From 909420d4538e2a5f61b05e98bfb935d2fa2f368f Mon Sep 17 00:00:00 2001
From: Benjamin Edwards <edwards.benw@gmail.com>
Date: Wed, 20 Mar 2024 14:20:35 -0400
Subject: [PATCH 01/54] add redirect parameter to wget command for geoip db
 download (#17738)

---
 terraform/addons/geolite2/Dockerfile | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/terraform/addons/geolite2/Dockerfile b/terraform/addons/geolite2/Dockerfile
index aa746d4964..0f401cc461 100644
--- a/terraform/addons/geolite2/Dockerfile
+++ b/terraform/addons/geolite2/Dockerfile
@@ -6,8 +6,8 @@ ARG LICENSE_KEY
 USER root
 
 RUN mkdir -p /opt/GeoLite2 && cd /opt/GeoLite2 &&\
-    wget "https://download.maxmind.com/app/geoip_download?edition_id=GeoLite2-City&license_key=${LICENSE_KEY}&suffix=tar.gz" -O GeoLite2-City.tar.gz &&\
-    wget "https://download.maxmind.com/app/geoip_download?edition_id=GeoLite2-City&license_key=${LICENSE_KEY}&suffix=tar.gz.sha256" -O GeoLite2-City.tar.gz.sha256 &&\
+    wget --max-redirect 10 "https://download.maxmind.com/app/geoip_download?edition_id=GeoLite2-City&license_key=${LICENSE_KEY}&suffix=tar.gz" -O GeoLite2-City.tar.gz &&\
+    wget --max-redirect 10 "https://download.maxmind.com/app/geoip_download?edition_id=GeoLite2-City&license_key=${LICENSE_KEY}&suffix=tar.gz.sha256" -O GeoLite2-City.tar.gz.sha256 &&\
     [ "$(awk '{ print $1 }' GeoLite2-City.tar.gz.sha256)" == "$(sha256sum GeoLite2-City.tar.gz | awk '{ print $1 }')" ] &&\
     (tar -xzvf GeoLite2-City.tar.gz "*/GeoLite2-City.mmdb" --strip-components 1 2>/dev/null || true) &&\
     rm -f GeoLite2-City.tar.gz*

From 7d156597d9f51617d6308a34daa464366cdc228f Mon Sep 17 00:00:00 2001
From: Benjamin Edwards <edwards.benw@gmail.com>
Date: Wed, 20 Mar 2024 15:00:39 -0400
Subject: [PATCH 02/54] rds module maintenance window (#17739)
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

📝 docs(README.md): update alb_config and fleet_config tables to reflect
new changes
🔧 fix(main.tf): add preferred_maintenance_window to rds module to allow
for scheduled maintenance
🔧 fix(variables.tf): add preferred_maintenance_window to rds_config
variable to allow for scheduled maintenance
🔧 fix(README.md): update fleet_config image version to v4.47.1 for
latest features and bug fixes
---
 terraform/byo-vpc/README.md    | 6 +++---
 terraform/byo-vpc/main.tf      | 2 ++
 terraform/byo-vpc/variables.tf | 2 ++
 3 files changed, 7 insertions(+), 3 deletions(-)

diff --git a/terraform/byo-vpc/README.md b/terraform/byo-vpc/README.md
index 1b692a5874..f693515b98 100644
--- a/terraform/byo-vpc/README.md
+++ b/terraform/byo-vpc/README.md
@@ -31,11 +31,11 @@ No requirements.
 
 | Name | Description | Type | Default | Required |
 |------|-------------|------|---------|:--------:|
-| <a name="input_alb_config"></a> [alb\_config](#input\_alb\_config) | n/a | <pre>object({<br>    name                 = optional(string, "fleet")<br>    subnets              = list(string)<br>    security_groups      = optional(list(string), [])<br>    access_logs          = optional(map(string), {})<br>    certificate_arn      = string<br>    allowed_cidrs        = optional(list(string), ["0.0.0.0/0"])<br>    allowed_ipv6_cidrs   = optional(list(string), ["::/0"])<br>    egress_cidrs         = optional(list(string), ["0.0.0.0/0"])<br>    egress_ipv6_cidrs    = optional(list(string), ["::/0"])<br>    extra_target_groups  = optional(any, [])<br>    https_listener_rules = optional(any, [])<br>    tls_policy           = optional(string, "ELBSecurityPolicy-TLS-1-2-2017-01")<br>  })</pre> | n/a | yes |
+| <a name="input_alb_config"></a> [alb\_config](#input\_alb\_config) | n/a | <pre>object({<br>    name                 = optional(string, "fleet")<br>    subnets              = list(string)<br>    security_groups      = optional(list(string), [])<br>    access_logs          = optional(map(string), {})<br>    certificate_arn      = string<br>    allowed_cidrs        = optional(list(string), ["0.0.0.0/0"])<br>    allowed_ipv6_cidrs   = optional(list(string), ["::/0"])<br>    egress_cidrs         = optional(list(string), ["0.0.0.0/0"])<br>    egress_ipv6_cidrs    = optional(list(string), ["::/0"])<br>    extra_target_groups  = optional(any, [])<br>    https_listener_rules = optional(any, [])<br>    tls_policy           = optional(string, "ELBSecurityPolicy-TLS-1-2-2017-01")<br>    idle_timeout         = optional(number, 60)<br>  })</pre> | n/a | yes |
 | <a name="input_ecs_cluster"></a> [ecs\_cluster](#input\_ecs\_cluster) | The config for the terraform-aws-modules/ecs/aws module | <pre>object({<br>    autoscaling_capacity_providers = optional(any, {})<br>    cluster_configuration = optional(any, {<br>      execute_command_configuration = {<br>        logging = "OVERRIDE"<br>        log_configuration = {<br>          cloud_watch_log_group_name = "/aws/ecs/aws-ec2"<br>        }<br>      }<br>    })<br>    cluster_name = optional(string, "fleet")<br>    cluster_settings = optional(map(string), {<br>      "name" : "containerInsights",<br>      "value" : "enabled",<br>    })<br>    create                                = optional(bool, true)<br>    default_capacity_provider_use_fargate = optional(bool, true)<br>    fargate_capacity_providers = optional(any, {<br>      FARGATE = {<br>        default_capacity_provider_strategy = {<br>          weight = 100<br>        }<br>      }<br>      FARGATE_SPOT = {<br>        default_capacity_provider_strategy = {<br>          weight = 0<br>        }<br>      }<br>    })<br>    tags = optional(map(string))<br>  })</pre> | <pre>{<br>  "autoscaling_capacity_providers": {},<br>  "cluster_configuration": {<br>    "execute_command_configuration": {<br>      "log_configuration": {<br>        "cloud_watch_log_group_name": "/aws/ecs/aws-ec2"<br>      },<br>      "logging": "OVERRIDE"<br>    }<br>  },<br>  "cluster_name": "fleet",<br>  "cluster_settings": {<br>    "name": "containerInsights",<br>    "value": "enabled"<br>  },<br>  "create": true,<br>  "default_capacity_provider_use_fargate": true,<br>  "fargate_capacity_providers": {<br>    "FARGATE": {<br>      "default_capacity_provider_strategy": {<br>        "weight": 100<br>      }<br>    },<br>    "FARGATE_SPOT": {<br>      "default_capacity_provider_strategy": {<br>        "weight": 0<br>      }<br>    }<br>  },<br>  "tags": {}<br>}</pre> | no |
-| <a name="input_fleet_config"></a> [fleet\_config](#input\_fleet\_config) | The configuration object for Fleet itself. Fields that default to null will have their respective resources created if not specified. | <pre>object({<br>    mem                          = optional(number, 4096)<br>    cpu                          = optional(number, 512)<br>    image                        = optional(string, "fleetdm/fleet:v4.40.0")<br>    family                       = optional(string, "fleet")<br>    sidecars                     = optional(list(any), [])<br>    depends_on                   = optional(list(any), [])<br>    mount_points                 = optional(list(any), [])<br>    volumes                      = optional(list(any), [])<br>    extra_environment_variables  = optional(map(string), {})<br>    extra_iam_policies           = optional(list(string), [])<br>    extra_execution_iam_policies = optional(list(string), [])<br>    extra_secrets                = optional(map(string), {})<br>    security_groups              = optional(list(string), null)<br>    security_group_name          = optional(string, "fleet")<br>    iam_role_arn                 = optional(string, null)<br>    service = optional(object({<br>      name = optional(string, "fleet")<br>      }), {<br>      name = "fleet"<br>    })<br>    database = optional(object({<br>      password_secret_arn = string<br>      user                = string<br>      database            = string<br>      address             = string<br>      rr_address          = optional(string, null)<br>      }), {<br>      password_secret_arn = null<br>      user                = null<br>      database            = null<br>      address             = null<br>      rr_address          = null<br>    })<br>    redis = optional(object({<br>      address = string<br>      use_tls = optional(bool, true)<br>      }), {<br>      address = null<br>      use_tls = true<br>    })<br>    awslogs = optional(object({<br>      name      = optional(string, null)<br>      region    = optional(string, null)<br>      create    = optional(bool, true)<br>      prefix    = optional(string, "fleet")<br>      retention = optional(number, 5)<br>      }), {<br>      name      = null<br>      region    = null<br>      prefix    = "fleet"<br>      retention = 5<br>    })<br>    loadbalancer = optional(object({<br>      arn = string<br>      }), {<br>      arn = null<br>    })<br>    extra_load_balancers = optional(list(any), [])<br>    networking = optional(object({<br>      subnets         = list(string)<br>      security_groups = optional(list(string), null)<br>      }), {<br>      subnets         = null<br>      security_groups = null<br>    })<br>    autoscaling = optional(object({<br>      max_capacity                 = optional(number, 5)<br>      min_capacity                 = optional(number, 1)<br>      memory_tracking_target_value = optional(number, 80)<br>      cpu_tracking_target_value    = optional(number, 80)<br>      }), {<br>      max_capacity                 = 5<br>      min_capacity                 = 1<br>      memory_tracking_target_value = 80<br>      cpu_tracking_target_value    = 80<br>    })<br>    iam = optional(object({<br>      role = optional(object({<br>        name        = optional(string, "fleet-role")<br>        policy_name = optional(string, "fleet-iam-policy")<br>        }), {<br>        name        = "fleet-role"<br>        policy_name = "fleet-iam-policy"<br>      })<br>      execution = optional(object({<br>        name        = optional(string, "fleet-execution-role")<br>        policy_name = optional(string, "fleet-execution-role")<br>        }), {<br>        name        = "fleet-execution-role"<br>        policy_name = "fleet-iam-policy-execution"<br>      })<br>      }), {<br>      name = "fleetdm-execution-role"<br>    })<br>  })</pre> | <pre>{<br>  "autoscaling": {<br>    "cpu_tracking_target_value": 80,<br>    "max_capacity": 5,<br>    "memory_tracking_target_value": 80,<br>    "min_capacity": 1<br>  },<br>  "awslogs": {<br>    "create": true,<br>    "name": null,<br>    "prefix": "fleet",<br>    "region": null,<br>    "retention": 5<br>  },<br>  "cpu": 256,<br>  "database": {<br>    "address": null,<br>    "database": null,<br>    "password_secret_arn": null,<br>    "rr_address": null,<br>    "user": null<br>  },<br>  "depends_on": [],<br>  "extra_environment_variables": {},<br>  "extra_execution_iam_policies": [],<br>  "extra_iam_policies": [],<br>  "extra_load_balancers": [],<br>  "extra_secrets": {},<br>  "family": "fleet",<br>  "iam": {<br>    "execution": {<br>      "name": "fleet-execution-role",<br>      "policy_name": "fleet-iam-policy-execution"<br>    },<br>    "role": {<br>      "name": "fleet-role",<br>      "policy_name": "fleet-iam-policy"<br>    }<br>  },<br>  "iam_role_arn": null,<br>  "image": "fleetdm/fleet:v4.31.1",<br>  "loadbalancer": {<br>    "arn": null<br>  },<br>  "mem": 512,<br>  "mount_points": [],<br>  "networking": {<br>    "security_groups": null,<br>    "subnets": null<br>  },<br>  "redis": {<br>    "address": null,<br>    "use_tls": true<br>  },<br>  "security_group_name": "fleet",<br>  "security_groups": null,<br>  "service": {<br>    "name": "fleet"<br>  },<br>  "sidecars": [],<br>  "volumes": []<br>}</pre> | no |
+| <a name="input_fleet_config"></a> [fleet\_config](#input\_fleet\_config) | The configuration object for Fleet itself. Fields that default to null will have their respective resources created if not specified. | <pre>object({<br>    mem                          = optional(number, 4096)<br>    cpu                          = optional(number, 512)<br>    image                        = optional(string, "fleetdm/fleet:v4.47.1")<br>    family                       = optional(string, "fleet")<br>    sidecars                     = optional(list(any), [])<br>    depends_on                   = optional(list(any), [])<br>    mount_points                 = optional(list(any), [])<br>    volumes                      = optional(list(any), [])<br>    extra_environment_variables  = optional(map(string), {})<br>    extra_iam_policies           = optional(list(string), [])<br>    extra_execution_iam_policies = optional(list(string), [])<br>    extra_secrets                = optional(map(string), {})<br>    security_groups              = optional(list(string), null)<br>    security_group_name          = optional(string, "fleet")<br>    iam_role_arn                 = optional(string, null)<br>    service = optional(object({<br>      name = optional(string, "fleet")<br>      }), {<br>      name = "fleet"<br>    })<br>    database = optional(object({<br>      password_secret_arn = string<br>      user                = string<br>      database            = string<br>      address             = string<br>      rr_address          = optional(string, null)<br>      }), {<br>      password_secret_arn = null<br>      user                = null<br>      database            = null<br>      address             = null<br>      rr_address          = null<br>    })<br>    redis = optional(object({<br>      address = string<br>      use_tls = optional(bool, true)<br>      }), {<br>      address = null<br>      use_tls = true<br>    })<br>    awslogs = optional(object({<br>      name      = optional(string, null)<br>      region    = optional(string, null)<br>      create    = optional(bool, true)<br>      prefix    = optional(string, "fleet")<br>      retention = optional(number, 5)<br>      }), {<br>      name      = null<br>      region    = null<br>      prefix    = "fleet"<br>      retention = 5<br>    })<br>    loadbalancer = optional(object({<br>      arn = string<br>      }), {<br>      arn = null<br>    })<br>    extra_load_balancers = optional(list(any), [])<br>    networking = optional(object({<br>      subnets         = list(string)<br>      security_groups = optional(list(string), null)<br>      }), {<br>      subnets         = null<br>      security_groups = null<br>    })<br>    autoscaling = optional(object({<br>      max_capacity                 = optional(number, 5)<br>      min_capacity                 = optional(number, 1)<br>      memory_tracking_target_value = optional(number, 80)<br>      cpu_tracking_target_value    = optional(number, 80)<br>      }), {<br>      max_capacity                 = 5<br>      min_capacity                 = 1<br>      memory_tracking_target_value = 80<br>      cpu_tracking_target_value    = 80<br>    })<br>    iam = optional(object({<br>      role = optional(object({<br>        name        = optional(string, "fleet-role")<br>        policy_name = optional(string, "fleet-iam-policy")<br>        }), {<br>        name        = "fleet-role"<br>        policy_name = "fleet-iam-policy"<br>      })<br>      execution = optional(object({<br>        name        = optional(string, "fleet-execution-role")<br>        policy_name = optional(string, "fleet-execution-role")<br>        }), {<br>        name        = "fleet-execution-role"<br>        policy_name = "fleet-iam-policy-execution"<br>      })<br>      }), {<br>      name = "fleetdm-execution-role"<br>    })<br>  })</pre> | <pre>{<br>  "autoscaling": {<br>    "cpu_tracking_target_value": 80,<br>    "max_capacity": 5,<br>    "memory_tracking_target_value": 80,<br>    "min_capacity": 1<br>  },<br>  "awslogs": {<br>    "create": true,<br>    "name": null,<br>    "prefix": "fleet",<br>    "region": null,<br>    "retention": 5<br>  },<br>  "cpu": 256,<br>  "database": {<br>    "address": null,<br>    "database": null,<br>    "password_secret_arn": null,<br>    "rr_address": null,<br>    "user": null<br>  },<br>  "depends_on": [],<br>  "extra_environment_variables": {},<br>  "extra_execution_iam_policies": [],<br>  "extra_iam_policies": [],<br>  "extra_load_balancers": [],<br>  "extra_secrets": {},<br>  "family": "fleet",<br>  "iam": {<br>    "execution": {<br>      "name": "fleet-execution-role",<br>      "policy_name": "fleet-iam-policy-execution"<br>    },<br>    "role": {<br>      "name": "fleet-role",<br>      "policy_name": "fleet-iam-policy"<br>    }<br>  },<br>  "iam_role_arn": null,<br>  "image": "fleetdm/fleet:v4.31.1",<br>  "loadbalancer": {<br>    "arn": null<br>  },<br>  "mem": 512,<br>  "mount_points": [],<br>  "networking": {<br>    "security_groups": null,<br>    "subnets": null<br>  },<br>  "redis": {<br>    "address": null,<br>    "use_tls": true<br>  },<br>  "security_group_name": "fleet",<br>  "security_groups": null,<br>  "service": {<br>    "name": "fleet"<br>  },<br>  "sidecars": [],<br>  "volumes": []<br>}</pre> | no |
 | <a name="input_migration_config"></a> [migration\_config](#input\_migration\_config) | The configuration object for Fleet's migration task. | <pre>object({<br>    mem = number<br>    cpu = number<br>  })</pre> | <pre>{<br>  "cpu": 1024,<br>  "mem": 2048<br>}</pre> | no |
-| <a name="input_rds_config"></a> [rds\_config](#input\_rds\_config) | The config for the terraform-aws-modules/rds-aurora/aws module | <pre>object({<br>    name                            = optional(string, "fleet")<br>    engine_version                  = optional(string, "8.0.mysql_aurora.3.02.2")<br>    instance_class                  = optional(string, "db.t4g.large")<br>    subnets                         = optional(list(string), [])<br>    allowed_security_groups         = optional(list(string), [])<br>    allowed_cidr_blocks             = optional(list(string), [])<br>    apply_immediately               = optional(bool, true)<br>    monitoring_interval             = optional(number, 10)<br>    db_parameter_group_name         = optional(string)<br>    db_parameters                   = optional(map(string), {})<br>    db_cluster_parameter_group_name = optional(string)<br>    db_cluster_parameters           = optional(map(string), {})<br>    enabled_cloudwatch_logs_exports = optional(list(string), [])<br>    master_username                 = optional(string, "fleet")<br>    snapshot_identifier             = optional(string)<br>    cluster_tags                    = optional(map(string), {})<br>  })</pre> | <pre>{<br>  "allowed_cidr_blocks": [],<br>  "allowed_security_groups": [],<br>  "apply_immediately": true,<br>  "cluster_tags": {},<br>  "db_cluster_parameter_group_name": null,<br>  "db_cluster_parameters": {},<br>  "db_parameter_group_name": null,<br>  "db_parameters": {},<br>  "enabled_cloudwatch_logs_exports": [],<br>  "engine_version": "8.0.mysql_aurora.3.02.2",<br>  "instance_class": "db.t4g.large",<br>  "master_username": "fleet",<br>  "monitoring_interval": 10,<br>  "name": "fleet",<br>  "snapshot_identifier": null,<br>  "subnets": []<br>}</pre> | no |
+| <a name="input_rds_config"></a> [rds\_config](#input\_rds\_config) | The config for the terraform-aws-modules/rds-aurora/aws module | <pre>object({<br>    name                            = optional(string, "fleet")<br>    engine_version                  = optional(string, "8.0.mysql_aurora.3.02.2")<br>    instance_class                  = optional(string, "db.t4g.large")<br>    subnets                         = optional(list(string), [])<br>    allowed_security_groups         = optional(list(string), [])<br>    allowed_cidr_blocks             = optional(list(string), [])<br>    apply_immediately               = optional(bool, true)<br>    monitoring_interval             = optional(number, 10)<br>    db_parameter_group_name         = optional(string)<br>    db_parameters                   = optional(map(string), {})<br>    db_cluster_parameter_group_name = optional(string)<br>    db_cluster_parameters           = optional(map(string), {})<br>    enabled_cloudwatch_logs_exports = optional(list(string), [])<br>    master_username                 = optional(string, "fleet")<br>    snapshot_identifier             = optional(string)<br>    cluster_tags                    = optional(map(string), {})<br>    preferred_maintenance_window    = optional(string, "thurs:23:00-fri:00:00")<br>  })</pre> | <pre>{<br>  "allowed_cidr_blocks": [],<br>  "allowed_security_groups": [],<br>  "apply_immediately": true,<br>  "cluster_tags": {},<br>  "db_cluster_parameter_group_name": null,<br>  "db_cluster_parameters": {},<br>  "db_parameter_group_name": null,<br>  "db_parameters": {},<br>  "enabled_cloudwatch_logs_exports": [],<br>  "engine_version": "8.0.mysql_aurora.3.02.2",<br>  "instance_class": "db.t4g.large",<br>  "master_username": "fleet",<br>  "monitoring_interval": 10,<br>  "name": "fleet",<br>  "preferred_maintenance_window": "thurs:23:00-fri:00:00",<br>  "snapshot_identifier": null,<br>  "subnets": []<br>}</pre> | no |
 | <a name="input_redis_config"></a> [redis\_config](#input\_redis\_config) | n/a | <pre>object({<br>    name                          = optional(string, "fleet")<br>    replication_group_id          = optional(string)<br>    elasticache_subnet_group_name = optional(string, "")<br>    allowed_security_group_ids    = optional(list(string), [])<br>    subnets                       = list(string)<br>    allowed_cidrs                 = list(string)<br>    availability_zones            = optional(list(string), [])<br>    cluster_size                  = optional(number, 3)<br>    instance_type                 = optional(string, "cache.m5.large")<br>    apply_immediately             = optional(bool, true)<br>    automatic_failover_enabled    = optional(bool, false)<br>    engine_version                = optional(string, "6.x")<br>    family                        = optional(string, "redis6.x")<br>    at_rest_encryption_enabled    = optional(bool, true)<br>    transit_encryption_enabled    = optional(bool, true)<br>    parameter = optional(list(object({<br>      name  = string<br>      value = string<br>    })), [])<br>    log_delivery_configuration = optional(list(map(any)), [])<br>    tags                       = optional(map(string), {})<br>  })</pre> | <pre>{<br>  "allowed_cidrs": null,<br>  "allowed_security_group_ids": [],<br>  "apply_immediately": true,<br>  "at_rest_encryption_enabled": true,<br>  "automatic_failover_enabled": false,<br>  "availability_zones": [],<br>  "cluster_size": 3,<br>  "elasticache_subnet_group_name": "",<br>  "engine_version": "6.x",<br>  "family": "redis6.x",<br>  "instance_type": "cache.m5.large",<br>  "log_delivery_configuration": [],<br>  "name": "fleet",<br>  "parameter": [],<br>  "replication_group_id": null,<br>  "subnets": null,<br>  "tags": {},<br>  "transit_encryption_enabled": true<br>}</pre> | no |
 | <a name="input_vpc_config"></a> [vpc\_config](#input\_vpc\_config) | n/a | <pre>object({<br>    vpc_id = string<br>    networking = object({<br>      subnets = list(string)<br>    })<br>  })</pre> | n/a | yes |
 
diff --git a/terraform/byo-vpc/main.tf b/terraform/byo-vpc/main.tf
index 5948f22893..7debf4b37f 100644
--- a/terraform/byo-vpc/main.tf
+++ b/terraform/byo-vpc/main.tf
@@ -62,6 +62,8 @@ module "rds" {
   skip_final_snapshot             = true
   snapshot_identifier             = var.rds_config.snapshot_identifier
 
+  preferred_maintenance_window = var.rds_config.preferred_maintenance_window
+
   cluster_tags = var.rds_config.cluster_tags
 }
 
diff --git a/terraform/byo-vpc/variables.tf b/terraform/byo-vpc/variables.tf
index 139dccf8c0..14522f80e2 100644
--- a/terraform/byo-vpc/variables.tf
+++ b/terraform/byo-vpc/variables.tf
@@ -25,6 +25,7 @@ variable "rds_config" {
     master_username                 = optional(string, "fleet")
     snapshot_identifier             = optional(string)
     cluster_tags                    = optional(map(string), {})
+    preferred_maintenance_window    = optional(string, "thurs:23:00-fri:00:00")
   })
   default = {
     name                            = "fleet"
@@ -43,6 +44,7 @@ variable "rds_config" {
     master_username                 = "fleet"
     snapshot_identifier             = null
     cluster_tags                    = {}
+    preferred_maintenance_window    = "thurs:23:00-fri:00:00"
   }
   description = "The config for the terraform-aws-modules/rds-aurora/aws module"
   nullable    = false

From c0a7725988343aea67cf5d669f73bcf9733abde1 Mon Sep 17 00:00:00 2001
From: Benjamin Edwards <edwards.benw@gmail.com>
Date: Wed, 20 Mar 2024 15:12:31 -0400
Subject: [PATCH 03/54] fix typo in default maintance window (#17740)

should have been `thu` rather than `thurs`
---
 terraform/byo-vpc/README.md    | 2 +-
 terraform/byo-vpc/variables.tf | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/terraform/byo-vpc/README.md b/terraform/byo-vpc/README.md
index f693515b98..33e1a31d43 100644
--- a/terraform/byo-vpc/README.md
+++ b/terraform/byo-vpc/README.md
@@ -35,7 +35,7 @@ No requirements.
 | <a name="input_ecs_cluster"></a> [ecs\_cluster](#input\_ecs\_cluster) | The config for the terraform-aws-modules/ecs/aws module | <pre>object({<br>    autoscaling_capacity_providers = optional(any, {})<br>    cluster_configuration = optional(any, {<br>      execute_command_configuration = {<br>        logging = "OVERRIDE"<br>        log_configuration = {<br>          cloud_watch_log_group_name = "/aws/ecs/aws-ec2"<br>        }<br>      }<br>    })<br>    cluster_name = optional(string, "fleet")<br>    cluster_settings = optional(map(string), {<br>      "name" : "containerInsights",<br>      "value" : "enabled",<br>    })<br>    create                                = optional(bool, true)<br>    default_capacity_provider_use_fargate = optional(bool, true)<br>    fargate_capacity_providers = optional(any, {<br>      FARGATE = {<br>        default_capacity_provider_strategy = {<br>          weight = 100<br>        }<br>      }<br>      FARGATE_SPOT = {<br>        default_capacity_provider_strategy = {<br>          weight = 0<br>        }<br>      }<br>    })<br>    tags = optional(map(string))<br>  })</pre> | <pre>{<br>  "autoscaling_capacity_providers": {},<br>  "cluster_configuration": {<br>    "execute_command_configuration": {<br>      "log_configuration": {<br>        "cloud_watch_log_group_name": "/aws/ecs/aws-ec2"<br>      },<br>      "logging": "OVERRIDE"<br>    }<br>  },<br>  "cluster_name": "fleet",<br>  "cluster_settings": {<br>    "name": "containerInsights",<br>    "value": "enabled"<br>  },<br>  "create": true,<br>  "default_capacity_provider_use_fargate": true,<br>  "fargate_capacity_providers": {<br>    "FARGATE": {<br>      "default_capacity_provider_strategy": {<br>        "weight": 100<br>      }<br>    },<br>    "FARGATE_SPOT": {<br>      "default_capacity_provider_strategy": {<br>        "weight": 0<br>      }<br>    }<br>  },<br>  "tags": {}<br>}</pre> | no |
 | <a name="input_fleet_config"></a> [fleet\_config](#input\_fleet\_config) | The configuration object for Fleet itself. Fields that default to null will have their respective resources created if not specified. | <pre>object({<br>    mem                          = optional(number, 4096)<br>    cpu                          = optional(number, 512)<br>    image                        = optional(string, "fleetdm/fleet:v4.47.1")<br>    family                       = optional(string, "fleet")<br>    sidecars                     = optional(list(any), [])<br>    depends_on                   = optional(list(any), [])<br>    mount_points                 = optional(list(any), [])<br>    volumes                      = optional(list(any), [])<br>    extra_environment_variables  = optional(map(string), {})<br>    extra_iam_policies           = optional(list(string), [])<br>    extra_execution_iam_policies = optional(list(string), [])<br>    extra_secrets                = optional(map(string), {})<br>    security_groups              = optional(list(string), null)<br>    security_group_name          = optional(string, "fleet")<br>    iam_role_arn                 = optional(string, null)<br>    service = optional(object({<br>      name = optional(string, "fleet")<br>      }), {<br>      name = "fleet"<br>    })<br>    database = optional(object({<br>      password_secret_arn = string<br>      user                = string<br>      database            = string<br>      address             = string<br>      rr_address          = optional(string, null)<br>      }), {<br>      password_secret_arn = null<br>      user                = null<br>      database            = null<br>      address             = null<br>      rr_address          = null<br>    })<br>    redis = optional(object({<br>      address = string<br>      use_tls = optional(bool, true)<br>      }), {<br>      address = null<br>      use_tls = true<br>    })<br>    awslogs = optional(object({<br>      name      = optional(string, null)<br>      region    = optional(string, null)<br>      create    = optional(bool, true)<br>      prefix    = optional(string, "fleet")<br>      retention = optional(number, 5)<br>      }), {<br>      name      = null<br>      region    = null<br>      prefix    = "fleet"<br>      retention = 5<br>    })<br>    loadbalancer = optional(object({<br>      arn = string<br>      }), {<br>      arn = null<br>    })<br>    extra_load_balancers = optional(list(any), [])<br>    networking = optional(object({<br>      subnets         = list(string)<br>      security_groups = optional(list(string), null)<br>      }), {<br>      subnets         = null<br>      security_groups = null<br>    })<br>    autoscaling = optional(object({<br>      max_capacity                 = optional(number, 5)<br>      min_capacity                 = optional(number, 1)<br>      memory_tracking_target_value = optional(number, 80)<br>      cpu_tracking_target_value    = optional(number, 80)<br>      }), {<br>      max_capacity                 = 5<br>      min_capacity                 = 1<br>      memory_tracking_target_value = 80<br>      cpu_tracking_target_value    = 80<br>    })<br>    iam = optional(object({<br>      role = optional(object({<br>        name        = optional(string, "fleet-role")<br>        policy_name = optional(string, "fleet-iam-policy")<br>        }), {<br>        name        = "fleet-role"<br>        policy_name = "fleet-iam-policy"<br>      })<br>      execution = optional(object({<br>        name        = optional(string, "fleet-execution-role")<br>        policy_name = optional(string, "fleet-execution-role")<br>        }), {<br>        name        = "fleet-execution-role"<br>        policy_name = "fleet-iam-policy-execution"<br>      })<br>      }), {<br>      name = "fleetdm-execution-role"<br>    })<br>  })</pre> | <pre>{<br>  "autoscaling": {<br>    "cpu_tracking_target_value": 80,<br>    "max_capacity": 5,<br>    "memory_tracking_target_value": 80,<br>    "min_capacity": 1<br>  },<br>  "awslogs": {<br>    "create": true,<br>    "name": null,<br>    "prefix": "fleet",<br>    "region": null,<br>    "retention": 5<br>  },<br>  "cpu": 256,<br>  "database": {<br>    "address": null,<br>    "database": null,<br>    "password_secret_arn": null,<br>    "rr_address": null,<br>    "user": null<br>  },<br>  "depends_on": [],<br>  "extra_environment_variables": {},<br>  "extra_execution_iam_policies": [],<br>  "extra_iam_policies": [],<br>  "extra_load_balancers": [],<br>  "extra_secrets": {},<br>  "family": "fleet",<br>  "iam": {<br>    "execution": {<br>      "name": "fleet-execution-role",<br>      "policy_name": "fleet-iam-policy-execution"<br>    },<br>    "role": {<br>      "name": "fleet-role",<br>      "policy_name": "fleet-iam-policy"<br>    }<br>  },<br>  "iam_role_arn": null,<br>  "image": "fleetdm/fleet:v4.31.1",<br>  "loadbalancer": {<br>    "arn": null<br>  },<br>  "mem": 512,<br>  "mount_points": [],<br>  "networking": {<br>    "security_groups": null,<br>    "subnets": null<br>  },<br>  "redis": {<br>    "address": null,<br>    "use_tls": true<br>  },<br>  "security_group_name": "fleet",<br>  "security_groups": null,<br>  "service": {<br>    "name": "fleet"<br>  },<br>  "sidecars": [],<br>  "volumes": []<br>}</pre> | no |
 | <a name="input_migration_config"></a> [migration\_config](#input\_migration\_config) | The configuration object for Fleet's migration task. | <pre>object({<br>    mem = number<br>    cpu = number<br>  })</pre> | <pre>{<br>  "cpu": 1024,<br>  "mem": 2048<br>}</pre> | no |
-| <a name="input_rds_config"></a> [rds\_config](#input\_rds\_config) | The config for the terraform-aws-modules/rds-aurora/aws module | <pre>object({<br>    name                            = optional(string, "fleet")<br>    engine_version                  = optional(string, "8.0.mysql_aurora.3.02.2")<br>    instance_class                  = optional(string, "db.t4g.large")<br>    subnets                         = optional(list(string), [])<br>    allowed_security_groups         = optional(list(string), [])<br>    allowed_cidr_blocks             = optional(list(string), [])<br>    apply_immediately               = optional(bool, true)<br>    monitoring_interval             = optional(number, 10)<br>    db_parameter_group_name         = optional(string)<br>    db_parameters                   = optional(map(string), {})<br>    db_cluster_parameter_group_name = optional(string)<br>    db_cluster_parameters           = optional(map(string), {})<br>    enabled_cloudwatch_logs_exports = optional(list(string), [])<br>    master_username                 = optional(string, "fleet")<br>    snapshot_identifier             = optional(string)<br>    cluster_tags                    = optional(map(string), {})<br>    preferred_maintenance_window    = optional(string, "thurs:23:00-fri:00:00")<br>  })</pre> | <pre>{<br>  "allowed_cidr_blocks": [],<br>  "allowed_security_groups": [],<br>  "apply_immediately": true,<br>  "cluster_tags": {},<br>  "db_cluster_parameter_group_name": null,<br>  "db_cluster_parameters": {},<br>  "db_parameter_group_name": null,<br>  "db_parameters": {},<br>  "enabled_cloudwatch_logs_exports": [],<br>  "engine_version": "8.0.mysql_aurora.3.02.2",<br>  "instance_class": "db.t4g.large",<br>  "master_username": "fleet",<br>  "monitoring_interval": 10,<br>  "name": "fleet",<br>  "preferred_maintenance_window": "thurs:23:00-fri:00:00",<br>  "snapshot_identifier": null,<br>  "subnets": []<br>}</pre> | no |
+| <a name="input_rds_config"></a> [rds\_config](#input\_rds\_config) | The config for the terraform-aws-modules/rds-aurora/aws module | <pre>object({<br>    name                            = optional(string, "fleet")<br>    engine_version                  = optional(string, "8.0.mysql_aurora.3.02.2")<br>    instance_class                  = optional(string, "db.t4g.large")<br>    subnets                         = optional(list(string), [])<br>    allowed_security_groups         = optional(list(string), [])<br>    allowed_cidr_blocks             = optional(list(string), [])<br>    apply_immediately               = optional(bool, true)<br>    monitoring_interval             = optional(number, 10)<br>    db_parameter_group_name         = optional(string)<br>    db_parameters                   = optional(map(string), {})<br>    db_cluster_parameter_group_name = optional(string)<br>    db_cluster_parameters           = optional(map(string), {})<br>    enabled_cloudwatch_logs_exports = optional(list(string), [])<br>    master_username                 = optional(string, "fleet")<br>    snapshot_identifier             = optional(string)<br>    cluster_tags                    = optional(map(string), {})<br>    preferred_maintenance_window    = optional(string, "thurs:23:00-fri:00:00")<br>  })</pre> | <pre>{<br>  "allowed_cidr_blocks": [],<br>  "allowed_security_groups": [],<br>  "apply_immediately": true,<br>  "cluster_tags": {},<br>  "db_cluster_parameter_group_name": null,<br>  "db_cluster_parameters": {},<br>  "db_parameter_group_name": null,<br>  "db_parameters": {},<br>  "enabled_cloudwatch_logs_exports": [],<br>  "engine_version": "8.0.mysql_aurora.3.02.2",<br>  "instance_class": "db.t4g.large",<br>  "master_username": "fleet",<br>  "monitoring_interval": 10,<br>  "name": "fleet",<br>  "preferred_maintenance_window": "thu:23:00-fri:00:00",<br>  "snapshot_identifier": null,<br>  "subnets": []<br>}</pre> | no |
 | <a name="input_redis_config"></a> [redis\_config](#input\_redis\_config) | n/a | <pre>object({<br>    name                          = optional(string, "fleet")<br>    replication_group_id          = optional(string)<br>    elasticache_subnet_group_name = optional(string, "")<br>    allowed_security_group_ids    = optional(list(string), [])<br>    subnets                       = list(string)<br>    allowed_cidrs                 = list(string)<br>    availability_zones            = optional(list(string), [])<br>    cluster_size                  = optional(number, 3)<br>    instance_type                 = optional(string, "cache.m5.large")<br>    apply_immediately             = optional(bool, true)<br>    automatic_failover_enabled    = optional(bool, false)<br>    engine_version                = optional(string, "6.x")<br>    family                        = optional(string, "redis6.x")<br>    at_rest_encryption_enabled    = optional(bool, true)<br>    transit_encryption_enabled    = optional(bool, true)<br>    parameter = optional(list(object({<br>      name  = string<br>      value = string<br>    })), [])<br>    log_delivery_configuration = optional(list(map(any)), [])<br>    tags                       = optional(map(string), {})<br>  })</pre> | <pre>{<br>  "allowed_cidrs": null,<br>  "allowed_security_group_ids": [],<br>  "apply_immediately": true,<br>  "at_rest_encryption_enabled": true,<br>  "automatic_failover_enabled": false,<br>  "availability_zones": [],<br>  "cluster_size": 3,<br>  "elasticache_subnet_group_name": "",<br>  "engine_version": "6.x",<br>  "family": "redis6.x",<br>  "instance_type": "cache.m5.large",<br>  "log_delivery_configuration": [],<br>  "name": "fleet",<br>  "parameter": [],<br>  "replication_group_id": null,<br>  "subnets": null,<br>  "tags": {},<br>  "transit_encryption_enabled": true<br>}</pre> | no |
 | <a name="input_vpc_config"></a> [vpc\_config](#input\_vpc\_config) | n/a | <pre>object({<br>    vpc_id = string<br>    networking = object({<br>      subnets = list(string)<br>    })<br>  })</pre> | n/a | yes |
 
diff --git a/terraform/byo-vpc/variables.tf b/terraform/byo-vpc/variables.tf
index 14522f80e2..044324c984 100644
--- a/terraform/byo-vpc/variables.tf
+++ b/terraform/byo-vpc/variables.tf
@@ -44,7 +44,7 @@ variable "rds_config" {
     master_username                 = "fleet"
     snapshot_identifier             = null
     cluster_tags                    = {}
-    preferred_maintenance_window    = "thurs:23:00-fri:00:00"
+    preferred_maintenance_window    = "thu:23:00-fri:00:00"
   }
   description = "The config for the terraform-aws-modules/rds-aurora/aws module"
   nullable    = false

From 1d736d82dfc8f2f83d6c9db85d727dff84f0ccb6 Mon Sep 17 00:00:00 2001
From: Benjamin Edwards <edwards.benw@gmail.com>
Date: Wed, 20 Mar 2024 15:28:49 -0400
Subject: [PATCH 04/54] update default in both places (#17741)

---
 terraform/byo-vpc/README.md    | 2 +-
 terraform/byo-vpc/variables.tf | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/terraform/byo-vpc/README.md b/terraform/byo-vpc/README.md
index 33e1a31d43..941a340aa0 100644
--- a/terraform/byo-vpc/README.md
+++ b/terraform/byo-vpc/README.md
@@ -35,7 +35,7 @@ No requirements.
 | <a name="input_ecs_cluster"></a> [ecs\_cluster](#input\_ecs\_cluster) | The config for the terraform-aws-modules/ecs/aws module | <pre>object({<br>    autoscaling_capacity_providers = optional(any, {})<br>    cluster_configuration = optional(any, {<br>      execute_command_configuration = {<br>        logging = "OVERRIDE"<br>        log_configuration = {<br>          cloud_watch_log_group_name = "/aws/ecs/aws-ec2"<br>        }<br>      }<br>    })<br>    cluster_name = optional(string, "fleet")<br>    cluster_settings = optional(map(string), {<br>      "name" : "containerInsights",<br>      "value" : "enabled",<br>    })<br>    create                                = optional(bool, true)<br>    default_capacity_provider_use_fargate = optional(bool, true)<br>    fargate_capacity_providers = optional(any, {<br>      FARGATE = {<br>        default_capacity_provider_strategy = {<br>          weight = 100<br>        }<br>      }<br>      FARGATE_SPOT = {<br>        default_capacity_provider_strategy = {<br>          weight = 0<br>        }<br>      }<br>    })<br>    tags = optional(map(string))<br>  })</pre> | <pre>{<br>  "autoscaling_capacity_providers": {},<br>  "cluster_configuration": {<br>    "execute_command_configuration": {<br>      "log_configuration": {<br>        "cloud_watch_log_group_name": "/aws/ecs/aws-ec2"<br>      },<br>      "logging": "OVERRIDE"<br>    }<br>  },<br>  "cluster_name": "fleet",<br>  "cluster_settings": {<br>    "name": "containerInsights",<br>    "value": "enabled"<br>  },<br>  "create": true,<br>  "default_capacity_provider_use_fargate": true,<br>  "fargate_capacity_providers": {<br>    "FARGATE": {<br>      "default_capacity_provider_strategy": {<br>        "weight": 100<br>      }<br>    },<br>    "FARGATE_SPOT": {<br>      "default_capacity_provider_strategy": {<br>        "weight": 0<br>      }<br>    }<br>  },<br>  "tags": {}<br>}</pre> | no |
 | <a name="input_fleet_config"></a> [fleet\_config](#input\_fleet\_config) | The configuration object for Fleet itself. Fields that default to null will have their respective resources created if not specified. | <pre>object({<br>    mem                          = optional(number, 4096)<br>    cpu                          = optional(number, 512)<br>    image                        = optional(string, "fleetdm/fleet:v4.47.1")<br>    family                       = optional(string, "fleet")<br>    sidecars                     = optional(list(any), [])<br>    depends_on                   = optional(list(any), [])<br>    mount_points                 = optional(list(any), [])<br>    volumes                      = optional(list(any), [])<br>    extra_environment_variables  = optional(map(string), {})<br>    extra_iam_policies           = optional(list(string), [])<br>    extra_execution_iam_policies = optional(list(string), [])<br>    extra_secrets                = optional(map(string), {})<br>    security_groups              = optional(list(string), null)<br>    security_group_name          = optional(string, "fleet")<br>    iam_role_arn                 = optional(string, null)<br>    service = optional(object({<br>      name = optional(string, "fleet")<br>      }), {<br>      name = "fleet"<br>    })<br>    database = optional(object({<br>      password_secret_arn = string<br>      user                = string<br>      database            = string<br>      address             = string<br>      rr_address          = optional(string, null)<br>      }), {<br>      password_secret_arn = null<br>      user                = null<br>      database            = null<br>      address             = null<br>      rr_address          = null<br>    })<br>    redis = optional(object({<br>      address = string<br>      use_tls = optional(bool, true)<br>      }), {<br>      address = null<br>      use_tls = true<br>    })<br>    awslogs = optional(object({<br>      name      = optional(string, null)<br>      region    = optional(string, null)<br>      create    = optional(bool, true)<br>      prefix    = optional(string, "fleet")<br>      retention = optional(number, 5)<br>      }), {<br>      name      = null<br>      region    = null<br>      prefix    = "fleet"<br>      retention = 5<br>    })<br>    loadbalancer = optional(object({<br>      arn = string<br>      }), {<br>      arn = null<br>    })<br>    extra_load_balancers = optional(list(any), [])<br>    networking = optional(object({<br>      subnets         = list(string)<br>      security_groups = optional(list(string), null)<br>      }), {<br>      subnets         = null<br>      security_groups = null<br>    })<br>    autoscaling = optional(object({<br>      max_capacity                 = optional(number, 5)<br>      min_capacity                 = optional(number, 1)<br>      memory_tracking_target_value = optional(number, 80)<br>      cpu_tracking_target_value    = optional(number, 80)<br>      }), {<br>      max_capacity                 = 5<br>      min_capacity                 = 1<br>      memory_tracking_target_value = 80<br>      cpu_tracking_target_value    = 80<br>    })<br>    iam = optional(object({<br>      role = optional(object({<br>        name        = optional(string, "fleet-role")<br>        policy_name = optional(string, "fleet-iam-policy")<br>        }), {<br>        name        = "fleet-role"<br>        policy_name = "fleet-iam-policy"<br>      })<br>      execution = optional(object({<br>        name        = optional(string, "fleet-execution-role")<br>        policy_name = optional(string, "fleet-execution-role")<br>        }), {<br>        name        = "fleet-execution-role"<br>        policy_name = "fleet-iam-policy-execution"<br>      })<br>      }), {<br>      name = "fleetdm-execution-role"<br>    })<br>  })</pre> | <pre>{<br>  "autoscaling": {<br>    "cpu_tracking_target_value": 80,<br>    "max_capacity": 5,<br>    "memory_tracking_target_value": 80,<br>    "min_capacity": 1<br>  },<br>  "awslogs": {<br>    "create": true,<br>    "name": null,<br>    "prefix": "fleet",<br>    "region": null,<br>    "retention": 5<br>  },<br>  "cpu": 256,<br>  "database": {<br>    "address": null,<br>    "database": null,<br>    "password_secret_arn": null,<br>    "rr_address": null,<br>    "user": null<br>  },<br>  "depends_on": [],<br>  "extra_environment_variables": {},<br>  "extra_execution_iam_policies": [],<br>  "extra_iam_policies": [],<br>  "extra_load_balancers": [],<br>  "extra_secrets": {},<br>  "family": "fleet",<br>  "iam": {<br>    "execution": {<br>      "name": "fleet-execution-role",<br>      "policy_name": "fleet-iam-policy-execution"<br>    },<br>    "role": {<br>      "name": "fleet-role",<br>      "policy_name": "fleet-iam-policy"<br>    }<br>  },<br>  "iam_role_arn": null,<br>  "image": "fleetdm/fleet:v4.31.1",<br>  "loadbalancer": {<br>    "arn": null<br>  },<br>  "mem": 512,<br>  "mount_points": [],<br>  "networking": {<br>    "security_groups": null,<br>    "subnets": null<br>  },<br>  "redis": {<br>    "address": null,<br>    "use_tls": true<br>  },<br>  "security_group_name": "fleet",<br>  "security_groups": null,<br>  "service": {<br>    "name": "fleet"<br>  },<br>  "sidecars": [],<br>  "volumes": []<br>}</pre> | no |
 | <a name="input_migration_config"></a> [migration\_config](#input\_migration\_config) | The configuration object for Fleet's migration task. | <pre>object({<br>    mem = number<br>    cpu = number<br>  })</pre> | <pre>{<br>  "cpu": 1024,<br>  "mem": 2048<br>}</pre> | no |
-| <a name="input_rds_config"></a> [rds\_config](#input\_rds\_config) | The config for the terraform-aws-modules/rds-aurora/aws module | <pre>object({<br>    name                            = optional(string, "fleet")<br>    engine_version                  = optional(string, "8.0.mysql_aurora.3.02.2")<br>    instance_class                  = optional(string, "db.t4g.large")<br>    subnets                         = optional(list(string), [])<br>    allowed_security_groups         = optional(list(string), [])<br>    allowed_cidr_blocks             = optional(list(string), [])<br>    apply_immediately               = optional(bool, true)<br>    monitoring_interval             = optional(number, 10)<br>    db_parameter_group_name         = optional(string)<br>    db_parameters                   = optional(map(string), {})<br>    db_cluster_parameter_group_name = optional(string)<br>    db_cluster_parameters           = optional(map(string), {})<br>    enabled_cloudwatch_logs_exports = optional(list(string), [])<br>    master_username                 = optional(string, "fleet")<br>    snapshot_identifier             = optional(string)<br>    cluster_tags                    = optional(map(string), {})<br>    preferred_maintenance_window    = optional(string, "thurs:23:00-fri:00:00")<br>  })</pre> | <pre>{<br>  "allowed_cidr_blocks": [],<br>  "allowed_security_groups": [],<br>  "apply_immediately": true,<br>  "cluster_tags": {},<br>  "db_cluster_parameter_group_name": null,<br>  "db_cluster_parameters": {},<br>  "db_parameter_group_name": null,<br>  "db_parameters": {},<br>  "enabled_cloudwatch_logs_exports": [],<br>  "engine_version": "8.0.mysql_aurora.3.02.2",<br>  "instance_class": "db.t4g.large",<br>  "master_username": "fleet",<br>  "monitoring_interval": 10,<br>  "name": "fleet",<br>  "preferred_maintenance_window": "thu:23:00-fri:00:00",<br>  "snapshot_identifier": null,<br>  "subnets": []<br>}</pre> | no |
+| <a name="input_rds_config"></a> [rds\_config](#input\_rds\_config) | The config for the terraform-aws-modules/rds-aurora/aws module | <pre>object({<br>    name                            = optional(string, "fleet")<br>    engine_version                  = optional(string, "8.0.mysql_aurora.3.02.2")<br>    instance_class                  = optional(string, "db.t4g.large")<br>    subnets                         = optional(list(string), [])<br>    allowed_security_groups         = optional(list(string), [])<br>    allowed_cidr_blocks             = optional(list(string), [])<br>    apply_immediately               = optional(bool, true)<br>    monitoring_interval             = optional(number, 10)<br>    db_parameter_group_name         = optional(string)<br>    db_parameters                   = optional(map(string), {})<br>    db_cluster_parameter_group_name = optional(string)<br>    db_cluster_parameters           = optional(map(string), {})<br>    enabled_cloudwatch_logs_exports = optional(list(string), [])<br>    master_username                 = optional(string, "fleet")<br>    snapshot_identifier             = optional(string)<br>    cluster_tags                    = optional(map(string), {})<br>    preferred_maintenance_window    = optional(string, "thu:23:00-fri:00:00")<br>  })</pre> | <pre>{<br>  "allowed_cidr_blocks": [],<br>  "allowed_security_groups": [],<br>  "apply_immediately": true,<br>  "cluster_tags": {},<br>  "db_cluster_parameter_group_name": null,<br>  "db_cluster_parameters": {},<br>  "db_parameter_group_name": null,<br>  "db_parameters": {},<br>  "enabled_cloudwatch_logs_exports": [],<br>  "engine_version": "8.0.mysql_aurora.3.02.2",<br>  "instance_class": "db.t4g.large",<br>  "master_username": "fleet",<br>  "monitoring_interval": 10,<br>  "name": "fleet",<br>  "preferred_maintenance_window": "thu:23:00-fri:00:00",<br>  "snapshot_identifier": null,<br>  "subnets": []<br>}</pre> | no |
 | <a name="input_redis_config"></a> [redis\_config](#input\_redis\_config) | n/a | <pre>object({<br>    name                          = optional(string, "fleet")<br>    replication_group_id          = optional(string)<br>    elasticache_subnet_group_name = optional(string, "")<br>    allowed_security_group_ids    = optional(list(string), [])<br>    subnets                       = list(string)<br>    allowed_cidrs                 = list(string)<br>    availability_zones            = optional(list(string), [])<br>    cluster_size                  = optional(number, 3)<br>    instance_type                 = optional(string, "cache.m5.large")<br>    apply_immediately             = optional(bool, true)<br>    automatic_failover_enabled    = optional(bool, false)<br>    engine_version                = optional(string, "6.x")<br>    family                        = optional(string, "redis6.x")<br>    at_rest_encryption_enabled    = optional(bool, true)<br>    transit_encryption_enabled    = optional(bool, true)<br>    parameter = optional(list(object({<br>      name  = string<br>      value = string<br>    })), [])<br>    log_delivery_configuration = optional(list(map(any)), [])<br>    tags                       = optional(map(string), {})<br>  })</pre> | <pre>{<br>  "allowed_cidrs": null,<br>  "allowed_security_group_ids": [],<br>  "apply_immediately": true,<br>  "at_rest_encryption_enabled": true,<br>  "automatic_failover_enabled": false,<br>  "availability_zones": [],<br>  "cluster_size": 3,<br>  "elasticache_subnet_group_name": "",<br>  "engine_version": "6.x",<br>  "family": "redis6.x",<br>  "instance_type": "cache.m5.large",<br>  "log_delivery_configuration": [],<br>  "name": "fleet",<br>  "parameter": [],<br>  "replication_group_id": null,<br>  "subnets": null,<br>  "tags": {},<br>  "transit_encryption_enabled": true<br>}</pre> | no |
 | <a name="input_vpc_config"></a> [vpc\_config](#input\_vpc\_config) | n/a | <pre>object({<br>    vpc_id = string<br>    networking = object({<br>      subnets = list(string)<br>    })<br>  })</pre> | n/a | yes |
 
diff --git a/terraform/byo-vpc/variables.tf b/terraform/byo-vpc/variables.tf
index 044324c984..e9ae55c2d6 100644
--- a/terraform/byo-vpc/variables.tf
+++ b/terraform/byo-vpc/variables.tf
@@ -25,7 +25,7 @@ variable "rds_config" {
     master_username                 = optional(string, "fleet")
     snapshot_identifier             = optional(string)
     cluster_tags                    = optional(map(string), {})
-    preferred_maintenance_window    = optional(string, "thurs:23:00-fri:00:00")
+    preferred_maintenance_window    = optional(string, "thu:23:00-fri:00:00")
   })
   default = {
     name                            = "fleet"

From a9910ad37e5198edb36116ebfaabb626e3e86f52 Mon Sep 17 00:00:00 2001
From: Noah Talerman <47070608+noahtalerman@users.noreply.github.com>
Date: Wed, 20 Mar 2024 21:56:04 -0400
Subject: [PATCH 05/54] Update pricing-features-table.yml (#17599)

- "Separate file size options for query results vs. agent logs when
using filesystem storage" (#11999) is on track for a 2024-04-22 release
---
 handbook/company/pricing-features-table.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/handbook/company/pricing-features-table.yml b/handbook/company/pricing-features-table.yml
index 84e8e0eb5e..4fe0279bcd 100644
--- a/handbook/company/pricing-features-table.yml
+++ b/handbook/company/pricing-features-table.yml
@@ -873,7 +873,7 @@
   pricingTableCategories: [Endpoint operations]
   buzzwords: [Real-time export,Ship logs]
   waysToUse:
-    - description: Choose different file sizes for automated query results and agent logs. Coming soon (2024-01-26) #Customer-blanco
+    - description: Choose different file sizes for automated query results and agent logs. Coming soon (2024-04-22) #Customer-blanco
       moreInfoUrl: https://github.com/fleetdm/fleet/issues/11999
 - industryName: File carving (AWS S3)
   documentationUrl: https://fleetdm.com/docs/configuration/fleet-server-configuration#s-3-file-carving-backend

From 7100e80ae4997f274d2dee9ef74cfe05ea652cc4 Mon Sep 17 00:00:00 2001
From: Isabell Reedy <113355639+ireedy@users.noreply.github.com>
Date: Wed, 20 Mar 2024 21:57:36 -0400
Subject: [PATCH 06/54] Add process for Fleeties to notify BizOps for
 individualized expenses  (#17715)

Have noticed there are some recurring charges on Brex cards that are not
making it into The Numbers. This will help BizOps ensure we are tracking
all recurring expenses across the company.

Co-authored-by: Joanne Stableford <59930035+JoStableford@users.noreply.github.com>
---
 handbook/company/communications.md | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/handbook/company/communications.md b/handbook/company/communications.md
index fdba85c507..2c96aa5833 100644
--- a/handbook/company/communications.md
+++ b/handbook/company/communications.md
@@ -420,7 +420,9 @@ Recurring expenses related to a particular team member, such as coworking fees,
 - Individualized expenses should include the team member's name explicitly in the name of the expense.
 - If multiple team members use the same vendor for an individualized expense (for example, "WeWork"), use a separate row for each individualized expense.  (For example: "Coworking, Mungojerry (WeWork)" and "Coworking, Jennyanydots (WeWork)")
 - Individualized expenses are always attributed to the  "🔦 Business operations" department.
-- These expenses are still considered non-personnel expenses, in the same way seat licenses for tools like Salesforce or GitHub are considered non-personnel expenses.   
+- These expenses are still considered non-personnel expenses, in the same way seat licenses for tools like Salesforce or GitHub are considered non-personnel expenses.
+
+For all new individualized expenses, [create an issue](https://github.com/fleetdm/confidential/issues/new?assignees=&labels=%23g-business-operations&projects=&template=custom-request.md&title=Request%3A+_______________________) to notify the Business Operations department.  
 
 
 ## Travel

From 4f7ebe2fcb408b402288e9c3f13124243c8303a3 Mon Sep 17 00:00:00 2001
From: Noah Talerman <47070608+noahtalerman@users.noreply.github.com>
Date: Wed, 20 Mar 2024 21:58:12 -0400
Subject: [PATCH 07/54] Update communications.md (#17604)

- Fix typo
---
 handbook/company/communications.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/handbook/company/communications.md b/handbook/company/communications.md
index 2c96aa5833..c0f6a7afcd 100644
--- a/handbook/company/communications.md
+++ b/handbook/company/communications.md
@@ -19,7 +19,7 @@ We track competitors' capabilities and adjacent (or commonly integrated) product
 | Best practices for using Fleet | [Noah Talerman](https://www.linkedin.com/in/noah-talerman/) _([@noahtalerman](https://github.com/noahtalerman))_ | 
 | What goes in a release | [Luke Heath](https://www.linkedin.com/in/lukeheath/) _([@lukeheath](https://github.com/lukeheath))_ |
 | Engineering output and architecture | [Luke Heath](https://www.linkedin.com/in/lukeheath/) _([@lukeheath](https://github.com/lukeheath))_ |
-| Structure and intentionallity of the [Docs](https://fleetdm.com/docs/get-started/why-fleet)| [Mike Thomas](https://www.linkedin.com/in/mike-thomas-52277938) _([@mike-j-thomas](https://github.com/mike-j-thomas))_ |
+| Structure and intentionality of the [Docs](https://fleetdm.com/docs/get-started/why-fleet)| [Mike Thomas](https://www.linkedin.com/in/mike-thomas-52277938) _([@mike-j-thomas](https://github.com/mike-j-thomas))_ |
 | Design and content of the [Docs](https://fleetdm.com/docs/get-started/why-fleet) | [Rachael Shaw](https://www.linkedin.com/in/rachaelcshaw/) _([@rachaelshaw](https://github.com/rachaelshaw))_ |
 | API design | [Rachael Shaw](https://www.linkedin.com/in/rachaelcshaw/) _([@rachaelshaw](https://github.com/rachaelshaw))_ |
 

From 1226af3504fca1107d71c8903c54fb2a067f877b Mon Sep 17 00:00:00 2001
From: Eric <eashaw@sailsjs.com>
Date: Wed, 20 Mar 2024 21:08:01 -0500
Subject: [PATCH 08/54] Website: update website header & mobile navigation menu
 (#17718)

Closes: #17708

Changes:
- Updated the website's header navigation to match the latest Figma
wireframes.
- Updated the padding of the mobile navigation menu to keep padding
consistent when the menu is opened/closed
---
 website/assets/styles/layout.less | 213 ++++++++++++++++++------------
 website/views/layouts/layout.ejs  | 145 ++++++++++----------
 2 files changed, 197 insertions(+), 161 deletions(-)

diff --git a/website/assets/styles/layout.less b/website/assets/styles/layout.less
index 5efcdeced3..de314d96ae 100644
--- a/website/assets/styles/layout.less
+++ b/website/assets/styles/layout.less
@@ -57,7 +57,9 @@ html, body {
 
 [purpose='page-header'] {
   max-width: 1200px;
+  padding: 19px 64px;
   height: 80px;
+  color: @core-fleet-black;
   [purpose='header-logo'] {
     max-width: 118px;
     img {
@@ -99,23 +101,20 @@ html, body {
 
   [purpose='mobile-nav-toggle-btn'] {
     color: #192147;
-    cursor: unset;
+    cursor: pointer;
     font-size: 16px;
     text-decoration: none;
     font-family: @navigation-font;
     font-weight: @bold;
     height: 100%;
+    padding-left: 24px;
+    user-select: none;
     img {
+      margin-left: 8px;
       width: 16px;
     }
   }
   [purpose='mobile-nav'] {
-    [purpose='mobile-header-logo'] {
-      img {
-        height: 92px;
-        width: 162px;
-      }
-    }
     position: fixed;
     min-height: 100vh;
     top: 0;
@@ -124,52 +123,79 @@ html, body {
     bottom: 0;
     pointer-events: none;
     background-color: #ffffff;
-    a:not(.btn) {
-      width: 100%;
-      padding: 8px 24px 8px 0px;
-      margin-bottom: 4px;
-      font-weight: 700;
-      color: #212529;
-      cursor: pointer;
-    }
     hr {
       margin-top: 4px;
       margin-bottom: 8px;
     }
+    [purpose='mobile-nav-header'] {
+      padding: 19px 40px;
+      height: 80px;
+    }
+    [purpose='mobile-nav-container'] {
+      padding: 8px 40px 0px 40px;
+    }
+    [purpose='mobile-header-logo'] {
+      img {
+        height: 41px;
+        width: 118px;
+      }
+    }
     [purpose='mobile-nav-close-btn'] {
       font-size: 16px;
+      padding-left: 24px;
+      cursor: pointer;
       text-decoration: none;
+      user-select: none;
       img {
         width: 16px;
       }
     }
 
-    [purpose='mobile-dropdown-toggle'] {
+    [purpose='mobile-dropdown-link'] {
+      width: 100%;
+      padding: 8px 24px 8px 0px;
+      margin-bottom: 8px;
       font-weight: 700;
+      cursor: pointer;
+      color: @core-fleet-black;
+      &:hover {
+        color: @core-vibrant-blue;
+        text-decoration: none;
+      }
+    }
+    [purpose='mobile-dropdown-toggle'] {
+      width: 100%;
+      padding: 8px 24px 8px 0px;
+      margin-bottom: 4px;
+      font-weight: 700;
+      cursor: pointer;
       color: @core-fleet-black;
-      margin-bottom: 0px;
       &[aria-expanded='true'] {
         color: #6a67fe;
         outline: none;
         margin-bottom: 4px;
       }
+      &:hover {
+        color: #6a67fe;
+      }
     }
     [purpose='mobile-nav-btn'] {
       text-decoration: none;
       font-weight: 700;
+      color: @core-fleet-black;
+      &:hover {
+        color: @core-vibrant-blue;
+      }
     }
     [purpose='mobile-dropdown'] {
-      [purpose='beta-label'] {
-        background: linear-gradient(90deg, #FF5C83 0%, #6A67FE 100%);
-        display: inline-block;
-        padding: 1px 6px;
-        text-transform: uppercase;
-        color: #FFF;
-        font-weight: 700;
-        font-size: 11px;
-        line-height: 20px;
-        margin-left: 8px;
-        vertical-align: middle;
+      cursor: pointer;
+      display: flex;
+      flex-direction: column;
+      &.collapse {
+        display: none;
+      }
+      &.collapse.show {
+        display: flex;
       }
       span {
         display: inline-flex;
@@ -192,16 +218,13 @@ html, body {
         color: #6a67fe;
         text-decoration: none;
       }
-      [purpose='beta-label'] {
-        color: #FFF;
-        font-weight: 700;
-        font-size: 11px;
-        line-height: 20px;
-        margin-bottom: 0px;
+      [purpose='indented-mobile-links'] {
+        padding-left: 16px;
       }
     }
   }
   [purpose='header-nav'] {
+
     [purpose='glass-header-btn'] {
       color: #FFFFFF;
       height: 32px;
@@ -213,11 +236,12 @@ html, body {
       border-radius: 4px;
       background-color: @core-vibrant-red;
       text-decoration: none;
+      white-space: nowrap;
     }
     [purpose='header-nav-btn'][aria-expanded='true'] {
       font-weight: 700;
       outline: none;
-      color: #192147;
+      color: @core-fleet-black-75;;
     }
     [purpose='header-nav-btn']:before {
       display: block;
@@ -227,11 +251,22 @@ html, body {
       overflow: hidden;
       visibility: hidden;
     }
+    [purpose='log-out-button'] {
+      padding-left: 16px;
+      color: @core-fleet-black-75;
+      white-space: nowrap;
+      &:hover {
+        color: @core-fleet-black-75;
+        font-weight: 700;
+        text-decoration: none;
+      }
+    }
     [purpose='header-nav-btn'] {
-      color: #192147;
+      color: @core-fleet-black-75;
       font-weight: 400;
       cursor: pointer;
       display: inline-block;
+      padding: 6px 16px;
     }
     [purpose='header-nav-btn']:hover {
       font-weight: 700;
@@ -248,13 +283,9 @@ html, body {
         }
       }
     }
-    [purpose='logout-btn'] {
-      color: @core-fleet-black;
-      text-decoration: none;
-      line-height: 23px;
-    }
-    &:hover {
-      font-weight: 700;
+    [purpose='gh-button'] {
+      margin-left: 24px;
+      margin-right: 24px;
     }
     [purpose='header-dropdown'] {
       box-shadow: 0px 4px 40px rgba(0, 0, 0, 0.4);
@@ -263,41 +294,32 @@ html, body {
         color: @core-fleet-black;
         font-weight: 400;
         line-height: 20px;
+        &:not(:last-of-type) {
+          margin-bottom: 4px;
+        }
       }
       a:hover {
         color: #6a67fe;
         text-decoration: none;
       }
-      [purpose='beta-label'] {
-        background: linear-gradient(90deg, #FF5C83 0%, #6A67FE 100%);
-        display: inline-block;
-        padding: 1px 6px;
-        text-transform: uppercase;
-        color: #FFF;
-        font-weight: 700;
-        font-size: 11px;
-        line-height: 20px;
-        margin-left: 8px;
-        vertical-align: middle;
+    }
+  }
+  [purpose='admin-nav'] {
+    justify-content: center;
+    a {
+      margin-left: 30px;
+      margin-right: 30px;
+      color: @core-fleet-black-75;
+      &:hover {
+        color: @core-fleet-black;
       }
     }
-  }
-}
-[purpose='admin-nav'] {
-  justify-content: center;
-  a {
-    margin-left: 30px;
-    margin-right: 30px;
-    color: @core-fleet-black-75;
-    &:hover {
+    span {
       color: @core-fleet-black;
+      font-weight: 600;
+      margin-right: 30px;
     }
   }
-  span {
-    color: @core-fleet-black;
-    font-weight: 600;
-    margin-right: 30px;
-  }
 }
 
 // Footer styles
@@ -411,8 +433,6 @@ html, body {
   }
 }
 
-
-
 body.detected-mobile {
   // Above and beyond the media queries below, this selector (which relies on
   // `parasails` automatically attaching this class, if appropriate) contains
@@ -421,9 +441,9 @@ body.detected-mobile {
   // devices (like the iPad) as well as handset devices (like the iPhone).
   // …
 }
-@media (max-width: 992px) {
-  .homepage-cta-banner+.homepage-header-top {
-    top: 72px;
+@media (max-width: 991px) {
+  [purpose='page-header'] {
+    padding: 19px 40px;
   }
   [purpose='page-wrap'] {
     padding-bottom: 460px;
@@ -432,13 +452,23 @@ body.detected-mobile {
     padding: 64px 40px;
     height: 460px;
   }
-
   [purpose='footer-socials'] {
     margin-bottom: 32px;
   }
 }
 
 @media (max-width: 767px) {
+  [purpose='page-header'] {
+    padding: 19px 32px;
+    [purpose='mobile-nav'] {
+      [purpose='mobile-nav-header'] {
+        padding: 19px 32px;
+      }
+      [purpose='mobile-nav-container'] {
+        padding: 8px 32px 0px 32px;
+      }
+    }
+  }
   [purpose='page-wrap'] {
     padding-bottom: 701px;
   }
@@ -451,11 +481,6 @@ body.detected-mobile {
   }
 
 }
-@media (max-width: 605px) {
-  .homepage-cta-banner + .homepage-header-top {
-    top: 92px;
-  }
-}
 @media (max-width: 575px) {
   [purpose='page-wrap'] {
     padding-bottom: 925px;
@@ -463,6 +488,17 @@ body.detected-mobile {
   [purpose='page-wrap'].reduced-footer-links {
     padding-bottom: 97px;
   }
+  [purpose='page-header'] {
+    padding: 19px 24px;
+    [purpose='mobile-nav'] {
+      [purpose='mobile-nav-header'] {
+        padding: 19px 24px;
+      }
+      [purpose='mobile-nav-container'] {
+        padding: 8px 24px 0px 24px;
+      }
+    }
+  }
   [purpose='reduced-nav-footer'] {
     height: 97px;
   }
@@ -490,14 +526,17 @@ body.detected-mobile {
   }
 }
 
-@media (max-width: 393px) {
-  .homepage-cta-banner + .homepage-header-top {
-    top: 112px;
-  }
-}
-@media (max-width: 330px) {
-  .homepage-cta-banner + .homepage-header-top {
-    top: 132px;
+@media (max-width: 375px) {
+  [purpose='page-header'] {
+    padding: 19px 16px;
+    [purpose='mobile-nav'] {
+      [purpose='mobile-nav-header'] {
+        padding: 19px 16px;
+      }
+      [purpose='mobile-nav-container'] {
+        padding: 8px 16px 0px 16px;
+      }
+    }
   }
 }
 
diff --git a/website/views/layouts/layout.ejs b/website/views/layouts/layout.ejs
index fdba214296..c5859e0bd7 100644
--- a/website/views/layouts/layout.ejs
+++ b/website/views/layouts/layout.ejs
@@ -145,147 +145,144 @@
       <div class="header" purpose="header-container" data-nosnippet>
         <div purpose="header-background">
           <% if(!hideHeaderLinks) { %>
-            <div purpose="page-header" class="container-fluid d-flex justify-content-between align-items-center pt-3 pb-3 px-3 px-md-4">
+            <div purpose="page-header" class="container-fluid d-flex justify-content-between align-items-center">
               <a purpose="header-logo" href="/">
                 <img alt="Fleet logo" src="/images/logo-blue-118x41@2x.png"/>
               </a>
               <%/* Mobile Navigation menu */%>
               <div class="d-flex d-lg-none align-items-center">
-                <button purpose="mobile-nav-toggle-btn" class="btn btn-link d-flex flex-row align-items-center" data-toggle="collapse" data-target="#navbarToggleExternalContent">
-                  <span class="mr-2">Menu</span>
+                <a purpose="mobile-nav-toggle-btn" class="d-flex flex-row align-items-center" data-toggle="collapse" data-target="#navbarToggleExternalContent">
+                  <span>Menu</span>
                   <img class="align-self-center" alt="An icon indicating that interacting with this button will open the navigation menu." src="/images/icon-hamburger-blue-16x14@2x.png"/>
-                </button>
+                </a>
               </div>
-              <div purpose="mobile-nav" class="collapse px-4 px-sm-5" id="navbarToggleExternalContent">
-                <div class="d-flex justify-content-between">
+              <div purpose="mobile-nav" class="collapse" id="navbarToggleExternalContent">
+                <div purpose="mobile-nav-header" class="d-flex justify-content-between align-items-center">
                   <a purpose="mobile-header-logo" href="/">
-                    <img alt="Fleet logo" src="/images/logo-blue-162x92@2x.png" style="" class="mt-3"/>
+                    <img purpose="mobile-nav-logo" alt="Fleet logo" src="/images/logo-blue-118x41@2x.png" />
                   </a>
-                  <button purpose="mobile-nav-close-btn" class="btn btn-link d-flex align-items-center" data-toggle="collapse" data-target="#navbarToggleExternalContent">
+                  <a purpose="mobile-nav-close-btn" class="d-flex align-items-center" data-toggle="collapse" data-target="#navbarToggleExternalContent">
                     <img alt="An 'X' icon indicating that this can be interacted with to close the navigation menu." src="/images/icon-close-16x16@2x.png"/>
-                  </button>
+                  </a>
                 </div>
-                <div id="mobileDropdowns" class="py-2">
+                <div purpose="mobile-nav-container" id="mobileDropdowns">
                   <a purpose="mobile-dropdown-toggle" class="d-flex align-items-center collapsed" data-toggle="collapse" data-target="#mobileNavbarToggleUseCases" aria-haspopup="true" aria-expanded="false">Platform</a>
-                  <div class="d-block">
-                    <div id="mobileNavbarToggleUseCases" purpose="mobile-dropdown" class="collapse align-items-start" data-parent="#mobileDropdowns">
-                      <a href="/endpoint-ops">Endpoint operations</a>
-                      <a href="/device-management">Device management (MDM)</a>
-                      <a href="/vulnerability-management">Vulnerability management</a>
-                      <a href="/integrations">Integrations</a>
-                    </div>
+                  <div id="mobileNavbarToggleUseCases" purpose="mobile-dropdown" class="collapse align-items-start" data-parent="#mobileDropdowns">
+                    <a purpose="mobile-dropdown-link" href="/endpoint-ops">Endpoint operations</a>
+                    <a purpose="mobile-dropdown-link" href="/device-management">Device management (MDM)</a>
+                    <a purpose="mobile-dropdown-link" href="/vulnerability-management">Vulnerability management</a>
+                    <a purpose="mobile-dropdown-link" href="/integrations">Integrations</a>
                   </div>
                   <hr>
-                  <a purpose="mobile-dropdown-toggle" class="d-flex align-items-center mr-4 collapsed"  data-toggle="collapse" data-target="#mobileNavbarToggleDocumentation" aria-haspopup="true" aria-expanded="false">Documentation</a>
-                  <div class="d-block">
-                    <div id="mobileNavbarToggleDocumentation" purpose="mobile-dropdown" class="collapse" data-parent="#mobileDropdowns">
-                      <a href="/docs">Docs</a>
-                      <a href="/docs/rest-api">REST API</a>
-                      <a href="/queries">Built-in queries</a>
-                      <a href="/tables">Data tables</a>
-                      <span>SUPPORT</span>
-                      <a class="pl-3" href="/support">Chat</a>
-                      <a class="pl-3" href="/docs/deploy/introduction">Hosting</a>
-                      <a class="pl-3" href="/releases">Release notes</a>
-                      <a class="pl-3" href="/customers/register">Get your license</a>
-                      <a class="pl-3" href="/contribute">Contribute</a>
+                  <a purpose="mobile-dropdown-toggle" class="d-flex align-items-center collapsed"  data-toggle="collapse" data-target="#mobileNavbarToggleDocumentation" aria-haspopup="true" aria-expanded="false">Documentation</a>
+                  <div id="mobileNavbarToggleDocumentation" purpose="mobile-dropdown" class="collapse" data-parent="#mobileDropdowns">
+                    <a purpose="mobile-dropdown-link" href="/docs">Docs</a>
+                    <a purpose="mobile-dropdown-link" href="/docs/rest-api">REST API</a>
+                    <a purpose="mobile-dropdown-link" href="/queries">Built-in queries</a>
+                    <a purpose="mobile-dropdown-link" href="/tables">Data tables</a>
+                    <span>SUPPORT</span>
+                    <div purpose="indented-mobile-links">
+                      <a purpose="mobile-dropdown-link" href="/support">Chat</a>
+                      <a purpose="mobile-dropdown-link" href="/docs/deploy/introduction">Hosting</a>
+                      <a purpose="mobile-dropdown-link" href="/releases">Release notes</a>
+                      <a purpose="mobile-dropdown-link" href="/customers/register">Get your license</a>
+                      <a purpose="mobile-dropdown-link" href="/contribute">Contribute</a>
                     </div>
                   </div>
                   <hr>
                   <a purpose="mobile-dropdown-toggle" class="d-flex align-items-center mr-4 collapsed" data-toggle="collapse" data-target="#mobileNavbarToggleCommunity">Community</a>
-                  <div class="d-block">
-                    <div id="mobileNavbarToggleCommunity" purpose="mobile-dropdown" class="collapse" data-parent="#mobileDropdowns">
-                      <a href="/support">Chat</a>
-                      <a href="/announcements">News</a>
-                      <a href="/podcasts">Podcasts</a>
-                      <a href="/articles">Articles</a>
-                      <span>COMPANY</span>
-                      <a class="pl-3" href="/handbook">Handbook</a>
-                      <a class="pl-3" href="/logos">Logos & artwork</a>
-                      <a class="pl-3" href="/handbook/company/why-this-way#why-open-source">Why open source?</a>
+                  <div id="mobileNavbarToggleCommunity" purpose="mobile-dropdown" class="collapse" data-parent="#mobileDropdowns">
+                    <a purpose="mobile-dropdown-link" href="/support">Chat</a>
+                    <a purpose="mobile-dropdown-link" href="/announcements">News</a>
+                    <a purpose="mobile-dropdown-link" href="/podcasts">Podcasts</a>
+                    <a purpose="mobile-dropdown-link" href="/articles">Articles</a>
+                    <span>COMPANY</span>
+                    <div purpose="indented-mobile-links">
+                      <a purpose="mobile-dropdown-link" href="/handbook">Handbook</a>
+                      <a purpose="mobile-dropdown-link" href="/logos">Logos & artwork</a>
+                      <a purpose="mobile-dropdown-link" href="/handbook/company/why-this-way#why-open-source">Why open source?</a>
                     </div>
                   </div>
                   <hr>
-                  <a purpose="mobile-nav-btn" href="/pricing" class="d-flex align-items-center">Pricing</a>
+                  <a purpose="mobile-dropdown-link" href="/pricing" class="d-flex align-items-center">Pricing</a>
                   <% if(_.has(me, 'id')) {%>
                     <hr>
                     <a purpose="mobile-nav-btn"  href="/logout" class="d-flex mt-2 text-decoration-none">Log out</a>
                   <% }%>
-                    <a purpose="glass-header-btn" style="padding: 4px 16px; line-height: 24px; width: 100px" class="btn btn-sm btn-primary align-items-center d-flex mt-4" href="/contact">Talk to us</a>
+                  <a purpose="glass-header-btn" style="padding: 4px 16px; line-height: 24px; width: 100px" class="btn btn-sm btn-primary align-items-center d-flex mt-4" href="/contact">Talk to us</a>
                 </div>
               </div>
               <%/* Desktop Navigation bar */%>
               <div purpose="header-nav" class="d-none d-lg-flex align-items-center justify-content-around">
                 <div purpose="dropdown-button" class="btn-group">
-                  <a purpose="header-nav-btn" class="dropdown-toggle d-inline-block align-items-center py-2 px-3 <%= typeof currentSection !== 'undefined' && currentSection === 'platform' ? 'current-section' : '' %>" data-toggle="dropdown" aria-haspopup="true" aria-expanded="false">Platform</a>
+                  <a purpose="header-nav-btn" class="dropdown-toggle  align-items-center <%= typeof currentSection !== 'undefined' && currentSection === 'platform' ? 'current-section' : '' %>" data-toggle="dropdown" aria-haspopup="true" aria-expanded="false">Platform</a>
                   <div purpose="header-dropdown" class="dropdown-menu">
-                    <a class="dropdown-item mb-1" href="/endpoint-ops">Endpoint operations</a>
-                    <a class="dropdown-item mb-1" href="/device-management">Device management (MDM)</a>
-                    <a class="dropdown-item mb-1" href="/vulnerability-management">Vulnerability management</a>
-                    <a class="dropdown-item mb-1" href="/integrations">Integrations</a>
+                    <a class="dropdown-item" href="/endpoint-ops">Endpoint operations</a>
+                    <a class="dropdown-item" href="/device-management">Device management (MDM)</a>
+                    <a class="dropdown-item" href="/vulnerability-management">Vulnerability management</a>
+                    <a class="dropdown-item" href="/integrations">Integrations</a>
                   </div>
                 </div>
                 <div purpose="dropdown-button" class="btn-group">
-                  <a purpose="header-nav-btn" button-text="Documentation" class="dropdown-toggle d-inline-block align-items-center py-2 px-3 <%= typeof currentSection !== 'undefined' && currentSection === 'documentation' ? 'current-section' : '' %>" data-toggle="dropdown" aria-haspopup="true" aria-expanded="false">Documentation</a>
+                  <a purpose="header-nav-btn" button-text="Documentation" class="dropdown-toggle  align-items-center <%= typeof currentSection !== 'undefined' && currentSection === 'documentation' ? 'current-section' : '' %>" data-toggle="dropdown" aria-haspopup="true" aria-expanded="false">Documentation</a>
                   <div purpose="header-dropdown" class="dropdown-menu">
-                    <a class="dropdown-item mb-1" href="/docs">Docs</a>
-                    <a class="dropdown-item mb-1" href="/docs/rest-api">REST API</a>
-                    <a class="dropdown-item mb-1" href="/queries">Built-in queries</a>
-                    <a class="dropdown-item mb-1" href="/tables">Data tables</a>
+                    <a class="dropdown-item" href="/docs">Docs</a>
+                    <a class="dropdown-item" href="/docs/rest-api">REST API</a>
+                    <a class="dropdown-item" href="/queries">Built-in queries</a>
+                    <a class="dropdown-item" href="/tables">Data tables</a>
                     <span class="muted dropdown-header">SUPPORT</span>
-                    <a class="dropdown-item mb-1" href="/support">Chat</a>
-                    <a class="dropdown-item mb-1" href="/docs/deploy/introduction">Hosting</a>
-                    <a class="dropdown-item mb-1" href="/releases">Release notes</a>
-                    <a class="dropdown-item mb-1" href="/customers/register">Get your license</a>
-                    <a class="dropdown-item mb-1" href="/contribute">Contribute</a>
+                    <a class="dropdown-item" href="/support">Chat</a>
+                    <a class="dropdown-item" href="/docs/deploy/introduction">Hosting</a>
+                    <a class="dropdown-item" href="/releases">Release notes</a>
+                    <a class="dropdown-item" href="/customers/register">Get your license</a>
+                    <a class="dropdown-item" href="/contribute">Contribute</a>
                   </div>
                 </div>
                 <div purpose="dropdown-button" class="btn-group">
-                  <a purpose="header-nav-btn" button-text="Community" class="dropdown-toggle d-inline-block align-items-center py-2 px-3 <%= typeof currentSection !== 'undefined' && currentSection === 'community' ? 'current-section' : '' %>" data-toggle="dropdown">Community</a>
+                  <a purpose="header-nav-btn" button-text="Community" class="dropdown-toggle  align-items-center <%= typeof currentSection !== 'undefined' && currentSection === 'community' ? 'current-section' : '' %>" data-toggle="dropdown">Community</a>
                   <div purpose="header-dropdown" class="dropdown-menu">
-                    <a class="dropdown-item mb-1" href="/support">Chat</a>
-                    <a class="dropdown-item mb-1" href="/announcements">News</a>
-                    <a class="dropdown-item mb-1" href="/podcasts">Podcasts</a>
-                    <a class="dropdown-item mb-1" href="/articles">Articles</a>
-                    <div class="dropdown-divider"></div>
+                    <a class="dropdown-item" href="/support">Chat</a>
+                    <a class="dropdown-item" href="/announcements">News</a>
+                    <a class="dropdown-item" href="/podcasts">Podcasts</a>
+                    <a class="dropdown-item" href="/articles">Articles</a>
                     <span class="muted dropdown-header">COMPANY</span>
-                    <a class="dropdown-item mb-1" href="/handbook">Handbook</a>
+                    <a class="dropdown-item" href="/handbook">Handbook</a>
                     <a class="dropdown-item" href="/logos">Logos/artwork</a>
                     <a class="dropdown-item" href="/handbook/company/why-this-way#why-open-source">Why open source?</a>
                   </div>
                 </div>
-                <a purpose="header-nav-btn" button-text="Pricing" href="/pricing" class="d-inline-block align-items-center py-2 px-3 <%= typeof currentSection !== 'undefined' && currentSection === 'pricing' ? 'current-section' : '' %>" style="text-decoration: none; line-height: 23px;">Pricing</a>
-                <span class="d-flex align-items-center px-3">
+                <a purpose="header-nav-btn" button-text="Pricing" href="/pricing" class=" align-items-center <%= typeof currentSection !== 'undefined' && currentSection === 'pricing' ? 'current-section' : '' %>" style="text-decoration: none; line-height: 23px;">Pricing</a>
+                <span purpose="gh-button" class="d-flex align-items-center">
                   <iframe src="//ghbtns.com/github-btn.html?user=fleetdm&amp;repo=fleet&amp;type=watch&amp;count=true"
                   allowtransparency="true" frameborder="0" scrolling="0" width="100" height="20"></iframe>
                 </span>
                 <a purpose="glass-header-btn" class="align-items-center d-flex" href="/contact">Talk to us</a>
                 <% if(_.has(me, 'id')) {%>
-                <a purpose="header-nav-btn" href="/logout" class="justify-content-end pl-4 py-2 text-decoration-none">Log out</a>
+                <a purpose="log-out-button" href="/logout" class="justify-content-end text-decoration-none">Log out</a>
                 <% }%>
               </div>
             </div>
           <% } else {%>
-            <div purpose="page-header" class="container-fluid d-flex align-items-center justify-content-between pt-3 pb-3 px-3 px-md-4">
+            <div purpose="page-header" class="container-fluid d-flex align-items-center justify-content-between">
               <a purpose="header-logo" href="/">
                 <img alt="Fleet logo" src="/images/logo-blue-118x41@2x.png"/>
               </a>
               <div purpose="header-nav">
                   <% if(_.has(me, 'id')) {%>
-                  <a purpose="header-nav-btn" href="/logout" class="justify-content-end pl-4 py-2 text-decoration-none">Log out</a>
+                  <a purpose="header-nav-btn" href="/logout" class="justify-content-end text-decoration-none">Log out</a>
                   <% }%>
                 </div>
               </div>
           <% } %>
           <%if(me && me.isSuperAdmin && showAdminLinks) {%>
-            <div purpose="admin-nav" class="d-flex flex-row align-items-center px-5">
-              <div class=" justif-self-start">
+            <div purpose="admin-nav" class="d-flex flex-row align-items-center py-2 px-1">
+              <div class="justify-self-start">
                 <span>Admin pages</span>
               </div>
               <div class="d-flex flex-row align-self-end">
-                <a class="px-3 py-2" style="text-decoration: none; line-height: 23px;" href="/admin/generate-license">License generator</a>
-                <a class="px-3 py-2" style="text-decoration: none; line-height: 23px;" href="/admin/email-preview">HTML Email preview tool</a>
-                <a class="px-3 py-2" style="text-decoration: none; line-height: 23px;" href="/admin/sandbox-waitlist">Manage Fleet Sandbox waitlist</a>
+                <a style="text-decoration: none; line-height: 23px;" href="/admin/generate-license">License generator</a>
+                <a style="text-decoration: none; line-height: 23px;" href="/admin/email-preview">HTML Email preview tool</a>
+                <a style="text-decoration: none; line-height: 23px;" href="/admin/sandbox-waitlist">Manage Fleet Sandbox waitlist</a>
               </div>
             </div>
           <%} %>

From 8d3b018f5d14627cd0ed30cfc0a4b61ff5edef52 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Thu, 21 Mar 2024 11:24:13 -0500
Subject: [PATCH 09/54] Bump google.golang.org/protobuf from 1.31.0 to 1.33.0
 (#17612)

---
 go.mod | 2 +-
 go.sum | 4 ++--
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/go.mod b/go.mod
index e4e78b47d7..9883d9a7bc 100644
--- a/go.mod
+++ b/go.mod
@@ -312,7 +312,7 @@ require (
 	google.golang.org/genproto v0.0.0-20231002182017-d307bd883b97 // indirect
 	google.golang.org/genproto/googleapis/api v0.0.0-20231012201019-e917dd12ba7a // indirect
 	google.golang.org/genproto/googleapis/rpc v0.0.0-20231012201019-e917dd12ba7a // indirect
-	google.golang.org/protobuf v1.31.0 // indirect
+	google.golang.org/protobuf v1.33.0 // indirect
 	gopkg.in/alexcesaro/quotedprintable.v3 v3.0.0-20150716171945-2caba252f4dc // indirect
 	gopkg.in/mail.v2 v2.3.1 // indirect
 	gopkg.in/warnings.v0 v0.1.2 // indirect
diff --git a/go.sum b/go.sum
index 866a29d973..84adf199ee 100644
--- a/go.sum
+++ b/go.sum
@@ -1855,8 +1855,8 @@ google.golang.org/protobuf v1.25.0/go.mod h1:9JNX74DMeImyA3h4bdi1ymwjUzf21/xIlba
 google.golang.org/protobuf v1.26.0-rc.1/go.mod h1:jlhhOSvTdKEhbULTjvd4ARK9grFBp09yW+WbY/TyQbw=
 google.golang.org/protobuf v1.26.0/go.mod h1:9q0QmTI4eRPtz6boOQmLYwt+qCgq0jsYwAQnmE0givc=
 google.golang.org/protobuf v1.27.1/go.mod h1:9q0QmTI4eRPtz6boOQmLYwt+qCgq0jsYwAQnmE0givc=
-google.golang.org/protobuf v1.31.0 h1:g0LDEJHgrBl9N9r17Ru3sqWhkIx2NB67okBHPwC7hs8=
-google.golang.org/protobuf v1.31.0/go.mod h1:HV8QOd/L58Z+nl8r43ehVNZIU/HEI6OcFqwMG9pJV4I=
+google.golang.org/protobuf v1.33.0 h1:uNO2rsAINq/JlFpSdYEKIZ0uKD/R9cpdv0T+yoGwGmI=
+google.golang.org/protobuf v1.33.0/go.mod h1:c6P6GXX6sHbq/GpV6MGZEdwhWPcYBgnhAHhKbcUYpos=
 gopkg.in/alecthomas/kingpin.v2 v2.2.6/go.mod h1:FMv+mEhP44yOT+4EoQTLFTRgOQ1FBLkstjWtayDeSgw=
 gopkg.in/alexcesaro/quotedprintable.v3 v3.0.0-20150716171945-2caba252f4dc h1:2gGKlE2+asNV9m7xrywl36YYNnBG5ZQ0r/BOOxqPpmk=
 gopkg.in/alexcesaro/quotedprintable.v3 v3.0.0-20150716171945-2caba252f4dc/go.mod h1:m7x9LTH6d71AHyAX77c9yqWCCa3UKHcVEj9y7hAtKDk=

From c82190b0092e80b5a06b9134e4bc1cfb88d6e812 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Thu, 21 Mar 2024 11:24:58 -0500
Subject: [PATCH 10/54] Bump follow-redirects from 1.15.5 to 1.15.6 in
 /tools/fleetctl-npm (#17650)

---
 tools/fleetctl-npm/yarn.lock | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/tools/fleetctl-npm/yarn.lock b/tools/fleetctl-npm/yarn.lock
index 3076f03fae..fabb81d6c0 100644
--- a/tools/fleetctl-npm/yarn.lock
+++ b/tools/fleetctl-npm/yarn.lock
@@ -52,9 +52,9 @@ delayed-stream@~1.0.0:
   integrity sha512-ZySD7Nf91aLB0RxL4KGrKHBXl7Eds1DAmEdcoVawXnLD7SDhpNgtuII2aAkg7a7QS41jxPSZ17p4VdGnMHk3MQ==
 
 follow-redirects@^1.15.0:
-  version "1.15.5"
-  resolved "https://registry.yarnpkg.com/follow-redirects/-/follow-redirects-1.15.5.tgz#54d4d6d062c0fa7d9d17feb008461550e3ba8020"
-  integrity sha512-vSFWUON1B+yAw1VN4xMfxgn5fTUiaOzAJCKBwIIgT/+7CuGy9+r+5gITvP62j3RmaD5Ph65UaERdOSRGUzZtgw==
+  version "1.15.6"
+  resolved "https://registry.yarnpkg.com/follow-redirects/-/follow-redirects-1.15.6.tgz#7f815c0cda4249c74ff09e95ef97c23b5fd0399b"
+  integrity sha512-wWN62YITEaOpSK584EZXJafH1AGpO8RVgElfkuXbTOrPX4fIfOyEpW/CsiNd8JdYrAoOvafRTOEnvsO++qCqFA==
 
 form-data@^4.0.0:
   version "4.0.0"

From d896420421d21a0512628b978ac4fe6e4306dda2 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Thu, 21 Mar 2024 11:25:27 -0500
Subject: [PATCH 11/54] Bump follow-redirects from 1.15.4 to 1.15.6 (#17651)

---
 yarn.lock | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/yarn.lock b/yarn.lock
index 3cd3f36bde..ac4c05043a 100644
--- a/yarn.lock
+++ b/yarn.lock
@@ -9598,9 +9598,9 @@ flow-parser@0.*:
   integrity sha512-ZJ6VuLe/BoqeI4GsF+ZuzlpfGi3FCnBrb4xDYhgEJxRt7SAj3ibRuRSsuJSRcY+lQhPZRPNbNWiQqFMxramUzw==
 
 follow-redirects@^1.14.0, follow-redirects@^1.15.0:
-  version "1.15.4"
-  resolved "https://registry.yarnpkg.com/follow-redirects/-/follow-redirects-1.15.4.tgz#cdc7d308bf6493126b17ea2191ea0ccf3e535adf"
-  integrity sha512-Cr4D/5wlrb0z9dgERpUL3LrmPKVDsETIJhaCMeDfuFYcqa5bldGV6wBsAN6X/vxlXQtFBMrXdXxdL8CbDTGniw==
+  version "1.15.6"
+  resolved "https://registry.yarnpkg.com/follow-redirects/-/follow-redirects-1.15.6.tgz#7f815c0cda4249c74ff09e95ef97c23b5fd0399b"
+  integrity sha512-wWN62YITEaOpSK584EZXJafH1AGpO8RVgElfkuXbTOrPX4fIfOyEpW/CsiNd8JdYrAoOvafRTOEnvsO++qCqFA==
 
 for-each@^0.3.3:
   version "0.3.3"

