From 632761cae1ae74847c06223a2ebe88792258f4c4 Mon Sep 17 00:00:00 2001 From: Jonah Aragon Date: Sun, 31 Mar 2024 06:10:46 -0500 Subject: [PATCH] Automated PR Testing (#2469) --- .../ISSUE_TEMPLATE/1_Content_Correction.yml | 1 - .github/ISSUE_TEMPLATE/2_Website_Issues.yml | 1 - .github/dependabot.yml | 3 - .github/workflows/build-offline.yml | 113 --------- .github/workflows/build.yml | 136 ---------- .github/workflows/cleanup.yml | 33 --- .github/workflows/deploy-all.yml | 51 ++++ .github/workflows/deploy.yml | 237 ------------------ .github/workflows/download-repo.yml | 48 ---- .github/workflows/publish-mirror.yml | 5 +- .github/workflows/publish-pr.yml | 27 +- .github/workflows/publish-release.yml | 17 +- .github/workflows/test-build.yml | 8 +- .github/workflows/test-lint.yml | 81 ++++++ .github/workflows/upload-crowdin.yml | 32 +-- .gitignore | 5 - .markdownlint.yml | 3 +- .vscode/.empty-schema.json | 1 + .vscode/extensions.json | 5 +- .vscode/settings.json | 26 +- README.md | 8 +- config/layouts/home.yml | 3 - config/layouts/page.yml | 3 - config/layouts/pride.yml | 3 - config/mkdocs-common.yml | 192 +++++++------- config/mkdocs-offline.yml | 1 - config/mkdocs.en.yml | 2 +- config/mkdocs.es.yml | 4 +- config/mkdocs.fr.yml | 4 +- config/mkdocs.he.yml | 4 +- config/mkdocs.it.yml | 4 +- config/mkdocs.nl.yml | 4 +- config/mkdocs.ru.yml | 4 +- config/mkdocs.zh-Hant.yml | 4 +- crowdin.yml | 37 +-- docs/about/index.md | 12 +- docs/about/privacytools.md | 12 +- docs/about/services.md | 6 +- docs/advanced/dns-overview.md | 4 +- docs/basics/common-misconceptions.md | 14 +- docs/basics/multi-factor-authentication.md | 2 +- docs/basics/why-privacy-matters.md | 3 + docs/cloud.md | 2 +- docs/desktop-browsers.md | 6 +- docs/email.md | 3 +- docs/encryption.md | 32 +-- docs/file-sharing.md | 3 +- docs/financial-services.md | 1 + docs/index.md | 2 +- docs/kb-archive.md | 2 - docs/meta/brand.md | 2 +- docs/meta/git-recommendations.md | 23 +- docs/mobile-browsers.md | 4 +- docs/multi-factor-authentication.md | 1 + docs/passwords.md | 1 + docs/productivity.md | 1 + docs/tools.md | 1 + docs/vpn.md | 1 + includes/strings.en.env | 66 ++--- theme/assets/stylesheets/home.css | 2 +- theme/assets/stylesheets/lang-he.css | 8 +- theme/assets/stylesheets/lang-ru.css | 6 +- theme/assets/stylesheets/lang-zh-Hant.css | 8 +- 63 files changed, 471 insertions(+), 867 deletions(-) delete mode 100644 .github/workflows/build-offline.yml delete mode 100644 .github/workflows/build.yml delete mode 100644 .github/workflows/cleanup.yml create mode 100644 .github/workflows/deploy-all.yml delete mode 100644 .github/workflows/deploy.yml delete mode 100644 .github/workflows/download-repo.yml create mode 100644 .github/workflows/test-lint.yml create mode 100644 .vscode/.empty-schema.json diff --git a/.github/ISSUE_TEMPLATE/1_Content_Correction.yml b/.github/ISSUE_TEMPLATE/1_Content_Correction.yml index 897fcbc9..458b8fd8 100644 --- a/.github/ISSUE_TEMPLATE/1_Content_Correction.yml +++ b/.github/ISSUE_TEMPLATE/1_Content_Correction.yml @@ -22,7 +22,6 @@ name: "Content Correction" description: Report any inaccurate, incorrect, or outdated information on the website. labels: ["t:correction"] body: - - type: markdown attributes: value: | diff --git a/.github/ISSUE_TEMPLATE/2_Website_Issues.yml b/.github/ISSUE_TEMPLATE/2_Website_Issues.yml index 7b94fe4d..8b88b38a 100644 --- a/.github/ISSUE_TEMPLATE/2_Website_Issues.yml +++ b/.github/ISSUE_TEMPLATE/2_Website_Issues.yml @@ -24,7 +24,6 @@ labels: ["t:bug"] assignees: - jonaharagon body: - - type: markdown attributes: value: | diff --git a/.github/dependabot.yml b/.github/dependabot.yml index 30be8a18..f349012e 100644 --- a/.github/dependabot.yml +++ b/.github/dependabot.yml @@ -21,7 +21,6 @@ version: 2 registries: - github-privacyguides: type: git url: https://github.com @@ -29,7 +28,6 @@ registries: password: ${{secrets.REPO_PAT}} updates: - # Maintain dependencies for GitHub Actions - package-ecosystem: "github-actions" directory: "/" @@ -51,7 +49,6 @@ updates: interval: "monthly" labels: - "fix:submodules" - # Disabled because some updates tend to remove needed dependencies for some reason # # Maintain dependencies for pipenv diff --git a/.github/workflows/build-offline.yml b/.github/workflows/build-offline.yml deleted file mode 100644 index 2b80932d..00000000 --- a/.github/workflows/build-offline.yml +++ /dev/null @@ -1,113 +0,0 @@ -# Copyright (c) 2024 Jonah Aragon - -# Permission is hereby granted, free of charge, to any person obtaining a copy -# of this software and associated documentation files (the "Software"), to -# deal in the Software without restriction, including without limitation the -# rights to use, copy, modify, merge, publish, distribute, sublicense, and/or -# sell copies of the Software, and to permit persons to whom the Software is -# furnished to do so, subject to the following conditions: - -# The above copyright notice and this permission notice shall be included in -# all copies or substantial portions of the Software. - -# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR -# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, -# FITNESS FOR A PARTICULAR PURPOSE AND NON-INFRINGEMENT. IN NO EVENT SHALL THE -# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER -# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING -# FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS -# IN THE SOFTWARE. - -name: Build Offline Website - -on: - workflow_call: - -permissions: - contents: read - -jobs: - build: - runs-on: ubuntu-latest - permissions: - contents: read - - steps: - - name: Checkout repository - uses: actions/checkout@v4 - with: - persist-credentials: 'false' - - - uses: actions/download-artifact@v4 - with: - pattern: repo-* - path: modules - - - run: | - rmdir modules/mkdocs-material - mv modules/repo-mkdocs-material-insiders modules/mkdocs-material - rmdir theme/assets/brand - mv modules/repo-brand theme/assets/brand - - - name: Python setup - uses: actions/setup-python@v5 - with: - cache: 'pipenv' - - - uses: actions/cache/restore@v4.0.2 - with: - key: site-cache-${{ github.repository }}-en-${{ github.ref }}-${{ hashfiles('.cache/**') }} - path: .cache - restore-keys: | - site-cache-${{ github.repository }}-en-${{ github.ref }}- - site-cache-${{ github.repository }}-en- - - - name: Install Python dependencies - run: | - pip install pipenv - pipenv install - sudo apt install pngquant - - - name: Build website - env: - GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} - CARDS: false - run: | - pipenv run mkdocs build --config-file config/mkdocs-offline.yml - pipenv run mkdocs --version - - - name: Package website - run: | - tar -czvf offline.tar.gz site - zip -r -q offline.zip site - - - uses: actions/cache/save@v4.0.2 - with: - key: site-cache-${{ github.repository }}-en-${{ github.ref }}-${{ hashfiles('.cache/**') }} - path: .cache - - - name: Upload tar.gz file - uses: actions/upload-artifact@v4 - with: - name: offline.tar.gz - path: offline.tar.gz - - - name: Upload zip file - uses: actions/upload-artifact@v4 - with: - name: offline.zip - path: offline.zip - - - name: Create ZIM File - uses: addnab/docker-run-action@v3 - with: - image: ghcr.io/openzim/zim-tools:3.1.3 - options: -v ${{ github.workspace }}:/data - run: | - zimwriterfs -w index.html -I assets/brand/logos/png/square/pg-yellow.png -l eng -t "Privacy Guides" -d "Your central privacy and security resource to protect yourself online." -c "Privacy Guides" -p "Jonah Aragon" -n "Privacy Guides" -e "https://github.com/privacyguides/privacyguides.org" /data/site /data/offline-privacy_guides.zim - - - name: Upload ZIM file - uses: actions/upload-artifact@v4 - with: - name: offline-privacy_guides.zim - path: offline-privacy_guides.zim diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml deleted file mode 100644 index 1e853962..00000000 --- a/.github/workflows/build.yml +++ /dev/null @@ -1,136 +0,0 @@ -# Copyright (c) 2024 Jonah Aragon - -# Permission is hereby granted, free of charge, to any person obtaining a copy -# of this software and associated documentation files (the "Software"), to -# deal in the Software without restriction, including without limitation the -# rights to use, copy, modify, merge, publish, distribute, sublicense, and/or -# sell copies of the Software, and to permit persons to whom the Software is -# furnished to do so, subject to the following conditions: - -# The above copyright notice and this permission notice shall be included in -# all copies or substantial portions of the Software. - -# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR -# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, -# FITNESS FOR A PARTICULAR PURPOSE AND NON-INFRINGEMENT. IN NO EVENT SHALL THE -# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER -# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING -# FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS -# IN THE SOFTWARE. - -name: Build Website - -on: - workflow_call: - inputs: - ref: - required: true - type: string - repo: - required: true - type: string - lang: - type: string - default: en - context: - type: string - default: deploy-preview - continue-on-error: - type: boolean - default: true - -permissions: - contents: read - -jobs: - build: - runs-on: ubuntu-latest - continue-on-error: ${{ inputs.continue-on-error }} - permissions: - contents: read - - steps: - - uses: actions/checkout@v4 - with: - repository: ${{ inputs.repo }} - ref: ${{ inputs.ref }} - persist-credentials: 'false' - fetch-depth: 0 - - - uses: actions/download-artifact@v4 - with: - pattern: repo-* - path: modules - - - run: | - rmdir modules/mkdocs-material - mv modules/repo-mkdocs-material-insiders modules/mkdocs-material - rmdir theme/assets/brand - mv modules/repo-brand theme/assets/brand - - - if: inputs.lang != 'en' - run: | - cp -rl modules/repo-i18n/i18n . - cp -rl modules/repo-i18n/includes . - cp -rl modules/repo-i18n/theme . - - - uses: actions/setup-python@v5 - with: - cache: 'pipenv' - - - uses: actions/cache/restore@v4.0.2 - with: - key: site-cache-${{ inputs.repo }}-${{ inputs.ref }}-${{ hashfiles('.cache/**') }} - path: .cache - restore-keys: | - site-cache-${{ inputs.repo }}-${{ inputs.ref }}- - site-cache-${{ inputs.repo }}- - - - uses: actions/cache/restore@v4.0.2 - with: - key: card-cache-${{ inputs.repo }}-${{ inputs.lang }}-${{ inputs.ref }}-${{ hashfiles('config/.cache/plugin/social/manifest.json') }} - path: | - config/.cache/plugin/social/manifest.json - config/.cache/plugin/social/assets - restore-keys: | - card-cache-${{ inputs.repo }}-${{ inputs.lang }}-${{ inputs.ref }}- - card-cache-${{ inputs.repo }}-${{ inputs.lang }}- - - - run: | - pip install pipenv - pipenv install - sudo apt install pngquant - - - if: inputs.lang != 'en' - uses: falti/dotenv-action@v1.1 - with: - path: includes/strings.${{ inputs.lang }}.env - export-variables: true - keys-case: bypass - - - env: - GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} - CONTEXT: ${{ inputs.context }} - PRODUCTION: true - run: | - pipenv run mkdocs build --config-file config/mkdocs.