Automated PR Testing (#2469)

2024-11-10 05:03:34 +01:00 · 2024-03-31 06:10:46 -05:00 · 2024-03-31 06:10:46 -05:00 · 632761cae1
commit 632761cae1
parent b536928661
63 changed files with 471 additions and 867 deletions
--- a/.github/ISSUE_TEMPLATE/1_Content_Correction.yml
+++ b/.github/ISSUE_TEMPLATE/1_Content_Correction.yml
@ -22,7 +22,6 @@ name: "Content Correction"
 description: Report any inaccurate, incorrect, or outdated information on the website.
 labels: ["t:correction"]
 body:
  - type: markdown
    attributes:
      value: |
--- a/.github/ISSUE_TEMPLATE/2_Website_Issues.yml
+++ b/.github/ISSUE_TEMPLATE/2_Website_Issues.yml
@ -24,7 +24,6 @@ labels: ["t:bug"]
 assignees:
  - jonaharagon
 body:
  - type: markdown
    attributes:
      value: |
--- a/.github/dependabot.yml
+++ b/.github/dependabot.yml
@ -21,7 +21,6 @@
 version: 2
 registries:
  github-privacyguides:
    type: git
    url: https://github.com
@ -29,7 +28,6 @@ registries:
    password: ${{secrets.REPO_PAT}}
 updates:
  # Maintain dependencies for GitHub Actions
  - package-ecosystem: "github-actions"
    directory: "/"
@ -51,7 +49,6 @@ updates:
      interval: "monthly"
    labels:
      - "fix:submodules"
 # Disabled because some updates tend to remove needed dependencies for some reason
 #  # Maintain dependencies for pipenv
--- a/.github/workflows/build-offline.yml
+++ b/.github/workflows/build-offline.yml
@ -1,113 +0,0 @@
 # Copyright (c) 2024 Jonah Aragon <jonah@triplebit.net>
 # Permission is hereby granted, free of charge, to any person obtaining a copy
 # of this software and associated documentation files (the "Software"), to
 # deal in the Software without restriction, including without limitation the
 # rights to use, copy, modify, merge, publish, distribute, sublicense, and/or
 # sell copies of the Software, and to permit persons to whom the Software is
 # furnished to do so, subject to the following conditions:
 # The above copyright notice and this permission notice shall be included in
 # all copies or substantial portions of the Software.
 # THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
 # IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
 # FITNESS FOR A PARTICULAR PURPOSE AND NON-INFRINGEMENT. IN NO EVENT SHALL THE
 # AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
 # LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
 # FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS
 # IN THE SOFTWARE.
 name: Build Offline Website
 on:
  workflow_call:
 permissions:
  contents: read
 jobs:
  build:
    runs-on: ubuntu-latest
    permissions:
      contents: read
    steps:
      - name: Checkout repository
        uses: actions/checkout@v4
        with:
          persist-credentials: 'false'
      - uses: actions/download-artifact@v4
        with:
          pattern: repo-*
          path: modules
      - run: |
          rmdir modules/mkdocs-material
          mv modules/repo-mkdocs-material-insiders modules/mkdocs-material
          rmdir theme/assets/brand
          mv modules/repo-brand theme/assets/brand
      - name: Python setup
        uses: actions/setup-python@v5
        with:
          cache: 'pipenv'
      - uses: actions/cache/restore@v4.0.2
        with:
          key: site-cache-${{ github.repository }}-en-${{ github.ref }}-${{ hashfiles('.cache/**') }}
          path: .cache
          restore-keys: |
            site-cache-${{ github.repository }}-en-${{ github.ref }}-
            site-cache-${{ github.repository }}-en-
      - name: Install Python dependencies
        run: |
          pip install pipenv
          pipenv install
          sudo apt install pngquant
      - name: Build website
        env:
          GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
          CARDS: false
        run: |
          pipenv run mkdocs build --config-file config/mkdocs-offline.yml
          pipenv run mkdocs --version
      - name: Package website
        run: |
          tar -czvf offline.tar.gz site
          zip -r -q offline.zip site
      - uses: actions/cache/save@v4.0.2
        with:
          key: site-cache-${{ github.repository }}-en-${{ github.ref }}-${{ hashfiles('.cache/**') }}
          path: .cache
      - name: Upload tar.gz file
        uses: actions/upload-artifact@v4
        with:
          name: offline.tar.gz
          path: offline.tar.gz
      - name: Upload zip file
        uses: actions/upload-artifact@v4
        with:
          name: offline.zip
          path: offline.zip
      - name: Create ZIM File
        uses: addnab/docker-run-action@v3
        with:
          image: ghcr.io/openzim/zim-tools:3.1.3
          options: -v ${{ github.workspace }}:/data
          run: |
            zimwriterfs -w index.html -I assets/brand/logos/png/square/pg-yellow.png -l eng -t "Privacy Guides" -d "Your central privacy and security resource to protect yourself online." -c "Privacy Guides" -p "Jonah Aragon" -n "Privacy Guides" -e "https://github.com/privacyguides/privacyguides.org" /data/site /data/offline-privacy_guides.zim
      - name: Upload ZIM file
        uses: actions/upload-artifact@v4
        with:
          name: offline-privacy_guides.zim
          path: offline-privacy_guides.zim
--- a/.github/workflows/build.yml
+++ b/.github/workflows/build.yml
@ -1,136 +0,0 @@
 # Copyright (c) 2024 Jonah Aragon <jonah@triplebit.net>
 # Permission is hereby granted, free of charge, to any person obtaining a copy
 # of this software and associated documentation files (the "Software"), to
 # deal in the Software without restriction, including without limitation the
 # rights to use, copy, modify, merge, publish, distribute, sublicense, and/or
 # sell copies of the Software, and to permit persons to whom the Software is
 # furnished to do so, subject to the following conditions:
 # The above copyright notice and this permission notice shall be included in
 # all copies or substantial portions of the Software.
 # THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
 # IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
 # FITNESS FOR A PARTICULAR PURPOSE AND NON-INFRINGEMENT. IN NO EVENT SHALL THE
 # AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
 # LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
 # FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS
 # IN THE SOFTWARE.
 name: Build Website
 on:
  workflow_call:
    inputs:
      ref:
        required: true
        type: string
      repo:
        required: true
        type: string
      lang:
        type: string
        default: en
      context:
        type: string
        default: deploy-preview
      continue-on-error:
        type: boolean
        default: true
 permissions:
  contents: read
 jobs:
  build:
    runs-on: ubuntu-latest
    continue-on-error: ${{ inputs.continue-on-error }}
    permissions:
      contents: read
    steps:
      - uses: actions/checkout@v4
        with:
          repository: ${{ inputs.repo }}
          ref: ${{ inputs.ref }}
          persist-credentials: 'false'
          fetch-depth: 0
      - uses: actions/download-artifact@v4
        with:
          pattern: repo-*
          path: modules
      - run: |
          rmdir modules/mkdocs-material
          mv modules/repo-mkdocs-material-insiders modules/mkdocs-material
          rmdir theme/assets/brand
          mv modules/repo-brand theme/assets/brand
      - if: inputs.lang != 'en'
        run: |
          cp -rl modules/repo-i18n/i18n .
          cp -rl modules/repo-i18n/includes .
          cp -rl modules/repo-i18n/theme .
      - uses: actions/setup-python@v5
        with:
          cache: 'pipenv'
      - uses: actions/cache/restore@v4.0.2
        with:
          key: site-cache-${{ inputs.repo }}-${{ inputs.ref }}-${{ hashfiles('.cache/**') }}
          path: .cache
          restore-keys: |
            site-cache-${{ inputs.repo }}-${{ inputs.ref }}-
            site-cache-${{ inputs.repo }}-
      - uses: actions/cache/restore@v4.0.2
        with:
          key: card-cache-${{ inputs.repo }}-${{ inputs.lang }}-${{ inputs.ref }}-${{ hashfiles('config/.cache/plugin/social/manifest.json') }}
          path: |
            config/.cache/plugin/social/manifest.json
            config/.cache/plugin/social/assets
          restore-keys: |
            card-cache-${{ inputs.repo }}-${{ inputs.lang }}-${{ inputs.ref }}-
            card-cache-${{ inputs.repo }}-${{ inputs.lang }}-
      - run: |
          pip install pipenv
          pipenv install
          sudo apt install pngquant
      - if: inputs.lang != 'en'
        uses: falti/dotenv-action@v1.1
        with:
          path: includes/strings.${{ inputs.lang }}.env
          export-variables: true
          keys-case: bypass
      - env:
          GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
          CONTEXT: ${{ inputs.context }}
          PRODUCTION: true
        run: |
          pipenv run mkdocs build --config-file config/mkdocs.${{ inputs.lang }}.yml
          cp -r static/* site/
          pipenv run mkdocs --version
          tar -czvf site-build-${{ inputs.lang }}.tar.gz site
      - uses: actions/cache/save@v4.0.2
        with:
          key: site-cache-${{ inputs.repo }}-${{ inputs.ref }}-${{ hashfiles('.cache/**') }}
          path: .cache
      - uses: actions/cache/save@v4.0.2
        with:
          key: card-cache-${{ inputs.repo }}-${{ inputs.lang }}-${{ inputs.ref }}-${{ hashfiles('config/.cache/plugin/social/manifest.json') }}
          path: |
            config/.cache/plugin/social/manifest.json
            config/.cache/plugin/social/assets
      - uses: actions/upload-artifact@v4
        with:
          name: site-build-${{ inputs.lang }}.tar.gz
          path: site-build-${{ inputs.lang }}.tar.gz
--- a/.github/workflows/cleanup.yml
+++ b/.github/workflows/cleanup.yml
@ -1,33 +0,0 @@
 # Copyright (c) 2024 Jonah Aragon <jonah@triplebit.net>
 # Permission is hereby granted, free of charge, to any person obtaining a copy
 # of this software and associated documentation files (the "Software"), to
 # deal in the Software without restriction, including without limitation the
 # rights to use, copy, modify, merge, publish, distribute, sublicense, and/or
 # sell copies of the Software, and to permit persons to whom the Software is
 # furnished to do so, subject to the following conditions:
 # The above copyright notice and this permission notice shall be included in
 # all copies or substantial portions of the Software.
 # THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
 # IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
 # FITNESS FOR A PARTICULAR PURPOSE AND NON-INFRINGEMENT. IN NO EVENT SHALL THE
 # AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
 # LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
 # FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS
 # IN THE SOFTWARE.
 name: Cleanup Artifacts
 on:
  workflow_call:
 jobs:
  cleanup:
    runs-on: ubuntu-latest
    steps:
      - uses: geekyeggo/delete-artifact@v5
        with:
          name: repo-*
          failOnError: false
--- a/.github/workflows/deploy-all.yml
+++ b/.github/workflows/deploy-all.yml
@ -0,0 +1,51 @@
 name: Deploy Website Build
 permissions:
  contents: read
  pages: write
  id-token: write
 on:
  workflow_call:
    inputs:
      netlify_production:
        type: boolean
        default: true
      github_pages:
        type: boolean
        default: true
      minio_production:
        type: boolean
        default: true
    outputs:
      netlify_preview_address:
        value: ${{ jobs.netlify.outputs.address }}
    secrets:
      NETLIFY_TOKEN:
      PROD_MINIO_KEY_ID:
      PROD_MINIO_SECRET_KEY:
 jobs:
  netlify:
    if: inputs.netlify_production
    uses: privacyguides/.github/.github/workflows/deploy-netlify.yml@main
    with:
      netlify_site_id: ${{ vars.PROD_NETLIFY_SITE }}
      environment: production
    secrets:
      NETLIFY_TOKEN: ${{ secrets.NETLIFY_TOKEN }}
  minio:
    if: inputs.minio_production
    uses: privacyguides/.github/.github/workflows/deploy-minio.yml@main
    with:
      environment: production
    secrets:
      PROD_MINIO_KEY_ID: ${{ secrets.PROD_MINIO_KEY_ID }}
      PROD_MINIO_SECRET_KEY: ${{ secrets.PROD_MINIO_SECRET_KEY }}
  pages:
    if: inputs.github_pages
    uses: privacyguides/.github/.github/workflows/deploy-pages.yml@main
    with:
      environment: github-pages
--- a/.github/workflows/deploy.yml
+++ b/.github/workflows/deploy.yml
@ -1,237 +0,0 @@
 # Copyright (c) 2024 Jonah Aragon <jonah@triplebit.net>
 # Permission is hereby granted, free of charge, to any person obtaining a copy
 # of this software and associated documentation files (the "Software"), to
 # deal in the Software without restriction, including without limitation the
 # rights to use, copy, modify, merge, publish, distribute, sublicense, and/or
 # sell copies of the Software, and to permit persons to whom the Software is
 # furnished to do so, subject to the following conditions:
 # The above copyright notice and this permission notice shall be included in
 # all copies or substantial portions of the Software.
 # THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
 # IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
 # FITNESS FOR A PARTICULAR PURPOSE AND NON-INFRINGEMENT. IN NO EVENT SHALL THE
 # AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
 # LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
 # FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS
 # IN THE SOFTWARE.
 name: Deploy Website Build
 on:
  workflow_call:
    inputs:
      netlify_preview:
        type: boolean
      netlify_alias:
        type: string
      netlify_production:
        type: boolean
      github_pages:
        type: boolean
      bunnycdn_production:
        type: boolean
      minio_production:
        type: boolean
    outputs:
      netlify_preview_address:
        value: ${{ jobs.netlify_preview.outputs.address }}
    secrets:
      NETLIFY_TOKEN:
      PROD_BUNNYCDN_API_KEY:
      PROD_BUNNYCDN_PASSWORD:
      PROD_MINIO_KEY_ID:
      PROD_MINIO_SECRET_KEY:
 jobs:
  netlify_preview:
    if: inputs.netlify_preview
    runs-on: ubuntu-latest
    permissions:
      contents: read
    outputs:
      address: ${{ steps.address.outputs.address }}
    steps:
      - uses: actions/download-artifact@v4
        with:
          pattern: site-build-*
          merge-multiple: true
      - run: |
          for file in *.tar.gz; do tar -zxf "$file"; done
          wget https://raw.githubusercontent.com/privacyguides/privacyguides.org/main/netlify.toml
          ls -la site/
      - uses: actions/setup-node@v4
      - run: |
          npm install netlify-cli -g
      - if: inputs.netlify_preview
        name: Limit length of Netlify alias to 12
        run: echo "SHORT_ALIAS=`echo ${{ inputs.netlify_alias }} | cut -c1-12`" >> $GITHUB_ENV
      - if: inputs.netlify_preview
        id: deployment
        env:
          NETLIFY_SITE_ID: ${{ vars.NETLIFY_SITE }}
          NETLIFY_AUTH_TOKEN: ${{ secrets.NETLIFY_TOKEN }}
        run: |
          netlify deploy --dir=site --alias=${{ env.SHORT_ALIAS }}
          echo "DEPLOYED_ADDRESS=https://${{ env.SHORT_ALIAS }}--${{ vars.NETLIFY_SITE }}.netlify.app/" >> "$GITHUB_ENV"
      - id: address
        run: |
          echo "address=$DEPLOYED_ADDRESS" >> "$GITHUB_OUTPUT"
  netlify_production:
    if: inputs.netlify_production
    runs-on: ubuntu-latest
    permissions:
      contents: read
    environment:
      name: production
      url: https://illustrious-bavarois-56cf30.netlify.app/
    steps:
      - uses: actions/download-artifact@v4
        with:
          pattern: site-build-*
          merge-multiple: true
      - run: |
          for file in *.tar.gz; do tar -zxf "$file"; done
          wget https://raw.githubusercontent.com/privacyguides/privacyguides.org/main/netlify.toml
          ls -la site/
      - uses: actions/setup-node@v4
      - run: |
          npm install netlify-cli -g
      - id: prod_deployment
        env:
          NETLIFY_SITE_ID: ${{ vars.PROD_NETLIFY_SITE }}
          NETLIFY_AUTH_TOKEN: ${{ secrets.NETLIFY_TOKEN }}
        run: |
          netlify deploy --dir=site --prod-if-unlocked
  github_pages:
    if: inputs.github_pages
    runs-on: ubuntu-latest
    concurrency:
      group: "pages"
    environment:
      name: github-pages
      url: ${{ steps.deployment.outputs.page_url }}
    # Grant GITHUB_TOKEN the permissions required to make a Pages deployment
    permissions:
      contents: read
      pages: write      # to deploy to Pages
      id-token: write   # to verify the deployment originates from an appropriate source
    steps:
      - uses: actions/configure-pages@v5
      - uses: actions/download-artifact@v4
        with:
          pattern: site-build-*
          merge-multiple: true
      - run: |
          for file in *.tar.gz; do tar -zxf "$file"; done
          ls -la site/
      - uses: 1arp/create-a-file-action@0.4.4
        with:
          path: site
          file: index.html
          content: |
            <html lang="en">
              <head>
                <title>Redirecting to English site...</title>
                <meta
                  http-equiv="refresh"
                  content="0; URL=./en/"
                />
              </head>
            </html>
      - uses: actions/upload-pages-artifact@v3
        with:
          path: site
      - id: deployment
        uses: actions/deploy-pages@main
  bunnycdn_production:
    if: inputs.bunnycdn_production
    runs-on: ubuntu-latest
    permissions:
      contents: read
    environment:
      name: production
      url: https://privacyguides-org-production.b-cdn.net
    steps:
      - uses: actions/download-artifact@v4
        with:
          pattern: site-build-*
          merge-multiple: true
      - run: |
          for file in *.tar.gz; do tar -zxf "$file"; done
          ls -la site/
      - uses: own3d/bunny-action@bfaa5c6bc8b7a7ebd599ddd4912347d7c3847e78
        env:
          BUNNY_API_ACCESS_KEY: ${{ secrets.PROD_BUNNYCDN_API_KEY }}
          BUNNY_STORAGE_HOSTNAME: storage.bunnycdn.com
          BUNNY_STORAGE_USERNAME: ${{ vars.PROD_BUNNYCDN_USER }}
          BUNNY_STORAGE_PASSWORD: ${{ secrets.PROD_BUNNYCDN_PASSWORD }}
          BUNNY_PULL_ZONE_ID: 2117106
        with:
          args: deploy --dir=site
  minio_production:
    if: inputs.minio_production
    runs-on: ubuntu-latest
    permissions:
      contents: read
    environment:
      name: production
      url: https://privacyguides-org-production.stor1-minio.jonaharagon.net
    steps:
      - uses: actions/download-artifact@v4
        with:
          pattern: site-build-*
          merge-multiple: true
      - run: |
          for file in *.tar.gz; do tar -zxf "$file"; done
          ls -la site/
      - uses: jakejarvis/s3-sync-action@master
        with:
          args: --acl public-read --follow-symlinks --delete
        env:
          SOURCE_DIR: "site/"
          AWS_S3_BUCKET: ${{ vars.PROD_MINIO_BUCKET }}
          AWS_S3_ENDPOINT: ${{ vars.PROD_MINIO_HOSTNAME }}
          AWS_ACCESS_KEY_ID: ${{ secrets.PROD_MINIO_KEY_ID }}
          AWS_SECRET_ACCESS_KEY: ${{ secrets.PROD_MINIO_SECRET_KEY }}
--- a/.github/workflows/download-repo.yml
+++ b/.github/workflows/download-repo.yml
@ -1,48 +0,0 @@
 # Copyright (c) 2024 Jonah Aragon <jonah@triplebit.net>
 # Permission is hereby granted, free of charge, to any person obtaining a copy
 # of this software and associated documentation files (the "Software"), to
 # deal in the Software without restriction, including without limitation the
 # rights to use, copy, modify, merge, publish, distribute, sublicense, and/or
 # sell copies of the Software, and to permit persons to whom the Software is
 # furnished to do so, subject to the following conditions:
 # The above copyright notice and this permission notice shall be included in
 # all copies or substantial portions of the Software.
 # THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
 # IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
 # FITNESS FOR A PARTICULAR PURPOSE AND NON-INFRINGEMENT. IN NO EVENT SHALL THE
 # AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
 # LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
 # FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS
 # IN THE SOFTWARE.
 name: Download Repository
 on:
  workflow_call:
    inputs:
      repo:
        required: true
        type: string
    secrets:
      ACTIONS_SSH_KEY:
        required: true
 jobs:
  download:
    runs-on: ubuntu-latest
    steps:
      - name: Checkout repository
        uses: actions/checkout@v4
        with:
          repository: 'privacyguides/${{ inputs.repo }}'
          path: repo-${{ inputs.repo }}
          ssh-key: ${{ secrets.ACTIONS_SSH_KEY }}
      - uses: actions/upload-artifact@v4
        with:
          name: repo-${{ inputs.repo }}
          path: repo-${{ inputs.repo }}
          retention-days: 1
--- a/.github/workflows/publish-mirror.yml
+++ b/.github/workflows/publish-mirror.yml
@ -20,7 +20,10 @@
 name: 🪞 Push to Mirrors
-on: [ push, delete, create ]
+permissions:
  contents: read
 on: [push, delete, create]
 # Ensures that only one mirror task will run at a time.
 concurrency:
--- a/.github/workflows/publish-pr.yml
+++ b/.github/workflows/publish-pr.yml
@ -18,7 +18,7 @@
 # FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS
 # IN THE SOFTWARE.
-name: 📦 Publish Pull Request Preview
+name: 📦 PR Preview
 on:
  pull_request_target:
@ -30,17 +30,21 @@ concurrency:
 permissions:
  pull-requests: write
  contents: read
  pages: write
  id-token: write
 jobs:
  submodule:
    strategy:
      matrix:
-        repo: [mkdocs-material-insiders, brand, i18n]
+        repo:
-    uses: ./.github/workflows/download-repo.yml
+          - name: mkdocs-material-insiders
            ref: main
          - name: brand
            ref: main
          - name: i18n
            ref: main
    uses: privacyguides/.github/.github/workflows/download-repo.yml@main
    with:
-      repo: ${{ matrix.repo }}
+      repo: ${{ matrix.repo.name }}
    secrets:
      ACTIONS_SSH_KEY: ${{ secrets.ACTIONS_SSH_KEY }}
@ -56,7 +60,7 @@ jobs:
      fail-fast: false
    permissions:
      contents: read
-    uses: ./.github/workflows/build.yml
+    uses: privacyguides/.github/.github/workflows/build.yml@main
    with:
      ref: ${{github.event.pull_request.head.ref}}
      repo: ${{github.event.pull_request.head.repo.full_name}}
@ -67,12 +71,10 @@ jobs:
    needs: build
    permissions:
      contents: read
-      pages: write
+    uses: privacyguides/.github/.github/workflows/deploy-netlify-preview.yml@main
      id-token: write
    uses: ./.github/workflows/deploy.yml
    with:
      netlify_preview: true
      netlify_alias: ${{ github.event.pull_request.head.sha }}
      netlify_site_id: ${{ vars.NETLIFY_SITE }}
    secrets:
      NETLIFY_TOKEN: ${{ secrets.NETLIFY_TOKEN }}
@ -84,7 +86,6 @@ jobs:
    env:
      address: ${{ needs.deploy.outputs.netlify_preview_address }}
    steps:
      - uses: thollander/actions-comment-pull-request@v2.5.0
        with:
          message: |
@ -99,4 +100,4 @@ jobs:
  cleanup:
    if: ${{ always() }}
    needs: build
-    uses: ./.github/workflows/cleanup.yml
+    uses: privacyguides/.github/.github/workflows/cleanup.yml@main
--- a/.github/workflows/publish-release.yml
+++ b/.github/workflows/publish-release.yml
@ -18,12 +18,12 @@
 # FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS
 # IN THE SOFTWARE.
-name: 📦 Publish Release
+name: 📦 Release
 on:
  push:
    tags:
-      - '*'
+      - "*"
 permissions:
  contents: write
@ -35,7 +35,7 @@ jobs:
    strategy:
      matrix:
        repo: [mkdocs-material-insiders, brand, i18n]
-    uses: ./.github/workflows/download-repo.yml
+    uses: privacyguides/.github/.github/workflows/download-repo.yml@main
    with:
      repo: ${{ matrix.repo }}
    secrets:
@ -48,7 +48,7 @@ jobs:
        lang: [en, es, fr, he, it, nl, ru, zh-Hant]
    permissions:
      contents: read
-    uses: ./.github/workflows/build.yml
+    uses: privacyguides/.github/.github/workflows/build.yml@main
    with:
      ref: ${{ github.ref }}
      repo: ${{ github.repository }}
@ -60,7 +60,7 @@ jobs:
    needs: submodule
    permissions:
      contents: read
-    uses: ./.github/workflows/build-offline.yml
+    uses: privacyguides/.github/.github/workflows/build-offline.yml@main
  release:
    name: Create release notes
@ -84,20 +84,17 @@ jobs:
  deploy:
    needs: build
-    uses: ./.github/workflows/deploy.yml
+    uses: ./.github/workflows/deploy-all.yml
    with:
      netlify_production: true
      github_pages: true
      bunnycdn_production: true
      minio_production: true
    secrets:
      NETLIFY_TOKEN: ${{ secrets.NETLIFY_TOKEN }}
      PROD_BUNNYCDN_API_KEY: ${{ secrets.PROD_BUNNYCDN_API_KEY }}
      PROD_BUNNYCDN_PASSWORD: ${{ secrets.PROD_BUNNYCDN_PASSWORD }}
      PROD_MINIO_KEY_ID: ${{ secrets.PROD_MINIO_KEY_ID }}
      PROD_MINIO_SECRET_KEY: ${{ secrets.PROD_MINIO_SECRET_KEY }}
  cleanup:
    if: ${{ always() }}
    needs: [build, buildoffline]
-    uses: ./.github/workflows/cleanup.yml
+    uses: privacyguides/.github/.github/workflows/cleanup.yml@main
--- a/.github/workflows/test-build.yml
+++ b/.github/workflows/test-build.yml
@ -31,7 +31,7 @@ jobs:
    strategy:
      matrix:
        repo: [mkdocs-material-insiders, brand, i18n]
-    uses: ./.github/workflows/download-repo.yml
+    uses: privacyguides/.github/.github/workflows/download-repo.yml@main
    with:
      repo: ${{ matrix.repo }}
    secrets:
@ -45,7 +45,7 @@ jobs:
      fail-fast: false
    permissions:
      contents: read
-    uses: ./.github/workflows/build.yml
+    uses: privacyguides/.github/.github/workflows/build.yml@main
    with:
      ref: ${{ github.ref }}
      repo: ${{ github.repository }}
@ -56,9 +56,9 @@ jobs:
    needs: submodule
    permissions:
      contents: read
-    uses: ./.github/workflows/build-offline.yml
+    uses: privacyguides/.github/.github/workflows/build-offline.yml@main
  cleanup:
    if: ${{ always() }}
    needs: [build, buildoffline]
-    uses: ./.github/workflows/cleanup.yml
+    uses: privacyguides/.github/.github/workflows/cleanup.yml@main
--- a/.github/workflows/test-lint.yml
+++ b/.github/workflows/test-lint.yml
@ -0,0 +1,81 @@
 # Copyright (c) 2024 Jonah Aragon <jonah@triplebit.net>
 # Permission is hereby granted, free of charge, to any person obtaining a copy
 # of this software and associated documentation files (the "Software"), to
 # deal in the Software without restriction, including without limitation the
 # rights to use, copy, modify, merge, publish, distribute, sublicense, and/or
 # sell copies of the Software, and to permit persons to whom the Software is
 # furnished to do so, subject to the following conditions:
 # The above copyright notice and this permission notice shall be included in
 # all copies or substantial portions of the Software.
 # THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
 # IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
 # FITNESS FOR A PARTICULAR PURPOSE AND NON-INFRINGEMENT. IN NO EVENT SHALL THE
 # AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
 # LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
 # FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS
 # IN THE SOFTWARE.
 name: 🤖 Linting
 permissions:
  contents: read
 on:
  workflow_dispatch:
  pull_request:
    branches:
      - main
  push:
 concurrency:
  group: ${{ github.ref }}-${{ github.workflow }}
  cancel-in-progress: true
 env:
  MAIN_BRANCH: ${{ github.event_name == 'push' && github.ref == 'refs/heads/main' }}
 jobs:
  megalinter:
    name: MegaLinter
    runs-on: ubuntu-latest
    steps:
      - if: ${{ env.MAIN_BRANCH }}
        uses: actions/checkout@v4
      - if: ${{ !env.MAIN_BRANCH }}
        uses: actions/checkout@v4
        with:
          fetch-depth: 0
      - id: ml
        # You can override MegaLinter flavor used to have faster performances
        # More info at https://megalinter.io/flavors/
        uses: oxsecurity/megalinter/flavors/documentation@v7.10.0
        env:
          # All available variables are described in documentation
          # https://megalinter.io/configuration/
          # Validates all source when push on main, else just the git diff with main.
          VALIDATE_ALL_CODEBASE: ${{ env.MAIN_BRANCH }}
          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
          # ADD YOUR CUSTOM ENV VARIABLES HERE OR DEFINE THEM IN A FILE .mega-linter.yml AT THE ROOT OF YOUR REPOSITORY
          DISABLE: COPYPASTE,SPELL,HTML
          DISABLE_LINTERS: JSON_JSONLINT,MARKDOWN_MARKDOWN_TABLE_FORMATTER
          DISABLE_ERRORS_LINTERS: CSS_STYLELINT,MARKDOWN_MARKDOWN_LINK_CHECK,YAML_YAMLLINT
          EDITORCONFIG_EDITORCONFIG_CHECKER_ARGUMENTS: -disable-indentation
          ENV_DOTENV_LINTER_ARGUMENTS: "--skip QuoteCharacter"
          MARKDOWN_MARKDOWN_LINK_CHECK_FILTER_REGEX_INCLUDE: (docs)
          MARKDOWN_MARKDOWNLINT_CONFIG_FILE: .markdownlint.yml
          MARKDOWN_MARKDOWNLINT_FILTER_REGEX_EXCLUDE: (PULL_REQUEST_TEMPLATE\.md)
      # Upload MegaLinter artifacts
      - name: Archive production artifacts
        if: success() || failure()
        uses: actions/upload-artifact@v4
        with:
          name: MegaLinter reports
          path: |
            megalinter-reports
            mega-linter.log
--- a/.github/workflows/upload-crowdin.yml
+++ b/.github/workflows/upload-crowdin.yml
@ -20,10 +20,13 @@
 name: 💬 Crowdin Upload
 permissions:
  contents: read
 on:
  workflow_dispatch:
  push:
-    branches: [ main ]
+    branches: [main]
 concurrency:
  group: ${{ github.workflow }}-${{ github.ref }}
@ -34,7 +37,6 @@ jobs:
    runs-on: ubuntu-latest
    steps:
      - name: Checkout
        uses: actions/checkout@v4
@ -42,7 +44,7 @@ jobs:
        uses: crowdin/github-action@v1.20.1
        with:
          upload_sources: true
-        upload_sources_args: '--auto-update --delete-obsolete'
+          upload_sources_args: "--auto-update --delete-obsolete"
          download_translations: false
          config: crowdin.yml
        env:
--- a/.gitignore
+++ b/.gitignore
@ -19,11 +19,6 @@ site
 /config/.cache/plugin/social/*
 !/config/.cache/plugin/social/fonts
 # Editor settings
 .vscode/*
 !.vscode/extensions.json
 !.vscode/settings.json
 # Local Netlify folder
 .netlify
 node_modules
--- a/.markdownlint.yml
+++ b/.markdownlint.yml
@ -24,8 +24,7 @@ ul-indent:
  indent: 4
 no-inline-html: false
 code-block-style: false
-no-hard-tabs:
+no-hard-tabs: true
  spaces-per-tab: 4
 emphasis-style:
  style: "asterisk"
 no-duplicate-header: false
