID                 | Okta            | Used to construct endpoints required in the SAML authentication flow (e.g., receiving assertions, login requests).                          |
+| Label                     | Okta            | Appears on the sign in button for authentication.                                                                                           |
+| Metadata                  | see note        | Paste the contents of the SAML metadata document you downloaded in the previous step from Okta.                                             |
+| Sign assertions           | Checked.        |                                                                                                                                             |
+| Sign metadata             | Checked.        |                                                                                                                                             |
+| Require signed assertions | Checked.        |                                                                                                                                             |
+| Required signed envelopes | Checked.        |                                                                                                                                             |
+| Auto create users         | Default `false` | Enable this setting to automatically create users when signing in with this connector for the first time. Disable to manually create users. |
 
 ![Firezone SAML](https://user-images.githubusercontent.com/52545545/202557861-f7a85df0-d44f-48fd-a980-89e8b0c91503.png)
 
diff --git a/www/docs/authenticate/saml/onelogin.mdx b/www/docs/authenticate/saml/onelogin.mdx
index 774837cfd..e278fbd1a 100644
--- a/www/docs/authenticate/saml/onelogin.mdx
+++ b/www/docs/authenticate/saml/onelogin.mdx
@@ -11,7 +11,7 @@ description:
 
 :::note
 This guide assumes you have completed the prerequisite steps
-(e.g. generate self-signed X.509 certificates) outlined [here](/authenticate/saml#prerequisites).
+(e.g. generate self-signed X.509 certificates) outlined [here](/docs/authenticate/saml#prerequisites).
 :::
 
 Firezone supports Single Sign-On (SSO) using OneLogin through the generic SAML 2.0 connector.
@@ -26,7 +26,7 @@ configuration settings under the under the configuration tab.
 The following fields should be filled out on this page:
 
 | Setting                | Value                                                                                                                                                                                     |
-|------------------------|-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
+| ---------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
 | Audience (EntityID)    | This should be the same as your Firezone `SAML_ENTITY_ID`, defaults to `urn:firezone.dev:firezone-app`.                                                                                   |
 | Recipient              | This is your Firezone `EXTERNAL_URL/auth/saml/sp/consume/:config_id` (e.g., `https://firezone.company.com/auth/saml/sp/consume/onelogin`).                                                |
 | ACS URL Validator      | This field is regex to ensure OneLogin posts the response to the correct URL. For the sample URL below, we can use `^https:\/\/firezone\.company\.com\/auth\/saml\/sp\/consume\/onelogin` |
@@ -51,7 +51,7 @@ In the Firezone portal, add a SAML identity provider under the Security tab
 by filling out the following information:
 
 | Setting                   | Value           | Notes                                                                                                                                       |
-| ---                       | ---             | ---                                                                                                                                         |
+| ------------------------- | --------------- | ------------------------------------------------------------------------------------------------------------------------------------------- |
 | Config ID                 | `onelogin`      | Used to construct endpoints required in the SAML authentication flow (e.g., receiving assertions, login requests).                          |
 | Label                     | `OneLogin`      | Appears on the sign in button for authentication.                                                                                           |
 | Metadata                  | see note        | Paste the contents of the SAML metadata document you downloaded in the previous step from OneLogin.                                         |
diff --git a/www/docs/deploy/README.mdx b/www/docs/deploy/README.mdx
index 0b2a1b385..ab2103053 100644
--- a/www/docs/deploy/README.mdx
+++ b/www/docs/deploy/README.mdx
@@ -102,6 +102,6 @@ preferred method of deployment.
 Chef Infra Client, the configuration system Chef Omnibus relies on, has been
 [scheduled for End-of-Life in 2024](https://docs.chef.io/versions/). As such,
 support for Omnibus-based deployments will be removed starting with Firezone 0.8.
-Firezone. To transition to Docker from Omnibus today, follow our [migration guide
+To transition to Docker from Omnibus today, follow our [migration guide
 ](../administer/migrate).
 :::
diff --git a/www/docs/deploy/advanced/build-from-source.mdx b/www/docs/deploy/advanced/build-from-source.mdx
index 0de44e906..be6b789d4 100644
--- a/www/docs/deploy/advanced/build-from-source.mdx
+++ b/www/docs/deploy/advanced/build-from-source.mdx
@@ -76,7 +76,7 @@ The known commands are:
 
 Most deployment-related configuration is handled with environment variables.
 You'll probably want to at least set variables related to your reverse proxy
-and database. See the [ENV var reference](/reference/env-vars/) for an exhaustive list.
+and database. See the [ENV var reference](/docs/reference/env-vars/) for an exhaustive list.
 
 Now all you need are the database and reverse proxy that you've previously set up.
 Once that's done, you can use `firezone start` to start Firezone and run
diff --git a/www/docs/deploy/advanced/external-database.mdx b/www/docs/deploy/advanced/external-database.mdx
index 92dc6740b..f26647b0b 100644
--- a/www/docs/deploy/advanced/external-database.mdx
+++ b/www/docs/deploy/advanced/external-database.mdx
@@ -26,7 +26,7 @@ if possible.
 
 :::info
 Need help deploying or maintaining Firezone with an external database? Consider
-[contacting us about our Enterprise Plan](https://www.firezone.dev/contact/sales?utm_source=docs.firezone.dev) for
+[contacting us about our Enterprise Plan](/sales) for
 recommended configurations, white-glove deployment assistance, and more.
 :::
 
@@ -39,7 +39,7 @@ The Firezone Docker image uses the following environment
 variables to connect to the DB (fields in bold required):
 
 | Name                          | Description                                                                                                                                                                                                           | Format                | Default                              |
-| ---                           | ---                                                                                                                                                                                                                   | ---                   | ---                                  |
+| ----------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | --------------------- | ------------------------------------ |
 | **`DATABASE_ENCRYPTION_KEY`** | The base64-encoded symmetric encryption key used to encrypt and decrypt sensitive fields.                                                                                                                             | base64-encoded String | None -- must be generated on install |
 | `DATABASE_HOST`               | Database host                                                                                                                                                                                                         | IP or hostname        | `postgres`                           |
 | `DATABASE_PORT`               | Database port                                                                                                                                                                                                         | Integer               | `5432`                               |
@@ -52,7 +52,7 @@ variables to connect to the DB (fields in bold required):
 | `DATABASE_PARAMETERS`         | Map of parameters to send to the `:parameters` option when connecting to the database. See [Ecto.Adapters.Postgres documentation](https://hexdocs.pm/ecto_sql/Ecto.Adapters.Postgres.html#module-connection-options). | JSON-encoded String   | `{}`                                 |
 
 For more information, see the [environment variable reference
-](/reference/env-vars/).
+](/docs/reference/env-vars/).
 
 :::note
 The official `postgres` docker image can be configured by setting
@@ -67,7 +67,7 @@ The following configuration options are used to configure the bundled Postgres
 for Omnibus-based deployments:
 
 | Config Key                                      | Description                                                                                                                                                                                                            | Default                                            |
-| ---                                             | ---                                                                                                                                                                                                                    | ---                                                |
+| ----------------------------------------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -------------------------------------------------- |
 | `default['firezone']['database']['user']`       | Specifies the username Firezone will use to connect to the DB.                                                                                                                                                         | `node['firezone']['postgresql']['username']`       |
 | `default['firezone']['database']['password']`   | If using an external DB, specifies the password Firezone will use to connect to the DB.                                                                                                                                | `'change_me'`                                      |
 | `default['firezone']['database']['name']`       | Database that Firezone will use. Will be created if it doesn't exist.                                                                                                                                                  | `'firezone'`                                       |
@@ -80,7 +80,7 @@ for Omnibus-based deployments:
 | `default['firezone']['database']['extensions']` | Database extensions to enable.                                                                                                                                                                                         | `{ 'plpgsql' => true, 'pg_trgm' => true }`         |
 
 For more details, see the [configuration file reference
-](/reference/configuration-file/).
+](/docs/reference/configuration-file/).
 
   </TabItem>
 </Tabs>
diff --git a/www/docs/deploy/advanced/reverse-proxy.mdx b/www/docs/deploy/advanced/reverse-proxy.mdx
index a6680e313..19df2dc6b 100644
--- a/www/docs/deploy/advanced/reverse-proxy.mdx
+++ b/www/docs/deploy/advanced/reverse-proxy.mdx
@@ -11,7 +11,7 @@ There are important security risks if the reverse proxy is not set up correctly.
 :::
 
 For help deploying Firezone with a custom reverse proxy, consider [contacting us
-for support](https://www.firezone.dev/contact/sales?utm_source=docs.firezone.dev).
+for support](/sales).
 
 ## Introduction
 
@@ -27,13 +27,12 @@ reverse proxy.
 
 ### Firezone configuration requirements
 
-* Disable the bundled Nginx by setting `default['firezone']['nginx']['enabled']`
+- Disable the bundled Nginx by setting `default['firezone']['nginx']['enabled']`
   to `false` in the config file.
-* If you have any immediate proxies between your primary reverse proxy and the
+- If you have any immediate proxies between your primary reverse proxy and the
   Firezone web app, add their IPs to
   `default['firezone']['phoenix']['external_trusted_proxies']`. Because of the
-  way the [X-Forwarded-For header works](
-  https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Forwarded-For),
+  way the [X-Forwarded-For header works](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Forwarded-For),
   this is needed to parse the actual client's IP address to prevent
   IP spoofing.
 
@@ -42,12 +41,12 @@ The `external_trusted_proxies` list automatically implicitly includes the
 following private CIDR ranges, even if they're not specified in the
 configuration file:
 
-* `127.0.0.0/8`
-* `10.0.0.0/8`
-* `172.16.0.0/12`
-* `192.168.0.0/16`
-* `::1/128`
-* `fc00::/7`
+- `127.0.0.0/8`
+- `10.0.0.0/8`
+- `172.16.0.0/12`
+- `192.168.0.0/16`
+- `::1/128`
+- `fc00::/7`
 
 This means any web requests originating from these IPs are automatically ignored
 from the `X-Forwarded-For` headers. If you're accessing Firezone from any IPs in
@@ -56,36 +55,34 @@ this range (as seen by the Firezone web app), be sure to add them to the
 :::
 
 Read more about the configuration options
-[here](/reference/configuration-file/).
+[here](/docs/reference/configuration-file/).
 
 ### Proxy requirements
 
-* All your proxies need to configure the `X-Forwarded-For` header as explained
-  [here](
-  https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Forwarded-For)
-* Your proxy should also set the `X-Forwarded-Proto` to `https`.
-* Your proxy (or another downstream proxy) **must** terminate SSL since we
-  enforce [secure cookies](
-  https://developer.mozilla.org/en-US/docs/Web/HTTP/Cookies#restrict_access_to_cookies).
-* Firezone requires the use of WebSockets to establish realtime connections. We
+- All your proxies need to configure the `X-Forwarded-For` header as explained
+  [here](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Forwarded-For)
+- Your proxy should also set the `X-Forwarded-Proto` to `https`.
+- Your proxy (or another downstream proxy) **must** terminate SSL since we
+  enforce [secure cookies](https://developer.mozilla.org/en-US/docs/Web/HTTP/Cookies#restrict_access_to_cookies).
+- Firezone requires the use of WebSockets to establish realtime connections. We
   recommend following your proxy's specific documentation for supporting
   WebSockets as each proxy varies. In general, your proxy needs to be able to
   proxy HTTP 1.1 connections, and the Firezone web app expects the following
   headers to be set:
-  * `Connection: upgrade`
-  * `Upgrade: websocket`
+  - `Connection: upgrade`
+  - `Upgrade: websocket`
 
 ## Security considerations
 
 In addition to the headers above, we recommend adding the following headers for
 security purposes:
 
-* `X-XSS-Protection: 1; mode=block`
-* `X-Content-Type-Options nosniff`
-* `Referrer-Policy no-referrer-when-downgrade`
-* `Content-Security-Policy: default-src 'self' ws: wss: http: https: data: blob:
-  'unsafe-inline'; frame-ancestors 'self';`
-* `Permissions-Policy: interest-cohort=()`
+- `X-XSS-Protection: 1; mode=block`
+- `X-Content-Type-Options nosniff`
+- `Referrer-Policy no-referrer-when-downgrade`
+- `Content-Security-Policy: default-src 'self' ws: wss: http: https: data: blob:
+'unsafe-inline'; frame-ancestors 'self';`
+- `Permissions-Policy: interest-cohort=()`
 
 Since the upstream Firezone web app expects plain HTTP traffic, any requests the
 proxy forwards is sent over HTTP and thus is **not encrypted**. In most cases,
@@ -97,9 +94,9 @@ reverse proxy to proxy to that instead.
 
 ## Example configurations
 
-* [Apache](/reference/reverse-proxy-templates/apache/)
-* [Traefik](/reference/reverse-proxy-templates/traefik/)
-* [HAProxy](/reference/reverse-proxy-templates/haproxy/)
+- [Apache](/docs/reference/reverse-proxy-templates/apache/)
+- [Traefik](/docs/reference/reverse-proxy-templates/traefik/)
+- [HAProxy](/docs/reference/reverse-proxy-templates/haproxy/)
 
 These configurations are written to be as simple as possible. They're designed
 to function as a simple template which you can customize further to suit your
diff --git a/www/docs/deploy/configure.mdx b/www/docs/deploy/configure.mdx
index 765f0c550..9c90218f7 100644
--- a/www/docs/deploy/configure.mdx
+++ b/www/docs/deploy/configure.mdx
@@ -7,15 +7,15 @@ sidebar_position: 5
 
 There are two types of configuration in Firezone:
 
-* [Runtime configuration](#runtime-configuration): Application configuration
+- [Runtime configuration](#runtime-configuration): Application configuration
   related to day-to-day operation of Firezone.
-* [Deployment configuration](#deployment-configuration): Deployment or
+- [Deployment configuration](#deployment-configuration): Deployment or
   infrastructure-related configuration relevant to running Firezone on-prem.
 
 ## Runtime configuration
 
 Most day-to-day configuration of Firezone can be done via the Web UI or
-[REST API](/reference/rest-api/configurations).
+[REST API](/docs/reference/rest-api/configurations).
 This type of configuration can be expected to be changed **with no downtime**
 in a production deployment.
 
diff --git a/www/docs/deploy/security-considerations.mdx b/www/docs/deploy/security-considerations.mdx
index 1ab06a09a..60d974a32 100644
--- a/www/docs/deploy/security-considerations.mdx
+++ b/www/docs/deploy/security-considerations.mdx
@@ -18,7 +18,7 @@ Shown below is a table of default ports used by Firezone services.
 <TabItem label="Docker" value="docker" default>
 
 | Service    | Port        | Listen address | Description                                                                   |
-| ------     | ---------   | -------        | ---------                                                                     |
+| ---------- | ----------- | -------------- | ----------------------------------------------------------------------------- |
 | Caddy      | `443/tcp`   | `all`          | Public HTTPS port for administering Firezone and facilitating authentication. |
 | Caddy      | `80/tcp`    | `all`          | Public HTTP port used for ACME. Disabled when ACME is disabled.               |
 | WireGuard  | `51820/udp` | `all`          | Public WireGuard port used for VPN sessions.                                  |
@@ -29,7 +29,7 @@ Shown below is a table of default ports used by Firezone services.
 <TabItem label="Omnibus" value="omnibus">
 
 | Service    | Port        | Listen address | Description                                                                   |
-| ------     | ---------   | -------        | ---------                                                                     |
+| ---------- | ----------- | -------------- | ----------------------------------------------------------------------------- |
 | Nginx      | `443/tcp`   | `all`          | Public HTTPS port for administering Firezone and facilitating authentication. |
 | Nginx      | `80/tcp`    | `all`          | Public HTTP port used for ACME. Disabled when ACME is disabled.               |
 | WireGuard  | `51820/udp` | `all`          | Public WireGuard port used for VPN sessions.                                  |
@@ -47,7 +47,7 @@ altogether by setting `default['firezone']['authentication']['local']['enabled']
 Local authentication can also be disabled on the `/settings/security` page.
 
 :::caution
-Ensure you've set up a working [OIDC](/authenticate/oidc/) or [SAML](/authenticate/saml/)-based
+Ensure you've set up a working [OIDC](/docs/authenticate/oidc/) or [SAML](/docs/authenticate/saml/)-based
 authentication provider before disabling the local authentication method.
 :::
 
diff --git a/www/docs/reference/_audit-logs.mdx b/www/docs/reference/_audit-logs.mdx
index 38ed678b8..946c23034 100644
--- a/www/docs/reference/_audit-logs.mdx
+++ b/www/docs/reference/_audit-logs.mdx
@@ -7,7 +7,7 @@ sidebar_position: 2
 
 :::note
 Audit logs are in early Beta on the Enterprise plan.
-[Contact us](https://www.firezone.dev/contact/sales?utm_source=docs.firezone.dev)
+[Contact us](/sales)
 to learn more.
 :::
 
diff --git a/www/docs/reference/configuration-file.mdx b/www/docs/reference/configuration-file.mdx
index ff249fc2c..9f8c9ec8f 100644
--- a/www/docs/reference/configuration-file.mdx
+++ b/www/docs/reference/configuration-file.mdx
@@ -15,7 +15,7 @@ To configure Omnibus-based deployments of Firezone:
 1. Edit `/etc/firezone/firezone.rb` with your changes.
 1. Run `sudo firezone-ctl reconfigure` to process the changes and restart affected services.
 
-Read more about configuring Firezone in the [configure guide](/deploy/configure).
+Read more about configuring Firezone in the [configure guide](/docs/deploy/configure).
 
 ## Configuration file reference
 
@@ -25,162 +25,162 @@ Shown below is a complete listing of the configuration options available in
 <!-- markdownlint-disable MD033 -->
 <!-- markdownlint-disable MD034 -->
 