${{ inputs.lang }}.yml - cp -r static/* site/ - pipenv run mkdocs --version - tar -czvf site-build-${{ inputs.lang }}.tar.gz site - - - uses: actions/cache/save@v4.0.2 - with: - key: site-cache-${{ inputs.repo }}-${{ inputs.ref }}-${{ hashfiles('.cache/**') }} - path: .cache - - - uses: actions/cache/save@v4.0.2 - with: - key: card-cache-${{ inputs.repo }}-${{ inputs.lang }}-${{ inputs.ref }}-${{ hashfiles('config/.cache/plugin/social/manifest.json') }} - path: | - config/.cache/plugin/social/manifest.json - config/.cache/plugin/social/assets - - - uses: actions/upload-artifact@v4 - with: - name: site-build-${{ inputs.lang }}.tar.gz - path: site-build-${{ inputs.lang }}.tar.gz diff --git a/.github/workflows/cleanup.yml b/.github/workflows/cleanup.yml deleted file mode 100644 index 3275c0f7..00000000 --- a/.github/workflows/cleanup.yml +++ /dev/null @@ -1,33 +0,0 @@ -# Copyright (c) 2024 Jonah Aragon - -# Permission is hereby granted, free of charge, to any person obtaining a copy -# of this software and associated documentation files (the "Software"), to -# deal in the Software without restriction, including without limitation the -# rights to use, copy, modify, merge, publish, distribute, sublicense, and/or -# sell copies of the Software, and to permit persons to whom the Software is -# furnished to do so, subject to the following conditions: - -# The above copyright notice and this permission notice shall be included in -# all copies or substantial portions of the Software. - -# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR -# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, -# FITNESS FOR A PARTICULAR PURPOSE AND NON-INFRINGEMENT. IN NO EVENT SHALL THE -# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER -# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING -# FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS -# IN THE SOFTWARE. - -name: Cleanup Artifacts - -on: - workflow_call: - -jobs: - cleanup: - runs-on: ubuntu-latest - steps: - - uses: geekyeggo/delete-artifact@v5 - with: - name: repo-* - failOnError: false diff --git a/.github/workflows/deploy-all.yml b/.github/workflows/deploy-all.yml new file mode 100644 index 00000000..ffa83df7 --- /dev/null +++ b/.github/workflows/deploy-all.yml @@ -0,0 +1,51 @@ +name: Deploy Website Build + +permissions: + contents: read + pages: write + id-token: write + +on: + workflow_call: + inputs: + netlify_production: + type: boolean + default: true + github_pages: + type: boolean + default: true + minio_production: + type: boolean + default: true + outputs: + netlify_preview_address: + value: ${{ jobs.netlify.outputs.address }} + secrets: + NETLIFY_TOKEN: + PROD_MINIO_KEY_ID: + PROD_MINIO_SECRET_KEY: + +jobs: + netlify: + if: inputs.netlify_production + uses: privacyguides/.github/.github/workflows/deploy-netlify.yml@main + with: + netlify_site_id: ${{ vars.PROD_NETLIFY_SITE }} + environment: production + secrets: + NETLIFY_TOKEN: ${{ secrets.NETLIFY_TOKEN }} + + minio: + if: inputs.minio_production + uses: privacyguides/.github/.github/workflows/deploy-minio.yml@main + with: + environment: production + secrets: + PROD_MINIO_KEY_ID: ${{ secrets.PROD_MINIO_KEY_ID }} + PROD_MINIO_SECRET_KEY: ${{ secrets.PROD_MINIO_SECRET_KEY }} + + pages: + if: inputs.github_pages + uses: privacyguides/.github/.github/workflows/deploy-pages.yml@main + with: + environment: github-pages diff --git a/.github/workflows/deploy.yml b/.github/workflows/deploy.yml deleted file mode 100644 index 4a25bd38..00000000 --- a/.github/workflows/deploy.yml +++ /dev/null @@ -1,237 +0,0 @@ -# Copyright (c) 2024 Jonah Aragon - -# Permission is hereby granted, free of charge, to any person obtaining a copy -# of this software and associated documentation files (the "Software"), to -# deal in the Software without restriction, including without limitation the -# rights to use, copy, modify, merge, publish, distribute, sublicense, and/or -# sell copies of the Software, and to permit persons to whom the Software is -# furnished to do so, subject to the following conditions: - -# The above copyright notice and this permission notice shall be included in -# all copies or substantial portions of the Software. - -# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR -# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, -# FITNESS FOR A PARTICULAR PURPOSE AND NON-INFRINGEMENT. IN NO EVENT SHALL THE -# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER -# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING -# FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS -# IN THE SOFTWARE. - -name: Deploy Website Build - -on: - workflow_call: - inputs: - netlify_preview: - type: boolean - netlify_alias: - type: string - netlify_production: - type: boolean - github_pages: - type: boolean - bunnycdn_production: - type: boolean - minio_production: - type: boolean - outputs: - netlify_preview_address: - value: ${{ jobs.netlify_preview.outputs.address }} - secrets: - NETLIFY_TOKEN: - PROD_BUNNYCDN_API_KEY: - PROD_BUNNYCDN_PASSWORD: - PROD_MINIO_KEY_ID: - PROD_MINIO_SECRET_KEY: - -jobs: - netlify_preview: - if: inputs.netlify_preview - runs-on: ubuntu-latest - - permissions: - contents: read - - outputs: - address: ${{ steps.address.outputs.address }} - - steps: - - uses: actions/download-artifact@v4 - with: - pattern: site-build-* - merge-multiple: true - - - run: | - for file in *.tar.gz; do tar -zxf "$file"; done - wget https://raw.githubusercontent.com/privacyguides/privacyguides.org/main/netlify.toml - ls -la site/ - - - uses: actions/setup-node@v4 - - - run: | - npm install netlify-cli -g - - - if: inputs.netlify_preview - name: Limit length of Netlify alias to 12 - run: echo "SHORT_ALIAS=`echo ${{ inputs.netlify_alias }} | cut -c1-12`" >> $GITHUB_ENV - - - if: inputs.netlify_preview - id: deployment - env: - NETLIFY_SITE_ID: ${{ vars.NETLIFY_SITE }} - NETLIFY_AUTH_TOKEN: ${{ secrets.NETLIFY_TOKEN }} - run: | - netlify deploy --dir=site --alias=${{ env.SHORT_ALIAS }} - echo "DEPLOYED_ADDRESS=https://${{ env.SHORT_ALIAS }}--${{ vars.NETLIFY_SITE }}.netlify.app/" >> "$GITHUB_ENV" - - - id: address - run: | - echo "address=$DEPLOYED_ADDRESS" >> "$GITHUB_OUTPUT" - - netlify_production: - if: inputs.netlify_production - runs-on: ubuntu-latest - - permissions: - contents: read - - environment: - name: production - url: https://illustrious-bavarois-56cf30.netlify.app/ - - steps: - - uses: actions/download-artifact@v4 - with: - pattern: site-build-* - merge-multiple: true - - - run: | - for file in *.tar.gz; do tar -zxf "$file"; done - wget https://raw.githubusercontent.com/privacyguides/privacyguides.org/main/netlify.toml - ls -la site/ - - - uses: actions/setup-node@v4 - - - run: | - npm install netlify-cli -g - - - id: prod_deployment - env: - NETLIFY_SITE_ID: ${{ vars.PROD_NETLIFY_SITE }} - NETLIFY_AUTH_TOKEN: ${{ secrets.NETLIFY_TOKEN }} - run: | - netlify deploy --dir=site --prod-if-unlocked - - github_pages: - if: inputs.github_pages - runs-on: ubuntu-latest - - concurrency: - group: "pages" - - environment: - name: github-pages - url: ${{ steps.deployment.outputs.page_url }} - - # Grant GITHUB_TOKEN the permissions required to make a Pages deployment - permissions: - contents: read - pages: write # to deploy to Pages - id-token: write # to verify the deployment originates from an appropriate source - - steps: - - uses: actions/configure-pages@v5 - - - uses: actions/download-artifact@v4 - with: - pattern: site-build-* - merge-multiple: true - - - run: | - for file in *.tar.gz; do tar -zxf "$file"; done - ls -la site/ - - - uses: 1arp/create-a-file-action@0.4.4 - with: - path: site - file: index.html - content: | - - - Redirecting to English site... - - - - - - uses: actions/upload-pages-artifact@v3 - with: - path: site - - - id: deployment - uses: actions/deploy-pages@main - - bunnycdn_production: - if: inputs.bunnycdn_production - runs-on: ubuntu-latest - - permissions: - contents: read - - environment: - name: production - url: https://privacyguides-org-production.b-cdn.net - - steps: - - uses: actions/download-artifact@v4 - with: - pattern: site-build-* - merge-multiple: true - - - run: | - for file in *.tar.gz; do tar -zxf "$file"; done - ls -la site/ - - - uses: own3d/bunny-action@bfaa5c6bc8b7a7ebd599ddd4912347d7c3847e78 - env: - BUNNY_API_ACCESS_KEY: ${{ secrets.PROD_BUNNYCDN_API_KEY }} - BUNNY_STORAGE_HOSTNAME: storage.bunnycdn.com - BUNNY_STORAGE_USERNAME: ${{ vars.PROD_BUNNYCDN_USER }} - BUNNY_STORAGE_PASSWORD: ${{ secrets.PROD_BUNNYCDN_PASSWORD }} - BUNNY_PULL_ZONE_ID: 2117106 - with: - args: deploy --dir=site - - minio_production: - if: inputs.minio_production - runs-on: ubuntu-latest - - permissions: - contents: read - - environment: - name: production - url: https://privacyguides-org-production.stor1-minio.jonaharagon.net - - steps: - - uses: actions/download-artifact@v4 - with: - pattern: site-build-* - merge-multiple: true - - - run: | - for file in *.tar.gz; do tar -zxf "$file"; done - ls -la site/ - - - uses: jakejarvis/s3-sync-action@master - with: - args: --acl public-read --follow-symlinks --delete - env: - SOURCE_DIR: "site/" - AWS_S3_BUCKET: ${{ vars.PROD_MINIO_BUCKET }} - AWS_S3_ENDPOINT: ${{ vars.PROD_MINIO_HOSTNAME }} - AWS_ACCESS_KEY_ID: ${{ secrets.PROD_MINIO_KEY_ID }} - AWS_SECRET_ACCESS_KEY: ${{ secrets.PROD_MINIO_SECRET_KEY }} diff --git a/.github/workflows/download-repo.yml b/.github/workflows/download-repo.yml deleted file mode 100644 index cc80ef9d..00000000 --- a/.github/workflows/download-repo.yml +++ /dev/null @@ -1,48 +0,0 @@ -# Copyright (c) 2024 Jonah Aragon - -# Permission is hereby granted, free of charge, to any person obtaining a copy -# of this software and associated documentation files (the "Software"), to -# deal in the Software without restriction, including without limitation the -# rights to use, copy, modify, merge, publish, distribute, sublicense, and/or -# sell copies of the Software, and to permit persons to whom the Software is -# furnished to do so, subject to the following conditions: - -# The above copyright notice and this permission notice shall be included in -# all copies or substantial portions of the Software. - -# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR -# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, -# FITNESS FOR A PARTICULAR PURPOSE AND NON-INFRINGEMENT. IN NO EVENT SHALL THE -# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER -# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING -# FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS -# IN THE SOFTWARE. - -name: Download Repository - -on: - workflow_call: - inputs: - repo: - required: true - type: string - secrets: - ACTIONS_SSH_KEY: - required: true - -jobs: - download: - runs-on: ubuntu-latest - steps: - - name: Checkout repository - uses: actions/checkout@v4 - with: - repository: 'privacyguides/${{ inputs.repo }}' - path: repo-${{ inputs.repo }} - ssh-key: ${{ secrets.ACTIONS_SSH_KEY }} - - - uses: actions/upload-artifact@v4 - with: - name: repo-${{ inputs.repo }} - path: repo-${{ inputs.repo }} - retention-days: 1 diff --git a/.github/workflows/publish-mirror.yml b/.github/workflows/publish-mirror.yml index be05831c..116ae80c 100644 --- a/.github/workflows/publish-mirror.yml +++ b/.github/workflows/publish-mirror.yml @@ -20,7 +20,10 @@ name: šŸŖž Push to Mirrors -on: [ push, delete, create ] +permissions: + contents: read + +on: [push, delete, create] # Ensures that only one mirror task will run at a time. concurrency: diff --git a/.github/workflows/publish-pr.yml b/.github/workflows/publish-pr.yml index 0c24bb87..6a1e93e7 100644 --- a/.github/workflows/publish-pr.yml +++ b/.github/workflows/publish-pr.yml @@ -18,7 +18,7 @@ # FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS # IN THE SOFTWARE. -name: šŸ“¦ Publish Pull Request Preview +name: šŸ“¦ PR Preview on: pull_request_target: @@ -30,17 +30,21 @@ concurrency: permissions: pull-requests: write contents: read - pages: write - id-token: write jobs: submodule: strategy: matrix: - repo: [mkdocs-material-insiders, brand, i18n] - uses: ./.github/workflows/download-repo.yml + repo: + - name: mkdocs-material-insiders + ref: main + - name: brand + ref: main + - name: i18n + ref: main + uses: privacyguides/.github/.github/workflows/download-repo.yml@main with: - repo: ${{ matrix.repo }} + repo: ${{ matrix.repo.name }} secrets: ACTIONS_SSH_KEY: ${{ secrets.ACTIONS_SSH_KEY }} @@ -56,7 +60,7 @@ jobs: fail-fast: false permissions: contents: read - uses: ./.github/workflows/build.yml + uses: privacyguides/.github/.github/workflows/build.yml@main with: ref: ${{github.event.pull_request.head.ref}} repo: ${{github.event.pull_request.head.repo.full_name}} @@ -67,12 +71,10 @@ jobs: needs: build permissions: contents: read - pages: write - id-token: write - uses: ./.github/workflows/deploy.yml + uses: privacyguides/.github/.github/workflows/deploy-netlify-preview.yml@main with: - netlify_preview: true netlify_alias: ${{ github.event.pull_request.head.sha }} + netlify_site_id: ${{ vars.NETLIFY_SITE }} secrets: NETLIFY_TOKEN: ${{ secrets.NETLIFY_TOKEN }} @@ -84,7 +86,6 @@ jobs: env: address: ${{ needs.deploy.outputs.netlify_preview_address }} steps: - - uses: thollander/actions-comment-pull-request@v2.5.0 with: message: | @@ -99,4 +100,4 @@ jobs: cleanup: if: ${{ always() }} needs: build - uses: ./.github/workflows/cleanup.yml + uses: privacyguides/.github/.github/workflows/cleanup.yml@main diff --git a/.github/workflows/publish-release.yml b/.github/workflows/publish-release.yml index 49ba6f35..018bb487 100644 --- a/.github/workflows/publish-release.yml +++ b/.github/workflows/publish-release.yml @@ -18,12 +18,12 @@ # FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS # IN THE SOFTWARE. -name: šŸ“¦ Publish Release +name: šŸ“¦ Release on: push: tags: - - '*' + - "*" permissions: contents: write @@ -35,7 +35,7 @@ jobs: strategy: matrix: repo: [mkdocs-material-insiders, brand, i18n] - uses: ./.github/workflows/download-repo.yml + uses: privacyguides/.github/.github/workflows/download-repo.yml@main with: repo: ${{ matrix.repo }} secrets: @@ -48,7 +48,7 @@ jobs: lang: [en, es, fr, he, it, nl, ru, zh-Hant] permissions: contents: read - uses: ./.github/workflows/build.yml + uses: privacyguides/.github/.github/workflows/build.yml@main with: ref: ${{ github.ref }} repo: ${{ github.repository }} @@ -60,7 +60,7 @@ jobs: needs: submodule permissions: contents: read - uses: ./.github/workflows/build-offline.yml + uses: privacyguides/.github/.github/workflows/build-offline.yml@main release: name: Create release notes @@ -84,20 +84,17 @@ jobs: deploy: needs: build - uses: ./.github/workflows/deploy.yml + uses: ./.github/workflows/deploy-all.yml with: netlify_production: true github_pages: true - bunnycdn_production: true minio_production: true secrets: NETLIFY_TOKEN: ${{ secrets.NETLIFY_TOKEN }} - PROD_BUNNYCDN_API_KEY: ${{ secrets.PROD_BUNNYCDN_API_KEY }} - PROD_BUNNYCDN_PASSWORD: ${{ secrets.PROD_BUNNYCDN_PASSWORD }} PROD_MINIO_KEY_ID: ${{ secrets.PROD_MINIO_KEY_ID }} PROD_MINIO_SECRET_KEY: ${{ secrets.PROD_MINIO_SECRET_KEY }} cleanup: if: ${{ always() }} needs: [build, buildoffline] - uses: ./.github/workflows/cleanup.yml + uses: privacyguides/.github/.github/workflows/cleanup.yml@main diff --git a/.github/workflows/test-build.yml b/.github/workflows/test-build.yml index abe6f836..0ea076ce 100644 --- a/.github/workflows/test-build.yml +++ b/.github/workflows/test-build.yml @@ -31,7 +31,7 @@ jobs: strategy: matrix: repo: [mkdocs-material-insiders, brand, i18n] - uses: ./.github/workflows/download-repo.yml + uses: privacyguides/.github/.github/workflows/download-repo.yml@main with: repo: ${{ matrix.repo }} secrets: @@ -45,7 +45,7 @@ jobs: fail-fast: false permissions: contents: read - uses: ./.github/workflows/build.yml + uses: privacyguides/.github/.github/workflows/build.yml@main with: ref: ${{ github.ref }} repo: ${{ github.repository }} @@ -56,9 +56,9 @@ jobs: needs: submodule permissions: contents: read - uses: ./.github/workflows/build-offline.yml + uses: privacyguides/.github/.github/workflows/build-offline.yml@main cleanup: if: ${{ always() }} needs: [build, buildoffline] - uses: ./.github/workflows/cleanup.yml + uses: privacyguides/.github/.github/workflows/cleanup.yml@main diff --git a/.github/workflows/test-lint.yml b/.github/workflows/test-lint.yml new file mode 100644 index 00000000..9ad847da --- /dev/null +++ b/.github/workflows/test-lint.yml @@ -0,0 +1,81 @@ +# Copyright (c) 2024 Jonah Aragon + +# Permission is hereby granted, free of charge, to any person obtaining a copy +# of this software and associated documentation files (the "Software"), to +# deal in the Software without restriction, including without limitation the +# rights to use, copy, modify, merge, publish, distribute, sublicense, and/or +# sell copies of the Software, and to permit persons to whom the Software is +# furnished to do so, subject to the following conditions: + +# The above copyright notice and this permission notice shall be included in +# all copies or substantial portions of the Software. + +# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR +# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, +# FITNESS FOR A PARTICULAR PURPOSE AND NON-INFRINGEMENT. IN NO EVENT SHALL THE +# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER +# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING +# FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS +# IN THE SOFTWARE. + +name: šŸ¤– Linting + +permissions: + contents: read + +on: + workflow_dispatch: + pull_request: + branches: + - main + push: + +concurrency: + group: ${{ github.ref }}-${{ github.workflow }} + cancel-in-progress: true + +env: + MAIN_BRANCH: ${{ github.event_name == 'push' && github.ref == 'refs/heads/main' }} + +jobs: + megalinter: + name: MegaLinter + runs-on: ubuntu-latest + steps: + - if: ${{ env.MAIN_BRANCH }} + uses: actions/checkout@v4 + + - if: ${{ !env.MAIN_BRANCH }} + uses: actions/checkout@v4 + with: + fetch-depth: 0 + + - id: ml + # You can override MegaLinter flavor used to have faster performances + # More info at https://megalinter.io/flavors/ + uses: oxsecurity/megalinter/flavors/documentation@v7.10.0 + env: + # All available variables are described in documentation + # https://megalinter.io/configuration/ + # Validates all source when push on main, else just the git diff with main. + VALIDATE_ALL_CODEBASE: ${{ env.MAIN_BRANCH }} + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + # ADD YOUR CUSTOM ENV VARIABLES HERE OR DEFINE THEM IN A FILE .mega-linter.yml AT THE ROOT OF YOUR REPOSITORY + DISABLE: COPYPASTE,SPELL,HTML + DISABLE_LINTERS: JSON_JSONLINT,MARKDOWN_MARKDOWN_TABLE_FORMATTER + DISABLE_ERRORS_LINTERS: CSS_STYLELINT,MARKDOWN_MARKDOWN_LINK_CHECK,YAML_YAMLLINT + EDITORCONFIG_EDITORCONFIG_CHECKER_ARGUMENTS: -disable-indentation + ENV_DOTENV_LINTER_ARGUMENTS: "--skip QuoteCharacter" + MARKDOWN_MARKDOWN_LINK_CHECK_FILTER_REGEX_INCLUDE: (docs) + MARKDOWN_MARKDOWNLINT_CONFIG_FILE: .markdownlint.yml + MARKDOWN_MARKDOWNLINT_FILTER_REGEX_EXCLUDE: (PULL_REQUEST_TEMPLATE\.md) + + # Upload MegaLinter artifacts + - name: Archive production artifacts + if: success() || failure() + uses: actions/upload-artifact@v4 + with: + name: MegaLinter reports + path: | + megalinter-reports + mega-linter.log diff --git a/.github/workflows/upload-crowdin.yml b/.github/workflows/upload-crowdin.yml index aa8d4985..03a919fd 100644 --- a/.github/workflows/upload-crowdin.yml +++ b/.github/workflows/upload-crowdin.yml @@ -20,10 +20,13 @@ name: šŸ’¬ Crowdin Upload +permissions: + contents: read + on: workflow_dispatch: push: - branches: [ main ] + branches: [main] concurrency: group: ${{ github.workflow }}-${{ github.ref }} @@ -34,18 +37,17 @@ jobs: runs-on: ubuntu-latest steps: + - name: Checkout + uses: actions/checkout@v4 - - name: Checkout - uses: actions/checkout@v4 - - - name: crowdin action - uses: crowdin/github-action@v1.20.1 - with: - upload_sources: true - upload_sources_args: '--auto-update --delete-obsolete' - download_translations: false - config: crowdin.yml - env: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - CROWDIN_PROJECT_ID: ${{ secrets.CROWDIN_PROJECT_ID }} - CROWDIN_PERSONAL_TOKEN: ${{ secrets.CROWDIN_PERSONAL_TOKEN }} + - name: crowdin action + uses: crowdin/github-action@v1.20.1 + with: + upload_sources: true + upload_sources_args: "--auto-update --delete-obsolete" + download_translations: false + config: crowdin.yml + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + CROWDIN_PROJECT_ID: ${{ secrets.CROWDIN_PROJECT_ID }} + CROWDIN_PERSONAL_TOKEN: ${{ secrets.CROWDIN_PERSONAL_TOKEN }} diff --git a/.gitignore b/.gitignore index e94521e7..5a0abb6f 100644 --- a/.gitignore +++ b/.gitignore @@ -19,11 +19,6 @@ site /config/.cache/plugin/social/* !/config/.cache/plugin/social/fonts -# Editor settings -.vscode/* -!.vscode/extensions.json -!.vscode/settings.json - # Local Netlify folder .netlify node_modules diff --git a/.markdownlint.yml b/.markdownlint.yml index dba4502e..08f062e0 100644 --- a/.markdownlint.yml +++ b/.markdownlint.yml @@ -24,8 +24,7 @@ ul-indent: indent: 4 no-inline-html: false code-block-style: false -no-hard-tabs: - spaces-per-tab: 4 +no-hard-tabs: true emphasis-style: style: "asterisk" no-duplicate-header: false diff --git a/.vscode/.empty-schema.json b/.vscode/.empty-schema.json new file mode 100644 index 00000000..0967ef42 --- /dev/null +++ b/.vscode/.empty-schema.json @@ -0,0 +1 @@ +{} diff --git a/.vscode/extensions.json b/.vscode/extensions.json index 14a7c7a1..c00cebc1 100644 --- a/.vscode/extensions.json +++ b/.vscode/extensions.json @@ -24,6 +24,9 @@ "DavidAnson.vscode-markdownlint", "wholroyd.jinja", "mikestead.dotenv", - "matthewpi.caddyfile-support" + "matthewpi.caddyfile-support", + "redhat.vscode-yaml", + "ecmel.vscode-html-css", + "yzhang.markdown-all-in-one" ] } diff --git a/.vscode/settings.json b/.vscode/settings.json index 1a1f4de9..df2afac4 100644 --- a/.vscode/settings.json +++ b/.vscode/settings.json @@ -20,6 +20,7 @@ { "git.ignoreLimitWarning": true, + "ltex.diagnosticSeverity": "hint", "[markdown]": { "editor.unicodeHighlight.ambiguousCharacters": true, "editor.unicodeHighlight.invisibleCharacters": true @@ -31,5 +32,28 @@ "files.associations": { "*.caddy": "caddyfile", "*.example-caddy": "caddyfile" - } + }, + "editor.unicodeHighlight.invisibleCharacters": true, + "editor.defaultFormatter": "DavidAnson.vscode-markdownlint", + "[yaml]": { + "editor.defaultFormatter": "redhat.vscode-yaml", + "editor.quickSuggestions": { + "other": true, + "comments": false, + "strings": true + } + }, + "yaml.schemas": { + "https://raw.githubusercontent.com/DavidAnson/markdownlint/main/schema/markdownlint-config-schema.json": ".markdownlint.yml", + "https://json.schemastore.org/github-issue-config.json": ".github/ISSUE_TEMPLATE/config.yml", + ".vscode/.empty-schema.json": "config/*.yml" + }, + "yaml.customTags": [ + "!ENV sequence", + "!ENV", + "tag:yaml.org,2002:python/name:pymdownx.superfences.fence_code_format", + "tag:yaml.org,2002:python/name:material.extensions.emoji.twemoji", + "tag:yaml.org,2002:python/name:material.extensions.emoji.to_svg" + ], + "editor.formatOnSave": true } diff --git a/README.md b/README.md index bf912768..f650dee3 100644 --- a/README.md +++ b/README.md @@ -1,4 +1,4 @@ - +