From fb68278b1b48f81a240ae1fa8f7fa03e4a2e7a25 Mon Sep 17 00:00:00 2001
From: Rachael Shaw <r@rachael.wtf>
Date: Thu, 21 Mar 2024 11:25:40 -0500
Subject: [PATCH 12/54] Set host expiry window to 0 to see what happens
 (#17762)

^ what it says
---
 it-and-security/default.yml | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/it-and-security/default.yml b/it-and-security/default.yml
index 5a5a170fef..4349a6338a 100644
--- a/it-and-security/default.yml
+++ b/it-and-security/default.yml
@@ -29,8 +29,8 @@ org_settings:
   fleet_desktop:
     transparency_url: https://fleetdm.com/transparency
   host_expiry_settings:
-    host_expiry_enabled: false
-    host_expiry_window: 7
+    host_expiry_enabled: true
+    host_expiry_window: 0
   integrations:
     jira: [ ]
     zendesk: [ ]

From 1e6c974844762db49f74bdeeb7f779f8160224e7 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Thu, 21 Mar 2024 11:26:14 -0500
Subject: [PATCH 13/54] Bump github.com/docker/docker from 24.0.7+incompatible
 to 24.0.9+incompatible (#17736)

---
 go.mod | 2 +-
 go.sum | 4 ++--
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/go.mod b/go.mod
index 9883d9a7bc..2b89ecb1ce 100644
--- a/go.mod
+++ b/go.mod
@@ -25,7 +25,7 @@ require (
 	github.com/davecgh/go-spew v1.1.1
 	github.com/dgraph-io/badger/v2 v2.2007.2
 	github.com/digitalocean/go-smbios v0.0.0-20180907143718-390a4f403a8e
-	github.com/docker/docker v24.0.7+incompatible
+	github.com/docker/docker v24.0.9+incompatible
 	github.com/docker/go-units v0.4.0
 	github.com/doug-martin/goqu/v9 v9.18.0
 	github.com/e-dard/netbug v0.0.0-20151029172837-e64d308a0b20
diff --git a/go.sum b/go.sum
index 84adf199ee..616092fefd 100644
--- a/go.sum
+++ b/go.sum
@@ -394,8 +394,8 @@ github.com/dimchansky/utfbom v1.1.1 h1:vV6w1AhK4VMnhBno/TPVCoK9U/LP0PkLCS9tbxHdi
 github.com/dimchansky/utfbom v1.1.1/go.mod h1:SxdoEBH5qIqFocHMyGOXVAybYJdr71b1Q/j0mACtrfE=
 github.com/docker/distribution v2.8.2+incompatible h1:T3de5rq0dB1j30rp0sA2rER+m322EBzniBPB6ZIzuh8=
 github.com/docker/distribution v2.8.2+incompatible/go.mod h1:J2gT2udsDAN96Uj4KfcMRqY0/ypR+oyYUYmja8H+y+w=
-github.com/docker/docker v24.0.7+incompatible h1:Wo6l37AuwP3JaMnZa226lzVXGA3F9Ig1seQen0cKYlM=
-github.com/docker/docker v24.0.7+incompatible/go.mod h1:eEKB0N0r5NX/I1kEveEz05bcu8tLC/8azJZsviup8Sk=
+github.com/docker/docker v24.0.9+incompatible h1:HPGzNmwfLZWdxHqK9/II92pyi1EpYKsAqcl4G0Of9v0=
+github.com/docker/docker v24.0.9+incompatible/go.mod h1:eEKB0N0r5NX/I1kEveEz05bcu8tLC/8azJZsviup8Sk=
 github.com/docker/go-connections v0.4.0 h1:El9xVISelRB7BuFusrZozjnkIM5YnzCViNKohAFqRJQ=
 github.com/docker/go-connections v0.4.0/go.mod h1:Gbd7IOopHjR8Iph03tsViu4nIes5XhDvyHbTtUxmeec=
 github.com/docker/go-units v0.4.0 h1:3uh0PgVws3nIA0Q+MwDC8yjEPf9zjRfZZWXZYDct3Tw=

From 452d6b8d0d7ee900012844d758c6bb2a36c36184 Mon Sep 17 00:00:00 2001
From: Noah Talerman <47070608+noahtalerman@users.noreply.github.com>
Date: Thu, 21 Mar 2024 12:30:00 -0400
Subject: [PATCH 14/54] Set host expiry in dogfood back (#17763)

- Back to off
---
 it-and-security/default.yml | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/it-and-security/default.yml b/it-and-security/default.yml
index 4349a6338a..a30c72224b 100644
--- a/it-and-security/default.yml
+++ b/it-and-security/default.yml
@@ -29,8 +29,7 @@ org_settings:
   fleet_desktop:
     transparency_url: https://fleetdm.com/transparency
   host_expiry_settings:
-    host_expiry_enabled: true
-    host_expiry_window: 0
+    host_expiry_enabled: false
   integrations:
     jira: [ ]
     zendesk: [ ]

From 36dafbd969d1e1daa7c5ad67e4967c26a2742a8d Mon Sep 17 00:00:00 2001
From: Eric <eashaw@sailsjs.com>
Date: Thu, 21 Mar 2024 11:58:45 -0500
Subject: [PATCH 15/54] Update vulnerability dashboard deploy action & update
 github maintainers in custom.js (#17602)

Changes:
- Updated the deploy-vulnerability-dashboard workflow to use the correct
variables for the Heroku steps.
- Added GitHub maintainers to `website/config/custom.js` for the GitHub
workflows related to the vulnerability dashboard.
---
 .github/workflows/deploy-vulnerability-dashboard.yml | 4 ++--
 website/config/custom.js                             | 2 ++
 2 files changed, 4 insertions(+), 2 deletions(-)

diff --git a/.github/workflows/deploy-vulnerability-dashboard.yml b/.github/workflows/deploy-vulnerability-dashboard.yml
index 7f453b8367..a8196535ab 100644
--- a/.github/workflows/deploy-vulnerability-dashboard.yml
+++ b/.github/workflows/deploy-vulnerability-dashboard.yml
@@ -22,9 +22,9 @@ jobs:
     # Configure our access credentials for the Heroku CLI
     - uses: akhileshns/heroku-deploy@79ef2ae4ff9b897010907016b268fd0f88561820 # v3.6.8
       with:
-        heroku_api_key: ${{secrets.HEROKU_API_TOKEN_FOR_DEPLOYMENT}}
+        heroku_api_key: ${{secrets.HEROKU_API_TOKEN_FOR_BOT_USER}}
         heroku_app_name: "" # this has to be blank or it doesn't work
-        heroku_email: ${{secrets.HEROKU_EMAIL_FOR_DEPLOYMENT}}
+        heroku_email: ${{secrets.HEROKU_EMAIL_FOR_BOT_USER}}
         justlogin: true
     - run: heroku auth:whoami
 
diff --git a/website/config/custom.js b/website/config/custom.js
index f57443fbc4..c31b77b5d3 100644
--- a/website/config/custom.js
+++ b/website/config/custom.js
@@ -232,6 +232,8 @@ module.exports.custom = {
     // Github workflows
     '.github/workflows/deploy-fleet-website.yml': ['eashaw','mikermcneil'],// (website deploy script)
     '.github/workflows/test-website.yml': ['eashaw','mikermcneil'],//« website CI test script
+    '.github/workflows/deploy-vulnerability-dashboard.yml': ['eashaw','mikermcneil'],// (vulnerabiltiy dashboard deploy script)
+    '.github/workflows/test-vulnerability-dashboard-changes.yml': ['eashaw','mikermcneil'],//« vulnerabiltiy dashboard CI test script
     '.github/workflows': ['lukeheath', 'mikermcneil'],//« CI/CD workflows & misc GitHub Actions. Note that some are also addressed more specifically below in relevant sections)
 
     // Repo automation and change control settings

From 94da1ec032c7a149a7a6829beeaeeea073a4d01f Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Thu, 21 Mar 2024 12:17:16 -0500
Subject: [PATCH 16/54] Bump @okta/oidc-middleware from 4.0.1 to 5.0.0 in
 /ee/vulnerability-dashboard (#17601)
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Bumps
[@okta/oidc-middleware](https://github.com/okta/okta-oidc-middleware)
from 4.0.1 to 5.0.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/okta/okta-oidc-middleware/releases"><code>@​okta/oidc-middleware</code>'s
releases</a>.</em></p>
<blockquote>
<h2>5.0.0</h2>
<h3>Breaking Changes</h3>
<ul>
<li><a
href="https://redirect.github.com/okta/okta-oidc-middleware/pull/54">#54</a>
Requires Node &gt;= 12.19.0. Update production dependencies:
<ul>
<li><code>openid-client@5.1.9</code> (was 3.12.2)</li>
</ul>
</li>
</ul>
<h1>4.5.1</h1>
<h3>Bug Fixes</h3>
<ul>
<li><a
href="https://redirect.github.com/okta/okta-oidc-middleware/pull/43">#43</a>
fix: correctly preprends <code>appBaseUrl</code> to redirect url when
<code>appBaseUrl</code> contains a base path</li>
</ul>
<h2>4.5.0</h2>
<h3>Features</h3>
<ul>
<li><a
href="https://redirect.github.com/okta/okta-oidc-middleware/pull/40">#40</a>
Allows passing <code>loginHint</code> to
<code>ensureAuthenticated</code></li>
</ul>
<h3>Bug Fixes</h3>
<ul>
<li><a
href="https://redirect.github.com/okta/okta-oidc-middleware/pull/42">#42</a>
Fixes <code>appBaseUrl</code> option not prepending to login redirect
url</li>
</ul>
<h2>4.4.0</h2>
<h3>Bug Fixes</h3>
<ul>
<li><a
href="https://redirect.github.com/okta/okta-oidc-middleware/pull/34">#34</a>
Fixes Org AS login issue</li>
<li><a
href="https://redirect.github.com/okta/okta-oidc-middleware/pull/3">#3</a>
Call <code>res.redirect()</code> after custom
<code>routes.loginCallback.handler</code></li>
<li><a
href="https://redirect.github.com/okta/okta-oidc-middleware/pull/37">#37</a>
fix: <code>.logout</code> no longer throws error without valid
credentials</li>
</ul>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/okta/okta-oidc-middleware/blob/master/CHANGELOG.md"><code>@​okta/oidc-middleware</code>'s
changelog</a>.</em></p>
<blockquote>
<h1>5.0.0</h1>
<h3>Breaking Changes</h3>
<ul>
<li><a href="">#</a> Requires Node &gt;= 12.19.0. Update production
dependencies:
<ul>
<li><code>openid-client@5.1.9</code> (was 3.12.2)</li>
</ul>
</li>
</ul>
<h1>4.6</h1>
<p>-<a
href="https://redirect.github.com/okta/okta-oidc-middleware/pull/53">#53</a>
Fix: prevents open redirects</p>
<h1>4.5.1</h1>
<h3>Bug Fixes</h3>
<ul>
<li><a
href="https://redirect.github.com/okta/okta-oidc-middleware/pull/43">#43</a>
fix: correctly preprends <code>appBaseUrl</code> to redirect url when
<code>appBaseUrl</code> contains a base path</li>
</ul>
<h1>4.5.0</h1>
<h3>Features</h3>
<ul>
<li><a
href="https://redirect.github.com/okta/okta-oidc-middleware/pull/40">#40</a>
Allows passing <code>loginHint</code> to
<code>ensureAuthenticated</code></li>
</ul>
<h3>Bug Fixes</h3>
<ul>
<li><a
href="https://redirect.github.com/okta/okta-oidc-middleware/pull/42">#42</a>
Fixes <code>appBaseUrl</code> option not prepending to login redirect
url</li>
</ul>
<h1>4.4.0</h1>
<h3>Bug Fixes</h3>
<ul>
<li><a
href="https://redirect.github.com/okta/okta-oidc-middleware/pull/34">#34</a>
Fixes Org AS login issue</li>
<li><a
href="https://redirect.github.com/okta/okta-oidc-middleware/pull/3">#3</a>
Call <code>res.redirect()</code> after custom
<code>routes.loginCallback.handler</code></li>
<li><a
href="https://redirect.github.com/okta/okta-oidc-middleware/pull/37">#37</a>
fix: <code>.logout</code> no longer throws error without valid
credentials</li>
</ul>
<h1>4.3.0</h1>
<h3>Other</h3>
<ul>
<li>Release after migrating from monorepo</li>
<li></li>
</ul>
<h1>4.2.0</h1>
<h3>Bug Fixes</h3>
<ul>
<li><a
href="https://redirect.github.com/okta/okta-oidc-js/pull/1020">#1020</a>
Fixes issue with UUID returning null</li>
</ul>
<h1>4.1.0</h1>
<h3>Features</h3>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/okta/okta-oidc-middleware/commit/50c093bcbcfd8c67a9d9aa0b4d2f75fb585af184"><code>50c093b</code></a>
chore(deps): upgrade vulnerable dependencies (<a
href="https://redirect.github.com/okta/okta-oidc-middleware/issues/54">#54</a>)</li>
<li><a
href="https://github.com/okta/okta-oidc-middleware/commit/5d10b3ccdd5d6893de4d8b58696094267d30c113"><code>5d10b3c</code></a>
Prevent open redirects (<a
href="https://redirect.github.com/okta/okta-oidc-middleware/issues/53">#53</a>)</li>
<li><a
href="https://github.com/okta/okta-oidc-middleware/commit/fe24bfc12ea0922baa97c166e9684751e5f87ef2"><code>fe24bfc</code></a>
chore: Update dependencies</li>
<li><a
href="https://github.com/okta/okta-oidc-middleware/commit/ebafab491656df01850ef734e5456b0e0aff7712"><code>ebafab4</code></a>
chore: dev dependency upgrades</li>
<li><a
href="https://github.com/okta/okta-oidc-middleware/commit/113e1a3678b46daca51059d23313f541720c027e"><code>113e1a3</code></a>
chore: updates github issue template</li>
<li><a
href="https://github.com/okta/okta-oidc-middleware/commit/a9b6ad22cd3b891ca4dcb2aea03c47dae35e9216"><code>a9b6ad2</code></a>
Merge remote-tracking branch 'origin/4.5' into sw-backport-4.5.1</li>
<li><a
href="https://github.com/okta/okta-oidc-middleware/commit/8b0691cae67e723f3fa5162e26f892a6f2be6c93"><code>8b0691c</code></a>
fix: if appBaseUrl includes a base path</li>
<li><a
href="https://github.com/okta/okta-oidc-middleware/commit/94852df9a84c1b5944912734a80a1128f8c12a11"><code>94852df</code></a>
Releng: Revving up to version(s) 4.6.0 for artifact(s) None</li>
<li><a
href="https://github.com/okta/okta-oidc-middleware/commit/4e1414e6c69b18776705f654c700ce5a8ea79d3f"><code>4e1414e</code></a>
fixes: 'appBaseUrl' option not prepended to login redirect url</li>
<li><a
href="https://github.com/okta/okta-oidc-middleware/commit/9c5e3b0fdc74f73959ebae9a2e1eb36c23df935f"><code>9c5e3b0</code></a>
feat: allow passing <code>loginHint</code> option to
<code>ensureAuthenticated</code></li>
<li>Additional commits viewable in <a
href="https://github.com/okta/okta-oidc-middleware/compare/@okta/oidc-middleware@4.0.1...okta-oidc-middleware-5.0.0">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=@okta/oidc-middleware&package-manager=npm_and_yarn&previous-version=4.0.1&new-version=5.0.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
You can disable automated security fix PRs for this repo from the
[Security Alerts page](https://github.com/fleetdm/fleet/network/alerts).

</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
---
 ee/vulnerability-dashboard/package.json | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/ee/vulnerability-dashboard/package.json b/ee/vulnerability-dashboard/package.json
index a72ab3d351..57364522da 100644
--- a/ee/vulnerability-dashboard/package.json
+++ b/ee/vulnerability-dashboard/package.json
@@ -5,7 +5,7 @@
   "description": "Report and track progress on fixing and prioritizing thousands of installed CVEs.",
   "keywords": [],
   "dependencies": {
-    "@okta/oidc-middleware": "4.0.1",
+    "@okta/oidc-middleware": "5.0.0",
     "@okta/okta-sdk-nodejs": "3.2.0",
     "@sailshq/connect-redis": "^3.2.1",
     "@sailshq/lodash": "^3.10.3",

From 14786afe209a833f20b63a5f8dff6bddb3c985b4 Mon Sep 17 00:00:00 2001
From: Marko Lisica <83164494+marko-lisica@users.noreply.github.com>
Date: Thu, 21 Mar 2024 19:30:48 +0100
Subject: [PATCH 17/54] API design: Increase character limit for saved scripts
 (#16699)

API design for:
#16668

---------

Co-authored-by: Rachael Shaw <r@rachael.wtf>
---
 docs/REST API/rest-api.md | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)

diff --git a/docs/REST API/rest-api.md b/docs/REST API/rest-api.md
index 95d055eef7..7a559879b1 100644
--- a/docs/REST API/rest-api.md	
+++ b/docs/REST API/rest-api.md	
@@ -7461,8 +7461,11 @@ Run a live script and get results back (5 minute timeout). Live scripts only run
 | Name            | Type    | In   | Description                                      |
 | ----            | ------- | ---- | --------------------------------------------     |
 | host_id         | integer | body | **Required**. The host id to run the script on.  |
-| script_id       | integer | body | The ID of the existing saved script to run. Only one of either `script_id` or `script_contents` can be included in the request; omit this parameter if using `script_contents`.  |
-| script_contents | string  | body | The contents of the script to run. Only one of either `script_id` or `script_contents` can be included in the request; omit this parameter if using `script_id`. |
+| script_id       | integer | body | The ID of the existing saved script to run. Only one of either `script_id`, `script_name` or `script_contents` can be included in the request; omit this parameter if using `script_contents` or `script_name`.  |
+| script_contents | string  | body | The contents of the script to run. Only one of either `script_contents`, `script_id` or `script_name` can be included in the request; omit this parameter if using `script_id` or `script_name`. |
+| script_name       | string | body | The name of the existing saved script to run. Only one of either `script_name`, `script_id` or `script_contents` can be included in the request; omit this parameter if using `script_contents` or `script_id`.  |
+| team_id       | integer | body | ID of the team the saved script referenced by `script_name` belongs to. Default: `0` (hosts assigned to "No team") |
+
 
 > Note that if both `script_id` and `script_contents` are included in the request, this endpoint will respond with an error.
 

From 4a0c62613f478a684d1a7d3da0c793ff1836cd0a Mon Sep 17 00:00:00 2001
From: Noah Talerman <47070608+noahtalerman@users.noreply.github.com>
Date: Thu, 21 Mar 2024 14:33:35 -0400
Subject: [PATCH 18/54] API design: See macOS hosts that failed DEP profile
 assignment (#15461) (#16166)

API changes for the "See macOS hosts that failed DEP profile assignment"
(#15461) story
---
 docs/REST API/rest-api.md | 7 ++++---
 1 file changed, 4 insertions(+), 3 deletions(-)

diff --git a/docs/REST API/rest-api.md b/docs/REST API/rest-api.md
index 7a559879b1..8b8ca9c899 100644
--- a/docs/REST API/rest-api.md	
+++ b/docs/REST API/rest-api.md	
@@ -2030,9 +2030,10 @@ If `after` is being used with `created_at` or `updated_at`, the table must be sp
       },
       "mdm": {
         "encryption_key_available": false,
-        "enrollment_status": null,
-        "name": "",
-        "server_url": null
+        "enrollment_status": "Pending",
+        "dep_profile_error": true,
+        "name": "Fleet",
+        "server_url": "https://example.fleetdm.com/mdm/apple/mdm"
       },
       "software": [
         {

From 85209ae758277b497ed7d2bc105893cc77db99ee Mon Sep 17 00:00:00 2001
From: Roberto Dip <me@roperzh.com>
Date: Thu, 21 Mar 2024 15:38:06 -0300
Subject: [PATCH 19/54] document permissions changes for Puppet gitops (#17367)

#15337

---------

Co-authored-by: Rachael Shaw <r@rachael.wtf>
---
 docs/Using Fleet/manage-access.md | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/docs/Using Fleet/manage-access.md b/docs/Using Fleet/manage-access.md
index c073b1a6f9..802c7c36f5 100644
--- a/docs/Using Fleet/manage-access.md	
+++ b/docs/Using Fleet/manage-access.md	
@@ -37,6 +37,7 @@ GitOps is an API-only and write-only role that can be used on CI/CD pipelines.
 | ------------------------------------------------------------------------------------------------------------------------------------------ | -------- | ---------- | ---------- | ----- | ------- |
 | View all [activity](https://fleetdm.com/docs/using-fleet/rest-api#activities)                                                              | ✅       | ✅         | ✅         | ✅    |         |
 | View all hosts                                                                                                                             | ✅       | ✅         | ✅         | ✅    |         |
+| View a host by identifier                                                                                                                  | ✅       | ✅         | ✅         | ✅    | ✅      |
 | Filter hosts using [labels](https://fleetdm.com/docs/using-fleet/rest-api#labels)                                                          | ✅       | ✅         | ✅         | ✅    |         |
 | Target hosts using labels                                                                                                                  | ✅       | ✅         | ✅         | ✅    |         |
 | Add and delete hosts                                                                                                                       |          |            | ✅         | ✅    |         |
@@ -83,6 +84,7 @@ GitOps is an API-only and write-only role that can be used on CI/CD pipelines.
 | View results of MDM commands executed on macOS and Windows hosts\**                                                                        | ✅       | ✅         | ✅         | ✅    |         |
 | Edit [MDM settings](https://fleetdm.com/docs/using-fleet/mdm-macos-settings)                                                               |          |            |            | ✅    | ✅      |
 | Edit [MDM settings for teams](https://fleetdm.com/docs/using-fleet/mdm-macos-settings)                                                     |          |            |            | ✅    | ✅      |
+| View all [MDM settings](https://fleetdm.com/docs/using-fleet/mdm-macos-settings)                                                           |          |            |            | ✅    | ✅      |
 | Upload an EULA file for MDM automatic enrollment\*                                                                                         |          |            |            | ✅    |         |
 | View/download MDM macOS setup assistant\*                                                                                                  |          |            | ✅         | ✅    |         |
 | Edit/upload MDM macOS setup assistant\*                                                                                                    |          |            | ✅         | ✅    | ✅      |
@@ -119,6 +121,7 @@ Users with access to multiple teams can be assigned different roles for each tea
 | **Action**                                                                                                                       | Team observer | Team observer+ | Team maintainer | Team admin | Team GitOps |
 | -------------------------------------------------------------------------------------------------------------------------------- | ------------- | -------------- | --------------- | ---------- | ----------- |
 | View hosts                                                                                                                       | ✅            | ✅             | ✅              | ✅         |             |
+| View a host by identifier                                                                                                        | ✅            | ✅             | ✅              | ✅         | ✅          |
 | Filter hosts using [labels](https://fleetdm.com/docs/using-fleet/rest-api#labels)                                                | ✅            | ✅             | ✅              | ✅         |             |
 | Target hosts using labels                                                                                                        | ✅            | ✅             | ✅              | ✅         |             |
 | Add and delete hosts                                                                                                             |               |                | ✅              | ✅         |             |

From 27a59ed37ceb2845fa7e1ba92bc7a70cb5f2e65b Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Thu, 21 Mar 2024 13:41:49 -0500
Subject: [PATCH 20/54] Bump grunt from 1.0.4 to 1.5.3 in
 /ee/vulnerability-dashboard (#17600)

Bumps [grunt](https://github.com/gruntjs/grunt) from 1.0.4 to 1.5.3.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/gruntjs/grunt/releases">grunt's
releases</a>.</em></p>
<blockquote>
<h2>v1.5.3</h2>
<ul>
<li>Merge pull request <a
href="https://redirect.github.com/gruntjs/grunt/issues/1745">#1745</a>
from gruntjs/fix-copy-op 572d79b</li>
<li>Patch up race condition in symlink copying.  58016ff</li>
<li>Merge pull request <a
href="https://redirect.github.com/gruntjs/grunt/issues/1746">#1746</a>
from JamieSlome/patch-1 0749e1d</li>
<li>Create SECURITY.md  69b7c50</li>
</ul>
<p><a
href="https://github.com/gruntjs/grunt/compare/v1.5.2...v1.5.3">https://github.com/gruntjs/grunt/compare/v1.5.2...v1.5.3</a></p>
<h2>v1.5.2</h2>
<ul>
<li>Update Changelog  7f15fd5</li>
<li>Merge pull request <a
href="https://redirect.github.com/gruntjs/grunt/issues/1743">#1743</a>
from gruntjs/cleanup-link b0ec6e1</li>
<li>Clean up link handling  433f91b</li>
</ul>
<p><a
href="https://github.com/gruntjs/grunt/compare/v1.5.1...v1.5.2">https://github.com/gruntjs/grunt/compare/v1.5.1...v1.5.2</a></p>
<h2>v1.5.1</h2>
<ul>
<li>Merge pull request <a
href="https://redirect.github.com/gruntjs/grunt/issues/1742">#1742</a>
from gruntjs/update-symlink-test ad22608</li>
<li>Fix symlink test  0652305</li>
</ul>
<p><a
href="https://github.com/gruntjs/grunt/compare/v1.5.0...v1.5.1">https://github.com/gruntjs/grunt/compare/v1.5.0...v1.5.1</a></p>
<h2>v1.5.0</h2>
<ul>
<li>Updated changelog  b2b2c2b</li>
<li>Merge pull request <a
href="https://redirect.github.com/gruntjs/grunt/issues/1740">#1740</a>
from gruntjs/update-deps-22-10 3eda6ae</li>
<li>Update testing matrix  47d32de</li>
<li>More updates  2e9161c</li>
<li>Remove console log  04b960e</li>
<li>Update dependencies, tests...  aad3d45</li>
<li>Merge pull request <a
href="https://redirect.github.com/gruntjs/grunt/issues/1736">#1736</a>
from justlep/main fdc7056</li>
<li>support .cjs extension  e35fe54</li>
</ul>
<p><a
href="https://github.com/gruntjs/grunt/compare/v1.4.1...v1.5.0">https://github.com/gruntjs/grunt/compare/v1.4.1...v1.5.0</a></p>
<h2>v1.4.1</h2>
<ul>
<li>Update Changelog  e7625e5</li>
<li>Merge pull request <a
href="https://redirect.github.com/gruntjs/grunt/issues/1731">#1731</a>
from gruntjs/update-options 5d67e34</li>
<li>Fix ci install  d13bf88</li>
<li>Switch to Actions  08896ae</li>
<li>Update grunt-known-options  eee0673</li>
<li>Add note about a breaking change  1b6e288</li>
</ul>
<p><a
href="https://github.com/gruntjs/grunt/compare/v1.4.0...v1.4.1">https://github.com/gruntjs/grunt/compare/v1.4.0...v1.4.1</a></p>
<h2>v1.4.0</h2>
<ul>
<li>Merge pull request <a
href="https://redirect.github.com/gruntjs/grunt/issues/1728">#1728</a>
from gruntjs/update-deps-changelog 63b2e89</li>
<li>Update changelog and util dep  106ed17</li>
<li>Merge pull request <a
href="https://redirect.github.com/gruntjs/grunt/issues/1727">#1727</a>
from gruntjs/update-deps-apr 49de70b</li>
<li>Update CLI and nodeunit  47cf8b6</li>
<li>Merge pull request <a
href="https://redirect.github.com/gruntjs/grunt/issues/1722">#1722</a>
from gruntjs/update-through e86db1c</li>
<li>Update deps  4952368</li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/gruntjs/grunt/blob/main/CHANGELOG">grunt's
changelog</a>.</em></p>
<blockquote>
<p>v1.5.3
date: 2022-04-23
changes:
- Patch up race condition in symlink copying.
v1.5.2
date: 2022-04-12
changes:
- Unlink symlinks when copy destination is a symlink.
v1.5.1
date: 2022-04-11
changes:
- Fixed symlink destination handling.
v1.5.0
date: 2022-04-10
changes:
- Updated dependencies.
- Add symlink handling for copying files.
v1.4.1
date: 2021-05-24
changes:
- Fix --preload option to be a known option
- Switch to GitHub Actions
v1.4.0
date: 2021-04-21
changes:
- Security fixes in production and dev dependencies
- Liftup/Liftoff upgrade breaking change. Update your scripts to use
--preload instead of --require. Ref: <a
href="https://github.com/js-cli/js-liftoff/commit/e7a969d6706e730d90abb4e24d3cb4d3bce06ddb">https://github.com/js-cli/js-liftoff/commit/e7a969d6706e730d90abb4e24d3cb4d3bce06ddb</a>.
v1.3.0
date: 2020-08-18
changes:
- Switch to use <code>safeLoad</code> for loading YML files via
<code>file.readYAML</code>.
- Upgrade legacy-log to ~3.0.0.
- Upgrade legacy-util to ~2.0.0.
v1.2.1
date: 2020-07-07
changes:
- Remove path-is-absolute dependency.
(PR: <a
href="https://redirect.github.com/gruntjs/grunt/pull/1715">gruntjs/grunt#1715</a>)
v1.2.0
date: 2020-07-03
changes:
- Allow usage of grunt plugins that are located in any location that
is visible to Node.js and NPM, instead of node_modules directly
inside package that have a dev dependency to these plugins.
(PR: <a
href="https://redirect.github.com/gruntjs/grunt/pull/1677">gruntjs/grunt#1677</a>)
- Removed coffeescript from dependencies. To ease transition, if
coffeescript is still around, Grunt will attempt to load it.
If it is not, and the user loads a CoffeeScript file,
Grunt will print a useful error indicating that the
coffeescript package should be installed as a dev dependency.</p>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/gruntjs/grunt/commit/82d79b803798f2a5f19662df9e12bef977dfa189"><code>82d79b8</code></a>
1.5.3</li>
<li><a
href="https://github.com/gruntjs/grunt/commit/572d79b08767dd22ecc162b8d41825f9f8238fef"><code>572d79b</code></a>
Merge pull request <a
href="https://redirect.github.com/gruntjs/grunt/issues/1745">#1745</a>
from gruntjs/fix-copy-op</li>
<li><a
href="https://github.com/gruntjs/grunt/commit/58016ffac5ed9338b63ecc2a63710f5027362bae"><code>58016ff</code></a>
Patch up race condition in symlink copying.</li>
<li><a
href="https://github.com/gruntjs/grunt/commit/0749e1da0d8f88c5137c4eb4e9531e1b7498760e"><code>0749e1d</code></a>
Merge pull request <a
href="https://redirect.github.com/gruntjs/grunt/issues/1746">#1746</a>
from JamieSlome/patch-1</li>
<li><a
href="https://github.com/gruntjs/grunt/commit/69b7c506cbf430e06bfe1a81050351e607c30380"><code>69b7c50</code></a>
Create SECURITY.md</li>
<li><a
href="https://github.com/gruntjs/grunt/commit/ac667b24cabfff77cf769f9dbf9ddba9576b3dc2"><code>ac667b2</code></a>
1.5.2</li>
<li><a
href="https://github.com/gruntjs/grunt/commit/7f15fd5ad9fb33ca0fe4680af7bce84d69deb673"><code>7f15fd5</code></a>
Update Changelog</li>
<li><a
href="https://github.com/gruntjs/grunt/commit/b0ec6e12426fc8d5720dee1702f6a67455c5986c"><code>b0ec6e1</code></a>
Merge pull request <a
href="https://redirect.github.com/gruntjs/grunt/issues/1743">#1743</a>
from gruntjs/cleanup-link</li>
<li><a
href="https://github.com/gruntjs/grunt/commit/433f91b78df99d83daa6f56a5505ead743627c30"><code>433f91b</code></a>
Clean up link handling</li>
<li><a
href="https://github.com/gruntjs/grunt/commit/d5969eccf2493c2c579c55a617c70cab48dc12d3"><code>d5969ec</code></a>
1.5.1</li>
<li>Additional commits viewable in <a
href="https://github.com/gruntjs/grunt/compare/v1.0.4...v1.5.3">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=grunt&package-manager=npm_and_yarn&previous-version=1.0.4&new-version=1.5.3)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
You can disable automated security fix PRs for this repo from the
[Security Alerts page](https://github.com/fleetdm/fleet/network/alerts).

</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
---
 ee/vulnerability-dashboard/package.json | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/ee/vulnerability-dashboard/package.json b/ee/vulnerability-dashboard/package.json
index 57364522da..f54c10bde6 100644
--- a/ee/vulnerability-dashboard/package.json
+++ b/ee/vulnerability-dashboard/package.json
@@ -21,7 +21,7 @@
   },
   "devDependencies": {
     "eslint": "5.16.0",
-    "grunt": "1.0.4",
+    "grunt": "1.5.3",
     "htmlhint": "0.11.0",
     "lesshint": "6.3.6",
     "sails-hook-grunt": "^5.0.0",

From f018f68e46f55267120fe74a2f1162c8c794cc4b Mon Sep 17 00:00:00 2001
From: Katheryn Satterlee <kathy@fleetdm.com>
Date: Thu, 21 Mar 2024 13:50:18 -0500
Subject: [PATCH 21/54] Update script execution documentation (#17147)

Removed reference to **Scripts** tab and added instructions for
accessing the **Run Script** modal from the host detail page.

# Checklist for submitter

Docs-only change

---------

Co-authored-by: Brock Walters <153771548+nonpunctual@users.noreply.github.com>
Co-authored-by: Rachael Shaw <r@rachael.wtf>
---
 docs/Using Fleet/Scripts.md | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/docs/Using Fleet/Scripts.md b/docs/Using Fleet/Scripts.md
index 5ed888688b..64b9957fff 100644
--- a/docs/Using Fleet/Scripts.md	
+++ b/docs/Using Fleet/Scripts.md	
@@ -30,7 +30,11 @@ Fleet UI:
 
 2. Head to the **Hosts** page and select the host you want to run the script on.
 
-3. On your target host's host details page, select the **Scripts** tab and select **Actions** to run the script.
+3. On your target host's host details page, select the **Actions** dropdown and select **Run Script** to view the **Run Script** menu.
+   
+4. In the **Run Script** menu, select the **Actions** dropdown for the script you'd like to execute and choose the **Run** option.
+
+Scripts run from the Fleet UI will run the next time your host checks in with Fleet. You can view the status of the script execution as well as the output in the target host's activity feed.
 
 Fleet API: API documentation is [here](https://fleetdm.com/docs/rest-api/rest-api#run-script)
 

From 8ed8f3daa7e3e24a5df5e246f5cecb6922aadb16 Mon Sep 17 00:00:00 2001
From: Jacob Thorne <jacobaaronthorne@gmail.com>
Date: Thu, 21 Mar 2024 19:59:45 +0100
Subject: [PATCH 22/54] Fix Incorrect Helm Chart Keys in MySQL Installation
 Documentation (#17160)

This PR addresses an issue in the documentation for installing the MySQL
chart using Helm. Previously, the documentation provided a Helm install
command that incorrectly referenced mysqlUser and mysqlDatabase.
However, these keys don't exist in the chart's values.yaml file anymore.
---
 docs/Deploy/Deploy-Fleet-on-Kubernetes.md | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/docs/Deploy/Deploy-Fleet-on-Kubernetes.md b/docs/Deploy/Deploy-Fleet-on-Kubernetes.md
index c8a6204ec0..2d35599853 100644
--- a/docs/Deploy/Deploy-Fleet-on-Kubernetes.md
+++ b/docs/Deploy/Deploy-Fleet-on-Kubernetes.md
@@ -57,14 +57,14 @@ Helm v2
 ```sh
 helm install \
   --name fleet-database \
-  --set mysqlUser=fleet,mysqlDatabase=fleet \
+  --set auth.username=fleet,auth.database=fleet \
   oci://registry-1.docker.io/bitnamicharts/mysql
 ```
 
 Helm v3
 ```sh
 helm install fleet-database \
-  --set mysqlUser=fleet,mysqlDatabase=fleet \
+  --set auth.username=fleet,auth.database=fleet \
   oci://registry-1.docker.io/bitnamicharts/mysql 
 ```
 

From bd3e775e67dbc72a24723e4ab6af3268d9af6b3a Mon Sep 17 00:00:00 2001
From: Dante Catalfamo <43040593+dantecatalfamo@users.noreply.github.com>
Date: Thu, 21 Mar 2024 15:09:05 -0400
Subject: [PATCH 23/54] Windows MDM Fix Manual Detection (#17721)

#15565

Replace the use of the isFederated registry key with a keys that check
for AAD (Azure Active Directory, now Entra ID)

Federated enrollment (`isFederated`) seems to be when windows uses a
Discovery MDM endpoint to get its policy and management endpoint
configuration. This is always the case when a client is enrolled with
fleet, so installations always show up as automatic.

It's being replaced by a different key, `AADResourceID`, which appears
to identify the resource that controls the automated deployment. In my
tests it only appears to be populated when the computer is enrolled
through automated deployments. This key appears on both Windows 10 and
11.

There is a similar key, `AADTenantID`, which appears to identify the
client (tenant) to the Azure cloud. I haven't seen this ID in our
systems, so it is likely exclusively used in Azure. Both this key and
`AADResourceID` seem to always be set at the same time, so we only
check for the `AADResourceID`.

I've also added documentation on the registry keys I've analyzed for future reference.
---
 changes/15565-windows-automatic-enrollment    |  1 +
 cmd/osquery-perf/agent.go                     |  4 +-
 .../windows-mdm-glossary-and-protocol.md      | 84 ++++++++++++++++++-
 docs/Using Fleet/Understanding-host-vitals.md |  8 +-
 server/service/osquery_utils/queries.go       |  8 +-
 server/service/osquery_utils/queries_test.go  | 24 +++---
 6 files changed, 106 insertions(+), 23 deletions(-)
 create mode 100644 changes/15565-windows-automatic-enrollment

diff --git a/changes/15565-windows-automatic-enrollment b/changes/15565-windows-automatic-enrollment
new file mode 100644
index 0000000000..a89e709468
--- /dev/null
+++ b/changes/15565-windows-automatic-enrollment
@@ -0,0 +1 @@
+- Fix a bug where all Windows MDM enrollments were detected as automatic
diff --git a/cmd/osquery-perf/agent.go b/cmd/osquery-perf/agent.go
index 719b59b23c..756f6f0cd5 100644
--- a/cmd/osquery-perf/agent.go
+++ b/cmd/osquery-perf/agent.go
@@ -1514,12 +1514,12 @@ func (a *agent) mdmWindows() []map[string]string {
 	if !a.mdmEnrolled() {
 		return []map[string]string{
 			// empty service url means not enrolled
-			{"is_federated": "0", "discovery_service_url": "", "provider_id": "", "installation_type": "Client"},
+			{"aad_resource_id": "", "discovery_service_url": "", "provider_id": "", "installation_type": "Client"},
 		}
 	}
 	return []map[string]string{
 		{
-			"is_federated":          "0",
+			"aad_resource_id":       "",
 			"discovery_service_url": a.serverAddress,
 			"provider_id":           fleet.WellKnownMDMFleet,
 			"installation_type":     "Client",
diff --git a/docs/Contributing/windows-mdm-glossary-and-protocol.md b/docs/Contributing/windows-mdm-glossary-and-protocol.md
index 03d5283a48..94dc6095db 100644
--- a/docs/Contributing/windows-mdm-glossary-and-protocol.md
+++ b/docs/Contributing/windows-mdm-glossary-and-protocol.md
@@ -57,6 +57,88 @@ The certificate created through the WSTEP process is used to authenticate mTLS b
 
 https://learn.microsoft.com/en-us/openspecs/windows_protocols/ms-mdm/33769a92-ac31-47ef-ae7b-dc8501f7104f
 
+## MDM Device Registration Summary
+
+https://learn.microsoft.com/en-us/openspecs/windows_protocols/ms-dvrd/296ebf70-bd4b-489e-a531-460d8ef7519b
+
+# Registry
+
+- `HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Enrollments\`
+  Each enrollment gets its own subdirectory with a UUID as a key,
+  inside each directory is a set of keys associated with that enrollment
+  - `CurCryptoProvider`
+     Often `Microsoft Software Key Storage Provider`
+     Cryptographic Key storage provider
+  - `CurKeyContainer`
+    Key within key provider
+  - `DiscoveryServiceFullURL`
+    MDM Discovery service URL
+  - `DMPCertThumbPrint`
+    According to [this blog post](https://call4cloud.nl/2022/10/fullmetal-certificate-the-revenge-of-renewal/), this is the thumbprint of your MDM device certificate
+  - `EnrollmentFlags`
+    See [this link](https://learn.microsoft.com/en-us/openspecs/windows_protocols/ms-xcep/cd22d3a0-f469-4a44-95ed-d10ce4dc2063) for details
+
+    | Integer value | Meaning                                                                                                                                                                                                                                                                                        |
+    |---------------|------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
+    | 0x00000001    | Instructs the client and CA to include an S/MIME extension, as specified in [RFC4262].                                                                                                                                                                                                         |
+    | 0x00000008    | Instructs the CA to append the issued certificate to the userCertificate attribute, on the user object in Active Directory.                                                                                                                                                                    |
+    | 0x00000010    | Instructs the CA to check the user's userCertificate attribute in Active Directory, as specified in [RFC4523], for valid certificates that match the template enrolled for.                                                                                                                    |
+    | 0x00000040    | This flag instructs clients to sign the renewal request using the private key of the existing certificate. For more information, see [MS-WCCE] section 3.2.2.6.2.1.4.5.6. This flag also instructs the CA to process the renewal requests as specified in [MS-WCCE] section 3.2.2.6.2.1.4.5.6. |
+    | 0x00000100    | Instructs the client to get a user's consent before attempting to enroll for a certificate based on the specified template.                                                                                                                                                                    |
+    | 0x00000400    | Instructs the client to delete any expired, revoked, or renewed certificate from the user's certificate stores.                                                                                                                                                                                |
+    | 0x00002000    | This flag instructs the client to reuse the private key for a smart card–based certificate renewal if it is unable to create a new private key on the card.                                                                                                                                    |
+  - `EnrollmentState`
+    The best documentation we can find is [here](https://learn.microsoft.com/en-us/graph/api/resources/intune-shared-enrollmentstate?view=graph-rest-beta)
+
+    | Member       | Value | Description                                                                                                        |
+    |--------------|-------|--------------------------------------------------------------------------------------------------------------------|
+    | unknown      | 0     | Device enrollment state is unknown                                                                                 |
+    | enrolled     | 1     | Device is Enrolled.                                                                                                |
+    | pendingReset | 2     | Enrolled but it's enrolled via enrollment profile and the enrolled profile is different from the assigned profile. |
+    | failed       | 3     | Not enrolled and there is enrollment failure record.                                                               |
+    | notContacted | 4     | Device is imported but not enrolled.                                                                               |
+    | blocked      | 5     | Device is enrolled as userless, but is blocked from moving to user enrollment because the app failed to install.   |
+
+  - `EnrollmentType`
+    According to [this PDF](https://winprotocoldoc.blob.core.windows.net/productionwindowsarchives/MS-MDE2/%5BMS-MDE2%5D.pdf) it can have three different values.
+
+    Device, Full, and AppManaged
+
+    From what I've seen, value 6 on AAD, 1 on manual
+  - `isFederated`
+    According to [this web page](https://learn.microsoft.com/en-us/windows/client-management/federated-authentication-device-enrollment), being federated means that the MDM
+    endpoints and details were fetched from a Discovery endpoint,
+    instead of being manually installed. The page does not make mention
+    of the specific registry key, but we are making an assumption that
+    it means the same thing.
+  - `ProviderID`
+    Set during enrollment. In our case it's the word "Fleet".
+  - `RenewalPeriod`
+    Set during enrollment. Period to renew WSTEP certificate.
+  - `RenewErrorCode`
+    Presumably set if there is an error renewing WSTEP certificate.
+  - `RenewROBOSupport`
+    According to [this post](https://call4cloud.nl/2022/10/fullmetal-certificate-the-revenge-of-renewal/) this means "Request On Behalf Of". 
+    It seems to have to do with automatic certificate renewal
+  - `RenewStatus`
+    Status of the renewal
+  - `RenewTimestamp`
+    Presumably the timestamp of the last renewal
+  - `RootCertThumbPrint`
+    The thumbprint of the WSTEP root certificate
+  - `SID`
+    Security Identifier
+  - `UPN`
+    User Principal Name of the user that enrolled the device
+  - `AADResourceID`
+    Appears to be the domain of the server managing the enrollment,
+    always appears to be present on machines enrolled through Microsoft
+    Entra (Azure Active Directory)
+  - `AADTenantID`
+    Also related to Azure Active Directory, and also appears to be
+    present at the same time as AADResourceID.
+- `HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Provisioning\Diagnostics\AutoPilot`
+  Autopilot provisioning diagnostic data
 
 
-<meta name="pageOrderInSection" value="2900">
\ No newline at end of file
+<meta name="pageOrderInSection" value="2900">
diff --git a/docs/Using Fleet/Understanding-host-vitals.md b/docs/Using Fleet/Understanding-host-vitals.md
index 10cc3f8548..47dca9f92c 100644
--- a/docs/Using Fleet/Understanding-host-vitals.md	
+++ b/docs/Using Fleet/Understanding-host-vitals.md	
@@ -176,10 +176,10 @@ WITH registry_keys AS (
                     enrollment_info AS (
                         SELECT
                             MAX(CASE WHEN name = 'UPN' THEN data END) AS upn,
-                            MAX(CASE WHEN name = 'IsFederated' THEN data END) AS is_federated,
                             MAX(CASE WHEN name = 'DiscoveryServiceFullURL' THEN data END) AS discovery_service_url,
                             MAX(CASE WHEN name = 'ProviderID' THEN data END) AS provider_id,
-                            MAX(CASE WHEN name = 'EnrollmentState' THEN data END) AS state
+                            MAX(CASE WHEN name = 'EnrollmentState' THEN data END) AS state,
+                            MAX(CASE WHEN name = 'AADResourceID' THEN data END) AS aad_resource_id
                         FROM registry_keys
                         GROUP BY key
                     ),
@@ -190,7 +190,7 @@ WITH registry_keys AS (
                         LIMIT 1
                     )
                     SELECT
-                        e.is_federated,
+                        e.aad_resource_id,
                         e.discovery_service_url,
                         e.provider_id,
                         i.installation_type
@@ -374,7 +374,7 @@ SELECT * FROM os_version LIMIT 1
 - Query:
 ```sql
 SELECT os.name, r.data as display_version, k.version
-		FROM 
+		FROM
 			registry r,
 			os_version os,
 			kernel_info k
diff --git a/server/service/osquery_utils/queries.go b/server/service/osquery_utils/queries.go
index 27ec3932db..030294f5ed 100644
--- a/server/service/osquery_utils/queries.go
+++ b/server/service/osquery_utils/queries.go
@@ -473,10 +473,10 @@ var extraDetailQueries = map[string]DetailQuery{
                     enrollment_info AS (
                         SELECT
                             MAX(CASE WHEN name = 'UPN' THEN data END) AS upn,
-                            MAX(CASE WHEN name = 'IsFederated' THEN data END) AS is_federated,
                             MAX(CASE WHEN name = 'DiscoveryServiceFullURL' THEN data END) AS discovery_service_url,
                             MAX(CASE WHEN name = 'ProviderID' THEN data END) AS provider_id,
-                            MAX(CASE WHEN name = 'EnrollmentState' THEN data END) AS state
+                            MAX(CASE WHEN name = 'EnrollmentState' THEN data END) AS state,
+                            MAX(CASE WHEN name = 'AADResourceID' THEN data END) AS aad_resource_id
                         FROM registry_keys
                         GROUP BY key
                     ),
@@ -487,7 +487,7 @@ var extraDetailQueries = map[string]DetailQuery{
                         LIMIT 1
                     )
                     SELECT
-                        e.is_federated,
+                        e.aad_resource_id,
                         e.discovery_service_url,
                         e.provider_id,
                         i.installation_type
@@ -1612,7 +1612,7 @@ func directIngestMDMWindows(ctx context.Context, logger log.Logger, host *fleet.
 	serverURL := data["discovery_service_url"]
 	if serverURL != "" {
 		enrolled = true
-		if isFederated := data["is_federated"]; isFederated == "1" {
+		if data["aad_resource_id"] != "" {
 			// NOTE: We intentionally nest this condition to eliminate `enrolled == false && automatic == true`
 			// as a possible status for Windows hosts (which would be otherwise be categorized as
 			// "Pending"). Currently, the "Pending" status is supported only for macOS hosts.
diff --git a/server/service/osquery_utils/queries_test.go b/server/service/osquery_utils/queries_test.go
index 022c00aa7d..4a6da7a2ad 100644
--- a/server/service/osquery_utils/queries_test.go
+++ b/server/service/osquery_utils/queries_test.go
@@ -692,7 +692,7 @@ func TestDirectIngestMDMWindows(t *testing.T) {
 			data: []map[string]string{
 				{
 					"discovery_service_url": "",
-					"is_federated":          "1",
+					"aad_resource_id":       "https://example.com",
 					"provider_id":           "Some_ID",
 					"installation_type":     "Client",
 				},
@@ -703,7 +703,7 @@ func TestDirectIngestMDMWindows(t *testing.T) {
 			wantServerURL:        "",
 		},
 		{
-			name: "off missing is_federated and server url",
+			name: "off missing aad_resource_id and server url",
 			data: []map[string]string{
 				{
 					"provider_id":       "Some_ID",
@@ -728,7 +728,7 @@ func TestDirectIngestMDMWindows(t *testing.T) {
 			data: []map[string]string{
 				{
 					"discovery_service_url": "https://example.com",
-					"is_federated":          "1",
+					"aad_resource_id":       "https://example.com",
 					"provider_id":           "Some_ID",
 					"installation_type":     "Client",
 				},
@@ -743,7 +743,7 @@ func TestDirectIngestMDMWindows(t *testing.T) {
 			data: []map[string]string{
 				{
 					"discovery_service_url": "https://example.com",
-					"is_federated":          "0",
+					"aad_resource_id":       "",
 					"provider_id":           "Local_Management",
 					"installation_type":     "Client",
 				},
@@ -754,7 +754,7 @@ func TestDirectIngestMDMWindows(t *testing.T) {
 			wantServerURL:        "https://example.com",
 		},
 		{
-			name: "on manual missing is_federated",
+			name: "on manual missing aad_resource_id",
 			data: []map[string]string{
 				{
 					"discovery_service_url": "https://example.com",
@@ -772,7 +772,7 @@ func TestDirectIngestMDMWindows(t *testing.T) {
 			data: []map[string]string{
 				{
 					"discovery_service_url": "https://example.com",
-					"is_federated":          "1",
+					"aad_resource_id":       "https://example.com",
 					"provider_id":           "Some_ID",
 					"installation_type":     "Windows SeRvEr 99.9",
 				},
@@ -790,7 +790,7 @@ func TestDirectIngestMDMWindows(t *testing.T) {
 			data: []map[string]string{
 				{
 					"discovery_service_url": "https://jumpcloud.com",
-					"is_federated":          "0",
+					"aad_resource_id":       "",
 					"provider_id":           "Local_Management",
 					"installation_type":     "Client",
 				},
@@ -806,7 +806,7 @@ func TestDirectIngestMDMWindows(t *testing.T) {
 			data: []map[string]string{
 				{
 					"discovery_service_url": "https://airwatch.com",
-					"is_federated":          "0",
+					"aad_resource_id":       "",
 					"provider_id":           "Local_Management",
 					"installation_type":     "Client",
 				},
@@ -822,7 +822,7 @@ func TestDirectIngestMDMWindows(t *testing.T) {
 			data: []map[string]string{
 				{
 					"discovery_service_url": "https://awmdm.com",
-					"is_federated":          "0",
+					"aad_resource_id":       "",
 					"provider_id":           "Local_Management",
 					"installation_type":     "Client",
 				},
@@ -838,7 +838,7 @@ func TestDirectIngestMDMWindows(t *testing.T) {
 			data: []map[string]string{
 				{
 					"discovery_service_url": "https://microsoft.com",
-					"is_federated":          "0",
+					"aad_resource_id":       "",
 					"provider_id":           "Local_Management",
 					"installation_type":     "Client",
 				},
@@ -854,7 +854,7 @@ func TestDirectIngestMDMWindows(t *testing.T) {
 			data: []map[string]string{
 				{
 					"discovery_service_url": "https://fleetdm.com",
-					"is_federated":          "0",
+					"aad_resource_id":       "",
 					"provider_id":           "Local_Management",
 					"installation_type":     "Client",
 				},
@@ -871,7 +871,7 @@ func TestDirectIngestMDMWindows(t *testing.T) {
 			data: []map[string]string{
 				{
 					"discovery_service_url": "https://myinstall.local",
-					"is_federated":          "0",
+					"aad_resource_id":       "",
 					"provider_id":           "Fleet",
 					"installation_type":     "Client",
 				},

From 9a91dad2a4057823670dbcd4530536dd2850342b Mon Sep 17 00:00:00 2001
From: Sam Pfluger <108141731+Sampfluger88@users.noreply.github.com>
Date: Thu, 21 Mar 2024 14:16:54 -0500
Subject: [PATCH 24/54] Added writing principles (#17392)

---
 handbook/company/communications.md | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/handbook/company/communications.md b/handbook/company/communications.md
index c0f6a7afcd..86b100c5bc 100644
--- a/handbook/company/communications.md
+++ b/handbook/company/communications.md
@@ -712,7 +712,9 @@ Learn how to communicate as Fleet with guidelines for tone of voice, our approac
   - Infuse the core [values](https://fleetdm.com/handbook/company#values) into everything you write. 
   - Read and reread, then rewrite to make it shorter. Use links rather than explanations, short sentences. 
   - Get to where you feel like it’s really good, short, simple, and clear, hack away at any word that’s too confusing. 
-  - Don’t sound formal, sound welcoming so that anyone can understand. Translate "[puffery](https://www.linkedin.com/pulse/puffery-adam-frankl%3FtrackingId=SBVWxzqXTBm9qlO7Rw3ddw%253D%253D/?trackingId=SBVWxzqXTBm9qlO7Rw3ddw%3D%3D)" into "ease of use" or "readability". 
+  - Don’t sound formal, sound welcoming so that anyone can understand. Translate "[puffery](https://www.linkedin.com/pulse/puffery-adam-frankl%3FtrackingId=SBVWxzqXTBm9qlO7Rw3ddw%253D%253D/?trackingId=SBVWxzqXTBm9qlO7Rw3ddw%3D%3D)" into "ease of use" or "readability".
+    - Disarm puffery for engineers by replacing puffery with real data.
+    - Disarm puffery for the business by replacing puffery with ROI/RTO  (how much time and/or money is it going save the business?  Forget the details.  When will it pay itself back?)
   - Apply the advice about writing linked from the company values (the [Paul Graham](http://www.paulgraham.com/simply.html) essays). 
   - Create headings that make good permalinks, use links and add missing links. Indicate links by highlighting words that describe the content (Better SEO than lighting up “click here”). 
   - Don’t duplicate content, link to other places like the [values](https://fleetdm.com/handbook/company#values) or [“why this way”](https://fleetdm.com/handbook/company/why-this-way#why-this-way), but don’t make it awkward. 

From f287d23cf706ca48306074dd8d345eee88a42bcb Mon Sep 17 00:00:00 2001
From: George Karr <georgekarrv@users.noreply.github.com>
Date: Thu, 21 Mar 2024 14:30:39 -0500
Subject: [PATCH 25/54] Adding a script to automate patch / minor releases
 (#17198)

This script was used to generate 4.45.1 and 4.46.0.

Workflow is tag issues with correct milestone, run `./patch_release.sh`
(with -m for release with more than bugfixes)

---------

Co-authored-by: George Karr <gkarr@xerithas-mac.local>
---
 tools/release/patch_release.sh | 659 +++++++++++++++++++++++++++++++++
 1 file changed, 659 insertions(+)
 create mode 100755 tools/release/patch_release.sh

diff --git a/tools/release/patch_release.sh b/tools/release/patch_release.sh
new file mode 100755
index 0000000000..30e61662b8
--- /dev/null
+++ b/tools/release/patch_release.sh
@@ -0,0 +1,659 @@
+#!/usr/bin/env bash
+
+#                                                                                                     
+#                                                      ,::;;,                                         
+#                                                  ,:;;;:,,;:                                         
+#                                              ,::;;+: ,:;;:                                          
+#                                            ,;;;:,,++;;:,                                            
+#                                           :;;;::++:,                                                
+#                                           ++:,  ,;:                                                 
+#            ,,                            ,;:     ::+;:::  ,,,                                       
+#         ,:;::;:                          :::     ,:,;:,*;;;;+,,,,::,,,                              
+#         ;:    :+:                       ,;:,      ,:++;;:;**;++::::::;;;;:,                         
+#         ,;  ,::,:;:,                    :,:        :,;;+*+;, ::        :;:;;:,                      
+#          ,;:;,    :;:,                 ,;:*:       ,::?*:    :: ,,,,  ,:::::;++;;:::::,,            
+#           :;        :;:,               ,;+;       ,:;;;   ,::;;;::::::;;:,,,,:+,,,,,:::;;::,        
+#            ;,         ,;:,              :+,    ,:;;,  ;::;:,,,::      ::    :;          ,;?+        
+#            ,;,          ,;:,           ,;:   ,:;:,    ,+;,    ::,     ::,,:;:    ,,,::;;;+;         
+#             ,;            ,+;,         :::,:;++,        :;;;;;;;;;;;;;;+;;;::;;;;;::,,:;:,          
+#              ::          ,;:,;;,      ,;;;:,:+, ,,:          ,,:::;;;;;;**;,,,,    ,:;:,            
+#               ::       ,;:,   ,;;,   ,;;:,     :;;:,    ,,::::,,:;:,,  ;+*+    ,:;;;,               
+#                ;,    ,::,       ,:;;;:,        ::;,:,,::::,  ,:;:      ,++:,::;;:,                  
+#                ,;,  :;,        ,:;++,          ::+:;:,,    :;:,        ,:;;;:,                      
+#                 ,;,;:       ,:;++:,          ,:;++;,    ,;+:,      ,:;;;:,                          
+#                  :;     ,,:;+;:,          ,:::,,,,,,, :;;+;    ,:;;::,                              
+#                   ;:   :;+;:,          ,:::,    ,;+;;;:::;;,:;;::,                                  
+#                   ;;,;*+:,,:,       ,:::,      ,;, ,;: :,++:,,                                      
+#                  :;:*;:   :;,     ,::,        ,:,  ::, ::;                                          
+#                ,:+:,      ::    ,::          ,:,  ;:  ,;;                                           
+#               ,;,   ,,,:  ;;,,,;; ,;;       ,:, ,;:,:+;, ,,,,,                                      
+#                ;::;;;::*;:;;;:::;;++,      ,:, ,+;;::;+;;;:::;+,                                    
+#                +;,    :?;;:::,   ,+,      ,:, :;,,,:;;:,     :;                                     
+#               ,+,     :+,,,,,;,,,;;      ,:, ;+;;;:;;      ,;;                                      
+#               :;     :;      ,::;+,     ,:,,;:,,,  ::  ,,:;;,                                       
+#               ;:    :;          ;;     ,:  ++;+;; ,;+;;;::,                                         
+#              ,;,   ::          :;:    ,:  ::,,,::+?*+;:                                             
+#              :;   ::          ;::,   ,: ,;:,:;;:,;;:*+;                                             
+#             ,;:  ::          ,: :   ,: :;,;:,    :+;+,                                              
+#             ,;, ;:           ;,,:  ,:,;+ ,:     ,;+:                                                
+#             ;;;;:           ,: :, ,;:*++;;;+++**+:                                                  
+#             ;:,,            ;, ;:;+::,, ,:;+:::+;                                                   
+#                            ,:,;;:,  ,,:;;::::;;:                                                    
+#                            +;:,,,:;;;;;;;;::,                                                       
+#                           ;?+;;;:,:;;::,                                                            
+#                           ,,,+;,,:;                                                                 
+#                               :;::,                                                                 
+#                                                                                                     
+#                                                                                                     
+#  /$$$$$$$$ /$$       /$$$$$$$$ /$$$$$$$$ /$$$$$$$$       /$$$$$$$   /$$$$$$  /$$$$$$$$ /$$$$$$  /$$   /$$
+# | $$_____/| $$      | $$_____/| $$_____/|__  $$__/      | $$__  $$ /$$__  $$|__  $$__//$$__  $$| $$  | $$
+# | $$      | $$      | $$      | $$         | $$         | $$  \ $$| $$  \ $$   | $$  | $$  \__/| $$  | $$
+# | $$$$$   | $$      | $$$$$   | $$$$$      | $$         | $$$$$$$/| $$$$$$$$   | $$  | $$      | $$$$$$$$
+# | $$__/   | $$      | $$__/   | $$__/      | $$         | $$____/ | $$__  $$   | $$  | $$      | $$__  $$
+# | $$      | $$      | $$      | $$         | $$         | $$      | $$  | $$   | $$  | $$    $$| $$  | $$
+# | $$      | $$$$$$$$| $$$$$$$$| $$$$$$$$   | $$         | $$      | $$  | $$   | $$  |  $$$$$$/| $$  | $$
+# |__/      |________/|________/|________/   |__/         |__/      |__/  |__/   |__/   \______/ |__/  |__/
+#
+# /$$$$$$$  /$$$$$$$$ /$$       /$$$$$$$$  /$$$$$$   /$$$$$$  /$$$$$$$$ /$$$$$$$
+# | $$__  $$| $$_____/| $$      | $$_____/ /$$__  $$ /$$__  $$| $$_____/| $$__  $$
+# | $$  \ $$| $$      | $$      | $$      | $$  \ $$| $$  \__/| $$      | $$  \ $$
+# | $$$$$$$/| $$$$$   | $$      | $$$$$   | $$$$$$$$|  $$$$$$ | $$$$$   | $$$$$$$/
+# | $$__  $$| $$__/   | $$      | $$__/   | $$__  $$ \____  $$| $$__/   | $$__  $$
+# | $$  \ $$| $$      | $$      | $$      | $$  | $$ /$$  \ $$| $$      | $$  \ $$
+# | $$  | $$| $$$$$$$$| $$$$$$$$| $$$$$$$$| $$  | $$|  $$$$$$/| $$$$$$$$| $$  | $$
+# |__/  |__/|________/|________/|________/|__/  |__/ \______/ |________/|__/  |__/
+#
+
+usage() {
+    echo "Usage: $0 [options] (optional|start_version)"
+    echo ""
+    echo "Options:"
+    echo "  -c, --cherry_pick_resolved The script has been run, had merge conflicts, and those have been resolved and all cherry picks completed manually."
+    echo "  -d, --dry_run          Perform a trial run with no changes made"
+    echo "  -f, --force            Skip all confirmations"
+    echo "  -h, --help             Display this help message and exit"
+    echo "  -m, --minor            Increment to a minor version instead of patch (Required if including non-bugs"
+    echo "  -o, --open_api_key     Set the Open API key for calling out to ChatGPT"
+    echo "  -p, --print            If the release is already drafted then print out the helpful info"
+    echo "  -r, --release_notes    Update the release notes in the named release on github and exit (requires changelog output from running the script previously)."
+    echo "  -s, --start_version    Set the target starting version (can also be the first positional arg) for the release, defaults to latest release on github"
+    echo "  -t, --target_date      Set the target date for the release, defaults to today if not provided"
+    echo "  -v, --target_version   Set the target version for the release"
+    echo ""
+    echo "Environment Variables:"
+    echo "  OPEN_API_KEY           Open API key used for fallback if not provided via -o or --open-api-key option"
+    echo ""
+    echo "Examples:"
+    echo "  $0 -d                  Dry run the script"
+    echo "  $0 -m -v 4.45.1        Set a minor release targeting version 4.45.1"
+    echo "  $0 --target_version 4.45.1 --open_api_key examplekey"
+    echo ""
+}
+
+# Usage example: Run a command and show spinner for n seconds
+# Replace `sleep 5` with your command
+# sleep 5 & show_spinner 5
+show_spinner() {
+    local pid=$!
+    local delay=0.1
+    local spinstr='/-\|'
+    local elapsedTime=0
+    local maxTime=$1
+
+    printf "Processing "
+    while [ $elapsedTime -lt $maxTime ]; do
+        local temp=${spinstr#?}
+        printf "%c" "$spinstr"
+        local spinstr=$temp${spinstr%"$temp"}
+        sleep $delay
+        printf "\b"
+        elapsedTime=$((elapsedTime+1))
+    done
+
+    printf "\nDone.\n"
+}
+
+check_grep() {
+    # Check if `grep` supports the `-P` option by using it in a no-op search.
+    # Redirecting stderr to /dev/null to suppress error messages in case `-P` is not supported.
+    if echo "" | grep -P "" >/dev/null 2>&1; then
+        return
+    else
+        # Now check if `ggrep` is available.
+        if command -v ggrep >/dev/null 2>&1; then
+            return
+        else
+            echo "Please install latest grep with `brew install grep`"
+            exit 1
+        fi
+    fi
+}
+
+check_required_binaries() {
+    local missing_counter=0
+    # List of required binaries used in the script
+    local required_binaries=("jq" "gh" "git" "curl" "awk" "sed" "make" "ack")
+
+    for bin in "${required_binaries[@]}"; do
+        if ! command -v "$bin" &> /dev/null; then
+            echo "Error: Required binary '$bin' is not installed." >&2
+            missing_counter=$((missing_counter + 1))
+        fi
+    done
+
+    if [ $missing_counter -ne 0 ]; then
+        echo "Error: $missing_counter required binary(ies) are missing. Install them before running this script." >&2
+        exit 1
+    fi
+    check_grep
+}
+
+validate_and_format_date() {
+    local input_date="$1"
+    local formatted_date
+    local correct_format="%b %d, %Y" # e.g., Jan 01, 2024
+
+    # Try to convert input_date to the correct format
+    formatted_date=$(date -d "$input_date" +"$correct_format" 2>/dev/null)
+
+    if [ $? -ne 0 ]; then
+        # date conversion failed
+        echo "Error: Incorrect date format. Expected format example: $correct_format (e.g., Jan 01, 2024)" >&2
+        exit 1
+    else
+        # Check if the formatted date matches the expected date format
+        if ! date -d "$formatted_date" +"$correct_format" &>/dev/null; then
+            # This means the formatted date does not match our correct format
+            echo "Error: Incorrect date format after conversion. Expected format example: $correct_format (e.g., Jan 01, 2024)" >&2
+            exit 1
+        fi
+    fi
+
+    # If we reached here, the date is valid and correctly formatted
+    target_date="$formatted_date" # Update the target_date with the formatted date
+    echo "Validated and formatted date: $target_date"
+}
+
+print_announce_info() {
+    echo
+    echo "For announcing in #help-engineering"
+    echo "===================================================="
+    echo "Release $target_milestone QA ticket and docker publish"
+    echo "QA ticket for Release $target_milestone " `gh issue list --search "Release QA: $target_milestone in:title" --json url | jq -r .[0].url`
+    echo "Docker Deploy status " `gh run list --workflow goreleaser-snapshot-fleet.yaml --json event,url,headBranch --limit 100 | jq -r "[.[]|select(.headBranch==\"$target_patch_branch\")][0].url"`
+    echo "List of tickets pulled into release https://github.com/fleetdm/fleet/milestone/$target_milestone_number"
+    echo 
+}
+
+update_release_notes() {
+    if [ ! -f temp_changelog ]; then
+        echo "cannot find changelog to populate release notes"
+        exit 1
+    fi
+    cat temp_changelog | tail -n +3 > release_notes
+    echo "" >> release_notes
+    echo "### Upgrading" >> release_notes
+    echo "" >> release_notes
+    echo "Please visit our [update guide](https://fleetdm.com/docs/deploying/upgrading-fleet) for upgrade instructions." >> release_notes
+    echo "" >> release_notes
+    echo "### Documentation" >> release_notes
+    echo "" >> release_notes
+    echo "Documentation for Fleet is available at [fleetdm.com/docs](https://fleetdm.com/docs)." >> release_notes
+    echo "" >> release_notes
+    echo "### Binary Checksum" >> release_notes
+    echo "" >> release_notes
+    echo "**SHA256**" >> release_notes
+    echo "" >> release_notes
+    echo '```' >> release_notes
+    gh release download $next_tag -p checksums.txt --clobber
+    cat checksums.txt >> release_notes
+    echo '```' >> release_notes
+
+    echo
+    echo "============== Release Notes ========================"
+    cat release_notes
+    echo "============== Release Notes ========================"
+
+    if [ "$dry_run" = "false" ]; then
+        gh release edit --draft -F release_notes $next_tag
+    fi
+}
+
+# Validate we have all commands required to perform this script
+check_required_binaries
+
+# Initialize variables for the options
+cherry_pick_resolved=false
+dry_run=false
+force=false
+minor=false
+open_api_key=""
+start_version=""
+target_date=""
+target_version=""
+print_info=false
+release_notes=false
+
+# Parse long options manually
+for arg in "$@"; do
+  shift
+  case "$arg" in
+    "--cherry_pick_resolved") set -- "$@" "-c" ;;
+    "--dry-run") set -- "$@" "-d" ;;
+    "--force") set -- "$@" "-f" ;;
+    "--help") set -- "$@" "-h" ;;
+    "--minor") set -- "$@" "-m" ;;
+    "--open_api_key") set -- "$@" "-o" ;;
+    "--print") set -- "$@" "-p" ;;
+    "--release_notes") set -- "$@" "-r" ;;
+    "--start_version") set -- "$@" "-s" ;;
+    "--target_date") set -- "$@" "-t" ;;
+    "--target_version") set -- "$@" "-v" ;;
+    *)        set -- "$@" "$arg"
+  esac
+done
+
+# Extract options and their arguments using getopts
+while getopts "cdfhmo:prs:t:v:" opt; do
+    case "$opt" in
+        c) cherry_pick_resolved=true ;;
+        d) dry_run=true ;;
+        f) force=true ;;
+        h) usage; exit 0 ;;
+        m) minor=true ;;
+        o) open_api_key=$OPTARG ;;
+        p) print_info=true ;;
+        r) release_notes=true ;;
+        s) start_version=$OPTARG ;;
+        t) target_date=$OPTARG ;;
+        v) target_version=$OPTARG ;;
+        ?) usage; exit 1 ;;
+    esac
+done
+
+# Shift off the options and optional --
+shift $((OPTIND -1))
+
+# Function to determine the best grep variant to use
+determine_grep_command() {
+    # Check if `ggrep` is available
+    if command -v ggrep >/dev/null 2>&1; then
+        echo "ggrep"  # Use GNU grep if available
+    elif echo "" | grep -P "" >/dev/null 2>&1; then
+        echo "grep"  # Use grep if it supports the -P option
+    else
+        echo "grep"  # Default to grep if ggrep is not available and -P is not supported
+        # Note: You might want to handle the lack of -P support differently here
+    fi
+}
+
+# Assign the best grep variant to a variable
+GREP_CMD=$(determine_grep_command)
+
+# Now you can use the $dry_run variable to see if the option was set
+if $dry_run; then
+    echo "Dry run mode enabled."
+fi
+
+# Check for OPEN_API_KEY environment variable if no key was provided through command-line options
+if [ -z "$open_api_key" ]; then
+    if [ -n "$OPEN_API_KEY" ]; then
+        open_api_key=$OPEN_API_KEY
+    else
+        echo "Error: No open API key provided. Set the key via -o/--open-api-key option or OPEN_API_KEY environment variable." >&2
+        exit 1
+    fi
+fi
+
+if [[ "$target_date" != "" ]]; then
+    validate_and_format_date $target_date
+fi
+
+# ex v4.43.0
+if [ -z "$start_version" ]; then
+    if [[ "$1" == "" ]]; then
+        # grab latest draft excluding test version 9.99.9
+        draft=`gh release list | $GREP_CMD Draft | $GREP_CMD -v 9.99.9`
+        if [[ "$draft" != "" ]]; then
+            target_version=`echo $draft | awk '{print $1}' | cut -d '-' -f2`
+            start_version=`gh release list | $GREP_CMD Draft -A1 | tail -n1 | awk '{print $1}' | cut -d '-' -f2`
+        else
+            start_version=`gh release list | $GREP_CMD Latest | awk '{print $1}' | cut -d '-' -f2`
+        fi
+    else
+        start_version="$1"
+    fi
+fi
+
+if [[ $start_version != v* ]]; then
+    start_version=`echo "v$start_version"`
+fi
+
+if [[ "$target_version" != "" ]]; then
+    if [[ $target_version != v* ]]; then
+        target_version=`echo "v$target_version"`
+    fi
+    next_ver=$target_version
+else
+    if [[ "$minor" == "true" ]]; then
+        next_ver=$(echo $start_version | awk -F. '{print $1"."($2+1)".0"}')
+    else
+        next_ver=$(echo $start_version | awk -F. '{print $1"."$2"."($3+1)}')
+    fi
+fi
+
+start_ver_tag=fleet-$start_version
+
+echo "Patch release from $start_version to $next_ver"
+if [ "$force" = "false" ]; then
+    read -r -p "If this is correct confirm yes to continue? [y/N] " response
+    case "$response" in
+        [yY][eE][sS]|[yY])
+            echo
+            ;;
+        *)
+            exit 1
+            ;;
+    esac
+fi
+start_milestone="${start_version:1}"
+target_milestone="${next_ver:1}"
+target_milestone_number=`gh api repos/:owner/:repo/milestones | jq -r ".[] | select(.title==\"$target_milestone\") | .number"`
+target_patch_branch="patch-fleet-$next_ver"
+next_tag="fleet-$next_ver"
+
+if [ "$print_info" = "true" ]; then
+    print_announce_info
+    exit 0
+fi
+
+if [ "$release_notes" = "true" ]; then
+    update_release_notes
+    exit 0
+fi
+
+if [[ "$target_milestone_number" == "" ]]; then
+    echo "Missing milestone $target_milestone, Please create one and tie tickets to the milestone to continue"
+    exit 1
+fi
+echo "Found milestone $target_milestone with number $target_milestone_number"
+
+failed=false
+
+if [ "$cherry_pick_resolved" = "false" ]; then
+    if [ "$dry_run" = "false" ]; then
+        git fetch
+    fi
+
+    # TODO Fail if not found
+    if [ "$dry_run" = "false" ]; then
+        git checkout $start_ver_tag
+    else
+        echo "DRYRUN: Would have checked out starting tag $start_ver_tag"
+    fi
+
+
+    local_exists=`git branch | $GREP_CMD $target_patch_branch`
+
+    if [ "$dry_run" = "false" ]; then
+        if [[ $local_exists != "" ]]; then
+            # Clear previous
+            git branch -D $target_patch_branch
+        fi
+        git checkout -b $target_patch_branch
+    else
+        echo "DRYRUN: Would have cleared / checked out new branch $target_patch_branch"
+    fi
+
+
+    total_prs=()
+
+    issue_list=`gh issue list --search 'milestone:"'"$target_milestone"'"' --json number | jq -r '.[] | .number'`
+    if [[ "$issue_list" == "" ]]; then
+        echo "Milestone $target_milestone has no target issues, please tie tickets to the milestone to continue"
+        exit 1
+    fi
+    echo "Issue list for new patch $next_ver"
+    echo $issue_list
+    for issue in $issue_list; do
+        prs_for_issue=`gh api repos/fleetdm/fleet/issues/$issue/timeline --paginate | jq -r '.[]' | $GREP_CMD "fleetdm/fleet/" | $GREP_CMD -oP "pulls\/\K(?:\d+)"`
+        echo -n "https://github.com/fleetdm/fleet/issues/$issue"
+        if [[ "$prs_for_issue" == "" ]]; then
+            echo -n "NO PR's found, please verify they are not missing in the issue, if no PR's were required for this ticket please reconsider adding it to this release."
+        fi
+        for val in $prs_for_issue; do
+            echo -n " $val"
+            total_prs+=("$val")
+        done
+        echo
+    done
+
+
+    if [ "$force" = "false" ]; then
+        read -r -p "Check any issues that have no pull requests, no to cancel and yes to continue? [y/N] " response
+        case "$response" in
+            [yY][eE][sS]|[yY])
+                echo "Continuing to cherry-pick"
+                echo
+                ;;
+            *)
+                exit 1
+                ;;
+        esac
+    fi
+
+    commits=""
+
+    for pr in ${total_prs[*]};
+    do
+        output=`gh pr view $pr --json state,mergeCommit,baseRefName`
+        state=`echo $output | jq -r .state`
+        commit=`echo $output | jq -r .mergeCommit.oid`
+        target_branch=`echo $output | jq -r .baseRefName`
+        echo -n "$pr $state $commit $target_branch:"
+        if [[ "$state" != "MERGED" || "$target_branch" != "main" ]]; then
+            echo " WARNING - Skipping pr https://github.com/fleetdm/fleet/pull/$pr"
+        else
+            if [[ "$commit" != "" && "$commit" != "null" ]]; then
+                echo " Commit looks valid - $commit, adding to cherry-pick"
+                commits+="$commit "
+            else
+                echo " WARNING - invalid commit for pr https://github.com/fleetdm/fleet/pull/$pr - $commit"
+            fi
+        fi
+        #echo "======================================="
+    done
+
+    for commit in $commits;
+    do
+        # echo $commit
+        timestamp=`git log -n 1 --pretty=format:%at $commit`
+        if [ $? -ne 0 ]; then
+            echo "Failed to identify $commit, exiting"
+            exit 1
+        fi
+        # echo $timestamp
+        time_map[$timestamp]=$commit
+    done
+
+    timestamps=""
+    for key in "${!time_map[@]}"; do
+        timestamps+="$key\n"
+    done
+    for ts in `echo -e $timestamps | sort`; do
+        commit_hash="${time_map[$ts]}"
+        # echo "# $ts $commit_hash"
+        if git branch --contains "$commit_hash" | $GREP_CMD -q "$(git rev-parse --abbrev-ref HEAD)"; then
+            echo "# Commit $commit_hash is on the current branch."
+            is_on_current_branch=true
+        else
+            # echo "# Commit $commit_hash is not on the current branch."
+            if [[ "$failed" == "false" ]]; then
+
+                if [ "$dry_run" = "false" ]; then
+                    git cherry-pick $commit_hash
+                    if [ $? -ne 0 ]; then
+                        echo "Cherry pick of $commit_hash failed. Please resolve then continue the cherry-picks manually"
+                        failed=true
+                    fi
+                else
+                    echo "DRYRUN: Would have cherry picked $commit_hash"
+                fi
+            else
+                echo "git cherry-pick $commit_hash"
+            fi
+            is_on_current_branch=false
+        fi
+    done
+fi
+
+if [[ "$failed" == "false" ]]; then
+
+    if [ "$dry_run" = "false" ]; then
+        make changelog
+        git diff CHANGELOG.md | $GREP_CMD '^+' | sed 's/^+//g' | $GREP_CMD -v CHANGELOG.md > new_changelog
+        prompt=$'I am creating a changelog for an open source project from a list of commit messages. Please format it for me using the following rules:\n1. Correct spelling and punctuation.\n2. Sentence casing.\n3. Past tense.\n4. Each list item is designated with an asterisk.\n5. Output in markdown format.'
+        content=$(cat new_changelog | sed -E ':a;N;$!ba;s/\r{0,1}\n/\\n/g')
+        question="${prompt}\n\n${content}"
+
+        # API endpoint for ChatGPT
+        api_endpoint="https://api.openai.com/v1/chat/completions"
+        output="null"
+
+        while [[ "$output" == "null" ]]; do
+            data_payload=$(jq -n \
+                              --arg prompt "$question" \
+                              --arg model "gpt-3.5-turbo" \
+                              '{model: $model, messages: [{"role": "user", "content": $prompt}]}')
+
+            response=$(curl -s -X POST $api_endpoint \
+               -H "Content-Type: application/json" \
+               -H "Authorization: Bearer $open_api_key" \
+               --data "$data_payload")
+
+            output=`echo $response | jq -r .choices[0].message.content`
+            echo "${output}"
+        done
+    else
+        echo "DRYRUN: Would have run make changelog and sent to ChatGPT to format"
+    fi
+
+    if [ "$dry_run" = "false" ]; then
+        git checkout CHANGELOG.md
+        if [[ "$target_date" == "" ]]; then
+            tartget_date=`date +"%b %d, %Y"`
+        fi
+        echo "## Fleet $target_milestone ($tartget_date)" > temp_changelog
+        echo "" >> temp_changelog
+        echo "### Bug fixes" >> temp_changelog
+        echo "" >> temp_changelog
+        echo -e "${output}" >> temp_changelog
+        echo "" >> temp_changelog
+        cp CHANGELOG.md old_changelog
+        cat temp_changelog > CHANGELOG.md
+        cat old_changelog >> CHANGELOG.md
+        rm -f old_changelog
+        update_changelog_patch_branch="update-changelog-pb-$target_milestone"
+        local_exists=`git branch | $GREP_CMD $update_changelog_patch_branch`
+        if [[ $local_exists != "" ]]; then
+            # Clear previous
+            git branch -D $update_changelog_patch_branch
+        fi
+        git checkout -b $update_changelog_patch_branch
+        git add CHANGELOG.md
+        git commit -m "Adding changes for patch $target_milestone"
+        git push origin $update_changelog_patch_branch -f
+        gh pr create -f -B $target_patch_branch
+
+        cp CHANGELOG.md /tmp
+        git checkout main 
+        git pull origin main
+        update_changelog_branch="update-changelog-$target_milestone"
+        local_exists=`git branch | $GREP_CMD $update_changelog_branch`
+        if [[ $local_exists != "" ]]; then
+            # Clear previous
+            git branch -D $update_changelog_branch
+        fi
+        git checkout -b $update_changelog_branch
+        cp /tmp/CHANGELOG.md .
+        git add CHANGELOG.md
+        escaped_start_version=$(echo "$start_milestone" | sed 's/\./\\./g')
+        version_files=`ack -l --ignore-file=is:CHANGELOG.md "$escaped_start_version"`
+        unameOut="$(uname -s)"
+        case "${unameOut}" in
+            Linux*)     echo "$version_files" | xargs sed -i "s/$escaped_start_version/$target_milestone/g";;
+            Darwin*)    echo "$version_files" | xargs sed -i '' "s/$escaped_start_version/$target_milestone/g";;
+            *)          echo "unknown distro to parse version"
+        esac
+        git add terraform charts infrastructure tools
+        git commit -m "Updating changelog for $target_milestone"
+        git push origin $update_changelog_branch -f
+        gh pr create -f
+
+        git checkout $target_patch_branch
+    else
+        echo "DRYRUN: Would have formatted changelog and created PR on main"
+    fi
+
+    # Check for QA issue
+    if [ "$dry_run" = "false" ]; then
+        found=$(gh issue list --search "Release QA: $target_milestone in:title" --json number | jq length)
+        if [[ "$found" == "0" ]]; then
+            cat .github/ISSUE_TEMPLATE/release-qa.md | awk 'BEGIN {count=0} /^---$/ {count++} count==2 && /^---$/ {getline; count++} count > 2 {print}' > temp_qa_issue_file
+            gh issue create --title "Release QA: $target_milestone" -F temp_qa_issue_file \
+                --assignee "sabrinabuckets" --assignee "xpkoala" --label ":release" --label "#g-mdm" --label "#g-endpoint-ops"
+            rm -f temp_qa_issue_file
+        fi
+    else
+        echo "DRYRUN: Would have searched for and created if not found QA release ticket"
+    fi
+
+    if [ "$dry_run" = "false" ]; then
+        echo "Waiting for github actions to propogate..."
+        show_spinner 200
+        # For announce in #help-engineering
+        print_announce_info
+    else
+        echo "DRYRUN: Would have printed announce in #help-engineering text w/ qa ticket, deploy to docker link, and milestone issue list link"
+    fi
+
+    if [ "$dry_run" = "false" ]; then
+        echo "waiting for Changelog PR to merge..."
+        echo `gh pr view $update_changelog_patch_branch --json url | jq -r .url`
+        echo
+        waiting=true
+        while waiting; do
+            pr_state=`gh pr view $update_changelog_patch_branch --json state | jq -r .state`
+            if [[ "$pr_state" == "MERGED" ]]; then
+                waiting=false
+            else
+                show_spinner 50
+            fi
+        done
+        git pull origin $target_patch_branch
+
+        git tag $next_tag
+        git push origin $next_tag
+
+        show_spinner 200
+    else
+        echo "DRYRUN: Would have tagged and pushed $next_tag"
+    fi
+
+    if [ "$dry_run" = "false" ]; then
+        releaser_out=`gh run list --workflow goreleaser-fleet.yaml --json databaseID,event,headBranch,url | jq "[.[]|select(.headBranch==\"$next_tag\")[0]`
+        echo "Releaser running " `echo $releaser_out | jq -r ".url"`
+
+        gh run watch `echo $releaser_out | jq -r ".databaseID"`
+    else
+        echo "DRYRUN: Would found goreleaser action and waited for it to complete"
+    fi
+
+
+    update_release_notes
+else
+    # TODO echo what to do
+    echo "Placeholder, Cherry pick failed....figure out what to do..."
+    exit 1
+fi
+

From 1bb81c9e1005f5ab3113b3f15c35fa99180029fe Mon Sep 17 00:00:00 2001
From: Noah Talerman <47070608+noahtalerman@users.noreply.github.com>
Date: Thu, 21 Mar 2024 15:44:23 -0400
Subject: [PATCH 26/54] Update rest-api.md (#17686)

- Remove note about fleetd
- Update note about MDM being turned on
---
 docs/REST API/rest-api.md | 7 ++-----
 1 file changed, 2 insertions(+), 5 deletions(-)

diff --git a/docs/REST API/rest-api.md b/docs/REST API/rest-api.md
index 8b8ca9c899..12d9f89060 100644
--- a/docs/REST API/rest-api.md	
+++ b/docs/REST API/rest-api.md	
@@ -3718,13 +3718,10 @@ created_at,updated_at,id,detail_updated_at,label_updated_at,policy_updated_at,la
 
 ### Get host's disk encryption key
 
-For macOS, requires the [macadmins osquery extension](https://github.com/macadmins/osquery-extension) which comes bundled
-in [Fleet's osquery installers](https://fleetdm.com/docs/using-fleet/adding-hosts#osquery-installer).
-
-Requires Fleet's MDM properly [enabled and configured](https://fleetdm.com/docs/using-fleet/mdm-macos-setup).
-
 Retrieves the disk encryption key for a host.
 
+Requires that disk encryption is enforced and the host has MDM turned on.
+
 `GET /api/v1/fleet/mdm/hosts/:id/encryption_key`
 
 #### Parameters

From 44c3ba83e5c73b6ceeb09e90483fb0c218659d44 Mon Sep 17 00:00:00 2001
From: Rachael Shaw <r@rachael.wtf>
Date: Thu, 21 Mar 2024 15:03:14 -0500
Subject: [PATCH 27/54] Reduce CIS benchmark documentation page contents
 (#17108)

+ Move specific CIS benchmark details into READMEs
+ Reduce content in Using Fleet > CIS Benchmarks

---------

Co-authored-by: Noah Talerman <47070608+noahtalerman@users.noreply.github.com>
---
 docs/Using Fleet/CIS-Benchmarks.md | 79 +++++-------------------------
 ee/cis/macos-13/README.md          | 37 ++++++++++++++
 ee/cis/macos-14/README.md          | 37 ++++++++++++++
 ee/cis/win-10/README.md            | 15 ++++++
 ee/cis/win-11/README.md            | 15 ++++++
 5 files changed, 116 insertions(+), 67 deletions(-)
 create mode 100644 ee/cis/macos-13/README.md
 create mode 100644 ee/cis/macos-14/README.md
 create mode 100644 ee/cis/win-10/README.md
 create mode 100644 ee/cis/win-11/README.md

diff --git a/docs/Using Fleet/CIS-Benchmarks.md b/docs/Using Fleet/CIS-Benchmarks.md
index bf12e3ba44..1bcbb2e1fc 100644
--- a/docs/Using Fleet/CIS-Benchmarks.md	
+++ b/docs/Using Fleet/CIS-Benchmarks.md	
@@ -1,19 +1,21 @@
 # CIS Benchmarks
 
-> Available in Fleet Premium
+_Available in Fleet Premium_.
 
 ## Overview
+
 CIS Benchmarks represent the consensus-based effort of cybersecurity experts globally to help you protect your systems against threats more confidently.
 For more information about CIS Benchmarks check out [Center for Internet Security](https://www.cisecurity.org/cis-benchmarks)'s website.
 
 Fleet has implemented native support for CIS Benchmarks for the following platforms:
-- macOS 13.0 Ventura (96 checks)
-- Windows 10 Enterprise (496 checks)
-- Windows 11 Enterprise (521 checks)
+- macOS 13.0 Ventura
+- macOS 14.0 Sonoma
+- Windows 10 Enterprise
+- Windows 11 Enterprise
 
 [Where possible](#limitations), each CIS Benchmark is implemented with a [policy query](./REST-API.md#policies) in Fleet. 
 
-These benchmarks are intended to gauge your organization's security posture, rather than the current state of a given host. A host may fail a CIS Benchmark policy despite having the correct settings enabled if there is not a specific policy in place to enforce that setting. For example, this is the query for  **CIS - Ensure FileVault Is Enabled (MDM Required)**:
+These benchmarks are intended to gauge your organization's security posture, rather than the current state of a given host. A host may fail a CIS Benchmark policy despite having the correct settings enabled if there is no configuration profile or Group Policy Object (GPO) in place to enforce the setting. For example, this is the query for  **CIS - Ensure FileVault Is Enabled (MDM Required)**:
 
