From 3ce477d35095d883047daa79bd6d722eddd3d00a Mon Sep 17 00:00:00 2001 From: kroegerama <1519044+kroegerama@users.noreply.github.com> Date: Sun, 19 May 2024 15:53:02 +0200 Subject: [PATCH 001/175] add include for `root_top.conf` in the nginx.conf Allow custom configuration of the root config in the top of the file. This can be used to load modules, which is not possible at the end of the config file. There is already a `http_top.conf`, so `root_top.conf` is a logical addition. --- docker/rootfs/etc/nginx/nginx.conf | 3 +++ 1 file changed, 3 insertions(+) diff --git a/docker/rootfs/etc/nginx/nginx.conf b/docker/rootfs/etc/nginx/nginx.conf index 826183378..007437036 100644 --- a/docker/rootfs/etc/nginx/nginx.conf +++ b/docker/rootfs/etc/nginx/nginx.conf @@ -14,6 +14,9 @@ error_log /data/logs/fallback_error.log warn; # Includes files with directives to load dynamic modules. include /etc/nginx/modules/*.conf; +# Custom +include /data/nginx/custom/root_top[.]conf; + events { include /data/nginx/custom/events[.]conf; } From ef23e796ec1c8f161020ebac5a607194fd7f5cac Mon Sep 17 00:00:00 2001 From: kroegerama <1519044+kroegerama@users.noreply.github.com> Date: Mon, 20 May 2024 10:35:36 +0200 Subject: [PATCH 002/175] update advanced config documentation describe the `root_top.conf` file and add a snippet for enabling the geoip2 module --- docs/src/advanced-config/index.md | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/docs/src/advanced-config/index.md b/docs/src/advanced-config/index.md index 7d32e96a9..efeaefec3 100644 --- a/docs/src/advanced-config/index.md +++ b/docs/src/advanced-config/index.md @@ -173,6 +173,7 @@ NPM has the ability to include different custom configuration snippets in differ You can add your custom configuration snippet files at `/data/nginx/custom` as follow: + - `/data/nginx/custom/root_top.conf`: Included at the top of nginx.conf - `/data/nginx/custom/root.conf`: Included at the very end of nginx.conf - `/data/nginx/custom/http_top.conf`: Included at the top of the main http block - `/data/nginx/custom/http.conf`: Included at the end of the main http block @@ -212,3 +213,12 @@ You can customise the logrotate configuration through a mount (if your custom co ``` For reference, the default configuration can be found [here](https://github.com/NginxProxyManager/nginx-proxy-manager/blob/develop/docker/rootfs/etc/logrotate.d/nginx-proxy-manager). + +## Enabling the geoip2 module + +To enable the geoip2 module, you can create the custom configuration file `/data/nginx/custom/root_top.conf` and include the following snippet: + +``` +load_module /usr/lib/nginx/modules/ngx_http_geoip2_module.so; +load_module /usr/lib/nginx/modules/ngx_stream_geoip2_module.so; +``` From e20a11de4aa20d40a7882ffd97672537f5681577 Mon Sep 17 00:00:00 2001 From: Nicholas Fong Date: Tue, 28 May 2024 23:32:03 -0400 Subject: [PATCH 003/175] Remove spaces around cloudflare api credential --- global/certbot-dns-plugins.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/global/certbot-dns-plugins.json b/global/certbot-dns-plugins.json index b40883bda..f8b6f4816 100644 --- a/global/certbot-dns-plugins.json +++ b/global/certbot-dns-plugins.json @@ -36,7 +36,7 @@ "package_name": "certbot-dns-cloudflare", "version": "=={{certbot-version}}", "dependencies": "cloudflare==2.19.* acme=={{certbot-version}}", - "credentials": "# Cloudflare API token\ndns_cloudflare_api_token = 0123456789abcdef0123456789abcdef01234567", + "credentials": "# Cloudflare API token\ndns_cloudflare_api_token=0123456789abcdef0123456789abcdef01234567", "full_plugin_name": "dns-cloudflare" }, "cloudns": { From 1d19c29bb07e493405fafc31ff5085e2c642baf4 Mon Sep 17 00:00:00 2001 From: David Lievrouw Date: Mon, 3 Jun 2024 13:32:23 +0200 Subject: [PATCH 004/175] Read initial admin email and password from env vars. --- backend/setup.js | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/backend/setup.js b/backend/setup.js index 7a138fe5d..4b304135f 100644 --- a/backend/setup.js +++ b/backend/setup.js @@ -21,11 +21,13 @@ const setupDefaultUser = () => { .then((row) => { if (!row.count) { // Create a new user and set password + let email = process.env.INITIAL_ADMIN_EMAIL || 'admin@example.com'; + let password = process.env.INITIAL_ADMIN_PASSWORD || 'changeme'; logger.info('Creating a new user: admin@example.com with password: changeme'); let data = { is_deleted: 0, - email: 'admin@example.com', + email: email, name: 'Administrator', nickname: 'Admin', avatar: '', @@ -41,7 +43,7 @@ const setupDefaultUser = () => { .insert({ user_id: user.id, type: 'password', - secret: 'changeme', + secret: password, meta: {}, }) .then(() => { From d66e4e03e6044a13c450f68c9e2ce14db7540e93 Mon Sep 17 00:00:00 2001 From: David Lievrouw Date: Mon, 3 Jun 2024 13:44:08 +0200 Subject: [PATCH 005/175] #3790 Attempt to make ci happy. --- backend/setup.js | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/backend/setup.js b/backend/setup.js index 4b304135f..9a7b69705 100644 --- a/backend/setup.js +++ b/backend/setup.js @@ -21,9 +21,10 @@ const setupDefaultUser = () => { .then((row) => { if (!row.count) { // Create a new user and set password - let email = process.env.INITIAL_ADMIN_EMAIL || 'admin@example.com'; + let email = process.env.INITIAL_ADMIN_EMAIL || 'admin@example.com'; let password = process.env.INITIAL_ADMIN_PASSWORD || 'changeme'; - logger.info('Creating a new user: admin@example.com with password: changeme'); + + logger.info('Creating a new user: ' + email + ' with password: ' + password); let data = { is_deleted: 0, From 6f9eed8a6196e893bc2602a318b762019b754a37 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sun, 16 Jun 2024 10:41:32 +0000 Subject: [PATCH 006/175] Bump braces from 3.0.2 to 3.0.3 in /backend Bumps [braces](https://github.com/micromatch/braces) from 3.0.2 to 3.0.3. - [Changelog](https://github.com/micromatch/braces/blob/master/CHANGELOG.md) - [Commits](https://github.com/micromatch/braces/compare/3.0.2...3.0.3) --- updated-dependencies: - dependency-name: braces dependency-type: indirect ... Signed-off-by: dependabot[bot] --- backend/yarn.lock | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/backend/yarn.lock b/backend/yarn.lock index 58a214ca5..b54476764 100644 --- a/backend/yarn.lock +++ b/backend/yarn.lock @@ -448,11 +448,11 @@ brace-expansion@^1.1.7: concat-map "0.0.1" braces@~3.0.2: - version "3.0.2" - resolved "https://registry.yarnpkg.com/braces/-/braces-3.0.2.tgz#3454e1a462ee8d599e236df336cd9ea4f8afe107" - integrity sha512-b8um+L1RzM3WDSzvhm6gIz1yfTbBt6YTlcEKAvsmqCZZFw46z626lVj9j1yEPW33H5H+lBQpZMP1k8l+78Ha0A== + version "3.0.3" + resolved "https://registry.yarnpkg.com/braces/-/braces-3.0.3.tgz#490332f40919452272d55a8480adc0c441358789" + integrity sha512-yQbXgO/OSZVD2IsiLlro+7Hf6Q18EJrKSEsdoMzKePKXct3gvD8oLcOQdIzGupr5Fj+EDe8gO/lxc1BzfMpxvA== dependencies: - fill-range "^7.0.1" + fill-range "^7.1.1" buffer-crc32@^0.2.1, buffer-crc32@^0.2.13: version "0.2.13" @@ -1206,10 +1206,10 @@ file-entry-cache@^6.0.1: dependencies: flat-cache "^3.0.4" -fill-range@^7.0.1: - version "7.0.1" - resolved "https://registry.yarnpkg.com/fill-range/-/fill-range-7.0.1.tgz#1919a6a7c75fe38b2c7c77e5198535da9acdda40" - integrity sha512-qOo9F+dMUmC2Lcb4BbVvnKJxTPjCm+RRpe4gDuGrzkL7mEVl/djYSu2OdQ2Pa302N4oqkSg9ir6jaLWJ2USVpQ== +fill-range@^7.1.1: + version "7.1.1" + resolved "https://registry.yarnpkg.com/fill-range/-/fill-range-7.1.1.tgz#44265d3cac07e3ea7dc247516380643754a05292" + integrity sha512-YsGpe3WHLK8ZYi4tWDg2Jy3ebRz2rXowDxnld4bkQB00cc/1Zw9AWnC0i9ztDJitivtQvaI9KaLyKrc+hBW0yg== dependencies: to-regex-range "^5.0.1" From b4560d7dde08dfcc7e88429217ed6c5125786f2d Mon Sep 17 00:00:00 2001 From: Brendon Mendicino Date: Sun, 16 Jun 2024 15:44:52 +0200 Subject: [PATCH 007/175] feat: changing `log_format proxy` default location This is useful when some user would want to change the default log format for each of the service, without the need of creating a new `log_format custom` and changing the `access_log` for each service. --- docker/rootfs/etc/nginx/conf.d/include/log.conf | 4 ++++ docker/rootfs/etc/nginx/nginx.conf | 6 ++---- 2 files changed, 6 insertions(+), 4 deletions(-) create mode 100644 docker/rootfs/etc/nginx/conf.d/include/log.conf diff --git a/docker/rootfs/etc/nginx/conf.d/include/log.conf b/docker/rootfs/etc/nginx/conf.d/include/log.conf new file mode 100644 index 000000000..0d7402906 --- /dev/null +++ b/docker/rootfs/etc/nginx/conf.d/include/log.conf @@ -0,0 +1,4 @@ +log_format proxy '[$time_local] $upstream_cache_status $upstream_status $status - $request_method $scheme $host "$request_uri" [Client $remote_addr] [Length $body_bytes_sent] [Gzip $gzip_ratio] [Sent-to $server] "$http_user_agent" "$http_referer"'; +log_format standard '[$time_local] $status - $request_method $scheme $host "$request_uri" [Client $remote_addr] [Length $body_bytes_sent] [Gzip $gzip_ratio] "$http_user_agent" "$http_referer"'; + +access_log /data/logs/fallback_access.log proxy; diff --git a/docker/rootfs/etc/nginx/nginx.conf b/docker/rootfs/etc/nginx/nginx.conf index 826183378..d91d41eed 100644 --- a/docker/rootfs/etc/nginx/nginx.conf +++ b/docker/rootfs/etc/nginx/nginx.conf @@ -43,10 +43,8 @@ http { proxy_cache_path /var/lib/nginx/cache/public levels=1:2 keys_zone=public-cache:30m max_size=192m; proxy_cache_path /var/lib/nginx/cache/private levels=1:2 keys_zone=private-cache:5m max_size=1024m; - log_format proxy '[$time_local] $upstream_cache_status $upstream_status $status - $request_method $scheme $host "$request_uri" [Client $remote_addr] [Length $body_bytes_sent] [Gzip $gzip_ratio] [Sent-to $server] "$http_user_agent" "$http_referer"'; - log_format standard '[$time_local] $status - $request_method $scheme $host "$request_uri" [Client $remote_addr] [Length $body_bytes_sent] [Gzip $gzip_ratio] "$http_user_agent" "$http_referer"'; - - access_log /data/logs/fallback_access.log proxy; + # Log format and fallback log file + include /etc/nginx/conf.d/include/log.conf; # Dynamically generated resolvers file include /etc/nginx/conf.d/include/resolvers.conf; From 13fec42d1fe2e25e1ccc027ed65bcfd186f6d39a Mon Sep 17 00:00:00 2001 From: Alex Stevenson-Price Date: Thu, 20 Jun 2024 10:35:58 +0100 Subject: [PATCH 008/175] Add Hover.com DNS plugin --- global/certbot-dns-plugins.json | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/global/certbot-dns-plugins.json b/global/certbot-dns-plugins.json index b40883bda..763c159a8 100644 --- a/global/certbot-dns-plugins.json +++ b/global/certbot-dns-plugins.json @@ -239,6 +239,14 @@ "credentials": "dns_hetzner_api_token = 0123456789abcdef0123456789abcdef", "full_plugin_name": "dns-hetzner" }, + "hover": { + "name": "Hover", + "package_name": "certbot-dns-hover", + "version": "~=1.2.1", + "dependencies": "", + "credentials": "dns_hover_hoverurl = https://www.hover.com\ndns_hover_username = hover-admin-username\ndns_hover_password = hover-admin-password\ndns_hover_totpsecret = 2fa-totp-secret", + "full_plugin_name": "dns-hover" + }, "infomaniak": { "name": "Infomaniak", "package_name": "certbot-dns-infomaniak", From a5c06c1a34e205b79807536c1599d7353139f108 Mon Sep 17 00:00:00 2001 From: Dusan Cervenka Date: Tue, 25 Jun 2024 23:26:50 +0200 Subject: [PATCH 009/175] Add wedos dns Signed-off-by: Dusan Cervenka --- global/certbot-dns-plugins.json | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/global/certbot-dns-plugins.json b/global/certbot-dns-plugins.json index 763c159a8..718117b76 100644 --- a/global/certbot-dns-plugins.json +++ b/global/certbot-dns-plugins.json @@ -462,5 +462,13 @@ "dependencies": "", "credentials": "dns_websupport_identifier = \ndns_websupport_secret_key = ", "full_plugin_name": "dns-websupport" + }, + "wedos":{ + "name": "Wedos", + "package_name": "certbot-dns-wedos", + "version": "~=1.0", + "dependencies": "", + "credentials": "dns_wedos_user = \ndns_wedos_auth = ", + "full_plugin_name": "dns-wedos" } } From 50aeae234f4b8f32b19bfb7950fee21b52edb9fb Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Thu, 27 Jun 2024 18:24:09 +0000 Subject: [PATCH 010/175] Bump glob-parent from 5.1.1 to 5.1.2 in /backend Bumps [glob-parent](https://github.com/gulpjs/glob-parent) from 5.1.1 to 5.1.2. - [Release notes](https://github.com/gulpjs/glob-parent/releases) - [Changelog](https://github.com/gulpjs/glob-parent/blob/main/CHANGELOG.md) - [Commits](https://github.com/gulpjs/glob-parent/compare/v5.1.1...v5.1.2) --- updated-dependencies: - dependency-name: glob-parent dependency-type: indirect ... Signed-off-by: dependabot[bot] --- backend/yarn.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/backend/yarn.lock b/backend/yarn.lock index 58a214ca5..910efc947 100644 --- a/backend/yarn.lock +++ b/backend/yarn.lock @@ -1402,9 +1402,9 @@ glob-parent@^6.0.2: is-glob "^4.0.3" glob-parent@~5.1.0: - version "5.1.1" - resolved "https://registry.yarnpkg.com/glob-parent/-/glob-parent-5.1.1.tgz#b6c1ef417c4e5663ea498f1c45afac6916bbc229" - integrity sha512-FnI+VGOpnlGHWZxthPGR+QhR78fuiK0sNLkHQv+bL9fQi57lNNdquIbna/WrfROrolq8GK5Ek6BiMwqL/voRYQ== + version "5.1.2" + resolved "https://registry.yarnpkg.com/glob-parent/-/glob-parent-5.1.2.tgz#869832c58034fe68a4093c17dc15e8340d8401c4" + integrity sha512-AOIgSQCepiJYwP3ARnGx+5VnTu2HBYdzbGP45eLw1vr3zB3vZLeyed1sC9hnbcOc9/SrMyM5RPQrkGz4aS9Zow== dependencies: is-glob "^4.0.1" From c93656a7a1007441fe272af6b0d2849b1793ff2a Mon Sep 17 00:00:00 2001 From: "S.S" Date: Fri, 28 Jun 2024 20:04:31 +0200 Subject: [PATCH 011/175] Update README.md In 2020, the concept of a single compose specification was introduced, removing the need for versioning. --- README.md | 1 - 1 file changed, 1 deletion(-) diff --git a/README.md b/README.md index 740babe31..ad964e82a 100644 --- a/README.md +++ b/README.md @@ -56,7 +56,6 @@ I won't go in to too much detail here but here are the basics for someone new to 2. Create a docker-compose.yml file similar to this: ```yml -version: '3.8' services: app: image: 'docker.io/jc21/nginx-proxy-manager:latest' From 5578e825b1f11a37f66286aae88f6e7ebd950ffa Mon Sep 17 00:00:00 2001 From: Dusan Cervenka Date: Sat, 29 Jun 2024 21:30:27 +0200 Subject: [PATCH 012/175] Update version Signed-off-by: Dusan Cervenka --- global/certbot-dns-plugins.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/global/certbot-dns-plugins.json b/global/certbot-dns-plugins.json index 718117b76..62ec091db 100644 --- a/global/certbot-dns-plugins.json +++ b/global/certbot-dns-plugins.json @@ -466,7 +466,7 @@ "wedos":{ "name": "Wedos", "package_name": "certbot-dns-wedos", - "version": "~=1.0", + "version": "~=2.2", "dependencies": "", "credentials": "dns_wedos_user = \ndns_wedos_auth = ", "full_plugin_name": "dns-wedos" From 001c77e6869edac1aa074c9777ebb607419a7f19 Mon Sep 17 00:00:00 2001 From: An Seongjin Date: Sun, 30 Jun 2024 22:27:54 +0900 Subject: [PATCH 013/175] Fix syntax that causes errors (generateKeys log) --- backend/lib/config.js | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/backend/lib/config.js b/backend/lib/config.js index caa57fcf0..a484fc5b2 100644 --- a/backend/lib/config.js +++ b/backend/lib/config.js @@ -93,7 +93,7 @@ const generateKeys = () => { try { fs.writeFileSync(keysFile, JSON.stringify(keys, null, 2)); } catch (err) { - logger.error('Could not write JWT key pair to config file: ' + keysFile + ': ' . err.message); + logger.error('Could not write JWT key pair to config file: ' + keysFile + ': ' + err.message); process.exit(1); } logger.info('Wrote JWT key pair to config file: ' + keysFile); From 99cce7e2b0da2978411cedd7cac5fffbe15bc466 Mon Sep 17 00:00:00 2001 From: Jamie Curnow Date: Mon, 1 Jul 2024 16:08:01 +1000 Subject: [PATCH 014/175] Fix command injection when passing bash commands into the dns provider configuration - Use built in node functions to write the file - And to delete the file --- backend/internal/certificate.js | 13 +++++-------- 1 file changed, 5 insertions(+), 8 deletions(-) diff --git a/backend/internal/certificate.js b/backend/internal/certificate.js index 603370499..291056caa 100644 --- a/backend/internal/certificate.js +++ b/backend/internal/certificate.js @@ -861,9 +861,8 @@ const internalCertificate = { logger.info(`Requesting Let'sEncrypt certificates via ${dnsPlugin.name} for Cert #${certificate.id}: ${certificate.domain_names.join(', ')}`); const credentialsLocation = '/etc/letsencrypt/credentials/credentials-' + certificate.id; - // Escape single quotes and backslashes - const escapedCredentials = certificate.meta.dns_provider_credentials.replaceAll('\'', '\\\'').replaceAll('\\', '\\\\'); - const credentialsCmd = 'mkdir -p /etc/letsencrypt/credentials 2> /dev/null; echo \'' + escapedCredentials + '\' > \'' + credentialsLocation + '\' && chmod 600 \'' + credentialsLocation + '\''; + fs.mkdirSync('/etc/letsencrypt/credentials', { recursive: true }); + fs.writeFileSync(credentialsLocation, certificate.meta.dns_provider_credentials, {mode: 0o600}); // Whether the plugin has a ---credentials argument const hasConfigArg = certificate.meta.dns_provider !== 'route53'; @@ -898,17 +897,15 @@ const internalCertificate = { mainCmd = mainCmd + ' --dns-duckdns-no-txt-restore'; } - logger.info('Command:', `${credentialsCmd} && && ${mainCmd}`); + logger.info('Command:', mainCmd); try { - await utils.exec(credentialsCmd); const result = await utils.exec(mainCmd); logger.info(result); return result; } catch (err) { - // Don't fail if file does not exist - const delete_credentialsCmd = `rm -f '${credentialsLocation}' || true`; - await utils.exec(delete_credentialsCmd); + // Don't fail if file does not exist, so no need for action in the callback + fs.unlink(credentialsLocation, () => {}); throw err; } }, From b5a0d74654648521ee928dadf4ccd35c635d3fd1 Mon Sep 17 00:00:00 2001 From: Jamie Curnow Date: Mon, 1 Jul 2024 16:09:33 +1000 Subject: [PATCH 015/175] Bump version --- .version | 2 +- README.md | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/.version b/.version index 9e5bb77a3..22e3b6b01 100644 --- a/.version +++ b/.version @@ -1 +1 @@ -2.11.2 +2.11.3 diff --git a/README.md b/README.md index ad964e82a..55a986d18 100644 --- a/README.md +++ b/README.md @@ -1,7 +1,7 @@



- + From 4446e2f76032d084f1241cecf73cf769f640a108 Mon Sep 17 00:00:00 2001 From: Benedikt Schmitz Date: Tue, 9 Jul 2024 11:22:54 +0200 Subject: [PATCH 016/175] Add Edge DNS by Akamai Add Edge DNS by Akamai --- global/certbot-dns-plugins.json | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/global/certbot-dns-plugins.json b/global/certbot-dns-plugins.json index 606e7083c..b43162a02 100644 --- a/global/certbot-dns-plugins.json +++ b/global/certbot-dns-plugins.json @@ -470,5 +470,13 @@ "dependencies": "", "credentials": "dns_wedos_user = \ndns_wedos_auth = ", "full_plugin_name": "dns-wedos" + }, + "edgedns": { + "name": "Akamai Edge DNS", + "package_name": "certbot-plugin-edgedns", + "version": "~=0.1.0", + "dependencies": "", + "credentials": "edgedns_client_secret = as3d1asd5d1a32sdfsdfs2d1asd5=\nedgedns_host = sdflskjdf-dfsdfsdf-sdfsdfsdf.luna.akamaiapis.net\nedgedns_access_token = kjdsi3-34rfsdfsdf-234234fsdfsdf\nedgedns_client_token = dkfjdf-342fsdfsd-23fsdfsdfsdf", + "full_plugin_name": "edgedns" } } From 894cd25534f754d6b7d1fa05e13dad0f2d37cf29 Mon Sep 17 00:00:00 2001 From: rag-franky Date: Wed, 31 Jul 2024 11:04:20 +0200 Subject: [PATCH 017/175] Add "rockenstein" as dns provider --- global/certbot-dns-plugins.json | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/global/certbot-dns-plugins.json b/global/certbot-dns-plugins.json index 606e7083c..5a5374170 100644 --- a/global/certbot-dns-plugins.json +++ b/global/certbot-dns-plugins.json @@ -407,6 +407,14 @@ "credentials": "# Target DNS server\ndns_rfc2136_server = 192.0.2.1\n# Target DNS port\ndns_rfc2136_port = 53\n# TSIG key name\ndns_rfc2136_name = keyname.\n# TSIG key secret\ndns_rfc2136_secret = 4q4wM/2I180UXoMyN4INVhJNi8V9BCV+jMw2mXgZw/CSuxUT8C7NKKFs AmKd7ak51vWKgSl12ib86oQRPkpDjg==\n# TSIG key algorithm\ndns_rfc2136_algorithm = HMAC-SHA512", "full_plugin_name": "dns-rfc2136" }, + "rockenstein": { + "name": "rockenstein AG", + "package_name": "certbot-dns-rockenstein", + "version": "~=1.0.0", + "dependencies": "", + "credentials": "dns_rockenstein_token=", + "full_plugin_name": "dns-rockenstein" + }, "route53": { "name": "Route 53 (Amazon)", "package_name": "certbot-dns-route53", From ed5d87b021586745316cda0b28d59f75a5b49b17 Mon Sep 17 00:00:00 2001 From: Rafael Carvalho Date: Thu, 1 Aug 2024 17:09:33 -0300 Subject: [PATCH 018/175] Update Bootstrap to 3.4.1 Fixes: CVE-2018-20676 CVE-2019-8331 CVE-2018-20677 CVE-2018-14042 CVE-2016-10735 CVE-2018-14040 --- docker/rootfs/var/www/html/index.html | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docker/rootfs/var/www/html/index.html b/docker/rootfs/var/www/html/index.html index 8478b47f1..703db883d 100644 --- a/docker/rootfs/var/www/html/index.html +++ b/docker/rootfs/var/www/html/index.html @@ -5,7 +5,7 @@ Default Site - + From 00427264771d5d13fc944e3274fff4f44a8a2a63 Mon Sep 17 00:00:00 2001 From: CoffeeCHN Date: Tue, 20 Aug 2024 15:36:21 +0800 Subject: [PATCH 019/175] Update nginx-proxy-manager Fix Nginx not restarting correctly. --- docker/rootfs/etc/logrotate.d/nginx-proxy-manager | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/docker/rootfs/etc/logrotate.d/nginx-proxy-manager b/docker/rootfs/etc/logrotate.d/nginx-proxy-manager index 275b0aa6a..de9772971 100644 --- a/docker/rootfs/etc/logrotate.d/nginx-proxy-manager +++ b/docker/rootfs/etc/logrotate.d/nginx-proxy-manager @@ -8,7 +8,7 @@ compress sharedscripts postrotate - /bin/kill -USR1 `cat /run/nginx.pid 2>/dev/null` 2>/dev/null || true + kill -USR1 `cat /run/nginx/nginx.pid 2>/dev/null` 2>/dev/null || true endscript } @@ -22,6 +22,6 @@ compress sharedscripts postrotate - /bin/kill -USR1 `cat /run/nginx.pid 2>/dev/null` 2>/dev/null || true + kill -USR1 `cat /run/nginx/nginx.pid 2>/dev/null` 2>/dev/null || true endscript -} \ No newline at end of file +} From 554d1ff2b6591dc21fa2aac2bc28bac18b50eea9 Mon Sep 17 00:00:00 2001 From: Dhrumil Shah Date: Wed, 4 Sep 2024 00:07:43 -0400 Subject: [PATCH 020/175] Add set directives for proxies to keep from crashing if upstream is down --- backend/templates/_location.conf | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/backend/templates/_location.conf b/backend/templates/_location.conf index b75632278..fcc7d1210 100644 --- a/backend/templates/_location.conf +++ b/backend/templates/_location.conf @@ -6,7 +6,12 @@ proxy_set_header X-Forwarded-Proto $scheme; proxy_set_header X-Forwarded-For $remote_addr; proxy_set_header X-Real-IP $remote_addr; - proxy_pass {{ forward_scheme }}://{{ forward_host }}:{{ forward_port }}{{ forward_path }}; + + set $proxy_forward_scheme {{ forward_scheme }}; + set $proxy_server "{{ forward_host }}"; + set $proxy_port {{ forward_port }}; + + proxy_pass $proxy_forward_scheme://$proxy_server:$proxy_port{{ forward_path }}; {% include "_access.conf" %} {% include "_assets.conf" %} From a03009056c3d78ba91c8f16754aaff6af87fcd50 Mon Sep 17 00:00:00 2001 From: vggscqq <57009391+vggscqq@users.noreply.github.com> Date: Mon, 9 Sep 2024 11:06:47 +0200 Subject: [PATCH 021/175] Added active24 DNS provider --- global/certbot-dns-plugins.json | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/global/certbot-dns-plugins.json b/global/certbot-dns-plugins.json index 606e7083c..416a6097b 100644 --- a/global/certbot-dns-plugins.json +++ b/global/certbot-dns-plugins.json @@ -7,6 +7,14 @@ "credentials": "dns_acmedns_api_url = http://acmedns-server/\ndns_acmedns_registration_file = /data/acme-registration.json", "full_plugin_name": "dns-acmedns" }, + "active24":{ + "name": "active24", + "package_name": "certbot-dns-active24", + "version": "~=1.5.1", + "dependencies": "", + "credentials": "dns_active24_token=TOKEN", + "full_plugin_name": "dns-active24" + }, "aliyun": { "name": "Aliyun", "package_name": "certbot-dns-aliyun", From ca9eeb51180707f644105761bdbc217c13078dda Mon Sep 17 00:00:00 2001 From: vggscqq <57009391+vggscqq@users.noreply.github.com> Date: Mon, 9 Sep 2024 11:53:16 +0200 Subject: [PATCH 022/175] Added quotation around TOKEN variable. Made Active24 start from capital letter in UI --- global/certbot-dns-plugins.json | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/global/certbot-dns-plugins.json b/global/certbot-dns-plugins.json index 416a6097b..1726a2c76 100644 --- a/global/certbot-dns-plugins.json +++ b/global/certbot-dns-plugins.json @@ -8,11 +8,11 @@ "full_plugin_name": "dns-acmedns" }, "active24":{ - "name": "active24", + "name": "Active24", "package_name": "certbot-dns-active24", "version": "~=1.5.1", "dependencies": "", - "credentials": "dns_active24_token=TOKEN", + "credentials": "dns_active24_token=\"TOKEN\"", "full_plugin_name": "dns-active24" }, "aliyun": { From 48a9f5f9db2e58778cda541193dde2f9e57407e5 Mon Sep 17 00:00:00 2001 From: Nico Lynzaad Date: Tue, 10 Sep 2024 23:08:02 +0200 Subject: [PATCH 023/175] swop mysql library and knex client for mysql2 --- backend/config/default.json | 2 +- backend/knexfile.js | 4 +- backend/lib/config.js | 2 +- backend/package.json | 2 +- backend/yarn.lock | 87 +++++++++++++++++++++++++++++-------- 5 files changed, 73 insertions(+), 24 deletions(-) diff --git a/backend/config/default.json b/backend/config/default.json index 64ab577c8..154e66e48 100644 --- a/backend/config/default.json +++ b/backend/config/default.json @@ -1,6 +1,6 @@ { "database": { - "engine": "mysql", + "engine": "mysql2", "host": "db", "name": "npm", "user": "npm", diff --git a/backend/knexfile.js b/backend/knexfile.js index 391ca0050..607552f6f 100644 --- a/backend/knexfile.js +++ b/backend/knexfile.js @@ -1,6 +1,6 @@ module.exports = { development: { - client: 'mysql', + client: 'mysql2', migrations: { tableName: 'migrations', stub: 'lib/migrate_template.js', @@ -9,7 +9,7 @@ module.exports = { }, production: { - client: 'mysql', + client: 'mysql2', migrations: { tableName: 'migrations', stub: 'lib/migrate_template.js', diff --git a/backend/lib/config.js b/backend/lib/config.js index a484fc5b2..b42f9e3ca 100644 --- a/backend/lib/config.js +++ b/backend/lib/config.js @@ -34,7 +34,7 @@ const configure = () => { logger.info('Using MySQL configuration'); instance = { database: { - engine: 'mysql', + engine: 'mysql2', host: envMysqlHost, port: process.env.DB_MYSQL_PORT || 3306, user: envMysqlUser, diff --git a/backend/package.json b/backend/package.json index b938c9a9c..2123b432b 100644 --- a/backend/package.json +++ b/backend/package.json @@ -19,7 +19,7 @@ "liquidjs": "10.6.1", "lodash": "^4.17.21", "moment": "^2.29.4", - "mysql": "^2.18.1", + "mysql2": "^3.11.1", "node-rsa": "^1.0.8", "objection": "3.0.1", "path": "^0.12.7", diff --git a/backend/yarn.lock b/backend/yarn.lock index af2095496..dcf14b32d 100644 --- a/backend/yarn.lock +++ b/backend/yarn.lock @@ -360,6 +360,11 @@ async@^3.2.0: resolved "https://registry.yarnpkg.com/async/-/async-3.2.4.tgz#2d22e00f8cddeb5fde5dd33522b56d1cf569a81c" integrity sha512-iAB+JbDEGXhyIUavoDl9WP/Jj106Kz9DEn1DPgYw5ruDn0e3Wgi3sKFm55sASdGBNOQB8F59d9qQ7deqrHA8wQ== +aws-ssl-profiles@^1.1.1: + version "1.1.2" + resolved "https://registry.yarnpkg.com/aws-ssl-profiles/-/aws-ssl-profiles-1.1.2.tgz#157dd77e9f19b1d123678e93f120e6f193022641" + integrity sha512-NZKeq9AfyQvEeNlN0zSYAaWrmBffJh3IELMZfRpJVWgrpEbtEpnjvzqBPf+mxoI287JohRDoa+/nsfqqiZmF6g== + balanced-match@^1.0.0: version "1.0.0" resolved "https://registry.yarnpkg.com/balanced-match/-/balanced-match-1.0.0.tgz#89b4d199ab2bee49de164ea02b89ce462d71b767" @@ -383,11 +388,6 @@ bcrypt@^5.0.0: node-addon-api "^3.0.0" node-pre-gyp "0.15.0" -bignumber.js@9.0.0: - version "9.0.0" - resolved "https://registry.yarnpkg.com/bignumber.js/-/bignumber.js-9.0.0.tgz#805880f84a329b5eac6e7cb6f8274b6d82bdf075" - integrity sha512-t/OYhhJ2SD+YGBQcjY8GzzDHEk9f3nerxjtfa6tlMXfe7frs/WozhvCNoGvpM0P3bNf3Gq5ZRMlGr5f3r4/N8A== - binary-extensions@^2.0.0: version "2.1.0" resolved "https://registry.yarnpkg.com/binary-extensions/-/binary-extensions-2.1.0.tgz#30fa40c9e7fe07dbc895678cd287024dea241dd9" @@ -858,6 +858,11 @@ delegates@^1.0.0: resolved "https://registry.yarnpkg.com/delegates/-/delegates-1.0.0.tgz#84c6e159b81904fdca59a0ef44cd870d31250f9a" integrity sha1-hMbhWbgZBP3KWaDvRM2HDTElD5o= +denque@^2.1.0: + version "2.1.0" + resolved "https://registry.yarnpkg.com/denque/-/denque-2.1.0.tgz#e93e1a6569fb5e66f16a3c2a2964617d349d6ab1" + integrity sha512-HVQE3AAb/pxF8fQAoiqpvg9i3evqug3hoiwakOyZAwJm+6vZehbkYXZ0l4JxS+I3QxM97v5aaRNhj8v5oBhekw== + depd@2.0.0, depd@^2.0.0: version "2.0.0" resolved "https://registry.yarnpkg.com/depd/-/depd-2.0.0.tgz#b696163cc757560d09cf22cc8fad1571b79e76df" @@ -1354,6 +1359,13 @@ gauge@~2.7.3: strip-ansi "^3.0.1" wide-align "^1.1.0" +generate-function@^2.3.1: + version "2.3.1" + resolved "https://registry.yarnpkg.com/generate-function/-/generate-function-2.3.1.tgz#f069617690c10c868e73b8465746764f97c3479f" + integrity sha512-eeB5GfMNeevm/GRYq20ShmsaGcmI81kIX2K9XQx5miC8KdHaC6Jm0qQ8ZNeGOi7wYB8OsdxKs+Y2oVuTFuVwKQ== + dependencies: + is-property "^1.0.2" + get-caller-file@^2.0.1: version "2.0.5" resolved "https://registry.yarnpkg.com/get-caller-file/-/get-caller-file-2.0.5.tgz#4f94412a82db32f36e3b0b9741f8a97feb031f7e" @@ -1598,7 +1610,7 @@ iconv-lite@0.4.24, iconv-lite@^0.4.4: dependencies: safer-buffer ">= 2.1.2 < 3" -iconv-lite@^0.6.2: +iconv-lite@^0.6.2, iconv-lite@^0.6.3: version "0.6.3" resolved "https://registry.yarnpkg.com/iconv-lite/-/iconv-lite-0.6.3.tgz#a52f80bf38da1952eb5c681790719871a1a72501" integrity sha512-4fCk79wshMdzMp2rH06qWrJE4iolqLhCUH+OiuIgU++RB0+94NlDL81atO7GX55uUKueo0txHNtvEyI6D7WdMw== @@ -1801,6 +1813,11 @@ is-path-inside@^3.0.3: resolved "https://registry.yarnpkg.com/is-path-inside/-/is-path-inside-3.0.3.tgz#d231362e53a07ff2b0e0ea7fed049161ffd16283" integrity sha512-Fd4gABb+ycGAmKou8eMftCupSir5lRxqf4aD/vd0cD2qc4HL07OjCeuHMr8Ro4CoMaeCKDB0/ECBOVWjTwUvPQ== +is-property@^1.0.2: + version "1.0.2" + resolved "https://registry.yarnpkg.com/is-property/-/is-property-1.0.2.tgz#57fe1c4e48474edd65b09911f26b1cd4095dda84" + integrity sha512-Ks/IoX00TtClbGQr4TWXemAnktAQvYB7HzcCxDGqEZU6oCmb2INHuOoKxbtR+HFkmYWBKv/dOZtGRiAjDhj92g== + is-stream@^2.0.0: version "2.0.0" resolved "https://registry.yarnpkg.com/is-stream/-/is-stream-2.0.0.tgz#bde9c32680d6fae04129d6ac9d921ce7815f78e3" @@ -2028,6 +2045,11 @@ lodash@^4.17.21: resolved "https://registry.yarnpkg.com/lodash/-/lodash-4.17.21.tgz#679591c564c3bffaae8454cf0b3df370c3d6911c" integrity sha512-v2kDEe57lecTulaDIuNTPy3Ry4gLGJ6Z1O3vE1krgXZNrsQ+LFTGHVxVjcXPs17LhbZVGedAJv8XZ1tvj5FvSg== +long@^5.2.1: + version "5.2.3" + resolved "https://registry.yarnpkg.com/long/-/long-5.2.3.tgz#a3ba97f3877cf1d778eccbcb048525ebb77499e1" + integrity sha512-lcHwpNoggQTObv5apGNCTdJrO69eHOZMi4BNC+rTLER8iHAqGrUVeLh/irVIM7zTw2bOXA8T6uNPeujwOLg/2Q== + lowercase-keys@^1.0.0, lowercase-keys@^1.0.1: version "1.0.1" resolved "https://registry.yarnpkg.com/lowercase-keys/-/lowercase-keys-1.0.1.tgz#6f9e30b47084d971a7c820ff15a6c5167b74c26f" @@ -2045,6 +2067,16 @@ lru-cache@^6.0.0: dependencies: yallist "^4.0.0" +lru-cache@^7.14.1: + version "7.18.3" + resolved "https://registry.yarnpkg.com/lru-cache/-/lru-cache-7.18.3.tgz#f793896e0fd0e954a59dfdd82f0773808df6aa89" + integrity sha512-jumlc0BIUrS3qJGgIkWZsyfAM7NCWiBcCDhnd+3NNM5KbBmLTgHVfWBcg6W+rLUsIpzpERPsvwUP7CckAQSOoA== + +lru-cache@^8.0.0: + version "8.0.5" + resolved "https://registry.yarnpkg.com/lru-cache/-/lru-cache-8.0.5.tgz#983fe337f3e176667f8e567cfcce7cb064ea214e" + integrity sha512-MhWWlVnuab1RG5/zMRRcVGXZLCXrZTgfwMikgzCegsPnG62yDQo5JnqKkrK4jO5iKqDAZGItAqN5CtKBCBWRUA== + make-dir@^3.0.0, make-dir@^3.1.0: version "3.1.0" resolved "https://registry.yarnpkg.com/make-dir/-/make-dir-3.1.0.tgz#415e967046b3a7f1d185277d84aa58203726a13f" @@ -2248,15 +2280,27 @@ ms@2.1.3, ms@^2.0.0: resolved "https://registry.yarnpkg.com/ms/-/ms-2.1.3.tgz#574c8138ce1d2b5861f0b44579dbadd60c6615b2" integrity sha512-6FlzubTLZG3J2a/NVCAleEhjzq5oxgHyaCU9yYXvcLsvoVaHJq/s5xXI6/XXP6tz7R9xAOtHnSO/tXtF3WRTlA== -mysql@^2.18.1: - version "2.18.1" - resolved "https://registry.yarnpkg.com/mysql/-/mysql-2.18.1.tgz#2254143855c5a8c73825e4522baf2ea021766717" - integrity sha512-Bca+gk2YWmqp2Uf6k5NFEurwY/0td0cpebAucFpY/3jhrwrVGuxU2uQFCHjU19SJfje0yQvi+rVWdq78hR5lig== +mysql2@^3.11.1: + version "3.11.1" + resolved "https://registry.yarnpkg.com/mysql2/-/mysql2-3.11.1.tgz#edfb856e2176fcf43d2cc066dd4959e9fc76ea85" + integrity sha512-Oc8Zffd0gpIJnJ/NOMp6IiiJJDdWc7nmWpS+UE3K9feTpYia8XkbgL6EaOJYz52f6+2pAoC0eAQqUzal4lnNGQ== + dependencies: + aws-ssl-profiles "^1.1.1" + denque "^2.1.0" + generate-function "^2.3.1" + iconv-lite "^0.6.3" + long "^5.2.1" + lru-cache "^8.0.0" + named-placeholders "^1.1.3" + seq-queue "^0.0.5" + sqlstring "^2.3.2" + +named-placeholders@^1.1.3: + version "1.1.3" + resolved "https://registry.yarnpkg.com/named-placeholders/-/named-placeholders-1.1.3.tgz#df595799a36654da55dda6152ba7a137ad1d9351" + integrity sha512-eLoBxg6wE/rZkJPhU/xRX1WTpkFEwDJEN96oxFrTsqBdbT5ec295Q+CoHrL9IT0DipqKhmGcaZmwOt8OON5x1w== dependencies: - bignumber.js "9.0.0" - readable-stream "2.3.7" - safe-buffer "5.1.2" - sqlstring "2.3.1" + lru-cache "^7.14.1" natural-compare@^1.4.0: version "1.4.0" @@ -2777,7 +2821,7 @@ rc@^1.2.7, rc@^1.2.8: minimist "^1.2.0" strip-json-comments "~2.0.1" -readable-stream@2.3.7, readable-stream@^2.0.0, readable-stream@^2.0.5, readable-stream@^2.0.6: +readable-stream@^2.0.0, readable-stream@^2.0.5, readable-stream@^2.0.6: version "2.3.7" resolved "https://registry.yarnpkg.com/readable-stream/-/readable-stream-2.3.7.tgz#1eca1cf711aef814c04f62252a36a62f6cb23b57" integrity sha512-Ebho8K4jIbHAxnuxi7o42OrZgF/ZTNcsZj6nRKyUmkhLFq8CHItp/fy6hQZuZmP/n3yZ9VBUbp4zz/mX8hmYPw== @@ -2969,6 +3013,11 @@ send@0.18.0: range-parser "~1.2.1" statuses "2.0.1" +seq-queue@^0.0.5: + version "0.0.5" + resolved "https://registry.yarnpkg.com/seq-queue/-/seq-queue-0.0.5.tgz#d56812e1c017a6e4e7c3e3a37a1da6d78dd3c93e" + integrity sha512-hr3Wtp/GZIc/6DAGPDcV4/9WoZhjrkXsi5B/07QgX8tsdc6ilr7BFM6PM6rbdAX1kFSDYeZGLipIZZKyQP0O5Q== + serve-static@1.15.0: version "1.15.0" resolved "https://registry.yarnpkg.com/serve-static/-/serve-static-1.15.0.tgz#faaef08cffe0a1a62f60cad0c4e513cff0ac9540" @@ -3080,10 +3129,10 @@ sqlite3@5.1.6: optionalDependencies: node-gyp "8.x" -sqlstring@2.3.1: - version "2.3.1" - resolved "https://registry.yarnpkg.com/sqlstring/-/sqlstring-2.3.1.tgz#475393ff9e91479aea62dcaf0ca3d14983a7fb40" - integrity sha1-R1OT/56RR5rqYtyvDKPRSYOn+0A= +sqlstring@^2.3.2: + version "2.3.3" + resolved "https://registry.yarnpkg.com/sqlstring/-/sqlstring-2.3.3.tgz#2ddc21f03bce2c387ed60680e739922c65751d0c" + integrity sha512-qC9iz2FlN7DQl3+wjwn3802RTyjCx7sDvfQEXchwa6CWOx07/WVfh91gBmQ9fahw8snwGEWU3xGzOt4tFyHLxg== ssri@^8.0.0, ssri@^8.0.1: version "8.0.1" From d69cb261570d501efe9f616848f1905a4f97d7e8 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sat, 21 Sep 2024 08:52:30 +0000 Subject: [PATCH 024/175] Bump body-parser from 1.20.2 to 1.20.3 in /backend Bumps [body-parser](https://github.com/expressjs/body-parser) from 1.20.2 to 1.20.3. - [Release notes](https://github.com/expressjs/body-parser/releases) - [Changelog](https://github.com/expressjs/body-parser/blob/master/HISTORY.md) - [Commits](https://github.com/expressjs/body-parser/compare/1.20.2...1.20.3) --- updated-dependencies: - dependency-name: body-parser dependency-type: direct:production ... Signed-off-by: dependabot[bot] --- backend/package.json | 2 +- backend/yarn.lock | 29 +++++++++++++++++++++++++++-- 2 files changed, 28 insertions(+), 3 deletions(-) diff --git a/backend/package.json b/backend/package.json index b938c9a9c..e25550cd2 100644 --- a/backend/package.json +++ b/backend/package.json @@ -8,7 +8,7 @@ "archiver": "^5.3.0", "batchflow": "^0.4.0", "bcrypt": "^5.0.0", - "body-parser": "^1.19.0", + "body-parser": "^1.20.3", "compression": "^1.7.4", "express": "^4.19.2", "express-fileupload": "^1.1.9", diff --git a/backend/yarn.lock b/backend/yarn.lock index af2095496..090d8b13f 100644 --- a/backend/yarn.lock +++ b/backend/yarn.lock @@ -407,7 +407,7 @@ blueimp-md5@^2.16.0: resolved "https://registry.yarnpkg.com/blueimp-md5/-/blueimp-md5-2.17.0.tgz#f4fcac088b115f7b4045f19f5da59e9d01b1bb96" integrity sha512-x5PKJHY5rHQYaADj6NwPUR2QRCUVSggPzrUKkeENpj871o9l9IefJbO2jkT5UvYykeOK9dx0VmkIo6dZ+vThYw== -body-parser@1.20.2, body-parser@^1.19.0: +body-parser@1.20.2: version "1.20.2" resolved "https://registry.yarnpkg.com/body-parser/-/body-parser-1.20.2.tgz#6feb0e21c4724d06de7ff38da36dad4f57a747fd" integrity sha512-ml9pReCu3M61kGlqoTm2umSXTlRTuGTx0bfYj+uIUKKYycG5NtSbeetV3faSU6R7ajOPw0g/J1PvK4qNy7s5bA== @@ -425,6 +425,24 @@ body-parser@1.20.2, body-parser@^1.19.0: type-is "~1.6.18" unpipe "1.0.0" +body-parser@^1.20.3: + version "1.20.3" + resolved "https://registry.yarnpkg.com/body-parser/-/body-parser-1.20.3.tgz#1953431221c6fb5cd63c4b36d53fab0928e548c6" + integrity sha512-7rAxByjUMqQ3/bHJy7D6OGXvx/MMc4IqBn/X0fcM1QUcAItpZrBEYhWGem+tzXH90c+G01ypMcYJBO9Y30203g== + dependencies: + bytes "3.1.2" + content-type "~1.0.5" + debug "2.6.9" + depd "2.0.0" + destroy "1.2.0" + http-errors "2.0.0" + iconv-lite "0.4.24" + on-finished "2.4.1" + qs "6.13.0" + raw-body "2.5.2" + type-is "~1.6.18" + unpipe "1.0.0" + boxen@^4.2.0: version "4.2.0" resolved "https://registry.yarnpkg.com/boxen/-/boxen-4.2.0.tgz#e411b62357d6d6d36587c8ac3d5d974daa070e64" @@ -2742,6 +2760,13 @@ qs@6.11.0: dependencies: side-channel "^1.0.4" +qs@6.13.0: + version "6.13.0" + resolved "https://registry.yarnpkg.com/qs/-/qs-6.13.0.tgz#6ca3bd58439f7e245655798997787b0d88a51906" + integrity sha512-+38qI9SOr8tfZ4QmJNplMUxqjbe7LKvvZgWdExBOmd+egZTtjLB67Gu0HRX3u/XOq7UU2Nx6nsjvS16Z9uwfpg== + dependencies: + side-channel "^1.0.6" + querystring@0.2.0: version "0.2.0" resolved "https://registry.yarnpkg.com/querystring/-/querystring-0.2.0.tgz#b209849203bb25df820da756e747005878521620" @@ -3013,7 +3038,7 @@ shebang-regex@^3.0.0: resolved "https://registry.yarnpkg.com/shebang-regex/-/shebang-regex-3.0.0.tgz#ae16f1644d873ecad843b0307b143362d4c42172" integrity sha512-7++dFhtcx3353uBaq8DDR4NuxBetBzC7ZQOhmTQInHEd6bSrXdiEyzCvG07Z44UYdLShWUyXt5M/yhz8ekcb1A== -side-channel@^1.0.4: +side-channel@^1.0.4, side-channel@^1.0.6: version "1.0.6" resolved "https://registry.yarnpkg.com/side-channel/-/side-channel-1.0.6.tgz#abd25fb7cd24baf45466406b1096b7831c9215f2" integrity sha512-fDW/EZ6Q9RiO8eFG8Hj+7u/oW+XrPTIChwCOM2+th2A6OblDtYYIpve9m+KvI9Z4C9qSEXlaGR6bTEYHReuglA== From e401095707fc4d93d03123385e5ff5191b5a3e4b Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 24 Sep 2024 00:54:26 +0000 Subject: [PATCH 025/175] Bump rollup from 4.17.2 to 4.22.4 in /docs Bumps [rollup](https://github.com/rollup/rollup) from 4.17.2 to 4.22.4. - [Release notes](https://github.com/rollup/rollup/releases) - [Changelog](https://github.com/rollup/rollup/blob/master/CHANGELOG.md) - [Commits](https://github.com/rollup/rollup/compare/v4.17.2...v4.22.4) --- updated-dependencies: - dependency-name: rollup dependency-type: indirect ... Signed-off-by: dependabot[bot] --- docs/yarn.lock | 196 ++++++++++++++++++++++++------------------------- 1 file changed, 98 insertions(+), 98 deletions(-) diff --git a/docs/yarn.lock b/docs/yarn.lock index 9249476a3..dca47086c 100644 --- a/docs/yarn.lock +++ b/docs/yarn.lock @@ -298,85 +298,85 @@ resolved "https://registry.yarnpkg.com/@jridgewell/sourcemap-codec/-/sourcemap-codec-1.4.15.tgz#d7c6e6755c78567a951e04ab52ef0fd26de59f32" integrity sha512-eF2rxCRulEKXHTRiDrDy6erMYWqNw4LPdQ8UQA4huuxaQsVeRPFl2oM8oDGxMFhJUWZf9McpLtJasDDZb/Bpeg== -"@rollup/rollup-android-arm-eabi@4.17.2": - version "4.17.2" - resolved "https://registry.yarnpkg.com/@rollup/rollup-android-arm-eabi/-/rollup-android-arm-eabi-4.17.2.tgz#1a32112822660ee104c5dd3a7c595e26100d4c2d" - integrity sha512-NM0jFxY8bB8QLkoKxIQeObCaDlJKewVlIEkuyYKm5An1tdVZ966w2+MPQ2l8LBZLjR+SgyV+nRkTIunzOYBMLQ== - -"@rollup/rollup-android-arm64@4.17.2": - version "4.17.2" - resolved "https://registry.yarnpkg.com/@rollup/rollup-android-arm64/-/rollup-android-arm64-4.17.2.tgz#5aeef206d65ff4db423f3a93f71af91b28662c5b" - integrity sha512-yeX/Usk7daNIVwkq2uGoq2BYJKZY1JfyLTaHO/jaiSwi/lsf8fTFoQW/n6IdAsx5tx+iotu2zCJwz8MxI6D/Bw== - -"@rollup/rollup-darwin-arm64@4.17.2": - version "4.17.2" - resolved "https://registry.yarnpkg.com/@rollup/rollup-darwin-arm64/-/rollup-darwin-arm64-4.17.2.tgz#6b66aaf003c70454c292cd5f0236ebdc6ffbdf1a" - integrity sha512-kcMLpE6uCwls023+kknm71ug7MZOrtXo+y5p/tsg6jltpDtgQY1Eq5sGfHcQfb+lfuKwhBmEURDga9N0ol4YPw== - -"@rollup/rollup-darwin-x64@4.17.2": - version "4.17.2" - resolved "https://registry.yarnpkg.com/@rollup/rollup-darwin-x64/-/rollup-darwin-x64-4.17.2.tgz#f64fc51ed12b19f883131ccbcea59fc68cbd6c0b" - integrity sha512-AtKwD0VEx0zWkL0ZjixEkp5tbNLzX+FCqGG1SvOu993HnSz4qDI6S4kGzubrEJAljpVkhRSlg5bzpV//E6ysTQ== - -"@rollup/rollup-linux-arm-gnueabihf@4.17.2": - version "4.17.2" - resolved "https://registry.yarnpkg.com/@rollup/rollup-linux-arm-gnueabihf/-/rollup-linux-arm-gnueabihf-4.17.2.tgz#1a7641111be67c10111f7122d1e375d1226cbf14" - integrity sha512-3reX2fUHqN7sffBNqmEyMQVj/CKhIHZd4y631duy0hZqI8Qoqf6lTtmAKvJFYa6bhU95B1D0WgzHkmTg33In0A== - -"@rollup/rollup-linux-arm-musleabihf@4.17.2": - version "4.17.2" - resolved "https://registry.yarnpkg.com/@rollup/rollup-linux-arm-musleabihf/-/rollup-linux-arm-musleabihf-4.17.2.tgz#c93fd632923e0fee25aacd2ae414288d0b7455bb" - integrity sha512-uSqpsp91mheRgw96xtyAGP9FW5ChctTFEoXP0r5FAzj/3ZRv3Uxjtc7taRQSaQM/q85KEKjKsZuiZM3GyUivRg== - -"@rollup/rollup-linux-arm64-gnu@4.17.2": - version "4.17.2" - resolved "https://registry.yarnpkg.com/@rollup/rollup-linux-arm64-gnu/-/rollup-linux-arm64-gnu-4.17.2.tgz#fa531425dd21d058a630947527b4612d9d0b4a4a" - integrity sha512-EMMPHkiCRtE8Wdk3Qhtciq6BndLtstqZIroHiiGzB3C5LDJmIZcSzVtLRbwuXuUft1Cnv+9fxuDtDxz3k3EW2A== - -"@rollup/rollup-linux-arm64-musl@4.17.2": - version "4.17.2" - resolved "https://registry.yarnpkg.com/@rollup/rollup-linux-arm64-musl/-/rollup-linux-arm64-musl-4.17.2.tgz#8acc16f095ceea5854caf7b07e73f7d1802ac5af" - integrity sha512-NMPylUUZ1i0z/xJUIx6VUhISZDRT+uTWpBcjdv0/zkp7b/bQDF+NfnfdzuTiB1G6HTodgoFa93hp0O1xl+/UbA== - -"@rollup/rollup-linux-powerpc64le-gnu@4.17.2": - version "4.17.2" - resolved "https://registry.yarnpkg.com/@rollup/rollup-linux-powerpc64le-gnu/-/rollup-linux-powerpc64le-gnu-4.17.2.tgz#94e69a8499b5cf368911b83a44bb230782aeb571" - integrity sha512-T19My13y8uYXPw/L/k0JYaX1fJKFT/PWdXiHr8mTbXWxjVF1t+8Xl31DgBBvEKclw+1b00Chg0hxE2O7bTG7GQ== - -"@rollup/rollup-linux-riscv64-gnu@4.17.2": - version "4.17.2" - resolved "https://registry.yarnpkg.com/@rollup/rollup-linux-riscv64-gnu/-/rollup-linux-riscv64-gnu-4.17.2.tgz#7ef1c781c7e59e85a6ce261cc95d7f1e0b56db0f" - integrity sha512-BOaNfthf3X3fOWAB+IJ9kxTgPmMqPPH5f5k2DcCsRrBIbWnaJCgX2ll77dV1TdSy9SaXTR5iDXRL8n7AnoP5cg== - -"@rollup/rollup-linux-s390x-gnu@4.17.2": - version "4.17.2" - resolved "https://registry.yarnpkg.com/@rollup/rollup-linux-s390x-gnu/-/rollup-linux-s390x-gnu-4.17.2.tgz#f15775841c3232fca9b78cd25a7a0512c694b354" - integrity sha512-W0UP/x7bnn3xN2eYMql2T/+wpASLE5SjObXILTMPUBDB/Fg/FxC+gX4nvCfPBCbNhz51C+HcqQp2qQ4u25ok6g== - -"@rollup/rollup-linux-x64-gnu@4.17.2": - version "4.17.2" - resolved "https://registry.yarnpkg.com/@rollup/rollup-linux-x64-gnu/-/rollup-linux-x64-gnu-4.17.2.tgz#b521d271798d037ad70c9f85dd97d25f8a52e811" - integrity sha512-Hy7pLwByUOuyaFC6mAr7m+oMC+V7qyifzs/nW2OJfC8H4hbCzOX07Ov0VFk/zP3kBsELWNFi7rJtgbKYsav9QQ== - -"@rollup/rollup-linux-x64-musl@4.17.2": - version "4.17.2" - resolved "https://registry.yarnpkg.com/@rollup/rollup-linux-x64-musl/-/rollup-linux-x64-musl-4.17.2.tgz#9254019cc4baac35800991315d133cc9fd1bf385" - integrity sha512-h1+yTWeYbRdAyJ/jMiVw0l6fOOm/0D1vNLui9iPuqgRGnXA0u21gAqOyB5iHjlM9MMfNOm9RHCQ7zLIzT0x11Q== - -"@rollup/rollup-win32-arm64-msvc@4.17.2": - version "4.17.2" - resolved "https://registry.yarnpkg.com/@rollup/rollup-win32-arm64-msvc/-/rollup-win32-arm64-msvc-4.17.2.tgz#27f65a89f6f52ee9426ec11e3571038e4671790f" - integrity sha512-tmdtXMfKAjy5+IQsVtDiCfqbynAQE/TQRpWdVataHmhMb9DCoJxp9vLcCBjEQWMiUYxO1QprH/HbY9ragCEFLA== - -"@rollup/rollup-win32-ia32-msvc@4.17.2": - version "4.17.2" - resolved "https://registry.yarnpkg.com/@rollup/rollup-win32-ia32-msvc/-/rollup-win32-ia32-msvc-4.17.2.tgz#a2fbf8246ed0bb014f078ca34ae6b377a90cb411" - integrity sha512-7II/QCSTAHuE5vdZaQEwJq2ZACkBpQDOmQsE6D6XUbnBHW8IAhm4eTufL6msLJorzrHDFv3CF8oCA/hSIRuZeQ== - -"@rollup/rollup-win32-x64-msvc@4.17.2": - version "4.17.2" - resolved "https://registry.yarnpkg.com/@rollup/rollup-win32-x64-msvc/-/rollup-win32-x64-msvc-4.17.2.tgz#5a2d08b81e8064b34242d5cc9973ef8dd1e60503" - integrity sha512-TGGO7v7qOq4CYmSBVEYpI1Y5xDuCEnbVC5Vth8mOsW0gDSzxNrVERPc790IGHsrT2dQSimgMr9Ub3Y1Jci5/8w== +"@rollup/rollup-android-arm-eabi@4.22.4": + version "4.22.4" + resolved "https://registry.yarnpkg.com/@rollup/rollup-android-arm-eabi/-/rollup-android-arm-eabi-4.22.4.tgz#8b613b9725e8f9479d142970b106b6ae878610d5" + integrity sha512-Fxamp4aEZnfPOcGA8KSNEohV8hX7zVHOemC8jVBoBUHu5zpJK/Eu3uJwt6BMgy9fkvzxDaurgj96F/NiLukF2w== + +"@rollup/rollup-android-arm64@4.22.4": + version "4.22.4" + resolved "https://registry.yarnpkg.com/@rollup/rollup-android-arm64/-/rollup-android-arm64-4.22.4.tgz#654ca1049189132ff602bfcf8df14c18da1f15fb" + integrity sha512-VXoK5UMrgECLYaMuGuVTOx5kcuap1Jm8g/M83RnCHBKOqvPPmROFJGQaZhGccnsFtfXQ3XYa4/jMCJvZnbJBdA== + +"@rollup/rollup-darwin-arm64@4.22.4": + version "4.22.4" + resolved "https://registry.yarnpkg.com/@rollup/rollup-darwin-arm64/-/rollup-darwin-arm64-4.22.4.tgz#6d241d099d1518ef0c2205d96b3fa52e0fe1954b" + integrity sha512-xMM9ORBqu81jyMKCDP+SZDhnX2QEVQzTcC6G18KlTQEzWK8r/oNZtKuZaCcHhnsa6fEeOBionoyl5JsAbE/36Q== + +"@rollup/rollup-darwin-x64@4.22.4": + version "4.22.4" + resolved "https://registry.yarnpkg.com/@rollup/rollup-darwin-x64/-/rollup-darwin-x64-4.22.4.tgz#42bd19d292a57ee11734c980c4650de26b457791" + integrity sha512-aJJyYKQwbHuhTUrjWjxEvGnNNBCnmpHDvrb8JFDbeSH3m2XdHcxDd3jthAzvmoI8w/kSjd2y0udT+4okADsZIw== + +"@rollup/rollup-linux-arm-gnueabihf@4.22.4": + version "4.22.4" + resolved "https://registry.yarnpkg.com/@rollup/rollup-linux-arm-gnueabihf/-/rollup-linux-arm-gnueabihf-4.22.4.tgz#f23555ee3d8fe941c5c5fd458cd22b65eb1c2232" + integrity sha512-j63YtCIRAzbO+gC2L9dWXRh5BFetsv0j0va0Wi9epXDgU/XUi5dJKo4USTttVyK7fGw2nPWK0PbAvyliz50SCQ== + +"@rollup/rollup-linux-arm-musleabihf@4.22.4": + version "4.22.4" + resolved "https://registry.yarnpkg.com/@rollup/rollup-linux-arm-musleabihf/-/rollup-linux-arm-musleabihf-4.22.4.tgz#f3bbd1ae2420f5539d40ac1fde2b38da67779baa" + integrity sha512-dJnWUgwWBX1YBRsuKKMOlXCzh2Wu1mlHzv20TpqEsfdZLb3WoJW2kIEsGwLkroYf24IrPAvOT/ZQ2OYMV6vlrg== + +"@rollup/rollup-linux-arm64-gnu@4.22.4": + version "4.22.4" + resolved "https://registry.yarnpkg.com/@rollup/rollup-linux-arm64-gnu/-/rollup-linux-arm64-gnu-4.22.4.tgz#7abe900120113e08a1f90afb84c7c28774054d15" + integrity sha512-AdPRoNi3NKVLolCN/Sp4F4N1d98c4SBnHMKoLuiG6RXgoZ4sllseuGioszumnPGmPM2O7qaAX/IJdeDU8f26Aw== + +"@rollup/rollup-linux-arm64-musl@4.22.4": + version "4.22.4" + resolved "https://registry.yarnpkg.com/@rollup/rollup-linux-arm64-musl/-/rollup-linux-arm64-musl-4.22.4.tgz#9e655285c8175cd44f57d6a1e8e5dedfbba1d820" + integrity sha512-Gl0AxBtDg8uoAn5CCqQDMqAx22Wx22pjDOjBdmG0VIWX3qUBHzYmOKh8KXHL4UpogfJ14G4wk16EQogF+v8hmA== + +"@rollup/rollup-linux-powerpc64le-gnu@4.22.4": + version "4.22.4" + resolved "https://registry.yarnpkg.com/@rollup/rollup-linux-powerpc64le-gnu/-/rollup-linux-powerpc64le-gnu-4.22.4.tgz#9a79ae6c9e9d8fe83d49e2712ecf4302db5bef5e" + integrity sha512-3aVCK9xfWW1oGQpTsYJJPF6bfpWfhbRnhdlyhak2ZiyFLDaayz0EP5j9V1RVLAAxlmWKTDfS9wyRyY3hvhPoOg== + +"@rollup/rollup-linux-riscv64-gnu@4.22.4": + version "4.22.4" + resolved "https://registry.yarnpkg.com/@rollup/rollup-linux-riscv64-gnu/-/rollup-linux-riscv64-gnu-4.22.4.tgz#67ac70eca4ace8e2942fabca95164e8874ab8128" + integrity sha512-ePYIir6VYnhgv2C5Xe9u+ico4t8sZWXschR6fMgoPUK31yQu7hTEJb7bCqivHECwIClJfKgE7zYsh1qTP3WHUA== + +"@rollup/rollup-linux-s390x-gnu@4.22.4": + version "4.22.4" + resolved "https://registry.yarnpkg.com/@rollup/rollup-linux-s390x-gnu/-/rollup-linux-s390x-gnu-4.22.4.tgz#9f883a7440f51a22ed7f99e1d070bd84ea5005fc" + integrity sha512-GqFJ9wLlbB9daxhVlrTe61vJtEY99/xB3C8e4ULVsVfflcpmR6c8UZXjtkMA6FhNONhj2eA5Tk9uAVw5orEs4Q== + +"@rollup/rollup-linux-x64-gnu@4.22.4": + version "4.22.4" + resolved "https://registry.yarnpkg.com/@rollup/rollup-linux-x64-gnu/-/rollup-linux-x64-gnu-4.22.4.tgz#70116ae6c577fe367f58559e2cffb5641a1dd9d0" + integrity sha512-87v0ol2sH9GE3cLQLNEy0K/R0pz1nvg76o8M5nhMR0+Q+BBGLnb35P0fVz4CQxHYXaAOhE8HhlkaZfsdUOlHwg== + +"@rollup/rollup-linux-x64-musl@4.22.4": + version "4.22.4" + resolved "https://registry.yarnpkg.com/@rollup/rollup-linux-x64-musl/-/rollup-linux-x64-musl-4.22.4.tgz#f473f88219feb07b0b98b53a7923be716d1d182f" + integrity sha512-UV6FZMUgePDZrFjrNGIWzDo/vABebuXBhJEqrHxrGiU6HikPy0Z3LfdtciIttEUQfuDdCn8fqh7wiFJjCNwO+g== + +"@rollup/rollup-win32-arm64-msvc@4.22.4": + version "4.22.4" + resolved "https://registry.yarnpkg.com/@rollup/rollup-win32-arm64-msvc/-/rollup-win32-arm64-msvc-4.22.4.tgz#4349482d17f5d1c58604d1c8900540d676f420e0" + integrity sha512-BjI+NVVEGAXjGWYHz/vv0pBqfGoUH0IGZ0cICTn7kB9PyjrATSkX+8WkguNjWoj2qSr1im/+tTGRaY+4/PdcQw== + +"@rollup/rollup-win32-ia32-msvc@4.22.4": + version "4.22.4" + resolved "https://registry.yarnpkg.com/@rollup/rollup-win32-ia32-msvc/-/rollup-win32-ia32-msvc-4.22.4.tgz#a6fc39a15db618040ec3c2a24c1e26cb5f4d7422" + integrity sha512-SiWG/1TuUdPvYmzmYnmd3IEifzR61Tragkbx9D3+R8mzQqDBz8v+BvZNDlkiTtI9T15KYZhP0ehn3Dld4n9J5g== + +"@rollup/rollup-win32-x64-msvc@4.22.4": + version "4.22.4" + resolved "https://registry.yarnpkg.com/@rollup/rollup-win32-x64-msvc/-/rollup-win32-x64-msvc-4.22.4.tgz#3dd5d53e900df2a40841882c02e56f866c04d202" + integrity sha512-j8pPKp53/lq9lMXN57S8cFz0MynJk8OWNuUnXct/9KCpKU7DgU3bYMJhwWmcqC0UU29p8Lr0/7KEVcaM6bf47Q== "@shikijs/core@1.5.0", "@shikijs/core@^1.3.0": version "1.5.0" @@ -697,28 +697,28 @@ rfdc@^1.3.1: integrity sha512-r5a3l5HzYlIC68TpmYKlxWjmOP6wiPJ1vWv2HeLhNsRZMrCkxeqxiHlQ21oXmQ4F3SiryXBHhAD7JZqvOJjFmg== rollup@^4.13.0: - version "4.17.2" - resolved "https://registry.yarnpkg.com/rollup/-/rollup-4.17.2.tgz#26d1785d0144122277fdb20ab3a24729ae68301f" - integrity sha512-/9ClTJPByC0U4zNLowV1tMBe8yMEAxewtR3cUNX5BoEpGH3dQEWpJLr6CLp0fPdYRF/fzVOgvDb1zXuakwF5kQ== + version "4.22.4" + resolved "https://registry.yarnpkg.com/rollup/-/rollup-4.22.4.tgz#4135a6446671cd2a2453e1ad42a45d5973ec3a0f" + integrity sha512-vD8HJ5raRcWOyymsR6Z3o6+RzfEPCnVLMFJ6vRslO1jt4LO6dUo5Qnpg7y4RkZFM2DMe3WUirkI5c16onjrc6A== dependencies: "@types/estree" "1.0.5" optionalDependencies: - "@rollup/rollup-android-arm-eabi" "4.17.2" - "@rollup/rollup-android-arm64" "4.17.2" - "@rollup/rollup-darwin-arm64" "4.17.2" - "@rollup/rollup-darwin-x64" "4.17.2" - "@rollup/rollup-linux-arm-gnueabihf" "4.17.2" - "@rollup/rollup-linux-arm-musleabihf" "4.17.2" - "@rollup/rollup-linux-arm64-gnu" "4.17.2" - "@rollup/rollup-linux-arm64-musl" "4.17.2" - "@rollup/rollup-linux-powerpc64le-gnu" "4.17.2" - "@rollup/rollup-linux-riscv64-gnu" "4.17.2" - "@rollup/rollup-linux-s390x-gnu" "4.17.2" - "@rollup/rollup-linux-x64-gnu" "4.17.2" - "@rollup/rollup-linux-x64-musl" "4.17.2" - "@rollup/rollup-win32-arm64-msvc" "4.17.2" - "@rollup/rollup-win32-ia32-msvc" "4.17.2" - "@rollup/rollup-win32-x64-msvc" "4.17.2" + "@rollup/rollup-android-arm-eabi" "4.22.4" + "@rollup/rollup-android-arm64" "4.22.4" + "@rollup/rollup-darwin-arm64" "4.22.4" + "@rollup/rollup-darwin-x64" "4.22.4" + "@rollup/rollup-linux-arm-gnueabihf" "4.22.4" + "@rollup/rollup-linux-arm-musleabihf" "4.22.4" + "@rollup/rollup-linux-arm64-gnu" "4.22.4" + "@rollup/rollup-linux-arm64-musl" "4.22.4" + "@rollup/rollup-linux-powerpc64le-gnu" "4.22.4" + "@rollup/rollup-linux-riscv64-gnu" "4.22.4" + "@rollup/rollup-linux-s390x-gnu" "4.22.4" + "@rollup/rollup-linux-x64-gnu" "4.22.4" + "@rollup/rollup-linux-x64-musl" "4.22.4" + "@rollup/rollup-win32-arm64-msvc" "4.22.4" + "@rollup/rollup-win32-ia32-msvc" "4.22.4" + "@rollup/rollup-win32-x64-msvc" "4.22.4" fsevents "~2.3.2" shiki@1.5.0, shiki@^1.3.0: From a8f1f7f01741d08ec4c28e3bf09b69e4506be275 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Rafa=C3=ABl=20Schridi?= Date: Wed, 25 Sep 2024 22:37:13 +0200 Subject: [PATCH 026/175] Add mijn.host dns plugin --- global/certbot-dns-plugins.json | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/global/certbot-dns-plugins.json b/global/certbot-dns-plugins.json index 606e7083c..feaa126eb 100644 --- a/global/certbot-dns-plugins.json +++ b/global/certbot-dns-plugins.json @@ -319,6 +319,14 @@ "credentials": "dns_luadns_email = user@example.com\ndns_luadns_token = 0123456789abcdef0123456789abcdef", "full_plugin_name": "dns-luadns" }, + "mijnhost": { + "name": "mijn.host", + "package_name": "certbot-dns-mijn-host", + "version": "~=0.0.4", + "dependencies": "", + "credentials": "dns-mijn-host-credentials = /etc/letsencrypt/mijnhost-credentials.ini", + "full_plugin_name": "dns-mijn-host" + }, "namecheap": { "name": "Namecheap", "package_name": "certbot-dns-namecheap", From dfe2588523a602dd275fb6aadebfe37701dcbb36 Mon Sep 17 00:00:00 2001 From: Jamie Curnow Date: Wed, 9 Oct 2024 18:05:15 +1000 Subject: [PATCH 027/175] Refactor API Schema and validation - /schema now returns full openapi/swagger schema - That schema is used to validate incoming requests - And used as a contract in future integration tests - Moved route files up one level - Fixed incorrect 404 reponses when getting objects - Fixed saving new objects and passing jsonschemavalidation --- backend/.vscode/settings.json | 8 - backend/app.js | 2 +- backend/index.js | 9 +- backend/internal/access-list.js | 4 +- backend/internal/certificate.js | 4 +- backend/internal/dead-host.js | 14 +- backend/internal/proxy-host.js | 14 +- backend/internal/redirection-host.js | 14 +- backend/internal/stream.js | 8 +- backend/internal/user.js | 2 +- backend/lib/validator/api.js | 17 +- backend/lib/validator/index.js | 15 +- backend/package.json | 1 + backend/routes/{api => }/audit-log.js | 12 +- backend/routes/{api => }/main.js | 6 +- .../routes/{api => }/nginx/access_lists.js | 23 +- .../routes/{api => }/nginx/certificates.js | 65 ++- backend/routes/{api => }/nginx/dead_hosts.js | 27 +- backend/routes/{api => }/nginx/proxy_hosts.js | 25 +- .../{api => }/nginx/redirection_hosts.js | 21 +- backend/routes/{api => }/nginx/streams.js | 25 +- backend/routes/{api => }/reports.js | 8 +- backend/routes/{api => }/schema.js | 14 +- backend/routes/{api => }/settings.js | 20 +- backend/routes/{api => }/tokens.js | 17 +- backend/routes/{api => }/users.js | 44 +- backend/schema/common.json | 128 ++++++ .../schema/components/access-list-object.json | 53 +++ .../schema/components/audit-log-object.json | 32 ++ .../schema/components/certificate-list.json | 7 + .../schema/components/certificate-object.json | 66 +++ backend/schema/components/dead-host-list.json | 7 + .../schema/components/dead-host-object.json | 47 +++ backend/schema/components/error-object.json | 14 + backend/schema/components/health-object.json | 38 ++ .../schema/components/permission-object.json | 41 ++ .../schema/components/proxy-host-list.json | 7 + .../schema/components/proxy-host-object.json | 148 +++++++ .../components/redirection-host-list.json | 7 + .../components/redirection-host-object.json | 72 ++++ .../schema/components/security-schemes.json | 6 + backend/schema/components/setting-list.json | 7 + backend/schema/components/setting-object.json | 53 +++ backend/schema/components/stream-list.json | 7 + backend/schema/components/stream-object.json | 60 +++ backend/schema/components/token-object.json | 19 + backend/schema/components/user-list.json | 7 + backend/schema/components/user-object.json | 61 +++ backend/schema/definitions.json | 240 ----------- backend/schema/endpoints/access-lists.json | 236 ----------- backend/schema/endpoints/certificates.json | 173 -------- backend/schema/endpoints/dead-hosts.json | 240 ----------- backend/schema/endpoints/proxy-hosts.json | 387 ------------------ .../schema/endpoints/redirection-hosts.json | 305 -------------- backend/schema/endpoints/settings.json | 99 ----- backend/schema/endpoints/streams.json | 234 ----------- backend/schema/endpoints/tokens.json | 100 ----- backend/schema/endpoints/users.json | 287 ------------- backend/schema/examples.json | 23 -- backend/schema/index.js | 41 ++ backend/schema/index.json | 42 -- backend/schema/paths/audit-log/get.json | 53 +++ backend/schema/paths/get.json | 29 ++ .../schema/paths/nginx/access-lists/get.json | 50 +++ .../nginx/access-lists/listID/delete.json | 39 ++ .../paths/nginx/access-lists/listID/get.json | 49 +++ .../paths/nginx/access-lists/listID/put.json | 164 ++++++++ .../schema/paths/nginx/access-lists/post.json | 155 +++++++ .../nginx/certificates/certID/delete.json | 39 ++ .../certificates/certID/download/get.json | 35 ++ .../paths/nginx/certificates/certID/get.json | 53 +++ .../nginx/certificates/certID/renew/post.json | 54 +++ .../certificates/certID/upload/post.json | 63 +++ .../schema/paths/nginx/certificates/get.json | 54 +++ .../schema/paths/nginx/certificates/post.json | 77 ++++ .../nginx/certificates/test-http/get.json | 40 ++ .../nginx/certificates/validate/post.json | 75 ++++ .../schema/paths/nginx/dead-hosts/get.json | 57 +++ .../paths/nginx/dead-hosts/hostID/delete.json | 39 ++ .../nginx/dead-hosts/hostID/disable/post.json | 59 +++ .../nginx/dead-hosts/hostID/enable/post.json | 59 +++ .../paths/nginx/dead-hosts/hostID/get.json | 56 +++ .../paths/nginx/dead-hosts/hostID/put.json | 110 +++++ .../schema/paths/nginx/dead-hosts/post.json | 95 +++++ .../schema/paths/nginx/proxy-hosts/get.json | 65 +++ .../nginx/proxy-hosts/hostID/delete.json | 39 ++ .../proxy-hosts/hostID/disable/post.json | 59 +++ .../nginx/proxy-hosts/hostID/enable/post.json | 59 +++ .../paths/nginx/proxy-hosts/hostID/get.json | 64 +++ .../paths/nginx/proxy-hosts/hostID/put.json | 145 +++++++ .../schema/paths/nginx/proxy-hosts/post.json | 130 ++++++ .../paths/nginx/redirection-hosts/get.json | 62 +++ .../redirection-hosts/hostID/delete.json | 39 ++ .../hostID/disable/post.json | 59 +++ .../redirection-hosts/hostID/enable/post.json | 59 +++ .../nginx/redirection-hosts/hostID/get.json | 61 +++ .../nginx/redirection-hosts/hostID/put.json | 130 ++++++ .../paths/nginx/redirection-hosts/post.json | 115 ++++++ backend/schema/paths/nginx/streams/get.json | 55 +++ backend/schema/paths/nginx/streams/post.json | 87 ++++ .../paths/nginx/streams/streamID/delete.json | 39 ++ .../nginx/streams/streamID/disable/post.json | 59 +++ .../nginx/streams/streamID/enable/post.json | 59 +++ .../paths/nginx/streams/streamID/get.json | 54 +++ .../paths/nginx/streams/streamID/put.json | 145 +++++++ backend/schema/paths/reports/hosts/get.json | 50 +++ backend/schema/paths/schema/get.json | 10 + backend/schema/paths/settings/get.json | 35 ++ .../schema/paths/settings/settingID/get.json | 46 +++ .../schema/paths/settings/settingID/put.json | 67 +++ backend/schema/paths/tokens/get.json | 30 ++ backend/schema/paths/tokens/post.json | 55 +++ backend/schema/paths/users/get.json | 74 ++++ backend/schema/paths/users/post.json | 88 ++++ .../schema/paths/users/userID/auth/put.json | 79 ++++ backend/schema/paths/users/userID/delete.json | 40 ++ backend/schema/paths/users/userID/get.json | 58 +++ .../schema/paths/users/userID/login/post.json | 73 ++++ .../paths/users/userID/permissions/put.json | 51 +++ backend/schema/paths/users/userID/put.json | 88 ++++ backend/schema/swagger.json | 265 ++++++++++++ backend/yarn.lock | 16 +- docker/docker-compose.dev.yml | 11 + 123 files changed, 5363 insertions(+), 2574 deletions(-) delete mode 100644 backend/.vscode/settings.json rename backend/routes/{api => }/audit-log.js (73%) rename backend/routes/{api => }/main.js (90%) rename backend/routes/{api => }/nginx/access_lists.js (79%) rename backend/routes/{api => }/nginx/certificates.js (80%) rename backend/routes/{api => }/nginx/dead_hosts.js (83%) rename backend/routes/{api => }/nginx/proxy_hosts.js (83%) rename backend/routes/{api => }/nginx/redirection_hosts.js (84%) rename backend/routes/{api => }/nginx/streams.js (84%) rename backend/routes/{api => }/reports.js (67%) rename backend/routes/{api => }/schema.js (71%) rename backend/routes/{api => }/settings.js (74%) rename backend/routes/{api => }/tokens.js (70%) rename backend/routes/{api => }/users.js (79%) create mode 100644 backend/schema/common.json create mode 100644 backend/schema/components/access-list-object.json create mode 100644 backend/schema/components/audit-log-object.json create mode 100644 backend/schema/components/certificate-list.json create mode 100644 backend/schema/components/certificate-object.json create mode 100644 backend/schema/components/dead-host-list.json create mode 100644 backend/schema/components/dead-host-object.json create mode 100644 backend/schema/components/error-object.json create mode 100644 backend/schema/components/health-object.json create mode 100644 backend/schema/components/permission-object.json create mode 100644 backend/schema/components/proxy-host-list.json create mode 100644 backend/schema/components/proxy-host-object.json create mode 100644 backend/schema/components/redirection-host-list.json create mode 100644 backend/schema/components/redirection-host-object.json create mode 100644 backend/schema/components/security-schemes.json create mode 100644 backend/schema/components/setting-list.json create mode 100644 backend/schema/components/setting-object.json create mode 100644 backend/schema/components/stream-list.json create mode 100644 backend/schema/components/stream-object.json create mode 100644 backend/schema/components/token-object.json create mode 100644 backend/schema/components/user-list.json create mode 100644 backend/schema/components/user-object.json delete mode 100644 backend/schema/definitions.json delete mode 100644 backend/schema/endpoints/access-lists.json delete mode 100644 backend/schema/endpoints/certificates.json delete mode 100644 backend/schema/endpoints/dead-hosts.json delete mode 100644 backend/schema/endpoints/proxy-hosts.json delete mode 100644 backend/schema/endpoints/redirection-hosts.json delete mode 100644 backend/schema/endpoints/settings.json delete mode 100644 backend/schema/endpoints/streams.json delete mode 100644 backend/schema/endpoints/tokens.json delete mode 100644 backend/schema/endpoints/users.json delete mode 100644 backend/schema/examples.json create mode 100644 backend/schema/index.js delete mode 100644 backend/schema/index.json create mode 100644 backend/schema/paths/audit-log/get.json create mode 100644 backend/schema/paths/get.json create mode 100644 backend/schema/paths/nginx/access-lists/get.json create mode 100644 backend/schema/paths/nginx/access-lists/listID/delete.json create mode 100644 backend/schema/paths/nginx/access-lists/listID/get.json create mode 100644 backend/schema/paths/nginx/access-lists/listID/put.json create mode 100644 backend/schema/paths/nginx/access-lists/post.json create mode 100644 backend/schema/paths/nginx/certificates/certID/delete.json create mode 100644 backend/schema/paths/nginx/certificates/certID/download/get.json create mode 100644 backend/schema/paths/nginx/certificates/certID/get.json create mode 100644 backend/schema/paths/nginx/certificates/certID/renew/post.json create mode 100644 backend/schema/paths/nginx/certificates/certID/upload/post.json create mode 100644 backend/schema/paths/nginx/certificates/get.json create mode 100644 backend/schema/paths/nginx/certificates/post.json create mode 100644 backend/schema/paths/nginx/certificates/test-http/get.json create mode 100644 backend/schema/paths/nginx/certificates/validate/post.json create mode 100644 backend/schema/paths/nginx/dead-hosts/get.json create mode 100644 backend/schema/paths/nginx/dead-hosts/hostID/delete.json create mode 100644 backend/schema/paths/nginx/dead-hosts/hostID/disable/post.json create mode 100644 backend/schema/paths/nginx/dead-hosts/hostID/enable/post.json create mode 100644 backend/schema/paths/nginx/dead-hosts/hostID/get.json create mode 100644 backend/schema/paths/nginx/dead-hosts/hostID/put.json create mode 100644 backend/schema/paths/nginx/dead-hosts/post.json create mode 100644 backend/schema/paths/nginx/proxy-hosts/get.json create mode 100644 backend/schema/paths/nginx/proxy-hosts/hostID/delete.json create mode 100644 backend/schema/paths/nginx/proxy-hosts/hostID/disable/post.json create mode 100644 backend/schema/paths/nginx/proxy-hosts/hostID/enable/post.json create mode 100644 backend/schema/paths/nginx/proxy-hosts/hostID/get.json create mode 100644 backend/schema/paths/nginx/proxy-hosts/hostID/put.json create mode 100644 backend/schema/paths/nginx/proxy-hosts/post.json create mode 100644 backend/schema/paths/nginx/redirection-hosts/get.json create mode 100644 backend/schema/paths/nginx/redirection-hosts/hostID/delete.json create mode 100644 backend/schema/paths/nginx/redirection-hosts/hostID/disable/post.json create mode 100644 backend/schema/paths/nginx/redirection-hosts/hostID/enable/post.json create mode 100644 backend/schema/paths/nginx/redirection-hosts/hostID/get.json create mode 100644 backend/schema/paths/nginx/redirection-hosts/hostID/put.json create mode 100644 backend/schema/paths/nginx/redirection-hosts/post.json create mode 100644 backend/schema/paths/nginx/streams/get.json create mode 100644 backend/schema/paths/nginx/streams/post.json create mode 100644 backend/schema/paths/nginx/streams/streamID/delete.json create mode 100644 backend/schema/paths/nginx/streams/streamID/disable/post.json create mode 100644 backend/schema/paths/nginx/streams/streamID/enable/post.json create mode 100644 backend/schema/paths/nginx/streams/streamID/get.json create mode 100644 backend/schema/paths/nginx/streams/streamID/put.json create mode 100644 backend/schema/paths/reports/hosts/get.json create mode 100644 backend/schema/paths/schema/get.json create mode 100644 backend/schema/paths/settings/get.json create mode 100644 backend/schema/paths/settings/settingID/get.json create mode 100644 backend/schema/paths/settings/settingID/put.json create mode 100644 backend/schema/paths/tokens/get.json create mode 100644 backend/schema/paths/tokens/post.json create mode 100644 backend/schema/paths/users/get.json create mode 100644 backend/schema/paths/users/post.json create mode 100644 backend/schema/paths/users/userID/auth/put.json create mode 100644 backend/schema/paths/users/userID/delete.json create mode 100644 backend/schema/paths/users/userID/get.json create mode 100644 backend/schema/paths/users/userID/login/post.json create mode 100644 backend/schema/paths/users/userID/permissions/put.json create mode 100644 backend/schema/paths/users/userID/put.json create mode 100644 backend/schema/swagger.json diff --git a/backend/.vscode/settings.json b/backend/.vscode/settings.json deleted file mode 100644 index 4e540ab30..000000000 --- a/backend/.vscode/settings.json +++ /dev/null @@ -1,8 +0,0 @@ -{ - "editor.insertSpaces": false, - "editor.formatOnSave": true, - "files.trimTrailingWhitespace": true, - "editor.codeActionsOnSave": { - "source.fixAll.eslint": true - } -} \ No newline at end of file diff --git a/backend/app.js b/backend/app.js index e528a0bbe..59f7def20 100644 --- a/backend/app.js +++ b/backend/app.js @@ -52,7 +52,7 @@ app.use(function (req, res, next) { }); app.use(require('./lib/express/jwt')()); -app.use('/', require('./routes/api/main')); +app.use('/', require('./routes/main')); // production error handler // no stacktraces leaked to user diff --git a/backend/index.js b/backend/index.js index 3d6d60071..551378251 100644 --- a/backend/index.js +++ b/backend/index.js @@ -1,23 +1,20 @@ #!/usr/bin/env node +const schema = require('./schema'); const logger = require('./logger').global; async function appStart () { const migrate = require('./migrate'); const setup = require('./setup'); const app = require('./app'); - const apiValidator = require('./lib/validator/api'); const internalCertificate = require('./internal/certificate'); const internalIpRanges = require('./internal/ip_ranges'); return migrate.latest() .then(setup) - .then(() => { - return apiValidator.loadSchemas; - }) + .then(schema.getCompiledSchema) .then(internalIpRanges.fetch) .then(() => { - internalCertificate.initTimer(); internalIpRanges.initTimer(); @@ -34,7 +31,7 @@ async function appStart () { }); }) .catch((err) => { - logger.error(err.message); + logger.error(err.message, err); setTimeout(appStart, 1000); }); } diff --git a/backend/internal/access-list.js b/backend/internal/access-list.js index 017fc738c..72326be68 100644 --- a/backend/internal/access-list.js +++ b/backend/internal/access-list.js @@ -269,7 +269,7 @@ const internalAccessList = { return query.then(utils.omitRow(omissions())); }) .then((row) => { - if (!row) { + if (!row || !row.id) { throw new error.ItemNotFoundError(data.id); } if (!skip_masking && typeof row.items !== 'undefined' && row.items) { @@ -296,7 +296,7 @@ const internalAccessList = { return internalAccessList.get(access, {id: data.id, expand: ['proxy_hosts', 'items', 'clients']}); }) .then((row) => { - if (!row) { + if (!row || !row.id) { throw new error.ItemNotFoundError(data.id); } diff --git a/backend/internal/certificate.js b/backend/internal/certificate.js index 291056caa..9bdfe695c 100644 --- a/backend/internal/certificate.js +++ b/backend/internal/certificate.js @@ -323,7 +323,7 @@ const internalCertificate = { return query.then(utils.omitRow(omissions())); }) .then((row) => { - if (!row) { + if (!row || !row.id) { throw new error.ItemNotFoundError(data.id); } // Custom omissions @@ -412,7 +412,7 @@ const internalCertificate = { return internalCertificate.get(access, {id: data.id}); }) .then((row) => { - if (!row) { + if (!row || !row.id) { throw new error.ItemNotFoundError(data.id); } diff --git a/backend/internal/dead-host.js b/backend/internal/dead-host.js index 2a6258e96..e672775eb 100644 --- a/backend/internal/dead-host.js +++ b/backend/internal/dead-host.js @@ -48,6 +48,12 @@ const internalDeadHost = { data.owner_user_id = access.token.getUserId(1); data = internalHost.cleanSslHstsData(data); + // Fix for db field not having a default value + // for this optional field. + if (typeof data.advanced_config === 'undefined') { + data.advanced_config = ''; + } + return deadHostModel .query() .insertAndFetch(data) @@ -233,7 +239,7 @@ const internalDeadHost = { return query.then(utils.omitRow(omissions())); }) .then((row) => { - if (!row) { + if (!row || !row.id) { throw new error.ItemNotFoundError(data.id); } // Custom omissions @@ -257,7 +263,7 @@ const internalDeadHost = { return internalDeadHost.get(access, {id: data.id}); }) .then((row) => { - if (!row) { + if (!row || !row.id) { throw new error.ItemNotFoundError(data.id); } @@ -305,7 +311,7 @@ const internalDeadHost = { }); }) .then((row) => { - if (!row) { + if (!row || !row.id) { throw new error.ItemNotFoundError(data.id); } else if (row.enabled) { throw new error.ValidationError('Host is already enabled'); @@ -351,7 +357,7 @@ const internalDeadHost = { return internalDeadHost.get(access, {id: data.id}); }) .then((row) => { - if (!row) { + if (!row || !row.id) { throw new error.ItemNotFoundError(data.id); } else if (!row.enabled) { throw new error.ValidationError('Host is already disabled'); diff --git a/backend/internal/proxy-host.js b/backend/internal/proxy-host.js index dbff1147d..0ea168789 100644 --- a/backend/internal/proxy-host.js +++ b/backend/internal/proxy-host.js @@ -48,6 +48,12 @@ const internalProxyHost = { data.owner_user_id = access.token.getUserId(1); data = internalHost.cleanSslHstsData(data); + // Fix for db field not having a default value + // for this optional field. + if (typeof data.advanced_config === 'undefined') { + data.advanced_config = ''; + } + return proxyHostModel .query() .insertAndFetch(data) @@ -239,7 +245,7 @@ const internalProxyHost = { return query.then(utils.omitRow(omissions())); }) .then((row) => { - if (!row) { + if (!row || !row.id) { throw new error.ItemNotFoundError(data.id); } row = internalHost.cleanRowCertificateMeta(row); @@ -264,7 +270,7 @@ const internalProxyHost = { return internalProxyHost.get(access, {id: data.id}); }) .then((row) => { - if (!row) { + if (!row || !row.id) { throw new error.ItemNotFoundError(data.id); } @@ -312,7 +318,7 @@ const internalProxyHost = { }); }) .then((row) => { - if (!row) { + if (!row || !row.id) { throw new error.ItemNotFoundError(data.id); } else if (row.enabled) { throw new error.ValidationError('Host is already enabled'); @@ -358,7 +364,7 @@ const internalProxyHost = { return internalProxyHost.get(access, {id: data.id}); }) .then((row) => { - if (!row) { + if (!row || !row.id) { throw new error.ItemNotFoundError(data.id); } else if (!row.enabled) { throw new error.ValidationError('Host is already disabled'); diff --git a/backend/internal/redirection-host.js b/backend/internal/redirection-host.js index 775d94f3a..41ff5b093 100644 --- a/backend/internal/redirection-host.js +++ b/backend/internal/redirection-host.js @@ -48,6 +48,12 @@ const internalRedirectionHost = { data.owner_user_id = access.token.getUserId(1); data = internalHost.cleanSslHstsData(data); + // Fix for db field not having a default value + // for this optional field. + if (typeof data.advanced_config === 'undefined') { + data.advanced_config = ''; + } + return redirectionHostModel .query() .insertAndFetch(data) @@ -232,7 +238,7 @@ const internalRedirectionHost = { return query.then(utils.omitRow(omissions())); }) .then((row) => { - if (!row) { + if (!row || !row.id) { throw new error.ItemNotFoundError(data.id); } row = internalHost.cleanRowCertificateMeta(row); @@ -257,7 +263,7 @@ const internalRedirectionHost = { return internalRedirectionHost.get(access, {id: data.id}); }) .then((row) => { - if (!row) { + if (!row || !row.id) { throw new error.ItemNotFoundError(data.id); } @@ -305,7 +311,7 @@ const internalRedirectionHost = { }); }) .then((row) => { - if (!row) { + if (!row || !row.id) { throw new error.ItemNotFoundError(data.id); } else if (row.enabled) { throw new error.ValidationError('Host is already enabled'); @@ -351,7 +357,7 @@ const internalRedirectionHost = { return internalRedirectionHost.get(access, {id: data.id}); }) .then((row) => { - if (!row) { + if (!row || !row.id) { throw new error.ItemNotFoundError(data.id); } else if (!row.enabled) { throw new error.ValidationError('Host is already disabled'); diff --git a/backend/internal/stream.js b/backend/internal/stream.js index a159cfdd3..ee88d46fc 100644 --- a/backend/internal/stream.js +++ b/backend/internal/stream.js @@ -128,7 +128,7 @@ const internalStream = { return query.then(utils.omitRow(omissions())); }) .then((row) => { - if (!row) { + if (!row || !row.id) { throw new error.ItemNotFoundError(data.id); } // Custom omissions @@ -152,7 +152,7 @@ const internalStream = { return internalStream.get(access, {id: data.id}); }) .then((row) => { - if (!row) { + if (!row || !row.id) { throw new error.ItemNotFoundError(data.id); } @@ -200,7 +200,7 @@ const internalStream = { }); }) .then((row) => { - if (!row) { + if (!row || !row.id) { throw new error.ItemNotFoundError(data.id); } else if (row.enabled) { throw new error.ValidationError('Host is already enabled'); @@ -246,7 +246,7 @@ const internalStream = { return internalStream.get(access, {id: data.id}); }) .then((row) => { - if (!row) { + if (!row || !row.id) { throw new error.ItemNotFoundError(data.id); } else if (!row.enabled) { throw new error.ValidationError('Host is already disabled'); diff --git a/backend/internal/user.js b/backend/internal/user.js index a1d90447f..742ab65d3 100644 --- a/backend/internal/user.js +++ b/backend/internal/user.js @@ -194,7 +194,7 @@ const internalUser = { return query.then(utils.omitRow(omissions())); }) .then((row) => { - if (!row) { + if (!row || !row.id) { throw new error.ItemNotFoundError(data.id); } // Custom omissions diff --git a/backend/lib/validator/api.js b/backend/lib/validator/api.js index 3f51b5969..c0876ab32 100644 --- a/backend/lib/validator/api.js +++ b/backend/lib/validator/api.js @@ -1,6 +1,4 @@ -const error = require('../error'); -const path = require('path'); -const parser = require('json-schema-ref-parser'); +const error = require('../error'); const ajv = require('ajv')({ verbose: true, @@ -17,8 +15,14 @@ const ajv = require('ajv')({ */ function apiValidator (schema, payload/*, description*/) { return new Promise(function Promise_apiValidator (resolve, reject) { + if (schema === null) { + reject(new error.ValidationError('Schema is undefined')); + return; + } + if (typeof payload === 'undefined') { reject(new error.ValidationError('Payload is undefined')); + return; } let validate = ajv.compile(schema); @@ -35,11 +39,4 @@ function apiValidator (schema, payload/*, description*/) { }); } -apiValidator.loadSchemas = parser - .dereference(path.resolve('schema/index.json')) - .then((schema) => { - ajv.addSchema(schema); - return schema; - }); - module.exports = apiValidator; diff --git a/backend/lib/validator/index.js b/backend/lib/validator/index.js index d09c9be5f..3c5265b17 100644 --- a/backend/lib/validator/index.js +++ b/backend/lib/validator/index.js @@ -1,6 +1,6 @@ -const _ = require('lodash'); -const error = require('../error'); -const definitions = require('../../schema/definitions.json'); +const _ = require('lodash'); +const error = require('../error'); +const commonDefinitions = require('../../schema/common.json'); RegExp.prototype.toJSON = RegExp.prototype.toString; @@ -9,9 +9,7 @@ const ajv = require('ajv')({ allErrors: true, format: 'full', // strict regexes for format checks coerceTypes: true, - schemas: [ - definitions - ] + schemas: [commonDefinitions] }); /** @@ -27,21 +25,18 @@ function validator (schema, payload) { } else { try { let validate = ajv.compile(schema); + let valid = validate(payload); - let valid = validate(payload); if (valid && !validate.errors) { resolve(_.cloneDeep(payload)); } else { let message = ajv.errorsText(validate.errors); reject(new error.InternalValidationError(message)); } - } catch (err) { reject(err); } - } - }); } diff --git a/backend/package.json b/backend/package.json index b938c9a9c..379c6e68c 100644 --- a/backend/package.json +++ b/backend/package.json @@ -4,6 +4,7 @@ "description": "A beautiful interface for creating Nginx endpoints", "main": "js/index.js", "dependencies": { + "@apidevtools/json-schema-ref-parser": "^11.7.0", "ajv": "^6.12.0", "archiver": "^5.3.0", "batchflow": "^0.4.0", diff --git a/backend/routes/api/audit-log.js b/backend/routes/audit-log.js similarity index 73% rename from backend/routes/api/audit-log.js rename to backend/routes/audit-log.js index 8a2490c3f..6467a63d2 100644 --- a/backend/routes/api/audit-log.js +++ b/backend/routes/audit-log.js @@ -1,7 +1,7 @@ const express = require('express'); -const validator = require('../../lib/validator'); -const jwtdecode = require('../../lib/express/jwt-decode'); -const internalAuditLog = require('../../internal/audit-log'); +const validator = require('../lib/validator'); +const jwtdecode = require('../lib/express/jwt-decode'); +const internalAuditLog = require('../internal/audit-log'); let router = express.Router({ caseSensitive: true, @@ -14,7 +14,7 @@ let router = express.Router({ */ router .route('/') - .options((req, res) => { + .options((_, res) => { res.sendStatus(204); }) .all(jwtdecode()) @@ -29,10 +29,10 @@ router additionalProperties: false, properties: { expand: { - $ref: 'definitions#/definitions/expand' + $ref: 'common#/definitions/expand' }, query: { - $ref: 'definitions#/definitions/query' + $ref: 'common#/definitions/query' } } }, { diff --git a/backend/routes/api/main.js b/backend/routes/main.js similarity index 90% rename from backend/routes/api/main.js rename to backend/routes/main.js index 33cbbc21f..b97096d0e 100644 --- a/backend/routes/api/main.js +++ b/backend/routes/main.js @@ -1,6 +1,6 @@ const express = require('express'); -const pjson = require('../../package.json'); -const error = require('../../lib/error'); +const pjson = require('../package.json'); +const error = require('../lib/error'); let router = express.Router({ caseSensitive: true, @@ -43,7 +43,7 @@ router.use('/nginx/certificates', require('./nginx/certificates')); * * ALL /api/* */ -router.all(/(.+)/, function (req, res, next) { +router.all(/(.+)/, function (req, _, next) { req.params.page = req.params['0']; next(new error.ItemNotFoundError(req.params.page)); }); diff --git a/backend/routes/api/nginx/access_lists.js b/backend/routes/nginx/access_lists.js similarity index 79% rename from backend/routes/api/nginx/access_lists.js rename to backend/routes/nginx/access_lists.js index d55c3ae12..79e920ddb 100644 --- a/backend/routes/api/nginx/access_lists.js +++ b/backend/routes/nginx/access_lists.js @@ -1,8 +1,9 @@ const express = require('express'); -const validator = require('../../../lib/validator'); -const jwtdecode = require('../../../lib/express/jwt-decode'); -const internalAccessList = require('../../../internal/access-list'); -const apiValidator = require('../../../lib/validator/api'); +const validator = require('../../lib/validator'); +const jwtdecode = require('../../lib/express/jwt-decode'); +const apiValidator = require('../../lib/validator/api'); +const internalAccessList = require('../../internal/access-list'); +const schema = require('../../schema'); let router = express.Router({ caseSensitive: true, @@ -30,10 +31,10 @@ router additionalProperties: false, properties: { expand: { - $ref: 'definitions#/definitions/expand' + $ref: 'common#/definitions/expand' }, query: { - $ref: 'definitions#/definitions/query' + $ref: 'common#/definitions/query' } } }, { @@ -56,7 +57,7 @@ router * Create a new access-list */ .post((req, res, next) => { - apiValidator({$ref: 'endpoints/access-lists#/links/1/schema'}, req.body) + apiValidator(schema.getValidationSchema('/nginx/access-lists', 'post'), req.body) .then((payload) => { return internalAccessList.create(res.locals.access, payload); }) @@ -74,7 +75,7 @@ router */ router .route('/:list_id') - .options((req, res) => { + .options((_, res) => { res.sendStatus(204); }) .all(jwtdecode()) @@ -90,10 +91,10 @@ router additionalProperties: false, properties: { list_id: { - $ref: 'definitions#/definitions/id' + $ref: 'common#/definitions/id' }, expand: { - $ref: 'definitions#/definitions/expand' + $ref: 'common#/definitions/expand' } } }, { @@ -119,7 +120,7 @@ router * Update and existing access-list */ .put((req, res, next) => { - apiValidator({$ref: 'endpoints/access-lists#/links/2/schema'}, req.body) + apiValidator(schema.getValidationSchema('/nginx/access-lists/{listID}', 'put'), req.body) .then((payload) => { payload.id = parseInt(req.params.list_id, 10); return internalAccessList.update(res.locals.access, payload); diff --git a/backend/routes/api/nginx/certificates.js b/backend/routes/nginx/certificates.js similarity index 80% rename from backend/routes/api/nginx/certificates.js rename to backend/routes/nginx/certificates.js index ffdfb515d..b6ad7c69c 100644 --- a/backend/routes/api/nginx/certificates.js +++ b/backend/routes/nginx/certificates.js @@ -1,8 +1,10 @@ const express = require('express'); -const validator = require('../../../lib/validator'); -const jwtdecode = require('../../../lib/express/jwt-decode'); -const internalCertificate = require('../../../internal/certificate'); -const apiValidator = require('../../../lib/validator/api'); +const error = require('../../lib/error'); +const validator = require('../../lib/validator'); +const jwtdecode = require('../../lib/express/jwt-decode'); +const apiValidator = require('../../lib/validator/api'); +const internalCertificate = require('../../internal/certificate'); +const schema = require('../../schema'); let router = express.Router({ caseSensitive: true, @@ -15,7 +17,7 @@ let router = express.Router({ */ router .route('/') - .options((req, res) => { + .options((_, res) => { res.sendStatus(204); }) .all(jwtdecode()) @@ -30,10 +32,10 @@ router additionalProperties: false, properties: { expand: { - $ref: 'definitions#/definitions/expand' + $ref: 'common#/definitions/expand' }, query: { - $ref: 'definitions#/definitions/query' + $ref: 'common#/definitions/query' } } }, { @@ -56,7 +58,7 @@ router * Create a new certificate */ .post((req, res, next) => { - apiValidator({$ref: 'endpoints/certificates#/links/1/schema'}, req.body) + apiValidator(schema.getValidationSchema('/nginx/certificates', 'post'), req.body) .then((payload) => { req.setTimeout(900000); // 15 minutes timeout return internalCertificate.create(res.locals.access, payload); @@ -75,17 +77,22 @@ router */ router .route('/test-http') - .options((req, res) => { + .options((_, res) => { res.sendStatus(204); }) .all(jwtdecode()) -/** - * GET /api/nginx/certificates/test-http - * - * Test HTTP challenge for domains - */ + /** + * GET /api/nginx/certificates/test-http + * + * Test HTTP challenge for domains + */ .get((req, res, next) => { + if (req.query.domains === undefined) { + next(new error.ValidationError('Domains are required as query parameters')); + return; + } + internalCertificate.testHttpsChallenge(res.locals.access, JSON.parse(req.query.domains)) .then((result) => { res.status(200) @@ -101,7 +108,7 @@ router */ router .route('/:certificate_id') - .options((req, res) => { + .options((_, res) => { res.sendStatus(204); }) .all(jwtdecode()) @@ -117,10 +124,10 @@ router additionalProperties: false, properties: { certificate_id: { - $ref: 'definitions#/definitions/id' + $ref: 'common#/definitions/id' }, expand: { - $ref: 'definitions#/definitions/expand' + $ref: 'common#/definitions/expand' } } }, { @@ -140,24 +147,6 @@ router .catch(next); }) - /** - * PUT /api/nginx/certificates/123 - * - * Update and existing certificate - */ - .put((req, res, next) => { - apiValidator({$ref: 'endpoints/certificates#/links/2/schema'}, req.body) - .then((payload) => { - payload.id = parseInt(req.params.certificate_id, 10); - return internalCertificate.update(res.locals.access, payload); - }) - .then((result) => { - res.status(200) - .send(result); - }) - .catch(next); - }) - /** * DELETE /api/nginx/certificates/123 * @@ -179,7 +168,7 @@ router */ router .route('/:certificate_id/upload') - .options((req, res) => { + .options((_, res) => { res.sendStatus(204); }) .all(jwtdecode()) @@ -213,7 +202,7 @@ router */ router .route('/:certificate_id/renew') - .options((req, res) => { + .options((_, res) => { res.sendStatus(204); }) .all(jwtdecode()) @@ -270,7 +259,7 @@ router */ router .route('/validate') - .options((req, res) => { + .options((_, res) => { res.sendStatus(204); }) .all(jwtdecode()) diff --git a/backend/routes/api/nginx/dead_hosts.js b/backend/routes/nginx/dead_hosts.js similarity index 83% rename from backend/routes/api/nginx/dead_hosts.js rename to backend/routes/nginx/dead_hosts.js index 08b58f2de..4523d3e42 100644 --- a/backend/routes/api/nginx/dead_hosts.js +++ b/backend/routes/nginx/dead_hosts.js @@ -1,8 +1,9 @@ const express = require('express'); -const validator = require('../../../lib/validator'); -const jwtdecode = require('../../../lib/express/jwt-decode'); -const internalDeadHost = require('../../../internal/dead-host'); -const apiValidator = require('../../../lib/validator/api'); +const validator = require('../../lib/validator'); +const jwtdecode = require('../../lib/express/jwt-decode'); +const apiValidator = require('../../lib/validator/api'); +const internalDeadHost = require('../../internal/dead-host'); +const schema = require('../../schema'); let router = express.Router({ caseSensitive: true, @@ -15,7 +16,7 @@ let router = express.Router({ */ router .route('/') - .options((req, res) => { + .options((_, res) => { res.sendStatus(204); }) .all(jwtdecode()) @@ -30,10 +31,10 @@ router additionalProperties: false, properties: { expand: { - $ref: 'definitions#/definitions/expand' + $ref: 'common#/definitions/expand' }, query: { - $ref: 'definitions#/definitions/query' + $ref: 'common#/definitions/query' } } }, { @@ -56,7 +57,7 @@ router * Create a new dead-host */ .post((req, res, next) => { - apiValidator({$ref: 'endpoints/dead-hosts#/links/1/schema'}, req.body) + apiValidator(schema.getValidationSchema('/nginx/dead-hosts', 'post'), req.body) .then((payload) => { return internalDeadHost.create(res.locals.access, payload); }) @@ -90,10 +91,10 @@ router additionalProperties: false, properties: { host_id: { - $ref: 'definitions#/definitions/id' + $ref: 'common#/definitions/id' }, expand: { - $ref: 'definitions#/definitions/expand' + $ref: 'common#/definitions/expand' } } }, { @@ -119,7 +120,7 @@ router * Update and existing dead-host */ .put((req, res, next) => { - apiValidator({$ref: 'endpoints/dead-hosts#/links/2/schema'}, req.body) + apiValidator(schema.getValidationSchema('/nginx/dead-hosts/{hostID}', 'put'), req.body) .then((payload) => { payload.id = parseInt(req.params.host_id, 10); return internalDeadHost.update(res.locals.access, payload); @@ -152,7 +153,7 @@ router */ router .route('/:host_id/enable') - .options((req, res) => { + .options((_, res) => { res.sendStatus(204); }) .all(jwtdecode()) @@ -176,7 +177,7 @@ router */ router .route('/:host_id/disable') - .options((req, res) => { + .options((_, res) => { res.sendStatus(204); }) .all(jwtdecode()) diff --git a/backend/routes/api/nginx/proxy_hosts.js b/backend/routes/nginx/proxy_hosts.js similarity index 83% rename from backend/routes/api/nginx/proxy_hosts.js rename to backend/routes/nginx/proxy_hosts.js index 6f933c3d3..6ace41954 100644 --- a/backend/routes/api/nginx/proxy_hosts.js +++ b/backend/routes/nginx/proxy_hosts.js @@ -1,8 +1,9 @@ const express = require('express'); -const validator = require('../../../lib/validator'); -const jwtdecode = require('../../../lib/express/jwt-decode'); -const internalProxyHost = require('../../../internal/proxy-host'); -const apiValidator = require('../../../lib/validator/api'); +const validator = require('../../lib/validator'); +const jwtdecode = require('../../lib/express/jwt-decode'); +const apiValidator = require('../../lib/validator/api'); +const internalProxyHost = require('../../internal/proxy-host'); +const schema = require('../../schema'); let router = express.Router({ caseSensitive: true, @@ -30,10 +31,10 @@ router additionalProperties: false, properties: { expand: { - $ref: 'definitions#/definitions/expand' + $ref: 'common#/definitions/expand' }, query: { - $ref: 'definitions#/definitions/query' + $ref: 'common#/definitions/query' } } }, { @@ -56,7 +57,7 @@ router * Create a new proxy-host */ .post((req, res, next) => { - apiValidator({$ref: 'endpoints/proxy-hosts#/links/1/schema'}, req.body) + apiValidator(schema.getValidationSchema('/nginx/proxy-hosts', 'post'), req.body) .then((payload) => { return internalProxyHost.create(res.locals.access, payload); }) @@ -90,10 +91,10 @@ router additionalProperties: false, properties: { host_id: { - $ref: 'definitions#/definitions/id' + $ref: 'common#/definitions/id' }, expand: { - $ref: 'definitions#/definitions/expand' + $ref: 'common#/definitions/expand' } } }, { @@ -119,7 +120,7 @@ router * Update and existing proxy-host */ .put((req, res, next) => { - apiValidator({$ref: 'endpoints/proxy-hosts#/links/2/schema'}, req.body) + apiValidator(schema.getValidationSchema('/nginx/proxy-hosts/{hostID}', 'put'), req.body) .then((payload) => { payload.id = parseInt(req.params.host_id, 10); return internalProxyHost.update(res.locals.access, payload); @@ -152,7 +153,7 @@ router */ router .route('/:host_id/enable') - .options((req, res) => { + .options((_, res) => { res.sendStatus(204); }) .all(jwtdecode()) @@ -176,7 +177,7 @@ router */ router .route('/:host_id/disable') - .options((req, res) => { + .options((_, res) => { res.sendStatus(204); }) .all(jwtdecode()) diff --git a/backend/routes/api/nginx/redirection_hosts.js b/backend/routes/nginx/redirection_hosts.js similarity index 84% rename from backend/routes/api/nginx/redirection_hosts.js rename to backend/routes/nginx/redirection_hosts.js index 4d44c1126..de334e74e 100644 --- a/backend/routes/api/nginx/redirection_hosts.js +++ b/backend/routes/nginx/redirection_hosts.js @@ -1,8 +1,9 @@ const express = require('express'); -const validator = require('../../../lib/validator'); -const jwtdecode = require('../../../lib/express/jwt-decode'); -const internalRedirectionHost = require('../../../internal/redirection-host'); -const apiValidator = require('../../../lib/validator/api'); +const validator = require('../../lib/validator'); +const jwtdecode = require('../../lib/express/jwt-decode'); +const apiValidator = require('../../lib/validator/api'); +const internalRedirectionHost = require('../../internal/redirection-host'); +const schema = require('../../schema'); let router = express.Router({ caseSensitive: true, @@ -30,10 +31,10 @@ router additionalProperties: false, properties: { expand: { - $ref: 'definitions#/definitions/expand' + $ref: 'common#/definitions/expand' }, query: { - $ref: 'definitions#/definitions/query' + $ref: 'common#/definitions/query' } } }, { @@ -56,7 +57,7 @@ router * Create a new redirection-host */ .post((req, res, next) => { - apiValidator({$ref: 'endpoints/redirection-hosts#/links/1/schema'}, req.body) + apiValidator(schema.getValidationSchema('/nginx/redirection-hosts', 'post'), req.body) .then((payload) => { return internalRedirectionHost.create(res.locals.access, payload); }) @@ -90,10 +91,10 @@ router additionalProperties: false, properties: { host_id: { - $ref: 'definitions#/definitions/id' + $ref: 'common#/definitions/id' }, expand: { - $ref: 'definitions#/definitions/expand' + $ref: 'common#/definitions/expand' } } }, { @@ -119,7 +120,7 @@ router * Update and existing redirection-host */ .put((req, res, next) => { - apiValidator({$ref: 'endpoints/redirection-hosts#/links/2/schema'}, req.body) + apiValidator(schema.getValidationSchema('/nginx/redirection-hosts/{hostID}', 'put'), req.body) .then((payload) => { payload.id = parseInt(req.params.host_id, 10); return internalRedirectionHost.update(res.locals.access, payload); diff --git a/backend/routes/api/nginx/streams.js b/backend/routes/nginx/streams.js similarity index 84% rename from backend/routes/api/nginx/streams.js rename to backend/routes/nginx/streams.js index 5e3fc28fe..1f68c1989 100644 --- a/backend/routes/api/nginx/streams.js +++ b/backend/routes/nginx/streams.js @@ -1,8 +1,9 @@ const express = require('express'); -const validator = require('../../../lib/validator'); -const jwtdecode = require('../../../lib/express/jwt-decode'); -const internalStream = require('../../../internal/stream'); -const apiValidator = require('../../../lib/validator/api'); +const validator = require('../../lib/validator'); +const jwtdecode = require('../../lib/express/jwt-decode'); +const apiValidator = require('../../lib/validator/api'); +const internalStream = require('../../internal/stream'); +const schema = require('../../schema'); let router = express.Router({ caseSensitive: true, @@ -30,10 +31,10 @@ router additionalProperties: false, properties: { expand: { - $ref: 'definitions#/definitions/expand' + $ref: 'common#/definitions/expand' }, query: { - $ref: 'definitions#/definitions/query' + $ref: 'common#/definitions/query' } } }, { @@ -56,7 +57,7 @@ router * Create a new stream */ .post((req, res, next) => { - apiValidator({$ref: 'endpoints/streams#/links/1/schema'}, req.body) + apiValidator(schema.getValidationSchema('/nginx/streams', 'post'), req.body) .then((payload) => { return internalStream.create(res.locals.access, payload); }) @@ -90,10 +91,10 @@ router additionalProperties: false, properties: { stream_id: { - $ref: 'definitions#/definitions/id' + $ref: 'common#/definitions/id' }, expand: { - $ref: 'definitions#/definitions/expand' + $ref: 'common#/definitions/expand' } } }, { @@ -119,7 +120,7 @@ router * Update and existing stream */ .put((req, res, next) => { - apiValidator({$ref: 'endpoints/streams#/links/2/schema'}, req.body) + apiValidator(schema.getValidationSchema('/nginx/streams/{streamID}', 'put'), req.body) .then((payload) => { payload.id = parseInt(req.params.stream_id, 10); return internalStream.update(res.locals.access, payload); @@ -152,7 +153,7 @@ router */ router .route('/:host_id/enable') - .options((req, res) => { + .options((_, res) => { res.sendStatus(204); }) .all(jwtdecode()) @@ -176,7 +177,7 @@ router */ router .route('/:host_id/disable') - .options((req, res) => { + .options((_, res) => { res.sendStatus(204); }) .all(jwtdecode()) diff --git a/backend/routes/api/reports.js b/backend/routes/reports.js similarity index 67% rename from backend/routes/api/reports.js rename to backend/routes/reports.js index 9e2c98c89..98c6cf86d 100644 --- a/backend/routes/api/reports.js +++ b/backend/routes/reports.js @@ -1,6 +1,6 @@ const express = require('express'); -const jwtdecode = require('../../lib/express/jwt-decode'); -const internalReport = require('../../internal/report'); +const jwtdecode = require('../lib/express/jwt-decode'); +const internalReport = require('../internal/report'); let router = express.Router({ caseSensitive: true, @@ -10,14 +10,14 @@ let router = express.Router({ router .route('/hosts') - .options((req, res) => { + .options((_, res) => { res.sendStatus(204); }) /** * GET /reports/hosts */ - .get(jwtdecode(), (req, res, next) => { + .get(jwtdecode(), (_, res, next) => { internalReport.getHostsReport(res.locals.access) .then((data) => { res.status(200) diff --git a/backend/routes/api/schema.js b/backend/routes/schema.js similarity index 71% rename from backend/routes/api/schema.js rename to backend/routes/schema.js index fc6bd5bdf..fc3e48b6c 100644 --- a/backend/routes/api/schema.js +++ b/backend/routes/schema.js @@ -1,8 +1,8 @@ -const express = require('express'); -const swaggerJSON = require('../../doc/api.swagger.json'); -const PACKAGE = require('../../package.json'); +const express = require('express'); +const schema = require('../schema'); +const PACKAGE = require('../package.json'); -let router = express.Router({ +const router = express.Router({ caseSensitive: true, strict: true, mergeParams: true @@ -10,14 +10,16 @@ let router = express.Router({ router .route('/') - .options((req, res) => { + .options((_, res) => { res.sendStatus(204); }) /** * GET /schema */ - .get((req, res/*, next*/) => { + .get(async (req, res) => { + let swaggerJSON = await schema.getCompiledSchema(); + let proto = req.protocol; if (typeof req.headers['x-forwarded-proto'] !== 'undefined' && req.headers['x-forwarded-proto']) { proto = req.headers['x-forwarded-proto']; diff --git a/backend/routes/api/settings.js b/backend/routes/settings.js similarity index 74% rename from backend/routes/api/settings.js rename to backend/routes/settings.js index d08b2bf5c..dac4c3d1a 100644 --- a/backend/routes/api/settings.js +++ b/backend/routes/settings.js @@ -1,8 +1,9 @@ const express = require('express'); -const validator = require('../../lib/validator'); -const jwtdecode = require('../../lib/express/jwt-decode'); -const internalSetting = require('../../internal/setting'); -const apiValidator = require('../../lib/validator/api'); +const validator = require('../lib/validator'); +const jwtdecode = require('../lib/express/jwt-decode'); +const apiValidator = require('../lib/validator/api'); +const internalSetting = require('../internal/setting'); +const schema = require('../schema'); let router = express.Router({ caseSensitive: true, @@ -15,7 +16,7 @@ let router = express.Router({ */ router .route('/') - .options((req, res) => { + .options((_, res) => { res.sendStatus(204); }) .all(jwtdecode()) @@ -25,7 +26,7 @@ router * * Retrieve all settings */ - .get((req, res, next) => { + .get((_, res, next) => { internalSetting.getAll(res.locals.access) .then((rows) => { res.status(200) @@ -41,7 +42,7 @@ router */ router .route('/:setting_id') - .options((req, res) => { + .options((_, res) => { res.sendStatus(204); }) .all(jwtdecode()) @@ -57,7 +58,8 @@ router additionalProperties: false, properties: { setting_id: { - $ref: 'definitions#/definitions/setting_id' + type: 'string', + minLength: 1 } } }, { @@ -81,7 +83,7 @@ router * Update and existing setting */ .put((req, res, next) => { - apiValidator({$ref: 'endpoints/settings#/links/1/schema'}, req.body) + apiValidator(schema.getValidationSchema('/settings/{settingID}', 'put'), req.body) .then((payload) => { payload.id = req.params.setting_id; return internalSetting.update(res.locals.access, payload); diff --git a/backend/routes/api/tokens.js b/backend/routes/tokens.js similarity index 70% rename from backend/routes/api/tokens.js rename to backend/routes/tokens.js index a21f998ae..72d01d41d 100644 --- a/backend/routes/api/tokens.js +++ b/backend/routes/tokens.js @@ -1,7 +1,8 @@ const express = require('express'); -const jwtdecode = require('../../lib/express/jwt-decode'); -const internalToken = require('../../internal/token'); -const apiValidator = require('../../lib/validator/api'); +const jwtdecode = require('../lib/express/jwt-decode'); +const apiValidator = require('../lib/validator/api'); +const internalToken = require('../internal/token'); +const schema = require('../schema'); let router = express.Router({ caseSensitive: true, @@ -11,7 +12,7 @@ let router = express.Router({ router .route('/') - .options((req, res) => { + .options((_, res) => { res.sendStatus(204); }) @@ -39,11 +40,9 @@ router * * Create a new Token */ - .post((req, res, next) => { - apiValidator({$ref: 'endpoints/tokens#/links/0/schema'}, req.body) - .then((payload) => { - return internalToken.getTokenFromEmail(payload); - }) + .post(async (req, res, next) => { + apiValidator(schema.getValidationSchema('/tokens', 'post'), req.body) + .then(internalToken.getTokenFromEmail) .then((data) => { res.status(200) .send(data); diff --git a/backend/routes/api/users.js b/backend/routes/users.js similarity index 79% rename from backend/routes/api/users.js rename to backend/routes/users.js index 1c6bd0ad2..475156675 100644 --- a/backend/routes/api/users.js +++ b/backend/routes/users.js @@ -1,9 +1,10 @@ const express = require('express'); -const validator = require('../../lib/validator'); -const jwtdecode = require('../../lib/express/jwt-decode'); -const userIdFromMe = require('../../lib/express/user-id-from-me'); -const internalUser = require('../../internal/user'); -const apiValidator = require('../../lib/validator/api'); +const validator = require('../lib/validator'); +const jwtdecode = require('../lib/express/jwt-decode'); +const userIdFromMe = require('../lib/express/user-id-from-me'); +const internalUser = require('../internal/user'); +const apiValidator = require('../lib/validator/api'); +const schema = require('../schema'); let router = express.Router({ caseSensitive: true, @@ -16,7 +17,7 @@ let router = express.Router({ */ router .route('/') - .options((req, res) => { + .options((_, res) => { res.sendStatus(204); }) .all(jwtdecode()) @@ -31,10 +32,10 @@ router additionalProperties: false, properties: { expand: { - $ref: 'definitions#/definitions/expand' + $ref: 'common#/definitions/expand' }, query: { - $ref: 'definitions#/definitions/query' + $ref: 'common#/definitions/query' } } }, { @@ -48,7 +49,11 @@ router res.status(200) .send(users); }) - .catch(next); + .catch((err) => { + console.log(err); + next(err); + }); + //.catch(next); }) /** @@ -57,7 +62,7 @@ router * Create a new User */ .post((req, res, next) => { - apiValidator({$ref: 'endpoints/users#/links/1/schema'}, req.body) + apiValidator(schema.getValidationSchema('/users', 'post'), req.body) .then((payload) => { return internalUser.create(res.locals.access, payload); }) @@ -75,7 +80,7 @@ router */ router .route('/:user_id') - .options((req, res) => { + .options((_, res) => { res.sendStatus(204); }) .all(jwtdecode()) @@ -92,10 +97,10 @@ router additionalProperties: false, properties: { user_id: { - $ref: 'definitions#/definitions/id' + $ref: 'common#/definitions/id' }, expand: { - $ref: 'definitions#/definitions/expand' + $ref: 'common#/definitions/expand' } } }, { @@ -113,7 +118,10 @@ router res.status(200) .send(user); }) - .catch(next); + .catch((err) => { + console.log(err); + next(err); + }); }) /** @@ -122,7 +130,7 @@ router * Update and existing user */ .put((req, res, next) => { - apiValidator({$ref: 'endpoints/users#/links/2/schema'}, req.body) + apiValidator(schema.getValidationSchema('/users/{userID}', 'put'), req.body) .then((payload) => { payload.id = req.params.user_id; return internalUser.update(res.locals.access, payload); @@ -167,7 +175,7 @@ router * Update password for a user */ .put((req, res, next) => { - apiValidator({$ref: 'endpoints/users#/links/4/schema'}, req.body) + apiValidator(schema.getValidationSchema('/users/{userID}/auth', 'put'), req.body) .then((payload) => { payload.id = req.params.user_id; return internalUser.setPassword(res.locals.access, payload); @@ -198,7 +206,7 @@ router * Set some or all permissions for a user */ .put((req, res, next) => { - apiValidator({$ref: 'endpoints/users#/links/5/schema'}, req.body) + apiValidator(schema.getValidationSchema('/users/{userID}/permissions', 'put'), req.body) .then((payload) => { payload.id = req.params.user_id; return internalUser.setPermissions(res.locals.access, payload); @@ -217,7 +225,7 @@ router */ router .route('/:user_id/login') - .options((req, res) => { + .options((_, res) => { res.sendStatus(204); }) .all(jwtdecode()) diff --git a/backend/schema/common.json b/backend/schema/common.json new file mode 100644 index 000000000..dd8247a4b --- /dev/null +++ b/backend/schema/common.json @@ -0,0 +1,128 @@ +{ + "$schema": "http://json-schema.org/draft-07/schema#", + "$id": "common", + "definitions": { + "id": { + "description": "Unique identifier", + "example": 123456, + "readOnly": true, + "type": "integer", + "minimum": 1 + }, + "expand": { + "anyOf": [ + { + "type": "null" + }, + { + "type": "array", + "minItems": 1, + "items": { + "type": "string" + } + } + ] + }, + "query": { + "anyOf": [ + { + "type": "null" + }, + { + "type": "string", + "minLength": 1, + "maxLength": 255 + } + ] + }, + "created_on": { + "description": "Date and time of creation", + "format": "date-time", + "readOnly": true, + "type": "string" + }, + "modified_on": { + "description": "Date and time of last update", + "format": "date-time", + "readOnly": true, + "type": "string" + }, + "user_id": { + "description": "User ID", + "example": 1234, + "type": "integer", + "minimum": 1 + }, + "certificate_id": { + "description": "Certificate ID", + "example": 1234, + "anyOf": [ + { + "type": "integer", + "minimum": 0 + }, + { + "type": "string", + "pattern": "^new$" + } + ] + }, + "access_list_id": { + "description": "Access List ID", + "example": 1234, + "type": "integer", + "minimum": 0 + }, + "domain_names": { + "description": "Domain Names separated by a comma", + "example": "*.jc21.com,blog.jc21.com", + "type": "array", + "minItems": 1, + "maxItems": 100, + "uniqueItems": true, + "items": { + "type": "string", + "pattern": "^(?:\\*\\.)?(?:[^.*]+\\.?)+[^.]$" + } + }, + "enabled": { + "description": "Is Enabled", + "example": true, + "type": "boolean" + }, + "ssl_forced": { + "description": "Is SSL Forced", + "example": false, + "type": "boolean" + }, + "hsts_enabled": { + "description": "Is HSTS Enabled", + "example": false, + "type": "boolean" + }, + "hsts_subdomains": { + "description": "Is HSTS applicable to all subdomains", + "example": false, + "type": "boolean" + }, + "ssl_provider": { + "type": "string", + "pattern": "^(letsencrypt|other)$" + }, + "http2_support": { + "description": "HTTP2 Protocol Support", + "example": false, + "type": "boolean" + }, + "block_exploits": { + "description": "Should we block common exploits", + "example": true, + "type": "boolean" + }, + "caching_enabled": { + "description": "Should we cache assets", + "example": true, + "type": "boolean" + } + } +} diff --git a/backend/schema/components/access-list-object.json b/backend/schema/components/access-list-object.json new file mode 100644 index 000000000..c6ed51a58 --- /dev/null +++ b/backend/schema/components/access-list-object.json @@ -0,0 +1,53 @@ +{ + "type": "object", + "description": "Access List object", + "required": ["id", "created_on", "modified_on", "owner_user_id", "name", "directive", "address", "satisfy_any", "pass_auth", "meta"], + "additionalProperties": false, + "properties": { + "id": { + "$ref": "../common.json#/definitions/id" + }, + "created_on": { + "$ref": "../common.json#/definitions/created_on" + }, + "modified_on": { + "$ref": "../common.json#/definitions/modified_on" + }, + "owner_user_id": { + "$ref": "../common.json#/definitions/user_id" + }, + "name": { + "type": "string", + "minLength": 1 + }, + "directive": { + "type": "string", + "enum": ["allow", "deny"] + }, + "address": { + "oneOf": [ + { + "type": "string", + "pattern": "^([0-9]{1,3}\\.){3}[0-9]{1,3}(/([0-9]|[1-2][0-9]|3[0-2]))?$" + }, + { + "type": "string", + "pattern": "^s*((([0-9A-Fa-f]{1,4}:){7}([0-9A-Fa-f]{1,4}|:))|(([0-9A-Fa-f]{1,4}:){6}(:[0-9A-Fa-f]{1,4}|((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3})|:))|(([0-9A-Fa-f]{1,4}:){5}(((:[0-9A-Fa-f]{1,4}){1,2})|:((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3})|:))|(([0-9A-Fa-f]{1,4}:){4}(((:[0-9A-Fa-f]{1,4}){1,3})|((:[0-9A-Fa-f]{1,4})?:((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3}))|:))|(([0-9A-Fa-f]{1,4}:){3}(((:[0-9A-Fa-f]{1,4}){1,4})|((:[0-9A-Fa-f]{1,4}){0,2}:((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3}))|:))|(([0-9A-Fa-f]{1,4}:){2}(((:[0-9A-Fa-f]{1,4}){1,5})|((:[0-9A-Fa-f]{1,4}){0,3}:((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3}))|:))|(([0-9A-Fa-f]{1,4}:){1}(((:[0-9A-Fa-f]{1,4}){1,6})|((:[0-9A-Fa-f]{1,4}){0,4}:((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3}))|:))|(:(((:[0-9A-Fa-f]{1,4}){1,7})|((:[0-9A-Fa-f]{1,4}){0,5}:((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3}))|:)))(%.+)?s*(/([0-9]|[1-9][0-9]|1[0-1][0-9]|12[0-8]))?$" + }, + { + "type": "string", + "pattern": "^all$" + } + ] + }, + "satisfy_any": { + "type": "boolean" + }, + "pass_auth": { + "type": "boolean" + }, + "meta": { + "type": "object" + } + } +} diff --git a/backend/schema/components/audit-log-object.json b/backend/schema/components/audit-log-object.json new file mode 100644 index 000000000..f38606e12 --- /dev/null +++ b/backend/schema/components/audit-log-object.json @@ -0,0 +1,32 @@ +{ + "type": "object", + "description": "Audit Log object", + "required": ["id", "created_on", "modified_on", "user_id", "object_type", "object_id", "action", "meta"], + "additionalProperties": false, + "properties": { + "id": { + "$ref": "../common.json#/definitions/id" + }, + "created_on": { + "$ref": "../common.json#/definitions/created_on" + }, + "modified_on": { + "$ref": "../common.json#/definitions/modified_on" + }, + "user_id": { + "$ref": "../common.json#/definitions/user_id" + }, + "object_type": { + "type": "string" + }, + "object_id": { + "$ref": "../common.json#/definitions/id" + }, + "action": { + "type": "string" + }, + "meta": { + "type": "object" + } + } +} diff --git a/backend/schema/components/certificate-list.json b/backend/schema/components/certificate-list.json new file mode 100644 index 000000000..cec4db82c --- /dev/null +++ b/backend/schema/components/certificate-list.json @@ -0,0 +1,7 @@ +{ + "type": "array", + "description": "Certificates list", + "items": { + "$ref": "./certificate-object.json" + } +} diff --git a/backend/schema/components/certificate-object.json b/backend/schema/components/certificate-object.json new file mode 100644 index 000000000..8e6a28523 --- /dev/null +++ b/backend/schema/components/certificate-object.json @@ -0,0 +1,66 @@ +{ + "type": "object", + "description": "Certificate object", + "required": ["id", "created_on", "modified_on", "owner_user_id", "provider", "nice_name", "domain_names", "expires_on", "meta"], + "additionalProperties": false, + "properties": { + "id": { + "$ref": "../common.json#/definitions/id" + }, + "created_on": { + "$ref": "../common.json#/definitions/created_on" + }, + "modified_on": { + "$ref": "../common.json#/definitions/modified_on" + }, + "owner_user_id": { + "$ref": "../common.json#/definitions/user_id" + }, + "provider": { + "$ref": "../common.json#/definitions/ssl_provider" + }, + "nice_name": { + "type": "string", + "description": "Nice Name for the custom certificate" + }, + "domain_names": { + "$ref": "../common.json#/definitions/domain_names" + }, + "expires_on": { + "description": "Date and time of expiration", + "format": "date-time", + "readOnly": true, + "type": "string" + }, + "meta": { + "type": "object", + "additionalProperties": false, + "properties": { + "letsencrypt_email": { + "type": "string", + "format": "email" + }, + "letsencrypt_agree": { + "type": "boolean" + }, + "dns_challenge": { + "type": "boolean" + }, + "dns_provider": { + "type": "string" + }, + "dns_provider_credentials": { + "type": "string" + }, + "propagation_seconds": { + "anyOf": [ + { + "type": "integer", + "minimum": 0 + } + ] + } + } + } + } +} diff --git a/backend/schema/components/dead-host-list.json b/backend/schema/components/dead-host-list.json new file mode 100644 index 000000000..56ff303ba --- /dev/null +++ b/backend/schema/components/dead-host-list.json @@ -0,0 +1,7 @@ +{ + "type": "array", + "description": "404 Hosts list", + "items": { + "$ref": "./dead-host-object.json" + } +} diff --git a/backend/schema/components/dead-host-object.json b/backend/schema/components/dead-host-object.json new file mode 100644 index 000000000..84ad17793 --- /dev/null +++ b/backend/schema/components/dead-host-object.json @@ -0,0 +1,47 @@ +{ + "type": "object", + "description": "404 Host object", + "required": ["id", "created_on", "modified_on", "owner_user_id", "domain_names", "certificate_id", "ssl_forced", "hsts_enabled", "hsts_subdomains", "http2_support", "advanced_config", "enabled", "meta"], + "additionalProperties": false, + "properties": { + "id": { + "$ref": "../common.json#/definitions/id" + }, + "created_on": { + "$ref": "../common.json#/definitions/created_on" + }, + "modified_on": { + "$ref": "../common.json#/definitions/modified_on" + }, + "owner_user_id": { + "$ref": "../common.json#/definitions/user_id" + }, + "domain_names": { + "$ref": "../common.json#/definitions/domain_names" + }, + "certificate_id": { + "$ref": "../common.json#/definitions/certificate_id" + }, + "ssl_forced": { + "$ref": "../common.json#/definitions/ssl_forced" + }, + "hsts_enabled": { + "$ref": "../common.json#/definitions/hsts_enabled" + }, + "hsts_subdomains": { + "$ref": "../common.json#/definitions/hsts_subdomains" + }, + "http2_support": { + "$ref": "../common.json#/definitions/http2_support" + }, + "advanced_config": { + "type": "string" + }, + "enabled": { + "$ref": "../common.json#/definitions/enabled" + }, + "meta": { + "type": "object" + } + } +} diff --git a/backend/schema/components/error-object.json b/backend/schema/components/error-object.json new file mode 100644 index 000000000..c2540cf1f --- /dev/null +++ b/backend/schema/components/error-object.json @@ -0,0 +1,14 @@ +{ + "type": "object", + "description": "Error object", + "additionalProperties": false, + "required": ["code", "message"], + "properties": { + "code": { + "type": "integer" + }, + "message": { + "type": "string" + } + } +} diff --git a/backend/schema/components/health-object.json b/backend/schema/components/health-object.json new file mode 100644 index 000000000..8d223417b --- /dev/null +++ b/backend/schema/components/health-object.json @@ -0,0 +1,38 @@ +{ + "type": "object", + "description": "Health object", + "additionalProperties": false, + "required": ["status", "version"], + "properties": { + "status": { + "type": "string", + "description": "Healthy", + "example": "OK" + }, + "version": { + "type": "object", + "description": "The version object", + "example": { + "major": 2, + "minor": 0, + "revision": 0 + }, + "additionalProperties": false, + "required": ["major", "minor", "revision"], + "properties": { + "major": { + "type": "integer", + "minimum": 0 + }, + "minor": { + "type": "integer", + "minimum": 0 + }, + "revision": { + "type": "integer", + "minimum": 0 + } + } + } + } +} diff --git a/backend/schema/components/permission-object.json b/backend/schema/components/permission-object.json new file mode 100644 index 000000000..b852a014d --- /dev/null +++ b/backend/schema/components/permission-object.json @@ -0,0 +1,41 @@ +{ + "type": "object", + "minProperties": 1, + "properties": { + "visibility": { + "type": "string", + "description": "Visibility Type", + "enum": ["all", "user"] + }, + "access_lists": { + "type": "string", + "description": "Access Lists Permissions", + "enum": ["hidden", "view", "manage"] + }, + "dead_hosts": { + "type": "string", + "description": "404 Hosts Permissions", + "enum": ["hidden", "view", "manage"] + }, + "proxy_hosts": { + "type": "string", + "description": "Proxy Hosts Permissions", + "enum": ["hidden", "view", "manage"] + }, + "redirection_hosts": { + "type": "string", + "description": "Redirection Permissions", + "enum": ["hidden", "view", "manage"] + }, + "streams": { + "type": "string", + "description": "Streams Permissions", + "enum": ["hidden", "view", "manage"] + }, + "certificates": { + "type": "string", + "description": "Certificates Permissions", + "enum": ["hidden", "view", "manage"] + } + } +} diff --git a/backend/schema/components/proxy-host-list.json b/backend/schema/components/proxy-host-list.json new file mode 100644 index 000000000..39789b4a7 --- /dev/null +++ b/backend/schema/components/proxy-host-list.json @@ -0,0 +1,7 @@ +{ + "type": "array", + "description": "Proxy Hosts list", + "items": { + "$ref": "./proxy-host-object.json" + } +} diff --git a/backend/schema/components/proxy-host-object.json b/backend/schema/components/proxy-host-object.json new file mode 100644 index 000000000..18414bd4c --- /dev/null +++ b/backend/schema/components/proxy-host-object.json @@ -0,0 +1,148 @@ +{ + "type": "object", + "description": "Proxy Host object", + "required": [ + "id", + "created_on", + "modified_on", + "owner_user_id", + "domain_names", + "forward_host", + "forward_port", + "access_list_id", + "certificate_id", + "ssl_forced", + "caching_enabled", + "block_exploits", + "advanced_config", + "meta", + "allow_websocket_upgrade", + "http2_support", + "forward_scheme", + "enabled", + "locations", + "hsts_enabled", + "hsts_subdomains", + "certificate", + "use_default_location", + "ipv6" + ], + "additionalProperties": false, + "properties": { + "id": { + "$ref": "../common.json#/definitions/id" + }, + "created_on": { + "$ref": "../common.json#/definitions/created_on" + }, + "modified_on": { + "$ref": "../common.json#/definitions/modified_on" + }, + "owner_user_id": { + "$ref": "../common.json#/definitions/user_id" + }, + "domain_names": { + "$ref": "../common.json#/definitions/domain_names" + }, + "forward_host": { + "type": "string", + "minLength": 1, + "maxLength": 255 + }, + "forward_port": { + "type": "integer", + "minimum": 1, + "maximum": 65535 + }, + "access_list_id": { + "$ref": "../common.json#/definitions/access_list_id" + }, + "certificate_id": { + "$ref": "../common.json#/definitions/certificate_id" + }, + "ssl_forced": { + "$ref": "../common.json#/definitions/ssl_forced" + }, + "caching_enabled": { + "$ref": "../common.json#/definitions/caching_enabled" + }, + "block_exploits": { + "$ref": "../common.json#/definitions/block_exploits" + }, + "advanced_config": { + "type": "string" + }, + "meta": { + "type": "object" + }, + "allow_websocket_upgrade": { + "description": "Allow Websocket Upgrade for all paths", + "example": true, + "type": "boolean" + }, + "http2_support": { + "$ref": "../common.json#/definitions/http2_support" + }, + "forward_scheme": { + "type": "string", + "enum": ["http", "https"] + }, + "enabled": { + "$ref": "../common.json#/definitions/enabled" + }, + "locations": { + "type": "array", + "minItems": 0, + "items": { + "type": "object", + "required": ["forward_scheme", "forward_host", "forward_port", "path"], + "additionalProperties": false, + "properties": { + "id": { + "type": ["integer", "null"] + }, + "path": { + "type": "string", + "minLength": 1 + }, + "forward_scheme": { + "$ref": "#/properties/forward_scheme" + }, + "forward_host": { + "$ref": "#/properties/forward_host" + }, + "forward_port": { + "$ref": "#/properties/forward_port" + }, + "forward_path": { + "type": "string" + }, + "advanced_config": { + "type": "string" + } + } + } + }, + "hsts_enabled": { + "$ref": "../common.json#/definitions/hsts_enabled" + }, + "hsts_subdomains": { + "$ref": "../common.json#/definitions/hsts_subdomains" + }, + "certificate": { + "$ref": "./certificate-object.json" + }, + "owner": { + "$ref": "./user-object.json" + }, + "access_list": { + "$ref": "./access-list-object.json" + }, + "use_default_location": { + "type": "boolean" + }, + "ipv6": { + "type": "boolean" + } + } +} diff --git a/backend/schema/components/redirection-host-list.json b/backend/schema/components/redirection-host-list.json new file mode 100644 index 000000000..716dcfa1d --- /dev/null +++ b/backend/schema/components/redirection-host-list.json @@ -0,0 +1,7 @@ +{ + "type": "array", + "description": "Redirection Hosts list", + "items": { + "$ref": "./redirection-host-object.json" + } +} diff --git a/backend/schema/components/redirection-host-object.json b/backend/schema/components/redirection-host-object.json new file mode 100644 index 000000000..080b75e59 --- /dev/null +++ b/backend/schema/components/redirection-host-object.json @@ -0,0 +1,72 @@ +{ + "type": "object", + "description": "Redirection Host object", + "required": ["id", "created_on", "modified_on", "owner_user_id", "domain_names", "forward_http_code", "forward_scheme", "forward_domain_name", "preserve_path", "certificate_id", "ssl_forced", "hsts_enabled", "hsts_subdomains", "http2_support", "block_exploits", "advanced_config", "enabled", "meta"], + "additionalProperties": false, + "properties": { + "id": { + "$ref": "../common.json#/definitions/id" + }, + "created_on": { + "$ref": "../common.json#/definitions/created_on" + }, + "modified_on": { + "$ref": "../common.json#/definitions/modified_on" + }, + "owner_user_id": { + "$ref": "../common.json#/definitions/user_id" + }, + "domain_names": { + "$ref": "../common.json#/definitions/domain_names" + }, + "forward_http_code": { + "description": "Redirect HTTP Status Code", + "example": 302, + "type": "integer", + "minimum": 300, + "maximum": 308 + }, + "forward_scheme": { + "type": "string", + "enum": ["http", "https"] + }, + "forward_domain_name": { + "description": "Domain Name", + "example": "jc21.com", + "type": "string", + "pattern": "^(?:[^.*]+\\.?)+[^.]$" + }, + "preserve_path": { + "description": "Should the path be preserved", + "example": true, + "type": "boolean" + }, + "certificate_id": { + "$ref": "../common.json#/definitions/certificate_id" + }, + "ssl_forced": { + "$ref": "../common.json#/definitions/ssl_forced" + }, + "hsts_enabled": { + "$ref": "../common.json#/definitions/hsts_enabled" + }, + "hsts_subdomains": { + "$ref": "../common.json#/definitions/hsts_subdomains" + }, + "http2_support": { + "$ref": "../common.json#/definitions/http2_support" + }, + "block_exploits": { + "$ref": "../common.json#/definitions/block_exploits" + }, + "advanced_config": { + "type": "string" + }, + "enabled": { + "$ref": "../common.json#/definitions/enabled" + }, + "meta": { + "type": "object" + } + } +} diff --git a/backend/schema/components/security-schemes.json b/backend/schema/components/security-schemes.json new file mode 100644 index 000000000..82407be3f --- /dev/null +++ b/backend/schema/components/security-schemes.json @@ -0,0 +1,6 @@ +{ + "BearerAuth": { + "type": "http", + "scheme": "bearer" + } +} diff --git a/backend/schema/components/setting-list.json b/backend/schema/components/setting-list.json new file mode 100644 index 000000000..c66f099ea --- /dev/null +++ b/backend/schema/components/setting-list.json @@ -0,0 +1,7 @@ +{ + "type": "array", + "description": "Setting list", + "items": { + "$ref": "./setting-object.json" + } +} diff --git a/backend/schema/components/setting-object.json b/backend/schema/components/setting-object.json new file mode 100644 index 000000000..e08777264 --- /dev/null +++ b/backend/schema/components/setting-object.json @@ -0,0 +1,53 @@ +{ + "type": "object", + "description": "Setting object", + "required": ["id", "name", "description", "value", "meta"], + "additionalProperties": false, + "properties": { + "id": { + "type": "string", + "description": "Setting ID", + "minLength": 1, + "example": "default-site" + }, + "name": { + "type": "string", + "description": "Setting Display Name", + "minLength": 1, + "example": "Default Site" + }, + "description": { + "type": "string", + "description": "Meaningful description", + "minLength": 1, + "example": "What to show when Nginx is hit with an unknown Host" + }, + "value": { + "description": "Value in almost any form", + "example": "congratulations", + "oneOf": [ + { + "type": "string", + "minLength": 1 + }, + { + "type": "integer" + }, + { + "type": "object" + }, + { + "type": "number" + }, + { + "type": "array" + } + ] + }, + "meta": { + "description": "Extra metadata", + "example": {}, + "type": "object" + } + } +} diff --git a/backend/schema/components/stream-list.json b/backend/schema/components/stream-list.json new file mode 100644 index 000000000..39789b4a7 --- /dev/null +++ b/backend/schema/components/stream-list.json @@ -0,0 +1,7 @@ +{ + "type": "array", + "description": "Proxy Hosts list", + "items": { + "$ref": "./proxy-host-object.json" + } +} diff --git a/backend/schema/components/stream-object.json b/backend/schema/components/stream-object.json new file mode 100644 index 000000000..9b92d26dd --- /dev/null +++ b/backend/schema/components/stream-object.json @@ -0,0 +1,60 @@ +{ + "type": "object", + "description": "Stream object", + "required": ["id", "created_on", "modified_on", "owner_user_id", "incoming_port", "forwarding_host", "forwarding_port", "tcp_forwarding", "udp_forwarding", "enabled", "meta"], + "additionalProperties": false, + "properties": { + "id": { + "$ref": "../common.json#/definitions/id" + }, + "created_on": { + "$ref": "../common.json#/definitions/created_on" + }, + "modified_on": { + "$ref": "../common.json#/definitions/modified_on" + }, + "owner_user_id": { + "$ref": "../common.json#/definitions/user_id" + }, + "incoming_port": { + "type": "integer", + "minimum": 1, + "maximum": 65535 + }, + "forwarding_host": { + "anyOf": [ + { + "description": "Domain Name", + "example": "jc21.com", + "type": "string", + "pattern": "^(?:[^.*]+\\.?)+[^.]$" + }, + { + "type": "string", + "format": "ipv4" + }, + { + "type": "string", + "format": "ipv6" + } + ] + }, + "forwarding_port": { + "type": "integer", + "minimum": 1, + "maximum": 65535 + }, + "tcp_forwarding": { + "type": "boolean" + }, + "udp_forwarding": { + "type": "boolean" + }, + "enabled": { + "$ref": "../common.json#/definitions/enabled" + }, + "meta": { + "type": "object" + } + } +} diff --git a/backend/schema/components/token-object.json b/backend/schema/components/token-object.json new file mode 100644 index 000000000..a7044bce9 --- /dev/null +++ b/backend/schema/components/token-object.json @@ -0,0 +1,19 @@ +{ + "type": "object", + "description": "Token object", + "required": ["expires", "token"], + "additionalProperties": false, + "properties": { + "expires": { + "description": "Token Expiry Unix Time", + "example": 1566540249, + "minimum": 1, + "type": "number" + }, + "token": { + "description": "JWT Token", + "example": "eyJhbGciOiJSUzUxMiIsInR5cCI6IkpXVCJ9.ey...xaHKYr3Kk6MvkUjcC4", + "type": "string" + } + } +} diff --git a/backend/schema/components/user-list.json b/backend/schema/components/user-list.json new file mode 100644 index 000000000..c5c0f7116 --- /dev/null +++ b/backend/schema/components/user-list.json @@ -0,0 +1,7 @@ +{ + "type": "array", + "description": "User list", + "items": { + "$ref": "./user-object.json" + } +} diff --git a/backend/schema/components/user-object.json b/backend/schema/components/user-object.json new file mode 100644 index 000000000..7f01a6ac8 --- /dev/null +++ b/backend/schema/components/user-object.json @@ -0,0 +1,61 @@ +{ + "type": "object", + "description": "User object", + "required": ["id", "created_on", "modified_on", "is_disabled", "email", "name", "nickname", "avatar", "roles"], + "additionalProperties": false, + "properties": { + "id": { + "type": "integer", + "description": "User ID", + "minimum": 1, + "example": 1 + }, + "created_on": { + "type": "string", + "description": "Created Date", + "example": "2020-01-30T09:36:08.000Z" + }, + "modified_on": { + "type": "string", + "description": "Modified Date", + "example": "2020-01-30T09:41:04.000Z" + }, + "is_disabled": { + "type": "integer", + "minimum": 0, + "maximum": 1, + "description": "Is user Disabled (0 = false, 1 = true)", + "example": 0 + }, + "email": { + "type": "string", + "description": "Email", + "minLength": 3, + "example": "jc@jc21.com" + }, + "name": { + "type": "string", + "description": "Name", + "minLength": 1, + "example": "Jamie Curnow" + }, + "nickname": { + "type": "string", + "description": "Nickname", + "example": "James" + }, + "avatar": { + "type": "string", + "description": "Gravatar URL based on email, without scheme", + "example": "//www.gravatar.com/avatar/6193176330f8d38747f038c170ddb193?default=mm" + }, + "roles": { + "description": "Roles applied", + "example": ["admin"], + "type": "array", + "items": { + "type": "string" + } + } + } +} diff --git a/backend/schema/definitions.json b/backend/schema/definitions.json deleted file mode 100644 index 640093a08..000000000 --- a/backend/schema/definitions.json +++ /dev/null @@ -1,240 +0,0 @@ -{ - "$schema": "http://json-schema.org/draft-07/schema#", - "$id": "definitions", - "definitions": { - "id": { - "description": "Unique identifier", - "example": 123456, - "readOnly": true, - "type": "integer", - "minimum": 1 - }, - "setting_id": { - "description": "Unique identifier for a Setting", - "example": "default-site", - "readOnly": true, - "type": "string", - "minLength": 2 - }, - "token": { - "type": "string", - "minLength": 10 - }, - "expand": { - "anyOf": [ - { - "type": "null" - }, - { - "type": "array", - "minItems": 1, - "items": { - "type": "string" - } - } - ] - }, - "sort": { - "type": "array", - "minItems": 1, - "items": { - "type": "object", - "required": [ - "field", - "dir" - ], - "additionalProperties": false, - "properties": { - "field": { - "type": "string" - }, - "dir": { - "type": "string", - "pattern": "^(asc|desc)$" - } - } - } - }, - "query": { - "anyOf": [ - { - "type": "null" - }, - { - "type": "string", - "minLength": 1, - "maxLength": 255 - } - ] - }, - "criteria": { - "anyOf": [ - { - "type": "null" - }, - { - "type": "object" - } - ] - }, - "fields": { - "anyOf": [ - { - "type": "null" - }, - { - "type": "array", - "minItems": 1, - "items": { - "type": "string" - } - } - ] - }, - "omit": { - "anyOf": [ - { - "type": "null" - }, - { - "type": "array", - "minItems": 1, - "items": { - "type": "string" - } - } - ] - }, - "created_on": { - "description": "Date and time of creation", - "format": "date-time", - "readOnly": true, - "type": "string" - }, - "modified_on": { - "description": "Date and time of last update", - "format": "date-time", - "readOnly": true, - "type": "string" - }, - "user_id": { - "description": "User ID", - "example": 1234, - "type": "integer", - "minimum": 1 - }, - "certificate_id": { - "description": "Certificate ID", - "example": 1234, - "anyOf": [ - { - "type": "integer", - "minimum": 0 - }, - { - "type": "string", - "pattern": "^new$" - } - ] - }, - "access_list_id": { - "description": "Access List ID", - "example": 1234, - "type": "integer", - "minimum": 0 - }, - "name": { - "type": "string", - "minLength": 1, - "maxLength": 255 - }, - "email": { - "description": "Email Address", - "example": "john@example.com", - "format": "email", - "type": "string", - "minLength": 6, - "maxLength": 100 - }, - "password": { - "description": "Password", - "type": "string", - "minLength": 8, - "maxLength": 255 - }, - "domain_name": { - "description": "Domain Name", - "example": "jc21.com", - "type": "string", - "pattern": "^(?:[^.*]+\\.?)+[^.]$" - }, - "domain_names": { - "description": "Domain Names separated by a comma", - "example": "*.jc21.com,blog.jc21.com", - "type": "array", - "maxItems": 100, - "uniqueItems": true, - "items": { - "type": "string", - "pattern": "^(?:\\*\\.)?(?:[^.*]+\\.?)+[^.]