@@ -50,9 +50,9 @@ The current list of team members can be found [here](https://www.privacyguides.o - šŸ’– [Sponsor the project](https://github.com/sponsors/privacyguides) - šŸˆ“ [Help translate the site](https://crowdin.com/project/privacyguides) [[Matrix chat](https://matrix.to/#/#pg-i18n:aragon.sh)] - šŸ“ Edit the site, everything's accessible in this repo - - Browse our [open issues](https://github.com/privacyguides/privacyguides.org/issues) to see what needs to be updated - - View the list of [approved topics waiting for a PR](https://discuss.privacyguides.net/tag/approved) - - Read some writing tips in our [style guide](https://www.privacyguides.org/en/meta/writing-style) + - Browse our [open issues](https://github.com/privacyguides/privacyguides.org/issues) to see what needs to be updated + - View the list of [approved topics waiting for a PR](https://discuss.privacyguides.net/tag/approved) + - Read some writing tips in our [style guide](https://www.privacyguides.org/en/meta/writing-style) All contributors to the site are listed [here](https://github.com/privacyguides/privacyguides.org/graphs/contributors). If you make a substantial (i.e. copyright eligible) contribution to the project and would like to be formally credited, you are welcome to include your information in the appropriate `authors` section in [`CITATION.cff`](/CITATION.cff) as well, just submit a PR or ask @jonaharagon to make the change. diff --git a/config/layouts/home.yml b/config/layouts/home.yml index 6f9d2594..d42c5d8d 100644 --- a/config/layouts/home.yml +++ b/config/layouts/home.yml @@ -1,5 +1,4 @@ definitions: - - &background_color >- #FFD06F @@ -35,7 +34,6 @@ definitions: # Meta tags tags: - # Open Graph og:type: website og:title: *page_title_with_site_name @@ -59,7 +57,6 @@ tags: # Card size and layers size: { width: 1200, height: 630 } layers: - # Background - background: color: *background_color diff --git a/config/layouts/page.yml b/config/layouts/page.yml index 99f53186..6396a0d8 100644 --- a/config/layouts/page.yml +++ b/config/layouts/page.yml @@ -1,5 +1,4 @@ definitions: - - &background_image >- {%- if page.meta.cover -%} theme/assets/img/cover/{{ page.meta.cover }} @@ -70,7 +69,6 @@ definitions: # Meta tags tags: - # Open Graph og:type: website og:title: *page_title_with_site_name @@ -94,7 +92,6 @@ tags: # Card size and layers size: { width: 1200, height: 630 } layers: - # Background - background: image: *background_image diff --git a/config/layouts/pride.yml b/config/layouts/pride.yml index d245510e..abe8e3b7 100644 --- a/config/layouts/pride.yml +++ b/config/layouts/pride.yml @@ -1,5 +1,4 @@ definitions: - - &background_image >- {%- if page.meta.cover -%} theme/assets/img/cover/{{ page.meta.cover }} @@ -55,7 +54,6 @@ definitions: # Meta tags tags: - # Open Graph og:type: website og:title: *page_title_with_site_name @@ -79,7 +77,6 @@ tags: # Card size and layers size: { width: 1200, height: 630 } layers: - # Background - background: image: *background_image diff --git a/config/mkdocs-common.yml b/config/mkdocs-common.yml index bc7aac19..22e396ba 100644 --- a/config/mkdocs-common.yml +++ b/config/mkdocs-common.yml @@ -18,20 +18,29 @@ # FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS # IN THE SOFTWARE. -docs_dir: '../docs' +docs_dir: "../docs" site_url: "https://www.privacyguides.org/" -site_dir: '../site' +site_dir: "../site" site_name: Privacy Guides -site_description: !ENV [SITE_DESCRIPTION, "Privacy Guides is your central privacy and security resource to protect yourself online."] -copyright: !ENV [FOOTER_COPYRIGHT, "© 2019 Privacy Guides and contributors."] +site_description: + !ENV [ + SITE_DESCRIPTION, + "Privacy Guides is your central privacy and security resource to protect yourself online.", + ] +copyright: + !ENV [FOOTER_COPYRIGHT, "© 2019 Privacy Guides and contributors."] edit_uri: edit/main/docs/ extra: generator: false context: !ENV [CONTEXT, "production"] deploy: !ENV DEPLOY_ID - homepage_description: !ENV [DESCRIPTION_HOMEPAGE, "A socially motivated website which provides information about protecting your online data privacy and security."] + homepage_description: + !ENV [ + DESCRIPTION_HOMEPAGE, + "A socially motivated website which provides information about protecting your online data privacy and security.", + ] translation_notice: !ENV DESCRIPTION_TRANSLATION translation_notice_cta: !ENV [DESCRIPTION_TRANSLATION_CTA, "Visit Crowdin"] translation_notice_language: !ENV LANG_ENGLISH @@ -86,7 +95,11 @@ extra: icon: https://raw.githubusercontent.com/twitter/twemoji/master/assets/svg/1f1f7-1f1fa.svg consent: title: !ENV [ANALYTICS_CONSENT_TITLE, "Contribute anonymous statistics"] - description: !ENV [ANALYTICS_CONSENT_BODY, "We use cookies to collect anonymous usage statistics. You can opt out if you wish."] + description: + !ENV [ + ANALYTICS_CONSENT_BODY, + "We use cookies to collect anonymous usage statistics. You can opt out if you wish.", + ] cookies: umami: name: Self-Hosted Analytics @@ -219,86 +232,87 @@ markdown_extensions: toc_depth: 4 nav: - - !ENV [NAV_HOME, 'Home']: 'index.md' - - !ENV [NAV_KNOWLEDGE_BASE, 'Knowledge Base']: - - 'basics/why-privacy-matters.md' - - 'basics/threat-modeling.md' - - 'basics/common-threats.md' - - 'basics/common-misconceptions.md' - - 'basics/account-creation.md' - - 'basics/account-deletion.md' - - !ENV [NAV_TECHNOLOGY_ESSENTIALS, 'Technology Essentials']: - - 'basics/passwords-overview.md' - - 'basics/multi-factor-authentication.md' - - 'basics/email-security.md' - - 'basics/vpn-overview.md' - - !ENV [NAV_ADVANCED_TOPICS, 'Advanced Topics']: - - 'advanced/dns-overview.md' - - 'advanced/tor-overview.md' - - 'advanced/payments.md' - - 'advanced/communication-network-types.md' - - !ENV [NAV_OPERATING_SYSTEMS, 'Operating Systems']: - - 'os/android-overview.md' - - 'os/ios-overview.md' - - 'os/linux-overview.md' - - 'os/macos-overview.md' - - 'os/qubes-overview.md' - - kb-archive.md - - !ENV [NAV_RECOMMENDATIONS, 'Recommendations']: - - 'tools.md' - - !ENV [NAV_INTERNET_BROWSING, 'Internet Browsing']: - - 'tor.md' - - 'desktop-browsers.md' - - 'mobile-browsers.md' - - !ENV [NAV_PROVIDERS, 'Providers']: - - 'cloud.md' - - 'dns.md' - - 'email-aliasing.md' - - 'email.md' - - 'financial-services.md' - - 'photo-management.md' - - 'search-engines.md' - - 'vpn.md' - - !ENV [NAV_SOFTWARE, 'Software']: - - 'calendar.md' - - 'cryptocurrency.md' - - 'data-redaction.md' - - 'email-clients.md' - - 'encryption.md' - - 'file-sharing.md' - - 'frontends.md' - - 'multi-factor-authentication.md' - - 'news-aggregators.md' - - 'notebooks.md' - - 'passwords.md' - - 'productivity.md' - - 'real-time-communication.md' - - !ENV [NAV_OPERATING_SYSTEMS, 'Operating Systems']: - - 'android.md' - - 'desktop.md' - - 'router.md' - - !ENV [NAV_ADVANCED, 'Advanced']: - - 'device-integrity.md' - - !ENV [NAV_ABOUT, 'About']: - - 'about/index.md' - - 'about/criteria.md' - - 'about/notices.md' - - 'about/privacy-policy.md' - - 'about/statistics.md' - - !ENV [NAV_COMMUNITY, 'Community']: - - 'about/donate.md' - - !ENV [NAV_ONLINE_SERVICES, 'Online Services']: 'about/services.md' - - !ENV [NAV_CODE_OF_CONDUCT, 'Code of Conduct']: 'CODE_OF_CONDUCT.md' - - 'about/privacytools.md' - - !ENV [NAV_CONTRIBUTING, 'Contributing']: - - !ENV [NAV_WRITING_GUIDE, 'Writing Guide']: - - 'meta/writing-style.md' - - 'meta/admonitions.md' - - 'meta/brand.md' - - 'meta/translations.md' - - !ENV [NAV_TECHNICAL_GUIDES, 'Technical Guides']: - - 'meta/uploading-images.md' - - 'meta/git-recommendations.md' - - !ENV [NAV_CHANGELOG, 'Changelog']: 'https://github.com/privacyguides/privacyguides.org/releases' - - !ENV [NAV_FORUM, 'Forum']: 'https://discuss.privacyguides.net/' - - !ENV [NAV_BLOG, 'Blog']: 'https://blog.privacyguides.org/' + - !ENV [NAV_HOME, "Home"]: "index.md" + - !ENV [NAV_KNOWLEDGE_BASE, "Knowledge Base"]: + - "basics/why-privacy-matters.md" + - "basics/threat-modeling.md" + - "basics/common-threats.md" + - "basics/common-misconceptions.md" + - "basics/account-creation.md" + - "basics/account-deletion.md" + - !ENV [NAV_TECHNOLOGY_ESSENTIALS, "Technology Essentials"]: + - "basics/passwords-overview.md" + - "basics/multi-factor-authentication.md" + - "basics/email-security.md" + - "basics/vpn-overview.md" + - !ENV [NAV_ADVANCED_TOPICS, "Advanced Topics"]: + - "advanced/dns-overview.md" + - "advanced/tor-overview.md" + - "advanced/payments.md" + - "advanced/communication-network-types.md" + - !ENV [NAV_OPERATING_SYSTEMS, "Operating Systems"]: + - "os/android-overview.md" + - "os/ios-overview.md" + - "os/linux-overview.md" + - "os/macos-overview.md" + - "os/qubes-overview.md" + - kb-archive.md + - !ENV [NAV_RECOMMENDATIONS, "Recommendations"]: + - "tools.md" + - !ENV [NAV_INTERNET_BROWSING, "Internet Browsing"]: + - "tor.md" + - "desktop-browsers.md" + - "mobile-browsers.md" + - !ENV [NAV_PROVIDERS, "Providers"]: + - "cloud.md" + - "dns.md" + - "email-aliasing.md" + - "email.md" + - "financial-services.md" + - "photo-management.md" + - "search-engines.md" + - "vpn.md" + - !ENV [NAV_SOFTWARE, "Software"]: + - "calendar.md" + - "cryptocurrency.md" + - "data-redaction.md" + - "email-clients.md" + - "encryption.md" + - "file-sharing.md" + - "frontends.md" + - "multi-factor-authentication.md" + - "news-aggregators.md" + - "notebooks.md" + - "passwords.md" + - "productivity.md" + - "real-time-communication.md" + - !ENV [NAV_OPERATING_SYSTEMS, "Operating Systems"]: + - "android.md" + - "desktop.md" + - "router.md" + - !ENV [NAV_ADVANCED, "Advanced"]: + - "device-integrity.md" + - !ENV [NAV_ABOUT, "About"]: + - "about/index.md" + - "about/criteria.md" + - "about/notices.md" + - "about/privacy-policy.md" + - "about/statistics.md" + - !ENV [NAV_COMMUNITY, "Community"]: + - "about/donate.md" + - !ENV [NAV_ONLINE_SERVICES, "Online Services"]: "about/services.md" + - !ENV [NAV_CODE_OF_CONDUCT, "Code of Conduct"]: "CODE_OF_CONDUCT.md" + - "about/privacytools.md" + - !ENV [NAV_CONTRIBUTING, "Contributing"]: + - !ENV [NAV_WRITING_GUIDE, "Writing Guide"]: + - "meta/writing-style.md" + - "meta/admonitions.md" + - "meta/brand.md" + - "meta/translations.md" + - !ENV [NAV_TECHNICAL_GUIDES, "Technical Guides"]: + - "meta/uploading-images.md" + - "meta/git-recommendations.md" + - !ENV [NAV_CHANGELOG, "Changelog"]: + "https://github.com/privacyguides/privacyguides.org/releases" + - !ENV [NAV_FORUM, "Forum"]: "https://discuss.privacyguides.net/" + - !ENV [NAV_BLOG, "Blog"]: "https://blog.privacyguides.org/" diff --git a/config/mkdocs-offline.yml b/config/mkdocs-offline.yml index 55173031..e970090f 100644 --- a/config/mkdocs-offline.yml +++ b/config/mkdocs-offline.yml @@ -44,5 +44,4 @@ plugins: enabled: true social: enabled: false - # Edit the offline-mode navbar in mkdocs-common.yml diff --git a/config/mkdocs.en.yml b/config/mkdocs.en.yml index cd7bf5d0..78767425 100644 --- a/config/mkdocs.en.yml +++ b/config/mkdocs.en.yml @@ -20,7 +20,7 @@ INHERIT: mkdocs-common.yml site_url: "https://www.privacyguides.org/en/" -site_dir: '../site/en' +site_dir: "../site/en" theme: # ENGLISH ONLY: this logo needs to be set separately because the relative path is different diff --git a/config/mkdocs.es.yml b/config/mkdocs.es.yml index f47c0bbd..0aa4b39e 100644 --- a/config/mkdocs.es.yml +++ b/config/mkdocs.es.yml @@ -19,9 +19,9 @@ # IN THE SOFTWARE. INHERIT: mkdocs-common.yml -docs_dir: '../i18n/es' +docs_dir: "../i18n/es" site_url: "https://www.privacyguides.org/es/" -site_dir: '../site/es' +site_dir: "../site/es" edit_uri: edit/main/i18n/es/ diff --git a/config/mkdocs.fr.yml b/config/mkdocs.fr.yml index 8ff85401..5a247301 100644 --- a/config/mkdocs.fr.yml +++ b/config/mkdocs.fr.yml @@ -19,9 +19,9 @@ # IN THE SOFTWARE. INHERIT: mkdocs-common.yml -docs_dir: '../i18n/fr' +docs_dir: "../i18n/fr" site_url: "https://www.privacyguides.org/fr/" -site_dir: '../site/fr' +site_dir: "../site/fr" edit_uri: edit/main/i18n/fr/ diff --git a/config/mkdocs.he.yml b/config/mkdocs.he.yml index 33fc6949..cd3495f9 100644 --- a/config/mkdocs.he.yml +++ b/config/mkdocs.he.yml @@ -19,9 +19,9 @@ # IN THE SOFTWARE. INHERIT: mkdocs-common.yml -docs_dir: '../i18n/he' +docs_dir: "../i18n/he" site_url: "https://www.privacyguides.org/he/" -site_dir: '../site/he' +site_dir: "../site/he" edit_uri: edit/main/i18n/he/ diff --git a/config/mkdocs.it.yml b/config/mkdocs.it.yml index 5694891a..b4bee1f6 100644 --- a/config/mkdocs.it.yml +++ b/config/mkdocs.it.yml @@ -19,9 +19,9 @@ # IN THE SOFTWARE. INHERIT: mkdocs-common.yml -docs_dir: '../i18n/it' +docs_dir: "../i18n/it" site_url: "https://www.privacyguides.org/it/" -site_dir: '../site/it' +site_dir: "../site/it" edit_uri: edit/main/i18n/it/ diff --git a/config/mkdocs.nl.yml b/config/mkdocs.nl.yml index 642694b9..98d06fb1 100644 --- a/config/mkdocs.nl.yml +++ b/config/mkdocs.nl.yml @@ -19,9 +19,9 @@ # IN THE SOFTWARE. INHERIT: mkdocs-common.yml -docs_dir: '../i18n/nl' +docs_dir: "../i18n/nl" site_url: "https://www.privacyguides.org/nl/" -site_dir: '../site/nl' +site_dir: "../site/nl" edit_uri: edit/main/i18n/nl/ diff --git a/config/mkdocs.ru.yml b/config/mkdocs.ru.yml index f007a593..e1f4e9de 100644 --- a/config/mkdocs.ru.yml +++ b/config/mkdocs.ru.yml @@ -19,9 +19,9 @@ # IN THE SOFTWARE. INHERIT: mkdocs-common.yml -docs_dir: '../i18n/ru' +docs_dir: "../i18n/ru" site_url: "https://www.privacyguides.org/ru/" -site_dir: '../site/ru' +site_dir: "../site/ru" edit_uri: edit/main/docs/ diff --git a/config/mkdocs.zh-Hant.yml b/config/mkdocs.zh-Hant.yml index 7c2616b5..b17635e8 100644 --- a/config/mkdocs.zh-Hant.yml +++ b/config/mkdocs.zh-Hant.yml @@ -19,9 +19,9 @@ # IN THE SOFTWARE. INHERIT: mkdocs-common.yml -docs_dir: '../i18n/zh-Hant' +docs_dir: "../i18n/zh-Hant" site_url: "https://www.privacyguides.org/zh-Hant/" -site_dir: '../site/zh-Hant' +site_dir: "../site/zh-Hant" edit_uri: edit/main/i18n/zh-Hant/ diff --git a/crowdin.yml b/crowdin.yml index 5ff57907..c145d351 100644 --- a/crowdin.yml +++ b/crowdin.yml @@ -18,25 +18,26 @@ # FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS # IN THE SOFTWARE. +#checkov:skip=CKV_SECRET_6:obviously a variable name and not a secret api_token_env: CROWDIN_PERSONAL_TOKEN project_id: "509862" "preserve_hierarchy": true files: -- source: "/docs/**/*.*" - translation: "/i18n/%two_letters_code%/**/%file_name%.%file_extension%" - skip_untranslated_files: false -- source: "/theme/overrides/*.en.html" - translation: "/theme/overrides/%file_name%.%two_letters_code%.html" - translation_replace: - "en.": "" - skip_untranslated_files: false -- source: "/includes/*.en.*" - translation: "/includes/%file_name%.%two_letters_code%.%file_extension%" - translation_replace: - "en.": "" - skip_untranslated_files: false -- source: "/static/i18n/*.en.*" - translation: "/static/i18n/%file_name%.%two_letters_code%.%file_extension%" - translation_replace: - "en.": "" - skip_untranslated_files: false + - source: "/docs/**/*.*" + translation: "/i18n/%two_letters_code%/**/%file_name%.%file_extension%" + skip_untranslated_files: false + - source: "/theme/overrides/*.en.html" + translation: "/theme/overrides/%file_name%.%two_letters_code%.html" + translation_replace: + "en.": "" + skip_untranslated_files: false + - source: "/includes/*.en.*" + translation: "/includes/%file_name%.%two_letters_code%.%file_extension%" + translation_replace: + "en.": "" + skip_untranslated_files: false + - source: "/static/i18n/*.en.*" + translation: "/static/i18n/%file_name%.%two_letters_code%.%file_extension%" + translation_replace: + "en.": "" + skip_untranslated_files: false diff --git a/docs/about/index.md b/docs/about/index.md index bcbf4659..71d196b3 100644 --- a/docs/about/index.md +++ b/docs/about/index.md @@ -48,12 +48,12 @@ So far in 2023 we've launched international translations of our website in [Fren
- - :robot:{ .lg .middle } **@jonah** diff --git a/docs/about/privacytools.md b/docs/about/privacytools.md index 248f2bf5..6189b82e 100644 --- a/docs/about/privacytools.md +++ b/docs/about/privacytools.md @@ -1,8 +1,6 @@ --- title: "PrivacyTools FAQ" --- -# Why we moved on from PrivacyTools - In September 2021, every active contributor unanimously agreed to move from PrivacyTools to work on this site: Privacy Guides. This decision was made because PrivacyToolsā€™ founder and controller of the domain name had disappeared for an extended period of time and could not be contacted. Having built a reputable site and set of services on PrivacyTools.io, this caused grave concerns for the future of PrivacyTools, as any future disruption could wipe out the entire organization with no recovery method. This transition was communicated to the PrivacyTools community many months in advance via a variety of channels including its blog, Twitter, Reddit, and Mastodon to ensure the entire process went as smoothly as possible. We did this to ensure nobody was kept in the dark, which has been our modus operandi since our team was created, and to make sure Privacy Guides was recognized as the same reliable organization that PrivacyTools was before the transition. @@ -49,11 +47,11 @@ Reddit requires that subreddits have active moderators. If the primary moderator On September 14th, 2021, we [announced](https://blog.privacyguides.org/2021/09/14/welcome-to-privacy-guides) the beginning of our migration to this new domain: -> [...] we found it necessary to make this switch sooner rather than later to ensure people would find out about this transition as soon as possible. This gives us adequate time to transition the domain name, which is currently redirecting to www.privacyguides.org, and it hopefully gives everyone enough time to notice the change, update bookmarks and websites, etc. +> [...] we found it necessary to make this switch sooner rather than later to ensure people would find out about this transition as soon as possible. This gives us adequate time to transition the domain name, which is currently redirecting to `www.privacyguides.org`, and it hopefully gives everyone enough time to notice the change, update bookmarks and websites, etc. This change [entailed:](https://reddit.com/comments/pnhn4a) -- Redirecting www.privacytools.io to [www.privacyguides.org](https://www.privacyguides.org). +- Redirecting `www.privacytools.io` to [www.privacyguides.org](https://www.privacyguides.org). - Archiving the source code on GitHub to preserve our past work and issue tracker, which we continued to use for months of future development of this site. - Posting announcements to our subreddit and various other communities informing people of the official change. - Formally closing privacytools.io services, like Matrix and Mastodon, and encouraging existing users to migrate as soon as possible. @@ -64,7 +62,7 @@ Things appeared to be going smoothly, and most of our active community made the Roughly a week following the transition, BurungHantu returned online for the first time in nearly a year, however nobody on our team was willing to return to PrivacyTools because of his historic unreliability. Rather than apologize for his prolonged absence, he immediately went on the offensive and positioned the transition to Privacy Guides as an attack against him and his project. He subsequently [deleted](https://reddit.com/comments/pp9yie/comment/hd49wbn) many of these posts when it was pointed out by the community that he had been absent and abandoned the project. -At this point, BurungHantu claimed he wanted to continue working on privacytools.io on his own and requested that we remove the redirect from www.privacytools.io to [www.privacyguides.org](https://www.privacyguides.org). We obliged and requested that he keep the subdomains for Matrix, Mastodon, and PeerTube active for us to run as a public service to our community for at least a few months, in order to allow users on those platforms to easily migrate to other accounts. Due to the federated nature of the services we provided, they were tied to specific domain names making it very difficult to migrate (and in some cases impossible). +At this point, BurungHantu claimed he wanted to continue working on privacytools.io on his own and requested that we remove the redirect from `www.privacytools.io` to [www.privacyguides.org](https://www.privacyguides.org). We obliged and requested that he keep the subdomains for Matrix, Mastodon, and PeerTube active for us to run as a public service to our community for at least a few months, in order to allow users on those platforms to easily migrate to other accounts. Due to the federated nature of the services we provided, they were tied to specific domain names making it very difficult to migrate (and in some cases impossible). Unfortunately, because control of the r/privacytoolsIO subreddit was not returned to BurungHantu at his demand (further information below), those subdomains were [cut off](https://reddit.com/comments/pymthv/comment/hexwrps) at the beginning of October, ending any migration possibilities to any users still using those services. @@ -84,7 +82,7 @@ After the launch of [r/PrivacyGuides](https://reddit.com/r/privacyguides), it wa > [...] The growth of this Sub was the result of great effort, across several years, by the PrivacyGuides.org team. And by every one of you. > -> A Subreddit is a great deal of work to administer and moderate. Like a garden, it requires patient tending and daily care. Itā€™s not a task for dilettantes or commitment-challenged people. It canā€™t thrive under a gardener who abandons it for several years, then shows up demanding this yearā€™s harvest as their tribute. Itā€™s unfair to the team formed years ago. Itā€™s unfair to you. [...] +> A Subreddit is a great deal of work to administer and moderate. Like a garden, it requires patient tending and daily care. It's not a task for dilettantes or commitment-challenged people. It canā€™t thrive under a gardener who abandons it for several years, then shows up demanding this yearā€™s harvest as their tribute. It's unfair to the team formed years ago. Itā€™s unfair to you. [...] Subreddits do not belong to anybody, and they especially do not belong to brand-holders. They belong to their communities, and the community and its moderators made the decision to support the move to r/PrivacyGuides. @@ -100,7 +98,7 @@ Our fundraising platform, OpenCollective, is another source of contention. Our p Thus, the funds in OpenCollective belong to Privacy Guides, they were given to our project, and not the owner of a well known domain name. In the announcement made to donors on September 17th, 2021, we offered refunds to any donor who disagrees with the stance we took, but nobody has taken us up on this offer: -> If any sponsors or backers disagree with or feel misled by these recent events and would like to request a refund given these highly unusual circumstances, please get in touch with our project admin by emailing jonah@triplebit.net. +> If any sponsors or backers disagree with or feel misled by these recent events and would like to request a refund given these highly unusual circumstances, please get in touch with our project admin by emailing `jonah@triplebit.net`. ## Further Reading diff --git a/docs/about/services.md b/docs/about/services.md index b1e76809..9f4e8e0b 100644 --- a/docs/about/services.md +++ b/docs/about/services.md @@ -13,14 +13,14 @@ We run a number of web services to test out features and promote cool decentrali ## Gitea - Domain: [code.privacyguides.dev](https://code.privacyguides.dev) -- Availability: Invite-Only +- Availability: Invite-Only Access may be granted upon request to any team working on *Privacy Guides*-related development or content. - Source: [snapcraft.io/gitea](https://snapcraft.io/gitea) ## Matrix - Domain: [matrix.privacyguides.org](https://matrix.privacyguides.org) -- Availability: Invite-Only +- Availability: Invite-Only Access may be granted upon