 ```sql
 SELECT 1 WHERE 
@@ -88,14 +90,13 @@ fleetctl apply --policies-team "Workstations" -f cis-policy-queries.yml
 ```
 
 ## Limitations
-Fleet's current set of benchmarks only implements benchmark *auditing* steps that can be *automated*.
 
-In practice, Fleet is able to cover a large majority of benchmarks:
-* macOS 13 Ventura - 96 of 104
-* Windows 10 Enterprise - All CIS items (496)
-* Windows 11 Enterprise - All CIS items (521) 
+Certain benchmarks require human action to audit, and cannot be automated by a policy in Fleet. For a list of specific benchmarks which are not covered, please visit the README for each benchmark:
 
-For a list of specific checks which are not covered by Fleet, please visit the section devoted to each benchmark.
+- [macOS 13.0 Ventura](https://github.com/fleetdm/fleet/blob/main/ee/cis/macos-13/README.md)
+- [macOS 14.0 Sonoma](https://github.com/fleetdm/fleet/blob/main/ee/cis/macos-14/README.md)
+- [Windows 10 Enterprise](https://github.com/fleetdm/fleet/blob/main/ee/cis/win-10/README.md)
+- [Windows 11 Enterprise](https://github.com/fleetdm/fleet/blob/main/ee/cis/win-11/README.md)
 
 ### Audit vs. remediation
 Each benchmark has two elements:
@@ -106,18 +107,6 @@ Since Fleetd is currently read-only without the ability to execute actions on th
 
 To implement automated remediation, you can install a separate agent such as Munki, Chef, Puppet, etc. which has write functionality.
 
-### Manual vs. automated
-
-For both the audit and remediation elements of a CIS Benchmark, there are two types:
-1. Automated - the element can be audited or remediated without human intervention
-2. Manual - the element requires human intervention to be audited or remediated
-
-Fleet only implements automated audit checks. Manual checks require administrators to implement other processes to conduct the check.
-
-* macOS 13 Ventura - 96 of 104 are automated
-* Windows 10 Enterprise - All CIS items (496) are automated
-* Windows 11 Enterprise - All CIS items (521) are automated 
-
 
 ## Levels 1 and 2
 CIS designates various benchmarks as Level 1 or Level 2 to describe the level of thoroughness and burden that each benchmark represents.
@@ -137,50 +126,6 @@ This profile extends the "Level 1" profile. Items in this profile exhibit one or
 - are intended for environments or use cases where security is paramount or acts as defense in depth measure
 - may negatively inhibit the utility or performance of the technology.
 
-## macOS 13.0 Ventura benchmark
-
-Fleet's policies have been written against v1.0 of the benchmark. Please refer to the "CIS Apple macOS 13.0 Ventura Benchmark v1.0.0 - 11-14-2022" PDF from the CIS website for full details.
-
-### Checks that require customer decision
-
-CIS has left the parameters of the following checks up to the benchmark implementer. CIS recommends that an organization make a conscious decision for these benchmarks, but does not make a specific recommendation.
-
-Fleet has provided both an "enabled" and "disabled" version of these benchmarks. When both policies are added, at least one will fail. Once your organization has made a decision, you can delete one or the other policy query.
-The policy will be appended with a `-enabled` or `-disabled` label, such as `2.1.1.1-enabled`.
-
-- 2.1.1.1 Audit iCloud Keychain
-- 2.1.1.2 Audit iCloud Drive
-- 2.5.1 Audit Siri
-- 2.8.1 Audit Universal Control
-
-Furthermore, CIS has decided to not require the following password complexity settings:
-- 5.2.3 Ensure Complex Password Must Contain Alphabetic Characters Is Configured
-- 5.2.4 Ensure Complex Password Must Contain Numeric Character Is Configured
-- 5.2.5 Ensure Complex Password Must Contain Special Character Is Configured
-- 5.2.6 Ensure Complex Password Must Contain Uppercase and Lowercase Characters Is Configured
-
-However, Fleet has provided these as policies. If your organization declines to implement these, simply delete the corresponding policy.
-
-### macOS 13.0 Ventura manual checks
-
-The following CIS benchmark checks cannot be automated and must be addressed manually:
-- 2.1.2 Audit App Store Password Settings
-- 2.3.3.12 Ensure Computer Name Does Not Contain PII or Protected Organizational Information
-- 2.6.6 Audit Lockdown Mode
-- 2.11.2 Audit Touch ID and Wallet & Apple Pay Settings
-- 2.13.1 Audit Passwords System Preference Setting
-- 2.14.1 Audit Notification & Focus Settings
-- 3.7 Audit Software Inventory
-- 6.2.1 Ensure Protect Mail Activity in Mail Is Enabled
-
-## Windows 10 & 11 Enterprise benchmarks
-
-Fleet's policies have been written against v2.0.0 of the benchmarks. You can refer to the [CIS website](https://www.cisecurity.org/cis-benchmarks) for full details about this version.
-
-### Checks that require a Group Policy template
-
-Several items require Group Policy templates in place in order to audit them.
-These items are tagged with the label `CIS_group_policy_template_required` in the YAML file, and details about the required Group Policy templates can be found in each item's `resolution`.
 
 ## Performance testing
 In August 2023, we completed scale testing on 10k Windows hosts and 70k macOS hosts. Ultimately, we validated both server and host performance at that scale.
diff --git a/ee/cis/macos-13/README.md b/ee/cis/macos-13/README.md
new file mode 100644
index 0000000000..e49628ac6e
--- /dev/null
+++ b/ee/cis/macos-13/README.md
@@ -0,0 +1,37 @@
+# macOS 13.0 Ventura benchmark
+
+Fleet's policies have been written against v1.0 of the benchmark. You can refer to the [CIS website](https://www.cisecurity.org/cis-benchmarks) for full details about this version.
+
+For requirements and usage details, see the [CIS Benchmarks](https://fleetdm.com/docs/using-fleet/cis-benchmarks) documentation.
+
+### Limitations
+
+The following CIS benchmarks cannot be checked with a policy in Fleet:
+1. 2.1.2 Audit App Store Password Settings
+2. 2.3.3.12 Ensure Computer Name Does Not Contain PII or Protected Organizational Information
+3. 2.6.6 Audit Lockdown Mode
+4. 2.11.2 Audit Touch ID and Wallet & Apple Pay Settings
+5. 2.13.1 Audit Passwords System Preference Setting
+6. 2.14.1 Audit Notification & Focus Settings
+7. 3.7 Audit Software Inventory
+8. 6.2.1 Ensure Protect Mail Activity in Mail Is Enabled
+
+### Checks that require decision
+
+CIS has left the parameters of the following checks up to the benchmark implementer. CIS recommends that an organization make a conscious decision for these benchmarks, but does not make a specific recommendation.
+
+Fleet has provided both an "enabled" and "disabled" version of these benchmarks. When both policies are added, at least one will fail. Once your organization has made a decision, you can delete one or the other policy query.
+The policy will be appended with a `-enabled` or `-disabled` label, such as `2.1.1.1-enabled`.
+
+- 2.1.1.1 Audit iCloud Keychain
+- 2.1.1.2 Audit iCloud Drive
+- 2.5.1 Audit Siri
+- 2.8.1 Audit Universal Control
+
+Furthermore, CIS has decided to not require the following password complexity settings:
+- 5.2.3 Ensure Complex Password Must Contain Alphabetic Characters Is Configured
+- 5.2.4 Ensure Complex Password Must Contain Numeric Character Is Configured
+- 5.2.5 Ensure Complex Password Must Contain Special Character Is Configured
+- 5.2.6 Ensure Complex Password Must Contain Uppercase and Lowercase Characters Is Configured
+
+However, Fleet has provided these as policies. If your organization declines to implement these, simply delete the corresponding policies.
\ No newline at end of file
diff --git a/ee/cis/macos-14/README.md b/ee/cis/macos-14/README.md
new file mode 100644
index 0000000000..a83cd38d4a
--- /dev/null
+++ b/ee/cis/macos-14/README.md
@@ -0,0 +1,37 @@
+# macOS 14.0 Sonoma benchmark
+
+Fleet's policies have been written against v1.0 of the benchmark. You can refer to the [CIS website](https://www.cisecurity.org/cis-benchmarks) for full details about this version.
+
+For requirements and usage details, see the [CIS Benchmarks](https://fleetdm.com/docs/using-fleet/cis-benchmarks) documentation.
+
+### Limitations
+
+The following CIS benchmarks cannot be checked with a policy in Fleet:
+1. 2.1.2 Audit App Store Password Settings
+2. 2.3.3.12 Ensure Computer Name Does Not Contain PII or Protected Organizational Information
+3. 2.6.6 Audit Lockdown Mode
+4. 2.11.2 Audit Touch ID and Wallet & Apple Pay Settings
+5. 2.13.1 Audit Passwords System Preference Setting
+6. 2.14.1 Audit Notification & Focus Settings
+7. 3.7 Audit Software Inventory
+8. 6.2.1 Ensure Protect Mail Activity in Mail Is Enabled
+
+### Checks that require decision
+
+CIS has left the parameters of the following checks up to the benchmark implementer. CIS recommends that an organization make a conscious decision for these benchmarks, but does not make a specific recommendation.
+
+Fleet has provided both an "enabled" and "disabled" version of these benchmarks. When both policies are added, at least one will fail. Once your organization has made a decision, you can delete one or the other policy query.
+The policy will be appended with a `-enabled` or `-disabled` label, such as `2.1.1.1-enabled`.
+
+- 2.1.1.1 Audit iCloud Keychain
+- 2.1.1.2 Audit iCloud Drive
+- 2.5.1 Audit Siri
+- 2.8.1 Audit Universal Control
+
+Furthermore, CIS has decided to not require the following password complexity settings:
+- 5.2.3 Ensure Complex Password Must Contain Alphabetic Characters Is Configured
+- 5.2.4 Ensure Complex Password Must Contain Numeric Character Is Configured
+- 5.2.5 Ensure Complex Password Must Contain Special Character Is Configured
+- 5.2.6 Ensure Complex Password Must Contain Uppercase and Lowercase Characters Is Configured
+
+However, Fleet has provided these as policies. If your organization declines to implement these, simply delete the corresponding policies.
\ No newline at end of file
diff --git a/ee/cis/win-10/README.md b/ee/cis/win-10/README.md
new file mode 100644
index 0000000000..880dd1445b
--- /dev/null
+++ b/ee/cis/win-10/README.md
@@ -0,0 +1,15 @@
+# Windows 10 Enterprise benchmarks
+
+Fleet's policies have been written against v2.0.0 of the benchmark. You can refer to the [CIS website](https://www.cisecurity.org/cis-benchmarks) for full details about this version.
+
+For requirements and usage details, see the [CIS Benchmarks](https://fleetdm.com/docs/using-fleet/cis-benchmarks) documentation.
+
+### Limitations
+
+> None. All items in this version of the benchmark are able to be automated.
+
+
+### Checks that require a Group Policy template
+
+Several items require Group Policy templates in place in order to audit them.
+These items are tagged with the label `CIS_group_policy_template_required` in the YAML file, and details about the required Group Policy templates can be found in each item's `resolution`.
\ No newline at end of file
diff --git a/ee/cis/win-11/README.md b/ee/cis/win-11/README.md
new file mode 100644
index 0000000000..428a365217
--- /dev/null
+++ b/ee/cis/win-11/README.md
@@ -0,0 +1,15 @@
+# Windows 11 Enterprise benchmarks
+
+Fleet's policies have been written against v2.0.0 of the benchmark. You can refer to the [CIS website](https://www.cisecurity.org/cis-benchmarks) for full details about this version.
+
+For requirements and usage details, see the [CIS Benchmarks](https://fleetdm.com/docs/using-fleet/cis-benchmarks) documentation.
+
+### Limitations
+
+> None. All items in this version of the benchmark are able to be automated.
+
+
+### Checks that require a Group Policy template
+
+Several items require Group Policy templates in place in order to audit them.
+These items are tagged with the label `CIS_group_policy_template_required` in the YAML file, and details about the required Group Policy templates can be found in each item's `resolution`.
\ No newline at end of file

From 43432f0835e1414702cedc2667c80fbcc143c1a5 Mon Sep 17 00:00:00 2001
From: Nathanael Holliday <100959072+hollidayn@users.noreply.github.com>
Date: Thu, 21 Mar 2024 15:56:12 -0500
Subject: [PATCH 28/54] Adding vendor process to handbook (#17554)

For reference: https://github.com/fleetdm/confidential/issues/5719

# Checklist for submitter

If some of the following don't apply, delete the relevant line.

<!-- Note that API documentation changes are now addressed by the
product design team. -->

- [ ] Changes file added for user-visible changes in `changes/` or
`orbit/changes/`.
See [Changes
files](https://fleetdm.com/docs/contributing/committing-changes#changes-files)
for more information.
- [ ] Input data is properly validated, `SELECT *` is avoided, SQL
injection is prevented (using placeholders for values in statements)
- [ ] Added support on fleet's osquery simulator `cmd/osquery-perf` for
new osquery data ingestion features.
- [ ] Added/updated tests
- [ ] If database migrations are included, checked table schema to
confirm autoupdate
- For database migrations:
- [ ] Checked schema for all modified table for columns that will
auto-update timestamps during migration.
- [ ] Confirmed that updating the timestamps is acceptable, and will not
cause unwanted side effects.
- [ ] Manual QA for all new/changed functionality
  - For Orbit and Fleet Desktop changes:
- [ ] Manual QA must be performed in the three main OSs, macOS, Windows
and Linux.
- [ ] Auto-update manual QA, from released version of component to new
version (see [tools/tuf/test](../tools/tuf/test/README.md)).

---------

Co-authored-by: Sam Pfluger <108141731+Sampfluger88@users.noreply.github.com>
---
 handbook/business-operations/README.md | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/handbook/business-operations/README.md b/handbook/business-operations/README.md
index 6bea61ddf0..4c8f16f444 100644
--- a/handbook/business-operations/README.md
+++ b/handbook/business-operations/README.md
@@ -265,6 +265,13 @@ Within 60 days of the end of the year, follow these steps:
 - Afterward, post in #random letting folks know that the quarterly tool reconciliation and seat clearing is complete, and that any members who lost access to anything they still need can submit a ZenHub issue to BizOps to have their access restored.
 - The goal is to build deep, integrated knowledge of tool usage across Fleet and cut costs whenever possible. It will also force conversations on redundancies and decisions that aren't helping the business that otherwise might not be looked at a second time.  
 
+### Process a new vendor invoice
+- After making sure that an invoice received from a new vendor is valid, add the new vendor to the recurring expenses section of ["The numbers"](https://docs.google.com/spreadsheets/d/1X-brkmUK7_Rgp7aq42drNcUg8ZipzEiS153uKZSabWc/edit#gid=2112277278) before paying the invoice.
+
+### Process a request to cancel a vendor
+- Make the cancellation notification in accordance with the contract terms between Fleet and the vendor, typically these notifications are made via email and may have a specific address that notice must be sent to. If the vendor has an autorenew contract with Fleet there will often be a window of time in which Fleet can cancel, if notification is made after this time period Fleet may be obligated to pay for the subsequent year even if we don't use the vendor during the next contract term.  
+- Once cancelled, update the recurring expenses section of [The Numbers](https://docs.google.com/spreadsheets/d/1X-brkmUK7_Rgp7aq42drNcUg8ZipzEiS153uKZSabWc/edit#gid=2112277278) to reflect the cancellation by changing the projected monthly burn in column G to $0 and adding "CANCELLED" in front of the vendor's name in column C.
+
 ### Update weekly KPIs
 - Create the weekly update issue from the template in ZenHub every Friday and update the [KPIs for BizOps](https://docs.google.com/spreadsheets/d/1Hso0LxqwrRVINCyW_n436bNHmoqhoLhC8bcbvLPOs9A/edit#gid=0) by 5pm US central time.
 - Check the KPI sheet at 5pm US central time to ensure all departments have updated their KPIs on time.  If any departments are delinquent, notify the department head and let the [Apprentice to the CEO](https://fleetdm.com/handbook/ceo#team) know so they can put it on the agenda for their next one-on-one with the CEO.

From 8ae24ac4a9b092e137fc479efb17e102c3dcf78d Mon Sep 17 00:00:00 2001
From: StepSecurity Bot <bot@stepsecurity.io>
Date: Thu, 21 Mar 2024 13:56:42 -0700
Subject: [PATCH 29/54] [StepSecurity] ci: Harden GitHub Actions (#17767)

## Summary

This pull request is created by
[StepSecurity](https://app.stepsecurity.io/securerepo) at the request of
@lukeheath. Please merge the Pull Request to incorporate the requested
changes. Please tag @lukeheath on your message if you have any questions
related to the PR.
## Security Fixes

### Least Privileged GitHub Actions Token Permissions

The GITHUB_TOKEN is an automatically generated secret to make
authenticated calls to the GitHub API. GitHub recommends setting minimum
token permissions for the GITHUB_TOKEN.

- [GitHub Security
Guide](https://docs.github.com/en/actions/security-guides/automatic-token-authentication#using-the-github_token-in-a-workflow)
- [The Open Source Security Foundation (OpenSSF) Security
Guide](https://github.com/ossf/scorecard/blob/main/docs/checks.md#token-permissions)
### Pinned Dependencies

GitHub Action tags and Docker tags are mutable. This poses a security
risk. GitHub's Security Hardening guide recommends pinning actions to
full length commit.

- [GitHub Security
Guide](https://docs.github.com/en/actions/security-guides/security-hardening-for-github-actions#using-third-party-actions)
- [The Open Source Security Foundation (OpenSSF) Security
Guide](https://github.com/ossf/scorecard/blob/main/docs/checks.md#pinned-dependencies)


## Feedback
For bug reports, feature requests, and general feedback; please email
support@stepsecurity.io. To create such PRs, please visit
https://app.stepsecurity.io/securerepo.


Signed-off-by: StepSecurity Bot <bot@stepsecurity.io>

Signed-off-by: StepSecurity Bot <bot@stepsecurity.io>
---
 .github/workflows/deploy-vulnerability-dashboard.yml       | 5 +++++
 .github/workflows/dogfood-gitops.yml                       | 4 ++--
 .github/workflows/test-vulnerability-dashboard-changes.yml | 3 +++
 3 files changed, 10 insertions(+), 2 deletions(-)

diff --git a/.github/workflows/deploy-vulnerability-dashboard.yml b/.github/workflows/deploy-vulnerability-dashboard.yml
index a8196535ab..05c0b4ff88 100644
--- a/.github/workflows/deploy-vulnerability-dashboard.yml
+++ b/.github/workflows/deploy-vulnerability-dashboard.yml
@@ -6,8 +6,13 @@ on:
     paths:
       - 'ee/vulnerability-dashboard/**'
 
+permissions:
+  contents: read
+
 jobs:
   build:
+    permissions:
+      contents: write  # for Git to git push
     if: ${{ github.repository == 'fleetdm/fleet' }}
 
     runs-on: ubuntu-latest
diff --git a/.github/workflows/dogfood-gitops.yml b/.github/workflows/dogfood-gitops.yml
index e50cbc7a33..de7974b29a 100644
--- a/.github/workflows/dogfood-gitops.yml
+++ b/.github/workflows/dogfood-gitops.yml
@@ -23,10 +23,10 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Checkout our repository
-        uses: actions/checkout@v4
+        uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
 
       - name: Checkout GitOps repository
-        uses: actions/checkout@v4
+        uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
         with:
           repository: fleetdm/fleet-gitops
           ref: main
diff --git a/.github/workflows/test-vulnerability-dashboard-changes.yml b/.github/workflows/test-vulnerability-dashboard-changes.yml
index abc11f57ae..6c7cf2e2a9 100644
--- a/.github/workflows/test-vulnerability-dashboard-changes.yml
+++ b/.github/workflows/test-vulnerability-dashboard-changes.yml
@@ -9,6 +9,9 @@ concurrency:
   group: ${{ github.workflow }}-${{ github.head_ref || github.run_id}}
   cancel-in-progress: true
 
+permissions:
+  contents: read
+
 jobs:
   build:
     permissions:

From 424d7e576a0b59a54b5f03e5d583029cccfac6a3 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Thu, 21 Mar 2024 16:02:13 -0500
Subject: [PATCH 30/54] Bump webpack-dev-middleware from 6.1.1 to 6.1.2
 (#17776)

---
 yarn.lock | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/yarn.lock b/yarn.lock
index ac4c05043a..eca3a26a55 100644
--- a/yarn.lock
+++ b/yarn.lock
@@ -17840,9 +17840,9 @@ webpack-cli@5.0.1:
     webpack-merge "^5.7.3"
 
 webpack-dev-middleware@^6.1.1:
-  version "6.1.1"
-  resolved "https://registry.yarnpkg.com/webpack-dev-middleware/-/webpack-dev-middleware-6.1.1.tgz#6bbc257ec83ae15522de7a62f995630efde7cc3d"
-  integrity sha512-y51HrHaFeeWir0YO4f0g+9GwZawuigzcAdRNon6jErXy/SqV/+O6eaVAzDqE6t3e3NpGeR5CS+cCDaTC+V3yEQ==
+  version "6.1.2"
+  resolved "https://registry.yarnpkg.com/webpack-dev-middleware/-/webpack-dev-middleware-6.1.2.tgz#0463232e59b7d7330fa154121528d484d36eb973"
+  integrity sha512-Wu+EHmX326YPYUpQLKmKbTyZZJIB8/n6R09pTmB03kJmnMsVPTo9COzHZFr01txwaCAuZvfBJE4ZCHRcKs5JaQ==
   dependencies:
     colorette "^2.0.10"
     memfs "^3.4.12"

From 38ea8db7cd9f6349d61718e2fe925301da5a06b5 Mon Sep 17 00:00:00 2001
From: Luke Heath <luke@fleetdm.com>
Date: Thu, 21 Mar 2024 16:04:53 -0500
Subject: [PATCH 31/54] Set GitHub workflow DRIs (#17777)

---
 .github/workflows/{test.yml => test-js.yml} |  2 +-
 CODEOWNERS                                  | 51 +++++++++++++++++++++
 2 files changed, 52 insertions(+), 1 deletion(-)
 rename .github/workflows/{test.yml => test-js.yml} (99%)

diff --git a/.github/workflows/test.yml b/.github/workflows/test-js.yml
similarity index 99%
rename from .github/workflows/test.yml
rename to .github/workflows/test-js.yml
index cf9c08157f..d0e660ba72 100644
--- a/.github/workflows/test.yml
+++ b/.github/workflows/test-js.yml
@@ -1,4 +1,4 @@
-name: Run Tests
+name: JavaScript Tests
 
 on:
   push:
diff --git a/CODEOWNERS b/CODEOWNERS
index 45f22c8841..ead9ee8a62 100644
--- a/CODEOWNERS
+++ b/CODEOWNERS
@@ -106,5 +106,56 @@ go.mod @fleetdm/go
 ##############################################################################################
 /.github/ISSUE_TEMPLATE     @mikermcneil @sampfluger88 @lukeheath  # See https://github.com/fleetdm/fleet/pull/16203
 
+##############################################################################################
+# 🌐 GitHub workflows
+##############################################################################################
+/.github/workflows/markdown-link-check-config.json @eashaw
+/.github/workflows/deploy-vulnerability-dashboard.yml @eashaw
+/.github/workflows/test-website.yml @eashaw
+/.github/workflows/test-vulnerability-dashboard-changes.yml @eashaw
+/.github/workflows/docs.yml @eashaw
+/.github/workflows/deploy-fleet-website.yml @eashaw
+
+##############################################################################################
+# 🚀 GitHub workflows
+##############################################################################################
+/.github/workflows/README.md @lukeheath
+/.github/workflows/goreleaser-fleet.yaml @lukeheath
+/.github/workflows/update-certs.yml @lukeheath
+/.github/workflows/codeql-analysis.yml @lukeheath
+/.github/workflows/codeql.yml @lukeheath
+/.github/workflows/scorecards-analysis.yml @lukeheath
+/.github/workflows/integration.yml @lukeheath
+/.github/workflows/fleetctl-preview.yml @lukeheath
+/.github/workflows/fleetctl-preview-latest.yml @lukeheath
+/.github/workflows/goreleaser-orbit.yaml @lukeheath
+/.github/workflows/trivy-scan.yml @lukeheath
+/.github/workflows/goreleaser-snapshot-fleet.yaml @lukeheath
+/.github/workflows/build-and-push-fleetctl-docker.yml @lukeheath
+/.github/workflows/fleetd-tuf.yml @lucasmrod
+/.github/workflows/generate-desktop-targets.yml @lucasmrod
+/.github/workflows/test-yml-specs.yml @lucasmrod
+/.github/workflows/build-binaries.yaml @lucasmrod
+/.github/workflows/fleet-and-orbit.yml @lucasmrod
+/.github/workflows/build-orbit.yaml @lucasmrod
+/.github/workflows/generate-osqueryd-targets.yml @lucasmrod
+/.github/workflows/test-packaging.yml @lucasmrod
+/.github/workflows/release-helm.yaml @rfairburn
+/.github/workflows/pr-helm.yaml @rfairburn
+/.github/workflows/tfvalidate.yml @rfairburn
+/.github/workflows/dogfood-deploy.yml @rfairburn
+/.github/workflows/test-db-changes.yml @roperzh
+/.github/workflows/test-go.yaml @roperzh
+/.github/workflows/golangci-lint.yml @roperzh
+/.github/workflows/test-native-tooling-packaging.yml @roperzh
+/.github/workflows/check-tuf-timestamps.yml @roperzh
+/.github/workflows/test-puppet.yml @roperzh
+/.github/workflows/generate-nudge-targets.yml @roperzh
+/.github/workflows/test-js.yml @ghernandez345
+/.github/workflows/dogfood-gitops.yml @getvictor
+/.github/workflows/test-fleetd-chrome.yml @getvictor
+/.github/workflows/release-fleetd-chrome.yml @getvictor
+/.github/workflows/release-fleetd-chrome-beta.yml @getvictor
+
 # ℹ️ But wait, there's more!
 # See the comments up top to learn where else DRIs and maintainers are configured.

From 4aa854b9d49534b09823ca888eb87e0a290b80bb Mon Sep 17 00:00:00 2001
From: Eric <eashaw@sailsjs.com>
Date: Thu, 21 Mar 2024 16:24:09 -0500
Subject: [PATCH 32/54] Website: Update footer height. (#17781)

Closes: #17778

Changes:
- Updated the styles for pages with reduced footer links
---
 website/assets/styles/layout.less | 29 ++++++++++++++++++++---------
 1 file changed, 20 insertions(+), 9 deletions(-)

diff --git a/website/assets/styles/layout.less b/website/assets/styles/layout.less
index de314d96ae..42b4574d6b 100644
--- a/website/assets/styles/layout.less
+++ b/website/assets/styles/layout.less
@@ -417,7 +417,7 @@ html, body {
   }
 }
 [purpose='page-wrap'].reduced-footer-links {
-  padding-bottom: 67px;
+  padding-bottom: 70px;
 }
 
 // Landing page footer styles
@@ -425,7 +425,7 @@ html, body {
   position: absolute;
   bottom: 0px;
   width: 100%;
-  height: 67px;
+  height: 70px;
   padding: 24px 32px;
   color: @core-fleet-black-75;
   a {
@@ -451,9 +451,9 @@ body.detected-mobile {
   [purpose='page-footer'] {
     padding: 64px 40px;
     height: 460px;
-  }
-  [purpose='footer-socials'] {
-    margin-bottom: 32px;
+    [purpose='footer-socials'] {
+      margin-bottom: 32px;
+    }
   }
 }
 
@@ -479,15 +479,22 @@ body.detected-mobile {
     padding: 64px 32px;
     height: 701px;
   }
+  [purpose='page-wrap'].reduced-footer-links {
+    padding-bottom: 121px;
+  }
+  [purpose='reduced-nav-footer'] {
+    height: 121px;
+    [purpose='footer-socials'] {
+      margin-bottom: 32px;
+    }
+  }
+
 
 }
 @media (max-width: 575px) {
   [purpose='page-wrap'] {
     padding-bottom: 925px;
   }
-  [purpose='page-wrap'].reduced-footer-links {
-    padding-bottom: 97px;
-  }
   [purpose='page-header'] {
     padding: 19px 24px;
     [purpose='mobile-nav'] {
@@ -499,8 +506,12 @@ body.detected-mobile {
       }
     }
   }
+  [purpose='page-wrap'].reduced-footer-links {
+    padding-bottom: 173px;
+  }
   [purpose='reduced-nav-footer'] {
-    height: 97px;
+    height: 173px;
+    padding: 24px;
   }
   [purpose='page-footer'] {
     height: 925px;

From 1d8e208c32890561813974b71da70539f14060f1 Mon Sep 17 00:00:00 2001
From: Eric <eashaw@sailsjs.com>
Date: Thu, 21 Mar 2024 16:31:20 -0500
Subject: [PATCH 33/54] Vulnerability dashboard: Add a way to start a local
 vulnerability dashboard with Docker (#17676)

Related to: https://github.com/fleetdm/confidential/issues/5637

Changes:
- Added a way to start a vulnerability dashboard with Docker.
- Updated the folder readme to include instructions for starting the
vulnerability dashboard with docker
---
 ee/vulnerability-dashboard/.dockerignore      |  2 ++
 ee/vulnerability-dashboard/Dockerfile         | 35 +++++++++++++++++++
 ee/vulnerability-dashboard/README.md          | 27 +++++++++++++-
 ee/vulnerability-dashboard/crontab            |  1 +
 ee/vulnerability-dashboard/docker-compose.yml | 31 ++++++++++++++++
 ee/vulnerability-dashboard/entrypoint.sh      | 31 ++++++++++++++++
 6 files changed, 126 insertions(+), 1 deletion(-)
 create mode 100644 ee/vulnerability-dashboard/.dockerignore
 create mode 100644 ee/vulnerability-dashboard/Dockerfile
 create mode 100644 ee/vulnerability-dashboard/crontab
 create mode 100644 ee/vulnerability-dashboard/docker-compose.yml
 create mode 100644 ee/vulnerability-dashboard/entrypoint.sh

diff --git a/ee/vulnerability-dashboard/.dockerignore b/ee/vulnerability-dashboard/.dockerignore
new file mode 100644
index 0000000000..9303c347ee
--- /dev/null
+++ b/ee/vulnerability-dashboard/.dockerignore
@@ -0,0 +1,2 @@
+node_modules/
+npm-debug.log
\ No newline at end of file
diff --git a/ee/vulnerability-dashboard/Dockerfile b/ee/vulnerability-dashboard/Dockerfile
new file mode 100644
index 0000000000..84a2056fda
--- /dev/null
+++ b/ee/vulnerability-dashboard/Dockerfile
@@ -0,0 +1,35 @@
+# Use the official Node.js 14 image as a base
+FROM node:20
+
+# Set the working directory in the container
+WORKDIR /usr/src/app
+
+# Copy the package.json
+COPY package.json ./
+
+# Install vulnerability dashboard dependencies
+RUN npm install
+
+# Copy the vulnerability dashboard into the container
+COPY . .
+
+# Install cron on the Docker image
+RUN apt-get update && apt-get install -y cron
+
+# Add the crontab file for the update reports script to the cron directory
+ADD crontab /etc/cron.d/update-reports-cron
+
+# Give execution rights on the cron job and apply it
+RUN chmod 0644 /etc/cron.d/update-reports-cron && crontab /etc/cron.d/update-reports-cron
+
+# Copy the entrypoint script into the container
+COPY entrypoint.sh /usr/src/app/entrypoint.sh
+
+# Make sure the entrypoint script is executable
+RUN chmod +x /usr/src/app/entrypoint.sh
+
+# Expose the port the vulnerability dashboard runs on
+EXPOSE 1337
+
+# Set the entrypoint script as the entry point
+ENTRYPOINT ["/usr/src/app/entrypoint.sh"]
diff --git a/ee/vulnerability-dashboard/README.md b/ee/vulnerability-dashboard/README.md
index 82c068793e..e6e6988188 100644
--- a/ee/vulnerability-dashboard/README.md
+++ b/ee/vulnerability-dashboard/README.md
@@ -26,6 +26,32 @@ f.k.a. "scooper"
 Original raw notes and context: (private google doc since it contains competitor information: https://docs.google.com/document/d/1ByNWY6n_C-rvL75lI6jca2OniHt5FqA5_nYMf61S0pM/edit#)
 
 
+## Running the vulnerability dashboard with Docker.
+
+To run a local vulnerability dashboard with docker, you can follow these instructions.
+
+1. Clone this repo
+2. Update the following ENV variables `ee/vulnerability-dashboard/docker-compose.yml` file:
+
+  1. `sails_custom__fleetBaseUrl`: The full URL of your Fleet instance. (e.g., https://fleet.example.com)
+
+  2. `sails_custom__fleetApiToken`: AN API token for an API-only user on your Fleet instance.
+
+  >You can read about how to create an API-only user and get it's token [here](https://fleetdm.com/docs/using-fleet/fleetctl-cli#create-api-only-user)
+
+3. Open the `ee/vulnerability-dashboard/` folder in your terminal
+4. Run `docker compose up --build` to build the vulnerability dashboard's Docker image.
+
+  > The first time the vulnerability dashboard starts it will Initalize the database and run the `update-reports` script before the server starts.
+
+5. Once the container is done building, the vulnerability dashboard will be available at http://localhost:1337
+
+  > You can login with the default admin login:
+  >
+  >- Email address: `admin@example.com`
+  >
+  >- Password: `abc123`
+
 ## How it's made
 
 This is a [Sails v1](https://sailsjs.com) application:
@@ -35,4 +61,3 @@ This is a [Sails v1](https://sailsjs.com) application:
 + [Community support options](https://sailsjs.com/support)
 + **Version info**: This app was originally generated on Sat Dec 10 2022 15:56:06 GMT-0600 (Central Standard Time) using Sails v1.5.3.  <!-- Internally, Sails used [`sails-generate@2.0.7`](https://github.com/balderdashy/sails-generate/tree/v2.0.7/lib/core-generators/new). -->
 + This project's boilerplate is based on an expanded seed app provided by the [Sails core team](https://sailsjs.com/about) to make it easier for you to build on top of ready-made features like authentication, enrollment, email verification, and billing.  <!-- Note:  Generators are usually run using the globally-installed `sails` CLI (command-line interface).  This CLI version is _environment-specific_ rather than app-specific, thus over time, as a project's dependencies are upgraded or the project is worked on by different developers on different computers using different versions of Node.js, the Sails dependency in its package.json file may differ from the globally-installed Sails CLI release it was originally generated with.  (Be sure to always check out the relevant [upgrading guides](https://sailsjs.com/upgrading) before upgrading the version of Sails used by your app.  If you're stuck, [get help here](https://sailsjs.com/support).) -->
-
diff --git a/ee/vulnerability-dashboard/crontab b/ee/vulnerability-dashboard/crontab
new file mode 100644
index 0000000000..31f359cb44
--- /dev/null
+++ b/ee/vulnerability-dashboard/crontab
@@ -0,0 +1 @@
+0 * * * * cd /usr/src/app && /usr/local/bin/node ./node_modules/.bin/sails run update-reports >> /usr/src/app/cron.log 2>&1
diff --git a/ee/vulnerability-dashboard/docker-compose.yml b/ee/vulnerability-dashboard/docker-compose.yml
new file mode 100644
index 0000000000..a1c92cdaed
--- /dev/null
+++ b/ee/vulnerability-dashboard/docker-compose.yml
@@ -0,0 +1,31 @@
+version: '3'
+services:
+  vuln-dash:
+    build: .
+    ports:
+      - "1337:1337"
+    depends_on:
+      - redis
+      - postgres
+    environment:
+      sails_datastores__default__url: postgres://user:password@postgres:5432/dbname
+      sails_datastores__default__adapter: sails-postgresql
+      sails_sockets__url: redis://redis:6379
+      sails_session__url: redis://redis:6379
+      sails_custom__fleetBaseUrl: '' #Add the base url of your Fleet instance: ex: https://fleet.example.com
+      sails_custom__fleetApiToken: '' # Add the API token of an API-only user [?] Here's how you get one: https://fleetdm.com/docs/using-fleet/fleetctl-cli#get-the-api-token-of-an-api-only-user
+
+  redis:
+    image: "redis:alpine"
+
+  postgres:
+    image: "postgres:alpine"
+    environment:
+      POSTGRES_USER: user
+      POSTGRES_PASSWORD: password
+      POSTGRES_DB: dbname
+    volumes:
+      - pgdata:/var/lib/postgresql/data
+
+volumes:
+  pgdata:
diff --git a/ee/vulnerability-dashboard/entrypoint.sh b/ee/vulnerability-dashboard/entrypoint.sh
new file mode 100644
index 0000000000..8d5566eb15
--- /dev/null
+++ b/ee/vulnerability-dashboard/entrypoint.sh
@@ -0,0 +1,31 @@
+#!/bin/bash
+
+if [ -z "$sails_custom__fleetBaseUrl" ] && [ -z "$sails_custom__fleetApiToken" ]; then
+  echo 'ERROR: Missing environment variables. Please set "sails_custom__fleetApiToken" and "sails_custom__fleetBaseUrl" and and try starting this container again'
+  exit 1
+elif [ -z "$sails_custom__fleetBaseUrl" ]; then
+  echo 'ERROR: Missing environment variables. Please set "sails_custom__fleetBaseUrl" and try starting this container again'
+  exit 1
+elif [ -z "$sails_custom__fleetApiToken" ]; then
+  echo 'ERROR: Missing environment variables. Please set "sails_custom__fleetApiToken" and and try starting this container again'
+  exit 1
+fi
+
+# Check if the vulnerability dashboard has been initialized before
+if [ ! -f "/usr/src/app/.initialized" ]; then
+  # if it hasn't, lift the app with in console mode with the --drop flag to create our databsae tables.
+  echo '.exit' | node ./node_modules/sails/bin/sails console --drop
+
+  touch /usr/src/app/.initialized
+  # run the `update-reports` script
+  node ./node_modules/sails/bin/sails run update-reports
+fi
+
+# Expose the container's ENV variables to cron
+printenv >> /etc/environment
+
+# Start cron
+cron
+
+# Start the vulnerability dashboard
+exec node app.js

From ceddd26a736ef272ffbd8b980b410bb91aecbd14 Mon Sep 17 00:00:00 2001
From: Noah Talerman <47070608+noahtalerman@users.noreply.github.com>
Date: Thu, 21 Mar 2024 17:57:21 -0400
Subject: [PATCH 34/54] Update macos-device-health.policies.yml (#17783)

- Fix guest account and password policies
---
 .../lib/macos-device-health.policies.yml       | 18 +++++++++++++++---
 1 file changed, 15 insertions(+), 3 deletions(-)

diff --git a/it-and-security/lib/macos-device-health.policies.yml b/it-and-security/lib/macos-device-health.policies.yml
index 401c086fa0..6fdc883204 100644
--- a/it-and-security/lib/macos-device-health.policies.yml
+++ b/it-and-security/lib/macos-device-health.policies.yml
@@ -11,13 +11,25 @@
   resolution: An an IT admin, deploy a macOS, Firewall profile with the EnableFirewall option set to true.
   platform: darwin
 - name: macOS - Disable guest account
-  query: SELECT 1 FROM managed_policies WHERE domain='com.apple.loginwindow' AND username = '' AND name='DisableGuestAccount' AND CAST(value AS INT) = 1;
+  query: SELECT 1 FROM plist WHERE path='/Library/Preferences/com.apple.loginwindow.plist' AND key='GuestEnabled' AND value = 0;
   critical: false
   description: This policy checks if the guest account is disabled.
   resolution: An an IT admin, deploy a macOS, login window profile with the DisableGuestAccount option set to true.
   platform: darwin
 - name: macOS - Require 10 character password
-  query: SELECT 1 FROM plist WHERE path='/Library/Preferences/com.apple.loginwindow.plist' AND key='GuestEnabled' AND value = 0;
+  query: SELECT 1 WHERE 
+    EXISTS (
+      SELECT 1 FROM managed_policies WHERE 
+        domain='com.apple.screensaver' AND 
+        name='askForPassword' AND 
+        CAST(value AS INT)
+    ) 
+    AND EXISTS (
+      SELECT 1 FROM managed_policies WHERE 
+        domain='com.apple.screensaver' AND 
+        name='minLength' AND 
+        CAST(value AS INT) <= 10
+    );
   critical: false
   description: This policy checks if the end user is required to enter a password, with at least 10 characters, to unlock the host.
   resolution: An an IT admin, deploy a macOS, screensaver profile with the askForPassword option set to true and minLength option set to 10.
@@ -40,4 +52,4 @@
   critical: false
   description: This policy checks if maximum amount of time (in minutes) the device is allowed to sit idle before the screen is locked. End users can select any value less than the specified maximum.
   resolution: An an IT admin, deploy a macOS, screen saver profile with the maxInactivity option set to 20 minutes.
-  platform: darwin
\ No newline at end of file
+  platform: darwin

From a9b5619d1c52f69533ef00ab9cd0086b53993e60 Mon Sep 17 00:00:00 2001
From: Eric <eashaw@sailsjs.com>
Date: Thu, 21 Mar 2024 17:16:22 -0500
Subject: [PATCH 35/54] Website: Update number of hosts input on /contact page
 (#17784)

Closes: https://github.com/fleetdm/confidential/issues/5826

Changes:
- Added a minimum to the number of hosts input on the /contact page
---
 website/views/pages/contact.ejs | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/website/views/pages/contact.ejs b/website/views/pages/contact.ejs
index 386ace9101..d7bcf17d6a 100644
--- a/website/views/pages/contact.ejs
+++ b/website/views/pages/contact.ejs
@@ -89,7 +89,7 @@
           </div>
          <div class="form-group">
            <label for="number-of-hosts">How many devices do you have? *</label>
-           <input class="form-control" id="number-of-hosts" name="number-of-hosts" type="number" :class="[formErrors.numberOfHosts ? 'is-invalid' : '']" v-model.trim="formData.numberOfHosts">
+           <input class="form-control" id="number-of-hosts" name="number-of-hosts" type="number" :class="[formErrors.numberOfHosts ? 'is-invalid' : '']" min="1" v-model.trim="formData.numberOfHosts">
            <p purpose="devices-note" class="mt-3 mb-0">Includes computers, servers, containers, and other hosts.</p>
            <div class="invalid-feedback" v-if="formErrors.numberOfHosts">Please enter a number of devices</div>
          </div>

From 92771a629e38a381244fbdb989929a4817865cf9 Mon Sep 17 00:00:00 2001
From: Eric <eashaw@sailsjs.com>
Date: Thu, 21 Mar 2024 17:26:35 -0500
Subject: [PATCH 36/54] Website: Update `build-static-content` script to ignore
 pages in the docs/contributing/ folder. (#17706)

Closes: #17667

Changes:
- Updated `build-static-content` to skip pages in the docs/contributing
folder when Markdown pages are converted to HTML partials.
---
 website/scripts/build-static-content.js | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/website/scripts/build-static-content.js b/website/scripts/build-static-content.js
index 9ab8a3f846..4e039ab4fd 100644
--- a/website/scripts/build-static-content.js
+++ b/website/scripts/build-static-content.js
@@ -202,6 +202,11 @@ module.exports = {
               .replace(/(^|\/)([^/]+)\.[^/]*$/, '$1$2')
               .split(/\//).map((fileOrFolderName) => fileOrFolderName.toLowerCase().replace(/\s+/g, '-')).join('/')
             );
+
+            // If this page is in the docs/contributing/ folder, skip it.
+            if(sectionRepoPath === 'docs/' && _.startsWith(pageUnextensionedUnwhitespacedLowercasedRelPath, 'contributing/')){
+              continue;
+            }
             let RX_README_FILENAME = /\/?readme\.?m?d?$/i;// « for matching `readme` or `readme.md` (case-insensitive) at the end of a file path
 
             // Determine this page's default (fallback) display title.

From 7ae21d2fda8b2159ff856620cf0a37335884e862 Mon Sep 17 00:00:00 2001
From: Noah Talerman <47070608+noahtalerman@users.noreply.github.com>
Date: Thu, 21 Mar 2024 18:38:05 -0400
Subject: [PATCH 37/54] Update macos-device-health.policies.yml (#17785)

- Add 1Password recovery kit policy
---
 it-and-security/lib/macos-device-health.policies.yml | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/it-and-security/lib/macos-device-health.policies.yml b/it-and-security/lib/macos-device-health.policies.yml
index 6fdc883204..ea00f2baa6 100644
--- a/it-and-security/lib/macos-device-health.policies.yml
+++ b/it-and-security/lib/macos-device-health.policies.yml
@@ -53,3 +53,9 @@
   description: This policy checks if maximum amount of time (in minutes) the device is allowed to sit idle before the screen is locked. End users can select any value less than the specified maximum.
   resolution: An an IT admin, deploy a macOS, screen saver profile with the maxInactivity option set to 20 minutes.
   platform: darwin
+- name: macOS - No 1Password emergency kit stored on desktop or in downloads
+  query: SELECT 1 WHERE NOT EXISTS (SELECT 1 FROM file WHERE filename LIKE '%Emergency Kit%.pdf' AND (path LIKE '/Users/%%/Desktop/%%' OR path LIKE '/Users/%%/Documents/%%' OR path LIKE '/Users/%%/Downloads/%%' OR path LIKE '/Users/Shared'));
+  critical: false
+  description: "Looks for PDF files with file names typically used by 1Password for emergency recovery kits."
+  resolution: "Delete 1Password emergency kits from your computer, and empty the trash. 1Password emergency kits should only be printed and stored in a physically secure location."
+  platform: darwin

From 3c33e830855380fbca08a884c38313e31a19ca0e Mon Sep 17 00:00:00 2001
From: Noah Talerman <47070608+noahtalerman@users.noreply.github.com>
Date: Thu, 21 Mar 2024 18:48:56 -0400
Subject: [PATCH 38/54] Update standard-query-library.yml (#17782)

- Policy's fail when they return no results
---
 .../standard-query-library/standard-query-library.yml           | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/docs/01-Using-Fleet/standard-query-library/standard-query-library.yml b/docs/01-Using-Fleet/standard-query-library/standard-query-library.yml
index f5fb4ee816..4e451247b6 100644
--- a/docs/01-Using-Fleet/standard-query-library/standard-query-library.yml
+++ b/docs/01-Using-Fleet/standard-query-library/standard-query-library.yml
@@ -880,7 +880,7 @@ apiVersion: v1
 kind: policy
 spec:
   name: No 1Password emergency kit stored on desktop or in downloads (macOS)
-  query: SELECT 1 FROM file WHERE filename LIKE '%Emergency Kit%.pdf' AND (path LIKE '/Users/%%/Desktop/%%' OR path LIKE '/Users/%%/Documents/%%' OR path LIKE '/Users/%%/Downloads/%%' OR path LIKE '/Users/Shared');
+  query: SELECT 1 WHERE NOT EXISTS (SELECT 1 FROM file WHERE filename LIKE '%Emergency Kit%.pdf' AND (path LIKE '/Users/%%/Desktop/%%' OR path LIKE '/Users/%%/Documents/%%' OR path LIKE '/Users/%%/Downloads/%%' OR path LIKE '/Users/Shared'));
   description: "Looks for PDF files with file names typically used by 1Password for emergency recovery kits."
   resolution: "Delete 1Password emergency kits from your computer, and empty the trash. 1Password emergency kits should only be printed and stored in a physically secure location."
   platform: darwin

From a71e4c7d926a40d2c334a07667cbaadcd7e5f6ad Mon Sep 17 00:00:00 2001
From: Marko Lisica <83164494+marko-lisica@users.noreply.github.com>
Date: Fri, 22 Mar 2024 11:42:11 +0100
Subject: [PATCH 39/54] Typo: "removing" /past from host's activities API
 (#16871)

Typo: "removing" /past from host's activities API

# Checklist for submitter

If some of the following don't apply, delete the relevant line.

<!-- Note that API documentation changes are now addressed by the
product design team. -->

- [ ] Changes file added for user-visible changes in `changes/` or
`orbit/changes/`.
See [Changes
files](https://fleetdm.com/docs/contributing/committing-changes#changes-files)
for more information.
- [ ] Documented any permissions changes (docs/Using
Fleet/manage-access.md)
- [ ] Input data is properly validated, `SELECT *` is avoided, SQL
injection is prevented (using placeholders for values in statements)
- [ ] Added support on fleet's osquery simulator `cmd/osquery-perf` for
new osquery data ingestion features.
- [ ] Added/updated tests
- [ ] If database migrations are included, checked table schema to
confirm autoupdate
- For database migrations:
- [ ] Checked schema for all modified table for columns that will
auto-update timestamps during migration.
- [ ] Confirmed that updating the timestamps is acceptable, and will not
cause unwanted side effects.
- [ ] Manual QA for all new/changed functionality
  - For Orbit and Fleet Desktop changes:
- [ ] Manual QA must be performed in the three main OSs, macOS, Windows
and Linux.
- [ ] Auto-update manual QA, from released version of component to new
version (see [tools/tuf/test](../tools/tuf/test/README.md)).

---------

Co-authored-by: Rachael Shaw <r@rachael.wtf>
---
 docs/REST API/rest-api.md | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/docs/REST API/rest-api.md b/docs/REST API/rest-api.md
index 12d9f89060..671831ccb5 100644
--- a/docs/REST API/rest-api.md	
+++ b/docs/REST API/rest-api.md	
@@ -3875,19 +3875,19 @@ To wipe a macOS or Windows host, the host must have MDM turned on. To lock a Lin
 
 ### Get host's past activity
 
-`GET /api/v1/fleet/hosts/:id/activites/past`
+`GET /api/v1/fleet/hosts/:id/activities`
 
 #### Parameters
 
 | Name | Type    | In   | Description                  |
 | ---- | ------- | ---- | ---------------------------- |
-| id   | integer | path | **Required**. The host's id. |
+| id   | integer | path | **Required**. The host's ID. |
 | page | integer | query | Page number of the results to fetch.|
 | per_page | integer | query | Results per page.|
 
 #### Example
 
-`GET /api/v1/fleet/hosts/12/activities/past`
+`GET /api/v1/fleet/hosts/12/activities`
 
 ##### Default response
 

From 4246d25914db3babf88376d59dc21c4f7abe71a2 Mon Sep 17 00:00:00 2001
From: Sam Pfluger <108141731+Sampfluger88@users.noreply.github.com>
Date: Fri, 22 Mar 2024 10:32:18 -0500
Subject: [PATCH 40/54] Update custom.js (#17795)

---
 website/config/custom.js | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/website/config/custom.js b/website/config/custom.js
index c31b77b5d3..099b220802 100644
--- a/website/config/custom.js
+++ b/website/config/custom.js
@@ -143,7 +143,7 @@ module.exports.custom = {
     'ee/vulnerability-dashboard/config': 'mikermcneil',
     'ee/vulnerability-dashboard/config/routes.js': 'eashaw',//« Vulnerability dashboard redirects and URLs
     'ee/vulnerability-dashboard/scripts': 'mikermcneil',
-    'ee/vulnerability-dashboard/package.json': 'eashaw',
+    'ee/vulnerability-dashboard/package.json': 'mikermcneil',
 
     // 🫧 Pricing and features
     // 'website/views/pages/pricing.ejs': '',                // « Covered in CODEOWNERS (2023-07-22)

From 2fe01741df1d3a78baf125da14760d877ce42503 Mon Sep 17 00:00:00 2001
From: Nathanael Holliday <100959072+hollidayn@users.noreply.github.com>
Date: Fri, 22 Mar 2024 11:49:35 -0500
Subject: [PATCH 41/54] Update security-policies.md (#17648)

Replaced zwass with JoStableford and updated effective dates for the new
DRIs
---
 .../business-operations/security-policies.md   | 18 +++++++++---------
 1 file changed, 9 insertions(+), 9 deletions(-)

diff --git a/handbook/business-operations/security-policies.md b/handbook/business-operations/security-policies.md
index c4f3842cfc..cde44d2837 100644
--- a/handbook/business-operations/security-policies.md
+++ b/handbook/business-operations/security-policies.md
@@ -25,7 +25,7 @@ All Fleet employees and long-term collaborators are expected to read and electro
 
 | Policy owner   | Effective date |
 | -------------- | -------------- |
-| @zwass | 2023-06-01     |
+| @Jostableford | 2024-03-14   |
 
 Fleet requires all team members to comply with the following acceptable use requirements and procedures:
 
@@ -60,7 +60,7 @@ When in doubt, **ASK!** (in [#g-security](https://fleetdm.slack.com/archives/C03
 
 | Policy owner   | Effective date |
 | -------------- | -------------- |
-| @zwass | 2022-06-01     |
+| @Jostableford | 2024-03-14      |
 
 Fleet requires all workforce members to comply with the following acceptable use requirements and procedures, such that:
 
@@ -117,7 +117,7 @@ Fleet policy requires that:
 
 | Policy owner   | Effective date |
 | -------------- | -------------- |
-| @zwass | 2022-06-01     |
+| @Jostableford | 2024-03-14       |
 
 You can't protect what you can't see. Therefore, Fleet must maintain an accurate and up-to-date inventory of its physical and digital assets.
 
@@ -134,7 +134,7 @@ Fleet policy requires that:
 
 | Policy owner   | Effective date |
 | -------------- | -------------- |
-| @zwass | 2022-06-01     |
+| @Jostableford | 2024-03-14       |
 
 The Fleet business continuity and disaster recovery plan establishes procedures to recover Fleet following a disruption resulting from a disaster. 
 
@@ -341,7 +341,7 @@ This process is followed when offboarding a customer and deleting all of the pro
 
 | Policy owner   | Effective date |
 | -------------- | -------------- |
-| @zwass | 2022-06-01     |
+| @Jostableford | 2024-03-14     |
 
 Fleet requires all workforce members to comply with the encryption policy, such that:
 
@@ -708,7 +708,7 @@ incident response plan annually.
 
 | Policy owner   | Effective date |
 | -------------- | -------------- |
-| @zwass | 2022-06-01     |
+| @Jostableford | 2024-03-14     |
 
 Fleet Device Management is committed to conducting business in compliance with all applicable laws, regulations, and company policies. Fleet has adopted this policy to outline the security measures required to protect electronic information systems and related equipment from unauthorized use.
 
@@ -728,7 +728,7 @@ CTO                                             | Oversight over information sec
 
 | Policy owner   | Effective date |
 | -------------- | -------------- |
-| @zwass | 2022-06-01     |
+| @Jostableford | 2024-03-14     |
 
 Fleet policy requires
 
@@ -749,7 +749,7 @@ Fleet policy requires
 
 | Policy owner   | Effective date |
 | -------------- | -------------- |
-| @zwass | 2022-06-01     |
+| @Jostableford | 2024-03-14    |
 
 Fleet policy requires:
 
@@ -811,7 +811,7 @@ Fleet policy requires that:
 
 | Policy owner   | Effective date |
 | -------------- | -------------- |
-| @zwass | 2022-06-01     |
+| @Jostableford | 2024-03-14      |
 
 Fleet policy requires that:
 

From 6b28474362ebe5f812ad0338a659baf70bf5a63d Mon Sep 17 00:00:00 2001
From: Noah Talerman <47070608+noahtalerman@users.noreply.github.com>
Date: Fri, 22 Mar 2024 12:51:03 -0400
Subject: [PATCH 42/54] Update product design handbook (#17790)

- Only notify channel if there are changes. Why? Less noise
---
 handbook/product-design/README.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/handbook/product-design/README.md b/handbook/product-design/README.md
index 21e61fe871..835982d970 100644
--- a/handbook/product-design/README.md
+++ b/handbook/product-design/README.md
@@ -170,7 +170,7 @@ Every week, a member of the product team looks up whether there is:
 4. a release of CIS Benchmarks for [macOS 14 Sonoma](https://workbench.cisecurity.org/community/20/benchmarks?q=sonoma&status=&sortBy=version&type=desc)
 5. a new major or minor version of [ChromeOS](https://chromereleases.googleblog.com/search/label/Chrome%20OS)
 
-The DRI should record the latest versions in the [maintenance tracker](https://docs.google.com/spreadsheets/d/1IWfQtSkOQgm_JIQZ0i2y3A8aaK5vQW1ayWRk6-4FOp0/edit#gid=0) and then notify the [#help-product-design Slack channel](https://fleetdm.slack.com/archives/C02A8BRABB5) with an update, noting the current versions and highlighting any changes.
+The DRI should record the latest versions in the [maintenance tracker](https://docs.google.com/spreadsheets/d/1IWfQtSkOQgm_JIQZ0i2y3A8aaK5vQW1ayWRk6-4FOp0/edit#gid=0). If there are any changes, the DRI sends an update in the [#help-product-design Slack channel](https://fleetdm.slack.com/archives/C02A8BRABB5).
 
 ### View Fleet usage statistics
 In order to understand the usage of the Fleet product, we [collect statistics](https://fleetdm.com/docs/using-fleet/usage-statistics) from installations where this functionality is enabled.

From 0d8b51a5b3adfc7adaf63dd5cacdffc4cb4e25c0 Mon Sep 17 00:00:00 2001
From: Eric <eashaw@sailsjs.com>
Date: Fri, 22 Mar 2024 11:54:23 -0500
Subject: [PATCH 43/54] Website: Remove /upgrade page. (#17754)
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Closes: #17477

Changes:
 - Removed the /upgrade page
 - Added a redirect: `/upgrade` » `/pricing`
---
 .../deliver-premium-upgrade-form.js           |  72 ------
 website/api/controllers/view-upgrade.js       |  27 --
 .../images/premium-landing-feature-1.svg      |  72 ------
 .../images/premium-landing-feature-2.svg      | 148 -----------
 .../images/premium-landing-feature-3.svg      | 231 ------------------
 .../images/premium-landing-feature-4.svg      | 123 ----------
 .../images/premium-landing-feature-5.svg      |  74 ------
 website/assets/js/pages/upgrade.page.js       |  64 -----
 website/assets/styles/importer.less           |   1 -
 website/assets/styles/pages/upgrade.less      | 199 ---------------
 website/config/policies.js                    |   2 -
 website/config/routes.js                      |  11 +-
 website/views/layouts/layout.ejs              |   1 -
 website/views/pages/upgrade.ejs               | 109 ---------
 14 files changed, 1 insertion(+), 1133 deletions(-)
 delete mode 100644 website/api/controllers/deliver-premium-upgrade-form.js
 delete mode 100644 website/api/controllers/view-upgrade.js
 delete mode 100644 website/assets/images/premium-landing-feature-1.svg
 delete mode 100644 website/assets/images/premium-landing-feature-2.svg
 delete mode 100644 website/assets/images/premium-landing-feature-3.svg
 delete mode 100644 website/assets/images/premium-landing-feature-4.svg
 delete mode 100644 website/assets/images/premium-landing-feature-5.svg
 delete mode 100644 website/assets/js/pages/upgrade.page.js
 delete mode 100644 website/assets/styles/pages/upgrade.less
 delete mode 100644 website/views/pages/upgrade.ejs

diff --git a/website/api/controllers/deliver-premium-upgrade-form.js b/website/api/controllers/deliver-premium-upgrade-form.js
deleted file mode 100644
index 783191f13e..0000000000
--- a/website/api/controllers/deliver-premium-upgrade-form.js
+++ /dev/null
@@ -1,72 +0,0 @@
-module.exports = {
-
-
-  friendlyName: 'Deliver premium upgrade form',
-
-
-  description: 'Delivers a Fleet Premium upgrade form submission to a Zapier webhook',
-
-
-  inputs: {
-    organization: {
-      type: 'string',
-      required: true,
-    },
-
-    monthsUsingFleetFree: {
-      type: 'string',
-      required: true,
-      example: '1 - 3 months'
-    },
-
-    emailAddress: {
-      type: 'string',
-      isEmail: true,
-      required: true,
-    },
-
-    numberOfHosts: {
-      type: 'number',
-      required: true,
-      isInteger: true,
-    }
-  },
-
-
-  exits: {
-    success: {
-      description: 'The Fleet Premium upgrade form submission was sent to Zapier successfully.'
-    }
-  },
-
-
-  fn: async function ({organization, monthsUsingFleetFree, emailAddress, numberOfHosts}) {
-
-    if(!sails.config.custom.zapierSandboxWebhookSecret) {
-      throw new Error('Message not delivered: zapierSandboxWebhookSecret needs to be configured in sails.config.custom.');
-    }
-
-    // Send a POST request to Zapier
-    await sails.helpers.http.post(
-      'https://hooks.zapier.com/hooks/catch/3627242/bvxxkjf/',
-      {
-        'emailAddress': emailAddress,
-        'organization': organization,
-        'numberOfHosts': numberOfHosts,
-        'monthsUsingFleetFree': monthsUsingFleetFree,
-        'webhookSecret': sails.config.custom.zapierSandboxWebhookSecret
-      }
-    )
-    .timeout(5000)
-    .tolerate(['non200Response', 'requestFailed', {name: 'TimeoutError'}], (err)=>{
-      // Note that Zapier responds with a 2xx status code even if something goes wrong, so just because this message is not logged doesn't mean everything is hunky dory.  More info: https://github.com/fleetdm/fleet/pull/6380#issuecomment-1204395762
-      sails.log.warn(`When a user submitted the Fleet Premium upgrade form, an error occurred while sending a request to Zapier. Raw error: ${require('util').inspect(err)}`);
-      return;
-    });//∞
-
-    // All done.
-    return;
-  }
-
-
-};
diff --git a/website/api/controllers/view-upgrade.js b/website/api/controllers/view-upgrade.js
deleted file mode 100644
index e946b02700..0000000000
--- a/website/api/controllers/view-upgrade.js
+++ /dev/null
@@ -1,27 +0,0 @@
-module.exports = {
-
-
-  friendlyName: 'View upgrade',
-
-
-  description: 'Display "Upgrade" page.',
-
-
-  exits: {
-
-    success: {
-      viewTemplatePath: 'pages/upgrade'
-    }
-
-  },
-
-
-  fn: async function () {
-
-    // Respond with view.
-    return {};
-
-  }
-
-
-};
diff --git a/website/assets/images/premium-landing-feature-1.svg b/website/assets/images/premium-landing-feature-1.svg
deleted file mode 100644
index 39945d4cfd..0000000000
--- a/website/assets/images/premium-landing-feature-1.svg
+++ /dev/null
@@ -1,72 +0,0 @@
-<svg width="160" height="121" viewBox="0 0 160 121" fill="none" xmlns="http://www.w3.org/2000/svg">
-<path d="M118.919 64.7295C140.728 77.6026 140.845 98.4721 119.176 111.345C97.5048 124.218 62.2579 124.218 40.4482 111.345C18.6385 98.4721 18.5222 77.6026 40.1934 64.7295C61.8621 51.8564 97.109 51.8564 118.919 64.7295Z" fill="#C5C7D1"/>
-<path d="M116.811 54.8649C138.135 67.1764 138.249 87.1404 117.063 99.4543C95.8743 111.768 61.4092 111.766 40.0844 99.4543C18.7596 87.1429 18.6458 67.1788 39.8345 54.8649C61.0208 42.5535 95.4858 42.5535 116.811 54.8649Z" fill="#624937" stroke="#192147" stroke-width="0.2" stroke-miterlimit="10"/>
-<path d="M132.873 77.7929C132.843 78.837 132.725 79.8787 132.517 80.9153C132.311 81.9421 132.017 82.9664 131.638 83.9808C131.248 85.0224 130.765 86.0566 130.189 87.076C129.565 88.177 128.835 89.2631 127.999 90.327C127.022 91.5691 125.896 92.7814 124.624 93.9566C122.672 95.7578 120.376 97.47 117.731 99.0608C117.513 99.192 117.291 99.3231 117.068 99.4542C113.439 101.565 109.418 103.311 105.14 104.699C101.837 105.771 98.3832 106.624 94.8353 107.265C92.5541 107.676 90.2334 108 87.8928 108.233C85.8937 108.43 83.8772 108.567 81.8558 108.636C80.0002 108.7 78.1396 108.708 76.2816 108.661C74.4903 108.616 72.699 108.52 70.92 108.374C69.1436 108.228 67.377 108.03 65.6278 107.782C63.8093 107.525 62.0056 107.211 60.2317 106.845C58.3043 106.446 56.4091 105.981 54.5535 105.452C52.2822 104.806 50.0728 104.061 47.9425 103.22C45.1789 102.129 42.5464 100.874 40.0895 99.4542C29.3591 93.2589 23.9976 85.1264 24.0223 77.0062L24.0001 85.0744C23.9778 93.1946 29.3368 101.327 40.0673 107.522C42.5241 108.94 45.1541 110.195 47.9203 111.288C50.0505 112.129 52.2599 112.874 54.5312 113.52C56.3868 114.049 58.282 114.512 60.2094 114.913C61.9859 115.281 63.787 115.593 65.6056 115.851C67.3548 116.098 69.1213 116.296 70.8978 116.442C72.6767 116.588 74.468 116.684 76.2593 116.729C78.1174 116.776 79.9779 116.766 81.8336 116.704C83.855 116.635 85.8714 116.501 87.8705 116.301C90.2111 116.068 92.5318 115.744 94.813 115.333C98.361 114.693 101.815 113.839 105.118 112.768C109.396 111.38 113.416 109.633 117.046 107.522C117.269 107.391 117.491 107.263 117.709 107.129C120.351 105.538 122.65 103.829 124.602 102.025C125.874 100.85 126.999 99.6373 127.977 98.3953C128.815 97.3314 129.545 96.2452 130.166 95.1442C130.743 94.1249 131.225 93.0932 131.616 92.0491C131.997 91.0347 132.289 90.0128 132.494 88.9836C132.702 87.9469 132.821 86.9028 132.851 85.8612C132.856 85.7028 132.858 85.542 132.858 85.3837L132.88 77.3154C132.88 77.4738 132.878 77.6346 132.873 77.7929Z" fill="#F1EEEA"/>
-<path d="M132.514 80.9178C132.309 81.9446 132.015 82.9689 131.636 83.9833C131.245 85.0249 130.763 86.0591 130.186 87.0785C129.563 88.1795 128.833 89.2656 127.996 90.3295C127.019 91.5716 125.893 92.7839 124.622 93.9591C122.67 95.7603 120.374 97.4724 117.729 99.0633C117.511 99.1945 117.288 99.3256 117.066 99.4567C113.436 101.567 109.416 103.314 105.138 104.702C103.71 105.165 102.255 105.585 100.776 105.966V114.027C102.248 113.646 103.695 113.228 105.115 112.768C109.393 111.38 113.414 109.633 117.043 107.522C117.266 107.391 117.489 107.263 117.706 107.129C120.349 105.538 122.647 103.829 124.599 102.025C125.871 100.85 126.997 99.6373 127.974 98.3953C128.813 97.3314 129.543 96.2453 130.164 95.1443C130.74 94.1249 131.223 93.0932 131.614 92.0491C131.995 91.0347 132.287 90.0128 132.492 88.9836C132.7 87.9469 132.819 86.9028 132.848 85.8612C132.853 85.7029 132.856 85.542 132.856 85.3837L132.878 77.3154C132.878 77.4738 132.876 77.6346 132.871 77.793C132.841 78.8371 132.722 79.8787 132.514 80.9153V80.9178Z" fill="#E2DED5"/>
-<path d="M132.873 77.7929C132.843 78.837 132.725 79.8787 132.517 80.9153C132.311 81.9421 132.017 82.9664 131.638 83.9808C131.248 85.0224 130.765 86.0566 130.189 87.076C129.565 88.177 128.835 89.2631 127.999 90.327C127.022 91.5691 125.896 92.7814 124.624 93.9566C122.672 95.7578 120.376 97.47 117.731 99.0608C117.513 99.192 117.291 99.3231 117.068 99.4542C113.439 101.565 109.418 103.311 105.14 104.699C101.837 105.771 98.3832 106.624 94.8353 107.265C92.5541 107.676 90.2334 108 87.8928 108.233C85.8937 108.43 83.8772 108.567 81.8558 108.636C80.0002 108.7 78.1396 108.708 76.2816 108.661C74.4903 108.616 72.699 108.52 70.92 108.374C69.1436 108.228 67.377 108.03 65.6278 107.782C63.8093 107.525 62.0056 107.211 60.2317 106.845C58.3043 106.446 56.4091 105.981 54.5535 105.452C52.2822 104.806 50.0728 104.061 47.9425 103.22C45.1789 102.129 42.5464 100.874 40.0895 99.4542C29.3591 93.2589 23.9976 85.1264 24.0223 77.0062L24.0001 85.0744C23.9778 93.1946 29.3368 101.327 40.0673 107.522C42.5241 108.94 45.1541 110.195 47.9203 111.288C50.0505 112.129 52.2599 112.874 54.5312 113.52C56.3868 114.049 58.282 114.512 60.2094 114.913C61.9859 115.281 63.787 115.593 65.6056 115.851C67.3548 116.098 69.1213 116.296 70.8978 116.442C72.6767 116.588 74.468 116.684 76.2593 116.729C78.1174 116.776 79.9779 116.766 81.8336 116.704C83.855 116.635 85.8714 116.501 87.8705 116.301C90.2111 116.068 92.5318 115.744 94.813 115.333C98.361 114.693 101.815 113.839 105.118 112.768C109.396 111.38 113.416 109.633 117.046 107.522C117.269 107.391 117.491 107.263 117.709 107.129C120.351 105.538 122.65 103.829 124.602 102.025C125.874 100.85 126.999 99.6373 127.977 98.3953C128.815 97.3314 129.545 96.2452 130.166 95.1442C130.743 94.1249 131.225 93.0932 131.616 92.0491C131.997 91.0347 132.289 90.0128 132.494 88.9836C132.702 87.9469 132.821 86.9028 132.851 85.8612C132.856 85.7028 132.858 85.542 132.858 85.3837L132.88 77.3154C132.88 77.4738 132.878 77.6346 132.873 77.7929Z" stroke="#192147" stroke-width="0.2" stroke-miterlimit="10"/>
-<path d="M132.873 69.6283C132.843 70.6724 132.725 71.7141 132.517 72.7507C132.311 73.7775 132.017 74.8018 131.638 75.8162C131.248 76.8578 130.765 77.892 130.189 78.9114C129.565 80.0124 128.835 81.0986 127.999 82.1624C127.022 83.4045 125.896 84.6168 124.624 85.792C122.672 87.5932 120.376 89.3054 117.731 90.8962C117.511 91.0274 117.291 91.1585 117.068 91.2896C113.439 93.4001 109.418 95.1468 105.14 96.5348C101.837 97.6062 98.3832 98.4597 94.8353 99.1006C92.5541 99.5113 90.2334 99.8354 87.8928 100.068C85.8937 100.266 83.8772 100.402 81.8558 100.471C80.0002 100.536 78.1396 100.543 76.2816 100.496C74.4903 100.451 72.699 100.355 70.92 100.209C69.1436 100.063 67.377 99.8651 65.6278 99.6177C63.8093 99.3603 62.0056 99.0461 60.2317 98.6799C58.3043 98.2816 56.4091 97.8165 54.5535 97.287C52.2822 96.6412 50.0728 95.8965 47.9425 95.0553C45.1789 93.9642 42.5464 92.7098 40.0895 91.2896C29.3591 85.0943 23.9976 76.9618 24.0223 68.8416L24.0001 76.9098C23.9778 85.03 29.3368 93.1626 40.0673 99.3579C42.5241 100.776 45.1541 102.03 47.9203 103.124C50.0505 103.965 52.2599 104.709 54.5312 105.355C56.3868 105.885 58.282 106.347 60.2094 106.748C61.9859 107.117 63.787 107.429 65.6056 107.686C67.3548 107.933 69.1213 108.131 70.8978 108.277C72.6767 108.423 74.468 108.52 76.2593 108.564C78.1174 108.611 79.9779 108.601 81.8336 108.539C83.855 108.47 85.8714 108.337 87.8705 108.136C90.2111 107.904 92.5318 107.58 94.813 107.169C98.361 106.528 101.815 105.674 105.118 104.603C109.396 103.218 113.414 101.468 117.046 99.3579C117.269 99.2267 117.491 99.0981 117.709 98.9645C120.354 97.3736 122.65 95.6615 124.602 93.8603C125.874 92.6851 126.999 91.4727 127.977 90.2307C128.815 89.1668 129.545 88.0806 130.166 86.9796C130.743 85.9603 131.225 84.9286 131.616 83.8845C131.997 82.8701 132.289 81.8482 132.494 80.819C132.702 79.7823 132.821 78.7382 132.851 77.6966C132.856 77.5382 132.858 77.3774 132.858 77.2191L132.88 69.1508C132.88 69.3092 132.878 69.47 132.873 69.6283Z" fill="#F1EEEA"/>
-<path d="M132.514 72.7508C132.309 73.7776 132.015 74.8019 131.636 75.8163C131.245 76.8579 130.763 77.8921 130.186 78.9115C129.563 80.0125 128.833 81.0986 127.996 82.1625C127.019 83.4046 125.893 84.6169 124.622 85.7921C122.67 87.5933 120.374 89.3054 117.729 90.8963C117.509 91.0275 117.288 91.1586 117.066 91.2897C113.436 93.4002 109.416 95.1469 105.138 96.5349C103.71 96.9976 102.255 97.4182 100.776 97.7992V105.86C102.248 105.479 103.695 105.061 105.115 104.601C109.393 103.215 113.411 101.466 117.043 99.3555C117.266 99.2244 117.489 99.0957 117.706 98.9621C120.351 97.3712 122.647 95.6591 124.599 93.8579C125.871 92.6827 126.997 91.4703 127.974 90.2283C128.813 89.1644 129.543 88.0783 130.164 86.9773C130.74 85.9579 131.223 84.9262 131.614 83.8821C131.995 82.8677 132.287 81.8458 132.492 80.8166C132.7 79.7799 132.819 78.7358 132.848 77.6942C132.853 77.5359 132.856 77.375 132.856 77.2167L132.878 69.1484C132.878 69.3068 132.876 69.4676 132.871 69.6259C132.841 70.67 132.722 71.7117 132.514 72.7483V72.7508Z" fill="#E2DED5"/>
-<path d="M132.873 69.6283C132.843 70.6724 132.725 71.7141 132.517 72.7507C132.311 73.7775 132.017 74.8018 131.638 75.8162C131.248 76.8578 130.765 77.892 130.189 78.9114C129.565 80.0124 128.835 81.0986 127.999 82.1624C127.022 83.4045 125.896 84.6168 124.624 85.792C122.672 87.5932 120.376 89.3054 117.731 90.8962C117.511 91.0274 117.291 91.1585 117.068 91.2896C113.439 93.4001 109.418 95.1468 105.14 96.5348C101.837 97.6062 98.3832 98.4597 94.8353 99.1006C92.5541 99.5113 90.2334 99.8354 87.8928 100.068C85.8937 100.266 83.8772 100.402 81.8558 100.471C80.0002 100.536 78.1396 100.543 76.2816 100.496C74.4903 100.451 72.699 100.355 70.92 100.209C69.1436 100.063 67.377 99.8651 65.6278 99.6177C63.8093 99.3603 62.0056 99.0461 60.2317 98.6799C58.3043 98.2816 56.4091 97.8165 54.5535 97.287C52.2822 96.6412 50.0728 95.8965 47.9425 95.0553C45.1789 93.9642 42.5464 92.7098 40.0895 91.2896C29.3591 85.0943 23.9976 76.9618 24.0223 68.8416L24.0001 76.9098C23.9778 85.03 29.3368 93.1626 40.0673 99.3579C42.5241 100.776 45.1541 102.03 47.9203 103.124C50.0505 103.965 52.2599 104.709 54.5312 105.355C56.3868 105.885 58.282 106.347 60.2094 106.748C61.9859 107.117 63.787 107.429 65.6056 107.686C67.3548 107.933 69.1213 108.131 70.8978 108.277C72.6767 108.423 74.468 108.52 76.2593 108.564C78.1174 108.611 79.9779 108.601 81.8336 108.539C83.855 108.47 85.8714 108.337 87.8705 108.136C90.2111 107.904 92.5318 107.58 94.813 107.169C98.361 106.528 101.815 105.674 105.118 104.603C109.396 103.218 113.414 101.468 117.046 99.3579C117.269 99.2267 117.491 99.0981 117.709 98.9645C120.354 97.3736 122.65 95.6615 124.602 93.8603C125.874 92.6851 126.999 91.4727 127.977 90.2307C128.815 89.1668 129.545 88.0806 130.166 86.9796C130.743 85.9603 131.225 84.9286 131.616 83.8845C131.997 82.8701 132.289 81.8482 132.494 80.819C132.702 79.7823 132.821 78.7382 132.851 77.6966C132.856 77.5382 132.858 77.3774 132.858 77.2191L132.88 69.1508C132.88 69.3092 132.878 69.47 132.873 69.6283Z" stroke="#192147" stroke-width="0.2" stroke-miterlimit="10"/>
-<path d="M116.811 46.7002C138.135 59.0116 138.249 78.9756 117.061 91.2895C95.8743 103.601 61.4092 103.601 40.082 91.2895C18.7572 78.9781 18.6434 59.0141 39.8321 46.7027C61.0208 34.3887 95.4834 34.3887 116.811 46.7027V46.7002Z" fill="white" stroke="#192147" stroke-width="0.2" stroke-miterlimit="10"/>
-<path opacity="0.5" d="M78.3091 14C49.9726 14 27 36.9726 27 65.3092C27 67.8947 27.193 70.4356 27.5616 72.9197C29.1302 79.0383 33.992 84.9318 42.1443 89.6376C62.2469 101.244 94.7326 101.244 114.707 89.6376C122.602 85.0505 127.357 79.3352 128.98 73.3848C129.396 70.7548 129.613 68.058 129.613 65.3117C129.613 36.9751 106.641 14.0025 78.3042 14.0025L78.3091 14Z" fill="#BEE8EE"/>
-<mask id="path-11-inside-1_3133_20446" fill="white">
-<path d="M78.4489 13.6233C106.785 13.6233 129.758 36.5959 129.758 64.9325C129.758 67.6788 129.54 70.3757 129.125 73.0057C127.499 78.9561 122.744 84.6714 114.851 89.2585C104.866 95.0628 91.75 97.9626 78.6196 97.9626C65.4892 97.9626 52.3416 95.0604 42.289 89.2585C34.1367 84.5501 29.2749 78.6567 27.7063 72.5406C27.3377 70.0565 27.1447 67.518 27.1447 64.93C27.1447 36.5935 50.1173 13.6209 78.4538 13.6209M78.4538 13.126C71.4619 13.126 64.6752 14.4967 58.2894 17.196C52.1214 19.8063 46.5817 23.5398 41.8239 28.2976C37.0661 33.0554 33.3326 38.595 30.7223 44.7631C28.0206 51.1489 26.6523 57.9331 26.6523 64.9276C26.6523 67.4908 26.8429 70.0738 27.2214 72.6098L27.2264 72.6346L27.2338 72.6593C28.9014 79.1639 34.0253 85.0499 42.049 89.684C51.8467 95.34 64.8361 98.4549 78.627 98.4549C92.418 98.4549 105.375 95.34 115.109 89.684C122.872 85.1711 127.888 79.4484 129.612 73.1343L129.619 73.1071L129.624 73.0799C130.05 70.3905 130.265 67.6491 130.265 64.9276C130.265 57.9356 128.895 51.1489 126.195 44.7631C123.585 38.595 119.852 33.0554 115.094 28.2976C110.336 23.5398 104.796 19.8063 98.6282 17.196C92.2423 14.4942 85.4582 13.126 78.4637 13.126H78.4538Z"/>
-</mask>
-<path d="M78.4489 13.6233C106.785 13.6233 129.758 36.5959 129.758 64.9325C129.758 67.6788 129.54 70.3757 129.125 73.0057C127.499 78.9561 122.744 84.6714 114.851 89.2585C104.866 95.0628 91.75 97.9626 78.6196 97.9626C65.4892 97.9626 52.3416 95.0604 42.289 89.2585C34.1367 84.5501 29.2749 78.6567 27.7063 72.5406C27.3377 70.0565 27.1447 67.518 27.1447 64.93C27.1447 36.5935 50.1173 13.6209 78.4538 13.6209M78.4538 13.126C71.4619 13.126 64.6752 14.4967 58.2894 17.196C52.1214 19.8063 46.5817 23.5398 41.8239 28.2976C37.0661 33.0554 33.3326 38.595 30.7223 44.7631C28.0206 51.1489 26.6523 57.9331 26.6523 64.9276C26.6523 67.4908 26.8429 70.0738 27.2214 72.6098L27.2264 72.6346L27.2338 72.6593C28.9014 79.1639 34.0253 85.0499 42.049 89.684C51.8467 95.34 64.8361 98.4549 78.627 98.4549C92.418 98.4549 105.375 95.34 115.109 89.684C122.872 85.1711 127.888 79.4484 129.612 73.1343L129.619 73.1071L129.624 73.0799C130.05 70.3905 130.265 67.6491 130.265 64.9276C130.265 57.9356 128.895 51.1489 126.195 44.7631C123.585 38.595 119.852 33.0554 115.094 28.2976C110.336 23.5398 104.796 19.8063 98.6282 17.196C92.2423 14.4942 85.4582 13.126 78.4637 13.126H78.4538Z" fill="white"/>
-<path d="M129.125 73.0057L129.511 73.1111L129.516 73.0899L129.52 73.0681L129.125 73.0057ZM114.851 89.2585L114.65 88.9126L114.65 88.9126L114.851 89.2585ZM42.289 89.2585L42.089 89.6048L42.0891 89.6049L42.289 89.2585ZM27.7063 72.5406L27.3107 72.5993L27.3137 72.6198L27.3189 72.6399L27.7063 72.5406ZM58.2894 17.196L58.1337 16.8276L58.1335 16.8276L58.2894 17.196ZM30.7223 44.7631L30.354 44.6072L30.3539 44.6073L30.7223 44.7631ZM27.2214 72.6098L26.8258 72.6689L26.8272 72.6787L26.8292 72.6883L27.2214 72.6098ZM27.2264 72.6346L26.8341 72.7131L26.8378 72.7315L26.8432 72.7495L27.2264 72.6346ZM27.2338 72.6593L27.6212 72.56L27.6192 72.5521L27.6169 72.5444L27.2338 72.6593ZM42.049 89.684L41.849 90.0304L41.8491 90.0304L42.049 89.684ZM115.109 89.684L115.31 90.0299L115.31 90.0298L115.109 89.684ZM129.612 73.1343L129.998 73.2397L129.998 73.2395L129.612 73.1343ZM129.619 73.1071L130.005 73.2123L130.01 73.1957L130.013 73.1787L129.619 73.1071ZM129.624 73.0799L130.018 73.1515L130.02 73.1424L129.624 73.0799ZM126.195 44.7631L126.564 44.6074L126.564 44.6072L126.195 44.7631ZM98.6282 17.196L98.784 16.8276L98.784 16.8276L98.6282 17.196ZM78.4489 14.0233C106.565 14.0233 129.358 36.8168 129.358 64.9325H130.158C130.158 36.375 107.006 13.2233 78.4489 13.2233V14.0233ZM129.358 64.9325C129.358 67.6576 129.142 70.3336 128.73 72.9433L129.52 73.0681C129.939 70.4177 130.158 67.7 130.158 64.9325H129.358ZM128.739 72.9003C127.149 78.7192 122.483 84.3602 114.65 88.9126L115.052 89.6043C123.004 84.9825 127.849 79.1929 129.511 73.1111L128.739 72.9003ZM114.65 88.9126C104.74 94.6731 91.6983 97.5626 78.6196 97.5626V98.3626C91.8017 98.3626 104.991 95.4526 115.052 89.6043L114.65 88.9126ZM78.6196 97.5626C65.5411 97.5626 52.4666 94.6707 42.489 88.912L42.0891 89.6049C52.2165 95.45 65.4373 98.3626 78.6196 98.3626V97.5626ZM42.4891 88.9121C34.397 84.2386 29.6275 78.4214 28.0938 72.4412L27.3189 72.6399C28.9224 78.892 33.8763 84.8617 42.089 89.6048L42.4891 88.9121ZM28.102 72.4818C27.7362 70.0169 27.5447 67.4981 27.5447 64.93H26.7447C26.7447 67.538 26.9392 70.0961 27.3107 72.5993L28.102 72.4818ZM27.5447 64.93C27.5447 36.8144 50.3382 14.0209 78.4538 14.0209V13.2209C49.8964 13.2209 26.7447 36.3725 26.7447 64.93H27.5447ZM78.4538 12.726C71.4088 12.726 64.5692 14.1073 58.1337 16.8276L58.4452 17.5645C64.7813 14.8861 71.515 13.526 78.4538 13.526V12.726ZM58.1335 16.8276C51.9179 19.458 46.3352 23.2206 41.5411 28.0147L42.1067 28.5804C46.8283 23.8589 52.3248 20.1545 58.4453 17.5644L58.1335 16.8276ZM41.5411 28.0147C36.7469 32.8088 32.9843 38.3916 30.354 44.6072L31.0907 44.919C33.6808 38.7985 37.3852 33.3019 42.1067 28.5804L41.5411 28.0147ZM30.3539 44.6073C27.6311 51.0429 26.2523 57.8801 26.2523 64.9276H27.0523C27.0523 57.9861 28.41 51.255 31.0907 44.919L30.3539 44.6073ZM26.2523 64.9276C26.2523 67.5104 26.4443 70.1132 26.8258 72.6689L27.617 72.5508C27.2414 70.0344 27.0523 67.4711 27.0523 64.9276H26.2523ZM26.8292 72.6883L26.8341 72.7131L27.6186 72.5561L27.6136 72.5313L26.8292 72.6883ZM26.8432 72.7495L26.8506 72.7742L27.6169 72.5444L27.6095 72.5196L26.8432 72.7495ZM26.8463 72.7586C28.5495 79.402 33.7684 85.3635 41.849 90.0304L42.2491 89.3376C34.2822 84.7364 29.2532 78.9257 27.6212 72.56L26.8463 72.7586ZM41.8491 90.0304C51.7196 95.7284 64.7812 98.8549 78.627 98.8549V98.0549C64.891 98.0549 51.9739 94.9515 42.249 89.3376L41.8491 90.0304ZM78.627 98.8549C92.4728 98.8549 105.503 95.7285 115.31 90.0299L114.908 89.3382C105.248 94.9515 92.3632 98.0549 78.627 98.0549V98.8549ZM115.31 90.0298C123.13 85.4842 128.237 79.688 129.998 73.2397L129.226 73.029C127.538 79.2089 122.615 84.8581 114.908 89.3382L115.31 90.0298ZM129.998 73.2395L130.005 73.2123L129.234 73.002L129.226 73.0292L129.998 73.2395ZM130.013 73.1787L130.018 73.1515L129.231 73.0083L129.226 73.0355L130.013 73.1787ZM130.02 73.1424C130.448 70.4323 130.665 67.67 130.665 64.9276H129.865C129.865 67.6282 129.652 70.3487 129.229 73.0174L130.02 73.1424ZM130.665 64.9276C130.665 57.8825 129.284 51.0429 126.564 44.6074L125.827 44.9189C128.505 51.255 129.865 57.9887 129.865 64.9276H130.665ZM126.564 44.6072C123.933 38.3916 120.171 32.8088 115.377 28.0147L114.811 28.5804C119.532 33.3019 123.237 38.7985 125.827 44.919L126.564 44.6072ZM115.377 28.0147C110.582 23.2206 105 19.458 98.784 16.8276L98.4723 17.5644C104.593 20.1545 110.089 23.8589 114.811 28.5804L115.377 28.0147ZM98.784 16.8276C92.3484 14.1048 85.5112 12.726 78.4637 12.726V13.526C85.4052 13.526 92.1363 14.8837 98.4723 17.5644L98.784 16.8276ZM78.4637 12.726H78.4538V13.526H78.4637V12.726Z" fill="white" mask="url(#path-11-inside-1_3133_20446)"/>
-<path opacity="0.5" d="M78.6148 98.4598C64.8238 98.4598 51.8345 95.3448 42.0368 89.6889C34.0131 85.0573 28.8891 79.1688 27.2215 72.6642L27.2141 72.6394L27.2092 72.6147C26.8331 70.0812 26.6426 67.4957 26.6426 64.9324C26.6426 36.3682 49.8824 13.1284 78.4466 13.1284C107.011 13.1284 130.251 36.3682 130.251 64.9324C130.251 67.654 130.035 70.3954 129.61 73.0848L129.605 73.112L129.597 73.1392C127.873 79.4558 122.858 85.1785 115.094 89.6889C105.36 95.3448 92.4033 98.4598 78.6123 98.4598H78.6148Z" stroke="#192147" stroke-width="0.2" stroke-miterlimit="10"/>
-<path d="M114.609 47.2296C134.711 58.8359 134.818 77.6544 114.846 89.2607C94.8725 100.867 62.3867 100.867 42.2842 89.2607C22.1816 77.6544 22.0752 58.8384 42.0491 47.2296C62.0205 35.6233 94.5063 35.6233 114.609 47.2296Z" fill="#93CE9E" stroke="#192147" stroke-width="0.2" stroke-miterlimit="10"/>
-<path d="M104.895 73.416C104.895 73.416 100.484 51.5914 95.9884 49.8199C91.4928 48.0484 81.1038 41.2667 72.3824 39.3591C63.661 37.4516 60.259 44.2901 60.259 44.2901C60.259 44.2901 51.5054 56.5892 48.5166 60.7879C45.8841 64.4867 45.0949 71.4688 44.9464 73.0795C44.9341 73.1859 44.9242 73.2923 44.9192 73.3987C44.9192 73.411 44.9192 73.4185 44.9192 73.4185C44.8499 74.9104 45.5526 76.4345 47.0297 77.288L69.8167 90.4432C73.0331 92.2988 76.9967 92.2938 80.2057 90.4283L102.79 77.3054C104.269 76.4468 104.967 74.9153 104.89 73.4185H104.898L104.895 73.416Z" fill="#51A27F"/>
-<path d="M93.3853 76.5807C93.3853 76.5807 89.7581 73.2084 93.2789 70.8406C96.7996 68.4728 100.288 69.507 102.126 69.507C103.965 69.507 114.267 72.4884 114.609 75.7592C114.953 79.0697 111.283 83.9586 103.759 83.9512C95.4784 83.9438 92.6702 79.8119 93.3853 76.5782V76.5807Z" fill="#51A27F"/>
-<path d="M56.4364 41.8258C54.3186 40.1632 54.0934 37.2165 55.3453 34.866C56.6195 32.716 58.3292 30.4645 61.1423 28.5346C64.7521 25.8873 70.262 23.0445 77.1476 26.0679C78.8474 26.773 76.3757 33.5126 77.3975 36.6796C78.4194 39.8465 73.7704 44.7033 65.4919 44.4979C61.4441 44.3989 58.3465 43.3252 56.4364 41.8258Z" fill="#FF5C83"/>
-<path d="M76.0692 36.3135C76.0692 36.3135 73.7435 39.9208 66.8628 40.1781C59.9822 40.4355 56.0136 37.605 55.066 35.5341C55.066 35.5341 53.2079 39.1761 57.0528 42.3406C60.1059 44.8518 67.1498 46.0147 71.6404 43.496C76.1311 40.9798 76.0717 36.311 76.0717 36.311L76.0692 36.3135Z" fill="#E33D65"/>
-<path d="M104.23 70.2146C104.23 70.2146 103.74 43.3798 99.2419 41.6083C94.7464 39.8368 80.4383 38.0653 71.7169 36.1577C62.9955 34.2501 59.5935 41.0887 59.5935 41.0887C59.5935 41.0887 50.8399 53.3878 47.8511 57.5864C45.2186 61.2853 44.4294 68.2674 44.2809 69.8781C44.2685 69.9845 44.2586 70.0909 44.2537 70.1973C44.2537 70.2096 44.2537 70.217 44.2537 70.217C44.1844 71.709 44.8871 73.233 46.3641 74.0866L69.1512 87.2418C72.3676 89.0974 76.3312 89.0924 79.5402 87.2269L102.124 74.104C103.604 73.2454 104.302 71.7139 104.225 70.217H104.232L104.23 70.2146Z" fill="#E33D65" stroke="#192147" stroke-width="0.2" stroke-miterlimit="10"/>
-<path d="M69.4504 76.6375L49.8625 66.7755C46.7797 65.2242 45.8049 61.2878 47.8065 58.4771L60.9294 40.0397C62.5426 37.7734 65.5685 37.0237 68.0525 38.2756L87.6405 48.1376C90.7233 49.6889 91.6981 53.6253 89.6965 56.436L76.5736 74.8734C74.9604 77.1398 71.9345 77.8894 69.4504 76.6375Z" fill="#FF5C83" stroke="#192147" stroke-width="0.2" stroke-miterlimit="10"/>
-<path d="M68.3719 69.3114C66.5237 69.3114 64.673 68.871 63.0178 68.0372C59.9103 66.4711 57.6464 63.6357 56.8101 60.2585C55.9739 56.8812 56.6518 53.316 58.6682 50.4806L58.9305 50.1144C61.1622 46.9796 64.7943 45.1067 68.6465 45.1067C70.4947 45.1067 72.3454 45.5471 74.0006 46.3809C77.1082 47.947 79.372 50.7824 80.2083 54.1597C81.0446 57.5369 80.3666 61.1022 78.3502 63.9376L78.0904 64.3037C75.8587 67.4385 72.2266 69.3114 68.3744 69.3114H68.3719Z" fill="#E33D65" stroke="#192147" stroke-width="0.2" stroke-miterlimit="10"/>
-<path d="M63.6163 66.8447C57.8243 63.9277 55.9934 56.5373 59.7541 51.2525L60.0164 50.8863C63.0472 46.6283 68.7328 45.2205 73.3991 47.571C79.1911 50.488 81.022 57.8783 77.2613 63.1631L76.999 63.5293C73.9682 67.7873 68.2825 69.1951 63.6163 66.8447Z" fill="#847C89" stroke="#192147" stroke-width="0.2" stroke-miterlimit="10"/>
-<path d="M63.4409 65.9366C57.7825 63.0864 55.9937 55.8643 59.6679 50.7032L59.9227 50.3444C62.8843 46.1854 68.4388 44.8073 72.9986 47.1058C78.657 49.956 80.4459 57.1781 76.7717 62.3392L76.5169 62.6979C73.5553 66.857 68.0008 68.2351 63.4409 65.9366Z" fill="white" stroke="#192147" stroke-width="0.2" stroke-miterlimit="10"/>
-<path d="M73.0834 56.0983C73.7269 55.9341 74.1153 55.2793 73.9511 54.6358C73.7868 53.9924 73.132 53.6039 72.4886 53.7681C71.8451 53.9324 71.4566 54.5872 71.6209 55.2306C71.7851 55.8741 72.4399 56.2626 73.0834 56.0983Z" fill="#D66C7B"/>
-<path d="M70.0143 54.5473C70.6577 54.383 71.0462 53.7282 70.882 53.0848C70.7177 52.4413 70.0629 52.0529 69.4195 52.2171C68.776 52.3814 68.3875 53.0361 68.5518 53.6796C68.7161 54.3231 69.3708 54.7115 70.0143 54.5473Z" fill="#5CABDF"/>
-<path d="M66.9454 52.9995C67.5889 52.8352 67.9774 52.1804 67.8131 51.537C67.6489 50.8935 66.9941 50.5051 66.3506 50.6693C65.7072 50.8336 65.3187 51.4883 65.483 52.1318C65.6472 52.7752 66.302 53.1637 66.9454 52.9995Z" fill="#63C740"/>
-<path d="M65.3969 56.0683C66.0403 55.904 66.4288 55.2493 66.2645 54.6058C66.1003 53.9623 65.4455 53.5739 64.8021 53.7381C64.1586 53.9024 63.7701 54.5572 63.9344 55.2006C64.0986 55.8441 64.7534 56.2326 65.3969 56.0683Z" fill="#C98DEF"/>
-<path d="M68.4638 57.619C69.1072 57.4548 69.4957 56.8 69.3314 56.1565C69.1672 55.5131 68.5124 55.1246 67.8689 55.2889C67.2255 55.4531 66.837 56.1079 67.0013 56.7514C67.1655 57.3948 67.8203 57.7833 68.4638 57.619Z" fill="#FAA669"/>
-<path d="M63.8466 59.1369C64.49 58.9727 64.8785 58.3179 64.7142 57.6744C64.55 57.031 63.8952 56.6425 63.2517 56.8068C62.6083 56.971 62.2198 57.6258 62.3841 58.2692C62.5483 58.9127 63.2031 59.3012 63.8466 59.1369Z" fill="#3AEFC3"/>
-<path d="M69.0991 35.9943C69.0991 35.9943 83.2587 43.5108 87.1828 45.3145C92.9748 47.9767 92.668 50.0203 92.9748 51.9131C93.2816 53.8033 88.6722 68.777 104.059 65.4542L102.941 51.9626C102.941 51.9626 101.919 47.0563 90.5229 42.3059C79.1269 37.553 70.7469 33.5672 70.7469 33.5672L69.0991 35.9918V35.9943Z" fill="#BC2247"/>
-<path d="M112.637 46.3513C114.54 50.1863 100.469 47.7418 100.469 47.7418L65.7441 29.2771L70.0838 26.7782C72.6693 25.2888 75.8412 25.2368 78.4762 26.6372C88.8083 31.6201 98.6455 36.6204 107.896 41.643C107.896 41.643 111.115 43.2784 112.639 46.3513H112.637Z" fill="#FF5C83"/>
-<path d="M94.9145 56.3816C94.9145 56.3816 97.5396 49.8869 101.06 47.5216C104.581 45.1538 108.814 44.2854 110.655 44.2854C112.496 44.2854 115.799 52.2918 116.14 55.5601C116.484 58.8706 112.815 63.7595 105.291 63.7521C97.0101 63.7447 94.2019 59.6128 94.9169 56.3791L94.9145 56.3816Z" fill="#FF5C83"/>
-<path d="M68.958 29.7866C68.958 29.7866 70.8309 33.1811 70.4227 34.3044L96.7651 49.0158C96.7651 49.0158 98.4921 47.7391 102.376 47.2616L68.958 29.7866Z" fill="#E33D65"/>
-<path d="M102.129 47.2964C102.129 47.2964 97.4183 51.3515 97.0101 58.0466C96.8839 60.1051 92.1211 55.951 95.9882 49.82C95.9882 49.82 98.3065 46.7694 102.129 47.2988V47.2964Z" fill="#FF83A1"/>
-<path d="M77.3678 38.1173C77.2886 36.5041 77.6474 34.4555 77.5756 33.8073C77.4742 32.8869 76.1109 32.2065 76.1109 32.2065L75.4404 37.1078L77.3653 38.1173H77.3678Z" fill="#BC2247"/>
-<path d="M116.079 55.9189C116.079 55.9189 113.753 59.5263 106.872 59.7836C99.9916 60.0409 95.4367 56.8294 94.4817 54.761C94.4817 54.761 93.6429 59.2912 97.0845 61.6565C100.286 63.9748 106.843 65.6919 111.647 63.1014C116.18 60.6594 116.079 55.9165 116.079 55.9165V55.9189Z" fill="#E33D65"/>
-<path d="M58.161 43.1002C58.161 43.1002 53.0024 40.4924 55.0658 35.5367C57.1293 30.5784 63.7773 26.4862 65.7443 25.8676C67.7113 25.2491 71.4101 23.6557 76.8261 25.9394C82.242 28.223 104.784 39.6017 107.503 41.445C110.222 43.2882 111.4 43.5158 113.58 48.1153C115.759 52.7148 116.497 55.3646 115.95 57.6408C115.403 59.9171 112.914 64.0959 107.112 64.4052C101.31 64.7169 96.8222 62.1463 95.3105 59.8527C93.7988 57.5592 94.2194 52.4822 95.6099 50.4658C97.0004 48.4468 96.7653 49.0184 96.7653 49.0184L90.2459 45.4061L75.8859 37.3774" stroke="#192147" stroke-width="0.2" stroke-miterlimit="10"/>
-<path d="M94.4814 54.761C94.4814 54.761 97.7523 61.1122 110.066 59.3803C110.066 59.3803 113.332 59.123 116.078 55.9189" stroke="#192147" stroke-width="0.2" stroke-miterlimit="10"/>
-<path d="M54.9893 35.6281C54.9893 35.6281 56.4589 38.2656 60.7169 39.4804" stroke="#192147" stroke-width="0.2" stroke-miterlimit="10"/>
-<path d="M68.1665 37.5359C68.1665 37.5359 69.0894 33.7726 70.6555 31.9319C70.9771 31.5533 71.4868 31.1896 71.9668 30.8952C72.6893 30.4523 73.5923 30.4152 74.3544 30.7888L75.8785 31.5385C76.6752 31.9294 77.1007 32.8127 76.9151 33.6786L75.6162 39.7106C75.6162 39.7106 72.6299 41.4351 68.1665 37.5359Z" fill="#E33D65"/>
-<path d="M71.3087 39.5596C72.0583 39.8688 72.7288 40.0173 73.3028 40.0693C73.5874 38.805 74.3915 34.6459 74.9902 33.4459C75.5147 32.3944 75.7646 31.8328 76.3263 31.8476C76.2966 31.8204 76.2644 31.7932 76.2322 31.7684C76.2248 31.7635 76.2199 31.7585 76.2124 31.7536C76.1852 31.7313 76.1555 31.7091 76.1259 31.6893C76.1085 31.6769 76.0937 31.667 76.0764 31.6571C76.0541 31.6423 76.0318 31.6274 76.0096 31.615C75.9675 31.5903 75.923 31.5656 75.8784 31.5433L74.3543 30.7936C74.0203 30.6303 73.6616 30.5437 73.3004 30.5388C72.8896 30.5314 72.4765 30.6254 72.1053 30.8208C72.0583 30.8456 72.0138 30.8703 71.9668 30.9C71.7862 31.0113 71.6031 31.1301 71.4274 31.2563C71.133 31.4691 70.8584 31.6992 70.658 31.9367C70.314 32.34 70.0023 32.8323 69.7252 33.3618C69.6856 33.436 69.646 33.5127 69.6089 33.5894C68.6885 35.4228 68.1689 37.5407 68.1689 37.5407C69.0374 38.3002 70.2398 39.0276 71.3087 39.5645V39.5596Z" fill="#FF5C83"/>
-<path d="M82.4351 44.4709C82.4351 44.4709 83.3579 40.7077 84.9241 38.8669C85.2457 38.4884 85.7554 38.1247 86.2354 37.8302C86.9578 37.3874 87.8609 37.3502 88.6229 37.7238L90.147 38.4735C90.9437 38.8644 91.3693 39.7477 91.1837 40.6137L89.8848 46.6457C89.8848 46.6457 86.8984 48.3702 82.4351 44.4709Z" fill="#E33D65"/>
-<path d="M85.5772 46.4946C86.3269 46.8039 86.9974 46.9523 87.5714 47.0043C87.8559 45.74 88.66 41.5809 89.2588 40.381C89.7833 39.3294 90.0332 38.7678 90.5948 38.7826C90.5651 38.7554 90.533 38.7282 90.5008 38.7035C90.4934 38.6985 90.4884 38.6936 90.481 38.6886C90.4538 38.6664 90.4241 38.6441 90.3944 38.6243C90.3771 38.6119 90.3622 38.602 90.3449 38.5921C90.3227 38.5773 90.3004 38.5624 90.2781 38.5501C90.2361 38.5253 90.1915 38.5006 90.147 38.4783L88.6229 37.7287C88.2889 37.5654 87.9302 37.4788 87.5689 37.4738C87.1582 37.4664 86.745 37.5604 86.3739 37.7559C86.3269 37.7806 86.2824 37.8054 86.2353 37.835C86.0547 37.9464 85.8716 38.0651 85.696 38.1913C85.4016 38.4041 85.1269 38.6342 84.9265 38.8717C84.5826 39.275 84.2709 39.7674 83.9938 40.2968C83.9542 40.3711 83.9146 40.4478 83.8775 40.5245C82.9571 42.3578 82.4375 44.4757 82.4375 44.4757C83.3059 45.2353 84.5084 45.9627 85.5772 46.4996V46.4946Z" fill="#FF5C83"/>
-<path d="M82.4351 44.4709C82.4351 44.4709 83.3579 40.7077 84.9241 38.8669C85.2457 38.4884 85.7554 38.1247 86.2354 37.8302C86.9578 37.3874 87.8609 37.3502 88.6229 37.7238L90.147 38.4735C90.9437 38.8644 91.3693 39.7477 91.1837 40.6137L89.8848 46.6457C89.8848 46.6457 86.8984 48.3702 82.4351 44.4709Z" stroke="#192147" stroke-width="0.2" stroke-miterlimit="10"/>
-<path d="M68.1665 37.5359C68.1665 37.5359 69.0894 33.7726 70.6555 31.9319C70.9771 31.5533 71.4868 31.1896 71.9668 30.8952C72.6893 30.4523 73.5923 30.4152 74.3544 30.7888L75.8785 31.5385C76.6752 31.9294 77.1007 32.8127 76.9151 33.6786L75.6162 39.7106C75.6162 39.7106 72.6299 41.4351 68.1665 37.5359Z" stroke="#192147" stroke-width="0.2" stroke-miterlimit="10"/>
-<path d="M89.1224 14.2913C95.0554 17.718 95.0876 23.2725 89.1916 26.6968C83.2957 30.1235 73.7059 30.1235 67.7728 26.6968C61.8398 23.27 61.8076 17.7155 67.7035 14.2913C73.5995 10.8671 83.1868 10.8646 89.1199 14.2913H89.1224Z" fill="#FBE95A"/>
-<path d="M89.1223 14.2912C84.1121 11.3989 76.4967 10.9486 70.6997 12.9403C79.9902 15.2017 87.2692 24.361 89.053 26.7734C89.1001 26.7461 89.1471 26.7239 89.1916 26.6967C95.0875 23.2699 95.0554 17.7154 89.1223 14.2912Z" fill="#EDB312"/>
-<path d="M89.1224 14.2913C95.0554 17.718 95.0876 23.2725 89.1916 26.6968C83.2957 30.1235 73.7059 30.1235 67.7728 26.6968C61.8398 23.27 61.8076 17.7155 67.7035 14.2913C73.5995 10.8671 83.1868 10.8646 89.1199 14.2913H89.1224Z" stroke="#192147" stroke-width="0.2" stroke-miterlimit="10"/>
-<path d="M85.9777 13.3954C90.1639 15.8127 90.1862 19.7293 86.0272 22.1466C81.8681 24.5638 75.1037 24.5638 70.9199 22.1466C66.7337 19.7293 66.7114 15.8127 70.8704 13.3954C75.0295 10.9782 81.7914 10.9782 85.9777 13.3954Z" fill="#FBE95A"/>
-<path d="M85.9774 13.3956C84.9333 12.7944 83.7309 12.3416 82.4493 12.0398C79.8341 11.6216 77.0655 11.6167 74.4503 12.0249C73.3493 12.2798 72.3102 12.6459 71.3799 13.121C77.1966 14.7613 82.1747 19.0293 85.4282 22.4684C85.6335 22.3669 85.8339 22.2605 86.0294 22.1467C90.1885 19.7295 90.1662 15.8129 85.9799 13.3956H85.9774Z" fill="#EDB312"/>
-<path d="M85.9777 13.3954C90.1639 15.8127 90.1862 19.7293 86.0272 22.1466C81.8681 24.5638 75.1037 24.5638 70.9199 22.1466C66.7337 19.7293 66.7114 15.8127 70.8704 13.3954C75.0295 10.9782 81.7914 10.9782 85.9777 13.3954Z" stroke="#192147" stroke-width="0.2" stroke-miterlimit="10"/>
-<path d="M83.298 12.646C83.2956 12.7351 83.2857 12.8266 83.2683 12.9157C83.251 13.0048 83.2263 13.0938 83.1917 13.1804C83.157 13.2695 83.115 13.361 83.0655 13.4476C83.011 13.5441 82.9492 13.6357 82.875 13.7297C82.7908 13.8361 82.6919 13.9425 82.583 14.0439C82.4148 14.1998 82.2143 14.3482 81.9867 14.4843C81.9669 14.4967 81.9496 14.5066 81.9298 14.5189C81.6156 14.702 81.2692 14.853 80.9006 14.9717C80.616 15.0633 80.3167 15.1375 80.0099 15.1944C79.8119 15.229 79.6115 15.2587 79.4111 15.2785C79.2379 15.2958 79.0647 15.3082 78.8891 15.3132C78.7283 15.3181 78.5674 15.3206 78.4066 15.3132C78.2507 15.3082 78.0973 15.3008 77.944 15.2884C77.7906 15.276 77.6372 15.2587 77.4862 15.2365C77.3279 15.2142 77.172 15.187 77.0186 15.1548C76.8528 15.1202 76.6871 15.0806 76.5287 15.0336C76.3333 14.9767 76.1403 14.9123 75.9572 14.8406C75.7172 14.7466 75.4896 14.6377 75.2793 14.514C74.3515 13.9796 73.8888 13.2769 73.8913 12.5743L73.8789 16.5205C73.8789 17.2232 74.3391 17.9259 75.2669 18.4603C75.4797 18.584 75.7073 18.6904 75.9448 18.7869C76.1279 18.8586 76.3209 18.923 76.5164 18.9799C76.6772 19.0244 76.8405 19.0665 77.0062 19.1011C77.1596 19.1333 77.3155 19.1605 77.4739 19.1827C77.6248 19.205 77.7782 19.2223 77.9316 19.2347C78.085 19.2471 78.2409 19.2545 78.3942 19.2594C78.5551 19.2644 78.7159 19.2619 78.8767 19.2594C79.0524 19.2545 79.2256 19.2421 79.3988 19.2248C79.6016 19.205 79.802 19.1778 79.9975 19.1407C80.3043 19.0863 80.6037 19.012 80.8882 18.918C81.2569 18.7992 81.6057 18.6483 81.9175 18.4652C81.9372 18.4529 81.957 18.443 81.9744 18.4306C82.202 18.292 82.4024 18.1461 82.5706 17.9902C82.6795 17.8888 82.7785 17.7848 82.8626 17.676C82.9343 17.5844 82.9987 17.4904 83.0531 17.3939C83.1026 17.3049 83.1446 17.2158 83.1793 17.1267C83.2114 17.0401 83.2386 16.951 83.256 16.862C83.2733 16.7729 83.2832 16.6814 83.2857 16.5923C83.2857 16.5774 83.2857 16.5651 83.2857 16.5502L83.2956 12.6039C83.2956 12.6188 83.2956 12.6312 83.2956 12.646H83.298Z" fill="#FBE95A"/>
-<path d="M83.2979 12.6458C83.2979 12.6755 83.2904 12.7052 83.288 12.7349C83.283 12.7943 83.2806 12.8561 83.2682 12.9155C83.2509 13.0046 83.2261 13.0937 83.1915 13.1803C83.1569 13.2693 83.1148 13.3609 83.0653 13.4475C83.0109 13.5415 82.949 13.6355 82.8773 13.727C82.8599 13.7493 82.8401 13.7691 82.8228 13.7914C82.7511 13.8755 82.6744 13.9596 82.5853 14.0413C82.4171 14.1971 82.2167 14.3456 81.989 14.4817C81.9692 14.494 81.9519 14.5039 81.9321 14.5163C81.6179 14.6994 81.2715 14.8503 80.9029 14.9691C80.6184 15.0606 80.319 15.1348 80.0122 15.1917C79.8143 15.2264 79.6138 15.2561 79.4134 15.2759C79.3194 15.2858 79.2229 15.2882 79.1289 15.2957V19.242C79.2205 19.237 79.312 19.2321 79.4035 19.2246C79.6064 19.2048 79.8068 19.1776 80.0023 19.1405C80.3091 19.0861 80.6085 19.0119 80.893 18.9178C81.2616 18.7991 81.6105 18.6482 81.9222 18.4651C81.9222 18.4651 81.9321 18.4601 81.9371 18.4576C81.9519 18.4502 81.9668 18.4403 81.9791 18.4329C82.2068 18.2944 82.4072 18.1484 82.5754 17.9925C82.6571 17.9158 82.7313 17.8366 82.7981 17.7575C82.8204 17.7302 82.8451 17.7055 82.8674 17.6783C82.9391 17.5867 83.0034 17.4927 83.0554 17.3962C83.1049 17.3072 83.1469 17.2181 83.1816 17.129C83.2137 17.0424 83.2385 16.9534 83.2583 16.8643C83.2707 16.8049 83.2731 16.7455 83.2781 16.6837C83.2806 16.654 83.288 16.6243 83.288 16.5946C83.288 16.5798 83.288 16.5674 83.288 16.5525L83.2979 12.6063C83.2979 12.6211 83.2979 12.6335 83.2979 12.6483V12.6458Z" fill="#EDB312"/>
-<path d="M83.298 12.646C83.2956 12.7351 83.2857 12.8266 83.2684 12.9157C83.251 13.0048 83.2263 13.0938 83.1917 13.1804C83.157 13.2695 83.115 13.361 83.0655 13.4476C83.011 13.5441 82.9492 13.6357 82.875 13.7297C82.7908 13.8361 82.6919 13.9425 82.583 14.0439C82.4148 14.1998 82.2143 14.3482 81.9867 14.4843C81.9669 14.4967 81.9496 14.5066 81.9298 14.5189C81.6156 14.702 81.2692 14.853 80.9006 14.9717C80.616 15.0633 80.3167 15.1375 80.0099 15.1944C79.8119 15.229 79.6115 15.2587 79.4111 15.2785C79.2379 15.2958 79.0647 15.3082 78.8891 15.3132C78.7283 15.3181 78.5674 15.3206 78.4066 15.3132C78.2507 15.3082 78.0973 15.3008 77.944 15.2884C77.7906 15.276 77.6372 15.2587 77.4862 15.2365C77.3279 15.2142 77.172 15.187 77.0186 15.1548C76.8528 15.1202 76.6871 15.0806 76.5287 15.0336C76.3333 14.9767 76.1403 14.9123 75.9572 14.8406C75.7172 14.7466 75.4896 14.6377 75.2793 14.514C74.3515 13.9796 73.8888 13.2769 73.8913 12.5743L73.8789 16.5205C73.8789 17.2232 74.3391 17.9259 75.2669 18.4603C75.4797 18.584 75.7073 18.6904 75.9448 18.7869C76.1279 18.8586 76.3209 18.923 76.5164 18.9799C76.6772 19.0244 76.8405 19.0665 77.0062 19.1011C77.1596 19.1333 77.3155 19.1605 77.4739 19.1827C77.6248 19.205 77.7782 19.2223 77.9316 19.2347C78.085 19.2471 78.2409 19.2545 78.3942 19.2594C78.5551 19.2644 78.7159 19.2619 78.8767 19.2594C79.0524 19.2545 79.2256 19.2421 79.3988 19.2248C79.6016 19.205 79.802 19.1778 79.9975 19.1407C80.3043 19.0863 80.6037 19.012 80.8882 18.918C81.2569 18.7992 81.6057 18.6483 81.9175 18.4652C81.9372 18.4529 81.957 18.443 81.9744 18.4306C82.202 18.292 82.4024 18.1461 82.5706 17.9902C82.6795 17.8888 82.7785 17.7848 82.8626 17.676C82.9343 17.5844 82.9987 17.4904 83.0531 17.3939C83.1026 17.3049 83.1446 17.2158 83.1793 17.1267C83.2114 17.0401 83.2386 16.951 83.256 16.862C83.2733 16.7729 83.2832 16.6814 83.2857 16.5923C83.2857 16.5774 83.2857 16.5651 83.2857 16.5502L83.2956 12.6039C83.2956 12.6188 83.2956 12.6312 83.2956 12.646H83.298Z" stroke="#192147" stroke-width="0.2" stroke-miterlimit="10"/>
-<path d="M81.9074 10.6641C83.7507 11.728 83.7606 13.4549 81.9297 14.5188C80.0988 15.5827 77.1199 15.5827 75.2766 14.5188C73.4334 13.4549 73.4235 11.7305 75.2544 10.6666C77.0853 9.60268 80.0666 9.60268 81.9074 10.6666V10.6641Z" fill="#EDB312" stroke="#192147" stroke-width="0.2" stroke-miterlimit="10"/>
-<path d="M70.4155 7.03695C72.0825 7.03695 73.4339 5.68554 73.4339 4.01848C73.4339 2.35142 72.0825 1 70.4155 1C68.7484 1 67.397 2.35142 67.397 4.01848C67.397 5.68554 68.7484 7.03695 70.4155 7.03695Z" fill="#EDB312"/>
-<path d="M69.7277 5.09456C70.702 5.09456 71.4918 4.30476 71.4918 3.33049C71.4918 2.35621 70.702 1.56641 69.7277 1.56641C68.7534 1.56641 67.9636 2.35621 67.9636 3.33049C67.9636 4.30476 68.7534 5.09456 69.7277 5.09456Z" fill="#FBE95A"/>
-<path d="M73.1217 5.22481C73.5029 4.13343 73.0379 2.97845 72.0833 2.64508C71.1287 2.31171 70.0458 2.92618 69.6647 4.01756C69.2836 5.10893 69.7485 6.26393 70.7031 6.5973C71.6578 6.93067 72.7406 6.31618 73.1217 5.22481Z" fill="#EDB312"/>
-<path d="M70.4155 7.03695C72.0825 7.03695 73.4339 5.68554 73.4339 4.01848C73.4339 2.35142 72.0825 1 70.4155 1C68.7484 1 67.397 2.35142 67.397 4.01848C67.397 5.68554 68.7484 7.03695 70.4155 7.03695Z" stroke="#192147" stroke-width="0.2" stroke-miterlimit="10"/>
-<path d="M77.9713 6.49527C77.9713 6.49527 77.9886 6.50269 77.996 6.50764L72.3574 3.43968C70.858 2.66279 69.5022 5.25076 70.9397 6.04744L76.5783 9.11541C76.5734 9.11293 76.5684 9.10798 76.5635 9.10551C76.7713 9.22179 77.0187 9.27375 77.2835 9.23664C78.0133 9.1352 78.6071 8.41027 78.6071 7.62349C78.6071 7.10639 78.3523 6.69073 77.9688 6.49527H77.9713ZM77.8723 6.45073C77.8723 6.45073 77.85 6.44331 77.8401 6.43836C77.85 6.44331 77.8624 6.44578 77.8723 6.45073Z" fill="#FBE95A" stroke="#192147" stroke-width="0.2" stroke-miterlimit="10"/>
-<path d="M78.7285 14.4422C81.7238 14.4422 84.1519 12.0141 84.1519 9.01885C84.1519 6.02361 81.7238 3.59549 78.7285 3.59549C75.7333 3.59549 73.3052 6.02361 73.3052 9.01885C73.3052 12.0141 75.7333 14.4422 78.7285 14.4422Z" fill="#EDB312"/>
-<path d="M77.4914 10.9486C79.2404 10.9486 80.6583 9.53071 80.6583 7.78167C80.6583 6.03262 79.2404 4.61474 77.4914 4.61474C75.7423 4.61474 74.3245 6.03262 74.3245 7.78167C74.3245 9.53071 75.7423 10.9486 77.4914 10.9486Z" fill="#FBE95A"/>
-<path d="M78.7285 14.4422C81.7238 14.4422 84.1519 12.0141 84.1519 9.01885C84.1519 6.02361 81.7238 3.59549 78.7285 3.59549C75.7333 3.59549 73.3052 6.02361 73.3052 9.01885C73.3052 12.0141 75.7333 14.4422 78.7285 14.4422Z" stroke="#192147" stroke-width="0.2" stroke-miterlimit="10"/>
-<path d="M87.8409 12.099C87.8409 12.099 87.8582 12.1065 87.8656 12.1114L82.227 9.04345C80.7277 8.26657 79.3718 10.8545 80.8093 11.6512L86.4479 14.7192C86.443 14.7167 86.438 14.7118 86.4331 14.7093C86.6409 14.8256 86.8883 14.8775 87.1531 14.8404C87.8829 14.739 88.4768 14.014 88.4768 13.2273C88.4768 12.7102 88.2219 12.2945 87.8384 12.099H87.8409ZM87.7419 12.0545C87.7419 12.0545 87.7196 12.0471 87.7098 12.0421C87.7196 12.0471 87.732 12.0496 87.7419 12.0545Z" fill="#FBE95A" stroke="#192147" stroke-width="0.2" stroke-miterlimit="10"/>
-<path d="M87.2397 16.4389C88.9067 16.4389 90.2581 15.0875 90.2581 13.4204C90.2581 11.7533 88.9067 10.4019 87.2397 10.4019C85.5726 10.4019 84.2212 11.7533 84.2212 13.4204C84.2212 15.0875 85.5726 16.4389 87.2397 16.4389Z" fill="#EDB312"/>
-<path d="M86.5517 14.4967C87.5259 14.4967 88.3158 13.7069 88.3158 12.7326C88.3158 11.7584 87.5259 10.9686 86.5517 10.9686C85.5774 10.9686 84.7876 11.7584 84.7876 12.7326C84.7876 13.7069 85.5774 14.4967 86.5517 14.4967Z" fill="#FBE95A"/>
-<path d="M87.2397 16.4389C88.9067 16.4389 90.2581 15.0875 90.2581 13.4204C90.2581 11.7533 88.9067 10.4019 87.2397 10.4019C85.5726 10.4019 84.2212 11.7533 84.2212 13.4204C84.2212 15.0875 85.5726 16.4389 87.2397 16.4389Z" stroke="#192147" stroke-width="0.2" stroke-miterlimit="10"/>
-</svg>
diff --git a/website/assets/images/premium-landing-feature-2.svg b/website/assets/images/premium-landing-feature-2.svg
deleted file mode 100644
index 61e48c60d3..0000000000
--- a/website/assets/images/premium-landing-feature-2.svg
+++ /dev/null
@@ -1,148 +0,0 @@
-<svg width="161" height="110" viewBox="0 0 161 110" fill="none" xmlns="http://www.w3.org/2000/svg">
-<path d="M150.371 42.4385C150.371 42.4385 150.374 42.4412 150.376 42.4439C150.168 41.9782 149.859 41.7399 149.426 41.4312L85.1875 4.3444L84.6594 4.04113C84.1151 3.72701 83.4436 3.72701 82.8966 4.04113L82.0734 4.515L7.53705 47.5509C7.53705 47.5509 7.53704 47.5509 7.53434 47.5509L7.4883 47.578L7.50184 47.5861C6.37267 48.6801 6.41599 50.2236 6.41599 50.2236V51.9945C6.41599 52.2491 6.4891 52.463 6.58388 52.6336C6.71927 52.8773 6.93049 53.0668 7.17148 53.2076C7.17148 53.2076 58.4934 82.7395 70.9793 89.9261C72.6555 90.8901 74.7216 90.8874 76.395 89.918C89.826 82.1357 148.668 48.0275 148.668 48.0275C149.699 47.4291 150.541 45.9641 150.541 44.7727C150.509 44.3042 150.647 42.8447 150.371 42.4358V42.4385Z" fill="#C5C7D1"/>
-<path d="M67.1965 86.7497C67.1965 87.9411 68.0414 88.4258 69.0704 87.8274L143.252 44.7779C144.284 44.1795 145.126 42.7145 145.126 41.5231V39.985C145.126 38.7936 144.284 38.3089 143.252 38.9073L69.0677 81.9595C68.036 82.5579 67.1938 83.0805 67.1965 84.272V86.7497Z" fill="#6A67FE" stroke="#192147" stroke-width="0.203089" stroke-miterlimit="10"/>
-<path d="M77.4835 0.791606C78.0277 0.477495 78.6993 0.477495 79.2463 0.791606L79.7743 1.09488L144.013 38.1817C144.446 38.4904 144.757 38.7286 144.963 39.1944C144.468 38.7422 143.988 38.7693 143.398 39.0373L70.4268 81.1661L68.2524 82.4199L2.07788 44.3312L76.663 1.26548L77.4862 0.791606H77.4835Z" fill="#B4B2FE" stroke="#192147" stroke-width="0.203089" stroke-miterlimit="10"/>
-<path d="M103.72 61.9404L143.393 39.0373C143.983 38.7693 144.462 38.7422 144.958 39.1944C144.749 38.7286 144.441 38.4904 144.007 38.1817L79.769 1.09488L79.2409 0.791606C78.6967 0.477495 78.0251 0.477495 77.4781 0.791606L76.6549 1.26548L37.9299 23.6242C51.1388 29.0914 78.0793 41.6179 103.715 61.9404H103.72Z" fill="#3E4771" stroke="#192147" stroke-width="0.203089" stroke-miterlimit="10"/>
-<path d="M66.5926 87.3914L1.75574 49.958C1.51474 49.8199 1.30352 49.6277 1.16813 49.384C1.07336 49.2134 1.00025 48.9995 1.00025 48.7449V46.974C1.00025 46.974 0.954217 45.3953 2.1213 44.3013L68.1983 82.4658C68.1983 82.4658 67.2425 83.4054 67.2425 84.9435C67.2425 84.9435 66.9473 88.3933 68.7399 88.025C68.7399 88.025 68.266 88.4421 66.5926 87.3914Z" fill="#D9D9FE" stroke="#192147" stroke-width="0.203089" stroke-miterlimit="10"/>
-<path d="M145.123 41.6125C145.123 41.5637 145.126 41.3363 145.126 41.1061C145.126 40.8759 144.703 40.9301 144.186 41.2279L72.1384 82.7231C71.6212 83.021 71.1987 83.5111 71.1987 83.8117C71.1987 84.1122 71.6212 84.1149 72.1384 83.8171L144.17 42.3328C144.687 42.0349 145.118 41.6639 145.12 41.6152L145.123 41.6125Z" fill="#3E4771"/>
-<path d="M115.737 13.3126C125.578 18.9936 127.76 26.9683 120.611 31.1221C113.465 35.276 98.7807 37.5262 88.9376 31.8451C79.0973 26.164 77.8273 14.7017 84.9733 10.5479C92.1194 6.394 105.894 7.63149 115.735 13.3126H115.737Z" fill="#3E4771" stroke="#192147" stroke-width="0.203089" stroke-miterlimit="10"/>
-<path d="M115.152 13.6511C124.549 19.0749 126.636 26.6894 119.807 30.6591C112.981 34.6261 98.2663 37.1336 88.87 31.7098C79.4738 26.2859 78.9512 14.9779 85.7777 11.0109C92.6042 7.04391 105.756 8.22724 115.152 13.6511Z" fill="#3E4771"/>
-<mask id="mask0_3199_18040" style="mask-type:luminance" maskUnits="userSpaceOnUse" x="82" y="21" width="38" height="15">
-<path d="M119.748 27.8025V28.0245C119.742 30.0879 118.597 31.9671 116.225 33.3454C110.24 36.8223 98.7103 35.7852 90.473 31.0302C85.4987 28.1599 82.864 24.5882 82.8721 21.4417V21.2197C82.864 24.3635 85.5014 27.9351 90.473 30.8082C98.7103 35.5632 110.24 36.6003 116.225 33.1234C118.594 31.7451 119.74 29.8658 119.745 27.8025H119.748Z" fill="white"/>
-</mask>
-<g mask="url(#mask0_3199_18040)">
-<path d="M119.748 27.8024V28.0244C119.748 28.0705 119.748 28.1192 119.745 28.1653V27.9432C119.745 27.8972 119.745 27.8484 119.748 27.8024Z" fill="#192147"/>
-<path d="M119.745 27.9435V28.1656C119.737 28.4688 119.702 28.7694 119.645 29.0646V28.8425C119.704 28.5474 119.737 28.2495 119.745 27.9435Z" fill="#192147"/>
-<path d="M119.645 28.8422V29.0643C119.588 29.3405 119.512 29.6113 119.412 29.8793V29.6573C119.512 29.3919 119.59 29.1184 119.645 28.8422Z" fill="#192147"/>
-<path d="M119.412 29.6545V29.8766C119.314 30.1365 119.195 30.3938 119.054 30.6429V30.4209C119.195 30.1717 119.314 29.9172 119.412 29.6545Z" fill="#192147"/>