-| Option                                                                        | Description                                                                                                                                                                                                            | Default Value                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      |
-| ----------------------------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------                                                                                                           | ----------------------------------------------------------------------                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                             |
-| `default['firezone']['external_url']`                                         | URL used to access the web portal of this Firezone instance.                                                                                                                                                           | <code>"https://#{node['fqdn'] &vert;&vert; node['hostname']}"</code>                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                               |
-| `default['firezone']['config_directory']`                                     | Top-level directory for Firezone configuration.                                                                                                                                                                        | `'/etc/firezone'`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  |
-| `default['firezone']['install_directory']`                                    | Top-level directory to install Firezone to.                                                                                                                                                                            | `'/opt/firezone'`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  |
-| `default['firezone']['app_directory']`                                        | Top-level directory to install the Firezone web application.                                                                                                                                                           | `"#{node['firezone']['install_directory']}/embedded/service/firezone"`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                             |
-| `default['firezone']['log_directory']`                                        | Top-level directory for Firezone logs.                                                                                                                                                                                 | `'/var/log/firezone'`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              |
-| `default['firezone']['var_directory']`                                        | Top-level directory for Firezone runtime files.                                                                                                                                                                        | `'/var/opt/firezone'`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              |
-| `default['firezone']['user']`                                                 | Name of unprivileged Linux user most services and files will belong to.                                                                                                                                                | `'firezone'`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                       |
-| `default['firezone']['group']`                                                | Name of Linux group most services and files will belong to.                                                                                                                                                            | `'firezone'`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                       |
-| `default['firezone']['admin_email']`                                          | Email address for initial Firezone user.                                                                                                                                                                               | `"firezone@localhost"`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                             |
-| `default['firezone']['max_devices_per_user']`                                 | Maximum number of devices a user can have.                                                                                                                                                                             | `10`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                               |
-| `default['firezone']['allow_unprivileged_device_management']`                 | Allows non-admin users to create and delete devices.                                                                                                                                                                   | `true`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                             |
-| `default['firezone']['allow_unprivileged_device_configuration']`              | Allows non-admin users to modify device configurations. When disabled, prevents unprivileged users from changing all device fields except for `name` and `description`.                                                | `true`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                             |
-| `default['firezone']['egress_interface']`                                     | Interface name where tunneled traffic will exit. If nil, the default route interface will be used.                                                                                                                     | `nil`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              |
-| `default['firezone']['fips_enabled']`                                         | Enable or disable OpenSSL FIPs mode.                                                                                                                                                                                   | `nil`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              |
-| `default['firezone']['logging']['enabled']`                                   | Enable or disable logging across Firezone. Set to `false` to disable logging entirely.                                                                                                                                 | `true`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                             |
-| `default['enterprise']['name']`                                               | Name used by the Chef 'enterprise' cookbook.                                                                                                                                                                           | `'firezone'`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                       |
-| `default['firezone']['install_path']`                                         | Install path used by Chef 'enterprise' cookbook. Should be set to the same as the `install_directory` above.                                                                                                           | `node['firezone']['install_directory']`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            |
-| `default['firezone']['sysvinit_id']`                                          | An identifier used in `/etc/inittab`. Must be a unique sequence of 1-4 characters.                                                                                                                                     | `'SUP'`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            |
-| `default['firezone']['authentication']['local']['enabled']`                   | Enable or disable local email/password authentication.                                                                                                                                                                 | `true`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                             |
-| `default['firezone']['authentication']['disable_vpn_on_oidc_error']`          | Disable a user's VPN if an error is detected trying to refresh their OIDC token.                                                                                                                                       | `false`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            |
-| `default['firezone']['authentication']['oidc']`                               | OpenID Connect config, in the format of `{"provider" => [config...]}` - See [OpenIDConnect documentation](https://hexdocs.pm/openid_connect/readme.html) for config examples.                                          | `{}`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                               |
-| `default['firezone']['nginx']['enabled']`                                     | Enable or disable the bundled nginx server.                                                                                                                                                                            | `true`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                             |
-| `default['firezone']['nginx']['ssl_port']`                                    | HTTPS listen port.                                                                                                                                                                                                     | `443`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              |
-| `default['firezone']['nginx']['directory']`                                   | Directory to store Firezone-related nginx virtual host configuration.                                                                                                                                                  | `"#{node['firezone']['var_directory']}/nginx/etc"`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                 |
-| `default['firezone']['nginx']['log_directory']`                               | Directory to store Firezone-related nginx log files.                                                                                                                                                                   | `"#{node['firezone']['log_directory']}/nginx"`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                     |
-| `default['firezone']['nginx']['log_rotation']['file_maxbytes']`               | File size at which to rotate Nginx log files.                                                                                                                                                                          | `104857600`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        |
-| `default['firezone']['nginx']['log_rotation']['num_to_keep']`                 | Number of Firezone nginx log files to keep before discarding.                                                                                                                                                          | `10`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                               |
-| `default['firezone']['nginx']['log_x_forwarded_for']`                         | Whether to log Firezone nginx `x-forwarded-for` header.                                                                                                                                                                | `true`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                             |
-| `default['firezone']['nginx']['hsts_header']['enabled']`                      | Enable or disable [HSTS](https://www.nginx.com/blog/http-strict-transport-security-hsts-and-nginx/).                                                                                                                   | `true`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                             |
-| `default['firezone']['nginx']['hsts_header']['include_subdomains']`           | Enable or disable `includeSubDomains` for the HSTS header.                                                                                                                                                             | `true`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                             |
-| `default['firezone']['nginx']['hsts_header']['max_age']`                      | Max age for the HSTS header.                                                                                                                                                                                           | `31536000`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                         |
-| `default['firezone']['nginx']['redirect_to_canonical']`                       | Whether to redirect URLs to the canonical FQDN specified above                                                                                                                                                         | `false`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            |
-| `default['firezone']['nginx']['cache']['enabled']`                            | Enable or disable the Firezone nginx cache.                                                                                                                                                                            | `false`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            |
-| `default['firezone']['nginx']['cache']['directory']`                          | Directory for Firezone nginx cache.                                                                                                                                                                                    | `"#{node['firezone']['var_directory']}/nginx/cache"`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                               |
-| `default['firezone']['nginx']['user']`                                        | Firezone nginx user.                                                                                                                                                                                                   | `node['firezone']['user']`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                         |
-| `default['firezone']['nginx']['group']`                                       | Firezone nginx group.                                                                                                                                                                                                  | `node['firezone']['group']`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        |
-| `default['firezone']['nginx']['dir']`                                         | Top-level nginx configuration directory.                                                                                                                                                                               | `node['firezone']['nginx']['directory']`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                           |
-| `default['firezone']['nginx']['log_dir']`                                     | Top-level nginx log directory.                                                                                                                                                                                         | `node['firezone']['nginx']['log_directory']`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                       |
-| `default['firezone']['nginx']['pid']`                                         | Location for nginx pid file.                                                                                                                                                                                           | `"#{node['firezone']['nginx']['directory']}/nginx.pid"`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            |
-| `default['firezone']['nginx']['daemon_disable']`                              | Disable nginx daemon mode so we can monitor it instead.                                                                                                                                                                | `true`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                             |
-| `default['firezone']['nginx']['gzip']`                                        | Turn nginx gzip compression on or off.                                                                                                                                                                                 | `'on'`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                             |
-| `default['firezone']['nginx']['gzip_static']`                                 | Turn nginx gzip compression on or off for static files.                                                                                                                                                                | `'off'`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            |
-| `default['firezone']['nginx']['gzip_http_version']`                           | HTTP version to use for serving static files.                                                                                                                                                                          | `'1.0'`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            |
-| `default['firezone']['nginx']['gzip_comp_level']`                             | nginx gzip compression level.                                                                                                                                                                                          | `'2'`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              |
-| `default['firezone']['nginx']['gzip_proxied']`                                | Enables or disables gzipping of responses for proxied requests depending on the request and response.                                                                                                                  | `'any'`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            |
-| `default['firezone']['nginx']['gzip_vary']`                                   | Enables or disables inserting the “Vary: Accept-Encoding” response header.                                                                                                                                             | `'off'`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            |
-| `default['firezone']['nginx']['gzip_buffers']`                                | Sets the number and size of buffers used to compress a response. If `nil`, nginx default is used.                                                                                                                      | `nil`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              |
-| `default['firezone']['nginx']['gzip_types']`                                  | MIME types to enable gzip compression for.                                                                                                                                                                             | `['text/plain', 'text/css','application/x-javascript', 'text/xml', 'application/xml', 'application/rss+xml', 'application/atom+xml', 'text/javascript', 'application/javascript', 'application/json']`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                             |
-| `default['firezone']['nginx']['gzip_min_length']`                             | Minimum file length to enable file gzip compression for.                                                                                                                                                               | `1000`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                             |
-| `default['firezone']['nginx']['gzip_disable']`                                | User-agent matcher to disable gzip compression for.                                                                                                                                                                    | `'MSIE [1-6]\.'`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                   |
-| `default['firezone']['nginx']['keepalive']`                                   | Activates cache for connection to upstream servers.                                                                                                                                                                    | `'on'`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                             |
-| `default['firezone']['nginx']['keepalive_timeout']`                           | Timeout in seconds for keepalive connection to upstream servers.                                                                                                                                                       | `65`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                               |
-| `default['firezone']['nginx']['worker_processes']`                            | Number of nginx worker processes.                                                                                                                                                                                      | `node['cpu'] && node['cpu']['total'] ? node['cpu']['total'] : 1`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                   |
-| `default['firezone']['nginx']['worker_connections']`                          | Max number of simultaneous connections that can be opened by a worker process.                                                                                                                                         | `1024`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                             |
-| `default['firezone']['nginx']['worker_rlimit_nofile']`                        | Changes the limit on the maximum number of open files for worker processes. Uses nginx default if nil.                                                                                                                 | `nil`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              |
-| `default['firezone']['nginx']['multi_accept']`                                | Whether workers should accept one connection at a time or multiple.                                                                                                                                                    | `true`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                             |
-| `default['firezone']['nginx']['event']`                                       | Specifies the connection processing method to use inside nginx events context.                                                                                                                                         | `'epoll'`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          |
-| `default['firezone']['nginx']['server_tokens']`                               | Enables or disables emitting nginx version on error pages and in the “Server” response header field.                                                                                                                   | `nil`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              |
-| `default['firezone']['nginx']['server_names_hash_bucket_size']`               | Sets the bucket size for the server names hash tables.                                                                                                                                                                 | `64`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                               |
-| `default['firezone']['nginx']['sendfile']`                                    | Enables or disables the use of nginx's `sendfile()`.                                                                                                                                                                   | `'on'`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                             |
-| `default['firezone']['nginx']['access_log_options']`                          | Sets nginx access log options.                                                                                                                                                                                         | `nil`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              |
-| `default['firezone']['nginx']['error_log_options']`                           | Sets nginx error log options.                                                                                                                                                                                          | `nil`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              |
-| `default['firezone']['nginx']['disable_access_log']`                          | Disables nginx access log.                                                                                                                                                                                             | `false`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            |
-| `default['firezone']['nginx']['types_hash_max_size']`                         | nginx types hash max size.                                                                                                                                                                                             | `2048`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                             |
-| `default['firezone']['nginx']['types_hash_bucket_size']`                      | nginx types hash bucket size.                                                                                                                                                                                          | `64`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                               |
-| `default['firezone']['nginx']['proxy_read_timeout']`                          | nginx proxy read timeout. Set to `nil` to use nginx default.                                                                                                                                                           | `nil`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              |
-| `default['firezone']['nginx']['client_body_buffer_size']`                     | nginx client body buffer size. Set to `nil` to use nginx default.                                                                                                                                                      | `nil`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              |
-| `default['firezone']['nginx']['client_max_body_size']`                        | nginx client max body size.                                                                                                                                                                                            | `'250m'`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                           |
-| `default['firezone']['nginx']['default']['modules']`                          | Specify additional nginx modules.                                                                                                                                                                                      | `[]`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                               |
-| `default['firezone']['nginx']['enable_rate_limiting']`                        | Enable or disable nginx rate limiting.                                                                                                                                                                                 | `true`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                             |
-| `default['firezone']['nginx']['rate_limiting_zone_name']`                     | Nginx rate limiting zone name.                                                                                                                                                                                         | `'firezone'`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                       |
-| `default['firezone']['nginx']['rate_limiting_backoff']`                       | Nginx rate limiting backoff.                                                                                                                                                                                           | `'10m'`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            |
-| `default['firezone']['nginx']['rate_limit']`                                  | Nginx rate limit.                                                                                                                                                                                                      | `'10r/s'`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          |
-| `default['firezone']['nginx']['ipv6']`                                        | Allow nginx to listen for HTTP requests for IPv6 in addition to IPv4.                                                                                                                                                  | `true`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                             |
-| `default['firezone']['postgresql']['enabled']`                                | Enable or disable bundled Postgresql. Set to `false` and fill in the `database` options below to use your own Postgresql instance.                                                                                     | `true`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                             |
-| `default['firezone']['postgresql']['username']`                               | Username for Postgresql.                                                                                                                                                                                               | `node['firezone']['user']`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                         |
-| `default['firezone']['postgresql']['data_directory']`                         | Postgresql data directory.                                                                                                                                                                                             | `"#{node['firezone']['var_directory']}/postgresql/13.3/data"`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      |
-| `default['firezone']['postgresql']['log_directory']`                          | Postgresql log directory.                                                                                                                                                                                              | `"#{node['firezone']['log_directory']}/postgresql"`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                |
-| `default['firezone']['postgresql']['log_rotation']['file_maxbytes']`          | Postgresql log file maximum size before it's rotated.                                                                                                                                                                  | `104857600`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        |
-| `default['firezone']['postgresql']['log_rotation']['num_to_keep']`            | Number of Postgresql log files to keep.                                                                                                                                                                                | `10`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                               |
-| `default['firezone']['postgresql']['checkpoint_completion_target']`           | Postgresql checkpoint completion target.                                                                                                                                                                               | `0.5`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              |
-| `default['firezone']['postgresql']['checkpoint_segments']`                    | Number of Postgresql checkpoint segments.                                                                                                                                                                              | `3`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                |
-| `default['firezone']['postgresql']['checkpoint_timeout']`                     | Postgresql checkpoint timeout.                                                                                                                                                                                         | `'5min'`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                           |
-| `default['firezone']['postgresql']['checkpoint_warning']`                     | Postgresql checkpoint warning time in seconds.                                                                                                                                                                         | `'30s'`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            |
-| `default['firezone']['postgresql']['effective_cache_size']`                   | Postgresql effective cache size.                                                                                                                                                                                       | `'128MB'`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          |
-| `default['firezone']['postgresql']['listen_address']`                         | Postgresql listen address.                                                                                                                                                                                             | `'127.0.0.1'`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      |
-| `default['firezone']['postgresql']['max_connections']`                        | Postgresql max connections.                                                                                                                                                                                            | `350`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              |
-| `default['firezone']['postgresql']['md5_auth_cidr_addresses']`                | Postgresql CIDRs to allow for md5 auth.                                                                                                                                                                                | `['127.0.0.1/32', '::1/128']`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      |
-| `default['firezone']['postgresql']['port']`                                   | Postgresql listen port.                                                                                                                                                                                                | `15432`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            |
-| `default['firezone']['postgresql']['shared_buffers']`                         | Postgresql shared buffers size.                                                                                                                                                                                        | `"#{(node['memory']['total'].to_i / 4) / 1024}MB"`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                 |
-| `default['firezone']['postgresql']['shmmax']`                                 | Postgresql shmmax in bytes.                                                                                                                                                                                            | `17179869184`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      |
-| `default['firezone']['postgresql']['shmall']`                                 | Postgresql shmall in bytes.                                                                                                                                                                                            | `4194304`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          |
-| `default['firezone']['postgresql']['work_mem']`                               | Postgresql working memory size.                                                                                                                                                                                        | `'8MB'`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            |
-| `default['firezone']['database']['user']`                                     | Specifies the username Firezone will use to connect to the DB.                                                                                                                                                         | `node['firezone']['postgresql']['username']`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                       |
-| `default['firezone']['database']['password']`                                 | If using an external DB, specifies the password Firezone will use to connect to the DB.                                                                                                                                | `'change_me'`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      |
-| `default['firezone']['database']['name']`                                     | Database that Firezone will use. Will be created if it doesn't exist.                                                                                                                                                  | `'firezone'`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                       |
-| `default['firezone']['database']['host']`                                     | Database host that Firezone will connect to.                                                                                                                                                                           | `node['firezone']['postgresql']['listen_address']`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                 |
-| `default['firezone']['database']['port']`                                     | Database port that Firezone will connect to.                                                                                                                                                                           | `node['firezone']['postgresql']['port']`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                           |
-| `default['firezone']['database']['pool']`                                     | Database pool size Firezone will use.                                                                                                                                                                                  | `[10, Etc.nprocessors].max`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        |
-| `default['firezone']['database']['ssl']`                                      | Whether to connect to the database over SSL.                                                                                                                                                                           | `false`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            |
-| `default['firezone']['database']['ssl_opts']`                                 | Hash of options to send to the `:ssl_opts` option when connecting over SSL. See [Ecto.Adapters.Postgres documentation](https://hexdocs.pm/ecto_sql/Ecto.Adapters.Postgres.html#module-connection-options).             | `{}`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                               |
-| `default['firezone']['database']['parameters']`                               | Hash of parameters to send to the `:parameters` option when connecting to the database. See [Ecto.Adapters.Postgres documentation](https://hexdocs.pm/ecto_sql/Ecto.Adapters.Postgres.html#module-connection-options). | `{}`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                               |
-| `default['firezone']['database']['extensions']`                               | Database extensions to enable.                                                                                                                                                                                         | `{ 'plpgsql' => true, 'pg_trgm' => true }`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                         |
-| `default['firezone']['phoenix']['enabled']`                                   | Enable or disable the Firezone web application.                                                                                                                                                                        | `true`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                             |
-| `default['firezone']['phoenix']['listen_address']`                            | Firezone web application listen address. This will be the upstream listen address that nginx proxies.                                                                                                                  | `'127.0.0.1'`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      |
-| `default['firezone']['phoenix']['port']`                                      | Firezone web application listen port. This will be the upstream port that nginx proxies.                                                                                                                               | `13000`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            |
-| `default['firezone']['phoenix']['log_directory']`                             | Firezone web application log directory.                                                                                                                                                                                | `"#{node['firezone']['log_directory']}/phoenix"`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                   |
-| `default['firezone']['phoenix']['log_rotation']['file_maxbytes']`             | Firezone web application log file size.                                                                                                                                                                                | `104857600`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        |
-| `default['firezone']['phoenix']['log_rotation']['num_to_keep']`               | Number of Firezone web application log files to keep.                                                                                                                                                                  | `10`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                               |
-| `default['firezone']['phoenix']['crash_detection']['enabled']`                | Enable or disable bringing down the Firezone web application when a crash is detected.                                                                                                                                 | `true`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                             |
-| `default['firezone']['phoenix']['external_trusted_proxies']`                  | List of trusted reverse proxies formatted as an Array of IPs and/or CIDRs.                                                                                                                                             | `[]`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                               |
-| `default['firezone']['phoenix']['private_clients']`                           | List of private network HTTP clients, formatted an Array of IPs and/or CIDRs.                                                                                                                                          | `[]`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                               |
-| `default['firezone']['wireguard']['enabled']`                                 | Enable or disable bundled WireGuard management.                                                                                                                                                                        | `true`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                             |
-| `default['firezone']['wireguard']['log_directory']`                           | Log directory for bundled WireGuard management.                                                                                                                                                                        | `"#{node['firezone']['log_directory']}/wireguard"`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                 |
-| `default['firezone']['wireguard']['log_rotation']['file_maxbytes']`           | WireGuard log file max size.                                                                                                                                                                                           | `104857600`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        |
-| `default['firezone']['wireguard']['log_rotation']['num_to_keep']`             | Number of WireGuard log files to keep.                                                                                                                                                                                 | `10`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                               |
-| `default['firezone']['wireguard']['interface_name']`                          | WireGuard interface name. **Changing this parameter may cause a temporary loss in VPN connectivity**.                                                                                                                  | `'wg-firezone'`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    |
-| `default['firezone']['wireguard']['port']`                                    | WireGuard listen port.                                                                                                                                                                                                 | `51820`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            |
-| `default['firezone']['wireguard']['persistent_keepalive']`                    | Default PersistentKeepalive setting for generated device configurations. A value of 0 disables.                                                                                                                        | `0`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                |
-| `default['firezone']['wireguard']['ipv4']['enabled']`                         | Enable or disable IPv4 for WireGuard network.                                                                                                                                                                          | `true`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                             |
-| `default['firezone']['wireguard']['ipv4']['masquerade']`                      | Enable or disable masquerade for packets leaving the IPv4 tunnel.                                                                                                                                                      | `true`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                             |
-| `default['firezone']['wireguard']['ipv4']['network']`                         | WireGuard network IPv4 address pool.                                                                                                                                                                                   | `'10.3.2.0/24'`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    |
-| `default['firezone']['wireguard']['ipv4']['address']`                         | WireGuard interface IPv4 address. Must be within WireGuard address pool.                                                                                                                                               | `'10.3.2.1'`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                       |
-| `default['firezone']['wireguard']['ipv6']['enabled']`                         | Enable or disable IPv6 for WireGuard network.                                                                                                                                                                          | `true`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                             |
-| `default['firezone']['wireguard']['ipv6']['masquerade']`                      | Enable or disable masquerade for packets leaving the IPv6 tunnel.                                                                                                                                                      | `true`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                             |
-| `default['firezone']['wireguard']['ipv6']['network']`                         | WireGuard network IPv6 address pool.                                                                                                                                                                                   | `'fd00::3:2:0/120'`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                |
-| `default['firezone']['wireguard']['ipv6']['address']`                         | WireGuard interface IPv6 address. Must be within IPv6 address pool.                                                                                                                                                    | `'fd00::3:2:1'`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    |
-| `default['firezone']['runit']['svlogd_bin']`                                  | Runit svlogd bin location.                                                                                                                                                                                             | `"#{node['firezone']['install_directory']}/embedded/bin/svlogd"`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                   |
-| `default['firezone']['ssl']['directory']`                                     | SSL directory for storing generated certs.                                                                                                                                                                             | `'/var/opt/firezone/ssl'`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          |
-| `default['firezone']['ssl']['email_address']`                                 | Email address to use for self-signed certs and ACME protocol renewal notices.                                                                                                                                          | `'you@example.com'`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                |
-| `default['firezone']['ssl']['acme']['enabled']`                               | Enable ACME for automatic SSL cert provisioning.                                                                                                                                                                      | `false`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            |
-| `default['firezone']['ssl']['acme']['server']`                                | ACME server to use for certificate issuance/renewal. Can be any [valid acme.sh server](https://github.com/acmesh-official/acme.sh/wiki/Server)                                                                         | `letsencrypt`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      |
-| `default['firezone']['ssl']['acme']['keylength']`                             | Specify the key type and length for SSL certificates. See [here](https://github.com/acmesh-official/acme.sh#10-issue-ecc-certificates)                                                                                 | `ec-256`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                           |
-| `default['firezone']['ssl']['certificate']`                                   | Path to the certificate file for your FQDN. Overrides ACME setting above if specified. If both ACME and this are `nil` a self-signed cert will be generated.                                                           | `nil`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              |
-| `default['firezone']['ssl']['certificate_key']`                               | Path to the certificate file.                                                                                                                                                                                          | `nil`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              |
-| `default['firezone']['ssl']['ssl_dhparam']`                                   | nginx ssl dh_param.                                                                                                                                                                                                    | `nil`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              |
-| `default['firezone']['ssl']['country_name']`                                  | Country name for self-signed cert.                                                                                                                                                                                     | `'US'`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                             |
-| `default['firezone']['ssl']['state_name']`                                    | State name for self-signed cert.                                                                                                                                                                                       | `'CA'`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                             |
-| `default['firezone']['ssl']['locality_name']`                                 | Locality name for self-signed cert.                                                                                                                                                                                    | `'San Francisco'`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  |
-| `default['firezone']['ssl']['company_name']`                                  | Company name self-signed cert.                                                                                                                                                                                         | `'My Company'`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                     |
-| `default['firezone']['ssl']['organizational_unit_name']`                      | Organizational unit name for self-signed cert.                                                                                                                                                                         | `'Operations'`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                     |
-| `default['firezone']['ssl']['ciphers']`                                       | SSL ciphers for nginx to use.                                                                                                                                                                                          | `'ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA:AES256-SHA:AES:CAMELLIA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA'` |
-| `default['firezone']['ssl']['fips_ciphers']`                                  | SSL ciphers for FIPs mode.                                                                                                                                                                                             | `'FIPS@STRENGTH:!aNULL:!eNULL'`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    |
-| `default['firezone']['ssl']['protocols']`                                     | TLS protocols to use.                                                                                                                                                                                                  | `'TLSv1 TLSv1.1 TLSv1.2'`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          |
-| `default['firezone']['ssl']['session_cache']`                                 | SSL session cache.                                                                                                                                                                                                     | `'shared:SSL:4m'`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  |
-| `default['firezone']['ssl']['session_timeout']`                               | SSL session timeout.                                                                                                                                                                                                   | `'5m'`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                             |
-| `default['firezone']['robots_allow']`                                         | nginx robots allow.                                                                                                                                                                                                    | `'/'`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              |
-| `default['firezone']['robots_disallow']`                                      | nginx robots disallow.                                                                                                                                                                                                 | `nil`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              |
-| `default['firezone']['outbound_email']['from']`                               | Outbound email from address.                                                                                                                                                                                           | `nil`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              |
-| `default['firezone']['outbound_email']['provider']`                           | Outbound email service provider.                                                                                                                                                                                       | `nil`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              |
-| `default['firezone']['outbound_email']['configs']`                            | Outbound email provider configs.                                                                                                                                                                                       | see `omnibus/cookbooks/firezone/attributes/default.rb`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                             |
-| `default['firezone']['telemetry']['enabled']`                                 | Enable or disable anonymized product telemetry.                                                                                                                                                                        | `true`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                             |
-| `default['firezone']['connectivity_checks']['enabled']`                       | Enable or disable the Firezone connectivity checks service.                                                                                                                                                            | `true`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                             |
-| `default['firezone']['connectivity_checks']['interval']`                      | Interval between connectivity checks in seconds.                                                                                                                                                                       | `3_600`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            |
+| Option                                                               | Description                                                                                                                                                                                                            | Default Value                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      |
+| -------------------------------------------------------------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ |
+| `default['firezone']['external_url']`                                | URL used to access the web portal of this Firezone instance.                                                                                                                                                           | <code>"https://#{node['fqdn'] &vert;&vert; node['hostname']}"</code>                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                               |
+| `default['firezone']['config_directory']`                            | Top-level directory for Firezone configuration.                                                                                                                                                                        | `'/etc/firezone'`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  |
+| `default['firezone']['install_directory']`                           | Top-level directory to install Firezone to.                                                                                                                                                                            | `'/opt/firezone'`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  |
+| `default['firezone']['app_directory']`                               | Top-level directory to install the Firezone web application.                                                                                                                                                           | `"#{node['firezone']['install_directory']}/embedded/service/firezone"`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                             |
+| `default['firezone']['log_directory']`                               | Top-level directory for Firezone logs.                                                                                                                                                                                 | `'/var/log/firezone'`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              |
+| `default['firezone']['var_directory']`                               | Top-level directory for Firezone runtime files.                                                                                                                                                                        | `'/var/opt/firezone'`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              |
+| `default['firezone']['user']`                                        | Name of unprivileged Linux user most services and files will belong to.                                                                                                                                                | `'firezone'`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                       |
+| `default['firezone']['group']`                                       | Name of Linux group most services and files will belong to.                                                                                                                                                            | `'firezone'`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                       |
+| `default['firezone']['admin_email']`                                 | Email address for initial Firezone user.                                                                                                                                                                               | `"firezone@localhost"`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                             |
+| `default['firezone']['max_devices_per_user']`                        | Maximum number of devices a user can have.                                                                                                                                                                             | `10`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                               |
+| `default['firezone']['allow_unprivileged_device_management']`        | Allows non-admin users to create and delete devices.                                                                                                                                                                   | `true`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                             |
+| `default['firezone']['allow_unprivileged_device_configuration']`     | Allows non-admin users to modify device configurations. When disabled, prevents unprivileged users from changing all device fields except for `name` and `description`.                                                | `true`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                             |
+| `default['firezone']['egress_interface']`                            | Interface name where tunneled traffic will exit. If nil, the default route interface will be used.                                                                                                                     | `nil`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              |
+| `default['firezone']['fips_enabled']`                                | Enable or disable OpenSSL FIPs mode.                                                                                                                                                                                   | `nil`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              |
+| `default['firezone']['logging']['enabled']`                          | Enable or disable logging across Firezone. Set to `false` to disable logging entirely.                                                                                                                                 | `true`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                             |
+| `default['enterprise']['name']`                                      | Name used by the Chef 'enterprise' cookbook.                                                                                                                                                                           | `'firezone'`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                       |
+| `default['firezone']['install_path']`                                | Install path used by Chef 'enterprise' cookbook. Should be set to the same as the `install_directory` above.                                                                                                           | `node['firezone']['install_directory']`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            |
+| `default['firezone']['sysvinit_id']`                                 | An identifier used in `/etc/inittab`. Must be a unique sequence of 1-4 characters.                                                                                                                                     | `'SUP'`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            |
+| `default['firezone']['authentication']['local']['enabled']`          | Enable or disable local email/password authentication.                                                                                                                                                                 | `true`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                             |
+| `default['firezone']['authentication']['disable_vpn_on_oidc_error']` | Disable a user's VPN if an error is detected trying to refresh their OIDC token.                                                                                                                                       | `false`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            |
+| `default['firezone']['authentication']['oidc']`                      | OpenID Connect config, in the format of `{"provider" => [config...]}` - See [OpenIDConnect documentation](https://hexdocs.pm/openid_connect/readme.html) for config examples.                                          | `{}`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                               |
+| `default['firezone']['nginx']['enabled']`                            | Enable or disable the bundled nginx server.                                                                                                                                                                            | `true`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                             |
+| `default['firezone']['nginx']['ssl_port']`                           | HTTPS listen port.                                                                                                                                                                                                     | `443`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              |
+| `default['firezone']['nginx']['directory']`                          | Directory to store Firezone-related nginx virtual host configuration.                                                                                                                                                  | `"#{node['firezone']['var_directory']}/nginx/etc"`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                 |
+| `default['firezone']['nginx']['log_directory']`                      | Directory to store Firezone-related nginx log files.                                                                                                                                                                   | `"#{node['firezone']['log_directory']}/nginx"`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                     |
+| `default['firezone']['nginx']['log_rotation']['file_maxbytes']`      | File size at which to rotate Nginx log files.                                                                                                                                                                          | `104857600`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        |
+| `default['firezone']['nginx']['log_rotation']['num_to_keep']`        | Number of Firezone nginx log files to keep before discarding.                                                                                                                                                          | `10`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                               |
+| `default['firezone']['nginx']['log_x_forwarded_for']`                | Whether to log Firezone nginx `x-forwarded-for` header.                                                                                                                                                                | `true`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                             |
+| `default['firezone']['nginx']['hsts_header']['enabled']`             | Enable or disable [HSTS](https://www.nginx.com/blog/http-strict-transport-security-hsts-and-nginx/).                                                                                                                   | `true`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                             |
+| `default['firezone']['nginx']['hsts_header']['include_subdomains']`  | Enable or disable `includeSubDomains` for the HSTS header.                                                                                                                                                             | `true`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                             |
+| `default['firezone']['nginx']['hsts_header']['max_age']`             | Max age for the HSTS header.                                                                                                                                                                                           | `31536000`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                         |
+| `default['firezone']['nginx']['redirect_to_canonical']`              | Whether to redirect URLs to the canonical FQDN specified above                                                                                                                                                         | `false`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            |
+| `default['firezone']['nginx']['cache']['enabled']`                   | Enable or disable the Firezone nginx cache.                                                                                                                                                                            | `false`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            |
+| `default['firezone']['nginx']['cache']['directory']`                 | Directory for Firezone nginx cache.                                                                                                                                                                                    | `"#{node['firezone']['var_directory']}/nginx/cache"`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                               |
+| `default['firezone']['nginx']['user']`                               | Firezone nginx user.                                                                                                                                                                                                   | `node['firezone']['user']`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                         |
+| `default['firezone']['nginx']['group']`                              | Firezone nginx group.                                                                                                                                                                                                  | `node['firezone']['group']`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        |
+| `default['firezone']['nginx']['dir']`                                | Top-level nginx configuration directory.                                                                                                                                                                               | `node['firezone']['nginx']['directory']`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                           |
+| `default['firezone']['nginx']['log_dir']`                            | Top-level nginx log directory.                                                                                                                                                                                         | `node['firezone']['nginx']['log_directory']`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                       |
+| `default['firezone']['nginx']['pid']`                                | Location for nginx pid file.                                                                                                                                                                                           | `"#{node['firezone']['nginx']['directory']}/nginx.pid"`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            |
+| `default['firezone']['nginx']['daemon_disable']`                     | Disable nginx daemon mode so we can monitor it instead.                                                                                                                                                                | `true`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                             |
+| `default['firezone']['nginx']['gzip']`                               | Turn nginx gzip compression on or off.                                                                                                                                                                                 | `'on'`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                             |
+| `default['firezone']['nginx']['gzip_static']`                        | Turn nginx gzip compression on or off for static files.                                                                                                                                                                | `'off'`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            |
+| `default['firezone']['nginx']['gzip_http_version']`                  | HTTP version to use for serving static files.                                                                                                                                                                          | `'1.0'`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            |
+| `default['firezone']['nginx']['gzip_comp_level']`                    | nginx gzip compression level.                                                                                                                                                                                          | `'2'`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              |
+| `default['firezone']['nginx']['gzip_proxied']`                       | Enables or disables gzipping of responses for proxied requests depending on the request and response.                                                                                                                  | `'any'`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            |
+| `default['firezone']['nginx']['gzip_vary']`                          | Enables or disables inserting the “Vary: Accept-Encoding” response header.                                                                                                                                             | `'off'`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            |
+| `default['firezone']['nginx']['gzip_buffers']`                       | Sets the number and size of buffers used to compress a response. If `nil`, nginx default is used.                                                                                                                      | `nil`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              |
+| `default['firezone']['nginx']['gzip_types']`                         | MIME types to enable gzip compression for.                                                                                                                                                                             | `['text/plain', 'text/css','application/x-javascript', 'text/xml', 'application/xml', 'application/rss+xml', 'application/atom+xml', 'text/javascript', 'application/javascript', 'application/json']`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                             |
+| `default['firezone']['nginx']['gzip_min_length']`                    | Minimum file length to enable file gzip compression for.                                                                                                                                                               | `1000`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                             |
+| `default['firezone']['nginx']['gzip_disable']`                       | User-agent matcher to disable gzip compression for.                                                                                                                                                                    | `'MSIE [1-6]\.'`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                   |
+| `default['firezone']['nginx']['keepalive']`                          | Activates cache for connection to upstream servers.                                                                                                                                                                    | `'on'`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                             |
+| `default['firezone']['nginx']['keepalive_timeout']`                  | Timeout in seconds for keepalive connection to upstream servers.                                                                                                                                                       | `65`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                               |
+| `default['firezone']['nginx']['worker_processes']`                   | Number of nginx worker processes.                                                                                                                                                                                      | `node['cpu'] && node['cpu']['total'] ? node['cpu']['total'] : 1`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                   |
+| `default['firezone']['nginx']['worker_connections']`                 | Max number of simultaneous connections that can be opened by a worker process.                                                                                                                                         | `1024`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                             |
+| `default['firezone']['nginx']['worker_rlimit_nofile']`               | Changes the limit on the maximum number of open files for worker processes. Uses nginx default if nil.                                                                                                                 | `nil`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              |
+| `default['firezone']['nginx']['multi_accept']`                       | Whether workers should accept one connection at a time or multiple.                                                                                                                                                    | `true`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                             |
+| `default['firezone']['nginx']['event']`                              | Specifies the connection processing method to use inside nginx events context.                                                                                                                                         | `'epoll'`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          |
+| `default['firezone']['nginx']['server_tokens']`                      | Enables or disables emitting nginx version on error pages and in the “Server” response header field.                                                                                                                   | `nil`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              |
+| `default['firezone']['nginx']['server_names_hash_bucket_size']`      | Sets the bucket size for the server names hash tables.                                                                                                                                                                 | `64`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                               |
+| `default['firezone']['nginx']['sendfile']`                           | Enables or disables the use of nginx's `sendfile()`.                                                                                                                                                                   | `'on'`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                             |
+| `default['firezone']['nginx']['access_log_options']`                 | Sets nginx access log options.                                                                                                                                                                                         | `nil`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              |
+| `default['firezone']['nginx']['error_log_options']`                  | Sets nginx error log options.                                                                                                                                                                                          | `nil`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              |
+| `default['firezone']['nginx']['disable_access_log']`                 | Disables nginx access log.                                                                                                                                                                                             | `false`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            |
+| `default['firezone']['nginx']['types_hash_max_size']`                | nginx types hash max size.                                                                                                                                                                                             | `2048`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                             |
+| `default['firezone']['nginx']['types_hash_bucket_size']`             | nginx types hash bucket size.                                                                                                                                                                                          | `64`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                               |
+| `default['firezone']['nginx']['proxy_read_timeout']`                 | nginx proxy read timeout. Set to `nil` to use nginx default.                                                                                                                                                           | `nil`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              |
+| `default['firezone']['nginx']['client_body_buffer_size']`            | nginx client body buffer size. Set to `nil` to use nginx default.                                                                                                                                                      | `nil`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              |
+| `default['firezone']['nginx']['client_max_body_size']`               | nginx client max body size.                                                                                                                                                                                            | `'250m'`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                           |
+| `default['firezone']['nginx']['default']['modules']`                 | Specify additional nginx modules.                                                                                                                                                                                      | `[]`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                               |
+| `default['firezone']['nginx']['enable_rate_limiting']`               | Enable or disable nginx rate limiting.                                                                                                                                                                                 | `true`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                             |
+| `default['firezone']['nginx']['rate_limiting_zone_name']`            | Nginx rate limiting zone name.                                                                                                                                                                                         | `'firezone'`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                       |
+| `default['firezone']['nginx']['rate_limiting_backoff']`              | Nginx rate limiting backoff.                                                                                                                                                                                           | `'10m'`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            |
+| `default['firezone']['nginx']['rate_limit']`                         | Nginx rate limit.                                                                                                                                                                                                      | `'10r/s'`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          |
+| `default['firezone']['nginx']['ipv6']`                               | Allow nginx to listen for HTTP requests for IPv6 in addition to IPv4.                                                                                                                                                  | `true`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                             |
+| `default['firezone']['postgresql']['enabled']`                       | Enable or disable bundled Postgresql. Set to `false` and fill in the `database` options below to use your own Postgresql instance.                                                                                     | `true`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                             |
+| `default['firezone']['postgresql']['username']`                      | Username for Postgresql.                                                                                                                                                                                               | `node['firezone']['user']`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                         |
+| `default['firezone']['postgresql']['data_directory']`                | Postgresql data directory.                                                                                                                                                                                             | `"#{node['firezone']['var_directory']}/postgresql/13.3/data"`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      |
+| `default['firezone']['postgresql']['log_directory']`                 | Postgresql log directory.                                                                                                                                                                                              | `"#{node['firezone']['log_directory']}/postgresql"`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                |
+| `default['firezone']['postgresql']['log_rotation']['file_maxbytes']` | Postgresql log file maximum size before it's rotated.                                                                                                                                                                  | `104857600`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        |
+| `default['firezone']['postgresql']['log_rotation']['num_to_keep']`   | Number of Postgresql log files to keep.                                                                                                                                                                                | `10`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                               |
+| `default['firezone']['postgresql']['checkpoint_completion_target']`  | Postgresql checkpoint completion target.                                                                                                                                                                               | `0.5`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              |
+| `default['firezone']['postgresql']['checkpoint_segments']`           | Number of Postgresql checkpoint segments.                                                                                                                                                                              | `3`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                |
+| `default['firezone']['postgresql']['checkpoint_timeout']`            | Postgresql checkpoint timeout.                                                                                                                                                                                         | `'5min'`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                           |
+| `default['firezone']['postgresql']['checkpoint_warning']`            | Postgresql checkpoint warning time in seconds.                                                                                                                                                                         | `'30s'`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            |
+| `default['firezone']['postgresql']['effective_cache_size']`          | Postgresql effective cache size.                                                                                                                                                                                       | `'128MB'`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          |
+| `default['firezone']['postgresql']['listen_address']`                | Postgresql listen address.                                                                                                                                                                                             | `'127.0.0.1'`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      |
+| `default['firezone']['postgresql']['max_connections']`               | Postgresql max connections.                                                                                                                                                                                            | `350`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              |
+| `default['firezone']['postgresql']['md5_auth_cidr_addresses']`       | Postgresql CIDRs to allow for md5 auth.                                                                                                                                                                                | `['127.0.0.1/32', '::1/128']`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      |
+| `default['firezone']['postgresql']['port']`                          | Postgresql listen port.                                                                                                                                                                                                | `15432`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            |
+| `default['firezone']['postgresql']['shared_buffers']`                | Postgresql shared buffers size.                                                                                                                                                                                        | `"#{(node['memory']['total'].to_i / 4) / 1024}MB"`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                 |
+| `default['firezone']['postgresql']['shmmax']`                        | Postgresql shmmax in bytes.                                                                                                                                                                                            | `17179869184`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      |
+| `default['firezone']['postgresql']['shmall']`                        | Postgresql shmall in bytes.                                                                                                                                                                                            | `4194304`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          |
+| `default['firezone']['postgresql']['work_mem']`                      | Postgresql working memory size.                                                                                                                                                                                        | `'8MB'`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            |
+| `default['firezone']['database']['user']`                            | Specifies the username Firezone will use to connect to the DB.                                                                                                                                                         | `node['firezone']['postgresql']['username']`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                       |
+| `default['firezone']['database']['password']`                        | If using an external DB, specifies the password Firezone will use to connect to the DB.                                                                                                                                | `'change_me'`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      |
+| `default['firezone']['database']['name']`                            | Database that Firezone will use. Will be created if it doesn't exist.                                                                                                                                                  | `'firezone'`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                       |
+| `default['firezone']['database']['host']`                            | Database host that Firezone will connect to.                                                                                                                                                                           | `node['firezone']['postgresql']['listen_address']`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                 |
+| `default['firezone']['database']['port']`                            | Database port that Firezone will connect to.                                                                                                                                                                           | `node['firezone']['postgresql']['port']`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                           |
+| `default['firezone']['database']['pool']`                            | Database pool size Firezone will use.                                                                                                                                                                                  | `[10, Etc.nprocessors].max`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        |
+| `default['firezone']['database']['ssl']`                             | Whether to connect to the database over SSL.                                                                                                                                                                           | `false`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            |
+| `default['firezone']['database']['ssl_opts']`                        | Hash of options to send to the `:ssl_opts` option when connecting over SSL. See [Ecto.Adapters.Postgres documentation](https://hexdocs.pm/ecto_sql/Ecto.Adapters.Postgres.html#module-connection-options).             | `{}`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                               |
+| `default['firezone']['database']['parameters']`                      | Hash of parameters to send to the `:parameters` option when connecting to the database. See [Ecto.Adapters.Postgres documentation](https://hexdocs.pm/ecto_sql/Ecto.Adapters.Postgres.html#module-connection-options). | `{}`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                               |
+| `default['firezone']['database']['extensions']`                      | Database extensions to enable.                                                                                                                                                                                         | `{ 'plpgsql' => true, 'pg_trgm' => true }`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                         |
+| `default['firezone']['phoenix']['enabled']`                          | Enable or disable the Firezone web application.                                                                                                                                                                        | `true`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                             |
+| `default['firezone']['phoenix']['listen_address']`                   | Firezone web application listen address. This will be the upstream listen address that nginx proxies.                                                                                                                  | `'127.0.0.1'`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      |
+| `default['firezone']['phoenix']['port']`                             | Firezone web application listen port. This will be the upstream port that nginx proxies.                                                                                                                               | `13000`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            |
+| `default['firezone']['phoenix']['log_directory']`                    | Firezone web application log directory.                                                                                                                                                                                | `"#{node['firezone']['log_directory']}/phoenix"`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                   |
+| `default['firezone']['phoenix']['log_rotation']['file_maxbytes']`    | Firezone web application log file size.                                                                                                                                                                                | `104857600`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        |
+| `default['firezone']['phoenix']['log_rotation']['num_to_keep']`      | Number of Firezone web application log files to keep.                                                                                                                                                                  | `10`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                               |
+| `default['firezone']['phoenix']['crash_detection']['enabled']`       | Enable or disable bringing down the Firezone web application when a crash is detected.                                                                                                                                 | `true`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                             |
+| `default['firezone']['phoenix']['external_trusted_proxies']`         | List of trusted reverse proxies formatted as an Array of IPs and/or CIDRs.                                                                                                                                             | `[]`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                               |
+| `default['firezone']['phoenix']['private_clients']`                  | List of private network HTTP clients, formatted an Array of IPs and/or CIDRs.                                                                                                                                          | `[]`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                               |
+| `default['firezone']['wireguard']['enabled']`                        | Enable or disable bundled WireGuard management.                                                                                                                                                                        | `true`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                             |
+| `default['firezone']['wireguard']['log_directory']`                  | Log directory for bundled WireGuard management.                                                                                                                                                                        | `"#{node['firezone']['log_directory']}/wireguard"`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                 |
+| `default['firezone']['wireguard']['log_rotation']['file_maxbytes']`  | WireGuard log file max size.                                                                                                                                                                                           | `104857600`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        |
+| `default['firezone']['wireguard']['log_rotation']['num_to_keep']`    | Number of WireGuard log files to keep.                                                                                                                                                                                 | `10`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                               |
+| `default['firezone']['wireguard']['interface_name']`                 | WireGuard interface name. **Changing this parameter may cause a temporary loss in VPN connectivity**.                                                                                                                  | `'wg-firezone'`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    |
+| `default['firezone']['wireguard']['port']`                           | WireGuard listen port.                                                                                                                                                                                                 | `51820`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            |
+| `default['firezone']['wireguard']['persistent_keepalive']`           | Default PersistentKeepalive setting for generated device configurations. A value of 0 disables.                                                                                                                        | `0`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                |
+| `default['firezone']['wireguard']['ipv4']['enabled']`                | Enable or disable IPv4 for WireGuard network.                                                                                                                                                                          | `true`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                             |
+| `default['firezone']['wireguard']['ipv4']['masquerade']`             | Enable or disable masquerade for packets leaving the IPv4 tunnel.                                                                                                                                                      | `true`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                             |
+| `default['firezone']['wireguard']['ipv4']['network']`                | WireGuard network IPv4 address pool.                                                                                                                                                                                   | `'10.3.2.0/24'`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    |
+| `default['firezone']['wireguard']['ipv4']['address']`                | WireGuard interface IPv4 address. Must be within WireGuard address pool.                                                                                                                                               | `'10.3.2.1'`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                       |
+| `default['firezone']['wireguard']['ipv6']['enabled']`                | Enable or disable IPv6 for WireGuard network.                                                                                                                                                                          | `true`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                             |
+| `default['firezone']['wireguard']['ipv6']['masquerade']`             | Enable or disable masquerade for packets leaving the IPv6 tunnel.                                                                                                                                                      | `true`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                             |
+| `default['firezone']['wireguard']['ipv6']['network']`                | WireGuard network IPv6 address pool.                                                                                                                                                                                   | `'fd00::3:2:0/120'`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                |
+| `default['firezone']['wireguard']['ipv6']['address']`                | WireGuard interface IPv6 address. Must be within IPv6 address pool.                                                                                                                                                    | `'fd00::3:2:1'`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    |
+| `default['firezone']['runit']['svlogd_bin']`                         | Runit svlogd bin location.                                                                                                                                                                                             | `"#{node['firezone']['install_directory']}/embedded/bin/svlogd"`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                   |
+| `default['firezone']['ssl']['directory']`                            | SSL directory for storing generated certs.                                                                                                                                                                             | `'/var/opt/firezone/ssl'`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          |
+| `default['firezone']['ssl']['email_address']`                        | Email address to use for self-signed certs and ACME protocol renewal notices.                                                                                                                                          | `'you@example.com'`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                |
+| `default['firezone']['ssl']['acme']['enabled']`                      | Enable ACME for automatic SSL cert provisioning.                                                                                                                                                                       | `false`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            |
+| `default['firezone']['ssl']['acme']['server']`                       | ACME server to use for certificate issuance/renewal. Can be any [valid acme.sh server](https://github.com/acmesh-official/acme.sh/wiki/Server)                                                                         | `letsencrypt`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      |
+| `default['firezone']['ssl']['acme']['keylength']`                    | Specify the key type and length for SSL certificates. See [here](https://github.com/acmesh-official/acme.sh#10-issue-ecc-certificates)                                                                                 | `ec-256`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                           |
+| `default['firezone']['ssl']['certificate']`                          | Path to the certificate file for your FQDN. Overrides ACME setting above if specified. If both ACME and this are `nil` a self-signed cert will be generated.                                                           | `nil`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              |
+| `default['firezone']['ssl']['certificate_key']`                      | Path to the certificate file.                                                                                                                                                                                          | `nil`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              |
+| `default['firezone']['ssl']['ssl_dhparam']`                          | nginx ssl dh_param.                                                                                                                                                                                                    | `nil`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              |
+| `default['firezone']['ssl']['country_name']`                         | Country name for self-signed cert.                                                                                                                                                                                     | `'US'`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                             |
+| `default['firezone']['ssl']['state_name']`                           | State name for self-signed cert.                                                                                                                                                                                       | `'CA'`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                             |
+| `default['firezone']['ssl']['locality_name']`                        | Locality name for self-signed cert.                                                                                                                                                                                    | `'San Francisco'`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  |
+| `default['firezone']['ssl']['company_name']`                         | Company name self-signed cert.                                                                                                                                                                                         | `'My Company'`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                     |
+| `default['firezone']['ssl']['organizational_unit_name']`             | Organizational unit name for self-signed cert.                                                                                                                                                                         | `'Operations'`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                     |
+| `default['firezone']['ssl']['ciphers']`                              | SSL ciphers for nginx to use.                                                                                                                                                                                          | `'ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA:AES256-SHA:AES:CAMELLIA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA'` |
+| `default['firezone']['ssl']['fips_ciphers']`                         | SSL ciphers for FIPs mode.                                                                                                                                                                                             | `'FIPS@STRENGTH:!aNULL:!eNULL'`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    |
+| `default['firezone']['ssl']['protocols']`                            | TLS protocols to use.                                                                                                                                                                                                  | `'TLSv1 TLSv1.1 TLSv1.2'`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          |
+| `default['firezone']['ssl']['session_cache']`                        | SSL session cache.                                                                                                                                                                                                     | `'shared:SSL:4m'`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  |
+| `default['firezone']['ssl']['session_timeout']`                      | SSL session timeout.                                                                                                                                                                                                   | `'5m'`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                             |
+| `default['firezone']['robots_allow']`                                | nginx robots allow.                                                                                                                                                                                                    | `'/'`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              |
+| `default['firezone']['robots_disallow']`                             | nginx robots disallow.                                                                                                                                                                                                 | `nil`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              |
+| `default['firezone']['outbound_email']['from']`                      | Outbound email from address.                                                                                                                                                                                           | `nil`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              |
+| `default['firezone']['outbound_email']['provider']`                  | Outbound email service provider.                                                                                                                                                                                       | `nil`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              |
+| `default['firezone']['outbound_email']['configs']`                   | Outbound email provider configs.                                                                                                                                                                                       | see `omnibus/cookbooks/firezone/attributes/default.rb`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                             |
+| `default['firezone']['telemetry']['enabled']`                        | Enable or disable anonymized product telemetry.                                                                                                                                                                        | `true`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                             |
+| `default['firezone']['connectivity_checks']['enabled']`              | Enable or disable the Firezone connectivity checks service.                                                                                                                                                            | `true`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                             |
+| `default['firezone']['connectivity_checks']['interval']`             | Interval between connectivity checks in seconds.                                                                                                                                                                       | `3_600`                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            |
 
 <!-- markdownlint-enable MD033 -->
 <!-- markdownlint-enable MD034 -->
diff --git a/www/docs/reference/env-vars.mdx b/www/docs/reference/env-vars.mdx
index ba69aae33..76736b777 100644
--- a/www/docs/reference/env-vars.mdx
+++ b/www/docs/reference/env-vars.mdx
@@ -12,7 +12,7 @@ For Docker-based deployments, deployment-related or infrastructure-related
 config of Firezone is done through environment variables passed to the
 Firezone image upon launch.
 
-Read more about configuring Firezone in our [configure guide](/deploy/configure).
+Read more about configuring Firezone in our [configure guide](/docs/deploy/configure).
 
 ## Environment Variable Listing
 
@@ -20,7 +20,7 @@ We recommend setting these in your Docker ENV file (`$HOME/.firezone/.env` by
 default). Required fields in **bold**.
 
 | Name                           | Description                                                                                                                                                                                                           | Format                                                                                                                                                                                                                 | Default                                                                          |
-| ------------------------------ | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------                                             | -------------------------------------------------------------------------------- |
+| ------------------------------ | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -------------------------------------------------------------------------------- |
 | **`EXTERNAL_URL`**             | The external URL the web UI will be accessible at. Must be a valid FQDN for ACME SSL issuance to function.                                                                                                            | String                                                                                                                                                                                                                 |                                                                                  |
 | **`ADMIN_EMAIL`**              | Primary administrator email.                                                                                                                                                                                          | String                                                                                                                                                                                                                 |                                                                                  |
 | **`DEFAULT_ADMIN_PASSWORD`**   | Default password that will be used for creating or resetting the primary administrator account.                                                                                                                       | String                                                                                                                                                                                                                 | Randomly generated upon install with `docker run firezone/firezone bin/gen-env`. |
@@ -61,4 +61,4 @@ default). Required fields in **bold**.
 | `WIREGUARD_MTU`                | MTU to use for the server-side WireGuard MTU interface.                                                                                                                                                               | String                                                                                                                                                                                                                 | `1280`                                                                           |
 | `WIREGUARD_PORT`               | Port to listen on for WireGuard connections.                                                                                                                                                                          | Integer                                                                                                                                                                                                                | `51820`                                                                          |
 | `SECURE_COOKIES`               | Enable or disable requiring secure cookies. Required for HTTPS.                                                                                                                                                       | Boolean                                                                                                                                                                                                                | `true`                                                                           |
-| `TELEMETRY_ENABLED`            | Enable / disable product telemetry. Read more about [what that means here](/reference/telemetry).                                                                                                                     | Boolean                                                                                                                                                                                                                | `true`                                                                           |
+| `TELEMETRY_ENABLED`            | Enable / disable product telemetry. Read more about [what that means here](/docs/reference/telemetry).                                                                                                                | Boolean                                                                                                                                                                                                                | `true`                                                                           |
diff --git a/www/docs/reference/file-and-directory-locations.mdx b/www/docs/reference/file-and-directory-locations.mdx
index e1061b799..f830a4f19 100644
--- a/www/docs/reference/file-and-directory-locations.mdx
+++ b/www/docs/reference/file-and-directory-locations.mdx
@@ -11,7 +11,7 @@ your installation.
 <TabItem label="Docker" value="docker" default>
 
 | Default path                                                                                                | Description                                                                                                               |
-| ---                                                                                                         | ---                                                                                                                       |
+| ----------------------------------------------------------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------- |
 | `$HOME/.firezone/.env`                                                                                      | Firezone secrets used for encryption, cookies, and sessions. **Losing this file will result in irrecoverable data loss**. |
 | `$HOME/.firezone/docker-compose.yml`                                                                        | Docker Compose file used to manage Firezone services.                                                                     |
 | `$HOME/.firezone/firezone`                                                                                  | Top-level directory containing Firezone-related persisted data                                                            |
@@ -22,7 +22,7 @@ your installation.
 <TabItem label="Omnibus" value="omnibus">
 
 | Path                                                  | Description                                                                                    |
-| ---                                                   | ---                                                                                            |
+| ----------------------------------------------------- | ---------------------------------------------------------------------------------------------- |
 | `/var/opt/firezone`                                   | Top-level directory containing data and generated configuration for Firezone bundled services. |
 | `/opt/firezone`                                       | Top-level directory containing built libraries, binaries and runtime files needed by Firezone. |
 | `/usr/bin/firezone-ctl`                               | `firezone-ctl` utility for managing your Firezone installation.                                |
@@ -34,4 +34,4 @@ your installation.
 
 ## Backup and restore
 
-See our [backup guide](/administer/backup).
+See our [backup guide](/docs/administer/backup).
diff --git a/www/docs/reference/rest-api/users.mdx b/www/docs/reference/rest-api/users.mdx
index 10c869cba..2e8dd717c 100644
--- a/www/docs/reference/rest-api/users.mdx
+++ b/www/docs/reference/rest-api/users.mdx
@@ -4,7 +4,6 @@ sidebar_position: 2
 toc_max_heading_level: 4
 ---
 
-
 This endpoint allows an administrator to manage Users.
 
 ## Auto-Create Users from OpenID or SAML providers
@@ -17,11 +16,11 @@ If `auto_create_users` is `false`, then you need to provision users with `passwo
 otherwise they will have no means to log in.
 
 ## API Documentation
+
 ### List all Users [`GET /v0/users`]
 
-
-
 #### Example
+
 ```bash
 $ curl -i \
   -X GET "https://{firezone_host}/v0/users" \
@@ -76,18 +75,18 @@ Content-Type: application/json; charset=utf-8
   ]
 }
 ```
-### Create a User [`POST /v0/users`]
 
+### Create a User [`POST /v0/users`]
 
 Create a new User.
 
 This endpoint is useful in two cases:
 
-  1. When [Local Authentication](/authenticate/local-auth/) is enabled (discouraged in
-    production deployments), it allows an administrator to provision users with their passwords;
-  2. When `auto_create_users` in the associated OpenID or SAML configuration is disabled,
-    it allows an administrator to provision users with their emails beforehand, effectively
-    whitelisting specific users for authentication.
+1. When [Local Authentication](/docs/authenticate/local-auth/) is enabled (discouraged in
+   production deployments), it allows an administrator to provision users with their passwords;
+2. When `auto_create_users` in the associated OpenID or SAML configuration is disabled,
+   it allows an administrator to provision users with their emails beforehand, effectively
+   whitelisting specific users for authentication.
 
 If `auto_create_users` is `true` in the associated OpenID or SAML configuration, there is no need
 to provision users; they will be created automatically when they log in for the first time using
@@ -95,14 +94,15 @@ the associated OpenID or SAML provider.
 
 #### User Attributes
 
-| Attribute | Type | Required | Description |
-| --------- | ---- | -------- | ----------- |
-| `role` | `admin` or `unprivileged` (default) | No | User role. |
-| `email` | `string` | Yes | Email which will be used to identify the user. |
-| `password` | `string` | No | A password that can be used for login-password authentication. |
-| `password_confirmation` | `string` | -> | Is required when the `password` is set. |
+| Attribute               | Type                                | Required | Description                                                    |
+| ----------------------- | ----------------------------------- | -------- | -------------------------------------------------------------- |
+| `role`                  | `admin` or `unprivileged` (default) | No       | User role.                                                     |
+| `email`                 | `string`                            | Yes      | Email which will be used to identify the user.                 |
+| `password`              | `string`                            | No       | A password that can be used for login-password authentication. |
+| `password_confirmation` | `string`                            | ->       | Is required when the `password` is set.                        |
 
 #### Example
+
 ```bash
 $ curl -i \
   -X POST "https://{firezone_host}/v0/users" \
@@ -136,7 +136,9 @@ Location: /v0/users/86616e3e-13f0-4177-bc8e-1a0e588f0be8
   }
 }
 ```
+
 #### Provision an unprivileged OpenID User
+
 ```bash
 $ curl -i \
   -X POST "https://{firezone_host}/v0/users" \
@@ -168,7 +170,9 @@ Location: /v0/users/6e7962a7-c183-4afb-8569-9001bdfd0d87
   }
 }
 ```
+
 #### Provision an admin OpenID User
+
 ```bash
 $ curl -i \
   -X POST "https://{firezone_host}/v0/users" \
@@ -200,7 +204,9 @@ Location: /v0/users/dedc4dcc-0f65-4110-ad7f-9c354e36e5e5
   }
 }
 ```
+
 #### Error due to invalid parameters
+
 ```bash
 $ curl -i \
   -X POST "https://{firezone_host}/v0/users" \
@@ -227,14 +233,15 @@ Content-Type: application/json; charset=utf-8
   }
 }
 ```
+
 ### GET /v0/users/{id}
 
-
-
 #### An email can be used instead of ID.
+
 **URI Parameters:**
 
-  - `id`: `test-1481@test`
+- `id`: `test-1481@test`
+
 ```bash
 $ curl -i \
   -X GET "https://{firezone_host}/v0/users/{id}" \
@@ -257,15 +264,17 @@ Content-Type: application/json; charset=utf-8
   }
 }
 ```
-### Update a User [`PATCH /v0/users/{id}`]
 
+### Update a User [`PATCH /v0/users/{id}`]
 
 For details please see [Create a User](#create-a-user-post-v0users) section.
 