request to Privacy Guides team members, Matrix moderators, third-party Matrix community administrators, Matrix bot operators, and other individuals in need of a reliable Matrix presence. - Source: [github.com/spantaleev/matrix-docker-ansible-deploy](https://github.com/spantaleev/matrix-docker-ansible-deploy) @@ -33,6 +33,6 @@ Access may be granted upon request to Privacy Guides team members, Matrix modera ## Invidious - Domain: [invidious.privacyguides.net](https://invidious.privacyguides.net) -- Availability: Semi-Public +- Availability: Semi-Public We host Invidious primarily to serve embedded YouTube videos on our website, this instance is not intended for general-purpose use and may be limited at any time. - Source: [github.com/iv-org/invidious](https://github.com/iv-org/invidious) diff --git a/docs/advanced/dns-overview.md b/docs/advanced/dns-overview.md index 327c9057..1d1f909f 100644 --- a/docs/advanced/dns-overview.md +++ b/docs/advanced/dns-overview.md @@ -354,8 +354,8 @@ dig +nocmd @9.9.9.11 -t txt o-o.myaddr.l.google.com +nocomments +noall +answer + If the results include a second edns0-client-subnet TXT record (like shown below), then your DNS server is passing along EDNS information. The IP or network shown after is the precise information which was shared with Google by your DNS provider. ```text -o-o.myaddr.l.google.com. 60 IN TXT "198.51.100.32" -o-o.myaddr.l.google.com. 60 IN TXT "edns0-client-subnet 198.51.100.0/24" +o-o.myaddr.l.google.com. 60 IN TXT "198.51.100.32" +o-o.myaddr.l.google.com. 60 IN TXT "edns0-client-subnet 198.51.100.0/24" ;; Query time: 64 msec ;; SERVER: 9.9.9.11#53(9.9.9.11) ;; WHEN: Wed Mar 13 10:23:08 CDT 2024 diff --git a/docs/basics/common-misconceptions.md b/docs/basics/common-misconceptions.md index 5b7a5b9d..75bc4487 100644 --- a/docs/basics/common-misconceptions.md +++ b/docs/basics/common-misconceptions.md @@ -77,21 +77,21 @@ One of the clearest threat models is one where people *know who you are* and one 1. **Known identity** - A known identity is used for things where you must declare your name. There are many legal documents and contracts where a legal identity is required. This could range from opening a bank account, signing a property lease, obtaining a passport, customs declarations when importing items, or otherwise dealing with your government. These things will usually lead to credentials such as credit cards, credit rating checks, account numbers, and possibly physical addresses. -We don't suggest using a VPN or Tor for any of these things, as your identity is already known through other means. + We don't suggest using a VPN or Tor for any of these things, as your identity is already known through other means. -
-

Tip

+
+

Tip

-When shopping online, the use of a [parcel locker](https://en.wikipedia.org/wiki/Parcel_locker) can help keep your physical address private. + When shopping online, the use of a [parcel locker](https://en.wikipedia.org/wiki/Parcel_locker) can help keep your physical address private. -
+
2. **Unknown identity** - An unknown identity could be a stable pseudonym that you regularly use. It is not anonymous because it doesn't change. If you're part of an online community, you may wish to retain a persona that others know. This pseudonym isn't anonymous becauseā€”if monitored for long enoughā€”details about the owner can reveal further information, such as the way they write, their general knowledge about topics of interest, etc. -You may wish to use a VPN for this, to mask your IP address. Financial transactions are more difficult to mask: You could consider using anonymous cryptocurrencies, such as [Monero](https://getmonero.org). Employing altcoin shifting may also help to disguise where your currency originated. Typically, exchanges require KYC (know your customer) to be completed before they'll allow you to exchange fiat currency into any kind of cryptocurrency. Local meet-up options may also be a solution; however, those are often more expensive and sometimes also require KYC. + You may wish to use a VPN for this, to mask your IP address. Financial transactions are more difficult to mask: You could consider using anonymous cryptocurrencies, such as [Monero](https://getmonero.org). Employing altcoin shifting may also help to disguise where your currency originated. Typically, exchanges require KYC (know your customer) to be completed before they'll allow you to exchange fiat currency into any kind of cryptocurrency. Local meet-up options may also be a solution; however, those are often more expensive and sometimes also require KYC. 3. **Anonymous identity** - Even with experience, anonymous identities are difficult to maintain over long periods of time. They should be short-term and short-lived identities which are rotated regularly. -Using Tor can help with this. It is also worth noting that greater anonymity is possible through asynchronous communication: Real-time communication is vulnerable to analysis of typing patterns (i.e. more than a paragraph of text, distributed on a forum, via email, etc.) + Using Tor can help with this. It is also worth noting that greater anonymity is possible through asynchronous communication: Real-time communication is vulnerable to analysis of typing patterns (i.e. more than a paragraph of text, distributed on a forum, via email, etc.) [^1]: One notable example of this is the [2021 incident in which University of Minnesota researchers introduced three vulnerabilities into the Linux kernel development project](https://cse.umn.edu/cs/linux-incident). diff --git a/docs/basics/multi-factor-authentication.md b/docs/basics/multi-factor-authentication.md index 12ab3cfe..8dbf5d6b 100644 --- a/docs/basics/multi-factor-authentication.md +++ b/docs/basics/multi-factor-authentication.md @@ -158,7 +158,7 @@ Qubes OS has support for Challenge-Response authentication with YubiKeys. If you SSH MFA could be set up using multiple different authentication methods that are popular with hardware security keys. We recommend that you check out Yubico's [documentation](https://developers.yubico.com/SSH) on how to set this up. -#### Time-based One-time Password (TOTP) +#### TOTP SSH MFA can also be set up using TOTP. DigitalOcean has provided a tutorial [How To Set Up Multi-Factor Authentication for SSH on Ubuntu 20.04](https://digitalocean.com/community/tutorials/how-to-set-up-multi-factor-authentication-for-ssh-on-ubuntu-20-04). Most things should be the same regardless of distribution, however the package manager commandsā€”such as `apt-get`ā€”and package names may differ. diff --git a/docs/basics/why-privacy-matters.md b/docs/basics/why-privacy-matters.md index d2acd59b..ea4f0537 100644 --- a/docs/basics/why-privacy-matters.md +++ b/docs/basics/why-privacy-matters.md @@ -10,16 +10,19 @@ Privacy is ultimately about human information, and this is important because we Many people get the concepts of **privacy**, **security**, and **anonymity** confused. You'll see people criticize various products as "not private" when really they mean it doesn't provide anonymity, for example. On this website, we cover all three of these topics, but it is important you understand the difference between them, and when each one comes into play. + **Privacy** : ==Privacy is the assurance that your data is only seen by the parties you intend to view it.== In the context of an instant messenger, for example, end-to-end encryption provides privacy by keeping your message visible only to yourself and the recipient. + **Security** : Security is the ability to trust the applications you useā€”that the parties involved are who they say they areā€”and keep those applications safe. In the context of browsing the web, for example, security can be provided by HTTPS certificates. : Certificates prove you are talking directly to the website you're visiting, and keep attackers on your network from reading or modifying the data sent to or from the website. + **Anonymity** : Anonymity is the ability to act without a persistent identifier. You might achieve this online with [Tor](../tor.md), which allows you to browse the internet with a random IP address and network connection instead of your own. diff --git a/docs/cloud.md b/docs/cloud.md index 46075c30..f3343651 100644 --- a/docs/cloud.md +++ b/docs/cloud.md @@ -45,7 +45,7 @@ The Proton Drive web application has been independently audited by Securitum in > Auditors identified two low-severity vulnerabilities. Additionally, five general recommendations were reported. At the same time, we confirm that no important security issues were identified during the pentest. -Proton Drive's brand new mobile clients have not yet been publicly audited by a third-party. +Proton Drive's brand new mobile clients have not yet been publicly audited by a third party. ## Tresorit diff --git a/docs/desktop-browsers.md b/docs/desktop-browsers.md index 3c9234b3..fb8225e1 100644 --- a/docs/desktop-browsers.md +++ b/docs/desktop-browsers.md @@ -139,7 +139,7 @@ Firefox includes a unique [download token](https://bugzilla.mozilla.org/show_bug
-### Recommended Configuration +### Recommended Firefox Configuration These options can be found in :material-menu: ā†’ **Settings** @@ -256,7 +256,7 @@ Brave adds a "[referral code](https://github.com/brave/brave-browser/wiki/Brave%
-### Recommended Configuration +### Recommended Brave Configuration These options can be found in :material-menu: ā†’ **Settings**. @@ -339,7 +339,7 @@ Brave's Web3 features can potentially add to your browser fingerprint and attack 1. This option is not present on all platforms. -#### Sync +#### Brave Sync [Brave Sync](https://support.brave.com/hc/articles/360059793111-Understanding-Brave-Sync) allows your browsing data (history, bookmarks, etc.) to be accessible on all your devices without requiring an account and protects it with E2EE. diff --git a/docs/email.md b/docs/email.md index 3904b834..5339811e 100644 --- a/docs/email.md +++ b/docs/email.md @@ -5,6 +5,7 @@ icon: material/email description: These email providers offer a great place to store your emails securely, and many offer interoperable OpenPGP encryption with other providers. cover: email.webp --- + Email is practically a necessity for using any online service, however we do not recommend it for person-to-person conversations. Rather than using email to contact other people, consider using an instant messaging medium that supports forward secrecy. [Recommended Instant Messengers](real-time-communication.md){ .md-button } @@ -70,7 +71,7 @@ OpenPGP also does not support Forward secrecy, which means if either your or the Free accounts have some limitations, such as not being able to search body text and not having access to [Proton Mail Bridge](https://proton.me/mail/bridge), which is required to use a [recommended desktop email client](email-clients.md) (e.g. Thunderbird). Paid accounts include features like Proton Mail Bridge, additional storage, and custom domain support. A [letter of attestation](https://proton.me/blog/security-audit-all-proton-apps) was provided for Proton Mail's apps on 9th November 2021 by [Securitum](https://research.securitum.com). -If you have the Proton Unlimited, Business, or Visionary Plan, you also get [SimpleLogin](#simplelogin) Premium for free. +If you have the Proton Unlimited, Business, or Visionary Plan, you also get [SimpleLogin](email-aliasing.md#simplelogin) Premium for free. Proton Mail has internal crash reports that they **do not** share with third parties. This can be disabled in: **Settings** > **Go to Settings** > **Account** > **Security and privacy** > **Send crash reports**. diff --git a/docs/encryption.md b/docs/encryption.md index ea7b6597..ddcd15ff 100644 --- a/docs/encryption.md +++ b/docs/encryption.md @@ -126,28 +126,32 @@ BitLocker is [only supported](https://support.microsoft.com/windows/turn-on-devi To enable BitLocker on "Home" editions of Windows, you must have partitions formatted with a [GUID Partition Table](https://en.wikipedia.org/wiki/GUID_Partition_Table) and have a dedicated TPM (v1.2, 2.0+) module. You may need to [disable the non-Bitlocker "Device encryption" functionality](https://discuss.privacyguides.net/t/enabling-bitlocker-on-the-windows-11-home-edition/13303/5) (which is inferior because it sends your recovery key to Microsoft's servers) if it is enabled on your device already before following this guide. 