--- a/.vscode/.empty-schema.json
+++ b/.vscode/.empty-schema.json
@ -0,0 +1 @@
 {}
--- a/.vscode/extensions.json
+++ b/.vscode/extensions.json
@ -24,6 +24,9 @@
    "DavidAnson.vscode-markdownlint",
    "wholroyd.jinja",
    "mikestead.dotenv",
-    "matthewpi.caddyfile-support"
+    "matthewpi.caddyfile-support",
    "redhat.vscode-yaml",
    "ecmel.vscode-html-css",
    "yzhang.markdown-all-in-one"
  ]
 }
--- a/.vscode/settings.json
+++ b/.vscode/settings.json
@ -20,6 +20,7 @@
 {
    "git.ignoreLimitWarning": true,
    "ltex.diagnosticSeverity": "hint",
    "[markdown]": {
      "editor.unicodeHighlight.ambiguousCharacters": true,
      "editor.unicodeHighlight.invisibleCharacters": true
@ -31,5 +32,28 @@
    "files.associations": {
      "*.caddy": "caddyfile",
      "*.example-caddy": "caddyfile"
    },
      "editor.unicodeHighlight.invisibleCharacters": true,
      "editor.defaultFormatter": "DavidAnson.vscode-markdownlint",
    "[yaml]": {
      "editor.defaultFormatter": "redhat.vscode-yaml",
      "editor.quickSuggestions": {
        "other": true,
        "comments": false,
        "strings": true
      }
    },
    "yaml.schemas": {
      "https://raw.githubusercontent.com/DavidAnson/markdownlint/main/schema/markdownlint-config-schema.json": ".markdownlint.yml",
      "https://json.schemastore.org/github-issue-config.json": ".github/ISSUE_TEMPLATE/config.yml",
      ".vscode/.empty-schema.json": "config/*.yml"
    },
    "yaml.customTags": [
      "!ENV sequence",
      "!ENV",
      "tag:yaml.org,2002:python/name:pymdownx.superfences.fence_code_format",
      "tag:yaml.org,2002:python/name:material.extensions.emoji.twemoji",
      "tag:yaml.org,2002:python/name:material.extensions.emoji.to_svg"
    ],
    "editor.formatOnSave": true
 }
--- a/README.md
+++ b/README.md
@ -1,4 +1,4 @@
-<!-- markdownlint-disable MD041 -->
+<!-- markdownlint-disable MD041 MD045 -->
 <div align="center">
  <a href="https://www.privacyguides.org">
    <picture>
--- a/config/layouts/home.yml
+++ b/config/layouts/home.yml
@ -1,5 +1,4 @@
 definitions:
  - &background_color >-
    #FFD06F
@ -35,7 +34,6 @@ definitions:
 # Meta tags
 tags:
  # Open Graph
  og:type: website
  og:title: *page_title_with_site_name
@ -59,7 +57,6 @@ tags:
 # Card size and layers
 size: { width: 1200, height: 630 }
 layers:
  # Background
  - background:
      color: *background_color
--- a/config/layouts/page.yml
+++ b/config/layouts/page.yml
@ -1,5 +1,4 @@
 definitions:
  - &background_image >-
    {%- if page.meta.cover -%}
      theme/assets/img/cover/{{ page.meta.cover }}
@ -70,7 +69,6 @@ definitions:
 # Meta tags
 tags:
  # Open Graph
  og:type: website
  og:title: *page_title_with_site_name
@ -94,7 +92,6 @@ tags:
 # Card size and layers
 size: { width: 1200, height: 630 }
 layers:
  # Background
  - background:
      image: *background_image
--- a/config/layouts/pride.yml
+++ b/config/layouts/pride.yml
@ -1,5 +1,4 @@
 definitions:
  - &background_image >-
    {%- if page.meta.cover -%}
      theme/assets/img/cover/{{ page.meta.cover }}
@ -55,7 +54,6 @@ definitions:
 # Meta tags
 tags:
  # Open Graph
  og:type: website
  og:title: *page_title_with_site_name
@ -79,7 +77,6 @@ tags:
 # Card size and layers
 size: { width: 1200, height: 630 }
 layers:
  # Background
  - background:
      image: *background_image
--- a/config/mkdocs-common.yml
+++ b/config/mkdocs-common.yml
@ -18,20 +18,29 @@
 # FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS
 # IN THE SOFTWARE.
-docs_dir: '../docs'
+docs_dir: "../docs"
 site_url: "https://www.privacyguides.org/"
-site_dir: '../site'
+site_dir: "../site"
 site_name: Privacy Guides
-site_description: !ENV [SITE_DESCRIPTION, "Privacy Guides is your central privacy and security resource to protect yourself online."]
+site_description:
-copyright: !ENV [FOOTER_COPYRIGHT, "&copy; 2019 Privacy Guides and contributors."]
+  !ENV [
    SITE_DESCRIPTION,
    "Privacy Guides is your central privacy and security resource to protect yourself online.",
  ]
 copyright:
  !ENV [FOOTER_COPYRIGHT, "&copy; 2019 Privacy Guides and contributors."]
 edit_uri: edit/main/docs/
 extra:
  generator: false
  context: !ENV [CONTEXT, "production"]
  deploy: !ENV DEPLOY_ID
-  homepage_description: !ENV [DESCRIPTION_HOMEPAGE, "A socially motivated website which provides information about protecting your online data privacy and security."]
+  homepage_description:
    !ENV [
      DESCRIPTION_HOMEPAGE,
      "A socially motivated website which provides information about protecting your online data privacy and security.",
    ]
  translation_notice: !ENV DESCRIPTION_TRANSLATION
  translation_notice_cta: !ENV [DESCRIPTION_TRANSLATION_CTA, "Visit Crowdin"]
  translation_notice_language: !ENV LANG_ENGLISH
@ -86,7 +95,11 @@ extra:
      icon: https://raw.githubusercontent.com/twitter/twemoji/master/assets/svg/1f1f7-1f1fa.svg
  consent:
    title: !ENV [ANALYTICS_CONSENT_TITLE, "Contribute anonymous statistics"]
-    description: !ENV [ANALYTICS_CONSENT_BODY, "We use cookies to collect anonymous usage statistics. You can opt out if you wish."]
+    description:
      !ENV [
        ANALYTICS_CONSENT_BODY,
        "We use cookies to collect anonymous usage statistics. You can opt out if you wish.",
      ]
    cookies:
      umami:
        name: Self-Hosted Analytics
@ -219,86 +232,87 @@ markdown_extensions:
    toc_depth: 4
 nav:
-  - !ENV [NAV_HOME, 'Home']: 'index.md'
+  - !ENV [NAV_HOME, "Home"]: "index.md"
-  - !ENV [NAV_KNOWLEDGE_BASE, 'Knowledge Base']:
+  - !ENV [NAV_KNOWLEDGE_BASE, "Knowledge Base"]:
-    - 'basics/why-privacy-matters.md'
+      - "basics/why-privacy-matters.md"
-    - 'basics/threat-modeling.md'
+      - "basics/threat-modeling.md"
-    - 'basics/common-threats.md'
+      - "basics/common-threats.md"
-    - 'basics/common-misconceptions.md'
+      - "basics/common-misconceptions.md"
-    - 'basics/account-creation.md'
+      - "basics/account-creation.md"
-    - 'basics/account-deletion.md'
+      - "basics/account-deletion.md"
-    - !ENV [NAV_TECHNOLOGY_ESSENTIALS, 'Technology Essentials']:
+      - !ENV [NAV_TECHNOLOGY_ESSENTIALS, "Technology Essentials"]:
-      - 'basics/passwords-overview.md'
+          - "basics/passwords-overview.md"
-      - 'basics/multi-factor-authentication.md'
+          - "basics/multi-factor-authentication.md"
-      - 'basics/email-security.md'
+          - "basics/email-security.md"
-      - 'basics/vpn-overview.md'
+          - "basics/vpn-overview.md"
-    - !ENV [NAV_ADVANCED_TOPICS, 'Advanced Topics']:
+      - !ENV [NAV_ADVANCED_TOPICS, "Advanced Topics"]:
-      - 'advanced/dns-overview.md'
+          - "advanced/dns-overview.md"
-      - 'advanced/tor-overview.md'
+          - "advanced/tor-overview.md"
-      - 'advanced/payments.md'
+          - "advanced/payments.md"
-      - 'advanced/communication-network-types.md'
+          - "advanced/communication-network-types.md"
-    - !ENV [NAV_OPERATING_SYSTEMS, 'Operating Systems']:
+      - !ENV [NAV_OPERATING_SYSTEMS, "Operating Systems"]:
-      - 'os/android-overview.md'
+          - "os/android-overview.md"
-      - 'os/ios-overview.md'
+          - "os/ios-overview.md"
-      - 'os/linux-overview.md'
+          - "os/linux-overview.md"
-      - 'os/macos-overview.md'
+          - "os/macos-overview.md"
-      - 'os/qubes-overview.md'
+          - "os/qubes-overview.md"
      - kb-archive.md
-  - !ENV [NAV_RECOMMENDATIONS, 'Recommendations']:
+  - !ENV [NAV_RECOMMENDATIONS, "Recommendations"]:
-    - 'tools.md'
+      - "tools.md"
-    - !ENV [NAV_INTERNET_BROWSING, 'Internet Browsing']:
+      - !ENV [NAV_INTERNET_BROWSING, "Internet Browsing"]:
-      - 'tor.md'
+          - "tor.md"
-      - 'desktop-browsers.md'
+          - "desktop-browsers.md"
-      - 'mobile-browsers.md'
+          - "mobile-browsers.md"
-    - !ENV [NAV_PROVIDERS, 'Providers']:
+      - !ENV [NAV_PROVIDERS, "Providers"]:
-      - 'cloud.md'
+          - "cloud.md"
-      - 'dns.md'
+          - "dns.md"
-      - 'email-aliasing.md'
+          - "email-aliasing.md"
-      - 'email.md'
+          - "email.md"
-      - 'financial-services.md'
+          - "financial-services.md"
-      - 'photo-management.md'
+          - "photo-management.md"
-      - 'search-engines.md'
+          - "search-engines.md"
-      - 'vpn.md'
+          - "vpn.md"
-    - !ENV [NAV_SOFTWARE, 'Software']:
+      - !ENV [NAV_SOFTWARE, "Software"]:
-      - 'calendar.md'
+          - "calendar.md"
-      - 'cryptocurrency.md'
+          - "cryptocurrency.md"
-      - 'data-redaction.md'
+          - "data-redaction.md"
-      - 'email-clients.md'
+          - "email-clients.md"
-      - 'encryption.md'
+          - "encryption.md"
-      - 'file-sharing.md'
+          - "file-sharing.md"
-      - 'frontends.md'
+          - "frontends.md"
-      - 'multi-factor-authentication.md'
+          - "multi-factor-authentication.md"
-      - 'news-aggregators.md'
+          - "news-aggregators.md"
-      - 'notebooks.md'
+          - "notebooks.md"
-      - 'passwords.md'
+          - "passwords.md"
-      - 'productivity.md'
+          - "productivity.md"
-      - 'real-time-communication.md'
+          - "real-time-communication.md"
-    - !ENV [NAV_OPERATING_SYSTEMS, 'Operating Systems']:
+      - !ENV [NAV_OPERATING_SYSTEMS, "Operating Systems"]:
-      - 'android.md'
+          - "android.md"
-      - 'desktop.md'
+          - "desktop.md"