$" - } - }, - "http_code": { - "description": "Redirect HTTP Status Code", - "example": 302, - "type": "integer", - "minimum": 300, - "maximum": 308 - }, - "scheme": { - "description": "RFC Protocol", - "example": "HTTPS or $scheme", - "type": "string", - "minLength": 4 - }, - "enabled": { - "description": "Is Enabled", - "example": true, - "type": "boolean" - }, - "ssl_enabled": { - "description": "Is SSL Enabled", - "example": true, - "type": "boolean" - }, - "ssl_forced": { - "description": "Is SSL Forced", - "example": false, - "type": "boolean" - }, - "hsts_enabled": { - "description": "Is HSTS Enabled", - "example": false, - "type": "boolean" - }, - "hsts_subdomains": { - "description": "Is HSTS applicable to all subdomains", - "example": false, - "type": "boolean" - }, - "ssl_provider": { - "type": "string", - "pattern": "^(letsencrypt|other)$" - }, - "http2_support": { - "description": "HTTP2 Protocol Support", - "example": false, - "type": "boolean" - }, - "block_exploits": { - "description": "Should we block common exploits", - "example": true, - "type": "boolean" - }, - "caching_enabled": { - "description": "Should we cache assets", - "example": true, - "type": "boolean" - } - } -} diff --git a/backend/schema/endpoints/access-lists.json b/backend/schema/endpoints/access-lists.json deleted file mode 100644 index 404e32376..000000000 --- a/backend/schema/endpoints/access-lists.json +++ /dev/null @@ -1,236 +0,0 @@ -{ - "$schema": "http://json-schema.org/draft-07/schema#", - "$id": "endpoints/access-lists", - "title": "Access Lists", - "description": "Endpoints relating to Access Lists", - "stability": "stable", - "type": "object", - "definitions": { - "id": { - "$ref": "../definitions.json#/definitions/id" - }, - "created_on": { - "$ref": "../definitions.json#/definitions/created_on" - }, - "modified_on": { - "$ref": "../definitions.json#/definitions/modified_on" - }, - "name": { - "type": "string", - "description": "Name of the Access List" - }, - "directive": { - "type": "string", - "enum": ["allow", "deny"] - }, - "address": { - "oneOf": [ - { - "type": "string", - "pattern": "^([0-9]{1,3}\\.){3}[0-9]{1,3}(/([0-9]|[1-2][0-9]|3[0-2]))?$" - }, - { - "type": "string", - "pattern": "^s*((([0-9A-Fa-f]{1,4}:){7}([0-9A-Fa-f]{1,4}|:))|(([0-9A-Fa-f]{1,4}:){6}(:[0-9A-Fa-f]{1,4}|((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3})|:))|(([0-9A-Fa-f]{1,4}:){5}(((:[0-9A-Fa-f]{1,4}){1,2})|:((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3})|:))|(([0-9A-Fa-f]{1,4}:){4}(((:[0-9A-Fa-f]{1,4}){1,3})|((:[0-9A-Fa-f]{1,4})?:((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3}))|:))|(([0-9A-Fa-f]{1,4}:){3}(((:[0-9A-Fa-f]{1,4}){1,4})|((:[0-9A-Fa-f]{1,4}){0,2}:((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3}))|:))|(([0-9A-Fa-f]{1,4}:){2}(((:[0-9A-Fa-f]{1,4}){1,5})|((:[0-9A-Fa-f]{1,4}){0,3}:((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3}))|:))|(([0-9A-Fa-f]{1,4}:){1}(((:[0-9A-Fa-f]{1,4}){1,6})|((:[0-9A-Fa-f]{1,4}){0,4}:((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3}))|:))|(:(((:[0-9A-Fa-f]{1,4}){1,7})|((:[0-9A-Fa-f]{1,4}){0,5}:((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3}))|:)))(%.+)?s*(/([0-9]|[1-9][0-9]|1[0-1][0-9]|12[0-8]))?$" - }, - { - "type": "string", - "pattern": "^all$" - } - ] - }, - "satisfy_any": { - "type": "boolean" - }, - "pass_auth": { - "type": "boolean" - }, - "meta": { - "type": "object" - } - }, - "properties": { - "id": { - "$ref": "#/definitions/id" - }, - "created_on": { - "$ref": "#/definitions/created_on" - }, - "modified_on": { - "$ref": "#/definitions/modified_on" - }, - "name": { - "$ref": "#/definitions/name" - }, - "meta": { - "$ref": "#/definitions/meta" - } - }, - "links": [ - { - "title": "List", - "description": "Returns a list of Access Lists", - "href": "/nginx/access-lists", - "access": "private", - "method": "GET", - "rel": "self", - "http_header": { - "$ref": "../examples.json#/definitions/auth_header" - }, - "targetSchema": { - "type": "array", - "items": { - "$ref": "#/properties" - } - } - }, - { - "title": "Create", - "description": "Creates a new Access List", - "href": "/nginx/access-list", - "access": "private", - "method": "POST", - "rel": "create", - "http_header": { - "$ref": "../examples.json#/definitions/auth_header" - }, - "schema": { - "type": "object", - "additionalProperties": false, - "required": ["name"], - "properties": { - "name": { - "$ref": "#/definitions/name" - }, - "satisfy_any": { - "$ref": "#/definitions/satisfy_any" - }, - "pass_auth": { - "$ref": "#/definitions/pass_auth" - }, - "items": { - "type": "array", - "minItems": 0, - "items": { - "type": "object", - "additionalProperties": false, - "properties": { - "username": { - "type": "string", - "minLength": 1 - }, - "password": { - "type": "string", - "minLength": 1 - } - } - } - }, - "clients": { - "type": "array", - "minItems": 0, - "items": { - "type": "object", - "additionalProperties": false, - "properties": { - "address": { - "$ref": "#/definitions/address" - }, - "directive": { - "$ref": "#/definitions/directive" - } - } - } - }, - "meta": { - "$ref": "#/definitions/meta" - } - } - }, - "targetSchema": { - "properties": { - "$ref": "#/properties" - } - } - }, - { - "title": "Update", - "description": "Updates a existing Access List", - "href": "/nginx/access-list/{definitions.identity.example}", - "access": "private", - "method": "PUT", - "rel": "update", - "http_header": { - "$ref": "../examples.json#/definitions/auth_header" - }, - "schema": { - "type": "object", - "additionalProperties": false, - "properties": { - "name": { - "$ref": "#/definitions/name" - }, - "satisfy_any": { - "$ref": "#/definitions/satisfy_any" - }, - "pass_auth": { - "$ref": "#/definitions/pass_auth" - }, - "items": { - "type": "array", - "minItems": 0, - "items": { - "type": "object", - "additionalProperties": false, - "properties": { - "username": { - "type": "string", - "minLength": 1 - }, - "password": { - "type": "string", - "minLength": 0 - } - } - } - }, - "clients": { - "type": "array", - "minItems": 0, - "items": { - "type": "object", - "additionalProperties": false, - "properties": { - "address": { - "$ref": "#/definitions/address" - }, - "directive": { - "$ref": "#/definitions/directive" - } - } - } - } - } - }, - "targetSchema": { - "properties": { - "$ref": "#/properties" - } - } - }, - { - "title": "Delete", - "description": "Deletes a existing Access List", - "href": "/nginx/access-list/{definitions.identity.example}", - "access": "private", - "method": "DELETE", - "rel": "delete", - "http_header": { - "$ref": "../examples.json#/definitions/auth_header" - }, - "targetSchema": { - "type": "boolean" - } - } - ] -} diff --git a/backend/schema/endpoints/certificates.json b/backend/schema/endpoints/certificates.json deleted file mode 100644 index 955ca75c9..000000000 --- a/backend/schema/endpoints/certificates.json +++ /dev/null @@ -1,173 +0,0 @@ -{ - "$schema": "http://json-schema.org/draft-07/schema#", - "$id": "endpoints/certificates", - "title": "Certificates", - "description": "Endpoints relating to Certificates", - "stability": "stable", - "type": "object", - "definitions": { - "id": { - "$ref": "../definitions.json#/definitions/id" - }, - "created_on": { - "$ref": "../definitions.json#/definitions/created_on" - }, - "modified_on": { - "$ref": "../definitions.json#/definitions/modified_on" - }, - "provider": { - "$ref": "../definitions.json#/definitions/ssl_provider" - }, - "nice_name": { - "type": "string", - "description": "Nice Name for the custom certificate" - }, - "domain_names": { - "$ref": "../definitions.json#/definitions/domain_names" - }, - "expires_on": { - "description": "Date and time of expiration", - "format": "date-time", - "readOnly": true, - "type": "string" - }, - "meta": { - "type": "object", - "additionalProperties": false, - "properties": { - "letsencrypt_email": { - "type": "string", - "format": "email" - }, - "letsencrypt_agree": { - "type": "boolean" - }, - "dns_challenge": { - "type": "boolean" - }, - "dns_provider": { - "type": "string" - }, - "dns_provider_credentials": { - "type": "string" - }, - "propagation_seconds": { - "anyOf": [ - { - "type": "integer", - "minimum": 0 - } - ] - - } - } - } - }, - "properties": { - "id": { - "$ref": "#/definitions/id" - }, - "created_on": { - "$ref": "#/definitions/created_on" - }, - "modified_on": { - "$ref": "#/definitions/modified_on" - }, - "provider": { - "$ref": "#/definitions/provider" - }, - "nice_name": { - "$ref": "#/definitions/nice_name" - }, - "domain_names": { - "$ref": "#/definitions/domain_names" - }, - "expires_on": { - "$ref": "#/definitions/expires_on" - }, - "meta": { - "$ref": "#/definitions/meta" - } - }, - "links": [ - { - "title": "List", - "description": "Returns a list of Certificates", - "href": "/nginx/certificates", - "access": "private", - "method": "GET", - "rel": "self", - "http_header": { - "$ref": "../examples.json#/definitions/auth_header" - }, - "targetSchema": { - "type": "array", - "items": { - "$ref": "#/properties" - } - } - }, - { - "title": "Create", - "description": "Creates a new Certificate", - "href": "/nginx/certificates", - "access": "private", - "method": "POST", - "rel": "create", - "http_header": { - "$ref": "../examples.json#/definitions/auth_header" - }, - "schema": { - "type": "object", - "additionalProperties": false, - "required": [ - "provider" - ], - "properties": { - "provider": { - "$ref": "#/definitions/provider" - }, - "nice_name": { - "$ref": "#/definitions/nice_name" - }, - "domain_names": { - "$ref": "#/definitions/domain_names" - }, - "meta": { - "$ref": "#/definitions/meta" - } - } - }, - "targetSchema": { - "properties": { - "$ref": "#/properties" - } - } - }, - { - "title": "Delete", - "description": "Deletes a existing Certificate", - "href": "/nginx/certificates/{definitions.identity.example}", - "access": "private", - "method": "DELETE", - "rel": "delete", - "http_header": { - "$ref": "../examples.json#/definitions/auth_header" - }, - "targetSchema": { - "type": "boolean" - } - }, - { - "title": "Test HTTP Challenge", - "description": "Tests whether the HTTP challenge should work", - "href": "/nginx/certificates/{definitions.identity.example}/test-http", - "access": "private", - "method": "GET", - "rel": "info", - "http_header": { - "$ref": "../examples.json#/definitions/auth_header" - } - } - ] -} diff --git a/backend/schema/endpoints/dead-hosts.json b/backend/schema/endpoints/dead-hosts.json deleted file mode 100644 index 0c73c3be1..000000000 --- a/backend/schema/endpoints/dead-hosts.json +++ /dev/null @@ -1,240 +0,0 @@ -{ - "$schema": "http://json-schema.org/draft-07/schema#", - "$id": "endpoints/dead-hosts", - "title": "404 Hosts", - "description": "Endpoints relating to 404 Hosts", - "stability": "stable", - "type": "object", - "definitions": { - "id": { - "$ref": "../definitions.json#/definitions/id" - }, - "created_on": { - "$ref": "../definitions.json#/definitions/created_on" - }, - "modified_on": { - "$ref": "../definitions.json#/definitions/modified_on" - }, - "domain_names": { - "$ref": "../definitions.json#/definitions/domain_names" - }, - "certificate_id": { - "$ref": "../definitions.json#/definitions/certificate_id" - }, - "ssl_forced": { - "$ref": "../definitions.json#/definitions/ssl_forced" - }, - "hsts_enabled": { - "$ref": "../definitions.json#/definitions/hsts_enabled" - }, - "hsts_subdomains": { - "$ref": "../definitions.json#/definitions/hsts_subdomains" - }, - "http2_support": { - "$ref": "../definitions.json#/definitions/http2_support" - }, - "advanced_config": { - "type": "string" - }, - "enabled": { - "$ref": "../definitions.json#/definitions/enabled" - }, - "meta": { - "type": "object" - } - }, - "properties": { - "id": { - "$ref": "#/definitions/id" - }, - "created_on": { - "$ref": "#/definitions/created_on" - }, - "modified_on": { - "$ref": "#/definitions/modified_on" - }, - "domain_names": { - "$ref": "#/definitions/domain_names" - }, - "certificate_id": { - "$ref": "#/definitions/certificate_id" - }, - "ssl_forced": { - "$ref": "#/definitions/ssl_forced" - }, - "hsts_enabled": { - "$ref": "#/definitions/hsts_enabled" - }, - "hsts_subdomains": { - "$ref": "#/definitions/hsts_subdomains" - }, - "http2_support": { - "$ref": "#/definitions/http2_support" - }, - "advanced_config": { - "$ref": "#/definitions/advanced_config" - }, - "enabled": { - "$ref": "#/definitions/enabled" - }, - "meta": { - "$ref": "#/definitions/meta" - } - }, - "links": [ - { - "title": "List", - "description": "Returns a list of 404 Hosts", - "href": "/nginx/dead-hosts", - "access": "private", - "method": "GET", - "rel": "self", - "http_header": { - "$ref": "../examples.json#/definitions/auth_header" - }, - "targetSchema": { - "type": "array", - "items": { - "$ref": "#/properties" - } - } - }, - { - "title": "Create", - "description": "Creates a new 404 Host", - "href": "/nginx/dead-hosts", - "access": "private", - "method": "POST", - "rel": "create", - "http_header": { - "$ref": "../examples.json#/definitions/auth_header" - }, - "schema": { - "type": "object", - "additionalProperties": false, - "required": [ - "domain_names" - ], - "properties": { - "domain_names": { - "$ref": "#/definitions/domain_names" - }, - "certificate_id": { - "$ref": "#/definitions/certificate_id" - }, - "ssl_forced": { - "$ref": "#/definitions/ssl_forced" - }, - "hsts_enabled": { - "$ref": "#/definitions/hsts_enabled" - }, - "hsts_subdomains": { - "$ref": "#/definitions/hsts_enabled" - }, - "http2_support": { - "$ref": "#/definitions/http2_support" - }, - "advanced_config": { - "$ref": "#/definitions/advanced_config" - }, - "meta": { - "$ref": "#/definitions/meta" - } - } - }, - "targetSchema": { - "properties": { - "$ref": "#/properties" - } - } - }, - { - "title": "Update", - "description": "Updates a existing 404 Host", - "href": "/nginx/dead-hosts/{definitions.identity.example}", - "access": "private", - "method": "PUT", - "rel": "update", - "http_header": { - "$ref": "../examples.json#/definitions/auth_header" - }, - "schema": { - "type": "object", - "additionalProperties": false, - "properties": { - "domain_names": { - "$ref": "#/definitions/domain_names" - }, - "certificate_id": { - "$ref": "#/definitions/certificate_id" - }, - "ssl_forced": { - "$ref": "#/definitions/ssl_forced" - }, - "hsts_enabled": { - "$ref": "#/definitions/hsts_enabled" - }, - "hsts_subdomains": { - "$ref": "#/definitions/hsts_enabled" - }, - "http2_support": { - "$ref": "#/definitions/http2_support" - }, - "advanced_config": { - "$ref": "#/definitions/advanced_config" - }, - "meta": { - "$ref": "#/definitions/meta" - } - } - }, - "targetSchema": { - "properties": { - "$ref": "#/properties" - } - } - }, - { - "title": "Delete", - "description": "Deletes a existing 404 Host", - "href": "/nginx/dead-hosts/{definitions.identity.example}", - "access": "private", - "method": "DELETE", - "rel": "delete", - "http_header": { - "$ref": "../examples.json#/definitions/auth_header" - }, - "targetSchema": { - "type": "boolean" - } - }, - { - "title": "Enable", - "description": "Enables a existing 404 Host", - "href": "/nginx/dead-hosts/{definitions.identity.example}/enable", - "access": "private", - "method": "POST", - "rel": "update", - "http_header": { - "$ref": "../examples.json#/definitions/auth_header" - }, - "targetSchema": { - "type": "boolean" - } - }, - { - "title": "Disable", - "description": "Disables a existing 404 Host", - "href": "/nginx/dead-hosts/{definitions.identity.example}/disable", - "access": "private", - "method": "POST", - "rel": "update", - "http_header": { - "$ref": "../examples.json#/definitions/auth_header" - }, - "targetSchema": { - "type": "boolean" - } - } - ] -} diff --git a/backend/schema/endpoints/proxy-hosts.json b/backend/schema/endpoints/proxy-hosts.json deleted file mode 100644 index 9a3fff2fc..000000000 --- a/backend/schema/endpoints/proxy-hosts.json +++ /dev/null @@ -1,387 +0,0 @@ -{ - "$schema": "http://json-schema.org/draft-07/schema#", - "$id": "endpoints/proxy-hosts", - "title": "Proxy Hosts", - "description": "Endpoints relating to Proxy Hosts", - "stability": "stable", - "type": "object", - "definitions": { - "id": { - "$ref": "../definitions.json#/definitions/id" - }, - "created_on": { - "$ref": "../definitions.json#/definitions/created_on" - }, - "modified_on": { - "$ref": "../definitions.json#/definitions/modified_on" - }, - "domain_names": { - "$ref": "../definitions.json#/definitions/domain_names" - }, - "forward_scheme": { - "type": "string", - "enum": ["http", "https"] - }, - "forward_host": { - "type": "string", - "minLength": 1, - "maxLength": 255 - }, - "forward_port": { - "type": "integer", - "minimum": 1, - "maximum": 65535 - }, - "certificate_id": { - "$ref": "../definitions.json#/definitions/certificate_id" - }, - "ssl_forced": { - "$ref": "../definitions.json#/definitions/ssl_forced" - }, - "hsts_enabled": { - "$ref": "../definitions.json#/definitions/hsts_enabled" - }, - "hsts_subdomains": { - "$ref": "../definitions.json#/definitions/hsts_subdomains" - }, - "http2_support": { - "$ref": "../definitions.json#/definitions/http2_support" - }, - "block_exploits": { - "$ref": "../definitions.json#/definitions/block_exploits" - }, - "caching_enabled": { - "$ref": "../definitions.json#/definitions/caching_enabled" - }, - "allow_websocket_upgrade": { - "description": "Allow Websocket Upgrade for all paths", - "example": true, - "type": "boolean" - }, - "access_list_id": { - "$ref": "../definitions.json#/definitions/access_list_id" - }, - "advanced_config": { - "type": "string" - }, - "enabled": { - "$ref": "../definitions.json#/definitions/enabled" - }, - "meta": { - "type": "object" - }, - "locations": { - "type": "array", - "minItems": 0, - "items": { - "type": "object", - "required": [ - "forward_scheme", - "forward_host", - "forward_port", - "path" - ], - "additionalProperties": false, - "properties": { - "id": { - "type": ["integer", "null"] - }, - "path": { - "type": "string", - "minLength": 1 - }, - "forward_scheme": { - "$ref": "#/definitions/forward_scheme" - }, - "forward_host": { - "$ref": "#/definitions/forward_host" - }, - "forward_port": { - "$ref": "#/definitions/forward_port" - }, - "forward_path": { - "type": "string" - }, - "advanced_config": { - "type": "string" - } - } - } - } - }, - "properties": { - "id": { - "$ref": "#/definitions/id" - }, - "created_on": { - "$ref": "#/definitions/created_on" - }, - "modified_on": { - "$ref": "#/definitions/modified_on" - }, - "domain_names": { - "$ref": "#/definitions/domain_names" - }, - "forward_scheme": { - "$ref": "#/definitions/forward_scheme" - }, - "forward_host": { - "$ref": "#/definitions/forward_host" - }, - "forward_port": { - "$ref": "#/definitions/forward_port" - }, - "certificate_id": { - "$ref": "#/definitions/certificate_id" - }, - "ssl_forced": { - "$ref": "#/definitions/ssl_forced" - }, - "hsts_enabled": { - "$ref": "#/definitions/hsts_enabled" - }, - "hsts_subdomains": { - "$ref": "#/definitions/hsts_subdomains" - }, - "http2_support": { - "$ref": "#/definitions/http2_support" - }, - "block_exploits": { - "$ref": "#/definitions/block_exploits" - }, - "caching_enabled": { - "$ref": "#/definitions/caching_enabled" - }, - "allow_websocket_upgrade": { - "$ref": "#/definitions/allow_websocket_upgrade" - }, - "access_list_id": { - "$ref": "#/definitions/access_list_id" - }, - "advanced_config": { - "$ref": "#/definitions/advanced_config" - }, - "enabled": { - "$ref": "#/definitions/enabled" - }, - "meta": { - "$ref": "#/definitions/meta" - }, - "locations": { - "$ref": "#/definitions/locations" - } - }, - "links": [ - { - "title": "List", - "description": "Returns a list of Proxy Hosts", - "href": "/nginx/proxy-hosts", - "access": "private", - "method": "GET", - "rel": "self", - "http_header": { - "$ref": "../examples.json#/definitions/auth_header" - }, - "targetSchema": { - "type": "array", - "items": { - "$ref": "#/properties" - } - } - }, - { - "title": "Create", - "description": "Creates a new Proxy Host", - "href": "/nginx/proxy-hosts", - "access": "private", - "method": "POST", - "rel": "create", - "http_header": { - "$ref": "../examples.json#/definitions/auth_header" - }, - "schema": { - "type": "object", - "additionalProperties": false, - "required": [ - "domain_names", - "forward_scheme", - "forward_host", - "forward_port" - ], - "properties": { - "domain_names": { - "$ref": "#/definitions/domain_names" - }, - "forward_scheme": { - "$ref": "#/definitions/forward_scheme" - }, - "forward_host": { - "$ref": "#/definitions/forward_host" - }, - "forward_port": { - "$ref": "#/definitions/forward_port" - }, - "certificate_id": { - "$ref": "#/definitions/certificate_id" - }, - "ssl_forced": { - "$ref": "#/definitions/ssl_forced" - }, - "hsts_enabled": { - "$ref": "#/definitions/hsts_enabled" - }, - "hsts_subdomains": { - "$ref": "#/definitions/hsts_enabled" - }, - "http2_support": { - "$ref": "#/definitions/http2_support" - }, - "block_exploits": { - "$ref": "#/definitions/block_exploits" - }, - "caching_enabled": { - "$ref": "#/definitions/caching_enabled" - }, - "allow_websocket_upgrade": { - "$ref": "#/definitions/allow_websocket_upgrade" - }, - "access_list_id": { - "$ref": "#/definitions/access_list_id" - }, - "advanced_config": { - "$ref": "#/definitions/advanced_config" - }, - "enabled": { - "$ref": "#/definitions/enabled" - }, - "meta": { - "$ref": "#/definitions/meta" - }, - "locations": { - "$ref": "#/definitions/locations" - } - } - }, - "targetSchema": { - "properties": { - "$ref": "#/properties" - } - } - }, - { - "title": "Update", - "description": "Updates a existing Proxy Host", - "href": "/nginx/proxy-hosts/{definitions.identity.example}", - "access": "private", - "method": "PUT", - "rel": "update", - "http_header": { - "$ref": "../examples.json#/definitions/auth_header" - }, - "schema": { - "type": "object", - "additionalProperties": false, - "properties": { - "domain_names": { - "$ref": "#/definitions/domain_names" - }, - "forward_scheme": { - "$ref": "#/definitions/forward_scheme" - }, - "forward_host": { - "$ref": "#/definitions/forward_host" - }, - "forward_port": { - "$ref": "#/definitions/forward_port" - }, - "certificate_id": { - "$ref": "#/definitions/certificate_id" - }, - "ssl_forced": { - "$ref": "#/definitions/ssl_forced" - }, - "hsts_enabled": { - "$ref": "#/definitions/hsts_enabled" - }, - "hsts_subdomains": { - "$ref": "#/definitions/hsts_enabled" - }, - "http2_support": { - "$ref": "#/definitions/http2_support" - }, - "block_exploits": { - "$ref": "#/definitions/block_exploits" - }, - "caching_enabled": { - "$ref": "#/definitions/caching_enabled" - }, - "allow_websocket_upgrade": { - "$ref": "#/definitions/allow_websocket_upgrade" - }, - "access_list_id": { - "$ref": "#/definitions/access_list_id" - }, - "advanced_config": { - "$ref": "#/definitions/advanced_config" - }, - "enabled": { - "$ref": "#/definitions/enabled" - }, - "meta": { - "$ref": "#/definitions/meta" - }, - "locations": { - "$ref": "#/definitions/locations" - } - } - }, - "targetSchema": { - "properties": { - "$ref": "#/properties" - } - } - }, - { - "title": "Delete", - "description": "Deletes a existing Proxy Host", - "href": "/nginx/proxy-hosts/{definitions.identity.example}", - "access": "private", - "method": "DELETE", - "rel": "delete", - "http_header": { - "$ref": "../examples.json#/definitions/auth_header" - }, - "targetSchema": { - "type": "boolean" - } - }, - { - "title": "Enable", - "description": "Enables a existing Proxy Host", - "href": "/nginx/proxy-hosts/{definitions.identity.example}/enable", - "access": "private", - "method": "POST", - "rel": "update", - "http_header": { - "$ref": "../examples.json#/definitions/auth_header" - }, - "targetSchema": { - "type": "boolean" - } - }, - { - "title": "Disable", - "description": "Disables a existing Proxy Host", - "href": "/nginx/proxy-hosts/{definitions.identity.example}/disable", - "access": "private", - "method": "POST", - "rel": "update", - "http_header": { - "$ref": "../examples.json#/definitions/auth_header" - }, - "targetSchema": { - "type": "boolean" - } - } - ] -} diff --git a/backend/schema/endpoints/redirection-hosts.json b/backend/schema/endpoints/redirection-hosts.json deleted file mode 100644 index 14a469985..000000000 --- a/backend/schema/endpoints/redirection-hosts.json +++ /dev/null @@ -1,305 +0,0 @@ -{ - "$schema": "http://json-schema.org/draft-07/schema#", - "$id": "endpoints/redirection-hosts", - "title": "Redirection Hosts", - "description": "Endpoints relating to Redirection Hosts", - "stability": "stable", - "type": "object", - "definitions": { - "id": { - "$ref": "../definitions.json#/definitions/id" - }, - "created_on": { - "$ref": "../definitions.json#/definitions/created_on" - }, - "modified_on": { - "$ref": "../definitions.json#/definitions/modified_on" - }, - "domain_names": { - "$ref": "../definitions.json#/definitions/domain_names" - }, - "forward_http_code": { - "$ref": "../definitions.json#/definitions/http_code" - }, - "forward_scheme": { - "$ref": "../definitions.json#/definitions/scheme" - }, - "forward_domain_name": { - "$ref": "../definitions.json#/definitions/domain_name" - }, - "preserve_path": { - "description": "Should the path be preserved", - "example": true, - "type": "boolean" - }, - "certificate_id": { - "$ref": "../definitions.json#/definitions/certificate_id" - }, - "ssl_forced": { - "$ref": "../definitions.json#/definitions/ssl_forced" - }, - "hsts_enabled": { - "$ref": "../definitions.json#/definitions/hsts_enabled" - }, - "hsts_subdomains": { - "$ref": "../definitions.json#/definitions/hsts_subdomains" - }, - "http2_support": { - "$ref": "../definitions.json#/definitions/http2_support" - }, - "block_exploits": { - "$ref": "../definitions.json#/definitions/block_exploits" - }, - "advanced_config": { - "type": "string" - }, - "enabled": { - "$ref": "../definitions.json#/definitions/enabled" - }, - "meta": { - "type": "object" - } - }, - "properties": { - "id": { - "$ref": "#/definitions/id" - }, - "created_on": { - "$ref": "#/definitions/created_on" - }, - "modified_on": { - "$ref": "#/definitions/modified_on" - }, - "domain_names": { - "$ref": "#/definitions/domain_names" - }, - "forward_http_code": { - "$ref": "#/definitions/forward_http_code" - }, - "forward_scheme": { - "$ref": "#/definitions/forward_scheme" - }, - "forward_domain_name": { - "$ref": "#/definitions/forward_domain_name" - }, - "preserve_path": { - "$ref": "#/definitions/preserve_path" - }, - "certificate_id": { - "$ref": "#/definitions/certificate_id" - }, - "ssl_forced": { - "$ref": "#/definitions/ssl_forced" - }, - "hsts_enabled": { - "$ref": "#/definitions/hsts_enabled" - }, - "hsts_subdomains": { - "$ref": "#/definitions/hsts_subdomains" - }, - "http2_support": { - "$ref": "#/definitions/http2_support" - }, - "block_exploits": { - "$ref": "#/definitions/block_exploits" - }, - "advanced_config": { - "$ref": "#/definitions/advanced_config" - }, - "enabled": { - "$ref": "#/definitions/enabled" - }, - "meta": { - "$ref": "#/definitions/meta" - } - }, - "links": [ - { - "title": "List", - "description": "Returns a list of Redirection Hosts", - "href": "/nginx/redirection-hosts", - "access": "private", - "method": "GET", - "rel": "self", - "http_header": { - "$ref": "../examples.json#/definitions/auth_header" - }, - "targetSchema": { - "type": "array", - "items": { - "$ref": "#/properties" - } - } - }, - { - "title": "Create", - "description": "Creates a new Redirection Host", - "href": "/nginx/redirection-hosts", - "access": "private", - "method": "POST", - "rel": "create", - "http_header": { - "$ref": "../examples.json#/definitions/auth_header" - }, - "schema": { - "type": "object", - "additionalProperties": false, - "required": [ - "domain_names", - "forward_scheme", - "forward_http_code", - "forward_domain_name" - ], - "properties": { - "domain_names": { - "$ref": "#/definitions/domain_names" - }, - "forward_http_code": { - "$ref": "#/definitions/forward_http_code" - }, - "forward_scheme": { - "$ref": "#/definitions/forward_scheme" - }, - "forward_domain_name": { - "$ref": "#/definitions/forward_domain_name" - }, - "preserve_path": { - "$ref": "#/definitions/preserve_path" - }, - "certificate_id": { - "$ref": "#/definitions/certificate_id" - }, - "ssl_forced": { - "$ref": "#/definitions/ssl_forced" - }, - "hsts_enabled": { - "$ref": "#/definitions/hsts_enabled" - }, - "hsts_subdomains": { - "$ref": "#/definitions/hsts_enabled" - }, - "http2_support": { - "$ref": "#/definitions/http2_support" - }, - "block_exploits": { - "$ref": "#/definitions/block_exploits" - }, - "advanced_config": { - "$ref": "#/definitions/advanced_config" - }, - "meta": { - "$ref": "#/definitions/meta" - } - } - }, - "targetSchema": { - "properties": { - "$ref": "#/properties" - } - } - }, - { - "title": "Update", - "description": "Updates a existing Redirection Host", - "href": "/nginx/redirection-hosts/{definitions.identity.example}", - "access": "private", - "method": "PUT", - "rel": "update", - "http_header": { - "$ref": "../examples.json#/definitions/auth_header" - }, - "schema": { - "type": "object", - "additionalProperties": false, - "properties": { - "domain_names": { - "$ref": "#/definitions/domain_names" - }, - "forward_http_code": { - "$ref": "#/definitions/forward_http_code" - }, - "forward_scheme": { - "$ref": "#/definitions/forward_scheme" - }, - "forward_domain_name": { - "$ref": "#/definitions/forward_domain_name" - }, - "preserve_path": { - "$ref": "#/definitions/preserve_path" - }, - "certificate_id": { - "$ref": "#/definitions/certificate_id" - }, - "ssl_forced": { - "$ref": "#/definitions/ssl_forced" - }, - "hsts_enabled": { - "$ref": "#/definitions/hsts_enabled" - }, - "hsts_subdomains": { - "$ref": "#/definitions/hsts_enabled" - }, - "http2_support": { - "$ref": "#/definitions/http2_support" - }, - "block_exploits": { - "$ref": "#/definitions/block_exploits" - }, - "advanced_config": { - "$ref": "#/definitions/advanced_config" - }, - "meta": { - "$ref": "#/definitions/meta" - } - } - }, - "targetSchema": { - "properties": { - "$ref": "#/properties" - } - } - }, - { - "title": "Delete", - "description": "Deletes a existing Redirection Host", - "href": "/nginx/redirection-hosts/{definitions.identity.example}", - "access": "private", - "method": "DELETE", - "rel": "delete", - "http_header": { - "$ref": "../examples.json#/definitions/auth_header" - }, - "targetSchema": { - "type": "boolean" - } - }, - { - "title": "Enable", - "description": "Enables a existing Redirection Host", - "href": "/nginx/redirection-hosts/{definitions.identity.example}/enable", - "access": "private", - "method": "POST", - "rel": "update", - "http_header": { - "$ref": "../examples.json#/definitions/auth_header" - }, - "targetSchema": { - "type": "boolean" - } - }, - { - "title": "Disable", - "description": "Disables a existing Redirection Host", - "href": "/nginx/redirection-hosts/{definitions.identity.example}/disable", - "access": "private", - "method": "POST", - "rel": "update", - "http_header": { - "$ref": "../examples.json#/definitions/auth_header" - }, - "targetSchema": { - "type": "boolean" - } - } - ] -} diff --git a/backend/schema/endpoints/settings.json b/backend/schema/endpoints/settings.json deleted file mode 100644 index 29e2865ae..000000000 --- a/backend/schema/endpoints/settings.json +++ /dev/null @@ -1,99 +0,0 @@ -{ - "$schema": "http://json-schema.org/draft-07/schema#", - "$id": "endpoints/settings", - "title": "Settings", - "description": "Endpoints relating to Settings", - "stability": "stable", - "type": "object", - "definitions": { - "id": { - "$ref": "../definitions.json#/definitions/setting_id" - }, - "name": { - "description": "Name", - "example": "Default Site", - "type": "string", - "minLength": 2, - "maxLength": 100 - }, - "description": { - "description": "Description", - "example": "Default Site", - "type": "string", - "minLength": 2, - "maxLength": 255 - }, - "value": { - "description": "Value", - "example": "404", - "type": "string", - "maxLength": 255 - }, - "meta": { - "type": "object" - } - }, - "links": [ - { - "title": "List", - "description": "Returns a list of Settings", - "href": "/settings", - "access": "private", - "method": "GET", - "rel": "self", - "http_header": { - "$ref": "../examples.json#/definitions/auth_header" - }, - "targetSchema": { - "type": "array", - "items": { - "$ref": "#/properties" - } - } - }, - { - "title": "Update", - "description": "Updates a existing Setting", - "href": "/settings/{definitions.identity.example}", - "access": "private", - "method": "PUT", - "rel": "update", - "http_header": { - "$ref": "../examples.json#/definitions/auth_header" - }, - "schema": { - "type": "object", - "properties": { - "value": { - "$ref": "#/definitions/value" - }, - "meta": { - "$ref": "#/definitions/meta" - } - } - }, - "targetSchema": { - "properties": { - "$ref": "#/properties" - } - } - } - ], - "properties": { - "id": { - "$ref": "#/definitions/id" - }, - "name": { - "$ref": "#/definitions/description" - }, - "description": { - "$ref": "#/definitions/description" - }, - "value": { - "$ref": "#/definitions/value" - }, - "meta": { - "$ref": "#/definitions/meta" - } - } -} diff --git a/backend/schema/endpoints/streams.json b/backend/schema/endpoints/streams.json deleted file mode 100644 index 159c8036e..000000000 --- a/backend/schema/endpoints/streams.json +++ /dev/null @@ -1,234 +0,0 @@ -{ - "$schema": "http://json-schema.org/draft-07/schema#", - "$id": "endpoints/streams", - "title": "Streams", - "description": "Endpoints relating to Streams", - "stability": "stable", - "type": "object", - "definitions": { - "id": { - "$ref": "../definitions.json#/definitions/id" - }, - "created_on": { - "$ref": "../definitions.json#/definitions/created_on" - }, - "modified_on": { - "$ref": "../definitions.json#/definitions/modified_on" - }, - "incoming_port": { - "type": "integer", - "minimum": 1, - "maximum": 65535 - }, - "forwarding_host": { - "anyOf": [ - { - "$ref": "../definitions.json#/definitions/domain_name" - }, - { - "type": "string", - "format": "ipv4" - }, - { - "type": "string", - "format": "ipv6" - } - ] - }, - "forwarding_port": { - "type": "integer", - "minimum": 1, - "maximum": 65535 - }, - "tcp_forwarding": { - "type": "boolean" - }, - "udp_forwarding": { - "type": "boolean" - }, - "enabled": { - "$ref": "../definitions.json#/definitions/enabled" - }, - "meta": { - "type": "object" - } - }, - "properties": { - "id": { - "$ref": "#/definitions/id" - }, - "created_on": { - "$ref": "#/definitions/created_on" - }, - "modified_on": { - "$ref": "#/definitions/modified_on" - }, - "incoming_port": { - "$ref": "#/definitions/incoming_port" - }, - "forwarding_host": { - "$ref": "#/definitions/forwarding_host" - }, - "forwarding_port": { - "$ref": "#/definitions/forwarding_port" - }, - "tcp_forwarding": { - "$ref": "#/definitions/tcp_forwarding" - }, - "udp_forwarding": { - "$ref": "#/definitions/udp_forwarding" - }, - "enabled": { - "$ref": "#/definitions/enabled" - }, - "meta": { - "$ref": "#/definitions/meta" - } - }, - "links": [ - { - "title": "List", - "description": "Returns a list of Steams", - "href": "/nginx/streams", - "access": "private", - "method": "GET", - "rel": "self", - "http_header": { - "$ref": "../examples.json#/definitions/auth_header" - }, - "targetSchema": { - "type": "array", - "items": { - "$ref": "#/properties" - } - } - }, - { - "title": "Create", - "description": "Creates a new Stream", - "href": "/nginx/streams", - "access": "private", - "method": "POST", - "rel": "create", - "http_header": { - "$ref": "../examples.json#/definitions/auth_header" - }, - "schema": { - "type": "object", - "additionalProperties": false, - "required": [ - "incoming_port", - "forwarding_host", - "forwarding_port" - ], - "properties": { - "incoming_port": { - "$ref": "#/definitions/incoming_port" - }, - "forwarding_host": { - "$ref": "#/definitions/forwarding_host" - }, - "forwarding_port": { - "$ref": "#/definitions/forwarding_port" - }, - "tcp_forwarding": { - "$ref": "#/definitions/tcp_forwarding" - }, - "udp_forwarding": { - "$ref": "#/definitions/udp_forwarding" - }, - "meta": { - "$ref": "#/definitions/meta" - } - } - }, - "targetSchema": { - "properties": { - "$ref": "#/properties" - } - } - }, - { - "title": "Update", - "description": "Updates a existing Stream", - "href": "/nginx/streams/{definitions.identity.example}", - "access": "private", - "method": "PUT", - "rel": "update", - "http_header": { - "$ref": "../examples.json#/definitions/auth_header" - }, - "schema": { - "type": "object", - "additionalProperties": false, - "properties": { - "incoming_port": { - "$ref": "#/definitions/incoming_port" - }, - "forwarding_host": { - "$ref": "#/definitions/forwarding_host" - }, - "forwarding_port": { - "$ref": "#/definitions/forwarding_port" - }, - "tcp_forwarding": { - "$ref": "#/definitions/tcp_forwarding" - }, - "udp_forwarding": { - "$ref": "#/definitions/udp_forwarding" - }, - "meta": { - "$ref": "#/definitions/meta" - } - } - }, - "targetSchema": { - "properties": { - "$ref": "#/properties" - } - } - }, - { - "title": "Delete", - "description": "Deletes a existing Stream", - "href": "/nginx/streams/{definitions.identity.example}", - "access": "private", - "method": "DELETE", - "rel": "delete", - "http_header": { - "$ref": "../examples.json#/definitions/auth_header" - }, - "targetSchema": { - "type": "boolean" - } - }, - { - "title": "Enable", - "description": "Enables a existing Stream", - "href": "/nginx/streams/{definitions.identity.example}/enable", - "access": "private", - "method": "POST", - "rel": "update", - "http_header": { - "$ref": "../examples.json#/definitions/auth_header" - }, - "targetSchema": { - "type": "boolean" - } - }, - { - "title": "Disable", - "description": "Disables a existing Stream", - "href": "/nginx/streams/{definitions.identity.example}/disable", - "access": "private", - "method": "POST", - "rel": "update", - "http_header": { - "$ref": "../examples.json#/definitions/auth_header" - }, - "targetSchema": { - "type": "boolean" - } - } - ] -} diff --git a/backend/schema/endpoints/tokens.json b/backend/schema/endpoints/tokens.json deleted file mode 100644 index 920af63f4..000000000 --- a/backend/schema/endpoints/tokens.json +++ /dev/null @@ -1,100 +0,0 @@ -{ - "$schema": "http://json-schema.org/draft-07/schema#", - "$id": "endpoints/tokens", - "title": "Token", - "description": "Tokens are required to authenticate against the API", - "stability": "stable", - "type": "object", - "definitions": { - "identity": { - "description": "Email Address or other 3rd party providers identifier", - "example": "john@example.com", - "type": "string" - }, - "secret": { - "description": "A password or key", - "example": "correct horse battery staple", - "type": "string" - }, - "token": { - "description": "JWT", - "example": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.e30.O_frfYM8RzmRsUNigHtu0_jZ_utSejyr1axMGa8rlsk", - "type": "string" - }, - "expires": { - "description": "Token expiry time", - "format": "date-time", - "type": "string" - }, - "scope": { - "description": "Scope of the Token, defaults to 'user'", - "example": "user", - "type": "string" - } - }, - "links": [ - { - "title": "Create", - "description": "Creates a new token.", - "href": "/tokens", - "access": "public", - "method": "POST", - "rel": "create", - "schema": { - "type": "object", - "required": [ - "identity", - "secret" - ], - "properties": { - "identity": { - "$ref": "#/definitions/identity" - }, - "secret": { - "$ref": "#/definitions/secret" - }, - "scope": { - "$ref": "#/definitions/scope" - } - } - }, - "targetSchema": { - "type": "object", - "properties": { - "token": { - "$ref": "#/definitions/token" - }, - "expires": { - "$ref": "#/definitions/expires" - } - } - } - }, - { - "title": "Refresh", - "description": "Returns a new token.", - "href": "/tokens", - "access": "private", - "method": "GET", - "rel": "self", - "http_header": { - "$ref": "../examples.json#/definitions/auth_header" - }, - "schema": {}, - "targetSchema": { - "type": "object", - "properties": { - "token": { - "$ref": "#/definitions/token" - }, - "expires": { - "$ref": "#/definitions/expires" - }, - "scope": { - "$ref": "#/definitions/scope" - } - } - } - } - ] -} diff --git a/backend/schema/endpoints/users.json b/backend/schema/endpoints/users.json deleted file mode 100644 index 42f44eac7..000000000 --- a/backend/schema/endpoints/users.json +++ /dev/null @@ -1,287 +0,0 @@ -{ - "$schema": "http://json-schema.org/draft-07/schema#", - "$id": "endpoints/users", - "title": "Users", - "description": "Endpoints relating to Users", - "stability": "stable", - "type": "object", - "definitions": { - "id": { - "$ref": "../definitions.json#/definitions/id" - }, - "created_on": { - "$ref": "../definitions.json#/definitions/created_on" - }, - "modified_on": { - "$ref": "../definitions.json#/definitions/modified_on" - }, - "name": { - "description": "Name", - "example": "Jamie Curnow", - "type": "string", - "minLength": 2, - "maxLength": 100 - }, - "nickname": { - "description": "Nickname", - "example": "Jamie", - "type": "string", - "minLength": 2, - "maxLength": 50 - }, - "email": { - "$ref": "../definitions.json#/definitions/email" - }, - "avatar": { - "description": "Avatar", - "example": "http://somewhere.jpg", - "type": "string", - "minLength": 2, - "maxLength": 150, - "readOnly": true - }, - "roles": { - "description": "Roles", - "example": [ - "admin" - ], - "type": "array" - }, - "is_disabled": { - "description": "Is Disabled", - "example": false, - "type": "boolean" - } - }, - "links": [ - { - "title": "List", - "description": "Returns a list of Users", - "href": "/users", - "access": "private", - "method": "GET", - "rel": "self", - "http_header": { - "$ref": "../examples.json#/definitions/auth_header" - }, - "targetSchema": { - "type": "array", - "items": { - "$ref": "#/properties" - } - } - }, - { - "title": "Create", - "description": "Creates a new User", - "href": "/users", - "access": "private", - "method": "POST", - "rel": "create", - "http_header": { - "$ref": "../examples.json#/definitions/auth_header" - }, - "schema": { - "type": "object", - "required": [ - "name", - "nickname", - "email" - ], - "properties": { - "name": { - "$ref": "#/definitions/name" - }, - "nickname": { - "$ref": "#/definitions/nickname" - }, - "email": { - "$ref": "#/definitions/email" - }, - "roles": { - "$ref": "#/definitions/roles" - }, - "is_disabled": { - "$ref": "#/definitions/is_disabled" - }, - "auth": { - "type": "object", - "description": "Auth Credentials", - "example": { - "type": "password", - "secret": "bigredhorsebanana" - } - } - } - }, - "targetSchema": { - "properties": { - "$ref": "#/properties" - } - } - }, - { - "title": "Update", - "description": "Updates a existing User", - "href": "/users/{definitions.identity.example}", - "access": "private", - "method": "PUT", - "rel": "update", - "http_header": { - "$ref": "../examples.json#/definitions/auth_header" - }, - "schema": { - "type": "object", - "properties": { - "name": { - "$ref": "#/definitions/name" - }, - "nickname": { - "$ref": "#/definitions/nickname" - }, - "email": { - "$ref": "#/definitions/email" - }, - "roles": { - "$ref": "#/definitions/roles" - }, - "is_disabled": { - "$ref": "#/definitions/is_disabled" - } - } - }, - "targetSchema": { - "properties": { - "$ref": "#/properties" - } - } - }, - { - "title": "Delete", - "description": "Deletes a existing User", - "href": "/users/{definitions.identity.example}", - "access": "private", - "method": "DELETE", - "rel": "delete", - "http_header": { - "$ref": "../examples.json#/definitions/auth_header" - }, - "targetSchema": { - "type": "boolean" - } - }, - { - "title": "Set Password", - "description": "Sets a password for an existing User", - "href": "/users/{definitions.identity.example}/auth", - "access": "private", - "method": "PUT", - "rel": "update", - "http_header": { - "$ref": "../examples.json#/definitions/auth_header" - }, - "schema": { - "type": "object", - "required": [ - "type", - "secret" - ], - "properties": { - "type": { - "type": "string", - "pattern": "^password$" - }, - "current": { - "type": "string", - "minLength": 1, - "maxLength": 64 - }, - "secret": { - "type": "string", - "minLength": 8, - "maxLength": 64 - } - } - }, - "targetSchema": { - "type": "boolean" - } - }, - { - "title": "Set Permissions", - "description": "Sets Permissions for a User", - "href": "/users/{definitions.identity.example}/permissions", - "access": "private", - "method": "PUT", - "rel": "update", - "http_header": { - "$ref": "../examples.json#/definitions/auth_header" - }, - "schema": { - "type": "object", - "properties": { - "visibility": { - "type": "string", - "pattern": "^(all|user)$" - }, - "access_lists": { - "type": "string", - "pattern": "^(hidden|view|manage)$" - }, - "dead_hosts": { - "type": "string", - "pattern": "^(hidden|view|manage)$" - }, - "proxy_hosts": { - "type": "string", - "pattern": "^(hidden|view|manage)$" - }, - "redirection_hosts": { - "type": "string", - "pattern": "^(hidden|view|manage)$" - }, - "streams": { - "type": "string", - "pattern": "^(hidden|view|manage)$" - }, - "certificates": { - "type": "string", - "pattern": "^(hidden|view|manage)$" - } - } - }, - "targetSchema": { - "type": "boolean" - } - } - ], - "properties": { - "id": { - "$ref": "#/definitions/id" - }, - "created_on": { - "$ref": "#/definitions/created_on" - }, - "modified_on": { - "$ref": "#/definitions/modified_on" - }, - "name": { - "$ref": "#/definitions/name" - }, - "nickname": { - "$ref": "#/definitions/nickname" - }, - "email": { - "$ref": "#/definitions/email" - }, - "avatar": { - "$ref": "#/definitions/avatar" - }, - "roles": { - "$ref": "#/definitions/roles" - }, - "is_disabled": { - "$ref": "#/definitions/is_disabled" - } - } -} diff --git a/backend/schema/examples.json b/backend/schema/examples.json deleted file mode 100644 index 37bc6c4d3..000000000 --- a/backend/schema/examples.json +++ /dev/null @@ -1,23 +0,0 @@ -{ - "$schema": "http://json-schema.org/draft-07/schema#", - "$id": "examples", - "type": "object", - "definitions": { - "name": { - "description": "Name", - "example": "John Smith", - "type": "string", - "minLength": 1, - "maxLength": 255 - }, - "auth_header": { - "Authorization": "Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.e30.O_frfYM8RzmRsUNigHtu0_jZ_utSejyr1axMGa8rlsk", - "X-API-Version": "next" - }, - "token": { - "type": "string", - "description": "JWT", - "example": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.e30.O_frfYM8RzmRsUNigHtu0_jZ_utSejyr1axMGa8rlsk" - } - } -} diff --git a/backend/schema/index.js b/backend/schema/index.js new file mode 100644 index 000000000..87b75f257 --- /dev/null +++ b/backend/schema/index.js @@ -0,0 +1,41 @@ +const refParser = require('@apidevtools/json-schema-ref-parser'); + +let compiledSchema = null; + +module.exports = { + + /** + * Compiles the schema, by dereferencing it, only once + * and returns the memory cached value + */ + getCompiledSchema: async () => { + if (compiledSchema === null) { + compiledSchema = await refParser.dereference(__dirname + '/swagger.json', { + mutateInputSchema: false, + }); + } + return compiledSchema; + }, + + /** + * Scans the schema for the validation schema for the given path and method + * and returns it. + * + * @param {string} path + * @param {string} method + * @returns string|null + */ + getValidationSchema: (path, method) => { + if (compiledSchema !== null && + typeof compiledSchema.paths[path] !== 'undefined' && + typeof compiledSchema.paths[path][method] !== 'undefined' && + typeof compiledSchema.paths[path][method].requestBody !== 'undefined' && + typeof compiledSchema.paths[path][method].requestBody.content !== 'undefined' && + typeof compiledSchema.paths[path][method].requestBody.content['application/json'] !== 'undefined' && + typeof compiledSchema.paths[path][method].requestBody.content['application/json'].schema !== 'undefined' + ) { + return compiledSchema.paths[path][method].requestBody.content['application/json'].schema; + } + return null; + } +}; diff --git a/backend/schema/index.json b/backend/schema/index.json deleted file mode 100644 index 6e7d1c8af..000000000 --- a/backend/schema/index.json +++ /dev/null @@ -1,42 +0,0 @@ -{ - "$schema": "http://json-schema.org/draft-07/schema#", - "$id": "root", - "title": "Nginx Proxy Manager REST API", - "description": "This is the Nginx Proxy Manager REST API", - "version": "2.0.0", - "links": [ - { - "href": "http://npm.example.com/api", - "rel": "self" - } - ], - "properties": { - "tokens": { - "$ref": "endpoints/tokens.json" - }, - "users": { - "$ref": "endpoints/users.json" - }, - "proxy-hosts": { - "$ref": "endpoints/proxy-hosts.json" - }, - "redirection-hosts": { - "$ref": "endpoints/redirection-hosts.json" - }, - "dead-hosts": { - "$ref": "endpoints/dead-hosts.json" - }, - "streams": { - "$ref": "endpoints/streams.json" - }, - "certificates": { - "$ref": "endpoints/certificates.json" - }, - "access-lists": { - "$ref": "endpoints/access-lists.json" - }, - "settings": { - "$ref": "endpoints/settings.json" - } - } -} diff --git a/backend/schema/paths/audit-log/get.json b/backend/schema/paths/audit-log/get.json new file mode 100644 index 000000000..bc43e29dd --- /dev/null +++ b/backend/schema/paths/audit-log/get.json @@ -0,0 +1,53 @@ +{ + "operationId": "getAuditLog", + "summary": "Get Audit Log", + "tags": ["Audit Log"], + "security": [ + { + "BearerAuth": ["audit-log"] + } + ], + "responses": { + "200": { + "description": "200 response", + "content": { + "application/json": { + "examples": { + "default": { + "value": [ + { + "id": 7, + "created_on": "2024-10-08T13:09:54.000Z", + "modified_on": "2024-10-08T13:09:54.000Z", + "user_id": 1, + "object_type": "user", + "object_id": 3, + "action": "updated", + "meta": { + "name": "John Doe", + "permissions": { + "user_id": 3, + "visibility": "all", + "access_lists": "manage", + "dead_hosts": "hidden", + "proxy_hosts": "manage", + "redirection_hosts": "view", + "streams": "hidden", + "certificates": "manage", + "id": 3, + "modified_on": "2024-10-08T13:09:54.000Z", + "created_on": "2024-10-08T13:09:51.000Z" + } + } + } + ] + } + }, + "schema": { + "$ref": "../../components/audit-log-object.json" + } + } + } + } + } +} diff --git a/backend/schema/paths/get.json b/backend/schema/paths/get.json new file mode 100644 index 000000000..8c3a4e025 --- /dev/null +++ b/backend/schema/paths/get.json @@ -0,0 +1,29 @@ +{ + "operationId": "health", + "summary": "Returns the API health status", + "tags": ["Public"], + "responses": { + "200": { + "description": "200 response", + "content": { + "application/json": { + "examples": { + "default": { + "value": { + "status": "OK", + "version": { + "major": 2, + "minor": 1, + "revision": 0 + } + } + } + }, + "schema": { + "$ref": "../components/health-object.json" + } + } + } + } + } +} diff --git a/backend/schema/paths/nginx/access-lists/get.json b/backend/schema/paths/nginx/access-lists/get.json new file mode 100644 index 000000000..7774b906a --- /dev/null +++ b/backend/schema/paths/nginx/access-lists/get.json @@ -0,0 +1,50 @@ +{ + "operationId": "getAccessLists", + "summary": "Get all access lists", + "tags": ["Access Lists"], + "security": [ + { + "BearerAuth": ["access_lists"] + } + ], + "parameters": [ + { + "in": "query", + "name": "expand", + "description": "Expansions", + "schema": { + "type": "string", + "enum": ["owner", "items", "clients", "proxy_hosts"] + } + } + ], + "responses": { + "200": { + "description": "200 response", + "content": { + "application/json": { + "examples": { + "default": { + "value": [ + { + "id": 1, + "created_on": "2024-10-08T22:15:40.000Z", + "modified_on": "2024-10-08T22:15:40.000Z", + "owner_user_id": 1, + "name": "test1234", + "meta": {}, + "satisfy_any": 1, + "pass_auth": 0, + "proxy_host_count": 0 + } + ] + } + }, + "schema": { + "$ref": "../../../components/access-list-object.json" + } + } + } + } + } +} diff --git a/backend/schema/paths/nginx/access-lists/listID/delete.json b/backend/schema/paths/nginx/access-lists/listID/delete.json new file mode 100644 index 000000000..073585c8b --- /dev/null +++ b/backend/schema/paths/nginx/access-lists/listID/delete.json @@ -0,0 +1,39 @@ +{ + "operationId": "deleteAccessList", + "summary": "Delete a Access List", + "tags": ["Access Lists"], + "security": [ + { + "BearerAuth": ["access_lists"] + } + ], + "parameters": [ + { + "in": "path", + "name": "listID", + "schema": { + "type": "integer", + "minimum": 1 + }, + "required": true, + "example": 2 + } + ], + "responses": { + "200": { + "description": "200 response", + "content": { + "application/json": { + "examples": { + "default": { + "value": true + } + }, + "schema": { + "type": "boolean" + } + } + } + } + } +} diff --git a/backend/schema/paths/nginx/access-lists/listID/get.json b/backend/schema/paths/nginx/access-lists/listID/get.json new file mode 100644 index 000000000..011ad77e6 --- /dev/null +++ b/backend/schema/paths/nginx/access-lists/listID/get.json @@ -0,0 +1,49 @@ +{ + "operationId": "getAccessList", + "summary": "Get a access List", + "tags": ["Access Lists"], + "security": [ + { + "BearerAuth": ["access_lists"] + } + ], + "parameters": [ + { + "in": "path", + "name": "listID", + "schema": { + "type": "integer", + "minimum": 1 + }, + "required": true, + "example": 1 + } + ], + "responses": { + "200": { + "description": "200 response", + "content": { + "application/json": { + "examples": { + "default": { + "value": { + "id": 1, + "created_on": "2020-01-30T09:36:08.000Z", + "modified_on": "2020-01-30T09:41:04.000Z", + "is_disabled": 0, + "email": "jc@jc21.com", + "name": "Jamie Curnow", + "nickname": "James", + "avatar": "//www.gravatar.com/avatar/6193176330f8d38747f038c170ddb193?default=mm", + "roles": ["admin"] + } + } + }, + "schema": { + "$ref": "../../../../components/access-list-object.json" + } + } + } + } + } +} diff --git a/backend/schema/paths/nginx/access-lists/listID/put.json b/backend/schema/paths/nginx/access-lists/listID/put.json new file mode 100644 index 000000000..95ecaa619 --- /dev/null +++ b/backend/schema/paths/nginx/access-lists/listID/put.json @@ -0,0 +1,164 @@ +{ + "operationId": "updateAccessList", + "summary": "Update a Access List", + "tags": ["Access Lists"], + "security": [ + { + "BearerAuth": ["access_lists"] + } + ], + "parameters": [ + { + "in": "path", + "name": "listID", + "schema": { + "type": "integer", + "minimum": 1 + }, + "required": true, + "example": 2 + } + ], + "requestBody": { + "description": "Access List Payload", + "required": true, + "content": { + "application/json": { + "schema": { + "type": "object", + "additionalProperties": false, + "minProperties": 1, + "properties": { + "name": { + "$ref": "../../../../components/access-list-object.json#/properties/name" + }, + "satisfy_any": { + "$ref": "../../../../components/access-list-object.json#/properties/satisfy_any" + }, + "pass_auth": { + "$ref": "../../../../components/access-list-object.json#/properties/pass_auth" + }, + "items": { + "type": "array", + "items": { + "type": "object", + "additionalProperties": false, + "properties": { + "username": { + "type": "string", + "minLength": 1 + }, + "password": { + "type": "string", + "minLength": 1 + } + } + } + }, + "clients": { + "type": "array", + "items": { + "type": "object", + "additionalProperties": false, + "properties": { + "address": { + "oneOf": [ + { + "type": "string", + "pattern": "^([0-9]{1,3}\\.){3}[0-9]{1,3}(/([0-9]|[1-2][0-9]|3[0-2]))?$" + }, + { + "type": "string", + "pattern": "^s*((([0-9A-Fa-f]{1,4}:){7}([0-9A-Fa-f]{1,4}|:))|(([0-9A-Fa-f]{1,4}:){6}(:[0-9A-Fa-f]{1,4}|((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3})|:))|(([0-9A-Fa-f]{1,4}:){5}(((:[0-9A-Fa-f]{1,4}){1,2})|:((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3})|:))|(([0-9A-Fa-f]{1,4}:){4}(((:[0-9A-Fa-f]{1,4}){1,3})|((:[0-9A-Fa-f]{1,4})?:((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3}))|:))|(([0-9A-Fa-f]{1,4}:){3}(((:[0-9A-Fa-f]{1,4}){1,4})|((:[0-9A-Fa-f]{1,4}){0,2}:((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3}))|:))|(([0-9A-Fa-f]{1,4}:){2}(((:[0-9A-Fa-f]{1,4}){1,5})|((:[0-9A-Fa-f]{1,4}){0,3}:((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3}))|:))|(([0-9A-Fa-f]{1,4}:){1}(((:[0-9A-Fa-f]{1,4}){1,6})|((:[0-9A-Fa-f]{1,4}){0,4}:((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3}))|:))|(:(((:[0-9A-Fa-f]{1,4}){1,7})|((:[0-9A-Fa-f]{1,4}){0,5}:((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3}))|:)))(%.+)?s*(/([0-9]|[1-9][0-9]|1[0-1][0-9]|12[0-8]))?$" + }, + { + "type": "string", + "pattern": "^all$" + } + ] + }, + "directive": { + "$ref": "../../../../components/access-list-object.json#/properties/directive" + } + } + } + } + } + } + } + } + }, + "responses": { + "200": { + "description": "200 response", + "content": { + "application/json": { + "examples": { + "default": { + "value": { + "id": 1, + "created_on": "2024-10-08T22:15:40.000Z", + "modified_on": "2024-10-08T22:34:34.000Z", + "owner_user_id": 1, + "name": "test123!!", + "meta": {}, + "satisfy_any": 1, + "pass_auth": 0, + "proxy_host_count": 0, + "owner": { + "id": 1, + "created_on": "2024-10-07T22:43:55.000Z", + "modified_on": "2024-10-08T12:52:54.000Z", + "is_deleted": 0, + "is_disabled": 0, + "email": "admin@example.com", + "name": "Administrator", + "nickname": "some guy", + "avatar": "//www.gravatar.com/avatar/e64c7d89f26bd1972efa854d13d7dd61?default=mm", + "roles": ["admin"] + }, + "items": [ + { + "id": 1, + "created_on": "2024-10-08T22:15:40.000Z", + "modified_on": "2024-10-08T22:15:40.000Z", + "access_list_id": 1, + "username": "admin", + "password": "", + "meta": {}, + "hint": "a****" + }, + { + "id": 2, + "created_on": "2024-10-08T22:15:40.000Z", + "modified_on": "2024-10-08T22:15:40.000Z", + "access_list_id": 1, + "username": "asdad", + "password": "", + "meta": {}, + "hint": "a*****" + } + ], + "clients": [ + { + "id": 1, + "created_on": "2024-10-08T22:15:40.000Z", + "modified_on": "2024-10-08T22:15:40.000Z", + "access_list_id": 1, + "address": "127.0.0.1", + "directive": "allow", + "meta": {} + } + ], + "proxy_hosts": [] + } + } + }, + "schema": { + "$ref": "../../../../components/access-list-object.json" + } + } + } + } + } +} diff --git a/backend/schema/paths/nginx/access-lists/post.json b/backend/schema/paths/nginx/access-lists/post.json new file mode 100644 index 000000000..cb3af8f42 --- /dev/null +++ b/backend/schema/paths/nginx/access-lists/post.json @@ -0,0 +1,155 @@ +{ + "operationId": "createAccessList", + "summary": "Create a Access List", + "tags": ["Access Lists"], + "security": [ + { + "BearerAuth": ["access_lists"] + } + ], + "requestBody": { + "description": "Access List Payload", + "required": true, + "content": { + "application/json": { + "schema": { + "type": "object", + "additionalProperties": false, + "required": ["name"], + "properties": { + "name": { + "$ref": "../../../components/access-list-object.json#/properties/name" + }, + "satisfy_any": { + "$ref": "../../../components/access-list-object.json#/properties/satisfy_any" + }, + "pass_auth": { + "$ref": "../../../components/access-list-object.json#/properties/pass_auth" + }, + "items": { + "type": "array", + "items": { + "type": "object", + "additionalProperties": false, + "properties": { + "username": { + "type": "string", + "minLength": 1 + }, + "password": { + "type": "string", + "minLength": 1 + } + } + } + }, + "clients": { + "type": "array", + "items": { + "type": "object", + "additionalProperties": false, + "properties": { + "address": { + "oneOf": [ + { + "type": "string", + "pattern": "^([0-9]{1,3}\\.){3}[0-9]{1,3}(/([0-9]|[1-2][0-9]|3[0-2]))?$" + }, + { + "type": "string", + "pattern": "^s*((([0-9A-Fa-f]{1,4}:){7}([0-9A-Fa-f]{1,4}|:))|(([0-9A-Fa-f]{1,4}:){6}(:[0-9A-Fa-f]{1,4}|((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3})|:))|(([0-9A-Fa-f]{1,4}:){5}(((:[0-9A-Fa-f]{1,4}){1,2})|:((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3})|:))|(([0-9A-Fa-f]{1,4}:){4}(((:[0-9A-Fa-f]{1,4}){1,3})|((:[0-9A-Fa-f]{1,4})?:((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3}))|:))|(([0-9A-Fa-f]{1,4}:){3}(((:[0-9A-Fa-f]{1,4}){1,4})|((:[0-9A-Fa-f]{1,4}){0,2}:((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3}))|:))|(([0-9A-Fa-f]{1,4}:){2}(((:[0-9A-Fa-f]{1,4}){1,5})|((:[0-9A-Fa-f]{1,4}){0,3}:((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3}))|:))|(([0-9A-Fa-f]{1,4}:){1}(((:[0-9A-Fa-f]{1,4}){1,6})|((:[0-9A-Fa-f]{1,4}){0,4}:((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3}))|:))|(:(((:[0-9A-Fa-f]{1,4}){1,7})|((:[0-9A-Fa-f]{1,4}){0,5}:((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3}))|:)))(%.+)?s*(/([0-9]|[1-9][0-9]|1[0-1][0-9]|12[0-8]))?$" + }, + { + "type": "string", + "pattern": "^all$" + } + ] + }, + "directive": { + "$ref": "../../../components/access-list-object.json#/properties/directive" + } + } + } + }, + "meta": { + "$ref": "../../../components/access-list-object.json#/properties/meta" + } + } + } + } + } + }, + "responses": { + "201": { + "description": "201 response", + "content": { + "application/json": { + "examples": { + "default": { + "value": { + "id": 1, + "created_on": "2024-10-08T22:15:40.000Z", + "modified_on": "2024-10-08T22:15:40.000Z", + "owner_user_id": 1, + "name": "test1234", + "meta": {}, + "satisfy_any": 1, + "pass_auth": 0, + "proxy_host_count": 0, + "owner": { + "id": 1, + "created_on": "2024-10-07T22:43:55.000Z", + "modified_on": "2024-10-08T12:52:54.000Z", + "is_deleted": 0, + "is_disabled": 0, + "email": "admin@example.com", + "name": "Administrator", + "nickname": "some guy", + "avatar": "//www.gravatar.com/avatar/e64c7d89f26bd1972efa854d13d7dd61?default=mm", + "roles": ["admin"] + }, + "items": [ + { + "id": 1, + "created_on": "2024-10-08T22:15:40.000Z", + "modified_on": "2024-10-08T22:15:40.000Z", + "access_list_id": 1, + "username": "admin", + "password": "", + "meta": {}, + "hint": "a****" + }, + { + "id": 2, + "created_on": "2024-10-08T22:15:40.000Z", + "modified_on": "2024-10-08T22:15:40.000Z", + "access_list_id": 1, + "username": "asdad", + "password": "", + "meta": {}, + "hint": "a*****" + } + ], + "proxy_hosts": [], + "clients": [ + { + "id": 1, + "created_on": "2024-10-08T22:15:40.000Z", + "modified_on": "2024-10-08T22:15:40.000Z", + "access_list_id": 1, + "address": "127.0.0.1", + "directive": "allow", + "meta": {} + } + ] + } + } + }, + "schema": { + "$ref": "../../../components/access-list-object.json" + } + } + } + } + } +} diff --git a/backend/schema/paths/nginx/certificates/certID/delete.json b/backend/schema/paths/nginx/certificates/certID/delete.json new file mode 100644 index 000000000..0d40bcb8c --- /dev/null +++ b/backend/schema/paths/nginx/certificates/certID/delete.json @@ -0,0 +1,39 @@ +{ + "operationId": "deleteCertificate", + "summary": "Delete a Certificate", + "tags": ["Certificates"], + "security": [ + { + "BearerAuth": ["certificates"] + } + ], + "parameters": [ + { + "in": "path", + "name": "certID", + "schema": { + "type": "integer", + "minimum": 1 + }, + "required": true, + "example": 2 + } + ], + "responses": { + "200": { + "description": "200 response", + "content": { + "application/json": { + "examples": { + "default": { + "value": true + } + }, + "schema": { + "type": "boolean" + } + } + } + } + } +} diff --git a/backend/schema/paths/nginx/certificates/certID/download/get.json b/backend/schema/paths/nginx/certificates/certID/download/get.json new file mode 100644 index 000000000..4b858cae7 --- /dev/null +++ b/backend/schema/paths/nginx/certificates/certID/download/get.json @@ -0,0 +1,35 @@ +{ + "operationId": "downloadCertificate", + "summary": "Downloads a Certificate", + "tags": ["Certificates"], + "security": [ + { + "BearerAuth": ["certificates"] + } + ], + "parameters": [ + { + "in": "path", + "name": "certID", + "schema": { + "type": "integer", + "minimum": 1 + }, + "required": true, + "example": 1 + } + ], + "responses": { + "200": { + "description": "200 response", + "content": { + "application/zip": { + "schema": { + "type": "string", + "format": "binary" + } + } + } + } + } +} diff --git a/backend/schema/paths/nginx/certificates/certID/get.json b/backend/schema/paths/nginx/certificates/certID/get.json new file mode 100644 index 000000000..22317b337 --- /dev/null +++ b/backend/schema/paths/nginx/certificates/certID/get.json @@ -0,0 +1,53 @@ +{ + "operationId": "getCertificate", + "summary": "Get a Certificate", + "tags": ["Certificates"], + "security": [ + { + "BearerAuth": ["certificates"] + } + ], + "parameters": [ + { + "in": "path", + "name": "certID", + "schema": { + "type": "integer", + "minimum": 1 + }, + "required": true, + "example": 1 + } + ], + "responses": { + "200": { + "description": "200 response", + "content": { + "application/json": { + "examples": { + "default": { + "value": { + "id": 4, + "created_on": "2024-10-09T05:31:58.000Z", + "modified_on": "2024-10-09T05:32:11.000Z", + "owner_user_id": 1, + "provider": "letsencrypt", + "nice_name": "test.example.com", + "domain_names": ["test.example.com"], + "expires_on": "2025-01-07T04:34:18.000Z", + "meta": { + "letsencrypt_email": "jc@jc21.com", + "letsencrypt_agree": true, + "dns_challenge": false + } + } + } + }, + "schema": { + "$ref": "../../../../components/certificate-object.json" + } + } + } + } + } +} diff --git a/backend/schema/paths/nginx/certificates/certID/renew/post.json b/backend/schema/paths/nginx/certificates/certID/renew/post.json new file mode 100644 index 000000000..7b32af04a --- /dev/null +++ b/backend/schema/paths/nginx/certificates/certID/renew/post.json @@ -0,0 +1,54 @@ +{ + "operationId": "renewCertificate", + "summary": "Renews a Certificate", + "tags": ["Certificates"], + "security": [ + { + "BearerAuth": ["certificates"] + } + ], + "parameters": [ + { + "in": "path", + "name": "certID", + "schema": { + "type": "integer", + "minimum": 1 + }, + "required": true, + "example": 1 + } + ], + "responses": { + "200": { + "description": "200 response", + "content": { + "application/json": { + "examples": { + "default": { + "value": { + "expires_on": "2025-01-07T06:41:58.000Z", + "modified_on": "2024-10-09T07:39:51.000Z", + "id": 4, + "created_on": "2024-10-09T05:31:58.000Z", + "owner_user_id": 1, + "is_deleted": 0, + "provider": "letsencrypt", + "nice_name": "My Test Cert", + "domain_names": ["test.jc21.supernerd.pro"], + "meta": { + "letsencrypt_email": "jc@jc21.com", + "letsencrypt_agree": true, + "dns_challenge": false + } + } + } + }, + "schema": { + "$ref": "../../../../../components/certificate-object.json" + } + } + } + } + } +} diff --git a/backend/schema/paths/nginx/certificates/certID/upload/post.json b/backend/schema/paths/nginx/certificates/certID/upload/post.json new file mode 100644 index 000000000..e9274856a --- /dev/null +++ b/backend/schema/paths/nginx/certificates/certID/upload/post.json @@ -0,0 +1,63 @@ +{ + "operationId": "uploadCertificate", + "summary": "Uploads a custom Certificate", + "tags": ["Certificates"], + "security": [ + { + "BearerAuth": ["certificates"] + } + ], + "parameters": [ + { + "in": "path", + "name": "certID", + "schema": { + "type": "integer", + "minimum": 1 + }, + "required": true, + "example": 1 + } + ], + "requestBody": { + "description": "Certificate Files", + "required": true, + "content": { + "multipart/form-data": { + "schema": { + "type": "object", + "additionalProperties": false, + "required": ["certificate", "certificate_key"], + "properties": { + "certificate": { + "type": "string" + }, + "certificate_key": { + "type": "string" + }, + "intermediate_certificate": { + "type": "string" + } + } + } + } + } + }, + "responses": { + "200": { + "description": "200 response", + "content": { + "application/json": { + "examples": { + "default": { + "value": { + "certificate": "-----BEGIN CERTIFICATE-----\nMIIEYDCCAsigAwIBAgIRAPoSC0hvitb26ODMlsH6YbowDQYJKoZIhvcNAQELBQAw\ngZExHjAcBgNVBAoTFW1rY2VydCBkZXZlbG9wbWVudCBDQTEzMDEGA1UECwwqamN1\ncm5vd0BKYW1pZXMtTGFwdG9wLmxvY2FsIChKYW1pZSBDdXJub3cpMTowOAYDVQQD\nDDFta2NlcnQgamN1cm5vd0BKYW1pZXMtTGFwdG9wLmxvY2FsIChKYW1pZSBDdXJu\nb3cpMB4XDTI0MTAwOTA3MjIxN1oXDTI3MDEwOTA3MjIxN1owXjEnMCUGA1UEChMe\nbWtjZXJ0IGRldmVsb3BtZW50IGNlcnRpZmljYXRlMTMwMQYDVQQLDCpqY3Vybm93\nQEphbWllcy1MYXB0b3AubG9jYWwgKEphbWllIEN1cm5vdykwggEiMA0GCSqGSIb3\nDQEBAQUAA4IBDwAwggEKAoIBAQC1n9j9C5Bes1ndqACDckERauxXVNKCnUlUM1bu\nGBx1xc+j2e2Ar23wUJJuWBY18VfT8yqfqVDktO2wrbmvZvLuPmXePOKbIKS+XXh+\n2NG9L5bDG9rwGFCRXnbQj+GWCdMfzx14+CR1IHgeYz6Cv/Si2/LJPCh/CoBfM4hU\nQJON3lxAWrWBpdbZnKYMrxuPBRfW9OuzTbCVXToQoxRAHiOR9081Xn1WeoKr7kVB\nIa5UphlvWXa12w1YmUwJu7YndnJGIavLWeNCVc7ZEo+nS8Wr/4QWicatIWZXpVaE\nOPhRoeplQDxNWg5b/Q26rYoVd7PrCmRs7sVcH79XzGONeH1PAgMBAAGjZTBjMA4G\nA1UdDwEB/wQEAwIFoDATBgNVHSUEDDAKBggrBgEFBQcDATAfBgNVHSMEGDAWgBSB\n/vfmBUd4W7CvyEMl7YpMVQs8vTAbBgNVHREEFDASghB0ZXN0LmV4YW1wbGUuY29t\nMA0GCSqGSIb3DQEBCwUAA4IBgQASwON/jPAHzcARSenY0ZGY1m5OVTYoQ/JWH0oy\nl8SyFCQFEXt7UHDD/eTtLT0vMyc190nP57P8lTnZGf7hSinZz1B1d6V4cmzxpk0s\nVXZT+irL6bJVJoMBHRpllKAhGULIo33baTrWFKA0oBuWx4AevSWKcLW5j87kEawn\nATCuMQ1I3ifR1mSlB7X8fb+vF+571q0NGuB3a42j6rdtXJ6SmH4+9B4qO0sfHDNt\nIImpLCH/tycDpcYrGSCn1QrekFG1bSEh+Bb9i8rqMDSDsYrTFPZTuOQ3EtjGni9u\nm+rEP3OyJg+md8c+0LVP7/UU4QWWnw3/Wolo5kSCxE8vNTFqi4GhVbdLnUtcIdTV\nXxuR6cKyW87Snj1a0nG76ZLclt/akxDhtzqeV60BO0p8pmiev8frp+E94wFNYCmp\n1cr3CnMEGRaficLSDFC6EBENzlZW2BQT6OMIV+g0NBgSyQe39s2zcdEl5+SzDVuw\nhp8bJUp/QN7pnOVCDbjTQ+HVMXw=\n-----END CERTIFICATE-----\n", + "certificate_key": "-----BEGIN PRIVATE KEY-----\nMIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQC1n9j9C5Bes1nd\nqACDckERauxXVNKCnUlUM1buGBx1xc+j2e2Ar23wUJJuWBY18VfT8yqfqVDktO2w\nrbmvZvLuPmXePOKbIKS+XXh+2NG9L5bDG9rwGFCRXnbQj+GWCdMfzx14+CR1IHge\nYz6Cv/Si2/LJPCh/CoBfM4hUQJON3lxAWrWBpdbZnKYMrxuPBRfW9OuzTbCVXToQ\noxRAHiOR9081Xn1WeoKr7kVBIa5UphlvWXa12w1YmUwJu7YndnJGIavLWeNCVc7Z\nEo+nS8Wr/4QWicatIWZXpVaEOPhRoeplQDxNWg5b/Q26rYoVd7PrCmRs7sVcH79X\nzGONeH1PAgMBAAECggEAANb3Wtwl07pCjRrMvc7WbC0xYIn82yu8/g2qtjkYUJcU\nia5lQbYN7RGCS85Oc/tkq48xQEG5JQWNH8b918jDEMTrFab0aUEyYcru1q9L8PL6\nYHaNgZSrMrDcHcS8h0QOXNRJT5jeGkiHJaTR0irvB526tqF3knbK9yW22KTfycUe\na0Z9voKn5xRk1DCbHi/nk2EpT7xnjeQeLFaTIRXbS68omkr4YGhwWm5OizoyEGZu\nW0Zum5BkQyMr6kor3wdxOTG97ske2rcyvvHi+ErnwL0xBv0qY0Dhe8DpuXpDezqw\no72yY8h31Fu84i7sAj24YuE5Df8DozItFXQpkgbQ6QKBgQDPrufhvIFm2S/MzBdW\nH8JxY7CJlJPyxOvc1NIl9RczQGAQR90kx52cgIcuIGEG6/wJ/xnGfMmW40F0DnQ+\nN+oLgB9SFxeLkRb7s9Z/8N3uIN8JJFYcerEOiRQeN2BXEEWJ7bUThNtsVrAcKoUh\nELsDmnHW/3V+GKwhd0vpk842+wKBgQDf4PGLG9PTE5tlAoyHFodJRd2RhTJQkwsU\nMDNjLJ+KecLv+Nl+QiJhoflG1ccqtSFlBSCG067CDQ5LV0xm3mLJ7pfJoMgjcq31\nqjEmX4Ls91GuVOPtbwst3yFKjsHaSoKB5fBvWRcKFpBUezM7Qcw2JP3+dQT+bQIq\ncMTkRWDSvQKBgQDOdCQFDjxg/lR7NQOZ1PaZe61aBz5P3pxNqa7ClvMaOsuEQ7w9\nvMYcdtRq8TsjA2JImbSI0TIg8gb2FQxPcYwTJKl+FICOeIwtaSg5hTtJZpnxX5LO\nutTaC0DZjNkTk5RdOdWA8tihyUdGqKoxJY2TVmwGe2rUEDjFB++J4inkEwKBgB6V\ng0nmtkxanFrzOzFlMXwgEEHF+Xaqb9QFNa/xs6XeNnREAapO7JV75Cr6H2hFMFe1\nmJjyqCgYUoCWX3iaHtLJRnEkBtNY4kzyQB6m46LtsnnnXO/dwKA2oDyoPfFNRoDq\nYatEd3JIXNU9s2T/+x7WdOBjKhh72dTkbPFmTPDdAoGAU6rlPBevqOFdObYxdPq8\nEQWu44xqky3Mf5sBpOwtu6rqCYuziLiN7K4sjN5GD5mb1cEU+oS92ZiNcUQ7MFXk\n8yTYZ7U0VcXyAcpYreWwE8thmb0BohJBr+Mp3wLTx32x0HKdO6vpUa0d35LUTUmM\nRrKmPK/msHKK/sVHiL+NFqo=\n-----END PRIVATE KEY-----\n" + } + } + } + } + } + } + } +} diff --git a/backend/schema/paths/nginx/certificates/get.json b/backend/schema/paths/nginx/certificates/get.json new file mode 100644 index 000000000..2f4b556af --- /dev/null +++ b/backend/schema/paths/nginx/certificates/get.json @@ -0,0 +1,54 @@ +{ + "operationId": "getCertificates", + "summary": "Get all certificates", + "tags": ["Certificates"], + "security": [ + { + "BearerAuth": ["certificates"] + } + ], + "parameters": [ + { + "in": "query", + "name": "expand", + "description": "Expansions", + "schema": { + "type": "string", + "enum": ["owner"] + } + } + ], + "responses": { + "200": { + "description": "200 response", + "content": { + "application/json": { + "examples": { + "default": { + "value": [ + { + "id": 4, + "created_on": "2024-10-09T05:31:58.000Z", + "modified_on": "2024-10-09T05:32:11.000Z", + "owner_user_id": 1, + "provider": "letsencrypt", + "nice_name": "test.example.com", + "domain_names": ["test.example.com"], + "expires_on": "2025-01-07T04:34:18.000Z", + "meta": { + "letsencrypt_email": "jc@jc21.com", + "letsencrypt_agree": true, + "dns_challenge": false + } + } + ] + } + }, + "schema": { + "$ref": "../../../components/certificate-list.json" + } + } + } + } + } +} diff --git a/backend/schema/paths/nginx/certificates/post.json b/backend/schema/paths/nginx/certificates/post.json new file mode 100644 index 000000000..cc4d91d6d --- /dev/null +++ b/backend/schema/paths/nginx/certificates/post.json @@ -0,0 +1,77 @@ +{ + "operationId": "createCertificate", + "summary": "Create a Certificate", + "tags": ["Certificates"], + "security": [ + { + "BearerAuth": ["certificates"] + } + ], + "requestBody": { + "description": "Certificate Payload", + "required": true, + "content": { + "application/json": { + "schema": { + "type": "object", + "additionalProperties": false, + "required": ["provider"], + "properties": { + "provider": { + "$ref": "../../../components/certificate-object.json#/properties/provider" + }, + "nice_name": { + "$ref": "../../../components/certificate-object.json#/properties/nice_name" + }, + "domain_names": { + "$ref": "../../../components/certificate-object.json#/properties/domain_names" + }, + "meta": { + "$ref": "../../../components/certificate-object.json#/properties/meta" + } + } + } + } + } + }, + "responses": { + "201": { + "description": "201 response", + "content": { + "application/json": { + "examples": { + "default": { + "value": { + "expires_on": "2025-01-07 04:30:17", + "modified_on": "2024-10-09 05:28:51", + "id": 5, + "created_on": "2024-10-09 05:28:35", + "owner_user_id": 1, + "is_deleted": 0, + "provider": "letsencrypt", + "nice_name": "test.example.com", + "domain_names": ["test.example.com"], + "meta": { + "letsencrypt_email": "jc@jc21.com", + "letsencrypt_agree": true, + "dns_challenge": false, + "letsencrypt_certificate": { + "cn": "test.example.com", + "issuer": "C = US, O = Let's Encrypt, CN = E5", + "dates": { + "from": 1728448218, + "to": 1736224217 + } + } + } + } + } + }, + "schema": { + "$ref": "../../../components/certificate-object.json" + } + } + } + } + } +} diff --git a/backend/schema/paths/nginx/certificates/test-http/get.json b/backend/schema/paths/nginx/certificates/test-http/get.json new file mode 100644 index 000000000..2b9a8dd3b --- /dev/null +++ b/backend/schema/paths/nginx/certificates/test-http/get.json @@ -0,0 +1,40 @@ +{ + "operationId": "testHttpReach", + "summary": "Test HTTP Reachability", + "tags": ["Certificates"], + "security": [ + { + "BearerAuth": ["certificates"] + } + ], + "parameters": [ + { + "in": "query", + "name": "domains", + "description": "Expansions", + "required": true, + "schema": { + "type": "string", + "example": "[\"test.example.ord\",\"test.example.com\",\"nonexistent.example.com\"]" + } + } + ], + "responses": { + "200": { + "description": "200 response", + "content": { + "application/json": { + "examples": { + "default": { + "value": { + "test.example.org": "ok", + "test.example.com": "other:Invalid domain or IP", + "nonexistent.example.com": "404" + } + } + } + } + } + } + } +} diff --git a/backend/schema/paths/nginx/certificates/validate/post.json b/backend/schema/paths/nginx/certificates/validate/post.json new file mode 100644 index 000000000..94f02f593 --- /dev/null +++ b/backend/schema/paths/nginx/certificates/validate/post.json @@ -0,0 +1,75 @@ +{ + "operationId": "validateCertificates", + "summary": "Validates given Custom Certificates", + "tags": ["Certificates"], + "security": [ + { + "BearerAuth": ["certificates"] + } + ], + "requestBody": { + "description": "Certificate Files", + "required": true, + "content": { + "multipart/form-data": { + "schema": { + "type": "object", + "additionalProperties": false, + "required": ["certificate", "certificate_key"], + "properties": { + "certificate": { + "type": "string" + }, + "certificate_key": { + "type": "string" + }, + "intermediate_certificate": { + "type": "string" + } + } + } + } + } + }, + "responses": { + "200": { + "description": "200 response", + "content": { + "application/json": { + "examples": { + "default": { + "value": { + "certificate": { + "cn": "mkcert", + "issuer": "O = mkcert development CA, OU = jc@jc-Laptop.local (John Doe), CN = mkcert jc@jc-Laptop.local (John Doe)", + "dates": { + "from": 1728458537, + "to": 1799479337 + } + }, + "certificate_key": true + } + } + } + } + } + }, + "400": { + "description": "400 response", + "content": { + "application/json": { + "examples": { + "default": { + "value": { + "error": { + "code": 400, + "message": "Certificate is not valid" + } + } + } + } + } + } + } + } +} diff --git a/backend/schema/paths/nginx/dead-hosts/get.json b/backend/schema/paths/nginx/dead-hosts/get.json new file mode 100644 index 000000000..61e2b2784 --- /dev/null +++ b/backend/schema/paths/nginx/dead-hosts/get.json @@ -0,0 +1,57 @@ +{ + "operationId": "getDeadHosts", + "summary": "Get all 404 hosts", + "tags": ["404 Hosts"], + "security": [ + { + "BearerAuth": ["dead_hosts"] + } + ], + "parameters": [ + { + "in": "query", + "name": "expand", + "description": "Expansions", + "schema": { + "type": "string", + "enum": ["owner", "certificate"] + } + } + ], + "responses": { + "200": { + "description": "200 response", + "content": { + "application/json": { + "examples": { + "default": { + "value": [ + { + "id": 1, + "created_on": "2024-10-09T01:38:52.000Z", + "modified_on": "2024-10-09T01:38:52.000Z", + "owner_user_id": 1, + "domain_names": ["test.example.com"], + "certificate_id": 0, + "ssl_forced": 0, + "advanced_config": "", + "meta": { + "nginx_online": true, + "nginx_err": null + }, + "http2_support": 0, + "enabled": 1, + "hsts_enabled": 0, + "hsts_subdomains": 0 + } + ] + } + }, + "schema": { + "$ref": "../../../components/dead-host-list.json" + } + } + } + } + } +} diff --git a/backend/schema/paths/nginx/dead-hosts/hostID/delete.json b/backend/schema/paths/nginx/dead-hosts/hostID/delete.json new file mode 100644 index 000000000..f3aa81a5b --- /dev/null +++ b/backend/schema/paths/nginx/dead-hosts/hostID/delete.json @@ -0,0 +1,39 @@ +{ + "operationId": "deleteDeadHost", + "summary": "Delete a 404 Host", + "tags": ["404 Hosts"], + "security": [ + { + "BearerAuth": ["dead_hosts"] + } + ], + "parameters": [ + { + "in": "path", + "name": "hostID", + "schema": { + "type": "integer", + "minimum": 1 + }, + "required": true, + "example": 2 + } + ], + "responses": { + "200": { + "description": "200 response", + "content": { + "application/json": { + "examples": { + "default": { + "value": true + } + }, + "schema": { + "type": "boolean" + } + } + } + } + } +} diff --git a/backend/schema/paths/nginx/dead-hosts/hostID/disable/post.json b/backend/schema/paths/nginx/dead-hosts/hostID/disable/post.json new file mode 100644 index 000000000..528d05d35 --- /dev/null +++ b/backend/schema/paths/nginx/dead-hosts/hostID/disable/post.json @@ -0,0 +1,59 @@ +{ + "operationId": "disableDeadHost", + "summary": "Disable a 404 Host", + "tags": ["404 Hosts"], + "security": [ + { + "BearerAuth": ["dead_hosts"] + } + ], + "parameters": [ + { + "in": "path", + "name": "hostID", + "schema": { + "type": "integer", + "minimum": 1 + }, + "required": true, + "example": 2 + } + ], + "responses": { + "200": { + "description": "200 response", + "content": { + "application/json": { + "examples": { + "default": { + "value": true + } + }, + "schema": { + "type": "boolean" + } + } + } + }, + "400": { + "description": "400 response", + "content": { + "application/json": { + "examples": { + "default": { + "value": { + "error": { + "code": 400, + "message": "Host is already disabled" + } + } + } + }, + "schema": { + "$ref": "../../../../../components/error-object.json" + } + } + } + } + } +} diff --git a/backend/schema/paths/nginx/dead-hosts/hostID/enable/post.json b/backend/schema/paths/nginx/dead-hosts/hostID/enable/post.json new file mode 100644 index 000000000..dd95943a5 --- /dev/null +++ b/backend/schema/paths/nginx/dead-hosts/hostID/enable/post.json @@ -0,0 +1,59 @@ +{ + "operationId": "enableDeadHost", + "summary": "Enable a 404 Host", + "tags": ["404 Hosts"], + "security": [ + { + "BearerAuth": ["dead_hosts"] + } + ], + "parameters": [ + { + "in": "path", + "name": "hostID", + "schema": { + "type": "integer", + "minimum": 1 + }, + "required": true, + "example": 2 + } + ], + "responses": { + "200": { + "description": "200 response", + "content": { + "application/json": { + "examples": { + "default": { + "value": true + } + }, + "schema": { + "type": "boolean" + } + } + } + }, + "400": { + "description": "400 response", + "content": { + "application/json": { + "examples": { + "default": { + "value": { + "error": { + "code": 400, + "message": "Host is already enabled" + } + } + } + }, + "schema": { + "$ref": "../../../../../components/error-object.json" + } + } + } + } + } +} diff --git a/backend/schema/paths/nginx/dead-hosts/hostID/get.json b/backend/schema/paths/nginx/dead-hosts/hostID/get.json new file mode 100644 index 000000000..ae077c104 --- /dev/null +++ b/backend/schema/paths/nginx/dead-hosts/hostID/get.json @@ -0,0 +1,56 @@ +{ + "operationId": "getDeadHost", + "summary": "Get a 404 Host", + "tags": ["404 Hosts"], + "security": [ + { + "BearerAuth": ["dead_hosts"] + } + ], + "parameters": [ + { + "in": "path", + "name": "hostID", + "schema": { + "type": "integer", + "minimum": 1 + }, + "required": true, + "example": 1 + } + ], + "responses": { + "200": { + "description": "200 response", + "content": { + "application/json": { + "examples": { + "default": { + "value": { + "id": 1, + "created_on": "2024-10-09T01:38:52.000Z", + "modified_on": "2024-10-09T01:38:52.000Z", + "owner_user_id": 1, + "domain_names": ["test.example.com"], + "certificate_id": 0, + "ssl_forced": 0, + "advanced_config": "", + "meta": { + "nginx_online": true, + "nginx_err": null + }, + "http2_support": 0, + "enabled": 1, + "hsts_enabled": 0, + "hsts_subdomains": 0 + } + } + }, + "schema": { + "$ref": "../../../../components/dead-host-object.json" + } + } + } + } + } +} diff --git a/backend/schema/paths/nginx/dead-hosts/hostID/put.json b/backend/schema/paths/nginx/dead-hosts/hostID/put.json new file mode 100644 index 000000000..058aff172 --- /dev/null +++ b/backend/schema/paths/nginx/dead-hosts/hostID/put.json @@ -0,0 +1,110 @@ +{ + "operationId": "updateDeadHost", + "summary": "Update a 404 Host", + "tags": ["404 Hosts"], + "security": [ + { + "BearerAuth": ["dead_hosts"] + } + ], + "parameters": [ + { + "in": "path", + "name": "hostID", + "schema": { + "type": "integer", + "minimum": 1 + }, + "required": true, + "example": 2 + } + ], + "requestBody": { + "description": "404 Host Payload", + "required": true, + "content": { + "application/json": { + "schema": { + "type": "object", + "additionalProperties": false, + "minProperties": 1, + "properties": { + "domain_names": { + "$ref": "../../../../components/dead-host-object.json#/properties/domain_names" + }, + "certificate_id": { + "$ref": "../../../../components/dead-host-object.json#/properties/certificate_id" + }, + "ssl_forced": { + "$ref": "../../../../components/dead-host-object.json#/properties/ssl_forced" + }, + "hsts_enabled": { + "$ref": "../../../../components/dead-host-object.json#/properties/hsts_enabled" + }, + "hsts_subdomains": { + "$ref": "../../../../components/dead-host-object.json#/properties/hsts_subdomains" + }, + "http2_support": { + "$ref": "../../../../components/dead-host-object.json#/properties/http2_support" + }, + "advanced_config": { + "$ref": "../../../../components/dead-host-object.json#/properties/advanced_config" + }, + "meta": { + "$ref": "../../../../components/dead-host-object.json#/properties/meta" + } + } + } + } + } + }, + "responses": { + "200": { + "description": "200 response", + "content": { + "application/json": { + "examples": { + "default": { + "value": { + "id": 1, + "created_on": "2024-10-09T01:38:52.000Z", + "modified_on": "2024-10-09T01:46:06.000Z", + "owner_user_id": 1, + "domain_names": ["test.example.com"], + "certificate_id": 0, + "ssl_forced": 0, + "advanced_config": "", + "meta": { + "nginx_online": true, + "nginx_err": null + }, + "http2_support": 0, + "enabled": 1, + "hsts_enabled": 0, + "hsts_subdomains": 0, + "owner": { + "id": 1, + "created_on": "2024-10-09T00:59:56.000Z", + "modified_on": "2024-10-09T00:59:56.000Z", + "is_deleted": 0, + "is_disabled": 0, + "email": "admin@example.com", + "name": "Administrator", + "nickname": "Admin", + "avatar": "", + "roles": ["admin"] + }, + "certificate": null, + "use_default_location": true, + "ipv6": true + } + } + }, + "schema": { + "$ref": "../../../../components/dead-host-object.json" + } + } + } + } + } +} diff --git a/backend/schema/paths/nginx/dead-hosts/post.json b/backend/schema/paths/nginx/dead-hosts/post.json new file mode 100644 index 000000000..b26174361 --- /dev/null +++ b/backend/schema/paths/nginx/dead-hosts/post.json @@ -0,0 +1,95 @@ +{ + "operationId": "create404Host", + "summary": "Create a 404 Host", + "tags": ["404 Hosts"], + "security": [ + { + "BearerAuth": ["dead_hosts"] + } + ], + "requestBody": { + "description": "404 Host Payload", + "required": true, + "content": { + "application/json": { + "schema": { + "type": "object", + "additionalProperties": false, + "required": ["domain_names"], + "properties": { + "domain_names": { + "$ref": "../../../components/dead-host-object.json#/properties/domain_names" + }, + "certificate_id": { + "$ref": "../../../components/dead-host-object.json#/properties/certificate_id" + }, + "ssl_forced": { + "$ref": "../../../components/dead-host-object.json#/properties/ssl_forced" + }, + "hsts_enabled": { + "$ref": "../../../components/dead-host-object.json#/properties/hsts_enabled" + }, + "hsts_subdomains": { + "$ref": "../../../components/dead-host-object.json#/properties/hsts_subdomains" + }, + "http2_support": { + "$ref": "../../../components/dead-host-object.json#/properties/http2_support" + }, + "advanced_config": { + "$ref": "../../../components/dead-host-object.json#/properties/advanced_config" + }, + "meta": { + "$ref": "../../../components/dead-host-object.json#/properties/meta" + } + } + } + } + } + }, + "responses": { + "201": { + "description": "201 response", + "content": { + "application/json": { + "examples": { + "default": { + "value": { + "id": 1, + "created_on": "2024-10-09T01:38:52.000Z", + "modified_on": "2024-10-09T01:38:52.000Z", + "owner_user_id": 1, + "domain_names": ["test.example.com"], + "certificate_id": 0, + "ssl_forced": 0, + "advanced_config": "", + "meta": {}, + "http2_support": 0, + "enabled": 1, + "hsts_enabled": 0, + "hsts_subdomains": 0, + "certificate": null, + "owner": { + "id": 1, + "created_on": "2024-10-09T00:59:56.000Z", + "modified_on": "2024-10-09T00:59:56.000Z", + "is_deleted": 0, + "is_disabled": 0, + "email": "admin@example.com", + "name": "Administrator", + "nickname": "Admin", + "avatar": "", + "roles": ["admin"] + }, + "use_default_location": true, + "ipv6": true + } + } + }, + "schema": { + "$ref": "../../../components/dead-host-object.json" + } + } + } + } + } +} diff --git a/backend/schema/paths/nginx/proxy-hosts/get.json b/backend/schema/paths/nginx/proxy-hosts/get.json new file mode 100644 index 000000000..9e9a7855b --- /dev/null +++ b/backend/schema/paths/nginx/proxy-hosts/get.json @@ -0,0 +1,65 @@ +{ + "operationId": "getProxyHosts", + "summary": "Get all proxy hosts", + "tags": ["Proxy Hosts"], + "security": [ + { + "BearerAuth": ["proxy_hosts"] + } + ], + "parameters": [ + { + "in": "query", + "name": "expand", + "description": "Expansions", + "schema": { + "type": "string", + "enum": ["access_list", "owner", "certificate"] + } + } + ], + "responses": { + "200": { + "description": "200 response", + "content": { + "application/json": { + "examples": { + "default": { + "value": [ + { + "id": 1, + "created_on": "2024-10-08T23:23:03.000Z", + "modified_on": "2024-10-08T23:23:04.000Z", + "owner_user_id": 1, + "domain_names": ["test.example.com"], + "forward_host": "127.0.0.1", + "forward_port": 8989, + "access_list_id": 0, + "certificate_id": 0, + "ssl_forced": 0, + "caching_enabled": 0, + "block_exploits": 0, + "advanced_config": "", + "meta": { + "nginx_online": true, + "nginx_err": null + }, + "allow_websocket_upgrade": 0, + "http2_support": 0, + "forward_scheme": "http", + "enabled": 1, + "locations": null, + "hsts_enabled": 0, + "hsts_subdomains": 0 + } + ] + } + }, + "schema": { + "$ref": "../../../components/proxy-host-list.json" + } + } + } + } + } +} diff --git a/backend/schema/paths/nginx/proxy-hosts/hostID/delete.json b/backend/schema/paths/nginx/proxy-hosts/hostID/delete.json new file mode 100644 index 000000000..991ef0e9e --- /dev/null +++ b/backend/schema/paths/nginx/proxy-hosts/hostID/delete.json @@ -0,0 +1,39 @@ +{ + "operationId": "deleteProxyHost", + "summary": "Delete a Proxy Host", + "tags": ["Proxy Hosts"], + "security": [ + { + "BearerAuth": ["proxy_hosts"] + } + ], + "parameters": [ + { + "in": "path", + "name": "hostID", + "schema": { + "type": "integer", + "minimum": 1 + }, + "required": true, + "example": 2 + } + ], + "responses": { + "200": { + "description": "200 response", + "content": { + "application/json": { + "examples": { + "default": { + "value": true + } + }, + "schema": { + "type": "boolean" + } + } + } + } + } +} diff --git a/backend/schema/paths/nginx/proxy-hosts/hostID/disable/post.json b/backend/schema/paths/nginx/proxy-hosts/hostID/disable/post.json new file mode 100644 index 000000000..1ff95e8f9 --- /dev/null +++ b/backend/schema/paths/nginx/proxy-hosts/hostID/disable/post.json @@ -0,0 +1,59 @@ +{ + "operationId": "disableProxyHost", + "summary": "Disable a Proxy Host", + "tags": ["Proxy Hosts"], + "security": [ + { + "BearerAuth": ["proxy_hosts"] + } + ], + "parameters": [ + { + "in": "path", + "name": "hostID", + "schema": { + "type": "integer", + "minimum": 1 + }, + "required": true, + "example": 2 + } + ], + "responses": { + "200": { + "description": "200 response", + "content": { + "application/json": { + "examples": { + "default": { + "value": true + } + }, + "schema": { + "type": "boolean" + } + } + } + }, + "400": { + "description": "400 response", + "content": { + "application/json": { + "examples": { + "default": { + "value": { + "error": { + "code": 400, + "message": "Host is already disabled" + } + } + } + }, + "schema": { + "$ref": "../../../../../components/error-object.json" + } + } + } + } + } +} diff --git a/backend/schema/paths/nginx/proxy-hosts/hostID/enable/post.json b/backend/schema/paths/nginx/proxy-hosts/hostID/enable/post.json new file mode 100644 index 000000000..3a5694b9c --- /dev/null +++ b/backend/schema/paths/nginx/proxy-hosts/hostID/enable/post.json @@ -0,0 +1,59 @@ +{ + "operationId": "enableProxyHost", + "summary": "Enable a Proxy Host", + "tags": ["Proxy Hosts"], + "security": [ + { + "BearerAuth": ["proxy_hosts"] + } + ], + "parameters": [ + { + "in": "path", + "name": "hostID", + "schema": { + "type": "integer", + "minimum": 1 + }, + "required": true, + "example": 2 + } + ], + "responses": { + "200": { + "description": "200 response", + "content": { + "application/json": { + "examples": { + "default": { + "value": true + } + }, + "schema": { + "type": "boolean" + } + } + } + }, + "400": { + "description": "400 response", + "content": { + "application/json": { + "examples": { + "default": { + "value": { + "error": { + "code": 400, + "message": "Host is already enabled" + } + } + } + }, + "schema": { + "$ref": "../../../../../components/error-object.json" + } + } + } + } + } +} diff --git a/backend/schema/paths/nginx/proxy-hosts/hostID/get.json b/backend/schema/paths/nginx/proxy-hosts/hostID/get.json new file mode 100644 index 000000000..250bf0326 --- /dev/null +++ b/backend/schema/paths/nginx/proxy-hosts/hostID/get.json @@ -0,0 +1,64 @@ +{ + "operationId": "getProxyHost", + "summary": "Get a Proxy Host", + "tags": ["Proxy Hosts"], + "security": [ + { + "BearerAuth": ["proxy_hosts"] + } + ], + "parameters": [ + { + "in": "path", + "name": "hostID", + "schema": { + "type": "integer", + "minimum": 1 + }, + "required": true, + "example": 1 + } + ], + "responses": { + "200": { + "description": "200 response", + "content": { + "application/json": { + "examples": { + "default": { + "value": { + "id": 1, + "created_on": "2024-10-08T23:23:03.000Z", + "modified_on": "2024-10-08T23:26:38.000Z", + "owner_user_id": 1, + "domain_names": ["test.example.com"], + "forward_host": "192.168.0.10", + "forward_port": 8989, + "access_list_id": 0, + "certificate_id": 0, + "ssl_forced": 0, + "caching_enabled": 0, + "block_exploits": 0, + "advanced_config": "", + "meta": { + "nginx_online": true, + "nginx_err": null + }, + "allow_websocket_upgrade": 0, + "http2_support": 0, + "forward_scheme": "http", + "enabled": 1, + "locations": null, + "hsts_enabled": 0, + "hsts_subdomains": 0 + } + } + }, + "schema": { + "$ref": "../../../../components/proxy-host-object.json" + } + } + } + } + } +} diff --git a/backend/schema/paths/nginx/proxy-hosts/hostID/put.json b/backend/schema/paths/nginx/proxy-hosts/hostID/put.json new file mode 100644 index 000000000..9028c6ac5 --- /dev/null +++ b/backend/schema/paths/nginx/proxy-hosts/hostID/put.json @@ -0,0 +1,145 @@ +{ + "operationId": "updateProxyHost", + "summary": "Update a Proxy Host", + "tags": ["Proxy Hosts"], + "security": [ + { + "BearerAuth": ["proxy_hosts"] + } + ], + "parameters": [ + { + "in": "path", + "name": "hostID", + "schema": { + "type": "integer", + "minimum": 1 + }, + "required": true, + "example": 2 + } + ], + "requestBody": { + "description": "Proxy Host Payload", + "required": true, + "content": { + "application/json": { + "schema": { + "type": "object", + "additionalProperties": false, + "minProperties": 1, + "properties": { + "domain_names": { + "$ref": "../../../../components/proxy-host-object.json#/properties/domain_names" + }, + "forward_scheme": { + "$ref": "../../../../components/proxy-host-object.json#/properties/forward_scheme" + }, + "forward_host": { + "$ref": "../../../../components/proxy-host-object.json#/properties/forward_host" + }, + "forward_port": { + "$ref": "../../../../components/proxy-host-object.json#/properties/forward_port" + }, + "certificate_id": { + "$ref": "../../../../components/proxy-host-object.json#/properties/certificate_id" + }, + "ssl_forced": { + "$ref": "../../../../components/proxy-host-object.json#/properties/ssl_forced" + }, + "hsts_enabled": { + "$ref": "../../../../components/proxy-host-object.json#/properties/hsts_enabled" + }, + "hsts_subdomains": { + "$ref": "../../../../components/proxy-host-object.json#/properties/hsts_subdomains" + }, + "http2_support": { + "$ref": "../../../../components/proxy-host-object.json#/properties/http2_support" + }, + "block_exploits": { + "$ref": "../../../../components/proxy-host-object.json#/properties/block_exploits" + }, + "caching_enabled": { + "$ref": "../../../../components/proxy-host-object.json#/properties/caching_enabled" + }, + "allow_websocket_upgrade": { + "$ref": "../../../../components/proxy-host-object.json#/properties/allow_websocket_upgrade" + }, + "access_list_id": { + "$ref": "../../../../components/proxy-host-object.json#/properties/access_list_id" + }, + "advanced_config": { + "$ref": "../../../../components/proxy-host-object.json#/properties/advanced_config" + }, + "enabled": { + "$ref": "../../../../components/proxy-host-object.json#/properties/enabled" + }, + "meta": { + "$ref": "../../../../components/proxy-host-object.json#/properties/meta" + }, + "locations": { + "$ref": "../../../../components/proxy-host-object.json#/properties/locations" + } + } + } + } + } + }, + "responses": { + "200": { + "description": "200 response", + "content": { + "application/json": { + "examples": { + "default": { + "value": { + "id": 1, + "created_on": "2024-10-08T23:23:03.000Z", + "modified_on": "2024-10-08T23:26:37.000Z", + "owner_user_id": 1, + "domain_names": ["test.example.com"], + "forward_host": "192.168.0.10", + "forward_port": 8989, + "access_list_id": 0, + "certificate_id": 0, + "ssl_forced": 0, + "caching_enabled": 0, + "block_exploits": 0, + "advanced_config": "", + "meta": { + "nginx_online": true, + "nginx_err": null + }, + "allow_websocket_upgrade": 0, + "http2_support": 0, + "forward_scheme": "http", + "enabled": 1, + "hsts_enabled": 0, + "hsts_subdomains": 0, + "owner": { + "id": 1, + "created_on": "2024-10-07T22:43:55.000Z", + "modified_on": "2024-10-08T12:52:54.000Z", + "is_deleted": 0, + "is_disabled": 0, + "email": "admin@example.com", + "name": "Administrator", + "nickname": "some guy", + "avatar": "//www.gravatar.com/avatar/e64c7d89f26bd1972efa854d13d7dd61?default=mm", + "roles": ["admin"] + }, + "certificate": null, + "access_list": null, + "use_default_location": true, + "ipv6": true + } + } + }, + "schema": { + "$ref": "../../../../components/proxy-host-object.json" + } + } + } + } + } +} diff --git a/backend/schema/paths/nginx/proxy-hosts/post.json b/backend/schema/paths/nginx/proxy-hosts/post.json new file mode 100644 index 000000000..5f61ff4c0 --- /dev/null +++ b/backend/schema/paths/nginx/proxy-hosts/post.json @@ -0,0 +1,130 @@ +{ + "operationId": "createProxyHost", + "summary": "Create a Proxy Host", + "tags": ["Proxy Hosts"], + "security": [ + { + "BearerAuth": ["proxy_hosts"] + } + ], + "requestBody": { + "description": "Proxy Host Payload", + "required": true, + "content": { + "application/json": { + "schema": { + "type": "object", + "additionalProperties": false, + "required": ["domain_names", "forward_scheme", "forward_host", "forward_port"], + "properties": { + "domain_names": { + "$ref": "../../../components/proxy-host-object.json#/properties/domain_names" + }, + "forward_scheme": { + "$ref": "../../../components/proxy-host-object.json#/properties/forward_scheme" + }, + "forward_host": { + "$ref": "../../../components/proxy-host-object.json#/properties/forward_host" + }, + "forward_port": { + "$ref": "../../../components/proxy-host-object.json#/properties/forward_port" + }, + "certificate_id": { + "$ref": "../../../components/proxy-host-object.json#/properties/certificate_id" + }, + "ssl_forced": { + "$ref": "../../../components/proxy-host-object.json#/properties/ssl_forced" + }, + "hsts_enabled": { + "$ref": "../../../components/proxy-host-object.json#/properties/hsts_enabled" + }, + "hsts_subdomains": { + "$ref": "../../../components/proxy-host-object.json#/properties/hsts_subdomains" + }, + "http2_support": { + "$ref": "../../../components/proxy-host-object.json#/properties/http2_support" + }, + "block_exploits": { + "$ref": "../../../components/proxy-host-object.json#/properties/block_exploits" + }, + "caching_enabled": { + "$ref": "../../../components/proxy-host-object.json#/properties/caching_enabled" + }, + "allow_websocket_upgrade": { + "$ref": "../../../components/proxy-host-object.json#/properties/allow_websocket_upgrade" + }, + "access_list_id": { + "$ref": "../../../components/proxy-host-object.json#/properties/access_list_id" + }, + "advanced_config": { + "$ref": "../../../components/proxy-host-object.json#/properties/advanced_config" + }, + "enabled": { + "$ref": "../../../components/proxy-host-object.json#/properties/enabled" + }, + "meta": { + "$ref": "../../../components/proxy-host-object.json#/properties/meta" + }, + "locations": { + "$ref": "../../../components/proxy-host-object.json#/properties/locations" + } + } + } + } + } + }, + "responses": { + "201": { + "description": "201 response", + "content": { + "application/json": { + "examples": { + "default": { + "value": { + "id": 1, + "created_on": "2024-10-08T23:23:03.000Z", + "modified_on": "2024-10-08T23:23:03.000Z", + "owner_user_id": 1, + "domain_names": ["test.example.com"], + "forward_host": "127.0.0.1", + "forward_port": 8989, + "access_list_id": 0, + "certificate_id": 0, + "ssl_forced": 0, + "caching_enabled": 0, + "block_exploits": 0, + "advanced_config": "", + "meta": {}, + "allow_websocket_upgrade": 0, + "http2_support": 0, + "forward_scheme": "http", + "enabled": 1, + "hsts_enabled": 0, + "hsts_subdomains": 0, + "certificate": null, + "owner": { + "id": 1, + "created_on": "2024-10-07T22:43:55.000Z", + "modified_on": "2024-10-08T12:52:54.000Z", + "is_deleted": 0, + "is_disabled": 0, + "email": "admin@example.com", + "name": "Administrator", + "nickname": "some guy", + "avatar": "//www.gravatar.com/avatar/e64c7d89f26bd1972efa854d13d7dd61?default=mm", + "roles": ["admin"] + }, + "access_list": null, + "use_default_location": true, + "ipv6": true + } + } + }, + "schema": { + "$ref": "../../../components/proxy-host-object.json" + } + } + } + } + } +} diff --git a/backend/schema/paths/nginx/redirection-hosts/get.json b/backend/schema/paths/nginx/redirection-hosts/get.json new file mode 100644 index 000000000..24adbc78d --- /dev/null +++ b/backend/schema/paths/nginx/redirection-hosts/get.json @@ -0,0 +1,62 @@ +{ + "operationId": "getRedirectionHosts", + "summary": "Get all Redirection hosts", + "tags": ["Redirection Hosts"], + "security": [ + { + "BearerAuth": ["redirection_hosts"] + } + ], + "parameters": [ + { + "in": "query", + "name": "expand", + "description": "Expansions", + "schema": { + "type": "string", + "enum": ["owner", "certificate"] + } + } + ], + "responses": { + "200": { + "description": "200 response", + "content": { + "application/json": { + "examples": { + "default": { + "value": [ + { + "id": 1, + "created_on": "2024-10-09T01:13:12.000Z", + "modified_on": "2024-10-09T01:13:13.000Z", + "owner_user_id": 1, + "domain_names": ["test.example.com"], + "forward_domain_name": "something-else.com", + "preserve_path": 0, + "certificate_id": 0, + "ssl_forced": 0, + "block_exploits": 0, + "advanced_config": "", + "meta": { + "nginx_online": true, + "nginx_err": null + }, + "http2_support": 0, + "enabled": 1, + "hsts_enabled": 0, + "hsts_subdomains": 0, + "forward_scheme": "http", + "forward_http_code": 301 + } + ] + } + }, + "schema": { + "$ref": "../../../components/redirection-host-list.json" + } + } + } + } + } +} diff --git a/backend/schema/paths/nginx/redirection-hosts/hostID/delete.json b/backend/schema/paths/nginx/redirection-hosts/hostID/delete.json new file mode 100644 index 000000000..7330f3623 --- /dev/null +++ b/backend/schema/paths/nginx/redirection-hosts/hostID/delete.json @@ -0,0 +1,39 @@ +{ + "operationId": "deleteRedirectionHost", + "summary": "Delete a Redirection Host", + "tags": ["Redirection Hosts"], + "security": [ + { + "BearerAuth": ["redirection_hosts"] + } + ], + "parameters": [ + { + "in": "path", + "name": "hostID", + "schema": { + "type": "integer", + "minimum": 1 + }, + "required": true, + "example": 2 + } + ], + "responses": { + "200": { + "description": "200 response", + "content": { + "application/json": { + "examples": { + "default": { + "value": true + } + }, + "schema": { + "type": "boolean" + } + } + } + } + } +} diff --git a/backend/schema/paths/nginx/redirection-hosts/hostID/disable/post.json b/backend/schema/paths/nginx/redirection-hosts/hostID/disable/post.json new file mode 100644 index 000000000..7531ac36b --- /dev/null +++ b/backend/schema/paths/nginx/redirection-hosts/hostID/disable/post.json @@ -0,0 +1,59 @@ +{ + "operationId": "disableRedirectionHost", + "summary": "Disable a Redirection Host", + "tags": ["Redirection Hosts"], + "security": [ + { + "BearerAuth": ["redirection_hosts"] + } + ], + "parameters": [ + { + "in": "path", + "name": "hostID", + "schema": { + "type": "integer", + "minimum": 1 + }, + "required": true, + "example": 2 + } + ], + "responses": { + "200": { + "description": "200 response", + "content": { + "application/json": { + "examples": { + "default": { + "value": true + } + }, + "schema": { + "type": "boolean" + } + } + } + }, + "400": { + "description": "400 response", + "content": { + "application/json": { + "examples": { + "default": { + "value": { + "error": { + "code": 400, + "message": "Host is already disabled" + } + } + } + }, + "schema": { + "$ref": "../../../../../components/error-object.json" + } + } + } + } + } +} diff --git a/backend/schema/paths/nginx/redirection-hosts/hostID/enable/post.json b/backend/schema/paths/nginx/redirection-hosts/hostID/enable/post.json new file mode 100644 index 000000000..60f4fafd6 --- /dev/null +++ b/backend/schema/paths/nginx/redirection-hosts/hostID/enable/post.json @@ -0,0 +1,59 @@ +{ + "operationId": "enableRedirectionHost", + "summary": "Enable a Redirection Host", + "tags": ["Redirection Hosts"], + "security": [ + { + "BearerAuth": ["redirection_hosts"] + } + ], + "parameters": [ + { + "in": "path", + "name": "hostID", + "schema": { + "type": "integer", + "minimum": 1 + }, + "required": true, + "example": 2 + } + ], + "responses": { + "200": { + "description": "200 response", + "content": { + "application/json": { + "examples": { + "default": { + "value": true + } + }, + "schema": { + "type": "boolean" + } + } + } + }, + "400": { + "description": "400 response", + "content": { + "application/json": { + "examples": { + "default": { + "value": { + "error": { + "code": 400, + "message": "Host is already enabled" + } + } + } + }, + "schema": { + "$ref": "../../../../../components/error-object.json" + } + } + } + } + } +} diff --git a/backend/schema/paths/nginx/redirection-hosts/hostID/get.json b/backend/schema/paths/nginx/redirection-hosts/hostID/get.json new file mode 100644 index 000000000..f20ff296c --- /dev/null +++ b/backend/schema/paths/nginx/redirection-hosts/hostID/get.json @@ -0,0 +1,61 @@ +{ + "operationId": "getRedirectionHost", + "summary": "Get a Redirection Host", + "tags": ["Redirection Hosts"], + "security": [ + { + "BearerAuth": ["redirection_hosts"] + } + ], + "parameters": [ + { + "in": "path", + "name": "hostID", + "schema": { + "type": "integer", + "minimum": 1 + }, + "required": true, + "example": 1 + } + ], + "responses": { + "200": { + "description": "200 response", + "content": { + "application/json": { + "examples": { + "default": { + "value": { + "id": 1, + "created_on": "2024-10-09T01:13:12.000Z", + "modified_on": "2024-10-09T01:13:13.000Z", + "owner_user_id": 1, + "domain_names": ["test.example.com"], + "forward_domain_name": "something-else.com", + "preserve_path": 0, + "certificate_id": 0, + "ssl_forced": 0, + "block_exploits": 0, + "advanced_config": "", + "meta": { + "nginx_online": true, + "nginx_err": null + }, + "http2_support": 0, + "enabled": 1, + "hsts_enabled": 0, + "hsts_subdomains": 0, + "forward_scheme": "http", + "forward_http_code": 301 + } + } + }, + "schema": { + "$ref": "../../../../components/redirection-host-object.json" + } + } + } + } + } +} diff --git a/backend/schema/paths/nginx/redirection-hosts/hostID/put.json b/backend/schema/paths/nginx/redirection-hosts/hostID/put.json new file mode 100644 index 000000000..3ee97947c --- /dev/null +++ b/backend/schema/paths/nginx/redirection-hosts/hostID/put.json @@ -0,0 +1,130 @@ +{ + "operationId": "updateRedirectionHost", + "summary": "Update a Redirection Host", + "tags": ["Redirection Hosts"], + "security": [ + { + "BearerAuth": ["redirection_hosts"] + } + ], + "parameters": [ + { + "in": "path", + "name": "hostID", + "schema": { + "type": "integer", + "minimum": 1 + }, + "required": true, + "example": 2 + } + ], + "requestBody": { + "description": "Redirection Host Payload", + "required": true, + "content": { + "application/json": { + "schema": { + "type": "object", + "additionalProperties": false, + "minProperties": 1, + "properties": { + "domain_names": { + "$ref": "../../../../components/redirection-host-object.json#/properties/domain_names" + }, + "forward_http_code": { + "$ref": "../../../../components/redirection-host-object.json#/properties/forward_http_code" + }, + "forward_scheme": { + "$ref": "../../../../components/redirection-host-object.json#/properties/forward_scheme" + }, + "forward_domain_name": { + "$ref": "../../../../components/redirection-host-object.json#/properties/forward_domain_name" + }, + "preserve_path": { + "$ref": "../../../../components/redirection-host-object.json#/properties/preserve_path" + }, + "certificate_id": { + "$ref": "../../../../components/redirection-host-object.json#/properties/certificate_id" + }, + "ssl_forced": { + "$ref": "../../../../components/redirection-host-object.json#/properties/ssl_forced" + }, + "hsts_enabled": { + "$ref": "../../../../components/redirection-host-object.json#/properties/hsts_enabled" + }, + "hsts_subdomains": { + "$ref": "../../../../components/redirection-host-object.json#/properties/hsts_subdomains" + }, + "http2_support": { + "$ref": "../../../../components/redirection-host-object.json#/properties/http2_support" + }, + "block_exploits": { + "$ref": "../../../../components/redirection-host-object.json#/properties/block_exploits" + }, + "advanced_config": { + "$ref": "../../../../components/redirection-host-object.json#/properties/advanced_config" + }, + "meta": { + "$ref": "../../../../components/redirection-host-object.json#/properties/meta" + } + } + } + } + } + }, + "responses": { + "200": { + "description": "200 response", + "content": { + "application/json": { + "examples": { + "default": { + "value": { + "id": 1, + "created_on": "2024-10-09T01:13:12.000Z", + "modified_on": "2024-10-09T01:18:11.000Z", + "owner_user_id": 1, + "domain_names": ["test.example.com"], + "forward_domain_name": "something-else.com", + "preserve_path": 0, + "certificate_id": 0, + "ssl_forced": 0, + "block_exploits": 0, + "advanced_config": "", + "meta": { + "nginx_online": true, + "nginx_err": null + }, + "http2_support": 0, + "enabled": 1, + "hsts_enabled": 0, + "hsts_subdomains": 0, + "forward_scheme": "http", + "forward_http_code": 301, + "owner": { + "id": 1, + "created_on": "2024-10-09T00:59:56.000Z", + "modified_on": "2024-10-09T00:59:56.000Z", + "is_deleted": 0, + "is_disabled": 0, + "email": "admin@example.com", + "name": "Administrator", + "nickname": "Admin", + "avatar": "", + "roles": ["admin"] + }, + "certificate": null, + "use_default_location": true, + "ipv6": true + } + } + }, + "schema": { + "$ref": "../../../../components/redirection-host-object.json" + } + } + } + } + } +} diff --git a/backend/schema/paths/nginx/redirection-hosts/post.json b/backend/schema/paths/nginx/redirection-hosts/post.json new file mode 100644 index 000000000..e8d2fa17b --- /dev/null +++ b/backend/schema/paths/nginx/redirection-hosts/post.json @@ -0,0 +1,115 @@ +{ + "operationId": "createRedirectionHost", + "summary": "Create a Redirection Host", + "tags": ["Redirection Hosts"], + "security": [ + { + "BearerAuth": ["redirection_hosts"] + } + ], + "requestBody": { + "description": "Redirection Host Payload", + "required": true, + "content": { + "application/json": { + "schema": { + "type": "object", + "additionalProperties": false, + "required": ["domain_names", "forward_scheme", "forward_http_code", "forward_domain_name"], + "properties": { + "domain_names": { + "$ref": "../../../components/redirection-host-object.json#/properties/domain_names" + }, + "forward_http_code": { + "$ref": "../../../components/redirection-host-object.json#/properties/forward_http_code" + }, + "forward_scheme": { + "$ref": "../../../components/redirection-host-object.json#/properties/forward_scheme" + }, + "forward_domain_name": { + "$ref": "../../../components/redirection-host-object.json#/properties/forward_domain_name" + }, + "preserve_path": { + "$ref": "../../../components/redirection-host-object.json#/properties/preserve_path" + }, + "certificate_id": { + "$ref": "../../../components/redirection-host-object.json#/properties/certificate_id" + }, + "ssl_forced": { + "$ref": "../../../components/redirection-host-object.json#/properties/ssl_forced" + }, + "hsts_enabled": { + "$ref": "../../../components/redirection-host-object.json#/properties/hsts_enabled" + }, + "hsts_subdomains": { + "$ref": "../../../components/redirection-host-object.json#/properties/hsts_subdomains" + }, + "http2_support": { + "$ref": "../../../components/redirection-host-object.json#/properties/http2_support" + }, + "block_exploits": { + "$ref": "../../../components/redirection-host-object.json#/properties/block_exploits" + }, + "advanced_config": { + "$ref": "../../../components/redirection-host-object.json#/properties/advanced_config" + }, + "meta": { + "$ref": "../../../components/redirection-host-object.json#/properties/meta" + } + } + } + } + } + }, + "responses": { + "201": { + "description": "201 response", + "content": { + "application/json": { + "examples": { + "default": { + "value": { + "id": 1, + "created_on": "2024-10-09T01:13:12.000Z", + "modified_on": "2024-10-09T01:13:12.000Z", + "owner_user_id": 1, + "domain_names": ["test.example.com"], + "forward_domain_name": "something-else.com", + "preserve_path": 0, + "certificate_id": 0, + "ssl_forced": 0, + "block_exploits": 0, + "advanced_config": "", + "meta": {}, + "http2_support": 0, + "enabled": 1, + "hsts_enabled": 0, + "hsts_subdomains": 0, + "forward_scheme": "http", + "forward_http_code": 301, + "certificate": null, + "owner": { + "id": 1, + "created_on": "2024-10-09T00:59:56.000Z", + "modified_on": "2024-10-09T00:59:56.000Z", + "is_deleted": 0, + "is_disabled": 0, + "email": "admin@example.com", + "name": "Administrator", + "nickname": "Admin", + "avatar": "", + "roles": ["admin"] + }, + "use_default_location": true, + "ipv6": true + } + } + }, + "schema": { + "$ref": "../../../components/redirection-host-object.json" + } + } + } + } + } +} diff --git a/backend/schema/paths/nginx/streams/get.json b/backend/schema/paths/nginx/streams/get.json new file mode 100644 index 000000000..5ea97ce39 --- /dev/null +++ b/backend/schema/paths/nginx/streams/get.json @@ -0,0 +1,55 @@ +{ + "operationId": "getStreams", + "summary": "Get all streams", + "tags": ["Streams"], + "security": [ + { + "BearerAuth": ["streams"] + } + ], + "parameters": [ + { + "in": "query", + "name": "expand", + "description": "Expansions", + "schema": { + "type": "string", + "enum": ["access_list", "owner", "certificate"] + } + } + ], + "responses": { + "200": { + "description": "200 response", + "content": { + "application/json": { + "examples": { + "default": { + "value": [ + { + "id": 1, + "created_on": "2024-10-09T02:33:45.000Z", + "modified_on": "2024-10-09T02:33:45.000Z", + "owner_user_id": 1, + "incoming_port": 9090, + "forwarding_host": "router.internal", + "forwarding_port": 80, + "tcp_forwarding": 0, + "udp_forwarding": 0, + "meta": { + "nginx_online": true, + "nginx_err": null + }, + "enabled": 1 + } + ] + } + }, + "schema": { + "$ref": "../../../components/stream-list.json" + } + } + } + } + } +} diff --git a/backend/schema/paths/nginx/streams/post.json b/backend/schema/paths/nginx/streams/post.json new file mode 100644 index 000000000..0610a7273 --- /dev/null +++ b/backend/schema/paths/nginx/streams/post.json @@ -0,0 +1,87 @@ +{ + "operationId": "createStream", + "summary": "Create a Stream", + "tags": ["Streams"], + "security": [ + { + "BearerAuth": ["streams"] + } + ], + "requestBody": { + "description": "Stream Payload", + "required": true, + "content": { + "application/json": { + "schema": { + "type": "object", + "additionalProperties": false, + "required": ["incoming_port", "forwarding_host", "forwarding_port"], + "properties": { + "incoming_port": { + "$ref": "../../../components/stream-object.json#/properties/incoming_port" + }, + "forwarding_host": { + "$ref": "../../../components/stream-object.json#/properties/forwarding_host" + }, + "forwarding_port": { + "$ref": "../../../components/stream-object.json#/properties/forwarding_port" + }, + "tcp_forwarding": { + "$ref": "../../../components/stream-object.json#/properties/tcp_forwarding" + }, + "udp_forwarding": { + "$ref": "../../../components/stream-object.json#/properties/udp_forwarding" + }, + "meta": { + "$ref": "../../../components/stream-object.json#/properties/meta" + } + } + } + } + } + }, + "responses": { + "201": { + "description": "201 response", + "content": { + "application/json": { + "examples": { + "default": { + "value": { + "id": 1, + "created_on": "2024-10-09T02:33:45.000Z", + "modified_on": "2024-10-09T02:33:45.000Z", + "owner_user_id": 1, + "incoming_port": 9090, + "forwarding_host": "router.internal", + "forwarding_port": 80, + "tcp_forwarding": 0, + "udp_forwarding": 0, + "meta": { + "nginx_online": true, + "nginx_err": null + }, + "enabled": 1, + "owner": { + "id": 1, + "created_on": "2024-10-09T02:33:16.000Z", + "modified_on": "2024-10-09T02:33:16.000Z", + "is_deleted": 0, + "is_disabled": 0, + "email": "admin@example.com", + "name": "Administrator", + "nickname": "Admin", + "avatar": "", + "roles": ["admin"] + } + } + } + }, + "schema": { + "$ref": "../../../components/stream-object.json" + } + } + } + } + } +} diff --git a/backend/schema/paths/nginx/streams/streamID/delete.json b/backend/schema/paths/nginx/streams/streamID/delete.json new file mode 100644 index 000000000..3a9685258 --- /dev/null +++ b/backend/schema/paths/nginx/streams/streamID/delete.json @@ -0,0 +1,39 @@ +{ + "operationId": "deleteStream", + "summary": "Delete a Stream", + "tags": ["Streams"], + "security": [ + { + "BearerAuth": ["streams"] + } + ], + "parameters": [ + { + "in": "path", + "name": "streamID", + "schema": { + "type": "integer", + "minimum": 1 + }, + "required": true, + "example": 2 + } + ], + "responses": { + "200": { + "description": "200 response", + "content": { + "application/json": { + "examples": { + "default": { + "value": true + } + }, + "schema": { + "type": "boolean" + } + } + } + } + } +} diff --git a/backend/schema/paths/nginx/streams/streamID/disable/post.json b/backend/schema/paths/nginx/streams/streamID/disable/post.json new file mode 100644 index 000000000..91c58bb80 --- /dev/null +++ b/backend/schema/paths/nginx/streams/streamID/disable/post.json @@ -0,0 +1,59 @@ +{ + "operationId": "disableStream", + "summary": "Disable a Stream", + "tags": ["Streams"], + "security": [ + { + "BearerAuth": ["streams"] + } + ], + "parameters": [ + { + "in": "path", + "name": "streamID", + "schema": { + "type": "integer", + "minimum": 1 + }, + "required": true, + "example": 2 + } + ], + "responses": { + "200": { + "description": "200 response", + "content": { + "application/json": { + "examples": { + "default": { + "value": true + } + }, + "schema": { + "type": "boolean" + } + } + } + }, + "400": { + "description": "400 response", + "content": { + "application/json": { + "examples": { + "default": { + "value": { + "error": { + "code": 400, + "message": "Host is already disabled" + } + } + } + }, + "schema": { + "$ref": "../../../../../components/error-object.json" + } + } + } + } + } +} diff --git a/backend/schema/paths/nginx/streams/streamID/enable/post.json b/backend/schema/paths/nginx/streams/streamID/enable/post.json new file mode 100644 index 000000000..b14a86f86 --- /dev/null +++ b/backend/schema/paths/nginx/streams/streamID/enable/post.json @@ -0,0 +1,59 @@ +{ + "operationId": "enableStream", + "summary": "Enable a Stream", + "tags": ["Streams"], + "security": [ + { + "BearerAuth": ["streams"] + } + ], + "parameters": [ + { + "in": "path", + "name": "streamID", + "schema": { + "type": "integer", + "minimum": 1 + }, + "required": true, + "example": 2 + } + ], + "responses": { + "200": { + "description": "200 response", + "content": { + "application/json": { + "examples": { + "default": { + "value": true + } + }, + "schema": { + "type": "boolean" + } + } + } + }, + "400": { + "description": "400 response", + "content": { + "application/json": { + "examples": { + "default": { + "value": { + "error": { + "code": 400, + "message": "Host is already enabled" + } + } + } + }, + "schema": { + "$ref": "../../../../../components/error-object.json" + } + } + } + } + } +} diff --git a/backend/schema/paths/nginx/streams/streamID/get.json b/backend/schema/paths/nginx/streams/streamID/get.json new file mode 100644 index 000000000..a3371e8b8 --- /dev/null +++ b/backend/schema/paths/nginx/streams/streamID/get.json @@ -0,0 +1,54 @@ +{ + "operationId": "getStream", + "summary": "Get a Stream", + "tags": ["Streams"], + "security": [ + { + "BearerAuth": ["streams"] + } + ], + "parameters": [ + { + "in": "path", + "name": "streamID", + "schema": { + "type": "integer", + "minimum": 1 + }, + "required": true, + "example": 2 + } + ], + "responses": { + "200": { + "description": "200 response", + "content": { + "application/json": { + "examples": { + "default": { + "value": { + "id": 1, + "created_on": "2024-10-09T02:33:45.000Z", + "modified_on": "2024-10-09T02:33:45.000Z", + "owner_user_id": 1, + "incoming_port": 9090, + "forwarding_host": "router.internal", + "forwarding_port": 80, + "tcp_forwarding": 0, + "udp_forwarding": 0, + "meta": { + "nginx_online": true, + "nginx_err": null + }, + "enabled": 1 + } + } + }, + "schema": { + "$ref": "../../../../components/stream-object.json" + } + } + } + } + } +} diff --git a/backend/schema/paths/nginx/streams/streamID/put.json b/backend/schema/paths/nginx/streams/streamID/put.json new file mode 100644 index 000000000..cb85a6917 --- /dev/null +++ b/backend/schema/paths/nginx/streams/streamID/put.json @@ -0,0 +1,145 @@ +{ + "operationId": "updateStream", + "summary": "Update a Stream", + "tags": ["Streams"], + "security": [ + { + "BearerAuth": ["streams"] + } + ], + "parameters": [ + { + "in": "path", + "name": "streamID", + "schema": { + "type": "integer", + "minimum": 1 + }, + "required": true, + "example": 2 + } + ], + "requestBody": { + "description": "Stream Payload", + "required": true, + "content": { + "application/json": { + "schema": { + "type": "object", + "additionalProperties": false, + "minProperties": 1, + "properties": { + "domain_names": { + "$ref": "../../../../components/proxy-host-object.json#/properties/domain_names" + }, + "forward_scheme": { + "$ref": "../../../../components/proxy-host-object.json#/properties/forward_scheme" + }, + "forward_host": { + "$ref": "../../../../components/proxy-host-object.json#/properties/forward_host" + }, + "forward_port": { + "$ref": "../../../../components/proxy-host-object.json#/properties/forward_port" + }, + "certificate_id": { + "$ref": "../../../../components/proxy-host-object.json#/properties/certificate_id" + }, + "ssl_forced": { + "$ref": "../../../../components/proxy-host-object.json#/properties/ssl_forced" + }, + "hsts_enabled": { + "$ref": "../../../../components/proxy-host-object.json#/properties/hsts_enabled" + }, + "hsts_subdomains": { + "$ref": "../../../../components/proxy-host-object.json#/properties/hsts_subdomains" + }, + "http2_support": { + "$ref": "../../../../components/proxy-host-object.json#/properties/http2_support" + }, + "block_exploits": { + "$ref": "../../../../components/proxy-host-object.json#/properties/block_exploits" + }, + "caching_enabled": { + "$ref": "../../../../components/proxy-host-object.json#/properties/caching_enabled" + }, + "allow_websocket_upgrade": { + "$ref": "../../../../components/proxy-host-object.json#/properties/allow_websocket_upgrade" + }, + "access_list_id": { + "$ref": "../../../../components/proxy-host-object.json#/properties/access_list_id" + }, + "advanced_config": { + "$ref": "../../../../components/proxy-host-object.json#/properties/advanced_config" + }, + "enabled": { + "$ref": "../../../../components/proxy-host-object.json#/properties/enabled" + }, + "meta": { + "$ref": "../../../../components/proxy-host-object.json#/properties/meta" + }, + "locations": { + "$ref": "../../../../components/proxy-host-object.json#/properties/locations" + } + } + } + } + } + }, + "responses": { + "200": { + "description": "200 response", + "content": { + "application/json": { + "examples": { + "default": { + "value": { + "id": 1, + "created_on": "2024-10-08T23:23:03.000Z", + "modified_on": "2024-10-08T23:26:37.000Z", + "owner_user_id": 1, + "domain_names": ["test.example.com"], + "forward_host": "192.168.0.10", + "forward_port": 8989, + "access_list_id": 0, + "certificate_id": 0, + "ssl_forced": 0, + "caching_enabled": 0, + "block_exploits": 0, + "advanced_config": "", + "meta": { + "nginx_online": true, + "nginx_err": null + }, + "allow_websocket_upgrade": 0, + "http2_support": 0, + "forward_scheme": "http", + "enabled": 1, + "hsts_enabled": 0, + "hsts_subdomains": 0, + "owner": { + "id": 1, + "created_on": "2024-10-07T22:43:55.000Z", + "modified_on": "2024-10-08T12:52:54.000Z", + "is_deleted": 0, + "is_disabled": 0, + "email": "admin@example.com", + "name": "Administrator", + "nickname": "some guy", + "avatar": "//www.gravatar.com/avatar/e64c7d89f26bd1972efa854d13d7dd61?default=mm", + "roles": ["admin"] + }, + "certificate": null, + "access_list": null, + "use_default_location": true, + "ipv6": true + } + } + }, + "schema": { + "$ref": "../../../../components/stream-object.json" + } + } + } + } + } +} diff --git a/backend/schema/paths/reports/hosts/get.json b/backend/schema/paths/reports/hosts/get.json new file mode 100644 index 000000000..a40ddc723 --- /dev/null +++ b/backend/schema/paths/reports/hosts/get.json @@ -0,0 +1,50 @@ +{ + "operationId": "reportsHosts", + "summary": "Report on Host Statistics", + "tags": ["Reports"], + "security": [ + { + "BearerAuth": ["reports"] + } + ], + "responses": { + "200": { + "description": "200 response", + "content": { + "application/json": { + "examples": { + "default": { + "value": { + "proxy": 20, + "redirection": 1, + "stream": 0, + "dead": 1 + } + } + }, + "schema": { + "type": "object", + "properties": { + "proxy": { + "type": "integer", + "description": "Proxy Hosts Count" + }, + "redirection": { + "type": "integer", + "description": "Redirection Hosts Count" + }, + "stream": { + "type": "integer", + "description": "Streams Count" + }, + "dead": { + "type": "integer", + "description": "404 Hosts Count" + } + } + } + } + } + } + } +} diff --git a/backend/schema/paths/schema/get.json b/backend/schema/paths/schema/get.json new file mode 100644 index 000000000..d435b0042 --- /dev/null +++ b/backend/schema/paths/schema/get.json @@ -0,0 +1,10 @@ +{ + "operationId": "schema", + "summary": "Returns this swagger API schema", + "tags": ["Public"], + "responses": { + "200": { + "description": "200 response" + } + } +} diff --git a/backend/schema/paths/settings/get.json b/backend/schema/paths/settings/get.json new file mode 100644 index 000000000..5d148d8af --- /dev/null +++ b/backend/schema/paths/settings/get.json @@ -0,0 +1,35 @@ +{ + "operationId": "getSettings", + "summary": "Get all settings", + "tags": ["Settings"], + "security": [ + { + "BearerAuth": ["settings"] + } + ], + "responses": { + "200": { + "description": "200 response", + "content": { + "application/json": { + "examples": { + "default": { + "value": [ + { + "id": "default-site", + "name": "Default Site", + "description": "What to show when Nginx is hit with an unknown Host", + "value": "congratulations", + "meta": {} + } + ] + } + }, + "schema": { + "$ref": "../../components/setting-list.json" + } + } + } + } + } +} diff --git a/backend/schema/paths/settings/settingID/get.json b/backend/schema/paths/settings/settingID/get.json new file mode 100644 index 000000000..405b976d2 --- /dev/null +++ b/backend/schema/paths/settings/settingID/get.json @@ -0,0 +1,46 @@ +{ + "operationId": "getSetting", + "summary": "Get a setting", + "tags": ["Settings"], + "security": [ + { + "BearerAuth": ["settings"] + } + ], + "parameters": [ + { + "in": "path", + "name": "settingID", + "schema": { + "type": "string", + "minLength": 1 + }, + "required": true, + "description": "Setting ID", + "example": "default-site" + } + ], + "responses": { + "200": { + "description": "200 response", + "content": { + "application/json": { + "examples": { + "default": { + "value": { + "id": "default-site", + "name": "Default Site", + "description": "What to show when Nginx is hit with an unknown Host", + "value": "congratulations", + "meta": {} + } + } + }, + "schema": { + "$ref": "../../../components/setting-object.json" + } + } + } + } + } +} diff --git a/backend/schema/paths/settings/settingID/put.json b/backend/schema/paths/settings/settingID/put.json new file mode 100644 index 000000000..5888ec056 --- /dev/null +++ b/backend/schema/paths/settings/settingID/put.json @@ -0,0 +1,67 @@ +{ + "operationId": "updateSetting", + "summary": "Update a setting", + "tags": ["Settings"], + "security": [ + { + "BearerAuth": ["settings"] + } + ], + "parameters": [ + { + "in": "path", + "name": "settingID", + "schema": { + "type": "string", + "minLength": 1 + }, + "required": true, + "description": "Setting ID", + "example": "default-site" + } + ], + "requestBody": { + "description": "Setting Payload", + "required": true, + "content": { + "application/json": { + "schema": { + "type": "object", + "additionalProperties": false, + "minProperties": 1, + "properties": { + "value": { + "$ref": "../../../components/setting-object.json#/properties/value" + }, + "meta": { + "$ref": "../../../components/setting-object.json#/properties/meta" + } + } + } + } + } + }, + "responses": { + "200": { + "description": "200 response", + "content": { + "application/json": { + "examples": { + "default": { + "value": { + "id": "default-site", + "name": "Default Site", + "description": "What to show when Nginx is hit with an unknown Host", + "value": "congratulations", + "meta": {} + } + } + }, + "schema": { + "$ref": "../../../components/setting-object.json" + } + } + } + } + } +} diff --git a/backend/schema/paths/tokens/get.json b/backend/schema/paths/tokens/get.json new file mode 100644 index 000000000..859bc61a4 --- /dev/null +++ b/backend/schema/paths/tokens/get.json @@ -0,0 +1,30 @@ +{ + "operationId": "refreshToken", + "summary": "Refresh your access token", + "tags": ["Tokens"], + "security": [ + { + "BearerAuth": ["tokens"] + } + ], + "responses": { + "200": { + "description": "200 response", + "content": { + "application/json": { + "examples": { + "default": { + "value": { + "expires": 1566540510, + "token": "eyJhbGciOiJSUzUxMiIsInR5cCI6IkpXVCJ9.ey...xaHKYr3Kk6MvkUjcC4" + } + } + }, + "schema": { + "$ref": "../../components/token-object.json" + } + } + } + } + } +} diff --git a/backend/schema/paths/tokens/post.json b/backend/schema/paths/tokens/post.json new file mode 100644 index 000000000..dece6b656 --- /dev/null +++ b/backend/schema/paths/tokens/post.json @@ -0,0 +1,55 @@ +{ + "operationId": "requestToken", + "summary": "Request a new access token from credentials", + "tags": ["Tokens"], + "requestBody": { + "description": "Credentials Payload", + "required": true, + "content": { + "application/json": { + "schema": { + "additionalProperties": false, + "properties": { + "identity": { + "minLength": 1, + "type": "string" + }, + "scope": { + "minLength": 1, + "type": "string", + "enum": ["user"] + }, + "secret": { + "minLength": 1, + "type": "string" + } + }, + "required": ["identity", "secret"], + "type": "object" + } + } + } + }, + "responses": { + "200": { + "content": { + "application/json": { + "examples": { + "default": { + "value": { + "result": { + "expires": 1566540510, + "token": "eyJhbGciOiJSUzUxMiIsInR5cCI6IkpXVCJ9.ey...xaHKYr3Kk6MvkUjcC4" + } + } + } + }, + "schema": { + "$ref": "../../components/token-object.json" + } + } + }, + "description": "200 response" + } + } +} diff --git a/backend/schema/paths/users/get.json b/backend/schema/paths/users/get.json new file mode 100644 index 000000000..41a0532c3 --- /dev/null +++ b/backend/schema/paths/users/get.json @@ -0,0 +1,74 @@ +{ + "operationId": "getUsers", + "summary": "Get all users", + "tags": ["Users"], + "security": [ + { + "BearerAuth": ["users"] + } + ], + "parameters": [ + { + "in": "query", + "name": "expand", + "description": "Expansions", + "schema": { + "type": "string", + "enum": ["permissions"] + } + } + ], + "responses": { + "200": { + "description": "200 response", + "content": { + "application/json": { + "examples": { + "default": { + "value": [ + { + "id": 1, + "created_on": "2020-01-30T09:36:08.000Z", + "modified_on": "2020-01-30T09:41:04.000Z", + "is_disabled": 0, + "email": "jc@jc21.com", + "name": "Jamie Curnow", + "nickname": "James", + "avatar": "//www.gravatar.com/avatar/6193176330f8d38747f038c170ddb193?default=mm", + "roles": ["admin"] + } + ] + }, + "withPermissions": { + "value": [ + { + "id": 1, + "created_on": "2020-01-30T09:36:08.000Z", + "modified_on": "2020-01-30T09:41:04.000Z", + "is_disabled": 0, + "email": "jc@jc21.com", + "name": "Jamie Curnow", + "nickname": "James", + "avatar": "//www.gravatar.com/avatar/6193176330f8d38747f038c170ddb193?default=mm", + "roles": ["admin"], + "permissions": { + "visibility": "all", + "proxy_hosts": "manage", + "redirection_hosts": "manage", + "dead_hosts": "manage", + "streams": "manage", + "access_lists": "manage", + "certificates": "manage" + } + } + ] + } + }, + "schema": { + "$ref": "../../components/user-list.json" + } + } + } + } + } +} diff --git a/backend/schema/paths/users/post.json b/backend/schema/paths/users/post.json new file mode 100644 index 000000000..1eec1b510 --- /dev/null +++ b/backend/schema/paths/users/post.json @@ -0,0 +1,88 @@ +{ + "operationId": "createUser", + "summary": "Create a User", + "tags": ["Users"], + "security": [ + { + "BearerAuth": ["users"] + } + ], + "requestBody": { + "description": "User Payload", + "required": true, + "content": { + "application/json": { + "schema": { + "type": "object", + "additionalProperties": false, + "required": ["name", "nickname", "email"], + "properties": { + "name": { + "$ref": "../../components/user-object.json#/properties/name" + }, + "nickname": { + "$ref": "../../components/user-object.json#/properties/nickname" + }, + "email": { + "$ref": "../../components/user-object.json#/properties/email" + }, + "roles": { + "$ref": "../../components/user-object.json#/properties/roles" + }, + "is_disabled": { + "$ref": "../../components/user-object.json#/properties/is_disabled" + }, + "auth": { + "type": "object", + "description": "Auth