-<path d="M119.054 30.4208V30.6428C118.908 30.9001 118.74 31.1519 118.548 31.3956V31.1735C118.74 30.9298 118.911 30.678 119.054 30.4208Z" fill="#192147"/>
-<path d="M118.548 31.174V31.396C118.331 31.6695 118.088 31.9322 117.814 32.1867V31.9647C118.09 31.7101 118.334 31.4475 118.548 31.174Z" fill="#192147"/>
-<path d="M117.814 31.9643V32.1864C117.397 32.5736 116.91 32.9364 116.352 33.2695V33.0475C116.91 32.7144 117.397 32.3515 117.814 31.9643Z" fill="#192147"/>
-<path d="M116.352 33.0474V33.2695C116.309 33.2938 116.268 33.3209 116.225 33.3453C115.48 33.7785 114.649 34.1414 113.747 34.4365V34.2145C114.649 33.9193 115.48 33.5565 116.225 33.1232C116.268 33.0989 116.309 33.0745 116.352 33.0474Z" fill="#192147"/>
-<path d="M113.75 34.2143V34.4363C113.002 34.68 112.206 34.8777 111.375 35.0294V34.8073C112.209 34.6557 113.002 34.458 113.75 34.2143Z" fill="#192147"/>
-<path d="M111.375 34.8075V35.0295C110.798 35.1351 110.202 35.2163 109.593 35.2759V35.0539C110.202 34.9943 110.798 34.9104 111.375 34.8075Z" fill="#192147"/>
-<path d="M109.593 35.0538V35.2758C109.049 35.33 108.491 35.3652 107.925 35.3868V35.1648C108.491 35.1458 109.049 35.1079 109.593 35.0538Z" fill="#192147"/>
-<path d="M107.928 35.1621V35.3841C107.37 35.4031 106.801 35.4058 106.227 35.3895V35.1675C106.801 35.181 107.37 35.181 107.928 35.1621Z" fill="#192147"/>
-<path d="M106.227 35.1705V35.3925C105.637 35.379 105.039 35.3465 104.435 35.295V35.073C105.039 35.1217 105.637 35.1542 106.227 35.1705Z" fill="#192147"/>
-<path d="M104.435 35.073V35.295C103.787 35.2409 103.135 35.1678 102.48 35.0757V34.8537C103.135 34.9457 103.787 35.0188 104.435 35.073Z" fill="#192147"/>
-<path d="M102.48 34.8535V35.0756C101.751 34.9727 101.023 34.8454 100.292 34.6938V34.4717C101.023 34.6234 101.751 34.7507 102.48 34.8535Z" fill="#192147"/>
-<path d="M100.292 34.4715V34.6935C99.4386 34.5175 98.5884 34.309 97.7435 34.068V33.8459C98.5884 34.0869 99.4386 34.2955 100.292 34.4715Z" fill="#192147"/>
-<path d="M97.7464 33.8463V34.0683C96.6713 33.7624 95.6099 33.4049 94.5728 32.996V32.774C95.6099 33.1829 96.6713 33.5403 97.7464 33.8463Z" fill="#192147"/>
-<path d="M94.5727 32.7714V32.9934C93.1484 32.4329 91.7701 31.7749 90.473 31.0275C85.4987 28.1572 82.864 24.5856 82.8721 21.439V21.217C82.864 24.3608 85.5014 27.9325 90.473 30.8055C91.7701 31.5529 93.1457 32.2109 94.57 32.7714" fill="#192147"/>
-</g>
-<path d="M112.144 18.2138C120.381 22.9688 122.209 29.6437 116.225 33.1233C110.241 36.6002 98.7105 35.563 90.4732 30.808C82.2359 26.0531 80.4081 19.3782 86.3924 15.9013C92.3768 12.4244 103.907 13.4615 112.141 18.2165L112.144 18.2138Z" fill="#192147"/>
-<path d="M102.477 36.4567C111.865 38.493 117.836 36.3321 121.153 34.2173C123.222 32.8986 124.514 30.6511 124.646 28.2005L124.82 24.9862C124.82 24.9862 120.622 32.116 102.751 29.882C102.052 29.725 91.5292 28.0109 89.1436 31.9129C89.1436 31.9129 96.7932 35.5685 102.48 36.4567H102.477Z" fill="#3E4771" stroke="#192147" stroke-width="0.203089" stroke-linejoin="round"/>
-<path d="M82.1655 12.9255C82.1655 12.9255 79.5281 16.2751 79.5281 21.6231C79.5281 26.9712 88.7348 31.7776 88.7348 31.7776C88.7348 31.7776 90.1564 27.0388 87.3132 23.7894C84.4699 20.54 80.8874 15.9935 83.5899 12.078C86.2923 8.16239 95.0982 8.09199 95.0982 8.09199C95.0982 8.09199 86.0188 7.81849 82.1655 12.9282V12.9255Z" fill="#3E4771" stroke="#192147" stroke-width="0.203089" stroke-miterlimit="10"/>
-<path d="M114.914 21.1737L107.375 25.555L99.7881 21.1737L107.327 16.7924L114.914 21.1737Z" fill="#F9FAFC"/>
-<path d="M114.914 21.1734V21.3928L107.375 25.7741V25.5548L114.914 21.1734Z" fill="#C5C7D1"/>
-<path d="M107.375 25.5548V25.7741L99.7881 21.3928V21.1734L107.375 25.5548Z" fill="#8B8FA2"/>
-<path d="M108.242 19.2331C108.243 18.9714 107.877 18.7583 107.425 18.757C106.974 18.7557 106.607 18.9669 106.606 19.2286C106.606 19.4903 106.971 19.7035 107.423 19.7047C107.874 19.706 108.241 19.4949 108.242 19.2331Z" fill="#63C740"/>
-<path d="M109.666 19.8548C109.989 20.0416 109.989 20.3395 109.669 20.5263C109.35 20.7132 108.832 20.7132 108.51 20.5263C108.188 20.3395 108.188 20.0416 108.507 19.8548C108.827 19.6679 109.347 19.6707 109.666 19.8548Z" fill="#5CABDF"/>
-<path d="M111.329 20.8161C111.649 21.0003 111.651 21.3009 111.332 21.4877C111.012 21.6745 110.492 21.6718 110.173 21.4877C109.853 21.3036 109.851 21.003 110.17 20.8161C110.49 20.6293 111.007 20.6293 111.329 20.8161Z" fill="#D66C7B"/>
-<path d="M106.596 20.1941C106.597 19.9324 106.231 19.7193 105.78 19.718C105.328 19.7167 104.961 19.9279 104.961 20.1896C104.96 20.4513 105.325 20.6645 105.777 20.6657C106.229 20.667 106.595 20.4559 106.596 20.1941Z" fill="#C98DEF"/>
-<path d="M108.017 20.8135C108.34 21.0003 108.34 21.3009 108.02 21.485C107.7 21.6692 107.183 21.6719 106.861 21.485C106.539 21.2982 106.539 21.0003 106.858 20.8135C107.178 20.6266 107.698 20.6293 108.017 20.8135Z" fill="#FAA669"/>
-<path d="M104.945 21.15C104.946 20.8883 104.58 20.6751 104.129 20.6739C103.677 20.6726 103.31 20.8838 103.31 21.1455C103.309 21.4072 103.674 21.6204 104.126 21.6216C104.578 21.6229 104.944 21.4117 104.945 21.15Z" fill="#3AEFC3"/>
-<path d="M87.5236 27.3894C87.5832 26.6186 87.2085 25.9609 86.6866 25.9206C86.1647 25.8803 85.6934 26.4725 85.6338 27.2434C85.5742 28.0142 85.9489 28.6718 86.4708 28.7122C86.9927 28.7525 87.464 28.1603 87.5236 27.3894Z" fill="#FBE95A"/>
-<path d="M85.3796 25.247C85.4869 24.4813 85.1535 23.8017 84.6352 23.7291C84.1168 23.6565 83.6097 24.2184 83.5025 24.9841C83.3953 25.7499 83.7286 26.4294 84.2469 26.502C84.7653 26.5746 85.2724 26.0127 85.3796 25.247Z" fill="#FBE95A"/>
-<path d="M83.6962 22.8398C83.8211 22.0768 83.5035 21.3897 82.9869 21.3052C82.4704 21.2207 81.9504 21.7708 81.8256 22.5338C81.7008 23.2968 82.0184 23.9839 82.5349 24.0684C83.0515 24.1529 83.5714 23.6028 83.6962 22.8398Z" fill="#FBE95A"/>
-<path opacity="0.3" d="M97.2046 50.5077C100.625 52.4818 100.644 55.6852 97.2452 57.6592C93.8469 59.6332 88.3174 59.6332 84.8974 57.6592C81.4774 55.6852 81.4612 52.4818 84.8595 50.5077C88.2579 48.5337 93.7846 48.531 97.2046 50.5077Z" fill="#192147"/>
-<path opacity="0.3" d="M99.3116 49.3354C97.7437 55.1546 88.686 61.5126 88.2094 61.8457C88.3339 61.6317 90.7087 57.5537 89.5958 56.912C86.6361 55.2602 76.1486 56.2702 75.5962 56.3243C86.4141 50.5702 98.6644 49.3977 99.3089 49.3354H99.3116Z" fill="#192147"/>
-<path d="M99.0572 52.7416C99.0517 52.9095 99.0328 53.0774 99.0003 53.2426C98.9678 53.4078 98.9191 53.5703 98.8595 53.7354C98.7972 53.9033 98.7187 54.0685 98.6266 54.231C98.5264 54.407 98.41 54.583 98.2746 54.7536C98.1175 54.954 97.9361 55.1462 97.733 55.3358C97.4189 55.6255 97.0506 55.899 96.6282 56.1535C96.593 56.1752 96.5578 56.1969 96.5226 56.2158C95.9404 56.5543 95.296 56.8359 94.6082 57.058C94.0774 57.2286 93.525 57.3667 92.9564 57.4696C92.5908 57.5346 92.2171 57.586 91.8434 57.6239C91.5239 57.6564 91.199 57.6781 90.874 57.6889C90.5762 57.6997 90.2783 57.6997 89.9804 57.6943C89.6934 57.6862 89.4064 57.6727 89.1193 57.6483C88.835 57.6239 88.5507 57.5941 88.2718 57.5535C87.9793 57.5129 87.6896 57.4614 87.4053 57.4019C87.0966 57.3369 86.7933 57.2638 86.4954 57.1798C86.1326 57.0769 85.7778 56.9578 85.4339 56.8224C84.9899 56.6464 84.5674 56.446 84.1748 56.2185C82.4526 55.2248 81.5942 53.9223 81.5996 52.6198V53.6027C81.5942 54.9052 82.4526 56.2077 84.1721 57.2015C84.5674 57.4289 84.9871 57.6293 85.4312 57.8053C85.7724 57.9407 86.1272 58.0599 86.4927 58.1628C86.7906 58.2467 87.0939 58.3225 87.4026 58.3848C87.6869 58.4444 87.9766 58.4931 88.2691 58.5365C88.5507 58.5771 88.8323 58.6069 89.1166 58.6312C89.4009 58.6556 89.688 58.6691 89.9777 58.6773C90.2756 58.6854 90.5735 58.6827 90.8713 58.6719C91.1963 58.661 91.5185 58.6394 91.8407 58.6069C92.2171 58.5689 92.5881 58.5175 92.9537 58.4525C93.5223 58.3496 94.0774 58.2115 94.6054 58.0409C95.2905 57.8189 95.9377 57.5373 96.5199 57.1988C96.5551 57.1771 96.5903 57.1582 96.6255 57.1365C97.0506 56.882 97.4189 56.6058 97.7303 56.3187C97.9334 56.1292 98.1148 55.9369 98.2719 55.7365C98.4073 55.5659 98.5237 55.3926 98.6239 55.2139C98.716 55.0514 98.7945 54.8836 98.8568 54.7184C98.9191 54.5559 98.9651 54.3907 98.9976 54.2256C99.0301 54.0604 99.049 53.8925 99.0544 53.7246C99.0544 53.7002 99.0544 53.6731 99.0544 53.6488V52.6658C99.0544 52.6902 99.0544 52.7173 99.0544 52.7416H99.0572Z" fill="#B56E03" stroke="#192147" stroke-width="0.203089" stroke-miterlimit="10"/>
-<path d="M96.482 49.0618C99.902 51.0358 99.9209 54.2392 96.5226 56.2132C93.1242 58.1872 87.5948 58.1872 84.1748 56.2132C80.7547 54.2392 80.7385 51.0358 84.1369 49.0618C87.5352 47.0877 93.0619 47.085 96.482 49.0618Z" fill="#EDB312" stroke="#192147" stroke-width="0.203089" stroke-miterlimit="10"/>
-<path d="M89.3304 54.9677C89.2004 54.8945 89.0569 54.8268 88.8998 54.7646C88.7319 54.6969 88.5505 54.6373 88.3529 54.5804C88.1498 54.5236 87.9331 54.4694 87.7057 54.4234C87.4403 54.3692 87.1614 54.3205 86.8662 54.2799C86.4763 54.2257 86.0647 54.1797 85.6369 54.1445C85.0249 54.0957 84.3777 54.0632 83.7251 54.047C82.5987 54.0199 81.4424 54.0362 80.3647 54.0714C77.8383 54.158 75.7478 54.3584 75.5122 54.3828V55.3657C75.7451 55.344 77.8356 55.141 80.362 55.0543C81.4397 55.0164 82.596 55.0029 83.7224 55.0299C84.3777 55.0462 85.0222 55.076 85.6369 55.1274C86.0647 55.1626 86.4763 55.2059 86.8662 55.2628C87.1614 55.3034 87.4403 55.3522 87.7057 55.4063C87.9331 55.4524 88.1498 55.5065 88.3529 55.5634C88.5478 55.6203 88.7319 55.6798 88.8998 55.7475C89.0569 55.8098 89.2004 55.8775 89.3304 55.9506C89.5389 56.0698 89.6228 56.3135 89.6228 56.6276V55.6446C89.6256 55.3305 89.5416 55.0868 89.3331 54.9677H89.3304Z" fill="#EDB312" stroke="#192147" stroke-width="0.203089" stroke-linejoin="round"/>
-<path d="M98.9189 47.4858C97.3727 53.2319 88.4314 59.506 87.9602 59.8363C88.0848 59.6251 90.4271 55.5985 89.3304 54.9649C86.4086 53.3348 76.0565 54.3312 75.5095 54.3827C86.1866 48.7016 98.2826 47.5454 98.9189 47.4831V47.4858Z" fill="#FBE95A" stroke="#192147" stroke-width="0.203089" stroke-linejoin="round"/>
-<path d="M98.6725 48.2548C98.4748 48.7828 98.2175 49.3136 97.9197 49.8416C97.4864 50.6079 96.9584 51.3688 96.3762 52.1081C95.312 53.4593 94.0637 54.7401 92.8587 55.8558C90.4379 58.0951 88.1904 59.6738 87.9602 59.8336V60.8165C88.1877 60.6541 90.4352 59.0781 92.856 56.8387C94.061 55.7231 95.3093 54.4423 96.3735 53.091C96.9557 52.3518 97.481 51.5909 97.917 50.8246C98.2148 50.2965 98.4694 49.7658 98.6698 49.2378C98.7672 48.9805 98.8485 48.7233 98.9189 48.4687V47.4858C98.8539 47.7403 98.77 47.9976 98.6725 48.2548Z" fill="#EDB312" stroke="#192147" stroke-width="0.203089" stroke-linejoin="round"/>
-<path d="M141.752 74.0986C148.4 77.9357 148.432 84.161 141.828 87.9981C135.223 91.8351 124.478 91.8378 117.831 87.9981C111.183 84.1583 111.148 77.9357 117.752 74.0986C124.357 70.2616 135.101 70.2589 141.749 74.0986H141.752Z" fill="#E2E4EA"/>
-<path d="M123.468 95.1576L126.352 90.2673L123.463 89.8611L123.468 95.1576Z" fill="#E2E4EA"/>
-<path d="M141.884 71.2257C141.876 71.5506 141.838 71.8756 141.773 72.2005C141.708 72.52 141.619 72.8396 141.5 73.1564C141.378 73.4813 141.226 73.8036 141.048 74.1204C140.853 74.4643 140.625 74.8028 140.365 75.1331C140.059 75.5204 139.71 75.8995 139.312 76.265C138.703 76.8255 137.988 77.3617 137.162 77.8572C137.094 77.8979 137.024 77.9385 136.956 77.9791C135.824 78.6371 134.57 79.1814 133.235 79.6146C132.206 79.9477 131.129 80.2158 130.024 80.4134C129.312 80.5407 128.589 80.6409 127.86 80.714C127.238 80.7763 126.609 80.8169 125.978 80.8386C125.399 80.8575 124.819 80.8603 124.24 80.8467C123.682 80.8332 123.124 80.8034 122.569 80.7574C122.017 80.7113 121.464 80.649 120.92 80.5732C120.354 80.492 119.791 80.3945 119.239 80.2808C118.637 80.1562 118.047 80.0127 117.468 79.8475C116.761 79.6471 116.07 79.4143 115.407 79.1516C114.546 78.8104 113.725 78.4205 112.959 77.9791C109.612 76.0484 107.941 73.5111 107.95 70.9793L107.931 78.0441C107.922 80.5759 109.593 83.1105 112.94 85.0439C113.706 85.4853 114.527 85.8779 115.388 86.2164C116.051 86.479 116.742 86.7092 117.449 86.9123C118.028 87.0775 118.618 87.221 119.22 87.3456C119.772 87.4593 120.335 87.5568 120.901 87.638C121.445 87.7165 121.998 87.7761 122.55 87.8221C123.105 87.8682 123.663 87.898 124.221 87.9115C124.8 87.925 125.38 87.9223 125.959 87.9034C126.59 87.8817 127.219 87.8411 127.841 87.7788C128.573 87.7057 129.296 87.6055 130.005 87.4782C131.11 87.2779 132.188 87.0125 133.217 86.6794C134.551 86.2462 135.805 85.7019 136.937 85.0439C137.007 85.0033 137.075 84.9627 137.143 84.922C137.966 84.4265 138.684 83.893 139.293 83.3298C139.691 82.9643 140.04 82.5852 140.346 82.1979C140.606 81.8649 140.836 81.5264 141.029 81.1852C141.207 80.8684 141.359 80.5461 141.481 80.2212C141.6 79.9044 141.692 79.5848 141.754 79.2653C141.819 78.9431 141.857 78.6182 141.865 78.2905C141.865 78.2418 141.865 78.1903 141.865 78.1416L141.884 71.0768C141.884 71.1255 141.884 71.177 141.884 71.2257Z" fill="#FBE95A"/>
-<path d="M126.395 87.9197V80.9687C126.395 80.9687 118.453 80.9226 114.706 78.9378L123.465 87.8899L126.393 87.917L126.395 87.9197Z" fill="#EDB312"/>
-<path d="M141.884 71.2257C141.876 71.5506 141.838 71.8756 141.773 72.2005C141.708 72.52 141.619 72.8396 141.5 73.1564C141.378 73.4813 141.226 73.8036 141.048 74.1204C140.853 74.4643 140.625 74.8028 140.365 75.1331C140.059 75.5204 139.71 75.8995 139.312 76.265C138.703 76.8255 137.988 77.3617 137.162 77.8572C137.094 77.8979 137.024 77.9385 136.956 77.9791C135.824 78.6371 134.57 79.1814 133.235 79.6146C132.206 79.9477 131.129 80.2158 130.024 80.4134C129.312 80.5407 128.589 80.6409 127.86 80.714C127.238 80.7763 126.609 80.8169 125.978 80.8386C125.399 80.8575 124.819 80.8603 124.24 80.8467C123.682 80.8332 123.124 80.8034 122.569 80.7574C122.017 80.7113 121.464 80.649 120.92 80.5732C120.354 80.492 119.791 80.3945 119.239 80.2808C118.637 80.1562 118.047 80.0127 117.468 79.8475C116.761 79.6471 116.07 79.4143 115.407 79.1516C114.546 78.8104 113.725 78.4205 112.959 77.9791C109.612 76.0484 107.941 73.5111 107.95 70.9793L107.931 78.0441C107.922 80.5759 109.593 83.1105 112.94 85.0439C113.706 85.4853 114.527 85.8779 115.388 86.2164C116.051 86.479 116.742 86.7092 117.449 86.9123C118.028 87.0775 118.618 87.221 119.22 87.3456C119.772 87.4593 120.335 87.5568 120.901 87.638C121.445 87.7165 121.998 87.7761 122.55 87.8221C123.105 87.8682 123.663 87.898 124.221 87.9115C124.8 87.925 125.38 87.9223 125.959 87.9034C126.59 87.8817 127.219 87.8411 127.841 87.7788C128.573 87.7057 129.296 87.6055 130.005 87.4782C131.11 87.2779 132.188 87.0125 133.217 86.6794C134.551 86.2462 135.805 85.7019 136.937 85.0439C137.007 85.0033 137.075 84.9627 137.143 84.922C137.966 84.4265 138.684 83.893 139.293 83.3298C139.691 82.9643 140.04 82.5852 140.346 82.1979C140.606 81.8649 140.836 81.5264 141.029 81.1852C141.207 80.8684 141.359 80.5461 141.481 80.2212C141.6 79.9044 141.692 79.5848 141.754 79.2653C141.819 78.9431 141.857 78.6182 141.865 78.2905C141.865 78.2418 141.865 78.1903 141.865 78.1416L141.884 71.0768C141.884 71.1255 141.884 71.177 141.884 71.2257Z" stroke="#192147" stroke-width="0.203089" stroke-linejoin="round"/>
-<path d="M136.877 64.0797C143.525 67.9167 143.558 74.142 136.953 77.9791C130.349 81.8161 119.604 81.8188 112.956 77.9791C106.308 74.1393 106.273 67.9167 112.878 64.0797C119.482 60.2426 130.227 60.2399 136.875 64.0797H136.877Z" fill="#FFF7B9"/>
-<path d="M136.877 64.0797C143.525 67.9167 143.558 74.142 136.953 77.9791C130.349 81.8161 119.604 81.8188 112.956 77.9791C106.308 74.1393 106.273 67.9167 112.878 64.0797C119.482 60.2426 130.227 60.2399 136.875 64.0797H136.877Z" stroke="#192147" stroke-width="0.203089" stroke-linejoin="round"/>
-<path d="M131.335 67.0284C134.904 69.089 134.923 72.4278 131.378 74.4885C127.833 76.5492 122.068 76.5465 118.499 74.4885C114.931 72.4278 114.912 69.089 118.456 67.0284C122.001 64.9677 127.768 64.9677 131.337 67.0284H131.335Z" fill="#EDB312"/>
-<path d="M131.378 74.4887C131.446 74.4508 131.508 74.4101 131.573 74.3695C131.494 74.3208 131.419 74.2721 131.337 74.226C127.768 72.1653 122.001 72.1653 118.456 74.226C118.388 74.2639 118.326 74.3045 118.264 74.3452C118.342 74.3939 118.418 74.4426 118.499 74.4887C122.068 76.5494 127.833 76.5494 131.378 74.4887Z" fill="#E2E4EA"/>
-<path d="M131.378 74.4887C131.446 74.4508 131.508 74.4101 131.573 74.3695C131.494 74.3208 131.419 74.2721 131.337 74.226C127.768 72.1653 122.001 72.1653 118.456 74.226C118.388 74.2639 118.326 74.3045 118.264 74.3452C118.342 74.3939 118.418 74.4426 118.499 74.4887C122.068 76.5494 127.833 76.5494 131.378 74.4887Z" stroke="#192147" stroke-width="0.203089" stroke-miterlimit="10"/>
-<path d="M131.335 67.0284C134.904 69.089 134.923 72.4278 131.378 74.4885C127.833 76.5492 122.068 76.5465 118.499 74.4885C114.931 72.4278 114.912 69.089 118.456 67.0284C122.001 64.9677 127.768 64.9677 131.337 67.0284H131.335Z" stroke="#192147" stroke-width="0.203089" stroke-linejoin="round"/>
-<path d="M132.618 66.281C136.899 68.7533 136.921 72.7609 132.669 75.2332C128.415 77.7054 121.497 77.7054 117.216 75.2332C112.935 72.7609 112.91 68.7533 117.164 66.281C121.418 63.8087 128.34 63.8087 132.621 66.281H132.618Z" stroke="#192147" stroke-width="0.203089" stroke-linejoin="round"/>
-<path d="M134.07 65.4389C139.158 68.3769 139.185 73.14 134.129 76.0781C129.074 79.0161 120.85 79.0161 115.762 76.0781C110.674 73.14 110.644 68.3769 115.7 65.4389C120.755 62.5009 128.982 62.5009 134.07 65.4389Z" stroke="#192147" stroke-width="0.203089" stroke-linejoin="round"/>
-<path d="M135.47 64.6239C141.335 68.0114 141.367 73.5029 135.537 76.8905C129.707 80.278 120.227 80.2753 114.362 76.8905C108.494 73.5029 108.461 68.0114 114.291 64.6239C120.119 61.2364 129.602 61.2364 135.47 64.6239Z" stroke="#192147" stroke-width="0.203089" stroke-linejoin="round"/>
-<path d="M123.463 87.7626V94.803C123.463 94.803 119.063 88.1688 114.527 86.0025C110.178 83.9256 108.253 81.7511 107.925 78.2526L107.993 71.4153C107.993 71.4153 107.69 75.2577 113.782 78.4557C115.732 79.398 122.751 83.4977 123.463 87.7653V87.7626Z" fill="#FBE95A"/>
-<path d="M122.808 87.7381C122.808 87.7381 122.355 83.8794 115.542 80.0424C108.729 76.2054 108.524 75.3714 108.096 73.3405C108.096 73.3405 109.314 76.0267 113.512 78.3717C117.709 80.7167 122.063 82.818 123.463 87.7598L122.808 87.7381Z" fill="#FFF7B9"/>
-<path d="M123.463 87.7626V94.803C123.463 94.803 119.063 88.1688 114.527 86.0025C110.178 83.9256 108.253 81.7511 107.925 78.2526L107.993 71.4153C107.993 71.4153 107.69 75.2577 113.782 78.4557C115.732 79.398 122.751 83.4977 123.463 87.7653V87.7626Z" stroke="#192147" stroke-width="0.203089" stroke-linejoin="round"/>
-<path d="M123.468 87.8925H122.927V95.1577H123.468V87.8925Z" fill="#C5C7D1" stroke="#192147" stroke-width="0.203089" stroke-miterlimit="10"/>
-<path d="M123.468 87.8925H122.927V89.3764H123.468V87.8925Z" fill="#E2E4EA" stroke="#192147" stroke-width="0.203089" stroke-miterlimit="10"/>
-<path d="M121.229 87.0178V84.7161L121.806 84.6132" stroke="#192147" stroke-width="0.203089" stroke-miterlimit="10" stroke-linecap="round"/>
-<path d="M116.896 83.2268V80.9252L117.495 80.6652" stroke="#192147" stroke-width="0.203089" stroke-miterlimit="10" stroke-linecap="round"/>
-<path d="M111.751 80.2482V77.8003L112.304 77.6406" stroke="#192147" stroke-width="0.203089" stroke-miterlimit="10" stroke-linecap="round"/>
-<path d="M119.062 89.4549V82.5498L119.661 82.3576" stroke="#192147" stroke-width="0.203089" stroke-miterlimit="10"/>
-<path d="M114.188 85.821V79.3005L114.944 79.0297" stroke="#192147" stroke-width="0.203089" stroke-miterlimit="10"/>
-<path d="M109.314 82.187V75.9156L109.991 75.6881" stroke="#192147" stroke-width="0.203089" stroke-miterlimit="10"/>
-<path d="M140.295 75.301V77.8897" stroke="#192147" stroke-width="0.203089" stroke-miterlimit="10" stroke-linecap="round"/>
-<path d="M134.879 79.0919V81.6806" stroke="#192147" stroke-width="0.203089" stroke-miterlimit="10" stroke-linecap="round"/>
-<path d="M127.839 80.7167V83.3054" stroke="#192147" stroke-width="0.203089" stroke-miterlimit="10" stroke-linecap="round"/>
-<path d="M119.715 80.4458V82.3278" stroke="#192147" stroke-width="0.203089" stroke-miterlimit="10" stroke-linecap="round"/>
-<path d="M137.926 77.2995V84.3778" stroke="#192147" stroke-width="0.203089" stroke-miterlimit="10" stroke-linecap="round"/>
-<path d="M131.697 80.0071V87.0854" stroke="#192147" stroke-width="0.203089" stroke-miterlimit="10" stroke-linecap="round"/>
-<path d="M124.115 80.8195V87.8978" stroke="#192147" stroke-width="0.203089" stroke-miterlimit="10" stroke-linecap="round"/>
-<path d="M158.773 50.6351C160.349 51.5449 161.091 52.758 160.991 53.9495C160.904 54.9893 160.176 56.0156 158.809 56.8117C155.873 58.5176 151.097 58.5176 148.145 56.8117C146.772 56.0183 146.033 54.9974 145.93 53.9603C145.811 52.7661 146.537 51.5476 148.11 50.6351C151.045 48.9291 155.822 48.9291 158.776 50.6351H158.773Z" fill="#C5C7D1"/>
-<path d="M158.684 52.1675C158.681 52.2894 158.668 52.4112 158.643 52.5331C158.619 52.6549 158.584 52.7741 158.54 52.8932C158.494 53.0151 158.438 53.1369 158.37 53.2561C158.297 53.3861 158.21 53.5133 158.113 53.6379C157.999 53.7841 157.866 53.9249 157.717 54.063C157.487 54.2742 157.219 54.4746 156.908 54.6615C156.883 54.6777 156.856 54.6913 156.829 54.7075C156.404 54.9539 155.933 55.1597 155.429 55.3222C155.042 55.4467 154.636 55.5469 154.221 55.6228C153.953 55.6715 153.683 55.7094 153.406 55.7365C153.171 55.7609 152.935 55.7744 152.7 55.7825C152.483 55.7906 152.264 55.7906 152.044 55.7852C151.833 55.7798 151.625 55.769 151.416 55.7527C151.208 55.7365 151.002 55.7121 150.796 55.6823C150.582 55.6525 150.371 55.6146 150.162 55.5713C149.938 55.5253 149.713 55.4711 149.496 55.4088C149.231 55.333 148.971 55.2464 148.722 55.1462C148.397 55.0189 148.088 54.87 147.801 54.7048C146.542 53.9764 145.914 53.0232 145.916 52.0701V53.0476C145.911 54.0007 146.539 54.9539 147.798 55.6823C148.085 55.8475 148.394 55.9964 148.719 56.1237C148.968 56.2212 149.228 56.3106 149.493 56.3864C149.71 56.4487 149.935 56.5028 150.16 56.5488C150.368 56.5922 150.579 56.6274 150.793 56.6599C150.999 56.6896 151.205 56.7113 151.413 56.7303C151.622 56.7465 151.833 56.7573 152.042 56.7628C152.258 56.7682 152.478 56.7682 152.697 56.7601C152.935 56.7519 153.171 56.7357 153.404 56.714C153.677 56.6869 153.951 56.649 154.219 56.6003C154.636 56.5245 155.039 56.4243 155.426 56.2997C155.927 56.1372 156.399 55.9315 156.826 55.685C156.853 55.6688 156.878 55.6553 156.905 55.639C157.216 55.4522 157.484 55.2518 157.715 55.0406C157.863 54.9025 157.996 54.7617 158.11 54.6154C158.207 54.4909 158.294 54.3636 158.367 54.2336C158.435 54.1145 158.492 53.9926 158.538 53.8708C158.581 53.7516 158.616 53.6325 158.641 53.5106C158.665 53.3888 158.679 53.2669 158.681 53.1451C158.681 53.1261 158.681 53.1072 158.681 53.0882V52.1107C158.681 52.1296 158.681 52.1486 158.681 52.1675H158.684Z" fill="#C48747" stroke="#192147" stroke-width="0.203089" stroke-miterlimit="10"/>
-<path d="M156.799 49.4787C158.134 50.2504 158.76 51.2767 158.676 52.2867C158.603 53.1668 157.988 54.036 156.829 54.7103C154.343 56.1535 150.3 56.1535 147.801 54.7103C146.639 54.0387 146.014 53.1749 145.924 52.2948C145.824 51.2821 146.439 50.2531 147.769 49.4787C150.254 48.0354 154.297 48.0354 156.799 49.4787Z" fill="#F2C499" stroke="#192147" stroke-width="0.203089" stroke-miterlimit="10"/>
-<path d="M157.647 41.3201C157.644 41.423 157.633 41.5232 157.612 41.6261C157.593 41.7263 157.563 41.8264 157.525 41.9266C157.487 42.0295 157.438 42.1297 157.384 42.2299C157.322 42.3382 157.251 42.4438 157.17 42.5495C157.075 42.6713 156.964 42.7904 156.84 42.9042C156.648 43.0802 156.423 43.2481 156.163 43.4051C156.141 43.4187 156.12 43.4322 156.098 43.443C155.743 43.6488 155.348 43.8221 154.931 43.9575C154.609 44.0631 154.27 44.1471 153.921 44.2094C153.696 44.25 153.469 44.2825 153.241 44.3041C153.046 44.3231 152.849 44.3366 152.648 44.3448C152.467 44.3502 152.283 44.3529 152.101 44.3448C151.925 44.3393 151.749 44.3312 151.576 44.3177C151.403 44.3041 151.229 44.2852 151.056 44.2608C150.877 44.2364 150.701 44.204 150.528 44.1688C150.338 44.1308 150.154 44.0848 149.973 44.0334C149.751 43.9711 149.534 43.898 149.326 43.814C149.055 43.7084 148.798 43.5839 148.557 43.4457C147.503 42.8392 146.978 42.0404 146.981 41.2443L146.951 51.6939C146.951 52.49 147.473 53.2861 148.527 53.8954C148.768 54.0335 149.025 54.158 149.296 54.2636C149.504 54.3449 149.721 54.418 149.943 54.483C150.124 54.5344 150.311 54.5805 150.498 54.6184C150.671 54.6536 150.847 54.6861 151.026 54.7104C151.197 54.7348 151.37 54.7537 151.546 54.7673C151.719 54.7808 151.895 54.7917 152.071 54.7944C152.253 54.7998 152.437 54.7971 152.618 54.7944C152.816 54.7862 153.014 54.7754 153.211 54.7538C153.442 54.7321 153.669 54.6996 153.891 54.659C154.238 54.5967 154.576 54.5128 154.901 54.4071C155.321 54.2718 155.713 54.1012 156.068 53.8926C156.09 53.8791 156.111 53.8683 156.133 53.8547C156.393 53.6977 156.618 53.5298 156.81 53.3538C156.935 53.2374 157.046 53.1209 157.14 52.9991C157.222 52.8935 157.295 52.7878 157.354 52.6795C157.411 52.5793 157.457 52.4792 157.498 52.3763C157.536 52.2761 157.563 52.1759 157.585 52.0757C157.606 51.9728 157.617 51.8726 157.62 51.7697C157.62 51.7534 157.62 51.7372 157.62 51.7237L157.65 41.2741C157.65 41.2903 157.65 41.3065 157.65 41.3201H157.647Z" fill="#D9D9FE"/>
-<path d="M157.612 41.626C157.593 41.7262 157.563 41.8264 157.525 41.9266C157.487 42.0295 157.438 42.1297 157.384 42.2299C157.322 42.3382 157.252 42.4438 157.17 42.5494C157.076 42.6712 156.964 42.7904 156.84 42.9041C156.648 43.0801 156.423 43.248 156.163 43.4051C156.141 43.4186 156.12 43.4321 156.098 43.443C155.743 43.6488 155.348 43.8221 154.931 43.9575C154.663 44.0441 154.384 44.1118 154.102 44.1714V54.6156C154.376 54.5587 154.644 54.4937 154.901 54.4098C155.321 54.2744 155.713 54.1038 156.068 53.8953C156.09 53.8818 156.112 53.8709 156.133 53.8574C156.393 53.7003 156.618 53.5324 156.81 53.3564C156.935 53.24 157.046 53.1236 157.14 53.0017C157.222 52.8961 157.295 52.7905 157.354 52.6822C157.411 52.582 157.457 52.4818 157.498 52.3789C157.536 52.2787 157.563 52.1785 157.585 52.0783C157.606 51.9754 157.617 51.8752 157.62 51.7723C157.62 51.7561 157.62 51.7398 157.62 51.7263L157.65 41.2767C157.65 41.2929 157.65 41.3092 157.65 41.3227C157.647 41.4256 157.636 41.5258 157.614 41.6287L157.612 41.626Z" fill="#B4B2FE"/>
-<path d="M146.951 50.9736C146.989 53.0803 150.179 54.093 152.071 54.0768C154.14 54.093 157.284 53.4865 157.617 51.0521" stroke="#192147" stroke-width="0.203089" stroke-miterlimit="10"/>
-<path d="M146.951 50.2451C146.989 52.3519 150.179 53.3646 152.071 53.3484C154.14 53.3646 157.284 52.758 157.617 50.3237" stroke="#192147" stroke-width="0.203089" stroke-miterlimit="10"/>
-<path d="M146.951 48.7881C146.989 50.8948 150.179 51.9076 152.071 51.8913C154.14 51.9076 157.284 51.301 157.617 48.8666" stroke="#192147" stroke-width="0.203089" stroke-miterlimit="10"/>
-<path d="M146.951 48.0598C146.989 50.1665 150.179 51.1792 152.071 51.163C154.14 51.1792 157.284 50.5727 157.617 48.1383" stroke="#192147" stroke-width="0.203089" stroke-miterlimit="10"/>
-<path d="M146.951 47.3315C146.989 49.4382 150.179 50.4509 152.071 50.4347C154.14 50.4509 157.284 49.8444 157.617 47.41" stroke="#192147" stroke-width="0.203089" stroke-miterlimit="10"/>
-<path d="M146.951 46.603C146.989 48.7097 150.179 49.7224 152.071 49.7061C154.14 49.7224 157.284 49.1158 157.617 46.6815" stroke="#192147" stroke-width="0.203089" stroke-miterlimit="10"/>
-<path d="M146.951 45.8745C146.989 47.9813 150.179 48.994 152.071 48.9777C154.14 48.994 157.284 48.3874 157.617 45.9531" stroke="#192147" stroke-width="0.203089" stroke-miterlimit="10"/>
-<path d="M146.951 45.1488C146.989 47.2555 150.179 48.2682 152.071 48.252C154.14 48.2682 157.284 47.6617 157.617 45.2273" stroke="#192147" stroke-width="0.203089" stroke-miterlimit="10"/>
-<path d="M146.951 44.4205C146.989 46.5272 150.179 47.54 152.071 47.5237C154.14 47.54 157.284 46.9334 157.617 44.4991" stroke="#192147" stroke-width="0.203089" stroke-miterlimit="10"/>
-<path d="M146.951 49.5165C146.989 51.6232 150.179 52.636 152.071 52.6197C154.14 52.636 157.284 52.0294 157.617 49.595" stroke="#192147" stroke-width="0.203089" stroke-miterlimit="10"/>
-<path d="M157.647 41.3201C157.644 41.423 157.633 41.5232 157.612 41.6261C157.593 41.7263 157.563 41.8264 157.525 41.9266C157.487 42.0295 157.438 42.1297 157.384 42.2299C157.322 42.3382 157.251 42.4438 157.17 42.5495C157.075 42.6713 156.964 42.7904 156.84 42.9042C156.648 43.0802 156.423 43.2481 156.163 43.4051C156.141 43.4187 156.12 43.4322 156.098 43.443C155.743 43.6488 155.348 43.8221 154.931 43.9575C154.609 44.0631 154.27 44.1471 153.921 44.2094C153.696 44.25 153.469 44.2825 153.241 44.3041C153.046 44.3231 152.849 44.3366 152.648 44.3448C152.467 44.3502 152.283 44.3529 152.101 44.3448C151.925 44.3393 151.749 44.3312 151.576 44.3177C151.403 44.3041 151.229 44.2852 151.056 44.2608C150.877 44.2364 150.701 44.204 150.528 44.1688C150.338 44.1308 150.154 44.0848 149.973 44.0334C149.751 43.9711 149.534 43.898 149.326 43.814C149.055 43.7084 148.798 43.5839 148.557 43.4457C147.503 42.8392 146.978 42.0404 146.981 41.2443L146.951 51.6939C146.951 52.49 147.473 53.2861 148.527 53.8954C148.768 54.0335 149.025 54.158 149.296 54.2636C149.504 54.3449 149.721 54.418 149.943 54.483C150.124 54.5344 150.311 54.5805 150.498 54.6184C150.671 54.6536 150.847 54.6861 151.026 54.7104C151.197 54.7348 151.37 54.7537 151.546 54.7673C151.719 54.7808 151.895 54.7917 152.071 54.7944C152.253 54.7998 152.437 54.7971 152.618 54.7944C152.816 54.7862 153.014 54.7754 153.211 54.7538C153.442 54.7321 153.669 54.6996 153.891 54.659C154.238 54.5967 154.576 54.5128 154.901 54.4071C155.321 54.2718 155.713 54.1012 156.068 53.8926C156.09 53.8791 156.111 53.8683 156.133 53.8547C156.393 53.6977 156.618 53.5298 156.81 53.3538C156.935 53.2374 157.046 53.1209 157.14 52.9991C157.222 52.8935 157.295 52.7878 157.354 52.6795C157.411 52.5793 157.457 52.4792 157.498 52.3763C157.536 52.2761 157.563 52.1759 157.585 52.0757C157.606 51.9728 157.617 51.8726 157.62 51.7697C157.62 51.7534 157.62 51.7372 157.62 51.7237L157.65 41.2741C157.65 41.2903 157.65 41.3065 157.65 41.3201H157.647Z" stroke="#192147" stroke-width="0.203089" stroke-miterlimit="10"/>
-<path d="M158.684 42.0889C158.681 42.2107 158.668 42.3326 158.643 42.4544C158.619 42.5763 158.584 42.6954 158.541 42.8146C158.495 42.9364 158.438 43.0583 158.37 43.1774C158.297 43.3074 158.21 43.4347 158.113 43.5592C157.999 43.7055 157.866 43.8463 157.717 43.9844C157.487 44.1956 157.219 44.396 156.908 44.5828C156.883 44.599 156.856 44.6126 156.829 44.6288C156.404 44.8752 155.933 45.081 155.429 45.2435C155.042 45.3681 154.636 45.4683 154.222 45.5441C153.953 45.5928 153.683 45.6307 153.406 45.6578C153.171 45.6822 152.935 45.6957 152.7 45.7038C152.483 45.712 152.264 45.712 152.044 45.7066C151.833 45.7011 151.625 45.6903 151.416 45.6741C151.208 45.6578 151.002 45.6334 150.796 45.6037C150.582 45.5739 150.371 45.536 150.162 45.4926C149.938 45.4466 149.713 45.3924 149.496 45.3302C149.231 45.2543 148.971 45.1677 148.722 45.0675C148.397 44.9402 148.088 44.7913 147.801 44.6261C146.542 43.8977 145.914 42.9445 145.917 41.9914V42.9689C145.911 43.9221 146.539 44.8752 147.799 45.6037C148.086 45.7688 148.394 45.9178 148.719 46.045C148.968 46.1425 149.228 46.2319 149.494 46.3077C149.71 46.37 149.935 46.4241 150.16 46.4702C150.368 46.5135 150.579 46.5487 150.793 46.5812C150.999 46.611 151.205 46.6326 151.413 46.6516C151.622 46.6678 151.833 46.6787 152.042 46.6841C152.258 46.6895 152.478 46.6895 152.697 46.6814C152.935 46.6733 153.171 46.657 153.404 46.6353C153.677 46.6083 153.951 46.5704 154.219 46.5216C154.636 46.4458 155.039 46.3456 155.427 46.221C155.927 46.0586 156.399 45.8528 156.826 45.6064C156.854 45.5901 156.878 45.5766 156.905 45.5603C157.216 45.3735 157.484 45.1731 157.715 44.9619C157.864 44.8238 157.996 44.683 158.11 44.5368C158.207 44.4122 158.294 44.2849 158.367 44.155C158.435 44.0358 158.492 43.914 158.538 43.7921C158.581 43.673 158.616 43.5538 158.641 43.432C158.665 43.3101 158.679 43.1883 158.681 43.0664C158.681 43.0474 158.681 43.0285 158.681 43.0095V42.032C158.681 42.0509 158.681 42.0699 158.681 42.0889H158.684Z" fill="#C48747" stroke="#192147" stroke-width="0.203089" stroke-miterlimit="10"/>
-<path d="M156.799 39.3974C159.299 40.8407 159.315 43.183 156.829 44.6263C154.343 46.0696 150.301 46.0696 147.801 44.6263C145.299 43.183 145.286 40.8407 147.771 39.3947C150.257 37.9487 154.3 37.9514 156.802 39.3947L156.799 39.3974Z" fill="#F2C499" stroke="#192147" stroke-width="0.203089" stroke-miterlimit="10"/>
-<path d="M154.59 40.3696C155.854 41.1007 155.862 42.284 154.603 43.0151C153.344 43.7463 151.302 43.7463 150.038 43.0151C148.773 42.284 148.765 41.1007 150.022 40.3696C151.278 39.6384 153.325 39.6384 154.59 40.3696Z" fill="#C48747"/>
-<path d="M154.59 41.3281C153.325 40.5969 151.278 40.5969 150.022 41.3281C149.607 41.5691 149.334 41.8588 149.196 42.1648C149.337 42.4762 149.616 42.7714 150.038 43.0151C151.303 43.7462 153.347 43.7462 154.603 43.0151C155.018 42.7741 155.291 42.4843 155.432 42.1783C155.291 41.8669 155.012 41.5718 154.59 41.3308V41.3281Z" fill="#6976B1"/>
-<path d="M154.59 41.3282C153.98 40.9762 153.192 40.7975 152.399 40.7839V43.5595C153.201 43.5486 153.994 43.3672 154.603 43.0152C155.018 42.7742 155.291 42.4845 155.432 42.1785C155.291 41.8671 155.012 41.5719 154.59 41.3309V41.3282Z" fill="#3E4771"/>
-<path d="M154.59 41.3281C153.325 40.5969 151.278 40.5969 150.022 41.3281C149.607 41.5691 149.334 41.8588 149.196 42.1648C149.337 42.4762 149.616 42.7714 150.038 43.0151C151.303 43.7462 153.347 43.7462 154.603 43.0151C155.018 42.7741 155.291 42.4843 155.432 42.1783C155.291 41.8669 155.012 41.5718 154.59 41.3308V41.3281Z" stroke="#192147" stroke-width="0.203089" stroke-miterlimit="10"/>
-<path d="M154.59 40.3696C155.854 41.1007 155.862 42.284 154.603 43.0151C153.344 43.7463 151.302 43.7463 150.038 43.0151C148.773 42.284 148.765 41.1007 150.022 40.3696C151.278 39.6384 153.325 39.6384 154.59 40.3696Z" stroke="#192147" stroke-width="0.203089" stroke-miterlimit="10"/>
-<path d="M139.187 62.7798L151.072 69.3166C154.955 67.1828 159.353 64.0823 160.154 63.0344L147.59 58.0249L139.185 62.7798H139.187Z" fill="#C5C7D1"/>
-<path d="M144.135 51.7481C146.675 50.2805 148.743 51.4584 148.751 54.3802C148.76 57.2992 146.707 60.8574 144.164 62.325C141.622 63.7927 139.556 62.6148 139.548 59.693C139.539 56.7712 141.592 53.2131 144.135 51.7454V51.7481Z" fill="#C38747" stroke="#192147" stroke-width="0.203089" stroke-miterlimit="10"/>
-<path d="M144.373 54.6184C145.535 53.9469 146.482 54.4858 146.485 55.8234C146.488 57.1611 145.548 58.7858 144.387 59.4574C143.225 60.1289 142.277 59.5901 142.274 58.2524C142.272 56.9147 143.211 55.2873 144.373 54.6157V54.6184Z" fill="#F2C499" stroke="#192147" stroke-width="0.203089" stroke-miterlimit="10"/>
-<path d="M146.591 50.9545C146.591 50.9545 146.574 50.9437 146.566 50.941C146.49 50.8977 146.415 50.8625 146.336 50.8273C146.258 50.7948 146.176 50.765 146.092 50.7406C146.008 50.7163 145.922 50.6973 145.835 50.6811C145.746 50.6648 145.651 50.654 145.556 50.6486C145.456 50.6431 145.356 50.6404 145.253 50.6486C145.142 50.654 145.025 50.6648 144.909 50.6838C144.776 50.7054 144.641 50.7325 144.506 50.7704C144.33 50.8191 144.148 50.8814 143.964 50.9573C143.753 51.0439 143.539 51.1522 143.32 51.2768C142.781 51.5882 142.263 51.9944 141.781 52.4682C141.608 52.6388 141.44 52.8175 141.278 53.0044C141.151 53.1506 141.026 53.3023 140.904 53.4593C140.799 53.5947 140.698 53.7328 140.598 53.8736C140.506 54.0036 140.417 54.1363 140.333 54.2717C140.252 54.3989 140.173 54.5289 140.094 54.6616C140.019 54.7889 139.948 54.9188 139.878 55.0488C139.81 55.1788 139.742 55.3088 139.68 55.4415C139.615 55.5741 139.556 55.7068 139.496 55.8422C139.436 55.9803 139.38 56.1157 139.328 56.2565C139.274 56.4 139.22 56.5463 139.171 56.6898C139.12 56.8468 139.071 57.0012 139.028 57.1582C138.979 57.3342 138.936 57.5103 138.898 57.6863C138.852 57.9002 138.816 58.1141 138.789 58.3253C138.749 58.6313 138.73 58.9319 138.73 59.227C138.735 60.6785 139.247 61.6993 140.073 62.1786L140.888 62.6525C140.062 62.1732 139.55 61.1523 139.545 59.7009C139.545 59.4058 139.564 59.1052 139.604 58.7992C139.631 58.588 139.669 58.3741 139.715 58.1601C139.753 57.9841 139.797 57.8081 139.845 57.6321C139.889 57.4751 139.937 57.318 139.989 57.1637C140.038 57.0174 140.089 56.8739 140.146 56.7304C140.2 56.5923 140.254 56.4542 140.314 56.3161C140.371 56.1834 140.433 56.048 140.498 55.9153C140.56 55.7826 140.628 55.6527 140.696 55.5227C140.766 55.3927 140.836 55.2627 140.912 55.1355C140.988 55.0028 141.069 54.8755 141.151 54.7455C141.237 54.6102 141.327 54.4775 141.416 54.3475C141.516 54.2067 141.616 54.0686 141.722 53.9332C141.844 53.7761 141.968 53.6245 142.096 53.4783C142.258 53.2914 142.426 53.1127 142.599 52.9421C143.079 52.4682 143.596 52.0621 144.137 51.7507C144.357 51.6234 144.571 51.5178 144.782 51.4311C144.966 51.3553 145.147 51.293 145.323 51.2443C145.461 51.2064 145.597 51.1793 145.73 51.1576C145.846 51.1387 145.96 51.1278 146.073 51.1224C146.176 51.117 146.279 51.1197 146.377 51.1224C146.471 51.1278 146.564 51.1387 146.656 51.1549C146.745 51.1712 146.829 51.1901 146.913 51.2145C146.997 51.2389 147.078 51.266 147.157 51.3012C147.235 51.3336 147.314 51.3716 147.387 51.4149C147.395 51.4203 147.403 51.4257 147.411 51.4284L146.596 50.9545H146.591Z" fill="#F2C499" stroke="#192147" stroke-width="0.203089" stroke-miterlimit="10"/>
-<path d="M147.679 52.5468C147.679 52.5468 147.666 52.5387 147.658 52.5333C147.593 52.4981 147.528 52.4656 147.457 52.4358C147.39 52.4087 147.319 52.3816 147.249 52.3627C147.176 52.341 147.103 52.3248 147.027 52.3112C146.948 52.2977 146.87 52.2896 146.788 52.2841C146.702 52.2787 146.615 52.2787 146.526 52.2841C146.428 52.2896 146.331 52.2977 146.231 52.3139C146.117 52.3302 146 52.3573 145.881 52.3897C145.73 52.4304 145.573 52.4845 145.416 52.5495C145.234 52.6253 145.05 52.7174 144.86 52.8257L153.025 57.5699C153.214 57.4616 153.398 57.3695 153.58 57.2937C153.74 57.2287 153.894 57.1745 154.046 57.1339C154.165 57.1014 154.281 57.077 154.395 57.0581C154.495 57.0418 154.595 57.0337 154.69 57.0283C154.779 57.0256 154.866 57.0256 154.953 57.0283C155.034 57.0337 155.115 57.0418 155.194 57.0554C155.269 57.0689 155.345 57.0852 155.416 57.1068C155.489 57.1285 155.556 57.1529 155.624 57.1799C155.692 57.2097 155.76 57.2422 155.825 57.2774C155.833 57.2828 155.838 57.2855 155.846 57.291L147.682 52.5468H147.679Z" fill="#211E1E"/>
-<path d="M153.022 57.5672C155.213 56.3027 156.994 57.3181 157.002 59.8364C157.011 62.3547 155.24 65.42 153.049 66.6846C150.858 67.9492 149.077 66.9337 149.068 64.4154C149.06 61.8971 150.831 58.8291 153.022 57.5645V57.5672Z" fill="#192147"/>
-<path d="M144.858 52.823C144.392 53.0911 143.948 53.4404 143.533 53.8493C143.384 53.9955 143.241 54.1499 143.1 54.3097C142.989 54.4369 142.884 54.5669 142.778 54.7023C142.689 54.8187 142.599 54.9379 142.513 55.0597C142.434 55.1707 142.358 55.2872 142.282 55.4036C142.212 55.5147 142.144 55.6257 142.077 55.7394C142.012 55.8504 141.949 55.9614 141.89 56.0725C141.83 56.1835 141.773 56.2972 141.719 56.411C141.665 56.5247 141.611 56.6411 141.562 56.7548C141.511 56.874 141.462 56.9904 141.416 57.1096C141.367 57.2341 141.324 57.3587 141.28 57.4833C141.234 57.6187 141.194 57.754 141.156 57.8867C141.113 58.0384 141.077 58.19 141.045 58.3417C141.007 58.5258 140.975 58.7099 140.95 58.8913C140.915 59.154 140.899 59.414 140.899 59.6685C140.901 60.9195 141.343 61.7996 142.055 62.2139L150.219 66.958C149.507 66.5437 149.066 65.6637 149.063 64.4127C149.063 64.1581 149.079 63.8982 149.114 63.6355C149.139 63.4541 149.168 63.2699 149.209 63.0858C149.242 62.9342 149.279 62.7825 149.32 62.6309C149.358 62.4955 149.399 62.3601 149.445 62.2274C149.485 62.1029 149.531 61.9783 149.58 61.8537C149.626 61.7346 149.675 61.6155 149.726 61.499C149.778 61.3826 149.829 61.2688 149.883 61.1551C149.937 61.0414 149.994 60.9304 150.054 60.8166C150.114 60.7029 150.176 60.5919 150.241 60.4836C150.306 60.3698 150.376 60.2588 150.447 60.1478C150.52 60.0314 150.598 59.9176 150.677 59.8039C150.763 59.682 150.85 59.5629 150.942 59.4465C151.045 59.3111 151.153 59.1811 151.264 59.0538C151.405 58.894 151.549 58.7397 151.698 58.5935C152.112 58.1846 152.559 57.8353 153.022 57.5672L144.858 52.823Z" fill="#3E4771"/>
-<path d="M147.679 52.5467C143.945 51.3309 140.983 56.4461 140.901 59.6738C140.904 60.9249 141.346 61.8049 142.058 62.2192L150.222 66.9634C146.761 64.3422 151.725 55.5985 155.841 57.2909L147.677 52.5467H147.679Z" stroke="#192147" stroke-width="0.270785" stroke-miterlimit="10"/>
-<path d="M148.405 52.9502C144.671 51.7343 141.709 56.8495 141.627 60.0772C141.63 61.3283 142.071 62.2083 142.784 62.6226" stroke="#192147" stroke-width="0.203089" stroke-miterlimit="10"/>
-<path d="M149.109 53.3646C145.375 52.1488 142.369 57.264 142.331 60.4917C142.318 61.7428 142.775 62.6228 143.487 63.0371" stroke="#192147" stroke-width="0.203089" stroke-miterlimit="10"/>
-<path d="M149.81 53.7762C146.076 52.5604 143.071 57.6755 143.033 60.9033C143.019 62.1543 143.477 63.0343 144.189 63.4486" stroke="#192147" stroke-width="0.203089" stroke-miterlimit="10"/>
-<path d="M150.514 54.1879C146.78 52.9721 143.775 58.0872 143.737 61.315C143.723 62.566 144.181 63.4461 144.893 63.8604" stroke="#192147" stroke-width="0.203089" stroke-miterlimit="10"/>
-<path d="M151.218 54.5994C147.484 53.3836 144.479 58.4987 144.441 61.7265C144.427 62.9775 144.885 63.8576 145.597 64.2719" stroke="#192147" stroke-width="0.203089" stroke-miterlimit="10"/>
-<path d="M151.922 55.0108C148.188 53.795 145.183 58.9102 145.145 62.1379C145.131 63.3889 145.589 64.269 146.301 64.6833" stroke="#192147" stroke-width="0.203089" stroke-miterlimit="10"/>
-<path d="M152.627 55.4226C148.892 54.2067 145.887 59.3219 145.849 62.5496C145.835 63.8007 146.293 64.6807 147.005 65.095" stroke="#192147" stroke-width="0.203089" stroke-miterlimit="10"/>
-<path d="M153.331 55.8343C149.596 54.6185 146.591 59.7336 146.553 62.9614C146.539 64.2124 146.997 65.0924 147.709 65.5067" stroke="#192147" stroke-width="0.203089" stroke-miterlimit="10"/>
-<path d="M152.591 56.5571C155.131 55.0894 157.2 56.2673 157.208 59.1891C157.216 62.1082 155.164 65.6663 152.621 67.134C150.081 68.6016 148.012 67.4237 148.004 64.5019C147.996 61.5801 150.049 58.022 152.591 56.5544V56.5571Z" fill="#C38747" stroke="#192147" stroke-width="0.203089" stroke-miterlimit="10"/>
-<path d="M152.83 59.4247C153.991 58.7532 154.939 59.292 154.942 60.6297C154.944 61.9647 154.005 63.5921 152.843 64.2637C151.681 64.9352 150.734 64.3963 150.731 63.0587C150.728 61.721 151.668 60.0936 152.83 59.422V59.4247Z" fill="#F2C499" stroke="#192147" stroke-width="0.203089" stroke-miterlimit="10"/>
-<path d="M152.15 63.7141C153.312 63.0426 154.251 61.4152 154.248 60.0802C154.248 59.7119 154.173 59.4086 154.045 59.1703C153.701 59.0891 153.284 59.1649 152.832 59.4276C151.671 60.0991 150.731 61.7266 150.734 63.0642C150.734 63.4325 150.809 63.7358 150.937 63.9741C151.281 64.0553 151.698 63.9795 152.15 63.7168V63.7141Z" fill="#211E1E"/>
-<path d="M152.15 63.7141C153.312 63.0426 154.251 61.4152 154.248 60.0802C154.248 59.7119 154.173 59.4086 154.045 59.1703C153.701 59.0891 153.284 59.1649 152.832 59.4276C151.671 60.0991 150.731 61.7266 150.734 63.0642C150.734 63.4325 150.809 63.7358 150.937 63.9741C151.281 64.0553 151.698 63.9795 152.15 63.7168V63.7141Z" stroke="#192147" stroke-width="0.203089" stroke-miterlimit="10"/>
-<path d="M152.83 59.4247C153.991 58.7532 154.939 59.292 154.942 60.6297C154.944 61.9647 154.005 63.5921 152.843 64.2637C151.681 64.9352 150.734 64.3963 150.731 63.0587C150.728 61.721 151.668 60.0936 152.83 59.422V59.4247Z" stroke="#192147" stroke-width="0.203089" stroke-miterlimit="10"/>
-<path d="M155.047 55.761C155.047 55.761 155.031 55.7501 155.023 55.7474C154.947 55.7041 154.871 55.6689 154.793 55.6337C154.714 55.6012 154.633 55.5714 154.549 55.5471C154.465 55.5227 154.378 55.5037 154.292 55.4875C154.202 55.4712 154.108 55.4604 154.013 55.455C153.913 55.4496 153.813 55.4469 153.71 55.455C153.599 55.4604 153.482 55.4712 153.366 55.4902C153.233 55.5119 153.098 55.5389 152.962 55.5768C152.786 55.6256 152.605 55.6879 152.421 55.7637C152.209 55.8503 151.996 55.9586 151.776 56.0832C151.237 56.3946 150.72 56.8008 150.238 57.2747C150.065 57.4453 149.897 57.624 149.735 57.8108C149.607 57.957 149.483 58.1087 149.361 58.2657C149.255 58.4011 149.155 58.5392 149.055 58.68C148.963 58.81 148.873 58.9427 148.789 59.0781C148.708 59.2054 148.63 59.3353 148.551 59.468C148.475 59.5953 148.405 59.7253 148.335 59.8552C148.267 59.9852 148.199 60.1152 148.137 60.2479C148.072 60.3806 148.012 60.5133 147.953 60.6486C147.893 60.7867 147.836 60.9221 147.785 61.063C147.731 61.2065 147.677 61.3527 147.628 61.4962C147.576 61.6533 147.528 61.8076 147.484 61.9647C147.436 62.1407 147.392 62.3167 147.354 62.4927C147.308 62.7066 147.273 62.9205 147.246 63.1318C147.205 63.4377 147.186 63.7383 147.186 64.0335C147.192 65.4849 147.704 66.5057 148.53 66.985L149.345 67.4589C148.519 66.9796 148.007 65.9588 148.001 64.5073C148.001 64.2122 148.02 63.9116 148.061 63.6056C148.088 63.3944 148.126 63.1805 148.172 62.9666C148.21 62.7906 148.253 62.6145 148.302 62.4385C148.345 62.2815 148.394 62.1244 148.446 61.9701C148.494 61.8239 148.546 61.6803 148.603 61.5368C148.657 61.3987 148.711 61.2606 148.771 61.1225C148.827 60.9898 148.89 60.8544 148.955 60.7218C149.017 60.5891 149.085 60.4591 149.152 60.3291C149.223 60.1991 149.293 60.0692 149.369 59.9419C149.445 59.8092 149.526 59.6819 149.607 59.552C149.694 59.4166 149.783 59.2839 149.873 59.1539C149.973 59.0131 150.073 58.875 150.179 58.7396C150.3 58.5826 150.425 58.4309 150.552 58.2847C150.715 58.0978 150.883 57.9191 151.056 57.7485C151.535 57.2747 152.052 56.8685 152.594 56.5571C152.813 56.4298 153.027 56.3242 153.238 56.2376C153.423 56.1617 153.604 56.0995 153.78 56.0507C153.918 56.0128 154.054 55.9857 154.186 55.9641C154.303 55.9451 154.416 55.9343 154.53 55.9289C154.633 55.9234 154.736 55.9262 154.833 55.9289C154.928 55.9343 155.02 55.9451 155.112 55.9614C155.202 55.9776 155.286 55.9966 155.37 56.0209C155.453 56.0453 155.535 56.0724 155.613 56.1076C155.692 56.1401 155.77 56.178 155.843 56.2213C155.852 56.2267 155.86 56.2321 155.868 56.2348L155.053 55.761H155.047Z" fill="#F2C499"/>
-<path d="M155.047 55.761L154.991 55.8455L155.017 55.8625H155.047V55.761ZM155.023 55.7474L154.973 55.8356L154.981 55.8406L154.991 55.8438L155.023 55.7474ZM154.793 55.6337L154.834 55.541L154.832 55.5399L154.793 55.6337ZM154.292 55.4875L154.311 55.3877L154.31 55.3876L154.292 55.4875ZM154.013 55.455L154.019 55.3536L154.018 55.3536L154.013 55.455ZM153.71 55.455L153.715 55.5565L153.718 55.5562L153.71 55.455ZM153.366 55.4902L153.349 55.39L153.349 55.39L153.366 55.4902ZM152.962 55.5768L152.989 55.6747L152.99 55.6746L152.962 55.5768ZM152.421 55.7637L152.459 55.8576L152.459 55.8576L152.421 55.7637ZM151.776 56.0832L151.726 55.9949L151.725 55.9953L151.776 56.0832ZM150.238 57.2747L150.167 57.2023L150.167 57.2023L150.238 57.2747ZM149.735 57.8108L149.811 57.8775L149.811 57.8774L149.735 57.8108ZM149.361 58.2657L149.441 58.3282L149.441 58.328L149.361 58.2657ZM149.055 58.68L148.972 58.6212L148.972 58.6213L149.055 58.68ZM148.789 59.0781L148.875 59.1327L148.876 59.1316L148.789 59.0781ZM148.551 59.468L148.638 59.52L148.639 59.5197L148.551 59.468ZM148.335 59.8552L148.245 59.8069L148.244 59.8083L148.335 59.8552ZM148.137 60.2479L148.228 60.2926L148.229 60.291L148.137 60.2479ZM147.953 60.6486L147.86 60.6078L147.859 60.6084L147.953 60.6486ZM147.785 61.063L147.88 61.0988L147.88 61.0978L147.785 61.063ZM147.628 61.4962L147.532 61.4636L147.531 61.4646L147.628 61.4962ZM147.484 61.9647L147.582 61.9918L147.582 61.9917L147.484 61.9647ZM147.354 62.4927L147.255 62.4713L147.255 62.4713L147.354 62.4927ZM147.246 63.1318L147.347 63.1451L147.347 63.1447L147.246 63.1318ZM147.186 64.0335H147.085L147.085 64.0338L147.186 64.0335ZM148.53 66.985L148.581 66.8972L148.58 66.8972L148.53 66.985ZM149.345 67.4589L149.294 67.5467L149.396 67.3711L149.345 67.4589ZM148.001 64.5073H147.9L147.9 64.5077L148.001 64.5073ZM148.061 63.6056L148.162 63.619L148.162 63.6185L148.061 63.6056ZM148.172 62.9666L148.073 62.9452L148.073 62.9452L148.172 62.9666ZM148.302 62.4385L148.4 62.4656L148.4 62.4655L148.302 62.4385ZM148.603 61.5368L148.697 61.5742L148.697 61.5739L148.603 61.5368ZM148.771 61.1225L148.864 61.1627L148.864 61.1625L148.771 61.1225ZM148.955 60.7218L149.046 60.7664L149.047 60.7649L148.955 60.7218ZM149.152 60.3291L149.063 60.2808L149.062 60.2822L149.152 60.3291ZM149.369 59.9419L149.456 59.9939L149.457 59.9923L149.369 59.9419ZM149.607 59.552L149.522 59.4972L149.521 59.4982L149.607 59.552ZM149.873 59.1539L149.79 59.095L149.789 59.0964L149.873 59.1539ZM150.179 58.7396L150.259 58.8021L150.259 58.8019L150.179 58.7396ZM150.552 58.2847L150.629 58.3514L150.629 58.3513L150.552 58.2847ZM151.056 57.7485L151.127 57.8209L151.127 57.8207L151.056 57.7485ZM152.594 56.5571L152.645 56.6451L152.645 56.6449L152.594 56.5571ZM153.238 56.2376L153.277 56.3315L153.277 56.3314L153.238 56.2376ZM153.78 56.0507L153.753 55.9528L153.753 55.9528L153.78 56.0507ZM154.186 55.9641L154.17 55.8638L154.17 55.8638L154.186 55.9641ZM154.53 55.9289L154.535 56.0303L154.535 56.0303L154.53 55.9289ZM154.833 55.9289L154.839 55.8274L154.836 55.8274L154.833 55.9289ZM155.112 55.9614L155.13 55.8614L155.13 55.8614L155.112 55.9614ZM155.613 56.1076L155.572 56.2003L155.574 56.2014L155.613 56.1076ZM155.843 56.2213L155.9 56.1367L155.895 56.1339L155.843 56.2213ZM155.868 56.2348L155.836 56.3312C155.885 56.3476 155.939 56.3241 155.96 56.2766C155.982 56.2292 155.964 56.1732 155.919 56.1471L155.868 56.2348ZM155.053 55.761L155.104 55.6732L155.08 55.6594H155.053V55.761ZM155.047 55.761C155.104 55.6765 155.104 55.6765 155.104 55.6765C155.104 55.6765 155.104 55.6765 155.104 55.6765C155.104 55.6765 155.104 55.6765 155.104 55.6765C155.104 55.6764 155.104 55.6764 155.104 55.6764C155.104 55.6764 155.103 55.6764 155.103 55.6764C155.103 55.6763 155.103 55.6762 155.103 55.6762C155.103 55.676 155.103 55.6758 155.102 55.6756C155.102 55.6751 155.101 55.6745 155.099 55.6738C155.097 55.6723 155.094 55.6703 155.09 55.6681C155.086 55.6657 155.071 55.6565 155.055 55.6511L154.991 55.8438C154.985 55.8418 154.982 55.84 154.983 55.8406C154.983 55.8408 154.984 55.8414 154.986 55.8423C154.987 55.8432 154.989 55.844 154.99 55.8447C154.99 55.8451 154.991 55.8453 154.991 55.8454C154.991 55.8455 154.991 55.8456 154.991 55.8456C154.991 55.8456 154.991 55.8456 154.991 55.8455C154.991 55.8455 154.991 55.8455 154.991 55.8455C154.991 55.8455 154.991 55.8455 154.991 55.8455C154.991 55.8455 154.991 55.8455 154.991 55.8455C154.991 55.8455 154.991 55.8455 154.991 55.8455C154.991 55.8455 154.991 55.8455 155.047 55.761ZM155.073 55.6593C154.993 55.6133 154.913 55.5765 154.834 55.541L154.751 55.7264C154.829 55.7613 154.901 55.7949 154.973 55.8356L155.073 55.6593ZM154.832 55.5399C154.751 55.5063 154.666 55.4752 154.577 55.4495L154.521 55.6446C154.6 55.6677 154.678 55.6961 154.754 55.7275L154.832 55.5399ZM154.577 55.4495C154.489 55.4239 154.399 55.4043 154.311 55.3877L154.273 55.5873C154.358 55.6032 154.441 55.6214 154.521 55.6446L154.577 55.4495ZM154.31 55.3876C154.216 55.3705 154.117 55.3592 154.019 55.3536L154.007 55.5564C154.098 55.5616 154.189 55.572 154.274 55.5874L154.31 55.3876ZM154.018 55.3536C153.917 55.3481 153.811 55.3451 153.702 55.3538L153.718 55.5562C153.814 55.5486 153.909 55.5511 154.007 55.5564L154.018 55.3536ZM153.705 55.3536C153.591 55.3591 153.47 55.3703 153.349 55.39L153.382 55.5904C153.494 55.5722 153.607 55.5617 153.715 55.5564L153.705 55.3536ZM153.349 55.39C153.214 55.412 153.075 55.4398 152.935 55.4791L152.99 55.6746C153.12 55.638 153.252 55.6117 153.382 55.5904L153.349 55.39ZM152.935 55.479C152.755 55.5289 152.57 55.5925 152.382 55.6698L152.459 55.8576C152.64 55.7832 152.817 55.7223 152.989 55.6747L152.935 55.479ZM152.382 55.6697C152.166 55.7585 151.948 55.8689 151.726 55.9949L151.826 56.1715C152.043 56.0484 152.253 55.9422 152.459 55.8576L152.382 55.6697ZM151.725 55.9953C151.178 56.3117 150.654 56.7234 150.167 57.2023L150.309 57.3471C150.786 56.8782 151.297 56.4776 151.827 56.1711L151.725 55.9953ZM150.167 57.2023C149.992 57.3748 149.822 57.5554 149.658 57.7442L149.811 57.8774C149.972 57.6925 150.138 57.5158 150.309 57.347L150.167 57.2023ZM149.658 57.7441C149.529 57.8918 149.404 58.045 149.281 58.2035L149.441 58.328C149.562 58.1724 149.685 58.0222 149.811 57.8775L149.658 57.7441ZM149.281 58.2033C149.174 58.3404 149.073 58.48 148.972 58.6212L149.138 58.7389C149.237 58.5985 149.337 58.4618 149.441 58.3282L149.281 58.2033ZM148.972 58.6213C148.879 58.7526 148.788 58.8871 148.703 59.0246L148.876 59.1316C148.958 58.9984 149.047 58.8674 149.138 58.7387L148.972 58.6213ZM148.704 59.0235C148.622 59.1521 148.543 59.2832 148.464 59.4163L148.639 59.5197C148.717 59.3875 148.795 59.2586 148.875 59.1327L148.704 59.0235ZM148.464 59.4161C148.387 59.5454 148.315 59.6772 148.245 59.8069L148.424 59.9036C148.494 59.7733 148.564 59.6452 148.638 59.52L148.464 59.4161ZM148.244 59.8083C148.177 59.938 148.108 60.0698 148.045 60.2047L148.229 60.291C148.29 60.1606 148.357 60.0324 148.425 59.9022L148.244 59.8083ZM148.046 60.2032C147.98 60.3378 147.92 60.472 147.86 60.6078L148.046 60.6895C148.105 60.5545 148.164 60.4233 148.228 60.2925L148.046 60.2032ZM147.859 60.6084C147.8 60.7469 147.742 60.8845 147.689 61.0281L147.88 61.0978C147.931 60.9598 147.987 60.8266 148.046 60.6889L147.859 60.6084ZM147.69 61.0271C147.636 61.1709 147.581 61.3184 147.532 61.4636L147.724 61.5289C147.772 61.387 147.826 61.2421 147.88 61.0988L147.69 61.0271ZM147.531 61.4646C147.48 61.6222 147.43 61.7783 147.386 61.9377L147.582 61.9917C147.625 61.8369 147.673 61.6843 147.724 61.5278L147.531 61.4646ZM147.386 61.9376C147.337 62.1154 147.293 62.2934 147.255 62.4713L147.454 62.5141C147.491 62.34 147.534 62.1659 147.582 61.9918L147.386 61.9376ZM147.255 62.4713C147.208 62.6884 147.173 62.9052 147.145 63.1188L147.347 63.1447C147.373 62.9359 147.408 62.7248 147.454 62.5141L147.255 62.4713ZM147.145 63.1184C147.104 63.4289 147.085 63.7339 147.085 64.0335H147.288C147.288 63.7427 147.307 63.4466 147.347 63.1451L147.145 63.1184ZM147.085 64.0338C147.09 65.5066 147.611 66.5691 148.479 67.0729L148.58 66.8972C147.797 66.4423 147.293 65.4631 147.288 64.0331L147.085 64.0338ZM148.478 67.0728L149.294 67.5467L149.396 67.3711L148.581 66.8972L148.478 67.0728ZM149.396 67.3711C148.612 66.9162 148.108 65.937 148.103 64.507L147.9 64.5077C147.905 65.9805 148.426 67.043 149.294 67.5467L149.396 67.3711ZM148.103 64.5073C148.103 64.2166 148.122 63.9204 148.162 63.619L147.96 63.5923C147.919 63.9028 147.9 64.2078 147.9 64.5073H148.103ZM148.162 63.6185C148.188 63.4106 148.226 63.1995 148.271 62.9879L148.073 62.9452C148.026 63.1615 147.988 63.3783 147.96 63.5927L148.162 63.6185ZM148.271 62.988C148.309 62.8139 148.352 62.6398 148.4 62.4656L148.204 62.4114C148.155 62.5893 148.111 62.7672 148.073 62.9452L148.271 62.988ZM148.4 62.4655C148.443 62.3105 148.491 62.1552 148.542 62.0022L148.349 61.938C148.297 62.0936 148.248 62.2524 148.204 62.4115L148.4 62.4655ZM148.542 62.0022C148.59 61.8574 148.641 61.7157 148.697 61.5742L148.508 61.4994C148.451 61.645 148.398 61.7903 148.349 61.938L148.542 62.0022ZM148.697 61.5739C148.751 61.4355 148.805 61.299 148.864 61.1627L148.677 61.0823C148.617 61.2222 148.562 61.3619 148.508 61.4998L148.697 61.5739ZM148.864 61.1625C148.92 61.0315 148.982 60.8976 149.046 60.7664L148.863 60.6771C148.798 60.8112 148.735 60.9482 148.677 61.0825L148.864 61.1625ZM149.047 60.7649C149.108 60.6344 149.175 60.5063 149.242 60.376L149.062 60.2822C148.995 60.4119 148.926 60.5437 148.863 60.6786L149.047 60.7649ZM149.242 60.3775C149.312 60.2472 149.382 60.1191 149.456 59.9939L149.282 59.8899C149.205 60.0193 149.133 60.1511 149.063 60.2808L149.242 60.3775ZM149.457 59.9923C149.532 59.8618 149.611 59.7369 149.693 59.6058L149.521 59.4982C149.441 59.627 149.358 59.7566 149.281 59.8915L149.457 59.9923ZM149.693 59.6067C149.779 59.4726 149.867 59.3409 149.956 59.2114L149.789 59.0964C149.699 59.2269 149.609 59.3606 149.522 59.4972L149.693 59.6067ZM149.955 59.2128C150.055 59.0724 150.154 58.9357 150.259 58.8021L150.099 58.6772C149.992 58.8143 149.89 58.9538 149.79 59.095L149.955 59.2128ZM150.259 58.8019C150.38 58.6463 150.503 58.4961 150.629 58.3514L150.476 58.218C150.347 58.3657 150.221 58.5188 150.098 58.6774L150.259 58.8019ZM150.629 58.3513C150.79 58.1664 150.956 57.9896 151.127 57.8209L150.985 57.6762C150.809 57.8486 150.64 58.0293 150.476 58.2181L150.629 58.3513ZM151.127 57.8207C151.601 57.352 152.112 56.9515 152.645 56.6451L152.543 56.4691C151.993 56.7855 151.469 57.1973 150.985 57.6763L151.127 57.8207ZM152.645 56.6449C152.861 56.5198 153.07 56.4163 153.277 56.3315L153.2 56.1436C152.984 56.2321 152.766 56.3398 152.543 56.4693L152.645 56.6449ZM153.277 56.3314C153.458 56.2571 153.635 56.1962 153.807 56.1486L153.753 55.9528C153.573 56.0027 153.388 56.0664 153.2 56.1437L153.277 56.3314ZM153.807 56.1486C153.941 56.1119 154.072 56.0856 154.203 56.0643L154.17 55.8638C154.035 55.8859 153.896 55.9137 153.753 55.9528L153.807 56.1486ZM154.203 56.0643C154.315 56.046 154.424 56.0356 154.535 56.0303L154.525 55.8274C154.408 55.833 154.291 55.8442 154.17 55.8638L154.203 56.0643ZM154.535 56.0303C154.634 56.0251 154.733 56.0276 154.831 56.0304L154.836 55.8274C154.739 55.8247 154.632 55.8218 154.525 55.8275L154.535 56.0303ZM154.828 56.0302C154.918 56.0354 155.006 56.0458 155.095 56.0614L155.13 55.8614C155.034 55.8444 154.938 55.8331 154.839 55.8275L154.828 56.0302ZM155.094 56.0613C155.181 56.077 155.261 56.0952 155.341 56.1184L155.398 55.9234C155.31 55.8979 155.223 55.8782 155.13 55.8614L155.094 56.0613ZM155.341 56.1184C155.423 56.1421 155.499 56.1677 155.572 56.2002L155.655 56.0149C155.57 55.977 155.484 55.9484 155.398 55.9234L155.341 56.1184ZM155.574 56.2014C155.649 56.2324 155.723 56.2683 155.792 56.3087L155.895 56.1339C155.817 56.0877 155.734 56.0477 155.652 56.0138L155.574 56.2014ZM155.787 56.3058C155.792 56.3091 155.812 56.3233 155.836 56.3312L155.9 56.1385C155.905 56.1402 155.908 56.1419 155.907 56.1414C155.906 56.1408 155.904 56.1399 155.9 56.1368L155.787 56.3058ZM155.919 56.1471L155.104 55.6732L155.002 55.8488L155.817 56.3226L155.919 56.1471ZM155.053 55.6594H155.047V55.8625H155.053V55.6594Z" fill="#192147"/>
-<path d="M110.606 91.7565C110.192 87.757 100.793 87.9222 97.5758 87.8491C92.2874 87.9087 87.7978 89.2761 84.2288 91.9082C82.7151 93.3704 76.3896 94.2071 74.4914 94.4292C74.2504 94.4563 74.0879 94.5619 74.0744 94.681L74.0635 94.662V95.0547C56.7116 95.9429 44.6184 94.5267 16.2915 97.6055C16.3186 97.6109 16.3754 97.619 16.4621 97.6353C16.3754 97.6217 16.3186 97.6109 16.2915 97.6055V98.778C16.3294 98.7834 16.4269 98.8024 16.5785 98.8267V99.4685C27.8892 100.858 43.1994 101.44 53.3512 101.54C61.778 101.673 66.2487 101.494 73.744 101.849V102.653C73.7413 102.81 74.0121 102.907 74.1692 102.918C74.5726 102.964 75.1738 103.037 75.8886 103.138C77.2236 103.324 78.9133 103.611 80.3079 103.95C81.5101 104.261 83.0482 104.643 83.9255 105.415C87.703 108.207 92.504 109.401 97.1724 109.444C100.127 109.395 110.035 109.52 110.308 105.51V103.633C110.403 101.066 104.689 99.3196 101.518 98.6778C103.847 98.2012 110.408 96.6388 110.609 93.7495V91.873C110.609 91.835 110.609 91.7971 110.609 91.7592L110.606 91.7565ZM107.091 102.499C107.091 102.499 107.102 102.518 107.107 102.528C107.102 102.518 107.097 102.509 107.091 102.499ZM107.191 102.715C107.191 102.715 107.2 102.74 107.202 102.753C107.2 102.74 107.194 102.729 107.191 102.715ZM107.246 102.953C107.246 102.953 107.246 102.967 107.246 102.975C107.246 102.967 107.246 102.962 107.246 102.953ZM106.869 104.072C103.988 107.446 89.5443 106.363 87.7978 103.59C89.3169 101.808 94.0394 101.911 96.2842 101.889C99.0624 101.941 104.882 102.19 106.869 104.069V104.072ZM106.967 102.309C106.967 102.309 106.969 102.314 106.972 102.317C106.972 102.317 106.969 102.312 106.967 102.309ZM107.614 106.344C107.484 106.392 107.351 106.439 107.216 106.482C107.351 106.439 107.484 106.39 107.614 106.344ZM74.9003 98.2581L74.9599 98.3799C74.8542 98.426 74.8136 98.5018 74.7757 98.5911C74.4941 98.5397 74.2152 98.4882 73.939 98.4368C74.2558 98.3772 74.578 98.3177 74.903 98.2581H74.9003ZM18.0083 97.8627C17.9379 97.8519 17.8729 97.8438 17.8052 97.8329C17.8756 97.8438 17.946 97.8546 18.0218 97.8654C18.0164 97.8654 18.011 97.8654 18.0083 97.8654V97.8627ZM18.4524 97.925C18.4713 97.925 18.493 97.9304 18.5146 97.9331C18.4957 97.9331 18.474 97.9277 18.4524 97.925ZM73.7765 100.671C73.7413 100.671 73.7061 100.665 73.6709 100.665L73.7765 100.671ZM75.3579 101.183C75.3389 101.183 75.32 101.177 75.301 101.174C75.32 101.174 75.3389 101.18 75.3579 101.183ZM75.0952 101.147C75.0682 101.145 75.0438 101.142 75.0194 101.137C75.0438 101.139 75.0709 101.142 75.0952 101.147ZM74.8515 101.118C74.8217 101.115 74.792 101.109 74.7649 101.107C74.7947 101.109 74.8217 101.115 74.8515 101.118ZM74.6268 101.09C74.597 101.088 74.5699 101.082 74.5401 101.08C74.5672 101.082 74.597 101.088 74.6268 101.09ZM75.6937 101.229C75.6747 101.229 75.6531 101.223 75.6341 101.22C75.6531 101.22 75.6747 101.226 75.6937 101.229ZM83.5302 99.2275C81.8297 99.2816 79.658 98.9784 77.7381 98.6913C79.7446 98.3853 81.8486 98.0469 83.8687 98.0875C86.9556 98.0956 90.0995 98.3258 92.94 98.6291C90.8143 98.8646 87.2264 99.2139 83.5302 99.2275ZM83.7847 103.411C83.7685 103.4 83.7522 103.387 83.7387 103.376C83.755 103.387 83.7712 103.4 83.7847 103.411ZM83.6168 103.289C83.6006 103.278 83.5817 103.265 83.5627 103.254C83.5817 103.265 83.5979 103.278 83.6168 103.289ZM83.3894 103.146C83.3894 103.146 83.3813 103.14 83.3759 103.138C83.3813 103.14 83.384 103.143 83.3894 103.146ZM82.642 102.788C82.642 102.788 82.6258 102.78 82.6176 102.777C82.6258 102.78 82.6339 102.786 82.642 102.788ZM82.5906 102.767C82.4606 102.715 82.3225 102.664 82.1817 102.612C82.3225 102.664 82.4606 102.712 82.5906 102.767ZM80.3079 102.065C80.0208 101.995 79.7257 101.93 79.4305 101.868C79.7257 101.93 80.0208 101.998 80.3079 102.065ZM79.3547 101.851C79.0677 101.792 78.7806 101.732 78.4936 101.678C78.7806 101.732 79.0677 101.789 79.3547 101.851ZM77.7571 101.545C77.5621 101.51 77.3671 101.48 77.1776 101.448C77.3671 101.478 77.5621 101.51 77.7571 101.545ZM87.4701 102.604C87.4701 102.555 87.4783 102.504 87.4864 102.455C87.4783 102.504 87.4728 102.555 87.4701 102.604ZM87.4999 102.379C87.5135 102.317 87.5297 102.258 87.5514 102.195C87.5297 102.258 87.5135 102.32 87.4999 102.379ZM87.5649 102.149C87.5893 102.082 87.6218 102.011 87.657 101.941C87.6218 102.011 87.592 102.082 87.5649 102.149ZM95.637 100.01C95.4312 100.01 95.2227 100.01 95.0061 100.015C95.22 100.013 95.4312 100.01 95.637 100.01ZM96.2246 100.013C96.0378 100.013 95.8482 100.01 95.6479 100.01C95.8455 100.01 96.0378 100.01 96.2246 100.013ZM96.4873 100.015C96.4494 100.015 96.4088 100.015 96.3708 100.015C96.4115 100.015 96.4494 100.015 96.4873 100.015ZM98.4559 100.078C98.4315 100.078 98.4072 100.078 98.3855 100.075C98.4072 100.075 98.4315 100.075 98.4559 100.078ZM98.1959 100.067C98.1959 100.067 98.1824 100.067 98.177 100.067C98.1824 100.067 98.1905 100.067 98.1959 100.067ZM98.0091 100.059C97.9847 100.059 97.9576 100.059 97.9306 100.056C97.9576 100.056 97.982 100.056 98.0091 100.059ZM97.7735 100.051C97.7464 100.051 97.7166 100.051 97.6869 100.048C97.7166 100.048 97.7464 100.048 97.7735 100.051ZM97.5027 100.043C97.4729 100.043 97.4431 100.043 97.4134 100.04C97.4431 100.04 97.4729 100.04 97.5027 100.043ZM97.129 100.032C97.129 100.032 97.1101 100.032 97.102 100.032C97.1101 100.032 97.1209 100.032 97.129 100.032ZM97.4838 97.137C97.5813 97.137 97.676 97.1397 97.7735 97.1397C97.676 97.1397 97.5785 97.1397 97.4838 97.137ZM96.6416 97.1072C96.6416 97.1072 96.6227 97.1072 96.6118 97.1072C96.6335 97.1072 96.6552 97.1072 96.6768 97.11C96.666 97.11 96.6525 97.11 96.6416 97.11V97.1072ZM95.2823 96.9989C95.2606 96.9989 95.2335 96.9935 95.2119 96.9908C95.2417 96.9935 95.2742 96.9962 95.3039 96.9989C95.2958 96.9989 95.2904 96.9989 95.2823 96.9989ZM95.9024 97.0558C95.943 97.0585 95.9809 97.0612 96.0215 97.0666C95.9809 97.0639 95.943 97.0612 95.9024 97.0558ZM94.5106 96.9204C94.1775 96.8852 93.7984 96.8446 93.4464 96.8067C93.8011 96.8446 94.1802 96.8852 94.5133 96.9204H94.5106ZM88.5506 96.3734C88.6237 96.3788 88.6968 96.3815 88.7699 96.3869C88.6968 96.3815 88.6237 96.3761 88.5506 96.3734ZM91.0066 96.563C91.0418 96.5657 91.077 96.5684 91.1122 96.5738C91.077 96.5711 91.0418 96.5684 91.0066 96.563ZM91.9814 96.655C92.087 96.6659 92.1899 96.6767 92.2928 96.6848C92.1899 96.674 92.087 96.6631 91.9814 96.655ZM92.9887 96.7579C93.0998 96.7688 93.2081 96.7823 93.3164 96.7931C93.2081 96.7823 93.1025 96.7715 92.9887 96.7579ZM93.5005 100.067C93.2568 100.08 93.0104 100.097 92.764 100.116C93.0077 100.097 93.2541 100.08 93.5005 100.067ZM92.7125 100.121C92.4986 100.14 92.2847 100.159 92.0762 100.183C92.2874 100.159 92.5013 100.14 92.7125 100.121ZM90.6491 100.395C90.4244 100.438 90.2051 100.489 89.9965 100.544C90.2051 100.489 90.4244 100.441 90.6491 100.395ZM89.9532 100.554C89.7935 100.598 89.6391 100.641 89.4902 100.69C89.6391 100.641 89.7935 100.595 89.9532 100.554ZM88.9676 100.887C88.8809 100.925 88.797 100.963 88.7157 101.004C88.797 100.963 88.8809 100.923 88.9676 100.887ZM87.7707 101.759C87.7463 101.795 87.7247 101.832 87.703 101.868C87.7247 101.83 87.7463 101.795 87.7707 101.759ZM87.1723 105.442C87.091 105.404 87.0098 105.369 86.9313 105.328C87.0098 105.366 87.091 105.404 87.1723 105.442ZM85.9862 104.844C85.9294 104.814 85.8752 104.779 85.8183 104.749C85.8752 104.781 85.9294 104.814 85.9862 104.844ZM85.0547 104.291C84.9735 104.24 84.8895 104.188 84.8083 104.137C84.8895 104.188 84.9708 104.24 85.0547 104.291ZM98.6048 100.091C98.6725 100.094 98.7429 100.099 98.816 100.105C98.7429 100.099 98.6725 100.097 98.6048 100.091ZM98.8973 100.11C99.0002 100.118 99.1085 100.124 99.2249 100.135C99.1112 100.127 99.0029 100.118 98.8973 100.11ZM99.7069 100.173C99.7909 100.181 99.8748 100.189 99.9642 100.197C99.8775 100.189 99.7909 100.181 99.7069 100.173ZM104.689 101.05C104.798 101.082 104.901 101.118 105.006 101.153C104.903 101.118 104.798 101.082 104.689 101.05ZM105.079 101.18C105.204 101.223 105.328 101.272 105.445 101.318C105.326 101.269 105.204 101.223 105.079 101.18ZM103.858 100.82C103.945 100.841 104.029 100.863 104.113 100.885C104.029 100.863 103.942 100.841 103.858 100.82ZM104.28 100.931C104.37 100.955 104.459 100.982 104.549 101.009C104.459 100.982 104.373 100.958 104.28 100.931ZM102.797 100.592C103.119 100.655 103.438 100.722 103.752 100.795C103.438 100.72 103.119 100.652 102.797 100.592ZM101.575 100.389C101.732 100.411 101.889 100.435 102.049 100.462C101.889 100.438 101.732 100.414 101.575 100.389ZM100.146 100.213C100.2 100.219 100.257 100.224 100.313 100.229C100.257 100.224 100.202 100.219 100.146 100.213ZM101.305 100.351C101.361 100.359 101.416 100.365 101.472 100.373C101.416 100.365 101.359 100.357 101.305 100.351ZM98.0118 97.1424C98.177 97.1424 98.3421 97.137 98.51 97.1289C98.3449 97.137 98.177 97.1397 98.0118 97.1424ZM99.3061 97.0856C99.428 97.0775 99.5526 97.0666 99.6771 97.0558C99.5526 97.0693 99.428 97.0775 99.3061 97.0856ZM98.529 95.3444C95.7318 95.4663 89.5471 95.6098 88.1146 93.7089C90.3892 90.6382 104.784 90.0912 107.175 93.2079C105.661 94.8299 100.127 95.2794 98.5263 95.3444H98.529ZM100.414 96.98C100.216 97.0043 100.026 97.0233 99.8369 97.0423C100.024 97.0233 100.213 97.0043 100.414 96.98ZM88.12 91.8269C88.1552 91.7836 88.1904 91.7376 88.231 91.6942C88.1931 91.7376 88.1552 91.7809 88.12 91.8269ZM88.6724 91.2908C88.6724 91.2908 88.6968 91.2718 88.7076 91.2637C88.6941 91.2718 88.6833 91.2826 88.6724 91.2908ZM89.1653 90.9685C89.195 90.9523 89.2248 90.936 89.2546 90.9198C89.2248 90.936 89.1923 90.9523 89.1653 90.9685ZM89.4225 90.8304C89.4577 90.8115 89.4929 90.7952 89.5281 90.779C89.4929 90.7952 89.455 90.8142 89.4225 90.8304ZM89.6987 90.6977C89.7366 90.6815 89.7772 90.6626 89.8151 90.6463C89.7745 90.6626 89.7366 90.6815 89.6987 90.6977ZM90.335 90.4378C90.4136 90.408 90.4948 90.3809 90.576 90.3511C90.4948 90.3782 90.4136 90.408 90.335 90.4378ZM90.7196 90.3024C90.8197 90.2699 90.9226 90.2374 91.0255 90.2049C90.9226 90.2374 90.8197 90.2672 90.7196 90.3024ZM92.7396 89.7852C92.8994 89.7527 93.0619 89.7229 93.227 89.6958C93.0619 89.7256 92.8994 89.7554 92.7396 89.7852ZM95.8076 89.3736C96.1786 89.3438 96.5577 89.3167 96.9422 89.2978C96.555 89.3167 96.1759 89.3438 95.8076 89.3736ZM96.9639 89.2978C96.9639 89.2978 96.972 89.2978 96.9828 89.2978C96.972 89.2978 96.9693 89.2978 96.9639 89.2978ZM97.0018 89.2978C97.0207 89.2978 97.0424 89.2978 97.0749 89.2951C97.0451 89.2951 97.0234 89.2951 97.0018 89.2978ZM97.102 89.2924C97.1345 89.2924 97.1697 89.2897 97.213 89.287C97.1697 89.287 97.1345 89.2897 97.102 89.2924ZM97.2617 89.287C97.305 89.287 97.3457 89.2842 97.3971 89.2815C97.3457 89.2815 97.3023 89.2843 97.2617 89.287ZM99.0218 89.268C99.1247 89.268 99.2303 89.2707 99.3386 89.2734C99.2303 89.2734 99.1247 89.268 99.0218 89.268ZM99.3955 89.2761C99.4849 89.2761 99.5769 89.2815 99.669 89.2843C99.5769 89.2815 99.4849 89.2788 99.3955 89.2761ZM100.143 89.3005C100.224 89.3032 100.308 89.3086 100.392 89.314C100.308 89.3086 100.224 89.3059 100.143 89.3005ZM100.5 89.3195C100.671 89.3303 100.844 89.3411 101.02 89.3519C100.844 89.3384 100.671 89.3276 100.5 89.3195ZM101.11 89.3601C101.286 89.3736 101.462 89.3872 101.638 89.4061C101.459 89.3899 101.283 89.3736 101.11 89.3601ZM102.705 89.5307C102.967 89.5686 103.227 89.6092 103.482 89.6579C103.224 89.6092 102.964 89.5686 102.705 89.5307ZM104.251 89.8231C104.467 89.8746 104.676 89.9341 104.879 89.9964C104.676 89.9341 104.465 89.8773 104.251 89.8231ZM104.982 90.0289C105.052 90.0506 105.12 90.0749 105.188 90.0966C105.12 90.0722 105.052 90.0506 104.982 90.0289ZM105.307 90.1399C105.372 90.1643 105.434 90.186 105.496 90.2103C105.434 90.186 105.372 90.1616 105.307 90.1399ZM105.613 90.2591C105.678 90.2861 105.74 90.3132 105.802 90.3403C105.74 90.3132 105.678 90.2834 105.613 90.2591ZM106.49 90.7194C106.547 90.7573 106.604 90.7979 106.658 90.8358C106.604 90.7952 106.547 90.7573 106.49 90.7194ZM107.56 92.225C107.56 92.225 107.56 92.2033 107.56 92.1898C107.56 92.2006 107.56 92.2114 107.56 92.225ZM107.059 91.196C107.021 91.1554 106.983 91.1175 106.945 91.0796C106.986 91.1175 107.024 91.1581 107.059 91.196ZM107.227 91.4045C107.194 91.3585 107.159 91.3124 107.121 91.2691C107.159 91.3124 107.191 91.3585 107.227 91.4045ZM98.9623 89.2707C98.8106 89.2707 98.6617 89.268 98.5209 89.268C98.6617 89.268 98.8079 89.268 98.9623 89.2707ZM97.6192 89.2788C97.5813 89.2788 97.5488 89.2788 97.5135 89.2815C97.5488 89.2815 97.5813 89.2815 97.6192 89.2788ZM97.8818 89.2734C97.8493 89.2734 97.8223 89.2734 97.7898 89.2734C97.8195 89.2734 97.8493 89.2734 97.8818 89.2734ZM88.5126 91.4235C88.4314 91.4939 88.3556 91.5643 88.2879 91.6347C88.3556 91.5616 88.4314 91.4912 88.5126 91.4235ZM87.944 92.1004C87.9223 92.1438 87.9034 92.1871 87.8844 92.2331C87.9034 92.1898 87.9223 92.1438 87.944 92.1004ZM87.8574 92.2981C87.8357 92.3577 87.8194 92.4172 87.8059 92.4795C87.8194 92.4199 87.8357 92.3577 87.8574 92.2981ZM17.659 97.8221C17.594 97.8113 17.5344 97.8032 17.4748 97.795C17.5371 97.8032 17.594 97.814 17.659 97.8221ZM17.3313 97.7734C17.2853 97.7652 17.242 97.7598 17.1986 97.7544C17.242 97.7598 17.2826 97.768 17.3313 97.7734ZM87.9575 105.797C88.0469 105.835 88.1363 105.873 88.2256 105.908C88.1336 105.875 88.0469 105.835 87.9575 105.797ZM89.5146 106.371C89.6445 106.414 89.7772 106.457 89.9099 106.498C89.7772 106.46 89.6472 106.414 89.5146 106.371ZM90.966 106.791C91.0932 106.823 91.2205 106.853 91.3478 106.883C91.2205 106.856 91.0932 106.826 90.966 106.791ZM90.1482 106.566C90.3296 106.617 90.511 106.669 90.6925 106.717C90.5083 106.669 90.3269 106.617 90.1482 106.566ZM92.1953 107.064C92.2874 107.083 92.3768 107.102 92.4688 107.118C92.3768 107.105 92.2874 107.083 92.1953 107.064ZM93.5195 107.291C93.5709 107.3 93.6224 107.305 93.6738 107.31C93.6224 107.302 93.5709 107.3 93.5195 107.291ZM94.5782 107.419C94.6947 107.43 94.8111 107.44 94.9303 107.451C94.8138 107.443 94.6947 107.435 94.5782 107.419ZM95.6912 107.508C95.8157 107.516 95.9403 107.524 96.0649 107.53C95.9403 107.53 95.8157 107.519 95.6912 107.508ZM97.3078 107.568C97.1967 107.568 97.0857 107.562 96.972 107.56C97.1994 107.57 97.8764 107.57 97.3078 107.568ZM99.5634 107.53C99.5634 107.53 99.5878 107.53 99.5986 107.53C99.5878 107.53 99.5742 107.53 99.5634 107.53ZM99.1735 107.541C99.2303 107.541 99.2926 107.538 99.3522 107.535C99.2926 107.535 99.2303 107.538 99.1735 107.541ZM102.011 107.397C102.06 107.394 102.111 107.389 102.16 107.386C102.109 107.392 102.06 107.394 102.011 107.397ZM100.081 107.511C100.129 107.511 100.181 107.505 100.23 107.505C100.178 107.505 100.129 107.511 100.081 107.511ZM100.695 107.484C100.73 107.484 100.766 107.481 100.804 107.478C100.766 107.478 100.733 107.481 100.695 107.484ZM104.145 107.164C104.178 107.159 104.213 107.156 104.248 107.151C104.215 107.156 104.18 107.162 104.145 107.164ZM106.393 106.726C106.477 106.704 106.558 106.682 106.639 106.661C106.558 106.685 106.474 106.707 106.393 106.726ZM105.87 106.853C105.935 106.839 105.997 106.823 106.062 106.807C105.997 106.823 105.935 106.837 105.87 106.853ZM107.687 106.319C107.787 106.281 107.885 106.244 107.979 106.203C107.885 106.246 107.787 106.281 107.687 106.319ZM108.862 105.748C108.924 105.71 108.987 105.669 109.046 105.629C108.987 105.669 108.927 105.713 108.862 105.748ZM108.44 105.986C108.467 105.973 108.494 105.957 108.521 105.943C108.494 105.957 108.47 105.973 108.44 105.986ZM109.119 105.58C109.209 105.515 109.295 105.45 109.377 105.382C109.298 105.453 109.209 105.515 109.119 105.58ZM109.656 105.12C109.691 105.082 109.721 105.041 109.753 105.003C109.721 105.041 109.691 105.085 109.656 105.12ZM109.875 104.857C109.913 104.803 109.945 104.746 109.981 104.692C109.945 104.746 109.916 104.806 109.875 104.857ZM110.054 104.575C110.054 104.575 110.054 104.576 110.054 104.581C110.105 104.486 110.148 104.389 110.186 104.288C110.151 104.389 110.108 104.483 110.056 104.578L110.054 104.575ZM110.273 103.961C110.273 103.961 110.273 103.961 110.273 103.964C110.292 103.858 110.305 103.75 110.311 103.639C110.305 103.75 110.295 103.855 110.276 103.961H110.273ZM106.812 102.136C106.812 102.136 106.793 102.117 106.783 102.106C106.793 102.117 106.801 102.125 106.812 102.136ZM105.729 101.437C105.748 101.445 105.764 101.453 105.783 101.461C105.767 101.453 105.748 101.445 105.729 101.437ZM106.046 101.594C106.06 101.602 106.073 101.61 106.087 101.616C106.073 101.608 106.06 101.6 106.046 101.594ZM106.333 101.759C106.333 101.759 106.338 101.762 106.341 101.765C106.341 101.765 106.336 101.762 106.333 101.759ZM106.56 101.919C106.56 101.919 106.585 101.938 106.598 101.946C106.588 101.938 106.574 101.927 106.56 101.919ZM100.69 96.9366C100.73 96.9312 100.771 96.9258 100.814 96.9177C100.774 96.9231 100.73 96.9312 100.69 96.9366ZM101.237 96.85C101.288 96.8419 101.342 96.831 101.397 96.8202C101.342 96.831 101.288 96.8392 101.237 96.85ZM101.554 96.7904C101.611 96.7796 101.67 96.7688 101.727 96.7552C101.667 96.7661 101.611 96.7796 101.554 96.7904ZM101.892 96.7227C101.952 96.7092 102.014 96.6957 102.076 96.6848C102.014 96.6984 101.952 96.7119 101.892 96.7227ZM102.252 96.6469C102.315 96.6334 102.382 96.6171 102.447 96.6036C102.382 96.6171 102.317 96.6334 102.252 96.6469ZM102.629 96.563C102.696 96.5467 102.764 96.5305 102.832 96.5142C102.764 96.5305 102.694 96.5467 102.629 96.563ZM103.021 96.4682C103.089 96.4519 103.159 96.433 103.227 96.4167C103.157 96.433 103.089 96.4519 103.021 96.4682ZM106.986 95.1765C107.034 95.1549 107.08 95.1359 107.126 95.1143C107.08 95.1359 107.032 95.1576 106.986 95.1765ZM108.803 94.2423C108.849 94.2125 108.892 94.1828 108.935 94.153C108.892 94.1828 108.849 94.2153 108.803 94.2423ZM107.874 94.7649C107.92 94.7433 107.966 94.7189 108.009 94.6972C107.963 94.7216 107.917 94.7433 107.874 94.7649ZM108.418 94.4725C108.418 94.4725 108.437 94.4617 108.445 94.4562C108.434 94.4617 108.426 94.4671 108.418 94.4725ZM109.452 93.7712C109.509 93.7251 109.563 93.6791 109.615 93.6331C109.563 93.6791 109.509 93.7278 109.452 93.7712ZM109.141 94.0095C109.187 93.977 109.23 93.9445 109.274 93.9093C109.23 93.9418 109.187 93.977 109.141 94.0095ZM110.102 93.1267C110.045 93.1998 109.983 93.2729 109.916 93.3433C109.983 93.2729 110.043 93.1998 110.102 93.1267ZM110.146 93.0698C110.175 93.0292 110.203 92.9886 110.232 92.9453C110.205 92.9886 110.178 93.0292 110.146 93.0698ZM110.338 92.7774C110.36 92.7368 110.381 92.6989 110.4 92.6582C110.384 92.6989 110.362 92.7395 110.338 92.7774ZM110.468 92.5093C110.484 92.466 110.5 92.4227 110.517 92.3793C110.506 92.4254 110.49 92.466 110.468 92.5093ZM110.555 92.2358C110.565 92.1925 110.574 92.1464 110.582 92.1031C110.582 92.1492 110.568 92.1925 110.555 92.2358ZM110.598 91.9515C110.603 91.8865 110.609 91.8215 110.606 91.7565V91.8838C110.606 91.9054 110.601 91.9298 110.598 91.9515Z" fill="#C5C7D1"/>
-<path d="M72.4983 99.5638C70.7951 99.469 68.7669 99.423 66.6521 99.3959C64.5399 99.3688 62.3385 99.3607 60.2805 99.3418C58.9455 99.3282 56.2052 99.3282 52.5414 99.2822C47.3776 99.2172 40.3778 99.0574 32.8933 98.6431C28.8017 98.4157 24.5639 98.1151 20.3992 97.7089C18.8422 97.5573 17.296 97.3921 15.7688 97.208V98.3805C17.2933 98.5619 18.8395 98.7298 20.3992 98.8814C24.5639 99.2876 28.8017 99.5909 32.8933 99.8156C40.3778 100.23 47.3776 100.387 52.5414 100.455C56.2052 100.501 58.9455 100.501 60.2805 100.514C62.3412 100.533 64.5427 100.541 66.6521 100.568C68.7669 100.595 70.7951 100.642 72.4983 100.736C72.9207 100.761 73.3242 100.785 73.706 100.815V99.6423C73.3269 99.6125 72.9235 99.5855 72.4983 99.5638Z" fill="#8B8FA2" stroke="#192147" stroke-width="0.203089" stroke-miterlimit="10"/>
-<path d="M59.2651 95.2255C59.8473 95.2255 60.2724 95.2309 60.5486 95.2445C62.2112 95.3176 63.9903 95.453 67.765 96.2599C69.536 96.639 72.0353 97.1833 74.6673 97.6436L73.7033 99.6447C70.2644 99.3767 64.9137 99.3875 60.2778 99.3442C55.642 99.3008 34.1172 99.401 15.7661 97.2104C16.1967 97.1346 24.3825 95.6858 38.0626 95.5125C49.4762 95.369 56.3379 95.2255 59.2651 95.2255Z" fill="#E2E4EA" stroke="#192147" stroke-width="0.203089" stroke-linejoin="round"/>
-<path d="M106.579 90.5923C106.268 89.964 105.599 89.4956 104.743 89.149C104.532 89.0623 104.31 88.9838 104.08 88.9134C103.863 88.8457 103.641 88.7861 103.411 88.7293C103.173 88.6724 102.932 88.6209 102.685 88.5749C102.409 88.5235 102.13 88.4774 101.849 88.4368C101.518 88.3908 101.188 88.3529 100.858 88.3204C100.449 88.2798 100.043 88.25 99.6526 88.2283C99.1273 88.1985 98.6291 88.185 98.1796 88.1796C98.0144 88.1796 97.8546 88.1768 97.703 88.1768C97.2345 88.1768 96.8527 88.185 96.5819 88.1931C96.303 88.2012 96.1433 88.2121 96.127 88.2121C95.7371 88.231 95.3526 88.2581 94.9789 88.2879C94.3155 88.342 93.6791 88.4151 93.078 88.5018C92.2304 88.6264 91.4506 88.7807 90.7492 88.9648C90.1264 89.13 89.5659 89.3142 89.0812 89.5227C88.7102 89.6797 88.3853 89.8503 88.1064 90.029C87.9574 90.1238 87.8247 90.224 87.7029 90.3242C87.6081 90.4027 87.5242 90.4839 87.4456 90.5652C87.3806 90.6356 87.3211 90.706 87.2669 90.7791C87.2182 90.8468 87.1748 90.9172 87.1369 90.9876C87.099 91.0553 87.0693 91.1257 87.0449 91.1934C87.0205 91.2638 86.9988 91.3342 86.9853 91.4046C86.9718 91.4804 86.9636 91.5563 86.9609 91.6321C86.9609 91.6402 86.9609 91.651 86.9609 91.6592V93.5357C86.9609 93.5357 86.9609 93.5167 86.9609 93.5086C86.9609 93.4328 86.9718 93.3543 86.9853 93.2812C86.9988 93.2108 87.0178 93.1403 87.0449 93.0699C87.0693 92.9995 87.1017 92.9318 87.1369 92.8641C87.1748 92.7937 87.2182 92.7233 87.2669 92.6557C87.3184 92.5825 87.3779 92.5121 87.4456 92.4417C87.5215 92.3605 87.6081 92.2793 87.7029 92.2007C87.8247 92.1005 87.9574 92.0003 88.1064 91.9056C88.3853 91.7241 88.7129 91.5563 89.0812 91.3992C89.5659 91.1934 90.1264 91.0066 90.7492 90.8414C91.4478 90.6573 92.2304 90.5029 93.078 90.3783C93.6791 90.2917 94.3155 90.2186 94.9789 90.1644C95.3526 90.1346 95.7344 90.1075 96.127 90.0886C96.1433 90.0886 96.303 90.0778 96.5819 90.0697C96.8527 90.0615 97.2345 90.0534 97.703 90.0534C97.8546 90.0534 98.0144 90.0534 98.1796 90.0561C98.6291 90.0615 99.1273 90.0751 99.6526 90.1049C100.043 90.1265 100.449 90.1563 100.858 90.1969C101.185 90.2294 101.518 90.2673 101.849 90.3134C102.13 90.354 102.409 90.3973 102.685 90.4515C102.932 90.4975 103.176 90.5489 103.411 90.6058C103.641 90.6627 103.863 90.7222 104.08 90.7899C104.31 90.8603 104.532 90.9389 104.743 91.0255C105.599 91.3721 106.268 91.8406 106.579 92.4688C106.693 92.699 106.747 92.9129 106.747 93.116V91.2394C106.747 91.0363 106.693 90.8224 106.579 90.5923Z" fill="#BC3857" stroke="#192147" stroke-width="0.203089" stroke-miterlimit="10"/>
-<path d="M74.4018 95.8917L74.3801 97.7872L73.251 95.453V93.5765L74.4018 95.8917Z" fill="#BC3857" stroke="#192147" stroke-width="0.203089" stroke-linejoin="round"/>
-<path d="M109.794 90.6736V90.8009C109.791 90.8957 109.783 90.9877 109.764 91.0798C109.745 91.1746 109.718 91.2694 109.685 91.3614C109.65 91.4562 109.607 91.551 109.558 91.643C109.504 91.7432 109.444 91.838 109.374 91.9355C109.293 92.0465 109.201 92.1575 109.1 92.2658C108.979 92.3958 108.843 92.5231 108.694 92.6449C108.491 92.8155 108.264 92.978 108.02 93.1378C107.492 93.479 106.877 93.7904 106.225 94.072C105.074 94.5675 103.799 94.9737 102.642 95.2743C101.556 95.5586 100.576 95.7536 99.9073 95.851C99.7963 95.8673 99.6907 95.8808 99.5986 95.8917C99.2737 95.9296 98.965 95.9621 98.6644 95.9864C98.2989 96.0162 97.9496 96.0379 97.6057 96.0487C97.4676 96.0541 97.3294 96.0568 97.1913 96.0568C97.1128 96.0568 97.0343 96.0568 96.9585 96.0568C96.8745 96.0568 96.7933 96.0568 96.7094 96.0568C96.4088 96.0541 96.1163 96.0433 95.8239 96.0271C95.3771 96.0027 94.9303 95.9648 94.4645 95.9187C94.2154 95.8944 93.9582 95.8673 93.6928 95.8402C93.4951 95.8186 93.2839 95.7969 93.0565 95.7725C92.4743 95.7102 91.8108 95.6371 91.0689 95.564C89.9126 95.4503 88.5695 95.3365 87.0531 95.2526C85.9754 95.193 84.8083 95.1497 83.56 95.1308C83.5492 95.1308 83.5384 95.1308 83.5275 95.1308C83.4409 95.1308 83.3542 95.1308 83.2649 95.1308C83.1945 95.1308 83.1241 95.1308 83.0537 95.1308C82.9724 95.1281 82.8885 95.1253 82.7991 95.1253C82.7531 95.1253 82.707 95.1253 82.6583 95.1253C82.5148 95.1253 82.3659 95.1253 82.2088 95.1335C81.8622 95.1443 81.4885 95.1687 81.1013 95.2012C80.1427 95.2797 79.0921 95.4124 78.1145 95.5559C76.8337 95.7427 75.6802 95.9458 75.033 96.0623C75.0222 96.0623 75.0113 96.065 74.9978 96.0677C74.9761 96.0704 74.9572 96.0731 74.9355 96.0758C74.9193 96.0758 74.9003 96.0758 74.8841 96.0785C74.8732 96.0785 74.8624 96.0785 74.8516 96.0785C74.8461 96.0785 74.8434 96.0785 74.838 96.0785C74.8245 96.0785 74.8082 96.0785 74.7947 96.0785C74.7812 96.0785 74.7676 96.0785 74.7514 96.0758C74.7378 96.0758 74.7243 96.0731 74.7108 96.0704C74.6972 96.0704 74.6837 96.065 74.6674 96.0623C74.6539 96.0596 74.6376 96.0568 74.6241 96.0541C74.6079 96.0514 74.5916 96.046 74.5781 96.0406C74.5591 96.0352 74.5402 96.0271 74.5239 96.0216C74.44 95.9864 74.375 95.9377 74.3479 95.8808V97.7574C74.375 97.8142 74.44 97.863 74.5239 97.8982C74.5402 97.9063 74.5591 97.9117 74.5781 97.9171C74.5943 97.9226 74.6079 97.9253 74.6241 97.9307C74.6376 97.9334 74.6539 97.9361 74.6674 97.9388C74.681 97.9388 74.6945 97.9442 74.7108 97.9469C74.7243 97.9469 74.7378 97.9496 74.7514 97.9523C74.7649 97.9523 74.7785 97.9523 74.7947 97.9551C74.8082 97.9551 74.8245 97.9551 74.838 97.9551C74.8434 97.9551 74.8461 97.9551 74.8516 97.9551C74.8624 97.9551 74.8732 97.9551 74.8841 97.9551C74.9003 97.9551 74.9193 97.9551 74.9355 97.9523C74.9572 97.9523 74.9761 97.9496 74.9978 97.9442C75.0086 97.9442 75.0195 97.9415 75.033 97.9388C75.6802 97.8197 76.8337 97.6166 78.1145 97.4324C79.0921 97.2889 80.1427 97.1562 81.1013 97.0777C81.4885 97.0452 81.8622 97.0236 82.2088 97.01C82.3632 97.0046 82.5148 97.0019 82.6583 97.0019C82.707 97.0019 82.7531 97.0019 82.7991 97.0019C82.8858 97.0019 82.9724 97.0046 83.0537 97.0073C83.1241 97.0073 83.1945 97.0073 83.2649 97.0073C83.3542 97.0073 83.4409 97.0073 83.5275 97.0073C83.5384 97.0073 83.5492 97.0073 83.56 97.0073C84.8083 97.0263 85.9754 97.0696 87.0531 97.1291C88.5695 97.2131 89.9126 97.3268 91.0689 97.4406C91.8081 97.5137 92.4743 97.5841 93.0565 97.6491C93.2839 97.6734 93.4951 97.6978 93.6928 97.7168C93.9582 97.7438 94.2127 97.7709 94.4645 97.7953C94.9303 97.8413 95.3771 97.8792 95.8239 97.9036C96.1163 97.9199 96.4088 97.9307 96.7094 97.9334C96.7906 97.9334 96.8745 97.9334 96.9585 97.9334C97.0343 97.9334 97.1128 97.9334 97.1913 97.9334C97.3294 97.9334 97.4676 97.928 97.6057 97.9253C97.9496 97.9144 98.2989 97.8955 98.6644 97.863C98.9623 97.8386 99.271 97.8061 99.5986 97.7682C99.6934 97.7574 99.7963 97.7438 99.9073 97.7276C100.576 97.6301 101.556 97.4351 102.642 97.1508C103.799 96.8475 105.074 96.4441 106.225 95.9485C106.88 95.6669 107.492 95.3528 108.02 95.0143C108.264 94.8573 108.491 94.6921 108.694 94.5215C108.843 94.3969 108.979 94.2724 109.1 94.1424C109.201 94.0341 109.293 93.9258 109.374 93.812C109.444 93.7172 109.504 93.6198 109.558 93.5196C109.61 93.4275 109.65 93.3327 109.685 93.238C109.718 93.1459 109.745 93.0511 109.764 92.9563C109.783 92.8616 109.794 92.7641 109.796 92.6666V90.7901C109.796 90.7522 109.796 90.7143 109.796 90.6763L109.794 90.6736Z" fill="#BC3857" stroke="#192147" stroke-width="0.203089" stroke-miterlimit="10"/>
-<path d="M109.794 90.6735C109.932 93.7198 101.884 95.6261 99.5931 95.8942C98.7076 95.9998 97.944 96.0513 97.1885 96.0594C97.11 96.0594 97.0314 96.0594 96.9556 96.0594C95.8508 96.0594 94.857 95.9646 93.6927 95.8401C93.495 95.8184 93.2838 95.7967 93.0563 95.7724C90.9171 95.5395 87.6839 95.1902 83.5626 95.1333C83.4651 95.1333 83.3676 95.1333 83.2701 95.1333C83.1997 95.1333 83.1293 95.1333 83.0589 95.1333C82.9344 95.1279 82.8017 95.1252 82.6636 95.1252C80.3782 95.1252 76.4707 95.7994 75.041 96.0621C74.9814 96.0729 74.9218 96.0784 74.8623 96.0784C74.6294 96.0784 74.4155 95.9998 74.3586 95.8807L73.2782 93.6792C73.205 93.533 73.3865 93.3813 73.6816 93.3488C75.5771 93.1295 81.9054 92.2928 83.4191 90.8278C86.9907 88.1958 91.4776 86.8283 96.7661 86.7688C96.8798 86.7688 96.9963 86.7688 97.1127 86.7688C97.2914 86.7688 97.4701 86.7687 97.6488 86.7742C100.611 86.8202 109.628 86.961 109.796 90.6789L109.794 90.6735ZM97.7084 94.2587C99.7258 94.1747 108.02 93.4869 106.579 90.5922C105.518 88.4585 100.354 88.1768 97.703 88.1768C96.7525 88.1768 96.1568 88.212 96.127 88.212C90.075 88.518 85.9888 90.1698 87.1613 92.4146C88.0089 94.0393 92.095 94.3209 95.0547 94.3209C96.1839 94.3209 97.1506 94.2803 97.7084 94.256" fill="#ED6E85"/>
-<path d="M97.7084 94.2587C99.7258 94.1747 108.02 93.4869 106.579 90.5922C105.518 88.4585 100.354 88.1768 97.703 88.1768C96.7525 88.1768 96.1568 88.212 96.127 88.212C90.075 88.518 85.9888 90.1698 87.1613 92.4146C88.0089 94.0393 92.095 94.3209 95.0547 94.3209C96.1839 94.3209 97.1506 94.2803 97.7084 94.256M109.794 90.6735C109.932 93.7198 101.884 95.6261 99.5931 95.8942C98.7076 95.9998 97.944 96.0513 97.1885 96.0594C97.11 96.0594 97.0314 96.0594 96.9556 96.0594C95.8508 96.0594 94.857 95.9646 93.6927 95.8401C93.495 95.8184 93.2838 95.7967 93.0563 95.7724C90.9171 95.5395 87.6839 95.1902 83.5626 95.1333C83.4651 95.1333 83.3676 95.1333 83.2701 95.1333C83.1997 95.1333 83.1293 95.1333 83.0589 95.1333C82.9344 95.1279 82.8017 95.1252 82.6636 95.1252C80.3782 95.1252 76.4707 95.7994 75.041 96.0621C74.9814 96.0729 74.9218 96.0784 74.8623 96.0784C74.6294 96.0784 74.4155 95.9998 74.3586 95.8807L73.2782 93.6792C73.205 93.533 73.3865 93.3813 73.6816 93.3488C75.5771 93.1295 81.9054 92.2928 83.4191 90.8278C86.9907 88.1958 91.4776 86.8283 96.7661 86.7688C96.8798 86.7688 96.9963 86.7688 97.1127 86.7688C97.2914 86.7688 97.4701 86.7687 97.6488 86.7742C100.611 86.8202 109.628 86.961 109.796 90.6789L109.794 90.6735Z" stroke="#192147" stroke-width="0.203089" stroke-miterlimit="10"/>
-<path d="M104.641 100.241C104.394 100.141 104.129 100.048 103.85 99.9618C103.571 99.8751 103.279 99.7966 102.978 99.7235C102.642 99.6423 102.296 99.5692 101.946 99.5042C101.527 99.4256 101.102 99.3579 100.69 99.2984C100.17 99.2253 99.6663 99.1684 99.206 99.1224C98.6401 99.0682 98.1418 99.0303 97.7546 99.0113C97.6111 99.0032 97.4838 98.9978 97.3755 98.9924C96.9449 98.9761 96.2734 98.9491 95.4692 98.9382C95.2634 98.9382 95.0467 98.9328 94.8247 98.9328C94.3969 98.9328 93.9446 98.9382 93.4789 98.9545C92.9644 98.9707 92.4337 98.9978 91.9083 99.0411C91.4561 99.079 91.0093 99.1278 90.5761 99.1901C90.0778 99.2632 89.5985 99.3552 89.1572 99.469C88.8051 99.561 88.4775 99.6693 88.1823 99.7939C87.9576 99.8887 87.7518 99.9943 87.5704 100.111C87.4702 100.176 87.3781 100.241 87.2942 100.311C87.2265 100.368 87.1642 100.428 87.1046 100.487C87.0532 100.541 87.0044 100.598 86.9638 100.658C86.9232 100.715 86.888 100.771 86.8555 100.831C86.8501 100.839 86.8474 100.847 86.8419 100.855C86.804 100.931 86.7715 101.004 86.7445 101.077C86.7147 101.161 86.6903 101.243 86.6741 101.327C86.6578 101.408 86.6497 101.489 86.647 101.568C86.647 101.578 86.647 101.587 86.647 101.597V103.474C86.647 103.474 86.647 103.455 86.647 103.444C86.647 103.366 86.6578 103.284 86.6741 103.203C86.6903 103.122 86.712 103.038 86.7445 102.954C86.7715 102.881 86.804 102.805 86.8419 102.732C86.8474 102.724 86.8501 102.716 86.8555 102.708C86.888 102.648 86.9232 102.591 86.9638 102.534C87.0071 102.475 87.0532 102.418 87.1046 102.364C87.1615 102.301 87.2237 102.245 87.2942 102.188C87.3781 102.117 87.4702 102.05 87.5704 101.987C87.7518 101.871 87.9576 101.765 88.1823 101.67C88.4775 101.546 88.8051 101.44 89.1572 101.346C89.5985 101.229 90.0778 101.14 90.5761 101.067C91.0093 101.004 91.4561 100.956 91.9083 100.918C92.4337 100.874 92.9644 100.847 93.4789 100.831C93.9446 100.817 94.3969 100.809 94.8247 100.809C95.0467 100.809 95.2634 100.809 95.4692 100.815C96.2734 100.826 96.9449 100.853 97.3755 100.869C97.4838 100.874 97.6111 100.88 97.7546 100.888C98.1391 100.91 98.6401 100.945 99.206 100.999C99.6663 101.045 100.17 101.102 100.69 101.175C101.104 101.234 101.527 101.302 101.946 101.381C102.296 101.446 102.642 101.519 102.978 101.6C103.279 101.673 103.571 101.752 103.85 101.838C104.129 101.925 104.392 102.017 104.641 102.117C105.705 102.551 106.441 103.122 106.441 103.88V102.004C106.441 101.248 105.705 100.674 104.641 100.241Z" fill="#BC3857" stroke="#192147" stroke-width="0.203089" stroke-miterlimit="10"/>
-<path d="M99.2494 97.3488C101.54 97.6115 109.607 99.5016 109.496 102.548C109.361 106.266 100.343 106.426 97.381 106.48C97.1779 106.485 96.9748 106.485 96.7744 106.485C96.6823 106.485 96.5876 106.485 96.4955 106.485C91.2098 106.436 86.7066 105.08 83.1133 102.456C81.5888 100.994 75.2524 100.173 73.3569 99.9565C73.059 99.9213 72.8776 99.7724 72.948 99.6261L74.0095 97.4219C74.0691 97.3001 74.2803 97.2216 74.5131 97.2216C74.5727 97.2216 74.6323 97.227 74.6919 97.2378C76.1189 97.4951 80.0101 98.1558 82.2982 98.1558C82.4444 98.1558 82.5853 98.1531 82.718 98.1476C82.7884 98.1476 82.8588 98.1476 82.9292 98.1476C83.0266 98.1476 83.1241 98.1476 83.2216 98.1476C87.3484 98.0799 90.5734 97.7225 92.7126 97.4869C92.9401 97.4626 93.1513 97.4382 93.349 97.4165C94.535 97.2893 95.5423 97.1891 96.6688 97.1891C96.7284 97.1891 96.7852 97.1891 96.8448 97.1891C97.603 97.1945 98.3666 97.2459 99.2521 97.3488H99.2494ZM106.279 102.637C107.692 99.7372 99.3956 99.0656 97.3755 98.9871C96.834 98.9654 95.9106 98.9302 94.8248 98.9302C91.8569 98.9302 87.6842 99.2091 86.842 100.853C85.6885 103.1 89.7909 104.744 95.8456 105.036C95.8754 105.036 96.4386 105.069 97.3431 105.069C99.9697 105.069 105.228 104.793 106.279 102.635" fill="#ED6E85"/>
-<path d="M106.279 102.637C107.692 99.7372 99.3956 99.0656 97.3755 98.9871C96.834 98.9654 95.9106 98.9302 94.8248 98.9302C91.8569 98.9302 87.6842 99.2091 86.842 100.853C85.6885 103.1 89.7909 104.744 95.8456 105.036C95.8754 105.036 96.4386 105.069 97.3431 105.069C99.9697 105.069 105.228 104.793 106.279 102.635M99.2494 97.3488C101.54 97.6115 109.607 99.5016 109.496 102.548C109.361 106.266 100.343 106.426 97.381 106.48C97.1779 106.485 96.9748 106.485 96.7744 106.485C96.6823 106.485 96.5876 106.485 96.4955 106.485C91.2098 106.436 86.7066 105.08 83.1133 102.456C81.5888 100.994 75.2524 100.173 73.3569 99.9565C73.059 99.9213 72.8776 99.7724 72.948 99.6261L74.0095 97.4219C74.0691 97.3001 74.2803 97.2216 74.5131 97.2216C74.5727 97.2216 74.6323 97.227 74.6919 97.2378C76.1189 97.4951 80.0101 98.1558 82.2982 98.1558C82.4444 98.1558 82.5853 98.1531 82.718 98.1476C82.7884 98.1476 82.8588 98.1476 82.9292 98.1476C83.0266 98.1476 83.1241 98.1476 83.2216 98.1476C87.3484 98.0799 90.5734 97.7225 92.7126 97.4869C92.9401 97.4626 93.1513 97.4382 93.349 97.4165C94.535 97.2893 95.5423 97.1891 96.6688 97.1891C96.7284 97.1891 96.7852 97.1891 96.8448 97.1891C97.603 97.1945 98.3666 97.2459 99.2521 97.3488H99.2494Z" stroke="#192147" stroke-width="0.203089" stroke-miterlimit="10"/>
-<path d="M109.455 102.881C109.434 102.992 109.404 103.1 109.366 103.206C109.331 103.306 109.287 103.401 109.236 103.496C109.184 103.59 109.128 103.682 109.063 103.769C108.998 103.861 108.925 103.948 108.843 104.032C108.754 104.129 108.654 104.221 108.548 104.311C108.413 104.422 108.267 104.53 108.109 104.63C107.817 104.817 107.489 104.985 107.129 105.134C106.682 105.321 106.19 105.483 105.67 105.621C104.947 105.814 104.172 105.96 103.387 106.076C102.688 106.179 101.984 106.252 101.305 106.309C100.379 106.385 99.5039 106.425 98.7538 106.45C98.2177 106.466 97.7465 106.474 97.3728 106.482C97.1697 106.488 96.9666 106.488 96.7663 106.488C96.6742 106.488 96.5794 106.488 96.4874 106.488C96.4413 106.488 96.398 106.488 96.352 106.488C95.9214 106.482 95.4963 106.466 95.0766 106.444C94.6704 106.423 94.2696 106.39 93.8743 106.352C93.4843 106.314 93.0998 106.268 92.718 106.214C92.3254 106.16 91.9409 106.095 91.5591 106.022C91.1502 105.943 90.744 105.857 90.3487 105.762C89.8883 105.651 89.4388 105.526 88.9947 105.388C88.4152 105.21 87.8493 105.007 87.2969 104.785C85.7859 104.173 84.3887 103.398 83.1051 102.458C82.8181 102.182 82.3578 101.93 81.7891 101.7C81.4858 101.576 81.1501 101.459 80.7926 101.348C80.381 101.221 79.9424 101.102 79.4874 100.994C78.889 100.847 78.2635 100.717 77.6488 100.601C76.7336 100.428 75.8373 100.287 75.0682 100.178C74.3534 100.078 73.7522 100.005 73.3487 99.9591C73.3406 99.9591 73.3298 99.9591 73.3217 99.9564C73.3054 99.9564 73.2919 99.951 73.2756 99.9483C73.2594 99.9456 73.2458 99.9429 73.2296 99.9375C73.2134 99.9348 73.1971 99.9293 73.1809 99.9239C73.1619 99.9185 73.1429 99.9104 73.124 99.905C72.9967 99.8535 72.9209 99.775 72.9209 99.6938V101.57C72.9209 101.654 72.9967 101.73 73.124 101.782C73.1429 101.79 73.1619 101.795 73.1809 101.8C73.1971 101.806 73.2134 101.809 73.2296 101.814C73.2431 101.817 73.2594 101.822 73.2756 101.825C73.2892 101.828 73.3054 101.83 73.3217 101.833C73.3298 101.833 73.3406 101.833 73.3487 101.836C73.7522 101.882 74.3534 101.955 75.0682 102.055C75.8373 102.163 76.7336 102.304 77.6488 102.477C78.2635 102.594 78.8863 102.724 79.4874 102.87C79.9424 102.981 80.381 103.098 80.7926 103.225C81.1501 103.336 81.4858 103.452 81.7891 103.577C82.3578 103.807 82.8181 104.062 83.1051 104.335C84.3887 105.272 85.7886 106.049 87.2969 106.661C87.8493 106.886 88.4152 107.086 88.9947 107.265C89.4388 107.403 89.8883 107.528 90.3487 107.639C90.7467 107.736 91.1502 107.823 91.5591 107.899C91.9409 107.972 92.3254 108.034 92.718 108.091C93.0971 108.145 93.4843 108.191 93.8743 108.229C94.2696 108.267 94.6704 108.299 95.0766 108.321C95.4963 108.345 95.9214 108.359 96.352 108.364C96.398 108.364 96.4413 108.364 96.4874 108.364C96.5794 108.364 96.6715 108.364 96.7663 108.364C96.9666 108.364 97.1697 108.364 97.3728 108.359C97.7465 108.353 98.2177 108.343 98.7538 108.326C99.5012 108.302 100.379 108.261 101.305 108.186C101.984 108.129 102.688 108.056 103.387 107.953C104.172 107.839 104.947 107.69 105.67 107.498C106.19 107.36 106.682 107.2 107.129 107.01C107.487 106.861 107.817 106.694 108.109 106.507C108.267 106.407 108.413 106.298 108.548 106.187C108.654 106.098 108.754 106.006 108.843 105.908C108.922 105.824 108.995 105.735 109.063 105.646C109.128 105.556 109.184 105.467 109.236 105.372C109.287 105.28 109.328 105.183 109.366 105.082C109.404 104.977 109.434 104.868 109.455 104.757C109.477 104.649 109.488 104.538 109.493 104.424V102.548C109.488 102.662 109.477 102.773 109.455 102.881Z" fill="#BC3857" stroke="#192147" stroke-width="0.203089" stroke-miterlimit="10"/>
-<path d="M67.4862 97.3568C65.8859 97.7034 64.6457 97.9281 63.6194 98.0771C62.8585 98.1881 62.2168 98.2585 61.6346 98.3045C61.1526 98.3451 60.7112 98.3695 60.2779 98.3885C60.2265 98.3885 60.1696 98.3939 60.11 98.3939C59.8041 98.4047 59.3681 98.4074 58.7994 98.4074C57.5863 98.4074 55.7666 98.3885 53.3025 98.356C51.6236 98.3343 49.6442 98.3072 47.3561 98.2775C44.6184 98.2422 41.4394 98.2043 37.7946 98.1664C37.6213 98.1664 37.448 98.1637 37.2774 98.161C34.2311 98.1204 31.4664 98.0202 29.0049 97.8821C26.3539 97.7359 24.055 97.549 22.1432 97.3622C19.9905 97.151 18.3252 96.9398 17.1987 96.78C16.1724 96.6365 15.5902 96.5336 15.4846 96.5146V97.6871C15.5929 97.7061 16.1751 97.809 17.1987 97.9525C18.3279 98.1123 19.9905 98.3235 22.1432 98.5347C24.055 98.7215 26.3539 98.9057 29.0049 99.0546C31.4664 99.19 34.2338 99.2929 37.2774 99.3335C37.448 99.3335 37.6213 99.3389 37.7946 99.3389C41.4394 99.3768 44.6211 99.4147 47.3561 99.4499C49.6442 99.4797 51.6236 99.5068 53.3025 99.5285C55.7666 99.561 57.5863 99.5799 58.7994 99.5799C59.3681 99.5799 59.8041 99.5745 60.11 99.5664C60.1723 99.5664 60.2265 99.561 60.2779 99.561C60.7112 99.5393 61.1526 99.5149 61.6346 99.477C62.2168 99.4283 62.8585 99.3606 63.6194 99.2496C64.6457 99.1006 65.8859 98.8759 67.4862 98.5293C69.2518 98.1475 71.7484 97.5978 74.375 97.1293V95.9568C71.7484 96.4253 69.2518 96.9723 67.4862 97.3568Z" fill="#8B8FA2" stroke="#192147" stroke-width="0.203089" stroke-linejoin="round"/>
-<path d="M73.3975 93.9583L74.3777 95.9567C71.7511 96.4252 69.2545 96.9722 67.489 97.3567C63.7196 98.1717 61.9433 98.3098 60.2807 98.3911C59.9747 98.4046 59.4845 98.4128 58.8022 98.4128C55.7721 98.4128 48.9618 98.2855 37.7946 98.1717C24.1119 98.0282 15.9125 96.5985 15.4819 96.5227C33.8141 94.2941 55.3415 94.3455 59.9747 94.2941C64.6105 94.2399 69.9612 94.24 73.3975 93.9637V93.9583Z" fill="#E2E4EA" stroke="#192147" stroke-width="0.203089" stroke-linejoin="round"/>
-<path d="M64.2125 97.0479C65.3177 97.0479 66.2136 96.6224 66.2136 96.0974C66.2136 95.5725 65.3177 95.147 64.2125 95.147C63.1074 95.147 62.2114 95.5725 62.2114 96.0974C62.2114 96.6224 63.1074 97.0479 64.2125 97.0479Z" fill="#8B8FA2" stroke="#192147" stroke-width="0.203089" stroke-miterlimit="10"/>
-</svg>
diff --git a/website/assets/images/premium-landing-feature-3.svg b/website/assets/images/premium-landing-feature-3.svg
deleted file mode 100644
index 28a0ffeaea..0000000000
--- a/website/assets/images/premium-landing-feature-3.svg
+++ /dev/null
@@ -1,231 +0,0 @@
-<svg width="160" height="119" viewBox="0 0 160 119" fill="none" xmlns="http://www.w3.org/2000/svg">
-<path d="M157.65 72.0811C159.234 72.9956 159.236 74.4962 157.654 75.4149L85.9298 117.096C84.3481 118.014 81.7584 118.019 80.1746 117.104L7.95328 75.4066C6.36952 74.4921 6.36744 72.9914 7.94913 72.0728L47.9922 48.8027C49.5739 47.884 52.1844 47.8424 53.7952 48.7092L80.5176 63.1189C82.1283 63.9877 84.7451 63.9565 86.333 63.0503L111.455 48.7237C113.043 47.8175 115.639 47.8237 117.225 48.7382L157.654 72.079L157.65 72.0811Z" fill="#C5C7D1"/>
-<path d="M9.68064 100.256C13.3948 102.443 19.4638 102.48 23.1676 100.344C26.8713 98.2071 26.8713 94.6966 23.1676 92.5475C19.4638 90.3963 13.3948 90.3589 9.68064 92.4602C5.96648 94.5636 5.96648 98.072 9.68064 100.256Z" fill="#C5C7D1"/>
-<path d="M156.561 58.9954C158.145 59.9099 158.147 61.4105 156.565 62.3292L84.8407 104.01C83.259 104.929 80.6693 104.933 79.0855 104.018L6.86416 62.3209C5.28039 61.4064 5.27831 59.9078 6.86208 58.9913L43.0538 38.0116C44.6355 37.095 47.2211 37.1012 48.7986 38.0261L78.94 55.7073C80.5175 56.6322 83.101 56.6364 84.6806 55.7136L114.737 38.1799C116.316 37.2592 118.906 37.253 120.49 38.1675L156.561 58.9933V58.9954Z" fill="white"/>
-<path d="M157.673 61.0321L157.737 64.9583C157.625 65.534 157.374 66.0515 156.931 66.4859L85.2418 108.102C84.24 108.709 83.1426 108.982 81.96 108.975L81.9641 104.667C82.9888 104.64 84.0093 104.403 85.0236 103.904L156.858 62.1358C157.208 61.8136 157.476 61.4437 157.671 61.0321H157.673Z" fill="#8C8679"/>
-<path d="M81.9662 104.667L81.962 109.002C81.1099 109.046 80.1767 108.851 79.1645 108.431L7.02629 66.7852C6.34664 66.4526 5.90186 65.9205 5.7439 65.1495L5.79793 60.6372C5.7439 61.2399 6.07229 61.8281 6.98472 62.3955L79.4638 104.23C80.3388 104.521 81.166 104.644 81.9662 104.667Z" fill="#F1EEEA"/>
-<path d="M84.6808 55.8278C83.1012 56.7486 80.5177 56.7402 78.9443 55.8091L48.7655 37.9886C47.19 37.0596 44.6086 37.0492 43.0269 37.9679L6.85806 58.987C5.27638 59.9057 5.27845 61.4063 6.86222 62.3208L79.0835 104.018C80.6673 104.933 83.257 104.929 84.8387 104.01L156.563 62.3291C158.145 61.4105 158.143 59.9098 156.559 58.9953L120.617 38.2443C119.033 37.3298 116.443 37.3339 114.864 38.2547L84.6808 55.8278Z" stroke="#192147" stroke-width="0.155882" stroke-miterlimit="10"/>
-<path d="M5.76671 64.8626C5.69396 65.5485 6.10757 66.2469 7.00753 66.7665L78.9441 108.3C80.6069 109.26 83.3234 109.256 84.984 108.291L156.424 66.7748C157.293 66.2697 157.706 65.5984 157.665 64.9354" stroke="#192147" stroke-width="0.155882" stroke-miterlimit="10"/>
-<path d="M5.75635 60.5958V65.0062" stroke="#192147" stroke-width="0.155882" stroke-miterlimit="10"/>
-<path d="M157.654 60.868L157.663 65.081" stroke="#192147" stroke-width="0.155882" stroke-miterlimit="10"/>
-<path d="M80.63 100.14C81.2244 100.483 82.1971 100.483 82.7915 100.14L113.428 82.5022C114.022 82.1592 114.022 81.6001 113.428 81.2572L82.7915 63.6196C82.1971 63.2767 81.2244 63.2788 80.63 63.6196L50.0874 81.253C49.493 81.596 49.493 82.1572 50.0874 82.5001L80.63 100.136V100.14Z" fill="#8C8679"/>
-<path d="M82.935 99.868L112.162 82.9828L82.378 65.5697C81.9665 65.3286 81.4573 65.3307 81.0478 65.576L51.6006 83.1283L80.6633 99.9407C81.2806 100.296 82.2637 100.286 82.935 99.868Z" fill="#F1EEEA"/>
-<path d="M51.4553 83.1278L81.0376 65.6337C81.445 65.3926 81.9521 65.3905 82.3616 65.6295L112.268 83.0551" stroke="black" stroke-width="0.155882" stroke-miterlimit="10"/>
-<path d="M81.7128 63.5222C82.0953 63.5222 82.4507 63.6053 82.7146 63.757L113.351 81.3946C113.588 81.5317 113.719 81.7043 113.719 81.8809C113.719 82.0576 113.588 82.2322 113.351 82.3673L82.7146 100.005C82.4507 100.157 82.0953 100.24 81.7128 100.24C81.3304 100.24 80.9729 100.157 80.709 100.003L50.1664 82.3673C49.9295 82.2301 49.7985 82.0576 49.7985 81.8789C49.7985 81.7001 49.9295 81.5276 50.1664 81.3904L80.709 63.757C80.9729 63.6053 81.3304 63.5201 81.7128 63.5201M81.7128 63.3642C81.32 63.3642 80.9293 63.4494 80.63 63.6219L50.0874 81.2553C49.493 81.5983 49.493 82.1594 50.0874 82.5024L80.63 100.138C80.9272 100.31 81.32 100.396 81.7128 100.396C82.1057 100.396 82.4943 100.31 82.7915 100.14L113.428 82.5024C114.022 82.1594 114.022 81.6003 113.428 81.2574L82.7915 63.6198C82.4943 63.4494 82.1036 63.3642 81.7128 63.3642Z" fill="black"/>
-<path d="M43.7713 78.9837C44.3658 79.3267 45.3385 79.3267 45.9329 78.9837L76.569 61.3462C77.1634 61.0032 77.1634 60.4441 76.569 60.1012L45.9329 42.4636C45.3385 42.1207 44.3658 42.1228 43.7713 42.4636L13.2288 60.097C12.6344 60.44 12.6344 61.0012 13.2288 61.3441L43.7713 78.9796V78.9837Z" fill="#8C8679"/>
-<path d="M46.0742 78.7116L75.3011 61.8264L45.5172 44.4133C45.1056 44.1722 44.5964 44.1743 44.187 44.4196L14.7397 61.9719L43.8025 78.7843C44.4197 79.1398 45.4028 79.1294 46.0742 78.7116Z" fill="#F1EEEA"/>
-<path d="M14.5942 61.9718L44.1765 44.4777C44.5839 44.2366 45.0911 44.2345 45.5005 44.4735L75.4071 61.8991" stroke="black" stroke-width="0.155882" stroke-miterlimit="10"/>
-<path d="M44.852 42.3661C45.2344 42.3661 45.5898 42.4492 45.8538 42.6009L76.4899 60.2385C76.7268 60.3757 76.8577 60.5482 76.8577 60.7249C76.8577 60.9015 76.7268 61.0761 76.4899 61.2112L45.8538 78.8488C45.5898 79.0005 45.2344 79.0836 44.852 79.0836C44.4696 79.0836 44.1121 79.0005 43.8481 78.8467L13.3056 61.2112C13.0686 61.074 12.9377 60.9015 12.9377 60.7228C12.9377 60.544 13.0686 60.3715 13.3056 60.2344L43.8481 42.6009C44.1121 42.4492 44.4696 42.364 44.852 42.364M44.852 42.2081C44.4592 42.2081 44.0684 42.2933 43.7691 42.4659L13.2266 60.0993C12.6322 60.4422 12.6322 61.0034 13.2266 61.3463L43.7691 78.9818C44.0663 79.1543 44.4592 79.2395 44.852 79.2395C45.2448 79.2395 45.6335 79.1543 45.9307 78.9839L76.5668 61.3463C77.1612 61.0034 77.1612 60.4443 76.5668 60.1013L45.9307 42.4638C45.6335 42.2933 45.2427 42.2081 44.852 42.2081Z" fill="black"/>