1. Open a command prompt and check your drive's partition table format with the following command. You should see "**GPT**" listed under "Partition Style": - ```powershell - powershell Get-Disk - ``` + + ```powershell + powershell Get-Disk + ``` 2. Run this command (in an admin command prompt) to check your TPM version. You should see `2.0` or `1.2` listed next to `SpecVersion`: - ```powershell - powershell Get-WmiObject -Namespace "root/cimv2/security/microsofttpm" -Class WIN32_tpm - ``` + + ```powershell + powershell Get-WmiObject -Namespace "root/cimv2/security/microsofttpm" -Class WIN32_tpm + ``` 3. Access [Advanced Startup Options](https://support.microsoft.com/windows/advanced-startup-options-including-safe-mode-b90e7808-80b5-a291-d4b8-1a1af602b617). You need to reboot while pressing the F8 key before Windows starts and go into the *command prompt* in **Troubleshoot** ā†’ **Advanced Options** ā†’ **Command Prompt**. 4. Login with your admin account and type this in the command prompt to start encryption: - ```powershell - manage-bde -on c: -used - ``` + + ```powershell + manage-bde -on c: -used + ``` 5. Close the command prompt and continue booting to regular Windows. 6. Open an admin command prompt and run the following commands: - ```powershell - manage-bde c: -protectors -add -rp -tpm - manage-bde -protectors -enable c: - manage-bde -protectors -get c: > %UserProfile%\Desktop\BitLocker-Recovery-Key.txt - ``` + + ```powershell + manage-bde c: -protectors -add -rp -tpm + manage-bde -protectors -enable c: + manage-bde -protectors -get c: > %UserProfile%\Desktop\BitLocker-Recovery-Key.txt + ```

Tip

diff --git a/docs/file-sharing.md b/docs/file-sharing.md index 3ec0847d..a1ed8058 100644 --- a/docs/file-sharing.md +++ b/docs/file-sharing.md @@ -14,7 +14,7 @@ Discover how to privately share your files between your devices, with your frien ![Send logo](assets/img/file-sharing-sync/send.svg){ align=right } -**Send** is a fork of Mozillaā€™s discontinued Firefox Send service which allows you to send files to others with a link. Files are encrypted on your device so that they cannot be read by the server, and they can be optionally password-protected as well. The maintainer of Send hosts a [public instance](https://send.vis.ee). You can use other public instances, or you can host Send yourself. +**Send** is a fork of Mozilla's discontinued Firefox Send service which allows you to send files to others with a link. Files are encrypted on your device so that they cannot be read by the server, and they can be optionally password-protected as well. The maintainer of Send hosts a [public instance](https://send.vis.ee). You can use other public instances, or you can host Send yourself. [:octicons-home-16: Homepage](https://send.vis.ee){ .md-button .md-button--primary } [:octicons-server-16:](https://github.com/timvisee/send-instances){ .card-link title="Public Instances"} @@ -144,6 +144,7 @@ We don't recommend using the [E2EE App](https://apps.nextcloud.com/apps/end_to_e
+ ### Criteria **Please note we are not affiliated with any of the projects we recommend.** In addition to [our standard criteria](about/criteria.md), we have developed a clear set of requirements to allow us to provide objective recommendations. We suggest you familiarize yourself with this list before choosing to use a project, and conduct your own research to ensure it's the right choice for you. diff --git a/docs/financial-services.md b/docs/financial-services.md index e05b5009..1fffaa4a 100644 --- a/docs/financial-services.md +++ b/docs/financial-services.md @@ -84,6 +84,7 @@ These services allow you to purchase gift cards for a variety of merchants onlin + ### Criteria **Please note we are not affiliated with any of the projects we recommend.** In addition to [our standard criteria](about/criteria.md), we have developed a clear set of requirements to allow us to provide objective recommendations. We suggest you familiarize yourself with this list before choosing to use a project, and conduct your own research to ensure it's the right choice for you. diff --git a/docs/index.md b/docs/index.md index 3a02513b..1194a5ff 100644 --- a/docs/index.md +++ b/docs/index.md @@ -36,7 +36,7 @@ schema: urlTemplate: "https://www.privacyguides.org/?q={search_term_string}" query-input: required name=search_term_string --- - + ## Why should I care? ##### ā€œI have nothing to hide. Why should I care about my privacy?ā€ diff --git a/docs/kb-archive.md b/docs/kb-archive.md index abe68838..bb111c57 100644 --- a/docs/kb-archive.md +++ b/docs/kb-archive.md @@ -3,8 +3,6 @@ title: KB Archive icon: material/archive description: Some pages that used to be in our knowledge base can now be found on our blog. --- -# Pages Moved to Blog - Some pages that used to be in our knowledge base can now be found on our blog: - [GrapheneOS vs. CalyxOS](https://blog.privacyguides.org/2022/04/21/grapheneos-or-calyxos) diff --git a/docs/meta/brand.md b/docs/meta/brand.md index 53cb9ac4..349d9a51 100644 --- a/docs/meta/brand.md +++ b/docs/meta/brand.md @@ -19,4 +19,4 @@ Additional branding guidelines can be found at [github.com/privacyguides/brand]( "Privacy Guides" and the shield logo are trademarks owned by Jonah Aragon, unlimited usage is granted to the Privacy Guides project. -Without waiving any of its rights, Privacy Guides does not advise others on the scope of its intellectual property rights. Privacy Guides does not permit or consent to any use of its trademarks in any manner that is likely to cause confusion by implying association with or sponsorship by Privacy Guides. If you are aware of any such use, please contact Jonah Aragon at jonah@privacyguides.org. Consult your legal counsel if you have questions. +Without waiving any of its rights, Privacy Guides does not advise others on the scope of its intellectual property rights. Privacy Guides does not permit or consent to any use of its trademarks in any manner that is likely to cause confusion by implying association with or sponsorship by Privacy Guides. If you are aware of any such use, please contact Jonah Aragon at `jonah@privacyguides.org`. Consult your legal counsel if you have questions. diff --git a/docs/meta/git-recommendations.md b/docs/meta/git-recommendations.md index 48cbf937..110617ec 100644 --- a/docs/meta/git-recommendations.md +++ b/docs/meta/git-recommendations.md @@ -8,15 +8,18 @@ If you make changes to this website on GitHub.com's web editor directly, you sho You can use an existing SSH key for signing, or [create a new one](https://docs.github.com/en/authentication/connecting-to-github-with-ssh/generating-a-new-ssh-key-and-adding-it-to-the-ssh-agent). 1. Configure your Git client to sign commits and tags by default (remove `--global` to only sign by default for this repo): - ``` - git config --global commit.gpgsign true - git config --global gpg.format ssh - git config --global tag.gpgSign true - ``` + + ```bash + git config --global commit.gpgsign true + git config --global gpg.format ssh + git config --global tag.gpgSign true + ``` + 2. Set your SSH key for signing in Git with the following command, substituting `/PATH/TO/.SSH/KEY.PUB` with the path to the public key you'd like to use, e.g. `/home/user/.ssh/id_ed25519.pub`: - ``` - git config --global user.signingkey /PATH/TO/.SSH/KEY.PUB - ``` + + ```bash + git config --global user.signingkey /PATH/TO/.SSH/KEY.PUB + ``` Ensure you [add your SSH key to your GitHub account](https://docs.github.com/en/authentication/connecting-to-github-with-ssh/adding-a-new-ssh-key-to-your-github-account#adding-a-new-ssh-key-to-your-account) **as a Signing Key** (as opposed to or in addition to as an Authentication Key). @@ -26,7 +29,7 @@ Use `git pull --rebase` instead of `git pull` when pulling in changes from GitHu You can set this to be the default behavior: -``` +```bash git config --global pull.rebase true ``` @@ -34,7 +37,7 @@ git config --global pull.rebase true If you are working on your own branch, run these commands before submitting a PR: -``` +```bash git fetch origin git rebase origin/main ``` diff --git a/docs/mobile-browsers.md b/docs/mobile-browsers.md index 4e4eb4bd..6b5596f9 100644 --- a/docs/mobile-browsers.md +++ b/docs/mobile-browsers.md @@ -68,7 +68,7 @@ Brave is built upon the Chromium web browser project, so it should feel familiar -#### Recommended Configuration +#### Recommended Brave Configuration Tor Browser is the only way to truly browse the internet anonymously. When you use Brave, we recommend changing the following settings to protect your privacy from certain parties, but all browsers other than the [Tor Browser](tor.md#tor-browser) will be traceable by *somebody* in some regard or another. @@ -150,7 +150,7 @@ On iOS, any app that can browse the web is [restricted](https://developer.apple. -#### Recommended Configuration +#### Recommended Firefox Configuration These options can be found in :gear: **Settings** ā†’ **Safari** diff --git a/docs/multi-factor-authentication.md b/docs/multi-factor-authentication.md index 40462456..fba25a50 100644 --- a/docs/multi-factor-authentication.md +++ b/docs/multi-factor-authentication.md @@ -151,6 +151,7 @@ We highly recommend that you use mobile TOTP apps instead of desktop alternative + ### Criteria **Please note we are not affiliated with any of the projects we recommend.** In addition to [our standard criteria](about/criteria.md), we have developed a clear set of requirements to allow us to provide objective recommendations. We suggest you familiarize yourself with this list before choosing to use a project, and conduct your own research to ensure it's the right choice for you. diff --git a/docs/passwords.md b/docs/passwords.md index 279e26e4..6fdaef60 100644 --- a/docs/passwords.md +++ b/docs/passwords.md @@ -366,6 +366,7 @@ These products are minimal password managers that can be used within scripting a + ### Criteria **Please note we are not affiliated with any of the projects we recommend.** In addition to [our standard criteria](about/criteria.md), we have developed a clear set of requirements to allow us to provide objective recommendations. We suggest you familiarize yourself with this list before choosing to use a project, and conduct your own research to ensure it's the right choice for you. diff --git a/docs/productivity.md b/docs/productivity.md index 55a01519..31501f9a 100644 --- a/docs/productivity.md +++ b/docs/productivity.md @@ -4,6 +4,7 @@ icon: material/file-sign description: Most online office suites do not support E2EE, meaning the cloud provider has access to everything you do. cover: productivity.webp --- + Most online office suites do not support E2EE, meaning the cloud provider has access to everything you do. The privacy policy may legally protect your rights, but it does not provide technical access constraints. ## Collaboration Platforms diff --git a/docs/tools.md b/docs/tools.md index 9976f455..6f6d70af 100644 --- a/docs/tools.md +++ b/docs/tools.md @@ -62,6 +62,7 @@ For more details about each project, why they were chosen, and additional tips o [Learn more :material-arrow-right-drop-circle:](mobile-browsers.md) + ### Additional Resources