Credentials", + "example": { + "type": "password", + "secret": "bigredhorsebanana" + } + } + } + } + } + } + }, + "responses": { + "201": { + "description": "201 response", + "content": { + "application/json": { + "examples": { + "default": { + "value": { + "id": 2, + "created_on": "2020-01-30T09:41:04.000Z", + "modified_on": "2020-01-30T09:41:04.000Z", + "is_disabled": 0, + "email": "jc@jc21.com", + "name": "Jamie Curnow", + "nickname": "James", + "avatar": "//www.gravatar.com/avatar/6193176330f8d38747f038c170ddb193?default=mm", + "roles": ["admin"], + "permissions": { + "id": 3, + "created_on": "2020-01-30T09:41:04.000Z", + "modified_on": "2020-01-30T09:41:04.000Z", + "user_id": 2, + "visibility": "user", + "proxy_hosts": "manage", + "redirection_hosts": "manage", + "dead_hosts": "manage", + "streams": "manage", + "access_lists": "manage", + "certificates": "manage" + } + } + } + }, + "schema": { + "$ref": "../../components/user-object.json" + } + } + } + } + } +} diff --git a/backend/schema/paths/users/userID/auth/put.json b/backend/schema/paths/users/userID/auth/put.json new file mode 100644 index 000000000..a72f5617c --- /dev/null +++ b/backend/schema/paths/users/userID/auth/put.json @@ -0,0 +1,79 @@ +{ + "operationId": "updateUserAuth", + "summary": "Update a User's Authentication", + "tags": ["Users"], + "security": [ + { + "BearerAuth": ["users"] + } + ], + "parameters": [ + { + "in": "path", + "name": "userID", + "schema": { + "oneOf": [ + { + "type": "string", + "pattern": "^me$" + }, + { + "type": "integer", + "minimum": 1 + } + ] + }, + "required": true, + "description": "User ID or 'me' for yourself", + "example": 2 + } + ], + "requestBody": { + "description": "Auth Payload", + "required": true, + "content": { + "application/json": { + "schema": { + "type": "object", + "required": ["type", "secret"], + "properties": { + "type": { + "type": "string", + "pattern": "^password$", + "example": "password" + }, + "current": { + "type": "string", + "minLength": 1, + "maxLength": 64, + "example": "changeme" + }, + "secret": { + "type": "string", + "minLength": 8, + "maxLength": 64, + "example": "mySuperN3wP@ssword!" + } + } + } + } + } + }, + "responses": { + "200": { + "description": "200 response", + "content": { + "application/json": { + "examples": { + "default": { + "value": true + } + }, + "schema": { + "type": "boolean" + } + } + } + } + } +} diff --git a/backend/schema/paths/users/userID/delete.json b/backend/schema/paths/users/userID/delete.json new file mode 100644 index 000000000..7d4f36151 --- /dev/null +++ b/backend/schema/paths/users/userID/delete.json @@ -0,0 +1,40 @@ +{ + "operationId": "deleteUser", + "summary": "Delete a User", + "tags": ["Users"], + "security": [ + { + "BearerAuth": ["users"] + } + ], + "parameters": [ + { + "in": "path", + "name": "userID", + "schema": { + "type": "integer", + "minimum": 1 + }, + "required": true, + "description": "User ID", + "example": 2 + } + ], + "responses": { + "200": { + "description": "200 response", + "content": { + "application/json": { + "examples": { + "default": { + "value": true + } + }, + "schema": { + "type": "boolean" + } + } + } + } + } +} diff --git a/backend/schema/paths/users/userID/get.json b/backend/schema/paths/users/userID/get.json new file mode 100644 index 000000000..f79c92943 --- /dev/null +++ b/backend/schema/paths/users/userID/get.json @@ -0,0 +1,58 @@ +{ + "operationId": "getUser", + "summary": "Get a user", + "tags": ["Users"], + "security": [ + { + "BearerAuth": ["users"] + } + ], + "parameters": [ + { + "in": "path", + "name": "userID", + "schema": { + "oneOf": [ + { + "type": "string", + "pattern": "^me$" + }, + { + "type": "integer", + "minimum": 1 + } + ] + }, + "required": true, + "description": "User ID or 'me' for yourself", + "example": 1 + } + ], + "responses": { + "200": { + "description": "200 response", + "content": { + "application/json": { + "examples": { + "default": { + "value": { + "id": 1, + "created_on": "2020-01-30T09:36:08.000Z", + "modified_on": "2020-01-30T09:41:04.000Z", + "is_disabled": 0, + "email": "jc@jc21.com", + "name": "Jamie Curnow", + "nickname": "James", + "avatar": "//www.gravatar.com/avatar/6193176330f8d38747f038c170ddb193?default=mm", + "roles": ["admin"] + } + } + }, + "schema": { + "$ref": "../../../components/user-object.json" + } + } + } + } + } +} diff --git a/backend/schema/paths/users/userID/login/post.json b/backend/schema/paths/users/userID/login/post.json new file mode 100644 index 000000000..5f247b335 --- /dev/null +++ b/backend/schema/paths/users/userID/login/post.json @@ -0,0 +1,73 @@ +{ + "operationId": "loginAsUser", + "summary": "Login as this user", + "tags": ["Users"], + "security": [ + { + "BearerAuth": ["users"] + } + ], + "parameters": [ + { + "in": "path", + "name": "userID", + "schema": { + "type": "integer", + "minimum": 1 + }, + "required": true, + "description": "User ID", + "example": 2 + } + ], + "responses": { + "200": { + "description": "200 response", + "content": { + "application/json": { + "examples": { + "default": { + "value": { + "token": "eyJhbGciOiJSUzI1NiIsInR...16OjT8B3NLyXg", + "expires": "2020-01-31T10:56:23.239Z", + "user": { + "id": 1, + "created_on": "2020-01-30T10:43:44.000Z", + "modified_on": "2020-01-30T10:43:44.000Z", + "is_disabled": 0, + "email": "jc@jc21.com", + "name": "Jamie Curnow", + "nickname": "James", + "avatar": "//www.gravatar.com/avatar/3c8d73f45fd8763f827b964c76e6032a?default=mm", + "roles": ["admin"] + } + } + } + }, + "schema": { + "type": "object", + "description": "Login object", + "required": ["expires", "token", "user"], + "additionalProperties": false, + "properties": { + "expires": { + "description": "Token Expiry Unix Time", + "example": 1566540249, + "minimum": 1, + "type": "number" + }, + "token": { + "description": "JWT Token", + "example": "eyJhbGciOiJSUzUxMiIsInR5cCI6IkpXVCJ9.ey...xaHKYr3Kk6MvkUjcC4", + "type": "string" + }, + "user": { + "$ref": "../../../../components/user-object.json" + } + } + } + } + } + } + } +} diff --git a/backend/schema/paths/users/userID/permissions/put.json b/backend/schema/paths/users/userID/permissions/put.json new file mode 100644 index 000000000..2dcd2aed7 --- /dev/null +++ b/backend/schema/paths/users/userID/permissions/put.json @@ -0,0 +1,51 @@ +{ + "operationId": "updateUserPermissions", + "summary": "Update a User's Permissions", + "tags": ["Users"], + "security": [ + { + "BearerAuth": ["users"] + } + ], + "parameters": [ + { + "in": "path", + "name": "userID", + "schema": { + "type": "integer", + "minimum": 1 + }, + "required": true, + "description": "User ID", + "example": 2 + } + ], + "requestBody": { + "description": "Permissions Payload", + "required": true, + "content": { + "application/json": { + "schema": { + "$ref": "../../../../components/permission-object.json" + } + } + } + }, + "responses": { + "200": { + "description": "200 response", + "content": { + "application/json": { + "examples": { + "default": { + "value": true + } + }, + "schema": { + "type": "boolean" + } + } + } + } + } +} diff --git a/backend/schema/paths/users/userID/put.json b/backend/schema/paths/users/userID/put.json new file mode 100644 index 000000000..54cb44b44 --- /dev/null +++ b/backend/schema/paths/users/userID/put.json @@ -0,0 +1,88 @@ +{ + "operationId": "updateUser", + "summary": "Update a User", + "tags": ["Users"], + "security": [ + { + "BearerAuth": ["users"] + } + ], + "parameters": [ + { + "in": "path", + "name": "userID", + "schema": { + "oneOf": [ + { + "type": "string", + "pattern": "^me$" + }, + { + "type": "integer", + "minimum": 1 + } + ] + }, + "required": true, + "description": "User ID or 'me' for yourself", + "example": 2 + } + ], + "requestBody": { + "description": "User Payload", + "required": true, + "content": { + "application/json": { + "schema": { + "type": "object", + "additionalProperties": false, + "minProperties": 1, + "properties": { + "name": { + "$ref": "../../../components/user-object.json#/properties/name" + }, + "nickname": { + "$ref": "../../../components/user-object.json#/properties/nickname" + }, + "email": { + "$ref": "../../../components/user-object.json#/properties/email" + }, + "roles": { + "$ref": "../../../components/user-object.json#/properties/roles" + }, + "is_disabled": { + "$ref": "../../../components/user-object.json#/properties/is_disabled" + } + } + } + } + } + }, + "responses": { + "200": { + "description": "200 response", + "content": { + "application/json": { + "examples": { + "default": { + "value": { + "id": 2, + "created_on": "2020-01-30T09:36:08.000Z", + "modified_on": "2020-01-30T09:41:04.000Z", + "is_disabled": 0, + "email": "jc@jc21.com", + "name": "Jamie Curnow", + "nickname": "James", + "avatar": "//www.gravatar.com/avatar/6193176330f8d38747f038c170ddb193?default=mm", + "roles": ["admin"] + } + } + }, + "schema": { + "$ref": "../../../components/user-object.json" + } + } + } + } + } +} diff --git a/backend/schema/swagger.json b/backend/schema/swagger.json new file mode 100644 index 000000000..9c00fa634 --- /dev/null +++ b/backend/schema/swagger.json @@ -0,0 +1,265 @@ +{ + "openapi": "3.0.0", + "info": { + "title": "Nginx Proxy Manager API", + "version": "2.x.x" + }, + "servers": [ + { + "url": "http://127.0.0.1:81/api" + } + ], + "paths": { + "/": { + "get": { + "$ref": "./paths/get.json" + } + }, + "/audit-log": { + "get": { + "$ref": "./paths/audit-log/get.json" + } + }, + "/nginx/access-lists": { + "get": { + "$ref": "./paths/nginx/access-lists/get.json" + }, + "post": { + "$ref": "./paths/nginx/access-lists/post.json" + } + }, + "/nginx/access-lists/{listID}": { + "get": { + "$ref": "./paths/nginx/access-lists/listID/get.json" + }, + "put": { + "$ref": "./paths/nginx/access-lists/listID/put.json" + }, + "delete": { + "$ref": "./paths/nginx/access-lists/listID/delete.json" + } + }, + "/nginx/certificates": { + "get": { + "$ref": "./paths/nginx/certificates/get.json" + }, + "post": { + "$ref": "./paths/nginx/certificates/post.json" + } + }, + "/nginx/certificates/validate": { + "post": { + "$ref": "./paths/nginx/certificates/validate/post.json" + } + }, + "/nginx/certificates/test-http": { + "get": { + "$ref": "./paths/nginx/certificates/test-http/get.json" + } + }, + "/nginx/certificates/{certID}": { + "get": { + "$ref": "./paths/nginx/certificates/certID/get.json" + }, + "delete": { + "$ref": "./paths/nginx/certificates/certID/delete.json" + } + }, + "/nginx/certificates/{certID}/download": { + "get": { + "$ref": "./paths/nginx/certificates/certID/download/get.json" + } + }, + "/nginx/certificates/{certID}/renew": { + "post": { + "$ref": "./paths/nginx/certificates/certID/renew/post.json" + } + }, + "/nginx/certificates/{certID}/upload": { + "post": { + "$ref": "./paths/nginx/certificates/certID/upload/post.json" + } + }, + "/nginx/proxy-hosts": { + "get": { + "$ref": "./paths/nginx/proxy-hosts/get.json" + }, + "post": { + "$ref": "./paths/nginx/proxy-hosts/post.json" + } + }, + "/nginx/proxy-hosts/{hostID}": { + "get": { + "$ref": "./paths/nginx/proxy-hosts/hostID/get.json" + }, + "put": { + "$ref": "./paths/nginx/proxy-hosts/hostID/put.json" + }, + "delete": { + "$ref": "./paths/nginx/proxy-hosts/hostID/delete.json" + } + }, + "/nginx/proxy-hosts/{hostID}/enable": { + "post": { + "$ref": "./paths/nginx/proxy-hosts/hostID/enable/post.json" + } + }, + "/nginx/proxy-hosts/{hostID}/disable": { + "post": { + "$ref": "./paths/nginx/proxy-hosts/hostID/disable/post.json" + } + }, + "/nginx/redirection-hosts": { + "get": { + "$ref": "./paths/nginx/redirection-hosts/get.json" + }, + "post": { + "$ref": "./paths/nginx/redirection-hosts/post.json" + } + }, + "/nginx/redirection-hosts/{hostID}": { + "get": { + "$ref": "./paths/nginx/redirection-hosts/hostID/get.json" + }, + "put": { + "$ref": "./paths/nginx/redirection-hosts/hostID/put.json" + }, + "delete": { + "$ref": "./paths/nginx/redirection-hosts/hostID/delete.json" + } + }, + "/nginx/redirection-hosts/{hostID}/enable": { + "post": { + "$ref": "./paths/nginx/redirection-hosts/hostID/enable/post.json" + } + }, + "/nginx/redirection-hosts/{hostID}/disable": { + "post": { + "$ref": "./paths/nginx/redirection-hosts/hostID/disable/post.json" + } + }, + "/nginx/dead-hosts": { + "get": { + "$ref": "./paths/nginx/dead-hosts/get.json" + }, + "post": { + "$ref": "./paths/nginx/dead-hosts/post.json" + } + }, + "/nginx/dead-hosts/{hostID}": { + "get": { + "$ref": "./paths/nginx/dead-hosts/hostID/get.json" + }, + "put": { + "$ref": "./paths/nginx/dead-hosts/hostID/put.json" + }, + "delete": { + "$ref": "./paths/nginx/dead-hosts/hostID/delete.json" + } + }, + "/nginx/dead-hosts/{hostID}/enable": { + "post": { + "$ref": "./paths/nginx/dead-hosts/hostID/enable/post.json" + } + }, + "/nginx/dead-hosts/{hostID}/disable": { + "post": { + "$ref": "./paths/nginx/dead-hosts/hostID/disable/post.json" + } + }, + "/nginx/streams": { + "get": { + "$ref": "./paths/nginx/streams/get.json" + }, + "post": { + "$ref": "./paths/nginx/streams/post.json" + } + }, + "/nginx/streams/{streamID}": { + "get": { + "$ref": "./paths/nginx/streams/streamID/get.json" + }, + "put": { + "$ref": "./paths/nginx/streams/streamID/put.json" + }, + "delete": { + "$ref": "./paths/nginx/streams/streamID/delete.json" + } + }, + "/nginx/streams/{streamID}/enable": { + "post": { + "$ref": "./paths/nginx/streams/streamID/enable/post.json" + } + }, + "/nginx/streams/{streamID}/disable": { + "post": { + "$ref": "./paths/nginx/streams/streamID/disable/post.json" + } + }, + "/reports/hosts": { + "get": { + "$ref": "./paths/reports/hosts/get.json" + } + }, + "/schema": { + "get": { + "$ref": "./paths/schema/get.json" + } + }, + "/settings": { + "get": { + "$ref": "./paths/settings/get.json" + } + }, + "/settings/{settingID}": { + "get": { + "$ref": "./paths/settings/settingID/get.json" + }, + "put": { + "$ref": "./paths/settings/settingID/put.json" + } + }, + "/tokens": { + "get": { + "$ref": "./paths/tokens/get.json" + }, + "post": { + "$ref": "./paths/tokens/post.json" + } + }, + "/users": { + "get": { + "$ref": "./paths/users/get.json" + }, + "post": { + "$ref": "./paths/users/post.json" + } + }, + "/users/{userID}": { + "get": { + "$ref": "./paths/users/userID/get.json" + }, + "put": { + "$ref": "./paths/users/userID/put.json" + }, + "delete": { + "$ref": "./paths/users/userID/delete.json" + } + }, + "/users/{userID}/auth": { + "put": { + "$ref": "./paths/users/userID/auth/put.json" + } + }, + "/users/{userID}/permissions": { + "put": { + "$ref": "./paths/users/userID/permissions/put.json" + } + }, + "/users/{userID}/login": { + "post": { + "$ref": "./paths/users/userID/login/post.json" + } + } + } +} diff --git a/backend/yarn.lock b/backend/yarn.lock index af2095496..6346c14ce 100644 --- a/backend/yarn.lock +++ b/backend/yarn.lock @@ -11,6 +11,15 @@ call-me-maybe "^1.0.1" js-yaml "^3.13.1" +"@apidevtools/json-schema-ref-parser@^11.7.0": + version "11.7.0" + resolved "https://registry.yarnpkg.com/@apidevtools/json-schema-ref-parser/-/json-schema-ref-parser-11.7.0.tgz#228d72018a0e7cbee744b677eaa01a8968f302d9" + integrity sha512-pRrmXMCwnmrkS3MLgAIW5dXRzeTv6GLjkjb4HmxNnvAKXN1Nfzp4KmGADBQvlVUcqi+a5D+hfGDLLnd5NnYxog== + dependencies: + "@jsdevtools/ono" "^7.1.3" + "@types/json-schema" "^7.0.15" + js-yaml "^4.1.0" + "@eslint-community/eslint-utils@^4.2.0": version "4.3.0" resolved "https://registry.yarnpkg.com/@eslint-community/eslint-utils/-/eslint-utils-4.3.0.tgz#a556790523a351b4e47e9d385f47265eaaf9780a" @@ -67,7 +76,7 @@ resolved "https://registry.yarnpkg.com/@humanwhocodes/object-schema/-/object-schema-1.2.1.tgz#b520529ec21d8e5945a1851dfd1c32e94e39ff45" integrity sha512-ZnQMnLV4e7hDlUvw8H+U8ASL02SS2Gn6+9Ac3wGGLIe7+je2AeAOxPY+izIPJDfFDb7eDjev0Us8MO1iFRN8hA== -"@jsdevtools/ono@^7.1.0": +"@jsdevtools/ono@^7.1.0", "@jsdevtools/ono@^7.1.3": version "7.1.3" resolved "https://registry.yarnpkg.com/@jsdevtools/ono/-/ono-7.1.3.tgz#9df03bbd7c696a5c58885c34aa06da41c8543796" integrity sha512-4JQNk+3mVzK3xh2rqd6RB4J46qUR19azEHBneZyTZM+c456qOrbbM/5xcR8huNCCcbVt7+UmizG6GuUvPvKUYg== @@ -146,6 +155,11 @@ resolved "https://registry.yarnpkg.com/@types/color-name/-/color-name-1.1.1.tgz#1c1261bbeaa10a8055bbc5d8ab84b7b2afc846a0" integrity sha512-rr+OQyAjxze7GgWrSaJwydHStIhHq2lvY3BOC2Mj7KnzI7XK0Uw1TOOdI9lDoajEbSWLiYgoo4f1R51erQfhPQ== +"@types/json-schema@^7.0.15": + version "7.0.15" + resolved "https://registry.yarnpkg.com/@types/json-schema/-/json-schema-7.0.15.tgz#596a1747233694d50f6ad8a7869fcb6f56cf5841" + integrity sha512-5+fP8P8MFNC+AyZCDxrB2pkZFPGzqQWUzpSeuuVLvm8VMcorNYavBqoFcxK8bQz4Qsbn4oUEEem4wDLfcysGHA== + abbrev@1: version "1.1.1" resolved "https://registry.yarnpkg.com/abbrev/-/abbrev-1.1.1.tgz#f8f2c887ad10bf67f634f005b6987fed3179aac8" diff --git a/docker/docker-compose.dev.yml b/docker/docker-compose.dev.yml index 14ca2f7a7..8092a33e4 100644 --- a/docker/docker-compose.dev.yml +++ b/docker/docker-compose.dev.yml @@ -54,6 +54,17 @@ services: volumes: - db_data:/var/lib/mysql + swagger: + image: swaggerapi/swagger-ui:latest + container_name: npm_swagger + ports: + - 3082:80 + environment: + URL: "http://npm:81/api/schema" + PORT: '80' + depends_on: + - npm + volumes: npm_data: name: npm_core_data From 6f7963ee0843a2e67a0b6121a9dfbc8d56533260 Mon Sep 17 00:00:00 2001 From: mokkin Date: Wed, 9 Oct 2024 23:47:07 +0200 Subject: [PATCH 028/175] version is obsolete now --- docs/src/guide/index.md | 1 - 1 file changed, 1 deletion(-) diff --git a/docs/src/guide/index.md b/docs/src/guide/index.md index ad350b3b9..fcf176fa9 100644 --- a/docs/src/guide/index.md +++ b/docs/src/guide/index.md @@ -62,7 +62,6 @@ I won't go in to too much detail here but here are the basics for someone new to 2. Create a docker-compose.yml file similar to this: ```yml -version: '3.8' services: app: image: 'jc21/nginx-proxy-manager:latest' From 4572b205c912db498706e9a3e8f1891c94129c88 Mon Sep 17 00:00:00 2001 From: Jamie Curnow Date: Thu, 10 Oct 2024 15:53:11 +1000 Subject: [PATCH 029/175] Openapi Schema improvements - Return proper booleans in api responses - Update jsonschemavalidation to latest draft --- backend/doc/api.swagger.json | 1456 ----------------- backend/internal/proxy-host.js | 2 +- backend/lib/access.js | 13 +- backend/lib/access/permissions.json | 1 - backend/lib/access/roles.json | 1 - backend/lib/helpers.js | 18 + backend/lib/validator/api.js | 17 +- backend/lib/validator/index.js | 15 +- backend/models/access_list.js | 17 + backend/models/auth.js | 25 +- backend/models/certificate.js | 23 +- backend/models/dead_host.js | 16 + backend/models/proxy_host.js | 23 + backend/models/redirection_host.js | 19 + backend/models/stream.js | 25 +- backend/models/user.js | 16 + backend/package.json | 10 +- backend/routes/audit-log.js | 4 +- backend/routes/nginx/access_lists.js | 8 +- backend/routes/nginx/certificates.js | 8 +- backend/routes/nginx/dead_hosts.js | 8 +- backend/routes/nginx/proxy_hosts.js | 8 +- backend/routes/nginx/redirection_hosts.js | 8 +- backend/routes/nginx/streams.js | 8 +- backend/routes/users.js | 8 +- backend/schema/common.json | 19 +- .../schema/components/access-list-object.json | 8 +- .../schema/components/audit-log-object.json | 10 +- .../schema/components/certificate-object.json | 16 +- .../schema/components/dead-host-object.json | 22 +- .../schema/components/proxy-host-object.json | 46 +- .../components/redirection-host-object.json | 24 +- backend/schema/components/stream-object.json | 10 +- backend/schema/components/user-object.json | 8 +- .../schema/paths/nginx/access-lists/get.json | 4 +- .../paths/nginx/access-lists/listID/get.json | 2 +- .../paths/nginx/access-lists/listID/put.json | 8 +- .../schema/paths/nginx/access-lists/post.json | 8 +- .../nginx/certificates/certID/renew/post.json | 2 +- .../schema/paths/nginx/certificates/post.json | 2 +- .../schema/paths/nginx/dead-hosts/get.json | 10 +- .../paths/nginx/dead-hosts/hostID/get.json | 10 +- .../paths/nginx/dead-hosts/hostID/put.json | 14 +- .../schema/paths/nginx/dead-hosts/post.json | 14 +- .../schema/paths/nginx/proxy-hosts/get.json | 16 +- .../paths/nginx/proxy-hosts/hostID/get.json | 16 +- .../paths/nginx/proxy-hosts/hostID/put.json | 20 +- .../schema/paths/nginx/proxy-hosts/post.json | 20 +- .../paths/nginx/redirection-hosts/get.json | 14 +- .../nginx/redirection-hosts/hostID/get.json | 14 +- .../nginx/redirection-hosts/hostID/put.json | 18 +- .../paths/nginx/redirection-hosts/post.json | 18 +- backend/schema/paths/nginx/streams/get.json | 6 +- backend/schema/paths/nginx/streams/post.json | 10 +- .../paths/nginx/streams/streamID/get.json | 6 +- .../paths/nginx/streams/streamID/put.json | 20 +- backend/schema/paths/users/get.json | 4 +- backend/schema/paths/users/post.json | 2 +- backend/schema/paths/users/userID/get.json | 2 +- .../schema/paths/users/userID/login/post.json | 2 +- backend/schema/paths/users/userID/put.json | 2 +- backend/schema/swagger.json | 2 +- backend/validate-schema.js | 16 + backend/yarn.lock | 80 +- test/cypress/e2e/api/Health.cy.js | 2 +- test/cypress/e2e/api/Hosts.cy.js | 2 +- test/cypress/plugins/backendApi/logger.js | 9 +- test/package.json | 17 +- test/yarn.lock | 634 +++---- 69 files changed, 863 insertions(+), 2083 deletions(-) delete mode 100644 backend/doc/api.swagger.json create mode 100644 backend/validate-schema.js diff --git a/backend/doc/api.swagger.json b/backend/doc/api.swagger.json deleted file mode 100644 index 3fa19fc4b..000000000 --- a/backend/doc/api.swagger.json +++ /dev/null @@ -1,1456 +0,0 @@ -{ - "openapi": "3.0.0", - "info": { - "title": "Nginx Proxy Manager API", - "version": "2.x.x" - }, - "servers": [ - { - "url": "http://127.0.0.1:81/api" - } - ], - "paths": { - "/": { - "get": { - "operationId": "health", - "summary": "Returns the API health status", - "responses": { - "200": { - "description": "200 response", - "content": { - "application/json": { - "examples": { - "default": { - "value": { - "status": "OK", - "version": { - "major": 2, - "minor": 1, - "revision": 0 - } - } - } - }, - "schema": { - "$ref": "#/components/schemas/HealthObject" - } - } - } - } - } - } - }, - "/nginx/proxy-hosts": { - "get": { - "operationId": "getProxyHosts", - "summary": "Get all proxy hosts", - "tags": ["Proxy Hosts"], - "security": [ - { - "BearerAuth": ["users"] - } - ], - "parameters": [ - { - "in": "query", - "name": "expand", - "description": "Expansions", - "schema": { - "type": "string", - "enum": ["access_list", "owner", "certificate"] - } - } - ], - "responses": { - "200": { - "description": "200 response", - "content": { - "application/json": { - "examples": { - "default": { - "value": [ - { - "id": 1, - "created_on": "2023-03-30T01:12:23.000Z", - "modified_on": "2023-03-30T02:15:40.000Z", - "owner_user_id": 1, - "domain_names": ["aasdasdad"], - "forward_host": "asdasd", - "forward_port": 80, - "access_list_id": 0, - "certificate_id": 0, - "ssl_forced": 0, - "caching_enabled": 0, - "block_exploits": 0, - "advanced_config": "sdfsdfsdf", - "meta": { - "letsencrypt_agree": false, - "dns_challenge": false, - "nginx_online": false, - "nginx_err": "Command failed: /usr/sbin/nginx -t -g \"error_log off;\"\nnginx: [emerg] unknown directive \"sdfsdfsdf\" in /data/nginx/proxy_host/1.conf:37\nnginx: configuration file /etc/nginx/nginx.conf test failed\n" - }, - "allow_websocket_upgrade": 0, - "http2_support": 0, - "forward_scheme": "http", - "enabled": 1, - "locations": [], - "hsts_enabled": 0, - "hsts_subdomains": 0, - "owner": { - "id": 1, - "created_on": "2023-03-30T01:11:50.000Z", - "modified_on": "2023-03-30T01:11:50.000Z", - "is_deleted": 0, - "is_disabled": 0, - "email": "admin@example.com", - "name": "Administrator", - "nickname": "Admin", - "avatar": "", - "roles": ["admin"] - }, - "access_list": null, - "certificate": null - }, - { - "id": 2, - "created_on": "2023-03-30T02:11:49.000Z", - "modified_on": "2023-03-30T02:11:49.000Z", - "owner_user_id": 1, - "domain_names": ["test.example.com"], - "forward_host": "1.1.1.1", - "forward_port": 80, - "access_list_id": 0, - "certificate_id": 0, - "ssl_forced": 0, - "caching_enabled": 0, - "block_exploits": 0, - "advanced_config": "", - "meta": { - "letsencrypt_agree": false, - "dns_challenge": false, - "nginx_online": true, - "nginx_err": null - }, - "allow_websocket_upgrade": 0, - "http2_support": 0, - "forward_scheme": "http", - "enabled": 1, - "locations": [], - "hsts_enabled": 0, - "hsts_subdomains": 0, - "owner": { - "id": 1, - "created_on": "2023-03-30T01:11:50.000Z", - "modified_on": "2023-03-30T01:11:50.000Z", - "is_deleted": 0, - "is_disabled": 0, - "email": "admin@example.com", - "name": "Administrator", - "nickname": "Admin", - "avatar": "", - "roles": ["admin"] - }, - "access_list": null, - "certificate": null - } - ] - } - }, - "schema": { - "$ref": "#/components/schemas/ProxyHostsList" - } - } - } - } - } - }, - "post": { - "operationId": "createProxyHost", - "summary": "Create a Proxy Host", - "tags": ["Proxy Hosts"], - "security": [ - { - "BearerAuth": ["users"] - } - ], - "parameters": [ - { - "in": "body", - "name": "proxyhost", - "description": "Proxy Host Payload", - "required": true, - "schema": { - "$ref": "#/components/schemas/ProxyHostObject" - } - } - ], - "responses": { - "201": { - "description": "201 response", - "content": { - "application/json": { - "examples": { - "default": { - "value": { - "id": 3, - "created_on": "2023-03-30T02:31:27.000Z", - "modified_on": "2023-03-30T02:31:27.000Z", - "owner_user_id": 1, - "domain_names": ["test2.example.com"], - "forward_host": "1.1.1.1", - "forward_port": 80, - "access_list_id": 0, - "certificate_id": 0, - "ssl_forced": 0, - "caching_enabled": 0, - "block_exploits": 0, - "advanced_config": "", - "meta": { - "letsencrypt_agree": false, - "dns_challenge": false - }, - "allow_websocket_upgrade": 0, - "http2_support": 0, - "forward_scheme": "http", - "enabled": 1, - "locations": [], - "hsts_enabled": 0, - "hsts_subdomains": 0, - "certificate": null, - "owner": { - "id": 1, - "created_on": "2023-03-30T01:11:50.000Z", - "modified_on": "2023-03-30T01:11:50.000Z", - "is_deleted": 0, - "is_disabled": 0, - "email": "admin@example.com", - "name": "Administrator", - "nickname": "Admin", - "avatar": "", - "roles": ["admin"] - }, - "access_list": null, - "use_default_location": true, - "ipv6": true - } - } - }, - "schema": { - "$ref": "#/components/schemas/ProxyHostObject" - } - } - } - } - } - } - }, - "/schema": { - "get": { - "operationId": "schema", - "responses": { - "200": { - "description": "200 response" - } - }, - "summary": "Returns this swagger API schema" - } - }, - "/tokens": { - "get": { - "operationId": "refreshToken", - "summary": "Refresh your access token", - "tags": ["Tokens"], - "security": [ - { - "BearerAuth": ["tokens"] - } - ], - "responses": { - "200": { - "description": "200 response", - "content": { - "application/json": { - "examples": { - "default": { - "value": { - "expires": 1566540510, - "token": "eyJhbGciOiJSUzUxMiIsInR5cCI6IkpXVCJ9.ey...xaHKYr3Kk6MvkUjcC4" - } - } - }, - "schema": { - "$ref": "#/components/schemas/TokenObject" - } - } - } - } - } - }, - "post": { - "operationId": "requestToken", - "parameters": [ - { - "description": "Credentials Payload", - "in": "body", - "name": "credentials", - "required": true, - "schema": { - "additionalProperties": false, - "properties": { - "identity": { - "minLength": 1, - "type": "string" - }, - "scope": { - "minLength": 1, - "type": "string", - "enum": ["user"] - }, - "secret": { - "minLength": 1, - "type": "string" - } - }, - "required": ["identity", "secret"], - "type": "object" - } - } - ], - "responses": { - "200": { - "content": { - "application/json": { - "examples": { - "default": { - "value": { - "result": { - "expires": 1566540510, - "token": "eyJhbGciOiJSUzUxMiIsInR5cCI6IkpXVCJ9.ey...xaHKYr3Kk6MvkUjcC4" - } - } - } - }, - "schema": { - "$ref": "#/components/schemas/TokenObject" - } - } - }, - "description": "200 response" - } - }, - "summary": "Request a new access token from credentials", - "tags": ["Tokens"] - } - }, - "/settings": { - "get": { - "operationId": "getSettings", - "summary": "Get all settings", - "tags": ["Settings"], - "security": [ - { - "BearerAuth": ["settings"] - } - ], - "responses": { - "200": { - "description": "200 response", - "content": { - "application/json": { - "examples": { - "default": { - "value": [ - { - "id": "default-site", - "name": "Default Site", - "description": "What to show when Nginx is hit with an unknown Host", - "value": "congratulations", - "meta": {} - } - ] - } - }, - "schema": { - "$ref": "#/components/schemas/SettingsList" - } - } - } - } - } - } - }, - "/settings/{settingID}": { - "get": { - "operationId": "getSetting", - "summary": "Get a setting", - "tags": ["Settings"], - "security": [ - { - "BearerAuth": ["settings"] - } - ], - "parameters": [ - { - "in": "path", - "name": "settingID", - "schema": { - "type": "string", - "minLength": 1 - }, - "required": true, - "description": "Setting ID", - "example": "default-site" - } - ], - "responses": { - "200": { - "description": "200 response", - "content": { - "application/json": { - "examples": { - "default": { - "value": { - "id": "default-site", - "name": "Default Site", - "description": "What to show when Nginx is hit with an unknown Host", - "value": "congratulations", - "meta": {} - } - } - }, - "schema": { - "$ref": "#/components/schemas/SettingObject" - } - } - } - } - } - }, - "put": { - "operationId": "updateSetting", - "summary": "Update a setting", - "tags": ["Settings"], - "security": [ - { - "BearerAuth": ["settings"] - } - ], - "parameters": [ - { - "in": "path", - "name": "settingID", - "schema": { - "type": "string", - "minLength": 1 - }, - "required": true, - "description": "Setting ID", - "example": "default-site" - }, - { - "in": "body", - "name": "setting", - "description": "Setting Payload", - "required": true, - "schema": { - "$ref": "#/components/schemas/SettingObject" - } - } - ], - "responses": { - "200": { - "description": "200 response", - "content": { - "application/json": { - "examples": { - "default": { - "value": { - "id": "default-site", - "name": "Default Site", - "description": "What to show when Nginx is hit with an unknown Host", - "value": "congratulations", - "meta": {} - } - } - }, - "schema": { - "$ref": "#/components/schemas/SettingObject" - } - } - } - } - } - } - }, - "/users": { - "get": { - "operationId": "getUsers", - "summary": "Get all users", - "tags": ["Users"], - "security": [ - { - "BearerAuth": ["users"] - } - ], - "parameters": [ - { - "in": "query", - "name": "expand", - "description": "Expansions", - "schema": { - "type": "string", - "enum": ["permissions"] - } - } - ], - "responses": { - "200": { - "description": "200 response", - "content": { - "application/json": { - "examples": { - "default": { - "value": [ - { - "id": 1, - "created_on": "2020-01-30T09:36:08.000Z", - "modified_on": "2020-01-30T09:41:04.000Z", - "is_disabled": 0, - "email": "jc@jc21.com", - "name": "Jamie Curnow", - "nickname": "James", - "avatar": "//www.gravatar.com/avatar/6193176330f8d38747f038c170ddb193?default=mm", - "roles": ["admin"] - } - ] - }, - "withPermissions": { - "value": [ - { - "id": 1, - "created_on": "2020-01-30T09:36:08.000Z", - "modified_on": "2020-01-30T09:41:04.000Z", - "is_disabled": 0, - "email": "jc@jc21.com", - "name": "Jamie Curnow", - "nickname": "James", - "avatar": "//www.gravatar.com/avatar/6193176330f8d38747f038c170ddb193?default=mm", - "roles": ["admin"], - "permissions": { - "visibility": "all", - "proxy_hosts": "manage", - "redirection_hosts": "manage", - "dead_hosts": "manage", - "streams": "manage", - "access_lists": "manage", - "certificates": "manage" - } - } - ] - } - }, - "schema": { - "$ref": "#/components/schemas/UsersList" - } - } - } - } - } - }, - "post": { - "operationId": "createUser", - "summary": "Create a User", - "tags": ["Users"], - "security": [ - { - "BearerAuth": ["users"] - } - ], - "parameters": [ - { - "in": "body", - "name": "user", - "description": "User Payload", - "required": true, - "schema": { - "$ref": "#/components/schemas/UserObject" - } - } - ], - "responses": { - "201": { - "description": "201 response", - "content": { - "application/json": { - "examples": { - "default": { - "value": { - "id": 2, - "created_on": "2020-01-30T09:36:08.000Z", - "modified_on": "2020-01-30T09:41:04.000Z", - "is_disabled": 0, - "email": "jc@jc21.com", - "name": "Jamie Curnow", - "nickname": "James", - "avatar": "//www.gravatar.com/avatar/6193176330f8d38747f038c170ddb193?default=mm", - "roles": ["admin"], - "permissions": { - "visibility": "all", - "proxy_hosts": "manage", - "redirection_hosts": "manage", - "dead_hosts": "manage", - "streams": "manage", - "access_lists": "manage", - "certificates": "manage" - } - } - } - }, - "schema": { - "$ref": "#/components/schemas/UserObject" - } - } - } - } - } - } - }, - "/users/{userID}": { - "get": { - "operationId": "getUser", - "summary": "Get a user", - "tags": ["Users"], - "security": [ - { - "BearerAuth": ["users"] - } - ], - "parameters": [ - { - "in": "path", - "name": "userID", - "schema": { - "oneOf": [ - { - "type": "string", - "pattern": "^me$" - }, - { - "type": "integer", - "minimum": 1 - } - ] - }, - "required": true, - "description": "User ID or 'me' for yourself", - "example": 1 - } - ], - "responses": { - "200": { - "description": "200 response", - "content": { - "application/json": { - "examples": { - "default": { - "value": { - "id": 1, - "created_on": "2020-01-30T09:36:08.000Z", - "modified_on": "2020-01-30T09:41:04.000Z", - "is_disabled": 0, - "email": "jc@jc21.com", - "name": "Jamie Curnow", - "nickname": "James", - "avatar": "//www.gravatar.com/avatar/6193176330f8d38747f038c170ddb193?default=mm", - "roles": ["admin"] - } - } - }, - "schema": { - "$ref": "#/components/schemas/UserObject" - } - } - } - } - } - }, - "put": { - "operationId": "updateUser", - "summary": "Update a User", - "tags": ["Users"], - "security": [ - { - "BearerAuth": ["users"] - } - ], - "parameters": [ - { - "in": "path", - "name": "userID", - "schema": { - "oneOf": [ - { - "type": "string", - "pattern": "^me$" - }, - { - "type": "integer", - "minimum": 1 - } - ] - }, - "required": true, - "description": "User ID or 'me' for yourself", - "example": 2 - }, - { - "in": "body", - "name": "user", - "description": "User Payload", - "required": true, - "schema": { - "$ref": "#/components/schemas/UserObject" - } - } - ], - "responses": { - "200": { - "description": "200 response", - "content": { - "application/json": { - "examples": { - "default": { - "value": { - "id": 2, - "created_on": "2020-01-30T09:36:08.000Z", - "modified_on": "2020-01-30T09:41:04.000Z", - "is_disabled": 0, - "email": "jc@jc21.com", - "name": "Jamie Curnow", - "nickname": "James", - "avatar": "//www.gravatar.com/avatar/6193176330f8d38747f038c170ddb193?default=mm", - "roles": ["admin"] - } - } - }, - "schema": { - "$ref": "#/components/schemas/UserObject" - } - } - } - } - } - }, - "delete": { - "operationId": "deleteUser", - "summary": "Delete a User", - "tags": ["Users"], - "security": [ - { - "BearerAuth": ["users"] - } - ], - "parameters": [ - { - "in": "path", - "name": "userID", - "schema": { - "type": "integer", - "minimum": 1 - }, - "required": true, - "description": "User ID", - "example": 2 - } - ], - "responses": { - "200": { - "description": "200 response", - "content": { - "application/json": { - "examples": { - "default": { - "value": true - } - }, - "schema": { - "type": "boolean" - } - } - } - } - } - } - }, - "/users/{userID}/auth": { - "put": { - "operationId": "updateUserAuth", - "summary": "Update a User's Authentication", - "tags": ["Users"], - "security": [ - { - "BearerAuth": ["users"] - } - ], - "parameters": [ - { - "in": "path", - "name": "userID", - "schema": { - "oneOf": [ - { - "type": "string", - "pattern": "^me$" - }, - { - "type": "integer", - "minimum": 1 - } - ] - }, - "required": true, - "description": "User ID or 'me' for yourself", - "example": 2 - }, - { - "in": "body", - "name": "user", - "description": "User Payload", - "required": true, - "schema": { - "$ref": "#/components/schemas/AuthObject" - } - } - ], - "responses": { - "200": { - "description": "200 response", - "content": { - "application/json": { - "examples": { - "default": { - "value": true - } - }, - "schema": { - "type": "boolean" - } - } - } - } - } - } - }, - "/users/{userID}/permissions": { - "put": { - "operationId": "updateUserPermissions", - "summary": "Update a User's Permissions", - "tags": ["Users"], - "security": [ - { - "BearerAuth": ["users"] - } - ], - "parameters": [ - { - "in": "path", - "name": "userID", - "schema": { - "type": "integer", - "minimum": 1 - }, - "required": true, - "description": "User ID", - "example": 2 - }, - { - "in": "body", - "name": "user", - "description": "Permissions Payload", - "required": true, - "schema": { - "$ref": "#/components/schemas/PermissionsObject" - } - } - ], - "responses": { - "200": { - "description": "200 response", - "content": { - "application/json": { - "examples": { - "default": { - "value": true - } - }, - "schema": { - "type": "boolean" - } - } - } - } - } - } - }, - "/users/{userID}/login": { - "put": { - "operationId": "loginAsUser", - "summary": "Login as this user", - "tags": ["Users"], - "security": [ - { - "BearerAuth": ["users"] - } - ], - "parameters": [ - { - "in": "path", - "name": "userID", - "schema": { - "type": "integer", - "minimum": 1 - }, - "required": true, - "description": "User ID", - "example": 2 - } - ], - "responses": { - "200": { - "description": "200 response", - "content": { - "application/json": { - "examples": { - "default": { - "value": { - "token": "eyJhbGciOiJSUzI1NiIsInR...16OjT8B3NLyXg", - "expires": "2020-01-31T10:56:23.239Z", - "user": { - "id": 1, - "created_on": "2020-01-30T10:43:44.000Z", - "modified_on": "2020-01-30T10:43:44.000Z", - "is_disabled": 0, - "email": "jc@jc21.com", - "name": "Jamie Curnow", - "nickname": "James", - "avatar": "//www.gravatar.com/avatar/3c8d73f45fd8763f827b964c76e6032a?default=mm", - "roles": ["admin"] - } - } - } - }, - "schema": { - "type": "object", - "description": "Login object", - "required": ["expires", "token", "user"], - "additionalProperties": false, - "properties": { - "expires": { - "description": "Token Expiry Unix Time", - "example": 1566540249, - "minimum": 1, - "type": "number" - }, - "token": { - "description": "JWT Token", - "example": "eyJhbGciOiJSUzUxMiIsInR5cCI6IkpXVCJ9.ey...xaHKYr3Kk6MvkUjcC4", - "type": "string" - }, - "user": { - "$ref": "#/components/schemas/UserObject" - } - } - } - } - } - } - } - } - }, - "/reports/hosts": { - "get": { - "operationId": "reportsHosts", - "summary": "Report on Host Statistics", - "tags": ["Reports"], - "security": [ - { - "BearerAuth": ["reports"] - } - ], - "responses": { - "200": { - "description": "200 response", - "content": { - "application/json": { - "examples": { - "default": { - "value": { - "proxy": 20, - "redirection": 1, - "stream": 0, - "dead": 1 - } - } - }, - "schema": { - "$ref": "#/components/schemas/HostReportObject" - } - } - } - } - } - } - }, - "/audit-log": { - "get": { - "operationId": "getAuditLog", - "summary": "Get Audit Log", - "tags": ["Audit Log"], - "security": [ - { - "BearerAuth": ["audit-log"] - } - ], - "responses": { - "200": { - "description": "200 response", - "content": { - "application/json": { - "examples": { - "default": { - "value": { - "proxy": 20, - "redirection": 1, - "stream": 0, - "dead": 1 - } - } - }, - "schema": { - "$ref": "#/components/schemas/HostReportObject" - } - } - } - } - } - } - } - }, - "components": { - "securitySchemes": { - "BearerAuth": { - "type": "http", - "scheme": "bearer" - } - }, - "schemas": { - "HealthObject": { - "type": "object", - "description": "Health object", - "additionalProperties": false, - "required": ["status", "version"], - "properties": { - "status": { - "type": "string", - "description": "Healthy", - "example": "OK" - }, - "version": { - "type": "object", - "description": "The version object", - "example": { - "major": 2, - "minor": 0, - "revision": 0 - }, - "additionalProperties": false, - "required": ["major", "minor", "revision"], - "properties": { - "major": { - "type": "integer", - "minimum": 0 - }, - "minor": { - "type": "integer", - "minimum": 0 - }, - "revision": { - "type": "integer", - "minimum": 0 - } - } - } - } - }, - "TokenObject": { - "type": "object", - "description": "Token object", - "required": ["expires", "token"], - "additionalProperties": false, - "properties": { - "expires": { - "description": "Token Expiry Unix Time", - "example": 1566540249, - "minimum": 1, - "type": "number" - }, - "token": { - "description": "JWT Token", - "example": "eyJhbGciOiJSUzUxMiIsInR5cCI6IkpXVCJ9.ey...xaHKYr3Kk6MvkUjcC4", - "type": "string" - } - } - }, - "ProxyHostObject": { - "type": "object", - "description": "Proxy Host object", - "required": [ - "id", - "created_on", - "modified_on", - "owner_user_id", - "domain_names", - "forward_host", - "forward_port", - "access_list_id", - "certificate_id", - "ssl_forced", - "caching_enabled", - "block_exploits", - "advanced_config", - "meta", - "allow_websocket_upgrade", - "http2_support", - "forward_scheme", - "enabled", - "locations", - "hsts_enabled", - "hsts_subdomains", - "certificate", - "use_default_location", - "ipv6" - ], - "additionalProperties": false, - "properties": { - "id": { - "type": "integer", - "description": "Proxy Host ID", - "minimum": 1, - "example": 1 - }, - "created_on": { - "type": "string", - "description": "Created Date", - "example": "2020-01-30T09:36:08.000Z" - }, - "modified_on": { - "type": "string", - "description": "Modified Date", - "example": "2020-01-30T09:41:04.000Z" - }, - "owner_user_id": { - "type": "integer", - "minimum": 1, - "example": 1 - }, - "domain_names": { - "type": "array", - "minItems": 1, - "items": { - "type": "string", - "minLength": 1 - } - }, - "forward_host": { - "type": "string", - "minLength": 1 - }, - "forward_port": { - "type": "integer", - "minimum": 1 - }, - "access_list_id": { - "type": "integer" - }, - "certificate_id": { - "type": "integer" - }, - "ssl_forced": { - "type": "integer" - }, - "caching_enabled": { - "type": "integer" - }, - "block_exploits": { - "type": "integer" - }, - "advanced_config": { - "type": "string" - }, - "meta": { - "type": "object" - }, - "allow_websocket_upgrade": { - "type": "integer" - }, - "http2_support": { - "type": "integer" - }, - "forward_scheme": { - "type": "string" - }, - "enabled": { - "type": "integer" - }, - "locations": { - "type": "array" - }, - "hsts_enabled": { - "type": "integer" - }, - "hsts_subdomains": { - "type": "integer" - }, - "certificate": { - "type": "object", - "nullable": true - }, - "owner": { - "type": "object", - "nullable": true - }, - "access_list": { - "type": "object", - "nullable": true - }, - "use_default_location": { - "type": "boolean" - }, - "ipv6": { - "type": "boolean" - } - } - }, - "ProxyHostsList": { - "type": "array", - "description": "Proxyn Hosts list", - "items": { - "$ref": "#/components/schemas/ProxyHostObject" - } - }, - "SettingObject": { - "type": "object", - "description": "Setting object", - "required": ["id", "name", "description", "value", "meta"], - "additionalProperties": false, - "properties": { - "id": { - "type": "string", - "description": "Setting ID", - "minLength": 1, - "example": "default-site" - }, - "name": { - "type": "string", - "description": "Setting Display Name", - "minLength": 1, - "example": "Default Site" - }, - "description": { - "type": "string", - "description": "Meaningful description", - "minLength": 1, - "example": "What to show when Nginx is hit with an unknown Host" - }, - "value": { - "description": "Value in almost any form", - "example": "congratulations", - "oneOf": [ - { - "type": "string", - "minLength": 1 - }, - { - "type": "integer" - }, - { - "type": "object" - }, - { - "type": "number" - }, - { - "type": "array" - } - ] - }, - "meta": { - "description": "Extra metadata", - "example": {}, - "type": "object" - } - } - }, - "SettingsList": { - "type": "array", - "description": "Setting list", - "items": { - "$ref": "#/components/schemas/SettingObject" - } - }, - "UserObject": { - "type": "object", - "description": "User object", - "required": ["id", "created_on", "modified_on", "is_disabled", "email", "name", "nickname", "avatar", "roles"], - "additionalProperties": false, - "properties": { - "id": { - "type": "integer", - "description": "User ID", - "minimum": 1, - "example": 1 - }, - "created_on": { - "type": "string", - "description": "Created Date", - "example": "2020-01-30T09:36:08.000Z" - }, - "modified_on": { - "type": "string", - "description": "Modified Date", - "example": "2020-01-30T09:41:04.000Z" - }, - "is_disabled": { - "type": "integer", - "minimum": 0, - "maximum": 1, - "description": "Is user Disabled (0 = false, 1 = true)", - "example": 0 - }, - "email": { - "type": "string", - "description": "Email", - "minLength": 3, - "example": "jc@jc21.com" - }, - "name": { - "type": "string", - "description": "Name", - "minLength": 1, - "example": "Jamie Curnow" - }, - "nickname": { - "type": "string", - "description": "Nickname", - "example": "James" - }, - "avatar": { - "type": "string", - "description": "Gravatar URL based on email, without scheme", - "example": "//www.gravatar.com/avatar/6193176330f8d38747f038c170ddb193?default=mm" - }, - "roles": { - "description": "Roles applied", - "example": ["admin"], - "type": "array", - "items": { - "type": "string" - } - } - } - }, - "UsersList": { - "type": "array", - "description": "User list", - "items": { - "$ref": "#/components/schemas/UserObject" - } - }, - "AuthObject": { - "type": "object", - "description": "Authentication Object", - "required": ["type", "secret"], - "properties": { - "type": { - "type": "string", - "pattern": "^password$", - "example": "password" - }, - "current": { - "type": "string", - "minLength": 1, - "maxLength": 64, - "example": "changeme" - }, - "secret": { - "type": "string", - "minLength": 8, - "maxLength": 64, - "example": "mySuperN3wP@ssword!" - } - } - }, - "PermissionsObject": { - "type": "object", - "properties": { - "visibility": { - "type": "string", - "description": "Visibility Type", - "enum": ["all", "user"] - }, - "access_lists": { - "type": "string", - "description": "Access Lists Permissions", - "enum": ["hidden", "view", "manage"] - }, - "dead_hosts": { - "type": "string", - "description": "404 Hosts Permissions", - "enum": ["hidden", "view", "manage"] - }, - "proxy_hosts": { - "type": "string", - "description": "Proxy Hosts Permissions", - "enum": ["hidden", "view", "manage"] - }, - "redirection_hosts": { - "type": "string", - "description": "Redirection Permissions", - "enum": ["hidden", "view", "manage"] - }, - "streams": { - "type": "string", - "description": "Streams Permissions", - "enum": ["hidden", "view", "manage"] - }, - "certificates": { - "type": "string", - "description": "Certificates Permissions", - "enum": ["hidden", "view", "manage"] - } - } - }, - "HostReportObject": { - "type": "object", - "properties": { - "proxy": { - "type": "integer", - "description": "Proxy Hosts Count" - }, - "redirection": { - "type": "integer", - "description": "Redirection Hosts Count" - }, - "stream": { - "type": "integer", - "description": "Streams Count" - }, - "dead": { - "type": "integer", - "description": "404 Hosts Count" - } - } - } - } - } -} diff --git a/backend/internal/proxy-host.js b/backend/internal/proxy-host.js index 0ea168789..61ac8b8c7 100644 --- a/backend/internal/proxy-host.js +++ b/backend/internal/proxy-host.js @@ -8,7 +8,7 @@ const internalAuditLog = require('./audit-log'); const internalCertificate = require('./certificate'); function omissions () { - return ['is_deleted']; + return ['is_deleted', 'owner.is_deleted']; } const internalProxyHost = { diff --git a/backend/lib/access.js b/backend/lib/access.js index 5b9ebc93c..57dd379c8 100644 --- a/backend/lib/access.js +++ b/backend/lib/access.js @@ -10,7 +10,7 @@ const _ = require('lodash'); const logger = require('../logger').access; -const validator = require('ajv'); +const Ajv = require('ajv/dist/2020'); const error = require('./error'); const userModel = require('../models/user'); const proxyHostModel = require('../models/proxy_host'); @@ -174,7 +174,6 @@ module.exports = function (token_string) { let schema = { $id: 'objects', - $schema: 'http://json-schema.org/draft-07/schema#', description: 'Actor Properties', type: 'object', additionalProperties: false, @@ -251,7 +250,7 @@ module.exports = function (token_string) { // Initialised, token decoded ok return this.getObjectSchema(permission) .then((objectSchema) => { - let data_schema = { + const data_schema = { [permission]: { data: data, scope: Token.get('scope'), @@ -267,7 +266,6 @@ module.exports = function (token_string) { }; let permissionSchema = { - $schema: 'http://json-schema.org/draft-07/schema#', $async: true, $id: 'permissions', additionalProperties: false, @@ -276,14 +274,9 @@ module.exports = function (token_string) { permissionSchema.properties[permission] = require('./access/' + permission.replace(/:/gim, '-') + '.json'); - // logger.info('objectSchema', JSON.stringify(objectSchema, null, 2)); - // logger.info('permissionSchema', JSON.stringify(permissionSchema, null, 2)); - // logger.info('data_schema', JSON.stringify(data_schema, null, 2)); - - let ajv = validator({ + const ajv = new Ajv({ verbose: true, allErrors: true, - format: 'full', missingRefs: 'fail', breakOnError: true, coerceTypes: true, diff --git a/backend/lib/access/permissions.json b/backend/lib/access/permissions.json index 8480f9a1c..e7a82ece3 100644 --- a/backend/lib/access/permissions.json +++ b/backend/lib/access/permissions.json @@ -1,5 +1,4 @@ { - "$schema": "http://json-schema.org/draft-07/schema#", "$id": "perms", "definitions": { "view": { diff --git a/backend/lib/access/roles.json b/backend/lib/access/roles.json index 16b33b55b..c97313da8 100644 --- a/backend/lib/access/roles.json +++ b/backend/lib/access/roles.json @@ -1,5 +1,4 @@ { - "$schema": "http://json-schema.org/draft-07/schema#", "$id": "roles", "definitions": { "admin": { diff --git a/backend/lib/helpers.js b/backend/lib/helpers.js index e38be991e..f7e98bebc 100644 --- a/backend/lib/helpers.js +++ b/backend/lib/helpers.js @@ -27,6 +27,24 @@ module.exports = { } return null; + }, + + convertIntFieldsToBool: function (obj, fields) { + fields.forEach(function (field) { + if (typeof obj[field] !== 'undefined') { + obj[field] = obj[field] === 1; + } + }); + return obj; + }, + + convertBoolFieldsToInt: function (obj, fields) { + fields.forEach(function (field) { + if (typeof obj[field] !== 'undefined') { + obj[field] = obj[field] ? 1 : 0; + } + }); + return obj; } }; diff --git a/backend/lib/validator/api.js b/backend/lib/validator/api.js index c0876ab32..fb31e64c6 100644 --- a/backend/lib/validator/api.js +++ b/backend/lib/validator/api.js @@ -1,11 +1,12 @@ +const Ajv = require('ajv/dist/2020'); const error = require('../error'); -const ajv = require('ajv')({ - verbose: true, - validateSchema: true, - allErrors: false, - format: 'full', - coerceTypes: true +const ajv = new Ajv({ + verbose: true, + allErrors: true, + allowUnionTypes: true, + strict: false, + coerceTypes: true, }); /** @@ -25,8 +26,8 @@ function apiValidator (schema, payload/*, description*/) { return; } - let validate = ajv.compile(schema); - let valid = validate(payload); + const validate = ajv.compile(schema); + const valid = validate(payload); if (valid && !validate.errors) { resolve(payload); diff --git a/backend/lib/validator/index.js b/backend/lib/validator/index.js index 3c5265b17..c6d240967 100644 --- a/backend/lib/validator/index.js +++ b/backend/lib/validator/index.js @@ -1,15 +1,17 @@ const _ = require('lodash'); +const Ajv = require('ajv/dist/2020'); const error = require('../error'); const commonDefinitions = require('../../schema/common.json'); RegExp.prototype.toJSON = RegExp.prototype.toString; -const ajv = require('ajv')({ - verbose: true, - allErrors: true, - format: 'full', // strict regexes for format checks - coerceTypes: true, - schemas: [commonDefinitions] +const ajv = new Ajv({ + verbose: true, + allErrors: true, + allowUnionTypes: true, + coerceTypes: true, + strict: false, + schemas: [commonDefinitions] }); /** @@ -38,7 +40,6 @@ function validator (schema, payload) { } } }); - } module.exports = validator; diff --git a/backend/models/access_list.js b/backend/models/access_list.js index fbf9bda77..959df05f3 100644 --- a/backend/models/access_list.js +++ b/backend/models/access_list.js @@ -2,6 +2,7 @@ // http://vincit.github.io/objection.js/ const db = require('../db'); +const helpers = require('../lib/helpers'); const Model = require('objection').Model; const User = require('./user'); const AccessListAuth = require('./access_list_auth'); @@ -10,6 +11,12 @@ const now = require('./now_helper'); Model.knex(db); +const boolFields = [ + 'is_deleted', + 'satisfy_any', + 'pass_auth', +]; + class AccessList extends Model { $beforeInsert () { this.created_on = now(); @@ -25,6 +32,16 @@ class AccessList extends Model { this.modified_on = now(); } + $parseDatabaseJson(json) { + json = super.$parseDatabaseJson(json); + return helpers.convertIntFieldsToBool(json, boolFields); + } + + $formatDatabaseJson(json) { + json = helpers.convertBoolFieldsToInt(json, boolFields); + return super.$formatDatabaseJson(json); + } + static get name () { return 'AccessList'; } diff --git a/backend/models/auth.js b/backend/models/auth.js index 2ee431975..469e96bf4 100644 --- a/backend/models/auth.js +++ b/backend/models/auth.js @@ -1,14 +1,19 @@ // Objection Docs: // http://vincit.github.io/objection.js/ -const bcrypt = require('bcrypt'); -const db = require('../db'); -const Model = require('objection').Model; -const User = require('./user'); -const now = require('./now_helper'); +const bcrypt = require('bcrypt'); +const db = require('../db'); +const helpers = require('../lib/helpers'); +const Model = require('objection').Model; +const User = require('./user'); +const now = require('./now_helper'); Model.knex(db); +const boolFields = [ + 'is_deleted', +]; + function encryptPassword () { /* jshint -W040 */ let _this = this; @@ -41,6 +46,16 @@ class Auth extends Model { return encryptPassword.apply(this, queryContext); } + $parseDatabaseJson(json) { + json = super.$parseDatabaseJson(json); + return helpers.convertIntFieldsToBool(json, boolFields); + } + + $formatDatabaseJson(json) { + json = helpers.convertBoolFieldsToInt(json, boolFields); + return super.$formatDatabaseJson(json); + } + /** * Verify a plain password against the encrypted password * diff --git a/backend/models/certificate.js b/backend/models/certificate.js index 4f0f2ef64..534d927cb 100644 --- a/backend/models/certificate.js +++ b/backend/models/certificate.js @@ -1,13 +1,18 @@ // Objection Docs: // http://vincit.github.io/objection.js/ -const db = require('../db'); -const Model = require('objection').Model; -const User = require('./user'); -const now = require('./now_helper'); +const db = require('../db'); +const helpers = require('../lib/helpers'); +const Model = require('objection').Model; +const User = require('./user'); +const now = require('./now_helper'); Model.knex(db); +const boolFields = [ + 'is_deleted', +]; + class Certificate extends Model { $beforeInsert () { this.created_on = now(); @@ -40,6 +45,16 @@ class Certificate extends Model { } } + $parseDatabaseJson(json) { + json = super.$parseDatabaseJson(json); + return helpers.convertIntFieldsToBool(json, boolFields); + } + + $formatDatabaseJson(json) { + json = helpers.convertBoolFieldsToInt(json, boolFields); + return super.$formatDatabaseJson(json); + } + static get name () { return 'Certificate'; } diff --git a/backend/models/dead_host.js b/backend/models/dead_host.js index 2e31043ae..483da3b6b 100644 --- a/backend/models/dead_host.js +++ b/backend/models/dead_host.js @@ -2,6 +2,7 @@ // http://vincit.github.io/objection.js/ const db = require('../db'); +const helpers = require('../lib/helpers'); const Model = require('objection').Model; const User = require('./user'); const Certificate = require('./certificate'); @@ -9,6 +10,11 @@ const now = require('./now_helper'); Model.knex(db); +const boolFields = [ + 'is_deleted', + 'enabled', +]; + class DeadHost extends Model { $beforeInsert () { this.created_on = now(); @@ -36,6 +42,16 @@ class DeadHost extends Model { } } + $parseDatabaseJson(json) { + json = super.$parseDatabaseJson(json); + return helpers.convertIntFieldsToBool(json, boolFields); + } + + $formatDatabaseJson(json) { + json = helpers.convertBoolFieldsToInt(json, boolFields); + return super.$formatDatabaseJson(json); + } + static get name () { return 'DeadHost'; } diff --git a/backend/models/proxy_host.js b/backend/models/proxy_host.js index d84181cf1..07aa5dd3c 100644 --- a/backend/models/proxy_host.js +++ b/backend/models/proxy_host.js @@ -2,6 +2,7 @@ // http://vincit.github.io/objection.js/ const db = require('../db'); +const helpers = require('../lib/helpers'); const Model = require('objection').Model; const User = require('./user'); const AccessList = require('./access_list'); @@ -10,6 +11,18 @@ const now = require('./now_helper'); Model.knex(db); +const boolFields = [ + 'is_deleted', + 'ssl_forced', + 'caching_enabled', + 'block_exploits', + 'allow_websocket_upgrade', + 'http2_support', + 'enabled', + 'hsts_enabled', + 'hsts_subdomains', +]; + class ProxyHost extends Model { $beforeInsert () { this.created_on = now(); @@ -37,6 +50,16 @@ class ProxyHost extends Model { } } + $parseDatabaseJson(json) { + json = super.$parseDatabaseJson(json); + return helpers.convertIntFieldsToBool(json, boolFields); + } + + $formatDatabaseJson(json) { + json = helpers.convertBoolFieldsToInt(json, boolFields); + return super.$formatDatabaseJson(json); + } + static get name () { return 'ProxyHost'; } diff --git a/backend/models/redirection_host.js b/backend/models/redirection_host.js index c90a6de6c..556742f0c 100644 --- a/backend/models/redirection_host.js +++ b/backend/models/redirection_host.js @@ -3,6 +3,7 @@ // http://vincit.github.io/objection.js/ const db = require('../db'); +const helpers = require('../lib/helpers'); const Model = require('objection').Model; const User = require('./user'); const Certificate = require('./certificate'); @@ -10,6 +11,14 @@ const now = require('./now_helper'); Model.knex(db); +const boolFields = [ + 'is_deleted', + 'enabled', + 'preserve_path', + 'ssl_forced', + 'block_exploits', +]; + class RedirectionHost extends Model { $beforeInsert () { this.created_on = now(); @@ -37,6 +46,16 @@ class RedirectionHost extends Model { } } + $parseDatabaseJson(json) { + json = super.$parseDatabaseJson(json); + return helpers.convertIntFieldsToBool(json, boolFields); + } + + $formatDatabaseJson(json) { + json = helpers.convertBoolFieldsToInt(json, boolFields); + return super.$formatDatabaseJson(json); + } + static get name () { return 'RedirectionHost'; } diff --git a/backend/models/stream.js b/backend/models/stream.js index 7d84d2c36..b96ca5a17 100644 --- a/backend/models/stream.js +++ b/backend/models/stream.js @@ -1,13 +1,20 @@ // Objection Docs: // http://vincit.github.io/objection.js/ -const db = require('../db'); -const Model = require('objection').Model; -const User = require('./user'); -const now = require('./now_helper'); +const db = require('../db'); +const helpers = require('../lib/helpers'); +const Model = require('objection').Model; +const User = require('./user'); +const now = require('./now_helper'); Model.knex(db); +const boolFields = [ + 'is_deleted', + 'tcp_forwarding', + 'udp_forwarding', +]; + class Stream extends Model { $beforeInsert () { this.created_on = now(); @@ -23,6 +30,16 @@ class Stream extends Model { this.modified_on = now(); } + $parseDatabaseJson(json) { + json = super.$parseDatabaseJson(json); + return helpers.convertIntFieldsToBool(json, boolFields); + } + + $formatDatabaseJson(json) { + json = helpers.convertBoolFieldsToInt(json, boolFields); + return super.$formatDatabaseJson(json); + } + static get name () { return 'Stream'; } diff --git a/backend/models/user.js b/backend/models/user.js index 93489fefe..78fd3dd67 100644 --- a/backend/models/user.js +++ b/backend/models/user.js @@ -2,12 +2,18 @@ // http://vincit.github.io/objection.js/ const db = require('../db'); +const helpers = require('../lib/helpers'); const Model = require('objection').Model; const UserPermission = require('./user_permission'); const now = require('./now_helper'); Model.knex(db); +const boolFields = [ + 'is_deleted', + 'is_disabled', +]; + class User extends Model { $beforeInsert () { this.created_on = now(); @@ -23,6 +29,16 @@ class User extends Model { this.modified_on = now(); } + $parseDatabaseJson(json) { + json = super.$parseDatabaseJson(json); + return helpers.convertIntFieldsToBool(json, boolFields); + } + + $formatDatabaseJson(json) { + json = helpers.convertBoolFieldsToInt(json, boolFields); + return super.$formatDatabaseJson(json); + } + static get name () { return 'User'; } diff --git a/backend/package.json b/backend/package.json index 379c6e68c..c55df861e 100644 --- a/backend/package.json +++ b/backend/package.json @@ -2,10 +2,10 @@ "name": "nginx-proxy-manager", "version": "0.0.0", "description": "A beautiful interface for creating Nginx endpoints", - "main": "js/index.js", + "main": "index.js", "dependencies": { "@apidevtools/json-schema-ref-parser": "^11.7.0", - "ajv": "^6.12.0", + "ajv": "^8.17.1", "archiver": "^5.3.0", "batchflow": "^0.4.0", "bcrypt": "^5.0.0", @@ -14,7 +14,6 @@ "express": "^4.19.2", "express-fileupload": "^1.1.9", "gravatar": "^1.8.0", - "json-schema-ref-parser": "^8.0.0", "jsonwebtoken": "^9.0.0", "knex": "2.4.2", "liquidjs": "10.6.1", @@ -35,9 +34,14 @@ "author": "Jamie Curnow ", "license": "MIT", "devDependencies": { + "@apidevtools/swagger-parser": "^10.1.0", + "chalk": "4.1.2", "eslint": "^8.36.0", "eslint-plugin-align-assignments": "^1.1.2", "nodemon": "^2.0.2", "prettier": "^2.0.4" + }, + "scripts": { + "validate-schema": "node validate-schema.js" } } diff --git a/backend/routes/audit-log.js b/backend/routes/audit-log.js index 6467a63d2..c68c7b35b 100644 --- a/backend/routes/audit-log.js +++ b/backend/routes/audit-log.js @@ -29,10 +29,10 @@ router additionalProperties: false, properties: { expand: { - $ref: 'common#/definitions/expand' + $ref: 'common#/properties/expand' }, query: { - $ref: 'common#/definitions/query' + $ref: 'common#/properties/query' } } }, { diff --git a/backend/routes/nginx/access_lists.js b/backend/routes/nginx/access_lists.js index 79e920ddb..383751277 100644 --- a/backend/routes/nginx/access_lists.js +++ b/backend/routes/nginx/access_lists.js @@ -31,10 +31,10 @@ router additionalProperties: false, properties: { expand: { - $ref: 'common#/definitions/expand' + $ref: 'common#/properties/expand' }, query: { - $ref: 'common#/definitions/query' + $ref: 'common#/properties/query' } } }, { @@ -91,10 +91,10 @@ router additionalProperties: false, properties: { list_id: { - $ref: 'common#/definitions/id' + $ref: 'common#/properties/id' }, expand: { - $ref: 'common#/definitions/expand' + $ref: 'common#/properties/expand' } } }, { diff --git a/backend/routes/nginx/certificates.js b/backend/routes/nginx/certificates.js index b6ad7c69c..bf47c03fc 100644 --- a/backend/routes/nginx/certificates.js +++ b/backend/routes/nginx/certificates.js @@ -32,10 +32,10 @@ router additionalProperties: false, properties: { expand: { - $ref: 'common#/definitions/expand' + $ref: 'common#/properties/expand' }, query: { - $ref: 'common#/definitions/query' + $ref: 'common#/properties/query' } } }, { @@ -124,10 +124,10 @@ router additionalProperties: false, properties: { certificate_id: { - $ref: 'common#/definitions/id' + $ref: 'common#/properties/id' }, expand: { - $ref: 'common#/definitions/expand' + $ref: 'common#/properties/expand' } } }, { diff --git a/backend/routes/nginx/dead_hosts.js b/backend/routes/nginx/dead_hosts.js index 4523d3e42..83b377653 100644 --- a/backend/routes/nginx/dead_hosts.js +++ b/backend/routes/nginx/dead_hosts.js @@ -31,10 +31,10 @@ router additionalProperties: false, properties: { expand: { - $ref: 'common#/definitions/expand' + $ref: 'common#/properties/expand' }, query: { - $ref: 'common#/definitions/query' + $ref: 'common#/properties/query' } } }, { @@ -91,10 +91,10 @@ router additionalProperties: false, properties: { host_id: { - $ref: 'common#/definitions/id' + $ref: 'common#/properties/id' }, expand: { - $ref: 'common#/definitions/expand' + $ref: 'common#/properties/expand' } } }, { diff --git a/backend/routes/nginx/proxy_hosts.js b/backend/routes/nginx/proxy_hosts.js index 6ace41954..3be4582a8 100644 --- a/backend/routes/nginx/proxy_hosts.js +++ b/backend/routes/nginx/proxy_hosts.js @@ -31,10 +31,10 @@ router additionalProperties: false, properties: { expand: { - $ref: 'common#/definitions/expand' + $ref: 'common#/properties/expand' }, query: { - $ref: 'common#/definitions/query' + $ref: 'common#/properties/query' } } }, { @@ -91,10 +91,10 @@ router additionalProperties: false, properties: { host_id: { - $ref: 'common#/definitions/id' + $ref: 'common#/properties/id' }, expand: { - $ref: 'common#/definitions/expand' + $ref: 'common#/properties/expand' } } }, { diff --git a/backend/routes/nginx/redirection_hosts.js b/backend/routes/nginx/redirection_hosts.js index de334e74e..a46feb841 100644 --- a/backend/routes/nginx/redirection_hosts.js +++ b/backend/routes/nginx/redirection_hosts.js @@ -31,10 +31,10 @@ router additionalProperties: false, properties: { expand: { - $ref: 'common#/definitions/expand' + $ref: 'common#/properties/expand' }, query: { - $ref: 'common#/definitions/query' + $ref: 'common#/properties/query' } } }, { @@ -91,10 +91,10 @@ router additionalProperties: false, properties: { host_id: { - $ref: 'common#/definitions/id' + $ref: 'common#/properties/id' }, expand: { - $ref: 'common#/definitions/expand' + $ref: 'common#/properties/expand' } } }, { diff --git a/backend/routes/nginx/streams.js b/backend/routes/nginx/streams.js index 1f68c1989..c033f2ef1 100644 --- a/backend/routes/nginx/streams.js +++ b/backend/routes/nginx/streams.js @@ -31,10 +31,10 @@ router additionalProperties: false, properties: { expand: { - $ref: 'common#/definitions/expand' + $ref: 'common#/properties/expand' }, query: { - $ref: 'common#/definitions/query' + $ref: 'common#/properties/query' } } }, { @@ -91,10 +91,10 @@ router additionalProperties: false, properties: { stream_id: { - $ref: 'common#/definitions/id' + $ref: 'common#/properties/id' }, expand: { - $ref: 'common#/definitions/expand' + $ref: 'common#/properties/expand' } } }, { diff --git a/backend/routes/users.js b/backend/routes/users.js index 475156675..f8ce366c9 100644 --- a/backend/routes/users.js +++ b/backend/routes/users.js @@ -32,10 +32,10 @@ router additionalProperties: false, properties: { expand: { - $ref: 'common#/definitions/expand' + $ref: 'common#/properties/expand' }, query: { - $ref: 'common#/definitions/query' + $ref: 'common#/properties/query' } } }, { @@ -97,10 +97,10 @@ router additionalProperties: false, properties: { user_id: { - $ref: 'common#/definitions/id' + $ref: 'common#/properties/id' }, expand: { - $ref: 'common#/definitions/expand' + $ref: 'common#/properties/expand' } } }, { diff --git a/backend/schema/common.json b/backend/schema/common.json index dd8247a4b..ebeb34416 100644 --- a/backend/schema/common.json +++ b/backend/schema/common.json @@ -1,10 +1,10 @@ { - "$schema": "http://json-schema.org/draft-07/schema#", + "$schema": "https://json-schema.org/draft/2020-12/schema", "$id": "common", - "definitions": { + "type": "object", + "properties": { "id": { "description": "Unique identifier", - "example": 123456, "readOnly": true, "type": "integer", "minimum": 1 @@ -37,25 +37,21 @@ }, "created_on": { "description": "Date and time of creation", - "format": "date-time", "readOnly": true, "type": "string" }, "modified_on": { "description": "Date and time of last update", - "format": "date-time", "readOnly": true, "type": "string" }, "user_id": { "description": "User ID", - "example": 1234, "type": "integer", "minimum": 1 }, "certificate_id": { "description": "Certificate ID", - "example": 1234, "anyOf": [ { "type": "integer", @@ -69,13 +65,11 @@ }, "access_list_id": { "description": "Access List ID", - "example": 1234, "type": "integer", "minimum": 0 }, "domain_names": { "description": "Domain Names separated by a comma", - "example": "*.jc21.com,blog.jc21.com", "type": "array", "minItems": 1, "maxItems": 100, @@ -87,22 +81,18 @@ }, "enabled": { "description": "Is Enabled", - "example": true, "type": "boolean" }, "ssl_forced": { "description": "Is SSL Forced", - "example": false, "type": "boolean" }, "hsts_enabled": { "description": "Is HSTS Enabled", - "example": false, "type": "boolean" }, "hsts_subdomains": { "description": "Is HSTS applicable to all subdomains", - "example": false, "type": "boolean" }, "ssl_provider": { @@ -111,17 +101,14 @@ }, "http2_support": { "description": "HTTP2 Protocol Support", - "example": false, "type": "boolean" }, "block_exploits": { "description": "Should we block common exploits", - "example": true, "type": "boolean" }, "caching_enabled": { "description": "Should we cache assets", - "example": true, "type": "boolean" } } diff --git a/backend/schema/components/access-list-object.json b/backend/schema/components/access-list-object.json index c6ed51a58..cd0218d72 100644 --- a/backend/schema/components/access-list-object.json +++ b/backend/schema/components/access-list-object.json @@ -5,16 +5,16 @@ "additionalProperties": false, "properties": { "id": { - "$ref": "../common.json#/definitions/id" + "$ref": "../common.json#/properties/id" }, "created_on": { - "$ref": "../common.json#/definitions/created_on" + "$ref": "../common.json#/properties/created_on" }, "modified_on": { - "$ref": "../common.json#/definitions/modified_on" + "$ref": "../common.json#/properties/modified_on" }, "owner_user_id": { - "$ref": "../common.json#/definitions/user_id" + "$ref": "../common.json#/properties/user_id" }, "name": { "type": "string", diff --git a/backend/schema/components/audit-log-object.json b/backend/schema/components/audit-log-object.json index f38606e12..3e5e8594b 100644 --- a/backend/schema/components/audit-log-object.json +++ b/backend/schema/components/audit-log-object.json @@ -5,22 +5,22 @@ "additionalProperties": false, "properties": { "id": { - "$ref": "../common.json#/definitions/id" + "$ref": "../common.json#/properties/id" }, "created_on": { - "$ref": "../common.json#/definitions/created_on" + "$ref": "../common.json#/properties/created_on" }, "modified_on": { - "$ref": "../common.json#/definitions/modified_on" + "$ref": "../common.json#/properties/modified_on" }, "user_id": { - "$ref": "../common.json#/definitions/user_id" + "$ref": "../common.json#/properties/user_id" }, "object_type": { "type": "string" }, "object_id": { - "$ref": "../common.json#/definitions/id" + "$ref": "../common.json#/properties/id" }, "action": { "type": "string" diff --git a/backend/schema/components/certificate-object.json b/backend/schema/components/certificate-object.json index 8e6a28523..04cd89801 100644 --- a/backend/schema/components/certificate-object.json +++ b/backend/schema/components/certificate-object.json @@ -5,30 +5,29 @@ "additionalProperties": false, "properties": { "id": { - "$ref": "../common.json#/definitions/id" + "$ref": "../common.json#/properties/id" }, "created_on": { - "$ref": "../common.json#/definitions/created_on" + "$ref": "../common.json#/properties/created_on" }, "modified_on": { - "$ref": "../common.json#/definitions/modified_on" + "$ref": "../common.json#/properties/modified_on" }, "owner_user_id": { - "$ref": "../common.json#/definitions/user_id" + "$ref": "../common.json#/properties/user_id" }, "provider": { - "$ref": "../common.json#/definitions/ssl_provider" + "$ref": "../common.json#/properties/ssl_provider" }, "nice_name": { "type": "string", "description": "Nice Name for the custom certificate" }, "domain_names": { - "$ref": "../common.json#/definitions/domain_names" + "$ref": "../common.json#/properties/domain_names" }, "expires_on": { "description": "Date and time of expiration", - "format": "date-time", "readOnly": true, "type": "string" }, @@ -37,8 +36,7 @@ "additionalProperties": false, "properties": { "letsencrypt_email": { - "type": "string", - "format": "email" + "type": "string" }, "letsencrypt_agree": { "type": "boolean" diff --git a/backend/schema/components/dead-host-object.json b/backend/schema/components/dead-host-object.json index 84ad17793..792c2f81e 100644 --- a/backend/schema/components/dead-host-object.json +++ b/backend/schema/components/dead-host-object.json @@ -5,40 +5,40 @@ "additionalProperties": false, "properties": { "id": { - "$ref": "../common.json#/definitions/id" + "$ref": "../common.json#/properties/id" }, "created_on": { - "$ref": "../common.json#/definitions/created_on" + "$ref": "../common.json#/properties/created_on" }, "modified_on": { - "$ref": "../common.json#/definitions/modified_on" + "$ref": "../common.json#/properties/modified_on" }, "owner_user_id": { - "$ref": "../common.json#/definitions/user_id" + "$ref": "../common.json#/properties/user_id" }, "domain_names": { - "$ref": "../common.json#/definitions/domain_names" + "$ref": "../common.json#/properties/domain_names" }, "certificate_id": { - "$ref": "../common.json#/definitions/certificate_id" + "$ref": "../common.json#/properties/certificate_id" }, "ssl_forced": { - "$ref": "../common.json#/definitions/ssl_forced" + "$ref": "../common.json#/properties/ssl_forced" }, "hsts_enabled": { - "$ref": "../common.json#/definitions/hsts_enabled" + "$ref": "../common.json#/properties/hsts_enabled" }, "hsts_subdomains": { - "$ref": "../common.json#/definitions/hsts_subdomains" + "$ref": "../common.json#/properties/hsts_subdomains" }, "http2_support": { - "$ref": "../common.json#/definitions/http2_support" + "$ref": "../common.json#/properties/http2_support" }, "advanced_config": { "type": "string" }, "enabled": { - "$ref": "../common.json#/definitions/enabled" + "$ref": "../common.json#/properties/enabled" }, "meta": { "type": "object" diff --git a/backend/schema/components/proxy-host-object.json b/backend/schema/components/proxy-host-object.json index 18414bd4c..a64a58c8f 100644 --- a/backend/schema/components/proxy-host-object.json +++ b/backend/schema/components/proxy-host-object.json @@ -30,19 +30,19 @@ "additionalProperties": false, "properties": { "id": { - "$ref": "../common.json#/definitions/id" + "$ref": "../common.json#/properties/id" }, "created_on": { - "$ref": "../common.json#/definitions/created_on" + "$ref": "../common.json#/properties/created_on" }, "modified_on": { - "$ref": "../common.json#/definitions/modified_on" + "$ref": "../common.json#/properties/modified_on" }, "owner_user_id": { - "$ref": "../common.json#/definitions/user_id" + "$ref": "../common.json#/properties/user_id" }, "domain_names": { - "$ref": "../common.json#/definitions/domain_names" + "$ref": "../common.json#/properties/domain_names" }, "forward_host": { "type": "string", @@ -55,19 +55,19 @@ "maximum": 65535 }, "access_list_id": { - "$ref": "../common.json#/definitions/access_list_id" + "$ref": "../common.json#/properties/access_list_id" }, "certificate_id": { - "$ref": "../common.json#/definitions/certificate_id" + "$ref": "../common.json#/properties/certificate_id" }, "ssl_forced": { - "$ref": "../common.json#/definitions/ssl_forced" + "$ref": "../common.json#/properties/ssl_forced" }, "caching_enabled": { - "$ref": "../common.json#/definitions/caching_enabled" + "$ref": "../common.json#/properties/caching_enabled" }, "block_exploits": { - "$ref": "../common.json#/definitions/block_exploits" + "$ref": "../common.json#/properties/block_exploits" }, "advanced_config": { "type": "string" @@ -81,14 +81,14 @@ "type": "boolean" }, "http2_support": { - "$ref": "../common.json#/definitions/http2_support" + "$ref": "../common.json#/properties/http2_support" }, "forward_scheme": { "type": "string", "enum": ["http", "https"] }, "enabled": { - "$ref": "../common.json#/definitions/enabled" + "$ref": "../common.json#/properties/enabled" }, "locations": { "type": "array", @@ -124,19 +124,33 @@ } }, "hsts_enabled": { - "$ref": "../common.json#/definitions/hsts_enabled" + "$ref": "../common.json#/properties/hsts_enabled" }, "hsts_subdomains": { - "$ref": "../common.json#/definitions/hsts_subdomains" + "$ref": "../common.json#/properties/hsts_subdomains" }, "certificate": { - "$ref": "./certificate-object.json" + "oneOf": [ + { + "type": "null" + }, + { + "$ref": "./certificate-object.json" + } + ] }, "owner": { "$ref": "./user-object.json" }, "access_list": { - "$ref": "./access-list-object.json" + "oneOf": [ + { + "type": "null" + }, + { + "$ref": "./access-list-object.json" + } + ] }, "use_default_location": { "type": "boolean" diff --git a/backend/schema/components/redirection-host-object.json b/backend/schema/components/redirection-host-object.json index 080b75e59..cc4dbdd2f 100644 --- a/backend/schema/components/redirection-host-object.json +++ b/backend/schema/components/redirection-host-object.json @@ -5,19 +5,19 @@ "additionalProperties": false, "properties": { "id": { - "$ref": "../common.json#/definitions/id" + "$ref": "../common.json#/properties/id" }, "created_on": { - "$ref": "../common.json#/definitions/created_on" + "$ref": "../common.json#/properties/created_on" }, "modified_on": { - "$ref": "../common.json#/definitions/modified_on" + "$ref": "../common.json#/properties/modified_on" }, "owner_user_id": { - "$ref": "../common.json#/definitions/user_id" + "$ref": "../common.json#/properties/user_id" }, "domain_names": { - "$ref": "../common.json#/definitions/domain_names" + "$ref": "../common.json#/properties/domain_names" }, "forward_http_code": { "description": "Redirect HTTP Status Code", @@ -42,28 +42,28 @@ "type": "boolean" }, "certificate_id": { - "$ref": "../common.json#/definitions/certificate_id" + "$ref": "../common.json#/properties/certificate_id" }, "ssl_forced": { - "$ref": "../common.json#/definitions/ssl_forced" + "$ref": "../common.json#/properties/ssl_forced" }, "hsts_enabled": { - "$ref": "../common.json#/definitions/hsts_enabled" + "$ref": "../common.json#/properties/hsts_enabled" }, "hsts_subdomains": { - "$ref": "../common.json#/definitions/hsts_subdomains" + "$ref": "../common.json#/properties/hsts_subdomains" }, "http2_support": { - "$ref": "../common.json#/definitions/http2_support" + "$ref": "../common.json#/properties/http2_support" }, "block_exploits": { - "$ref": "../common.json#/definitions/block_exploits" + "$ref": "../common.json#/properties/block_exploits" }, "advanced_config": { "type": "string" }, "enabled": { - "$ref": "../common.json#/definitions/enabled" + "$ref": "../common.json#/properties/enabled" }, "meta": { "type": "object" diff --git a/backend/schema/components/stream-object.json b/backend/schema/components/stream-object.json index 9b92d26dd..516c7f891 100644 --- a/backend/schema/components/stream-object.json +++ b/backend/schema/components/stream-object.json @@ -5,16 +5,16 @@ "additionalProperties": false, "properties": { "id": { - "$ref": "../common.json#/definitions/id" + "$ref": "../common.json#/properties/id" }, "created_on": { - "$ref": "../common.json#/definitions/created_on" + "$ref": "../common.json#/properties/created_on" }, "modified_on": { - "$ref": "../common.json#/definitions/modified_on" + "$ref": "../common.json#/properties/modified_on" }, "owner_user_id": { - "$ref": "../common.json#/definitions/user_id" + "$ref": "../common.json#/properties/user_id" }, "incoming_port": { "type": "integer", @@ -51,7 +51,7 @@ "type": "boolean" }, "enabled": { - "$ref": "../common.json#/definitions/enabled" + "$ref": "../common.json#/properties/enabled" }, "meta": { "type": "object" diff --git a/backend/schema/components/user-object.json b/backend/schema/components/user-object.json index 7f01a6ac8..180e8f197 100644 --- a/backend/schema/components/user-object.json +++ b/backend/schema/components/user-object.json @@ -21,11 +21,9 @@ "example": "2020-01-30T09:41:04.000Z" }, "is_disabled": { - "type": "integer", - "minimum": 0, - "maximum": 1, - "description": "Is user Disabled (0 = false, 1 = true)", - "example": 0 + "type": "boolean", + "description": "Is user Disabled", + "example": true }, "email": { "type": "string", diff --git a/backend/schema/paths/nginx/access-lists/get.json b/backend/schema/paths/nginx/access-lists/get.json index 7774b906a..a8b9adc69 100644 --- a/backend/schema/paths/nginx/access-lists/get.json +++ b/backend/schema/paths/nginx/access-lists/get.json @@ -33,8 +33,8 @@ "owner_user_id": 1, "name": "test1234", "meta": {}, - "satisfy_any": 1, - "pass_auth": 0, + "satisfy_any": true, + "pass_auth": false, "proxy_host_count": 0 } ] diff --git a/backend/schema/paths/nginx/access-lists/listID/get.json b/backend/schema/paths/nginx/access-lists/listID/get.json index 011ad77e6..e67023f89 100644 --- a/backend/schema/paths/nginx/access-lists/listID/get.json +++ b/backend/schema/paths/nginx/access-lists/listID/get.json @@ -30,7 +30,7 @@ "id": 1, "created_on": "2020-01-30T09:36:08.000Z", "modified_on": "2020-01-30T09:41:04.000Z", - "is_disabled": 0, + "is_disabled": false, "email": "jc@jc21.com", "name": "Jamie Curnow", "nickname": "James", diff --git a/backend/schema/paths/nginx/access-lists/listID/put.json b/backend/schema/paths/nginx/access-lists/listID/put.json index 95ecaa619..3a69f8567 100644 --- a/backend/schema/paths/nginx/access-lists/listID/put.json +++ b/backend/schema/paths/nginx/access-lists/listID/put.json @@ -102,15 +102,15 @@ "owner_user_id": 1, "name": "test123!!", "meta": {}, - "satisfy_any": 1, - "pass_auth": 0, + "satisfy_any": true, + "pass_auth": false, "proxy_host_count": 0, "owner": { "id": 1, "created_on": "2024-10-07T22:43:55.000Z", "modified_on": "2024-10-08T12:52:54.000Z", - "is_deleted": 0, - "is_disabled": 0, + "is_deleted": false, + "is_disabled": false, "email": "admin@example.com", "name": "Administrator", "nickname": "some guy", diff --git a/backend/schema/paths/nginx/access-lists/post.json b/backend/schema/paths/nginx/access-lists/post.json index cb3af8f42..4c5a4edd2 100644 --- a/backend/schema/paths/nginx/access-lists/post.json +++ b/backend/schema/paths/nginx/access-lists/post.json @@ -93,15 +93,15 @@ "owner_user_id": 1, "name": "test1234", "meta": {}, - "satisfy_any": 1, - "pass_auth": 0, + "satisfy_any": true, + "pass_auth": false, "proxy_host_count": 0, "owner": { "id": 1, "created_on": "2024-10-07T22:43:55.000Z", "modified_on": "2024-10-08T12:52:54.000Z", - "is_deleted": 0, - "is_disabled": 0, + "is_deleted": false, + "is_disabled": false, "email": "admin@example.com", "name": "Administrator", "nickname": "some guy", diff --git a/backend/schema/paths/nginx/certificates/certID/renew/post.json b/backend/schema/paths/nginx/certificates/certID/renew/post.json index 7b32af04a..ef4d20e5b 100644 --- a/backend/schema/paths/nginx/certificates/certID/renew/post.json +++ b/backend/schema/paths/nginx/certificates/certID/renew/post.json @@ -32,7 +32,7 @@ "id": 4, "created_on": "2024-10-09T05:31:58.000Z", "owner_user_id": 1, - "is_deleted": 0, + "is_deleted": false, "provider": "letsencrypt", "nice_name": "My Test Cert", "domain_names": ["test.jc21.supernerd.pro"], diff --git a/backend/schema/paths/nginx/certificates/post.json b/backend/schema/paths/nginx/certificates/post.json index cc4d91d6d..1b2e04625 100644 --- a/backend/schema/paths/nginx/certificates/post.json +++ b/backend/schema/paths/nginx/certificates/post.json @@ -47,7 +47,7 @@ "id": 5, "created_on": "2024-10-09 05:28:35", "owner_user_id": 1, - "is_deleted": 0, + "is_deleted": false, "provider": "letsencrypt", "nice_name": "test.example.com", "domain_names": ["test.example.com"], diff --git a/backend/schema/paths/nginx/dead-hosts/get.json b/backend/schema/paths/nginx/dead-hosts/get.json index 61e2b2784..8a11a3f66 100644 --- a/backend/schema/paths/nginx/dead-hosts/get.json +++ b/backend/schema/paths/nginx/dead-hosts/get.json @@ -33,16 +33,16 @@ "owner_user_id": 1, "domain_names": ["test.example.com"], "certificate_id": 0, - "ssl_forced": 0, + "ssl_forced": false, "advanced_config": "", "meta": { "nginx_online": true, "nginx_err": null }, - "http2_support": 0, - "enabled": 1, - "hsts_enabled": 0, - "hsts_subdomains": 0 + "http2_support": false, + "enabled": true, + "hsts_enabled": false, + "hsts_subdomains": false } ] } diff --git a/backend/schema/paths/nginx/dead-hosts/hostID/get.json b/backend/schema/paths/nginx/dead-hosts/hostID/get.json index ae077c104..47e2f8b12 100644 --- a/backend/schema/paths/nginx/dead-hosts/hostID/get.json +++ b/backend/schema/paths/nginx/dead-hosts/hostID/get.json @@ -33,16 +33,16 @@ "owner_user_id": 1, "domain_names": ["test.example.com"], "certificate_id": 0, - "ssl_forced": 0, + "ssl_forced": false, "advanced_config": "", "meta": { "nginx_online": true, "nginx_err": null }, - "http2_support": 0, - "enabled": 1, - "hsts_enabled": 0, - "hsts_subdomains": 0 + "http2_support": false, + "enabled": true, + "hsts_enabled": false, + "hsts_subdomains": false } } }, diff --git a/backend/schema/paths/nginx/dead-hosts/hostID/put.json b/backend/schema/paths/nginx/dead-hosts/hostID/put.json index 058aff172..6a0a57e3a 100644 --- a/backend/schema/paths/nginx/dead-hosts/hostID/put.json +++ b/backend/schema/paths/nginx/dead-hosts/hostID/put.json @@ -72,22 +72,22 @@ "owner_user_id": 1, "domain_names": ["test.example.com"], "certificate_id": 0, - "ssl_forced": 0, + "ssl_forced": false, "advanced_config": "", "meta": { "nginx_online": true, "nginx_err": null }, - "http2_support": 0, - "enabled": 1, - "hsts_enabled": 0, - "hsts_subdomains": 0, + "http2_support": false, + "enabled": true, + "hsts_enabled": false, + "hsts_subdomains": false, "owner": { "id": 1, "created_on": "2024-10-09T00:59:56.000Z", "modified_on": "2024-10-09T00:59:56.000Z", - "is_deleted": 0, - "is_disabled": 0, + "is_deleted": false, + "is_disabled": false, "email": "admin@example.com", "name": "Administrator", "nickname": "Admin", diff --git a/backend/schema/paths/nginx/dead-hosts/post.json b/backend/schema/paths/nginx/dead-hosts/post.json index b26174361..593135065 100644 --- a/backend/schema/paths/nginx/dead-hosts/post.json +++ b/backend/schema/paths/nginx/dead-hosts/post.json @@ -60,20 +60,20 @@ "owner_user_id": 1, "domain_names": ["test.example.com"], "certificate_id": 0, - "ssl_forced": 0, + "ssl_forced": false, "advanced_config": "", "meta": {}, - "http2_support": 0, - "enabled": 1, - "hsts_enabled": 0, - "hsts_subdomains": 0, + "http2_support": false, + "enabled": true, + "hsts_enabled": false, + "hsts_subdomains": false, "certificate": null, "owner": { "id": 1, "created_on": "2024-10-09T00:59:56.000Z", "modified_on": "2024-10-09T00:59:56.000Z", - "is_deleted": 0, - "is_disabled": 0, + "is_deleted": false, + "is_disabled": false, "email": "admin@example.com", "name": "Administrator", "nickname": "Admin", diff --git a/backend/schema/paths/nginx/proxy-hosts/get.json b/backend/schema/paths/nginx/proxy-hosts/get.json index 9e9a7855b..1d9f63351 100644 --- a/backend/schema/paths/nginx/proxy-hosts/get.json +++ b/backend/schema/paths/nginx/proxy-hosts/get.json @@ -36,21 +36,21 @@ "forward_port": 8989, "access_list_id": 0, "certificate_id": 0, - "ssl_forced": 0, - "caching_enabled": 0, - "block_exploits": 0, + "ssl_forced": false, + "caching_enabled": false, + "block_exploits": false, "advanced_config": "", "meta": { "nginx_online": true, "nginx_err": null }, - "allow_websocket_upgrade": 0, - "http2_support": 0, + "allow_websocket_upgrade": false, + "http2_support": false, "forward_scheme": "http", - "enabled": 1, + "enabled": true, "locations": null, - "hsts_enabled": 0, - "hsts_subdomains": 0 + "hsts_enabled": false, + "hsts_subdomains": false } ] } diff --git a/backend/schema/paths/nginx/proxy-hosts/hostID/get.json b/backend/schema/paths/nginx/proxy-hosts/hostID/get.json index 250bf0326..5e10a9cfd 100644 --- a/backend/schema/paths/nginx/proxy-hosts/hostID/get.json +++ b/backend/schema/paths/nginx/proxy-hosts/hostID/get.json @@ -36,21 +36,21 @@ "forward_port": 8989, "access_list_id": 0, "certificate_id": 0, - "ssl_forced": 0, - "caching_enabled": 0, - "block_exploits": 0, + "ssl_forced": false, + "caching_enabled": false, + "block_exploits": false, "advanced_config": "", "meta": { "nginx_online": true, "nginx_err": null }, - "allow_websocket_upgrade": 0, - "http2_support": 0, + "allow_websocket_upgrade": false, + "http2_support": false, "forward_scheme": "http", - "enabled": 1, + "enabled": true, "locations": null, - "hsts_enabled": 0, - "hsts_subdomains": 0 + "hsts_enabled": false, + "hsts_subdomains": false } } }, diff --git a/backend/schema/paths/nginx/proxy-hosts/hostID/put.json b/backend/schema/paths/nginx/proxy-hosts/hostID/put.json index 9028c6ac5..af73905dc 100644 --- a/backend/schema/paths/nginx/proxy-hosts/hostID/put.json +++ b/backend/schema/paths/nginx/proxy-hosts/hostID/put.json @@ -102,26 +102,26 @@ "forward_port": 8989, "access_list_id": 0, "certificate_id": 0, - "ssl_forced": 0, - "caching_enabled": 0, - "block_exploits": 0, + "ssl_forced": false, + "caching_enabled": false, + "block_exploits": false, "advanced_config": "", "meta": { "nginx_online": true, "nginx_err": null }, - "allow_websocket_upgrade": 0, - "http2_support": 0, + "allow_websocket_upgrade": false, + "http2_support": false, "forward_scheme": "http", - "enabled": 1, - "hsts_enabled": 0, - "hsts_subdomains": 0, + "enabled": true, + "hsts_enabled": false, + "hsts_subdomains": false, "owner": { "id": 1, "created_on": "2024-10-07T22:43:55.000Z", "modified_on": "2024-10-08T12:52:54.000Z", - "is_deleted": 0, - "is_disabled": 0, + "is_deleted": false, + "is_disabled": false, "email": "admin@example.com", "name": "Administrator", "nickname": "some guy", diff --git a/backend/schema/paths/nginx/proxy-hosts/post.json b/backend/schema/paths/nginx/proxy-hosts/post.json index 5f61ff4c0..13f641610 100644 --- a/backend/schema/paths/nginx/proxy-hosts/post.json +++ b/backend/schema/paths/nginx/proxy-hosts/post.json @@ -90,24 +90,24 @@ "forward_port": 8989, "access_list_id": 0, "certificate_id": 0, - "ssl_forced": 0, - "caching_enabled": 0, - "block_exploits": 0, + "ssl_forced": false, + "caching_enabled": false, + "block_exploits": false, "advanced_config": "", "meta": {}, - "allow_websocket_upgrade": 0, - "http2_support": 0, + "allow_websocket_upgrade": false, + "http2_support": false, "forward_scheme": "http", - "enabled": 1, - "hsts_enabled": 0, - "hsts_subdomains": 0, + "enabled": true, + "hsts_enabled": false, + "hsts_subdomains": false, "certificate": null, "owner": { "id": 1, "created_on": "2024-10-07T22:43:55.000Z", "modified_on": "2024-10-08T12:52:54.000Z", - "is_deleted": 0, - "is_disabled": 0, + "is_deleted": false, + "is_disabled": false, "email": "admin@example.com", "name": "Administrator", "nickname": "some guy", diff --git a/backend/schema/paths/nginx/redirection-hosts/get.json b/backend/schema/paths/nginx/redirection-hosts/get.json index 24adbc78d..0b35e0fc4 100644 --- a/backend/schema/paths/nginx/redirection-hosts/get.json +++ b/backend/schema/paths/nginx/redirection-hosts/get.json @@ -33,19 +33,19 @@ "owner_user_id": 1, "domain_names": ["test.example.com"], "forward_domain_name": "something-else.com", - "preserve_path": 0, + "preserve_path": false, "certificate_id": 0, - "ssl_forced": 0, - "block_exploits": 0, + "ssl_forced": false, + "block_exploits": false, "advanced_config": "", "meta": { "nginx_online": true, "nginx_err": null }, - "http2_support": 0, - "enabled": 1, - "hsts_enabled": 0, - "hsts_subdomains": 0, + "http2_support": false, + "enabled": true, + "hsts_enabled": false, + "hsts_subdomains": false, "forward_scheme": "http", "forward_http_code": 301 } diff --git a/backend/schema/paths/nginx/redirection-hosts/hostID/get.json b/backend/schema/paths/nginx/redirection-hosts/hostID/get.json index f20ff296c..d780f874b 100644 --- a/backend/schema/paths/nginx/redirection-hosts/hostID/get.json +++ b/backend/schema/paths/nginx/redirection-hosts/hostID/get.json @@ -33,19 +33,19 @@ "owner_user_id": 1, "domain_names": ["test.example.com"], "forward_domain_name": "something-else.com", - "preserve_path": 0, + "preserve_path": false, "certificate_id": 0, - "ssl_forced": 0, - "block_exploits": 0, + "ssl_forced": false, + "block_exploits": false, "advanced_config": "", "meta": { "nginx_online": true, "nginx_err": null }, - "http2_support": 0, - "enabled": 1, - "hsts_enabled": 0, - "hsts_subdomains": 0, + "http2_support": false, + "enabled": true, + "hsts_enabled": false, + "hsts_subdomains": false, "forward_scheme": "http", "forward_http_code": 301 } diff --git a/backend/schema/paths/nginx/redirection-hosts/hostID/put.json b/backend/schema/paths/nginx/redirection-hosts/hostID/put.json index 3ee97947c..870f16fcd 100644 --- a/backend/schema/paths/nginx/redirection-hosts/hostID/put.json +++ b/backend/schema/paths/nginx/redirection-hosts/hostID/put.json @@ -87,27 +87,27 @@ "owner_user_id": 1, "domain_names": ["test.example.com"], "forward_domain_name": "something-else.com", - "preserve_path": 0, + "preserve_path": false, "certificate_id": 0, - "ssl_forced": 0, - "block_exploits": 0, + "ssl_forced": false, + "block_exploits": false, "advanced_config": "", "meta": { "nginx_online": true, "nginx_err": null }, - "http2_support": 0, - "enabled": 1, - "hsts_enabled": 0, - "hsts_subdomains": 0, + "http2_support": false, + "enabled": true, + "hsts_enabled": false, + "hsts_subdomains": false, "forward_scheme": "http", "forward_http_code": 301, "owner": { "id": 1, "created_on": "2024-10-09T00:59:56.000Z", "modified_on": "2024-10-09T00:59:56.000Z", - "is_deleted": 0, - "is_disabled": 0, + "is_deleted": false, + "is_disabled": false, "email": "admin@example.com", "name": "Administrator", "nickname": "Admin", diff --git a/backend/schema/paths/nginx/redirection-hosts/post.json b/backend/schema/paths/nginx/redirection-hosts/post.json index e8d2fa17b..3a9a05fec 100644 --- a/backend/schema/paths/nginx/redirection-hosts/post.json +++ b/backend/schema/paths/nginx/redirection-hosts/post.json @@ -75,16 +75,16 @@ "owner_user_id": 1, "domain_names": ["test.example.com"], "forward_domain_name": "something-else.com", - "preserve_path": 0, + "preserve_path": false, "certificate_id": 0, - "ssl_forced": 0, - "block_exploits": 0, + "ssl_forced": false, + "block_exploits": false, "advanced_config": "", "meta": {}, - "http2_support": 0, - "enabled": 1, - "hsts_enabled": 0, - "hsts_subdomains": 0, + "http2_support": false, + "enabled": true, + "hsts_enabled": false, + "hsts_subdomains": false, "forward_scheme": "http", "forward_http_code": 301, "certificate": null, @@ -92,8 +92,8 @@ "id": 1, "created_on": "2024-10-09T00:59:56.000Z", "modified_on": "2024-10-09T00:59:56.000Z", - "is_deleted": 0, - "is_disabled": 0, + "is_deleted": false, + "is_disabled": false, "email": "admin@example.com", "name": "Administrator", "nickname": "Admin", diff --git a/backend/schema/paths/nginx/streams/get.json b/backend/schema/paths/nginx/streams/get.json index 5ea97ce39..596afc6e7 100644 --- a/backend/schema/paths/nginx/streams/get.json +++ b/backend/schema/paths/nginx/streams/get.json @@ -34,13 +34,13 @@ "incoming_port": 9090, "forwarding_host": "router.internal", "forwarding_port": 80, - "tcp_forwarding": 0, - "udp_forwarding": 0, + "tcp_forwarding": true, + "udp_forwarding": false, "meta": { "nginx_online": true, "nginx_err": null }, - "enabled": 1 + "enabled": true } ] } diff --git a/backend/schema/paths/nginx/streams/post.json b/backend/schema/paths/nginx/streams/post.json index 0610a7273..9f3514e0f 100644 --- a/backend/schema/paths/nginx/streams/post.json +++ b/backend/schema/paths/nginx/streams/post.json @@ -55,19 +55,19 @@ "incoming_port": 9090, "forwarding_host": "router.internal", "forwarding_port": 80, - "tcp_forwarding": 0, - "udp_forwarding": 0, + "tcp_forwarding": true, + "udp_forwarding": false, "meta": { "nginx_online": true, "nginx_err": null }, - "enabled": 1, + "enabled": true, "owner": { "id": 1, "created_on": "2024-10-09T02:33:16.000Z", "modified_on": "2024-10-09T02:33:16.000Z", - "is_deleted": 0, - "is_disabled": 0, + "is_deleted": false, + "is_disabled": false, "email": "admin@example.com", "name": "Administrator", "nickname": "Admin", diff --git a/backend/schema/paths/nginx/streams/streamID/get.json b/backend/schema/paths/nginx/streams/streamID/get.json index a3371e8b8..6547656df 100644 --- a/backend/schema/paths/nginx/streams/streamID/get.json +++ b/backend/schema/paths/nginx/streams/streamID/get.json @@ -34,13 +34,13 @@ "incoming_port": 9090, "forwarding_host": "router.internal", "forwarding_port": 80, - "tcp_forwarding": 0, - "udp_forwarding": 0, + "tcp_forwarding": true, + "udp_forwarding": false, "meta": { "nginx_online": true, "nginx_err": null }, - "enabled": 1 + "enabled": true } } }, diff --git a/backend/schema/paths/nginx/streams/streamID/put.json b/backend/schema/paths/nginx/streams/streamID/put.json index cb85a6917..f3ef54d47 100644 --- a/backend/schema/paths/nginx/streams/streamID/put.json +++ b/backend/schema/paths/nginx/streams/streamID/put.json @@ -102,26 +102,26 @@ "forward_port": 8989, "access_list_id": 0, "certificate_id": 0, - "ssl_forced": 0, - "caching_enabled": 0, - "block_exploits": 0, + "ssl_forced": false, + "caching_enabled": false, + "block_exploits": false, "advanced_config": "", "meta": { "nginx_online": true, "nginx_err": null }, - "allow_websocket_upgrade": 0, - "http2_support": 0, + "allow_websocket_upgrade": false, + "http2_support": false, "forward_scheme": "http", - "enabled": 1, - "hsts_enabled": 0, - "hsts_subdomains": 0, + "enabled": true, + "hsts_enabled": false, + "hsts_subdomains": false, "owner": { "id": 1, "created_on": "2024-10-07T22:43:55.000Z", "modified_on": "2024-10-08T12:52:54.000Z", - "is_deleted": 0, - "is_disabled": 0, + "is_deleted": false, + "is_disabled": false, "email": "admin@example.com", "name": "Administrator", "nickname": "some guy", diff --git a/backend/schema/paths/users/get.json b/backend/schema/paths/users/get.json index 41a0532c3..374153011 100644 --- a/backend/schema/paths/users/get.json +++ b/backend/schema/paths/users/get.json @@ -30,7 +30,7 @@ "id": 1, "created_on": "2020-01-30T09:36:08.000Z", "modified_on": "2020-01-30T09:41:04.000Z", - "is_disabled": 0, + "is_disabled": false, "email": "jc@jc21.com", "name": "Jamie Curnow", "nickname": "James", @@ -45,7 +45,7 @@ "id": 1, "created_on": "2020-01-30T09:36:08.000Z", "modified_on": "2020-01-30T09:41:04.000Z", - "is_disabled": 0, + "is_disabled": false, "email": "jc@jc21.com", "name": "Jamie Curnow", "nickname": "James", diff --git a/backend/schema/paths/users/post.json b/backend/schema/paths/users/post.json index 1eec1b510..c0213fe05 100644 --- a/backend/schema/paths/users/post.json +++ b/backend/schema/paths/users/post.json @@ -56,7 +56,7 @@ "id": 2, "created_on": "2020-01-30T09:41:04.000Z", "modified_on": "2020-01-30T09:41:04.000Z", - "is_disabled": 0, + "is_disabled": false, "email": "jc@jc21.com", "name": "Jamie Curnow", "nickname": "James", diff --git a/backend/schema/paths/users/userID/get.json b/backend/schema/paths/users/userID/get.json index f79c92943..cb8ac61b4 100644 --- a/backend/schema/paths/users/userID/get.json +++ b/backend/schema/paths/users/userID/get.json @@ -39,7 +39,7 @@ "id": 1, "created_on": "2020-01-30T09:36:08.000Z", "modified_on": "2020-01-30T09:41:04.000Z", - "is_disabled": 0, + "is_disabled": false, "email": "jc@jc21.com", "name": "Jamie Curnow", "nickname": "James", diff --git a/backend/schema/paths/users/userID/login/post.json b/backend/schema/paths/users/userID/login/post.json index 5f247b335..6148d182b 100644 --- a/backend/schema/paths/users/userID/login/post.json +++ b/backend/schema/paths/users/userID/login/post.json @@ -34,7 +34,7 @@ "id": 1, "created_on": "2020-01-30T10:43:44.000Z", "modified_on": "2020-01-30T10:43:44.000Z", - "is_disabled": 0, + "is_disabled": false, "email": "jc@jc21.com", "name": "Jamie Curnow", "nickname": "James", diff --git a/backend/schema/paths/users/userID/put.json b/backend/schema/paths/users/userID/put.json index 54cb44b44..60a6cd132 100644 --- a/backend/schema/paths/users/userID/put.json +++ b/backend/schema/paths/users/userID/put.json @@ -69,7 +69,7 @@ "id": 2, "created_on": "2020-01-30T09:36:08.000Z", "modified_on": "2020-01-30T09:41:04.000Z", - "is_disabled": 0, + "is_disabled": false, "email": "jc@jc21.com", "name": "Jamie Curnow", "nickname": "James", diff --git a/backend/schema/swagger.json b/backend/schema/swagger.json index 9c00fa634..5a0142bff 100644 --- a/backend/schema/swagger.json +++ b/backend/schema/swagger.json @@ -1,5 +1,5 @@ { - "openapi": "3.0.0", + "openapi": "3.1.0", "info": { "title": "Nginx Proxy Manager API", "version": "2.x.x" diff --git a/backend/validate-schema.js b/backend/validate-schema.js new file mode 100644 index 000000000..71a05c818 --- /dev/null +++ b/backend/validate-schema.js @@ -0,0 +1,16 @@ +const SwaggerParser = require('@apidevtools/swagger-parser'); +const chalk = require('chalk'); +const schema = require('./schema'); +const log = console.log; + +schema.getCompiledSchema().then(async (swaggerJSON) => { + try { + const api = await SwaggerParser.validate(swaggerJSON); + console.log('API name: %s, Version: %s', api.info.title, api.info.version); + log(chalk.green('❯ Schema is valid')); + } catch (e) { + console.error(e); + log(chalk.red('❯', e.message), '\n'); + process.exit(1); + } +}); diff --git a/backend/yarn.lock b/backend/yarn.lock index 6346c14ce..be1e68e6d 100644 --- a/backend/yarn.lock +++ b/backend/yarn.lock @@ -2,12 +2,12 @@ # yarn lockfile v1 -"@apidevtools/json-schema-ref-parser@8.0.0": - version "8.0.0" - resolved "https://registry.yarnpkg.com/@apidevtools/json-schema-ref-parser/-/json-schema-ref-parser-8.0.0.tgz#9eb749499b3f8d919e90bb141e4b6f67aee4692d" - integrity sha512-n4YBtwQhdpLto1BaUCyAeflizmIbaloGShsPyRtFf5qdFJxfssj+GgLavczgKJFa3Bq+3St2CKcpRJdjtB4EBw== +"@apidevtools/json-schema-ref-parser@9.0.6": + version "9.0.6" + resolved "https://registry.yarnpkg.com/@apidevtools/json-schema-ref-parser/-/json-schema-ref-parser-9.0.6.tgz#5d9000a3ac1fd25404da886da6b266adcd99cf1c" + integrity sha512-M3YgsLjI0lZxvrpeGVk9Ap032W6TPQkH6pRAZz81Ac3WUNF79VQooAFnp8umjvVzUmD93NkogxEwbSce7qMsUg== dependencies: - "@jsdevtools/ono" "^7.1.0" + "@jsdevtools/ono" "^7.1.3" call-me-maybe "^1.0.1" js-yaml "^3.13.1" @@ -20,6 +20,29 @@ "@types/json-schema" "^7.0.15" js-yaml "^4.1.0" +"@apidevtools/openapi-schemas@^2.1.0": + version "2.1.0" + resolved "https://registry.yarnpkg.com/@apidevtools/openapi-schemas/-/openapi-schemas-2.1.0.tgz#9fa08017fb59d80538812f03fc7cac5992caaa17" + integrity sha512-Zc1AlqrJlX3SlpupFGpiLi2EbteyP7fXmUOGup6/DnkRgjP9bgMM/ag+n91rsv0U1Gpz0H3VILA/o3bW7Ua6BQ== + +"@apidevtools/swagger-methods@^3.0.2": + version "3.0.2" + resolved "https://registry.yarnpkg.com/@apidevtools/swagger-methods/-/swagger-methods-3.0.2.tgz#b789a362e055b0340d04712eafe7027ddc1ac267" + integrity sha512-QAkD5kK2b1WfjDS/UQn/qQkbwF31uqRjPTrsCs5ZG9BQGAkjwvqGFjjPqAuzac/IYzpPtRzjCP1WrTuAIjMrXg== + +"@apidevtools/swagger-parser@^10.1.0": + version "10.1.0" + resolved "https://registry.yarnpkg.com/@apidevtools/swagger-parser/-/swagger-parser-10.1.0.tgz#a987d71e5be61feb623203be0c96e5985b192ab6" + integrity sha512-9Kt7EuS/7WbMAUv2gSziqjvxwDbFSg3Xeyfuj5laUODX8o/k/CpsAKiQ8W7/R88eXFTMbJYg6+7uAmOWNKmwnw== + dependencies: + "@apidevtools/json-schema-ref-parser" "9.0.6" + "@apidevtools/openapi-schemas" "^2.1.0" + "@apidevtools/swagger-methods" "^3.0.2" + "@jsdevtools/ono" "^7.1.3" + ajv "^8.6.3" + ajv-draft-04 "^1.0.0" + call-me-maybe "^1.0.1" + "@eslint-community/eslint-utils@^4.2.0": version "4.3.0" resolved "https://registry.yarnpkg.com/@eslint-community/eslint-utils/-/eslint-utils-4.3.0.tgz#a556790523a351b4e47e9d385f47265eaaf9780a" @@ -76,7 +99,7 @@ resolved "https://registry.yarnpkg.com/@humanwhocodes/object-schema/-/object-schema-1.2.1.tgz#b520529ec21d8e5945a1851dfd1c32e94e39ff45" integrity sha512-ZnQMnLV4e7hDlUvw8H+U8ASL02SS2Gn6+9Ac3wGGLIe7+je2AeAOxPY+izIPJDfFDb7eDjev0Us8MO1iFRN8hA== -"@jsdevtools/ono@^7.1.0", "@jsdevtools/ono@^7.1.3": +"@jsdevtools/ono@^7.1.3": version "7.1.3" resolved "https://registry.yarnpkg.com/@jsdevtools/ono/-/ono-7.1.3.tgz#9df03bbd7c696a5c58885c34aa06da41c8543796" integrity sha512-4JQNk+3mVzK3xh2rqd6RB4J46qUR19azEHBneZyTZM+c456qOrbbM/5xcR8huNCCcbVt7+UmizG6GuUvPvKUYg== @@ -207,7 +230,12 @@ aggregate-error@^3.0.0: clean-stack "^2.0.0" indent-string "^4.0.0" -ajv@^6.10.0, ajv@^6.12.0, ajv@^6.12.4: +ajv-draft-04@^1.0.0: + version "1.0.0" + resolved "https://registry.yarnpkg.com/ajv-draft-04/-/ajv-draft-04-1.0.0.tgz#3b64761b268ba0b9e668f0b41ba53fce0ad77fc8" + integrity sha512-mv00Te6nmYbRp5DCwclxtt7yV/joXJPGS7nM+97GdxvuttCOfgI3K4U25zboyeX0O+myI8ERluxQe5wljMmVIw== + +ajv@^6.10.0, ajv@^6.12.4: version "6.12.6" resolved "https://registry.yarnpkg.com/ajv/-/ajv-6.12.6.tgz#baf5a62e802b07d977034586f8c3baf5adf26df4" integrity sha512-j3fVLgvTo527anyYyJOGTYJbG+vnnQYvE0m5mmkc1TK+nxAppkCLMIL0aZ4dblVCNoGShhm+kzE4ZUykBoMg4g== @@ -217,6 +245,16 @@ ajv@^6.10.0, ajv@^6.12.0, ajv@^6.12.4: json-schema-traverse "^0.4.1" uri-js "^4.2.2" +ajv@^8.17.1, ajv@^8.6.3: + version "8.17.1" + resolved "https://registry.yarnpkg.com/ajv/-/ajv-8.17.1.tgz#37d9a5c776af6bc92d7f4f9510eba4c0a60d11a6" + integrity sha512-B/gBuNg5SiMTrPkC+A2+cW0RszwxYmn6VYxB/inlBStS5nx6xHIt/ehKRhIMhqusl7a8LjQoZnjCs5vhwxOQ1g== + dependencies: + fast-deep-equal "^3.1.3" + fast-uri "^3.0.1" + json-schema-traverse "^1.0.0" + require-from-string "^2.0.2" + ajv@^8.6.2: version "8.12.0" resolved "https://registry.yarnpkg.com/ajv/-/ajv-8.12.0.tgz#d1a0527323e22f53562c567c00991577dfbe19d1" @@ -566,6 +604,14 @@ camelcase@^5.0.0, camelcase@^5.3.1: resolved "https://registry.yarnpkg.com/camelcase/-/camelcase-5.3.1.tgz#e3c9b31569e106811df242f715725a1f4c494320" integrity sha512-L28STB170nwWS63UjtlEOE3dldQApaJXZkOI1uMFfzf3rRuPegHaHesyee+YxQ+W6SvRDQV6UrdOdRiR153wJg== +chalk@4.1.2, chalk@^4.0.0: + version "4.1.2" + resolved "https://registry.yarnpkg.com/chalk/-/chalk-4.1.2.tgz#aac4e2b7734a740867aeb16bf02aad556a1e7a01" + integrity sha512-oKnbhFyRIXpUuez8iBMmyEa4nbj4IOQyuhc/wy9kY7/WVPcwIO9VA668Pu8RkO7+0G76SLROeyw9CpQ061i4mA== + dependencies: + ansi-styles "^4.1.0" + supports-color "^7.1.0" + chalk@^2.3.2: version "2.4.2" resolved "https://registry.yarnpkg.com/chalk/-/chalk-2.4.2.tgz#cd42541677a54333cf541a49108c1432b44c9424" @@ -583,14 +629,6 @@ chalk@^3.0.0: ansi-styles "^4.1.0" supports-color "^7.1.0" -chalk@^4.0.0: - version "4.1.2" - resolved "https://registry.yarnpkg.com/chalk/-/chalk-4.1.2.tgz#aac4e2b7734a740867aeb16bf02aad556a1e7a01" - integrity sha512-oKnbhFyRIXpUuez8iBMmyEa4nbj4IOQyuhc/wy9kY7/WVPcwIO9VA668Pu8RkO7+0G76SLROeyw9CpQ061i4mA== - dependencies: - ansi-styles "^4.1.0" - supports-color "^7.1.0" - chokidar@^3.2.2: version "3.4.1" resolved "https://registry.yarnpkg.com/chokidar/-/chokidar-3.4.1.tgz#e905bdecf10eaa0a0b1db0c664481cc4cbc22ba1" @@ -1199,6 +1237,11 @@ fast-levenshtein@^2.0.6: resolved "https://registry.yarnpkg.com/fast-levenshtein/-/fast-levenshtein-2.0.6.tgz#3d8a5c66883a16a30ca8643e851f19baa7797917" integrity sha512-DCXu6Ifhqcks7TZKY3Hxp3y6qphY5SJZmrWMDrKcERSOXWQdMhU9Ig/PYrzyw/ul9jOIyh0N4M0tbC5hodg8dw== +fast-uri@^3.0.1: + version "3.0.2" + resolved "https://registry.yarnpkg.com/fast-uri/-/fast-uri-3.0.2.tgz#d78b298cf70fd3b752fd951175a3da6a7b48f024" + integrity sha512-GR6f0hD7XXyNJa25Tb9BuIdN0tdr+0BMi6/CJPH3wJO1JjNG3n/VsSw38AwRdKZABm8lGbPfakLRkYzx2V9row== + fastq@^1.6.0: version "1.15.0" resolved "https://registry.yarnpkg.com/fastq/-/fastq-1.15.0.tgz#d04d07c6a2a68fe4599fea8d2e103a937fae6b3a" @@ -1870,13 +1913,6 @@ json-parse-better-errors@^1.0.1: resolved "https://registry.yarnpkg.com/json-parse-better-errors/-/json-parse-better-errors-1.0.2.tgz#bb867cfb3450e69107c131d1c514bab3dc8bcaa9" integrity sha512-mrqyZKfX5EhL7hvqcV6WG1yYjnjeuYDzDhhcAAUrq8Po85NBQBJP+ZDUT75qZQ98IkUoBqdkExkukOU7Ts2wrw== -json-schema-ref-parser@^8.0.0: - version "8.0.0" - resolved "https://registry.yarnpkg.com/json-schema-ref-parser/-/json-schema-ref-parser-8.0.0.tgz#7c758fac2cf822c05e837abd0a13f8fa2c15ffd4" - integrity sha512-2P4icmNkZLrBr6oa5gSZaDSol/oaBHYkoP/8dsw63E54NnHGRhhiFuy9yFoxPuSm+uHKmeGxAAWMDF16SCHhcQ== - dependencies: - "@apidevtools/json-schema-ref-parser" "8.0.0" - json-schema-traverse@^0.4.1: version "0.4.1" resolved "https://registry.yarnpkg.com/json-schema-traverse/-/json-schema-traverse-0.4.1.tgz#69f6a87d9513ab8bb8fe63bdb0979c448e684660" diff --git a/test/cypress/e2e/api/Health.cy.js b/test/cypress/e2e/api/Health.cy.js index 5538916cb..f765c99b9 100644 --- a/test/cypress/e2e/api/Health.cy.js +++ b/test/cypress/e2e/api/Health.cy.js @@ -14,7 +14,7 @@ describe('Basic API checks', () => { cy.task('backendApiGet', { path: '/api/schema', }).then((data) => { - expect(data.openapi).to.be.equal('3.0.0'); + expect(data.openapi).to.be.equal('3.1.0'); }); }); }); diff --git a/test/cypress/e2e/api/Hosts.cy.js b/test/cypress/e2e/api/Hosts.cy.js index 4652c8e08..62b9581bb 100644 --- a/test/cypress/e2e/api/Hosts.cy.js +++ b/test/cypress/e2e/api/Hosts.cy.js @@ -39,7 +39,7 @@ describe('Hosts endpoints', () => { expect(data).to.have.property('id'); expect(data.id).to.be.greaterThan(0); expect(data).to.have.property('enabled'); - expect(data.enabled).to.be.greaterThan(0); + expect(data).to.have.property("enabled", true); expect(data).to.have.property('meta'); expect(typeof data.meta.nginx_online).to.be.equal('undefined'); }); diff --git a/test/cypress/plugins/backendApi/logger.js b/test/cypress/plugins/backendApi/logger.js index 98efa260e..8920b8692 100644 --- a/test/cypress/plugins/backendApi/logger.js +++ b/test/cypress/plugins/backendApi/logger.js @@ -1,12 +1,7 @@ const _ = require("lodash"); -const chalk = require("chalk"); module.exports = function() { - var arr = _.values(arguments); - arr.unshift( - chalk.blue.bold("[") + - chalk.yellow.bold("Backend API") + - chalk.blue.bold("]"), - ); + let arr = _.values(arguments); + arr.unshift('[Backend API]'); console.log.apply(null, arr); }; diff --git a/test/package.json b/test/package.json index b0f6ba79d..69b2b8613 100644 --- a/test/package.json +++ b/test/package.json @@ -6,21 +6,20 @@ "dependencies": { "@jc21/cypress-swagger-validation": "^0.2.6", "@jc21/restler": "^3.4.0", - "chalk": "^4.1.0", - "cypress": "^13.9.0", + "cypress": "^13.15.0", "cypress-multi-reporters": "^1.6.4", - "cypress-wait-until": "^3.0.1", - "eslint": "^9.3.0", + "cypress-wait-until": "^3.0.2", + "eslint": "^9.12.0", "eslint-plugin-align-assignments": "^1.1.2", - "eslint-plugin-chai-friendly": "^0.7.4", - "eslint-plugin-cypress": "^3.2.0", + "eslint-plugin-chai-friendly": "^1.0.1", + "eslint-plugin-cypress": "^3.5.0", "lodash": "^4.17.21", - "mocha": "^10.4.0", + "mocha": "^10.7.3", "mocha-junit-reporter": "^2.2.1" }, "scripts": { - "cypress": "cypress open --config-file=cypress/config/dev.json --config baseUrl=${BASE_URL:-http://127.0.0.1:3081}", - "cypress:headless": "cypress run --config-file=cypress/config/dev.json --config baseUrl=${BASE_URL:-http://127.0.0.1:3081}" + "cypress": "cypress open --config-file=cypress/config/dev.js --config baseUrl=${BASE_URL:-http://127.0.0.1:3081}", + "cypress:headless": "cypress run --config-file=cypress/config/dev.js --config baseUrl=${BASE_URL:-http://127.0.0.1:3081}" }, "author": "", "license": "ISC" diff --git a/test/yarn.lock b/test/yarn.lock index 943147b01..b34385bd2 100644 --- a/test/yarn.lock +++ b/test/yarn.lock @@ -49,10 +49,10 @@ resolved "https://registry.yarnpkg.com/@colors/colors/-/colors-1.5.0.tgz#bb504579c1cae923e6576a4f5da43d25f97bdbd9" integrity sha512-ooWCrlZP11i8GImSjTHYHLkvFDP48nS4+204nGb1RiX/WXYHmJA2III9/e2DWVabCESdW7hBAEzHRqUn9OUVvQ== -"@cypress/request@^3.0.0": - version "3.0.1" - resolved "https://registry.yarnpkg.com/@cypress/request/-/request-3.0.1.tgz#72d7d5425236a2413bd3d8bb66d02d9dc3168960" - integrity sha512-TWivJlJi8ZDx2wGOw1dbLuHJKUYX7bWySw377nlnGOW3hP9/MUKIsEdXT/YngWxVdgNCHRBmFlBipE+5/2ZZlQ== +"@cypress/request@^3.0.4": + version "3.0.5" + resolved "https://registry.yarnpkg.com/@cypress/request/-/request-3.0.5.tgz#d893a6e68ce2636c085fcd8d7283c3186499ba63" + integrity sha512-v+XHd9XmWbufxF1/bTaVm2yhbxY+TB4YtWRqF2zaXBlDNMkls34KiATz0AVDLavL3iB6bQk9/7n3oY1EoLSWGA== dependencies: aws-sign2 "~0.7.0" aws4 "^1.8.0" @@ -60,14 +60,14 @@ combined-stream "~1.0.6" extend "~3.0.2" forever-agent "~0.6.1" - form-data "~2.3.2" - http-signature "~1.3.6" + form-data "~4.0.0" + http-signature "~1.4.0" is-typedarray "~1.0.0" isstream "~0.1.2" json-stringify-safe "~5.0.1" mime-types "~2.1.19" performance-now "^2.1.0" - qs "6.10.4" + qs "6.13.0" safe-buffer "^5.1.2" tough-cookie "^4.1.3" tunnel-agent "^0.6.0" @@ -88,10 +88,24 @@ dependencies: eslint-visitor-keys "^3.3.0" -"@eslint-community/regexpp@^4.6.1": - version "4.10.0" - resolved "https://registry.yarnpkg.com/@eslint-community/regexpp/-/regexpp-4.10.0.tgz#548f6de556857c8bb73bbee70c35dc82a2e74d63" - integrity sha512-Cu96Sd2By9mCNTx2iyKOmq10v22jUVQv0lQnlGNy16oE9589yE+QADPbrMGCkA51cKZSg3Pu/aTJVTGfL/qjUA== +"@eslint-community/regexpp@^4.11.0": + version "4.11.1" + resolved "https://registry.yarnpkg.com/@eslint-community/regexpp/-/regexpp-4.11.1.tgz#a547badfc719eb3e5f4b556325e542fbe9d7a18f" + integrity sha512-m4DVN9ZqskZoLU5GlWZadwDnYo3vAEydiUayB9widCl9ffWx2IvPnp6n3on5rJmziJSw9Bv+Z3ChDVdMwXCY8Q== + +"@eslint/config-array@^0.18.0": + version "0.18.0" + resolved "https://registry.yarnpkg.com/@eslint/config-array/-/config-array-0.18.0.tgz#37d8fe656e0d5e3dbaea7758ea56540867fd074d" + integrity sha512-fTxvnS1sRMu3+JjXwJG0j/i4RT9u4qJ+lqS/yCGap4lH4zZGzQ7tu+xZqQmcMZq5OBZDL4QRxQzRjkWcGt8IVw== + dependencies: + "@eslint/object-schema" "^2.1.4" + debug "^4.3.1" + minimatch "^3.1.2" + +"@eslint/core@^0.6.0": + version "0.6.0" + resolved "https://registry.yarnpkg.com/@eslint/core/-/core-0.6.0.tgz#9930b5ba24c406d67a1760e94cdbac616a6eb674" + integrity sha512-8I2Q8ykA4J0x0o7cg67FPVnehcqWTBehu/lmY+bolPFHGjh49YzGBMXTvpqVgEbBdvNCSxj6iFgiIyHzf03lzg== "@eslint/eslintrc@^3.1.0": version "3.1.0" @@ -108,35 +122,51 @@ minimatch "^3.1.2" strip-json-comments "^3.1.1" -"@eslint/js@9.3.0": - version "9.3.0" - resolved "https://registry.yarnpkg.com/@eslint/js/-/js-9.3.0.tgz#2e8f65c9c55227abc4845b1513c69c32c679d8fe" - integrity sha512-niBqk8iwv96+yuTwjM6bWg8ovzAPF9qkICsGtcoa5/dmqcEMfdwNAX7+/OHcJHc7wj7XqPxH98oAHytFYlw6Sw== +"@eslint/js@9.12.0": + version "9.12.0" + resolved "https://registry.yarnpkg.com/@eslint/js/-/js-9.12.0.tgz#69ca3ca9fab9a808ec6d67b8f6edb156cbac91e1" + integrity sha512-eohesHH8WFRUprDNyEREgqP6beG6htMeUYeCpkEgBCieCMme5r9zFWjzAJp//9S+Kub4rqE+jXe9Cp1a7IYIIA== + +"@eslint/object-schema@^2.1.4": + version "2.1.4" + resolved "https://registry.yarnpkg.com/@eslint/object-schema/-/object-schema-2.1.4.tgz#9e69f8bb4031e11df79e03db09f9dbbae1740843" + integrity sha512-BsWiH1yFGjXXS2yvrf5LyuoSIIbPrGUWob917o+BTKuZ7qJdxX8aJLRxs1fS9n6r7vESrq1OUqb68dANcFXuQQ== -"@humanwhocodes/config-array@^0.13.0": - version "0.13.0" - resolved "https://registry.yarnpkg.com/@humanwhocodes/config-array/-/config-array-0.13.0.tgz#fb907624df3256d04b9aa2df50d7aa97ec648748" - integrity sha512-DZLEEqFWQFiyK6h5YIeynKx7JlvCYWL0cImfSRXZ9l4Sg2efkFGTuFf6vzXjK1cq6IYkU+Eg/JizXw+TD2vRNw== +"@eslint/plugin-kit@^0.2.0": + version "0.2.0" + resolved "https://registry.yarnpkg.com/@eslint/plugin-kit/-/plugin-kit-0.2.0.tgz#8712dccae365d24e9eeecb7b346f85e750ba343d" + integrity sha512-vH9PiIMMwvhCx31Af3HiGzsVNULDbyVkHXwlemn/B0TFj/00ho3y55efXrUZTfQipxoHC5u4xq6zblww1zm1Ig== dependencies: - "@humanwhocodes/object-schema" "^2.0.3" - debug "^4.3.1" - minimatch "^3.0.5" + levn "^0.4.1" + +"@humanfs/core@^0.19.0": + version "0.19.0" + resolved "https://registry.yarnpkg.com/@humanfs/core/-/core-0.19.0.tgz#08db7a8c73bb07673d9ebd925f2dad746411fcec" + integrity sha512-2cbWIHbZVEweE853g8jymffCA+NCMiuqeECeBBLm8dg2oFdjuGJhgN4UAbI+6v0CKbbhvtXA4qV8YR5Ji86nmw== + +"@humanfs/node@^0.16.5": + version "0.16.5" + resolved "https://registry.yarnpkg.com/@humanfs/node/-/node-0.16.5.tgz#a9febb7e7ad2aff65890fdc630938f8d20aa84ba" + integrity sha512-KSPA4umqSG4LHYRodq31VDwKAvaTF4xmVlzM8Aeh4PlU1JQ3IG0wiA8C25d3RQ9nJyM3mBHyI53K06VVL/oFFg== + dependencies: + "@humanfs/core" "^0.19.0" + "@humanwhocodes/retry" "^0.3.0" "@humanwhocodes/module-importer@^1.0.1": version "1.0.1" resolved "https://registry.yarnpkg.com/@humanwhocodes/module-importer/-/module-importer-1.0.1.tgz#af5b2691a22b44be847b0ca81641c5fb6ad0172c" integrity sha512-bxveV4V8v5Yb4ncFTT3rPSgZBOpCkjfK0y4oVVVJwIuDVBRMDXrPyXRL988i5ap9m9bnyEEjWfm5WkBmtffLfA== -"@humanwhocodes/object-schema@^2.0.3": - version "2.0.3" - resolved "https://registry.yarnpkg.com/@humanwhocodes/object-schema/-/object-schema-2.0.3.tgz#4a2868d75d6d6963e423bcf90b7fd1be343409d3" - integrity sha512-93zYdMES/c1D69yZiKDBj0V24vqNzB/koF26KPaagAfd3P/4gUlh3Dys5ogAK+Exi9QyzlD8x/08Zt7wIKcDcA== - "@humanwhocodes/retry@^0.3.0": version "0.3.0" resolved "https://registry.yarnpkg.com/@humanwhocodes/retry/-/retry-0.3.0.tgz#6d86b8cb322660f03d3f0aa94b99bdd8e172d570" integrity sha512-d2CGZR2o7fS6sWB7DG/3a95bGKQyHMACZ5aW8qGkkqQpUoZV6C0X7Pc7l4ZNMZkfNBf4VWNe9E1jRsf0G146Ew== +"@humanwhocodes/retry@^0.3.1": + version "0.3.1" + resolved "https://registry.yarnpkg.com/@humanwhocodes/retry/-/retry-0.3.1.tgz#c72a5c76a9fbaf3488e231b13dc52c0da7bab42a" + integrity sha512-JBxkERygn7Bv/GbN5Rv8Ul6LVknS+5Bp6RgDC/O8gEBU/yeH5Ui5C/OlWrTb6qct7LjjfT6Re2NxB0ln0yYybA== + "@jc21/cypress-swagger-validation@^0.2.6": version "0.2.6" resolved "https://registry.yarnpkg.com/@jc21/cypress-swagger-validation/-/cypress-swagger-validation-0.2.6.tgz#8b61f2413fa81cae6f8c2f33ecce5a6ded897030" @@ -166,33 +196,17 @@ resolved "https://registry.yarnpkg.com/@jsdevtools/ono/-/ono-7.1.3.tgz#9df03bbd7c696a5c58885c34aa06da41c8543796" integrity sha512-4JQNk+3mVzK3xh2rqd6RB4J46qUR19azEHBneZyTZM+c456qOrbbM/5xcR8huNCCcbVt7+UmizG6GuUvPvKUYg== -"@nodelib/fs.scandir@2.1.5": - version "2.1.5" - resolved "https://registry.yarnpkg.com/@nodelib/fs.scandir/-/fs.scandir-2.1.5.tgz#7619c2eb21b25483f6d167548b4cfd5a7488c3d5" - integrity sha512-vq24Bq3ym5HEQm2NKCr3yXDwjc7vTsEThRDnkp2DK9p1uqLR+DHurm/NOTo0KG7HYHU7eppKZj3MyqYuMBf62g== - dependencies: - "@nodelib/fs.stat" "2.0.5" - run-parallel "^1.1.9" - -"@nodelib/fs.stat@2.0.5": - version "2.0.5" - resolved "https://registry.yarnpkg.com/@nodelib/fs.stat/-/fs.stat-2.0.5.tgz#5bd262af94e9d25bd1e71b05deed44876a222e8b" - integrity sha512-RkhPPp2zrqDAQA/2jNhnztcPAlv64XdhIp7a7454A5ovI7Bukxgt7MX7udwAu3zg1DcpPU0rz3VV1SeaqvY4+A== - -"@nodelib/fs.walk@^1.2.8": - version "1.2.8" - resolved "https://registry.yarnpkg.com/@nodelib/fs.walk/-/fs.walk-1.2.8.tgz#e95737e8bb6746ddedf69c556953494f196fe69a" - integrity sha512-oGB+UxlgWcgQkgwo8GcEGwemoTFt3FIO9ababBmaGwXIoBKZ+GTy0pP185beGg7Llih/NSHSV2XAs1lnznocSg== - dependencies: - "@nodelib/fs.scandir" "2.1.5" - fastq "^1.6.0" - "@types/color-name@^1.1.1": version "1.1.1" resolved "https://registry.yarnpkg.com/@types/color-name/-/color-name-1.1.1.tgz#1c1261bbeaa10a8055bbc5d8ab84b7b2afc846a0" integrity sha512-rr+OQyAjxze7GgWrSaJwydHStIhHq2lvY3BOC2Mj7KnzI7XK0Uw1TOOdI9lDoajEbSWLiYgoo4f1R51erQfhPQ== -"@types/json-schema@^7.0.6": +"@types/estree@^1.0.6": + version "1.0.6" + resolved "https://registry.yarnpkg.com/@types/estree/-/estree-1.0.6.tgz#628effeeae2064a1b4e79f78e81d87b7e5fc7b50" + integrity sha512-AYnb1nQyY49te+VRAVgmzfcgjYS91mY5P0TKUDCLEM+gNnA+3T6rWITXRLYCpahpqSQbN5cE+gHpnPyXjHWxcw== + +"@types/json-schema@^7.0.15", "@types/json-schema@^7.0.6": version "7.0.15" resolved "https://registry.yarnpkg.com/@types/json-schema/-/json-schema-7.0.15.tgz#596a1747233694d50f6ad8a7869fcb6f56cf5841" integrity sha512-5+fP8P8MFNC+AyZCDxrB2pkZFPGzqQWUzpSeuuVLvm8VMcorNYavBqoFcxK8bQz4Qsbn4oUEEem4wDLfcysGHA== @@ -229,6 +243,11 @@ acorn@^8.11.3: resolved "https://registry.yarnpkg.com/acorn/-/acorn-8.11.3.tgz#71e0b14e13a4ec160724b38fb7b0f233b1b81d7a" integrity sha512-Y9rRfJG5jcKOE0CLisYbojUjIrIEE7AGMzA/Sm4BslANhbS+cDMpgBdcPT91oJ7OuJ9hYJBx59RjbhxVnrF8Xg== +acorn@^8.12.0: + version "8.12.1" + resolved "https://registry.yarnpkg.com/acorn/-/acorn-8.12.1.tgz#71616bdccbe25e27a54439e0046e89ca76df2248" + integrity sha512-tcpGyI9zbizT9JbV6oYE477V6mTlXvvi0T0G3SNIYE2apm/G5huBa1+K89VGeovbg+jycCrfhl3ADxErOuO6Jg== + aggregate-error@^3.0.0: version "3.1.0" resolved "https://registry.yarnpkg.com/aggregate-error/-/aggregate-error-3.1.0.tgz#92670ff50f5359bdb7a3e0d40d0ec30c5737687a" @@ -262,11 +281,16 @@ ajv@^8.12.0, ajv@^8.6.3: require-from-string "^2.0.2" uri-js "^4.4.1" -ansi-colors@4.1.1, ansi-colors@^4.1.1: +ansi-colors@^4.1.1: version "4.1.1" resolved "https://registry.yarnpkg.com/ansi-colors/-/ansi-colors-4.1.1.tgz#cbb9ae256bf750af1eab344f229aa27fe94ba348" integrity sha512-JoX0apGbHaUJBNl6yF+p6JAFYZ666/hhCGKN5t9QFjbJQKUU/g8MNbFDbvfrgKXvI1QpZplPOnwIo99lX/AAmA== +ansi-colors@^4.1.3: + version "4.1.3" + resolved "https://registry.yarnpkg.com/ansi-colors/-/ansi-colors-4.1.3.tgz#37611340eb2243e70cc604cad35d63270d48781b" + integrity sha512-/6w/C21Pm1A7aZitlI5Ni/2J6FFQN8i1Cvz3kHABAAbw93v/NlvKdVOqz7CCWz/3iv/JplRSEEZ83XION15ovw== + ansi-escapes@^4.3.0: version "4.3.2" resolved "https://registry.yarnpkg.com/ansi-escapes/-/ansi-escapes-4.3.2.tgz#6b2291d1db7d98b6521d5f1efa42d0f3a9feb65e" @@ -420,7 +444,7 @@ braces@~3.0.2: dependencies: fill-range "^7.0.1" -browser-stdout@1.3.1: +browser-stdout@^1.3.1: version "1.3.1" resolved "https://registry.yarnpkg.com/browser-stdout/-/browser-stdout-1.3.1.tgz#baa559ee14ced73452229bad7326467c61fabd60" integrity sha512-qhAVI1+Av2X7qelOfAIYwXONood6XlZE/fXaBSmW/T5SzLAmCgzi+eiWE7fUvbHaeNBQH13UftjpXxsfLkMpgw== @@ -443,13 +467,16 @@ cachedir@^2.3.0: resolved "https://registry.yarnpkg.com/cachedir/-/cachedir-2.3.0.tgz#0c75892a052198f0b21c7c1804d8331edfcae0e8" integrity sha512-A+Fezp4zxnit6FanDmv9EqXNAi3vt9DWp51/71UEhXukb7QUuvtv9344h91dyAxuTLoSYJFU299qzR3tzwPAhw== -call-bind@^1.0.0: - version "1.0.2" - resolved "https://registry.yarnpkg.com/call-bind/-/call-bind-1.0.2.tgz#b1d4e89e688119c3c9a903ad30abb2f6a919be3c" - integrity sha512-7O+FbCihrB5WGbFYesctwmTKae6rOiIzmz1icreWJ+0aA7LJfuqhEso2T9ncpcFtzMQtzXf2QGGueWJGTYsqrA== +call-bind@^1.0.7: + version "1.0.7" + resolved "https://registry.yarnpkg.com/call-bind/-/call-bind-1.0.7.tgz#06016599c40c56498c18769d2730be242b6fa3b9" + integrity sha512-GHTSNSYICQ7scH7sZ+M2rFopRoLh8t2bLSW6BbgrtLsahOIB5iyAVJf9GjWK3cYTDaMj4XdBpM1cA6pIS0Kv2w== dependencies: - function-bind "^1.1.1" - get-intrinsic "^1.0.2" + es-define-property "^1.0.0" + es-errors "^1.3.0" + function-bind "^1.1.2" + get-intrinsic "^1.2.4" + set-function-length "^1.2.1" call-me-maybe@^1.0.1: version "1.0.1" @@ -479,6 +506,11 @@ chalk@^4.0.0, chalk@^4.1.0: ansi-styles "^4.1.0" supports-color "^7.1.0" +chalk@^5.3.0: + version "5.3.0" + resolved "https://registry.yarnpkg.com/chalk/-/chalk-5.3.0.tgz#67c20a7ebef70e7f3970a01f90fa210cb6860385" + integrity sha512-dLitG79d+GV1Nb/VYcCDFivJeK1hiukt9QjRNVOsUtTy1rR1YJsmpGGTZ3qJos+uw7WmWF4wUwBd9jxjocFC2w== + charenc@0.0.2: version "0.0.2" resolved "https://registry.yarnpkg.com/charenc/-/charenc-0.0.2.tgz#c0a1d2f3a7092e03774bfa83f14c0fc5790a8667" @@ -489,10 +521,10 @@ check-more-types@^2.24.0: resolved "https://registry.yarnpkg.com/check-more-types/-/check-more-types-2.24.0.tgz#1420ffb10fd444dcfc79b43891bbfffd32a84600" integrity sha1-FCD/sQ/URNz8ebQ4kbv//TKoRgA= -chokidar@3.5.3: - version "3.5.3" - resolved "https://registry.yarnpkg.com/chokidar/-/chokidar-3.5.3.tgz#1cf37c8707b932bd1af1ae22c0432e2acd1903bd" - integrity sha512-Dr3sfKRP6oTcjf2JmUmFJfeVMvXBdegxB0iVQ5eb2V10uFJUCAS8OByZdVAyVb8xXNz3GjjTgj9kLWsZTqE6kw== +chokidar@^3.5.3: + version "3.6.0" + resolved "https://registry.yarnpkg.com/chokidar/-/chokidar-3.6.0.tgz#197c6cc669ef2a8dc5e7b4d97ee4e092c3eb0d5b" + integrity sha512-7VT13fmjotKpGipCW9JEQAusEPE+Ei8nl6/g4FBAmIm0GOOLMua9NDDo/DWp0ZAxCr3cPq5ZpBqmPAQgDda2Pw== dependencies: anymatch "~3.1.2" braces "~3.0.2" @@ -564,7 +596,7 @@ colorette@^2.0.16: resolved "https://registry.yarnpkg.com/colorette/-/colorette-2.0.19.tgz#cdf044f47ad41a0f4b56b3a0d5b4e6e1a2d5a798" integrity sha512-3tlv/dIP7FWvj3BsbHrGLJ6l/oKh1O3TcgBqMn+yyCagOxc23fyzDS6HypQbgxWbkpDnf52p1LuR4eWDQ/K9WQ== -combined-stream@^1.0.6, combined-stream@~1.0.6: +combined-stream@^1.0.8, combined-stream@~1.0.6: version "1.0.8" resolved "https://registry.yarnpkg.com/combined-stream/-/combined-stream-1.0.8.tgz#c3d45a8b34fd730631a110a8a2520682b31d5a7f" integrity sha512-FQN4MRfuJeHf7cBbBMJFXhKSDq+2kAArBlmRBvcvFE5BB1HZKXtSFASDhdlz9zOYwxh8lDdnvmMOe/+5cdoEdg== @@ -613,17 +645,17 @@ cypress-multi-reporters@^1.6.4: debug "^4.3.4" lodash "^4.17.21" -cypress-wait-until@^3.0.1: - version "3.0.1" - resolved "https://registry.yarnpkg.com/cypress-wait-until/-/cypress-wait-until-3.0.1.tgz#6a697a600f4fb8cd2897489a15fda77c9857abec" - integrity sha512-kpoa8yL6Bi/JNsThGBbrrm7g4SNzYyBUv9M5pF6/NTVm/ClY0HnJzeuWnHiAUZKIZ5l86Oedb12wQyjx7/CWPg== +cypress-wait-until@^3.0.2: + version "3.0.2" + resolved "https://registry.yarnpkg.com/cypress-wait-until/-/cypress-wait-until-3.0.2.tgz#c90dddfa4c46a2c422f5b91d486531c560bae46e" + integrity sha512-iemies796dD5CgjG5kV0MnpEmKSH+s7O83ZoJLVzuVbZmm4lheMsZqAVT73hlMx4QlkwhxbyUzhOBUOZwoOe0w== -cypress@^13.9.0: - version "13.9.0" - resolved "https://registry.yarnpkg.com/cypress/-/cypress-13.9.0.tgz#b529cfa8f8c39ba163ed0501a25bb5b09c143652" - integrity sha512-atNjmYfHsvTuCaxTxLZr9xGoHz53LLui3266WWxXJHY7+N6OdwJdg/feEa3T+buez9dmUXHT1izCOklqG82uCQ== +cypress@^13.15.0: + version "13.15.0" + resolved "https://registry.yarnpkg.com/cypress/-/cypress-13.15.0.tgz#5eca5387ef34b2e611cfa291967c69c2cd39381d" + integrity sha512-53aO7PwOfi604qzOkCSzNlWquCynLlKE/rmmpSPcziRH6LNfaDUAklQT6WJIsD8ywxlIy+uVZsnTMCCQVd2kTw== dependencies: - "@cypress/request" "^3.0.0" + "@cypress/request" "^3.0.4" "@cypress/xvfb" "^1.2.4" "@types/sinonjs__fake-timers" "8.1.1" "@types/sizzle" "^2.3.2" @@ -662,7 +694,7 @@ cypress@^13.9.0: request-progress "^3.0.0" semver "^7.5.3" supports-color "^8.1.1" - tmp "~0.2.1" + tmp "~0.2.3" untildify "^4.0.0" yauzl "^2.10.0" @@ -678,13 +710,6 @@ dayjs@^1.10.4: resolved "https://registry.yarnpkg.com/dayjs/-/dayjs-1.11.7.tgz#4b296922642f70999544d1144a2c25730fce63e2" integrity sha512-+Yw9U6YO5TQohxLcIkrXBeY73WP3ejHWVvx8XCk3gxvQDCTEmS48ZrSZCKciI7Bhl/uCMyxYtE9UqRILmFphkQ== -debug@4.3.4, debug@^4.3.1, debug@^4.3.2, debug@^4.3.4: - version "4.3.4" - resolved "https://registry.yarnpkg.com/debug/-/debug-4.3.4.tgz#1319f6579357f2338d3337d2cdd4914bb5dcc865" - integrity sha512-PRWFHuSU3eDtQJPvnNY7Jcket1j0t5OuOsFzPPzsekD52Zl8qUfFIPEiswXqIvHWGVHOgX+7G/vCNNhehwxfkQ== - dependencies: - ms "2.1.2" - debug@^3.1.0: version "3.2.6" resolved "https://registry.yarnpkg.com/debug/-/debug-3.2.6.tgz#e83d17de16d8a7efb7717edbe5fb10135eee629b" @@ -699,6 +724,20 @@ debug@^4.1.1: dependencies: ms "^2.1.1" +debug@^4.3.1, debug@^4.3.2, debug@^4.3.4: + version "4.3.4" + resolved "https://registry.yarnpkg.com/debug/-/debug-4.3.4.tgz#1319f6579357f2338d3337d2cdd4914bb5dcc865" + integrity sha512-PRWFHuSU3eDtQJPvnNY7Jcket1j0t5OuOsFzPPzsekD52Zl8qUfFIPEiswXqIvHWGVHOgX+7G/vCNNhehwxfkQ== + dependencies: + ms "2.1.2" + +debug@^4.3.5: + version "4.3.7" + resolved "https://registry.yarnpkg.com/debug/-/debug-4.3.7.tgz#87945b4151a011d76d95a198d7111c865c360a52" + integrity sha512-Er2nc/H7RrMXZBFCEim6TCmMk02Z8vLC2Rbi1KEBggpo0fS6l0S1nnapwmIi3yW/+GOJap1Krg4w0Hg80oCqgQ== + dependencies: + ms "^2.1.3" + decamelize@^4.0.0: version "4.0.0" resolved "https://registry.yarnpkg.com/decamelize/-/decamelize-4.0.0.tgz#aa472d7bf660eb15f3494efd531cab7f2a709837" @@ -709,15 +748,24 @@ deep-is@^0.1.3, deep-is@~0.1.3: resolved "https://registry.yarnpkg.com/deep-is/-/deep-is-0.1.3.tgz#b369d6fb5dbc13eecf524f91b070feedc357cf34" integrity sha1-s2nW+128E+7PUk+RsHD+7cNXzzQ= +define-data-property@^1.1.4: + version "1.1.4" + resolved "https://registry.yarnpkg.com/define-data-property/-/define-data-property-1.1.4.tgz#894dc141bb7d3060ae4366f6a0107e68fbe48c5e" + integrity sha512-rBMvIzlpA8v6E+SJZoo++HAYqsLrkg7MSfIinMPFhmkorw7X+dOXVJQs+QT69zGkzMyfDnIMN2Wid1+NbL3T+A== + dependencies: + es-define-property "^1.0.0" + es-errors "^1.3.0" + gopd "^1.0.1" + delayed-stream@~1.0.0: version "1.0.0" resolved "https://registry.yarnpkg.com/delayed-stream/-/delayed-stream-1.0.0.tgz#df3ae199acadfb7d440aaae0b29e2272b24ec619" integrity sha1-3zrhmayt+31ECqrgsp4icrJOxhk= -diff@5.0.0: - version "5.0.0" - resolved "https://registry.yarnpkg.com/diff/-/diff-5.0.0.tgz#7ed6ad76d859d030787ec35855f5b1daf31d852b" - integrity sha512-/VTCrvm5Z0JGty/BWHljh+BAiw3IK+2j87NGMu8Nwc/f48WoDAC395uomO9ZD117ZOBaHmkX1oyLvkVM/aIT3w== +diff@^5.2.0: + version "5.2.0" + resolved "https://registry.yarnpkg.com/diff/-/diff-5.2.0.tgz#26ded047cd1179b78b9537d5ef725503ce1ae531" + integrity sha512-uIFDxqpRZGZ6ThOk84hEfqWoHx2devRFvpTZcTHur85vImfaxUbTW9Ryh4CpCuDnToOP1CEtXKIgytHBPVff5A== ecc-jsbn@~0.1.1: version "0.1.2" @@ -746,21 +794,33 @@ enquirer@^2.3.6: dependencies: ansi-colors "^4.1.1" +es-define-property@^1.0.0: + version "1.0.0" + resolved "https://registry.yarnpkg.com/es-define-property/-/es-define-property-1.0.0.tgz#c7faefbdff8b2696cf5f46921edfb77cc4ba3845" + integrity sha512-jxayLKShrEqqzJ0eumQbVhTYQM27CfT1T35+gCgDFoL82JLsXqTJ76zv6A0YLOgEnLUMvLzsDsGIrl8NFpT2gQ== + dependencies: + get-intrinsic "^1.2.4" + +es-errors@^1.3.0: + version "1.3.0" + resolved "https://registry.yarnpkg.com/es-errors/-/es-errors-1.3.0.tgz#05f75a25dab98e4fb1dcd5e1472c0546d5057c8f" + integrity sha512-Zf5H2Kxt2xjTvbJvP2ZWLEICxA6j+hAmMzIlypy4xcBg1vKVnx89Wy0GbS+kf5cwCVFFzdCFh2XSCFNULS6csw== + escalade@^3.1.1: version "3.1.2" resolved "https://registry.yarnpkg.com/escalade/-/escalade-3.1.2.tgz#54076e9ab29ea5bf3d8f1ed62acffbb88272df27" integrity sha512-ErCHMCae19vR8vQGe50xIsVomy19rg6gFu3+r3jkEO46suLMWBksvVyoGgQV+jOfl84ZSOSlmv6Gxa89PmTGmA== -escape-string-regexp@4.0.0, escape-string-regexp@^4.0.0: - version "4.0.0" - resolved "https://registry.yarnpkg.com/escape-string-regexp/-/escape-string-regexp-4.0.0.tgz#14ba83a5d373e3d311e5afca29cf5bfad965bf34" - integrity sha512-TtpcNJ3XAzx3Gq8sWRzJaVajRs0uVxA2YAkdb1jm2YkPz4G6egUFAyA3n5vtEIZefPk5Wa4UXbKuS5fKkJWdgA== - escape-string-regexp@^1.0.5: version "1.0.5" resolved "https://registry.yarnpkg.com/escape-string-regexp/-/escape-string-regexp-1.0.5.tgz#1b61c0562190a8dff6ae3bb2cf0200ca130b86d4" integrity sha1-G2HAViGQqN/2rjuyzwIAyhMLhtQ= +escape-string-regexp@^4.0.0: + version "4.0.0" + resolved "https://registry.yarnpkg.com/escape-string-regexp/-/escape-string-regexp-4.0.0.tgz#14ba83a5d373e3d311e5afca29cf5bfad965bf34" + integrity sha512-TtpcNJ3XAzx3Gq8sWRzJaVajRs0uVxA2YAkdb1jm2YkPz4G6egUFAyA3n5vtEIZefPk5Wa4UXbKuS5fKkJWdgA== + escodegen@^1.8.1: version "1.12.0" resolved "https://registry.yarnpkg.com/escodegen/-/escodegen-1.12.0.tgz#f763daf840af172bb3a2b6dd7219c0e17f7ff541" @@ -778,22 +838,22 @@ eslint-plugin-align-assignments@^1.1.2: resolved "https://registry.yarnpkg.com/eslint-plugin-align-assignments/-/eslint-plugin-align-assignments-1.1.2.tgz#83e1a8a826d4adf29e82b52d0bb39c88b301b576" integrity sha512-I1ZJgk9EjHfGVU9M2Ex8UkVkkjLL5Y9BS6VNnQHq79eHj2H4/Cgxf36lQSUTLgm2ntB03A2NtF+zg9fyi5vChg== -eslint-plugin-chai-friendly@^0.7.4: - version "0.7.4" - resolved "https://registry.yarnpkg.com/eslint-plugin-chai-friendly/-/eslint-plugin-chai-friendly-0.7.4.tgz#eaf222b848673ef8a00b8e507f7c6fd83d036bf2" - integrity sha512-PGPjJ8diYgX1mjLxGJqRop2rrGwZRKImoEOwUOgoIhg0p80MkTaqvmFLe5TF7/iagZHggasvIfQlUyHIhK/PYg== +eslint-plugin-chai-friendly@^1.0.1: + version "1.0.1" + resolved "https://registry.yarnpkg.com/eslint-plugin-chai-friendly/-/eslint-plugin-chai-friendly-1.0.1.tgz#c3290b5294c1145934cf9c07eaa4cec87921d18c" + integrity sha512-dxD/uz1YKJ8U4yah1i+V/p/u+kHRy3YxTPe2nJGqb5lCR+ucan/KIexfZ5+q4X+tkllyMe86EBbAkdlwxNy3oQ== -eslint-plugin-cypress@^3.2.0: - version "3.2.0" - resolved "https://registry.yarnpkg.com/eslint-plugin-cypress/-/eslint-plugin-cypress-3.2.0.tgz#fe2dd9c99ed5dfed5c7be658801e75ed3d9c2265" - integrity sha512-HaxMz6BoU4ay+K4WrG9ZJC1NdX06FqSlAwtRDStjM0ORFT7zCNPNuRJ+kUPc17Rt2AMUBSqeD9L0zTR3uZhPpw== +eslint-plugin-cypress@^3.5.0: + version "3.5.0" + resolved "https://registry.yarnpkg.com/eslint-plugin-cypress/-/eslint-plugin-cypress-3.5.0.tgz#380ef5049ad80ebeca923db69e4aa96e72fcd893" + integrity sha512-JZQ6XnBTNI8h1B9M7wJSFzc48SYbh7VMMKaNTQOFa3BQlnmXPrVc4PKen8R+fpv6VleiPeej6VxloGb42zdRvw== dependencies: globals "^13.20.0" -eslint-scope@^8.0.1: - version "8.0.1" - resolved "https://registry.yarnpkg.com/eslint-scope/-/eslint-scope-8.0.1.tgz#a9601e4b81a0b9171657c343fb13111688963cfc" - integrity sha512-pL8XjgP4ZOmmwfFE8mEhSxA7ZY4C+LWyqjQ3o4yWkkmD0qcMT9kkW3zWHOczhWcjTSgqycYAgwSlXvZltv65og== +eslint-scope@^8.1.0: + version "8.1.0" + resolved "https://registry.yarnpkg.com/eslint-scope/-/eslint-scope-8.1.0.tgz#70214a174d4cbffbc3e8a26911d8bf51b9ae9d30" + integrity sha512-14dSvlhaVhKKsa9Fx1l8A17s7ah7Ef7wCakJ10LYk6+GYmP9yDti2oq2SEwcyndt6knfcZyhyxwY3i9yL78EQw== dependencies: esrecurse "^4.3.0" estraverse "^5.2.0" @@ -808,28 +868,37 @@ eslint-visitor-keys@^4.0.0: resolved "https://registry.yarnpkg.com/eslint-visitor-keys/-/eslint-visitor-keys-4.0.0.tgz#e3adc021aa038a2a8e0b2f8b0ce8f66b9483b1fb" integrity sha512-OtIRv/2GyiF6o/d8K7MYKKbXrOUBIK6SfkIRM4Z0dY3w+LiQ0vy3F57m0Z71bjbyeiWFiHJ8brqnmE6H6/jEuw== -eslint@^9.3.0: - version "9.3.0" - resolved "https://registry.yarnpkg.com/eslint/-/eslint-9.3.0.tgz#36a96db84592618d6ed9074d677e92f4e58c08b9" - integrity sha512-5Iv4CsZW030lpUqHBapdPo3MJetAPtejVW8B84GIcIIv8+ohFaddXsrn1Gn8uD9ijDb+kcYKFUVmC8qG8B2ORQ== +eslint-visitor-keys@^4.1.0: + version "4.1.0" + resolved "https://registry.yarnpkg.com/eslint-visitor-keys/-/eslint-visitor-keys-4.1.0.tgz#1f785cc5e81eb7534523d85922248232077d2f8c" + integrity sha512-Q7lok0mqMUSf5a/AdAZkA5a/gHcO6snwQClVNNvFKCAVlxXucdU8pKydU5ZVZjBx5xr37vGbFFWtLQYreLzrZg== + +eslint@^9.12.0: + version "9.12.0" + resolved "https://registry.yarnpkg.com/eslint/-/eslint-9.12.0.tgz#54fcba2876c90528396da0fa44b6446329031e86" + integrity sha512-UVIOlTEWxwIopRL1wgSQYdnVDcEvs2wyaO6DGo5mXqe3r16IoCNWkR29iHhyaP4cICWjbgbmFUGAhh0GJRuGZw== dependencies: "@eslint-community/eslint-utils" "^4.2.0" - "@eslint-community/regexpp" "^4.6.1" + "@eslint-community/regexpp" "^4.11.0" + "@eslint/config-array" "^0.18.0" + "@eslint/core" "^0.6.0" "@eslint/eslintrc" "^3.1.0" - "@eslint/js" "9.3.0" - "@humanwhocodes/config-array" "^0.13.0" + "@eslint/js" "9.12.0" + "@eslint/plugin-kit" "^0.2.0" + "@humanfs/node" "^0.16.5" "@humanwhocodes/module-importer" "^1.0.1" - "@humanwhocodes/retry" "^0.3.0" - "@nodelib/fs.walk" "^1.2.8" + "@humanwhocodes/retry" "^0.3.1" + "@types/estree" "^1.0.6" + "@types/json-schema" "^7.0.15" ajv "^6.12.4" chalk "^4.0.0" cross-spawn "^7.0.2" debug "^4.3.2" escape-string-regexp "^4.0.0" - eslint-scope "^8.0.1" - eslint-visitor-keys "^4.0.0" - espree "^10.0.1" - esquery "^1.4.2" + eslint-scope "^8.1.0" + eslint-visitor-keys "^4.1.0" + espree "^10.2.0" + esquery "^1.5.0" esutils "^2.0.2" fast-deep-equal "^3.1.3" file-entry-cache "^8.0.0" @@ -838,14 +907,11 @@ eslint@^9.3.0: ignore "^5.2.0" imurmurhash "^0.1.4" is-glob "^4.0.0" - is-path-inside "^3.0.3" json-stable-stringify-without-jsonify "^1.0.1" - levn "^0.4.1" lodash.merge "^4.6.2" minimatch "^3.1.2" natural-compare "^1.4.0" optionator "^0.9.3" - strip-ansi "^6.0.1" text-table "^0.2.0" espree@^10.0.1: @@ -857,6 +923,15 @@ espree@^10.0.1: acorn-jsx "^5.3.2" eslint-visitor-keys "^4.0.0" +espree@^10.2.0: + version "10.2.0" + resolved "https://registry.yarnpkg.com/espree/-/espree-10.2.0.tgz#f4bcead9e05b0615c968e85f83816bc386a45df6" + integrity sha512-upbkBJbckcCNBDBDXEbuhjbP68n+scUd3k/U2EkyM9nw+I/jPiL4cLF/Al06CF96wRltFda16sxDFrxsI1v0/g== + dependencies: + acorn "^8.12.0" + acorn-jsx "^5.3.2" + eslint-visitor-keys "^4.1.0" + esprima@1.2.2: version "1.2.2" resolved "https://registry.yarnpkg.com/esprima/-/esprima-1.2.2.tgz#76a0fd66fcfe154fd292667dc264019750b1657b" @@ -872,10 +947,10 @@ esprima@^4.0.0: resolved "https://registry.yarnpkg.com/esprima/-/esprima-4.0.1.tgz#13b04cdb3e6c5d19df91ab6987a8695619b0aa71" integrity sha512-eGuFFw7Upda+g4p+QHvnW0RyTX/SVeJBDM/gCtMARO0cLuT2HcEKnTPvhjV6aGeqrCB/sbNop0Kszm0jsaWU4A== -esquery@^1.4.2: - version "1.5.0" - resolved "https://registry.yarnpkg.com/esquery/-/esquery-1.5.0.tgz#6ce17738de8577694edd7361c57182ac8cb0db0b" - integrity sha512-YQLXUplAwJgCydQ78IMJywZCceoqk1oH01OERdSAJc/7U2AylwjhSCLDEtqwg811idIS/9fIU5GjG73IgjKMVg== +esquery@^1.5.0: + version "1.6.0" + resolved "https://registry.yarnpkg.com/esquery/-/esquery-1.6.0.tgz#91419234f804d852a82dceec3e16cdc22cf9dae7" + integrity sha512-ca9pw9fomFcKPvFLXhBKUK90ZvGibiGOvRJNbjljY7s7uq/5YO4BOzcYtJqExdx99rF6aAcnRxHmcUHcz6sQsg== dependencies: estraverse "^5.1.0" @@ -974,13 +1049,6 @@ fast-levenshtein@^2.0.6, fast-levenshtein@~2.0.6: resolved "https://registry.yarnpkg.com/fast-levenshtein/-/fast-levenshtein-2.0.6.tgz#3d8a5c66883a16a30ca8643e851f19baa7797917" integrity sha1-PYpcZog6FqMMqGQ+hR8Zuqd5eRc= -fastq@^1.6.0: - version "1.17.1" - resolved "https://registry.yarnpkg.com/fastq/-/fastq-1.17.1.tgz#2a523f07a4e7b1e81a42b91b8bf2254107753b47" - integrity sha512-sRVD3lWVIXWg6By68ZN7vho9a1pQcN/WBFaAAsDDFzlJjvoGx0P8z7V1t72grFJfJhu3YPZBuu25f7Kaw2jN1w== - dependencies: - reusify "^1.0.4" - fd-slicer@~1.1.0: version "1.1.0" resolved "https://registry.yarnpkg.com/fd-slicer/-/fd-slicer-1.1.0.tgz#25c7c89cb1f9077f8891bbe61d8f390eae256f1e" @@ -1009,7 +1077,7 @@ fill-range@^7.0.1: dependencies: to-regex-range "^5.0.1" -find-up@5.0.0, find-up@^5.0.0: +find-up@^5.0.0: version "5.0.0" resolved "https://registry.yarnpkg.com/find-up/-/find-up-5.0.0.tgz#4c92819ecb7083561e4f4a240a86be5198f536fc" integrity sha512-78/PXT1wlLLDgTzDs7sjq9hzz0vXD+zn+7wypEe4fXQxCmdmqfGsEPQxmiCSQI3ajFV91bVSsvNtrJRiW6nGng== @@ -1040,13 +1108,13 @@ forever-agent@~0.6.1: resolved "https://registry.yarnpkg.com/forever-agent/-/forever-agent-0.6.1.tgz#fbc71f0c41adeb37f96c577ad1ed42d8fdacca91" integrity sha1-+8cfDEGt6zf5bFd60e1C2P2sypE= -form-data@~2.3.2: - version "2.3.3" - resolved "https://registry.yarnpkg.com/form-data/-/form-data-2.3.3.tgz#dcce52c05f644f298c6a7ab936bd724ceffbf3a6" - integrity sha512-1lLKB2Mu3aGP1Q/2eCOx0fNbRMe7XdwktwOruhfqqd0rIJWwN4Dh+E3hrPSlDCXnSR7UtZ1N38rVXm+6+MEhJQ== +form-data@~4.0.0: + version "4.0.0" + resolved "https://registry.yarnpkg.com/form-data/-/form-data-4.0.0.tgz#93919daeaf361ee529584b9b31664dc12c9fa452" + integrity sha512-ETEklSGi5t0QMZuiXoA/Q6vcnxcLQP5vdugSpuAyi6SVGi2clPPp+xgEhuMaHC+zGgn31Kd235W35f7Hykkaww== dependencies: asynckit "^0.4.0" - combined-stream "^1.0.6" + combined-stream "^1.0.8" mime-types "^2.1.12" fs-extra@^9.1.0: @@ -1069,24 +1137,26 @@ fsevents@~2.3.2: resolved "https://registry.yarnpkg.com/fsevents/-/fsevents-2.3.3.tgz#cac6407785d03675a2a5e1a5305c697b347d90d6" integrity sha512-5xoDfX+fL7faATnagmWPpbFtwh/R77WmMMqqHGS65C3vvB0YHrgF+B1YmZ3441tMj5n63k0212XNoJwzlhffQw== -function-bind@^1.1.1: - version "1.1.1" - resolved "https://registry.yarnpkg.com/function-bind/-/function-bind-1.1.1.tgz#a56899d3ea3c9bab874bb9773b7c5ede92f4895d" - integrity sha512-yIovAzMX49sF8Yl58fSCWJ5svSLuaibPxXQJFLmBObTuCr0Mf1KiPopGM9NiFjiYBCbfaa2Fh6breQ6ANVTI0A== +function-bind@^1.1.2: + version "1.1.2" + resolved "https://registry.yarnpkg.com/function-bind/-/function-bind-1.1.2.tgz#2c02d864d97f3ea6c8830c464cbd11ab6eab7a1c" + integrity sha512-7XHNxH7qX9xG5mIwxkhumTox/MIRNcOgDrxWsMt2pAr23WHp6MrRlN7FBSFpCpr+oVO0F744iUgR82nJMfG2SA== get-caller-file@^2.0.5: version "2.0.5" resolved "https://registry.yarnpkg.com/get-caller-file/-/get-caller-file-2.0.5.tgz#4f94412a82db32f36e3b0b9741f8a97feb031f7e" integrity sha512-DyFP3BM/3YHTQOCUL/w0OZHR0lpKeGrxotcHWcqNEdnltqFwXVfhEBQ94eIo34AfQpo0rGki4cyIiftY06h2Fg== -get-intrinsic@^1.0.2: - version "1.2.0" - resolved "https://registry.yarnpkg.com/get-intrinsic/-/get-intrinsic-1.2.0.tgz#7ad1dc0535f3a2904bba075772763e5051f6d05f" - integrity sha512-L049y6nFOuom5wGyRc3/gdTLO94dySVKRACj1RmJZBQXlbTMhtNIgkWkUHq+jYmZvKf14EW1EoJnnjbmoHij0Q== +get-intrinsic@^1.1.3, get-intrinsic@^1.2.4: + version "1.2.4" + resolved "https://registry.yarnpkg.com/get-intrinsic/-/get-intrinsic-1.2.4.tgz#e385f5a4b5227d449c3eabbad05494ef0abbeadd" + integrity sha512-5uYhsJH8VJBTv7oslg4BznJYhDoRI6waYCxMmCdnTrcCrHA/fCFKoTFz2JKKE0HdDFUF7/oQuhzumXJK7paBRQ== dependencies: - function-bind "^1.1.1" - has "^1.0.3" + es-errors "^1.3.0" + function-bind "^1.1.2" + has-proto "^1.0.1" has-symbols "^1.0.3" + hasown "^2.0.0" get-stream@^5.0.0, get-stream@^5.1.0: version "5.2.0" @@ -1123,7 +1193,7 @@ glob-parent@~5.1.2: dependencies: is-glob "^4.0.1" -glob@8.1.0: +glob@^8.1.0: version "8.1.0" resolved "https://registry.yarnpkg.com/glob/-/glob-8.1.0.tgz#d388f656593ef708ee3e34640fdfb99a9fd1c33e" integrity sha512-r8hpEjiQEYlF2QU0df3dS+nxxSIreXQS1qRhMJM0Q5NDdR386C7jb7Hwwod8Fgiuex+k0GFjgft18yvxm5XoCQ== @@ -1134,18 +1204,6 @@ glob@8.1.0: minimatch "^5.0.1" once "^1.3.0" -glob@^7.1.3: - version "7.1.6" - resolved "https://registry.yarnpkg.com/glob/-/glob-7.1.6.tgz#141f33b81a7c2492e125594307480c46679278a6" - integrity sha512-LwaxwyZ72Lk7vZINtNNrywX0ZuLyStrdDtabefZKAY5ZGJhVtgdznluResxNmPitE0SAO+O26sWTHeKSI2wMBA== - dependencies: - fs.realpath "^1.0.0" - inflight "^1.0.4" - inherits "2" - minimatch "^3.0.4" - once "^1.3.0" - path-is-absolute "^1.0.0" - global-dirs@^3.0.0: version "3.0.1" resolved "https://registry.yarnpkg.com/global-dirs/-/global-dirs-3.0.1.tgz#0c488971f066baceda21447aecb1a8b911d22485" @@ -1165,6 +1223,13 @@ globals@^14.0.0: resolved "https://registry.yarnpkg.com/globals/-/globals-14.0.0.tgz#898d7413c29babcf6bafe56fcadded858ada724e" integrity sha512-oahGvuMGQlPw/ivIYBjVSrWAfWLBeku5tpPE2fOPLi+WHffIWbuh2tCjhyQhTBPMf5E9jDEH4FOmTYgYwbKwtQ== +gopd@^1.0.1: + version "1.0.1" + resolved "https://registry.yarnpkg.com/gopd/-/gopd-1.0.1.tgz#29ff76de69dac7489b7c0918a5788e56477c332c" + integrity sha512-d65bNlIadxvpb/A2abVdlqKqV563juRnZ1Wtk6s1sIR8uNsXR70xqIzVqxVf1eTqDunwT2MkczEeaezCKTZhwA== + dependencies: + get-intrinsic "^1.1.3" + graceful-fs@^4.1.6, graceful-fs@^4.2.0: version "4.2.3" resolved "https://registry.yarnpkg.com/graceful-fs/-/graceful-fs-4.2.3.tgz#4a12ff1b60376ef09862c2093edd908328be8423" @@ -1175,31 +1240,43 @@ has-flag@^4.0.0: resolved "https://registry.yarnpkg.com/has-flag/-/has-flag-4.0.0.tgz#944771fd9c81c81265c4d6941860da06bb59479b" integrity sha512-EykJT/Q1KjTWctppgIAgfSO0tKVuZUjhgMr17kqTumMl6Afv3EISleU7qZUzoXDFTAHTDC4NOoG/ZxU3EvlMPQ== +has-property-descriptors@^1.0.2: + version "1.0.2" + resolved "https://registry.yarnpkg.com/has-property-descriptors/-/has-property-descriptors-1.0.2.tgz#963ed7d071dc7bf5f084c5bfbe0d1b6222586854" + integrity sha512-55JNKuIW+vq4Ke1BjOTjM2YctQIvCT7GFzHwmfZPGo5wnrgkid0YQtnAleFSqumZm4az3n2BS+erby5ipJdgrg== + dependencies: + es-define-property "^1.0.0" + +has-proto@^1.0.1: + version "1.0.3" + resolved "https://registry.yarnpkg.com/has-proto/-/has-proto-1.0.3.tgz#b31ddfe9b0e6e9914536a6ab286426d0214f77fd" + integrity sha512-SJ1amZAJUiZS+PhsVLf5tGydlaVB8EdFpaSO4gmiUKUOxk8qzn5AIy4ZeJUmh22znIdk/uMAUT2pl3FxzVUH+Q== + has-symbols@^1.0.3: version "1.0.3" resolved "https://registry.yarnpkg.com/has-symbols/-/has-symbols-1.0.3.tgz#bb7b2c4349251dce87b125f7bdf874aa7c8b39f8" integrity sha512-l3LCuF6MgDNwTDKkdYGEihYjt5pRPbEg46rtlmnSPlUbgmB8LOIrKJbYYFBSbnPaJexMKtiPO8hmeRjRz2Td+A== -has@^1.0.3: - version "1.0.3" - resolved "https://registry.yarnpkg.com/has/-/has-1.0.3.tgz#722d7cbfc1f6aa8241f16dd814e011e1f41e8796" - integrity sha512-f2dvO0VU6Oej7RkWJGrehjbzMAjFp5/VKPp5tTpWIV4JHHZK1/BxbFRtf/siA2SWTe09caDmVtYYzWEIbBS4zw== +hasown@^2.0.0: + version "2.0.2" + resolved "https://registry.yarnpkg.com/hasown/-/hasown-2.0.2.tgz#003eaf91be7adc372e84ec59dc37252cedb80003" + integrity sha512-0hJU9SCPvmMzIBdZFqNPXWa6dqh7WdH0cII9y+CyS8rG3nL48Bclra9HmKhVVUHyPWNH5Y7xDwAB7bfgSjkUMQ== dependencies: - function-bind "^1.1.1" + function-bind "^1.1.2" -he@1.2.0: +he@^1.2.0: version "1.2.0" resolved "https://registry.yarnpkg.com/he/-/he-1.2.0.tgz#84ae65fa7eafb165fddb61566ae14baf05664f0f" integrity sha512-F/1DnUGPopORZi0ni+CvrCgHQ5FyEAHRLSApuYWMmrbSwoN2Mn/7k+Gl38gJnR7yyDZk6WLXwiGod1JOWNDKGw== -http-signature@~1.3.6: - version "1.3.6" - resolved "https://registry.yarnpkg.com/http-signature/-/http-signature-1.3.6.tgz#cb6fbfdf86d1c974f343be94e87f7fc128662cf9" - integrity sha512-3adrsD6zqo4GsTqtO7FyrejHNv+NgiIfAfv68+jVlFmSr9OGy7zrxONceFRLKvnnZA5jbxQBX1u9PpB6Wi32Gw== +http-signature@~1.4.0: + version "1.4.0" + resolved "https://registry.yarnpkg.com/http-signature/-/http-signature-1.4.0.tgz#dee5a9ba2bf49416abc544abd6d967f6a94c8c3f" + integrity sha512-G5akfn7eKbpDN+8nPS/cb57YeA1jLTVxjpCj7tmm3QKPdyDy7T+qSC40e9ptydSWvkwjSXw1VbkpyEm39ukeAg== dependencies: assert-plus "^1.0.0" jsprim "^2.0.2" - sshpk "^1.14.1" + sshpk "^1.18.0" human-signals@^1.1.1: version "1.1.1" @@ -1313,7 +1390,7 @@ is-number@^7.0.0: resolved "https://registry.yarnpkg.com/is-number/-/is-number-7.0.0.tgz#7535345b896734d5f80c4d06c50955527a14f12b" integrity sha512-41Cifkg6e8TylSpdtTpeLVMqvSBEVzTttHvERD741+pnZ8ANv0004MRL43QKPDlK9cGvNp6NZWZUBlbGXYxxng== -is-path-inside@^3.0.2, is-path-inside@^3.0.3: +is-path-inside@^3.0.2: version "3.0.3" resolved "https://registry.yarnpkg.com/is-path-inside/-/is-path-inside-3.0.3.tgz#d231362e53a07ff2b0e0ea7fed049161ffd16283" integrity sha512-Fd4gABb+ycGAmKou8eMftCupSir5lRxqf4aD/vd0cD2qc4HL07OjCeuHMr8Ro4CoMaeCKDB0/ECBOVWjTwUvPQ== @@ -1348,13 +1425,6 @@ isstream@~0.1.2: resolved "https://registry.yarnpkg.com/isstream/-/isstream-0.1.2.tgz#47e63f7af55afa6f92e1500e690eb8b8529c099a" integrity sha1-R+Y/evVa+m+S4VAOaQ64uFKcCZo= -js-yaml@4.1.0, js-yaml@^4.1.0: - version "4.1.0" - resolved "https://registry.yarnpkg.com/js-yaml/-/js-yaml-4.1.0.tgz#c1fb65f8f5017901cdd2c951864ba18458a10602" - integrity sha512-wpxZs9NoxZaJESJGIZTyDEaYpl0FKSA+FB9aJiyemKhMwkxQg63h4T1KJgUGHpTqPDNRcmmYLugrRjJlBtWvRA== - dependencies: - argparse "^2.0.1" - js-yaml@^3.13.1: version "3.13.1" resolved "https://registry.yarnpkg.com/js-yaml/-/js-yaml-3.13.1.tgz#aff151b30bfdfa8e49e05da22e7415e9dfa37847" @@ -1363,6 +1433,13 @@ js-yaml@^3.13.1: argparse "^1.0.7" esprima "^4.0.0" +js-yaml@^4.1.0: + version "4.1.0" + resolved "https://registry.yarnpkg.com/js-yaml/-/js-yaml-4.1.0.tgz#c1fb65f8f5017901cdd2c951864ba18458a10602" + integrity sha512-wpxZs9NoxZaJESJGIZTyDEaYpl0FKSA+FB9aJiyemKhMwkxQg63h4T1KJgUGHpTqPDNRcmmYLugrRjJlBtWvRA== + dependencies: + argparse "^2.0.1" + jsbn@~0.1.0: version "0.1.1" resolved "https://registry.yarnpkg.com/jsbn/-/jsbn-0.1.1.tgz#a5e654c2e5a2deb5f201d96cefbca80c0ef2f513" @@ -1497,7 +1574,7 @@ lodash@^4.17.21: resolved "https://registry.yarnpkg.com/lodash/-/lodash-4.17.21.tgz#679591c564c3bffaae8454cf0b3df370c3d6911c" integrity sha512-v2kDEe57lecTulaDIuNTPy3Ry4gLGJ6Z1O3vE1krgXZNrsQ+LFTGHVxVjcXPs17LhbZVGedAJv8XZ1tvj5FvSg== -log-symbols@4.1.0, log-symbols@^4.0.0: +log-symbols@^4.0.0, log-symbols@^4.1.0: version "4.1.0" resolved "https://registry.yarnpkg.com/log-symbols/-/log-symbols-4.1.0.tgz#3fbdbb95b4683ac9fc785111e792e558d4abd503" integrity sha512-8XPvpAA8uyhfteu8pIvQxpJZ7SYYdpUivZpGy6sFsBuKRY/7rQGavedeB8aK+Zkyq6upMFVL/9AW6vOYzfRyLg== @@ -1546,28 +1623,14 @@ mimic-fn@^2.1.0: resolved "https://registry.yarnpkg.com/mimic-fn/-/mimic-fn-2.1.0.tgz#7ed2c2ccccaf84d3ffcb7a69b57711fc2083401b" integrity sha512-OqbOk5oEQeAZ8WXWydlu9HJjz9WVdEIvamMCcXmuqUYjTknH/sqsWvhQ3vgwKFRR1HpjvNBKQ37nbJgYzGqGcg== -minimatch@5.0.1: - version "5.0.1" - resolved "https://registry.yarnpkg.com/minimatch/-/minimatch-5.0.1.tgz#fb9022f7528125187c92bd9e9b6366be1cf3415b" - integrity sha512-nLDxIFRyhDblz3qMuq+SoRZED4+miJ/G+tdDrjkkkRnjAsBexeGpgjLEQ0blJy7rHhR2b93rhQY4SvyWu9v03g== - dependencies: - brace-expansion "^2.0.1" - -minimatch@^3.0.4: - version "3.0.4" - resolved "https://registry.yarnpkg.com/minimatch/-/minimatch-3.0.4.tgz#5166e286457f03306064be5497e8dbb0c3d32083" - integrity sha512-yJHVQEhyqPLUTgt9B83PXu6W3rx4MvvHvSUvToogpwoGDOUQ+yDrR0HRot+yOCdCO7u4hX3pWft6kWBBcqh0UA== - dependencies: - brace-expansion "^1.1.7" - -minimatch@^3.0.5, minimatch@^3.1.2: +minimatch@^3.1.2: version "3.1.2" resolved "https://registry.yarnpkg.com/minimatch/-/minimatch-3.1.2.tgz#19cd194bfd3e428f049a70817c038d89ab4be35b" integrity sha512-J7p63hRiAjw1NDEww1W7i37+ByIrOWO5XQQAzZ3VOcL0PNybwpfmV/N05zFAzwQ9USyEcX6t3UO+K5aqBQOIHw== dependencies: brace-expansion "^1.1.7" -minimatch@^5.0.1: +minimatch@^5.0.1, minimatch@^5.1.6: version "5.1.6" resolved "https://registry.yarnpkg.com/minimatch/-/minimatch-5.1.6.tgz#1cfcb8cf5522ea69952cd2af95ae09477f122a96" integrity sha512-lKwV/1brpG6mBUFHtb7NUmtABCb2WZZmm2wNiOA5hAb8VdCS4B3dtMWyvcoViccwAW/COERjXLt0zP1zXUN26g== @@ -1595,38 +1658,38 @@ mocha-junit-reporter@^2.2.1: strip-ansi "^6.0.1" xml "^1.0.1" -mocha@^10.4.0: - version "10.4.0" - resolved "https://registry.yarnpkg.com/mocha/-/mocha-10.4.0.tgz#ed03db96ee9cfc6d20c56f8e2af07b961dbae261" - integrity sha512-eqhGB8JKapEYcC4ytX/xrzKforgEc3j1pGlAXVy3eRwrtAy5/nIfT1SvgGzfN0XZZxeLq0aQWkOUAmqIJiv+bA== - dependencies: - ansi-colors "4.1.1" - browser-stdout "1.3.1" - chokidar "3.5.3" - debug "4.3.4" - diff "5.0.0" - escape-string-regexp "4.0.0" - find-up "5.0.0" - glob "8.1.0" - he "1.2.0" - js-yaml "4.1.0" - log-symbols "4.1.0" - minimatch "5.0.1" - ms "2.1.3" - serialize-javascript "6.0.0" - strip-json-comments "3.1.1" - supports-color "8.1.1" - workerpool "6.2.1" - yargs "16.2.0" - yargs-parser "20.2.4" - yargs-unparser "2.0.0" +mocha@^10.7.3: + version "10.7.3" + resolved "https://registry.yarnpkg.com/mocha/-/mocha-10.7.3.tgz#ae32003cabbd52b59aece17846056a68eb4b0752" + integrity sha512-uQWxAu44wwiACGqjbPYmjo7Lg8sFrS3dQe7PP2FQI+woptP4vZXSMcfMyFL/e1yFEeEpV4RtyTpZROOKmxis+A== + dependencies: + ansi-colors "^4.1.3" + browser-stdout "^1.3.1" + chokidar "^3.5.3" + debug "^4.3.5" + diff "^5.2.0" + escape-string-regexp "^4.0.0" + find-up "^5.0.0" + glob "^8.1.0" + he "^1.2.0" + js-yaml "^4.1.0" + log-symbols "^4.1.0" + minimatch "^5.1.6" + ms "^2.1.3" + serialize-javascript "^6.0.2" + strip-json-comments "^3.1.1" + supports-color "^8.1.1" + workerpool "^6.5.1" + yargs "^16.2.0" + yargs-parser "^20.2.9" + yargs-unparser "^2.0.0" ms@2.1.2, ms@^2.1.1: version "2.1.2" resolved "https://registry.yarnpkg.com/ms/-/ms-2.1.2.tgz#d09d1f357b443f493382a8eb3ccd183872ae6009" integrity sha512-sGkPx+VjMtmA6MX27oA4FBFELFCZZ4S4XqeGOXCv68tT+jb3vk/RyaKWP0PTKyWtmLSM0b+adUTEvbs1PEaH2w== -ms@2.1.3: +ms@^2.1.3: version "2.1.3" resolved "https://registry.yarnpkg.com/ms/-/ms-2.1.3.tgz#574c8138ce1d2b5861f0b44579dbadd60c6615b2" integrity sha512-6FlzubTLZG3J2a/NVCAleEhjzq5oxgHyaCU9yYXvcLsvoVaHJq/s5xXI6/XXP6tz7R9xAOtHnSO/tXtF3WRTlA== @@ -1648,10 +1711,10 @@ npm-run-path@^4.0.0: dependencies: path-key "^3.0.0" -object-inspect@^1.9.0: - version "1.12.3" - resolved "https://registry.yarnpkg.com/object-inspect/-/object-inspect-1.12.3.tgz#ba62dffd67ee256c8c086dfae69e016cd1f198b9" - integrity sha512-geUvdk7c+eizMNUDkRpW1wJwgfOiOeHbxBR/hLXK1aT6zmVSO0jsQcs7fj6MGw89jC/cjGfLcNOrtMYtGqm81g== +object-inspect@^1.13.1: + version "1.13.2" + resolved "https://registry.yarnpkg.com/object-inspect/-/object-inspect-1.13.2.tgz#dea0088467fb991e67af4058147a24824a3043ff" + integrity sha512-IRZSRuzJiynemAXPYtPe5BoI/RESNYR7TYm50MC5Mqbd3Jmw5y790sErYw3V6SryFJD64b74qQQs9wn5Bg/k3g== once@^1.3.0, once@^1.3.1, once@^1.4.0: version "1.4.0" @@ -1734,11 +1797,6 @@ path-exists@^4.0.0: resolved "https://registry.yarnpkg.com/path-exists/-/path-exists-4.0.0.tgz#513bdbe2d3b95d7762e8c1137efa195c6c61b5b3" integrity sha512-ak9Qy5Q7jYb2Wwcey5Fpvg2KoAc/ZIhLSLOSBmRmygPsGwkVVt0fZa0qrtMz+m6tJTAHfZQ8FnmB4MG4LWy7/w== -path-is-absolute@^1.0.0: - version "1.0.1" - resolved "https://registry.yarnpkg.com/path-is-absolute/-/path-is-absolute-1.0.1.tgz#174b9268735534ffbc7ace6bf53a5a9e1b5c5f5f" - integrity sha1-F0uSaHNVNP+8es5r9TpanhtcX18= - path-key@^3.0.0, path-key@^3.1.0: version "3.1.1" resolved "https://registry.yarnpkg.com/path-key/-/path-key-3.1.1.tgz#581f6ade658cbba65a0d3380de7753295054f375" @@ -1822,23 +1880,18 @@ qs@1.2.0: resolved "https://registry.yarnpkg.com/qs/-/qs-1.2.0.tgz#ed079be28682147e6fd9a34cc2b0c1e0ec6453ee" integrity sha1-7Qeb4oaCFH5v2aNMwrDB4OxkU+4= -qs@6.10.4: - version "6.10.4" - resolved "https://registry.yarnpkg.com/qs/-/qs-6.10.4.tgz#6a3003755add91c0ec9eacdc5f878b034e73f9e7" - integrity sha512-OQiU+C+Ds5qiH91qh/mg0w+8nwQuLjM4F4M/PbmhDOoYehPh+Fb0bDjtR1sOvy7YKxvj28Y/M0PhP5uVX0kB+g== +qs@6.13.0: + version "6.13.0" + resolved "https://registry.yarnpkg.com/qs/-/qs-6.13.0.tgz#6ca3bd58439f7e245655798997787b0d88a51906" + integrity sha512-+38qI9SOr8tfZ4QmJNplMUxqjbe7LKvvZgWdExBOmd+egZTtjLB67Gu0HRX3u/XOq7UU2Nx6nsjvS16Z9uwfpg== dependencies: - side-channel "^1.0.4" + side-channel "^1.0.6" querystringify@^2.1.1: version "2.2.0" resolved "https://registry.yarnpkg.com/querystringify/-/querystringify-2.2.0.tgz#3345941b4153cb9d082d8eee4cda2016a9aef7f6" integrity sha512-FIqgj2EUvTa7R50u0rGsyTftzjYmv/a3hO345bZNrqabNqjtgiDMgmo4mkUjd+nzU5oF3dClKqFIPUKybUyqoQ== -queue-microtask@^1.2.2: - version "1.2.3" - resolved "https://registry.yarnpkg.com/queue-microtask/-/queue-microtask-1.2.3.tgz#4929228bbc724dfac43e0efb058caf7b6cfb6243" - integrity sha512-NuaNSa6flKT5JaSYQzJok04JzTL1CA6aGhv5rfLW3PgqA+M2ChpZQnAC8h8i4ZFkBS8X5RqkDBHA7r4hej3K9A== - randombytes@^2.1.0: version "2.1.0" resolved "https://registry.yarnpkg.com/randombytes/-/randombytes-2.1.0.tgz#df6f84372f0270dc65cdf6291349ab7a473d4f2a" @@ -1888,30 +1941,11 @@ restore-cursor@^3.1.0: onetime "^5.1.0" signal-exit "^3.0.2" -reusify@^1.0.4: - version "1.0.4" - resolved "https://registry.yarnpkg.com/reusify/-/reusify-1.0.4.tgz#90da382b1e126efc02146e90845a88db12925d76" - integrity sha512-U9nH88a3fc/ekCF1l0/UP1IosiuIjyTh7hBvXVMHYgVcfGvt897Xguj2UOLDeI5BG2m7/uwyaLVT6fbtCwTyzw== - rfdc@^1.3.0: version "1.3.0" resolved "https://registry.yarnpkg.com/rfdc/-/rfdc-1.3.0.tgz#d0b7c441ab2720d05dc4cf26e01c89631d9da08b" integrity sha512-V2hovdzFbOi77/WajaSMXk2OLm+xNIeQdMMuB7icj7bk6zi2F8GGAxigcnDFpJHbNyNcgyJDiP+8nOrY5cZGrA== -rimraf@^3.0.0: - version "3.0.2" - resolved "https://registry.yarnpkg.com/rimraf/-/rimraf-3.0.2.tgz#f1a5402ba6220ad52cc1282bac1ae3aa49fd061a" - integrity sha512-JZkJMZkAGFFPP2YqXZXPbMlMBgsxzE8ILs4lMIX/2o0L9UBw9O/Y3o6wFw/i9YLapcUJWwqbi3kdxIPdC62TIA== - dependencies: - glob "^7.1.3" - -run-parallel@^1.1.9: - version "1.2.0" - resolved "https://registry.yarnpkg.com/run-parallel/-/run-parallel-1.2.0.tgz#66d1368da7bdf921eb9d95bd1a9229e7f21a43ee" - integrity sha512-5l4VyZR86LZ/lDxZTR6jqL8AFE2S0IFLMP26AbjsLVADxHdhB/c0GUsH+y39UfCi3dzz8OlQuPmnaJOMoDHQBA== - dependencies: - queue-microtask "^1.2.2" - rxjs@^7.5.1: version "7.8.0" resolved "https://registry.yarnpkg.com/rxjs/-/rxjs-7.8.0.tgz#90a938862a82888ff4c7359811a595e14e1e09a4" @@ -1944,13 +1978,25 @@ semver@^7.5.3: resolved "https://registry.yarnpkg.com/semver/-/semver-7.6.2.tgz#1e3b34759f896e8f14d6134732ce798aeb0c6e13" integrity sha512-FNAIBWCx9qcRhoHcgcJ0gvU7SN1lYU2ZXuSfl04bSC5OpvDHFyJCjdNHomPXxjQlCBU67YW64PzY7/VIEH7F2w== -serialize-javascript@6.0.0: - version "6.0.0" - resolved "https://registry.yarnpkg.com/serialize-javascript/-/serialize-javascript-6.0.0.tgz#efae5d88f45d7924141da8b5c3a7a7e663fefeb8" - integrity sha512-Qr3TosvguFt8ePWqsvRfrKyQXIiW+nGbYpy8XK24NQHE83caxWt+mIymTT19DGFbNWNLfEwsrkSmN64lVWB9ag== +serialize-javascript@^6.0.2: + version "6.0.2" + resolved "https://registry.yarnpkg.com/serialize-javascript/-/serialize-javascript-6.0.2.tgz#defa1e055c83bf6d59ea805d8da862254eb6a6c2" + integrity sha512-Saa1xPByTTq2gdeFZYLLo+RFE35NHZkAbqZeWNd3BpzppeVisAqpDjcp8dyf6uIvEqJRd46jemmyA4iFIeVk8g== dependencies: randombytes "^2.1.0" +set-function-length@^1.2.1: + version "1.2.2" + resolved "https://registry.yarnpkg.com/set-function-length/-/set-function-length-1.2.2.tgz#aac72314198eaed975cf77b2c3b6b880695e5449" + integrity sha512-pgRc4hJ4/sNjWCSS9AmnS40x3bNMDTknHgL5UaMBTMyJnU90EgWh1Rz+MC9eFu4BuN/UwZjKQuY/1v3rM7HMfg== + dependencies: + define-data-property "^1.1.4" + es-errors "^1.3.0" + function-bind "^1.1.2" + get-intrinsic "^1.2.4" + gopd "^1.0.1" + has-property-descriptors "^1.0.2" + shebang-command@^2.0.0: version "2.0.0" resolved "https://registry.yarnpkg.com/shebang-command/-/shebang-command-2.0.0.tgz#ccd0af4f8835fbdc265b82461aaf0c36663f34ea" @@ -1963,14 +2009,15 @@ shebang-regex@^3.0.0: resolved "https://registry.yarnpkg.com/shebang-regex/-/shebang-regex-3.0.0.tgz#ae16f1644d873ecad843b0307b143362d4c42172" integrity sha512-7++dFhtcx3353uBaq8DDR4NuxBetBzC7ZQOhmTQInHEd6bSrXdiEyzCvG07Z44UYdLShWUyXt5M/yhz8ekcb1A== -side-channel@^1.0.4: - version "1.0.4" - resolved "https://registry.yarnpkg.com/side-channel/-/side-channel-1.0.4.tgz#efce5c8fdc104ee751b25c58d4290011fa5ea2cf" - integrity sha512-q5XPytqFEIKHkGdiMIrY10mvLRvnQh42/+GoBlFW3b2LXLE2xxJpZFdm94we0BaoV3RwJyGqg5wS7epxTv0Zvw== +side-channel@^1.0.6: + version "1.0.6" + resolved "https://registry.yarnpkg.com/side-channel/-/side-channel-1.0.6.tgz#abd25fb7cd24baf45466406b1096b7831c9215f2" + integrity sha512-fDW/EZ6Q9RiO8eFG8Hj+7u/oW+XrPTIChwCOM2+th2A6OblDtYYIpve9m+KvI9Z4C9qSEXlaGR6bTEYHReuglA== dependencies: - call-bind "^1.0.0" - get-intrinsic "^1.0.2" - object-inspect "^1.9.0" + call-bind "^1.0.7" + es-errors "^1.3.0" + get-intrinsic "^1.2.4" + object-inspect "^1.13.1" signal-exit@^3.0.2: version "3.0.2" @@ -2005,10 +2052,10 @@ sprintf-js@~1.0.2: resolved "https://registry.yarnpkg.com/sprintf-js/-/sprintf-js-1.0.3.tgz#04e6926f662895354f3dd015203633b857297e2c" integrity sha1-BOaSb2YolTVPPdAVIDYzuFcpfiw= -sshpk@^1.14.1: - version "1.17.0" - resolved "https://registry.yarnpkg.com/sshpk/-/sshpk-1.17.0.tgz#578082d92d4fe612b13007496e543fa0fbcbe4c5" - integrity sha512-/9HIEs1ZXGhSPE8X6Ccm7Nam1z8KcoCqPdI7ecm1N33EzAetWahvQWVqLZtaZQ+IDKX4IyA2o0gBzqIMkAagHQ== +sshpk@^1.18.0: + version "1.18.0" + resolved "https://registry.yarnpkg.com/sshpk/-/sshpk-1.18.0.tgz#1663e55cddf4d688b86a46b77f0d5fe363aba028" + integrity sha512-2p2KJZTSqQ/I3+HX42EpYOa2l3f8Erv8MWKsy2I9uf4wA7yFIkXRffYdsx86y6z4vHtV8u7g+pPlr8/4ouAxsQ== dependencies: asn1 "~0.2.3" assert-plus "^1.0.0" @@ -2064,18 +2111,11 @@ strip-final-newline@^2.0.0: resolved "https://registry.yarnpkg.com/strip-final-newline/-/strip-final-newline-2.0.0.tgz#89b852fb2fcbe936f6f4b3187afb0a12c1ab58ad" integrity sha512-BrpvfNAE3dcvq7ll3xVumzjKjZQ5tI1sEUIKr3Uoks0XUl45St3FlatVqef9prk4jRDzhW6WZg+3bk93y6pLjA== -strip-json-comments@3.1.1, strip-json-comments@^3.1.1: +strip-json-comments@^3.1.1: version "3.1.1" resolved "https://registry.yarnpkg.com/strip-json-comments/-/strip-json-comments-3.1.1.tgz#31f1281b3832630434831c310c01cccda8cbe006" integrity sha512-6fPc+R4ihwqP6N/aIv2f1gMH8lOVtWQHoqC4yK6oSDVVocumAsfCqjkXnqiYMhmMwS/mEHLp7Vehlt3ql6lEig== -supports-color@8.1.1, supports-color@^8.1.1: - version "8.1.1" - resolved "https://registry.yarnpkg.com/supports-color/-/supports-color-8.1.1.tgz#cd6fc17e28500cff56c1b86c0a7fd4a54a73005c" - integrity sha512-MpUEN2OodtUzxvKQl72cUF7RQ5EiHsGvSsVG0ia9c5RbWGL2CI4C7EpPS8UTBIplnlzZiNuV56w+FuNxy3ty2Q== - dependencies: - has-flag "^4.0.0" - supports-color@^7.1.0: version "7.1.0" resolved "https://registry.yarnpkg.com/supports-color/-/supports-color-7.1.0.tgz#68e32591df73e25ad1c4b49108a2ec507962bfd1" @@ -2083,6 +2123,13 @@ supports-color@^7.1.0: dependencies: has-flag "^4.0.0" +supports-color@^8.1.1: + version "8.1.1" + resolved "https://registry.yarnpkg.com/supports-color/-/supports-color-8.1.1.tgz#cd6fc17e28500cff56c1b86c0a7fd4a54a73005c" + integrity sha512-MpUEN2OodtUzxvKQl72cUF7RQ5EiHsGvSsVG0ia9c5RbWGL2CI4C7EpPS8UTBIplnlzZiNuV56w+FuNxy3ty2Q== + dependencies: + has-flag "^4.0.0" + text-table@^0.2.0: version "0.2.0" resolved "https://registry.yarnpkg.com/text-table/-/text-table-0.2.0.tgz#7f5ee823ae805207c00af2df4a84ec3fcfa570b4" @@ -2098,12 +2145,10 @@ through@^2.3.8: resolved "https://registry.yarnpkg.com/through/-/through-2.3.8.tgz#0dd4c9ffaabc357960b1b724115d7e0e86a2e1f5" integrity sha512-w89qg7PI8wAdvX60bMDP+bFoD5Dvhm9oLheFp5O4a2QF0cSBGsBX4qZmadPMvVqlLJBBci+WqGGOAPvcDeNSVg== -tmp@~0.2.1: - version "0.2.1" - resolved "https://registry.yarnpkg.com/tmp/-/tmp-0.2.1.tgz#8457fc3037dcf4719c251367a1af6500ee1ccf14" - integrity sha512-76SUhtfqR2Ijn+xllcI5P1oyannHNHByD80W1q447gU3mp9G9PSpGdWmjUOHRDPiHYacIk66W7ubDTuPF3BEtQ== - dependencies: - rimraf "^3.0.0" +tmp@~0.2.3: + version "0.2.3" + resolved "https://registry.yarnpkg.com/tmp/-/tmp-0.2.3.tgz#eb783cc22bc1e8bebd0671476d46ea4eb32a79ae" + integrity sha512-nZD7m9iCPC5g0pYmcaxogYKggSfLsdxl8of3Q/oIbqCqLLIO9IAF0GWjX1z9NZRHPiXv8Wex4yDCaZsgEw0Y8w== to-regex-range@^5.0.1: version "5.0.1" @@ -2236,10 +2281,10 @@ word-wrap@~1.2.3: resolved "https://registry.yarnpkg.com/word-wrap/-/word-wrap-1.2.4.tgz#cb4b50ec9aca570abd1f52f33cd45b6c61739a9f" integrity sha512-2V81OA4ugVo5pRo46hAoD2ivUJx8jXmWXfUkY4KFNw0hEptvN0QfH3K4nHiwzGeKl5rFKedV48QVoqYavy4YpA== -workerpool@6.2.1: - version "6.2.1" - resolved "https://registry.yarnpkg.com/workerpool/-/workerpool-6.2.1.tgz#46fc150c17d826b86a008e5a4508656777e9c343" - integrity sha512-ILEIE97kDZvF9Wb9f6h5aXK4swSlKGUcOEGiIYb2OOu/IrDU9iwj0fD//SsA6E5ibwJxpEvhullJY4Sl4GcpAw== +workerpool@^6.5.1: + version "6.5.1" + resolved "https://registry.yarnpkg.com/workerpool/-/workerpool-6.5.1.tgz#060f73b39d0caf97c6db64da004cd01b4c099544" + integrity sha512-Fs4dNYcsdpYSAfVxhnl1L5zTksjvOJxtC5hzMNl+1t9B8hTJTdKDyZ5ju7ztgPy+ft9tBFXoOlDNiOT9WUXZlA== wrap-ansi@^6.2.0: version "6.2.0" @@ -2292,17 +2337,12 @@ yaml@0.2.3: resolved "https://registry.yarnpkg.com/yaml/-/yaml-0.2.3.tgz#b5450e92e76ef36b5dd24e3660091ebaeef3e5c7" integrity sha1-tUUOkudu82td0k42YAkeuu7z5cc= -yargs-parser@20.2.4: - version "20.2.4" - resolved "https://registry.yarnpkg.com/yargs-parser/-/yargs-parser-20.2.4.tgz#b42890f14566796f85ae8e3a25290d205f154a54" - integrity sha512-WOkpgNhPTlE73h4VFAFsOnomJVaovO8VqLDzy5saChRBFQFBoMYirowyW+Q9HB4HFF4Z7VZTiG3iSzJJA29yRA== - -yargs-parser@^20.2.2: +yargs-parser@^20.2.2, yargs-parser@^20.2.9: version "20.2.9" resolved "https://registry.yarnpkg.com/yargs-parser/-/yargs-parser-20.2.9.tgz#2eb7dc3b0289718fc295f362753845c41a0c94ee" integrity sha512-y11nGElTIV+CT3Zv9t7VKl+Q3hTQoT9a1Qzezhhl6Rp21gJ/IVTW7Z3y9EWXhuUBC2Shnf+DX0antecpAwSP8w== -yargs-unparser@2.0.0: +yargs-unparser@^2.0.0: version "2.0.0" resolved "https://registry.yarnpkg.com/yargs-unparser/-/yargs-unparser-2.0.0.tgz#f131f9226911ae5d9ad38c432fe809366c2325eb" integrity sha512-7pRTIA9Qc1caZ0bZ6RYRGbHJthJWuakf+WmHK0rVeLkNrrGhfoabBNdue6kdINI6r4if7ocq9aD/n7xwKOdzOA== @@ -2312,7 +2352,7 @@ yargs-unparser@2.0.0: flat "^5.0.2" is-plain-obj "^2.1.0" -yargs@16.2.0: +yargs@^16.2.0: version "16.2.0" resolved "https://registry.yarnpkg.com/yargs/-/yargs-16.2.0.tgz#1c82bf0f6b6a66eafce7ef30e376f49a12477f66" integrity sha512-D1mvvtDG0L5ft/jGWkLpG1+m0eQxOfaBvTNELraWj22wSVUMWxZUvYgJYcKh6jGGIkJFhH4IZPQhR4TKpc8mBw== From 7c97516de673511c570dea12eee066af85fca1d5 Mon Sep 17 00:00:00 2001 From: Jamie Curnow Date: Thu, 10 Oct 2024 16:31:19 +1000 Subject: [PATCH 030/175] Fix schema issue with cors --- backend/lib/access.js | 2 +- backend/lib/express/cors.js | 42 ++++++++----------------------------- 2 files changed, 10 insertions(+), 34 deletions(-) diff --git a/backend/lib/access.js b/backend/lib/access.js index 57dd379c8..0e658a656 100644 --- a/backend/lib/access.js +++ b/backend/lib/access.js @@ -268,6 +268,7 @@ module.exports = function (token_string) { let permissionSchema = { $async: true, $id: 'permissions', + type: 'object', additionalProperties: false, properties: {} }; @@ -277,7 +278,6 @@ module.exports = function (token_string) { const ajv = new Ajv({ verbose: true, allErrors: true, - missingRefs: 'fail', breakOnError: true, coerceTypes: true, schemas: [ diff --git a/backend/lib/express/cors.js b/backend/lib/express/cors.js index c9befeec8..6d5b8b5fb 100644 --- a/backend/lib/express/cors.js +++ b/backend/lib/express/cors.js @@ -1,40 +1,16 @@ -const validator = require('../validator'); - module.exports = function (req, res, next) { - if (req.headers.origin) { - - const originSchema = { - oneOf: [ - { - type: 'string', - pattern: '^[a-z\\-]+:\\/\\/(?:[\\w\\-\\.]+(:[0-9]+)?/?)?$' - }, - { - type: 'string', - pattern: '^[a-z\\-]+:\\/\\/(?:\\[([a-z0-9]{0,4}\\:?)+\\])?/?(:[0-9]+)?$' - } - ] - }; - - // very relaxed validation.... - validator(originSchema, req.headers.origin) - .then(function () { - res.set({ - 'Access-Control-Allow-Origin': req.headers.origin, - 'Access-Control-Allow-Credentials': true, - 'Access-Control-Allow-Methods': 'OPTIONS, GET, POST', - 'Access-Control-Allow-Headers': 'Content-Type, Cache-Control, Pragma, Expires, Authorization, X-Dataset-Total, X-Dataset-Offset, X-Dataset-Limit', - 'Access-Control-Max-Age': 5 * 60, - 'Access-Control-Expose-Headers': 'X-Dataset-Total, X-Dataset-Offset, X-Dataset-Limit' - }); - next(); - }) - .catch(next); - + res.set({ + 'Access-Control-Allow-Origin': req.headers.origin, + 'Access-Control-Allow-Credentials': true, + 'Access-Control-Allow-Methods': 'OPTIONS, GET, POST', + 'Access-Control-Allow-Headers': 'Content-Type, Cache-Control, Pragma, Expires, Authorization, X-Dataset-Total, X-Dataset-Offset, X-Dataset-Limit', + 'Access-Control-Max-Age': 5 * 60, + 'Access-Control-Expose-Headers': 'X-Dataset-Total, X-Dataset-Offset, X-Dataset-Limit' + }); + next(); } else { // No origin next(); } - }; From c39d5433bcd13993def222bbb2b6988bbb810a05 Mon Sep 17 00:00:00 2001 From: Jamie Curnow Date: Fri, 11 Oct 2024 11:21:22 +1000 Subject: [PATCH 031/175] Fix CVE-2024-46256 and CVE-2024-46257 - Schema validate against bad domain characters - Integration test for CVE POC examples - Cypress rewrite of plugins for file upload --- backend/schema/common.json | 2 +- backend/schema/components/error.json | 9 + .../schema/paths/nginx/certificates/post.json | 20 ++ .../nginx/certificates/validate/post.json | 39 ++++ .../nginx/dead-hosts/hostID/disable/post.json | 2 +- .../nginx/dead-hosts/hostID/enable/post.json | 2 +- .../proxy-hosts/hostID/disable/post.json | 2 +- .../nginx/proxy-hosts/hostID/enable/post.json | 2 +- .../hostID/disable/post.json | 2 +- .../redirection-hosts/hostID/enable/post.json | 2 +- .../nginx/streams/streamID/disable/post.json | 2 +- .../nginx/streams/streamID/enable/post.json | 2 +- test/cypress/e2e/api/Certificates.cy.js | 50 +++++ .../cypress/fixtures/test.example.com-key.pem | 28 +++ test/cypress/fixtures/test.example.com.pem | 26 +++ test/cypress/plugins/backendApi/client.js | 182 +++++++++--------- test/cypress/plugins/backendApi/task.js | 32 ++- test/package.json | 7 +- test/yarn.lock | 117 ++++++----- 19 files changed, 353 insertions(+), 175 deletions(-) create mode 100644 backend/schema/components/error.json create mode 100644 test/cypress/e2e/api/Certificates.cy.js create mode 100644 test/cypress/fixtures/test.example.com-key.pem create mode 100644 test/cypress/fixtures/test.example.com.pem diff --git a/backend/schema/common.json b/backend/schema/common.json index ebeb34416..83de0143c 100644 --- a/backend/schema/common.json +++ b/backend/schema/common.json @@ -76,7 +76,7 @@ "uniqueItems": true, "items": { "type": "string", - "pattern": "^(?:\\*\\.)?(?:[^.*]+\\.?)+[^.]$" + "pattern": "^[^&| @!#%^();:/\\\\}{=+?<>,~`'\"]+$" } }, "enabled": { diff --git a/backend/schema/components/error.json b/backend/schema/components/error.json new file mode 100644 index 000000000..ceb3e1492 --- /dev/null +++ b/backend/schema/components/error.json @@ -0,0 +1,9 @@ +{ + "type": "object", + "description": "Error", + "properties": { + "error": { + "$ref": "./error-object.json" + } + } +} diff --git a/backend/schema/paths/nginx/certificates/post.json b/backend/schema/paths/nginx/certificates/post.json index 1b2e04625..5a3306c22 100644 --- a/backend/schema/paths/nginx/certificates/post.json +++ b/backend/schema/paths/nginx/certificates/post.json @@ -72,6 +72,26 @@ } } } + }, + "400": { + "description": "400 response", + "content": { + "application/json": { + "examples": { + "default": { + "value": { + "error": { + "code": 400, + "message": "Domains are invalid" + } + } + } + }, + "schema": { + "$ref": "../../../components/error.json" + } + } + } } } } diff --git a/backend/schema/paths/nginx/certificates/validate/post.json b/backend/schema/paths/nginx/certificates/validate/post.json index 94f02f593..21eb325ef 100644 --- a/backend/schema/paths/nginx/certificates/validate/post.json +++ b/backend/schema/paths/nginx/certificates/validate/post.json @@ -50,6 +50,42 @@ "certificate_key": true } } + }, + "schema": { + "type": "object", + "additionalProperties": false, + "required": ["certificate", "certificate_key"], + "properties": { + "certificate": { + "type": "object", + "additionalProperties": false, + "required": ["cn", "issuer", "dates"], + "properties": { + "cn": { + "type": "string" + }, + "issuer": { + "type": "string" + }, + "dates": { + "type": "object", + "additionalProperties": false, + "required": ["from", "to"], + "properties": { + "from": { + "type": "integer" + }, + "to": { + "type": "integer" + } + } + } + } + }, + "certificate_key": { + "type": "boolean" + } + } } } } @@ -67,6 +103,9 @@ } } } + }, + "schema": { + "$ref": "../../../../components/error.json" } } } diff --git a/backend/schema/paths/nginx/dead-hosts/hostID/disable/post.json b/backend/schema/paths/nginx/dead-hosts/hostID/disable/post.json index 528d05d35..2cdcecf4b 100644 --- a/backend/schema/paths/nginx/dead-hosts/hostID/disable/post.json +++ b/backend/schema/paths/nginx/dead-hosts/hostID/disable/post.json @@ -50,7 +50,7 @@ } }, "schema": { - "$ref": "../../../../../components/error-object.json" + "$ref": "../../../../../components/error.json" } } } diff --git a/backend/schema/paths/nginx/dead-hosts/hostID/enable/post.json b/backend/schema/paths/nginx/dead-hosts/hostID/enable/post.json index dd95943a5..ca3ce9fae 100644 --- a/backend/schema/paths/nginx/dead-hosts/hostID/enable/post.json +++ b/backend/schema/paths/nginx/dead-hosts/hostID/enable/post.json @@ -50,7 +50,7 @@ } }, "schema": { - "$ref": "../../../../../components/error-object.json" + "$ref": "../../../../../components/error.json" } } } diff --git a/backend/schema/paths/nginx/proxy-hosts/hostID/disable/post.json b/backend/schema/paths/nginx/proxy-hosts/hostID/disable/post.json index 1ff95e8f9..54ff8a663 100644 --- a/backend/schema/paths/nginx/proxy-hosts/hostID/disable/post.json +++ b/backend/schema/paths/nginx/proxy-hosts/hostID/disable/post.json @@ -50,7 +50,7 @@ } }, "schema": { - "$ref": "../../../../../components/error-object.json" + "$ref": "../../../../../components/error.json" } } } diff --git a/backend/schema/paths/nginx/proxy-hosts/hostID/enable/post.json b/backend/schema/paths/nginx/proxy-hosts/hostID/enable/post.json index 3a5694b9c..9f052de05 100644 --- a/backend/schema/paths/nginx/proxy-hosts/hostID/enable/post.json +++ b/backend/schema/paths/nginx/proxy-hosts/hostID/enable/post.json @@ -50,7 +50,7 @@ } }, "schema": { - "$ref": "../../../../../components/error-object.json" + "$ref": "../../../../../components/error.json" } } } diff --git a/backend/schema/paths/nginx/redirection-hosts/hostID/disable/post.json b/backend/schema/paths/nginx/redirection-hosts/hostID/disable/post.json index 7531ac36b..8433220d5 100644 --- a/backend/schema/paths/nginx/redirection-hosts/hostID/disable/post.json +++ b/backend/schema/paths/nginx/redirection-hosts/hostID/disable/post.json @@ -50,7 +50,7 @@ } }, "schema": { - "$ref": "../../../../../components/error-object.json" + "$ref": "../../../../../components/error.json" } } } diff --git a/backend/schema/paths/nginx/redirection-hosts/hostID/enable/post.json b/backend/schema/paths/nginx/redirection-hosts/hostID/enable/post.json index 60f4fafd6..bef53436b 100644 --- a/backend/schema/paths/nginx/redirection-hosts/hostID/enable/post.json +++ b/backend/schema/paths/nginx/redirection-hosts/hostID/enable/post.json @@ -50,7 +50,7 @@ } }, "schema": { - "$ref": "../../../../../components/error-object.json" + "$ref": "../../../../../components/error.json" } } } diff --git a/backend/schema/paths/nginx/streams/streamID/disable/post.json b/backend/schema/paths/nginx/streams/streamID/disable/post.json index 91c58bb80..d1c1b1c84 100644 --- a/backend/schema/paths/nginx/streams/streamID/disable/post.json +++ b/backend/schema/paths/nginx/streams/streamID/disable/post.json @@ -50,7 +50,7 @@ } }, "schema": { - "$ref": "../../../../../components/error-object.json" + "$ref": "../../../../../components/error.json" } } } diff --git a/backend/schema/paths/nginx/streams/streamID/enable/post.json b/backend/schema/paths/nginx/streams/streamID/enable/post.json index b14a86f86..dc914f5f2 100644 --- a/backend/schema/paths/nginx/streams/streamID/enable/post.json +++ b/backend/schema/paths/nginx/streams/streamID/enable/post.json @@ -50,7 +50,7 @@ } }, "schema": { - "$ref": "../../../../../components/error-object.json" + "$ref": "../../../../../components/error.json" } } } diff --git a/test/cypress/e2e/api/Certificates.cy.js b/test/cypress/e2e/api/Certificates.cy.js new file mode 100644 index 000000000..043680f3e --- /dev/null +++ b/test/cypress/e2e/api/Certificates.cy.js @@ -0,0 +1,50 @@ +/// + +describe('Certificates endpoints', () => { + let token; + + before(() => { + cy.getToken().then((tok) => { + token = tok; + }); + }); + + it('Validate custom certificate', function() { + cy.task('backendApiPostFiles', { + token: token, + path: '/api/nginx/certificates/validate', + files: { + certificate: 'test.example.com.pem', + certificate_key: 'test.example.com-key.pem', + }, + }).then((data) => { + cy.validateSwaggerSchema('post', 200, '/nginx/certificates/validate', data); + expect(data).to.have.property('certificate'); + expect(data).to.have.property('certificate_key'); + }); + }); + + it('Request Certificate - CVE-2024-46256/CVE-2024-46257', function() { + cy.task('backendApiPost', { + token: token, + path: '/api/nginx/certificates', + data: { + domain_names: ['test.com"||echo hello-world||\\\\n test.com"'], + meta: { + dns_challenge: false, + letsencrypt_agree: true, + letsencrypt_email: 'admin@example.com', + }, + provider: 'letsencrypt', + }, + returnOnError: true, + }).then((data) => { + cy.validateSwaggerSchema('post', 400, '/nginx/certificates', data); + expect(data).to.have.property('error'); + expect(data.error).to.have.property('message'); + expect(data.error).to.have.property('code'); + expect(data.error.code).to.equal(400); + expect(data.error.message).to.contain('data/domain_names/0 must match pattern'); + }); + }); +}); diff --git a/test/cypress/fixtures/test.example.com-key.pem b/test/cypress/fixtures/test.example.com-key.pem new file mode 100644 index 000000000..307cdc307 --- /dev/null +++ b/test/cypress/fixtures/test.example.com-key.pem @@ -0,0 +1,28 @@ +-----BEGIN PRIVATE KEY----- +MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQC1n9j9C5Bes1nd +qACDckERauxXVNKCnUlUM1buGBx1xc+j2e2Ar23wUJJuWBY18VfT8yqfqVDktO2w +rbmvZvLuPmXePOKbIKS+XXh+2NG9L5bDG9rwGFCRXnbQj+GWCdMfzx14+CR1IHge +Yz6Cv/Si2/LJPCh/CoBfM4hUQJON3lxAWrWBpdbZnKYMrxuPBRfW9OuzTbCVXToQ +oxRAHiOR9081Xn1WeoKr7kVBIa5UphlvWXa12w1YmUwJu7YndnJGIavLWeNCVc7Z +Eo+nS8Wr/4QWicatIWZXpVaEOPhRoeplQDxNWg5b/Q26rYoVd7PrCmRs7sVcH79X +zGONeH1PAgMBAAECggEAANb3Wtwl07pCjRrMvc7WbC0xYIn82yu8/g2qtjkYUJcU +ia5lQbYN7RGCS85Oc/tkq48xQEG5JQWNH8b918jDEMTrFab0aUEyYcru1q9L8PL6 +YHaNgZSrMrDcHcS8h0QOXNRJT5jeGkiHJaTR0irvB526tqF3knbK9yW22KTfycUe +a0Z9voKn5xRk1DCbHi/nk2EpT7xnjeQeLFaTIRXbS68omkr4YGhwWm5OizoyEGZu +W0Zum5BkQyMr6kor3wdxOTG97ske2rcyvvHi+ErnwL0xBv0qY0Dhe8DpuXpDezqw +o72yY8h31Fu84i7sAj24YuE5Df8DozItFXQpkgbQ6QKBgQDPrufhvIFm2S/MzBdW +H8JxY7CJlJPyxOvc1NIl9RczQGAQR90kx52cgIcuIGEG6/wJ/xnGfMmW40F0DnQ+ +N+oLgB9SFxeLkRb7s9Z/8N3uIN8JJFYcerEOiRQeN2BXEEWJ7bUThNtsVrAcKoUh +ELsDmnHW/3V+GKwhd0vpk842+wKBgQDf4PGLG9PTE5tlAoyHFodJRd2RhTJQkwsU +MDNjLJ+KecLv+Nl+QiJhoflG1ccqtSFlBSCG067CDQ5LV0xm3mLJ7pfJoMgjcq31 +qjEmX4Ls91GuVOPtbwst3yFKjsHaSoKB5fBvWRcKFpBUezM7Qcw2JP3+dQT+bQIq +cMTkRWDSvQKBgQDOdCQFDjxg/lR7NQOZ1PaZe61aBz5P3pxNqa7ClvMaOsuEQ7w9 +vMYcdtRq8TsjA2JImbSI0TIg8gb2FQxPcYwTJKl+FICOeIwtaSg5hTtJZpnxX5LO +utTaC0DZjNkTk5RdOdWA8tihyUdGqKoxJY2TVmwGe2rUEDjFB++J4inkEwKBgB6V +g0nmtkxanFrzOzFlMXwgEEHF+Xaqb9QFNa/xs6XeNnREAapO7JV75Cr6H2hFMFe1 +mJjyqCgYUoCWX3iaHtLJRnEkBtNY4kzyQB6m46LtsnnnXO/dwKA2oDyoPfFNRoDq +YatEd3JIXNU9s2T/+x7WdOBjKhh72dTkbPFmTPDdAoGAU6rlPBevqOFdObYxdPq8 +EQWu44xqky3Mf5sBpOwtu6rqCYuziLiN7K4sjN5GD5mb1cEU+oS92ZiNcUQ7MFXk +8yTYZ7U0VcXyAcpYreWwE8thmb0BohJBr+Mp3wLTx32x0HKdO6vpUa0d35LUTUmM +RrKmPK/msHKK/sVHiL+NFqo= +-----END PRIVATE KEY----- diff --git a/test/cypress/fixtures/test.example.com.pem b/test/cypress/fixtures/test.example.com.pem new file mode 100644 index 000000000..16340cdfd --- /dev/null +++ b/test/cypress/fixtures/test.example.com.pem @@ -0,0 +1,26 @@ +-----BEGIN CERTIFICATE----- +MIIEYDCCAsigAwIBAgIRAPoSC0hvitb26ODMlsH6YbowDQYJKoZIhvcNAQELBQAw +gZExHjAcBgNVBAoTFW1rY2VydCBkZXZlbG9wbWVudCBDQTEzMDEGA1UECwwqamN1 +cm5vd0BKYW1pZXMtTGFwdG9wLmxvY2FsIChKYW1pZSBDdXJub3cpMTowOAYDVQQD +DDFta2NlcnQgamN1cm5vd0BKYW1pZXMtTGFwdG9wLmxvY2FsIChKYW1pZSBDdXJu +b3cpMB4XDTI0MTAwOTA3MjIxN1oXDTI3MDEwOTA3MjIxN1owXjEnMCUGA1UEChMe +bWtjZXJ0IGRldmVsb3BtZW50IGNlcnRpZmljYXRlMTMwMQYDVQQLDCpqY3Vybm93 +QEphbWllcy1MYXB0b3AubG9jYWwgKEphbWllIEN1cm5vdykwggEiMA0GCSqGSIb3 +DQEBAQUAA4IBDwAwggEKAoIBAQC1n9j9C5Bes1ndqACDckERauxXVNKCnUlUM1bu +GBx1xc+j2e2Ar23wUJJuWBY18VfT8yqfqVDktO2wrbmvZvLuPmXePOKbIKS+XXh+ +2NG9L5bDG9rwGFCRXnbQj+GWCdMfzx14+CR1IHgeYz6Cv/Si2/LJPCh/CoBfM4hU +QJON3lxAWrWBpdbZnKYMrxuPBRfW9OuzTbCVXToQoxRAHiOR9081Xn1WeoKr7kVB +Ia5UphlvWXa12w1YmUwJu7YndnJGIavLWeNCVc7ZEo+nS8Wr/4QWicatIWZXpVaE +OPhRoeplQDxNWg5b/Q26rYoVd7PrCmRs7sVcH79XzGONeH1PAgMBAAGjZTBjMA4G +A1UdDwEB/wQEAwIFoDATBgNVHSUEDDAKBggrBgEFBQcDATAfBgNVHSMEGDAWgBSB +/vfmBUd4W7CvyEMl7YpMVQs8vTAbBgNVHREEFDASghB0ZXN0LmV4YW1wbGUuY29t +MA0GCSqGSIb3DQEBCwUAA4IBgQASwON/jPAHzcARSenY0ZGY1m5OVTYoQ/JWH0oy +l8SyFCQFEXt7UHDD/eTtLT0vMyc190nP57P8lTnZGf7hSinZz1B1d6V4cmzxpk0s +VXZT+irL6bJVJoMBHRpllKAhGULIo33baTrWFKA0oBuWx4AevSWKcLW5j87kEawn +ATCuMQ1I3ifR1mSlB7X8fb+vF+571q0NGuB3a42j6rdtXJ6SmH4+9B4qO0sfHDNt +IImpLCH/tycDpcYrGSCn1QrekFG1bSEh+Bb9i8rqMDSDsYrTFPZTuOQ3EtjGni9u +m+rEP3OyJg+md8c+0LVP7/UU4QWWnw3/Wolo5kSCxE8vNTFqi4GhVbdLnUtcIdTV +XxuR6cKyW87Snj1a0nG76ZLclt/akxDhtzqeV60BO0p8pmiev8frp+E94wFNYCmp +1cr3CnMEGRaficLSDFC6EBENzlZW2BQT6OMIV+g0NBgSyQe39s2zcdEl5+SzDVuw +hp8bJUp/QN7pnOVCDbjTQ+HVMXw= +-----END CERTIFICATE----- diff --git a/test/cypress/plugins/backendApi/client.js b/test/cypress/plugins/backendApi/client.js index 29684cfdc..e7c0c439d 100644 --- a/test/cypress/plugins/backendApi/client.js +++ b/test/cypress/plugins/backendApi/client.js @@ -1,9 +1,14 @@ const logger = require('./logger'); -const restler = require('@jc21/restler'); +const axios = require('axios').default; const BackendApi = function(config, token) { this.config = config; this.token = token; + + this.axios = axios.create({ + baseURL: config.baseUrl, + timeout: 5000, + }); }; /** @@ -14,128 +19,113 @@ BackendApi.prototype.setToken = function(token) { }; /** - * @param {string} path - * @param {bool} [returnOnError] - * @returns {Promise} + * @param {bool} returnOnError */ -BackendApi.prototype.get = function(path, returnOnError) { - return new Promise((resolve, reject) => { - let headers = { +BackendApi.prototype._prepareOptions = function(returnOnError) { + let options = { + headers: { Accept: 'application/json' - }; - if (this.token) { - headers.Authorization = 'Bearer ' + this.token; } - - logger('GET ', this.config.baseUrl + path); - - restler - .get(this.config.baseUrl + path, { - headers: headers, - }) - .on('complete', function(data, response) { - logger('Response data:', data); - if (!returnOnError && data instanceof Error) { - reject(data); - } else if (!returnOnError && response.statusCode != 200) { - if (typeof data === 'object' && typeof data.error === 'object' && typeof data.error.message !== 'undefined') { - reject(new Error(data.error.code + ': ' + data.error.message)); - } else { - reject(new Error('Error ' + response.statusCode)); - } - } else { - resolve(data); - } - }); - }); + } + if (this.token) { + options.headers.Authorization = 'Bearer ' + this.token; + } + if (returnOnError) { + options.validateStatus = function () { + return true; + } + } + return options; }; /** - * @param {string} path - * @param {bool} [returnOnError] - * @returns {Promise} + * @param {*} response + * @param {function} resolve + * @param {function} reject + * @param {bool} returnOnError */ -BackendApi.prototype.delete = function(path, returnOnError) { - return new Promise((resolve, reject) => { - let headers = { - Accept: 'application/json' - }; - if (this.token) { - headers.Authorization = 'Bearer ' + this.token; +BackendApi.prototype._handleResponse = function(response, resolve, reject, returnOnError) { + logger('Response data:', response.data); + if (!returnOnError && typeof response.data === 'object' && typeof response.data.error === 'object') { + if (typeof response.data === 'object' && typeof response.data.error === 'object' && typeof response.data.error.message !== 'undefined') { + reject(new Error(response.data.error.code + ': ' + response.data.error.message)); + } else { + reject(new Error('Error ' + response.status)); } - - logger('DELETE ', this.config.baseUrl + path); - - restler - .del(this.config.baseUrl + path, { - headers: headers, - }) - .on('complete', function(data, response) { - logger('Response data:', data); - if (!returnOnError && data instanceof Error) { - reject(data); - } else if (!returnOnError && response.statusCode != 200) { - if (typeof data === 'object' && typeof data.error === 'object' && typeof data.error.message !== 'undefined') { - reject(new Error(data.error.code + ': ' + data.error.message)); - } else { - reject(new Error('Error ' + response.statusCode)); - } - } else { - resolve(data); - } - }); - }); + } else { + resolve(response.data); + } }; /** - * @param {string} path - * @param {object} data - * @param {bool} [returnOnError] - * @returns {Promise} + * @param {*} err + * @param {function} resolve + * @param {function} reject + * @param {bool} returnOnError */ -BackendApi.prototype.postJson = function(path, data, returnOnError) { - logger('POST ', this.config.baseUrl + path); - return this._putPostJson('postJson', path, data, returnOnError); +BackendApi.prototype._handleError = function(err, resolve, reject, returnOnError) { + logger('Axios Error:', err); + if (returnOnError) { + resolve(typeof err.response.data !== 'undefined' ? err.response.data : err); + } else { + reject(err); + } }; /** + * @param {string} method * @param {string} path - * @param {object} data * @param {bool} [returnOnError] + * @param {*} [data] * @returns {Promise} */ -BackendApi.prototype.putJson = function(path, data, returnOnError) { - logger('PUT ', this.config.baseUrl + path); - return this._putPostJson('putJson', path, data, returnOnError); +BackendApi.prototype.request = function (method, path, returnOnError, data) { + logger(method.toUpperCase(), this.config.baseUrl + path); + const options = this._prepareOptions(returnOnError); + + return new Promise((resolve, reject) => { + let opts = { + method: method, + url: path, + ...options + } + if (data !== undefined && data !== null) { + opts.data = data; + } + + this.axios(opts) + .then((response) => { + this._handleResponse(response, resolve, reject, returnOnError); + }) + .catch((err) => { + this._handleError(err, resolve, reject, returnOnError); + }); + }); }; /** * @param {string} path - * @param {object} data + * @param {form} form * @param {bool} [returnOnError] * @returns {Promise} */ -BackendApi.prototype._putPostJson = function(fn, path, data, returnOnError) { +BackendApi.prototype.postForm = function (path, form, returnOnError) { + logger('POST', this.config.baseUrl + path); + const options = this._prepareOptions(returnOnError); + return new Promise((resolve, reject) => { - restler[fn](this.config.baseUrl + path, data, { - headers: { - Accept: 'application/json', - Authorization: 'Bearer ' + this.token, - }, - }).on('complete', function(data, response) { - logger('Response data:', data); - if (!returnOnError && data instanceof Error) { - reject(data); - } else if (!returnOnError && (response.statusCode < 200 || response.statusCode >= 300)) { - if (typeof data === 'object' && typeof data.error === 'object' && typeof data.error.message !== 'undefined') { - reject(new Error(data.error.code + ': ' + data.error.message)); - } else { - reject(new Error('Error ' + response.statusCode)); - } - } else { - resolve(data); - } - }); + const opts = { + ...options, + ...form.getHeaders(), + } + + this.axios.post(path, form, opts) + .then((response) => { + this._handleResponse(response, resolve, reject, returnOnError); + }) + .catch((err) => { + this._handleError(err, resolve, reject, returnOnError); + }); }); }; diff --git a/test/cypress/plugins/backendApi/task.js b/test/cypress/plugins/backendApi/task.js index 2f67902d5..ab9704f4a 100644 --- a/test/cypress/plugins/backendApi/task.js +++ b/test/cypress/plugins/backendApi/task.js @@ -1,8 +1,9 @@ +const fs = require('fs'); +const FormData = require('form-data'); const logger = require('./logger'); const Client = require('./client'); module.exports = function (config) { - logger('Client Ready using', config.baseUrl); return { @@ -17,7 +18,7 @@ module.exports = function (config) { backendApiGet: (options) => { const api = new Client(config); api.setToken(options.token); - return api.get(options.path, options.returnOnError || false); + return api.request('get', options.path, options.returnOnError || false); }, /** @@ -31,7 +32,26 @@ module.exports = function (config) { backendApiPost: (options) => { const api = new Client(config); api.setToken(options.token); - return api.postJson(options.path, options.data, options.returnOnError || false); + return api.request('post', options.path, options.returnOnError || false, options.data); + }, + + /** + * @param {object} options + * @param {string} options.token JWT + * @param {string} options.path API path + * @param {object} options.files + * @param {bool} [options.returnOnError] If true, will return instead of throwing errors + * @returns {string} + */ + backendApiPostFiles: (options) => { + const api = new Client(config); + api.setToken(options.token); + + const form = new FormData(); + for (let [key, value] of Object.entries(options.files)) { + form.append(key, fs.createReadStream(config.fixturesFolder + '/' + value)); + } + return api.postForm(options.path, form, options.returnOnError || false); }, /** @@ -45,7 +65,7 @@ module.exports = function (config) { backendApiPut: (options) => { const api = new Client(config); api.setToken(options.token); - return api.putJson(options.path, options.data, options.returnOnError || false); + return api.request('put', options.path, options.returnOnError || false, options.data); }, /** @@ -58,7 +78,7 @@ module.exports = function (config) { backendApiDelete: (options) => { const api = new Client(config); api.setToken(options.token); - return api.delete(options.path, options.returnOnError || false); + return api.request('delete', options.path, options.returnOnError || false); } }; -}; \ No newline at end of file +}; diff --git a/test/package.json b/test/package.json index 69b2b8613..7032efe68 100644 --- a/test/package.json +++ b/test/package.json @@ -1,11 +1,11 @@ { - "name": "test", + "name": "npm-test", "version": "1.0.0", "description": "", "main": "index.js", "dependencies": { - "@jc21/cypress-swagger-validation": "^0.2.6", - "@jc21/restler": "^3.4.0", + "@jc21/cypress-swagger-validation": "^0.2.7", + "axios": "^1.7.7", "cypress": "^13.15.0", "cypress-multi-reporters": "^1.6.4", "cypress-wait-until": "^3.0.2", @@ -13,6 +13,7 @@ "eslint-plugin-align-assignments": "^1.1.2", "eslint-plugin-chai-friendly": "^1.0.1", "eslint-plugin-cypress": "^3.5.0", + "form-data": "^4.0.1", "lodash": "^4.17.21", "mocha": "^10.7.3", "mocha-junit-reporter": "^2.2.1" diff --git a/test/yarn.lock b/test/yarn.lock index b34385bd2..e831b1054 100644 --- a/test/yarn.lock +++ b/test/yarn.lock @@ -167,29 +167,19 @@ resolved "https://registry.yarnpkg.com/@humanwhocodes/retry/-/retry-0.3.1.tgz#c72a5c76a9fbaf3488e231b13dc52c0da7bab42a" integrity sha512-JBxkERygn7Bv/GbN5Rv8Ul6LVknS+5Bp6RgDC/O8gEBU/yeH5Ui5C/OlWrTb6qct7LjjfT6Re2NxB0ln0yYybA== -"@jc21/cypress-swagger-validation@^0.2.6": - version "0.2.6" - resolved "https://registry.yarnpkg.com/@jc21/cypress-swagger-validation/-/cypress-swagger-validation-0.2.6.tgz#8b61f2413fa81cae6f8c2f33ecce5a6ded897030" - integrity sha512-8i8poTwi13e4BRKWpvmXFmqvEfQq3Kn9tunWhNYT7IQwiMeUVou+g1yh99QzuI501DBPtL2XEwjNukxTf5GiyQ== +"@jc21/cypress-swagger-validation@^0.2.7": + version "0.2.7" + resolved "https://registry.yarnpkg.com/@jc21/cypress-swagger-validation/-/cypress-swagger-validation-0.2.7.tgz#64642b12d98b884df8c30b72852162941285d2af" + integrity sha512-4EQ0gfigRwVVl3DnVYbR48/EKGnn7oH5YYdMzf6zqypO+bqYvDHu9kgk/WqkGlT/aauGQ7e0YGMo8ZvR7mL0Ng== dependencies: "@apidevtools/swagger-parser" "^10.1.0" - ajv "^8.12.0" + ajv "^8.17.1" json-schema "^0.4.0" - json-schema-ref-parser "^9.0.6" + json-schema-ref-parser "^9.0.9" jsonpath "^1.1.1" lodash "^4.17.21" openapi-types "^12.1.3" - picocolors "^1.0.0" - -"@jc21/restler@^3.4.0": - version "3.4.0" - resolved "https://registry.yarnpkg.com/@jc21/restler/-/restler-3.4.0.tgz#cfa214ddb9946a800c6fe472529f72b01e93c763" - integrity sha512-P1Nl2ifoQwqtxcqJKYHvxgPfckeIZWbVSYMlNAP+cL2KNk3U5eErPKt4xr5YLIQ+NarFsHMGH8+CBa00FKAGrw== - dependencies: - iconv-lite "0.2.11" - qs "1.2.0" - xml2js "0.4.0" - yaml "0.2.3" + picocolors "^1.1.0" "@jsdevtools/ono@^7.1.3": version "7.1.3" @@ -271,7 +261,17 @@ ajv@^6.12.4: json-schema-traverse "^0.4.1" uri-js "^4.2.2" -ajv@^8.12.0, ajv@^8.6.3: +ajv@^8.17.1: + version "8.17.1" + resolved "https://registry.yarnpkg.com/ajv/-/ajv-8.17.1.tgz#37d9a5c776af6bc92d7f4f9510eba4c0a60d11a6" + integrity sha512-B/gBuNg5SiMTrPkC+A2+cW0RszwxYmn6VYxB/inlBStS5nx6xHIt/ehKRhIMhqusl7a8LjQoZnjCs5vhwxOQ1g== + dependencies: + fast-deep-equal "^3.1.3" + fast-uri "^3.0.1" + json-schema-traverse "^1.0.0" + require-from-string "^2.0.2" + +ajv@^8.6.3: version "8.13.0" resolved "https://registry.yarnpkg.com/ajv/-/ajv-8.13.0.tgz#a3939eaec9fb80d217ddf0c3376948c023f28c91" integrity sha512-PRA911Blj99jR5RMeTunVbNXMF6Lp4vZXnk5GQjcnUWUTsrXtekg/pnmFFI2u/I36Y/2bITGS30GZCXei6uNkA== @@ -390,6 +390,15 @@ aws4@^1.8.0: resolved "https://registry.yarnpkg.com/aws4/-/aws4-1.9.0.tgz#24390e6ad61386b0a747265754d2a17219de862c" integrity sha512-Uvq6hVe90D0B2WEnUqtdgY1bATGz3mw33nH9Y+dmA+w5DHvUmBgkr5rM/KCHpCsiFNRUfokW/szpPPgMK2hm4A== +axios@^1.7.7: + version "1.7.7" + resolved "https://registry.yarnpkg.com/axios/-/axios-1.7.7.tgz#2f554296f9892a72ac8d8e4c5b79c14a91d0a47f" + integrity sha512-S4kL7XrjgBmvdGut0sN3yJxqYzrDOnivkBiN0OFs6hLiUam3UPvswUo0kqGyhqUZGEOytHyumEdXsAkgCOUf3Q== + dependencies: + follow-redirects "^1.15.6" + form-data "^4.0.0" + proxy-from-env "^1.1.0" + balanced-match@^1.0.0: version "1.0.0" resolved "https://registry.yarnpkg.com/balanced-match/-/balanced-match-1.0.0.tgz#89b4d199ab2bee49de164ea02b89ce462d71b767" @@ -506,11 +515,6 @@ chalk@^4.0.0, chalk@^4.1.0: ansi-styles "^4.1.0" supports-color "^7.1.0" -chalk@^5.3.0: - version "5.3.0" - resolved "https://registry.yarnpkg.com/chalk/-/chalk-5.3.0.tgz#67c20a7ebef70e7f3970a01f90fa210cb6860385" - integrity sha512-dLitG79d+GV1Nb/VYcCDFivJeK1hiukt9QjRNVOsUtTy1rR1YJsmpGGTZ3qJos+uw7WmWF4wUwBd9jxjocFC2w== - charenc@0.0.2: version "0.0.2" resolved "https://registry.yarnpkg.com/charenc/-/charenc-0.0.2.tgz#c0a1d2f3a7092e03774bfa83f14c0fc5790a8667" @@ -1049,6 +1053,11 @@ fast-levenshtein@^2.0.6, fast-levenshtein@~2.0.6: resolved "https://registry.yarnpkg.com/fast-levenshtein/-/fast-levenshtein-2.0.6.tgz#3d8a5c66883a16a30ca8643e851f19baa7797917" integrity sha1-PYpcZog6FqMMqGQ+hR8Zuqd5eRc= +fast-uri@^3.0.1: + version "3.0.2" + resolved "https://registry.yarnpkg.com/fast-uri/-/fast-uri-3.0.2.tgz#d78b298cf70fd3b752fd951175a3da6a7b48f024" + integrity sha512-GR6f0hD7XXyNJa25Tb9BuIdN0tdr+0BMi6/CJPH3wJO1JjNG3n/VsSw38AwRdKZABm8lGbPfakLRkYzx2V9row== + fd-slicer@~1.1.0: version "1.1.0" resolved "https://registry.yarnpkg.com/fd-slicer/-/fd-slicer-1.1.0.tgz#25c7c89cb1f9077f8891bbe61d8f390eae256f1e" @@ -1103,11 +1112,25 @@ flatted@^3.2.9: resolved "https://registry.yarnpkg.com/flatted/-/flatted-3.3.1.tgz#21db470729a6734d4997002f439cb308987f567a" integrity sha512-X8cqMLLie7KsNUDSdzeN8FYK9rEt4Dt67OsG/DNGnYTSDBG4uFAJFBnUeiV+zCVAvwFy56IjM9sH51jVaEhNxw== +follow-redirects@^1.15.6: + version "1.15.9" + resolved "https://registry.yarnpkg.com/follow-redirects/-/follow-redirects-1.15.9.tgz#a604fa10e443bf98ca94228d9eebcc2e8a2c8ee1" + integrity sha512-gew4GsXizNgdoRyqmyfMHyAmXsZDk6mHkSxZFCzW9gwlbtOW44CDtYavM+y+72qD/Vq2l550kMF52DT8fOLJqQ== + forever-agent@~0.6.1: version "0.6.1" resolved "https://registry.yarnpkg.com/forever-agent/-/forever-agent-0.6.1.tgz#fbc71f0c41adeb37f96c577ad1ed42d8fdacca91" integrity sha1-+8cfDEGt6zf5bFd60e1C2P2sypE= +form-data@^4.0.0, form-data@^4.0.1: + version "4.0.1" + resolved "https://registry.yarnpkg.com/form-data/-/form-data-4.0.1.tgz#ba1076daaaa5bfd7e99c1a6cb02aa0a5cff90d48" + integrity sha512-tzN8e4TX8+kkxGPK8D5u0FNmjPUjw3lwC9lSLxxoB/+GtsJG91CO8bSWy73APlgAZzZbXEYZJuxjkHH2w+Ezhw== + dependencies: + asynckit "^0.4.0" + combined-stream "^1.0.8" + mime-types "^2.1.12" + form-data@~4.0.0: version "4.0.0" resolved "https://registry.yarnpkg.com/form-data/-/form-data-4.0.0.tgz#93919daeaf361ee529584b9b31664dc12c9fa452" @@ -1283,11 +1306,6 @@ human-signals@^1.1.1: resolved "https://registry.yarnpkg.com/human-signals/-/human-signals-1.1.1.tgz#c5b1cd14f50aeae09ab6c59fe63ba3395fe4dfa3" integrity sha512-SEQu7vl8KjNL2eoGBLF3+wAjpsNfA9XMlXAYj/3EdaNfAlxKthD1xjEQfGOUhllCGGJVNY34bRr6lPINhNjyZw== -iconv-lite@0.2.11: - version "0.2.11" - resolved "https://registry.yarnpkg.com/iconv-lite/-/iconv-lite-0.2.11.tgz#1ce60a3a57864a292d1321ff4609ca4bb965adc8" - integrity sha1-HOYKOleGSiktEyH/RgnKS7llrcg= - ieee754@^1.1.13: version "1.2.1" resolved "https://registry.yarnpkg.com/ieee754/-/ieee754-1.2.1.tgz#8eb7a10a63fff25d15a57b001586d177d1b0d352" @@ -1450,7 +1468,7 @@ json-buffer@3.0.1: resolved "https://registry.yarnpkg.com/json-buffer/-/json-buffer-3.0.1.tgz#9338802a30d3b6605fbe0613e094008ca8c05a13" integrity sha512-4bV5BfR2mqfQTJm+V5tPPdf+ZpuhiIvTuAB5g8kcrXOZpTT/QwwVRWBywX1ozr6lEuPdbHxwaJlm9G6mI2sfSQ== -json-schema-ref-parser@^9.0.6: +json-schema-ref-parser@^9.0.9: version "9.0.9" resolved "https://registry.yarnpkg.com/json-schema-ref-parser/-/json-schema-ref-parser-9.0.9.tgz#66ea538e7450b12af342fa3d5b8458bc1e1e013f" integrity sha512-qcP2lmGy+JUoQJ4DOQeLaZDqH9qSkeGCK3suKWxJXS82dg728Mn3j97azDMaOUmJAN4uCq91LdPx4K7E8F1a7Q== @@ -1812,10 +1830,10 @@ performance-now@^2.1.0: resolved "https://registry.yarnpkg.com/performance-now/-/performance-now-2.1.0.tgz#6309f4e0e5fa913ec1c69307ae364b4b377c9e7b" integrity sha1-Ywn04OX6kT7BxpMHrjZLSzd8nns= -picocolors@^1.0.0: - version "1.0.1" - resolved "https://registry.yarnpkg.com/picocolors/-/picocolors-1.0.1.tgz#a8ad579b571952f0e5d25892de5445bcfe25aaa1" - integrity sha512-anP1Z8qwhkbmu7MFP5iTt+wQKXgwzf7zTyGlcdzabySa9vd0Xt392U0rVmz9poOaBj0uHJKyyo9/upk0HrEQew== +picocolors@^1.1.0: + version "1.1.0" + resolved "https://registry.yarnpkg.com/picocolors/-/picocolors-1.1.0.tgz#5358b76a78cde483ba5cef6a9dc9671440b27d59" + integrity sha512-TQ92mBOW0l3LeMeyLV6mzy/kWr8lkd/hp3mTg7wYK7zJhuBStmGMBG0BdeDZS/dZx1IukaX6Bk11zcln25o1Aw== picomatch@^2.0.4: version "2.2.2" @@ -1857,6 +1875,11 @@ proxy-from-env@1.0.0: resolved "https://registry.yarnpkg.com/proxy-from-env/-/proxy-from-env-1.0.0.tgz#33c50398f70ea7eb96d21f7b817630a55791c7ee" integrity sha512-F2JHgJQ1iqwnHDcQjVBsq3n/uoaFL+iPW/eAeL7kVxy/2RrWaN4WroKjjvbsoRtv0ftelNyC01bjRhn/bhcf4A== +proxy-from-env@^1.1.0: + version "1.1.0" + resolved "https://registry.yarnpkg.com/proxy-from-env/-/proxy-from-env-1.1.0.tgz#e102f16ca355424865755d2c9e8ea4f24d58c3e2" + integrity sha512-D+zkORCbA9f1tdWRK0RaCR3GPv50cMxcrz4X8k5LTSUD1Dkw47mKJEZQNunItRTkWwgtaUSo1RVFRIG9ZXiFYg== + psl@^1.1.33: version "1.9.0" resolved "https://registry.yarnpkg.com/psl/-/psl-1.9.0.tgz#d0df2a137f00794565fcaf3b2c00cd09f8d5a5a7" @@ -1875,11 +1898,6 @@ punycode@^2.1.0, punycode@^2.1.1: resolved "https://registry.yarnpkg.com/punycode/-/punycode-2.1.1.tgz#b58b010ac40c22c5657616c8d2c2c02c7bf479ec" integrity sha512-XRsRjdf+j5ml+y/6GKHPZbrF/8p2Yga0JPtdqTIY2Xe5ohJPD9saDJJLPvp9+NSBprVvevdXZybnj2cv8OEd0A== -qs@1.2.0: - version "1.2.0" - resolved "https://registry.yarnpkg.com/qs/-/qs-1.2.0.tgz#ed079be28682147e6fd9a34cc2b0c1e0ec6453ee" - integrity sha1-7Qeb4oaCFH5v2aNMwrDB4OxkU+4= - qs@6.13.0: version "6.13.0" resolved "https://registry.yarnpkg.com/qs/-/qs-6.13.0.tgz#6ca3bd58439f7e245655798997787b0d88a51906" @@ -1968,11 +1986,6 @@ safer-buffer@^2.0.2, safer-buffer@^2.1.0, safer-buffer@~2.1.0: resolved "https://registry.yarnpkg.com/safer-buffer/-/safer-buffer-2.1.2.tgz#44fa161b0187b9549dd84bb91802f9bd8385cd6a" integrity sha512-YZo3K82SD7Riyi0E1EQPojLz7kpepnSQI9IyPbHHg1XXXevb5dJI7tpyN2ADxGcQbHG7vcyRHk0cbwqcQriUtg== -sax@0.5.x: - version "0.5.8" - resolved "https://registry.yarnpkg.com/sax/-/sax-0.5.8.tgz#d472db228eb331c2506b0e8c15524adb939d12c1" - integrity sha1-1HLbIo6zMcJQaw6MFVJK25OdEsE= - semver@^7.5.3: version "7.6.2" resolved "https://registry.yarnpkg.com/semver/-/semver-7.6.2.tgz#1e3b34759f896e8f14d6134732ce798aeb0c6e13" @@ -2309,34 +2322,16 @@ wrappy@1: resolved "https://registry.yarnpkg.com/wrappy/-/wrappy-1.0.2.tgz#b5243d8f3ec1aa35f1364605bc0d1036e30ab69f" integrity sha1-tSQ9jz7BqjXxNkYFvA0QNuMKtp8= -xml2js@0.4.0: - version "0.4.0" - resolved "https://registry.yarnpkg.com/xml2js/-/xml2js-0.4.0.tgz#124fc4114b4129c810800ecb2ac86cf25462cb9a" - integrity sha1-Ek/EEUtBKcgQgA7LKshs8lRiy5o= - dependencies: - sax "0.5.x" - xmlbuilder ">=0.4.2" - xml@^1.0.1: version "1.0.1" resolved "https://registry.yarnpkg.com/xml/-/xml-1.0.1.tgz#78ba72020029c5bc87b8a81a3cfcd74b4a2fc1e5" integrity sha512-huCv9IH9Tcf95zuYCsQraZtWnJvBtLVE0QHMOs8bWyZAFZNDcYjsPq1nEx8jKA9y+Beo9v+7OBPRisQTjinQMw== -xmlbuilder@>=0.4.2: - version "13.0.2" - resolved "https://registry.yarnpkg.com/xmlbuilder/-/xmlbuilder-13.0.2.tgz#02ae33614b6a047d1c32b5389c1fdacb2bce47a7" - integrity sha512-Eux0i2QdDYKbdbA6AM6xE4m6ZTZr4G4xF9kahI2ukSEMCzwce2eX9WlTI5J3s+NU7hpasFsr8hWIONae7LluAQ== - y18n@^5.0.5: version "5.0.8" resolved "https://registry.yarnpkg.com/y18n/-/y18n-5.0.8.tgz#7f4934d0f7ca8c56f95314939ddcd2dd91ce1d55" integrity sha512-0pfFzegeDWJHJIAmTLRP2DwHjdF5s7jo9tuztdQxAhINCdvS+3nGINqPd00AphqJR/0LhANUS6/+7SCb98YOfA== -yaml@0.2.3: - version "0.2.3" - resolved "https://registry.yarnpkg.com/yaml/-/yaml-0.2.3.tgz#b5450e92e76ef36b5dd24e3660091ebaeef3e5c7" - integrity sha1-tUUOkudu82td0k42YAkeuu7z5cc= - yargs-parser@^20.2.2, yargs-parser@^20.2.9: version "20.2.9" resolved "https://registry.yarnpkg.com/yargs-parser/-/yargs-parser-20.2.9.tgz#2eb7dc3b0289718fc295f362753845c41a0c94ee" From d21403ca1e08af90069222f7513b490719295190 Mon Sep 17 00:00:00 2001 From: Jamie Curnow Date: Fri, 11 Oct 2024 12:56:29 +1000 Subject: [PATCH 032/175] Move docker login in pipeline --- Jenkinsfile | 12 ++++++++---- 1 file changed, 8 insertions(+), 4 deletions(-) diff --git a/Jenkinsfile b/Jenkinsfile index 1d8680a6b..ae631f935 100644 --- a/Jenkinsfile +++ b/Jenkinsfile @@ -56,6 +56,13 @@ pipeline { sh 'sed -i -E "s/(version-)[0-9]+\\.[0-9]+\\.[0-9]+(-green)/\\1${BUILD_VERSION}\\2/" README.md' } } + stage('Docker Login') { + steps { + withCredentials([usernamePassword(credentialsId: 'jc21-dockerhub', passwordVariable: 'dpass', usernameVariable: 'duser')]) { + sh 'docker login -u "${duser}" -p "${dpass}"' + } + } + } } } stage('Builds') { @@ -157,10 +164,7 @@ pipeline { } } steps { - withCredentials([usernamePassword(credentialsId: 'jc21-dockerhub', passwordVariable: 'dpass', usernameVariable: 'duser')]) { - sh 'docker login -u "${duser}" -p "${dpass}"' - sh "./scripts/buildx --push ${buildxPushTags}" - } + sh "./scripts/buildx --push ${buildxPushTags}" } } stage('Docs / Comment') { From 304899e604530c9c115ed6ff2c5fd04335d545a3 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Fri, 11 Oct 2024 03:22:32 +0000 Subject: [PATCH 033/175] Bump elliptic from 6.5.4 to 6.5.7 in /frontend Bumps [elliptic](https://github.com/indutny/elliptic) from 6.5.4 to 6.5.7. - [Commits](https://github.com/indutny/elliptic/compare/v6.5.4...v6.5.7) --- updated-dependencies: - dependency-name: elliptic dependency-type: indirect ... Signed-off-by: dependabot[bot] --- frontend/yarn.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/frontend/yarn.lock b/frontend/yarn.lock index 371f3c5f9..c37fc95df 100644 --- a/frontend/yarn.lock +++ b/frontend/yarn.lock @@ -2648,9 +2648,9 @@ electron-to-chromium@^1.3.47: integrity sha512-67V62Z4CFOiAtox+o+tosGfVk0QX4DJgH609tjT8QymbJZVAI/jWnAthnr8c5hnRNziIRwkc9EMQYejiVz3/9Q== elliptic@^6.5.3, elliptic@^6.5.4: - version "6.5.4" - resolved "https://registry.yarnpkg.com/elliptic/-/elliptic-6.5.4.tgz#da37cebd31e79a1367e941b592ed1fbebd58abbb" - integrity sha512-iLhC6ULemrljPZb+QutR5TQGB+pdW6KGD5RSegS+8sorOZT+rdQFbsQFJgvN3eRqNALqJer4oQ16YvJHlU8hzQ== + version "6.5.7" + resolved "https://registry.yarnpkg.com/elliptic/-/elliptic-6.5.7.tgz#8ec4da2cb2939926a1b9a73619d768207e647c8b" + integrity sha512-ESVCtTwiA+XhY3wyh24QqRGBoP3rEdDUl3EDUUo9tft074fi19IrdpH7hLCMMP3CIj7jb3W96rn8lt/BqIlt5Q== dependencies: bn.js "^4.11.9" brorand "^1.1.0" From 4e035f285d2d1015ffd23cf8e3967bd199bf19e3 Mon Sep 17 00:00:00 2001 From: Jamie Curnow Date: Fri, 11 Oct 2024 13:26:00 +1000 Subject: [PATCH 034/175] Update deps in docs --- docs/package.json | 2 +- docs/yarn.lock | 1256 ++++++++++++++++++++++++++++----------------- 2 files changed, 793 insertions(+), 465 deletions(-) diff --git a/docs/package.json b/docs/package.json index cc3d08c1c..3e3dcba25 100644 --- a/docs/package.json +++ b/docs/package.json @@ -5,7 +5,7 @@ "preview": "vitepress preview" }, "devDependencies": { - "vitepress": "^1.1.4" + "vitepress": "^1.4.0" }, "dependencies": {} } diff --git a/docs/yarn.lock b/docs/yarn.lock index dca47086c..01fe29962 100644 --- a/docs/yarn.lock +++ b/docs/yarn.lock @@ -150,413 +150,498 @@ "@algolia/logger-common" "4.23.3" "@algolia/requester-common" "4.23.3" -"@babel/parser@^7.24.4": - version "7.24.5" - resolved "https://registry.yarnpkg.com/@babel/parser/-/parser-7.24.5.tgz#4a4d5ab4315579e5398a82dcf636ca80c3392790" - integrity sha512-EOv5IK8arwh3LI47dz1b0tKUb/1uhHAnHJOrjgtQMIpu1uXd9mlFrJg9IUgGUgZ41Ch0K8REPTYpO7B76b4vJg== - -"@docsearch/css@3.6.0", "@docsearch/css@^3.6.0": - version "3.6.0" - resolved "https://registry.yarnpkg.com/@docsearch/css/-/css-3.6.0.tgz#0e9f56f704b3a34d044d15fd9962ebc1536ba4fb" - integrity sha512-+sbxb71sWre+PwDK7X2T8+bhS6clcVMLwBPznX45Qu6opJcgRjAp7gYSDzVFp187J+feSj5dNBN1mJoi6ckkUQ== - -"@docsearch/js@^3.6.0": - version "3.6.0" - resolved "https://registry.yarnpkg.com/@docsearch/js/-/js-3.6.0.tgz#f9e46943449b9092d874944f7a80bcc071004cfb" - integrity sha512-QujhqINEElrkIfKwyyyTfbsfMAYCkylInLYMRqHy7PHc8xTBQCow73tlo/Kc7oIwBrCLf0P3YhjlOeV4v8hevQ== - dependencies: - "@docsearch/react" "3.6.0" +"@babel/helper-string-parser@^7.25.7": + version "7.25.7" + resolved "https://registry.yarnpkg.com/@babel/helper-string-parser/-/helper-string-parser-7.25.7.tgz#d50e8d37b1176207b4fe9acedec386c565a44a54" + integrity sha512-CbkjYdsJNHFk8uqpEkpCvRs3YRp9tY6FmFY7wLMSYuGYkrdUi7r2lc4/wqsvlHoMznX3WJ9IP8giGPq68T/Y6g== + +"@babel/helper-validator-identifier@^7.25.7": + version "7.25.7" + resolved "https://registry.yarnpkg.com/@babel/helper-validator-identifier/-/helper-validator-identifier-7.25.7.tgz#77b7f60c40b15c97df735b38a66ba1d7c3e93da5" + integrity sha512-AM6TzwYqGChO45oiuPqwL2t20/HdMC1rTPAesnBCgPCSF1x3oN9MVUwQV2iyz4xqWrctwK5RNC8LV22kaQCNYg== + +"@babel/parser@^7.25.3": + version "7.25.8" + resolved "https://registry.yarnpkg.com/@babel/parser/-/parser-7.25.8.tgz#f6aaf38e80c36129460c1657c0762db584c9d5e2" + integrity sha512-HcttkxzdPucv3nNFmfOOMfFf64KgdJVqm1KaCm25dPGMLElo9nsLvXeJECQg8UzPuBGLyTSA0ZzqCtDSzKTEoQ== + dependencies: + "@babel/types" "^7.25.8" + +"@babel/types@^7.25.8": + version "7.25.8" + resolved "https://registry.yarnpkg.com/@babel/types/-/types-7.25.8.tgz#5cf6037258e8a9bcad533f4979025140cb9993e1" + integrity sha512-JWtuCu8VQsMladxVz/P4HzHUGCAwpuqacmowgXFs5XjxIgKuNjnLokQzuVjlTvIzODaDmpjT3oxcC48vyk9EWg== + dependencies: + "@babel/helper-string-parser" "^7.25.7" + "@babel/helper-validator-identifier" "^7.25.7" + to-fast-properties "^2.0.0" + +"@docsearch/css@3.6.2", "@docsearch/css@^3.6.2": + version "3.6.2" + resolved "https://registry.yarnpkg.com/@docsearch/css/-/css-3.6.2.tgz#ccd9c83dbfeaf34efe4e3547ee596714ae7e5891" + integrity sha512-vKNZepO2j7MrYBTZIGXvlUOIR+v9KRf70FApRgovWrj3GTs1EITz/Xb0AOlm1xsQBp16clVZj1SY/qaOJbQtZw== + +"@docsearch/js@^3.6.2": + version "3.6.2" + resolved "https://registry.yarnpkg.com/@docsearch/js/-/js-3.6.2.tgz#000d7d255e8387e7c5b82c7b87d3060398e1605d" + integrity sha512-pS4YZF+VzUogYrkblCucQ0Oy2m8Wggk8Kk7lECmZM60hTbaydSIhJTTiCrmoxtBqV8wxORnOqcqqOfbmkkQEcA== + dependencies: + "@docsearch/react" "3.6.2" preact "^10.0.0" -"@docsearch/react@3.6.0": - version "3.6.0" - resolved "https://registry.yarnpkg.com/@docsearch/react/-/react-3.6.0.tgz#b4f25228ecb7fc473741aefac592121e86dd2958" - integrity sha512-HUFut4ztcVNmqy9gp/wxNbC7pTOHhgVVkHVGCACTuLhUKUhKAF9KYHJtMiLUJxEqiFLQiuri1fWF8zqwM/cu1w== +"@docsearch/react@3.6.2": + version "3.6.2" + resolved "https://registry.yarnpkg.com/@docsearch/react/-/react-3.6.2.tgz#32b16dd7d5614f0d39e6bc018549816b68d171b8" + integrity sha512-rtZce46OOkVflCQH71IdbXSFK+S8iJZlUF56XBW5rIgx/eG5qoomC7Ag3anZson1bBac/JFQn7XOBfved/IMRA== dependencies: "@algolia/autocomplete-core" "1.9.3" "@algolia/autocomplete-preset-algolia" "1.9.3" - "@docsearch/css" "3.6.0" + "@docsearch/css" "3.6.2" algoliasearch "^4.19.1" -"@esbuild/aix-ppc64@0.20.2": - version "0.20.2" - resolved "https://registry.yarnpkg.com/@esbuild/aix-ppc64/-/aix-ppc64-0.20.2.tgz#a70f4ac11c6a1dfc18b8bbb13284155d933b9537" - integrity sha512-D+EBOJHXdNZcLJRBkhENNG8Wji2kgc9AZ9KiPr1JuZjsNtyHzrsfLRrY0tk2H2aoFu6RANO1y1iPPUCDYWkb5g== - -"@esbuild/android-arm64@0.20.2": - version "0.20.2" - resolved "https://registry.yarnpkg.com/@esbuild/android-arm64/-/android-arm64-0.20.2.tgz#db1c9202a5bc92ea04c7b6840f1bbe09ebf9e6b9" - integrity sha512-mRzjLacRtl/tWU0SvD8lUEwb61yP9cqQo6noDZP/O8VkwafSYwZ4yWy24kan8jE/IMERpYncRt2dw438LP3Xmg== - -"@esbuild/android-arm@0.20.2": - version "0.20.2" - resolved "https://registry.yarnpkg.com/@esbuild/android-arm/-/android-arm-0.20.2.tgz#3b488c49aee9d491c2c8f98a909b785870d6e995" - integrity sha512-t98Ra6pw2VaDhqNWO2Oph2LXbz/EJcnLmKLGBJwEwXX/JAN83Fym1rU8l0JUWK6HkIbWONCSSatf4sf2NBRx/w== - -"@esbuild/android-x64@0.20.2": - version "0.20.2" - resolved "https://registry.yarnpkg.com/@esbuild/android-x64/-/android-x64-0.20.2.tgz#3b1628029e5576249d2b2d766696e50768449f98" - integrity sha512-btzExgV+/lMGDDa194CcUQm53ncxzeBrWJcncOBxuC6ndBkKxnHdFJn86mCIgTELsooUmwUm9FkhSp5HYu00Rg== - -"@esbuild/darwin-arm64@0.20.2": - version "0.20.2" - resolved "https://registry.yarnpkg.com/@esbuild/darwin-arm64/-/darwin-arm64-0.20.2.tgz#6e8517a045ddd86ae30c6608c8475ebc0c4000bb" - integrity sha512-4J6IRT+10J3aJH3l1yzEg9y3wkTDgDk7TSDFX+wKFiWjqWp/iCfLIYzGyasx9l0SAFPT1HwSCR+0w/h1ES/MjA== - -"@esbuild/darwin-x64@0.20.2": - version "0.20.2" - resolved "https://registry.yarnpkg.com/@esbuild/darwin-x64/-/darwin-x64-0.20.2.tgz#90ed098e1f9dd8a9381695b207e1cff45540a0d0" - integrity sha512-tBcXp9KNphnNH0dfhv8KYkZhjc+H3XBkF5DKtswJblV7KlT9EI2+jeA8DgBjp908WEuYll6pF+UStUCfEpdysA== - -"@esbuild/freebsd-arm64@0.20.2": - version "0.20.2" - resolved "https://registry.yarnpkg.com/@esbuild/freebsd-arm64/-/freebsd-arm64-0.20.2.tgz#d71502d1ee89a1130327e890364666c760a2a911" - integrity sha512-d3qI41G4SuLiCGCFGUrKsSeTXyWG6yem1KcGZVS+3FYlYhtNoNgYrWcvkOoaqMhwXSMrZRl69ArHsGJ9mYdbbw== - -"@esbuild/freebsd-x64@0.20.2": - version "0.20.2" - resolved "https://registry.yarnpkg.com/@esbuild/freebsd-x64/-/freebsd-x64-0.20.2.tgz#aa5ea58d9c1dd9af688b8b6f63ef0d3d60cea53c" - integrity sha512-d+DipyvHRuqEeM5zDivKV1KuXn9WeRX6vqSqIDgwIfPQtwMP4jaDsQsDncjTDDsExT4lR/91OLjRo8bmC1e+Cw== - -"@esbuild/linux-arm64@0.20.2": - version "0.20.2" - resolved "https://registry.yarnpkg.com/@esbuild/linux-arm64/-/linux-arm64-0.20.2.tgz#055b63725df678379b0f6db9d0fa85463755b2e5" - integrity sha512-9pb6rBjGvTFNira2FLIWqDk/uaf42sSyLE8j1rnUpuzsODBq7FvpwHYZxQ/It/8b+QOS1RYfqgGFNLRI+qlq2A== - -"@esbuild/linux-arm@0.20.2": - version "0.20.2" - resolved "https://registry.yarnpkg.com/@esbuild/linux-arm/-/linux-arm-0.20.2.tgz#76b3b98cb1f87936fbc37f073efabad49dcd889c" - integrity sha512-VhLPeR8HTMPccbuWWcEUD1Az68TqaTYyj6nfE4QByZIQEQVWBB8vup8PpR7y1QHL3CpcF6xd5WVBU/+SBEvGTg== - -"@esbuild/linux-ia32@0.20.2": - version "0.20.2" - resolved "https://registry.yarnpkg.com/@esbuild/linux-ia32/-/linux-ia32-0.20.2.tgz#c0e5e787c285264e5dfc7a79f04b8b4eefdad7fa" - integrity sha512-o10utieEkNPFDZFQm9CoP7Tvb33UutoJqg3qKf1PWVeeJhJw0Q347PxMvBgVVFgouYLGIhFYG0UGdBumROyiig== - -"@esbuild/linux-loong64@0.20.2": - version "0.20.2" - resolved "https://registry.yarnpkg.com/@esbuild/linux-loong64/-/linux-loong64-0.20.2.tgz#a6184e62bd7cdc63e0c0448b83801001653219c5" - integrity sha512-PR7sp6R/UC4CFVomVINKJ80pMFlfDfMQMYynX7t1tNTeivQ6XdX5r2XovMmha/VjR1YN/HgHWsVcTRIMkymrgQ== - -"@esbuild/linux-mips64el@0.20.2": - version "0.20.2" - resolved "https://registry.yarnpkg.com/@esbuild/linux-mips64el/-/linux-mips64el-0.20.2.tgz#d08e39ce86f45ef8fc88549d29c62b8acf5649aa" - integrity sha512-4BlTqeutE/KnOiTG5Y6Sb/Hw6hsBOZapOVF6njAESHInhlQAghVVZL1ZpIctBOoTFbQyGW+LsVYZ8lSSB3wkjA== - -"@esbuild/linux-ppc64@0.20.2": - version "0.20.2" - resolved "https://registry.yarnpkg.com/@esbuild/linux-ppc64/-/linux-ppc64-0.20.2.tgz#8d252f0b7756ffd6d1cbde5ea67ff8fd20437f20" - integrity sha512-rD3KsaDprDcfajSKdn25ooz5J5/fWBylaaXkuotBDGnMnDP1Uv5DLAN/45qfnf3JDYyJv/ytGHQaziHUdyzaAg== - -"@esbuild/linux-riscv64@0.20.2": - version "0.20.2" - resolved "https://registry.yarnpkg.com/@esbuild/linux-riscv64/-/linux-riscv64-0.20.2.tgz#19f6dcdb14409dae607f66ca1181dd4e9db81300" - integrity sha512-snwmBKacKmwTMmhLlz/3aH1Q9T8v45bKYGE3j26TsaOVtjIag4wLfWSiZykXzXuE1kbCE+zJRmwp+ZbIHinnVg== - -"@esbuild/linux-s390x@0.20.2": - version "0.20.2" - resolved "https://registry.yarnpkg.com/@esbuild/linux-s390x/-/linux-s390x-0.20.2.tgz#3c830c90f1a5d7dd1473d5595ea4ebb920988685" - integrity sha512-wcWISOobRWNm3cezm5HOZcYz1sKoHLd8VL1dl309DiixxVFoFe/o8HnwuIwn6sXre88Nwj+VwZUvJf4AFxkyrQ== - -"@esbuild/linux-x64@0.20.2": - version "0.20.2" - resolved "https://registry.yarnpkg.com/@esbuild/linux-x64/-/linux-x64-0.20.2.tgz#86eca35203afc0d9de0694c64ec0ab0a378f6fff" - integrity sha512-1MdwI6OOTsfQfek8sLwgyjOXAu+wKhLEoaOLTjbijk6E2WONYpH9ZU2mNtR+lZ2B4uwr+usqGuVfFT9tMtGvGw== - -"@esbuild/netbsd-x64@0.20.2": - version "0.20.2" - resolved "https://registry.yarnpkg.com/@esbuild/netbsd-x64/-/netbsd-x64-0.20.2.tgz#e771c8eb0e0f6e1877ffd4220036b98aed5915e6" - integrity sha512-K8/DhBxcVQkzYc43yJXDSyjlFeHQJBiowJ0uVL6Tor3jGQfSGHNNJcWxNbOI8v5k82prYqzPuwkzHt3J1T1iZQ== - -"@esbuild/openbsd-x64@0.20.2": - version "0.20.2" - resolved "https://registry.yarnpkg.com/@esbuild/openbsd-x64/-/openbsd-x64-0.20.2.tgz#9a795ae4b4e37e674f0f4d716f3e226dd7c39baf" - integrity sha512-eMpKlV0SThJmmJgiVyN9jTPJ2VBPquf6Kt/nAoo6DgHAoN57K15ZghiHaMvqjCye/uU4X5u3YSMgVBI1h3vKrQ== - -"@esbuild/sunos-x64@0.20.2": - version "0.20.2" - resolved "https://registry.yarnpkg.com/@esbuild/sunos-x64/-/sunos-x64-0.20.2.tgz#7df23b61a497b8ac189def6e25a95673caedb03f" - integrity sha512-2UyFtRC6cXLyejf/YEld4Hajo7UHILetzE1vsRcGL3earZEW77JxrFjH4Ez2qaTiEfMgAXxfAZCm1fvM/G/o8w== - -"@esbuild/win32-arm64@0.20.2": - version "0.20.2" - resolved "https://registry.yarnpkg.com/@esbuild/win32-arm64/-/win32-arm64-0.20.2.tgz#f1ae5abf9ca052ae11c1bc806fb4c0f519bacf90" - integrity sha512-GRibxoawM9ZCnDxnP3usoUDO9vUkpAxIIZ6GQI+IlVmr5kP3zUq+l17xELTHMWTWzjxa2guPNyrpq1GWmPvcGQ== - -"@esbuild/win32-ia32@0.20.2": - version "0.20.2" - resolved "https://registry.yarnpkg.com/@esbuild/win32-ia32/-/win32-ia32-0.20.2.tgz#241fe62c34d8e8461cd708277813e1d0ba55ce23" - integrity sha512-HfLOfn9YWmkSKRQqovpnITazdtquEW8/SoHW7pWpuEeguaZI4QnCRW6b+oZTztdBnZOS2hqJ6im/D5cPzBTTlQ== - -"@esbuild/win32-x64@0.20.2": - version "0.20.2" - resolved "https://registry.yarnpkg.com/@esbuild/win32-x64/-/win32-x64-0.20.2.tgz#9c907b21e30a52db959ba4f80bb01a0cc403d5cc" - integrity sha512-N49X4lJX27+l9jbLKSqZ6bKNjzQvHaT8IIFUy+YIqmXQdjYCToGWwOItDrfby14c78aDd5NHQl29xingXfCdLQ== - -"@jridgewell/sourcemap-codec@^1.4.15": - version "1.4.15" - resolved "https://registry.yarnpkg.com/@jridgewell/sourcemap-codec/-/sourcemap-codec-1.4.15.tgz#d7c6e6755c78567a951e04ab52ef0fd26de59f32" - integrity sha512-eF2rxCRulEKXHTRiDrDy6erMYWqNw4LPdQ8UQA4huuxaQsVeRPFl2oM8oDGxMFhJUWZf9McpLtJasDDZb/Bpeg== - -"@rollup/rollup-android-arm-eabi@4.22.4": - version "4.22.4" - resolved "https://registry.yarnpkg.com/@rollup/rollup-android-arm-eabi/-/rollup-android-arm-eabi-4.22.4.tgz#8b613b9725e8f9479d142970b106b6ae878610d5" - integrity sha512-Fxamp4aEZnfPOcGA8KSNEohV8hX7zVHOemC8jVBoBUHu5zpJK/Eu3uJwt6BMgy9fkvzxDaurgj96F/NiLukF2w== - -"@rollup/rollup-android-arm64@4.22.4": - version "4.22.4" - resolved "https://registry.yarnpkg.com/@rollup/rollup-android-arm64/-/rollup-android-arm64-4.22.4.tgz#654ca1049189132ff602bfcf8df14c18da1f15fb" - integrity sha512-VXoK5UMrgECLYaMuGuVTOx5kcuap1Jm8g/M83RnCHBKOqvPPmROFJGQaZhGccnsFtfXQ3XYa4/jMCJvZnbJBdA== - -"@rollup/rollup-darwin-arm64@4.22.4": - version "4.22.4" - resolved "https://registry.yarnpkg.com/@rollup/rollup-darwin-arm64/-/rollup-darwin-arm64-4.22.4.tgz#6d241d099d1518ef0c2205d96b3fa52e0fe1954b" - integrity sha512-xMM9ORBqu81jyMKCDP+SZDhnX2QEVQzTcC6G18KlTQEzWK8r/oNZtKuZaCcHhnsa6fEeOBionoyl5JsAbE/36Q== - -"@rollup/rollup-darwin-x64@4.22.4": - version "4.22.4" - resolved "https://registry.yarnpkg.com/@rollup/rollup-darwin-x64/-/rollup-darwin-x64-4.22.4.tgz#42bd19d292a57ee11734c980c4650de26b457791" - integrity sha512-aJJyYKQwbHuhTUrjWjxEvGnNNBCnmpHDvrb8JFDbeSH3m2XdHcxDd3jthAzvmoI8w/kSjd2y0udT+4okADsZIw== - -"@rollup/rollup-linux-arm-gnueabihf@4.22.4": - version "4.22.4" - resolved "https://registry.yarnpkg.com/@rollup/rollup-linux-arm-gnueabihf/-/rollup-linux-arm-gnueabihf-4.22.4.tgz#f23555ee3d8fe941c5c5fd458cd22b65eb1c2232" - integrity sha512-j63YtCIRAzbO+gC2L9dWXRh5BFetsv0j0va0Wi9epXDgU/XUi5dJKo4USTttVyK7fGw2nPWK0PbAvyliz50SCQ== - -"@rollup/rollup-linux-arm-musleabihf@4.22.4": - version "4.22.4" - resolved "https://registry.yarnpkg.com/@rollup/rollup-linux-arm-musleabihf/-/rollup-linux-arm-musleabihf-4.22.4.tgz#f3bbd1ae2420f5539d40ac1fde2b38da67779baa" - integrity sha512-dJnWUgwWBX1YBRsuKKMOlXCzh2Wu1mlHzv20TpqEsfdZLb3WoJW2kIEsGwLkroYf24IrPAvOT/ZQ2OYMV6vlrg== - -"@rollup/rollup-linux-arm64-gnu@4.22.4": - version "4.22.4" - resolved "https://registry.yarnpkg.com/@rollup/rollup-linux-arm64-gnu/-/rollup-linux-arm64-gnu-4.22.4.tgz#7abe900120113e08a1f90afb84c7c28774054d15" - integrity sha512-AdPRoNi3NKVLolCN/Sp4F4N1d98c4SBnHMKoLuiG6RXgoZ4sllseuGioszumnPGmPM2O7qaAX/IJdeDU8f26Aw== - -"@rollup/rollup-linux-arm64-musl@4.22.4": - version "4.22.4" - resolved "https://registry.yarnpkg.com/@rollup/rollup-linux-arm64-musl/-/rollup-linux-arm64-musl-4.22.4.tgz#9e655285c8175cd44f57d6a1e8e5dedfbba1d820" - integrity sha512-Gl0AxBtDg8uoAn5CCqQDMqAx22Wx22pjDOjBdmG0VIWX3qUBHzYmOKh8KXHL4UpogfJ14G4wk16EQogF+v8hmA== - -"@rollup/rollup-linux-powerpc64le-gnu@4.22.4": - version "4.22.4" - resolved "https://registry.yarnpkg.com/@rollup/rollup-linux-powerpc64le-gnu/-/rollup-linux-powerpc64le-gnu-4.22.4.tgz#9a79ae6c9e9d8fe83d49e2712ecf4302db5bef5e" - integrity sha512-3aVCK9xfWW1oGQpTsYJJPF6bfpWfhbRnhdlyhak2ZiyFLDaayz0EP5j9V1RVLAAxlmWKTDfS9wyRyY3hvhPoOg== - -"@rollup/rollup-linux-riscv64-gnu@4.22.4": - version "4.22.4" - resolved "https://registry.yarnpkg.com/@rollup/rollup-linux-riscv64-gnu/-/rollup-linux-riscv64-gnu-4.22.4.tgz#67ac70eca4ace8e2942fabca95164e8874ab8128" - integrity sha512-ePYIir6VYnhgv2C5Xe9u+ico4t8sZWXschR6fMgoPUK31yQu7hTEJb7bCqivHECwIClJfKgE7zYsh1qTP3WHUA== - -"@rollup/rollup-linux-s390x-gnu@4.22.4": - version "4.22.4" - resolved "https://registry.yarnpkg.com/@rollup/rollup-linux-s390x-gnu/-/rollup-linux-s390x-gnu-4.22.4.tgz#9f883a7440f51a22ed7f99e1d070bd84ea5005fc" - integrity sha512-GqFJ9wLlbB9daxhVlrTe61vJtEY99/xB3C8e4ULVsVfflcpmR6c8UZXjtkMA6FhNONhj2eA5Tk9uAVw5orEs4Q== - -"@rollup/rollup-linux-x64-gnu@4.22.4": - version "4.22.4" - resolved "https://registry.yarnpkg.com/@rollup/rollup-linux-x64-gnu/-/rollup-linux-x64-gnu-4.22.4.tgz#70116ae6c577fe367f58559e2cffb5641a1dd9d0" - integrity sha512-87v0ol2sH9GE3cLQLNEy0K/R0pz1nvg76o8M5nhMR0+Q+BBGLnb35P0fVz4CQxHYXaAOhE8HhlkaZfsdUOlHwg== - -"@rollup/rollup-linux-x64-musl@4.22.4": - version "4.22.4" - resolved "https://registry.yarnpkg.com/@rollup/rollup-linux-x64-musl/-/rollup-linux-x64-musl-4.22.4.tgz#f473f88219feb07b0b98b53a7923be716d1d182f" - integrity sha512-UV6FZMUgePDZrFjrNGIWzDo/vABebuXBhJEqrHxrGiU6HikPy0Z3LfdtciIttEUQfuDdCn8fqh7wiFJjCNwO+g== - -"@rollup/rollup-win32-arm64-msvc@4.22.4": - version "4.22.4" - resolved "https://registry.yarnpkg.com/@rollup/rollup-win32-arm64-msvc/-/rollup-win32-arm64-msvc-4.22.4.tgz#4349482d17f5d1c58604d1c8900540d676f420e0" - integrity sha512-BjI+NVVEGAXjGWYHz/vv0pBqfGoUH0IGZ0cICTn7kB9PyjrATSkX+8WkguNjWoj2qSr1im/+tTGRaY+4/PdcQw== - -"@rollup/rollup-win32-ia32-msvc@4.22.4": - version "4.22.4" - resolved "https://registry.yarnpkg.com/@rollup/rollup-win32-ia32-msvc/-/rollup-win32-ia32-msvc-4.22.4.tgz#a6fc39a15db618040ec3c2a24c1e26cb5f4d7422" - integrity sha512-SiWG/1TuUdPvYmzmYnmd3IEifzR61Tragkbx9D3+R8mzQqDBz8v+BvZNDlkiTtI9T15KYZhP0ehn3Dld4n9J5g== - -"@rollup/rollup-win32-x64-msvc@4.22.4": - version "4.22.4" - resolved "https://registry.yarnpkg.com/@rollup/rollup-win32-x64-msvc/-/rollup-win32-x64-msvc-4.22.4.tgz#3dd5d53e900df2a40841882c02e56f866c04d202" - integrity sha512-j8pPKp53/lq9lMXN57S8cFz0MynJk8OWNuUnXct/9KCpKU7DgU3bYMJhwWmcqC0UU29p8Lr0/7KEVcaM6bf47Q== - -"@shikijs/core@1.5.0", "@shikijs/core@^1.3.0": +"@esbuild/aix-ppc64@0.21.5": + version "0.21.5" + resolved "https://registry.yarnpkg.com/@esbuild/aix-ppc64/-/aix-ppc64-0.21.5.tgz#c7184a326533fcdf1b8ee0733e21c713b975575f" + integrity sha512-1SDgH6ZSPTlggy1yI6+Dbkiz8xzpHJEVAlF/AM1tHPLsf5STom9rwtjE4hKAF20FfXXNTFqEYXyJNWh1GiZedQ== + +"@esbuild/android-arm64@0.21.5": + version "0.21.5" + resolved "https://registry.yarnpkg.com/@esbuild/android-arm64/-/android-arm64-0.21.5.tgz#09d9b4357780da9ea3a7dfb833a1f1ff439b4052" + integrity sha512-c0uX9VAUBQ7dTDCjq+wdyGLowMdtR/GoC2U5IYk/7D1H1JYC0qseD7+11iMP2mRLN9RcCMRcjC4YMclCzGwS/A== + +"@esbuild/android-arm@0.21.5": + version "0.21.5" + resolved "https://registry.yarnpkg.com/@esbuild/android-arm/-/android-arm-0.21.5.tgz#9b04384fb771926dfa6d7ad04324ecb2ab9b2e28" + integrity sha512-vCPvzSjpPHEi1siZdlvAlsPxXl7WbOVUBBAowWug4rJHb68Ox8KualB+1ocNvT5fjv6wpkX6o/iEpbDrf68zcg== + +"@esbuild/android-x64@0.21.5": + version "0.21.5" + resolved "https://registry.yarnpkg.com/@esbuild/android-x64/-/android-x64-0.21.5.tgz#29918ec2db754cedcb6c1b04de8cd6547af6461e" + integrity sha512-D7aPRUUNHRBwHxzxRvp856rjUHRFW1SdQATKXH2hqA0kAZb1hKmi02OpYRacl0TxIGz/ZmXWlbZgjwWYaCakTA== + +"@esbuild/darwin-arm64@0.21.5": + version "0.21.5" + resolved "https://registry.yarnpkg.com/@esbuild/darwin-arm64/-/darwin-arm64-0.21.5.tgz#e495b539660e51690f3928af50a76fb0a6ccff2a" + integrity sha512-DwqXqZyuk5AiWWf3UfLiRDJ5EDd49zg6O9wclZ7kUMv2WRFr4HKjXp/5t8JZ11QbQfUS6/cRCKGwYhtNAY88kQ== + +"@esbuild/darwin-x64@0.21.5": + version "0.21.5" + resolved "https://registry.yarnpkg.com/@esbuild/darwin-x64/-/darwin-x64-0.21.5.tgz#c13838fa57372839abdddc91d71542ceea2e1e22" + integrity sha512-se/JjF8NlmKVG4kNIuyWMV/22ZaerB+qaSi5MdrXtd6R08kvs2qCN4C09miupktDitvh8jRFflwGFBQcxZRjbw== + +"@esbuild/freebsd-arm64@0.21.5": + version "0.21.5" + resolved "https://registry.yarnpkg.com/@esbuild/freebsd-arm64/-/freebsd-arm64-0.21.5.tgz#646b989aa20bf89fd071dd5dbfad69a3542e550e" + integrity sha512-5JcRxxRDUJLX8JXp/wcBCy3pENnCgBR9bN6JsY4OmhfUtIHe3ZW0mawA7+RDAcMLrMIZaf03NlQiX9DGyB8h4g== + +"@esbuild/freebsd-x64@0.21.5": + version "0.21.5" + resolved "https://registry.yarnpkg.com/@esbuild/freebsd-x64/-/freebsd-x64-0.21.5.tgz#aa615cfc80af954d3458906e38ca22c18cf5c261" + integrity sha512-J95kNBj1zkbMXtHVH29bBriQygMXqoVQOQYA+ISs0/2l3T9/kj42ow2mpqerRBxDJnmkUDCaQT/dfNXWX/ZZCQ== + +"@esbuild/linux-arm64@0.21.5": + version "0.21.5" + resolved "https://registry.yarnpkg.com/@esbuild/linux-arm64/-/linux-arm64-0.21.5.tgz#70ac6fa14f5cb7e1f7f887bcffb680ad09922b5b" + integrity sha512-ibKvmyYzKsBeX8d8I7MH/TMfWDXBF3db4qM6sy+7re0YXya+K1cem3on9XgdT2EQGMu4hQyZhan7TeQ8XkGp4Q== + +"@esbuild/linux-arm@0.21.5": + version "0.21.5" + resolved "https://registry.yarnpkg.com/@esbuild/linux-arm/-/linux-arm-0.21.5.tgz#fc6fd11a8aca56c1f6f3894f2bea0479f8f626b9" + integrity sha512-bPb5AHZtbeNGjCKVZ9UGqGwo8EUu4cLq68E95A53KlxAPRmUyYv2D6F0uUI65XisGOL1hBP5mTronbgo+0bFcA== + +"@esbuild/linux-ia32@0.21.5": + version "0.21.5" + resolved "https://registry.yarnpkg.com/@esbuild/linux-ia32/-/linux-ia32-0.21.5.tgz#3271f53b3f93e3d093d518d1649d6d68d346ede2" + integrity sha512-YvjXDqLRqPDl2dvRODYmmhz4rPeVKYvppfGYKSNGdyZkA01046pLWyRKKI3ax8fbJoK5QbxblURkwK/MWY18Tg== + +"@esbuild/linux-loong64@0.21.5": + version "0.21.5" + resolved "https://registry.yarnpkg.com/@esbuild/linux-loong64/-/linux-loong64-0.21.5.tgz#ed62e04238c57026aea831c5a130b73c0f9f26df" + integrity sha512-uHf1BmMG8qEvzdrzAqg2SIG/02+4/DHB6a9Kbya0XDvwDEKCoC8ZRWI5JJvNdUjtciBGFQ5PuBlpEOXQj+JQSg== + +"@esbuild/linux-mips64el@0.21.5": + version "0.21.5" + resolved "https://registry.yarnpkg.com/@esbuild/linux-mips64el/-/linux-mips64el-0.21.5.tgz#e79b8eb48bf3b106fadec1ac8240fb97b4e64cbe" + integrity sha512-IajOmO+KJK23bj52dFSNCMsz1QP1DqM6cwLUv3W1QwyxkyIWecfafnI555fvSGqEKwjMXVLokcV5ygHW5b3Jbg== + +"@esbuild/linux-ppc64@0.21.5": + version "0.21.5" + resolved "https://registry.yarnpkg.com/@esbuild/linux-ppc64/-/linux-ppc64-0.21.5.tgz#5f2203860a143b9919d383ef7573521fb154c3e4" + integrity sha512-1hHV/Z4OEfMwpLO8rp7CvlhBDnjsC3CttJXIhBi+5Aj5r+MBvy4egg7wCbe//hSsT+RvDAG7s81tAvpL2XAE4w== + +"@esbuild/linux-riscv64@0.21.5": + version "0.21.5" + resolved "https://registry.yarnpkg.com/@esbuild/linux-riscv64/-/linux-riscv64-0.21.5.tgz#07bcafd99322d5af62f618cb9e6a9b7f4bb825dc" + integrity sha512-2HdXDMd9GMgTGrPWnJzP2ALSokE/0O5HhTUvWIbD3YdjME8JwvSCnNGBnTThKGEB91OZhzrJ4qIIxk/SBmyDDA== + +"@esbuild/linux-s390x@0.21.5": + version "0.21.5" + resolved "https://registry.yarnpkg.com/@esbuild/linux-s390x/-/linux-s390x-0.21.5.tgz#b7ccf686751d6a3e44b8627ababc8be3ef62d8de" + integrity sha512-zus5sxzqBJD3eXxwvjN1yQkRepANgxE9lgOW2qLnmr8ikMTphkjgXu1HR01K4FJg8h1kEEDAqDcZQtbrRnB41A== + +"@esbuild/linux-x64@0.21.5": + version "0.21.5" + resolved "https://registry.yarnpkg.com/@esbuild/linux-x64/-/linux-x64-0.21.5.tgz#6d8f0c768e070e64309af8004bb94e68ab2bb3b0" + integrity sha512-1rYdTpyv03iycF1+BhzrzQJCdOuAOtaqHTWJZCWvijKD2N5Xu0TtVC8/+1faWqcP9iBCWOmjmhoH94dH82BxPQ== + +"@esbuild/netbsd-x64@0.21.5": + version "0.21.5" + resolved "https://registry.yarnpkg.com/@esbuild/netbsd-x64/-/netbsd-x64-0.21.5.tgz#bbe430f60d378ecb88decb219c602667387a6047" + integrity sha512-Woi2MXzXjMULccIwMnLciyZH4nCIMpWQAs049KEeMvOcNADVxo0UBIQPfSmxB3CWKedngg7sWZdLvLczpe0tLg== + +"@esbuild/openbsd-x64@0.21.5": + version "0.21.5" + resolved "https://registry.yarnpkg.com/@esbuild/openbsd-x64/-/openbsd-x64-0.21.5.tgz#99d1cf2937279560d2104821f5ccce220cb2af70" + integrity sha512-HLNNw99xsvx12lFBUwoT8EVCsSvRNDVxNpjZ7bPn947b8gJPzeHWyNVhFsaerc0n3TsbOINvRP2byTZ5LKezow== + +"@esbuild/sunos-x64@0.21.5": + version "0.21.5" + resolved "https://registry.yarnpkg.com/@esbuild/sunos-x64/-/sunos-x64-0.21.5.tgz#08741512c10d529566baba837b4fe052c8f3487b" + integrity sha512-6+gjmFpfy0BHU5Tpptkuh8+uw3mnrvgs+dSPQXQOv3ekbordwnzTVEb4qnIvQcYXq6gzkyTnoZ9dZG+D4garKg== + +"@esbuild/win32-arm64@0.21.5": + version "0.21.5" + resolved "https://registry.yarnpkg.com/@esbuild/win32-arm64/-/win32-arm64-0.21.5.tgz#675b7385398411240735016144ab2e99a60fc75d" + integrity sha512-Z0gOTd75VvXqyq7nsl93zwahcTROgqvuAcYDUr+vOv8uHhNSKROyU961kgtCD1e95IqPKSQKH7tBTslnS3tA8A== + +"@esbuild/win32-ia32@0.21.5": + version "0.21.5" + resolved "https://registry.yarnpkg.com/@esbuild/win32-ia32/-/win32-ia32-0.21.5.tgz#1bfc3ce98aa6ca9a0969e4d2af72144c59c1193b" + integrity sha512-SWXFF1CL2RVNMaVs+BBClwtfZSvDgtL//G/smwAc5oVK/UPu2Gu9tIaRgFmYFFKrmg3SyAjSrElf0TiJ1v8fYA== + +"@esbuild/win32-x64@0.21.5": + version "0.21.5" + resolved "https://registry.yarnpkg.com/@esbuild/win32-x64/-/win32-x64-0.21.5.tgz#acad351d582d157bb145535db2a6ff53dd514b5c" + integrity sha512-tQd/1efJuzPC6rCFwEvLtci/xNFcTZknmXs98FYDfGE4wP9ClFV98nyKrzJKVPMhdDnjzLhdUyMX4PsQAPjwIw== + +"@jridgewell/sourcemap-codec@^1.5.0": version "1.5.0" - resolved "https://registry.yarnpkg.com/@shikijs/core/-/core-1.5.0.tgz#8d594a6d6eb8cfdb9f2de457893e384257f2e0a2" - integrity sha512-tdYjQu+jnvlPbJg4OjgCQ16zAfHlLk+RzA9o025aeaIyUww6W/Vd9TQ2t+gdZgK1fox29/L2yyqXLU6ErzYA0w== + resolved "https://registry.yarnpkg.com/@jridgewell/sourcemap-codec/-/sourcemap-codec-1.5.0.tgz#3188bcb273a414b0d215fd22a58540b989b9409a" + integrity sha512-gv3ZRaISU3fjPAgNsriBRqGWQL6quFx04YMPW/zD8XMLsU32mhCCbfbO6KZFLjvYpCZ8zyDEgqsgf+PwPaM7GQ== + +"@rollup/rollup-android-arm-eabi@4.24.0": + version "4.24.0" + resolved "https://registry.yarnpkg.com/@rollup/rollup-android-arm-eabi/-/rollup-android-arm-eabi-4.24.0.tgz#1661ff5ea9beb362795304cb916049aba7ac9c54" + integrity sha512-Q6HJd7Y6xdB48x8ZNVDOqsbh2uByBhgK8PiQgPhwkIw/HC/YX5Ghq2mQY5sRMZWHb3VsFkWooUVOZHKr7DmDIA== + +"@rollup/rollup-android-arm64@4.24.0": + version "4.24.0" + resolved "https://registry.yarnpkg.com/@rollup/rollup-android-arm64/-/rollup-android-arm64-4.24.0.tgz#2ffaa91f1b55a0082b8a722525741aadcbd3971e" + integrity sha512-ijLnS1qFId8xhKjT81uBHuuJp2lU4x2yxa4ctFPtG+MqEE6+C5f/+X/bStmxapgmwLwiL3ih122xv8kVARNAZA== + +"@rollup/rollup-darwin-arm64@4.24.0": + version "4.24.0" + resolved "https://registry.yarnpkg.com/@rollup/rollup-darwin-arm64/-/rollup-darwin-arm64-4.24.0.tgz#627007221b24b8cc3063703eee0b9177edf49c1f" + integrity sha512-bIv+X9xeSs1XCk6DVvkO+S/z8/2AMt/2lMqdQbMrmVpgFvXlmde9mLcbQpztXm1tajC3raFDqegsH18HQPMYtA== + +"@rollup/rollup-darwin-x64@4.24.0": + version "4.24.0" + resolved "https://registry.yarnpkg.com/@rollup/rollup-darwin-x64/-/rollup-darwin-x64-4.24.0.tgz#0605506142b9e796c370d59c5984ae95b9758724" + integrity sha512-X6/nOwoFN7RT2svEQWUsW/5C/fYMBe4fnLK9DQk4SX4mgVBiTA9h64kjUYPvGQ0F/9xwJ5U5UfTbl6BEjaQdBQ== + +"@rollup/rollup-linux-arm-gnueabihf@4.24.0": + version "4.24.0" + resolved "https://registry.yarnpkg.com/@rollup/rollup-linux-arm-gnueabihf/-/rollup-linux-arm-gnueabihf-4.24.0.tgz#62dfd196d4b10c0c2db833897164d2d319ee0cbb" + integrity sha512-0KXvIJQMOImLCVCz9uvvdPgfyWo93aHHp8ui3FrtOP57svqrF/roSSR5pjqL2hcMp0ljeGlU4q9o/rQaAQ3AYA== + +"@rollup/rollup-linux-arm-musleabihf@4.24.0": + version "4.24.0" + resolved "https://registry.yarnpkg.com/@rollup/rollup-linux-arm-musleabihf/-/rollup-linux-arm-musleabihf-4.24.0.tgz#53ce72aeb982f1f34b58b380baafaf6a240fddb3" + integrity sha512-it2BW6kKFVh8xk/BnHfakEeoLPv8STIISekpoF+nBgWM4d55CZKc7T4Dx1pEbTnYm/xEKMgy1MNtYuoA8RFIWw== + +"@rollup/rollup-linux-arm64-gnu@4.24.0": + version "4.24.0" + resolved "https://registry.yarnpkg.com/@rollup/rollup-linux-arm64-gnu/-/rollup-linux-arm64-gnu-4.24.0.tgz#1632990f62a75c74f43e4b14ab3597d7ed416496" + integrity sha512-i0xTLXjqap2eRfulFVlSnM5dEbTVque/3Pi4g2y7cxrs7+a9De42z4XxKLYJ7+OhE3IgxvfQM7vQc43bwTgPwA== + +"@rollup/rollup-linux-arm64-musl@4.24.0": + version "4.24.0" + resolved "https://registry.yarnpkg.com/@rollup/rollup-linux-arm64-musl/-/rollup-linux-arm64-musl-4.24.0.tgz#8c03a996efb41e257b414b2e0560b7a21f2d9065" + integrity sha512-9E6MKUJhDuDh604Qco5yP/3qn3y7SLXYuiC0Rpr89aMScS2UAmK1wHP2b7KAa1nSjWJc/f/Lc0Wl1L47qjiyQw== + +"@rollup/rollup-linux-powerpc64le-gnu@4.24.0": + version "4.24.0" + resolved "https://registry.yarnpkg.com/@rollup/rollup-linux-powerpc64le-gnu/-/rollup-linux-powerpc64le-gnu-4.24.0.tgz#5b98729628d5bcc8f7f37b58b04d6845f85c7b5d" + integrity sha512-2XFFPJ2XMEiF5Zi2EBf4h73oR1V/lycirxZxHZNc93SqDN/IWhYYSYj8I9381ikUFXZrz2v7r2tOVk2NBwxrWw== + +"@rollup/rollup-linux-riscv64-gnu@4.24.0": + version "4.24.0" + resolved "https://registry.yarnpkg.com/@rollup/rollup-linux-riscv64-gnu/-/rollup-linux-riscv64-gnu-4.24.0.tgz#48e42e41f4cabf3573cfefcb448599c512e22983" + integrity sha512-M3Dg4hlwuntUCdzU7KjYqbbd+BLq3JMAOhCKdBE3TcMGMZbKkDdJ5ivNdehOssMCIokNHFOsv7DO4rlEOfyKpg== + +"@rollup/rollup-linux-s390x-gnu@4.24.0": + version "4.24.0" + resolved "https://registry.yarnpkg.com/@rollup/rollup-linux-s390x-gnu/-/rollup-linux-s390x-gnu-4.24.0.tgz#e0b4f9a966872cb7d3e21b9e412a4b7efd7f0b58" + integrity sha512-mjBaoo4ocxJppTorZVKWFpy1bfFj9FeCMJqzlMQGjpNPY9JwQi7OuS1axzNIk0nMX6jSgy6ZURDZ2w0QW6D56g== + +"@rollup/rollup-linux-x64-gnu@4.24.0": + version "4.24.0" + resolved "https://registry.yarnpkg.com/@rollup/rollup-linux-x64-gnu/-/rollup-linux-x64-gnu-4.24.0.tgz#78144741993100f47bd3da72fce215e077ae036b" + integrity sha512-ZXFk7M72R0YYFN5q13niV0B7G8/5dcQ9JDp8keJSfr3GoZeXEoMHP/HlvqROA3OMbMdfr19IjCeNAnPUG93b6A== + +"@rollup/rollup-linux-x64-musl@4.24.0": + version "4.24.0" + resolved "https://registry.yarnpkg.com/@rollup/rollup-linux-x64-musl/-/rollup-linux-x64-musl-4.24.0.tgz#d9fe32971883cd1bd858336bd33a1c3ca6146127" + integrity sha512-w1i+L7kAXZNdYl+vFvzSZy8Y1arS7vMgIy8wusXJzRrPyof5LAb02KGr1PD2EkRcl73kHulIID0M501lN+vobQ== + +"@rollup/rollup-win32-arm64-msvc@4.24.0": + version "4.24.0" + resolved "https://registry.yarnpkg.com/@rollup/rollup-win32-arm64-msvc/-/rollup-win32-arm64-msvc-4.24.0.tgz#71fa3ea369316db703a909c790743972e98afae5" + integrity sha512-VXBrnPWgBpVDCVY6XF3LEW0pOU51KbaHhccHw6AS6vBWIC60eqsH19DAeeObl+g8nKAz04QFdl/Cefta0xQtUQ== + +"@rollup/rollup-win32-ia32-msvc@4.24.0": + version "4.24.0" + resolved "https://registry.yarnpkg.com/@rollup/rollup-win32-ia32-msvc/-/rollup-win32-ia32-msvc-4.24.0.tgz#653f5989a60658e17d7576a3996deb3902e342e2" + integrity sha512-xrNcGDU0OxVcPTH/8n/ShH4UevZxKIO6HJFK0e15XItZP2UcaiLFd5kiX7hJnqCbSztUF8Qot+JWBC/QXRPYWQ== + +"@rollup/rollup-win32-x64-msvc@4.24.0": + version "4.24.0" + resolved "https://registry.yarnpkg.com/@rollup/rollup-win32-x64-msvc/-/rollup-win32-x64-msvc-4.24.0.tgz#0574d7e87b44ee8511d08cc7f914bcb802b70818" + integrity sha512-fbMkAF7fufku0N2dE5TBXcNlg0pt0cJue4xBRE2Qc5Vqikxr4VCgKj/ht6SMdFcOacVA9rqF70APJ8RN/4vMJw== + +"@shikijs/core@1.22.0", "@shikijs/core@^1.22.0": + version "1.22.0" + resolved "https://registry.yarnpkg.com/@shikijs/core/-/core-1.22.0.tgz#74e5d4485e5f7afa85109e322b42e400686f92bb" + integrity sha512-S8sMe4q71TJAW+qG93s5VaiihujRK6rqDFqBnxqvga/3LvqHEnxqBIOPkt//IdXVtHkQWKu4nOQNk0uBGicU7Q== + dependencies: + "@shikijs/engine-javascript" "1.22.0" + "@shikijs/engine-oniguruma" "1.22.0" + "@shikijs/types" "1.22.0" + "@shikijs/vscode-textmate" "^9.3.0" + "@types/hast" "^3.0.4" + hast-util-to-html "^9.0.3" + +"@shikijs/engine-javascript@1.22.0": + version "1.22.0" + resolved "https://registry.yarnpkg.com/@shikijs/engine-javascript/-/engine-javascript-1.22.0.tgz#2e5db29f0421755492f5279f8224ef7a7f907a29" + integrity sha512-AeEtF4Gcck2dwBqCFUKYfsCq0s+eEbCEbkUuFou53NZ0sTGnJnJ/05KHQFZxpii5HMXbocV9URYVowOP2wH5kw== + dependencies: + "@shikijs/types" "1.22.0" + "@shikijs/vscode-textmate" "^9.3.0" + oniguruma-to-js "0.4.3" + +"@shikijs/engine-oniguruma@1.22.0": + version "1.22.0" + resolved "https://registry.yarnpkg.com/@shikijs/engine-oniguruma/-/engine-oniguruma-1.22.0.tgz#74c661fac4cd1f08f2c09b5d6e2fd2a6720d0401" + integrity sha512-5iBVjhu/DYs1HB0BKsRRFipRrD7rqjxlWTj4F2Pf+nQSPqc3kcyqFFeZXnBMzDf0HdqaFVvhDRAGiYNvyLP+Mw== + dependencies: + "@shikijs/types" "1.22.0" + "@shikijs/vscode-textmate" "^9.3.0" -"@shikijs/transformers@^1.3.0": - version "1.5.0" - resolved "https://registry.yarnpkg.com/@shikijs/transformers/-/transformers-1.5.0.tgz#7d091152eca97bfddceb26e12234944a217e9b50" - integrity sha512-WYCLJ4MhW1LmVqfVjUZny9XLh32kk/mo/y5sCXt5sc5rU21K6LA+yLWHdb0eYhmSc4n+FWTxW3ZNiZs57uwyOA== +"@shikijs/transformers@^1.22.0": + version "1.22.0" + resolved "https://registry.yarnpkg.com/@shikijs/transformers/-/transformers-1.22.0.tgz#f36fa4d769e36db9a91e09877cf48b3a04d26aba" + integrity sha512-k7iMOYuGQA62KwAuJOQBgH2IQb5vP8uiB3lMvAMGUgAMMurePOx3Z7oNqJdcpxqZP6I9cc7nc4DNqSKduCxmdg== dependencies: - shiki "1.5.0" + shiki "1.22.0" -"@types/estree@1.0.5": - version "1.0.5" - resolved "https://registry.yarnpkg.com/@types/estree/-/estree-1.0.5.tgz#a6ce3e556e00fd9895dd872dd172ad0d4bd687f4" - integrity sha512-/kYRxGDLWzHOB7q+wtSUQlFrtcdUccpfy+X+9iMBpHK8QLLhx2wIPYuS5DYtR9Wa/YlZAbIovy7qVdB1Aq6Lyw== +"@shikijs/types@1.22.0", "@shikijs/types@^1.22.0": + version "1.22.0" + resolved "https://registry.yarnpkg.com/@shikijs/types/-/types-1.22.0.tgz#d2a572381395c9308b472c8199b8e0289753b9ad" + integrity sha512-Fw/Nr7FGFhlQqHfxzZY8Cwtwk5E9nKDUgeLjZgt3UuhcM3yJR9xj3ZGNravZZok8XmEZMiYkSMTPlPkULB8nww== + dependencies: + "@shikijs/vscode-textmate" "^9.3.0" + "@types/hast" "^3.0.4" + +"@shikijs/vscode-textmate@^9.3.0": + version "9.3.0" + resolved "https://registry.yarnpkg.com/@shikijs/vscode-textmate/-/vscode-textmate-9.3.0.tgz#b2f1776e488c1d6c2b6cd129bab62f71bbc9c7ab" + integrity sha512-jn7/7ky30idSkd/O5yDBfAnVt+JJpepofP/POZ1iMOxK59cOfqIgg/Dj0eFsjOTMw+4ycJN0uhZH/Eb0bs/EUA== + +"@types/estree@1.0.6": + version "1.0.6" + resolved "https://registry.yarnpkg.com/@types/estree/-/estree-1.0.6.tgz#628effeeae2064a1b4e79f78e81d87b7e5fc7b50" + integrity sha512-AYnb1nQyY49te+VRAVgmzfcgjYS91mY5P0TKUDCLEM+gNnA+3T6rWITXRLYCpahpqSQbN5cE+gHpnPyXjHWxcw== + +"@types/hast@^3.0.0", "@types/hast@^3.0.4": + version "3.0.4" + resolved "https://registry.yarnpkg.com/@types/hast/-/hast-3.0.4.tgz#1d6b39993b82cea6ad783945b0508c25903e15aa" + integrity sha512-WPs+bbQw5aCj+x6laNGWLH3wviHtoCv/P3+otBhbOhJgG8qtpdAMlTCxLtsTWA7LH1Oh/bFCHsBn0TPS5m30EQ== + dependencies: + "@types/unist" "*" "@types/linkify-it@^5": version "5.0.0" resolved "https://registry.yarnpkg.com/@types/linkify-it/-/linkify-it-5.0.0.tgz#21413001973106cda1c3a9b91eedd4ccd5469d76" integrity sha512-sVDA58zAw4eWAffKOaQH5/5j3XeayukzDk+ewSsnv3p4yJEZHCCzMDiZM8e0OUrRvmpGZ85jf4yDHkHsgBNr9Q== -"@types/markdown-it@^14.0.1": - version "14.1.1" - resolved "https://registry.yarnpkg.com/@types/markdown-it/-/markdown-it-14.1.1.tgz#06bafb7a4e3f77b62b1f308acf7df76687887e0b" - integrity sha512-4NpsnpYl2Gt1ljyBGrKMxFYAYvpqbnnkgP/i/g+NLpjEUa3obn1XJCur9YbEXKDAkaXqsR1LbDnGEJ0MmKFxfg== +"@types/markdown-it@^14.1.2": + version "14.1.2" + resolved "https://registry.yarnpkg.com/@types/markdown-it/-/markdown-it-14.1.2.tgz#57f2532a0800067d9b934f3521429a2e8bfb4c61" + integrity sha512-promo4eFwuiW+TfGxhi+0x3czqTYJkG8qB17ZUJiVF10Xm7NLVRSLUsfRTU/6h1e24VvRnXCx+hG7li58lkzog== dependencies: "@types/linkify-it" "^5" "@types/mdurl" "^2" +"@types/mdast@^4.0.0": + version "4.0.4" + resolved "https://registry.yarnpkg.com/@types/mdast/-/mdast-4.0.4.tgz#7ccf72edd2f1aa7dd3437e180c64373585804dd6" + integrity sha512-kGaNbPh1k7AFzgpud/gMdvIm5xuECykRR+JnWKQno9TAXVa6WIVCGTPvYGekIDL4uwCZQSYbUxNBSb1aUo79oA== + dependencies: + "@types/unist" "*" + "@types/mdurl@^2": version "2.0.0" resolved "https://registry.yarnpkg.com/@types/mdurl/-/mdurl-2.0.0.tgz#d43878b5b20222682163ae6f897b20447233bdfd" integrity sha512-RGdgjQUZba5p6QEFAVx2OGb8rQDL/cPRG7GiedRzMcJ1tYnUANBncjbSB1NRGwbvjcPeikRABz2nshyPk1bhWg== +"@types/unist@*", "@types/unist@^3.0.0": + version "3.0.3" + resolved "https://registry.yarnpkg.com/@types/unist/-/unist-3.0.3.tgz#acaab0f919ce69cce629c2d4ed2eb4adc1b6c20c" + integrity sha512-ko/gIFJRv177XgZsZcBwnqJN5x/Gien8qNOn0D5bQU/zAzVf9Zt3BlcUiLqhV9y4ARk0GbT3tnUiPNgnTXzc/Q== + "@types/web-bluetooth@^0.0.20": version "0.0.20" resolved "https://registry.yarnpkg.com/@types/web-bluetooth/-/web-bluetooth-0.0.20.tgz#f066abfcd1cbe66267cdbbf0de010d8a41b41597" integrity sha512-g9gZnnXVq7gM7v3tJCWV/qw7w+KeOlSHAhgF9RytFyifW6AF61hdT2ucrYhPq9hLs5JIryeupHV3qGk95dH9ow== -"@vitejs/plugin-vue@^5.0.4": - version "5.0.4" - resolved "https://registry.yarnpkg.com/@vitejs/plugin-vue/-/plugin-vue-5.0.4.tgz#508d6a0f2440f86945835d903fcc0d95d1bb8a37" - integrity sha512-WS3hevEszI6CEVEx28F8RjTX97k3KsrcY6kvTg7+Whm5y3oYvcqzVeGCU3hxSAn4uY2CLCkeokkGKpoctccilQ== - -"@vue/compiler-core@3.4.27": - version "3.4.27" - resolved "https://registry.yarnpkg.com/@vue/compiler-core/-/compiler-core-3.4.27.tgz#e69060f4b61429fe57976aa5872cfa21389e4d91" - integrity sha512-E+RyqY24KnyDXsCuQrI+mlcdW3ALND6U7Gqa/+bVwbcpcR3BRRIckFoz7Qyd4TTlnugtwuI7YgjbvsLmxb+yvg== +"@ungap/structured-clone@^1.0.0": + version "1.2.0" + resolved "https://registry.yarnpkg.com/@ungap/structured-clone/-/structured-clone-1.2.0.tgz#756641adb587851b5ccb3e095daf27ae581c8406" + integrity sha512-zuVdFrMJiuCDQUMCzQaD6KL28MjnqqN8XnAqiEq9PNm/hCPTSGfrXCOfwj1ow4LFb/tNymJPwsNbVePc1xFqrQ== + +"@vitejs/plugin-vue@^5.1.4": + version "5.1.4" + resolved "https://registry.yarnpkg.com/@vitejs/plugin-vue/-/plugin-vue-5.1.4.tgz#72b8b705cfce36b00b59af196195146e356500c4" + integrity sha512-N2XSI2n3sQqp5w7Y/AN/L2XDjBIRGqXko+eDp42sydYSBeJuSm5a1sLf8zakmo8u7tA8NmBgoDLA1HeOESjp9A== + +"@vue/compiler-core@3.5.11": + version "3.5.11" + resolved "https://registry.yarnpkg.com/@vue/compiler-core/-/compiler-core-3.5.11.tgz#3dcd0c1bab10732f44ab1790735afb03a4b69edc" + integrity sha512-PwAdxs7/9Hc3ieBO12tXzmTD+Ln4qhT/56S+8DvrrZ4kLDn4Z/AMUr8tXJD0axiJBS0RKIoNaR0yMuQB9v9Udg== dependencies: - "@babel/parser" "^7.24.4" - "@vue/shared" "3.4.27" + "@babel/parser" "^7.25.3" + "@vue/shared" "3.5.11" entities "^4.5.0" estree-walker "^2.0.2" source-map-js "^1.2.0" -"@vue/compiler-dom@3.4.27": - version "3.4.27" - resolved "https://registry.yarnpkg.com/@vue/compiler-dom/-/compiler-dom-3.4.27.tgz#d51d35f40d00ce235d7afc6ad8b09dfd92b1cc1c" - integrity sha512-kUTvochG/oVgE1w5ViSr3KUBh9X7CWirebA3bezTbB5ZKBQZwR2Mwj9uoSKRMFcz4gSMzzLXBPD6KpCLb9nvWw== +"@vue/compiler-dom@3.5.11": + version "3.5.11" + resolved "https://registry.yarnpkg.com/@vue/compiler-dom/-/compiler-dom-3.5.11.tgz#950f8fc610e26326fed008b8d102cc8ee78a6ce5" + integrity sha512-pyGf8zdbDDRkBrEzf8p7BQlMKNNF5Fk/Cf/fQ6PiUz9at4OaUfyXW0dGJTo2Vl1f5U9jSLCNf0EZJEogLXoeew== dependencies: - "@vue/compiler-core" "3.4.27" - "@vue/shared" "3.4.27" + "@vue/compiler-core" "3.5.11" + "@vue/shared" "3.5.11" -"@vue/compiler-sfc@3.4.27": - version "3.4.27" - resolved "https://registry.yarnpkg.com/@vue/compiler-sfc/-/compiler-sfc-3.4.27.tgz#399cac1b75c6737bf5440dc9cf3c385bb2959701" - integrity sha512-nDwntUEADssW8e0rrmE0+OrONwmRlegDA1pD6QhVeXxjIytV03yDqTey9SBDiALsvAd5U4ZrEKbMyVXhX6mCGA== +"@vue/compiler-sfc@3.5.11": + version "3.5.11" + resolved "https://registry.yarnpkg.com/@vue/compiler-sfc/-/compiler-sfc-3.5.11.tgz#68ba7bc6fed4fec6892aed118cb3ee8e4b180d06" + integrity sha512-gsbBtT4N9ANXXepprle+X9YLg2htQk1sqH/qGJ/EApl+dgpUBdTv3yP7YlR535uHZY3n6XaR0/bKo0BgwwDniw== dependencies: - "@babel/parser" "^7.24.4" - "@vue/compiler-core" "3.4.27" - "@vue/compiler-dom" "3.4.27" - "@vue/compiler-ssr" "3.4.27" - "@vue/shared" "3.4.27" + "@babel/parser" "^7.25.3" + "@vue/compiler-core" "3.5.11" + "@vue/compiler-dom" "3.5.11" + "@vue/compiler-ssr" "3.5.11" + "@vue/shared" "3.5.11" estree-walker "^2.0.2" - magic-string "^0.30.10" - postcss "^8.4.38" + magic-string "^0.30.11" + postcss "^8.4.47" source-map-js "^1.2.0" -"@vue/compiler-ssr@3.4.27": - version "3.4.27" - resolved "https://registry.yarnpkg.com/@vue/compiler-ssr/-/compiler-ssr-3.4.27.tgz#2a8ecfef1cf448b09be633901a9c020360472e3d" - integrity sha512-CVRzSJIltzMG5FcidsW0jKNQnNRYC8bT21VegyMMtHmhW3UOI7knmUehzswXLrExDLE6lQCZdrhD4ogI7c+vuw== +"@vue/compiler-ssr@3.5.11": + version "3.5.11" + resolved "https://registry.yarnpkg.com/@vue/compiler-ssr/-/compiler-ssr-3.5.11.tgz#02d9891c7a649bbf06490ecd8d24dd1575d53e60" + integrity sha512-P4+GPjOuC2aFTk1Z4WANvEhyOykcvEd5bIj2KVNGKGfM745LaXGr++5njpdBTzVz5pZifdlR1kpYSJJpIlSePA== dependencies: - "@vue/compiler-dom" "3.4.27" - "@vue/shared" "3.4.27" + "@vue/compiler-dom" "3.5.11" + "@vue/shared" "3.5.11" -"@vue/devtools-api@^7.0.27": - version "7.1.3" - resolved "https://registry.yarnpkg.com/@vue/devtools-api/-/devtools-api-7.1.3.tgz#b1cc9050025022193204ad804a9669e384fee8b0" - integrity sha512-W8IwFJ/o5iUk78jpqhvScbgCsPiOp2uileDVC0NDtW38gCWhsnu9SeBTjcdu3lbwLdsjc+H1c5Msd/x9ApbcFA== +"@vue/devtools-api@^7.4.6": + version "7.4.6" + resolved "https://registry.yarnpkg.com/@vue/devtools-api/-/devtools-api-7.4.6.tgz#5e9249d6de3cee58624e511fdc727837b1f2d273" + integrity sha512-XipBV5k0/IfTr0sNBDTg7OBUCp51cYMMXyPxLXJZ4K/wmUeMqt8cVdr2ZZGOFq+si/jTyCYnNxeKoyev5DOUUA== dependencies: - "@vue/devtools-kit" "^7.1.3" + "@vue/devtools-kit" "^7.4.6" -"@vue/devtools-kit@^7.1.3": - version "7.1.3" - resolved "https://registry.yarnpkg.com/@vue/devtools-kit/-/devtools-kit-7.1.3.tgz#0344fd1a926ff535d3be3378e1da8bb71d8430b9" - integrity sha512-NFskFSJMVCBXTkByuk2llzI3KD3Blcm7WqiRorWjD6nClHPgkH5BobDH08rfulqq5ocRt5xV+3qOT1Q9FXJrwQ== +"@vue/devtools-kit@^7.4.6": + version "7.4.6" + resolved "https://registry.yarnpkg.com/@vue/devtools-kit/-/devtools-kit-7.4.6.tgz#80aa30db65bf5b2b0eda4e818749d3c37d80f709" + integrity sha512-NbYBwPWgEic1AOd9bWExz9weBzFdjiIfov0yRn4DrRfR+EQJCI9dn4I0XS7IxYGdkmUJi8mFW42LLk18WsGqew== dependencies: - "@vue/devtools-shared" "^7.1.3" + "@vue/devtools-shared" "^7.4.6" + birpc "^0.2.17" hookable "^5.5.3" mitt "^3.0.1" perfect-debounce "^1.0.0" speakingurl "^14.0.1" + superjson "^2.2.1" -"@vue/devtools-shared@^7.1.3": - version "7.1.3" - resolved "https://registry.yarnpkg.com/@vue/devtools-shared/-/devtools-shared-7.1.3.tgz#f570bba72d53a0c84d1faa19f4d1a29a339c1dc7" - integrity sha512-KJ3AfgjTn3tJz/XKF+BlVShNPecim3G21oHRue+YQOsooW+0s+qXvm09U09aO7yBza5SivL1QgxSrzAbiKWjhQ== +"@vue/devtools-shared@^7.4.6": + version "7.4.6" + resolved "https://registry.yarnpkg.com/@vue/devtools-shared/-/devtools-shared-7.4.6.tgz#492c2301caacc83a32542dd95dfcae3980621417" + integrity sha512-rPeSBzElnHYMB05Cc056BQiJpgocQjY8XVulgni+O9a9Gr9tNXgPteSzFFD+fT/iWMxNuUgGKs9CuW5DZewfIg== dependencies: - rfdc "^1.3.1" + rfdc "^1.4.1" -"@vue/reactivity@3.4.27": - version "3.4.27" - resolved "https://registry.yarnpkg.com/@vue/reactivity/-/reactivity-3.4.27.tgz#6ece72331bf719953f5eaa95ec60b2b8d49e3791" - integrity sha512-kK0g4NknW6JX2yySLpsm2jlunZJl2/RJGZ0H9ddHdfBVHcNzxmQ0sS0b09ipmBoQpY8JM2KmUw+a6sO8Zo+zIA== +"@vue/reactivity@3.5.11": + version "3.5.11" + resolved "https://registry.yarnpkg.com/@vue/reactivity/-/reactivity-3.5.11.tgz#d27df4fba10c2de1c7234701f18247a775b7a391" + integrity sha512-Nqo5VZEn8MJWlCce8XoyVqHZbd5P2NH+yuAaFzuNSR96I+y1cnuUiq7xfSG+kyvLSiWmaHTKP1r3OZY4mMD50w== dependencies: - "@vue/shared" "3.4.27" + "@vue/shared" "3.5.11" -"@vue/runtime-core@3.4.27": - version "3.4.27" - resolved "https://registry.yarnpkg.com/@vue/runtime-core/-/runtime-core-3.4.27.tgz#1b6e1d71e4604ba7442dd25ed22e4a1fc6adbbda" - integrity sha512-7aYA9GEbOOdviqVvcuweTLe5Za4qBZkUY7SvET6vE8kyypxVgaT1ixHLg4urtOlrApdgcdgHoTZCUuTGap/5WA== +"@vue/runtime-core@3.5.11": + version "3.5.11" + resolved "https://registry.yarnpkg.com/@vue/runtime-core/-/runtime-core-3.5.11.tgz#7beccd013efe5d33981ffd6b6e05d0a5b9058316" + integrity sha512-7PsxFGqwfDhfhh0OcDWBG1DaIQIVOLgkwA5q6MtkPiDFjp5gohVnJEahSktwSFLq7R5PtxDKy6WKURVN1UDbzA== dependencies: - "@vue/reactivity" "3.4.27" - "@vue/shared" "3.4.27" + "@vue/reactivity" "3.5.11" + "@vue/shared" "3.5.11" -"@vue/runtime-dom@3.4.27": - version "3.4.27" - resolved "https://registry.yarnpkg.com/@vue/runtime-dom/-/runtime-dom-3.4.27.tgz#fe8d1ce9bbe8921d5dd0ad5c10df0e04ef7a5ee7" - integrity sha512-ScOmP70/3NPM+TW9hvVAz6VWWtZJqkbdf7w6ySsws+EsqtHvkhxaWLecrTorFxsawelM5Ys9FnDEMt6BPBDS0Q== +"@vue/runtime-dom@3.5.11": + version "3.5.11" + resolved "https://registry.yarnpkg.com/@vue/runtime-dom/-/runtime-dom-3.5.11.tgz#14a3181ab7057de41b345b4b3d37b744b3ff8ff5" + integrity sha512-GNghjecT6IrGf0UhuYmpgaOlN7kxzQBhxWEn08c/SQDxv1yy4IXI1bn81JgEpQ4IXjRxWtPyI8x0/7TF5rPfYQ== dependencies: - "@vue/runtime-core" "3.4.27" - "@vue/shared" "3.4.27" + "@vue/reactivity" "3.5.11" + "@vue/runtime-core" "3.5.11" + "@vue/shared" "3.5.11" csstype "^3.1.3" -"@vue/server-renderer@3.4.27": - version "3.4.27" - resolved "https://registry.yarnpkg.com/@vue/server-renderer/-/server-renderer-3.4.27.tgz#3306176f37e648ba665f97dda3ce705687be63d2" - integrity sha512-dlAMEuvmeA3rJsOMJ2J1kXU7o7pOxgsNHVr9K8hB3ImIkSuBrIdy0vF66h8gf8Tuinf1TK3mPAz2+2sqyf3KzA== +"@vue/server-renderer@3.5.11": + version "3.5.11" + resolved "https://registry.yarnpkg.com/@vue/server-renderer/-/server-renderer-3.5.11.tgz#74f558371dfc39f3b0f26f95d089a1a4d1676027" + integrity sha512-cVOwYBxR7Wb1B1FoxYvtjJD8X/9E5nlH4VSkJy2uMA1MzYNdzAAB//l8nrmN9py/4aP+3NjWukf9PZ3TeWULaA== dependencies: - "@vue/compiler-ssr" "3.4.27" - "@vue/shared" "3.4.27" - -"@vue/shared@3.4.27": - version "3.4.27" - resolved "https://registry.yarnpkg.com/@vue/shared/-/shared-3.4.27.tgz#f05e3cd107d157354bb4ae7a7b5fc9cf73c63b50" - integrity sha512-DL3NmY2OFlqmYYrzp39yi3LDkKxa5vZVwxWdQ3rG0ekuWscHraeIbnI8t+aZK7qhYqEqWKTUdijadunb9pnrgA== - -"@vueuse/core@10.9.0", "@vueuse/core@^10.9.0": - version "10.9.0" - resolved "https://registry.yarnpkg.com/@vueuse/core/-/core-10.9.0.tgz#7d779a95cf0189de176fee63cee4ba44b3c85d64" - integrity sha512-/1vjTol8SXnx6xewDEKfS0Ra//ncg4Hb0DaZiwKf7drgfMsKFExQ+FnnENcN6efPen+1kIzhLQoGSy0eDUVOMg== + "@vue/compiler-ssr" "3.5.11" + "@vue/shared" "3.5.11" + +"@vue/shared@3.5.11", "@vue/shared@^3.5.11": + version "3.5.11" + resolved "https://registry.yarnpkg.com/@vue/shared/-/shared-3.5.11.tgz#464b840afc89be9373addff9eeb9dfc98bf3fe2e" + integrity sha512-W8GgysJVnFo81FthhzurdRAWP/byq3q2qIw70e0JWblzVhjgOMiC2GyovXrZTFQJnFVryYaKGP3Tc9vYzYm6PQ== + +"@vueuse/core@11.1.0", "@vueuse/core@^11.1.0": + version "11.1.0" + resolved "https://registry.yarnpkg.com/@vueuse/core/-/core-11.1.0.tgz#a104f33c899a15f3b28d3eb7b20738501a3a5035" + integrity sha512-P6dk79QYA6sKQnghrUz/1tHi0n9mrb/iO1WTMk/ElLmTyNqgDeSZ3wcDf6fRBGzRJbeG1dxzEOvLENMjr+E3fg== dependencies: "@types/web-bluetooth" "^0.0.20" - "@vueuse/metadata" "10.9.0" - "@vueuse/shared" "10.9.0" - vue-demi ">=0.14.7" - -"@vueuse/integrations@^10.9.0": - version "10.9.0" - resolved "https://registry.yarnpkg.com/@vueuse/integrations/-/integrations-10.9.0.tgz#2b1a9556215ad3c1f96d39cbfbef102cf6e0ec05" - integrity sha512-acK+A01AYdWSvL4BZmCoJAcyHJ6EqhmkQEXbQLwev1MY7NBnS+hcEMx/BzVoR9zKI+UqEPMD9u6PsyAuiTRT4Q== + "@vueuse/metadata" "11.1.0" + "@vueuse/shared" "11.1.0" + vue-demi ">=0.14.10" + +"@vueuse/integrations@^11.1.0": + version "11.1.0" + resolved "https://registry.yarnpkg.com/@vueuse/integrations/-/integrations-11.1.0.tgz#1e2c1d43b2d389fc4b4d0a7ee08091665698b9ad" + integrity sha512-O2ZgrAGPy0qAjpoI2YR3egNgyEqwG85fxfwmA9BshRIGjV4G6yu6CfOPpMHAOoCD+UfsIl7Vb1bXJ6ifrHYDDA== dependencies: - "@vueuse/core" "10.9.0" - "@vueuse/shared" "10.9.0" - vue-demi ">=0.14.7" - -"@vueuse/metadata@10.9.0": - version "10.9.0" - resolved "https://registry.yarnpkg.com/@vueuse/metadata/-/metadata-10.9.0.tgz#769a1a9db65daac15cf98084cbf7819ed3758620" - integrity sha512-iddNbg3yZM0X7qFY2sAotomgdHK7YJ6sKUvQqbvwnf7TmaVPxS4EJydcNsVejNdS8iWCtDk+fYXr7E32nyTnGA== - -"@vueuse/shared@10.9.0": - version "10.9.0" - resolved "https://registry.yarnpkg.com/@vueuse/shared/-/shared-10.9.0.tgz#13af2a348de15d07b7be2fd0c7fc9853a69d8fe0" - integrity sha512-Uud2IWncmAfJvRaFYzv5OHDli+FbOzxiVEQdLCKQKLyhz94PIyFC3CHcH7EDMwIn8NPtD06+PNbC/PiO0LGLtw== + "@vueuse/core" "11.1.0" + "@vueuse/shared" "11.1.0" + vue-demi ">=0.14.10" + +"@vueuse/metadata@11.1.0": + version "11.1.0" + resolved "https://registry.yarnpkg.com/@vueuse/metadata/-/metadata-11.1.0.tgz#ad367d2a51d985129724425923b3cf95f0faf27b" + integrity sha512-l9Q502TBTaPYGanl1G+hPgd3QX5s4CGnpXriVBR5fEZ/goI6fvDaVmIl3Td8oKFurOxTmbXvBPSsgrd6eu6HYg== + +"@vueuse/shared@11.1.0": + version "11.1.0" + resolved "https://registry.yarnpkg.com/@vueuse/shared/-/shared-11.1.0.tgz#3bfc3aa555c2a456c21945ec7f127d71938d12e8" + integrity sha512-YUtIpY122q7osj+zsNMFAfMTubGz0sn5QzE5gPzAIiCmtt2ha3uQUY1+JPyL4gRCTsLPX82Y9brNbo/aqlA91w== dependencies: - vue-demi ">=0.14.7" + vue-demi ">=0.14.10" algoliasearch@^4.19.1: version "4.23.3" @@ -579,54 +664,98 @@ algoliasearch@^4.19.1: "@algolia/requester-node-http" "4.23.3" "@algolia/transporter" "4.23.3" +birpc@^0.2.17: + version "0.2.19" + resolved "https://registry.yarnpkg.com/birpc/-/birpc-0.2.19.tgz#cdd183a4a70ba103127d49765b4a71349da5a0ca" + integrity sha512-5WeXXAvTmitV1RqJFppT5QtUiz2p1mRSYU000Jkft5ZUCLJIk4uQriYNO50HknxKwM6jd8utNc66K1qGIwwWBQ== + +ccount@^2.0.0: + version "2.0.1" + resolved "https://registry.yarnpkg.com/ccount/-/ccount-2.0.1.tgz#17a3bf82302e0870d6da43a01311a8bc02a3ecf5" + integrity sha512-eyrF0jiFpY+3drT6383f1qhkbGsLSifNAjA61IUjZjmLCWjItY6LB9ft9YhoDgwfmclB2zhu51Lc7+95b8NRAg== + +character-entities-html4@^2.0.0: + version "2.1.0" + resolved "https://registry.yarnpkg.com/character-entities-html4/-/character-entities-html4-2.1.0.tgz#1f1adb940c971a4b22ba39ddca6b618dc6e56b2b" + integrity sha512-1v7fgQRj6hnSwFpq1Eu0ynr/CDEw0rXo2B61qXrLNdHZmPKgb7fqS1a2JwF0rISo9q77jDI8VMEHoApn8qDoZA== + +character-entities-legacy@^3.0.0: + version "3.0.0" + resolved "https://registry.yarnpkg.com/character-entities-legacy/-/character-entities-legacy-3.0.0.tgz#76bc83a90738901d7bc223a9e93759fdd560125b" + integrity sha512-RpPp0asT/6ufRm//AJVwpViZbGM/MkjQFxJccQRHmISF/22NBtsHqAWmL+/pmkPWoIUJdWyeVleTl1wydHATVQ== + +comma-separated-tokens@^2.0.0: + version "2.0.3" + resolved "https://registry.yarnpkg.com/comma-separated-tokens/-/comma-separated-tokens-2.0.3.tgz#4e89c9458acb61bc8fef19f4529973b2392839ee" + integrity sha512-Fu4hJdvzeylCfQPp9SGWidpzrMs7tTrlu6Vb8XGaRGck8QSNZJJp538Wrb60Lax4fPwR64ViY468OIUTbRlGZg== + +copy-anything@^3.0.2: + version "3.0.5" + resolved "https://registry.yarnpkg.com/copy-anything/-/copy-anything-3.0.5.tgz#2d92dce8c498f790fa7ad16b01a1ae5a45b020a0" + integrity sha512-yCEafptTtb4bk7GLEQoM8KVJpxAfdBJYaXyzQEgQQQgYrZiDp8SJmGKlYza6CYjEDNstAdNdKA3UuoULlEbS6w== + dependencies: + is-what "^4.1.8" + csstype@^3.1.3: version "3.1.3" resolved "https://registry.yarnpkg.com/csstype/-/csstype-3.1.3.tgz#d80ff294d114fb0e6ac500fbf85b60137d7eff81" integrity sha512-M1uQkMl8rQK/szD0LNhtqxIPLpimGm8sOBwU7lLnCpSbTyY3yeU1Vc7l4KT5zT4s/yOxHH5O7tIuuLOCnLADRw== +dequal@^2.0.0: + version "2.0.3" + resolved "https://registry.yarnpkg.com/dequal/-/dequal-2.0.3.tgz#2644214f1997d39ed0ee0ece72335490a7ac67be" + integrity sha512-0je+qPKHEMohvfRTCEo3CrPG6cAzAYgmzKyxRiYSSDkS6eGJdyVJm7WaYA5ECaAD9wLB2T4EEeymA5aFVcYXCA== + +devlop@^1.0.0: + version "1.1.0" + resolved "https://registry.yarnpkg.com/devlop/-/devlop-1.1.0.tgz#4db7c2ca4dc6e0e834c30be70c94bbc976dc7018" + integrity sha512-RWmIqhcFf1lRYBvNmr7qTNuyCt/7/ns2jbpp1+PalgE/rDQcBT0fioSMUpJ93irlUhC5hrg4cYqe6U+0ImW0rA== + dependencies: + dequal "^2.0.0" + entities@^4.5.0: version "4.5.0" resolved "https://registry.yarnpkg.com/entities/-/entities-4.5.0.tgz#5d268ea5e7113ec74c4d033b79ea5a35a488fb48" integrity sha512-V0hjH4dGPh9Ao5p0MoRY6BVqtwCjhz6vI5LT8AJ55H+4g9/4vbHx1I54fS0XuclLhDHArPQCiMjDxjaL8fPxhw== -esbuild@^0.20.1: - version "0.20.2" - resolved "https://registry.yarnpkg.com/esbuild/-/esbuild-0.20.2.tgz#9d6b2386561766ee6b5a55196c6d766d28c87ea1" - integrity sha512-WdOOppmUNU+IbZ0PaDiTst80zjnrOkyJNHoKupIcVyU8Lvla3Ugx94VzkQ32Ijqd7UhHJy75gNWDMUekcrSJ6g== +esbuild@^0.21.3: + version "0.21.5" + resolved "https://registry.yarnpkg.com/esbuild/-/esbuild-0.21.5.tgz#9ca301b120922959b766360d8ac830da0d02997d" + integrity sha512-mg3OPMV4hXywwpoDxu3Qda5xCKQi+vCTZq8S9J/EpkhB2HzKXq4SNFZE3+NK93JYxc8VMSep+lOUSC/RVKaBqw== optionalDependencies: - "@esbuild/aix-ppc64" "0.20.2" - "@esbuild/android-arm" "0.20.2" - "@esbuild/android-arm64" "0.20.2" - "@esbuild/android-x64" "0.20.2" - "@esbuild/darwin-arm64" "0.20.2" - "@esbuild/darwin-x64" "0.20.2" - "@esbuild/freebsd-arm64" "0.20.2" - "@esbuild/freebsd-x64" "0.20.2" - "@esbuild/linux-arm" "0.20.2" - "@esbuild/linux-arm64" "0.20.2" - "@esbuild/linux-ia32" "0.20.2" - "@esbuild/linux-loong64" "0.20.2" - "@esbuild/linux-mips64el" "0.20.2" - "@esbuild/linux-ppc64" "0.20.2" - "@esbuild/linux-riscv64" "0.20.2" - "@esbuild/linux-s390x" "0.20.2" - "@esbuild/linux-x64" "0.20.2" - "@esbuild/netbsd-x64" "0.20.2" - "@esbuild/openbsd-x64" "0.20.2" - "@esbuild/sunos-x64" "0.20.2" - "@esbuild/win32-arm64" "0.20.2" - "@esbuild/win32-ia32" "0.20.2" - "@esbuild/win32-x64" "0.20.2" + "@esbuild/aix-ppc64" "0.21.5" + "@esbuild/android-arm" "0.21.5" + "@esbuild/android-arm64" "0.21.5" + "@esbuild/android-x64" "0.21.5" + "@esbuild/darwin-arm64" "0.21.5" + "@esbuild/darwin-x64" "0.21.5" + "@esbuild/freebsd-arm64" "0.21.5" + "@esbuild/freebsd-x64" "0.21.5" + "@esbuild/linux-arm" "0.21.5" + "@esbuild/linux-arm64" "0.21.5" + "@esbuild/linux-ia32" "0.21.5" + "@esbuild/linux-loong64" "0.21.5" + "@esbuild/linux-mips64el" "0.21.5" + "@esbuild/linux-ppc64" "0.21.5" + "@esbuild/linux-riscv64" "0.21.5" + "@esbuild/linux-s390x" "0.21.5" + "@esbuild/linux-x64" "0.21.5" + "@esbuild/netbsd-x64" "0.21.5" + "@esbuild/openbsd-x64" "0.21.5" + "@esbuild/sunos-x64" "0.21.5" + "@esbuild/win32-arm64" "0.21.5" + "@esbuild/win32-ia32" "0.21.5" + "@esbuild/win32-x64" "0.21.5" estree-walker@^2.0.2: version "2.0.2" resolved "https://registry.yarnpkg.com/estree-walker/-/estree-walker-2.0.2.tgz#52f010178c2a4c117a7757cfe942adb7d2da4cac" integrity sha512-Rfkk/Mp/DL7JVje3u18FxFujQlTNR2q6QfMSMB7AvCBx91NGj/ba3kCfza0f6dVDbw7YlRf/nDrn7pQrCCyQ/w== -focus-trap@^7.5.4: - version "7.5.4" - resolved "https://registry.yarnpkg.com/focus-trap/-/focus-trap-7.5.4.tgz#6c4e342fe1dae6add9c2aa332a6e7a0bbd495ba2" - integrity sha512-N7kHdlgsO/v+iD/dMoJKtsSqs5Dz/dXZVebRgJw23LDk+jMi/974zyiOYDziY2JPp8xivq9BmUGwIJMiuSBi7w== +focus-trap@^7.6.0: + version "7.6.0" + resolved "https://registry.yarnpkg.com/focus-trap/-/focus-trap-7.6.0.tgz#7f3edab8135eaca92ab59b6e963eb5cc42ded715" + integrity sha512-1td0l3pMkWJLFipobUcGaf+5DTY4PLDDrcqoSaKP8ediO/CoWCCYk/fT/Y2A4e6TNB+Sh6clRJCjOPPnKoNHnQ== dependencies: tabbable "^6.2.0" @@ -635,27 +764,108 @@ fsevents@~2.3.2, fsevents@~2.3.3: resolved "https://registry.yarnpkg.com/fsevents/-/fsevents-2.3.3.tgz#cac6407785d03675a2a5e1a5305c697b347d90d6" integrity sha512-5xoDfX+fL7faATnagmWPpbFtwh/R77WmMMqqHGS65C3vvB0YHrgF+B1YmZ3441tMj5n63k0212XNoJwzlhffQw== +hast-util-to-html@^9.0.3: + version "9.0.3" + resolved "https://registry.yarnpkg.com/hast-util-to-html/-/hast-util-to-html-9.0.3.tgz#a9999a0ba6b4919576a9105129fead85d37f302b" + integrity sha512-M17uBDzMJ9RPCqLMO92gNNUDuBSq10a25SDBI08iCCxmorf4Yy6sYHK57n9WAbRAAaU+DuR4W6GN9K4DFZesYg== + dependencies: + "@types/hast" "^3.0.0" + "@types/unist" "^3.0.0" + ccount "^2.0.0" + comma-separated-tokens "^2.0.0" + hast-util-whitespace "^3.0.0" + html-void-elements "^3.0.0" + mdast-util-to-hast "^13.0.0" + property-information "^6.0.0" + space-separated-tokens "^2.0.0" + stringify-entities "^4.0.0" + zwitch "^2.0.4" + +hast-util-whitespace@^3.0.0: + version "3.0.0" + resolved "https://registry.yarnpkg.com/hast-util-whitespace/-/hast-util-whitespace-3.0.0.tgz#7778ed9d3c92dd9e8c5c8f648a49c21fc51cb621" + integrity sha512-88JUN06ipLwsnv+dVn+OIYOvAuvBMy/Qoi6O7mQHxdPXpjy+Cd6xRkWwux7DKO+4sYILtLBRIKgsdpS2gQc7qw== + dependencies: + "@types/hast" "^3.0.0" + hookable@^5.5.3: version "5.5.3" resolved "https://registry.yarnpkg.com/hookable/-/hookable-5.5.3.tgz#6cfc358984a1ef991e2518cb9ed4a778bbd3215d" integrity sha512-Yc+BQe8SvoXH1643Qez1zqLRmbA5rCL+sSmk6TVos0LWVfNIB7PGncdlId77WzLGSIB5KaWgTaNTs2lNVEI6VQ== -magic-string@^0.30.10: - version "0.30.10" - resolved "https://registry.yarnpkg.com/magic-string/-/magic-string-0.30.10.tgz#123d9c41a0cb5640c892b041d4cfb3bd0aa4b39e" - integrity sha512-iIRwTIf0QKV3UAnYK4PU8uiEc4SRh5jX0mwpIwETPpHdhVM4f53RSwS/vXvN1JhGX+Cs7B8qIq3d6AH49O5fAQ== +html-void-elements@^3.0.0: + version "3.0.0" + resolved "https://registry.yarnpkg.com/html-void-elements/-/html-void-elements-3.0.0.tgz#fc9dbd84af9e747249034d4d62602def6517f1d7" + integrity sha512-bEqo66MRXsUGxWHV5IP0PUiAWwoEjba4VCzg0LjFJBpchPaTfyfCKTG6bc5F8ucKec3q5y6qOdGyYTSBEvhCrg== + +is-what@^4.1.8: + version "4.1.16" + resolved "https://registry.yarnpkg.com/is-what/-/is-what-4.1.16.tgz#1ad860a19da8b4895ad5495da3182ce2acdd7a6f" + integrity sha512-ZhMwEosbFJkA0YhFnNDgTM4ZxDRsS6HqTo7qsZM08fehyRYIYa0yHu5R6mgo1n/8MgaPBXiPimPD77baVFYg+A== + +magic-string@^0.30.11: + version "0.30.11" + resolved "https://registry.yarnpkg.com/magic-string/-/magic-string-0.30.11.tgz#301a6f93b3e8c2cb13ac1a7a673492c0dfd12954" + integrity sha512-+Wri9p0QHMy+545hKww7YAu5NyzF8iomPL/RQazugQ9+Ez4Ic3mERMd8ZTX5rfK944j+560ZJi8iAwgak1Ac7A== dependencies: - "@jridgewell/sourcemap-codec" "^1.4.15" + "@jridgewell/sourcemap-codec" "^1.5.0" mark.js@8.11.1: version "8.11.1" resolved "https://registry.yarnpkg.com/mark.js/-/mark.js-8.11.1.tgz#180f1f9ebef8b0e638e4166ad52db879beb2ffc5" integrity sha512-1I+1qpDt4idfgLQG+BNWmrqku+7/2bi5nLf4YwF8y8zXvmfiTBY3PV3ZibfrjBueCByROpuBjLLFCajqkgYoLQ== -minisearch@^6.3.0: - version "6.3.0" - resolved "https://registry.yarnpkg.com/minisearch/-/minisearch-6.3.0.tgz#985a2f1ca3c73c2d65af94f0616bfe57164b0b6b" - integrity sha512-ihFnidEeU8iXzcVHy74dhkxh/dn8Dc08ERl0xwoMMGqp4+LvRSCgicb+zGqWthVokQKvCSxITlh3P08OzdTYCQ== +mdast-util-to-hast@^13.0.0: + version "13.2.0" + resolved "https://registry.yarnpkg.com/mdast-util-to-hast/-/mdast-util-to-hast-13.2.0.tgz#5ca58e5b921cc0a3ded1bc02eed79a4fe4fe41f4" + integrity sha512-QGYKEuUsYT9ykKBCMOEDLsU5JRObWQusAolFMeko/tYPufNkRffBAQjIE+99jbA87xv6FgmjLtwjh9wBWajwAA== + dependencies: + "@types/hast" "^3.0.0" + "@types/mdast" "^4.0.0" + "@ungap/structured-clone" "^1.0.0" + devlop "^1.0.0" + micromark-util-sanitize-uri "^2.0.0" + trim-lines "^3.0.0" + unist-util-position "^5.0.0" + unist-util-visit "^5.0.0" + vfile "^6.0.0" + +micromark-util-character@^2.0.0: + version "2.1.0" + resolved "https://registry.yarnpkg.com/micromark-util-character/-/micromark-util-character-2.1.0.tgz#31320ace16b4644316f6bf057531689c71e2aee1" + integrity sha512-KvOVV+X1yLBfs9dCBSopq/+G1PcgT3lAK07mC4BzXi5E7ahzMAF8oIupDDJ6mievI6F+lAATkbQQlQixJfT3aQ== + dependencies: + micromark-util-symbol "^2.0.0" + micromark-util-types "^2.0.0" + +micromark-util-encode@^2.0.0: + version "2.0.0" + resolved "https://registry.yarnpkg.com/micromark-util-encode/-/micromark-util-encode-2.0.0.tgz#0921ac7953dc3f1fd281e3d1932decfdb9382ab1" + integrity sha512-pS+ROfCXAGLWCOc8egcBvT0kf27GoWMqtdarNfDcjb6YLuV5cM3ioG45Ys2qOVqeqSbjaKg72vU+Wby3eddPsA== + +micromark-util-sanitize-uri@^2.0.0: + version "2.0.0" + resolved "https://registry.yarnpkg.com/micromark-util-sanitize-uri/-/micromark-util-sanitize-uri-2.0.0.tgz#ec8fbf0258e9e6d8f13d9e4770f9be64342673de" + integrity sha512-WhYv5UEcZrbAtlsnPuChHUAsu/iBPOVaEVsntLBIdpibO0ddy8OzavZz3iL2xVvBZOpolujSliP65Kq0/7KIYw== + dependencies: + micromark-util-character "^2.0.0" + micromark-util-encode "^2.0.0" + micromark-util-symbol "^2.0.0" + +micromark-util-symbol@^2.0.0: + version "2.0.0" + resolved "https://registry.yarnpkg.com/micromark-util-symbol/-/micromark-util-symbol-2.0.0.tgz#12225c8f95edf8b17254e47080ce0862d5db8044" + integrity sha512-8JZt9ElZ5kyTnO94muPxIGS8oyElRJaiJO8EzV6ZSyGQ1Is8xwl4Q45qU5UOg+bGH4AikWziz0iN4sFLWs8PGw== + +micromark-util-types@^2.0.0: + version "2.0.0" + resolved "https://registry.yarnpkg.com/micromark-util-types/-/micromark-util-types-2.0.0.tgz#63b4b7ffeb35d3ecf50d1ca20e68fc7caa36d95e" + integrity sha512-oNh6S2WMHWRZrmutsRmDDfkzKtxF+bc2VxLC9dvtrDIRFln627VsFP6fLMgTryGDljgLPjkrzQSDcPrjPyDJ5w== + +minisearch@^7.1.0: + version "7.1.0" + resolved "https://registry.yarnpkg.com/minisearch/-/minisearch-7.1.0.tgz#f5830e9109b5919ee7b291c29a304f381aa68770" + integrity sha512-tv7c/uefWdEhcu6hvrfTihflgeEi2tN6VV7HJnCjK6VxM75QQJh4t9FwJCsA2EsRS8LCnu3W87CuGPWMocOLCA== mitt@^3.0.1: version "3.0.1" @@ -667,126 +877,244 @@ nanoid@^3.3.7: resolved "https://registry.yarnpkg.com/nanoid/-/nanoid-3.3.7.tgz#d0c301a691bc8d54efa0a2226ccf3fe2fd656bd8" integrity sha512-eSRppjcPIatRIMC1U6UngP8XFcz8MQWGQdt1MTBQ7NaAmvXDfvNxbvWV3x2y6CdEUciCSsDHDQZbhYaB8QEo2g== +oniguruma-to-js@0.4.3: + version "0.4.3" + resolved "https://registry.yarnpkg.com/oniguruma-to-js/-/oniguruma-to-js-0.4.3.tgz#8d899714c21f5c7d59a3c0008ca50e848086d740" + integrity sha512-X0jWUcAlxORhOqqBREgPMgnshB7ZGYszBNspP+tS9hPD3l13CdaXcHbgImoHUHlrvGx/7AvFEkTRhAGYh+jzjQ== + dependencies: + regex "^4.3.2" + perfect-debounce@^1.0.0: version "1.0.0" resolved "https://registry.yarnpkg.com/perfect-debounce/-/perfect-debounce-1.0.0.tgz#9c2e8bc30b169cc984a58b7d5b28049839591d2a" integrity sha512-xCy9V055GLEqoFaHoC1SoLIaLmWctgCUaBaWxDZ7/Zx4CTyX7cJQLJOok/orfjZAh9kEYpjJa4d0KcJmCbctZA== -picocolors@^1.0.0: - version "1.0.0" - resolved "https://registry.yarnpkg.com/picocolors/-/picocolors-1.0.0.tgz#cb5bdc74ff3f51892236eaf79d68bc44564ab81c" - integrity sha512-1fygroTLlHu66zi26VoTDv8yRgm0Fccecssto+MhsZ0D/DGW2sm8E8AjW7NU5VVTRt5GxbeZ5qBuJr+HyLYkjQ== +picocolors@^1.1.0: + version "1.1.0" + resolved "https://registry.yarnpkg.com/picocolors/-/picocolors-1.1.0.tgz#5358b76a78cde483ba5cef6a9dc9671440b27d59" + integrity sha512-TQ92mBOW0l3LeMeyLV6mzy/kWr8lkd/hp3mTg7wYK7zJhuBStmGMBG0BdeDZS/dZx1IukaX6Bk11zcln25o1Aw== -postcss@^8.4.38: - version "8.4.38" - resolved "https://registry.yarnpkg.com/postcss/-/postcss-8.4.38.tgz#b387d533baf2054288e337066d81c6bee9db9e0e" - integrity sha512-Wglpdk03BSfXkHoQa3b/oulrotAkwrlLDRSOb9D0bN86FdRyE9lppSp33aHNPgBa0JKCoB+drFLZkQoRRYae5A== +postcss@^8.4.43, postcss@^8.4.47: + version "8.4.47" + resolved "https://registry.yarnpkg.com/postcss/-/postcss-8.4.47.tgz#5bf6c9a010f3e724c503bf03ef7947dcb0fea365" + integrity sha512-56rxCq7G/XfB4EkXq9Egn5GCqugWvDFjafDOThIdMBsI15iqPqR5r15TfSr1YPYeEI19YeaXMCbY6u88Y76GLQ== dependencies: nanoid "^3.3.7" - picocolors "^1.0.0" - source-map-js "^1.2.0" + picocolors "^1.1.0" + source-map-js "^1.2.1" preact@^10.0.0: version "10.21.0" resolved "https://registry.yarnpkg.com/preact/-/preact-10.21.0.tgz#5b0335c873a1724deb66e517830db4fd310c24f6" integrity sha512-aQAIxtzWEwH8ou+OovWVSVNlFImL7xUCwJX3YMqA3U8iKCNC34999fFOnWjYNsylgfPgMexpbk7WYOLtKr/mxg== -rfdc@^1.3.1: - version "1.3.1" - resolved "https://registry.yarnpkg.com/rfdc/-/rfdc-1.3.1.tgz#2b6d4df52dffe8bb346992a10ea9451f24373a8f" - integrity sha512-r5a3l5HzYlIC68TpmYKlxWjmOP6wiPJ1vWv2HeLhNsRZMrCkxeqxiHlQ21oXmQ4F3SiryXBHhAD7JZqvOJjFmg== - -rollup@^4.13.0: - version "4.22.4" - resolved "https://registry.yarnpkg.com/rollup/-/rollup-4.22.4.tgz#4135a6446671cd2a2453e1ad42a45d5973ec3a0f" - integrity sha512-vD8HJ5raRcWOyymsR6Z3o6+RzfEPCnVLMFJ6vRslO1jt4LO6dUo5Qnpg7y4RkZFM2DMe3WUirkI5c16onjrc6A== +property-information@^6.0.0: + version "6.5.0" + resolved "https://registry.yarnpkg.com/property-information/-/property-information-6.5.0.tgz#6212fbb52ba757e92ef4fb9d657563b933b7ffec" + integrity sha512-PgTgs/BlvHxOu8QuEN7wi5A0OmXaBcHpmCSTehcs6Uuu9IkDIEo13Hy7n898RHfrQ49vKCoGeWZSaAK01nwVig== + +regex@^4.3.2: + version "4.3.3" + resolved "https://registry.yarnpkg.com/regex/-/regex-4.3.3.tgz#8cda73ccbdfa7c5691881d02f9bb142dba9daa6a" + integrity sha512-r/AadFO7owAq1QJVeZ/nq9jNS1vyZt+6t1p/E59B56Rn2GCya+gr1KSyOzNL/er+r+B7phv5jG2xU2Nz1YkmJg== + +rfdc@^1.4.1: + version "1.4.1" + resolved "https://registry.yarnpkg.com/rfdc/-/rfdc-1.4.1.tgz#778f76c4fb731d93414e8f925fbecf64cce7f6ca" + integrity sha512-q1b3N5QkRUWUl7iyylaaj3kOpIT0N2i9MqIEQXP73GVsN9cw3fdx8X63cEmWhJGi2PPCF23Ijp7ktmd39rawIA== + +rollup@^4.20.0: + version "4.24.0" + resolved "https://registry.yarnpkg.com/rollup/-/rollup-4.24.0.tgz#c14a3576f20622ea6a5c9cad7caca5e6e9555d05" + integrity sha512-DOmrlGSXNk1DM0ljiQA+i+o0rSLhtii1je5wgk60j49d1jHT5YYttBv1iWOnYSTG+fZZESUOSNiAl89SIet+Cg== dependencies: - "@types/estree" "1.0.5" + "@types/estree" "1.0.6" optionalDependencies: - "@rollup/rollup-android-arm-eabi" "4.22.4" - "@rollup/rollup-android-arm64" "4.22.4" - "@rollup/rollup-darwin-arm64" "4.22.4" - "@rollup/rollup-darwin-x64" "4.22.4" - "@rollup/rollup-linux-arm-gnueabihf" "4.22.4" - "@rollup/rollup-linux-arm-musleabihf" "4.22.4" - "@rollup/rollup-linux-arm64-gnu" "4.22.4" - "@rollup/rollup-linux-arm64-musl" "4.22.4" - "@rollup/rollup-linux-powerpc64le-gnu" "4.22.4" - "@rollup/rollup-linux-riscv64-gnu" "4.22.4" - "@rollup/rollup-linux-s390x-gnu" "4.22.4" - "@rollup/rollup-linux-x64-gnu" "4.22.4" - "@rollup/rollup-linux-x64-musl" "4.22.4" - "@rollup/rollup-win32-arm64-msvc" "4.22.4" - "@rollup/rollup-win32-ia32-msvc" "4.22.4" - "@rollup/rollup-win32-x64-msvc" "4.22.4" + "@rollup/rollup-android-arm-eabi" "4.24.0" + "@rollup/rollup-android-arm64" "4.24.0" + "@rollup/rollup-darwin-arm64" "4.24.0" + "@rollup/rollup-darwin-x64" "4.24.0" + "@rollup/rollup-linux-arm-gnueabihf" "4.24.0" + "@rollup/rollup-linux-arm-musleabihf" "4.24.0" + "@rollup/rollup-linux-arm64-gnu" "4.24.0" + "@rollup/rollup-linux-arm64-musl" "4.24.0" + "@rollup/rollup-linux-powerpc64le-gnu" "4.24.0" + "@rollup/rollup-linux-riscv64-gnu" "4.24.0" + "@rollup/rollup-linux-s390x-gnu" "4.24.0" + "@rollup/rollup-linux-x64-gnu" "4.24.0" + "@rollup/rollup-linux-x64-musl" "4.24.0" + "@rollup/rollup-win32-arm64-msvc" "4.24.0" + "@rollup/rollup-win32-ia32-msvc" "4.24.0" + "@rollup/rollup-win32-x64-msvc" "4.24.0" fsevents "~2.3.2" -shiki@1.5.0, shiki@^1.3.0: - version "1.5.0" - resolved "https://registry.yarnpkg.com/shiki/-/shiki-1.5.0.tgz#32c5f2f6233a84e8f798ee7a2762dbbee3a6d7c3" - integrity sha512-AMax9zrUW8u8bnvNhnmAD9mHzk244mWCDBZm+zh4Ir3lzncF/sGUcVd5gpy0IlWvOKBUUJ8uu/BFpusGJ/PdVw== +shiki@1.22.0, shiki@^1.22.0: + version "1.22.0" + resolved "https://registry.yarnpkg.com/shiki/-/shiki-1.22.0.tgz#45d1dfff0e03a598af70e2ec8592f14ef07827b4" + integrity sha512-/t5LlhNs+UOKQCYBtl5ZsH/Vclz73GIqT2yQsCBygr8L/ppTdmpL4w3kPLoZJbMKVWtoG77Ue1feOjZfDxvMkw== dependencies: - "@shikijs/core" "1.5.0" + "@shikijs/core" "1.22.0" + "@shikijs/engine-javascript" "1.22.0" + "@shikijs/engine-oniguruma" "1.22.0" + "@shikijs/types" "1.22.0" + "@shikijs/vscode-textmate" "^9.3.0" + "@types/hast" "^3.0.4" source-map-js@^1.2.0: version "1.2.0" resolved "https://registry.yarnpkg.com/source-map-js/-/source-map-js-1.2.0.tgz#16b809c162517b5b8c3e7dcd315a2a5c2612b2af" integrity sha512-itJW8lvSA0TXEphiRoawsCksnlf8SyvmFzIhltqAHluXd88pkCd+cXJVHTDwdCr0IzwptSm035IHQktUu1QUMg== +source-map-js@^1.2.1: + version "1.2.1" + resolved "https://registry.yarnpkg.com/source-map-js/-/source-map-js-1.2.1.tgz#1ce5650fddd87abc099eda37dcff024c2667ae46" + integrity sha512-UXWMKhLOwVKb728IUtQPXxfYU+usdybtUrK/8uGE8CQMvrhOpwvzDBwj0QhSL7MQc7vIsISBG8VQ8+IDQxpfQA== + +space-separated-tokens@^2.0.0: + version "2.0.2" + resolved "https://registry.yarnpkg.com/space-separated-tokens/-/space-separated-tokens-2.0.2.tgz#1ecd9d2350a3844572c3f4a312bceb018348859f" + integrity sha512-PEGlAwrG8yXGXRjW32fGbg66JAlOAwbObuqVoJpv/mRgoWDQfgH1wDPvtzWyUSNAXBGSk8h755YDbbcEy3SH2Q== + speakingurl@^14.0.1: version "14.0.1" resolved "https://registry.yarnpkg.com/speakingurl/-/speakingurl-14.0.1.tgz#f37ec8ddc4ab98e9600c1c9ec324a8c48d772a53" integrity sha512-1POYv7uv2gXoyGFpBCmpDVSNV74IfsWlDW216UPjbWufNf+bSU6GdbDsxdcxtfwb4xlI3yxzOTKClUosxARYrQ== +stringify-entities@^4.0.0: + version "4.0.4" + resolved "https://registry.yarnpkg.com/stringify-entities/-/stringify-entities-4.0.4.tgz#b3b79ef5f277cc4ac73caeb0236c5ba939b3a4f3" + integrity sha512-IwfBptatlO+QCJUo19AqvrPNqlVMpW9YEL2LIVY+Rpv2qsjCGxaDLNRgeGsQWJhfItebuJhsGSLjaBbNSQ+ieg== + dependencies: + character-entities-html4 "^2.0.0" + character-entities-legacy "^3.0.0" + +superjson@^2.2.1: + version "2.2.1" + resolved "https://registry.yarnpkg.com/superjson/-/superjson-2.2.1.tgz#9377a7fa80fedb10c851c9dbffd942d4bcf79733" + integrity sha512-8iGv75BYOa0xRJHK5vRLEjE2H/i4lulTjzpUXic3Eg8akftYjkmQDa8JARQ42rlczXyFR3IeRoeFCc7RxHsYZA== + dependencies: + copy-anything "^3.0.2" + tabbable@^6.2.0: version "6.2.0" resolved "https://registry.yarnpkg.com/tabbable/-/tabbable-6.2.0.tgz#732fb62bc0175cfcec257330be187dcfba1f3b97" integrity sha512-Cat63mxsVJlzYvN51JmVXIgNoUokrIaT2zLclCXjRd8boZ0004U4KCs/sToJ75C6sdlByWxpYnb5Boif1VSFew== -vite@^5.2.10: - version "5.2.11" - resolved "https://registry.yarnpkg.com/vite/-/vite-5.2.11.tgz#726ec05555431735853417c3c0bfb36003ca0cbd" - integrity sha512-HndV31LWW05i1BLPMUCE1B9E9GFbOu1MbenhS58FuK6owSO5qHm7GiCotrNY1YE5rMeQSFBGmT5ZaLEjFizgiQ== +to-fast-properties@^2.0.0: + version "2.0.0" + resolved "https://registry.yarnpkg.com/to-fast-properties/-/to-fast-properties-2.0.0.tgz#dc5e698cbd079265bc73e0377681a4e4e83f616e" + integrity sha512-/OaKK0xYrs3DmxRYqL/yDc+FxFUVYhDlXMhRmv3z915w2HF1tnN1omB354j8VUGO/hbRzyD6Y3sA7v7GS/ceog== + +trim-lines@^3.0.0: + version "3.0.1" + resolved "https://registry.yarnpkg.com/trim-lines/-/trim-lines-3.0.1.tgz#d802e332a07df861c48802c04321017b1bd87338" + integrity sha512-kRj8B+YHZCc9kQYdWfJB2/oUl9rA99qbowYYBtr4ui4mZyAQ2JpvVBd/6U2YloATfqBhBTSMhTpgBHtU0Mf3Rg== + +unist-util-is@^6.0.0: + version "6.0.0" + resolved "https://registry.yarnpkg.com/unist-util-is/-/unist-util-is-6.0.0.tgz#b775956486aff107a9ded971d996c173374be424" + integrity sha512-2qCTHimwdxLfz+YzdGfkqNlH0tLi9xjTnHddPmJwtIG9MGsdbutfTc4P+haPD7l7Cjxf/WZj+we5qfVPvvxfYw== + dependencies: + "@types/unist" "^3.0.0" + +unist-util-position@^5.0.0: + version "5.0.0" + resolved "https://registry.yarnpkg.com/unist-util-position/-/unist-util-position-5.0.0.tgz#678f20ab5ca1207a97d7ea8a388373c9cf896be4" + integrity sha512-fucsC7HjXvkB5R3kTCO7kUjRdrS0BJt3M/FPxmHMBOm8JQi2BsHAHFsy27E0EolP8rp0NzXsJ+jNPyDWvOJZPA== dependencies: - esbuild "^0.20.1" - postcss "^8.4.38" - rollup "^4.13.0" + "@types/unist" "^3.0.0" + +unist-util-stringify-position@^4.0.0: + version "4.0.0" + resolved "https://registry.yarnpkg.com/unist-util-stringify-position/-/unist-util-stringify-position-4.0.0.tgz#449c6e21a880e0855bf5aabadeb3a740314abac2" + integrity sha512-0ASV06AAoKCDkS2+xw5RXJywruurpbC4JZSm7nr7MOt1ojAzvyyaO+UxZf18j8FCF6kmzCZKcAgN/yu2gm2XgQ== + dependencies: + "@types/unist" "^3.0.0" + +unist-util-visit-parents@^6.0.0: + version "6.0.1" + resolved "https://registry.yarnpkg.com/unist-util-visit-parents/-/unist-util-visit-parents-6.0.1.tgz#4d5f85755c3b8f0dc69e21eca5d6d82d22162815" + integrity sha512-L/PqWzfTP9lzzEa6CKs0k2nARxTdZduw3zyh8d2NVBnsyvHjSX4TWse388YrrQKbvI8w20fGjGlhgT96WwKykw== + dependencies: + "@types/unist" "^3.0.0" + unist-util-is "^6.0.0" + +unist-util-visit@^5.0.0: + version "5.0.0" + resolved "https://registry.yarnpkg.com/unist-util-visit/-/unist-util-visit-5.0.0.tgz#a7de1f31f72ffd3519ea71814cccf5fd6a9217d6" + integrity sha512-MR04uvD+07cwl/yhVuVWAtw+3GOR/knlL55Nd/wAdblk27GCVt3lqpTivy/tkJcZoNPzTwS1Y+KMojlLDhoTzg== + dependencies: + "@types/unist" "^3.0.0" + unist-util-is "^6.0.0" + unist-util-visit-parents "^6.0.0" + +vfile-message@^4.0.0: + version "4.0.2" + resolved "https://registry.yarnpkg.com/vfile-message/-/vfile-message-4.0.2.tgz#c883c9f677c72c166362fd635f21fc165a7d1181" + integrity sha512-jRDZ1IMLttGj41KcZvlrYAaI3CfqpLpfpf+Mfig13viT6NKvRzWZ+lXz0Y5D60w6uJIBAOGq9mSHf0gktF0duw== + dependencies: + "@types/unist" "^3.0.0" + unist-util-stringify-position "^4.0.0" + +vfile@^6.0.0: + version "6.0.3" + resolved "https://registry.yarnpkg.com/vfile/-/vfile-6.0.3.tgz#3652ab1c496531852bf55a6bac57af981ebc38ab" + integrity sha512-KzIbH/9tXat2u30jf+smMwFCsno4wHVdNmzFyL+T/L3UGqqk6JKfVqOFOZEpZSHADH1k40ab6NUIXZq422ov3Q== + dependencies: + "@types/unist" "^3.0.0" + vfile-message "^4.0.0" + +vite@^5.4.8: + version "5.4.8" + resolved "https://registry.yarnpkg.com/vite/-/vite-5.4.8.tgz#af548ce1c211b2785478d3ba3e8da51e39a287e8" + integrity sha512-FqrItQ4DT1NC4zCUqMB4c4AZORMKIa0m8/URVCZ77OZ/QSNeJ54bU1vrFADbDsuwfIPcgknRkmqakQcgnL4GiQ== + dependencies: + esbuild "^0.21.3" + postcss "^8.4.43" + rollup "^4.20.0" optionalDependencies: fsevents "~2.3.3" -vitepress@^1.1.4: - version "1.1.4" - resolved "https://registry.yarnpkg.com/vitepress/-/vitepress-1.1.4.tgz#f715acab50059e0c75d1414fa1b8f31762f43804" - integrity sha512-bWIzFZXpPB6NIDBuWnS20aMADH+FcFKDfQNYFvbOWij03PR29eImTceQHIzCKordjXYBhM/TjE5VKFTUJ3EheA== - dependencies: - "@docsearch/css" "^3.6.0" - "@docsearch/js" "^3.6.0" - "@shikijs/core" "^1.3.0" - "@shikijs/transformers" "^1.3.0" - "@types/markdown-it" "^14.0.1" - "@vitejs/plugin-vue" "^5.0.4" - "@vue/devtools-api" "^7.0.27" - "@vueuse/core" "^10.9.0" - "@vueuse/integrations" "^10.9.0" - focus-trap "^7.5.4" +vitepress@^1.4.0: + version "1.4.0" + resolved "https://registry.yarnpkg.com/vitepress/-/vitepress-1.4.0.tgz#5e879230d98e5c4e5aec91daade6945bbc18934b" + integrity sha512-JXCv4EsKTDyAFb6C/UjZr7nsGAzZ6mafVk2rx7rG5o8N+B/4QstIk+iEOe/9dKoU6V624UIC6g1pZ+K63rxhlw== + dependencies: + "@docsearch/css" "^3.6.2" + "@docsearch/js" "^3.6.2" + "@shikijs/core" "^1.22.0" + "@shikijs/transformers" "^1.22.0" + "@shikijs/types" "^1.22.0" + "@types/markdown-it" "^14.1.2" + "@vitejs/plugin-vue" "^5.1.4" + "@vue/devtools-api" "^7.4.6" + "@vue/shared" "^3.5.11" + "@vueuse/core" "^11.1.0" + "@vueuse/integrations" "^11.1.0" + focus-trap "^7.6.0" mark.js "8.11.1" - minisearch "^6.3.0" - shiki "^1.3.0" - vite "^5.2.10" - vue "^3.4.25" - -vue-demi@>=0.14.7: - version "0.14.7" - resolved "https://registry.yarnpkg.com/vue-demi/-/vue-demi-0.14.7.tgz#8317536b3ef74c5b09f268f7782e70194567d8f2" - integrity sha512-EOG8KXDQNwkJILkx/gPcoL/7vH+hORoBaKgGe+6W7VFMvCYJfmF2dGbvgDroVnI8LU7/kTu8mbjRZGBU1z9NTA== - -vue@^3.4.25: - version "3.4.27" - resolved "https://registry.yarnpkg.com/vue/-/vue-3.4.27.tgz#40b7d929d3e53f427f7f5945386234d2854cc2a1" - integrity sha512-8s/56uK6r01r1icG/aEOHqyMVxd1bkYcSe9j8HcKtr/xTOFWvnzIVTehNW+5Yt89f+DLBe4A569pnZLS5HzAMA== - dependencies: - "@vue/compiler-dom" "3.4.27" - "@vue/compiler-sfc" "3.4.27" - "@vue/runtime-dom" "3.4.27" - "@vue/server-renderer" "3.4.27" - "@vue/shared" "3.4.27" + minisearch "^7.1.0" + shiki "^1.22.0" + vite "^5.4.8" + vue "^3.5.11" + +vue-demi@>=0.14.10: + version "0.14.10" + resolved "https://registry.yarnpkg.com/vue-demi/-/vue-demi-0.14.10.tgz#afc78de3d6f9e11bf78c55e8510ee12814522f04" + integrity sha512-nMZBOwuzabUO0nLgIcc6rycZEebF6eeUfaiQx9+WSk8e29IbLvPU9feI6tqW4kTo3hvoYAJkMh8n8D0fuISphg== + +vue@^3.5.11: + version "3.5.11" + resolved "https://registry.yarnpkg.com/vue/-/vue-3.5.11.tgz#3e307183797629f701e303a0a008f517ae031483" + integrity sha512-/8Wurrd9J3lb72FTQS7gRMNQD4nztTtKPmuDuPuhqXmmpD6+skVjAeahNpVzsuky6Sy9gy7wn8UadqPtt9SQIg== + dependencies: + "@vue/compiler-dom" "3.5.11" + "@vue/compiler-sfc" "3.5.11" + "@vue/runtime-dom" "3.5.11" + "@vue/server-renderer" "3.5.11" + "@vue/shared" "3.5.11" + +zwitch@^2.0.4: + version "2.0.4" + resolved "https://registry.yarnpkg.com/zwitch/-/zwitch-2.0.4.tgz#c827d4b0acb76fc3e685a4c6ec2902d51070e9d7" + integrity sha512-bXE4cR/kVZhKZX/RjPEflHaKVhUVl85noU3v6b8apfQEc1x4A+zBxjZ4lN8LqGd6WZ3dl98pY4o717VFmoPp+A== From a08d18bdb2df48592e6d95da9372b4e9cda2bab0 Mon Sep 17 00:00:00 2001 From: Jamie Curnow Date: Fri, 11 Oct 2024 14:04:24 +1000 Subject: [PATCH 035/175] Remove broken script --- scripts/test-dev | 13 ------------- 1 file changed, 13 deletions(-) delete mode 100755 scripts/test-dev diff --git a/scripts/test-dev b/scripts/test-dev deleted file mode 100755 index f75527b7e..000000000 --- a/scripts/test-dev +++ /dev/null @@ -1,13 +0,0 @@ -#!/bin/bash -e - -DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)" -. "$DIR/.common.sh" - -# Ensure docker-compose exists -if hash docker-compose 2>/dev/null; then - cd "${DIR}/.." - echo -e "${BLUE}❯ ${CYAN}Testing Dev Stack ...${RESET}" - docker-compose exec -T npm bash -c "cd /app && task test" -else - echo -e "${RED}❯ docker-compose command is not available${RESET}" -fi From 3a2617e6bf24d91a0c19d63779d3d2871fa718b7 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Fri, 11 Oct 2024 04:06:40 +0000 Subject: [PATCH 036/175] Bump braces from 3.0.2 to 3.0.3 in /test Bumps [braces](https://github.com/micromatch/braces) from 3.0.2 to 3.0.3. - [Changelog](https://github.com/micromatch/braces/blob/master/CHANGELOG.md) - [Commits](https://github.com/micromatch/braces/compare/3.0.2...3.0.3) --- updated-dependencies: - dependency-name: braces dependency-type: indirect ... Signed-off-by: dependabot[bot] --- test/yarn.lock | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/test/yarn.lock b/test/yarn.lock index e831b1054..b12b42477 100644 --- a/test/yarn.lock +++ b/test/yarn.lock @@ -447,11 +447,11 @@ brace-expansion@^2.0.1: balanced-match "^1.0.0" braces@~3.0.2: - version "3.0.2" - resolved "https://registry.yarnpkg.com/braces/-/braces-3.0.2.tgz#3454e1a462ee8d599e236df336cd9ea4f8afe107" - integrity sha512-b8um+L1RzM3WDSzvhm6gIz1yfTbBt6YTlcEKAvsmqCZZFw46z626lVj9j1yEPW33H5H+lBQpZMP1k8l+78Ha0A== + version "3.0.3" + resolved "https://registry.yarnpkg.com/braces/-/braces-3.0.3.tgz#490332f40919452272d55a8480adc0c441358789" + integrity sha512-yQbXgO/OSZVD2IsiLlro+7Hf6Q18EJrKSEsdoMzKePKXct3gvD8oLcOQdIzGupr5Fj+EDe8gO/lxc1BzfMpxvA== dependencies: - fill-range "^7.0.1" + fill-range "^7.1.1" browser-stdout@^1.3.1: version "1.3.1" @@ -1079,10 +1079,10 @@ file-entry-cache@^8.0.0: dependencies: flat-cache "^4.0.0" -fill-range@^7.0.1: - version "7.0.1" - resolved "https://registry.yarnpkg.com/fill-range/-/fill-range-7.0.1.tgz#1919a6a7c75fe38b2c7c77e5198535da9acdda40" - integrity sha512-qOo9F+dMUmC2Lcb4BbVvnKJxTPjCm+RRpe4gDuGrzkL7mEVl/djYSu2OdQ2Pa302N4oqkSg9ir6jaLWJ2USVpQ== +fill-range@^7.1.1: + version "7.1.1" + resolved "https://registry.yarnpkg.com/fill-range/-/fill-range-7.1.1.tgz#44265d3cac07e3ea7dc247516380643754a05292" + integrity sha512-YsGpe3WHLK8ZYi4tWDg2Jy3ebRz2rXowDxnld4bkQB00cc/1Zw9AWnC0i9ztDJitivtQvaI9KaLyKrc+hBW0yg== dependencies: to-regex-range "^5.0.1" From f71de7474db8caea708cab344bda54503ff88857 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Fri, 11 Oct 2024 04:06:52 +0000 Subject: [PATCH 037/175] Bump express from 4.19.2 to 4.20.0 in /backend Bumps [express](https://github.com/expressjs/express) from 4.19.2 to 4.20.0. - [Release notes](https://github.com/expressjs/express/releases) - [Changelog](https://github.com/expressjs/express/blob/master/History.md) - [Commits](https://github.com/expressjs/express/compare/4.19.2...4.20.0) --- updated-dependencies: - dependency-name: express dependency-type: direct:production ... Signed-off-by: dependabot[bot] --- backend/package.json | 2 +- backend/yarn.lock | 88 +++++++++++++++++++++++--------------------- 2 files changed, 48 insertions(+), 42 deletions(-) diff --git a/backend/package.json b/backend/package.json index f0c7a3e59..1bc3ef165 100644 --- a/backend/package.json +++ b/backend/package.json @@ -11,7 +11,7 @@ "bcrypt": "^5.0.0", "body-parser": "^1.20.3", "compression": "^1.7.4", - "express": "^4.19.2", + "express": "^4.20.0", "express-fileupload": "^1.1.9", "gravatar": "^1.8.0", "jsonwebtoken": "^9.0.0", diff --git a/backend/yarn.lock b/backend/yarn.lock index bcf88ae44..5441a511c 100644 --- a/backend/yarn.lock +++ b/backend/yarn.lock @@ -459,25 +459,7 @@ blueimp-md5@^2.16.0: resolved "https://registry.yarnpkg.com/blueimp-md5/-/blueimp-md5-2.17.0.tgz#f4fcac088b115f7b4045f19f5da59e9d01b1bb96" integrity sha512-x5PKJHY5rHQYaADj6NwPUR2QRCUVSggPzrUKkeENpj871o9l9IefJbO2jkT5UvYykeOK9dx0VmkIo6dZ+vThYw== -body-parser@1.20.2: - version "1.20.2" - resolved "https://registry.yarnpkg.com/body-parser/-/body-parser-1.20.2.tgz#6feb0e21c4724d06de7ff38da36dad4f57a747fd" - integrity sha512-ml9pReCu3M61kGlqoTm2umSXTlRTuGTx0bfYj+uIUKKYycG5NtSbeetV3faSU6R7ajOPw0g/J1PvK4qNy7s5bA== - dependencies: - bytes "3.1.2" - content-type "~1.0.5" - debug "2.6.9" - depd "2.0.0" - destroy "1.2.0" - http-errors "2.0.0" - iconv-lite "0.4.24" - on-finished "2.4.1" - qs "6.11.0" - raw-body "2.5.2" - type-is "~1.6.18" - unpipe "1.0.0" - -body-parser@^1.20.3: +body-parser@1.20.3, body-parser@^1.20.3: version "1.20.3" resolved "https://registry.yarnpkg.com/body-parser/-/body-parser-1.20.3.tgz#1953431221c6fb5cd63c4b36d53fab0928e548c6" integrity sha512-7rAxByjUMqQ3/bHJy7D6OGXvx/MMc4IqBn/X0fcM1QUcAItpZrBEYhWGem+tzXH90c+G01ypMcYJBO9Y30203g== @@ -1011,6 +993,11 @@ encodeurl@~1.0.2: resolved "https://registry.yarnpkg.com/encodeurl/-/encodeurl-1.0.2.tgz#ad3ff4c86ec2d029322f5a02c3a9a606c95b3f59" integrity sha1-rT/0yG7C0CkyL1oCw6mmBslbP1k= +encodeurl@~2.0.0: + version "2.0.0" + resolved "https://registry.yarnpkg.com/encodeurl/-/encodeurl-2.0.0.tgz#7b8ea898077d7e409d3ac45474ea38eaf0857a58" + integrity sha512-Q0n9HRi4m6JuGIV1eFlmvJB7ZEVxu93IrMyiMsGC0lrMJMWzRgx6WGquyfQgZVb31vhGgXnfmPNNXmxnOkRBrg== + encoding@^0.1.12: version "0.1.13" resolved "https://registry.yarnpkg.com/encoding/-/encoding-0.1.13.tgz#56574afdd791f54a8e9b2785c0582a2d26210fa9" @@ -1208,37 +1195,37 @@ express-fileupload@^1.1.9: dependencies: busboy "^0.3.1" -express@^4.19.2: - version "4.19.2" - resolved "https://registry.yarnpkg.com/express/-/express-4.19.2.tgz#e25437827a3aa7f2a827bc8171bbbb664a356465" - integrity sha512-5T6nhjsT+EOMzuck8JjBHARTHfMht0POzlA60WV2pMD3gyXw2LZnZ+ueGdNxG+0calOJcWKbpFcuzLZ91YWq9Q== +express@^4.20.0: + version "4.20.0" + resolved "https://registry.yarnpkg.com/express/-/express-4.20.0.tgz#f1d08e591fcec770c07be4767af8eb9bcfd67c48" + integrity sha512-pLdae7I6QqShF5PnNTCVn4hI91Dx0Grkn2+IAsMTgMIKuQVte2dN9PeGSSAME2FR8anOhVA62QDIUaWVfEXVLw== dependencies: accepts "~1.3.8" array-flatten "1.1.1" - body-parser "1.20.2" + body-parser "1.20.3" content-disposition "0.5.4" content-type "~1.0.4" cookie "0.6.0" cookie-signature "1.0.6" debug "2.6.9" depd "2.0.0" - encodeurl "~1.0.2" + encodeurl "~2.0.0" escape-html "~1.0.3" etag "~1.8.1" finalhandler "1.2.0" fresh "0.5.2" http-errors "2.0.0" - merge-descriptors "1.0.1" + merge-descriptors "1.0.3" methods "~1.1.2" on-finished "2.4.1" parseurl "~1.3.3" - path-to-regexp "0.1.7" + path-to-regexp "0.1.10" proxy-addr "~2.0.7" qs "6.11.0" range-parser "~1.2.1" safe-buffer "5.2.1" - send "0.18.0" - serve-static "1.15.0" + send "0.19.0" + serve-static "1.16.0" setprototypeof "1.2.0" statuses "2.0.1" type-is "~1.6.18" @@ -2179,10 +2166,10 @@ media-typer@0.3.0: resolved "https://registry.yarnpkg.com/media-typer/-/media-typer-0.3.0.tgz#8710d7af0aa626f8fffa1ce00168545263255748" integrity sha1-hxDXrwqmJvj/+hzgAWhUUmMlV0g= -merge-descriptors@1.0.1: - version "1.0.1" - resolved "https://registry.yarnpkg.com/merge-descriptors/-/merge-descriptors-1.0.1.tgz#b00aaa556dd8b44568150ec9d1b953f3f90cbb61" - integrity sha1-sAqqVW3YtEVoFQ7J0blT8/kMu2E= +merge-descriptors@1.0.3: + version "1.0.3" + resolved "https://registry.yarnpkg.com/merge-descriptors/-/merge-descriptors-1.0.3.tgz#d80319a65f3c7935351e5cfdac8f9318504dbed5" + integrity sha512-gaNvAS7TZ897/rVaZ0nMtAyxNyi/pdbjbAwUpFQpN70GqnVfOiXpeUUMKRBmzXaSQ8DdTX4/0ms62r2K+hE6mQ== methods@~1.1.2: version "1.1.2" @@ -2735,10 +2722,10 @@ path-parse@^1.0.7: resolved "https://registry.yarnpkg.com/path-parse/-/path-parse-1.0.7.tgz#fbc114b60ca42b30d9daf5858e4bd68bbedb6735" integrity sha512-LDJzPVEEEPR+y48z93A0Ed0yXb8pAByGWo/k5YYdYgpY2/2EsOsksJrq7lOHxryrVOn1ejG6oAp8ahvOIQD8sw== -path-to-regexp@0.1.7: - version "0.1.7" - resolved "https://registry.yarnpkg.com/path-to-regexp/-/path-to-regexp-0.1.7.tgz#df604178005f522f15eb4490e7247a1bfaa67f8c" - integrity sha1-32BBeABfUi8V60SQ5yR6G/qmf4w= +path-to-regexp@0.1.10: + version "0.1.10" + resolved "https://registry.yarnpkg.com/path-to-regexp/-/path-to-regexp-0.1.10.tgz#67e9108c5c0551b9e5326064387de4763c4d5f8b" + integrity sha512-7lf7qcQidTku0Gu3YDPc8DJ1q7OOucfa/BSsIwjuh56VU7katFvuM8hULfkwB3Fns/rsVF7PwPKVw1sl5KQS9w== path@^0.12.7: version "0.12.7" @@ -3088,15 +3075,34 @@ send@0.18.0: range-parser "~1.2.1" statuses "2.0.1" +send@0.19.0: + version "0.19.0" + resolved "https://registry.yarnpkg.com/send/-/send-0.19.0.tgz#bbc5a388c8ea6c048967049dbeac0e4a3f09d7f8" + integrity sha512-dW41u5VfLXu8SJh5bwRmyYUbAoSB3c9uQh6L8h/KtsFREPWpbX1lrljJo186Jc4nmci/sGUZ9a0a0J2zgfq2hw== + dependencies: + debug "2.6.9" + depd "2.0.0" + destroy "1.2.0" + encodeurl "~1.0.2" + escape-html "~1.0.3" + etag "~1.8.1" + fresh "0.5.2" + http-errors "2.0.0" + mime "1.6.0" + ms "2.1.3" + on-finished "2.4.1" + range-parser "~1.2.1" + statuses "2.0.1" + seq-queue@^0.0.5: version "0.0.5" resolved "https://registry.yarnpkg.com/seq-queue/-/seq-queue-0.0.5.tgz#d56812e1c017a6e4e7c3e3a37a1da6d78dd3c93e" integrity sha512-hr3Wtp/GZIc/6DAGPDcV4/9WoZhjrkXsi5B/07QgX8tsdc6ilr7BFM6PM6rbdAX1kFSDYeZGLipIZZKyQP0O5Q== -serve-static@1.15.0: - version "1.15.0" - resolved "https://registry.yarnpkg.com/serve-static/-/serve-static-1.15.0.tgz#faaef08cffe0a1a62f60cad0c4e513cff0ac9540" - integrity sha512-XGuRDNjXUijsUL0vl6nSD7cwURuzEgglbOaFuZM9g3kwDXOWVTck0jLzjPzGD+TazWbboZYu52/9/XPdUgne9g== +serve-static@1.16.0: + version "1.16.0" + resolved "https://registry.yarnpkg.com/serve-static/-/serve-static-1.16.0.tgz#2bf4ed49f8af311b519c46f272bf6ac3baf38a92" + integrity sha512-pDLK8zwl2eKaYrs8mrPZBJua4hMplRWJ1tIFksVC3FtBEBnl8dxgeHtsaMS8DhS9i4fLObaon6ABoc4/hQGdPA== dependencies: encodeurl "~1.0.2" escape-html "~1.0.3" From 5aeb99b856640ce98008dab253875292633d885a Mon Sep 17 00:00:00 2001 From: Jamie Curnow Date: Fri, 11 Oct 2024 15:28:24 +1000 Subject: [PATCH 038/175] Version bump --- .version | 2 +- README.md | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/.version b/.version index 22e3b6b01..d8b698973 100644 --- a/.version +++ b/.version @@ -1 +1 @@ -2.11.3 +2.12.0 diff --git a/README.md b/README.md index 55a986d18..2d1b8da5b 100644 --- a/README.md +++ b/README.md @@ -1,7 +1,7 @@