-      - 'router.md'
+          - "router.md"
-    - !ENV [NAV_ADVANCED, 'Advanced']:
+      - !ENV [NAV_ADVANCED, "Advanced"]:
-      - 'device-integrity.md'
+          - "device-integrity.md"
-  - !ENV [NAV_ABOUT, 'About']:
+  - !ENV [NAV_ABOUT, "About"]:
-    - 'about/index.md'
+      - "about/index.md"
-    - 'about/criteria.md'
+      - "about/criteria.md"
-    - 'about/notices.md'
+      - "about/notices.md"
-    - 'about/privacy-policy.md'
+      - "about/privacy-policy.md"
-    - 'about/statistics.md'
+      - "about/statistics.md"
-    - !ENV [NAV_COMMUNITY, 'Community']:
+      - !ENV [NAV_COMMUNITY, "Community"]:
-      - 'about/donate.md'
+          - "about/donate.md"
-      - !ENV [NAV_ONLINE_SERVICES, 'Online Services']: 'about/services.md'
+          - !ENV [NAV_ONLINE_SERVICES, "Online Services"]: "about/services.md"
-      - !ENV [NAV_CODE_OF_CONDUCT, 'Code of Conduct']: 'CODE_OF_CONDUCT.md'
+          - !ENV [NAV_CODE_OF_CONDUCT, "Code of Conduct"]: "CODE_OF_CONDUCT.md"
-      - 'about/privacytools.md'
+          - "about/privacytools.md"
-    - !ENV [NAV_CONTRIBUTING, 'Contributing']:
+      - !ENV [NAV_CONTRIBUTING, "Contributing"]:
-      - !ENV [NAV_WRITING_GUIDE, 'Writing Guide']:
+          - !ENV [NAV_WRITING_GUIDE, "Writing Guide"]:
-        - 'meta/writing-style.md'
+              - "meta/writing-style.md"
-        - 'meta/admonitions.md'
+              - "meta/admonitions.md"
-        - 'meta/brand.md'
+              - "meta/brand.md"
-        - 'meta/translations.md'
+              - "meta/translations.md"
-      - !ENV [NAV_TECHNICAL_GUIDES, 'Technical Guides']:
+          - !ENV [NAV_TECHNICAL_GUIDES, "Technical Guides"]:
-        - 'meta/uploading-images.md'
+              - "meta/uploading-images.md"
-        - 'meta/git-recommendations.md'
+              - "meta/git-recommendations.md"
-  - !ENV [NAV_CHANGELOG, 'Changelog']: 'https://github.com/privacyguides/privacyguides.org/releases'
+  - !ENV [NAV_CHANGELOG, "Changelog"]:
-  - !ENV [NAV_FORUM, 'Forum']: 'https://discuss.privacyguides.net/'
+      "https://github.com/privacyguides/privacyguides.org/releases"
-  - !ENV [NAV_BLOG, 'Blog']: 'https://blog.privacyguides.org/'
+  - !ENV [NAV_FORUM, "Forum"]: "https://discuss.privacyguides.net/"
  - !ENV [NAV_BLOG, "Blog"]: "https://blog.privacyguides.org/"
--- a/config/mkdocs-offline.yml
+++ b/config/mkdocs-offline.yml
@ -44,5 +44,4 @@ plugins:
    enabled: true
  social:
    enabled: false
 # Edit the offline-mode navbar in mkdocs-common.yml
--- a/config/mkdocs.en.yml
+++ b/config/mkdocs.en.yml
@ -20,7 +20,7 @@
 INHERIT: mkdocs-common.yml
 site_url: "https://www.privacyguides.org/en/"
-site_dir: '../site/en'
+site_dir: "../site/en"
 theme:
  # ENGLISH ONLY: this logo needs to be set separately because the relative path is different
--- a/config/mkdocs.es.yml
+++ b/config/mkdocs.es.yml
@ -19,9 +19,9 @@
 # IN THE SOFTWARE.
 INHERIT: mkdocs-common.yml
-docs_dir: '../i18n/es'
+docs_dir: "../i18n/es"
 site_url: "https://www.privacyguides.org/es/"
-site_dir: '../site/es'
+site_dir: "../site/es"
 edit_uri: edit/main/i18n/es/
--- a/config/mkdocs.fr.yml
+++ b/config/mkdocs.fr.yml
@ -19,9 +19,9 @@
 # IN THE SOFTWARE.
 INHERIT: mkdocs-common.yml
-docs_dir: '../i18n/fr'
+docs_dir: "../i18n/fr"
 site_url: "https://www.privacyguides.org/fr/"
-site_dir: '../site/fr'
+site_dir: "../site/fr"
 edit_uri: edit/main/i18n/fr/
--- a/config/mkdocs.he.yml
+++ b/config/mkdocs.he.yml
@ -19,9 +19,9 @@
 # IN THE SOFTWARE.
 INHERIT: mkdocs-common.yml
-docs_dir: '../i18n/he'
+docs_dir: "../i18n/he"
 site_url: "https://www.privacyguides.org/he/"
-site_dir: '../site/he'
+site_dir: "../site/he"
 edit_uri: edit/main/i18n/he/
--- a/config/mkdocs.it.yml
+++ b/config/mkdocs.it.yml
@ -19,9 +19,9 @@
 # IN THE SOFTWARE.
 INHERIT: mkdocs-common.yml
-docs_dir: '../i18n/it'
+docs_dir: "../i18n/it"
 site_url: "https://www.privacyguides.org/it/"
-site_dir: '../site/it'
+site_dir: "../site/it"
 edit_uri: edit/main/i18n/it/
--- a/config/mkdocs.nl.yml
+++ b/config/mkdocs.nl.yml
@ -19,9 +19,9 @@
 # IN THE SOFTWARE.
 INHERIT: mkdocs-common.yml
-docs_dir: '../i18n/nl'
+docs_dir: "../i18n/nl"
 site_url: "https://www.privacyguides.org/nl/"
-site_dir: '../site/nl'
+site_dir: "../site/nl"
 edit_uri: edit/main/i18n/nl/
--- a/config/mkdocs.ru.yml
+++ b/config/mkdocs.ru.yml
@ -19,9 +19,9 @@
 # IN THE SOFTWARE.
 INHERIT: mkdocs-common.yml
-docs_dir: '../i18n/ru'
+docs_dir: "../i18n/ru"
 site_url: "https://www.privacyguides.org/ru/"
-site_dir: '../site/ru'
+site_dir: "../site/ru"
 edit_uri: edit/main/docs/
--- a/config/mkdocs.zh-Hant.yml
+++ b/config/mkdocs.zh-Hant.yml
@ -19,9 +19,9 @@
 # IN THE SOFTWARE.
 INHERIT: mkdocs-common.yml
-docs_dir: '../i18n/zh-Hant'
+docs_dir: "../i18n/zh-Hant"
 site_url: "https://www.privacyguides.org/zh-Hant/"
-site_dir: '../site/zh-Hant'
+site_dir: "../site/zh-Hant"
 edit_uri: edit/main/i18n/zh-Hant/
--- a/crowdin.yml
+++ b/crowdin.yml
@ -18,24 +18,25 @@
 # FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS
 # IN THE SOFTWARE.
 #checkov:skip=CKV_SECRET_6:obviously a variable name and not a secret
 api_token_env: CROWDIN_PERSONAL_TOKEN
 project_id: "509862"
 "preserve_hierarchy": true
 files:
- source: "/docs/**/*.*"
+  - source: "/docs/**/*.*"
    translation: "/i18n/%two_letters_code%/**/%file_name%.%file_extension%"
    skip_untranslated_files: false
- source: "/theme/overrides/*.en.html"
+  - source: "/theme/overrides/*.en.html"
    translation: "/theme/overrides/%file_name%.%two_letters_code%.html"
    translation_replace:
      "en.": ""
    skip_untranslated_files: false
- source: "/includes/*.en.*"
+  - source: "/includes/*.en.*"
    translation: "/includes/%file_name%.%two_letters_code%.%file_extension%"
    translation_replace:
      "en.": ""
    skip_untranslated_files: false
- source: "/static/i18n/*.en.*"
+  - source: "/static/i18n/*.en.*"
    translation: "/static/i18n/%file_name%.%two_letters_code%.%file_extension%"
    translation_replace:
      "en.": ""
--- a/docs/about/privacytools.md
+++ b/docs/about/privacytools.md
@ -1,8 +1,6 @@
 ---
 title: "PrivacyTools FAQ"
 ---
 # Why we moved on from PrivacyTools
 In September 2021, every active contributor unanimously agreed to move from PrivacyTools to work on this site: Privacy Guides. This decision was made because PrivacyTools’ founder and controller of the domain name had disappeared for an extended period of time and could not be contacted.
 Having built a reputable site and set of services on PrivacyTools.io, this caused grave concerns for the future of PrivacyTools, as any future disruption could wipe out the entire organization with no recovery method. This transition was communicated to the PrivacyTools community many months in advance via a variety of channels including its blog, Twitter, Reddit, and Mastodon to ensure the entire process went as smoothly as possible. We did this to ensure nobody was kept in the dark, which has been our modus operandi since our team was created, and to make sure Privacy Guides was recognized as the same reliable organization that PrivacyTools was before the transition.
@ -49,11 +47,11 @@ Reddit requires that subreddits have active moderators. If the primary moderator
 On September 14th, 2021, we [announced](https://blog.privacyguides.org/2021/09/14/welcome-to-privacy-guides) the beginning of our migration to this new domain:
-> [...] we found it necessary to make this switch sooner rather than later to ensure people would find out about this transition as soon as possible. This gives us adequate time to transition the domain name, which is currently redirecting to www.privacyguides.org, and it hopefully gives everyone enough time to notice the change, update bookmarks and websites, etc.
+> [...] we found it necessary to make this switch sooner rather than later to ensure people would find out about this transition as soon as possible. This gives us adequate time to transition the domain name, which is currently redirecting to `www.privacyguides.org`, and it hopefully gives everyone enough time to notice the change, update bookmarks and websites, etc.
 This change [entailed:](https://reddit.com/comments/pnhn4a)
- Redirecting www.privacytools.io to [www.privacyguides.org](https://www.privacyguides.org).
+- Redirecting `www.privacytools.io` to [www.privacyguides.org](https://www.privacyguides.org).
 - Archiving the source code on GitHub to preserve our past work and issue tracker, which we continued to use for months of future development of this site.
 - Posting announcements to our subreddit and various other communities informing people of the official change.
 - Formally closing privacytools.io services, like Matrix and Mastodon, and encouraging existing users to migrate as soon as possible.
@ -64,7 +62,7 @@ Things appeared to be going smoothly, and most of our active community made the
 Roughly a week following the transition, BurungHantu returned online for the first time in nearly a year, however nobody on our team was willing to return to PrivacyTools because of his historic unreliability. Rather than apologize for his prolonged absence, he immediately went on the offensive and positioned the transition to Privacy Guides as an attack against him and his project. He subsequently [deleted](https://reddit.com/comments/pp9yie/comment/hd49wbn) many of these posts when it was pointed out by the community that he had been absent and abandoned the project.