 #### Update by email
+
 **URI Parameters:**
 
-  - `id`: `test-3618@test`
+- `id`: `test-3618@test`
+
 ```bash
 $ curl -i \
   -X PUT "https://{firezone_host}/v0/users/{id}" \
@@ -293,10 +302,13 @@ Content-Type: application/json; charset=utf-8
   }
 }
 ```
+
 #### Update by ID
+
 **URI Parameters:**
 
-  - `id`: `8dd4eff5-3d2f-4868-94cd-73abb6f130dc`
+- `id`: `8dd4eff5-3d2f-4868-94cd-73abb6f130dc`
+
 ```bash
 $ curl -i \
   -X PUT "https://{firezone_host}/v0/users/{id}" \
@@ -324,14 +336,15 @@ Content-Type: application/json; charset=utf-8
   }
 }
 ```
+
 ### DELETE /v0/users/{id}
 
-
-
 #### Example
+
 **URI Parameters:**
 
-  - `id`: `fc0b513f-bd4b-4015-ac71-29b59c678a20`
+- `id`: `fc0b513f-bd4b-4015-ac71-29b59c678a20`
+
 ```bash
 $ curl -i \
   -X DELETE "https://{firezone_host}/v0/users/{id}" \
@@ -340,10 +353,13 @@ $ curl -i \
 
 HTTP/1.1 204
 ```
+
 #### An email can be used instead of ID.
+
 **URI Parameters:**
 
-  - `id`: `test-3816@test`
+- `id`: `test-3816@test`
+
 ```bash
 $ curl -i \
   -X DELETE "https://{firezone_host}/v0/users/{id}" \
diff --git a/www/docs/reference/telemetry.mdx b/www/docs/reference/telemetry.mdx
index f0b61ab14..92751e620 100644
--- a/www/docs/reference/telemetry.mdx
+++ b/www/docs/reference/telemetry.mdx
@@ -8,7 +8,7 @@ self-hosted instance and how to disable it.
 
 ## Why Firezone collects telemetry
 
-We *rely* on telemetry to prioritize our roadmap and optimize the engineering
+We _rely_ on telemetry to prioritize our roadmap and optimize the engineering
 resources we have to make Firezone better for everyone.
 
 The telemetry we collect aims to answer the following questions:
@@ -17,7 +17,7 @@ The telemetry we collect aims to answer the following questions:
 - What features are most valuable, and which ones don’t see any use?
 - What functionality needs the most improvement?
 - When something breaks, why did it break, and how can we prevent it from happening
-in the future?
+  in the future?
 
 ## How we collect telemetry
 
@@ -31,7 +31,7 @@ In each of these three contexts, we capture the minimum amount of data necessary
 to answer the questions in the section above.
 
 Admin emails are collected **only if** you explicitly opt-in to product updates.
-Otherwise, personally-identifiable information is ***never*** collected.
+Otherwise, personally-identifiable information is **_never_** collected.
 
 We store telemetry in [PostHog](https://posthog.com) only accessible by the Firezone team.
 Here is an example of a telemetry event that is sent from your instance of
@@ -39,41 +39,39 @@ Firezone to our telemetry server:
 