- + From b01817bc7ffa68fb07d69472fb9acfa1f9860c84 Mon Sep 17 00:00:00 2001 From: Jamie Curnow Date: Sun, 13 Oct 2024 21:54:58 +1000 Subject: [PATCH 039/175] Adds squid to dev/CI stacks - for testing forwarded ip address later --- docker/dev/squid.conf | 92 +++++++++++++++++++++++++++++++++++ docker/docker-compose.ci.yml | 13 +++++ docker/docker-compose.dev.yml | 17 ++++++- test/cypress/config/ci.js | 4 +- test/cypress/config/dev.js | 4 +- test/package.json | 4 +- 6 files changed, 127 insertions(+), 7 deletions(-) create mode 100644 docker/dev/squid.conf diff --git a/docker/dev/squid.conf b/docker/dev/squid.conf new file mode 100644 index 000000000..cdd749f58 --- /dev/null +++ b/docker/dev/squid.conf @@ -0,0 +1,92 @@ +# WELCOME TO SQUID 6.6 +# ---------------------------- +# +# This is the documentation for the Squid configuration file. +# This documentation can also be found online at: +# http://www.squid-cache.org/Doc/config/ +# +# You may wish to look at the Squid home page and wiki for the +# FAQ and other documentation: +# http://www.squid-cache.org/ +# https://wiki.squid-cache.org/SquidFaq +# https://wiki.squid-cache.org/ConfigExamples +# + +# Example rule allowing access from your local networks. +# Adapt to list your (internal) IP networks from where browsing +# should be allowed +acl localnet src 0.0.0.1-0.255.255.255 # RFC 1122 "this" network (LAN) +acl localnet src 10.0.0.0/8 # RFC 1918 local private network (LAN) +acl localnet src 100.64.0.0/10 # RFC 6598 shared address space (CGN) +acl localnet src 169.254.0.0/16 # RFC 3927 link-local (directly plugged) machines +acl localnet src 172.0.0.0/8 +acl localnet src 192.168.0.0/16 # RFC 1918 local private network (LAN) +acl localnet src fc00::/7 # RFC 4193 local private network range +acl localnet src fe80::/10 # RFC 4291 link-local (directly plugged) machines + +acl SSL_ports port 443 +acl Safe_ports port 80 # http +acl Safe_ports port 81 +acl Safe_ports port 443 # https + +# +# Recommended minimum Access Permission configuration: +# +# Deny requests to certain unsafe ports +http_access deny !Safe_ports + +# Deny CONNECT to other than secure SSL ports +http_access deny CONNECT !SSL_ports + +# Only allow cachemgr access from localhost +http_access allow localhost manager +http_access deny manager + +# This default configuration only allows localhost requests because a more +# permissive Squid installation could introduce new attack vectors into the +# network by proxying external TCP connections to unprotected services. +http_access allow localhost + +# The two deny rules below are unnecessary in this default configuration +# because they are followed by a "deny all" rule. However, they may become +# critically important when you start allowing external requests below them. + +# Protect web applications running on the same server as Squid. They often +# assume that only local users can access them at "localhost" ports. +http_access deny to_localhost + +# Protect cloud servers that provide local users with sensitive info about +# their server via certain well-known link-local (a.k.a. APIPA) addresses. +http_access deny to_linklocal + +# +# INSERT YOUR OWN RULE(S) HERE TO ALLOW ACCESS FROM YOUR CLIENTS +# +include /etc/squid/conf.d/*.conf + +# For example, to allow access from your local networks, you may uncomment the +# following rule (and/or add rules that match your definition of "local"): +# http_access allow localnet + +# And finally deny all other access to this proxy +http_access deny all + +# Squid normally listens to port 3128 +http_port 3128 + +# Leave coredumps in the first cache dir +coredump_dir /var/spool/squid + +# +# Add any of your own refresh_pattern entries above these. +# +refresh_pattern ^ftp: 1440 20% 10080 +refresh_pattern -i (/cgi-bin/|\?) 0 0% 0 +refresh_pattern \/(Packages|Sources)(|\.bz2|\.gz|\.xz)$ 0 0% 0 refresh-ims +refresh_pattern \/Release(|\.gpg)$ 0 0% 0 refresh-ims +refresh_pattern \/InRelease$ 0 0% 0 refresh-ims +refresh_pattern \/(Translation-.*)(|\.bz2|\.gz|\.xz)$ 0 0% 0 refresh-ims +# example pattern for deb packages +#refresh_pattern (\.deb|\.udeb)$ 129600 100% 129600 +refresh_pattern . 0 20% 4320 + diff --git a/docker/docker-compose.ci.yml b/docker/docker-compose.ci.yml index b4a448063..391b41233 100644 --- a/docker/docker-compose.ci.yml +++ b/docker/docker-compose.ci.yml @@ -22,6 +22,7 @@ services: networks: fulltest: aliases: + - npm - website1.example.com - website2.example.com - website3.example.com @@ -92,13 +93,25 @@ services: dockerfile: test/cypress/Dockerfile environment: CYPRESS_baseUrl: 'http://fullstack:81' + HTTP_PROXY: 'http://squid:3128' + HTTPS_PROXY: 'http://squid:3128' volumes: - 'cypress_logs:/results' - './dev/resolv.conf:/etc/resolv.conf:ro' + - '/etc/localtime:/etc/localtime:ro' command: cypress run --browser chrome --config-file=cypress/config/ci.js networks: - fulltest + squid: + image: ubuntu/squid + volumes: + - './dev/squid.conf:/etc/squid/squid.conf:ro' + - './dev/resolv.conf:/etc/resolv.conf:ro' + - '/etc/localtime:/etc/localtime:ro' + networks: + - fulltest + volumes: cypress_logs: npm_data_ci: diff --git a/docker/docker-compose.dev.yml b/docker/docker-compose.dev.yml index 8092a33e4..4cdb1e916 100644 --- a/docker/docker-compose.dev.yml +++ b/docker/docker-compose.dev.yml @@ -12,7 +12,11 @@ services: - 3081:81 - 3443:443 networks: - - nginx_proxy_manager + nginx_proxy_manager: + aliases: + - website1.example.com + - website2.example.com + - website3.example.com environment: PUID: 1000 PGID: 1000 @@ -65,6 +69,17 @@ services: depends_on: - npm + squid: + image: ubuntu/squid + container_name: npm_squid + volumes: + - './dev/squid.conf:/etc/squid/squid.conf:ro' + - '/etc/localtime:/etc/localtime:ro' + networks: + - nginx_proxy_manager + ports: + - 8128:3128 + volumes: npm_data: name: npm_core_data diff --git a/test/cypress/config/ci.js b/test/cypress/config/ci.js index 2b50db1e8..63c9d8c81 100644 --- a/test/cypress/config/ci.js +++ b/test/cypress/config/ci.js @@ -15,8 +15,8 @@ module.exports = defineConfig({ return require("../plugins/index.js")(on, config); }, env: { - swaggerBase: '{{baseUrl}}/api/schema', + swaggerBase: 'http://npm:81/api/schema', }, - baseUrl: 'http://localhost:1234', + baseUrl: 'http://npm:81', } }); diff --git a/test/cypress/config/dev.js b/test/cypress/config/dev.js index 90ae943bc..f3c9f6d28 100644 --- a/test/cypress/config/dev.js +++ b/test/cypress/config/dev.js @@ -15,8 +15,8 @@ module.exports = defineConfig({ return require("../plugins/index.js")(on, config); }, env: { - swaggerBase: '{{baseUrl}}/api/schema', + swaggerBase: 'http://npm:81/api/schema', }, - baseUrl: 'http://localhost:1234', + baseUrl: 'http://npm:81', } }); diff --git a/test/package.json b/test/package.json index 7032efe68..99215363a 100644 --- a/test/package.json +++ b/test/package.json @@ -19,8 +19,8 @@ "mocha-junit-reporter": "^2.2.1" }, "scripts": { - "cypress": "cypress open --config-file=cypress/config/dev.js --config baseUrl=${BASE_URL:-http://127.0.0.1:3081}", - "cypress:headless": "cypress run --config-file=cypress/config/dev.js --config baseUrl=${BASE_URL:-http://127.0.0.1:3081}" + "cypress": "HTTP_PROXY=127.0.0.1:8128 HTTPS_PROXY=127.0.0.1:8128 cypress open --config-file=cypress/config/dev.js", + "cypress:headless": "HTTP_PROXY=127.0.0.1:8128 HTTPS_PROXY=127.0.0.1:8128 cypress run --config-file=cypress/config/dev.js" }, "author": "", "license": "ISC" From f2bb8f2b3d0bd64b2c58a4a45e9e1a8ac10e336e Mon Sep 17 00:00:00 2001 From: Jamie Curnow Date: Sun, 13 Oct 2024 22:04:07 +1000 Subject: [PATCH 040/175] Squid ci fixes --- docker/docker-compose.ci.yml | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/docker/docker-compose.ci.yml b/docker/docker-compose.ci.yml index 391b41233..5d5b0dded 100644 --- a/docker/docker-compose.ci.yml +++ b/docker/docker-compose.ci.yml @@ -92,9 +92,8 @@ services: context: ../ dockerfile: test/cypress/Dockerfile environment: - CYPRESS_baseUrl: 'http://fullstack:81' - HTTP_PROXY: 'http://squid:3128' - HTTPS_PROXY: 'http://squid:3128' + HTTP_PROXY: 'squid:3128' + HTTPS_PROXY: 'squid:3128' volumes: - 'cypress_logs:/results' - './dev/resolv.conf:/etc/resolv.conf:ro' From 81b89185f2af1d40406d1ae2507e0f24e9a2f294 Mon Sep 17 00:00:00 2001 From: Jamie Curnow Date: Sun, 13 Oct 2024 22:15:18 +1000 Subject: [PATCH 041/175] Squid ci fixes --- docker/docker-compose.ci.yml | 1 - test/cypress/config/ci.js | 4 ++-- 2 files changed, 2 insertions(+), 3 deletions(-) diff --git a/docker/docker-compose.ci.yml b/docker/docker-compose.ci.yml index 5d5b0dded..e13e8bf26 100644 --- a/docker/docker-compose.ci.yml +++ b/docker/docker-compose.ci.yml @@ -22,7 +22,6 @@ services: networks: fulltest: aliases: - - npm - website1.example.com - website2.example.com - website3.example.com diff --git a/test/cypress/config/ci.js b/test/cypress/config/ci.js index 63c9d8c81..873330dc7 100644 --- a/test/cypress/config/ci.js +++ b/test/cypress/config/ci.js @@ -15,8 +15,8 @@ module.exports = defineConfig({ return require("../plugins/index.js")(on, config); }, env: { - swaggerBase: 'http://npm:81/api/schema', + swaggerBase: 'http://fullstack:81/api/schema', }, - baseUrl: 'http://npm:81', + baseUrl: 'http://fullstack:81', } }); From 7322d35bd734d3694c111a4883e834435bb4b00d Mon Sep 17 00:00:00 2001 From: Jamie Curnow Date: Mon, 14 Oct 2024 07:21:04 +1000 Subject: [PATCH 042/175] Fix CI --- Jenkinsfile | 9 +-------- scripts/ci/fulltest-cypress | 2 +- 2 files changed, 2 insertions(+), 9 deletions(-) diff --git a/Jenkinsfile b/Jenkinsfile index ae631f935..757579468 100644 --- a/Jenkinsfile +++ b/Jenkinsfile @@ -204,20 +204,13 @@ pipeline { always { sh 'echo Reverting ownership' sh 'docker run --rm -v "$(pwd):/data" jc21/ci-tools chown -R "$(id -u):$(id -g)" /data' - } - success { - juxtapose event: 'success' - sh 'figlet "SUCCESS"' + printResult(true) } failure { archiveArtifacts(artifacts: 'debug/**/*.*', allowEmptyArchive: true) - juxtapose event: 'failure' - sh 'figlet "FAILURE"' } unstable { archiveArtifacts(artifacts: 'debug/**/*.*', allowEmptyArchive: true) - juxtapose event: 'unstable' - sh 'figlet "UNSTABLE"' } } } diff --git a/scripts/ci/fulltest-cypress b/scripts/ci/fulltest-cypress index 7e4469fec..9101189c2 100755 --- a/scripts/ci/fulltest-cypress +++ b/scripts/ci/fulltest-cypress @@ -65,7 +65,7 @@ rm -rf "${LOCAL_RESOLVE}" printf "nameserver %s\noptions ndots:0" "${DNSROUTER_IP}" > "${LOCAL_RESOLVE}" # bring up all remaining containers, except cypress! -docker-compose up -d --remove-orphans stepca +docker-compose up -d --remove-orphans stepca squid docker-compose pull db-mysql || true # ok to fail docker-compose up -d --remove-orphans --pull=never fullstack From e5aa880ec41c5a46f49c515a11240b4a0dd5a716 Mon Sep 17 00:00:00 2001 From: Dusan Cervenka Date: Tue, 15 Oct 2024 01:58:15 +0200 Subject: [PATCH 043/175] fixed wedos password description Signed-off-by: Dusan Cervenka --- global/certbot-dns-plugins.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/global/certbot-dns-plugins.json b/global/certbot-dns-plugins.json index bc3cfa7a7..6729842e8 100644 --- a/global/certbot-dns-plugins.json +++ b/global/certbot-dns-plugins.json @@ -492,7 +492,7 @@ "package_name": "certbot-dns-wedos", "version": "~=2.2", "dependencies": "", - "credentials": "dns_wedos_user = \ndns_wedos_auth = ", + "credentials": "dns_wedos_user = \ndns_wedos_auth = ", "full_plugin_name": "dns-wedos" }, "edgedns": { From 351ba8dacd55f70bf0797212bfa4f9650b92a8b1 Mon Sep 17 00:00:00 2001 From: Jamie Curnow Date: Mon, 14 Oct 2024 22:48:36 +1000 Subject: [PATCH 044/175] More tests for certificates, fixed schema problems --- backend/internal/certificate.js | 11 +++-- .../schema/components/certificate-object.json | 28 ++++++++--- .../certificates/certID/upload/post.json | 19 ++++++++ test/cypress/e2e/api/Certificates.cy.js | 47 +++++++++++++++++++ test/package.json | 2 +- test/yarn.lock | 8 ++-- 6 files changed, 98 insertions(+), 17 deletions(-) diff --git a/backend/internal/certificate.js b/backend/internal/certificate.js index 9bdfe695c..68dd55e88 100644 --- a/backend/internal/certificate.js +++ b/backend/internal/certificate.js @@ -3,27 +3,28 @@ const fs = require('fs'); const https = require('https'); const tempWrite = require('temp-write'); const moment = require('moment'); +const archiver = require('archiver'); +const path = require('path'); +const { isArray } = require('lodash'); const logger = require('../logger').ssl; const config = require('../lib/config'); const error = require('../lib/error'); const utils = require('../lib/utils'); +const certbot = require('../lib/certbot'); const certificateModel = require('../models/certificate'); const tokenModel = require('../models/token'); const dnsPlugins = require('../global/certbot-dns-plugins.json'); const internalAuditLog = require('./audit-log'); const internalNginx = require('./nginx'); const internalHost = require('./host'); -const certbot = require('../lib/certbot'); -const archiver = require('archiver'); -const path = require('path'); -const { isArray } = require('lodash'); + const letsencryptStaging = config.useLetsencryptStaging(); const letsencryptConfig = '/etc/letsencrypt.ini'; const certbotCommand = 'certbot'; function omissions() { - return ['is_deleted']; + return ['is_deleted', 'owner.is_deleted']; } const internalCertificate = { diff --git a/backend/schema/components/certificate-object.json b/backend/schema/components/certificate-object.json index 04cd89801..a4e8e1fce 100644 --- a/backend/schema/components/certificate-object.json +++ b/backend/schema/components/certificate-object.json @@ -24,13 +24,23 @@ "description": "Nice Name for the custom certificate" }, "domain_names": { - "$ref": "../common.json#/properties/domain_names" + "description": "Domain Names separated by a comma", + "type": "array", + "maxItems": 100, + "uniqueItems": true, + "items": { + "type": "string", + "pattern": "^[^&| @!#%^();:/\\\\}{=+?<>,~`'\"]+$" + } }, "expires_on": { "description": "Date and time of expiration", "readOnly": true, "type": "string" }, + "owner": { + "$ref": "./user-object.json" + }, "meta": { "type": "object", "additionalProperties": false, @@ -51,12 +61,16 @@ "type": "string" }, "propagation_seconds": { - "anyOf": [ - { - "type": "integer", - "minimum": 0 - } - ] + "type": "integer", + "minimum": 0 + }, + "certificate": { + "type": "string", + "minLength": 1 + }, + "certificate_key": { + "type": "string", + "minLength": 1 } } } diff --git a/backend/schema/paths/nginx/certificates/certID/upload/post.json b/backend/schema/paths/nginx/certificates/certID/upload/post.json index e9274856a..f38b8102a 100644 --- a/backend/schema/paths/nginx/certificates/certID/upload/post.json +++ b/backend/schema/paths/nginx/certificates/certID/upload/post.json @@ -55,6 +55,25 @@ "certificate_key": "-----BEGIN PRIVATE KEY-----\nMIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQC1n9j9C5Bes1nd\nqACDckERauxXVNKCnUlUM1buGBx1xc+j2e2Ar23wUJJuWBY18VfT8yqfqVDktO2w\nrbmvZvLuPmXePOKbIKS+XXh+2NG9L5bDG9rwGFCRXnbQj+GWCdMfzx14+CR1IHge\nYz6Cv/Si2/LJPCh/CoBfM4hUQJON3lxAWrWBpdbZnKYMrxuPBRfW9OuzTbCVXToQ\noxRAHiOR9081Xn1WeoKr7kVBIa5UphlvWXa12w1YmUwJu7YndnJGIavLWeNCVc7Z\nEo+nS8Wr/4QWicatIWZXpVaEOPhRoeplQDxNWg5b/Q26rYoVd7PrCmRs7sVcH79X\nzGONeH1PAgMBAAECggEAANb3Wtwl07pCjRrMvc7WbC0xYIn82yu8/g2qtjkYUJcU\nia5lQbYN7RGCS85Oc/tkq48xQEG5JQWNH8b918jDEMTrFab0aUEyYcru1q9L8PL6\nYHaNgZSrMrDcHcS8h0QOXNRJT5jeGkiHJaTR0irvB526tqF3knbK9yW22KTfycUe\na0Z9voKn5xRk1DCbHi/nk2EpT7xnjeQeLFaTIRXbS68omkr4YGhwWm5OizoyEGZu\nW0Zum5BkQyMr6kor3wdxOTG97ske2rcyvvHi+ErnwL0xBv0qY0Dhe8DpuXpDezqw\no72yY8h31Fu84i7sAj24YuE5Df8DozItFXQpkgbQ6QKBgQDPrufhvIFm2S/MzBdW\nH8JxY7CJlJPyxOvc1NIl9RczQGAQR90kx52cgIcuIGEG6/wJ/xnGfMmW40F0DnQ+\nN+oLgB9SFxeLkRb7s9Z/8N3uIN8JJFYcerEOiRQeN2BXEEWJ7bUThNtsVrAcKoUh\nELsDmnHW/3V+GKwhd0vpk842+wKBgQDf4PGLG9PTE5tlAoyHFodJRd2RhTJQkwsU\nMDNjLJ+KecLv+Nl+QiJhoflG1ccqtSFlBSCG067CDQ5LV0xm3mLJ7pfJoMgjcq31\nqjEmX4Ls91GuVOPtbwst3yFKjsHaSoKB5fBvWRcKFpBUezM7Qcw2JP3+dQT+bQIq\ncMTkRWDSvQKBgQDOdCQFDjxg/lR7NQOZ1PaZe61aBz5P3pxNqa7ClvMaOsuEQ7w9\nvMYcdtRq8TsjA2JImbSI0TIg8gb2FQxPcYwTJKl+FICOeIwtaSg5hTtJZpnxX5LO\nutTaC0DZjNkTk5RdOdWA8tihyUdGqKoxJY2TVmwGe2rUEDjFB++J4inkEwKBgB6V\ng0nmtkxanFrzOzFlMXwgEEHF+Xaqb9QFNa/xs6XeNnREAapO7JV75Cr6H2hFMFe1\nmJjyqCgYUoCWX3iaHtLJRnEkBtNY4kzyQB6m46LtsnnnXO/dwKA2oDyoPfFNRoDq\nYatEd3JIXNU9s2T/+x7WdOBjKhh72dTkbPFmTPDdAoGAU6rlPBevqOFdObYxdPq8\nEQWu44xqky3Mf5sBpOwtu6rqCYuziLiN7K4sjN5GD5mb1cEU+oS92ZiNcUQ7MFXk\n8yTYZ7U0VcXyAcpYreWwE8thmb0BohJBr+Mp3wLTx32x0HKdO6vpUa0d35LUTUmM\nRrKmPK/msHKK/sVHiL+NFqo=\n-----END PRIVATE KEY-----\n" } } + }, + "schema": { + "type": "object", + "additionalProperties": false, + "required": ["certificate", "certificate_key"], + "properties": { + "certificate": { + "type": "string", + "minLength": 1 + }, + "certificate_key": { + "type": "string", + "minLength": 1 + }, + "intermediate_certificate": { + "type": "string", + "minLength": 1 + } + } } } } diff --git a/test/cypress/e2e/api/Certificates.cy.js b/test/cypress/e2e/api/Certificates.cy.js index 043680f3e..687d09e57 100644 --- a/test/cypress/e2e/api/Certificates.cy.js +++ b/test/cypress/e2e/api/Certificates.cy.js @@ -2,6 +2,7 @@ describe('Certificates endpoints', () => { let token; + let certID; before(() => { cy.getToken().then((tok) => { @@ -24,6 +25,52 @@ describe('Certificates endpoints', () => { }); }); + it('Custom certificate lifecycle', function() { + cy.task('backendApiPost', { + token: token, + path: '/api/nginx/certificates', + data: { + provider: "other", + nice_name: "Test Certificate", + }, + }).then((data) => { + cy.validateSwaggerSchema('post', 201, '/nginx/certificates', data); + expect(data).to.have.property('id'); + certID = data.id; + + cy.task('backendApiPostFiles', { + token: token, + path: `/api/nginx/certificates/${certID}/upload`, + files: { + certificate: 'test.example.com.pem', + certificate_key: 'test.example.com-key.pem', + }, + }).then((data) => { + cy.validateSwaggerSchema('post', 201, '/nginx/certificates/upload', data); + expect(data).to.have.property('certificate'); + expect(data).to.have.property('certificate_key'); + + cy.task('backendApiDelete', { + token: token, + path: `/api/nginx/certificates/${certID}` + }).then((data) => { + cy.validateSwaggerSchema('delete', 200, '/nginx/certificates/{certID}', data); + expect(data).to.be.equal(true); + }); + }); + }); + }); + + it('Should be able to get all certs', function() { + cy.task('backendApiGet', { + token: token, + path: '/api/nginx/certificates?expand=owner' + }).then((data) => { + cy.validateSwaggerSchema('get', 200, '/nginx/certificates', data); + expect(data.length).to.be.greaterThan(0); + }); + }); + it('Request Certificate - CVE-2024-46256/CVE-2024-46257', function() { cy.task('backendApiPost', { token: token, diff --git a/test/package.json b/test/package.json index 99215363a..a1c68908a 100644 --- a/test/package.json +++ b/test/package.json @@ -4,7 +4,7 @@ "description": "", "main": "index.js", "dependencies": { - "@jc21/cypress-swagger-validation": "^0.2.7", + "@jc21/cypress-swagger-validation": "^0.2.8", "axios": "^1.7.7", "cypress": "^13.15.0", "cypress-multi-reporters": "^1.6.4", diff --git a/test/yarn.lock b/test/yarn.lock index b12b42477..38d85e0a8 100644 --- a/test/yarn.lock +++ b/test/yarn.lock @@ -167,10 +167,10 @@ resolved "https://registry.yarnpkg.com/@humanwhocodes/retry/-/retry-0.3.1.tgz#c72a5c76a9fbaf3488e231b13dc52c0da7bab42a" integrity sha512-JBxkERygn7Bv/GbN5Rv8Ul6LVknS+5Bp6RgDC/O8gEBU/yeH5Ui5C/OlWrTb6qct7LjjfT6Re2NxB0ln0yYybA== -"@jc21/cypress-swagger-validation@^0.2.7": - version "0.2.7" - resolved "https://registry.yarnpkg.com/@jc21/cypress-swagger-validation/-/cypress-swagger-validation-0.2.7.tgz#64642b12d98b884df8c30b72852162941285d2af" - integrity sha512-4EQ0gfigRwVVl3DnVYbR48/EKGnn7oH5YYdMzf6zqypO+bqYvDHu9kgk/WqkGlT/aauGQ7e0YGMo8ZvR7mL0Ng== +"@jc21/cypress-swagger-validation@^0.2.8": + version "0.2.8" + resolved "https://registry.yarnpkg.com/@jc21/cypress-swagger-validation/-/cypress-swagger-validation-0.2.8.tgz#8ab059bd41e3ee100a1998a1484b9e5a2e9a4224" + integrity sha512-9fiZIHj3//bJjC5YUMOc42RnoEUeeokVn6xtMnP52XIZ/ryWQ9PIyFdlOAH8q/LW/uPxozJo2+hdB6ou4iurag== dependencies: "@apidevtools/swagger-parser" "^10.1.0" ajv "^8.17.1" From f48e1b46a8979b58d05c953f0893f140717c5fb1 Mon Sep 17 00:00:00 2001 From: Jamie Curnow Date: Tue, 15 Oct 2024 23:54:39 +1000 Subject: [PATCH 045/175] Updated swagger cypress package, which works with proxies --- Jenkinsfile | 10 +++++++ docker/docker-compose.dev.yml | 4 +-- test/cypress/config/ci.js | 2 +- test/cypress/config/dev.js | 22 --------------- test/cypress/e2e/api/Certificates.cy.js | 34 ++++++++++++----------- test/cypress/e2e/api/Health.cy.js | 4 +-- test/cypress/e2e/api/Hosts.cy.js | 2 +- test/cypress/e2e/api/Users.cy.js | 2 +- test/cypress/plugins/backendApi/client.js | 2 +- test/cypress/plugins/index.js | 2 +- test/package.json | 6 ++-- test/yarn.lock | 31 ++++++++------------- 12 files changed, 52 insertions(+), 69 deletions(-) delete mode 100644 test/cypress/config/dev.js diff --git a/Jenkinsfile b/Jenkinsfile index 757579468..9b29ee970 100644 --- a/Jenkinsfile +++ b/Jenkinsfile @@ -127,6 +127,11 @@ pipeline { junit 'test/results/junit/*' sh 'docker-compose down --remove-orphans --volumes -t 30 || true' } + unstable { + dir(path: 'testing/results') { + archiveArtifacts(allowEmptyArchive: true, artifacts: '**/*', excludes: '**/*.xml') + } + } } } stage('Test Mysql') { @@ -155,6 +160,11 @@ pipeline { junit 'test/results/junit/*' sh 'docker-compose down --remove-orphans --volumes -t 30 || true' } + unstable { + dir(path: 'testing/results') { + archiveArtifacts(allowEmptyArchive: true, artifacts: '**/*', excludes: '**/*.xml') + } + } } } stage('MultiArch Build') { diff --git a/docker/docker-compose.dev.yml b/docker/docker-compose.dev.yml index 4cdb1e916..e7f9bcbaa 100644 --- a/docker/docker-compose.dev.yml +++ b/docker/docker-compose.dev.yml @@ -1,7 +1,7 @@ # WARNING: This is a DEVELOPMENT docker-compose file, it should not be used for production. services: - npm: + fullstack: image: nginxproxymanager:dev container_name: npm_core build: @@ -67,7 +67,7 @@ services: URL: "http://npm:81/api/schema" PORT: '80' depends_on: - - npm + - fullstack squid: image: ubuntu/squid diff --git a/test/cypress/config/ci.js b/test/cypress/config/ci.js index 873330dc7..dc968dbd3 100644 --- a/test/cypress/config/ci.js +++ b/test/cypress/config/ci.js @@ -15,7 +15,7 @@ module.exports = defineConfig({ return require("../plugins/index.js")(on, config); }, env: { - swaggerBase: 'http://fullstack:81/api/schema', + swaggerBase: '{{baseUrl}}/api/schema?ts=' + Date.now(), }, baseUrl: 'http://fullstack:81', } diff --git a/test/cypress/config/dev.js b/test/cypress/config/dev.js deleted file mode 100644 index f3c9f6d28..000000000 --- a/test/cypress/config/dev.js +++ /dev/null @@ -1,22 +0,0 @@ -const { defineConfig } = require('cypress'); - -module.exports = defineConfig({ - requestTimeout: 30000, - defaultCommandTimeout: 20000, - reporter: 'cypress-multi-reporters', - reporterOptions: { - configFile: 'multi-reporter.json' - }, - video: false, - videosFolder: 'results/videos', - screenshotsFolder: 'results/screenshots', - e2e: { - setupNodeEvents(on, config) { - return require("../plugins/index.js")(on, config); - }, - env: { - swaggerBase: 'http://npm:81/api/schema', - }, - baseUrl: 'http://npm:81', - } -}); diff --git a/test/cypress/e2e/api/Certificates.cy.js b/test/cypress/e2e/api/Certificates.cy.js index 687d09e57..1e8a6fed4 100644 --- a/test/cypress/e2e/api/Certificates.cy.js +++ b/test/cypress/e2e/api/Certificates.cy.js @@ -1,4 +1,4 @@ -/// +/// describe('Certificates endpoints', () => { let token; @@ -26,6 +26,7 @@ describe('Certificates endpoints', () => { }); it('Custom certificate lifecycle', function() { + // Create custom cert cy.task('backendApiPost', { token: token, path: '/api/nginx/certificates', @@ -38,6 +39,7 @@ describe('Certificates endpoints', () => { expect(data).to.have.property('id'); certID = data.id; + // Upload files cy.task('backendApiPostFiles', { token: token, path: `/api/nginx/certificates/${certID}/upload`, @@ -46,31 +48,31 @@ describe('Certificates endpoints', () => { certificate_key: 'test.example.com-key.pem', }, }).then((data) => { - cy.validateSwaggerSchema('post', 201, '/nginx/certificates/upload', data); + cy.validateSwaggerSchema('post', 200, '/nginx/certificates/{certID}/upload', data); expect(data).to.have.property('certificate'); expect(data).to.have.property('certificate_key'); - cy.task('backendApiDelete', { + // Get all certs + cy.task('backendApiGet', { token: token, - path: `/api/nginx/certificates/${certID}` + path: '/api/nginx/certificates?expand=owner' }).then((data) => { - cy.validateSwaggerSchema('delete', 200, '/nginx/certificates/{certID}', data); - expect(data).to.be.equal(true); + cy.validateSwaggerSchema('get', 200, '/nginx/certificates', data); + expect(data.length).to.be.greaterThan(0); + + // Delete cert + cy.task('backendApiDelete', { + token: token, + path: `/api/nginx/certificates/${certID}` + }).then((data) => { + cy.validateSwaggerSchema('delete', 200, '/nginx/certificates/{certID}', data); + expect(data).to.be.equal(true); + }); }); }); }); }); - it('Should be able to get all certs', function() { - cy.task('backendApiGet', { - token: token, - path: '/api/nginx/certificates?expand=owner' - }).then((data) => { - cy.validateSwaggerSchema('get', 200, '/nginx/certificates', data); - expect(data.length).to.be.greaterThan(0); - }); - }); - it('Request Certificate - CVE-2024-46256/CVE-2024-46257', function() { cy.task('backendApiPost', { token: token, diff --git a/test/cypress/e2e/api/Health.cy.js b/test/cypress/e2e/api/Health.cy.js index f765c99b9..49881e97b 100644 --- a/test/cypress/e2e/api/Health.cy.js +++ b/test/cypress/e2e/api/Health.cy.js @@ -1,4 +1,4 @@ -/// +/// describe('Basic API checks', () => { it('Should return a valid health payload', function () { @@ -12,7 +12,7 @@ describe('Basic API checks', () => { it('Should return a valid schema payload', function () { cy.task('backendApiGet', { - path: '/api/schema', + path: '/api/schema?ts=' + Date.now(), }).then((data) => { expect(data.openapi).to.be.equal('3.1.0'); }); diff --git a/test/cypress/e2e/api/Hosts.cy.js b/test/cypress/e2e/api/Hosts.cy.js index 62b9581bb..75d732c7c 100644 --- a/test/cypress/e2e/api/Hosts.cy.js +++ b/test/cypress/e2e/api/Hosts.cy.js @@ -1,4 +1,4 @@ -/// +/// describe('Hosts endpoints', () => { let token; diff --git a/test/cypress/e2e/api/Users.cy.js b/test/cypress/e2e/api/Users.cy.js index 43303d431..06b183176 100644 --- a/test/cypress/e2e/api/Users.cy.js +++ b/test/cypress/e2e/api/Users.cy.js @@ -1,4 +1,4 @@ -/// +/// describe('Users endpoints', () => { let token; diff --git a/test/cypress/plugins/backendApi/client.js b/test/cypress/plugins/backendApi/client.js index e7c0c439d..ba28e3ae1 100644 --- a/test/cypress/plugins/backendApi/client.js +++ b/test/cypress/plugins/backendApi/client.js @@ -80,7 +80,7 @@ BackendApi.prototype._handleError = function(err, resolve, reject, returnOnError * @returns {Promise} */ BackendApi.prototype.request = function (method, path, returnOnError, data) { - logger(method.toUpperCase(), this.config.baseUrl + path); + logger(method.toUpperCase(), path); const options = this._prepareOptions(returnOnError); return new Promise((resolve, reject) => { diff --git a/test/cypress/plugins/index.js b/test/cypress/plugins/index.js index 8cf6eef6c..2f3e3c5af 100644 --- a/test/cypress/plugins/index.js +++ b/test/cypress/plugins/index.js @@ -1,4 +1,4 @@ -const {SwaggerValidation} = require('@jc21/cypress-swagger-validation'); +const { SwaggerValidation } = require('@jc21/cypress-swagger-validation'); module.exports = (on, config) => { // Replace swaggerBase config var wildcard diff --git a/test/package.json b/test/package.json index a1c68908a..b52ecfbd7 100644 --- a/test/package.json +++ b/test/package.json @@ -4,7 +4,7 @@ "description": "", "main": "index.js", "dependencies": { - "@jc21/cypress-swagger-validation": "^0.2.8", + "@jc21/cypress-swagger-validation": "^0.3.1", "axios": "^1.7.7", "cypress": "^13.15.0", "cypress-multi-reporters": "^1.6.4", @@ -19,8 +19,8 @@ "mocha-junit-reporter": "^2.2.1" }, "scripts": { - "cypress": "HTTP_PROXY=127.0.0.1:8128 HTTPS_PROXY=127.0.0.1:8128 cypress open --config-file=cypress/config/dev.js", - "cypress:headless": "HTTP_PROXY=127.0.0.1:8128 HTTPS_PROXY=127.0.0.1:8128 cypress run --config-file=cypress/config/dev.js" + "cypress": "HTTP_PROXY=127.0.0.1:8128 HTTPS_PROXY=127.0.0.1:8128 cypress open --config-file=cypress/config/ci.js", + "cypress:headless": "HTTP_PROXY=127.0.0.1:8128 HTTPS_PROXY=127.0.0.1:8128 cypress run --config-file=cypress/config/ci.js" }, "author": "", "license": "ISC" diff --git a/test/yarn.lock b/test/yarn.lock index 38d85e0a8..4fa9e51f9 100644 --- a/test/yarn.lock +++ b/test/yarn.lock @@ -11,14 +11,13 @@ call-me-maybe "^1.0.1" js-yaml "^3.13.1" -"@apidevtools/json-schema-ref-parser@9.0.9": - version "9.0.9" - resolved "https://registry.yarnpkg.com/@apidevtools/json-schema-ref-parser/-/json-schema-ref-parser-9.0.9.tgz#d720f9256e3609621280584f2b47ae165359268b" - integrity sha512-GBD2Le9w2+lVFoc4vswGI/TjkNIZSVp7+9xPf+X3uidBfWnAeUWmquteSyt0+VCrhNMWj/FTABISQrD3Z/YA+w== +"@apidevtools/json-schema-ref-parser@^11.7.2": + version "11.7.2" + resolved "https://registry.yarnpkg.com/@apidevtools/json-schema-ref-parser/-/json-schema-ref-parser-11.7.2.tgz#cdf3e0aded21492364a70e193b45b7cf4177f031" + integrity sha512-4gY54eEGEstClvEkGnwVkTkrx0sqwemEFG5OSRRn3tD91XH0+Q8XIkYIfo7IwEWPpJZwILb9GUXeShtplRc/eA== dependencies: "@jsdevtools/ono" "^7.1.3" - "@types/json-schema" "^7.0.6" - call-me-maybe "^1.0.1" + "@types/json-schema" "^7.0.15" js-yaml "^4.1.0" "@apidevtools/openapi-schemas@^2.1.0": @@ -167,15 +166,16 @@ resolved "https://registry.yarnpkg.com/@humanwhocodes/retry/-/retry-0.3.1.tgz#c72a5c76a9fbaf3488e231b13dc52c0da7bab42a" integrity sha512-JBxkERygn7Bv/GbN5Rv8Ul6LVknS+5Bp6RgDC/O8gEBU/yeH5Ui5C/OlWrTb6qct7LjjfT6Re2NxB0ln0yYybA== -"@jc21/cypress-swagger-validation@^0.2.8": - version "0.2.8" - resolved "https://registry.yarnpkg.com/@jc21/cypress-swagger-validation/-/cypress-swagger-validation-0.2.8.tgz#8ab059bd41e3ee100a1998a1484b9e5a2e9a4224" - integrity sha512-9fiZIHj3//bJjC5YUMOc42RnoEUeeokVn6xtMnP52XIZ/ryWQ9PIyFdlOAH8q/LW/uPxozJo2+hdB6ou4iurag== +"@jc21/cypress-swagger-validation@^0.3.1": + version "0.3.1" + resolved "https://registry.yarnpkg.com/@jc21/cypress-swagger-validation/-/cypress-swagger-validation-0.3.1.tgz#1cdd49850a20f876ed62149623f99988264751be" + integrity sha512-Vdt1gLfj8p0tJhA42Cfn43XBbsKocNfVCEVSwkn7RmZgWUyRKjqhBBRTVa9cKZTozyg8Co/yhBMsNyjmHFVXtQ== dependencies: + "@apidevtools/json-schema-ref-parser" "^11.7.2" "@apidevtools/swagger-parser" "^10.1.0" ajv "^8.17.1" + axios "^1.7.7" json-schema "^0.4.0" - json-schema-ref-parser "^9.0.9" jsonpath "^1.1.1" lodash "^4.17.21" openapi-types "^12.1.3" @@ -196,7 +196,7 @@ resolved "https://registry.yarnpkg.com/@types/estree/-/estree-1.0.6.tgz#628effeeae2064a1b4e79f78e81d87b7e5fc7b50" integrity sha512-AYnb1nQyY49te+VRAVgmzfcgjYS91mY5P0TKUDCLEM+gNnA+3T6rWITXRLYCpahpqSQbN5cE+gHpnPyXjHWxcw== -"@types/json-schema@^7.0.15", "@types/json-schema@^7.0.6": +"@types/json-schema@^7.0.15": version "7.0.15" resolved "https://registry.yarnpkg.com/@types/json-schema/-/json-schema-7.0.15.tgz#596a1747233694d50f6ad8a7869fcb6f56cf5841" integrity sha512-5+fP8P8MFNC+AyZCDxrB2pkZFPGzqQWUzpSeuuVLvm8VMcorNYavBqoFcxK8bQz4Qsbn4oUEEem4wDLfcysGHA== @@ -1468,13 +1468,6 @@ json-buffer@3.0.1: resolved "https://registry.yarnpkg.com/json-buffer/-/json-buffer-3.0.1.tgz#9338802a30d3b6605fbe0613e094008ca8c05a13" integrity sha512-4bV5BfR2mqfQTJm+V5tPPdf+ZpuhiIvTuAB5g8kcrXOZpTT/QwwVRWBywX1ozr6lEuPdbHxwaJlm9G6mI2sfSQ== -json-schema-ref-parser@^9.0.9: - version "9.0.9" - resolved "https://registry.yarnpkg.com/json-schema-ref-parser/-/json-schema-ref-parser-9.0.9.tgz#66ea538e7450b12af342fa3d5b8458bc1e1e013f" - integrity sha512-qcP2lmGy+JUoQJ4DOQeLaZDqH9qSkeGCK3suKWxJXS82dg728Mn3j97azDMaOUmJAN4uCq91LdPx4K7E8F1a7Q== - dependencies: - "@apidevtools/json-schema-ref-parser" "9.0.9" - json-schema-traverse@^0.4.1: version "0.4.1" resolved "https://registry.yarnpkg.com/json-schema-traverse/-/json-schema-traverse-0.4.1.tgz#69f6a87d9513ab8bb8fe63bdb0979c448e684660" From 929ac3bd7cbe4f11e7ec49744c251cf9dc0aadad Mon Sep 17 00:00:00 2001 From: Jamie Curnow Date: Wed, 16 Oct 2024 11:06:29 +1000 Subject: [PATCH 046/175] Adds env var to set certbot acme server this is required for test suite to use dns certbot request without talking to live or staging letsencrypt servers or production level dns providers. This is a backwards port from the v3 branch and opens the door for a full certificate cypress test --- backend/internal/certificate.js | 4 +- backend/lib/config.js | 10 ++++ docker/Dockerfile | 4 ++ docker/dev/Dockerfile | 24 +++++---- docker/docker-compose.ci.yml | 3 ++ docker/docker-compose.dev.yml | 86 +++++++++++++++++++++++++++++++++ scripts/.common.sh | 10 ++++ scripts/cypress-dev | 13 +++++ scripts/start-dev | 37 +++++++++++++- 9 files changed, 180 insertions(+), 11 deletions(-) create mode 100755 scripts/cypress-dev diff --git a/backend/internal/certificate.js b/backend/internal/certificate.js index 68dd55e88..aea741c7d 100644 --- a/backend/internal/certificate.js +++ b/backend/internal/certificate.js @@ -20,6 +20,7 @@ const internalHost = require('./host'); const letsencryptStaging = config.useLetsencryptStaging(); +const letsencryptServer = config.useLetsencryptServer(); const letsencryptConfig = '/etc/letsencrypt.ini'; const certbotCommand = 'certbot'; @@ -838,7 +839,8 @@ const internalCertificate = { '--email "' + certificate.meta.letsencrypt_email + '" ' + '--preferred-challenges "dns,http" ' + '--domains "' + certificate.domain_names.join(',') + '" ' + - (letsencryptStaging ? '--staging' : ''); + (letsencryptStaging ? '--staging' : '') + + (letsencryptServer !== null ? `--server '${letsencryptServer}'` : ''); logger.info('Command:', cmd); diff --git a/backend/lib/config.js b/backend/lib/config.js index b42f9e3ca..f7fbdca6f 100644 --- a/backend/lib/config.js +++ b/backend/lib/config.js @@ -180,5 +180,15 @@ module.exports = { */ useLetsencryptStaging: function () { return !!process.env.LE_STAGING; + }, + + /** + * @returns {string|null} + */ + useLetsencryptServer: function () { + if (process.env.LE_SERVER) { + return process.env.LE_SERVER; + } + return null; } }; diff --git a/docker/Dockerfile b/docker/Dockerfile index 799ee2a63..0603e2ded 100644 --- a/docker/Dockerfile +++ b/docker/Dockerfile @@ -3,6 +3,8 @@ # This file assumes that the frontend has been built using ./scripts/frontend-build +FROM nginxproxymanager/testca AS testca +FROM letsencrypt/pebble AS pebbleca FROM nginxproxymanager/nginx-full:certbot-node ARG TARGETPLATFORM @@ -45,6 +47,8 @@ RUN yarn install \ # add late to limit cache-busting by modifications COPY docker/rootfs / +COPY --from=pebbleca /test/certs/pebble.minica.pem /etc/ssl/certs/pebble.minica.pem +COPY --from=testca /home/step/certs/root_ca.crt /etc/ssl/certs/NginxProxyManager.crt # Remove frontend service not required for prod, dev nginx config as well RUN rm -rf /etc/s6-overlay/s6-rc.d/user/contents.d/frontend /etc/nginx/conf.d/dev.conf \ diff --git a/docker/dev/Dockerfile b/docker/dev/Dockerfile index 3c21849cd..bb4ac6d44 100644 --- a/docker/dev/Dockerfile +++ b/docker/dev/Dockerfile @@ -1,7 +1,10 @@ +FROM nginxproxymanager/testca AS testca +FROM letsencrypt/pebble AS pebbleca FROM nginxproxymanager/nginx-full:certbot-node LABEL maintainer="Jamie Curnow " -# See: https://github.com/just-containers/s6-overlay/blob/master/README.md +SHELL ["/bin/bash", "-o", "pipefail", "-c"] + ENV SUPPRESS_NO_CONFIG_WARNING=1 \ S6_BEHAVIOUR_IF_STAGE2_FAILS=1 \ S6_CMD_WAIT_FOR_SERVICES_MAXTIME=0 \ @@ -17,17 +20,20 @@ RUN echo "fs.file-max = 65535" > /etc/sysctl.conf \ && rm -rf /var/lib/apt/lists/* # Task -RUN cd /usr \ - && curl -sL https://taskfile.dev/install.sh | sh \ - && cd /root +WORKDIR /usr +RUN curl -sL https://taskfile.dev/install.sh | sh +WORKDIR /root COPY rootfs / -RUN rm -f /etc/nginx/conf.d/production.conf -RUN chmod 644 /etc/logrotate.d/nginx-proxy-manager - -# s6 overlay COPY scripts/install-s6 /tmp/install-s6 -RUN /tmp/install-s6 "${TARGETPLATFORM}" && rm -f /tmp/install-s6 +RUN rm -f /etc/nginx/conf.d/production.conf \ + && chmod 644 /etc/logrotate.d/nginx-proxy-manager \ + && /tmp/install-s6 "${TARGETPLATFORM}" \ + && rm -f /tmp/install-s6 + +# Certs for testing purposes +COPY --from=pebbleca /test/certs/pebble.minica.pem /etc/ssl/certs/pebble.minica.pem +COPY --from=testca /home/step/certs/root_ca.crt /etc/ssl/certs/NginxProxyManager.crt EXPOSE 80 81 443 ENTRYPOINT [ "/init" ] diff --git a/docker/docker-compose.ci.yml b/docker/docker-compose.ci.yml index e13e8bf26..bb68858f9 100644 --- a/docker/docker-compose.ci.yml +++ b/docker/docker-compose.ci.yml @@ -9,6 +9,9 @@ services: environment: DEBUG: 'true' FORCE_COLOR: 1 + # Required for DNS Certificate provisioning in CI + LE_SERVER: 'https://ca.internal/acme/acme/directory' + REQUESTS_CA_BUNDLE: '/etc/ssl/certs/NginxProxyManager.crt' volumes: - 'npm_data_ci:/data' - 'npm_le_ci:/etc/letsencrypt' diff --git a/docker/docker-compose.dev.yml b/docker/docker-compose.dev.yml index e7f9bcbaa..2bfa2b798 100644 --- a/docker/docker-compose.dev.yml +++ b/docker/docker-compose.dev.yml @@ -33,12 +33,20 @@ services: DB_MYSQL_NAME: 'npm' # DB_SQLITE_FILE: "/data/database.sqlite" # DISABLE_IPV6: "true" + # Required for DNS Certificate provisioning testing: + LE_SERVER: 'https://ca.internal/acme/acme/directory' + REQUESTS_CA_BUNDLE: '/etc/ssl/certs/NginxProxyManager.crt' volumes: - npm_data:/data - le_data:/etc/letsencrypt + - './dev/resolv.conf:/etc/resolv.conf:ro' - ../backend:/app - ../frontend:/app/frontend - ../global:/app/global + healthcheck: + test: ["CMD", "/usr/bin/check-health"] + interval: 10s + timeout: 3s depends_on: - db working_dir: /app @@ -58,6 +66,23 @@ services: volumes: - db_data:/var/lib/mysql + stepca: + image: jc21/testca + volumes: + - './dev/resolv.conf:/etc/resolv.conf:ro' + - '/etc/localtime:/etc/localtime:ro' + networks: + nginx_proxy_manager: + aliases: + - ca.internal + + dnsrouter: + image: jc21/dnsrouter + volumes: + - ./dev/dnsrouter-config.json.tmp:/dnsrouter-config.json:ro + networks: + - nginx_proxy_manager + swagger: image: swaggerapi/swagger-ui:latest container_name: npm_swagger @@ -74,12 +99,71 @@ services: container_name: npm_squid volumes: - './dev/squid.conf:/etc/squid/squid.conf:ro' + - './dev/resolv.conf:/etc/resolv.conf:ro' - '/etc/localtime:/etc/localtime:ro' networks: - nginx_proxy_manager ports: - 8128:3128 + pdns: + image: pschiffe/pdns-mysql + volumes: + - '/etc/localtime:/etc/localtime:ro' + environment: + PDNS_master: 'yes' + PDNS_api: 'yes' + PDNS_api_key: 'npm' + PDNS_webserver: 'yes' + PDNS_webserver_address: '0.0.0.0' + PDNS_webserver_password: 'npm' + PDNS_webserver-allow-from: '127.0.0.0/8,192.0.0.0/8,10.0.0.0/8,172.0.0.0/8' + PDNS_version_string: 'anonymous' + PDNS_default_ttl: 1500 + PDNS_allow_axfr_ips: '127.0.0.0/8,192.0.0.0/8,10.0.0.0/8,172.0.0.0/8' + PDNS_gmysql_host: pdns-db + PDNS_gmysql_port: 3306 + PDNS_gmysql_user: pdns + PDNS_gmysql_password: pdns + PDNS_gmysql_dbname: pdns + depends_on: + - pdns-db + networks: + nginx_proxy_manager: + aliases: + - ns1.pdns + - ns2.pdns + + pdns-db: + image: mariadb + environment: + MYSQL_ROOT_PASSWORD: 'pdns' + MYSQL_DATABASE: 'pdns' + MYSQL_USER: 'pdns' + MYSQL_PASSWORD: 'pdns' + volumes: + - 'pdns_mysql:/var/lib/mysql' + - '/etc/localtime:/etc/localtime:ro' + - './dev/pdns-db.sql:/docker-entrypoint-initdb.d/01_init.sql:ro' + networks: + - nginx_proxy_manager + + cypress: + image: "npm_dev_cypress" + build: + context: ../ + dockerfile: test/cypress/Dockerfile + environment: + HTTP_PROXY: 'squid:3128' + HTTPS_PROXY: 'squid:3128' + volumes: + - '../test/results:/results' + - './dev/resolv.conf:/etc/resolv.conf:ro' + - '/etc/localtime:/etc/localtime:ro' + command: cypress run --browser chrome --config-file=cypress/config/ci.js + networks: + - nginx_proxy_manager + volumes: npm_data: name: npm_core_data @@ -87,6 +171,8 @@ volumes: name: npm_le_data db_data: name: npm_db_data + pdns_mysql: + name: npm_pdns_mysql networks: nginx_proxy_manager: diff --git a/scripts/.common.sh b/scripts/.common.sh index 3cea09167..4111db3b5 100644 --- a/scripts/.common.sh +++ b/scripts/.common.sh @@ -15,3 +15,13 @@ COMPOSE_PROJECT_NAME="npmdev" COMPOSE_FILE="docker/docker-compose.dev.yml" export COMPOSE_FILE COMPOSE_PROJECT_NAME + +# $1: container_name +get_container_ip () { + local container_name=$1 + local container + local ip + container=$(docker-compose ps --all -q "${container_name}" | tail -n1) + ip=$(docker inspect --format='{{range .NetworkSettings.Networks}}{{.IPAddress}}{{end}}' "$container") + echo "$ip" +} diff --git a/scripts/cypress-dev b/scripts/cypress-dev new file mode 100755 index 000000000..a0c64ad96 --- /dev/null +++ b/scripts/cypress-dev @@ -0,0 +1,13 @@ +#!/bin/bash -e + +DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)" +. "$DIR/.common.sh" + +# Ensure docker-compose exists +if hash docker-compose 2>/dev/null; then + cd "${DIR}/.." + rm -rf "$DIR/../test/results" + docker-compose up --build cypress +else + echo -e "${RED}❯ docker-compose command is not available${RESET}" +fi diff --git a/scripts/start-dev b/scripts/start-dev index f064a4bdf..9da6ed450 100755 --- a/scripts/start-dev +++ b/scripts/start-dev @@ -7,8 +7,43 @@ DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)" if hash docker-compose 2>/dev/null; then cd "${DIR}/.." echo -e "${BLUE}❯ ${CYAN}Starting Dev Stack ...${RESET}" + echo -e "${BLUE}❯ $(docker-compose config)${RESET}" - docker-compose up -d --remove-orphans --force-recreate --build + # Bring up a stack, in steps so we can inject IPs everywhere + docker-compose up -d pdns pdns-db + PDNS_IP=$(get_container_ip "pdns") + echo -e "${BLUE}❯ ${YELLOW}PDNS IP is ${PDNS_IP}${RESET}" + + # adjust the dnsrouter config + LOCAL_DNSROUTER_CONFIG="$DIR/../docker/dev/dnsrouter-config.json" + rm -rf "$LOCAL_DNSROUTER_CONFIG.tmp" + # IMPORTANT: changes to dnsrouter-config.json will affect this line: + jq --arg a "$PDNS_IP" '.servers[0].upstreams[1].upstream = $a' "$LOCAL_DNSROUTER_CONFIG" > "$LOCAL_DNSROUTER_CONFIG.tmp" + + docker-compose up -d dnsrouter + DNSROUTER_IP=$(get_container_ip "dnsrouter") + echo -e "${BLUE}❯ ${YELLOW}DNS Router IP is ${DNSROUTER_IP}" + + if [ "${DNSROUTER_IP:-}" = "" ]; then + echo -e "${RED}❯ ERROR: DNS Router IP is not set${RESET}" + exit 1 + fi + + # mount the resolver + LOCAL_RESOLVE="$DIR/../docker/dev/resolv.conf" + rm -rf "${LOCAL_RESOLVE}" + printf "nameserver %s\noptions ndots:0" "${DNSROUTER_IP}" > "${LOCAL_RESOLVE}" + + # bring up all remaining containers, except cypress! + docker-compose up -d --remove-orphans stepca squid + docker-compose pull db + docker-compose up -d --remove-orphans --pull=never fullstack + docker-compose up -d --remove-orphans swagger + + # docker-compose up -d --remove-orphans --force-recreate --build + + # wait for main container to be healthy + bash "$DIR/wait-healthy" "$(docker-compose ps --all -q fullstack)" 120 echo "" echo -e "${CYAN}Admin UI: http://127.0.0.1:3081${RESET}" From 5bdc05878f60a92de4d90a325d8724d0fb521248 Mon Sep 17 00:00:00 2001 From: Jamie Curnow Date: Wed, 16 Oct 2024 11:22:24 +1000 Subject: [PATCH 047/175] Fix issues with certbot command when using LE_SERVER --- backend/internal/certificate.js | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/backend/internal/certificate.js b/backend/internal/certificate.js index aea741c7d..901128d98 100644 --- a/backend/internal/certificate.js +++ b/backend/internal/certificate.js @@ -839,8 +839,8 @@ const internalCertificate = { '--email "' + certificate.meta.letsencrypt_email + '" ' + '--preferred-challenges "dns,http" ' + '--domains "' + certificate.domain_names.join(',') + '" ' + - (letsencryptStaging ? '--staging' : '') + - (letsencryptServer !== null ? `--server '${letsencryptServer}'` : ''); + (letsencryptServer !== null ? `--server '${letsencryptServer}' ` : '') + + (letsencryptStaging && letsencryptServer === null ? '--staging ' : ''); logger.info('Command:', cmd); From fe2d8895d68b6f9f96ea0fdba6e34e63a16e24c9 Mon Sep 17 00:00:00 2001 From: Jamie Curnow Date: Wed, 16 Oct 2024 14:53:57 +1000 Subject: [PATCH 048/175] Cypress test for http and dns cert provision --- backend/internal/certificate.js | 69 ++++++++++--------- .../schema/components/certificate-object.json | 27 ++++---- test/cypress/e2e/api/FullCertProvision.cy.js | 61 ++++++++++++++++ test/cypress/plugins/backendApi/client.js | 2 +- 4 files changed, 114 insertions(+), 45 deletions(-) create mode 100644 test/cypress/e2e/api/FullCertProvision.cy.js diff --git a/backend/internal/certificate.js b/backend/internal/certificate.js index 901128d98..34b8fdf5a 100644 --- a/backend/internal/certificate.js +++ b/backend/internal/certificate.js @@ -209,6 +209,7 @@ const internalCertificate = { .patchAndFetchById(certificate.id, { expires_on: moment(cert_info.dates.to, 'X').format('YYYY-MM-DD HH:mm:ss') }) + .then(utils.omitRow(omissions())) .then((saved_row) => { // Add cert data for audit log saved_row.meta = _.assign({}, saved_row.meta, { @@ -732,29 +733,29 @@ const internalCertificate = { return utils.exec('openssl x509 -in ' + certificate_file + ' -subject -noout') .then((result) => { + // Examples: + // subject=CN = *.jc21.com // subject=CN = something.example.com const regex = /(?:subject=)?[^=]+=\s+(\S+)/gim; const match = regex.exec(result); - - if (typeof match[1] === 'undefined') { - throw new error.ValidationError('Could not determine subject from certificate: ' + result); + if (match && typeof match[1] !== 'undefined') { + certData['cn'] = match[1]; } - - certData['cn'] = match[1]; }) .then(() => { return utils.exec('openssl x509 -in ' + certificate_file + ' -issuer -noout'); }) + .then((result) => { + // Examples: // issuer=C = US, O = Let's Encrypt, CN = Let's Encrypt Authority X3 + // issuer=C = US, O = Let's Encrypt, CN = E5 + // issuer=O = NginxProxyManager, CN = NginxProxyManager Intermediate CA","O = NginxProxyManager, CN = NginxProxyManager Intermediate CA const regex = /^(?:issuer=)?(.*)$/gim; const match = regex.exec(result); - - if (typeof match[1] === 'undefined') { - throw new error.ValidationError('Could not determine issuer from certificate: ' + result); + if (match && typeof match[1] !== 'undefined') { + certData['issuer'] = match[1]; } - - certData['issuer'] = match[1]; }) .then(() => { return utils.exec('openssl x509 -in ' + certificate_file + ' -dates -noout'); @@ -829,16 +830,16 @@ const internalCertificate = { requestLetsEncryptSsl: (certificate) => { logger.info('Requesting Let\'sEncrypt certificates for Cert #' + certificate.id + ': ' + certificate.domain_names.join(', ')); - const cmd = certbotCommand + ' certonly ' + - '--config "' + letsencryptConfig + '" ' + + const cmd = `${certbotCommand} certonly ` + + `--config '${letsencryptConfig}' ` + '--work-dir "/tmp/letsencrypt-lib" ' + '--logs-dir "/tmp/letsencrypt-log" ' + - '--cert-name "npm-' + certificate.id + '" ' + + `--cert-name "npm-${certificate.id}" ` + '--agree-tos ' + '--authenticator webroot ' + - '--email "' + certificate.meta.letsencrypt_email + '" ' + + `--email '${certificate.meta.letsencrypt_email}' ` + '--preferred-challenges "dns,http" ' + - '--domains "' + certificate.domain_names.join(',') + '" ' + + `--domains "${certificate.domain_names.join(',')}" ` + (letsencryptServer !== null ? `--server '${letsencryptServer}' ` : '') + (letsencryptStaging && letsencryptServer === null ? '--staging ' : ''); @@ -871,25 +872,26 @@ const internalCertificate = { const hasConfigArg = certificate.meta.dns_provider !== 'route53'; let mainCmd = certbotCommand + ' certonly ' + - '--config "' + letsencryptConfig + '" ' + + `--config '${letsencryptConfig}' ` + '--work-dir "/tmp/letsencrypt-lib" ' + '--logs-dir "/tmp/letsencrypt-log" ' + - '--cert-name "npm-' + certificate.id + '" ' + + `--cert-name 'npm-${certificate.id}' ` + '--agree-tos ' + - '--email "' + certificate.meta.letsencrypt_email + '" ' + - '--domains "' + certificate.domain_names.join(',') + '" ' + - '--authenticator ' + dnsPlugin.full_plugin_name + ' ' + + `--email '${certificate.meta.letsencrypt_email}' ` + + `--domains '${certificate.domain_names.join(',')}' ` + + `--authenticator '${dnsPlugin.full_plugin_name}' ` + ( hasConfigArg - ? '--' + dnsPlugin.full_plugin_name + '-credentials "' + credentialsLocation + '"' + ? `--${dnsPlugin.full_plugin_name}-credentials '${credentialsLocation}' ` : '' ) + ( certificate.meta.propagation_seconds !== undefined - ? ' --' + dnsPlugin.full_plugin_name + '-propagation-seconds ' + certificate.meta.propagation_seconds + ? `--${dnsPlugin.full_plugin_name}-propagation-seconds '${certificate.meta.propagation_seconds}' ` : '' ) + - (letsencryptStaging ? ' --staging' : ''); + (letsencryptServer !== null ? `--server '${letsencryptServer}' ` : '') + + (letsencryptStaging && letsencryptServer === null ? '--staging ' : ''); // Prepend the path to the credentials file as an environment variable if (certificate.meta.dns_provider === 'route53') { @@ -966,14 +968,15 @@ const internalCertificate = { logger.info('Renewing Let\'sEncrypt certificates for Cert #' + certificate.id + ': ' + certificate.domain_names.join(', ')); const cmd = certbotCommand + ' renew --force-renewal ' + - '--config "' + letsencryptConfig + '" ' + + `--config '${letsencryptConfig}' ` + '--work-dir "/tmp/letsencrypt-lib" ' + '--logs-dir "/tmp/letsencrypt-log" ' + - '--cert-name "npm-' + certificate.id + '" ' + + `--cert-name 'npm-${certificate.id}' ` + '--preferred-challenges "dns,http" ' + '--no-random-sleep-on-renew ' + '--disable-hook-validation ' + - (letsencryptStaging ? '--staging' : ''); + (letsencryptServer !== null ? `--server '${letsencryptServer}' ` : '') + + (letsencryptStaging && letsencryptServer === null ? '--staging ' : ''); logger.info('Command:', cmd); @@ -998,13 +1001,14 @@ const internalCertificate = { logger.info(`Renewing Let'sEncrypt certificates via ${dnsPlugin.name} for Cert #${certificate.id}: ${certificate.domain_names.join(', ')}`); let mainCmd = certbotCommand + ' renew --force-renewal ' + - '--config "' + letsencryptConfig + '" ' + + `--config "${letsencryptConfig}" ` + '--work-dir "/tmp/letsencrypt-lib" ' + '--logs-dir "/tmp/letsencrypt-log" ' + - '--cert-name "npm-' + certificate.id + '" ' + + `--cert-name 'npm-${certificate.id}' ` + '--disable-hook-validation ' + '--no-random-sleep-on-renew ' + - (letsencryptStaging ? ' --staging' : ''); + (letsencryptServer !== null ? `--server '${letsencryptServer}' ` : '') + + (letsencryptStaging && letsencryptServer === null ? '--staging ' : ''); // Prepend the path to the credentials file as an environment variable if (certificate.meta.dns_provider === 'route53') { @@ -1030,12 +1034,13 @@ const internalCertificate = { logger.info('Revoking Let\'sEncrypt certificates for Cert #' + certificate.id + ': ' + certificate.domain_names.join(', ')); const mainCmd = certbotCommand + ' revoke ' + - '--config "' + letsencryptConfig + '" ' + + `--config '${letsencryptConfig}' ` + '--work-dir "/tmp/letsencrypt-lib" ' + '--logs-dir "/tmp/letsencrypt-log" ' + - '--cert-path "/etc/letsencrypt/live/npm-' + certificate.id + '/fullchain.pem" ' + + `--cert-path '/etc/letsencrypt/live/npm-${certificate.id}/fullchain.pem' ` + '--delete-after-revoke ' + - (letsencryptStaging ? '--staging' : ''); + (letsencryptServer !== null ? `--server '${letsencryptServer}' ` : '') + + (letsencryptStaging && letsencryptServer === null ? '--staging ' : ''); // Don't fail command if file does not exist const delete_credentialsCmd = `rm -f '/etc/letsencrypt/credentials/credentials-${certificate.id}' || true`; diff --git a/backend/schema/components/certificate-object.json b/backend/schema/components/certificate-object.json index a4e8e1fce..b75dcf61d 100644 --- a/backend/schema/components/certificate-object.json +++ b/backend/schema/components/certificate-object.json @@ -45,11 +45,13 @@ "type": "object", "additionalProperties": false, "properties": { - "letsencrypt_email": { - "type": "string" + "certificate": { + "type": "string", + "minLength": 1 }, - "letsencrypt_agree": { - "type": "boolean" + "certificate_key": { + "type": "string", + "minLength": 1 }, "dns_challenge": { "type": "boolean" @@ -60,17 +62,18 @@ "dns_provider_credentials": { "type": "string" }, + "letsencrypt_agree": { + "type": "boolean" + }, + "letsencrypt_certificate": { + "type": "object" + }, + "letsencrypt_email": { + "type": "string" + }, "propagation_seconds": { "type": "integer", "minimum": 0 - }, - "certificate": { - "type": "string", - "minLength": 1 - }, - "certificate_key": { - "type": "string", - "minLength": 1 } } } diff --git a/test/cypress/e2e/api/FullCertProvision.cy.js b/test/cypress/e2e/api/FullCertProvision.cy.js new file mode 100644 index 000000000..93cacce9e --- /dev/null +++ b/test/cypress/e2e/api/FullCertProvision.cy.js @@ -0,0 +1,61 @@ +/// + +describe('Full Certificate Provisions', () => { + let token; + + before(() => { + cy.getToken().then((tok) => { + token = tok; + }); + }); + + it.only('Should be able to create new http certificate', function() { + cy.task('backendApiPost', { + token: token, + path: '/api/nginx/certificates', + data: { + domain_names: [ + 'website1.example.com' + ], + meta: { + letsencrypt_email: 'admin@example.com', + letsencrypt_agree: true, + dns_challenge: false + }, + provider: 'letsencrypt' + } + }).then((data) => { + cy.validateSwaggerSchema('post', 201, '/nginx/certificates', data); + expect(data).to.have.property('id'); + expect(data.id).to.be.greaterThan(0); + expect(data.provider).to.be.equal('letsencrypt'); + }); + }); + + it('Should be able to create new DNS certificate with Powerdns', function() { + cy.task('backendApiPost', { + token: token, + path: '/api/certificates', + data: { + domain_names: [ + 'website2.example.com' + ], + meta: { + letsencrypt_email: "admin@example.com", + dns_challenge: true, + dns_provider: 'powerdns', + dns_provider_credentials: 'dns_powerdns_api_url = http://ns1.pdns:8081\r\ndns_powerdns_api_key = npm', + letsencrypt_agree: true + }, + provider: 'letsencrypt' + } + }).then((data) => { + cy.validateSwaggerSchema('post', 201, '/nginx/certificates', data); + expect(data).to.have.property('id'); + expect(data.id).to.be.greaterThan(0); + expect(data.provider).to.be.equal('letsencrypt'); + expect(data.meta.dns_provider).to.be.equal('powerdns'); + }); + }); + +}); diff --git a/test/cypress/plugins/backendApi/client.js b/test/cypress/plugins/backendApi/client.js index ba28e3ae1..c10653e41 100644 --- a/test/cypress/plugins/backendApi/client.js +++ b/test/cypress/plugins/backendApi/client.js @@ -7,7 +7,7 @@ const BackendApi = function(config, token) { this.axios = axios.create({ baseURL: config.baseUrl, - timeout: 5000, + timeout: 60000, }); }; From d96a3987c0d6c679059af47bec33f8d94f7e4d78 Mon Sep 17 00:00:00 2001 From: Nephiel Date: Wed, 16 Oct 2024 19:04:50 +0000 Subject: [PATCH 049/175] Fix forward_scheme validation in Redirection Host Should solve error `data/forward_scheme must be equal to one of the allowed values` when configuring a Redirection Host with scheme set to `auto`. #4074 --- backend/schema/components/redirection-host-object.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/backend/schema/components/redirection-host-object.json b/backend/schema/components/redirection-host-object.json index cc4dbdd2f..e7a495fd3 100644 --- a/backend/schema/components/redirection-host-object.json +++ b/backend/schema/components/redirection-host-object.json @@ -28,7 +28,7 @@ }, "forward_scheme": { "type": "string", - "enum": ["http", "https"] + "enum": ["auto", "http", "https"] }, "forward_domain_name": { "description": "Domain Name", From fa2c814fcb76b6a11b979dc23a817853a459644d Mon Sep 17 00:00:00 2001 From: Nephiel Date: Wed, 16 Oct 2024 19:09:14 +0000 Subject: [PATCH 050/175] Fix schema validation in Default Site Should solve error `data/value must match exactly one schema in oneOf` when setting the Default Site to 404 or 444. #4074 --- backend/schema/components/setting-object.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/backend/schema/components/setting-object.json b/backend/schema/components/setting-object.json index e08777264..65ec2a08e 100644 --- a/backend/schema/components/setting-object.json +++ b/backend/schema/components/setting-object.json @@ -25,7 +25,7 @@ "value": { "description": "Value in almost any form", "example": "congratulations", - "oneOf": [ + "anyOf": [ { "type": "string", "minLength": 1 From edbed1af90ab86658a9fc4a17ef571797484edcc Mon Sep 17 00:00:00 2001 From: Jamie Curnow Date: Thu, 17 Oct 2024 08:48:47 +1000 Subject: [PATCH 051/175] Adds tests for settings endpoints and reenables dns cert test and fixes problems with schema --- backend/internal/nginx.js | 4 +- .../schema/components/proxy-host-object.json | 10 +- backend/schema/components/setting-object.json | 5 +- .../paths/nginx/dead-hosts/hostID/put.json | 4 +- .../schema/paths/nginx/dead-hosts/post.json | 4 +- .../paths/nginx/proxy-hosts/hostID/put.json | 4 +- .../schema/paths/nginx/proxy-hosts/post.json | 4 +- .../nginx/redirection-hosts/hostID/put.json | 4 +- .../paths/nginx/redirection-hosts/post.json | 4 +- .../paths/nginx/streams/streamID/put.json | 4 +- .../schema/paths/settings/settingID/put.json | 18 ++- test/cypress/e2e/api/FullCertProvision.cy.js | 7 +- .../e2e/api/{Hosts.cy.js => ProxyHosts.cy.js} | 2 +- test/cypress/e2e/api/Settings.cy.js | 124 ++++++++++++++++++ test/cypress/plugins/backendApi/client.js | 2 +- 15 files changed, 160 insertions(+), 40 deletions(-) rename test/cypress/e2e/api/{Hosts.cy.js => ProxyHosts.cy.js} (96%) create mode 100644 test/cypress/e2e/api/Settings.cy.js diff --git a/backend/internal/nginx.js b/backend/internal/nginx.js index 77933e733..5f802c004 100644 --- a/backend/internal/nginx.js +++ b/backend/internal/nginx.js @@ -181,7 +181,9 @@ const internalNginx = { * @param {Object} host * @returns {Promise} */ - generateConfig: (host_type, host) => { + generateConfig: (host_type, host_row) => { + // Prevent modifying the original object: + let host = JSON.parse(JSON.stringify(host_row)); const nice_host_type = internalNginx.getFileFriendlyHostType(host_type); if (config.debug()) { diff --git a/backend/schema/components/proxy-host-object.json b/backend/schema/components/proxy-host-object.json index a64a58c8f..5098802b1 100644 --- a/backend/schema/components/proxy-host-object.json +++ b/backend/schema/components/proxy-host-object.json @@ -23,9 +23,7 @@ "locations", "hsts_enabled", "hsts_subdomains", - "certificate", - "use_default_location", - "ipv6" + "certificate" ], "additionalProperties": false, "properties": { @@ -151,12 +149,6 @@ "$ref": "./access-list-object.json" } ] - }, - "use_default_location": { - "type": "boolean" - }, - "ipv6": { - "type": "boolean" } } } diff --git a/backend/schema/components/setting-object.json b/backend/schema/components/setting-object.json index 65ec2a08e..b9c6a1039 100644 --- a/backend/schema/components/setting-object.json +++ b/backend/schema/components/setting-object.json @@ -46,7 +46,10 @@ }, "meta": { "description": "Extra metadata", - "example": {}, + "example": { + "redirect": "http://example.com", + "html": "

404

" + }, "type": "object" } } diff --git a/backend/schema/paths/nginx/dead-hosts/hostID/put.json b/backend/schema/paths/nginx/dead-hosts/hostID/put.json index 6a0a57e3a..f9505ed48 100644 --- a/backend/schema/paths/nginx/dead-hosts/hostID/put.json +++ b/backend/schema/paths/nginx/dead-hosts/hostID/put.json @@ -94,9 +94,7 @@ "avatar": "", "roles": ["admin"] }, - "certificate": null, - "use_default_location": true, - "ipv6": true + "certificate": null } } }, diff --git a/backend/schema/paths/nginx/dead-hosts/post.json b/backend/schema/paths/nginx/dead-hosts/post.json index 593135065..c8bbb6932 100644 --- a/backend/schema/paths/nginx/dead-hosts/post.json +++ b/backend/schema/paths/nginx/dead-hosts/post.json @@ -79,9 +79,7 @@ "nickname": "Admin", "avatar": "", "roles": ["admin"] - }, - "use_default_location": true, - "ipv6": true + } } } }, diff --git a/backend/schema/paths/nginx/proxy-hosts/hostID/put.json b/backend/schema/paths/nginx/proxy-hosts/hostID/put.json index af73905dc..5cab6e752 100644 --- a/backend/schema/paths/nginx/proxy-hosts/hostID/put.json +++ b/backend/schema/paths/nginx/proxy-hosts/hostID/put.json @@ -129,9 +129,7 @@ "roles": ["admin"] }, "certificate": null, - "access_list": null, - "use_default_location": true, - "ipv6": true + "access_list": null } } }, diff --git a/backend/schema/paths/nginx/proxy-hosts/post.json b/backend/schema/paths/nginx/proxy-hosts/post.json index 13f641610..85455fb6b 100644 --- a/backend/schema/paths/nginx/proxy-hosts/post.json +++ b/backend/schema/paths/nginx/proxy-hosts/post.json @@ -114,9 +114,7 @@ "avatar": "//www.gravatar.com/avatar/e64c7d89f26bd1972efa854d13d7dd61?default=mm", "roles": ["admin"] }, - "access_list": null, - "use_default_location": true, - "ipv6": true + "access_list": null } } }, diff --git a/backend/schema/paths/nginx/redirection-hosts/hostID/put.json b/backend/schema/paths/nginx/redirection-hosts/hostID/put.json index 870f16fcd..fd97cbfa8 100644 --- a/backend/schema/paths/nginx/redirection-hosts/hostID/put.json +++ b/backend/schema/paths/nginx/redirection-hosts/hostID/put.json @@ -114,9 +114,7 @@ "avatar": "", "roles": ["admin"] }, - "certificate": null, - "use_default_location": true, - "ipv6": true + "certificate": null } } }, diff --git a/backend/schema/paths/nginx/redirection-hosts/post.json b/backend/schema/paths/nginx/redirection-hosts/post.json index 3a9a05fec..5bfde2c38 100644 --- a/backend/schema/paths/nginx/redirection-hosts/post.json +++ b/backend/schema/paths/nginx/redirection-hosts/post.json @@ -99,9 +99,7 @@ "nickname": "Admin", "avatar": "", "roles": ["admin"] - }, - "use_default_location": true, - "ipv6": true + } } } }, diff --git a/backend/schema/paths/nginx/streams/streamID/put.json b/backend/schema/paths/nginx/streams/streamID/put.json index f3ef54d47..fbfdc901b 100644 --- a/backend/schema/paths/nginx/streams/streamID/put.json +++ b/backend/schema/paths/nginx/streams/streamID/put.json @@ -129,9 +129,7 @@ "roles": ["admin"] }, "certificate": null, - "access_list": null, - "use_default_location": true, - "ipv6": true + "access_list": null } } }, diff --git a/backend/schema/paths/settings/settingID/put.json b/backend/schema/paths/settings/settingID/put.json index 5888ec056..4ca624293 100644 --- a/backend/schema/paths/settings/settingID/put.json +++ b/backend/schema/paths/settings/settingID/put.json @@ -13,7 +13,8 @@ "name": "settingID", "schema": { "type": "string", - "minLength": 1 + "minLength": 1, + "enum": ["default-site"] }, "required": true, "description": "Setting ID", @@ -31,10 +32,21 @@ "minProperties": 1, "properties": { "value": { - "$ref": "../../../components/setting-object.json#/properties/value" + "type": "string", + "minLength": 1, + "enum": ["congratulations", "404", "444", "redirect", "html"] }, "meta": { - "$ref": "../../../components/setting-object.json#/properties/meta" + "type": "object", + "additionalProperties": false, + "properties": { + "redirect": { + "type": "string" + }, + "html": { + "type": "string" + } + } } } } diff --git a/test/cypress/e2e/api/FullCertProvision.cy.js b/test/cypress/e2e/api/FullCertProvision.cy.js index 93cacce9e..5ca5692cd 100644 --- a/test/cypress/e2e/api/FullCertProvision.cy.js +++ b/test/cypress/e2e/api/FullCertProvision.cy.js @@ -9,7 +9,7 @@ describe('Full Certificate Provisions', () => { }); }); - it.only('Should be able to create new http certificate', function() { + it('Should be able to create new http certificate', function() { cy.task('backendApiPost', { token: token, path: '/api/nginx/certificates', @@ -35,7 +35,7 @@ describe('Full Certificate Provisions', () => { it('Should be able to create new DNS certificate with Powerdns', function() { cy.task('backendApiPost', { token: token, - path: '/api/certificates', + path: '/api/nginx/certificates', data: { domain_names: [ 'website2.example.com' @@ -45,7 +45,8 @@ describe('Full Certificate Provisions', () => { dns_challenge: true, dns_provider: 'powerdns', dns_provider_credentials: 'dns_powerdns_api_url = http://ns1.pdns:8081\r\ndns_powerdns_api_key = npm', - letsencrypt_agree: true + letsencrypt_agree: true, + propagation_seconds: 5, }, provider: 'letsencrypt' } diff --git a/test/cypress/e2e/api/Hosts.cy.js b/test/cypress/e2e/api/ProxyHosts.cy.js similarity index 96% rename from test/cypress/e2e/api/Hosts.cy.js rename to test/cypress/e2e/api/ProxyHosts.cy.js index 75d732c7c..5bc645800 100644 --- a/test/cypress/e2e/api/Hosts.cy.js +++ b/test/cypress/e2e/api/ProxyHosts.cy.js @@ -1,6 +1,6 @@ /// -describe('Hosts endpoints', () => { +describe('Proxy Hosts endpoints', () => { let token; before(() => { diff --git a/test/cypress/e2e/api/Settings.cy.js b/test/cypress/e2e/api/Settings.cy.js new file mode 100644 index 000000000..6942760c7 --- /dev/null +++ b/test/cypress/e2e/api/Settings.cy.js @@ -0,0 +1,124 @@ +/// + +describe('Settings endpoints', () => { + let token; + + before(() => { + cy.getToken().then((tok) => { + token = tok; + }); + }); + + it('Get all settings', function() { + cy.task('backendApiGet', { + token: token, + path: '/api/settings', + }).then((data) => { + cy.validateSwaggerSchema('get', 200, '/settings', data); + expect(data.length).to.be.greaterThan(0); + }); + }); + + it('Get default-site setting', function() { + cy.task('backendApiGet', { + token: token, + path: '/api/settings/default-site', + }).then((data) => { + cy.validateSwaggerSchema('get', 200, '/settings/{settingID}', data); + expect(data).to.have.property('id'); + expect(data.id).to.be.equal('default-site'); + }); + }); + + it('Default Site congratulations', function() { + cy.task('backendApiPut', { + token: token, + path: '/api/settings/default-site', + data: { + value: 'congratulations', + }, + }).then((data) => { + cy.validateSwaggerSchema('put', 200, '/settings/{settingID}', data); + expect(data).to.have.property('id'); + expect(data.id).to.be.equal('default-site'); + expect(data).to.have.property('value'); + expect(data.value).to.be.equal('congratulations'); + }); + }); + + it('Default Site 404', function() { + cy.task('backendApiPut', { + token: token, + path: '/api/settings/default-site', + data: { + value: '404', + }, + }).then((data) => { + cy.validateSwaggerSchema('put', 200, '/settings/{settingID}', data); + expect(data).to.have.property('id'); + expect(data.id).to.be.equal('default-site'); + expect(data).to.have.property('value'); + expect(data.value).to.be.equal('404'); + }); + }); + + it('Default Site 444', function() { + cy.task('backendApiPut', { + token: token, + path: '/api/settings/default-site', + data: { + value: '444', + }, + }).then((data) => { + cy.validateSwaggerSchema('put', 200, '/settings/{settingID}', data); + expect(data).to.have.property('id'); + expect(data.id).to.be.equal('default-site'); + expect(data).to.have.property('value'); + expect(data.value).to.be.equal('444'); + }); + }); + + it('Default Site redirect', function() { + cy.task('backendApiPut', { + token: token, + path: '/api/settings/default-site', + data: { + value: 'redirect', + meta: { + redirect: 'https://www.google.com', + }, + }, + }).then((data) => { + cy.validateSwaggerSchema('put', 200, '/settings/{settingID}', data); + expect(data).to.have.property('id'); + expect(data.id).to.be.equal('default-site'); + expect(data).to.have.property('value'); + expect(data.value).to.be.equal('redirect'); + expect(data).to.have.property('meta'); + expect(data.meta).to.have.property('redirect'); + expect(data.meta.redirect).to.be.equal('https://www.google.com'); + }); + }); + + it('Default Site html', function() { + cy.task('backendApiPut', { + token: token, + path: '/api/settings/default-site', + data: { + value: 'html', + meta: { + html: '

hello world

' + }, + }, + }).then((data) => { + cy.validateSwaggerSchema('put', 200, '/settings/{settingID}', data); + expect(data).to.have.property('id'); + expect(data.id).to.be.equal('default-site'); + expect(data).to.have.property('value'); + expect(data.value).to.be.equal('html'); + expect(data).to.have.property('meta'); + expect(data.meta).to.have.property('html'); + expect(data.meta.html).to.be.equal('

hello world

'); + }); + }); +}); diff --git a/test/cypress/plugins/backendApi/client.js b/test/cypress/plugins/backendApi/client.js index c10653e41..6f5f7661e 100644 --- a/test/cypress/plugins/backendApi/client.js +++ b/test/cypress/plugins/backendApi/client.js @@ -7,7 +7,7 @@ const BackendApi = function(config, token) { this.axios = axios.create({ baseURL: config.baseUrl, - timeout: 60000, + timeout: 90000, }); }; From 2f9e062718d0d66fcff0e240ac47533bb1fcbda4 Mon Sep 17 00:00:00 2001 From: Jamie Curnow Date: Thu, 17 Oct 2024 09:05:25 +1000 Subject: [PATCH 052/175] bump version --- .version | 2 +- README.md | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/.version b/.version index d8b698973..3cf561c0b 100644 --- a/.version +++ b/.version @@ -1 +1 @@ -2.12.0 +2.12.1 diff --git a/README.md b/README.md index 2d1b8da5b..9ac6a6c85 100644 --- a/README.md +++ b/README.md @@ -1,7 +1,7 @@



- + From d499e2bfef7c79981ad46fa5946e743d7380eb65 Mon Sep 17 00:00:00 2001 From: Jamie Curnow Date: Thu, 17 Oct 2024 10:00:12 +1000 Subject: [PATCH 053/175] Push PR and github branch builds to separate docker image --- Jenkinsfile | 10 ++++++++-- 1 file changed, 8 insertions(+), 2 deletions(-) diff --git a/Jenkinsfile b/Jenkinsfile index 9b29ee970..302e05b27 100644 --- a/Jenkinsfile +++ b/Jenkinsfile @@ -43,7 +43,7 @@ pipeline { steps { script { // Defaults to the Branch name, which is applies to all branches AND pr's - buildxPushTags = "-t docker.io/jc21/${IMAGE}:github-${BRANCH_LOWER}" + buildxPushTags = "-t docker.io/nginxproxymanager/${IMAGE}-dev:${BRANCH_LOWER}" } } } @@ -203,7 +203,13 @@ pipeline { } steps { script { - npmGithubPrComment("Docker Image for build ${BUILD_NUMBER} is available on [DockerHub](https://cloud.docker.com/repository/docker/jc21/${IMAGE}) as `jc21/${IMAGE}:github-${BRANCH_LOWER}`\n\n**Note:** ensure you backup your NPM instance before testing this PR image! Especially if this PR contains database changes.", true) + npmGithubPrComment("""Docker Image for build ${BUILD_NUMBER} is available on +[DockerHub](https://cloud.docker.com/repository/docker/nginxproxymanager/${IMAGE}-dev) +as `nginxproxymanager/${IMAGE}-dev:${BRANCH_LOWER}` + +**Note:** ensure you backup your NPM instance before testing this image! Especially if there are database changes +**Note:** this is a different docker image namespace than the official image +""", true) } } } From 96c58b203ee80690a1af1ce8f4ea28a50285eca9 Mon Sep 17 00:00:00 2001 From: Guiorgy Date: Thu, 17 Oct 2024 15:34:04 +0400 Subject: [PATCH 054/175] normalize indentations in certbot-dns-plugins.json --- global/certbot-dns-plugins.json | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/global/certbot-dns-plugins.json b/global/certbot-dns-plugins.json index 6729842e8..dee7b8611 100644 --- a/global/certbot-dns-plugins.json +++ b/global/certbot-dns-plugins.json @@ -7,7 +7,7 @@ "credentials": "dns_acmedns_api_url = http://acmedns-server/\ndns_acmedns_registration_file = /data/acme-registration.json", "full_plugin_name": "dns-acmedns" }, - "active24":{ + "active24":{ "name": "Active24", "package_name": "certbot-dns-active24", "version": "~=1.5.1", @@ -424,13 +424,13 @@ "full_plugin_name": "dns-rfc2136" }, "rockenstein": { - "name": "rockenstein AG", - "package_name": "certbot-dns-rockenstein", - "version": "~=1.0.0", - "dependencies": "", - "credentials": "dns_rockenstein_token=", - "full_plugin_name": "dns-rockenstein" - }, + "name": "rockenstein AG", + "package_name": "certbot-dns-rockenstein", + "version": "~=1.0.0", + "dependencies": "", + "credentials": "dns_rockenstein_token=", + "full_plugin_name": "dns-rockenstein" + }, "route53": { "name": "Route 53 (Amazon)", "package_name": "certbot-dns-route53", From d92421d098d26eee73d4d80a4a075efe058257de Mon Sep 17 00:00:00 2001 From: "T. Todua" <7117978+ttodua@users.noreply.github.com> Date: Fri, 18 Oct 2024 15:33:32 +0400 Subject: [PATCH 055/175] doc(site) - default credentials change --- docs/src/setup/index.md | 10 +++++++++- 1 file changed, 9 insertions(+), 1 deletion(-) diff --git a/docs/src/setup/index.md b/docs/src/setup/index.md index 9b1505bed..bffcf6d56 100644 --- a/docs/src/setup/index.md +++ b/docs/src/setup/index.md @@ -137,5 +137,13 @@ Email: admin@example.com Password: changeme ``` -Immediately after logging in with this default user you will be asked to modify your details and change your password. +Immediately after logging in with this default user you will be asked to modify your details and change your password. You can set pre-defined initial credentials in docker-compose: + + +``` + environment: + INITIAL_ADMIN_EMAIL: my@example.com + INITIAL_ADMIN_PASSWORD: mypassword1 +``` + From 68a9baf206fb722b10d829633cb41b22b22e1c3d Mon Sep 17 00:00:00 2001 From: "T. Todua" <7117978+ttodua@users.noreply.github.com> Date: Fri, 18 Oct 2024 15:35:15 +0400 Subject: [PATCH 056/175] minor --- docs/src/setup/index.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/src/setup/index.md b/docs/src/setup/index.md index bffcf6d56..ee8e9903d 100644 --- a/docs/src/setup/index.md +++ b/docs/src/setup/index.md @@ -137,7 +137,7 @@ Email: admin@example.com Password: changeme ``` -Immediately after logging in with this default user you will be asked to modify your details and change your password. You can set pre-defined initial credentials in docker-compose: +Immediately after logging in with this default user you will be asked to modify your details and change your password. You can change defaults with: ``` From d7e0558a35a50a3f117e129ceec698b3ee15aefb Mon Sep 17 00:00:00 2001 From: Sergey 'dreik' Kolesnik Date: Thu, 24 Oct 2024 01:30:14 +0300 Subject: [PATCH 057/175] http2 directive to reduce warns in logs --- backend/templates/_listen.conf | 9 +++++++-- 1 file changed, 7 insertions(+), 2 deletions(-) diff --git a/backend/templates/_listen.conf b/backend/templates/_listen.conf index ad1c96ba0..34a808e6a 100644 --- a/backend/templates/_listen.conf +++ b/backend/templates/_listen.conf @@ -5,11 +5,16 @@ #listen [::]:80; {% endif %} {% if certificate -%} - listen 443 ssl{% if http2_support == 1 or http2_support == true %} http2{% endif %}; + listen 443 ssl; {% if ipv6 -%} - listen [::]:443 ssl{% if http2_support == 1 or http2_support == true %} http2{% endif %}; + listen [::]:443 ssl; {% else -%} #listen [::]:443; {% endif %} {% endif %} server_name {{ domain_names | join: " " }}; +{% if http2_support == 1 or http2_support == true %} + http2 on; +{% else -%} + http2 off; +{% endif %} \ No newline at end of file From dad8d0ca00d0d366d46d1bbe85b7c73255cde756 Mon Sep 17 00:00:00 2001 From: Chris Maffey Date: Thu, 24 Oct 2024 14:04:17 +1300 Subject: [PATCH 058/175] Update _access.conf the pass_auth and satisfy_any properties and now boolean true/false, they do not == 1 so the switching in this template breaks --- backend/templates/_access.conf | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/backend/templates/_access.conf b/backend/templates/_access.conf index 447006c0c..f59263775 100644 --- a/backend/templates/_access.conf +++ b/backend/templates/_access.conf @@ -4,7 +4,7 @@ auth_basic "Authorization required"; auth_basic_user_file /data/access/{{ access_list_id }}; - {% if access_list.pass_auth == 0 %} + {% if access_list.pass_auth == 0 or access_list.pass_auth == true %} proxy_set_header Authorization ""; {% endif %} @@ -17,7 +17,7 @@ deny all; # Access checks must... - {% if access_list.satisfy_any == 1 %} + {% if access_list.satisfy_any == 1 or access_list.satisfy_any == true %} satisfy any; {% else %} satisfy all; From 2e9a4f1aed06231f2ce1582fa75d603f10779fa6 Mon Sep 17 00:00:00 2001 From: Chris Maffey Date: Thu, 24 Oct 2024 17:29:16 +1300 Subject: [PATCH 059/175] Update put.json Password can be left blank for updates. Otherwise you have to reenter the password every time you save the auth list --- backend/schema/paths/nginx/access-lists/listID/put.json | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/backend/schema/paths/nginx/access-lists/listID/put.json b/backend/schema/paths/nginx/access-lists/listID/put.json index 3a69f8567..7f887dad6 100644 --- a/backend/schema/paths/nginx/access-lists/listID/put.json +++ b/backend/schema/paths/nginx/access-lists/listID/put.json @@ -49,8 +49,7 @@ "minLength": 1 }, "password": { - "type": "string", - "minLength": 1 + "type": "string" } } } From 1c1cee383674669adeb10b2b290699943992e411 Mon Sep 17 00:00:00 2001 From: Emil <651107+prospo@users.noreply.github.com> Date: Fri, 25 Oct 2024 13:25:09 +0000 Subject: [PATCH 060/175] feat: Add leaseweb to certbot-dns-plugins --- global/certbot-dns-plugins.json | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/global/certbot-dns-plugins.json b/global/certbot-dns-plugins.json index dee7b8611..075877744 100644 --- a/global/certbot-dns-plugins.json +++ b/global/certbot-dns-plugins.json @@ -303,6 +303,14 @@ "credentials": "dns_joker_username = \ndns_joker_password = \ndns_joker_domain = ", "full_plugin_name": "dns-joker" }, + "leaseweb": { + "name": "LeaseWeb", + "package_name": "certbot-dns-leaseweb", + "version": "~=1.0.1", + "dependencies": "", + "credentials": "dns_leaseweb_api_token = 01234556789", + "full_plugin_name": "dns-leaseweb" + }, "linode": { "name": "Linode", "package_name": "certbot-dns-linode", From e9d4f5b827564fcb90883a77710779192495f260 Mon Sep 17 00:00:00 2001 From: mitossoft-rd <106842163+mitossoft-rd@users.noreply.github.com> Date: Mon, 28 Oct 2024 02:59:23 +0300 Subject: [PATCH 061/175] Remove variable usage from proxy_pass directive to fix resolution issues By using a static URL, the backend server can be accessed reliably, avoiding the common 404 errors or "no resolver defined" issues seen when variables are used. --- backend/templates/_location.conf | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/backend/templates/_location.conf b/backend/templates/_location.conf index fcc7d1210..04a4b18f3 100644 --- a/backend/templates/_location.conf +++ b/backend/templates/_location.conf @@ -11,7 +11,7 @@ set $proxy_server "{{ forward_host }}"; set $proxy_port {{ forward_port }}; - proxy_pass $proxy_forward_scheme://$proxy_server:$proxy_port{{ forward_path }}; + proxy_pass {{ forward_scheme }}:{{ forward_host }}:{{ forward_port }}{{ forward_path }}; {% include "_access.conf" %} {% include "_assets.conf" %} From a55de386e74cb21cf35a60251bf1e920c9aca062 Mon Sep 17 00:00:00 2001 From: mitossoft-rd <106842163+mitossoft-rd@users.noreply.github.com> Date: Mon, 28 Oct 2024 15:15:08 +0300 Subject: [PATCH 062/175] Fix URL format --- backend/templates/_location.conf | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/backend/templates/_location.conf b/backend/templates/_location.conf index 04a4b18f3..ba9ea6953 100644 --- a/backend/templates/_location.conf +++ b/backend/templates/_location.conf @@ -11,7 +11,7 @@ set $proxy_server "{{ forward_host }}"; set $proxy_port {{ forward_port }}; - proxy_pass {{ forward_scheme }}:{{ forward_host }}:{{ forward_port }}{{ forward_path }}; + proxy_pass {{ forward_scheme }}://{{ forward_host }}:{{ forward_port }}{{ forward_path }}; {% include "_access.conf" %} {% include "_assets.conf" %} From f7d3ca0b07a51578350575f53799529905758d83 Mon Sep 17 00:00:00 2001 From: mitossoft-rd <106842163+mitossoft-rd@users.noreply.github.com> Date: Mon, 28 Oct 2024 15:18:54 +0300 Subject: [PATCH 063/175] Cleaning unused variable. --- backend/templates/_location.conf | 4 ---- 1 file changed, 4 deletions(-) diff --git a/backend/templates/_location.conf b/backend/templates/_location.conf index ba9ea6953..a2ecb166d 100644 --- a/backend/templates/_location.conf +++ b/backend/templates/_location.conf @@ -7,10 +7,6 @@ proxy_set_header X-Forwarded-For $remote_addr; proxy_set_header X-Real-IP $remote_addr; - set $proxy_forward_scheme {{ forward_scheme }}; - set $proxy_server "{{ forward_host }}"; - set $proxy_port {{ forward_port }}; - proxy_pass {{ forward_scheme }}://{{ forward_host }}:{{ forward_port }}{{ forward_path }}; {% include "_access.conf" %} From 62c94f309921084bfae123e5e360d42ec9413c76 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Thu, 31 Oct 2024 02:19:58 +0000 Subject: [PATCH 064/175] Bump elliptic from 6.5.7 to 6.6.0 in /frontend Bumps [elliptic](https://github.com/indutny/elliptic) from 6.5.7 to 6.6.0. - [Commits](https://github.com/indutny/elliptic/compare/v6.5.7...v6.6.0) --- updated-dependencies: - dependency-name: elliptic dependency-type: indirect ... Signed-off-by: dependabot[bot] --- frontend/yarn.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/frontend/yarn.lock b/frontend/yarn.lock index c37fc95df..02655441f 100644 --- a/frontend/yarn.lock +++ b/frontend/yarn.lock @@ -2648,9 +2648,9 @@ electron-to-chromium@^1.3.47: integrity sha512-67V62Z4CFOiAtox+o+tosGfVk0QX4DJgH609tjT8QymbJZVAI/jWnAthnr8c5hnRNziIRwkc9EMQYejiVz3/9Q== elliptic@^6.5.3, elliptic@^6.5.4: - version "6.5.7" - resolved "https://registry.yarnpkg.com/elliptic/-/elliptic-6.5.7.tgz#8ec4da2cb2939926a1b9a73619d768207e647c8b" - integrity sha512-ESVCtTwiA+XhY3wyh24QqRGBoP3rEdDUl3EDUUo9tft074fi19IrdpH7hLCMMP3CIj7jb3W96rn8lt/BqIlt5Q== + version "6.6.0" + resolved "https://registry.yarnpkg.com/elliptic/-/elliptic-6.6.0.tgz#5919ec723286c1edf28685aa89261d4761afa210" + integrity sha512-dpwoQcLc/2WLQvJvLRHKZ+f9FgOdjnq11rurqwekGQygGPsYSK29OMMD2WalatiqQ+XGFDglTNixpPfI+lpaAA== dependencies: bn.js "^4.11.9" brorand "^1.1.0" From d6791f4e38e386f9b430a6bdb3d8853c3dff68f3 Mon Sep 17 00:00:00 2001 From: Jonas Riedel Date: Thu, 31 Oct 2024 11:25:38 +0100 Subject: [PATCH 065/175] docs(setup): Remove deprecated version from docker-compose.yml --- docs/src/advanced-config/index.md | 3 --- docs/src/setup/index.md | 2 -- 2 files changed, 5 deletions(-) diff --git a/docs/src/advanced-config/index.md b/docs/src/advanced-config/index.md index efeaefec3..c9b42bcc7 100644 --- a/docs/src/advanced-config/index.md +++ b/docs/src/advanced-config/index.md @@ -50,7 +50,6 @@ networks: Let's look at a Portainer example: ```yml -version: '3.8' services: portainer: @@ -92,8 +91,6 @@ This image supports the use of Docker secrets to import from files and keep sens You can set any environment variable from a file by appending `__FILE` (double-underscore FILE) to the environmental variable name. ```yml -version: '3.8' - secrets: # Secrets are single-line text files where the sole content is the secret # Paths in this example assume that secrets are kept in local folder called ".secrets" diff --git a/docs/src/setup/index.md b/docs/src/setup/index.md index ee8e9903d..0b5d69da8 100644 --- a/docs/src/setup/index.md +++ b/docs/src/setup/index.md @@ -9,7 +9,6 @@ outline: deep Create a `docker-compose.yml` file: ```yml -version: '3.8' services: app: image: 'jc21/nginx-proxy-manager:latest' @@ -55,7 +54,6 @@ are going to use. Here is an example of what your `docker-compose.yml` will look like when using a MariaDB container: ```yml -version: '3.8' services: app: image: 'jc21/nginx-proxy-manager:latest' From a0b26b9e9842414ea8ab5c500fb467832397f9d7 Mon Sep 17 00:00:00 2001 From: irexyc Date: Mon, 4 Nov 2024 20:01:39 +0800 Subject: [PATCH 066/175] Add woff2 format to assets.conf for Cache Assets --- docker/rootfs/etc/nginx/conf.d/include/assets.conf | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docker/rootfs/etc/nginx/conf.d/include/assets.conf b/docker/rootfs/etc/nginx/conf.d/include/assets.conf index b7037343d..5a90beb8a 100644 --- a/docker/rootfs/etc/nginx/conf.d/include/assets.conf +++ b/docker/rootfs/etc/nginx/conf.d/include/assets.conf @@ -1,4 +1,4 @@ -location ~* ^.*\.(css|js|jpe?g|gif|png|webp|woff|eot|ttf|svg|ico|css\.map|js\.map)$ { +location ~* ^.*\.(css|js|jpe?g|gif|png|webp|woff|woff2|eot|ttf|svg|ico|css\.map|js\.map)$ { if_modified_since off; # use the public cache From c17175213717c40fda3a92a2988403d38494e5d9 Mon Sep 17 00:00:00 2001 From: Medan-rfz Date: Fri, 8 Nov 2024 02:29:38 +0400 Subject: [PATCH 067/175] Added certbot plugin for Beget DNS service --- global/certbot-dns-plugins.json | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/global/certbot-dns-plugins.json b/global/certbot-dns-plugins.json index 075877744..39b94316f 100644 --- a/global/certbot-dns-plugins.json +++ b/global/certbot-dns-plugins.json @@ -31,6 +31,14 @@ "credentials": "# This plugin supported API authentication using either Service Principals or utilizing a Managed Identity assigned to the virtual machine.\n# Regardless which authentication method used, the identity will need the “DNS Zone Contributor” role assigned to it.\n# As multiple Azure DNS Zones in multiple resource groups can exist, the config file needs a mapping of zone to resource group ID. Multiple zones -> ID mappings can be listed by using the key dns_azure_zoneX where X is a unique number. At least 1 zone mapping is required.\n\n# Using a service principal (option 1)\ndns_azure_sp_client_id = 912ce44a-0156-4669-ae22-c16a17d34ca5\ndns_azure_sp_client_secret = E-xqXU83Y-jzTI6xe9fs2YC~mck3ZzUih9\ndns_azure_tenant_id = ed1090f3-ab18-4b12-816c-599af8a88cf7\n\n# Using used assigned MSI (option 2)\n# dns_azure_msi_client_id = 912ce44a-0156-4669-ae22-c16a17d34ca5\n\n# Using system assigned MSI (option 3)\n# dns_azure_msi_system_assigned = true\n\n# Zones (at least one always required)\ndns_azure_zone1 = example.com:/subscriptions/c135abce-d87d-48df-936c-15596c6968a5/resourceGroups/dns1\ndns_azure_zone2 = example.org:/subscriptions/99800903-fb14-4992-9aff-12eaf2744622/resourceGroups/dns2", "full_plugin_name": "dns-azure" }, + "beget": { + "name":"Beget", + "package_name": "certbot-dns-beget", + "version": "~=1.7.0.dev3", + "dependencies": "", + "credentials": "# Beget API credentials used by Certbot\ndns_beget_login = login\ndns_beget_password = passwd", + "full_plugin_name": "dns-beget" + }, "bunny": { "name": "bunny.net", "package_name": "certbot-dns-bunny", From 595a742c400c8909dea1eb04f4ef4a5ed7b49c48 Mon Sep 17 00:00:00 2001 From: Medan-rfz Date: Sun, 10 Nov 2024 15:09:41 +0400 Subject: [PATCH 068/175] Change beget plugin --- global/certbot-dns-plugins.json | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/global/certbot-dns-plugins.json b/global/certbot-dns-plugins.json index 39b94316f..5ef597307 100644 --- a/global/certbot-dns-plugins.json +++ b/global/certbot-dns-plugins.json @@ -33,11 +33,11 @@ }, "beget": { "name":"Beget", - "package_name": "certbot-dns-beget", - "version": "~=1.7.0.dev3", + "package_name": "certbot-beget-plugin", + "version": "~=1.0.0.dev3", "dependencies": "", - "credentials": "# Beget API credentials used by Certbot\ndns_beget_login = login\ndns_beget_password = passwd", - "full_plugin_name": "dns-beget" + "credentials": "# Beget API credentials used by Certbot\ndns_beget_username = username\ndns_beget_password = password", + "full_plugin_name": "beget-plugin" }, "bunny": { "name": "bunny.net", From 10b9a49274b18f6c3a7ff8b6aa2a9c5bccf48112 Mon Sep 17 00:00:00 2001 From: Medan-rfz Date: Sun, 10 Nov 2024 16:16:45 +0400 Subject: [PATCH 069/175] Update version 'certbot-beget-plugin' --- global/certbot-dns-plugins.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/global/certbot-dns-plugins.json b/global/certbot-dns-plugins.json index 5ef597307..e8063a50d 100644 --- a/global/certbot-dns-plugins.json +++ b/global/certbot-dns-plugins.json @@ -34,7 +34,7 @@ "beget": { "name":"Beget", "package_name": "certbot-beget-plugin", - "version": "~=1.0.0.dev3", + "version": "~=1.0.0.dev4", "dependencies": "", "credentials": "# Beget API credentials used by Certbot\ndns_beget_username = username\ndns_beget_password = password", "full_plugin_name": "beget-plugin" From 4c893796713d7cd55eca811728a137d63bb953bd Mon Sep 17 00:00:00 2001 From: Medan-rfz Date: Sun, 10 Nov 2024 18:31:07 +0400 Subject: [PATCH 070/175] Update version 'certbot-beget-plugin' --- global/certbot-dns-plugins.json | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/global/certbot-dns-plugins.json b/global/certbot-dns-plugins.json index e8063a50d..5e6cca757 100644 --- a/global/certbot-dns-plugins.json +++ b/global/certbot-dns-plugins.json @@ -34,9 +34,9 @@ "beget": { "name":"Beget", "package_name": "certbot-beget-plugin", - "version": "~=1.0.0.dev4", + "version": "~=1.0.0.dev8", "dependencies": "", - "credentials": "# Beget API credentials used by Certbot\ndns_beget_username = username\ndns_beget_password = password", + "credentials": "# Beget API credentials used by Certbot\beget_plugin_username = username\beget_plugin_password = password", "full_plugin_name": "beget-plugin" }, "bunny": { From a56342c76a37eefa86e74cd46e9eea89ff94e2d5 Mon Sep 17 00:00:00 2001 From: Medan-rfz Date: Sun, 10 Nov 2024 19:23:28 +0400 Subject: [PATCH 071/175] Fix credentials --- global/certbot-dns-plugins.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/global/certbot-dns-plugins.json b/global/certbot-dns-plugins.json index 5e6cca757..b5d00ab8d 100644 --- a/global/certbot-dns-plugins.json +++ b/global/certbot-dns-plugins.json @@ -36,7 +36,7 @@ "package_name": "certbot-beget-plugin", "version": "~=1.0.0.dev8", "dependencies": "", - "credentials": "# Beget API credentials used by Certbot\beget_plugin_username = username\beget_plugin_password = password", + "credentials": "# Beget API credentials used by Certbot\nbeget_plugin_username = username\beget_plugin_password = password", "full_plugin_name": "beget-plugin" }, "bunny": { From 2cee211fb03b139748800c2403c674f837f74ed6 Mon Sep 17 00:00:00 2001 From: hatharry Date: Wed, 13 Nov 2024 16:31:59 +1300 Subject: [PATCH 072/175] add First Domains plugin --- global/certbot-dns-plugins.json | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/global/certbot-dns-plugins.json b/global/certbot-dns-plugins.json index 075877744..68d1265c3 100644 --- a/global/certbot-dns-plugins.json +++ b/global/certbot-dns-plugins.json @@ -191,6 +191,14 @@ "credentials": "dns_eurodns_applicationId = myuser\ndns_eurodns_apiKey = mysecretpassword\ndns_eurodns_endpoint = https://rest-api.eurodns.com/user-api-gateway/proxy", "full_plugin_name": "dns-eurodns" }, + "firstdomains": { + "name": "First Domains", + "package_name": "certbot-dns-firstdomains", + "version": ">=1.0", + "dependencies": "", + "credentials": "dns_firstdomains_username = myremoteuser\ndns_firstdomains_password = verysecureremoteuserpassword", + "full_plugin_name": "dns-firstdomains" + }, "freedns": { "name": "FreeDNS", "package_name": "certbot-dns-freedns", From 87998a03ced6ef6dc2f3f9b31310c2bef562ac36 Mon Sep 17 00:00:00 2001 From: Jasper Stubbe Date: Thu, 14 Nov 2024 11:39:48 -0800 Subject: [PATCH 073/175] Fix bootloop if stream is used for http/https port --- backend/schema/components/stream-object.json | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/backend/schema/components/stream-object.json b/backend/schema/components/stream-object.json index 516c7f891..e17749940 100644 --- a/backend/schema/components/stream-object.json +++ b/backend/schema/components/stream-object.json @@ -19,7 +19,9 @@ "incoming_port": { "type": "integer", "minimum": 1, - "maximum": 65535 + "maximum": 65535, + "if": {"properties": {"tcp_forwarding": {"const": true}}}, + "then": {"not": {"oneOf": [{"const": 80}, {"const": 443}]}} }, "forwarding_host": { "anyOf": [ From 20646e7bb543503dcc53bd5a074cdddc5e101880 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Fri, 15 Nov 2024 21:19:05 +0000 Subject: [PATCH 074/175] Bump @eslint/plugin-kit from 0.2.0 to 0.2.3 in /test Bumps [@eslint/plugin-kit](https://github.com/eslint/rewrite) from 0.2.0 to 0.2.3. - [Release notes](https://github.com/eslint/rewrite/releases) - [Changelog](https://github.com/eslint/rewrite/blob/main/release-please-config.json) - [Commits](https://github.com/eslint/rewrite/compare/core-v0.2.0...plugin-kit-v0.2.3) --- updated-dependencies: - dependency-name: "@eslint/plugin-kit" dependency-type: indirect ... Signed-off-by: dependabot[bot] --- test/yarn.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/test/yarn.lock b/test/yarn.lock index 4fa9e51f9..909d269d4 100644 --- a/test/yarn.lock +++ b/test/yarn.lock @@ -132,9 +132,9 @@ integrity sha512-BsWiH1yFGjXXS2yvrf5LyuoSIIbPrGUWob917o+BTKuZ7qJdxX8aJLRxs1fS9n6r7vESrq1OUqb68dANcFXuQQ== "@eslint/plugin-kit@^0.2.0": - version "0.2.0" - resolved "https://registry.yarnpkg.com/@eslint/plugin-kit/-/plugin-kit-0.2.0.tgz#8712dccae365d24e9eeecb7b346f85e750ba343d" - integrity sha512-vH9PiIMMwvhCx31Af3HiGzsVNULDbyVkHXwlemn/B0TFj/00ho3y55efXrUZTfQipxoHC5u4xq6zblww1zm1Ig== + version "0.2.3" + resolved "https://registry.yarnpkg.com/@eslint/plugin-kit/-/plugin-kit-0.2.3.tgz#812980a6a41ecf3a8341719f92a6d1e784a2e0e8" + integrity sha512-2b/g5hRmpbb1o4GnTZax9N9m0FXzz9OV42ZzI4rDDMDuHUqigAiQCEWChBWCY4ztAGVRjoWT19v0yMmc5/L5kA== dependencies: levn "^0.4.1" From 126d3d44ca9cc1a07af65b96af65e1b8257cd29c Mon Sep 17 00:00:00 2001 From: Andrew Jackson Date: Sun, 17 Nov 2024 10:44:29 +0000 Subject: [PATCH 075/175] Bump certbot-dns-porkbun --- global/certbot-dns-plugins.json | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/global/certbot-dns-plugins.json b/global/certbot-dns-plugins.json index 075877744..6a48c33a6 100644 --- a/global/certbot-dns-plugins.json +++ b/global/certbot-dns-plugins.json @@ -7,7 +7,7 @@ "credentials": "dns_acmedns_api_url = http://acmedns-server/\ndns_acmedns_registration_file = /data/acme-registration.json", "full_plugin_name": "dns-acmedns" }, - "active24":{ + "active24": { "name": "Active24", "package_name": "certbot-dns-active24", "version": "~=1.5.1", @@ -402,7 +402,7 @@ "porkbun": { "name": "Porkbun", "package_name": "certbot-dns-porkbun", - "version": "~=0.2", + "version": "~=0.9", "dependencies": "", "credentials": "dns_porkbun_key=your-porkbun-api-key\ndns_porkbun_secret=your-porkbun-api-secret", "full_plugin_name": "dns-porkbun" @@ -495,7 +495,7 @@ "credentials": "dns_websupport_identifier = \ndns_websupport_secret_key = ", "full_plugin_name": "dns-websupport" }, - "wedos":{ + "wedos": { "name": "Wedos", "package_name": "certbot-dns-wedos", "version": "~=2.2", @@ -511,4 +511,4 @@ "credentials": "edgedns_client_secret = as3d1asd5d1a32sdfsdfs2d1asd5=\nedgedns_host = sdflskjdf-dfsdfsdf-sdfsdfsdf.luna.akamaiapis.net\nedgedns_access_token = kjdsi3-34rfsdfsdf-234234fsdfsdf\nedgedns_client_token = dkfjdf-342fsdfsd-23fsdfsdfsdf", "full_plugin_name": "edgedns" } -} +} \ No newline at end of file From 640a1eeb68053bafed9a80525d339642de90e0d3 Mon Sep 17 00:00:00 2001 From: tametsi <93092155+tametsi@users.noreply.github.com> Date: Fri, 22 Nov 2024 10:30:58 +0100 Subject: [PATCH 076/175] Return generic auth error to prevent user enumeration attacks On invalid user/password error the error message "Invalid email or password" is returned. Thereby, no information about the existence of the user is given. --- backend/internal/token.js | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) diff --git a/backend/internal/token.js b/backend/internal/token.js index ed9a45f82..0e6dec5e3 100644 --- a/backend/internal/token.js +++ b/backend/internal/token.js @@ -5,6 +5,8 @@ const authModel = require('../models/auth'); const helpers = require('../lib/helpers'); const TokenModel = require('../models/token'); +const ERROR_MESSAGE_INVALID_AUTH = 'Invalid email or password'; + module.exports = { /** @@ -69,15 +71,15 @@ module.exports = { }; }); } else { - throw new error.AuthError('Invalid password'); + throw new error.AuthError(ERROR_MESSAGE_INVALID_AUTH); } }); } else { - throw new error.AuthError('No password auth for user'); + throw new error.AuthError(ERROR_MESSAGE_INVALID_AUTH); } }); } else { - throw new error.AuthError('No relevant user found'); + throw new error.AuthError(ERROR_MESSAGE_INVALID_AUTH); } }); }, From 2075f98cadaf8eb33c97fbd422321a6f60b96f8a Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sun, 24 Nov 2024 03:36:44 +0000 Subject: [PATCH 077/175] Bump cross-spawn from 7.0.3 to 7.0.6 in /backend Bumps [cross-spawn](https://github.com/moxystudio/node-cross-spawn) from 7.0.3 to 7.0.6. - [Changelog](https://github.com/moxystudio/node-cross-spawn/blob/master/CHANGELOG.md) - [Commits](https://github.com/moxystudio/node-cross-spawn/compare/v7.0.3...v7.0.6) --- updated-dependencies: - dependency-name: cross-spawn dependency-type: indirect ... Signed-off-by: dependabot[bot] --- backend/yarn.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/backend/yarn.lock b/backend/yarn.lock index 5441a511c..55723d375 100644 --- a/backend/yarn.lock +++ b/backend/yarn.lock @@ -830,9 +830,9 @@ crc32-stream@^4.0.2: readable-stream "^3.4.0" cross-spawn@^7.0.2: - version "7.0.3" - resolved "https://registry.yarnpkg.com/cross-spawn/-/cross-spawn-7.0.3.tgz#f73a85b9d5d41d045551c177e2882d4ac85728a6" - integrity sha512-iRDPJKUPVEND7dHPO8rkbOnPpyDygcDFtWjpeWNCgy8WP2rXcxXL8TskReQl6OrB2G7+UJrags1q15Fudc7G6w== + version "7.0.6" + resolved "https://registry.yarnpkg.com/cross-spawn/-/cross-spawn-7.0.6.tgz#8a58fe78f00dcd70c370451759dfbfaf03e8ee9f" + integrity sha512-uV2QOWP2nWzsy2aMp8aRibhi9dlzF5Hgh5SHaB9OiTGEyDTiJJyx0uy51QXdyWbtAHNua4XJzUKca3OzKUd3vA== dependencies: path-key "^3.1.0" shebang-command "^2.0.0" From 151160a8346696cfd4a2aa73b3999439f9f7761a Mon Sep 17 00:00:00 2001 From: Muescha <184316+muescha@users.noreply.github.com> Date: Sun, 24 Nov 2024 20:10:17 +0100 Subject: [PATCH 078/175] Update index.md: add link to Proxmox VE Helper-Scripts Update index.md: add link to Proxmox VE Helper-Scripts --- docs/src/third-party/index.md | 1 + 1 file changed, 1 insertion(+) diff --git a/docs/src/third-party/index.md b/docs/src/third-party/index.md index c36f54a8f..cd54b45b9 100644 --- a/docs/src/third-party/index.md +++ b/docs/src/third-party/index.md @@ -12,6 +12,7 @@ Known integrations: - [HomeAssistant Hass.io plugin](https://github.com/hassio-addons/addon-nginx-proxy-manager) - [UnRaid / Synology](https://github.com/jlesage/docker-nginx-proxy-manager) - [Proxmox Scripts](https://github.com/ej52/proxmox-scripts/tree/main/apps/nginx-proxy-manager) +- [Proxmox VE Helper-Scripts](https://community-scripts.github.io/ProxmoxVE/scripts?id=nginxproxymanager) - [nginxproxymanagerGraf](https://github.com/ma-karai/nginxproxymanagerGraf) From 93ea17a9bb782cdd65434dd172483f364fa4765f Mon Sep 17 00:00:00 2001 From: Remco Kersten Date: Mon, 25 Nov 2024 20:37:49 +0100 Subject: [PATCH 079/175] Fix entries of a deleted user break the UI --- frontend/js/app/nginx/access/list/item.ejs | 4 ++-- frontend/js/app/nginx/certificates/list/item.ejs | 4 ++-- frontend/js/app/nginx/dead/list/item.ejs | 4 ++-- frontend/js/app/nginx/proxy/list/item.ejs | 4 ++-- frontend/js/app/nginx/redirection/list/item.ejs | 4 ++-- frontend/js/app/nginx/stream/list/item.ejs | 4 ++-- 6 files changed, 12 insertions(+), 12 deletions(-) diff --git a/frontend/js/app/nginx/access/list/item.ejs b/frontend/js/app/nginx/access/list/item.ejs index 2ee37a50a..fe043c98e 100644 --- a/frontend/js/app/nginx/access/list/item.ejs +++ b/frontend/js/app/nginx/access/list/item.ejs @@ -1,6 +1,6 @@ -

- +
+
diff --git a/frontend/js/app/nginx/certificates/list/item.ejs b/frontend/js/app/nginx/certificates/list/item.ejs index 20d6f2396..9a0d6b27d 100644 --- a/frontend/js/app/nginx/certificates/list/item.ejs +++ b/frontend/js/app/nginx/certificates/list/item.ejs @@ -1,6 +1,6 @@ -
- +
+
diff --git a/frontend/js/app/nginx/dead/list/item.ejs b/frontend/js/app/nginx/dead/list/item.ejs index d447bd1e3..dede3b639 100644 --- a/frontend/js/app/nginx/dead/list/item.ejs +++ b/frontend/js/app/nginx/dead/list/item.ejs @@ -1,6 +1,6 @@ -
- +
+
diff --git a/frontend/js/app/nginx/proxy/list/item.ejs b/frontend/js/app/nginx/proxy/list/item.ejs index a59368048..3eeaa6d26 100644 --- a/frontend/js/app/nginx/proxy/list/item.ejs +++ b/frontend/js/app/nginx/proxy/list/item.ejs @@ -1,6 +1,6 @@ -
- +
+
diff --git a/frontend/js/app/nginx/redirection/list/item.ejs b/frontend/js/app/nginx/redirection/list/item.ejs index 4f25d973e..dff186fdf 100644 --- a/frontend/js/app/nginx/redirection/list/item.ejs +++ b/frontend/js/app/nginx/redirection/list/item.ejs @@ -1,6 +1,6 @@ -
- +
+
diff --git a/frontend/js/app/nginx/stream/list/item.ejs b/frontend/js/app/nginx/stream/list/item.ejs index a8ff83d4c..2b4cb626b 100644 --- a/frontend/js/app/nginx/stream/list/item.ejs +++ b/frontend/js/app/nginx/stream/list/item.ejs @@ -1,6 +1,6 @@ -
- +
+
From 81c9038929a75f72574add9bf3baaa80171f11bf Mon Sep 17 00:00:00 2001 From: Julian Gassner Date: Wed, 27 Nov 2024 18:27:11 +0100 Subject: [PATCH 080/175] Refactor user form structure --- frontend/js/app/user/form.ejs | 24 ++++++++++++------------ 1 file changed, 12 insertions(+), 12 deletions(-) diff --git a/frontend/js/app/user/form.ejs b/frontend/js/app/user/form.ejs index aeb268f7c..9ba84438a 100644 --- a/frontend/js/app/user/form.ejs +++ b/frontend/js/app/user/form.ejs @@ -1,10 +1,10 @@
-
-
<%- i18n('users', 'form-title', {id: id}) %>
- -
-
-
+ +
+
<%- i18n('users', 'form-title', {id: id}) %>
+ +
+
@@ -49,10 +49,10 @@
<% } %>
- -
-
- - -
+
+
+ + +
+
