chore: Add # plan details (#354)

src/content/docs/blueprints/cookie-banner.mdx

@@ -17,7 +17,7 @@ interfering with the experience of everyone else.
 
 Country data is available on the <Badge text="Free" variant="caution" /> plan,
 but the region data is only available on the <Badge text="Pro" variant="note" />
-and above.
+or <Badge text="Enterprise" variant="tip" /> plans.
 
 <Aside type="caution">
   IP geolocation can be notoriously inaccurate, especially for mobile devices,

src/content/docs/blueprints/vpn-proxy-detection.mdx

@@ -14,11 +14,10 @@ to detect VPNs and proxies.
   System](<https://en.wikipedia.org/wiki/Autonomous_system_(Internet)>)
   associated with the IP, which can be used to identify VPNs and proxies. This
   can be one of `isp`, `hosting`, `business` or `education`. This field is only
-  available on <Badge text="Pro" variant="note" /> plans and above.
+  available on <Badge text="Pro" variant="note" /> and <Badge text="Enterprise" variant="tip" /> plans.
 - **IP type.** Arcjet adds one or more categories to the IP address to help you
   identify VPNs and proxies. The categories are `vpn`, `proxy`, `tor`,
-  `hosting`, `relay`. This field is available on the <Badge text="Free"
-  variant="caution" /> plan and above.
+  `hosting`, `relay`. This field is available on all # plans.
 
 ## Checking for data
 

src/content/docs/bot-protection/concepts.mdx

@@ -28,10 +28,11 @@ themselves in a consistent manner so it is straightforward to identify them, but
 those are often not the bots you wish to block! Bad bots pretend to be real
 clients and use various mechanisms to evade bot detection.
 
-The Arcjet <Badge text="Pro" variant="note" /> plan or above provides additional
-bot verification using IP analysis, which can help if you are under attack from
-bots pretending to be good bots e.g. clients pretending to be Google (who you
-usually want to allow).
+{/* prettier-ignore */}
+The Arcjet <Badge text="Pro" variant="note" /> or <Badge text="Enterprise" variant="tip" />
+plans provides additional [bot verification](/bot-protection/reference#bot-verification) using
+IP analysis, which can help if you are under attack from bots pretending to be
+good bots e.g. clients pretending to be Google (who you usually want to allow).
 
 Arcjet's bot protect works best when combined with [rate
 limiting](/rate-limiting/concepts). This allows you to block clients that are

src/content/docs/bot-protection/identifying-bots.mdx

@@ -89,10 +89,11 @@ if you need a specific category.
 For basic detection on the <Badge text="Free" variant="caution" /> plan, Arcjet
 uses the `User-Agent` header to identify specific bots.
 
-The Arcjet <Badge text="Pro" variant="note" /> plan or above provides additional
-bot verification using IP analysis, which can help if you are under attack from
-bots pretending to be good bots e.g. clients pretending to be Google (who you
-usually want to allow).
+{/* prettier-ignore */}
+The Arcjet <Badge text="Pro" variant="note" /> or <Badge text="Enterprise" variant="tip" />
+plans provides additional [bot verification](/bot-protection/reference#bot-verification) using
+IP analysis, which can help if you are under attack from bots pretending to be
+good bots e.g. clients pretending to be Google (who you usually want to allow).
 
 :::note
 Requests without `User-Agent` headers can not be identified as any particular

src/content/docs/bot-protection/reference.mdx

@@ -10,6 +10,8 @@ frameworks:
   - remix
   - sveltekit
 ajToc:
+  - text: "Plan availability"
+    anchor: "plan-availability"
   - text: "Configuration"
     anchor: "configuration"
     children:
@@ -137,6 +139,17 @@ import SvelteKitPerRouteVsHooks from "@/snippets/bot-protection/reference/svelte
 
 Arcjet bot detection allows you to manage traffic by automated clients and bots.
 
+## Plan availability
+
+Arcjet bot detection functionality depends on your [#
+plan](https://arcjet.com/#).
+
+| Plan                                      | Bot protection                                                                 |
+| ----------------------------------------- | ------------------------------------------------------------------------------ |
+| <Badge text="Free" variant="caution" />   | Basic - user agent + IP type analysis                                          |
+| <Badge text="Pro" variant="note" />       | Advanced - IP reputation, [verification](#bot-verification), and other signals |
+| <Badge text="Enterprise" variant="tip" /> | Custom                                                                         |
+
 ## Configuration
 
 Bot detection is configured by allowing or denying a subset of bots. The `allow`
@@ -342,9 +355,9 @@ their "advertising quality" bot.
 ## Bot verification
 
 Requests analyzed by Arcjet for users on the <Badge text="Pro" variant="note" />
-plan or above automatically get additional bot verification. Behind the scenes,
-Arcjet will verify the authenticity of requests from known bots using IP data
-and reverse DNS queries.
+or <Badge text="Enterprise" variant="tip" /> plans automatically get additional
+bot verification. Behind the scenes, Arcjet will verify the authenticity of
+requests from known bots using IP data and reverse DNS queries.
 