 ```json
 {
-    "id": "0182272d-0b88-0000-d419-7b9a413713f1",
-    "timestamp": "2022-07-22T18:30:39.748000+00:00",
-    "event": "fz_http_started",
-    "distinct_id": "1ec2e794-1c3e-43fc-a78f-1db6d1a37f54",
-    "properties": {
-        "$geoip_city_name": "Ashburn",
-        "$geoip_continent_code": "NA",
-        "$geoip_continent_name": "North America",
-        "$geoip_country_code": "US",
-        "$geoip_country_name": "United States",
-        "$geoip_latitude": 39.0469,
-        "$geoip_longitude": -77.4903,
-        "$geoip_postal_code": "20149",
-        "$geoip_subdivision_1_code": "VA",
-        "$geoip_subdivision_1_name": "Virginia",
-        "$geoip_time_zone": "America/New_York",
-        "$ip": "52.200.241.107",
-        "$plugins_deferred": [],
-        "$plugins_failed": [],
-        "$plugins_succeeded": [
-            "GeoIP (3)"
-        ],
-        "distinct_id": "1zc2e794-1c3e-43fc-a78f-1db6d1a37f54",
-        "fqdn": "awsdemo.firezone.dev",
-        "kernel_version": "linux 5.13.0",
-        "version": "0.4.6"
-    },
-    "elements_chain": ""
+  "id": "0182272d-0b88-0000-d419-7b9a413713f1",
+  "timestamp": "2022-07-22T18:30:39.748000+00:00",
+  "event": "fz_http_started",
+  "distinct_id": "1ec2e794-1c3e-43fc-a78f-1db6d1a37f54",
+  "properties": {
+    "$geoip_city_name": "Ashburn",
+    "$geoip_continent_code": "NA",
+    "$geoip_continent_name": "North America",
+    "$geoip_country_code": "US",
+    "$geoip_country_name": "United States",
+    "$geoip_latitude": 39.0469,
+    "$geoip_longitude": -77.4903,
+    "$geoip_postal_code": "20149",
+    "$geoip_subdivision_1_code": "VA",
+    "$geoip_subdivision_1_name": "Virginia",
+    "$geoip_time_zone": "America/New_York",
+    "$ip": "52.200.241.107",
+    "$plugins_deferred": [],
+    "$plugins_failed": [],
+    "$plugins_succeeded": ["GeoIP (3)"],
+    "distinct_id": "1zc2e794-1c3e-43fc-a78f-1db6d1a37f54",
+    "fqdn": "awsdemo.firezone.dev",
+    "kernel_version": "linux 5.13.0",
+    "version": "0.4.6"
+  },
+  "elements_chain": ""
 }
 ```
 
 ## How to disable telemetry
 
 :::note
-We *rely* on product analytics to make Firezone better for everyone.
+We _rely_ on product analytics to make Firezone better for everyone.
 Leaving telemetry enabled is the **single most valuable contribution** you can
 make to Firezone’s development. That said, we understand some users have higher
 privacy or security requirements and would prefer to disable telemetry altogether.
@@ -103,6 +101,6 @@ default['firezone']['telemetry']['enabled'] = false
 
 :::note
 If you’re looking for support running Firezone in air-gapped or other
-restrictive environments, [contact us](https://www.firezone.dev/contact/sales?utm_source=docs.firezone.dev) about our
-[Enterprise](https://www.firezone.dev/pricing?utm_source=docs.firezone.dev) functionality.
+restrictive environments, [contact us](/sales) about our
+[Enterprise](/pricing) functionality.
 :::
diff --git a/www/docs/user-guides/add-devices.mdx b/www/docs/user-guides/add-devices.mdx
index 34e53d685..a468029e6 100644
--- a/www/docs/user-guides/add-devices.mdx
+++ b/www/docs/user-guides/add-devices.mdx
@@ -11,7 +11,7 @@ be shown again once it is no longer displayed.
 
 **We recommend asking end users to generate their own device configs so the
 WireGuard private key is not exposed.** Users can follow instructions
-on the [Client Instructions](/user-guides/client-instructions/) page to
+on the [Client Instructions](/docs/user-guides/client-instructions/) page to
 generate their own WireGuard configs.
 
 ## Admin device config generation
@@ -24,9 +24,9 @@ clicking the "Add Device" button on the user profile page found in `/users`.
 Once the device profile is created, the admin can download and send the
 WireGuard configuration file to the user over a secure channel.
 
-See [Add Users](/user-guides/add-users/) for more information on how to add a
+See [Add Users](/docs/user-guides/add-users/) for more information on how to add a
 user.
 
 ## Related guides
 
-* [Client Instructions](/user-guides/client-instructions/)
+- [Client Instructions](/docs/user-guides/client-instructions/)
diff --git a/www/docs/user-guides/add-users.mdx b/www/docs/user-guides/add-users.mdx
index e9ba9ae6c..585841e62 100644
--- a/www/docs/user-guides/add-users.mdx
+++ b/www/docs/user-guides/add-users.mdx
@@ -7,18 +7,18 @@ sidebar_position: 1
 
 Once you have successfully installed Firezone you'll need to add users to grant
 them access to your network. This can be done through the Web UI or the
-[REST API](/reference/rest-api/users).
+[REST API](/docs/reference/rest-api/users).
 
 ## Web UI
 
 Add a user by clicking the "Add User" button under `/users`. You will be asked
 to specify an email and a password for the user. Firezone can also integrate and
 sync with an identity provider to automatically grant access to users in your
-organization. See [Authenticate](/authenticate/) for more
+organization. See [Authenticate](/docs/authenticate/) for more
 information.
 
 ![add user](https://user-images.githubusercontent.com/52545545/153469244-c007c305-bfb0-4da7-a40c-6f41fa458c76.png)
 
 ## Related guides
 
-* [Authenticate](/authenticate/)
+- [Authenticate](/docs/authenticate/)
diff --git a/www/docs/user-guides/use-cases/nat-gateway/README.mdx b/www/docs/user-guides/use-cases/nat-gateway/README.mdx
index 9f55c7910..e83b5c9b9 100644
--- a/www/docs/user-guides/use-cases/nat-gateway/README.mdx
+++ b/www/docs/user-guides/use-cases/nat-gateway/README.mdx
@@ -10,10 +10,10 @@ Firezone can be used as NAT gateway in order to provide a single,
 static egress IP for all of your team's traffic to flow out of.
 This is commonly used in the following scenarios:
 
-* Consulting engagements: Ask your client to whitelist a single static
+- Consulting engagements: Ask your client to whitelist a single static
   IP address associated with your engagement instead of your employees'
   individual device IPs.
-* Masking your device IP or proxying your source IP for privacy or
+- Masking your device IP or proxying your source IP for privacy or
   security reasons.
 
 This guide will walk through a simple example restricting access for a
@@ -38,14 +38,14 @@ In this example the protected resource and Firezone are in separate VPC regions.
 
 In this example, a Firezone instance has been set up on a `tc2.micro`
 EC2 instance. See the
-[Deployment Guide](/deploy/)
+[Deployment Guide](/docs/deploy/)
 for details on deploying Firezone. Specific to AWS, ensure:
 
 1. The security group of the Firezone EC2 instance allows outbound traffic to the
-IP of the protected resource.
+   IP of the protected resource.
 1. An Elastic IP is associated with the Firezone instance. This will be the
-source IP address of traffic routed through the Firezone instance to external destinations.
-In this case, the IP is `52.202.88.54`.
+   source IP address of traffic routed through the Firezone instance to external destinations.
+   In this case, the IP is `52.202.88.54`.
 
 ![Allocate Elastic IP](https://user-images.githubusercontent.com/52545545/154821256-9335703b-a120-4a9d-b9f5-bbca673cef63.png)
 
@@ -66,6 +66,6 @@ party to allow traffic from the static IP set in Step 1 (in this case `52.202.88
 By default, all traffic from team members will be routed through Firezone
 and will originate from the static IP set in Step 1 (in this case `52.202.88.54`).
 However, if
-[split tunneling](/user-guides/use-cases/split-tunnel/)
+[split tunneling](/docs/user-guides/use-cases/split-tunnel/)
 has been enabled, configuration may be required to ensure the destination IP of
 the protected resource is included in the `Allowed IPs`.
diff --git a/www/docs/user-guides/use-cases/reverse-tunnel.mdx b/www/docs/user-guides/use-cases/reverse-tunnel.mdx
index d7accdb18..2759cf518 100644
--- a/www/docs/user-guides/use-cases/reverse-tunnel.mdx
+++ b/www/docs/user-guides/use-cases/reverse-tunnel.mdx
@@ -1,8 +1,7 @@
 ---
 title: Reverse Tunnel
 sidebar_position: 2
-description:
-  Configure Firezone as a relay to connect two or more devices.
+description: Configure Firezone as a relay to connect two or more devices.
 ---
 
 This guide will walk through using Firezone as a relay to connect
@@ -19,7 +18,7 @@ between Device A and Device B.
 Start by creating Device A and Device B by navigating to `/users/[user_id]/new_device`.
 In the settings for each device, ensure the following parameters are set to the
 values listed below. You can set device settings when creating the device config
-(see [Add Devices](/user-guides/add-devices/)).
+(see [Add Devices](/docs/user-guides/add-devices/)).
 If you need to update settings on an existing device, you can do so by generating
 a new device config.
 
@@ -50,7 +49,7 @@ administrator or engineer accessing multiple resources
 
 In the settings for each device, ensure the following parameters are set to the
 values listed below. You can set device settings when creating the device config
-(see [Add Devices](/user-guides/add-devices/)).
+(see [Add Devices](/docs/user-guides/add-devices/)).
 If you need to update settings on an existing device, you can do so by generating
 a new device config.
 
@@ -81,4 +80,4 @@ Device D
 
 ## Related guides
 
-- [NAT Gateway](/user-guides/use-cases/nat-gateway/)
+- [NAT Gateway](/docs/user-guides/use-cases/nat-gateway/)
diff --git a/www/docs/user-guides/use-cases/split-tunnel.mdx b/www/docs/user-guides/use-cases/split-tunnel.mdx
index 4165b46d7..9de66e4c2 100644
--- a/www/docs/user-guides/use-cases/split-tunnel.mdx
+++ b/www/docs/user-guides/use-cases/split-tunnel.mdx
@@ -1,8 +1,7 @@
 ---
 title: Split Tunnel VPN
 sidebar_position: 1
-description:
-  Configure Firezone for split tunneling. Route some network traffic
+description: Configure Firezone for split tunneling. Route some network traffic
   from end users through the encrypted WireGuard® tunnel.
 ---
 
@@ -27,10 +26,10 @@ Some examples of values in this field are:
 
 - `0.0.0.0/0, ::/0` - all network traffic will be routed to the VPN server.
 - `192.0.2.3/32` - only traffic to a single IP address
-will be routed to the VPN server.
+  will be routed to the VPN server.
 - `3.5.140.0/22` - only traffic to IPs in the `3.5.140.1 - 3.5.143.254` range
-will be routed to the VPN server.
-In this example, the CIDR range for the `ap-northeast-2` AWS region was used.
+  will be routed to the VPN server.
+  In this example, the CIDR range for the `ap-northeast-2` AWS region was used.
 
 :::note
 When deciding where to route a packet, Firezone chooses the egress
@@ -59,4 +58,4 @@ future device configurations generated by Firezone.
 Users need to regenerate device configurations to update existing devices
 for the updated configuration changes to `AllowedIPs`, `DNS`, `PersistentKeepalive`, `MTU`, and `Endpoint`.
 
-See [add device](/user-guides/add-devices/) for instructions.
+See [add device](/docs/user-guides/add-devices/) for instructions.
diff --git a/www/docusaurus.config.js b/www/docusaurus.config.js
index 13d587f3e..41995df20 100644
--- a/www/docusaurus.config.js
+++ b/www/docusaurus.config.js
@@ -1,31 +1,31 @@
 // @ts-check
 // Note: type annotations allow type checking and IDEs autocompletion
 
-const lightCodeTheme = require('prism-react-renderer/themes/github');
-const darkCodeTheme = require('prism-react-renderer/themes/dracula');
+const lightCodeTheme = require("prism-react-renderer/themes/github");
+const darkCodeTheme = require("prism-react-renderer/themes/dracula");
 
 /** @type {import('@docusaurus/types').Config} */
 const config = {
-  title: 'Firezone',
-  tagline: 'Open-source VPN server and Linux firewall built on WireGuard®',
-  url: 'https://docs.firezone.dev',
-  baseUrl: '/',
-  onBrokenLinks: 'throw',
-  onBrokenMarkdownLinks: 'warn',
+  title: "firezone",
+  tagline: "Open-source secure remote access built on WireGuard®",
+  url: "https://www.firezone.dev",
+  baseUrl: "/",
+  onBrokenLinks: "throw",
+  onBrokenMarkdownLinks: "warn",
   trailingSlash: true,
-  favicon: 'img/favicon.ico',
+  favicon: "img/favicon.ico",
 
   // GitHub pages deployment config.
   // If you aren't using GitHub pages, you don't need these.
-  organizationName: 'firezone', // Usually your GitHub org/user name.
-  projectName: 'firezone', // Usually your repo name.
+  organizationName: "firezone", // Usually your GitHub org/user name.
+  projectName: "firezone", // Usually your repo name.
 
   // Even if you don't use internalization, you can use this field to set useful
   // metadata like html lang. For example, if your site is Chinese, you may want
   // to replace 'en' with 'zh-Hans'.
   i18n: {
-    defaultLocale: 'en',
-    locales: ['en'],
+    defaultLocale: "en",
+    locales: ["en"],
   },
 
   // An array of scripts to load. The values can be either strings or plain
@@ -38,9 +38,14 @@ const config = {
   // add async: true/defer: true to the objects.
   scripts: [
     {
-      src: '/js/posthog.js',
-      async: true
-    }
+      src: "/js/posthog.js",
+      async: true,
+    },
+    {
+      src: "//js.hs-scripts.com/23723443.js",
+      async: true,
+      defer: true,
+    },
   ],
 
   plugins: [],
@@ -49,17 +54,26 @@ const config = {
 
   presets: [
     [
-      'classic',
+      "classic",
       /** @type {import('@docusaurus/preset-classic').Options} */
       ({
+        pages: {
+          routeBasePath: "/",
+        },
         docs: {
-          routeBasePath: '/',
-          sidebarPath: require.resolve('./sidebars.js'),
-          editUrl: 'https://github.com/firezone/firezone/tree/master/www',
-          docLayoutComponent: "@theme/DocPage"
+          routeBasePath: "/docs",
+          sidebarPath: require.resolve("./sidebars.js"),
+          editUrl: "https://github.com/firezone/firezone/tree/master/www/docs",
+          docLayoutComponent: "@theme/DocPage",
+        },
+        blog: {
+          routeBasePath: "/blog",
+          blogSidebarTitle: "All posts",
+          blogSidebarCount: "ALL",
+          showReadingTime: true,
         },
         theme: {
-          customCss: require.resolve('./src/css/custom.css'),
+          customCss: require.resolve("./src/css/custom.css"),
         },
       }),
     ],
@@ -69,70 +83,75 @@ const config = {
     /** @type {import('@docusaurus/preset-classic').ThemeConfig} */
     ({
       navbar: {
-        title: 'Documentation',
+        title: "firezone",
         logo: {
-          alt: 'Firezone Logo',
-          src: 'img/logo.svg',
+          alt: "Firezone Logo",
+          src: "img/logo.svg",
         },
         items: [
           {
-            href: 'https://discourse.firez.one/?utm_source=docs.firezone.dev',
-            label: 'Ask a Question',
-            position: 'right',
-            'aria-label': 'GitHub repository',
+            href: "/docs",
+            label: "Documentation",
+            position: "left",
           },
           {
-            href: 'https://www.firezone.dev/contact/sales?utm_source=docs.firezone.dev',
-            label: 'Contact sales',
-            position: 'right',
-            'aria-label': 'Contact sales',
+            href: "/blog",
+            label: "Blog",
+            position: "left",
           },
           {
-            href: 'https://github.com/firezone/firezone',
-            className: 'header-github-link',
-            position: 'right',
-            'aria-label': 'GitHub repository',
+            href: "/pricing",
+            label: "Pricing",
+            position: "left",
+          },
+          {
+            href: "/sales",
+            label: "Contact sales",
+            position: "right",
+            "aria-label": "Contact sales",
+          },
+          {
+            html: '<img alt="GitHub Repo stars" src="https://img.shields.io/github/stars/firezone/firezone?label=Stars&amp;style=social" style="margin-top: 6px;" height="24">',
+            href: "https://github.com/firezone/firezone",
+            position: "right",
+            "aria-label": "GitHub repository",
           },
         ],
       },
       footer: {
-        style: 'light',
+        style: "light",
         links: [
           {
-            title: 'Company',
+            title: "Company",
             items: [
               {
-                label: 'Homepage',
-                href: 'https://www.firezone.dev/?utm_source=docs.firezone.dev',
+                label: "Home",
+                href: "/",
               },
               {
-                label: 'Pricing',
-                href: 'https://www.firezone.dev/pricing?utm_source=docs.firezone.dev',
-              },
-              {
-                label: 'About',
-                href: 'https://www.firezone.dev/about?utm_source=docs.firezone.dev',
+                label: "Pricing",
+                href: "/pricing",
               },
             ],
           },
           {
-            title: 'Community',
+            title: "Community",
             items: [
               {
-                label: 'Support Forums',
-                href: 'https://discourse.firez.one/?utm_source=docs.firezone.dev',
+                label: "Support Forums",
+                href: "https://discourse.firez.one/?utm_source=docs.firezone.dev",
               },
               {
-                label: 'Slack',
-                href: 'https://www.firezone.dev/slack?utm_source=docs.firezone.dev',
+                label: "Slack",
+                href: "https://join.slack.com/t/firezone-users/shared_invite/zt-19jd956j4-rWcCqiKMh~ikPGsUFbvZiA",
               },
               {
-                label: 'Github',
-                href: 'https://github.com/firezone/firezone?utm_source=docs.firezone.dev',
+                label: "Github",
+                href: "https://github.com/firezone/firezone?utm_source=docs.firezone.dev",
               },
               {
-                label: 'Twitter',
-                href: 'https://twitter.com/firezonehq?utm_source=docs.firezone.dev',
+                label: "Twitter",
+                href: "https://twitter.com/firezonehq?utm_source=docs.firezone.dev",
               },
             ],
           },
@@ -142,24 +161,20 @@ const config = {
       prism: {
         theme: lightCodeTheme,
         darkTheme: darkCodeTheme,
-        additionalLanguages: ['ruby', 'elixir']
+        additionalLanguages: ["ruby", "elixir"],
       },
       algolia: {
         // The application ID provided by Algolia
-        appId: 'XXPZ9QVGFB',
+        appId: "XXPZ9QVGFB",
 
-        start_urls: [
-          'https://docs.firezone.dev/'
-        ],
+        start_urls: ["https://www.firezone.dev/"],
 
-        sitemap_urls: [
-          'https://docs.firezone.dev/sitemap.xml'
-        ],
+        sitemap_urls: ["https://www.firezone.dev/sitemap.xml"],
 
         // Public API key: it is safe to commit it
-        apiKey: '66664e8765e1645ea0b500acebb0b0c2',
+        apiKey: "66664e8765e1645ea0b500acebb0b0c2",
 
-        indexName: 'firezone',
+        indexName: "firezone",
 
         // Optional: see doc section below
         // Requires more configuration and setup to work, so disabling. See
@@ -167,11 +182,17 @@ const config = {
         contextualSearch: true,
 
         // Optional: path for search page that enabled by default (`false` to disable it)
-        searchPagePath: 'search',
+        searchPagePath: "search",
 
         //... other Algolia params
       },
-      metadata: [{name: 'keywords', content: 'wireguard, vpn, firewall, remote access, network, documentation'}],
+      metadata: [
+        {
+          name: "keywords",
+          content:
+            "wireguard, vpn, firewall, remote access, network, documentation",
+        },
+      ],
     }),
 };
 
diff --git a/www/package.json b/www/package.json
index 82a1d841e..56a2bd6f0 100644
--- a/www/package.json
+++ b/www/package.json
@@ -11,7 +11,8 @@
     "clear": "docusaurus clear",
     "serve": "docusaurus serve",
     "write-translations": "docusaurus write-translations",
-    "write-heading-ids": "docusaurus write-heading-ids"
+    "write-heading-ids": "docusaurus write-heading-ids",
+    "typecheck": "tsc"
   },
   "dependencies": {
     "@docusaurus/core": "^2.1.0",
@@ -26,7 +27,17 @@
   },
   "devDependencies": {
     "@docusaurus/module-type-aliases": "2.1.0",
-    "css-minimizer-webpack-plugin": "4.1.0"
+    "@tsconfig/docusaurus": "^1.0.5",
+    "asciinema-player": "^3.0.1",
+    "css-minimizer-webpack-plugin": "4.1.0",
+    "remark-cli": "^11.0.0",
+    "remark-lint": "^9.1.1",
+    "remark-lint-list-item-indent": "^3.1.1",
+    "remark-mdx": "^2.1.5",
+    "remark-preset-lint-consistent": "^5.1.1",
+    "remark-preset-lint-markdown-style-guide": "^5.1.2",
+    "remark-preset-lint-recommended": "^6.1.2",
+    "typescript": "^4.7.4"
   },
   "browserslist": {
     "production": [
diff --git a/www/src/components/AsciinemaPlayer/index.tsx b/www/src/components/AsciinemaPlayer/index.tsx
new file mode 100644
index 000000000..9b6db4ad1
--- /dev/null
+++ b/www/src/components/AsciinemaPlayer/index.tsx
@@ -0,0 +1,44 @@
+import React, { useEffect, useRef } from 'react';
+import BrowserOnly from '@docusaurus/BrowserOnly';
+
+type AsciinemaPlayerProps = {
+    src: string;
+    // START asciinemaOptions
+    cols: string;
+    rows: string;
+    autoPlay: boolean
+    preload: boolean;
+    loop: boolean | number;
+    startAt: number | string;
+    speed: number;
+    idleTimeLimit: number;
+    theme: string;
+    poster: string;
+    fit: string;
+    fontSize: string;
+    // END asciinemaOptions
+};
+
+const AsciinemaPlayer: React.FC<AsciinemaPlayerProps> = ({
+    src,
+    ...asciinemaOptions
+}) => {
+    const ref = useRef<HTMLDivElement>(null);
+
+    return (
+      <BrowserOnly fallback={<div>Loading...</div>}>
+          {() => {
+              const AsciinemaPlayerLibrary = require('asciinema-player');
+
+              useEffect(() => {
+                  const currentRef = ref.current;
+                  AsciinemaPlayerLibrary.create(src, currentRef, asciinemaOptions);
+              }, [src]);
+
+              return <div ref={ref} />
+          }}
+      </BrowserOnly>
+    );
+};
+
+export default AsciinemaPlayer;
diff --git a/www/src/components/HomepageFeatures/index.tsx b/www/src/components/HomepageFeatures/index.tsx
new file mode 100644
index 000000000..91ef4601d
--- /dev/null
+++ b/www/src/components/HomepageFeatures/index.tsx
@@ -0,0 +1,70 @@
+import React from 'react';
+import clsx from 'clsx';
+import styles from './styles.module.css';
+
+type FeatureItem = {
+  title: string;
+  Svg: React.ComponentType<React.ComponentProps<'svg'>>;
+  description: JSX.Element;
+};
+
+const FeatureList: FeatureItem[] = [
+  {
+    title: 'Easy to Use',
+    Svg: require('@site/static/img/undraw_docusaurus_mountain.svg').default,
+    description: (
+      <>
+        Docusaurus was designed from the ground up to be easily installed and
+        used to get your website up and running quickly.
+      </>
+    ),
+  },
+  {
+    title: 'Focus on What Matters',
+    Svg: require('@site/static/img/undraw_docusaurus_tree.svg').default,
+    description: (
+      <>
+        Docusaurus lets you focus on your docs, and we&apos;ll do the chores. Go
+        ahead and move your docs into the <code>docs</code> directory.
+      </>
+    ),
+  },
+  {
+    title: 'Powered by React',
+    Svg: require('@site/static/img/undraw_docusaurus_react.svg').default,
+    description: (
+      <>
+        Extend or customize your website layout by reusing React. Docusaurus can
+        be extended while reusing the same header and footer.
+      </>
+    ),
+  },
+];
+
+function Feature({title, Svg, description}: FeatureItem) {
+  return (
+    <div className={clsx('col col--4')}>
+      <div className="text--center">
+        <Svg className={styles.featureSvg} role="img" />
+      </div>
+      <div className="text--center padding-horiz--md">
+        <h3>{title}</h3>
+        <p>{description}</p>
+      </div>
+    </div>
+  );
+}
+
+export default function HomepageFeatures(): JSX.Element {
+  return (
+    <section className={styles.features}>
+      <div className="container">
+        <div className="row">
+          {FeatureList.map((props, idx) => (
+            <Feature key={idx} {...props} />
+          ))}
+        </div>
+      </div>
+    </section>
+  );
+}
diff --git a/www/src/components/HomepageFeatures/styles.module.css b/www/src/components/HomepageFeatures/styles.module.css
new file mode 100644
index 000000000..b248eb2e5
--- /dev/null
+++ b/www/src/components/HomepageFeatures/styles.module.css
@@ -0,0 +1,11 @@
+.features {
+  display: flex;
+  align-items: center;
+  padding: 2rem 0;
+  width: 100%;
+}
+
+.featureSvg {
+  height: 200px;
+  width: 200px;
+}
diff --git a/www/src/components/HubspotForm/index.tsx b/www/src/components/HubspotForm/index.tsx
new file mode 100644
index 000000000..6c319360a
--- /dev/null
+++ b/www/src/components/HubspotForm/index.tsx
@@ -0,0 +1,34 @@
+import React from 'react';
+
+class HubspotForm extends React.Component<{
+  portalId: string;
+  formId: string;
+  region: string;
+}> {
+  componentDidMount() {
+    const script = document.createElement("script");
+    script.src = "https://js.hsforms.net/forms/v2.js";
+    document.body.appendChild(script);
+
+    script.addEventListener("load", () => {
+      // @ts-ignore
+      if (window.hbspt) {
+        // @ts-ignore
+        window.hbspt.forms.create({
+          target: "#hubspot-form",
+          ...this.props,
+        });
+      }
+    });
+  }
+
+  render() {
+    return (
+      <div>
+        <div id="hubspot-form" />
+      </div>
+    );
+  }
+}
+
+export default HubspotForm;
diff --git a/www/src/css/custom.css b/www/src/css/custom.css
index 8ae8d0204..101110bef 100644
--- a/www/src/css/custom.css
+++ b/www/src/css/custom.css
@@ -5,6 +5,7 @@
  */
 
 @import url('https://fonts.googleapis.com/css2?family=Fira+Sans:ital,wght@0,300;0,400;0,700;1,300;1,400;1,700&family=Open+Sans:ital,wght@0,300;0,400;0,700;1,300;1,400;1,700&display=swap');
+@import "asciinema-player/dist/bundle/asciinema-player.css";
 
 /* You can override the default Infima variables here. */
 :root {
diff --git a/www/src/pages/index.mdx b/www/src/pages/index.mdx
new file mode 100644
index 000000000..471de33f1
--- /dev/null
+++ b/www/src/pages/index.mdx
@@ -0,0 +1,384 @@
+---
+title: Firezone • Open Source Remote Access
+description: Deploy in minutes to secure remote access to your private resources.
+---
+
+<div className="hero">
+  <div className="container">
+    <h1 className="hero__title">Fast, effortless secure access</h1>
+    <p>
+      Firezone is an open-source remote access platform built on WireGuard®, a
+      modern VPN protocol that's 4-6x faster than OpenVPN. Deploy on your
+      infrastructure and start onboarding users in minutes.
+    </p>
+    <center>
+      <a className="button button--primary" href="/docs/deploy">
+        Deploy now
+      </a>
+    </center>
+  </div>
+</div>
+
+<div className="container">
+  <img
+    alt="Overview gif"
+    src="https://user-images.githubusercontent.com/167144/218759566-acaffd2e-ef37-4b42-a014-bfaa8d33e655.gif"
+  />
+</div>
+
+<hr className="margin-vert--xl" />
+
+<center>
+  <h2 className="margin-bottom--lg">Trusted by organizations like</h2>
+</center>
+
+<div className="container">
+  <div className="row">
+    <div className="col col--2">
+      <img
+        alt="bunq logo"
+        src="https://user-images.githubusercontent.com/167144/218763171-3b768826-eddf-499c-9b84-5ad365e8da6e.png"
+        width="100px"
+        height="55px"
+      />
+    </div>
+    <div className="col col--2">
+      <img
+        alt="tribe logo"
+        src="https://user-images.githubusercontent.com/167144/218763181-61c8b4a7-4367-41a6-a790-0fa2b2a34461.png"
+        width="100px"
+        height="55px"
+      />
+    </div>
+    <div className="col col--2">
+      <img
+        alt="poughkeepsie logo"
+        src="https://user-images.githubusercontent.com/167144/218763199-69def673-f37d-4e6b-aee9-13eac24ad93b.png"
+        width="100px"
+        height="55px"
+      />
+    </div>
+    <div className="col col--2">
+      <img
+        alt="rebank logo"
+        src="https://user-images.githubusercontent.com/167144/218763213-265a562c-1ed0-4206-8a9f-6726aaaaeed4.png"
+        width="100px"
+        height="55px"
+      />
+    </div>
+    <div className="col col--2">
+      <img
+        alt="square1 logo"
+        src="https://user-images.githubusercontent.com/167144/218763233-ac4fd4f2-c58b-4136-a3b1-ceeb09a4f954.png"
+        width="100px"
+        height="55px"
+      />
+    </div>
+    <div className="col col--2">
+      <img
+        alt="db11 logo"
+        src="https://user-images.githubusercontent.com/167144/218763247-e75a2410-baa0-45f8-bd5f-aa33d5fd0898.png"
+        width="100px"
+        height="55px"
+      />
+    </div>
+  </div>
+</div>
+
+<hr className="margin-vert--xl" />
+
+<div className="hero">
+  <div className="container">
+    <h1 className="hero__title">An alternative to old VPNs</h1>
+  </div>
+</div>
+
+<!-- Feature 1 -->
+
+<div className="container">
+  <center>
+    <h2 className="margin-bottom--lg">
+      Streamline workflows. Reduce total cost of ownership.
+    </h2>
+  </center>
+</div>
+<div className="container">
+  <div className="row">
+    <div className="col col--6">
+      <p>
+        Legacy VPNs are cumbersome to manage and take weeks to configure
+        correctly. Firezone takes minutes to deploy and the Web GUI makes
+        managing secure access effortless for admins.
+      </p>
+      <ul>
+        <li>Integrate any identity provider to enforce 2FA / MFA</li>
+        <li>Define user-scoped access rules</li>
+        <li>Manage users with a snappy admin dashboard</li>
+      </ul>
+    </div>
+    <div className="col col--6">
+      <img
+        alt="Feature 1"
+        src="https://user-images.githubusercontent.com/167144/218778243-37f22d1e-0bdf-4f3d-8859-4b81dd91878a.png"
+      />
+    </div>
+  </div>
+</div>
+
+<hr className="margin-vert--xl" />
+
+<!-- Feature 2 -->
+
+<div className="container">
+  <center>
+    <h2 className="margin-bottom--lg">
+      High throughput and low latency. Up to 4-6x faster than OpenVPN.
+    </h2>
+  </center>
+</div>
+<div className="container">
+  <div className="row">
+    <div className="col col--6">
+      <img
+        alt="Feature 2"
+        src="https://user-images.githubusercontent.com/167144/218778241-c2baa6d1-499a-4da3-a9d3-7e0d4590f75f.png"
+      />
+      <p>
+        <a href="https://core.ac.uk/download/pdf/322886318.pdf">
+          Performance comparison of VPN solutions (Osswald et al.)
+        </a>
+      </p>
+    </div>
+    <div className="col col--6">
+      <p>
+        Increase productivity and decrease connection issues for your remote
+        team. Firezone uses kernel WireGuard® to be efficient, reliable, and
+        performant in any environment.
+      </p>
+      <ul>
+        <li>
+          <a href="https://www.wireguard.com/protocol/">
+            State-of-the-art cryptography
+          </a>
+        </li>
+        <li>
+          <a href="https://www.wireguard.com/formal-verification/">
+            Auditable and formally verified
+          </a>
+        </li>
+        <li>
+          <a href="https://www.wireguard.com/performance/">Multi-threaded</a>
+        </li>
+      </ul>
+    </div>
+  </div>
+</div>
+
+<hr className="margin-vert--xl" />
+
+<!-- Feature 3 -->
+
+<div className="container">
+  <center>
+    <h2 className="margin-bottom--lg">
+      Firezone runs entirely on your infrastructure. No vendor lock-in.
+    </h2>
+  </center>
+</div>
+<div className="container">
+  <div className="row">
+    <div className="col col--6">
+      Deploy Firezone on any platform that supports Docker. There's no need to
+      risk breaches by sending data to third parties.
+      <ul>
+        <li>VPC, data center, or on-prem</li>
+        <li>Auto-renewing SSL certs from Let's Encrypt via ACME</li>
+        <li>Flexible and configurable</li>
+      </ul>
+    </div>
+    <div className="col col--6">
+      <img
+        alt="Feature 3"
+        src="https://user-images.githubusercontent.com/167144/218778234-b8150dcb-5af1-410a-8c16-95c660171d81.png"
+      />
+      <a href="/docs/deploy">Explore the deployment documentation &gt;</a>
+    </div>
+  </div>
+</div>
+
+<hr className="margin-vert--xl" />
+
+<div className="container">
+  <center>
+    <h2 className="margin-bottom--lg">
+      Integrate your identity provider for SSO to enforce 2FA / MFA.
+    </h2>
+  </center>
+  <p>
+    Only allow connections from authenticated users and automatically disable
+    access for employees who have left. Firezone integrates with any OIDC and
+    SAML 2.0 compatible identity provider for single sign-on (SSO).
+  </p>
+</div>
+
+<div className="container">
+  <div className="row">
+    <div className="col col--2">
+      <a href="/docs/authenticate/oidc/keycloak/">
+        <img
+          width="109px"
+          height="41px"
+          alt="keycloak logo"
+          src="https://user-images.githubusercontent.com/167144/218770941-2d8cdf09-d1f4-48bb-9049-b8dc486d909a.png"
+        />
+      </a>
+    </div>
+    <div className="col col--2">
+      <a href="/docs/authenticate/oidc/google/">
+        <img
+          width="109px"
+          height="41px"
+          src="google logo"
+          src="https://user-images.githubusercontent.com/167144/218770954-e41318d4-a8b1-40e5-ab4a-3343d63013a0.png"
+        />
+      </a>
+    </div>
+    <div className="col col--2">
+      <a href="/docs/authenticate/oidc/okta/">
+        <img
+          width="109px"
+          height="41px"
+          alt="okta logo"
+          src="https://user-images.githubusercontent.com/167144/218770967-9615c64a-c948-448b-9019-0226c1e3e086.png"
+        />
+      </a>
+    </div>
+    <div className="col col--2">
+      <a href="/docs/authenticate/oidc/onelogin/">
+        <img
+          width="109px"
+          height="41px"
+          alt="onelogin logo"
+          src="https://user-images.githubusercontent.com/167144/218770990-6959fb55-ebf3-417e-a75b-1981cf86bab0.png"
+        />
+      </a>
+    </div>
+    <div className="col col--2">
+      <a href="/docs/authenticate/oidc/azuread/">
+        <img
+          width="109px"
+          height="41px"
+          alt="azure logo"
+          src="https://user-images.githubusercontent.com/167144/218771000-ff5616d7-f391-4c75-9806-09e5bf1a6a91.png"
+        />
+      </a>
+    </div>
+    <div className="col col--2">
+      <a href="/docs/authenticate/saml/jumpcloud/">
+        <img
+          width="109px"
+          height="41px"
+          alt="jumpcloud logo"
+          src="https://user-images.githubusercontent.com/167144/218771019-fb525e97-ec0c-465e-8160-a547a54feab2.png"
+        />
+      </a>
+    </div>
+  </div>
+</div>
+
+<hr className="margin-vert--xl" />
+
+<div className="container">
+  <center>
+    <h2 className="margin-bottom--lg">Who can benefit from Firezone?</h2>
+  </center>
+  <p>
+    Easy to deploy and manage for individuals. For organizations, get priority
+    support, white-glove onboarding, and powerful integrations with the{" "}
+    <a href="/pricing">Enterprise Plan</a>.
+  </p>
+</div>
+
+<div className="container margin-top--lg">
+  <div className="row">
+    <div className="col col--6">
+      <center>
+        <h4>Individuals and home lab users</h4>
+      </center>
+      <p>
+        Lightweight and fast. Access your home network securely when on the
+        road.
+      </p>
+      <ul>
+        <li>Effortless to deploy on any infrastructure</li>
+        <li>Community plan supports unlimited devices</li>
+        <li>Open-source and self-hosted</li>
+      </ul>
+      <a href="/docs">Access your personal project &gt;</a>
+    </div>
+    <div className="col col--6">
+      <center>
+        <h4>Growing businesses</h4>
+      </center>
+      <p>
+        Keep up with increasing network and compliance demands as you scale your