From fe068a8b51b3074c9cf024ebb3b955fd9c86a135 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sun, 1 Dec 2024 22:49:09 +0000 Subject: [PATCH 081/175] Bump cross-spawn from 7.0.3 to 7.0.6 in /test Bumps [cross-spawn](https://github.com/moxystudio/node-cross-spawn) from 7.0.3 to 7.0.6. - [Changelog](https://github.com/moxystudio/node-cross-spawn/blob/master/CHANGELOG.md) - [Commits](https://github.com/moxystudio/node-cross-spawn/compare/v7.0.3...v7.0.6) --- updated-dependencies: - dependency-name: cross-spawn dependency-type: indirect ... Signed-off-by: dependabot[bot] --- test/yarn.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/test/yarn.lock b/test/yarn.lock index 909d269d4..b79e90e80 100644 --- a/test/yarn.lock +++ b/test/yarn.lock @@ -628,9 +628,9 @@ core-util-is@1.0.2: integrity sha1-tf1UIgqivFq1eqtxQMlAdUUDwac= cross-spawn@^7.0.0, cross-spawn@^7.0.2: - version "7.0.3" - resolved "https://registry.yarnpkg.com/cross-spawn/-/cross-spawn-7.0.3.tgz#f73a85b9d5d41d045551c177e2882d4ac85728a6" - integrity sha512-iRDPJKUPVEND7dHPO8rkbOnPpyDygcDFtWjpeWNCgy8WP2rXcxXL8TskReQl6OrB2G7+UJrags1q15Fudc7G6w== + version "7.0.6" + resolved "https://registry.yarnpkg.com/cross-spawn/-/cross-spawn-7.0.6.tgz#8a58fe78f00dcd70c370451759dfbfaf03e8ee9f" + integrity sha512-uV2QOWP2nWzsy2aMp8aRibhi9dlzF5Hgh5SHaB9OiTGEyDTiJJyx0uy51QXdyWbtAHNua4XJzUKca3OzKUd3vA== dependencies: path-key "^3.1.0" shebang-command "^2.0.0" From 19ed4c1212215b6972626eef796512fa769844e6 Mon Sep 17 00:00:00 2001 From: Julian Gassner Date: Wed, 4 Dec 2024 03:08:49 +0100 Subject: [PATCH 082/175] Change click to submit --- frontend/js/app/user/form.js | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/frontend/js/app/user/form.js b/frontend/js/app/user/form.js index ef92ec3e9..617a75fc9 100644 --- a/frontend/js/app/user/form.js +++ b/frontend/js/app/user/form.js @@ -19,7 +19,7 @@ module.exports = Mn.View.extend({ events: { - 'click @ui.save': function (e) { + 'submit @ui.form': function (e) { e.preventDefault(); this.ui.error.hide(); let view = this; From d26e8c1d0c44a5fbeb1264f8fe713bdac0f5e703 Mon Sep 17 00:00:00 2001 From: Julian Gassner Date: Wed, 4 Dec 2024 03:45:56 +0100 Subject: [PATCH 083/175] Change onRender function to always update the dashboard stats --- frontend/js/app/dashboard/main.js | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/frontend/js/app/dashboard/main.js b/frontend/js/app/dashboard/main.js index c2e82f855..4765d061e 100644 --- a/frontend/js/app/dashboard/main.js +++ b/frontend/js/app/dashboard/main.js @@ -50,8 +50,7 @@ module.exports = Mn.View.extend({ onRender: function () { let view = this; - if (typeof view.stats.hosts === 'undefined') { - Api.Reports.getHostStats() + Api.Reports.getHostStats() .then(response => { if (!view.isDestroyed()) { view.stats.hosts = response; @@ -61,7 +60,6 @@ module.exports = Mn.View.extend({ .catch(err => { console.log(err); }); - } }, /** From 1e322804ce397beed5e9458889c9135d35169991 Mon Sep 17 00:00:00 2001 From: Julian Gassner Date: Wed, 4 Dec 2024 16:47:36 +0100 Subject: [PATCH 084/175] Add ZoneEdit certbot plugin --- global/certbot-dns-plugins.json | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/global/certbot-dns-plugins.json b/global/certbot-dns-plugins.json index 075877744..31d721cda 100644 --- a/global/certbot-dns-plugins.json +++ b/global/certbot-dns-plugins.json @@ -510,5 +510,13 @@ "dependencies": "", "credentials": "edgedns_client_secret = as3d1asd5d1a32sdfsdfs2d1asd5=\nedgedns_host = sdflskjdf-dfsdfsdf-sdfsdfsdf.luna.akamaiapis.net\nedgedns_access_token = kjdsi3-34rfsdfsdf-234234fsdfsdf\nedgedns_client_token = dkfjdf-342fsdfsd-23fsdfsdfsdf", "full_plugin_name": "edgedns" + }, + "zoneedit": { + "name": "ZoneEdit", + "package_name": "certbot-dns-zoneedit", + "version": "~=0.3.2", + "dependencies": "", + "credentials": "dns_zoneedit_user = \ndns_zoneedit_token = ", + "full_plugin_name": "dns-zoneedit" } } From c6630e87bbe878b7161a276894f08c840a6aafa1 Mon Sep 17 00:00:00 2001 From: Medan-rfz Date: Sat, 7 Dec 2024 15:01:57 +0400 Subject: [PATCH 085/175] Update version 'certbot-beget-plugin' & fix credentials content --- global/certbot-dns-plugins.json | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/global/certbot-dns-plugins.json b/global/certbot-dns-plugins.json index b5d00ab8d..a9a388b36 100644 --- a/global/certbot-dns-plugins.json +++ b/global/certbot-dns-plugins.json @@ -34,9 +34,9 @@ "beget": { "name":"Beget", "package_name": "certbot-beget-plugin", - "version": "~=1.0.0.dev8", + "version": "~=1.0.0.dev9", "dependencies": "", - "credentials": "# Beget API credentials used by Certbot\nbeget_plugin_username = username\beget_plugin_password = password", + "credentials": "# Beget API credentials used by Certbot\nbeget_plugin_username = username\nbeget_plugin_password = password", "full_plugin_name": "beget-plugin" }, "bunny": { From 56033bee9cf7f309d1246b7d450fdd808185ae0d Mon Sep 17 00:00:00 2001 From: Jordy Kuhne Date: Sun, 8 Dec 2024 15:23:37 +0100 Subject: [PATCH 086/175] Add hostingnl --- global/certbot-dns-plugins.json | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/global/certbot-dns-plugins.json b/global/certbot-dns-plugins.json index 075877744..d439bc99a 100644 --- a/global/certbot-dns-plugins.json +++ b/global/certbot-dns-plugins.json @@ -247,6 +247,14 @@ "credentials": "dns_hetzner_api_token = 0123456789abcdef0123456789abcdef", "full_plugin_name": "dns-hetzner" }, + "hostingnl": { + "name": "Hosting.nl", + "package_name": "certbot-dns-hostingnl", + "version": "~=0.1.5", + "dependencies": "", + "credentials": "dns_hostingnl_api_key = 0123456789abcdef0123456789abcdef", + "full_plugin_name": "dns-hostingnl" + }, "hover": { "name": "Hover", "package_name": "certbot-dns-hover", From c6eca2578e3c90fa172f65aef29b97737be307c2 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sat, 14 Dec 2024 10:02:55 +0000 Subject: [PATCH 087/175] Bump nanoid from 3.3.7 to 3.3.8 in /docs Bumps [nanoid](https://github.com/ai/nanoid) from 3.3.7 to 3.3.8. - [Release notes](https://github.com/ai/nanoid/releases) - [Changelog](https://github.com/ai/nanoid/blob/main/CHANGELOG.md) - [Commits](https://github.com/ai/nanoid/compare/3.3.7...3.3.8) --- updated-dependencies: - dependency-name: nanoid dependency-type: indirect ... Signed-off-by: dependabot[bot] --- docs/yarn.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/docs/yarn.lock b/docs/yarn.lock index 01fe29962..f89b80fdf 100644 --- a/docs/yarn.lock +++ b/docs/yarn.lock @@ -873,9 +873,9 @@ mitt@^3.0.1: integrity sha512-vKivATfr97l2/QBCYAkXYDbrIWPM2IIKEl7YPhjCvKlG3kE2gm+uBo6nEXK3M5/Ffh/FLpKExzOQ3JJoJGFKBw== nanoid@^3.3.7: - version "3.3.7" - resolved "https://registry.yarnpkg.com/nanoid/-/nanoid-3.3.7.tgz#d0c301a691bc8d54efa0a2226ccf3fe2fd656bd8" - integrity sha512-eSRppjcPIatRIMC1U6UngP8XFcz8MQWGQdt1MTBQ7NaAmvXDfvNxbvWV3x2y6CdEUciCSsDHDQZbhYaB8QEo2g== + version "3.3.8" + resolved "https://registry.yarnpkg.com/nanoid/-/nanoid-3.3.8.tgz#b1be3030bee36aaff18bacb375e5cce521684baf" + integrity sha512-WNLf5Sd8oZxOm+TzppcYk8gVOgP+l58xNy58D0nbUnOxOWRWvlcCV4kUF7ltmI6PsrLl/BgKEyS4mqsGChFN0w== oniguruma-to-js@0.4.3: version "0.4.3" From 5d087f1256cbd110a4ba2e6809616b266d22a43d Mon Sep 17 00:00:00 2001 From: FabianK3 <21039694+FabianK3@users.noreply.github.com> Date: Sun, 15 Dec 2024 11:35:58 +0100 Subject: [PATCH 088/175] Update DomainOffensive certbot plugin --- global/certbot-dns-plugins.json | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/global/certbot-dns-plugins.json b/global/certbot-dns-plugins.json index 075877744..2bf455580 100644 --- a/global/certbot-dns-plugins.json +++ b/global/certbot-dns-plugins.json @@ -153,11 +153,11 @@ }, "domainoffensive": { "name": "DomainOffensive (do.de)", - "package_name": "certbot-dns-do", - "version": "~=0.31.0", + "package_name": "certbot-dns-domainoffensive", + "version": "~=2.0.0", "dependencies": "", "credentials": "dns_do_api_token = YOUR_DO_DE_AUTH_TOKEN", - "full_plugin_name": "dns-do" + "full_plugin_name": "dns-domainoffensive" }, "domeneshop": { "name": "Domeneshop", From f537619ffef839de35914b5aaff10cb4e82c14e1 Mon Sep 17 00:00:00 2001 From: John Janzen Date: Thu, 19 Dec 2024 16:10:46 +0100 Subject: [PATCH 089/175] Revert "Change onRender function to always update the dashboard stats" This reverts commit d26e8c1d0c44a5fbeb1264f8fe713bdac0f5e703. This reopens #4204 (which i can't reproduce sadly) The reverted commit is responsible for an infinite loop of requests to /hosts, which makes buttons unresponsive on the main page another way to invalidate the cache needs to be found this infinite requests loop happens on d26e8c1d0c44a5fbeb1264f8fe713bdac0f5e703 and on the docker image `nginxproxymanager/nginx-proxy-manager-dev:pr-4206` the docker image is attaced to the pr #4206 which merges the commit --- frontend/js/app/dashboard/main.js | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/frontend/js/app/dashboard/main.js b/frontend/js/app/dashboard/main.js index 4765d061e..c2e82f855 100644 --- a/frontend/js/app/dashboard/main.js +++ b/frontend/js/app/dashboard/main.js @@ -50,7 +50,8 @@ module.exports = Mn.View.extend({ onRender: function () { let view = this; - Api.Reports.getHostStats() + if (typeof view.stats.hosts === 'undefined') { + Api.Reports.getHostStats() .then(response => { if (!view.isDestroyed()) { view.stats.hosts = response; @@ -60,6 +61,7 @@ module.exports = Mn.View.extend({ .catch(err => { console.log(err); }); + } }, /** From 7f9240dda79d4f0206dd5be931b4ad7eb7c2c2d1 Mon Sep 17 00:00:00 2001 From: Miguel Angel Nubla Date: Fri, 20 Dec 2024 00:59:26 +0100 Subject: [PATCH 090/175] Add custom configuration to dead_host.conf --- backend/templates/dead_host.conf | 2 ++ 1 file changed, 2 insertions(+) diff --git a/backend/templates/dead_host.conf b/backend/templates/dead_host.conf index 7a06469a9..2e7d2a007 100644 --- a/backend/templates/dead_host.conf +++ b/backend/templates/dead_host.conf @@ -22,5 +22,7 @@ server { } {% endif %} + # Custom + include /data/nginx/custom/server_dead[.]conf; } {% endif %} From 3eecf7a38b952a15feb32f648ac93569028a5254 Mon Sep 17 00:00:00 2001 From: Miguel Angel Nubla Date: Fri, 20 Dec 2024 01:03:21 +0100 Subject: [PATCH 091/175] Add custom configuration to 404 hosts --- docs/src/advanced-config/index.md | 1 + 1 file changed, 1 insertion(+) diff --git a/docs/src/advanced-config/index.md b/docs/src/advanced-config/index.md index c9b42bcc7..373fd08bb 100644 --- a/docs/src/advanced-config/index.md +++ b/docs/src/advanced-config/index.md @@ -181,6 +181,7 @@ You can add your custom configuration snippet files at `/data/nginx/custom` as f - `/data/nginx/custom/server_stream.conf`: Included at the end of every stream server block - `/data/nginx/custom/server_stream_tcp.conf`: Included at the end of every TCP stream server block - `/data/nginx/custom/server_stream_udp.conf`: Included at the end of every UDP stream server block + - `/data/nginx/custom/server_dead.conf`: Included at the end of every 404 server block Every file is optional. From 356b98bf7eb1421fc3d435b1ecd232ad48e86873 Mon Sep 17 00:00:00 2001 From: ComradeBlin Date: Sun, 22 Dec 2024 01:02:47 +0100 Subject: [PATCH 092/175] Add Gcore DNS Provider --- global/certbot-dns-plugins.json | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/global/certbot-dns-plugins.json b/global/certbot-dns-plugins.json index d439bc99a..ce8da8044 100644 --- a/global/certbot-dns-plugins.json +++ b/global/certbot-dns-plugins.json @@ -207,6 +207,14 @@ "credentials": "# Gandi personal access token\ndns_gandi_token=PERSONAL_ACCESS_TOKEN", "full_plugin_name": "dns-gandi" }, + "gcore": { + "name": "Gcore DNS", + "package_name": "certbot-dns-gcore", + "version": "~=0.1.8", + "dependencies": "", + "credentials": "dns_gcore_api_key = 0123456789abcdef0123456789abcdef01234567", + "full_plugin_name": "dns-gcore" + }, "godaddy": { "name": "GoDaddy", "package_name": "certbot-dns-godaddy", From 73110d5e1e365e1f712b5786486d5ae4d41024e3 Mon Sep 17 00:00:00 2001 From: ComradeBlin Date: Sun, 22 Dec 2024 01:44:52 +0100 Subject: [PATCH 093/175] Update Gcore apikey format I managed to mis-write the format in my previous commit --- global/certbot-dns-plugins.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/global/certbot-dns-plugins.json b/global/certbot-dns-plugins.json index ce8da8044..a090d02dd 100644 --- a/global/certbot-dns-plugins.json +++ b/global/certbot-dns-plugins.json @@ -212,7 +212,7 @@ "package_name": "certbot-dns-gcore", "version": "~=0.1.8", "dependencies": "", - "credentials": "dns_gcore_api_key = 0123456789abcdef0123456789abcdef01234567", + "credentials": "dns_gcore_apitoken = 0123456789abcdef0123456789abcdef01234567", "full_plugin_name": "dns-gcore" }, "godaddy": { From ca3ee98c68042e913fc394033c544f3932b28ec6 Mon Sep 17 00:00:00 2001 From: Jamie Curnow Date: Tue, 24 Dec 2024 08:57:54 +1000 Subject: [PATCH 094/175] Postgres Support - Combines #4086 and #4087 PRs - Adds authentik in CI stack --- Jenkinsfile | 38 ++++++++ backend/internal/access-list.js | 14 ++- backend/internal/audit-log.js | 9 +- backend/internal/dead-host.js | 7 +- backend/internal/host.js | 13 +-- backend/internal/proxy-host.js | 7 +- backend/internal/redirection-host.js | 7 +- backend/internal/stream.js | 13 +-- backend/lib/config.js | 53 ++++++++++-- backend/lib/helpers.js | 14 ++- backend/models/redirection_host.js | 3 + backend/package.json | 1 + backend/setup.js | 16 ++-- backend/yarn.lock | 88 +++++++++++++++++++ docker/ci.env | 8 ++ docker/ci/postgres/authentik.sql.gz | Bin 0 -> 1036690 bytes docker/dev/Dockerfile | 3 +- docker/docker-compose.ci.postgres.yml | 78 +++++++++++++++++ docker/docker-compose.dev.yml | 119 ++++++++++++++++++++++---- docs/src/setup/index.md | 47 ++++++++++ scripts/.common.sh | 2 +- scripts/ci/fulltest-cypress | 2 + scripts/start-dev | 11 ++- test/cypress/e2e/api/Ldap.cy.js | 64 ++++++++++++++ test/cypress/e2e/api/OAuth.cy.js | 97 +++++++++++++++++++++ 25 files changed, 647 insertions(+), 67 deletions(-) create mode 100644 docker/ci.env create mode 100644 docker/ci/postgres/authentik.sql.gz create mode 100644 docker/docker-compose.ci.postgres.yml create mode 100644 test/cypress/e2e/api/Ldap.cy.js create mode 100644 test/cypress/e2e/api/OAuth.cy.js diff --git a/Jenkinsfile b/Jenkinsfile index 302e05b27..224138bf4 100644 --- a/Jenkinsfile +++ b/Jenkinsfile @@ -167,6 +167,44 @@ pipeline { } } } + stage('Test Postgres') { + environment { + COMPOSE_PROJECT_NAME = "npm_${BRANCH_LOWER}_${BUILD_NUMBER}_postgres" + COMPOSE_FILE = 'docker/docker-compose.ci.yml:docker/docker-compose.ci.postgres.yml' + } + when { + not { + equals expected: 'UNSTABLE', actual: currentBuild.result + } + } + steps { + sh 'rm -rf ./test/results/junit/*' + sh './scripts/ci/fulltest-cypress' + } + post { + always { + // Dumps to analyze later + sh 'mkdir -p debug/postgres' + sh 'docker logs $(docker-compose ps --all -q fullstack) > debug/postgres/docker_fullstack.log 2>&1' + sh 'docker logs $(docker-compose ps --all -q stepca) > debug/postgres/docker_stepca.log 2>&1' + sh 'docker logs $(docker-compose ps --all -q pdns) > debug/postgres/docker_pdns.log 2>&1' + sh 'docker logs $(docker-compose ps --all -q pdns-db) > debug/postgres/docker_pdns-db.log 2>&1' + sh 'docker logs $(docker-compose ps --all -q dnsrouter) > debug/postgres/docker_dnsrouter.log 2>&1' + sh 'docker logs $(docker-compose ps --all -q db-postgres) > debug/postgres/docker_db-postgres.log 2>&1' + sh 'docker logs $(docker-compose ps --all -q authentik) > debug/postgres/docker_authentik.log 2>&1' + sh 'docker logs $(docker-compose ps --all -q authentik-redis) > debug/postgres/docker_authentik-redis.log 2>&1' + sh 'docker logs $(docker-compose ps --all -q authentik-ldap) > debug/postgres/docker_authentik-ldap.log 2>&1' + + junit 'test/results/junit/*' + sh 'docker-compose down --remove-orphans --volumes -t 30 || true' + } + unstable { + dir(path: 'testing/results') { + archiveArtifacts(allowEmptyArchive: true, artifacts: '**/*', excludes: '**/*.xml') + } + } + } + } stage('MultiArch Build') { when { not { diff --git a/backend/internal/access-list.js b/backend/internal/access-list.js index 72326be68..41c975e6e 100644 --- a/backend/internal/access-list.js +++ b/backend/internal/access-list.js @@ -81,7 +81,7 @@ const internalAccessList = { return internalAccessList.build(row) .then(() => { - if (row.proxy_host_count) { + if (parseInt(row.proxy_host_count, 10)) { return internalNginx.bulkGenerateConfigs('proxy_host', row.proxy_hosts); } }) @@ -223,7 +223,7 @@ const internalAccessList = { .then((row) => { return internalAccessList.build(row) .then(() => { - if (row.proxy_host_count) { + if (parseInt(row.proxy_host_count, 10)) { return internalNginx.bulkGenerateConfigs('proxy_host', row.proxy_hosts); } }).then(internalNginx.reload) @@ -252,7 +252,10 @@ const internalAccessList = { let query = accessListModel .query() .select('access_list.*', accessListModel.raw('COUNT(proxy_host.id) as proxy_host_count')) - .joinRaw('LEFT JOIN `proxy_host` ON `proxy_host`.`access_list_id` = `access_list`.`id` AND `proxy_host`.`is_deleted` = 0') + .leftJoin('proxy_host', function() { + this.on('proxy_host.access_list_id', '=', 'access_list.id') + .andOn('proxy_host.is_deleted', '=', 0); + }) .where('access_list.is_deleted', 0) .andWhere('access_list.id', data.id) .allowGraph('[owner,items,clients,proxy_hosts.[certificate,access_list.[clients,items]]]') @@ -373,7 +376,10 @@ const internalAccessList = { let query = accessListModel .query() .select('access_list.*', accessListModel.raw('COUNT(proxy_host.id) as proxy_host_count')) - .joinRaw('LEFT JOIN `proxy_host` ON `proxy_host`.`access_list_id` = `access_list`.`id` AND `proxy_host`.`is_deleted` = 0') + .leftJoin('proxy_host', function() { + this.on('proxy_host.access_list_id', '=', 'access_list.id') + .andOn('proxy_host.is_deleted', '=', 0); + }) .where('access_list.is_deleted', 0) .groupBy('access_list.id') .allowGraph('[owner,items,clients]') diff --git a/backend/internal/audit-log.js b/backend/internal/audit-log.js index cb48261b4..60bdd2efa 100644 --- a/backend/internal/audit-log.js +++ b/backend/internal/audit-log.js @@ -1,5 +1,6 @@ -const error = require('../lib/error'); -const auditLogModel = require('../models/audit-log'); +const error = require('../lib/error'); +const auditLogModel = require('../models/audit-log'); +const {castJsonIfNeed} = require('../lib/helpers'); const internalAuditLog = { @@ -22,9 +23,9 @@ const internalAuditLog = { .allowGraph('[user]'); // Query is used for searching - if (typeof search_query === 'string') { + if (typeof search_query === 'string' && search_query.length > 0) { query.where(function () { - this.where('meta', 'like', '%' + search_query + '%'); + this.where(castJsonIfNeed('meta'), 'like', '%' + search_query + '%'); }); } diff --git a/backend/internal/dead-host.js b/backend/internal/dead-host.js index e672775eb..6bbdf61be 100644 --- a/backend/internal/dead-host.js +++ b/backend/internal/dead-host.js @@ -6,6 +6,7 @@ const internalHost = require('./host'); const internalNginx = require('./nginx'); const internalAuditLog = require('./audit-log'); const internalCertificate = require('./certificate'); +const {castJsonIfNeed} = require('../lib/helpers'); function omissions () { return ['is_deleted']; @@ -409,16 +410,16 @@ const internalDeadHost = { .where('is_deleted', 0) .groupBy('id') .allowGraph('[owner,certificate]') - .orderBy('domain_names', 'ASC'); + .orderBy(castJsonIfNeed('domain_names'), 'ASC'); if (access_data.permission_visibility !== 'all') { query.andWhere('owner_user_id', access.token.getUserId(1)); } // Query is used for searching - if (typeof search_query === 'string') { + if (typeof search_query === 'string' && search_query.length > 0) { query.where(function () { - this.where('domain_names', 'like', '%' + search_query + '%'); + this.where(castJsonIfNeed('domain_names'), 'like', '%' + search_query + '%'); }); } diff --git a/backend/internal/host.js b/backend/internal/host.js index 58e1d09a4..52c6d2bda 100644 --- a/backend/internal/host.js +++ b/backend/internal/host.js @@ -2,6 +2,7 @@ const _ = require('lodash'); const proxyHostModel = require('../models/proxy_host'); const redirectionHostModel = require('../models/redirection_host'); const deadHostModel = require('../models/dead_host'); +const {castJsonIfNeed} = require('../lib/helpers'); const internalHost = { @@ -17,7 +18,7 @@ const internalHost = { cleanSslHstsData: function (data, existing_data) { existing_data = existing_data === undefined ? {} : existing_data; - let combined_data = _.assign({}, existing_data, data); + const combined_data = _.assign({}, existing_data, data); if (!combined_data.certificate_id) { combined_data.ssl_forced = false; @@ -73,7 +74,7 @@ const internalHost = { * @returns {Promise} */ getHostsWithDomains: function (domain_names) { - let promises = [ + const promises = [ proxyHostModel .query() .where('is_deleted', 0), @@ -125,19 +126,19 @@ const internalHost = { * @returns {Promise} */ isHostnameTaken: function (hostname, ignore_type, ignore_id) { - let promises = [ + const promises = [ proxyHostModel .query() .where('is_deleted', 0) - .andWhere('domain_names', 'like', '%' + hostname + '%'), + .andWhere(castJsonIfNeed('domain_names'), 'like', '%' + hostname + '%'), redirectionHostModel .query() .where('is_deleted', 0) - .andWhere('domain_names', 'like', '%' + hostname + '%'), + .andWhere(castJsonIfNeed('domain_names'), 'like', '%' + hostname + '%'), deadHostModel .query() .where('is_deleted', 0) - .andWhere('domain_names', 'like', '%' + hostname + '%') + .andWhere(castJsonIfNeed('domain_names'), 'like', '%' + hostname + '%') ]; return Promise.all(promises) diff --git a/backend/internal/proxy-host.js b/backend/internal/proxy-host.js index 61ac8b8c7..32f2bc0dc 100644 --- a/backend/internal/proxy-host.js +++ b/backend/internal/proxy-host.js @@ -6,6 +6,7 @@ const internalHost = require('./host'); const internalNginx = require('./nginx'); const internalAuditLog = require('./audit-log'); const internalCertificate = require('./certificate'); +const {castJsonIfNeed} = require('../lib/helpers'); function omissions () { return ['is_deleted', 'owner.is_deleted']; @@ -416,16 +417,16 @@ const internalProxyHost = { .where('is_deleted', 0) .groupBy('id') .allowGraph('[owner,access_list,certificate]') - .orderBy('domain_names', 'ASC'); + .orderBy(castJsonIfNeed('domain_names'), 'ASC'); if (access_data.permission_visibility !== 'all') { query.andWhere('owner_user_id', access.token.getUserId(1)); } // Query is used for searching - if (typeof search_query === 'string') { + if (typeof search_query === 'string' && search_query.length > 0) { query.where(function () { - this.where('domain_names', 'like', '%' + search_query + '%'); + this.where(castJsonIfNeed('domain_names'), 'like', `%${search_query}%`); }); } diff --git a/backend/internal/redirection-host.js b/backend/internal/redirection-host.js index 41ff5b093..6a81b8662 100644 --- a/backend/internal/redirection-host.js +++ b/backend/internal/redirection-host.js @@ -6,6 +6,7 @@ const internalHost = require('./host'); const internalNginx = require('./nginx'); const internalAuditLog = require('./audit-log'); const internalCertificate = require('./certificate'); +const {castJsonIfNeed} = require('../lib/helpers'); function omissions () { return ['is_deleted']; @@ -409,16 +410,16 @@ const internalRedirectionHost = { .where('is_deleted', 0) .groupBy('id') .allowGraph('[owner,certificate]') - .orderBy('domain_names', 'ASC'); + .orderBy(castJsonIfNeed('domain_names'), 'ASC'); if (access_data.permission_visibility !== 'all') { query.andWhere('owner_user_id', access.token.getUserId(1)); } // Query is used for searching - if (typeof search_query === 'string') { + if (typeof search_query === 'string' && search_query.length > 0) { query.where(function () { - this.where('domain_names', 'like', '%' + search_query + '%'); + this.where(castJsonIfNeed('domain_names'), 'like', `%${search_query}%`); }); } diff --git a/backend/internal/stream.js b/backend/internal/stream.js index ee88d46fc..9f76a1def 100644 --- a/backend/internal/stream.js +++ b/backend/internal/stream.js @@ -4,6 +4,7 @@ const utils = require('../lib/utils'); const streamModel = require('../models/stream'); const internalNginx = require('./nginx'); const internalAuditLog = require('./audit-log'); +const {castJsonIfNeed} = require('../lib/helpers'); function omissions () { return ['is_deleted']; @@ -293,21 +294,21 @@ const internalStream = { getAll: (access, expand, search_query) => { return access.can('streams:list') .then((access_data) => { - let query = streamModel + const query = streamModel .query() .where('is_deleted', 0) .groupBy('id') .allowGraph('[owner]') - .orderBy('incoming_port', 'ASC'); + .orderByRaw('CAST(incoming_port AS INTEGER) ASC'); if (access_data.permission_visibility !== 'all') { query.andWhere('owner_user_id', access.token.getUserId(1)); } // Query is used for searching - if (typeof search_query === 'string') { + if (typeof search_query === 'string' && search_query.length > 0) { query.where(function () { - this.where('incoming_port', 'like', '%' + search_query + '%'); + this.where(castJsonIfNeed('incoming_port'), 'like', `%${search_query}%`); }); } @@ -327,9 +328,9 @@ const internalStream = { * @returns {Promise} */ getCount: (user_id, visibility) => { - let query = streamModel + const query = streamModel .query() - .count('id as count') + .count('id AS count') .where('is_deleted', 0); if (visibility !== 'all') { diff --git a/backend/lib/config.js b/backend/lib/config.js index f7fbdca6f..23184f3e8 100644 --- a/backend/lib/config.js +++ b/backend/lib/config.js @@ -2,7 +2,10 @@ const fs = require('fs'); const NodeRSA = require('node-rsa'); const logger = require('../logger').global; -const keysFile = '/data/keys.json'; +const keysFile = '/data/keys.json'; +const mysqlEngine = 'mysql2'; +const postgresEngine = 'pg'; +const sqliteClientName = 'sqlite3'; let instance = null; @@ -14,7 +17,7 @@ const configure = () => { let configData; try { configData = require(filename); - } catch (err) { + } catch (_) { // do nothing } @@ -34,7 +37,7 @@ const configure = () => { logger.info('Using MySQL configuration'); instance = { database: { - engine: 'mysql2', + engine: mysqlEngine, host: envMysqlHost, port: process.env.DB_MYSQL_PORT || 3306, user: envMysqlUser, @@ -46,13 +49,33 @@ const configure = () => { return; } + const envPostgresHost = process.env.DB_POSTGRES_HOST || null; + const envPostgresUser = process.env.DB_POSTGRES_USER || null; + const envPostgresName = process.env.DB_POSTGRES_NAME || null; + if (envPostgresHost && envPostgresUser && envPostgresName) { + // we have enough postgres creds to go with postgres + logger.info('Using Postgres configuration'); + instance = { + database: { + engine: postgresEngine, + host: envPostgresHost, + port: process.env.DB_POSTGRES_PORT || 5432, + user: envPostgresUser, + password: process.env.DB_POSTGRES_PASSWORD, + name: envPostgresName, + }, + keys: getKeys(), + }; + return; + } + const envSqliteFile = process.env.DB_SQLITE_FILE || '/data/database.sqlite'; logger.info(`Using Sqlite: ${envSqliteFile}`); instance = { database: { engine: 'knex-native', knex: { - client: 'sqlite3', + client: sqliteClientName, connection: { filename: envSqliteFile }, @@ -143,7 +166,27 @@ module.exports = { */ isSqlite: function () { instance === null && configure(); - return instance.database.knex && instance.database.knex.client === 'sqlite3'; + return instance.database.knex && instance.database.knex.client === sqliteClientName; + }, + + /** + * Is this a mysql configuration? + * + * @returns {boolean} + */ + isMysql: function () { + instance === null && configure(); + return instance.database.engine === mysqlEngine; + }, + + /** + * Is this a postgres configuration? + * + * @returns {boolean} + */ + isPostgres: function () { + instance === null && configure(); + return instance.database.engine === postgresEngine; }, /** diff --git a/backend/lib/helpers.js b/backend/lib/helpers.js index f7e98bebc..ad3df3c27 100644 --- a/backend/lib/helpers.js +++ b/backend/lib/helpers.js @@ -1,4 +1,6 @@ -const moment = require('moment'); +const moment = require('moment'); +const {isPostgres} = require('./config'); +const {ref} = require('objection'); module.exports = { @@ -45,6 +47,16 @@ module.exports = { } }); return obj; + }, + + /** + * Casts a column to json if using postgres + * + * @param {string} colName + * @returns {string|Objection.ReferenceBuilder} + */ + castJsonIfNeed: function (colName) { + return isPostgres() ? ref(colName).castText() : colName; } }; diff --git a/backend/models/redirection_host.js b/backend/models/redirection_host.js index 556742f0c..801627916 100644 --- a/backend/models/redirection_host.js +++ b/backend/models/redirection_host.js @@ -17,6 +17,9 @@ const boolFields = [ 'preserve_path', 'ssl_forced', 'block_exploits', + 'hsts_enabled', + 'hsts_subdomains', + 'http2_support', ]; class RedirectionHost extends Model { diff --git a/backend/package.json b/backend/package.json index 1bc3ef165..30984a332 100644 --- a/backend/package.json +++ b/backend/package.json @@ -23,6 +23,7 @@ "node-rsa": "^1.0.8", "objection": "3.0.1", "path": "^0.12.7", + "pg": "^8.13.1", "signale": "1.4.0", "sqlite3": "5.1.6", "temp-write": "^4.0.0" diff --git a/backend/setup.js b/backend/setup.js index 9a7b69705..6b9b8e78a 100644 --- a/backend/setup.js +++ b/backend/setup.js @@ -15,18 +15,18 @@ const certbot = require('./lib/certbot'); const setupDefaultUser = () => { return userModel .query() - .select(userModel.raw('COUNT(`id`) as `count`')) + .select('id', ) .where('is_deleted', 0) .first() .then((row) => { - if (!row.count) { + if (!row || !row.id) { // Create a new user and set password - let email = process.env.INITIAL_ADMIN_EMAIL || 'admin@example.com'; - let password = process.env.INITIAL_ADMIN_PASSWORD || 'changeme'; - + const email = process.env.INITIAL_ADMIN_EMAIL || 'admin@example.com'; + const password = process.env.INITIAL_ADMIN_PASSWORD || 'changeme'; + logger.info('Creating a new user: ' + email + ' with password: ' + password); - let data = { + const data = { is_deleted: 0, email: email, name: 'Administrator', @@ -77,11 +77,11 @@ const setupDefaultUser = () => { const setupDefaultSettings = () => { return settingModel .query() - .select(settingModel.raw('COUNT(`id`) as `count`')) + .select('id') .where({id: 'default-site'}) .first() .then((row) => { - if (!row.count) { + if (!row || !row.id) { settingModel .query() .insert({ diff --git a/backend/yarn.lock b/backend/yarn.lock index 55723d375..cea8210bc 100644 --- a/backend/yarn.lock +++ b/backend/yarn.lock @@ -2735,11 +2735,67 @@ path@^0.12.7: process "^0.11.1" util "^0.10.3" +pg-cloudflare@^1.1.1: + version "1.1.1" + resolved "https://registry.yarnpkg.com/pg-cloudflare/-/pg-cloudflare-1.1.1.tgz#e6d5833015b170e23ae819e8c5d7eaedb472ca98" + integrity sha512-xWPagP/4B6BgFO+EKz3JONXv3YDgvkbVrGw2mTo3D6tVDQRh1e7cqVGvyR3BE+eQgAvx1XhW/iEASj4/jCWl3Q== + pg-connection-string@2.5.0: version "2.5.0" resolved "https://registry.yarnpkg.com/pg-connection-string/-/pg-connection-string-2.5.0.tgz#538cadd0f7e603fc09a12590f3b8a452c2c0cf34" integrity sha512-r5o/V/ORTA6TmUnyWZR9nCj1klXCO2CEKNRlVuJptZe85QuhFayC7WeMic7ndayT5IRIR0S0xFxFi2ousartlQ== +pg-connection-string@^2.7.0: + version "2.7.0" + resolved "https://registry.yarnpkg.com/pg-connection-string/-/pg-connection-string-2.7.0.tgz#f1d3489e427c62ece022dba98d5262efcb168b37" + integrity sha512-PI2W9mv53rXJQEOb8xNR8lH7Hr+EKa6oJa38zsK0S/ky2er16ios1wLKhZyxzD7jUReiWokc9WK5nxSnC7W1TA== + +pg-int8@1.0.1: + version "1.0.1" + resolved "https://registry.yarnpkg.com/pg-int8/-/pg-int8-1.0.1.tgz#943bd463bf5b71b4170115f80f8efc9a0c0eb78c" + integrity sha512-WCtabS6t3c8SkpDBUlb1kjOs7l66xsGdKpIPZsg4wR+B3+u9UAum2odSsF9tnvxg80h4ZxLWMy4pRjOsFIqQpw== + +pg-pool@^3.7.0: + version "3.7.0" + resolved "https://registry.yarnpkg.com/pg-pool/-/pg-pool-3.7.0.tgz#d4d3c7ad640f8c6a2245adc369bafde4ebb8cbec" + integrity sha512-ZOBQForurqh4zZWjrgSwwAtzJ7QiRX0ovFkZr2klsen3Nm0aoh33Ls0fzfv3imeH/nw/O27cjdz5kzYJfeGp/g== + +pg-protocol@^1.7.0: + version "1.7.0" + resolved "https://registry.yarnpkg.com/pg-protocol/-/pg-protocol-1.7.0.tgz#ec037c87c20515372692edac8b63cf4405448a93" + integrity sha512-hTK/mE36i8fDDhgDFjy6xNOG+LCorxLG3WO17tku+ij6sVHXh1jQUJ8hYAnRhNla4QVD2H8er/FOjc/+EgC6yQ== + +pg-types@^2.1.0: + version "2.2.0" + resolved "https://registry.yarnpkg.com/pg-types/-/pg-types-2.2.0.tgz#2d0250d636454f7cfa3b6ae0382fdfa8063254a3" + integrity sha512-qTAAlrEsl8s4OiEQY69wDvcMIdQN6wdz5ojQiOy6YRMuynxenON0O5oCpJI6lshc6scgAY8qvJ2On/p+CXY0GA== + dependencies: + pg-int8 "1.0.1" + postgres-array "~2.0.0" + postgres-bytea "~1.0.0" + postgres-date "~1.0.4" + postgres-interval "^1.1.0" + +pg@^8.13.1: + version "8.13.1" + resolved "https://registry.yarnpkg.com/pg/-/pg-8.13.1.tgz#6498d8b0a87ff76c2df7a32160309d3168c0c080" + integrity sha512-OUir1A0rPNZlX//c7ksiu7crsGZTKSOXJPgtNiHGIlC9H0lO+NC6ZDYksSgBYY/thSWhnSRBv8w1lieNNGATNQ== + dependencies: + pg-connection-string "^2.7.0" + pg-pool "^3.7.0" + pg-protocol "^1.7.0" + pg-types "^2.1.0" + pgpass "1.x" + optionalDependencies: + pg-cloudflare "^1.1.1" + +pgpass@1.x: + version "1.0.5" + resolved "https://registry.yarnpkg.com/pgpass/-/pgpass-1.0.5.tgz#9b873e4a564bb10fa7a7dbd55312728d422a223d" + integrity sha512-FdW9r/jQZhSeohs1Z3sI1yxFQNFvMcnmfuj4WBMUTxOrAyLMaTcE1aAMBiTlbMNaXvBCQuVi0R7hd8udDSP7ug== + dependencies: + split2 "^4.1.0" + picomatch@^2.0.4, picomatch@^2.2.1: version "2.2.2" resolved "https://registry.yarnpkg.com/picomatch/-/picomatch-2.2.2.tgz#21f333e9b6b8eaff02468f5146ea406d345f4dad" @@ -2758,6 +2814,28 @@ pkg-conf@^2.1.0: find-up "^2.0.0" load-json-file "^4.0.0" +postgres-array@~2.0.0: + version "2.0.0" + resolved "https://registry.yarnpkg.com/postgres-array/-/postgres-array-2.0.0.tgz#48f8fce054fbc69671999329b8834b772652d82e" + integrity sha512-VpZrUqU5A69eQyW2c5CA1jtLecCsN2U/bD6VilrFDWq5+5UIEVO7nazS3TEcHf1zuPYO/sqGvUvW62g86RXZuA== + +postgres-bytea@~1.0.0: + version "1.0.0" + resolved "https://registry.yarnpkg.com/postgres-bytea/-/postgres-bytea-1.0.0.tgz#027b533c0aa890e26d172d47cf9ccecc521acd35" + integrity sha512-xy3pmLuQqRBZBXDULy7KbaitYqLcmxigw14Q5sj8QBVLqEwXfeybIKVWiqAXTlcvdvb0+xkOtDbfQMOf4lST1w== + +postgres-date@~1.0.4: + version "1.0.7" + resolved "https://registry.yarnpkg.com/postgres-date/-/postgres-date-1.0.7.tgz#51bc086006005e5061c591cee727f2531bf641a8" + integrity sha512-suDmjLVQg78nMK2UZ454hAG+OAW+HQPZ6n++TNDUX+L0+uUlLywnoxJKDou51Zm+zTCjrCl0Nq6J9C5hP9vK/Q== + +postgres-interval@^1.1.0: + version "1.2.0" + resolved "https://registry.yarnpkg.com/postgres-interval/-/postgres-interval-1.2.0.tgz#b460c82cb1587507788819a06aa0fffdb3544695" + integrity sha512-9ZhXKM/rw350N1ovuWHbGxnGh/SNJ4cnxHiM0rxE4VN41wsg8P8zWn9hv/buK00RP4WvlOyr/RBDiptyxVbkZQ== + dependencies: + xtend "^4.0.0" + prelude-ls@^1.2.1: version "1.2.1" resolved "https://registry.yarnpkg.com/prelude-ls/-/prelude-ls-1.2.1.tgz#debc6489d7a6e6b0e7611888cec880337d316396" @@ -3194,6 +3272,11 @@ socks@^2.6.2: ip "^2.0.0" smart-buffer "^4.2.0" +split2@^4.1.0: + version "4.2.0" + resolved "https://registry.yarnpkg.com/split2/-/split2-4.2.0.tgz#c9c5920904d148bab0b9f67145f245a86aadbfa4" + integrity sha512-UcjcJOWknrNkF6PLX83qcHM6KHgVKNkV62Y8a5uYDVv9ydGQVwAHMKqHdJje1VTWpljG0WYpCDhrCdAOYH4TWg== + sprintf-js@~1.0.2: version "1.0.3" resolved "https://registry.yarnpkg.com/sprintf-js/-/sprintf-js-1.0.3.tgz#04e6926f662895354f3dd015203633b857297e2c" @@ -3665,6 +3748,11 @@ xdg-basedir@^4.0.0: resolved "https://registry.yarnpkg.com/xdg-basedir/-/xdg-basedir-4.0.0.tgz#4bc8d9984403696225ef83a1573cbbcb4e79db13" integrity sha512-PSNhEJDejZYV7h50BohL09Er9VaIefr2LMAf3OEmpCkjOi34eYyQYAXUTjEQtZJTKcF0E2UKTh+osDLsgNim9Q== +xtend@^4.0.0: + version "4.0.2" + resolved "https://registry.yarnpkg.com/xtend/-/xtend-4.0.2.tgz#bb72779f5fa465186b1f438f674fa347fdb5db54" + integrity sha512-LKYU1iAXJXUgAXn9URjiu+MWhyUXHsvfp7mcuYm9dSUKK0/CjtrUwFAxD82/mCWbtLsGjFIad0wIsod4zrTAEQ== + y18n@^4.0.0: version "4.0.1" resolved "https://registry.yarnpkg.com/y18n/-/y18n-4.0.1.tgz#8db2b83c31c5d75099bb890b23f3094891e247d4" diff --git a/docker/ci.env b/docker/ci.env new file mode 100644 index 000000000..7128295dd --- /dev/null +++ b/docker/ci.env @@ -0,0 +1,8 @@ +AUTHENTIK_SECRET_KEY=gl8woZe8L6IIX8SC0c5Ocsj0xPkX5uJo5DVZCFl+L/QGbzuplfutYuua2ODNLEiDD3aFd9H2ylJmrke0 +AUTHENTIK_REDIS__HOST=authentik-redis +AUTHENTIK_POSTGRESQL__HOST=db-postgres +AUTHENTIK_POSTGRESQL__USER=authentik +AUTHENTIK_POSTGRESQL__NAME=authentik +AUTHENTIK_POSTGRESQL__PASSWORD=07EKS5NLI6Tpv68tbdvrxfvj +AUTHENTIK_BOOTSTRAP_PASSWORD=admin +AUTHENTIK_BOOTSTRAP_EMAIL=admin@example.com diff --git a/docker/ci/postgres/authentik.sql.gz b/docker/ci/postgres/authentik.sql.gz new file mode 100644 index 0000000000000000000000000000000000000000..49665d4e66a29e2859dddc8c457431aa50a1bc18 GIT binary patch literal 1036690 zcmV)#K##v4iwFqE5;SK317US^Xk~76X=^TXacltW{b_UD$c``ye^y8If2hajd2hSJ zT^9GHPn_poS&J=evn6>QPt;A4$r7z9vP`nHc;fu`7n$72Op>+Ab7Rg-TPzYlCXfIU z$aOdze28#3h;Tfg{r=nj<>B7-;oxBJdhgZV)!_im;~VV9-t9m0Z7EA{;JSi7FxX+~^0cj1G3_x%qbvv+!Zcv+`%b$AU` zK%spznxXh+@UOvaZcRKJ;9piRW$s52ugdPi^b@=|n;rafGRE|EJ?_VEZ zoOe@6+U4NzXz#=6b(vBFu_zA;NjY5)v4ZCn=^cJP-2ZS*6{e5?S8TnSJFP+!?&8xq ze5gVH{@XXZ_F_0B{|(*+Q9KUu)%(+dgJNW%2oIe3bd~^6kOTOMoq-z$(*ouWhmjZf z15tk|44xlg%R|YJq4;t(cE+M4yb%8^<6Dn|*?2@~_eTExH)@G7it!X`K8n354(2h~ zqwvq<+a$1W8LvHOf=8Y|ibLc_$c~|~QG_E>CxF z_|HX?2>+QCe}jQVckU3aU3ne-DQL99-P{ zIQ+ZNvP^?gN1fV5PKbQU)VTJIr^BSO4tCLe0;+(l365sS#-u_1V1FMW+Xk+I_4p=m z0PqH*S(718 z?DgK|b<+8Z$(!SIXp}RcNJ>fHonH*jj?X{toqjkhUhI7?z1ZIaO(fu%ta)OaVX$=S zPojVJo(>8BHx!Ycnd^;9=XkNyRX-CUZQ4NGOhq zN6#k#la1G`vfTw{QnN!0A%-&`fgXH;X!PEL6p#EI{0w|t*TxBo;?aEOEQB;gK7?8T zk00XnRaTGDd=BkQ|6y4Y!Dvv!F(QHY;CmGKR>QfI43&jO%?(~Nu_#+;HiP(ZL0P0o zqZ<^l%O&ypJYs$VyN0j~a)BV2V2JtIVjE4t156SM|M8z3FH)u7=?i)&NM9F`l7ghc ziIP8?QRY$snex&fd<}AfDe`=#tPN8DNMkGa3_#UWGq0k zlSUk*u4M?%ze5wx;eHRX9YBuw$oe+-u^$GL2~7yA-}Cyp=*|N*VOH@TTO%8XvFDNs zVrCH$4#8{2F-hWT04Rps&YH)NM=|Y+5^yk-k4K~Iv3IaHd=Ix9~mvDG}Vpv zjoysef=LWPyb5%0^{%T1)4w;S1eeL@xWCxg^6bms;nliO(k%g%5Ef=Yvt@| z(z>EDQ7{i}h}C=_+nWt2n8kH#>Q<6H==gmSPI6*{R%=OETHRh6qFL5*>V&psLk$MD zVoe-wpU|!#l7!wSew;$2My6;sW>K|*@-Th6M9&IQR+z>P%mBJH8nTFH*Q>aMPG^Dn zM&(FL=ypZ~F$le%N!FJn!j)KqAGuUBY6hx>>{|#^L60Y_+_DH}N`SnWxRRZh%UZDQ z60xk%Xj||-c{MlfZfZO|t%pf!l9|^iwXY3^m;5rj&4!U%GeF9YVx{i1rK+o_a)a6y zm7BrJ*3_NH_Y)dG(&=wb*%SItHty9i#@^kRl*U&XUl~&ybRc4iV*7>|AK{V70tF+p z6{CEi2Merwuq=tFTMAsn-qY4v!nV`cJ)IBUo-=JPx7(p|a*hr7(vF(0UFKWxsU0kB z+OPKF|H*x8GS<0$lVBJ73t9xHqRSfuo8b2Bfy2<2%%PS0C$xq*xWyYB6rttKKfGwU2}NTj)h2@;++*T{6@p*u-JQFI@K4r|Sn zWUwczCc&627HC%pQhcA~soC_m7Xsx45NJ&nfCsU96Q+hJ4OlN4kyYJyn5)fX0l@db z^B0+QTX=LVYnu@ncNyc6LnGgw#dS|waaRA3MRvE-w1pA6O-ENZYZXN~-S*Mp zm)K+Uiwdk%p=Cw46}hcjXsb*>mn*cI(6$illqz& zW!)_t)K;Wi=kKZIom6ULTQ|CjTiN5TxR0Z=e#<)GI-zZ;bAy4cXf=o1Csyw5t;JxK z_KPgVXdlQ~$AUQ~^Gn*z6RfphR(~5-^J}fN2p?y0P+kUpiyvpm+fW+MD{ZS=Qf`-7 zGFe_IPj{fOfPfqR$7M!ixbj-e&fs4h&O$H3BPam-(PrlSn#E-8n*QX=oi~Klw$R24 zAN#LNBUSU!B(cDO<&EJ@lV%%G&o*NSVb#W(liliDYB5??WodcK7--i}YO~t`;(R5j zG!i(>IY_@pOSM9h4K$&%*hmv=+t$*pp9pk86}ZD>V;23hnRYJ~kT*8@!Ec=8R0#H> ztQmW;f9tlp^gIS{2F;G+B}1cUr2U_<3s_V+yOcfIXH+e!uU3@By_72WLD~asDxPJO zlPN~a&X7AykIGM)mTVZObn50z3N>{+55g0Aj=D_R_0QYiyosGPh%9_Zc;XCM?n3B{ZMS_gwpV%wwJ zY#Pfhd@s5g6)mzr(ig^y;4P-|CFNO6#mU0si2l0~-7d&yN}U}1u&_$@UzQCj>5cuQ zIXezE%4T~O3S(Q2?LhV|30HmA>Y&oHYCD+DpnjG&@yIGV(gSf!cY+?t8HsGm^U2{b zZFzHL0s2zo4W;H=R;@tE$2gVkhE=Rw)N(0`8(Dna3^7<6n#{=w98N3#jy=C0}HvJrG3vw#eavNUC3HK>SqS(Vt_YRy_1 z)g_xP?Vd=Id(h63;YhtU%gBoge1o#0^fNgninoAsUPus0QHu$Io*4z5x3`(2p9=D& zoO&4!ON16<5ZwDLh@b~|0{a$+5e~_TMjM`8?kY4BMg~{^-eyX?d?}tp?FUv705T5b z);{-afli*5Y?s@)g+m|55YcY8ZCVOmrF{t5mW7wnqA} zS;?ml%MU7y+63HOFPx7kgz0H!rMY|Fj=)9RBI9W_x#!zWH#79fFRpvYGehC;E#hu& zUQ(8&+O12fn;p+=VPJ#fn4R1{&G==#T3hz+yi%8UI+MUgtNUzjy%tmPEI%UG5KJGF zf0I;fBVy$jSIq<4Iz~v8=98E^nu|Pox+u-)-uk^<@ z8ltQ8{_RrATN`uxrI*<%fzr7CWRae-f6bR|54xmilx2XV9=M~&v?7Rb?mJlqrGD`|}j010${JRZtHi}!ogG7F= znyh24=YAZLvApJ>t*&Sb9E0Ck<0U1X?`zB+wjpm$p$kZTN(4Ka&t^EZ$xTMQ)4CG4 zNpRl_E_$3=!KCSGvM31qg#x8 zFXmP^xpe3T-QkfpvM?E?y!ZKM$|T@qKF+g8WHkVH06KyE`C#8!+#%u{&zgRGTu`btBS+PdD=8+sm`t~pEF@R;k#3uUfn7F1~WNJq9K ziIPz(qNM)|5-%D1h~3_`qBu&ie6hsGjG9VWE0&?Ps})HdS;bn}&6ZknQrM!M0neQ- z+a+wH2dFswt?Zph8)KP+F|j?TLuQj;JZ3G1Sh&H~&_0`-_GA}T>z>oMEvJ>VpJCQ9 zjhU8G8^>>*+w}36td-}Kmt6|j=kx&fdfaT<4tbL~xTW@_zQa|N1)JShII~#M_^EJs!M*O>uXs6EE^RlQ@U-wQ4s61qJtjaH{I&A5$Q+u}2 zPq!4@KU+)k1yGmPd?G)ji08k#sli&BX1P8&pKcfj!FYm45PjX!3r*7(`R^1`lO1z2 zEw)TedfXDh#NEO%zRU5m$=2KK{MmB+Zg6UCDd9ZLblbwRQzY5_HLQ@-q-2FG@0n7n zFCOYK_souB8)Hel!^t*fsg&mp`&k34!mrW7q$V5Kj<8%kHY{~4x%RIibyAa+?5g#` zmmWs9b*rKrZ@7IobF{|d)hO9hdO&^L))tVq(UAe@qUP3jY{xy1p0q1k+T7;ZwgS7O-8CIn5#l>2kGmjY zMALb8H%;rw+>Qki7XRxSlxZF(M?x%c=vaQZ^iq8_qk-0^T-%D)8BA;?DCctg)FF6Q zv3cqGS{ritEm?cL*sa-oi&4{h^t-0Wr-w0>w}}8QS>`(-Ya)46n6RTM23fF9@hG9J z?l(Go-P5_1h9<1)TM&hDoDe(UJM4Hg4?Xq_pywxpclHE%(`e-RMXJEfPh7IZEdd(QBbIn4*OFt%$VdV? zw!b=a6wNLEB#jqEb8^iy?|TxrQfJj(ehS#5rr4)f0T6dos_e2ZsisIPdZjA0(f9k? zD7}qzGiOjNQh^?)QdE&U06Dj+tfwKWHQ!vTY`O1fV{)5)Nw-9Pk-jDMU|S6M$|e2^ zN#&-;gF5m$e$h{s@l{%AMb}WKwPjyWVPl)d&*1qNv36<&n>^>awZugxSIXk}_9cxy90*Wi=ntu+o8b+XyNcC9e6v^wI%*iAU$| zzTU+ZNOyD{9U6(Qq9dlpY6mz`GEl zt;MOg;2L_5_MV~#Z#tirnrivume@jEN28Cjo<6(wV$(@_d*MB@jc!X^@0!ex3U8(n zwiSnWFt?SEyq6@NIyxtng#T*VwFO&g7P?G~o*Y2L@pwy_1fyQ7m_kBs8-aMOv<1h_ zSLrlLVM=ygDKlZBt4EVS20$GzN)cBNBfuKid^5uh?b!0z!%#O1mNGzcYC( zAQqNCx324u`8GUFqr3&Z46-A73ms$9lX005nmZtJyKQcfJ@!lv>8G7Za&L?u#3Kv4 zkpe!a{ z7LA^)0ym^Bb6e_#yXZ3!hskBR* zo9#{MKU;Ebwc<9~H#7=cSxDRRN%is;^hw-XUbq8dOYM_lZEPxA<>RO{vfMlib@}#O zpVk)wZKR^x*zDB19^FGF6)IcY#oC{RO*YoHhEV!*yOq(D1w`}IV=9fRK8bzx**CcA zwm@2FeQ(t2cC}_B+QODIW|b~?W{25I3AHcc(LS!mrk(sgcmj(r4i86@J7i z4VOa9eecH{`($ef|MD8zT_mwcd$)x`GQY(dpjm4lnG`U^csW7R^|XnKmv-rFsZ;7Id>eT~XB}3N zYl-3(1X(Jre}|Kg7;v^XviBZ>la1nR0V#X>t~gA9R4d;j-UGb6wXYKz>JQxl?goS= zjpkEe6ykf{l9L3WWywRScWXI&HSippZjxfJe91qLcry(Y;vP>Xqgy|?_nUA_DS25x z)}+6 zqPNj2cGO@6i5B!WFT$d%{{3P5ftuOXd`X&?c>m_Ds}yRKEDz!)2(*TbDdlBas>JA8 znr54By}jrSI`xi%R}ds|MNi{2cqOmk&Ut#e-hrR?+Ar4@beT`$CE;nSjnQ88HavJo z4OWn7L2vUSEXwNd!CTe=Mp3Z9YQt#K2HmyrF27rmomYvB0%JU#1t9>8DrYEjR}f~) z^U|xsxE&V2K<#|UT?b=4UO|wwH+mA+%q#inXF%Gkx1_MM)fn4w+tsrAyY1|JiKUFYR_I#9w7C^l zZ3UJV_%QuB?`-EjtFO{VSk)h}YP}YTZ`GZ)7QIP#+FtNl1i7)*X)WcgsJI;6>{zt6 zn(UWYlorJZqNH+Y6F{Ig52|nA1qIwp8!S|X+yRpx%MW~X-z0)&9zDZ^yS#=hIP%6M zbSy`L`M~;=98gG_H$>TCeVie90-02V3$*mstObR;Cgp+ulH)qJt1x-7-RtA29Gh8; z#<;YOG;=s@$upqj%$_-`6vhiXg7otQk!h*kCyap(Ep*#ACBNtu;R#aIg0ZS@7VWrh zecbHEfF2BOa34T#?o(=8Ui;6iUViq&*op1xH!SIjxIO>TRg>QRPSaHv#@T-RCA&je z#h5yoT7!L6%gBBu3a3cUX6~ zOE|x*E3L}z*Ra8?A+{2wtTDjr4tTO)j<@B8o`uL8P|JJ^iV@rEtePw?+)iuoD$%s| z23~AAh2&PDcUPWoEasfpPIg0&BHjSOoM_0Rd7~Q!)9hMd?y1AAi=rt6ouuKOkMKAO z{K+Fv-PwmDtTzMYx6PV#5B}S>>#G#I)eJP5&1THWY1yn^a*7A2t2gQGL1#DcvP~EN zC$U{#J=U$}PY|qC8QOMa#^U}LipJ7Y_o_aQzT0*$*j|y|ePJ@4l^g)VyH}>YW8 z*_%95nxk^nnPsJ1C55fzJUUu&9quGOCzAfzdf(YBe5*ZZM{gD1gh3onNL1t^Z$ebO z)e;!+MVHc%MEoLM-QuP(;z_A)8a!dH%}gq4v>DTQivE_t+}3+tt|WfFzBl=^xl`_Y zmfh{gTEch!0OUFc0~nQFx7BRnhMB&sJ*mw+{jD?1I>tdftG*&{wj8RqRHAp7>Ud)> zZXUM3T!gxcO|>zz2IHdS$v@kU)M^E9HA*9^Bbt;9#!BZH&j!&HO(x{7gu1&G1{P>Z z^FyjTTs){#h{$QJJP0TB+?e|{9r9q8{XYTd$^mG+rT}#Df~zJmO7y5!XsTRmDuO6@ ztpKX?Ya*YkdLygNOknj`z3xcX?-ZXP+^93P?O1~?fnO-lNG}7!)z`^eLl%wgb!1&N z>9Ja%i5TP7LGgQR5hOpo%NjUc>vDlkmeycnyfRW%6Srw?o&0Xw{JMnm-^37QEUCYS zA(EPG!VuTLRHu`R4cgx133|Ftet#9)oBa3c1QpZV;*zD$wY zu9__9jWcpj85VW2w8;j10@vKh@3viYmvDX|*W4yM!x7wH!w^YL`fr448}#h(n=F$i zS12RUobY2a07^#uA*tw7HKSmr{+d_w|n z>rzrP?yfX?jZy13WJve!vX0G?o5R1!xZ{ZE;3A`l{a2B746=6b^h!s^N*z>YAZR@2 z?KJ!~hEvyKUp3X+oLN0(uUTXA$vR7>M1IAtvKhWTxmTp?pPyH3lQ~<6BRlkF+^R#L*L$o%tG&u(KC;Gs_1wAfulGKLGl6F zft@UUj%;!{BJXT#@^Lgp52b9=383Pbocm*Y9rIMGm;faZIkjNX+A=Z|dc{wZ z0mvm{>?c(L8}Xu;ODannDivBxS9`SchO{?3((GxqIIBf>V9i3_%qfKn*L{;Mw3Qfn z0bVyBIxi-eCk>}P|IUlkYUYm{H7Hhrx$TfQ(3$ea-g>5{uJ-_*n147%Hfvx#wq&0X zc>D?N*m=&gD+A`NVpp4M&zC>Di7n3M%$Y@M^I-zF)I|n?AV{01bCpCRAlNL6W3^zc zrG`t%IgbLehmFgaU1D$fTFAbow|KDE-L!9zfe@Cg?TJam9Y-SzyJQU1CJVwR+|?lT zz;+rCt$gKPs|1#7KS)<*ar$SY%~md`bQ&*t$#s!5Oy&-a)4-CQ5%oW!Kb@%OPI*FR zWn(h9%{c?)8OR@p&sy@f5k+HWsReD4{*jcCW#L`Z*vUlz6S7Wg-UFhos09_V(x$8H z-{yTsqqJ_nv4Tj}WtU0ilALk7;>i-#&UB!R!#_-lP+zxvvnsAv%v*```OIuStncFd zNdtLC<43qed)Q`ay(4poN#@gJn=Tn&XRfzf$4C;Ric6VA`AR49oIGw^!Y#$FJD6!JYI%{R z*O9{`ecFz|ScUf1%qWSLN6tLtFAD!Q<8%oKfsXEQC|k@*=wrz0~69 z({=>LDzyKo6&-|3uDKc^GR#CL6S<>}75K^(N99?v86x|iI%YS+5hX_Kv$-^?4Awjn zc8RuTN@=l{jM5D0KuIir^PR8TD8irBHYc! zq_v7}Fz94*^)yjsR+Z%MMzuHjoBJS2d&E0Ur>Uo@7IFs{x#MZzP8_aoqdOF%Fk&J) z*hTY6(i4oJjy^a|S_*eNMH8N`lUM{HUkAgR*tsLi2Iwq0H+FG@ASNA|=ilt+X zA|yK#j~;)*Da@PB$UTcbd#a+wMY8UtHK?kBE^$U`RhLFAdi8T^SVb;$+DlD;7jt0b z7IM;;-FQ(PgpV6Buv!_V{(*fq)3bbv@>%Z>_ z5T?R72s0bHBkQM_8|9MCRt_CuScfuZHSVK{<2ec)2&j`Gkbo}nE;b6SQJU=qb^Cw> zV>G+%Y2Gyt$|IYP{B&-bTKL504vtrEolQ86j!LiHgY@EXo9-m95Xow{VGpcwp3EHD z)xBe%VLxkN^1F~RuqbTQ7MNAuoGG;Mx9t(P#4I^#pN)(6RQwG5WkGo9qpL-=GpS$| z*Eh+`Cj{Dcs#^eE61!rdayV+= z5hMoE=mtgXa)DAjXV30|jaw7`MuAjpbP>X&WqS$nD1GKW7FChOhVZQr`A(Gl*_=w3 z3dvNM{^09TI+xDeX_3y%J>#_iB~321h`o5i*2Wx!EYx97g_7Mm84J}DUn=|C{L*qy z#`k}JX?{4Pa1Wn`+7tV#>nl`GF^#QBU# zJeZN2zxcZpZw72wToPBpu zx&#F}yn1I=gX!NtFE*~VkdT*9k4=rd)QiXzAW75~53jnM`3!~4UdD??(HvrJ=J6hj z$$PPpojT$Ox4b}wOdIGvx7f4kwdHHEVOTDG2tw0MRh{kw5J9WTe2(;&rfJ$5N|?1 z6hBTOnuADWv({BBEDz|XOZ2;?J@m{_yEKNfn3mToxrBaaLHx$0NlWQ>A4(8yT+ZpcPqFC~%nD7nC2y2hb@L9W#@W;Q zoTMh1sf|)w+i)PtFSpk=@_Js*04Y0;6+7FO%C4f;4Qg9fbOt+HRDB-zPiPEDNU&MO zPs(_*@w1L``|dub{q#-7bO{~G$PU`<*p=A5$FY0REs4Eb3S7+g)Am}z&eJ$Qops)> zdu=bf+r@Hnl#O`Tj=HX0@>}w<9c*ph)Ao|WlY84_?DT2OgI)A5X&s!ZE^i!cg4?wX z4pUn*jaC^vp=HqBmYcNzT0|zaWOwJPXR~(A$8^oeb=(=^F%}CnN8|dfW#S#8xco>( zBF`nvk#N1)rlu1c-APq;94BMlmSnJ}#ORSIU22hU$?jM>n@zZTAy8fbf!1UJ_+(Fc zzsm@`Xw-gm2fYdSd*Jzt%&8ix{EXbd+}U zwo#PTZ6zH(iaqYXxY$ZnT2_Etlis>Tx7w6_e_*?7dQsRLw_|#1=VcszEU=K)qXzA%<0(Y##BCo83ga(ef$_;af&jy9Q>P z-4Qvtma7VtrUC~#hc@WZUagR1>rdz`He$uvcD8~JBqCi<5y&}_QSxVVtzRl6Z*qD- zCAW!?%^f}`CsQrFdC;DCq&#m1jgR9c1E*(13!bqHSX4#3R6f}yRV}K&Zj=SSltTDH zaoyjh^`cx>rXDSOTJCV@#cW@01rGbeqAeX^%st37(OkyC)vLt6EK#i7aN&HiL6^=h zZ`})i+M2sE3cZS`X~owf?okYO8<88VH#a2GU38E05bDUhhAF}2^p_v_?@{%2H^b%= zzaC6&Gz07{gQrOa8P&^cwoMz!3+?P<_{SRX7WLg@>m~?pxjS_ua+!6|a)fq9pthD~ z6~ij{UD>44+HHEjMrX;T8zd_$kNRKfu~ex`$uD}0ps*N4x0{w%QPQ?H7IO`Rz?PQ8 zww$X`UnG-R7>-C5!J+=2?t zAP@BD2BF4s58sP!Mn#J(kR(Eny8zyzieFNn#T1<^i;n2O8`JQjh)lJUgDw_U%>E0< zK{35?dX+)HQ@9rkbz6=pLG~>PX?@n(q|(A~av=lM&+;Z7S$8m1+U^uvm&6!Xh%Ml*7Zk@bH*tYSoCOiRSING`VT40+=+PFYc)JSD zgqFe8zqe@}FY$;cQTw@81b_^&xV6u{8={k|C0plqZsE`;H%~r63$+x!N-Ghv0O@*T zb~H&F;&Bv3&E3k2w?`WfOSVb+uzC5X56frjqc$-&7yRaFdYB%7R+>cTZTnliMKZ2d zlYYLlbaNw&{33gtlAfaQHw|(3G%qdDQvKE?+szLfwlJ~L;lfUypJte_Uacqa`n-~t zcSDoFM(gn9+?p+>?)eSn&U`w3O#V%Bn~e#VUt~48>bfI*5_5-6kr$7qp3ieg$#?Xy zyt`@PVM+NXbBJ{BHn>9iEB&#p=IE+H|JEs`gpJAe(#vexzBH6RS*#!JU-xBOg|7G+ zWxJ4)pId7Xe&PMw!omI{MSYVF<*+G>3rZ|ud~>eAbTM>psWkGzqE$&lc^&p&P^0VmU8o;@Oy^V~7t z1oG#DeP?k;Wp6xdHbN63c_&?z$f;&RXA~t{w{O6c+yoPD>c+fFxuRI3dZUj_M>iEo z$F=*E8_JQ~rMz%Ksn(1fRY$I*nCxOQ-CDAcT-8UqZ3+gGC3Z1|Ni14Wq1_`L*^VSi zMy-gF{x3+pWb7k$d)JEMD8=%{5+5^aDrK!$hSsiDBz0sJYh^cEYRPT4c`xHom+cs~ z)eltM{#G_Wq)oESxtiFX)8V#BFdnm3BrMTvYiOlS&pNV;t98}s+m>TX+K)Qxm_%$xQ()4M`_hYmLggLbSX7| zk=1-@Pf=;bb!Z;VlDDjWNoJnupw)6tZmK%ab9p{q&*gZeVD>COON9f8`SG>^WOk7IpLM-s%9AhkTD!`Nb88E&p}u(6;*T zmcskza!ED;O4FKcUe;tb?wJBL7%b%u{ zJod;@59{nWl7xGP+2*X4a=l^CYhYFQb=sNKW+OWZmaEBzWsfD-{&i$eYO|7!wca?> z!vLSa!YI!hZspCLtFd@hO171rfFHND2qbxQJOMhcx%C~}anCa=?GV#k2~9YAGa%=g zVczbO}Asxh3kOc9#K-^tP_)of`kQt8o4u8HsoHd;Fa@Rm23gD^Y;U%qr>Y}qzf42Z+H827 zV3C?^R`wgco?)5FtZHJv)?nNMd@tM10eLBreg;R;X7|Rn71|vUujzD(5Z^(0++`0V zn*Ou9Z(2|0wlRpl_+QtcQu8=D17d-b$nq1am+ZqCO|(80+h#=1U}Q^yJD2aL4%4%W z%}aOf+K~Nk(emp>Z_WN&44l@Z-wjDVJ(a1vc?EFEBI5~Jk;$XNgdI&W$bxlvM+s$h zAJXCXp3=oMbYWFTQz!To?xw-imYohq2ET~waWKhlw;XPi3f-E!Ny;4At@pZezqUB5 z#XZ8h?Y1n=6)mIrPM%*b}Fw8{4`VxP&MEe_Z*%Uy1Kj-J!d>`mq75nRQ9UcX+y zI>grxC&Ui;5j!5uLytYH==sUOpFKg|G#Yt+kxp=P7?&)qOMpi7tR>!Ix8zhZGV(y~ z0jSPHMRSWk<>N)soZL&z`<}$K)N!?!p91!%Dfa2j0>m|yD!aUUs;Sb79;!-h^!@%e zO0P-X+<6*{RHDZT8&%{EK+eT2>uQc_-8a`ZPtcpRF}mH}rCTn)NNHhn;JYpIJ&)s$C=@fYuK zFY;dA3@Q~~)(qh3;W7Dli-A3()ch>GYX8(8+~>FN+>o=-*c0eo5OxsUdbn+hp1*7> zy7guwav3yO(-=Q+BKcAc$a#E8#GC9U;@#MSBG0D7HKUFlnI*`4b8$Y|#9r1_U?lgC zwnC@UX<5+7PZtQ|HlD?!8;nR>k}}t^R*a=R%j!QQYo#OlwiRqJN?r4L>!o7{6A#bb zCCKmMBOJ$21ZPPs_MKVa`AeP7$BqbA(FvABSJ8=#yDce0R@|Deyx}@MC_N7BfOo@0 zTf0-w!8Q6Gtv*E$-gG`KHPIj}x68@`c*_Q04S@1G(d~&c7#|JKH9*ml;VipOxZ3XMK5*HkQ zU!^lC1u@wTs?5}iu3$~V8~}B^C`DXHuvzDR`F3->dG=?kt;Z;L(Kft6A=y*ak|HIO zAU=-i?w@V!7-2KE*5-K%H`ZN^4X-2ZRfT269HHri{lHZo^X_UF3-$8anufbzXsxt0QLURWMZ@0}|vPZJXr3SQB;Rv}gr-&@k?T_JjV@Ur;Xfh5$$p5F@d0Z5ebFI4J=zMSeu&ij79SO$7 zt6b*MKql%SMk@w2Uw%8C)&?7yrl5<{LX@<8^J*f96mp5;ygF6r_ZE%fRu|F9s!wKXefB!8 zx|NX@THnL94jWsuL2YS+9JAbxCg>sMjuj;vYlJ0sw1pNKy@Bp9v$ zST#11B`;Wo6~#=9=jmN{TP^Y~l9+i<$DIw|agMTHzAaiSx?EG_XIO2?o!83i@5WQF zH4i=Z3NdoUZulM~^h8*kQ9^%*AH z54npT)49HuRgu2OtHsv(vbt@o#iF;}ceNM4(LSrA=;g#o*Y+l=UfNHz#cryr0^7+g zI%~0tbW0SsB+gQa{kx!ioPo13lf7#a+-?+S3tHI|gT?U(q+0oI_a5NoO^Kb*P=Dws za5o?{Yc!t%qmTpe7P%wMXW^>|m4pvZ>5aMNuP0sT=UU3fzu1zEzRWDwM6(HgNO}tL zwDlHhFMd0{Wk(%WkZVD2JAy3A>)%hdA1|6+ftVz8Nw3hn$?I zdzDySO9O4&-M1INQD@&#^a|o6>pg2(R=N+&oWb*F9*|UjOAK0T9YwDoPTE5~nX~4V{wvI?v{!IRk!R~aw&lpH<@I;u*$Em;ntQF-wFqmo ztGwC@EiEr%`gz_t*nL)jrA@KAhhWuvEpp$wn{6$Avu?J%=(UJ*qwC~a%3M*2IeOZ$ zd~VeiSYmlx6eEbG$^lRS;oLl^zJV7MaC0rOP&IPLOnxjsbkcn@3z~WK%ogtA9weBGTpw~2wo8CQ9(|H$$+J5gS zyNg-PusYdVgRND|$bKbir%2A`ZV_IpHr@S1SICze6z@zChU;HvD>8W6WGgng0Qfu%q z(X{pkUOYjv$*o53EYEuY0@xwj+ z;c*oBlSiJ?vyXmQcdp8Boi%A7{Pz@Yuu}9^bJb+doH5&{W%Gr}NhP4P-lVrTo!!98 zHjVtB6nGT{S+}x3Q4m*UYWoozO9sDCl$M@9SoL@G-Ba|7?Um`>J0??P$ss4adwSZt zI!*$e5GGgVfz@#+?_Zo>U0?1ULo0IF9hK@g(j`$gkRpsgwD#=)nsWbS@cen1h5z%f zf$-;_y~#7BIVxA3SyswbQrL=)q@x|z;abvjGwGiv=}nsz*lM5J(SOA^VGzd?5-qvN zn-E2BwFd@#(aChA7{5s8x440fcv7kx2v3-6G?t1YZN@;Jst0B;_yqkhS02A!Z=C$u z?Ck(O%kTDSEx|p1*mAwY28?R2+k&=qV^3f9p4fh#{uUo*9pfOLRbP=ePY}qqRHSzh z>v&@?ZeCTeT>QG4eYLT(21BFd$v;mK$JGkoY79qKUoFC+Yz^dH!|maPr@)b5u-o%ggh+YSTMICl_nvdAKt| zcJsR3>cE#hA-7BL&P|{x1gR5=`*Cy=aL!B1I@)CUcX^NKvfJvGlF}NiJm;kHI(ds_ zq;FR*x@xnaf6mA~ZP3)o)FzwpiJWyO&)av_T_XC0oOPS@3`cN(9it?*>AyXzZNRj{ zld{a4Tx5;xn<=~~uMhyoP1jVComC@pf}9uP9A?wItU86YPGhgSt|!upY9)FO-ZGay z=366p8>(h=YvS459dq z1tTYpaEt}bW|K6BSaRpV42M&X-rpLnrwz+uSXUEnEh1qtv5okH&-0T;8<3+s(toz% zs;Z^+U%5okz=|S*w2}(fDzKFHI`irDG5L2pLaUY6f7ilI7~GF&-@L+w6r4&dB{~p{ zH%b28ise!6Vv972efWv1kAP@XUOL$ns9f+L6;KDxz(ckERo|t zXB06<3z`eflI57RYkK6~lQ^fh$uRlJT7=8&coJCTG5{RM9Qe zI~+c;zS-mwC69E2kq2!|(g6s)TjC%H`R@}T>`-;+yrQQvPg16mo^Lim7UtVrMrJ~< zNoq0xSx1chq$*%3UKDdlW$8twLW^o_kCxt$4rd3pJ-sexHR%q%S;(6@m2u(PZ?c`X z7Dq3@?>55g#l-WZA-Ct>d2w3J{Bh&P#VRznBk~41S>EVf&s5g+9>6#AkNC*uAgsrh zY&C*DU_v{5o;&Tzm^tg|)#fVrRnDYh3v@ZtW|7)X_`ofBkpUzK;pXWqDA5ZDMav>t zHB@V<<5JSjUED<-$s*5|fu)r%6L;?m#;YKH0fb|BDRL2Tp2;(40~|hU$?!%LjhW9Dv`L~!l1rAgcTJNg*CkBI>ackah_<2@R>w-K zuC9gK@gt2AyM4$?f?1c1Ce=%HePvWz&lfH365MHU2*IsLDIqus9vq4U8nn0-S_lx_ z-C88LYq8>#U@cy(#htbks8QkZ`>*%qeRv;c)?Tyjx^wSYbJsm{_Bnelr$14O=zA(N z#7WcK)_~O`{+hf6_1HT;5#!sI=|~|eO}Z7L{>7G~pEtUoFOGXH{qd0D{8^`ETFP9# zpS&Yq1AFtd18c|2g)qwo)eMoZ0$13eoYW6kLh6m<=S2eFQ+Ig03kqoJsoY@wcArCXQoXX{R;kGZpEwgK_5jy zeTr~tDF!uS-157V8v=u$hPmJ@Qzq@w+o&_GVh+(a_b*&4uC){dW73>;IR9hp<&;e= zMdg&(ZvSKK&5KHmuQ3g=rmL6e{}}t5YH*Kp-W_A_ zVtioL&Bpt*OX<+)KgQm(vqz==jCU{;7twYkY7R1v<5by98KN8gUmj17>%JnQfMS0ys< zhWoi+fO*f`_sU-W%l&Dk_LQ=L`pmmFtY~qQM8UB1mD_43TO~Z<$j*_Sr7bPrgjE~n z62)IYixg)!%;i+>NV7?Eat-`kk@FuPP5Vn%fpcygHg2*eH{J2N#k)D(A=&lS1L}c8 zi%{eh8P@;gg8nf$=%PQ2!)q!fz$~0lwUXuKMu22!tWN(cu?>fuZ^)|orW-ENFTbrx zvi4%BqBR}&f`%Ku3(l6uPFJ%%?~neIvb6IiX*aSVBT(9{+Ln35APD)5;oJDHlRU;9 zfx(tuY%@)>|IW?a{KvA%tB1Wc*xlcIUk0HnRY&nlma4$NT^un2AGK$n7LbxYegE`t z!H2;R3rC-9`(CPF5-E>wIXUg@iyG{jezjwF^(GhaHCS2Le6 zIvd|?$C&Y$ZoqNGWH#&d3&ASO`#u zlvkb*!T)bpz!;e=IA5sy-{qjYhLugwG0qOS(Me3#am&=0hu!GRA){33Wec(e>3$`) zY1|_(gz1}--E|dyd2ViI7t&(zN>qnzPWk)-N)*>2TY@LtA-m2?A(kSapsruxRX(?X zs`zgRL?HsN;uK}Sn?>oanaKzj{Ws!SM-ai^Qm1o|ya8k^#v6brxSK5}ThLSs9G{#Rg6BV2 z@r3C{$5GcU(K}t+q|nI-uf&>8v!e1pV^mQP4FPIuDP9)?gpk(Dzq2bUW_rqPx|1;Ay&?=*EB1-{gp6^AY&QG}3wty4V2%`~T>6~;#dHInEG|ze#pLc!To#2W!cawi>54aMysHZ4e zX(VXMIkO-(6t%*CpOk1G<>nsJv@gM_rj6=PS_BCnfWLqxY>?E z(A+(jpt4gBg6-F04vkJKbn9?E+2FJnw`fVoH19~Q%s$%~(>t@9FiAR9@D=6=Odc_# zP-w3Z;(hxF&vx7uR9b+Yo@3gpReMYz0nKZuAt=JVCK6#;(Qt0&iZ;(y9etlD=7Q(; zO*%hOz(vxnQaV4A%LUK@TKh4QXd(n-@%^0NA$=lxNunkiWEO4UVXj$YX+q7@=*m=v z)R*(IJ_7kT!cXSdVgfo=P7LvCS53)5jb1c0X5c!a{FOF5@R}KU@=6mPsKNbS+=)4j zipp?WbTBUZEze2Q`R<0;v*KYEwMJG}T4e_LB(?FC5F+WFcCzf5)VLS2B$PcZLlwF{ zv{7;g+2C_b8dLl9Ky^PB$Ye9Ewy<6W6d;_&Lq%l1b6?2(8RZ?Msif(e^tS@ zMqH@&mkyt~>qyGW)J^DbVVREdy>?#w1uXy`b=7^E2g-G3jv5c~2|D(P!UDuG@BwpU z3LC6Uc6t>54eZ&_QR3eNK!JF*8dK49l=K6GD7~QEXnv()0@j=$PTP6%MT^OiST5s9 zo1BqqN_M>2hF3le?MojKNO;Yw2!zZcPL^nTPeX851}hZAB&HY97RyoY`xe&Z zl~F2bu$>5lLuQ(Yw$c<`kpvTOe;{*fqTwkvPp>`)Yy8!$gx|EbGYkBy*#K=8_GzD@ zIY=$_HEVx`M`19QU#(o*k$<`vziW5xbi3fYnI!0AV`_$oE^)>F&gn&hxLGNsL~w|< z(~wMWpz2IU=1=mhCzDM#lG=?S54nS;7_-#IMK8&)D$?ZH{Q|TlZ8PffloB`M8$Ch! z#mEdtAv#1CrI_L&uXb~Yp=vC6+L56)1g@F^{^iIZ5~{D7z%S&)Al$$2*y;s>!gtG^ z9wJf^zDcmLhEGM^Ob>BmvxTn{Z2ZDuGuZK>kl5;{DbahuidyuJ^KzAnp5qzI!|gLI z$&fe8`ru{bHjUOq6F-f>82%>>XnlC>EMO_Iidk6NRF|@$Fo-#x!c>ZKtWb+N9t35h z>_}v0)`?~49cvHm<+(qqhi;O*H7Z4L0vKct(qe6WRbl(t+RT2FUnPx2UQ&%MwAhn> zN#wNd<~xzo%38Zy|B8Ciqsa2uS)0^l2eE=IN2#2>r4YR;Z@(0nm7!BDdMhzYI8yrc z^bUxoEOL4Y94E^596twzpmF9ualU+=L1Vtt9-clUB%sKDPi&IcBP7!(3-W?Y*HxD} zl%8MD$&}xvI1#0XGBH(m=}5%tq5SL|T(FryJ>hTWvyvo_k#1+HVA)^gN%mQaa^n8P zN=f6z1W<-TM$64ZMs}rzu_w|moLN4Mjek@b$Ow{fU45u3e8{oS&rgBlOfs9fA8%5* zxXt&t$BgSy(={;s4>-boJFk~PH7HX`&L?Sr_&fr`lU_I*pNZ3@V$8@}+_#e+w{q%? z%An3#N(V*g5sGlg*Yf1tWRd7eC!0X$+&_^H%m@e#R}~C^tL<|KVEz%tD@9)KHD)5b znBJqhY#0=NbR%rrKf1zamcE!@WRIKy8i3c&1V4t|TME%OP-i#$r|$YIQ+J=f!gDhl zE*LgW**b4(P;e~pWK64SM%q}vHr$Ur1XRj@txN0kcFYvM=5b;50-;%3btsn&p06v< zHoah1&vZi!pS^Ht$>TK1;}!6wDgWZfi7|95b@_xCHe>sUjVh2sFtzV!vxn%4B3kw4 z-B?vra*GX=L^VF<+NN5kz&Y+)2^nkGYgJKqG(4`kbIle=OcuD7jP;B~{Q5)9)OAOS z(+9*W%=i`r%?}~$@yn==g#4Z~5+_A^uX2Hbic~DQ%3IthRoqwS9alI>eLG{FPha8c zh+-DVl#y!0Bng=xQ&8>%$nD8=&UA^-gmhe(SUi1PEykD=@Q(^EL?z91y9^gO^I01M zy=W}5T%l`E$O*SssKrLRGDxpxt{acFIr!zs_0aRMBJhzqy+a4ZKm^-th6YU>QRR$L zs!?Le_q2Bu3HxZAlkgMki)IU`Ft-!89>S+SgOOGttp?P65SbWPKw{3Mk}`Xc%6qh# z6I<@T#>XnqHKjw6CxJHGtxiVzvGNKl@(B=CTs+&K2L8@|yC$j^{W9R6y)4KeHG0ND zY@+$6G>vNXH0R)c+x=B)jK6K{sGOC|>xvrcs>!G5>dVl#Mr`26tL!iLsEUStFpXC~ zXMH%%UGrmud#D6Mv~@`{whO`=?`Kf~&(i5x+jo_v^BbP%I_fp?M(gw@Tt7W!`w^`y8su_8V2#iH$Ml}@Xo!)E9!9rG5Jb{y?fNpoiYf7HzWU5;%mC3NZnTI| zVQ4scrOK&E>C)m4dUdI}%;-F==MU4fYNv&x7y2s-W7Gl^^dY4xC&CC)OkYjqpDy}_ zYq%Yeeq5;!d9G5uxSyGM<5=RyGr14sBLad#UGUuam9J=0KWc zN2G>ndupreOLq|7$IG34a>t$y6=)-_g>9w=&qMA^#L0u-fl|{aSNZO{wpR+$*a07D0glDt^`#FZZ%U1N~L} z!W#4T7^amKxog+sbzJAQRJk)bIyO0}MN0LZc@)tLoa7<^y*(hYdITdD@7;tNg+uN7 zia<;v)l7dQ<#i%ioqn4#Drdb=+rX_u?xk&QW9a^pwarz+f!Ez%^#_jAq|hh?$t{A> zJ~S15isXje0S53L7`_8pqAJpH`Jk2t>`8@etE)Vmr81FI)XBsnpDDU@tW{cY7_%lt zHU$$!X4V%7L|eLf7A9v^GB+|+Wc5HS@&@0R>Q_7Ni<^L76DA{;Sd+$uxdPU zuZKLNYLjsRbNX2x-wd_;v8NQFf=auJ!V@EnBA%ICCTI` zN^HpF_eX%1_p-csEEp`ZEZur;hgC|i4v||DuO~x%Vx4ylPu|eOr>p<^<2~la{)S;s z!)^^sDiL@v_vOY)yCuCOg8Zc^8>2qdfd^53c6MS%X6P?2xFL%(>144AzS-HXu)|f( zs(?@9+b8%hBu2%f&JY-i?EvZ^@(#uyC3c;y-m)7Cg<6V7%cU(zjP()vOLdfAlxthp zU%?tV4T9#~yPgzenq`;^zUS{C>b7lI?);8eoe|0&&QTg94sreJ;?p^0gkQYs&(^X3 z3%8)#7yH!CK~_q0>Q}SUAU9C~wOysvx91N~(nWoG?dJqfjgYcovG#5~&-BEZdc<8h zer&slU!Pw7A<=5hXh!o(?Hd7^IDUh4{G#Ux1U8N>AV#Of{Aca~wPQNH4O(?gZOx+= zt2kp>5*9_h*aS|^Cl~2_*_OCr%Cx`;-@i?bjt5n$6A+bYo6g<#-h|eG9u32$w;uu) zolksY?I)iEntGi2#O9jiSXT+?qO^fBOd0hu%5ukMBnYC);ozurX)8@5k7TCp>?DxS z&T!qI=QC-)-^G;5Zz#WJz&rA*32E_0H^@JkYq$f24M9)lz@aVPiL+hJi=wmt!bh0P zjvr5xoV2lZ*DHUQ|k>Y|j%Z z!Pm9gY-_eJK&FC?8dkkarS(z*%X)d0hSa@E&}WTiMM}%1ZWjUW+6t_v8b&kB2wqE= z7_X26nHakUpkN9L&}`ZT$YS0CunWU9ldroAY!~*VGxG|7bu!}A$=TIPCg1SlluV`! zxoX2vP_EcZ6K&!Cqi1T~(y68)P#n!apoITL;!{rtWbvIB@vk{5+t&mNQtT$t8_{Kg zG|fJ$)=}1ydQ{>B*gm8RBp;9su~Bz>3&}ImBkT~!z5)A_^W2LOi^{Xe_?^bqXVQz= zd_H5<*a(yuJv^Jx-|k%AbGZor6hhwL=GRYE+{7Uf#mxNT{16T~a0>RNv2HzQ4|uVV z3#e-+kc+viO5w`}_mI4}Q#{xnLDNnWpR#$UMJXis=HC8ai zWG=4^W&JH@+8%LA6J;TKtfQN~CnrHGh-3PFuu~25)iG-*(B^f?f|esUR0y(t<-^>v z|8{qm%Zwhm;*>G=dnsylo?T=< z(L4mrt)V;@)Z%3QZ=E95-q#s8P(Dfj(gatO1KC9S%ZsX(C1lOYyq~Mv+k$s^%J-z2 zU(&*{$hY08CTj}PB~eH6?SFYMlGK(I60vIIBpHlN12X)vqCqiOpXElNh*=jgf9$+_ zr(Ta_tjPyI=4)4C%Ab02{)`n??+GeR_Bh8IEc(=h5vqjmJtDqAR5{g*5^0o0L?_&X z)&s{(-r0?Meg7D^X~JSZ+8DeSIMXlDyt8c1R-D;aAPp9I+}7Qeur15NxHP8+HkT^$ zAa&0dAgRy)=0YIXU;G-BJHMT}NtWj{>GHj;D2FU}a<>_6>CzHo!}ZN&*W3!cmk8$; z&36%;4(VJbe2MFXu;pgTSZxYw_!LqSyQ2h{>+@&j@a1OcqY*PV*UzaX9yccVDXpV1(`vM8EaFLT!I^ZKz`H&T_$Cf>M9PqfcP=ilZF7t>DW z7jS75Jo~ypOVql{y4r13Vs*^4HKg?}-?1!jlaNDkCo|SMBz~Xj>wfsp%czVhduthM z3*|{;&D8?7DC~y+mxB=q2Z4plOQX_Q7 zH#*UTtMR~8q*>n8NaPonYKl{WRJ8gs;ivp@b%D#y9S<_K1Q~+G3lLG2*%JcOt9wMe z%}l?VKG{0?9XK*8(nY5CvsJ!&EznGkDku2JxEfF3H@q8Z-;(c5hTp#+MDS8Rcv_2b z#J??;U!015fFLz$hwdzu8|c35;j> zZ2XDbpa;n&>5C#fN*}7sXb~a~mkFhe4GV*e4!^DqDa=n*DM|wtgot$w=gJ0e<4Ioq zY$efX`oSCNYX5B}C>Xb9TubL7^s0IfBSOf88*%q@Xr0j_?v~8rv;^hXM!E)N5Ke`{ zPv|xLlr?`*p#-?tz!DW$$peFu$l8N-CWiynqR5=@BTQlGih2LqAePJN3l( zsVE!>Z!m5?dG4TZJ;Yi%4+V7gO{2^^-r4Vv1mmJ?0>Ucq_B1k09VT3=MT)iMX6tpS zneaq2V?8l*ZJk5qx^2zAoGQH*neHjW7;hMpWA%M*>sndSmm2;~HR_cMr{SPkw^E9n zOp^<@C7}oqK`xsHjdo8^PUQ%dx~ojF3qu{4&YNCuf?fYBxCrLv zCK;`B(o6B~%`=Ug7Xg$mmqmDpFSWwME=7ElbEm{i0&|`l&iK{?1?5Efo+$9pQW!N4 z1%GWtK6m8{^jp5d`=Ap^r_MHkZ1)_0aEb93dh^cjin;R+Wih6%{1d_|(`WzXc5a&j zK5EHiH~2NY5C&FNx1@>eN08+A9PxV2gT!m@?ZDv5ZWiH)hwBB0K?~xFozJovTs~t( zgY`qTVTR9+jQEh*_D+@A>*KodwXgSe5;~{T0E=N{shRE!tUTBsa}ymx25DhOfax29 z+2iUY;`yNYgMis*VU}}Vc}`juEH}pvkWP51BD^)u%uQUhigekZtV*|7{9BfrL7N?x z4bgLF%eqelvo)ZI{eneLhR0g1$M|nm{+C%v8uyHoH#bd(VAzc$p4@g3dYofl&a!4! zRgx|GKv!a_)>c_0FRaKupw?5lwySYDi`anxZ z_X9yij5U!a4)@_E?-%K7O@o49$-8*CMY<=Gl>y>YWiauw`N@GnT?Yzw9qPOD!FP+KT~nm98x6!PZV>SIc9n=bMW!mw3}0TK9|O0 zg}A;My}<>za1M8od8NWhRgPW?ynZPzz_fh9Y0hzAI1JTXkY38+tQ!z}dHEAW|Q# zM`qG_$#j9#H6picTIyeIE2PT!6n}!i*VHSdsjNktJdR1QZ8)vps}CH=|2a-Ds5D^i zl9f=>_^p1AnOpqBVD3y{;z>x1O*WxIb2BiZIV${M6(Bgh?Wn$xb#(YEk{T96V*H+C&T zQV%W%65&3e#3^pWOX1D${(I> zFkeaGX|V-IQ`f{Kh}Di>8a$83faH!Qu9_aQ{?=+axKf^?SE>93+9CVugVw8s*FVZ^ z3eUYOY)(J_Hky4rxPfB+@SHjEy}Wj1w9lIE?{vr;D+uz;jGk~RnL6GI_%LYKQ@ORy zyd1-%kNgC3X0|4mHwR~T9wb|#M6|40afi=jU8DTk1r|TpJB3X`Fu9+;n;>G>I0ZVa zrz{-mUCTB*bpz2r6|ON>KTy`q_sbt!xLfMD{lQ^;tBV7)bxDQDzo+SLi(aiEGVV=#fBvV2 zJ@@`;vjOe@sH;0I>@|fuVF~V;!xS^4VQxehO{8uG#_*0vgt z?F`zMq{FNbNtnr64ep5KmSxtryyP}atNZ!)AKO+67wv;2?*wrKxp@Bu|NVV32Tg3# zm)S$*{|o;WUzJsId!vv?uE__pWPXE=MS40Q#>hv$#-7>`{)i&q_eDDiJ z)-VUcsnM;jwV7T$y{>0?0wRegPRp|3&R-$q1R=fTFyOf=p4n_^>0a{xcT&Q-@99XQzqaVgn5OcruAlbdz70rY375>*rK3JL_ci;@zqr z(!EFv(4}h5Njfc5lvEQ-Fb4I&#btPlINlt>^LrN`TlyI_|35L|=k-(iOm&_2(7;)}A}+WQz2_fnI6U6QG8>aj?h?kGH8odKzhs+nYs2Q9?4 zHOERcZScho4GR*((#dUx7I1u1)l_0~fDeqK3z6(~5!Lj`VJ&cYQ1OoH5$Q=h(7}+y zE0w#dB2iSv%f!bhe*FGovQts(uI;+QSkE=)Qpr+r4vag>>Cv7sHAErwO$A3`DZASS zZX20#mIy@zq?9=UkBtJfxq8d7MVJ&iMbfJDU*js=B%kLfxG_KR+w5txQ1KfY;TPX? zDF`TE6;kd%s^Ly`nb8_7R@-$aL)ujBh=c&$AUvl#tWPXjNAs0L<4K`AM+ApHqpaqkTyBk8 zo=|0qOVk(QqjM@bayO`ER%00tM1jb+?1WW3zsD|>?()Qrw{O=Q%6l~IFG;5Z=?_VN zq4ia$otlMjzS*r^WYsbDP_jZER@>Pn%|scfw0$o5X1j@V6u{);*u_s)#~Z~m2H+sW zxF6C4nXiQbb`on4j$H`Wf)yNN)XhjpG>s4(K`lX}PGSCUYi` zIwNrT&9-`=&kGtNHo&v>h^LbDyi3H^UY(CMK{tM!`)sHB607h-3bM)j#e0wE1}2L> zgjXy{Y6R)`RVFV4MI&|Eh6?KDh}o(rc6tqxr;JO#tbjkX!s1z7TKMPDsv|^u=!-FW zyouIQ3x7n5JDCzNOruK_;^&lQNm8zc3efG;nIZFLSQ^Rn()72r@fBmB;_TI=qA@)C zq!&2O*t0_ZYzx=GfYz~#y6+wjCT}o>T+Vd>RT&wvC*?7k?}PMLLeICDj)HtkP=s|a zQ$ht~pUoJ%M$1#sGp+gYEJMoqAd!>?27+`&VrO%Z$@Eoq!?+9#)$tEoLRqF0OK3T9 zLSBN`xU}pf07>+hgD3*{l;tclby#EAOj1KSU5Xc<9^3*%0IA7%2FjJ@rh!A65geLP z_DLIqB2^8jwQh6*Kf|g_+_usI&sTQnC}JMa9~miUL?O-dD87j1-eVT!uQrwBE6rB8 z(ksc)GjEoW1cMLgv&b4Ioi}ojE-=T;8@v)0Ft_$t{AW3Ii61bzZKMtdk%=`ZCm4^XDvJlU7vWVh7%iBv3qBq z4u%Sey+_rcjD)JaWLAxi>Z8X5Zmeruykw8!+75+rCbq`f);kA3MeR52?CSQR}@ zvR-l0OuiPlB)EZfd&Bkv@ed&$1bvxi8H1Dnl=v~3fzdKo{0}p-5iSmPn^#Ef*yO$^ zSD?E5@#gaf44z%vB=WqgFUUHIf7iPG-tb`{|gB}@LUdxNXXs|L? z1dl?cXAOnbqJT4c9NcHTAtKYjQC?}b*;r0m-hG|`Yk*1ZL%UH@whjKW#RkWt*G@f1Kyf>8z%`?lWmivIG@Glu zFl|stqYfSR`vqh7at&p>#w>vILoAG&4l*kpcDnM8(==;9%O}%~9rgw_UYM?xK zk1n?JM7Vj0JYnuVL|(XC9IZx14(PW|C+xKp{421)q-&DyUI-Y{>vC4)T_C1|84y-v z!|+FhY$`OX?X;4cH~E!LajDmB~+~ zpooq@8StqRE>v4yj~1jskaZ1zrfN~+XM@HCRAQWk0b@CZO@1kU+Kavp@7Dvm6h684 z^4rIyS|G$`38v?$IO^;03W`tfi^pKM_s!U#4({%E5y;XR!0IXcnjwg z7VVMErLDyqWhQ2~QtBd55Hm$UWbI%(7ndlVU$R}8NJRr{ANI8hds0F8WrpLc8IS~{ zs!SOTw(`|LXh4~4Z;c>T4`hiZ+0?~rAVg2xGh-8TMYnXQ(qzUUqe{ z9b{tAZ5X0?bAB98Yh-{a8m7E^+FvH_hA$IN25RWmSzPd&Ig`dpHzBR$gzM$*~ZfS!dkEGj%+ihMR|>RR!6 zE^5l}P-HSWi%4qK=uMZB8NdF$!lC`S5wtjTm#nF;SmscOvdTlK+lr5}<-wDgx2tS| ztc?t$*|A6z@r@Xc7B|E+6eTp)CLS%*!Lu6qj8r6DWus68h`RUlIaio~bgJ8ZU?6TM zki~`~ypw88;Est4M&g7ykI9%asIZpkLsli$5*;CWs={iurds_j>_*U50wH<%8q%^v zk(M`70yjejRRuvGD#>b0bA##}sl{scjC=zw&U1M)7McC`@ScCaSe5v^9oe+_cUFh) zld0-ZomS2}%r;Hbzak|zVdJu3QW=7WkL%`sua;hr74hb0?M!WdLK3nO9M_RG5+DU6 z1xDqmP?F1-w+4`25|IZQVi*yqJ#cz%Su~xMRp)Lshws(47W9@bDyDw z?MQjmj^A)zm`D>0#<*B85yzi!F?o(l)PYWM;G zMq=1xR84sW5B+S$BQ$f(tntAnAIf2+z!Zu>qGKtb?|pzl3Sbv9W@O~!#o>lPO=IFD zx!~<@>{a{G68D9S-aH8o9iktq=WU%yjawgFC;MT@$&pZscwWwo+o2#{w25sT? zYR#<%R}67+q}?--%zSB%%>cR};DeyD`UTyg&pJ@)sQWQvL{98h3PUVEN@}jEL=BhZ zbQ)xh^Ni0Fj7gnz-`p2Ct|1!r0ZwRw#yIEj06Gvdym`zH4lpnptd9`D(xsghGAHN& z%`2sbpj4d(n7EUrIFRq4r>QCr4 z%)gk+oBa!D0Hfc{%q&H1ZlLc6)mTYOnIgE^tGuWtZ4;XM62;99-Bu@c0$j)Q5!AT_D?Vc-t-{x`j>2mSe-Iz0uXtF0$m)IK--EworC` zBSo@KV7ezBhIqd~WZ?%-fJNH0IYO22jCs_Nt!a_C>?#q5Q9AIjFWrbkE&(fL7qA$> z1<4z#PXw(p5wvSGokre+zi9?sr%?Q%$Murh1OacErK}VZI1#2{&9AZoOb@#_0@mva zs3Y=u`9Bp>`BD(IIXKhkkYu)(QI%CtN1z+;`?Y^)p*7w@>b?DX?%vFPtp3StI|#O? zo6V)c-0Dc(|IiXo!;#ghsYY#+%(qhAoIXQ96ptaeXSXnpc0clq2o{K_9tAC9VCW*3O zuKCtU7?xK=+L#x2NzD=dDpD5F4sj&j0C-+fv$LKrVdmD`km%)UOhK{EK{fSi>^##E3dtD*DLZ;INudCYL+$|bH=@pOY_Y}^Y=a0 z3fkrm5%E8ek=lvy;vnm27gc*E7b8qo&g-KKUCi7sbLK!&bB8Et3Wuv7nv|7Y1uOSW znq1jUB<9?#R-LghBK&!aVdT+A?RYQliKV&IeAtsI9N(!~)nkMo z?jfP`DD>gL-HC{CS=XAA%~elO3G>u6w^Q$iDm#uRG(=t+8&YV|&q&s!KfIjO9l+Jq zW+nvU`^kA6g9zNLOu5+S_Gs-)Nt=0f(w9$^k;36|$rfLRZux({`}uZr>Sb-j7Fh)9W~CCBbtd>!I+Exib%-d8X?F_+p9H#4vp; zYjE_hAxo9&NN=Q;iV<#e4r#y#L)5Klczk*LN{vygTxsDJdqlNoxT^GZ z*AB7rXli}?*JROIyD5s{3p1^~^Kbc|{w>cLNKE@hr$+Q|o=1xsoy_SQgZzYBYYPfE znHOB$(>YAG_8C7MT^qV2IrWSdlu4eA^`jVPA5Rw8%H{CuhqZ3ILv_u8DbXE71O_&& z>aIdgcD_6`zIyma+zDIdOVksCx2_HhCUCa!K`66Pv;h^IIt<@97K{*Jpl?H{H&a1L zjo|dQpMIUR4*jqXmjOO~!sC9ogW5^QL?HXw)FDLkdqhg}sPwc47N14%C^2774ghp1 zS12)-Kxl%QZrQwGk%WljMRAAWC0ZpTk7}@WQU7fr7WlsFpp1HcC%pkh2y7!XTQ>U{ z#W=Z;OQ#i~a4R@&A|Xl#cs$sY_t8r`?2S5xJfVt_#i>6CJchAs$|1-Y?QnWGM;EKR zmGyY*F>bC zzg6XShWKhbx0|{-Kwof|Wa4Wi?Cvw%BW();PkyE_yq>+C*#7sXeYgu+oX+bsL5rgB zRyMr;X!~f8V?f>b8*gYift#lNvnwd)JLvO^M_YgJ|9oNV<(gMYZ;%hwd?Xa%XOI7r zefOR}=eWdVUf$iqZ@sL3bo-}XqvBlpjA&}hr1<&st6RG-ZdYv6cGi<0;%8z6+w%r* zF^nulRSwjMcpL`VhC-2*t1eNKjUg>Y_y0_~_8nwV2Mh;%eD?TamN1T14Bt12IxPzo z$xCLd-dk~REl4uXHaN~6Y_yaqyfcktQ0no-cpm)o2@FvTdlmfGm5BCU+7DXor@w!* z+yNHO1-Zy&^Dye7xqLIvktoCG&!4qh!ugt?M+z@>L~Gv&H+H=K7%U>x?jG~rt??+ItqlI1>yI||$XOyUe7F`W7OH&O1i>&MdC zwt0dxuOfq)b5{nLJ`I+(l=pp$4T=~|e=1{Hm?FFDEIxh@rPbi6n)g9Ee5$UDih5rd zx?yHZX22iEdAV#uojRc^iwZ*kx@RV3*F`!RA{IZIdlOvysS^Hu_U~x>`Crk%Y6;OV zi(O)%S<=M_zjGGvKELie`D9=h=9rI+rJf1N~H#?Rq16ntJVu6Nwu zRHxurfSPg#`-g|1eQpe}oSL`5SU{qiT>Kth@$hQjsOpK^u|r-`)yMsef638Nv6Cxt zPoB|SS+H$CLL6lUP`x90H}Gp)vAVQm+mKB%nuXlxbVlYReZS9)O}ONzeWHV79*XwY zr!YsN7LD*2f?DZNu1uSN2qh8bN(8osh{Q~&ukj>Jm`6w4>oPiq>aS(?nZPI-d!Syt zfJb5Eyvxi!gS|1QpR3W=l1O;_6nh&&V|EK8>(DzdGJM*!*@@(YJh zw@Xx_i~ln*O{P?|cBMy~B}170ONMgp>yX|&U-jzq>gO*tugLtKlPcp8wFXv9s{;%_ zI7S+9g7HO08q9`>zCV27l7xNn_pu#pEpKyf(&pJ|Cxxfe8jp=IFuyao zti1jd(5oJAYR4p6h;FHr_!ORnleu7?(XHq0p7?%GH94l5T&S6(B|MJVk@uRkg8r`4 ztdztS``n2D9QONUYW|64UL<2RO{$Vi5b{ddV81DPLG8_BY%XBRR#>i2(I$`!cg@G3Z6K9VE)UPhYtSDY5zzjp8_ zxmMY&^cD&t5dU|Fvzuc6+?8ckg}2>IEMET4)_!UA^Z8~d?`+vm6Fh1`x;@$Q=0}IR zq3p7UG*M$aO{8Kkv@+JFW`ZX@=p|Q*Jx-Uk+_GeUcZ1&;I#n8n1<~^{zvJSF75dSi z7XEI)g--A`J3%Oq)%Emk1Lf=csy_;;(|)B5OMUvOzFu8MKZFOzsg3htC1|)+NS~b` zNAXnDGl%}^9@3M@m)px$XmRubFG&-otFQ7eXxKhY=SfVbDqSQ<6rdU6wOk}myD51k zl59z>0ma-bw6bK@OfpZS8xlmmTK`s+2sa`5Ct)xFarigWP5cZs6Kwcr^#OG>4$sKG zdid+`kUGCJ|B)5T&UoBj^hduMP^9+FtbK`vw-R5kw#ZrET}?zl-b{!?FZ(1XJEo4B z$3BnRhQZUy9(Nu3*=MiI&~7b#|M%#aOWVxtErG7qEidvmBheQ{{MLE2c_q1L_Yq}1 z81|FwCijm`%%{-f@wCb>?{|tl=8&Jq{O`SFiT$(odHjsJK*`sp!)`V+2XB5lq znQNn)K;Mnb;i3sWV2k;iUnTM@NYd5LJ{sWk)=@+IDwt<1bkuVhQ&>D;2U$+4lllxNT|T zlz*UJXImqjwz_el`r<1InN^A5;_rvpJX(lqBrJE#;bN0}Rd`;K<2p6Q^n_q%kmRHO zAHR!R`Kf8iKd3unA))eGCi4` zsOfBtyKqjB=Q}}=Cg$xeyBaJr2LA9+_!1WtG7#M+T((a{`N%LXDeI*CMh(9gUJbA> zpCk%*dD?7b{K0HmE!4#Z0G?&F&UMJDq)o?yEbkTOia23)x*De_e+s=X2~p)59y2z( zGF^)0ud}vSiPQn${rv*>d#=q6KwDd#tSSclX47~!8YHhH6ZNweBH1I~S0k$niViL2 zAnz!+2eo`6aWV>mp_Ae^bpYw|*~ivT*8(xPp6_lWcIV;ZKcRW@Pr8M>wWF# zHr)B|_~;NpZXqta1UmEy#HyVJ7iYEQuG4Lk4HLzwdt#tur)Q*2;Plv30RP;|98Q%Cmkl35LMtwZXgkw7a8CQM@QRfd7%0%Uf z*Vvs#yNFG@?ELQ3fHf{Y7qd|>NvA$Ml(|hCWVL(u(hf2@6ITdIEj=q&&JJ+Ot`nrm zsMslsZ9z_>w`+RGYD5%EM4FEehWmygQY3osQJ*d-Nj+AnORT!`Pw$c(emyC77KJ9u z`7OMl7AM%)@0M(hP>?lzlYTae>{A+f1bq5ZS_sUd>esp!X<(Ap8y3qKdxX zP5f{Zkrvu=Q;d*H+<7e4@fx2u6lX8=iLf~<&S@+^nKYP&QK*s7VG^1)B*KQzI8@I; zrVM=#kvC z6Z7=cX4T-+PFm?QtBB-od_X)Spk>?CemWVV5*YKY-QesUBCOF(w%-s{f&Ttw5R&Y8 zUtDozm7g^FOrDpN+KFrkr{!G2`S)F+z-C2?%6(i_JOznP;71oipM#%#j||N0rOm92 zWch4t1??HrHp!((ZWSNAi>9ekz^VSedYAdaf8vacctrXC08>D$zroMP1rydKQ6YQy z^r39a5Me2@FhsiR4hiQ9In+-!7GpiP(cUbVEu6!60kRmwIUbFwO-+NK-ZseA0Yioe z1#}WZYZnr2OM)1VWlMZUBfmF?QA?Y`x5aphAWhN9fpV5;3}sD%#8(p`O)*@^{bUPc zNU6w?R;IT2sM)0x|TB395U*SOpD}y z){yuu1c9_^k}I@(RMKupx=}ydU!;0Ah|tE8BO-`c$*#R2Ih1s0xt1^#G+V`zh%B3# zWmRi-a86`(J2HiR^eMHh6_pks3@xs&4}=z8^R zATim|m+U|+HfdD%DCS=+WZ#m-Lq49=HU!cg9Hq~HRZfM;C^R+=kdanf6T~4o_!4?o zQz64u(oj__Q!*ixaAdTTpL0PZN4I_@oA%-z1L zS<#>i-ys)jAj2Xj4U>b1b&Z@Q<)ER16h}k0p<6B@`@)j*BJ)Eq(sJCMu@f0%E7~UltE|X0J74TXk8mjBcqG1mO zB!F6D4EYPWpaqLqHVs3xEmR(=eKq&!G4rLJyjJ!qPHlzbA3dK!?iAZ$c#!|U=R{I} zMmr_gr5Zfl!?Z2)YA-Y~v3%Q44+C3<<8-aqRvBiOxnX|kyyJ%WO6D}5(?97>C&sSZ z$`|U1KOL% zL9yM?dMu4&5+PkA+oDQu52qG(9Dq$f?MORl=Ix-{VY-ECh{&l7GQva1XIwCTTN@%3 z3qxCybeSA5C`phV0?ygl`yf0q$Ic~s^)9gA+@Fi{K(;w97$Q7|D3lP0qhD8N)fAZz){L(%a4zFX&xcl_;Y(Er~ z;M}?i-+%aUy#HvJH&?TRi7#Fpo}7O7&JXABRZ&oskGHcPg6Uh21#O2Y>xN8+PWC6k zM7o$V-3~bk#$IYCNpDDJIY!Adg-ACO(lO>iF%U`y=JAN6Yqb9>?K{lZe5Uu(I<)7j z?k*-*ppsGQM(pyx+}Xi_i2SR$_d$_P@0ANt{rvO8>;y|Ucs~0P{k)gr{jbV|sM8)~ z#E;Wp9?{7r_+MNB?>z6tO5-?W{Xb?dm&D7rzCs{LSqtolV-%L{sAElCkr@zVF?= zesgv4CD>D^k|kXo#KG0UdtZ5c2rnNZ|9Gn39>)99>zXcQUWqs*;**F=DtjcBE~)0< zf7T;pAMp1W%~Yq2YW*F{)=vfm*$y%^=10?;Oo!edjIt6^!n5~{CxNB z_y7reB)?QeMM#bgH4R53Y1B~C$ql6t zv=0p|0)j#=WW^de^mk`JA)HK?H|WXoOAYcauCgrLy^Qjyp$&F4MIlL-lLukhHv5{_ zS9Y|WK1WF`!*3D<7biVzlI?m~HSUWqjHF$FXh#(xffhx0g3bt@B=RI{@C4a+^0l`B z!pB)0l#iN%V3!O-Z-9SZQQVu-Z>#5yl+VLTu1E(0=@UCTXZB3cFNy3+ani36?Fq=y z=%TG?Lu_a|Q8bNAk3qbOG~2XHmz>5}^5$1~;tnHk3{lQtzo_WWko@n};p^k`!T#ap z_3_d1{@(Q=ef!NnJ3c=8@N<8E@8^8HcYpk9Z+v{YcmC<#7I*O{;p*JKIW)dLi1u-O zcz^Kz%iELS>+#K?=RdUMZgsu8)PY>%)h$?|b*>2k##*j)KqMe0VF;w?Ff@_aDC>{y5to zXH;)0RFBRl*6S~^ElqrD`tkOge|&g8vHi>0*XiW@m(Q1zv&-ZA!@VyDAK$+}IoO-r zIG-`|Ce)B)-C%4zZCFF2t%ISxX%Der;ud(^zM!I+re!u@Pi|ik9@cMi@ z{`8=Kn5bXgUS3}A?@z}cu%?`Tx_JX~_@dw6zt;9YzIgAe{^>-$IeY)Z{(5?_WrwUgGRmmym#q@+DGX+`tjys@AB&V z-C=0`xSrh~Os%)-kFS>puh91&*UBgHt9f!TK6#Do_wSBm<>Sq+duD#~!|Bh<{o7BT zI=>pfI(#Jxuid?);N6ks@4t60u3dbMoyiRly&a$abiQcT*_)f=>nrWd@@DU14cg+1 za(?ycyRM#yt{&s_&u>13=ePdHw~wJ9qT7qRo0|_`MQLCB;d&Pk)qGd=S7$#^=)FF_ zonF3C$3Wo#?dxwQ^3hl4vwW%lygT%5bU!loUIaJTY*`agb zJieE|+<*N%ySWzP@apTG`>=dGt|@@BuPo>E@e1KAzgn?d8~!USEFy{Qm6j>g@WA&12EK{CH|p8l z*S9yHjf-HtM~U0^W)oF_4x9``0b0iccGa-AHlMe@x65w%wCy6^Qx%@PH8y(r#N4mOuWPi4F>HJIVUXF$1`HM??dj945lYaK|JNT%B^Xt10 z_wMXey0e9^(#6I7_^pCpyi;C%J{0uz!bNbstNy$^1+E-#^5fOR=eM8Dx%(hr z{J_Ge7xt@91`3q;)0KJiC>?@E-H7M!Ki=QXFD}7bK>>Tt*~5nm9RlEw{@cqr8V8p8 z);zQ3XBR)BaS+=`ySw^%@cs2%-oKrAcfiH|!}n9)y8d~18S0OQF7JI1qc7JeHXg6; zK5Fj#-6!ej{rIaQ?K{%#;qAw_v$?ltem2hU-q^+uvf25K`T6$4&%-lCxO{i~!wJOG zlf$pC6v)Z^srdbaa3UO?o_skvcyn++4*lcTkDtHaKpH*%qQ5$h;;V1|-u_Q8OY@a} z|91Y>m{^A=ADr?2rTTtbjw}x<<;Kc-R1E| z_&PW_{8DtwZ%_81JKk${HGMjoZ+=@>)2E~P=C^eEYh(i_hb`z(4e~H+u(nN8X34z55#o z^d^t*KEFNry7&FrKU)Tq)Kge&s&ZLXCC#RaTdv@tw3FeFISJyuvi2OXie>lBA`TQV5 z%N<-9d$GNHZGCY4H=!<^Md;$2|J^tW!s#37^ik5}(@Q*2_K^8-L_wPSG>{%bf$A>+PkM;Mv^9N%ZPY!>6^YQ1m!BjXzW(~~`N!+% z^`(DwKemrQyZb+tkKa8}@;`t1I(=t-urCiF_QmqsQ26oV1%w9YUryiL1qfd__6bXL+Qk^}J$|}7xt1nxg&*VZ(rfc%a{o5Ae~jPX&Wz6&;pORG09x%F?Y_Pb z;<4r&oE?6D9qfNPkuJY}xjPa*zd_fZAM}Us=dX{I-S3~IKzX-&hU6DNK7RT1V*DaF zzxoLJ5Z@g5U*5erli%DpyEpO8D?CA6N$?g8_gMI#SPx+*MRh6TI z>zjw`y@@Mqv1}@{8RV%`_;+u(bea> z(~D0Bd*hQ(z5Y2poV@*VVxAvblTU|`d_c!^8U1umKg#yS&HKafY;N6$GRhUymx*s?SGw)&7b>_e7x1X>+_G!JNxYG$(?khynS)> zcs~i>p?6>2W6c!y@4p_+y%%4V$H&i-C*1!eI{f}{PkMF#V8%!9zWJ}^Pj9~Cy|eHY z!q;yn!p-5eYCU{;^J-TSy~zxp+U;KqtQ{kl97IQo2T=?^#aPu7)oeK~uj z2Kej+owO@zxn7~A47og#eKZFG~y{FYSz22 zd#Cqrrb2kQKe_*Y4*wUPeZSVvzkj-Zcz^rgzqiph|8n~C&6Re%e}t8H_&$;Iz4^gA zvG$KXN#f7%>Y?yPys?ijo%6#3H4Kys;Q}e29$tK%t8Y#&zxgLOd+#np|Ij)Wgb$AS z;dpA?ACP^Z7w@kgrlEX!b9wUiTD^aKk3NR`#?Q|`-+li1L;ZRF7+lEvK3Ml<^#1MT zk00(A<#zwAEjrVS$MA*zkDq5V|NY*px$*PIJjRn358n9IS79$acYdmt{@s?p zkk$Qi^x?oc#gg{%g?s$<#iJwbAAOjAd9$Z@H@Qv-$qfUGRGU$D6AUumAt-eOZs= zIMU#A4lw^Aw>~Vo8g7+EN+P8O=E3)U-=3OHkP>CfhkT!l@4s(QvYnT+N>ww}yARty zXJzUjgK-DNh}h)gJv%mV=3d8W_C}j=vdCz&nOyX{CXCQK7Y}qfY0=blz}KS2i$_vP z7rkD4wIbvGT<>J_t^GJj18z?4g>fhyRkMFO&rZXA!2?a38Ka!mY9!V6Y~FMHA}|_g zgl;|7M^g?QR<>z*X0k3!R64dq#-95Aa9YjsrPiS{^3}KUg`AP>knXN&Pw{%-AhUXG z@YuYU9?x-SHpyjbxn;^j^;Ua)8pnEDvu)|5O>6s6+&utSpVBGj3qONg+5C2p@0RLmGKQeM)^3fpDLYR$nZ%|Z zpP{LtFpH*ww9|-KDXg zRtni%8CjjG-^`v!x6h6fV%B2=(J;7|oYg11ZWWrDd?H`AMuSAvN_W6*uWe)F!~%S| zStu~BQ)97h{5-04`c5=Zm8XE#&DdB(I2eQ9L(5KQ@5Gyvbdv?U!0!>LFYIX~B_ zPg{$6ygWsNw3j8tBOM4f^UcM|&N=y1WvF#3%W73iVJFcTR0!iqzQiSPnbm!1--+Q~ z);cHS1KT}$gMB95!Sgw8t~}=b)mRbadgJ=e5;PiNs&$WjTmds!TyXGd` z@oLY9ooswvX~djnuCpw7^}UDfoR&;lO>0~~o>%Aek?l+|OSs$pD6wdDvddL`2|;8^WHLXNORnc>BwHB_)P>n-HN07_ zGRWGZJk9PH_>=8ju~;$P(M+#+eCy2z^<*bz*xgM$o|tsBV>jR4rbNOkc2=9!-fe-A zL$yIE?se>!q0Rl^C8%5feruBkpDV0)ZQ#ScUigb?U@h!sNGGGqssW8W7 z3MR5~o@)z^UlyM!Ts|^97JKa<+xg7PozH`~?tC^%Ll>LFHn@!|J5`0CaJoag^qqZ* zbV9%gO^6;w!7gJuovgmxWgJx|iBmPDA1m_z*E^rbO1gn6vlly`hg$k}_0T2 zr+Tk;J~K1;w|nCA?52=e!U)||GCk}UVb0-lfV1kbooQ8)iQw(j=umw5cBR=kWI}k$ zpyJwckLIf{cWHt>nl#|TE4-SeTjQ(JiqaW_e5#htz>TZ4UTCg!3iQqyD=twEf|;#laUbhT^^SM!=)*teY}G4@*hT%8zMa~to0;osBt zpv9aW(zAA~WG#=WM0tKf`*zysA9pw>sMhD@N@?A5+a+B$j@{g-H@5mEwpx@1RS0hu z$!)q^9mQF_TF$QPyZp9Vi05W_CTd2JL&e4rANtau3dwG z^{an8Y)UkC-ubC~@f=I4lbpYs=8_wp?oaWkYi26O$+Y!JoE+(T>QrnW<;!(%u-v2i zbmGDYx#ek7D)7!ER_&yWaeNueR94oKPs)QywUPF`Cf=URKuE?3adIcyGV!PwB~Ix)?Sd!}l~aud9-#u#-=gN&UhdR`yO=dsjcQ`;=;c+jv)8o52&5#Dn-oBjE6IbD z7bgSU9zQfdep29+r{~W8rSz2NvwbC@=2ERyu2tY#8lFxaI*Ei{kS-LsGAB1S*O89v zyUo@CJUB5v^oILbf4FMeZntq-*u1&7D+{J3>BgzhL_Tp)W9q8CuO+yzZjN~?-LNXl z<}z0*cYve(@wQ_hZ2QzxEBPZ@Y3F*&+Okfme%zzEr?uOaQx8{}zO$*BIWC9G$}&A` z6$YhstUlZTR~ry*ZMNVk`|4vfNKVhQY0Ss~4Tj65saM#vxyl?}&2n0*&^zX;bKY9bsmt>z zb1OEqW#$*hw1&`8%Y$6RsJn|ZQub|>%BG<{p38|GvmFkm9pB>txxxv-_|wYaW<|oT0aY?B51k2XyC(-cmHv3yHivg3?R0F&KO&F!nRIWDC!cd~$5*6z|o!o`^#P7Vr-tafNv`Wjhv zhSKfsN*ApeSr@D_w`d9UBwg7BzXAc#a^sckO=Xauj{xtlU~1>~4I_`8n&(PqJAm411Vw&xW5yTcxNRw-3lclpR4 z#EPsF?+6GuJZ+)*i#F9ru|X(tgkU3J+b5Eo>i&O+#DSY>E3ZRU;WKtwH;cO^2iqvc3VjdE&bgVWZ+R5!g%OcqL+n5@sbIw>{^PPJC3sU|3|J)7q=<}X#X z+NjoMi&`S54l6X-^7E;~dQWS_F4%ru&$lW}kj5Z)+*C!ICHsfQ*)Jcz`e&~mU*~tb zrg}WN9eWcidh>WE)~d#)%r6}l<87<1qegk2kNJAzw8pbtW$RT?qE;&AnFdB(h|*#~ zj@9C}C`zro>UZ72w1TH`2+|I`?ZvIBmEo&KzqD&?=O=5`vD(HUKCQP}sOh!G5Q9!= z90O)*ok7{*-Fjf4z3{Y^o{)EI8n;;l3-7KXW$6+2WblLf@$ z>@Y{>tVxRLn3u53_~uxftd>nup0Dd>cBgf7+0&f1lQFNGTPD=hRvYb>*;d@OU+!7D zR$*FF3xh?TwT{_tnU6}R)5eRH+rx%anp)$yT`e7&r^z;XNX1eybWYM)b5l$7!JxMH z{q(4HSWmpgJZ5gaQm?JY*)-3F&WMrDv5}bWVx!f#n99#;=R>b@&T9TzR9$D=-=}aF z#J=H{C@E(xoNvv>+~00oUewQponF$MO`@FlNBU$IOAYr8luGHf@qX-&cDu>K+ca`m zU48YZvvaZAM-HD1(&aJMcil|Vv*@tjJB$+9wAZg?DptufnwkE>%R6amN>Z z5T+ZnL9RE7;w$I65}RG-Vgp z)lzcbt88;${g&TZFjw0Y$D@j1iOMw7+-N%vI=f#)nL_Ds>edgHjG1Iruw;9d==U_X zKh0+=|HvVR1LEChhn~wwc9yn|^}kvCr*PHooZ`V!iEh5bJ93W71!j zvJL0FcTsh5ROhF?_tkGAue~2{)<d^T~U7wPP9?gJ;P-{iUn2lYhUUDFWn;aIaN}UY*n{jhJvU9tp)*GCv<>91~b!V${ z+c#S6L_Y4|-rhJ@OtQ;YR@>dSh>ywkC<#27*HJQ6nKXLqO8tW8gi)KMYJPUMRgJd0 zD5ekFL~AiWG~4qn_`$h_;7L|!S0MZ>13zTzt>)rXBHs3Rn&`9Ya@xum`ZAjxW50qM zE0g#sG)oPSy-B`&DkS#Fsu7zQ9w@E;s8t3`?&#@gR0eu-vu|d~@#SD0+xJFAJ(*h% zlBBpJadYO0LEbIvnXWAkbCn}1$=Y#}U(I!=Wo0UeoyWz)w9*}S>qFn)Rz~?e>w#P>hHTb1PvsJw<(#QibBdXz zcE})2EADefPOrw(c+Q3amNN?#<+|hMG2XA057r{Tw!ZrF_~I}cpz6S_^;&Lr-_+O5 z^66AxwsAJ@?)J%8H&@DRtJ`k6l`9+N5gufZ*%Z#}qqE6R5I%MM{A9kg6ZuKU$(zKB z;q_>6sEkoJmu`?r50~3&qFEoYOoI$-WTu;gec|M<*0C%E^c*;9lk*%sm+t1R?qEFj zkJ%WQz?>7S70QdcSFerIiE_hlb#bGVGu3o|Z6foyag20ak2lp8$Yy)n8Se@1=mR@G z6O$Y&G(eM9aW|gX?kfG-ygeJY)aJfe?*jz=M529Qo%&9YDj%=bv;h7?ZLKfr1*@;e zaktZ6XX%I?>WA7$jK`hEIo77q(KJlCo0eds z=DgNlRu>K3TP>%?44?Yl80!wV*iVf&hhp~ZEOUEL-S|B)u=AeQP1Rdx=c}KrEb_Jb zvN~LlwU%wyxwfF3CNe_wbnUP~Y240q^-Ufe?967isMv?r={)YCd?wRP)N~Gb&?mzR z2P0zV!U(;`-Y&$^;nRUHT2hoMTVUkiAwCNf7+G1 zEDH-%LD87x!jtVj$iDQaxRbjn!2njJR4X60A* z!f~p&+KN+a+n}jTugAL^)15X4S}B`$E7Mw~KN>Y+C2y`yIj#-MmTsmCb)&gn=s=6n zWQF&7eN*TQGe1_n3M-vU!}(m_EK_>0`<}p)`X*zP3TmDf&Dm5tIbEBS+Szq>SOkAk zAGR8Mz8>&ItFjp62BT7TNk+MHyWj%jW{^iaQ#=AIhwD!A3_%j#+H)53W0kr$9(e4l zzaF0IsdKS3Ja*k$rnO)AmBeXV?WL1moUf_6JJwcem2I}Ud~IBAtx&JJID=DNFVE9< zcMU;cp<8xGhrw>JE#^qC(6rD#SB%XIxly%SJao>3ZnrU*W~-CNJ~0?>dT!B7ijFXQ zIoHe74xp=#gtW#Gebze3ZlyyH>iWRr&0g7blBk=X#C@^XV>Hq1(Da%vj&xdSW=Exc z(r+c#d3`ko4-R!kKg}xSUgUD^ZN$^evxUDAyA6!+pFhj`!9b2-R*JG&kn_6?4$%O~$#lwD)j≪Cwl>{u-W+ZXj+GmViWP*O53uS;S8;Hx zTtkMY>ReTbq1lR#iK8%zh@xqZWl+a89K(E2AMT%ng<*6WWHs#k%L;#l4trUU;mKcI zHiNx|zuwJ$1s(2B6eXEg7O3#Hr;iVto6L1BVkk0=R?!`s%TBSXqG7@;O*Kv1<`1`$ z3=)8oa&0di0HTQXda-_BGqK)AJhqNa+u=mh6wN>k=ERy}sU}sZY~)T1B9Kkr&KaJT z{-J4z%BW*ILO~9b8QO#>+*BRKfrXij5Sfkeb{cV%rHo-&KQz<7$uLjbH3OetmV^7t zc<05O;ko>G54^p2d*MA3(T7NEL^VUV4b@Z(V#v~2AhZl*RUw=U;tIIx$a0I(26G5C zvBMn2;wAy=a#Jx82tUD$I5y_Y6#C!)W<5k=wrG$cHQH#=Ktt#u5{E{F4M!U-8f^at zL*LlsFJa}|Y>%H`=1_zc2M&Ud7mI1w4|*ef=Sfy7f4=@xoyi&(pkrTNad*D`@^7{ty?SGM2(LI7 zyDL+ZeQz^<+Ild-md%&J^q`(^7rv1uWd4cOKUMV$qLy)OJuR3DwvE{eu(&KBW7-PC zrmHZ*h^BG}5feY~*-pp`dw`s47oL+$yxi=9;^6LX_K*d4^&;R`?pn zG#CAJ55UV4PczvIOFkqE=gW&XRLP6a_-V`J#|wUBqVrHb`?~nufB*Nto=*pSd7kvk z9(|ES+uX<0KmR537Uj5xYGD&2RkdUX__vvtSK?^ayBx0TT~*aJd6MBRVKpnbiwq+? z2C;o$F6b-G6tdE{w5NmuVRc&}wm}IH70AmU?3rMGP?}}2X6w^am|OXpvQ05x$j&*} zhb|@WuQcSRu*_vEtdR0C4Z%+p@&z><;0*=uLh>^tykSDM%sj_^YSSCy|-TYvXD9ph^u;t4iUh&-;k z2swf&L=OthI|iVUYVeBSj){o{?$HhKYo7Is1*v+cS@-PLaK1eEJf!GgvNj%&NT!kwuW_C zL_S3NlPp99i;#63W!U$c)Scj&$MBiQ%QHcnqVE&)@=`Z^=`}I$&i&)`L$|d9FXQjh zFR1l!A>RGf-{@so2E`^d42@Xe3+rzr@rH70p!aeb-j(Ds^*eH^UTAIU_#&seNlgbL zJ4M%BSy_i8g=vPN*vz7qODT3Ket5ANbpbxua=K5k=Z7CJ`#Klj?6nSie(Zvlk0yC$ zWCKavFO2}QG;FS{lo7jRd@+yd7B`8?zZY|y_t-4ry3rE&V1r`k-3ESbog{#uKG{y_6A>I_&rI5wu zQp*)AL|abt4Q&=^MGydV8}|cM_6pt~=YI8uFWoSVpVeNkk#?iAjxzzSekIaLo;MMRGlg=B`Ss>loQDnS#wV&y1n#M2oe;T?0nxEs3)o3VHrWh<{nvy{GJ7g_Y-O=y8GQx~B7%L6 zY$08HOw48;^JOdGbPGbQ1rNxZNaQ+&bkKro@gtGc{UJ9m$9yBfcNXxoGzav7N2h&X zeqjsoxcEc_XDdB01R3$V(B%@GG>2?O2+7i z)ZGQb=B4lDUj*V0X}`1xLXW=)v>#G`K`RVUE}Or?W}qKZd;fQAE&7SA)i*xR%~ywb z$WLC(Y5hrXnH~Lm=4{Nl=Bk za=*xgpxR-w7^wR2sv6q|d#dTn^*^pYx^$ew?Sq%q++K7u2|io|CO(3DuHOC5aTleH|=5e`*DShUZvX;!T_! zw4i>J?aqTv-jC1kyrf)v&1@mNN<4m^%kAH_uw_^+w_Ad0f4~3vRc@eUfsl`1zkZ6} zFd7d-*?54_FUu3${Nqvf0Dc6QLY}00ybtl$a6jhu_ZRtn`}50ZfB(*mq42$$QZvk8 zN;%eLf=mAq*|9yC;wkvNeP^QEfB)-S|NS^j2GVXYg_B<)V{&)z<<3O=ij0gTx z#(lpn+GfZLUj1}E(;$yD$P*3nK*P)P400CNFjRpkQVg3LitH4uFzSFn5sFR6Qkh{g zc#goMQ4YdC!6VyM*6tT(&=>a#3k!?+uK%e%-jjPRRT)N=x|FU2PK`JX=^ z@I3b8=b-<^%d-Gs3k~p1y^(+USpSWadRuQRj{@-9md_uL_F}$-7sJ-um;Mxx`r3o08@6KtF9_@qSp=Rd+@*$Ma#zztIoqUED(>0=Vm{*C0rZED6d)x zDY8SXXM097U53g=NAm(zLGcJ!)sfw;zvOs|RjL2M}VMFJ@&ks%E1TCE8As1NL z|NP9BOW6|S8_T+M`+Z_B-8CSUunb4TT-KHrFp0`!Pi{*#l5$mDb{b~lJERJ`SiGUw zTVfd&!;a=K@O5M>6-Tz#vMgIcfM|^wHZ^qTCx~@j)y{vjt|%Re9?DXQI*-8L@*67q z77br^YYMsX<&_7(pl#Z^u3*b{6uI9DR5Nu&Lz3GqjUz*Q7%XP z3d2TBwt%**pq~&(6h}ZhrW>Z?a19g0AL?tNBwpkG4WX9ncf<-dIiFq~uzfHDh^d2x z0t*24(;Qpj9J>m!ZHwrRLy3!n+1`v5LAJ1f$c$r!F&F$^2bi6Kyeh)dhyX{LtJ()V z_gDus1A;ap)razY~$-kO3>%)@MH2%=nF@OskluQWXb4-8Cc;2TM7mBL=6n0 ztf6~Kd;zPFTRXN~%x)Rwk$dX|-L6_LwdBEQ*{7X={kJqzF{NXH0GY0>gEI}UKemFg z9&7FT_0!=`ESFf!g5^ryRJm+p>navbexhHd@4^@`LsE@;_#&(3~$NsG1xuD<^BeHTe<*hI^5J0hf6CX900)qtP4Ul@IY+C zbgj$MdxA?-^HVF0)N=5r94vACrh|pS)(D3YMY9O3&jQwBvQ?7pVojJjs5M9Y2OTU1 zrbWX#RSaNQkQ9&)@ZhAlSh^`dT^lHHM8F-mE$lna26(ori^0etEM!Xy3SJck;Q&95 z3b3t~!;FV(1C+vxHy^Xn1drMnLNoAT9McT!l?E&zPxv#cF`+Tlwbh4I&{ycOe(5vx zOqI(8C2Tx&pT{USZD~6wmq@W3SK(9#@66<;#h9%jYF;O}j`uUj|M8G5fc6qE{mSs| zx@EMfglnbbFs#wHP70UqYq{`;hh6xaA zQ6Uu6b-9HUDhLc`$Xp>+R}~dPC;_6vk!C(aC^!FH%>tuARN3PK5rrWG%%gBMVqqZ+ z&3>>Q-3cCYZQ0D5f=V)7+f*=iOj~d;0D=RA>O&-%nBXg_vM~b%cPBCcG?k zje^4@J!ke{FoQUz0K6F%3<;D5R@I0C_oaH}pk_(Pg^{);EW?(~$xOv{4O@EBuyU6| z>|?7swSXBMY`;JuvVa2&uwsq_L6WV3cDHR?q2R<>fN)1J@_>QB+yy&Ibqky&ilw&W z3^2nWY_qsQnG^IeiUuK|!J^bP6<}Z|RGt=a5f~T{K?K&#vC%VxFtuMJ;3opA11d)ZQASI)03OtANoEI2-6dh*uIp$T(+E{xh%%#0x4>SBV26^q zQs)7ya}D5fbr5@7fMemfst)rKU59y@>=|w|aGbaegMvQNi4}-)q&*j=I;O+nb(2U* z(WD0|oIo2A&SCuw!tWb^HpmnxLI=23Vq61p;Fw8+3XU=}U_h)tfX+i8a=|_;AeumY zXgM-wbhr(;f$+(-0{|lh=s;mx3brD!++iUWS4?he5K99`+VbSJ{z8;p2C}X}tiXjU zx3y&Jaw<e>)7&p3$v-pd7x_|0VoU`bO5LW zU}3orexQsH>HEW! zrW8E_%0U>CGD3F=q6T%*L(oe!3V^1{sRceTC;~$=K7<=gMMwek84w46WRe#owm^?M zE_J|f1}0Ro`{rXE1{4X|P^I93)srgjKBoHCi6dD4O7!Eci8-h(XjKFb$;N8U(EX@mx z;&5s6z{k+tAfC5DzBIr)a}ctTi-bzS7XWh(+y?dwOYane%2XXgL9irM=iIhb$v9w9 zB5e;Cs-b}~0bWK@zey`49Vd`v&WVYz;n-5_uKF4@6j)wI!9Y=&1WKhtU_cB^g$_!N zXpZ@yxnKreSS73!kSI4EEs$`)G~fg{(bA|Hk~tEDKW3FdBq^iBl3F_O2*7F5L1}|Z zlKX{RV-5q_F&7*!kUP`n@~bG=XH!FxFI`Ypx}j?*z+prXBkAiK5?zES#L-+f{R^5! z+TePr2KW&GyG)=5Mg^k>!Y9u>gNTBRA_gi+AX70^U~5%%9qyn&9Y)&ovgK!e0sN%t z4ooR!kP|S0uwJkpRJg)=;Wud91o2RHMJ5Bu@(~t5;mU6p)Bs%Ba37S2iV?bY=l@ zRic0bmf-~GHf}(aOEg<0i{iBGbC}8-3V|sfUV(m@SElSI|b^R8ZbT=V4NHfB3pkE zpkT)VA?4sR$Z!UN7cgtmE3v^T0HY7977wyDC`325;tC;U$&`uOV7D<0uIsMq0#k%0 zIm$Kya#aqufKjCbtb@-fQ;{GVpgLzNA-3jd&j9{-aQutfiocoQ+FSe@0bc^w;B)6s zCvS&y1cC9dT0k)P3qgc)chmH` z4+7q3lrZ$(5J8)1ct1*@9lU?-(|&nBSlZwJ7Aea7U^_@|+Rc};32_vg^U)xOwYQbk zC!$0`AAC`MMrWjG<%3b?5S%{muYqlh5_be{P4@!b(Bb+ z{>P(SDIUom|9F@S%_I4H_rIQ9Mu_Cp-W>s~P844*5EJFqSD|Nai{vMK|Ld5HNh8?v z?|u9L;zqH$Q9dRB!$z@>-`Tvs?Ae2CN3mshH_T_jX8Pa%7Ab=M<{^fw07Nx1o)09N z&A>|i=WWdM*s^fa+e%2_X*gg$w}R1gYq6VR_R@NiUMc9-Gk%eba2J~<0}D%O`o z>*qY{|NP>l1J9+`NRK+Rk>id3sI4@Te19mIcY&=Zin-M%)0M?zmX{Vk?{0I6ZAPvws&8mtTJ2sxQC1uC?@ZUC9=vm35ZhRRfUE-tSxu zK{JN%NytNErfkBZfwxb&;>wUprG~{#{!mUQ>JR_>{<-FmO`m3r%Y*EHKKi@aOdglK z!9E6f{WQ3< zUGHG&pVnbc#ZyrK5EP-Dc<%Y~*ycYB08K!$zd6@4+dQpB@EujYjb7i8Xx%KCEvNi+ zQH!76E$WG{!PgB>p31vnZlHWw)>o3nOJr`pyvwG_g>cIM{2VyKn>)jSS`+qeE#Gk2 zY$IO7G}%b@Wn18*7ifO*z?JNh3FM@y*=_?!DAeC9JHX}B65fYbYzTnlaR2<*n}_@n z;BoV0&%jy-__#Z#<82t93Fk>3mt6QkM#jg3G2dTYbDHEC+WSw1Kwam2M$!$1pu#@= zci@!EL*ueC7uap;f?K9w2g&LMHc^-%RK>=aLZ}E)Iz}%#31#N;JAiPm+428z*8buz z=U*m3OMh|rGG2hTki7o?S^fXB`cJVs_=m?J^5lm*wx*TkqWx^bpBZ{fuw-k+<;cQE|t0d1=^#`cOaVlw6NRJUP4h{1pBS&sO~B zm-X>n*Yg}V#|!u#G|V552j*>`Kzm$&W5<7Yok0=?3?$XYI{fSM$1h*@_ojY_g=^}7 zJ@e$7-trH5dLVp+g2)K~w%9t%NL%-|gRqq7j3;GLin6AO}pWJV&} zZW-VzsG8}40t?D$%4huFwsH(E3;w)1bN6@>VIt~5TspH7NL)}0@zd|%P+TDU^!wlcrs+0z7zjAWCR21oT$wiJDz0ub&2b0?C-~vN z9#hvEpa=1rOuvw`25^tOy@dXDl3x~*l+a!)#y=LEx?H4O&35g{e7o@eZBH^l@ohQ3 zT?hItn8WiQUoPdha2r(CoM*rN0p1a;K&6@>HdW>KGa+}Lxja@S6jyas2dq9NHiH$k z$KK|W$#torwF!%8ZRL$18O#ROkm4k3o5~cy#{-b$MqjxKPZsEb)wWu-;27xR=eb~h zaK2R%H8^G-WG%u-FEQ}@ZGCL|ci{2mPW{pCI0d-=;& z_{`saxr8T|_65P`k4rwP|NBL-0l*hPhpPx4`Skna|Mf@)2cdhRC%z7 zD+D8l3Z^oLI{)wLN!QU#ERT6GL)Oy8j{FEGi?JiDBW9@rROcJ$HxRWyTW9I|$UkID zI8dVi{d(sIAcgklzog~z{K+L>;kD8H>a%H3ffMu{Ko*dnpFUrS@Q+WI+maX;J^0TT z?!>>o+%CQv_Futp!JBW1jV`jWLxR`$zEebq;7V%#V;x z%U56C{&Fem_QmyPz{H z)KGr}_V*R1{IHup5({q`{`}?6{kyr|$Fm!MBXj0=J}7YUZ^tlKwz~cD%a{1UjPDmZ zmur05Eg@93ncTR%T#=gn^_9(O&KEO4%S`yA?Ks@*2ro*bvj)b3SV%_dS1a+yO-i3! zPt2aDbG(tal?ayp`;(ODC+|r*?oUftu5-N+eiVO_y<=_EwRg2Jf)eP4{soytr$N_-NI~m2N;y0q=m{di2loy*8v3HDh^W^6(i~V; zv&U8lY?R%iD>%U>)!k-NA3*_Tn!YO!euDxNEv(%cX~XF?6qoi=A5E;wvLzo*tXnul zPNbcx*As{Q@}lq5M<5soSs$<6&~!B@ejaJF>kSB(tuN)W_4Peq)GsEIWw7r9qkX}Y zps)geBzN)K2R}Sl0SE3QKrEtZ_(MQ+6(bq|5^0Cx;}cH+#MM3d7!pG1Hy|MwI3w*e zd=rw7&;eS*B8K+9G};XagIeL;NE-(Ck8ZtA;r)PFu}P@K_2KNYboR%S6JVNvIitA8ch8O~q5t{u`~-hcL|6h~sb(lUkzCeS00bHvNb$DP zhx^lp@|Pvp-k;~@(Omw%*hvVC<;TqzIkcC@f-^(U>9oEW1&t!57ar6?x;8cZBM3Xf zG+pM+z^#7@KlQx*jE7vNxiS|LG&V54kPK%qFj8D6Qc0V_4NiGSGGvkZ)VVTQFZ_f6 zWKt1_mp~&DLl%Yxv!sB~yNYUo#RBW?>QoB=h-AYeb)$O?fG!-u4a7m#W%3dQ_T#Rr zDmK?G*W`|4X*4|N9>tbLYB~2B0D)oUR3<1`7GPF$0TdTJ7Do_RF99XZ!Zg-Mmh2}0 z(2+csZJ7#KCR33fg<@GqC@Pc5{9Mxw7M}EvWW6GlQ+fjcLx?ch6V8$e)0#Z>O$=AT zuF&N{UYS-F01(MmM5?6o8UQ2=U{6;bQ{ghDL|BTYn?MmF7$`k(=5Uyd5y@;u%6NPY zfUDWUMmn&xDW!|Zd{@KL6=7>!qqcz!6pCRa9UZBF%WD8Mp%E8R3%FS}9C3kuCUTKt zs5a$XmFpG(0Ff+Iq)f5b02l(O%}h%Hi$gST=kRCP9XS%uoy?8Hq@VV6Oon zglSk}$&&3%bqhoc_!&$U;jR!ibGc!M$=Z=Zj7aI%FCf_dyA~_hZTYLrRxlaZE53>FnBVO2NFCP$yEsH9;He_xb`Ro_rfuw6cz}z zVw4R3aLg!~_TiXOyp&LbMM;ehr8tV?ahW}WhY&m&sjy$T_9(gC!IP0q{q<<((`d06 z&BT*DrW~9PzFfHdeR_ojv{gk+gA_(UKFj)95P^x$d# z{cqfsRaSHoq_ZhH*FZB<0yJ}p1v~`;On>0G?elu%vGw4`_0q3I-n+>H6om(DuU|A| zhpHz>o<)37Oa7WEB+sYH zz{DfDA_&be4H2}S#Yl#*6d)^OaOf5s<{}X2fL$b#^q1(Gb)1;~T!OY=1^5bmrz*CI zY1CHVcAuZ9;G@1s;^pvhG4o?|4M&27L(wR}4^d$s-bn%#;-iV-MPi!ItS$Zd8ff45 zP!r*COp|T1cwwj1@5k{1jW}4sVi6`D2_z0)PIFJoq!SkJ0gtYdVoy!z6U|>{E^P%@ znqL>q<)S+^%FlkgH_nlfU$UDMIlK+Kwd_b+clG?}se9Gy)&?7^*qMb7WxY`y$Lpuf zdY}fg`G%K!OFAkH8?|i17#0V2x!P}JL*&-A&m9(06<&d_q@ zh3)bD{nPTc)msJ&`3@F1s}@D`yRhAQmU`w`ZMEZ|TMmos+s)I}pZ|;TKdg29PmoAm z;DQ8LhC$>~QC`tNUO^f)ER`5Gtc9{+Tn()l2K{5Y&3HA%K2AIPYHRl*?5>p0sSBTy zRZL*SrNiw4RD1~Tt>F#?g-@lE@j-n1m-^y1@E{-ri0J6UHBg)d0mpGbDg@roRdnGB z3Yq{CQK*zaU;t6k(J2Zn3b2lv3lf>47>WSg7g60SruTN0Kh%B$M%K1;Re?u!fw|!3 zK_ruGU_T{6(QQZI1xZGwZVa7rRiuC)E4XeX>Fd%2x*<%h`&EhXybWBvZSw@3C;+b` zQw_K?L!g!{5&~jiBSx}MNg8fff#<lBVD4C zWJ5JHjR5Jw%nGuXh1^g%_YH&{6pk?o`j*r_&K4X zb5il^5Z@u>L{VXTq;*2TDu%t#1Q)nkBnJh!E|B>sI)($W7-W4#6R-aDKR|{4hH@c= zzIK@PnjcRCYn`4XqbXQ&s==+SAedUy#C#2{=ML_<(PYlWAxu<5sLJkvf1^H=stFE} zIZ9dRa-!oFj*Y%B9V!d90U`@jBP|Dz5*`-tCFuJHLONM+*2E8Ywq!4gSOfvL0!}Mh zan8(otq_(G0U~s$C3^kDjT*7a<&2j8+tqhMuF26bRt5~ZIMo7&ETP-FqEK$ zR={no?oi_|go#2WQ4r0rq_5EG*%^itP_M8GTY5}FdZf$sffaRP#({HhK!Hh4)@sOS zk(bz0e^qzpppuTi*#2AwE3W{24L3sz?JET$92;u#W%G@1g;qQ=5K zt43lK3Kudg>zXFPYVp@VFl`fr;aa?HS-5>q@T|xnJZGT4CRmDONj4PS63JhL!C0%5 zr(&>p3wQ;W0xxW_lLJTOEX8s-s<_ZlLF8TQ1J|lQKKC87v$F*=veS z*cmd%&}K8=TY@eqyei59p`R)oct}=hsGM$5hjVc|Pj+mHvjp@gq>8SssOccFo~)KJaFVD8 zxkJv^#_HK;>KDLXnWZffKQiwx*1~~NNp`X)s_4eJ!4sv@<>MrpKiU-9M_<1OiD>p{ zx$|UOC$a5&kQ0TGc)C?WNqw+vUDBlYv13r| z-p)OVv1DSpF{8lgF@;xpEF`Bz1Ej}YtJ3t=&HLAk?D*39OH9a_WvGsfNlK zhOFa^g_)(%dLdshqp>oukBfeyonejf$xYkFe+949rnDB|9# zMB=95=*iSq!x15V2lI1UrOPAXpv8L{IBGY0W*;)rNFsBdPVx|hh@g+juTMO!`Ci)m3{x6t(HGtNX3 zMdA2yOlLL)HY6E2+f;J*oSsEK2mksHcKbB@YckA>DjY+4_J?^|Ozl|`?@kjd*a1CH=bT;G{2crbaygdlQUg7uD;lsavaDc?QbFT1-L_oG zRjI6NAR)ReDuxE)nv9N0L9Eg(N9G6!h!$$)D58RTSdt?fqR#0K^DcxErGa|4u0my1 zwy3SaQ$!#x>Mep?!eZ3u7H7ljoMTBKJ_)KsH2n*mg5>ub=ZyEjUo-pAH)aeFGg6Pe zboNC8-JMyVd)7Ds^kTM1hwftLrzhEDl3pB)e|GpiM=QVGIXVdQY>O4fEL%uV@{%A$BBN=2X=I zR!326!M30*hgiIgx?2vfax4ps!~VB7@07UIj)O>A{7%AXC0_q$}*$#86e9a70I+{JI1}CqYlj)Fq09 zYV0D+kQ$E`P=d}$D#jI21p(uwfgmc`loH+$99~8j;udjTY?Onut%csUdDZ4{L&+kd zY8Zn0c@kp#S;-J#mzSGpe+BuhY*_;Q0PeZlc>wCgs0Ugc$h_c^s|AhnGoNEV-gV@Hn1CD+cYm z(SNb2>sOG!`6%NUEG{>{Wt6=M_`{6MF~NNi8`FS3CnF!PE{BZw;huHEVW9U=&)mj6 zpcj+Pf!5d7146>w#c9T4a)t#-R@Ark_r6XS8|?4HJ=0KUKyg(42HJiL>@SA-zN5cU zc40>}$%wM>bn8-xcpvUr2l?()>fD3;1kj5?zCGtcXH#qmkAv;S@v+m^@Hyc;(06q- zvu5j5SW8qp(sQlt2~=Wiww)||2MS`|ftbIM4<3F^k3%wJ2c%(~UO)XhJ=FT%e!AFv z^gi4(%|{F<8~&FchHrtr)c(nClmF}k@)*#I0hzGrU+>FfFlRatdJkH1LbCTwcz7_B zw)wkTdAZ^FF5Ghs&tstHIre%7*vk&xb>r^v>#sHueK;Kj-icsQSwzPVNHD&xgj~o*m{hj`z4II24uT^Uh0ILN#RL$8s~uJyr(YqWh}$Tp?IEu zLCo%8CS-Mhp;^fI19)bCqRQ}nbjZrQm!V4K>+Z~wRQw`v&zEooJur=Y+$eVD$vQc0{6N3HbGKhkF=J z=-#~c@3DNO_B+Q^!}2alxbN5ElzbC;B-QeJm0XV&m*nxpckAgf-bdn=svnD$-ewg} z4cD%O&uARIgOlXvvIPDT@*8BnBi;FM7R~1Yj`yw4xU_p-xq}|(pzv_|TSz_mIaAQ@ z4+2imnNAYBMd>>mi@|V@voPn9WBQ#MoQ~(6Q{-O^tS7z$^Z0eqF?#~_jq%FFws=lq=;95FuvRIGE+cT0%n9;5O^Pkt-VBU$?ez-Y*f>_>AWWj)yUsKVW5-rMqy#$!50YEe_tl z2p{rBp!+AIq*C4^V%mbm&Ejsd*y5Ux3{(V$8~qY6ztM2NKBwzVhc90 zWzLl}cvI5}ry7RD*+i5b-lCFg)2k|VFbd(FHHoett_!7`x_E6Kw&x0WGXKFsKxd{C z@BdIiTa|zMy==X;;wwcjGU4y8-5ut;9$dBi@Rc`nCjOeV<}9D_!hE=ExA>Adi)ErV zAzf+(_xT{~ba}Ia@0p&NZRXpiS;IsY%Yct%n%y)FMSFSsFx~a?(f;`o{5wmH+?W*+tlEWO0~d=Dq^o`{ zODo-sgD`u+v{xAN_j#dK5AT+CTNw_DhCgU4vi*=&>E>CkPlj_+6auH1_h?aw?MY3g zH@x4!Z!P;_SH-k_-{bpj-7npGDm=4tim_1&hIidu_QsaVLFuNysO98UX(U%lIn!(0 zmdAt9wB5@0cV&{W6*k)C$hmE;>b|~oBuA=F$fg<^>%m%ou6M>tbz`opo6@@a0Pp+4 zhTbcD|G}HX`=f2y2j%An4|gLH22h`1Y5Uprpx9UY_vNMY&@@VZY4`m0v#kp}9}Y&m zZ{4#!xa*_11nXF@krQ5q<)h`X}&3fL-mxd z)FpSZyvY>fO_ADl>)Ebs9^|{*@W=A`X;ZvY$<6J?X%|+m*3k7$u|YSJJL%2^mM}9C zM;qs%Vl0h zesMF)G-}Of<%i{{S>ITR%TE0Vy>&FtDBOo#m)Azd1R9+A;oL5J#eD7I*--o+jqZRf zZ$&q1RC2A1(0I;_M#bWfdj28PQ7x}iT;7LItA|`>F84Ff`)YqU&JC6$ z+FOnq1vwVAS|`uvNHbIPbnUh;K}mN%8u?y5mNukA=9$J|w0h3mcgc?`FPlcAoOMgL zdcAr3upDRgm7P&Gqeih}cYrQ*V`6T+MR>RAPV#Hg?2OgGEt#e1WRe|)xBY7CW>hH4 zW}6Nd1}j9 z^S*1Y0y^&I{hMaFo$D{cj!^FAylO7jUr&GtS~pRCn5{k7RWTg{rSPN1%TWKF-DZMHgLS00+pvSUV-X? zQ%D3n!aRJt8M!#;7~fcHkrw<7X8jK4`+;AZU}f7AksD~_+Gk_i`}jm-+j7Bt<+;U^ z%KrX4-T6ITyM71rZD$`Z*W>N?p7Gz;y(!!8V7`}f@!!EbW#O*>Uf<)Fc~7^NSeOfc z+9_~}E&V@hhvI3d>NKx1-af#O?v*3>&s#V!xFBB*+LZz*njrEVAzz2BM( z7+s8dm=)fdi|fIdC&PWMikseJns1`6?UdEuIzymOqrWxhzxC(i#anaRU(Iz%+PyWm zFq1qlOK!e3hy2ytwQtv3bHQKD!GS5gHJAO>TnvZtTXV}_&AH3i)f{X5)tr$2^!I0i zznW75&v~_Ic=ak>tYCQSa(VS?S(jOUyTE%jYAeLWd+RcIUk7F63+}5|Ef*t04J%)+ zR^Qjls4X1JPJbShWp*muuU@^L6L|0GGVMRTGWx~f9PVx4c39?kG?e;U;VN%uDS^7mR@O7qn#*nOcQBn-uZCBn(veyOw;PWZ_eLuSRVfJH1uT z1n=v>d{39t{^=DGPOo06?_jFwGV;?qn16buXTLlaIPp)fjKFK4cQF6-YA}L9=UDYm zufEHSVeje2uU`f70mDa~ zv!+H^*Vv&=XFdBz;GajD5exjNFSlKP+?KJ*eC=${2+&Yw)dJo;02Y*o4)k-g9=3TL z(+>XK9>mpM_4V@x#G(@UJT9!YXccsMgr+nCFsL+t!HW3g>?AAoYtzT)QvdX|5x_Tu zdI=Uq1_HVYfM_AFeGmRvs1JY|-wZN{ z=rf|D;}7sd0VJzWkv!KI7fwy$N>AELlUOv|`TOh%JWaIa>ooncbYX97Va}I>93jPc zK3SbyHEHwPS0?2stan~x;*vPRaZ6qV!P_U@OIe;!)oOtBwM^d&d9DqP_%Z*}Z<_px zAnRlY8WG0yQYv5(MXeDIx`cZcN>vNq>{@yv2JLYlIY6i?M4Ig%o4%;Cy5?u}U6Qm5 zwA8@T0wOKTy8*?spN4PW-*$mS*?<3eJmMbX4Ip?#;g1CBkAT&q(p1;OktsfUPmlJ` zxPcDSvO~o?!P+a&;MoTs8Pd=n`>=X~|bv_V|thcy#DTdn(Cv9V_0ziHb(Q>aNdEZOwwvltIg?{dIF-n;Kd6 zkN^qcgAT6}h&|#cJ`=K(mI`PJ{-9&VsF`OtCM*Ad=u$W zVAQDi;1f8Vi6$-iYT=6}Wl2;q<^fPVRE|=`tL;-L3ck??*G*b}z}^JgaId{m{E|9} zu^4whm9YyT`ovvMg9Kn_Z=Dsb$S?wzpSA#9mlWBxJ#ckBa7mkfL*``Pe?0FMr<`NC z_)jC0L7W_!XC<5GjrloI?MR)Mx=M@-qktN#{eA{xm4)i3zn3D5T zH<^zwlvN~Pg1ugZvQ^fKM%9dHQhEwVWf(apDUQ>%tC_1kU) zib9xtHSh#!3dQpk+=}Y^Hz&0X^wy&I(}I=;AA6Z@ah~hQc8{-TKA?Z0Wbhg?LRp*{ zV>_d40FDXxaju-eLY|wsTGfKQlx(~HCE=2Uf~S^xAGmr-?mp-k%=@+zAyIx*ukvYLOkj) zE5ajivB<_|-dg@X{r*^SMCG>N zB4+vWgwpG?XD18HQ7!d^8Qq{`|Y^d4gVOzluX0}+`^K2HkkX>Y-W4At>ZT8&! z+jrq3rS;#We(}Q&Z9BT(@kPj^I0{(nM$&qC1Kq#^Ai=lIDG(s3RD}#aO@GK@7Ev-S z;Vsb)ltN;@5oB0MA1|4@fXl7LExQn&>|I*T8!TCG>oIh?8m1De^-k;^rQh_(!2#biBZ|Rt)Ptk0os{HvK3ojy;v%Zii&XV zSD0Z?7_>X{d`X{j>5O6{*+GDj&k25d`t=K~{rL9H^|d~cNejvrjPXarR{svhg7Uqz zoT=;t2<>Iy4sV|#GZYv8T|zkC;Z>uAFjz%6Sr%V*6C+B6*4Tj|BaZ?yJZM3G~Q2~RM7Y3BH@_N!Wg zTQonGV)fnX%+LZs%#>CKEJ>b<3$L#>rxB~V&_1-Z!zWWcKOFBE^V`~La|GFkB{&EK zTL5W|(zz(H9uKFwsmOkePtuciCQg}j5H1we&$Y|XamJh`Kd?~dE*Js1lQMM>& zap-}!BVH~NH)E#+l6%xe%qWTCS;Q#ahp}^1;j9cXc-Bx+usNl-f^g$MNVVU=&v4L< z^$NFRsrV<0(;aN%gqYmJ))#NEEHOu_E}d7))3u7KIbr4BgZ(H@3+Va4K{1b2g^EQ} zLx*7Oafwrxs&Slo^Zjh^z#t)ze%Jn^Vb>5VYj%mlqDl#U7-RI?^JkOBo#y*Qxgz8S)z34KLGAA}!4uV2y10};{NTgs3spl% z=h$OAu#^2nA+?jo76<*CHWDePfB7AH4 zWHYjNVDpb4)SDC*>!DBrGBUe=wb_g}p-v+c|6)}3USjn^e}eHw&U31z0cw=_=+Ypz zI<9q@xXnDc48N<=X51IF2HeNnocdk%+!wlI&7{+MTRr0>ycV7AKAqZZ{EfRihKaVlaWz)k$HH6uM2P{!fTK| zd?kuT14xjaL1${-`d|ux=^HYbyIRk{L=T;iNRSx0V6!uS@?uHJ@9yCKCP)}w^TVmO zAfI#;NXmkXVn6dK(=>j<-fz&!>6Gbl^v`56f{{WkQh1+FDa@27Ducxz@$vcjJMx}x zwlv?>6xsFeTO_>F)$0hOfRTBP4xIEjJMKRmrn?@Sh6IF86I^7(@+`qt#iNcB%*>wj zbWOqO=M(wehj1O_ET&tfx2 z@^YrUK8NBNQf2E#UJ>jHSag|%J@e6WR*?e^Kx0(~Ey*53;5nl&;D}d~&UEQT#su_I{ zohV-XCQiz9it%HSUS5C2z2Ke=5-gUq3LGni4P~xDq{0@WmMG6&|51IR;8MIDWaFqh@Xhhl=SlM8KOoF;Sgtbl zF3t3(P$NAW1o@)&7oj4ni&Fr)2mkDleY=*DYNrW{kRyI;*6qMvY}XqyYgRDwqNL-?$N?eqz75cPq#jJkc;(T6{oW4?iH#3iemBvcaHS zBuh37$eO2vMqEK#wh&ji2N?m@keyA9&@+E6gWs-l^9M=&C|J46-%W%zGkiD{lAX=W z(N90kl;K*)n?wSmhe7X0Ey#5o7eQIycCG5M>ZyvjXsELN9vkt`X9429Yi@jbb{OTH zwts6ThGEs|pzvF7B6tpt`_|-PH!mO#A12je%eoQ1hO8ofXo+0s^)_hx@+%H%qv{r| zZ5ms+*FVdZ&z$PVQq!UK_j7UT90K4_$O`+{FP1%hj@VA=J*r5!p9w-ydugLUd-WXv zio9rNg!(#u49HGe^+W7R`hlOPF9%h1^>`n@lIK1`uVKI{rd(Z301J>|XFemM+3RTJ zpO%MxZ_li$7)5;kFwb1q$G(N^{v#xEGxuNXx411vZm8-TD6s}Eq<7^1fRom9VeXEP ziXD}lok4L@^4v3_!6q)wA7NwQ(TJ7Bv=r3TiuZ+_U!dLJGTYmpR!`4czaBR97r*@; zXLtj$Kk36Z=xceq&#k4050PDoVAs^(Wmb{#X5YG-pj1L;V?6h%g0%JiwvUwXSz;`BGr78h&*gD85rvS4@40EnmVkW1^4_ z{sh~kZ*5?(7GyI3?SX9kTC!wd*3Z`f7!XeuL5^m+;I@K46dcXj!610jslX5EF9*R= zxS$;C5vu*1!h99NR?(lh17!3Bf=yi;sg^*-O5Abjyr*iZt0BmJ^mnWHF$iT`@$dcf z2i;_>!vW9K{(CQ5FM3~hw+D{<`|1G_$x9mjuQJ23zpny@{=WGd{Vx=SDvZKNvLMm_ z;gjhh}?g&`#%n6>RVd5;R&pe(=Q;e z8*0;*P*+nue50VYOo+27vJFkeVz}?UTp?`WA=h!Q_gWx=#i&l{8)b zNp*l(=vFXx%6iLuFCK{0&qEC>>eC0)YmyLVad=pGX%vf@LmkHP#%5Hls|>#k{Z45o z9hCMSQ@#Iq!6x=UB6~#@n3qwAuwCCBr|#TXXnqE{Z=zTd{gU>iQGHLm9hi@FkJg-h zsbGkqYu(0q>qRc$;_Z#|tU;mntZSXOl}BMcu0JYdNe$obN>I9rGL^6TB3ZJ-2Ry(2 zjBgPUm5sdIRbwGc_@RFuPxgh0RZj%K8lm}kNX0F8<}O#Ne+^157%e~=5P!sE5wttjbrSf9Jza);pHGb631aqW`|0a6uj8 zxDxaB82*dDwh?83U00U2+C&}Q^0@v=yBg+!bOJH1G>RDEs`brpe7Mcmx2_}Gzt40N zD%>_Y+)QZngoJRoRm1?r8(=?aSOCQoJ=!yTPBj)aj#(Y1w^*jpdrpjea%25h?qn8w^(tYoptBt3I zj;D`xw{=%&e-T>$kd1D3oRCKFEeg=+9v%Da-YCo}MI@9wEg~cD*-3qCn)wN-BZO`u z1D%9L*-X^5KntVdp;PKSyaDL%3E8|f;zUYK{vfdXYF_LL8aS{iLS}s#k?$z~bC@eA zhez(#{mTc3OM>D{$8-3J3qGbQi@8FVLGjh&uo(li0b|ldo~+W|s=ZPPrGb*>>a*34 zOm~Qkw&L-`W4<>(Rautj{WUUFXfVsgWsY%wo9MFVls^fwiu^cR+Yh8R+ks4_d^FUr zvGv%@1!jppU?~I7SerS1UoVbQh|K744vLy+&i%6ErD#V#J$XKPz;$t^g&$nTSPw3D z=htV~W|*7aZagnES|rQ&$S}ul3ZZ~Ts8KN0Mq@#pelR4G?F~vI!YVldTx_wVe<~qe zWbEURdPrmyVwDRlq^h#Ywbu2US!S2{G;k;Xf(CzV;zXS)O&c~Ez?93l#OpX;^u0Sw zmXMwaMDG+U3KsKc)w+op2Z?>Y6)>IEW&|v6kDaJ2l6%7B934#<;%c&#ppDT6=(`@r z1mR>yqAame6qTs>G7i7)AAWclyOC5+n#=Fiw2W!VfU7KoOGqLn({cEGS;d<$qV@GB zoL`gpflgcO+NH*;`&|R-(0bE8nooqpy#twS!*(37gSC(!F~rO&8GkX@xH`+V$550! zks$nESC6>(HY~JU1dtX5vKg8wJuHXXiFtr)@yo6?(!kdsu*ni zqKw-U#f8mhq;;oLa?tzxnk>D_Cg_D{TG}OFboq^ znG?|e;M2cH+5W%Y>+$bdBmendfAW7*qdeySkN;g3{QO%n+W*&rP5f;V`S1U55i5t$ z9~Q3e`!7wXB^QlI>fh}j|7&4oG+erjnha0I6U>a>O_Hyc#Vbi_y;op`Lg8-=mQ1^g zU6~QMo+EtmyCiCeR)s2TSt^{KK_#i0XJq1rFL5Bv;wyrtI*sm`SnHJ{I-rR(I7+xj zS}~e5R(^#ygm@cmA}`?`EnelX#EplU11Pyyk)-$T76BslY1YO<6A(k|F9aqd2!hlb z!idoz8HPMkqB3aB=MJa>Ada8P-zRBQw||4afZ1;_dNR@lkMj^f4y+j&l}K-20&ZAD z6vuu)LNrAozh*h_xk;2jd=Emjk4P7LuKi6M1t;Ck5`+|+fhyQ>JP4hhZL;^?FZOqH z@EW`~sWic&tO+o@={Eueq?Umc8RabTd5(kzc#qZ`_>DZpMSvrE?5K@0?I+}57y~+C z*(UW|M_RkV&nmNsu)F@-I9G;g6{WS70J=8A0tvc--a}A2g@-i7)neMrLK}GpQgbmM zj$7d@jpKg?kR>Zw<#0E|LCajzYR*h>q&K*VsuvbEWdR1Y=#^~rVI#YfY}<<5zD)5P z{YLd)SJyuk)lodyGo)>r=-##NW*(?K*%@M0^*5XI=;x~nT2?H17&ZwScKUF4GU%{7 zha8wvc^Er&Ev;bX>C6F={p*B9v`jb8I|+LV7$gZ!Efa`!kS8?=wWl!>Ngvwx7xeR| zT3lg%;X{P20c3vP)~;gz48V(*tGEJvp1VJwmx|HMnDAD;m}8Lzv7($4EN}aFNEQMB zCQUplPIZ6yv36={_B(ak5n~_7{Lh5)hP^iv0T|VB7+SHAq-9kF=yvdRQ|u(Pb{b1n zBdAZcbIw5{KX9wg4oI2R=$xf9JBhwv7>(aUCRe_#%vu02$Rr<1)TA&YE?nJW%`tMz z@Rv#}P}fGbye{v?YAu{OnU%JHud~b5NMdL-4Z{NKZLQ@LIToljTx4GRl&97EgCCdz zg1+-y9bhwEVeQ#>Q~muw4^$P*w?TT>ls+5Rr}TI=DU8*d{zkFBD0Fk%u)+c+QR!WP^u3IIc+;H@cn=a{&U*ln|@MFHor??;gQ!-*cB^%XrpvD zGCcVCtMRv=#R)dY=%H-cWZs`cZ)&xqkqGM#kUl87d0zqp@OtdjJ299+QN!gO@E;R5 z@f+21% zY(i56pA1f=PZVy&<*^a5_L19ME6o=ca4?8E@KIP~4cxEfJGxMDUq$z_l>pv?2hPNx1+dBjd;l+~G>n_MX0`WDGHh?Yo^q_FL?Gm90b^ggRzoNh>PHCfHFh7`Mb>bPqa%QMM(unqpfo@&DqyE- zm3c$jsZ0`sM=iXJa2FRT5@B1EA;IR$5tx|WAz@Ha;&UVi61*e9%tu61&lio6JJL35 zg_3U2|l~z6J3yY+6)10CYeR%Da$Lv9;R+~ z++FA|Wj};&A34V+NH%i@KjzLDAZU$GN+?w3mxyZcqN@G5S3hdq&dA+agv=D_M$)2p$B8Cuh!v7=Wk9t7 z?&?e(pk!`#bxp*bFW-~bf1)4@3z{WPTEoH_I>3bHnn%YKFDINlu=9y9>?C=SmtM4_ zLI5+5GgrGDX_1&X2g_xcT$auDjLp>(P-y_paW0EB$>Aah;Mz$9KoG@jIbDH?@YdKJ zmVd_<_ryqOb;-APuapv&uv17yPl)}^=>>j?D@c-_74JJj{*6DKZkUnQ*XMyKqHO1A zRclBJKze?hBut#bwve_p)C7r5 zkz|L7?-W9@g`J#=u1gogC!0 z+NF~^5k(m^c%l3FoU8RfqYrr}@tC2**lHtNxc#-_i#uUn8L|<-+HxI{FX9YhIGIjW zZm7^uW6}qR{MJfUbKg8v5Rs$BPg6;l;%(vTiC52r3#H$>-?N2-DO@GD;|MW zf2agt!5d>6g};F+-=T{8LBP5E(&Tr37qChmlXEw5uTKWppUw~mY0#*KpfZk9`Hu440EV!k;!@>@c2-yww6a)=!$zxYjDQJ`?Os-T!ZMGh7 zSfH+vmH_%K$zPt4rfCj+FnVjNFP9Q-3I;qU7@6faQ;hCKBJ#c?0oWj3pc zYN$a+UO=;uKsl^UBt#MKBIpzFPaWM(0U^Zsw_K-t-By+RijNCsnaIv!%x&N!0dZ~c ziK>zx{l_{r=UHI6#ZRgVLZ^$_!Wjnj%=+U7OledQ}wb(OpId$*zY4 zA7h5RpgngMT?}KsElSS2osVpf!`WAn`IT2zr3F8y4 zMp}Y#zcm70dqiLTg$CqqNfnN7v0^WDd!$t|Zm3K=VRP5#2Koe*{nc$vq00T6wC?@m z&C%`NS9k6sBY<_l*#xMlrIm5qd+KVGRt+2_tbO8Sa6`0cy2C3ZSUa0Enz^O=;X?q7 z>#w~)S^b9W8QUwDJ|3SnMAIWD?ECYU2ZL-01jm>IUM@TAm#3CwRNnVZn?7GLz2HSO zNeG|S{5m0Y0czg>&+Y!M<~+d%skFhwhop$&x*rH4o+9p+pLi1r@qE)>mm68d=F@}< zt6)9m{-v*dczAZ=-%Ub9#c%y{wcRj)JY|?iRIk@B^67@8m}iN7zT|5w2KRJSH2&Q> z+N=}Si1LnSN8D4HyU_F~ej)~6WI}!vUo^Zyz60m`Q4Xk-maeG#vz_uUahaUYhkY)Y zvsj@4{7zh|#yPnq!q1(bzdR4{)a!|3 zK|+42Kymj)4P;?UFLOM!kXZnDb>OjHJXHp}y`%idR8y>GO6z~bH(q;1XnNDSN@`Zz z)bmgdBfRpNnO`o-zg&`^H-mp#a}-vkX_E(Sy_E31r8$r>oyt_7}2v zVfI$Csma~c2sAy7Unw_JBcb70;HLGm(nsxSaUusRCvL^-eJ|UEfJu8%WtUzx+=?(K z4}NM8%?r<$M_%3*c}ZAVN&U%Cz+XCK+s$T&Ra0^40*ER4-B)N%Gr(Y7JOItYD*u3O zB_*ny7??RE**(6y#zpmSo0bcc5INRBiX%;bV zb6z!-=u|`Et-FSpNGYmwCtd^DDLlm#^(3kS7Ill5-@<*?w=<|}Ou(W!#QTkg`+=R> zQxpR+K_-CyEm1Qb6Hx6(8}5v*2FW-zx8tw;?dz}Vx3~Yj8$B+3z*(@u&TE z3Odxre};!ooNb6hXlY%@8`9bkmvdK0Q1kQ$S7p`_ezbH`W=u=wja}M8#T&jJ{_E8f z{^}k(vcH{OHByF&-G}03?>A}3Np_rVV6KS`N>e&6Idl@KFj+v7ydrZ@CdW}lkYFelV`sQ!Xcs{{o_*h z@_q|x@H6bLCfOAa(#CmQY;!Wskwsc3h3i3zl>E|?m9Fq&l=px;W;7I>HoUx2ZQ_yvZ9CePdB%{GG_N2dmODLW zQu7=6A<&(YNc&?4k4buLE?G~dlP9M8I~kIZ$V_V`Kec3*P)9?7 ziVQbDzs6x&dCt*QsO`Z}^a;?QU24j~#z$ywq2+rGwX2e-PXX4?%lnkXS5>L|3J5+` z{(3Mb+F#C3%$K9nJGZ$-2~=f-_Thd1MKycWdV3Sm%QTs`nslrIV`Hhp-52U=^p(Qj z(8r5kuUI)M-#%RUE`+dOl7z(*+fiY(tKv7~TQ9@q?r4%}1d zBTU{5^GI+5|4LKBH)2%OFVp!ChsbJ;VoF=9tI0fNITZP&BV?O^WH;sHvF-3-}=){f(W|BgCqIr^VFzPU?$4j{E7<53kbYvp84WC%uSr-x-h4ecmsC zLUkf$K_dv;uf}ojf!>o@3^;gC$-gvUD;P?hY{#jr-htVZ7=CZ zf7-9m;dnN7JYNrT_Y*w`cBNy6OTX#;COCzrqx{peOA!H-K5YFFBu4wlD-i5#rR&KE zJCda=(AQu87?ZT{^AmnJL&5tY`@Y;a#zF8iK*j$FsT-}vTsxfUL5QAVxYF0c1q;i5 zb7W2F6U)haR0hd5Nn~+ehQpQbn|~(VDWWHanO&%lXF(;w9N^zHI2W(6>h()o)u4Z- z4v6qK6;<5$Y}+k_ZS?BcLw5v*!GY*UFE8H|sFK(D_BZ*Vclif!oXix=->kWC8eYpwzLf zp2ya-QLNy%uc+x+@Gn-CzV?Z9jIt}P(}p}!+bs#{H+ptH_4eV&4S#b_8j5|H=q^v0 zasx{-x(3T0lti5(8~cI*l2Frpoa%mm|^zSpI35p`X48e zV2S7e7f*(iJ4itAYe6D!D`88gKBg4Rb(ZU=@R^5mg@MB970pCnUN~Ou9~2lt)_nbA zJ(9;P2E!EDJmKs7W1B&9j3vIHK3Qfg(s26ow@J7IfE@e97y}(hp%~0(6ViMVD&KZ!(bNJ|wxK{1#5XNFG%O_9uhw* z)o_*urQJE=7<5Dw9ebD`X)g+8l-|(aL-U!<8KT?!LxC@^aLwrYv5C%K=18ng5q`ZU z(v=(Bxhmwog3gp|f7&Maeqx>P=tF`#kormU9xX9v?Mf57z5MK-I+4YpnfdA0fuh_A z>G2XqxU6|XSs$q%nVqJLizZ+H_%@-c_loz)IGhk)CFhK$47j={e!i*(3c}sp>%DVm zybL@fQOrD;S}Eq#loRDwT(1V-*h_#&$D))m~};Ft_mDd=PROJc1EFZ^4=WG@eX z-ULVwM_%^Rl@to@%TG%74wHgr@U%%3CYMt>@cik`{Qx2nj@+ZMi;@jAj7^F60@rdB z1Ohl&r>;!l{Tq%dnX5iI;Fc24 z@^fuf{$)paN|;}WKi?W{DW)$Jy`~cmW3eK=T!PSz-%q zV$a73c#k^^Vq*1fJ;Q|S$k^4x-t_|SYhak4YbO>76EMB~H&e|WUKvYscsn^j3oyG6eD>-zOx zBkP*Ul)#=_*E_$)$7BYfULI2|z3|?`Tms1c%%W`fJh!{^7_+WZqX)&@@Og)t#IYru zjpp3HaODslf@o!~{U}{^m#Tmb0G)*uWK8I(j)1pHpY9ZWy&Fh(+2&XO>`_saG@L?k z8|>O_MPJ#v*`NTgAJTCi6Ty%%-4iZ7mOW9fedi1~+ryK}fi68`n&Z6sL%y5E|N7st zW4V5kCE{&0%sm57#{c|~aO%o-@0Y2DL5|Klay0+SziSwL^fYvZ`zlFsfv*zw|M_QG zN^Tmwz6kR6HSZ@--2VK@T>ayb z{O1PdvSxLTiY+3k5LHJ3u0-bv2|e{fnX}=R**c=zJ2TR|Xh#Zl6_QybPm7^Byx2N; z=E}_Czf8`=V0M8e0NVSa*Y|`CQ49to^l8zZ@Odn`Gb+Pp_sQP`cU~6aVK;&}GSq*9 zwB+5JVWXOk2W8*;T2nZ4CF28RJ-Oa^~$s*HZ6 zVHc0}dUY|(I65N^*OBcw{HXKM`A|`M!t|TjdV{SsXUHIql zTtyypwIx4(#asmGrZa|@*pmQJKj2@LLZgoYnl|)m+HDr^35vnMkLuM+WvY#uRb}fR z_z0TZx^08wxFQ873vE3FK@zg}Rq=4-GzFKQswoQ<;>@pOjh`ej8w9KPyg(b;sFYL7 zL~oR-B53)jv-oiz>N@q!pgmh3Z1+I;^?CeAW2{km5B(v#+KZYhYnKC?G+GMd-Pi6G?h}a8lkb{_7`S&(nLa*l)zj^*XlJxs+oU+=# zwlz|W8=U!G+W~?tKht<~z z`_793T~r+=A12}yad`<1qmJ;~HW9=_xUYh#U2h&lJ)QmYd>G|aKgmtq6JI;=PI~!%`q@v_pbu?9Y>Wjw zEGnye21PxF!$VHan<+wzujkGaI#~7MLDx_YU%T^Z2FO-v8A8=K^X|}4nE9fC>{|E_ z_m_d`h*t_q-hYz)NBsKzce>c>yYp9Xu9usG{i~(yw@5~I`L4^&Y_bO7ZCaT9mpa;U zI^Br@W&&7Y3NL^v`GTT*sPIzQR+J)E>rF5>ef{0{xV;og?&r+)tdNrwYkzZkyZ>I@ zkFVbSi$n&QUG*D$0KHUjIun;7QR`L9fJb z`bMvr7)0t}UTP@Efp#0!040uFr%TC?SKJA_*BrlXf$E@ff8F%PmQ!Y%DfyHYj9q4dbX5@iPZ2_Djomzw?eor=(U)a zMOWoLP-pRR?vD>ik+EJ!waGjPRMm0+a%=F?F!dD$a4+T)meiEv4f4oua{RdSCZFb$ zk0JLcTpRq=c63QXc&?W&Sim`eQ5KL2PTjxsLH#Qgzj*-utPlYEt&Bg(UX6e2taaOJ z!YKJx9t`mvD0v;w^eEJ%boQIG&TeHHF+PAeS@KGaCv`7*0`=8N?*UY8I) za)1z5-=Wx9+=@7)J;Ab5ita1{|zY2+S{vEjr>YEvH(+ z9HcSlTaOZ_1mAUKHOqT?(c|zJqs-6a#ZmvqEVmDX-Fu<{d`Lc_8!I(B*V}= z@NmvsIQ{L}7QD5oXYLmHr);zpof)`>pXTHbre^}a2*&ib}VYi+;ZP$1Pzs`Tes z8tBSb%Xtp94EjxML{^@~x!@^T<|p_4X!&7`Xk7wSZGVt?(y3X)NIiSB(ZOoy{We*q zAsMsA=vXEsR=y=}@rrzs-|%iHH57x)4O5~!GC~`$De@Dw{!VsC3oz+n)&{%#*#yeN z@Oda^276is%r5$0zScRr*Pk5pNCR#Kt9Y_@WN>$U8z6{$_HS+Z9ov$4{ZbEHWf_vY zdhNlQ-}t@KmT5fIru_6S%FZA0K$zz2>A^*GY>EHcH zD$2Ivxyt@tT>9_Ltw{)1>gJWgCrzQYE*~M0@Ed5@;A6*#2xli*9w@^zkdcpb9b#r7 zK7xo}tTHF{-?SMtG|4yzk`pb6tzHunP!Q==FR>`#{e0`^^R1d=W(BGskk_XS?gatQ zB}x7vCnxPIn*#2*>Fa%aP4xJrwRIF;)lt$aJ`=Gkm!Y+CpP(j-{?yWVJzAw(Vs33O z$GXvhDWO8HeZD>EhGnF}taSOjawb3zVF{fWub4&SYU92kw%9*yxtXYWgUyE_4l5)I zl!>)`)t&%I#fJKc{_eC~G^V1I2ElChaI3y7^|xm4nBDlPk3%Q^!cPiH*W0i?Z2d83FLj0Sqlq4iqF*hDqQLec{F{lb5%_~OvCa){0Y(UHbl zBH`_zx2+bc$c{jE^7(3Jjattxmh0?MPrZN@_&NXPq%Q#LHU3W8+u&jJN3>+P$fbZ8 zXj1=eJwkh6StUgn%9^9FlQJ`!;MD#c+hzR{u6azlNa57qbNj}@hKx7!Uqv`6!u+>) zaQ%U=?JMoIhHCn$6$gbo46>C~V3Y!kO=?Si*Y(jH&9y?hNe|h5j{_}?b^|kwmgSFX z{H>c`O|DW~NJPPn@Vj)DXMkuvsl*aoa&e>(@r{w1YlIaizIn>WL2GRs9SZHdyETF{ zo|X@0fCcZ!k73U4IpdIlbTnja3bpYA^&}Zk+X}-{U(Ok5W5wcnp^v84W|chZ*M zy6u8nU6Q?B<;9F^hAhfgp)L9&pJ}7v;HUeY2fJWF$CW3*6ElW*0lOCWSNzCwNfh93 ztC819)EoK61~W#(3?tPcJuuOfQJ%pFvS2`FWP7DPVL%X(22L+KPpaXvMCX6DrilFa zvy{h1FN8`xMA5xP@4mxPhQCwr!&{dbIeRJ?>cl}P`eloR9*H{@z<7u3Y3~dVBcbI; zX>n}K1@=tm$n(z>rM z4$Z}ud9rGwxIRu3v0doZ5f(J{clmXA(iAW}t4C51h?I3R;a12ftB#Q?2NqfI+_Wd3^pyi~`5JBWb^WZVZ1M|5#1oym_i zNY48w;O9!Pt|m7wq4!QY{Ns?nwcAf5;DdrxG13P@JSwkhbnst4gRI~vHYn8_ZWH^fAg+Sj|Xdc$3q=a>`A*k{_c?_}I>)@WK2rt$+W<0G|J*fi-NDPPJ|S^X2A{0j`7 z$fG1K@E{Ing&ZKg91s)xZ_h^lMcf5LnwZ)m*YIU*YvblmC!ajffy-43DqzGnM2yjB za-tKm4kee|Xm&sOrQ#Q}U;9+Y16Vs`_6g+pVR%fJPWr~R{Cc{Rk%I#5iDFpa^j$Zz z+6SulTZ(MVp(4>2$bHrzAxbYwT74!GM$;XN_SQ|ZQ0j;{BYN8=eQcc6 z_aEF$?sRju%qM#=Hs|&FlM9P|x^glF$6IvK_M%}H~hmP+T(HJ|SQ zOY=Ke$Y!r!$0v>xz{+CA{6d32*zx13p^oX=h|vLQUdmIyn*3%@2?H6eSFj)pKo=eV zwqe~x{DmHI$6|29`~@A|NGm^@B>6H9a%B`zc?1uSC{~;|Z;qWltUD%=1SJ^ax4PuL zjhL`KOr+-}T2>M`$DEmOkf?d5rS#)f60owBqORxYl)-`o#4(}C&ejWY?VPk7?c{Io zSY;iAl|I_vJ$cq~GbS-FYuxeJA~hawNF`+r%Ud(;Y8`mEX4zt6N@BhV9*(0J7wH4y zx8Sf-(xV6rBk$m>>&A z0?=+8H*`e;QY+z3Jf^meNV`E z9q6V|e?0oP-?|!k?5lpt_gal;_YT1O9z)b#g(+Twe6frSm*?M}MnOube{)QstPb$@ zH>cGD-Lp{N^+Nm@hop}q-b8`_gziU}&Rz80YA;@vxC!F0S}?^K8Qd?3On1IDVWfv_ zH*I<;!rvt^HJ^rA=9++Igwc*%L;=sBSfE3rA0d%;S~9yp%Hsgj+rKh1s2lMJu@ z0eYs#lheZ=V;+y&j{aO2qlA>&nrJ;R-hb=zCOrn{?P(0Movpg5kDJpP@9Ky1 z4ZR|6j!Zl8$b{_iBNE2f!NV>?;k*7@Yp+v*`h`>IF4LKR>ck*bWDzPAqoyu84F20O zF~j>~)0<)S`TZLH3`LTV3;m4JfYI2`A5Xxci2vox>Ah&Iieq{Ey)$6${SEQ_ro2twO~e+5@ZxcV;YI`$aJzx{rOgWr$U{88k%eN8^lf?eCt5 zz)_zqO1;2uc4($db#sn|Drpj`2@Z9|0qq)+?rsmmx5efGWaibjt~`l7QBnQXeKn^QXwBJA909jDcMSxfq~4-f5piip77#$hFT}?7 z{Dy}{mRYwq?oy@pmo;0VD*}->F{r2#`sotxR|~j9vC8uL8~0{eN`vzs05R9S+AbdI z+L%7s^S4I&-}kDFiy~$d1&&*jSbBsHR>W1}&pstuAj%X_MVF}XCyr3F@B-&=4~PR6 zG&g?Z`up}!8d^^HlYd&paCeE}Tm$Wl#s2MiYGjXrGgM@my`Xz%on34YyXFdgmvCiA zWZ<98w-qIRhULpKKmNYOk+=Ttr+o898a@yCuB9labWheHgC9mxC2cJNOT=S<_jW)P;T3cUXb+WlUA5EfUiu)xoR36=7(v}rgk|U zz8&>7iV%7eX)}S@(-H*Zzo#2{35$N=FjoHd5v%aYMp?t8Ax7CE45-D+>wkIeZ*3xL z#`*W%58N|zdpk_z6kfTGqbS+69#kIjk}+oaA<*Dx4f3ees|Lh&+G|dGJ-#nZPT^r4 zpruBaF#n^@k3esw1vL^0@8B1I>za-CN!<))qhK{iQ}*9ISp-?F@*HeQKoRL)#TNCD zXVYrQ^xUF6a^<02j#j2TV%=U!EMl+($QS-&TBy_UraxC9kDDJ-?#s@7B5H0=&fBF~)KS%g#I?O@%A+z>Z@ddHbqvq^8!2b25 z-pUL3qH8;a=R&?IMf^0qo6G%7Dn>im1ci~(s&(}7>3`^*cai_50GC5W6>p~;B?;*h zf1JPhCbNkB-;;oG?p775*;(V;i@;5}@}+FL4Lw&K6|O9NvWL!3Bs)wl4}RCErN^~D zBm0W89^PIfV(G^)NCDFE(r5W_0VJO7U%kVLV&vyfI#7yyoo~?Wg7ejZzprSxfij0f ze1yvB^^;IK-mtQ8>x{i|wfwsu>~BBhj1{`Xe_)6g_sNsH4+(!<5<@b5{=7L*5WL@z zXTrW=b{kboYq>B)Si}p+!!`Et06{MPjz|IFQ@{M}2_48^zSh)!KC2CDs*-lBp1+vlDF=-BVr=!+~X z_iaqjO#qhAh~?IisWR*w256szvN21~wLO)4Qu_j)x9enql@d-NCO~|Ds%pRm+o6Tb zBtwC~q158Qo{c3^-z*i6RNLc9HWos+Td zM|pC0~n|$*vSAG9Sg*%`5SG8;YhG#GIZab#uso%8%NA zPBKPbE+xxDuE5>wy>la4Y**qp(`h{D?!??`D31soDYF41ETA_2$nQoXZF|WJr%UxBs{I?B<;5 zCFC;Hq|ui#x&KLuyv0Soh{8ah&EK3#SEbLU=fX)C9)?>*{^1(^hE9sMM)Yg^d_{35 zH67R9Dcef=o9j3q$UDs&qTX02j?-{m&FNXZ&~@AV;brAcGOGf6Q<$y5vMj7c9~-4c z_tBV0odyj9E}MrTPd**au2k3m+vi=03%fqY-`-RYBHHe!LYgXsH+#>|x>?@fBh%7$ zfAAEU${dGmhPr<)VLe4%V0wS@G(0s zVfS8HOZfzV-V#wO#4AfiCCev~>-(Dx747EB*T1dmLFOG}=yrUxmpxi}4c0W6xKuBd z%P4!C1Dc3cX4y#nfzclQ?G%vMm*U_372=K3)h7#_<7EaJ9gg+I#*%8kwsm5A58ezE)@dm1SEbh+CGY^r_ zvTQ- zo!i}7|rKPQH@s*TW zHm8kK!Y|bV9mR^}&kxh!$`Oe^k#;aUWyG;`K$~*6Xw7NX32}#oaav3Hq-b~gpi^Ms zglOv21$+1GA-^YJcj4$4^C=WYkY7wwp+(WIRZVm`QPDE)TAp(h{Y7-_RhA|SF~@ym z-I5NV@&%BL=h*QJGHk!Q7&(l9UNVb5@z60OS$-0;5s|c+5?s2!{m0p|<}X_v+&+kS z$b8Byd^#AYN(D0e(_6h?Z4y&x&-<+aSDAA8ikU;ts>#cUZi^@ExAhgfah~JHW`Ao* zR3{35W2RsJ$(6cfu)oc`3jb?Gm)z7Dly5Va{basZ%te?;$pB0F^|x`#c4f9c@;LR+ zt2rb6%9El#asWGHS~c|j&BbFIO2VW*c1%7_1(@-ua;S9?jn+Y@!kKgz(t^7+`H@86 z5Aeg_ljhPsj_WNE?>N&Xz~}lfa4bK)%+W#ujoR1~q~Y+5$X$-g+xxp8jeIl3K;CoW z#docSca-(G5%sHij5KN8X&hz?oO=~q8yFH+3#qA;v{O(*Y|Q;#90mW8yYjc5i>#Uc z$A91H2W9e26uR9CIl+wdh?~(gUVk@e&YuD5_*#F$ZsVVJnF#m9?TKJ$o~ue{^$ot6@#J8`+s^XwWX)U! zSjQp@U$PBQqA&{%_V7rMX-ndVq2)@p!<**~sGBH;GF&4r42s0%^jCA~IoJpq@cbiO zr_$mk%|@7x=)Vc^1NTwxM)C5$y!3aoyR*Tbsz#S(6j=QWKX1xa&yhwGTK2m`ff3@O zvfMO0tEVe#*l_&SNK=eoV&hNzKyy_+qNp<;V7GLs==tTy+5#Q_){U-9NMZo6R1--b zKLZd0m%T+b?Kn3UYHjdO9*qNshl2XIk4rC7)lR9#SKeGUHu4?*tPl0LBy2yI%5CcvZQs<0*K2v+hajsE0}ZK z`*Uf|Q}K@-Ho_b9zTcZy=J)vA2EJYIyD+VrkPNh5c|SzG-Z{N+$)W%E+=-w1X6~W= zD4)8#GLAsd5r}?87drDMIz4{yYm*ohkWGJklJPkB5cviYqj$kn%Xrb8*HEpoA1@9Y zd7CFdkXmYECl%m-d7=iQn#8&xIX82>$>!hlU9gi9|L%$WyKf^@mZXL2@42h@`q&Q- ztgJxD{--F8HZ7zTFVk?&oy+4uAFP1Wi(kt&UgHLM^RM-tYM7!K|H1tq4JdCDH;{);b;4s=)J z(9132={M?+_r-{*bLAGdj_!P8`Z*&q*lJU) zwDCtH0YC?soU73=mA+dW{#bWWok-w}%l^)nkO|b^_Y20URv{FEawZ(^;aAzKJ3y+v z{shV-X(D-?KyBtyN%p>&KdSv*l;5=%bG*I`cJheov|2A0=%nkBV}(W^MnbT9%r(0; zj0Q&7wsTQsZW*|iWO|C(@>(G~5#%vx5BwfxQz0NzNAK7$AQ7Kng@G{oF0)S|*_(MI zqh{y>T@CR*--~_M7W~0k$sO4P;pgi?Hy+w~$o(|6xvj}n%z76D1oe|O{a4dB0J=on zetqCrbnCSUVsUIOUI*Ry+j}d_r}D&I>sV9{dUx3JSvadrB2{A+aapFSy~_J9+)E9t z{463Jnz|)Lcj04(Fb8y1qdiBTzJ(Q0F6qPxgft$L;*}WdGzxf{L#Y)3Hveq zn@>T|Vkeq#iAcE-(*`$3;-p+n@ot>Bj8zMk`!;`y_kD(O_OstEoyor2vGg(a1kN+! zlug(Mc(gp0kKx63fQ(4xREdmer)e;_>*JMFTmUiN-cR=L+=6~gJ@@HbuSu?%9|SFh zDb*PetP<{=>ar|dN1H3JL<{N=953i4=G6OhMjObGVO44J1@q#d@2ou!lukF~Gco07 zAyn@NO->6a_AW?{m7C`UNe(pLFEDQ-aKgXXU1S)@`aq(_kvNjaq>gH0b$JM^%b)Kr zti}hbifd=n-(QVcdv{FVHabf}6&+{t$$?(x^ly$)VF{yIxSaYSlI}?_$Zw>g7mvq8 zX%PI(c~wrRw^J`moB**yIUaNz*-TZY5Drj05{e;GaoVKB27DcxA7nkDZb%PoI*1m*x7x^;Y>C4&AC>M9q#rXY3b$WOU}z?-AsK}5 zePX9yuz~0pf)>km?0y^b{t6sc;ji=E_F8|Bt*Xc_F{LkC8jMXOfpx5e!&kyX(Q^8W&*gu(=ye{(~BsHN6^CLAY1IdU%wFCBV{of!xTSU&+e@)T_C}C<-<)m(Np}icZ_GpEf^5M*_#KaRO6qkCZ~xE{3&L z;!g~ktMj7F5`_kbVGKg&)=tfU!tWd$N|O4F_`nX8eP}{fOy(owq1@WNB#Daeb$8@_ zh<(504(mRL?&zLK(Y!CQ6C&K9jX%3{TJg-0;k5i4U(#T`#{DLoEwHDnwonAjtDP)| z6OXUj)L`k3f?2B`T`dUJ)Qd5vP!V;uVt+Z--{`E%XCW~IMl~a?Wq!ed+U29!$YL^e zKkH6gjb~ChH$8L$$sFz4n-T|$+!SF~%~-FRIj&|xVP{Y2r<44{Qx+{Fd^gydzL7f- z=|MzJZ$Oq98ossm(BZeb;K!Ng`M&PVym@o0t_1%bTRvtaJ*|m zAY8>L6o&<0rkq`0O+(>&I4Nl;N82yyK_PlUpE~E~N!<9b+Yq+5>ZbwR2*S z&}dgr`KiA&5arL`cbS!&okuYJ0!eREqK2@PDG_p4Bdnl0jAGq7Ei^@`B6}@ajvBii zWbgg1F>s(!)sDM7E=ABWk&6-hpwfWOeK|2mp*OoQ&~k>;C5RT5hQ!7YES_}bMX5TV&5Ap?$bEBR0+zA_5_bT z;dZ2}=SgcX*xP?g5h2bKmi6VW^;K`JiS{nL6Mncw_3CsdP$04M5be(=ev#ZxH~ZJ; z?eZvqvi=M^XFNYHf{CcGLFPA^f$thP4hy0hRskh`i#sFh)cwT6$-x}Y`^;<5-j(^B zWpPo(2#^okc7p7q8M~?$^CC9=ToH;GB2DqFGxA35H~zPB zY^dfbIVkO%614b*J|c3uZxQmfB0~Ef7rsUk>i&D7`5u6p9#8m%_|VgvFkV$pjhdZs zpYz8P*e{*Nl}<_J=;9}mA|gp~nc8%2w&G;8 zXjHVy7*#r{)U79^R(ahy6^nF9{znNT7R*PJFh&O<@@2FX>petLr&9)J&E3E$5FaCf zB_*yy-y}_6xizXA|FWZAO3dHjnRlOOX)pEe@!%8b758*`xYWFQIRE(@qxMXzYtX@n zuyV45i*7X3JbppC{Mz@|ogyg1SOfC6H&+pCQO48b)sswp3Rl`QaoV>ok8bsP^iu#c zK+L~4wj^<Sg|cFGVvx!f#Vy8Xw;{FWEi|$6wDE(*rIlDY`V(=HwvhJwJ4aW*J0* z=vO>LK@za$h?1Tdwg9qrg{IA8>BDvfa3$?v0ZdBAp!4Q96pRlq-4+Vlgvl zNV6J$fZgpR!9sX3?iH2)W0gSLT1QeZ(bD}-*q}-%$QjkZBlXZ=8q|vaTLQtwEf1R> z!KgTu8K=k0TNIJDj*I41-ss&luy{rhvZ0=>AdXBp^ZC&+N?LO(V=|NGzOZ10F(b4M zleE1T#ZeUNVFJmYhl-BtLZBoz2MD8q%3H-|b(uR5fWTNTe`LTGKp{Quq*Gf zy_DMO<(<`hmtR^6VT|rtzv$(t-f-XRlv$imVf_^KFcD)HqiO?rT$CBjO7GQg`rEUsZ4k~3tA(L=(^hMLEd(_Csv6?ZDoLf@#h38%S@)jYUA#&q#%|%4V}a2`@)9xjHz=g>Z!jt(zJ zK@xv8!Fd3k?PEdbBQm!i9Ya&qTrXG@X#SQ}n%mf1>Mnv`6YNibBY5g5M^kFB3_O2jZ-@mk#(zIyWApK@^Z*-@x zi>-6gH=cKf-cBnI$Ha$(-}4*2z-KR&J4d#F&Ne$~(c1F8)e-AQ*Do;h=Dp&&JzO7N z&B1T1xEuSB8$DtdpbNHixgR>P2B9eZwI7|hQ|km{+Fa&C%?U8S{LpK7R3yj>KlUz^ zX-if1JwyU)B+_kk`jdcv_hDo=Og7f^aPj)AB%gsL&Dca$laDSwtV7kV0zF2JGZZ7} z*kGSwGE*JH6Y~$#q*!6CkIlw)okbZF7nMdQdnBacp)L!*0|4lJ_nn{KQFsBc8~t&m zzN9mLOvU_#*6~J!7Au)-jckk@C_}B4oT362`>+Uny9|UP&!<9ZP;9BaI+xC-Jd89= z8WVv=#wBHn6e=f%7}QxEaIA?OMJ{=SMs^$OWXe)+PxlFINr-Zh;1brEcM;?euK`#q zq^TPA`nMhSt1NWH-~*!XDhJkQj3>gQyam`|7Q>lgX-@|-q~>w0BzKsC_&~lQg@1z2 zN2q|Q3ZVJfwOe=Y;yjM-_mlG5@^aH`iQ?LWj{&I6sW7hirN58v{@CdZ6@z}X4oeB8 z@#U|#ZhQy;^dq;4E}VXtP;~A$m4%9ORi=?Rx2Ntiv>AW&%pjFdU_LkTQX&OLHpS@5 zz9Fa2p)K$MLm`re#40n{9he;)tg~7^WP}L>*&I9-AdaDQ4!rm;0r1k5SX=Vt&+>(i z(4PcQ?SBh!z1jF)%ATW)=I3WUVD_->+imSk*`~D=2BMh3u@DLclZr!F&wY-qKtz`E zn>y4eQW{{=A%8}mwRh;&YR`Yd{Iv9IU+Pp*1U{KkQ;x1Fm%eq(IsR6p&9wMtKW`Er zMB$N6r@;$>=w7gi65|@&-QUw+B)!9!N>h3Rl*dDMT>;M>**-qxgO@E0N!HEd*^DME zH&zwIn96A;p|MyQFaslXM4HQgHn>^U>HD2NygXbJ$D_KabIcDbetn2{U`9|pqu}nW zT8b@|YmCGcCVpWeCfKbWhy7Rql0k<$$H&$E_-*ycXu7mlJ!3&XdSm#p#ZpA_*0*3V z0smO!0D3`8nDdWRemI+TR(J>ZPYbO{!q^g7XTPv2v>@aDUb!afAP4p@>H#iL zeF_hIud)4Vvk#`^s5<5a(o7hSclHbSBc*pd19ZMaVo_(A48fj&@dXyzl{ZN<)U+lU z3V<+RzG_gVT~1Ym8s$lGe4K;Dx08GW(QE!MVY=Ch9j8Z=~MMPVOxraPy3Lbi|k9cL4fJz#s9_L zfAl`9h5G{7IFa%l?i?M_+aQBQ$8>C(XLJJwY`XdMS^VE~?mag}NfarAC|lZlzpss9 zmFM}D)%f6~0?BT4@8uHkOCSo{`{sW>H`GxWv!pq(f9x`IChP5V>16KkNkf;Nq*ntI zt85`%bx7Hrd-gM(iH{0Jy-MEIc64F;xhFcLn9MA1v1?G#?sSM4=nd)W+vhc5p;@2u za;pbo=$Shm-I8ql0eg4J*JrifYYFj5J-p9w>{NG;#pcBa5CDmWcy;aELLuCyV6+fJ z+CSiklCHQGuKhy$6W^`J^Uk&$+dn{fP(64uxVVBkD2C5!E>HA2Pq=%1HPNkiw7&Zd zqEJaoIjXJPQP`Ou+u#oxc2PafdnL+|Xj2vcxx3(T2B5a*`h7!~rba8|c?-tr)!smg z#$=1Odr#lDToy+tF+TatPi}*inBLyChhhHeJrcb;FoJR-4(oxTg14ad6P2qqb?!eK zK^e$i9Wd)w^nQW6lQ-k3efi8Z69Rxx?Ct=1X^Glpm^!Z)mC5CI^8;NT+kIdv#Jew9 znFgc!5K}+5=>Tw=g;X6ibx><6ZSjUi+#DX?mrHTyvwpd1E^u0_0uiu_z(mI$$kv{> zpC&m&QQ{0S>5NT2&7SV1aL}7ux0iRuAU9kXXmLMnDh3u<4MP6DmT#uL2Z3XPckjHc z*SdsOArZ+K+#iZ}v%(tx969uYAwO)MTL1c*FpgYY)%$IPy6kj-Cvsq@HU21sB9l`T zjYzjGGp<@5I-{$a?<+xl$a*cqd#awFB(?RF2~-x#_P%hOh>tPK2#-m20mZWbzyvf* z$VL!$gUTAqud06ThfFd^HAsZBDwxw^h<$5>E!AT6ShUukaFbOMM5#OrB@UH`s+!7$ z#FRu*9r(b3hy-=x@R)~g*!hRhEC_3CGTWAuhDWS=Z-o_!4NhtY?TIFA0-XFWckfRx65obiU* zF^=^jZT3^^W!Ljfbi7wscY&HL(KDc5*sblui)ZBP2>2q}<|?MX`u3 zwn`(tSLZb%v*l(dH_2VL&6ljFQKJXg0`B8eRNr-@*rqQV#{G2*^p|wUe6fFzuzht8 zTV?O{N%hy`jtR!AgFh9opUU3&G32+`$bUbDH@pQh{3+$b8;*@)Dyb_!d}?U>0iz{5 zeBOC5k$$To@rewnJoF!Qh%3zh5v&!Md6^y`9A%Sd_ETI;`RcvF`q`o?r7OFSh9S#( zeyG*M<9{AzGXCfvSh-%iYF@2r2=CsK3%;@scY2(U8K3oU9z`R4mK^~UXo z_ZSkjPgOUKzaK56x=>NqLfWT{@L&|>+BscE)q7@`g+!o%^HTLz_;%&blXPce(^6P3*pZ(VZ;#oz0U` z?Vscw@vnEhrS9Z7+~d3t(DBx*Ps~q5rN@K(0oDv*3|#HB1r_jLP)pO+?L7^QOCbVn zXUsrleFMs~o}bBHeAfPU?sgB z&~~&)jRgqQR=cUQ+d81Z<5*~~M~0``z`r=V?|+F@I>%+7QD z(YeY6NVvuj7en0^RiPHomd%@+RFJxzVojRFg?VRgU!Tyv=I5;ZokskiMnHzF2D^c` z(bPt3o#T;aM5|ICwO{tQ6K{#R-?r2$Q-96Ax6|WCWTr;=vjHQ8)TwxGGELg}D27cx z=}wVT;-#j`BJ^+CyGO_9$7k_?ZH56vnyH6~*~3KRYCe3WkAGKQ&2u1Q@lN*Nx*wsr zh(X@x6%u6wrlj9*`FZ7-B4SQe@slkP)4(HxUelgt+olxMe-9RTdsyWyhQ; z*6sMG$=GJagbU_~W;+zjt12DY(J^l{h^%3lNshnnO4wF%S(p#K$x(;dr*452z?VpzPI zleAzUt7mvJLUJ-4Q+6+{eRhRFv@ahiSov4~%P- z!nTAWC~j=b7=0Y3S$mv=?dkLFD)&MMqV=qHQpgX+GT7cSLyhUF6*H8$_n& zk$?SGVjYbO&-K;zZzfq@q=jhE1Ag=ITz=5RycOm;Ajiy$#v_)-Knt&MCgmHb?;GUX z=$VrkB3qhIAV4<)1ajmflNfSQw~K)2FbAQMOF7mS$R zqlNOUN*!X3FG<*~UdA=-Uc?)J1nnZKwAHsHB}Mz}<%W>Te+ z^z3Pgd_t`-P;G0-Lf#$BNi81l2M|A>hBsDa`DuCuO|w1C{of)*lw4wJ`%)Ur-b$Ki zj=xW2@0!M*c&_7svye}Y>NIMp*r ze7$iT#)`f4s_Vb!IsJ|flVKZH`OuP`j{g04(A6Tsk}gbWQhZ+{j-fRa)>wvYXf|7*zZ11H@0&YI_Q1if^BX9li?s zc!|k?tfS>yl6P9k=esaE4w>sn{fD#D!WTy++1qY6yM61^?=?L4TZ)4Dks=YX)2m$W zgZFv}WutPVr~HQPvC@ndLUQ`N1KYNLB2Qyc8o%y@iV3oG!!o8+@fRN8jDv6a;K6lb7T?rN7N5O|s6OcvlW5bKb|M--ZN`yYPwBI)IL@CBMrtWl~T1nOpb! zor&+lzgR9%N{%-C+rQb*Z8HYjB*yGf0#O*5ipX_-sA4BFJ2Zv3=HW^MW5X9A=-qF> zSDnIO{vQeAaQVfAopHL)^nMIyoi*f_a z58gI@cX%Yphic%b6MTv9AmQh&KV*CncJ0>6FSmMYPLs@0b$K9B;S@#=aVcT5X~Q=E zzLK1k-Br2^(U^FryQmrPKh0KPK=0Xc-|+0G;cRzz`mZFV3XY;5vcNEM8i=^mx{T-h zR1d@Ewxqg{`}TrYwpMu0p?C!G+9=+qgZOJ#Kp=02f`y-1qDc7|2(C}s?r1-+TV<%l zW<4X_;ach5&Zr)~>91ahLF#8h>D#Oaq^^%6xpJB)8ZCOas;w((=)LO%&~nBm0pbLv z_htQiN^bKV*F1@S_HTV@&kKw6o#X|5OZW`AXI_5F_qTD~`z~APUheGUzBZ36-~&gd08LfLK@2?)2ITx z?5@~^pHnu@g#=ZMO!F=v|0+}K^w94FFX&xb|K)5zAD#~->40R)j@HqH@aZO$+ipuJ z1<<@|VnY&xKp?ec296w>Hmu{1kchzmZ;6h6OxuK30yt>TWn1%}&vzvd`h@@Z)UYG0 z+YJ34+!2uv%yrDSm$TgEo1eb*ck7^UTK*Vvtn2NvsP`wHLx#z7Q4ydxjF?Wr-cg|% zPeOpQLqjt8=Tt3LLPcKENM*asYOP@t4=55My^`-k$WvKxe9hi4#1m5wC5W5*xO@uJ z(>@J<+wGQ7zuWodt#oTQs_IzJB!1+aZqb@m%yghPihU&13cFB<>ms}f$aa^8EKo?L ze)>wrd@?k>H>4&|^6ia^My@yX2a-Ef)YQ?1mB%-TZIAMX<`ZI*+XJdK>V$gr3GTv_ z){JNs`71|~ZHMvPzQ+-bJMtCp*?qkgMJ%m)l-^&)59oQpjhdHkkA9f@l&vk}4OOx8Rej!4+78{A3F2uokI2>3jKt|>2}xt}mD$R# z6{lUjW8fzQ!k205?42omkVA`vs=w|T0u?Y50?-$4QXV<0{o8yV@9&BUaq}c1oQNyq zjpV<^Sb-eduS40fTZqrNfMd2F?-IV8h+9gxfqi!Gd4EYcGa^v1(b2Z@rl*8PUMAAK z8bm_`}c@{^iSDTD~+2yHm9YW1K+d0#$D; z^6bcfgrW#{!U-BHOrPr@5F<4EJUc!5`U>DQStsfC9^$1{Y5 z*Bh(x<-mPsKb?FHeHb-oj(y51EJISRU9m=0#{8b9e{Wvz(8Dwbt<={_Qj>wzbeAu; zdma)N%2gGDV&9jexa0m#UX_tG12+BUa-@H^IMs)3Ft0hFs^zj^Pg_HKH zcEfx4H|7rRLFo7fEhf7DfBrxH9|;C4NsPe%gW`zdKPU?Rha)D!@uikDvQCtf218P zHQ|*I%exST<{1^Ati>9ZT~WOeK2Hg2!ZWlj8Q(nuCTj3v@;-c&9UUa(XG+d@r?=4U zN(bc(uO(OUccIEPl+JTDSWF3j56iSAeZX9Q&!P}Z?p&j5^(C+OLY;ZNQ@V_}y>;bf z2cjTlB>b}!tagL9mLy}kl+$J_<93_V_HVDP796(7?T*O(ED_tC$B0|!xLXaVb@4y{ zZK>MTZr!u}+|qod6e{LEATnKAr* zgP&zYV@X^u@b~S1yRZC=VTt-TtiyZD8sYa;6DEmnTM>J_-su0U4PZV0`!nHZ>wmV% znh^YAlCM`Ta);T14YoOzMaP<-pDsDECe?f_m&VN`1w8Nfzd0R~@LQ7z=Vye!v%x>j zQ(mpVHhnFbN}tXkj2Y=~Iq}+Z>A&5BpkY1#wYB*d5B#30JeH9*ydG@Uo!ZUc|6cA# zfbn|&!U_#A=8s?V-~WuEHY2dDRF(bj`69n$|63VsEa=1j|J8cuIE-60*x+x@j0}GX z5#FCs(*Cta3>Xi_L=wX~z5OjC_Wu?$|E;btcDx_>{l$#X`@DTs z!JgN6`4vkIc32H|T8ekr(s*96YyDtO(Rj2{4xB6~9lEr%H zi**Wt1$oyxWyXGVlO@%RC4s-T$fb|{jD6T<3YPr8^IO%28uGd2J^m`LK8*0!lL)q4 zr3YA-|K4xRU45U0%Kys$d-Z|d(2~ZV{rj)_ByA~mEd5C}+FS|UN%QZT)-R-QdJ#Kx zCnD!Hy>&>$)z`JM%>HXT!G1hGw+!}c64C85c+0SFuQpvFS#(Z&Q|wa_{q6}3dP4fG zeE5%qw$GRBJ>HVn>4YsMr{8w_f4iTY5jGAnVJ+nUbwAk7|NVaQ|I_>ZDy(uu6oj5P6K%1*8?+RKHUsyDe1fp(u9S zk&f&OPGE~(n_zZptIp%<)Bn03jAJrfo)8=U+x@!#{eHLqr}r~YSay;B!wz2!VNGwJ zT=PE}K|xI2w+pYF_f7WOzw7=x#$Mn5ckF&={Z$UVaZie6Z}A_CB#K~#a*U!VCx>4> zex{pBIO8`rRpNA`07Z<=m>GQIq1T8m*=#KX3I#v=V^*?1er> zbbcT{Gf4-n5i*Oq4ac)7UU9NEk>Yxe3PZ~X4veturNsT9?Ig+P8NjnLq(tpCc+Ip+v@{OH`& z#+mk!!n)(;a=#xHS$kT3`h=)cwPk-IO7{WoSt+yJC`4pdZB=EiwSe6k@LrbP#B8cY5TzTRNP6&=yE3mv_4=U`CvHgjGY)5f(fK{(e{+! z8f|?T-(}j6sf;Mxelm^vp4fFYZ(`LcOAfOMqvpEDOZ$#IQ)&354|!6@UrgT&qOnfy zn6bgxBQ~6OOulm4p-$%$KTX}f2!N&=d3uTy%zEz1$_v>*=!O;Q!NG-UA1sm_|o z!~CU{b)RpLMY!1gwsuD^pmqqlDh=^9goV_iH%zfQXAaQA5;kmCUP&pdRjA=)wMqf@ zlN2+hs+{$QNE52{p@hUD_x7F^Ih*EWkPvMpyjkr*GF3@Zjpxw4Eh>r-VXV=*HFPLu zfI%|k+_iiXH}S1JZLaNtnc>$ih~s-U6J#%QMe4=QEo|KJ#=_>YQC8J?l}lH;)d!(&>5{}DAqG4B7L>1^Sz z03P_a?nXeh`zrnK>u%=9wK_-MWzc{2e?}p;?>=-@(@f>ewQL7K&l2G9R^rj_8<%(i z)bE(__f`U}7FZkS+Z+3??iC{vX9E(xJy!6Pi1d|+)i5|sH_9G;Uqk(#v;Eun*l%wd z+S3p6oc`X!^?W~`yZG)umPcZ#;6Mk2M_N77#1dI{>oM57v89hmNl1|Nm?L|JVHgulfI}Yr>?bB%>+ZYa%w=1bDaCnh=#WF^m85KCx>`6y@E z&ygE{=65`GFW`DL7}b=R@I{YVi0;x1pD*cWVGR@ZX?=#bPxR!z^&@C@0Mcgsf>dw3 ztFVq&-?u~ijMY8(@ykO7d=H;v`$08))Ep(oNt8eZF>EwQ66pXJf*TMxi0QTTHS!IC zzs+zYuzCTAUgwk3gLxD+@1~#@!Tp6%__I)-^>vNiFOW6-2D%95etVu}BJI~&;G2QU zrJHpu``q(;CvXB#{V{(qV1Ya{DrIw?NRM2nb(6;jB$DO(F<@u%kp>mocpkvi!KYDl zJXOHVwiwsuegg)0EdcV#4GU_NBpx+8aa69#u;M%B>9gk6k@H1S%@cuAuPI8@>vb<# ziiBDR2C4AgZeUqymI;&wB!DVEol-kWmcD zE5SVz3*`79-9eyBY;Z#|2177uhB095uyWS7KM&OS03C?Eg}`AGQSTAVjXoZ$MbPSm%;l=_(~=6VKQy zmOD3CJ|{`Cf}|MK(v)up*_`fNSPWZs0tD94PES`OYg2)B>k<8(lxUZ0-<~gw`dVho zZEpW$JETIcK!EYhK2BzNV+aQh*mMB5&nB9?l2C53Zop}f<3Xda55e2N-fXn=*&P7hdOl2owi2#fmm+Z^ArOEme4z>Em@0Nt zZ-!-LAN0;+9c%|iXiwmYwZ)jSi%#4?em===j*1GeOPJf6zTei0hV>O@VhM~Z#_2*E zB=Y_cVc89C*MKg)o7hBOOseu#C&hPIUi0%k(D9L0RlQt&Xg2U+6@$&KHA*x(Ix7Zo zqp%+;ss|Xia>^wXD4%{%?ZFmwL#A zI0G2oP6B_wUHLCWvjn0h{orig%g_GxI$<}Du-8Rgh8Xo`DE4ipTZGl1Gu)A*IHBSu zzRpJfy5=cSu-^U6-8c%ds$Qi4Bf~ad{N%M8Y^3Z`@P>V;3%Ljki8w(HMuY0AJ?OFCD>0K)_Efs zP4)k}pUfG?sG&pBP-`xOeH6gu3$^eP%nX@J}5z=tz;DM1KjA~;; z#FIN2$bvsX6r+qTwwd%u_#$QYJn$hdDPsTM@Cz#KGI!rH>=)r-S5V2*<9tVv_G~fi zfa!M%FEB>aZawA`|M0W+T%0w8G3aTqfA@ki4p>DMMkB-8@I=B!3z&j-jOfLLvJq-&}-a`lB33ZO`OtoEEj9!M@nRjUxQ#V9%3ZQ3xFXy*m)UfYw?t z44S7qAb^3~1H|tyL5bU=Tj({jlJ*TT5Q5Ln#Ae zL8FAP2){R`gwik}12({rZ5Nm>Fo7)EzVP2U{O%dV#slYbyY!RCk76wx%7CIeuZU^y z@Gf+oE-X-eys`|`p5WcEh2MrPBQe<2LLf*T(Eqv*}rI@{4dO) z0CMq+`nVdbR+#@5`?v1$y_je1O5=7ArVQ{HM+xQG+u!#__q?Q+6zQ03zK8kv z1;;QzzCqWX-O}mFyG|Whx5OM&sFm;!x=k?WM(qW24&ZOM7I)3o23TGzk-j^2%Rwq8 z7cJX-lx^9%zGK*Dxu`KH(2UX3!6<{vZX-Ke;p&|e)NH^dQ9-N z>3byj=c#7;?jyA&USj}b5PAaYXdXqzQ~2}lfsS6JFIG8>8>_yy*nA-WLT-sz#%EHE z_$(rftN425U{Tjzy1T4-B1P?F9^@@RT;jp>ufDV8HAW;1vlph~00u5CyDKkQMx6ma ziO#I$y>RR(_WR_IUpWcpIFOtlxr3j)28hm;J?zt9gKr|*dVU6kbqzcyw_i3U`SuGd5%MVRg(FC^`-bT zuR1-iFfhKyYX9Y|0Q(G*zEBgekKwI3a$xby9_d`%1v0H%jgrEkmced(ubeFucrPdy zW41;?dg(G%2+8$OvKM||KnSiwh4Hz?g4;J?v8!3S?}ZcJ+l7l+CQ#H3^rE6{8^^OH z@^)tllRG3#o5B#SG9MtX=~$&a)rC`d?jbY z8J#u%NoO?b3lu-<*Y{a&k+Gg6SULrR<@3iheu->RVVw=VHMyCHN+R8Y!aJWS>>0+kt10MZU&2 zh^S~;G8~G(Sr;{}#GO?kf5oT!)$tlySs4p&6$8Pr9MH^?MEKp?9V&->Q1yq8k?K{M@r%0==NiV3C5jB)x{DO?)AD+Dt9HGcBhCanJ zLRy?6D|hKp&Xh8nXXeOG%QIQL;rplqs1ZvI+B0Rn`J;%oX1IR7fhctb$(G|W0krpj z3iPKfM_HfRAqZI{#u-It0tpbDH{LFlp>pnou&gC1PpX7REIa(@qvBaCe1_knoF9qD zy#kcwwJ1lWVBI`4jt7J2#GkyEz)i6XW$T;kW+_oWx-_aLOyDOpqMu$LrlC7=eDWr5 zb0a`5{pAjw?($4?yFr9d4fPNsYUTLT0N{J#HG3*`jFL-Xe@Y(t+$xfsD(pHX1mc)6 z3-RyG2PR%u@p(t5?O@1P1_6xJAkIObRRLiFOn)*i$%h8)-bnQj*Cqf z@g~Sos1r-`rf$4B$Ei!|9fZ9}!Dq7+hojS}*e;i+uA(XUzS6hbK);64uC7@}S>4!K z{XBh?Q+Se}k6Er&UxPZ8&?XjH?}7a^dk^f}L_igpffZ~bzKREoKyhPGLw-^%{==E1 z{gU6RwbN<~T}h1f_S)>rWhP4Kq&v0E68j!R2BpRKQPfpv_ZEE$N)`>A(8x_*qq@dhr!>w;&} z$YpPR^&pn~Uf6~ZkmTpF(-n@hlTDPhsd^u2V=8j+Ftku0C{?7XsSL`+a%>C~tIIjm zt@WK-3X!ZobZrBRu3gV4asaUDAytXIN98O(bskIoP=w;h)U%rCiW3FK z$@Acgh-8I{dn9w1pe8X($(=h2m=}3YE)~x#VJN<@wsd%uiYIBi3oXH?#r@6Y)mP>5 z1}(XBeB&GQ(Zp~tYDp*h@iKLgz(mhQEg=$V9{q@@;Z|toY)=j9HD@MMmxdl)mZEU7 zB2FSY}I2c%w@I&06111hFhwBul77;FH^QOjLgil5sSiBiwkgHl9K)`KQ=H zjXgs~&dEWo-DYLfFQ9QF@E(vf>ypOPtIdg8uPapLR+sz|RkFxYWV#zNa;>S0sE*^> zw1sNW=K?MDx&kiu?_>z5eP9J`92CYDmqvXfLCS#0dG_^hO$GnNRlE7aOAJ9t>)Lz&5P>kZ!ZilxX-msgWz!*wLm`Fk5HR=i z^Scbh;k1yLY?+DJpk&YujozdH=|75*^-KyT{?aJhH_6;6P=__pWBcnAz`li6jgq)) z35pB33oVI)tUiPuqCQQcG5sBg#Ceto!A`1wlf18TgE|+xw^a<@w80D6HXOJ)ZMLKDNEJj0j2h?P>e$Yxf7QrTJt79;E_E)Egv8qNV!j$V zkqm)XpQ2%X-u`$7IL2P66@*11;hk1$^TbCoP>`p(BoVmv<}!+fQqW+2_pX+|hbOE%l`A6f~Zwx>*%N6G+=uKK?PO(SNoq&R;QaCS}cTmf!>vo-^DD#b~6 zdot#Ur?7wz2mi_J1>FoLdg2({q3jz|z2!A&Dl0%blfacu!Bd|N%BmcFDsLch;m>A@qr@6zTN#QD`o4mF3}emxi?zsBrHbFwvOCZAvq=*3 ztL%dV){>X}(it4I_+JYa2Sw4cs+p={y!qaqErQ!&mC*x+=IF4vBiG45@}o^?%Mxmg zXd#0ml3(uHKwOYYY7KUw4%HtGaUsJ_cUnK&(=?|C3X7aEZrm0eLO`DVDql&XGUS(J z0fqHP0@Ma`P+m3yrSj!gLXIA5I-{V@`CjivyN{2xIZ@Q_a|PQCEPq~jC!wrAz0o)v zSbu-RJ`u(sh13{M;1jnl?BG=Kv=lT##XWyF5Z@2vZX3}QD22>$jl+M)s@2-!ci?=| z>oRiO?{S2@1D>q-W}MA&!Vu2Fw8y0lx$^r{HsO9w=a{_$*>loHh5{1662|5*augEh z(Z=g4e^55hv+*M(hy05_d%U83S@1+#ISFQB{ZdygJ*G)zDwQoB$h-oQ9_v0;oh!OS zY*&)8BsCOA0r}A|W?lHiwT6&@hOl3txLzlhXlY}-#*11A`gbz5TI+CXlHydu7N&yj|MGTo`iMEKD=R4qcHNt7ps9} z^kykoYsE{`vseL}*H@jODLbF^)y5B9mf`Q$l_3Z1$sj`{DeiYRp##n^BDb6rLqDA! zIwr(zlrKz`AIaxuindRv=a=t9*T-Iz5Hki#9Ree|bS6fx&SzLjO=h=m^~O+Yy*a^l zn0j{q0O~lU1156U7^-QA8-7V-G$B=pOBOgK;qteh4R3Wl!3A)DHeT~%T0l5H)k%7SYj<`{2Xv+p~Zthl? zVlciTA0$pn!7%q1PymbIuQ!bFMe%D*Ygs61B??W;T8SPqKFkO`}XZRgw~0mU)VgWeyDM(-=#SfO-@~?HY&FcVl?djfb}e z^-+L7760ZBn|#U;Uiv1w4#ZBc_LKa+)jdwWG>L@h-MJ2I9QJpjIyLd8Zw$e zVk4nT-rkM)zP~W1xQQRg^I(?j^$_v$3tQ-s$>&p-l4zcHmkd!FIu;2Vr@PQRrt_HdkoVp5>L$B&#DG7Dr zrN~>K11UG;ywwyKxrG0rD6yEZUm=>09FO2k@M?c3=_=0P(d zqH+{hb7U4uX&4SMma8%;s$wlr9`+6a)K%8P`uMB#CbIEK7N?z+99>#wOz6d_^ZlB9 z$PMVkx#xSIZVL1_tU|Q>-`F#!rz03^_o#{-sqCO@TC~B<26}BzsRg>}Q~}zmX7KSs zJ?c05<`?og@dVN>Y?-&6QBkdnw3MHxYmsfi_vCA~xW@d4wEFz{x7h?M8xOCtpCJHS zhe}9;(X-6heDvW&yD9Ua{<5FQUJajJ2j^m9OCrW|KR_5J@VZPS&t{s~<+sOloJ3^_ zf&FES1?Cw%pVuQ`XWf{9VCr_g||fD6h8Kzz@6&u)T_=vA_lnEQ*yt~_lDgw z3~gsf!dS0fRkC>u8)(DJv8=qlAA(14H=XkOfMMs@{}9NhOeek!#I(@*3i z6mt1oYHghoTJs^->Qs;Yeph>-$G45q8md7ev*@y;3gxO;o#MB4E_9N$R46n;LSET1 z)@M2Lad;@}+z6K6h_IBy-yQmTs)0{JxAT7RGw&tuhFQFK(yjH}Jpua*7H<~F*iD%wk<111t6mTUmqysM zg~Ri#UEm%f@4nG;aec_KXo-HD+cVQ(ZYOSoff@V`WsvTVD*f>xibT`uTE!@mDg``w zWbqln1@!!IIPxq7F0&Zx_U^FjBx*180Fo)sHGj~6m&){-7i|2DMFlh|zb(J!tx*by z^!8=2OQzDlU~q@|5D#?Y&VPPe0UikSeBxPtgrUH45wem_T{uvjv%+ugfDXc0NOy~1 zGek96KWd>5+{M~R4G<#-zM@1OIX67p(Ak9jujnG|CqY${p)488(9j$TJEQtrS5U0T z>Yk4$kJ6k^=#`TsPBeqW3)N3oKBSF#pfAAEk^=oW8EeCx=m3~s*^*Vct%ce5Iv9A5 z(FmQ@FVq}RAAW_}anAlQ3MIk>%jfEE4L#fr>KnE2=qA(jCRJsq@Jy9dVV477EHI5E z@=$)D2S{ytBG8;YcZ|&4sC7mY*MR~b7@ZgHHhaA^k~Gak@m;iAhG>v$$VKHX-FRZ@ zNq(sdvgH6$Bwhk0=+p%Lhu8ANuT3e|RYUQX@!Z;40niz52SAI3eav~V3ye_&QzXC|q^L^E zB#GeLgtt?OVoC?`tnud5jX&n_sJ=e)jAdk3okcy`>~C&&4iFS=^SqKaE!xo0b)(EA zKXHuYwGy&O6`R;^U4R252FV{=W`EddTUt-a@QJxg)0w}Kr#oRCr1H1VZYVwG1CdVL zvae~W(%mzi`4qI1Cd<+|x*7x%5_fUxUN-38oadQAmHBz84{uZxA#R|QzTs;@S4PTm zDX)^(m?kKT4^BOu`G9iuBXg>Lts$A@Ncl-_`=D`T>7rgj8IXlQ057~VBa?(N1X!d) zy6Ry|c%6v3JY@I>|Gv?QMGd-?Tqe8b+&rf!_)&GyZJNZg8690x&Bp_mMeaUw<*Ild z;H2kOzb61UK*+z|zD@S$}Qs2E@e2GX_sv=bSN!Q!COb?N47UbwmjHfmfk}qLhpFZ7oF%rvCT$KzhZ*zN(#_FKjZ9<o%~rv)%dFmN2$!3opJ zqEHkpZjxbMkIauiiv57kHvL6`v?oPiG_L(fJze1Zr@-P!`r)@E=30Sxm_f(uqXFYv zVAMGqcp~^&?(NB3yAq*|T&@kxQ-Ld@H;0T8Hv0$geH2on_{fRvIUs^c@0Z5vucyc3BAz+=YIG z45wh)CPIJwA`HIGA{ez_B>QRw#PYSa_OLHhDe(`=n~VkGl)=)jp$d00I5w@ zG>hC3|3C>{lJgKVSVx|5AqU0`DIJGNI~%g|8RGeY41In(`%jPh5Tqfw#Xp>dST=q$ zbZA#*bKRIYGbmke-(I$L#jl^*xU*%AQeM#K)OLc1p}FrJuRWoVdpzcMtO(bsk{wd0 zuIEHy0AvWWjaWmDv*)ZPEMpX}bt{a1D(=QpTRU+!Rs>!)@h@c5p%-uPS|=Xdf6Wa; z66vd9mlPhY@s9O*=s6&rCmn=p;;~cjK8kh|xs91Y3GW7}`sA!Q+rd||I;M`8%NL1^ z!>a>)Om_f&^7o$}E}$CZ z#KX6TwbarK@6u5ZEHFk{PrhosfQGYUZVQVqx`R%`wH64vMIIe^jI8Vx4f?+|p)zS@ z@*AMf8X{OpR9Xh2&V<tmIxmouCZrXub`2LiScwX}hUy$zh zOB_4MtUMu22b5OmYSF@7i_ndX13d4?8=YIh%|5~j0&A@|#BHGjXNlM+Mfl9mJJ#{% zK+QnbrBPKwX2aa7up2NWbsTf&e1-3&<|~x`5%9C2sHyypp?PIUyr$nyC^E-a{RsNM zwXJ6aI@XF(O(JNF*9a+F-_~usZOx}e#DgcY4;s@s&Kz5w1r^hvi`S1!*}R)0-%R|M zKXy;J#>)a?mg*W%;LYvIrp4}@0g5MMD=bu03r(1N3 z2}vvMVfSdSvLIeGVd{-#f0xdr0+27whOyDd7k}Js6m~e7be?SGsNEXQqy4s`}J-R$>WapY&w?Aq?}CxVR( zr`@Xc2gSNf$@!4mk8gS95Luto`1z>MvC3xsE}*Yk5CQcggAJzri*^YQ6spmftw;;7vRl>XSI~QPM(JF}`h&2Q8bTtnO^Z^GdvG7)ba&g7Jc!W^p@)8R zKx#C1K)=T_qN()6_eJoE$$#9=Yptj&;U_Yfp5)AvjWZhBKrP~+{KJ5Zzuslxyfon$ z-IjL0SI+yLL;uB}>E~f6Zw|%sdKtEJk!Un+B4T~EjKmSW;DI!APKeof1VkjkuQji+ zM$J$XW8J+%NnCpEVU0t-DGL<)8Ah+~C)x3g)P*RuEo@WL-!w-XE&o6Q2GMmQuQ#-B`d!=}X~Q}9 zMUE1Q0&DX5q1OTm{El@xR1U|ON@C~(PgG_h^@hvX|9R=2&5qA+w%g&Fo7Y_S_6zLC zzIWq6e;1o2r}l8YQgOC;(N>ov-S>lcJKcs9`easOd`oZlf33wT$8qZrbaTVuTB8}e z8>e|;JfnAn-#TXi1qw!C?jc;Msc%J%TH{+HYu-?f8qTE5S!!w=SgrqEHNThCCJI`F4!DV#2;IgfG5|^&xV2)eN_`!9}s-ZQnv#c%H12-po;}R8s1Fg z9u)-cTAdTp&q=mdL#qs%P{JP^6t9=#S(S9HD)Tpn+To@y)Ve;*R?QFCOd@ z{cA4-^^zK9zV8AkxLAN<15M082A23`Z*zHvuw6h~kVLZ>iI@OP@P*!9^t4JLCPWfR z?Dk*RAK?c;nJSFZI-{P&9R3UueTuI5D5yO}L4jSXrWw8E=iT{U>)dO^tToz2!DCV& z9C~slN4W)IAJ#+F3v{$C8OV}$Xk&BTJ8>g;Z-=>-QWy4pB=!+RX2?nl0e|wbVVhy0 zu`7jY2|%3V6y+?m{?F@`6ElTT7lC9dG*aOkC6F+LwX&wt>)vYIaL`Y?JoM<-J|_b5 zp^zs)shJc-K=y($sNl!5A?pOj%X`jV8d4JgM!D^~r^-N3fFC0coo_#t@$CEtba9xt1sjw(xiF?{#log}EoZu5xU5{hC)IoeKqU&> zOrX}I4+jN-6~=<6s2f@vBWxQ93iJRX z%Rp=@#JsGE{J^5Z<;96HE*8ppC3k}3;9~KlQ4ROCtAF-|eTIU#{ zwTkO7uhZFvIVGll1AVZc_^Y4PvBhhHF+8<~nZ691f_gS~ZQ4rJXII(+@M`0S|7ZUN zomtGI@`U{dbvMK`)0m#5OG(AuyY4kyn3j8b?O*s22R&?q?~Q>eRIhT1 z(Z6vx0BGmV<|v^Oo`K)4azd$ns@EosopV|z0M6$!bpbxBid(~6$QyBqc_7su@C?G% zGE$AYtA1qa{y9F@fRaKU zB6Zk?;_oS30U9S92mRX(Ojj8`khL618F*g@n{Q9(POZEcf%sZ-qyFp@?9b~yC*&vr zc{u&)cvIO*+6^tTB5LNs!|2k??A1>YCab^weq_RkN76_&ano$k1MAJp&=pD@=v!c2 z9x0+JupLxtb(`FB>;Jh&@WSTx*7#}SqO}B#hc2n}k$5${#U67HXrgW-_}eq6mrMZx zMcRuRV%{BUV<0Gv%Q{$Ums~ATuTZ^WPrPC;S$}`yfiRW`$9k~09F;H^q6J?~iUnO5Q0*Fr!ZT>DP1dSIGFYHUVGKXA2ObK$6sS>W{j z3FQtJJYEv4hiA1qpNjAvmh)fSv)_7z1x`2ju_aN}|ib?+u{AzSBXiS^2-X z0(EfVV)%o}EY+@+I&lv*v@GIpl!)(h@pD96Y!26rR|T7ab+fDNW!`-meLs&j2d7X&{96y;}nz5{t{GyhqODbxu@ zQ$_AP3?NLLj<+C@7!cPXKbk?!hA6P+;nIJ?1Yz8nUPEV*H+bJ`f9t zG_ar7(*#gUUU8#q1muTp^Z-w1ojFV6wJ$Slw(xQFId7%^#gp^3r#!iczkrwxFtWB7eUB0K`oa4; zXF+#~3%r1m!6-(+d1*TB;q6I)T-qX>hZKIX{%vTr+XRbNST8@(BY1Cf($wDvytoiR z&))Wj1$&~DP#$V?@~&NaR^(DQ+Gl-M&V!U5l*9<^Rp&U;7u}M6t-QN8Ph_rs#6;-9 zYkiKPw(se7d+Y+%?pGN%;_>aS^BRmA<-mHKr(+8WmUB$G_@>!1 zhk$M##`<9?DAZ=XAWLLYoU3;6Rhb-M8s}<9FlodO>cCO*-G!#v zD`vxM532%v$gNjHVfJ%}z6-{g0h-y*yodkt#2)sO@rR!yX0_M|bI@~~|I}iI=R`;W zgvh89>GCDEP10P)FK8`Xd;EpqgfTN(LxcF4>v-b#N|Ueh`olC^sG&W4!a7OcYaK=a ztV6bi)H8%nvWZoa=77J$HZz)A^>8FH6>bs?roZ_$S+F(b9IXR*seVwy=e>b9*slIl zUmaVH1YXM$ag80duZD9tDU;v(?6r~;XBKHzFV-LCHTJqsTP7=N5sXp}wL3k=D za~$MMO61C$CI93{K958;*JR*JKlkD!TE5Of5&b{iHPY zoqTAi*1Ai6cei)4Tw@K27=G~0)d(0ru6~WZ=-m}NN>KK%j{}^`n~2^B`GEn6!${#3 z2fqs|fA&M?FKsVN?tkG~Cxu&Ei_d0M!G)LGre6b1@6;P=UORl7pF@0wJhML?3Q49k?b^)>K+3lzJPU|t0F+=;tnW-YW2d2{yH<{ za==H$T;nxP!;}V+T0r`TO?v*H+-ZY@%@y?6A@33OJ)=e-`LYD^5_T#D24DOaXXpLe z_gj1Uzc`x|iu3pL`b`P0^JQ?zmBufk_p3ax$%F}d3P|(N6UFDDLGAW;9YBaeZ4*yc z>dVuCe%>-YfRC(@bxGi3M-0YU<)x5dYCXHoMt}}kNZ@6u%gHa#uxV@eM?;;3x`aR) z^P)!yJx6<5Y6^)6p-k7n=fa4$EMHi;V}%7_QX@5Ue1SsXuGoH!3m(7h6TQZy)PKGW zsDI}g1&QkSca_^XDLZ0Qy0|KbE?*FPh^rbvxbWDovpKFY98XlPbtG{W3BC&;mci^W z^zp(WZ}y-2wZ;N?cdeqN-*q6G*y_i|DJfKdJbAs;#+|i5pe{^!UAkQRjOn8m|IV%m zZm)m!xjjsXwIKi7XFg)Z=3SoR<^AWn4B*4>4<6K!UXS7k3=5_5i=*VRzkcwBu^Zen zs!Wio+$G~0A2JmGAC5s*y!YCoK|u-eUOWP5;o!ZI$lR|roL8Dc)FU$@fuMu;9BjU8 zJRmTeOUtUDGo&L&$kOMaz`EKy5xwrhSgx?q>v#l*V?E8&>Y6Hg{{)}$Eo=zn^5Sm{ zv^KK?Z^+l4gt!r_`qx!U8D5A@OD=3hXPf(XEf!-+kaz_y6{#X3v;bo3JmSv-180%bi~6bIn3)6 zD8Z9L^}(+!?04fDk5#Y1{zy*ehZ|QX2Xeu<;yp6c5iB(e4bzjqLGQYY^W}4EA-etX zZf9uXT=Va z{fwTEy@x0R+Wmf=chFvygO9;C7OJ@b6jzSxqC-5Oz7auP=*{JOuzt!hC_j7T6D>mW z2-P#Dt|_gntuaMopF0e@9DEnMLc~G`47hD6eCCy-v-Caq4$*}Ukcj39qhtRYgEj^3 z!ZS?9#Ouw_`tVI4_R%yCpm&D)5mw1lDjAuK+geewDHAjLfFwu>>*f0}DfrW7eI(zg zwSu}0>PT2@)f0;3ht;M`a)a6O0wZNt2NajtjPHBxt>!>+hjm)8oX~v%;qNP-Ni>-h z5NYE8|F0cZs9CE7=GkCXkLk&oSAYJENdmxM-fFXP3FhYwXdmS|N%O(|^U#!EUgHoo ze)Ws{un1e3uBPU#tah(lbLt}_WWdXi_Y_Y7VsC3~MM#uXUOb6iCxR8H@S;tHCz1Ks zuQQ`A?i0@Pm)q{w&abu${eO_w^d`Y9OwRTV+HW#nS!@9VP4Fo8+0`a<53>%3a zp%3`n;~(0SoZ#KAvu*y3N!}OvKi3Fw;JZePNJ++_Oklo4+C1+C>*oN!tfej(ZC0$l z$E}mRd7-B5|8Vh7V|r^$Lc`Ig>CBlC^br4kBN^9Pjev{Ojk3(j>j2aJowv6f*I3W4 zeAGW}TR$>UXwh;AgHG{^*Ro0xypHYWJp39 z)D>SC;MW-m^4dbvoA=KP2XLs}U^!AX4%z#htxgOz*!b`Ksz6#HW&qo0djnp3&3}2} z{x=r-DZjNXh~B_e`1itwqReb@6w>*XdZhIrzffQQ8;=w~1~JS7`8V&Si+}#~U!W}4 z_?>h6*6fRfFmjD@8B%mx6Y`p*oMN1u7Sy}f;_uQ!qYL$B`f#)l_Jp5#u)iR01Tn-- zTQKg<#Rd8`t_#GUrDd23{l)kBpX+IMNpGb5155~dyApyB!0>Hd_Q64kci}ILq96O! zC(6C>L6`pBXC8{5BWvN`z2$$O$@Rauy04CrTNQjl09(4+1*3h+4`;{x^`-I-hv>?|1c}y2;8Z3bKajyF;^D|pm zSyTAr%}AFQ5k_$FhB9RKNd%+4{ToY%9ricwV&SQ0LgBMfMeMvx_+0jSE|IKw4Pf>* zmxtFp#bzR4K|V+X?8mf1wS&LG##+vjKRq^zPBYpU#AvmV?ble94)b}3MiZ1>ef3-4 zK|?7E?Qt6kuxpecI9 zEpUuOnZcNilHtGj2x>rHgWo$#BF>?5cUKqFMx*41;Y-CUlu2L>IOvn@_M5UMP}rE{>7H$72sOu0Nd{xU$$E1(r%vk z?|J0X`YE$3wE6qPvzyJRKy5e`G*FUB=QSUmL2NPfE3ZJ~IIm;cUdT1JS>N=(P(Bv+ zMtOJB|0WP3occN{3+Us&aoqburcC7TOf(?=jb(ao^NKA&|A$$ZxE7Qqqc_;zrrnRF zaE%dO`6?U}$mbCH-c7A`%`;RE^#pHFYSYo4UC!v-0;>^7`rkd&mP0x~LA+Xn{lZB3 z&qLRdyUz7}Glo}5K(8|r#V7;)8mkhrX{g^=d{*V4w9eFe?;U#5>+B@4NxKdFTpKe= z_}O0@UMa2r*EykM{r5i|h<^tLUw;4pC$9l_`^No$@caMoTr-tjI)qP-)1N#)MxH*wg3^6ma+uKk?XKmYHY4;$^mM=X&aiZajjhDzlAPO3+T zp?nzKXl)>=AJqqs`LsW5Pp{Rp(r6}yqTlUkd#DED#h2UbTfXI-#HnMi9%Nkb<~x4z z2#a{_$VGWZ;!HtQjma15I*A{Yx?V=~U+1d5cp7EM`Ef^`7M%P?*manrB!fl;f`L)} zERHK}RM%xFf^HPHslkYaScWVWo9|g|ULM7M+*h`$NSDIBkL^~KX_-+1Taagwv06Mw zVyBQ(E*o|K2LUVlfr3nc5(OBO9%JfLGg#gjH8ba?Y##5azD&Rq5qRmE_epZxsl`=#ZP=GAxxW9_(`BO!c72C+rUZ z{=7(FJ}Pwe2I74!2^OIbhPuR6nmZ?z0{ho4>Ekbiu?i`G7J3&xV%Pj0urcplL;D9g z=W+Q#O56|C6&?=BUEGSbS43KrujkSZU8@Mx`hIcWpxP3OP8g;;*HUe8UURy-be3*K z^!$3wfrH02j;8~&Q92M^_5L@92bG{V?KhTXuQ@9jyABTo4cVeo$=fWuy*H@abnQ-${^$SbE9shf46L#4`aLa1_K$&YD!OtF2NTaUn_A!Yu@BX<~k6+c(i@9Tp zzrK^LFgt@GtsCA&B2V3+u)6EXqwR;^&)Cp^J4LN`W}r7v~#j z)P_&Z{+ye2g}j+&(OFF!ZI%_cp(LObra6%^M%!gX-V?>6SHIC0k-+Ywnv6#{l)Ga0 zHRaalv5-|ZhQjnC(W1b4M=rKMWhVaqVn#@u2dsy{(!WoqH`y|x_&!R^E0GUL0@uD} z0p6OnYM4#JmxivmdMrG(xaeeK_uwpvtDn~E>_J7yERSoiK@RELnBNP>tmaQ2MB^r* z2+y%KdT)1@yV6_3~Or!LH4*a`WSyFlo!{k5K%5Yu%=<^L?h zQ7lBThq-q3SM6VZz%;Ni=J|4gxrAHc#RZ;DT^_1qVuIYHBBaxp?jR2Rm$v?kAKLhG zt0f804|(dp>!0LnG&GXKAs&4<nZ8mXJo_d4_1TZ=_WWpTi*O!9#Zr#@c+HIrX-`M>U)*H-`LeBem=xJ~%~k1bvm+ zxymeIxGQ;yJ$WRJmRm*kyhATGQ<00ua@>`peC$uZ0Mxf@{8?Za0VbQf1m9I&yx%*1 zTwE0URNjsP^cvUN5zjljs_wR)e{mqyO;g^5-HSDaSyDT|#!?Ve*ImyRmHX*(?wu!RX$yKml(rbMl5OW=y(CwU*u>MH<7x| zxDS3qG%x$c0A~7W)1cDLN787-6l2Zod&Ho+)lJ<@aHdjUi{- z_fH$tsI!TWLaru!L0=pBIdjzc7)x$T>GM8-j{Vs<_sX_rVUZSrbzblj=kR;@3ybTV zA~tFA>&zn+jd30o(R+xM)m@RoDXzoUSgOG*bV8xsZCe!rlK2?yOq^!4enY3tQe;0% zt@ef(&6@u2+|^_IW{|Gj7CG35!J}uk?_oipEg~?cpeX8Dh31{pNXsGZ5MsD>)22vSzq) zQ0}VtX8!5&SN()!L~fO&+FFJYcBqCBYr@GVg2y!mXg`}(xz1a5sDWqO%DSW9-{^dm zxM;R2UD+b!(S`H!#XhiTD`8ykw`7X@cc*fK$Dk#Coy+~5KZ5BA!EvpbGWF z=->&wGeDw<^cOeK-)-9N#7iorf*^P!tcGKMa-Gv}-**;;+VLW@=;J7XWZA{*o}|JN zxE!inn!*P9A5RElnGW=)z+IWu({H7<+QfK03`Z@DFt)K5RPn^ZCJW|KLi|`}Vq2P0 zc#7;-eNYc8Sfqd~z8xqfAj^g=9xPx9&I7DM72ah4TvKsLTxwayI~y$rVe{syhz3 zxH8e{(!@sjh>twIwUfhHuTe`r^T_b4W+(s6GOQo^_j*{ARLDcl=BnEAX69! z_$Y8M5CR3_P+Q>7?jE3cNdu_jA7_4sMlaQ8@YKxWOw8=(p}yfe1Io_Y*T#M8RB`>^ z7%V7cKTyN!iJR0Xs`b1?Rmjp!GG)NgS=uG-7-Sys>oC*>Ou`O<0qYmB2?=9{tX!N= zc*>BbUkuHg=(DUI@5sE@%y_L+so@>4cV6D(zzcY0a_iTT7CcMW<>x+B>)KfOy*QBy zJ>zc!jpu1kPigX9-#z(9&GB!@Hp4^>=sq`xP;-?~6$Ou8+*a>10j}diU|wpWvxOsI ziOITs4HPZD661J+{jH7B*&a-G#BOnKg+m_@V*R=Cz6-_ow`JdW_!N&1Cm^u>EbY>4 z&UaiVPkNE(N%;tV&yep&>RgJ2)X7mKrF{p6Z&8khQ5L5L%S^!G)ZGW|Z|6gSod>q? zCFwwP(#6+o*U+TWu$One9{~t>{KiudLGN>(=wp)1?Y0g?Ie*`cgZK}G_)U|%~+-at(u2z&rrO@*_fhRPztp+lE!{msMBHA53zvhTg9IcS?KkbM;wrk$;s|Mk2nB&Uw3q?T`8KF8MXqKktLh{@O z6L=^@Uo4Ie^+q)FtH-jpx-5`n*CsP-*h3V;u};W z=gg_ee+RL%!cK+jnz5vHLYR2%jkj{B(|g|vhrh&&Q7&pI#Tw?0i7n3Z;PuzFArmhIl>e; zTdTiLHgP-O*GP?;_}N?Yz|+NS#xXTO<$~Q89Af?Oy@4l>PIbSZv>Cd^6Byx%U{FFt zI=}?i7vEysl-yxINUbS(n_vB^YPT?me_Q1^w~FSFYT2~l6%dnxR#KxO39?1ok6z@y zV%KFu?;VUM>xEV6M?mywh?jHZKYaRc?$5^4I!G2I0lh#q7WWc`NLOZx5LoTV(ZV{-+#mTro&W6MwrL!t<5Ur@7)E^irqiT zU04G)5OH}cB-$~dEXrXGU}p|k=VKMC)`_eHpMjs~CQd&nj`A+-@61Dy<~R|Ca5vl( zqFVUgAivy10%})ddV*R24?g@D7|3UnJ;@AN*z7@Kv$yXSuasD73(K!~9H-%;^rR6` ze3p%rkzC>0maE~xD#vNjOHla)bIwZ@#iP5NC#2JWmkEy*8;<+}l z&TuZzzj3x(&txFbQ6v*wX2N$fy5m~cdQRW)3c6J+sp#>;74fa`-O6KZWx_b0t0+jo z62!k-$1I*H1M`WZpN^Hc(EE_0ZXssn<2VveJ$3D;WJ;zof@*s`TJGR|^ao=T)MEI3 zThp%cDED$dRaOKWO@ML?r9se8w?2^{mBTX6Fb{kG265z_ZjUVDtLJ?vF-!wuo_w8Q6|Ot%9g^%VZ9HQs^KELiMP~r1sK3za6~Z z2{_kE6G-I#=dBEry&HT=)4(-8c`Vy($p&0+|OQ`L2io{L&Pkgc< zK79#m^UCJDa1ym;CZ5V)sV$y2?|)~`-Psc&mwQ_2HT>)uWbpOlf8&Sl6r2lh;FcZx zH0OcM*HLNEhO@GH+c#ByUO**J3KZjL)6yE3+wn)T7qljv^s*pFcT_+0{zd4f{7K<62+hF?wkiD&cN zTd0+T)30+K>r>Vr-t!v&Q$MD$gINA)z7|)Amo3ff7EaT3u9J{kr~!Ye6B&Ef@|y># zELGftC16?-(nj9U```SsNKm~*?n+)hhNxCju}r$SW_gmIc*B*py_@6npwWaK&^czR z&BYBjeGOl|M)@Y?#FA!nB747T(#^EQ8MUpb+2K5P`K+ zmnTF1)L9p;t?&Psu^8W^z|h(GLFk0A}3#?nQfuL{W^fo-NKm3xe{H9PiZY4 zwe5}N4)^e&4~9d2z7hjkoHK$Cz@KiOirjhfM0R_bf9I$#TWqFxrisxKf*?9-5$m2R zxkqwE{+qKW#xAF$S}w~?G`}8;oQaL%CVfov!hwN$NmE%Nu7}=fG)0mDBN%M+aELKeEkVbV&A?W?{}B@fvn?3BdZ34c1Dio-vyN68c`@JVzl`|Etva?QGT**~EQ zCLvt??Fa4jSb^Tht(->sMxW#Bo&(J5)_vR>alnh?E|XhdG_WFChAxS*kT4Hv0a?t_ zryneK#Dh@lFK<*|22MK>pCa9qaugk4i<^b8uYNdhMDV*0ic|wSd|w-a<|(nI)j?>e z6{E;K-zH*1*P$H?zR^C{u-Z+uFKvpt$>8!b%wMLk)-iQXTjo9rkz(TK;!#xKH?*Sp zfxk^`?lRt+gLL^Z#Ez-$*?$AoZ)ZQM&6Pn})WJp3p;jxXb!C)>;rtR5Ua4f$<1Ux6 zMTpFIO}OU2{pVedbho=38DL2!M?Z2m*; zVPVi}(FKYqmX&>iQvWJxXj zj<_DI8Nk6pwkR4|Az*jvxNWJ zE&uxlm1kW4rCUCchBp=JcEmL8vp+xjk2TLB0woH#{G%u-aafBWNa+SaelAMNxu)E{%Ts1Q3bwkw*C8XeQPFEP^i9^6clNtNXCXgJ_P^ zM`1Zi<nqVSytdu3#I{{^y`xzpnY;(xw&4abS{We32*rgk=n7pgOZZ^2RaE6gqa*3FxopS4rceL_}#JjVV`H025x|9s8YjFtKQ{0GJ~*?>G5!ijBF79&^-MNWGVE8=n$-9Dd_yk?>2R8k^J2DAXTLLsng%O| zao?4c#@o#&o3H6$j(NM06DWiI2KhBF=w(>$t6DRg;NT<8Z?-3l{(}d46k(H;to2L# zcCK(j?E}(e=CLvS8+Dc*rhrwIrn)?|KD?B1`4(0={GLMg#i&#%VuZ`aGrDMZ>drII zJ>9x{x`;R2)EZn*Xm|&NusdbQ0QuYmQWE4qK83e>57P0DM3rL}o9RuKskNRHLyufp z?^owbuKesJ2OmI$pt=77yyoU#6T9~_g5gfr>eB_B!j&o@$9!D1Ud?)W(o1J4UyPTw zir82K6$K1Aw`-x##TyU6Wqb=JIi>aHho-u)*QvOOS9$v&RQRaiN z(Y-S)kQ=reY)U~NdaF?6WT@EZc5xH1y%$@wf>AN%o2n!8PF4*l6n91xgT7qrvCC;N z?el~`CzCBrUw~Wc6hfK>mJ|tGRcC61$k)4_s#ZquTASP1+hJp?`UWd%q<9>&fj(TU z?XHch^t*!gyN@)daTaKsCQOsaS~FTsNJ97$1!#2kmc2K36y`TY#FR39L`K=tgX$`p z`3i|G1Wv2~t&D}~OjNW$3**a0r^LQ_9nhWuS-d>rL_$s8Ah6qFoa_SXIIzBi)a)3M zZz)gOjRjPKJ#(sFV(Z-@LD7xMIgp~9kEqgQ&cI<%d~rE!#sGD|nB=2OW?`-6R=$Z> z4aN1@r;8UF&JgNN$>XuhbQeFBX_{sIIWknBGoO=7ZT;%%@U-THKM1l6y(nE833}J- zj!cEJ*VMPRw8+Q=<`YU_p#b+-85w?^U+VMAwy(h%D5|0{_n!?fL@WGi@hxRO*G8!t zNVtNrE?jK(w@=SiH&(4#d0wd1P*JW2sPCI01OghOdd`$9jrmm~VMwT0D-?%>S#SdQ zvBZM@z6tpxBM*n(yG)i3FL!_s`F^vnbEzse#Ak<*YPeOtevRK2aiDgYBsCijV8W$b z?6#aIdhQj(pMahTL~CDW=zol_S!o8Q?<6L5B`_W3s{1T&jjj0l$j$+ibGX+*fWPBU z0a_TXKfK@N7(bY-P*h}A4#NT!&9BEVo5T;R2-fo3mFJ>6>xMB*1#n&;!Xac4QyzAG zckIiZFrx9aJD8s!@dfQB-_-LREl#)i)UNi1wbxRJM7<3eY|XYDuz{73?GePxZ!+pI zSU+3SvBp4@U6CNXZ(9{ROK}^X06nrtj%}`+&rc*;*SY4%qZg8^+b(`A{i??V^V%4S zV8PX>BJ>av;A+F`(05Tw1y~4hP8(z%FGa9EJ0M5a&im77ss{FmH8?>`qI`Y>RWng6 zC+LxBVZ>+b?j!Wl&(3yd>sd=s#$uIj6Z&OJ;Lyp|FlY$4#uGCeR0W_hQeh{n`3DJ^ zSY`SkspRknfMus1HmOrSfo)dTsfizxlFQZ|+wh3+)GE_gwi1SNzbj3i9%;)3TvSVP z%Fah3jxrxC{G{~D6~zym%}C=+his!)_XJs@7Rf#QPk>-Xp*V^We~>hh{()r(`3FVO z)E_wkp-73tc$VS+jr(5nI!@=`M1?ny|0>q|6PdEV9cn+Um#>(-{646Ip0{B3WkFiy z$*(;g`X&B7SET`d=fcVXGhXe{>FFrGfi;RDIg{FdtaqbeLF6?)H^5dMgrM#q(A%n$ zP&`HPQ2EbWEwSzKYM8-)aH9ZeK$gF1-b#lVB=J`IaV``!R}8ajx1KWS7Xaie_~;Wc zZ#j1Ger!2`}h-Hw`>uiM_UrzFFrky`1-SuFxj{|FZb5$m@CsxRv{^%%Pgaf>$A$w%f{7KrU zJ7*S(hbOZ3g9?gqCW7^wAg?C+T+7!`8*INRP#iAZE6Fi2>o@S zm4zP6pm0nZA^Im7=H0w0;2AV+x)6oxcb*3D7WR0lUexye5VK@=j@7+*;ncEQyG@h^ z!vVL~o<(xk>d9PD|q%vcWcU#DUmwyVLSS=Fs?867+o@`e=_AWeC&R zu3qqifR9Dx&MK0gQ*k35@ZR=(Sv<4y5q$^iZu%j%nkwbTtg6Qz8<_^nXA0tHsOG6S z!t`MGvP9`;I$GTEda;fIuAATaBbrvZw23gi(Ia`xyWy)XLNR6G{kU@ca1rYAVWSknKb~Qya;z zE31!8*5qfxO8JCY%Tt~yeN-h_!4kbaSofbl%M#dUc%eaV47-T zcOy6a?R4uSBQT z(4#VsgZyo?!?#>@pr@%<1Ffp{Ovd(12cMxj$sNlx%FV&ZRU@nCfTmQ8Vt#pnCKlc)9vZ>c(LWlYATW_pI^b%KyR3$+-N6xGjoWX(~G# zVawdFIh8Q>G&N@yoVq1@fu$FYo5wKBGkwgMQhsbk7$FAiNAYY%hAQSok= zn;}3vU%g0YxlQ7Ie>DyG$mVkF4x`koA=0fw*h3!gBHPq$LL3!UER0cW0LwF}#H{)G% zCixB6GVa=>L~h!VG*Mtm$fEn>=1$`aJMOOYj2({^3E(u-X6+W=!L;MLY8tn(-OAj4 z%}XzM*zA2YD&*jWW;?XMA8z{*H$ZGtnSM8d5WDBgPZfOKN=FkTPfC*Hp$DmtrrTvKf@b{UMSry@ueo0B{Q;>8J@iwWs*|)Ii$KkSK(%wk z_?!oJr39FIy3yG+uiNr4XuQ;c4hQb6fR$?nWwTz2?Y^#oFslQX7% z@J%nC<5aVq5{caySVZF>YzcdpAXOY>QrD=~zAkvDxCzL_z%NvaQCqSdZI1Hla|#Sb zP>crD2WCTJZ~T7O(jIIcn+8MW^L8$$Rb7I5-qgdSHJKArDS7|0vu4%dCR3?=pvo7x zRxR*Mnu&eyapacJ&SGyG)LdKpwe)POe5*A!8JHPs2TCXl2W zA8lgqNAELyq*nZ%)TXp5{WbMG?N#-PgG~dqm!lMQ*rbFswGD38`xpg$+rA$) z+g}I*GV^_LCIq~5Algq~4}&=a-b6%wMBqLE=wY>qawG{Cz{{h?v}M|lJ1vM1-F%2{ z-PST#dCiJcGx6i_RyW`R!q^;Ah!OoAd@h|7&5I}|6OYX6?P)~1J_-}fNZArHlLefl zO&Z`zE5Y(2)nD1GzQZ#>9$sJwuv&%IUZhftF5qW8f_L&obx^xc>I z{WMtyFgWsGBPkn$n9FZjOE0Gjo49{VukhW*&b20=k8JIwm`!nYUm0IyR*JTzXS@K< z66E7rSO^j{Nx&$Sll1({MVm!Ny#R+AdG=*{xbW>>RaO0O|J(ob{{iK6iWE5U2TnZvDnn`X z4}`{`KS~OLQ?i8doXG#1aArln6xsH-!ukFCC(Zhs`ThOuo^9V|z5eztuKz0U`aN;P zFwtMXu`|=3l|+6FEM%1+{5?BQ{(gloj!N7h*#n+qQIUEtknPCz4kAM6RUO1GMP9u+ z*6UxZ2n=KLG?qzXn;<@h^Y9 z3~OryR`URx%9Jajkl-T?d?<2QEDg?w+058;eH}}56T9>8{ThdMtzJr1@H6&ca45N< z#`;y$9=s|LU`rA7{UJ7$?qG--Xs6CAm40`d=0=C%Dv-)Cm&OaIdNa>UxK)=qjg~=- zR>L3kUH$#lm<>Z^gFP7iOR$@N>(3QS5v>gM1J)Trz37KPWLth~TZ+EMr@e<J2HRGpUMezIIbZF4`)Slx?sx&DlWseZpdyv2M@ z2Yb&^ZT@pSAwyW`tB*pvw&|i*{PggWf7};- z#Ty)A){fmHNR_7W0fbgI}`M z{Ct{*JpDlQ2D;Q%_^ZDHtQ%dwJ@ZzlgWfydGj~5f!Ql_lvIwmeFg=K_XoyyW_Xop) z+qkt*H4qzv&sM_~TMbd}xMdstuKT~_{?ngXNRbEa|8!O8g@5t~j~?lB%+LR!&+%jP zv0I_f{Z{?f(8zh_$hCVl5bo%ao$iXA=4!Xj$9?Q7_&?pp%!YnU0=!OzN5@fr{prs? zjidWt8b|x{ZU2x@J!e0A89PAX&z~1 z9vA+M6Tk1xUmmbP|Hh$JJ@fgCN0-u400{Z#FUgTqKJpVpFJVIe2+M3leVPR25C?ZU zT=N~}7xMLD6vk5{HXgWU;C=pq^ap~R$FxXvm;a;4DSL zRGE*WWzv)*0dPk=Emj!)WvUczAou0Ufy8YS;njuk${Tv{zm862@92XeIY2pY&M}aR zIdX-yEZ02Axaa-6>w@%l8?i+)7@(&<+<6Wb z>!G|8Kic3^ZX|M08+l?{pm1&?7alXWdom8L#Y|;N?QO9v{3|(6$1(KohD?x^A)`@s zZ&10EmF^Q4t*ca;z!+ptjb}&IXrzv4WI^q=Xs~)2f`$v&QgD@VgS{DLfp-%1gwt<4y3iAB#dlxXGh_& zF7PC1AcegckTk>FdV(Y4986=>+!;w;4u#zKSIw_=>c>;s@0Z&^#8jOLj8M4UcGTcKk- zF8ZJLYK2(>}*~lByZ~E~WgnCD%YJJ-ii(;J*p`yc4m19qbnUQwx z>#C06<&IAX4s|xvgtcZq78}rb4MBvp3qn%AR&5JC%?csW4k2WwYfjatgDbvENts{P z2j8U-WidG3tp+giCNL_fxP29Aam{{+RIv8h@p4J-P5)&5HlK(Kvz1EF7s2=uqgmj5 z)pM&_R4q5kluLVCu~tj4rHk(n!&|tC*4Om%3?JYgBE|@u#sCU5uZMa$Ao{$cy_;Ph1CXwsZp@)tI!Xuo3JCEiNa;&Ks$%}PQxFR zhkCMG+6Vh7PpqBbja3oFCMrIbAcbKK%u*1(;+x1=Ec@ydEjFRHl03D^?C1emyJiR$ zr(Jb|v14Z{f*^j_$x28@_7s8T$Fj-Vc^3M!QFvuoh-i$v^yy=y@i&QPRXGG5XGiMm z$L#}#dCNob%Vc0NmD_f@fXqzg)JLl@)7@4v%^DqW+zXqLi~&@8)17aVdL0fX@e=kH zLPPl6pVed-^p;x=d#@my2^aP{sh~+UhJC5-+<6>p*_%lla!}l0FEm{0wG)_{~ zqpdwN5toA@IC2nQ!`OSWVZ}iY2Q7A8wkK2_yY`ohtRF@vaV)@>z~-{|x8ha4tqf1% zCMlQHj03M3t65qS3@-YF@q_Kj#m+@Yd}5BmXtT9&MI4ExM(QYMl8GfBCF4G3YR2j} zYxYRGg1|4hHP)&g|Gv@LY0N3TYl>sYORE}Kio;^wzSu3z74nVxF=X1ptNFzY3fELi zRfau2DFOhiDEmS3QLn z2P;2AFZ+;-%T2 zmmqDbEYmfZ9fhu8x=s~pR$kF3_WHwv9CCcW&jJ)^?YhbAdLUo<5uCkb%|Wh)>M2k{HOQ&|%|AiOzdxT?c@?2kmu(g{tOA5l{6-xgiNO)eagIKbBvcF4$k``|_wA^oPEwhd(d&z8Z+Oc~w}Ha_8e{XL9d5QXl&0fgt;51rR62jL9wG)(yRTPLwwt2rfJuD+;?i6irc zW(qli{1Vqx0VLFQ(_;G-eR*ORZfdRS;^>JPM6oU$Kw;qVOlH*3YhzH?MP?0})hxE2 z!F6K}mRXHuRK#xMq$^&2)m~BP*b!_oMlQXmPhx*x<~n((X>HCJiHT|JL%_E@9|gG& z?DiOA(s3imbMx5oAJ6=mFtT58)9_1EO%3Gj<*ODV%;OdhLZCA!2jKk7zpcKC#>CfL z4AM9$*VP*;N{$dD{KTY&qz$L0s`;JSV4h7IQCcHbE*z#DxyI{UdjA~C09G4Qm; zm{+!e{O}>Ik=>m*2KQjSb%d09=yhjTz_>B(+jmN&`97sOj(r+7_*BxQG^B`0#4E;Hq@+i%(|bN z6OA_T2AJ-F9;<|)F}oe-e%%O6KuKi9BIB7p34VrV;px#=OBmRlvB0p!(j&hu?%$Ke zo;_mjqG8LffkNZRtSf?a?S&*nzSkBbAVdijoxc6_g(VFDKIF#17WSi@eE>!1o$r+g zYy+CKce}n#OiM*=?WECIND8e@{v{Zv?bub;gjITWi`akOYw|9!W5+EYhl%ftfUb6^ zk%5kcm%Ee`U4T?gvv*P)wtRb-#fjoapqPZ(rlHxCVBm4$;VFDmk+v*vPLPnGu$Z*% zjw7*PmDGR%eCfC%8&{{1l2%6^x{xjAE%vABA1K}t#tsoAx~w*VP-A`W3er7rg-Zt! z2GmVKPrcx4!gp!^k__AI2Wfx2VV|z2!sD0^I!Q}~C70jDS)BUn`hn+`6+1+h%TIh* zTF@O0!OS4zWRhH2SMnv7?KJRR+iIsdGX{h4H+@u8NczARdHR0i(FczH~1x*o$L!jf}sr1MYVz-+ZxXn!wxJN|EUB z&88X59?nSdcW9e53Vw_RG|YRXlVSJ9?{RQ=RZx#cvEik^$SI}yEgFM1N@7xszOk-l z`Wtz@xz^8zoE@2pT}r5yQ$$s_Jh6BMw*2eO-NfJ+LpgQi2s|3OVxZNmUeOrUomFJO zN5BnV=A#FpK({4U&n%I`vs~fWwUtk-W8(S=zZ@_o1J+Y4L0~ldW~oZm^qhR*{x)GB zTSzzU$XK^BpW1^F>Q~&|F zuLe%ZR{Jgy`}wQ>?Uh&=)M|{k<+TMxoY65K9w~njXe^)|$t4UVfPDj-xsqtQuf)2M zbp_kKgpkdAC+q!aQqeGYkKJs!RnE(ni%F_FL0hC%LMf6(;rj7a(_>S-m3juMZDc<7 zV=M$A>#Iv{;1M3ycrkI!o8$Ex@Jtr~@Aexzzj{@~LC>%F=Aq;$Z=fig#5sm+4rAT* zKQlqcQA#x|1sFC>V1pOX(@N0ya`MiaA(Pz>Xv=>mrF*jP^!uaS+y82lMj z9`pnpW<9DSF56d_FT7JAoY^Tpqp=#xTRh)&xkn1y1~l^bczDX-PIp-yk|KVT5@X-K z37s^Dw;yVYaEszmNy%ob*SS2<#$wNQjQ(c8^;Hd}*~9O^U7K>hd0Vf{H~9(+HoG+@ zU(Ds)FhsX8nWSR3exm#PaWoYvu~5k^HlpqztKiXkb}IFP(l2444>DKzZtnQ`(?Ld8 zMPIJ{2HJzSQQOTmwb(t(eN#n6Dq=b_dd<{q@TgX%*;hn33^=LLu3ad6_XQGcSpBfs zD2Oe+BvCM$)eDc2-V)!f&Two|`w%w>k1J@daLm*3JHy*JwA5_hJy|YenjadD@8~!0 zcm81$izc;l#JHvl37;cd-iIIx2g-4>rMUj%OqyV0B*9DHf=niiHEKL#8Ir^--0xWv z+@_POj0meIx54p9`#TgeOM;1;vap%sI7><>uSV*Ee;Ej2JlCt3)mdVBQIXWF>~)g4 zb7#brU*1rp$$iE_)b~;mfv7(!_F=5;TMdmDvWrO_dmep1W~wbC*~9To$YO)w-RnY^ zCq{K@#aYL12bsU{EUBhwk@m@2+pHOdX~|W@#fdQk;sPlZ1Tf~J8)=9Ho&8sa^c}C* z-($D5DIaJqMEINQ4@i~RjGLnAB^nNJXM+pS5ndo)7_W1Fmyl6xe{`Ll>&jDBB(X32 z`quP@w`*gY0cBr1DVKSxu$as9yoB!9-J^UNY-6j7!BivKt5a7&5g1yD4!?Z^MABj< z@R+w6zjP!N;o}}^+xK{VOk74Ah$^&ic37dAA$<$^_H_oOgB5DlXnu`OH!^~2lt>O( z?!#)G7GZ;MMod4!bWgj(LI$Zz=M3n7-IZpWHGo5Fv91?E;IS!t^1aYab*d*jUEj)5 zFnRx_vWO4M9~hj!DB_AfN2vt4p@^ESa7zyHmg`6L?T3{BvjgMbw~#PTbWfrijQDp) zi1!?3n*8vbdwg@;L$;=}h%e^g#Ot9<+)!LLtbX#)3?jtRhZoMjYkrL?GmSbej6rM_ z8*XEmn`Sl420$o6M$%C8EN9x%b zc7R@Gk?-%)SQYk(7j7d6j{r&hy~>w%m>28|kI$5qbnG z18K9lu?{60Y$OO2wu06w6UKWBt&+AWGj@{*SfV`z*eJR+^WBxU+na+z$>*(EObTP# zB5e4}LKT&~u!g6gx?RWz7Z?;v!|Svnv*T(t!?unEhMI@_C7Y8Ph6sw%lj4Be*W-`x z<|epp-OWr#Yy$LLx28f`CQ2W$w~v%Cp!>mrs>j4n>FMfz<6vTOF9v_V`Y9kK>$Xm1 zh=7)Wr>NcZR7dzsm0k^7ybku|vXEtc12pA1@WU*}yh*DQYDU%yW!>cyXEI@6%BryM zV?noBi#JSBkoCL%6jXX9lu8EM-n`2)A8io8Tayjr}nZ@Q;-AqwschkMiqb~t&$TjDTu79xL7j|4K!zT@hI)w z6$Zdvli8;1`$gDjQA0-=p{10TMVjXsaI1bVeih94@WF>an0LicY{*ZqmjN zp-$3=&VjaZNt*~A9XRczRu%=6@H^{h`LnU0-AycC<_l*LDPeStFoCF}UMfhE$1XIc>H=!6IfM)ND!eD&Mx9K*~q&bri1%lepCpGDuG1 zCrT=WNTWxamk4zLTsYiUnFuIA2rkV^Y(#s@ORXs+@gysp2`Odg-}Caj0m*1hqDbZw=xtQ zVv0wz-f;CPNtN%oumDvCuh@3^fEZG+;N3 zG*V1(L{3k0bf4$#5X}%DtYow_Y{&@6SFw@@K)HBCfk4KWA1B+Gb0-+h3Jp?yme+4_ zKJk+K+@XAN7Q{C)3!1icHgOo4ev$2(rG4>Isz)D~eEgA}z>gw>$WnjwTf<~=eKx{I zx?x;;s$2{2P(bShPp+mOYKfuk7zA7?CEJmtT3T? z^zN(1y8_czU-wSba3wrWBYrqF0%p+bMD>pszb*!ei8^Nj1-!ntn!A*6%lfia(EVF5r#48MYdbEDVNgeY!EZy1tjlRg82m;ODL@^5e%TSE=rtZO z70(_j`c=N9_~|g-TPwDefT1{1WrS>vYPho1t4!h~y;md+|GC?AP@ zXBtp_8JD>|u5f_8X|uVZo|KFb<0-M8({{0HyHNs?h+?o(W^@X@NJHV7RRjlu?eH+WWXFBy9)I=UFlRB){g3yM%MMo=Nq7-DV z`iISEMgbrN38{GwIed|{T(SDoVI58Cxkw8tD9saUpFH4UcL)E1l;R+#2w9Sn{(ic$ zzIVSH2kNeFiLYHou!Tss<6J0{ZH;=k7*9EnE~d=Xd@avgB>i#@{R? zX~Z7g6;`LAY~tEr;szD4id*9~t6MZwPSRC6Qt>cbghOZ{2T$eNBavqdlkH}X8Ko#D zSxg*4Qlt2OGM0mMlA-%P1S4;h9m`tWfk6r;1J)V&5XFf_vJ$v%NKD9M z*l5QXHB+T2^u|wpHJ!zlq-bKgwi2oVjA`1EFRbm+f+ua-YX^oi*x+SRZe#X4fRrnY zvZ+8sR>JY&R{U$#C`P0T!u@b62(r`%_6YWY6Po3`${OzCyImZ^tx&| zl5EFrH4YYBrUN=lI8#r?!runr2jjfwIoc285Weu(41B-{j-nL~C2FDBR-+dDE7Zz{G)kdA1U_s{vIi#L6D8t**u##uCe zdNJFLeEH0%!Et{t{ut=|saj1muQ1%)ud*Xu|K{JO<}eJ~$Oool_+GfRSrTqQr&q7O zs)OLUTW?}lFCswx1ahrPwD8i=sPRaRRg#3VD~IWYX)Ql58m3^B#^BN-Q^2vb*k_`+ z8`Qww>UzB@tA^P|^_7Khg;S|aUEr;X7iLCbzx{Rz2tT-7(6B)Ds+hcGWlfmhN@lfC zVoY^hVNrWa!S!Mqk7H!d(sUN;>`buIlufY41{?5@Q64w7IY(C9`p@>0W_VHJcv=3D zL@r9hZv?g!+RvuUk-D$?+)ne~Q+Ua)){3pY6DLne#u0niPmd`}e- z7?72Hix4$P*v8;V&YjPPXN(F3vPcNosSj;e7!d?olee1@*if;bn{5QopV|D=97p|e za>YTmIdZDqUT4?Iy1or=IjMfz%kwX`tLxr=_YNWVe9vLE9ZB=?j_CTU3Iwh|Nr3=K zC2vUQljMthj695|PjJb!4JDBH%s(0AvgF27>vNg;af&v8Cu@@z;{prTUHCx*aV&P} z7I-|6QjvVgf(x7R=2Bu|X;LAYBAW!qvUPjZ;BD{x3S4=>KS|brt<1dHt0|$B{Q~Nd zgo+uNotA$dToC5L+%GW0pfG5)#z9jm<>Xgt(t z^~XpOvBkUm@wclxDP}4?076YVw#Az}PxY4re@`J8ui&guLKw_Em`sx|+LA07SJD|vwXK|fdbW}^o@PB@oNZ#KIqTKDv)vm>|${&I!Z}7pC_ZP=o z#^@UBUGIJ>u>=Q!U;`kHUf3rkR^x7$XPGqP?R2CrK#k&=X^EjnFzBwHlkEH!7*dT( zk%{PgMz7d)G`_L?2J`@@!mWr=N@I|a;&^a41Agm(R57;r4lP|n-ozpX3%IcxU@X{C z#wCFl*BDa(E0IjdRA}C`nr832=`E?AwRo@NOO_4^tuTb`C_JVn8j`3G(w`s?D?4II z9rezGi&m&ImK>c2;`X z4WMNM2Sq$q=5H*VYB~TTmy7MHc6Ttnv2%!CY;yLqs{oyDTlpZ_ z=;Udyx-ALOI*5$>-X6Mgn#u>8wdAM`FbDb`Sqpz(V_UcRX^bP^a6-IE?RSZSUVE(% zqV?V=JGh`&3R_-Rgl86nSlv)+6JuK3 z8(xf0!0d_#h4|X=@v5hfU^7V&s#Om1Wq(luGBTTYHtCGlfkq<}Um{ofO!50fzk)78 z(=k=@0M)N~ZxcTc_2@y!yPHW~Za-3ixUZgmRNUqiNLT;$7 zwN*BXwnrW&E=FK4#icWfB_Elr_w=!oIgQO#iVS8})53T4krW5t-FY2rDD(gbk4NUk zi_Fave3gSU5uAf8@uev0H6TM)3LS}YX@emEhNmlF=BPab6Fqc5B0*y02b=9#%JNS_ zcAJfRs~}@|#Sh230r|M4o+vChDE2k(B1xh<=)D@9?DjR?wkAymBj^d#Ah|0^h48?9 z@imzI9_`ZC+mL6t>8I`%Lu8k$Z;;?j7Plqz97g6P+;P(7tf-ebOmkc|2?z+CCOA)t z&;9Y&G8#3UU}pB9r*rZTTYFB`-zW|HSMzS#C%{C<(3`oMzM|D}6Y?WB46p%{)Zt;IXHLv4o}E`HO8d*z<k%LTlRYzrve5wQa~v#2G__%6l-s!y1n;E=EU ztr0->P|x;!pKl|S5RJ&!1|<&4u=7zeNjIxHamzU>^>&76`>yE>3UJp7QMAyB?((ns zc}Sk7lEprewMj7Sl^$Vk{Bc28^5D z{N+Vzbu5zF&u?}0iCKTievC!3T7qNwVgrS%5jnSnupx@0*S=Jrzi>HPce1wM8qj6< z;qfFXc{d1i9G1PAYLjPL%HN?D4uW!0+XJCOvyBn}x(4rPk!?Lc1=T!!GJMeaqq9y6 z_F~-wj+q)!`IkFm4nm&ZBtv*()=W4h4fC=V1q<^e{m`32sjw2|XVjP_L)Ch)E6)=- zZ}D5Ulpj{T41QErU8Yb6g~$I_3(pBrJDt<^QG?rz`Q5yJ$fDtOf#E2jvT(i$z7e}vIN3J3xWTiX z@L|V~$}xC4A*pkzMDBr#fHog*tfEIBD;_3w2#_d$2CP5jMu^&hedpdOAy05cU2kad z26-)zK%fzaP8oY%$gB=x1> z*HwHkBCwc2;!sGjS0h8Eewr!WF%i={eZ7Z4_u;_Ex$h@InO(D#)mZjaNt`rPT3(Nh zxFmgmXlv^W|J)mla(2@{IupV0+iszts~!S#47T&=k63ulQ8@Sh`&za5K+l%D7MXgRcx%V6Z;E*dX_Gd4qHA#D9CG-}S zB;3yg@p||2N`cnm*#H!};l>Enxqlguoz(J+Sf%_0rMoYN_uJ8;ZR}*%xrJWEfJIEW zs+<58AcNMpM?|%jQO~4?hdp;o%_$#6e3qDduBv@o19tloGPxStxA7X>5<@3=Ybz+T zIxZwv=zW2M)-qvkcj=AorIH?geo)HXGl9;=4$kjEt>fW{75VhZsi_gK6FEAd*&a39 znx1|iuDf(DHuNXIes6og!`AdBWDW~LdQ`kU_X8-oT9@jqtPhK$+r(7`i9RPuEP}m> z0B>^!!~(J@%r8QZ8r?W9-~7rFTcc0N+dOV5Tzm+vQUu$&0#Bn1^&Fw9c7hTaomHmS zbt!*9_M_qWZdGZ~VgONrbhT(7#*k4tamqtT!;IgD!mW32b_<%gFzeRH$MWb1ifM7q z&1@iceO{QAUelo(~N;a8u%3~gTB;(!5WZF0kj9w-!o#ej+tLi1z4cjSmMA!! z)15)^xP1d(q(5y0OW>Tc&08q9V+yiG2%6XLk!L_b55QmFOD$J2$e6J+ep>e~8|thH zavQzP%)bmm>1XtPzQ55`!CD+}4fTJ|z6k=$>5?G-ps)n_1A~#|54tSLKT@nDbE+ta z9K!#bF&Crr{#&xGbuq3@maNnFe>q{|pX)83B$SK)lz|I&|Inzx^`PH&njdLrm?)o_ zzfy(&nIK%M{+_ji_`TQu{`qr*_n&Fa|Lr{M&G7%>{a;zcCC_{RehyG9=r1PD6mY`% zj_2Dh&`Ey8vX;n3cO2gLErj3e_oE zij&J<8t1Zcg|pM4T0*NIT%>Aj$9T!cLXNPDG8hn6P6 z1}=o?v91T}mp1AamD;ZPDeFQ3oy%eG4Arr`*dK;1v65J2ESrU|tAG4zaLZQC`)LSs z{1=gh>=g+&kru?(MQh=od2y`bBK$JmeJbZH^Nri`_v4@zmP=QJd9WhH891{`wMszzQpv(ZKM6X+j!bqoj!uM&U z`nH%%hl7r$B;TCa`@B(fL}X+GvU|Z+VMjD3S?6oXx?)tyQCek2>*D5CbProS;y9z2KE|uo$@74) z8Zia;1^GV$1^L+#jC>6Tl|_AmLGAV1cf<(tzOC;9n=bJis)P z9PrMIWvNc-2E<>&!$1W~L~U5}RJe7!a~$+=@bSK;)q+>aq6AfLZAW}o4z^+rW?u~( z<3Pc#D;R^H(?03>i7EW2uw zHb4tmozz>|N*>z9p?Cd7K)jWay@X>9O@a5XX(Zp9-?Lap6V08%Q7fH>(b78{TR;lk z@BGDD={_db(8_YEaabDd=6FR_jT`RVqWHFciqfbKMiRgqS@ZIGW)JP6-l23{+_Rsb(58yGsiP^m|K0B7ku-8iI-0V7$n7_XS zAMgj?uZ#t0ZCgWNQ$DOTU>8p;`%)BagLjSVUcUSUvT3lS({)rPQUtmynsw1d#hSuq2xMh3sGPweqY_Lv>~l2 z(z%iB=k(v~`)0Zk-$ECac~e1TGG@33ZX05p#Z#k>2R?1O%O@L1-mTvtvpZ~Zc~A;kZiGs4r#!GDO;*1Zfq{s=25^I7LE#qZQN_If*ggDqGdga^&qx5&0K z#p9-*a&08&%t>XGX#3!U@Ufdx@u_Ubq!O)}rE^1V2alpU#a5;+w}<6|a|EQ8q1Xu> zv>=5KLv#}f?!qRxH9-NE`iSmgL-mnDQo^q%#ep?n)8gcj^(}>DAffuv3J@sQ_XCV0 z$e&p5=>a{i-vq=MU7Q$qI_7U}H>KckqE$(SWmCI*t7leQPNJzN=ww3E*@9X}L)ay; z(wfBixD9+!C!t+nwYqjS>_M$awQ=gD<&&T&3^jcPpj2F=s4H+V@Bj`KRJ2@!ReRc* zDCC^EN^j~qCeIWKZH9?rU)^Fq170iMO=TZVYI2(#4|jO8ejNwZD1Dta&A_+!u5Uv| zSY>3jZz_y{u9-#HV@iPz0sDSk%$B|!+Z69uGW!oLaN?tRp{in1+AtQ0C|M&TmrL>**6lTE6d_#zaf(m-|}kNuqk_v%f6gEvoFE^4Kcn+)!&t3MHYWD2+Nu$iH zJ!B`Uv>v}oCRaEN*8Q@!Z6-3v(0UNC@S>B~E3=I}|9Dr(Z&yaZjGG{O)gI&%exlro zGB4ZGw(MlfsYjPicr0?jwJ}L|Z7V38n~NrxP@WiP}OF z1j|L%MVoO{4p>5YAoYGrH_RH)bVb#EBmKEiB~BQ!O-V8-_K1?jvcL*q#*$8OBn{YOvf1Wd3k=VYHk(Jj%3wa)M z9^fGW21vF`#i1}h#Dl%113kt_B!2es2B4lTA7@j6AA{_z0c3&ScFRL;rm5m4EHl1m z2L(!F{!)L;BI}LsYlu6%)=?LJ{PkVKO*Fk<8Sk!K)`KrI~GYiB+^TLsU-y@y@xwBKRmm^%yz$9tmN{FTbBDa?9%v6s1%A|=a-^cFx z;(^sD?F#3EVPhEt=`XTLwP@)CUe<_j>eJ`ra$Y|d@5>vivovST2?SeXv@Il)Whb*x z`854E3J>vn7QaDnQtafyt)VMS@-;+orVGs-lb)&o{DUnfXR_*niY&ZCS?mJ^Iw}c|FwDZUz<1owR!Vjn>YWpdGlYJH~+PH z^ZzEBH&F~Ou!kZ3fo4eY2L(e9H%#dAk0i+{iiA-dfuR4U7I{^C|E4G7^f%}4dElA< zBWp=c^yh-o-;=->TE3tEDg0CZ_iIV4B{=_K&4>|_KWps%eT~Seg!G@^dzCQ#`}q$$ zRsQ2zRPc|rC`MSAe=IUN$KSty+^_XpgZlIH08>D$zaI>(er0q2{k)`Nj(>Xp*8&w& z5DwS<*+hRhVt+peoAPG?8jUU99+>~`=|5y%tf4@FHRI1DJR-v5=X{+D$9ujKW)w9ral>mJAQDf;RaKH4-6JCqiC{}Ria z^1mf3{`W-ZgFXCnlJ#FrDs{|mb)c_@AfCVaOX|&B>aARA_*~z>cM;%F6jtkVefy8L z|EYZ;4)r!0`s2?8(hd7(g5@Z9?RjX?N~660Dbf9(uYdIAIe&=T|6#&*C<)@>AIav; zYWnAPsK2iNGm&=xOM3rT0&DCvxxcP6I{Hd}iM%E8uLREje*HfZIseDL|3hy7ND|%I z(sRvo?mra^aIv@KlQsLyGf&`uCUY(rc}3ODcs(J31=*Y)6j`s;MyUV`jR}QXKcX02lftejai-Y#j~GL{8vv>FBVZ z`$g{E3H^B-6-_T!ZlLA1^PsfcQjr?TnZEB3)8zr!&(AICM8?Z^?ubW8niO?QW^s=? zs+ZqA0b8WK^YBfZ`>g~nV=02z_?5&aaN!?XWhu47R#{D1ipmg7CP7=bH&1^pLAbZy z>3)+{gBYVud{~V2<}MdzDvkfJjO!8&@e-~VWAPl$9+efm5GE48`70Eku~*7#&wdNP zU*Tl654m*i^cYJfck;JdnO#(;Pjm}5tHtQM7C$+jlSW2S-q7IL!*7G#LHS_gzo4mE zCk`Yz!8Y`P?5+V6a!yvX7z|zsku5zw0|tRy-hD~X!jr}u!1Us5myvQZ-<%D?<_Wf~ zBmssHf-aF%uCxck=Lk7)#Uk+R+HVhIIOs(U5!D?R?``4lttny)LTbNX&oc{@DvFdN z^l3>4Ou;u6^v>LD15;TSV{b+TZ52Mq^pvc4|H{%^=4IzXW^@u ze|72NM<0E{wj4!gdgav+vFY{Jn^}}s`+jctdXTsy2xq?RlcR`C@ErHX6E#_9Pa!K*Qy?2KIZJ< z#j-#4-ZS2F+#8DZ2=kfBkM{`kP=u@c9baR|Jj1PI7UqJldI(%>$^Wi96i-8CtGcEB z*a5z`k2`{Yv4sP}Gr&v{+=YZTXV!QnCR?>%I;(Ap{0@2vbmEs3zO|tk+d=G&{9%or6RU$ZwaFUHtVG6vW80etc>> z2#qFa6-oGy!%RTbbu{1t_p^9FeYr~P2%l&~lIaSfhq)sQ4fc=!It?N!TU!X1b^>HI zJU#aqU;yNf{OLxLW)3JDlGVemsw-Fd_wl>{5Bus=sM7Qo5wkDaI$%&~FalM>W70T} z_$k5p_(C;&I3N&D#BhnbZ5^T~`y=a8Syo!fdo zI_Lj%4)zWC(Yf@ea}gXwkIsF5I_G@Gw&Ga*r*lH`)t+96$uqjNU*7;rOu=7V^AQS$Rw5`jvOPy5qf`5u-(2E6`!RO`p> zW8|OT@%vL4kH12G{>uI==W~w#^H;sE%a6ZGpIG~u=pcIh)u)oU&-Llr$6x7>kAk6K z)*gT5KfcR#{(((gdJOJjDiw^XCu`af{9McTm)$GLCp4Itv z2gIae<=9WGG3htx@CZ$*1fWw%_5dqF%GgPHRZp1SrStvsueAU^B%~7{idxcpH)Izq z%WX?jpyXpClKWdLc_?H&TEo$IkI(pMwtjCt;hK9TQT|1YG+V|NzKt@bLUL~|^3~DV zx6H&35SHN^L{&2DzaAa}gnMD2e2#SkG%r+Zsr{J`C|vU|y^azO-dBwhxUA*LzL5PW z(R)i5y`2<-Y&eN&BEIS17BukMxy7Umx;VY8>$*{;ORy`4vIdPIojU^yxvV zfJx+)O4#Tp*wR2Q8}MS6!WA)Si~7(8g7=F^(oM4HlRCu z)V$Os$L{V@co#6`ZS~v}>?Xx$n_|dWfl{MVn;@EiClb`Q!XRI{30n4=7kI!Z22`e63O^?qVre+qcf8FC>_o$B&dhfiNlL9)= zOA0azDSsglMt9sN&o7MAa17vgdAnXwm@L^6+!YDlRi?~QpwTUUUHk*;toTsELaeIv zD3QwnisXgwgM89t$BrzmVOSI8?aqtR<6zK_B3p*wS*G2#peqCV6dzJmryl;H%sd8T z?1@DvTc(Yum-UFoh5G`j6eFj*$Rb^aj>aF@eT+&j%@Vk2X6D+R#!AWNiGzE719>Y5 z0G6c?a9cZu4IWL3egSC4hZG^ZkxRNT3-d)=`@4d-z(WBFQni@AAC_|Mpn*zd`1J(f zqcylUcBZ+KSHiu?vd@;YZT0{s_u(!3G?HdCeBGo9tw-_mgHLS1)9c(v8bs)^$xrOt zlciqBjS;RunVQ85cD1z)i96mM61_|K9@}tGkFE2vE4v|c#>hC^*n8o_r{gdJ4x2J}XUPhcm;S2mA1WpoUAHK>vbdil1!5m!H+ej^Vh?64yovE=jzVrgG2)GuH2*2xArgyAKCpplxdwRHVrGbk;Kw9u zi+ObM|4I&z`gM(fpqCG3*;$&4ux|wfH4?mS;r`|b^~*%C%PKs|Iksl3D`x5}${7NX z`-eb-g%36#Jl2`W&x!;9Bhlj>C$1zYgO|xC^8ixH2b_~hrmp9-d=HEDgNvByDHBTn zRwf@1RN85Sg!r!BPfW7_(>u-eUb>DFd$`Q@2A-)8cz&~-1~Vbb5|EVm!}8m^7iePy zk0MPVANPph_4!W=%@Q;TK_yB5k;7&B2Sy^rA8Agfe?`6a~g}kvCT9T z>$l04zZs%vGW`Fs6^7*Zi@((VeS-i%8Rp}6lI#xu_boGP z{7RPw+VOjS{#9b~e_VpLuK!VbHiK|GAv+U*#}= zD<{9QwBlk*bejk8Z-wQbN`KnF(w}G)L=O{Uu3uT&n19u(8@IY7tVR%BF$bMmD>l!o zHF)nZ`0StB|L;nk{#_=<@O+N+oiYAXDNlYvv^K7Fo`GWrZX&nuRJVek_iOai{|4@K z$$xB4Lp9g?m0# zdH1Zh_Y^t)N99L|dTAOGmL`}0A;?|$Nc<=QT~ z=i%`IYxG;q8~Qa0@?J&REq?U%pLOUN)1FH7hJU4-2aDux81D`kKPUfrUub757{#hVy|;> zW4IZl1{SUjdJ{_?{`95S8)g6by5Bsy9z-}&e?M(qg^T@TMbwQ$;onN`rc(EBWptxJ z|7#`EdEHSM|4*0LjfUvZ@95S!2-e&VRb9J}+Gu?~N23cK3@IKAH}0a~)oFwEpO@JE zQ@?~qzkVflg-5rtUpePTzl8tA61$Jx|5ls1T7Sm%%;WF#>Q}=0&IKRI`MFJ=@x+M# z#7pJzQPls5GMNXh{XHAh9s2dyfAIKI*E-|CTBFu)BIl7w;Nj7ow}$&_bXWTy$mI93 z|CEV#3%`=f|6i8L-^&g6dY`#}mMH#*%_vEz|4NACf5z7TU~B*GKdqnb{B_>_?=kqn z7x%yE1S8jGh8 z`lqtUe{Y+k|3fM4e~J_A&)@!4PFefEq?|I9E&@{hb_mmdt-!zT6%B_dmi(Fo#XT>} z<$asH!Y_(bD<1uvZ2KZJpLT|g?|FD)L$tcWCMC2z8g%2WmOy}#ZqII^Lyg)7jq;i+ zlu;(dX!Mr5_~VXv?S@Ge4$+p()n=ZEnbsj*J zD3Ohof4m(yZ(96?-AQ|bAd~RdNR@Rk0y5yeJ9zYS-FV}E5KKBwdfMlm?y~(zDbJUP zfy@JHKV6X?N$4vOl24$;Zu|@ASoC}A_GTt7fy#BFGp-zD@&#k*ouFp%k=eOv%dB9K zD7}Xbh|zGP(BB^0FZ$u54293{=d+bQf}Xoi2`eE$GIO*aYrk26z6sTO*Hj`?e2c<& zlC;o9xTC?qEJ(C&5S|;yvPW!TV3CH7#+R(f&?YI}@orE6&LKpC^|Knoe}FvN~y z6$GE22ou^Y2aAJ`5<+GzK8MQc3W-nkHOUF}p&-j1fI6{-S(?`5g+B9nd!IJxnIMXs z0G_zdE0}VZYQNx_VCX1{UutuuC}~jR1FB5-=4(KVX~Xo%C;ES=@bhRVqYc#VewNtV zsZ8LJgGk_D%lwb*eIAp&5k^{!c`1i2?1^OW@ip_YZw)$Y5;C#fzu)3FsPQjgz8(pd z51HR-5~C!{sEYUwXpbNsG-Ve7d-e#I0k}=cLHEc!eE4iQCafs1Mr4iekpxY zk8&GyJs9qfB)LI&SY-^AJ2yiq0C@-+zAaGQ8!++Q`#iBr=m7qXKQ_!cbxPDe1+R{v zdteKi4D_x+UBzCb)DZq>P250>V8!Us`VKxjFf9JCQ5k)JlmYq~v!>q}1oM{2lXPr{ zo+9{6hPmrV4EzfnsJsUA@S$^r=z%YY!UQ>AyqlF_3w6Zzmb~HV?4MiY)s+8;T=WHK zgne1xHzxCyg)+s!#EX<}+qIo@+b!Mlo`BH!R_u3t0OO}5QG6GpQnv^?9?jByFT<9l zcCI}BwGFRtI^bV)Fg*QD6Kg(wUjq#E7%j5vH<=J#VL$w|Onh>;Fk^k;n?L|``()?J zHCQ>%6~q#;oknI^j!wXUi)3yXg1^rke!Vc_osX)dNptXR4z8>`j1Ma;<6j4}vlUrU zg%fn2~7M}cJ~#lYaDqC}U3mm_aeUV3MP;8K7$|1F|z7G^uFz(03uq=8TabErFEX^lFLe=Sn+)($jQ;h3|UB< zZJzcFkYV!!Y`VdrKA4m;(KhuCrHpZnw0;uVPJ%TUgLeER;O{O9Bb{Q%3c}2y<})Jl zoy}xdOaOUhV*-0tNm47B022+bsSLbXddfkOhQCxJ85KSShyjuCH;+`62E~X>Z|M%b2m^N)!YVM;9G{#jQz9OXvyAD=yr3*cAK( zpSU!L(DgD~v2&byQQIn5CjTOoFlGbxLk}XC?E5TRfSX{E)4zby4=@3xgQ+=z80~|Y9D7|P z?6rAsS`L8d4qZ0?*gD0vTf5ed{|fWzWh#%tlyeb|_AvnCyAKRDMHI`)mFj_|nU#(g zB$MT4{`!qC3UdaF^z@~Q%|b}RHwx1aVnSQ(Bi926Qo@;q$Mk$_^5GOFu$1Nq z<5-qA$h=FGjGyl%jAr&$L-mLrigmn;YOjnErNZYs#lu^Yvy&nvH2kxLd}kuUy-dX; z42htsXYMr`DNOd^nToX@BlSSuG-nB4YyitZiaq}n~F>UwT4nQdDUR3$fuGxEG z+?Rs{_66-6#<`9D_yusgN`d5c!n6|m#UO2mNg%oVVgXb4yUz+f1gPSQbyrj-DBmbI%(gbJ>hOhv}39RN# zz>rbOL4r-GjGREc7(?|dqf{z0o3ioS%N#~y6htQk_0Ldl#D#K3f=t8K{4E)u|J z8{zByjk4W(7vVEDKYV=V?W{x$L-zv`c<1$q{r>qrB->uhQS2CZ&tAtT#kPDTGXBn2 zY>S78vXOol{?o?FP!B0rW|HVZWtqqAZ9n$&v3b?q7Ex>G*;xXWY2fwb9g8LJnu0g6fHJZ*47it(_RlgI*VPq95ab8q@oU zxTbkIjIW_)m;IWEp#2*4GWHU_RB42GLH!bj7DwwRj&0W4j-&ZQ9B|#}EYkEi=INyX zS>(hD0sHZe>WO-bWSeB_WbUM2bVu0fa+Q3-tPC&0mT~wq5Ic0 z|EFAY!D4DiLgLKa;Un#+{Jx8`A?X}zmXCjG!`tAz!mgIHUy$8P-N#yth-IHxlo$LW zOWv=IQx~~M{R}!&sK>Tvt52Zk^It>HbwTn$GMs(%etbj2y&fHU->vs&n?XF!_{Bf{ ze0#5WpPzH^=sC6fs$JPVZ5WlNK)qwu^*`O)$)iUHn}yWr=l_u3-Cg7M74m)) zRQ0vV6=RY|S)N#7G>&1Gg=y_$x{a$|g4;vqzHtETNHmUUb)v3WZbd`K{6*&|xqq#& zQl3E0gD7Nu*G~3jR$i;KSsoS$!mMsKL zUF2zDAEy|kHOdY|UJZ+RFd%Y-A&Jn3lY5OGvQ56#cCp*C5n6%B`cE5vi^c9d`eiEu znL|HOea#Gdxv>us3AuLYl8UV-nIDmUuuHSo1Vh<)nSws1f55TU!ecXh%V-V?Rf$u& z2}~g$JXhK32{2-U$hgTS`i4vyH`C!7;k{phGN9-tc18&P^~AGVL&TTBbTkE}u5uaq-P%+mjMm~yQf`vHnx zMN-0&kDQaBa(V%3<{}SrgNJ4i*LhEI?5zOpHW~yKq2kGuB#@ZRt)SoZ#Z@cJwl$xB z295!+3@-Vu!T}}5aHaxlAUR?lhO`637Ac!p-dIL!-oNhvF<$yw*4c_2D7aL~j@GBJ z-HDEgb;v;mU4|BJhII!ZTbCC5AVHE$&h0{!^$>5R!0hH|qy}i;uxKGjS&3;rmN-oU zZS^5jjl^7yH12f_EXfFt%M5M&BVVhF4j)6vu>}pE9;!F$5c$q8bS(Q5OjjhPsm7Q7 zdT1f_rJi0z{@64%E0+Gyd?1RBw=uv77T>`$lscCkt!$_4!KqLh&xKASfLi2{XJ^CK zC7|&TNwWzH%2d8}u~&Gp8K~2_s#ykhRtzSMx%9Ft@Dq+P?Or}p$ghb+fF6^+&<$*T zn$*eTkoVKroA$tUKFPdjH+=p_@kJ-bacU&_vPkF5?oA^XE|=v?D(FzzT#q(QEtclP?0 z6#=fd?;W|G<-A3`o{;1#$S^`6U#CUq(&qv;&e}7n3P~d!0#jq&M*Gn@!du+$`b)4 zZ>=40VGexy^)6@HqVE0^gORy5OpjTeqLc53wz%N79itv9%bQXTTUy$KOyQc2Mm4{( zazQZ;9Ipb0(SjGeNQ_uio+01`2xI|>Xj<*`%O7yeV=)o`2Bchmys_=;hsG#s`1AHh z1tRNy=XS;A18Q7%5{BQJLJ*?d)jp4QU7B@NT?Z`iQ!LcT4x@1>kdNi<({ETE>gKJf zedD74FZTXpNn)ni62#U$W_*X&QA1sBjFp*66BmI;y2czU9~|F&e$bPtC#Bh9!# zRaPYs3hu|x0U|tl8Uj#fa<-#-{Sh}Vf(a1Zuz=VyCKsks2XLFcDBz#Olfn2yP@2x? zKK!f(#_isn>Zb=&PFkB?qQx)9tx^Ecnzg5f4cp{BLb2y~E(jUl6y)z;DHYC-&R4gB zTsKIJ7YGo#1*yKa=N9YDFu95&r^`XUzf_<}&u=X#k~{9w&+Q9?>l%iO$bfgws&Il5 zEF<{<5~KvRG>G-b zY9k>K^d0rLz4u1yb;{g+&8sK*6Dg~fqRQ>#>QXxnLGq+W5}qJl{~TLM$@sxkp4Ss*4n#F%p}gj(p9_#q@XMcSZ3#5uX|G zA;b<`*I9S~kL^Et-2-1s2c+1SlSrwY(j6Mw7>YdH#3HFSZvZ{bgkV=gp|AOlJjf)*3K3D8nL~3&HxufE*~!Z*-|54D~=w>`ox$QT4>k; z&`JR=en;cV(>__)reJKqjrRMq_iQ$*Kw&(G^b)&5AN4w#Rq+}G+?Uw?rct}tuR4wN z-xnr_jqLH&lu4!MMJ#nZS`8~3At@xUk~6d0L=P5fsta2i=Jtk)x&W#|84w zz-w@MMaLBfD>Jh2%thPv7=%@B_uhLTFnv#b9W;2gE{b*ui?loPGkPv!FuE)0+IAFR zOEMtoA3sC0iB=?0NyTtp!!VnN`Kr*MA%^2O zMgwR>Y7YgO8MGoE>P;o!DYW4|(NIOLfz~8vSHngsNoyY7Fz|9IlKwl_DITvd+$0^l zU0jBOX1gW7SU}+9jHqhGC385uI*Ts)9dG~CCtK*;TA{;qkut*e9d{v62g>xA+g}P( zA2-yWf#Nd~ddk2A;>3r5E*rzdtEi=-84k-%v4jmSIE$LDJ)h(W@<+$X@!JfzdP$|@ zidcd>J87N(C`g+w=}LwFJkXiSFOAN5+Gfj0O5B4E?&?jap%-j=qq8W(WZm zuwrf!0B(-L2(pa8^6P%|xS$?pe035Sg-`kA(eR4mgWK0wraiV@H$#|G=VgLY6Px53 zM=J35qO}6h&4|u`3fb>g#zhvYqTN7qT-=zIH=7&|Od%qj%IfjS&V&Ow8<^r)RUV#o z!if_omG-qI1dDp=fSH!$2a4ccTSgMPj)D)9UuH^Z1U`d1?(r1PSl|(xNA3`xCDvo5@k_n12!#@mL-(23jdx5pEq zn^5vv?Bblq*}d#CH`z02ib%1BSFKeK*MHJNMdAbbu~=wn(v|WN0Ax{3(#<|(-te3l zw^@ccqYPf}7R~@QSedp7MM9Svji|bms+F1AY6kI2(nH4de$K#Fy31Y-p=e#gtdj8- zMwQGdUZ?NL&w49INH5T|_;}1Kw3T}4tLHG2kHt4Q2bQCQ>EE-sHEV6zY9jJGfJwZu zL$RLq;WpEfZydFYmzA|eK32$s@hBO5XHKw7c$a4a`)rxf6i2$?lKh+?