-At this point, BurungHantu claimed he wanted to continue working on privacytools.io on his own and requested that we remove the redirect from www.privacytools.io to [www.privacyguides.org](https://www.privacyguides.org). We obliged and requested that he keep the subdomains for Matrix, Mastodon, and PeerTube active for us to run as a public service to our community for at least a few months, in order to allow users on those platforms to easily migrate to other accounts. Due to the federated nature of the services we provided, they were tied to specific domain names making it very difficult to migrate (and in some cases impossible).
+At this point, BurungHantu claimed he wanted to continue working on privacytools.io on his own and requested that we remove the redirect from `www.privacytools.io` to [www.privacyguides.org](https://www.privacyguides.org). We obliged and requested that he keep the subdomains for Matrix, Mastodon, and PeerTube active for us to run as a public service to our community for at least a few months, in order to allow users on those platforms to easily migrate to other accounts. Due to the federated nature of the services we provided, they were tied to specific domain names making it very difficult to migrate (and in some cases impossible).
 Unfortunately, because control of the r/privacytoolsIO subreddit was not returned to BurungHantu at his demand (further information below), those subdomains were [cut off](https://reddit.com/comments/pymthv/comment/hexwrps) at the beginning of October, ending any migration possibilities to any users still using those services.
@ -84,7 +82,7 @@ After the launch of [r/PrivacyGuides](https://reddit.com/r/privacyguides), it wa
 > [...] The growth of this Sub was the result of great effort, across several years, by the PrivacyGuides.org team. And by every one of you.
 >
-> A Subreddit is a great deal of work to administer and moderate. Like a garden, it requires patient tending and daily care. It’s not a task for dilettantes or commitment-challenged people. It can’t thrive under a gardener who abandons it for several years, then shows up demanding this year’s harvest as their tribute. It’s unfair to the team formed years ago. It’s unfair to you. [...]
+> A Subreddit is a great deal of work to administer and moderate. Like a garden, it requires patient tending and daily care. It's not a task for dilettantes or commitment-challenged people. It can’t thrive under a gardener who abandons it for several years, then shows up demanding this year’s harvest as their tribute. It's unfair to the team formed years ago. It’s unfair to you. [...]
 Subreddits do not belong to anybody, and they especially do not belong to brand-holders. They belong to their communities, and the community and its moderators made the decision to support the move to r/PrivacyGuides.
@ -100,7 +98,7 @@ Our fundraising platform, OpenCollective, is another source of contention. Our p
 Thus, the funds in OpenCollective belong to Privacy Guides, they were given to our project, and not the owner of a well known domain name. In the announcement made to donors on September 17th, 2021, we offered refunds to any donor who disagrees with the stance we took, but nobody has taken us up on this offer:
-> If any sponsors or backers disagree with or feel misled by these recent events and would like to request a refund given these highly unusual circumstances, please get in touch with our project admin by emailing jonah@triplebit.net.
+> If any sponsors or backers disagree with or feel misled by these recent events and would like to request a refund given these highly unusual circumstances, please get in touch with our project admin by emailing `jonah@triplebit.net`.
 ## Further Reading
--- a/docs/basics/common-misconceptions.md
+++ b/docs/basics/common-misconceptions.md
@ -77,21 +77,21 @@ One of the clearest threat models is one where people *know who you are* and one
 1. **Known identity** - A known identity is used for things where you must declare your name. There are many legal documents and contracts where a legal identity is required. This could range from opening a bank account, signing a property lease, obtaining a passport, customs declarations when importing items, or otherwise dealing with your government. These things will usually lead to credentials such as credit cards, credit rating checks, account numbers, and possibly physical addresses.
-We don't suggest using a VPN or Tor for any of these things, as your identity is already known through other means.
+    We don't suggest using a VPN or Tor for any of these things, as your identity is already known through other means.
-<div class="admonition tip" markdown>
+    <div class="admonition tip" markdown>
-<p class="admonition-title">Tip</p>
+    <p class="admonition-title">Tip</p>
-When shopping online, the use of a [parcel locker](https://en.wikipedia.org/wiki/Parcel_locker) can help keep your physical address private.
+    When shopping online, the use of a [parcel locker](https://en.wikipedia.org/wiki/Parcel_locker) can help keep your physical address private.
-</div>
+    </div>
 2. **Unknown identity** - An unknown identity could be a stable pseudonym that you regularly use. It is not anonymous because it doesn't change. If you're part of an online community, you may wish to retain a persona that others know. This pseudonym isn't anonymous because—if monitored for long enough—details about the owner can reveal further information, such as the way they write, their general knowledge about topics of interest, etc.
-You may wish to use a VPN for this, to mask your IP address. Financial transactions are more difficult to mask: You could consider using anonymous cryptocurrencies, such as [Monero](https://getmonero.org). Employing altcoin shifting may also help to disguise where your currency originated. Typically, exchanges require KYC (know your customer) to be completed before they'll allow you to exchange fiat currency into any kind of cryptocurrency. Local meet-up options may also be a solution; however, those are often more expensive and sometimes also require KYC.
+    You may wish to use a VPN for this, to mask your IP address. Financial transactions are more difficult to mask: You could consider using anonymous cryptocurrencies, such as [Monero](https://getmonero.org). Employing altcoin shifting may also help to disguise where your currency originated. Typically, exchanges require KYC (know your customer) to be completed before they'll allow you to exchange fiat currency into any kind of cryptocurrency. Local meet-up options may also be a solution; however, those are often more expensive and sometimes also require KYC.
 3. **Anonymous identity** - Even with experience, anonymous identities are difficult to maintain over long periods of time. They should be short-term and short-lived identities which are rotated regularly.
-Using Tor can help with this. It is also worth noting that greater anonymity is possible through asynchronous communication: Real-time communication is vulnerable to analysis of typing patterns (i.e. more than a paragraph of text, distributed on a forum, via email, etc.)
+    Using Tor can help with this. It is also worth noting that greater anonymity is possible through asynchronous communication: Real-time communication is vulnerable to analysis of typing patterns (i.e. more than a paragraph of text, distributed on a forum, via email, etc.)
 [^1]: One notable example of this is the [2021 incident in which University of Minnesota researchers introduced three vulnerabilities into the Linux kernel development project](https://cse.umn.edu/cs/linux-incident).
--- a/docs/basics/multi-factor-authentication.md
+++ b/docs/basics/multi-factor-authentication.md
@ -158,7 +158,7 @@ Qubes OS has support for Challenge-Response authentication with YubiKeys. If you
 SSH MFA could be set up using multiple different authentication methods that are popular with hardware security keys. We recommend that you check out Yubico's [documentation](https://developers.yubico.com/SSH) on how to set this up.
-#### Time-based One-time Password (TOTP)
+#### TOTP
 SSH MFA can also be set up using TOTP. DigitalOcean has provided a tutorial [How To Set Up Multi-Factor Authentication for SSH on Ubuntu 20.04](https://digitalocean.com/community/tutorials/how-to-set-up-multi-factor-authentication-for-ssh-on-ubuntu-20-04). Most things should be the same regardless of distribution, however the package manager commands—such as `apt-get`—and package names may differ.
--- a/docs/basics/why-privacy-matters.md
+++ b/docs/basics/why-privacy-matters.md
@ -10,16 +10,19 @@ Privacy is ultimately about human information, and this is important because we
 Many people get the concepts of **privacy**, **security**, and **anonymity** confused. You'll see people criticize various products as "not private" when really they mean it doesn't provide anonymity, for example. On this website, we cover all three of these topics, but it is important you understand the difference between them, and when each one comes into play.
 <!-- markdownlint-disable-next-line -->
 **Privacy**
 :   ==Privacy is the assurance that your data is only seen by the parties you intend to view it.== In the context of an instant messenger, for example, end-to-end encryption provides privacy by keeping your message visible only to yourself and the recipient.
 <!-- markdownlint-disable-next-line -->
 **Security**
 :   Security is the ability to trust the applications you use—that the parties involved are who they say they are—and keep those applications safe. In the context of browsing the web, for example, security can be provided by HTTPS certificates.
 :   Certificates prove you are talking directly to the website you're visiting, and keep attackers on your network from reading or modifying the data sent to or from the website.
 <!-- markdownlint-disable-next-line -->
 **Anonymity**
 :   Anonymity is the ability to act without a persistent identifier. You might achieve this online with [Tor](../tor.md), which allows you to browse the internet with a random IP address and network connection instead of your own.
--- a/docs/cloud.md
+++ b/docs/cloud.md
@ -45,7 +45,7 @@ The Proton Drive web application has been independently audited by Securitum in
 > Auditors identified two low-severity vulnerabilities. Additionally, five general recommendations were reported. At the same time, we confirm that no important security issues were identified during the pentest.
-Proton Drive's brand new mobile clients have not yet been publicly audited by a third-party.
+Proton Drive's brand new mobile clients have not yet been publicly audited by a third party.
 ## Tresorit
--- a/docs/desktop-browsers.md
+++ b/docs/desktop-browsers.md
@ -139,7 +139,7 @@ Firefox includes a unique [download token](https://bugzilla.mozilla.org/show_bug
 </div>
-### Recommended Configuration
+### Recommended Firefox Configuration
 These options can be found in :material-menu: → **Settings**
@ -256,7 +256,7 @@ Brave adds a "[referral code](https://github.com/brave/brave-browser/wiki/Brave%
 </div>
-### Recommended Configuration
+### Recommended Brave Configuration
 These options can be found in :material-menu: → **Settings**.
@ -339,7 +339,7 @@ Brave's Web3 features can potentially add to your browser fingerprint and attack
 1. This option is not present on all platforms.
-#### Sync
+#### Brave Sync
 [Brave Sync](https://support.brave.com/hc/articles/360059793111-Understanding-Brave-Sync) allows your browsing data (history, bookmarks, etc.) to be accessible on all your devices without requiring an account and protects it with E2EE.
--- a/docs/email.md
+++ b/docs/email.md
@ -5,6 +5,7 @@ icon: material/email
 description: These email providers offer a great place to store your emails securely, and many offer interoperable OpenPGP encryption with other providers.
 cover: email.webp
 ---
 <!-- markdownlint-disable MD024 -->
 Email is practically a necessity for using any online service, however we do not recommend it for person-to-person conversations. Rather than using email to contact other people, consider using an instant messaging medium that supports forward secrecy.
 [Recommended Instant Messengers](real-time-communication.md){ .md-button }
@ -70,7 +71,7 @@ OpenPGP also does not support Forward secrecy, which means if either your or the
 Free accounts have some limitations, such as not being able to search body text and not having access to [Proton Mail Bridge](https://proton.me/mail/bridge), which is required to use a [recommended desktop email client](email-clients.md) (e.g. Thunderbird). Paid accounts include features like Proton Mail Bridge, additional storage, and custom domain support. A [letter of attestation](https://proton.me/blog/security-audit-all-proton-apps) was provided for Proton Mail's apps on 9th November 2021 by [Securitum](https://research.securitum.com).