-<path d="M117.709 78.7655C118.304 79.1085 119.276 79.1085 119.871 78.7655L150.507 61.1279C151.101 60.785 151.101 60.2259 150.507 59.883L119.871 42.2454C119.276 41.9025 118.304 41.9045 117.709 42.2454L87.1668 59.8788C86.5723 60.2218 86.5723 60.7829 87.1668 61.1259L117.709 78.7613V78.7655Z" fill="#8C8679"/>
-<path d="M120.012 78.4932L149.239 61.608L119.455 44.1949C119.044 43.9538 118.534 43.9559 118.125 44.2011L88.6777 61.7535L117.74 78.5659C118.358 78.9213 119.341 78.9109 120.012 78.4932Z" fill="#F1EEEA"/>
-<path d="M88.532 61.7534L118.114 44.2592C118.522 44.0181 119.029 44.0161 119.438 44.2551L149.345 61.6806" stroke="black" stroke-width="0.155882" stroke-miterlimit="10"/>
-<path d="M118.79 42.1477C119.173 42.1477 119.528 42.2308 119.792 42.3825L150.428 60.0201C150.665 60.1573 150.796 60.3298 150.796 60.5065C150.796 60.6831 150.665 60.8577 150.428 60.9928L119.792 78.6304C119.528 78.7821 119.173 78.8652 118.79 78.8652C118.408 78.8652 118.05 78.7821 117.786 78.6283L87.2438 60.9928C87.0069 60.8556 86.8759 60.6831 86.8759 60.5044C86.8759 60.3256 87.0069 60.1531 87.2438 60.0159L117.786 42.3825C118.05 42.2308 118.408 42.1456 118.79 42.1456M118.79 41.9897C118.397 41.9897 118.007 42.0749 117.707 42.2474L87.1648 59.8808C86.5704 60.2238 86.5704 60.785 87.1648 61.1279L117.707 78.7634C118.005 78.9359 118.397 79.0211 118.79 79.0211C119.183 79.0211 119.572 78.9359 119.869 78.7655L150.505 61.1279C151.099 60.785 151.099 60.2259 150.505 59.8829L119.869 42.2454C119.572 42.0749 119.181 41.9897 118.79 41.9897Z" fill="black"/>
-<g opacity="0.51">
-<path d="M15.2864 19.7318L104.927 47.032C107.872 48.0733 112.056 47.6244 115.07 45.8328C118.599 51.6544 123.059 53.1634 127.393 53.2486C139.934 51.721 142.443 38.4169 135.027 31.4376C139.498 20.9685 131.425 14.6376 124.666 13.8811L15.5774 12.0271L15.2864 19.7339V19.7318Z" fill="#BEE8EE"/>
-<path d="M15.3007 19.3183L15.2861 19.7319L15.6831 19.8545" stroke="black" stroke-width="0.155882" stroke-miterlimit="10" stroke-dasharray="1.48 1.48"/>
-<path d="M16.4751 20.0957L104.927 47.0343C107.641 47.9945 111.407 47.6869 114.34 46.2299" stroke="black" stroke-width="0.155882" stroke-miterlimit="10" stroke-dasharray="1.48 1.48"/>
-<path d="M114.708 46.0386C114.831 45.972 114.951 45.9035 115.07 45.8328C115.142 45.9533 115.215 46.0697 115.288 46.1861" stroke="black" stroke-width="0.155882" stroke-miterlimit="10" stroke-dasharray="1.48 1.48"/>
-<path d="M115.741 46.8741C119.154 51.8374 123.329 53.1675 127.392 53.2486C139.591 51.7625 142.297 39.1361 135.611 32.0237" stroke="black" stroke-width="0.155882" stroke-miterlimit="10" stroke-dasharray="1.48 1.48"/>
-<path d="M135.324 31.7266C135.226 31.6289 135.126 31.5333 135.025 31.4377C135.079 31.3088 135.133 31.1821 135.185 31.0532" stroke="black" stroke-width="0.155882" stroke-miterlimit="10" stroke-dasharray="1.48 1.48"/>
-<path d="M135.478 30.2737C138.893 20.4989 131.171 14.6086 124.666 13.8791L16.4087 12.0396" stroke="black" stroke-width="0.155882" stroke-miterlimit="10" stroke-dasharray="1.48 1.48"/>
-<path d="M15.9929 12.0334L15.5772 12.0272L15.5605 12.4429" stroke="black" stroke-width="0.155882" stroke-miterlimit="10" stroke-dasharray="1.48 1.48"/>
-<path d="M15.5313 13.2055L15.3152 18.9358" stroke="black" stroke-width="0.155882" stroke-miterlimit="10" stroke-dasharray="1.48 1.48"/>
-</g>
-<path opacity="0.5" d="M131.221 60.9052C130.714 60.6101 130.157 60.3606 129.567 60.1549C131.419 58.2677 130.959 55.8089 128.185 54.196C124.857 52.2631 119.401 52.2277 116.063 54.1191C115.122 54.6512 114.446 55.2851 114.037 55.9627C111.056 55.3807 107.633 55.7528 105.27 57.0913C101.932 58.9806 101.932 62.1356 105.27 64.0997C108.358 65.9184 113.259 66.0826 116.612 64.5736C116.722 65.7542 117.551 66.9222 119.102 67.8368C122.44 69.8009 127.896 69.8362 131.223 67.9137C134.551 65.9911 134.551 62.8381 131.223 60.9052H131.221Z" fill="#8C8679"/>
-<g clip-path="url(#clip0_3133_20615)">
-<path d="M131.35 33.1345C127.586 37.457 121.007 37.9113 116.685 34.1472C112.362 30.3831 111.908 23.8039 115.672 19.4814C119.436 15.159 126.015 14.7047 130.338 18.4688C134.66 22.2329 135.114 28.8121 131.35 33.1345Z" fill="#3E4771" stroke="#192147" stroke-width="0.179265" stroke-miterlimit="10"/>
-<path d="M134.232 24.5222C133.817 22.1638 132.62 19.9238 130.673 18.2285C126.151 14.2936 119.299 14.7667 115.362 19.2875C113.431 21.5046 112.561 24.2838 112.712 27.0044L114.982 26.7442C115.002 25.6044 115.404 24.4653 116.21 23.5406C118.023 21.4586 121.193 21.2397 123.274 23.0527C124.077 23.7512 124.603 24.6534 124.842 25.6128L134.232 24.5222Z" fill="#F1EEEA"/>
-<path d="M134.232 24.5222C133.817 22.1638 132.62 19.9238 130.673 18.2285C126.151 14.2936 119.299 14.7667 115.362 19.2875C113.431 21.5046 112.561 24.2838 112.712 27.0044L114.982 26.7442C115.002 25.6044 115.404 24.4653 116.21 23.5406C118.023 21.4586 121.193 21.2397 123.274 23.0527C124.077 23.7512 124.603 24.6534 124.842 25.6128L134.232 24.5222Z" fill="#ED6E85" stroke="#192147" stroke-width="0.179265" stroke-miterlimit="10"/>
-<path d="M123.581 15.5636C124.648 16.0049 125.665 16.6175 126.584 17.418C128.879 19.4162 130.132 22.1623 130.299 24.9766L134.23 24.5205C133.815 22.1621 132.619 19.922 130.672 18.2268C128.624 16.4436 126.099 15.5693 123.583 15.5618L123.581 15.5636Z" fill="#BC3857"/>
-<path d="M124.992 26.7985C125 27.9754 124.596 29.1604 123.763 30.1176C121.95 32.1995 118.78 32.4184 116.698 30.6054C115.865 29.8802 115.331 28.9362 115.104 27.9337L112.841 28.1882C113.235 30.5886 114.438 32.8723 116.419 34.594C120.938 38.5292 127.794 38.0558 131.729 33.5369C133.688 31.2873 134.555 28.4609 134.375 25.7017L124.994 26.7967L124.992 26.7985Z" fill="#F1EEEA"/>
-<path d="M127.646 32.7806C125.53 35.2104 122.573 36.4734 119.586 36.5154C123.737 38.1431 128.635 37.0933 131.731 33.5387C133.69 31.2892 134.557 28.4628 134.376 25.7036L130.308 26.1794C130.191 28.5338 129.315 30.8678 127.648 32.7821L127.646 32.7806Z" fill="#E2DED5"/>
-<path d="M124.992 26.7985C125 27.9754 124.596 29.1604 123.763 30.1176C121.95 32.1995 118.78 32.4184 116.698 30.6054C115.865 29.8802 115.331 28.9362 115.104 27.9337L112.841 28.1882C113.235 30.5886 114.438 32.8723 116.419 34.594C120.938 38.5292 127.794 38.0558 131.729 33.5369C133.688 31.2873 134.555 28.4609 134.375 25.7017L124.994 26.7967L124.992 26.7985Z" stroke="#192147" stroke-width="0.179265" stroke-miterlimit="10"/>
-<path d="M123.041 29.4898C121.574 31.1752 119.011 31.3522 117.326 29.8845C115.64 28.4169 115.463 25.854 116.931 24.1686C118.399 22.4832 120.963 22.3078 122.647 23.7739C124.33 25.24 124.508 27.8063 123.041 29.4898Z" fill="#E2DED5"/>
-<path d="M117.324 29.8831C117.841 30.3336 118.439 30.6261 119.064 30.771C120.145 30.6573 121.188 30.1584 121.958 29.2751C123.521 27.4798 123.379 24.779 121.679 23.1497C120.086 22.416 118.136 22.7811 116.929 24.1672C115.461 25.8526 115.64 28.417 117.324 29.8831Z" fill="#F1EEEA"/>
-<path d="M123.041 29.4898C121.574 31.1752 119.011 31.3522 117.326 29.8845C115.64 28.4169 115.463 25.854 116.931 24.1686C118.399 22.4832 120.963 22.3078 122.647 23.7739C124.33 25.24 124.508 27.8063 123.041 29.4898Z" stroke="#192147" stroke-width="0.179265" stroke-miterlimit="10"/>
-<path d="M121.501 24.3576C121.2 24.0955 120.862 23.9054 120.506 23.7792C119.477 23.6062 118.385 23.951 117.65 24.7946C116.529 26.0816 116.665 28.0409 117.952 29.1616C118.253 29.4238 118.591 29.6139 118.947 29.7401C119.976 29.913 121.068 29.5682 121.803 28.7246C122.924 27.4376 122.788 25.4784 121.501 24.3576Z" fill="white"/>
-<path d="M121.944 24.4323C121.412 23.998 120.778 23.769 120.135 23.7388C119.324 23.7898 118.532 24.146 117.956 24.8076C116.816 26.1162 116.954 28.1092 118.263 29.2488C118.569 29.5156 118.913 29.7104 119.274 29.8379C120.321 30.0147 121.432 29.6635 122.178 28.8073C123.297 27.5221 123.182 25.5835 121.942 24.4341L121.944 24.4323Z" fill="#F1EEEA"/>
-<path d="M120.624 23.7998C120.83 23.9093 121.027 24.043 121.211 24.2032C122.532 25.3537 122.671 27.3669 121.521 28.6882C120.875 29.429 119.959 29.7973 119.048 29.7772C120.188 30.139 121.487 29.8188 122.32 28.8617C123.441 27.5747 123.306 25.6154 122.019 24.4947C121.606 24.1352 121.124 23.9059 120.622 23.8016L120.624 23.7998Z" fill="#E2DED5"/>
-<path d="M122.32 28.8617C121.2 30.1487 119.24 30.284 117.953 29.1633C116.666 28.0425 116.531 26.0833 117.652 24.7962C118.773 23.5092 120.732 23.3739 122.019 24.4947C123.306 25.6155 123.441 27.5747 122.32 28.8617Z" stroke="#192147" stroke-width="0.179265" stroke-miterlimit="10"/>
-</g>
-<g clip-path="url(#clip1_3133_20615)">
-<path d="M113.034 44.3846C107.945 47.0214 101.659 45.0262 99.0224 39.9371C96.3855 34.848 98.3807 28.5621 103.47 25.9253C108.559 23.2885 114.845 25.2837 117.482 30.3728C120.119 35.4619 118.123 41.7478 113.034 44.3846Z" fill="#3E4771" stroke="#192147" stroke-width="0.179265" stroke-miterlimit="10"/>
-<path d="M118.879 37.4341C119.36 35.0881 119.07 32.5651 117.882 30.2731C115.122 24.9516 108.576 22.8736 103.253 25.6314C100.643 26.9839 98.812 29.2488 97.9523 31.8343L100.16 32.4269C100.597 31.374 101.39 30.4624 102.479 29.8983C104.93 28.6283 107.958 29.5896 109.228 32.0408C109.718 32.9852 109.876 34.0177 109.746 34.9978L118.879 37.4341Z" fill="#F1EEEA"/>
-<path d="M118.879 37.4341C119.36 35.0881 119.07 32.5651 117.882 30.2731C115.122 24.9516 108.576 22.8736 103.253 25.6314C100.643 26.9839 98.812 29.2488 97.9523 31.8343L100.16 32.4269C100.597 31.374 101.39 30.4624 102.479 29.8983C104.93 28.6283 107.958 29.5896 109.228 32.0408C109.718 32.9852 109.876 34.0177 109.746 34.9978L118.879 37.4341Z" fill="#ED6E85" stroke="#192147" stroke-width="0.179265" stroke-miterlimit="10"/>
-<path d="M112.265 25.1884C113.095 25.9911 113.816 26.9343 114.376 28.0166C115.776 30.7183 115.933 33.7328 115.054 36.4117L118.878 37.4321C119.358 35.0861 119.069 32.563 117.881 30.271C116.632 27.8602 114.605 26.119 112.267 25.1873L112.265 25.1884Z" fill="#BC3857"/>
-<path d="M109.449 36.1553C109.024 37.2529 108.213 38.2064 107.086 38.7903C104.635 40.0604 101.606 39.0991 100.336 36.6479C99.8281 35.6674 99.6779 34.593 99.8354 33.5773L97.6375 32.9825C97.1222 35.36 97.4018 37.9259 98.6113 40.2551C101.368 45.5755 107.918 47.6546 113.238 44.8979C115.887 43.5256 117.732 41.2155 118.578 38.5832L109.451 36.1542L109.449 36.1553Z" fill="#F1EEEA"/>
-<path d="M109.72 42.6938C106.859 44.176 103.644 44.264 100.851 43.2053C104.113 46.2446 109.055 47.0682 113.24 44.8998C115.888 43.5275 117.733 41.2175 118.579 38.5851L114.621 37.5324C113.647 39.6792 111.974 41.5281 109.721 42.6959L109.72 42.6938Z" fill="#E2DED5"/>
-<path d="M109.449 36.1553C109.024 37.2529 108.213 38.2064 107.086 38.7903C104.635 40.0604 101.606 39.0991 100.336 36.6479C99.8281 35.6674 99.6779 34.593 99.8354 33.5773L97.6375 32.9825C97.1222 35.36 97.4018 37.9259 98.6113 40.2551C101.368 45.5755 107.918 47.6546 113.238 44.8979C115.887 43.5256 117.732 41.2155 118.578 38.5832L109.451 36.1542L109.449 36.1553Z" stroke="#192147" stroke-width="0.179265" stroke-miterlimit="10"/>
-<path d="M106.646 37.9417C104.662 38.9698 102.213 38.1926 101.185 36.2083C100.157 34.224 100.934 31.7754 102.918 30.7473C104.903 29.7192 107.352 30.4985 108.38 32.4807C109.407 34.4629 108.628 36.9147 106.646 37.9417Z" fill="#E2DED5"/>
-<path d="M101.184 36.2058C101.499 36.8149 101.948 37.3066 102.476 37.671C103.524 37.9627 104.677 37.882 105.717 37.3432C107.831 36.248 108.691 33.6838 107.708 31.5438C106.497 30.2763 104.549 29.8992 102.917 30.7448C100.933 31.7729 100.157 34.2236 101.184 36.2058Z" fill="#F1EEEA"/>
-<path d="M106.646 37.9417C104.662 38.9698 102.213 38.1926 101.185 36.2083C100.157 34.224 100.934 31.7754 102.918 30.7473C104.903 29.7192 107.352 30.4985 108.38 32.4807C109.407 34.4629 108.628 36.9147 106.646 37.9417Z" stroke="#192147" stroke-width="0.179265" stroke-miterlimit="10"/>
-<path d="M107.1 32.6027C106.916 32.2483 106.671 31.9471 106.386 31.6989C105.493 31.1602 104.351 31.0794 103.357 31.594C101.842 32.3791 101.248 34.251 102.033 35.7662C102.217 36.1207 102.461 36.4218 102.746 36.67C103.639 37.2088 104.782 37.2896 105.775 36.775C107.291 35.9899 107.885 34.118 107.1 32.6027Z" fill="white"/>
-<path d="M107.483 32.8342C107.149 32.235 106.643 31.789 106.056 31.5248C105.283 31.2741 104.416 31.3144 103.637 31.7179C102.096 32.5162 101.492 34.4203 102.29 35.9611C102.477 36.3219 102.725 36.6294 103.014 36.8807C103.923 37.4299 105.085 37.5115 106.093 36.9892C107.607 36.2052 108.212 34.3599 107.481 32.8353L107.483 32.8342Z" fill="#F1EEEA"/>
-<path d="M106.489 31.7616C106.64 31.939 106.774 32.1359 106.886 32.3524C107.692 33.908 107.082 35.8315 105.526 36.6375C104.654 37.0894 103.666 37.0951 102.826 36.7416C103.753 37.4968 105.079 37.6766 106.206 37.0927C107.722 36.3076 108.316 34.4357 107.531 32.9204C107.279 32.4344 106.915 32.0441 106.487 31.7627L106.489 31.7616Z" fill="#E2DED5"/>
-<path d="M106.206 37.0925C104.691 37.8776 102.819 37.2834 102.034 35.7681C101.249 34.2529 101.843 32.381 103.358 31.5959C104.873 30.8107 106.745 31.4049 107.53 32.9202C108.316 34.4355 107.721 36.3074 106.206 37.0925Z" stroke="#192147" stroke-width="0.179265" stroke-miterlimit="10"/>
-</g>
-<g clip-path="url(#clip2_3133_20615)">
-<path d="M126.757 50.8789C121.026 50.8789 116.362 46.2156 116.362 40.4839C116.362 34.7522 121.026 30.089 126.757 30.089C132.489 30.089 137.152 34.7522 137.152 40.4839C137.152 46.2156 132.489 50.8789 126.757 50.8789Z" fill="#3E4771" stroke="#192147" stroke-width="0.179265" stroke-miterlimit="10"/>
-<path d="M135.144 47.3963C136.65 45.5343 137.554 43.1609 137.554 40.5794C137.551 34.5848 132.694 29.728 126.7 29.728C123.76 29.728 121.092 30.8968 119.14 32.797L120.827 34.3387C121.7 33.6049 122.823 33.1603 124.049 33.1603C126.81 33.1603 129.057 35.4071 129.057 38.1677C129.057 39.2314 128.722 40.2209 128.155 41.0312L135.144 47.3963Z" fill="#F1EEEA"/>
-<path d="M135.144 47.3963C136.65 45.5343 137.554 43.1609 137.554 40.5794C137.551 34.5848 132.694 29.728 126.7 29.728C123.76 29.728 121.092 30.8968 119.14 32.797L120.827 34.3387C121.7 33.6049 122.823 33.1603 124.049 33.1603C126.81 33.1603 129.057 35.4071 129.057 38.1677C129.057 39.2314 128.722 40.2209 128.155 41.0312L135.144 47.3963Z" fill="#ED6E85" stroke="#192147" stroke-width="0.179265" stroke-miterlimit="10"/>
-<path d="M134.905 33.481C135.274 34.5757 135.479 35.7445 135.479 36.9635C135.479 40.0062 134.231 42.755 132.219 44.7293L135.144 47.3943C136.65 45.5324 137.554 43.1589 137.554 40.5775C137.554 37.8622 136.555 35.3836 134.908 33.481H134.905Z" fill="#BC3857"/>
-<path d="M127.36 41.923C126.478 42.7022 125.319 43.1755 124.049 43.1755C121.289 43.1755 119.042 40.9287 119.042 38.168C119.042 37.0637 119.403 36.0407 120.01 35.2113L118.332 33.6721C116.781 35.546 115.849 37.9529 115.851 40.5773C115.851 46.5695 120.71 51.4288 126.703 51.4288C129.686 51.4288 132.386 50.2265 134.349 48.2785L127.362 41.923H127.36Z" fill="#F1EEEA"/>
-<path d="M124.592 47.8528C121.37 47.8528 118.475 46.4521 116.482 44.2269C117.98 48.4264 121.989 51.4309 126.702 51.4309C129.685 51.4309 132.386 50.2286 134.349 48.2806L131.318 45.5247C129.465 46.9828 127.13 47.8552 124.592 47.8552V47.8528Z" fill="#E2DED5"/>
-<path d="M127.36 41.923C126.478 42.7022 125.319 43.1755 124.049 43.1755C121.289 43.1755 119.042 40.9287 119.042 38.168C119.042 37.0637 119.403 36.0407 120.01 35.2113L118.332 33.6721C116.781 35.546 115.849 37.9529 115.851 40.5773C115.851 46.5695 120.71 51.4288 126.703 51.4288C129.686 51.4288 132.386 50.2265 134.349 48.2785L127.362 41.923H127.36Z" stroke="#192147" stroke-width="0.179265" stroke-miterlimit="10"/>
-<path d="M124.049 42.2192C121.814 42.2192 119.998 40.4027 119.998 38.1678C119.998 35.933 121.814 34.1165 124.049 34.1165C126.284 34.1165 128.101 35.9354 128.101 38.1678C128.101 40.4003 126.282 42.2192 124.049 42.2192Z" fill="#E2DED5"/>
-<path d="M119.998 38.1655C119.998 38.8515 120.17 39.4944 120.471 40.0609C121.267 40.8019 122.328 41.2608 123.5 41.2608C125.88 41.2608 127.823 39.3797 127.936 37.0278C127.443 35.3451 125.887 34.1141 124.049 34.1141C121.814 34.1141 119.998 35.933 119.998 38.1655Z" fill="#F1EEEA"/>
-<path d="M124.049 42.2192C121.814 42.2192 119.998 40.4027 119.998 38.1678C119.998 35.933 121.814 34.1165 124.049 34.1165C126.284 34.1165 128.101 35.9354 128.101 38.1678C128.101 40.4003 126.282 42.2192 124.049 42.2192Z" stroke="#192147" stroke-width="0.179265" stroke-miterlimit="10"/>
-<path d="M126.908 37.6874C126.908 37.2883 126.829 36.9082 126.691 36.5569C126.146 35.6677 125.168 35.0702 124.049 35.0702C122.343 35.0702 120.954 36.4589 120.954 38.1655C120.954 38.5646 121.033 38.9447 121.172 39.296C121.717 40.1852 122.694 40.7827 123.813 40.7827C125.519 40.7827 126.908 39.394 126.908 37.6874Z" fill="white"/>
-<path d="M127.142 38.0698C127.121 37.3838 126.877 36.7552 126.478 36.2508C125.907 35.6724 125.118 35.3091 124.241 35.3091C122.505 35.3091 121.093 36.7217 121.093 38.457C121.093 38.8633 121.172 39.2505 121.313 39.6067C121.867 40.5126 122.861 41.1197 123.997 41.1197C125.701 41.1197 127.087 39.7597 127.14 38.0698H127.142Z" fill="#F1EEEA"/>
-<path d="M126.753 36.6596C126.805 36.8866 126.834 37.1233 126.834 37.3671C126.834 39.1191 125.407 40.546 123.655 40.546C122.673 40.546 121.793 40.0967 121.21 39.3963C121.685 40.4934 122.78 41.2631 124.049 41.2631C125.756 41.2631 127.145 39.8744 127.145 38.1678C127.145 37.6204 127.001 37.1065 126.75 36.6596H126.753Z" fill="#E2DED5"/>
-<path d="M124.049 41.2631C122.343 41.2631 120.954 39.8744 120.954 38.1678C120.954 36.4612 122.343 35.0725 124.049 35.0725C125.756 35.0725 127.145 36.4612 127.145 38.1678C127.145 39.8744 125.756 41.2631 124.049 41.2631Z" stroke="#192147" stroke-width="0.179265" stroke-miterlimit="10"/>
-</g>
-<path opacity="0.5" d="M71.4705 88.4507L81.3201 85.8901L95.9107 90.0844L106.673 82.4752L90.2408 78.8775L80.6093 79.6382L71.4705 88.4507Z" fill="#8C8679"/>
-<g clip-path="url(#clip3_3133_20615)">
-<path d="M72.5032 75.0715L83.3463 68.4796L94.2872 75.0715L83.3952 81.3605L72.5032 75.0715Z" fill="#02BE9E"/>
-<path opacity="0.75" d="M83.3698 57.3939L83.3952 68.4793L72.5032 75.0712L83.3698 57.3939Z" fill="#02BE9E"/>
-<path opacity="0.75" d="M83.3696 57.3939L83.395 68.4793L94.287 75.0712L83.3696 57.3939Z" fill="#02BE9E"/>
-<path opacity="0.5" d="M83.3696 57.3939L83.395 81.3602L94.287 75.0712L83.3696 57.3939Z" fill="#02BE9E"/>
-<path opacity="0.25" d="M83.3698 57.3939L83.3952 81.3602L72.5032 75.0712L83.3698 57.3939Z" fill="#02BE9E"/>
-<path d="M83.3931 81.2258L83.3462 57.5896" stroke="white" stroke-width="0.146529" stroke-miterlimit="10"/>
-<path d="M72.5032 75.0712L83.3463 57.3939L94.2872 75.0712L83.3952 81.3602L72.5032 75.0712Z" stroke="#192147" stroke-width="0.146529" stroke-miterlimit="10"/>
-</g>
-<g clip-path="url(#clip4_3133_20615)">
-<path d="M60.5273 82.049L71.3705 75.4571L82.3114 82.049L71.4194 88.338L60.5273 82.049Z" fill="#02BE9E"/>
-<path opacity="0.5" d="M71.394 64.3716L71.4194 75.457L60.5273 82.0489L71.394 64.3716Z" fill="#02BE9E"/>
-<path opacity="0.75" d="M71.3938 64.3717L71.4192 75.4571L82.3112 82.049L71.3938 64.3717Z" fill="#02BE9E"/>
-<path opacity="0.5" d="M71.3938 64.3717L71.4192 88.338L82.3112 82.049L71.3938 64.3717Z" fill="#02BE9E"/>
-<path opacity="0.25" d="M71.394 64.3716L71.4194 88.3379L60.5273 82.0489L71.394 64.3716Z" fill="#02BE9E"/>
-<path d="M71.4173 88.2032L71.3704 64.5671" stroke="white" stroke-width="0.146529" stroke-miterlimit="10"/>
-<path d="M60.5273 82.0489L71.3705 64.3716L82.3114 82.0489L71.4194 88.3379L60.5273 82.0489Z" stroke="#192147" stroke-width="0.146529" stroke-miterlimit="10"/>
-</g>
-<path d="M103.019 81.6623L90.2407 78.8772L81.3201 85.8898L95.9107 90.0841L103.019 81.6623Z" fill="#02BE9E"/>
-<path opacity="0.75" d="M92.0759 66.5791L95.9106 90.084L103.019 81.6622L92.0759 66.5791Z" fill="#02BE9E"/>
-<path opacity="0.5" d="M92.0757 66.5791L103.019 81.6622L90.2405 78.8771L92.0757 66.5791Z" fill="#02BE9E"/>
-<path opacity="0.75" d="M92.076 66.5791L81.3201 85.8898L90.2407 78.8771L92.076 66.5791Z" fill="#02BE9E"/>
-<path opacity="0.5" d="M92.076 66.5791L95.9107 90.084L81.3201 85.8898L92.076 66.5791Z" fill="#02BE9E"/>
-<path d="M95.9106 90.084L92.0759 66.5791" stroke="white" stroke-width="0.155882" stroke-linejoin="round"/>
-<path d="M92.076 66.5791L103.019 81.6622L95.9107 90.084L81.3201 85.8898L92.076 66.5791Z" stroke="black" stroke-width="0.155882" stroke-linejoin="round"/>
-<path d="M29.9431 64.809L43.9663 60.7727L54.109 66.9893L67.4131 59.2471L47.1297 50.3036L29.9431 64.809Z" fill="#A49DD4"/>
-<g clip-path="url(#clip5_3133_20615)">
-<path d="M52.7036 51.8037L41.8376 58.0103V55.828L52.7036 50.3219V51.8037Z" fill="#7067AB"/>
-<path d="M41.8374 58.0102L31.9427 52.0917L31.875 50.0664L41.8374 55.8278V58.0102Z" fill="#A49DD4"/>
-<path d="M42.4966 56.2079L53.5677 49.8224V39.2358L42.5075 45.6192L42.4966 56.2079Z" fill="#9A97F1"/>
-<path d="M43.3803 46.1231L52.6946 40.7458V49.3181L43.3716 54.6954L43.3803 46.1231Z" fill="#7067AB" stroke="black" stroke-width="0.163676" stroke-linejoin="round"/>
-<path d="M43.3803 46.123L51.8784 41.2192L51.8217 48.9513L43.3716 53.6433L43.3803 46.123Z" fill="#323A60"/>
-<path d="M43.3803 46.123L51.8784 41.217L51.8238 42.8385C49.0195 43.7551 46.2021 45.3766 43.3716 47.5306L43.3803 46.1208V46.123Z" fill="#192147"/>
-<path d="M43.3803 46.123L51.8784 41.2192L51.8217 48.9513L43.3716 53.6433L43.3803 46.123Z" stroke="black" stroke-width="0.163676" stroke-linejoin="round"/>
-<path d="M31.4932 49.8461L42.4966 56.2077L42.5075 45.6189L32.7808 39.9579C32.2919 39.469 31.5324 40.1543 31.5303 40.7959L31.4932 49.8461Z" fill="#DECEFD"/>
-<path d="M40.9712 55.3499L42.4967 56.2076L42.5076 45.6188L40.9712 44.7066V55.3499Z" fill="#B3B1FD"/>
-<path d="M43.8191 33.6595L53.5699 39.2333L42.5097 45.6166L32.2483 39.7046L42.5097 33.6639C42.9134 33.4282 43.4132 33.426 43.8191 33.6595Z" fill="#EAE0FF"/>
-<path d="M51.9223 38.3298L53.5699 39.2333L42.5098 45.6166L40.9734 44.7066C40.9734 44.7066 48.8517 40.1193 51.9223 38.3298Z" fill="#DECEFD"/>
-<path d="M31.5352 41.1974L31.5024 49.8461L31.8756 50.0665L31.9433 52.0917L41.8381 58.0103L52.704 51.8058V50.324L53.5682 49.8243V39.2355M53.5682 39.2355L42.508 45.6189L32.814 39.9775M53.5682 39.2355L43.9026 33.653C43.4945 33.4174 42.9903 33.4195 42.5844 33.6574L31.9913 39.8858" stroke="black" stroke-width="0.163676" stroke-linejoin="round"/>
-<path d="M31.4932 49.8461L42.4966 56.2077V45.6189" stroke="black" stroke-width="0.163676" stroke-linejoin="round"/>
-<path d="M53.5679 49.8221L42.4968 56.2076" stroke="black" stroke-width="0.163676" stroke-linejoin="round"/>
-<path d="M51.9222 38.3298L40.9712 44.7066V55.3499" stroke="black" stroke-width="0.163676" stroke-linejoin="round"/>
-<path d="M41.8376 55.828V58.0104" stroke="black" stroke-width="0.163676" stroke-linejoin="round"/>
-<path d="M52.695 49.3182L51.822 48.9516" stroke="black" stroke-width="0.163676" stroke-linejoin="round"/>
-<path d="M31.5282 41.4877C31.5282 41.4877 31.4496 39.1351 32.8136 39.9775" stroke="black" stroke-width="0.163676" stroke-linejoin="round"/>
-<path d="M39.293 45.6189V52.6046L34.6555 49.9443V43L39.293 45.6189Z" fill="#C6B4EB"/>
-<path d="M39.293 52.1812V52.6046L34.6555 49.9443V43L35.0287 43.2204V49.8221L39.293 52.1812Z" fill="#A49DD4"/>
-<path d="M39.293 45.6189V52.6046L34.6555 49.9443V43L39.293 45.6189Z" stroke="black" stroke-width="0.163676" stroke-miterlimit="10"/>
-<path d="M35.0286 43.1682V49.8221L39.2449 52.1485" stroke="black" stroke-width="0.163676" stroke-miterlimit="10"/>
-<path d="M34.6555 49.9443L35.0287 49.8221" stroke="black" stroke-width="0.163676" stroke-miterlimit="10"/>
-<path d="M36.2901 50.0578L35.4456 49.6039V48.3491L36.2901 48.803V50.0578Z" fill="#F9AE3B" stroke="black" stroke-width="0.163676" stroke-linejoin="round"/>
-<path d="M36.2901 48.5301L35.4456 48.0761V46.8213L36.2901 47.2752V48.5301Z" fill="#F5911E" stroke="black" stroke-width="0.163676" stroke-linejoin="round"/>
-<path d="M37.3901 44.543V51.125" stroke="black" stroke-width="0.163676" stroke-miterlimit="10"/>
-<path d="M39.2451 50.3219L37.3901 49.3595" stroke="black" stroke-width="0.163676" stroke-miterlimit="10"/>
-</g>
-<g clip-path="url(#clip6_3133_20615)">
-<path d="M40.8147 58.6189L29.9487 64.8255V62.6432L40.8147 57.1371V58.6189Z" fill="#7067AB"/>
-<path d="M29.949 64.8254L20.0542 58.9069L19.9866 56.8817L29.949 62.6431V64.8254Z" fill="#A49DD4"/>
-<path d="M30.6079 63.0229L41.679 56.6373V46.0507L30.6188 52.4341L30.6079 63.0229Z" fill="#9A97F1"/>
-<path d="M31.4919 52.9383L40.8062 47.561V56.1333L31.4832 61.5106L31.4919 52.9383Z" fill="#7067AB" stroke="black" stroke-width="0.163676" stroke-linejoin="round"/>
-<path d="M31.4919 52.9383L39.99 48.0346L39.9332 55.7666L31.4832 60.4587L31.4919 52.9383Z" fill="#323A60"/>
-<path d="M31.4919 52.9383L39.99 48.0324L39.9354 49.6539C37.1311 50.5705 34.3137 52.192 31.4832 54.346L31.4919 52.9362V52.9383Z" fill="#192147"/>
-<path d="M31.4919 52.9383L39.99 48.0346L39.9332 55.7666L31.4832 60.4587L31.4919 52.9383Z" stroke="black" stroke-width="0.163676" stroke-linejoin="round"/>
-<path d="M19.6045 56.6613L30.6079 63.0228L30.6188 52.4341L20.8921 46.7731C20.4032 46.2842 19.6438 46.9695 19.6416 47.6111L19.6045 56.6613Z" fill="#DECEFD"/>
-<path d="M29.0825 62.1651L30.608 63.0228L30.6189 52.434L29.0825 51.5218V62.1651Z" fill="#B3B1FD"/>
-<path d="M31.9302 40.4749L41.681 46.0487L30.6208 52.432L20.3594 46.52L30.6208 40.4793C31.0245 40.2436 31.5243 40.2414 31.9302 40.4749Z" fill="#EAE0FF"/>
-<path d="M40.0336 45.145L41.6813 46.0485L30.6211 52.4318L29.0847 51.5218C29.0847 51.5218 36.963 46.9345 40.0336 45.145Z" fill="#DECEFD"/>
-<path d="M19.6463 48.0127L19.6135 56.6613L19.9867 56.8817L20.0544 58.9069L29.9491 64.8255L40.8151 58.6211V57.1392L41.6793 56.6395V46.0507M41.6793 46.0507L30.6191 52.4341L20.9251 46.7927M41.6793 46.0507L32.0137 40.4683C31.6056 40.2326 31.1014 40.2348 30.6955 40.4726L20.1024 46.7011" stroke="black" stroke-width="0.163676" stroke-linejoin="round"/>
-<path d="M19.6045 56.6613L30.6079 63.0229V52.4341" stroke="black" stroke-width="0.163676" stroke-linejoin="round"/>
-<path d="M41.679 56.6373L30.6079 63.0228" stroke="black" stroke-width="0.163676" stroke-linejoin="round"/>
-<path d="M40.0336 45.145L29.0825 51.5218V62.1651" stroke="black" stroke-width="0.163676" stroke-linejoin="round"/>
-<path d="M29.9487 62.6432V64.8255" stroke="black" stroke-width="0.163676" stroke-linejoin="round"/>
-<path d="M40.8063 56.1332L39.9333 55.7666" stroke="black" stroke-width="0.163676" stroke-linejoin="round"/>
-<path d="M19.6398 48.3029C19.6398 48.3029 19.5612 45.9503 20.9252 46.7927" stroke="black" stroke-width="0.163676" stroke-linejoin="round"/>
-<path d="M27.4043 52.434V59.4197L22.7668 56.7595V49.8152L27.4043 52.434Z" fill="#C6B4EB"/>
-<path d="M27.4043 58.9964V59.4197L22.7668 56.7595V49.8152L23.14 50.0356V56.6372L27.4043 58.9964Z" fill="#A49DD4"/>
-<path d="M27.4043 52.434V59.4197L22.7668 56.7595V49.8152L27.4043 52.434Z" stroke="black" stroke-width="0.163676" stroke-miterlimit="10"/>
-<path d="M23.1401 49.9833V56.6373L27.3564 58.9637" stroke="black" stroke-width="0.163676" stroke-miterlimit="10"/>
-<path d="M22.7668 56.7595L23.14 56.6373" stroke="black" stroke-width="0.163676" stroke-miterlimit="10"/>
-<path d="M24.4015 56.873L23.5569 56.4191V55.1642L24.4015 55.6182V56.873Z" fill="#F9AE3B" stroke="black" stroke-width="0.163676" stroke-linejoin="round"/>
-<path d="M24.4015 55.3453L23.5569 54.8913V53.6365L24.4015 54.0904V55.3453Z" fill="#F5911E" stroke="black" stroke-width="0.163676" stroke-linejoin="round"/>
-<path d="M25.5012 51.3582V57.9402" stroke="black" stroke-width="0.163676" stroke-miterlimit="10"/>
-<path d="M27.3562 57.1371L25.5012 56.1747" stroke="black" stroke-width="0.163676" stroke-miterlimit="10"/>
-</g>
-<g clip-path="url(#clip7_3133_20615)">
-<path d="M65.1342 58.3466L54.2683 64.5532V62.3709L65.1342 56.8648V58.3466Z" fill="#7067AB"/>
-<path d="M54.2681 64.5531L44.3733 58.6346L44.3057 56.6094L54.2681 62.3708V64.5531Z" fill="#A49DD4"/>
-<path d="M54.9275 62.7506L65.9986 56.365V45.7784L54.9384 52.1618L54.9275 62.7506Z" fill="#9A97F1"/>
-<path d="M55.8112 52.666L65.1255 47.2887V55.861L55.8025 61.2383L55.8112 52.666Z" fill="#7067AB" stroke="black" stroke-width="0.163676" stroke-linejoin="round"/>
-<path d="M55.8112 52.666L64.3093 47.7623L64.2526 55.4943L55.8025 60.1864L55.8112 52.666Z" fill="#323A60"/>
-<path d="M55.8112 52.666L64.3093 47.7601L64.2547 49.3816C61.4504 50.2982 58.633 51.9197 55.8025 54.0736L55.8112 52.6638V52.666Z" fill="#192147"/>
-<path d="M55.8112 52.666L64.3093 47.7623L64.2526 55.4943L55.8025 60.1864L55.8112 52.666Z" stroke="black" stroke-width="0.163676" stroke-linejoin="round"/>
-<path d="M43.9241 56.389L54.9275 62.7506L54.9384 52.1618L45.2117 46.5008C44.7228 46.0119 43.9634 46.6972 43.9612 47.3388L43.9241 56.389Z" fill="#DECEFD"/>
-<path d="M53.4021 61.8928L54.9276 62.7505L54.9385 52.1617L53.4021 51.2495V61.8928Z" fill="#B3B1FD"/>
-<path d="M56.25 40.2026L66.0008 45.7763L54.9406 52.1597L44.6792 46.2477L54.9406 40.207C55.3444 39.9713 55.8441 39.9691 56.25 40.2026Z" fill="#EAE0FF"/>
-<path d="M64.3529 44.8727L66.0006 45.7761L54.9404 52.1595L53.4041 51.2495C53.4041 51.2495 61.2823 46.6622 64.3529 44.8727Z" fill="#DECEFD"/>
-<path d="M43.9654 47.7403L43.9326 56.389L44.3058 56.6094L44.3735 58.6346L54.2682 64.5532L65.1342 58.3488V56.8669L65.9984 56.3672V45.7784M65.9984 45.7784L54.9382 52.1618L45.2442 46.5204M65.9984 45.7784L56.3327 40.196C55.9246 39.9603 55.4205 39.9624 55.0146 40.2003L44.4215 46.4287" stroke="black" stroke-width="0.163676" stroke-linejoin="round"/>
-<path d="M43.9241 56.389L54.9275 62.7506V52.1618" stroke="black" stroke-width="0.163676" stroke-linejoin="round"/>
-<path d="M65.9986 56.365L54.9275 62.7505" stroke="black" stroke-width="0.163676" stroke-linejoin="round"/>
-<path d="M64.3531 44.8727L53.4021 51.2495V61.8928" stroke="black" stroke-width="0.163676" stroke-linejoin="round"/>
-<path d="M54.2683 62.3709V64.5532" stroke="black" stroke-width="0.163676" stroke-linejoin="round"/>
-<path d="M65.1254 55.8609L64.2524 55.4943" stroke="black" stroke-width="0.163676" stroke-linejoin="round"/>
-<path d="M43.9588 48.0306C43.9588 48.0306 43.8803 45.678 45.2443 46.5204" stroke="black" stroke-width="0.163676" stroke-linejoin="round"/>
-<path d="M51.7237 52.1618V59.1475L47.0862 56.4872V49.5429L51.7237 52.1618Z" fill="#C6B4EB"/>
-<path d="M51.7237 58.7241V59.1475L47.0862 56.4872V49.5429L47.4594 49.7634V56.365L51.7237 58.7241Z" fill="#A49DD4"/>
-<path d="M51.7237 52.1618V59.1475L47.0862 56.4872V49.5429L51.7237 52.1618Z" stroke="black" stroke-width="0.163676" stroke-miterlimit="10"/>
-<path d="M47.4595 49.7111V56.365L51.6758 58.6914" stroke="black" stroke-width="0.163676" stroke-miterlimit="10"/>
-<path d="M47.0862 56.4872L47.4594 56.365" stroke="black" stroke-width="0.163676" stroke-miterlimit="10"/>
-<path d="M48.7205 56.6007L47.876 56.1468V54.892L48.7205 55.3459V56.6007Z" fill="#F9AE3B" stroke="black" stroke-width="0.163676" stroke-linejoin="round"/>
-<path d="M48.7205 55.0732L47.876 54.6192V53.3644L48.7205 53.8183V55.0732Z" fill="#F5911E" stroke="black" stroke-width="0.163676" stroke-linejoin="round"/>
-<path d="M49.8208 51.0859V57.6679" stroke="black" stroke-width="0.163676" stroke-miterlimit="10"/>
-<path d="M51.6758 56.8648L49.8208 55.9024" stroke="black" stroke-width="0.163676" stroke-miterlimit="10"/>
-</g>
-<path d="M16.4002 31.8138C24.9129 31.8138 31.8139 24.9129 31.8139 16.4002C31.8139 7.88749 24.9129 0.986572 16.4002 0.986572C7.8875 0.986572 0.986572 7.88749 0.986572 16.4002C0.986572 24.9129 7.8875 31.8138 16.4002 31.8138Z" fill="#F1EEEA" stroke="#192147" stroke-width="0.155882" stroke-miterlimit="10"/>
-<path d="M13.5091 28.5382C20.2977 28.5382 25.801 22.9093 25.801 15.9657C25.801 9.02217 20.2977 3.39331 13.5091 3.39331C6.72053 3.39331 1.21729 9.02217 1.21729 15.9657C1.21729 22.9093 6.72053 28.5382 13.5091 28.5382Z" fill="white"/>
-<path d="M13.6722 15.1865C14.1438 14.7149 14.1787 13.9852 13.7501 13.5566C13.3215 13.128 12.5918 13.1629 12.1202 13.6345C11.6487 14.1061 11.6138 14.8358 12.0423 15.2644C12.4709 15.6929 13.2006 15.6581 13.6722 15.1865Z" fill="#D66C7B"/>
-<path d="M10.7048 14.1609C10.9287 13.5327 10.6755 12.8684 10.1392 12.6773C9.60288 12.4861 8.98659 12.8404 8.76266 13.4686C8.53872 14.0968 8.79193 14.761 9.32822 14.9522C9.86452 15.1434 10.4808 14.7891 10.7048 14.1609Z" fill="#5CABDF"/>
-<path d="M7.83996 13.5183C8.04798 12.8955 7.84591 12.2668 7.38863 12.1141C6.93135 11.9613 6.39203 12.3424 6.18401 12.9651C5.976 13.5879 6.17807 14.2166 6.63535 14.3693C7.09263 14.5221 7.63195 14.141 7.83996 13.5183Z" fill="#63C740"/>
-<path d="M6.51182 17.7764C6.983 17.7526 7.33808 17.2008 7.30492 16.5439C7.27176 15.887 6.86291 15.3737 6.39173 15.3975C5.92055 15.4213 5.56546 15.9731 5.59862 16.63C5.63178 17.2869 6.04064 17.8002 6.51182 17.7764Z" fill="#C98DEF"/>
-<path d="M9.30561 18.4199C9.86763 18.3537 10.2601 17.764 10.1822 17.1028C10.1043 16.4416 9.5855 15.9593 9.02348 16.0255C8.46146 16.0917 8.06902 16.6814 8.14692 17.3426C8.22483 18.0038 8.74359 18.4861 9.30561 18.4199Z" fill="#FAA669"/>
-<path d="M6.70387 20.945C7.13529 20.7947 7.31907 20.1965 7.11436 19.609C6.90965 19.0215 6.39397 18.6671 5.96255 18.8174C5.53113 18.9677 5.34735 19.5659 5.55205 20.1534C5.75676 20.7409 6.27245 21.0953 6.70387 20.945Z" fill="#3AEFC3"/>
-<defs>
-<clipPath id="clip0_3133_20615">
-<rect width="21.8822" height="21.8822" fill="white" transform="translate(108.109 27.4781) rotate(-48.95)"/>
-</clipPath>
-<clipPath id="clip1_3133_20615">
-<rect width="21.8822" height="21.8822" fill="white" transform="translate(93.4976 30.583) rotate(-27.39)"/>
-</clipPath>
-<clipPath id="clip2_3133_20615">
-<rect width="21.8822" height="21.8822" fill="white" transform="translate(115.76 29.6376)"/>
-</clipPath>
-<clipPath id="clip3_3133_20615">
-<rect width="21.9872" height="24.1891" fill="white" transform="translate(72.4016 57.2556)"/>
-</clipPath>
-<clipPath id="clip4_3133_20615">
-<rect width="21.9872" height="24.1891" fill="white" transform="translate(60.4255 64.2329)"/>
-</clipPath>
-<clipPath id="clip5_3133_20615">
-<rect width="22.2316" height="24.6955" fill="white" transform="translate(31.4189 33.3958)"/>
-</clipPath>
-<clipPath id="clip6_3133_20615">
-<rect width="22.2316" height="24.6955" fill="white" transform="translate(19.5305 40.2107)"/>
-</clipPath>
-<clipPath id="clip7_3133_20615">
-<rect width="22.2316" height="24.6955" fill="white" transform="translate(43.8501 39.9388)"/>
-</clipPath>
-</defs>
-</svg>
diff --git a/website/assets/images/premium-landing-feature-4.svg b/website/assets/images/premium-landing-feature-4.svg
deleted file mode 100644
index 239a1cc75c..0000000000
--- a/website/assets/images/premium-landing-feature-4.svg
+++ /dev/null
@@ -1,123 +0,0 @@
-<svg width="120" height="120" viewBox="0 0 120 120" fill="none" xmlns="http://www.w3.org/2000/svg">
-<path d="M111.036 80.1482L57.3752 111.13C55.4258 112.255 53.0259 112.255 51.0764 111.13L7.86409 86.1818C6.19057 85.2169 6.19235 82.8009 7.86409 81.8378L61.0018 51.2089" fill="#C5C7D1"/>
-<path d="M101.779 100.09C109.609 100.09 115.957 96.4249 115.957 91.9039C115.957 87.3829 109.609 83.7179 101.779 83.7179C93.9479 83.7179 87.5999 87.3829 87.5999 91.9039C87.5999 96.4249 93.9479 100.09 101.779 100.09Z" fill="#C5C7D1"/>
-<path d="M17.5973 84.0582L19.5717 85.2065L51.3347 103.665C52.2159 104.176 53.1987 104.434 54.1832 104.436L54.1031 87.9322C54.0621 87.9375 54.0212 87.9446 53.9802 87.9482C53.6936 87.9731 53.407 87.9767 53.1186 87.9589C52.2569 87.9037 51.4005 87.6527 50.6208 87.1987L16.1801 67.1841C15.9754 67.0648 15.7956 66.9242 15.6354 66.7711L14.763 64.8804V79.1337C14.763 81.1633 15.8419 83.0398 17.5973 84.0599V84.0582Z" fill="#E2DED5"/>
-<path d="M54.1831 104.502C53.1719 104.5 52.1749 104.229 51.3008 103.722L17.5634 84.1149C15.7937 83.0876 14.6953 81.1773 14.6953 79.1317V64.8783C14.6953 64.8463 14.7166 64.8196 14.7469 64.8125C14.7771 64.8054 14.8092 64.8214 14.8217 64.8499L15.6887 66.7299C15.8525 66.8848 16.0287 67.0183 16.2121 67.1251L50.6527 87.1397C51.404 87.5759 52.2568 87.8358 53.122 87.891C53.4051 87.9088 53.6917 87.9052 53.973 87.8803C53.9944 87.8785 54.0175 87.875 54.0389 87.8732L54.0941 87.8661C54.1137 87.8661 54.1315 87.8696 54.1457 87.8821C54.16 87.8945 54.1671 87.9123 54.1671 87.9319L54.2472 104.436C54.2472 104.453 54.2401 104.471 54.2276 104.484C54.2152 104.496 54.1974 104.503 54.1796 104.503L54.1831 104.502ZM17.6292 83.9992L51.3666 103.606C52.2016 104.09 53.1505 104.354 54.1155 104.368L54.0371 88.0085C54.0211 88.0103 54.0033 88.012 53.9873 88.0138C53.6989 88.0387 53.4051 88.0423 53.1149 88.0245C52.2301 87.9675 51.3559 87.7023 50.5868 87.2554L16.1462 67.2409C15.9486 67.1269 15.7617 66.9845 15.589 66.8171C15.5836 66.8118 15.5783 66.8047 15.5747 66.7975L14.8306 65.1828V79.1317C14.8306 81.1293 15.9041 82.995 17.631 83.9992H17.6292Z" fill="#192147"/>
-<path d="M78.96 67.8818L37.553 43.8187C37.3162 44.1944 36.9922 44.5736 36.6076 44.9492L15.7741 62.5443C15.5854 62.7028 15.4252 62.879 15.2898 63.0677C15.0869 63.3508 14.9445 63.6624 14.859 63.9846C14.802 64.2 14.77 64.419 14.7647 64.6398C14.7557 65.0012 14.8163 65.3626 14.9409 65.7044C14.9925 65.8468 15.0566 65.9839 15.1314 66.1174C15.2044 66.2492 15.2863 66.3774 15.3824 66.4966C15.5961 66.7637 15.8613 66.9987 16.1818 67.1839L50.6224 87.1984C51.4022 87.6524 52.2585 87.9034 53.1202 87.9586C53.4069 87.9764 53.6953 87.9728 53.9819 87.9479C54.2685 87.923 54.5516 87.8767 54.8311 87.8073C55.6697 87.6025 56.469 87.2073 57.1598 86.6251L78.0147 69.0123C78.3957 68.69 78.7143 68.3073 78.96 67.8818Z" fill="#F1EEEA"/>
-<path d="M98.7433 24.908C98.7433 24.3792 98.5991 23.8701 98.3445 23.4268L85.7255 30.7119L85.3089 30.9522C85.5314 31.4579 85.608 32.0276 85.5065 32.5973L82.1078 51.6629L79.464 66.4949C79.3554 67.1073 79.1133 67.6841 78.7626 68.188C78.7626 68.188 78.7626 68.188 78.7626 68.1898C78.7021 68.277 78.6344 68.3624 78.5667 68.4461C78.5561 68.4586 78.5489 68.4711 78.5383 68.4835C78.4795 68.5547 78.4154 68.6224 78.3513 68.6882C78.33 68.7114 78.3104 68.7345 78.289 68.7577C78.2409 68.8075 78.1875 68.852 78.1359 68.8983C78.095 68.9357 78.0576 68.9749 78.0148 69.0105L57.16 86.6234C56.471 87.2055 55.6716 87.6025 54.8313 87.8055C54.591 87.8643 54.3471 87.9034 54.1031 87.9301V88.0174L54.1761 104.434C55.1678 104.437 56.1594 104.185 57.0461 103.672L74.6482 93.5097L97.4686 80.3334C97.7445 80.1732 97.9884 79.972 98.1914 79.7388C98.2323 79.6925 98.2715 79.6444 98.3089 79.5946C98.3837 79.4967 98.4531 79.3934 98.5136 79.2866C98.5439 79.2332 98.5742 79.178 98.6009 79.1228C98.6561 79.0124 98.7024 78.8985 98.7433 78.781C98.843 78.4872 98.8946 78.1757 98.8946 77.857L98.7451 24.9062L98.7433 24.908Z" fill="#8C8679"/>
-<path d="M54.1974 104.502C54.1529 104.502 54.1084 104.479 54.1084 104.436L54.0354 87.9321C54.0354 87.8982 54.0603 87.8697 54.0942 87.8644C54.3559 87.8359 54.5909 87.795 54.8134 87.7416C55.6555 87.5368 56.4513 87.1327 57.1136 86.5719L77.9685 68.959C77.9934 68.9376 78.0183 68.9145 78.0432 68.8913L78.1323 68.8095C78.1679 68.7774 78.2035 68.7454 78.2391 68.7115C78.2498 68.7009 78.2604 68.6884 78.2693 68.6777C78.28 68.667 78.2889 68.6546 78.2996 68.6439C78.3619 68.578 78.426 68.5121 78.483 68.4427L78.5115 68.4053C78.5898 68.3092 78.6521 68.2273 78.7037 68.1525C79.0545 67.6487 79.2877 67.0879 79.3945 66.4843L85.437 32.5849C85.5331 32.0419 85.4672 31.4865 85.2429 30.9791C85.2287 30.947 85.2429 30.9114 85.2714 30.8936L98.307 23.3664C98.3391 23.3486 98.38 23.3592 98.3978 23.3913C98.6631 23.8506 98.8037 24.374 98.8055 24.9064L98.9551 77.8571C98.9551 78.1794 98.9034 78.498 98.8002 78.8025C98.7592 78.9218 98.7112 79.0393 98.6542 79.1532C98.6257 79.2102 98.5972 79.2654 98.5652 79.3206C98.5029 79.4292 98.4316 79.536 98.3551 79.6357C98.3159 79.6855 98.2768 79.7354 98.2358 79.7835C98.024 80.0256 97.7765 80.2303 97.497 80.3923L57.0727 103.731C56.1985 104.236 55.2015 104.502 54.1903 104.502H54.1974ZM54.1707 87.9908V88.0175L54.2419 104.366C55.214 104.359 56.17 104.099 57.0121 103.613L97.4364 80.2748C97.7035 80.1217 97.9403 79.9259 98.1415 79.6944C98.1806 79.6481 98.2198 79.6019 98.2554 79.5538C98.3284 79.4577 98.396 79.358 98.4548 79.2529C98.4851 79.2013 98.5135 79.1479 98.5402 79.0945C98.5937 78.9859 98.6399 78.8737 98.6791 78.7598C98.777 78.4696 98.8269 78.1651 98.8269 77.8571L98.6773 24.9064C98.6773 24.4203 98.5527 23.9414 98.3195 23.5159L85.3925 30.9791C85.6079 31.4972 85.6702 32.058 85.5723 32.6081L79.5298 66.5075C79.4194 67.1288 79.1791 67.7074 78.8177 68.2273C78.7625 68.3074 78.6984 68.3893 78.6183 68.489L78.6076 68.5032C78.6076 68.5032 78.5951 68.5193 78.5898 68.5264C78.5293 68.5976 78.4652 68.667 78.4011 68.7347C78.3922 68.7454 78.3833 68.7543 78.3744 68.7649C78.3619 68.7792 78.3512 68.7917 78.337 68.8041C78.3014 68.8397 78.264 68.8736 78.2248 68.9074L78.1376 68.9875C78.1109 69.0124 78.086 69.0373 78.0575 69.0605L57.2026 86.6734C56.5243 87.2466 55.7089 87.6614 54.8472 87.8697C54.6354 87.9214 54.4146 87.9605 54.1707 87.989V87.9908Z" fill="#192147"/>
-<path d="M37.5531 43.8171L78.9602 67.8801C79.2058 67.4546 79.3768 66.9881 79.464 66.4968L85.5065 32.5992C85.5332 32.4514 85.5474 32.3036 85.551 32.1577C85.5563 31.9387 85.5349 31.7215 85.4904 31.5096C85.4602 31.369 85.421 31.2319 85.3712 31.0984C85.3213 30.9648 85.2608 30.8349 85.1913 30.7102C84.9474 30.2741 84.5878 29.8984 84.1356 29.6367L46.2109 7.59791C45.3563 7.1012 44.2668 7.60503 44.0923 8.57888L38.0569 42.4338C37.9697 42.9251 37.797 43.3916 37.5531 43.8171Z" fill="#E2DED5"/>
-<path d="M78.96 67.9476C78.9475 67.9476 78.9368 67.944 78.9262 67.9387L37.5191 43.8756C37.4871 43.8578 37.4764 43.8169 37.4942 43.7848C37.7381 43.3611 37.9054 42.9036 37.9909 42.4229L44.0262 8.56801C44.1135 8.08198 44.4197 7.68496 44.8665 7.47666C45.3152 7.26836 45.8155 7.29151 46.2427 7.54076L84.1675 29.5795C84.6197 29.843 84.9935 30.2222 85.2481 30.6798C85.3194 30.8062 85.3817 30.9397 85.4333 31.0768C85.4849 31.2139 85.5259 31.3563 85.5561 31.4987C85.6024 31.7159 85.6238 31.9385 85.6185 32.161C85.6149 32.3124 85.6006 32.4637 85.5739 32.6115L79.5315 66.5091C79.4425 67.0058 79.2716 67.4776 79.0187 67.9137C79.0098 67.9298 78.9956 67.9404 78.9778 67.944C78.9725 67.944 78.9671 67.9458 78.96 67.9458V67.9476ZM37.6437 43.792L78.9351 67.7891C79.1612 67.3814 79.3161 66.9435 79.398 66.4859L85.4404 32.5883C85.4653 32.4459 85.4796 32.3017 85.4831 32.1575C85.4885 31.9456 85.4671 31.7337 85.4244 31.5254C85.3959 31.3901 85.3567 31.2548 85.3069 31.1231C85.257 30.9931 85.1983 30.8649 85.1306 30.7439C84.8867 30.3077 84.5307 29.9463 84.0998 29.6953L46.1751 7.65648C45.787 7.43037 45.3294 7.41079 44.9217 7.59773C44.514 7.78644 44.2345 8.14963 44.1562 8.59115L38.1209 42.446C38.0372 42.9196 37.8752 43.3736 37.6419 43.7937L37.6437 43.792Z" fill="#192147"/>
-<path d="M41.9897 40.655L46.7913 13.7131C46.9213 12.9832 47.7384 12.604 48.3794 12.9779L80.6195 31.7141C81.3957 32.1645 81.807 33.0529 81.6485 33.936L76.847 60.8778C76.717 61.6077 75.8998 61.9869 75.2589 61.6131L43.0188 42.8768C42.2425 42.4264 41.8313 41.538 41.9897 40.655Z" fill="#8C8679"/>
-<path d="M75.7965 61.827C75.6007 61.827 75.4048 61.7754 75.2286 61.6722L42.9885 42.9359C42.1909 42.473 41.7654 41.5526 41.9274 40.6446L46.729 13.7028C46.7948 13.3325 47.0281 13.0298 47.3699 12.8714C47.7117 12.7129 48.0927 12.7307 48.4167 12.9194L80.6568 31.6557C81.4544 32.1186 81.8799 33.039 81.7197 33.947L76.9181 60.8888C76.8523 61.2591 76.619 61.5618 76.279 61.7202C76.1241 61.7914 75.9621 61.827 75.8001 61.827H75.7965ZM47.8452 12.8998C47.7028 12.8998 47.5586 12.9319 47.4233 12.9942C47.1224 13.1331 46.9159 13.4001 46.8589 13.7277L42.0574 40.6695C41.906 41.5223 42.3066 42.3876 43.0544 42.822L75.2945 61.5582C75.5811 61.7256 75.9176 61.7398 76.2185 61.6009C76.5193 61.4621 76.7259 61.195 76.7828 60.8674L81.5844 33.9256C81.7357 33.0728 81.3352 32.2076 80.5874 31.7732L48.3473 13.0369C48.1906 12.9461 48.0179 12.8998 47.8452 12.8998Z" fill="#192147"/>
-<path d="M43.3735 41.1841L48.2961 13.0103L80.5629 31.7875C81.3409 32.2397 81.7504 33.1316 81.5902 34.0164L76.7761 60.5132L43.3717 41.1841H43.3735Z" fill="#192147"/>
-<path d="M45.9954 38.1963L49.8979 13.9L80.5624 31.7871C81.3404 32.2393 81.7499 33.1312 81.5897 34.016L77.1317 57.8423L47.4072 41.0163C46.3782 40.4769 45.8103 39.3428 45.9936 38.1963H45.9954Z" fill="#3E4771"/>
-<path d="M49.7824 25.6022L50.2969 25.9155C50.8381 26.2449 51.1426 26.7932 51.0286 27.541C50.9147 28.2887 50.5034 28.424 49.9871 28.1089L49.4477 27.7795L49.7824 25.6022ZM50.0014 27.6834C50.2916 27.8596 50.5159 27.7991 50.596 27.2775C50.6761 26.7558 50.5034 26.4745 50.2132 26.2983L50.1438 26.2556L49.932 27.6407L50.0014 27.6834Z" fill="#3DB67B"/>
-<path d="M51.2391 28.4203L51.6753 28.6856L51.8836 27.3343L51.4474 27.069L51.5115 26.656L52.8041 27.4447L52.74 27.8577L52.3038 27.5925L52.0955 28.9437L52.5317 29.209L52.4676 29.622L51.175 28.8334L51.2391 28.4203Z" fill="#3DB67B"/>
-<path d="M52.8696 29.5654L53.1633 29.3749C53.2844 29.5956 53.4428 29.7932 53.6244 29.9036C53.806 30.014 53.8986 29.982 53.9146 29.8751C53.9396 29.7185 53.8345 29.6134 53.6707 29.4194L53.4464 29.1505C53.2541 28.9333 53.0939 28.6325 53.142 28.3156C53.1972 27.9542 53.5194 27.8366 53.9253 28.0823C54.1496 28.2194 54.3615 28.4562 54.5004 28.7446L54.2404 28.9262C54.1265 28.7357 54.0197 28.6058 53.8363 28.4936C53.6974 28.4081 53.5924 28.4188 53.5728 28.5452C53.5532 28.6716 53.6707 28.7998 53.8381 28.9868L54.0482 29.2396C54.276 29.4959 54.4024 29.7665 54.3562 30.0745C54.301 30.4359 53.993 30.5908 53.5301 30.3095C53.2773 30.1564 53.0334 29.8894 52.8678 29.5618L52.8696 29.5654Z" fill="#3DB67B"/>
-<path d="M54.9276 28.7372L55.3548 28.9971L55.2177 29.8855L55.2284 29.8926L55.9139 29.3389L56.3821 29.6238L55.1091 30.5798L55.0183 31.1745L54.5911 30.9145L54.9258 28.7372H54.9276ZM55.3548 30.2736L55.661 30.0404L56.1008 31.835L55.6326 31.5501L55.3548 30.2754V30.2736Z" fill="#3DB67B"/>
-<path d="M58.4367 30.8757L59.674 31.6288L59.6099 32.0418L58.7963 31.5451L58.7287 31.9813L59.4212 32.4032L59.3571 32.8162L58.6646 32.3943L58.588 32.8964L59.4301 33.4091L59.366 33.8221L58.1002 33.0513L58.4349 30.8739L58.4367 30.8757Z" fill="#3DB67B"/>
-<path d="M60.08 31.8761L60.5126 32.1396L60.7387 33.4606L60.8259 34.0374L60.8348 34.0428C60.8508 33.8024 60.858 33.4731 60.8989 33.2149L61.0164 32.4458L61.4188 32.6915L61.0841 34.8688L60.6514 34.6054L60.4253 33.2808L60.3381 32.7075L60.3274 32.7022C60.3096 32.955 60.3043 33.2701 60.2651 33.5265L60.1458 34.2991L59.7435 34.0535L60.0782 31.8761H60.08Z" fill="#3DB67B"/>
-<path d="M61.5949 34.0035C61.7053 33.2807 62.161 33.1009 62.6613 33.4053C62.8981 33.5495 63.0708 33.7988 63.1758 34.0213L62.8963 34.1851C62.8216 34.0338 62.7308 33.9127 62.5954 33.8308C62.3302 33.6688 62.097 33.8148 62.0293 34.251C61.9616 34.6872 62.1148 35.0771 62.3961 35.248C62.5314 35.3299 62.6542 35.321 62.761 35.2604L62.948 35.7002C62.7628 35.8177 62.5385 35.7999 62.2875 35.6468C61.8228 35.3637 61.4827 34.7388 61.5949 34.0035Z" fill="#3DB67B"/>
-<path d="M63.5247 33.975L64.187 34.3791C64.5822 34.6195 64.8831 34.9791 64.803 35.4972C64.7229 36.0152 64.3686 36.0152 63.9734 35.7749L63.733 35.6289L63.6119 36.4123L63.1882 36.1541L63.5229 33.9768L63.5247 33.975ZM64.0001 35.3619C64.2208 35.4972 64.3579 35.458 64.39 35.2444C64.422 35.0307 64.3152 34.8847 64.0926 34.7494L63.8861 34.6248L63.7918 35.2372L63.9983 35.3619H64.0001ZM64.2582 35.4598L64.6641 37.0514L64.1923 36.763L63.9182 35.5969L64.2582 35.4598Z" fill="#3DB67B"/>
-<path d="M65.4711 36.7382L65.0919 34.9312L65.5423 35.2053L65.6509 35.8445C65.6794 36.0456 65.7115 36.2379 65.7435 36.4462L65.7542 36.4533C65.8397 36.3145 65.9233 36.1934 66.0052 36.0599L66.2723 35.6504L66.712 35.9192L65.8895 36.9946L65.7756 37.7316L65.3536 37.4735L65.4676 36.7364L65.4711 36.7382Z" fill="#3DB67B"/>
-<path d="M66.977 36.0775L67.6393 36.4799C68.0435 36.7273 68.3443 37.0959 68.2624 37.6264C68.1806 38.1569 67.8138 38.1605 67.4186 37.9202L67.1782 37.7742L67.0643 38.513L66.6423 38.2566L66.977 36.0793V36.0775ZM67.4524 37.5142C67.6838 37.6549 67.812 37.6015 67.8476 37.3754C67.8832 37.1493 67.7764 36.9944 67.5539 36.8573L67.3385 36.7256L67.237 37.3825L67.4524 37.5142Z" fill="#3DB67B"/>
-<path d="M69.0652 37.8028L68.5062 37.4627L68.5703 37.0497L70.1102 37.9879L70.0461 38.401L69.4871 38.0609L69.2165 39.8252L68.7946 39.5689L69.0652 37.8045V37.8028Z" fill="#3DB67B"/>
-<path d="M70.1406 39.9357L70.5768 40.201L70.785 38.8497L70.3489 38.5844L70.413 38.1714L71.7055 38.9601L71.6414 39.3731L71.2052 39.1078L70.9969 40.4591L71.4331 40.7244L71.369 41.1374L70.0765 40.3487L70.1406 39.9357Z" fill="#3DB67B"/>
-<path d="M71.8604 40.2328C71.9726 39.5046 72.3375 39.2999 72.7826 39.5705C73.2277 39.8411 73.4734 40.4197 73.3612 41.1461C73.2491 41.8725 72.8805 42.0986 72.4355 41.828C71.9904 41.5574 71.7465 40.977 71.8604 40.231V40.2328ZM72.9286 40.8826C72.998 40.4304 72.9126 40.1153 72.7167 39.996C72.5209 39.8767 72.3625 40.0441 72.293 40.4963C72.2236 40.9485 72.3055 41.285 72.5013 41.4025C72.6972 41.52 72.8556 41.3526 72.9286 40.8826Z" fill="#3DB67B"/>
-<path d="M73.8258 40.2506L74.2584 40.5141L74.4845 41.8351L74.57 42.4119L74.5789 42.4173C74.5949 42.1769 74.602 41.8476 74.6429 41.5894L74.7605 40.8203L75.1628 41.066L74.8281 43.2434L74.3955 42.9799L74.1694 41.6553L74.0821 41.082L74.0732 41.0767C74.0554 41.3295 74.0501 41.6446 74.0109 41.901L73.8916 42.6736L73.4893 42.428L73.824 40.2506H73.8258Z" fill="#3DB67B"/>
-<path d="M49.2287 29.6542L50.466 30.4073L50.4019 30.8204L49.5883 30.3237L49.5207 30.7598L50.2132 31.1818L50.1491 31.5948L49.4566 31.1729L49.38 31.6749L50.2221 32.1877L50.158 32.6007L48.8922 31.8298L49.2269 29.6525L49.2287 29.6542Z" fill="#3DB67B"/>
-<path d="M50.8719 30.6547L51.3046 30.9181L51.5307 32.2392L51.6161 32.816L51.625 32.8213C51.6411 32.581 51.6482 32.2516 51.6891 31.9935L51.8066 31.2244L52.209 31.4701L51.8743 33.6474L51.4417 33.3839L51.2156 32.0593L51.1283 31.4861L51.1176 31.4807C51.0998 31.7335 51.0945 32.0487 51.0553 32.305L50.936 33.0777L50.5337 32.832L50.8684 30.6547H50.8719Z" fill="#3DB67B"/>
-<path d="M53.0065 31.9561L53.5121 32.2641L53.7578 34.7957L53.311 34.5233L53.2397 33.2735C53.2255 33.0278 53.2077 32.7376 53.1988 32.4795L53.1881 32.4724C53.108 32.6753 53.0154 32.8979 52.9353 33.0866L52.5241 34.0409L52.0914 33.7774L53.0065 31.9525V31.9561ZM52.6148 33.1115L53.5068 33.6545L53.448 34.0391L52.5561 33.4961L52.6148 33.1115Z" fill="#3DB67B"/>
-<path d="M54.3293 32.7626L54.9559 33.1453C55.3441 33.3821 55.62 33.6848 55.5559 34.1014C55.5256 34.2972 55.3939 34.445 55.1643 34.3773V34.3898C55.4206 34.6088 55.5346 34.858 55.49 35.15C55.4224 35.5933 55.0806 35.6022 54.6747 35.3547L53.9946 34.9399L54.3293 32.7626ZM54.8028 34.007C55.0076 34.1317 55.1091 34.0836 55.134 33.918C55.1589 33.7524 55.077 33.6367 54.8812 33.5174L54.6907 33.4017L54.6159 33.8931L54.8028 34.007ZM54.6996 34.9506C54.9292 35.0913 55.0539 35.061 55.0841 34.8616C55.1144 34.6622 55.0183 34.5269 54.7868 34.3845L54.5625 34.2474L54.4753 34.8135L54.6996 34.9506Z" fill="#3DB67B"/>
-<path d="M56.1421 33.8666L56.5641 34.1229L56.2935 35.8873L57.1231 36.3929L57.059 36.8059L55.8074 36.0439L56.1421 33.8666Z" fill="#3DB67B"/>
-<path d="M57.8188 34.8884L59.0562 35.6415L58.9921 36.0545L58.1785 35.5578L58.1108 35.994L58.8034 36.4159L58.7393 36.8289L58.0467 36.407L57.9702 36.9091L58.8123 37.4218L58.7482 37.8348L57.4824 37.064L57.8171 34.8866L57.8188 34.8884Z" fill="#3DB67B"/>
-<path d="M59.475 35.8962L59.9913 36.2096C60.5325 36.5389 60.8369 37.0873 60.723 37.835C60.609 38.5828 60.1978 38.7181 59.6815 38.403L59.142 38.0736L59.4767 35.8962H59.475ZM59.6939 37.9775C59.9841 38.1537 60.2085 38.0932 60.2886 37.5715C60.3687 37.0517 60.196 36.7686 59.9058 36.5924L59.8364 36.5496L59.6245 37.9347L59.6939 37.9775Z" fill="#3DB67B"/>
-<path d="M61.9332 37.9471C61.9546 37.81 61.8727 37.6818 61.7534 37.6088C61.6341 37.5358 61.538 37.5483 61.4365 37.5839L61.2407 37.1922C61.4062 37.0979 61.6163 37.0908 61.8424 37.2278C62.17 37.4272 62.4014 37.762 62.3445 38.1305C62.2768 38.5702 61.8015 38.3406 61.7765 38.7483L61.408 38.5239C61.4151 38.0415 61.8923 38.1964 61.9314 37.9471H61.9332ZM61.2353 39.0224C61.2656 38.823 61.408 38.7625 61.5736 38.8622C61.7392 38.9619 61.8389 39.172 61.8086 39.3714C61.7783 39.5708 61.6341 39.6366 61.4703 39.5369C61.3065 39.4372 61.2051 39.2218 61.2371 39.0224H61.2353Z" fill="#3DB67B"/>
-<path d="M46.9213 21.7142C59.0472 24.2013 70.2135 30.3026 80.3133 40.4327L81.5934 34.1018C81.7661 33.1422 81.3192 32.179 80.4771 31.6894L48.4346 13.1134L46.9231 21.716L46.9213 21.7142Z" fill="#192147"/>
-<path d="M76.8327 60.6824C76.8221 60.6824 76.8096 60.6789 76.7989 60.6735L43.3945 41.3444C43.3695 41.3302 43.3571 41.3035 43.3624 41.275L48.2851 13.1012C48.2922 13.0655 48.3242 13.0388 48.3616 13.0477C48.3972 13.0549 48.4221 13.0887 48.415 13.1243L43.5013 41.2518L76.8648 60.5578C76.8968 60.5756 76.9075 60.6166 76.8897 60.6486C76.8773 60.67 76.8541 60.6824 76.8327 60.6824Z" fill="#192147"/>
-<path d="M42.1677 42.0206C42.1445 42.0206 42.1214 42.0081 42.1089 41.985C42.0911 41.9529 42.1036 41.912 42.1374 41.8942L43.3979 41.2248C43.4299 41.207 43.4709 41.2194 43.4887 41.2533C43.5065 41.2853 43.494 41.3262 43.4602 41.3441L42.1997 42.0135C42.189 42.0188 42.1784 42.0206 42.1677 42.0206Z" fill="#192147"/>
-<path d="M97.2621 22.3407L89.1776 17.6424L59.7913 0.565375C58.9083 0.0526382 57.8169 0.0508589 56.9321 0.563596L44.8436 7.56388C45.335 7.42145 45.7961 7.41433 46.2091 7.5977L84.1339 29.6365C84.668 29.9463 85.0721 30.4127 85.3089 30.9539L98.3445 23.4267C98.0881 22.9834 97.7196 22.6059 97.2621 22.3407Z" fill="#F1EEEA"/>
-<path d="M85.3088 31.0199C85.3088 31.0199 85.2946 31.0199 85.2875 31.0163C85.2697 31.011 85.2554 30.9967 85.2465 30.9789C85.008 30.4341 84.6109 29.989 84.0982 29.6917L46.1735 7.65295C45.7996 7.48738 45.367 7.47848 44.8596 7.62624C44.8276 7.63515 44.7937 7.61912 44.7795 7.58886C44.767 7.55859 44.7795 7.5212 44.808 7.50518L56.8965 0.504899C57.7991 -0.0167398 58.9207 -0.0167408 59.8215 0.506678L97.2923 22.282C97.7516 22.549 98.1344 22.9336 98.3997 23.3929C98.4175 23.4249 98.4068 23.4659 98.3747 23.4837L85.3391 31.011C85.3284 31.0163 85.3177 31.0199 85.3053 31.0199H85.3088ZM45.5272 7.38946C45.78 7.38946 46.015 7.43753 46.2358 7.53545L84.1659 29.5778C84.6804 29.8769 85.0845 30.3184 85.3373 30.8579L98.2519 23.4018C97.9991 22.987 97.6466 22.6416 97.2264 22.3977L59.7557 0.622402C58.8958 0.122127 57.8258 0.122125 56.9641 0.62062L45.2406 7.40904C45.3385 7.39658 45.4329 7.38946 45.5254 7.38946H45.5272Z" fill="#192147"/>
-<path d="M53.4815 88.0583C53.3587 88.0583 53.2358 88.0547 53.113 88.0458C52.2246 87.9889 51.3469 87.7218 50.576 87.2749L16.1354 67.2604C14.3604 66.0889 14.5028 64.9157 14.5099 64.8658L14.6862 64.8908C14.6862 64.9014 14.5598 66.007 16.2297 67.1091L50.6668 87.1218C51.4145 87.5562 52.2655 87.8144 53.1272 87.8696C53.4085 87.8874 53.6951 87.8838 53.9747 87.8589C53.996 87.8571 54.0174 87.8535 54.0405 87.8518L54.0957 87.8446L54.1153 88.0209L54.0654 88.028C54.0405 88.0316 54.0156 88.0351 53.9907 88.0369C53.8233 88.0512 53.6524 88.0583 53.4833 88.0583H53.4815Z" fill="#192147"/>
-<path d="M54.1137 88.0211L54.0941 87.8449C54.3558 87.8164 54.589 87.7772 54.8115 87.722C55.6501 87.5173 56.4423 87.1149 57.1028 86.5577L77.9577 68.9448C77.9826 68.9235 78.0076 68.9003 78.0307 68.8772L78.1197 68.7953C78.1553 68.7632 78.1909 68.7312 78.2248 68.6973C78.2354 68.6867 78.2443 68.676 78.255 68.6635C78.2657 68.6511 78.2764 68.6404 78.2871 68.6279C78.3494 68.562 78.4117 68.4962 78.4704 68.4267L78.4989 68.3894C78.5773 68.2932 78.6378 68.2131 78.6912 68.1383L78.7019 68.1241C79.0401 67.6363 79.2716 67.079 79.3784 66.4791L85.298 32.6438C85.4957 31.5132 84.9633 30.3649 83.9735 29.7863L46.7698 8.03773C45.8867 7.53212 45.1995 7.37189 44.7277 7.56416C44.3984 7.69769 44.1616 8.01103 44.0245 8.49706L43.8536 8.44899C44.0067 7.90955 44.2791 7.55526 44.6619 7.40037C45.1871 7.18673 45.9259 7.34874 46.8606 7.88462L84.066 29.635C85.12 30.251 85.6861 31.4741 85.4761 32.6758L79.5564 66.5111C79.4443 67.136 79.2039 67.7182 78.8408 68.2398C78.7856 68.3199 78.7215 68.4036 78.6396 68.5033C78.6236 68.5247 78.6164 68.5336 78.6093 68.5425C78.5488 68.6137 78.4847 68.6831 78.4188 68.7508L78.3921 68.781C78.3796 68.7953 78.3672 68.8095 78.3547 68.822C78.3191 68.8576 78.2799 68.8932 78.2426 68.927L78.1571 69.0054C78.1304 69.0303 78.1037 69.0552 78.077 69.0801L57.2221 86.693C56.5403 87.268 55.7231 87.6846 54.8578 87.8947C54.6282 87.9499 54.3861 87.9909 54.1172 88.0211H54.1137Z" fill="#192147"/>
-<path d="M58.3598 0.179203C58.8547 0.179203 59.3479 0.307387 59.7912 0.565535L89.1774 17.6425L97.2619 22.3408C97.7194 22.6061 98.0897 22.9835 98.3443 23.4268C98.6007 23.8701 98.7413 24.3793 98.7431 24.9081L98.8927 77.8588C98.8927 78.1775 98.841 78.4891 98.7413 78.7828C98.7022 78.9003 98.6541 79.0143 98.5989 79.1247C98.5722 79.1798 98.542 79.235 98.5117 79.2885C98.4494 79.3953 98.3817 79.4985 98.3069 79.5965C98.2696 79.6463 98.2304 79.6926 98.1894 79.7407C97.9865 79.9739 97.7426 80.1751 97.4666 80.3353L74.6463 93.5116L57.0441 103.674C56.1628 104.183 55.1801 104.436 54.1956 104.436C54.1902 104.436 54.1867 104.436 54.1813 104.436C54.1813 104.436 54.176 104.436 54.1724 104.436C53.1914 104.432 52.2105 104.176 51.3328 103.665L19.5698 85.2063L17.5954 84.058C15.84 83.0378 14.7611 81.1614 14.7611 79.1318L14.7682 64.9585V64.8927C14.7629 64.809 14.7611 64.7235 14.7629 64.6381C14.7682 64.4173 14.8003 64.1983 14.8572 63.9829C14.9427 63.6607 15.0851 63.3491 15.2881 63.066C15.4234 62.8773 15.5836 62.7011 15.7723 62.5426L36.6058 44.9475C36.9904 44.5719 37.3144 44.1909 37.5512 43.817C37.7969 43.3915 37.9678 42.9251 38.055 42.4337L44.0904 8.57883C44.174 8.11238 44.4678 7.75631 44.8434 7.56404L44.9948 7.47502L56.9319 0.561974C57.3735 0.305605 57.8666 0.179203 58.3598 0.179203ZM58.3598 0.00116901C57.8274 0.00116901 57.304 0.141814 56.8429 0.408865L44.9058 7.32191L44.758 7.40915C44.3111 7.64059 44.0031 8.05541 43.9159 8.54856L37.8806 42.4034C37.7969 42.8717 37.6349 43.3168 37.3981 43.7298C37.1844 44.0681 36.8764 44.4366 36.4865 44.8176L15.6584 62.4073C15.4626 62.5729 15.2899 62.7598 15.1439 62.9628C14.932 63.2583 14.7789 63.5859 14.6845 63.9366C14.624 64.1627 14.5902 64.3977 14.5849 64.6327C14.5831 64.7164 14.5849 64.8019 14.5902 64.8962V64.9567L14.5831 79.13C14.5831 81.2148 15.7029 83.1625 17.5064 84.2093L19.4808 85.3576L51.2438 103.816C52.1321 104.332 53.1452 104.607 54.1724 104.612H54.1813H54.3593V104.608C55.3332 104.582 56.2892 104.311 57.1331 103.825L74.7353 93.6629L97.5556 80.4866C97.8458 80.3193 98.104 80.1074 98.323 79.8546C98.3657 79.8048 98.4084 79.7531 98.4476 79.7015C98.5277 79.5982 98.6007 79.4879 98.6648 79.3739C98.6968 79.3169 98.7289 79.2582 98.7574 79.2012C98.8143 79.0837 98.866 78.9609 98.9069 78.838C99.0137 78.5211 99.0689 78.1918 99.0672 77.8571L98.9176 24.9063C98.9176 24.3562 98.7698 23.8132 98.4939 23.336C98.2179 22.8589 97.8209 22.4619 97.3456 22.1842L89.2611 17.4859L59.8748 0.408865C59.4137 0.140034 58.8885 -0.000610352 58.3544 -0.000610352L58.3598 0.00116901Z" fill="#192147"/>
-<path d="M71.9845 69.862C71.9685 69.5041 71.8795 69.1463 71.7193 68.7973C71.5822 68.4982 71.3917 68.2062 71.1478 67.9249C70.9288 67.6721 70.6671 67.4282 70.3626 67.1986C70.1757 67.0579 69.9727 66.9208 69.7538 66.7891C69.6327 66.7179 69.5099 66.6484 69.3835 66.5808C69.0292 66.3939 68.6535 66.2301 68.2601 66.0876C67.8506 65.9399 67.4233 65.8152 66.9836 65.7138C66.5047 65.6034 66.0115 65.5215 65.5112 65.4681C64.9184 65.404 64.3148 65.3808 63.7131 65.3969C62.7143 65.4218 61.7209 65.5571 60.7933 65.8028C59.9993 66.0129 59.2533 66.3031 58.5911 66.6751C58.543 66.7019 58.4967 66.7286 58.4504 66.7553C57.6493 67.2271 57.0618 67.7772 56.6879 68.3629C56.4564 68.7243 56.3069 69.1 56.2392 69.481C56.1823 69.7979 56.184 70.1183 56.241 70.4352C56.2944 70.7236 56.3941 71.0085 56.5401 71.288C56.679 71.5515 56.8588 71.8079 57.0813 72.0571C57.2985 72.301 57.5567 72.536 57.8558 72.7586C58.0338 72.8903 58.2243 73.0185 58.4308 73.1431C58.5804 73.2321 58.7335 73.3176 58.8919 73.3977C59.305 73.6078 59.7465 73.7894 60.2094 73.9425C60.7506 74.1205 61.3221 74.2594 61.9078 74.3573C62.6805 74.4873 63.4799 74.5478 64.2775 74.5389C66.1984 74.5158 68.1087 74.0903 69.5953 73.2571C70.6226 72.6802 71.3205 71.9806 71.6854 71.2382C71.9062 70.7895 72.0059 70.3266 71.9845 69.8637V69.862Z" fill="#E2DED5"/>
-<path d="M64.1152 74.6068C63.3639 74.6068 62.618 74.5463 61.8951 74.4235C61.3005 74.3238 60.7255 74.1831 60.1878 74.0051C59.716 73.8502 59.2691 73.665 58.8614 73.4567C58.7012 73.3748 58.5445 73.2894 58.395 73.2004C58.1885 73.0775 57.9944 72.9476 57.8146 72.8122C57.5173 72.5897 57.252 72.3511 57.0295 72.1019C56.8069 71.8527 56.6218 71.5892 56.4794 71.3203C56.3298 71.0373 56.2265 70.7435 56.1731 70.448C56.1144 70.1239 56.1126 69.7946 56.1714 69.4688C56.2408 69.0771 56.3939 68.6926 56.6289 68.3276C57.0206 67.7151 57.6206 67.1668 58.4146 66.6986C58.4609 66.6719 58.5089 66.6452 58.5552 66.6167C59.2086 66.2499 59.9546 65.9544 60.7735 65.7372C61.6993 65.4915 62.6856 65.3544 63.7093 65.3277C64.3146 65.3117 64.9217 65.3366 65.5163 65.4007C66.022 65.4541 66.5205 65.5378 66.9976 65.6464C67.4427 65.7479 67.8753 65.8743 68.283 66.022C68.6836 66.1663 69.0646 66.3336 69.4153 66.5188C69.5399 66.5846 69.6663 66.6541 69.7891 66.7288C70.0081 66.8588 70.2147 66.9995 70.4051 67.1419C70.7096 67.3715 70.9766 67.619 71.201 67.8789C71.4466 68.1602 71.6407 68.4593 71.7831 68.7655C71.9469 69.1198 72.0377 69.4866 72.0537 69.8551C72.0751 70.3322 71.9718 70.8058 71.7475 71.2616C71.3647 72.0396 70.633 72.7464 69.6307 73.3107C68.1886 74.1208 66.289 74.5783 64.2808 74.6015C64.2274 74.6015 64.1722 74.6015 64.1188 74.6015L64.1152 74.6068ZM64.0636 65.4595C63.9461 65.4595 63.8304 65.4595 63.7129 65.4648C62.7016 65.4915 61.7242 65.6268 60.8091 65.8689C60.0009 66.0826 59.2656 66.3746 58.6211 66.736C58.5748 66.7627 58.5285 66.7894 58.4822 66.8161C57.7078 67.2736 57.1221 67.8059 56.7428 68.4024C56.5185 68.7531 56.3708 69.1216 56.3049 69.4955C56.2497 69.8053 56.2515 70.1186 56.3067 70.4266C56.3583 70.7097 56.4562 70.9892 56.6004 71.2616C56.7375 71.5215 56.9155 71.7743 57.131 72.0164C57.3482 72.2586 57.6045 72.4918 57.8965 72.709C58.0728 72.8407 58.265 72.9689 58.4662 73.0882C58.6122 73.1754 58.7671 73.2609 58.9238 73.341C59.3261 73.5457 59.7659 73.7273 60.2305 73.8805C60.7628 74.0549 61.3308 74.1938 61.9201 74.2935C62.6874 74.4217 63.4832 74.4822 64.279 74.4733C66.2641 74.4502 68.1423 73.998 69.5648 73.1986C70.544 72.6485 71.2579 71.9612 71.6282 71.2082C71.8437 70.772 71.9416 70.3198 71.9202 69.8658C71.9042 69.5151 71.817 69.1661 71.6621 68.8261C71.5268 68.5305 71.338 68.2421 71.1013 67.9697C70.8823 67.7187 70.6223 67.4766 70.325 67.2523C70.1399 67.1116 69.9369 66.9745 69.7215 66.8463C69.6004 66.7733 69.4776 66.7057 69.3547 66.6398C69.0094 66.4582 68.6337 66.2927 68.2385 66.1502C67.8361 66.0042 67.4088 65.8796 66.9691 65.7781C66.4973 65.6695 66.0042 65.5876 65.5039 65.5342C65.0303 65.4826 64.5478 65.4577 64.0654 65.4577L64.0636 65.4595Z" fill="#192147"/>
-<path d="M71.2063 68.4288C71.2027 68.5659 71.1867 68.7012 71.16 68.8365C71.1333 68.9718 71.0941 69.1053 71.0443 69.2371C70.9926 69.3724 70.9303 69.5077 70.8556 69.6412C70.7737 69.7854 70.6775 69.9279 70.5689 70.0667C70.4425 70.227 70.2965 70.3854 70.1327 70.5367C69.8746 70.7753 69.5702 71.0032 69.2194 71.2133C69.1642 71.2471 69.1091 71.2791 69.0503 71.3112C68.5945 71.5658 68.096 71.7794 67.5691 71.9503C67.14 72.0892 66.6931 72.1996 66.2338 72.2815C65.9347 72.3349 65.6321 72.3776 65.3241 72.4079C65.0606 72.4346 64.7953 72.4524 64.53 72.4613C64.2879 72.4702 64.0458 72.4702 63.8037 72.4648C63.5686 72.4595 63.3354 72.447 63.1022 72.4275C62.869 72.4079 62.6393 72.3829 62.4096 72.3509C62.1711 72.3171 61.9361 72.2761 61.7029 72.2281C61.4483 72.1746 61.199 72.1141 60.9551 72.0447C60.6578 71.9592 60.3694 71.8631 60.0917 71.7527C59.6982 71.5978 59.3243 71.4162 58.9789 71.2097C57.6312 70.4032 56.9618 69.3635 56.9636 68.3256L56.96 69.5344C56.9565 70.5723 57.6259 71.6138 58.9754 72.4186C59.3208 72.6251 59.6929 72.8049 60.0881 72.9616C60.3658 73.0719 60.6542 73.1681 60.9516 73.2535C61.1955 73.323 61.4447 73.3835 61.6993 73.4369C61.9307 73.485 62.1675 73.5259 62.4061 73.5598C62.6358 73.5918 62.8654 73.6185 63.0986 73.6363C63.3319 73.6559 63.5651 73.6683 63.8001 73.6737C64.0422 73.679 64.2843 73.679 64.5265 73.6701C64.7917 73.6612 65.057 73.6434 65.3205 73.6167C65.6267 73.5865 65.9312 73.5437 66.2302 73.4903C66.6896 73.4066 67.1364 73.2963 67.5655 73.1592C68.0943 72.9883 68.5928 72.7764 69.0467 72.52C69.1037 72.488 69.1607 72.4559 69.2159 72.4221C69.5666 72.212 69.871 71.9859 70.1292 71.7456C70.293 71.5943 70.439 71.4358 70.5654 71.2756C70.6758 71.1367 70.7701 70.9943 70.852 70.8501C70.9268 70.7166 70.9909 70.5812 71.0407 70.4459C71.0906 70.3124 71.1297 70.1789 71.1564 70.0454C71.1831 69.9101 71.1992 69.773 71.2027 69.6377C71.2027 69.6163 71.2027 69.5949 71.2027 69.5736L71.2063 68.3647C71.2063 68.3861 71.2063 68.4075 71.2063 68.4288Z" fill="#BC3857"/>
-<path d="M71.2046 68.2507C71.1904 67.9284 71.1103 67.6044 70.966 67.2911C70.8414 67.0222 70.6705 66.7587 70.4515 66.5059C70.2539 66.2781 70.0171 66.0591 69.7429 65.8508C69.5738 65.7226 69.3904 65.5997 69.1928 65.4822C69.0842 65.4181 68.9721 65.3541 68.8581 65.2953C68.5394 65.128 68.1994 64.9784 67.8451 64.8502C67.4766 64.7167 67.0903 64.6045 66.6932 64.5137C66.2624 64.414 65.8173 64.341 65.3651 64.293C64.831 64.236 64.2862 64.2146 63.745 64.2289C62.8441 64.252 61.9486 64.3749 61.1119 64.5956C60.3962 64.7843 59.7232 65.0478 59.125 65.3825C59.0823 65.4057 59.0396 65.4306 58.9986 65.4555C58.2758 65.881 57.747 66.376 57.4088 66.9047C57.2005 67.2305 57.0652 67.5706 57.0046 67.9124C56.953 68.199 56.9548 68.4875 57.0064 68.7741C57.0545 69.034 57.1435 69.2922 57.277 69.5432C57.4017 69.78 57.5637 70.0132 57.7648 70.2357C57.9607 70.4547 58.1939 70.6666 58.4627 70.8678C58.623 70.987 58.7957 71.1028 58.9808 71.2131C59.1161 71.2933 59.255 71.3698 59.3974 71.4428C59.7695 71.6333 60.1683 71.7953 60.5849 71.9342C61.0727 72.0944 61.5872 72.2208 62.116 72.308C62.8121 72.4256 63.5331 72.479 64.2542 72.4718C65.9864 72.4523 67.7098 72.0677 69.0504 71.3146C69.9762 70.7948 70.6064 70.1645 70.9358 69.4933C71.1352 69.0892 71.2242 68.6708 71.2064 68.2542L71.2046 68.2507Z" fill="#D66C7B"/>
-<path d="M63.7946 71.2844C63.7715 71.2844 63.7465 71.2826 63.7216 71.2791C63.4795 71.2399 63.3139 71.0103 63.3531 70.7681L64.2397 65.3221C64.2789 65.08 64.5067 64.9162 64.7506 64.9536C64.9928 64.9927 65.1583 65.2224 65.1192 65.4645L64.2326 70.9106C64.197 71.1295 64.0082 71.2844 63.7946 71.2844Z" fill="white"/>
-<path d="M60.389 69.0821C60.1683 69.0821 59.9778 68.9183 59.9475 68.694C59.9154 68.4501 60.0881 68.2275 60.332 68.1955L68.1887 67.1718C68.4326 67.1398 68.6551 67.3124 68.6872 67.5564C68.7192 67.8003 68.5465 68.0228 68.3026 68.0548L60.446 69.0785C60.4264 69.0803 60.4068 69.0821 60.3872 69.0821H60.389Z" fill="white"/>
-<path d="M64.1259 73.759C62.1568 73.759 60.1807 73.2979 58.7956 72.3793C57.2787 71.3752 56.6236 69.9687 56.9013 68.313L57.033 68.3344C56.6948 70.3568 57.8449 71.5888 58.8704 72.2671C61.5551 74.0457 66.4813 74.0866 69.2052 72.3526C70.2503 71.6867 71.4306 70.4672 71.1511 68.4234H71.1422V68.3611L71.2757 68.3522C71.5285 70.0506 70.836 71.4731 69.2764 72.4647C67.9198 73.3264 66.0273 73.7555 64.1277 73.7555L64.1259 73.759Z" fill="#192147"/>
-<path d="M64.1848 72.5609C61.0033 72.5609 57.6385 71.3343 56.9406 68.7866C56.8231 65.785 60.0811 64.4337 62.9083 64.1845C66.6968 63.8515 70.861 65.2758 71.2705 68.2418V68.249V68.2561C71.1138 70.0649 69.4546 72.1319 65.2708 72.5129C64.9147 72.5449 64.5497 72.5609 64.1848 72.5609ZM64.0067 64.2699C63.6436 64.2699 63.2804 64.2859 62.9207 64.318C60.1523 64.5619 56.9602 65.874 57.0741 68.767C57.8308 71.523 61.8561 72.6891 65.2601 72.3811C69.3567 72.009 70.9821 70.0079 71.1388 68.2543C70.772 65.6514 67.4001 64.2717 64.0067 64.2717V64.2699Z" fill="#192147"/>
-<path d="M59.5221 62.5628C59.506 62.2049 59.417 61.8471 59.2568 61.4981C59.1197 61.199 58.9292 60.907 58.6853 60.6258C58.4663 60.3729 58.2046 60.129 57.9002 59.8994C57.7132 59.7587 57.5103 59.6216 57.2913 59.4899C57.1702 59.4187 57.0474 59.3492 56.921 59.2816C56.5667 59.0947 56.1911 58.9309 55.7976 58.7884C55.3881 58.6407 54.9608 58.5161 54.5211 58.4146C54.0422 58.3042 53.549 58.2223 53.0488 58.1689C52.4559 58.1048 51.8524 58.0817 51.2506 58.0977C50.2519 58.1226 49.2584 58.2579 48.3309 58.5036C47.5368 58.7137 46.7909 59.0039 46.1286 59.376C46.0805 59.4027 46.0342 59.4294 45.9879 59.4561C45.1868 59.9279 44.5993 60.478 44.2254 61.0637C43.994 61.4251 43.8444 61.8008 43.7768 62.1818C43.7198 62.4987 43.7216 62.8191 43.7786 63.136C43.832 63.4244 43.9317 63.7093 44.0776 63.9888C44.2165 64.2523 44.3963 64.5087 44.6189 64.7579C44.8361 65.0018 45.0942 65.2368 45.3933 65.4594C45.5714 65.5911 45.7618 65.7193 45.9684 65.8439C46.1179 65.9329 46.271 66.0184 46.4295 66.0985C46.8425 66.3086 47.284 66.4902 47.7469 66.6433C48.2881 66.8213 48.8596 66.9602 49.4454 67.0581C50.218 67.1881 51.0174 67.2486 51.815 67.2397C53.736 67.2166 55.6463 66.7911 57.1329 65.9579C58.1601 65.381 58.858 64.6814 59.223 63.939C59.4437 63.4903 59.5434 63.0274 59.5221 62.5645V62.5628Z" fill="#E2DED5"/>
-<path d="M51.6529 67.3074C50.9016 67.3074 50.1557 67.2469 49.4329 67.1241C48.8382 67.0244 48.2632 66.8837 47.7255 66.7057C47.2537 66.5508 46.8069 66.3657 46.3992 66.1574C46.2389 66.0755 46.0823 65.99 45.9327 65.901C45.7262 65.7781 45.5321 65.6482 45.3523 65.5129C45.055 65.2903 44.7897 65.0518 44.5672 64.8025C44.3447 64.5533 44.1595 64.2898 44.0171 64.0209C43.8675 63.7379 43.7643 63.4441 43.7109 63.1486C43.6521 62.8246 43.6503 62.4952 43.7091 62.1694C43.7785 61.7777 43.9316 61.3932 44.1666 61.0282C44.5583 60.4158 45.1583 59.8674 45.9523 59.3992C45.9986 59.3725 46.0467 59.3458 46.0929 59.3173C46.7463 58.9505 47.4923 58.655 48.3113 58.4378C49.237 58.1921 50.2233 58.055 51.247 58.0283C51.8523 58.0141 52.4594 58.0372 53.0541 58.1013C53.5597 58.1547 54.0582 58.2384 54.5353 58.347C54.9804 58.4485 55.413 58.5749 55.8207 58.7227C56.2213 58.8669 56.6023 59.0342 56.953 59.2194C57.0776 59.2853 57.204 59.3547 57.3269 59.4295C57.5458 59.5594 57.7524 59.7001 57.9429 59.8425C58.2473 60.0722 58.5143 60.3196 58.7387 60.5796C58.9844 60.8608 59.1784 61.1599 59.3208 61.4662C59.4846 61.8205 59.5754 62.1872 59.5915 62.5557C59.6128 63.0329 59.5096 63.5064 59.2852 63.9622C58.9025 64.7402 58.1708 65.447 57.1684 66.0114C55.7264 66.8214 53.8267 67.279 51.8185 67.3021C51.7651 67.3021 51.7099 67.3021 51.6565 67.3021L51.6529 67.3074ZM51.6013 58.1601C51.4838 58.1601 51.3681 58.1601 51.2506 58.1654C50.2393 58.1921 49.2619 58.3274 48.3468 58.5696C47.5386 58.7832 46.8033 59.0752 46.1588 59.4366C46.1125 59.4633 46.0662 59.49 46.0199 59.5167C45.2455 59.9742 44.6598 60.5066 44.2806 61.103C44.0562 61.4537 43.9085 61.8222 43.8426 62.1961C43.7874 62.5059 43.7892 62.8192 43.8444 63.1272C43.896 63.4103 43.9939 63.6898 44.1381 63.9622C44.2752 64.2221 44.4533 64.4749 44.6687 64.7171C44.8859 64.9592 45.1422 65.1924 45.4342 65.4096C45.6105 65.5414 45.8028 65.6695 46.0039 65.7888C46.1499 65.8761 46.3048 65.9615 46.4615 66.0416C46.8638 66.2464 47.3036 66.428 47.7682 66.5811C48.3006 66.7555 48.8685 66.8944 49.4578 66.9941C50.2251 67.1223 51.0209 67.1828 51.8167 67.1739C53.8018 67.1508 55.6801 66.6986 57.1025 65.8992C58.0817 65.3491 58.7956 64.6619 59.166 63.9088C59.3814 63.4726 59.4793 63.0204 59.4579 62.5664C59.4419 62.2157 59.3547 61.8667 59.1998 61.5267C59.0645 61.2312 58.8758 60.9427 58.639 60.6704C58.42 60.4193 58.1601 60.1772 57.8628 59.9529C57.6776 59.8122 57.4746 59.6751 57.2592 59.547C57.1382 59.474 57.0153 59.4063 56.8925 59.3404C56.5471 59.1588 56.1714 58.9933 55.7762 58.8509C55.3738 58.7049 54.9466 58.5802 54.5068 58.4788C54.035 58.3702 53.5419 58.2883 53.0416 58.2349C52.568 58.1832 52.0856 58.1583 51.6031 58.1583L51.6013 58.1601Z" fill="#192147"/>
-<path d="M58.7492 61.1473C58.7457 61.2844 58.7297 61.4197 58.703 61.555C58.6763 61.6903 58.6371 61.8239 58.5872 61.9556C58.5356 62.0909 58.4733 62.2262 58.3985 62.3597C58.3166 62.5039 58.2205 62.6464 58.1119 62.7852C57.9855 62.9455 57.8395 63.1039 57.6757 63.2552C57.4176 63.4938 57.1131 63.7217 56.7624 63.9318C56.7072 63.9656 56.652 63.9976 56.5933 64.0297C56.1375 64.2843 55.639 64.4979 55.112 64.6688C54.683 64.8077 54.2361 64.9181 53.7768 65C53.4777 65.0534 53.175 65.0961 52.867 65.1264C52.6035 65.1531 52.3383 65.1709 52.073 65.1798C51.8309 65.1887 51.5887 65.1887 51.3466 65.1833C51.1116 65.178 50.8784 65.1655 50.6452 65.146C50.4119 65.1264 50.1823 65.1015 49.9526 65.0694C49.714 65.0356 49.479 64.9946 49.2458 64.9466C48.9912 64.8932 48.742 64.8326 48.4981 64.7632C48.2008 64.6777 47.9123 64.5816 47.6346 64.4712C47.2412 64.3163 46.8673 64.1347 46.5219 63.9282C45.1742 63.1217 44.5048 62.082 44.5066 61.0441L44.503 62.2529C44.4994 63.2908 45.1689 64.3323 46.5183 65.1371C46.8637 65.3436 47.2358 65.5234 47.6311 65.6801C47.9088 65.7904 48.1972 65.8866 48.4945 65.972C48.7384 66.0415 48.9877 66.102 49.2423 66.1554C49.4737 66.2035 49.7105 66.2444 49.949 66.2783C50.1787 66.3103 50.4084 66.337 50.6416 66.3548C50.8748 66.3744 51.1081 66.3869 51.3431 66.3922C51.5852 66.3975 51.8273 66.3975 52.0694 66.3886C52.3347 66.3797 52.6 66.3619 52.8635 66.3352C53.1697 66.305 53.4741 66.2622 53.7732 66.2088C54.2325 66.1251 54.6794 66.0148 55.1085 65.8777C55.6372 65.7068 56.1357 65.4949 56.5897 65.2385C56.6467 65.2065 56.7036 65.1744 56.7588 65.1406C57.1096 64.9305 57.414 64.7044 57.6721 64.4641C57.8359 64.3128 57.9819 64.1543 58.1083 63.9941C58.2187 63.8552 58.3131 63.7128 58.395 63.5686C58.4697 63.4351 58.5338 63.2998 58.5837 63.1644C58.6335 63.0309 58.6727 62.8974 58.6994 62.7639C58.7261 62.6286 58.7421 62.4915 58.7457 62.3562C58.7457 62.3348 58.7457 62.3134 58.7457 62.2921L58.7492 61.0832C58.7492 61.1046 58.7492 61.126 58.7492 61.1473Z" fill="#336C42"/>
-<path d="M58.7476 60.971C58.7333 60.6488 58.6532 60.3247 58.509 60.0114C58.3844 59.7426 58.2135 59.4791 57.9945 59.2263C57.7969 58.9984 57.5601 58.7794 57.2859 58.5711C57.1168 58.4429 56.9334 58.3201 56.7358 58.2026C56.6272 58.1385 56.515 58.0744 56.4011 58.0156C56.0824 57.8483 55.7424 57.6987 55.3881 57.5706C55.0196 57.437 54.6332 57.3249 54.2362 57.2341C53.8054 57.1344 53.3603 57.0614 52.9081 57.0133C52.374 56.9563 51.8292 56.935 51.288 56.9492C50.3871 56.9724 49.4916 57.0952 48.6548 57.316C47.9392 57.5047 47.2662 57.7682 46.668 58.1029C46.6253 58.126 46.5825 58.1509 46.5416 58.1759C45.8188 58.6014 45.29 59.0963 44.9517 59.6251C44.7434 59.9509 44.6081 60.2909 44.5476 60.6327C44.496 60.9194 44.4978 61.2078 44.5494 61.4944C44.5975 61.7543 44.6865 62.0125 44.82 62.2635C44.9446 62.5003 45.1066 62.7335 45.3078 62.9561C45.5036 63.1751 45.7369 63.3869 46.0057 63.5881C46.1659 63.7074 46.3386 63.8231 46.5238 63.9335C46.6591 64.0136 46.798 64.0901 46.9404 64.1631C47.3125 64.3536 47.7113 64.5156 48.1279 64.6545C48.6157 64.8147 49.1302 64.9411 49.6589 65.0284C50.3551 65.1459 51.0761 65.1993 51.7971 65.1922C53.5294 65.1726 55.2528 64.788 56.5934 64.035C57.5191 63.5151 58.1494 62.8849 58.4787 62.2137C58.6781 61.8095 58.7671 61.3912 58.7493 60.9746L58.7476 60.971Z" fill="#3DB67B"/>
-<path d="M51.6689 66.4794C49.6998 66.4794 47.7237 66.0183 46.3385 65.0996C44.8217 64.0955 44.1665 62.689 44.4443 61.0333L44.576 61.0547C44.2377 63.0772 45.3878 64.3091 46.4133 64.9875C49.0981 66.766 54.0243 66.807 56.7482 65.0729C57.7932 64.4071 58.9736 63.1875 58.6941 61.1437H58.6852V61.0814L58.8187 61.0725C59.0715 62.7709 58.379 64.1934 56.8194 65.1851C55.4628 66.0467 53.5685 66.4758 51.6707 66.4758L51.6689 66.4794Z" fill="#192147"/>
-<path d="M51.7277 65.2813C48.5463 65.2813 45.1832 64.0546 44.4836 61.507C44.3661 58.5053 47.6241 57.154 50.4495 56.9048C54.2398 56.5719 58.4022 57.9961 58.8117 60.9622V60.9693V60.9764C58.655 62.7852 56.9958 64.8522 52.812 65.2332C52.4559 65.2653 52.0909 65.2813 51.726 65.2813H51.7277ZM51.5497 56.9885C51.1865 56.9885 50.8233 57.0045 50.4637 57.0365C47.6953 57.2804 44.5031 58.5925 44.6171 61.4856C45.3737 64.2416 49.4008 65.4077 52.8048 65.0997C56.9014 64.7276 58.5268 62.7247 58.6835 60.9729C58.3168 58.37 54.9448 56.9902 51.5515 56.9902L51.5497 56.9885Z" fill="#192147"/>
-<path d="M49.1813 62.568C49.1048 62.568 49.0282 62.5485 48.9606 62.5093C48.8538 62.4488 48.7772 62.3455 48.7487 62.2244L48.2039 59.8975C48.1487 59.659 48.2965 59.4186 48.5351 59.3634C48.7754 59.3065 49.014 59.456 49.0692 59.6946L49.5054 61.5568L55.0921 59.8228C55.3271 59.7498 55.5763 59.8815 55.6493 60.1165C55.7223 60.3515 55.5906 60.6008 55.3555 60.6738L49.3131 62.5502C49.2704 62.5645 49.2258 62.5698 49.1813 62.5698V62.568Z" fill="white"/>
-<path d="M19.6177 66.6593L18.0813 65.7674C17.2285 65.2724 17.1252 64.0814 17.8801 63.4458L36.2532 47.9836C37.1736 47.2091 38.4786 47.097 39.5183 47.7005L41.0547 48.5925C41.9075 49.0874 42.0108 50.2784 41.2559 50.914L22.8829 66.3762C21.9624 67.1507 20.6574 67.2628 19.6177 66.6593Z" fill="#E2DED5"/>
-<path d="M21.0472 67.1114C20.5433 67.1114 20.0377 66.9814 19.5837 66.7179L18.0473 65.826C17.6218 65.5785 17.353 65.1566 17.3102 64.6652C17.2675 64.1738 17.4598 63.7127 17.8354 63.3958L36.2085 47.9336C37.1468 47.1431 38.4909 47.0274 39.5502 47.6434L41.0866 48.5354C41.5121 48.7828 41.781 49.2048 41.8237 49.6961C41.8664 50.1875 41.6742 50.6486 41.2985 50.9655L22.9254 66.4277C22.3878 66.8799 21.7201 67.1114 21.0472 67.1114ZM38.0886 47.3835C37.4459 47.3835 36.8085 47.6042 36.2958 48.0351L17.9227 63.4973C17.5809 63.7857 17.4064 64.2077 17.4438 64.6527C17.4829 65.0996 17.7269 65.4842 18.115 65.7085L19.6514 66.6004C20.6626 67.1879 21.9445 67.0776 22.84 66.3245L41.213 50.8623C41.5549 50.5738 41.7293 50.1519 41.692 49.7068C41.6546 49.2617 41.4089 48.8754 41.0208 48.6511L39.4843 47.7591C39.0517 47.5081 38.5692 47.3835 38.0886 47.3835Z" fill="#192147"/>
-<path d="M21.0491 65.2655C20.8604 65.2655 20.6752 65.2157 20.5132 65.1213L19.8527 64.7368C19.6391 64.6121 19.6141 64.3148 19.8029 64.1564L37.4015 49.3458C37.5938 49.1837 37.8377 49.0947 38.0905 49.0947C38.2792 49.0947 38.4643 49.1446 38.6264 49.2389L39.2869 49.6235C39.5005 49.7481 39.5254 50.0454 39.3367 50.2039L21.7381 65.0145C21.5458 65.1765 21.3019 65.2655 21.0491 65.2655Z" fill="#8C8679"/>
-<path d="M21.0491 65.333C20.8497 65.333 20.6521 65.2796 20.4794 65.1799L19.8189 64.7953C19.6979 64.7259 19.6231 64.6048 19.6106 64.466C19.5982 64.3271 19.6533 64.1954 19.7602 64.1063L37.3588 49.2957C37.7166 48.9948 38.2561 48.9486 38.6602 49.1836L39.3207 49.5681C39.4418 49.6375 39.5166 49.7586 39.529 49.8975C39.5415 50.0363 39.4863 50.1681 39.3795 50.2571L21.7826 65.0677C21.5779 65.2404 21.318 65.3348 21.0509 65.3348L21.0491 65.333ZM38.0887 49.164C37.8519 49.164 37.6241 49.2477 37.4425 49.399L19.8438 64.2096C19.7709 64.2701 19.7335 64.3609 19.7424 64.4553C19.7513 64.5496 19.8029 64.6315 19.8848 64.6796L20.5453 65.0642C20.9031 65.2725 21.3785 65.2297 21.6936 64.9645L39.2922 50.1538C39.3652 50.0933 39.4026 50.0025 39.3937 49.9082C39.3848 49.8138 39.3332 49.7319 39.2513 49.6838L38.5908 49.2993C38.4377 49.2103 38.265 49.164 38.0887 49.164Z" fill="#192147"/>
-<path d="M21.1504 65.4039L20.1837 64.8502L38.0297 49.6372C38.2238 49.7316 39.2066 50.2212 39.2066 50.2212L21.1504 65.4039Z" fill="#192147"/>
-<path d="M34.6006 54.0244L32.3289 55.9828L34.6434 36.3314H36.9151L34.6006 54.0244Z" fill="#E2DED5"/>
-<path d="M32.3291 56.0503C32.3184 56.0503 32.3077 56.0485 32.297 56.0431C32.2721 56.0307 32.2596 56.004 32.2614 55.9755L34.5758 36.3241C34.5794 36.2903 34.6079 36.2654 34.6417 36.2654H36.9134C36.933 36.2654 36.9508 36.2743 36.9633 36.2885C36.9757 36.3028 36.9811 36.3224 36.9793 36.3419L34.6649 54.0349C34.6631 54.0509 34.6542 54.0652 34.6417 54.0777L32.37 56.036C32.3575 56.0467 32.3415 56.052 32.3273 56.052L32.3291 56.0503ZM34.7022 36.3989L32.4145 55.8224L34.5367 53.9922L36.8386 36.3989H34.7022Z" fill="#192147"/>
-<path d="M34.2449 40.4296C34.7416 40.6574 35.2917 40.629 35.7333 40.6076L33.9084 54.5387L32.42 55.8081L34.2449 40.4296Z" fill="white"/>
-<path d="M35.3406 39.6131C37.7004 39.6131 39.6134 37.7001 39.6134 35.3403C39.6134 32.9805 37.7004 31.0675 35.3406 31.0675C32.9808 31.0675 31.0678 32.9805 31.0678 35.3403C31.0678 37.7001 32.9808 39.6131 35.3406 39.6131Z" fill="#6A67FE"/>
-<path d="M35.3407 39.6809C32.9479 39.6809 31.0002 37.735 31.0002 35.3405C31.0002 32.9459 32.9461 31 35.3407 31C37.7353 31 39.6812 32.9459 39.6812 35.3405C39.6812 37.735 37.7353 39.6809 35.3407 39.6809ZM35.3407 31.1353C33.0209 31.1353 31.1355 33.0225 31.1355 35.3405C31.1355 37.6585 33.0227 39.5456 35.3407 39.5456C37.6587 39.5456 39.5459 37.6585 39.5459 35.3405C39.5459 33.0225 37.6587 31.1353 35.3407 31.1353Z" fill="#192147"/>
-<path d="M34.7913 37.3405C36.3645 37.3405 37.6398 36.0652 37.6398 34.492C37.6398 32.9188 36.3645 31.6434 34.7913 31.6434C33.2181 31.6434 31.9427 32.9188 31.9427 34.492C31.9427 36.0652 33.2181 37.3405 34.7913 37.3405Z" fill="#B4B2FE"/>
-<path d="M26.1548 70.4286L24.6184 69.5366C23.7656 69.0417 23.6624 67.8507 24.4172 67.2151L42.7903 51.7529C43.7107 50.9784 45.0157 50.8663 46.0554 51.4698L47.5919 52.3617C48.4446 52.8567 48.5479 54.0477 47.793 54.6833L29.42 70.1455C28.4995 70.92 27.1945 71.0321 26.1548 70.4286Z" fill="#E2DED5"/>
-<path d="M27.5843 70.879C27.0805 70.879 26.5749 70.749 26.1209 70.4855L24.5845 69.5936C24.159 69.3461 23.8901 68.9242 23.8474 68.4328C23.8047 67.9414 23.997 67.4803 24.3726 67.1634L42.7457 51.7012C43.6839 50.9107 45.0281 50.795 46.0874 51.411L47.6238 52.3029C48.0493 52.5504 48.3181 52.9723 48.3591 53.4637C48.4018 53.9533 48.2095 54.4162 47.8339 54.7331L29.4608 70.1953C28.9232 70.6475 28.2555 70.879 27.5826 70.879H27.5843ZM44.6257 51.1511C43.983 51.1511 43.3457 51.3718 42.8329 51.8027L24.4599 67.2649C24.1162 67.5533 23.9436 67.9752 23.9809 68.4203C24.0201 68.8672 24.264 69.2517 24.6521 69.4761L26.1886 70.368C27.1998 70.9555 28.4816 70.8451 29.3771 70.0921L47.7502 54.6298C48.092 54.3414 48.2665 53.9195 48.2291 53.4744C48.1917 53.0293 47.9461 52.643 47.5597 52.4187L46.0233 51.5267C45.5907 51.2757 45.1082 51.1511 44.6275 51.1511H44.6257Z" fill="#192147"/>
-<path d="M27.5864 69.0343C27.3977 69.0343 27.2125 68.9845 27.0505 68.8901L26.39 68.5056C26.1764 68.3809 26.1514 68.0836 26.3401 67.9252L43.9388 53.1146C44.131 52.9525 44.375 52.8635 44.6278 52.8635C44.8165 52.8635 45.0016 52.9134 45.1636 53.0077L45.8242 53.3923C46.0378 53.5169 46.0627 53.8142 45.874 53.9727L28.2754 68.7833C28.0831 68.9453 27.8392 69.0343 27.5864 69.0343Z" fill="#8C8679"/>
-<path d="M27.5862 69.1003C27.3868 69.1003 27.1892 69.0469 27.0165 68.9472L26.356 68.5627C26.235 68.4932 26.1584 68.3722 26.1477 68.2333C26.1353 68.0944 26.1905 67.9627 26.2973 67.8737L43.8959 53.0631C44.2537 52.7622 44.7914 52.7159 45.1973 52.9509L45.8578 53.3354C45.9789 53.4049 46.0554 53.5259 46.0661 53.6648C46.0786 53.8037 46.0234 53.9354 45.9166 54.0244L28.3197 68.8351C28.115 69.0077 27.8551 69.1021 27.588 69.1021L27.5862 69.1003ZM44.6258 52.9313C44.3891 52.9313 44.1612 53.015 43.9796 53.1663L26.3827 67.9769C26.3097 68.0375 26.2724 68.1283 26.2813 68.2226C26.2902 68.317 26.3418 68.4007 26.4237 68.4487L27.0842 68.8333C27.442 69.0398 27.9174 68.9988 28.2325 68.7336L45.8311 53.923C45.9041 53.8624 45.9415 53.7716 45.9326 53.6773C45.9237 53.5829 45.8721 53.4992 45.7902 53.4512L45.1297 53.0666C44.9766 52.9776 44.8039 52.9313 44.6276 52.9313H44.6258Z" fill="#192147"/>
-<path d="M27.6879 69.1729L26.7211 68.6192L44.5672 53.4062C44.7613 53.5006 45.744 53.9902 45.744 53.9902L27.6879 69.1729Z" fill="#192147"/>
-<path d="M35.4768 62.7212L33.9421 64.0138L21.3694 49.4524L22.904 47.7771L35.4768 62.7212Z" fill="#E2DED5"/>
-<path d="M33.9421 64.0794C33.9243 64.0794 33.9047 64.0723 33.8923 64.0563L21.3213 49.4949C21.3 49.47 21.3 49.4308 21.3213 49.4059L22.856 47.7306C22.8684 47.7164 22.8862 47.7092 22.9058 47.7092C22.9254 47.7092 22.9432 47.7181 22.9557 47.7324L35.5266 62.6783C35.5498 62.7068 35.5462 62.7477 35.5177 62.7727L33.9831 64.0634C33.9706 64.0741 33.9546 64.0794 33.9403 64.0794H33.9421ZM21.4602 49.4522L33.9492 63.9174L35.3824 62.7103L22.9023 47.8748L21.4602 49.4504V49.4522Z" fill="#192147"/>
-<path d="M24.1234 52.5145C24.6254 52.3027 24.9779 51.8772 25.2592 51.5371L34.9763 63.0523L33.9455 63.9104L24.1234 52.5127V52.5145Z" fill="white"/>
-<path d="M24.3913 51.0671C26.0599 49.3985 26.0599 46.6931 24.3913 45.0244C22.7226 43.3558 20.0172 43.3558 18.3486 45.0244C16.68 46.6931 16.68 49.3985 18.3486 51.0671C20.0172 52.7357 22.7226 52.7357 24.3913 51.0671Z" fill="#AE6DDF"/>
-<path d="M21.3675 52.3845C20.3206 52.3845 19.2702 52.0088 18.4388 51.2469C17.5842 50.4635 17.0858 49.3953 17.0341 48.2381C16.9825 47.0809 17.3866 45.9717 18.1682 45.1172C19.7847 43.3528 22.5336 43.2318 24.2997 44.8466C25.1542 45.6299 25.6527 46.6981 25.7044 47.8553C25.756 49.0125 25.3519 50.1217 24.5703 50.9762C23.7157 51.9091 22.5443 52.3827 21.3675 52.3827V52.3845ZM21.371 43.8424C20.2316 43.8424 19.0958 44.3018 18.2679 45.2062C17.5095 46.034 17.1178 47.1094 17.1677 48.231C17.2175 49.3526 17.7 50.3887 18.5296 51.1472C20.2405 52.7139 22.9057 52.5964 24.4724 50.8855C25.2308 50.0576 25.6225 48.9823 25.5726 47.8607C25.5228 46.739 25.0403 45.7029 24.2107 44.9445C23.4042 44.2074 22.3876 43.8424 21.3728 43.8424H21.371Z" fill="#192147"/>
-<path d="M21.7784 49.8677C23.1785 49.1503 23.7319 47.4337 23.0145 46.0336C22.2971 44.6335 20.5806 44.0801 19.1804 44.7975C17.7803 45.5149 17.2269 47.2314 17.9443 48.6316C18.6617 50.0317 20.3783 50.5851 21.7784 49.8677Z" fill="#C98DEF"/>
-<path d="M1.69507 110.362L19.1655 119.999L43.6077 106.271L25.5623 96.2086L1.69507 110.362Z" fill="#C5C7D1"/>
-<path d="M37.9089 67.0234C38.6798 66.4199 40.0061 66.3273 40.8536 66.8169L59.3246 77.4793C60.172 77.9689 60.2432 78.8733 59.4812 79.4875L56.7733 81.672C56.0114 82.2862 54.6921 82.3913 53.8429 81.9052L35.1992 71.2321C34.35 70.7461 34.2859 69.8541 35.0568 69.2506L37.9071 67.0234H37.9089Z" fill="#8C8679"/>
-<path d="M55.0981 82.2776C54.637 82.2776 54.1813 82.1743 53.8109 81.9625L35.1673 71.2894C34.7364 71.0419 34.4836 70.6876 34.4551 70.2888C34.4266 69.89 34.626 69.5037 35.0177 69.1975L37.868 66.9703C38.6603 66.3507 40.0151 66.2563 40.8875 66.7584L59.3585 77.4208C59.7875 77.6683 60.0421 78.0279 60.0742 78.4303C60.1062 78.8326 59.9104 79.2261 59.524 79.5377L56.8162 81.7221C56.3639 82.0871 55.7266 82.2758 55.0981 82.2758V82.2776ZM37.909 67.0219L37.9499 67.0753L35.0996 69.3025C34.7453 69.5802 34.5637 69.9274 34.5887 70.2799C34.6136 70.6324 34.8432 70.9493 35.2349 71.1736L53.8786 81.8468C54.7082 82.3221 55.9901 82.2206 56.7343 81.6189L59.4421 79.4344C59.7929 79.1513 59.9709 78.7988 59.9424 78.441C59.9139 78.0831 59.6843 77.7627 59.2944 77.5366L40.8234 66.8741C39.9955 66.3952 38.7066 66.486 37.9535 67.0753L37.9125 67.0219H37.909Z" fill="#192147"/>
-<path d="M38.3842 71.0028C37.5349 70.5167 37.4299 69.6568 38.1509 69.0942C38.872 68.5316 40.1556 68.4693 41.003 68.9589L56.1875 77.7235C57.035 78.2131 57.1649 79.0695 56.4742 79.6267C55.7834 80.1839 54.5229 80.2427 53.6737 79.7549L38.3859 71.0028H38.3842Z" fill="#192147"/>
-<path d="M45.5038 100.275L49.6039 86.6073L46.248 84.656L41.3645 97.7059L45.5038 100.275Z" fill="#847C89"/>
-<path opacity="0.25" d="M49.6038 86.5129C49.6038 86.5129 51.6334 80.2764 56.1002 79.4432L52.4149 77.6931C52.4149 77.6931 47.252 76.1798 46.6288 84.8732L49.6038 86.5129Z" fill="#8C8679"/>
-<path d="M38.8363 69.4751L56.102 79.4432C56.102 79.4432 54.9572 78.7827 53.2268 78.9571C50.4548 79.2367 47.8555 83.2673 46.2995 86.2405C45.4431 87.8784 44.7808 89.6089 44.3126 91.3964C43.3103 95.2134 40.9798 103.423 38.8363 105.986C37.1022 108.06 25.1615 114.619 21.6133 116.335C20.6377 116.807 19.4929 116.768 18.5529 116.228C14.467 113.886 5.26983 108.521 2.72217 107.143C6.27394 105.465 19.646 98.3094 21.5261 96.0573C23.6785 93.4794 26.0197 85.2043 27.0149 81.4069C27.4777 79.6372 28.1329 77.9246 28.975 76.3009C30.5346 73.2921 33.1588 69.1973 35.9557 68.9908C37.7663 68.8573 38.8345 69.4751 38.8345 69.4751H38.8363Z" fill="white"/>
-<path d="M33.563 70.0521C32.3435 71.0117 31.2183 72.4947 30.2765 74.0062L47.6437 83.8925C48.5979 82.381 49.7373 80.9033 50.9676 79.9597L33.5612 70.0521H33.563Z" fill="#F1EEEA"/>
-<path d="M22.3523 94.822L39.6305 104.806C41.2167 102.025 42.803 96.8819 43.7947 93.3088L26.5094 83.2872C25.5249 86.8426 23.9404 92.0038 22.3523 94.8203V94.822Z" fill="#F1EEEA"/>
-<path d="M53.7877 78.1082L38.1475 69.2048C37.6526 69.0588 36.9084 68.9217 35.9559 68.9911C35.1245 69.0516 34.3073 69.4593 33.5293 70.0771L50.9339 79.9847C51.6709 79.415 52.44 79.0358 53.2234 78.9557C54.9556 78.7812 56.0986 79.4417 56.0986 79.4417L53.786 78.1064L53.7877 78.1082Z" fill="#E2DED5"/>
-<path d="M19.6818 114.229L19.6195 114.112C19.7762 114.028 35.3737 105.701 36.611 104.218C37.8982 102.678 39.8263 97.4138 41.6458 90.4811C42.1621 88.5139 42.8903 86.6249 43.8125 84.8642C45.219 82.1741 47.8378 77.1696 52.3599 77.1696V77.3031C47.9197 77.3031 45.324 82.2631 43.93 84.9265C43.0131 86.6783 42.2885 88.5584 41.774 90.515C39.9492 97.4654 38.0104 102.749 36.7125 104.304C35.4574 105.806 20.3245 113.885 19.68 114.229H19.6818Z" fill="#646F71"/>
-<path d="M17.2001 112.844L17.1378 112.727C19.0249 111.738 32.6071 104.414 33.9121 102.853C35.2954 101.197 37.2431 95.9326 39.1214 88.7721C39.5789 87.0292 40.2625 85.2542 41.2132 83.3439C43.6416 78.4604 46.6824 75.8843 50.0117 75.8843C50.0491 75.8843 50.0847 75.8843 50.1203 75.8843V76.0178C50.0829 76.0178 50.0491 76.0178 50.0135 76.0178C47.7044 76.0178 44.3573 77.321 41.3307 83.4044C40.3854 85.3058 39.7035 87.0737 39.2495 88.806C37.3659 95.9843 35.4093 101.267 34.0136 102.938C32.5697 104.669 17.3514 112.766 17.2001 112.846V112.844Z" fill="#646F71"/>
-<path d="M14.7201 111.457L14.6578 111.34C17.0897 110.067 29.7497 103.236 31.2131 101.484C32.6961 99.7087 34.6563 94.4514 36.5951 87.0612C37.0081 85.4892 37.6295 83.8744 38.6122 81.8217C39.9475 79.0354 42.926 74.3941 47.8806 74.5988L47.8753 74.7324C47.7703 74.727 47.6652 74.7252 47.562 74.7252C42.8708 74.7252 40.0258 79.1814 38.7333 81.8786C37.7541 83.9225 37.1345 85.5301 36.725 87.0932C34.7827 94.503 32.8101 99.7781 31.3164 101.567C29.8387 103.337 17.1574 110.181 14.7201 111.455V111.457Z" fill="#646F71"/>
-<path d="M12.2399 110.072L12.1776 109.954C15.2255 108.359 26.9276 102.018 28.5139 100.118C30.6503 97.5579 32.9113 89.7671 34.0686 85.3519C34.5475 83.5252 35.3219 81.7876 36.0109 80.3011C39.4844 72.8076 44.1168 73.1904 45.6408 73.315L45.6301 73.4485C44.131 73.3239 39.5662 72.9483 36.132 80.3562C35.4465 81.8357 34.6739 83.568 34.1985 85.3839C33.0378 89.8116 30.7696 97.6219 28.6172 100.202C27.0434 102.085 15.9893 108.11 12.2399 110.07V110.072Z" fill="#646F71"/>
-<path d="M9.75811 108.685L9.6958 108.568C14.5615 106.022 24.1913 100.695 25.8132 98.7508C28.0582 96.0625 30.3655 88.1311 31.5423 83.6411C31.9874 81.9444 32.7102 80.3368 33.4099 78.7807C36.9438 70.9206 41.4819 71.7021 43.191 71.9959C43.2676 72.0083 43.3388 72.0208 43.4047 72.0315L43.3833 72.1632C43.3175 72.1526 43.2462 72.1401 43.1679 72.1276C41.4873 71.8392 37.024 71.0701 33.5327 78.8342C32.8348 80.3866 32.1138 81.9889 31.6723 83.6749C30.4937 88.1738 28.1775 96.1266 25.9164 98.8362C24.2803 100.796 14.6309 106.137 9.75811 108.687V108.685Z" fill="#646F71"/>
-<path d="M7.27807 107.3L7.21576 107.183C10.431 105.5 21.081 99.821 23.1159 97.3837C25.3503 94.7061 27.5597 87.5028 29.0178 81.9322C29.3987 80.4741 30.0094 79.0836 30.6005 77.7413L30.8106 77.2606C33.3938 71.3409 36.9314 69.0728 41.0421 70.7018C41.0956 70.7232 41.1401 70.741 41.1757 70.7534L41.1294 70.8781C41.092 70.8638 41.0475 70.846 40.9941 70.8246C38.1829 69.7119 34.1558 69.9327 30.9334 77.314L30.7215 77.7947C30.134 79.1335 29.5252 80.5186 29.1459 81.966C27.6843 87.5509 25.4678 94.7737 23.2174 97.4692C21.1665 99.926 10.4987 105.614 7.27807 107.3Z" fill="#646F71"/>
-<path d="M20.6661 113.707C20.6145 113.707 20.5682 113.672 20.5575 113.618L19.0122 106.228L26.9935 107.118L27.9744 103.732L34.7183 105.128L30.1785 96.9866H36.6108L30.1589 88.6564L36.6482 87.8784L34.364 84.3177L33.5255 78.2895L40.6718 78.3785V74.3265L41.9002 71.8553L44.3856 72.7402C44.4443 72.7615 44.4728 72.8238 44.4532 72.8826C44.4336 72.9413 44.3695 72.9698 44.3108 72.9502L42.0124 72.1313L40.8943 74.3781V78.6046L33.7819 78.5156L34.5795 84.2376L37.0274 88.0546L30.5755 88.8273L37.0648 97.2055H30.5577L35.1492 105.441L28.1311 103.989L27.1537 107.357L19.2899 106.479L20.7712 113.569C20.7836 113.629 20.7445 113.688 20.6857 113.7C20.6786 113.7 20.6697 113.702 20.6626 113.702L20.6661 113.707Z" fill="#6A67FE"/>
-<path d="M20.1838 116.731C19.6088 116.731 19.0337 116.583 18.5192 116.287C17.2071 115.534 15.352 114.462 13.3883 113.327C9.18313 110.895 4.41717 108.137 2.69024 107.202L2.57452 107.14L2.6938 107.083C5.95716 105.539 19.5928 98.2703 21.4764 96.0146C23.6412 93.4207 26.0269 84.9232 26.9509 81.391C27.4173 79.6089 28.0778 77.8873 28.9164 76.2725C30.597 73.0341 33.1803 69.1298 35.9523 68.9268C37.7611 68.7933 38.8257 69.3933 38.8702 69.42L56.1359 79.3881L56.0683 79.5038C56.0576 79.4967 54.9217 78.8558 53.2322 79.0267C51.7474 79.1762 49.3511 80.556 46.3583 86.2762C45.5162 87.8856 44.8504 89.6143 44.3768 91.4178C43.451 94.9447 41.0636 103.43 38.888 106.034C37.1665 108.096 25.3468 114.608 21.6437 116.399C21.1826 116.622 20.6841 116.734 20.1856 116.734L20.1838 116.731ZM2.87006 107.147C4.68778 108.139 9.3398 110.831 13.4559 113.211C15.4197 114.347 17.273 115.419 18.5869 116.172C19.5073 116.7 20.6289 116.74 21.585 116.277C25.2827 114.487 37.0739 107.995 38.7848 105.945C40.9426 103.362 43.3229 94.9002 44.2469 91.3804C44.7222 89.5681 45.3934 87.8287 46.2391 86.2121C47.9054 83.0253 50.4691 79.1691 53.218 78.8932C54.0832 78.8059 54.8007 78.9216 55.3063 79.0641L38.8026 69.5357C38.7883 69.5286 37.7255 68.9322 35.9612 69.0604C34.4657 69.1707 32.0498 70.522 29.0339 76.3348C28.2007 77.9407 27.5437 79.6534 27.0791 81.4266C26.1515 84.9677 23.7587 93.4884 21.5778 96.1019C19.6693 98.3878 6.43607 105.445 2.86828 107.149L2.87006 107.147Z" fill="#192147"/>
-<path d="M22.1067 116.095C19.3579 117.494 17.5063 114.927 17.5063 114.927L0.240601 104.959C0.240601 104.959 1.22335 106.31 2.72239 107.144C4.22143 107.977 16.3277 115.132 16.3277 115.132C19.057 116.77 20.4991 117.153 22.1067 116.095Z" fill="#8C8679"/>
-<path d="M20.2729 116.754C19.1602 116.754 17.9389 116.175 16.2939 115.189C16.1728 115.118 4.17157 108.025 2.69033 107.201C1.19485 106.369 0.196077 105.011 0.185395 104.997L0.000244141 104.742L17.5597 114.886C17.5775 114.911 19.4112 117.391 22.0764 116.035L22.1441 116.15C21.5156 116.563 20.9121 116.754 20.2729 116.754ZM0.514758 105.192C0.883288 105.629 1.69334 106.492 2.7562 107.083C4.23922 107.909 16.2422 115.002 16.3633 115.073C18.5496 116.385 19.8439 116.829 20.9993 116.535C18.9519 116.859 17.5864 115.139 17.4636 114.977L0.516541 105.192H0.514758Z" fill="#192147"/>
-<path d="M118.471 71.8633C118.367 70.7346 117.945 69.9869 117.506 69.7305L113.6 67.6617C116.543 70.8379 112.038 79.0221 109.281 81.5288L113.044 83.7168C116.096 80.6119 118.471 75.5433 118.471 71.8633Z" fill="#8C8679"/>
-<path d="M115.387 68.8774C123.21 65.8295 117.869 81.573 112.98 84.856L113.042 83.7166C116.389 80.2182 118.1 76.0237 118.451 72.2494C118.495 71.7758 118.462 71.2969 118.321 70.8429C117.441 68.014 114.329 70.7272 112.944 72.3544L112.941 71.0851C113.835 70.04 114.653 69.3012 115.385 68.8792L115.387 68.8774Z" fill="#F1EEEA"/>
-<path d="M112.907 84.986L112.978 83.6882L112.996 83.6704C116.088 80.4373 118.002 76.3799 118.387 72.2424C118.433 71.7475 118.39 71.2828 118.259 70.8626C118.05 70.1932 117.701 69.8033 117.219 69.7036C115.921 69.4401 113.954 71.2703 112.998 72.3955L112.88 72.5326L112.877 71.0567L112.893 71.0371C113.79 69.9885 114.618 69.2425 115.355 68.8153L115.364 68.8117C116.61 68.3257 118.257 68.0533 119.017 69.5078C119.792 70.9908 119.421 74.0512 118.049 77.4944C116.694 80.8931 114.767 83.7345 113.019 84.9077L112.909 84.9825L112.907 84.986ZM113.11 83.7451L113.057 84.7243C114.753 83.5208 116.608 80.7524 117.926 77.4481C119.284 74.0405 119.656 71.0229 118.9 69.5719C118.326 68.4752 117.155 68.2616 115.419 68.9363C114.7 69.3529 113.89 70.0828 113.012 71.1065L113.016 72.173C113.582 71.5338 115.72 69.2603 117.249 69.5701C117.783 69.6787 118.166 70.0989 118.39 70.8199C118.526 71.2579 118.572 71.7403 118.524 72.2531C118.138 76.4119 116.217 80.4907 113.114 83.7434L113.11 83.7451Z" fill="#192147"/>
-<path d="M115.595 68.8295C116.295 68.5411 117.47 68.3168 118.154 68.712C114.025 66.3637 112.937 64.5692 109.179 68.8972L112.943 71.0852C113.778 70.1363 114.427 69.3494 115.595 68.8313V68.8295Z" fill="white"/>
-<path d="M112.957 71.1688L109.076 68.9131L109.129 68.8526C112.38 65.1103 113.692 65.9168 116.567 67.6847C117.043 67.9766 117.582 68.3096 118.175 68.646C118.179 68.6478 118.182 68.6514 118.188 68.6532L118.122 68.7689C118.122 68.7689 118.115 68.7635 118.109 68.7618C117.475 68.4057 116.379 68.5784 115.622 68.8899C114.531 69.376 113.909 70.0828 113.126 70.9765L112.957 71.1688ZM109.282 68.8793L112.928 70.9979L113.025 70.8893C113.788 70.0187 114.449 69.2656 115.569 68.7689C116.154 68.5268 116.945 68.3665 117.586 68.4591C117.194 68.2277 116.829 68.0033 116.496 67.7986C113.619 66.029 112.417 65.2919 109.281 68.8793H109.282Z" fill="#192147"/>
-<path d="M114.039 88.5077C114.039 88.5344 114.039 88.5593 114.039 88.586C114.036 88.8103 114.013 89.0347 113.972 89.2572C113.931 89.478 113.87 89.6987 113.792 89.9159C113.712 90.1403 113.612 90.3628 113.491 90.5818C113.363 90.8168 113.212 91.05 113.039 91.2761C112.836 91.5414 112.603 91.8013 112.339 92.0541C111.953 92.4226 111.501 92.7752 110.984 93.1045C110.806 93.2185 110.619 93.3306 110.425 93.4374C109.642 93.8736 108.78 94.2368 107.871 94.5235C107.198 94.7353 106.498 94.9062 105.78 95.0362C105.296 95.1234 104.805 95.1929 104.308 95.2445C103.881 95.289 103.45 95.3175 103.017 95.3353C102.62 95.3495 102.223 95.3531 101.826 95.346C101.442 95.3371 101.059 95.3193 100.678 95.289C100.297 95.2587 99.9178 95.2178 99.5422 95.1679C99.1523 95.1145 98.766 95.0486 98.385 94.9721C97.9666 94.8884 97.5535 94.7887 97.1512 94.6766C96.6634 94.5395 96.1898 94.3828 95.7341 94.2065C95.0504 93.9413 94.4059 93.6297 93.8131 93.2737C91.6321 91.9615 90.5461 90.2702 90.5408 88.5789L90.5444 89.8376C90.5497 91.5289 91.6357 93.2185 93.8166 94.5324C94.4095 94.8902 95.054 95.2 95.7376 95.4652C96.1934 95.6433 96.6687 95.8 97.1548 95.9353C97.5571 96.0474 97.9701 96.1471 98.3885 96.2308C98.7695 96.3073 99.1559 96.3732 99.5457 96.4266C99.9214 96.4783 100.301 96.5192 100.682 96.5477C101.063 96.578 101.445 96.5958 101.83 96.6047C102.227 96.6136 102.624 96.61 103.021 96.594C103.454 96.578 103.884 96.5477 104.312 96.5032C104.808 96.4516 105.3 96.3839 105.784 96.2949C106.502 96.1649 107.201 95.994 107.874 95.7821C108.786 95.4955 109.646 95.1341 110.429 94.6961C110.623 94.5875 110.81 94.4772 110.988 94.3632C111.504 94.0339 111.956 93.6813 112.343 93.3128C112.606 93.06 112.84 92.8019 113.042 92.5348C113.215 92.3069 113.366 92.0755 113.495 91.8405C113.614 91.6215 113.714 91.399 113.796 91.1746C113.874 90.9556 113.934 90.7367 113.975 90.5159C114.016 90.2934 114.039 90.069 114.043 89.8447C114.043 89.818 114.043 89.7931 114.043 89.7664L114.039 88.5077Z" fill="#F1EEEA"/>
-<path d="M102.254 96.674C102.111 96.674 101.969 96.674 101.826 96.6687C101.44 96.6598 101.052 96.642 100.675 96.6117C100.294 96.5815 99.909 96.5405 99.5334 96.4889C99.1399 96.4355 98.7482 96.3696 98.3708 96.293C97.9489 96.2076 97.5323 96.1079 97.1317 95.9957C96.6403 95.8586 96.1614 95.6984 95.7074 95.5222C95.0131 95.2516 94.3633 94.9364 93.7758 94.5839C91.65 93.3056 90.4768 91.6179 90.4715 89.8322L90.4679 88.5753H90.6014C90.6068 90.3111 91.7569 91.9579 93.8399 93.2113C94.4202 93.5602 95.0629 93.8718 95.7502 94.1388C96.1988 94.3133 96.6741 94.47 97.162 94.6071C97.5608 94.7192 97.9738 94.8172 98.3904 94.9026C98.7678 94.9792 99.1559 95.045 99.544 95.0967C99.9179 95.1483 100.299 95.1892 100.676 95.2177C101.056 95.248 101.44 95.2658 101.821 95.2747C102.215 95.2836 102.613 95.28 103.009 95.2658C103.438 95.2498 103.87 95.2195 104.296 95.1768C104.791 95.1269 105.284 95.0557 105.763 94.9703C106.482 94.8403 107.183 94.6676 107.846 94.4593C108.768 94.1691 109.624 93.8059 110.388 93.3786C110.58 93.2718 110.767 93.1597 110.944 93.0475C111.449 92.7253 111.901 92.3745 112.289 92.0042C112.548 91.7568 112.781 91.4986 112.982 91.2351C113.151 91.0126 113.302 90.7811 113.429 90.5479C113.546 90.3343 113.646 90.1135 113.724 89.8927C113.801 89.6791 113.862 89.4601 113.901 89.2429C113.942 89.0239 113.965 88.8014 113.968 88.5824V88.5059H114.102L114.105 89.7628C114.105 89.7895 114.105 89.8144 114.105 89.8411C114.102 90.0672 114.079 90.2969 114.036 90.523C113.995 90.7473 113.933 90.9716 113.853 91.1924C113.771 91.4185 113.669 91.6464 113.548 91.8671C113.418 92.1039 113.265 92.3407 113.091 92.5704C112.884 92.8392 112.647 93.1045 112.384 93.3555C111.99 93.7311 111.531 94.0872 111.018 94.4148C110.839 94.5287 110.65 94.6427 110.456 94.7495C109.685 95.1803 108.82 95.5471 107.888 95.8408C107.221 96.0509 106.516 96.2236 105.789 96.3554C105.309 96.4426 104.81 96.512 104.312 96.5637C103.886 96.6082 103.45 96.6384 103.016 96.6545C102.761 96.6634 102.503 96.6687 102.247 96.6687L102.254 96.674ZM90.6085 89.615V89.8358C90.6139 91.5716 91.764 93.2184 93.8488 94.4736C94.4291 94.8225 95.0718 95.1341 95.7591 95.4011C96.2077 95.5756 96.683 95.734 97.1709 95.8693C97.5679 95.9797 97.9809 96.0794 98.3993 96.1649C98.7749 96.2396 99.1631 96.3055 99.5529 96.3589C99.9268 96.4106 100.308 96.4515 100.685 96.48C101.061 96.5103 101.447 96.5281 101.83 96.537C102.223 96.5459 102.624 96.5423 103.017 96.5263C103.448 96.5103 103.881 96.48 104.305 96.4373C104.8 96.3856 105.293 96.3162 105.772 96.2307C106.491 96.1008 107.192 95.9281 107.855 95.7198C108.779 95.4296 109.633 95.0664 110.397 94.6391C110.589 94.5323 110.776 94.4201 110.952 94.308C111.458 93.9857 111.91 93.635 112.297 93.2647C112.555 93.019 112.788 92.7591 112.989 92.4956C113.16 92.2713 113.31 92.0398 113.436 91.8084C113.554 91.593 113.653 91.3722 113.732 91.1532C113.808 90.9396 113.869 90.7206 113.908 90.5034C113.949 90.2844 113.972 90.0619 113.975 89.8429C113.975 89.818 113.975 89.7913 113.975 89.7663V89.5438C113.94 89.6773 113.901 89.8091 113.853 89.939C113.771 90.1669 113.667 90.393 113.548 90.6138C113.418 90.8523 113.263 91.0891 113.089 91.317C112.884 91.5858 112.647 91.8511 112.382 92.1021C111.989 92.4778 111.529 92.8339 111.017 93.1614C110.837 93.2754 110.648 93.3893 110.454 93.4961C109.681 93.927 108.818 94.2937 107.887 94.5875C107.219 94.7976 106.514 94.9703 105.788 95.102C105.305 95.1893 104.809 95.2605 104.31 95.3103C103.881 95.3548 103.447 95.3851 103.014 95.4011C102.617 95.4154 102.215 95.4189 101.819 95.41C101.437 95.4029 101.048 95.3833 100.667 95.353C100.286 95.3228 99.9019 95.2818 99.5262 95.2302C99.1364 95.1768 98.7447 95.1109 98.3637 95.0344C97.9435 94.9489 97.5269 94.8492 97.1246 94.737C96.6332 94.6 96.1543 94.4397 95.7003 94.2653C95.006 93.9946 94.3561 93.6795 93.7686 93.327C92.0613 92.2998 90.9664 91.0072 90.6014 89.6132L90.6085 89.615Z" fill="#192147"/>
-<path d="M113.489 86.3323C113.475 81.5165 113.462 76.8859 113.448 72.0808C113.445 70.6191 113.439 68.9705 113.436 67.4608C113.567 65.2371 110.959 62.9423 108.477 62.0895C108.036 61.9204 107.587 61.7708 107.131 61.6426C106.742 61.534 106.348 61.4397 105.951 61.3596C105.584 61.2866 105.214 61.2243 104.844 61.1726C104.484 61.1228 104.121 61.0872 103.76 61.0569C103.395 61.0284 103.03 61.0124 102.665 61.0035C102.284 60.9964 101.904 60.9999 101.523 61.0124C101.112 61.0284 100.701 61.0587 100.29 61.0979C99.8161 61.1459 99.3461 61.2154 98.8779 61.2973C98.2031 61.4201 97.5373 61.5821 96.8839 61.7869C96.8839 61.7869 96.8839 61.7869 96.8839 61.7886C95.8121 62.1305 94.8383 62.5542 93.9285 63.1346C93.9285 63.1346 93.9285 63.1346 93.9285 63.1328C93.4674 63.4319 93.0223 63.763 92.6271 64.1405C92.3868 64.3719 92.1642 64.6158 91.963 64.8793C91.8028 65.0894 91.655 65.3119 91.5269 65.5451C91.4165 65.7499 91.3203 65.9617 91.2384 66.1807C91.1654 66.3872 91.1067 66.5991 91.0675 66.8163C91.0675 66.8145 91.0675 66.8127 91.0675 66.811C90.9696 67.3166 91.0088 67.8347 91.0034 68.3492C91.007 69.5829 91.0106 70.9627 91.0141 72.1466C91.0284 77.1814 91.0426 82.1414 91.0568 87.1673C91.3168 82.7841 96.9141 81.0483 100.617 80.7136C105.093 80.2383 113.135 81.8334 113.489 87.1014C113.489 86.8647 113.489 86.6012 113.487 86.3306L113.489 86.3323Z" fill="#E2DED5"/>
-<path d="M113.5 90.1401C113.486 85.3243 113.473 80.6936 113.459 75.8885C113.456 74.4268 113.45 72.7782 113.447 71.2685C113.578 69.0449 110.97 66.75 108.488 65.8972C108.047 65.7281 107.598 65.5786 107.142 65.4504C106.753 65.3418 106.359 65.2474 105.962 65.1673C105.595 65.0943 105.225 65.032 104.855 64.9804C104.495 64.9305 104.132 64.8949 103.771 64.8647C103.406 64.8362 103.041 64.8201 102.676 64.8112C102.295 64.8041 101.915 64.8077 101.534 64.8201C101.123 64.8362 100.712 64.8664 100.301 64.9056C99.8271 64.9537 99.3571 65.0231 98.8888 65.105C98.2141 65.2278 97.5482 65.3899 96.8949 65.5946C96.8949 65.5946 96.8949 65.5946 96.8949 65.5964C95.8231 65.9382 94.8493 66.3619 93.9395 66.9423C93.9395 66.9423 93.9395 66.9423 93.9395 66.9405C93.4784 67.2396 93.0333 67.5708 92.6381 67.9482C92.3977 68.1796 92.1752 68.4235 91.974 68.687C91.8138 68.8971 91.666 69.1197 91.5378 69.3529C91.4275 69.5576 91.3313 69.7695 91.2494 69.9885C91.1764 70.195 91.1177 70.4068 91.0785 70.624C91.0785 70.6223 91.0785 70.6205 91.0785 70.6187C90.9806 71.1243 91.0198 71.6424 91.0144 72.1569C91.018 73.3907 91.0215 74.7704 91.0251 75.9544C91.0393 80.9892 91.0536 85.9492 91.0678 90.9751C91.3278 86.5919 96.9251 84.856 100.628 84.5213C105.104 84.046 113.146 85.6412 113.5 90.9092C113.5 90.6724 113.5 90.4089 113.498 90.1383L113.5 90.1401Z" fill="#BD707E"/>