diff --git a/docs/vpn.md b/docs/vpn.md index 8190735f..3b0e7f34 100644 --- a/docs/vpn.md +++ b/docs/vpn.md @@ -5,6 +5,7 @@ icon: material/vpn description: These are the best VPN services for protecting your privacy and security online. Find a provider here that isnā€™t out to spy on you. cover: vpn.webp --- + If you're looking for additional **privacy** from your ISP, on a public Wi-Fi network, or while torrenting files, a VPN may be the solution for you as long as you understand the risks involved. We think these providers are a cut above the rest: diff --git a/includes/strings.en.env b/includes/strings.en.env index bfad2491..2ac810d3 100644 --- a/includes/strings.en.env +++ b/includes/strings.en.env @@ -1,44 +1,44 @@ ANALYTICS_CONSENT_BODY="We collect anonymous statistics about your visits to help us improve the site. We do not track you across other websites. If you disable this, we will not know when you have visited our site. We will save a single cookie in your browser to remember your preference." ANALYTICS_CONSENT_TITLE="Contribute anonymous statistics" -LANG="English" -LANG_ENGLISH="English" -SITE_NAME="Privacy Guides" -SITE_DESCRIPTION="Privacy Guides is your central privacy and security resource to protect yourself online." -FOOTER_COPYRIGHT_INTRO="Privacy Guides is a non-profit, socially motivated website that provides information for protecting your data security and privacy." +DESCRIPTION_HOMEPAGE="A socially motivated website which provides information about protecting your online data privacy and security." +DESCRIPTION_TRANSLATION="You're viewing the $LANG copy of Privacy Guides, translated by our fantastic language team on Crowdin. If you notice an error, or see any untranslated sections on this page, please consider helping out!" +DESCRIPTION_TRANSLATION_CTA="Visit Crowdin" FOOTER_COPYRIGHT_AFFILIATE="We do not make money from recommending certain products, and we do not use affiliate links." FOOTER_COPYRIGHT_ANALYTICS="Anonymous statistics preferences." FOOTER_COPYRIGHT_DATE="2019 - 2024 Privacy Guides and contributors." FOOTER_COPYRIGHT_ICON='' +FOOTER_COPYRIGHT_INTRO="Privacy Guides is a non-profit, socially motivated website that provides information for protecting your data security and privacy." FOOTER_COPYRIGHT_LICENSE="Content license:" FOOTER_COPYRIGHT="$FOOTER_COPYRIGHT_INTRO
$FOOTER_COPYRIGHT_AFFILIATE
© $FOOTER_COPYRIGHT_DATE $FOOTER_COPYRIGHT_ICON $FOOTER_COPYRIGHT_LICENSE CC BY-ND 4.0. $FOOTER_COPYRIGHT_ANALYTICS" -THEME_LIGHT="Switch to light mode" -THEME_DARK="Switch to dark mode" -THEME_AUTO="Switch to system theme" -DESCRIPTION_HOMEPAGE="A socially motivated website which provides information about protecting your online data privacy and security." -DESCRIPTION_TRANSLATION="You're viewing the $LANG copy of Privacy Guides, translated by our fantastic language team on Crowdin. If you notice an error, or see any untranslated sections on this page, please consider helping out!" -DESCRIPTION_TRANSLATION_CTA="Visit Crowdin" -SOCIAL_MASTODON="Mastodon" -SOCIAL_MATRIX="Matrix" +LANG="English" +LANG_ENGLISH="English" +NAV_ABOUT="About" +NAV_ADVANCED="Advanced" +NAV_ADVANCED_TOPICS="Advanced Topics" +NAV_BLOG="Blog" +NAV_CHANGELOG="Changelog" +NAV_CODE_OF_CONDUCT="Code of Conduct" +NAV_COMMUNITY="Community" +NAV_CONTRIBUTING="Contributing" +NAV_FORUM="Forum" +NAV_HOME="Home" +NAV_INTERNET_BROWSING="Internet Browsing" +NAV_KNOWLEDGE_BASE="Knowledge Base" +NAV_ONLINE_SERVICES="Online Services" +NAV_OPERATING_SYSTEMS="Operating Systems" +NAV_PROVIDERS="Providers" +NAV_RECOMMENDATIONS="Recommendations" +NAV_SOFTWARE="Software" +NAV_TECHNICAL_GUIDES="Technical Guides" +NAV_TECHNOLOGY_ESSENTIALS="Technology Essentials" +NAV_WRITING_GUIDE="Writing Guide" +SITE_DESCRIPTION="Privacy Guides is your central privacy and security resource to protect yourself online." +SITE_NAME="Privacy Guides" SOCIAL_FORUM="Forum" SOCIAL_GITHUB="GitHub" +SOCIAL_MASTODON="Mastodon" +SOCIAL_MATRIX="Matrix" SOCIAL_TOR_SITE="Hidden service" -NAV_HOME="Home" -NAV_KNOWLEDGE_BASE="Knowledge Base" -NAV_TECHNOLOGY_ESSENTIALS="Technology Essentials" -NAV_OPERATING_SYSTEMS="Operating Systems" -NAV_ADVANCED_TOPICS="Advanced Topics" -NAV_RECOMMENDATIONS="Recommendations" -NAV_INTERNET_BROWSING="Internet Browsing" -NAV_PROVIDERS="Providers" -NAV_SOFTWARE="Software" -NAV_ADVANCED="Advanced" -NAV_ABOUT="About" -NAV_COMMUNITY="Community" -NAV_ONLINE_SERVICES="Online Services" -NAV_CODE_OF_CONDUCT="Code of Conduct" -NAV_CONTRIBUTING="Contributing" -NAV_WRITING_GUIDE="Writing Guide" -NAV_TECHNICAL_GUIDES="Technical Guides" -NAV_CHANGELOG="Changelog" -NAV_FORUM="Forum" -NAV_BLOG="Blog" +THEME_AUTO="Switch to system theme" +THEME_DARK="Switch to dark mode" +THEME_LIGHT="Switch to light mode" diff --git a/theme/assets/stylesheets/home.css b/theme/assets/stylesheets/home.css index 771a7dc8..ef5c93d6 100644 --- a/theme/assets/stylesheets/home.css +++ b/theme/assets/stylesheets/home.css @@ -109,7 +109,7 @@ article.md-content__inner { article.md-content__inner > * { max-width: 38rem; } -article.md-content__inner > *:nth-child(n+8):nth-child(-n+12) { +article.md-content__inner > *:nth-child(n+7):nth-child(-n+12) { margin-left: auto; margin-right: 0; text-align: right; diff --git a/theme/assets/stylesheets/lang-he.css b/theme/assets/stylesheets/lang-he.css index f2350a91..6b89367a 100644 --- a/theme/assets/stylesheets/lang-he.css +++ b/theme/assets/stylesheets/lang-he.css @@ -26,7 +26,7 @@ font-style: normal; font-weight: 400; font-display: swap; - src: url(https://fonts.bunny.net/suez-one/files/suez-one-hebrew-400-normal.woff2) format('woff2'); + src: url(https://fonts.bunny.net/suez-one/files/suez-one-hebrew-400-normal.woff2) format('woff2'); unicode-range: U+0590-05FF,U+200C-2010,U+20AA,U+25CC,U+FB1D-FB4F; } @@ -36,7 +36,7 @@ font-style: normal; font-weight: 400; font-display: swap; - src: url(https://fonts.bunny.net/suez-one/files/suez-one-latin-400-normal.woff2) format('woff2'); + src: url(https://fonts.bunny.net/suez-one/files/suez-one-latin-400-normal.woff2) format('woff2'); unicode-range: U+0000-00FF,U+0131,U+0152-0153,U+02BB-02BC,U+02C6,U+02DA,U+02DC,U+2000-206F,U+2074,U+20AC,U+2122,U+2191,U+2193,U+2212,U+2215,U+FEFF,U+FFFD; } @@ -46,10 +46,10 @@ font-style: normal; font-weight: 400; font-display: swap; - src: url(https://fonts.bunny.net/suez-one/files/suez-one-latin-ext-400-normal.woff2) format('woff2'); + src: url(https://fonts.bunny.net/suez-one/files/suez-one-latin-ext-400-normal.woff2) format('woff2'); unicode-range: U+0100-024F,U+0259,U+1E00-1EFF,U+2020,U+20A0-20AB,U+20AD-20CF,U+2113,U+2C60-2C7F,U+A720-A7FF; } - + h1, h2, h3, .md-header__topic { font-family: "Bagnard", "Suez One", serif; } diff --git a/theme/assets/stylesheets/lang-ru.css b/theme/assets/stylesheets/lang-ru.css index 7d249f34..ef984c29 100644 --- a/theme/assets/stylesheets/lang-ru.css +++ b/theme/assets/stylesheets/lang-ru.css @@ -27,7 +27,7 @@ font-weight: 700; font-stretch: 100%; font-display: swap; - src: url(https://fonts.bunny.net/playfair-display/files/playfair-display-cyrillic-700-normal.woff2) format('woff2'), url(https://fonts.bunny.net/playfair-display/files/playfair-display-cyrillic-700-normal.woff) format('woff'); + src: url(https://fonts.bunny.net/playfair-display/files/playfair-display-cyrillic-700-normal.woff2) format('woff2'), url(https://fonts.bunny.net/playfair-display/files/playfair-display-cyrillic-700-normal.woff) format('woff'); unicode-range: U+0301,U+0400-045F,U+0490-0491,U+04B0-04B1,U+2116; } @@ -38,7 +38,7 @@ font-weight: 700; font-stretch: 100%; font-display: swap; - src: url(https://fonts.bunny.net/playfair-display/files/playfair-display-latin-700-normal.woff2) format('woff2'), url(https://fonts.bunny.net/playfair-display/files/playfair-display-latin-700-normal.woff) format('woff'); + src: url(https://fonts.bunny.net/playfair-display/files/playfair-display-latin-700-normal.woff2) format('woff2'), url(https://fonts.bunny.net/playfair-display/files/playfair-display-latin-700-normal.woff) format('woff'); unicode-range: U+0000-00FF,U+0131,U+0152-0153,U+02BB-02BC,U+02C6,U+02DA,U+02DC,U+0300-0301,U+0303-0304,U+0308-0309,U+0323,U+0329,U+2000-206F,U+2074,U+20AC,U+2122,U+2191,U+2193,U+2212,U+2215,U+FEFF,U+FFFD; } @@ -49,7 +49,7 @@ font-weight: 700; font-stretch: 100%; font-display: swap; - src: url(https://fonts.bunny.net/playfair-display/files/playfair-display-latin-ext-700-normal.woff2) format('woff2'), url(https://fonts.bunny.net/playfair-display/files/playfair-display-latin-ext-700-normal.woff) format('woff'); + src: url(https://fonts.bunny.net/playfair-display/files/playfair-display-latin-ext-700-normal.woff2) format('woff2'), url(https://fonts.bunny.net/playfair-display/files/playfair-display-latin-ext-700-normal.woff) format('woff'); unicode-range: U+0100-02AF,U+0300-0301,U+0303-0304,U+0308-0309,U+0323,U+0329,U+1E00-1EFF,U+2020,U+20A0-20AB,U+20AD-20CF,U+2113,U+2C60-2C7F,U+A720-A7FF; } diff --git a/theme/assets/stylesheets/lang-zh-Hant.css b/theme/assets/stylesheets/lang-zh-Hant.css index 18e00037..fd78bb57 100644 --- a/theme/assets/stylesheets/lang-zh-Hant.css +++ b/theme/assets/stylesheets/lang-zh-Hant.css @@ -25,7 +25,7 @@ font-family: 'Noto Serif TC'; font-style: normal; font-weight: 400; - src: url(https://fonts.bunny.net/noto-serif-tc/files/noto-serif-tc-chinese-traditional-400-normal.woff2) format('woff2'), url(https://fonts.bunny.net/noto-serif-tc/files/noto-serif-tc-chinese-traditional-400-normal.woff) format('woff'); + src: url(https://fonts.bunny.net/noto-serif-tc/files/noto-serif-tc-chinese-traditional-400-normal.woff2) format('woff2'), url(https://fonts.bunny.net/noto-serif-tc/files/noto-serif-tc-chinese-traditional-400-normal.woff) format('woff'); } /* latin */ @@ -33,7 +33,7 @@ font-family: 'Noto Serif TC'; font-style: normal; font-weight: 400; - src: url(https://fonts.bunny.net/noto-serif-tc/files/noto-serif-tc-latin-400-normal.woff2) format('woff2'), url(https://fonts.bunny.net/noto-serif-tc/files/noto-serif-tc-latin-400-normal.woff) format('woff'); + src: url(https://fonts.bunny.net/noto-serif-tc/files/noto-serif-tc-latin-400-normal.woff2) format('woff2'), url(https://fonts.bunny.net/noto-serif-tc/files/noto-serif-tc-latin-400-normal.woff) format('woff'); } /* chinese-traditional */ @@ -41,7 +41,7 @@ font-family: 'Noto Serif TC'; font-style: normal; font-weight: 700; - src: url(https://fonts.bunny.net/noto-serif-tc/files/noto-serif-tc-chinese-traditional-700-normal.woff2) format('woff2'), url(https://fonts.bunny.net/noto-serif-tc/files/noto-serif-tc-chinese-traditional-700-normal.woff) format('woff'); + src: url(https://fonts.bunny.net/noto-serif-tc/files/noto-serif-tc-chinese-traditional-700-normal.woff2) format('woff2'), url(https://fonts.bunny.net/noto-serif-tc/files/noto-serif-tc-chinese-traditional-700-normal.woff) format('woff'); } /* latin */ @@ -49,7 +49,7 @@ font-family: 'Noto Serif TC'; font-style: normal; font-weight: 700; - src: url(https://fonts.bunny.net/noto-serif-tc/files/noto-serif-tc-latin-700-normal.woff2) format('woff2'), url(https://fonts.bunny.net/noto-serif-tc/files/noto-serif-tc-latin-700-normal.woff) format('woff'); + src: url(https://fonts.bunny.net/noto-serif-tc/files/noto-serif-tc-latin-700-normal.woff2) format('woff2'), url(https://fonts.bunny.net/noto-serif-tc/files/noto-serif-tc-latin-700-normal.woff) format('woff'); } h1, h2, h3, .md-header__topic {