+        team and infrastructure.
+      </p>
+      <ul>
+        <li>Integrate your identity provider</li>
+        <li>Quickly onboard/offboard employees</li>
+        <li>Segment access for contractors</li>
+        <li>High performance, reduce bottlenecks</li>
+      </ul>
+      <a href="/pricing">Scale your secure access &gt;</a>
+    </div>
+  </div>
+  <div className="row margin-top--md">
+    <div className="col col--6">
+      <center>
+        <h4>Remote organizations</h4>
+      </center>
+      <p>
+        Transitioning to remote? Perfect timing to replace the legacy VPN.
+        Improve your security posture and reduce support tickets.
+      </p>
+      <ul>
+        <li>Require periodic re-authentication</li>
+        <li>Enforce MFA / 2FA</li>
+        <li>Self-serve user portal</li>
+        <li>Export logs to your observability platform</li>
+      </ul>
+      <a href="/pricing">Secure your remote workforce &gt;</a>
+    </div>
+    <div className="col col--6">
+      <center>
+        <h4>Technical IT teams</h4>
+      </center>
+      <p>
+        Firezone runs on your infrastructure. Customize it to suit your needs
+        and architecture.
+      </p>
+      <ul>
+        <li>Built on WireGuard®</li>
+        <li>No vendor lock-in</li>
+        <li>Supports OIDC and SAML 2.0</li>
+        <li>Flexible and configurable</li>
+      </ul>
+      <a href="/docs">Explore the documentation &gt;</a>
+    </div>
+  </div>
+</div>
+
+<hr className="margin-vert--xl" />
+
+<center>
+  <h2>Ready to get started?</h2>
+</center>
+
+<p>
+  Set up secure access and start onboarding users in minutes. Run the install
+  script on a supported host to deploy Firezone with Docker. Copy the one-liner
+  below to install Firezone in minutes.
+</p>
+
+<InstallBlock />
diff --git a/www/src/pages/pricing.mdx b/www/src/pages/pricing.mdx
new file mode 100644
index 000000000..ec2cb08c0
--- /dev/null
+++ b/www/src/pages/pricing.mdx
@@ -0,0 +1,168 @@
+---
+title: Firezone • Pricing
+description: Explore Firezone's pricing.
+---
+
+<div className="hero shadow--lw">
+  <div className="container">
+    <h1 className="hero__title">Firezone pricing</h1>
+    <p>
+      Firezone works with teams of all sizes to deliver fast, low-latency access
+      to private networks and resources.
+    </p>
+  </div>
+</div>
+
+<h2 className="margin-vert--lg">Enterprise plan</h2>
+
+<p>
+  Direct support from the team that built Firezone and additional features built
+  for larger teams.
+</p>
+
+<ul>
+  <li>
+    Get immediate assistance from a <strong>dedicated support engineer</strong>{" "}
+    through email and your own <strong>private Slack channel</strong>.
+  </li>
+  <li>
+    Ensure business continuity and reduce risk with SLAs and{" "}
+    <strong>expert guidance</strong> from the creators of Firezone.
+  </li>
+  <li>
+    Maintain privacy and control by <strong>hosting on-prem</strong> in
+    security-sensitive environments.
+  </li>
+  <li>
+    Shape Firezone's future roadmap and <strong>accelerate development</strong>{" "}
+    of the features you need.
+  </li>
+</ul>
+
+<div className="container">
+  <div className="row margin-vert--lg">
+    <div className="col col--12">
+      <center>
+        <h4>
+          Hundreds of organizations trust Firezone to secure access for their
+          team.
+        </h4>
+      </center>
+    </div>
+  </div>
+  <div className="row margin-vert--lg">
+    <div className="col col--2">
+      <img
+        alt="bunq logo"
+        src="https://user-images.githubusercontent.com/167144/218763171-3b768826-eddf-499c-9b84-5ad365e8da6e.png"
+        width="100px"
+        height="55px"
+      />
+    </div>
+    <div className="col col--2">
+      <img
+        alt="tribe logo"
+        src="https://user-images.githubusercontent.com/167144/218763181-61c8b4a7-4367-41a6-a790-0fa2b2a34461.png"
+        width="100px"
+        height="55px"
+      />
+    </div>
+    <div className="col col--2">
+      <img
+        alt="poughkeepsie logo"
+        src="https://user-images.githubusercontent.com/167144/218763199-69def673-f37d-4e6b-aee9-13eac24ad93b.png"
+        width="100px"
+        height="55px"
+      />
+    </div>
+    <div className="col col--2">
+      <img
+        alt="rebank logo"
+        src="https://user-images.githubusercontent.com/167144/218763213-265a562c-1ed0-4206-8a9f-6726aaaaeed4.png"
+        width="100px"
+        height="55px"
+      />
+    </div>
+    <div className="col col--2">
+      <img
+        alt="square1 logo"
+        src="https://user-images.githubusercontent.com/167144/218763233-ac4fd4f2-c58b-4136-a3b1-ceeb09a4f954.png"
+        width="100px"
+        height="55px"
+      />
+    </div>
+    <div className="col col--2">
+      <img
+        alt="db11 logo"
+        src="https://user-images.githubusercontent.com/167144/218763247-e75a2410-baa0-45f8-bd5f-aa33d5fd0898.png"
+        width="100px"
+        height="55px"
+      />
+    </div>
+  </div>
+  <div className="row">
+    <div className="col col--2 col--offset-10">
+      <a className="button button--primary" href="/sales">
+        Get in touch
+      </a>
+    </div>
+  </div>
+</div>
+
+<hr className="margin-bottom--xl" />
+
+<div className="container">
+  <div className="row">
+    <div className="col col--1">
+      <img src="/img/github_light.svg" />
+    </div>
+    <div className="col col--11">
+      <h3>Looking for the free, open-source version of Firezone?</h3>
+      <p>
+        The Community Plan is perfect for individuals and small teams with basic
+        secure access needs.
+      </p>
+    </div>
+  </div>
+  <div className="row">
+    <div className="col col--2 col--offset-10">
+      <a href="https://github.com/firezone/firezone">Visit GitHub &nbsp;</a>
+    </div>
+  </div>
+</div>
+
+<hr className="margin-bottom--xl" />
+
+<center>
+  <h1>Find the best plan for your organization</h1>
+  <p>
+    Have a feature request? Open an issue on{" "}
+    <a href="https://github.com/firezone/firezone/issues">GitHub</a>, or{" "}
+    <a href="/sales">get in touch</a> with our team.
+  </p>
+</center>
+
+|                                          | Community                                                            | Enterprise                                                           |
+| ---------------------------------------- | -------------------------------------------------------------------- | -------------------------------------------------------------------- |
+| <strong>Management</strong>              |                                                                      |                                                                      |
+| Users                                    | Unlimited                                                            | Unlimited                                                            |
+| Devices                                  | Unlimited                                                            | Unlimited                                                            |
+| Self-hosted                              | <span className="badge badge--success">&#10004;</span>               | <span className="badge badge--success">&#10004;</span>               |
+| &nbsp;                                   |                                                                      |                                                                      |
+| <strong>Security and compliance</strong> |                                                                      |                                                                      |
+| User-scoped access rules                 | <span className="badge badge--success">&#10004;</span>               | <span className="badge badge--success">&#10004;</span>               |
+| Single sign-on                           | <span className="badge badge--success">&#10004;</span>               | <span className="badge badge--success">&#10004;</span>               |
+| Debug logs                               | <span className="badge badge--success">&#10004;</span>               | <span className="badge badge--success">&#10004;</span>               |
+| &nbsp;                                   |                                                                      |                                                                      |
+| <strong>Support</strong>                 |                                                                      |                                                                      |
+| Community support                        | <span className="badge badge--success">&#10004;</span>               | <span className="badge badge--success">&#10004;</span>               |
+| Priority email support                   |                                                                      | <span className="badge badge--success">&#10004;</span>               |
+| Dedicated Slack channel                  |                                                                      | <span className="badge badge--success">&#10004;</span>               |
+| White-glove onboarding                   |                                                                      | <span className="badge badge--success">&#10004;</span>               |
+| SLAs                                     |                                                                      | <span className="badge badge--success">&#10004;</span>               |
+| Assisted upgrades                        |                                                                      | <span className="badge badge--success">&#10004;</span>               |
+| &nbsp;                                   |                                                                      |                                                                      |
+| <strong>Custom development</strong>      |                                                                      |                                                                      |
+| Custom integrations                      |                                                                      | <span className="badge badge--success">&#10004;</span>               |
+| Roadmap acceleration                     |                                                                      | <span className="badge badge--success">&#10004;</span>               |
+|                                          | <a href="https://github.com/firezone/firezone">Visit GitHub &gt;</a> | <a className="button button--primary" href="/sales">Get in touch</a> |
diff --git a/www/src/pages/sales.mdx b/www/src/pages/sales.mdx
new file mode 100644
index 000000000..cb31058be
--- /dev/null
+++ b/www/src/pages/sales.mdx
@@ -0,0 +1,49 @@
+---
+title: Firezone • Open Source Remote Access
+description: Firezone • Contact us
+---
+
+<div className="hero shadow--lw">
+  <div className="container">
+    <h1 className="hero__title">Talk to a Firezone expert</h1>
+    <p>
+      Discover how Firezone can make managing secure access effortless for your
+      organization. We'll help you find the right solution, explain pricing, and
+      answer any questions.
+    </p>
+  </div>
+</div>
+
+<center>
+  <h2 className="margin-vert--xl">Why Firezone Enterprise?</h2>
+</center>
+
+<div className="container">
+  <div className="row">
+    <div className="col col--6">
+      <h3>Ensure business continuity</h3>
+      <ul>
+        <li>Technical support with SLAs</li>
+        <li>Private Slack channel</li>
+        <li>White-glove onboarding</li>
+      </ul>
+      <h3>Built for privacy and compliance</h3>
+      <ul>
+        <li>Host on-prem in security sensitive environments</li>
+        <li>Maintain full control of your data and network traffic</li>
+      </ul>
+      <h3>Simplify management for admins</h3>
+      <ul>
+        <li>Automatic de-provisioning with SCIM</li>
+        <li>Deployment advice for complex use cases</li>
+      </ul>
+    </div>
+    <div className="col col--6">
+      <HubspotForm
+        region="na1"
+        portalId="23723443"
+        formId="76637b95-cef7-4b94-8e7a-411aeec5fbb1"
+      />
+    </div>
+  </div>
+</div>
diff --git a/www/src/partials/_support_options.mdx b/www/src/partials/_support_options.mdx
index abe78e6c5..4af97c1cf 100644
--- a/www/src/partials/_support_options.mdx
+++ b/www/src/partials/_support_options.mdx
@@ -2,11 +2,11 @@
 
 Try asking on one of our community-powered support channels:
 
-* [Discussion Forums](https://discourse.firez.one/?utm_source=docs.firezone.dev): Ask questions, report bugs,
-and suggest features.
-* [Public Slack Group](https://join.slack.com/t/firezone-users/shared_invite/zt-111043zus-j1lP_jP5ohv52FhAayzT6w):
-join discussions, meet other users, and meet the contributors
+- [Discussion Forums](https://discourse.firez.one/?utm_source=docs.firezone.dev): Ask questions, report bugs,
+  and suggest features.
+- [Public Slack Group](https://join.slack.com/t/firezone-users/shared_invite/zt-111043zus-j1lP_jP5ohv52FhAayzT6w):
+  join discussions, meet other users, and meet the contributors
 
-**Looking for dedicated support?** [Contact us](https://www.firezone.dev/contact/sales?utm_source=docs.firezone.dev)
+**Looking for dedicated support?** [Contact us](/sales)
 about our paid support option if you're using Firezone in a production
 capacity for your team or organization.
diff --git a/www/src/theme/MDXComponents.js b/www/src/theme/MDXComponents.js
index d71c41307..ded154647 100644
--- a/www/src/theme/MDXComponents.js
+++ b/www/src/theme/MDXComponents.js
@@ -1,5 +1,7 @@
 // Import the original mapper
 import MDXComponents from "@theme-original/MDXComponents";
+import AsciinemaPlayer from '@site/src/components/AsciinemaPlayer';
+import HubspotForm from '@site/src/components/HubspotForm';
 import InstallBlock from "@site/src/components/InstallBlock";
 import AccentBlock from "@site/src/components/AccentBlock";
 import Feedback from "@site/src/components/Feedback";
@@ -12,6 +14,8 @@ export default {
   ...MDXComponents,
   // Map the "highlight" tag to our <Highlight /> component!
   // `Highlight` will receive all props that were passed to `highlight` in MDX
+  AsciinemaPlayer: AsciinemaPlayer,
+  HubspotForm: HubspotForm,
   InstallBlock: InstallBlock,
   accentblock: AccentBlock,
   feedback: Feedback,
diff --git a/www/static/img/dislike.svg b/www/static/img/dislike.svg
deleted file mode 100644
index ca484b50d..000000000
--- a/www/static/img/dislike.svg
+++ /dev/null
@@ -1 +0,0 @@
-<?xml version="1.0" ?><!DOCTYPE svg  PUBLIC '-//W3C//DTD SVG 1.1//EN'  'http://www.w3.org/Graphics/SVG/1.1/DTD/svg11.dtd'><svg height="512px" style="enable-background:new 0 0 512 512;" version="1.1" viewBox="0 0 512 512" width="512px" xml:space="preserve" xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink"><g id="_x39_4-dislike"><g><path d="M128.543,270.411V68.616c0-7.953,6.442-14.408,14.379-14.408H27.926    c-7.944,0-14.378,6.456-14.378,14.408v201.795c0,7.955,6.434,14.411,14.378,14.413H134.58l-4.139-7.264    C129.176,275.376,128.543,272.922,128.543,270.411z" style="fill:#F54E00;"/><path d="M497.179,192.488l-46.106-104.04c-9.174-20.779-29.813-34.24-52.532-34.24H182.203h-14.375    c-7.937,0-14.379,6.456-14.379,14.408v201.795c0,2.511,0.633,4.965,1.898,7.149l4.139,7.264l51.466,90.317v68.233    c0,7.959,6.442,14.417,14.367,14.417h43.134c31.71,0,57.491-25.864,57.491-57.652v-86.485h115.007    c31.712,0,57.502-25.863,57.501-57.656v-57.656C498.452,196.328,498.021,194.336,497.179,192.488z" style="fill:#F54E00;"/></g></g><g id="Layer_1"/></svg>
diff --git a/www/static/img/favicon.ico b/www/static/img/favicon.ico
index 24d219e86..4aa729f11 100644
Binary files a/www/static/img/favicon.ico and b/www/static/img/favicon.ico differ
diff --git a/www/static/img/like.svg b/www/static/img/like.svg
deleted file mode 100644
index 8907bc88f..000000000
--- a/www/static/img/like.svg
+++ /dev/null
@@ -1 +0,0 @@
-<?xml version="1.0" ?><!DOCTYPE svg  PUBLIC '-//W3C//DTD SVG 1.1//EN'  'http://www.w3.org/Graphics/SVG/1.1/DTD/svg11.dtd'><svg height="512px" style="enable-background:new 0 0 512 512;" version="1.1" viewBox="0 0 512 512" width="512px" xml:space="preserve" xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink"><g id="_x31_99-like"><g><path d="M133.815,443.378V241.587c0-2.507,0.632-4.962,1.897-7.148l4.141-7.268H33.193    c-7.938,0-14.378,6.46-14.378,14.416v201.791c0,7.953,6.44,14.412,14.378,14.412h114.994    C140.255,457.79,133.815,451.331,133.815,443.378z" style="fill:#2AC276;"/><path d="M435.682,198.344H320.684v-86.483c0-31.798-25.787-57.651-57.494-57.651h-43.132    c-7.93,0-14.368,6.456-14.368,14.408v68.237l-51.463,90.315l-4.141,7.268c-1.265,2.186-1.897,4.642-1.897,7.148v201.791    c0,7.953,6.44,14.412,14.372,14.412h14.38h216.339c22.715,0,43.355-13.46,52.527-34.245l46.111-104.04    c0.838-1.841,1.27-3.834,1.27-5.849V256C493.186,224.199,467.395,198.344,435.682,198.344z" style="fill:#2AC276;"/></g></g><g id="Layer_1"/></svg>
diff --git a/www/static/js/hubspot.js b/www/static/js/hubspot.js
new file mode 100644
index 000000000..1d49a867e
--- /dev/null
+++ b/www/static/js/hubspot.js
@@ -0,0 +1,3 @@
+<!-- Start of HubSpot Embed Code -->
+<script type="text/javascript" id="hs-script-loader" async defer src="//js.hs-scripts.com/23723443.js"></script>
+<!-- End of HubSpot Embed Code -->
diff --git a/www/tsconfig.json b/www/tsconfig.json
new file mode 100644
index 000000000..6f4756980
--- /dev/null
+++ b/www/tsconfig.json
@@ -0,0 +1,7 @@
+{
+  // This file is not used in compilation. It is here just for a nice editor experience.
+  "extends": "@tsconfig/docusaurus/tsconfig.json",
+  "compilerOptions": {
+    "baseUrl": "."
+  }
+}
diff --git a/www/yarn.lock b/www/yarn.lock
index 6aa8d3b81..4a3fe0170 100644
--- a/www/yarn.lock
+++ b/www/yarn.lock
@@ -1143,7 +1143,7 @@
     core-js-pure "^3.25.1"
     regenerator-runtime "^0.13.11"
 
-"@babel/runtime@^7.1.2", "@babel/runtime@^7.10.2", "@babel/runtime@^7.10.3", "@babel/runtime@^7.12.13", "@babel/runtime@^7.12.5", "@babel/runtime@^7.18.6", "@babel/runtime@^7.8.4":
+"@babel/runtime@^7.1.2", "@babel/runtime@^7.10.2", "@babel/runtime@^7.10.3", "@babel/runtime@^7.12.13", "@babel/runtime@^7.12.5", "@babel/runtime@^7.15.4", "@babel/runtime@^7.18.6", "@babel/runtime@^7.8.4":
   version "7.20.13"
   resolved "https://registry.yarnpkg.com/@babel/runtime/-/runtime-7.20.13.tgz#7055ab8a7cff2b8f6058bf6ae45ff84ad2aded4b"
   integrity sha512-gt3PKXs0DBoL9xCvOIIZ2NEqAGZqHjAnmVbfQtB620V0uReIQutpel14KcneZuer7UioY8ALKZ7iocavvzTNFA==
@@ -1189,6 +1189,11 @@
   resolved "https://registry.yarnpkg.com/@colors/colors/-/colors-1.5.0.tgz#bb504579c1cae923e6576a4f5da43d25f97bdbd9"
   integrity sha512-ooWCrlZP11i8GImSjTHYHLkvFDP48nS4+204nGb1RiX/WXYHmJA2III9/e2DWVabCESdW7hBAEzHRqUn9OUVvQ==
 
+"@discoveryjs/json-ext@0.5.7":
+  version "0.5.7"
+  resolved "https://registry.yarnpkg.com/@discoveryjs/json-ext/-/json-ext-0.5.7.tgz#1d572bfbbe14b7704e0ba0f39b74815b84870d70"
+  integrity sha512-dBVuXR082gk3jsFp7Rd/JI4kytwGHecnCoTtXFb7DB6CNHp4rg5k1bhg0nWdLGLnOV71lmDzGQaLMy8iPLY0pw==
+
 "@docsearch/css@3.3.3":
   version "3.3.3"
   resolved "https://registry.yarnpkg.com/@docsearch/css/-/css-3.3.3.tgz#f9346c9e24602218341f51b8ba91eb9109add434"
@@ -1782,6 +1787,34 @@
     "@nodelib/fs.scandir" "2.1.5"
     fastq "^1.6.0"
 
+"@npmcli/config@^6.0.0":
+  version "6.1.3"
+  resolved "https://registry.yarnpkg.com/@npmcli/config/-/config-6.1.3.tgz#8f513bf1a5dfa76f98d93d3cb6fb06b5f8960bd9"
+  integrity sha512-c8uOXPbRq1K8YeyUszj6MBWIdB6bx6x3K/UbGmc5GF7qpv1mB893Y5SuyrH/J7Kcw24Im4ASrsztk38ZBWFS2Q==
+  dependencies:
+    "@npmcli/map-workspaces" "^3.0.2"
+    ini "^3.0.0"
+    nopt "^7.0.0"
+    proc-log "^3.0.0"
+    read-package-json-fast "^3.0.2"
+    semver "^7.3.5"
+    walk-up-path "^1.0.0"
+
+"@npmcli/map-workspaces@^3.0.2":
+  version "3.0.2"
+  resolved "https://registry.yarnpkg.com/@npmcli/map-workspaces/-/map-workspaces-3.0.2.tgz#aa3f9ebccb213073d6d6bf743047272108c29f06"
+  integrity sha512-bCEC4PG7HbadtAYkW/TTUVNEOSr5Dhfmv6yGLgByJgCvdCqq7teq09cjvJ1LhzJU/euWjvYMcQxsfj7yDD2ikg==
+  dependencies:
+    "@npmcli/name-from-folder" "^2.0.0"
+    glob "^8.0.1"
+    minimatch "^6.1.6"
+    read-package-json-fast "^3.0.0"
+
+"@npmcli/name-from-folder@^2.0.0":
+  version "2.0.0"
+  resolved "https://registry.yarnpkg.com/@npmcli/name-from-folder/-/name-from-folder-2.0.0.tgz#c44d3a7c6d5c184bb6036f4d5995eee298945815"
+  integrity sha512-pwK+BfEBZJbKdNYpHHRTNBwBoqrN/iIMO0AiGvYsp3Hoaq0WbgGSWQR6SCldZovoDpY3yje5lkFUe6gsDgJ2vg==
+
 "@polka/url@^1.0.0-next.20":
   version "1.0.0-next.21"
   resolved "https://registry.yarnpkg.com/@polka/url/-/url-1.0.0-next.21.tgz#5de5a2385a35309427f6011992b544514d559aa1"
@@ -1794,7 +1827,7 @@
   dependencies:
     "@hapi/hoek" "^9.0.0"
 
-"@sideway/formula@^3.0.0":
+"@sideway/formula@^3.0.1":
   version "3.0.1"
   resolved "https://registry.yarnpkg.com/@sideway/formula/-/formula-3.0.1.tgz#80fcbcbaf7ce031e0ef2dd29b1bfc7c3f583611f"
   integrity sha512-/poHZJJVjx3L+zVD6g9KgHfYnb443oi7wLu/XKojDviHy6HOEOA6z1Trk5aR1dGcmPenJEgb2sK2I80LeS3MIg==
@@ -1941,6 +1974,18 @@
   resolved "https://registry.yarnpkg.com/@trysound/sax/-/sax-0.2.0.tgz#cccaab758af56761eb7bf37af6f03f326dd798ad"
   integrity sha512-L7z9BgrNEcYyUYtF+HaEfiS5ebkh9jXqbszz7pC0hRBPaatV0XjSD3+eHrpqFemQfgwiFF0QPIarnIihIDn7OA==
 
+"@tsconfig/docusaurus@^1.0.5":
+  version "1.0.6"
+  resolved "https://registry.yarnpkg.com/@tsconfig/docusaurus/-/docusaurus-1.0.6.tgz#7305a7fa590decc0d5968500234e95fd68788978"
+  integrity sha512-1QxDaP54hpzM6bq9E+yFEo4F9WbWHhsDe4vktZXF/iDlc9FqGr9qlg+3X/nuKQXx8QxHV7ue8NXFazzajsxFBA==
+
+"@types/acorn@^4.0.0":
+  version "4.0.6"
+  resolved "https://registry.yarnpkg.com/@types/acorn/-/acorn-4.0.6.tgz#d61ca5480300ac41a7d973dd5b84d0a591154a22"
+  integrity sha512-veQTnWP+1D/xbxVrPC3zHnCZRjSrKfhbMUlEA43iMZLu7EsnTtkJklIuwrCPbOi8YkvDQAiW05VQQFvvz9oieQ==
+  dependencies:
+    "@types/estree" "*"
+
 "@types/body-parser@*":
   version "1.19.2"
   resolved "https://registry.yarnpkg.com/@types/body-parser/-/body-parser-1.19.2.tgz#aea2059e28b7658639081347ac4fab3de166e6f0"
@@ -1956,6 +2001,13 @@
   dependencies:
     "@types/node" "*"
 
+"@types/concat-stream@^2.0.0":
+  version "2.0.0"
+  resolved "https://registry.yarnpkg.com/@types/concat-stream/-/concat-stream-2.0.0.tgz#a716f0ba9015014e643addb351da05a73bef425c"
+  integrity sha512-t3YCerNM7NTVjLuICZo5gYAXYoDvpuuTceCcFQWcDQz26kxUR5uIWolxbIR5jRNIXpMqhOpW/b8imCR1LEmuJw==
+  dependencies:
+    "@types/node" "*"
+
 "@types/connect-history-api-fallback@^1.3.5":
   version "1.3.5"
   resolved "https://registry.yarnpkg.com/@types/connect-history-api-fallback/-/connect-history-api-fallback-1.3.5.tgz#d1f7a8a09d0ed5a57aee5ae9c18ab9b803205dae"
@@ -1971,6 +2023,13 @@
   dependencies:
     "@types/node" "*"
 
+"@types/debug@^4.0.0":
+  version "4.1.7"
+  resolved "https://registry.yarnpkg.com/@types/debug/-/debug-4.1.7.tgz#7cc0ea761509124709b8b2d1090d8f6c17aadb82"
+  integrity sha512-9AonUzyTjXXhEOa0DnqpzZi6VHlqKMswga9EXjpXnnqxwLtdvPPtlO8evrI5D9S6asFRCQ6v+wpiUKbw+vKqyg==
+  dependencies:
+    "@types/ms" "*"
+
 "@types/eslint-scope@^3.7.3":
   version "3.7.4"
   resolved "https://registry.yarnpkg.com/@types/eslint-scope/-/eslint-scope-3.7.4.tgz#37fc1223f0786c39627068a12e94d6e6fc61de16"
@@ -1980,14 +2039,21 @@
     "@types/estree" "*"
 
 "@types/eslint@*":
-  version "8.21.0"
-  resolved "https://registry.yarnpkg.com/@types/eslint/-/eslint-8.21.0.tgz#21724cfe12b96696feafab05829695d4d7bd7c48"
-  integrity sha512-35EhHNOXgxnUgh4XCJsGhE7zdlDhYDN/aMG6UbkByCFFNgQ7b3U+uVoqBpicFydR8JEfgdjCF7SJ7MiJfzuiTA==
+  version "8.21.1"
+  resolved "https://registry.yarnpkg.com/@types/eslint/-/eslint-8.21.1.tgz#110b441a210d53ab47795124dbc3e9bb993d1e7c"
+  integrity sha512-rc9K8ZpVjNcLs8Fp0dkozd5Pt2Apk1glO4Vgz8ix1u6yFByxfqo5Yavpy65o+93TAe24jr7v+eSBtFLvOQtCRQ==
   dependencies:
     "@types/estree" "*"
     "@types/json-schema" "*"
 
-"@types/estree@*":
+"@types/estree-jsx@^1.0.0":
+  version "1.0.0"
+  resolved "https://registry.yarnpkg.com/@types/estree-jsx/-/estree-jsx-1.0.0.tgz#7bfc979ab9f692b492017df42520f7f765e98df1"
+  integrity sha512-3qvGd0z8F2ENTGr/GG1yViqfiKmRfrXVx5sJyHGFu3z7m5g5utCQtGp/g29JnjflhtQJBv1WDQukHiT58xPcYQ==
+  dependencies:
+    "@types/estree" "*"
+
+"@types/estree@*", "@types/estree@^1.0.0":
   version "1.0.0"
   resolved "https://registry.yarnpkg.com/@types/estree/-/estree-1.0.0.tgz#5fb2e536c1ae9bf35366eed879e827fa59ca41c2"
   integrity sha512-WulqXMDUTYAXCjZnk6JtIHPigp55cVtDgDrO2gHRwhyJto21+1zbVCtOYB2L1F9w4qCQ0rOGWBnBe0FNTiEJIQ==
@@ -2040,6 +2106,11 @@
   dependencies:
     "@types/node" "*"
 
+"@types/is-empty@^1.0.0":
+  version "1.2.1"
+  resolved "https://registry.yarnpkg.com/@types/is-empty/-/is-empty-1.2.1.tgz#18d7256a73e43ec51f8b75c25fbdc31350be52a6"
+  integrity sha512-a3xgqnFTuNJDm1fjsTjHocYJ40Cz3t8utYpi5GNaxzrJC2HSD08ym+whIL7fNqiqBCdM9bcqD1H/tORWAFXoZw==
+
 "@types/istanbul-lib-coverage@*", "@types/istanbul-lib-coverage@^2.0.0":
   version "2.0.4"
   resolved "https://registry.yarnpkg.com/@types/istanbul-lib-coverage/-/istanbul-lib-coverage-2.0.4.tgz#8467d4b3c087805d63580480890791277ce35c44"
@@ -2076,7 +2147,12 @@
   resolved "https://registry.yarnpkg.com/@types/mime/-/mime-3.0.1.tgz#5f8f2bca0a5863cb69bc0b0acd88c96cb1d4ae10"
   integrity sha512-Y4XFY5VJAuw0FgAqPNd6NNoV44jbq9Bz2L7Rh/J6jLTiHBSBJa9fxqQIvkIld4GsoDOcCbvzOUAbLPsSKKg+uA==
 
-"@types/node@*":
+"@types/ms@*":
+  version "0.7.31"
+  resolved "https://registry.yarnpkg.com/@types/ms/-/ms-0.7.31.tgz#31b7ca6407128a3d2bbc27fe2d21b345397f6197"
+  integrity sha512-iiUgKzV9AuaEkZqkOLDIvlQiL6ltuZd9tGcW3gwpnX8JbuiuhFlEGmmFXEXkN50Cvq7Os88IY2v0dkDqXYWVgA==
+
+"@types/node@*", "@types/node@^18.0.0":
   version "18.13.0"
   resolved "https://registry.yarnpkg.com/@types/node/-/node-18.13.0.tgz#0400d1e6ce87e9d3032c19eb6c58205b0d3f7850"
   integrity sha512-gC3TazRzGoOnoKAhUx+Q0t8S9Tzs74z7m0ipwGpSqQrleP14hKxP4/JUeEQcD3W1/aIpnWl8pHowI7WokuZpXg==
@@ -2138,9 +2214,9 @@
     "@types/react" "*"
 
 "@types/react@*":
-  version "18.0.27"
-  resolved "https://registry.yarnpkg.com/@types/react/-/react-18.0.27.tgz#d9425abe187a00f8a5ec182b010d4fd9da703b71"
-  integrity sha512-3vtRKHgVxu3Jp9t718R9BuzoD4NcQ8YJ5XRzsSKxNDiDonD2MXIT1TmSkenxuCycZJoQT5d2vE8LwWJxBC1gmA==
+  version "18.0.28"
+  resolved "https://registry.yarnpkg.com/@types/react/-/react-18.0.28.tgz#accaeb8b86f4908057ad629a26635fe641480065"
+  integrity sha512-RD0ivG1kEztNBdoAK7lekI9M+azSnitIn85h4iOiaLjaTrMjzslhaqCGaI4IyCJ1RljWiLCEu4jyrLLgqxBTew==
   dependencies:
     "@types/prop-types" "*"
     "@types/scheduler" "*"
@@ -2185,6 +2261,16 @@
   dependencies:
     "@types/node" "*"
 
+"@types/supports-color@^8.0.0":
+  version "8.1.1"
+  resolved "https://registry.yarnpkg.com/@types/supports-color/-/supports-color-8.1.1.tgz#1b44b1b096479273adf7f93c75fc4ecc40a61ee4"
+  integrity sha512-dPWnWsf+kzIG140B8z2w3fr5D03TLWbOAFQl45xUpI3vcizeXriNR5VYkWZ+WTMsUHqZ9Xlt3hrxGNANFyNQfw==
+
+"@types/text-table@^0.2.0":
+  version "0.2.2"
+  resolved "https://registry.yarnpkg.com/@types/text-table/-/text-table-0.2.2.tgz#774c90cfcfbc8b4b0ebb00fecbe861dc8b1e8e26"
+  integrity sha512-dGoI5Af7To0R2XE8wJuc6vwlavWARsCh3UKJPjWs1YEqGUqfgBI/j/4GX0yf19/DsDPPf0YAXWAp8psNeIehLg==
+
 "@types/unist@*", "@types/unist@^2.0.0", "@types/unist@^2.0.2", "@types/unist@^2.0.3":
   version "2.0.6"
   resolved "https://registry.yarnpkg.com/@types/unist/-/unist-2.0.6.tgz#250a7b16c3b91f672a24552ec64678eeb1d3a08d"
@@ -2340,6 +2426,11 @@
   resolved "https://registry.yarnpkg.com/@xtuc/long/-/long-4.2.2.tgz#d291c6a4e97989b5c61d9acf396ae4fe133a718d"
   integrity sha512-NuHqBY1PB/D8xU6s/thBgOAiAP7HOYDQ32+BFZILJ8ivkUkAHQnWfn6WhL79Owj1qmUnoN/YPhktdIoucipkAQ==
 
+abbrev@^2.0.0:
+  version "2.0.0"
+  resolved "https://registry.yarnpkg.com/abbrev/-/abbrev-2.0.0.tgz#cf59829b8b4f03f89dda2771cb7f3653828c89bf"
+  integrity sha512-6/mh1E2u2YgEsCHdY0Yx5oW+61gZU+1vXaoiHHrpKeuRNNgFvS+/jrwHiQhB5apAf5oB7UB7E19ol2R2LKH8hQ==
+
 accepts@~1.3.4, accepts@~1.3.5, accepts@~1.3.8:
   version "1.3.8"
   resolved "https://registry.yarnpkg.com/accepts/-/accepts-1.3.8.tgz#0bf0be125b67014adcb0b0921e62db7bffe16b2e"
@@ -2353,12 +2444,17 @@ acorn-import-assertions@^1.7.6:
   resolved "https://registry.yarnpkg.com/acorn-import-assertions/-/acorn-import-assertions-1.8.0.tgz#ba2b5939ce62c238db6d93d81c9b111b29b855e9"
   integrity sha512-m7VZ3jwz4eK6A4Vtt8Ew1/mNbP24u0FhdyfA7fSvnJR6LMdfOYnmuIrrJAgrYfYJ10F/otaHTtrtrtmHdMNzEw==
 
+acorn-jsx@^5.0.0:
+  version "5.3.2"
+  resolved "https://registry.yarnpkg.com/acorn-jsx/-/acorn-jsx-5.3.2.tgz#7ed5bb55908b3b2f1bc55c6af1653bada7f07937"
+  integrity sha512-rq9s+JNhf0IChjtDXxllJ7g41oZk5SlXtp0LHwyA5cejwn7vKmKp4pPri6YEePv2PU65sAsegbXtIinmDFDXgQ==
+
 acorn-walk@^8.0.0:
   version "8.2.0"
   resolved "https://registry.yarnpkg.com/acorn-walk/-/acorn-walk-8.2.0.tgz#741210f2e2426454508853a2f44d0ab83b7f69c1"
   integrity sha512-k+iyHEuPgSw6SbuDpGQM+06HQUa04DZ3o+F6CSzXMvvI5KMvnaEqXe+YVe555R9nn6GPt404fos4wcgpw12SDA==
 
-acorn@^8.0.4, acorn@^8.5.0, acorn@^8.7.1:
+acorn@^8.0.0, acorn@^8.0.4, acorn@^8.5.0, acorn@^8.7.1:
   version "8.8.2"
   resolved "https://registry.yarnpkg.com/acorn/-/acorn-8.8.2.tgz#1b2f25db02af965399b9776b0c2c391276d37c4a"
   integrity sha512-xjIYgE8HBrkpd/sJqOGNspf8uHG+NOHGOw6a/Urj8taM2EXfdNAH2oFcPeIFfsv3+kz/mJrS5VuMqbNLjCa2vw==
@@ -2528,6 +2624,14 @@ asap@~2.0.3:
   resolved "https://registry.yarnpkg.com/asap/-/asap-2.0.6.tgz#e50347611d7e690943208bbdafebcbc2fb866d46"
   integrity sha512-BSHWgDSAiKs50o2Re8ppvp3seVHXSRM44cdSsT9FfNEUUZLOGWVCsiWaRPWM1Znn+mqZ1OfVZ3z3DWEzSp7hRA==
 
+asciinema-player@^3.0.1:
+  version "3.1.0"
+  resolved "https://registry.yarnpkg.com/asciinema-player/-/asciinema-player-3.1.0.tgz#64a315e75cb55c61f69e4be91ad0f4ffe0504979"
+  integrity sha512-O36+vQOreHW2w9Sao7AbHY4o3RJW7AxtVGtQdb74QkKZmaY8VzQJ3u36PTzltqlybJIpwXY9yK/PdVVmgmTEpg==
+  dependencies:
+    "@babel/runtime" "^7.15.4"
+    solid-js "^1.3.0"
+
 at-least-node@^1.0.0:
   version "1.0.0"
   resolved "https://registry.yarnpkg.com/at-least-node/-/at-least-node-1.0.0.tgz#602cd4b46e844ad4effc92a8011a3c46e0238dc2"
@@ -2613,6 +2717,11 @@ bail@^1.0.0:
   resolved "https://registry.yarnpkg.com/bail/-/bail-1.0.5.tgz#b6fa133404a392cbc1f8c4bf63f5953351e7a776"
   integrity sha512-xFbRxM1tahm08yHBP16MMjVUAvDaBMD38zsM9EMAUN61omwLmKlOpB/Zku5QkjZ8TZ4vn53pj+t518cH0S03RQ==
 
+bail@^2.0.0:
+  version "2.0.2"
+  resolved "https://registry.yarnpkg.com/bail/-/bail-2.0.2.tgz#d26f5cd8fe5d6f832a31517b9f7c356040ba6d5d"
+  integrity sha512-0xO6mYd7JB2YesxDKplafRpsiOzPt9V02ddPCLbY1xYGPOX24NTyN50qnUxgCPcSoYMhKpAuBTjQoRZCAkUDRw==
+
 balanced-match@^1.0.0:
   version "1.0.2"
   resolved "https://registry.yarnpkg.com/balanced-match/-/balanced-match-1.0.2.tgz#e83e3a7e3f300b34cb9d87f615fa0cbf357690ee"
@@ -2707,6 +2816,13 @@ brace-expansion@^1.1.7:
     balanced-match "^1.0.0"
     concat-map "0.0.1"
 
+brace-expansion@^2.0.1:
+  version "2.0.1"
+  resolved "https://registry.yarnpkg.com/brace-expansion/-/brace-expansion-2.0.1.tgz#1edc459e0f0c548486ecf9fc99f2221364b9a0ae"
+  integrity sha512-XnAIvQ8eM+kC6aULx6wuQiwVsnzsi9d3WxzV3FpWTGA19F621kwdbsAcFKXgKUHZWsy+mY6iL1sHTxWEFCytDA==
+  dependencies:
+    balanced-match "^1.0.0"
+
 braces@^3.0.2, braces@~3.0.2:
   version "3.0.2"
   resolved "https://registry.yarnpkg.com/braces/-/braces-3.0.2.tgz#3454e1a462ee8d599e236df336cd9ea4f8afe107"
@@ -2714,7 +2830,7 @@ braces@^3.0.2, braces@~3.0.2:
   dependencies:
     fill-range "^7.0.1"
 
-browserslist@^4.0.0, browserslist@^4.14.5, browserslist@^4.16.6, browserslist@^4.18.1, browserslist@^4.21.3, browserslist@^4.21.4:
+browserslist@^4.0.0, browserslist@^4.14.5, browserslist@^4.16.6, browserslist@^4.18.1, browserslist@^4.21.3, browserslist@^4.21.4, browserslist@^4.21.5:
   version "4.21.5"
   resolved "https://registry.yarnpkg.com/browserslist/-/browserslist-4.21.5.tgz#75c5dae60063ee641f977e00edd3cfb2fb7af6a7"
   integrity sha512-tUkiguQGW7S3IhB7N+c2MV/HZPSCPAAiYBZXLsBhFB/PCy6ZKKsZrmBayHV9fdGV/ARIfJ14NkxKzRDjvp7L6w==
@@ -2783,6 +2899,11 @@ camelcase@^6.2.0:
   resolved "https://registry.yarnpkg.com/camelcase/-/camelcase-6.3.0.tgz#5685b95eb209ac9c0c177467778c9c84df58ba9a"
   integrity sha512-Gmy6FhYlCY7uOElZUSbxo2UCDH8owEk996gkbrpsgGtrJLM3J7jGxl9Ic7Qwwj4ivOE5AWZWRMecDdF7hqGjFA==
 
+camelcase@^7.0.0:
+  version "7.0.1"
+  resolved "https://registry.yarnpkg.com/camelcase/-/camelcase-7.0.1.tgz#f02e50af9fd7782bc8b88a3558c32fd3a388f048"
+  integrity sha512-xlx1yCK2Oc1APsPXDL2LdlNP6+uu8OCDdhOBSVT279M/S+y75O30C2VuD8T2ogdePBBl7PfPF4504tnLgX3zfw==
+
 caniuse-api@^3.0.0:
   version "3.0.0"
   resolved "https://registry.yarnpkg.com/caniuse-api/-/caniuse-api-3.0.0.tgz#5e4d90e2274961d46291997df599e3ed008ee4c0"
@@ -2794,15 +2915,20 @@ caniuse-api@^3.0.0:
     lodash.uniq "^4.5.0"
 
 caniuse-lite@^1.0.0, caniuse-lite@^1.0.30001426, caniuse-lite@^1.0.30001449:
-  version "1.0.30001451"
-  resolved "https://registry.yarnpkg.com/caniuse-lite/-/caniuse-lite-1.0.30001451.tgz#2e197c698fc1373d63e1406d6607ea4617c613f1"
-  integrity sha512-XY7UbUpGRatZzoRft//5xOa69/1iGJRBlrieH6QYrkKLIFn3m7OVEJ81dSrKoy2BnKsdbX5cLrOispZNYo9v2w==
+  version "1.0.30001452"
+  resolved "https://registry.yarnpkg.com/caniuse-lite/-/caniuse-lite-1.0.30001452.tgz#dff7b8bb834b3a91808f0a9ff0453abb1fbba02a"
+  integrity sha512-Lkp0vFjMkBB3GTpLR8zk4NwW5EdRdnitwYJHDOOKIU85x4ckYCPQ+9WlVvSVClHxVReefkUMtWZH2l9KGlD51w==
 
 ccount@^1.0.0:
   version "1.1.0"
   resolved "https://registry.yarnpkg.com/ccount/-/ccount-1.1.0.tgz#246687debb6014735131be8abab2d93898f8d043"
   integrity sha512-vlNK021QdI7PNeiUh/lKkC/mNHHfV0m/Ad5JoI0TYtlBnJAslM/JIkm/tGC88bkLIwO6OQ5uV6ztS6kVAtCDlg==
 
+ccount@^2.0.0:
+  version "2.0.1"
+  resolved "https://registry.yarnpkg.com/ccount/-/ccount-2.0.1.tgz#17a3bf82302e0870d6da43a01311a8bc02a3ecf5"
+  integrity sha512-eyrF0jiFpY+3drT6383f1qhkbGsLSifNAjA61IUjZjmLCWjItY6LB9ft9YhoDgwfmclB2zhu51Lc7+95b8NRAg==
+
 chalk@^2.0.0:
   version "2.4.2"
   resolved "https://registry.yarnpkg.com/chalk/-/chalk-2.4.2.tgz#cd42541677a54333cf541a49108c1432b44c9424"
@@ -2820,21 +2946,46 @@ chalk@^4.0.0, chalk@^4.1.0, chalk@^4.1.2:
     ansi-styles "^4.1.0"
     supports-color "^7.1.0"
 
+chalk@^5.0.0:
+  version "5.2.0"
+  resolved "https://registry.yarnpkg.com/chalk/-/chalk-5.2.0.tgz#249623b7d66869c673699fb66d65723e54dfcfb3"
+  integrity sha512-ree3Gqw/nazQAPuJJEy+avdl7QfZMcUvmHIKgEZkGL+xOBzRvup5Hxo6LHuMceSxOabuJLJm5Yp/92R9eMmMvA==
+
+character-entities-html4@^2.0.0:
+  version "2.1.0"
+  resolved "https://registry.yarnpkg.com/character-entities-html4/-/character-entities-html4-2.1.0.tgz#1f1adb940c971a4b22ba39ddca6b618dc6e56b2b"
+  integrity sha512-1v7fgQRj6hnSwFpq1Eu0ynr/CDEw0rXo2B61qXrLNdHZmPKgb7fqS1a2JwF0rISo9q77jDI8VMEHoApn8qDoZA==
+
 character-entities-legacy@^1.0.0:
   version "1.1.4"
   resolved "https://registry.yarnpkg.com/character-entities-legacy/-/character-entities-legacy-1.1.4.tgz#94bc1845dce70a5bb9d2ecc748725661293d8fc1"
   integrity sha512-3Xnr+7ZFS1uxeiUDvV02wQ+QDbc55o97tIV5zHScSPJpcLm/r0DFPcoY3tYRp+VZukxuMeKgXYmsXQHO05zQeA==
 
+character-entities-legacy@^3.0.0:
+  version "3.0.0"
+  resolved "https://registry.yarnpkg.com/character-entities-legacy/-/character-entities-legacy-3.0.0.tgz#76bc83a90738901d7bc223a9e93759fdd560125b"
+  integrity sha512-RpPp0asT/6ufRm//AJVwpViZbGM/MkjQFxJccQRHmISF/22NBtsHqAWmL+/pmkPWoIUJdWyeVleTl1wydHATVQ==
+
 character-entities@^1.0.0:
   version "1.2.4"
   resolved "https://registry.yarnpkg.com/character-entities/-/character-entities-1.2.4.tgz#e12c3939b7eaf4e5b15e7ad4c5e28e1d48c5b16b"
   integrity sha512-iBMyeEHxfVnIakwOuDXpVkc54HijNgCyQB2w0VfGQThle6NXn50zU6V/u+LDhxHcDUPojn6Kpga3PTAD8W1bQw==
 
+character-entities@^2.0.0:
+  version "2.0.2"
+  resolved "https://registry.yarnpkg.com/character-entities/-/character-entities-2.0.2.tgz#2d09c2e72cd9523076ccb21157dff66ad43fcc22"
+  integrity sha512-shx7oQ0Awen/BRIdkjkvz54PnEEI/EjwXDSIZp86/KKdbafHh1Df/RYGBhn4hbe2+uKC9FnT5UCEdyPz3ai9hQ==
+
 character-reference-invalid@^1.0.0:
   version "1.1.4"
   resolved "https://registry.yarnpkg.com/character-reference-invalid/-/character-reference-invalid-1.1.4.tgz#083329cda0eae272ab3dbbf37e9a382c13af1560"