 This helps protect against spoofed bots where clients pretend to be someone
 else. For example, we can detect if a client is really Googlebot by checking if

src/content/docs/email-validation/reference.mdx

@@ -9,6 +9,8 @@ frameworks:
   - remix
   - sveltekit
 ajToc:
+  - text: "Plan availability"
+    anchor: "plan-availability"
   - text: "Configuration"
     anchor: "configuration"
   - text: "Pages & server actions"
@@ -22,7 +24,7 @@ ajToc:
     anchor: "testing"
 ---
 
-import { Aside } from "@astrojs/starlight/components";
+import { Aside, Badge } from "@astrojs/starlight/components";
 import SlotByFramework from "@/components/SlotByFramework";
 import TextByFramework from "@/components/TextByFramework";
 import DisplayType from "@/components/DisplayType.astro";
@@ -47,6 +49,17 @@ Arcjet allows you validate & verify an email address. This is useful for
 preventing users from signing up with fake email addresses and can significantly
 reduce the amount of spam or fraudulent accounts.
 
+## Plan availability
+
+Arcjet email validation availability depends depends on your [#
+plan](https://arcjet.com/#).
+
+| Plan                                      | Email validation |
+| ----------------------------------------- | ---------------- |
+| <Badge text="Free" variant="caution" />   | No               |
+| <Badge text="Pro" variant="note" />       | Yes              |
+| <Badge text="Enterprise" variant="tip" /> | Custom           |
+
 ## Configuration
 
 Email validation is configured by specifying the email types you wish to block

src/content/docs/rate-limiting/reference.mdx

@@ -9,6 +9,8 @@ frameworks:
   - remix
   - sveltekit
 ajToc:
+  - text: "Plan availability"
+    anchor: "plan-availability"
   - text: "Configuration"
     anchor: "configuration"
     children:
@@ -94,6 +96,7 @@ ajToc:
         anchor: "wrap-existing-handler"
 ---
 
+import { Badge } from "@astrojs/starlight/components";
 import SlotByFramework from "@/components/SlotByFramework";
 import TextByFramework from "@/components/TextByFramework";
 import Comments from "/src/components/Comments.astro";
@@ -164,6 +167,17 @@ import TokenBucketRequestSvelteKit from "@/snippets/rate-limiting/reference/svel
 Arcjet rate limiting allows you to define rules which limit the number of
 requests a client can make over a period of time.
 
+## Plan availability
+
+Arcjet rate limiting is available on all [#
+plans](https://arcjet.com/#).
+
+| Plan                                      | Rate limiting |
+| ----------------------------------------- | ------------- |
+| <Badge text="Free" variant="caution" />   | Yes           |
+| <Badge text="Pro" variant="note" />       | Yes           |
+| <Badge text="Enterprise" variant="tip" /> | Custom        |
+
 ## Configuration
 
 Each rate limit is configured on an exact path with a set of client

src/content/docs/sensitive-info/reference.mdx

@@ -9,6 +9,8 @@ frameworks:
   - remix
   - sveltekit
 ajToc:
+  - text: "Plan availability"
+    anchor: "plan-availability"
   - text: "Configuration"
     anchor: "configuration"
   - text: "Guards and routes"
@@ -57,6 +59,8 @@ ajToc:
     anchor: "testing"
 ---
 
+import { Badge } from "@astrojs/starlight/components";
+
 import SlotByFramework from "@/components/SlotByFramework";
 import TextByFramework from "@/components/TextByFramework";
 import DisplayType from "@/components/DisplayType.astro";
@@ -91,6 +95,17 @@ import CustomDetectSvelteKit from "@/snippets/sensitive-info/reference/sveltekit
 Arcjet Sensitive Information Detection protects against clients sending you
 sensitive information such as PII that you do not wish to handle.
 
