Fix egregious indentation issues

agent/agent-mutual-tls-termination.mdx

@@ -64,13 +64,13 @@ Using the CA certificate generated in the previous step, you can specify the `mu
 
 ```yaml policy.yml
 on_tcp_connect:
-  -     actions:
-      -         type: terminate-tls
+  - actions:
+      - type: terminate-tls
         config:
           mutual_tls_certificate_authorities:
             - -----BEGIN CERTIFICATE-----
-... certificate ...
------END CERTIFICATE-----
+	... certificate ...
+	-----END CERTIFICATE-----
 ```
 
 ```json policy.json

getting-started/_secure-your-app.mdx

@@ -86,17 +86,17 @@ First, create a new file called `traffic-policy.yml` in the root of your project
 
 ```yaml policy.yml
 on_http_request:
-  -     name: OAuth
+  - name: OAuth
     actions:
-      -         type: oauth
+      - type: oauth
         config:
           auth_id: oauth
           provider: google
-  -     name: bad email
+  - name: bad email
     expressions:
       - actions.ngrok.oauth.identity.email != '[email protected]'
     actions:
-      -         type: custom-response
+      - type: custom-response
         config:
           body: Hey, no auth for you ${actions.ngrok.oauth.identity.name}!
           status_code: 400

package.json

@@ -6,8 +6,6 @@
   "scripts": {
     "build": "mint build",
     "dev": "mint dev --port 3333",
-    "fmt:check": "biome check . --diagnostic-level=error && prettier --check .",
-    "fmt": "biome check . --write --diagnostic-level=error --organize-imports-enabled=true && prettier --write .",
     "verify-redirects": "node snippets/custom-scripts/check-redirect-conflicts.js",
     "test-links": "mint broken-links"
   },

traffic-policy/examples/a-b-tests.mdx

@@ -19,16 +19,16 @@ This rule:
 
 ```yaml policy.yml
 on_http_request:
-  -     expressions:
+  - expressions:
       - rand.double() <= 0.5
     actions:
-      -         type: forward-internal
+      - type: forward-internal
         config:
           url: https://a.internal
-  -     actions:
-      -         type: forward-internal
-        config:
-          url: https://b.internal
+  - actions:
+		- type: forward-internal
+			config:
+				url: https://b.internal
 ```
 
 ```json policy.json
@@ -77,15 +77,15 @@ You can also send the traffic to a different route using url rewrites.
 
 ```yaml policy.yml
 on_http_request:
-  -     expressions:
+  - expressions:
       - rand.double() <= 0.5
     actions:
-      -         type: url-rewrite
+      - type: url-rewrite
         config:
           from: /path/to/test
           to: /path/to/test-b
-  -     actions:
-      -         type: forward-internal
+  - actions:
+      - type: forward-internal
         config:
           url: https://b.internal
 ```

traffic-policy/examples/add-and-remove-headers.mdx

@@ -16,8 +16,8 @@ This rule adds multiple headers to the request, including the client's IP addres
 