-If you have the Proton Unlimited, Business, or Visionary Plan, you also get [SimpleLogin](#simplelogin) Premium for free.
+If you have the Proton Unlimited, Business, or Visionary Plan, you also get [SimpleLogin](email-aliasing.md#simplelogin) Premium for free.
 Proton Mail has internal crash reports that they **do not** share with third parties. This can be disabled in: **Settings** > **Go to Settings** > **Account** > **Security and privacy** > **Send crash reports**.
--- a/docs/encryption.md
+++ b/docs/encryption.md
@ -126,23 +126,27 @@ BitLocker is [only supported](https://support.microsoft.com/windows/turn-on-devi
 To enable BitLocker on "Home" editions of Windows, you must have partitions formatted with a [GUID Partition Table](https://en.wikipedia.org/wiki/GUID_Partition_Table) and have a dedicated TPM (v1.2, 2.0+) module. You may need to [disable the non-Bitlocker "Device encryption" functionality](https://discuss.privacyguides.net/t/enabling-bitlocker-on-the-windows-11-home-edition/13303/5) (which is inferior because it sends your recovery key to Microsoft's servers) if it is enabled on your device already before following this guide.
 1. Open a command prompt and check your drive's partition table format with the following command. You should see "**GPT**" listed under "Partition Style":
    ```powershell
    powershell Get-Disk
    ```
 2. Run this command (in an admin command prompt) to check your TPM version. You should see `2.0` or `1.2` listed next to `SpecVersion`:
    ```powershell
    powershell Get-WmiObject -Namespace "root/cimv2/security/microsofttpm" -Class WIN32_tpm
    ```
 3. Access [Advanced Startup Options](https://support.microsoft.com/windows/advanced-startup-options-including-safe-mode-b90e7808-80b5-a291-d4b8-1a1af602b617). You need to reboot while pressing the F8 key before Windows starts and go into the *command prompt* in **Troubleshoot** → **Advanced Options** → **Command Prompt**.
 4. Login with your admin account and type this in the command prompt to start encryption:
    ```powershell
    manage-bde -on c: -used
    ```
 5. Close the command prompt and continue booting to regular Windows.
 6. Open an admin command prompt and run the following commands:
    ```powershell
    manage-bde c: -protectors -add -rp -tpm
    manage-bde -protectors -enable c:
--- a/docs/file-sharing.md
+++ b/docs/file-sharing.md
@ -14,7 +14,7 @@ Discover how to privately share your files between your devices, with your frien
 ![Send logo](assets/img/file-sharing-sync/send.svg){ align=right }
-**Send** is a fork of Mozilla’s discontinued Firefox Send service which allows you to send files to others with a link. Files are encrypted on your device so that they cannot be read by the server, and they can be optionally password-protected as well. The maintainer of Send hosts a [public instance](https://send.vis.ee). You can use other public instances, or you can host Send yourself.
+**Send** is a fork of Mozilla's discontinued Firefox Send service which allows you to send files to others with a link. Files are encrypted on your device so that they cannot be read by the server, and they can be optionally password-protected as well. The maintainer of Send hosts a [public instance](https://send.vis.ee). You can use other public instances, or you can host Send yourself.
 [:octicons-home-16: Homepage](https://send.vis.ee){ .md-button .md-button--primary }
 [:octicons-server-16:](https://github.com/timvisee/send-instances){ .card-link title="Public Instances"}
@ -144,6 +144,7 @@ We don't recommend using the [E2EE App](https://apps.nextcloud.com/apps/end_to_e
 </div>
 <!-- markdownlint-disable-next-line -->
 ### Criteria
 **Please note we are not affiliated with any of the projects we recommend.** In addition to [our standard criteria](about/criteria.md), we have developed a clear set of requirements to allow us to provide objective recommendations. We suggest you familiarize yourself with this list before choosing to use a project, and conduct your own research to ensure it's the right choice for you.
--- a/docs/financial-services.md
+++ b/docs/financial-services.md
@ -84,6 +84,7 @@ These services allow you to purchase gift cards for a variety of merchants onlin
 </div>
 <!-- markdownlint-disable-next-line -->
 ### Criteria
 **Please note we are not affiliated with any of the projects we recommend.** In addition to [our standard criteria](about/criteria.md), we have developed a clear set of requirements to allow us to provide objective recommendations. We suggest you familiarize yourself with this list before choosing to use a project, and conduct your own research to ensure it's the right choice for you.
--- a/docs/index.md
+++ b/docs/index.md
@ -36,7 +36,7 @@ schema:
        urlTemplate: "https://www.privacyguides.org/?q={search_term_string}"
      query-input: required name=search_term_string
 ---
-<!-- markdownlint-disable-next-line -->
+<!-- markdownlint-disable -->
 ## Why should I care?
 ##### “I have nothing to hide. Why should I care about my privacy?”
--- a/docs/kb-archive.md
+++ b/docs/kb-archive.md
@ -3,8 +3,6 @@ title: KB Archive
 icon: material/archive
 description: Some pages that used to be in our knowledge base can now be found on our blog.
 ---
 # Pages Moved to Blog
 Some pages that used to be in our knowledge base can now be found on our blog:
 - [GrapheneOS vs. CalyxOS](https://blog.privacyguides.org/2022/04/21/grapheneos-or-calyxos)
--- a/docs/meta/brand.md
+++ b/docs/meta/brand.md
@ -19,4 +19,4 @@ Additional branding guidelines can be found at [github.com/privacyguides/brand](
 "Privacy Guides" and the shield logo are trademarks owned by Jonah Aragon, unlimited usage is granted to the Privacy Guides project.
-Without waiving any of its rights, Privacy Guides does not advise others on the scope of its intellectual property rights. Privacy Guides does not permit or consent to any use of its trademarks in any manner that is likely to cause confusion by implying association with or sponsorship by Privacy Guides. If you are aware of any such use, please contact Jonah Aragon at jonah@privacyguides.org. Consult your legal counsel if you have questions.
+Without waiving any of its rights, Privacy Guides does not advise others on the scope of its intellectual property rights. Privacy Guides does not permit or consent to any use of its trademarks in any manner that is likely to cause confusion by implying association with or sponsorship by Privacy Guides. If you are aware of any such use, please contact Jonah Aragon at `jonah@privacyguides.org`. Consult your legal counsel if you have questions.
--- a/docs/meta/git-recommendations.md
+++ b/docs/meta/git-recommendations.md
@ -8,13 +8,16 @@ If you make changes to this website on GitHub.com's web editor directly, you sho
 You can use an existing SSH key for signing, or [create a new one](https://docs.github.com/en/authentication/connecting-to-github-with-ssh/generating-a-new-ssh-key-and-adding-it-to-the-ssh-agent).
 1. Configure your Git client to sign commits and tags by default (remove `--global` to only sign by default for this repo):
-   ```
+
    ```bash
    git config --global commit.gpgsign true
    git config --global gpg.format ssh
    git config --global tag.gpgSign true
    ```
 2. Set your SSH key for signing in Git with the following command, substituting `/PATH/TO/.SSH/KEY.PUB` with the path to the public key you'd like to use, e.g. `/home/user/.ssh/id_ed25519.pub`:
-   ```
+
    ```bash
    git config --global user.signingkey /PATH/TO/.SSH/KEY.PUB
    ```
@ -26,7 +29,7 @@ Use `git pull --rebase` instead of `git pull` when pulling in changes from GitHu
 You can set this to be the default behavior:
-```
+```bash
 git config --global pull.rebase true
 ```
@ -34,7 +37,7 @@ git config --global pull.rebase true
 If you are working on your own branch, run these commands before submitting a PR:
-```
+```bash
 git fetch origin
 git rebase origin/main
 ```
--- a/docs/mobile-browsers.md
+++ b/docs/mobile-browsers.md
@ -68,7 +68,7 @@ Brave is built upon the Chromium web browser project, so it should feel familiar
 </div>
-#### Recommended Configuration
+#### Recommended Brave Configuration
 Tor Browser is the only way to truly browse the internet anonymously. When you use Brave, we recommend changing the following settings to protect your privacy from certain parties, but all browsers other than the [Tor Browser](tor.md#tor-browser) will be traceable by *somebody* in some regard or another.
@ -150,7 +150,7 @@ On iOS, any app that can browse the web is [restricted](https://developer.apple.
 </div>
-#### Recommended Configuration
+#### Recommended Firefox Configuration
 These options can be found in :gear: **Settings** → **Safari**
--- a/docs/multi-factor-authentication.md
+++ b/docs/multi-factor-authentication.md
@ -151,6 +151,7 @@ We highly recommend that you use mobile TOTP apps instead of desktop alternative
 </div>
 <!-- markdownlint-disable-next-line -->
 ### Criteria
 **Please note we are not affiliated with any of the projects we recommend.** In addition to [our standard criteria](about/criteria.md), we have developed a clear set of requirements to allow us to provide objective recommendations. We suggest you familiarize yourself with this list before choosing to use a project, and conduct your own research to ensure it's the right choice for you.
--- a/docs/passwords.md
+++ b/docs/passwords.md
@ -366,6 +366,7 @@ These products are minimal password managers that can be used within scripting a
 </div>
 <!-- markdownlint-disable-next-line -->
 ### Criteria
 **Please note we are not affiliated with any of the projects we recommend.** In addition to [our standard criteria](about/criteria.md), we have developed a clear set of requirements to allow us to provide objective recommendations. We suggest you familiarize yourself with this list before choosing to use a project, and conduct your own research to ensure it's the right choice for you.
--- a/docs/productivity.md
+++ b/docs/productivity.md
@ -4,6 +4,7 @@ icon: material/file-sign
 description: Most online office suites do not support E2EE, meaning the cloud provider has access to everything you do.
 cover: productivity.webp
 ---
 <!-- markdownlint-disable MD024 -->
 Most online office suites do not support E2EE, meaning the cloud provider has access to everything you do. The privacy policy may legally protect your rights, but it does not provide technical access constraints.
 ## Collaboration Platforms
--- a/docs/tools.md
+++ b/docs/tools.md
@ -62,6 +62,7 @@ For more details about each project, why they were chosen, and additional tips o
 [Learn more :material-arrow-right-drop-circle:](mobile-browsers.md)
 <!-- markdownlint-disable-next-line -->
 ### Additional Resources
 <div class="grid cards annotate" markdown>
--- a/docs/vpn.md
+++ b/docs/vpn.md
@ -5,6 +5,7 @@ icon: material/vpn
 description: These are the best VPN services for protecting your privacy and security online. Find a provider here that isn’t out to spy on you.
 cover: vpn.webp
 ---
 <!-- markdownlint-disable MD024 -->
 If you're looking for additional **privacy** from your ISP, on a public Wi-Fi network, or while torrenting files, a VPN may be the solution for you as long as you understand the risks involved. We think these providers are a cut above the rest:
--- a/includes/strings.en.env
+++ b/includes/strings.en.env
@ -1,44 +1,44 @@
 ANALYTICS_CONSENT_BODY="We collect anonymous statistics about your visits to help us improve the site. We do not track you across other websites. If you disable this, we will not know when you have visited our site. We will save a single cookie in your browser to remember your preference."