+## Plan availability
+
+Arcjet sensitive information detection availability depends depends on your
+[# plan](https://arcjet.com/#).
+
+| Plan                                      | Sensitive information detection |
+| ----------------------------------------- | ------------------------------- |
+| <Badge text="Free" variant="caution" />   | No                              |
+| <Badge text="Pro" variant="note" />       | Yes                             |
+| <Badge text="Enterprise" variant="tip" /> | Custom                          |
+
 ## Configuration
 
 Sensitive information detection is configured by allowing or denying a subset of

src/content/docs/shield/concepts.mdx

@@ -4,6 +4,7 @@ description: "Arcjet Shield protects your application against common attacks, in
 prev: false
 ---
 
+import { Badge } from "@astrojs/starlight/components";
 import WhatIsArcjet from "/src/components/WhatIsArcjet.astro";
 import Comments from "/src/components/Comments.astro";
 
@@ -20,10 +21,13 @@ from that client are blocked for a period of time.
 
 ## Which attacks will Arcjet Shield block?
 
-Arcjet implements a variety of detection rules based on the [OWASP Core Rule
-Set](https://coreruleset.org/). This includes the [OWASP Top
-10](https://owasp.org/www-project-top-ten/) to protect against common categories
-such as:
+Arcjet implements a variety of detection rules. Basic protection from the most
+common attacks are available for all Arcjet users.
+
+{/* prettier-ignore */}
+Users on the <Badge text="Pro" variant="note" /> and <Badge text="Enterprise" variant="tip" />
+plans also get a fully-managed [OWASP Core Rule Set](https://coreruleset.org/)
+to protect against common categories such as:
 
 - SQL injection (SQLi)
 - Cross-site scripting (XSS)

src/content/docs/shield/reference.mdx

@@ -9,6 +9,8 @@ frameworks:
   - remix
   - sveltekit
 ajToc:
+  - text: "Plan availability"
+    anchor: "plan-availability"
   - text: "Configuration"
     anchor: "configuration"
   - text: "Guards and routes"
@@ -58,6 +60,8 @@ ajToc:
     anchor: "testing"
 ---
 
+import { Badge } from "@astrojs/starlight/components";
+
 import SlotByFramework from "@/components/SlotByFramework";
 import TextByFramework from "@/components/TextByFramework";
 import DisplayType from "@/components/DisplayType.astro";
@@ -84,6 +88,17 @@ import PerRouteVsHooksSvelteKit from "@/snippets/shield/reference/sveltekit/PerR
 Arcjet Shield protects your application against common attacks, including the
 [OWASP Top 10](https://owasp.org/www-project-top-ten/).
 
+## Plan availability
+
+Arcjet Shield functionality depends on your [#
+plan](https://arcjet.com/#).
+
+| Plan                                      | Shield                                                  |
+| ----------------------------------------- | ------------------------------------------------------- |
+| <Badge text="Free" variant="caution" />   | Basic                                                   |
+| <Badge text="Pro" variant="note" />       | Managed [OWASP Core Rule Set](https://coreruleset.org/) |
+| <Badge text="Enterprise" variant="tip" /> | Custom                                                  |
+
 ## Configuration
 
 Shield is configured by specifying which mode you want it to run in.

src/content/docs/#-protection/reference.mdx

@@ -9,6 +9,8 @@ frameworks:
   - remix
   - sveltekit
 ajToc:
+  - text: "Plan availability"
+    anchor: "plan-availability"
   - text: "Configuration"
     anchor: "configuration"
   - text: "Pages & server actions"
@@ -29,6 +31,7 @@ ajToc:
     anchor: "testing"
 ---
 
+import { Badge } from "@astrojs/starlight/components";
 import SlotByFramework from "@/components/SlotByFramework";
 import TextByFramework from "@/components/TextByFramework";
 import Comments from "/src/components/Comments.astro";
@@ -60,6 +63,17 @@ import ErrorsSvelteKit from "@/snippets/#-protection/reference/sveltekit/Er
 Arcjet # form protection combines rate limiting, bot protection, and email
 validation to protect your # forms from abuse.
 
+## Plan availability
+
+Arcjet # form protection availability depends depends on your [#
+plan](https://arcjet.com/#).
+
+| Plan                                      | # form protection |
+| ----------------------------------------- | ---------------------- |
+| <Badge text="Free" variant="caution" />   | No                     |
+| <Badge text="Pro" variant="note" />       | Yes                    |
+| <Badge text="Enterprise" variant="tip" /> | Custom                 |
+
 ## Configuration
 
 # form protection is a combination of the [rate

src/snippets/reference/shared/IPAnalysis.mdx

@@ -94,8 +94,7 @@ The `service` field may be `undefined`, but you can use the `hasService()`
 method to check the availability. Using this method will also refine the type to
 remove the need for null-ish checks.
 
-The following are available on the <Badge text="Free" variant="caution" />
-and <Badge text="Pro" variant="note" /> plans, and above:
+The following are available on all # plans:
 
 - `hasService()` (`bool`): whether the `service` field is available.
 - `service` (`string | undefined`): the name of the service associated with the