 ```yaml policy.yml
 on_http_request:
-  -     actions:
-      -         type: add-headers
+  - actions:
+      - type: add-headers
         config:
           headers:
             x-is-ngrok: 1
@@ -66,8 +66,8 @@ This rule removes the `X-Powered-By` header.
 
 ```yaml policy.yml
 on_http_request:
-  -     actions:
-      -         type: remove-headers
+  - actions:
+      - type: remove-headers
         config:
           headers:
             - X-Powered-By

traffic-policy/examples/add-authentication.mdx

@@ -14,27 +14,27 @@ This rule adds key-based rate limiting to your endpoints based on your consumers
 on_http_request:
   - name: Add JWT authentication and rate limiting
     actions:
-      - type: rate-limit
+  - type: rate-limit
         config:
-          name: Only allow 30 requests per minute
+		      name: Only allow 30 requests per minute
           algorithm: sliding_window
           capacity: 30
           rate: 60s
           bucket_key:
             - req.headers['x-api-key']
-      -         type: jwt-validation
+      - type: jwt-validation
         config:
-          issuer:
+    		  issuer:
             allow_list:
               - value: https://<YOUR-AUTH-PROVIDER>
           audience:
             allow_list:
               - value: <YOUR-NGROK-DOMAIN>
           http:
-            tokens:
+            tokens: 
               - type: jwt
                 method: header
-                name: Authorization
+              name: Authorization
                 prefix: Bearer 
           jws:
             allowed_algorithms:
@@ -130,25 +130,25 @@ This rule grants conditional access to a page using the following ngrok [OAuth a
 on_http_request:
   - name: OAuth
     actions:
-      - type: oauth
+  - type: oauth
         config:
-          auth_id: oauth
+		      auth_id: oauth
           provider: google
-  -     name: good email
+  - name: good email
     expressions:
-      - actions.ngrok.oauth.identity.email.endsWith('@ngrok.com')
+  - actions.ngrok.oauth.identity.email.endsWith('@ngrok.com')
     actions:
       - type: custom-response
         config:
-          body: Welcome ${actions.ngrok.oauth.identity.name}!
+		      body: Welcome ${actions.ngrok.oauth.identity.name}!
           status_code: 200
-  -     name: bad email
+  - name: bad email
     expressions:
-      - !actions.ngrok.oauth.identity.email.endsWith('@ngrok.com')
+  - !actions.ngrok.oauth.identity.email.endsWith('@ngrok.com')
     actions:
       - type: custom-response
         config:
-          body: Hey, no auth for you ${actions.ngrok.oauth.identity.name}!
+    		  body: Hey, no auth for you ${actions.ngrok.oauth.identity.name}!
           status_code: 400
 ```
 
@@ -215,9 +215,9 @@ This rule uses the `actions.ngrok.oidc.identity_token` [OIDC action result varia
 on_http_request:
   - name: OIDC
     actions:
-      - type: openid-connect
-        config:
-          issuer_url: https://accounts.google.com
+  - type: openid-connect
+      config:
+      	issuer_url: https://accounts.google.com
           client_id: <your-oidc-client-id>
           client_secret: <your-oidc-client-secret>
           scopes:
@@ -226,9 +226,9 @@ on_http_request:
             - email
   - name: Headers
     actions:
-      - type: add-headers
+  - type: add-headers
         config:
-          headers:
+		      headers:
             id-token: ${actions.ngrok.oidc.identity_token}
 ```
 

traffic-policy/examples/compress-json-responses.mdx

@@ -17,9 +17,9 @@ If your upstream service already handles compression, ngrok skips this step.
 
 ```yaml policy.yml
 on_http_response:
-  -     name: Add compression
+  - name: Add compression
     actions:
-      -         type: compress-response
+      - type: compress-response
         config:
           algorithms:
             - gzip

traffic-policy/examples/enforce-tls.mdx

@@ -16,11 +16,11 @@ This rule:
 
 ```yaml policy.yml
 on_http_request:
-  -     name: Reject requests using old TLS versions
+  - name: Reject requests using old TLS versions
     expressions:
       - conn.tls.version < '1.3'
     actions:
-      -         type: custom-response
+      - type: custom-response
         config:
           status_code: 401
           body: Unauthorized: TLS version too old

traffic-policy/examples/event-logging.mdx

@@ -16,19 +16,19 @@ This rule:
 
 ```yaml policy.yml
 on_http_request:
-  -     actions:
-      -         type: custom-response
+  - actions:
+      - type: custom-response
         config:
           status_code: 503
           body: <html><body><h1>Service Unavailable</h1><p>Our servers are currently down for maintenance. Please check back later.</p></body></html>
           headers:
             content-type: text/html
 on_http_response:
-  -     name: Log unsuccessful requests
+  - name: Log unsuccessful requests
     expressions:
       - res.status_code < '200' && res.status_code >= '300'
     actions:
-      -         type: log
+      - type: log
         config:
           metadata:
             message: Unsuccessful request