   integrity sha512-mKKUkUbhPpQlCOfIuZkvSEgktjPFIsZKRRbC6KWVEMvlzblj3i3asQv5ODsrwt0N3pHAEvjP8KTQPHkp0+6jOg==
 
+character-reference-invalid@^2.0.0:
+  version "2.0.1"
+  resolved "https://registry.yarnpkg.com/character-reference-invalid/-/character-reference-invalid-2.0.1.tgz#85c66b041e43b47210faf401278abf808ac45cb9"
+  integrity sha512-iBZ4F4wRbyORVsu0jPV7gXkOsGYjGHPmAyv+HiHG8gi5PtC9KI2j1+v8/tlibRvjoWX027ypmG/n0HtO5t7unw==
+
 cheerio-select@^2.1.0:
   version "2.1.0"
   resolved "https://registry.yarnpkg.com/cheerio-select/-/cheerio-select-2.1.0.tgz#4d8673286b8126ca2a8e42740d5e3c4884ae21b4"
@@ -2860,7 +3011,7 @@ cheerio@^1.0.0-rc.12:
     parse5 "^7.0.0"
     parse5-htmlparser2-tree-adapter "^7.0.0"
 
-chokidar@^3.4.2, chokidar@^3.5.3:
+chokidar@^3.0.0, chokidar@^3.4.2, chokidar@^3.5.3:
   version "3.5.3"
   resolved "https://registry.yarnpkg.com/chokidar/-/chokidar-3.5.3.tgz#1cf37c8707b932bd1af1ae22c0432e2acd1903bd"
   integrity sha512-Dr3sfKRP6oTcjf2JmUmFJfeVMvXBdegxB0iVQ5eb2V10uFJUCAS8OByZdVAyVb8xXNz3GjjTgj9kLWsZTqE6kw==
@@ -2886,9 +3037,9 @@ ci-info@^2.0.0:
   integrity sha512-5tK7EtrZ0N+OLFMthtqOj4fI2Jeb88C4CAZPu25LDVUgXJ0A3Js4PMGqrn0JU1W0Mh1/Z8wZzYPxqUrXeBboCQ==
 
 ci-info@^3.2.0:
-  version "3.7.1"
-  resolved "https://registry.yarnpkg.com/ci-info/-/ci-info-3.7.1.tgz#708a6cdae38915d597afdf3b145f2f8e1ff55f3f"
-  integrity sha512-4jYS4MOAaCIStSRwiuxc4B8MYhIe676yO1sYGzARnjXkWpmzZMMYxY6zu8WYWDhSuth5zhrQ1rhNSibyyvv4/w==
+  version "3.8.0"
+  resolved "https://registry.yarnpkg.com/ci-info/-/ci-info-3.8.0.tgz#81408265a5380c929f0bc665d62256628ce9ef91"
+  integrity sha512-eXTggHWSooYhq49F2opQhuHWgzucfF2YgODK4e1566GQs5BIfP30B0oenwBJHfWxAs2fyPB1s7Mg949zLf61Yw==
 
 clean-css@^5.2.2, clean-css@^5.3.0:
   version "5.3.2"
@@ -3046,6 +3197,16 @@ concat-map@0.0.1:
   resolved "https://registry.yarnpkg.com/concat-map/-/concat-map-0.0.1.tgz#d8a96bd77fd68df7793a73036a3ba0d5405d477b"
   integrity sha512-/Srv4dswyQNBfohGpz9o6Yb3Gz3SrUDqBH5rTuhGR7ahtlbYKnVxw2bCFMRljaA7EXHaXZ8wsHdodFvbkhKmqg==
 
+concat-stream@^2.0.0:
+  version "2.0.0"
+  resolved "https://registry.yarnpkg.com/concat-stream/-/concat-stream-2.0.0.tgz#414cf5af790a48c60ab9be4527d56d5e41133cb1"
+  integrity sha512-MWufYdFw53ccGjCA+Ol7XJYpAlW6/prSMzuPOTRnJGcGzuhLn4Scrz7qf6o8bROZ514ltazcIFJZevcfbo0x7A==
+  dependencies:
+    buffer-from "^1.0.0"
+    inherits "^2.0.3"
+    readable-stream "^3.0.2"
+    typedarray "^0.0.6"
+
 configstore@^5.0.1:
   version "5.0.1"
   resolved "https://registry.yarnpkg.com/configstore/-/configstore-5.0.1.tgz#d365021b5df4b98cdd187d6a3b0e3f6a7cc5ed96"
@@ -3118,21 +3279,21 @@ copy-webpack-plugin@^11.0.0:
     serialize-javascript "^6.0.0"
 
 core-js-compat@^3.25.1:
-  version "3.27.2"
-  resolved "https://registry.yarnpkg.com/core-js-compat/-/core-js-compat-3.27.2.tgz#607c50ad6db8fd8326af0b2883ebb987be3786da"
-  integrity sha512-welaYuF7ZtbYKGrIy7y3eb40d37rG1FvzEOfe7hSLd2iD6duMDqUhRfSvCGyC46HhR6Y8JXXdZ2lnRUMkPBpvg==
+  version "3.28.0"
+  resolved "https://registry.yarnpkg.com/core-js-compat/-/core-js-compat-3.28.0.tgz#c08456d854608a7264530a2afa281fadf20ecee6"
+  integrity sha512-myzPgE7QodMg4nnd3K1TDoES/nADRStM8Gpz0D6nhkwbmwEnE0ZGJgoWsvQ722FR8D7xS0n0LV556RcEicjTyg==
   dependencies:
-    browserslist "^4.21.4"
+    browserslist "^4.21.5"
 
 core-js-pure@^3.25.1:
-  version "3.27.2"
-  resolved "https://registry.yarnpkg.com/core-js-pure/-/core-js-pure-3.27.2.tgz#47e9cc96c639eefc910da03c3ece26c5067c7553"
-  integrity sha512-Cf2jqAbXgWH3VVzjyaaFkY1EBazxugUepGymDoeteyYr9ByX51kD2jdHZlsEF/xnJMyN3Prua7mQuzwMg6Zc9A==
+  version "3.28.0"
+  resolved "https://registry.yarnpkg.com/core-js-pure/-/core-js-pure-3.28.0.tgz#4ef2888475b6c856ef6f5aeef8b4f618b76ad048"
+  integrity sha512-DSOVleA9/v3LNj/vFxAPfUHttKTzrB2RXhAPvR5TPXn4vrra3Z2ssytvRyt8eruJwAfwAiFADEbrjcRdcvPLQQ==
 
 core-js@^3.23.3:
-  version "3.27.2"
-  resolved "https://registry.yarnpkg.com/core-js/-/core-js-3.27.2.tgz#85b35453a424abdcacb97474797815f4d62ebbf7"
-  integrity sha512-9ashVQskuh5AZEZ1JdQWp1GqSoC1e1G87MzRqg2gIfVAQ7Qn9K+uFj8EcniUFA4P2NLZfV+TOlX1SzoKfo+s7w==
+  version "3.28.0"
+  resolved "https://registry.yarnpkg.com/core-js/-/core-js-3.28.0.tgz#ed8b9e99c273879fdfff0edfc77ee709a5800e4a"
+  integrity sha512-GiZn9D4Z/rSYvTeg1ljAIsEqFm0LaN9gVtwDCrKL80zHtS31p9BAjmTxVqTQDMpwlMolJZOFntUG2uwyj7DAqw==
 
 core-util-is@~1.0.0:
   version "1.0.3"
@@ -3333,7 +3494,7 @@ csso@^4.2.0:
   dependencies:
     css-tree "^1.1.2"
 
-csstype@^3.0.2:
+csstype@^3.0.2, csstype@^3.1.0:
   version "3.1.1"
   resolved "https://registry.yarnpkg.com/csstype/-/csstype-3.1.1.tgz#841b532c45c758ee546a11d5bd7b7b473c8c30b9"
   integrity sha512-DJR/VvkAvSZW9bTouZue2sSxDwdTN92uHjqeKVm+0dAqdfNykRzQ95tay8aXMBAAPpUiq4Qcug2L7neoRh2Egw==
@@ -3345,13 +3506,20 @@ debug@2.6.9, debug@^2.6.0:
   dependencies:
     ms "2.0.0"
 
-debug@4, debug@^4.1.0, debug@^4.1.1:
+debug@4, debug@^4.0.0, debug@^4.1.0, debug@^4.1.1:
   version "4.3.4"
   resolved "https://registry.yarnpkg.com/debug/-/debug-4.3.4.tgz#1319f6579357f2338d3337d2cdd4914bb5dcc865"
   integrity sha512-PRWFHuSU3eDtQJPvnNY7Jcket1j0t5OuOsFzPPzsekD52Zl8qUfFIPEiswXqIvHWGVHOgX+7G/vCNNhehwxfkQ==
   dependencies:
     ms "2.1.2"
 
+decode-named-character-reference@^1.0.0:
+  version "1.0.2"
+  resolved "https://registry.yarnpkg.com/decode-named-character-reference/-/decode-named-character-reference-1.0.2.tgz#daabac9690874c394c81e4162a0304b35d824f0e"
+  integrity sha512-O8x12RzrUF8xyVcY0KJowWsmaJxQbmy0/EtnNtHRpsOcT7dFk5W598coHqBVpmWo1oQQfsCqfCmkZN5DJrZVdg==
+  dependencies:
+    character-entities "^2.0.0"
+
 decompress-response@^3.3.0:
   version "3.3.0"
   resolved "https://registry.yarnpkg.com/decompress-response/-/decompress-response-3.3.0.tgz#80a4dd323748384bfa248083622aedec982adff3"
@@ -3387,9 +3555,9 @@ define-lazy-prop@^2.0.0:
   integrity sha512-Ds09qNh8yw3khSjiJjiUInaGX9xlqZDY7JVryGxdxV7NPeuqQfplOpQ66yJFZut3jLa5zOwkXw1g9EI2uKh4Og==
 
 define-properties@^1.1.4:
-  version "1.1.4"
-  resolved "https://registry.yarnpkg.com/define-properties/-/define-properties-1.1.4.tgz#0b14d7bd7fbeb2f3572c3a7eda80ea5d57fb05b1"
-  integrity sha512-uckOqKcfaVvtBdsVkdPv3XjveQJsNQqmhXgRi8uhvWWuPYZCNlzT8qAyblUgNoXdHdjMTzAqeGjAoli8f+bzPA==
+  version "1.2.0"
+  resolved "https://registry.yarnpkg.com/define-properties/-/define-properties-1.2.0.tgz#52988570670c9eacedd8064f4a990f2405849bd5"
+  integrity sha512-xvqAVKGfT1+UAvPwKTVw/njhdQ8ZhXK4lI0bCIuCMrp2up9nPnaDftrLtmpTazqd1o+UY4zgzU+avtMbDP+ldA==
   dependencies:
     has-property-descriptors "^1.0.0"
     object-keys "^1.1.1"
@@ -3418,6 +3586,11 @@ depd@~1.1.2:
   resolved "https://registry.yarnpkg.com/depd/-/depd-1.1.2.tgz#9bcd52e14c097763e749b274c4346ed2e560b5a9"
   integrity sha512-7emPTl6Dpo6JRXOXjLRxck+FlLRX5847cLKEn00PLAgc3g2hTZZgr+e4c2v6QpSmLeFP3n5yUo7ft6avBK/5jQ==
 
+dequal@^2.0.0:
+  version "2.0.3"
+  resolved "https://registry.yarnpkg.com/dequal/-/dequal-2.0.3.tgz#2644214f1997d39ed0ee0ece72335490a7ac67be"
+  integrity sha512-0je+qPKHEMohvfRTCEo3CrPG6cAzAYgmzKyxRiYSSDkS6eGJdyVJm7WaYA5ECaAD9wLB2T4EEeymA5aFVcYXCA==
+
 destroy@1.2.0:
   version "1.2.0"
   resolved "https://registry.yarnpkg.com/destroy/-/destroy-1.2.0.tgz#4803735509ad8be552934c67df614f94e66fa015"
@@ -3451,6 +3624,11 @@ detect-port@^1.3.0:
     address "^1.0.1"
     debug "4"
 
+diff@^5.0.0:
+  version "5.1.0"
+  resolved "https://registry.yarnpkg.com/diff/-/diff-5.1.0.tgz#bc52d298c5ea8df9194800224445ed43ffc87e40"
+  integrity sha512-D+mk+qE8VC/PAUrlAU34N+VfXev0ghe5ywmpqrawphmVZc1bEfn56uo9qpyGp1p4xpzOHkSW4ztBd6L7Xx4ACw==
+
 dir-glob@^3.0.1:
   version "3.0.1"
   resolved "https://registry.yarnpkg.com/dir-glob/-/dir-glob-3.0.1.tgz#56dbf73d992a4a93ba1584f4534063fd2e41717f"
@@ -3568,9 +3746,9 @@ ee-first@1.1.1:
   integrity sha512-WMwm9LhRUo+WUaRN+vRuETqG89IgZphVSNkdFgeb6sS/E4OrDIN7t48CAewSHXc6C8lefD8KKfr5vY61brQlow==
 
 electron-to-chromium@^1.4.284:
-  version "1.4.293"
-  resolved "https://registry.yarnpkg.com/electron-to-chromium/-/electron-to-chromium-1.4.293.tgz#eaea755ad37a0f1759874a8597b33be62def2781"
-  integrity sha512-h7vBlhC83NsgC9UO3LOZx91xgstIrHk5iqMbZgnEArL5rHTM6HfsUZhnwb3oRnNetXM1741kB9SO7x9jLshz5A==
+  version "1.4.295"
+  resolved "https://registry.yarnpkg.com/electron-to-chromium/-/electron-to-chromium-1.4.295.tgz#911d5df67542bf7554336142eb302c5ec90bba66"
+  integrity sha512-lEO94zqf1bDA3aepxwnWoHUjA8sZ+2owgcSZjYQy0+uOSEclJX0VieZC+r+wLpSxUHRd6gG32znTWmr+5iGzFw==
 
 emoji-regex@^8.0.0:
   version "8.0.0"
@@ -3627,7 +3805,7 @@ entities@~2.1.0:
   resolved "https://registry.yarnpkg.com/entities/-/entities-2.1.0.tgz#992d3129cf7df6870b96c57858c249a120f8b8b5"
   integrity sha512-hCx1oky9PFrJ611mf0ifBLBRW8lUUVRlFolb5gWRfIELabBlbp9xZvrqZLZAs+NxFnbfQoeGd8wDkygjg7U85w==
 
-error-ex@^1.3.1:
+error-ex@^1.3.1, error-ex@^1.3.2:
   version "1.3.2"
   resolved "https://registry.yarnpkg.com/error-ex/-/error-ex-1.3.2.tgz#b4ac40648107fdcdcfae242f428bea8a14d4f1bf"
   integrity sha512-7dFHNmqeFSEt2ZBsCriorKnn3Z2pj+fd9kmI6QoWw4//DL+icEBfc0U7qJCisqrTsKTjw4fNFy2pW9OqStD84g==
@@ -3694,6 +3872,19 @@ estraverse@^5.2.0:
   resolved "https://registry.yarnpkg.com/estraverse/-/estraverse-5.3.0.tgz#2eea5290702f26ab8fe5370370ff86c965d21123"
   integrity sha512-MMdARuVEQziNTeJD8DgMqmhwR11BRQ/cBP+pLtYdSTnf3MIO8fFeiINEbX36ZdNlfU/7A9f3gUw49B3oQsvwBA==
 
+estree-util-is-identifier-name@^2.0.0:
+  version "2.1.0"
+  resolved "https://registry.yarnpkg.com/estree-util-is-identifier-name/-/estree-util-is-identifier-name-2.1.0.tgz#fb70a432dcb19045e77b05c8e732f1364b4b49b2"
+  integrity sha512-bEN9VHRyXAUOjkKVQVvArFym08BTWB0aJPppZZr0UNyAqWsLaVfAqP7hbaTJjzHifmB5ebnR8Wm7r7yGN/HonQ==
+
+estree-util-visit@^1.0.0:
+  version "1.2.1"
+  resolved "https://registry.yarnpkg.com/estree-util-visit/-/estree-util-visit-1.2.1.tgz#8bc2bc09f25b00827294703835aabee1cc9ec69d"
+  integrity sha512-xbgqcrkIVbIG+lI/gzbvd9SGTJL4zqJKBFttUl5pP27KhAjtMKbX/mQXJ7qgyXpMgVy/zvpm0xoQQaGL8OloOw==
+  dependencies:
+    "@types/estree-jsx" "^1.0.0"
+    "@types/unist" "^2.0.0"
+
 esutils@^2.0.2:
   version "2.0.3"
   resolved "https://registry.yarnpkg.com/esutils/-/esutils-2.0.3.tgz#74d2eb4de0b8da1293711910d50775b9b710ef64"
@@ -3826,6 +4017,13 @@ fastq@^1.6.0:
   dependencies:
     reusify "^1.0.4"
 
+fault@^2.0.0:
+  version "2.0.1"
+  resolved "https://registry.yarnpkg.com/fault/-/fault-2.0.1.tgz#d47ca9f37ca26e4bd38374a7c500b5a384755b6c"
+  integrity sha512-WtySTkS4OKev5JtpHXnib4Gxiurzh5NCGvWrFaZ34m6JehfTUhKZvn9njTfw48t6JumVQOmrKqpmGcdwxnhqBQ==
+  dependencies:
+    format "^0.2.0"
+
 faye-websocket@^0.11.3:
   version "0.11.4"
   resolved "https://registry.yarnpkg.com/faye-websocket/-/faye-websocket-0.11.4.tgz#7f0d9275cfdd86a1c963dc8b65fcc451edcbb1da"
@@ -3962,6 +4160,11 @@ fork-ts-checker-webpack-plugin@^6.5.0:
     semver "^7.3.2"
     tapable "^1.0.0"
 
+format@^0.2.0:
+  version "0.2.2"
+  resolved "https://registry.yarnpkg.com/format/-/format-0.2.2.tgz#d6170107e9efdc4ed30c9dc39016df942b5cb58b"
+  integrity sha512-wzsgA6WOq+09wrU1tsJ09udeR/YZRaeArL9e1wPbFg3GG2yDnC2ldKpxs4xunpFF9DgqCqOIra3bc1HWrJ37Ww==
+
 forwarded@0.2.0:
   version "0.2.0"
   resolved "https://registry.yarnpkg.com/forwarded/-/forwarded-0.2.0.tgz#2269936428aad4c15c7ebe9779a84bf0b2a81811"
@@ -4095,6 +4298,17 @@ glob@^7.0.0, glob@^7.1.3, glob@^7.1.6, glob@~7.2.0:
     once "^1.3.0"
     path-is-absolute "^1.0.0"
 
+glob@^8.0.0, glob@^8.0.1:
+  version "8.1.0"
+  resolved "https://registry.yarnpkg.com/glob/-/glob-8.1.0.tgz#d388f656593ef708ee3e34640fdfb99a9fd1c33e"
+  integrity sha512-r8hpEjiQEYlF2QU0df3dS+nxxSIreXQS1qRhMJM0Q5NDdR386C7jb7Hwwod8Fgiuex+k0GFjgft18yvxm5XoCQ==
+  dependencies:
+    fs.realpath "^1.0.0"
+    inflight "^1.0.4"
+    inherits "2"
+    minimatch "^5.0.1"
+    once "^1.3.0"
+
 global-dirs@^3.0.0:
   version "3.0.1"
   resolved "https://registry.yarnpkg.com/global-dirs/-/global-dirs-3.0.1.tgz#0c488971f066baceda21447aecb1a8b911d22485"
@@ -4458,7 +4672,7 @@ icss-utils@^5.0.0, icss-utils@^5.1.0:
   resolved "https://registry.yarnpkg.com/icss-utils/-/icss-utils-5.1.0.tgz#c6be6858abd013d768e98366ae47e25d5887b1ae"
   integrity sha512-soFhflCVWLfRNOPU3iv5Z9VUdT44xFRbzjLsEzSr5AQmgqPMTHdU3PMT1Cf1ssx8fLNJDA1juftYl+PUcv3MqA==
 
-ignore@^5.2.0, ignore@~5.2.0:
+ignore@^5.0.0, ignore@^5.2.0, ignore@~5.2.0:
   version "5.2.4"
   resolved "https://registry.yarnpkg.com/ignore/-/ignore-5.2.4.tgz#a291c0c6178ff1b960befe47fcdec301674a6324"
   integrity sha512-MAb38BcSbH0eHNBxn7ql2NH/kX33OkB3lZ1BNdh7ENeRChHTYsTvWrMubiIAMNS2llXEEgZ1MUOBtXChP3kaFQ==
@@ -4488,6 +4702,11 @@ import-lazy@^2.1.0:
   resolved "https://registry.yarnpkg.com/import-lazy/-/import-lazy-2.1.0.tgz#05698e3d45c88e8d7e9d92cb0584e77f096f3e43"
   integrity sha512-m7ZEHgtw69qOGw+jwxXkHlrlIPdTGkyh66zXZ1ajZbxkDBNjSY/LGbmjc7h0s2ELsUDTAhFr55TrPSSqJGPG0A==
 
+import-meta-resolve@^2.0.0:
+  version "2.2.1"
+  resolved "https://registry.yarnpkg.com/import-meta-resolve/-/import-meta-resolve-2.2.1.tgz#80fdeddbc15d7f3992c37425023ffb4aca7cb583"
+  integrity sha512-C6lLL7EJPY44kBvA80gq4uMsVFw5x3oSKfuMl1cuZ2RkI5+UJqQXgn+6hlUew0y4ig7Ypt4CObAAIzU53Nfpuw==
+
 imurmurhash@^0.1.4:
   version "0.1.4"
   resolved "https://registry.yarnpkg.com/imurmurhash/-/imurmurhash-0.1.4.tgz#9218b9b2b928a238b13dc4fb6b6d576f231453ea"
@@ -4531,7 +4750,7 @@ ini@^1.3.5, ini@~1.3.0:
   resolved "https://registry.yarnpkg.com/ini/-/ini-1.3.8.tgz#a29da425b48806f34767a4efce397269af28432c"
   integrity sha512-JV/yugV2uzW5iMRSiZAyDtQd+nxtUnjeLt0acNdw98kKLrvuRVyB80tsREOE7yvGVgalhZ6RNXCmEHkUKBKxew==
 
-ini@~3.0.0:
+ini@^3.0.0, ini@~3.0.0:
   version "3.0.1"
   resolved "https://registry.yarnpkg.com/ini/-/ini-3.0.1.tgz#c76ec81007875bc44d544ff7a11a55d12294102d"
   integrity sha512-it4HyVAUTKBc6m8e1iXWvXSTdndF7HbdN713+kvLrymxTaU4AUBWrJ4vEooP+V7fexnVD3LKcBshjGGPefSMUQ==
@@ -4568,6 +4787,11 @@ is-alphabetical@1.0.4, is-alphabetical@^1.0.0:
   resolved "https://registry.yarnpkg.com/is-alphabetical/-/is-alphabetical-1.0.4.tgz#9e7d6b94916be22153745d184c298cbf986a686d"
   integrity sha512-DwzsA04LQ10FHTZuL0/grVDk4rFoVH1pjAToYwBrHSxcrBIGQuXrQMtD5U1b0U2XVgKZCTLLP8u2Qxqhy3l2Vg==
 
+is-alphabetical@^2.0.0:
+  version "2.0.1"
+  resolved "https://registry.yarnpkg.com/is-alphabetical/-/is-alphabetical-2.0.1.tgz#01072053ea7c1036df3c7d19a6daaec7f19e789b"
+  integrity sha512-FWyyY60MeTNyeSRpkM2Iry0G9hpr7/9kD40mD/cGQEuilcZYS4okz8SN2Q6rLCJ8gbCt6fN+rC+6tMGS99LaxQ==
+
 is-alphanumerical@^1.0.0:
   version "1.0.4"
   resolved "https://registry.yarnpkg.com/is-alphanumerical/-/is-alphanumerical-1.0.4.tgz#7eb9a2431f855f6b1ef1a78e326df515696c4dbf"
@@ -4576,6 +4800,14 @@ is-alphanumerical@^1.0.0:
     is-alphabetical "^1.0.0"
     is-decimal "^1.0.0"
 
+is-alphanumerical@^2.0.0:
+  version "2.0.1"
+  resolved "https://registry.yarnpkg.com/is-alphanumerical/-/is-alphanumerical-2.0.1.tgz#7c03fbe96e3e931113e57f964b0a368cc2dfd875"
+  integrity sha512-hmbYhX/9MUMF5uh7tOXyK/n0ZvWpad5caBA17GsC6vyuCqaWliRG5K1qS9inmUhEMaOBIW7/whAnSwveW/LtZw==
+  dependencies:
+    is-alphabetical "^2.0.0"
+    is-decimal "^2.0.0"
+
 is-arrayish@^0.2.1:
   version "0.2.1"
   resolved "https://registry.yarnpkg.com/is-arrayish/-/is-arrayish-0.2.1.tgz#77c99840527aa8ecb1a8ba697b80645a7a926a9d"
@@ -4612,11 +4844,21 @@ is-decimal@^1.0.0:
   resolved "https://registry.yarnpkg.com/is-decimal/-/is-decimal-1.0.4.tgz#65a3a5958a1c5b63a706e1b333d7cd9f630d3fa5"
   integrity sha512-RGdriMmQQvZ2aqaQq3awNA6dCGtKpiDFcOzrTWrDAT2MiWrKQVPmxLGHl7Y2nNu6led0kEyoX0enY0qXYsv9zw==
 
+is-decimal@^2.0.0:
+  version "2.0.1"
+  resolved "https://registry.yarnpkg.com/is-decimal/-/is-decimal-2.0.1.tgz#9469d2dc190d0214fd87d78b78caecc0cc14eef7"
+  integrity sha512-AAB9hiomQs5DXWcRB1rqsxGUstbRroFOPPVAomNk/3XHR5JyEZChOyTWe2oayKnsSsr/kcGqF+z6yuH6HHpN0A==
+
 is-docker@^2.0.0, is-docker@^2.1.1:
   version "2.2.1"
   resolved "https://registry.yarnpkg.com/is-docker/-/is-docker-2.2.1.tgz#33eeabe23cfe86f14bde4408a02c0cfb853acdaa"
   integrity sha512-F+i2BKsFrH66iaUFc0woD8sLy8getkwTwtOBjvs56Cx4CgJDeKQeqfz8wAYiSb8JOprWhHH5p77PbmYCvvUuXQ==
 
+is-empty@^1.0.0:
+  version "1.2.0"
+  resolved "https://registry.yarnpkg.com/is-empty/-/is-empty-1.2.0.tgz#de9bb5b278738a05a0b09a57e1fb4d4a341a9f6b"
+  integrity sha512-F2FnH/otLNJv0J6wc73A5Xo7oHLNnqplYqZhUu01tD54DIPvxIRSTSLkrUB/M0nHO4vo1O9PDfN4KoTxCzLh/w==
+
 is-extendable@^0.1.0:
   version "0.1.1"
   resolved "https://registry.yarnpkg.com/is-extendable/-/is-extendable-0.1.1.tgz#62b110e289a471418e3ec36a617d472e301dfc89"
@@ -4644,6 +4886,11 @@ is-hexadecimal@^1.0.0:
   resolved "https://registry.yarnpkg.com/is-hexadecimal/-/is-hexadecimal-1.0.4.tgz#cc35c97588da4bd49a8eedd6bc4082d44dcb23a7"
   integrity sha512-gyPJuv83bHMpocVYoqof5VDiZveEoGoFL8m3BXNb2VW8Xs+rz9kqO8LOQ5DH6EsuvilT1ApazU0pyl+ytbPtlw==
 
+is-hexadecimal@^2.0.0:
+  version "2.0.1"
+  resolved "https://registry.yarnpkg.com/is-hexadecimal/-/is-hexadecimal-2.0.1.tgz#86b5bf668fca307498d319dfc03289d781a90027"
+  integrity sha512-DgZQp241c8oO6cA1SbTEWiXeoxV42vlcJxgH+B3hi1AiqqKruZR3ZGF8In3fj4+/y/7rHvlOZLZtgJ/4ttYGZg==
+
 is-installed-globally@^0.4.0:
   version "0.4.0"
   resolved "https://registry.yarnpkg.com/is-installed-globally/-/is-installed-globally-0.4.0.tgz#9a0fd407949c30f86eb6959ef1b7994ed0b7b520"
@@ -4692,6 +4939,11 @@ is-plain-obj@^3.0.0:
   resolved "https://registry.yarnpkg.com/is-plain-obj/-/is-plain-obj-3.0.0.tgz#af6f2ea14ac5a646183a5bbdb5baabbc156ad9d7"
   integrity sha512-gwsOE28k+23GP1B6vFl1oVh/WOzmawBrKwo5Ev6wMKzPkaXaCDIQKzLnvsA42DRlbVTWorkgTKIviAKCWkfUwA==
 
+is-plain-obj@^4.0.0:
+  version "4.1.0"
+  resolved "https://registry.yarnpkg.com/is-plain-obj/-/is-plain-obj-4.1.0.tgz#d65025edec3657ce032fd7db63c97883eaed71f0"
+  integrity sha512-+Pgi+vMuUNkJyExiMBt5IlFoMyKnr5zhJ4Uspz58WOhBF5QoIZkFyNHIbBAtHwzVAgk5RtndVNsDRN61/mmDqg==
+
 is-plain-object@^2.0.4:
   version "2.0.4"
   resolved "https://registry.yarnpkg.com/is-plain-object/-/is-plain-object-2.0.4.tgz#2c163b3fafb1b606d9d17928f05c2a1c38e07677"
@@ -4793,14 +5045,14 @@ jest-worker@^29.1.2:
     supports-color "^8.0.0"
 
 joi@^17.6.0:
-  version "17.7.0"
-  resolved "https://registry.yarnpkg.com/joi/-/joi-17.7.0.tgz#591a33b1fe1aca2bc27f290bcad9b9c1c570a6b3"
-  integrity sha512-1/ugc8djfn93rTE3WRKdCzGGt/EtiYKxITMO4Wiv6q5JL1gl9ePt4kBsl1S499nbosspfctIQTpYIhSmHA3WAg==
+  version "17.7.1"
+  resolved "https://registry.yarnpkg.com/joi/-/joi-17.7.1.tgz#854fc85c7fa3cfc47c91124d30bffdbb58e06cec"
+  integrity sha512-teoLhIvWE298R6AeJywcjR4sX2hHjB3/xJX4qPjg+gTg+c0mzUDsziYlqPmLomq9gVsfaMcgPaGc7VxtD/9StA==
   dependencies:
     "@hapi/hoek" "^9.0.0"
     "@hapi/topo" "^5.0.0"
     "@sideway/address" "^4.1.3"
-    "@sideway/formula" "^3.0.0"
+    "@sideway/formula" "^3.0.1"
     "@sideway/pinpoint" "^2.0.0"
 
 "js-tokens@^3.0.0 || ^4.0.0", js-tokens@^4.0.0:
@@ -4843,6 +5095,11 @@ json-parse-even-better-errors@^2.3.0, json-parse-even-better-errors@^2.3.1:
   resolved "https://registry.yarnpkg.com/json-parse-even-better-errors/-/json-parse-even-better-errors-2.3.1.tgz#7c47805a94319928e05777405dc12e1f7a4ee02d"
   integrity sha512-xyFwyhro/JEof6Ghe2iz2NcXoj2sloNsWr/XsERDK/oiPCfaNhl5ONfp+jQdAZRQQ0IJWNzH9zIZF7li91kh2w==
 
+json-parse-even-better-errors@^3.0.0:
+  version "3.0.0"
+  resolved "https://registry.yarnpkg.com/json-parse-even-better-errors/-/json-parse-even-better-errors-3.0.0.tgz#2cb2ee33069a78870a0c7e3da560026b89669cf7"
+  integrity sha512-iZbGHafX/59r39gPwVPRBGw0QQKnA7tte5pSMrhWOW7swGsVvVTjmfyAV9pNqk8YGT7tRCdxRu8uzcgZwoDooA==
+
 json-schema-traverse@^0.4.1:
   version "0.4.1"
   resolved "https://registry.yarnpkg.com/json-schema-traverse/-/json-schema-traverse-0.4.1.tgz#69f6a87d9513ab8bb8fe63bdb0979c448e684660"
@@ -4853,7 +5110,7 @@ json-schema-traverse@^1.0.0:
   resolved "https://registry.yarnpkg.com/json-schema-traverse/-/json-schema-traverse-1.0.0.tgz#ae7bcb3656ab77a73ba5c49bf654f38e6b6860e2"
   integrity sha512-NM8/P9n3XjXhIZn1lLhkFaACTOURQXjWhV4BA/RnOv8xvgqtqpAX9IO4mRQxSx1Rlo4tqzeqb0sOlruaOy3dug==
 
-json5@^2.1.2, json5@^2.2.2:
+json5@^2.0.0, json5@^2.1.2, json5@^2.2.2:
   version "2.2.3"
   resolved "https://registry.yarnpkg.com/json5/-/json5-2.2.3.tgz#78cd6f1a19bdc12b73db5ad0c61efd66c1e29283"
   integrity sha512-XmOWe7eyHYH14cLdVPoyg+GOH3rYX++KpzrylJwSW98t3Nk+U8XOl8FWKOgwtzdb8lXGf6zYwDUzeHMWfxasyg==
@@ -4889,6 +5146,11 @@ kleur@^3.0.3:
   resolved "https://registry.yarnpkg.com/kleur/-/kleur-3.0.3.tgz#a79c9ecc86ee1ce3fa6206d1216c501f147fc07e"
   integrity sha512-eTIzlVOSUR+JxdDFepEYcBMtZ9Qqdef+rnzWdRZuMbOywu5tO2w2N7rqjoANZ5k9vywhL6Br1VRjUIgTQx4E8w==
 
+kleur@^4.0.3:
+  version "4.1.5"
+  resolved "https://registry.yarnpkg.com/kleur/-/kleur-4.1.5.tgz#95106101795f7050c6c650f350c683febddb1780"
+  integrity sha512-o+NO+8WrRiQEE4/7nwRJhN1HWpVmJm511pBHUxPLtp0BUISzlBplORYSmTclCnJvQq2tKu/sgl3xVpkc7ZWuQQ==
+
 klona@^2.0.5:
   version "2.0.6"
   resolved "https://registry.yarnpkg.com/klona/-/klona-2.0.6.tgz#85bffbf819c03b2f53270412420a4555ef882e22"
@@ -4916,6 +5178,11 @@ lines-and-columns@^1.1.6:
   resolved "https://registry.yarnpkg.com/lines-and-columns/-/lines-and-columns-1.2.4.tgz#eca284f75d2965079309dc0ad9255abb2ebc1632"
   integrity sha512-7ylylesZQ/PV29jhEDl3Ufjo6ZX7gCqJr5F7PKrqc93v7fzSymt1BpwEU8nAUXs8qzzvqhbjhK5QZg6Mt/HkBg==
 
+lines-and-columns@^2.0.2:
+  version "2.0.3"
+  resolved "https://registry.yarnpkg.com/lines-and-columns/-/lines-and-columns-2.0.3.tgz#b2f0badedb556b747020ab8ea7f0373e22efac1b"
+  integrity sha512-cNOjgCnLB+FnvWWtyRTzmB3POJ+cXxTA81LoW7u8JdmhfXzriropYwpjShnz1QLLWsQwY7nIxoDmcPTwphDK9w==
+
 linkify-it@^3.0.1:
   version "3.0.3"
   resolved "https://registry.yarnpkg.com/linkify-it/-/linkify-it-3.0.3.tgz#a98baf44ce45a550efb4d49c769d07524cc2fa2e"
@@ -4923,6 +5190,14 @@ linkify-it@^3.0.1:
   dependencies:
     uc.micro "^1.0.1"
 
+load-plugin@^5.0.0:
+  version "5.1.0"
+  resolved "https://registry.yarnpkg.com/load-plugin/-/load-plugin-5.1.0.tgz#15600f5191c742b16e058cfc908c227c13db0104"
+  integrity sha512-Lg1CZa1CFj2CbNaxijTL6PCbzd4qGTlZov+iH2p5Xwy/ApcZJh+i6jMN2cYePouTfjJfrNu3nXFdEw8LvbjPFQ==
+  dependencies:
+    "@npmcli/config" "^6.0.0"
+    import-meta-resolve "^2.0.0"
+
 loader-runner@^4.2.0:
   version "4.3.0"
   resolved "https://registry.yarnpkg.com/loader-runner/-/loader-runner-4.3.0.tgz#c1b4a163b99f614830353b16755e7149ac2314e1"
@@ -4994,6 +5269,11 @@ lodash@^4.17.19, lodash@^4.17.20, lodash@^4.17.21:
   resolved "https://registry.yarnpkg.com/lodash/-/lodash-4.17.21.tgz#679591c564c3bffaae8454cf0b3df370c3d6911c"
   integrity sha512-v2kDEe57lecTulaDIuNTPy3Ry4gLGJ6Z1O3vE1krgXZNrsQ+LFTGHVxVjcXPs17LhbZVGedAJv8XZ1tvj5FvSg==
 
+longest-streak@^3.0.0:
+  version "3.1.0"
+  resolved "https://registry.yarnpkg.com/longest-streak/-/longest-streak-3.1.0.tgz#62fa67cd958742a1574af9f39866364102d90cd4"
+  integrity sha512-9Ri+o0JYgehTaVBBDoMqIl8GXtbWg711O3srftcHhZ0dqnETqLaoIK0x17fUw9rFSlK/0NlsKe0Ahhyl5pXE2g==
+
 loose-envify@^1.0.0, loose-envify@^1.1.0, loose-envify@^1.2.0, loose-envify@^1.3.1, loose-envify@^1.4.0:
   version "1.4.0"
   resolved "https://registry.yarnpkg.com/loose-envify/-/loose-envify-1.4.0.tgz#71ee51fa7be4caec1a63839f7e682d8132d30caf"
@@ -5083,6 +5363,14 @@ markdownlint@~0.25.1:
   dependencies:
     markdown-it "12.3.2"
 
+mdast-comment-marker@^2.0.0:
+  version "2.1.1"
+  resolved "https://registry.yarnpkg.com/mdast-comment-marker/-/mdast-comment-marker-2.1.1.tgz#1c8540dc25d38c384c506068f97ca3447d1db92a"
+  integrity sha512-ktFfySmbRfOPiWoLkRKqkkyYkDnBVX5b5FqXwnvV1TmgVOl49ETsYK4hPKqrlM15y7AtxNDKIKwJRkZa3TWkng==
+  dependencies:
+    "@types/mdast" "^3.0.0"
+    mdast-util-mdx-expression "^1.1.0"
+
 mdast-squeeze-paragraphs@^4.0.0:
   version "4.0.0"
   resolved "https://registry.yarnpkg.com/mdast-squeeze-paragraphs/-/mdast-squeeze-paragraphs-4.0.0.tgz#7c4c114679c3bee27ef10b58e2e015be79f1ef97"
@@ -5097,6 +5385,90 @@ mdast-util-definitions@^4.0.0:
   dependencies:
     unist-util-visit "^2.0.0"
 
+mdast-util-from-markdown@^1.0.0, mdast-util-from-markdown@^1.1.0:
+  version "1.3.0"
+  resolved "https://registry.yarnpkg.com/mdast-util-from-markdown/-/mdast-util-from-markdown-1.3.0.tgz#0214124154f26154a2b3f9d401155509be45e894"
+  integrity sha512-HN3W1gRIuN/ZW295c7zi7g9lVBllMgZE40RxCX37wrTPWXCWtpvOZdfnuK+1WNpvZje6XuJeI3Wnb4TJEUem+g==
+  dependencies:
+    "@types/mdast" "^3.0.0"
+    "@types/unist" "^2.0.0"
+    decode-named-character-reference "^1.0.0"
+    mdast-util-to-string "^3.1.0"
+    micromark "^3.0.0"
+    micromark-util-decode-numeric-character-reference "^1.0.0"
+    micromark-util-decode-string "^1.0.0"
+    micromark-util-normalize-identifier "^1.0.0"
+    micromark-util-symbol "^1.0.0"
+    micromark-util-types "^1.0.0"
+    unist-util-stringify-position "^3.0.0"
+    uvu "^0.5.0"
+
+mdast-util-heading-style@^2.0.0:
+  version "2.0.1"
+  resolved "https://registry.yarnpkg.com/mdast-util-heading-style/-/mdast-util-heading-style-2.0.1.tgz#078cb0120a06af777c60413f7ba10f6d071b4672"
+  integrity sha512-0L5rthU4xKDVbw+UQ7D8Y8xOEsX4JXZvemWoEAsL+WAaeSH+TvVVwFnTb3G/OrjyP4VYQULoNWU+PdZfkmNu4A==
+  dependencies:
+    "@types/mdast" "^3.0.0"
+
+mdast-util-mdx-expression@^1.0.0, mdast-util-mdx-expression@^1.1.0:
+  version "1.3.2"
+  resolved "https://registry.yarnpkg.com/mdast-util-mdx-expression/-/mdast-util-mdx-expression-1.3.2.tgz#d027789e67524d541d6de543f36d51ae2586f220"
+  integrity sha512-xIPmR5ReJDu/DHH1OoIT1HkuybIfRGYRywC+gJtI7qHjCJp/M9jrmBEJW22O8lskDWm562BX2W8TiAwRTb0rKA==
+  dependencies:
+    "@types/estree-jsx" "^1.0.0"
+    "@types/hast" "^2.0.0"
+    "@types/mdast" "^3.0.0"
+    mdast-util-from-markdown "^1.0.0"
+    mdast-util-to-markdown "^1.0.0"
+
+mdast-util-mdx-jsx@^2.0.0:
+  version "2.1.2"
+  resolved "https://registry.yarnpkg.com/mdast-util-mdx-jsx/-/mdast-util-mdx-jsx-2.1.2.tgz#694a46164db10c0e9d674a3772b8748dfddd0817"
+  integrity sha512-o9vBCYQK5ZLGEj3tCGISJGjvafyHRVJlZmfJzSE7xjiogSzIeph/Z4zMY65q4WGRMezQBeAwPlrdymDYYYx0tA==
+  dependencies:
+    "@types/estree-jsx" "^1.0.0"
+    "@types/hast" "^2.0.0"
+    "@types/mdast" "^3.0.0"
+    "@types/unist" "^2.0.0"
+    ccount "^2.0.0"
+    mdast-util-from-markdown "^1.1.0"
+    mdast-util-to-markdown "^1.3.0"
+    parse-entities "^4.0.0"
+    stringify-entities "^4.0.0"
+    unist-util-remove-position "^4.0.0"
+    unist-util-stringify-position "^3.0.0"
+    vfile-message "^3.0.0"
+
+mdast-util-mdx@^2.0.0:
+  version "2.0.1"
+  resolved "https://registry.yarnpkg.com/mdast-util-mdx/-/mdast-util-mdx-2.0.1.tgz#49b6e70819b99bb615d7223c088d295e53bb810f"
+  integrity sha512-38w5y+r8nyKlGvNjSEqWrhG0w5PmnRA+wnBvm+ulYCct7nsGYhFVb0lljS9bQav4psDAS1eGkP2LMVcZBi/aqw==
+  dependencies:
+    mdast-util-from-markdown "^1.0.0"
+    mdast-util-mdx-expression "^1.0.0"
+    mdast-util-mdx-jsx "^2.0.0"
+    mdast-util-mdxjs-esm "^1.0.0"
+    mdast-util-to-markdown "^1.0.0"
+
+mdast-util-mdxjs-esm@^1.0.0:
+  version "1.3.1"
+  resolved "https://registry.yarnpkg.com/mdast-util-mdxjs-esm/-/mdast-util-mdxjs-esm-1.3.1.tgz#645d02cd607a227b49721d146fd81796b2e2d15b"
+  integrity sha512-SXqglS0HrEvSdUEfoXFtcg7DRl7S2cwOXc7jkuusG472Mmjag34DUDeOJUZtl+BVnyeO1frIgVpHlNRWc2gk/w==
+  dependencies:
+    "@types/estree-jsx" "^1.0.0"
+    "@types/hast" "^2.0.0"
+    "@types/mdast" "^3.0.0"
+    mdast-util-from-markdown "^1.0.0"
+    mdast-util-to-markdown "^1.0.0"
+
+mdast-util-phrasing@^3.0.0:
+  version "3.0.1"
+  resolved "https://registry.yarnpkg.com/mdast-util-phrasing/-/mdast-util-phrasing-3.0.1.tgz#c7c21d0d435d7fb90956038f02e8702781f95463"
+  integrity sha512-WmI1gTXUBJo4/ZmSk79Wcb2HcjPJBzM1nlI/OUWA8yk2X9ik3ffNbBGsU+09BFmXaL1IBb9fiuvq6/KMiNycSg==
+  dependencies:
+    "@types/mdast" "^3.0.0"
+    unist-util-is "^5.0.0"
+
 mdast-util-to-hast@10.0.1:
   version "10.0.1"
   resolved "https://registry.yarnpkg.com/mdast-util-to-hast/-/mdast-util-to-hast-10.0.1.tgz#0cfc82089494c52d46eb0e3edb7a4eb2aea021eb"
@@ -5111,11 +5483,32 @@ mdast-util-to-hast@10.0.1:
     unist-util-position "^3.0.0"
     unist-util-visit "^2.0.0"
 
+mdast-util-to-markdown@^1.0.0, mdast-util-to-markdown@^1.3.0:
+  version "1.5.0"
+  resolved "https://registry.yarnpkg.com/mdast-util-to-markdown/-/mdast-util-to-markdown-1.5.0.tgz#c13343cb3fc98621911d33b5cd42e7d0731171c6"
+  integrity sha512-bbv7TPv/WC49thZPg3jXuqzuvI45IL2EVAr/KxF0BSdHsU0ceFHOmwQn6evxAh1GaoK/6GQ1wp4R4oW2+LFL/A==
+  dependencies:
+    "@types/mdast" "^3.0.0"
+    "@types/unist" "^2.0.0"
+    longest-streak "^3.0.0"
+    mdast-util-phrasing "^3.0.0"
+    mdast-util-to-string "^3.0.0"
+    micromark-util-decode-string "^1.0.0"
+    unist-util-visit "^4.0.0"
+    zwitch "^2.0.0"
+
 mdast-util-to-string@^2.0.0:
   version "2.0.0"
   resolved "https://registry.yarnpkg.com/mdast-util-to-string/-/mdast-util-to-string-2.0.0.tgz#b8cfe6a713e1091cb5b728fc48885a4767f8b97b"
   integrity sha512-AW4DRS3QbBayY/jJmD8437V1Gombjf8RSOUCMFBuo5iHi58AGEgVCKQ+ezHkZZDpAQS75hcBMpLqjpJTjtUL7w==
 
+mdast-util-to-string@^3.0.0, mdast-util-to-string@^3.1.0:
+  version "3.1.1"
+  resolved "https://registry.yarnpkg.com/mdast-util-to-string/-/mdast-util-to-string-3.1.1.tgz#db859050d79d48cf9896d294de06f3ede7474d16"
+  integrity sha512-tGvhT94e+cVnQt8JWE9/b3cUQZWS732TJxXHktvP+BYo62PpYD53Ls/6cC60rW21dW+txxiM4zMdc6abASvZKA==
+  dependencies:
+    "@types/mdast" "^3.0.0"
+
 mdn-data@2.0.14:
   version "2.0.14"
   resolved "https://registry.yarnpkg.com/mdn-data/-/mdn-data-2.0.14.tgz#7113fc4281917d63ce29b43446f701e68c25ba50"
@@ -5158,6 +5551,291 @@ methods@~1.1.2:
   resolved "https://registry.yarnpkg.com/methods/-/methods-1.1.2.tgz#5529a4d67654134edcc5266656835b0f851afcee"
   integrity sha512-iclAHeNqNm68zFtnZ0e+1L2yUIdvzNoauKU4WBA3VvH/vPFieF7qfRlwUZU+DA9P9bPXIS90ulxoUoCH23sV2w==
 
+micromark-core-commonmark@^1.0.0, micromark-core-commonmark@^1.0.1:
+  version "1.0.6"
+  resolved "https://registry.yarnpkg.com/micromark-core-commonmark/-/micromark-core-commonmark-1.0.6.tgz#edff4c72e5993d93724a3c206970f5a15b0585ad"
+  integrity sha512-K+PkJTxqjFfSNkfAhp4GB+cZPfQd6dxtTXnf+RjZOV7T4EEXnvgzOcnp+eSTmpGk9d1S9sL6/lqrgSNn/s0HZA==
+  dependencies:
+    decode-named-character-reference "^1.0.0"
+    micromark-factory-destination "^1.0.0"
+    micromark-factory-label "^1.0.0"
+    micromark-factory-space "^1.0.0"
+    micromark-factory-title "^1.0.0"
+    micromark-factory-whitespace "^1.0.0"
+    micromark-util-character "^1.0.0"
+    micromark-util-chunked "^1.0.0"
+    micromark-util-classify-character "^1.0.0"
+    micromark-util-html-tag-name "^1.0.0"
+    micromark-util-normalize-identifier "^1.0.0"
+    micromark-util-resolve-all "^1.0.0"
+    micromark-util-subtokenize "^1.0.0"
+    micromark-util-symbol "^1.0.0"
+    micromark-util-types "^1.0.1"
+    uvu "^0.5.0"
+
+micromark-extension-mdx-expression@^1.0.0:
+  version "1.0.4"
+  resolved "https://registry.yarnpkg.com/micromark-extension-mdx-expression/-/micromark-extension-mdx-expression-1.0.4.tgz#33fe2c6ee214738255de175a084281c11894ddda"
+  integrity sha512-TCgLxqW6ReQ3AJgtj1P0P+8ZThBTloLbeb7jNaqr6mCOLDpxUiBFE/9STgooMZttEwOQu5iEcCCa3ZSDhY9FGw==
+  dependencies:
+    micromark-factory-mdx-expression "^1.0.0"
+    micromark-factory-space "^1.0.0"
+    micromark-util-character "^1.0.0"
+    micromark-util-events-to-acorn "^1.0.0"
+    micromark-util-symbol "^1.0.0"
+    micromark-util-types "^1.0.0"
+    uvu "^0.5.0"
+
+micromark-extension-mdx-jsx@^1.0.0:
+  version "1.0.3"
+  resolved "https://registry.yarnpkg.com/micromark-extension-mdx-jsx/-/micromark-extension-mdx-jsx-1.0.3.tgz#9f196be5f65eb09d2a49b237a7b3398bba2999be"
+  integrity sha512-VfA369RdqUISF0qGgv2FfV7gGjHDfn9+Qfiv5hEwpyr1xscRj/CiVRkU7rywGFCO7JwJ5L0e7CJz60lY52+qOA==
+  dependencies:
+    "@types/acorn" "^4.0.0"
+    estree-util-is-identifier-name "^2.0.0"
+    micromark-factory-mdx-expression "^1.0.0"
+    micromark-factory-space "^1.0.0"
+    micromark-util-character "^1.0.0"
+    micromark-util-symbol "^1.0.0"
+    micromark-util-types "^1.0.0"
+    uvu "^0.5.0"
+    vfile-message "^3.0.0"
+
+micromark-extension-mdx-md@^1.0.0:
+  version "1.0.0"
+  resolved "https://registry.yarnpkg.com/micromark-extension-mdx-md/-/micromark-extension-mdx-md-1.0.0.tgz#382f5df9ee3706dd120b51782a211f31f4760d22"
+  integrity sha512-xaRAMoSkKdqZXDAoSgp20Azm0aRQKGOl0RrS81yGu8Hr/JhMsBmfs4wR7m9kgVUIO36cMUQjNyiyDKPrsv8gOw==
+  dependencies:
+    micromark-util-types "^1.0.0"
+
+micromark-extension-mdxjs-esm@^1.0.0:
+  version "1.0.3"
+  resolved "https://registry.yarnpkg.com/micromark-extension-mdxjs-esm/-/micromark-extension-mdxjs-esm-1.0.3.tgz#630d9dc9db2c2fd470cac8c1e7a824851267404d"
+  integrity sha512-2N13ol4KMoxb85rdDwTAC6uzs8lMX0zeqpcyx7FhS7PxXomOnLactu8WI8iBNXW8AVyea3KIJd/1CKnUmwrK9A==
+  dependencies:
+    micromark-core-commonmark "^1.0.0"
+    micromark-util-character "^1.0.0"
+    micromark-util-events-to-acorn "^1.0.0"
+    micromark-util-symbol "^1.0.0"
+    micromark-util-types "^1.0.0"
+    unist-util-position-from-estree "^1.1.0"
+    uvu "^0.5.0"
+    vfile-message "^3.0.0"
+
+micromark-extension-mdxjs@^1.0.0:
+  version "1.0.0"
+  resolved "https://registry.yarnpkg.com/micromark-extension-mdxjs/-/micromark-extension-mdxjs-1.0.0.tgz#772644e12fc8299a33e50f59c5aa15727f6689dd"
+  integrity sha512-TZZRZgeHvtgm+IhtgC2+uDMR7h8eTKF0QUX9YsgoL9+bADBpBY6SiLvWqnBlLbCEevITmTqmEuY3FoxMKVs1rQ==
+  dependencies:
+    acorn "^8.0.0"
+    acorn-jsx "^5.0.0"
+    micromark-extension-mdx-expression "^1.0.0"
+    micromark-extension-mdx-jsx "^1.0.0"
+    micromark-extension-mdx-md "^1.0.0"
+    micromark-extension-mdxjs-esm "^1.0.0"
+    micromark-util-combine-extensions "^1.0.0"
+    micromark-util-types "^1.0.0"
+
+micromark-factory-destination@^1.0.0:
+  version "1.0.0"
+  resolved "https://registry.yarnpkg.com/micromark-factory-destination/-/micromark-factory-destination-1.0.0.tgz#fef1cb59ad4997c496f887b6977aa3034a5a277e"
+  integrity sha512-eUBA7Rs1/xtTVun9TmV3gjfPz2wEwgK5R5xcbIM5ZYAtvGF6JkyaDsj0agx8urXnO31tEO6Ug83iVH3tdedLnw==
+  dependencies:
+    micromark-util-character "^1.0.0"
+    micromark-util-symbol "^1.0.0"
+    micromark-util-types "^1.0.0"
+
+micromark-factory-label@^1.0.0:
+  version "1.0.2"
+  resolved "https://registry.yarnpkg.com/micromark-factory-label/-/micromark-factory-label-1.0.2.tgz#6be2551fa8d13542fcbbac478258fb7a20047137"
+  integrity sha512-CTIwxlOnU7dEshXDQ+dsr2n+yxpP0+fn271pu0bwDIS8uqfFcumXpj5mLn3hSC8iw2MUr6Gx8EcKng1dD7i6hg==
+  dependencies:
+    micromark-util-character "^1.0.0"
+    micromark-util-symbol "^1.0.0"
+    micromark-util-types "^1.0.0"
+    uvu "^0.5.0"
+
+micromark-factory-mdx-expression@^1.0.0:
+  version "1.0.7"
+  resolved "https://registry.yarnpkg.com/micromark-factory-mdx-expression/-/micromark-factory-mdx-expression-1.0.7.tgz#e38298dc1f7eaf6ba1d9f210531ceae17155c00f"
+  integrity sha512-QAdFbkQagTZ/eKb8zDGqmjvgevgJH3+aQpvvKrXWxNJp3o8/l2cAbbrBd0E04r0Gx6nssPpqWIjnbHFvZu5qsQ==
+  dependencies:
+    micromark-factory-space "^1.0.0"
+    micromark-util-character "^1.0.0"
+    micromark-util-events-to-acorn "^1.0.0"
+    micromark-util-symbol "^1.0.0"
+    micromark-util-types "^1.0.0"
+    unist-util-position-from-estree "^1.0.0"
+    uvu "^0.5.0"
+    vfile-message "^3.0.0"
+
+micromark-factory-space@^1.0.0:
+  version "1.0.0"
+  resolved "https://registry.yarnpkg.com/micromark-factory-space/-/micromark-factory-space-1.0.0.tgz#cebff49968f2b9616c0fcb239e96685cb9497633"
+  integrity sha512-qUmqs4kj9a5yBnk3JMLyjtWYN6Mzfcx8uJfi5XAveBniDevmZasdGBba5b4QsvRcAkmvGo5ACmSUmyGiKTLZew==
+  dependencies:
+    micromark-util-character "^1.0.0"
+    micromark-util-types "^1.0.0"
+
+micromark-factory-title@^1.0.0:
+  version "1.0.2"
+  resolved "https://registry.yarnpkg.com/micromark-factory-title/-/micromark-factory-title-1.0.2.tgz#7e09287c3748ff1693930f176e1c4a328382494f"
+  integrity sha512-zily+Nr4yFqgMGRKLpTVsNl5L4PMu485fGFDOQJQBl2NFpjGte1e86zC0da93wf97jrc4+2G2GQudFMHn3IX+A==
+  dependencies:
+    micromark-factory-space "^1.0.0"
+    micromark-util-character "^1.0.0"
+    micromark-util-symbol "^1.0.0"
+    micromark-util-types "^1.0.0"
+    uvu "^0.5.0"
+
+micromark-factory-whitespace@^1.0.0:
+  version "1.0.0"
+  resolved "https://registry.yarnpkg.com/micromark-factory-whitespace/-/micromark-factory-whitespace-1.0.0.tgz#e991e043ad376c1ba52f4e49858ce0794678621c"
+  integrity sha512-Qx7uEyahU1lt1RnsECBiuEbfr9INjQTGa6Err+gF3g0Tx4YEviPbqqGKNv/NrBaE7dVHdn1bVZKM/n5I/Bak7A==