_kE=WSS5uy zub@+ws07a8FvO5Ysq6gWH6EoptcnqzmM~WS=*hazio*oxQPptTn#>Ep#^PQ(NKG~* zoiC1D*u>>{iUhax0_PzmUA|dj#z27dmBf@7qw$9kW$Z*274Bmg&76DGxjh=-%g5mg zcopY3CA?QK){V*Kk2n7`EN+4zTF9r@qjW?g)c#5p%%4qU1JX#v)FD{5PXxo@gJcma z^7w8K6Up+>OM6rC>%qOcP^p}u-%T%BgL8E!rMzToeQi&%#7=5^pcAyv)mP`P9RTMg zXCego^k3i&(?-HZuJVduwG!R(pO%`lR>7Ou!`u*=3>mnSBvW}DAy2TN5qpn^+eQ3e>mDdr~ zC^Y}R5D*i1A$G%R{RD6Uc-Z5G9^|K4Kc%hR=>_&E1ApV2RTj<5_W`|vg_nQp+(krs znRS!$il1=iB!@m&D+E|bsqoH2mFiCVAJpW-GwV-4F=GdTdq*DAxZA-~8Pn$_0GNhm zShDzCmPxgo7YqqRI;Rekm*}VNkF)T)CPA_v1hhb4A%w{*io`^6y}6N9^?7$vZLcV6 zDc2#zL$m2*f6tU#qxc$-@x$$kw9iA++3zQL+xpldSjlS~Cq>U&oyJlEC?`9GNDTT6 zs~A1~Tt&+7WOua5{g>59cF-OK^>q>G%G@{pJy|WQ&|*gCt086e_w9e_2jPXk4KZL4 zH(r(%0E}REue_<}tTI3xfKo4@Fu=3*q=TMCFXsCtbr&Sd&$R!PFv15IZRpT@>vN3R zCYC#WBlfGyr{ex#bYUIff!%BpG0ih`7{ItVuJdP`WExP1lQNC?VbZ!aR(HggTv)^} zM0Pj^mvAEpa*8TBjDbw#P`qYP{8+5YumhX~R>l!$7r?A9iL(;{l$LD4ERZ14lWgTB zRUI>8PRqTzW(y(WXMBpe=+j7>NM68~pk;Ie1Z##5I?eqGy)k6Gw>k2IvFc5!A1ZwH zg^F*LA@!uuEMRx=F9Fq(7pOxbrMbmh%^dmXIS@j##}}g>=>m{w!HOqYbM*1fiZ^4J zf)8oMGxmN5{s!01TV2{w#Y*Z-fH#U0#~S?br_4#Aq(JDh8o^2@Lo9b12^xTAkg|tb zSOIab*te|>B`90Q&Q~_yIHO|-K791Q=Sd)X%EsOtdBL6Zo&!}>lx72u2EyYp@=ZxL zq9InK0hE$9wZ4;W+SdpmZRiOi@|==ef>-Kt2wc-{mNbeo&Wmx=Hi)k}?A6_&i4`Db z7&iT)(hdrYs8!62RtQbv8NX^z)}@M}UO*a-_YPj!yz|5$O4||GgQkR@YSK@)kR?lj zlvF*IiN#?1;T~Q84Mbm%3&;^8Wjq;$0~GP)w}L?ng9stx9Qo83o$JOR?wVV^>I-;R zKVZhZ+FclC7+|Zlz6~kvu@FxidPN#l`c+TU>>e%@XdGezxO*k!yQM*?l63uTq;$xT ziQPNmP~WN{qiG)3fs0P)J z_XJa3Aw5yqETuBnXoki&(>Dkg&bZZbchTM2pTv|WGvj<7kIJ|SB2KWz z2HDj)O`lU9R&oT0a&F1|v63H0miuwVMZWqQ2aG zLHFxA1I8mT_mp(`BY0$)648Bm7sI;4LFya0eX&d{FyC}x8Ql0U6B8Zhs(KW-PB)}4 zX;Qf!Y`$5L^@Cge{LJYB&LXki_25wwzV7s0f1NZ%*)lge4)q_`;1BO*8(d!@_0sLp zAniqG{k;dUPI4PsM@+6p?HBbK|9M`&$VI=qQ)lX`Fgj*V|Gh&jRLCU9Fz?-b7F5ET zo$nll!r+2W3x&AikNL{}J<}%;`)`vRt?t{mxA_=*Zjtyx@22Ljf2GXd^Zg|-wxSXt z=v(xEZ8o>)(KYRDljbi8A@{DMej|3;ZhJPro76Afgz9fQW_Q@uI5QQN{pWK#-T!*W zuw=yF`w8#M*vbFTy(9YnU-REz!%yl2&)+#=dOqF%c}1!lzu-UF(XYJEuTQw52#s-O zqbvLtG$lbukIw5S8$l}dYctN@`_F<^C6k=imUHGp3j;Y$UmqGY%LcmgzyALlgCH-> z)7w#r_1Q@0@vEi{+QAg;xA?_@$&VAF8*0=uXzJCLi19z~XUFZ~xz|^Q|326=P$rkM(@U-$< zMr!ru9DZQ*m04W+w@yVeRp|>AsvZ0@p7x$Jvf9922*3T! z3s@xD{cL1G_+tT2Cu99gCcgvqB)-2)Y!pdGR9$*ergfQ5$vtTD#Fg`o-?+1{G9;?E zKdUw5JATYYu)W-?tCe%5B3ywi?PoShDEjGu84(}U3)Z;KBw1&;6IRwYMXECf8Pv$8 z^oO>gk*O)8JBY95N=purhfD5f=Z$?V7_GG^Hn=pGicYDR7(wNGVs%WgmmfHz(I558 zS}cI+SQ))~a9{zlR@Shb<+2e)<5%=>4JL|`8N`X^94TB4WX7FrE>@_7t+@zaV%)YBOJOQCoV zs?w=7@3sY5$E)`JIgmF zf^8QK6!d+Vj~pxq@nLj!R(d=)ejg_~h$9eJVoL0He7TCd_;qfS_kP6MF8GJog~5sK z@3m1KtZ8M%dU^4$!LyqUV`&ga&y(uz>eHu0F%W{3er_;--}`3(d|~x+;26EN`5Ulw zLE{tB5f}(nYM^7-&sF8Fy1Gbw-SOpf?kvcsQ*v8a0DqH_e2~Y_ zB01z2%HtO|R_jcF{FXBO7yhdEdw9V~b!2~EB*!K}a)2)ix{`fTt1VPCgRvTG*R$jqBecmb zhI6YbGMscdC7ZorR>e0}muW`6fjW#l`TiQV2)~A%IO=DV%LDoXj`r5_swF~6kB(bD za9KJ_J&ewRtEvK}62?WZtpJ}WX46rt@Rykn+LiB|b8ikgBPni6+g7sy+Msdo@JfryRnG%*9dNveC>`Lg&`eiT; zC7^x!(t8+*i;o^OT`;)ouQsUH#S*g}*4Ql<9C3?$YJRw-L5(CpBdQLcPzoqbSAe^x`PESW zCb6?0?92W=2<7uhtSV6pv_taK;xptSV^h5R3Uz0wBNFlIP@5|&xZRhwZzr48=D*J) zF8}5cKY|9=zOX6|2%Z0DJ!P$X z_WRj?kC@4!s=Jy0CVQ(UoPS#o=q#fyx%BrH$^QSdxBkB=dn?!ex8?ljHPYVzOaCY9 zxRa=vllEWhu9g2b3+#LR*XzmukJmi^m-XQPyV+!uf7Wv&7yR!TVgJ@Q|E;$_bnl-`w~X_x|N7@Qe;)r{ zZ~WiY``?VaCI73=|K^+_*we@c^zJ{G@!!-Hg!o+W|KoBzRGpK5?BZW-*S-H-#($qp z_rJYf`sZE||L(hqBMpCR5TAebEru+P9?G{Ib71FE3f9nn%MXJ+NB*Z}#sAZ?g#UxG z{(Wuq-@3s>5~28C>#Bjjwdr~bo%#)3rf6RVKV7;vJ-Q2>hBy5){{LE!{pY)4|BgrF zyw@k*|FC>M{|0Zl!N1l||EKk%yuRsP!U z|I@CkNRUBY5jdUvpau{CU=Srpz`$0*ORjU)Gk=R^XHj>p=&z!Zd>m0efvb6eCbd!9 zCClTAp^bcO!$=4y-i@nhjFYrT?nz2=gP@5Y2|l!p>@@up=nEq73{|6i zm?Su$<6b=D`_cW4vJf$X%!u;&$7x7jjuAAMs~ooTq)XRttmSJ6e%0QNyh}4={nh$@O0RZ32WvIkSWKiGW4kqMU3%pZNZqgeUR_T zn2)I>G1Q~nl^}gaO`PQ*SC_o>j{4c#tHl@8B~dG}yJxr^T4xFK1U)3NrF|u1;C0wCZc8he@q>vlYj`bLUChr+_{m zHxDTL>)pp}A2@5-0})Ue-9-ixr~A*39YV4Y?;5TV+pt-mSA1V$7BjHYLaDfH;w!|z zSVhco^K(^+HCgfFfY4Oc$rvCG%vsB#)IWBTKj9*LBz0KiJOQzj!(OG_o7tENV+ zH~%$?X87XS<-a`@&T`hfmoA!&KJr`&_LRJQ9yf?D@$$F5ymglapBA?VQ~1Vp&3Om5&qa z?mBVLZ1p4Bxz`3tQft%qD&bgqegxy@3j0c5Aw{ z(}XC6Sh$u(dj@L2ZTGhoZTw-3pI%ktX5oS@$+Tdyk&R-dTV5Q0tb83a;&|S#P-38i z1>KaPko||yQ80~VG`EdQ1K7tjpDnQq$ri93Y(;sxi5RKMGBeElREWTB~gRy6J+tN z0(F0^zG0=D5Wv^QWIaW@t?U$>koX?H!FZ4+!on9guV4}b{UHbjpVTSx+9N~xGLcq< zubUHH*jyEG>y3@St<5NlAcsQcey6^TV#C5L%+RY0A9hpE?$gb69bY>y)g2^=%pLq+U_-pmoZUOr$u+ zkT?&+E7Da0U{H?BN4Om-1%+TEfs6Wt;`RzaNW` z?gEcnd5|3J$=qKP(}ybMX80uk@TX4!x7PgZ?n`S_P}=+y*xo)3fdcfsxaFX)RCEM>Ndk!>hAwoU%> z^1Qs8BzI70**ST2M(_lNF2JXa1XJoauTBWOvd8@xoqzE&^nW=Ml>aL_v}%03_`2E*a|!L+gh|G@i#=4=Pr=JL z1=j?a+Q;3;Y|~s@EH{RpAQprgkQDdo6RD79=9Ij%niJI)bGD+?H`Frbh+pp@yg+yg zq^L?x6}!knGmJ*Fng)B8!-)>$$9`|!9AmTsb@~BUzad~)n`&`6SnoB6$$P&u!!OGP z+h)JyyVIJMaovl(Aw!Y$jpiAi<5&*21p;6m!IGL5CHRe#-1F^S*M8tgQX2iKfM)2- z7lSdVYIEBmwAsB=w2t*0pDscD^&idrjo4>tzZDzvyvek&aMvb&_SSdVnb{XuZqQ}j z!EiRSwX@iL7T|Mltcw@qs+ie>q;BGn;aC>!X$i9R)Vm{I*Kmfn7b#Cl+jsoBZt&;J zJ31tvR2;uG7vgK03ixG3g>>Txx7)68C#~~vF}Bt>{$=rE#^OsX6>n7D=(RP=1ly^3 ze(;{(#h>fuHezc7Y}f1)9`b__;d|4>O=UpFeJK?@Z5$ztNPj?WKg+fr$h7qaAO5tJVbFY2FoHzL}EORXpFo zxba=4E$ilsNDt{aibFa{K|M&_jBGmY$m+&Q9^;ek=zTmlh zbf1-G3QDESVbRH{!L!0YkCUkk;>*Y>Lo+_eJb6E0wW9f6IHqy<;pn=bw&cm#{;bRj z0dV*Q>Q0UM_*fYZYYqRX`$})2>HL0GRN?1Fp3QhDO&1ZuUNVUbaiWAVRVj^$Z!7`v zV;9>wuoO+?Z0Tug<{))UUNY7u#*bd~3n|0Y2hc)}Dld*_0N2q!pwpEOSVyv8C` zrY~`rR5QOXCA>FAYWebFm?UQ$_=1qe$$Gq-K5}2&yOfe_+c4AoYoUZw8Z2f{{t}m; zKhB;l2m%*%3}th?%j}JnVlFq#c4BptAxBQ;Kr(9vPjQ$v{}n0~V)Zo?$)k5?wQJe( z6Q$OtcE_n8tcA*X022 zXAyd!fUn%&>!P4t8kTmzW)b-O6DlC)q!@5GmISi4g>x(Qirb3VTN+09yd)AP-V{Tv|wBzSlU(R8M#+# zHRBnNx9T-M*+TBmS?+0?nRWiX)35%X?WH$f`&nHUo(Gv-FtAiYqg7u1G1{NA-_CgY zDI}!lo*@V<#Uk3dvaJ8@{u18c+Sa7?v7aCD5+^KHmr&PeqMO)3U*mC)bFt>qR=ocb z^YSxS!_)Dhn-{6J)W`}b7`#rN1<--C#iJ#8(z2JN_vm^>TeueWPNP=Am`!Y zp!k}nx4)d(wem_AqIjC0DxJKt6z3m%_&EGG{*G=&XbF2oHN8q@s#ifd_lAcQXfh=}b-$v)wN1NCL|4#DS}l`Z*P>mdmQ_I&!?Xc=)%r?K`~L})mAv5Hcbj0%zd(dX(llyf?1(a zgL+*buBq)A!Hb`vTQZmNogy&Y<-0}_RGONNeM2mFt-5VB`r~>z{`m->ftNR+H|(BK zDT_P_3$D0L7OH`jH+H;Tih0x;=JDlzW9VzxV$vAJvbz*3stcqUrY<@*A1(f&m>)x{ z&C>%J#=X`WW9&lA#+^Q~l|h2BMN6>Cr+Umf?t|Fz!R+2Z$gc8soHU?UTeuU~^^S6T zf@;YL5^ic9+DZxyELJB7)HQ6ZT&7KsZOoRv8vUhr09X8LvzOV3Rux|iu&A-TtuNFn z_+CGNOg()v38LaeB@0phhM(W%vwD+=#ExICRjD z-U`V$AoV$Nja?!yUz4Cm8kCn@TXg)orE4qg3+1t(d?)Zl_Tf_G{vA~Drg&Dmpm?Cp z)0gR-iH+g3o+Z0*cvToYO{(j6TAL}a*?{>Ktenj8J?n>Ws{9qS6-0QExf-U-%1pH` zH5|z;{(z@!UsJ@+9D`7|Xx6((l(;Zaq@8HpYHz-%Dhw$a&2&=RK+px{Bfp@&0)%Fc`0k3-Fd$3s)RQla5P!`6uUiMLg_IdLVa}y zWNT>V_#!g^Dp56)o$Km0Cc$#p@ef5R5*_OP#_Q3o>JVsG3uwcz*v(ZCv3%6DnJ>*QAJrW(boj_zr(o<<@)d+M;EtDZ~|d6Nz5Q!L))22#SF{VhEp z-%V3-*|oN1gmdSkJ*zxv>1peTpb^y8*MM=Wjw|6p?T{%mE0&s6M6HrsjE4wVx=(AC z^w@}-kItNSzSW6Js?@^h0EUO<^6KZX?)uNhffCD9@{Hx?SIPpsJZ`{X4}I>VP?#5B z?$!Gxx+FBLEw6wAT5Hcv>1$PwHv0QY;UJ26bm4@k_NwBhUp+B2{M%L;r%Zdj(DO(5 zo2&l!_0M_8pW~q4FibetMltk_}*&-I@p*@HSTTvCWTL z<756%U~*~LkiQ4ea5YuoruD3A1TNy~3F09Yv4J)4xUg36G8iy_e05kREm!f6kVe0{ zM_ow$^u*=d$4GDKbR8S;06a3)57gBaW4Y0Ayj|JXxta=8W{}30QT0fh-(aDyTDVfY zonf6}?OpaBguk^D3-FKp4TZ&JOkpd#kY|SbkiDtje8b8V zPNQK04&`Nbv;0nwH4;rF?BLH^FAmg4{B_gN27^Eh7@j8%Cx2ef;!Tfxmfn^}blA<3 zzY5k^61x2|EX|XC&D6f^iW>y+uB38#g_C{8e&%K0wX5=(mZee+wRzcMawWQRIX&yt zDBEXYps1I^bpRnu<$Ldo1vWzHan^u%m01`sUGe1D^GFO!;nCjXlR!xI?$##6c;N{8ZZu=KWpTYcli^=GR z*CEk;Z;M)MkS$bf;vWt}%;c zAe{IufM51`pGM_EkjoYDqY zIJK;c0!Q=%?WULfb5*{NQ}x&pMM2M}Y+yyjZ>-%w61O(M3IYqXPG6yRweU68d>NH@ z%)u9w5z?z6jeGu{uxSMRfnNDK{XGuB$*koHw(}AwE)bmhVJUeXAFg_if(?506^pEJ z?*hx7n4Y@z5vr9_WywoYIm4N_0(sebK{eEu8xo`|`?V5q^1ct?zLM^fiIG_Jt;eL5 zX#>;84Q-?55=b-6XI(I057N2QOW%ws0wZ-T?9Up^#18kU6{>(y=YPk5c5BWr8+ZC` zR{(LZ$jwJ!uJnaEwBvu4(}w}1XZ!0d3iXnDPjSSOg#`w*AmrjxFW;_aosw@dwshCr zmJ=Vt2`xU1V1BK%<#S(Vsvmebap)=eNu(66#Daav-rts?$c&9*gk#)d}ywSxExt_kNAyUK68nJ@s=8Y3*asBIBbFl3To4d=}z{Yd~9_+anbKFG& z^q-jON-Y5+E8FPw#*SQ}A~ySsJyr@)gNt23wUld;rJ1O2kORY&gD6^2Q>Oe3ZLW8_ zZr+SNU%$qbEk+>F(+@9P>g&t;mBjZ35qU55=Z=3@+Mz`^HajFA5S7Z~%Cr`h);_a} zza-G1)-$i!00{gHm&*m!rk#%wOf_OQK;f8_dKSJ9YSgH#9AZTS;BbKLcr&7IrBIfH zzC$=j??`ecbNry0aOQExFb+A_HJE36S&6rvQ^v7?yuospQJ<*{i7w|{f*1iP7!|j4 zTjO_e-8v;1?<8W>@agLC=g$+}WJAhXJ%ko^!tGfE?*J3?^ck$dgkvC1oE!7Rs&_bd z+V1#FY!v%KWgYp-y)w0x8P{6q68|l?+01{UCQIQ@LK0j0jv1s=GcL9@bCUh=t9)l`i~VR* z(i~MOhCA7p?>tB{`YXC1l1+t`r}RV^GcO>0P-|lrmY3D{z4FnZ4(B_4$Om(nMV1tT zxQoqX-@8(*@>lloqCbRQR+x3?x`+(WkpA-}-R`tk8CSDp0+#s|q1M%oAvn@yv`E^a zLO|^$Y#L|(w&dHx5ZWX{9-Xl6fYrUiKKekYh*8-Z{7e)L^`BqOXP-%ex*hXl^;x`R zIu9wUeho~of771{3~zdS@-?mCYT>A2AjOw`4UB_|M675~4VKmC9E-!L-G zkSfFejUdwe-!PcM{*6vc_}?fZD=8R*V5GqRgInhNuifr{Ufvrb_aC$SKgN63=F@-t zxBqHV^?wwKc5A2c|Li+`?w@8=|2~ge3RXb>AI_s@oYD4S_HU+ecOF!1|I?qB1vE*1 zGK?I**RzPk1V}4je{+$uw+@F5#73Tjg7l047I_dYaQZB5SE*f^v6(0rHO5X_x|+-2 zfwve8z2t|7*PN3f-j7;}cM6(N`1*5^QAgHp3(v$Q6<@|=?BYhjzA&CiL=p?geWfV; zpus^I*&|Rv7PAg|+(G=G0Yi_z?4Y;l<>0Zz-%>0HTz`+DvYqeN zYnW=vC({XPe&0`Y`8X|8pua2^w$AHfWvYmmO|IPc39OLQFCecQYSWg#0RdWMZeRwu1NK zfk^#4K4C>kLojhd3}F_BhlQ6$v6wm3VH_F`pr5+R@XOHely=gu+TLTT50V#b;_xG~ zl-_}P8HEVj_1$q^D2j#VXOR0QiX|~D=|CD)f8yq={=B%fJZwy`QHqP51asd}_ zkGHc1h1#>O{cWUh6xQSZCF?G!Z{J-BN>@?#;j5uYmhA8W&#$HNH6o(2k=BxHEQAR^ z^v~nTdYD-CL;$Q2nvaK6-EwE{a;1iR=Dz7?pTHSd!XM)2r^3kL@35d)c$$dWG$vbD zxtYmUO25b5b{6%!mtW+E5gkp_dELxj8SHPyP|IY+C>i>S(s`#{^7)=l=A8EjxqvD> zUS+-&CB1%Mie7KILvZk!6%RWQ=CI(Q5y#jhrQ6F1f4wJMP{%l~%)CB^|Ki>@q71O> z%FX=P*P*K2$^ZE{2Zr+?lgb8ez zd|9qPgZ${hey`yoUKbs(y6{=UwSd-b{UxA^iyn8hqU>f~ofjQ|!p{OscuguRF1_}5 zGkkRc7ty?0m`}4H93|l*P#@Y<7$N>CsV_g z$HOha@m03$1hZzW57orhlWsatD&CAJCVhMM>zC8la;^(rE+${wp#=BLErl!(Z7CMG zy2-T|k?&78)t!vsjXrm?f57Hm4=q+UNcjS@i6WWW_4m%z##2MbGsL>vx+}C#6Q)aK zqnjP~QYiQq1!#1Sj(v7-6y^^_B$P5OBBSitN&UTM_z9^agl?h$os312H3j zvMkSsYhn|@8m?e_HQURW^ zHgo*Ge$+xC3Zuh0C~BfP56h01q8*7ocC0xN+4=#7-H)Pjln48{iJTEj_ zq$u~uFvo5Rp@2rHQ83j;V?mut7!oP=1|<<;m7D-Bwph}?4JD z&xcj7wXWF+pIt_3;7<7k4gT1~i8@u9Hf;0-Q!e8Yuj72t_wF!RLV6|;y;H3ySj?aG z%3{noNKEQ0U^=VK2w2`8J5gO^_k_tgI+`%VKgm*pHbxtu?|K{)gp(bKipFy?ijr{TCx$Li|WlT!}Ty-H_LKZQFj>D&CRd2$G*4LkKeuKmhblPIqu1~zW z{Tfh*HkkI&ND&eb4rHMYkDLs9lbg7AM`T^=mO?RW|d z$Pv4awe0~vk!aHtx+{-&ixa%AIvmR8qva6s&@8zv;m7Y|Uk6UB0Z5nDD!EMxzik)JIG+h3h;uVIyl zb+%9FkEwvuAUo5fA>bY_%xX~$fW}yZ-MrynCS+l?6@a8tzzYD&Zu8xxURgrNs_#n| z7mJds&KtYvjPcB_GBw`_Q+YnME>G`h%Ozaa>nqsZMIz3s_}chI8Mh~juMC`#)}2n- zLGS(zvP2`2$G>Jd3WMnN?rwiM?*I0`(I|`}WKsNEPSJmB>4^N_QVK5rtt?0gr^*T? za^gR@XS=RhyZy)3ZQ61u{vn0`%;)?+%lnK!j>hZUKa)Dymn+Eh|0}$YU;pSL$uoIz zEYf=cmmL4_KDjB$1dbj1GGoRPe)dj@VV0_!!gTmB$ z<3lJBeSCb4usWTP8sIn$e%l;ZU=(em1aHH)MOB};RfSIcPHNcKmTCF$3FF#+d9nUp zf>%3@QAfU9@PdE$NuyPSUdgW|uIiKDkj<5@jgQ-ySsl4&;CP z5D49{wyv-muLWV;{YqGZ;cOHl$MjsRiml_WId4VkYVv2w28z0HqecLN`_(XPA-c(W zj-$Z@l7fYwE%*7r2iV>;{gI~W@X33q)=Zr|c*^@0FCF~gv@T0xxALT~$nZdeic0%h=cD!;^IL+L<|GwJCyAH4dNdPV)(auiA01zZ)PINm{6WHDUJ z50lbCNrip>@JDJMQ^WrDDeX9&vVJ1uAqrkJijqf7Qc3kad^4K0IeKRER|8SQe!e!H zQ^rq@>!r=9mDtG%_9~O0^ViyR-01aT`0YiTw_qOp-l1j>m3#b771dP&GN$I_x(&?p zQU>kpCN$${97@v6497$^&I(X3@x(SRMpm?O$4CkR}nVw&a22b7QJa<%pP@)q6 zSil6K)z>cak;RbD9(mA7&~TEYN6@JG!I?B$Nu8g2<0r1qDky$4Vtg~4{H0lOmGp?S z5kzY{oUfxg!=%A!=p&&+14YpEsv#~rq83r!wx>B0S?#4n%@OXPcECj;;-4ZhqF2(q z-b#Kc%6e!Tzu<-C@e67#DgeH!3d}($ zyJjjnTi*1$6*!m_gNbtj(VI{*YdK4*JYFIuo1-(9tp?DWKvNKD1-GQ%XuO#}v#G}k z%B*b+X#!PAy866or3jHagNfVBt6wjgScOMTcVDs+&SXs#duNzy`WqlxH-8m}WpQ89 zuM+yv(HU~U2g2A${0)T!%s2@XK<@TARSErGm!I;?@r}LOop-rN7Kjs)4=$lP)!?2< zYN`>i&ghDGvuc;31Rk%aA4DE?r8Er+aDGp;VgTln?DKXjQ{*I7K}nesiHNW2ehO$4Yr!G7r{GKQ;uMab%~aaz~-53B5eB`i0>S5Ul+UMd*qxAdw)E^} zD$mmDM0{MBY+A?q1_!;1A$7zI`F8wv%&*wMV8%{LLK?S_j*H69QPRK45SP299y|hR zu5W(HXu?IHJELbc?bt6cAsSi}8(OZA_zrLohp!H6OScnGV(Zp#v7-07**7DxIZ$TD zH&TmR#nj7rD~9uyi;p{~q(PcL zO(HqL%4|O)WvAKliZS`nSMunJEItinTN$)%A2|WHAbCt{keR!FMq+3Omn>t%j&l#P zxs0b$h#kt+e8-KY7~-2XjUGImN|!z4z2w$lx-j~EC4Uis6B@VuOb~KA>@nDC1tN5n z0IfK|Q7V*+{BQC>y-sV?TcTc|T>0c+C)^S1UYC;Yn*lqgMmnF5t=|bk&0jv@Tj|Wf zO)d~(?z|IiBH|pZeGS|TSqRf*&kb!AsX(rx{+@Wh%i&Dx#(-+EdHdmv>f(N4XlMWH z9HJSvRi$us@;Qu5V3#4#mROPX)N#581--!AAXE(<4Zu%Ugkt}K6J7@hIUiGxWq7c^ zIAG3WQ=VfMD%&%%Ulz^wFYvNJXOq#n(+;EW&(GU5>XXPti|6s>i1~!QVZ|{IXcTb@ z`RU9GN9$zjZ;y==+eb$G>F(U7t=;3hDPrcpboRmQQt0f8>GWdW!z#0@ zD$^?}V04q%Pmb%Xg5_3?Q?GgrxvC6u^Y92)FQ#k^1rcg3Bl zzug*}jMqtUuoOS^}C}D#pPEb|6L-_rliW*YN_v_kOhBlH|;-Hf%bK`T1o~Tt-z_Do6Y4 z4We>Xs0E{9g#9BKCs*ra4`KnE9W*0E<#8?_8mA+w?-ts>{#YA ziU)!##Pl{-g8~2iAgT(R+T>WpT>fbOtX*Z2858JMx9!Gz>b!4~l(tT&b}|5AjY}_< zC}5@v2%hQVHHZ%#mHF1_^u_cger1WPHty-%z%Zzy#B>Hn`wu&f9@4I0q^Fy=c;Ay= z69qe}IOM*~KA_olGf5`*q#dolmcYMHg=>u}*^U($*CEJAe6=ilFt?I989!!^{zB!W%(D01F=3HG3XTPHNG#zl6<}{L4x5=;l8B8e?UbT_@$N~;S&~BS@2~`J}OQ(cYC;r*D8UX&L z*Cuj_2jn|O!| zH~|S{vo3WT!SFVed;$3sNoJdk{>KWKXrn*>^*x%Wf!}h-w`=owadEbJ6ZXEKnKH(3 z1KfGUldQkBHb3T~{}LBh%_;s4EzPvMlyZQ{^8&K^eAn_T3Nq$UyPn@*v*FXw4O{5uCwi%}= z2TQ+xUPNck1z5R|7RP^BjEzYrOp|A0jB8-X6oRb^Zmg~O4llPCb|!p;xcPUz`B6v9 zB~D@H8k~w&;&zi;_t-QPZIh{{&W?;K^uH9k@Qh;An3m|xReb{;s4;11H}->mJLN@m zo4dB>H}A|Cl>c{KlKFe*iP@*2C4={uLVwWFiz?S-m2RTxfze*YnJ2V zuXdg<(maR!YW?I9z<0>^dvTBFW24FTi4t11)8J0M0dSoG@STOWrkhqK3b*DQH>M)~ z`ba+b;VVMY*LJ%1J29I9TH?--UzBdYA@fKsxi!XDDnT6Xvxu zs9QotQE{x}foXAKz$h2I0Cr^=xoL^^hZfy5NF&nbm|ky(xtT`Z>%_h3pexv+_Ddaffwa0`07X`I zX+VY=mcKJNOjEdyzx&HdUmg`)u3A1a4GUwU-wWF$IAE7Yv$=Sg(s?D)GMB1MG&$D_ zeR|L^=c!RP4i?#T^RZwKeAj(7)WE(XFO__uU)1m(kPjAif18!|9kAdEv>>kW!GD}< zEgsV*0`w8AjexkZIq#9B?OrBBZY#CdW=?)CZo|xPB4B4%(H1=R74ksRN}OIUX>(8u zIm10A5U}|K6U=xzsD-aYa!vEl_)@K$S7ILU*~CHxfnkEXHlSu@`%(04*Hh}rFgy3f zch;#Bw1xT4h#=n|@brp*0lR|*tYhN8XZE6o#o3cl{Tj;si9@D(Kg46vqrd=((@ME3 zp)gLFBnJJ_fg7%=y)K(pHx`C|Kk-!PX8{T1C4jmXU0Kyms<{`n`jzCb?a>`NmF!$G zkLz$s)CJI8U~QiTass)7qMuB#c#WKD^!*BhLfLoq@pO=;Xao8c5v6j7|AEEug)!f0 zds&m)MvZfxo`ir}RF~8h6u1^d@DaMq`C&8|k=Qs9ckGM~e-I;jPDc+FF#RQHY>~}g zeGa0rpFWSn>ey*=qEDr5FJ#vHi@j~@4Nj^=g5^gm{KiYm<}LLcjoMOTX|u{1ym9AO zFDdv2(ZH<8SaZw_Y7`?Vdf`=8lt1!R`z4X7SZl$<0+Q_?yFLKh1zSK1%QWt`X_r*g z^PX*L3FBpd+x@jDs7=ED-sPkbdY1I+I+bOb8g&>{UOSjt6}&WqiKUCx9OGd$nj#C|7|hThaojQ{@%%-u8mJHRpsGHzD{@> zTlPs`)dG^YZMom_TZ5@r^om42=Bu|>L-(4OE%EFDQ(eM9i{)y7zNl#~{Zd`VhdR5E z?;`<#t1r&b)bv~7dmn$-t3B?p!DIyY`nvF^S8YjKaqH=c3w`X%cy*_=F*lV!7_;$; zP%Yha#wsGVl0ITjo=Ag!;c=zneya2%^65sfu8t2MWG^;o0w08ZZ-TQopMu#D72-Q3 zVZ6)!{wU-N!kMhTq^OED8I{6QarTv1`#6}14cp2As<-WGb%^=h9>iQHzj4L)+Iacp z%@4g%w;M45OMjzTQ&SM<^^(`K(1kpD=|>=aE-G-APv5PP#gw0g_b*05-1V0D`Z&pT z5Q)gGqh_zLRt!OnfvmsjVieL8DGF2k-_y;EFcWs`j*qwC)^uTe;?X|=+a%Z(DZY$s zW=b`)pUL0fQ~P-<;^pBC@t6J1Lyy-OO9=MI-c=hn+m$pb?A-G6pg$H_cI?BT`uXI1 zrGsauAj{K$y04Q;!{xs^h}Yev0=0yX zqqToUQ%b?D3LtJM7wgZcyoTloBKdG>_z9$G-sJl?_|}gjq^3N>Edm+6RdE)wtt9uI zzr3yWr>=NI;1{1?pkvQO5y(iU>*JSq3O_=D4UZ#SXHJv!4ZsNSwRVnIPiTQ8d{p1C z&bHNx%0%MI4fEdDn%~o{Z7s`PVkF`D2+vehl$n=ns#aj}77TI+%nX?{x#*X&t&s8$ zWRqKqZyy?T6rU$EVE5vx`!*4TrM;+2Q1}5JNf^SrKtsK+{8-|A-)$sVhAOxJ!mP?Q z&Xqe$W3z+prcF5SZ5=efSd!Y{YqG{)E*Tp(?)zGn@{_IM#m!wV@nFU>NMdj-n9tzV z9pjBTR5>2TN_^;X$OONwWdGq+%L9zPbNQoPw4)>B-3zTfMVKSq?IWdPsTzO!PCEI) zxd03eG;{_ue8M359!MU6#7C>BQ9OXBjfg$~>&#aIVjBUwLN9a*r0xe_yHGv8^7lMF zd*b&9Rq}DWriiO8UaAe+s;xgVlL!@g9Yg-oJE>3})lAB0vR299DHiTS=m6!+`S^u$ zyprq7C!97;1w=qhJP{($LatBWGN5I-?G!(IB!BuvsWa^xm=w&f+^-zigDe@f^NnVTD zxiO@;-qbC4j&H*OB}{S51+ETLUBV>X<)!R#Da|a+I4xBvq8Bfc5&rGF*DcCStR1qp;?HYEvH@RqhYs4Yl2})#@rn zrz09af7Ihq0u-<=xgq-GG$6z>I_M>ZH)1-K$|!N!RgfD6kUK?R*_QpQpOTL(nVhLo z8=10J4HK#G+&D^B{T-VFjDdxoz?Zl{s6WGh&!j)tzQlpUJQC__?o|)+&^SM6;pP*K z)>i?*4{aC_R+KjlG24GE5h|HKHaKDRD+vE^}g`1+xm+{Sl*uJ!V_`G5R&` zSSQI=8a^wE2)Vhn_&0V+ED6Y%lpy563BD|EgRuqFe`mn8U`3n&4HX;d=NR z2M?ay`HQ8X_fs1rr@tXtNI9D$T1_^i^sG?deO~_2LIx5%0x^NGag4ZDAg|Dey?rSa z%NtGl=DB?js$t|tRXItP&`3Ggn|emFIA+*B zY#)+X?{8LSFIKp?4;9g|3ffCMsvqaqc>j6Z-PQQ@JQ&m%ucv@7q2c;Gcv;#{J&;!1 z{GSDT(il#dh)Kl>bmkNHjn=nAgeq#7>z}xsP+?$d=cqn^x_-Wc_8k>zAFY$3PoMY= zi!}ze+y!t>;wp}7P*S1s%e{ph*}Ww!7l8AijCZ^XPMS(O;Ze6>S<1MYG`*#GqAQ9p(P`ozXEi2x5jefDx(R>7TF4ef%5+CVa5; z-(C=92uA~YReF{4B>PA$faQ;PSRP@4B&*zyN}$Ckr(2KDIV{w{b+v!@VIPer###*m zhKQJ4%Fm-binTN>5s)mjttqb$C_}&3{qAmV4%I8ZdiZk6^5v9OIUA3aIt1GOs!`7i zzPq(A&F{Q@=A@y^-Y9OPnxbaX!H3B9Y2ax{wZvqIelhn)ZNsozJx`Wf3;yu;Lz?j&mK@-q{1ltT7aFH$MO3xNO@*bF7|`X!(EPY2AuW=A z)vNMEBEMcrftr_rWNq5GBp*8i5p%N<9vioPKC$^zKY&8lPf(rsT{&C~t_mq$$^;j; z!iYYNA2%Y<=@n)nZXtde`fDEWxaWL9bCOc)Axz)`rGMIV^)cJKb>;DLM zP~Z95x>5)p>>h{qjTr(RC0%0ya4PQf1qgd9Cyg>DlWNX4luJBnx&`c<7J)|LtH5&E zuY(BgwBSMJyntF1Cry{f-y1!}LG!)EoVDiRt%c@+E+|{^U=3tROZ>y}9QGZwDr>Sv zvx$cYsgyG%W|EB^dxL-^*d9fE)GJ8ZkVM#r-iuf`6$Nny^M9n`&gS$G<>lD zs(EPlHk#5JH?PqPm=zsU6Nyk11kh9yu=nZ?b6MhbJNV{zV6L&*Jggmki#4A+IeP_P z*3vzB&us1E1#0P4CFbl(7a z&j8B3N1Jfcb|k7FLAREaW+*bZ(}e9SQA8{(&4=kruMSd2!t9r&v$G@LN9PH^$TMRO zBOEi0hNYRGrqKGk!>Xr*U6|E_V|5zW{QNy%hd!u3Id)5ea`q1Uer>1JPI0_fw7! zAMc24Kv~bDvnioJ8J<8+-u-@Je&`V~<#G0NVVL^zHSs3Z$&env))$#&{il~y1_(6n z+L_S#nxLN_;cq=`2U4%hzVM?#d#x9S=#T$s<=>jgRD9LGJ&|3l3%mgiGouXn-}`h! zVs{i&2ZFuHWm?&FUOuv{qp{9kAjXB`AVAASfAsI>Elg;Obd95oV2E|l&kvC-#u+#% zU6=~4Dt~)M^jgsp{)8L+=iF%%1?MB?it~~gMe?^8YVgTVF;#_dOXkSgq>Q4)ARFeL z$hFUyT(997LpRlAie32y1|ycy)`)4PY5b;=1d{{mfLv58O6MQR@g%8C(n8CfIU$5? zUA+GG1PTZsbw?e;%VXoTCUH8SYg;Ep_|tUpD-5QAkCvmlZ7I~rw;E7TeBM+ zcA*xI+To4Z;Q{+iSrzF{`OUxi(ANb~@Q0Dm@l|#awHchxzxBli{tE~OA{`5QwG?}` zVbb~SOKC=5Dj3`HW}5lcJyB{j#q^Vkdg1WhT0eM&Y&hetlP0qOsQf|V8M_mOj^zH{ zQNjsV2z8YZgdAQfS}Uf`#evZUKFiQUbIfmKEaaNaviCJ=#~yqVQ-i>Z253I;VSKI4 z$zM*tNpwEgma?cBvgw zUafqSo!r85t$ZHIYGZcc&6lme!h6R7=!hdcJ^K&2YhUg7d>t@Y`G4kcy?TgNV}RD< zk~Zd@{>&z>DMm6v={qb*Lx^`^3vwizI3pHYemGy6{fNsy@4O#b7}=&>69_XVj8YSU zP_UlRukWRPd*oF~9wys$Z+~R3hlLibo2Y{7+MCsgHbH$NIIT>o;HSQ~C? znbgEJn?1xg>s?CP$E>Pas0MvRMeD3Ns2GYV98lAe|nLe zG9!G2KTXf?x0RzCt(>sDA?h8#X*q3dt@S;v7DmpqCDez1{)Yehj4xa< z{Si)CKSyOBqwi`T(GPDF`dL$ZNb=LY!2`7H?1^moZ^o1*q*R4yeZc?n0eN}TiPuc0 zCh9muCgh?oQ_NrG&_LM|z>GQ07drPxd)gJm$$DCfN;G=j`9-F%pGX z1a0fI5W?0Xh#y5N=?@!!^wrqrcD@luLH2Dd!LXBmFf|P-ev_&H6rl4Qgbp<@C6$1N zd92Ji^%pZ?M_Vm~mJmJt0WB~CKNth_a?F3FFx(`Lyt*OXR!0@PqXXe7essBxx$DB_ zTREMeg6Y!;}csmgLABj}s7 z)Mn1#|5T?5inxKLfy`QAohUiT`DyeMk?-FWLdF;i*$7FAr1PM29BjmYbAtTq+HbxR z{Qb&WcSW=4vB8737cIFyaZTm6HYNG09V2QWdvcw_?FNBO>0R^=QM`TdeM?QAwzTYo zeqknUPorF^@{OR-=H}<8+rHF($ju(&2$e}-qkq|nwZQ#KI&yCvmD+!UfLo^Ex=ApQ zq>3E7>TRC^bI_A$^{5W2g)*oQ!YHMw_?j$pSSS<{T85wzmS5NiJlZ06zLx*`vMf{a zm(<=&L+fhXoljR<`zTi8ujBVqROTvw<0_LDQ-(ei6G~)odK5sc>M~|Zgn-tk90$^> z=FIS(NmlHJvyp=w@L`~#7yh-hD|-=>$$76^;sqW_NuNWHCMLj`IK~<~YL0S80uql! zkEQqf9wuz}i$^vHSgLd#=hS5QTytvm(7eB6k(=ngFHwU=de^}6w|UvVZK>>2TVQTX znj2pYtk%0E%<&Qp&WV+BkwV&nLg#w$T4#Pzyi1g5AS$|vfY*O*QH&DAnuFx{c5kz@ zVz$eJG_Gu@k9}geHwedk2=EQP*sP6wd3M%2Teh$D$O19XO~uu86kO56@N(-Zpz znTr=7nJlkmMFm&0a?jrqdB{S;kTyp1N1t2IM*8_q2Qd0e?~pP-Bbxe^nk0P?1SoBJ zD@FYj^pL9=;UV5NRDC4iBg3ZYhYIIjwk!DpfR`kJU?lKPdZVEK#t-44jH?3858|aq zwts{)&eRqf=PwJM7=FXHBMlx^^%dUwBkbfz;gwwF$NyTxakRFMy&ihpn90^fVEo)M zctR<9IhN0p{?{S>+5=8TYLP&#Ps{jB@K(oJ$_66Bq(K4XM z&o_7*TiQ~D@ZD+<9OY}BFVFmGzs8zLU<14!0(`2E2{`}5eD72NXKow34&xb$5orn`|3TpeU19#C!vC9T2>+2wf5rc6>%!}Qtq`O1ZJ4!FiT)?Yc7`(bOR;!GX73D1=Ijk>jNGMTV2pui z&0>e5=;3fK)-r>z9e(30il}le#`wJ(FN)pU?o>BZ(FcAmIF9cN64ll%W18K>>0%(P zyfVFTQ}s&vF>At9+Vw|b(cZn5PSHSSfWIiR_Hw0Oh=0!N?baQ-yx|xzqc6Tv3MI#1 zlqX@Oz1xcLQRTm#wAv@(#0PYBma!VZ;?JM5GV)O~Y-#8k$MB4o9E{H1GI)ZEJr6k( za{`mIQ13Mwr!YPvute8?zVC18{jT_OiN}22q9tDY%Noy!%*IH}SOJ;GC|m)k1IgHI zHgH0~q@43M)Jx*#J-;TI&tnDCEHYw!GOY7;DH~^udSiH24Uj}(G!A8S-V~Vqes7un z{@-a8e`XkmeCtz`+rSvbP2OuIYRDCVYYvWEVW*i4!EL=odgH2E0 zN1w|^Vq0y#J+q(VH<7##YcOCD z06YhN`QK7AQ-rEb1~d+Mq=_NfiQT|O8OYk1qI$23s??I7V%eI{Oy-Mbpm72+Mp;7m zO3g7r%BaVU=5q;Z7Uy$RRrq)gAQOP_3PczMS{00GWUDH|9mV1sTD$sOAISUo`GYHJ zBWXE4(K4vz8VH`nE2srG{NN!s`4}v?d5jC+>3LqGXj}i|esX_+4!XxSY6VUmKp&r3 zr3ql7-O9cVuXP=;z!ZkgI;oO+IfL!z5Mq1>pFB7>oJz7E?PfXKVQ;4PVpmREMr_-m?z*~; zzHx*pxu~%3St`e?E$cW+zdMFsU;Z@viWn$zrOOjKRdPJ6Pe1&UXa>CCJL~r{5;J%W*{ZpU$_yn(qx>x zCw|q+nq07b8jt+@nq|V{!x04avb8fMCh~`ygU{fmfpkwt@cAzD@++5m3n)0!0tJ|( z!JvPA66mniE%xXS%N8s%Y!k4a`A9jNL@O`fa>`&EoMk)#<6a7LLq8#!pGB!&1F$>v zxaJT&SKb;?J?*eWcwh?k_x!}7#|%jAOA4@q@!dEZ!SQ+ zAg>zil=z^HcYI1^mWUYgwEjwh>$l8lGz{&}{cO$xRlir%?POZM0|<*dJd(AI zvlldt5m(3w2AXVwjy^qjXqtcKD={qZ2me}PNeMrjvP~#RdY=Iz9)I}j#JHXje_QdO zBhXy52EslVqQndaGB4KBdY(PIt@_i{)a3O$_&PjYD3tx6sL7tT4a|3b={qG9>#t9U3(Kuc$fxp5X{92rQ4W71N_^!oyeV; z9Lydfe&d#mC&^#i`bCy3PgXOE*=^sqFM?E|IL1veZdACR0O1{pLGL4CfF30Cah34P zT7(S@y zT};!oIR~_P&8`hqj?(!QR&Yh7NI*wed`UAqcVt2ca5r{*CZ{SNsS_ISZy9>V1L>Ax z1FVA=0?6S&pi4*flX1(205&0`QMu_(!^P-Vl;=hS=yDVddF24z;r9sW0QQ_H+G%AN zfUk_>&|9lCk1~#N07MirKn0|G5dDFW&5bqZv&m_ywJ)*ZsgZy@Q%VMy*7M7fD!q{s zX1foE+fKlC*k`Nvi2b?Zbep&Rb7d6AJG0O6nSa5c+Pe^9iU$8m+KFPiiiL6$l#+$v zXDikz#0`0s{4hC2aEi!YWjp?l{N78UQwFzRs77NIb# z?sei?yX?jnUylu>$jX$l8ErYhAVvH|a}hqvR5s7U73V9RwMJRZIbl4dF-_GwZHHMF zHr3Ti@rpY%xpCy=Tpg7bbc{_>5W&bl4Q^6>y?D{$lBz@*QQu#lIcR2xH(WXQ+NJZa zK>t2VDb6#ZNYHJ03$4ed+b8U0FH_?sCXxX2h<_90Ca$5$G~fyeZM&&*uq!nsP5Z|L ziS`1gy<}4$P7{1j^7<`?07=0o9zSN1{>Jt&$ozipZMO~lIYtoNgjI2|ne-&gI&J(!IF?&PHI;c@}5N+o(d;bu9*ez()cnxTPgw|jWAhgy1 z`Sk^^y|~Yf$b4m0*{M#PV|y6|#1!ts$8et$MA8Z3Q#x1;6sDUnQSn^A>l;~+k1N(1 zps7~WBhGK{1tLw@X?)Z6fYw6DRZZ7G4gra@$#NxkGlEDxOak(af-ZU6*VSiyUx$Ol zf8^^8AWhUHh}*RFSbKdL#;}ou@_HVo!+?;i90UTBy$9Qr z0Dur=w}hGytS%(l`P~T3JC>UF7Xo;$PnKafQACKKQ)&zpIGV0YWn`~z@jSQBnC!P~ zM&JxdP{Q6aog!2El7N(*fbbe*hKr_qt`iBEi!>PK;(Fm-mDBHKBa!gglM_O@wE5)U_@i0Z^7r?7=A~U}wSk4` zB*9%@GiVQuhI~2X^a|K$?`x%5B@fzp?r2sYyNBbB9xRBlY^B7Y#lc5?X}?onylvaw zDcleht8%9zzMp((xQ`>EW@Nd-_K0oaV;hQMe%*41$}*LB;^=|lfPl-&U=@SmaZI*I z93xei410xy`bc}24nL2xu_xN4ibjX07=e7g^&iiNXGP=oxI54)yU&<@9dAP3=80Iq z_d+-((uBtaeaySQPqIaz`HD7}V~s;3Fdv~AVUUl8crrjg=&H7GFKwXSc~8q)enqH;TT}-#cnIb_ z7NzZ>JdGB5m70T9m5m03nW)Q~MaA=(*qmjR_KkboZ|waHxR?9N?3XmK-hGE&;Mp;5 z`y49_2w#B}*H+BDFK*P0hv130%{N@@mHxz`h0~8fQoS*`*D3QbK-9+1OEvHMyTQAr z2|P~YC!)_U8CD=H&#fNA9!86Rxsozffhp`@*mtGwGt1W#v_q>32rEGzf#W?&S-Y*^ z)orZ#n^1B6q^6MaE!U{GTc#tvKH=_`~ zK1r78P5uA;%o+^GG91M|X($Z)7nbMgzlclt{)@_JgdkxW&FJ`l2>tTs0fuf__1yo{ zJe2%-&kcW`Psr>uI5Yn{zd0z8>t9R?tqzr8!j7*D*x3THAVc(eE6P^#~pnU{v7^2^PjC#AB$$Kf^*@N<3r0M2Pw}AUEhC1C zA<+|O8?F+yj1m=x*zFNi{9y8m3k~q5Vo1#O>PPEiScl zR;JZ`zICr7G@d~0`vM8w#&m+w;fb8`&AoAknQ6rZ)y2-WP{T^fkD{{GEQaW~#7a zF|cYc!-YB1q^8=bpTP!$1fbRZ+Cq-IP2OFt+;1nI@t+^z2Ei?#I)reTb?XL|O^l>QSA^ z4$E=;DL36ZvlqD&L=&Eb$NPQY66r=n7BUtrtznT?fE;u0Cp??X8a&scGXw2a!~opu zm;q4Ta-l!QoRZNs{ViJ+ALnJRDsjOs*cIfZ_d_dLFgtzbiC*{64|9$q!{SUa;+Clf z$twyI3$nc=MOkFIa8F{|iXChuifz)1kQ-19P!ZQuq>W+B&TAUQ0yJmvdU3FmoW|o5 zD+kA^p9_^?VhZwUnO?L(;~!0Isf}G0k>je)faN5~@ym;4PJsg zLIP*?7vJ)7{c*(|9(ZTK#Vk}r!tN3hHDB-R4xVwF@wmiXZSW65wwuM= z=Lmxt(dVC-I1;U>oE*caC%Kq#m7l!BNKaSbRsmIJ zSx+u{gj*7)QBBLMf^58F6qn%C{9QlYdvbOLUEwMG8 z8aqwmCCQVW#WieY|3Q0By!O-u+2~zT7u}^SnZW1tk{e~t_ANlONRGsNqO!MzYGRj2 z)f8To2Y>gHCa`+=?491A%h!D*gDP4wpnmK*Djy5fW<}4OW5zBul;EJ0hd_Ui+bSTl zN7tZ1rpiuYrG0ZJOP{1(bzDl7rap9u;B%WDcdm`Qg^yAJtu^pz$~)K(R9h%(rt13E zQQnQcHE{NPZO4ty!~GSJxAfKwyXZTHPTMJmJ;Lgtt`7b1`w+IwIGqvYY}53C-Sl!4 zk~Zz$nqf<*H0iG=dY%pFzO7{Pxt9r-ew8sZ|P(VT;gU-%~bb+mHaw- z59}D)z-`MNtMKe7P5k;9gdP<%j&ZS>r(Q;o2u={W*3c7PgD zEMv@wqCj<0144@>tAF>sBR-uBtn3Jr^y$HK!o!qw5D)B@!yS5s>GgaI^ZssMvFiIg z!yQO8h@gQ}jrJZDY=pu$MG4dt=C6ekAXTmK%o3s0hnTIx&G62awn#XX8E+%W*^YIi zUj?hbQwLU=narg(S>~1WEMKCA<6_oQ=Ib&`dtF6g@>>N6d#P_ zzP!u+ZpjigVTDq{-fKota?r(xfV*-~+GY&2w`YAJ04E#wT3oL>N#BI3*BwZ#Xl8ON zzVj-IbMF&4kK{aXIPd zfqVR{UsG(tNoBf0u{?$c!&CfBOYLOq7$g{85B28-!S>^p`Ov-Gk=Tu0_hm}i6O9}S z1cQP&XC2{l%rE*IG-y-t!W+6>2Qe;Jx;#W_?y`Gwr?{pk2}-PXEkVeOr{uDp>}G34 zy$ePDoU6fW?%re@Wg*x0wYy*?W`z$a2y~@P+$qP1b6lbsEC}lr@jO5D+Z#V2kaE zd*_XB`X-ddFyg)7z!w2$HxN(N%j9LorsxT;9hOYo*&A8 zfF4-5FS&MI48*;(*lTB(I14asck$lMgPx-=>subt5CarQ5M0K-oeK)X!Sr z3r8HmAfcrJTh(7(GNd!_`7SQ21q1>Ep7`lk>s>5}_PK5LjWiWCNDR>7%n8c}?0sPB z0S-Z%KbK5gt?Cv&OTOuyjcoYj#)+frBe~b>Ns}FA`&?ONG+0^e2g?UT(QuaWQWe^% zX~Ck|km%D4GQ(+|t!>%ng)ra6dBGp|sWT~wB>>4{#?ffbg}8~9ZqF(k1_7*V#j9&L zl6$7PHW!w7_Mphm&l~-&<+qdI^7$%w2K736e6>p%RmaNb6L}j)4etHBM8v z)HDa5w?W>RIa%aRup!RAZB86^wr8`#YwC+?fk%E3EBlrq6-2+C_Ac;uX6EJxdfw1t zxx_#zING$?42#guq;FQ}G+*B4+(H+hRhsOl*}HKD9cOv|oM$heI9vv+_Q4B^?&mUi zlcu0#VANAmhDY=}zcI#}Ah|sw7)Y`1m^(1W5x=z#C$edt=H6;}#ay|ysG8Zae7T8B zgX>_Hng+MGch0z?`!iD1QVltAZJSvhhShilet$mpm$Vpd^!6=ykS@MZr@Qlc7VhOq zUfJQ0IF@sp!pN|x{R^B-iQ&3Bfornrf)^zgH|BnUMOuLADO!-h80&2e_yT&UPFX_a zteuZi6H_1e>ulL^V4xuqS=Z8F52*?gfZ(jvjWU-#qHgvss&TQbsicH<9PDE8fJ!QfKsXjf2c6@9jMoZ}FkewqM_Mbt*s~bMrS&85vwA5wZ$w zwd7h&4UbeoF8Xle!3P)I!m8cyHAv@r<6?_wcn&O(Ko)c-n;R^ug;?7Hz2u%!ySsbA z-_Lw&#-w#-;Et<)5mCFD_5)-*mUVIqlabZ>fpCr*Jd4YjWTtl!1YRj)UV@Of5pvNQ z=_LGGMwRCIb|8P+(}nW>NswEV-^?FzjQb*BPt0 zaRG@Y`#Pus;UpX@b^bYpV^_~1Teo){V?!(aU}33|(Jo>p?xF|$w#VB6Ze-dB;+jjd ztu)3JFSU#Q9)5F{;!B+hEWXFSjML(EB8Bw?{7k={oaXJz5U#7#2Tkm9Tq?+X7y z2sn-$1RCV%En~NfzXlU!1FVCFmA;$@^ITjlT z=@XU~Wl^S@j|v~4rdajV3w!r8e$9nJsDmkKE^uOueT@m^cm3JedSfuuIpgzEhPE$KxBnl=I0_VKJU z-zp&p$b{&9K^>O>dug-g-qLlfC~4isvVVgmSia( z_PgIUq4D2${-6bA=Gy0x2n>X5*XJUb;J~BKp>@u9QH(lQ*PLsJsRW_t30S^NPSPkBZXrEg8z;aK)MrI#>kspma*>xxFq4_znZ>;t!3;j*6dx6c!Oc*cJ0B z#!5-?G?l#jWvj=wOWtt^h+7yXnD+z;u|+KyCF#Q50y=*s-HZs?6}ZD$CLcYRQ?mA& zBSV3P)~M3@B_!didzrHfdV5%)QeffM+wB6w1`dHOs*2$8on!b78!-zeEo zG-f4`>84KlAal!ox9|aMbi@+6c7{Os0$IqgG>`)opOebvUM85u52<;86JUfGJM{9R zK=5IxnaG%U-@X*`h4-Gqp}};x5MZqN^Y8%ts1O?(vD`?!cP*JXj!wai5o7vni``$6 z0H)nr(&D3J3o-X}I7dTuFz4}BJEvwX&DY?NG7kYHz>phnvj|z9Npyp}s(FArN`hbl zvb&q;i*kB&-xm}=)u){VrL3SGBYLFGGZ1PyjwM)!`S$zwc%5^Yl$v%s8c4`V4v8*d zCX3zyX^#hFYi-3agqWP>a92?uVK2zxZ%%vg=(hKh7mUupI=8oDWX4Ey`g_R@sm@O` z>K{m21MC$qr3d4x5@EuSQNTLfU@l6OiJf&16Tb^jFv<&EtZgW|zhEy~d?MA_ZrW{J zq~Y1T@z5(ykWM5Y`EBh;VB(1`x-JGI-DCDyx(~lCp0QKFQQ+`^{Jw!3CVaN&H>*>5sx>! zf6+KXQ?1~rvHE=BTGdZEzI6i}01R#2d0b&w3dq@ug%{C%H@btn^W%v00Ws(#ItURN zRSPsAM{sFQx}Fp;7fRs9fUj zXu#ks4F>~PQ7jMiST^MinQVLsyx=tSA=92rTaZzcpLvXIo-V@XD^j2jZX>A|g0POhlsSF&bvk*m8YhpVh-OQ= z4f=2&m9@%G@M&xjdPzw)w_*k~>Il)7iwtvc5p`4yg4`Cm+;lhDF2%F+t=fiHgWc|U zQqf?-6NrbgYJ%!)C9%H6AkAMiEFAnD&R+NuucODDU?@LtXI72iZlyzbvq6oVLZ6kB zY?VBEyoJ#PQ)MX{smJNVr6XI@F1v@s+u04ik3KGtKKejYlwRO>mbT-ZC`9qhBP-Ze z5MEVhsFeD72gw&S)zVa}4BeQ~W{ftew74P?Ljb%E17%)1L1*-{x%iyi>&Fn&^GoJk zZ69Dxcm@a$E{MIRcvVKPaPCDln@YxZO?%^|lhj~XFZN+d_9wgTO-Ae%g#g@xwl7Gq zfV!BHw#tptx=WYp-yNl8;45;AhZ$yK>l?<~N2COYuy8O<8I2zB^19ocUY~g|$k3k8 zoLTo3j=){{VDt;B)5+GnhkF*baw)Wz80oalt+k8o32PTl65ke0qoxLZTne=^#Qe}i zEQYHi#$d<{1WSZ&rY~Sp5Z2|x1?qt50dOZx1jo5cj?M99KACAC-0Ngs-mZr3tr;nH zVD8`x+s2LB-}|lZlbB0^DoEY#GGx2QLspDsXTl?-My8>^NJ0ZW?vPvg2ZLb4b{vPi z(#u6+jocr)>MmU@hh9mPwVt&PrLqkr;tPKog6{j7Yz0;y9thKOaa)-&$%29rQW|F+ zZ~nO7k_Y#E?gOG?;LP*akTY9sO(5FbpTpsK$a4~?d@ga`$uXEdxyLBMUg5njHEm?T zQ>OspqR<5;9ZV&e9?q$}_pnZeHze*vCynL|B;j z?Jj&aMT(#3V&T$KGjiK1y2l)bK=E)JGvzhr2{u^}Bn6-6QuQJUyu_PhAu&H0%4d1Guqt+uJZ?MPiLm<4XCocwVc9 zQhWmThBZ^NDz@$hP+wap(OIBn6)xM+Zz?by#?--w(&I?|n4$XmSc?a3s5P zZ?$Cux3kbWGE}No=S$B|^YQGh%zMD6>Bya_(JKuP6dcL)1Z7f^E4dxq`xNmm8@_E& zNstTNVZP_#I*TKUb2v=b-F)qcCR?~<;z>;XMUqpF8GWt2FT+jRtH<#AtQ;>rlYc7W zsS}#$5c^w9M%os9P^%3ZB5)h|qq0OCNzvB2y^OXv{Euwm7OnodK!S!DNd);=CZhAs&xk%nw&1ViTU zdFVG0;NLiXgJ$;5jpuXKE>b=mSjn218<0_~sK9|S7A7dPxiK*dbP-AE4QOM=g(@ppc6P%B6UH7`Qh=_UiXVwO@kbVDoPmT8R;q-KZOfYjlEc4i+X5$ z7kjoB(K9381GY9$DoyTeAGoh~bc53=HQF9UeD~SkU%GYmW$Yw>6<*6xps@Pf{QORLg zd+Na$?l`0k#i+gE4Ixn%&%!;Z7(ZkM!b~Yk;6N2>Ag<$mJqD4;i>PFQ5meaQptU}f zjhtRqcW)3oj6J25%TG2^p0gP*{94K)L}1JdkM16m7{KcLHtw%h+s3GK!7^#%HCqaI z`(8A#J6fvroW^>mwr7d2oRYHXbR(E_hAWHpE5}py{dvdJJQLK4shpS*9JHMaSDPdy z8*T#EvX8V<+ODQ5^fdO4A;<|hP&uf0C#0xNoNAF)89mmE^of;R_y|hrW%b&84plv{ zt#A7;!`bF;IJEp8$_9s@us(#n_o%d4s)qE!P+uL+Th&?T2@X8;)Dru_6Yr&~60V`J zLclJ6yUxEuP0oFis`PnSL72TygP;c`5n?^CU-$DRpd;QEgEWA)?*{B`O>e`ccE*~9 z-{aulLTA1Xq6fGs`%TwtiFV6`OgvjXUZm25ktD$oZC8TAzRXa>II*Cd$1NYqb6@Lv zi{NLa)332>N8dma)U47&B7FQ}2M(x!Z zj*MKlQn_S8CRTkEEszs-a8vAsDRMf`jYlbS6{5kY$)<3oTCjv3lb#H2pBiuSe##^D zevN&4)^5109ktQ?Df)QqTCV_#q1Ao*_|9WdM!T|0T?Ag=k7JO?_$hL%rCR#Zb7J5K zcQ7caOwOSv`lLz-6{4UX^sI{b>LCjQ-D-H3vw=_O>d8y4yN$T`d?CSUN-J`RBD_z! z=J@Sps88sg1RRr;4rlL!tC{<@jhcuz(w&mqJUWRt37xn?j` zNK=kMUBWtk9?X?a#ZQdlJEV%-oEId|KppgOw;X!O0h?QfrCYjRyakCW%aKYO+`mGW zL8BdcdLy*n$q+lUP}$i0a6p8O`0z$m3IuEl^vYh{9C08B$)BHoTDtz;-sgD*)Y){3 ziiD&QV9E&;+9*)+az3(AtXkfBEmL@a004B)dCv+G*E^d4vL{4>D#bAH%R*2b4k8`; zufIY2|NH;`e=<0x37A6vg+nm$FDyr}eW#6zu2Ml1Im(Jgq%18;CgU2YVasZOoZi&ja+q@5gSc$x;0)E5aC-w7 z4z6I{#6QP$MRA7ZA*+d|OBw>Dup0|86TC3~cuSbDlX0jQGW}FJn|iP+ zo{>5LwIz?d>8=J@iQcI^`-w-X-K19{D8ge)bltN?(Xx1hpD4|&$ZCy#bJK~(sq)6&BS9T?5X14OPQPtizZ-5Vk$6GhalBv6k!70Q^=YkP z2KIJc*1hn2n0e1gob%!ZZe8Cp2Yt}6!9qr5m2XYcVPc!;6XhQM%}6c=t$Ft$HMP$V zy;k>;sAEytR2Ts3Sl1>sQgNCoIagvaZPr9Zx#V4gFN!$Jynu4Iu%?c7G_rm zZ_*WdE9<;DZIVstMxd!6@ld!cn$#+a1fp5?*q5b?MGoq^I`fNz~s@nDNf7N~IdLXh@7_YhHn_RWD4-|qpc#YNR{aM>!Cae`^H6%UQq($G@7rl@hI9r^7MK_E-o4| zzaL0eByZTs8nq#*jSK+S$)Ih2gfQ21_#k6)sTIA#`b%-|vZ9-ULKn@@cs<{mDfp{S zIpwB0+9~p6k0ZBF-4BvkE^4Fso?V?=0=w~G=Yhn{291 zt-8+_x7-D$Wi9c7$`VCKBe)&S11;aCUDm)h+#uw+$y}ME`2|=i?oVm5JxKD!&d$r# z`-B=3Qh(lt=j=_rN9E$Vp^t@qucDOa3u^BLNq{a<*%jy4z%HLH31WO-V%cL|VyS?o zS7EQ7&17;VM{=3n5b3Uiy`nz(b0JtbR>3AWChC@udkVS zbS-s1C4XJenKQHi1daj5ffUcsH33F!QmdI*Lu?;tb&6l@>bLD}y`XFM!#DkW0;d10 z8&%8hXRPM=4$zCrSu2?<^h6`=%?~-n=c-91c%VipK{J);>BhHB5bYjs&uH0qwVW=m z!$;xez$?Nsm6?j6E*}fH%^!pGA5Vl_jZ1R$&x|W=uuZfXrV@D?;fGufS$^lMd(OuZ zos$|ePRYXw!dHicQ@OPv@=mIPV0^qmZ8+$QF|`~iyxpD6UY#&_#B_LJ{c&#lxIj)r3>Su&x3fH%ZuPVq=2YII&T0fnaA1@bO5!4(-=-%3&Epm*!}Ya z-C~_1$*>13&tiEYL4et{yu9Q&Xz7`hQ?F-T==RH7-r(*8qGWJh9}f(kKqC>{d~0He z3^=+0?gVE6rtYBk;(<%W{-RAs$y_WG_ev&Q67ogc#;~W&lSv_CX_NAN=(fn4t0D>z zFt;|BZ94RqE;Gm+JO-8mZ=BWbL$JITtK=LBRK*R4QbmltD3)})e(k0Lc`?_lq!c-W zF8jiOz4XeUnA_{^?IGR)_a1>;@)^29SAt+*RBsr;Z(IsIA8W+AElc00X&Uo44(-4O zqXrOCKzw&53gXd4#VOQ|)zB6ku|mKU2nCa~tQRxf_nF>+tCN%Ov|X5*4`+8DohECf zpjh3!_Qa~bIu?6Sa4aZ5uf$8@ zIK2%j4`IeUb@2)wqU;iw{7Noqf2(ohu}Usq6y9aW2NXxM`7}}9sy}Np4lU*sO39J; zAaJ^fSx$Lj`&;j5mLG&ddo5~hz6Nlc1TI%LAi75ug&?Wi86Kyg8g^iVl$$Gntc~j5 zA@dYuE>Y!cGNJJ%#<=W9f$hZ4`L!CBe;mJ(3Cc*3L2T2SISAY$xLV~gy%7VEc{gZ%*2gPwU7q61ixxMd zs55D1t&-3i4!&!?e7~3Qx#{IR5k~9N*LbJ>1F2v#JT6tj^KT@A)Te1bHepmbYL`@0 zrvXNIMpD;#h24$tHcPb)_BfDBe($04i#|ZQNAJMrSC5Um=JL})a`qTL;He4ph`aYt zAr~XLc_4LD^|#Ji!7kRc%sy|1qqWA<^Z7)9Ou<^bFwu`UFk*!i{qY1ybMNGhJh>wuWzB)Mna9O<7o!`r!P~d(BVBB*2a& zhSg{+Ww$5J=pOW9zd=Tom=&eSDUa@fc*D*^)IKBL_=29Ad}65_`4eJ15JH9_N@9liejP2(8aI9!Zpcb?ZMCSRpG*HJXP*A|PaWJ?89b1|;Z?b}kwJV}i zp^#@nJiPNBv@TJsb$dr=BWEEz;jR{yApsl(p9^iSUZ`zdqD{(F#=1-3OgXy`_fj9a zjF2%IYvnMqgF1Y27Oo8ZIaU`nBw`d!DxCA%UpiM_)(xD>(DHpB#@D4>v!bL2Ht z>rG*sR>8SRJuXLv9pN~5G1llBCBr){I9?9bOC&n-N=8qId(U8)f$~dwg&Sth0E(yK z1shPStvmgEm4P41HD-sK4?l7soIFpo3Rf)+wuceQMVr)L`r7Z4hTE^Pi-0?KyadTK zi^txPS=f%A$PSrkKOe%WJxBobBT5%5w8v1LAahTx$%AbPnwe5#hvR;%ID<`FH7f-Cex)Tf2KosCkPXwW*E8@z|y}@IGE;xQvgl3i={dq>*-_rdbdn| zHI{hX9Fcj>2jFv{xP_e~I714`Tt@o$w~xmmLUa9*^&|N}>=ghO`hl*V$O-*xbvjq) z20anCcl6c=N)xq{e$tvY4uH$N^g5B;Oppp>#O+JfO!wDR?DR$Vm+3VM;+=n!6sb0_ zgyi`l;tYR##9q%KfK(Ak509?!F6#itn{EfM$)i+o)Wvb&Y&`2r6ELg>Pju+s;VeSAa*5JK^58&STCIt8%T>iQ2wQ?h_uxC(l%W~3lN{^ zeCy4w)A9?#j-y7uQ}pv_t+o$@VkjJqrqcKLTA9a_p=#Mho}t=S%RC{8E=yd8FUhHA z7A6vcrrzg;}4nP6+$6mTP#A>GhqH4*l`r1p!X+3tq&5MhdM{B>dR$}!5K)%HNe zm3Emt2DkjN*LC ze-{{{<%vUtLC<%*IChC!jYY$$icD#_K)-!xUO3563pzzSkk`E=Q+EY>T*MD_>J}j_ zPgUSo2GUCmH_P&ht$hyg2axD+w7xJh4Lkx?^KFe@wpL@;=XG##fB}5r!FW%}`_1o) z*i+ROfdsKhEh6_H@kNK2Mz``sw**6=54vnq&?hX&vm;HsO&rC>(b+Jz%iGfFH~@5G zBkUa8q3$GdNVx^KM4*<+T&LQsJ(~z)z}vmR-@Gbfq*?~%=9fl9NRq{?NOjTraRF@o z9v#a)&%yUNU*J`Q1O4HKy<6CZKUa_;^U^zc0uLqBMSXDGk>*IyIn}&Cpv%!!C8Jba z8>cm#K_xKbT3vR?1$KkHRqO03~lVVqo)=ZMuzl8H;~NIRY`qo3qqgQB+5^ zlQtl~Xux41C<&^)sg|e8&1#6EttZ?jgtIPB)HLBi>XE^lGb6tys8VLAjm9>>kCF5V zG;?naa4e>$@nRwtHo*v9~``Wsbg{PEV#1>tcT z7&6Cvfu{SIS1jv|j21Wq3(hK;s@MDScmgpP1Z40MUf;nYzZ)K}*&|!6NO$92^-PZe zH)+46L_&G8osi&q$-?A{^#G8?kVHPGGP0~2$=eE)0+dOl*|T;Y&qn4;RN|hhi-u?n zYj)qGUA%(e>qUU7PrMq5iNeUx^L&=iZluMF!Jk8#18~HX9H31fpGW(0Cg!KizXp$+ z{TO^c<_0$0_9e ziA+o|+6fyt?vtj+j&<^aMwLQDkfUuL{MC-kh~7+myo~CRKFq!1VM9i%>{5<~0Z!t0 zI5&`t55;ntrcsudZmueRWv1EN-Bt7KTUfxi-i-%ZHwc{v^@H8S^J^CesA(p6Lng#M; zcB%zsgV^$u(*K_xVMyosr>cPei-7T;ZR7dBk{F`@MQ2EylN5!-De^y@?D=Qg_&t05 zhc0sek-YvR+LG!y{KvokL+ICR9_MPw{zFKswHo?=|Hzz&ylS)my+@D^=;cR8W;sgX(2T`|Pw}E-kBZL6 z%zwjc1O}Ir;=wsS$pCM9HO6ZNeNgx^I~PG3NV@w?$A^ zjjzfrnS6K-hV2*pwjJnnw<{(^=j17@wOdEZkQ2crIVKI|chMzJ)_z=D zk@LA|eY+d0Q>Zm+YVEGso|u+R6bxnOf&`Z=McRp{^$CT_I;ChABUq(da7E+mV zfdw$(1>Uj0lLjUh?I8eW4~_eqygAtwhq8rgpCi}B_iX@2U;49EFmwp?fD5kpOb6~jl{(eGU_(;>c)`4~P& zjirYPU=_KkE*4RQFQs4R%*wm5BW+*&R7i*(&MVJoqTMMQ&ph{JYu>|)xWiSc!R2tt zlz9|Lt$}x-0v?j}xTFZ%{N3N{rn=>UB{_`dW6Cgs+ z*vR=f!{o)7i4yLB z!jA$>xMeIW4!tz5vh6eh7tv=vG57K!3Xp(baj=NuFjh^zc}S4V-;Dkq$RiFb&>MG* z?W8g|V7A9Qm95!rM#}B#a8Q6Yh7RemytiaZ47AEEf&l|^_nm0*(awf$_oKN#u|Tda zDq~X$%5jB4k%OUP)7!;O!1iuzRtrYKn0Km-%y+zMK&H4Oq8RkcwJyILI@3N+csiNq za$zvIB~B(J&%lx*fh)?V8X@xQUJperBY3He_2})eu@!BFWhIhbz-*vMa;uxy#uXQ( zh4yzFX-?%V&^8R1CXuCP)SM89@Jke+-q~yRy}7+G-YMciDZ?Z(%9b2dQ_##T#I_JP z4+W@YEKEkCpaoj!Z!S8-mw49!?dp)l%RNrS)ZldjyDi4aE})JB>rF_^h7tLi@}%8Z zE(W+iouZZ4a(75jbfbLyJUfVwsN7`Ez+q5)aXD#wE^Piu_%<5H)g7bQz2LHBaqks(v| zlA23Pi;SnhOrZp33h?d=VKn#&imGUg?X=;UXoa)(cuP;8tD{5>BwWE* z7tS_&Zj*D>ja92wo)=0rRFqfGF#Bc*fpC!{J!SHh#{43dFeFs06?%k(nQ;O*Sz<=d zcS1hN$it!gE|YnHv!@Udw{Qj6S(86dP z^cXPK(c4oU4QxN#|AGgJ^648Ws)1rTL61xe zBc{H2AEB2_JKLPKXDvbg5Q}6R(3#1BLnmv)pdsMZpO{&pDggD73Omn|znGAT6{Zi8 zN(xT^EIVblNsTfEwpqMRO`J?h&TF@?!z02ID^G6El`xd|z0l<08f`iI{8D^;%FZMa zN1k>Tep33&6~&2tj!5MUhis#-<_fYzDUy5mKR;H8PSG^KqU^sA3d#Qk!&&;T7$M+) zK?sJ#PZ)t92>Bn({M_1Y`43Uy4FvQM@rNk>?>y=n`1~<{A2G!01MN0HtW`=`*Sq+e zDw!O3mh6Z7acu2~H~spSxLv0eiuF15hddJ3-_-p+4~-$Z>yLCol|PSea>vj6 z^%2^o`cjIFAF(84q4*6|fdE^IpzqJlEA$FG)S9WxVki`jp`M-H8SPE5tH0NLJ*0?M zx)MrdhEQKLnxfB(`e|E&-g@;d;D+1m8n5hHt*oE()lkQi-Yzo^-kvY*d+mR&-`MRF z(O>bWJpsKb@~wH)V;OZcobs1a|L6GMe}CI@9slUAJ`SmDA4Wy(Nv~~DVDC|P(c{lp zq4xObqFr;Ye!Z0Yf4&Y=Tw}Ie=Mayu93M4Q#j*`O`C(TP{QY;FJAF?ay3M4vyZX0j z9QE&g_~}P_eRs9_;dTByK~DI3zb7?@YL|%l|MT5{YKtlVw3GNx$F%+yhZgW}*Ki); z)fUppT6U&e;X72{25cDpc2y z+{>(mzvsK?ZF~ec6#cKy{~0HvWykDNd4X^pb6w|&{Pg*)@yuaz^#9c{|G7VskHtYm zSXX;5`*NR>SU+6s{Ckb&8V`wnc_>>(i1&Zp7VrN?TfF~uTdw0ic2C%n|BkNyKjnYx zJAdqd{p335IuZj0qI}Y`@q!nbI5%RJ(N3nTTWouk31gkhOu#yg$x!)B0$d@h@tIliv?j}2(|9<`d z^6NtxgkzXC?5+HM$TIs8zR=?h&rEaX0ZE|t3%)`B^EE)*JY>)%VI-a0&sG{sp+%EX zS1e1%W%zTj#EDGbd%N5N=YZ^8o#-Jkav7J5U}(7bNy;@D_&1# zIy&7qi$>a?_Ooo%4ji*r=L5HuKkW|$r8QB*!s@VGh3D+BpL7e$tdKA09ErTs$sYdP zXRBDNTu>J?8#Rn8%_x7zz!6l=D0#AlSLJsusbg=78@^c<*uRc>qwuU}nO{3Fn3E|~ zB0@OocWwnvwDDK|m{K%HJG-upJSzYU`yE476>Z*Xfo)EIuK`IJE3EvbH(!mIzGer7 zw@Mw{ANx@*oyXL}b%{20>_7eK7B4pL>D!rtLc$*OJ46a-`8obD8Id*Jk|u>fs6PGY z*yfl#A$KOktwOqCz&?(#_6$=Oo+9e_wNpjtxuYIjFgexYcV1PUk!XI#`;!nlMPc?S z+RqK@t&jaVfm(5eilY&0{kevvQli!CJCE8fYVK(pjOI^!ODGg{hC~}_vavs71Xrl# z8zRwd_pC*&5YqEhit#_k4_a^?FQW+*e~-t@ROtvd?^VjX{n{&I-Av)+t^SoXx%Fo( zHTll2yz?x0@lVz*78+5Pk=n6__f}NPyh>0XzE=wzqfS|MdZnWx{i#xl{Xd&kR#{ z9(aVpn9L#)ze5HsR+3g*o&SLXqdE(P&oByi)89TXg2M_+oMh7TjfOzx_mYXv&t33$ z`wxCF#m5Hrg8Fm9Wjp6F36D*GX1notHk@X!OnwJE{R@jb#xdp$TnO>|fy9VW3+Jw~ z3wT0>Gb^BoNCw)Et@A^5`7AmHna5CnFiU6F!o9`vICsc&#&p}y{tgWMADqxUfn{Wb z>*G@S(?qfIEarU%?a-(Lkn2FxrK0&1k6@O6{fS}n87;O($Zd5G0D=AD!UIz{<1z`S_HVzqem@@rwfmfV-Ty_I z3%w@ne*78iNWKhVpI^z%*Z$a)OQ<5>t^D)cM;@^}`gXxXpJ%w1I_b}S^P*4)6CG}( z_iHEjSzHP>_wTZkV)DOZUlCoGFK$iy`o*{!a_^@3Sji0Sp{~Y(w0}{?1EYzz+uG@` zP2?Y&*x$Gt9ltgqy)K(bcDIVdsPy)>>bLB1C)wjShN-N_SRy?o$Nd}IK-(XzrI1KHDq6QN@Fd~xPFgE zZNY-n-4&6M`!g37aZ5R2Wm3Xn%pr~g%x!(`@rz@J@WD`rO{cRHoIf^^S>ZH|*eY;Y z{zmpO|FyLzYkh2Oa0aaW#rImMs++0Bk&nvgUmhVwjdJI9P9NJZe{c`?HS|n7C{ODF zW(AHvf1TnJ%e*TN)vDM=z@ItihaO@dYl7Sen}jZhAwhC9YpeNuTYT0UXDv;-Gj#jo zIjqCxBsMaHy8xau1TT19o%#Maer<>w?uGn$B>68@VUOU>YY&n}$RNw>>$rpv` zm&4W1+lwnuDlfTTf3Y}5Em>|KL+}O2O=dYj*;~i&7;;C*Ttp}70H;d-_~i_Fl_b7~ z7{R2BxWY2$|HKGI%(&vh+U!7D=ke#*WeFAQ`Ei&5W=mW2)e`7~2BK2-W z;EAy$)P(wA{>JOzhFnwxBjSr9{`QX+xbls3nm@OpO=c-g@GSg;Uy59QV&Va`s_KY; z?msNn>)uk{n)}-o_!fbGDlO+*(Klu(SInZtm-~%b%#-N?nC|v)u8{=pFi?k=?0rE4 z29)Id!&ffL{oopl4y@??&Z&|LPFdzA=uO@_X8YP1RG4z|C<9Fd|6W`8@G6cUAHwlF z7OWsT4ZB-wsokkiU)$y~@W%M^G}eeN-oW>_*7~(^CTbfd#puR5w)QbW=PAPp8W+&d ze5GQ^SO$IIL=k^+b@7-RMoODXolchQEiw!<7AjwkzI@sg$ZNKJ+azhi(c46xCqZ&U zu=9Km59{yo<>z>-Zu~Fr1S-n1<})Z=N0OKI^XR(0VWVFTCS{*FF|%fXzg%xxoXdWy zA}ReSS&ZL)VKIt9(oBvEmb}7N z{z}w`7joG=!QVEs*r&~uIeOLc#luE?P4l`~bI8vs;aKZS{<*!~31X z?TU5ge%l!h`t{qp%*Ju=PM(NuYAfpM`voNy59ps~_x|*~y&6Ao)FUu|ZS~IdAAWU` z6VTr8c#=K{sOu)@XRK6SD0!=-gFI-AuPr$oyPpXga+BYb_R9Cy-Cy7F?=K#c*T-&u z`B*I6S4pITmeySG_Ff6WT;mL`jz96{e&I+;K4xDzzH^f)ysOh`>r?n+{=`J|2sY>I z<5zoZ`i*zZFV?b{!x=KJYaU%c0Cb`(npUy!Z@h><4?Ql`0rrk>ycoO-Wrli=l5Eue z%$H_erY}Pg7#H3*K3mq!K!RNR`sT&WrDKT*b*m!wi>pQ?Qg5`2krFe=M&3il_p4vq z<3*I=%-PD|n*7rqo`Ed)K5bBWPW#GiWKh1BxFfV*lFnD3xN!Q-R9SznL5oeng7!_f z`rfGwPE6kBIl$;Ci8{js4YY6HH_~1rnB)>x&7vy5_hIbM zeUul2mw(&(DoRrxC*MexX!_yuThegA!jNJ9r+tIGa7;g=K;!7&{!E2`mlPV#oxXjp z+cNuePXFZ#Cu3du;X8iZ6?$nQXFJ#4@@k};D7WgEC->@?t5wT|Q*3ytgV*l>7sa8j zoIEHk5|6oj%~+AnQ}fLY@XW_23w{luuTRQ?V6EDdyrk@Hh8-B$cMoYZiKbvqqW_qAV*Z(M|{kTKzQag|@c zWjX3~@!2e45TM6@a|DHlsfp|mX*J5fTuV_e5<4Gz*j}2TF>rRpcyd`J-~DZ$T%`qT z!l%|^{a+5{6g9!g(gf(^GDgmyd&(PU)dQL>uI}9ajODgi$i3*W;DtX`Mh5DEIC$?5 z2U0kO?6==oUTFcrE_p)0S9p7NTM3{$K4Bos4Q#)@ux`BZWbm<~<{X#Cn_s@a49?b@8J6?xhvKdgH;P@z{`BP*tr26>$W#5RM^HN&Cif*Q zx*upXppcF9o%7{`cOjM$@%iPSn1U+|;8>SF4N+@O=}a(B{#T;~$~D$Am8bq6Ud>qS zQ+Qo+3SN_-a~%?V-Y#QaY?>pXnjil7B3E2`!M4+RmA)GCGJs1|x)AY1pp71XY-fK} z1pq`}UORtc4t%)#^6PiQ#q~bAhk&+G-JYb!(*8H54rgRRLY{*5Z%(CfoyKe>^JZ?= zlOi|3DpSrJ_Nw`gfBdma{V9>^uMZQKrE;0!f(e5=K=4LrhV*#-?>&^$`rIQT9^UbCs{4Vy<0 zfa$;U(J{^E8vb8gV1k%~0ldF362;%^B1J;}baM_LjbE$_FMfORgmn5RR*M(57jNMF z0?m{GbI6K_%jB|sYa4kqbLo;>*E@}x+Z#Ly?H;FZhY`n&K3*) zYJzHU?vg|yDVX>757tPRhQ-@&o3S50m*27*^u7LN$9)M*uSe$5pRuh8S=Vo0{4PHD z4JEpx|G9p%gq$2u-G;L>tyE9%3gHB~{%TSN(>{5W$<04$$se0^B=y23iqf}1kA69% z{F5UEvu4(RwBC=F@$Q`2DbHxGUZ)pW-vl9l``}VTFL-l&xkq=!A1lK4@F8y{oeUfC z^<&Grw2NX6_5gkJx3bv%=r7;z*KRK_jQYLKHRt^&m*nl{g1R4Hh%V}H6e)4?zT$oJ zP|Oe|FPt($H4ZcQoi;SVT-s@4)8ZFSN#CeNop1EXG2i^9SX{t>oP9IY zzwwzCtP+adPVEYVmvDyURnhy2JZ{^2itzZ3j5hQASBe(fEmVHI{DFg(saf=w#|K=kh z{>d^4yqj?hd}DMz$Vk8IQRuWH>u<~31Ez0HK~pat!V}=7kp6ri@E|LZsZsizp=V$< zE$3I?&X*1`*B1c0%AaX4nW1p+IhZNoKJq*e_Uifu?k{QiYId3__j!w7v+(7k-QpN( zUFN(gZG1N$lsL!4{R>Fq53QX3d}RD7H@?s?SM# zfxb5Fu!8b7{7roFocq4u0GcfSTPvw6tQc4@eT{!}3d%>P>2wI-mp(|(oe<>FmySQ< zCNP(SRUF~{gUfRxG)F!uUs_uUCk;QNPk0n8S*pAfLzEAAohGBYoe`|!?haZ;uu?xR;twh7q z=-QSd#d}LcZpegClt-_06uvpEORtbf08Q?1zud~Uj=s`J1P-*=G1D2rE<)AZz8p^C ze{vs3)A--oo>8q9v(Muq3uh9sz&snU&wpw0f6W6kM>q(UPT`*7y&Q|hIi2$9U8nBB zuO^o5OV09ppv2=Ze{+Jn$a5KMqVsY(TZjhjP_6MdS1Vq;HAk>$`09)sEh6`^@ihyNO@^&kwVwK70-iFt3}UOJO5pHA=s=F6qu)QJLi3 zi#YxC)2_~gpdV6Dg4)mg^c7eGO8Xzr~r1I%?At3=h6ZE~u@n5<9u?1g8*5%h0(m{;iGn?*X zU77o1XN^C(pi6JwIipHRHuk^y{?{oe+JhLawTjw+us6dy?zs1-54ThK_@nUH+;1M9 zJnXx41263JRXhmQH6>tc_|=da$9(t#6K31^)wtGEv{wDulW_2`pC!1yqCmfO1?4A4 z#a_X)Ywo{V2)kHkqIE<}0E1os_2&sFVKKH3N2>bOCs-AW61SKW1R2w&Hm;a ziQCRtcAdLsc1ih&hI^IfVR8=O-D{6;j^}adHhO`PA^PQ6*bTn)n9&h?$K8Q9se{|Ig5rg}08w^!q3K_4A>iN|%*(Zl-4wn)k zbuZjvj3yG~{*56*R4Er39q$_a<(wt=c&f*A-rH>xzFfO-e(KICv4F4=eR-Fz=n34q zu6RkHosr@3#SGmqe!V}u_X%8c_RXUSUBT}n)dSN!|IOzdpIT&;UAFo&9}=fAU8w9* zH%&)ko^(wk&FiPFxh+S8u!``P!(9Qe@wg0v$<456KQZW^{7vO>sjYl-t?*?!=;K(1 zZ~kT$Uv)Aq-evjO#cNs`^pT4Fa(d~CZ8=;D1od5ea1Do(!ah#Zsqap{*q5tyB;Rpq zH21?3;mM4xzd0lM08#X;E=-U(I^IFZHvXyirk^-&(26~Ma{;%gxqQXy33PUlj@>lK zgLb`rb*s9Kc=eBuXcwLoeJN}47q1$Kd%7Ia1QK!2aEfsKKQ*>Uwm#!JZ0(ExJFb&B zzT2pDrN^pc3UGE5m;CTuj(rywAHAWwQhw{Z*Ze)K16>?UzxeUvxxt$^LfSXCt};Kh z*L!^2Z@)ex+xpP0O-2~4k(${@2)upe`Dd=wt3C6)|K*X)oz3by-rr-)M>^YJHoPV{ zP=5%&wTR}k*5-}U&aZwhp3aMtG82z(?<)GP?+MiIlNWnE%jdTSHH%JB<6U2XX6J`% zDE?Eo)YOE1lRWpEC;YLg+c1)@++Dgh1y{U(k4E^DU%7ZNbCVz~4{`W6=dfu`ET$_D z`du78l#LL{KV0YfZv5~NhD01_`tmEWQmt|qlNBObXu+28a;Cq>H;b!jJ{>34{r0yO z%wQndo1s_Nc$wA`o#~h0tpnQOz8wE{1vk(U9Q9jgdo4 zPm!voJM*p4e{>IO56f5gsOe9BR6yPEhUzgw^;>wc?(T1WTahpI12J@&{jFt2qi~xb z79EN6KBvzPvFg+szWM$95ZFDZ>51`vL5{mIvlNFy>!P}LvMZN!hOd9?oR5p2=1(Za z%)fl^@e{M~2hC@{`2DkX>XU!alKUWhIfOq5=UBf50EHh%TBU@KY;*XHE( z{`k#*f;`)safeJ@MPvw1292)#S=YmU@UH;cJO39$soSb=6P$@v=41_;GW1{DeExC; zd+@(C!{^amRQKJs5YT%IY50%3`xgryf9lIo7}?)`%Y*n1LGo3)4h?3%xj@s03gS2C za!HzxrniyXOZev9ZZN}Trs-C3GG%dyDrUBUxEuX;dHB?~mYV@1)}Nug$;?AmfHjYC zA@L*cS8G}l^;z4Mr6Y3x<|oEu6C{le6z}Y8e6GOWdf8vQO@3-Z^MI!1xBb2%IOp^{ z!x3qzS?RB#+b5a%%N^CvygC?g`_{DrOfByd9(F@?sd4KkH%;zdUHsvWpEY1LcqEpo z{lP@N;NmbLALCs0<$woNN+TNT8^x~{mX=Ekf1cu!zrLg)w$$@j4TIt__G^#4b=jl6 z(*qlQ?aTheEK^KQ!1KbH|A+4yf7T^DTkqG_^=O4S><+_jh`dn?4GDlO@bkMyjN(6Q zHsFgN{;fCAqEzn21oEe^(vc!zc^}t7sr``A?vuCVWq6(c+{oN-`qL+si%-{WB|YM?$S6o31X-9sdaBHq7ZEdn1IAR_wPK;e{|f)<$raYD!j@P z)H?!gPB9$Eb#dZCrSQ=C&1FU0CpR`a0qftt`Rm)r@tN7va%14&=K)V1B+#l4SJv{& zsiZ&liRv%$YoB-Z;#5`ctLdH)*4^!5zc&(7dp<4=p#ot_8_yA-30wO+KW-#bFZ#uQ zV+5g+*EI@IVtR9M7nyP&)D9-`ZaBODO3D%4p@C`ph zp7kzX8s@zn)eG$2BFbs7`)$Afv9EZc2N?TJQ^c%%zrF7om9vCdL#J!-C*j8Lbl>Z0 zrCUJP!jl%C8rU5=jw)1M_Z}uf3ZS~MbFZmkkkP;EzdmmCXYGsQWj}Qxo)H-Tb>{)h z244V_i!)3RY4RY_oO47fpl@BiCLZE~<&H+V7z{+Qu98Ie>-Zdc1Vd^Fb^Dc)=*QdU zQR-qaMDjNe`>|0?geU7yPSjGK;F7C%?@a6stT?)f){$&?84>YmWRXjp%87xs(0 z)IG@qAxUg}>g;`3pM7*kZCbC$mcBf2-%Uz}N-^(VHxyXm=lJ5Xp|1fDXrLa|taDxM zXCP6HS$)?RYoE1`Kjg2Ves#56P(q3Gn~Pd|=Zi2+jgQd)F&{eQtj)4!?3G;g)8VEj zPK~`fOTYe&h?^w?6+m4EPULP4!1x<8>_9QN5G*DujFevuY*+=_WNJd~tq1^FZu(o- z1GsB*;0mAH4(f3_6U*hC>-)yZ7ol|h*1VIOPh`W`7*CrPU)tYwbUcH6xLm>`+iv~A z;#iUS0q}97pB_z*!zq}zlA)sG9Rve*7(pPO_$gKI0=2KY89+!^mS%h7woIKz^Yzzn z>`z=PXp*_32P2o9*v%VK;ce#UxV<&U@oXd zb1;zS@=c`{_>`!#U1O4i^;Drr;!#n+Jm&+b;|9L`)n_+@F)K)m`d^%h84uu$Xv|xH zOgDIW0<+g6B}ZquBb#YrJ7F5#NG^NmT;`GpELE+3`_`7(sQav|ukDz%wV(V5f4Cb5 zBnd*VNeaw_O)EMM(%m+L)CAqKDnS~f6G|!f^W!JDbPvhi|TKkeV(5rDw?sAt>y%iRu31st(C zCPVq>4iackew#6q2zO@09zqKJqY}lMQp|xAR z`cE#!xZhZ?#r=`MQ#9@IoYTYHWp*ZiZY4k+XlZJ-Q%~AooqOLtIycD6KkGjVw-Lwz zi7&(7d$M&)kiy#B3!$mR{S15aFA3}c>P>%he?R$`+h98mAv!!9*YK(eAblOXk7fP<&hMVpC%%kT@;&Bb%S!CKjHYXf+{EElAZ^i)4@x));FBV&4JR0+k`(XXnj4CTX zz*Z6QmCP=5LE1Zj0~s0sncp>L-ejqu`{TDS7JqR}Q+D4d?#9PYJvqnZn3%yAENXb3 zZT(};Q94&?JS@&leR~UtV6TJNK{GzY?{yAd5J5(ST%MDE^phCJ}RdNX=6 z0PY}7hzHq|Z#HM9zj<-vQ`6_Oe``aiDES+P!5pFA+1@w3Z_*~G2kR=TB$`?Ujqm6R z=YG%pT^GO5T zsrR$)X%Ue*vVPhXU6X>l==Mxt1k9^d|NI=&{o#bq8$QLELq#ys8h>q-C0OP4&)TLB z4NE(St~PS}ECp$KvP*0ZKy@E&qLnp7D%7c4(0td=6_oX4lz*=qawmg{8Zk>I4fwHt z^ivEY&|_ti`2KJ0Zk78*dFll&i=W!5+x^-!2%Y{IGTAZqkde`3vi;XK^91XiXNXey z#0Wn%xx0Hg65_KPKT|T%*$-+~wvYkdCK=p|Z!U`67{?r*r#AiidZr|ty~4N4Qr`P{ zox3L&y=V5e@68fqMK7#we=&T$Y=7G*;dkyJ>qeyOh28jq>iP|(NzAj-OQiK27zc9m zm*6wZ#cLT6nW~QlV~hHd(y0NzYOs|w5Y4@J4I*oEnLLJvh|zDn^-sRzlYg^8db~wH zIp+f6f!IMAXF~hj9wD1se1rs{=qO_`B@JWQhfX;{}L!YN51wfbuacvnx`;nhIwYa=XZlz z_@43?$GM1QLRi~lWc_nu!b}8^%`Gw0bGjuxjrvjWbN`5*_s@@AJp5w*)<6Wdf(jYE zAoz+wP4>x6v>bAJJve))vxhTDIUUG=BOE5w5hV0Y2rKZPb;=*^TMmqUMUujJ{J|Kq z)P_6x$Uo2UPE_v%l6~BF?d?Y=9?$EMmw>B&_dNdW)6*zagzpHDULxE_K!9FvXiUS?3A$MN&wiE< z4qC-<1C+P-V>_Qc2L?`D2sCH#0-CEI*FaFrz4SC7x)ebNDTu#oVAxMC7&_}_C_gqA zFji+gUKa{>xX_pw;dk{2bZ_*P)__G??ms>;GCNTO<+K*XkN;!E<5M(ERF}@n9YV=I z0|m*-^NOKXuqSn{u7T*CZeTJa_Xg&ozJX-aXnEz}VFPR=ZPL9-xfz z{zx7Ex9;9Nxn*U{l<@P2tO=RmiIuv#>a%-f!2Zqu`Y>bNdBNp4bF4O){mI8J{+&0l z@clkc0FW;EwBwsks^q)0mAU@L7LNVdgPG5OJpZxlLUaoCxL}+FU#nnDAt~n@f+>IJ zWBIdw7e6Qbci&;(sA=dNJsYNd0?HiHh{tNMA0aF^^a+7?L?WUzxB1xS|Ur}FEIS(_muoXE(@eKDBd@p z)*czKb0pUA%HzA|>XSPwLJCTJAryXU3x$8&(PZ;SQb1y4zlJp--z3$#2yKRI>(0KD zP2Y8|iq7_*yuh18dh!pZKdoCI|H)6qF=P_?Sw$;y$?C+v=<353iofH_ANCb{z^I|n z%KpUBfz{_vISWXAGqGv2|7Wex72G~!16T6IU_W^!wdZD6GV)|aBXGp7K9Y2tThv7q zHaL&{6tmQS)?sO%^_?eDrS_3if7iDD z)QNuP^|uboGV9@WTR5V(P3oc5MP>r8-uDe@>5K>i1XlieR)OYzYWXmc$EEN`JB=I< zm}J|%)7-Vp4utTBBw(0HOeywn_{p8m3mQ^mYM4Jcz=_x5J6O|qpk>q59BKIt`t}uc zQvyPv$@$%%!!f6Ruykbst4)4J(HG0O^@T7T=?1o+T_UOYzoV)mVtnH?Jl zSnRKX`^1<|wO8(lK6?EFbG3Tv0TkzW zH5u!hhRP z61B~Ph5y;lvs@0BUB{0{znXBpnHE* zpk6M7S)B*vhF<5R3@!62(lBYxhXGg0Uu_or(Po5)EI;_K+;|?yNwIrB(dalp`HnvG zjjy!txLtU;eAZ=l8EG%xk0dH7ex0gASWg+&>v&Hp+7Xg(^ly5;X%Vtl*Un{g?gE^H2Dq`n0u_N?C|M+BD-Hu1yh_ z<^XBO*^*q6^u=3IdN*jBC5GuQw-hioCpmqg0l2%US!8XEk{gpV^^{8lHuakH!N{1T zuxUg_w)F4%?$0EC)@wP{t^BEDTbE9vdzgHnI~mhvM?TtZZfzO1s1*CBpG*M>7xpCx z-^aK6pWLib$WE7+25nZ9MjP}Rzq1;b@2v4%kMXlW{A1e9j|waverK_?fC2iQhfV96hHex#8&}A0Il6t;30M>_%hzv^9}Yejji|Q zFIHQ|ZDLINW#HSN`aLa3h00*zv?Zjo5@dfOJzUQo`1RPovoSTMx5_aNUfiR6_`#Tb=w)oZ>|2fR+u&a8hOVnaG>ANToNxLbse|Q=;MB8~ zOsCT)E+z}O#WS$}uFcnX=#%(_U&d+Bjm3G2xPICJr>*zrn4mVY`OxNPBwPN;$>+uW zs#zv^95*as_kY zl@6c3I-Fgx3|&Ij@bsf9s~7oxXfT-}X?@z{K7Zs{&eF?BUoUbEyFap#T(t`l0hR>y z^`mJZAvhYQD?Z*1JGH|U2GP~Yoa1+_@u#kz)s4!inr|%LH|4vE?;v%}g`6GLcglY` zf0yt#E}@TGA^h@3%*x8Cbm&i&Q0YLg7i#tV?GJ7cF4r#KASO3nVgG~SPusDg@r=x; zzg2)`=KDMG&`&4<)xV#`zNn&O0N{0aS7{>4h1Lw~QQpw|RRczQY;>PM5HFP8cmDKI zy6soaYH+$yNWwT)@7@k06DUV1JCDSVhF}+-gxj(EyZdp> z!-ZrL28K@mm)lOs$rCs|22PTF;ZtEM@M39AorI(ChNY>`rp7;ZNWOZHFe~Rq`%j!k zVN}@*skX%u?oIYGYUoDskFEw)ATRLdTXk7pXDc_h*tt~SDe9o~ob=mw|U>!xQ)!o+?J`{R6owncy3gt2p3qe`EV67AvmWFGlaJ zCv^D%l9}M+I1x^&gRuc4`4KDx9$0Bx=jyE1s!g6yG&z=s4RV$~&Is(oNHe?RV@=<} zJT$dgG<0oi=HJ-eH?LdbL9Ad1$9!IK-DZ=FPiChgp`lg9tWb{7XfG35Xd7UIa~xMhQF z=X_n~nWmL4-%$yxtoQM;{Mm<9_(U5yQhNT9sa>DF+N$rvEVEq+h^nSNBz=7a;UN6O zyQHgTji;Z9G1&p?N!cMzpPt!!AHjzzM?WQ+QrA$z}5X zREE&W0nEhxM*h1Nmwh>L?%zFp8|*R!)T<)&2B8jR%A?aC20bAaZ{5ui8z%5n!{;mq zx-Od`2!`){56!(f^Q+_k&Eq_c(4)9BKrNFFUtIYJv0=Z(wK=_%Ly9u;>SrB8?m1Ge z@Z$}t_Sz(o-o@!_#jx{!JO(C9xwg2of{w=g-CYhHb&WD~{lm+pz{2%vyaRp665*$)L`G`8d zJr+WW_ML0vFtzqK0P5{=iX?SZXu|~ai>#x$EV~ySEl;-SGU_@q5vT+4t%MA zpL3q4!PcxzwL}}`iE=VsegQ(K|Y95lU8Qm^NPZ$NeM!g81^T zdQwGfYvILgaVNzyy&@&Z)pv-0x0Fk|F1*@#eyWy?fKN%s@#B_2+zLVXOqygD1q*`M z!mnEY-{+oHaY8?av0eG=w^SxAV$;aTNe5~8E3Xqq{V4v%fsBQNVW@+92tDGt^AsBfqaoH<;8PnCeUjZb=)dtr z#HLZELpZl0HyN-w0;9#={_%C)^NQo1dk;khcJ+@jISMdcR0GyTdHZ_i<2tFG7F{!G zH3ZajMq-byFuWO}CPq7+qREub#|L%)SElaVRo{B^VfloMDfTGE5}aHE&=nI#20f}J zs_Az>C4lth$6iHf0O-AALj^j5&CQLdg*FSIe`DOi72|&Dz4_R#oXV0x%5f&E+vqO1 zI3fy$B@-Hxc$8yvC5f8boX02e53(i*`xc=K3vJIr#W@4X0oA6GR%BClx9;(;6gfb*)UIGwqpA z^bLw;FwWLn<$;eQZE{s=*yaB0$tmd{IJo@jDRhmEd7fi~q&Bi1*Iv6HZWi>E8Pt5+KKd5P3J=#JA>BVoot1|>` zzYpXPm*k>NxJn@U-Jo72X)pQ$CTk;#B(c1DJ+~YItnf`Cauh^ohWm^End&;*GD#VG z8{e96v(a{)o}V3{3w$=>l=h-qYUFmxefA>@QY#E&gzh`*n=>=XhK_6QYIw8d>k+GV@2GFH7eqfcTa}hyzcQ=R=DdBqB{}QNpMdG zKe}uxH<}{nH3XU=rcNu)qFmPWo_#uYXh)kNY5raN*VS8sP3EEc=2Ry_Rnc{-laV(P zsQqqx77%FRS!dAjum6B9{}J)0wp{*0@QUiefnXlTBoVtXNl^{10w~umB|X2qbuRgY z`p2$6uUZZOH$ce033)VMnd~?7^WedNC1G21pW(l@IxgOKLPZCjJbA#44VcDvGyrkv z-nT~H_H(yVp}qSDCyL^QdtS8Zh!;oDF#o{_^gi-vp>sY3~?#+>KId)gQ^1XL;d;8vtAPD@4~kc^D=dB0^|lIc?v*T*CCvSkh}O z8VQx*cPvKX_h5d2x5tCgXNmgVckFu}@H5Yw^?7~IS$L*#2!O_+rOz{AW^#HJ{@SKf zvG3R5P43ojUkq~Fo^giG$iOW?T_KJ$Lfb#OcKg=goCx)PSU>T#49WGi2VOwD9Qp04 zzr~R{{Cn2Gs=;u@#p)Eia)N_`Vh)l-&>9Tc(^+)?d5&vj%7-g-n!IV(c;wQ*_GtxC z1Ob3LP9q@b6mpdh?VsM;PwzU#VseV`^8Utp){^y zBbnh;*DvQ{i7okGES6kYOcSR1!cv$haG@8H@uNqQxP+eIQ1RDORdOgiG*tLpBRA}G}oF{De<#r4woG@euLB}NRp<0_)KoZ z^mzZBCoAxUd2y1i4O+pvY+`ll!lq|I$p7w5`NJ>5i(gCy>HAmm*o!oj^5L5_A1}1% z`-R}k!r$04anG1SCG@hfSYMw{xi4M-y0t!B9$)e~ zkUi=z&VL5;iJiqH&p`M@u@m=T1x?RhFS36AE4S6vbDSlS_BPnT370neQ)Q{!2s@zR zAqi>74egiAf&cL7tH=Bm2Xl)PbX`5r#9R4VWi^U>4@>+A{O88o zY4djVm#GL+QN!YtdFLK$$BII*vMUg{kmvfSxyePi{6|hNhjHgK>a@vMzp3m+8{1lC zON^q%R;_)3`q@ks{69SB)LHG)SxL<5E3Sa?1dG!+7{6$bif}3~0p;IZpl@4E?Ik_= zt^Ub5u&=7^6VM>;47ViJ92Cl)({Y&bUHpwDTs?HxjG_k}yJ89A{hoealnwWB?!5o8 z!|YWQWT2gL#bC8U_)J$*3)i=%)%NvszFx8YYlof95$H!^X~C~rVccS*M(ywyE;Ike z$GfNd#Zsgbncc;atSB5~wJ9X%SUr{d69>MQk-7YCA;9NCUGHc<; z;3Q%``eM4j-%+~y{$SDJ0G;xC#y3DON>w)^8*dUds`gDEn6=x0eH{O>#qHI%m8bUB z{MH<9;Z@Vvf@2Gkwn{%k@MFEfG`0+g0iQkf&wP|hV6Qm1qP3&WO-2CtKWD*LKkDbzbsBnU5Y2bFNw9<#V2W}Xx?`&^P+hH-HW+ z;wt~(Dba71cIHzR(BIAhrk1ayhR@TaGeCd+!TahT!TIJe7uTIoE;YoiBR$y5Elcm# zql=9jd}#0ePg|co|P-uHqGfLi3|lFnh}x!&ikm7FD&+F zex3T{n09CvD8Kr81&zRlYlXmsryUx7m*DD9|J37s&qdQ~deT9D=Zm#(j!fD)dOWaa z+vSD6+7)0o(O<5>b{AKGRAfxPT;X%|+cF3UkZvk1r^!?i4cwi`N_2zdA5P7~mv0~@ zIDMa{nKB0Fd6NC`07KPAV6(~KWC8FTSW&ETShFa7JN0~n*?#BdKdl~AFF-yOt79y4^fYrPe?s0G_+tnRZJ7Lg+nRH3?Kk6 z$}sP>%!5z7{eL*)Pk))QPQSTdjr#%sTUBYAQa}bxP3VJV<2>C~Ux%(a)0+Xj8 zJ?h4FRw#C-^I3-uaH}--oGta`fA*G;UzdO1`TE@C(@x)0b{WmM+NtS9zHS(gLJk@c z=3o5xKi(T52jz9%F=(@1?p1D?`TY*`b0mT{I5g#dW3b#e=QU4z`I`^)yn0%u7ZQw9 zOVxoI(g^4}>K^4MT>i16?6=1@7?-c=!ZFvGUe!EtN@KQa1DLjVl8f6pIJ zhkW%`Lcn~m-z>92-h)}i-lqX&@F7^1k(+|%wkwnW@`=niakkV#t*~5J*XD4eCmlG= zk2{SxvyEDilcKT`{^^x$#cAmx4D%1T0aswHm4U)=Cygm1t4sA{ftePH58LOXY( za>Z;GdKkyYzj1X%?2CXF#K*69!Bnr^Am6Ia0NGl@s9_v0j6Xdv`A(L-6aEuJ@EoUi zW(G6Cb+$EJd!1*aqi@)rR~URR@`I}T6ZYHLzcB{+$`cdl1^;q~>iM|(v9NiTY3lI^ zNATo#rN)S~U;FJ}T``Hr7aQA^E1$aJ2zQ)kfQ9xtd(Fyz6CsXr)RQg2fAaND`4Eb8 z_NVzh?DtRpioiXk4=tXi(-dKZqW{K#-affd6(Zj(WS6&^?ItKO(b;|EhB5R z5+9Gg_iqeU=T7{^(*jmF-!n+}!OJc=8!!o2{g{KFW@Fa)gFy9w-Tt1LFq?W|JPS@S z;cGaD>sx;4v3cTLb{HLGRfA$_HWSK$ogxXh@K)ly%9j-0@ zi+#hZ_P-cAH279>>S9!&_bltj5?q;2Rssw_KT|9FCr|fz^~XAOD39j)o6AQq0PyP#;zhiXQk#oswH>hDb3Z zcmIo9TF4Sqo`l79u(}iPFz)B{2i*-$!BrT>J@R|<;s(+jFaO}QYQF`bBVmn{(f056 zWCYb70FanKq!LRo^F}rmdzrsHC7sF1R z3hT7dG$lZvZaNjBzdhnuti5v#SQX)T#Yir{x4<-x`tTIX2C5A!iFN<#;du4KhOuhB zx>5>KdHV2=?d8vLP(@dhx`BkO*Aw{um*21vTC; z6H;wBtvUe-_3wME66>^^`neg!m2;x7&J|zOPk+*)6nXeQ*rzp@80S7sZ})EuoA0Xc zyIv5$VXyvW)%z(Er;$#jTtSl(A<9LL`9JmYr>zyP7}9B7LIHYzbIezg<3#N9&_%%kR_fPw;{bH`(xJ(`lVK1C+Ze?@112XH!HdFTYN$(a-Na*rb-S!__ zgsm)xh3OpYD^6|E2NPg9`K zTWumk?|_mfYw=$>{mlrkbxXf-KnmL}E)2T9 zZ~E>uZ!ktJcQnYE;3!gxRya=`%?I!DF`^+t^i+@i<=GZ-^)gzWh3>5DGKcvD_cY!h zLRY77Ebw|L@~obmzy<^o-IF|6U9k6iI@-NBKPH5VQv0rhIITN=0;7DdlK0I<9m1xj zQeq59SHTD=B?MX+<)bg=jIJb_=6~jS(vs(C1fh=f;|mPE#H$D7$*Dmau&z8%>Wyd8 zh^8k13BV3U8wgZVfTAEY|KL5|ozOtMG8Ku;=7KzGlp`vA{_$zW6_+_6Kp}L39QZPP zHk51L{ERX~;=>tuGFHycvwgg2Nm|K!i2lPpnV|pXT-6i&Dz03Q>P^Z$Xb-tbRK`cj z`gO#+rY`(Sn-!*(Kj3?qKV&+<6YvIQ<&(E>93%(?)%yv+F(9{1uzuSL*~AEezKM$D znr_EHVQI0w%mW7<*6|UtYrlU0(a~X_>sM#?j*kmTOpL1(lZv`o6%;Vxo0dyhLP-Zb zqvsu%O*wHBsTN69<8U`gzv^b$tDiM9bl>`l>Gon(X#^6$&&at3B5Ybfva0(C&7B_C zDww4oKK;P#O`=_n29~i0B_AFfDz%^fX~qVCPQ&Z`MsM+&28DyjHNf1~)kCd5yK2yk zYV2{>Ubs&K<;TmN`z7Rs(6Nkcglsbx=-u8o(&{VpwOY5y)Tz zb+CK{yf%z|bOQia+(E2|h>C(w5*xq@k?>07_+)*ehE?W1fb2L}1vp`;o_^8Itd|*E zo-^h-`~=!*ZUAaJd9SQ52oxo9M@Vu*jxlkUHGL^#O%M4_0(w){ zTTZ6(Na%S!g5au!G)NIQHr5j2hG$^C?G*lIL8>B@=eut*ZS_?m@Nh7$$ zR3o4QSNqg7u<<1n)23FybpF}S_iyYXze`kd3;?Jr%7GsHu})x1lGsvO4{8TB&9Y_y z7jDozIjx|qF_8{yPXenBgotQ@Ahg|E^f(SX&ohGKvNZI-<_VObLID|zIyz1PQcFzZ z4kot)0N#xbEQ;Ffxt)`3Pzmr6mtzI{_GVX*+z<`(0UD&xkcOM{@nooP=LIyXgyCxp zgv|QsMP1epd@!Pl8;ubk7XJWptqQx40W-3eOTw!@TU#S~lza9&uhh7$H!z|B{-Aps z0J){0iEORv(cVC+Bv0cL=rL89bFM~6lz%Xn)=s1Xek#JJMu}=cj|5{?1Zj{w*&WEa zzV3zeNecX-_S1Mm5z=~Bi)Or4W-7bjtvtgyK$uTsXNPG1K>4VRoa&zbP zRYL^TZVTB9%kpL`vccY)H)2^&U4M-Mq~6#WXUu+j3J97$z$tyNgXvr7Lb!2=li=X4 zRvqn2MAnKD10OgZ2#a=b6xOZP0aAy^nw?78RH48^sS-XHD3)cv99={zdeiy$0R$n( zT{iGR3kst{46KTJnyZNvDP(yI;IMqYmiF;*OK(Tx?7f;b^!VI-SbFEC(!A^iZ~7YV zW~tf_8ht%5l{JIqjrvno^vMB68SPUrNYaMS7X^<5YlH8`7)y0cB4jqjnQohkdxMw3 zf1ymM$_h2V23?u;M`~D30zGdc8HuC+=uS%YFo5kQz8&a+vGD{uQyz;!3ZNDf%CHM- zIj*X93@_p1=_l2aoLE+(^9f;*opSiKLiX99z$_B*nZtFu)yIUM_XguLe)6-?(*gQZ z;cfb;1ugRxN97UH<8>(8kxjuZ(7!)Hm+VxEB~u(Jggyt_bFqd`^mdfyZfzr=Hq z@3Y{ZAY>*zIDS|qd-)jwd5wjPjq&2;o1G0CQ1drt>|OY&G$7CJd>|oI>T?nJV8PzV zR)+%7C~hUA(pz)x`3`_#B2==8Ew`ADPU@xP0+{c>PG<9xp>0P#Tsk_sWr`n-6yF~t zlD1*t>m!VSmJ|4J=Z}5rnT7dryI4((Vt@$6Cn|F)SJ+$7lDyr}E?tIC40!~g#DaEETk>y9}gS-Y%b(L5c^jX&nS`PEdjjpMYn9c&SO+3uY}&dOO=&^ zXg!`=n$>Obv9_3ILq%9*FnOC7B*xo=COXJ}?WM2Gss%bzbX8S@L;0~Bglt>jEgkk! zih14 z;Db3m->lrbZT$NU~`_6QERs( z|LDB|g{2Vz=Z~}UrRwaY<$;hM(UplmR~YQFtfdFHw(t|b;tELvw3cP=>Z4+M6x9;r zH&Xo2yaC-K`)FWi1nk>`8GSX7w>4xCu8HDY34=z>dXQZptU$^HUs4Ecp>rRnU_;r8 zQs77Z0=ZE(p`=`5IDAjl`#uWU@u;}-C4;HVrxk1fg3A1W4|BDK0U&}j`1EuB(x*dC z&XEBVndDlpP?9ACKwt-XJC#hXG*RCH%mgG5S!Rn5dSI=z?SB4ZnQZec71WWj*S>9T znc@Yx6az%hEK)SoLUIBCQ2*RIxRLPK<^g_2-JXPzXg|==2dxy$vuGurlP6)K%ZDos z8UmdS>#`8OiK1XmIhq7Mk4;J3JO7E+S<2|pbjEdV39zp+dj#W8-LL&;L6>>3V7|rM z`E$VM^feHxdx&0rDMw-*z#r;pxI_!>v^$tFiZ_6K>tLD}$FMKqSKF?~>_pr_f=;qW zpP}>-aZ*TQw^xVt2AanEyG;uqS7n36cg;ycNr#|2!WxqIG`xzP{2_PpIbLY z(c?*?@y#PKHtE{rkLj(RXe{K5p zZkIxL-^YR_(zu%&o`QEwZ@UO+vNEvh1yAQKe%yC=^tqva|FBp#NfMus0`&IW zJ!+)2%Q%Pa`Q=-@PTh?_=w2B^lp02t#f}Be~ZAEr9^^ zf#9)c#t<@uIxej-`#eH=Nj>stkI|+#!~l`q^y&C*`wQKKA~54N{9H3zGl)+T_o1A; zD+yn{Dz8l{delryLyp@P&INuI6x*pLaRemLfm6nw8TB>8NH%wR2g>mk_Kw9%uDPlnb?H3g>;6V*(Qj zSYFjm+BE!fXih=5Rz18BW#YoyWJCk>HVI1$SlJ%o{jo;k0`$k0p0{|U0U{zz64O$P zAY^uRR{$O5_Xk?36V-l@43fiD%%fmOz?UgtC-kmg=y;k(c7vg2yXJc`+&je4@0ckH z=JJb1Zb)PXAYAT9c{QjfE9wrw)}1$kotXKlQ#7&^HidPlcC>ZIj2@4cAYyW>AY)>I zanI5B1h@g6U&pgj=PxF`pyM1Zpuw+8?GvEAX?W>9W2b*6i!=I9FelU*-4Kwo8G2kj z-~d99$1nnj8u=B#>tL_YJR{}F4~$c1S-v}%r1M$vtFPKiFEV0+ob;0q9EigW|$~*^_l)Cp3 zELufTLjS-4>SP#p7hu!lZQ{bDI|f|lC3RCJ);gTN$USkjte8fQ5T4<*jdH#MXBYsz z)E~16G{`W_UFv8P5P0gx?d=W+aN>ptZJ$mq2n)aXL~GVoLqnt&tpE*p3J3UiCo`~X ze>bC$NQ@e;L%I81W^~3_sA(HJ5bjtoPl;Q~&dXzJ$~3OmKu7I6p{~h_%>|_E#M9a} z(8+T!(bf~Fo&SBfEl66@H*JN1HyAA*%IzOa?-!D=+9{S&ZC*}&kA-K1+S@*XXunY! zkJqmlWn2n8eHXE2)BIHT>4ot#Kt?)}=OT+)FVbHTP^{j!Iv*!*ffo`t001{WBtB+@ zdHXDdc_QY=2&Foiy)2L;M8|c(khE(+TqC5R^=fuNIF{W3Tj_DU#Qc5QG*IP*dUY{DkTRA9Fq%DmEQ1l_PEsTwymw+B}IFNJ_Iu##B%nA9%;D}-S zl_?-4gD)j2+KR~NvPV68j83NSmF9>rdA|;5n%9JLS0p7HcO@SHICt*n=DXa9^mq5X zX&KSH37FamP6tTJ%_!+mGz`Nuy{$Q{CxA${^{mV* zV&>#CUKasH0L&E}T#ainn zonQ~gPvBSH1_Iw*a+hK=+flW(HYeDH`oGQ8xe^c=qSeyXlMnd|-f((@*r7->T(RR3!asf(owE{Ba|FheOKk)En6}?>e%%R75yP z@?D4OT!$#->&+=caLx>xm=5{z zcrRkgOpsXjbd$q2Y0G;Bpg@fe3@|~DM+J0ko2R7R@4WAUi|GSz%$|CG^<&r3AO22T zVMZ;ZYql|Z>^Bj-UOix^9ElFSS*Z)c(~D1<)5-VW>yjUz2hr2HbvlRkK}#)RN-Z5d z-xhUCsu{?2@;x9GjRSbhz33G(%U;xTI+=X7rL5z$7cF|cg>dmVGba7m&piV}8Y56n zYgs^y#-bw~(huH>+56=;?^D3&YfciM`zafs9}FC&@COQJ1kR~~N`Q|n(liXVJvH}h z007P5kyE@j8wlseGZF`+Kl%%At?&w~8nztm1Y-}PbWbE?2A*s|N*IlyaPqh|!dNLK z##f9lgJGLwfZ9C(5wfIJ;twBi>{XzCzq-6+X zYYch{$1|826Xp#x%WUk40u={wSejyQov4P@kA#*C;AI??7R4V%Y$LCFDk+7qBBM%a z6EOlwm3bew6;yo4T{Y#meI?1^ZZ(iJ7~%;mRK1dDl_rfhy`w=fveHdCiAW}+9BHgB zAm+n@VthlQZwf!9mZp^m2FZ4C#WgR6`axj9-L(b}coe`3tvWzOQ(@{AI-mFK$u|YC zS6@4D^_RYf8lv`0BK($OD|o$?SFso-(UH8&0K+>$S-v zQw7a#e0AvbtpKa-JWXsIP);ty1IZF_i~3*;Xe-9r>x>1WpYUy1BkU&;kyd%((WuWsNMm~a@B*`m<`)#C;!NYXy3`%J>P%A}ATg2_arAmlCnUUoGJ z(!;|#nKX^~-QB*=8?v(1Z8~iOAZJv|lWhg-6?{}t<+~Q>V>VI9<(|Xu*J2DvOSQg! zIww>lreb){Z7C+7d67qq%<+e)94m6GXa({4z$O>jN=pgFrim}sSH-VF!C%8!c=t;Caa7|QYVn%9a`tp!E z;KZ`64m`|Pug+$40I}1X%Uj!LN?f*)Tlc4~e7qfIO*U+vHux>N<8y-5L$NXY{O0^>rirR5~uu1m2+g?QVaz>@Yq1K(*8jSqEZa9+l^SVwbZfAU{wj z)g&ILwmB_U5X&Tv3vl8NKP=;%HgDW}4pj-u>)NM%gIA!=jmm(-Sd}(SDZVk6`ORb~{&}F5;_$^cc9sRE*x;97QZx4RJvR>Ts%bX5*S`4|z1oYfWJ%$5g~Jj%!8xPKzlUeJ?xBKf|i zDY+{p=oAEV*Rx?3o7PZY&$JiWXrgf#j6i}INki@vvU||+%!0`iK3N57k!dXOH=^0c zWC5m;4Vr8(-Y9}TUuY+%6t3yT=`zf0yv>+T%PKh0`~+8+37-k#+xVVe>GwW(+{VdMJ4&I> zAFRQEtem$|rz3l8bvt(#7Hf6_N)+G1*lM_)1Y*{5Y?`KJL9Np((W*6kK&1oNdSDkL z3hyME$q?p}@FzKK3qxnKJacV^+QS~xpkH7?uFtl`c#L{YT@@8NeZh~pJ777A$$P6hd-Fh?c@e`s2L<850U=TYJ^g~mE)VsSp`mII zR%Gh0>=qnNfbRUSxGQeR0x)S7^{@)yiz9A#mcvi@heZ;IJA{K$pt(uuqv`1Kj%-5h zxKITYZyiU_Fh>fG0A(8W!c$MyO=%0up8Wjb^x)3)=0LllHiE_qKM86@R37c0fdWDZ z|Mi=><^iW%EIW?GcZ%+xEKs7uD@Gp&`C6r&N+ppblM?kwUFMdaMp!f*UAUohcZxlF zfT!C&M&8z@9PQ}&h-6f8ck?(SDhmnK_w|xHk)!*E5=_$TBoJM3w`sp#)OD9{ls`4* zl!NoyOt35#Ysab5ex1>aFD`w>vhgb>!DHgcW%J~rC|Ra`Hx^_Ads`xV{t7@I)Mz4o zIu~F)F=s;?h=m9q3wy$@%yS;s*@>e`x;fzcs=!BFPxUG`F!WwZ)o2)`D6_Ca!B zw6IjhJG{=blr(ESio+dTW)d*F)k1PlnTmPH>&4vWPko#@bfV8O;+g0BBtFiyf^#9v zpX;_Rz`GO*w-K>1OhH-NL0_!y3W+bs-WUO;N3} zRWjH!K)w$=L3$kiS?+!_;vNQRzjd{O94SZl)J8#(2 zjX_UWfs7DRMVH9wa#i1WK5OLn+bchqJ}+j=*e-0LGC-9lq*-L3^5NiVbpRwd^d*~1 zu;lJ3%5@Slr|*^zO~om(Xh|ZGtj~eXyEEJ#0lk0`^?ZF~96i>h32rk?4q?q`MXg)w zn?66=+^0cVB-T;sm=RK6lt7i~53o-lsTT1vtBUX1Ffrv4dss6LIs!qu_dpy=9jUlM z$`<>L8mc_T>XQ2yK+nua$0Ws94ZmP4>jdba)n9l_c?~TiDZD7 zzt3^jLPCs|hW1&X>A*Gdj3PAyq1_c`?=z4;X(~e2M#1L~6nHbg6ZEYna-xJ5fvgR5 zM&>s{pSyi{@meB|Ow{q5-rnk`jDyk4>G|2|X>ZYYui)((%JX)+!a5~b;wmWz%rr->Vx7%TS<538im9olB3gKL>RY>}= zRO8{60Ha}?kMqXOublOXze3c`#xhP2#5%i$21f;O*(?abW@?tlz=C+C9GU0N?ZiG zEV#nbHKK0P_=M4J`wW1V??1UQ)N5vp6DuLG__^l2F~$TuEuSwy(0S@2e?l`qR32L$ zW*~{@kB2o{4WuX_QIrF0Sdc>#Bk+nB3w^i;FzHS*fNPM=wsM;dyUy(VioLyQa=RZ& zG!!iO^6B9=jj7K8xMbN6;vj=)#7%`oP6td%!E;oKMo(%!bC#%V zr3i8`N@`oPV*_(0brt55~i zwXt3q=`kG~-+wyu*fo;-1R9xUWN2sgzByAfqX$Xfl+W4+y`E(@M3OXlyT=7M0_DI= z`9KGBpW}=5T3~W+xh%^RX5D_~cNKML)Jz|Dee3H^9@ zq$89o4c#R9c1{!QwH(MH49S`vpraW@C7Dofpi)?btvkd~Gmf5-Z^nfpTTOR7SW`(f*QeAC0G2;$yU`;i&JXRqZ|G>H6gF|La{%hRj37?YuLNd!x zq2Rc)r>20BijXlFh3u1Bv5CzcRUfLD(qKvgiw#DD6PuPROpl*+Csdg!rbeBG3>Oy^ zAYOo)HTx9jxgQeC5D$otkL)3J&x8g&_{o3u{qf|;94H`KdQI*9CzfzEwPE=;A5JI@ zG&_8Rd?=H;0Rdxl*8~WV78oG|U1GB!OO$M6Y!ZeR>n;3O~7qH-yt)j9)^5CNA<;)2E9>UUS+RAu~yt3rsQ% zH$s~aR(yK9k3dg$M}=^L=ehF6)!K$o0L_=xTd^TQh@jO)wN#|@x9aI{c6Gv^V*NCf zP4F(n2HZdz6cMe@nY7&%a`}@lI=HaoPT_slIg=*3U4oV&irZ)V;Uq;tUG)=S(g+#5 zedC!W#A10n62~(-DKo(e%W3eD^bne)%+#%xeW*PF+p*QHNDKiMU;n}B3 zY+*Ll*7#UmVc*!SXKh+)GFsu40!D2zOXx=#KaD=m&)cXJEt`VqSc;AwF5hk?XhC`c zqGJhDC=}%qP#0^z3A0U`(p{ka23=M9QIK`|p^pe0Or%Wd^kfFUE=Fq(k`t_2c%TBn zx^Sk6pJv0+Ly9J&nx(#bf7L1IhNc><@Qv@PMS~R)93ND!MbQHbWYmkY+beo%iwH*V z6pdfY!;5xjpC?mL3V*aE*jj-pL9dj^*hV+??qMI)L&Nn1Cn=ISl?e{;6R!tD&284N zz&B2ZCFqLDmOo)9&rc)WI)oMLk}fjXOg|Hk{qd8+?WHg*l^~OH|K^q6r6(tv2w$LC zhidPZP;uDWFj04zk#TE34Ict(z*w6;;bmPTI(D;4vV{i{OD;7H>S~1WGH6&L`9%5z z%NX~8`sGtbhyIeyfHl=u_pi`~d>Jt~$?%EHoPfo(K?5GuRqde(nk? z=^Otmzfaq|2Qb~{)`=!=`(iYu&|x)3j$m0FQCm@Jc=Ks)3=h*lZfl0iHkim9(gIMk zMOgJ2rBnU+<_IXJ_6PIuK|8JhIEMRr4wa}p2{v2!%q#TeO`Fx12>QmHfXGOI3w~gM zOGAs@0nZ$^-m35!4%Syk{X>NH^uF~X^Bw2YFz&?D?M!627WLlTdD;#r7y?VX=5WBP z5Z1J}Qxm-UP4e;KEZYeVXxa}y;COR;bR=l4KAKgcEpnXDC>w6&Fi*GKcT`$%Zj|_; z&Dl@Z#B4MneW8cLr|YXzI``x|(MTWoVng@O(1R`+Zl=d&Q503l{TIHtdVFMuAH7|s zcsUNmaNRs@&&O3=nGh!<4F`qY;df&wQ6!I`o{$>GdlcEXIzzgudwS&4CLj<^^g_cA zOO^w#lEi_q9r1YsVzs3MR`{%~d-(%&H*5-Dm1XS8hKNTrBqN(cv1}hWG;N8e;@h-6 zfG{R`LIgXfONbg5moDsc=b54K9^gZqVe3T+KiIr47!Sy9?3M^AcvC-ZJI`gA2(K2) zGvs|7IAM|dKuhNkf0EOSKcy#sihvq?NCRk?Hy7~-NQCYC1h&V9SA4BP9}UjwdmTpvee_*#2o#qM zd;w?pLn&DyzqyvfLQ@jph~zsTTGrOI^Kt7KRk@O=L^W>;x?UWjhpi&y2v(M>Qz=+& zJat4Ve)PyJ?CHZ}zs{MMoqcRRk~|8a(NmXpj$xk>7kPWx)xcuhQg9F(R|4pK42}3H zpt}Dm8yL||pdc=XF(^V8!%v?jq) zsE;r}(7_rZ(MN(=Jg0eX>G84#--Acaa95*^{km<=)}{{zX@7D z0Mnexgq?4h2qwdVFPRLs-XqEKi3X;D>&EfLeOY=G}f&b zg3s?R6j4G2=+j0r$Vr>gecAv`*NGsbqfBxc2P-cQc`{sQYC!kqH>`o!p7N*0E%Jj!le#WhB6DzL>KW@R%we-hDMyrLVdb~ft`Gut}=X2IIFDlJ7KHN!) zp0fz1bS-+nP<2#o@v&3%h^LNIf~5B8i5SdIX=_$A-6v6nv$(&pbw&22)`*cek15_i zA5_<{pjGHWET6t)q!SodPI8KT_S{Bc%Flmcz;n&pxBGZ@aVC=V!%n_uq26ios;0Ql zdheW`HEL7X%ja;pyD8s$D6(pmo-RNlT2tG1`UWYA-Zmb?aPg6m0nb0^Z1_OR6BU z+ovO4v?`6kZOz^)1zyQa4wZqu#lJ?2WamhGwcW(g79`PS9v$o(4@gpjv%I60V^v-N zQl$m=vMDL~v~<#e0hm7t9L0eJ{-pF4s$-MR7lFx2iTaIU-W!v__t9xm=ju&lWe=90 zZ!AHXAE{l!-gs=y`<$wFlCHjN&9waBP-dV#++ycyf|))Zq#FtfN<=a)<5j&m`g>p( z7C}B*D=&%7fF1RG5U)m$`z^SUYKRz5(53i0_mq+VWb_}5!kTO@e@q4Gz}Zl)^KRl{ zF<^k81R;UF5CA%qlvRFOKcbwAQ%2mOG1cF9+pHYtr zdVJ8{TP6mX0p4n6#9b_#Qi|kjTy_s}98>_!lhvzm8r@=HOP;jhD70`Q9&WJ#(4%Qm zOl|vvn&gAUkCYPyy|SexUa3k3NEVXh(6-4JHnGDsth=_l?J$ zW>gw5K7{(Pzy3*_II+?v0di&tviB5OEya}9D3!Su(h%GaplL~9&?m;ya{UhDZy#t|WKF@3A?wM6B8)|4exAqo?> z`wyQu{Rk`B$hB|AgAtg%^GWgCxHvd+upw9SK;kZhdYs8XrB40h)cf!)(+dH&OGGKi zyP$h*BTSh>&DkO=t5|DgM|ST3XF!<0CE3EO(Na1l6zZqeSf0g<XkB|G7l=ZE^>H#_to6fW0CtLGx6^bRSf+~r)2`>PH1ExZ0MXLGb=Pw| z4lLp=4xe77$jL^%FaG$}fMO!2z3`Y19^YI}ZjVn)0(DTPNvd$-VG6>5{6l|WlFwYA z8%UM(XM7+#49Qa3QnHNJH~osE!5${y9zJ!XtD!>hm34#TP6us6J|D!Tb6qnpo^r&C3pfRcJmpft?oJ0AeeTbJ%@4`&E&}ZNouTk|BjKq-<$taAI7mp%m{ha zL>zV#-3bqqc!G0e7=t;(1u_eHtwQ?;sMRbA*M7CdKXS#rnbj(4(k=%(xH!RMV@{Ow z=)LBo&$B@i{lijxJbiRB;kMu&6U9%VkOLZrNH3G2>Fv@#g`6PuQv9LpO|`ss*_@y*XWxgBx5 z6RtltuUrq>|E%cN^O}~ueHu7!M!+dG#!5d}*DyYJfsttT0||vA7~j|&Unn4w+5Q0F z{XwpC)Pg82AJ#1T0nl@K+cT6(8sMZYHA#cfnx<}=OAwlk894>e@*ai$w;$48>WM>u z=L4C=>+|%A3kDp`JCtYxm{Xh0;ZQ$-3Nnd@3!i^yvadIt)pPy%Go)kP=z~R`R(0Xw zqlSBwx6wK~PQTYvQfFiU^wehQD|_7Qyz`9~p732Z*&o@9jFJe+H{!feV3e~@sClP* z@OS+-8EfC*#GNm7Lk!vN=}kP#|K?xZHeWqWkj^E)IYX!QmO0_v5gJa+O*$E3czWiA z^!A?jbzhba@8n+cTfrE$g0NX*wfz0FR~LROjk`eKoeaDimrOfea&DhmKXC6RQm_CX zG9qKuXrfK6XEn}cRn9#Rv}@DK_PFF1E9B=Jl zNUOPqidw(898|s256Sp)mm zEl#}aJjq>;I`s|`GiG<6<`*|UyYa-02Q>z?>LlOXEI??>aL_RV8`~Z-3v$z;xD62> zei1T?=IcmmaTVGTlH?!QJRG+8llLm9+<{aN=Ns?UUe7DXPu?&vdt2j4Y6Ab(s7<<& z!GVDA;1bX~y@j3fDJ7GDv>as{?6AIr(WC@ z(}QXAbTy!>T~cR4^e8Okjh&d{r;Z2Q&b`+^=-qa|y5+tGgKk1V_3IMq5CH1^4HTWb zDy^34%cZkhScAqBx+0Zqv^`-HC|8-;AAWGX>s_nrlMW59>)ONMERSw(Dmh|R<*BJi zSLjIGPhX_WOiRO!NDC|fP&S(R+~^x{3(rSsBpgm(y%D(LY7j|t59r?h9%Ec=v^@3s zW82ocOU4E+blq@~2%DR1ln)q*-!W2SkxL1jZlE2ywNI2U9@FT+m}>muU*+4lKiIZo zg^nqH*SXAZEND-h19rM@@p|>f!&X_7a_tbIGJ0AE!xO63$cb)A#Aa0p<5XUzMs@jZ zpO%+=>I3z7?(;V$@qD>OkTkd1n`9EI3FuktFDLgw09BmJSAAxkztqWnqrW&p$ud<} zdiCS`PQl_e887y8$3zt?iQCEoQ!!Af@~LI}=%qp(_K9S)U-p~hK#m=CR<#+&y!2Z( zd`io*!^xhp^(I=H*-8Dw3X0RZwY~V{yUA}rYt*(3B`+Q7q|~ZW=gXrx*1Q#WHftWy z`~Jme+=G>NMn@&=G`A1jpa-)R$)~A{WANHmht42bTV9!l@CF4M@Z1rP=}yv40^Zt{ zoRsL7jeR_7PB>X1rxvJdTroSoTd*h1r^Jmsa6lT%R?$XWR9E)RRN;>DO`7;zIQBXK zERn5&aE1nGMxM9>qv|O$x4%9NwF%n>4~9KW+&8CKWQ4v?PQe!LT76SUQBsF-@t>Yn z-%WO4+iW=@GDfjam5fc%+K@jo%_SF3O5vNIem^ULnBQKH$9kic4vVeM_BsmNXyk)> zF0PmxP5AYqB`=Nn!7Cn9sJI(f(d~zij0_8!w=joM*qupPX_H&2i(%x6s%p{JKOQMQ6RKe5nk}%&-{jpn;uI)Vhz~n*87AV#=w7r#UYw zgZj0f+4g*3?Wfd29L(F?D&7>Opg`|@&m(^J=JSA9=0FbH;lIwS$hJp$VhOIH%oM^> zG$!WhVV%ot?hgqWJAIu4vmCPES50Xs0E|kt(`>x!@7^k1k8zpUAa96&4OvTDH_}Jg zcr};#&9C$9Q>TaX;@lFBwpszkVgs|%*zrVP2<@F%XG#%NuYX~==fy>zbhp9ZA_Arp zCQk3IG}A2ej*T_{sTsrzNNKhRmrsys|F938)YZ1&GvNH zI3&~HhUW0XO`_XjK9MRw3cH#OlE`o`os#;s)^_x8SSBWt<_E{wpGU@#hxH_R8d@zo zCG=tD1~=&fPN19NrRFfh0woj~nV`eV3rIU3YOLZ3kp9B#3r8tKWnw@EkNtcD;An+o z@vnUrgkkb}u5#I5eHv;*l`FriC7)BL=&>KSfx%wN{D9;SeW(NYtebU3Knc5@UUU&j zHK;gdH0jar^3$Rnviu>N^V#lU`yoz|;p+c+-pOke?r{*6pUJ5&_`l9+0M_4`7`DCq zNS@m)y_05sigK>^_3jQ4N-M!ZzBT+6p4gknG9J!DNJUqT%d#;l#jN~=xxG$;`1l1e zqLF<4{*#laoX0xn+4>oy0jsnuou~}wI*aoI?$+l6ke~;!T1ky`{^>Y>e8B>pzJNmw zT!epevfth$@y&6--VU^>Wl#iQAGsY512iU8|D**cGLNHZ+X3lVzx!gR!jU?bX~#a@ zE^WHQz-lmSVB*^kDU}U&!M64U6(CV|diFD%wJn=_@<2OHWiR(Sb-@3#1d7rLz z#drG?o4taj6)Mi z#39TSn*OGaIgQz|oR(48rmN&aCV=AycZx9bqM*U3T0Di@f&cPiW@Ee49+xAl+4WCt zvLH02hM6CYoshjjvtp9XGI{aP-@Sd!<-)q7%taQ3KAb;v5u=w>;{<@)zWnqi`r?A&!Yl)#RHpH*`P*4{GxF5c#Zz)W3HR{bdid5+bH9Cr zb-h;RbQ@og&lo}=ya(w~B>|e|G0ug)jK1>jp1^kuW}biKihCiKT}CumA-`Pe=5p(c z(JKeghrrhdTZzOsg@ebdw#H9>83yLZCkCu@<&C_jyEEDcIYUGza{f%u-o30?%;k@4Gwd*~H z*XearB_XvG2Qj{oGOUh~N7YpLbd&jeeBVBF*Smbkw|PKc|L~9(h6l#3%WB5W=~rG- zxR7{$%o4@=J5I&vCUd>}gFy}C8{fH^$tI1;K)Mkb?Zg2BqXgWRakZW`-oF0K@BHp! zCPk-Z02jS~Y!552I$_Z9Sb<%$1J>(CpH|O+s+l{S?w_%W!ud?C?S9FTY%wI{fO>@i zw{a{KO1ZBv`czg|Am7hleDnL=t~xQwY9rdn{Pdma-nGm5!Mx>SX1(uj0ep2P61LMgfM0$1vK}NBML1DQ{1VtUlo|8_x*!2|Jr_ z)%GCN#HjOb6k#ux6-A*${2d^AxyZ^)P-{@ADMy}uV{74Pr~`^BFgVsa70J3(uu z$pQJwSz7weu!M=Bd48N=;kRx)yXnfeNv`J9Kl!6DQ^k%Rz9!fvUa>^1<=Fdb2$1U) zCIBq=x2#_4u^7&s(A*_Qe&VO27&FQMHVUaX#ZshT-H%s$u#_Xnx$X_WOa992sauGV z{ER~k#<#d5v3E@12Ba(SiPk9Df^;8L|DFE%j(l?elOF;#^dn3+R%J%=SXoJm(Ohd& zE^2sovBM8_`y)H{L%G%#)kgc^`*ySk}_VxW&PjTKdI-e{ifQoOW3xU~w?0?{{xk!hS?+a5kf*Ct}?W z4o7G1tM``YU-jQV_SL!UD?(TW_Jidb77+#rEqu@(vNDHec6BJ<_p~kpqUdGZ%iqs6 z#Nfg@VQjXK@~7W|e#M7pHyT?5K5a>ugFLs<`x}JN6&T){{5uYN=`mS!*E>VUBMrWv zyHl^bjJWdt(1qgZE{F&OoSth|iZSZ{kz}TRZ`#S{+M^{uiMrCm6sJG~*4Z!16+w$)k*Vi*^ z!m9`C=RDju1Q3>xmp_8)slt+)8Z@j0Au*Gw+OXpv*_WB)>QQo(!xMWwu4}lkvOF54 zw+Nu_zO=8;Q>BDdKHxj!h=26lA}+2=5*X@zb8=6At8vmYtlWf1Z-2>>XfsPs^>toy zRtUx!-~4r+aLO%m#ZGUoO*zI-oX>UcSMC(OI;nQZfWH^Fn0Aenau3#b{$k^A{(5p3 zR4zB3_w>&hkXeM2C(T%52B4qunvN&lqjuoH0U$b@C;tA|ZeP%n?IiOKXL63XA9jzygZz4mnf8$j16-QrGc>cx|KCjWB1U=<<8gOq}aq>nU z^^iS3-Z|>(fAbbDjG!H-+qwVtI~s?5o`}LD!;7HlHrLn;^nt8I-f|hD_M{zK@CSq4 zIf|nneA`D(Cx7GX%#*Q!DUW4up(K%PLy)k2&HT`}4}4et;Su^| zmN^QQj>=Xj^8J&|S|>U;-HpFHyZFZ@FPBZ$9*AQ9#89T!iBU)hQEd$9m!$$fW7{Da zd~#|3kA0KO`0~fGfBWeHbgCpP1;8>8x?TwcI3`P?fe3!O|J=6`{twnVD4vvR7pIEJZi$X9SVJP(j?Mz_G*8*^{d1`D4R>YWcj=&!Nln7U<8fU4I$=lp%`8?ZIZRdM#$RA9L2Man{ zAckrtNzJdo$povjXNoMsQelSM9UiXge%l)umMbc53a z3C=W$@1bXKe(@;0mKj&dn;4u3(J~yMzw5)azp;329y0m^SQ&-{UHW14a~akc;-JoE!|{6We*rJevVVW zwfroXt^S53nm!_{07ATP>3|lt85$9W4b{tu8{U7`3plCliI=L@D(YXc1(EeW+@g&b za2nnC;eWUjWJ%jJ_53RBlHjY$)BNKno>$CUpbHG<-oM7?zP9ZK95IaMpN}l9riEim zqTr3iJ%@3`ZZDDELyKbm;WzSW3Q63d5a?^qjOYO{zNM!391c$F3QEf26DJdxAR%xS z$GmN^{x|Mx-{cCU|p7$Jn#FRb%K~_{V3t zSKMDDCbyAzUd3_!bFFVXaos9Qabji_Mc;jt}%rDAQr!R+K*yW zXemxbqfdKn_5z2#O=H(b+IM>Q4`)!meC|iz?P4+@ewq*c7w?z4D&WL)BIj>!$v#=u zH5Ni>fTmODvzaMl)A$?9xbU35y$$~Ja~6V&BjbNkda7g6Vn3LQrDm;=>xIkEXmh0E zmmGQbN6*sEtA3NwR|c=xYQQ!hTQl0ej)nu!$eRMf(9x?aO;6rGdQ-ly_-5NT&H2Z# zvp&e0ICjyqz=K+9tjZPiUjp6QmiAV$G8H4`&-edlP1&i3_J>i4RCMBe10N3?)DPmV zAsJ0zHUuh8D?7n&eqvmH(5Qm3c7F0QJmEC&V@bQFZGkk%Eau8vgEyQcA8kVpVA&G= z8*gIKOZU*+ZK7Z2{j2G1_Zz|L@)isvRCC!oBHy^4HFR7?&>xOcuu0J=&+2!K*FN=b zsi9ysTMMIUIh*gPp4Bz7Yn}2N%bj%mIs+XAq2qtmRJfZ-Ddd3kGMnY7dMwIJKxMn2 zrAw>-#5k<&Q#QagUy_^>8z}rU->SdN6FkK!}mXV`syd3o^LPb zv;Dy&5BYxCzx(La=`Wr39yqU&3$eZdJOSmURC+t}*>{=8-tZ>}=4&r3BVWq^3TEv2 zCwAdD){~;gtF|SjQVq-+hpSUMHddqU*c-n6i5tH83rCHf*V&)nn9h0evlY=#*z3*# zlNh{>y<6fZk3XQPVW-?Z8 zcrus?dX1W6qCPkRZx*ZVv*5Un*d}!rSa0(WPSMQpsxiRns3L#mqNAn|+`@L(v$n!u z;Nj~mhtr?8+<_xR1u~JsJrn=-pO>#ZvC6~k!q*`Ga8b4?yif;5kpOdixao)hxB1-| z$J-XtIYss%WBkR!cjjB$&Hf(KXLmb#FhI465!4yMgPAXCO*^Iyp8&z$rHWq&O;}?JCA)G!ao>LJ9eNzTj zINv`c#sjxH7}e__&mxmmEdGg^3s=nCaFbko|K4Nqgk!XBYzxu{r>#m3=TvPDr(G&Ndz2TX6amv(!(yH7g14uWLGNF+lq8w0~*j))_7i3$b z_!Gn3*!wkx+EEJSw{H@SK8VRC&0r!NW(OEGY0-&1t}Ny;Q0M{G8K(7w_Q$R_j&tR? zPN~;Ff7M~in=y5KI#JaL02JVPM>F-l&NA;eYf?6d-ExQhdoAu=d+`*%pRN1$GX}rt zpb>Y0T(YSbAs+f^S11u$Hab3~O^Sc70WM_MSw}t(kM}PdhznksJy7K3uQbxZJ>7O| zrGTw6alUUY$tRZT-lTrX?m53MnY^}xE zW6KZNq5Flap6uiDE05i;fIsVc`ZuNamXSh$$qc~IS<;g3{4Q3}mYz@2@lU*hE$r)^ zbMKtxfAcoJdj)bDQFMB1iNi$)eC%VYq{Os@P*h9I2B~`PaDK0!e(w!|*F$nPqvB`% za;AB&ndAD_N>}h^tZzlsQEk7aIQ;N^%}r?k2CLEUalo(rvTeuRn*WT;GZZ;YD}-E- z{8p~ydY_^L&9yv9n@mmkC${?CGn-%>693_x?`tm|Pqp1&^29R*6r!*E)}l}Y+?oWO zpbebn(}~hc6A|Z@>XBZNBTKQ;=2thXn9YB-BUUtyu^_xa z0Zdv73du^dV$d%ZA$tNNL0hRx>J$!TIjuR58i@3(&oWa4cSTT7S1_>-|2G!|sZ=Cy zNu18~!o9d+Hl7v)cH6MRcUr4V2pym1IEG+eh0%?j;omuoD1&v|L6bp|B}a9 zp5_Ggzw?YD{x<|e#Q#QMH2dFJisuo6C2@vi|A(+ASv_UR^1m|c`dz&98uGtXk^5iQ z$MH3P{?{Y>{2ysFNB{R%6BQZQx5fV>j;4&j{%Jedx8O)A?8ae*WUIR7r*Z?)q|W?(xT5g_!eG~zo(Oh-eS*%0*l3BZ@=CxiJjjs!yEky?f&{ahrU@VpL>z{B&JJ>Y)4k;Y-dGZ3P9L)J69E#2CTE!q* z^~CQSQ~dgQ=`Vne-ASukIJ#`6hp0ex>uD3usO`Os*JCQEueml&1X^M1Hyzt<;! zU!T=|zP_*cDjv6HnQ`!ve4c;r`!?$YQ9sc&2ajIvlKc*5c|NG2yp3J|` zJnw`5tcitJF#@gGP2A3BFHi1VbE%x;8-8ewS)FUwT^&`l7qupm`-wUHT$^MKZ_hRK z_WE4wC6%7*)57-en%>|kZl6SQE7$Z!AJL88{=LWfZ%gpA*2`BOP_~Ovb4`$PO*m>- zDrWu9akHvzL$63Op@i>N1;LL$GSsMRY|&WYGuQJs1%c=P7z1jGX>0s{IB)uJrFsi3 z+6sMjO?|lv9Ty2b9J>G9bJO1HC-g+<+$SeS=;@pn`*SbWIOlm@SI@aHg#kT_hnV(p zW3DOs?7#Ez8Nxv2I`GZfyopeF&gog5a>GHJYC)eTY@Bk|K~KJeRcqQbzT2MM@8`nj zde=?nm}Po%=zDeFp7wiw^3M6=I#2#hJdY=#^2zw*3*yN$-#twDUcF>JJf9c*fAig& zS!qpp?lW9oauj)R86wV_-0=3C%l6M)3FBOcb3N1;F>BqrAOG{;El1@YNnXRIo~}73 zuq+ubRyLg{a*hL0U(iRXgrD&Wu&TZ5<=nS2Zq(Xx&b_v3er+Bdpk$dX)9gx?l3s3o)X?Us)Au;U9Z&%8}ZKeE%O~ z4o{sA?E*cYH><}J4XksIY_nE8;Rw#PQ*H76w4aB{hjnP*@qeD9Cr#Z(9$v=6DdVU+ zU-I+MJl_95&7-<(+wb)$`{dG>_6^+m{jw#5gSh)2o6zk2T~Z;_4-7)n8 z;ZN^*1eMx6Z+BF?Ij=v@Y|}3EuwQak{K#3QI#1g;WsD(I+xbUEe}6|^!`4ItU#<-= zt>a5)-#nEN^_6&OQCZxqoQ#dB2p)?sN2itb>C7pRLul{-4>*pa1{0o0cgA z-~ac^FMR#P_3t`bZh@zcp>GuDeqR3QbFU}>gxvi)puOepw>MxL3owe4Wo5f=WZM47v+>a~gXlfwt}q8QU?^=BeaI)5&!c z^}MT%aLI&$(Fw*|@!Iq_RDv9VmdtPndp%T7qi_mnk#>1a7AT`PDhRU>32out@DvW1 zng)fIlfNWcCq(IU7d*CNwnN>BF21AO=gr-so2-6H<>_rjJ9fP)-#J!wlCFC}8WjV3 zE)u%J4EJYp>r%u6j)14d0;5N!h~XDx%eLg*xTPbUG85$VMK|tfsZ{a^1`J67%6f2? zh7`<}-dV%2^_>iB-c8?cFFx!rdDwR}E!TCt)l2rIQ_8V@$Q*&H={^BxXisZmm7ZZL z#W452*gL>vntH^#rg#&(P=rDvH?1}aa@JvMPN-PKA2Hf4Uqg=h8`bx3d^{cLhV zOBTDg?mYJPoEy}T!kRTmoZwa2!GX3ny4F7J9*Jb~l&n`k$)HUd%sXI`kYNl;=n_an zK1ysl&XarM-18I%H5oq1aN z+7Y{p(S~nnr-|OELP*8amu}B0z$7VEbg2i_C#nP$po)=jiv{_03O0EEb?^9&A zqv}>Lx9nM@Al(K6b;s^^!{9c#xIY!2Wz?qlSa0+H#omAHIIl(9nqd1TkneE%#0I@< zWP_fR=snq^_eS*O(-&i(OjKUf1*&dV0fhuk0Q28l5t1k^&N;{Uq_q~2FQz~A+cOCD ziAvR4+6#+foe!a+!%>xEFNc|tcJAw{j^Oo)F9;5GHq?ZzW_}hM(0C0&gmnl)QhzpW z4?WEaA<+&YWTtCQ)u)pymbIkJh4sO2DMVQej!&xrjJyks3My`2MOs|5KOz;ZV|Kh; zl6%v?Sij9D;>K*H67*Fth!5M(0_UrqTh*d!xlyLv+SiJ;T7oTI{Dv6b!cDY&rjKX% z04Hb?BXAl6DBwwPp~Nu;+;#^AN6K0m!c-{deKBD);9y4l`Y0X~{v+er^Qje98w{pK z!M3kLKd>Icj(8>t*Np@19O^p_e_bBx$!=+%?617Ac7k_SMHHK;`1o(G0c&8Eg76jJ zM8;~_cc*Bv3AL5vsZC}_ugN+zL$EmQt`m$MJ5vz^@yAY9LNcw^@ zDd}okV~YwsU9TGv*sex_vg*acrV7dA)G86|cQ%Opb6ESwGQ3vcCoxwV7V+}Wk{*ul zIL6nEo0Ykj=_=`B_#R`YHH&|Y#z~5LwzX#_;(9U!M-Jj=7<*4PtT^c5pvCUn_Jpcq zxBhmK?Z@aOjs^G{*j)BqDqiK=%J3v^l5$DSIPjjanx!Sd;G$m`zuul)?OcS!S926b zo2`{A;z%qtQb#$HOf2~<8TTzyGgg9w4SgU$``J%Jam{a=H6vvRaRyD8` zhsC@v*dxsqvPAtDGHv12{Avb;YpSIx!yccM12Cx5ZEpuE#CkUT?kmwbc0XLA*iZA) zHv7PU#g^zx(e?_`bc%S;eU-6QcG8FyqTaGW@Wxf-Fa_Ka7}2yj~y6L!6&0Y3O( zHlv3ck?SCLtKTR1oML*j!rS^)PvOPE%CFGNe&p(Ml_Y~-bABFzd5T(jbq4A5u`SLr zP0e+Qh+~`F2P+epP}uCX9*toUP#Kj6AP-`Fu{3Irl=<8!pSO#Yf0BXJLe64^u;Y1C z$|^57!#{fhmjT4?$&KC=SLtj+olN|sDlbPkhX!k?f zboaeZDmbmL*%9n&SyJ%iQ8qSnf6=?rQuEl3Tf(E?vpCoo8-|l z`rVFfhj!BPaC{clG6F+n1h*f3zNXh8ZK^EOHJBZRu3@@P6>3)A&{uo?;dKr(J zDf1&rs{PlZYq-gUQxXUGer1Qe{q@)+qVCR#HwnFt2X!dptB&R{dP0SfxP;^A1}16o zaYM^pYHOW!OgTzskK=Bc^DO2n0rAJ;i8E#RzTWtP^DPC`wjc`K`vM5hwLdzqSq{P( z-f5Wd>$gr~w^nmWyj(4)i-{w%Kr@A$L4J!{ssIw|x@obqj8(nbg_~Ndx;T1a22pG) z2T&Mzz9%zk=&doR`zEsn&1x3guHb$!2g|I+GAiP*ancoUziRI&bnFPW7$cWH)Gx7@ zkGV}AYFfK9Mq*;x`VjCf&qqP-1BX4vm~=h}@*X^P{I@gzCXDP?+%){sR8s@_dikb> z2=lhZlMv_($^kgP@}<=`(U|y}i$NME<+}PpMadC@gkPA{khI~{R5gDy8_ct5CrWF? z%C+M@7WkkqqqD!qBNB5uR|8LLjQM0c$PYi#8rj2%WAF&JM@LAhhdxhs2aFrjzWt;` znjcfD1e~N>Y^Yi3nC-YUCmLFc8Op+_>O1|Z?od&*ZTkSGu#$Yi1q0fp6 zNgr5{_q9KG^n>JleQo`9&ZKLygJFv|Ne3hF*wFh zP8~S{Z$@qyXf>NxG)DDg6&dgm@W8kE=0PaXZHd)0OQi5DS2%X><*Ri}T)*? zJ;f3PMzdd*s#HzS$q(-D6ZW%(bl1-8b3}-sH87`zlk?-Zy1y7Ee{uyX?v6y?u^kO# z-w~N6Ha*_l^IAA2x)@6Z5Rh9ma7y;tcZt}~KlQ%+ij6_7#`s!ZTTsLmo%89D@`6BP z0Uby#VITn9CDs2)< zkt_<=Z?Br(n&Pe0Gf-_O^RXXeAqZJtU2_AE@UX^n_`YH2FfWA%gcrc&3l|^_6?TSWFaa8l$0{z@Tnyt#Yu#E9hw@ z=zBSQIw>Go797Cixw}5JZP?N2z~+f z^m@;JYfe)M9c+ft`vaSgy{zKT@?qwTAqUYgR_I9nBlZj1=vQ=@Z!_xr<}sR>U4>#8 z-%J-UjK{`$ns|+D6vp7Mpz@$saG33^&bVwpVZQQCfpBK0_>9JCEN}6A*X155>^soN z%lUH3;7(6josuH{loDgVz6o74hqpg!k8q3PQAx>WtJk?a(8l7(4vbzh;9gWiX^wCi zxO-QgFK_FW`6WML!Df%f<^qQ&J;7zSev+sy- z7;sXfL%UJ<`Mdn!j@2*CMnP=pC5eL3tloHx^p^N-b%tY$+K0G7cw0ephhv_O%M9=1 z&{DJg^klh?X?|)rexOUhIcqGhDw3L&y-hNA9gMi~>lcbNxz9L=T5c5)i2A2uKgQaZYG}NWT}|pd@@V;) zskV+}562H7iw%NzpBr6Yjq22jvrg+Z$o|T+q?)2d+9z9Wvt|^gC07wQC&mnj3#3#K zz?h3}q#+V?^@|MY2VSuuSQxY^pJ*;b_?PQXNR`-(o1*C>8V>MegA33RULXsM*ExSk z$SAgdxX#XX_1)rj`# z)J;$XhE}4}Z@&PMv{(te<*mja9SKGFe1_WgJzgIZm(d2I3hjp-HfUx@-$ItY&Y*O# zLd_b@#prY+Be+J1Mgn89Hi5@WGza1eybC_xJ%Q?^Z<+vBNrm~1{=H$ftMJ8@2ZW~sAd1wX^V(G&N z=f5?-MU|OGofgI*wuue5Gt5J?8fF6^6d@yNsCkyN-?p1>i)}TUfo(SRn)}{Ik|Wz5 zQ(bs&AC6=qrXEZ|IJ@s_{`ghkNJ^o9Z&wxy0bp?y3I;KRF=W_@Uj`Bx1>i0P>Z&=P@FwOo3i{F&<_bUdW*G2;>HcJvb02WxzHx~R~)vTJ}CWg^U_ms$` znCYU_vz@B)f?5F=C}$_=RTlYO*2b!^Un~y@RJ?X4zOL7w&&LPJfpb}Dx93#`k~+_W z^T%>`f^Vdcsz>M7RdZr^V|ewv5i_U$k;9kB_}bKRN>X_+W}z}|mS!hr4%2dW+uf2F6Z$Ag23 z#eEq3`{}2El&r_Plpz9I0-mCF*HazgGgbODZ1FkSkIO=qwFGF&bKs9z&v}GyKbddE zP;7dZ)cCc0j(~Mf!(Tpk9LU(1@`#&;wm#ab)|-@dl|Jeg*s9+gVyGHt!k@W;JPn(I zXbe&qeKNam8aHX<7pRlJU9v#ixFn!9g+R&fhLZ6aRbZe?e+&q+Xs}EknLaHufh7;K z(n+SVsS&p^bFDEYBhZ)R$|AjKSvIjlbQK$RC-Xe{**xplNTy>a5iiB2IA!tK-3xF9 zpk$p(D=5@b2U;9`{nNEayfMAf7*PNJ5nW{<+Rxb1*@2aP_rk=r~KM>0x3Ve z*HOG8OyW^T$RIh1pD3viB8?txULw@deD(}Yk+<%_okZDfDHD_jqAfO_hf(GOyX5Sys>f<%tvqh{LvzCMr+{(*XwTXb>7Q~7|Q5NZgF z5rOvpGTQ)i8$-b%rg${#4R@cCRQZhy3s7b7j%}9@h#>_F-fh&vMShwlPN_y-#0}K0 zQnqdYKGiiwD=#)gBgF(qLvGkLiy$_h;L*TG;Qf>;xID(B0DroTkuk`|ewi8pGw5@n`p=6$H-p4Poil*~-ixi~ zE+ss&zU~$De48XFzC|@ks-?}mk>FY5MtAC|4U*>CflFf;)RABC`w%1BdKnT1f00BA zP=}vCb_6MUjYmwyv!{wK%0i024&%M8Vp|CqiVIan$kwQaD_gzFB%UET!%A?DZp4P- z;Vo+Etg?dg9g$_G0o9jrnLFYN2iS);n+NJi$p|r?66-l_SF5%gB_N3?1}kMor_hTu z6rNdiz!A~1!tG}!=y~8ADDp-$M5#L-XnL8EQB-Rg<;bOd&$~i?Mc*Q+Q3EP*)6)jo zNoh+syZZ+wPtj%O>VDEEI@YNiX0J(78fzA-fa%dyV=O9aE4oR^rL&?Y@@SdVVYL>7 zHsmcj+V~QsAam1yY(_H*04YdF&2z}%tEA0f+0WaO1{0CBs zlbj-CO-g$Cb!Gh=em4%(Q#}%2yNqB9k#5JiP$v5p^>8s>avj zXA6_4kNUxWxVR$Xth8p%TST)ZHSm)M^B)zWPci zu2;pucKX~k97(ogw;BfvF4F;>C0wZ|V`0s9%Ik5y^Bf%~ataGPHUl3pf}?1~z#z`_ zm^O%0(PRlb!||`0RxD}+hRozvd67wJ{wPg+`w%E30`ooXm@JDZ{N7Np=ighJ*TnB0 z$f05WK`!n6%T`S(3hWE|{c3`pv40~o@up&*1nG=s`S@K6U3}@M z(|G6A8)wz{>BH;~vhbNvgX8gC{V~w_OSPJ4-e9iQV*Y$Q+Rt>X_>MJYX3YSuuy1-i%FU*X>F8zKB2tT-7(6B)DshGTF zWlfmBN@lfCVoY^hVNv@?!Tn(xk7H!d(sUN;>`buIlufY41{?5{Q64w7IY&0!`kQU} zH}?t`mhMwk)&KUt{jdKEffP7a(9}N}0@43qd5Qj$5;XEpUXXB_5($MP)PIZiwD}hI zf8hTiDyH)vPO&t_`X6Vr)&EW^HJ9ROit~SVJ}LL_^w07?=aX`hzXIC7zX^56h7@L5 zv5fflHQS@*!R&jVt33}Yvi=qTGM`MSl2R-f}{%;%_juYj>fYt%Y zDX1(V>Wg1AUaji9%9Se&sLN`9d2y7hJ_f?ZQtJW-v+ZefQ-)fc0i-P zR|x1kv;fi0qJIaE#om@+zVCQ@1QpGEH*U?8Q#Kj4U-A2XqQ9@*Fgd!UnXt8P8!1ys z1c|(I!{eI)r(Hl+)zqf`0_~enJVUX}){YfxT&;%QNtaCKP?sOB z3zI8mXddY+R9v@}lxP6+qZ>irDYGfzJ%1olJCAQrQc~|voDe~n$>BlnCSfF|Hg)KS ziUa7kD$}>wX?H@~$?$3JG0}R-^*6C!h%}*hVE&Cli0#^L+g0mCLcQqZzKLQ%^uMGh z^|CwhW?&@w9?d!JDF2nPYu(0q>qXAzqU~{aR;N&F*3{PBiX%54#~VLnK@DAd#VB2d z>6b72JpQGJ2e@7(jc*bWrG+%6TwwuBc!75wPuju6s>K3ej?jEOcATUFCWv8z~u%yJ<~oxqnOO1tA?y(|O&@Uh3>J zW2kAcVi@;bNol;@{IdC;PUdB|2f2VUI3AGS@`7H6^|`Apvk4A9)BLs8gwg--K#wA9 zl9H|dXiMh`7t}JgBQtM};Y-w6dYA%MRhsGmM?kp0Y7tdPGGu^!ZUQNJ(Jr6DM|}qA{6?b6F{{n= zCd<@X&xxT&Zmj2<3nf>6_K|}hAVSdGF95H(`C?+vaYZoP=~{icfK#|q1>~5ItJbI4 zZcqB?Eai*w+Ex)8YoMZlA?J22^t*Xu77@m`V3Jc>ZwC3%g}qM2MZC&eV0GZLdQC7| zHPt{sB^N%8A{->(rVLk65+=#wQ0kg+XE?bM+&6GQ|;iLe40-aL4K70C04YVmOf&l~a z@SSM&(ZPm3-?RH>SRglSH`tVda$KcQ#fUaFzxGte;1RjO<#a}>J&nn1%JClaaEnE5hCB;cB)z#!E0@9XYYWGz3LmR zsFC7r%m#|2pSHVquF{_hI-Wk#oW@z9eVQ;$B5TcPIUxz*TNI$tIa>DF-SJf-iijy? z`iYFPrzh1_G_weaEd)-i0PSlO(wV4effmM(i%yCC@H(KqZ^+{15r2hc@&hM)xYX9~t`0A2PWY1` z%a&X>`&y_Ug(!>$XP~Hx#@zpQyb!H$ z(c(wSe6EdBHIQ%xV_mq|?WIqzO*b~J*?3;4)lgCHkztPA5CQ=WQ9WnMjmG>ckuW4w ztPP4o!Ynue{8?f_FJD5w$jHN??;(?AfRzsLBfnqvbFEdyhWP9-QVqAt;@9|N5hrSw zNm8@n047|@#cs=aqUYX0{0r!rK(zK_hW^i3%t|vb{U9-^D}m`OH{EA>Yiz~OPj*h2 zoWr9I0{k2Q3edu69rPTRWBg#ULQ#=fISdO_G#8IwcZnZ15v=8}E6+uD)eU2q3gCQx zghR+8rqEIFbnM5SFrx9aCzxN6SU|hUclG*4tJAGMb*TMI9JLf8QEx*ATeB?(>|iBi zM+7nRmy9|L*00udtT7N}S0o5;X{+L3DQ?FTphu3#vCVDw`H4j9I@cU|^g?oT+trVy zi|N5&-Wo#@EVvp~gdRcy+-!Io`Yvjz01E-mX@kt;r3lt%2js}w`TiPB)xaLH1}BI~ zl+PcaY9@;1gx5@481Wms=M25{cd*^nde$10u~?=1gf2`8oI2SW1`PrCcwuIPssJ=b zD(qx6|2iQPt4tpxl^p&7usE_KQ;u+8eeUY~4Ia@o3L8=euKT4nmlHo{PzZ>7o8 zJKAyqza*Pnvh$OOv&;tzzbO57Me(K08EKs9lx_6xUXdm0zw6Kc>#>AhbUSCa29En* z|Cc01krK*?e-H$v|4H5w`6t6j=${-ZN~}O|EKkY*<{Do?NB;MvME~C`Bl=I@N%rmCLu&i69GwmnafsHS@J)o3S96MbRj zmFbHxWv3)xqk0FtSr-xu_coyuiUv|0T*A=YU)9Hv=Q+#wZQX&x>$V;-+Rsx8q2Tz7 zawV*=c1sbypT7+$ndXT(@c|u;Wy~5d`EyZLMm{QrEp+YGOrCM$gVESq2G6(d=RRX1 zPGGXv*t@mLDU8PmEYWt~;r*}l{w*Kg(q{fHl_&9UuUA_}WHv@(#u7+fM&WYc)02$F zradS4Ov2gk3w7hDe(ztA%=a<HZUDy6eoTkE4}WAqMUsfjO_QGS8PZXYIiK$er+Dd!50hXp;}|p z({0AY+s% z1a+s5F;avbuGim7_@q%bhh>S6XAd$y2(LhhQJ`7Em`XMuMYvzfDzj!=o$CX+UoU%b z!^rZd`X)DL zHI4M7O#Wuq0Sip7Ypk6piJLLle)a*zxA4h>bIpB7_N(43XW8t{RBq(RNyCUu(^qX< zRpAhYn39PK``+ur@t=mZZKd07-K#EdnmtAI6}eRCtWxkAzNCE?$Tz|6>bRvt$gWO0NwhFSIA+fwxh-*miC){2JdYE%dLdnShzgSo1Fw$HPx@*G59c9 z;$j}4Ox`;GoOqOa!>F~e9Z~iUCuiAVH4pm

sak!o zJ+!Fe5G`KOYE^<&|6ws)xuNh`WE}}Fvkk}jnTPU+cM3Ad?SL|QQZ%)F#Zx-jf**~aU4ma7!q<9Aq7I%0g zD+^~YXc|Kx_8ke`_5Oao9+TH4e?6|FP+j&$Vqyi0U{a~{4HW!ONp{5 zQgj6Bi&jC{0|S(pL0{&@N?OmeW4Bd%>WaEt|4N@TSE(|6aflByov{eN?gJ^rUe~kd z0yWXT)OwNGN~07ST8AO1lx9i$siNU+)v8;}Iyujdn-0S_iAa~Svf5L;rk9>d5S18%W1nS{s-*zIi zXRBSy37D zzcmkP7|2Nb7Wp|aHX?cEXE#w)q(AAbB6;*&yovB;yVa)peGfbOMhZdsC?W-(Vdm2) z`^UjlRh=_Ho!8fcqsmd(-`w=Cun-C82=ak6(sM^9gaCJa$7gaXvynQX@g9o6)gMSR z6$@Z(JQqL?2YgLB%0V>8-tfKI;recU2^7Kv<}ha=8cGOM++8gtCJN^KY)_q1&0 z_hS?7Qz~wL2L?BeoSc0|r2%bylN3bIvu}+XFI@iI@aK>piPFQayIiAJjR3E?V(!#S zwNOS3s!SO%=UWeiG8K z7RHa&w{cp(bn?Y%g6~OQhrIWZ1bm|LYsASiHiu4T_j7N%rQ^>rg5V~sii5>pWR7Ch zzo9%Z5_*v)d~L6*$k#7+dEys~1NL`PyYfT61M0iPvH5thmkTr$9lTUN$=;L7ZkD(Z z=jL;JAeP0E!2q1QaP?*=07vCd8toMjqv5;MZYtuLU((ft%55)U`Ef5mjD8&GmmI<# zxMsY42BJt`^Mj}Socwwq3Hbrjk^BeoIUQ^U3e#Pfs(7h?^_{H9_|;kiG}VTRlk)Sd z5NX0r=bN?%^cF&HYQ6<>2uP$&)*E@45k%@?8juePy5#5BHlOi*9S%}IF1HUrny5(- zpWi-W{olpr64*#XdAm;2VL(V$P6C0+(SvQ&F@4)<>1ZLK%(yN90B7{bZ%EfG*l%B$ z#v1*!<*_5m?1O??!MjV6PZzluf(%_WA_rNnA~QD}-^89bcR02*>UYAWP5{c&A383S zO|K=7pO7i`xO3><9gGPPscwgq_k-PeAH#InkT@#w>9oWoj+h3DOlArIgdn>$)P-R4 zcA|qnjL`gIx%s^jz;k`F4u>B_gb4b}jfnzh({-tW9MwHpmOe|!aW57GE|3%@?7h$_ zGN)A-r|cAjx1cawG(Sq6NWoI1!LSs!x8F4-{j58QgxN^`5XvR5k{0;Q%6lG-O5cPJ z0M*+AmFeFp7ZpXznGI%A9hv4UmT-I0JR1S8#Jxx!rOVh>fZ>jfiK;YF-lIj)-E+Tf z9V8lX-FNYdj`C=If-VgxZtW>9?;bb6G`xGTSQz3O4und%t0sUutRBrLA^$kGzvZs^ zg&q@4nJ!>cicC!)(&B6ByU@2JyK8VekP;ZYeLzWj)O`Jy{UWG#+}E=f&C6{H$1@C% zgMTZLjPB()@BKgi_XmE)`~oAJA6*ZM_8&U}`M*nT3w;rKh@L{x^R5v@kE0yg$H<2` z8!{*92Je=BlQs3M6>2{60ZD%E)kqR$(bl04q*%4%F*AZh(7v&;x+b4UlWNBGVMV__ z3mkt3{pUp*-bEeK4ca5cLs=esU4J%D9a@XjgA_;6zsoc{W0}*K58*vfX$9+JBDuTp z#krN#D#z@aG=GZu>OSXM75W-pcWB8`$^9Bhihd6P*h^I9aMV@5EvVHra)mqh`}QD#wUA;L9$bZPz|F2xTMeuv3}v!$bR%gC#wis0_x z1(5$!9F?~~Co?Aj&nj;8I0gh-l|43Oiy(e7R`SbL&1ZbuHh_4+bnha^R?|&L$qvn3 z!~x`oqT2Ho2YM%3ebn?LM903ml;b?73li1OhhZ5q_dXk!+IvM5%&$%`=Xn#^3=At?c)CcZ(nrj!`-Ur>Q>ts(4kq_YX&)|x20>HOjeP{)2XP{FgZrqScZ>wwIAlgWepWlfmnXfAi8bqv&s&t za(7W03)~qzW^hXtekn~cONx6A z&LlU?NDJ!Y$eO=f4L_Wc@=x)1z7W@JE#o_6V*Tq)S5kL^c(jU@t8a{SA3W@$U*QhW zFj?k&S>Npw_i+T-B=rJ9*PXe5 z_Rs$5(FO77EbjmS7|VOyJqw8u{Fu`<-H_yUP6PkwVhYuEk}xJ{2_ycjze~bqCZ#P2 z&+Cb@>%`PkFE`hTA6Nx5Cj@&6hh zwN-i3l4{H#OZkGNNuMd&-x4GrKlhr1Gw~hzJ#7gXIvy$%>nPyrUlxq^raG9&VnE4O zg(+VZwrF9i5(Nrw9!1(@@M-NB%K(_Ug2vOP+;EB`wosE~v(Sg0@=sYK za)|w^Mls3Lqo8j%6)4A-r;W*D@EMAEp1%6~v^epb&wFEd^Fh4^J>S!5QYzVdSI4cg z{jx2a!Q;7wHWIkduh|O6qrK&Ieb;7A?;l2agxK1Ezs)Vagx_wBb?}#DvMz)A}{s- zT`6c{3C16|ht|b)QzPByxH|#-*~kQUq=8n5c*AW}ntrQxkOR^N=qy~a4JDA71qWTVh=_ft-F$>aSpO^JGJ`6+^A2kY6^mT#ckqu zvb-+bo{|zEaLs%f7KhP^{w+R!-~f>ugCm$~$vKQQ%a_I5zQ2D8;r2rcDBPTbaxh)F z1U605YaN*e4>I`0Jf`rxg1YBy3_xQN^wQT437X7vp!s^qr@>A|hoa}3#Ng|PevIJ4 z>xJot#9n;0;WTJ&7mb15NoCztUGINZt1(J-)$oX*2@uMyMDw&%ng2ZG-BFUrG}~-YuMY)}E39?EBHbshKC5!(#)lmk*3(sm&}Yjd!JQztuKtMW z8nUpYe-LCq(QfR$`a4lmQ|5#@_kQw?VRiK>c7SZw|_51p}SlQ`}0kRdhu-0EoQ(|9%jXBhvF4tom@Ncd2T6m;SdfsH8{+fPoc4d}i zZA|2}x90d(F*c=e-#pL>>-o56I4q-K)wrAuQw*vPn0B7Tm-xBnlKP7Q=FNyETW~L~ zX(zvB^+%uOsJ9m5Mx)GE`vNmwHAbTb+bg&3&Niw)-GeV!CP~W86NP}yp?FWoOlrGd zQaa$uLBk`+3FTGIJW3q*$uoeXHW!+Pz08|R8v5-DKh#l;xzUL~9zv+=$d7CAV&CBg zz7oj|cX7&NXk^4&ZO3ZTOnxxV#l+7dnBjQpo}~0x^H?Y_JmjbB*fbNWoeletE3Nma zmg)W4+G^_&DQF>e%LDxVIF7vJuuineMpYOgdUjAmth0EqhrImN00FIp&Cr%5gzp~y=dC*eBXpK=Yzn0H*l zB<#aviH#e1H22*?bn84zE$I)RHcp-|FLBH;J}sGMqy&5XA-H)AGe6#>Uw_88h$viw zCU%$tV3<(3jjILlJ&2@%6E%4bNXI-3=q_070fS0YdjQ6a)Hky$8oUF9yvb!|2T*iB zkC53?_{UqeTIx5Mo9)PBkHtDVUWptT76socsbrXA%g7G9Zc9y*9Gw1&);DriwMzBf z94ZlLYpsCXjVataWdw>#>=P%A z+y-~{3t0j0KKlB_8rd_G*T@J#)E`jxW7dF_>nlc9`_ecT8yg)?&eX!yc!OIhZO?3P zN}u~M+~Y1Q6Z~ol$BE9nACqFC=x0Tx2Ww;G?P+2@%@wWEGdI4Jwd^g>#VjN)3ifm@ z4Ikyld^_Tpoi7*U30tOohxO4Za^PiBNwz|a!{%*+Tz1cdU%fz3p>|tAJro;{F#E3e&bgiquM3>2!S9bPp`v8++l>fhhKm91SF zc7I_%rjmekj%~wYpot)#RJrx1Ja7xoHwV)j;KgFE;k6%J#(T~!*&_Iz_smuH5vxk< z@b+oE=vZVvFV3G;Bp3qKZsyA;(pY;c$|ktmI#%c7%Xq{n*couOW2T5$7}E=}6$xWk z6yMGEFi`(ipz`Z3>hm$7$H(M7?HLJu2|tQBB<}dCT7lZb!nxUjDb|=&NbQ8D2{xpO ztXPGGI_69(nW+$llQ}XtJiepzrCw{K8t)Ua=s}o7^<6H@4VyE)dG9w*zgDf3TxPzD z4!dTlJdUlxK_VKK`=lK_X*0q=8;fz+1SwN}0qY4HE%Ext+NtRP66z8^QBuHvcu}S^u0|agcqEoa(T**>$q6Z-Ylps=w{*@&!B8?P!;yL&#Sx zb69Oh(tLOw-M}0m!3`)W5Fn}K3+a54EXdEu!+81yw@lkm0*Tp1kU=g>ZalUAD+)iS zXajh%c6l{!uwdPlA2blhVwY|KHIS5wd~FiAvKjy4JQkKF6{0D!OK>b(k4FvO{>|^e zl?VKnWDVH9dCuNV38m};sAm!?W@L6+{wq}~%!9dKVTM6r&}xm7rc}zIQ;H208v#Z> zBlzj**A80yv9q+RGo{d=h0o@XktAZPcl+btE^D3L(95R#-U@OX{d^9<0xXt)pU6_RppV-U@jokDZjAVo2#x2Qk7pjAjv| zG!Mqk@e8L#fWfnhih{*`deaX!UP8+K_7~koH`dLamZhRa5vSYV#tAXFhpjGNXIWwn zzi)TC8lJAc=r<$GtUFlgV>f`74cyz|urmK*;Z)NB7`a?*SH)L9&aCdF?Hw2-0FrL) zB^A4d=))#gKf4Oh>9&;*l8sKD_IXVYAzCMqam(YO8>gv!uv=@6+5mH+-;uTO?>)A4 zn_tE_@(m}%yVNdg6!h9>o14JzsmK`iv)}R*j4?O?=H!X%>%RI1MUaAWcaO%yyaxK(Rv&68wn9e*-mTb zD{`D*Azq|7%8LQj^g$k|t+h=yind42!V)8}m*UbH#gdOq)_Y%LCvzH`s}vc`tfqzE z>L)1j7k)N4S7tQ0z5=cEmW02rRGfSIHA z3{3RU35f)Wkw0vxI1|#SR)F8PlNrf;|uJ{>D{)i4~@pj~WyXmj)RzqahyKj)-N>;Ze^c+U!H9TiQn_{w=xe;EKIOh8{+fzQ**{?xo_k;GEbEhK-(><|_ zfzK5BasyCwRIrM<2%HJ!_>)?nH6t)68Mr2!+OnH5#U&jdSC>mm)3cIbSHPr;biB%6 zVSa)T>A3ijt5UdHPO_Bujlb__6#?P%*4}zF@RYvZ=Khwnqen&?#I1XmiEQsV&B)Uh z%>jey*Y6X-YU%1O{(aM{A)r!g7>~!k?F$1#OQnAw?X<{ACOq=1OAmyun~0Z3c97rx zHW0lBUijPVOlw(>AYe-$kZd<6leZ(+X4^Tn5sfi?T8KukZCWLJ84`d}~nRqzpSBC6jcssuTB|qf+l+ zh_>&V&Y%Eys}MyCo#-k5^ZfiSMpMb+m`HNlMiB&|G3vIe7NY)=U%+@i$kqzKbfufy z3BnOMFy3N%2~3PNV%vam(}%ykNUhFQQv3OO$6hMyi!l9Km;Fvnrpm#KDnrltHFYT+O#7q!0@Dm2?D0ib*E z&KB9X>sL_CG+`lfL~qVIE!c~74>)FOMCE_BGv*}Z=}R(%H)hR*Q_?W6+l!(wPtt6N z7fOYdC_kgdEE%fSgI#%D$n}Uz*;0O3^)mQVS#_O49TeXFU#&bRM2%mPNFJo~CqHR` zBJAd+G`b@98ue@Og$%+PJ|L|A;7ZxCdhl6BbLpMDNa*}jp!@PCQLAtB^MynVV?{=^ z6Z|V;=$lv12j9l(Te5@$3}y>L${EWJI4Tt`+1FaLmF{#-+eZySosiVIRU-F5ML?UMH&)S`j};G-Is{0RKLggk z<3@T##v2Bt_0vKl{y`fy7gx9k839(2 zolW$>HI|0KZ|8IK2T3gy{JD$eCIX8YBo2iXdowar>Zh5~9TPFV%h!7tbQkJ}T*q+{ zl-V_FS&d~+mBd9urRDY5h)dEBi1xO=@!zw)o(({u8}5uyUB|+J?4*_pVwLg&N>5)5 z->;)Z``F2@^9a3)0jrpBRXG7HKnAVxjEHKjqn=3(4}0#Ono~ZC_$)EcTvf-u1?;{M zGPxQ1(s&JSiJ=pGwGEV69T$>2^cLWxwM>}XL;7Mzsidc$pOiB9OrW!|gY!pF>v%X~ zMLzv#m)P4gJM$%VQ6C*qYvi%wa)DZ;H3qaRMb*>r$PS z^=WZ*o4BeV(bpu2MQ}6`;O)+USU@&~`Az6iqZ{Y#n~N;5HTp{4?s043;zMYaBG}dy zco}7==Ll7`6O_p4tTMf>OZjWE-wekOt4fO&1BeQwt5y3khK$OIQ=UQ^X8bV}Zhd&O zThPRfS&v4(l}ATVOp9}FW&?5P^U7@Wx?QsY93dv80s>7gm#vaBjXl7Ee{17FKl5=Y zam?!-TfPw3tAgJ?4&>bwRwYwiV#60O%@`=8fs0@n^sNpI)_`mZpgoZO?MW-^n7Mc= z00ZL5BFIrs7u=MvM8V;l9t?uV?H5>({<0A)fpf|>AEDgODackKXg+^itOE*q0{-@0 zYq^p^#*Cfu*S_%IP*+Wm`{?avzAy--U(xdZ{XsVcYjMCe)c@CM{xA&T#e16nNlG~X z2SUp7pR)Yl|M@?D{+m!u!%N`*InDpS|E{lmgBkN>YW}Cc^3(qP-cR9}zw4bajnR&u ze?KIUa@O?(hEXMx1FxF><8qE|9r2^Tefh%ZKB^5_40!VISOL|M6z;#jN9~X6c`{aMEbl02iR<*=RTQN{{LlF$uW>{} z`1JKKXF>LPHY6>xes_dQ5$2CBaG|9zHs`4p0Eo%h%+7B~lORiNSN^UKJpsT|I^~R` zGlYW4e8B@Ulu~sB{Z9^ld9#Q;@eR1KH>3DdU2*=cL`J~+pufu& zz#9~Zn&-5grOC<&;;$d&zZMn%+R{d<%vx!%r6rCSYpnRmi}T;&PA@8z@O^yKES6uC zZ{0HWXo!iXlZk4Yn#^Z*k!wm!>}J{$mzq5-V^ zklR`L1QDwo=(HQ`Y{OH-1Tl-bwF)r6PMfnO-N$Mq{`9^=Vw6T5(?HN}r2hk^NC7CG zjZ#VH69hws?}S;%2Ib(cm2j+$bTobSwN<0}h zc{(zAA^!*gn!p%gd0oE@*x9-y2A_{Xy!2?>ypuG@ z4dAUUADRT+#=>++BesnhdTP{D@U(Il*bt=VD)@wT!P5i2|{x z%8q-pKt|DJ$s1dF7+C!Ku={{aNzkT?QP`v$?@gsD2UONToR{yl#;YSniIH3ny&cxw zcHohqnJ?LBC8%#!wyyWLci=Y1cg_*oL`cNPe$UyK(%t=#V%$R@Tdn^x5$>sXTm6bJtT7*q1J6T0UG$cWWci(a#5MJE!6sO z`0H0Huk6@kI^2Y)A-H3uFRX%uLS#248K#kad?_doZxsd@at> zU_SRA7`rhF5nGt-j}RG-wuvXj(p$?zmm`#|$w%e;A$%icQf>Q#QF$v0|Y zhkHwkIb~sB5b#^QCXsvKw@eXpCb#G-&nXIabe`3+oaV*-o+{8YGzMwBGK|)u1;AWu zX9W2$YqY+}bV~A07oCUShhMF!aBXRipD7MXU;Q=4OAuU)v0pSLm>X48MHI=p*hkDI z+jXVfhQqz3@RtvpT86-$6$fdmvzqeKxBrnQih8d51GcwiyqJboGO>%c$JsUi6>PG& z3S@qYu{wim(3h;0l&iTYx)SY}i+&CfnhPM@w*uvim!GByJ>UC%KaP@zZ+@=gPtU`m z83xe(X0hv@!I!P%bRRWeV>2R86>9Fs6d=RI>G0M(=*{G)qg zjBx)4+TREN>TmwB5t`y!cNyxyorVhXyvo;68Fo%_)?yOuPydg?feWTaR^gJjE1g-FWtLX2f{C z(&&%Xl{<&g{emt%V&ui)$dbb$FOhPG^?mEkB8%CfcibOGB%lu`DuCbH2+msg2`bRK z2{eo?f4@kVj2~dtJw_{&Ez~5!n|(hfWqH=n)SKZ>lag296hjA-ztQ+-zB(k*0AT8FP$#^bcG1EQW{6l#BeZ$2ZvC#%#Hm^mJXZm4-BT}fj9?u! za1}>Dfl&Q*wv)`C~2RxHy>M8vg;!$R;z0|)e(AOw9JKc$m9~ao3B3d*^PmcN_%lGvbRXCnkixh^tENH%?7Xhx8&ow%2GN;s%_i98>L_JC( zzc8?}Uk1@V;q8_!u)jBa5#E-L$|7`B#ofMbAE&x9g=TXnC2f7}>r8P9Oq>13j>-x5 zmb=-H`GjSS}@d|7_JK&ODGf6c~b22_$3g7g)*RNGjMPL*gJXyZ*6(wIa9;@&ClNk{B)f9%I zm-bpK6Y;g*?}A`G=*`gDy?*-jaWTGDoH@7ViYIhzoHFAd#4C^K&X=`6Xc}5s?yHj~ zO4*!Wps7%M0zW?~t>PE$;Y*jpH-N0grD|Hv890ooMtq5e;xBh`XDc zo*Em}u&t3|#tDZ2cD-bQju_@{`sS@Towd{>R@^7MuH$iu0`GZAC41R}J^P4u@%lVe ze6_&cHduh1Iy>zQ!o)oR9=@pw}3I6AV4sG60RRvUPgwDM4rkOfbey~c=*5#u|NP=vEn6Dh zgKU2tb^5)lW#2U&M-Ui;k}qUawCHrdZuVAq1y(H*F0w$xAJI}*z%t)Bbx$#3vk(FT zb@P_^e0i!z(`}X-rT-+!Z;8i_3)IX|#ZIKoc4c0d*#YA+!X&r{YWNNL%KGD#7Ar9@ zYbo#WPIJZf@JS;EDZ-Iyf_#@ay7Yfc%7@?QtuN;4i{+DLZ=dVeBFEMb_e-YV(N;{5 zE*=mEhp1n7gZoAG)Z9m<$~*nyFm6N=ioSX~i)3u^XYg5zdHp0*$8=({_iw=59x}mt z@SK==9P9f@_gWiOYLk~=pAXpOuS;DF)cCj#IS^gq_tDGpb%9c|7%up__uFSyaM}D0 zZo0IFU3@2kG(1>oQo3*Md+i*&aIoR?%YRmKwHBa1Kb0V^1mwuXk+yA1Ro!M!W-q2+ zfgc+^e%G*vPXIuWnVD*vnbf(Me-H`BZyni?^BhZBGH3L+>=2$;7aur*Esh5Z{Vvw- zdiQ$Z_7iPi+62J5CBQ&GZvoY}2}aVQod7*Nz}f$>Upvmnmh$b;M}P@MdDnIG zyevb%nDRj^Q+zf;H3$K4&nO+cucJ}F*6DxJfF7rx+L>QY1|qROq&dEN@gsV+Em~Hi zyV!%$rI(v1Nu8fnK8`_8Y5aK})F9C!)6)qVui?(VELMDctaqK3YU*!J8EB0%!&!`C9_a(Np zC_#|cgCh`x{m2Kl!c4wC5p+vkgdL~x^Fks|Wm*XyoJ1g?W!zZr^_SK+7>q`XLQc`d zUD}FldkVRcTmSM}^51eR(XNAN<9)@sDYqx#Qh;ooQkJXg3;PFmCVT_kh7B=_T%r@f zzuKU`d7X%JaGYV$o`suw#M>upoi`^JJUW3yxD0uT^RkwZlK=hO2VRP}`2s~Gok`zx zQG|mgO$J99pi7Cs`q8jW%VZMUy*W#3nL*H|3Bu6Js(DNi8Dp`ZZdZJ{;us(~UO2TC zI1gsFmBwC&bkB~eK)R@qhjDGzhaG%h9~)t^g6Yx|c@K+?0tQPpR7l8y2ccGiZLO z{r>%apWiLED*OA)E&Xc;=0xP>M*)4wsO&4s(+fPHaL?YN0W{HPi|Pd3JjN$PKeCZ3 zb(7Bx%;v+sI!w^u5Eg|q5GpF3_>~$5pC)?GyTal+BXfAjP!uJw^xGRu9M`l~W=;O3 zUT5ee_?zA9Eq%kbOJjbERF=2QV-%v_^!9U4ynRE+=-x|&S>N{>J90Ad%XqVZ&-tgf z_AjoUk1BqG=9Zlsp0kiBmheKy$aunNkGE_PW-;3~Qo5>=9ufi)>b=Q6sUNA*rKJH3 zm-g7%Y`Kt0XMgETtv(&?BcsJlzlC|Sf$rWqqqBKY64gMVBwxaq?A^b0g#kWDwB`Bb zHE%$_692xJrPl&?k^7E;j0M$e-eaJ7g5h6W4~73S90xb3|Dz9@n_=V5Snc^g9v3_G z+s|IgAx~0fSY)@RL?TT$<*46x{*3uU-B<5Cs0%zO(F{o-kt)PFC_?w!z*5%b8fzV_ z!0Wf-W6On#RpKOo;t4K{@DKn}aKI~XWd)W1a3P@jxX%0RJJU3V(CN1gwLZ_;9t};)W`C1l*Wy`yfeuB-M!2W17 z1q_rCPJWQ&5Wn4BLY?KQ2qTYu-w)XY=PM4ve&nUT{xDE!6^XGSfm2-&y38!!I3 z!gE*CI#{0|eWF}t2fcIcFOuan!d+M(ZHtE-zO-C*LajM3j_KRs3Bh%nRJzu}DzDB6 z=6cN;g{5C!`!WhvnB_7A2>t8ll5v@hH1#+Dc7s-|1&yR}BSX77<==CpuGeM$P+;HY zD<23sjx?R;{N(dD#`Z6p9owgEd*tqxFMW8sG+x*md{X7jzvA_W0NAzv`_Z!Lcw8~FzdyLN!2Wa$ft}WJf(LY45s+q*>?sh*ID6Z)8;7@xT z?gyu`lB58eEA83Ih@Kf zT~IVAjp5hEDOE;9nvKO!i}HK_4>f?lTgu;I1l4H3DTRJeFU>OI$!%Me@&KN zOCj~EV}tsB#P~%|=<$N|%t9#Sf}G*aAs@A7J1WvPEl_x3M*TfcJHo zE3~Ss)G((JFMUB4sp0P}B70uaY7UOpq4d|2p_LSb@lS7ht@y7 zuXyX%#|#)o+-I02&r$`16s)(q}K_c`sCFl8tbh z==nGp07pp9kdqsbtLOW`(D6E1YY-?zz-#~ZaE(HNNa}Jqbsh-)z*i`xTxJeoTJofb z)DKWBKjLk(EY7|Bun-gt(2H4u27RbKK@27yargV$qU6KnX}Q4VS62@+M80$|8)M{8 z!8Uj2Bm$ez1_oTnYEBs=>iBO>gQ@J1A50svzE?9LJ2>v#SmSon9Z~qIE5@ z_``?-M0{4M1`jkHTFv*A$nN%nCtd_X)*Ybi*L$_~3248pyaDs-KYiJcD!m_pX_jf! zHNM(y+1KTP?0ad!01qGD7uUFKadptwOk~G|t?D(RfT+=4*4D&Ig$vR&?PtZ~jAHu6 zxzczDitZY&w=l3mZJrf;eJj|?cb>R+2AEQy0|yOqzhR9q1V&S0Ul;zt9?Te#j?mi( z6{A)PZ#=}OhJTdW^GAe2;`%OmU((oW^Yl_p5@cRp5L-T%a{Vnb#C{AqYAxXcPm?_OFd8 z1XD4v`N7wYpu(3)bP^VP`Qm#+tP@Y-YKy64CH*)tTn*u@`h?=)%|l5OFyrB-owsVg z&vQ2H$Hsro*IVY{iGN!_7K5?mL#O}T-YqN{jGI7z9s zFUS>u?nMxx`Z%G})Sg5VtHz#dU7Ipg!dDKI8xBG*LI_HPxr5nS5~KOC@2CC(6J#I6 zXB)G;5UoE|MdmGyfij6M*0b&c5WA^O$;aJqnx;Q_YS)j>|1EC?v*>dOuF3%r!?4kP z{q0ALonw1#=N`Lh(Kf-S`EHV^1hb>qLreoV}cI z>QPJjDMpp!x*?`V=u?8(Ye#$(+$e7mw9=EMte*!?m>#GQ_d!%>~}Sx@A^b%g#xXpMmF#=N-6- z3HW~;`zBiNl@e2^A%=j(IG{hOy{>n88Zirg;i!YM2q6yD{(vlBpQUe3Ju_r zTlewB=B3+f^w_5Z$yz?k1K8uR*g}8mzwFzi(Z>MV>Zd*jNZ!AHWj*KJuE{50Pog}; zGGNXuSSx~gPyFhcCAU*tnBxY)ruY%ivC^qE|8JgLa_ttl@1d)KM(C4R}w~NdVZsrF^BiAYywJHa-21g5*x&~W?Qd2Y6e?GOga<#UW z|Jg0pS1j89=UcTeUv+L-aBf;~tXSK(oHAI~e;xgVa#`uVq**?h-J<<9Z<3;frOnQ0+2~JA*8GBWR`c}TK#Blmux{6+104Iy)--nFY4((8gytWh-mxyhvuGjG?7B^npyXj#fQZ;M zde}U>AbQvwdJqhv5RjtiY^vyVd)&JqvIt!Nv*=_q?@{k@>yto82D0x_1OJkY8Yo1O5{u496aiZa58P;6jyRqcI?(>f5;6U1*qVw+mq<1H^2rYP zA$d~jg`O&h_7BPid+Q6Js#`?geQXIovgw6!;|3%u7f69Z{IWOT=UEx4}rWpc_ton3DI1xk%*x;pX9EZvj_9f$(nJu zcr_6h^*3H-khSAlOk$q%0biEuq)v`0+yj`gd>t;Yw-4%sS#7d$rQ<*Qp5u-t@%M`+ zyoiz1?a6s4Hm{M$jBD3SOd$n8x|4nnFW~Rl5A{BO$m1t$mX^7R_5%pn&GGgYfq~+0 zbqB5`haAvYQ*4<7b@_hHT4}gGl+xtWWfM6I=ecb+p**MC%M+;~QO2sGnLq}J2Lvyb z;S{Uce;6Hlq(y5EBU8WvL;K${St5Z%gS%kNpw_#qY44}tU9Li9QCaaiibtzX>nU4}5bjn-T2hN0QJpfT!D zSSV8UFB%IZG7} zrPafeh6L63mflxT;hVN6tC2HJS#Yig6DE${E~2(mv)NC9!b!T<`uvjpGP2#A^2>6n z6QNZ4YLo5ZD9lLuB*AES(YbZ13yS)2+Gr0l)RRRvziw#?Ej#Ingw4_vu|O{pxXBUS z%gkAjS1D2mp~N&>ds^tvANfuarkst=4=Z4z<-wxSO$Yb*=+`}dG(q<1xLgUD9rR-p z&n`-bA2`A`o!Pt`L1EvNrVFM0TC^gu_>(epGBz_`9UqX&xzGFgZFo*C$uyg>NNe)B zom)dxdP;%enId!>DP?fqCSnC0(!JMnY9&Ke+P2>;R0|O$s8%JN-0irRq!YqK8LC*? zm;4tA1F-%pt|_fNey`;7dcRW0{{u4>8%keO76(~7fAPb_*AkvhdAdU-+89H)w=ah5 zijHxMc7%*vj?f!Mu^@r;Z1Vf~jbZ)3o4PRui+d-~6Im*PoX~YrqACOFj!)R)`7=jQ z33FWEnF;mKKyy)L-5J_pIVa1tAN-FIYFTUv)o&B26)nhTCzgnq&MVxVzx#!~NIn0y z9;a}a1G!!Wh2A(6hBvD(K;|Oij>VKI=)6=IH_`X6)OF+}!~iS5PW_&xbrptiVwIMK zl$3u14V`5GNh;D0$Y5r$$>d^@spo!Qa0^0kKp?#0D9~%`V@~lfy{=|pE>ATn(64T^ zNmFUIY~1BvkFP|)?pAo;*nwH>ew=kr92dISn~!^<_#9i>O@v*Im#5DP2GQq3GN9qt znq7{ks@bm@67rm*xL$cgk`9;-)P)?QbP2-e*F-4ZbK5f(I?fQk-HNjrIg zMy-`JDq`UUhTj{|V0Ti8cV|8cQSJRSaFTHj{I3Gk$gSr0273@WHVud0TYvbv8rH0v zHO2iL6v|;K|M~qr-=|utm?&TxTVnT%)rmMZLYnPw6;Wp7y`~`huZ;G`vPg;k zW#$JjX8rJe;}IMXm?>7+Bf=4frS=?V6o8Xk4wa0?Ki2hMb9X^~?;WKo8XR1?o(aRl zsb`I+t^(LMS-8nyk|JBakzmE4G$|`HDRmb0L6Yg{`@X1!!Y#@N@`q11A+*>R>g!$= zkKIa}d|>~xx)4Snm4z8RG2asoFEF+v6w-nTrQ~Z_#g0)R$i+1c4o(_E z5LApZV6?-uww{UGhFZEboH zW6nrnUQ-i=TNs5M&0#Q%qw{2FK3{9XTO-m=80R>O3Z^ymjBkU?N)#~ZVXzP@z@mkUf zcE5KxyuDzRXKQ&Ye+8-ZZR+Z&)-ldc=U9MX4)Z`sj1DS7e0wfEv>=a| z@qj|Qw!uVGoL#eTn2YIYRKI2|Yd7R7`^(^MTg!QEC@THc?kxe-eku+HX!zJ> zZ0GvDKXXdwh|1te@~}@uVd;vio@ZGCg_{479cgjpNwtDqr8XNQBTmg>3i}z9+aM^y z2XJ0!NO-_GNHLP;Dsx=%M1QxFY$#5`K2WX8#d*h*`eD~5^|IWA2trs4)w9;NAg1qQ zpda__+Cf&3bNC0OI$@3z{O-E@z>R}+oh~tovd6#KpDei+Gt3jqm~acXvJxYI zEU@}^{i23fSq#-FJk7Lk8@HfxmefuJeZz0J@RcNbS> z^bbYSfEcOPq6-OL#2zSI$b0Om?&Qg4=xj??BXxx^O^2`z6vFv_Mkky*a><4mX4A5* zdGO3~heT2u^t_o+qKHxQygWP-*1H?Z{xi~Y75ztd35U$|ezs((lG)b0X~D*s++MI0 zisGiW8?u&OrJ;eSS6wWhb$b*yGwSf8IPaCB!K7eA@}Gq6rlSm$dA`;n#FvEjCSdzL za%iGaRn*FMdF@xm6Cr9h8!Pg^zy^C7l$1x3YNyLJq_VpC+i=R}dh-jhl56%z8%^vt zjc|vQ2+^?~P7#(x`bX;JmqBM=cjlbwLkVyxR#SwwqG7T9;}|OlX#RgfGAI0Jm*|48 z-o2vc>aHo4c650Z`n?vxPn~?BYGAmUogc<>P-0jjpZ1d%gb2SSFK|Q$HDs8Awh$;n zh1|Gs6_C|1{sz0%RO*^4UtgsR-LknK-Th;h4dNr}QP8}L%XV(PpVgHW-25E2)?Koi zfK?C3EJ)En zc80cnKg{IS^hN1Jz&Ad}H=kWkdf`6_T2HTWpQypM%~mbC<$a`jhUj5kun%6HJ#sjX zzHOU8;TGR^Xkoe{k6Sps>H~zRD>^v0TryM@HbPoKqqre;LFZ8YQ%sf7rs(k(9o}s2 zIF>RyFS|JNc|#2rWq}ps5vK3V(k}yPvD~kas4f13sUvOsvEZyX-z>q)$`t8ldvb#W zD3@vn7zmjskFOu)Wm_d0OD;_(MQ9ETt#n(`A~6{B1Qz9i@rM(Ui&>OGsbfk*?(@pO zPP-B9h8&}4_{%pk`<{E*M!~9{oas$=%p=4zT&ROaMJzMiIeEJAV7$tpj$vhLMxhZj zxBjBltb~M)Xgs(!q25ZFMKuH(biZcKYM0MPKsqLl`XXq198=|ia!lj34V2p`>RU(vt&n-F4|6@WXXghl8 zxB%lv-Y}!7ZZRcSKHlv3KK;SV_Jt0$`A2a7gPZqqh0-_#>~5*8a5J*}YE)vU-H9=7 z!+NOM_Cg*(h5H9)cqJsVM4bz34Q~mqT-ny?4s|I{58_AQXdnhP6s|p=)6< zPFJR)QkcS%*;>5vYx?mS`y##)Y!`znw%<4A_p0rcv6V;_HFu@sp2C}46Fwj~p|282 z6AB;+0k$tO`6>PEnPXf##2rg^L;YzA&d$JK;@!kops~X4``1&EEiNq7C*PL&%I&8* zATooD4#~YcQ}|OPeT!`1g|>Z4dAejmoqMFQ&IEs(@0)b#<7YZos-5+Wer~r}m^7rf zn#J4eDPacWX<2%{4yH~Agt-qnkg7R9=)g)^>9df0dx`2G>ZSr%$5q^jAXdOV;X9xi z`tv)99Uy)T0f-{b^N1|^6>xZN@LsK5RSvW=m6&=Qb6PbpU?T+7Y^i>`nQRL^?vFohP4rRC3wWG-Cftq)8J#g5It|C}9x zxcdDg)q}dm0g{7|P87wH>ntVzE|lh4Dvf zIxi2GK~C9rkm(hT@!iWOarRbDl2Bz~HzxAESSqsI$FYLIBb3SkyADc~=~9j9BI>0X zmhODg8v$W=#52zTsLqJhdxz_CvlIG?rtype2TJ(;`NB73C@m{J@Bs6$2X+imbz4ZFmK63Xbm+gmdm=Kz%Pp673Q>;Nsg(9TzN27b2BbXg8_K(BcUh?e&r z-BsIP#;(g07dP7ocKwzz_BK7QVqJXaY{4i>m%$B)>^`=E7)O4zWi60|2nL2PHL@7) z<{0i4-7e?X_C6Ph1N3cnT`rLysbjY6ezUobeP+f9DnA_Xbeb(`&6ZdUm`>DDuR8f=Sdd)P2O^m1e9L zfP_!muSbHX_lx7cf!A5*_I8UY!!}`$Q-a~?bA-(mt#K8D*mZ{Bm9GD}>bP2CN;?MP z%G!Rzr3t7`h&9CPycNuF0#M#%INO^#0+@L089%1J*pNn#+TO9ihV?R#6LiQN5_y_C z-=q?|;<$NUwZFZ8H~yJsfZQ8w85L*Oz`PDMd*Q`s#+tiw3Bt~n$E%&ybOE_+VZ^Sh z6a3NfXd@)s#ocW^XnV}`V^jpBom8ypxrKhW6148`FrUb}O$|gg z6V@u^cL_T|7g}3=aSUdboM{-^S$?XQs|Xdva+MiS7KR-4j?Lt*#DA5hNP7PDV(3JR zg=J*=ga;SgN1^_aNcV^pP)i<8mWy z9&P?cWAwlq2?KuVX~09O5qx{^R9>4L7$64PIzw>f=^tRMNJ#B{H5gFwJHFxhZ%`o> z!McbVKN710ULSYuf!RCG75$CpECf!Z*(kp6*uQM4do(@6P$PRCusShnjU-d+L3e{< z#@sF{@(p`=US7fwGi~`9Xz}X_xT{opRcNQ?to2~Wxq>86nuZAm&K!N!3K>1qb` z1*(*t<`;ME7fIm-&%(ZNJlf7cIR)OP(RNHC_Z-c_$f3Xu;YyzPPTtuBvJeW&G(EO$cNPJJaw|FA)$&ulq*pZ_^{3;U!_TFESo#_V2Fykg#YGP?UvBFT5v)MIm-c ziqU~^>0Tmr%jVPu>P-)nuyUT;a1I{*C&NXjmcG5FPYaJ5nCUlb<@b(CFKP1EI?_Y4 z+6lfGU5rboW@@$Jm@&kUKK(=&ozK>!8%9KHUcfw7nxkIJ7VqtWdEhM5wyS?Z(lnx< zLodDVNvbHfk3<0*aE80On0E$QdCG5-ff z0m=uRxFJlhgH5EwITwo|5RYX)=0EZ>=>Oh;(9Qnl(Z>)Gg?%dQVSWWP2tSd=;otw^ z&6%_Nn;-@U`lvTP0KTm+XWhT4WF@eNY|iKQrlVMaGaI3PXE5LTZ&oiD-&eK)*FQJ6 z2d+nidG`Wa1t8BN+;KZHU->y0R-;AIz4C{J7W`w{QA|xD$E)g~p3&B-QKC9S|H_t7 zz#>D=-tLtLqR8XUI1Eg|b7Sh_V7A}1!1A$SuQ*y%fo}$p!6!ryt?zj@hmtR}FNtdv3*PhiE)~Bxg_L4led-SB={o8{nqh5dVi6X%Hcz;m>p%Mo|L3nE%wS|pxP(1S zj5lu)%N(>{PAS8#;05Zr+P&n2jAd+HtRt5h{o{OC$uY|IV&{HzV@j~j`iJYJ4?Uw) z`|2)Y#r>y=(*RVLT$XypO2@saN{9D?g#bD61O9e_%Quvl^w&`#r`aZ6vf04(xTAI~ zl#0W)GGe2{lT4ngCp5Grg~yD2THIR7BWG}fu5#`UHxWzShMZcDL9YXJ*7jwc49M^_ z9#`;vNj%h$(|aUC(+*7K4Q%>#vWUBd%|&SSk$6>>TD7-^kw&}rs6}mS1bAzE=OeW> zql6@yU7aMW6rWBMslZ9TgT7w;wTa7`U#Yg_1=Ve__*r8_h66&!#(-4GXwtdbof-i#7? zua|*WwLi+Sa4Y?$lUdJcQlBl^U2z(IdoKoF4cEe2C$Cl}(Woi|zt-~VB4Y+mMK<5x zQNo@h0=Ue3_5Wt8d+7A*21%S?^zl4g;Z&A&ic@3@axrBtlOvI{f`X^K{0CHU3&TrNhV5XX`4AL$wh$TpZBqC(>u%q*?$(N|MA2c|FkSBWQ z?9IPcPP6HhdP2!T<8RezavD1ftrL<_eDov{EzHmVM*h?3CooTyX5Jm|=@y(U3 z``g^DG*piYfoB>#Ms>uNs4h;XHrc%3Si%^~YwYd4UffanaF=f=maC0zFHD_ua1~2_ z&&S*<_HVW2)78GNLHx5wywnTk=!4XoVXWWdWsr2}>-uD8yUl60#7KQTpYKY%V`SL< z5iWg$!1$PCjk;C!>w<9m+yU~?ak`tB#Q#vNk@HPxo$TG0lElRXO%&CnN3cuDLmQc z&N%)Bc>Urx6jTISRCZ~siMf*={n#$!S0sHD6Svpp!;p7Iz5Sa(f)D-`j`hG|orIe> z{+^`EdBdS~%NeP&^|Jlh*9^nCt*VXpM8TFO`YTGfO5ei_7>H+-pjDM(+-`=N`7gdU z;RHOqpkp-*N7knKVgWwt+Z-(>D@^rIjsc=stFS`7BnrsSV36 zwha`o-LK|_<&?|@av%C6K=y_4Y;ICj*B~isx1CUz+!nLsrm6!9q=h$viNRFOyXCy- z@*wy>xs}{SEbnr)8@IjTSZ|06oBclNR~9f8SeCXFa-kC}iJ#cM5GO?_h3J)4_myr)!m>K2 zTZ!R@etYuaD&ex}OA&>Fh#crhN%R|hPsf`5o#r8Bb@TMv5vgk;2!heOZKs+c^Y&WK zpS9J0SH3(B-ik&=#$r3<|Gt|`7)E!5Z&+0%Q%V$#TSOu$%}3xE`-hI#EsdZ%Ld0De zJA-4K%X6k3)~I5_L3!C?ba3#w4e-kEdBPH0z16N82!>xR?znW*TPbGk5HMNBB*T>- z*gf}mpGhuP`k=bF*}KXtEGpDV(lg>}J3g;Hh|dBY=2}3g^vr%!T*D-Nt`1JDPQj6a zo2Ht1q0L}pR^^#QRill=`dDShTaqNB+_vtecjb_T?vVAr)Igbclo>+cJrb;5B8@I* zA!y9~UU~D&?1l}}b|NlV>zxgoUdvwGy~E1m^^TH$5P`9z0LtwJ=4NYYQe~dxJeN0? z7<_hOy@2`PU#bTa*u*Y9xpM`{TU#{8gMiI?=dQ2XqP$h*6ems_VFS83Z$ZcBFUbSvQWVyh^avrxIeuD ziS-bHQYhb5Jjg;cf&YI4vWnl^vIGX$e_mM~#WCS~4))ojk0_&xFW?6N2YF@!&fG>9gH?LQ+$^bcRdc4yZUxNF%m9n(8pAtttNtYu)k60o3dE%BoIt9|r zS|rv2C?$6wMl&K$s84UTCi(XkoLx>0>KgGhEj*8?JOwXN-Oaa5`ZE`4W zd)-^V7J%sMwrvJNZRqEwTjfieW$`au8ZECWUg+O;(6nW>Tf+)9SfQ7wV!2334;byE zxqs04!&sISS;(WWl{uwqyk!?{?PVZ*H{V_%amNXzqImYpgH)~+3R?XnQ8HL^m?ZE_ zkg|M9N*|!VWhTxpk`nFaT$M1YP9hnSx&#+*44Tn)%L7DSiP1QL*=`hhg^IXP^20uC zI?B;bzHJVBr$#0>O@^aF`^s>WEwsXpjl@Adnt&pnk)9T_|P2&lfXK0bzD`uT~ z6Jt?3y&sleq%8l&hne+mTPq`&*Hl;vgyiZEP#%Rjer$nI<@fK4?t?P9ZJ67KI=7du ztv|C|m&)N4z2KC>Cm3Bd#=Ht9n(NN@L~1=_sm1)wl%K)~_qN!=`#oVeyIK81O9qVq zr_L`VTC1ALNvVt;Au=23JPGcMI^71>#_R9l6a<0`l)tI!aUIN^493=ZXM1KH2hhLT z+w2w}>6r78E1mUsPaC%?U})F#{GOaq%}NGyyu|{?z1L*p;1szlqasUTx~pLJ`?t&x z>u`(pSifadO8P!DGIVhtXSyEYnyqQV5g)2Ck0`G9#Ltultfr+># zN$dSW51a4kKCrK)B$kSWQ-SznnC}h6_PgebIQkKP~ zX9c8`gt-N+N|bg6-GF^_a39}`K@3Xe2pw#)!E)FJ7yIRU1}TCH_kA|ipR;dSC+LOi zhHPL#O|T2KqoxZ`r|Zf!wLDe0R$3yvLNvD35c5Is(-km4f~c?!oB;_TLNCud?yrZv z@cZzY;JO)(NFutv3Z8>S2lTqL5%6~7%OB5g5x^lDvTtlsX1I45JZvpn1dFqvl8}h9 z1#Q$A1~X4D%&Mi&whsTh#wq%f6Pb|X+O7rMO!sSHd?YkcZJ!4f zY~aPeQ1Z40l{^j7>GBI}v7bJthcx5VBi|p*8qG*)2N2UHFf9y=p%Dd$zf#Ah4qk=u zvONU&c9FcLB1e64f;|F)|mH@O{RbY*JY1ExCz4v z`z|m49`1jgG8$*?xtM7gheM}%k23kwf3^FYrskiiEYwR_bnBeYH{yRip9782w=%xd zf)d8N=y@Fx#5TFj6|^hu8BUt6qm>2isIx;o8Ku8#_Z+x^Q~-@S1MarK2B!CbWN7*? zkqq)Idfm`gC;C-ReoTo&OSRgs7w3a_=2#odbcm$Rp!+$cHz-7DRK$G(PwVUNqs{}N zTH=nU$sx6HeMSr-vEJ(Ce3sGN9Y?M;>Hs8GsN1mIImokf()7W-n+Rsx3=%?8v>?amuKB(JyJRup-{Y-CEMeZpEgyk7-8aIS&yH! zR?RI-KtCr`Lq8qANpx8-91#h_ZAHCYl>x^Kj_-MIfrQA4>NDP8_FT^T@a!fR?{4## zae-oa8>%En5TSww*a0hy{+nUdP8R7i$#A0kOQNb`?)V`fH)@!7Qrj^wD9Fr1+n2z1 z7|SjrSSl;kq31mEIIR*bzt{!;%m*w{Ig2yAZ}X+hc_bQ>o4?ZTDs1>ca#!m0Ey)Q@ z+~`~v)Fu=hWc+KB44RYKoyP!W~EUjNMd@qtOE^+O%)cAUz>?LKz7ZL!5W#U)4dKpz((p9 zVH#pDmUWAU;+hljdI}@3^mjEh;9cr!X`m}j>PsBs?$QqgG~Vg!1-t+w2f}?q3GYH;1^_ zN=U00PZ6lH`ctte!LV?%7!^2f%da(Ym66C;$Mpj8N0Iann6{Mi4nKBoR?6+Dzk{^& zRZf$%QZS_kwl)4o z3#KZIv;B2jHDb7TBntk-)HfR1)Ca7pDbaxSv)ZMjR;YHCvv)PvL^-!)`fN|Uhff}( zrIPa=!M;Ol1WmyJ~X_8OJ2F&hFd%GH(+B?-w_P~^(E4yF`GGPlrgKdK;Ela|JspO~t#5WPabuC% z5t-kup#JhnJQU6K?jSer_#cr&-v`cW2ay8oBWwl!!T3F4q|xQp)DHtPcx+kbzoq-8 z0VIEl`DTXQl5wTWUu%0C=ie@nlE_QCh34Z>e7gC!EPf2ez-HnY3fp=gg`nvomZXmb6S`}?@>C~i)H?(Yq`s1nUU zdu-yXU(bFVd`b2~HiW28+~kqs2yWT&R7j;BOU-|z4+yIXy%bLfeB`4zRmOFp7S{Q5 z!b4eFF033ZA~GctqmEcaq^;&8ED}_QU==fWj;f!xC_`z{?kNI`e zs{_~ge2>K=JBgCiDf;cp`l!@pyeb54ac5cY+|K}i2GLE58G#PjNF!{2VCz;HgRB!a zH4^26Y;>KRJ@Bod%ra>&(lJlWSWcKAeI;b+V*9vypS&zqpCjSX48B6Ms`dMM!~aG{ z5@qeNQWj(%Z31HqI4xkcjG(;RKOkN4pw!M-o!Nocrp@548HLTudh0ZV&MybrZDlZ* zn(Vs(Vg_OkPK8$v%FD4fl%z|Ybdrx|sK#>t!@@DE}W$ zCF=N|0ML5`%9xLJwS+S_y`lqgmm%C#>kLh;&$(?bIkxd}bjEng*Xkjo=`9O+N~ZZ! zrqxIFWa+WyR%Uy+C3X~ouLxKzu{cwlU+g3>dt$6??I|JtOcG-7!-kgP5<6^D#ExVUpY%zqLR*<7 z&$_2j^G>J9kz4S|FPJZXgxh|Zi<&AxpXlM0Xj4e4(35?}6x?FSrwHcmt!z-Cj+x^GOfX(}!QVP@+JUATA1|SVpcK1n!u}q?6fo|r zCJhyiEQfKDN8M8S=t`QI9u>wZ7(_V60FM*8C-RH$xw+nS^k#@FwaPLU3I&&Iw}2(O ze`mu0HuvB=ZqRJeWRweAqlaD7-C{zPx=4{(PwDivC4#CzWL4jFhCBBSj0gL0Nk)b3 z`TS}z&OyPL!AuLs`zwvsT3E>Ib$KV}c?sR7%V?K$5R4X9PyX!!c{aee*E5l?#=^Z* z>A#l~e8VfX38EzvG`z(Eb9WVY*i=F}JvNCoJl2k$`?v&9=s4PlzAkI7)WL4zxC@#VpUCm-vtHMLv_x$JaI(@F}G+pWMh*_O=sBH#e>cRzs3Tx4HXQo6Rj@V6N}{p;TvoZi2N7_!iz4*SnRf+NR>{2^N5DoOaoMeZNaA z#~07{&v3lP7f=tniU`Zp+s5H1oAx8&UXAuU%7=t%Rkt!r*+ymwEK>uQs38>O7Qlj> z1idj625+`=d+{#qeLH)$>r2GxarQKD{*@xrm*Fbt6(*r`2J-HJHNr6gJDgEt^B5&& z%Q{t-;t{B=^y-I;8d?pM%o^^lyF)3eT+}El^$}B|1JN4A+z~DCO+v_bp44Uf<^Lh^We(|=Z306kwk<#(3 zs8hNovOq^sSW7=@s+QbHT_M^XN|f>Jdh}Zrf7yO?#SuJu&y!iKkJeQxefu_44G#FRP6+gg;925S+cjbZu~#rwz`k z+gu|UcZkM#_EZYFRay;PLNGU5R>4=Hgt8}5s%kMboT3^%-b>gP1$pK^4b90Fh#EV7#{$ayK4J{s<>Rn`eb=i6lZza z%C&v~Jg)qBXVF!t^o^hdrs*2G{`x2rk+_#7BK$xdh#z5n`&6%JWGit0nKDp5ewrL6 z#~x6l`VXN7;@Jy)o)zOnCMRuQY4a@dv#p8exj*UNYdm1b5h4t};(eOW$mvnQC3to0 zEGsCpQ>Xugv3TXx-)CiV2VkZZ<@!w~jI9D|L0K@0#=4KaJ_}>l;TYv%&8{0mGkVD% zE@ldcaa1meuCnY91?Hp-uzn-7&+STy^U$8v(+92qcS7)rp%A(8Au~Tvt>)G|9hClT zTT{Uq6J1|&5l0|!T~yUAUTsr_wexnsS2Hmvln zBLIY|AK)0Cwc$x6*Epl#icQnIT5Y*shn@?TBBtYGJ0Hrt}!22n%k{D6qWNMWrY7tz91DVWIO|8e*A zn~6uBWeB}YdGXM0Rf$Sa)Gy~de7%~dYAfjh%zbv^N5pHEkBC9ef3YsCkt%O`PS#^|i>NVggr(eI(4&_C>iDp0_qm-|Srt z<($S~Rf_Mzz~V)F=0a!7U|L6vH$(EOCz@@T@{o>Bf<@*cuI(!CC0|>@x^QO+^2ki! z#d!bu!RZ!EQYBFDj<+3nnkiC=>4}PwIRChB8|Lh$5nMtWkP_?uY&n>3jePvJP2IGb zGt29LG5Pwl8TdM!$bUfMR^$Ye6n0>yPty9}x!E>h zGH|KDk*{*)0pL0{9AnxtX^gIv6T~J{=;^(E6`opXhU|#F{P-t{=9ru>U z3fHQ9hZhGpGg@{g^)3BjSi)24`yrtP|9VlT5y-txT3Vt;BADTAFi+c7-fKH-&0omA ziGtd4E&-hH#`E@sj$9q>_&#nE;SaL~c~NQ{qy~^pwquk!}eGhuBZFB ze`Fhc-SDIaimgrf-BND;KFS&&dv@}0d8F)cT(-2?I;N!SYG%*6Q^R&lDh^mc*3Be5ws zN8m(paL5!XDrx9ym&XvWWbO$~<@K>%YmwQsn+_k$+nWO_G}RR?!HIvLeTKCd?0*Pp ze%c=~6q&cou1!iej^q6Pj5+D>O-7hsBQ|i}KPlWRVE-lTEpHkrAVwc>&xk;nhL#9t zph&4AvhG_&ayZwo72PL;?jC6zL7OXtF=UPwOkQ!ct7#R5N1n zpR&)%Li{7GiWAb`Ywvj76$(~lWacj3$ZCDHc4=sv>Ju?VzHvxg>$bOQkV~wrZ;&!# z;YachCo`%)0!#<OTyju=ZTGAJ|&`UtR8;al3E*7g;shK*ulriO0 z^K2C7Up@(6hkv+ZB%bzn$auu_Ah@NInvbT3RBYecXS7WCX+&OCvm2`c`rcmfEHZLr z`5_4I=cy^Dg2xUIsqZ2Jz05xZ+ zpC3X5z^sAK*HzJy#^D4YD>taGN{F4yQ6V&V-lk5i&TM7B^!5Gv$liAT`w0WSdY2@l z^x8{k67L;0kr~u};>JsLkanZw@1kU{+GCxxP31G`l#cl+9sSp71^7Hd|C-On>IUS5 zU)xQei7MTtu#2ylT6BU$>+Ma);Gn4M<%h5hb7tOD9_>!Coy?x%$^fTp5_)Y$jT+uj z<=~Axr~7X(OfZJbf(3DkS|<}rutuwNXw-PLZ2OCa#Wg3KGIaIE!KN~=l!Fg$`A;Kp zw^HyH<9PEbPU4|+o(w&PupHiTALdOBMQh!vX>0Qyk6IUvQf#y-U)Ad^zgb9TDyOTF zlx{dy-ezp%Zit3@_A7eh@EXMTW|dsRx`vPV{DO;Lc#dk`4zS972UmK3eIy(BYdz87 z#3)RJqd7fK6)sL{bcALM9jpLpF2S@)W=>?r59WYvWd{Z;(%D_7!rO=(x_1rC679A8 zWm!~w9_;Vk9(8cwZxQ+4RnubJHoFOuIML5`1iuK{RM0$FODavb8pKV_)z!{BZt~!pWR3u)>LN5oKr`J8yqdEXtvkjEYt`WL_|RS z0)W>MgiFHC86W2?FjihEiCd>Pw~o~TIUMrz1VLT^P-^TPBkPP-Q&MJshzLTR;j?n3WIrypU9Y zWF$e=5cixCby^**0x#>jL^qK(PMy2be=t*7ua79DA&GCI=78Y*b=OF!*6;Eatkuq} z!iuz@YO*>Ply%vkY}cFj-jDq|;*kwJd&2AnGW7odGeFG0%$+Q~(RF?>IN!ir?QB%Z zcE!Up2am&X#LHrl0i~XE+C(tc#E-Y1;Kb5qf_JPX_czum?mP2e!N~)gx8OMUu>MnG z=A=f-EX_~$H!csRxBy1vJBfZIh0*Z?*QDuo3BjJD$bF@H!=IMLpN`8T)_8x2zbgLM ztOwHE7WyWYaj6(~^unIo_dF!xQecTbZd;6XrVq0^sFr_Ju@U4R`?a?xskiFwM8KCx zNh523=(TaF`PTyS$O7NL>HO=^TZLlDKFJc=$WThhorptBw!heL`@><7yr^E)*N)aR zv`++adD!vnT{)+7r|3dtjFK9(U&sy$wzq29Woa{13h=O`uUxS6cokEah&j2BUhso* zSB0g%T8gOzXE1WZe-;IieErvHay`7>%p|Cd4E%3&{4mi@@NZw=%37--E*#WOWhiu2 z+qnMPykG+CGup;~d)~W@00p+!hRLDm{*&uFewJsKy_Z+Tpn5s-FzVz{458!f!>rVU zRnHk=80wgVsA~Of>br0Ign`CAF(G%HyelYIrS~{Tp}Tz6Njir?HGicvLd~p!IZUmu z52%`6Pcw|Mq#~-lChf$1q18Sc>=d5c*;Jk8tfblFYs8$=9ppHj0Z1q2W8T zOR?Icyl0Z?aK*>6=j2s<9ClCh$)lZRt2Ov0+|)5u4{?-YnE?CQ+79?!0skTH-_J4e z$giD6bJuGI6MUNDwWYCew2A7!danwjwV-&a*K3UVwAGS9G(U&_L}+1s0T|cK63=AD z((MAly3$6=nobw7moG;9^1a=~-e>>lA1R*O?vWkQn3XKC=z18sGZdy<+Mj)C%)jwb z4!x-e{l>O<}lgI)|`@SLdNs7~Xr_J5a`f3w#zMOE*HEF#Q=sN=F z>#Jt?6@fsd6y#{(L~+T$c5^bKDTV3q!Nb?YMR?r%Au?2bwbR+=kgo2@+$)AJRJMQY)aDio}MqHuJiag+>x!C_gQ$fugW8@1?g_y zg)Tq*e6g(?C6g5WMetQx3$yJ*VhMAcS&E^rLiK{WBDc8R81sRQu6XiJh{XhrQX?&*w)6MGrR8Z(J5bwSF~S>b4~*aXLcYnYk4+z z^p2sTE>@Mp$Hfd#h9^4{zMOrrrURbLjMXfi^0-EhRV>X5LbmB^ZHTRX?ZU`qX@$2S ztTU;l1N)%wQ`h;n73)08bm?8~LPV^~JI8Wer`qw+TQiEQWYuNGJ+(Rtxaey-DPGxD zkGKNjkIAzpGI|*qRScHg(!pVYiSKsBYhk(H;4Oe^q*Wd5QDZqS?wGEWU>}*=XxF|| zom9{%s_7^8r?Fvgn=%g=vMLwjtIGK2qMFl?Li4&MGi0``Lqt zlPRWY%C^dMIn)t_!MRB6VGC~^CQ{_12M{Yw-BU%DXB5e1jJmt{g5hg{rxe>J?J|$z zgK;fR(>g+Q`-%0tUj;x6?bhvmNQws~bn+whlA0^3s^N-&a*uwgT?}5Vc=PieG-CY_ zcvt;-CsyO}(m%81W0ho8`2{`^=|=4X6_Q9jHuqfE#9~)D&gr>hhtYIh6Igg zJ_|mdixfvZFWgw}r(!=X1=y4V7hl(51Nn!;*1fL&t?THf(as2oo(@&OQ<-#j>^(Em z$bep zW=<9xPY%--F;WU3$QzrLl0IR443cOu>Zzg@4S<7%dB@|EG6wS*KA8}adV>SF`Pqq> zmg8l{fw&h7QYRX{)VO*)dHN^&SA_zqiijm8stpK)ixqtb%iC^Cq&xrcKq(z%F zs*d*(U$~twcvExaWEEiv)=9~z$AWOg5?jEQ% zFB6XSD6`r@4E=cE@k=)KCJ6fR0}L!vXn>aIPI3F(FDEG~oon~IowUlxiEG6$Uoern zhh9+SLAL$l+LYKAH23D>cT~d~e10F5VGUJbpGWcJpOnND1g+hdCh%FvOPI@HM%27T z=z_D596tgKc<6`ph(QxAsoOv(p!OywNL9Nx1>XN#m%6S)nDZZ%7@PvOK|*g5!5((c z3g8bUuz^%pjm1f@9Y_QFg&7UU7`Y(F;%$FVQm4WufEub)-|T4Tj6Ho%`l}5#M4|uC z6t}IZcqF&40_okChRGI(k3FDClq}*lM{xE-35ZtYq*?Ew*E%2E7nUp+{5$9h`6W z0Xeft$%qGZ;vcpQ$?%2#)sgI^^GOwB1gl%3+n&^5Jg4yI(_eGiB znb*nW=+sIQj16K6&69vIRTl!fDrN_KBjuY*X)tqi6lFmMqkh?vXINU;=4n0~LXP+m z7SQg1_VBMpwk;Ip9402mE)NH5ncMLq?8Z71yIsLRWLDJqw>Gwj8!(Ec}6{pLu73Z|G*OD$3ddF&*??iMUE0dxfinjUcDk*1L-j7teJk7Sg zKwWg8qmYrg>>vUA^Sd%Oc6EOdGxlfy@j5X5)xF%t+J8Abs@9`%mTp=$4D@iietnMS z%NLpoP((k_F*+y@r856HyFiwcxZWzB9Z!z`xDBnndD79&SZjThwiEXS4m~el72BHR zOryV0%hY%epNTB(^0k}SdP0W~8$FLT7WLU)?cq`1=GB)cV?5EGAAF~Qet^WMp*ivf zibiU|U6G~ZTr+B7U&oUPu5hus%r};zOlq~R_&{2Cao@6g;U5_z%id8-9?`eN0#$ZZ zJD}G+yds)W(p<89-Izfn@Tg{i4hvxPm9};U`PYpY6nDY()hGp$l+wXcE`755sbPbC`+>Wf-?n0G`5|2sH-e;T@eg{n$P!RF{b1YZ zY)rPy<2~3P39oKPmdu}o2`0lalcnvSw{Hc*;r*9KlnL5qo$KYCIzci9z;&!X3vHXN z*|n=+^LA+9g~@BI1#HK|?gfCyXf~-cbj&SSG{7N`>sTL5NZ@~M-TvBIPo5cGm$XC@ zPZn5Ek?ZTwuGsEo?cf1(48t`P`NLA)d>+NN!I^w7l)9GIVEgt-h&fq3a9)Mxi&lEg z)O1JSYJ`mtf11Vmg4%J8+L&#vjpvmC7?0fy_es2P(nW*ja&CZmpZsJ<6(gR1+C|!= zP=`49^My6A!`lIF?S8|__xrsOelHX*Uz5uu+0GNSS__u@h*qgOf{+UKlUi-|D!h4v z!DouA(hyW3NjY6cUoBtg2c$kHyX+42gGV2C^leY-MP*vl3_Lu`2@<=nVPisZ90hQF zRoM$i1{xMBjc}J##sxnEXE%L8=D=6Iau7b)+SKbzn!sX^PO8}3sFbFZSO9>8;}}zq zeXb$M>bXMwDfWa75@;OY%o+j-G;HA{92^DnYE%XV%SsVO)LFtP+1LX86y`C+NyPz5 z1u36yCc`?;TFD!YUcD8ilWVv0?pv9Fg_vV{PaiaVd5w|!?1$fb6uHz27fh%!S|ho5&d`tTOegcX;;WNNB9&c zRS11no!{dNT}z3kS$6qrCv?yWqMz&#A~(Nbyme^+f{B3loE;c-+n*G4N$62x(B}0^ zTg0(7MTX;cF}6LXE)`E-g;}mG}m)W<9LTjGU0ve8WbZ9J+9}2z`$X^2-S1`)vXC@*HxWL2zaT7S(p(Ecr^8TcAr1H7~kCPurrl)!v zHBP1zfb{+s zr~l)j!a`(Ud@zj=$3EyoCt~15ibkvK1yGpfp*AMDyP1CjtYh3yJePq&eJKdeg2KY+ z@IlZ8_Hc}T@q2t>qOfJVv63m(z5Rpf-LI+aJs8tyb z$@0Pf6#C%2vn{9J1T{lxAe?K1U#m!{H`k1XhvP45OAG*Fr#;M~hq!fI-0^y}E5I_* z{OWNK1DW!iNv&U|>(nj)-(u_?ox04N@Y=KqG|4Q0{cM7ENy6s>%ZBS7b(10wl)P&A zyWQ1t#>&b~n8{a~k)9W!c%4&^tL#3RPrW{tlf7=3A7%;CGhqfNu|~CSazot>foKRS zm}l&2gPsI!tM{d_-v`Oqk)$Uu9eKD3 z^UaJ8`VOC*LF-7LX; z0DByimz=_nDw4;BOD@l6%*$W#xi|Y)tnIYIRJ^`>954rae)+EP`+_>9*_m`2H|q`D zFa06)=k=N%U>0r~(}G^^`Y|9w{q|QXbRiJl)cksSq!6q7((+V3{?nM_sOd=gJN={)A2YZHFfTDH?K_Mz z>Ba8*3&@1e9Q>G7;StH=IMY%3UNp$^>_GtQVk0kXjnFX>ZY@VAku25dp2DTV9MRA! z$wqa6a{{XquUf#8@U08Xka`XjeyNhGQpatR(HLcEcvO1L`WH-NS6GtnDG#J$tyuLr zp*`s!OKTjf_&9~zI|+s`CqO9_gT8$a7!FQVwPh3VC$ zHt&a-7L5A9sB)t6lQ^C?)*SIkWw$rh(Qr|5tHo1*vlpy6{Q^1b0*0XjQ|z_!6d9So zI-HrNv_Am@n;-CbXLqFt=NrGxYE_z;CA=xGTmZNmiM?y2N|MBuYW=I{T|aEpZ`vppQyWEIry_a!`+#__0^)2jN=o<)N|X>7A%Q@ILCx>HA(0lc2W4wK@O55N|C ze>kV$pA%Q{6)F#jJvTAeOel@D*AMCeMl@Z<_MGHz9vg7@fmMCj+2wH*V66QJm;%ej z-0)-K5sQd}5AZ{>y*x?}W+%fnZXP>W^b6y3THPYMDFTb-`#h82HXUJ2VHSevyXbV0Sat0{=$o@*um5-ejlp|JHQ_CL)_D&*KvXsJzPG z{%R=^!8rjJz2e4z83jqA+3i+*FbT^2&h~t#G+vGLlaxG!)>!_-G<|T8X#CA`jZ9}6 z_tCZJ6#|JUju;bAK5~oZ+TCQY35I7ArZM;;kiLg1IHU^c=_L0%Wu;e8!e1Su9Ti`c zxWs%N#A2*ZvdD13Ku5}H-J5hMYD7ei1R(^Ciu${kI6kqN*jTZ2_To*9s!!4RsGnHu zuxjHlDinYKh`go(60^A9JWyKwA6is>5<^wmo%`eIKw(i=f*3%5_$9pvy3p{bbpCX!*tuVf0u7QTK|w}nsteR!Q74$*`EsMf zzuS04z`W9s3Xmlf%1FH(o}z0_3}^qi-VTi3_ z7uWFWwNMQ?+E@`#MKJ39?c=CG(Pc;xwtTwT($I)`@y%J-EXiJ3VOA=T-5*53*TnKa zczz3h>Sq+@qcw0Gk7xg6;Vb4wlU0Ype9p}{M(_8UfSpE#z+T6H`_>W6`(` zqi^z!hlK|S(jOVX>9h8Mod28Q$!Z8^`C>>22ybWhvtT~2r1FKZK=zK}W;O>W_TbmD z9HJf`km~~?DiE3_`O5`1z}9u=cSe%bA3V*r%LjQWw7KpHFk%;KT#F6>p|5sY@uc&n zU&pDGkk9)DYK!nr(zbK+S}AEnYu3Q8$B*!JpV2)49cj+Ado_6MP0BiD*{{1BCAkEJ zCk-zYeN-(A?!)Z$vi<4iJ(UZsg_ln<5jy6tO4*(9WI>Y<3~VJE|C=FT_zfkWCIDS% zUkU~b^s8g3Rpt;WSJOUA7o+iM;YoT9rq-0TNYdO)JkPOv#f+{gluvXA?rPBsy3O6Va+;rZbc8{B0d6R>)tNW0zBoE3duV4G|v^XAnj;&e%DQL=6K4g-r4xe`_N7jXqfz$_s;$h@Zs}2VHfx!Hyt|T8&i8E z$mfR2Wrfi|EQrPe;#6s`jTShFDZ^-gST)}SEn}%st&Bt+3O`>Q02WH*1?Q$;YlRk~nDNfp{CSJ7FNZs|vSmBk zuSpGCl86Q}VX#mWmxkOfpj09yZKhe`t3iA*$Qb)~sM%@msFD@rmVi>5VkqjKK3;JY z37NNp3Q27@zx;U|DA1ajungpdN0+fUSi~~Oen0Mth=0=aI31B3dxH;g@9m=%`&-^T z8*Uh=s4?y4ypYxMZf2?b!v`YsBf2zTCQ#Rg{yE_OD#bARJEtu3r=ht=XE>SIQKZmK zqDh)34=n*Hx*tMDm`JT{2?>Oeyv6EnlvjTq%oy}$`XFGr$`Rm35|9(L-shoA;?@xG zRCp?w5q1PnCK_1xuE|R@@mGZN8uoz#4IsffaS!!DQC_2T6U(cnTyk%+4m2V+AAg?$ zj?fltQPV>BoqLMgUrw}+gdRBJeThhQ?W9mRf9p7Yi(|5^io z75GGyRuNoUv$kYuUmI$4*XNqirKA~!^n&1OV`)F*!@oVSlf{j+8sR(dh8IaWU^U`_ zyPsYR)~NgeqgA_SQb3WZnD;ES6{v@VRCD5;ChqWlXCmWZb1}nt*CN+i;cDc^=6k&oY3r$BkT6|tnjN`*!_2t zIzb2!LTcVEzg$VTky}dxLfpou{aJza2879Yiy#REITj0L`4|>@vT16p0xG0hB2-Sv zfA^Q%WNE^e4gzHUbf{V!!)r1)=GscnZiN}Nu3M9pAFj)GU+3Cb$CygkZTCH@v&&N) zN41FpeZC-na6x^d)r>MeLAmq6+_huVQhb6lZ8-+ z>i!+b-_RPV;)a3edp{@HcvfD}nl~4{SE{do*CS1nmH-rhREXbkeC#z*v32p&RHlTf`;%hm6_$X^EGLvVBH>41miQ!PqXF=aC`bLg@*ua11YFV9y z4n1C}3BjCH8K=v&j?|Ubgs-Z7>ee}%5?RW#G>;9Wv~@#dADNw&!Ppt$L6L7d-r{?E^ActvJyh;1_Q&oZ(L6#j9-3b^ou(wRP2_;-B8VidL^+3X_srGQN4_0Kb&cjh(M;o*_}~oLD7M<*BS;xcsN{0f}~i z^^lT-c>F7cE7d-ieioE<8Ezi-;&A^MGJiqbI9p+CCSq&t?egClga#X4p$y59Mt@0M z>x6_Balch>4i7d0pO{-)mA-r1+Ln5GA!tbs(QzsDCl5wQK=-DkLb;5eMoZmGp$HCy z#2eV9-B#B`C!%Rc(R9ZBLTwLl_bSUUW{UhB^HeZ$ERoe~r)BGY)3pee zs@3xZ9on%p=svpdZfmg9zw<||JOuC5_$%FJetW#iKM83>P9wRtq>peu798$dqJGyV zB)%2TqD_r1$gkG6543C_t%m{|&7jQzmN;m;?h$clm6zL-pW&!DbQy*`<2t=SYQ+(3 z?{^q2%vi?XnYa=JRW~k<+oC!s>W)r~rGHSTL zW5tk|;1UZgYv1ML0gXRWBpJsxnOk%8-2&aqoEwYJNtO~xVdBR66H?P_m$u~te0Cl_ep(gsH8Vk_oZ$tG=j z^|U1xd+Dto38FtCP9$t2qLse9j^>%~*mpNAF`6L6Aim21qRfisqv$&qKfkAA{CQn^zm1Oehp@J^%at1b;d<8Rz>}3W7il?9@)>GU zX=MGNTvAh^KIB4+5KbvQcLl`fCwydScJ(KF<}g#94?WE*9>!sE-xmIz(dt6LD*}{J&$Z#7Bs_SQ1q)y;hu!-F=ZB#pv5U;9%VTD710-=j`oE)m;AM7 zW;6I|(1V4Iz20{}sRG;RBK$(s;)w0neCe$afw_E)4^~>U-ONRP?p@v2HW*4-COJYJ zARh+=!0({m{F@9{#yU5H6~4sv%2Vap;cY;1&Z#^i!ixB&`+7}i-lWfiIIYBjEAMMj zxtapG5KtwZJ`UnBy|Czp!}iGkfLtYbT#^cG^mIq5nI<{asGs+3B>xt_S;puVsbCKU&<7T)gom_J(5{IxeAbk?7Tesw0j_$3MNXM{X8qY4 zRxAQ&p2Z%_pllq@Q)vJ8m-p=N9s<+d5VFO%MQ%?+@dQK10-@(CKFE4jt#oZ3yZB?m zYH@}hg9CLdZ$rqi$8%lcaOk+_qTlAniosQAy&DqLL8wqsru(G7GMSb=l-?sJ_v(jN z?*+X_{5JrtAqgZ4m{#|3VL9;#k2p@o+AwHKUcPk*|5@v?0DPw3?ScT9qL;&u@?zRo zy^#=ZY1~-1(rAMScl$%c92#Gbg>Yv1wYO^v(y{$!WN%2}(3%5xpHS2x_qW__79wu|`>SJI($5lsH4Eof|o+`lu5MTC1NB zF!f8!LP$lqFB zF{{+6T`Q!+1w;vGxT4K)122+7=(rHWu_YdTm@Hu{0bkk=F`pM=>j->#%lD!m2lS)l zA|0GTGlFube|O}etPEx!Q67Kpv>Y=LzU~+~Udw8T0$-PKcjSQ6SSm8(9QWcvU6klo zPUFUpy=I#|KrF+4Hc@RE#Nt3hj0{X$A(BJ1_9iL`S{aJeoMzroux|q!wSTEf*fD!qAlu9MRX>vhgtyv zfVJY1BN@1Gy>1@2*C3~XZI?!=_ychyo)Od)4H+?KQAH<&Xd8}$07B4xAIUEz{V+Fq zy}UOHJf@Mdq=kfGqS6{bQNKK{NVqzT6nm534H^d3cZ_d;elg?^#cJ;H8*%0Kl*Vrj_xOMfUlY&~pNe znEqz!&w>yw6w?+$_E%Er;MkE~8J8rXiq}gKV5 zzh7Rv_oJ7oNf#U(4psQxgdjc3&Rgn&M~%LMO&kAWSqtNz&6{RrWJI#$uw#LGmIWr>&HPkqZG!Z-RRW*OcBNeyytYY1ZGFlg^za(9w!B8QB_mQinN7 zIRUS`(-<5h#cjNYTLeV+U{I-o{-*Xs&#fqKnmb_WL$xqXUlhOPFgFo}9qJXxC*st0 zv1=T!pdVJ@+YX`nUtd+^3%dh{4fz?_hJ{jg*D6my6wYX42m|ol9ancu?zc@Lxel8h z1IrZgBU?mcOb&jVp>r1j4FnDkE3@s=ii$B|lH)~hcb4073wxs-G4}t|9p2?5u@3#E z{?4Rm0u=i;4jAc)r#Y*p@->tM+&Fh}u^GoDJ7VXxF~8f1flV#U z63O0hd8p-sJQ@1&+2RYt*$)%e#59L7HZ?)m6uTnLNS|&sgaA_=+;*gTP@(?a>$U9P z4`qC1j%<|X7c08yeV6(bDWpPa-;;<4GuCHmoo1$-2CuS&?|BwkF)&a$U|fo+CVH%C z3HnL{6ANQqfD#K5rfzZ(lZ^9wds_m{UgIoGRRfm%0>4XSbE9BRDySfSpEL)b+>YoeGYA}z+TWyK z6S@jN@^iP9(X(sTFJ8gQ$-i2Lm)_W+U_e>ijVY){vHWVIO*@UpWtTmY0_1&aP?p@owgZGU%7P zw2(Zi5(!qnznn_z-AT?9RP^ zc$b$~pxhfJ&NSehek}e_VBL30!jO_YqtBOgFHH^)_6(vNxnIGi3NZP3#|ypoOF^CB zyR;2N@3IDzvb=aeVu&2U>fJ}}slf1S8NL6OvU}~7XAt}O9nS=))C1|Pe>t@2>t9M> z&1&N*s}1ts#SOUb&X;=N>pjWgtWU?mZ8y z_PPP%by!6KJ+cewsNOQSy4b#4qHA(P-e+H%Abv&&&GMo5uRQ9q5dY=+h1NGjADCaK z;#eHXz|U4>OY3X>Oxb8|_@~Ru@~jv zPJe-~(546sO#`d@A>j5*dee(e5Dwv_u>K}zO=b@8Tkri5ds(puPKlcmf%sZPVU#UW zb}VogD2T7(SXq@C%u52PjcaqMR+q`=6b+UabnM^Vp3C2zFn!)!8Jcmca5psdO9oV< zr?Yq?*>oO|90cv*cCLG@h(9ttG0`5Bn^k7W-#p`MCjQ8N@vYVQnsx_hCk=pO8Upio zw57s;7k+p$q-~nt`0I`srd=TyG>+O4DqU|twIHCxFoD|1fRC(er;xuh3^$c1;VQ|a zO_jk)&f_38-X5HhyJq+8sLV#(U~QqkSQxy+8WNrdBRZIsrMzz~h#P=8v@YEY)V?Cwtw79C5` zF}NMN5?-LC!SUyeM<6NFU7>W-*-oA2j>u7boMen$7J$)AOC_lnq?N8*pPq$q5DbV*r)hD<# z;BY0eU-KG~(x8`dgOzHr_peUb0kS1}@ zw0ah;>sOo2u}3fBGjAruP~e3EfY#M%RCO^PhRouxbT4)XrM_~emLl2vOqTXa=}bCw zQh}uJle|9H^H0u%`Mmip#>xy1|M8=ZOPn9E&OqA6$VSM|q=engx2`Rl%C+)#-SF2?OQd*h(+q|EN5XP$yQj z0L#?F;(zLZ=|?P57Ndm8pv8ji>RVDRK`i&hPYp|A^ZNP(vMjsC7LLoluRi&WOf%Y& zNjWz`aV>}!*Yu&>W~900C3|P^NfY(#dZFX zQsehE>CSC{h(s{lZpwYvs*!{b^95XJ%^w_2Tz^_+V?wh7n4p|?pf)*H5ah7eD*Cjj zAO?PvWx-j4UZ5PfOb_6&*@AwLR}W`+O2RYU7TLD~BC*qhe!}Ywg;o3Su0Z?mkyOO( zAnoI=5~io?+2VGcoPTG|cQF{UW(&Hi`hE2fzwp3;>>nJ)8!&&S{0?|$(*8-2Sw zjlWsc^c&1u`$~xp_-To~+QN+pSIQVjZupYl3C%4ZqkIT=L#$$6vfyQ|@Wef^{}!DM zYX`F>(fSvq76Ep;#4Gj+Q~k`lEm~Lg83E zi{l$Aj*KjjHay_1>;JQcrdf)0rqEDV|#5hRb1 zP%B~eYyr>Y4?6lfY}*z9H{_{VeyE>6RQxDC?cpJem^>7|*(4@pcy+Cu;xwVQ?w z10p`uHkfNtv^5lHFsQbGJYzV7(Pev^^;guDzvb|ZW?wt0!hVb603fRFwu(cwNQ22; z0We2_d)@BR?v0eaT2;Yji%a{y&Y`uOpZdB>Vcf%9yVL0i)xQ@!f8q*s=-ze)W0G@a zS^(;Y;gxjS6C*O7p~>Q@k?R|QE_TNHa{$Q{$7LV+3uG**K7QHXIkW!n&be0kc({T4 zFObpSI19{Ff}k1>C)-0RRSfd;7-zHs=ebQ^zN=Yd28|Zu$_IZCumyqnCw!kNBbQab z$qkpNvY7nzu87vDdjk3ekboT0%?$?&RZm54KMAIY=UCArvr3bN`@r!M3%KnZT^F^f< z_oxdw8A{onp2?O5LQMP?%%HB{-&@L@ZG-4Cbp6=JILTMOO>eKsH;D144e-&39t9nTl%;ng`a3h_nmm%{i3RvY{KX}5_K+Z^ z3maT+BoEBj0+5K_Qx;2(FmC=~10^LxmP4=hKh_;)842BwL2O!&fO?QJeGK&hZs^hs7Mv_@1sz|4Ss|l zb!PL84dzhE-SIOPeF2|S;Qu5Fl};kQxX9A*HO?528yoi8jjFt`!Ej7=8~>`A^bso! z)I@8gD#ZDN$~062v~par=Gr9OgGkX;jWrTEFQF%))Eg(iXFvloipVU~l?_Bg2r?1uyHy380gLxImqBRH)k)Fu^= zAhH40!AO=)ON+S5`P)oP3 zmstXUc;NfSueSC3+1c$m7ufh5{uoiSOVNM*|96*k<2vz9@P07PAqYhj(HkMJop_6B zna97rB~#PSJ+D$Y(wDN3@Q+}f;%j|3N0-mZs|-HvE@hNkR8^=71oItNkeCaM4{_WN zXaWL+=Y0mAu8<)h*^ggD82K-(U__C_nMWUDN$$zIa@HPKk)!^V0#*0a19`LA_@}S$ z0QW)?1-I-SBD7=9Jb-3xml`O1($->!x@Id$RUcR8!0533Y}IGG9B{Gn$t1%)Tl`qY zI@WrxTL`z#_qCms595|GNY!SoqJQ?dR~4)d>)}pR-=WWP-tQsp;yf(@oZXM5{34xK zf@oXtBO(ZbQ+(RY^e3v}C%9b+e}sjia9!^(Uli;L+0ni_TcH~+ts_+jAUp>TI?bA+v_`GAKujd z^1py?<$rjYG4n&Qcc4YaoFr#AP!q}bXRd?Zch^6m#e12!^+cNBiktHIYph&?Ptn`~ zmI&S=ek-AhILKDJKH=9Wz|Y9untypWi?x4mk$Gt&stkTEGt+OPKb18vJp-YTGWXv) z#N84b$p`5g=D@Yufb^y=(x|DX#1i~>xT)OB6+RAkb*)dguvY?rr^m<=L|Z8alwWw( z9p}bgDd55(n+AuO?(#bt8k;g(hrnvEH0@k_pM^TA1C00AF}H15?k~btTZJ4vpO>X5 zEoIWN>F>lY2UQVFsK1CbBAt;XEL}-P*GA<}GH$_3^%n*Pi=X{;54Yi-j3wFz{};lj z{O=uz_m_CDCKmHoM^d|!&KL!GL^`fmP0Z;i-_3te; z7E9#YI6tDD&o6aUmT&RX{QO#qYhb&IozrK)Hd(J7>-dvz>K!cNxI7RIETXTcZr-P$ znvo1Hvr%3jSiU;JL%)6UtDWrc;m0i>Tsf53QL$5DffyPLBMuL( z#J~o>q>(5Qsbj#%tPn!qH)$$r)B~G=41sXah>&9za^eA9`-LJEr>{JekQHzh=;MSQ z_w7$g?LePC17Fm?h{Yya(>enin~sFlcHEkT@Q+uOlm=+F;@# zYJbhW#ri2nK9>0rE+(lX)*48Ns&=4K+MCFJhbCmn<4r#_n-%dPZ(x6u9^%uqIgt#Z zbRp$>=5=27kJ?ydBDU_LaK5BW)I$vA>KIo;A??9wX4~mW~IFK?zcN!CR2eQDDzdQ2?<@2n!AwJ4q zVGP%inSCuYc#Meg`VXuW%^+EpPl&T)Z$F6o?|s67&0KxyQg13=MzaDoj5GV4ck5Nzf3imL_%AL&_I|V|}r_-mY@y-5m|| zZ(*1&DwOAC(^oG}+tY8^pfH^{L~+rgyiOIfmFBXafA#8MyB~G)q^ z6Frs$ekO|6-W1m5baKFAv=$*WU&?T31XwO4LBl1zm5z|Q0<^m4f@_tCI=B8Pb6xzs z&lfdCDx*y`8$XDveBn^CONr)Xz;@*Gn+gk>zUvl?fzHWBr{x9@ik)B^<{LNpT8K>{ z(8TZfV4?Gv$I8C`?Z*V9E{PZMGyL8bTvmAp_!ZY0nYTZdWG1DLzc*Sw+!x+v=LWg1 z2hA@&GWMgi>tPPXLPF06Q`{!Nvx_9y#nSS*XM69Fp_b-$kw0Yj(JDxeigY4 zbB)Yt{8dAvM8*Qn%!3VAgK-Xy88qi#08@-v#r6kvzCzby4nFoxUbX3G?wMwhn@d+; z%k{a#ioT_^Q-$yEhkkbh>3G(gx=U7>#;pb0*F5;ss6E4tZl7sfa#Pj)DB!|_GBL{q zJDHDyU!THh4U`0*-Wtp8w$OWcIl-$zRP#*kCdZJcWG(5N;HQ`doCw2l8f%x!Hz`|+ zhRD>NALR>v=7JPe$2!YHJZ%MLxwQO1WqZH{Zf|4&sPVL&ut&Tr!rKlNGPcs%9bXUz zy(DoT-*zWotNC}%jFx82Z><-7LbvM$A4~HZm4CcV7MB`mzuON-H6S-)oaFrj|C*|p z6`SnJ2K!hTFFvR}Q1I+(0a~Xregs;#;BaO^iuvU%nyWJVuafFO!aMl$Euc1R-wN?lJsiOcG2mud=Yp!Y0pu5(T@ zb!zumE*_r#4F=iP<-a?YJZ#bA`--YTEV)RmgnxGh1`OEsda)?l+^M0!C+qS3Bo};V zcTu+2)-=$cj#i!t4-8Z+OcMo9=Xi0sAHU8_utW zF5J9QTcy)UL)t`_z{Ux%YR8q|U#%Lsm4$J5{M}1I;WNRJ`a`hWh&btIj8Vi{m^SSn zx6N(@C=c|k|K0>ZgZlnppt-P~hQncu+F103+Mz{AHla7@{v4V(C(DnNF8iZ*WYN(u zm8qxq&sSkc>cj&Os@pdd9wg479uf5|nLpBkQOPZniKCw2YlJABE+2e=!QuO4)O9Xk z6kbJLWQl(WyiBGx%p8@=XNKc$W6uP1kq@{*#9jxpL1^M>(2Nxh6@dy&#z7Ek`_NSO zq1D4HEmHc*C{As9X`TZ9to&u5aA==6H3zyDHV7KNkU9Wnm8>eTwu(mYZ+NEK8bg@@ zsCzCziihygxLN=1qcS6b>&AePfL9lLueTekKw2Ln)C3T(<<%?Nd1$PMzMhH$F!J;R zTn(LpYMb8;7S~S~f3pB9=p~DvLQ_5h+1V_7ve8>m+p6k68&7Lh%%;O zBu7-zcctA~#8`8BL{gYKxMU?7Rc27z(eHDU*R6L^EM()d3?iD|LjX_NVgDTB_zg>) z-Si+MC&w8HjKCMP^6K^9`@j7#bX}>CT3>oM_oE}UgYW6^jQ1*HLukuMA6l_&}eQUd!Gm}ARPR)~UuHn%CH z*KvznN}+IX5;TibL+v=>{)2WxWdga}5d|MBB)tuVOV~a5rL%|tNkF#03S{Yj-wb~4 z%VzbYhHNM@^?JEys*9eVvIgJ5A-=m-Vt?n)jeZnPvkm(^@QBPr7dPDTvYeYQQF!G@ z4l)h_A=EC_bQiu3M6%lVc4AS7+m-0wn|FVEb>(QEf=>fQtAk)!>;JHIa6ih25%|6_ zUhh7;+a3{qJ4odGqp-b&%cr0bupi3hX3JFvkC?Wf&pMP~PNCC@pg|wz&4V*POS3N) zeCPi691ZX9->UAJTIj4+OS-fi?nReEkw#@R+udss#C3yB8@%fx$nsmP<>BvjID2`5 zRd)b$RuQt^62}17BV2#n2+0P=-=DT4K69 znzc!9&XjSgOlBI@-&(8keUizu9iLTXs4x{pRX7;&He^8AS~j^oA+I1hjJ(LJJ=^eK z=&2#t_WG{QYhWV$$8kY}=kna`bjQH68yBH4UfEa5V`OP~cU8)WRoY=DESEe@5T3QI zT{~2q$$+g=WO)>_2Nt=upnQ7^%V;>EvlP??8H?m&N%E7AXRpIGfq#DTcPtb@M-pkw zs9i6VL%^28UR+bjr+(W{EDgQSd(ZehkPX%3g~M)Qe%WR?wg+f>8T;)SuI*gCobZN@ zvs6Z&|L1PDX-w_Ahds@?727MtpLFh%s({QSgsfDZNV3kcC`@zIp?^=(e~eWw#Xbt-2{D$YD{9k!0-KPA4yZ&x0`1<@sS$|#B&P(liP75f>DG68n}?#-*fB9JI1N&icC$ci2I*7j}dRDt<+R;G+o^2WE;bSl)02j|g8~ zK+j!2cQ>hvI+paI$marEg^;Sp;VkdXliN)Vayi|=5w2!1O(mFDreOZ9)mlzm^7hBc zl%6XGxMhc=2uogIW$kojSVa?jj) z;~u~~f;T0dvxHntESutJ!Ww~$0sBv)bUuY38XRZWPCmwAG3|iZ#I@3k*DjXCLO%!n zd!sSnu@rX=o{_pC7cV-wenSy8vVjNwQd7r@)oAKY@GSYglt_z?ymN+u1nid2d5W@; z%jx}u5bA~OT0~*3tm4xJ2IYtPQ$h^p!dtFKe49U8vao^1=yiX=+={N5n zuTv^Q^80B7?QtZfW;L5fx1~C*A+-tr{=2Kx;FGB_3r}7o*RZ%lbcR3yfKp1rVJ=)) z&b1Z?^>5cKefq4po&q{RD^vmd>C1KVYNq+C5574Lte5hP?m%fer#sH>e2^C5#h}Na zf>V__MFl>yYC;>IX`Xe8T!=7`4_c^+g$o&r^xkostT0YNm}sJMSB2uCUryRrMZjJ- z7N53{5B&Gypr+vK=exeLs_81b+a|<_`A;lzk3bJoH#HS<)%m%t z-=&2&PaUu}vQ1KK*8DGVxL(M_cvT}grnCMV>t2GV_{%UAskn@pLh3w%|5 zq;MS5b1l6WXtJ?6C;r|WD5j+Qd!nY?%4UF#+hlqGjEJ@rT~Ptth|b(j4xj4|piY}M zRJyrz0Qh#h$dLnRuyf#^%d96|NQ#tDiY&}DDW=>AeAjYVSzY~c6K1hs4KW0w?j0;Vc=8nn74#y!v zCA4O9-1D7PW$};GH$rqG_6i98&f48LO!-spUy(_DGxP9%FnKz(-Hsrj+krPF_s`tU zzAZTh0aly>OOTb1U^J3UTeu!4=*FR_H9~{0D+Pra#C*}+%r+K~ogYwa3DE2&?r@s_ z&Kax^@DXHL*u;+bs4v>4pRKbt7wq+Xdlkbj9_2D{=gT(u9;7|$K9uom3jMI~LHe?2OKanOdKR3zbAy~0Gw7Fa@`8$RH!@UpiN(52&2 zhlN_)kOUBCV~vqn8KEO$xIfncTY&<$*E`(OytS|AfyGT94nbUnjDT`=~J*`$<LMJ_8bEt-u8lMI6fX0nQUW zg0WN1lEA@$H)4%p5;(&m5c~RjV@0gz(ryd~Rx{Gd7w>KfY$UY9FX14{pfim+= z0R--cIyg>g8GMiLn0$8+dIjjCFNqDE+G6B4J#<lnQRv|)-5=c^7B=hyxcc)ilHW>&xOfDWTS+$m?q1^9?;1$b#iPAD z=*T6yoXAStoL?O#^)AOr(>kP#bK)-!bun0)s>qfR!q3KQG0usA7mqH-zcUIzmaWCQ z!$j9jeEsZUmcE^%1?30r80-ilHP_CQ0>JBj6R@NPdEo?Z+TZ?BB}m^@x@^CbJw1QCC2mrr)(9m5B+B}l09Qj$*TUUu)^!b5kz{sytWCahjq<)1z zk;RRBD_LBLF8Y@LJ@XZwBYw1(Zj1j8{SypHTi-JAc(zkQz{^A_{P+GkbHQ7>54iYg z?_7z@zSVe zR*~MZaAovC-xY02WbMhGztV;FMN-1w&v+xcfw81-b?Wzw7dr5o7J(PO$MG95E*hYD zky2n{TChZj57KY5efZ6C%)3S|#LvO~T@2cMW<_wd*4F}v4>|E7ntjPWIRTT|<ZMwBx~WDNHic8dp9;JG&I9s^2^Xb2}L+V|jdmO=|E!&?M_Kk9$S0VX8k~ zsSl0ucc|uuVL>>>leu2WyQnsO&2y1i^#~_Zs9I_v=RtRA2Ejkzdr-p7To@_ow{KUTEQsPn#Gl>ADtH z`8Pw-Bm8L}Hjf+%G}BvSF%z#1*papHd#;~Wruysh+d6SPuwyy3qm)sgTvvD{hyO*j zJCo@4t0U4+Z-Q2Oi7bI?5K}vq?>J$bpjbj;_96*0!;jWhv)8G9(-YynnMQ0 z*<&x@fAZPzAnyOWzi#_9>mARsBkwJTNX27G_Ph%OmQ_2_8vh?tZ?P^n7Nm_9Tlw4C-!;COS-_}-soYF;fojHoRE`W;Mr=0}*)PMl zxTI=nEOeO=`c=x6|GoW;nWH@vKdgF`p2ed?L(-Lqw{l>r-S4CY2(!W-9)cXrzk2E4 z9X*ijZs+~H-b_19g7&Shxqx&idDmV|^emS zhh6Q7G4A!m%ZgXsMHRzjaPa=wRhuFq?Icj#jecneH8IyMiZFFB_ekH+_R&2dfj}L# z1}eMp&bQq{XQ~U0&V{jn-O3McHHPVK6|3tkh|6~q3Z#LGH-E~^tM{}%yeE#^7Me>k zQ8-i#_XTECXFA>aST66a(NL)T;Z1|AUh!34kD`>1;#IEhvfuMx-5x&S#9c$m${Sn# za$VZL|`{GuI?e zmti%(_@pdfK5`Q5b<D=epFrx}^1dsi-@S-O z8+7Y5_q!HgzSYLXzJ4<5-8uOX*+Zjnca>4Wl~nCGB-?z<2S8gJUxa{oxHOHBRn{Wb zsbdRe+qTO>m-nMjenh)!vF?0_`%mO{hj4+vU&j1}Uo6RoDn72gg?E30L3ksRFDAO` z{e06SZu_`8R)LGI@gms#5+nsO+WE z6JJ6{-}->2QwJS@alOPZfalF_ChVdUlOhjU{UlO%knpaPZsqPJ`5ZemC@B){pTqcj zm+>!0hZ{4Fh!r`bR>Si}+) z1jl(vf}I~&v@TC|ll>Qx2#+)Mc8F-k`FM&n{iGda9W(Cqd2rxG6Nj1e^Y5KKWM8%_ zGdfaeS9v>%CIh{OE7aE5RChW(IR%Q#0F9B^*a>LeI~Abn6}j>U@oZjc3g;_%lqJdr zREJ3!*+SqT-C}@8=zUf9>s1*{Weh=qRq7!?h7YB^DNaBgZs3AXRif(wU>@&wWPi84 zL?vY^v(o&AYyXq}oeNoR!WzE67gh`iY!JLcT)BFJfbmRmD;$^t)u@5MM4KSmr*u0K zc10M7%&3Zi24Jdta4M#^k!D?&%7zoKYVQHCu@}3>X;?>rr>QHwVvhn7{|0z>ll|hf zneo+jU(pbQDvF~J2V+nyNR-+%!4~sCgZ8DHgzQ(&LUgk=Vf~7(kp;yR_bti88wlGCp$03>jq5m{t-R%ouV-SF<9 zN%n!Z- zA;jTEy^?8((@hj)=MIMa$RVwS`iy%}FXKYCBS5uh)dE?J*d@_Uk;pG-Z?9$m=hsz$ z&jbLt6IgG`mKyMM!cFh8pa_a7z!bqH4*n@#R!h6y5uw<{l$3E-wBItPzeP9jUpAFL zxT~vIBJ^j^y>R zd~llSaFx?~?6c2W4jw)36jsdVzgZ2Qdu#Ou=u=rCKsls^?^ON@wDBE!w>vRxBJ?{O`Iwr&S>2!Jm?NW4$u{-HSOS}&MdDMa^ zUULVfhdRr0u4qrS+jcn=FX4K{-$Ag@*_k_okK=*lH>*yI0*_CD3V`J1h3jJOiM+Y8 z<54=qP;EWwyt?Q^ZL>Mfds%8!@TTvVd@A3<-J#rE!qS_du0}u-VrjzX_%+$aHoYOA zdcUc86$2N4)JSdJLtzAJ0fE4hmOeF&Su-C@%+0+V-(1LWc)`Ye~S;dBd{-bFQci{eiaUf42H%?OeIuuG}T~o!8=!I5g83o6{ zQ_%nigrW|NOk#S*5(<^f&QYl{#n2gS+RLPfBX0igEa6|vGh|<{CY1I2HKJ19=F1wdy{YAz3II_nWx1DQev&X)7bPdNa5mGGBy+S#tV^&2bzCq*#e zQS-s3&US{-=UAVyn2vAvLIf_-jJf9S)KIz-0{+*I!eiStK~l1Ip;f*TgNKX}I6Ip; zbUwNx2whea+W~x407Lu=J6@np-R~b|e5B*<5HP79!pPXWmw)sY+FnX?A-zc{OLI0Y zbBO+0;%WucqBrBuEWOcL_(N_U{ddES54tAIG3=T}2|$*^j)c*=OlU(E$$;>Y|J`kC zT1L)vUCo%n4i3V|n=*aU5S4Pt0%133+*3LcYe2=uT_wA(x5yX}zgsD_i+}MNh9L`u zp~^%d`MFy*M4%~BE}d2UYV_63fcnH=q;}LrCo(RtP+_MQ_Gl7-UOqsC%>S-9vjnF@ zpXFgf1kRX$Z)>((+4Sn9mKfrBLIIwXl!3o(!%emZyRI-*-->1&K$7PbE&lIQGX-+v zar=-;N{bBR!)>1keWywYJog&;1Bp}OXn+=c$<|D6Lp$QY~=fx2A3mD^d7=!pNf=JR8ia2q?{UsaGa;0~q{ z5irSDWL;a}LbJFgQhN;IM8=lZxOdksF|4vbJ8I+D(|PZFQoD?Ueib@FeVd1UmfBlk z#_awMIyRMf$!l{)^UOYAaf% zv~G8z|F<@!&tcmbLoEvMD)Vg>MWg1?^fiaoKHgdRtFd6)l+xRE50savTbN*eb=m#T$OcSQd`@v-FdRdariUfR{6_k5lq;fwqi&Qeiy=(@0UOJN?Vy9a&PnB;&FeaKZ`!T z3EMV<#qY0AYm^vR6nT2Q8??Kb8MaIObaL9431te7gdD%=XBYc!mit$wn&#J4mqtL5 z_4*~>x|N!15$x{X@jFp?>8SvL2~Yl!+;oSy(^l{hWIa4OmgW;7O3dLy8a$Vu{8pY^ zEm+j0V85!u*|rZ*QA{(zr9$6Nd(GH9R`*0p_@DP?HwPS#*urA~-LB(UkkMb6wT z^0Gv@4k1$%A0@DxMD)wMch#4cu`W7=`%$$Q1@yv;j=ObIR(Axg|J^YHu2S!CS%ZT~ zplD-^0-4Y@3oJT)N@{f@17Q;-lhj+YK&CQORnO?Snb>x&3vHL3y0$c9ou(`@ZG?$` zjdNA$wyy@SqQthrxq(Wz&KjGXT2YBeK!uhntQ?BR|GY5{$_s6^y=(O(12Im*U!p1m z1_PXKX}4Lc?mr(-AnNYx4ZkWc42wx&|K9&racY~;_UtL46)D5M3!O*2#!o|J+z$mP z&<^-q+;e?2*n+zRZi*Qve>xyGbHun?Nw?ZGoGr_yfEs$H1DKXpS{akvM41BK%ZJHe zkkVMgkrk8vnd}HN0s9=Q659lPN&j3Hm#)adz+m-(sgZ;^S`bO`jU+a7iS%r3Ha>s* zF#dbvF~jW%W&A;*jPgo$jnqhYutmmFV?S%G-zz&8>?FL8)YSSlH-^en*gD!s>e#kZ z*;f>)2a_<l4AIsJ){Pg`gN8zWSOGFhIe;$8P2)_I6)H2A*Q-25W}D%k322S$jzq@B5$5 zRxG2~)Z3PMRREYPjD7LjPdi(&-e=oXp~%-5@x;vVhc9HAFs0X*vXU@fama73!>{Rm zx5>`&6u)X^QbmDMDNk+OaiWLdfx6ucn5HQ!Pwzm3{kZj&L|tcf<`L*Ba~(z=e|3|k zLXEwz_N?j3&Lwp&7k2#UruJ_ih{9j8+rwcWB7}7&j@6MW*G9@D5tF5ImcRbHf5wpm z*+O22#Ju*IHK=8qTkHK2BlKE1t^Izf2G2Io#jnJEccw!$vtNKivy|i!gUb-KBj{QX zW%+U>isbe7gq4iJoLF2adITK(ZAf(?G1jY>$6WCUD10b=wXx9CE}FWThDg7H9Ohb- z0La6cGCNE_a0$tASQFfll>e)-hsmzC){FJid5CG6TbF}MzhmH8y0BEu`&UzE6^HI- zUzT6|D8dro!u1^EGvwg?^zquiLR(&D_cyt>qRYRK!})dkbYI9vT>qyszfAsg{;iU+ zS)%F%0$Mc0b>w7^EZ+>g#^Nj3!8kt>*fv*ZQU~)P-?)v##}7Xou6ATz6v79&VyM|C z_cQluVS4xzRY;>0d#;t{mc!@XLD3Vwzjxa%=$#Y;ad^VuNH_!XrKD7sfhbh0yvU98 zg>TY`IO`#G&=q5DcH1eJC%!8UwMSQTS}(bv3T+=8Z%bAbQr!Av&Z;rr%p!_;ll?*G=M+3_JgjbzZhrbgeXJf={OJ${qs>*;udUOVGhpLqp9P`e)rQ%AXsCxS{cP z;{k-~-+Qh7?o<9N0Ji6Zj{E$3^Y^x;2Wx@|oqj)`&kU{)nS;Lcn+-mJzb6R4c&1;l z(l#5{8#}%ROla-8d9q-%vl=a+s}8k4D(K)q9xeniC}RF$bviNa*Q`~ml2d>uE&b_U zDYIR51M7>>?^5bnq2@-n+vCRfFfQpB?4ghD6ve#EP87<%<4pW@=_V`5i-KudBi9jc zueBXx#W>!-WO1T>fBpk4t#y}r{Mi_o!@;?K=q@^5WNLb&@qZ?Uv-oYY9HIhSd*jl+ zE_Y;j@Q&aj_V*@lES0PEL}V(ozWD$|r_9vHogeJ_2^?-BHZUu>-p~&pF=%c7oozWA z!woZG^>z4dGtIqxrAAI#2mK*E!$UhvNOC!uc&~Mg#}iuPA58XhS|N^jH6*tQ&}P=u zUjY98X&D!Jsb%=`ZP*W+Cmd9=YPjZM#MWIe|81RFle<8B(yPqASe~_CL~z!c&Syd+ zr$3$6HAt&Hl@f=9D$7Fy3cx1sTj#+Kv@qdWynWRY!`XhXn0~+YXp*mER1BOSJyW(V zb3*_V?!2x3y+vQ_rXc}3k^T93hXOVW_SRxpi((r<&MEvSM4WAZ#0Eer9oHDg#c{au zKyluWu2RCAt)%IBeafoXuE|f{gk_=eL5L4#Ji-oekQ(=2nV79rrH!cU96`{{Lybt^ zm0#&kl&?<^f{+vj8qh>mq1LYF4{-bOJVd7QcJ?t{!_*$4NFh;?J-t4=0T{D2QsLVSajLIlt($2l39> z7}~fz!<&P=``e;ahgf`llG^Eydr>Za)I%W()ns1PH*`_!{9fhH#q@t`i=9$0XcXjY zprfDTYsAa#c!vDW9Veil7&(%X>$Ysi5CatzYp&!#l2fqc-4Jb>V4CaKxYXGd`y#vm|t}xB&GpY5x!d8(5Q^&oU=_y$hY}Kv4@h z!w59=)cJKW90y3Bcw18+GUl(o1uFxl+sPacdH3J>CRzJ{h{Jm|GJRz|_BBP-bqM-q zR#nU}^(x-E27A2S%;eTPfUMD}BEVti!KQ}TD7OM{31016Qs;v#J`i<$KFpGTW2HB4_7>h9_6jhnT{vFxlJI{ZcaT3_I1f_Ada6S!)J~n(BF!`caHCH@Z z0oRxU2MPg}mxu@oaPE{^B}k;H)A6&{8hCn~RijG^DQ#>2>To?5e?2FTgc}ttr>TU) zj}w84Aw(Ki`O~W5sDK3+DMkA>h7???7}#DgqH9LGc7+FU5` zqnE$xZT|T&Pp~@!b!%-(x}Il13X&X5qbM#M*6xs1Q`GDXM;`D7BjH^{dC-iq3a(L# zodyqm;Y^V9!rN^CK4$}3^@8|5A3YM5oEu`yfA9a4hG&G>Qx%stj6&uc{! z=yogcocE=R?&tYn`M_(#QsN<;kFaS@*(*T)w~zW<&E?rJ_bloIr^DOm0woDt8s>}0 z4aM0VUVfuGsR$R-CeVtNX@CHZc6@%c0ke98fvGj|SKWd+N(GcqyfkSa9)@;IAJ|cD zsFCq1eqVAtSlb5?xa)0DZt06ENP*4M@}2V*DIS0pu?gl4;XG_7Bf&4jNFP~+q}t`_ zHEft@O>H^+7y%zNC*V-mv?{-NLjc#y!dJ{4NK(%Vnv~SHPBMAB^73ua3x!gpn+(GL zEDY9pmcv}=K?p|D$(DmvU@qs>lRd0;DtrtCy-np4!|ZBDd4z|2k-^j!$Lndcl(((5 zrbUHID6`Vw%{QhqA0lKV)kzX$k9UZo`eb;jSG*C^7sI3(iSh+4owOFLsiE6YpJ-<| zpCW$){5L!YB!c?m5Eaq-MT7YC%P$Xu_*+XA_v+0F$F{bwwo~`@n?6hvp`i2C(l&|8 zR?PI2?(KPJB(-O^kob)k^M`gSdHRHGdVNTd?jeS zX}I*gI;$_lfqF;>9-O^!SjQcrq;uF?B(L;E?*f20z?PG3&)K z-(lA5XG-4&Y2Z=!c-q&CWaiQJm=mo;F;I&c@DKNPMO{iNy%ZDY_nnSYtV5S%;8qn0 zaSGIM*D6$B-`~KVHMSNtrgK0&Awqo8oZM$VH1ZhEo4E8A44c>ihj%WIoiC80als-oDd}#}~*@3Xu4bKLLdOEPMVp@XSbmuD(!qg>?(j)d&<>3Hh znHeII6%p=En>fd_0A9~6>(9#fkR-AYH30NF;%~q z4D{j*u;WY4^L}0jqNDx6WBl*MSKZED+?Z7DhFUPq-KZ<_eaQ6BA@?qJ>?UpB>gbmMxp$vf#i${BI#baOtJxs@HgDqbqcVdQu!&a}`8em1g_ev>rXb!yJ{8+KkW^u7d>3C*Q#)8IY$8P<#pC zQI@}jA?yW8KD(8juzXp-=IQM@Zba%3lRi8mDp95Fi>#DX9DvG{5MXa398gk#bb zq%%P8ulevuC#F1pAs#6%@&bjue99@ynnrF4f#usa67kMX1CN!?NnCzAqfJ zX9Yz)dm|$_bD~BI&aWi&q8W;7EK=kjuNb-5gbsZceP6H9HHf~ZX0Hkm0@L!50 zfh$o)Shc@>^UH%bo`5^bbfB(&q6*W|jbvc@1A^+FAmBx&Ws93g_!2Jf(L4KakF_E? zFKE`?DL5SOB}=*gFV0M1aynamq2M)|b0Oi158YB>&NNybld-@5fAI232Wl2zpx8g< z+X7u=6B>tIZ}wU?QKJz&i;E^Y%YB|k-IqPN_$R&q%7q&aoe7Yc!eG5df|wirNpRG2 z{M}Z2#D)^`r|Ayzl{0Sn{cL|^yTI-7(P|7j{r&t?yKea*%&e4`yE|SJc=(rv>7H$9 zyRc#q40zC~Z0g|2^Y!vk=G2&{A9;j|;!w-`B2`X_L6qJP#b{WE0_9|q*S-tHXR;r)NAhAIK#gR)8n4p9VWF9-H5YXc=Ndnp9&~N*J%q}CH zUSUD&!+xG$HJB31mL?RMFd!3h%Ob?MqFkE&vtpc~y3??bx7||G%jNA}SOb9y)5ls$ zM4(Md+)zYbD$WZxDh)+zrJb))A0CET*#hBS) zwu^jV-+;nGAG1D|Le;tOoN4{~>YLNubi^(<8>8+fANe*4XqWx4*+nhPHxaSGe$KC#ha?Y{EYz98`= zR5n}2YAtO9j5Q6a<|rGSq=0PpPCl6=Pu)xdU?Wcj`s6skSbNx`+DNJF92GdRtQM1)RVXrNc%O#SgR+G6g`Lf=yL940uKVLWn)3!9S&!Cy&B}wbOq2^suc0>Qbbb)qw0XJxE)JC%(5+dk(dn28%5VG&@2b-`Vel3)^MDhsL&; zuk2gmCq1bA?dlPl{alc6s)EsbOyt^5%x6MpH zaX;5DUaaP71q*U}8F9T1vK=)lfol?DZgIV+d2VU*rhebDilQC{gjg6XLYHs!Ct+n&UauL!p_3Z;s? z@;uL~3$6L{2MOo8j%l+)kjVb4b&`^n>vPBE)A0fa!y6N_xhL||LE%+FQ8P_jHfm5p z9*pler1ZLN>p;?+rogB*3>BeKaNhOY!kG%?U`vJo<=@wj9^}{^2iiBLR?dpME^UH} z{JgrCUure+u)piuG4w}jUJv6ZS)MSdB5(P*QlI`bWT|^8*-8~Siq01d#kVwv!t0C&{i}!0Ybv2r z^|iWqe`O24VAHY2!y`Z20wgEwjKWo~VG1WVsrY=xXdQt3vbK4c>(PaJji~ zuSJY3B1Sv3$=v&n!~pmL;IP1UBVdEIEar$6UgkjBQk?C1B zxd(Klg6Tm}{-8|H*r&o1UC~*@N<2|ydbvl|IF`#ECa~p29ZjiUaca{Q`XiX;Yks=Tf?90yU9ZT{S^u``XffwEuPjZR@_pRd6!EnHH^4C z+5g3Kr3OB|W^6Vp_1ZfJ*DoErv!}4vWI*j|1bAmY=NdTR8|$QPNy7M3I^Hv4z&%)4 z6QJ}YCyA_0iTC!~@4P&6ov>3~R5Dx_hjr^?Dz6>L68J*9xZAFD8vf?&Yw zv;XmH#Chd}J%XEpIKls@wZX9;;#WW4VbxzmKU{0bdYwA_vF)y4U7s_i=2AF#B4NsI zXvlV^#2WOj+{C<(z7LmB#H;-hyofnUJ(sO`xxI6TyqfazkalvF`P`c78WxA1_-gFe zQ|(NC6>uuvM>RpYpNjm*ci@6*wFYAujsoc5vl~e9i4_;>y#|L#DZxMj3~!U!gXyD9 zwDUpH8#*A7vANEtVy~O+vR=#Mj7<{_rH-ZVov+FjX-TgKsx)>u3M9i^->)2(3C4Gt z?445$0?0hVtW%7Jr-^dp$EIjUS1P`OEAM8L0(4%~p1#QIb*0K@jh{pL?i9vqMtf@x z-bJfCUHhvK6NHVg@>yEu%3$3gR|)Z50vz#}1>;vX5$UM8_%E6IdS4ymwX-`Vkskka zL}DeRN|8fzRIv~HA-jx9 zp48P)rt0q=(RS-g!GHT3a3F+?8xJz9HhG+dIiq+$D+s~D__0DjW%Da$E}FIjrEYH5 zH}Ar)XctWM6^iP$e8EA zUiBoAz+6*I!1wIqa?IM5d9) zv27tR`&>2q4D+Yq<`q{EyNw(9=PJ>Q{TPWKsSk(bEBYJauy9Qr{%(Ek+cPhTeSDBd za#%(5waP@R4Y1K-ccS!~oVg+D=^7+Lr9csP_@4)OB^awqAvldvkSiI}mA+IT*ZXMl zdIQ|66TfpZraM+IuBpCcoJ|&Q^#!To516TlM`J8(hWV_sktpdtHbm zlSr~mUVH-(cAqT+(2(YYk*TVglWt^gP8_zKyI^&t@}bRVhD0U1vMt#savWlQ#5gk} zFM`y6jqgq9PQrvO{LT4q39(Y7#jKsfhj~4sP4am7ifuiGSc8Y-Bv+I5@-laGnVq#m z%}vI=)KgzO(;lIQdaWQ-ZJu5EkYew+zWdEj0x+T%{rgWJyi?Q^G%D-|2IcEQnG1E` z+by6Rck#DOUlV-qTL=fb_E&u#79^2z0;llk_PsOdS!p%Xm`kpxD0+T_Hl6ss z)MT8syq1%8Oh-TO4($zUF!GofM0)`5Ijslhk+fVlBbJ4F4k5-{Ac zw$XTuCch@MN;DRB1aL!H|H~zOMdzFIQ#;0*Fk-7~AIfplak1U;j)pRSr%6N0KsGPy z>^|j3;qpC`g~`Y8d+tcQ97aHGo>&wj4s2iHb7Pw4C<~B3gU;ZUr=>%2fGKY-Pycmi z?~mmDclu2=sG5A`75lg;B|At&ecDxj{rg>Fv`tMqLC>4RqsC-4N8rn-2ek~#y#p+I zJFA3;qY!9RzXo)zMe{?^{Wl&LjcF$WzlEGBO7i#5AK5xjoA~N0JEk|DkO<&NG^xJj z!bNmC&#kXBFXLx3w|(T&)>8d(gEwfeV~G}B><-KS#UJuJeSKu z*xSB%{1gAyD-3!?nZ>gy%6YP_8D2B}8WFcG3UDxr^gIK@C&(uRHZ*H4$+%F|B&~v^ z#2C0hNZkZjxGb?d5kC+D*`*33-ZviqaxekDar5=ixbZGx7@Xj#I>ALa5engK80B(F z_htC!d8dz}5&;~e8o$86))YI;hA=I#Pt4k1u}^6;fN6@NY2AuwCjCweP>2=oote7O zop5lvU#=L?1xIfdaSJMXT5(b;EiUKfB09 z0lHjCOCo4JF+A;SRQz`b7%Izp=AaIK)W%Y$Z-za%=qrS+GsknZzK=Oh5Rpkqjr2{= zEC2xN7BfJrE^^*Z|NM@eGxps~q5Xw&CE>?P3|BM_qsw54$sAumZfrLtrvbdWaqS6B znyzW-aFMA6YDdut)~y%XHUG|fHy?nPh1*#^#H!Gu88cqGlY(P<0^oS*e1FOP7X{RS z|Mq?Hq*o<}-6r}w2G+2D6+;LARTlCHrly*Dg=6Zly|PeUU8mBWsNk=H8no%T1v<1@ zX`Vdb2s6GT<9ePP(4FX*#QNc5=oJl0DXV{LC6Qdb+?}YW@fuZv8o%xI3X7XI8ndUN zaTBY=M_50R%U|eT$qh%@Zo#hi90|_7Liy|sNbC7XEcEnmE$`&}`?KVgu}`QdMR=oD zhnOQ|qXrai23;;fN{EP-E@cy!(Eynep^@D7nBX(3?r2>efkLRrF~?{_-GQtU;gWNoV(Nvdi&`xF%rC*;ENQIbCPycD|v}@aD53m^Zl|y>4?2 z>~O=Kg)^DBJR7evk$;r>SwW!jpeEs$m;S@qC%efqDU)54>)`HKG*-QNl!alKQAQoHv;?ozFh}Pva`j zV#njBXU>?Fa^fgR$g3v^ zt*%zw=q9Plsn`5-BSY#yfPv1l-4Q$A-I^K5U?9iUe@;t3qk%&~d2Bx1XuE`eE#!|k zrp%R8%R5w)F zBK%bFuaD-tP}4sq%akGuB3~-uw(q zl#SS#^j>&#qBiJ}_NE{;J3VI+MYmi;2|A`7p2f?KkWzkN;sx^xsP{AQ)tZDCV2r1- z2E@wPbTzTPg}IjSkpUYy9XYaJ#o6!b5zpUzLm5q$Y-P_8KB0DUDZWKbsCqn;y3s{D=|v0?_A{+#vt`MnsX8o3pR z_MS5MF5R!E=1~a6w#f@l-+wX9pPlaHmd9Y|Mr~3h+*g6nI*gq|H1>Y*ytnMvNoox= z$S~cI&QB`x6BTAsTsNU^@5Hn?`Jqymk{);ePy0=Sk8I7zN_Gcpy>dhui2-EeRKaiC zF;O6?pi3(c8S7T|)^PW{@D-s&l7k$Ltx-iO9!O*+wbm<~$MyVIkX4vM0|$GJBqvRN z! z!ebwKay?ix7~HcZ^L^J;5#Eso8B$xfSY4~uezq?;@V~hblZ?M7+^Chnuja0Ori0Xv zPH~*Cw{d6&0meFz78@@5n!T7&)#JHicStJjkQI9btINMSx(!m&f)ol~D+=1+0gtB1 z6TfX)Ov93&!ILVCO${uJ|tYi%0Wt~_bi6Am{wsb^*y{u%c2RF zq#E80Vx$Yo?Qs9zur{LPE6sKb?&J`JvkjkXZ$V_dqp*_Sq$|<&{C8+}Oj)o!f6ywm zmi--Hlkwf+0YHRuzvetN#A%af>^i%o;>%gc|6A&j4n*tA)*m=;(v zWIdOiagcOYsUICiq>???_dEG5*_kpOG&TBB^l#_}S!hVvpckK6Gnfbpmo`JOTJ z6RvVa2_84ACjaInQI4s<5@c4va~Q+anO;Kwn>9F3iABG$HLN{BpPmW-W824ajjo-9nOO^(4^acH76B%#pcN(U3U6vw|n}7oiB>u1-kC}-z`;?S|hifr|IRf z9Qf@JbP)+dr?KbKd<{l@25qUL7Y{+7Hza@2px_HXTsdVnm(%RdsYPR-yiAb3N; zr_%%^QKiR2m46$Qa{tyQzZ8MMlbN7ROXcP#v0L<(rMc;lM{A~Ov=`yG<93Z@B;SF< zkE1-x@*f8JmO|3i>!Swwbc4l81I2*1rHBN4BkZanV-Ip_RurTeylyv>Oe~sw%DIZsRjY=iv8~M6Yynv{!FLICx zaZANdfPnEj!>9p#{kkY_~DkILY6CTTEdFB*t6ESI~e{fnH}`xh2LJRW~Y; zw5?Az{&Y+uYQ=a2eYL0S*&>;t22TT`AOZB!IL|_be=m@h!)8(!F4wEv((-5uYE1(l zbhV#P(w!fCoYyxlcrE`tzSUkY!%C!&PR^m0fUN#95Sw9~<$nV&eEc~S<=AXx^$te+5nz1eezvh1I zq<;AR`9G_0K=HfZWZ7SfGUGqpnhe>bQA$`5mF~>SED8Y$XC<7!;PHLQ5fH?{U2%P> zwYYyd0cnBGWFWt(^5L(Dya0|CdzKEoox zh}%Hr!I13ctNhlh(DwDUYGrZR z_;Z{jRE`|y)eL&HId}x7;%oC7DD_1xWp17ud;u77D!}cE*`Yo&MaaZBfiHDbiXm1V zTe99{lR#u@mANE4AKyTWmLoo2o90LGz)>{9d2pQ1>Q1kwx(5)&%GA}!^mavjm@e+A z_p&@B0MOyN;n5)UP{+Uq260S4u){n^*1JJBUut#_$W^HC`gpwO@W;@D$N(1*?btU z2VMK(HUE?6vt59TDLezA8*y|c{V&ACy=M!ldWXb{_@fn+W^e$CzF0W69syL2hM_Ak zvD_Ua9x8T9K|)LcFP;-%Vd~g*W7@96+92S?e)%0`gdUviI)aPqZ$qlcW0w(IS7h?l zgWuIs09um>dA!ujP#W_5JGLevR+<+))}!t@CHa;=7dH*B5`@au{k8fHnX1c5H9se-whv^ZxW z0SNMCdRBIumi8#K;i@=bR~3=ehd`T7WY_8H;t~{bviVjoEH(I6X6v-!dgr7BKXwgC zbvE;A66L-m>gzvapvkkUMeSyaG~sNoEus}fjwc^xbDZ0E^?^6&M1ABTqM!6!-^7;+qj6*>OX3vPC1(d%8iExQ7% zI7~wH4~El({ty7;Ko4ypz2#C~j|E%hEvNIw2uJQC%mUX)#<*C z(0eO=ZCelkZc!|89tOMR^EZR-OFKQ3w`4;W!Q<_o zdH%zmN_p%*9%1#mphsVckM8nrV-^}fp@TJffG>>dUp}bsBt0Wqdfu6?TOc(-Pb!LECF>=SW%(zhZbGEY>5^(zI5lv2tJB~A1tfIB*6-hD1qw7k|2tM(rRA7XuF8%Asmqf^$baYcv> zFB%*3c7aU_q1j!`Uu9tkWjB{}0lzqhHtSp08JMzCJtxYZAEkD1DvF(s3>H zJPy>T|JDYIPBCz{KkJg8lG+z9JQdkonSP%FMSt-t!UW+O>=g5AO=pMLV1IZtC*VOu zE~sItugNd$!r)Tl^({Np3QTi37bID$!IsXRWqkS_$tLiv(fRRYS%Pg;4Wts z-OyM+<;OFrDg$s~uv#FPysjbfx@2@bVlitfyGo2cj0!@%xSo~cIWa+b4b}+R%teSr zU2PxyU(Kw0>26Er4+xQ{v2vrg6&>(JhkFsKz!IzB;{o)99me054&ue@kBosDo_&+s1i?ZU ziUF?AiAK=$5GjH&8B8FR{w|R zNU2k={$2j%OOX4NHsb($baB1*v4_)ak#Pk@7Qw@Xd(LNf0s?uhBU==T9e!2$E2orH zK64C?GgijcMe?Z$4anWXzB1ow!AlYpEDC`a{@op9O&ESyjOng(XpC7gsDuNe)2`aM z874b8Q)X9~M8t+?Oh>+g#Svoayh#Dm0`rk}9q9hX%bVM|A2OsRe-^y_v%npBJ)#I>-1@~Ne zaYWmVv0PwH*B5m#xVctAgjW|#X|~f6cGzrpl%u(mitf#>zdVV4ocQL6h4IA{?3w%U zcumYwYz8}(DfPw)d^=fMQnLH%;S}mH(vilQosAtsP31>54&I>^@Ne3)FAaBV{ z$6|yiAM14(FVOeR>jj_HW3@P`(;D8vdy}7kdPq{5l%7&c=q4E}L}Y4BNnFu<4bYgm zqRI&_fi(gcw^;s+=GImb*;GSZ^?6BUH@QAY{t&5%#0Xl}tcnIv@qWE;nw>=Fu6ZG$ z!9&7PfSsk|X++UeGXVN4SX!c(cbcX~*McQo>SUW<2M#dAi1NFp$%1P@c@uF2WIGZs zdbXH;f^oOt%Ae&+@=gfXQv6>MfIcR$W`{Otr&KHzn@Mhpk$aazTkLp<Dx*p9MH-7Zjtza~FO$8yKT8rKd= z`r^a>ThF;G%q&SKv6R??{%V*5F|d>p8gborG2DS4Gb0k}d|q3xc|1}0)Y2OOIHU`m zT>v-fzh$j|R|orY19e=d)+3v3a&;V8!eQwyM=x|E)Vypgfi-yF-=JlvzB52zc5Vw5 z@3g7)%5E!%TU%))2g{6gDo7)Clpllwg8U4eJTEWsO^b1MH4C=bymvKVVXp_q=)ZPN zREh{RQpJJs>hxr~4@&yAuSHiDCER*u=|9=BiXo*nO@#?C;gKRnR>lwLJaCWc?`59E zIe`@L6P9L8R@qr5S$Dng$vJz}V5A?{g~wsn_hBsrEl}XK6M+V_{5?ispNjq?mVrwM z48Imw<+gRi4|f9JQ2iZI7DyF+w-#N6$l^j$Dq~cWWeIM<{;l{R4VaKW6bFOCRIN;XCP*%U zR-r43JdMP^-=EZN=%xttrLU@4M!-|G@;@`p6VuhNzL-1_U(EN`mI-+(xOUTm8!6ssj2c-f~ovs zsBLJ?WnBzlsz~zFy|kw<&GOR-H$~KcMOKFo@S@%h)FaB%oxo;L*|EIY4aef`4e6WVRr-Dsyynz_N7a^V4MHUj(7;64!xcfJxSef;9| zXJse{g%^cXX}er{yuF3u*~^tf&+!?++=DExj1#Db;?*rb@r+#!m(X|UVL0qMi;%~0 z76qSUOKrO|@5g(!0Wfz~dwUe=5tW!h+Y$i&MD^+bpQEkh{#wc(zd#Qr)_37FRQ!%k zu>a0S&2V4?AsE5Lr)@$wW-?W$@$MN5AQMMpjoGvJ=yY=X2e^S|@oY3;*R@c%l8BVh zfrGmU8``Z>P?Y9z*q>~`Of-$?41Z+-QPx#qJR1L-x-PEv0#;`1U;UwFdL*V5sqw=V zcRUIxhJ@QD#UxDa&O*@vJ~2TB1MQZZ^U)})-Uq7(8|s45m%X}y-jlR?zh5UvM9&@> zHu^mn9+V}HFP&j8p%>&Wq*gc4$0(gVWi7DHoRd>*_Vw6IuC~CJ>-qLhev}1urO6Zms~A&RWSN zp|Wi?BCC#f>_T@ef!pGZq}(>jz`5|a(&4O{J8lJEPqcrBFUN6R!*0Ompk#U$Q}og}~pZH6`S-r*Lc z9RS>;Iv+y6P{rHj>iL;1t&OHf8Qa~ zCzq8Meq{c_S6_@61?E6jrFwTd5G+ORnJh?Ay*>&C!R60~h;%gMr=dNR=?5NYvLmov zyRgR{Z-f4bh&{0DpOJ6r$e z#1`BeyTR^@;|h0lbfTsGfDWTeqh(=^v>NwnoU>SSQj-E6M#TR5>^uEEhj|AS2Y`sy zEG3%WQ&DK-S3Gm?#xC%{Xni-_Y5QzL{2|eFr(86i(tBhJ>4C6=Owo9j~!ptQjlTg{VxuaY?Dgb!j~{dW#Cn+^xLM0 zG#l^mt`n8S#9+4Lray2Rn)6t3x&5$3_nQFVvAnP*ee!$pd{MQhOiBONqkpxuNam+N zHrVv_$jlJdn=qp9>cRKlF7HUCzB*T92=QTXO}}HE0viuWd`N`vxGPp2!4B+Iu_#qQ zjc~Q_(tfVqG!T;iTipEoI--+MxB~KAkN(T6? zXR90`6M#*bM1T5>Jv9(gPPYF(JZ3!I-}zn>_PaWVTvM#4s;1~2i)-R&!^aKmR*4fd zD2LhcGYr?vgTwU~J1TA$PuyAn8Yu5XCGq@&c)3R#!SebYs(f`{yl2TNQXq3GA+P+~XSCMHU6cwHJcgxbyju7zSp1#Mx=OuH0z9~o z!~u`*WLXi9)cA)lq#h$p3k%TCPA4fgksWAvS&Td%`1R`gN2$68c3!!`Lk3DovRDIn-$X`(tK#^%P2k-*H42lCW2`W_E@I@WM9Wm(ShB$-KNdO=?iR z!netPpffMR}O(oIsaI~yJxq-)ctol&pncy%T5^rzzDzA^^*jw1Ps z6!roKy9iowhSR|9x^j}38`~?nNos*aA~0*tbLw^d$5-6u+l|FU?OeF0MZp9Od7V=K za$)ged`CqfrKq~EYTptTD-#rA*mS2b^se0fx1!sfDB4&i) zJ}d7o#=wBBSZ;rZ$V=|^$daVK8p7+xnmEl*L;BS8V#Dv-qJWf|qQb1VjBvL)I}BvN zy>j%t>qJbe)YAHz-6`NT0wh`VYqs zsP2r@SPQbf^39AA;|Ah`+&pBvWV|_U!8!l-ufA%IB3dyW;i5x1x$4Jq5dqSgsrxu4 z!QDlfWP@iX5*I6UKjQeTP*3ani;LI))6i#5;aA;uPVqAzf>j@w6o@(YSx1RX_UZs| z4-Zizo=UWYpIq6%J}@S5>j9EowBqykG_QZ_!H5nXT=e!Q*+gQ6P9Bs#f9of|D)>7a zv!kEt6o#nEJYG6I>WwvzT2cCj%|I@BsT)XRoB}FASjv4bf?Lk% ztD>F&RgJ6*YLc&yEhH5g#W-wHwBO&k&g%>D-&XtufTeAVQiklcj{G4i!0U^Ogu9GL zMVl;3G$KvmwCW4^);#(9)4=K1cX0bm_@DkN7CY=0@q$-e4j$Gj7asZ5OWGHi8pGnG z#oQr%{oKllua}me{nDT32EIgTWvg+8sG5zvPv^O9Pxm;NOOcB$58SVtRQg=KhNAjO zKM%oE3C^)srkH;o+UUuAftlQF2$SA&KU}!|k$xL#bZZR0UL*2RS`+x1u>04WTIiYi zA7Y30nf=CElvK2^Q8V3#xY1d`- ztZ8UVH~hXMNDqEKhrb&}iSTc4!>d2ca9-I{0-*tONeV>3u|VY;xPxU2Pm}_)>s86k zqRCNUeUY|C$xZCI}IO8`6#>jsE*x>4#zWIX* z%8UgTI`DP8msT$@abjE-B*+1E9*U)-p%Q^iF-->I^~WMEE8JkeW|80?S`@c2HKzOC zRo;8F+uy-O_+61(e%kd%YY+GXw3R$Ry?uAQSC|;^_B}61Xn4tOC$7B`LG1ZyZvM;8 z=J3A_|KZJ8nGLNV6jL&&4*=%jx65o@28#!W(EmO|iQkc?db_oUOMLTBx!ewap~>=^ zk#|nL8O(pWBuZKJiQ9pHc-`8qK2z&oFnQ1vzVsZK+;n07_-`G=j|hV$@nmmJYJ zz&7RdEJQVu^3E+N2y7e4$%G>%6U~gN|-L?GNM6bd?<-v`UV!VEs zVIueXHGNr{ENl@3(6PbS3GXdA08>VIUdT~sogulgP(Ocr*ah!rb*xYyy+rYU~x z5?4|(xq!%yio%ExmT~{~W9gk1PSH0Qt}i>oU&hoeuxo}vPEz)qe^ZhBoELb-tnu!C z39M#+CSC-Y{ICBL5jlrj{%`-CTV5FQvq%*A!zuU4rh#Ao_P$WCxJI>YVELI4wp*a+ ztky9Fd*w{PoQwEr9jPNr16)oJfo5n^VT!f{)RX8gG@6GORqWsveCxD|yZdJ+0oVWS zMLOvFuwOpvSMmfw z7k5`HxLgfPbZHcw=+#pfuc&FC^-lYD9)C~)x=wXPS$#Q|%akkV;!jeb5UhRdi(3Ek zu8cfT+P4c+IW2cxitcblFt`JyVLr*dHm#6iK3MvhJ!p_;b#kTqIFA@Z#W)R7cpV1V z3rLbYba}8_DHW0R%~Ra64963+xj&7Fy8qjESM)IfPbPGRzWQ*KRK3olH0ah=yISe# z(w>JZ!3nBIHP%bpXqeS|zYcSKa~&faaRG$1RqVDLVoWZRKfpZiBu#NNMFwt*0~tzY zLq3M(P83(ur$Z4OXqun1mEc(y zo4F3+_0tuQyr>Ni3~--x%e&vaFB7@D{kAcd2dl_s%%uC80GfKfupJZVXRE-_iHbbn zJp53j{{4RK=rQxu07M^rVjBF+j_CFC=Nm0w9M{!`zU^UWjkK7%6Q@>8eg2=$GVG1{t`Ium>w{WH1xsSS|2%3p44Hq0$ zYWGU8MB7%O_*mea2pjAKo281#`R|-AALli3*`U!T=%h?JSW;?pHUB_GMm845rG3=c z+#n%QCFtbod#D=M$cra~;jYprP%IE%$!R3d!G5TXYzu(8R^z~7>sgl6b2SHam_R5_ z957CsgXL3J|NQEw-Cq5u8qi+w21X%vZLhC5m!6 zBBY{3a?V6ik$8DYbPt00tHIh7ya&Gu=PP-2kxMHu+EmZ?2IzFUAH#=xZk{y|mCWE3llc@*@mveJi4&S{6T+cc>YZO4Eil1eHXvw<6)XOdfBzFh{Xx|B$>-k(%cPiAc$_qe*N1CGo=uL& zCb6py=INFQIdqiX^|NyK>(l?fHpFuxDP!SBPsajue2lm=6L0LyC85V)U?dj(KpY+W)%@4VLO$F_v89ugv)QEU+%BQVVEg&HP(2;e4XI0{p~+f_gFufB6` z7)gAQ?d%+@)cI8Ydf_NGnX^5Onciq~d_#&B+;IZt`Cy#idEh`K@I7baL0|%_&%O?bibPE0yGoyg?MSfwt`KIx0*p+e}#^n6C;_vJe z7`+YoSBta#zjm~1O|T$nOu(d})JhwnOk&Lp7R5^!1DR}@y<<*r9x2h8B0zjzEt_a( z*LjMZhl{F(i&#u(?`0VV804em5aESyFOp4fUuO2&WAkG_BZc1>(5v~I7dd*gwT z&#zq9@#UTGlz`k*+`yin%?31o+ws7L``qcIK+8tHDRp=;@FHT2@~@ei>)=P2&m5U> z9tb)OE30F&A@T<0B4F*5AK~Cfh?xKi1R}4tO0=6!h=Vyk`=79BX~p@UJ7@o5ldJeB zE6T>t*Bhlog3>2aQ;ue1!y?Lu6^h<5K$!^8Cv`>}+Ah)8CrsLvdv@zAqUreG{8iTU zZ$BuYq9<5Y?hk%W3lPiC;$tlDhRn6xdT7~a{&^J-vK5i~|8GP4wqYuoAQGWcct!ck zv1PwBJBoN1e!H68F9?!#*-dA;U-~_>KHYlz@s#EUoEN;A2`1zm23+RmiY9=|Eddp` zii3t5_IGv=`Ah?bOcOID3;1a;!LSDp`tJ<=Y5T3RNLtB)pX1{7og65#Ii0^dd;OVn zNN^KaQyG{pi_k}T__qxjBBN7lKbaJPbLE+6y6u{HplEKp?KVS{!gAE>&~qID)^O3H zXo#Y$Y(S`*)@3+I2(*6g=@o|TIxOrn}P0@H?Fc#~b5gS;_f&+4V9 z>RW9vz5W;1UYVF*e$7o8_YaF4m)&1f;^hVY=I6jdwn;Vik=g#@F7cG)?+!T5`&U!g ztSqKaS^p$Xvg7|W8u<1Aw1Wn}A9&Cd>oz~VXf4u282&hXPrLE@V_*yQmHV)!6jW4d zTZ6wz+$|#bYmmO4&%A$rpF(AxCGZPa`Hy4XoIe@m(rV?wPm^L|Qol?b3`zv7g+1s~ z3t!ANX8K&40%CnQ)B8QLAKu7|pk9a=8}plWcMzNE3sF*{c)$WcVHdnwmi^&}ktX+^ zwV3^|QkZ{GgWlo=s`dZ!>`ym;ZY5EbQlVHDDVCukMUEj!?h9ZuzM&|}b@(qhLtOKZ zBe9i{L?6v^gE5QXKI&MrXa$3iKhfx;JKNAWZW#XSV(o#V%`a07Q7c8sEwpFnr)Ua3 zXvre(wV(gtjP#Kf|CZHHfu-Q7VheMv)G((26Ys81udL-_-(;oyLS3pQbc)uo$5a_g2RzmA&i+{7!-&vqeFP8o zrD=&I#j%W__}M0QhNfzO-HGOf{q#ro8>yUBzJG<^YWaKROP|>21Lqeeh&#TZt)@FUdU}ng5@XQ5S?T7lo-Ad)ry0S9Su4(L1i)YZ@LQ^bU?=J9zx}JWKY9OY z%GcM#uGo4mSA4{V#B-q_#Y z2Vc>}0YLt}g!y?nk%G-W=;IsMu+}jh>3OB2lG&?f6pHd{1dnv*^}jQ$e|1_GQ5QY< zuo&n0f$5qxoxhQ!TohJJ)u2;zs~pdW3>TFpn)M4LzdM*DX)TM+un|xJLMDi2PXl~7 z;UQlaX;{3bDDzj9zqw_Xx6hRKt0_Cy987oSN+Q5n*4;;6{#A%Q8}d6$V2#a_Mx5OF>ml1w+5WBP{nY}=!Pgx80uvSp6pd2 z;iTa3eLYyHeqBBzi0T23uSN?dwgk`WBEueJaskiRJ_~ZVkT+J3JE}B-FUQX2MF=KQ z|1_s;h2y^*f17bKQ`;sk176(`lji)0aDGTQP-vL^=XHb}Pv9x{({KHEZ>a9U$qh_? zR7IQ|bl&w^-qZLb(Wcl1O2e2w!;_a#za;;NUpy+6dEk6@BzbbZc8o2^{#r~M@c;bl z-~A7@#>8x`ER0^t#hWiQ7-C}4tcQK4MymK<2s>v)nwNafNHw_O*T-uwJ<%?e;Jvu3 z5~!9zUN`X2WlNG4_^VTLeF|dwm}Dz^Xj&lQlD`&32sorGN)nsjVeqCb96tY#hva21 z`z<^5?NpxC7{cQ3Yy&Fm&EGnsDbPjngLylHiog3KoC`@F+z^F^^Su{G=htY(t_fzw z=kvxqHvG^b7r%T$FWtX05nwZ6t{>W`J}^R3ux0*f&{upEc&u{g|6;!$!8}|&rBAWR zI{a0dRt1HArk)2)A`a!()CXs_U^Ck3T8#p4P*VgLIdr&{qY1YItgFe819@Kni* z+Tjbgl|rEk&*Hi1|LFi(eS06r*!TFLSqsn@(42cQUb%|BO)37~rCeL+a0vdei~heg zc|N?Gmw)pRvg5(TD7hi2qD(=?$|>TE{SHK?o_e`viG!{C#`DE;<}~m(9bCoP{@Jfh zuYdnPo{^G8Qc4y06y+lsNAhf!Got0N45oN|H!9JMXp;!`6VUgQ)3Cam9z|+bN0FS{ zCpxi=?W?)j*9&smGbs4>V)H7Hd)*?_l~)3Oj`;p!W$vV}eG;H!N=4gjzXcWnTJieg z81*IWKW+FI6HukaI%F2Iwni9>)|YgcZ3+f^${nP6sUK=5p>3g@;)BPW@`|HcIVM4Q z82?ELMG-mNIyhok3@RBdQJ;`{8>HKGgT_T00$?v76F(O|$$uyT@6IRz&jZZ7Klsx4 z|8GYg@h&r*Y5t@EZQ3|!k441iI)xpC6WajeVIs}{J;@qC3&k_a9Gu8^G7+01sHJTw zdcfvaf&j1oc2G7#4Fg_=9Xas&9gkks{BW)oMhFPI0R*sojM$3)SBtzhL?wSfX#(Tm zbdn-QB8Q9 z=3}ig9SZ%^06Vw`>HH=2IlhJUezW9+OO!0xKP@s)6JK-x)xG}KHkY5{2LU!-#qm%9 zU3eI34(nk}0NWrG@nncj_$jlqe10wkvgBW`xjZKhA#iauh4dn?NSf^=%OS~bGMCr_ z9T>mfRj8}|X-YG9Rwz0+*Rlv4Mvv7(%s)xmD(jI9B`AML6or?jp#+Wf2VG; zM%vL~|GR9z%kn@AKKaKN)}{|t#mDCz`(m<@B{2lHQF#0>k9?(DCFOVg&^yAEcd*y% zZVfa5B09e5N-GBYP!dJ~vez7-^bPXAauHVbRbb8tI%QT^4(4@jn<9fdlFQHjpnhM2 z`RDasm(vj5`kiCDPX_7wk}W_ngY1vp|9!vme!m5MXeRpaIOdTI{G_g6)5zG4cXW56u|%#U*3VIh1BgbDh${(v#0k; zW%Yjk2!3M?_qHF#6tok;+qkRV|KYftTd&{^%HU){S0VD#(eP$1tcR9k0R!_4o}Jh= zk`Zf;Hw3z$m~MC{Ez>S5ri53fhF$s$09Oy@dBoZEU2Fi@I2Q3h&YAmgug%K3by9!{@JHAN-^8Ae3mzrSw@)BZQPX z#~xb9eTawNK@K&KyOo?ncCyFr_kS1-siM@EI#pZu_Jk5Tov`kh${*g|VZnX;#o`u- zmh*c&a~T~R3aq~8-+Hs{j+5i#;7<~PFIckRo(OB!eZ%$t=I{OZ#EK~e)cXlpBJ^uI z@rMBVdKCA<0wAIrV#{S967i2gxbHPe@wo0Z^4sYfJ1by~-rShSF!#UOm6P&1zN1s6 zSdpSD7L9#AL z|9?Drb3jG^NU8?d0SCsY;4yQawZgesHb0Cx#wU%Y0+x6^5=3cgo-bj+oLy&CYWz5| zAX7qwea*jh|D*nGF8%@h&;NY32w2|x*&6tr(yAt2@a`$6Bj)6T<%09Z4r(yc6Q)0r zd?>It2x`BObv(Tf@x@HJUDuiVupo0>&7ZdJR7?7=u6O-A6XSF8tGhp5D7gDTX|F#} zgTLEV=~SmOU5owTuFY1_vl-UmGKxGFIdRk6Eb`U~{N{O9+-YXX+N->URM zUT^&wr~5^BtPo%B1oRs)_4p`2qsHyN%?jnOCjBL-4RgP!8pU@XRZ6t~Zt|yozUG^M z-}Ke)GYuWm|EtTq#$1Iseo-j~K#G2S+iebM%n`2y#^s^Iz@W_oT}WVaTqmlKR2VN# z4KUT28K=+168V*i>zLwi0A7E%KGTYQ>D>R;fHU2Um;uYK4q&G`x{>1AzxUWQf4qeO z`A$XTSUua!