traffic-policy/examples/oauth-protection.mdx

@@ -37,8 +37,8 @@ Create this traffic policy file in the same directory where you run your ngrok a
 
 ```yaml policy.yml
 on_http_request:
-  -     actions:
-      -         type: oauth
+  - actions:
+      - type: oauth
         config:
           provider: google
 ```
@@ -131,14 +131,14 @@ This section includes two examples of how to apply these additional auth lifecyc
 
 ```yaml policy.yml
 on_http_request:
-  -     expressions:
+  - expressions:
       - req.url.path == '/ngrok/logout'
     actions:
-      -         type: redirect
+      - type: redirect
         config:
           location: /ngrok/login?auth_id=my-login
-  -     actions:
-      -         type: oauth
+  - actions:
+      - type: oauth
         config:
           provider: google
           auth_id: my-login

traffic-policy/examples/rate-limit-requests.mdx

@@ -66,23 +66,23 @@ This rule creates a lower rate limit for unauthenticated (likely free) users, wh
 
 ```yaml policy.yml
 on_http_request:
-  -     expressions:
+  - expressions:
       - !('Authorization' in req.headers)
     name: Unauthorized rate limiting tier
     actions:
-      -         type: rate-limit
+      - type: rate-limit
         config:
           name: Allow 10 requests per minute
           algorithm: sliding_window
           capacity: 10
           rate: 60s
           bucket_key:
             - conn.client_ip
-  -     expressions:
+  - expressions:
       - ('Authorization' in req.headers)
     name: Authorized rate limiting tier
     actions:
-      -         type: rate-limit
+      - type: rate-limit
         config:
           name: Allow 100 requests per minute
           algorithm: sliding_window
@@ -151,47 +151,47 @@ This rule checks for a `Tier` header in the request and applies rate limiting ba
 
 ```yaml policy.yml
 on_http_request:
-  -     expressions:
+  - expressions:
       - !('Tier' in req.headers)
     name: Free rate limiting tier
     actions:
-      -         type: rate-limit
+      - type: rate-limit
         config:
           name: Allow 10 requests per minute
           algorithm: sliding_window
           capacity: 10
           rate: 60s
           bucket_key:
             - conn.client_ip
-  -     expressions:
+  - expressions:
       - getReqHeader('tier').exists(v, v.matches('(?i)bronze'))
     name: Bronze rate limiting tier
     actions:
-      -         type: rate-limit
+      - type: rate-limit
         config:
           name: Allow 100 requests per minute
           algorithm: sliding_window
           capacity: 100
           rate: 60s
           bucket_key:
             - conn.client_ip
-  -     expressions:
+  - expressions:
       - getReqHeader('tier').exists(v, v.matches('(?i)silver'))
     name: Bronze rate limiting tier
     actions:
-      -         type: rate-limit
+      - type: rate-limit
         config:
           name: Allow 1000 requests per minute
           algorithm: sliding_window
           capacity: 1000
           rate: 60s
           bucket_key:
             - conn.client_ip
-  -     expressions:
+  - expressions:
       - getReqHeader('tier').exists(v, v.matches('(?i)gold'))
     name: Gold rate limiting tier
     actions:
-      -         type: rate-limit
+      - type: rate-limit
         config:
           name: Allow 10000 requests per minute
           algorithm: sliding_window

traffic-policy/examples/route-requests.mdx

@@ -26,9 +26,9 @@ This rule forwards requests from `https://*.example.com` to `https://<SUBDOMAIN>
 
 ```yaml policy.yml
 on_http_request:
-  -     name: Route requests based on URL
+  - name: Route requests based on URL
     actions:
-      -         type: forward-internal
+      - type: forward-internal
         config:
           url: https://${req.host.split(".example.com")[0]}.internal
 ```
@@ -62,7 +62,7 @@ This rule forwards requests containing a `X-Customer-Value: {CUSTOMER}` header t
 ```yaml policy.yml
 on_http_request:
   actions:
-    -       type: forward-internal
+    - type: forward-internal
       config:
         url: https://${getReqHeader('X-Customer-Value')[0]}.internal
 ```