-<path d="M104.208 72.3706C107.822 72.3706 110.751 71.0084 110.751 69.328C110.751 67.6476 107.822 66.2854 104.208 66.2854C100.595 66.2854 97.6655 67.6476 97.6655 69.328C97.6655 71.0084 100.595 72.3706 104.208 72.3706Z" fill="#C67F8F"/>
-<path d="M114.344 89.8907C114.41 89.6913 114.465 89.4883 114.502 89.2818C114.502 89.2836 114.502 89.2853 114.502 89.2889C114.689 82.0465 114.468 74.9038 114.515 67.7041C113.596 77.2912 90.7631 77.163 89.9442 67.7753C89.9584 72.6944 89.9709 77.4603 89.9851 82.4293C90.108 88.0017 88.7033 91.8864 95.433 94.4608C95.9154 94.6477 96.4086 94.8097 96.9071 94.9504C97.3344 95.0679 97.7652 95.1729 98.1996 95.2601C98.602 95.3403 99.0061 95.4079 99.4138 95.4649C99.809 95.5201 100.204 95.5592 100.601 95.5931C101 95.6251 101.401 95.6411 101.801 95.6518C102.218 95.6589 102.634 95.6554 103.051 95.6411C103.501 95.6233 103.952 95.5913 104.402 95.5468C104.92 95.4934 105.435 95.4168 105.948 95.3278C106.686 95.1943 107.416 95.0162 108.132 94.7919C108.132 94.7919 108.132 94.7919 108.132 94.7901C109.307 94.4163 110.374 93.9516 111.369 93.316C111.369 93.316 111.369 93.3178 111.369 93.3196C111.873 92.992 112.362 92.6306 112.795 92.2158C113.058 91.963 113.302 91.6959 113.521 91.4057C113.521 91.4057 113.521 91.4057 113.521 91.4075C113.696 91.1743 113.858 90.9304 113.998 90.6758C114.119 90.4515 114.224 90.22 114.313 89.9797C114.322 89.9512 114.333 89.9227 114.344 89.8924V89.8907Z" fill="white"/>
-<path d="M102.234 95.723C102.09 95.723 101.946 95.723 101.8 95.7194C101.367 95.7087 101.006 95.6909 100.667 95.6642L100.594 95.6589C100.165 95.6232 99.8092 95.5859 99.4781 95.5414L99.4015 95.5325C99.0152 95.479 98.6324 95.415 98.2639 95.342L98.1837 95.3259C97.7476 95.2369 97.3114 95.1319 96.8859 95.0144C96.3785 94.8719 95.88 94.7064 95.4064 94.523C89.7254 92.3492 89.7966 89.2692 89.8963 85.0071C89.9159 84.1846 89.9354 83.3318 89.9159 82.431L89.8749 67.7752L90.0084 67.7699C90.425 72.5572 96.5779 74.7648 102.12 74.788C102.15 74.788 102.181 74.788 102.211 74.788C107.794 74.788 113.979 72.5768 114.445 67.6969L114.579 67.704C114.559 70.5615 114.584 73.4581 114.607 76.2603C114.643 80.5189 114.679 84.9217 114.566 89.2888H114.543L114.565 89.2924C114.529 89.49 114.476 89.6912 114.404 89.9102L114.392 89.9475C114.387 89.9636 114.381 89.9796 114.376 89.9956L114.246 90.4122V90.3178C114.189 90.4478 114.125 90.5778 114.057 90.7042L113.931 90.9374V90.9196C113.826 91.0923 113.708 91.265 113.575 91.443L113.455 91.6033V91.5944C113.274 91.8187 113.073 92.0377 112.841 92.2584L112.729 92.367V92.3635C112.359 92.7035 111.924 93.0346 111.406 93.3693L111.303 93.4352V93.4299C110.392 93.9996 109.361 94.4625 108.157 94.8453L108.152 94.8488C107.461 95.066 106.742 95.2423 106.015 95.3758L105.96 95.3865C105.394 95.4862 104.887 95.5574 104.41 95.6054C103.945 95.65 103.523 95.6802 103.119 95.6962L103.055 95.6998C102.789 95.7087 102.515 95.714 102.236 95.714L102.234 95.723ZM100.555 95.5218L100.607 95.5253C100.961 95.5538 101.34 95.5734 101.803 95.5859C102.209 95.593 102.608 95.5894 102.991 95.577L103.048 95.5734C103.466 95.5592 103.908 95.5289 104.394 95.4808C104.855 95.4345 105.346 95.3651 105.893 95.2707L105.935 95.2618C106.66 95.1301 107.376 94.9556 108.066 94.742V94.7295L108.111 94.726C109.352 94.3307 110.404 93.8518 111.332 93.259L111.413 93.2073C111.94 92.862 112.377 92.5201 112.747 92.1658L112.781 92.1338C113.044 91.8774 113.269 91.6246 113.468 91.3647L113.53 91.2846C113.689 91.0656 113.824 90.8555 113.94 90.6437L113.961 90.6063C114.075 90.3909 114.171 90.1736 114.251 89.9564C114.257 89.9386 114.262 89.9226 114.267 89.9066L114.28 89.871C114.349 89.6609 114.401 89.4651 114.435 89.2746C114.547 84.9127 114.509 80.5153 114.476 76.2639C114.454 73.734 114.433 71.1258 114.444 68.539C113.391 72.9257 107.532 74.9233 102.213 74.9233C102.182 74.9233 102.152 74.9233 102.122 74.9233C96.8556 74.9001 91.0393 72.9133 90.0138 68.6245L90.053 82.431C90.0725 83.3354 90.053 84.1882 90.0334 85.0124C89.9355 89.2212 89.8625 92.2602 95.4563 94.4002C95.9281 94.5818 96.4212 94.7456 96.9251 94.888C97.3328 95.0001 97.7511 95.1016 98.1677 95.1889L98.2122 95.1978C98.5808 95.2707 98.9635 95.3366 99.3516 95.3918L99.4211 95.4007C99.7558 95.447 100.117 95.488 100.553 95.5236L100.555 95.5218Z" fill="#192147"/>
-<path d="M111.219 72.7125C112.897 71.6568 113.988 70.2877 114.42 68.7103C114.412 71.2402 114.433 73.7879 114.454 76.2625C114.49 80.514 114.526 84.9114 114.413 89.2714C114.38 89.4602 114.328 89.6524 114.258 89.8625L114.23 89.9462C114.146 90.1758 114.041 90.4055 113.92 90.6316C113.801 90.8488 113.664 91.0625 113.498 91.2868L113.45 91.3491C113.244 91.6197 113.009 91.8814 112.733 92.1485C112.371 92.4956 111.944 92.8303 111.431 93.1704L111.321 93.2398C111.287 93.2612 111.253 93.2825 111.219 93.3021V72.7125Z" fill="#F1EEEA"/>
-<path d="M111.095 62.7978C115.791 65.6249 115.631 70.1292 110.735 72.8602C105.839 75.5913 98.0626 75.5111 93.3661 72.684C88.6696 69.8568 88.8298 65.3525 93.7257 62.6215C98.6217 59.8923 106.398 59.9706 111.095 62.7978ZM110.324 63.2286C106.035 60.6471 98.935 60.5759 94.4646 63.0684C89.9942 65.5608 89.8482 69.6734 94.1352 72.2549C98.424 74.8364 105.524 74.9076 109.994 72.4151C114.465 69.9227 114.611 65.8101 110.324 63.2286Z" fill="white"/>
-<path d="M102.191 74.9182C98.9599 74.9182 95.7375 74.19 93.3305 72.7408C91.0731 71.3824 89.8464 69.5896 89.8785 67.6954C89.9105 65.7388 91.2653 63.9175 93.6919 62.5644C98.5985 59.828 106.421 59.9082 111.129 62.7407C113.386 64.0991 114.613 65.8919 114.581 67.7862C114.549 69.7427 113.194 71.564 110.767 72.9171C108.371 74.2541 105.277 74.9182 102.191 74.9182ZM102.268 60.6933C99.2056 60.6933 96.1363 61.3538 93.7578 62.6801C91.3739 64.0101 90.044 65.7904 90.012 67.6971C89.9817 69.5433 91.1834 71.2934 93.4 72.6269C98.0716 75.438 105.834 75.5164 110.703 72.8014C113.087 71.4732 114.417 69.6911 114.449 67.7844C114.479 65.9382 113.277 64.1881 111.061 62.8546C108.672 61.4161 105.474 60.6933 102.27 60.6933H102.268ZM102.195 74.2986C99.243 74.2986 96.3001 73.6328 94.1014 72.31C92.038 71.0691 90.9182 69.4312 90.9467 67.6989C90.9769 65.9115 92.2143 64.2451 94.4308 63.0095C98.9119 60.5099 106.056 60.5829 110.356 63.1715C112.419 64.4124 113.539 66.0503 113.511 67.7826C113.48 69.57 112.243 71.2364 110.027 72.472C107.837 73.6933 105.013 74.3004 102.195 74.3004V74.2986ZM102.264 61.3111C99.4691 61.3111 96.6687 61.9128 94.4966 63.1235C92.3229 64.3359 91.1087 65.9613 91.0802 67.6989C91.0517 69.3813 92.1502 70.9783 94.1691 72.1943C98.433 74.7597 105.517 74.8309 109.961 72.3545C112.134 71.1421 113.349 69.5166 113.377 67.779C113.406 66.0966 112.307 64.4997 110.286 63.2837C108.106 61.9716 105.188 61.3111 102.262 61.3111H102.264Z" fill="#192147"/>
-<path d="M106.411 81.6639C107.099 81.6639 107.657 81.1059 107.657 80.4176C107.657 79.7293 107.099 79.1714 106.411 79.1714C105.722 79.1714 105.164 79.7293 105.164 80.4176C105.164 81.1059 105.722 81.6639 106.411 81.6639Z" fill="#D66C7B"/>
-<path d="M102.85 81.6639C103.538 81.6639 104.096 81.1059 104.096 80.4176C104.096 79.7293 103.538 79.1714 102.85 79.1714C102.162 79.1714 101.604 79.7293 101.604 80.4176C101.604 81.1059 102.162 81.6639 102.85 81.6639Z" fill="#5CABDF"/>
-<path d="M99.2894 81.6641C99.9777 81.6641 100.536 81.1061 100.536 80.4179C100.536 79.7296 99.9777 79.1716 99.2894 79.1716C98.6011 79.1716 98.0432 79.7296 98.0432 80.4179C98.0432 81.1061 98.6011 81.6641 99.2894 81.6641Z" fill="#63C740"/>
-<path d="M99.2895 85.2246C99.9778 85.2246 100.536 84.6667 100.536 83.9784C100.536 83.2901 99.9778 82.7322 99.2895 82.7322C98.6012 82.7322 98.0432 83.2901 98.0432 83.9784C98.0432 84.6667 98.6012 85.2246 99.2895 85.2246Z" fill="#C98DEF"/>
-<path d="M102.85 85.2246C103.538 85.2246 104.096 84.6667 104.096 83.9784C104.096 83.2901 103.538 82.7322 102.85 82.7322C102.162 82.7322 101.604 83.2901 101.604 83.9784C101.604 84.6667 102.162 85.2246 102.85 85.2246Z" fill="#FAA669"/>
-<path d="M99.2895 88.7851C99.9778 88.7851 100.536 88.2271 100.536 87.5388C100.536 86.8506 99.9778 86.2926 99.2895 86.2926C98.6012 86.2926 98.0432 86.8506 98.0432 87.5388C98.0432 88.2271 98.6012 88.7851 99.2895 88.7851Z" fill="#3AEFC3"/>
-</svg>
diff --git a/website/assets/images/premium-landing-feature-5.svg b/website/assets/images/premium-landing-feature-5.svg
deleted file mode 100644
index 50ddd2e529..0000000000
--- a/website/assets/images/premium-landing-feature-5.svg
+++ /dev/null
@@ -1,74 +0,0 @@
-<svg width="117" height="123" viewBox="0 0 117 123" fill="none" xmlns="http://www.w3.org/2000/svg">
-<path d="M32.8355 73.2284C15.0297 84.5049 16.7036 101.35 36.5554 110.661C56.4072 119.972 86.8693 118.363 104.253 107.082C121.638 95.8009 119.961 78.9553 100.534 69.6491C81.1056 60.3428 50.6413 61.9519 32.8355 73.2284Z" fill="#C5C7D1"/>
-<path d="M78.4499 44.57C96.2341 54.8365 96.3271 71.4831 78.6575 81.7518C60.9901 92.0205 32.2495 92.0205 14.4674 81.7518C-3.31676 71.4831 -3.41192 54.8365 14.2577 44.57C31.9272 34.3013 60.6657 34.3013 78.4499 44.57Z" fill="white" stroke="#192147" stroke-width="0.3" stroke-linecap="round" stroke-linejoin="round"/>
-<path d="M46.6059 85.822C35.1087 85.822 24.3405 83.2592 16.2821 78.6071C8.82065 74.2989 4.70495 68.7883 4.6963 63.0895C4.68765 57.4404 8.73197 51.9795 16.0788 47.7081C24.0788 43.0582 34.8146 40.4975 46.3074 40.4975C57.8002 40.4975 68.5728 43.0603 76.6311 47.7124C84.0926 52.0206 88.2061 57.5312 88.2148 63.2279C88.2234 68.8769 84.1791 74.34 76.8301 78.6114C68.8301 83.2613 58.0943 85.8198 46.6015 85.8198L46.6059 85.822Z" fill="#8C8679"/>
-<path d="M76.6354 51.3459C68.577 46.6938 57.8087 44.131 46.3116 44.131C34.8145 44.131 24.083 46.6917 16.083 51.3416C9.53208 55.148 5.61103 59.9038 4.84326 64.8933C5.61968 69.9433 9.6121 74.7554 16.2863 78.6094C24.3447 83.2614 35.1129 85.8243 46.6101 85.8243C58.1072 85.8243 68.8387 83.2636 76.8387 78.6158C83.3896 74.8073 87.3128 70.0536 88.0806 65.0641C87.3041 60.0163 83.3117 55.202 76.6397 51.3502L76.6354 51.3459Z" fill="#B4B2FE" stroke="#192147" stroke-width="0.3" stroke-miterlimit="10"/>
-<path opacity="0.75" d="M55.3529 78.1841L74.0026 62.4415L49.6512 56.1148L29.9521 70.8102L55.3529 78.1841Z" fill="#7F7DCE"/>
-<mask id="mask0_3141_17502" style="mask-type:luminance" maskUnits="userSpaceOnUse" x="4" y="44" width="85" height="42">
-<path d="M16.1584 51.4712L16.1584 51.4712C24.1305 46.8375 34.8346 44.281 46.3116 44.281C57.7804 44.281 68.5143 46.836 76.5433 51.4659L76.5476 51.4702L76.5647 51.4801C83.2071 55.3149 87.1536 60.0882 87.9288 65.0641C87.1623 69.9821 83.2845 74.6948 76.7633 78.4861C68.7911 83.1177 58.087 85.6743 46.6101 85.6743C35.1331 85.6743 24.3921 83.1156 16.3613 78.4795C9.71668 74.6425 5.7702 69.8714 4.99505 64.8933C5.76154 59.9753 9.63717 55.2604 16.1584 51.4712Z" fill="white" stroke="white" stroke-width="0.3"/>
-</mask>
-<g mask="url(#mask0_3141_17502)">
-<path d="M-8.16113 65.0508L46.5237 96.6224" stroke="#F1F0FF" stroke-width="0.3" stroke-miterlimit="10"/>
-<path d="M-0.349365 60.5416L54.3355 92.1132" stroke="#F1F0FF" stroke-width="0.3" stroke-miterlimit="10"/>
-<path d="M7.4646 56.03L62.1473 87.6016" stroke="#F1F0FF" stroke-width="0.3" stroke-miterlimit="10"/>
-<path d="M15.2764 51.5203L69.959 83.0919" stroke="#F1F0FF" stroke-width="0.3" stroke-miterlimit="10"/>
-<path d="M23.0884 47.0092L77.7732 78.5808" stroke="#F1F0FF" stroke-width="0.3" stroke-miterlimit="10"/>
-<path d="M30.8999 42.4999L85.5847 74.0716" stroke="#F1F0FF" stroke-width="0.3" stroke-miterlimit="10"/>
-<path d="M38.7119 37.9886L93.3967 69.5625" stroke="#F1F0FF" stroke-width="0.3" stroke-miterlimit="10"/>
-<path d="M46.5237 33.4791L101.209 65.0508" stroke="#F1F0FF" stroke-width="0.3" stroke-miterlimit="10"/>
-<path d="M-8.16113 65.0508L46.5237 33.4791" stroke="#F1F0FF" stroke-width="0.3" stroke-miterlimit="10"/>
-<path d="M-0.349365 69.5625L54.3355 37.9886" stroke="#F1F0FF" stroke-width="0.3" stroke-miterlimit="10"/>
-<path d="M7.4646 74.0716L62.1473 42.4999" stroke="#F1F0FF" stroke-width="0.3" stroke-miterlimit="10"/>
-<path d="M15.2766 78.583L69.9614 47.0092" stroke="#F1F0FF" stroke-width="0.3" stroke-miterlimit="10"/>
-<path d="M23.0881 83.0919L77.773 51.5203" stroke="#F1F0FF" stroke-width="0.3" stroke-miterlimit="10"/>
-<path d="M30.8999 87.6016L85.5847 56.03" stroke="#F1F0FF" stroke-width="0.3" stroke-miterlimit="10"/>
-<path d="M38.7119 92.1132L93.3967 60.5416" stroke="#F1F0FF" stroke-width="0.3" stroke-miterlimit="10"/>
-<path d="M46.5237 96.6224L101.209 65.0508" stroke="#F1F0FF" stroke-width="0.3" stroke-miterlimit="10"/>
-</g>
-<path d="M46.6059 85.822C35.1087 85.822 24.3405 83.2592 16.2821 78.6071C8.82065 74.2989 4.70495 68.7883 4.6963 63.0895C4.68765 57.4404 8.73197 51.9795 16.0788 47.7081C24.0788 43.0582 34.8146 40.4975 46.3074 40.4975C57.8002 40.4975 68.5728 43.0603 76.6311 47.7124C84.0926 52.0206 88.2061 57.5312 88.2148 63.2279C88.2234 68.8769 84.1791 74.34 76.8301 78.6114C68.8301 83.2613 58.0943 85.8198 46.6015 85.8198L46.6059 85.822Z" stroke="#192147" stroke-width="0.3" stroke-linecap="round" stroke-linejoin="round"/>
-<path d="M78.718 81.7192C78.6986 81.7301 78.6791 81.7409 78.6597 81.7538C76.9316 82.7573 75.0976 83.6635 73.1793 84.4724C71.5486 85.1602 69.8552 85.7744 68.112 86.3194C66.4618 86.8363 64.7684 87.2883 63.0425 87.6754C61.3037 88.0669 59.5324 88.3935 57.7395 88.6551C55.8082 88.9363 53.8509 89.1439 51.8806 89.278C49.5665 89.4337 47.2329 89.4878 44.9058 89.4359C41.2573 89.358 37.6195 89.025 34.0791 88.4389C29.8488 87.7381 25.7591 86.6762 21.9527 85.2531C19.3033 84.2626 16.7924 83.0947 14.4696 81.7538C14.13 81.5592 13.7991 81.3602 13.4726 81.1612C11.8462 80.1642 10.382 79.111 9.07572 78.0123C7.94677 77.0629 6.93677 76.081 6.04572 75.0731C5.19576 74.1107 4.45611 73.1245 3.82242 72.121C3.17793 71.098 2.64806 70.0577 2.22849 69.0067C1.77215 67.8604 1.4499 66.699 1.26391 65.5311C1.12982 64.7006 1.06493 63.868 1.0671 63.0353L1.00005 86.7173C0.99789 87.55 1.06277 88.3826 1.19686 89.2131C1.38502 90.381 1.70727 91.5424 2.16144 92.6886C2.57885 93.7419 3.11089 94.7822 3.75322 95.803C4.38474 96.8065 5.12656 97.7927 5.97651 98.7551C6.86756 99.763 7.87756 100.745 9.00651 101.694C10.3128 102.793 11.7791 103.846 13.4034 104.843C13.7299 105.042 14.0608 105.241 14.4004 105.436C16.7232 106.777 19.2341 107.945 21.8835 108.935C25.6899 110.358 29.7796 111.42 34.0099 112.121C37.5503 112.707 41.1859 113.04 44.8366 113.118C47.1637 113.168 49.4973 113.116 51.8114 112.96C53.7817 112.828 55.739 112.62 57.6703 112.337C59.4654 112.075 61.2366 111.749 62.9733 111.357C64.6992 110.968 66.3926 110.516 68.0428 110.001C69.7859 109.456 71.4794 108.84 73.1101 108.154C75.0284 107.348 76.8624 106.441 78.5904 105.436C78.6099 105.425 78.6294 105.414 78.6488 105.401C87.3885 100.304 91.7615 93.6446 91.781 86.9725L91.848 63.2905C91.8286 69.9604 87.4555 76.6217 78.7159 81.7192H78.718Z" fill="#F1EEEA"/>
-<path d="M91.7832 64.6595C91.2101 70.8665 86.8586 76.9698 78.7181 81.7192C69.2626 86.9508 58.3365 89.4358 47.3887 89.505V113.126C58.2564 113.053 69.1718 110.743 78.5927 105.434C96.2795 96.4409 91.2317 79.5824 91.7832 64.6595Z" fill="#E2DED5"/>
-<path d="M91.7831 64.6598C91.8242 64.2034 91.848 63.7471 91.8501 63.2908C91.822 63.7449 91.8004 64.2013 91.7831 64.6598Z" fill="#E2DED5"/>
-<path d="M85.016 77.117V100.736C89.5145 96.5362 91.7681 91.7566 91.7832 86.9726L91.8502 63.2906C91.8373 68.0984 89.5599 72.9018 85.016 77.117Z" fill="#8C8679"/>
-<path d="M78.718 81.7192C78.6986 81.7301 78.6791 81.7409 78.6597 81.7538C76.9316 82.7573 75.0976 83.6635 73.1793 84.4724C71.5486 85.1602 69.8552 85.7744 68.112 86.3194C66.4618 86.8363 64.7684 87.2883 63.0425 87.6754C61.3037 88.0669 59.5324 88.3935 57.7395 88.6551C55.8082 88.9363 53.8509 89.1439 51.8806 89.278C49.5665 89.4337 47.2329 89.4878 44.9058 89.4359C41.2573 89.358 37.6195 89.025 34.0791 88.4389C29.8488 87.7381 25.7591 86.6762 21.9527 85.2531C19.3033 84.2626 16.7924 83.0947 14.4696 81.7538C14.13 81.5592 13.7991 81.3602 13.4726 81.1612C11.8462 80.1642 10.382 79.111 9.07572 78.0123C7.94677 77.0629 6.93677 76.081 6.04572 75.0731C5.19576 74.1107 4.45611 73.1245 3.82242 72.121C3.17793 71.098 2.64806 70.0577 2.22849 69.0067C1.77215 67.8604 1.4499 66.699 1.26391 65.5311C1.12982 64.7006 1.06493 63.868 1.0671 63.0353L1.00005 86.7173C0.99789 87.55 1.06277 88.3826 1.19686 89.2131C1.38502 90.381 1.70727 91.5424 2.16144 92.6886C2.57885 93.7419 3.11089 94.7822 3.75322 95.803C4.38474 96.8065 5.12656 97.7927 5.97651 98.7551C6.86756 99.763 7.87756 100.745 9.00651 101.694C10.3128 102.793 11.7791 103.846 13.4034 104.843C13.7299 105.042 14.0608 105.241 14.4004 105.436C16.7232 106.777 19.2341 107.945 21.8835 108.935C25.6899 110.358 29.7796 111.42 34.0099 112.121C37.5503 112.707 41.1859 113.04 44.8366 113.118C47.1637 113.168 49.4973 113.116 51.8114 112.96C53.7817 112.828 55.739 112.62 57.6703 112.337C59.4654 112.075 61.2366 111.749 62.9733 111.357C64.6992 110.968 66.3926 110.516 68.0428 110.001C69.7859 109.456 71.4794 108.84 73.1101 108.154C75.0284 107.348 76.8624 106.441 78.5904 105.436C78.6099 105.425 78.6294 105.414 78.6488 105.401C87.3885 100.304 91.7615 93.6446 91.781 86.9725L91.848 63.2905C91.8286 69.9604 87.4555 76.6217 78.7159 81.7192H78.718Z" stroke="#192147" stroke-width="0.3" stroke-linecap="round" stroke-linejoin="round"/>
-<path d="M68.0429 109.999L68.0732 91.5014L76.6874 106.641V106.476C73.9969 107.895 71.1032 109.052 68.0408 109.997L68.0429 109.999Z" fill="#8C8679"/>
-<path d="M1 82.3875C1.20979 93.7678 12.1532 100.931 21.8834 104.607C34.7798 109.344 49.5232 109.984 62.9733 107.03C75.1192 104.954 92.4752 94.713 91.7831 82.6449" stroke="#192147" stroke-width="0.3" stroke-linecap="round" stroke-linejoin="round"/>
-<path d="M78.4499 25.1051C96.2341 35.3717 96.3271 52.0182 78.6575 62.2869C60.9901 72.5556 32.2495 72.5556 14.4674 62.2869C-3.31676 52.0182 -3.41192 35.3717 14.2577 25.1051C31.9272 14.8365 60.6657 14.8365 78.4499 25.1051Z" stroke="#192147" stroke-width="0.162205" stroke-linecap="round" stroke-linejoin="round"/>
-<path d="M24.7341 70.2068C26.6452 70.2068 28.1945 68.6576 28.1945 66.7465C28.1945 64.8353 26.6452 63.2861 24.7341 63.2861C22.8229 63.2861 21.2737 64.8353 21.2737 66.7465C21.2737 68.6576 22.8229 70.2068 24.7341 70.2068Z" fill="#ED6E85"/>
-<path d="M75.1258 26.087C76.5591 26.087 77.7211 24.925 77.7211 23.4917C77.7211 22.0584 76.5591 20.8964 75.1258 20.8964C73.6925 20.8964 72.5305 22.0584 72.5305 23.4917C72.5305 24.925 73.6925 26.087 75.1258 26.087Z" fill="#3AEFC3"/>
-<path opacity="0.75" d="M56.8983 64.7394L74.503 43.7609L47.5314 39.005L29.9268 59.9836L56.8983 64.7394Z" fill="#FF9901"/>
-<path opacity="0.75" d="M74.5029 43.761L65.1014 17.9357L38.1321 13.1799L47.4989 38.9143L74.5029 43.761Z" fill="#FFE600"/>
-<path opacity="0.75" d="M29.9266 59.9836L47.4989 38.9142L38.132 13.1798L20.5273 34.1584L29.9266 59.9836Z" fill="#FDFFAE"/>
-<path opacity="0.75" d="M47.4989 38.9142L65.1014 17.9357L38.132 13.1798L20.5273 34.1584L47.4989 38.9142Z" fill="#FFF064"/>
-<path opacity="0.75" d="M20.5273 34.1583L29.9266 59.9836L56.8981 64.7395L47.4989 38.9142L20.5273 34.1583Z" fill="#FFD600"/>
-<path opacity="0.75" d="M56.898 64.7394L47.4988 38.9141L65.1013 17.9355L74.5027 43.7608L56.898 64.7394Z" fill="#EAB703"/>
-<path d="M56.8981 64.7394L47.5312 39.0049L65.1013 17.9355" stroke="white" stroke-width="0.216274" stroke-miterlimit="10"/>
-<path d="M20.5273 34.1583L47.5313 39.005" stroke="white" stroke-width="0.216274" stroke-miterlimit="10"/>
-<path d="M61.1519 59.4692L56.5193 46.7415" stroke="white" stroke-width="0.216274" stroke-miterlimit="10"/>
-<path d="M63.3582 47.8161L65.7004 54.2502" stroke="white" stroke-width="0.216274" stroke-miterlimit="10"/>
-<path d="M62.6876 48.4522C62.2226 48.9929 61.6408 48.8869 61.3986 48.2164L60.7476 46.4257C60.5032 45.7552 60.6784 44.7582 61.1369 44.2132L62.4432 42.656C62.9017 42.1089 63.477 42.2105 63.7214 42.881L64.394 44.7301C64.6384 45.4006 64.4567 46.3933 63.9917 46.9339L62.6876 48.4522Z" stroke="white" stroke-width="0.216274" stroke-miterlimit="10"/>
-<path d="M55.8533 47.5849C55.3884 48.1256 54.8066 48.0196 54.5644 47.3492L53.9134 45.5585C53.669 44.888 53.8442 43.891 54.3027 43.346L55.609 41.7888C56.0675 41.2416 56.6427 41.3433 56.8871 42.0137L57.5597 43.8629C57.8041 44.5333 57.6225 45.526 57.1575 46.0667L55.8533 47.5849Z" stroke="white" stroke-width="0.216274" stroke-miterlimit="10"/>
-<path d="M20.5273 34.1583L29.9266 59.9836L56.8981 64.7394L74.5028 43.7609L65.1014 17.9356L38.1645 13.2684L20.5273 34.1583Z" stroke="#192147" stroke-width="0.216274" stroke-miterlimit="10"/>
-<path d="M78.4499 7.80356C96.2341 18.0701 96.3271 34.7167 78.6575 44.9854C60.9901 55.254 32.2495 55.254 14.4674 44.9854C-3.31676 34.7167 -3.41192 18.0701 14.2577 7.80356C31.9272 -2.46512 60.6657 -2.46512 78.4499 7.80356Z" stroke="#192147" stroke-width="0.162205" stroke-linecap="round" stroke-linejoin="round"/>
-<path d="M83.5604 45.338C85.4715 45.338 87.0207 43.7887 87.0207 41.8776C87.0207 39.9665 85.4715 38.4172 83.5604 38.4172C81.6492 38.4172 80.1 39.9665 80.1 41.8776C80.1 43.7887 81.6492 45.338 83.5604 45.338Z" fill="#5CABDF"/>
-<path d="M10.2437 13.3271C11.6771 13.3271 12.839 12.1652 12.839 10.7318C12.839 9.29848 11.6771 8.13654 10.2437 8.13654C8.81039 8.13654 7.64844 9.29848 7.64844 10.7318C7.64844 12.1652 8.81039 13.3271 10.2437 13.3271Z" fill="#63C740"/>
-<path d="M24.8203 115.724V119.684L76.6893 122.39V115.646L24.8203 115.724Z" fill="#C5C7D1"/>
-<path d="M24.8203 91.5014H68.0751V115.724C68.0751 116.68 67.3008 117.454 66.3449 117.454H26.5505C25.5946 117.454 24.8203 116.68 24.8203 115.724V91.5014Z" fill="#F1EEEA" stroke="#192147" stroke-width="0.162205" stroke-linecap="round" stroke-linejoin="round"/>
-<path d="M24.8203 91.5014H68.0751V107.073C68.0751 108.029 67.3008 108.803 66.3449 108.803H26.5505C25.5946 108.803 24.8203 108.029 24.8203 107.073V91.5014Z" fill="white" stroke="#192147" stroke-width="0.162205" stroke-linecap="round" stroke-linejoin="round"/>
-<path d="M68.0751 91.5014H24.8203V108.803H68.0751V91.5014Z" fill="white" stroke="#192147" stroke-width="0.162205" stroke-linecap="round" stroke-linejoin="round"/>
-<path d="M66.7776 106.641V93.6645C66.7776 93.1867 66.3903 92.7994 65.9125 92.7994H26.9832C26.5054 92.7994 26.1181 93.1867 26.1181 93.6645V106.641C26.1181 107.119 26.5054 107.506 26.9832 107.506H65.9125C66.3903 107.506 66.7776 107.119 66.7776 106.641Z" fill="#F1EEEA" stroke="#192147" stroke-width="0.162205" stroke-linecap="round" stroke-linejoin="round"/>
-<path d="M65.4797 106.208V94.0967H27.4155V106.208H65.4797Z" fill="#8C8679"/>
-<path d="M65.4797 106.208V95.1784H27.4155V106.208H65.4797Z" fill="#3E4771"/>
-<path d="M65.4797 106.208V94.0967H27.4155V106.208H65.4797Z" stroke="#192147" stroke-width="0.162205" stroke-linecap="round" stroke-linejoin="round"/>
-<path d="M41.5007 101.807C41.5007 100.709 42.1959 100.07 43.0849 100.07C43.5062 100.07 43.8499 100.272 44.0747 100.492L43.6612 100.957C43.5036 100.809 43.3253 100.719 43.0849 100.719C42.6146 100.719 42.2709 101.12 42.2709 101.784C42.2709 102.448 42.6146 102.861 43.1134 102.861C43.3537 102.861 43.5501 102.743 43.7104 102.569L44.1238 103.024C43.8525 103.345 43.4829 103.51 43.0358 103.51C42.2114 103.51 41.5007 102.929 41.5007 101.81V101.807Z" fill="#FF5C83"/>
-<path d="M44.5039 100.132H45.6824C46.3853 100.132 46.9616 100.375 46.9616 101.166C46.9616 101.957 46.3827 102.256 45.6824 102.256H45.256V103.448H44.5039V100.132ZM45.6203 101.659C46.0157 101.659 46.2251 101.489 46.2251 101.166C46.2251 100.843 46.0132 100.729 45.6203 100.729H45.2534V101.659H45.6203ZM46.0623 101.577L47.1193 103.448H46.2793L45.5428 102.057L46.0623 101.577Z" fill="#FF5C83"/>
-<path d="M47.4526 102.817H48.2279V100.76H47.4526V100.132H49.7501V100.76H48.9748V102.817H49.7501V103.445H47.4526V102.817Z" fill="#FF5C83"/>
-<path d="M51.1506 100.76H50.1582V100.132H52.895V100.76H51.9V103.445H51.1506V100.76Z" fill="#FF5C83"/>
-<path d="M53.3037 102.817H54.079V100.76H53.3037V100.132H55.6012V100.76H54.8259V102.817H55.6012V103.445H53.3037V102.817Z" fill="#FF5C83"/>
-<path d="M56.1257 101.807C56.1257 100.709 56.8209 100.07 57.7099 100.07C58.1312 100.07 58.4749 100.272 58.6997 100.491L58.2862 100.957C58.1286 100.809 57.9503 100.719 57.7099 100.719C57.2396 100.719 56.8959 101.119 56.8959 101.784C56.8959 102.448 57.2396 102.861 57.7384 102.861C57.9787 102.861 58.1751 102.742 58.3353 102.569L58.7488 103.024C58.4775 103.345 58.1079 103.51 57.6608 103.51C56.8364 103.51 56.1257 102.928 56.1257 101.809V101.807Z" fill="#FF5C83"/>
-<path d="M59.8518 100.132H60.7512L61.7849 103.448H60.989L60.56 101.771C60.4747 101.44 60.3739 101.052 60.2964 100.701H60.2757C60.1956 101.05 60.1025 101.44 60.0173 101.771L59.5857 103.448H58.8181L59.8518 100.132ZM59.503 102.073H61.0898V102.657H59.503V102.073Z" fill="#FF5C83"/>
-<path d="M62.2424 100.132H62.9919V102.817H64.4675V103.445H62.2424V100.129V100.132Z" fill="#FF5C83"/>
-<path d="M28.7861 102.784L29.4891 101.988C29.6751 102.158 30.0034 102.332 30.3161 102.332C30.8846 102.332 31.3782 101.941 31.3782 100.755C31.3782 99.5689 30.9182 99.2743 30.5823 99.2743C30.2463 99.2743 29.9439 99.4371 29.9439 99.9617C29.9439 100.398 30.2101 100.554 30.5512 100.554C30.8174 100.554 31.0965 100.429 31.3627 100.086L31.4248 100.928C31.081 101.287 30.59 101.489 30.254 101.489C29.4115 101.489 28.7241 101.021 28.7241 99.9591C28.7241 98.8969 29.5744 98.2741 30.5487 98.2741C31.523 98.2741 32.5929 98.9615 32.5929 100.755C32.5929 102.549 31.5411 103.407 30.4401 103.407C29.6984 103.407 29.1299 103.109 28.7861 102.781V102.784Z" fill="#FF5C83"/>
-<path d="M33.575 102.394C33.575 101.841 33.9807 101.381 34.588 101.381C35.1953 101.381 35.6011 101.841 35.6011 102.394C35.6011 102.947 35.1953 103.407 34.588 103.407C33.9807 103.407 33.575 102.955 33.575 102.394Z" fill="#FF5C83"/>
-<path d="M36.5548 102.551C37.8729 101.473 38.8394 100.649 38.8394 99.9771C38.8394 99.5326 38.5577 99.3206 38.1209 99.3206C37.754 99.3206 37.4645 99.5558 37.2009 99.7884L36.4902 99.07C37.0278 98.5247 37.5266 98.274 38.307 98.274C39.3666 98.274 40.1083 98.9123 40.1083 99.897C40.1083 100.693 39.2813 101.566 38.4698 102.254C38.7438 102.223 39.1159 102.192 39.3588 102.192H40.3564V103.316H36.5497V102.551H36.5548Z" fill="#FF5C83"/>
-</svg>
diff --git a/website/assets/js/pages/upgrade.page.js b/website/assets/js/pages/upgrade.page.js
deleted file mode 100644
index 9281c1a9b7..0000000000
--- a/website/assets/js/pages/upgrade.page.js
+++ /dev/null
@@ -1,64 +0,0 @@
-parasails.registerPage('upgrade', {
-  //  ╦╔╗╔╦╔╦╗╦╔═╗╦    ╔═╗╔╦╗╔═╗╔╦╗╔═╗
-  //  ║║║║║ ║ ║╠═╣║    ╚═╗ ║ ╠═╣ ║ ║╣
-  //  ╩╝╚╝╩ ╩ ╩╩ ╩╩═╝  ╚═╝ ╩ ╩ ╩ ╩ ╚═╝
-  data: {
-    formData: {
-      monthsUsingFleetFree: 'Please select one',
-    },
-
-    // For tracking client-side validation errors in our form.
-    // > Has property set to `true` for each invalid property in `formData`.
-    formErrors: { /* … */ },
-
-    // Form rules
-    formRules: {
-      organization: {required: true },
-      monthsUsingFleetFree: {
-        required: true,
-        isIn:[
-          '1 - 3 months',
-          '3 - 6 months',
-          '6 - 12 months',
-          '12+ months',
-        ]
-      },
-      emailAddress: {required: true, isEmail: true},
-      numberOfHosts: {required: true },
-    },
-    cloudError: '',
-    // Syncing / loading state
-    syncing: false,
-    cloudSuccess: false,
-  },
-
-  //  ╦  ╦╔═╗╔═╗╔═╗╦ ╦╔═╗╦  ╔═╗
-  //  ║  ║╠╣ ║╣ ║  ╚╦╝║  ║  ║╣
-  //  ╩═╝╩╚  ╚═╝╚═╝ ╩ ╚═╝╩═╝╚═╝
-  beforeMount: function() {
-    //…
-  },
-  mounted: async function() {
-    //…
-  },
-
-  //  ╦╔╗╔╔╦╗╔═╗╦═╗╔═╗╔═╗╔╦╗╦╔═╗╔╗╔╔═╗
-  //  ║║║║ ║ ║╣ ╠╦╝╠═╣║   ║ ║║ ║║║║╚═╗
-  //  ╩╝╚╝ ╩ ╚═╝╩╚═╩ ╩╚═╝ ╩ ╩╚═╝╝╚╝╚═╝
-  methods: {
-    typeClearOneFormError: async function(field) {
-      if(this.formErrors[field]){
-        this.formErrors = _.omit(this.formErrors, field);
-      }
-    },
-    submittedForm: function() {
-      this.cloudSuccess = true;
-    },
-    _resetForms: async function() {
-      this.cloudError = '';
-      this.formData = {};
-      this.formErrors = {};
-      await this.forceRender();
-    },
-  }
-});
diff --git a/website/assets/styles/importer.less b/website/assets/styles/importer.less
index 7d4131d5cf..0d2f94d678 100644
--- a/website/assets/styles/importer.less
+++ b/website/assets/styles/importer.less
@@ -65,7 +65,6 @@
 @import 'pages/vanta-authorization.less';
 @import 'pages/admin/generate-license.less';
 @import 'pages/device-management.less';
-@import 'pages/upgrade.less';
 @import 'pages/endpoint-ops.less';
 @import 'pages/transparency.less';
 @import 'pages/press-kit.less';
diff --git a/website/assets/styles/pages/upgrade.less b/website/assets/styles/pages/upgrade.less
deleted file mode 100644
index e883a27e38..0000000000
--- a/website/assets/styles/pages/upgrade.less
+++ /dev/null
@@ -1,199 +0,0 @@
-#upgrade {
-  background: linear-gradient(180deg, rgba(232, 241, 246, 0.5) 4.75%, rgba(255, 255, 255, 0) 37.29%);
-  [purpose='page-container'] {
-    padding-top: 100px;
-    padding-bottom: 120px;
-    max-width: 1200px;
-    margin-left: auto;
-    margin-right: auto;
-    padding-left: 40px;
-    padding-right: 40px;
-  }
-  h1 {
-    font-weight: 800;
-    font-size: 40px;
-    line-height: 48px;
-    text-align: left;
-    margin-bottom: 80px;
-  }
-  h2 {
-    font-weight: 800;
-    font-size: 28px;
-    line-height: 38px;
-  }
-  h3 {
-    font-weight: 700;
-    font-size: 20px;
-    line-height: 24px;
-    margin-bottom: 16px;
-  }
-  a {
-    font-size: 14px;
-    color: @core-vibrant-blue;
-    text-decoration: underline;
-  }
-
-  [purpose='feature'] {
-    img {
-      margin-left: auto;
-      margin-right: auto;
-    }
-    [purpose='feature-image'] {
-      min-width: 160px;
-      margin-right: 40px;
-    }
-    margin-bottom: 80px;
-  }
-  [purpose='upgrade-form'] {
-    margin-left: 80px;
-    padding: 40px;
-    background: #F9FAFC;
-    box-shadow: 0px 0px 0px 1px #E2E4EA;
-    border-radius: 8px;
-    width: 480px;
-    input {
-      border: 1px solid #C5C7D1;
-      border-radius: 6px;
-      height: 48px;
-      font-size: 16px;
-      color: @core-fleet-black;
-      -webkit-appearance: none;
-    }
-    select {
-    // for hiding the <select> dropdown arrow on Firefox 54
-      -moz-appearance: none;
-      text-indent: 0.01px;
-      text-overflow: '';
-    }
-    input::-webkit-outer-spin-button, input::-webkit-inner-spin-button {
-      -webkit-appearance: none;
-      -moz-appearance: none;
-      margin: 0;
-    }
-    input[type='number'] {
-      -moz-appearance: textfield;
-    }
-    select {
-      font-size: 16px;
-      border: 1px solid #C5C7D1;
-      background-color: #FFF;
-      height: 48px;
-      width: 100%;
-      margin-right: 0;
-      margin-left: 0;
-      border-radius: 8px;
-      padding: 12px;
-      background: url('/images/chevron-down-fleet-black-8x8@2x.png') no-repeat 96% 50%, #FFF;
-      background-size: 16px 16px;
-      -webkit-appearance: none;
-    }
-    [purpose='submit-button'] {
-      position: relative;
-    }
-    [purpose='submit-button']::before {
-      background: linear-gradient(180deg, rgba(255, 255, 255, 0.2) 0%, rgba(255, 255, 255, 0) 100%);
-      opacity: 1;
-      content: ' ';
-      position: absolute;
-      top: 0;
-      left: -5px;
-      width: 233px;
-      max-width: 60%;
-      height: 100%;
-      transform: skew(-10deg);
-      transition: left 0.5s ease-in, opacity 0.50s ease-in, width 0.5s ease-in;
-    }
-  }
-  @media (max-width: 1201px) {
-    [purpose='upgrade-form'] {
-      padding: 24px;
-      width: 400px;
-    }
-    [purpose='feature'] {
-      [purpose='feature-image'] {
-        margin-right: 30px;
-      }
-    }
-  }
-  @media (max-width: 1024px) {
-    [purpose='page-container'] {
-      padding-top: 60px;
-      padding-bottom: 80px;
-    }
-    [purpose='upgrade-form'] {
-      margin-left: 40px;
-    }
-    h1 {
-      text-align: center;
-    }
-  }
-  @media (max-width: 991px) {
-    [purpose='feature'] {
-      text-align: center;
-      width: 50%;
-      [purpose='feature-image'] {
-        margin-right: auto;
-        margin-left: auto;
-        width: auto;
-        margin-bottom: 40px;
-        img {
-          height: 160px;
-        }
-      }
-    }
-    [purpose='feature-row'] {
-      [purpose='feature']:first-child {
-        margin-right: 80px;
-      }
-      [purpose='feature']:only-child {
-        margin-right: 0px;
-        width: 415px;
-        img {
-          margin-left: 16px;
-        }
-      }
-    }
-    [purpose='upgrade-form'] {
-      width: 100%;
-      padding: 40px;
-      margin-left: auto;
-    }
-  }
-
-  @media (max-width: 768px) {
-    h1 {
-      text-align: center;
-      font-size: 32px;
-      line-height: 38px;
-    }
-    [purpose='page-container'] {
-      padding-top: 60px;
-      padding-left: 20px;
-      padding-right: 20px;
-      padding-bottom: 80px;
-    }
-    [purpose='feature-row'] {
-      [purpose='feature']:first-child {
-        margin-right: unset;
-      }
-      [purpose='feature']:only-child {
-        margin-right: unset;
-        width: auto;
-      }
-    }
-    [purpose='feature'] {
-      width: 100%;
-      max-width: 440px;
-    }
-  }
-
-  @media (max-width: 481px) {
-    [purpose='upgrade-form'] {
-      padding: 20px;
-    }
-  }
-
-
-
-
-}
diff --git a/website/config/policies.js b/website/config/policies.js
index 399156a2ab..7abc4d3b4b 100644
--- a/website/config/policies.js
+++ b/website/config/policies.js
@@ -48,8 +48,6 @@ module.exports.policies = {
   'deliver-mdm-beta-signup': true,
   'deliver-apple-csr': true,
   'download-rss-feed': true,
-  'view-upgrade': true,
-  'deliver-premium-upgrade-form': true,
   'view-endpoint-ops': true,
   'view-vulnerability-management': true,
   'deliver-mdm-demo-email': true,
diff --git a/website/config/routes.js b/website/config/routes.js
index 927d0f2b65..4a69f469ae 100644
--- a/website/config/routes.js
+++ b/website/config/routes.js
@@ -243,14 +243,6 @@ module.exports.routes = {
     }
   },
 
-  'GET /upgrade': {
-    action: 'view-upgrade',
-    locals: {
-      pageTitleForMeta: 'Upgrade to Fleet Premium | Fleet',
-      pageDescriptionForMeta: 'Learn about the benefits of upgrading to Fleet Premium',
-    }
-  },
-
   'GET /endpoint-ops': {
     action: 'view-endpoint-ops',
     locals: {
@@ -468,7 +460,7 @@ module.exports.routes = {
   'GET /try-fleet/register': '/register',
   'GET /customers/new-license': '/new-license',
   'GET /try-fleet/fleetctl-preview': '/try-fleet',
-
+  'GET /upgrade': '/pricing',
   //  ╔╦╗╦╔═╗╔═╗  ╦═╗╔═╗╔╦╗╦╦═╗╔═╗╔═╗╔╦╗╔═╗   ┬   ╔╦╗╔═╗╦ ╦╔╗╔╦  ╔═╗╔═╗╔╦╗╔═╗
   //  ║║║║╚═╗║    ╠╦╝║╣  ║║║╠╦╝║╣ ║   ║ ╚═╗  ┌┼─   ║║║ ║║║║║║║║  ║ ║╠═╣ ║║╚═╗
   //  ╩ ╩╩╚═╝╚═╝  ╩╚═╚═╝═╩╝╩╩╚═╚═╝╚═╝ ╩ ╚═╝  └┘   ═╩╝╚═╝╚╩╝╝╚╝╩═╝╚═╝╩ ╩═╩╝╚═╝
@@ -580,7 +572,6 @@ module.exports.routes = {
   'POST /api/v1/create-vanta-authorization-request': { action: 'create-vanta-authorization-request' },
   'POST /api/v1/deliver-mdm-beta-signup':                   { action: 'deliver-mdm-beta-signup' },
   'POST /api/v1/deliver-apple-csr ': { action: 'deliver-apple-csr', csrf: false},
-  'POST /api/v1/deliver-premium-upgrade-form': { action: 'deliver-premium-upgrade-form' },
   'POST /api/v1/deliver-launch-party-signup':          { action: 'imagine/deliver-launch-party-signup' },
   'POST /api/v1/deliver-mdm-demo-email':               { action: 'deliver-mdm-demo-email' },
   'POST /api/v1/admin/provision-sandbox-instance-and-deliver-email': { action: 'admin/provision-sandbox-instance-and-deliver-email' },
diff --git a/website/views/layouts/layout.ejs b/website/views/layouts/layout.ejs
index c5859e0bd7..b2b4f62e82 100644
--- a/website/views/layouts/layout.ejs
+++ b/website/views/layouts/layout.ejs
@@ -535,7 +535,6 @@
     <script src="/js/pages/try-fleet/sandbox-expired.page.js"></script>
     <script src="/js/pages/try-fleet/sandbox-teleporter.page.js"></script>
     <script src="/js/pages/try-fleet/waitlist.page.js"></script>
-    <script src="/js/pages/upgrade.page.js"></script>
     <script src="/js/pages/vanta-authorization.page.js"></script>
     <script src="/js/pages/vulnerability-management.page.js"></script>
     <!--SCRIPTS END-->
diff --git a/website/views/pages/upgrade.ejs b/website/views/pages/upgrade.ejs
deleted file mode 100644
index 950e582fa4..0000000000
--- a/website/views/pages/upgrade.ejs
+++ /dev/null
@@ -1,109 +0,0 @@
-<div id="upgrade" v-cloak>
-  <div purpose="page-container" class="container-lg">
-  <h1>Get even more control with Fleet Premium</h1>
-    <div class="d-flex flex-lg-row flex-column justify-content-between">
-      <div class="d-flex flex-column justify-content-center">
-        <%// First row with two bullet points %>
-        <div purpose="feature-row" class="d-flex flex-column flex-md-row flex-lg-column justify-content-center align-items-center align-items-md-start">
-          <div purpose="feature" class="d-flex flex-lg-row flex-column align-items-center">
-            <div purpose="feature-image">
-              <img alt="Expertise on-demand" src="/images/premium-landing-feature-1.svg">
-            </div>
-            <div purpose="feature-text">
-              <h3>Expertise on-demand</h3>
-              <p>Get your own private Slack channel with Fleet experts.</p>
-            </div>
-          </div>
-          <div purpose="feature" class="d-flex flex-lg-row flex-column align-items-center">
-            <div purpose="feature-image">
-              <img alt="Custom solutions" src="/images/premium-landing-feature-2.svg">
-            </div>
-            <div purpose="feature-text">
-              <h3>Custom solutions</h3>
-              <p>Customize your Fleet deployment with queries and policies tailored to your needs, training specific to the roles of your users, and dashboards relevant to your executives.</p>
-            </div>
-          </div>
-        </div>
-        <%// Second row with two bullet points %>
-        <div purpose="feature-row" class="d-flex flex-column flex-md-row flex-lg-column justify-content-center align-items-center align-items-md-start">
-          <div purpose="feature" class="d-flex flex-lg-row flex-column align-items-center">
-            <div purpose="feature-image">
-              <img alt="Target and configure specific device groups" src="/images/premium-landing-feature-3.svg">
-            </div>
-            <div purpose="feature-text">
-              <h3>Target and configure specific device groups</h3>
-              <p>Improve your security posture with unique configurations for specific groups of endpoints. Give appropriate access to every employee with RBAC.</p>
-            </div>
-          </div>
-          <div purpose="feature" class="d-flex flex-lg-row flex-column align-items-center">
-            <div purpose="feature-image">
-              <img alt="Open source CIS compliance policies" src="/images/premium-landing-feature-4.svg">
-            </div>
-            <div purpose="feature-text">
-              <h3>Open source CIS compliance policies</h3>
-              <p>Strengthen your IT risk management strategy with our out-of-the-box CIS compliance policies that protect your systems and data from cyber threats.</p>
-            </div>
-          </div>
-        </div>
-        <%// Third row with one bullet point %>
-        <div purpose="feature-row" class="d-flex flex-column flex-md-row flex-lg-column justify-content-center align-items-center">
-          <div purpose="feature" class="d-flex flex-lg-row flex-column align-items-center">
-            <div purpose="feature-image">
-              <img alt="See vulnerability scores and probability of exploit" src="/images/premium-landing-feature-5.svg">
-            </div>
-            <div purpose="feature-text">
-              <h3>See vulnerability scores and probability of exploit</h3>
-              <p>Fleet Premium provides richer software vulnerability data, including real-time EPSS and CVSS scores, as well as CISA-known exploited vulnerabilities.</p>
-            </div>
-          </div>
-        </div>
-      </div>
-      <div class="d-flex flex-column justify-content-start">
-        <%// Form %>
-        <div purpose="upgrade-form" v-if="!cloudSuccess">
-          <h2 class="text-center">Upgrade to Fleet Premium</h2>
-          <p class="text-center">Complete the form below and a member of our team will be in touch within one business day.</p>
-          <ajax-form action="deliverPremiumUpgradeForm" class="premium-upgrade" :syncing.sync="syncing" :cloud-error.sync="cloudError" :form-data="formData" :form-rules="formRules" :form-errors.sync="formErrors" @submitted="submittedForm()">
-            <div class="form-group">
-              <label for="organization">Company</label>
-              <input class="form-control" id="organization" :class="[formErrors.organization ? 'is-invalid' : '']" v-model.trim="formData.organization" @input="typeClearOneFormError('organization')">
-              <div class="invalid-feedback" v-if="formErrors.organization">Please enter the name of your company.</div>
-            </div>
-            <div class="form-group">
-              <label for="monthsUsingFleetFree">Months using Fleet Free</label>
-              <select class="form-control" id="monthsUsingFleetFree" :class="[formErrors.monthsUsingFleetFree ? 'is-invalid' : '']" v-model.trim="formData.monthsUsingFleetFree" @input="typeClearOneFormError('monthsUsingFleetFree')">
-                <option value="Please select one" disabled selected hidden>Please select one</option>
-                <option value="1 - 3 months">1 - 3 months</option>
-                <option value="3 - 6 months">3 - 6 months</option>
-                <option value="6 - 12 months">6 - 12 months</option>
-                <option value="12+ months">12+ months</option>
-              </select>
-              <div class="invalid-feedback" v-if="formErrors.monthsUsingFleetFree" focus-first>Please select an option</div>
-            </div>
-            <div class="form-group">
-              <label for="emailAddress">Email</label>
-              <input class="form-control" id="emailAddress" :class="[formErrors.emailAddress ? 'is-invalid' : '']" v-model.trim="formData.emailAddress" @input="typeClearOneFormError('emailAddress')">
-              <div class="invalid-feedback" v-if="formErrors.emailAddress" focus-first>This doesn’t appear to be a valid email address</div>
-            </div>
-            <div class="form-group">
-              <label for="numberOfHosts">Number of devices</label>
-              <input class="form-control" id="numberOfHosts" type="number" min="0" :class="[formErrors.numberOfHosts ? 'is-invalid' : '']" v-model.trim="formData.numberOfHosts" @input="typeClearOneFormError('numberOfHosts')">
-              <div class="invalid-feedback" v-if="formErrors.numberOfHosts">Please enter a number of devices.</div>
-            </div>
-              <cloud-error v-if="cloudError"></cloud-error>
-            <div class="border-0 justify-content-center">
-              <ajax-button purpose="submit-button" spinner="true" type="submit" :syncing="syncing" class="btn btn-sm btn-block btn-primary">Submit</ajax-button>
-            </div>
-          </ajax-form>
-          <p class="mb-0 mt-4 pt-3"><a href="/handbook/company/why-this-way#why-dont-we-sell-like-everyone-else" target="_blank">We will never spam you</a>.</p>
-        </div>
-        <%// Form success state %>
-        <div purpose="upgrade-form" v-else>
-          <h2>We’ll be in touch soon!</h2>
-          <p>A member of our team will be in touch within one business day.</p>
-        </div>
-      </div>
-    </div>
-  </div>
-</div>
-<%- /* Expose server-rendered data as window.SAILS_LOCALS :: */ exposeLocalsToBrowser() %>

From 413107b93a9b615370e24c47630a485d4a6a0c23 Mon Sep 17 00:00:00 2001
From: Eric <eashaw@sailsjs.com>
Date: Fri, 22 Mar 2024 12:01:15 -0500
Subject: [PATCH 44/54] Vuln dashboard: Update Okta SSO hook (#17773)

Closes: #17772
More context:
https://github.com/fleetdm/fleet/pull/17601#issuecomment-2013383611

Changes:
- Updated the order of the vulnerability dashboard's HTTP middleware if
Okta SSO is enabled.
---
 .../api/hooks/{OktaSSO => okta-sso}/index.js                   | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)
 rename ee/vulnerability-dashboard/api/hooks/{OktaSSO => okta-sso}/index.js (96%)

diff --git a/ee/vulnerability-dashboard/api/hooks/OktaSSO/index.js b/ee/vulnerability-dashboard/api/hooks/okta-sso/index.js
similarity index 96%
rename from ee/vulnerability-dashboard/api/hooks/OktaSSO/index.js
rename to ee/vulnerability-dashboard/api/hooks/okta-sso/index.js
index d66c67db1e..d50c580c98 100644
--- a/ee/vulnerability-dashboard/api/hooks/OktaSSO/index.js
+++ b/ee/vulnerability-dashboard/api/hooks/okta-sso/index.js
@@ -35,6 +35,7 @@ module.exports = function (sails){
       }
 
       // Clone the existing routes
+      // NOTE: Changing sails.config after the app lifts goes against Sails.js conventions and this code should not be reproduced.
       let appRoutes = Object.assign({}, sails.config.routes);
       // Remove the routes for the built-in login page..
       delete appRoutes['GET /login'];
@@ -45,9 +46,9 @@ module.exports = function (sails){
         'bodyParser',
         'compress',
         'poweredBy',
+        'www',// Note: This changes the conventions of Sails.js. Don't ever replicate this or use Passport.js.
         'oktaSSO',
         'router',
-        'www',
         'favicon',
       ];
       // Specify a custom http middleware order, placing the Okta middleware before the router. This is so the routes generated by Okta will take precedence over the sails router.

From b5a81f93d948428823f051e299e8a7b7e072e4bf Mon Sep 17 00:00:00 2001
From: Luke Heath <luke@fleetdm.com>
Date: Fri, 22 Mar 2024 12:29:07 -0500
Subject: [PATCH 45/54] Add myself as codeowner to all engineering workflows
 (#17800)

---
 CODEOWNERS | 48 ++++++++++++++++++++++++------------------------
 1 file changed, 24 insertions(+), 24 deletions(-)

diff --git a/CODEOWNERS b/CODEOWNERS
index ead9ee8a62..4c3dcb908e 100644
--- a/CODEOWNERS
+++ b/CODEOWNERS
@@ -132,30 +132,30 @@ go.mod @fleetdm/go
 /.github/workflows/trivy-scan.yml @lukeheath
 /.github/workflows/goreleaser-snapshot-fleet.yaml @lukeheath
 /.github/workflows/build-and-push-fleetctl-docker.yml @lukeheath
-/.github/workflows/fleetd-tuf.yml @lucasmrod
-/.github/workflows/generate-desktop-targets.yml @lucasmrod
-/.github/workflows/test-yml-specs.yml @lucasmrod
-/.github/workflows/build-binaries.yaml @lucasmrod
-/.github/workflows/fleet-and-orbit.yml @lucasmrod
-/.github/workflows/build-orbit.yaml @lucasmrod
-/.github/workflows/generate-osqueryd-targets.yml @lucasmrod
-/.github/workflows/test-packaging.yml @lucasmrod
-/.github/workflows/release-helm.yaml @rfairburn
-/.github/workflows/pr-helm.yaml @rfairburn
-/.github/workflows/tfvalidate.yml @rfairburn
-/.github/workflows/dogfood-deploy.yml @rfairburn
-/.github/workflows/test-db-changes.yml @roperzh
-/.github/workflows/test-go.yaml @roperzh
-/.github/workflows/golangci-lint.yml @roperzh
-/.github/workflows/test-native-tooling-packaging.yml @roperzh
-/.github/workflows/check-tuf-timestamps.yml @roperzh
-/.github/workflows/test-puppet.yml @roperzh
-/.github/workflows/generate-nudge-targets.yml @roperzh
-/.github/workflows/test-js.yml @ghernandez345
-/.github/workflows/dogfood-gitops.yml @getvictor
-/.github/workflows/test-fleetd-chrome.yml @getvictor
-/.github/workflows/release-fleetd-chrome.yml @getvictor
-/.github/workflows/release-fleetd-chrome-beta.yml @getvictor
+/.github/workflows/fleetd-tuf.yml @lucasmrod @lukeheath
+/.github/workflows/generate-desktop-targets.yml @lucasmrod @lukeheath
+/.github/workflows/test-yml-specs.yml @lucasmrod @lukeheath
+/.github/workflows/build-binaries.yaml @lucasmrod @lukeheath
+/.github/workflows/fleet-and-orbit.yml @lucasmrod @lukeheath
+/.github/workflows/build-orbit.yaml @lucasmrod @lukeheath
+/.github/workflows/generate-osqueryd-targets.yml @lucasmrod @lukeheath
+/.github/workflows/test-packaging.yml @lucasmrod @lukeheath
+/.github/workflows/release-helm.yaml @rfairburn @lukeheath
+/.github/workflows/pr-helm.yaml @rfairburn @lukeheath
+/.github/workflows/tfvalidate.yml @rfairburn @lukeheath
+/.github/workflows/dogfood-deploy.yml @rfairburn @lukeheath
+/.github/workflows/test-db-changes.yml @roperzh @lukeheath
+/.github/workflows/test-go.yaml @roperzh @lukeheath
+/.github/workflows/golangci-lint.yml @roperzh @lukeheath
+/.github/workflows/test-native-tooling-packaging.yml @roperzh @lukeheath
+/.github/workflows/check-tuf-timestamps.yml @roperzh @lukeheath
+/.github/workflows/test-puppet.yml @roperzh @lukeheath
+/.github/workflows/generate-nudge-targets.yml @roperzh @lukeheath
+/.github/workflows/test-js.yml @ghernandez345 @lukeheath
+/.github/workflows/dogfood-gitops.yml @getvictor @lukeheath
+/.github/workflows/test-fleetd-chrome.yml @getvictor @lukeheath
+/.github/workflows/release-fleetd-chrome.yml @getvictor @lukeheath
+/.github/workflows/release-fleetd-chrome-beta.yml @getvictor @lukeheath
 
 # ℹ️ But wait, there's more!
 # See the comments up top to learn where else DRIs and maintainers are configured.

From 644dddce4f692c1116cb83e92debad50852d40ca Mon Sep 17 00:00:00 2001
From: RachelElysia <71795832+RachelElysia@users.noreply.github.com>
Date: Fri, 22 Mar 2024 15:12:19 -0400
Subject: [PATCH 46/54] =?UTF-8?q?[released=20bug]=20Fleet=20UI:=20standard?=
 =?UTF-8?q?=20query=20library=20platforms=20render=20prop=E2=80=A6=20(#177?=
 =?UTF-8?q?12)?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 changes/17662-render-standard-query-platforms-correctly         | 1 +
 .../queries/edit/components/EditQueryForm/EditQueryForm.tsx     | 2 +-
 2 files changed, 2 insertions(+), 1 deletion(-)
 create mode 100644 changes/17662-render-standard-query-platforms-correctly

diff --git a/changes/17662-render-standard-query-platforms-correctly b/changes/17662-render-standard-query-platforms-correctly
new file mode 100644
index 0000000000..c625264580
--- /dev/null
+++ b/changes/17662-render-standard-query-platforms-correctly
@@ -0,0 +1 @@
+- Fixes UI bug to render the query platform correctly for queries imported from the standard query library
diff --git a/frontend/pages/queries/edit/components/EditQueryForm/EditQueryForm.tsx b/frontend/pages/queries/edit/components/EditQueryForm/EditQueryForm.tsx
index e6ac26e7c2..c5b70d70a9 100644
--- a/frontend/pages/queries/edit/components/EditQueryForm/EditQueryForm.tsx
+++ b/frontend/pages/queries/edit/components/EditQueryForm/EditQueryForm.tsx
@@ -724,7 +724,7 @@ const EditQueryForm = ({
                     placeholder="Select"
                     label="Platform"
                     onChange={onChangeSelectPlatformOptions}
-                    value={lastEditedQueryPlatforms}
+                    value={lastEditedQueryPlatforms.replace(/\s/g, "")} // NOTE: FE requires no whitespace to render UI
                     multi
                     wrapperClassName={`${baseClass}__form-field form-field--platform`}
                     helpText="By default, your query collects data on all compatible platforms."

From d5df23964b0b52f1d442b66ffe4451dc2a9ef969 Mon Sep 17 00:00:00 2001
From: RachelElysia <71795832+RachelElysia@users.noreply.github.com>
Date: Fri, 22 Mar 2024 15:26:09 -0400
Subject: [PATCH 47/54] Fleet UI: Clickable elements include cursor hover state
 (#17688)

---
 changes/17208-hover-states                    |  1 +
 .../forms/fields/Checkbox/_styles.scss        | 23 +++++++++++++++++++
 .../forms/fields/Dropdown/_styles.scss        |  2 ++
 .../pages/DashboardPage/cards/MDM/MDM.tsx     |  1 +
 .../components/LabelFilterSelect/_styles.scss |  4 ++++
 5 files changed, 31 insertions(+)
 create mode 100644 changes/17208-hover-states

diff --git a/changes/17208-hover-states b/changes/17208-hover-states
new file mode 100644
index 0000000000..5ae0c7f17a
--- /dev/null
+++ b/changes/17208-hover-states
@@ -0,0 +1 @@
+Fleet UI: Add hover states to clickable elements
diff --git a/frontend/components/forms/fields/Checkbox/_styles.scss b/frontend/components/forms/fields/Checkbox/_styles.scss
index 1bd81b1e2a..3aa8725df1 100644
--- a/frontend/components/forms/fields/Checkbox/_styles.scss
+++ b/frontend/components/forms/fields/Checkbox/_styles.scss
@@ -22,6 +22,13 @@
         border: solid 2px $core-vibrant-blue;
       }
 
+      &:hover {
+        &::after {
+          background-color: $core-vibrant-blue-over;
+          border: solid 2px $core-vibrant-blue-over;
+        }
+      }
+
       &::before {
         @include position(absolute, 50% null null 50%);
         transform: rotate(45deg);
@@ -42,6 +49,7 @@
     @include size(20px);
     @include position(absolute, 0 null null 0);
     display: inline-block;
+    cursor: pointer;
 
     &::after {
       @include size(20px);
@@ -54,11 +62,17 @@
       background-color: $core-white;
       visibility: visible;
     }
+    &:hover {
+      &::after {
+        border: solid 2px $core-vibrant-blue-over;
+      }
+    }
 
     &--disabled {
       &::after {
         background-color: $ui-fleet-black-25;
       }
+      cursor: default;
     }
 
     &--indeterminate {
@@ -67,6 +81,15 @@
         border: solid 1px $core-vibrant-blue;
       }
 
+      &:hover {
+        &::after {
+          &::after {
+            background-color: $core-vibrant-blue-over;
+            border: solid 1px $core-vibrant-blue-over;
+          }
+        }
+      }
+
       &::before {
         @include position(absolute, 50% null null 50%);
         box-sizing: border-box;
diff --git a/frontend/components/forms/fields/Dropdown/_styles.scss b/frontend/components/forms/fields/Dropdown/_styles.scss
index d955d357f2..5523158b09 100644
--- a/frontend/components/forms/fields/Dropdown/_styles.scss
+++ b/frontend/components/forms/fields/Dropdown/_styles.scss
@@ -75,6 +75,8 @@
     background-color: $ui-light-grey;
     border: 0;
     border-radius: $border-radius;
+    cursor: pointer;
+
     .Select-value {
       font-size: $small;
       background-color: $ui-light-grey;
diff --git a/frontend/pages/DashboardPage/cards/MDM/MDM.tsx b/frontend/pages/DashboardPage/cards/MDM/MDM.tsx
index e102869a4d..2e79bd8749 100644
--- a/frontend/pages/DashboardPage/cards/MDM/MDM.tsx
+++ b/frontend/pages/DashboardPage/cards/MDM/MDM.tsx
@@ -166,6 +166,7 @@ const Mdm = ({
                   isAllPagesSelected={false}
                   disableCount
                   disablePagination
+                  disableMultiRowSelect
                   onClickRow={handleSolutionRowClick}
                 />
               )}
diff --git a/frontend/pages/hosts/ManageHostsPage/components/LabelFilterSelect/_styles.scss b/frontend/pages/hosts/ManageHostsPage/components/LabelFilterSelect/_styles.scss
index 0c1ed6fac5..72ab4f59e9 100644
--- a/frontend/pages/hosts/ManageHostsPage/components/LabelFilterSelect/_styles.scss
+++ b/frontend/pages/hosts/ManageHostsPage/components/LabelFilterSelect/_styles.scss
@@ -26,6 +26,10 @@
     border-radius: $border-radius;
     height: 40px;
 
+    :hover {
+      cursor: pointer;
+    }
+
     &--is-focused,
     &--menu-is-open,
     &:hover {

From b6ab842db223990e6340e5c36bfa2c6090d166bd Mon Sep 17 00:00:00 2001
From: Luke Heath <luke@fleetdm.com>
Date: Fri, 22 Mar 2024 15:32:09 -0500
Subject: [PATCH 48/54] Add EMs to engineering workflows codeowners (#17808)

---
 CODEOWNERS | 74 +++++++++++++++++++++++++++---------------------------
 1 file changed, 37 insertions(+), 37 deletions(-)

diff --git a/CODEOWNERS b/CODEOWNERS
index 4c3dcb908e..a44b1a2d2a 100644
--- a/CODEOWNERS
+++ b/CODEOWNERS
@@ -119,43 +119,43 @@ go.mod @fleetdm/go
 ##############################################################################################
 # 🚀 GitHub workflows
 ##############################################################################################
-/.github/workflows/README.md @lukeheath
-/.github/workflows/goreleaser-fleet.yaml @lukeheath
-/.github/workflows/update-certs.yml @lukeheath
-/.github/workflows/codeql-analysis.yml @lukeheath
-/.github/workflows/codeql.yml @lukeheath
-/.github/workflows/scorecards-analysis.yml @lukeheath
-/.github/workflows/integration.yml @lukeheath
-/.github/workflows/fleetctl-preview.yml @lukeheath
-/.github/workflows/fleetctl-preview-latest.yml @lukeheath
-/.github/workflows/goreleaser-orbit.yaml @lukeheath
-/.github/workflows/trivy-scan.yml @lukeheath
-/.github/workflows/goreleaser-snapshot-fleet.yaml @lukeheath
-/.github/workflows/build-and-push-fleetctl-docker.yml @lukeheath
-/.github/workflows/fleetd-tuf.yml @lucasmrod @lukeheath
-/.github/workflows/generate-desktop-targets.yml @lucasmrod @lukeheath
-/.github/workflows/test-yml-specs.yml @lucasmrod @lukeheath
-/.github/workflows/build-binaries.yaml @lucasmrod @lukeheath
-/.github/workflows/fleet-and-orbit.yml @lucasmrod @lukeheath
-/.github/workflows/build-orbit.yaml @lucasmrod @lukeheath
-/.github/workflows/generate-osqueryd-targets.yml @lucasmrod @lukeheath
-/.github/workflows/test-packaging.yml @lucasmrod @lukeheath
-/.github/workflows/release-helm.yaml @rfairburn @lukeheath
-/.github/workflows/pr-helm.yaml @rfairburn @lukeheath
-/.github/workflows/tfvalidate.yml @rfairburn @lukeheath
-/.github/workflows/dogfood-deploy.yml @rfairburn @lukeheath
-/.github/workflows/test-db-changes.yml @roperzh @lukeheath
-/.github/workflows/test-go.yaml @roperzh @lukeheath
-/.github/workflows/golangci-lint.yml @roperzh @lukeheath
-/.github/workflows/test-native-tooling-packaging.yml @roperzh @lukeheath
-/.github/workflows/check-tuf-timestamps.yml @roperzh @lukeheath
-/.github/workflows/test-puppet.yml @roperzh @lukeheath
-/.github/workflows/generate-nudge-targets.yml @roperzh @lukeheath
-/.github/workflows/test-js.yml @ghernandez345 @lukeheath
-/.github/workflows/dogfood-gitops.yml @getvictor @lukeheath
-/.github/workflows/test-fleetd-chrome.yml @getvictor @lukeheath
-/.github/workflows/release-fleetd-chrome.yml @getvictor @lukeheath
-/.github/workflows/release-fleetd-chrome-beta.yml @getvictor @lukeheath
+/.github/workflows/README.md @lukeheath @georgekarrv @sharon-fdm
+/.github/workflows/goreleaser-fleet.yaml @lukeheath @georgekarrv @sharon-fdm
+/.github/workflows/update-certs.yml @lukeheath @georgekarrv @sharon-fdm
+/.github/workflows/codeql-analysis.yml @lukeheath @georgekarrv @sharon-fdm
+/.github/workflows/codeql.yml @lukeheath @georgekarrv @sharon-fdm
+/.github/workflows/scorecards-analysis.yml @lukeheath @georgekarrv @sharon-fdm
+/.github/workflows/integration.yml @lukeheath @georgekarrv @sharon-fdm
+/.github/workflows/fleetctl-preview.yml @lukeheath @georgekarrv @sharon-fdm
+/.github/workflows/fleetctl-preview-latest.yml @lukeheath @georgekarrv @sharon-fdm
+/.github/workflows/goreleaser-orbit.yaml @lukeheath @georgekarrv @sharon-fdm
+/.github/workflows/trivy-scan.yml @lukeheath @georgekarrv @sharon-fdm
+/.github/workflows/goreleaser-snapshot-fleet.yaml @lukeheath @georgekarrv @sharon-fdm
+/.github/workflows/build-and-push-fleetctl-docker.yml @lukeheath @georgekarrv @sharon-fdm
+/.github/workflows/fleetd-tuf.yml @lucasmrod @lukeheath @georgekarrv @sharon-fdm
+/.github/workflows/generate-desktop-targets.yml @lucasmrod @lukeheath @georgekarrv @sharon-fdm
+/.github/workflows/test-yml-specs.yml @lucasmrod @lukeheath @georgekarrv @sharon-fdm
+/.github/workflows/build-binaries.yaml @lucasmrod @lukeheath @georgekarrv @sharon-fdm
+/.github/workflows/fleet-and-orbit.yml @lucasmrod @lukeheath @georgekarrv @sharon-fdm
+/.github/workflows/build-orbit.yaml @lucasmrod @lukeheath @georgekarrv @sharon-fdm
+/.github/workflows/generate-osqueryd-targets.yml @lucasmrod @lukeheath @georgekarrv @sharon-fdm
+/.github/workflows/test-packaging.yml @lucasmrod @lukeheath @georgekarrv @sharon-fdm
+/.github/workflows/release-helm.yaml @rfairburn @lukeheath @georgekarrv @sharon-fdm
+/.github/workflows/pr-helm.yaml @rfairburn @lukeheath @georgekarrv @sharon-fdm
+/.github/workflows/tfvalidate.yml @rfairburn @lukeheath @georgekarrv @sharon-fdm
+/.github/workflows/dogfood-deploy.yml @rfairburn @lukeheath @georgekarrv @sharon-fdm
+/.github/workflows/test-db-changes.yml @roperzh @lukeheath @georgekarrv @sharon-fdm
+/.github/workflows/test-go.yaml @roperzh @lukeheath @georgekarrv @sharon-fdm
+/.github/workflows/golangci-lint.yml @roperzh @lukeheath @georgekarrv @sharon-fdm
+/.github/workflows/test-native-tooling-packaging.yml @roperzh @lukeheath @georgekarrv @sharon-fdm
+/.github/workflows/check-tuf-timestamps.yml @roperzh @lukeheath @georgekarrv @sharon-fdm
+/.github/workflows/test-puppet.yml @roperzh @lukeheath @georgekarrv @sharon-fdm
+/.github/workflows/generate-nudge-targets.yml @roperzh @lukeheath @georgekarrv @sharon-fdm
+/.github/workflows/test-js.yml @ghernandez345 @lukeheath @georgekarrv @sharon-fdm
+/.github/workflows/dogfood-gitops.yml @getvictor @lukeheath @georgekarrv @sharon-fdm
+/.github/workflows/test-fleetd-chrome.yml @getvictor @lukeheath @georgekarrv @sharon-fdm
+/.github/workflows/release-fleetd-chrome.yml @getvictor @lukeheath @georgekarrv @sharon-fdm
+/.github/workflows/release-fleetd-chrome-beta.yml @getvictor @lukeheath @georgekarrv @sharon-fdm
 
 # ℹ️ But wait, there's more!
 # See the comments up top to learn where else DRIs and maintainers are configured.

From 6ebc308eb4b9d4e3d5add4177446c09ff4297f6a Mon Sep 17 00:00:00 2001
From: Luke Heath <luke@fleetdm.com>
Date: Fri, 22 Mar 2024 15:32:23 -0500
Subject: [PATCH 49/54] [StepSecurity] ci: Harden GitHub Actions (#17780)

---
 .../build-and-push-fleetctl-docker.yml        |  5 +++
 .github/workflows/build-binaries.yaml         |  5 +++
 .github/workflows/build-orbit.yaml            |  5 +++
 .github/workflows/check-tuf-timestamps.yml    |  5 +++
 .github/workflows/codeql-analysis.yml         |  5 +++
 .github/workflows/deploy-fleet-website.yml    |  5 +++
 .../deploy-vulnerability-dashboard.yml        |  5 +++
 .github/workflows/docs.yml                    |  5 +++
 .github/workflows/dogfood-deploy.yml          |  5 +++
 .github/workflows/dogfood-gitops.yml          |  5 +++
 .github/workflows/fleet-and-orbit.yml         | 40 +++++++++++++++++++
 .github/workflows/fleetctl-preview-latest.yml |  5 +++
 .github/workflows/fleetctl-preview.yml        |  5 +++
 .github/workflows/fleetd-tuf.yml              |  5 +++
 .../workflows/generate-desktop-targets.yml    | 15 +++++++
 .github/workflows/generate-nudge-targets.yml  |  5 +++
 .../workflows/generate-osqueryd-targets.yml   | 15 +++++++
 .github/workflows/golangci-lint.yml           |  5 +++
 .github/workflows/goreleaser-fleet.yaml       |  5 +++
 .github/workflows/goreleaser-orbit.yaml       | 15 +++++++
 .../workflows/goreleaser-snapshot-fleet.yaml  |  5 +++
 .github/workflows/integration.yml             | 35 ++++++++++++++++
 .github/workflows/pr-helm.yaml                |  5 +++
 .../workflows/push-osquery-perf-to-ecr.yml    |  5 +++
 .../workflows/release-fleetd-chrome-beta.yml  |  5 +++
 .github/workflows/release-fleetd-chrome.yml   |  5 +++
 .github/workflows/release-helm.yaml           |  5 +++
 .github/workflows/scorecards-analysis.yml     |  5 +++
 .github/workflows/test-db-changes.yml         |  5 +++
 .github/workflows/test-fleetd-chrome.yml      |  5 +++
 .github/workflows/test-go.yaml                |  5 +++
 .github/workflows/test-js.yml                 | 10 +++++
 .../test-native-tooling-packaging.yml         |  5 +++
 .github/workflows/test-packaging.yml          |  5 +++
 .github/workflows/test-puppet.yml             |  5 +++
 .../test-vulnerability-dashboard-changes.yml  |  5 +++
 .github/workflows/test-website.yml            |  5 +++
 .github/workflows/test-yml-specs.yml          |  5 +++
 .github/workflows/tfvalidate.yml              |  5 +++
 .github/workflows/trivy-scan.yml              |  5 +++
 .github/workflows/update-certs.yml            |  5 +++
 41 files changed, 305 insertions(+)

diff --git a/.github/workflows/build-and-push-fleetctl-docker.yml b/.github/workflows/build-and-push-fleetctl-docker.yml
index a42eb0ddd3..8ae3c7069e 100644
--- a/.github/workflows/build-and-push-fleetctl-docker.yml
+++ b/.github/workflows/build-and-push-fleetctl-docker.yml
@@ -29,6 +29,11 @@ jobs:
     permissions:
       contents: write
     steps:
+      - name: Harden Runner
+        uses: step-security/harden-runner@63c24ba6bd7ba022e95695ff85de572c04a18142 # v2.7.0
+        with:
+          egress-policy: audit
+
       - name: Checkout
         uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3
 
diff --git a/.github/workflows/build-binaries.yaml b/.github/workflows/build-binaries.yaml
index 29faa1eacf..ed18437c74 100644
--- a/.github/workflows/build-binaries.yaml
+++ b/.github/workflows/build-binaries.yaml
@@ -24,6 +24,11 @@ jobs:
   build-binaries:
     runs-on: ubuntu-latest
     steps:
+      - name: Harden Runner
+        uses: step-security/harden-runner@63c24ba6bd7ba022e95695ff85de572c04a18142 # v2.7.0
+        with:
+          egress-policy: audit
+
       - name: Install Go
         uses: actions/setup-go@93397bea11091df50f3d7e59dc26a7711a8bcfbe # v4.1.0
         with:
diff --git a/.github/workflows/build-orbit.yaml b/.github/workflows/build-orbit.yaml
index 40e3c84909..09f296aece 100644
--- a/.github/workflows/build-orbit.yaml
+++ b/.github/workflows/build-orbit.yaml
@@ -33,6 +33,11 @@ jobs:
   build:
     runs-on: macos-latest
     steps:
+      - name: Harden Runner
+        uses: step-security/harden-runner@63c24ba6bd7ba022e95695ff85de572c04a18142 # v2.7.0
+        with:
+          egress-policy: audit
+
       - name: Checkout
         uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3
 
diff --git a/.github/workflows/check-tuf-timestamps.yml b/.github/workflows/check-tuf-timestamps.yml
index 4a67a3d5b0..f5c01ec136 100644
--- a/.github/workflows/check-tuf-timestamps.yml
+++ b/.github/workflows/check-tuf-timestamps.yml
@@ -29,6 +29,11 @@ jobs:
     runs-on: ${{ matrix.os }}
 
     steps:
+    - name: Harden Runner
+      uses: step-security/harden-runner@63c24ba6bd7ba022e95695ff85de572c04a18142 # v2.7.0
+      with:
+        egress-policy: audit
+
     - name: Check remote timestamp.json file
       run: |
         expires=$(curl -s http://tuf.fleetctl.com/timestamp.json | jq -r '.signed.expires' | cut -c 1-10)
diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml
index 37e1fd9850..246c6418a1 100644
--- a/.github/workflows/codeql-analysis.yml
+++ b/.github/workflows/codeql-analysis.yml
@@ -45,6 +45,11 @@ jobs:
         # https://docs.github.com/en/free-pro-team@latest/github/finding-security-vulnerabilities-and-errors-in-your-code/configuring-code-scanning#changing-the-languages-that-are-analyzed
 
     steps:
+    - name: Harden Runner
+      uses: step-security/harden-runner@63c24ba6bd7ba022e95695ff85de572c04a18142 # v2.7.0
+      with:
+        egress-policy: audit
+
     - name: Checkout repository
       uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3
     
diff --git a/.github/workflows/deploy-fleet-website.yml b/.github/workflows/deploy-fleet-website.yml
index 538291617b..9fc044e13b 100644
--- a/.github/workflows/deploy-fleet-website.yml
+++ b/.github/workflows/deploy-fleet-website.yml
@@ -34,6 +34,11 @@ jobs:
         node-version: [16.x]
 
     steps:
+    - name: Harden Runner
+      uses: step-security/harden-runner@63c24ba6bd7ba022e95695ff85de572c04a18142 # v2.7.0
+      with:
+        egress-policy: audit
+
     - uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3
 
     # Configure our access credentials for the Heroku CLI
diff --git a/.github/workflows/deploy-vulnerability-dashboard.yml b/.github/workflows/deploy-vulnerability-dashboard.yml
index 05c0b4ff88..5030c2eb1c 100644
--- a/.github/workflows/deploy-vulnerability-dashboard.yml
+++ b/.github/workflows/deploy-vulnerability-dashboard.yml
@@ -22,6 +22,11 @@ jobs:
         node-version: [14.x]
 
     steps:
+    - name: Harden Runner
+      uses: step-security/harden-runner@63c24ba6bd7ba022e95695ff85de572c04a18142 # v2.7.0
+      with:
+        egress-policy: audit
+
     - uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3
 
     # Configure our access credentials for the Heroku CLI
diff --git a/.github/workflows/docs.yml b/.github/workflows/docs.yml
index 8b0b3a22fe..ec0df78a4d 100644
--- a/.github/workflows/docs.yml
+++ b/.github/workflows/docs.yml
@@ -28,6 +28,11 @@ jobs:
       contents: read # to read files to check dead links
     runs-on: ubuntu-latest
     steps:
+    - name: Harden Runner
+      uses: step-security/harden-runner@63c24ba6bd7ba022e95695ff85de572c04a18142 # v2.7.0
+      with:
+        egress-policy: audit
+
     - uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3
     - uses: gaurav-nelson/github-action-markdown-link-check@d53a906aa6b22b8979d33bc86170567e619495ec # v1.0.15
       with:
diff --git a/.github/workflows/dogfood-deploy.yml b/.github/workflows/dogfood-deploy.yml
index 393102abd0..d13d2f4761 100644
--- a/.github/workflows/dogfood-deploy.yml
+++ b/.github/workflows/dogfood-deploy.yml
@@ -41,6 +41,11 @@ jobs:
     name: Deploy Fleet Dogfood Environment
     runs-on: ubuntu-latest
     steps:
+      - name: Harden Runner
+        uses: step-security/harden-runner@63c24ba6bd7ba022e95695ff85de572c04a18142 # v2.7.0
+        with:
+          egress-policy: audit
+
       - uses: actions/checkout@2541b1294d2704b0964813337f33b291d3f8596b
       - id: fail-on-main
         run: "false"
diff --git a/.github/workflows/dogfood-gitops.yml b/.github/workflows/dogfood-gitops.yml
index de7974b29a..43761a5fbb 100644
--- a/.github/workflows/dogfood-gitops.yml
+++ b/.github/workflows/dogfood-gitops.yml
@@ -22,6 +22,11 @@ jobs:
     timeout-minutes: 10
     runs-on: ubuntu-latest
     steps:
+      - name: Harden Runner
+        uses: step-security/harden-runner@63c24ba6bd7ba022e95695ff85de572c04a18142 # v2.7.0
+        with:
+          egress-policy: audit
+
       - name: Checkout our repository
         uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
 
diff --git a/.github/workflows/fleet-and-orbit.yml b/.github/workflows/fleet-and-orbit.yml
index 29d4d82c7a..2849c0f561 100644
--- a/.github/workflows/fleet-and-orbit.yml
+++ b/.github/workflows/fleet-and-orbit.yml
@@ -44,6 +44,11 @@ jobs:
       address: ${{ steps.gen.outputs.address }}
       enroll_secret: ${{ steps.gen.outputs.enroll_secret }}
     steps:
+      - name: Harden Runner
+        uses: step-security/harden-runner@63c24ba6bd7ba022e95695ff85de572c04a18142 # v2.7.0
+        with:
+          egress-policy: audit
+
       - id: gen
         run: |
           UUID=$(uuidgen)
@@ -62,6 +67,11 @@ jobs:
     runs-on: ubuntu-latest
     needs: gen
     steps:
+      - name: Harden Runner
+        uses: step-security/harden-runner@63c24ba6bd7ba022e95695ff85de572c04a18142 # v2.7.0
+        with:
+          egress-policy: audit
+
       - name: Install Go
         uses: actions/setup-go@93397bea11091df50f3d7e59dc26a7711a8bcfbe # v4.1.0
         with:
@@ -171,6 +181,11 @@ jobs:
     runs-on: ubuntu-latest
     needs: gen
     steps:
+      - name: Harden Runner
+        uses: step-security/harden-runner@63c24ba6bd7ba022e95695ff85de572c04a18142 # v2.7.0
+        with:
+          egress-policy: audit
+
       - name: Install Go
         uses: actions/setup-go@93397bea11091df50f3d7e59dc26a7711a8bcfbe # v4.1.0
         with:
@@ -214,6 +229,11 @@ jobs:
     # or if we revise our minimum supported macOS version.
     runs-on: macos-12
     steps:
+      - name: Harden Runner
+        uses: step-security/harden-runner@63c24ba6bd7ba022e95695ff85de572c04a18142 # v2.7.0
+        with:
+          egress-policy: audit
+
       - name: Install Go
         uses: actions/setup-go@93397bea11091df50f3d7e59dc26a7711a8bcfbe # v4.1.0
         with:
@@ -255,6 +275,11 @@ jobs:
     runs-on: ubuntu-latest
     needs: [gen, build-macos-targets]
     steps:
+      - name: Harden Runner
+        uses: step-security/harden-runner@63c24ba6bd7ba022e95695ff85de572c04a18142 # v2.7.0
+        with:
+          egress-policy: audit
+
       - name: Install Go
         uses: actions/setup-go@93397bea11091df50f3d7e59dc26a7711a8bcfbe # v4.1.0
         with:
@@ -317,6 +342,11 @@ jobs:
     runs-on: macos-latest
     needs: [gen, run-tuf-and-gen-pkgs]
     steps:
+      - name: Harden Runner
+        uses: step-security/harden-runner@63c24ba6bd7ba022e95695ff85de572c04a18142 # v2.7.0
+        with:
+          egress-policy: audit
+
       - name: Checkout Code
         uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3
 
@@ -366,6 +396,11 @@ jobs:
     runs-on: ubuntu-latest
     needs: [gen, run-tuf-and-gen-pkgs]
     steps:
+      - name: Harden Runner
+        uses: step-security/harden-runner@63c24ba6bd7ba022e95695ff85de572c04a18142 # v2.7.0
+        with:
+          egress-policy: audit
+
       - name: Download deb
         id: download
         uses: actions/download-artifact@fb598a63ae348fa914e94cd0ff38f362e927b741 # v2
@@ -412,6 +447,11 @@ jobs:
     needs: [gen, run-tuf-and-gen-pkgs]
     runs-on: windows-latest
     steps:
+      - name: Harden Runner
+        uses: step-security/harden-runner@63c24ba6bd7ba022e95695ff85de572c04a18142 # v2.7.0
+        with:
+          egress-policy: audit
+
       - name: Download msi
         id: download
         uses: actions/download-artifact@fb598a63ae348fa914e94cd0ff38f362e927b741 # v2
diff --git a/.github/workflows/fleetctl-preview-latest.yml b/.github/workflows/fleetctl-preview-latest.yml
index 839072ed83..dda4e0f73c 100644
--- a/.github/workflows/fleetctl-preview-latest.yml
+++ b/.github/workflows/fleetctl-preview-latest.yml
@@ -57,6 +57,11 @@ jobs:
     runs-on: ${{ matrix.os }}
     steps:
 
+    - name: Harden Runner
+      uses: step-security/harden-runner@63c24ba6bd7ba022e95695ff85de572c04a18142 # v2.7.0
+      with:
+        egress-policy: audit
+
     - name: Install Go
       uses: actions/setup-go@93397bea11091df50f3d7e59dc26a7711a8bcfbe # v4.1.0
       with:
diff --git a/.github/workflows/fleetctl-preview.yml b/.github/workflows/fleetctl-preview.yml
index 9bcfdb7376..ab9a69c2b2 100644
--- a/.github/workflows/fleetctl-preview.yml
+++ b/.github/workflows/fleetctl-preview.yml
@@ -27,6 +27,11 @@ jobs:
     runs-on: ${{ matrix.os }}
     steps:
 
+    - name: Harden Runner
+      uses: step-security/harden-runner@63c24ba6bd7ba022e95695ff85de572c04a18142 # v2.7.0
+      with:
+        egress-policy: audit
+
     - name: Test fleetctl preview
       run: |
         npm install -g fleetctl
diff --git a/.github/workflows/fleetd-tuf.yml b/.github/workflows/fleetd-tuf.yml
index 26faf617c5..c1617cb860 100644
--- a/.github/workflows/fleetd-tuf.yml
+++ b/.github/workflows/fleetd-tuf.yml
@@ -25,6 +25,11 @@ jobs:
       pull-requests: write  # for peter-evans/create-pull-request to create a PR
     runs-on: ubuntu-latest
     steps:
+    - name: Harden Runner
+      uses: step-security/harden-runner@63c24ba6bd7ba022e95695ff85de572c04a18142 # v2.7.0
+      with:
+        egress-policy: audit
+
     - name: Install Go
       uses: actions/setup-go@93397bea11091df50f3d7e59dc26a7711a8bcfbe # v4.1.0
       with:
diff --git a/.github/workflows/generate-desktop-targets.yml b/.github/workflows/generate-desktop-targets.yml
index b2557c1a06..fef2d6075b 100644
--- a/.github/workflows/generate-desktop-targets.yml
+++ b/.github/workflows/generate-desktop-targets.yml
@@ -40,6 +40,11 @@ jobs:
     runs-on: macos-12
     steps:
 
+      - name: Harden Runner
+        uses: step-security/harden-runner@63c24ba6bd7ba022e95695ff85de572c04a18142 # v2.7.0
+        with:
+          egress-policy: audit
+
       - name: Install Go
         uses: actions/setup-go@93397bea11091df50f3d7e59dc26a7711a8bcfbe # v4.1.0
         with:
@@ -88,6 +93,11 @@ jobs:
     runs-on: ubuntu-latest
     steps:
 
+      - name: Harden Runner
+        uses: step-security/harden-runner@63c24ba6bd7ba022e95695ff85de572c04a18142 # v2.7.0
+        with:
+          egress-policy: audit
+
       - name: Install Go
         uses: actions/setup-go@93397bea11091df50f3d7e59dc26a7711a8bcfbe # v4.1.0
         with:
@@ -111,6 +121,11 @@ jobs:
     runs-on: ubuntu-latest
     steps:
 
+      - name: Harden Runner
+        uses: step-security/harden-runner@63c24ba6bd7ba022e95695ff85de572c04a18142 # v2.7.0
+        with:
+          egress-policy: audit
+
       - name: Install Go
         uses: actions/setup-go@93397bea11091df50f3d7e59dc26a7711a8bcfbe # v4.1.0
         with:
diff --git a/.github/workflows/generate-nudge-targets.yml b/.github/workflows/generate-nudge-targets.yml
index b1771f6703..4b7f025f4e 100644
--- a/.github/workflows/generate-nudge-targets.yml
+++ b/.github/workflows/generate-nudge-targets.yml
@@ -33,6 +33,11 @@ jobs:
   generate-macos:
     runs-on: macos-latest
     steps:
+      - name: Harden Runner
+        uses: step-security/harden-runner@63c24ba6bd7ba022e95695ff85de572c04a18142 # v2.7.0
+        with:
+          egress-policy: audit
+
       - name: Checkout
         uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3
 
diff --git a/.github/workflows/generate-osqueryd-targets.yml b/.github/workflows/generate-osqueryd-targets.yml
index e2d4933e61..0af9f64bea 100644
--- a/.github/workflows/generate-osqueryd-targets.yml
+++ b/.github/workflows/generate-osqueryd-targets.yml
@@ -33,6 +33,11 @@ jobs:
   generate-macos:
     runs-on: macos-latest
     steps:
+      - name: Harden Runner
+        uses: step-security/harden-runner@63c24ba6bd7ba022e95695ff85de572c04a18142 # v2.7.0
+        with:
+          egress-policy: audit
+
       - name: Checkout
         uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3
 
@@ -49,6 +54,11 @@ jobs:
   generate-linux:
     runs-on: ubuntu-latest
     steps:
+      - name: Harden Runner
+        uses: step-security/harden-runner@63c24ba6bd7ba022e95695ff85de572c04a18142 # v2.7.0
+        with:
+          egress-policy: audit
+
       - name: Checkout
         uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3
 
@@ -69,6 +79,11 @@ jobs:
   generate-windows:
     runs-on: windows-latest
     steps:
+      - name: Harden Runner
+        uses: step-security/harden-runner@63c24ba6bd7ba022e95695ff85de572c04a18142 # v2.7.0
+        with:
+          egress-policy: audit
+
       - name: Checkout
         uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3
 
diff --git a/.github/workflows/golangci-lint.yml b/.github/workflows/golangci-lint.yml
index 6de7068ccf..1d00e3c0d9 100644
--- a/.github/workflows/golangci-lint.yml
+++ b/.github/workflows/golangci-lint.yml
@@ -41,6 +41,11 @@ jobs:
         go-version: ['${{ vars.GO_VERSION }}']
     runs-on: ${{ matrix.os }}
     steps:
+      - name: Harden Runner
+        uses: step-security/harden-runner@63c24ba6bd7ba022e95695ff85de572c04a18142 # v2.7.0
+        with:
+          egress-policy: audit
+
       - name: Checkout code
         uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3
 
diff --git a/.github/workflows/goreleaser-fleet.yaml b/.github/workflows/goreleaser-fleet.yaml
index 8f8f2cd67d..f192a624ff 100644
--- a/.github/workflows/goreleaser-fleet.yaml
+++ b/.github/workflows/goreleaser-fleet.yaml
@@ -25,6 +25,11 @@ jobs:
     permissions:
       contents: write
     steps:
+      - name: Harden Runner
+        uses: step-security/harden-runner@63c24ba6bd7ba022e95695ff85de572c04a18142 # v2.7.0
+        with:
+          egress-policy: audit
+
       - name: Checkout
         uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3
         with:
diff --git a/.github/workflows/goreleaser-orbit.yaml b/.github/workflows/goreleaser-orbit.yaml
index 1efd3faec1..2f1eb3905b 100644
--- a/.github/workflows/goreleaser-orbit.yaml
+++ b/.github/workflows/goreleaser-orbit.yaml
@@ -24,6 +24,11 @@ jobs:
     permissions:
       contents: read
     steps:
+      - name: Harden Runner
+        uses: step-security/harden-runner@63c24ba6bd7ba022e95695ff85de572c04a18142 # v2.7.0
+        with:
+          egress-policy: audit
+
       - name: Checkout
         uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3
 
@@ -73,6 +78,11 @@ jobs:
     permissions:
       contents: read
     steps:
+      - name: Harden Runner
+        uses: step-security/harden-runner@63c24ba6bd7ba022e95695ff85de572c04a18142 # v2.7.0
+        with:
+          egress-policy: audit
+
       - name: Checkout
         uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3
 
@@ -101,6 +111,11 @@ jobs:
     permissions:
       contents: read
     steps:
+      - name: Harden Runner
+        uses: step-security/harden-runner@63c24ba6bd7ba022e95695ff85de572c04a18142 # v2.7.0
+        with:
+          egress-policy: audit
+
       - name: Checkout
         uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3
 
diff --git a/.github/workflows/goreleaser-snapshot-fleet.yaml b/.github/workflows/goreleaser-snapshot-fleet.yaml
index c6fb9c1419..65ac166c1b 100644
--- a/.github/workflows/goreleaser-snapshot-fleet.yaml
+++ b/.github/workflows/goreleaser-snapshot-fleet.yaml
@@ -40,6 +40,11 @@ jobs:
     runs-on: ubuntu-20.04
     environment: Docker Hub
     steps:
+      - name: Harden Runner
+        uses: step-security/harden-runner@63c24ba6bd7ba022e95695ff85de572c04a18142 # v2.7.0
+        with:
+          egress-policy: audit
+
       - name: Checkout
         uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3
 
diff --git a/.github/workflows/integration.yml b/.github/workflows/integration.yml
index 04f61e743b..a6200e9849 100644
--- a/.github/workflows/integration.yml
+++ b/.github/workflows/integration.yml
@@ -31,6 +31,11 @@ jobs:
       subdomain: ${{ steps.gen.outputs.subdomain }}
       address: ${{ steps.gen.outputs.address }}
     steps:
+    - name: Harden Runner
+      uses: step-security/harden-runner@63c24ba6bd7ba022e95695ff85de572c04a18142 # v2.7.0
+      with:
+        egress-policy: audit
+
     - id: gen
       run: |
         UUID=$(uuidgen)
@@ -41,6 +46,11 @@ jobs:
     runs-on: ubuntu-latest
     needs: gen
     steps:
+    - name: Harden Runner
+      uses: step-security/harden-runner@63c24ba6bd7ba022e95695ff85de572c04a18142 # v2.7.0
+      with:
+        egress-policy: audit
+
     - name: Start tunnel
       env:
         CERT_PEM: ${{ secrets.CLOUDFLARE_TUNNEL_FLEETUEM_CERT_B64 }}
@@ -136,6 +146,11 @@ jobs:
      token: ${{ steps.login.outputs.token }}
    steps:
     # Download fleet and fleetctl binaries from last successful build on main
+    - name: Harden Runner
+      uses: step-security/harden-runner@63c24ba6bd7ba022e95695ff85de572c04a18142 # v2.7.0
+      with:
+        egress-policy: audit
+
     - name: Download binaries
       uses: dawidd6/action-download-artifact@5e780fc7bbd0cac69fc73271ed86edf5dcb72d67
       with:
@@ -178,6 +193,11 @@ jobs:
     runs-on: macos-latest
     needs: [gen, login]
     steps:
+    - name: Harden Runner
+      uses: step-security/harden-runner@63c24ba6bd7ba022e95695ff85de572c04a18142 # v2.7.0
+      with:
+        egress-policy: audit
+
     - name: Checkout Code
       uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3
 
@@ -234,6 +254,11 @@ jobs:
     runs-on: ubuntu-latest
     needs: [gen, login]
     steps:
+    - name: Harden Runner
+      uses: step-security/harden-runner@63c24ba6bd7ba022e95695ff85de572c04a18142 # v2.7.0
+      with:
+        egress-policy: audit
+
     - name: Install dependencies
       run: |
         npm install -g fleetctl
@@ -299,6 +324,11 @@ jobs:
     runs-on: ubuntu-latest
     needs: [gen, login]
     steps:
+    - name: Harden Runner
+      uses: step-security/harden-runner@63c24ba6bd7ba022e95695ff85de572c04a18142 # v2.7.0
+      with:
+        egress-policy: audit
+
     - name: Install dependencies
       run: |
         docker pull fleetdm/wix:latest &
@@ -335,6 +365,11 @@ jobs:
     needs: [gen, login, orbit-windows-build]
     runs-on: windows-latest
     steps:
+    - name: Harden Runner
+      uses: step-security/harden-runner@63c24ba6bd7ba022e95695ff85de572c04a18142 # v2.7.0
+      with:
+        egress-policy: audit
+
     - name: Install dependencies
       shell: bash
       run: |
diff --git a/.github/workflows/pr-helm.yaml b/.github/workflows/pr-helm.yaml
index c81c21f7b4..4f119e04a6 100644
--- a/.github/workflows/pr-helm.yaml
+++ b/.github/workflows/pr-helm.yaml
@@ -28,6 +28,11 @@ jobs:
         kube-version: [1.16.0, 1.17.0, 1.18.0] # kubeval is currently lagging behind the active schema versions, so these are the ones we can test against. see https://github.com/instrumenta/kubernetes-json-schema/issues/26
     runs-on: ubuntu-20.04
     steps:
+    - name: Harden Runner
+      uses: step-security/harden-runner@63c24ba6bd7ba022e95695ff85de572c04a18142 # v2.7.0
+      with:
+        egress-policy: audit
+
     - name: checkout
       uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3
     - name: create temp dir
diff --git a/.github/workflows/push-osquery-perf-to-ecr.yml b/.github/workflows/push-osquery-perf-to-ecr.yml
index c905c92e08..0760d03900 100644
--- a/.github/workflows/push-osquery-perf-to-ecr.yml
+++ b/.github/workflows/push-osquery-perf-to-ecr.yml
@@ -35,6 +35,11 @@ jobs:
   build-docker:
     runs-on: ubuntu-latest
     steps:
+      - name: Harden Runner
+        uses: step-security/harden-runner@63c24ba6bd7ba022e95695ff85de572c04a18142 # v2.7.0
+        with:
+          egress-policy: audit
+
       - name: Checkout Code
         uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3
 
diff --git a/.github/workflows/release-fleetd-chrome-beta.yml b/.github/workflows/release-fleetd-chrome-beta.yml
index 7c81d9be4f..8f50b02d60 100644
--- a/.github/workflows/release-fleetd-chrome-beta.yml
+++ b/.github/workflows/release-fleetd-chrome-beta.yml
@@ -24,6 +24,11 @@ jobs:
     permissions:
       contents: read
     steps:
+      - name: Harden Runner
+        uses: step-security/harden-runner@63c24ba6bd7ba022e95695ff85de572c04a18142 # v2.7.0
+        with:
+          egress-policy: audit
+
       - name: Checkout
         uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3
 
diff --git a/.github/workflows/release-fleetd-chrome.yml b/.github/workflows/release-fleetd-chrome.yml
index dc168426d5..6751d7705e 100644
--- a/.github/workflows/release-fleetd-chrome.yml
+++ b/.github/workflows/release-fleetd-chrome.yml
@@ -25,6 +25,11 @@ jobs:
     permissions:
       contents: read
     steps:
+      - name: Harden Runner
+        uses: step-security/harden-runner@63c24ba6bd7ba022e95695ff85de572c04a18142 # v2.7.0
+        with:
+          egress-policy: audit
+
       - name: Checkout
         uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3
 
diff --git a/.github/workflows/release-helm.yaml b/.github/workflows/release-helm.yaml
index 91ef4e34c1..d6d738c362 100644
--- a/.github/workflows/release-helm.yaml
+++ b/.github/workflows/release-helm.yaml
@@ -24,6 +24,11 @@ jobs:
       contents: write  # to push helm charts
     runs-on: ubuntu-20.04
     steps:
+    - name: Harden Runner
+      uses: step-security/harden-runner@63c24ba6bd7ba022e95695ff85de572c04a18142 # v2.7.0
+      with:
+        egress-policy: audit
+
     - uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3
     - uses: stefanprodan/helm-gh-pages@0ad2bb377311d61ac04ad9eb6f252fb68e207260
       with:
diff --git a/.github/workflows/scorecards-analysis.yml b/.github/workflows/scorecards-analysis.yml
index af1990e9c5..59dfd8a7ff 100644
--- a/.github/workflows/scorecards-analysis.yml
+++ b/.github/workflows/scorecards-analysis.yml
@@ -24,6 +24,11 @@ jobs:
       id-token: write
 
     steps:
+      - name: Harden Runner
+        uses: step-security/harden-runner@63c24ba6bd7ba022e95695ff85de572c04a18142 # v2.7.0
+        with:
+          egress-policy: audit
+
       - name: "Checkout code"
         uses: actions/checkout@93ea575cb5d8a053eaa0ac8fa3b40d7e05a33cc8 # v3.1.0
         with:
diff --git a/.github/workflows/test-db-changes.yml b/.github/workflows/test-db-changes.yml
index 46aafcc9d4..301645008e 100644
--- a/.github/workflows/test-db-changes.yml
+++ b/.github/workflows/test-db-changes.yml
@@ -30,6 +30,11 @@ jobs:
   test-db-changes:
     runs-on: ubuntu-latest
     steps:
+    - name: Harden Runner
+      uses: step-security/harden-runner@63c24ba6bd7ba022e95695ff85de572c04a18142 # v2.7.0
+      with:
+        egress-policy: audit
+
     - name: Install Go
       uses: actions/setup-go@93397bea11091df50f3d7e59dc26a7711a8bcfbe # v4.1.0
       with:
diff --git a/.github/workflows/test-fleetd-chrome.yml b/.github/workflows/test-fleetd-chrome.yml
index d9772cf225..82fa08fc82 100644
--- a/.github/workflows/test-fleetd-chrome.yml
+++ b/.github/workflows/test-fleetd-chrome.yml
@@ -31,6 +31,11 @@ jobs:
     runs-on: ${{ matrix.os }}
 
     steps:
+      - name: Harden Runner
+        uses: step-security/harden-runner@63c24ba6bd7ba022e95695ff85de572c04a18142 # v2.7.0
+        with:
+          egress-policy: audit
+
       - name: Checkout Code
         uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3
 
diff --git a/.github/workflows/test-go.yaml b/.github/workflows/test-go.yaml
index 0a924f3876..69c9b3be6c 100644
--- a/.github/workflows/test-go.yaml
+++ b/.github/workflows/test-go.yaml
@@ -52,6 +52,11 @@ jobs:
       GO_TEST_TIMEOUT: 15m
 
     steps:
+    - name: Harden Runner
+      uses: step-security/harden-runner@63c24ba6bd7ba022e95695ff85de572c04a18142 # v2.7.0
+      with:
+        egress-policy: audit
+
     - name: Install Go
       uses: actions/setup-go@93397bea11091df50f3d7e59dc26a7711a8bcfbe # v4.1.0
       with:
diff --git a/.github/workflows/test-js.yml b/.github/workflows/test-js.yml
index d0e660ba72..9d63523737 100644
--- a/.github/workflows/test-js.yml
+++ b/.github/workflows/test-js.yml
@@ -37,6 +37,11 @@ jobs:
 
     steps:
       # Set the Node.js version
+      - name: Harden Runner
+        uses: step-security/harden-runner@63c24ba6bd7ba022e95695ff85de572c04a18142 # v2.7.0
+        with:
+          egress-policy: audit
+
       - name: Set up Node.js ${{ vars.NODE_VERSION }}
         uses: actions/setup-node@5e21ff4d9bc1a8cf6de233a3057d20ec6b3fb69d # v3.8.1
         with:
@@ -76,6 +81,11 @@ jobs:
 
     steps:
       # Set the Node.js version
+      - name: Harden Runner
+        uses: step-security/harden-runner@63c24ba6bd7ba022e95695ff85de572c04a18142 # v2.7.0
+        with:
+          egress-policy: audit
+
       - name: Set up Node.js ${{ vars.NODE_VERSION }}
         uses: actions/setup-node@5e21ff4d9bc1a8cf6de233a3057d20ec6b3fb69d # v3.8.1
         with:
diff --git a/.github/workflows/test-native-tooling-packaging.yml b/.github/workflows/test-native-tooling-packaging.yml
index a109100ffb..db242cee0c 100644
--- a/.github/workflows/test-native-tooling-packaging.yml
+++ b/.github/workflows/test-native-tooling-packaging.yml
@@ -45,6 +45,11 @@ jobs:
     runs-on: ${{ matrix.os }}
 
     steps:
+    - name: Harden Runner
+      uses: step-security/harden-runner@63c24ba6bd7ba022e95695ff85de572c04a18142 # v2.7.0
+      with:
+        egress-policy: audit
+
     - name: Install Go
       uses: actions/setup-go@93397bea11091df50f3d7e59dc26a7711a8bcfbe # v4.1.0
       with:
diff --git a/.github/workflows/test-packaging.yml b/.github/workflows/test-packaging.yml
index bdf5940aab..113f3c33ce 100644
--- a/.github/workflows/test-packaging.yml
+++ b/.github/workflows/test-packaging.yml
@@ -51,6 +51,11 @@ jobs:
     # Docker needs to be installed manually on macOS.
     # From https://github.com/docker/for-mac/issues/2359#issuecomment-943131345
     # FIXME: lock Docker version to 4.10.0 as newer versions fail to initialize
+    - name: Harden Runner
+      uses: step-security/harden-runner@63c24ba6bd7ba022e95695ff85de572c04a18142 # v2.7.0
+      with:
+        egress-policy: audit
+
     - name: Install Docker
       timeout-minutes: 20
       if: matrix.os == 'macos-latest'
diff --git a/.github/workflows/test-puppet.yml b/.github/workflows/test-puppet.yml
index 82531fc272..f537913a52 100644
--- a/.github/workflows/test-puppet.yml
+++ b/.github/workflows/test-puppet.yml
@@ -28,6 +28,11 @@ jobs:
   test-puppet:
     runs-on: macos-latest
     steps:
+    - name: Harden Runner
+      uses: step-security/harden-runner@63c24ba6bd7ba022e95695ff85de572c04a18142 # v2.7.0
+      with:
+        egress-policy: audit
+
     - name: Install Puppet Development Kit
       run: brew install --cask puppetlabs/puppet/pdk 
 
diff --git a/.github/workflows/test-vulnerability-dashboard-changes.yml b/.github/workflows/test-vulnerability-dashboard-changes.yml
index 6c7cf2e2a9..d2c5cb45fc 100644
--- a/.github/workflows/test-vulnerability-dashboard-changes.yml
+++ b/.github/workflows/test-vulnerability-dashboard-changes.yml
@@ -23,6 +23,11 @@ jobs:
         node-version: [16.x]
 
     steps:
+    - name: Harden Runner
+      uses: step-security/harden-runner@63c24ba6bd7ba022e95695ff85de572c04a18142 # v2.7.0
+      with:
+        egress-policy: audit
+
     - uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3
 
     # Set the Node.js version
diff --git a/.github/workflows/test-website.yml b/.github/workflows/test-website.yml
index a9fd54ef31..3045c9d4a7 100644
--- a/.github/workflows/test-website.yml
+++ b/.github/workflows/test-website.yml
@@ -32,6 +32,11 @@ jobs:
         node-version: [16.x]
 
     steps:
+      - name: Harden Runner
+        uses: step-security/harden-runner@63c24ba6bd7ba022e95695ff85de572c04a18142 # v2.7.0
+        with:
+          egress-policy: audit
+
       - uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3
 
       # Set the Node.js version
diff --git a/.github/workflows/test-yml-specs.yml b/.github/workflows/test-yml-specs.yml
index d4e0ed7db0..75e46d6af0 100644
--- a/.github/workflows/test-yml-specs.yml
+++ b/.github/workflows/test-yml-specs.yml
@@ -37,6 +37,11 @@ jobs:
     runs-on: ${{ matrix.os }}
 
     steps:
+    - name: Harden Runner
+      uses: step-security/harden-runner@63c24ba6bd7ba022e95695ff85de572c04a18142 # v2.7.0
+      with:
+        egress-policy: audit
+
     - name: Install Go
       uses: actions/setup-go@93397bea11091df50f3d7e59dc26a7711a8bcfbe # v4.1.0
       with:
diff --git a/.github/workflows/tfvalidate.yml b/.github/workflows/tfvalidate.yml
index 05da7c6e6e..6513377a08 100644
--- a/.github/workflows/tfvalidate.yml
+++ b/.github/workflows/tfvalidate.yml
@@ -30,6 +30,11 @@ jobs:
     runs-on: ubuntu-latest
 
     steps:
+      - name: Harden Runner
+        uses: step-security/harden-runner@63c24ba6bd7ba022e95695ff85de572c04a18142 # v2.7.0
+        with:
+          egress-policy: audit
+
       - name: Clone repo
         uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3
 
diff --git a/.github/workflows/trivy-scan.yml b/.github/workflows/trivy-scan.yml
index 0d362fe9b4..9e0686c46b 100644
--- a/.github/workflows/trivy-scan.yml
+++ b/.github/workflows/trivy-scan.yml
@@ -34,6 +34,11 @@ jobs:
     runs-on: ubuntu-latest
 
     steps:
+      - name: Harden Runner
+        uses: step-security/harden-runner@63c24ba6bd7ba022e95695ff85de572c04a18142 # v2.7.0
+        with:
+          egress-policy: audit
+
       - name: Checkout code
         uses: actions/checkout@ac593985615ec2ede58e132d2e21d2b1cbd6127c # v3.3.0
 
diff --git a/.github/workflows/update-certs.yml b/.github/workflows/update-certs.yml
index 1aa054f68a..c5227657f3 100644
--- a/.github/workflows/update-certs.yml
+++ b/.github/workflows/update-certs.yml
@@ -25,6 +25,11 @@ jobs:
       pull-requests: write  # for peter-evans/create-pull-request to create a PR
     runs-on: ubuntu-latest
     steps:
+    - name: Harden Runner
+      uses: step-security/harden-runner@63c24ba6bd7ba022e95695ff85de572c04a18142 # v2.7.0
+      with:
+        egress-policy: audit
+
     - name: Checkout code
       uses: actions/checkout@2541b1294d2704b0964813337f33b291d3f8596b # v.24.0
 

From 80335d88d14ce70b5fe43a7fa441e039df04a8b2 Mon Sep 17 00:00:00 2001
From: StepSecurity Bot <bot@stepsecurity.io>
Date: Fri, 22 Mar 2024 14:19:11 -0700
Subject: [PATCH 50/54] [StepSecurity] Apply security best practices (#17811)

---
 .github/workflows/dependency-review.yml | 27 +++++++++++++++++++
 .pre-commit-config.yaml                 | 35 +++++++++++++++++++++++++
 ee/vulnerability-dashboard/Dockerfile   |  2 +-
 infrastructure/kubequery/Dockerfile     |  4 +--
 server/mdm/scep/Dockerfile              |  2 +-
 tools/tuf/test/Dockerfile               |  2 +-
 6 files changed, 67 insertions(+), 5 deletions(-)
 create mode 100644 .github/workflows/dependency-review.yml
 create mode 100644 .pre-commit-config.yaml

diff --git a/.github/workflows/dependency-review.yml b/.github/workflows/dependency-review.yml
new file mode 100644
index 0000000000..3f3456223b
--- /dev/null
+++ b/.github/workflows/dependency-review.yml
@@ -0,0 +1,27 @@
+# Dependency Review Action
+#
+# This Action will scan dependency manifest files that change as part of a Pull Request,
+# surfacing known-vulnerable versions of the packages declared or updated in the PR.
+# Once installed, if the workflow run is marked as required,
+# PRs introducing known-vulnerable packages will be blocked from merging.
+#
+# Source repository: https://github.com/actions/dependency-review-action
+name: 'Dependency Review'
+on: [pull_request]
+
+permissions:
+  contents: read
+
+jobs:
+  dependency-review:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Harden Runner
+        uses: step-security/harden-runner@63c24ba6bd7ba022e95695ff85de572c04a18142 # v2.7.0
+        with:
+          egress-policy: audit
+
+      - name: 'Checkout Repository'
+        uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3.6.0
+      - name: 'Dependency Review'
+        uses: actions/dependency-review-action@0efb1d1d84fc9633afcdaad14c485cbbc90ef46c # v2.5.1
diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml
new file mode 100644
index 0000000000..aee9602607
--- /dev/null
+++ b/.pre-commit-config.yaml
@@ -0,0 +1,35 @@
+repos:
+- repo: https://github.com/digitalpulp/pre-commit-php
+  rev: 1.4.0
+  hooks:
+  - id: php-lint-all
+- repo: https://github.com/gitleaks/gitleaks
+  rev: v8.16.3
+  hooks:
+  - id: gitleaks
+- repo: https://github.com/golangci/golangci-lint
+  rev: v1.52.2
+  hooks:
+  - id: golangci-lint
+- repo: https://github.com/jumanjihouse/pre-commit-hooks
+  rev: 3.0.0
+  hooks:
+  - id: RuboCop
+  - id: shellcheck
+- repo: https://github.com/pocc/pre-commit-hooks
+  rev: v1.3.5
+  hooks:
+  - id: cpplint
+- repo: https://github.com/pre-commit/mirrors-eslint
+  rev: v8.38.0
+  hooks:
+  - id: eslint
+- repo: https://github.com/pre-commit/pre-commit-hooks
+  rev: v4.4.0
+  hooks:
+  - id: end-of-file-fixer
+  - id: trailing-whitespace
+- repo: https://github.com/pylint-dev/pylint
+  rev: v2.17.2
+  hooks:
+  - id: pylint
diff --git a/ee/vulnerability-dashboard/Dockerfile b/ee/vulnerability-dashboard/Dockerfile
index 84a2056fda..0d96a8a8ff 100644
--- a/ee/vulnerability-dashboard/Dockerfile
+++ b/ee/vulnerability-dashboard/Dockerfile
@@ -1,5 +1,5 @@
 # Use the official Node.js 14 image as a base
-FROM node:20
+FROM node:20@sha256:e06aae17c40c7a6b5296ca6f942a02e6737ae61bbbf3e2158624bb0f887991b5
 
 # Set the working directory in the container
 WORKDIR /usr/src/app
diff --git a/infrastructure/kubequery/Dockerfile b/infrastructure/kubequery/Dockerfile
index a3088c1a3e..5480212ad9 100644
--- a/infrastructure/kubequery/Dockerfile
+++ b/infrastructure/kubequery/Dockerfile
@@ -5,7 +5,7 @@
 #
 # SPDX-License-Identifier: (Apache-2.0 OR GPL-2.0-only)
 
-FROM ubuntu:20.04 AS builder
+FROM ubuntu:20.04@sha256:80ef4a44043dec4490506e6cc4289eeda2d106a70148b74b5ae91ee670e9c35d AS builder
 
 ARG BASEQUERY_VERSION=5.0.2
 
@@ -15,7 +15,7 @@ RUN dpkg -i /tmp/basequery.deb
 
 # =====
 
-FROM uptycs/busybox:v1.33.0
+FROM uptycs/busybox:v1.33.0@sha256:6a312f5959d374420eedce83f42d2ad19a027bd4e448ed734372bc1a07ad8b10
 
 ARG BASEQUERY_VERSION
 ARG KUBEQUERY_VERSION
diff --git a/server/mdm/scep/Dockerfile b/server/mdm/scep/Dockerfile
index c34882b76b..89e0abca6d 100644
--- a/server/mdm/scep/Dockerfile
+++ b/server/mdm/scep/Dockerfile
@@ -1,4 +1,4 @@
-FROM alpine:3
+FROM alpine:3@sha256:c5b1261d6d3e43071626931fc004f70149baeba2c8ec672bd4f27761f8e1ad6b
 
 COPY ./scepclient-linux-amd64 /usr/bin/scepclient
 COPY ./scepserver-linux-amd64 /usr/bin/scepserver
diff --git a/tools/tuf/test/Dockerfile b/tools/tuf/test/Dockerfile
index eef0bfc90f..d83db1c41a 100644
--- a/tools/tuf/test/Dockerfile
+++ b/tools/tuf/test/Dockerfile
@@ -1,4 +1,4 @@
-FROM debian:bookworm-slim
+FROM debian:bookworm-slim@sha256:ccb33c3ac5b02588fc1d9e4fc09b952e433d0c54d8618d0ee1afadf1f3cf2455
 
 WORKDIR /usr/src/app
 

From 6ae3880704cd715e30dcdfe0e18519dea33e95ca Mon Sep 17 00:00:00 2001
From: Eric <eashaw@sailsjs.com>
Date: Fri, 22 Mar 2024 18:15:01 -0500
Subject: [PATCH 51/54] Website: Update build script to exclude folders with an
 underscore prefix & rename docs/Deploy/kubernetes/ (#17817)
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Closes: #17582

Changes:
- Updated the `build-static-content` script to not generate HTML pages
for files in subfolders that are prefixed with an underscore
- Renamed the `docs/Deploy/kubernetes` folder »
`docs/Deploy/_kubernetes`
- Documented this new behavior on the communications page of the
handbook.
- Updated commands on the Deploy Fleet on Kubernetes page.

---------

Co-authored-by: Mike McNeil <mikermcneil@users.noreply.github.com>
---
 CODEOWNERS                                           |  2 +-
 docs/Deploy/Deploy-Fleet-on-Kubernetes.md            | 12 ++++++------
 docs/Deploy/{kubernetes => _kubernetes}/README.md    |  0
 .../{kubernetes => _kubernetes}/fleet-deployment.yml |  0
 .../{kubernetes => _kubernetes}/fleet-migrations.yml |  0
 .../{kubernetes => _kubernetes}/fleet-service.yml    |  0
 handbook/company/communications.md                   |  2 ++
 website/scripts/build-static-content.js              |  4 ++++
 8 files changed, 13 insertions(+), 7 deletions(-)
 rename docs/Deploy/{kubernetes => _kubernetes}/README.md (100%)
 rename docs/Deploy/{kubernetes => _kubernetes}/fleet-deployment.yml (100%)
 rename docs/Deploy/{kubernetes => _kubernetes}/fleet-migrations.yml (100%)
 rename docs/Deploy/{kubernetes => _kubernetes}/fleet-service.yml (100%)

diff --git a/CODEOWNERS b/CODEOWNERS
index a44b1a2d2a..6813739818 100644
--- a/CODEOWNERS
+++ b/CODEOWNERS
@@ -68,7 +68,7 @@ go.mod @fleetdm/go
 /docs/Using-Fleet/REST-API.md                   @rachaelshaw # « REST API reference documentation
 /docs/Contributing/API-for-contributors.md      @rachaelshaw # « Advanced / contributors-only API reference documentation
 /schema                                         @eashaw # « Data tables (osquery/fleetd schema) documentation
-/docs/Deploy/kubernetes/ @dherder # « Kubernetes best practice
+/docs/Deploy/_kubernetes/ @dherder # « Kubernetes best practice
 ##############################################################################################
 # 🫧 Pricing and features
 #
diff --git a/docs/Deploy/Deploy-Fleet-on-Kubernetes.md b/docs/Deploy/Deploy-Fleet-on-Kubernetes.md
index 2d35599853..c5318ccb22 100644
--- a/docs/Deploy/Deploy-Fleet-on-Kubernetes.md
+++ b/docs/Deploy/Deploy-Fleet-on-Kubernetes.md
@@ -8,7 +8,7 @@ There are 2 primary ways to deploy the Fleet server to a Kubernetes cluster. The
 
 We will assume you have `kubectl` and MySQL and Redis are all set up and running. Optionally you have minikube to test your deployment locally on your machine.
 
-To deploy the Fleet server and connect to its dependencies (MySQL and Redis), we will use [Fleet's best practice `fleet-deployment.yml` file](https://github.com/fleetdm/fleet/blob/main/docs/Deploy/kubernetes/fleet-deployment.yml).
+To deploy the Fleet server and connect to its dependencies (MySQL and Redis), we will use [Fleet's best practice `fleet-deployment.yml` file](https://github.com/fleetdm/fleet/blob/main/docs/Deploy/_kubernetes/fleet-deployment.yml).
 
 Let's tell Kubernetes to create the cluster by running the below command.
 
@@ -83,14 +83,14 @@ Note: this step is not neccessary when using the Fleet Helm Chart as it handles
 The last step is to run the Fleet database migrations on your new MySQL server. To do this, run the following:
 