+  dependencies:
+    micromark-factory-space "^1.0.0"
+    micromark-util-character "^1.0.0"
+    micromark-util-symbol "^1.0.0"
+    micromark-util-types "^1.0.0"
+
+micromark-util-character@^1.0.0:
+  version "1.1.0"
+  resolved "https://registry.yarnpkg.com/micromark-util-character/-/micromark-util-character-1.1.0.tgz#d97c54d5742a0d9611a68ca0cd4124331f264d86"
+  integrity sha512-agJ5B3unGNJ9rJvADMJ5ZiYjBRyDpzKAOk01Kpi1TKhlT1APx3XZk6eN7RtSz1erbWHC2L8T3xLZ81wdtGRZzg==
+  dependencies:
+    micromark-util-symbol "^1.0.0"
+    micromark-util-types "^1.0.0"
+
+micromark-util-chunked@^1.0.0:
+  version "1.0.0"
+  resolved "https://registry.yarnpkg.com/micromark-util-chunked/-/micromark-util-chunked-1.0.0.tgz#5b40d83f3d53b84c4c6bce30ed4257e9a4c79d06"
+  integrity sha512-5e8xTis5tEZKgesfbQMKRCyzvffRRUX+lK/y+DvsMFdabAicPkkZV6gO+FEWi9RfuKKoxxPwNL+dFF0SMImc1g==
+  dependencies:
+    micromark-util-symbol "^1.0.0"
+
+micromark-util-classify-character@^1.0.0:
+  version "1.0.0"
+  resolved "https://registry.yarnpkg.com/micromark-util-classify-character/-/micromark-util-classify-character-1.0.0.tgz#cbd7b447cb79ee6997dd274a46fc4eb806460a20"
+  integrity sha512-F8oW2KKrQRb3vS5ud5HIqBVkCqQi224Nm55o5wYLzY/9PwHGXC01tr3d7+TqHHz6zrKQ72Okwtvm/xQm6OVNZA==
+  dependencies:
+    micromark-util-character "^1.0.0"
+    micromark-util-symbol "^1.0.0"
+    micromark-util-types "^1.0.0"
+
+micromark-util-combine-extensions@^1.0.0:
+  version "1.0.0"
+  resolved "https://registry.yarnpkg.com/micromark-util-combine-extensions/-/micromark-util-combine-extensions-1.0.0.tgz#91418e1e74fb893e3628b8d496085639124ff3d5"
+  integrity sha512-J8H058vFBdo/6+AsjHp2NF7AJ02SZtWaVUjsayNFeAiydTxUwViQPxN0Hf8dp4FmCQi0UUFovFsEyRSUmFH3MA==
+  dependencies:
+    micromark-util-chunked "^1.0.0"
+    micromark-util-types "^1.0.0"
+
+micromark-util-decode-numeric-character-reference@^1.0.0:
+  version "1.0.0"
+  resolved "https://registry.yarnpkg.com/micromark-util-decode-numeric-character-reference/-/micromark-util-decode-numeric-character-reference-1.0.0.tgz#dcc85f13b5bd93ff8d2868c3dba28039d490b946"
+  integrity sha512-OzO9AI5VUtrTD7KSdagf4MWgHMtET17Ua1fIpXTpuhclCqD8egFWo85GxSGvxgkGS74bEahvtM0WP0HjvV0e4w==
+  dependencies:
+    micromark-util-symbol "^1.0.0"
+
+micromark-util-decode-string@^1.0.0:
+  version "1.0.2"
+  resolved "https://registry.yarnpkg.com/micromark-util-decode-string/-/micromark-util-decode-string-1.0.2.tgz#942252ab7a76dec2dbf089cc32505ee2bc3acf02"
+  integrity sha512-DLT5Ho02qr6QWVNYbRZ3RYOSSWWFuH3tJexd3dgN1odEuPNxCngTCXJum7+ViRAd9BbdxCvMToPOD/IvVhzG6Q==
+  dependencies:
+    decode-named-character-reference "^1.0.0"
+    micromark-util-character "^1.0.0"
+    micromark-util-decode-numeric-character-reference "^1.0.0"
+    micromark-util-symbol "^1.0.0"
+
+micromark-util-encode@^1.0.0:
+  version "1.0.1"
+  resolved "https://registry.yarnpkg.com/micromark-util-encode/-/micromark-util-encode-1.0.1.tgz#2c1c22d3800870ad770ece5686ebca5920353383"
+  integrity sha512-U2s5YdnAYexjKDel31SVMPbfi+eF8y1U4pfiRW/Y8EFVCy/vgxk/2wWTxzcqE71LHtCuCzlBDRU2a5CQ5j+mQA==
+
+micromark-util-events-to-acorn@^1.0.0:
+  version "1.2.1"
+  resolved "https://registry.yarnpkg.com/micromark-util-events-to-acorn/-/micromark-util-events-to-acorn-1.2.1.tgz#d5b9dfbc589ece7917de24de0a57b909c0d36583"
+  integrity sha512-mkg3BaWlw6ZTkQORrKVBW4o9ICXPxLtGz51vml5mQpKFdo9vqIX68CAx5JhTOdjQyAHH7JFmm4rh8toSPQZUmg==
+  dependencies:
+    "@types/acorn" "^4.0.0"
+    "@types/estree" "^1.0.0"
+    estree-util-visit "^1.0.0"
+    micromark-util-types "^1.0.0"
+    uvu "^0.5.0"
+    vfile-location "^4.0.0"
+    vfile-message "^3.0.0"
+
+micromark-util-html-tag-name@^1.0.0:
+  version "1.1.0"
+  resolved "https://registry.yarnpkg.com/micromark-util-html-tag-name/-/micromark-util-html-tag-name-1.1.0.tgz#eb227118befd51f48858e879b7a419fc0df20497"
+  integrity sha512-BKlClMmYROy9UiV03SwNmckkjn8QHVaWkqoAqzivabvdGcwNGMMMH/5szAnywmsTBUzDsU57/mFi0sp4BQO6dA==
+
+micromark-util-normalize-identifier@^1.0.0:
+  version "1.0.0"
+  resolved "https://registry.yarnpkg.com/micromark-util-normalize-identifier/-/micromark-util-normalize-identifier-1.0.0.tgz#4a3539cb8db954bbec5203952bfe8cedadae7828"
+  integrity sha512-yg+zrL14bBTFrQ7n35CmByWUTFsgst5JhA4gJYoty4Dqzj4Z4Fr/DHekSS5aLfH9bdlfnSvKAWsAgJhIbogyBg==
+  dependencies:
+    micromark-util-symbol "^1.0.0"
+
+micromark-util-resolve-all@^1.0.0:
+  version "1.0.0"
+  resolved "https://registry.yarnpkg.com/micromark-util-resolve-all/-/micromark-util-resolve-all-1.0.0.tgz#a7c363f49a0162e931960c44f3127ab58f031d88"
+  integrity sha512-CB/AGk98u50k42kvgaMM94wzBqozSzDDaonKU7P7jwQIuH2RU0TeBqGYJz2WY1UdihhjweivStrJ2JdkdEmcfw==
+  dependencies:
+    micromark-util-types "^1.0.0"
+
+micromark-util-sanitize-uri@^1.0.0:
+  version "1.1.0"
+  resolved "https://registry.yarnpkg.com/micromark-util-sanitize-uri/-/micromark-util-sanitize-uri-1.1.0.tgz#f12e07a85106b902645e0364feb07cf253a85aee"
+  integrity sha512-RoxtuSCX6sUNtxhbmsEFQfWzs8VN7cTctmBPvYivo98xb/kDEoTCtJQX5wyzIYEmk/lvNFTat4hL8oW0KndFpg==
+  dependencies:
+    micromark-util-character "^1.0.0"
+    micromark-util-encode "^1.0.0"
+    micromark-util-symbol "^1.0.0"
+
+micromark-util-subtokenize@^1.0.0:
+  version "1.0.2"
+  resolved "https://registry.yarnpkg.com/micromark-util-subtokenize/-/micromark-util-subtokenize-1.0.2.tgz#ff6f1af6ac836f8bfdbf9b02f40431760ad89105"
+  integrity sha512-d90uqCnXp/cy4G881Ub4psE57Sf8YD0pim9QdjCRNjfas2M1u6Lbt+XZK9gnHL2XFhnozZiEdCa9CNfXSfQ6xA==
+  dependencies:
+    micromark-util-chunked "^1.0.0"
+    micromark-util-symbol "^1.0.0"
+    micromark-util-types "^1.0.0"
+    uvu "^0.5.0"
+
+micromark-util-symbol@^1.0.0:
+  version "1.0.1"
+  resolved "https://registry.yarnpkg.com/micromark-util-symbol/-/micromark-util-symbol-1.0.1.tgz#b90344db62042ce454f351cf0bebcc0a6da4920e"
+  integrity sha512-oKDEMK2u5qqAptasDAwWDXq0tG9AssVwAx3E9bBF3t/shRIGsWIRG+cGafs2p/SnDSOecnt6hZPCE2o6lHfFmQ==
+
+micromark-util-types@^1.0.0, micromark-util-types@^1.0.1:
+  version "1.0.2"
+  resolved "https://registry.yarnpkg.com/micromark-util-types/-/micromark-util-types-1.0.2.tgz#f4220fdb319205812f99c40f8c87a9be83eded20"
+  integrity sha512-DCfg/T8fcrhrRKTPjRrw/5LLvdGV7BHySf/1LOZx7TzWZdYRjogNtyNq885z3nNallwr3QUKARjqvHqX1/7t+w==
+
+micromark@^3.0.0:
+  version "3.1.0"
+  resolved "https://registry.yarnpkg.com/micromark/-/micromark-3.1.0.tgz#eeba0fe0ac1c9aaef675157b52c166f125e89f62"
+  integrity sha512-6Mj0yHLdUZjHnOPgr5xfWIMqMWS12zDN6iws9SLuSz76W8jTtAv24MN4/CL7gJrl5vtxGInkkqDv/JIoRsQOvA==
+  dependencies:
+    "@types/debug" "^4.0.0"
+    debug "^4.0.0"
+    decode-named-character-reference "^1.0.0"
+    micromark-core-commonmark "^1.0.1"
+    micromark-factory-space "^1.0.0"
+    micromark-util-character "^1.0.0"
+    micromark-util-chunked "^1.0.0"
+    micromark-util-combine-extensions "^1.0.0"
+    micromark-util-decode-numeric-character-reference "^1.0.0"
+    micromark-util-encode "^1.0.0"
+    micromark-util-normalize-identifier "^1.0.0"
+    micromark-util-resolve-all "^1.0.0"
+    micromark-util-sanitize-uri "^1.0.0"
+    micromark-util-subtokenize "^1.0.0"
+    micromark-util-symbol "^1.0.0"
+    micromark-util-types "^1.0.1"
+    uvu "^0.5.0"
+
 micromatch@^4.0.2, micromatch@^4.0.4, micromatch@^4.0.5:
   version "4.0.5"
   resolved "https://registry.yarnpkg.com/micromatch/-/micromatch-4.0.5.tgz#bc8999a7cbbf77cdc89f132f6e467051b49090c6"
@@ -5224,6 +5902,20 @@ minimatch@3.1.2, minimatch@^3.0.4, minimatch@^3.0.5, minimatch@^3.1.1:
   dependencies:
     brace-expansion "^1.1.7"
 
+minimatch@^5.0.1:
+  version "5.1.6"
+  resolved "https://registry.yarnpkg.com/minimatch/-/minimatch-5.1.6.tgz#1cfcb8cf5522ea69952cd2af95ae09477f122a96"
+  integrity sha512-lKwV/1brpG6mBUFHtb7NUmtABCb2WZZmm2wNiOA5hAb8VdCS4B3dtMWyvcoViccwAW/COERjXLt0zP1zXUN26g==
+  dependencies:
+    brace-expansion "^2.0.1"
+
+minimatch@^6.1.6:
+  version "6.2.0"
+  resolved "https://registry.yarnpkg.com/minimatch/-/minimatch-6.2.0.tgz#2b70fd13294178c69c04dfc05aebdb97a4e79e42"
+  integrity sha512-sauLxniAmvnhhRjFwPNnJKaPFYyddAgbYdeUpHULtCT/GhzdCx/MDNy+Y40lBxTQUrMzDE8e0S43Z5uqfO0REg==
+  dependencies:
+    brace-expansion "^2.0.1"
+
 minimatch@~3.0.5:
   version "3.0.8"
   resolved "https://registry.yarnpkg.com/minimatch/-/minimatch-3.0.8.tgz#5e6a59bd11e2ab0de1cfb843eb2d82e546c321c1"
@@ -5231,11 +5923,16 @@ minimatch@~3.0.5:
   dependencies:
     brace-expansion "^1.1.7"
 
-minimist@^1.2.0, minimist@^1.2.5, minimist@^1.2.6:
+minimist@^1.0.0, minimist@^1.2.0, minimist@^1.2.5, minimist@^1.2.6:
   version "1.2.8"
   resolved "https://registry.yarnpkg.com/minimist/-/minimist-1.2.8.tgz#c1a464e7693302e082a075cee0c057741ac4772c"
   integrity sha512-2yyAR8qBkN3YuheJanUpWC5U3bb5osDywNB8RzDVlDwDHbocAJveqqj1u8+SVD7jkWT4yvsHCpWqqWqAxb0zCA==
 
+mri@^1.1.0:
+  version "1.2.0"
+  resolved "https://registry.yarnpkg.com/mri/-/mri-1.2.0.tgz#6721480fec2a11a4889861115a48b6cbe7cc8f0b"
+  integrity sha512-tzzskb3bG8LvYGFF/mDTpq3jpI6Q9wc3LEmBaghu+DdCssd1FakN7Bc0hVNmEyGq1bq3RgfkCb3cmQLpNPOroA==
+
 mrmime@^1.0.0:
   version "1.0.1"
   resolved "https://registry.yarnpkg.com/mrmime/-/mrmime-1.0.1.tgz#5f90c825fad4bdd41dc914eff5d1a8cfdaf24f27"
@@ -5311,6 +6008,13 @@ node-releases@^2.0.8:
   resolved "https://registry.yarnpkg.com/node-releases/-/node-releases-2.0.10.tgz#c311ebae3b6a148c89b1813fd7c4d3c024ef537f"
   integrity sha512-5GFldHPXVG/YZmFzJvKK2zDSzPKhEp0+ZR5SVaoSag9fsL5YgHbUHDfnG5494ISANDcK4KwPXAx2xqVEydmd7w==
 
+nopt@^7.0.0:
+  version "7.0.0"
+  resolved "https://registry.yarnpkg.com/nopt/-/nopt-7.0.0.tgz#09220f930c072109c98ef8aaf39e1d5f0ff9b0d4"
+  integrity sha512-e6Qw1rcrGoSxEH0hQ4GBSdUjkMOtXGhGFXdNT/3ZR0S37eR9DMj5za3dEDWE6o1T3/DP8ZOsPP4MIiky0c3QeA==
+  dependencies:
+    abbrev "^2.0.0"
+
 normalize-path@^3.0.0, normalize-path@~3.0.0:
   version "3.0.0"
   resolved "https://registry.yarnpkg.com/normalize-path/-/normalize-path-3.0.0.tgz#0dcd69ff23a1c9b11fd0978316644a0388216a65"
@@ -5331,6 +6035,11 @@ normalize-url@^6.0.1:
   resolved "https://registry.yarnpkg.com/normalize-url/-/normalize-url-6.1.0.tgz#40d0885b535deffe3f3147bec877d05fe4c5668a"
   integrity sha512-DlL+XwOy3NxAQ8xuC0okPgK46iuVNAK01YN7RueYBqqFeGsBjV9XmCAzAdgt+667bCl5kPh9EqKKDwnaPG1I7A==
 
+npm-normalize-package-bin@^3.0.0:
+  version "3.0.0"
+  resolved "https://registry.yarnpkg.com/npm-normalize-package-bin/-/npm-normalize-package-bin-3.0.0.tgz#6097436adb4ef09e2628b59a7882576fe53ce485"
+  integrity sha512-g+DPQSkusnk7HYXr75NtzkIP4+N81i3RPsGFidF3DzHd9MT9wWngmqoeg/fnHFz5MNdtG4w03s+QnhewSLTT2Q==
+
 npm-run-path@^4.0.1:
   version "4.0.1"
   resolved "https://registry.yarnpkg.com/npm-run-path/-/npm-run-path-4.0.1.tgz#b7ecd1e5ed53da8e37a55e1c2269e0b97ed748ea"
@@ -5517,6 +6226,20 @@ parse-entities@^2.0.0:
     is-decimal "^1.0.0"
     is-hexadecimal "^1.0.0"
 
+parse-entities@^4.0.0:
+  version "4.0.1"
+  resolved "https://registry.yarnpkg.com/parse-entities/-/parse-entities-4.0.1.tgz#4e2a01111fb1c986549b944af39eeda258fc9e4e"
+  integrity sha512-SWzvYcSJh4d/SGLIOQfZ/CoNv6BTlI6YEQ7Nj82oDVnRpwe/Z/F1EMx42x3JAOwGBlCjeCH0BRJQbQ/opHL17w==
+  dependencies:
+    "@types/unist" "^2.0.0"
+    character-entities "^2.0.0"
+    character-entities-legacy "^3.0.0"
+    character-reference-invalid "^2.0.0"
+    decode-named-character-reference "^1.0.0"
+    is-alphanumerical "^2.0.0"
+    is-decimal "^2.0.0"
+    is-hexadecimal "^2.0.0"
+
 parse-json@^5.0.0:
   version "5.2.0"
   resolved "https://registry.yarnpkg.com/parse-json/-/parse-json-5.2.0.tgz#c76fc66dee54231c962b22bcc8a72cf2f99753cd"
@@ -5527,6 +6250,16 @@ parse-json@^5.0.0:
     json-parse-even-better-errors "^2.3.0"
     lines-and-columns "^1.1.6"
 
+parse-json@^6.0.0:
+  version "6.0.2"
+  resolved "https://registry.yarnpkg.com/parse-json/-/parse-json-6.0.2.tgz#6bf79c201351cc12d5d66eba48d5a097c13dc200"
+  integrity sha512-SA5aMiaIjXkAiBrW/yPgLgQAQg42f7K3ACO+2l/zOvtQBwX58DMUsFJXelW2fx3yMBmWOVkR6j1MGsdSbCA4UA==
+  dependencies:
+    "@babel/code-frame" "^7.16.0"
+    error-ex "^1.3.2"
+    json-parse-even-better-errors "^2.3.1"
+    lines-and-columns "^2.0.2"
+
 parse-numeric-range@^1.3.0:
   version "1.3.0"
   resolved "https://registry.yarnpkg.com/parse-numeric-range/-/parse-numeric-range-1.3.0.tgz#7c63b61190d61e4d53a1197f0c83c47bb670ffa3"
@@ -5641,6 +6374,11 @@ pkg-up@^3.1.0:
   dependencies:
     find-up "^3.0.0"
 
+pluralize@^8.0.0:
+  version "8.0.0"
+  resolved "https://registry.yarnpkg.com/pluralize/-/pluralize-8.0.0.tgz#1a6fa16a38d12a1901e0320fa017051c539ce3b1"
+  integrity sha512-Nc3IT5yHzflTfbjgqWcCPpo7DaKy4FnpB0l/zCAW0Tc7jxAiuqSxHasntB3D7887LSrA93kDJ9IXovxJYxyLCA==
+
 postcss-calc@^8.2.3:
   version "8.2.4"
   resolved "https://registry.yarnpkg.com/postcss-calc/-/postcss-calc-8.2.4.tgz#77b9c29bfcbe8a07ff6693dc87050828889739a5"
@@ -5959,6 +6697,11 @@ prismjs@^1.28.0:
   resolved "https://registry.yarnpkg.com/prismjs/-/prismjs-1.29.0.tgz#f113555a8fa9b57c35e637bba27509dcf802dd12"
   integrity sha512-Kx/1w86q/epKcmte75LNrEoT+lX8pBpavuAbvJWRXar7Hz8jrtF+e3vY751p0R8H9HdArwaCTNDDzHg/ScJK1Q==
 
+proc-log@^3.0.0:
+  version "3.0.0"
+  resolved "https://registry.yarnpkg.com/proc-log/-/proc-log-3.0.0.tgz#fb05ef83ccd64fd7b20bbe9c8c1070fc08338dd8"
+  integrity sha512-++Vn7NS4Xf9NacaU9Xq3URUuqZETPsf8L4j5/ckhaRYsfPeRyzGw+iDjFhV/Jr3uNmTvvddEJFWh5R1gRgUH8A==
+
 process-nextick-args@~2.0.0:
   version "2.0.1"
   resolved "https://registry.yarnpkg.com/process-nextick-args/-/process-nextick-args-2.0.1.tgz#7820d9b16120cc55ca9ae7792680ae7dba6d7fe2"
@@ -6238,6 +6981,14 @@ react@^17.0.2:
     loose-envify "^1.1.0"
     object-assign "^4.1.1"
 
+read-package-json-fast@^3.0.0, read-package-json-fast@^3.0.2:
+  version "3.0.2"
+  resolved "https://registry.yarnpkg.com/read-package-json-fast/-/read-package-json-fast-3.0.2.tgz#394908a9725dc7a5f14e70c8e7556dff1d2b1049"
+  integrity sha512-0J+Msgym3vrLOUB3hzQCuZHII0xkNGCtz/HJH9xZshwv9DbDwkw1KaE3gx/e2J5rpEY5rtOy6cyhKOPrkP7FZw==
+  dependencies:
+    json-parse-even-better-errors "^3.0.0"
+    npm-normalize-package-bin "^3.0.0"
+
 readable-stream@^2.0.1:
   version "2.3.7"
   resolved "https://registry.yarnpkg.com/readable-stream/-/readable-stream-2.3.7.tgz#1eca1cf711aef814c04f62252a36a62f6cb23b57"
@@ -6251,7 +7002,7 @@ readable-stream@^2.0.1:
     string_decoder "~1.1.1"
     util-deprecate "~1.0.1"
 
-readable-stream@^3.0.6:
+readable-stream@^3.0.2, readable-stream@^3.0.6:
   version "3.6.0"
   resolved "https://registry.yarnpkg.com/readable-stream/-/readable-stream-3.6.0.tgz#337bbda3adc0706bd3e024426a286d4b4b2c9198"
   integrity sha512-BViHy7LKeTz4oNnkcLJ+lVSL6vpiFeX6/d3oSH8zCW7UxP2onchk+vTGB143xuFjHS3deTgkKoXXymXqymiIdA==
@@ -6348,6 +7099,14 @@ relateurl@^0.2.7:
   resolved "https://registry.yarnpkg.com/relateurl/-/relateurl-0.2.7.tgz#54dbf377e51440aca90a4cd274600d3ff2d888a9"
   integrity sha512-G08Dxvm4iDN3MLM0EsP62EDV9IuhXPR6blNz6Utcp7zyV3tr4HVNINt6MpaRWbxoOHT3Q7YN2P+jaHX8vUbgog==
 
+remark-cli@^11.0.0:
+  version "11.0.0"
+  resolved "https://registry.yarnpkg.com/remark-cli/-/remark-cli-11.0.0.tgz#302c15c5e73c0b422a6709f65adb74cac3b5eb53"
+  integrity sha512-8JEWwArXquRq1/In4Ftz7gSG9Scwb1ijT2/dEuBETW9omqhmMRxcfjZ3iKqrak3BnCJeZSXCdWEmPhFKC8+RUQ==
+  dependencies:
+    remark "^14.0.0"
+    unified-args "^10.0.0"
+
 remark-emoji@^2.2.0:
   version "2.2.0"
   resolved "https://registry.yarnpkg.com/remark-emoji/-/remark-emoji-2.2.0.tgz#1c702090a1525da5b80e15a8f963ef2c8236cac7"
@@ -6362,6 +7121,592 @@ remark-footnotes@2.0.0:
   resolved "https://registry.yarnpkg.com/remark-footnotes/-/remark-footnotes-2.0.0.tgz#9001c4c2ffebba55695d2dd80ffb8b82f7e6303f"
   integrity sha512-3Clt8ZMH75Ayjp9q4CorNeyjwIxHFcTkaektplKGl2A1jNGEUey8cKL0ZC5vJwfcD5GFGsNLImLG/NGzWIzoMQ==
 
+remark-lint-blockquote-indentation@^3.0.0:
+  version "3.1.1"
+  resolved "https://registry.yarnpkg.com/remark-lint-blockquote-indentation/-/remark-lint-blockquote-indentation-3.1.1.tgz#756c099efd43a125f04df329bfe84398358758b6"
+  integrity sha512-u9cjedM6zcK8vRicis5n/xeOSDIC3FGBCKc3K9pqw+nNrOjY85FwxDQKZZ/kx7rmkdRZEhgyHak+wzPBllcxBQ==
+  dependencies:
+    "@types/mdast" "^3.0.0"
+    pluralize "^8.0.0"
+    unified "^10.0.0"
+    unified-lint-rule "^2.0.0"
+    unist-util-generated "^2.0.0"
+    unist-util-position "^4.0.0"
+    unist-util-visit "^4.0.0"
+
+remark-lint-checkbox-character-style@^4.0.0:
+  version "4.1.1"
+  resolved "https://registry.yarnpkg.com/remark-lint-checkbox-character-style/-/remark-lint-checkbox-character-style-4.1.1.tgz#8d42edf52e7b359cf76ff7a6ba344dc70c933025"
+  integrity sha512-KPSW3wfHfB8m9hzrtHiBHCTUIsOPX5nZR7VM+2pMjwqnhI6Mp94DKprkNo1ekNZALNeoZIDWZUSYxSiiwFfmVQ==
+  dependencies:
+    "@types/mdast" "^3.0.0"
+    unified "^10.0.0"
+    unified-lint-rule "^2.0.0"
+    unist-util-position "^4.0.0"
+    unist-util-visit "^4.0.0"
+
+remark-lint-code-block-style@^3.0.0:
+  version "3.1.0"
+  resolved "https://registry.yarnpkg.com/remark-lint-code-block-style/-/remark-lint-code-block-style-3.1.0.tgz#5a2d122d01f9175e762f81a144fc18e1a91a104c"
+  integrity sha512-Hv4YQ8ueLGpjItla4CkcOkcfGj+nlquqylDgCm1/xKnW+Ke2a4qVTMVJrP9Krp4FWmXgktJLDHjhRH+pzhDXLg==
+  dependencies:
+    "@types/mdast" "^3.0.0"
+    unified "^10.0.0"
+    unified-lint-rule "^2.0.0"
+    unist-util-generated "^2.0.0"
+    unist-util-position "^4.0.0"
+    unist-util-visit "^4.0.0"
+
+remark-lint-definition-case@^3.0.0:
+  version "3.1.1"
+  resolved "https://registry.yarnpkg.com/remark-lint-definition-case/-/remark-lint-definition-case-3.1.1.tgz#583483e783d43b4b5e110864584dce48f23a4386"
+  integrity sha512-dirX0BSfbm1Ixx4Hv4xRQliEP1rw8dDitw2Om3XcO2QqF8bWrzF06/xeMlDNAaT77Cxqb9S7bODo/q+CYUxyWQ==
+  dependencies:
+    "@types/mdast" "^3.0.0"
+    unified "^10.0.0"
+    unified-lint-rule "^2.0.0"
+    unist-util-position "^4.0.0"
+    unist-util-visit "^4.0.0"
+
+remark-lint-definition-spacing@^3.0.0:
+  version "3.1.1"
+  resolved "https://registry.yarnpkg.com/remark-lint-definition-spacing/-/remark-lint-definition-spacing-3.1.1.tgz#403cb3a486cbc2cb703358e78115507f6ee1fc2b"
+  integrity sha512-PR+cYvc0FMtFWjkaXePysW88r7Y7eIwbpUGPFDIWE48fiRiz8U3VIk05P3loQCpCkbmUeInAAYD8tIFPTg4Jlg==
+  dependencies:
+    "@types/mdast" "^3.0.0"
+    unified "^10.0.0"
+    unified-lint-rule "^2.0.0"
+    unist-util-position "^4.0.0"
+    unist-util-visit "^4.0.0"
+
+remark-lint-emphasis-marker@^3.0.0:
+  version "3.1.1"
+  resolved "https://registry.yarnpkg.com/remark-lint-emphasis-marker/-/remark-lint-emphasis-marker-3.1.1.tgz#3f3336ba4be97b8296eb1019338237d61b4e3db8"
+  integrity sha512-VduuT+KAr0vA78xBLJdIcenCQja4mAd81aNACfdz7BUPLphIQa84D5uzl+nZatSaCXLebCNp5jP/bzVUsBmRKw==
+  dependencies:
+    "@types/mdast" "^3.0.0"
+    unified "^10.0.0"
+    unified-lint-rule "^2.0.0"
+    unist-util-position "^4.0.0"
+    unist-util-visit "^4.0.0"
+
+remark-lint-fenced-code-flag@^3.0.0:
+  version "3.1.1"
+  resolved "https://registry.yarnpkg.com/remark-lint-fenced-code-flag/-/remark-lint-fenced-code-flag-3.1.1.tgz#b1fccd801a79c302543302dd3041fa325d1bd727"
+  integrity sha512-FFVZmYsBccKIIEgOtgdZEpQdARtAat1LTLBydnIpyNIvcntzWwtrtlj9mtjL8ZoSRre8HtwmEnBFyOfmM/NWaA==
+  dependencies:
+    "@types/mdast" "^3.0.0"
+    unified "^10.0.0"
+    unified-lint-rule "^2.0.0"
+    unist-util-generated "^2.0.0"
+    unist-util-position "^4.0.0"
+    unist-util-visit "^4.0.0"
+
+remark-lint-fenced-code-marker@^3.0.0:
+  version "3.1.1"
+  resolved "https://registry.yarnpkg.com/remark-lint-fenced-code-marker/-/remark-lint-fenced-code-marker-3.1.1.tgz#ee977552bd130f1f1305301f97160d31ff6b7461"
+  integrity sha512-x/t8sJWPvE46knKz6zW03j9VX5477srHUmRFbnXhZ3K8e37cYVUIvfbPhcPCAosSsOki9+dvGfZsWQiKuUNNfQ==
+  dependencies:
+    "@types/mdast" "^3.0.0"
+    unified "^10.0.0"
+    unified-lint-rule "^2.0.0"
+    unist-util-position "^4.0.0"
+    unist-util-visit "^4.0.0"
+
+remark-lint-file-extension@^2.0.0:
+  version "2.1.1"
+  resolved "https://registry.yarnpkg.com/remark-lint-file-extension/-/remark-lint-file-extension-2.1.1.tgz#780ef3c3a2e5713a44f82f24eb45e075ce9ba428"
+  integrity sha512-r6OMe27YZzr2NFjPMbBxgm8RZxigRwzeFSjapPlqcxk0Q0w/6sosJsceBNlGGlk00pltvv7NPqSexbXUjirrQQ==
+  dependencies:
+    "@types/mdast" "^3.0.0"
+    unified "^10.0.0"
+    unified-lint-rule "^2.0.0"
+
+remark-lint-final-definition@^3.0.0:
+  version "3.1.1"
+  resolved "https://registry.yarnpkg.com/remark-lint-final-definition/-/remark-lint-final-definition-3.1.1.tgz#c1077176e41b675302abf5057a82d7d5602df149"
+  integrity sha512-94hRV+EBIuLVFooiimsZwh5ZPEcTqjy5wr7LgqxoUUWy+srTanndaLoki7bxQJeIcWUnomZncsJAyL0Lo7toxw==
+  dependencies:
+    "@types/mdast" "^3.0.0"
+    unified "^10.0.0"
+    unified-lint-rule "^2.0.0"
+    unist-util-generated "^2.0.0"
+    unist-util-position "^4.0.0"
+    unist-util-visit "^4.0.0"
+
+remark-lint-final-newline@^2.0.0:
+  version "2.1.1"
+  resolved "https://registry.yarnpkg.com/remark-lint-final-newline/-/remark-lint-final-newline-2.1.1.tgz#dac4e5ae92638808fb6e2de6164c43890f1248a5"
+  integrity sha512-cgKYaI7ujUse/kV4KajLv2j1kmi1CxpAu+w7wIU0/Faihhb3sZAf4a5ACf2Wu8NoTSIr1Q//3hDysG507PIoDg==
+  dependencies:
+    "@types/mdast" "^3.0.0"
+    unified "^10.0.0"
+    unified-lint-rule "^2.0.0"
+
+remark-lint-hard-break-spaces@^3.0.0:
+  version "3.1.1"
+  resolved "https://registry.yarnpkg.com/remark-lint-hard-break-spaces/-/remark-lint-hard-break-spaces-3.1.1.tgz#daaa6fbc9d08a0501dc6e3d4a844dc4783bdfaea"
+  integrity sha512-UfwFvESpX32qwyHJeluuUuRPWmxJDTkmjnWv2r49G9fC4Jrzm4crdJMs3sWsrGiQ3mSex6bgp/8rqDgtBng2IA==
+  dependencies:
+    "@types/mdast" "^3.0.0"
+    unified "^10.0.0"
+    unified-lint-rule "^2.0.0"
+    unist-util-generated "^2.0.0"
+    unist-util-position "^4.0.0"
+    unist-util-visit "^4.0.0"
+
+remark-lint-heading-increment@^3.0.0:
+  version "3.1.1"
+  resolved "https://registry.yarnpkg.com/remark-lint-heading-increment/-/remark-lint-heading-increment-3.1.1.tgz#d12c9c1965e9eb44f090202d5d808a144c8ee884"
+  integrity sha512-DtiMwZNAE/iAZWuZGjTXxYjNDQ375r59C99aVeVp1nKaovIufKuHWAm9U/9FAGBJNgBx6Ovfdej4YwIxd0yAPw==
+  dependencies:
+    "@types/mdast" "^3.0.0"
+    unified "^10.0.0"
+    unified-lint-rule "^2.0.0"
+    unist-util-generated "^2.0.0"
+    unist-util-visit "^4.0.0"
+
+remark-lint-heading-style@^3.0.0:
+  version "3.1.1"
+  resolved "https://registry.yarnpkg.com/remark-lint-heading-style/-/remark-lint-heading-style-3.1.1.tgz#19e321db9dc6c697f3ef8bf514a8b15323422776"
+  integrity sha512-Qm7ZAF+s46ns0Wo5TlHGIn/PPMMynytn8SSLEdMIo6Uo/+8PAcmQ3zU1pj57KYxfyDoN5iQPgPIwPYMLYQ2TSQ==
+  dependencies:
+    "@types/mdast" "^3.0.0"
+    mdast-util-heading-style "^2.0.0"
+    unified "^10.0.0"
+    unified-lint-rule "^2.0.0"
+    unist-util-generated "^2.0.0"
+    unist-util-visit "^4.0.0"
+
+remark-lint-link-title-style@^3.0.0:
+  version "3.1.1"
+  resolved "https://registry.yarnpkg.com/remark-lint-link-title-style/-/remark-lint-link-title-style-3.1.1.tgz#eb1a773816b4bee43170745245e9fed776633a7d"
+  integrity sha512-JWWiuUFy/N2iwQ3eWIxFy6olX8D7xCFw8LoM0vZI2CHTZJrmDMaWwnl8jziP+HHHheFX3wkVqsoaYod536ArRw==
+  dependencies:
+    "@types/mdast" "^3.0.0"
+    unified "^10.0.0"
+    unified-lint-rule "^2.0.0"
+    unist-util-position "^4.0.0"
+    unist-util-visit "^4.0.0"
+    vfile-location "^4.0.0"
+
+remark-lint-list-item-bullet-indent@^4.0.0:
+  version "4.1.1"
+  resolved "https://registry.yarnpkg.com/remark-lint-list-item-bullet-indent/-/remark-lint-list-item-bullet-indent-4.1.1.tgz#1ff4498b680bb4a8ce94a4192a1b52eca4c9fe48"
+  integrity sha512-NFvXVj1Nm12+Ma48NOjZCGb/D0IhmUcxyrTCpPp+UNJhEWrmFxM8nSyIiZgXadgXErnuv+xm2Atw7TAcZ9a1Cg==
+  dependencies:
+    "@types/mdast" "^3.0.0"
+    pluralize "^8.0.0"
+    unified "^10.0.0"
+    unified-lint-rule "^2.0.0"
+    unist-util-visit "^4.0.0"
+
+remark-lint-list-item-content-indent@^3.0.0:
+  version "3.1.1"
+  resolved "https://registry.yarnpkg.com/remark-lint-list-item-content-indent/-/remark-lint-list-item-content-indent-3.1.1.tgz#9fff6bf4e1a08e86d99430838b822b8209dca15e"
+  integrity sha512-gcZhAXLd1onkutTEqQTybyANjdxvlOlu0y/AU4H3f6L99UGC85ymRhEeu5vGSkvsKKPR1FrMTEH6G2nNgtavgg==
+  dependencies:
+    "@types/mdast" "^3.0.0"
+    pluralize "^8.0.0"
+    unified "^10.0.0"
+    unified-lint-rule "^2.0.0"
+    unist-util-position "^4.0.0"
+    unist-util-visit "^4.0.0"
+
+remark-lint-list-item-indent@^3.0.0, remark-lint-list-item-indent@^3.1.1:
+  version "3.1.1"
+  resolved "https://registry.yarnpkg.com/remark-lint-list-item-indent/-/remark-lint-list-item-indent-3.1.1.tgz#1591d291a9f81c8f14219bdb63f226a5e9f271c3"
+  integrity sha512-OSTG64e52v8XBmmeT0lefpiAfCMYHJxMMUrMnhTjLVyWAbEO0vqqR5bLvfLwzK+P4nY2D/8XKku0hw35dM86Rw==
+  dependencies:
+    "@types/mdast" "^3.0.0"
+    pluralize "^8.0.0"
+    unified "^10.0.0"
+    unified-lint-rule "^2.0.0"
+    unist-util-generated "^2.0.0"
+    unist-util-position "^4.0.0"
+    unist-util-visit "^4.0.0"
+
+remark-lint-list-item-spacing@^4.0.0:
+  version "4.1.1"
+  resolved "https://registry.yarnpkg.com/remark-lint-list-item-spacing/-/remark-lint-list-item-spacing-4.1.1.tgz#93473e79965c3f21c0dc8830b18be790033485fd"
+  integrity sha512-MqXmahPgYrvfA7SPqmcAC6fI40jIgXG33EeE/MhFvMLWh04k+fqGf2O2aH1KT664MlwM4oETbTI4xj3/KCIHZA==
+  dependencies:
+    "@types/mdast" "^3.0.0"
+    unified "^10.0.0"
+    unified-lint-rule "^2.0.0"
+    unist-util-generated "^2.0.0"
+    unist-util-position "^4.0.0"
+    unist-util-visit "^4.0.0"
+
+remark-lint-maximum-heading-length@^3.0.0:
+  version "3.1.1"
+  resolved "https://registry.yarnpkg.com/remark-lint-maximum-heading-length/-/remark-lint-maximum-heading-length-3.1.1.tgz#dd90ef7f18ff20789f9c533e2bdbcd4b4d92a7cd"
+  integrity sha512-hTOvRDnULpu0S+k51lovT28TLBgtw8XR0qq+mECSsoyuT4C38UBjQRic5OPo68AZMH0ad/93uj6yvfFtH0K8Lg==
+  dependencies:
+    "@types/mdast" "^3.0.0"
+    mdast-util-to-string "^3.0.0"
+    unified "^10.0.0"
+    unified-lint-rule "^2.0.0"
+    unist-util-generated "^2.0.0"
+    unist-util-visit "^4.0.0"
+
+remark-lint-maximum-line-length@^3.0.0:
+  version "3.1.2"
+  resolved "https://registry.yarnpkg.com/remark-lint-maximum-line-length/-/remark-lint-maximum-line-length-3.1.2.tgz#4c5c499279c80938878194d4e52102525b7a9e1b"
+  integrity sha512-KwddpVmNifTHNXwTQQgVufuUvv0hhu9kJVvmpNdEvfEc7tc3wBkaavyi3kKsUB8WwMhGtZuXVWy6OdPC1axzhw==
+  dependencies:
+    "@types/mdast" "^3.0.0"
+    unified "^10.0.0"
+    unified-lint-rule "^2.0.0"
+    unist-util-generated "^2.0.0"
+    unist-util-position "^4.0.0"
+    unist-util-visit "^4.0.0"
+
+remark-lint-no-blockquote-without-marker@^5.0.0:
+  version "5.1.1"
+  resolved "https://registry.yarnpkg.com/remark-lint-no-blockquote-without-marker/-/remark-lint-no-blockquote-without-marker-5.1.1.tgz#e07233866a742c41368886663d7caebbdebb1074"
+  integrity sha512-7jL7eKS25kKRhQ7SKKB5eRfNleDMWKWAmZ5Y/votJdDoM+6qsopLLumPWaSzP0onyV3dyHRhPfBtqelt3hvcyA==
+  dependencies:
+    "@types/mdast" "^3.0.0"
+    unified "^10.0.0"
+    unified-lint-rule "^2.0.0"
+    unist-util-generated "^2.0.0"
+    unist-util-position "^4.0.0"
+    unist-util-visit "^4.0.0"
+    vfile-location "^4.0.0"
+
+remark-lint-no-consecutive-blank-lines@^4.0.0:
+  version "4.1.2"
+  resolved "https://registry.yarnpkg.com/remark-lint-no-consecutive-blank-lines/-/remark-lint-no-consecutive-blank-lines-4.1.2.tgz#77d5c433830c306898deefbab370c0c5732ff99a"
+  integrity sha512-wRsR3kFgHaZ4mO3KASU43oXGLGezNZ64yNs1ChPUacKh0Bm7cwGnxN9GHGAbOXspwrYrN2eCDxzCbdPEZi2qKw==
+  dependencies:
+    "@types/mdast" "^3.0.0"
+    "@types/unist" "^2.0.0"
+    pluralize "^8.0.0"
+    unified "^10.0.0"
+    unified-lint-rule "^2.0.0"
+    unist-util-generated "^2.0.0"
+    unist-util-position "^4.0.0"
+    unist-util-visit "^4.0.0"
+
+remark-lint-no-duplicate-definitions@^3.0.0:
+  version "3.1.1"
+  resolved "https://registry.yarnpkg.com/remark-lint-no-duplicate-definitions/-/remark-lint-no-duplicate-definitions-3.1.1.tgz#2f5042b8d2274d94a9423767c6e714b57c6a2dbf"
+  integrity sha512-9p+nBz8VvV+t4g/ALNLVN8naV+ffAzC4ADyg9QivzmKwLjyF93Avt4HYNlb2GZ+aoXRQSVG1wjjWFeDC9c7Tdg==
+  dependencies:
+    "@types/mdast" "^3.0.0"
+    unified "^10.0.0"
+    unified-lint-rule "^2.0.0"
+    unist-util-generated "^2.0.0"
+    unist-util-position "^4.0.0"
+    unist-util-stringify-position "^3.0.0"
+    unist-util-visit "^4.0.0"
+
+remark-lint-no-duplicate-headings@^3.0.0:
+  version "3.1.1"
+  resolved "https://registry.yarnpkg.com/remark-lint-no-duplicate-headings/-/remark-lint-no-duplicate-headings-3.1.1.tgz#5cee9867b01e296dda7940a7c2546cb43f2be523"
+  integrity sha512-gSO/BngGkxF35Fsctzt3YMwGEZ8F7f71zx7h0Y97DylyL6WXVuWP4saCmQTlbB4FpD0UXEnRROJ6fBFDvJlzOA==
+  dependencies:
+    "@types/mdast" "^3.0.0"
+    mdast-util-to-string "^3.0.0"
+    unified "^10.0.0"
+    unified-lint-rule "^2.0.0"
+    unist-util-generated "^2.0.0"
+    unist-util-position "^4.0.0"
+    unist-util-stringify-position "^3.0.0"
+    unist-util-visit "^4.0.0"
+
+remark-lint-no-emphasis-as-heading@^3.0.0:
+  version "3.1.1"
+  resolved "https://registry.yarnpkg.com/remark-lint-no-emphasis-as-heading/-/remark-lint-no-emphasis-as-heading-3.1.1.tgz#8279e3905fbc5117f195a65396ce50d08648d611"
+  integrity sha512-F45yuLsYVP4r6OjVtePKk7Aymnf3rBLHXYjnSJggEaYn0j+72xOBLrqmj6ii5YGfDsBwG2pDNTBx4vm3xM7P0Q==
+  dependencies:
+    "@types/mdast" "^3.0.0"
+    unified "^10.0.0"
+    unified-lint-rule "^2.0.0"
+    unist-util-generated "^2.0.0"
+    unist-util-visit "^4.0.0"
+
+remark-lint-no-file-name-articles@^2.0.0:
+  version "2.1.1"
+  resolved "https://registry.yarnpkg.com/remark-lint-no-file-name-articles/-/remark-lint-no-file-name-articles-2.1.1.tgz#9a202242fae3d9f6d7037bb71821659887ee84a4"
+  integrity sha512-7fiHKQUGvP4WOsieZ1dxm8WQWWjXjPj0Uix6pk2dSTJqxvaosjKH1AV0J/eVvliat0BGH8Cz4SUbuz5vG6YbdQ==
+  dependencies:
+    "@types/mdast" "^3.0.0"
+    unified "^10.0.0"
+    unified-lint-rule "^2.0.0"
+
+remark-lint-no-file-name-consecutive-dashes@^2.0.0:
+  version "2.1.1"
+  resolved "https://registry.yarnpkg.com/remark-lint-no-file-name-consecutive-dashes/-/remark-lint-no-file-name-consecutive-dashes-2.1.1.tgz#d0d36ae694a486a9d8a39d9f3823f11234ed45c2"
+  integrity sha512-tM4IpURGuresyeIBsXT5jsY3lZakgO6IO59ixcFt015bFjTOW54MrBvdJxA60QHhf5DAyHzD8wGeULPSs7ZQfg==
+  dependencies:
+    "@types/mdast" "^3.0.0"
+    unified "^10.0.0"
+    unified-lint-rule "^2.0.0"
+
+remark-lint-no-file-name-irregular-characters@^2.0.0:
+  version "2.1.1"
+  resolved "https://registry.yarnpkg.com/remark-lint-no-file-name-irregular-characters/-/remark-lint-no-file-name-irregular-characters-2.1.1.tgz#8f9dd0c22cf7ee5ca3860b949256e3eaf5baa5b0"
+  integrity sha512-rVeCv1XRdLtp/rxLaiFKElaIHuIlokypV/c2aCG3VVYcQ4+ZmJxq018kEsolR2+Dv9m3vKp8Fy1482US4g4WKA==
+  dependencies:
+    "@types/mdast" "^3.0.0"
+    unified "^10.0.0"
+    unified-lint-rule "^2.0.0"
+
+remark-lint-no-file-name-mixed-case@^2.0.0:
+  version "2.1.1"
+  resolved "https://registry.yarnpkg.com/remark-lint-no-file-name-mixed-case/-/remark-lint-no-file-name-mixed-case-2.1.1.tgz#adac709a0961609ba305b46dd01035b4fba4ae84"
+  integrity sha512-mJU3hYzyXNo8NkoSafPcsgr+Gema+vDCzNWlLw05UdFXJK/cVy+6DVsbrEFjrz8L+WF7uQmUHBtTvd91SqoItg==
+  dependencies:
+    "@types/mdast" "^3.0.0"
+    unified "^10.0.0"
+    unified-lint-rule "^2.0.0"
+
+remark-lint-no-file-name-outer-dashes@^2.0.0:
+  version "2.1.1"
+  resolved "https://registry.yarnpkg.com/remark-lint-no-file-name-outer-dashes/-/remark-lint-no-file-name-outer-dashes-2.1.1.tgz#d0956441d1df6fb0a04a0efd375a739729fe5213"
+  integrity sha512-2kRcVNzZb0zS3jE+Iaa6MEpplhqXSdsHBILS+BxJ4cDGAAIdeipY8hKaDLdZi+34wvrfnDxNgvNLcHpgqO+OZA==
+  dependencies:
+    "@types/mdast" "^3.0.0"
+    unified "^10.0.0"
+    unified-lint-rule "^2.0.0"
+
+remark-lint-no-heading-content-indent@^4.0.0:
+  version "4.1.1"
+  resolved "https://registry.yarnpkg.com/remark-lint-no-heading-content-indent/-/remark-lint-no-heading-content-indent-4.1.1.tgz#e4afb9872d12b29805c183999f5cb3adca9f394c"
+  integrity sha512-W4zF7MA72IDC5JB0qzciwsnioL5XlnoE0r1F7sDS0I5CJfQtHYOLlxb3UAIlgRCkBokPWCp0E4o1fsY/gQUKVg==
+  dependencies:
+    "@types/mdast" "^3.0.0"
+    mdast-util-heading-style "^2.0.0"
+    pluralize "^8.0.0"
+    unified "^10.0.0"
+    unified-lint-rule "^2.0.0"
+    unist-util-generated "^2.0.0"
+    unist-util-position "^4.0.0"
+    unist-util-visit "^4.0.0"
+
+remark-lint-no-heading-punctuation@^3.0.0:
+  version "3.1.1"
+  resolved "https://registry.yarnpkg.com/remark-lint-no-heading-punctuation/-/remark-lint-no-heading-punctuation-3.1.1.tgz#ba2159170778bfdec8947e1a71d1e152431cd9ce"
+  integrity sha512-ZexHx4rmsjKVF1/Fvdig0yOgpWl0wFa43+sqg880HT3PW9KmEczjSRkwlMaTlVgDzC0paNn2FXfQMuEQW4YDLg==
+  dependencies:
+    "@types/mdast" "^3.0.0"
+    mdast-util-to-string "^3.0.0"
+    unified "^10.0.0"
+    unified-lint-rule "^2.0.0"
+    unist-util-generated "^2.0.0"
+    unist-util-visit "^4.0.0"
+
+remark-lint-no-inline-padding@^4.0.0:
+  version "4.1.1"
+  resolved "https://registry.yarnpkg.com/remark-lint-no-inline-padding/-/remark-lint-no-inline-padding-4.1.1.tgz#2f1dda78556f1f8a98b4cad52ff74f6a56b55c58"
+  integrity sha512-++IMm6ohOPKNOrybqjP9eiclEtVX/Rd2HpF2UD9icrC1X5nvrI6tlfN55tePaFvWAB7pe6MW4LzNEMnWse61Lw==
+  dependencies:
+    "@types/mdast" "^3.0.0"
+    mdast-util-to-string "^3.0.0"
+    unified "^10.0.0"
+    unified-lint-rule "^2.0.0"
+    unist-util-generated "^2.0.0"
+    unist-util-visit "^4.0.0"
+
+remark-lint-no-literal-urls@^3.0.0:
+  version "3.1.1"
+  resolved "https://registry.yarnpkg.com/remark-lint-no-literal-urls/-/remark-lint-no-literal-urls-3.1.1.tgz#9e3b71c013ffa3d3a493c98b54c3d5bd0ea0ad23"
+  integrity sha512-tZZ4gtZMA//ZAf7GJTE8S9yjzqXUfUTlR/lvU7ffc7NeSurqCBwAtHqeXVCHiD39JnlHVSW2MLYhvHp53lBGvA==
+  dependencies:
+    "@types/mdast" "^3.0.0"
+    mdast-util-to-string "^3.0.0"
+    unified "^10.0.0"
+    unified-lint-rule "^2.0.0"
+    unist-util-generated "^2.0.0"
+    unist-util-position "^4.0.0"
+    unist-util-visit "^4.0.0"
+
+remark-lint-no-multiple-toplevel-headings@^3.0.0:
+  version "3.1.1"
+  resolved "https://registry.yarnpkg.com/remark-lint-no-multiple-toplevel-headings/-/remark-lint-no-multiple-toplevel-headings-3.1.1.tgz#0a0058b03e5d8c3539230a5987e0ef11edd987f2"
+  integrity sha512-bM//SIBvIkoGUpA8hR5QibJ+7C2R50PTIRrc4te93YNRG+ie8bJzjwuO9jIMedoDfJB6/+7EqO9FYBivjBZ3MA==
+  dependencies:
+    "@types/mdast" "^3.0.0"
+    unified "^10.0.0"
+    unified-lint-rule "^2.0.0"
+    unist-util-generated "^2.0.0"
+    unist-util-position "^4.0.0"
+    unist-util-stringify-position "^3.0.0"
+    unist-util-visit "^4.0.0"
+
+remark-lint-no-shell-dollars@^3.0.0:
+  version "3.1.1"
+  resolved "https://registry.yarnpkg.com/remark-lint-no-shell-dollars/-/remark-lint-no-shell-dollars-3.1.1.tgz#27deee278650d72bca795788e195927f03059f9d"
+  integrity sha512-Q3Ad1TaOPxbYog5+Of/quPG3Fy+dMKiHjT8KsU7NDiHG6YJOnAJ3f3w+y13CIlNIaKc/MrisgcthhrZ7NsgXfA==
+  dependencies:
+    "@types/mdast" "^3.0.0"
+    unified "^10.0.0"
+    unified-lint-rule "^2.0.0"
+    unist-util-generated "^2.0.0"
+    unist-util-visit "^4.0.0"
+
+remark-lint-no-shortcut-reference-image@^3.0.0:
+  version "3.1.1"
+  resolved "https://registry.yarnpkg.com/remark-lint-no-shortcut-reference-image/-/remark-lint-no-shortcut-reference-image-3.1.1.tgz#3714f31e98ca2063c43bb4cc4d7206e0581da501"
+  integrity sha512-m8tH+loDagd1JUns/T4eyulVXgVvE+ZSs7owRUOmP+dgsKJuO5sl1AdN9eyKDVMEvxHF3Pm5WqE62QIRNM48mA==
+  dependencies:
+    "@types/mdast" "^3.0.0"
+    unified "^10.0.0"
+    unified-lint-rule "^2.0.0"
+    unist-util-generated "^2.0.0"
+    unist-util-visit "^4.0.0"
+
+remark-lint-no-shortcut-reference-link@^3.0.0:
+  version "3.1.1"
+  resolved "https://registry.yarnpkg.com/remark-lint-no-shortcut-reference-link/-/remark-lint-no-shortcut-reference-link-3.1.1.tgz#b29bc4bfdb02b30a596b5fed235c99e470805130"
+  integrity sha512-oDJ92/jXQ842HgrBGgZdP7FA+N2jBMCBU2+jRElkS+OWVut0UaDILtNavNy/e85B3SLPj3RoXKF96M4vfJ7B2A==
+  dependencies:
+    "@types/mdast" "^3.0.0"
+    unified "^10.0.0"
+    unified-lint-rule "^2.0.0"
+    unist-util-generated "^2.0.0"
+    unist-util-visit "^4.0.0"
+
+remark-lint-no-table-indentation@^4.0.0:
+  version "4.1.1"
+  resolved "https://registry.yarnpkg.com/remark-lint-no-table-indentation/-/remark-lint-no-table-indentation-4.1.1.tgz#985a0a1f7a533b58c9829db6579c7cac899e55e1"