 ANALYTICS_CONSENT_TITLE="Contribute anonymous statistics"
-LANG="English"
+DESCRIPTION_HOMEPAGE="A socially motivated website which provides information about protecting your online data privacy and security."
-LANG_ENGLISH="English"
+DESCRIPTION_TRANSLATION="You're viewing the $LANG copy of Privacy Guides, translated by our fantastic language team on Crowdin. If you notice an error, or see any untranslated sections on this page, please consider helping out!"
-SITE_NAME="Privacy Guides"
+DESCRIPTION_TRANSLATION_CTA="Visit Crowdin"
 SITE_DESCRIPTION="Privacy Guides is your central privacy and security resource to protect yourself online."
 FOOTER_COPYRIGHT_INTRO="<b>Privacy Guides</b> is a non-profit, socially motivated website that provides information for protecting your data security and privacy."
 FOOTER_COPYRIGHT_AFFILIATE="We do not make money from recommending certain products, and we do not use affiliate links."
 FOOTER_COPYRIGHT_ANALYTICS="Anonymous statistics preferences."
 FOOTER_COPYRIGHT_DATE="2019 - 2024 Privacy Guides and contributors."
 FOOTER_COPYRIGHT_ICON='<span class="twemoji"><svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 496 512"><!--! Font Awesome Free 6.2.0 by @fontawesome - https://fontawesome.com License - https://fontawesome.com/license/free (Icons: CC BY 4.0, Fonts: SIL OFL 1.1, Code: MIT License) Copyright 2022 Fonticons, Inc.--><path d="m245.83 214.87-33.22 17.28c-9.43-19.58-25.24-19.93-27.46-19.93-22.13 0-33.22 14.61-33.22 43.84 0 23.57 9.21 43.84 33.22 43.84 14.47 0 24.65-7.09 30.57-21.26l30.55 15.5c-6.17 11.51-25.69 38.98-65.1 38.98-22.6 0-73.96-10.32-73.96-77.05 0-58.69 43-77.06 72.63-77.06 30.72-.01 52.7 11.95 65.99 35.86zm143.05 0-32.78 17.28c-9.5-19.77-25.72-19.93-27.9-19.93-22.14 0-33.22 14.61-33.22 43.84 0 23.55 9.23 43.84 33.22 43.84 14.45 0 24.65-7.09 30.54-21.26l31 15.5c-2.1 3.75-21.39 38.98-65.09 38.98-22.69 0-73.96-9.87-73.96-77.05 0-58.67 42.97-77.06 72.63-77.06 30.71-.01 52.58 11.95 65.56 35.86zM247.56 8.05C104.74 8.05 0 123.11 0 256.05c0 138.49 113.6 248 247.56 248 129.93 0 248.44-100.87 248.44-248 0-137.87-106.62-248-248.44-248zm.87 450.81c-112.54 0-203.7-93.04-203.7-202.81 0-105.42 85.43-203.27 203.72-203.27 112.53 0 202.82 89.46 202.82 203.26-.01 121.69-99.68 202.82-202.84 202.82z"></path></svg></span><span class="twemoji"><svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 496 512"><!--! Font Awesome Free 6.2.0 by @fontawesome - https://fontawesome.com License - https://fontawesome.com/license/free (Icons: CC BY 4.0, Fonts: SIL OFL 1.1, Code: MIT License) Copyright 2022 Fonticons, Inc.--><path d="M314.9 194.4v101.4h-28.3v120.5h-77.1V295.9h-28.3V194.4c0-4.4 1.6-8.2 4.6-11.3 3.1-3.1 6.9-4.7 11.3-4.7H299c4.1 0 7.8 1.6 11.1 4.7 3.1 3.2 4.8 6.9 4.8 11.3zm-101.5-63.7c0-23.3 11.5-35 34.5-35s34.5 11.7 34.5 35c0 23-11.5 34.5-34.5 34.5s-34.5-11.5-34.5-34.5zM247.6 8C389.4 8 496 118.1 496 256c0 147.1-118.5 248-248.4 248C113.6 504 0 394.5 0 256 0 123.1 104.7 8 247.6 8zm.8 44.7C130.2 52.7 44.7 150.6 44.7 256c0 109.8 91.2 202.8 203.7 202.8 103.2 0 202.8-81.1 202.8-202.8.1-113.8-90.2-203.3-202.8-203.3z"></path></svg></span><span class="twemoji"><svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 496 512"><!--! Font Awesome Free 6.2.0 by @fontawesome - https://fontawesome.com License - https://fontawesome.com/license/free (Icons: CC BY 4.0, Fonts: SIL OFL 1.1, Code: MIT License) Copyright 2022 Fonticons, Inc.--><path d="M247.6 8C389.4 8 496 118.1 496 256c0 147.1-118.5 248-248.4 248C113.6 504 0 394.5 0 256 0 123.1 104.7 8 247.6 8zm.8 44.7C130.2 52.7 44.7 150.6 44.7 256c0 109.8 91.2 202.8 203.7 202.8 103.2 0 202.8-81.1 202.8-202.8.1-113.8-90.2-203.3-202.8-203.3zm94 144.3v42.5H162.1V197h180.3zm0 79.8v42.5H162.1v-42.5h180.3z"></path></svg></span>'
 FOOTER_COPYRIGHT_INTRO="<b>Privacy Guides</b> is a non-profit, socially motivated website that provides information for protecting your data security and privacy."
 FOOTER_COPYRIGHT_LICENSE="Content license:"
 FOOTER_COPYRIGHT="$FOOTER_COPYRIGHT_INTRO <br> $FOOTER_COPYRIGHT_AFFILIATE <br> &copy; $FOOTER_COPYRIGHT_DATE $FOOTER_COPYRIGHT_ICON $FOOTER_COPYRIGHT_LICENSE <a href='/license'><strong>CC BY-ND 4.0</strong></a>. <a href='#__consent'>$FOOTER_COPYRIGHT_ANALYTICS</a>"
-THEME_LIGHT="Switch to light mode"
+LANG="English"
-THEME_DARK="Switch to dark mode"
+LANG_ENGLISH="English"
-THEME_AUTO="Switch to system theme"
+NAV_ABOUT="About"
-DESCRIPTION_HOMEPAGE="A socially motivated website which provides information about protecting your online data privacy and security."
+NAV_ADVANCED="Advanced"
-DESCRIPTION_TRANSLATION="You're viewing the $LANG copy of Privacy Guides, translated by our fantastic language team on Crowdin. If you notice an error, or see any untranslated sections on this page, please consider helping out!"
+NAV_ADVANCED_TOPICS="Advanced Topics"
-DESCRIPTION_TRANSLATION_CTA="Visit Crowdin"
+NAV_BLOG="Blog"
-SOCIAL_MASTODON="Mastodon"
+NAV_CHANGELOG="Changelog"
-SOCIAL_MATRIX="Matrix"
+NAV_CODE_OF_CONDUCT="Code of Conduct"
 NAV_COMMUNITY="Community"
 NAV_CONTRIBUTING="Contributing"
 NAV_FORUM="Forum"
 NAV_HOME="Home"
 NAV_INTERNET_BROWSING="Internet Browsing"
 NAV_KNOWLEDGE_BASE="Knowledge Base"
 NAV_ONLINE_SERVICES="Online Services"
 NAV_OPERATING_SYSTEMS="Operating Systems"
 NAV_PROVIDERS="Providers"
 NAV_RECOMMENDATIONS="Recommendations"
 NAV_SOFTWARE="Software"
 NAV_TECHNICAL_GUIDES="Technical Guides"
 NAV_TECHNOLOGY_ESSENTIALS="Technology Essentials"
 NAV_WRITING_GUIDE="Writing Guide"
 SITE_DESCRIPTION="Privacy Guides is your central privacy and security resource to protect yourself online."
 SITE_NAME="Privacy Guides"
 SOCIAL_FORUM="Forum"
 SOCIAL_GITHUB="GitHub"
 SOCIAL_MASTODON="Mastodon"
 SOCIAL_MATRIX="Matrix"
 SOCIAL_TOR_SITE="Hidden service"
-NAV_HOME="Home"
+THEME_AUTO="Switch to system theme"
-NAV_KNOWLEDGE_BASE="Knowledge Base"
+THEME_DARK="Switch to dark mode"
-NAV_TECHNOLOGY_ESSENTIALS="Technology Essentials"
+THEME_LIGHT="Switch to light mode"
 NAV_OPERATING_SYSTEMS="Operating Systems"
 NAV_ADVANCED_TOPICS="Advanced Topics"
 NAV_RECOMMENDATIONS="Recommendations"
 NAV_INTERNET_BROWSING="Internet Browsing"
 NAV_PROVIDERS="Providers"
 NAV_SOFTWARE="Software"
 NAV_ADVANCED="Advanced"
 NAV_ABOUT="About"
 NAV_COMMUNITY="Community"
 NAV_ONLINE_SERVICES="Online Services"
 NAV_CODE_OF_CONDUCT="Code of Conduct"
 NAV_CONTRIBUTING="Contributing"
 NAV_WRITING_GUIDE="Writing Guide"
 NAV_TECHNICAL_GUIDES="Technical Guides"
 NAV_CHANGELOG="Changelog"
 NAV_FORUM="Forum"
 NAV_BLOG="Blog"
--- a/theme/assets/stylesheets/home.css
+++ b/theme/assets/stylesheets/home.css
@ -109,7 +109,7 @@ article.md-content__inner {
 article.md-content__inner > * {
    max-width: 38rem;
 }
-article.md-content__inner > *:nth-child(n+8):nth-child(-n+12) {
+article.md-content__inner > *:nth-child(n+7):nth-child(-n+12) {
    margin-left: auto;
    margin-right: 0;
    text-align: right;
`@ -19,4 +19,4 @@ Additional branding guidelines can be found at [github.com/privacyguides/brand](`

	`"Privacy Guides" and the shield logo are trademarks owned by Jonah Aragon, unlimited usage is granted to the Privacy Guides project.`	`"Privacy Guides" and the shield logo are trademarks owned by Jonah Aragon, unlimited usage is granted to the Privacy Guides project.`

	`Without waiving any of its rights, Privacy Guides does not advise others on the scope of its intellectual property rights. Privacy Guides does not permit or consent to any use of its trademarks in any manner that is likely to cause confusion by implying association with or sponsorship by Privacy Guides. If you are aware of any such use, please contact Jonah Aragon at jonah@privacyguides.org. Consult your legal counsel if you have questions.`	Without waiving any of its rights, Privacy Guides does not advise others on the scope of its intellectual property rights. Privacy Guides does not permit or consent to any use of its trademarks in any manner that is likely to cause confusion by implying association with or sponsorship by Privacy Guides. If you are aware of any such use, please contact Jonah Aragon at `jonah@privacyguides.org`. Consult your legal counsel if you have questions.