 ```sh
-kubectl create -f ./docs/Deploy/kubernetes/fleet-migrations.yml
+kubectl create -f ./docs/Deploy/_kubernetes/fleet-migrations.yml
 ```
 
 In Kubernetes, you can only run a job once. If you'd like to run it again (i.e.: you'd like to run the migrations again using the same file), you must delete the job before re-creating it. To delete the job and re-run it, you can run the following commands:
 
 ```sh
-kubectl delete -f ./docs/Deploy/kubernetes/fleet-migrations.yml
-kubectl create -f ./docs/Deploy/kubernetes/fleet-migrations.yml
+kubectl delete -f ./docs/Deploy/_kubernetes/fleet-migrations.yml
+kubectl create -f ./docs/Deploy/_kubernetes/fleet-migrations.yml
 ```
 
 #### Redis
@@ -158,7 +158,7 @@ kubectl create secret tls fleet-tls --key=./tls.key --cert=./tls.crt
 First we must deploy the instances of the Fleet webserver. The Fleet webserver is described using a Kubernetes deployment object. To create this deployment, run the following:
 
 ```sh
-kubectl apply -f ./docs/Deploy/fleet-deployment.yml
+kubectl apply -f ./docs/Deploy/_kubernetes/fleet-deployment.yml
 ```
 
 You should be able to get an instance of the webserver running via `kubectl get pods` and you should see the following logs:
@@ -174,7 +174,7 @@ ts=2017-11-16T02:48:38.441148166Z transport=https address=0.0.0.0:443 msg=listen
 Now that the Fleet server is running on our cluster, we have to expose the Fleet webservers to the internet via a load balancer. To create a Kubernetes `Service` of type `LoadBalancer`, run the following:
 