+  integrity sha512-eklvBxUSrkVbJxeokepOvFZ3n2V6zaJERIiOowR+y/Bz4dRHDMij1Ojg55AMO9yUMvxWPV3JPOeThliAcPmrMg==
+  dependencies:
+    "@types/mdast" "^3.0.0"
+    unified "^10.0.0"
+    unified-lint-rule "^2.0.0"
+    unist-util-position "^4.0.0"
+    unist-util-visit "^4.0.0"
+    vfile-location "^4.0.0"
+
+remark-lint-no-undefined-references@^4.0.0:
+  version "4.2.0"
+  resolved "https://registry.yarnpkg.com/remark-lint-no-undefined-references/-/remark-lint-no-undefined-references-4.2.0.tgz#11a3e579b9107493d7781973dde8517793f52e0c"
+  integrity sha512-EDV9B1ZXMLcKVtMQFvfvtbag4AkLcu8aUNGXoez5GJLcCAQ8Q+sG74yOtIW4xNVlVubEjl0vdkFhaKYLxvn2Sw==
+  dependencies:
+    "@types/mdast" "^3.0.0"
+    micromark-util-normalize-identifier "^1.0.0"
+    unified "^10.0.0"
+    unified-lint-rule "^2.0.0"
+    unist-util-generated "^2.0.0"
+    unist-util-position "^4.0.0"
+    unist-util-visit "^4.0.0"
+    vfile-location "^4.0.0"
+
+remark-lint-no-unused-definitions@^3.0.0:
+  version "3.1.1"
+  resolved "https://registry.yarnpkg.com/remark-lint-no-unused-definitions/-/remark-lint-no-unused-definitions-3.1.1.tgz#584fcd0b1ad569d3e1933256e85b9fb308e88695"
+  integrity sha512-/GtyBukhAxi5MEX/g/m+FzDEflSbTe2/cpe2H+tJZyDmiLhjGXRdwWnPRDp+mB9g1iIZgVRCk7T4v90RbQX/mw==
+  dependencies:
+    "@types/mdast" "^3.0.0"
+    unified "^10.0.0"
+    unified-lint-rule "^2.0.0"
+    unist-util-generated "^2.0.0"
+    unist-util-visit "^4.0.0"
+
+remark-lint-ordered-list-marker-style@^3.0.0:
+  version "3.1.1"
+  resolved "https://registry.yarnpkg.com/remark-lint-ordered-list-marker-style/-/remark-lint-ordered-list-marker-style-3.1.1.tgz#5431100f048ef44daa90a32251e8056f2de58449"
+  integrity sha512-IWcWaJoaSb4yoSOuvDbj9B2uXp9kSj58DqtrMKo8MoRShmbj1onVfulTxoTLeLtI11NvW+mj3jPSpqjMjls+5Q==
+  dependencies:
+    "@types/mdast" "^3.0.0"
+    unified "^10.0.0"
+    unified-lint-rule "^2.0.0"
+    unist-util-generated "^2.0.0"
+    unist-util-position "^4.0.0"
+    unist-util-visit "^4.0.0"
+
+remark-lint-ordered-list-marker-value@^3.0.0:
+  version "3.1.1"
+  resolved "https://registry.yarnpkg.com/remark-lint-ordered-list-marker-value/-/remark-lint-ordered-list-marker-value-3.1.1.tgz#fed1bafdaa8ada89d037e411e35d4c2b3f7cdda9"
+  integrity sha512-+bQZbo+v/A8CuLrO71gobJuKR4/sfnPgWyEggSa+zq+LXPK1HiMDjap0Wr07uYgcUXsXIPh+HD/5J5by6JL+vg==
+  dependencies:
+    "@types/mdast" "^3.0.0"
+    unified "^10.0.0"
+    unified-lint-rule "^2.0.0"
+    unist-util-generated "^2.0.0"
+    unist-util-position "^4.0.0"
+    unist-util-visit "^4.0.0"
+
+remark-lint-rule-style@^3.0.0:
+  version "3.1.1"
+  resolved "https://registry.yarnpkg.com/remark-lint-rule-style/-/remark-lint-rule-style-3.1.1.tgz#163b4f394422496c065c95227970657a57c786cf"
+  integrity sha512-+oZe0ph4DWHGwPkQ/FpqiGp4WULTXB1edftnnNbizYT+Wr+/ux7GNTx78oXH/PHwlnOtVIExMc4W/vDXrUj/DQ==
+  dependencies:
+    "@types/mdast" "^3.0.0"
+    unified "^10.0.0"
+    unified-lint-rule "^2.0.0"
+    unist-util-position "^4.0.0"
+    unist-util-visit "^4.0.0"
+
+remark-lint-strong-marker@^3.0.0:
+  version "3.1.1"
+  resolved "https://registry.yarnpkg.com/remark-lint-strong-marker/-/remark-lint-strong-marker-3.1.1.tgz#4f77ba095cacbd8a8bcd7dd834dd792b50b1f3cb"
+  integrity sha512-tX9Os2C48Hh8P8CouY4dcnAhGnR3trL+NCDqIvJvFDR9Rvm9yfNQaY2N4ZHWVY0iUicq9DpqEiJTgUsT8AGv/w==
+  dependencies:
+    "@types/mdast" "^3.0.0"
+    unified "^10.0.0"
+    unified-lint-rule "^2.0.0"
+    unist-util-position "^4.0.0"
+    unist-util-visit "^4.0.0"
+
+remark-lint-table-cell-padding@^4.0.0:
+  version "4.1.2"
+  resolved "https://registry.yarnpkg.com/remark-lint-table-cell-padding/-/remark-lint-table-cell-padding-4.1.2.tgz#a7087f4513523ca0473986a7a9348847d52e6dad"
+  integrity sha512-cx5BXjHtpACa7Z51Vuqzy9BI4Z8Hnxz7vklhhrubkoB7mbctP/mR+Nh4B8eE5VtgFYJNHFwIltl96PuoctFCeQ==
+  dependencies:
+    "@types/mdast" "^3.0.0"
+    "@types/unist" "^2.0.0"
+    unified "^10.0.0"
+    unified-lint-rule "^2.0.0"
+    unist-util-position "^4.0.0"
+    unist-util-visit "^4.0.0"
+
+remark-lint-table-pipe-alignment@^3.0.0:
+  version "3.1.1"
+  resolved "https://registry.yarnpkg.com/remark-lint-table-pipe-alignment/-/remark-lint-table-pipe-alignment-3.1.1.tgz#dc9381f1b8437d3a96c3309ed8277ab003e84955"
+  integrity sha512-WOHv2yL4ZwXHM06MIyQNnGFYKz9m2k/GFIA/6hpArF8Ph/3v8CF0J/Hb3Yyfg39e5nODw3D2G3okCO+xgyGQGA==
+  dependencies:
+    "@types/mdast" "^3.0.0"
+    unified "^10.0.0"
+    unified-lint-rule "^2.0.0"
+    unist-util-position "^4.0.0"
+    unist-util-visit "^4.0.0"
+
+remark-lint-table-pipes@^4.0.0:
+  version "4.1.1"
+  resolved "https://registry.yarnpkg.com/remark-lint-table-pipes/-/remark-lint-table-pipes-4.1.1.tgz#8a9badb0daed86d561db681c150966549eb8528d"
+  integrity sha512-mJnB2FpjJTE4s9kE1JX8gcCjCFvtGPjzXUiQy0sbPHn2YM9EWG7kvFWYoqWK4w569CEQJyxZraEPltmhDjQTjg==
+  dependencies:
+    "@types/mdast" "^3.0.0"
+    unified "^10.0.0"
+    unified-lint-rule "^2.0.0"
+    unist-util-position "^4.0.0"
+    unist-util-visit "^4.0.0"
+
+remark-lint-unordered-list-marker-style@^3.0.0:
+  version "3.1.1"
+  resolved "https://registry.yarnpkg.com/remark-lint-unordered-list-marker-style/-/remark-lint-unordered-list-marker-style-3.1.1.tgz#ad9a2aaa705bf3c1ec147f493c7b453ea612238f"
+  integrity sha512-JwH8oIDi9f5Z8cTQLimhJ/fkbPwI3OpNSifjYyObNNuc4PG4/NUoe5ZuD10uPmPYHZW+713RZ8S5ucVCkI8dDA==
+  dependencies:
+    "@types/mdast" "^3.0.0"
+    unified "^10.0.0"
+    unified-lint-rule "^2.0.0"
+    unist-util-generated "^2.0.0"
+    unist-util-position "^4.0.0"
+    unist-util-visit "^4.0.0"
+
+remark-lint@^9.0.0, remark-lint@^9.1.1:
+  version "9.1.1"
+  resolved "https://registry.yarnpkg.com/remark-lint/-/remark-lint-9.1.1.tgz#58c27adc4edeca93b7ce81e2861f05cbcecef72c"
+  integrity sha512-zhe6twuqgkx/9KgZyNyaO0cceA4jQuJcyzMOBC+JZiAzMN6mFUmcssWZyY30ko8ut9vQDMX/pyQnolGn+Fg/Tw==
+  dependencies:
+    "@types/mdast" "^3.0.0"
+    remark-message-control "^7.0.0"
+    unified "^10.1.0"
+
 remark-mdx@1.6.22:
   version "1.6.22"
   resolved "https://registry.yarnpkg.com/remark-mdx/-/remark-mdx-1.6.22.tgz#06a8dab07dcfdd57f3373af7f86bd0e992108bbd"
@@ -6376,6 +7721,25 @@ remark-mdx@1.6.22:
     remark-parse "8.0.3"
     unified "9.2.0"
 
+remark-mdx@^2.1.5:
+  version "2.3.0"
+  resolved "https://registry.yarnpkg.com/remark-mdx/-/remark-mdx-2.3.0.tgz#efe678025a8c2726681bde8bf111af4a93943db4"
+  integrity sha512-g53hMkpM0I98MU266IzDFMrTD980gNF3BJnkyFcmN+dD873mQeD5rdMO3Y2X+x8umQfbSE0PcoEDl7ledSA+2g==
+  dependencies:
+    mdast-util-mdx "^2.0.0"
+    micromark-extension-mdxjs "^1.0.0"
+
+remark-message-control@^7.0.0:
+  version "7.1.1"
+  resolved "https://registry.yarnpkg.com/remark-message-control/-/remark-message-control-7.1.1.tgz#71e9b757b835fad2ac14fafa8b432f51b9b9bf52"
+  integrity sha512-xKRWl1NTBOKed0oEtCd8BUfH5m4s8WXxFFSoo7uUwx6GW/qdCy4zov5LfPyw7emantDmhfWn5PdIZgcbVcWMDQ==
+  dependencies:
+    "@types/mdast" "^3.0.0"
+    mdast-comment-marker "^2.0.0"
+    unified "^10.0.0"
+    unified-message-control "^4.0.0"
+    vfile "^5.0.0"
+
 remark-parse@8.0.3:
   version "8.0.3"
   resolved "https://registry.yarnpkg.com/remark-parse/-/remark-parse-8.0.3.tgz#9c62aa3b35b79a486454c690472906075f40c7e1"
@@ -6398,6 +7762,111 @@ remark-parse@8.0.3:
     vfile-location "^3.0.0"
     xtend "^4.0.1"
 
+remark-parse@^10.0.0:
+  version "10.0.1"
+  resolved "https://registry.yarnpkg.com/remark-parse/-/remark-parse-10.0.1.tgz#6f60ae53edbf0cf38ea223fe643db64d112e0775"
+  integrity sha512-1fUyHr2jLsVOkhbvPRBJ5zTKZZyD6yZzYaWCS6BPBdQ8vEMBCH+9zNCDA6tET/zHCi/jLqjCWtlJZUPk+DbnFw==
+  dependencies:
+    "@types/mdast" "^3.0.0"
+    mdast-util-from-markdown "^1.0.0"
+    unified "^10.0.0"
+
+remark-preset-lint-consistent@^5.1.1:
+  version "5.1.1"
+  resolved "https://registry.yarnpkg.com/remark-preset-lint-consistent/-/remark-preset-lint-consistent-5.1.1.tgz#c870a2379e109cb6d7a10cd2d3b91f34e3f89e71"
+  integrity sha512-DZQfomiVi/1x7NRByWrOiIC+olEGa1PpyykKrowvYp5qr/Seq60FqU7OjBJxtcOLzgnQcu9Y2JXdHxFi4AAPXQ==
+  dependencies:
+    "@types/mdast" "^3.0.0"
+    remark-lint "^9.0.0"
+    remark-lint-blockquote-indentation "^3.0.0"
+    remark-lint-checkbox-character-style "^4.0.0"
+    remark-lint-code-block-style "^3.0.0"
+    remark-lint-emphasis-marker "^3.0.0"
+    remark-lint-fenced-code-marker "^3.0.0"
+    remark-lint-heading-style "^3.0.0"
+    remark-lint-link-title-style "^3.0.0"
+    remark-lint-list-item-content-indent "^3.0.0"
+    remark-lint-ordered-list-marker-style "^3.0.0"
+    remark-lint-rule-style "^3.0.0"
+    remark-lint-strong-marker "^3.0.0"
+    remark-lint-table-cell-padding "^4.0.0"
+    unified "^10.0.0"
+
+remark-preset-lint-markdown-style-guide@^5.1.2:
+  version "5.1.2"
+  resolved "https://registry.yarnpkg.com/remark-preset-lint-markdown-style-guide/-/remark-preset-lint-markdown-style-guide-5.1.2.tgz#877a837261df1f6c021557463aeda1e49506dd30"
+  integrity sha512-MIAhnz0wDOq/MqLucSaAPquKGFE2I5SxqRjgWT+ZGK7TmqTxrro53e11/Pc19xPX4evmzI5CZdvaRnIoxP3ysQ==
+  dependencies:
+    "@types/mdast" "^3.0.0"
+    remark-lint "^9.0.0"
+    remark-lint-blockquote-indentation "^3.0.0"
+    remark-lint-code-block-style "^3.0.0"
+    remark-lint-definition-case "^3.0.0"
+    remark-lint-definition-spacing "^3.0.0"
+    remark-lint-emphasis-marker "^3.0.0"
+    remark-lint-fenced-code-flag "^3.0.0"
+    remark-lint-fenced-code-marker "^3.0.0"
+    remark-lint-file-extension "^2.0.0"
+    remark-lint-final-definition "^3.0.0"
+    remark-lint-hard-break-spaces "^3.0.0"
+    remark-lint-heading-increment "^3.0.0"
+    remark-lint-heading-style "^3.0.0"
+    remark-lint-link-title-style "^3.0.0"
+    remark-lint-list-item-content-indent "^3.0.0"
+    remark-lint-list-item-indent "^3.0.0"
+    remark-lint-list-item-spacing "^4.0.0"
+    remark-lint-maximum-heading-length "^3.0.0"
+    remark-lint-maximum-line-length "^3.0.0"
+    remark-lint-no-blockquote-without-marker "^5.0.0"
+    remark-lint-no-consecutive-blank-lines "^4.0.0"
+    remark-lint-no-duplicate-headings "^3.0.0"
+    remark-lint-no-emphasis-as-heading "^3.0.0"
+    remark-lint-no-file-name-articles "^2.0.0"
+    remark-lint-no-file-name-consecutive-dashes "^2.0.0"
+    remark-lint-no-file-name-irregular-characters "^2.0.0"
+    remark-lint-no-file-name-mixed-case "^2.0.0"
+    remark-lint-no-file-name-outer-dashes "^2.0.0"
+    remark-lint-no-heading-punctuation "^3.0.0"
+    remark-lint-no-inline-padding "^4.0.0"
+    remark-lint-no-literal-urls "^3.0.0"
+    remark-lint-no-multiple-toplevel-headings "^3.0.0"
+    remark-lint-no-shell-dollars "^3.0.0"
+    remark-lint-no-shortcut-reference-image "^3.0.0"
+    remark-lint-no-shortcut-reference-link "^3.0.0"
+    remark-lint-no-table-indentation "^4.0.0"
+    remark-lint-ordered-list-marker-style "^3.0.0"
+    remark-lint-ordered-list-marker-value "^3.0.0"
+    remark-lint-rule-style "^3.0.0"
+    remark-lint-strong-marker "^3.0.0"
+    remark-lint-table-cell-padding "^4.0.0"
+    remark-lint-table-pipe-alignment "^3.0.0"
+    remark-lint-table-pipes "^4.0.0"
+    remark-lint-unordered-list-marker-style "^3.0.0"
+    unified "^10.0.0"
+
+remark-preset-lint-recommended@^6.1.2:
+  version "6.1.2"
+  resolved "https://registry.yarnpkg.com/remark-preset-lint-recommended/-/remark-preset-lint-recommended-6.1.2.tgz#268eeaab887cef79e6b22fde046e65cf11abcf67"
+  integrity sha512-x9kWufNY8PNAhY4fsl+KD3atgQdo4imP3GDAQYbQ6ylWVyX13suPRLkqnupW0ODRynfUg8ZRt8pVX0wMHwgPAg==
+  dependencies:
+    "@types/mdast" "^3.0.0"
+    remark-lint "^9.0.0"
+    remark-lint-final-newline "^2.0.0"
+    remark-lint-hard-break-spaces "^3.0.0"
+    remark-lint-list-item-bullet-indent "^4.0.0"
+    remark-lint-list-item-indent "^3.0.0"
+    remark-lint-no-blockquote-without-marker "^5.0.0"
+    remark-lint-no-duplicate-definitions "^3.0.0"
+    remark-lint-no-heading-content-indent "^4.0.0"
+    remark-lint-no-inline-padding "^4.0.0"
+    remark-lint-no-literal-urls "^3.0.0"
+    remark-lint-no-shortcut-reference-image "^3.0.0"
+    remark-lint-no-shortcut-reference-link "^3.0.0"
+    remark-lint-no-undefined-references "^4.0.0"
+    remark-lint-no-unused-definitions "^3.0.0"
+    remark-lint-ordered-list-marker-style "^3.0.0"
+    unified "^10.0.0"
+
 remark-squeeze-paragraphs@4.0.0:
   version "4.0.0"
   resolved "https://registry.yarnpkg.com/remark-squeeze-paragraphs/-/remark-squeeze-paragraphs-4.0.0.tgz#76eb0e085295131c84748c8e43810159c5653ead"
@@ -6405,6 +7874,25 @@ remark-squeeze-paragraphs@4.0.0:
   dependencies:
     mdast-squeeze-paragraphs "^4.0.0"
 
+remark-stringify@^10.0.0:
+  version "10.0.2"
+  resolved "https://registry.yarnpkg.com/remark-stringify/-/remark-stringify-10.0.2.tgz#50414a6983f5008eb9e72eed05f980582d1f69d7"
+  integrity sha512-6wV3pvbPvHkbNnWB0wdDvVFHOe1hBRAx1Q/5g/EpH4RppAII6J8Gnwe7VbHuXaoKIF6LAg6ExTel/+kNqSQ7lw==
+  dependencies:
+    "@types/mdast" "^3.0.0"
+    mdast-util-to-markdown "^1.0.0"
+    unified "^10.0.0"
+
+remark@^14.0.0:
+  version "14.0.2"
+  resolved "https://registry.yarnpkg.com/remark/-/remark-14.0.2.tgz#4a1833f7441a5c29e44b37bb1843fb820797b40f"
+  integrity sha512-A3ARm2V4BgiRXaUo5K0dRvJ1lbogrbXnhkJRmD0yw092/Yl0kOCZt1k9ZeElEwkZsWGsMumz6qL5MfNJH9nOBA==
+  dependencies:
+    "@types/mdast" "^3.0.0"
+    remark-parse "^10.0.0"
+    remark-stringify "^10.0.0"
+    unified "^10.0.0"
+
 renderkid@^3.0.0:
   version "3.0.0"
   resolved "https://registry.yarnpkg.com/renderkid/-/renderkid-3.0.0.tgz#5fd823e4d6951d37358ecc9a58b1f06836b6268a"
@@ -6518,6 +8006,13 @@ rxjs@^7.5.4:
   dependencies:
     tslib "^2.1.0"
 
+sade@^1.7.3:
+  version "1.8.1"
+  resolved "https://registry.yarnpkg.com/sade/-/sade-1.8.1.tgz#0a78e81d658d394887be57d2a409bf703a3b2701"
+  integrity sha512-xal3CZX1Xlo/k4ApwCFrHVACi9fBqJ7V+mwhBsuf/1IOKbBy098Fex+Wa/5QMubw09pSZ/u8EY8PWgevJsXp1A==
+  dependencies:
+    mri "^1.1.0"
+
 safe-buffer@5.1.2, safe-buffer@~5.1.0, safe-buffer@~5.1.1:
   version "5.1.2"
   resolved "https://registry.yarnpkg.com/safe-buffer/-/safe-buffer-5.1.2.tgz#991ec69d296e0313747d59bdfd2b745c35f8828d"
@@ -6620,7 +8115,7 @@ semver@^6.0.0, semver@^6.1.1, semver@^6.1.2, semver@^6.2.0, semver@^6.3.0:
   resolved "https://registry.yarnpkg.com/semver/-/semver-6.3.0.tgz#ee0a64c8af5e8ceea67687b133761e1becbd1d3d"
   integrity sha512-b39TBaTSfV6yBrapU89p5fKekE2m/NwnDocOVruQFS1/veMgdzuPcnOM34M6CwxW8jH/lxEa5rBoDeUwu5HHTw==
 
-semver@^7.3.2, semver@^7.3.4, semver@^7.3.7, semver@^7.3.8:
+semver@^7.3.2, semver@^7.3.4, semver@^7.3.5, semver@^7.3.7, semver@^7.3.8:
   version "7.3.8"
   resolved "https://registry.yarnpkg.com/semver/-/semver-7.3.8.tgz#07a78feafb3f7b32347d725e33de7e2a2df67798"
   integrity sha512-NB1ctGL5rlHrPJtFDVIVzTyQylMLu9N9VICA6HSFJo8MCGVTMW6gfpicwKmmK/dAjTOrqu5l63JJOpDSrAis3A==
@@ -6800,6 +8295,13 @@ sockjs@^0.3.24:
     uuid "^8.3.2"
     websocket-driver "^0.7.4"
 
+solid-js@^1.3.0:
+  version "1.6.11"
+  resolved "https://registry.yarnpkg.com/solid-js/-/solid-js-1.6.11.tgz#263a512bf94efd89245a77f58dc18c195302237f"
+  integrity sha512-JquQQHPArGq+i2PLURxJ99Pcz2/1docpbycSio/cKSA0SeI3z5zRjy0TNcH4NRYvbOLrcini+iovXwnexKabyw==
+  dependencies:
+    csstype "^3.1.0"
+
 sort-css-media-queries@2.1.0:
   version "2.1.0"
   resolved "https://registry.yarnpkg.com/sort-css-media-queries/-/sort-css-media-queries-2.1.0.tgz#7c85e06f79826baabb232f5560e9745d7a78c4ce"
@@ -6895,7 +8397,7 @@ string-width@^4.0.0, string-width@^4.1.0, string-width@^4.2.0, string-width@^4.2
     is-fullwidth-code-point "^3.0.0"
     strip-ansi "^6.0.1"
 
-string-width@^5.0.1:
+string-width@^5.0.0, string-width@^5.0.1:
   version "5.1.2"
   resolved "https://registry.yarnpkg.com/string-width/-/string-width-5.1.2.tgz#14f8daec6d81e7221d2a357e668cab73bdbca794"
   integrity sha512-HnLOCR3vjcY8beoNLtcjZ5/nxn2afmME6lhrDrebokqMap+XbeW8n9TXpPDOqdGK5qcI3oT0GKTW6wC7EMiVqA==
@@ -6918,6 +8420,14 @@ string_decoder@~1.1.1:
   dependencies:
     safe-buffer "~5.1.0"
 
+stringify-entities@^4.0.0:
+  version "4.0.3"
+  resolved "https://registry.yarnpkg.com/stringify-entities/-/stringify-entities-4.0.3.tgz#cfabd7039d22ad30f3cc435b0ca2c1574fc88ef8"
+  integrity sha512-BP9nNHMhhfcMbiuQKCqMjhDP5yBCAxsPu4pHFFzJ6Alo9dZgY4VLDPutXqIjpRiMoKdp7Av85Gr73Q5uH9k7+g==
+  dependencies:
+    character-entities-html4 "^2.0.0"
+    character-entities-legacy "^3.0.0"
+
 stringify-object@^3.3.0:
   version "3.3.0"
   resolved "https://registry.yarnpkg.com/stringify-object/-/stringify-object-3.3.0.tgz#703065aefca19300d3ce88af4f5b3956d7556629"
@@ -6997,6 +8507,11 @@ supports-color@^8.0.0:
   dependencies:
     has-flag "^4.0.0"
 
+supports-color@^9.0.0:
+  version "9.3.1"
+  resolved "https://registry.yarnpkg.com/supports-color/-/supports-color-9.3.1.tgz#34e4ad3c71c9a39dae3254ecc46c9b74e89e15a6"
+  integrity sha512-knBY82pjmnIzK3NifMo3RxEIRD9E0kIzV4BKcyTZ9+9kWgLMxd4PrsTSMoFQUabgRBbF8KOLRDCyKgNV+iK44Q==
+
 supports-preserve-symlinks-flag@^1.0.0:
   version "1.0.0"
   resolved "https://registry.yarnpkg.com/supports-preserve-symlinks-flag/-/supports-preserve-symlinks-flag-1.0.0.tgz#6eda4bd344a3c94aea376d4cc31bc77311039e09"
@@ -7088,6 +8603,14 @@ to-regex-range@^5.0.1:
   dependencies:
     is-number "^7.0.0"
 
+to-vfile@^7.0.0:
+  version "7.2.4"
+  resolved "https://registry.yarnpkg.com/to-vfile/-/to-vfile-7.2.4.tgz#b97ecfcc15905ffe020bc975879053928b671378"
+  integrity sha512-2eQ+rJ2qGbyw3senPI0qjuM7aut8IYXK6AEoOWb+fJx/mQYzviTckm1wDjq91QYHAPBTYzmdJXxMFA6Mk14mdw==
+  dependencies:
+    is-buffer "^2.0.0"
+    vfile "^5.1.0"
+
 toidentifier@1.0.1:
   version "1.0.1"
   resolved "https://registry.yarnpkg.com/toidentifier/-/toidentifier-1.0.1.tgz#3be34321a88a820ed1bd80dfaa33e479fbb8dd35"
@@ -7118,6 +8641,11 @@ trough@^1.0.0:
   resolved "https://registry.yarnpkg.com/trough/-/trough-1.0.5.tgz#b8b639cefad7d0bb2abd37d433ff8293efa5f406"
   integrity sha512-rvuRbTarPXmMb79SmzEp8aqXNKcK+y0XaB298IXueQ8I2PsrATcPBCSPyK/dDNa2iWOhKlfNnOjdAOTBU/nkFA==
 
+trough@^2.0.0:
+  version "2.1.0"
+  resolved "https://registry.yarnpkg.com/trough/-/trough-2.1.0.tgz#0f7b511a4fde65a46f18477ab38849b22c554876"
+  integrity sha512-AqTiAOLcj85xS7vQ8QkAV41hPDIJ71XJB4RCUrzo/1GM2CQwhkJGaf9Hgr7BOugMRpgGUrqRg/DrBDl4H40+8g==
+
 tslib@^2.0.3, tslib@^2.1.0, tslib@^2.4.0:
   version "2.5.0"
   resolved "https://registry.yarnpkg.com/tslib/-/tslib-2.5.0.tgz#42bfed86f5787aeb41d031866c8f402429e0fddf"
@@ -7148,6 +8676,16 @@ typedarray-to-buffer@^3.1.5:
   dependencies:
     is-typedarray "^1.0.0"
 
+typedarray@^0.0.6:
+  version "0.0.6"
+  resolved "https://registry.yarnpkg.com/typedarray/-/typedarray-0.0.6.tgz#867ac74e3864187b1d3d47d996a78ec5c8830777"
+  integrity sha512-/aCDEGatGvZ2BIk+HmLf4ifCJFwvKFNb9/JeZPMulfgFracn9QFcAf5GO8B/mweUjSoblS5In0cWhqpfs/5PQA==
+
+typescript@^4.7.4:
+  version "4.9.5"
+  resolved "https://registry.yarnpkg.com/typescript/-/typescript-4.9.5.tgz#095979f9bcc0d09da324d58d03ce8f8374cbe65a"
+  integrity sha512-1FXk9E2Hm+QzZQ7z+McJiHL4NW1F2EzMu9Nq9i3zAaGqibafqYwCVU6WyWAuyQRRzOlxou8xZSyXLEN8oKj24g==
+
 ua-parser-js@^0.7.30:
   version "0.7.33"
   resolved "https://registry.yarnpkg.com/ua-parser-js/-/ua-parser-js-0.7.33.tgz#1d04acb4ccef9293df6f70f2c3d22f3030d8b532"
@@ -7189,6 +8727,71 @@ unicode-property-aliases-ecmascript@^2.0.0:
   resolved "https://registry.yarnpkg.com/unicode-property-aliases-ecmascript/-/unicode-property-aliases-ecmascript-2.1.0.tgz#43d41e3be698bd493ef911077c9b131f827e8ccd"
   integrity sha512-6t3foTQI9qne+OZoVQB/8x8rk2k1eVy1gRXhV3oFQ5T6R1dqQ1xtin3XqSlx3+ATBkliTaR/hHyJBm+LVPNM8w==
 
+unified-args@^10.0.0:
+  version "10.0.0"
+  resolved "https://registry.yarnpkg.com/unified-args/-/unified-args-10.0.0.tgz#95994c5558fea83ff07006cb560fd88cdcf31134"
+  integrity sha512-PqsqxwkXpGSLiMkbjNnKU33Ffm6gso6rAvz1TlBGzMBx3gpx7ewIhViBX8HEWmy0v7pebA5PM6RkRWWaYmtfYw==
+  dependencies:
+    "@types/text-table" "^0.2.0"
+    camelcase "^7.0.0"
+    chalk "^5.0.0"
+    chokidar "^3.0.0"
+    fault "^2.0.0"
+    json5 "^2.0.0"
+    minimist "^1.0.0"
+    text-table "^0.2.0"
+    unified-engine "^10.0.0"
+
+unified-engine@^10.0.0:
+  version "10.1.0"
+  resolved "https://registry.yarnpkg.com/unified-engine/-/unified-engine-10.1.0.tgz#6899f00d1f53ee9af94f7abd0ec21242aae3f56c"
+  integrity sha512-5+JDIs4hqKfHnJcVCxTid1yBoI/++FfF/1PFdSMpaftZZZY+qg2JFruRbf7PaIwa9KgLotXQV3gSjtY0IdcFGQ==
+  dependencies:
+    "@types/concat-stream" "^2.0.0"
+    "@types/debug" "^4.0.0"
+    "@types/is-empty" "^1.0.0"
+    "@types/node" "^18.0.0"
+    "@types/unist" "^2.0.0"
+    concat-stream "^2.0.0"
+    debug "^4.0.0"
+    fault "^2.0.0"
+    glob "^8.0.0"
+    ignore "^5.0.0"
+    is-buffer "^2.0.0"
+    is-empty "^1.0.0"
+    is-plain-obj "^4.0.0"
+    load-plugin "^5.0.0"
+    parse-json "^6.0.0"
+    to-vfile "^7.0.0"
+    trough "^2.0.0"
+    unist-util-inspect "^7.0.0"
+    vfile-message "^3.0.0"
+    vfile-reporter "^7.0.0"
+    vfile-statistics "^2.0.0"
+    yaml "^2.0.0"
+
+unified-lint-rule@^2.0.0:
+  version "2.1.1"
+  resolved "https://registry.yarnpkg.com/unified-lint-rule/-/unified-lint-rule-2.1.1.tgz#2363f27064f0b44675d11119bb573a738e346f24"
+  integrity sha512-vsLHyLZFstqtGse2gvrGwasOmH8M2y+r2kQMoDSWzSqUkQx2MjHjvZuGSv5FUaiv4RQO1bHRajy7lSGp7XWq5A==
+  dependencies:
+    "@types/unist" "^2.0.0"
+    trough "^2.0.0"
+    unified "^10.0.0"
+    vfile "^5.0.0"
+
+unified-message-control@^4.0.0:
+  version "4.0.0"
+  resolved "https://registry.yarnpkg.com/unified-message-control/-/unified-message-control-4.0.0.tgz#7cd313df526fc660f218b19a56377bb6957019a8"
+  integrity sha512-1b92N+VkPHftOsvXNOtkJm4wHlr+UDmTBF2dUzepn40oy9NxanJ9xS1RwUBTjXJwqr2K0kMbEyv1Krdsho7+Iw==
+  dependencies:
+    "@types/unist" "^2.0.0"
+    unist-util-is "^5.0.0"
+    unist-util-visit "^3.0.0"
+    vfile "^5.0.0"
+    vfile-location "^4.0.0"
+    vfile-message "^3.0.0"
+
 unified@9.2.0:
   version "9.2.0"
   resolved "https://registry.yarnpkg.com/unified/-/unified-9.2.0.tgz#67a62c627c40589edebbf60f53edfd4d822027f8"
@@ -7201,6 +8804,19 @@ unified@9.2.0:
     trough "^1.0.0"
     vfile "^4.0.0"
 
+unified@^10.0.0, unified@^10.1.0:
+  version "10.1.2"
+  resolved "https://registry.yarnpkg.com/unified/-/unified-10.1.2.tgz#b1d64e55dafe1f0b98bb6c719881103ecf6c86df"
+  integrity sha512-pUSWAi/RAnVy1Pif2kAoeWNBa3JVrx0MId2LASj8G+7AiHWoKZNTomq6LG326T68U7/e263X6fTdcXIy7XnF7Q==
+  dependencies:
+    "@types/unist" "^2.0.0"
+    bail "^2.0.0"
+    extend "^3.0.0"
+    is-buffer "^2.0.0"
+    is-plain-obj "^4.0.0"
+    trough "^2.0.0"
+    vfile "^5.0.0"
+
 unified@^9.2.2:
   version "9.2.2"
   resolved "https://registry.yarnpkg.com/unified/-/unified-9.2.2.tgz#67649a1abfc3ab85d2969502902775eb03146975"
@@ -7230,16 +8846,47 @@ unist-util-generated@^1.0.0:
   resolved "https://registry.yarnpkg.com/unist-util-generated/-/unist-util-generated-1.1.6.tgz#5ab51f689e2992a472beb1b35f2ce7ff2f324d4b"
   integrity sha512-cln2Mm1/CZzN5ttGK7vkoGw+RZ8VcUH6BtGbq98DDtRGquAAOXig1mrBQYelOwMXYS8rK+vZDyyojSjp7JX+Lg==
 
+unist-util-generated@^2.0.0:
+  version "2.0.1"
+  resolved "https://registry.yarnpkg.com/unist-util-generated/-/unist-util-generated-2.0.1.tgz#e37c50af35d3ed185ac6ceacb6ca0afb28a85cae"
+  integrity sha512-qF72kLmPxAw0oN2fwpWIqbXAVyEqUzDHMsbtPvOudIlUzXYFIeQIuxXQCRCFh22B7cixvU0MG7m3MW8FTq/S+A==
+
+unist-util-inspect@^7.0.0:
+  version "7.0.2"
+  resolved "https://registry.yarnpkg.com/unist-util-inspect/-/unist-util-inspect-7.0.2.tgz#858e4f02ee4053f7c6ada8bc81662901a0ee1893"
+  integrity sha512-Op0XnmHUl6C2zo/yJCwhXQSm/SmW22eDZdWP2qdf4WpGrgO1ZxFodq+5zFyeRGasFjJotAnLgfuD1jkcKqiH1Q==
+  dependencies:
+    "@types/unist" "^2.0.0"
+
 unist-util-is@^4.0.0:
   version "4.1.0"
   resolved "https://registry.yarnpkg.com/unist-util-is/-/unist-util-is-4.1.0.tgz#976e5f462a7a5de73d94b706bac1b90671b57797"
   integrity sha512-ZOQSsnce92GrxSqlnEEseX0gi7GH9zTJZ0p9dtu87WRb/37mMPO2Ilx1s/t9vBHrFhbgweUwb+t7cIn5dxPhZg==
 
+unist-util-is@^5.0.0:
+  version "5.2.0"
+  resolved "https://registry.yarnpkg.com/unist-util-is/-/unist-util-is-5.2.0.tgz#37eed0617b76c114fd34d44c201aa96fd928b309"
+  integrity sha512-Glt17jWwZeyqrFqOK0pF1Ded5U3yzJnFr8CG1GMjCWTp9zDo2p+cmD6pWbZU8AgM5WU3IzRv6+rBwhzsGh6hBQ==
+
+unist-util-position-from-estree@^1.0.0, unist-util-position-from-estree@^1.1.0:
+  version "1.1.2"
+  resolved "https://registry.yarnpkg.com/unist-util-position-from-estree/-/unist-util-position-from-estree-1.1.2.tgz#8ac2480027229de76512079e377afbcabcfcce22"
+  integrity sha512-poZa0eXpS+/XpoQwGwl79UUdea4ol2ZuCYguVaJS4qzIOMDzbqz8a3erUCOmubSZkaOuGamb3tX790iwOIROww==
+  dependencies:
+    "@types/unist" "^2.0.0"
+
 unist-util-position@^3.0.0:
   version "3.1.0"
   resolved "https://registry.yarnpkg.com/unist-util-position/-/unist-util-position-3.1.0.tgz#1c42ee6301f8d52f47d14f62bbdb796571fa2d47"
   integrity sha512-w+PkwCbYSFw8vpgWD0v7zRCl1FpY3fjDSQ3/N/wNd9Ffa4gPi8+4keqt99N3XW6F99t/mUzp2xAhNmfKWp95QA==
 
+unist-util-position@^4.0.0:
+  version "4.0.4"
+  resolved "https://registry.yarnpkg.com/unist-util-position/-/unist-util-position-4.0.4.tgz#93f6d8c7d6b373d9b825844645877c127455f037"
+  integrity sha512-kUBE91efOWfIVBo8xzh/uZQ7p9ffYRtUbMRZBNFYwf0RK8koUMx6dGUfwylLOKmaT2cs4wSW96QoYUSXAyEtpg==
+  dependencies:
+    "@types/unist" "^2.0.0"
+
 unist-util-remove-position@^2.0.0:
   version "2.0.1"
   resolved "https://registry.yarnpkg.com/unist-util-remove-position/-/unist-util-remove-position-2.0.1.tgz#5d19ca79fdba712301999b2b73553ca8f3b352cc"
@@ -7247,6 +8894,14 @@ unist-util-remove-position@^2.0.0:
   dependencies:
     unist-util-visit "^2.0.0"
 
+unist-util-remove-position@^4.0.0:
+  version "4.0.2"
+  resolved "https://registry.yarnpkg.com/unist-util-remove-position/-/unist-util-remove-position-4.0.2.tgz#a89be6ea72e23b1a402350832b02a91f6a9afe51"
+  integrity sha512-TkBb0HABNmxzAcfLf4qsIbFbaPDvMO6wa3b3j4VcEzFVaw1LBKwnW4/sRJ/atSLSzoIg41JWEdnE7N6DIhGDGQ==
+  dependencies:
+    "@types/unist" "^2.0.0"
+    unist-util-visit "^4.0.0"
+
 unist-util-remove@^2.0.0:
   version "2.1.0"
   resolved "https://registry.yarnpkg.com/unist-util-remove/-/unist-util-remove-2.1.0.tgz#b0b4738aa7ee445c402fda9328d604a02d010588"
@@ -7261,6 +8916,13 @@ unist-util-stringify-position@^2.0.0:
   dependencies:
     "@types/unist" "^2.0.2"
 
+unist-util-stringify-position@^3.0.0:
+  version "3.0.3"
+  resolved "https://registry.yarnpkg.com/unist-util-stringify-position/-/unist-util-stringify-position-3.0.3.tgz#03ad3348210c2d930772d64b489580c13a7db39d"
+  integrity sha512-k5GzIBZ/QatR8N5X2y+drfpWG8IDBzdnVj6OInRNWm1oXrzydiaAT2OQiA8DPRRZyAKb9b6I2a6PxYklZD0gKg==
+  dependencies:
+    "@types/unist" "^2.0.0"
+
 unist-util-visit-parents@^3.0.0:
   version "3.1.1"
   resolved "https://registry.yarnpkg.com/unist-util-visit-parents/-/unist-util-visit-parents-3.1.1.tgz#65a6ce698f78a6b0f56aa0e88f13801886cdaef6"
@@ -7269,6 +8931,22 @@ unist-util-visit-parents@^3.0.0:
     "@types/unist" "^2.0.0"
     unist-util-is "^4.0.0"
 
+unist-util-visit-parents@^4.0.0:
+  version "4.1.1"
+  resolved "https://registry.yarnpkg.com/unist-util-visit-parents/-/unist-util-visit-parents-4.1.1.tgz#e83559a4ad7e6048a46b1bdb22614f2f3f4724f2"
+  integrity sha512-1xAFJXAKpnnJl8G7K5KgU7FY55y3GcLIXqkzUj5QF/QVP7biUm0K0O2oqVkYsdjzJKifYeWn9+o6piAK2hGSHw==
+  dependencies:
+    "@types/unist" "^2.0.0"
+    unist-util-is "^5.0.0"
+
+unist-util-visit-parents@^5.1.1:
+  version "5.1.3"
+  resolved "https://registry.yarnpkg.com/unist-util-visit-parents/-/unist-util-visit-parents-5.1.3.tgz#b4520811b0ca34285633785045df7a8d6776cfeb"
+  integrity sha512-x6+y8g7wWMyQhL1iZfhIPhDAs7Xwbn9nRosDXl7qoPTSCy0yNxnKc+hWokFifWQIDGi154rdUqKvbCa4+1kLhg==
+  dependencies:
+    "@types/unist" "^2.0.0"
+    unist-util-is "^5.0.0"
+
 unist-util-visit@2.0.3, unist-util-visit@^2.0.0, unist-util-visit@^2.0.3:
   version "2.0.3"
   resolved "https://registry.yarnpkg.com/unist-util-visit/-/unist-util-visit-2.0.3.tgz#c3703893146df47203bb8a9795af47d7b971208c"
@@ -7278,6 +8956,24 @@ unist-util-visit@2.0.3, unist-util-visit@^2.0.0, unist-util-visit@^2.0.3:
     unist-util-is "^4.0.0"
     unist-util-visit-parents "^3.0.0"
 
+unist-util-visit@^3.0.0:
+  version "3.1.0"
+  resolved "https://registry.yarnpkg.com/unist-util-visit/-/unist-util-visit-3.1.0.tgz#9420d285e1aee938c7d9acbafc8e160186dbaf7b"
+  integrity sha512-Szoh+R/Ll68QWAyQyZZpQzZQm2UPbxibDvaY8Xc9SUtYgPsDzx5AWSk++UUt2hJuow8mvwR+rG+LQLw+KsuAKA==
+  dependencies:
+    "@types/unist" "^2.0.0"
+    unist-util-is "^5.0.0"
+    unist-util-visit-parents "^4.0.0"
+
+unist-util-visit@^4.0.0:
+  version "4.1.2"
+  resolved "https://registry.yarnpkg.com/unist-util-visit/-/unist-util-visit-4.1.2.tgz#125a42d1eb876283715a3cb5cceaa531828c72e2"
+  integrity sha512-MSd8OUGISqHdVvfY9TPhyK2VdUrPgxkUtWSuMHF6XAAFuL4LokseigBnZtPnJMu+FbynTkFNnFlyjxpVKujMRg==
+  dependencies:
+    "@types/unist" "^2.0.0"
+    unist-util-is "^5.0.0"
+    unist-util-visit-parents "^5.1.1"
+
 universalify@^2.0.0:
   version "2.0.0"
   resolved "https://registry.yarnpkg.com/universalify/-/universalify-2.0.0.tgz#75a4984efedc4b08975c5aeb73f530d02df25717"
@@ -7386,6 +9082,16 @@ uuid@^8.3.2:
   resolved "https://registry.yarnpkg.com/uuid/-/uuid-8.3.2.tgz#80d5b5ced271bb9af6c445f21a1a04c606cefbe2"
   integrity sha512-+NYs2QeMWy+GWFOEm9xnn6HCDp0l7QBD7ml8zLUmJ+93Q5NF0NocErnwkTkXVFNiX3/fpC6afS8Dhb/gz7R7eg==
 
+uvu@^0.5.0:
+  version "0.5.6"
+  resolved "https://registry.yarnpkg.com/uvu/-/uvu-0.5.6.tgz#2754ca20bcb0bb59b64e9985e84d2e81058502df"
+  integrity sha512-+g8ENReyr8YsOc6fv/NVJs2vFdHBnBNdfE49rshrTzDWOlUx4Gq7KOS2GD8eqhy2j+Ejq29+SbKH8yjkAqXqoA==
+  dependencies:
+    dequal "^2.0.0"
+    diff "^5.0.0"
+    kleur "^4.0.3"
+    sade "^1.7.3"
+
 value-equal@^1.0.1:
   version "1.0.1"
   resolved "https://registry.yarnpkg.com/value-equal/-/value-equal-1.0.1.tgz#1e0b794c734c5c0cade179c437d356d931a34d6c"
@@ -7401,6 +9107,14 @@ vfile-location@^3.0.0, vfile-location@^3.2.0:
   resolved "https://registry.yarnpkg.com/vfile-location/-/vfile-location-3.2.0.tgz#d8e41fbcbd406063669ebf6c33d56ae8721d0f3c"
   integrity sha512-aLEIZKv/oxuCDZ8lkJGhuhztf/BW4M+iHdCwglA/eWc+vtuRFJj8EtgceYFX4LRjOhCAAiNHsKGssC6onJ+jbA==
 
+vfile-location@^4.0.0:
+  version "4.1.0"
+  resolved "https://registry.yarnpkg.com/vfile-location/-/vfile-location-4.1.0.tgz#69df82fb9ef0a38d0d02b90dd84620e120050dd0"
+  integrity sha512-YF23YMyASIIJXpktBa4vIGLJ5Gs88UB/XePgqPmTa7cDA+JeO3yclbpheQYCHjVHBn/yePzrXuygIL+xbvRYHw==
+  dependencies:
+    "@types/unist" "^2.0.0"
+    vfile "^5.0.0"
+
 vfile-message@^2.0.0:
   version "2.0.4"
   resolved "https://registry.yarnpkg.com/vfile-message/-/vfile-message-2.0.4.tgz#5b43b88171d409eae58477d13f23dd41d52c371a"
@@ -7409,6 +9123,44 @@ vfile-message@^2.0.0:
     "@types/unist" "^2.0.0"
     unist-util-stringify-position "^2.0.0"
 
+vfile-message@^3.0.0:
+  version "3.1.4"
+  resolved "https://registry.yarnpkg.com/vfile-message/-/vfile-message-3.1.4.tgz#15a50816ae7d7c2d1fa87090a7f9f96612b59dea"
+  integrity sha512-fa0Z6P8HUrQN4BZaX05SIVXic+7kE3b05PWAtPuYP9QLHsLKYR7/AlLW3NtOrpXRLeawpDLMsVkmk5DG0NXgWw==
+  dependencies:
+    "@types/unist" "^2.0.0"
+    unist-util-stringify-position "^3.0.0"
+
+vfile-reporter@^7.0.0:
+  version "7.0.5"
+  resolved "https://registry.yarnpkg.com/vfile-reporter/-/vfile-reporter-7.0.5.tgz#a0cbf3922c08ad428d6db1161ec64a53b5725785"
+  integrity sha512-NdWWXkv6gcd7AZMvDomlQbK3MqFWL1RlGzMn++/O2TI+68+nqxCPTvLugdOtfSzXmjh+xUyhp07HhlrbJjT+mw==
+  dependencies:
+    "@types/supports-color" "^8.0.0"
+    string-width "^5.0.0"
+    supports-color "^9.0.0"
+    unist-util-stringify-position "^3.0.0"
+    vfile "^5.0.0"
+    vfile-message "^3.0.0"
+    vfile-sort "^3.0.0"
+    vfile-statistics "^2.0.0"
+
+vfile-sort@^3.0.0:
+  version "3.0.1"
+  resolved "https://registry.yarnpkg.com/vfile-sort/-/vfile-sort-3.0.1.tgz#4b06ec63e2946749b0bb514e736554cd75e441a2"
+  integrity sha512-1os1733XY6y0D5x0ugqSeaVJm9lYgj0j5qdcZQFyxlZOSy1jYarL77lLyb5gK4Wqr1d5OxmuyflSO3zKyFnTFw==
+  dependencies:
+    vfile "^5.0.0"
+    vfile-message "^3.0.0"
+
+vfile-statistics@^2.0.0:
+  version "2.0.1"
+  resolved "https://registry.yarnpkg.com/vfile-statistics/-/vfile-statistics-2.0.1.tgz#2e1adae1cd3a45c1ed4f2a24bd103c3d71e4bce3"
+  integrity sha512-W6dkECZmP32EG/l+dp2jCLdYzmnDBIw6jwiLZSER81oR5AHRcVqL+k3Z+pfH1R73le6ayDkJRMk0sutj1bMVeg==
+  dependencies:
+    vfile "^5.0.0"
+    vfile-message "^3.0.0"
+
 vfile@^4.0.0:
   version "4.2.1"
   resolved "https://registry.yarnpkg.com/vfile/-/vfile-4.2.1.tgz#03f1dce28fc625c625bc6514350fbdb00fa9e624"
@@ -7419,6 +9171,16 @@ vfile@^4.0.0:
     unist-util-stringify-position "^2.0.0"
     vfile-message "^2.0.0"
 
+vfile@^5.0.0, vfile@^5.1.0:
+  version "5.3.7"
+  resolved "https://registry.yarnpkg.com/vfile/-/vfile-5.3.7.tgz#de0677e6683e3380fafc46544cfe603118826ab7"
+  integrity sha512-r7qlzkgErKjobAmyNIkkSpizsFPYiUPuJb5pNW1RB4JcYVZhs4lIbVqk8XPk033CV/1z8ss5pkax8SuhGpcG8g==
+  dependencies:
+    "@types/unist" "^2.0.0"
+    is-buffer "^2.0.0"
+    unist-util-stringify-position "^3.0.0"
+    vfile-message "^3.0.0"
+
 wait-on@^6.0.1:
   version "6.0.1"
   resolved "https://registry.yarnpkg.com/wait-on/-/wait-on-6.0.1.tgz#16bbc4d1e4ebdd41c5b4e63a2e16dbd1f4e5601e"
@@ -7430,6 +9192,11 @@ wait-on@^6.0.1:
     minimist "^1.2.5"
     rxjs "^7.5.4"
 
+walk-up-path@^1.0.0:
+  version "1.0.0"
+  resolved "https://registry.yarnpkg.com/walk-up-path/-/walk-up-path-1.0.0.tgz#d4745e893dd5fd0dbb58dd0a4c6a33d9c9fec53e"
+  integrity sha512-hwj/qMDUEjCU5h0xr90KGCf0tg0/LgJbmOWgrWKYlcJZM7XvquvUJZ0G/HMGr7F7OQMOUuPHWP9JpriinkAlkg==
+
 watchpack@^2.4.0:
   version "2.4.0"
   resolved "https://registry.yarnpkg.com/watchpack/-/watchpack-2.4.0.tgz#fa33032374962c78113f93c7f2fb4c54c9862a5d"
@@ -7456,10 +9223,11 @@ webidl-conversions@^3.0.0:
   integrity sha512-2JAn3z8AR6rjK8Sm8orRC0h/bcl/DqL7tRPdGZ4I1CjdF+EaMLmYxBHyXuKL849eucPFhvBoxMsflfOb8kxaeQ==
 
 webpack-bundle-analyzer@^4.5.0:
-  version "4.7.0"
-  resolved "https://registry.yarnpkg.com/webpack-bundle-analyzer/-/webpack-bundle-analyzer-4.7.0.tgz#33c1c485a7fcae8627c547b5c3328b46de733c66"
-  integrity sha512-j9b8ynpJS4K+zfO5GGwsAcQX4ZHpWV+yRiHDiL+bE0XHJ8NiPYLTNVQdlFYWxtpg9lfAQNlwJg16J9AJtFSXRg==
+  version "4.8.0"
+  resolved "https://registry.yarnpkg.com/webpack-bundle-analyzer/-/webpack-bundle-analyzer-4.8.0.tgz#951b8aaf491f665d2ae325d8b84da229157b1d04"
+  integrity sha512-ZzoSBePshOKhr+hd8u6oCkZVwpVaXgpw23ScGLFpR6SjYI7+7iIWYarjN6OEYOfRt8o7ZyZZQk0DuMizJ+LEIg==
   dependencies:
+    "@discoveryjs/json-ext" "0.5.7"
     acorn "^8.0.4"
     acorn-walk "^8.0.0"
     chalk "^4.1.0"
@@ -7663,9 +9431,9 @@ ws@^7.3.1:
   integrity sha512-F+P9Jil7UiSKSkppIiD94dN07AwvFixvLIj1Og1Rl9GGMuNipJnV9JzjD6XuqmAeiswGvUmNLjr5cFuXwNS77Q==
 
 ws@^8.4.2:
-  version "8.12.0"
-  resolved "https://registry.yarnpkg.com/ws/-/ws-8.12.0.tgz#485074cc392689da78e1828a9ff23585e06cddd8"
-  integrity sha512-kU62emKIdKVeEIOIKVegvqpXMSTAMLJozpHZaJNDYqBjzlSYXQGviYwN1osDLJ9av68qHd4a2oSjd7yD4pacig==
+  version "8.12.1"
+  resolved "https://registry.yarnpkg.com/ws/-/ws-8.12.1.tgz#c51e583d79140b5e42e39be48c934131942d4a8f"
+  integrity sha512-1qo+M9Ba+xNhPB+YTWUlK6M17brTut5EXbcBaMRN5pH5dFrXz7lzz1ChFSUq3bOUl8yEvSenhHmYUNJxFzdJew==
 
 xdg-basedir@^4.0.0:
   version "4.0.0"
@@ -7699,6 +9467,11 @@ yaml@^1.10.0, yaml@^1.10.2, yaml@^1.7.2:
   resolved "https://registry.yarnpkg.com/yaml/-/yaml-1.10.2.tgz#2301c5ffbf12b467de8da2333a459e29e7920e4b"
   integrity sha512-r3vXyErRCYJ7wg28yvBY5VSoAF8ZvlcW9/BwUzEtUsjvX/DKs24dIkuwjtuprwJJHsbyUbLApepYTR1BN4uHrg==
 
+yaml@^2.0.0:
+  version "2.2.1"
+  resolved "https://registry.yarnpkg.com/yaml/-/yaml-2.2.1.tgz#3014bf0482dcd15147aa8e56109ce8632cd60ce4"
+  integrity sha512-e0WHiYql7+9wr4cWMx3TVQrNwejKaEe7/rHNmQmqRjazfOP5W8PB6Jpebb5o6fIapbz9o9+2ipcaTM2ZwDI6lw==
+
 yocto-queue@^0.1.0:
   version "0.1.0"
   resolved "https://registry.yarnpkg.com/yocto-queue/-/yocto-queue-0.1.0.tgz#0294eb3dee05028d31ee1a5fa2c556a6aaf10a1b"
@@ -7708,3 +9481,8 @@ zwitch@^1.0.0:
   version "1.0.5"
   resolved "https://registry.yarnpkg.com/zwitch/-/zwitch-1.0.5.tgz#d11d7381ffed16b742f6af7b3f223d5cd9fe9920"
   integrity sha512-V50KMwwzqJV0NpZIZFwfOD5/lyny3WlSzRiXgA0G7VUnRlqttta1L6UQIHzd6EuBY/cHGfwTIck7w1yH6Q5zUw==
+
+zwitch@^2.0.0:
+  version "2.0.4"
+  resolved "https://registry.yarnpkg.com/zwitch/-/zwitch-2.0.4.tgz#c827d4b0acb76fc3e685a4c6ec2902d51070e9d7"
+  integrity sha512-bXE4cR/kVZhKZX/RjPEflHaKVhUVl85noU3v6b8apfQEc1x4A+zBxjZ4lN8LqGd6WZ3dl98pY4o717VFmoPp+A==