 ```sh
-kubectl apply -f ./docs/Deploy/fleet-service.yml
+kubectl apply -f ./docs/Deploy/_kubernetes/fleet-service.yml
 ```
 
 #### Configure DNS
diff --git a/docs/Deploy/kubernetes/README.md b/docs/Deploy/_kubernetes/README.md
similarity index 100%
rename from docs/Deploy/kubernetes/README.md
rename to docs/Deploy/_kubernetes/README.md
diff --git a/docs/Deploy/kubernetes/fleet-deployment.yml b/docs/Deploy/_kubernetes/fleet-deployment.yml
similarity index 100%
rename from docs/Deploy/kubernetes/fleet-deployment.yml
rename to docs/Deploy/_kubernetes/fleet-deployment.yml
diff --git a/docs/Deploy/kubernetes/fleet-migrations.yml b/docs/Deploy/_kubernetes/fleet-migrations.yml
similarity index 100%
rename from docs/Deploy/kubernetes/fleet-migrations.yml
rename to docs/Deploy/_kubernetes/fleet-migrations.yml
diff --git a/docs/Deploy/kubernetes/fleet-service.yml b/docs/Deploy/_kubernetes/fleet-service.yml
similarity index 100%
rename from docs/Deploy/kubernetes/fleet-service.yml
rename to docs/Deploy/_kubernetes/fleet-service.yml
diff --git a/handbook/company/communications.md b/handbook/company/communications.md
index 86b100c5bc..bc96271f7f 100644
--- a/handbook/company/communications.md
+++ b/handbook/company/communications.md
@@ -296,6 +296,8 @@ Our handbook and docs pages are written in Markdown and are editable from our we
 6. GitHub will run a series of automated checks and notify the reviewer. At this point, you are done and can safely close the browser page at any time.
 8. Check the “Files changed” section on the Open a pull request page to double-check your proposed changes.
 
+> Note: Pages in the `./docs/Contributing/` folder and folders with a underscore prefix (e.g., `./docs/Deploy/_kubernetes/`) are not included in the documentation on the Fleet website.
+
 ### Merging changes
 When merging a PR to the master branch of the [Fleet repo](https://github.com/fleetdm/fleet), remember that whatever you merge gets deployed live immediately. Ensure that the appropriate quality checks have been completed before merging. [Learn about the website QA process](#quality).
 
diff --git a/website/scripts/build-static-content.js b/website/scripts/build-static-content.js
index 4e039ab4fd..67060ea9ac 100644
--- a/website/scripts/build-static-content.js
+++ b/website/scripts/build-static-content.js
@@ -207,6 +207,10 @@ module.exports = {
             if(sectionRepoPath === 'docs/' && _.startsWith(pageUnextensionedUnwhitespacedLowercasedRelPath, 'contributing/')){
               continue;
             }
+            // Skip pages in folders starting with an underscore character.
+            if(sectionRepoPath === 'docs/' &&  _.startsWith(pageRelSourcePath.split(/\//).slice(-2)[0], '_')){
+              continue;
+            }
             let RX_README_FILENAME = /\/?readme\.?m?d?$/i;// « for matching `readme` or `readme.md` (case-insensitive) at the end of a file path
 
             // Determine this page's default (fallback) display title.

From 776ea4d7fd86ecb57e7cf9505297b9c575380120 Mon Sep 17 00:00:00 2001
From: Eric <eashaw@sailsjs.com>
Date: Fri, 22 Mar 2024 19:36:06 -0500
Subject: [PATCH 52/54] Website: Update order of columns on osquery schema
 table pages. (#17818)

Related to: #17727
Changes:
- Updated the `build-static-content` script to sort the columns of
tables alphabetically by the name of the column when the pages for
fleetdm.com/tables are generated.
---
 website/scripts/build-static-content.js | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/website/scripts/build-static-content.js b/website/scripts/build-static-content.js
index 67060ea9ac..02f437763d 100644
--- a/website/scripts/build-static-content.js
+++ b/website/scripts/build-static-content.js
@@ -704,7 +704,7 @@ module.exports = {
             }
 
             // Iterate through the columns of the table, we'll add a row to the markdown table element for each column in this schema table
-            for(let column of table.columns) {
+            for(let column of _.sortBy(table.columns, 'name')) {
               if(!column.hidden) { // If the column is hidden, we won't add it to the final table.
                 // Create an object for this column to add to the osqueryTables config.
                 let columnInfoForQueryReports = {

From 6145877c491bc947d0655bf0f122297b843c9e1c Mon Sep 17 00:00:00 2001
From: Eric <eashaw@sailsjs.com>
Date: Sat, 23 Mar 2024 11:56:27 -0500
Subject: [PATCH 53/54] Website: Update logo carousel animation (#17820)

Closes: #17823

Changes:
- Updated the animation of the logo carousel on the homepage.
---
 website/assets/styles/pages/homepage.less | 21 +++++++++++----------
 website/views/pages/homepage.ejs          | 23 +++++++++++++++++++++--
 2 files changed, 32 insertions(+), 12 deletions(-)

diff --git a/website/assets/styles/pages/homepage.less b/website/assets/styles/pages/homepage.less
index 79445817c7..80fbb8029d 100644
--- a/website/assets/styles/pages/homepage.less
+++ b/website/assets/styles/pages/homepage.less
@@ -82,7 +82,8 @@
     position: relative;
     width: 100%;
     overflow: hidden;
-    div {
+
+    [purpose='logo-row'] {
       white-space: nowrap;
       animation: scroll-horizontal 80s linear infinite;
     }
@@ -110,7 +111,14 @@
       background: linear-gradient(90deg, rgba(255, 255, 255, 0.00) 0%, #FFF 100%);
     }
   }
-
+  @keyframes scroll-horizontal {
+    0% {
+      transform: translateX(-25%);
+    }
+    100% {
+      transform: translateX(-125%);
+    }
+  }
 
   [purpose='homepage-content'] {
     max-width: 1200px;
@@ -1428,13 +1436,6 @@
   }
 
 
-  @keyframes scroll-horizontal {
-    0% {
-      transform: translateX(50%);
-    }
-    100% {
-      transform: translateX(-50%);
-    }
-  }
+
 
 }
diff --git a/website/views/pages/homepage.ejs b/website/views/pages/homepage.ejs
index 20b048c4f9..91db1122b6 100644
--- a/website/views/pages/homepage.ejs
+++ b/website/views/pages/homepage.ejs
@@ -22,7 +22,7 @@
   <div purpose="hero-logos" class="mx-auto d-flex flex-row align-items-center justify-content-center">
 
     <div purpose="logo-carousel">
-      <div class="d-flex flex-row align-items-center">
+      <div purpose="logo-row" class="d-flex flex-row align-items-center">
         <img alt="Notion logo" src="/images/logo-notion-68x32@2x.png">
         <img alt="Pinterest logo" src="/images/logo-pinterest-98x32@2x.png">
         <img alt="Gusto logo" src="/images/logo-gusto-64x32@2x.png">
@@ -41,7 +41,26 @@
 
         <img alt="Reddit logo" src="/images/logo-reddit-80x32@2x.png">
       </div>
-      <div class="d-flex flex-row align-items-center">
+      <div purpose="logo-row" class="d-flex flex-row align-items-center">
+        <img alt="Notion logo" src="/images/logo-notion-68x32@2x.png">
+        <img alt="Pinterest logo" src="/images/logo-pinterest-98x32@2x.png">
+        <img alt="Gusto logo" src="/images/logo-gusto-64x32@2x.png">
+        <img alt="Epic Games logo" style="height: 32px" src="/images/logo-epic-games-28x32@2x.png">
+        <img alt="Rivian logo" src="/images/logo-rivian-120x32@2x.png">
+        <img alt="Deloitte logo" src="/images/logo-deloitte-97x32@2x.png">
+        <img alt="Flywire logo" src="/images/logo-flywire-69x32@2x.png">
+        <img alt="Snowflake logo" src="/images/logo-snowflake-101x32@2x.png">
+        <img alt="Uber logo" src="/images/logo-uber-65x32@2x.png">
+        <img alt="Atlassian logo" src="/images/logo-atlassian-140x32@2x.png">
+        <img alt="Toast logo" src="/images/logo-toast-91x32@2x.png">
+
+        <img alt="Fastly logo" src="/images/logo-fastly-60x32@2x.png">
+        <img alt="Hashicorp logo" src="/images/logo-hashicorp-103x32@2x.png">
+        <img alt="Dropbox logo" src="/images/logo-dropbox-122x32@2x.png">
+
+        <img alt="Reddit logo" src="/images/logo-reddit-80x32@2x.png">
+      </div>
+      <div purpose="logo-row" class="d-flex flex-row align-items-center">
         <img alt="Notion logo" src="/images/logo-notion-68x32@2x.png">
         <img alt="Pinterest logo" src="/images/logo-pinterest-98x32@2x.png">
         <img alt="Gusto logo" src="/images/logo-gusto-64x32@2x.png">

From 04d4cbd647829e3c095afa47b6987da4064c3e41 Mon Sep 17 00:00:00 2001
From: Sam Pfluger <108141731+Sampfluger88@users.noreply.github.com>
Date: Sat, 23 Mar 2024 15:39:46 -0500
Subject: [PATCH 54/54] Add "Archive a document" responsibility (#17824)

---
 handbook/digital-experience/README.md | 44 ++++++++++++---------------
 1 file changed, 19 insertions(+), 25 deletions(-)

diff --git a/handbook/digital-experience/README.md b/handbook/digital-experience/README.md
index de58d211fd..e8d0626b78 100644
--- a/handbook/digital-experience/README.md
+++ b/handbook/digital-experience/README.md
@@ -185,6 +185,18 @@ Fleet's public relations firm is directly responsible for the accuracy of event
 2. Update the workbook with the latest location, dates, and CFP deadlines from the website.
 
 
+### Archive a document
+Follow these steps to archive any document:
+1. Create a copy of the document prefixed with the date using the format "`YYYY-MM-DD` Backup of `DOCUMENT_NAME`" (e.g. "2024-03-22 Backup of 🪂🗞️ Customer voice").
+2. Be sure to "Share it with the same people", "Copy comments and suggestions", and "Include resolved comments and suggestions" as shown below.
+
+<img width="455" alt="Screenshot 2024-03-23 at 12 14 00 PM" src="https://github.com/fleetdm/fleet/assets/108141731/1c773069-11a7-4ef4-ab43-8f7c626e4b10">
+
+3. Save this backup copy to the same location in Google Drive where the original is found.
+4. Link to the backup copy at the top of the original document. Be sure to use the full URL, no abbreviated pill links (e.g. "Notes from last time: URL_OF_MOST_RECENT_BACKUP_DOCUMENT").
+5. Delete all non-structural content from the original document, including past meeting notes and current answers to "evergreen" questions.
+
+
 ### Schedule CEO interview
 From time to time, you will need to schedule an interview between a candidate and the CEO:
 1. [Make a copy of the "¶¶ CEO interview template"](https://docs.google.com/document/d/1yARlH6iZY-cP9cQbmL3z6TbMy-Ii7lO64RbuolpWQzI/copy) (private Google doc)
@@ -382,34 +394,16 @@ You can also grab a copy of the [original slides](https://fleetdm.com/handbook/c
 
 ### Process and backup Sid agenda
 Every two weeks, our CEO Mike has a meeting with Sid Sijbrandij. The CEO uses dedicated (blocked, recurring) time to prepare for this meeting earlier in the week.
-
-30 minutes After each meeting (to allow all parties to collect action items), the Apprentice makes a copy of the "💻 Sid : Mike(Fleet)" doc and renames it "YYYY-MM-DD Backup of 💻 Sid : Mike(Fleet)". Then moves the backup version into the [(¶¶) Sid archive](https://drive.google.com/drive/folders/1izVfIBt2nr4APlkm36E6DJg1k1PDjmae)
-
-Then process the backup Sid agenda by:
-- Leaving google doc comments assigning all Fleet TODOs to correct Fleeties.
-- In the ¶¶¶¶🦿🌪️CEO Roundup doc, update the URL in `Sam: FYI: Agenda from last time:` [LINK](link).
-
-**Being sure to preserve agenda format**, process the 💻 Sid : Mike(Fleet) master doc by:
-- (Unless otherwise prefixed) Delete all agenda items, **being sure to leave 3 empty bullets in every section**.
+1. 30 minutes After each meeting [archive the "💻 Sid : Mike(Fleet)" agenda](https://fleetdm.com/handbook/digital-experience#archive-a-document), moving it to the [(¶¶) Sid archive](https://drive.google.com/drive/folders/1izVfIBt2nr4APlkm36E6DJg1k1PDjmae) folder in Google Drive.
+2. **In the backup copy**, leave Google Doc comments assigning all Fleet TODOs to the correct DRI.   
+3. In the ¶¶¶¶🦿🌪️CEO Roundup doc, update the URL in `Sam: FYI: Agenda from last time:` [LINK](link).
 
 
 ### Process and backup E-group agenda 
-Immediately after every e-group the Apprentice makes a copy of the E-group agenda doc and renames it "YYYY-MM-DD backup of E-group agenda". Then saves it to the [(¶¶) E-group archive](https://drive.google.com/drive/u/0/folders/1IsSGMgbt4pDcP8gSnLj8Z8NGY7_6UTt6).
-
-Then process the backup E-group agenda by:  
-- Leaving google doc comments assigning all TODOs to correct individuals.  
-- In the E-group master doc, update the URL in `Sam: FYI: Agenda from last time:` [LINK](link).
-
-**Being sure to preserve agenda format**, process the E-group master doc by:  
-- Clearing all bullets from the "Mike: Hear from each department" section.
-  - Delete the "Blockers" and "Last week" bullets from each department's section.
-  - Move contents from "This week" to "Last week".
-- (Unless otherwise prefixed) Delete all agenda items from the "Mike: This weeks focus" section. 
-- (Unless otherwise prefixed) Delete all agenda items from the "Today's other topics" section. 
-
-If it's the day of an All hands:
-  - Remove any spotlights that aren't a permanent staple (e.g. Mike: Every time: Pick a value, present on it.). 
-
+Follow these steps to process and backup the E-group agenda: 
+1. [Archive the E-group agenda](https://fleetdm.com/handbook/digital-experience#archive-a-document) after each meeting, moving it to the ["¶¶ E-group archive"](https://drive.google.com/drive/u/0/folders/1IsSGMgbt4pDcP8gSnLj8Z8NGY7_6UTt6) folder in Google Drive.
+2. **In the backup copy**, leave Google Doc comments assigning all TODOs to the correct DRI.  
+3. If the "All hands" meeting has happened today
 
 ### Check LinkedIn for unread messages 
 Once a day the Apprentice will confirm check LinkedIn for unread messages.