%*t{>+ejWFTq|*1f1zR4rddvTq%|RZd53&zVh>^dUrk@-gtr?g(0#Dt zDg0+=GLdrT9eS#zlinQ1B3wgAeL(#irbaY?`)`uSE=v_jDbg8e<=+E;MLPDM5ByKB zm4Uya*mNQRt|kqY^Dt}3cO$YUR&u~*VlR701B_fBAv z$$L|>paV?<^hEQmY`?i*%b|CN`B#0L_?|U{M{A0gRdNa*f72V-nX$Mfqv)%TeWf$9 z>;b>5dYtO-mXER?@=%g{T?8N_j=tNUf3zic@hA%2uA!3qY_RJ$#(AQ#~_2&L z4Dir-(65UQaG?2chf>C`V1X3+;TWgPD9YqBEZ;t(3KH)Gcu2gw6;}2^&@y1ThTR#S zQx#jI)iaX&stKothAoSGMDJHaTR6p_fgnLFD2XTDq}WV;Z^5H<{$KMeYBlFv(pax( zEdBT}z>{P%&2qN>Is0#ZI=|;t}hZ}+884+Hi9CGqxu`Vn^$P@TB_ zvPh2d1A5%ppHO*mC(2Q=(?S0nqbEO< z)zK=wV9zR9-X$^VFX2@c7__g2#{YYa{+y$}t6hwqTnfoYkevU*$=qvI_TTdt?2{9$ zE`#rgQ2Dpb@U+eRy^j3nw_k2CJpX3?a(lV@`*~uXeh#PkzqU2(@AGT(&-t|dUv2-L zi~8HfpS@xJw()MOL4C`054d#@^})qPkaD%%SsmjLgw zvi)GJ>`F`$d4*TPhb`AKzxfc;$kCS71s}kjYMQOcTCac$E(uUZ z;bQBctBW8TTOK!Bg zc+sL#dj5`A?+^uNdD4s6v=@$6Xb>f2LQ={5n!or%?0`)MayR$Uh6575ByuG$KMn|%uu`24)e4$-m%L>Frje1o=b^Wl;YLc$V_+Y=j z%e2mduDfF?;B7N{FO80LXE7t7F#QwizWWFK)DuLV7Y2Quox#~Z`(CZ`u#S;kyqA%t zntd5&0+mkNT&W!8!>(gKc8pZAI!Peu;;ROZX~Gz-M#k0MHmSdxR+m#bFt z(fZ?lF{Dy*wQ%KGfx2)qwVyQyIX!o>$x!yD*S5WK6@51dE={vfJwwrqjypT4+Z8L8 zy~nBT@8Q-UYz~_rnUo=K4Bo+lr`xElz>HJky!1xMQi*ul`OJ~IzL2|{>f07HS->DOK(+#cq5L{^l!pIk=a=h_eXh5V?NXc#FKa>J~nMq3frRB5+QI{oI z6<4((rPY_)Nx$~_Nt>nZ)grkxn_-Z)j-3@gQkj6>ie^^q}Wz_dBG(^5Ycvf;V%x(%*U- zzh}VqEf4nfiAjaQafI8dsG;!=n6Xe6i-l-n$}@8Kn=0}!d?aSsAEg?j14VuV;=TNN z25-ImfPsMnEmmi6jcg`)C_20ZJm>uQnzH%jsVkrSx6jS9|ImBTu5@C^<>QjKK+54~ zc$QzKd}@xTv5kt=*=DmJe(aY`w)9kzPWIeSG3{5G(7djLr*>_Yx8PmeN&5v9Zki%lp&o;R^74SA8$(T{Vo% z@TdIUYO2TO35RT7i{A5+vo|zp=cv!bZZjCL+WF86kEYyZmYM~bDPZC~v+u6rfA6|` zYbi`LjY%X=U*zCQa8M|T6hhhDXCBG0ta%#rO0mCvUg1ds{&;`5th-ln^s-S;5Irec z8qBf|-vSLNAo9)y5IPw3syIMWR`_Bk zgjUy5>*6Q;vlmM`y#s&q?V^)&zWrRM!AyC;lpiQGmQ)+I-WV5b;+ zgijs+qp_7x-W~}RJ6^kMX%*s@?=5Vbf_zClgr8MNjrK*Tg0{BZMD8#O8%dg$m6*Tv zoDl_oES&eYsl>w!szKginRww!&0E;f3rj|Qy|~-GNAv3cdKbgYUZAnWmtK=1#)raC zq}=eXf$=>K>c`p7dlX=m`0>3coRl?V-plI&A*l2N98+I`iR|AsUZ#52hwF zQaiExxR8nW^m`Z4Twl;j5x0B`Gt2JQV^CkGc#VpoKvXs5YmGeo1$2X_DvlxCvK9jF zf4Si)Hy>$;7iGMN!~wodAXJBOz$!UnOg02Td)9y{pWhVpa?j72;yf$%-_C=r9 z89&c@NeJ76N5#}vc$(iO*Q)x*R(;9CCpmoT&7ZwRDqBc8!?ps607*c$zdr1AS4y4T z?A2%|FQ~+s;9Dr~%q3OHH+}v)ewmFsEc0MGDFi!8nM##9Sdf_o)U16<%c>&-`9GYj zc-xXc9r2rFZ%GDha>-a_rRhq028N~xZ#w!PuDou`NCKb^#q#S z2DQD4uSEkTzYhXd*fHv$G>=QgLO*Kjo5C#WLx1x>HH0f;EBU88+;@Avo*3t?cL2Ya z<9heQ$Wwfz#S;HUf{Jf71{M7#sMDDTb;6xi4(%J^jnA<97b~(U4%}@?>`PwZqR{qc zGvu1QM)A?N#gL1wb&bOLoivP@o>LW#1Cc%Y-Ed|NHCo?Wk*bOGTmc^%BH>w2Ncj%K zbM%A2Q2@-a z3CQdQ_4=}os2aAoLe}FJS=R8@&3Q!6i76i>68`K*#cZDK4G4(BUO+a(b`jxsLF{Hi zy;?sHi(z8K6$=mDrvTRZC{YohiPiLH7#=eG6x z0~!_>sm?qJws_@x`%+QmP?=Bt0X-er-9pEvJcdnPz6Qne0|d0^4wIrPa0lo%5;*zm zbG=(SMd6HQQ9E!GLEG#%6IQ@@?Gie8xnF)vNd>TlW^aK7eNVBk9*@=^&%8ppH6{5> zUcC;8iEF+eRfFGq)@kLsYIqBJQiuD-+VkQw6wT9@+Sa}9iTEy)-DqxBIZcGz-`&G} zs(ua3eEXD23kDIdaGzhS<-?juwk`gZCSZutxd7F8v%>wtNp50Za$Z1X1%ALGn=DpM zTTR1~chV$S9w0j%i;#-0vRSvNJD!!87{aNnEo7B}VeBQ34tenKeQJiPdx1K9REYi& zLmu~mA3?_vGy6^C`yvc!QG3PQ#5e43?`3(huLS+n1_UPi3&>#n37m1U`fA1Mhb@t_ zUR`pd{mN^2{r99fJLSq;COL5FbdjxA7Gd3G^LNg$BQgi&R~8dn}Qq$ zI~h1PB5eshgcZ(F@cT_;BXS6Dy`bW6>BrJn zF9x*S4{o++dEuKiK{p(tM~PrZ<3ieFFXS@-M};etT!? z$drovjvWak2=NiVN%!c{7BelNh=0k&+{hzaiV;X9VGQ>nfNXTvD)7mX!pw*Stj$aED8augm?k84B|g_rYt zwr^&g&!Y!u`5Ns}BpyWcgCd#{2u+x&0_@x*0xv%_n>Z{^mgbZ5J<0&TY&8nh&Yj zdU66=)Bo0$cf)qHSPM_3O6GUNU;myTQQ&uXG{I9#e;B~<(mN3A-9`!NHy87-V}|$g z=x$K5e)A>|?mKe*=yk8wk{>rQzO1eNOT+)EOT(YJm_NF+`a2gh2 zgtMO9#4U{Iois=G{Gtt@W(8~;XiKq~nIE>Ds_Y2Hoq?^<>M(Noo984Ab9Vf9k%6-> z;crm*(Gxny>6TpH1v^>>JX-|r%(`df5YH6TndUokTDcw z735#bH^8BCp{@h`t@X9{(fPoejG!CPukO3JOfPs9J=exmZ{%(6;%fK0hyB%q2NS;` zux=o`*O&mJfTqL5!6>*l+JkslB*X5!E^|F+6hDhlMxR$g3g{+-yZD1pKZb_Vn4gWcxH=uyfN z71LV%!8ZT`A9fY9ywK)Z{P7|T1quRh4B|9=WS=>@^($1egbF?f^kCdJDd+p-s6-22 z?Nh&f5N6^C@?<{zS}52yh$Q5aeCNied-`&@R(~8O&a+jxTxpo#(S_?+O9w-{8ElIL zv!KlYq2}x?QBLIslzbPb!DcXGz5ji|P7 zhQSQ5k~fjLYN*SAHnErTaBWHV>hr_oVWp7J>UiYnQpRsL>m%Dy_9|cLA+Vp4nm1}= z7~eIKj_{1o5Kf(U&`mF-)j@nGtU1#1WNRUHbW>?5ELar%+RZe0Kv}9P%4kjalBJT| zh$4!Ri8duBsGRZ2Lc4%}L-|HUIrWU4O>p1k=~MFbDT#RB5<7s8tW*kAa8#K4Dr$Y*21j zg5E_O%qF3u61+9OTDsTv3WXX-cipXd7`@1su@#CkTvB{+rILy%#H|rkH+kq{{EDf{ zrO<***^6(K<^UJ)$JWs{lAg4ka=$k{YW1-8-EjRg77b&V7&aT?1V$(sKU7+QX>f@yZ)#xCl?o*4b@4mNy7^9abBlFYWPvWC z;NgN9DE6CyY82}w`@}0JzB-2ADw^#$v{{f|Q`=t~-pyZMl*Ksr&hIBd4Z>05O@9e`onL?Z2F_LL9hJV8!y-syG`#cV<7Qoy(%-_9 z7jSQ7^bDgk=#r3)M~2XQrG3M&LY{A``-nIsU~Qc6=SS#(Q6;#>wWVPjzjx#w0#d)m zHhsD8ffh1&edxTJ=A8O%TTk6LADjD+WdzQRI>~pr89V;0^O2wTEmyY?fNtf7Xg=?= zgwIf{)4}H^TrH!-F-_gMxkwOkr}kxu2=4V87Xd)$xNbAu{!~PS{lFn@BWNIfh`K#H zebez5?{MO*oaP42gRlklbqr)D`->$)U!zdL*$b;Bq`6qo!U28dj$lQ>|KeB;FR_1-E3m`J@8yEF)VmF-@+~Mn=2-h zutUYr7A5SQnan?`AuG9*0u{6~gtdkCMH0M3*xkl_5luersAciof;V*db{V-t2aAYw z>>->4w02E~YO-L0b^AGRm?Sx7Gn@Q)CSkviuh0lP1UAB$k#C0x8e{Z2xaz+<2Dhe{ z83u(Asg7{xr}`qxh0))XYu&N&j0{oor~dWTYwE^QZWL%Cz1#ia_M^DMU8hx-M#SOB zcj(KqojT!MjmdEAaTPTMbEY5)HNLYWm_)+LGSf6X%R}MaY55{=A0ldD+L_18mc#G0 zvqD9fmuCQ>{WS_D@OzNfUp{=s#b1LY)0=P71rpp0Ra?~H#?)KBbP=+2;4Ek{)q#IK z7|zS9+3!0VCha=iB!l6t$o2t|y6eB}hFF4aBN71ZTGE0YYI_mb97|QTsRbbF&lO2t!g@Sn&x`RgeuZG1yE568!6K9)1IVlX`$Y;_*6? zqUm<<{TXLy7NzZ&>*H&csh( zgEnc>7lIBRZroV!VM`@P?eb{Oqc+DkV}v*(;HyBz?gU5MW=xmZG;aQWuvDz7 zg9VLJ;@e31>3r6vOdAAo+xL^eoiVopT@>>+j2ZUuBoJN^KQ~B!-tX;>=mVCFm+!RBP1qtStsH!nOq|vw+{RQExm;suQ`x?7XE-+>ff4NX zslRwj&SBkJ6b?w=MxbxG;ej^36bdek<|n}Jlqln*+Y|d2soXZl?b^qCFeAYu3?vx; z)qcF7^u%@ExU*dO19qt34rjW9I-{AsUl{1~r9eVO@ zxnTGa^$t8%NGXtS&zj-B1Yu7?LwA4bhl60FlWMK&`nO>AQ!5nN+c$_nm5F4Sd^0T0 zxhm-6a-R4bHv;GnJ#cCX6CHL1Jg?I52Aikm?WDeiV9DS?s^6u@YpSF zYz@Jx5j+6uCl(;MR|y)f;;a$$BB)@HQdS|%HW?b-<8R-3CuP1$zOjP+lwKp3=Nd<& z2~!7+sSOYN{B~Th%P?_~Mhik_|5yiD-Kxv+>FL)LG(;%pkBMwNqKDv3xe9L2@ktO* zA8AW8Y<53+8J-j2eO9r@Nz=d(doYp~m1+@;YmUKbAuMZTFI;VVLq?Hn0ZIf~uBcEj z^*}F(53_>~f{Rkg&mU|iiAP*%M#+q%b{K4&K3vF6$vCmht06q%E^_lxn^am3xqO{R z*KMktKdM7W7a?<7Kl&ComZYaL;x+=LHfk6c*f8l%R;rzms*DtAk*=2CuaRwj`$-+& z{6`6b(klSM;q;Fn&>-Yjc)pfmu3=<}ofa46jF5oS?coL^TSw@6LrMVJL03S?%V~@C znNEqb3KAUop!GiQ#-ekH(G=2_lwB7-OiRZ{k4L44HzJSEIuO@glA5yA7Bx}Z9eRS- z1%0aO2bEFdDd^{58u@&!fab6Ow)V=5Q^JH)$ArG*>LA64kkh|;dWfu ztY!fHDo&tgLSfdto#SgpPYIn-6Ox@W%h9jrq$FS5(nh#mu7H+l$J@v1KLK%XhoR2k z7k_VS;x`;TslJ8hid_}~aTzLf-g^BJm9*|kW{Sgjlw}#5jtSSZ{9D1@1aU;(?=W~f%u+z) zl?G!!D@kW(DR0h$A?R z&Fw^`<%<>TynY;mpz(=-s(LHSM76K|i}5Bjwf=>5{FR-tI2Q$+e|XGHM`?chC33w`Iyoan3LJ z?U6|$MK#A&3EF80kFGghux6#twdD_Q&Z3RyRf!S7tNE17)*&3bgHCL_nUwf!YERfK z)RF_c4K73a+9Q)Jp`HVhildz0uiW0M4}`D^Z)SG&dwnN~s5_}It`ycEbax`J1}`pi zQK#&!?Vj4Uk$iU!eG1~C7kAkQnXxNKgcjiTdrvJTrebkJpnH%oi3BT#$X*30I|T6G zxDhY|dZFn0g7Tv`dH2bYAs0<(Z}K`@b?QOc&0Y>+u@0(jce{I;vhZR-V~jkq-o=j?gX5!~z9nXRq~&|>v}n!aCra4Fdo;}YXqd{5^zZkY zyZse%9B|LfKwr2CD(ii+D)MnzHRYCUZ7vKSKD|Yv((e_>bE?U?2KB+?6u3b`B}`I3 z-S%E@XsL>=Az-A|N~YccV(!8Jt89paR@T>@6*$<^xR&;r)}0VjMjT6%6gf3Mep9`FK%>9+WjcI3sS5(~y>TTn#$O1{nol713;pb^Rd0~) zwKmmDfLMAsU&aU1KH|8`763O{q|QLvEDC!V%#lkoypBtzpeX#NI9nKgTqZvnNd2vl ziPwBSjC=u*Ff|h3S7~Kv_p;UN7YPp3mdY{-GeO-!D6qgNV5jY%bg7-sfqoK{uY8H4 zn(5Yl?=+DY4}r2%*5R-ahf`40;G`Xsv~`oR{btO^(ogu7w@f)?sYCK%6Bvh;;LjC~ z#77PS>v)lVMUY|68m3StF=>6qX= z#sktkH6IG_8w{oXQTQ5JE{}lewl4vGN&y|x#C<;xl!2J)M?`G7 zqEQq$EdVsq9ey|oxw`eflbf`@k2#oK!)mb4W|1N#hQjIh1jsrumPC^hV-}d8Mo>?Y|mIsU!>ni zMve7lGn4nZEot;>(03V_<|9^+c-1qK0AJcrzh=Byh9`=Ro4{?317XExE1)sKh=&+w zT7x8@%;KALskRtZrf#k%R)i!J5BI`@vP+{+J?Y{-o2oMLtpu81-ILQ=UQ`9vPI&Kf z3k=YeP(SGWszzJO`pq3eLt2T(2wqdXF@J8`VC(Ro+O zo8kvvgBO4}bRRIZJ1`dY)F|0)ZavfD)y(JZOoNU%V!(m?d762hfa5J_t@0=i*kT_| z^s$YoemJ)zH16)gl|SnC^Z+%%bhg^+u89<&t}?nM(o5^&Uc!S_$V)p-XU$pgaA}yy~27-(>Ocg1=8f$D-P0Vau>3XI8Jx@V~pX$5z*& z=i&v-jHk_pTgDrenDpl3QSXu6=wFZQ!%S1IL*fJ0rO)FpU%XynIr)M+pDs}JCwi=| zAJNRis~pwteCoP_aH0?E>VZxLQZxP1JIi?dn_&gNn$F;T=SFSC3gSqV+ZWNoR{YGp zf=<4Utj_*@zwG!pjPURE%YW8b|IgMh|8ouWpZkG-@4NlI2lzj(f&Q}(z~46hbx-ks zTm$`Eukk;-Z}(@NNc6XjzxN0Kw(+}X`L~Tf?|b=I8-MRJ{*V3mUtP=1il^>`Hx|K` zwekl1lyCKpD|=4M=>2+khjN-IXFSTUc*`#c{-_fQx)U=-oOwN&)GzeBvN+82=#%eY z81(nGI?x&!_5Gn#fndy~?QX()iP0^+keKT}VfqxKxOF-Enfk&ntq8GC(-yZ5F=DZ-B~`VL4Nx#c8&^_U#LG3o;>|;=t=H)gU1^i%X#!>? z>He&P3P=@jwLO)}C%r88Id2A=l)f?I!t;~g-9enjdQn~`OK0ZtRxmN7_Nk;`7(3eT z4b#x3MxsM0FQ#}PPp)*BX&cVo+AYEb`lyZIltu6W$Ma-UCr;mfv_fmr*BG_W1eq@) zG+ZaGEsDg6FSa+Y+-M2B7J^XT(a>rg{YYRLnt-g+ z!{@`)YV9uk3@QT1SlCM=m}poR@OZZyYc=%v9^e(|w*Z-PPI}khD*=hxLYU#A)RdZ? zLl|y%*}i)6W}3ussNJ;RR1ez^;kN`n{1o#_mTvGZ!bNKg=p*ti#Uk0u^7=2cYwL#+ zxCa#GxM1RkMiQ=IPqVugow`a<-g--y1>LzB^N+WGY=wk0ZF#RBh=|CRmhH%L5YvBT zubkTa3vSk~65JpXyFH#1SLm1d_Y6NpEjDU}u+sA1^gUt zB9=wY_Tu)i$F}H)-Z{TejlhTQ)c`TI&Ey!bydPXFs4Pe-*RvpX9PQjPe;>*k=jx-1 zTPr-k{G#@Rk^;2<%H%WpnBAIdRAF z*ys;i<|=IH`|h9)EG>xfXbKY?h6mC2z&hJ~ZYz7`UDetbd>Y(E%OM1b<4(NM=z3*6 zx|gg)>Wp>68ETcSR`s$oFneh^3aGJIT0XU`+e7u82{(X(E2U@rwyw>g>nPfZ3CX-y zy5}=lVKuX%-(%6iA-71K9!t}G!xH-bx-+NWZ3Q}QLWkd z5ayuPw=aDA>+Lh3T`szmiQh(ugiV?*I4uyG58SS-5L7!)?$}P&^odt;kprlR5)=js zlypFwrGaRwMpJ)|Nw2n-$LE@DBde9@WKmjq#jq)wqB~cci>W?pPJbwfN)2fK+r)x} ztcU#*0j`s8f;Ll{Cy-B2Yg+yQg?8V80E@!swYR#K2Iy$uFZb!`0Fy9-p|5_lGXBL+ zm*&lr`F8i$z(&?JzKBDPFk9SO4E&r+$*WpXy{O5VG8|zRq8#{$aFUEl1}Fsz7C}Kj z6~JP~NUx@-n#Fj~_~v$M9)T`m6+-Vpb^mu_f||h?2)&TMv(Yv(P@0mFv5U|sC&OF5}>T?YX_D2atkLH zYhB-KrY?Eo8&fsaRzJduJMMwU(6OPTX3 zo#otu*a&mK$Opf+0)My5lRd2g)&%_0N{+a_P8SVj&p@y~FVH{zqeWN~)h%2BHa(wR6l&QX=i3l43DYtGs|QzSpnf-ky9)bG0qQpR4XKJZCzioEOm>=Hvwbt z#Z=+^l}6~@h`SE@8sepp>G45(9i3Q<)Q#=j$S#~^Q*dYUfvK$AYh~qqu(i{2YpvXa zMU&qN%cpX#$0+4Rl0QZ?$2Bixt*aJ5+|*??YvWAuEsk~~vXve0Ytzfc-nQ`WW}R6p z`|amMRmrWFN_o$_`J+A_*|FShRx9RgLLc8vC+dOmuy~DGOPfMO<>;F{?vO=UKL)6D z2|Zn6bLb;K{E3xKC7?~z)_}0@C@m0a0c=gseu8PS>5NU@I6sX8#~n_?)%;Uo0-o{L zwp6k!t964M`eJ28Q3S}*opU`w83P2cR34qTqUEoo41o%?O0=|wfK-~0+1i&xw2hm1 z>z#KfXmc7m&z52I06{MjLkN22Bo0)2sAevlpaSq>f@i|w_r7`g!^AiF088y`43U8o zRi*}qe=lhoa?VHiuB`c0$$+4as?7_4=6yCi7=Ivq@sSfl zrftGdD!&RPZQiK{%|JpZTrK1L@NvoT(`k}e{`4v_x^M}YA73j^1_i;LHV#Oq<4?cc zkJxHAULA8{<-|_xJp1ZO^k(~wp`Nk(y%^ZGS8$h8(y+IvX>B$EKbJ7aX7SEWoO|^8 zRgO5QQw=hIwHEft#&f!0mM=&}<+eQ|Yl<-)quyrahF|rok=7^mj%%8Tz;IOQMm1YD zV9EqAmfwuSjty{>(RgRWh}9ei`8w7^nDadt49Q{aF8jEz&TQ$q71W$X$R`nmXfO>( zIN6uJzy_Tc-$(rW#?e01$9EB&kWm3oyB9qUpBYk)fWQ{r1@}%@gem+m>!zf-JrCW( zt%Jf%ST9lc$PVM-VFt>w9MJ>EFk>~k2!6(8!@h5n=yrbCE_6Bt9?6O`=~b@XvJ?$h zB1pf=8WkFa%VW-LpjDeazf+?5~~8d^XAh&ibG;xDm>viyKLGr&ijOs8%+f-pHC%Fy=2SIlAJN{Of&p{sFc~p>xEs}1 zx`~9)q?9=5Xk2!U<+}2_4eRd0sOsJYo2kaHD-n#aTa(3)w+EcgV^ix#G}NZNqIEzg z1o*izgY>4Iq6M^+9l&CgpTMidKS~2eo8Egs2tt;2qRJ}Um^zQN51YK0ek(Hky@jx6@lqY z6ka_-b)ak4qWy`xDKejJQ#O>~{p})8%jXOiU+Ek8%s#dNk$1>t@Cq~4ExLfk3@4u6 zpMT*ktPd%>moF)n*vYIwDYL90C&V)tu=E&Au$60(ONZr>jmDi{i~^aP&=red%Dz@K z=2I;A1D8ppa@P`8b<#J~Rb;JPiCG8IlKcDcQc*JDxT?yVn20J=O)9>*&}(TXyw_PQ z?dYVyxzUJ0F%Hpq^EJ#U%*~Yoo_vWWC67nbZfKqC*@XZAY49OT=lHA4y+rmqcTGk| zIyYxGX3UqvEL<5W{a|fMB=UZx_C(g7c-KZ3Os*~6`0y)2V4dfDc7X|ZU|D&ejBMrW z{V5fq4f!UJ2e?Dr&U~;8OhQL%(yyrc;*#X#0S4 zA5(0=gh%0BwxKEiEaEbkcLd3WZ9$F)-h(p0=UghL>}r$n)~kmI8=_-1rFj3g4oMLqn!IEJ>f^m)$gHAc$o|Z zT7)iiM1per%@r;0VY7`9#Ti4-h{Oh%e*D+mnMYeZ-*=*_vM~F7TZq&1|Ja-0V4JtO zd$seQb85~^RmAeiAIJD1^Jl({r<-y&{&ViGWpA(I|L6M}{9{h`yqfo_=WmJr{7-CII(q(OnLb>>-vMmM z$U*q~ZF8Uh{Wc_|hxz&)B)LQH1(F@P-t~k%wQGaWrLfX#W4&ke-~TL*LNifllczq( zqSD83e^`!o9t7FQV&7Sg5*i+Oxgo>FK|MRt{EdABcYC`nhW)3W8|y|ZORDhViI+6+ z!N_6IH256ZJ)_V0bu3a%?9RV`?{R3?+E=a$Zbs9P0h1eS-hq8agI5JS^p<(!%$~oS z4ti;Ue(4-t8FzQ+ZuW_88Hop>(OCMcbMjZaX;iy;SaapC+3JwlzCSWcSO5AnRzs87 zU=L=mJZ$7YZTiMyM9D+_5G@+lz7&!p*^%G+ks`|Yw1=5)cRuZ(dMoe0^R>{x($TI9 z7CN%8{$K5OcAvqux#+*`XZrmCoznhPWiCOTYw?gxLT9flG zlgs|m{^L{RZyy}*{n+`}C+6^c5BHrpGLQZCnZfn>_zl+ExHdQ%iXEtl+`iM?3VQy% zN5A-Qpw1BeC+BoTcfF6n$^W=ce>`zgr-RY|xz2AqSZq#$Hy%I4{W%uXxonR)|M3e5 z>Ve;Bfeb|hzsGIg|Jsc1?i;n<{l~{4jlU74kHW{c-ab?KqU7$c?XvI>n^}f?e}DPN zgECu(Nq}`JlHaQHXN)hiGrn;kfU#%Sx#&@HD__67(p`Gjx!BWP9oO9oH{9wG6f*wg z``efvHV<5_}_DG z7v1ylV89-Qzj5mKD9C#aVUGBT*MG*))2A~PsjnMQUHs&<{*?il`}`}%=ih5i<|jWo zdsLpdXYO2h@~@re^vSy@z}ndB`6u^&wjNKJe}sJm$6VdVgYm?bejB&E8*K#YU+9Uc z`uWa7BKUoqqS6^RQ$JZ({RBe0YD4jmMpIG^eW#*Vqae)3KzW67;j3>VMC$=(Nzx5}+_=$WB>7q zem|d<|NpU1uJdm_Hu~%rLoD_0oRO2zc(7c-{?yk0F4z7GKi|LH`Fq^`Up4sQ7x#b0 zub8J5PbKJl9&mTVY``tq7>+$0nhwtj? z>yLMR<(349~jU!q~pZef6p)&`BN%oRe*lWaCd%YM1*jyU~>2n`C6 zmdLecp70qz7M!xv8CZ!T#(-i;2~B(%xk8m^c+~!~)k#_T+Ky$5MSX}-Hzp~q=YC2* zpK$r@rfwWT&}M~Yln5mtz=0sI<6HsMMNG^vF14OTuZHE96f4Qv~UR z`;KH;2O}T>p4vg9pBtu%`9Uxl7~$!Qnx2yVcqz}fhz6|-Y?rP`uO#$k5YDI9n>jcI z=on75`}u}I9^v}IP%aFpJ|0mMjnkVxz9#fmIklp)Y( zU6!NtVdQiAB){W4DACuWj?SCmsTT-o)E~4V-*BTkB13mmBX8bt`dZ2J^l>U zyDLO4HTEROwMT+%XYexcBh1pYCcelsp0~HONlyn+UR8xPsIe8Wl*fbR-i9YdprnYJRT19-<>C0lCapFv z7RsZmEO{?nOs4GzK20$rlaw&zI7Gp`<&p$D(P1d=FdU9`gy7xK5o>h0fSiw%9)b}s z4htEu4Ut}4{MHw#$t$6wWB)zC6A&E69$g=9gs%6iqLQB*Koi%KCIR3e8OVFVs~7$m zPw#~AllP!2VQCP;)dWE4ghp`@C9`DhgVznZ+*bO85#{#F^&qIflH`6t!!DtS)VUc# z0`Mcyuww)3-h}Yy+Mf^lxb z5hR;EQs2RH0>kDH2bodVi!@(;M(^o5zg~HZ=Se!YLr>ydCPD1?N=$48FGSjdd040% z#(Q9WArMZ?U(U_SumwAOy+v<$jHMdhIJA^o1U6a$3TBk|s-hBCy%D+?=y(&;wR8Ew*EamF>42@sV0wm1;d?%< z$^Zd9N(s!qCKJrb%)(9E#3gqN(eD+yaTq|3CHw4bgO>ALfeaqoX=Ih<=mhj@6RiV< zG4+!}ih|;5K5F9c#oudlv1R3OR76D$r6p@jY5jBN`KwVGW%CdBdAf($<^32 z(6w)QtqMRt^N*7F4cxgU!m&EOEj~TcILT^Nk+F96-a4l=apqMas9@12q%YVQz3V~n z*7o|X#jWOyRXT5LooBeDvXV(gP(KO$VJUM4-*B59p8j-@X7cORbb~`KsF>2xG4&29 zk8usReiGSEf;K3Pblk*aY8Qo(LDED8qE=CJ86Nr0VKF<(zc~4z1AEp8LNDn66-=+G zOsv_YtA<1@Yv+qEITYpt8{2tObgel9j1GiijW?twxh(XHcXC-ZWZP>WoZvNZ_@EbF zXXYD2MOXkw)}70qtZG9sw)gHB$fx#ITz|YGzNX|7WU|A3#=V|_IdR_`72-tI%kV#q zucBndi4f@;U)B+n1EE>67PL=s^O|mdYC(wgf;Ma8cz>-}^9Ev#i)7mQ7CjX1e zVax=~LJb0&oaZdP0XIP-r&oZ|4^SSVf~kT^5(2Soa!}KvS;Bk`j$`cfdcB`GJN>a# z1?t!DO+mkw^|ewF931StXjPCGWR`ljlwEretE&#_H=#Ze=gf72(6HZ|-2-E^9DlLE zt&UI4clCog8H1=oR!FP<&N6*Et!k|jvwawoWAB@YDu<_1QUFAE=rZ|Y8zkEv?Or>+ z66TX)$xpzPa}kdAH2|a92PTuk^4rPf>Y=6CI~~8EM3jg1vm4uF`V(y8V@nlV1)qc} z0#OfRLRx+C=g6($??VVu+?n|&_5AnbLn(x#DaGREwQcH)R!fA4pWj84qR&=GjEEYF zeY}h6tjrQ2!{;~I!&-v1lOn}+Y&k-%vta(-rr*o9MVzdjvDYcMu$V_@%J2Oe$%pc$ zIpf$$SAc@l9W$U9hdZIKojX7yjy?_ho^L3kN9>c{+~fvsk-qHyinkQ$Si2`Mkzbwc z+xg%fK79^!HOUY#Zk~X{r{h-b;00!#LY9mEojnC*R~Fz&vN4YwUCzKGKo3W&VbJ}Wrml4B#a6>m_JIz|mOZ1MukBy}Gs9@XWpOX9<#4`j!# z92dRE4#A``D}@I|?A})7f9IgI01AabG=MN1tvL&DpKHCej6OYQHD?C#2spuozhgL= z?;cGY@_>{h@zUcYw-P~FSRdQhCSZoiB0>6;%un0Y%p9z)>$ zkOaVVbUHDHMJ54^KT%HNMf63cC z9;*H1&th}h+k^9Pc6M0u$OwEg-fUA?0$Y}_9yMW{cxk21>FpcAsp7T1cGkQxy=$YX zt@s?uIvFt%^FG>I>RLN7w}-uM+C;IxT~r;TpYZQAZ zpMYy}xX`XH2_0y($Gyc9qOf!{a>Jl;P)+f=>?fv=dQtBUXA|8B?U?Uc2Zy)CbT?%x({XpX4SPq zjQm#{2aXiI-z`poJC5!Talm$?vx(CK%#$JmS>(hr4*4+*^VjG^tEnq;X9vIU)ka6J z&dK@Mp4AS2c=_W3u%7u&b=M~bWN!@k?*BaJ|B!ROkdT@ppExsn`EWbRzu)3)NIK^| zOV>Zz@D3=i&~MAy3TXFYx4btqVwk5ED8kT={!GhDa`@h)%hU*@D*=I@?0{g>eC+7KLvl?Q49x`nM4e%ay~#dRQw$Z6u{p zPTW15kNLtZhJTqDe`*7kLtz(Y9vYs699jgbY04p0v_)KH`9TY_aZIZ$toJ#l$G98i z>v-hc8VA4$N8^Z8AH@AVSWK ze%seUDx|or(OgU?7&Wbgt&;x%^!7vLX^K2o6IY6i%DF1e=1vQ6$jx!{OA$G4zt#of z9qUJNa3hRNKnn^5Z+xu7suNvAX^6M349 zrWmTqKzocPPDY6Ep-Tcttmc-HHC5PZhnTkJ@?~IY0L`G1>naS8V-%ySR}Car%t4@j zz0gg}CWbS&@jaib8o;Jv>}8$p@P)j#Dmjt*!yk8Iph6w8ph=bC8?(Z?1K^`ei*pb` zQ6lDc!^?VzkCLZPYcx~yW#5qShT*aj(tIp2iU8VbAyS<{U7axReGJ~B8C+j0w6R6{ z?k+McCZD4l5tT;@>>0He! z13N1Qi$Yy$J7wr8$Ebd9%M@~ZBH}NPP8H;MwLV1{#C1vM$2^<%!VE6Syy&!i8IYm$ z_)?=nCFb?f2|}?;?@?sA|B8AKj*G*~bL7!SNXSNGt2%oFGBy4xEutNXEg+R#GfM|hvDRho+RCOBOHojp|mCZ`_y{X)T0KJpvbkn8MPqn%~4 z`0iIr?KNT?PE8Ik)$ubvDeVE;gB`|=LWGyn2_6hD{IJvn>%PyDBL_g51DLxp>mE<( z!?7Au>yTYjiuSPV*R_8x{RNCCLg8tUYsj4`Ygys1{r0^pH?o|2lgd+)d>I}_@Ws_> z(YaK*Q<kE5uVpm@NY1oD~{?mn^8hEdWJ06A~pC*VTt>#<8MXX;Jf{Sv<-Yj5Zt zeRr}!sE=%MU&nEcMksG8DPO{n_LD|>%EiecvINpndh(V+o1QdWL z3P3>8>ZBBZz)+7t1#Arnsa(9V?dwOz$XfVA`>T4v`+4WT*X<05`Mr}cTx$}B@$%IA zJUR_=HV|ze(7;d8P$xQ+!oWbfHr1z8NE_-#)wRBHk&XfZ#GdT^ET4SDj1NxxFlJal zWEqnKk%G1mtiG^%K5ewv2Os> z?BK+;q})jOA_R^AUQ!NvJLjqc*X_)6np>ql6)*h69(rIE8y_6YLhQSGA_fs{77kJI zHoJt*PbnL^7AIU@5)js9FQl1-ZlTKW6zqaFL8FD7#yV>Up|PfOjflfeFW3yYEoWAa zc}3ELM{E3jDI?5g5YYimNP@ctGTvD31o(P+wzBTe*od7@n)_NmdXl@~qHIXA*i}at zo3Z!fJ2~UvdSTUSzvYAojA=!Doh`n7;N`28Azw+(?O|N~11{?5Jb!)Y&X4PyA-*UM zoU3Cf)P5Cunwts9`o+E_$sKrfrGSbH?Q7d+{svs8Q}wC?21^IT$dlqwF73kUYs%>J zEZBuSE_b(oxta+=j)s7P`FH?LK(fF7#l%KV_FOgqxm13EVF?KkFQikv=73j5Ujj*B z>}Zn$hs0-kW4nU(D9)3}`YZ3W6b-cHNJHbV?nM>#i z;`i>_J(TyEbUKi_Cq}lFEY%a$h0+hSP>=;6r3`$y1BpskQ`4YHUXcOS+WL$4bT&#~ zrd^wG<9CVN%IB;%*{$K%u|)4737h5psMAni2Z-o*qQf>*BIJ$}(8P8rB`Du8LBiqj z@I(~S05qWt;02lTdzTz^&u$-w}^L3sH5w^2CX}yuI*?3Y6$v8c;{+pZ@du*L{w0W(@^xyL0p+@ zU>`xzQ*sIt+eH>qfT*;xAw1G1G}J18^!O=yL)gEJQ0YKFHT_1w0=+JIECF|{!)r3H zw3jtW>8EBwg`hMSt7&NY$fCYp+Z2tTAlOA6{W_Qg`t|-5y?l8A7i)xNBP^-SV&#>$ z;d(y(Q|@%3GHU}*(}9Z+Jr2wPUpi1E=iICbM5<1p-#y8t1b7#|2}H360&O}5v0IW$ zNzp8tUP1vGtbgSdRkR6eBAb_6uW?1L~b;3Wa5#i9Y6Z8jgM)B%a^ zhZ*EIXEN<^L-Xq^C~v54o&C^eyG%#$yoUr9D0?Y$#K0vWW-Un&$U3cw=-VV;e^-jv zxSGf@j2%3loM0%i30Or1d(SY9RlB>>>dk|<6T;j0)NRgZG=rpHGo zy~5xw1`Y{6VRW*`7D<%LG}~_QQ(`|%P^=@9*rHGYem7c60NIW3^2vZ1_9DvDKoQ^8;uf_Y8b&7L;gJR@Szx?W=aA_uh%!f{y+rzG(c(Sm#5#n+#G<^(F`Cev~yQ+Je2Ngv74ol#Ly`iDQV!oXa;GRzsFvFfle8mL~S`8L6jZxf>y z6o*u_B2^mAz#mC^N~qq=>8laHMW+N{xGh0iN>~FSa%$&K(szWqedRNt7I0cTEaGI! zO5EhpbEwHh!c&}m%hq4XZ!T_2o3~`uAu;r?INF&$->&L(>S@V#mOO-yl{R@cmhg>o z2;mPi%fAcgkY*fJ_tdEKGg&ZEx~~^IJksJ-#<@9fFS{rZ@ihm1AAv5ZZ1aQHSeWRL zB7|I0Kxna2ll8qy7UjWPQG#i&Q`djh7W>3OVln|?4;cJGCpNkr)M{$l*%(*#jeNm}cIrFDsG4u68 za_MqAgbFE`JRYfndb0`dKoTmb()-J-2gmg+6Y^zF$rNh#BW(W z(l3#qD9<xzw!1cDZsb3FOf41 zsjEQ%cE|4=>x0`CX`L6hw~H-gMpZt5dQ-fy7N0Y$5O7`x5QuOr7utTaR{pgB9OQC* z_u{5mzr?*cs0DIK1AFS5Rpj-<_W`|x_=kV%><16^B5f!65kJAqiZ*pJRsb-dTw<+@ z$mKWgRa5aFZmeIr zH_rT%nmECz@XLAu3(ik&p2sGf>Gc=h6pwQz7I^N4nnMlkeUkI=X$m=zwzapJQe%VJ84FihvJCQdb=3MP3PvD2hoGo&xe`Ly*OfcR>t`J8u2 zs7(aNV~gL=y778dH0QUPGw_|!r<}Xn(v338msC_Tc=UyW?WG}hgi$ZA_T(M{s>Kgb z2Y5oUi@TW_{AV5rrkHa;$y@vYaJZoP9d8+OyI0AX5kx|#xM3;teH{ONZLPaGl&uJ* z*qQ)m+u9MFd`sx{$mTCb z>nM!%s{Wf#dLfr&9QB#y>_r_JP=F!CbG@^RO8kSkmC(cOWG<}cJR-qeFi$BU;0t)yq9ged|` zxlOy%HjxeG10=!tJzk%5J~+G=#QpT&y(R~)Vp4az5CucNNU^*v6OCSt%HF!Z_IQ^Q z%ZtTF(zsI+14w+}_MAp?0}nvs8o9(6?avnl+0Wc?WtT&TqP|l4(e8XdLjY55)z=WC z4h^uRrZ%`%#I?NZ`fxEmN1_1rUx!Lg4B8nf^aIsSYP4s)fHaV0v5l-{C^=x>7 z&j-1z;wDst-OHoKDf8-cq`vrSg6r<8Y8C*_{va*M@lLjs-P@nC67JA^k>lU%I!iIc zX{v&%vlI`}Z(X!1iE+L}>`Y>4IyGdL+>jy^xNwDR**LiQ+}~NgUbycc0gyMRRlQ!e z2{5EWe?~JfhE(4{jK88r%bZ1bDsK`Jj!2E`zFjh9ClJ406^dIYyZT9Szo0tWkn>}p zX_^X6VP2%qxaQa^xZGwsCn42sAuoSqr-?#bIWG_MgfGOC>fz-Kj@_di46%1X6)Voc z%M=UF!@Fq4=}$u6U;BWjT8?_A14*x)8|VmcSx3=B-?7_1c}SDOcCUI!{j}?ya`jTX z^;wHRJI94aksq9C*w$8@!gQHy9RoYnF}Txx*aq8`aJ95Y*o#NrTEF`M)Z!oZ!mO2t?HVmx7irEP9A%F=OpIZJyPa3zrXm#o|gg$4te*p+1$fh*R;nb&0Atz z>Kt1cLT1{(@7Wx7v0K~;(H}czr{A|IHD!kR^Y>=@{=LVrr1NV>Pw8cNae`*luCRy^e6@0sQ!oIz-Zv3V<`S;WO zVnc*#2gr^X)%-H`a*u`R&;8kPzd82Fl|KGDUwu7ZSHX`CE>47gPsRjnxFz6@p{>bX z-GA=C_0i2Pf5Q=yhc308FRL7B#()q=f|_>M~Z@!xnbk21u|r$3w3X9sr9hQB}DtF7c~BSTCE zEp0VxIS{<0M~#s4s|BqcdlIcHIB+ZN>O9eDgYYYOm%CHjkuGs_*8 z8LMiCCw}_EhEMVP@h@AlA8wm#`5BK$J9zID+Q7fi<2g61{4FW1NH0Fz6Y$LbhS0>1 z!uw8iXY;5_Bxw+a3okS1-|yb#0|TUdY$!s$+C2CSl~dRRw>XMGpI(0A4n;a=E`%X4 z$O>p_M*WnTqihZweZJAhW1X3oF1uj&AP0Vnk-Qg&U3q*;50pm_Zfw>S1KC$hu{BuB z=XYqq2xVl}0nX5g7aer%G}v&~y(kBe1QI@W)cjIY*4oQmHQ&)MzYN`w`=iWK2mqtH6zrj&+UbGo#iL zHUgod1-D^5P7VIUTFM$k1+3lB;j=!t2bS?o>Z7XyTi1Li|w2bi8YLyOf|S#FZXU5uqMf8lhLV z%Wx*<*F`sVI985V1$vMv-u!MDgHmn%m!tV*zU(Islax9~`DN!~|HK4IOBF^Yl@JEr zB~N{akCgs!4XgT+92Zr#eOw6<@6Hsm9Yb6ZOqtAL*k46~`->{3cz^GxRdRLNrkauM zFCBvK?05oOfS$mPZABfW;sgi4)}E_8Y6+K|oWOWM5VG~_%@u}aN%T-eBD|f%yhr{JW zRc0)KGoGYZ2u50|Yvk&Y%0a;*S530`AqV!Xe+;@Nd8A7odJn--uIhf>`n|KQl|eo! z7Mo4KMNY9`@PlzQhw)3^8uV^Z1~%8eP#i5SSTux+Ax&@3vDFh7i6-*Oc#+)j?fm$W zO7qujB`-0)b6{Nb!3Y;KqRdmD%kg36^nJ0J6h$?>U*Fc>7JovSlEF~ZVmgG1blL#!uoii6M3i0)M4!}j8TfV-w;9TB5j&%z1M`~*<+4dAOF{FsQ}mKt z?X!S>lbrMjb-S-Z0(PrFn@h|8IuC8%FD9+bf2|`fe(Q*DUV|#&ITi5KkIDDhW0D)O z_|>l%3rhZm=KDJ(rp31R&^ky6t0aQWbyj*wn`}b;HVa-3PeoGv>Zaq53Wg{ThBtN77>%^!R$=LVCf=yC=81R4P3234~N+d_X z|3EN|_zx6C;r~eUr1%dAp%4g$2r@;e|HXFb|He5G2>$PV%vsug|33dd=FD-h78HMM z2o1*uWqRGv41fQ=u*bItF*MD7+Uq2vxA*%}$@n_XuHU!+dL;VICL{A}n09mCk8veH#roKWoB0_@pD!0>l2Dr#HXKacm2WpdP3% z!n+@g5Z;?*(d<#0`)Qi&PZ>;)@A1eX#5Je=t=qmK~ zkhKqr=`8+13{U%peWY3F>xz$50#r|Rwgn{F>YbS~!CXR)mBLd`=cAFDL9esq7>bt^ zN-nrb6X9f+Bc$O*Q07Vlx#_`I`J{!Ss+~TnbB2)^r*%S9+SLdrS4kb?} zR&Lt$4n8&XrS`Dv5=YfEo5N~*LFLgc^*WLfT(6O*CLS3Bp(l+U&47Y_?gkBNv0TpfGtUVB$_V#NhQ$LfgfLuRofd;*CMi+BJpDcL3e&z75g1~xvyj?E z7on*PHO4ald~UcrS&~rhZ$@=r1VJ1VZbaN2=6dhY4~%?YNr^Ns$bDhX@UYUJwE8$# zD1haNV$#2#fCj^lIRe4K%IzCZJq(_i)v!8=8}?&T=5vz9S;#e368QM5*u$0ysq-Fu zL?J;i7KBqQ^@(q*rvFAFL&xdjpio$zJm*5GQiEae&2ka)M#Lz^5l9rzOkj(c0?AVu za(;Ole3p%4u-MDHAju31(V|wF2jWc>UfDL!!8$wNUGKc_m zReI$xk8T|+qh+V|9#_PyNyKM z`)V>caUTSW*U6<5Dypk&LF~aHcSlD@y_hs}0h}mw0d(8#*;~LYgEES>>=oPjTC7@A=uL@&gPJz&gs*yt~Cq5p=s+*>r zdIGCzhDw9Oi7Aw0^pHfTdKGL4u3={wp26& zik?c4agdyYnk~{LUOP6u6`xAm_M*CJc4vx4Jw|5r?9J;&6^_$eW!?qrstfrFFZHlH zck<(LF{sMb?>9aVn73*nRM@24e!o^FuXNtN(!}&;OFD(an|q!GJ^SMa4kz`&*MmOx zzQ?1hDC}$lbD~eZx_z`S4UnQjbhx8fNp)X^X%nwkwS7JtWYQkrSo{qd#TmA6SPz&O z`@EnppLfs+4_m%wyy8L!Rxb$g{pe+q)GL=U6g}qz*xN+PKdVAaC~x;~u-C79z}*Lj zJ`q-?>NX(XS>OSY*2tV;dds8Vg8A~DV&v;ueW{DeAOotZe2RkV?DjXtn%5vBOQ%){ z5aH-uCej-0#aycIsd+|7h*oR^4%%Qz~7Ed38Q8Y*iN!uJKxqZ@YEOp@S6mI zrux7zENIiBj7mqBO_2T+9>)+`4825NM8R2WKiLFs8AXV%rb=}fTA`!%bV!nhOq%ER zV{y(#Xj#)(^kF`-Rv*8N1T9c2eX2)_h~0oHyXPf~F1MOp>8-kNYdtx0G)6BVaKp;MTZ^yN7ub>~J!G5;nkg0PB{NRe0im>Li0=E-m`ur+O{n zy~E&vEoo4B;qQPSjx7w>(m{jzBj$8%CLRA$NA{~PqO5okPbdo_giyr?JtPQ z5*Vi%?_t?I$riLR5(h1V{KqxYcRJdk;?}CpjVDMQ8*&EC^63*%cZYGs8UA`7kEdx( z6i9nim*o_T+|Kvk;3IhF4$rHsXl8y@mGr)A3R^zsXs%7S|9F7T97KBpaqE$j(w z#f4B#HUZ}+Il5lB1Xl10aQwO>X=#h1R1I2GeLy){ zEXB4ubJTtBn86BS^}A0r3u_N5&c6!$bU0j}5=IVHrDTBkmiPSN#tUj?pA+V{)Ag4& zkweEn;Ch4=aswVXIyv=%7D1nbm*U@Xw@US?(iPTo7$qFR_#MTlfGOl%M>Y?`W)>Pf zn-#9`Q!uLaMVW-I2G<~AvXT9{rohK3MC4FFd%(D~3-dZm!_@b@iWm7x-*K^%lsAsM zpTwJ+R+0v0%L9s|lzDi5?+Gml_`4kzr|QLUVP{W*Sk+iwWCbD*xG+^mepp^d^=_s(#HK2J4nb^x1efLR76RdZuXKAr55} zzSq`0KW0em>Y#J@2Ij~?Qj{F`U518!Rk6H&3}KeF=(|qscw%CBFN{#d!WCJf1ml=n zAdUf1ukX9QHn^t-^;oaUe?@0WLLW>>Dy`y;UgNOW=6iel)Tg#+Dj2`bZC2$$nxyLz zp-Xx+*oFaZFedGLD<<J0bD(rK6WsLQ-?>5F?4fUuJ{j^br`*@< zKR_|M;5v`O2f0*(D94Iwg`5MT6w81R{Y`7t>++?yB z3SRgyu^oiR>LcKDz6-t7aW%WN@Er%aLC$cSMSSw5jJ)`2XZ7%>55tar8k5tVqJAiV zI1m`qD|jLWiZAz-YbacAy>BLuCbvD;7grR)Vq-B7I2i}9tPcPAf;_oPM z(&}PYh>gC{N9W3rQ&WKbc@)V-ylj-urucKdfU5MFjLM2jeI$nptX^WtTkNkZ`(le; zfREm_PDnNVK33lkm7!2+E;PW1l(sVDR|4D@6h#kJ(HiYO;$bO~!*%cMdQVwo-;dKY zf6a5{1_gqaE$mEBT@$9=ZfDdgUKVW9hA zfLmT7Q{Zav<@e!$r`D;QxdyD@tG^9Y#EbpIL0Hu?xTS+irYBNif6Kt6R;;_!i$gTX zUqXuH$QQJZ5!7y^RQXgO)WhtJt%Hze^bk?eObg_NCEw-APK^B&ZHgfMT=aKrbL;(D zcV#5rkPhoTv}8P5OVZ2i;BRGpvjod3ofReP1jclQzDrO)49U6XM8v2wPGK&(ruX`> zopYjx{}+4z(KETWg=u2rYM}qa9ZDcB=-r?P^gifKa7J%~-v4?r&$(6A5=s!dT7cBR zNgy*LzAwnw+S5=TZBc0{O{t4-OstugO&Wd&Ka5Dfp*6L+I=k z0o^-ZTDKJJYbH^61D?#q8)6!Tfz?r53EE2bRqj~mH=kpEpTyMhttKAu*#h??!&=I1 zznDV8)S^D=neVXZA3qLBj{$gKj;6!U5|!LTJ1E0^!G^nTi~oG%pI9`Y!Po@k(|xAh zT`lYUs~xiSFhJlk{vM%|O;3vHJE?l@-I(Km(-=j>cSXw;A6}UkGB>T%u7>Zm>Tk>V zED(^k5v`OawWE+7s8v2=Oe+KomVE*O6u(b92q9#>FVqkg?F?&S5R1J}TOEOdN6=iR zCQKolSX^`3px!4QvU{lxqER!Lwql>-J-D)=^_^^!6=A89$j|nG24d8^=1?G{+>VU* zyY2+WxZ(@jj=X1P&S6q7073$`X_-IPFDfPVa>hTMJmSTB0Oi6}rh>JvbpAF!q05h^ zyu%vizd;DR;7EUsPL6Wn3)Sc9Oy7EbY zS5V?BAX2d}p-M?e;1M!daZB|wo5RVrigqOKzvYx$as6I0fMbA6?gJ@T)I=`lC0i#R zoLUbK#&v$|was}OGApe3R$OP?_~1z7BTEEluotn(1QPCRfVySGB}6o4N6_mB^Xus} ztWx@$et(wWB6!09+^B{)@1wfxc!Nom9sC+-p49TqX~#gga{TKyY^Ft0``J7;{n!Q; z=(@1g_fF^L(BnpN(qldOwA9&&F6^dgiQ#UW33-SFae5mMUi zIcbhtr8>*`w^^9;fpX#KgVe+g=FsvEm`bK#uLGOm6=+jJ6()dj#n=fA3++-YWYzilBE73Gl(8jAdK!w{!fLE;*Ji1l(j&yT@31ji65oq16cRuQin? zw8GLKQTwkqhw7ScyconYFuS&1YyB!6vN#z+V>rfRDraJb6otlSP6;Kp_v**2D`Wk+ z$F)TDRRmQ)31^bF;co78v14bxFc+ti5ZeA>^iNbC5xzbfQF`qF#jt%w^LiFp}U zfTDe)G(`cAx+CkLKNj!YTK?&I1Oy2P#*Q{Tqp02Tt{rD1%rp@kHCUN0do|h){%VVJ zx#)BGl$N;TMB^fO+<_WVv=aypP#Mig{^Z zSY4e!vAxe%{*54|8Kr9+hC7{tbNYTbG7d=#4ptp2JGm-;$#K!Vjoj53`s{KzDkg%MycTB zYJ#cAlL{myBXk!-W=uiTL~AU1Q-RM_5|rvH6V8(tGFw^Hui$|fAz2TuG0<_0&2+6w zZ)a31G=xJJA}$tS`5l+CjIW)kle+3_@(tVtsv~f(tdUHCdj=5{By|UIs~IZ~n)6`# zvB!#w!RC%Ax=i(B&w-0B(ln8N`J3-!T^wFPlY||pv{9H-ZwguP=jqM1&h(K70FzbX zTr)@M@1{b%ZtT5b=6kZFARwcSV7h|u`e##(#2Dx-xrgxC9raatbok77n8#p@lWxM| z-CNcMWPQ~22nU+no}xo`854_neruhtASk+9M*zsx#fz8^vZKsp)7HNpMQ&oBTX|-t z*O<&At_W6ws8+mkW?!5&CI@7FL$>Qxn>9}7mU%V6>BIfkYMelGhM;c!js|UrMrHxP zJb#P@B6rx`gK@b8YkFKD^cGr#vF~aXX8!(E?GxV+w_|MUwqK95wSqBd^;NlW0)HK^M#nCg z{%oH5Ce?IJ*~D6;C^E_Gq0uxH%rbPvY}XWTW&ehdVOi2I|L)OefNR2=c7&s;%_6UI7WeD{Y8}I&Wx^8wq7o zKjFCYT3KKLDY{#%?(G7=YjJwTPAX!1A>P}o*(GzLQBRyOeefsS)*pPS72Huupzi$& zyiFYri;^1eWl|p4t4mwin^rdWXHbF0rgQ?Mbd?ZP<|dyH6fx7YwH{85Z3wodcR=sY z8;d00dIOV_DF1^1+g*kqm0RarNNo!TY^5*i#ayx2DEA z7p9^cN}ODa@+Kohl-qutFMC9v?h6RDx(1%Hf6wB4xXH1s+WCBaq;z?NKG_CG)Yr5* zrX!GCfZSp%rx~ z;=|$Dvn5(x11Dl~iwt%p;Xu;lY&xQSq1Nm)p4Rh&Jihc>Kpl1|*x+ke7sghG;S~UI zV!3iE&}9lRLwMtBAZcV+5++iwn?b8z2MFN!yNw+*qJn|G$ff36sX_O^H}j<%78IwV z5l?s|B}2)WOONUcv|baU!-oYAJT+?W7!?`~Tuh7NHrxo=~zz6}!8|0<9#zn>$W&7(3=u7a&SKEUq zdJ%6K95Qs6&mlKZ4t$wl$|SX~d|mGrB7~1Eq4j_hl=$_rXg$aU0Hx`I7u)fycGzQJ z+fP8r@MfR}T9PBFYVJn>I)cv6=>ekQuP4ADis_BvLBSo}Pxiql8F5)%(Un`+T;9?t7D0;}t`zwMu!)hUIy1Ew?i zqr8Y~WTQheV6=h8ZdI+Rqsn}f5xNF=7A`ajFpC>V=25mx-bYUvz-+!nt#PGAHYbes zTLM}^iWA`_u%*Wsj+LXYjw)~pe>;K9F}v=p5F-Pu-3}P7Uq76l%+oW*>uIkd(>iqp zzlMluV&*?8hj@fxsiwZvY?Yh?wYJtFoT5a7I{%Z_$8Jj3ok- z*gy<{3P1i8JiR?#($D2^w3yLqB~Tu36oK$qXavwr0cFMIUi3RgC@dFZA){<90$w&S zi(k&cfF4U(PlM8dj1z#*St_gYNz3Y&hVXjhm$hO%+(-uD5*s>{5w&5_@O)(7HsGkf z53R~q3S>UvQ>TJ_V{lWci_-Qz>U(jw{TmU;A`H!%t8q)Ev*~vsGCo05edi z1=>5|vt==)2cLd7xP$_2nK|g*j(s41X+2Whd`irQj2pb}H;cgbb;ZeF`f5avXsKlusN?d!e)8T`1Cq zDWhB+f;_+d``XDV8;noBlo<+BNJK(SNU-_cOx$!EZIbDrbu$34^@2tTs&Lf>0E%I3 zs0=73Iq1%XlF%-mO5cx+?-jxSn2yf|;CRjh#K}{S$h{T-rgIzgE~(zUKzc8|sc${T zw7(z$0+nPx^EfBPLJ9?FvB$5)t8*fu$HWPx)g)((yZeboYZG=aq;`xpFZ>rCF0kJ) z=n;H4gja6W&jWa4NahZ*{<;39lBq(+V7cc}x9I9O;|CiA)pRZQNj=sr%;*o79@fcp zT+LMycPa-?p!QPxg$U<)rltXkx&m1qAts9t+|NXo-y;yh2D8RtrD<0B3K-n@0v`5r z^U+D;rAha&uD~q$AAz2*RPCekgh3!QZY1fi9Ty!aM+@cH%EBLddQ4r4Uu2Xl?;z|c z3JIpDG_TY*f~Unz!()5m1eBK51X(OxK91L!mg(-x=r$P#FZF$YO|Uih`J75%;a4@( zd`qvvHjB%wn7LJ`JxWS_$VSw1=}|!aN?xdclOB#Kn(t(+mxzqC_L_Hvxv*^H_ujx& z^YyK(hv`9NlgCH)R^~MlChu`V)Y%R+*gm0YHuktVpG(=3eWhq>)-3lSrdeH3<0iXv zGxhLYfxuc>4$QSp?mpm!;4Ka?Mv$!B5KN0)1&UGCyj$sP6|Dyt8`3OnXh7!1gtE!h z;R~z3^cd<4kz6?L_i$uR7L7>tE6i9p57FKT23DrkxRb2pXx!s`&Tl{I0M%eJ-lVT*WNz`SLa z&d&I~;zP*);NRhV2cywdN$t2+bru876=0fzO0+OZQJsrN&=&pCFeBwh8mS zBnhK?06P-%(y1+>3XSskJiek60izQfnoqg*Hr_l@2#7OlGLPQfr$%@Pb}DXK(N@iM zp>yH9*lZS%uf}{fW!?W2yeMP8zM2osg@IYM)8Hhkz~O$w$PL_&Uu3J@K^jXwmIPsH z4#}=rBRbFA30HH%6z_zv+x9|DEDA zhT&;RB2fBYzI)ne#r-e*U!r2U|8k3^Dc1j^OVPN$zPtgB^6)BWbEPw!M-q_iAC~t2m4A<`0=u~GO$OW zf-Gho^ss~YUw@C+CK2Vsfc62&ul6qy8i<-TVt6+Eux9X;@O$c_^NVeNKU+}(KXBv7 zH7vx?#|fN0pEsDz0c3Es+Xc<~ULm0G&;mp|o1PCIi~TLZg246nFH|(s-FP)qj@f8B zLB;R;iO!nSFgd!Unecjx_N$B~5hn7={hq)IIpYGds-`x5{&R~(BV7GfpGU;mRK_<>toyr?Ib_7xrfB)B`?^-ej(C?-hpWz zgb3S>-Epec{R;K+A@@yuQKFxdp8S;Ei8nt+lJCKq(vAv#U+7x5;dR_17jWP0@pkq@ zq4s3xe{MH@I zN`A-Pv=+78^Ah=CL`UOzzUE~wKkPDLsAaNZ6!%?88NAcX*>sO5b58q%TtFEf56EwM zL9f5{xvMR62o65e{CO*q+0S_R`F^ocO14@xmd+C{sAU{iX5Jjbmv3i(q7<;J($ZI( zsG?gL)}^q^-}ED$K>U_EMGSD+_-6M#+`99v>qz(R8E-;^o7#Zu5sjXZ5DvGD7$BdT zP)foa$j9i>pPzJUUs30n)nR&zWoo16#K`1sAz!}2Gv8y#CiA+ zV7v!p^YVZb2{rmZf!$a0Vps5k1Dh(OR>z2ZOZn1auAmYg*`Fm2Y<;*SD0<&=3Z-w( zf2q=9uFz#reDyeN!T|mER{B{Pt-{{Qz0?S`hT{6_)76hm_ZNMdlE-6@>27{3(=^Na zYhbAG!^{_#I-k3%qsyKW{v^mU^1tcYNRU=<2Qt1aSW`=F8(%XMm^qTbLIIwkGBfYeDmVe0ZLy#ijgT+$``T;mkjXN{N*9<(O=Hz- zttvLcCzp|GxK);*#vhwFQKw9jnvH&7!lhj7wVW^d-W|qsNKXV}w5k;av$2s-Ny z;(wb6*0ScwQ_)>@!i?m+>R$ej~rju zv9>+nM-r{;+;HW=kI2ny*C3Xzmzu+AYfMG3;cCzk`WF%4=D^#p@4hV+ViCZ(ZJ7DI z^o2i@3vy)bYI9@g2G}F^&kbV|a+^I*&9LeigYqPfixl8yv3>kH%XuE)Q@SDS_%cBFAVonj}U%ve&Tv} zBjhLkWt%UP+w3>3EXk=&gL)WVX%#-R`iSI9UED)DjV7YN@f4iZsElyiMad|p@c_(7 za^T(!{8X&qOZHvelA`8PLOKaX*3>rvx@25z^k<@zr_nS0d17IhH}V@tJ&{oarwO0a z`7DMZ!uHI4M_dMkha8J}P}+czCL1JQVWu6VbQz&wg^zXp3h+qtGfH*1`uqw% z0(yL(PK2t2rk@Z=)g6=v=DEPX8K^h+a~M38B{4x8y?a$!rTWA+)bn?1T8=(GkV%_? z6`-39R+CaIpsrWiWJ8{Wx#31?{Mcez+KlHU&=jB03_K*=k~27C^gItL_-epFEfiT< zd01q&ClH~jG4oF74VZ|KnsvCivOb%Nm8M72 z(-IELIM!NS&I@QJZxPh1Sy1?8i5++PSVWHa&an$YQU4Ao{NegT>a^oawbZ&94tSQ!A?Mq12DKM*`x(`9@VeEwL){-HINB?L8NQ61)boOclZJeyr}dA5rU z_WKsJVuNx3j?6s(VwnKLFL?_l>zjdYpC65_<^9jYj=o{TsFf(HCv+P#gI1JAtIT}| z!CF1Lc=gQX+D5GAMcSDtBi`5?2KI0w=Y3 z=rtJi=`~}Xek`(Qqy)X33>qV23Eh@huA-CpsWd9BmvXv*G|vzEH{H+K%UgPqtrVQMyR+p*J68l6nj8wf)RZbf%Z4 zqP-t^U#iSWk-m_a(;xntuMRvx-J}=jWjjd&kCOYJzSD)JF1i}^gP*1={ z2YPJ!IB<)7b-A{nOoe}O4~d=lk*@v;=5M%_5**0qO-}%7k))$4_bPgH09%2JB+po0 ze+C(S1p-3xSYS}ZhR6KLITbK|ul2qPj8$S6W083;ntEHy1Z){D0A9>~l2pG@F{&SyrJ=r_R9dc>R(4|X_e=p_dO)kzmYQg;FZus=zL#uFgqF_ zz62&bc5|$)I!17MG&80x&R&d>plz0!Mp6!5V@8qxFsYHpc^BQ=D4QmH-!fyg2!;8l z;gRrA+uPeU)mOA@K921-Rr8|Jg;jc?^@n6L?tM4j>8#@xHMoFdQ!l$!dQi)zm?4=Fm^lNkGrPBV2%j(xBhyLD%xIOg_{GvKH?bNp zeYsFmh`l2w{RZsBHQ2I1YI45yd3$|532_e;>STn~!ZLB!$Z zdll*V$ftB%3wmARHEZ8Tag2zm8#60|e&AoNM#I>;056?ua$J^a@QAii`H%AU^Tu`A zsHKqxw71H0U<~|L5}SrgUGtqeGvAtM7BZzY%H>70%RDls>aCIfk}*V;If`_15w8@I zobE+|;7ZkCebsZLU8QgG4dY`uyI;v%-Sq;(*jUOyD7)jI;S<9`#Y$pWHYwxuL~D1{>kIv`78c}aOQMa9SneX4SLx{Tgca7XT=kZAg&+CL4Tbnghfz8? znb$S*Om(w*gZ>M?W6c@xw_=pU8da7{zg^V3jE7Yr7$V)0W|321-fefjC2fjVu-#!l zpBVRni}$GXPYrVws2A%QWLBLZ8tSR%aWo?QcSYjHB(h-C*yX;p-5L9MieKz2@myuK zIi*_KnxV4C*vL!?BQrW8*bz~ycE#h22at|~+FLwOM5k|aQj;4J@t%@dn5d&#>q*Y`N18nzqMPzLWF?)(`9}kv4hgbKDyZg|vR1 zwzUE)4S@}8iYM+GFiEO7c+=ThkCKCzJ@RT`rhO*hr(s8MPzYiKHZdEO8c4m(Spv^G z6EfrN0}Q?)fm*Gj7Buw*-pxsME3D*>F2-sf)Ny*`8j< z|9;A%Gq90Syr@`i zI9KTcyQCrW%!Yk9%x!FITesF&9}B_u(CF+z%6z36L0p9!4|_A)$?~$i2sfPhS~FH4P9+NmZ#D z!Qf%Sv*dJ$HqgM-X4mC=s?)1|8QH~YEiHJL>@4L~$Dxb1t6IfhW0ZrA8Ncyym_>;dh@niM zN7^qQ5Iav$;mc!1De+E(u&rxjt&|!sScF-wWM1R+fX4kX-edEJt#n=Blcir_GzN^H z=It#{r_d80)qcJ&qt9%St~S~M9U_&CE=Q9*?)_HKM9%Abh_fH(XO*`B^ven-A#}f> zo5bxMUCK=0LUuHC76W0>r>z)^NWX^?g@ZKIbf4zq(UN`_^o$0NXF0XetuT%V<`#7o<*5< zEBvZHX;=B<_&It<5cv=|F@vRy)>u%rAI@~IjN>V*X(ZDubC^&pQHIkfdG=*)u|um` z19bwP8L(&GA$uSpwb^j;?L>a~1b`TU>hDLduP=qkBpop9`mbn)XDm`4By z2^dSTyg-uwB8}d%uiL+ry!idKX6)}1ME|GG3jIAr*#76{wJ=%L$)6vvQqFpR-;2yF ztp-##_wlbqsaRq_k&Ls))YYJ=v+S@?@H0^>2IrO4y$C_aU|(0NiXf4 z=k-aIX0!#{5o}TH-hp8fvv##x`8L8hON`~Rto>~{ZPx0}*J zEfk4f&+1}~Do~}~P-0&x)z2*}79BANE<}gsF3^5sSYg$hv_UTWg* zaC=_JewrBqZa<(nV>MP_iLD^I;835@8PwUoiciJq@t+_4&eM9K*PMO zaJrVxZQ|MS2oc>Jo960vEGrgpwet0>tLC70p#uc~ae z<(lD_^7W)l1)QIr0P4c!Z_IKwD`pihCJdXuF3Dg%;mLk6rY%n9XxJ~ym~f?p4O6NW zL*2GZetBkMguD{zQPq6Lnr-(pGH%YWPxaA9UdQ+u;|hXd5k_bgYxpt=#gvB4O7H$V zm&G|TaGCY4jI&~Ywzc~L;B$=6cLAR{f6iiPIK(C+$IYTPi^9D)T0i58t+`~D~x2pXL_s0TKL|D;LMVEZ(*G1XLD>FCFhT*5*(Sz+* z0Rqi_O|Y04v+w5)`RX0ap}r=K5^eV%r`c;hXOM&gA#JcTv;O22hsz&=Pa(CmbDD1n zKKt@YB0-t>{d(tx#g*{zlVKEJW~zfnZp~N2EaSU~-y%6#xFVMt2^#j@6DgCcQJgr* zv50J~p+mV7wq7T>REo?1f3D}1KZR^!ReT9#jUTL2a0tND@9|UlfCSsKTqwC{uwoLCsnMLD}`$AC0AUmZR#kqjVDo zb*L-kDh{=vt9e|!bQh`$q0JWVYk#8K0o9fYMy2_>Uae+Qh;X%|=E82c?Pb@>F}u;E z>V0T*#T{8%hcl>}xIe1b6Ti6}FBw06pWD+MN>dpAv`za#1M1$nEw1dL#A$DuRCajMm8|GR@! z9bzFLIRQ!WF3`s*vb~Ly5)+6tj=sWGjo05ty>XpYqtD$8nwix%ZZG{?x3~M%`-%FI zcT;L4?!C%=|0>b41E#iL3yIBAD z_yQiFGfnwXpVUd(%&J!Tb9@KCK0Sl9HF}nk&ooVkrzClXoZL8sNo?hi zF7k&aGCjNIpb(Ka;^s=>e3ZUXBcG&(jZ-jCs9x1U5fIhN4JYBqe_TGU0v}jlTgr@wtoA(>Tt>joNhg z#>E{81w2lINetm2UwlJHY$sqiEq!Y+xrjR@jnI}8tI z7!Y7-TqgRqBtTa5+W}}xe!-Xro6$^}T&tgVcO#b7NGfw#_E8^qUM45i09HO5Ejms?M&!3rJXm4#=f#L{heOBI$1R2yH>JquK5U; zWz3dZws`Y4PazQ;-jSY}hC>pDX!+MUp~K*t5D#9SBr~!GaFcAW6YQldG|c+xyM|31HvBi1r`hSvZhQnYJdDw}Zs5s)5q3{0 z(SZHT{?R0~4>1AgKQI@CVu*#URDR>Y=??=k9uJAt7?f^c(cu-%I}dO%9KC6N3C%6R z$l!+23?Rp1F5%7DE8Y{*z0K#;cuG?z)h}(m<;VLp@dnK;| zz^0RELZwk_LmKb<9~lGBc04oQdlCp~1LV_mu;{rwpXooMFdc^=fiJpzaA>O=1YS}v z9CxeQEgoADpgk^#z#^mpZm*4v4GlLs*kC!~w!NnJ2l;(Ttes?&G6>ecH#3jQI9~!f z1wFdUKl4N!=B;9r>95!ir4cN6%sn5TxhMvma&pPsO=7^$ERRIwfmo|VqJyLJy|@4% z)D9m2a1D(kuLs~gT4rhgBo`X#1OU_G0B;uDQqU(pkemiiV3KeMU4Agc-)Cv^?Px?x z+ZX$BrwN$C0I(jsaf-YOHs~UDh;k?R|CJdNE5w`e}O>WN_w{P zmcZKnR(l7gB|wElOCIm*nnNUsKEY69E=cg$J95HFt0VWRILZSfQgAF3#p2Pl5r zKm_125H$d3WOQ915pVIwvw-fPZ!9mH0Mw3lxe9ujNO%AdDn7ao_<8CO?9mISFSLz- zhg`wTq426)YizcPHxR6$2aBb#51l_Hun;J4MOm)<>wzU)#42I**X;hEHJ;|hNP%`@ z>7U;zkt2q(!)L#s&ZYiH8`gipzkhAcX?PW3@IGO*Rb_Zz;=?P1;dyj@F6Ez1W&f{- zlYAWYvwVjs8@EnA65Nn%z5O8k#rMGrS>R(Q&{slCzHdiU>fpx2 z;rS!kSx1kZqplF9oW!($AWyiw#9Y5F>AF)rm9WMHtP|I-v@D9gktqp2D0!@Q{nDUI zg6r|1hXLXb_`3+kmADwOK(Sh>sU!&HQ?^Ecnc?+)a*(fpIQj~5ui{{PRAEY)?JS4& znk55m!u~Fa*bCRTk8VrtY~YM^7@&~yv z!Q%oDeNq``sLT<~AfPy>$#_2&nU7iq&7r*hpe5+5(7dMWS|W8s89wo^$|@UQ5-lAJ zYeL0nYKJ#vy9BV|?S^jH!oVveBKk9Dp=l91oJ`oQNqi}xoFH+S{S}z|(_R1!;|HXD zfgQ%BaJr2lqB1D-H#p{jS^@gHdl5$dOzKo-3+9 zBCU$q?#IWjM??dT8jvA#4a z(Nbz+P0V7OivGUF3|fq_V=^uCoQ9t^DOpilz~43DY2tO*PVsHR*8-v3T2`b9ZRMDp zx9D&iyH_*LA#&(QPAGrVo%V#ABE*GE9330hs|nR<;Gl_lnJ9zi(3k<>&cX*}KEiLE z$n-_>bd6*gKsll;5ZdjJ0?cf^ZySu8=msQyo%r(`ir$wtF;IQXJM@AZYx$Mmrm!3< zKI-+mr--11)o;TJ-yHe|3xC_2BR{w50_IyheDZnvN}XKq;-lHMyiTXzaafp6M(>P1 zF)Uj!>9_lZ5E|bviYALK40KjmE}vel;4p<))4x^ctg!nINy`rB$8+C{5?Ohj1c&ubJfgf&KmZYR64Q+20NLsvk zMQTX}96*fZ2f@wJjH)x}x*>ASXoZ%iGpk5L-L&>HrFOY3UtZh~4`NFE?W+HPlqT5n_m7*}r-+1!f8K7X=kY>G>RvI>)h)!QI`MBfh zD+ph+idK&?V%AVPwAo|0tFygW*^h-cZ=id(Jn*OMNICh5&EOpM{$^T_PHpakU0gLA z+ckOvu8>YGN&?R?0(NY6%y_!4eGz#ej+8l}Zm@h7$rC6FJ3}WAm=L#VMkz}tKr3#f z#x^V|vVyY_FwQ;i>}xx3;$c=v~6anO*|lUCoS?{(iTVwB1K)rvQcyk_>SpX#u$=31=$Wr0|OGR#xI+$)rNw zox}Z#uhMo4hBFO2+sho*HJ}oRaHgHk-fEK0vR@~{RT~~i-~6RZ)|c==Vybz75yTK# z=L}DsWes>1Vz~&m`MkpB@=@|dLOqg_g~0rMW%UuDbinDP{o&qL%Oco|q0~q7FSOuSINpx&WpH?!R=>DVP?~F^>z8EDoUUDy z+Z70>OFJ9+8RU(hZF~NL(ie#PaaZW=aPwn%NB&B%#_+Tbg|)mK<7a zr3GWei8q4m%7FUrKut*U6B$+kK`4>BGLTb$R&OgYyvs!hR2)a+61+Rc+dQHHw~NHy zp+8M(x#Fkl5*`8bPd{h}|5qifb4_|BmE;PEBWB$zkBJa~&Lw%615HhMqlE?b8RRQE8kqbF>= zV}qfcsAnO(D*V(`l776y#Pj2`q2Z6zhej*rj|Zwo`q?R2-3xxZ-?W8IRBcFJ&w!=i zSkE3j$L4TSnPzc8e$x?U^|z(UONPH2ea(u*+Op zOYi!d!iwf-#8tKO2%Z6dX66#4Xa^M6RkyoX#YwFoO7}pBvU^nYrOA?|H%0S^;1I+* zSFu`g74Fj}Tj^l1lvs9IepmQQ?mmHC5B*h4fS7^GYeDc=kHJN~MO>;oukr?-qy`Y4 zX`_r+td)w%uiLrUebOD$1NqesTDR+MOP?BOtr6UtZ!{Ir^6c7HdGzNR2#^G7N(KX) zYm`nCZ`oNG@Z_)pFoF2h8SJkWv#jd)xUh6;RaO7n|MtKBFEmY+C{CsSM)E()eY3Rq zcY>kGzY7Y6NDQU&GDZK(TR!hUlQ?dXO$bgn@PDRrIFGUZPfqIae@*I~e=qgrzh8;8 z|6eCzvVSIF{+WdNXAJkN#f_DeT@&4 z5Po8WiZ>$6#)Jy1xs&+eT+R9Y&ZFfz-!YAu^bysjPFgJ_8`1OQw+=t&EI>k2k^86^m5X-Qf^8(AEe+Dm_&wUv! z7PI8`LW5kss;?oS-r78p#4w%ehB*3GhX*g5u8>gx^XV^ihjA)2%1B5jk=6sZYs^?z z78WX4l?$k)*8rSFp7Wy%_~RbR8lq@)`n=I(BjF33y+#iQZnE<$fLwK}y6_m1E`NN6 z=n{DxcjCL_R~4MDqUg%CSBZi=MC=fW0|8)U4{mLIZTzIVlHG_od>X9f zDA#4Z<+|LDy&UIfYI!2CgC-J3GdepREgA^uDEjfSnAFx#l-oHe%4O&$-DZtP-y1Tl zmML%oIBw+fKqnKC=&TRm1lg9iOj;=d9Ls*NUzvS{gr$P&eFd5I>oaVKcej!Fv=5z^ zQ}cUahh`5Ovp>)cwtLm+WX#*EPP=FU{vPYSl)-FK~j_)+9M7U z2%@OYbtL>={N;x@x6c?Dz!K&q@Ro+qhqvL}?_uL3x0@HhVV|V;bFwFeeBQS-=-BqL zkVRAW9>X#9n$p8NK$X`HXDgQE2M;iVigc7+ko;~hdbAPWyc$O-(P%1)fcOok#WMxZs_URZ{wye zbNc{92>2l*Rgn0B&aYH;%IkbxVkZwCOIbS)(CEWKSv&Bi=89-H%<`NKj?1J)?rZakam0xY$4yp>uU8HGFM*K1URMq_{~l;v>&*Wsp&#N$+zYcWM8 z8%VwS%yN3`*tAX*RNlv0HWVodl40rYdl>YL&ek^Z<^R*q-yiL4Rz-0s0EC|%FNyX7vCNE(Keunm?&~yhD*lis+T!tP6&Q`dp4*lYObe*- zV+1xoVbUb5j@WXvjL@rY{ZGJTeC>%-0LG5!TK7?6fQbO9$$VL{0VwBL?DZy<)#$x3 zbR{8Fv1+yx-F;G7(#1kHeJ6Yt4r^O?ctD#w z@HahqMKGR!Nr}>6I`71boNvr?XUL2qt9f*G#|A$C@+d}1eIPSZrU!lK8>#wUzlNzl z!}AcZNl|ff7jG_{Z+%Ju_LA;2cv89Dt?ycx_exsNs}NK<(5&r?^|z4yIWYAG+XpY+ z!a#KW0SC%o{EJKZYZm-Dsn1MsoD{y$B_Bn~*AykkMlo(hWRqg|)Da3B#4Z;~{iM_I z1BT!L4r6FZOayXWvUHbP7vwQeA_V|~+z{1q@?wHODb5l?2{g$+mK^`mDJEOT)qQ~z z&Cy(ifT9(Ww&i8s5NtEcu-=UnVhAm%6?)6VDXK^nY*%`I4WJGrS{9j(q=DKiqFKSS zC1#$-D9TmWH>?xg5%_7sg&=InSSH> zKRQ`Xzz7cEH2m)rNwa@r7*6~s=YXfglaxaI-)^N(=- z=bDFu|5o$=%$+cV!TxhJ5R>CS8GZLDHrao>6Gjfn1^XiM%3mK6wK*?f2vHG5t>gUt zW`zBxeLK-l6^>IHjq@v8Aa$t9dwbQm$z7DHayg(@2ZvKJ8A_4z_;X^rt2uYbkfH;@ zV~>8{93!Gm{X8#7G2U&|fG@qfMM7#8RL^IVJfC$2aCXaDcc{`;o3qL_cZQr=Cq|4cxbZ}0rK z9aaqY-!{dW|Br1ESf=kn)N&PFm;_Ed;S(c$td^$G&-G!2CQow~^XKp^CVB2?)LH>Fj*N7p>#3(J zSpywq*2bznjIHJKb;K_H#TY-yU#I)mxbUaYQ9WVgAONFCD{q>=B^&%e%pfKdK?m+P zuWT-Py?B}Z)h`sIT5q4mDnu&7*n7Ce$TGHd@jexd_7!R+*XuxNRc(s$vs3sjq5tmD z$*tUSoXB|X9f)V4VTN~vct>$zDy>7fJ-L^jarZw_PYwqy1#ZTv6)BnUV9N9nU=ZY{A7M# z3r56GY6Za9%-R;}!rB?xzbUzSA13^pA}P)v)jW7zq)8jxAw9K zu$OVs=t$q1+HX-4cf_4e9BWp8t@C5F1n&=__>~sCyU`H*RD1jtE39Hqh)pFllJ7Xz za^(n)f26OO)%BtRrjho{D;19e&ppb1Q?>dl$EAQ&i>m<10Z+QmBaSUr+iCV|Z{C&(4eyY9zu2G{-CYX$b`EX2QLv4w6 zKvUDCNr?le?3);nxgR}9_X9JRb7B?1wdQaAQQO~L<4}+eG$G|B!PSE{N+VFpq)=Dk zJRJ93F4wy0o?4;;mvva#-?x8!3e=g-=9xD|ufImL$9oUiP$H#4QXnMGe*ze5L${mu zCLj8kh?O}!h(!6j?c6u^Xg0`}doP?rwd6~n0lPBAW`5AgYF>a__~X`xAurkvDG8wi z)9GdYHy^)`P=TX!%9(J%uG4&Gc#;}9@3r-duIdcej)kiz0OLeZ#@271+kp+~Mf>Keh{59QsM-4YD*KY}*3F%?kbdQ8`-hez7y@;{x;qO4{3IOymH$peh-{K9@5oS0m zqt~Gn7TH+^-|4+Wlp>(NBO$M7L4H(#Tnm3O+<g2U$N>PngLxfuKMci z7Qk@Nf8ano=BJ1Ljx&jKDchrQYsu7XWxJOqNmWD4b$nG)1Zc`r*WLUvZ*9oqV`t0z z>uwGha!tC!*iZvG^?gBY?%Zfb?Ini$DT#FsIRDfn_N?P1w?lxP}H03u1@Jm-Wj{8TKiJV!Uzf{Qr`5O7)P;%9z$LK zEiE~2{#}bD>@?p#|GB?-_a0MAYOcs3!X%^hGmu}7|KX_;y*nJy?YnfRxIVe;AjIAv z)rZf-h}021FSqkQ!7HEEUJc}*xbTJttuTzyto7%`W+z7A^w(vguQxKH#rSPwbj-cJ zXwKe#3>x{a$w%ax`a}c2jLmeMJv~776)BzUhEC{%9};~2+)8WRy*E$ITyw;eo*r?t zLK9*YSD*>OUu9eB%>$_3P+O(7t*{9DSg5lYZq+bq)mQ(HSkL!v4wCru2h5lk9efm8 z>?H!{Z9DdkHS~-e4wT2xeKdVJ;-30bEE*+?&ECn30_uqjUE*C#7#@-j@hl?caPg0LsHf3(+N} zOB>r^u2Yd2(e3Xj+}~lBOGD0pjjW8Q*;9+)ZuZ?r&UNAO-J zuR?YQ2XmC1DT#?x*i>~HEELN4HX3_U{U!g4&v-@zYonS7DxKgxPH3Sgj_tK_jCJly zBy>&KM$w;GTLNMU|F#uWnQ|+r`VEuy_@|P_mSWf z{x>!rq1I;pZvXk0FZlZpRWWw{pVyWm2!D1RwtTE4pa)*Jdj#_xrB}!s4TM3 z1DLM+8bU3{aMC!$BX}xN{n_WeHui21SGTBF2asyC_Is2>+GhNRx1^WKqp^_H2S4@; zNVVI<44?sy!Xu2Vgkur?ul@@hv!48q{rdkaZ}?qh=K>ff$?qQH@HJX3#L0Pvd_QnQM5j?Ja@;@J;U{KEw$HQN$8LiG)n1MV zPOqZ&EKM!K?t(PhHPQqfS3bkg+h?-+18r83_>b=V;%F4y_3G|&BvjxwTBTctS4E{K zdu#Ol@@^Us-JPb|f0(o8svc8R9m8$#OJzkY=qZ(4GvZVxTfJDfz29ENMA*AQ@>{db z#T=u0dDQ(L@br1(5roW-L4{(ABMindD#t8uy%!(4G{fgsD)^0C?iAeI0^8>th;5d6 z{Nrl9H*sYZ1{z1e)_|8x_u+G!Vldgc&~j6Nevp0w_Db-{YJcvE?u~QE_Ntre{nh`` zYQ{msPZ%rPPiQTGvpXf0vn}Jl9ijNl%Pb&OWP+8D> zhuuX89@&-^-g)!eV%zT*N{IT)j6AQKGM-^o25MqAc)(b!*pz4S&))$k{IiYzpKUNN zSP1sr=EH0Eq~{$@gfIuE`8SW1IBceD!B)o=8Bk;L6Jh{uuN3CD_Id zY5ks5#i&rlNf1Tj{J~!I#%`9wKW!W)Td`?C8O(PMFB(no&ZH1zyy0oBH?C~jCPbFV zd=KJ`hePodb7C9=yD;IgQv@Dmj7tBb`IKnZLHL2Vlf9=}KbiAooYxm6$QwJK;l{f4 zcs)bwKs)$D2)ChkxFgcfZ|l{Z2)~jxM5`u21kJMPLc+n&Q>0kqXF0w8wIc&SZ!sh~ z&;`D6vvy3Pmrrjd2rk1x3zyASSyribUhfPzw$7iZZ&mu){HZ(E6=;=LF{W1|q*`ai zG4wCF0Ohw^gYItT*TbnDlDabhltlz6{--BJ{H;6|&EAlEgT|f<0`mbqf zkvjt`<@P5Fejtgp9fej+%SGE@UPj)QiC0U_*Q?FosERw2z3g=yya{YJ4hge|Yw(F@aea+4-h6c9E+izbnT=7?X z<#XI42;=NgeR-WfbD)>ouH{yxSnH#w@l&c_SjOLqu4>u-`5Nr>r#N6r&bd?KR|2zB z_Mg0{o6M5m@Rgw`+MpKhdvclhX36K-H5l)wL+qdU)g0-Q5r5Wha@fkJB-N;Zy}e~I zb?6=Gum$0B#$%E{wT?eu4Z7k#VuqyQ(J60#_sJ*T|5vj4rMhaj zpp3w?Zg;)@e}t2*m6!N;=XAC=-{q!<;E1vf=?1c@6w+v742sqXYU$81Xw8yi6H8mD zPyK=-TVXIbm753fY-<}oh}X=93}*m;-(-lV7xEfDdVEQU**|8N9=OI{YgdLK`>`PXg5aNL)?Lh2xa=|R@4Aljkr z2BDYjwfLxg9(9E3{+mi4p*zUG>NV?v?Zy1m1Ekp7KW_{As=62(--#&WodQ{aF@?dy z+WA}&ucQlqAn2%6OFUPR7eC^A^ zyiR}ZiFChn4b`iD6fQlqlmwh<<$;oT#y8)A5Mt?sL}q%! zwCmsc75tWHX;7HhQn(a?Y3H&@^M6RXLG!DwN8iFEy*3D$Z#_mOpKM=z&FgV$w_}!m ztG)9_1(as;=b)=nn1J@)ox(2J!Z~05Os9@6DHy{Kex=EysrkE*T>$_+Sd;bKkgmSS z!$+q9=+(?Gp6N-EccGXb_@B zY$sKmF5rG`ioPZ_j5Z1N zoNX$z@dvFMCO(^(ik1 z#C$en^&Y~(sKO$s8V_Lns(nXxfJ2dDnx>~NGo#6OD1yA$nSl@Q>-P;T%cwVX=#3Ol zOs&6Rpq7^*j@4Q+fwiOfgE<6UoKpb9_~bbwWN<~|eI_`Wf^~l^3l07CG6rw0c?C+p zF6w-WKQlmFpKMxVQZr5grS1Z6_T+`VMlV;dwC={T3I2enTlbK-@TbatVGr+D{MTHM zNnRE(!V5y$WmwbV@{s7T-IU3)7`#PHrErtjT;EM=3$&ba5QU-T!ZW~%s^{Z;-tYwh zMK>c|AT=iL8AOFGSjHBCtujjLj?AFF7=F}o~Jw7 zm4oAyzB>0SLfuS~^sjanBzVw*&D4E(y|8QzU?cLl5x!+oa}0nW@e9X`b@b&TF!&_? zJ@MGv7ft!BwpD=x%w{N+AbHiadqgmZ4(tK1`EPU`D_&)(B?r0KXqr-Rh{!kBG4K&d zkne$eX+NZ8*)KQ^?9KRn0aMIr5F}w^?eQ|HxxJsy@WY3;4{aq&U&IVT)Rn!?nfV|S zgyf$UHunShxW5rtS!EKQ*K~DL=t_S;}NmnkC(Fo9Y$N?Aoa~_8!!SP3~WlJAJ zd%{Vqt$?{60RnyppP*@Ci{?AwNfIo*!|{!M{~<3w_Ig9?!d z6@b@Ny7SNPX1dib1#}5si#mg>^NA|+X}Q$1knIr>6hMM|`H^?|@@G$LT@qLmlJ003 zLgQ@}#lA^op0CIrg6H=y9u}xS4yjFKcZ#o+kWoj-^>FhqWXI%Szt~tVqp`B zn_<2n$3&1ftdqCsxmr@}x#1lK##GWdBirJ6UdvK}+uD$=KkO3nr~gO}05a*u!>POD z;v@l(DTyJ1D2f7I{Iw>9_X`mq(1RT%x`NWmp>xw+s*VMX1~~}IZ}@uj)oG+nRSDvS zxQ>@W;coeliho3;$5yc*=nyIa8$qponRF58cQuJ-g9;YDh6t6RKx(Y%FDSj5Nl^q) zG{Q|>ON-2q7EBollHO8g1`5{p2HiFRDLaQDCFK_n_Wg6*9o>(;Wi|FBuBE3XFIs=E z2Lhr>Wo*>882-<=E$`Texg2EVR+zs&?}JT+VeGU6i9{bh3dg^?N}hOqSspi9^x37I zj|xYf|3L&|BcACE3f$10(8Con|GdYq=n@%;1|ZkY?X{-`l%6DNnc-_f`@zS`{v!P+ z6<+`UTi+($&=xMCTYuM(2*?9juD*E?5(R+Y54Z^JPQ-eQwVe8>)AGl=>3KF5#59l1 z$R*S7I_8{hJom%bR`5dN4)nqO>N-rr_0!E-LP1G<3q6Olf98JiyuC0my=l*ik7!3D z3F{+%L&;pBpXO&UC=9;9!6QStYA?e8nr`V=1XA;U;F|t>!e|vB@cX&Y6NEIbA_A_q zM?z~K;}}0QztuTLW1JqKK;UB)E<**Vfb7TrN1Nh{@=+ z`nsuQMN-gnB8=F=p~dAc66N69WwP&QJ|F`DHGeHs&92+Hg~aD(_#)DpT;J8#(N~-D zeT?=*TiWuz1BNzB2p8GvE57Vj+gh%5YeAl+yG6_59=yF#-_Msa(E}lu;P6+PqG7mo zX*`JR9Ol(a-O=>;OxQWR*>lK0BKBj!Q5^anr`IpFXRmuSa7Q&*m77`+KgV-Hmm7`4 zr)7qjxqaJcbMdJ(t9YJjT z0fXJT(Vy$2!VY<&=+C*L6h@PpAc_&~Ku}{^gZ3t^3AFyhIp*upDCU9f#MZ{Nx!`*o z=fx8|74AUhLK%J_$p9oF+Pgl;BAu#x$JwT7*@wIkJ_KHYBOO0fSD>abUG*NgCofZU zbyL?jWdn)Ad<)ap^cPncRP^owp#CJg7Wlt*G8x;V6&8KP!!Pi;Tcd-1^JQMF_Ns7y z!g0DEa_qi>Hou|E#e&njgRW6u#hG!C%-D@aUY&cri(x$U0s>R>j*+sPk1nHwPZc^L z1>@jbm7?B2{l*PcSV&izGb5>55$Qdd>E0@!bGXQ>2NSm<3e=O|9IfTdnQOs)IHycO zX+HTIc$L_495*N)k3nH>Pkh+IIT@{+#t)dUX-eV~$TZnh=Y`7zs7(Ahe>Za;yd&vHpuw&SjQBju1?GX!wL%M;6I!^2}&-%G5et-=XPDoUcK7O-{Za<%pG~C>8((Af&v#teosl z6ro|zuFv;<50ZKTc-HnK`zJR#V@uI;X~eIavo1yprmRY`lF6a&{{dq9*ZcxII~V*p zxx<%#8XWMiK@MIJVv(hwVCPEG>i5!K*f_@%H?;x+9X+}LSR|>xIHR8{C! zkW>K9*OydVN-^C$SI?`IUQ0aWBs#0aTZqYn-I6t-avA{gS|3T+c5de&==2i_?V#pj zaDSo$AYU}_dUN50XU~HSrFQ@Wqi_E63$Cryen2xIRosrGiMF6lRqF$7?(XuDhoMr6 z5icH+-Vu+caWKNw$7HQsD;CN>s)F{$_!G^LWw%d&jEre&bxk;GcP9i3EjU+4>%I1X z?rwVCLb#o42$+7xsTyj!*i>3DEM)u<*42`@YTl^fd;BXe)qXW2GW9h$xgimAi!Alw zy+8Tt$v2MhY}*rh_!Nu!^R>`I8XZ0k5Dqu$#ESj?F8sDRG3kxX7WPsaQh*%_gYC~2 z{PsQLaVY6`z8u!xhXC11)xX{_Giou-lfTfwTZVB0DIcf#ja87q$;Uz2o@iz=`OW~k zi{_z@FD%sNs+Urm&y#on1kFVm@OB6cj<+%(=0S0!I?ybmy4QLanjnFvxKHP#S#ft8Lt5C9)*(10E{pE_CQ z-OhQI0)gcN^BJhzul`ZAr-~49=zN_6V7j#qt>(}8CvLw2O0C`b@rF%u>>$3QV@AOK zZO6L7?8zKOX>J?h>F^8@#+<*_e%{NK=cI5sfYh>HQ`S<%>*8GnMN!wYco<*T`(an% zHT8(MMB=snKs4QcP`My$NWuv|fZ*XhFVz@#w%W>`#7jW*(MDhb4t)GhYu%{`bIJR& zaG<4p08O?i(k&cKj_!lB7rs1%mWnLn>Z(6joLHB=QUw5n$`5;v3TeD`y?JFD**@Tt zk>sB{*A(Tl<*Uf$?5rUpQ5~C`;c630`i}Z;mY9-j>HUp(NK6CTo}sDMg5q9Gq939B zMXrd7zeUV?wF!+!F!sM0@Mp>Qe9J=_=6ToASBB1nJ!&6j;{2jlJW@va;jj$-2el%L z{{lw8=4Z=G0*~W9(OL=*gfV1Z=&$YaSn&8lVxNSGJn9d;J4q!1H#jK!V>ph!Orl8A z${zu^c^|O>2%*|fTw#L9QF)N%Qpbpod=ts_vX^dIND!6!MS-Ry(;bJpd!)UT^BLTq zr*^-$M55;bUU&#iQnu(q`0~U{X zf|UUb4LqZL`$8$1|L()Mni-OCcW2uj4WEX*w~+iuWj|xSydZ=uhYEJ>#Al1rrLEZ- z?FVwY){l`KX8B9#P!qG%3VRTSVR`^R1P%r|`2`W@H5gm@o3%llpWrCIKH+>4qQhtz z%K?vodHPUs%PV1FUU-@YBXmKDUu5Zf@p=v&CM|Eu4uGbC6epi1o%6ILX&3erNZNI$ zb>0{-B9LV^`0nS?PC*rFsr5K=4~BiHBV;zmw)Kg;q4hD1SLKBhE+vTq5oNg6crDpH z1;?o-@$kSw17;#gJ{?gIuI7-h3-p(w1oON=hxM}L_GOz4yohne2V{CJII;=sA&fgL z58z(*u8RgA4aw>Dd0jMp0du^T;NFh>d2|$$l?2sfn5_4zl->?AoFkB5%@G!Ul7l~9 zC19?>NnO`-)j^5HC(G@`zQo4xH3jGz0MOHHQeB=`wEc0X4*--wghqN8-CHCz(4CNr z2F5>oG(Lg*vhJN?6JBkErbPrjCGJpOgXt6uC`!*{F|^tok2d8g14{20qWLWbDqg*& zgq|Pbx0L%fAM;#mkOTnWGSlF7i|%VGqEvk@u5v0Ue0qg@!>h;3c@}#911i*aGtqMI z_3R@r<#!zVr$Bezr){lwin4^UhL2%^QYV-XL=u{iD(yz!2$~_zUi~WL51VA0!Q0P5 zG@C;q8;p7BAFuQ~9KL>;8=d9f12$027o$o`mNj2HSBwRtgmL)8zS&8VoGIkVTPUF$ zdgf*GkpTRpAL`09j$Y))zg6KbEcPwL)WA)-QKr|5PeQw|MRsbcs2Y#u&BPZd2$Fuw z`81xfl`mJ=gmb!vFWujbg5wDpPV2GC9fp|UGVs$#hq5)&>U3d1NWNu@@kKWscU$v?1R^#tbw-3o<>-#Hw7 zbfx8Mh207J8dUm4dk2F-B8qUUQ~kf@ZlnNHK&-#hH*X3Q2C_tVaOb-_w(h}@Xq5Kwo*#hX}*SiL!8S?K4 zN545-1MTO2^kY<(VR_o4N5Z05zZ+P3BKcW6`)TT(LSj-}L|fNs(i|eyzWzLj=6tefPv*cd8prnhYje2rng`B;!GB zUXLFonYra$gn&h-Z$t!B@e@U0QKHvZ861v3!4iKE!VSlwd3kY~%OsC*89Zx@IRxX= z)9&?g_fU^br+uzQ1(w0C5DaEj6yQ>?DQ@o1W6pk*-2O)1bINGdC;9W+7lqB!Z$bf{ zaC@Jxq%VE{d*b~UQg7bP1Sa)pvBbF^U0FKc;_w%jPX3;Uap26oJ?+ShYvEWHziFOF z@=j@?$?(q~AVGDKY5Kp8VQDYsl`nqE{(4>^IHfN_62gHh86PIl12LtF5}E$I;Ij2_ zmz9!>c5Fetb?y%5DyCmG-MfjiM|ox5MB^$Vas`amt2ZD%FIZddmwcn~iW6PvRo55Q z;d#7_$a?G{p2?fKGnV82`em{}10T!UqzyEWV1BKMSpY)sWNSp?nFIcYbm5XwBEPf_ zPHK(d?P=%N&*@{MHM_*&;*_mjV?IE>Fviyw1ewvxZ^E%v%Qtt) zUL13Oe0<6ag4%#oqOY*PJ$O+Mg46zUBI6aj1EAi5on$?^A#c#hXGc6nt97e~TDa3j z_>X+yv#e~<&5G9m@T&|8&oC3jYsihC6o3sc(F?3KPCE7QpY!HK1ipnugNn$E>8u;F z!yEk)QZW6xH!%4VNN{et=1~|wcb|*HTW&p|K`;$=)2Hcca7GlyWqfqynmTaaIo>$> zkxS^okS6lxI+nTTbP{IC-Ml=Iihk<{NB?-h_c&1GQ*nb+Rj-G2?qWr6olt%HiF2BG z_E#dec{drW;s30mc%k|@;Hv^iu#$@@`!4wo%{7Z*-;eZyLwO)wIvP^8gEUR;cbpw7 zo`y_EyV^m`-qr0)L*#nQo`6#QtX5Ye(;D5t_SWmI+t4IGuq8G`Q$Y~zz{^|yxVN9- zMQktN=6Z;nQ1W#EZGS*S{AuUQHw>#r_L_gxguqRb+|^P z-*PvEax)2#pbo=LtUt@8_}vE&DBYidoS6Wfed!_PeBXcLS9{!IHmTU4m#StDa9{5P*oOvop6QeA~aUk8&T3(}BqF+6^AfPYz!C(e*6vi~H{6 ziPvR$Q|AR&I@v(c9H!J+AzziB=^)9pAbPL7ID5doLwlgt3nl0OgT4RQu^o%DcCq#q zpm(UI1foFi8fxrK@4fBOZhG&ZUX0ADUkynRuGEkOQ~;S787DRmxz?O>d}DE$jiPN# zHmVEG^km2e2Vo#zTG-sUa;}lnt7miQdwzitDGjkY0h9*DZ%G~lxvX>syG2;969_a- z0|bJA0G_f1vlIOd|GFBY3isa}z{XCl-vHblIhlo~`d!4t7eq_vY&2z%O#3~5;!gDi zGv8a;T6~B=2Q?p_i_Gr@{G1$v-vy&n$F&D#Q&krY-Edz?4li_IIq<(1WkvnQ?ljik zQs#q6-eEOuw^QkppGWyInNN0(Tpqg~G6eD7o`Zoq8iuVHEGBSBz5=*1RhS)B??=Zi zfu+*n@R0W!ho6}eZVn49%mm)Y`|VRg9*d)+GD8>AFYk{zYf{)4RJroz!Jg1k-m=%P z?t7pq1c9Afqx@d`?*j?GjRmm`c=L)nJ+(+G%&Ys)+$%$n8pUes6eP=`Gz@|!ht39~ z#wDL02f|8@rsyVX=!e)+xqghs_U0?nae{riu^ty2z5$CV2eQct9j2u zl8xNK10V2bnJcZqKf6h9AZ-u0Y?-R)hdRY;#c&9$(iJlvEg?jkJ&}Mjs2O52w$pWH z6`qZrrzTt9Hxg1zo!890>QJ6uy5@<{@=VZpwU88%{MzKxpnv`g1RfH7RDFXRxBYSz zZ{v7B7{*yrEk7mt&L9YCaUlPyKo@qk%Qq&=WA_NTj@RFr&ecSS(zLG}mSvE)ejB2@ zM}C&YRc!5Q926ygZ)zUVc<=Rcb{G|uEB;&U$%8BW*tPE@Ok+ZFj<*oxCxB6xidSe{>ee+*5!w2oZ`9dO}?-#}MqgEHd9VZ-I zZiZbN-@I0vbF!Gk$LI6e75Xhn6T%p@zGHeK5@C%f#dq z?kOwZ+69$T@@7?gXGhm{z#s+Q0RWtKQynu>>Tw)&w#8t$K~RA*)mw)SsRK8xYNx=N zYyGkI!`m7H5*K}dED@W4m8K0&B4L%377%#t&jc;?_4YHJOam#u+NHcXrIXomGT9&l zo9O8^-!bd*h8-Pn<$kjl?p4woGr#+-QBeZBOi{jCZzGlT`f1qP-`e9JB#e_t3E*$= zpQCx>rP>?ASF^c7m_CcwzWE#K@|&j^jpy^o@eVQw-^?nG5Ef* zJ2_VS{p7~mQ+WxIFaQAwo$Pt&yf*xW6!E?w$2_0Pla1y+Kut5(oysUt*Zao0v>)>U z?DtG1kxqI^8Ovh&gRgv z4vSB}pfN4lP$*wB{EF?C=%eVX(c9rU0ljybx>mbz`HH zt~*pPh_8UvL|Fk`-X`7Br&&V0SRR}LL$xTz)Hiy18wTEL3DW?7GXg4WOoM-Og+C?@ zxi53C`+OY0%Uf(1QC%=gdh+>MdI#4<`2w#O_x?^WN5$q(4h;HCzg`8PWYwrA?8=*> z7q(gU`8HM@W6*=D4Bu>=8y7a_3M>zlxT~R#dU-uu(?nn05yPN>|Hk8qzr_PNV5{*s zb$cHheqTqVc%9Xp9{Mn9^2hwJA4Rq)=b z??*yC`f>|dmdcjGE-`z(p)Z5@cEm$_kl&Gt0|IotH!peFN23gkx*S!Jde(mf?1a*A z8Xs++=KLUErN1DYAj|Tlt!*$-2!a3tkDnXQ7I}&xg2;ZPqcgU8ivdF(iUw<~q`8`y z9`4}ZL}*4dfc-N^9@C!iZyrOU$1M>@(~2x_WgnJ?4gTgu`R0?w8=_W!FC4O&(Y#=b zm+iRo4cf*fo{959ruSDm5?c>~XnwQgJdVuOMk^csSIUKIo+TiMk7JsdR~>0$kE#6h z%43B)Y@l|Z^$|Lp6@se%#zy(z$emeP*^@$Lm8ACSA>pz`|CTqHmv@BS^D-jCf~q~X z!IfQe? zc({VO|N8JikLNchmc6l86rT9!uU%rB!h2gML9oALce>pjERHZ#gHyTLFShq`P^i;R zT--8WO_R4IGFq0_6{oYOmLj)mc3zq?~^T4RZ&pnkLf;dcBbBUGw5ZVBI<kVm)Qy&U*=KMtBs|4utCY|vdp(V?$yD9~`_`mY^L(qM(96aCZxlC@m~B~Bc! z*9q}IfB=Y_h|L~Jn&r~V;6##5<%XSu@O*o_lz$oI^>^P+@1MZ+lS3z+jm7~4odTdV zo8{IIk2J+}eeK4R6WF?aWpsP3-Tkt;eMBg}73cRNtd}_jBCFzL`=*;0>HAaXO1Pn9 zDQBM~1_Syfg2XC~H$O8%8k#t}(LjH_D2}*crLYSLY$KU*zVy~dBGurXVfu<%a>C7D z{BQqsWB(O6G5Gq9CfgSLP4YeR9>x>1I>mUnpmjZN6k)$F2piT00-Ts^Lf?!a2;WIj zIvbUy8)Ivre z^x9W5vC7J*oI70bwH-jb5Z-74sq<4kSM?P{55j)#>@M+Y2c89YNLO1H`}FqX(PS?NIh#WH+F}3C8G$%uD$p=?GpowB!uuw-|5nYKii?7s{gXfhivXn>UUM+m2kN@ zdLhrX8YkkyUJa22-zE0HaW<62e?RR3X#Q`m+Uvv2r)g02y_H;o<6jivft?}dfiB3M zZQd*<+{xTi;4&kfINtRuFatel(BO6hguBzBkylt9JDvKgcunh_H4^mY@4t20K`_MQ z7#M?Wy5?ZRA5^^B+9R@8=Ex0(Z*=?f72^vfN7u;co_J4+aShzh+pZt-51=}A$a1Wo9w)3 z|JG&fortDl+dMSHU_oxQ;{xn_#Z_)cu1LLo(Q6%!8vn@go;S=XJsaWM_fZc!sc#o$ zgJC%A8+PaQE9}hQL^7D>z}X!uccxE5SMZeisW z=fH|vv~F_T|E!P3tvTSjzir!EJQ{s!ccayoY%bwS%{#U_$Yk}v0&hv)A5#TUP7Zx* zWqGS&*%&DQoFtrVzJ@Md-_0GhYNiSNq?phFk$Sl|H|z|E+Z9$N!uC0$sR^`!Nn)*2 zNB>r~Q1eWu;zTrns`DMZO*Ri|25=bkIP3F?=Pu5DZv#r*G;yz1D`)V%a4khoUaD-t z{sy|cypS?)&(p-h^&xuWQ*2@uI*ld`6SMms)55aebhjHx-SH^_3UrC44B>;!=T2 zoVygOZ2Ji z^xsJ+A@zfF2$zXwK&i>TN_u8=G!#XiPp7WxmWhgEv7w)PtVTF#8}|Eq{le#hVIz2N za)aqFpz=432_#T&2LFhDMS*&sHVZh^=JC?ps>9(%vxv^TlRztTz>WV2WLql2kn=?J-B96a0 zv_p**`B#K{lamyaOApctL8KPkEQz93YM<<{$FB^kvQoT3l(mUf0_lI|KpP?Ri#YK1 zKDxg-Wv;W~gOTp5Ssz)K?{-FlMPvSbr_!J_^Ql!Pk0=sWTWiq^_?I*SKTwTH38Ft)rf2Cd9`@__w= z4|@;gAbb0Gk7xS&TMv z3gZIWCM^5*Hop~$1>6qhIA$JYI5>|dpc?iG3?LNY5O_K*Vla+3GXLH|vR#eg?L$LMGSw*X<2R_xu5*@5{G3JheHk<3;n(m&1h9pg!Qu$n~zg zCIRGU_nn=#6bENn!_8=yO?Wvo17oNm4+Vu6ADXS2Gi!m*y02p|tG` z50M_w9H;GA^25R9Q@hG}!_J?gmSa^COi_Jl`)1i1kaR)g_4PNmU2tP+*X;%3zWs3=`&*JMZ>H(ZoyNa8Q~R2y z@K;5PAzX;{7o!xA#t3Kvhd2yqU}^~Q3~gRoF9X4NKrOP)p>FrFk#rj#+i$yMgDdW1 zXy$|=p?C=&4ep7;X~=<>+U!HWg!*(gga?%a1GD5iLgJ*9FQHLAs39jHbpD; zp;kRO!tHmos*ez`$v5~C#~&ay!t_W!$nC-^F1J*0{jH~pL&|Jv`za~<{p#gwe=Rfx zM457gBor;m8&N}8w)earT^ofV^EnQ)u8#=*$_^=2(dRRVENI$tawN;1Ngdqe<3rY+ zoCn-uk$im>uH8C19LurtbUTvv$Zb-4gNF{ z*Izyz-p~5qeU3f)2oD&VxX0HaCC^}FoyouVz_9&=bo_qVnCE`V?*?2-N_rg@C&7++ zO5lKt{FS2hX*!k9yvwc2!TR%Rl4pp>q76wkpa;rewIw2l4KN8#*s6qtm3IM!>laLy3z&Ecj|?|^h)0KS%9)!d0{Ls zRsQ|#ZFJAK{32&5eiKnELIts1t}S#E#)JYseT*dOBRF! zNYh?gazyUlshxDbftCY|XRm(@UTg>4cDVN$UikEx4d{G-L3+a*#+7joi)TUNekYLP zPB)0y3uE7(D@J^%BRI0a_5I8eouZFnDAGxYq1;cOoR(-={^XHK(w7O|z#Qns|I;|{N0 z;dkxBSP#cUNv@NfBDm%In*04d4ixu3@#PjRHce1G%=K?6U$cnLx(IGM4#gdidF;*5 zoi4WtWc3JyyS5U-LxCpwmAIsTFm{y{+vp1PQ9;iTZfQM^#Aes}^Le)IaA*oBUriKQ|5+*t zpYU{@ZyAger6%Qd72OSL&G(C@c9Rc?TuGsIlJ3r>(__*{$lg>AO|mmjf)+})>5-A8-p6`Q@Y7I!drc5w^Xe51#uaT zD(yAanQZ*V9tgGte%57J%!lh4Qg>rPNg?3~&b>T;W8v&-x$37xfi^({Zc&@QSH5I`}$2ZAc8IwYN|T z(977Vz;SxG1%o#{!zu1c99G#K#LLY|Y+j2jvsIrPx^XyVK$P*w^(39FBt9Nilgvv_ z#V7<0jGD?OxO$5;rit*t{8m8r+fpq~B;zk36AVDxSCwH8@ITS4(78EJcWiVh1fh2n z>V4b8eG_zl>#DrP7ufKKlj!zeH-O>8Fd*gr6VUam2!5f_()3-We-h9^_=h6+QU6fGYNma)U0k5A~bKBQEa~KTwl4{mMpJ zc4JYP-|r5@;zX@``y_AORyPApp!B*&(yeBEK!r!{@1oRu8<(HBbeo1gNQ{KJ$GcF1 zj&+;DPo?QXwQrnDDgIrnWd$?L`=O)sz_a7|osqzuYp?pF-=T-(lchPkjg{&(kFVEo zeNhHLfPL9(PE%kka-#N`l9QPT(`Qp}AQ?uHwkMJ}M~K>e#p2IP6jNtgrdi%+LTo|F z!;&xCp3s=ei#ZmAc$rb3@_A9$aW6Ws^u^GqJY~sUIFw3Jff=m6iKo|>1?Jd^2Vsbi zrY{~gYhmTL$b`T7-Kw!N!UNBhP0UfuY*N2#+97KphG@moNps%G9qtyx*y91pJ-+ySQ&Fm&_i35gTL7lAvK z4EubI{S}iJ1UR@DF1eL`a1A-X7kTz^o4#~Okwp-`1^WzVPw+ZqwS3~eZ~qM}q5dwJ z$zIgH(J(Os_|>4xemx|x3;Xlx>UF8rmCw)z=WvfyeP=RI{%_EbTGTGvnYWIOw@t!` z?~43&B4xgRd5_3nsW|P*82ga;V_wKV6q&E7$@gKTlW3ax{m5fwh!b*j(cynNg?qt@ z%cgT&ISuuK2xs88|NgD(gh}>*j`pL6n_nDq9SJ(xxWR1E;9vPp<9+leyFM|4uLRR{ ztXD5)UlM85Sl~s%VG3NHV>r;XYQZc~jEqmdKVP0`?kCq$V~GVBgTSq}m3)+QPwq<# zW4j>Y@te<+Dt(S0&R}n-F7OEs7a7M^_~tTqODGNO{fP0Xx4ji(;VauF3I6*F+cUP>g;yi=d9jV4dDhYMv!=ew9wj5Ru&p#5cq`- z2QqY*w*;HDgNOUpT3WfR(a#kS^!73{pN-xJv?x68;6nIE@azPs1l=spVmqsikkvI} z_^I!rKeq!OdFFcCA2g0JOe%S{g7%(4Jr-8O9qzWh&HJ)+;_fCV>XL8OnXFOr0OJJ~ zQ1!=_E)E|e(IVsFmtgWa@Sk!cz#)C&zB;XZsPtkaC$H3GW#FM``rfGqXO0P0l6`(p zaL|# z_Wm_P%G9474w7z&16fv1VX*iUPBe$k%9(=F26Z?nNxHA$PZFIxJTBkClqdDRaB0r=jY$4_GB9(@!nx*qJLk* z)vOvmJa}9pu8SOAlj+5f9?NVnBSB2WVj4a!{7&5TAcvhx(>eD&38Oyw8*^pJsn90D z%|9nQq&vI4k?B_|Vp+=Ay~zjw?X(|d7=Yk_&T`B9kyv!Z?@RoAy7B*(^D(lY7)FICiTb{)0lOF)R~VW~BI{kD4a!t@4KLZ=f(P+%6N^oUUZ%(<%b-4mB;XZ>

6?`qk%43GN;;EUIEugbQ7`Kb7cxM2g6z?@VUl+&oQQe}?#OA}eO1_|c zke4jj#y?{+IS(sP!)JxDcEp5tz-&Jt==?|nY-RByf6%01;9P4RpQ2J9J#>WhH|3#@ zzcq))>jj$jAYome_2}4d*sc*eC5qfHhy=c}QuVGs*0;P6(Et`EYQ}AleTQ%$RN0Ta zUL?IYl}8;ATx=aF|E{%nuV^26o~n)Zi+8H1(eiOT%F`J zH2U)Y$b&|sVhp->rX$1&Dvrg1-#e=!*+4j6I5>%e#w-#qJqZQ0(T~VO$JGCOpQZl? zKJ@?L-i!tEh8Q-J+2@P6{yrW-*7Fb@S%4%CoA>J=Y|I!=C;&Rb8 zqs5ty)=UDh{%;|ke`Bj9gV8Tew&b)&D4{1Z_?wp!GXSaMf+u5VrWS+P?1MBY%>qEp z<<~Ien=EpGJt8Y`G&?3*$#fXpOOfFj-NS$dn|?)Ze}~fXWvV)a(fQqt0>7UAaV7!_h+i`8h|F%Hlz`@TrQ-+s0weQhIM z#cQd*GHKO1$nV)O6-9to3aC6~z`$sUgu_ASb_YEVL}V|VtYyjOG#G!~iWaSokiu_E zSNV+@VfZ&cKj>&Mt;12>$Z6|{eJ3(nx%>1vh~%EZPqYRtHB~mZyI=US{@v46eB@(5 z$;sq+o@%};U_(VBAPjiJZ~vEz_Ngo@r?~&xU$&I|zjL>7+K+J()6BmuL||#=VHn3R z2kQxo!iN7k!z9uk((mP6YP#_4-$kb1_;}lZe);O(J!}~bFkckK(A5CJbg(oLIGz|M zvgW_{3pNDub#kFILqMs)37tbKUsvHj>vZ9m2mjYT#B4Q#qr_)N>-$s#e9jzdKtnLW z`d5~BXWsmO?J4}hq#D}X7zZ&c!1X2#94$l+I@kg@6VQPmo8uJ!dw*Psr@g66;lE9t zU>_lF`EPF+#_PT=U7Naxm(ky@IdUS@BYAM;e{YogW1n;t1QunxvE`p=k=uX9FVJ8! zmJ6eCX;D?Wu*?5-Urg3QhRCkN`n*;4=@7zEG*z8G=nFq8w3#lQn7z#xtD@1`Kwu3B z8UM8xFDrSz?6mWhZV*|#8MDc4uS0uhwns7DuT!#T0uVu{SRQynSa zHWtbm%sZfbt#SL$djCT%|8Lj(`HC;U=73D(d`D8U2v>BIktg18 zqTf%%-NO6q_3~D2!hhS1Aaatat^e95TVTy#*=hDch^Y176!StnS&w7+4%BBQ|9ju= zp8|h>XF|k&+}e_xnL%wW{C!zHLE~}EWLb=-(|_N?cjcdW8oRBpq~dROHT$I&wmRLfZEXZ zwKlJ{MZh;@U^!m%3eY7>qf38f2aF4*d7m9amtg}a+W*QYHma*=Q}*!gIcEV8Ag3t8 zeH|KRU8z3YR0_|CyU{r1JrhJ|pMrw_-7og<3(-{OteyUq!+h|&k0pI`oO>e&p~2hn zZYg51RbH&azQUCjK_h z4UPfck(5JyV;LZ1#`v4JPRe;Hhp1^*aHowgDFvlaqv&E> z=C1qC*-T?`s&p$erHUScYpcqgYe4*sy+Z~>f8N`F1n$RxXKz{b!cRVvz{NiY9DvJ& z<0^Is8SyzT@t<`z-}ja~2~BB_Mx3LVBaQo-i-!Djf-Lj7f?S{^p&ET<_R%cIolj$d ziBa;WahS#)^WAoS|L(_^K}j=jnmh2lE=0bTi)1Lw@Za2haT>UkO~w=-I~RmcYC4!{Ws1EZu)jm zfQoZr*ZveVs2c)x++vT8uO@5xbI)11G$%Sr*~!p! zavKz+eoDL|#910@{ef&@qJWX-^!3CozgQeVA}(lAt`;F=^fhs4;47Qf6X(Bs)haF# zjzZB->+l*G!dZKQC4b_%!4euefPX!AKLYoE?McfP7^?fzM`kU;RbZ}l0>zQYpYW^n z;P{&}UG3|?{i{${Pkh8L-+(vRjhjg;E?wyFJ zRD80|;_(*+#LyY~ZgzH#Uaw7d*wl+Lx(e?zGka)1?w7$|d83Gz8e zW980>!pLTt1JL+iZ>Gq&M?);Y0x+pwEehifK^ms4UavMHX+dQncoR;W2#xr$IESzO z`@haSiQZrOvS@wik4b(}0AS7hrRB;`wwHg)vMnkZyWfviVa|YcH8PBxh)Ly}AQmR= zosK7Gd+Gc|Wz!EoAZT)bJO0NJ=U^4@f%LzpGk-oBkwbwQbgIk!NTss<-F~>|Z~nV= zPhoo);1F=#w=yt1$J&%6N-Rm`vdmjAc4xhjv5yVo8DNPhx4uV^cwkf+m{TL{J<9SkB+NI~>yi!fMdSVvxPLEM zP8J4Lm-PMR@I4e<`PDPY>0i5Z5NlvKT|D>V8BogoyRA`Cc)UEBYf@Y1#i`_N@APlY zv+W#nc(|ebS6ts`G@T6$LT3aF==<-P8!h~TiCNH~ysRZKO=97#8Y?^V0Nz6btBm%I z|Jcq2BLM8(z3F}`GdW3!Vsl&ixcU#asJhoY3ZF&S!aj~j-!>u7|(*?{-ywZj`EWqkPCgN^-^w$ zrT`LZQ87G>0KIB;>EvZg%zv)(MR!^GDL}X%CX#($ue^h)1aD1|?aiaUdH#Hs4@iwz z=E;Z~|5~QZv^KdtUx&%O{(E0APl&Mn_t`}H^7^N?3}@#MqorAt!Moq^x@bpDvrILz zK%F)Fi%L^=xf9_2CQ|Fjao)4NhBs73@nb0e&gVl#gq7LP+r|HNZl0tqcA)~@5dFMD zB63{Q2#S8<+S5n(^{qOO@X&5E_!5!H=hbnCwHP7noM8e^P?|mXY8Shm;|I%Az70ga z;8n4R=&&r>SJyg(EYE*+7wczcsUAFv1e%9a=RtTuefI3J-i|oS;vTuKZuiYdwQdom z4z>QNiyt+?27;MonPy0m7naRepZ>0i`3@{AKRaV_=m3~CPjIW6{^pVx3NsB zgMB1*lGUva0D z^y=4Tz!UUwKf63Tw?9F*H?GhQHUDBc)2Uw>Xp*@=)3_*D32Bz$pE)_>EvAncr3tX4yi#s1BbUBE#K~lw{c+SUuM69zBDJ}| z3r84A^v|cMuWZUi1>S#qI~NA1PAR9;M9`wtx?Vc^5xbvU2w&S#Iz$NaNxL^4>e|2c zvYz`dfT6o7e@z&g%LBbZo;RVvNl8$>BP5jtRMp@5@6d+%IcoI7tQAXazIRLMaML_O zCiXbPiNiCtbWH!AkI0i9V7atNT;M!S`bz|q&B}%-m(UN(TIJDQ^Za??C{~dzd&l4T zX7@Rrf693>5B_%zi8ZMN`d?@Gn3M+z=YR3y|F523^Z)u@cz1Wf4_9MmwFd0ORR8>x z>v*?ycB^NY|KtCG%22u}DB?fKl1}~;OKAK*=`=zAvm{c8CJQ`6isFBZ_Ow=t`#-+* z_#aNO)W!NA|0izPie*~rwfGNn8OypW{?Gq=561lmXFuh?2jen=zXJb0{r}E`amDEU z{1*{EK2meopHQUwKL_LTl{oo1>FPervmlz|^jTPr^mFLf&xIMUeyq5rU#|2Yc#FWm zjTbz)ri={mc2E<%kzNCfuZx2W8nQN9aK;WPc_Joa7c+3yg|VNQCo!MgSBk<98tkOu zd%T$Y#ms{qb`byPpF_iOqI^D}bwFYYO3UBLIEp!9csBG{J$O9Z}0j1miQb%21mIa(5UVe0=gD0K(w{!`Czfw+Y-$89dD1IqMq*Btv=XM85w9(Vuh z6lzVH+PGVBL*=Sv6{$Q zNc!Wh8t}Obx!+(TtFEd56EsW zuC4w0+`lce2?jpX{P}i-(am_EM-es($yUkQ(z@IQH6Pm%KW~n`65U#Qm;%rz-{KlP;T^HHf%!~mDIXSC7bRIO)TN4mGqcoPa-R~lT6=nIwvcQ|GE0rII1 zge1s;d<-A;>4j5?c$N9A_NOzypGxZ(KJ>`#>-pwFi9bJ+#b5?_2%5SDU^O>iOzb(X z2!>l-t1cIC3Rn06Irb8pCD+^S39|mBd_G>AU-XSNP?ErqaoYx(Z`PQ2vL+b>Q;{|2Xtl|9S!{necH2GfeM~nM&aSNbK}?;Cz*cl0&cUU3I<2 z;XIm^^GB&>gn>BR6yaZ#go$dhZ7e|ID=vc)h!YM=(1Sb1eo+M+eD?UsMQd@}iE{fU z93`Mjpi_v~XHVzUK_;@0gZ@-=|uc!j^+m0MaRT` zSRK&b2eMvkh7$=jdOi2uSL6DwppFBZ%%x`g;n{}rgu_@tDL69c*9qV1a7d7MqjCy_ zC}$(8G(T71d{BIK8EnD;wZ}fmERAMiZRK7ngj_*!b#>|Lg@)6IdR?-3?0(vt9n17Z z;qDqfRG@$6i%D($ZmaOJri48SvJAZ_U26eSs_j6=LOLpHsVprrGVU{n0$51EGyIGU zzpsUwDMb2ca0c=!Z%p01;{|VpixxjZ<}*!{s)2w@*w=-N-Cnx%+H_;n>WyW&N)09H z9zLIAH@JX9LsZW{#l&lSkL&7W=4xBCiHD(GSUS#CqkaCD*8DOOY%%q}x z@+>+hOitlZ1p%(aa{*cyt%IK9G9Nz}t&o?*uNZ~}%A1SF zuDihY8xK~Z;)+wzURC`uObKx0nQ#b^$0Rxmp7txdBSzGo_5{-_5({Y8`L13{v^wqT zQ-|6a)=>!|5_L9Ye5-H606X~OvLk{%lR`!<2J2U2I@S>IqRSJ6w=}=v_)^S{CqRcB zkzC}pdxf165wXTTi>-&Lj_m}FisO> z9xFt!J~<#mR*o{)nyP^vV)afClPH@%z^@*uFT?4PX<@`Xw9gs7mj3v*SL0c0P{#Z( z-A8o!l)$NzjbYFba1R$|)~E_VL!`n^RUW`)=D;?8_oeZ( zNr`3S4o!GQcxsiYoNa_5J<3lL$G5e`0xo`Qa*56?5NDb97JgCs?ehHm%_gLF##6M> zyM0BLsCe=S|L-BNeAyR3`-}0{th3 zkmY~kB#HhfRAeNa(FKH%^#A6J-S{7FGX2L3e-nZeHvAvF#2UzdFz&}h{^PT6RWWRJ zmTcqlzn296c~{3k%)djP3I|624qyuT*Y#eaQw5U&uj>2HuYDVbm-Y8g3Hkl(PkMi7 zj{o4~-&kkv{tdBCe^({?zj05L$@Y$;{(b@IzM9X4;QMt_CL6+Z0URmPO^VZwgaIB4 znIQQ9(`HBj$4u_aL=<9GhWsU1t+p!8*ogP%)wr+jwA&a5iBe0A1LbN2(>42xL<#_( z7|}Z{AF@kzh_H(TVowJQFq;v7B`pu5PI4q%cawclPyjp#Y$LN(VY=Aw%7X-eW=zBu zH!NIl%H_S09}0ZCsFwo|cE)Kg#cPdv>DFk&og5ebfF=uJI_pzKxCC$>QlR-1=thWD z=_(qM^7uVzZs7>hRNw^5+97jAlbJ)EZ^R&jNpbnR3wXmo^{m zPWyNy^rso{Jwvs}eLJ~}d_N=saO-2iu0w=1o(y)}7VzJWFq;USiG74Lm){a(|CT7N zIo|wtesB@MhkCF3`F7MiD>b?;5v;lD`&X$Aw##Y24{!T*jQLQL>?HHcs*>%c8LHpw zd(nGMg=bx4I2+6o-Ka-nxm~IExWnseAeiiZWaK4N`PM4)Z-Qwp4JZxfdC;wt!FEp; z@^>aOpK`!G&sV~3id7q`plp!eXG-v0tyqg=tY#$2A;x99jjyz)n@HeJm4P*f>$(Ve z?+*MsV}`cfmQ0atVb4{zTo0KhqB_$6Hyr3z>uCCgK50HHi34Rf$H?#fAw?Q&!VR-xXG4z$v z4_?m1gqn~kiHV&Z5YGTXK)%0T5%aSbGN-a+Z0Z0zxoiu zw*vodP|klmV^Q6g&1DX%_YYF-FDqY>2S;sT~}P zM4rt6exjxxKXXV-HD>sHAJQfeiz85+l;%ERElt;r9>_V{q<=q7>9h12BKFu(`6Tr& zK)G3xE8p29fkBCiWAj+0a;JH202^)m5&FT9(Zt$8Tvnus>@_+j>^QXaw$}w52B65N z%)MnBXgm{X3g72aEV_)P_^gHI=xS+QrjQ>_xb-p%*>pM%!=;eFZtkUDdIox7G!X6N zfD7Zx$``}#fmWW1vMWMA^nyKXLYL>#CnLK@!BC2(At9Ntd)aR2F79MK$z>W~#>A}5 zOFpUM^}e2z$dPaf?$CRVNTOPHlgO zeO&mIq^h8TG*fZz-G0zUSZO5R=F?9mqSHr|%f)v+R>fY4!NxRvIzkx0?ZR8LzcBo%A!i0mc0}G4y*9@ zFn^7uaddT_!yO?8kK-K1xVHc~CZSxe=?ifZ@S#~e7&JN0zX)Ng*s*+ixsIy>!CbhU zGN6tB@$1$thsp;IW-`zOtHV38!BP1k&jB#nFQso-MW<1M9)JLhHm zl%C*VXkR*NV^0ToTT+CRD|FfQ6_l8dA{qrjpJ0HbPkJ>2uTijrJL+K>4I;?^l++d6 zUrA2^{`US^))3+4sm3QqktC4-uMeZ7355pIH%e-UCN02P7;hv0VT)gAc@zIo(Wf4< zNjJWCn2gWC%8jVU4X7rG6vEly7EU)!qxm%4c-U>&6$&;J>$cqCem#2rEKk#Ae)gmT2r3HNFchC%%T_1TqMsR>{{=8YWg z9rYPkCwRdn%lP}zZSmyRCS%g;YHZY4e{Gymw}rLv!~ed4IG}K-!dgjmzZUtMg)W!p zpeZk3{SqC#cdQ_8E49`6$Z3xlx|%{ls&+a|(q)?M;c&g0Ko9@6p4- zHX*Xlbd|K5flRJ+D|dQtV1tC$TgT7IID#a59O8%&WQbm6G7)gw`$Kc4oO8n!`{gGj z%JgHD(o({PE2)q;t!v|k=62Fi>)I5$uV|64-2%nZmAUq1#rI3@7re074^iji!7%dm zxL0t56pHDP`s&E_g7=yM*e{ehswHmGB1@0!J?pK|HA7f?XWm%H3Ed@AN2S=+NJ7Ha zfV{BZ{8y%VgZ^YY59c^0;1Z#6VMW)F$uosO2-R%7ZlgV89T1y(=!GY^w|WuOFI$sd z<$`VgvyWW1Ra7bAJV?Kd22IHMMqg+-YFxMIl}6VaP<>WT0W|u3(hEc1`nD?@3^qtw zIvJBtSU}$K&$m>IWeGMk;I^E#JAAi5dtg*=I*JaQJn+OQwNFUPc0I^zJZGMRmh5C4<5XnuMh#mh5~{( z@!&y)cCL#nLHgqcNn`er$!2#(UR%@PS;2PqS&tG08Y-Yzt^W^wSO|G8E0t?S&f?b*GzPR6Sk@hN{cPq98|3A1y{ zun1X6SNXbicB+3uzFNHV8IxVf;s1Xhn2PN3e4g7_{q{*(Wd-i+K1wdM!heM zAu}Y;e>vr@Wp~%iT73(tLB2M97SnQ--jsicGRMu5`VEcbS4A6l={#0@Mw3Pm3}M1? zrj@#F$M)JQay&bYgSWbMOxf9xJOpQbGRRNmbgR{k*w+k_+8CW<#`t+P$}p6m2C0<0 z_**p{zS`q4PCe0o#2MG`Un~eIH99w6+ByD&vuR(R1w#_lqQxhkXqLi$sg>>}R$J78 z7z9Wf&{z>)n3rHebb8fiN5dC^g2M5Gi5E1VH}w;qKaWd3Hb1`B zQWVzKOn=>!MSK1C+Qlu>6q`P~{guDQ9>p9&2azz*uYhrG;=snMSR}H1ha=goRjSEo zo7c&mN}QBF($D)nAxKEcWxI#}_Onqq!bUETIyUb8VrkXeh;GE~*O4Y_t@5m^J^)19 z2ywDtM_3MMp?8-$K^1NW@w#frc+LD~Nin2gP4%$vxMqi>Uw$Sk8=#epgOK{kAPpalOcG2F=|%%P}P}O=5hoMY*YP7g|9Q;6}uU3 z7|yd|1^`1b!4w!Rgl?+ZJLTj)5rGuT`r?G!QV(*#(g^od*f5`Om${KS_QD0jmQJg< zo3nh(9tzHl$tw$4g(bJJV1ovHX)1{H<4nP1fzMka)V3C^zz^jw&CX9%%^!*RV(sgh zFNpa#V9x9{0y2;}>#+Vx!9j&G!81s{&BxM!7>A>!8(u15XSZL=A>7Nd`b&DAk*gl^ z1Ximc(f=iH{uk$`&2`O4+%dhd$BahQmhy+>KJ3yJ*+o86q7IPhl@-<7bg&Z2fdznw zwd(}HIn)Wq;C2fVw8TM%5&jJLRwGL7fz58iO)P>{t`IxnL;#rzOA37DU_})2NrjPgoJW8*_2fbw)PiXMWv@gn50s0tC&XTucKk z?>uDxg*+cr1X6E{qvvgMzMJt$JG}`(k^5SOwo~<6Bj{-Z2y$Ku=wr+-^I3LyDrv(y zM*xD*K}H|9{cxrCl@oAWUdQ)ceDNm1bQZ{8zC*-0lZ?-=U!Ul&x^nam$A~+JQHPYU zfFjUI?rYgBpQ1yd7C#=Ee2lA^c!e^L<3pBh&l&9U_mUP@$c~3vYwQdq0I-P-A19^8NGhT0T0F2=hj#bQ{4})x)S2E z(ql9pW;7C}JfGWWK4(-tT zHrUsRG3%){?r5uD!;#H*3*3wT%9D^cqVwiB>Y0r`S}#`(@?)t z%KT_lw8^}wOU8Za^WLed_L|Dwn(N@2_qnv6Eq$O9u~>=JJxMzvSZlaPv$E?`sz0v& zIW_hns?5$!nbG5aW@UUF&o^uZXCg`Zzx*Hn4>(NZC{57+`Pwk@KXC$w{}ZQi>OZl9 zOfdSbLoh-9Z%&^q8(Xham)ynjAKx)83Nu;P|9Zdh|IwQT=kH(K$b9};?9s;MX8gZ1 z$Kq|6$c=ET+&TzXv38 zeMsgIY{iS;NT4i_JJvuVD&;nCjdmk8LoQCNAQDZ;G{BY96U>(Gt{^aPuY+HY=E6YM zn^UQEy5?E$m}G{gLb^mpfL)^k_6Rp*#6Q_D3QmIjcz2;qhf>Sjqf@;W+a;_By3&Vg z34h~rGN4T1*Eu%-b|8-l#n(ok?wJ_Ze)xGE_Ehv*y2K+K;eIn;xlZIpOKu6?-Y>|p zA{t?%cXO|8WhNM^omVMIPeI8N{s70|bekZCJt^8F0!IfJnYEPO`{0hfi@Vn1mS)H5 zDqg*1b*_pjRSQG|fHGXKOFZ%H`P~WyG=I;v&c5O;1pVceec}7ruj?bj+!on_h5q1p zhS+Gwu}atQY=>cau3|q_#pxYl3RJ)k!BMUSv?uR<^iCHm(3w5OLtruPN?j1V_D(eT z4g}nIy97>2=z=mtrOO5T@hB{TruYyqaxWxFnfFuzuIfA2@_8wV#)!BSl=rzr_xLUP zoiMRz*>iZ~rHhn%Od0rUpcAjl?n@DYF6Jp=L8d!-M1I4V{dgq53NbXvW-Y45;2Lfm z)&bGoT*h0^p%Zkm;~BU?xZEH>)-x^O%cdyM#pW4hxueeJ%p6kyqTfok^u3kNonR*( z-R{+)TU27@VNz6(FUsGC5?wm7nou;=m+JfZWiyh(Do>)G{-Fv~$p(LS|K0zI#ZNq*=1NqRi_6#9D$23zC|gecL~AnQ&XPe1cYH@G*(x{4KI zm^K<_$*0R@I#iGXdxcEBF0_O zy+~V3e$5j@G=jge00xSA|Gww(YIRy>-MF~7eC}z2&VKMFIGsEN;?T$vILAR1rT=>3 zZ|B7;`FbMW-hV%EiZ)QF?>k!AVCOMw@dmk$rBCWmafh3ontBYoGwz`X;Fc_N{*l`2Yk(QdIMZ^P7D=TudoXJ z2a@naN>9p2)%*~7b^&Xas|(61QF12r&V{SuLZjlOPr5)8G~GBV$W&Bt?#_+<8>KP2 z7`^hjSlbzgvVhBhIk9e58g@t-5dGW4L%hBgYfjddd@GLLk>sAxl~K+2&*C4V`8=Or zWW3SB2*wam_SNY7?$=C@u`eLZDTtih2a@hra<&U7fo(Lg(6D?aV)999{W}X{<_K}6 z4ctO^T9*@F!J`4ZKh-bT9h%1TBUHNZm`g1@f=4Yuz@p19$N{2f5l8tFyt?(9Eft5~ zRHZn;P($rmCM`W%pd*kY?lxh#ErcPZmeX=`ko@&1$k+;K+J*0af`0tvABn zW<23Oz-f!uVHy@C{<9y>_SVYj5XCdv4izTzvB1^Z_a*`#!A+UG^C2`K^_gI zRk8KYt3Rt4Qm3!}=^CvfBm{qe*r8!_fLxT(@^2$;k3 zmea=I-!T8EN{^R#Gu%0u@7REnWZoFJmj+B#e26T4-({lO#(=+5sY)-=4%mho0wb2j=OR!V-Tj(&Qb`WYC< z4&w+(k8xMaI3wnwHB?IpUUmvFwMXsbAEaz?9B@fAnjo=fNDqfdW)v)=aw08M1<24!ba{ zXd=RZF%sagMq{B|Y(Wg$UyTX zA_x1h0Qjb->)+IB$sCpFgR7HUhtC+L@Dzs5FtocSGwi6J|LWbAQ4~0GZKxeg5oy$R z6k8kCAx{1_VoI4WkG0NhZq62~LXA?CiDy<}4t1opU9InVi)Td9SSrlaz#ftmkQ~jK zRNf+sBr2B4LbtLqxR&fYaI$~D*FueWYVBObSSZRg|)w$-=87~f3CazEIXP_%_ zamL1vRG8rsjRBPIKTVMPNhFQnak2Gs^au})CtCw^C3s;znU}4Jn%4=kO!&`mh$)=R zZlK0*VT`Dw`QfSTIgArSROYDzLk*L6XU{$pD_Vqf3g*?T02Be%#I?zIs zA3HG#I)`ob@JfC7SqYYzLU99eYn(Y)pY{bHX|@GY50mb8*;6QgWq@ep7PrbZDYQA$ zg(vSfjjYDjOyQACyax70zYt^XWdP4*zD&z)l+fb?^mPDVDMmfAe`op|yTPe80ffW4 zy=5YCu1MKlc6S@&Q$c@6L=N}D*NCs=aF)KjS2EtQ^aSiP#YLnOblDmQ?)}R*L=Q1Y zYF{HVZ7$=B-THjVVaYc%H~ZJ8FmgW5!Y9{d@917Vx>u@Lou8p^tw`QL1d?zpD19>Eb*o>A#(%R%q%$yBLO&A;{+V zlqdRxU$1G-Yz#EHcF0eLK3EosRMXauts84V>H-e2sgZ{L%bO{_g>Y>UuT(C-jLV=n z&5a==N`oq--z1vb45x2@7^$ALTCfb4dMr-X`u9NWHLBU^Ti?&a?70Rzg8WW4@EaF- zEz){g>B;|)dM+p{ED&;B_ zi~&>TsB0uL@a*rI_=Pg;-6u^fe*~%Q|t3@#KP23Un5l*VhkaA7 zZ#`>E2IC0W#^=uma2-IeQvNdsDz6H#YX+yr*|Nl)w$VQdKi+s{AWLm8VYPgR(i61+ zIP47K53}_V0{RqoMWOOEl?2)E=E_NhJ0JnAlEUyE;i9Z9DXb+?#B7yw~*CHj&2s5?cs>nus!je5ibUTA`>bs2f`gyNDg1aT=Ehx41JB;*)ZEpGiYA9X zhtC{yt+0OyQ|XYqV#j?SFP^!Qxw0Ns(21wj^)Kq)WwaZ=Kv@$Ml~I9CjtxpSU+LD_ zm*?FI@@bKWx<|v{M@?$%IO;6fl-nwKAt(U=((k?G^e{g{D)}Tu*xEp3bhH~T z9oX7h{cNIsQ7RdR3xMU?M0Fl5kp(DJ2EvjUl%%khx0DzXjb41m@M04QjeNOPac}713U|9eMqJ2Za1Ee;+2p_EV9& z^{iLF5Bl(?(|LDU`vl>=`$e{hcqReNM&Xr4Rh^%LWq?wPAz)nW`N>z*2*X2MkwoH| zN2Um2jl**fsWA0E-~vyj_c9039^hW?ty}o5iQ|_{5JT_{)C_9n)}#SYB)&eds4eHd zlA4-@L<*xm?A@YC@d7{B{%z;t{$}kAlWbXKfIc&Ubh4 zE{y^?3ygU0*b;9F-Ux&4P_SFhUZ3P|V@iPhLca)J*spa}1|~1tjMUOPdmsf+TXXQu zMgERdWFXRCNz>Kf*L{zsSPRX!dyN$^WMFkYcgV@OP_C9cG`tSugY&_3ctwt?&dxS{ z!%-yozw>}-Ux8gqIVC(RB#w7JCfz|lm%tbQG@0|ahH72ID;Z0_^1{LtW#r~A!Pmbo zazPkki9By{gXwSp%L6%HqXh%4F?Z3pkWQ!$p%R%{3zm=T5>pNK_k_PPH^Z6bxWxT9 zLF+F5?B`dWDsRpAC06??!?2pDsADb?rT9RlKVJBprS2_5gEVPBMX%@D!lnAC7{U)P zZbm)8zC;`T#c5BJTK!h(fq=hc`x$AtoqWevwvO&mavK^{d6bQhc@yL!I!yw!I$wtw zzd6JafC+W?nq!g@s$Hjb@6)+7U2chlaD`M?cjsa#OwtX@dA%TXStS^xB&&sQ@sfJL zbKfW(dr=0*?noZi2@OSJxfkt)VAlsT=;6k-Ia1Mb{tPX6$FECG=5vD)gne{lgWT48dv9E34(jKZc_@4aqTd?@i zR=F40JwSoMVWq%~y*!+GoNVPTXoHaEgHz{O`y6yn=dr*Vj#osHt`p!#T_b$~`GbrL zhgcK>VR}(l);y}y4XoBtP`18q$G}y;SM$y|2a(K5qC{9eN^-VAg@Dn@k#JO9FuFf6 z?Mq&Vh~zYcP@6+?hQeyZI_fh!F#LDK zp8azaIc!MoM;(Fv<%TM*0u}Tg3O}ZKego_ik;UAX1K&OgT7-K4oF4<-#fHYy59L8I zMi3Fs6-wvXgi58zg;Fnb>%Qz)lg`H%2Seq0)1kqA(eglR*kAZ2V7V8)J7L2nkozW} z-}=eVmRbs@$iJhFauY2K3-a1#du{Kw7{n%o`$cNmTXLtjd$8@7$^NHDLdy^yfuupy zIWz+=?*O2bGIT+3d!w%?fa64IzyQ}BWbYKaF^(&r$z6BlMf%y9+q|6&9rI!s?onEE zwfj$xR9qXjOt;#7nFB5nib7@2f!iaY@#W-FC!SGPRc}C`&iyYlH>VUw*T=Yhf@-I@W&vfu6 z`Q8~e7)o6glHkr;h!l~N>RBOUr0ZV3BYVV%+8ROVCHYo0s|A&9w_N^=G;v{mP(nqT zKiyhPCV@s(A%lo-*+e1WzRePqq=%fkcGafW_nG0o)IcV?9n%oCvlwkunTupr&i70h zZjaAp83^5#J=nF|Ovt_3*Vh3h_2q4k8zAO0fw=*a(RfRkD^yDXhoLTIiY+;6aytwp zMbQpOw&#FQ5X=UE0ogjm2A~FyaKK6$tLzfQ^Ek?Yu&fEhY_OljV=2xSq7#r+pGFlG z=3^~h@-KC03I7crP~IaKhEHY!!QcDbM1{fWhTwF^(WOcWD0@MWr-0{gsdC-=>3Sfp zfeJxgy>vIxDl3|_@acNLqkD`X27^!XQOQISt- z5h5=r+DNaLc>&Tnh9HoGmHp7v)#aGSRAo38Tgx&bnr;+N6??c0 z^{&c{)Y%qtj|#rFKJbGiU39j2;J)5+1dDym7vZnyd>@vAmm7s$6XV(e6TCD%-r;v8 ziJ~Uw=vR>8*ofug9&jVouizLR>Wvb|n$#G=&tPZIZgiafpx|_p`xSpXC+L%ft6EPf zJSu+u7haY}^IM5!IxOt9j6!G!Z>Zb+M@bQ@&oXRD;T+Xq0aB zJcaVl1Zg7ct4u_fSCI=}0Xhc3C^Jk0?n7eFtw(cfX9rDmxCy$d^JP@F8mw=K1@kHJ zy5GhsD-?$~cIou}0+Zjds_VULOex3+vo5vTnSJnrvP6OI_I z=>DeoG|FKduKRCb$+y6Y%?N$CH+#&g8At#K3i=%VMy)x5`V#hA2+bfYpEXWD-b|m_ z%Xn!y8U_9}4MK|#cedgYO6DXBG8=w74B*$&#Hhg3yxh}|$K~)PV_!apUZi`u*$8Iy zsj8+BFB5rRAH%QfUt5V`@r%re`*RA2y<)-M80XYy!Phv*xBe;IpH4Z$A$@QH_I zstHD@c}Msahs;5|*|jwGWzE?^8e?es9BntOKvPl`)r`=^K(xI%^WE*uz${Y#&fktK z$VrEjoZFfFGSaQ20a#Y5I2@*@gOK|Mpm^C5)XjzH1mLAUilLI{DRuq3vHEZZN=I>Wh z=mfhu02BFCxXbSIZ1-C}n&36UJNvT>s()py>A9bLXl@6R%jFozL1*V+7QtNQ1YOW= z1{rCeBh7l`E{+3RbL&SFaUA7~ERDDZl7D_}neU_pqgZK%?{lvCfmngtp0ijTN#N#z0L0aWPQk`_-skd#~MD?SujT#Rn7>A6oeWpo3PMh2I_AN`Ib< zX|v=2pSy<1O8W5)yp;g0(>8aP<2Ms8TC5?wr9dEX^M&i0+y?ZnXg~Yb6=aDjlB>^OZF+R=K}%g|HY5 z>aLFd;LCnHh*C*AzFrxCZcq3|j>HsHHfU>d+ z-t)U387F6RXKv3yl_wOJGeWVSh@IytS1F23!o@G zIcAH`Thp%=Gr%7z?=JzSqZSZ#!MkJA>!448mZn@*dnjFbKzVR?F&gmtbZ9UZXO}V2 zFC_*Z52q*r2=(daM5 zip@n07a!EvQWM_|&!T|WFMgFHB6{FtWydI)t?&F~0NYmIwFU_|)%W!{w$dT$9VHdK zC>Vr>rPtl&JCbGB0#Wb}DSm|l0k-iKc2?=fxoMm)0)Tl=m1}TCB>8+CPAA=7I@ei( zD(Fq0A$`5YGTwjh-FjO}N$_b=-JOs~Z)*6N##Ir0i@Iyq0WE%Z>gT}FamwcnX(1r{Bzq0oq%d+drmLS@` z&+Prf>C?7Rt41|~K^@eZ>``k5wfg$Ux%Lt3WZtTqS(VjDdwZH;lEDaqfWzTF1_%d& z1e$`+L+pA0kf^tyZ=oFmV7@SbDF<6s(628@`*VQR*U^<@pzx0jmKp6kclscO^05um z_<1)W%#Z%SqoySnit;S{jo|oFV=cF_nbo8RybUQyexc6IcoI(L3#{=hQl^xfN*zAaCI!45s7*5obe%017I|#Ksb_r?Vej6cMb70LX-pUuLlxIH?i)Y{s z$9=c_hV)+x^6X5BTzh{&aTbH*Z3F3!zg8EDMM`@h)~V;pY8W#K^XXP;a;hjlqZ}*Z zf*r!MRZ|l0>)PYR{Rp4B(E>&senP2RqR?{$NETDhz97W5X(845aHq3SlpXoA8Mo1o zr3^$lt05q71E)kDB4w8GLnm_qq5Tb=;6lXN(1z*nrs2@F2Fk1ko&yt90U>dQkoiS} zNlS$6fZ`_e)>n_ivL0Mje-kpD4E)cF>r8$QK}+AINiZ(-N|O&q5}DCbU*e+e4^k!S zY*Fe8YIvQ0Cg9Rp43<(yUWm@u&-cW?SdQky;6`|2&7_ffxC=OwTjGk{$u#=4L9IvRElU%4TM z_+gy3j0rAD>p5S4aEWlt1|Eskk=y=G7mgoqB#-75_$;BePLM)v)Yf%JJVcIBWIjFb zz-fsQ+~K&zR@H=zkiJ%zBZ=a7d*xCOy*kgoy}26oPKUUsNp1Nhy)((A00_Om8?TdD z3*^jLN`W2Ok({fq_=e~i1i1Y2G$-Ez2%L($H5fZG0FgL=n2b~;?F)T<@b(M(c!vI9 zk@zwlFnf?lfo}b7wsyd@m)%pTfwIc_^J5C(2PE`47y3ZKD%^J-e1)l-UC607Wh$^5(D^CJIm|G{zWKs z22DDg%OsN2rZ*Kv6Ilqhq4e+^`K$}y>#y*l)A1Y5^9rt;xD82-GvfXk9ABBQFj4^~ z1hrzSD=^$4dgqQNL-HL2ZUC^_+7fxnN;sl8EX+HuWEASsA02-46m^g3e0u<84&HXR zI&g&v>_9&q9;wgOic?Sl69CIttY62Sy6tz|=Y(y1%Yh!Sin7&E^n8O{Q8KtulmO-w zoc*VpRNav<7)5wCo^H}2$qzWzn`llYQc8~O^V0@GQ{k|tHnRylXyeRif_YnW17)mu za1bR}2li;)<0|P7l9+k1>Gp0x$@oYI%Zy!yZjdB_gXHqhV`Wb&Wzi`xSq9Jtk|H#& z@kWT|pp2FVY|p<+bJAt~Yk6-BUI!6}Mc1Qhh+loI)2})jb9*c5mhc+s=a!%-W?n|x*!i_V}*x4 zL<`(l6Sg=v4*JW_yWkZM*2U>$C9oWN)@-8rTsMt&_eTiMFVGp_ZH}BsZ;zFdhkI_^ z@$n<9&7Lg;87lu_xl_#q5!Shs4TRA#xc7=3a#=misXmCDdOW7aj?mlSw&Z6TwfXsC z%~3sG1xi2I7CLt66dgF>U%0D^d1kB@|49xcnSJoDD17sMW_2%6Fad4uKX_@MY?4bL!(K7xXX^szhr>bn+pEc*dy zLc_H#=sGGRggVt~6t;upRnusOSU{zHG08#8NNjM-RjfmD{IPSQuAY$Ogh0ZLiD9$eH0W@IbEVJQ>=ZGrb=unJEREz$ES7(7mqijb;f}rm_j%egdD;7&!qM*xnF{ollyG`klV?IrUc-u^-jRvq9?G$q;H z`0k7lQk3OOqyaE3)ZoMxX3rHE0CthBjukJ8u1B2_jx~RM*a=fzxx(iiRH{g#*3zXK zdO;8&7%fP|XWNc^TUyFRWx~1k0fmpnu^uJ8bEW2M3}ZWkeEI#J7{ zyWapMNB0X9y@*@MiV(E>T-nh&J9Xo&)1LZ(y6qEb{nrWR4aL#wq1_2cOv6tf@@9B3 zF;xhF=2)o@xIcxb#0QIo3lwTHpAT6N+vG#luF+iu=zN34j65alu9gD9)ESbWO?GzQ zD|ULB@yA#{fRzVl<}T_NIIY11MV{`AliAM}D0zib^hx@dV$cR2)GPI4B*Vv|$*VAX z*BE5ZxdF`2dtn04S9_+L9m}~&%s)r4S8{YPg$*NQ$nT1%ykccSKdr-8=M937%|z2c z@$N5&2&=y)3G3tOPGgeL#7jUHTlH$4rlLS`op@ttjxVQ+Z2#De+D+i}b;8qw)WJB@ zA0A~qnQejoR29W$MF)8K`Ivs<{2pCb#g80*`ERjvz`Qds5lr`pH%=m&x^{a+XGNR<{CUCDPtRniEC0`v3UYrIb zK-6}I1x&Cd41Q+-^xLN!?Orr_5(w^f18!t}Z)h^TKXvTsHV*9!i0Ti|TZNk}Yk=E! zGHibE;;A|U7wmP~UYQ>1kG=pax{BSe&9?7a)^BvgDU6=s`b}Y}My)qy-M~*!YFjYq zpv~hlcNgV&l>iVMaDMsCSMSC`A9-dsj542^gXv(_=vSue5)tU6*53u(LF|SqPv2XP zh?#tS#h20lET9qWNc1>u$68Q!7xR82tk$uD$53h5s@39~B8|X6W+5N&FRolE`1-n! zADyjN%>d}~Hr_evFORjcIgm!^{%75cA=_$0m(l9T4U)=(@f)9|@U#SEidC}q7oO*f zKa8yLuzq}}cCLk<2XA0>^)riuV*M*t;aBaK+!{4~E zFwnMc=6ZO5JwsUb>L%|tk-U#C4$^dh9e(Wfdjgdcirv_=Ff9FMUwG>LM$Aljs2{G= znO_ehukA>u;=wOL>R9niyFDR}=}s9caL0SJ#SZ?3;#|R~$ep~+Is_xLL(AeHGljc# z@bRu7+yZhHHkBZzL|89A+ysU}3+9NYQkZ_`&cWgSCJgq|0UN3(S`Tkf%nNw9_}${u zhOAb@_&9m*5p-t1&2OBU6C^dqu)<%~QL%{thlduO?Zxhen(_k)7Ed>z%>*JT3abn? zLt-SUYxv~U%~$#$8Co8|8!G(4W|sd_Kml|EMQ-0&NF_8z89R6!2LQZ;9w!N8k)T`+ zjf?F;Z^ew9hy<-zkU}%Z&V8|If;H}>B87VJjcg!edvIWqJVa-Rh<7-P4V4>$>;;RA^YPpz~H6@e6WL+_q%uH z`M|i%#be+Hp1p3lJVOv6vfw^C1sbIJ3{C@kkY3YUlnn$$Gf$p@3){!jMI8VRyurHL z#v{YYFzL}#)8aw-)zW(Jcq)!jeOa3NIc*hNfhCoxrFk`X)11WP3y_cMA#~aY)$t9g zGE1u+v<%n3r0m-+tFYF#_DJ0xgt)0^>t?zHoAaAKhT-=q2B+p+$-Zg1wb|DgOLHr z7|=%(;i4#pE@WxW>uQ6~-#GE`ckRl^(|9PEByrlFJT%21=v;Rf_yjYA(;D-=e&+U4 zIBOyHw0lR#af$};{Zs}?6Cp2rdPlfpVPVn@jWzHCC#$cp`}0it(HZ5IF0K=`K@T30 zv|^14!|IQgrvbo24DCtn9o3!T7m>Us#((tFy~qW1DvfR>Y3^0jZ{%%6hbq9%Z{0i5 zV~#T90DAyriv~A~Z%J28eU*=)^IajQp;eU=_N1krSiTM?XwH}jCv~R~V|!_h!KR>z zxLl9xOsEg4ky;=u2n%3OGjz~T&%UZJJ;9$hliZBC#@~1)7asSg<+U(kYGp2 z+Bc(_;jB*u(lQS!LU8vD6Ey$!Bc;ILcn#b`eA^&OGgb>EOe5s$tKh_BK@=XhBnM8n^$}M= zCZZ*v>Mm_)FjwPg;;TA1aN|KmLdtr&2cK8UXQCBzc172Wf8@1Jyjf0WE8@%KB}$7$ zVAsJ$8$CBaI0>gZ0lYwf%M8;(1Z0?H#$5bGe42TOnvrB$$o@Q_kigx62F3bAq4=rr z7g#%bbCFa4z>4;^JZ9>2<%M733|~1rUMKC+9!zX3w2v(i*uW=BAK#UZzQ|wKZM&wt z^HE^aJgYnaRc|_xuAa(BJVk!CnRzem1kX5G7I>FF%w)CGeD{^Kp!if_Ifl#Qh3~SQ zw5=FCyz^ttq!WGEtt-r?6&sp3*_WLVXJCjMl4J`Kw_b4cMf}(<68TQ=pYe8X52Ecj z(9bAy2zI4(EdL6iTan;tzv0F=?j|i_PXO>?00K)H4~7B9HtN@~U>+uy*?PH9sV7y% zB&OxD?-~|c*F$g2urDM`u>=lp3XPC8@Da92#R|D6F=BLAw>M^|anNdJ~MQXp; z8g%!ipHQu+PEA2p%N>;mPCd9^nw%K+Js-cWOmw}$8$JuMj5ICY(j>Isx9RT z98GWUf?|P1Itwt#Wkhbt1SYz=@`F6}uIy8*kNi0B(ajfW4|AE9=EGorUOo0I5$wT; z2OD1O{Sg89yzdx4FG=T}8ZcI3lv z<;T1dNoMhp@p@&fjw3?CpwRbeKd_wlOZ+)lQgc2OYesj3{B-eXj=UGIaTiVH$G{ri z3)cs5gu@F18!Br8w7g+{+Y)Vnmq4|XHr54>*FCo@YRnfQe4SHpB}}w%W80V{6HPF& zZQHhO>jV?q6HjcLC$??d&WZ1LU;nE6Kke%M*wtONYxnN84hL8$udjcGA633y9eWaZ z)q+-=aOo&B+|EoNmi5`r2w>bci1PA5^|~rQVzm2!w1rZW*CMRljqr8_ViP^YWiE+p zBDmPzx$_|{(7{Ny=iYJ0QtMy;h`V1E#?d9Aj4BIgaz8x_dzJdZ6-VcsNJvFA?e>|a zoDUuPN++me5SsUoj*BPh6#8h@U$J!-u?jt_Y9KgBj05b_<6@Wq4k&fdylOT(+D?4J zNMmhfSG%sm3D8w6iG^bVC>iB_fOvH(5J+2p-IuIt&$d6$Wn@y2 zj@F;R4Ig~K(UYdZx9$BrcRblOoFC{IPMz-5;wR`$QNtyQ6zbRLpD*%hX%H%%!kFMG z9@%#w9Fq7w1t|j8=gDy$NU$Z0|GfDvOC^1YXHoQZ1;!X)kM{h3h3_mow6G#24JGP( z*jTey60M{GfD&HJhp;lUx)4Pgw$=xUpFyoV--k}~gClVH@neHGxA9whcI4Zq>;0v> zSED4SGY@lb=1DyVD)JxFUhSyaU#Wi=qZR@74OreTxNkULk6YK4K?)Kv!?3%;0z(}aN4o=JU5=L; zV(Y#N+xrd?ajssT)r(5;@m$RQWy@-TopQV5dV%R?N|7J!-!u!v&kT1D+;{xcP31Zm zviq-7iSUT@&3;)wU8wF-k9+Vrg!5dNx0(nX)Y3vIIEGTgLYjXKHD6Hw=K)>XUd#uU z%YJI(F2DAlfATNBsmt5|OOKWDlpP8!n&=rmEWPKq&yjV%EDGFD*_$n`!e~W(e)Ic_ zfH=Idz&VN&58vb#a)AjjO4bOxMde+;GH=F@1*xoyu&;D$EdHbI8 zDZQ;__jx(Vn8RbMm~g2}=n(L% zrp46Lu_+RD?^ky(Qt!ssG*=br<`!{X*EW|GF*gL7B{me|Kx;fTmN-tX7wK{J1<>%-;Xqs^q&MDtAFSZzEXF{Pj(&-z9v2b zp2j4X<0EHvD}CQ6FkaIVo*!u=0q6PKp1M&w>hrcaR|208BO2W#G@xJkEevmg41G4< z8n!IL{vW~1O=Z*CG1oSZjqs$^b5L8a)(e2cms95R>N!)wfQj1Amyg457Qv%{@vjoV z8j9>~Zsxctt&VB1QM^3=Gl_4pCyOOJFyN&#_Ve}2b7PD0Q<1x9y^T33CB)Ex;_$nE zhkVF88B6Sr;pdyD3^sVXdpEyEME#Nb`F!sH$ItEM>Dr`DO5~T~u%^G$c@|4ak+k=k zl0%c8?T$VqjTY#CtdHh`*0aSM3z;bo#a*3@!l!Rp`6gSaos{~@3ZSCf6&%|?@cWEN zO2;#DLrJTTdJ6xf8cYrBKB9T-tII0Cc|V$j)9{$mhGWw{L}~9|mmwArbx&&24rGat zmmezi#rW$MhLYbBVeLqykbZziV?Vgq-xS+sII-?UVI79&MQg+vR%^}qsTJG()Tw@W zov%>Q6!~$ZBItGM<_ta<>*^hX=i5fN)+25^N}asIqy{pnS!uNM9$5`a*m;{afJ+Dn zw09jTc_r)hF8Ue9*Wt7ug?3EWsFiRkeFDj9lN-1#ozC@R<(^gK7r}c1pKtI}yd}kt zAPQb#i#q>GeoJdN*u43wQAk!*&JodDR;%2mFkX5Ykz?tvmN}9aW>y>gk0skGw>wq% zbC|M<>$HtOY|0$S=C#?0_SX=litpffS8e5w`CIbA6N6z(U%DcAT>bDvBf1Pj6&$J~ z=AJuT3VR-48M;Yn>u%VT6Rzcr5O`1`95p$!=s;Ap@22wHE+^|igFU!DMbjUnLO=gZ za8!B?!l_4RJ!C9X3dySIIN`~{~wPCU&{7-8apXBwUrdV{@t z4_m&J#e-`#i)tu^tTAv(6JV+3GO?2tOT66c2X^iI8x~ECKs7vEOGvib(aER@!V3`R zk05AmOhT6)wYxG!%3>(AQ)F>Qi>`r6U}L{dy`cpoS9WgEsi6MU8q2zw@E^of$u_n_ zIjZ?QICmTyx1xJA9ycGt)TRl?(6BgeSNzLcGbFtpnOd}K{X7~mm$p$9)-aTt3M&_` zaA>$=cIaLv2Ajqjxn~qBYruDO{AnHCk_NxDjF3#e&#mb6pIBm{mi@U`ZMS#s9qIi7 z-jUjWoCW^r1eO*)kwecBNrI)OYmr%9!i9Eb3@}aV)##BR*y=TD{%G5AB^%hZtGoTo zXHla(3AX!hVzUK`6czlOFYpEYdsvCVArj{gBZsD5CR$l09?84!+Y8~?37$_(bJsin z&#QPKci0=yVniS2%bXbyrnp8@Y0dm!iAYip^c?dJ*-SP-sZ>SDG9_+p7Jy9wuN9;L zTx*t78Iz*6)t3ooC@)4UGaqxaIHvjlRik{92Ip(F^zy}u;>G3z=98q>I8z(QQ5SFsgEWYkRrQ_K`4c(1Pfnwo&Sf(R zq%!ekGVrA<@nxIvCo(feGqU(b)RyNTxn~aPrVf{;j-F1ej#;jbNv>YyvSyU01T%E_ z@}djf&I^~8Y@3^bll+Xdybm9B~W&H)|;tBDE zae3Vd)tPlwLlWd!g{cLni9+X*8LOGnGdd^`$Mzx5vQyQlY0tJ>&9vam9Xa2L2=eJf zL3#+YYGZXfz_z{z zhoVczzDw7M&ZFK$?xWv|+R%~}vRyo~TQ$2{o?*q8H>14(Z0e>a=q;9+sTXh5__!PyT~S`cqOs}_MQbWbEYY7$g?bbwdQxv+N7u}C;3lii_aA$^?Yq4l2yZTaom*y}7oxP4(Y085h~{)V77{PX5F6{OQ} z-pmDR$LA2i>K*Ko@ZEsUq@Z%ZE0f}bC63Blwk<~(bR#@;Ig7>=WmmN>I zc0RZf4Z(#2P?D`%5LqIqs7p+aqJzV@P&@B{gcEZ0n`Qx0wuQxL}NfrnWVp zZR5=qh+zd9K&bdY7POQ2)a(%)MW3t5(-$$x+b$B+Ho$&n`v~a;m|6%@KLHZ3KZhfH zDqnMuiwis{9X}G~-^{~q4hodQi$0FqnZ z=`m=CAwX7PD1+~6q_QE)kXONR7)Qm+xY3fUa7w`#tpL1`@Q;7yXK%2DZ?55gOLI1% z^3zKVzVW7*0H&P9@Z~@}paZaHyKrL0arV*XyRT-o>4g|@>MU3_T~{obUL@*lP_{2s z`f{4O?Ub6001K^SM3XAFH_a=OS{zZuS;mWr6$wYNytT6TBhqqAvdCB7XO^E3? z%lX|nA^#-kdb2Prwz!~qzxY~y0kR!DHr|!a6L5dcsgJh{&h~wacK$Mn{=Rx?faf26 zzvMkBh7LYqz%t7-$?dGzFe8;VH?@B7@K z9>iTi!(M>8J~KumsE_aAf3>yi2%EZCwrg8J!(H$@i&=e6v<7Xsp8o#APd$GB; z{rl$bI1uYY9pC{lH;P$J051g5-_{x5Z%4adJFlDL6}IqCNbz~&zE6;}JIKOA3QA+5 z7M^G;YdVZXjFC0hKNl>nv3ZV)5zq5U1znQ9UMG>tJMxs<0jF!^0~eAr0cWcVVZe(u z!E0&sj+wzKpYc(#QB%!Tz?%6Br|FU)-z3bvyToko)^w2Lk0J;J|IQUt2my`Ky zPcUY$H5mMLh@XKzCxWv96Jad_c?P1DfnXvz#rOMuMfHVbL^lak3HsXw?)?UB593B? zZ_se9VY{Q5QwEWe37QZnhBlE4U>PqX9+)3A_sjWv-Z3!!B_nA1JS9BdARA`b+NUkm zvRu02aUG&`mTR=(+3T?>OZ;*R{WHyrc|Mq8enPX#WqiTHzS@dLIRm#XeY#*_w}+_3 zSUs<^P~pSjxYaiV;pymu(cMBtjdt$zfYfu;_&4%JR*jZ6hEljKqj|OXn9>J3@Aic* zsL7%!fPuHdkIpWzxfSy| z`sJEBSMTW>&dS{tGImV2X8B36mart%{nDed{ka$7EU-WW2fV>lE(VG1p|Agbh+AKA z>(^|G9+{iXVU%{;rpg;)>5WtUAxKYeYse~Ov~8r8yObSak>c~!VuSsu@R`BE^v`=I z&tknw%=Sq!`S(6(m)5mN>QZ?992?-!$;3R|R3g&fQ}sJCvB3^x9Uja#xZp<6pST&2 zXmc6v>f?OA@7V}H{K1WuN+j+f7jsSuw3Vs4bxV1FT^xF`)t}YlndIoMGOrg`AcdU& z)cxuCm^su`1kI(;LO}V3R{+CRLGn9AxftTVH;h&yV!M)wbR>04ymK&>{sT6~D?09~ zdH8BiiV_S`AXxU(<;4?ya;w!l>FIw2crJ!H`$ajZjCYT+@%Tt-PL(`n=ZxS`+l(d@ zjw!9#PTt5mN-|#y1B)2pO<$(R=YqlXr5_S`{vkh=6My~3Dn8X|O<}^KGaC)AvDd#& zkCYO2{vka)Ow8E@N^(`QSX)`vVn&VkajpE3XGtJ@hi;MBYBt_DoaQkzDA0W8aea*F z+(s3rRKr~6w<{a7kK(d_$mR_CTe5F#QRW7kvJ~(j#iW&UJ^Nz!F0^9YcH)0__K49mwE_LDDVi(YIt(-#JeK z&VV$M({W|;N`|hxEkNJGJK!9`OBgJU+z_TLL7dH`r*>HLic#dfMn>ukQ8P$d!PZ{4 z88dQqD#KcJmIcbH@RAV-CT3-)y%?U(_7?N@WF7?>go2c6zfYe_rtcNBW6pSlJ@X@B zPsFhrso)tKj?I+AWgKkTH+$IMGR8ws2@TbwU(zkTJJ7%rek*P~55|E`cI7cwq36hG2)uDJ z;m<#U8L{PeL^r2$)i1iQKLiv)J2_EjDQKgm%Y6{Jvbw5MsferB`PAo8 z2lBj>yi>=zi=z#1IGnZq6 zS@=mn)M3cX`M4|@n1aDY>EEPwCw8_B=3%#dS}AvM5ge`_T8 zae|lW?qoZacG8ZR=Q;t-<#)|%*S`EeP*q4;-SK%}63x?)`Nn=PCz6OC*W>4x<7*g# z!5<>|V1v(T=F3#hPFy7`!TzIA={5xi+ISful2!s|TsG`;+67l?Dv_!M<(5ih;ZjIKXgQun7T z-foggldi&dB|L3aT)!$Y7nl6P-n}HnVgBUDQIA&NkAYkx;42~pan%DuZZ zN!ppiN9RY+2SfuIteF$b%S~L1nHV;sq;y(*<`;8;=icWxFO~2;GNkCAb&La4v(#$+ zY+-E%96$DmxJ1;(uzTH`D_n#+UIYDEs(3q15GR3~Hu;(hf*=AlD(k)e^?sHTrGDJ2 z#dvai;#qYK^M!#nA>8$?#`-ul<*6`vnlk#2^WUAYSkO`m56ryAJm!!^M_f3tCk|c^ zhva^5&Dk$|T{ID2s~>n3E*1PzIwDH=mPJMor$X(i8s8*E?G>y8BNA<^GsbvXvXU)@+TJEUH}LAc*dGczO~ zeG%!8Q(AhoHY8VNzba`WMnUTCC9JcF>@a5jKi0enG_Lq55!GOHBv|#Vl>Q?!p@xYY zdN)J=GUQ^?e(*%>Oiq0Dn!@`>?RTBivYQTY#%P*+v<1@{xK>-Fhp>=*V!Qvy{2 z8B)y|k8Dak)2;S{du8-e&#+Xd!pGF_#DD_QhOUPj4frPg^8S(DlO`L)*MuJdgyZ29 zCL+_Dykd5ap{B=R=A&hnSN@GXSRa{?8+&7fE>kqZ(%g_292 zz5iubG$x=wHKN^7s$%t1-bnkS z6?vB*S%}e}{nHxj-xX4JrlZ*}=IKQvmI-1bg#EZ_lxZ_%7naMSKVXY`(uDJ|F19ex za5h+QHO#+JsJH!%K~hIQM=7_h1th;fJ=Vmkg{!7eMRCyE)!rH8sL;}nMbvc|{6osj zM-X1!JCq)+K)F~1AWhQ7aDWqQc`2U*Wasq%uqc+hgJ5@n+F8^G%pJiSaH8zLEt_}9O z4uL=6XMf2XK30q_us}5p*!1#=h=qi`G2w(eu>l9W{5tx%SrHO(wzihovooO zb0XYd7rl4e1`N7t4JMoFNIz(r#@{Uw*DF*r*$u&N>>LfY0`*sCwHU!ED+`sI1ErV# z-7GhV4ej=qcLBa|gY|vpHg_3t?hw%&w*miVgi*jObexAlL~m)tQX0C%J^Li8pwQ^Z zkLTL=-o_{SiJxvfPVN!&kI#RN++r&@iP{ z*GBUBMe0U2!JL@rp^th4>|ds)F7Me#2KopoMbxWVUtaK{(MRao_dsy(&^!X7q9UBu?c^e}8) zL0!Co0i(SVO9$t$vgkL_8-6TR9HI`yph27+tttmZiG(aoMO^HpD~oV-W$AlKMiFhW z+IDC!INcFp&BSy2$Vzpwzv1-ePMC0+G`1lpcZ3j&6g$Sb``)7ARaX}e2m!fD6o?i= z?e96!r34`XJL8lUP8M6LgJ^*zW(~A6r&}W3G_?cI2<*0KIVzYi$Mj=MI$f)w1IDDX zBqJqRRvxDrxZzCdF&LsAh$X7Hcz0z@&@W#>LCo?PK^Zqbppt)bf0H00n7TDG0!}IK zzHWBHO1a?kndCl%lcoM^a_-%dFlQzM2DxK)*+TQF<-fy+&%P!OzJ>?2GXUS4j9=dd z3Cgc0D0g&}r&15D?k<2>78xoNzUvSOL)<~9@ERiLv3NgErL*u_%d>{rR6n|LWdGHB z%Tg<}t~;FS8-JlQ2dHd3?M~Q1t@)K#982t)zS4`~NUh_8&x(y&O7DG!0*b9!s*<%r z#BL4MVE?Wt6jp{<-y$j0FZ>hltNFFrIsH8?TkFIl-Qh3H>+FUOgsqB)a(tbCExXQW zLu58xPYtP@bx?qYyWYwAgeu(Z|(7hm@ny8|~_xS;3X|5My zRgK0y+?4;(z6um&L%6URguH_5`!o3KKD#m+fh}Y^1zF0TzO*vUCO&Na(Kj%*>Yii& zuY5SvDuRg45gI>ED_{oJQ|Y^ zJ%FL2%nCPXk8>g%_%G_}&M%1m`Sa0)$_eH!r@Z9@uOP^)_xuymsn&om+K@U znngr2{>I*MtXTR@-q>cix^0C;mSIx`Hmyv&%0#=G?DCjN((Aw3BDW_y8hA$4;MGw# zh%Eej)#n;LsQ#fZWh?(yyL)$?A|SzEDHR2f#x8Wzk>DWw$kReV7*C3c`|ee40zpO_ z-^c$M-WA-%quEW7d#IxR5=~hJcAxl3KajqEUB!z0*Y>rg?#i=2q3-?Tuo@scV>t>Kapwl&Wr*O`{Wh!9s!?F7}CaCW(4V+?0 z5YIXUUjoMtF=)G>HI~$znUBkJh$fI?PKc*%Y6p1nzDWuRuz?2o2c8;f$*2&ajza3SE3GpE3TVt~@Gkz+cAkHs9iJ)Y*ooeuj z2Zz9}>iF-nz&X@wCtK0QG9NLZR>=@(U)~Z}+RH)Q&p8xyIUFY7|0bQcRLwZd?TqE< zRH~5i&~HoL%xQ!d^LYJ}gk{QU|Hb?INk(!Z_mJFd%@VeOH3qKyfreMU5ldw{G5JN0bQm z;V~HCbU0wAcj(PqE45x%lDYA?yNs~;Pnj1v_EbJgqW2uy0xpwNjvBSfRdxVr*`{y{ z(@fSV>c#7}A=H2;eGTdQ{s~bY;FOj%Ze7wKV6d_vW)~K5g1J}Cv@_H#AWZ=-%LFmU zf~3Q@bxo9xFSevw>jKR?L=2q>=A9-vcUpxbv9lcX0bH)GS!D47FzMGOk!zUfCO{sOAaZj!smWc*Xw9o z@~Q`NpwkWX96ufQZ>nI``A1^nejFZspSd6myBog_8|&zl>n7%?gnX5-o)}@^IG-Tf zhDK8AN3YkFdjfCa4jQ-n_4J_(HeIDq0uRt{?SUy1(Xl$IW5S|_RIOB0Tu{M9(_egI zm`PA$e&|j_`50R`_Tq%|`IgH*K^>K|w-#VGin7+QWmwt-5E5@ZozweY#)CyCu&1hU z2TaUf3Ff`&r&U}ycYUA~zrDhHYGt3b9JHnxq+aro{9Sh-*%@--8_+GeHQX^>XFCIK z(VrN^m&HwPG!xZgyLnNv`tPH`-SFuHmO;Z>?7xOWx`Vt){v~^@#(%*#W`&@s)x`v< zE%g%5@pwWJ$V22eZ*^{j`*;3FrJg+CN6P$f9uZ;_=MTkFg-Dd}mj%ed2371YlF%21 zOtv#-><(1gk?t<*z8UdgSWQj5Lwwh?MIaSVOrsZmiEkDRA40G!t0wM-K*38|4$EPO zGiVSV-89)QeCQIXgafV#D_T(&KN*^@N}-#-x<@!EvYhU|akJ3Th z88NruDPgYfecww0Q%?`frW-TEuGR0ed?6X-A>nG4Py79tm=kZguQ8|@5a6k1nX6LIzXe}fDb$kQ82yN5#s1V5>+KwTX3*uY!U6bp()5^{#HF!FpxgN~mDnN-VkL7-XzwE&LGkruxTA|DhU<0Ua(iLb4gi{X$Df zg}zC2({9P<4>6V3W7J=>QBwyMIonv859KT~&4ypMBG8c^{%NK3%S=jGiQP5+Ax%mm zcJeqm4g>5*uOex9YT!=9-2)1E>mSu1Kkukqh4I;DCX>kwt+2mhE*}4-wXwCXc~Pn6 zyI&mIKPopl`xft9gjAuY(WL%{G0P#zL@j?V?{KSkq& z@?Jb@yKVB}=R@!kV`99V&ET9HKTV~Vorkh}c`o-T2;Ph&V^MQtlqr4W`4`(PnA;8e z`1=jL4w>KtHuQc8u(3

)tF#ra^1OzHZq3q0h=ONgf3umL>Y`m_qM5!F1^6pKMK1 z?hYVhv{q#Lsb-WC6^E?|NP}Z9-XH#F-+&0as@UIijxT)IkRQBlM;tyw45FmNiR71b zC3`vpEObjp7DAB&lb-N6UX#JHEq)LSR{R#4i>MD;Sdipf{gVH_Q$&8$O%zq-#7dR> zs6-ZIpVt(Rx;oo}n{3MNDh}URQIcQfB5z_WbKShi(%l(R)Qzj$w2Nqy?q=&Da<3mK z<-fcUV0npqK12kZ-+Ybo$zytIipK>C5GJX`opQdbT$o_<59J^ETo7@sM>W;dH@YHq zTi&*p2}H_?ZaJi2>raZ*B)WyJ1iR~Z>q$l0@};TL#bgBRp7FCyb;A1oIUiQROi^4_ zeu!h7(??u&{Ioq2Jwe>xAcOc7H;ew!D?K6G|HfMu%J{58L7T_baJ!Sl@p@NKI|3`g<^>ZUc-o8H~IYZh=71HC792UhS@8k_`_Pve+ zYgT^nM)>&qRb&&QyTV2Gk}AYuvi?yTYbif&PaJ?b<<-IkYtKa=hBD?*32gS?3LD^? zyV;ja0g1;Mk)(13_?+K7B?^+FkBK9QNtUdqmnHL7=}07F5P!Zu6pd6_(#@{z2ve~70^aw*7v zE_2Sw6<>i1JzGL8V&CRT)FY^jjJsZqclk&}HU`O_g76&V=b4gEpb zK4@B0+Eoyqi*A*Ua` z+U(|eHEi&1e%}qEXs;5-nV_3f-?pFm0e;9T7I>$Mtrny@ixbaT2J1U7sCTtT@O00Z zrLG_nSxj*WT?W3e$Ge7(dj3TT2wtHBF{6uO+OPN(SmZ*8?R+(UKKA{*7kHb#2F;nB%$6~;ML_;EZ6nj*D-~U(9=JWI z&IigDjip&o$Kk``Aucn)&;-!%Kp%O99yBS&?PXDk=cFeebXE8%>kGZCQJw(s^1gQZ zngn0`uG@C@hc{G&E0%UY0*nfyK1718<22>={aA`5$1Z-(6qtLMXXH+!7RbB-#+9 z03)sJuf$o3Pf3CW_)u)GxB`%)tlV9a@%PDv+~?HahwkZk;BwZRZFl+q8FtLNX%K=~ zqNW=KSs>!Sdw=qLhx9KT#s`Zb!cmn6i|l_VtcKJ3hXa>7K3i8>G+yhLt-AtFzBgFG z0%nN^V&~~T^py4t>u+uI3UHP5zN#gk?ydL@qy~jp7g4%UDS*5-H-mR`bK0^H^AUtr z7ti#fR#;$%uB-w3r`B`pBZkdLbQ@;@HJ>kl+E(E6*9;w$#p}b7;aGM?Ul*`8BsB)1 zYt?5=*eR9bfyf_T7PGNwC;Ptn ztLyOfPK<-@SDr8kh!gv1JGc7(3*SI3wzPh9xFIx9{D{LWz=%5TTbPRGNyza>F%#Jc zDZ(d7ChOfw+lApl4IsAji~aiT|6P3lI;g=9?Pbm|1{|_wd<7N5-$~xBSvD^fV3-cRvhPOjt1U&n zm-^L=%Qe#Y1kOljJw=T_q9L5V4wa1ce8uXEtrBdidUMN5gcm`r@UX$7>zVzA0i95V z%iriBxA2@yZBTtz%?%y+4fO6r2A5jD<7Tt?f@3cN7<-uRdlT$0ne}!&Ivt#?J|Yxm z#RWr4B!bV7LE)c&fXvXus^BQB2q+3+I08?BSyq@Fb0o80)FB~jCwfkvVfcoW<|!s( zm?PpVe+waHI2K$!*SZ;O|Kiv8vucGcS)4<@s_kUDn9!+asyykw$+8jLP7{tgReu@T zyw*P%j@lhiGYp>);{%3plqLKiu1=i_LOd1=JC-sh_=MWtNACywL%9rh-ew@t>tzd`Y9kz-KkWOMK zA1t&Y!e-(=xQII}e5|Z?^n|8{m4iMXnwier#+5%H97G*|nRw@sVk=}=8^_oUW2oLD zBd1MG;pgA6EWU-*>>k*ue{DoJ{28FL`j5PlVXyHg={AGoM(fDlw0NWi(M8|2nXeD; zBhF6=E~HiZR18JdpH_hQOxNdR;`bo@f4ChA1MR1Z7tMfY$05IyJUol&$ksJ|UreW> zt+ew-M4)`5UB4Xp`I1Z4qfXUjaW*|MngSONaTIBnG7<-^OQgg3!%oop2>%DZ~wwI)Y-bHzR z%9?BBEs4TsckKQ%Yppx;B04Oc%D;tOrO#qZvC845RQRZ`yHD03TJQMa`otuZdmYQ2+H24N9RcSgQE#=+BnB#Q?s#& z^0-=v-`n^-N-wrvcx#A<$nu|)vBm7r1`J?DW>gBh@R?Gz#-U>a5N3_Z@;uEFNd#J) zxp?DcXP&pj6vt%WVCV~G18?k|s$&zBzx!E@T|HuC@dILhxrBpfS6m1S=Q)g5-X?Nt zLgy^*u9x~}USJt!VgR@VvJBe>rgv8K;r0WusL@8p?$IXPUXpSaiqWJt`*N>KD1wM^ zl-?`p$90?ig?B|bd+=be&ocJhzIfu?B+>Rhhq!`kW~T=5JOGR_wrGkc6qn}pt{IO8 zkKH^ekwgf8hYh!FlDN2E-!{DTet;J%qxd)H2i}s9KVdY#|PT1Ri8~S%^ zv+xV4nK15;`*_Jx^)0k9#cU&jPwFF^E>U-YYN8zf@GSNx15I}?D%ud`Kn~lHr;*Ei z$}j-$>}pSD`kf7P-2;t6esqR9^!sR-G_YOR_ydmz$oSZJa(chFtH>}U@pE^tLk%HT zpQGnAG2tltK}7x0wbJa*gGQOWV#xrB7ZQ7eJ%X{~pKLv|s`^Jd_0Jau%cc9X zF^~^xA1Z$b{O)$M_)r31#gcW%Hs2|{Wja~mdsBobO0T05m9hr=dr}PKEasu{0u1&V ztTW?TxgB)K{%!FtOSJQR)cs=#F=akj(oRGv53?}!=SPy&*cz#*Av&8R-9ff#aszRM zBU($m1|^Qo*k;EdD+E9}fGWm+yMYnFmaqi7+*H8ap&X(cs zH#d8^%WfW`7~lgGl{e1Jtl%0wZ8>wFLp|~m&(_=>C+0Y;B-6jA&6#KaXOsyg3B>)! z%G9=(+NS{py6Ez|Ye*%KN5aAC!)*h5^i&02xF7oCierou|I@;o(-uZy66rN-YKDQE zR)FPg#W;ar86s6v7yM)GXMR*0Bq-6Mmz|~CPB-y=@D2L@0$4>+z+owTjn?7$?9ym| z1PQ`Dp;9YKa}~S7k)D0mkqF*FDoR38(SdFrAh)L{gue3R(LggVoj%MW!(0q6evEjI zw^e@)1x*RE(wk3oMFOtri%$yfKG~0@`Mw+Tav~q^s8$Rw-fmBMw|L^-UcqNS5022i zlwb&Z-B2#!=VM7aKQVaPX3S#DAms?b!7nk}r^pkd)zNQDjats{>w&Re-3~_k3uXWBtmc;7P>>n(hH*nl7y zL}P*rWpAc;Cmf}J&L^ib5$dNkc|HX#-fMy@TYRCbW5|GWNYq3$t%PCZ`6IQz(;`jA z)A#B_#Q!O@alk|2Tz^sBm!A98xQVP#)Bs6@E9()pQ;o=7Rk&2Y{rJ=cM$?yeZvy_i zJtbh3ebh=o$LoJ~z-0QFt3`tf_K_p#Rw85qI;FEBm-07>f+27FQ^5Mo<5)PHJE=}( zFpAqh^)D?YiDTgn8OJ?+nMsV7gCFl9u(rn(D{DUxMZ-@7ni6z&@1{l0sT?~{Z#G4R z95pD!r)oc*Rd%xW4Tu+`*PC^_lLX!{*0+#AX$9w3e6gFMxwr{nZO@5DOW^(Io(LNX zh+c}Kc=8bngU_LA;fAJWrU)q-_MRBDV-x;fnl32mC#Yuj_?wEWP5Jpn#ho}B3p>@-F@6E}N zss9{%2JJdiU+EeqFk2QSV?yH(ClB{eYXw7pk z+`lA6YA1|~M#=yT(crFScCklYMj|*`eEPV=KHkr*6cN$_2!8{ZvCN*q@Pv}b%? zh`_8dOtJ=2AgaqmU^J-+4j+Va0j8fEP3C#;g6q9{e(e-&3@=}ZpuWWB++Ua{Pi3)A zI9}ja4=ieK^@Jk2cDMdMH>BZM@FYl+csqml3zl7>TD=VPdD?A zz0l*$hzos0T}wTYU9#Au zpN-IwdD%d%ow#v{a!;^v>4VDwIT(1PJfEE_r05{MeUJ8NB%{sjbKbB=tmo zU<>#L2R;8iPmn&Wz&)vJ{2C0wicsd}LmL#LqW`p^Y|VP6%HL8_vreL_?nx1x9KZ0r zj|6khCzXsJJ!u!nVjK9oy`Zk!*Shw98I%Q=5lWG{betGLWYP{R|BUXVmYfw{|5bLXEFRThjGh^Z}r^81{2Cu3gw6|?V z0`sJ4mqNwolatsn_5f)A6yKC0>Rnjt;g8i0`_iX>D$+eu!z#b}2Sf!*LmYJ;NqsN6 zB=8CN*~@Nl=b(%=3R|8?GlwAA6+447?k5L5F zEVTL&R|ib_)Q|;JU)WBVxu7qkwzaJo7oHfZ!cbyqebUBk@*?R{5(x`+uoTnW*Xq{VU&25iyqA+(nG zA!upAR}Yox7iHt`ScD zD!?B8qr9p{!ICEDlB$U7er!9WD@0xEDrZIf~)x@+>?!W8&{`yIjWtk*QXx_LMAVQ>nXbB6d)gY{5t{%FJUKiLvmR8)A`q*0dp zUr0wOIegnQ*_9)sh~1;*8}7S56<(35vJ*Op@@)2RMOS}s_K#Imu;oGhM&(8B6#B9; z+R9whTPu{b?x^_nKu#|7OQ$Q=(Or-F#E=TtjVNftIcqFmW5z{Fd)a_@@P+4NnY8&$ zJdt-ohGv^jjlKGWF=lVSlaf2@eYCs!Oy(FEX9WFDm%T^!VT zTtxl2U)3+MHy$%?h5rsgv#++d(~-#uVR4vuH=%9+=sbh8p0>8fv9ZB)7rgKwsv#b< z5E2(iZN)j_#2Q!0M&|zTm?5_g4c!mxA87eSuCkQU^uu`d{Pcn(@EQsK;3VLN45=qL z&>l0?gWCXYYj6}$uf+IqG&pbjS4f}an4qB=dABN(W;{Ri&ZwJ=~{jBV$}wr$%twr$(CZQHi( zCbquyG=Jx%DM)%;8HE0TxnFEp%sgM95n+r7dV+g9*^_-maJV!lQ+8DNN2yAba8(NF zl(JCONROXgoa4c*NCm1W)|F6rt+CR1TY+br3k#Z*`K3lVwl1QRz(FRT zjA-U7&hSJbw7fqeCE7CK$pgt5XiqxYz?9%=MOuewGObRX`|P;zn*Go=_t6ly{JDJQ zW_7%(uau+)P6B3Iw7E&v+J$=8gF~1x2t6`2riu$Z_BRhERAJV0xNVC>39ykeVz0y3 zn$~>KPy^eA8p66+X{&itX+b{7+;@njiiK#L#23i2T2YtSJSi_h=;gA}b7B43crW8~ ztvOfI?-+!XoVYKV6Y2!_uNe$kzPZ1cubu7!<(kPY9Y+EmoI@Si;ly+7t8d3Ea1E4$ zzjk@UusRct<7OBy#W;rN{32P4dIV5&9G5n6rHVP|^SThRCbj4F3Z`OX9!RFr@lbH~ z13GcQdV&ZN#qEC^@tdb(m;^sAziljEi-wETBnr&R&GEqDZDnoSMG?;_CA&GHeHA)g|8XUi8v~`&@H#)N6a$*5*FKi1$P- z9a61=${98>V7pzXyZ5?hH~y#@Nj>cNNN8-(;4>P=NDRg}XBryLR)er`ZpvtCQEw*b z-@TS`_A1pW`zBK*nVO1o$t>!=cvoiVSRsuS#rx#U58*XqDw%XBDV{7y>ZP_TrOWPF z$yok<`yqzw<$OPGwdvC;wnynGc85Ws(>*1LgmP)E?_+5Cjwc)D+C>g0r5Jr$Z&9KN zLxak)0aL?XiMRLw)ewYr-G^=>pgWS>f`>u6AEGB4sN;I7au4HuGV?5a~=kP2=?f_^(3LE$hW(I z;Ni7{;HmxnR+v`Q&?5fV&G?Vq%ltMWg#wC=k1YlX%O{37uJBhO<5E26QO-5n5V$$LxAj`ybKysaUbx#S1?+{?gHRXdVgyw+Hn z_~mqQx|<_I%(rJCqikmG8ct82NZJ|`93qyM!tUW`9k(AfwCNZZwa_fpk;zHQ@mn># z4vDvt*&b}nB2OnJwVwdck^C_$OMJm;&%k@_bNucN43L37I+QJ>cB|E8r3pzZiV3eY zL1Ej}Qk@qtk}c85U=W_+WHiDJ8))^ z=4D;gWf?CPjW35&RIh#;MsIsIkUk>gC4(DBa31stFo1ZI>*g862q!LG&b|s1O>d7D z!oFTwD)a3}yUt4jO@kG9q#m}wkAQ%lZCRz)wNEl?ckF$%)?c^e?daTYUcO21m{efq z?V=*D=vU0cW@COrqZ?)r2ME_8e$Jhkce=)8p@==uzSW6xw?VV!eR7mR>MtZ5!*HNX zC}$AHrhY<#$GAv)bBR&RKX?kg6a4q+NbzL`k5_)8Y<~XZ8$L$kup0F&I3%wnO8=Cq z4$FcoHTZk#{52vA_}u4LCAf6FXwrpBcoWLIm$hIO$V|VUr!+&26_|SvJnlkv9lL;7 z8HY1^_>fQ7l0a)}hutmb$ERb$6y|^bPMQ>MM&(h{HQ}y`(;{Mpq0niIi97dSt3h#! z(A2^iy+7avbp`NoNNpiPE=(v5|O3K8y^u&Gf*63?2_!ojrmTMB<(}ziDBpbHL_;=zki1&)7g^K>4pvLfZ^a92e>1{XOI% z>c5&=>&hvvgB`P367qo-80VxvE$(=R2h;lQw|rciKRe-1X}qUzviO=aHz&XX{eak+ zL~znE=IcTAwfyA$F!&X}@X4bSA~4?!3WiOJLY8UZJyhs7oB6|%abtdWBYy|j7T{$D z^!fKZ4WUa2^Qv{djEz2v5Apx!SJ`;#_HbeQVyn9mN>dkFtQX94ltZ$P34499_J7DP zV8rQand|xY1$%WpJmUANYS$P3In=Ib>n}bX+|xW1lU{vo6z6|ENEg`;k~o#$do+CX zGIi2jI3*(8d;g^*aa1Ia{Z_K3{8#KkHMCo0d`$JtwW^e?w*Zt$GxEQO`5h4r+YW8E z%_188a}0c(Le!=*Z7!_1A&GPNr0pg^H*?$G86+PwVc7H zz_*v;QIk9%2Y7h&?WJAd*Gy%P2%!Ij9~kHl9{ZgV{{xNNm_gjSr!envm-GbDNzsd| zR*uU)&TD7wi$Dpg=l}P2yPkix+UWlQ`V&yRl17&5H+Bd|N)kkt{FIzL-0Z1L#i?lJ zlkCV>r7_!oj`BwuH)GD5=KR;|87e0eS@=i6H!j;0qS^|kkDYJaWo7~Krtj>|XmS3DX-IDF!a>ioIFTn;d zv3l^K=g-vq=GHHLOb$IU_x*dSHsAQUVE0ovthG2KKDl(t)z<$P13^I-A{0TwRgNN+ z9#f8n!e5N!)D?X9g{zI_YXg@b4WuAAsv$SAPJb`g_T*_eRmW<9t0d8#@&Hl!rFj{ePkUk64l4M%CXv-PbmG$1bD8 zVENXI&UD^OPrAzJ>cwmgeC!J%_ywOnDBFYTD?_eVa%^ubi0hwJf#lt z!#Dq%^&htj`Jb$R5EKA;;T;w0Vkb(?KQTUpLi*@VsLCIr_Lqeb)%zB}0=0zg&tES9?AH%M zvGG9B03UVde=~pU+(7l8aFG8jE0!p#KJU+0&fZNK_d#tVU0n~r?(KFhxkKBLQ`COu z$UOhUAEKpCzyGxpU@o}c4{wqVas{uw&_-n(Ee?xSIc!Dma`x zSoO&9?Evwj|M3epPqg`B{N?u=n*IytQah9v<{yOQ4=euz{qKta4(^AJvZXz14^&ur zu{(+5cY=I}L};gY{P!0I0&OMV;NR1m!N2Er-&;U^u(UrS)X!az6#(Dk-5(n*I&^R^ z*bv#{r=9t`GyWT3A$WZgxr4mXf(O2t2kwO0iT{YoNT~~eqW)RFDd?Ej8GhXKduh^ff@jd;^y8C#aQ~r9$ed`AwcFP<9yx(5> zpYE2&Mpl&9A6GspuRW+Qbp3D!@cUjqdM`XqkWX}$_XpYegU|f7?@g0GW8L+CT~pL= z**3S2xb}F4m*0j=D8I?I0%+@xghOtQ-jq-O585Ab;2Ym?7*A`M=m0#oYhEboPWTT_ z-T#aBH*dJ;hYbAHjrRi&C)WMC3tZRN5&3Vd=_n5uvKZn2d_Asjy!gXjuibngFQOy+ zRLWwsB~f-@KVMk?PQloJmOj47_TP1HuYYCuvvR!j^|lgP4X2lg*XvOwr)mYv5oOKLgwfpmTC%*swMOO565{%g(t+sVW(`H`A0DT$E@<8=*yrs-Sz*W$^3JpnBmkPoi$$Oj@n~tkKDq||Jr|rO06CH-{mN@xA{sW@|V2|j|xcdJD{ynkIU^n5;**AMkc4}Aq>baG`DcK& zBp3aS6emFJ6hY9o)Yx+wok|Me*72sYrjrgktlxOh+Z!rpD}Hg_P&zR-1g+`Kbs!-9 z*4XB0>-hA-sbSMan3qotUs=L+%h#G?r{8|D^Cp|Y#4=i+NLwSGNql$v5pe|9Rti`1 zlgn@9L+?1q#P_c@oADcESmWa@2?DF!#Lb9Vr*oByNPX ztXBW-ycrt7TF!!j{%Wct6`yK4D93|&L{eD(Xl9tW!K@tf<1EK4r}yK?Hkio=RoYN8 z86T-Ave8yH3N0_*o-e2G)4vKjT{3LDFr|y8bArK6xZMNkEMB86BcmH|Y+9jQ97kgN zzAndd#a5-hXMFV9Iv6zT@|je04J$+-B;%ETTAE85rp{gPk}#r1euN#+obS`yWA==0 zBM6!!F$p?C*%6-=P3W`_ulml&a3OiYMop*E=tz^gGFXlQ@9j>8(k5;)KQ$f08tH`; zv1gF>(VR7W-r#^jLAP9L#R#Z#m4Ox+6b_?3-&{TM%Zxxn8&5Q`xpo|mX5fM}P4l&l zMSr@l;Ao$E@GL_{BQV79lquu2wy}JZy;jDtKeOvY3im#QI{6bk1=%-3c}qw!XP5k+ zAq1OTw3ONlF{R!{n(RF-ihV@v@Stw-I(jIHu_}-u_=SnChvqcV`hBUt`ej0V^oN+$b1;QAM5g&bj^jrI(Zn~+7N*Q#($+>Do6^p?(9F4xkj5Wu(@RoWukJ)&F=!2QyDQ`C8#1;b!_TbUy^)d?43HYTV*HSQe$ zyyY?laWT!FF6E#rwc5`*ap7vVn$(o|y#v3Wyl6FgMrih@2j4@15bV|J&a%2`K!4Ek z78S0)(CdnxqS>)GCQjOoR-a{4>DGd4^uo2TReKGru>W&pDKZ6*p2_Cwu)$n;rXhj$ zB%{@qOU)+T0P)BC&U-63F<9?~yIU0{n+M*YpocM_j0Sr_{WW1P8*}d|W@+8EKXHEN zM8DnT6-=(6B`>|C+qZdaQ_J&cv3lE2iu7hns*S4bgO32?#0kAQX{N=|&w2lHZUVQ*!7|zb0BHZx9)Kns}#kmqn&z54mbQS zjrIV4n&gB-Cq$O=fh(~-|Tkg0%(%z7*b`C3!o3XM2Hp-&_b0l(MNYrf`{ zyr~9=*X@?vg|94t9Q)d(@^xW74)x-b>!+CODq9aufh<2W4_@={TfDEmxuvCsdC4aD z4)^spS`@!P3-Cw4d*c$MXu9pK;t7l3gye(QEP!PFBp$pE`)N`<_D-cevlrH#V5a}k z&%Wtf8-5^sanw$4bSBU=+ZaghF~a*$GQrPA&dM@;0Z$N|D^N#9@B2q9l?h8O~O`flAKLz_W2T$kf`As!Or9dvp!g{>N+_(C}#CJ zGOPr>MFG(d!96XT6{T={(w1lCQm5WhvW|WrE8n=xmE#-OY7@4F4LsR*`OB39)s&Ur znk;l==c29p^-jQ@_C$+8IyPjHgjty0HQL5=*k=^S7C21%Aeg{<4#q&u{t0w)osN!RkvWncxW--r)|H%b7e>j00YStmt8hO!*^bwmlzv4({m88m6J8@{gQ~|96=jf!_NzLo`iv#nMKX6 z4s$eA8&P6fO(A#lQJq)*>(`&PUyX*ci1@|q0}?AtCTkpVWjc(!8%QFWsspT}UQG>I zl8v}dG2GQm(>CxuU5nwx_7hw$;q61M5<_!-sPv ziN0d9o)WY>eu0QQbFqa*49zPpjNL{`e zTtWtx>L?CF9)OUdZTVvV8Sws2vtAUv=ZmL3agQYxZz{dQc;IBFXODjfdiSABM2ge; zd1-eGlUxRysmj}u1h;iTcD^T5_>33S9_0U^@b&#YND$*8wHGs5TJ*XYXVsJy6cMAZ z`d?=fPt#a%bv!Y*+;C-Axk=Epz?5}36axM6G0)sbP4W8JFJ~`MEdZO5&KNEt6=w_)mO=1EvtW3Lb z5@Rt{dLcM69)y@fY(zl>eZk&8qX^xh>aQ|s-cB4eN3K=XiJLGL^h z$V=2rMti$>Qq8N*MDfKF0hQqWv!NFy46%Qn%-a`_u?qxZs&jxJSl-?{_VFa+UiRaK z7c5CSq#jgCJAA~%6GsL}hPhMmo3rEz4}J)o|3qn;dq;liT%0rzqa@J!U->`CHTi_+ zGbxnRCWF>1%^tmX?K7FG_*8HSXE1nkP4rR$KwwUZq>3_urxz7&{$S3WCbte0WkMsb z%>)F}MS`QIAPQLV=cst_wA z!Y>~|DiAjozQ>8C&_g`PX#yNG0K5Qhab5Ih1b5n2b{^Qq;|}1N6$0o`WCP7rIlJt8 zm8pn#?wyt;qFvG^PKK)sXnXX`DX61q$Hp=Zl2Oap5BZJo#9Mwv3ovrh`vfxs?J*1W zUmq01VG@QHM!RR{Z2v{yhX!aslmJ>X96pTBupDS%H?Fb7hKAv?)aznPihsLU!eC@W zcLdUDF?}LQ$vhuSNf82G$Ta__+w(m#qj>fPCr|7Ygh9W`p-)2@cAqWm9|eldp|DfV zeiOrwG3$M)daP~fa% zbNW#I3=`Ay2^Lc6SMVYge;Y%YRF2Op;nTIXhAQ`^2^`vs)?Zl4<%zqpPTK9fQQFuY zPG24xoE=u$8Sbk0#=S9N7-VLZ?=6C?OH0`)dWVW}`gMH*LZAE=3dDDV|IS6lyoePl z5oV)5J}%ysx)?u9-XE^-^~ze^s1Ob^)UuXgNr-(6(*VK@5gp~>Vn&3UcW{UNY<&5x z3u8LSGej5vxP$0f{xIK`4Z)&N^-(EIB(%9uQDc!`{LA`hMm!|m>l(DU z?VJSArQ2n?OxMA!$(_yB z){NunIbr+7rqbX_Fp!t1Y0EZ4W72!pZ`5!CZPA)_ydOpLK4SoS%*e8T1tx@BQ)WA( z*7UQ+kJ{|wSlovxT3_8rQDt8}rTn$fQ}<-Xxf@5_w3eDma|}9iNBS*Ez&U$-8Nyl( ziLHEQ0dSYvV(_qJoh_YO3GMr0|0pnY384o0`L!~o#ky-?B=IKl1%U#Qt`|&*NV!VH z*w(Dzp)uHc)9eL^@hi<_l2AN8n-K@lqCmhPtH5>b~_~Y_SFl*R^ zQyO-WzEW~eps3(6pBDo9=gh_%4fFJJj4}je2c0zmbWs~OheGqv2H=-7LV)6iSWNRb zb=cz-6Q=lBpA_ncD;0B)rASg4MhY;!2Y^tI{<>rF&^`8l%in+5lMqOm>HlLk;-e$z zpWpUXABNph{?Fw>^}@3k*daa&&nrwK4uO;m$>{5sDsDLm8K8`5yaRY~8OEFI6}6q! zN4CwT|RQ#jzy>my1xtdguz86@%p?ryTUC zNY!=W$yw!UO(P(u&w!Gyk{SQ_!)#da&*OQtrc)Sn_zsaHAK!qUty#9sh7La8+oF`K zI9ZEd6Pd)u!VV+dDYByP*O$JO;4`hIOTrjtEzT~PheN?vPy z?(Q_-x}|2D+VRjkTk$}U!N(Lw&W%HOF!alizlpK$z%Q&Vw1wuv+hTz(385(Gh8%y; zBB#p8j}n)*?pbHozzJCx{MprGg)Dqv&z;Y3*%`syO6cFCIfFlt$#mIGT4bQntJbfr zwa+pZ30^o(L??8vdS<=f6|IT&Wt(Vg$T;ie%oR%(`chT~ts?)Dlg-A1#c667Pnaq(O6*3f%w&Tpd=vMVTsY>0CwqL;2-$2+w#waVK>k1N^ z*(U?c$#Q2*Zh=ZQVswzP6TR)YpPx-Vp3uI&M!Ww>fynteE;!2jN}S1Z=)OLDFtOu9 z-xK>W6{KhB0RJ!vXA2j$;{T8hsMl+(2ODVQ`&s|nt_V6@XOHrhACpBv%Bv_Ix;6pV zeqbEec)&4wBWogbIPtqTQGtXf9sbd?_&4xbR7b0QciCpp;O6@w2-Ue6kzWK9!JQbg z5*hq1vS+IhDmcRbaQQCO^SBElL;8Mm6ibiTY1CRym6ik)5RHqYlK1arU&V(;A0}m5 z5(%r2f>VcU?KND1ySJ=xJ;Lx-@+eEkdi0^ISD@_GdZw=p*u=_CnI~Jonko!A(l-#N z-pw$QIJaD6#zy74_3|})c_>Q)IN1`?ukpVp9Twt*tY@8}O?Cp$53;ZjDmpFLD-Bpr zlN?vSgo1MRLQN>dRCJ*-DFnjjUY)$3np z77OE!Qlwr>etN@0d@ZdFUQhRVX@#0wD1V9bm-gksgn*&f27WlF zr_dKzucr(vjic*mZhCvF)U;JFs)ox<5`Lw8mRAWXo#d}+!fc6RoVkN4I3`m8Im?YA zHXd?}qP(N;Gk1jo5Gi{uzuyEhW+c7skb-c-aU296;a4_ddJ?WN#ck8`RRj745RQI$ zrn?GE)+^4?rUWyg2o|Ryq_O2hTIjLGXdwTh~Swk}4V!_L>K_I}A+y_QkkTd4TCeT3R0 zhX09*$8sLV_bnx2h|>2CeDVRw_qo0N9qZnpu$q~TUM}s2s+#I6m4MGC9P@m(L*D9& zdPsRT>L|P%73t~S8B{rKuUi~;+ruXK%`85TG;DA(Bp<+=%Xv_{f5>Z)qe?3v8H<3o zT&w@`r8&*DYKO3XUN5fxWi~MJa{DwJ=n^{;r*bazwRcP?Wx!914}X}kh->$Yl+a5% zd8}os7bizAuS9B?%WdBip}%QpCz-*l&cYV*6^@r5E6ft_rzvJRLm9}E((T`8II6AK zS|s5_IDYvbHx6@SRvrxM>+h+Z#9E_Yp@+xP>@5}G;9p-q8JqWqbaC69^Ac|CTpmE2 znge5N zHRu5Unrg0ccmp-Aoj+XRqA1xl>c3zjB30t;pCSHoOW+`>ZszBqTy~B21T%1oOvp)|rZ~{|nkX6{?Z@9BwJ99_A|%21fCHlO)HSaP z?BM+)*qkg)_~Y;oWn6Jm8AWyTN}GO6qGXf5^YIuQm?Qd3e@YHM^sY*)X3XV@$Pv;M)ZKv5I;EX7j)Z450CPQTbJt!>gr699e zr#Aafq>&(f9oV$g_lJESDDwP1{8c`LIh$VG&&ubs9Y?msUQzyZfJTDBYdwKreMshB zw9$zCfY#(O6Gy~wsf(Xm0s*Xmg_oMLvg?=0%+g=_*8obiJ4U9#G2>ptU(_dkUGs3} z${6f-jZWwF?e)!XDxp#y_Z+Jwd^G#Sp<}^;bEy;2jJrxPfJ?2?M~Txi1NEi zNo8WCO1&0e2!J>4+(eD`1qE%gN=N{DH)3S(#Vc0$f>N(udsU9kPmsMv`bONCfj+42 zo^!hquCr5UcWgYr+j(|eQ8Hcn$6D*i=)Xl^YhSvVDwgS|yK)R7`Y8*Qe^n)rBX?0> z`>8yOe;U!x>r72eDLO%4)KPuteDIi$6fKiWU88w5Kt`iF1-5(B}01IOqMR#WUCUiwv~0 zw8erxfF$BQNf#^W$a%Vu2yQ!-ruRGcvPUJ7(J)xiuVvGd{N}BpdXmcNCpKvnkoXG$|Lxm2 zR@lT zIb&@zCN0S~@>EObh2>e56$Iz!!aqnZ2kjqxea>erTJDg~ccn@ejZ5$OjXA<_^?08V zQvP6}9wARwj1J`}-E97_aD3^t&;%y>n494Z+M#|h-mcC8{~w(ERA3+D?WO*rQ%kQ+ zohGJ!=Od(Ru7r3pzdot<-Fo%g&7OZlcikf^`G4!c0`_duDz6b=jpcL*QGK2Da)b;= z_oS(roCJL8144sXz+P?D{UIxBjA)cd(e`oHNVABPW8k0la@=rXmxA5(X;Ms#u;49A z9}YSdUKAMNu@~@t2=58@g#SxO`(D zL#gqJyV&GH znfDDt<>!Ba8MDKVwim}R>KpT;J4<{5)zbXG?w`}a*OJt;nHZ&lmpEWFj5n8_FR4k? z6W0)VyoF1m>?(M!iFO%zH4tN2v`V*enQH6z_Z}w4^GdMgyD(vEq?_Or=o&@&!F19>m^ti5`zZ6POs+0s!t->DA=1- z>Rj3B-sqclk%U=>GvdiOMRF)fRmun|5#5tCO$Ec&secwVY0V0*!aH2|MA8pvSBM%e;g?=zmLv7c zU@7IaE?ezgxNJ)I4ERpuNPOam`F;Ga|EtMPgoPcV-_sV2LvM;HXBwdsG- zO@>nS(^FsiX8!b1g%cY4Mn0N`UDHH8gFI)AmE@x7s&>6~E@y+2uV{+}ycqhIuMahG zL3s(tJrC7kdDMuB&>LqNeI=Yd??MGa-R`rhhw=od_>mP3W70Mq&)>uGrBTF70vGTo zel?EQV$p^C#a>pzl&kWDS-?|i{pBp8C4TvZo@c>WCYEyZ=<8>|*%4C;FQ+t=+0=g^JH&;>@h zs|Yc0z=0X0s$|bYfy{^iw%6%%%w4cqzT*-avM}R*lQ()l#1)!=UKq zH#wXyy5+33Ohc6@n35Y8J91KUQ$)ceTB*NJkqT8iKjgqId21v6t7Pu-@fBYKI1?_% zC0hK39riEeg7{VSc{*h1kZkT}1Q~By^V&xf1Hk&5iuGe`{MwJ^v-kmizF7;gtBo?# z&9;B{@P531cL>k)B>+pwj^NY&)cl4K0{#i~bLm8alYnn3{=`v$J|%x5!1`g*(u?{1 zZj>V8bz!1EO5uFk#&X@p^*aAB**{9*7cKw$Ozr`&mizA)P45rA$JN4K?mxjFRi@z| z{fm-STkf-dg1~xbygC7HJBJN`5k)H?d+%rOyu_^k=sqs|ArwGg;`!SxZ{0Wek>o@w z(*Nr@k6j|^_HwmT+xqQKx&5B+f@kgd59){q|8Vv=XwapQ-O^SRHgxQ` zY4$lpE&PPSGIPx1^4EWf?WX^7kS9Kd>);gNGCSFQidrwcyS5c0Az}2^E0MQsO#~RZ zTgT2@xXAm((pjR&i}?v(YiuecSVpSu{|1z7Z2)e+-W7H>FS)*&^~P@d(Y4+k9DX?D zuDU~^SuGlp_uKrs)|e0a!UdJb?D2&#_!$t-M&2K(bW%ZvA8 zrfft(qJT=EKoO`nA3+b)gq18ZUt2SzAlk4y0Sgqs!O7D-qi*awdGYM6>hi80B< zfvEB6kZ~jYah5@mSLv}O8Xbf?%mmDIzWig63i{ZFcX8;-N=&y}%froo(kZZELbr#L(S=w$iF%zG468cL%e0xZh`LHLijxKG;PnHpu@tWHz zyJ?DNS$C}3oM%_qd~v~a0Go;4xq ziX#8Hm?ZGl4W506IwQZcfs$mv&}fMDJW6|TZngGq%WgzF^#-2W`RR<#*`z2 zu5c3>lX*-~ig06%P?2_elZjeQrpYarE20>$Cb1@66(?;Qbkld0?3U9T_i&+GpYjRV zjbhO&qu<)9!+c6`yfe}q#^A4)O|xBWirQHj^pn?W5m2;z-HTCcwY8u?>zOB7pe8$q zCEv(e+g$lsX&$S9vJ5$8q?T(QQ&%Ucty{U#i56qxb1qUTdUqITICjkn%}9{=0y77e zCXn8qakFw9yMTjqBnVt`zQJsg9HazlX}cHR6`B*d+g; z0+oAT?Tfp+s)=j-rOjnw{l^cR&}IxX;3wN8amqtwV2Fn9TB^# zbCrEZFG#`bJf&Hr(0u5;_qu>BV;bvR?176uI)L*6hZi~VX}^hjVBw(pN|63K=;R7# zV6YvH!hr3a0=A0r{3~v{(YB#nX`&mAwTV@=b%U!R78~xx2D+Bl@$b5{cY%|s1B#X# zZc*dZ=>psCtgr4r@nZflNa2J5aqgbgr#TBz=n7%P7UX<+Ytx1I@s%4Gj6B#7i)wQg zQ|`4)1(_wCEKmg*fjKlIf9-E!X>K{2;Oi&#YI4@cf&MPP+1k8*LqkwB^rp{{{l7$- zT@6oE_5T9d8-h>0RT!*W(JUXUsyvI<$W8D*UtJDLOjKTO~L9q#6irn85MNHI-_ijottwzlU_!Fwq&1L z$y^UOO$a;3wrc%XXr^OxNuGM|Ov$+@EyvTm!?C8xtxq#=>LkvO4TldIE_-i(jB~xA zNUNuat~DrD(N;kOh~%o56c?cNH(X9ya|ef6bUR-*rkm ztHh|wqoZ;ns(efy`_I}nSz~$sP8VH5Fk<@`Pl<)is)wh_=a#h;aHZ_D)=#YejNaQW zMUtU|Zw0KPe`)K%~(kCkRUEy<_jr(J7wDahs^X=GSdJrr~1 zo07Fo`?knMH@&g3-jfb}DRE500yD+()@QyUy)JAJyW4vBs4{N*eciv2zyS*jTmQpt zQ$~+o?r3ZJNz4=3Sz$`+FmExdNNnHqz#zSAqfjGHA24*q#aui8I)x!co5F2KSR+=_ z=91R(Mz2h>m{!AO^nfs2V9+jF?`5NuxM5p!@%4{X2DM#}Eg?g6w1?rGWDdP&Dm2vGvXoqiKRs>Oe4%V>10h5q#^!xT-Kt^6&%>iJf3?(pF3=A{qJ&;^k4BNh zMx2G7Ce+q8KGfZ$Cy_kR(a7}E>b+}|MZWnkeoc$AABXPcKp5QBf@JAo8)#iyIbV@0 z^ltXP{@J>320A!bKQaF&V#Sz72}H%(4?o8*O3Tj|;x?v{Ztn4`b(L%^-u4l{MV3g% ztck;mwJbK+R0p5H66rF!5Xqdh_DsB^M|VU=3Q{;;Bm1B@?ueGD`ujfScLcQpPRLBb z{+K*6iklMaRNi)=@Ly}qW9o~0()cu%3r`Q;rN_%?>4sVD^+r)p2JufkfG8o2e!hP~?<*kHj0g*4{Y?Y67xe z3aR!P&$RCi0o0h$WRu5&zK!>w$D6OkO%Mh+{htBct>20sGYzC-uJ%F_HjABqmN%y; zT$Nf#i0I;8z~(6Y!`~Qf_20Z&OR)?c)O#~?5b8lv2@U3j* zo_nIJgqpJjTj;xpmqnR7>t>+@2;v??cq%t|5_PB|?6#*x!oPpbm1=Ask*9Zem@xiM zGleBsbI~I_?K^WC2SuIzcTtI^u)C*zvKNl@8>MBTq`R>ms>-+b0$Z-9&Er%sHTVsD zq|w(hMxBYQ-T*6L6t1E{rWa6F2vZ zk1t*6%pXB5ZGm3MUt85*G2 z7ZRCw7PlWQ?RdEGUxwfAo;OA^CNX|_;=O^2aAu6T5ij(iBMsPFsKxyOtqtK1=fR-t z+7!oa8Eu{|J?0^~tmW>)=N{mw8}R@UT=5eP2O`+#rcQogU)KpKLE=?-^DEO zaVf$mp7&kxJ>=s2vD$nbVz%kczd&_!`mZ&*~@ZPmU<}4$lD2z?$sf;bRT` za5#5+9mD=$Am0{Uar)wYE8hExeGIwrOUMV0l?H%a`i!9kP=}?AI9ay9sH)D`DR|*s zDmu$Z+qj&L%H}>Q;(_e&kqNSmruq_H>J6)d?$%{G+cJ5q6QZk{i6~e;xL^Ix;2{C! z$ra93y)!v)G`4JV1$Sk92`Crvx79ZCI~X^w|C0syVO^+cin=G;2;;UuiJxLtB~}?3 zX!U5DoJ^HAZ^-z|SGcOA{%S5nX&WyU(Plg+c}}^I17;Pbnu_6t2t^XOQ{WL*X*i9V z?irW)o+Jo%noU;VwW)ZLH}QB8(!M!+fF&PEDnhsb{n@0Es!$(GRHU5!1O zV-}Kd4{2B)Hg!#f4bHL1T#U+K}EahWoBRBB8?iZ_wDh8o4Zo~%T&OayMS+UpHrHNT0||& z?l>d}{43-a_qY4XybPCV<_dn~a`E`LqxO~|Yc5|0BD$L-!QDn;dD~s1=zdm`{jLWi zEskMxm7j5do}01M8_&Z7t$f zne4BMKC~+dHnZ0|6}{$%(7*p!FYx7KA2at7wLUuuYVyWQ4_|Z+WFlyYz)SV&GIu%0 z*EJ4gUy8>@0#yE(3_)#Y)ab^Fv8YH}l{A*TczaKRearNbR)x$l1uM0raM0yuAAYfe zvRf__=M*fx`)o(*$bOUI1cK$l`)z?bm9rx~IBYr zeM0L!QywG?bu6|B=RTm>e~CSvPKcJ-aj3fGt|2FuBQn>jFzy!MKD}Td0^#y+U&yvN zXpnj-wqEoyBfwL5N}=Bu7po04Oljy?Wyv3cLd`ylhh&Lo3bVj5x&-E4&F1}VR8NwcNFLi%bXVefL=G6sM#~ zT__5k%*UNuzv^{EX~S6|nh>epe_Piltc*+yns$9TunEk_jA5@{o(S`<>wxN++&Sjz zJU-ixz}ii%x9$f0!eLJmmwu(?_+C+-Bqla7CjR9BGc@cu`Vt}D9CHgkv7mvS5Yg}EUN@b$a7zh#_G;`y62c#=!>i637)4E`&sq1I%|;4xYP?XGqFQ$HmmD!o-ax7bD% z^*r@^;Ty-L;+4*1_cp@c!GAz2Lc|1?;H3}IOr->!97!||DJ1Eyb-s1P`YVgv*b)44y&O&g@% zFInJdfQ||rDy6v;dF&HYY2zQ1HDPj%rVwS&l}~}wgNSYn-Xo}y>l_XhFZ>0$mf2b7 z;~A`cHg;QD=2o-wXBRsj$P20{IwBJ&9xr14Qhj&% z1L#Q3=D`q)L?(T2&QlEabYBBos+iL<1>h%IXQM0tw{6?DZQJ(Owr$(CZQHhO+jh@CtJ%*kRd04#B)N6ZbFSr< z;788Op8)$Y@F10^nz9wQY&&gAS17R@)9d!O-}sPd7GBFw1)aX?L2#E|3?9BWD(v2m z)N)BBGCq4Mr_sN|1`rrVfAAIUlD+VSPVgU<4wH7e=NS+G#J_QIdU-P~}jg-4nWk7L@hl+Ufs zwig>SG0r8OgRN%;XIi)m_90Z(eaBL= z5m^n#u;DdMzyl)BguEc(z;WMt1Prl+0cB7jYI==1t!f}8yp ziD3eEweNrH&Wxsjqz{T~`WsFL>&Abr@KkwE=`Fy82PNFab$`d^Kb159#1n0!0*X@qO-Lv&eEJpb4io078NfbwfJ_323;|w zU7Z&dT(uLd3zD8O*Z!$vJnf1~KQ-Enx7lyn7;Io@By6 zl&msV5`foF2i|=A;JT8N`}gbd+ERr@P|Jt0J;_-c{?A%{WJW{Mn26H`!tCN0kKenS zHV1dn17%w<5{qXFgL1@9)BB0%i$`l7Ix0GopYGd%yhe>>!h0?eN0r;aVf^0Z`ow7s zbcTO~NODP`wXjaBCqh#lv*;giP3b9t>?#KCPc`g*Iln6MDS=o+BB#%iyG2&FK#s3| zHZaZ;5`W7`n4>Fuaqvtyj8ErX92fu?WZDFIue`Lpz=UA5JJR0p;=@+<#%lKB!&2Jt zWPgvz7F=(TN=mvMxdTptb?=Xr$dt=sIx@0!dgJl+?TJ%}zj>bY)YP$3m?u)zfW@gt z#TuuWCr#rszfbQZZmrUu>y|a}km@*5{l=0CrRtcZ;D^~WSfFZq2>&KTCJ417G9{XK zwQ|u=L_3?-TrT0>vBv(}rYxm-aa@wj{G% zg{vsy?^-Vdas*TDNt6S=htzcWX%ETB>4E-ghL&sXHagF-<|EPL2@s#j#7}Zx)G7H zN1QA(kIp*r(CtExjYXPD2$TZ>Yo(5PzLTrs&>76>wmCRYv%3z=RVCh8O)az|uU@2I z-$WK?HVM`wU<^19S4b4CK}B89TYC*kG~x!#pz7VO-EC3KHITlV_OQ96FRKpR2BQ)e z*NQXMiSa6wX?n6e%SAICk@k-w^b2tz8%x~Zs7PL?IW%H$hTlIT9GC0^*En(id*mEiw+Y|Gm{)oMaht{e3eZ+4 zEL-`UOe0NV(D(H9t@iC|@zXiP{^5dyw!uSo*Q8Mv#zU1EhPQ85b1+h1v!X4bj%8yt zjzbfEb0t5uMOuu^Dd>dr1jfp-S#Myek~y*rWV%K+s1UP|fZI4oo21~T-i6aJzbpVj zCan`!)Wbh1s6F}f5@s&s(eb=|+o*TBVsVn(a{y9#h?S1VxqxJ1+VmR?v=-f%m5h5B z&=A<0@(k9cm}C#7)#kc^{zdkN^qKxF+-GI7%}Yv)52y2TC|E?&Q?I=y zaV0eTN-4gEl5{kf6+m6!X}WBZ9kmu_(la{h3W#!dWnJG(hTQJ|AEj@)OaEAFcw1I@^>nC9v= z&%y%MPxGC&yOty+imQ@Mo5Qmed$+E>&j|Y3)u8}4r5o%>;SpEO ztWdYOTi)zxT^)Ua;*9fSmcz0~Y#cJ*2Pjrn0JOz!%8OzCKQ~Vr@cwc4#*ZA+jx||o zFh*hJLZ`0o@aAUUV!CcFkb6q`sm6GZV#STwKN-NWuu!ME_*2g}fliKp%eE*Yyj zs>L7`uC7THS<3rq=+7TZz?_b%hLlg`2KjFH(I)5b+7K$0%M0gOpPx}(7h9$Cp8#|^ zW-9}pWmXK~pe~lKh%?y0OmRx?L1;X=7U#6m3^6W6;E~wDs+z~Sj=sIFwdBiT&R53F zVdltp;vb=kRgp+_7!q4=A+uu^(wxZ>FW=3{JRw1nU6_ggiu8ydWgrqd81w#+21^```@h%>zBR`3r*`bMe9E?JM9MBi&dGUzuQ@* z)4Q1b*S*i#|10PS>Z$3M z-Hg7Ml*NT8%e)J|a=nRBaXD(gry}|fkD5^ys)o4I=Z(h~?1e@(Xzmxic!m*-)P%OQw*43nlE2 z;#DThCq>oe%Yn3up&^2R=CkHGKpu=v9Yi&U(iDSRp!X&`TA?liy?69*)5S^YvAcVKZN*K-nfw08wpn#&^lLjK~Sa6 zyD{OP=3MI}c!gN!!|1I;oZa5t3#(f^@+u^ zH1(51c1~jjO(-S5-S*9uEtBjRRMH$Obc2Qwv!hYh{u!;gz{R~!0#r@CUn1D7doI6H z_BTLh(>^T_oj=(p0U`7&6hY*pjvV~=@?%Ju;YazN1N%q1+ZUs?{TKR^rA;H-@M}f* zpT5)AW&P{&EB;YuG88%R`O!rSii=qbJo(&Mi23_g=q9!mwktZScjFP?@Z&}fOL}xg z!fm1T`4mP0hIRp9>z?e__rm&nD@DD$h;tll1`^*7C=sh@_OHwFM5$R;JR^U>by49& z2V^d5%YR-Pji&oF8lu5=S*bcDA$WLoBt#rnZ;O@(IW1lvK4Crz*W*iwlM4}oh2S-X zq#+2%)5ADc01#uDtK0#+zKPfb>)QYS4d~(<-uj! zrd?o;Y=VtFQ(l3Fsh4;ZYlYg<`LHyRWBnBTTu?YFt4kh)F;m5sl*|kKPZ8Gcx?~k) z0k5Bc5I;OCjbsBnS!$f%vS9l&42shkBFUDT}LW4*iSEp2w!9npu2yIxeSxH!3T zz_0Q}H93qD!?`XsFRh2;HDfR0Ar#{UR&^i+ljl{ACVAw2cL#nveMn<&NCzdb?5QdR zgu!10et2_jLHDZi?{TbwPY(!@+Skvz)y8=<*YTBKAk%sJ?ft&4lg%h}VJ~Gaa<~gw zVt#9?m1c#AO9$;)t3+vEZ6dxHiVG|`YqEDG12oK$8f3&Gl6xt|vz#;ZS$7x3b04yR zYh^HT;QOuJ`K$kYZY`&9vO{L=ej6!mU-@ZR4l#0uovToNE_i-{v^O0{KXr}Pk=$Al zefV8fwKgq}RGp`eI#FCXr-2VZgmf&Au_2~L*}LBDuV&k7kGkCEoR6rMm$_8rC7y#h z{Mt=K{2n_XM_8u$KTvo#nZwJlps}Ru;C8fObgy`+Mfe&ReGO=fRX{U{Li*wW0-gH2 zId-Pdp?zYhL-S|nucp4*L&(+ga9|l`)G}{gMMn(A1teBmBQr$6jWNSD>Z}I#W-^)p zmI7cAtG7Ry`(yBq-LS|ERCj&V(7CG8h!QF*z;I|b&K<<5KX;p7Qi_gPB(fUVjM|w;~$@q%{~5djnx&O2g~5_J0rd=_KJUU9wHAZ zeN}jjrEsA(k))IT&)2Ru<#81_F#+SpS z0Rqv}oG3;)(UVF<^$Vnl*Do8+qkWqXW;FOc8lk+X-;_pDuw?Y`-fMl0JB5u|NW)0! zLASS6eET$4^@(Le!G5~d>x{N_adls_9m(aA>HYoI#6VU&x%VsL<1%$Dwc}=@%lr}` zP#(`PshNjvtqA={XqLE=0Rzd>o&L5OgzAe#Yg9)>)~^>0VOt)Nme-Ar$Pbe(w3rtFim%gTyHj64_qv9T(Uq9tu4)WL z2j+CDrPvjZ2oxHq`Ij_p#ro}E*P$lm9p%H*i;CccWn_Ip4T_Qh-)qMf1vxen2&AJ? zL_vu(qULJ4#$mGnmJ=@}ofdRmgtJn=9a8Xb4-@?-RdD!li`P? zZZ$qH4v1ZGt+s$|iQ+qFUDUCD!q>Z9VUZpRy$G_~Mw30TE5%?-Lm|M~z&AsCqqLbs zir}wW|D8G+!eBN**Nfa#_KB@I=ZD=4z#;=3Jf11DB2UzROBb<4{*B&p690X1r{7xo zc)?DIl=prG(>Q-{!WOd1LVa%^g=oPR`t&od60lcwutRE^n}7lkp3UC@OWN{Y8x7~(k-_03cfRL zz_8ysOTjt1)lD3>2;eOE`CVcGnMg<`({rUDyrM_;59^aC8T%Q2o_5VBi^RpI7 zO~QaVQ~5v_GuZ1>KpOiann?b<%2HCv2(*td*!ycmPP8cX+k^g?LmT&N75Hreeaxec z|FaJGHiJIq*CzPe0Q%pfzc}lF;eM2nUV~S3NVH*n(vU(wAL;bZs$qtA?NWQd!ehSz z%{Ton{6A&FjX&GdqhH^bC;g1Lh;yU(-#lYJ+n*<45P9<7!Ii5om!zMZkKxRq#8u0B z0)&@D!-|V2r%946*k$`^N+Z{iFYi7^D2%?VkUd;AgJi?2+d#w7DT^=8e}jqCiYzBt9J zmf0pztd>Y6&H;zU(GEGDVagZ_A=x5ffT)&}DUG2e z5I?Fh)`(^DftD<&5K}2-K~hHLFe5zjl@ENhp?{}OyXLc=2z`RHZ?0O!V$Z)T4OiR= zVtEt!4`yE6pCPEeP64xO)<=ikpH_2aHWKgRQ0pF?Y(It_x60=1Xfg}A%jTs}#hRCR z#D~$43{Fgpd;UKnhu*TWPk>nVYKLE+yhdb5F?_qrP> zjWmOHx)DHdMBk)1R8HB^?q}9;d830BC3W~f_2*{-k1vUGNg0uFg0pT&zzjHl=DR_w z(5x~E9qpDw6#biYP@vyQ)16hFyYf{#=_Rd~8qvxe0H>~%A0>Q6o%rIG76|DmEzNT) z{NGO>vOv8heFVp0XJcwVZ{SRh{>~}m{%1<@H^qly(FEmRxVa=9dQZCNcnz_YkLT2T z@v3jjL_aF&al^L58NdO~fHSlnSmHNUPF*Y1R+My`NNc0zbI~LLG7b2Oxqih8BLNsn z&5XTH%xC;vXg48igG^#if_Mb*plk5yru%tvfDxbvpOjwns-n8z(8Ixe@*BYpYGNK~ z)EUgaMtj2BxRg-NO*3Sg7|`}QiZx zCQE1^%0as2*>_pq|9#vO_VlHeim2vFY7A%5&6Vly&uLazJp^JNd?h)7U8(nEr06ZS zH0&>JWD3_HIe!ZIJo%FwA0OrZiw_o2J!*gxSqx{)|MWPd`hBWC!KNXLXD3dyJ?L>y zP5Mn`#Q+W^-D^o_;j+LL$IzOnT;k&7@a=GMYfbpMz||R;x6rcf?GKZIBlD6nHr)DI zTm)4^!@<*&lI*iQRW#Nlo#UhF@YrX$HrZ7aYpO6m+uF8G^}6tmQ)9b_Y^C8 zk?e6!MJHAfSTlNCsj6?( z7Aobgm>iW*uMTLDzsqEVUcXOm{5HLlwWDRPOHn9cPo1Gi0Qsj@=`>LhKO%vjONEf5< z1TVpJH=@diwlZfC3wr-4Fp<|d+yPraxwnMD!~V;76N8n%H~`r$SWl|h^&xt{B7k|b zZ47(5ge1kxX@S8W(6UfuDg0FuDngRo&Fr=nR!$+<`2dwdao*G)ZVX7X9draM=!o+c zqV!~XPt;KWix`}4dj>rHa}>Z8dd9=X;!hC>cT&ii#cv)?W}u7O->wecxNRlXoo90y z(xNs8B5^1m@8Iz~6Jnh<0y?#lX-U1mbV81uIO}y^?MtoE&0{?% zM3IIQv>azAbVNi+k88s5O5VZ%J=O}YlRY3x@NUNiPiD|_l{$myJLhd$Z8pK&@z8PB zqES`Z7?6B=l4_sjzoyX|#|nT#-4J{KK8S}(~C9Blx*qdPKduXeyVIsiVB>VJnyfYjCgUQmF|s9~QJfy7xaBa| zz;t!L^N`AqpEC1qbg2D;99doAxp zgyJ3bwIM}ax98zayeitPl{->xGx36B@*AaV z>Ln7KaO_b*l8ush4VdHK8+kQc+KQ3yoNypcB zh1||nlXEDbR+F~}WhHCZ@2{{mUu83G^b16|Eo9X_8Dc11+7rX>)5%?EWd0oB+)-gz zyXN~M1^xl2A@KCP(Zt*5FUTv2U$VblNb)N`jnd-bu+|}0sp3zv3`!GiHIqK(Cu9`e z4;Nszj3eb1nvbs;tgVe1dMzIGY|{@sAmU`{pEqnCQdEr`L8;rkeW8GW(J-aOZ>keceAnlQr%HF%vOkSokKJ12uopec5~l4YD3D+umnLd7Yg zj(LLNKa`qAq|iDEP(Bve4yCS+yqxhH_O-;%060IKDjOl3jw4o~tLTEM*Y|V*PpiD| z=qU3^$0%=&^XerG>ZwUM)w~o_R=W;$!0>d2ev5=~8N)jH#Qeqntt8Y~ip>#wK zOO1+w=2?q&Wt-V!(Y10JZRVC@U+lZG|10Q?U&m%;3~RwJjA9O>SyoJCxZ?;`HXdv8 z<3PuSB`>&x&SCm|I(&`T#=*~5p{7Uyw)!D3K zc+3N^Q2OM417RP5sJhty3Tih>{?$DxfyESX%`t4*a$DsJmG(TMo`jVapQSsiLF@bV zVWW{ZIy8MeEn~j5k=&gS-xj_R1LQn6z24)bpz0aOAQq{WLVADld0u1JqH|gi(PgyR zp}7jHyBDn2I9gp&r7xipa-vNJO@#qir1-KFMqm#KwRR30zB8{@pNC`a#NVY{%$obQ zwNAUM3@^GQg~D?%>1rc5Bv=ZAaxZCq6vb;T6td|?X6U+&hBvw^ac-E-nv2Ut3R13i z_lxom>o|jNz-8yeA&pBv8T-7P`aa^dx$=BQj)F6TR2oZsWclz8q)BrcC&?d0a@byA z6Di^*GnelPOz)sX2hcg59u_`ywGrZk^G?Q!iyw^d9LXkRHItdzf+2CjNLF zJX?(~W!VzXrSKO9(uUp351K}?lWnN(*|&yF{m^h*8I7jDLp5WGsDx1KsneBQQI6*2 zvqlIwO+76Sru0eyYM2XHSVQcNV6j>pN=a)m?0%THFO*x=E5CPCTRow4d0xKr&0)m% zhkg`)3i(H@Vz^tIxi?kuTHSKkVRtVY&(5({r`ufIQ3Hr9E}T~JzKS^{j4C=`_tk3? ztbAolgOSk{!b^)^r)To3E`Tu2C=T>|KscL9vz72B`zQvgoXXv_fhGd&qvIzR)k5v9 zO3yZ@=P|SMQa{##aOANPDRvAaKcUTtsoNM2Aui$OrE&p5UgK1Mtol8nY2M`Pte%bv zu!-AEkg=t|OnXpQLO%&iGXtAz}ybFg7qmHRd)m6;1%oA8_d z+E^-hzCf-qNN3jJF{D&UV}&OFc{*vCoku+TEIh%^b$J}@v5UDF_`t2@cArdPgDADr z&q4KQ(uzUOumBYJ>79i8`6ONQu7_H7M1z;Jv zHk3wnMgZDuK4r<(^wGiZ{5##~h<90Fg;qX-m-~JGg(DqxCK;zYa=s)2e&ox^=kK{r zifEjj59HLaiYrBZN5XXB^aV+R{9j zRiZTVj5?|MR#!IARR@6@--<^(dBb0La-C@Qo*nVQIwzy00JU5KOb z=U3KzHdv?mv@0(mUo~^KfZ@af@e{rJP(epqmVV!x5E;rYS(X*R1h7B-igF-hA7h-_ zWPvLG0f4jKXhDfx6cbU^s=wDu^7_uGf1?n)jX4ROP=X zZRb-}W^CJ8UR*0H{*(`mvvKE_r}O@ zHD$P8V&_+lOO`;vb^`$YWGX2#(Y`55mZehHquLtjlhdR1+O0&Oh5I3uRp+$=_#OK3#Z?y_sNG~uCuZn2qynn;LLC3Mnm~VU(LSOuLQWxxIaV>VS^X{ zGfEI2cs`aBR759^0%KVYWkGG__KoZpOTZgpPvsn68Q-InKOqw#DW;{z)RR2M}l^k*WSPH*2#iJRM- zuGO&7_-H7$wxs63g9q2Aue;c!1fXibcQw-RZy+c<1qz!4Mzi=u*u6IB)iXTh2b9}6 zwV^T8vrfgUn?{Ood)J;}+5I}BX19SAQ44e!!pT3=B2lwDjz7soUBV8l!Y3Rt1n7ZI zsQXp$Q#_8y4BgPuXJn}@zOms;h{YvVXQ{S8c16Zb@54qv99)?QP16IC9(|on*|#is z?yGLx=GyUijiVu592<9Mni~~_HOfXcfjjDsx1IXl0nKf5z})qp!U(K~Np7_+Sjf*g zgEI0GJ|Ft$xE!O^7yuc>=x13zsio}^&d$w!8Ai)A=|rml^wNQ*`A~V)U4d<#LnMwa zHf+P7XRq&uZ_iU38~JcYU5!?K?xeuc)gdISQ=w8-Nok+3M|bddwzfI=8UWB#AV~H) zv*d1RsFm}KGx&97uhgq+bl>kEyFhw#>5nLcYf&pzY~-H!6eUd4{ILu0QQt_F7!)_V zY$tM5=W*!I#}7Z#@M*SwVI!KOqZHyOm`=Tii?W=~`V7u43Q}w7^l_eu8CA->4wQmg zyyT<@D_i{hOI!15{Y|(jj5&rd{xeKRN5V?N%laj!NePyBZ(9EN(l#p5Dmm;5@ZtbzN?A;&ng4s8q|tVpl^GY^AbPR{FCI zaLod7YjALHktd97Rjx;47zZ3e-fLO3+yh(3+_Z}uQk8H)_QJ7%QB?6EJ= z{V~*ew;J~NHMhsHkz;fpG!GwNadZBo-30>f0ujIJ7!W`wN#6AQI%|Li7u%u#6yaWZ zk@-i_nPNktvnoghpj~}J!%BZu+N`A10OJ)G*nHP#L?afDg4@5$F5Q;~{)sgD-^~;B zpVF?pg7~qQ**-a(8GW+wDA=<7{yFJmkW!~ekw@7*ty7qBE{1v28CD6Zf4rX-i1f() z6XMXZ+q~Ja+t%EG?Y9fi#e3{*z56yq+i6mGzmeKZ;_$_B zp8Ip7$EAO0w)|$735? z2Is}1HV&QXg(h@H7r__ivw+&AQS53YoS6HmgYOb>{GzZc92&|a4vh{8C$E&W-_!K8 z+%ZE=Y<%AeTX-f<=pt|eorc*QMo-3ZvSSt)lr0@+G}%45df0t9eU4R1PG8jHH6BVg zACc-U2a9}ybvvI;K_5aVIiDs~ZBt)*KxC@=acB9ga&Iw1`p*8I(;7ZsT6Es&b0gw! zBJdgUjP^4XTen_FYRf73ZMcqN4VQvvjwzGG6|$pp-vC=}cZ=L!T6XO#ys;A^)nzuJ zv3u3C`%UD?xQt5^dP^}>%}Mk0e7I^dTU*tWR@l?{KAaIDbxGSi9a}o z>$SO1deR76z!X?~Ruj=enqur7ygW_kz9Q%q!0N|^YwT_f5pUg{c;pXjc{}%?rHsl4 z_bVYumayhz1!v8J-xnl5M~W~2+sjdxLxc;SW|Nep6O0TCW2=>OeET@n3oOK=mETDp z>a8msE&hhrlI&dE3dKRfk~(5s*2h&mGl)|u5Km{ps>)(F=-MYvswY4Y%$XY zMaL8&`K60!A!_p$>7BU)mH__8u4^W`i#-X92uH+>k58@lqt;6NtQx;Qu#z=`VXd-~ zq2%4CJ#}=~V6XXDL5o(48Hpn@ES3p`y?f%#8v4lS5Out-tF6$ z%3=vxr-GBrh7s!p`rN<;x{eSfk=iLerg$(2G@;8ahZ?X|^qPXpFg+r~J@89S&cBwK z|4tf&PCO#;r7Gaq=57-A_G2P%_a~(3_0Mo6n~WBnS+{?=tHcqO>Va=#&pr|EAZ`>A zjIbGuiohi))J`&0l5Pw3Kd^%=6dvJAZS@0z$6XU|urO*W_!Ql|n783;<0E}njYhzT z?H9TJTOCNqtzMa6YHUk)70@WpUo8qc0TZUQm>-%>75oW5d&V8gjV_UEl;;`|2?jZI zGqmXZe(cUyHEz!?j7@JNoKFsK@v+NG{cy-dBIbfY)!$rj4asv3!+}e;%1xn>#Wefd zep)w=MxAM%NvzasgAsLvQAW3_Fjh?S!4#=h@(??kV?s_@Umn#hdIX1ml`jurQD>EW ziRdxo(NVR$NmYg;=OaUjUxR${%E;Y6Fvbik5c`G%l|yprlpFTq4epJzpk+SB4iYX2 z;>oc`xGnwwR2t(pB&k)n@-8fz?@-IhbSshCnme6+3=TC)cZ$$IPFC%!z{3@R+4#>I z`cEnHxap`dNUe^~WkgHdj3Um546i##1)gK+J3szkf-epQ`0 zdm=7n2f)N%HBDmx_cHyw+yO9bfblD>9QdeYH1j8+UR`?qD#()VI*%c9=LJL+Fj%@P z&%pf=n0rAKWFojUCYFB@UqIXKy1NWdyx364y`Vo;XeBJV3E0&%0L01%^faX zEV)e26UwYyx!-R3GyETw5Okh*X4T6B(X8;AWyw-?v6ECSA4s(;2X{LUV>jQ^T7Kqq zaP?n4+ELc*O|UrHdHw6h=K~5!A)4jRO;$c0=PfN*PyW6n_^A0`=)yMpF4%mAf=L>`;W`dA#}zbO~x&u!FJ znq}YZwckLS;iP~Zg}-s|Ra(S%SB8htf`xlhOvs=jP@m3z9n z;q{XIlQuWxK80x`VKNX3wFxaV4+zP=KlSNoAkc}4dc$1Sqq4Bwl#>F7tg%5++f}b$ zWoTSya+`ueo2~?qGfFFHsc#w9(C8c95WXnzH&E0I3uHw>M&5$S!HyIiu!a{jFK{`e zdhUWP=Q?ZnTv%X=U30584WvaoYHw%Rv&;4@!>^a2&{!S+pAD4<-jobFE+@sSt)4~VHh_dJMTD`7G&|;uG0HefhO=fY)FughL zI)~pz^p>THWF8oy>TaSZ?m?dZM1Wp{H7BRvq?d{mTJPtLOQ}qC!}y(AKjvWnL-Lhr@v-3wSW`TYNUZl zx53SoQqYqgyYHlZ->N^&(pP4~biYj^nID_)cE)UaGN^*sM+Nd=R*RYD$^Vx)IFsOL z#yWMRrIO;FSqa(GA8g(exF4vMsw6E{j43#0^vf*s6YX`L3Xm_e&k4$^x-D;@fR|vX zVKmV`qE3cO2 zY;pS-Lz9BQZl^n+3soMt_M?2UQsdSYGl z!s|<5CkjU$Gq;lyH63nCS+WaZv`shhHbvw9ly7+cOstb-Vux1?ek<&d%KvXHArI{b zt98~~Krpu#HO?t<_AW=`qxP?89Z=XPU8uH9=(HiF)uodtReCK1|8r8?frW?k6Gxy7 zt+A0;adF@VJAPkTdgIjTzyBc5`K$(ONjUj*Q;Sk);x6g_jPI9KmD#6msm~D`%zL2x zz?CD?7hB4FdDyi1ic&F$tNb+I^z8pK{ILi^kTYtJr&LA>AFuNGxi@e2PV*rK5aT;Y3mZK_E}?l0oOqcZ!y~7n~m!C7fF?g z>OQ?(H}0T5c>xRdR?-h#4e~gW16D-R!x_$ezvk*xO({8UyZ^H6o)v1SGyG=rhJZ&9 zk&;-T#$~0q+&NFJe#jI9Zw{342EfAG;?x1blJ~aZb>{6Rlz_l=_(5<8e7QA_siQqg zf6eikqBKD|AoMmh6&HJ{t2pIg1{^ZFWhcEY$LvexkE zC$rgO!km=6A8VYxNr|ZTgi<)GV4b%jWMCQMS4y~M#ZmrhDyLFcqncAVweGX1NAK9H z(gd;|7$<^Xm<14SAurH&D9kMU&Z6tkXy!RZ&?4SzAKmrTCHxOg0jXH(y3hR?+f!Y< z_v|;{D%36&>-s85s$n6eSKIag@ztmOkN8R`N3S_BglScGLEgV>q{gp%v%SF_Y%VKR z!f4pVDKxx)zhNOR-k0*oJ5{rIs6+N5!GN2f1JcRiRlT8Aj@=pYIp$I6^rKpx>4c#R zuIbl^{eIn&zi@7ZO7)E6k^1A;mFG8fezQ!g_Z&pSm1f9hiWL9D;^3J^{OeO!DEjO< z0FMBV_}-~@uJLU-+b7%#x+MaS|7}AIUEuz=@7+-xAzv{=?Oi-7>-!Mgq)J-QIub3k zM8fg+WogxnXh!U}gX6?sTq*Jz=fya}0flwp>k}qhn}MV{KJ4tC>}?8^29|V78L1PE zk#`Yr6==Qv3f3{j(%mwDP6Av(k#YxbUS{y{Gc&;FZ#7z$5zE$nG0ShNgj()=peGRo zX(OHpPob-x0+^(kWoG-FAtt+7+Nt1vQC=@U(FYiBcw}-3mbp>{i!nQWoJMs~rPX_O zv3=guBa<3;@sgkU)=^*eL%EzvEdi<3?7-XNrQ@|4x-DVtzHo4kg~hQ3vV!2JU)k9} z-+n&NhR1h-uY?@ZBG7>}J~y<|8{6duMJv}W2WGZ8n5}it4vxSum8GM6#tt9r|Ib`M zCOfH{Semn)tow`NenfhkrT&2tYK_MY6CkyTk)Zb&Sna?!R-vckYQ8Xy1$JhK=;Uh! zQUW;8nBV)jTG&71mDz^jYZfuvw#g!#?X%rl7R9{?XoeP_Pmd&?#S6;YbY{sfI9 z!};Lel(Z{8QpJxm6nUVed3aLHpT_iW&kIRQ-^%_M^$kqiEoXJz%nJ#_lpu+#9#+uyD32Oe{aTi3Hve3 zVVy*XqEs}K(6BgBNIZ5gF@2ELzo4E!bH^0jO|b!ozbIz%-q9{XIiO&40tIpS`&}q< zUms!B3bmUz?=z9Na&j+mo)*g@HWN%P z^yN7{^g{d~8OQ_`VHEWLVB&V%qv2OX0{gv)rx%m&4KG^2%u|;wmr{UhtPZ#FDF+vU z;^uIf@Lneka9C-!@@<0@QNqhqN(dG%b#Hjndbf=R5P7}Q27gzs~aHPA3)PBO476gv!6-D7lVFliY`0tvVg3C|RH z{6+p%xGf49>wtA5RnVUSt&YIFfxA7<4+5gV?3qW9xYT>1Qbp3DFqDXXLezCoA*`$M zDi49P=jzzHnyd?^f=Jq8B_*P6p4Uoll!G%vA)hVkfTm7^XZSPWdmyeY_AJb4ODB6& z@W9<*U!MI&f}Se84@B0yJ%x|}N1n*S3VYVXX>hT_a7LQPgMC{kS3_N)fz5(|PF*>} zcXtZhBzk5v)*1zxu$?s1B;8n&s2%F5aK$!@6^&m2dxFF9dCxiD$r(F}@v81+ybW*| z6Rr~;bx?cRhEK^&xXy1p8>R3F9;gr*5Zt>WlUv_Cfw{#)lQ)ca_mK zwE3t)@xdum($w_ag5#Xtn2(tWQm(2k-=yY(v5@R_1J*Q^!^v=xx!_5?Zq?YHo82!) zpst^G_2cq2^&B6>R7Y2-nKJH)4$qU4ybHZ@OOD+`-)mke}u5 zu=`u11o#j-96^HNtVnGx8$q5CUuts;5WW)-w_LSEOR(?+S>KyGuK%m>QDYmU$?iq zY19&WDLtnno7Aj`^2Mxq$BxG7oh1a zc;>KXF1Ia>qIqx$>>-Zv+=%Lo`S+|BW{TYr!t9zL)NUIHVl2iB7v4>gf?W+W0|Ew% zj8JT@FhCJP!t?wNNVrwZbn)coIeMWRzSa%UK?hWT)OC9F;;d%eDoM(?ki$MsJZQC% zF9W4Yugp@uNO6a!`JgH2TYe|Z3z9$+8M*eoMUNKLgC|f3zCg$D)h9zswG7FBn2}yg zq$fAT01@l!zC8PPus7mlXh;iWHWu+9Bxs6IAyyz`!nHJOieWRmyplrV1Z-LM-7QS} zvd^a^X}adU^*a+uf?aN8TSXG#?$nL-l30TS{lYF+64QkJj-=Y=`zz)jAOgpYM}KRF z^@g*+0e^FsaJJZEh->hC()JU%*Yk8}g-ittrYFSffiWAvXP8zB+ns^Bw(qQZfB2yr z#Hn0>oa}q0I@i<$CsxB5EMbtv-^0LtLpcF)L=!R5rM!zP)?Yl?lH2i(o{H^!8rqK?9)G7Z@PbFys10rwxDd{u8=4 zkXK;x{p|%^G1_;W!ZShcS-+z+ixc=EQ&KVXV4Ebva-IhJmU(xDaq`?0B!4I=@50F} zx3DH7UW=5yn-AVMB^fbF?FHrTxPZ?xw+~|Z5-+=2<83sIb46?U?a2c;3Wzx9?ZvZu zay>OGju1H}XNRw2{hwpq`W!@X7js?HG`sq{ovzP!JnYk3iTNf6a8-ZQ?`yfB-K|s; z#I7F=^I)hAq{4@79Q@v8P_?yV12-fzFD&@#`LG~rMdCbiv4X_Vv7UE$SeXPjz+5t` ztCBTo-KsB7cv7s;Yzca;(17518M*{XACgL3p@;9No~@TKLQOpfut|7<0!z9S_N-u% zg$fua#nx6OP;3^EgK^TKnkx#-GeqJV=EXKMLRr0M65WFp@U-6CS1ya59TYxq&ygzc zk0)hKS(cVFe3v->%3$ebq7lWDYr0%8N}=U-i}(XfmHa!GU3TcISD44`IAzPNU@a54 znK~HxP=`*+fi-(|e$J*@Y0DcBcSMFWh`b6&blWyxlQxm@8~U~=s+R(e{PcNN3E@|i zWUW<_oGXz2!H8DeBP}D|oQdR7>c)$W=9y3+*~Z1)hL^jwN+t93?8t%i(BphjT96O! z_H8HpK-XWcsw5`V7O zoLaIh=^Oq%p`~_Xaep_`LNhnJVrmm_YYK@TpuKf=DsxY`ce_-4SE_%wZ0wHtI<^MB zbT^ayjuxOtSLFu8Jf+h3VYDgDQv()ydP(9g42f-`4PH|z5zS=~jjQZDT{C8Rnaia3 zQu)AvMb@NWVm`M;;664FF1xUMP?fhT!dft|teJC}!M7uooCa)UGAc+9Kq0skR^Bg3 z%5i;OJ(98X#T~*(v!s{;GPl|rO!<7M}Y0H0(W%DXg6|Q5!tmORgCI_hrY;Zu~s|6-yILYvctekVD z-jf_cm#a=bdcS^`%{tUW>hAb+bJu5qg;Fd)x%x6fPN%zm=kGT-RAK=U6Wm5^jyA_+ z8GO+$c^%q4IN~^F0N*r3P8nzcSD2x>8F)RUB;D`)96KV4p(*>iQ`W91btD@`wIy5o zT#K8#u&-yg93K72g+7bX%L>)bvuj+l2k z%oxic!fw_<1ve|O&p zw#q3p(HQe}(|lFtm_2{%4{l#V%TJa&1qzwZgo*s-g#ZQ`N)5a?UCC$PH7kELcVo-} z#0Pf1EKpFmfSNoLG(W0}MJ+y!#%KKIAgtrKy^Oa6^KmN1E1lCVXq-S+nM})N;a>tKq>|3?j>irMh2i8v#pP#ItMa zv^FnrTt3*V>f2b?WX|iVxv~OTmPC^~|GHuGmZr5hNRJGX(?ah2se{?|jTiCum`kro zaiDnMNf9Nuwc@zyuv%qFR@7cQ##QZV^Wo$=(r*%clyHvVw@0_lto}-}0^(InL^lAg z^HS?Or8tmo?QwibJP#MD038mRQDORyyY%J=zt#Jm1`({+=|~|5dqX%`uQ?|M=KB_J z8FD4;TPW>iktQ07bK*;gq6LL-7dn2kid3tR4*Pgm!jUKuICac^{+uzZpRAmHL zt?lK7L9D#=<#loC>yt8W@mS3f6}2y`9b+UG+PWLOf@Bwm*f}N#D7(%Jj$x!L*aUaZ z>6+$P%B5L^kT6qm1s2Zs8(j_fnmOnR3-3Oq>)|*%?wfW(-}Ydk@JT#)T*?{%`Er&x zYBPCTW_k76_OI+&lcGqW%yY}Jc7LlNjYcrGi|Z`Cb&nvdrItzFct_qgT8tpGZ)eg4 zTX1ZjTQ9s8nN9^i+3Yo4Me7zJ7F}UHRuB4mm9PCR2vs48r2POLxo=-Ojc6xkwN))Q zh=Ci$X7xA5Gv4#VP3~&&U^+;SILOloN)pLUz*CmtaL8}gU0REpP^zFta-mSuhtT$g zxV}6>)0uv*>`tokX@j7&W{J{yM%OAyD2H<)YV2Tbe=OAldO0{1whV&5)T=@#GD-DG zAR`zH$)YxTDSx4l;jn8B4S2Aa>5HVxad=kTb??v+uz)m?bmUmy>Af^bu$mL>8IsEl zH&bPdx`A8(>TN&8q{Z$Bq7qi!mblPwlq%*5eoSL!&? zdfv3BZ52Q+6?+#bw)!i;_tco9l$n4|GMv^`&uLZ8ftXY;GJJ0X?LeUUq-YTNi ztK!Y}jJ)-Y*VCZU7pTmbgbeyKMbl8ThP=QGE_FF{yWgS?1H^~I>i0>%53K=OGX9)+ zYPVWluJ%SY8yPjuSJ}*F$Uo#&tQ@fB{6`mBqo7uL6^hah=}0?jkY?{O+jHPLi+o~9 zTLC|*>x=CvzK|08k}L_ei5o~>%wCGq%tu{fbEVw6yIU4UdJD{?QkEuBD6WC1F!OLs zFJ)cXMQuV zhkcD4X3l!CLwJ9i85ZkAAGk`gTl@2c4mK&2VnP%T#l0{2n=O?WflT((pS^oW#`D|6 zqvIn|_d^suVa*@ja4^9F`nYPKI(sTaK09T4Xn41P17TcBr>{0l zy0jY5`eRR(dowxj6R4{hRg!7XF} z5CsHvVKl?g6crk)wROycTR~lgV0n3uCDC-X^L+7I+U&q0jiflUg%ew1W1#OMso^?v zx=6dQ?0hI+d5dBkKdQuX*(FtTV?A^7!@gzG^UA&rh4AJUphK-tsN&HttIAw~A!mdt z^$So)*tUI2)4puc#mPzR1mo@E*8mvm= zlKU9>?E-~>oS7)%O=9OfjubS_xNWE(1}jwx=Pbs?~a@}Y{Y#vYa#ezY$8bZV!Tk$#9J zr7nQQBPi>(RdXITGfL!s<>}hhc;U$)NAFA*bL<^Eqmrdg1JfBOyAg0Lnr3XSL-6r^3?fv@9$9V> zrMBAkT)g{bQrQpXLztr3Uf?b{1;YfCCm>GYxFK*^PC$xUgB&ktUjc zEz(DOSat8o8v4PG>n9^?&=Aq86Y)D!t{o-1#|DRwjihQQV2$13-dnZ30ke8K=rrn_ z4Jarq2Q%O+t*_7&wHf&Vrny5Ci;NSkA3NO>Fnd;RDaaDnk&6e^}-(wB(U4Y&nCa4i? z$FQS&u>a?aM+hhMsP}3Cu_;QxyFbuGCJ@7W>!*MLsxS(2h94>%te1?@>e=hfuz3r> zV%+;=Cna{ZNA_*L)$40mu3P#R7$ICXW+R@H!*s<#T{i|(U+Zgl^6jO!ZyU!icSyR++L#lLf zBP%xk42I2Fs@EK`(wF#3A;B{&nrRZ>>J+^8I9b9iHX~p83rDs1qxzw%$}y=N%)40K0?s3zGKk4ovEf8x4MKi)6-eL!t!k zLcG#P#wn_jNP1sgc2D2Axh^-YvG~Em(VsyrG+Fz)n2)?|DXpYF))v<`m>Rzi; zi4UAY9UIx+m#Sl+%MR@eDH=je?<$ z)8pv_pnUcGdhu$*e{QMn5(pP~(mwIeF<-l7+JL;{7K7n#iMaQOr(U^7e$b0)yXFVI zIlvTlGWj0mA3%GZ}w zsUA`#P8Jip{XF=5DP1@PS$p)UD*D@3$E;P2HiJOgHQu?LWv@rkR^JAiIsHfBrA zOx8&#XrBU#?5Tx5q&r#8T&i_kRM6ncI``-1A+DCg0g7f<(b6I#HgK$}#4JH*nk7P0 zgy~5hgz`#c96Bctz)+xmf)?XN0r_ir6B_t%-;CL@4H02ylTCoB?QqWqAbJGMT@?sc zwC{q{mX)2qaiooFb=&)!?IoioobNBMv~tyFQGWShnbp(sCf&5)-`W8vB{7g*GsXn` z(i-Yv&IH9jdMk+YCWPvE&Vc$@*eR_h;&L|t0a3r>n8%L)RWg z6ZkvHnv2i8wB4|IjVDwNy4?tS5U#JsA;r5j4HofG>WYVzJ!Jy!qBiTuKao3EJ({Kp z$cxLVeslNz#~#7b^?dJKC*eJQ@h+l)ZdFIKR+M#FKitT~$Q-UI$!Gyejag$zy(1Tt zwN{IuL&jeg^}wJ9U7T4C-Y?RdMe9Cy;sTr(#>OgHrB{*?~2Z@`4a+FEb)R{+6HgB+oiAsfku_44Kg!s$hH?N-2@Z6 z2@VADw(NRQ9|1HYFq~edKWO!xa z?jprVH5>HN+WPM+{%|zu0v@7?FJG?-1{a8Z{{jN-7S3M+$hY_6}q_`eZv$%K7XT zT@uH-a4~aLnw+R!J1BS1inX#J?Y2|*u@ZrLJHUgnKPrE*uX*CS4D;}jQEc6734!Fp zp5w?w4}Ei-vRwU~v)zOGwV8aK%-}H%nr=g?r_@HKjWC|$bh&u>HQ$^v7@x?1aXX2q z10z_9k&!KO{8-H%YzU5HgaJKRV-jmuGy$dbmh3&8-Y#zfCs`6d5BC|nnuryUjILX#e6EK z!_wv{#Ep<1INDUL#h#ek+@-koU zrXZueiElP<#z+|7QY_t7I|OyR?8<}a-H~>$a>Qtvq%aG#)5$Fj-4N?W#ijKQyVx&U z!ZkkkGDh?fkAJ<`jMhL{K>52yke8rG!a*U+<(leP#H*Z>`7KdVDV ztx6Oj>z%Y zxan$vV^ry3#S?HYj|K%Pj%e69_OGK~l0m3Waf}2qAaoYoNwiq#{Iz*{EU=Xx=L8f8 zq-HN^BHZk6;BmI%Q-`@@Z>-7s!cL3Hy9a!BSF|yHFy3AOcL<3G`hp^0vm9nWN?JO8 z-7+)fhQ8;^i-~Y8q=^SQwy^<6UJEg5%c8j6Zdro`nhKPH0_pHk8u?uvAo~MO%aW$V zW>dR2A;O3S>q`)3191S1+sNbTohHSNu2<<{1~*`K5D;6`m(3YO5)}O_?POoOCj$pt z2%(m3y4{Jl;1BU$G%wob-U7;y{?D;!g zg9y-pZNK)d9vqm6h@Ybmf{SQ9{8?zlK)Azifp?=}@z1FAB8!BKRiY%TgIjIK2eq=A zivT82Pv14jNNY`dgF$M%uR0>Bt1WVz$MB4Wi;91HQ*t5e-6MsZ=bbeuPVT%i4WFs` z8oWC_m0-05i&6B)CxX@$5N5X4e+d=$N?m|uQQg$zwh?Vh1ZA$m;GpiGC8uW2TI+c{ z*>p1304N*+v0RKhvanvvWE9Lj=9me3igQ|1Vct+GWsfG55g0`aEl$B`sw}TIWyH3| z<`Q3$@{T|m%kt?0FT}DW7%YOcjw*ys0~V%$6f1GJ<-!cBnT`)FD!d{-&ooXEE9aqy z#APLK+jZgVI<9%sF0sqyK)2b|s8Tx-!E$VGVLDMGrTMc;jQc{kx|IzV%P1x0(}nh27@e45HnZ&}Vseu!;VnxU;Brh5@koY+)?yq?^qDiww~h>!;lkK( zcdoukh2AE`qVFE4eaq%t&{aRQJV2%G+J=&ay>ePdrP)hx86K}K834O74ClhL-s}^X zvk7VFNmx>SeB46txnkf97`?8K93yJLy5aElnp_jCGHC7~bf z7E8yvapRUbZ>!18Ml_t|wkJJG5FPM()p?cSuKJz#J8qxC7P;Q{&WRlPwI?R;NrK0e z({eD#E7j!^p>%n6E$K?VShU8o{9KPlvC$U#yu~`LUt^fGnJ`7Ul$Md}K#O4)?Kb^p zR4`L3?0U%)Z-E}yLK9P?v_bw#Dr|$AWWVaka9MSU20G%3uGd!ZT1$IK*mKR-jUnNc zIQWk72vj_i-D2Z{TxdN1#Xqn))*)=YlVvt}jbTww4YSP)Y+KV+JZzJMmA10AO#Z~N z_j3Rx*tTD5EhnLOtf)%M1#*o5H!Ir^@psPIta z0=foKu#&P@@s*G11;^zJzg>NzX)KV1`P^i|JxW78nd=@sI+o5IB?6^vl;QhHtrW$JN`<@$Ja8+ zJiq$&B0b{x8QaGXy+3bAG{=t%${j-$sPlgL)%EX>r)HbXzQ0F)Z`@_kj8QPsqNeaQ?V|{!W~~t3UsK{C+!! zV1BOSiQD;Rm_NUNeUBf7!a6#Wdz5HljV!fW_&A^*-|;bWVly~m8ZoIkI0@wEH%_vz_bx$>5>gzvG? zW1-;Sun-Ta}V2jDwL%979Eo)#$Y>SjF!>-_NU0OHB^NB10%|8jaCt zj(2qqQMpxi0oUznQF&=mOKCd4uXq|BwpN~S@EpC>&%OWMzq0BG(cZy1o(DZkqFg=8 zKKC0Mj(Mn%{$2m`-|twC>z~ar$1WDFRWGRJtE20~TKvYDzt#%1`e)-W>iwA4Te|({ zeVFW6v)Az*;(4I^X9*R7Xh9L*Eee9~zw6v+OL(X2Z~rkCL;M;i@gLXJ?i_d~@aG=)r+17+bidZgec*k}|L^bf zxX8zv(y!RF4v&lh+AdK)Yw>^j8&~{U6Mp+zQ@x_!!NZ;7>*ecNMk)M$-$v#B`M@Fn zfB*fjb<%6LPp94-i&qr3#MMkNv%|p`*HvV0vV^bctMM*Hm&;R}W-_QU3{NK<2{run0|NZ>m&;Nh^yh@$0cEgPA($7D# z%(8lKblu^RskZb%5~%ftW$6EW5707J5wuAdi3eLc{>hZ+i@_)pmc;$5`@ZjQP5KDae_>-6vScexAo?JtNhf4v2)G zj_>3ynpy5blx6ghB+#;c(>v;XzQFO@)f8Bem);&{onK~-ACy3p<+B*CJ@rCcDZYbX zB#><`eEppWF_GjofmT`8^qktU0&q*K07Z79VOhjJyuV>x1^mta9 zZa~MF-`^pWjS(Z|qV*fP4Bc@5UKb%LURh@(2m#-t@B0@oyWq8Or2Wm_S=3j*$Ir5U z-EquPY){;hzQ_L%q}o7r6Dz%Z5~A_Wp5YdjnIKotI1<_8!Ro%BGZ(Cxzfc=9D#Z&5 zRnLFc;4Ubfp7Uf4Ptwm`QtMJ>GCrFo*uK|srtqX?nIAdOnT^R5!bdpjXKw}WV&U)f zImBp+Hda~cX_5gL_OphHa-B<;Xws%9yetY`odN!zwku*HRU4?8M)rj3?jZ zDr#T)D2eX5h68#*Eo z*0B`-CWN2GW(B5rs3btnZHH}b4qNm7aDR2cVHt0mX>L=$pP69F!UIoF=)>`X1iQze z*+kMxt?^%`KrgmT;uDO*?f7TTFX7G#uOLjW(T;jR;sOGbTv z;gFqe9faqsMaiN+ql#0liAisOqkYWcf^m#70*8h8`G+fW@oPA>rA5F)${Se$MK0t+ z{gQRQD-NAS`$yt1)VIyjm?^X6K=A-IW+7m5b6kXA~HwIO=o1B$GJ6 zxV&oN{XJ(in=2u;l;r^k?8h!VF^SU;k+_$x{A1T|+q0tw zhafEDJCt4ZTc&J6x$w=zN88f#i0RPsVIJBv!PWR4e?2$NGKnzIP9~inIk}COSH`C9 zO}xjL_}BJj{&D+EuIl%XjVmGhW*EE!@n%M2yihpDxJ!N9qaob;i zWa9chWFlPbBJlj&S?Z#lljn_O*B>9IunuEh=pkHhAKwOAZfCx-aaIB3kxYwDe{6LL zS%;jG&}0nv=(E1D$yO5&!TXqvIjz6n*2H=^K;OPD;Mx0m|DHt_#Qa`6jH$TLDwbwl z`n!iGQ@xSvA|}$0Zk^MYZp^}5gde$Ovx2$h!y_iUOR~qw?TQHf^tm3j1QSvg`-1e` z_g(ggT31Cu4U>@ip(dNWH=uED8=c^ zoWl>5%BA*!?>*Fy|XEa^$cOZ z0O#I4-taWt$J=xLks+?TWnvt!!Vgqo*T;=lpCpZtk0dR_Lw&)WQYEzgtnq9fiqgt- z?GWE{61!gIVH#+pKqD!v0hC!@tb`uq+m|j0e0t0hT9$_o znJq9p_8Kz&9XPiFpU|)?9zqkXt?G06Jj<+>7{IFGt8Ju9tTgAlNk_4!6v? zUp_**BwTjb+GIuQ`}6zS*XvPSo~yS98j0g^h_%lCR;PM@5RClaBi%epg;92;~eo10}`otBe73F^Uet!2d-?y4_ zrqrDe$M+KWNUAy4^gljJI(!y=dD|bK#Y9Z=fazxO#u5qP1_L$tmF$OUz<`__zwpW- zxu;!Y(T=@1KYJ?0!adJZ19S#w>XT(^bjpi4u@`~Lhkx!ZoVbeP`=_w}tOYAv?iIV3 zQ?A}9Pn+uM5b#R>;51hE58S}Fa&7*|IOEq96JvB`u5}z-7y{!J)%YY(D#SIH=`GgN!8)x0Sv_<>`1_ zG7j)(%q(_}nKF8(SU>i#y1a*RdYPlgj|y=&r?>bcbCSqXj49H5D_K48EEIt>SQDcGl0FVNN#Jbnyl_N$!>Jnd_pFNxpUuP`x z!l=-X-rhtu2wHn^F4(Np7fspUP-yaihS@*sTpxq)IO_Q@eq{B=v?spW$N{KtH$04= z1k^Oc{cEihUdVYfryuE~(m%3v=h$TnS&tjsDz_%SJ)Zvltbcppn6z9M>x0Jv;Wk|_ z)T5?V8LnROw)6{rHQ{Ijl@qj((W*>i2%B<{|nb z&f+5||B>0~7?9^<;jkL>Xml;Mog zOyH9I9uLnzrhOY`DBp%2fW9PnaDFZ~{0C%!nQ9Z{gVYoGZHnR~lRG@RbsI-2I!=#DA< zix)P=Jov+B{kX&R(n88Mwl$|kPgj0wmH|&L#Sd01UWc7xy@MURe-=2)R%PPEPO6ch zPsL-$vUnV-Pi%l^PMys7$%8&RDGGu)sS$Zl*@H)j`}oTv*sp5~#x=1Ir>4wx(cJsh z=w2>Vk4rj1CiB7HJ7Zqy=Y}+M_M>puid#*2yOWx${&0N#09=`f3G#tee)N{*sP}d zi=pmWNpRwI0JQ$q`}gl>iZf@H9h$ss?Jj?><@_>{Th?HYHy$aB2$UVM^3FE~k~oHJ z=O15Qs1JgDr6B-~&n*K!*w!@9|xdHXs(-tCK8rF zqx(zu!?BNXdnlF$@5=|b5vKGg#F?n>A06lJtZ75CsgCVWyed9@RHG!Gj$?-VFn;1k zs@Je3#i0kU`@~dOnQ36A+{HLUa0I~hY!Q<0xyb(cP6Qf>lwUrAT7Ea!Z{el650wTa zvbuiu{B_zp4@-z(``}MZ!X*Z{n+HGjP;-pwL@+k~hoe2DW35Ljjooit&6sQ?ybn4B zPvN7n?<5$>hcLe^nj@i-@4j{MY@p!ymanK$bvj7ijW- z^;zU3E6c)Cgv8?c*)yj)_KbKS!6&}*z~tR{y1^Sq2e=28r7t+X1IlR|@Y@K)D+XE-W!#`hrIc$5j1KSywve5{b zyX^Y9fA*AKUlL)&Bp`L)Yanfke^pBqrGa329?MsjM2k$a^JUZZ)4qzy%Y;9ipm^PH z*DHm@VA|eJTXQ`)EM9-cjD6v`R8C~*bN@q*+Z-6)&%~k6wJixz)8vo+&QALch1y;F zzJK-dIPpO>GtQ2*R7B3ks>dg%L!I%hbREp;!~YI|MD;r&k5Qku1>MFF@ObyL&!Fxn9trUg%Y^V^ z1Of2z(P<|l?V|bKy}q#S{MsF0_~aB+<-j340UiwL`yT`zWUpkb=Psvf30MrT?Za=! zgNGQ?8-Q);dm9X<%j{bUCX%=GJP&xSGVQ?aeSLj6JI&-eh_a9A&9+uUBA~&U=9T< zIKuhG8O+8$M*^7N>cSn+CbdecY<}XA*^mDZ2K6VNVye-_@A5G4d(sUaE>`x58#^C) zDh2E0U50zDJ~1Fn&P5)8E=lscUO8l*`3#6@e(kVZj_osSist^zj9lj^S$?Z{Nb9hkYxOPp<-kx zrptfhy%@)!BLz6fkKT#QJ+t5K5+7!t7xm!4iEB%oV}?n@B-((O|gTn(9CKe7;a7a!h|;ntUh zu{;-6|BeM6eDlWXMNG1R`-%6zH$hULL~l-oUq1+I)}8f+JKuAVH|f+z;W^u%I6S#p zx2p^uw$D}Yho?+20h`?qhg3P{#0!j<%>9Ssn$g9aw5TQF$C;a;L^u^bd6@ZSpBU{4 zfVa=H+?`?}V@`F+cgYKcjP!%sCO9Im$eiw_Pv zbIsVp6(bD(i7C>TA{(_X8Bh+NxQjE@h3BVwCKBncRGD|t_@m=BR z9bi!7_u0vrKPzLxe8C^wa^D_UVrbq@q%QIXb-1C>Y{Z?=cYZjASe_hX+vA=6i8m7R z!kAW>+D39vd7p+`h2~*$e87uSub&vt^Wbgt3r0Hs2WMe2eDE>7A(n=_0Xt;dKXDXO zj|A4R_1Ld&A3ltmh0vFEnA@z}C(#$LdLx&|?Pm|q3V$$X&OIY#9kyFN&%y_5XZNqXb4;$DV!SXhM_m%Y|xzVH|(sIqR8=^pitYzxLzGsZ8TZ%e5JX zH8eK5q><|VHP+M;eL|Qn@CU;k4zO~#1cJ#~H)%K2>96=rapz)7`ovn{Lv+yR`szOM zoAL54!{O{r(2b42yH61N1W2;2S6vH7BTu4^~fZ~k{(hfBZL zer{i%lZHva)=*sdg?Bl2&kj5)ql=V(^1H|WJruSBk#(N;$?ej>|8OWNvIy-thJoU@p>FIy2)X!GYRS z_{l|7XRXbS()SzMzs z*WKy+A+dLoPkfe%&R9;W>9MWw=>;@ZZ~xdFE;{2ydfZLFHitDwp$s*bGir2cyy!v| z!;Sgm=uh5*THWizdzAPqJ}RKLC!<<`Q0?p;sJr>iZ%g9AejtX;*DjMu;uY8%zmjh(oZ(_QV8=X@UcG>xDbGk)>j z^UG)9Pnu7D?Dtpg)ER$J!&@hOFofF)TVL)1fWpr;E@Hw(=F$7uD*a2Rq-7PLcKwNe zf;`(AL4yoUK_m!IJ}OQ6uIph>`fBGx zFj|`f>h5(70j={Qb@zF*e{I3@JHPCEzV(^6*j;uHB;UDxr@`bW7HGIoM*PHF4oY)! zdJB=yE?+-B3ud^)Fzg}-ha~V&$w+1pxBZ_fcV~X~hHJ2cKe<98+Dz75gl^+-*P zQhO}jGKkDCc2v%Ny<>p<$!k3@CBF^0*L42D#?7zTG`Tos_Kh9S8n6;vL(@>dZK9TO zfftg`ek|I&!yi;kBP#0Z*$)@Kz78&odT5ZoKcFEnm2I7Lo#HX}Bagg!$fLE;9qWJO z%Q}6QaS1oTalDcLhj;bwx`e29eq>$qCy2vtFl>9sj+&@P0Az-5pBgcWKWjGN10Vk8 z8|ce5U-SXwH&>y3>58RoP(E_?3yd~r+>#gJY5a~`u9r+eX7TO96x~`q6&G&}uCPz+ z96j?XH|4-oMd~W?5)$UkZUVQ}Lqm<82ZvAqFQ)aV2WY}lfA`1sMe0qz`Hznv6!N%7 z240!g=bw zi0mp)k^;op;*RozZ`BKa-7-qQ%e3KnW1l~f^MI-7*DxL0V?MyDo&v7!CP-8+mxIIX z^IE*YX1}1E3frIYyQh2wFS>)VpD;zhiZ^+`sZ`1mMhR`U&ToVr?D4Xc#YESDrg|HF ziBzyzH5`?wv}_&h0!e^k!}nWBb)AU*)_4kXM$F272B6j$K%9?qK&M4|pUo z^YMLYy>e^)8*0&7LDux4fy-i0B9vd!<}IVZ1V{awOS-lMK%jzJR5iD0vZBY8s*K`O zU#yMkP&{ z*CTckcGLrE5^x|Fvjh4cpJ6>Do%6tKFg;)T;lR3?p;e-U)KXsnAW02(Zdw4hEe@RE zZC*evh)3deDCe}xoOl3A+pUcoIlDyC^_3o3^yRJo*3t0{a$>oVN9M)+w#9)Y@*Uvf zdOJL;7KdXnt*^R*_BRlGuw4%V!N3o(06{>$zj70(WzviXgfw|>)G{|G%Gew4U%jzT zzn0M?Z+&WubWXRN)=8D<%`6U`E$H~h=U9N!J$ERFg52;OKZhm_o%9B6Xl*|SB5eQ% zJ%rg_?%DlQ_xL~K&622d+m=u_M6GKuLDIULJCtH+?GPzi&H#aY`aQ7>38feea(&mR zg0`&=`@x8)7S zE=j}}bW{csaiR1ULDNFM%Owys=eKTjKDoJ=;4yvIetb(U+{Ob3l5ZI5I)ysy;DH+s zVrx-0zAL&I%5=&>bF03CSV+Z)BQfJ0WzN9 zR|Jesi{u=gq<7JXL+kFvzD#n-Q{xhwMBr;tYw{!-gZ=G4c5Yg| zollcRybz@L1ZjbE(=yj2luoj-4gwS*qAPIhSFVxNf^RPRsd1AG)?qw)HDpg>equwC zbS35TSbC{>1u?k`uXTdFAmjVk`Pi^S?pWgv(6U8*#dcMe zV#d_IiJ6WMv}?yLZ>Uf3c8pepP!<$#WQx`$7N&SE!`cUH@7%$oR7xg9^T!u%3|K?x zo`~m543lID6^MjV+cNz0El;%<(D!BrdjA;iK}C=Io$_=0nsi*9Qn}&vLZPU+lJ;3UI$v>!3?N zm3q@`tQd*aY1b4N=#7}Mrx>RgRY|zw9PWc^6 z(Qh&f*0|dfc#Os^o^qO(+RVbF(VPR+ispt|-pfJ#<+-={`EXzBsc_r zY028oK?x@O(TJ-0K4-IL(G_$+b<{`?-0a){ z;(Ca|yH@M%%Z5-3q45gDbXWQ0JiCKCCZ5fHa#Xb7WxnJg;4uyK&|$b~!Nl@LaM!hF zj@NdH_I;a2zz2;qsWtjjJDAzC0J7pCywUO_TYNUD&V)3H?;*pUpbLP|R|6b1X`yS& zR-t#l2F?uod{5@!q{BZoPG7u+%~@l;-OZm|%x)^vGKaP&EsBPQKt=>T2#J9LAa1Rq z`yjT7p~7Hv!S@SUQJ=j!^IHZ|HX3YlKQS&ty3)BZHt2{}F<4=NmIC@!o}m$K;Fb>f z*IGu@{Qk`waktH1nUW}8m-w5D+;v6f+DT7Ea0)asq2xF%F7XY-W88F+;Wb=KcZt$Z z9{CKY#%G*R_mECL@0k~O^NE)AEkU<;hr|oqyL1XX+6KH{jkvjyc3XLl@!6+LetrmlreFnf>d-ok%&j zsSz&+VgIQQ>=ZOLByYd(FA^mgs{sLccelnA4e!0c-hhpjBI^@JIa9r7-P7xW zjK29bF8|mR+(zdpgb^?;CM`%Q@%FrXk&F*Pa;JP4sr6r3WeHY#|Ep~}VOZQibTO0j zSqf6~WD{B(fNCyU`4g*OC{Ls0NA;q(8$>@mP@kdIsTiAAw9b2qwZQ->d2Po$8uCRjcsWnZ@AyGwY$duFNI z*2qEj;&_GpYs05Q_UD-re)bMBWg?yq+l{|aO_NcY#2hm|NLtH*!9%Qm0Y1YVxR$vf zLveC2HY*P*9qaJB1na8`qN%f&ATm{l$YZ#N= zu(|}u^!>$<83-U5Yht9wcn(_{b^XWJ^L=_;P#y4|ZZ>{$AOc%JnTQ@H`0znha>gcV z4%wU*93Aw&cq2*O8;}8e*bAxk5z?~Y72v-*DXyqqpAJz^xRVjwxZ{q`k2 z8=oe1)BR)nziW$k0WUtjmdxQB0>lRicM%YvCm9WBc-TN2i~pTxIqjgCbuu9B&X??* zXAX3nI4sbZz%S64+@J&=+1Oqq9isCKctJ@WDEkK6mp1LO_=KVXX_LUoF&-gf#Ghb&(vPe*N z9U~WXFSi^RhK2PY6m4JT$i9s>(_xJNjlsIk8M7T>(VxC^l6r=U$>A^dba)uMK@mZ9 zO9=ekF5+izzV_pF7c|CWZ-T>EJ#M zYi?)$`pm?3E4!g4Z(P75C@q*29MqkV@`xTFUxi?O7QCk4n8NGeD2x~_IW1r{C8;bhLyL}E*ZH3Y}{N~rrS|U^64`cX=?@8%lxlE9np_XR)_8ZSD%)U{jM*+T8Hle{fa^h>-3`?tBq$m3y57K zv}mLKS1WWlw{vaaLL3NK<0 zqw;)hp~*%@0x$O4jMQ{Ocn<`Y{`D$Q?K77T6KRkO-`uI^c)%d*W{*?bG#U`XpH~6H z3}T3}KlYQ`qQf-A`cN_7F~EUWgBw`VH=t(Y$>?cu2VLuMx-kKv&~X1bpTjYmwz70# z0+U6aI;8T}*~M{3zzDc$J#D;6AKJ*ai!(ngO2lq%zkL<{M_$ytMHecQ*C4bhc&Lsw z#y!1;?fO$=nw`B8@)PS@PvrH5uZtHqJ&;G0>Pv&4En9UF?c2qmXba&e1E)WGlAX!U zmWfp#jxk<2@uROgT%39bc3ax>ye%|7hm^eDf@s+VV;7O!MYGrIA9iE08k2yxMby|= zP5(?C6p{9Tf)p!JG{BX;`1 zPaal1gf|*H;OTt%U=wuOCt4gPV60aF6OG*A`n-8vr@DOg~&0etI=R^&q13YVw!F2RD4=jU0b{leetiYiBi=p05 zT-O14Qyv`m%oRQZlj>75y@N>-QrmS0QAz|WG*A5B93*NPD+~WS&+|GIE;+96*LE`C zayCpVUw|k3N9RrT%nv-&xGTGFzaX$=i&i@j3qyWQqlCmWFLM6uvEQ9%l7)+Aedqjg z=4v05-9U+gs1svnLL-g$1<~W4@BU#oQ)N>ki|@v_f5Ka<%<*r1_qmB@z1F>u^RGO% zdGI8INyQ68}-cKjGlKzBX!RuVQq0=|Tll-h|Hp>r&{ zo*MmP*Be_hnM`bZFU00oVTGE7@*SWbar*$ep)C&o4lGFKm1W)N>rbx!Cs*(~&-~A( z7JZ$8YSmkqs7{fO;9y4D?7ZmFJB{eGV75HV#F)j&H14}}!pq>T`e zroEFM`tuy(wB1_VlGM3xobM7m#VY_YgNxhwW2#?f8jV0WagS&H!MYX3fVk!hB>DaO z;VYhKk6#ZUMdwBzU4p5)>Yo!SeIVq|`Lh zCoBHqj*F_)I_k>h1-P%JYv&yu!Z#}&LW3ka;SaYBSYzF${YhND)|020;-ZIe)OW%8 z>b@pR{_rx+u>7;WH9B0wS>xDk4{Rdg#p3GjyZv%4n64FYx){C(v?Zdt)9g?0i!aeP zPh29gNPj)?n=oXc{sz8$z@cXg8NUvnI9n{>W~zVxw>DqC!+2d(xG)ccZqAN+!HvTX zIBmVDV}#ns>OrfQkZk^2lh0qa^UN~IBL{ar`>qf<3xb45?&q~>0Oh}Zo8+&$_Kj9- zq-vN|W`usMw%{?tCHV|nasgAJh==z-9Zt?zh9M%$^YEh@Yh>xR>oA!haedh2KE0($ z%F^>lhw2DFyI+^Li8QKK|LiBfpY{_cCy71AL?|t@ zx;vCnl(o{yx{Dej%f;~Ak>2vLk6nShF{=&P&JG;`Wted zWP-0ys^NgQ{)_D&SS&lwelbRWSE17nkjx9-_XFX?1{j(!lJ5RY;Ql>s>r|VxTC>Rm zibnfN{}c@WDO!m-pduG_4l`A+Qk zLMU+o5f&xRK(&L57K>e5`h1E^;{lWL=jc-icVL8X?g+eFS3^~6>`-WqsNh}G_-&2TU7@Rk`=m>cAvKGo3!UATw}=$zqivrz z{iXB&u-(bQ4@@}##2s!)>cC3QDvG*&c~-r^@Fz2dfw@l(>1*^)J4+&v@$-r2EM~?YOpYvg}xaoU#y=l|eS%sTb_SJp zd`wEI@~Zd0y4_|k3J~IK$LA9G&hw}yTeCLR5^a!1%E5H`8Mx^6!KWfQZ8Q%!?IjlyakSge8DIqz$Hbn0O%Fj0%ZDW;^z)w^+}& z(b3Nqp=5=IX|t%`?yvj{m*R1rCsi(OEfmZec49cu3zCCeEkS(MQZDJb@M5Rwp;|Hm zs-l78`!#~N1%mL2w8$>-X9Tf@pR@j-yl0sm(2rqkSN`%_8WU%sWhUgy049B$cp z&~E4@)Mz6=AbSxa@YFg;Nm+3t(CdZ1#iafR6GHr1*9oIu5Prph%$b8>sDpb5-NUJS zC^ifRL#VUByEaAoAiEXlRrq|tUZYGu;q)H3(SS_>7|izi$Jcf08OJ^L9tuqC>>p!s z6kxfi4lI#Uc}C*l2B{wwUAJiM325`rX=n>-+J|6 z`GAWtcFQk0_;O9aP%Ic3jGz{&rr*4n0OG<6A0?p!;G+sn4d@6qwN|1Q+Qf(c#<=}6 z#;qE?bz9Gx%A7&+aU#p>=+5|ML=+5*UT8?-L7Mb7o^IGMv^H%d?cS@0&^wX+my2>I z7ljWlDhwx*y${?A$Dh{~rP{h(%yM6+C4{`iBw7>Sfq9Jz+9he5>(^-E;Qj9!zJAV6 z5OH7~R48Aq`ygVAdrw3<(be=tU!hu4E zdW;Pc+u(jX_u74PlVHTa#ZeNqfDYf9699OZLCklyCAA4-x?Wop9MVv#REj2++EBE2 z$o|nE)H2T=ZBGU1FJI?foxyMWZ6Jp*CujYIYXo9QCROC5JsUF^EzRXZ5_8cT>D>{) z5?>V}ML~38xPSPcDbL)NMao!Zew_)o8htb9N$mhb;FA%j^nz}wk=rO&?MD`*7CxX; z`x1AX`HMTwGeTO~d(w8+g`MX&?StE=_SDokYe2$m55lXU34PH>nGgZ%wio349&iWN zD2ZFzsSLY5y4ycl;m#yTsb<=%`N3%=PX8f1vhv1(U>b%b z5xOu*Q4OvEDA&$8Jr$2-%K3=;W7pO5EQg5PnlG8`SL=P_L7ydI`{Jt4zqUHeDv8k0 zfhP|haAkd_@f;mM9J=@JBX4`DTWZkO{lSTs%ZYmm+Hx)@N6<0v#t8H_@exSgmOt3* z4DY{A>>cXTS8h+a1X=J1!;!5S@BMy3*}rvKH_3#g)NSFO&jiL}9U0=$&I6!F{O6wW z*^^YK{d}l&W<4H^9Qrx{9g5SLm>y5LR)74k!D46sEXod(v%Ye@N`hH(+>+;VZ~YtR znJPWF2$Ad${oo=nN8Xj~;<-BP;?o=kGymy9cg9n>_LO_OO^o-!0afPC3aSQiI%=|? z*z!*=zO%<5?K)riMQBD_%z63$xjvhA_6cr!9zD6fdW#Qk@?=}wFbVVD9yupgz8T%K zgQ`QmV`kEuBus9J2|}1aLa`SJ!S*kAtDon-#e~Y>yYa=XqHWyb5pbH-o;yBynfP7&jn}bEecqcR;e71Q^U6{d1Or-8+8w8; z|FLGtxn_$5qu)7OjxEnKi|dRXYH^EJkT7f0HUHUr|LiAbj4J@&r87j=s5}f44G|zT zF(0;Xn@?f-GnV)qi%vrM^J^?-=JjB@gV)=QF(#4v^d0-k2Yk=-dVd#Rc@~~&90H(m zXztTQn3$Aagnzc_P;BWOyv1Gn^$UYsS2aw~2^qK45?W=RLii=WlVOe*Vifu$n)daj`lE&zfLAqnMo}5wr%M?BOiB|IFi>iSp($ zgC?)~IUYIp&V5=y6hQ!>4&wmuJB3{2UH{X2TYa4QEHngz96I|yo54kb`Q^!yP@uum zKiqQgx*vYp3%Pk7Hj)`mbG>}Z=I}26#bVKk#dP6SpI8dJ2;B4WB*R;eL}3o8;8605 z6#QGqb8p3%UVqM|(|nTTWI0naU24+*HNN#QDc7@v7D=eS{D~20esiu_857@Y=5Wbg z<5x&iL6WqL-D6TSq(|vfCoAxob#juf^;_Y7+QjnEh1E#>C;#b9`OPn$C%<@Qr01Q* zV+Cm{`OULvKAh=`=VgK?3;$xzgp@FuMi^-=D`%f%CFcquy(cjt4!>uh|3`1=tKuD0<1C4^*TMD= zxU|~uGKt+r*Z>`Wl8}yE(SA-G_?J(gJ?76in42A->+FGcx#qNFw^n(g;D$N1q zZ!OSQTTQ(XRer6%YYy!5)b;^r5O;!Gl4^DeWsm7N%vfdrVhLvt-6f&u!NAT~!bOte zcR|^3AEr+A#}2dSp&%3OlrsjaXTtk+HnniQ`)jd1%4Ha-@6k97C{ca|}$3mUwCrN8u zu?NM2{i_K}R)Z^^`-3~mvmZZ8d;51EO>B9wtZ4v3D&mxJjsEJz_ZjyffvdwkOy(j8 zJoWJLF%e%<~xi=&*xM{*~h!pn}r0l}N^`NR66(H3nwsR$v>) zKeo6%`?m7b)>>a@4%g>-rm+Rb79?$rR-fSeUV(9VHz5X8d+N`8lu}^NIJjs$&OH#j zOO%%eM31%vZq(U}9&4L~0PsJ#;IkjKdiHqcIg0w)M?(_B7vSZ@Qf?QOwBxwXY2A$- z^*{8DKJ^WtpCxe~|KO>M*Uat2#~NT%&JM>t5-)-Yw~olq_| zFI`7I;75AD8{M*Zp?Rgel3W(`^2aVQh3cN?q>#l3_UP;z`?wiNzJP7h9Db5WQ1GUk zPZGd+4|UR+#eV14X)4FGLpww1+1JZ&1opX<2uwWmU8f}xE_dzsJl2_nYY8gg8=@ zgg@hB^{+b9Rr;>Kcty_bVg$|mNvS3Jyu(JUSQcsvKXu1HePwQEUm4PEC;!D{0d~`r zx_A=Hpdw8I5WpiyutzaZgGW@}AI|vQUuLZ1uiCH1EdapQG@7QAH(G!l&3Uhk-f|^C z{^&0!ZJ{YJX$;b%VV=3dOLsV*W#|C6jKhbs#-99VZwa|L{rkq($0i?kT8i0uw8C2+G$5>h`0szbH$wLFGv6`jlaX&_dbd(Z0{SVqfLHiw$$w+8+*i$O8u#*7 zJ&=0#w2V(A7{+(a0BT4lpflAy$|{`y+EMna$2J(|MS0?wGpAQJDvlfi=ph&-_Rn{S zs__#5eeQ4m@o>mzZzTjw2fJdK1$x|=<VvX5 z*Y$>7-Xhw$E0ro%Gt(?soNEzans|_@*z1>9j5|LQ#J>{o#WapSjZjid6Ymo#>p|*LpeB z(I%og3FeVCTagb(@9{T=YH$bs;%NcPoUa_Dd*fx7oJ^Pm?){j8?`CC|@QpzAfL;IP zOqf+WG2R`HG2wRp8g&Adl{k)J5Q4G@`bJ zC6Grk-FMf%{KdY{^Xz{%cBub#lGC^Z87d`7Kjz@VyptSY09uXj$)7r1_3V#z=ujF= z^;az)!3ea%ZB$a37!cc2s!NAQ363vbfBP(EU!2T7OiL=zeE*$aJo}6q3up`r2n9EM zqz=i=b@M_oBPadCEiH5xG@gVn%W&@wyu-Nf!yj~4I0hGC7`MRd$&(w1Q#k*@Y2|kH zK}Wx_^dEeg9N@&_$2U1=g2@fYj>OHRjy@&z#>NoDMO*2oM=Ks9ciP`Rl z@yqN(e=+R9sjxwtO_Kxk;ih9D_}3$j#afADz%qM|XN=_ZdoxVqs0Y77*+lhWA+heS z9*$=}Y#1w-vn!<_=7$e|i(cuuGBsw2nd4FfB9j^EH0S(_kEmym$cC`=(O(Ws2wi~l z-5(=_E}+hPc|>XrrOLGJ8Mo9);Z&g#^Fy|lp=S}1N*qvG0-?ioE;&^ger-q65g$2JlB;8;J`)rO?>u}=9v zTp*r4il?~Ed41W)7sSXI4uVqzfNc^GAT7T-J7d!biLvF6UHKpHB`FKQT+!k{R^(!W zAU?4%(ac<;LEeArp>ksm&{Lt4gPgxgEDI`~w_h}Czb{etr@q5~ow2alPGI}X$GjZF z2TIx)s&|v2P^C42X>>qNllA4Voc?ETPK9YsIZZ)BZCpT+yzO94hdW>9fSC37-@Uz` z@oza&NAdKjMRdR+krrCGiNNTrCsYt6RFl z0rAKb!RA7kS-O(f`f}=<=Sl~2vbPtr|eMFxK(NjJ4k7wVBvzO80%yf4@ z|Cz%)f>X^3MCkGmju~EdMV_>S6WD-2qFa>uiwpK%PY2s0O!pT;1+gs|AWj>O7r`js zYoxT=s6*J)D;F6PGBhwiauI=MMtK{vHK7ZM#_8`o4_cxgMiA;qFFe6eaXEWH9-JDa zf%{npN>z9wj%a)U5FhMdw1Ge+1}F+b(>LDZ-2n|QXQd*M*qomRjj{*1$KT%VWx-_* z@KFeTK@NNxJ{wB)$D{^{De}(=P?>wmPLsV?v?wm5^hEz~PsZ=RYOd-RTx4ghM_G|_ z586X&5vBPSlYSZTuBkJx)F*|hP3_yts;ti02tf`5`WIkvS&YQX6U}oSG=wTtBE5J0bW8*H4tF0 z86?ZP575-sxOr)<~jmqVngWemVT*mqCyK|ES zDhI_qK3fqaRh76#pU;Oghf{n99x#aRGt`1(!0I3^W+LJDqyfq?PXpK(gV-J)q~LP3 zkq|bRas(3CL>(+0fk*ocJ#+;C_p*Ul4-q8=A0*a?6(Zu5!12iXKn;t`y#d*Auo7^d zxpw$PH@O#9cz-x!n!+m3t^=F45LH|Y6S&f8++6|Ga?)N|3JAQ29`k;BtF44Qzf9ir1=@!0Y(`c9Ong7pWvt(LMm6p(s1LZ~O8BTav`) z{C=Z0P}lGG3BZLbG`*ZwP?nI0hovWh#Q>hj#R5TSm0EP)cRNiJg5#3-`2ZUg$U%hy z5*Bp~oC3s_c#RtvU3UPe8UvUWt=UpLC0oA~;62R8687xXE+M%g8s-f&NTwqVH>Kmj zP%EbZ8coFTB?O+#^6oE&Z0z`81|>I|BRkMg~?HDUzm!>-a& z3)^}H0~+9Wy0-z4n=_h7ma-o06{K?VFh0H!Ql&MeT7U%U8*^#>Kq}z7Bs^*qsTO>Y zV5nU{8YB;P2Xd}wJf8GH3cR8A;_!tc1({3#B$qdw76j!Yx#49daoqwqa6$q+M{5Qq)m^{G9K}l2H(sv6ziHq z$mA6!hHWYC6`lvLK$)i|E7VjBhB6tq*t|Otq+Ty%a2dT@cTlRE39Q#kP6)o9avVR(-*=b8|CmziENWefk`0X)BlIP|LBn& z>(&Ob@h3q4;m)ZGdM7~x+F+0jdKaA0d+&n$_07mUr|RuS3xYI~fLp*hmB}hbZ0^0* zW7an0aD(oRIic52hw&M|1ljBx0DabYpDL}OXMyT!JVN@s0c9WLP;na!o-fcN2aRIM z6h{hS%z-|sDh<9mRMWoin*!oWygT{13f?V3R?>%K#V*+|&j?607cw@-o1Y&}HXT6A zKbU#+;FsEgJp19_5<;Z`7l8^3j%K#I6o^J~FPXK`TkFUV01OkMnk{U3#C&vHFEtmy z`~!T*Y~3=nA4tWcqififSm~trsgOw8hecq_Fap}{JAj8^9#h{ctkWA}EisD;BGiDW zt)<*ye?v?1@j!=ko6Z>W2|$Zmm1a=~40}jZ9y>}<4n1w8BN(TT%|W&n@>>wcs*6{Y zNb;Tls(dqS2XFHjHOTLR-f>9Poq}j1UVEA~98uYOOn0CnEHapUtQ!*J{Y4W46jYxw zP*=?c-6i_&ss^X>v|WVkd!UgnXDh`#ABZ7trXGc7}{(GLl(Cg!a#SZ$~q2`i!n zjC^L{zOij`iID525(L&BtIbR}2nw8-JMyDd4%-S*W9hn74v(*jcx&{mNbRHTHwZ}l zJYF9w0e&Q~4sKFwAd}5`PDbsIEd|%;Pbe(S2)Lf^&X=0|A#ERojEJr+{I$d2kYznR zd997#`W0768ld$o^Y#E0)2pbr7=MuBN%JQ3jGU{3-5GEm3Nr`VTR!%XLAWl8b2WT- zS~i0024MwKCis>@U=Q8nxV#UPttk~&+6v@m*@BXCi{Y?Y>gG8M*`>64%uq~+N6Qlh zPbXU|5S-Nu7_lw6#!I7R37^S$-hu#ofG;#g4{KKM&f|q+ z#{kp3IEP~iSAD- z8_T`Zs@ynBD_h@o1`@-VBls(a@;u~FOe;W;Xx^_Dr~M9F!8MA{+#r$@O#6;9>V+9J zNi`k&iee*@fphluwHt^6tRHbTC{hN#BX0BHY^EPrASSNPd)7pwS(hmX+__K0z?S zvyLBpDHizv&jJ!Z#EgE3fG#WFcDv!}dgK-IjJzDa z0|}hyJ>!Km0QntApV`}^icyf4FpKR|tSWM+ALG>(%j$CLq-gfLhPr-$@~(CLWn}A>5-;~ zcg>ywbA7O+WlfjCF@*8a)*elLG^1?MfSx76LM4`p0V2%M&*;v~g@m@`o}>S8Q}o6h z*+s&Pm|@6^Xe9SLpeGQ3z7Rb2tr$Y4(7>fVW?xrGZ>djS{WUxEftVoju>v}7oM5B7 zPy|-ofnR&(=q7O{@fgZUQ%m^n*LiDEkYKJgab=S_6TBDz^_tP8@Zad%!LK!PmVSV;JxYmJ3T86!Di7LIQ>l zA|n>aP0xJdKpb`;nulT5P(H3EuP7z%{bN9L|C5R&obGf5#wA$!gG?fCDdnD@p6dtG zF)%04*Jf3>YI_7w>OE($=v7q>g9`_!+hI7v8(Wmd!iB|fO}NZU>Y+)jeYsxKyJUv4f48@~laZ?$$u zL!=+=01fym2Lw+yGqLaZ9%dnt7&Uz-<(^NOF&J~BmSY}3cwoUiB_1ieZpzY?Y25B_ z19hH+wkJEb7LZ{OFZ-i|Zk~gQzTZOa{@vrdREW9GrIX(-Bjt8alcw5CN<5A$vUBsR(>r4AA6~?as85u~Pi!5eWWUwQkST~P0 zpBI0FHxf4i05?w(pEJUGoLgbtidmVV)F89U2021>Jr4{?rv=14LOR;0R~Lk1*_*JP zp673v-*K*5;bD->Qhhzn^N9-vLlgY|C<(wHQxj;^iy}qZ)=2>Y(6Uiz2tBr z=_GV(K8~1M^3CrnhMg)?K}rTIH7fd=$mnuJeP@ntr|*~6j4=7QPiUIAg!@z_HJd+b zJ^^s0ATRt2VdaztqWcW za+#$I@lh0oz>#b`e^?T{-Fis>Xk@VwN#RyuDofH72`JLYNHmNB2k26i)^5OFF$H|B zr?iq2j6gcyX7EH@1hWocCFo#ReX3n?HE>YC)Izl;r(@&!xd(X(I%v>f zMi6qe+`0uW|F-16e&Lyj9J ze@;%k#V&B^*jw7M-mauu?BVz=+)N{QA&qxM$5nyzMkdR|u0;wHFa=-n{KVU2$ug+g zQlt`&1tzXB>px2_iMJ7&br|L#<2_XQ=Y2K;)T3{DT*N&y$r4M^=tC2Q8`*)9Cwc5< zIXQDPNZq0V@AMa3;u4mx1}ejAu!jD_*n*dW0YXl{&{zJbx2mW~y6WCFT&KD6AOn{} z%Hz%(*|MGna(GlkxJdHT5B1#-Syto_%U|m)mkq;o9iVA+3!qm!rNN0~^O!>!)>tHV zCfNM`vZ#_W6xnYD!2|vEX|PuU_ZvP*39T!Ssy-_n1>O-k$FLdjAYjy3m)jz+Vf;Sh zF_@jI!07^00qgzDzJFs+oCoP1?C9M`JSFzg4Vu-S-A-q&FGEAKxrdbt8p$*8MFw7p z6y=o|CP9_Cx+J>p%olpBt^qQ;zl<<6`FglU8dN`iL}OdVl!=y-Lg|Z}-#HiyG}jx+ z!1i#<5L`2pCYDQ9lx7oCW`V?Zq`Mq;NJswE01CAD!~hGVC^azjeV&re_~8Q|+^hg- zFlQNqJ%~NmP=XI_hZ(iap4G?b^?8Wk_tgVV%8}?aTD7(zJiP^^wcLKc*|+>U6=I}w z`zD88p{1U%q@IpmjZHn0dIfTWY$l|paR86Giryis97Q9ilOlp0#S{}3j09uohQ@p;K2p7aF62Hk{4mRH2;T_g=Y`gje#uTFTZY5;Bec6W8 zFq%W*_HliLu~JIRRg7g8tD`1wT>#->xT1a0I8E?>>bUk)2Qgn zPV7tE#q9~*9<+vBh3_SxBz!4BYV*zs-Leh?-!_PG900O1iZupNPkRsvJ^6;Wc~W~6SIpQ! zs&*+Um9QhTPH77<-;yTt0qm%#sK`UTv+en%}$s}T&6{p5*zUQDe*VDG1APd=a&K!w%=prNU- zj4GY4pX|kV1@NhVaNv8s^fS~EZDbPRZ=CdRmYyEukaQt96ks+}BzI$l%IZm9&#P&x zS$~TkAoo1Y)V;o3BNMcxwy*OUY-#7v027P2%&UX3&7DyuF5=P&zC(NzdErieve1#B z#7%xR8jocCp@@{1>36P^v{y#N1El@kbo1@J0UO=yTb#}T&Z=PV8^MNnZ#Bfv&LrVn zy|GeCJse*(F~i=Vh8RMqV{DTGMd1Wmx{k!61~|3{L=f|!gU!UC&nW6ED6(Zvzr9~F zYrHy6qs;GXlV_%WcOUa7hi+~KSpCD(#K8gO;z2x+Y;SJU6vl*(Vs8Dx+#vb|Kc+nb zmCi`26&W8~R=FC{lS96h8^n%)ojs~y;y0LZ8I(Dq*#@=i0jWsRzo_R*!nnqykQ0K* zLZl$%Z^5S=S`wru#lD?1jReEfd9DYtv-M-Su>p`Xs^`hRhK(A&>ZlGp8w@aqDCF{! z!%elB6Vg+CVBF+{io{Y(&Dxh@a;}>^V`PpiqI&Jfqo!4SjBPN3Su^SM_Gx>=zjzK77mH##5K-Xwt!JN1$S#?Uw`Dic+;&SenvN%5Ca=20JjYeymL0Om z75UuDl)e~(hfl(!8j9RBww~X5Q#Icb_tN*GtruV#EZlTIsJR$q9Bwie-t^Q%pBynh z8++=D;cd61L`3PNs<&1nVZOPlxpTzB1yikS>m-{E0+(j^#qX|d7_hNI2yMhhWXne; z!V()*1XSB39eB&xiuHa#B4+`}Cx?(G;E^57R?tPX>RV%{!(jmzIZtqr`puK*P;gz; zWMV~HX8G|U?VA(JzP|7<-~BdQ(Fw$EHkXfn%+$E-Bd;CrTsi#@x_sYbFf})RKKC)lo)}AL#BfR2<=j?-o zpQ-q>!}A2>-@6Z?xC_)yX}zA{JgtgG;3(;wNWiLAv9CF48RvD2?pUU+;d)?pWe2NR$6x&wa?Ex)h zB>?ilc@O)*GF7B$fGnTS5eT%z-XQ#HVW1Xogie=9=(nV&V-4&G-~-cZ0MuLCk?mV7 ztgH52P#kjB0%Qe+QeEP4>R8ia2eC}zxHnEbVZ}D@$L7uF$e|ix`$PY7zU3E1^%>T2 zNgjlFy#VRiYABvW;3NwJ8ct`m`oO1>y-L1|!g5nSrmQcX&EhdpS=Y7h^` z{p!;oDNE;R4p!(M6bPHpDDB|{KI0o&a8x?4K8WEI7(g1ytAW`OPzPKW9qr;eKGl5Z zuxMrB^i~WcdA&ZK-bGgcOQc@}Cl2%oUF=XZWvuZ8@*=EGrmr=ysI4`)L3lpNo((Kf{ec zSY_>_CFq!TpAh5%(cSa0?2w!|aEou}uVt^u$tIEBTzj^CQAUil^v<3#WRvKOS#bH# zDBDX@8jqzt&%j|A{kXAFBx|=I&pdodrv9DI(=u@ZDBs?l1S(|B(c9}hGr66B=1GIK z8RIpC#ytF4w5(xK{siT=e>*Jd>>CL{COk{mLFo1HOx+Ks7a#h#sN(q14C(WA=T+aK zBls1VJmVMUlD_PS&d-q;RBwD3tkuI|_3BR)^zlX|UPuait(`1hosgU^k`6(eGtfh% zeuADFV6!7!|Ob2*QN;ClneRap!Wuyezd)2KE=<3jgbJ%9z0 zK8+<555^Mm#maz40-4 zDu_n!91MEBtMkue7%ysMRdRw`*~7izL8w>}OZYa_IS}P@L?Ck3)_}X(K2Y)~AJ6mW zj8JDoZ{vyNpFK^7vn^v*wO|5#RqsT@Jjl*CB62wfJ@|ci=LdPo$CNKDQ z6{t<7vA{ow?lUJFu*~ec%RWVeBIv6^2RWs1-6(F#u(J8FVga%CyI2| z=2^MH?nS^kE5q>8?sPG$ZHyx)_EDe$e(E%Rf+|pRsL(jO$CoF#!bpfc zZ{;yBzBW)Qb^pOS49Lp$m<>8|=H75}Z)36ULqLfd*ce++kJ~`3dX6p2vTdk+vl6Y@ z(+R2rz_t^+nNj#8(M*OgkA%nxAY{pM3;0u|wx6qCW6op?1$PHwzCAe;*Q{l8Lf%-LVX6!9exqi zj%YkOzTPSbA^Z<-=DH8uaj|`HBz{u#_+o()ovIjBF0$IC50y$HNhT#4kcP}{BaN_V zI(u+O=iUESxXMCd$+){SnLC*NuTc=y;yN+70c$IngoxDGncK4kD_Fmj>BA#9qb>8 z><2pl`B0~e^i3|nerwK-HW3>Ud=~bFkGigT+-A3qCh7j7H3mkfHw=a{=X_*8^;kx) zF@^|QF<=#v1EYd&yMHL;fh{4u9w4%ApH=w-L|$ zARzI1ZB?8LVgBw1ZhPKbLV-5(c7Y6jTrGWW4}xBmTUO^(5A{;u~Lzpx5cSJClJLcdJ}W}2E6um)6egDWw$r875*8c1^w*&>!*LTL?E9U`A_{y z{p6V+nn&^mK1#~J)zxo!Zy|(diF$E}tUA#&NK+(li4I|s-ac27y>5eYE_>FDtTwe* zc2Pn9nt**R9<=D~tx3PK0`jI?R(M)%|6VH%+;d1{qeORF80L_pn9q zao>mpNK;hr9F2T`GC+P#JVE*#es0g8n{gk5OVWRQTm)%J$|YO)a7Flfof4h{z`-Z$@Xs8`f;a+@}@U1qF&W0N!jK!sHw?wtZjLK0rbk8YL+$t@z(LYOL8Gmq@y=_aH>TFzqFJ?$sH#3 zzw;Q{A(C&z`a6%a7ZPIjH1t`Gm415`o>8Q3BDA-|>~jV37fnUT-l_O{LT`WNKLq_~ ziJT~*O(0tnU6Hjx=zFv;Ki*5km5DZ9(?_G7W&ED4JTBWlULj*b4Wc^c0G?M6N3{B# z(yu_x2_U`?%2V7OcNHP7sX5V%-+4BV={@(ttO>Noc>7T zw!?N#3v(A_#Nw?#qDeM6*05}?-aPAPn@5ioDo#gw*$)?w#T1-j@$tCKpL!HRW~Hog zi%PiPqg6;+*>diITI1T~F!j!rYvY(P3j{=j#bY`O+>nkSG2PW@w# zZ3#O!h!PipA$xzz(k-GL()@za;W#Hi&p*FwW2kCn%v&oVuy}r-`(Vrkc-aA8fS~&_ zME;g$L8vN68)hJh=Za#_b_b~{NEGD+n>OUq#0*sNW}}LC0gK@#6S%*#)lna->9m=X ze`{|IO&-rnji!PHtAL&!%bW%rfJ?Tc5EuE5X3oEfr7`iBU6#S>6Auj*IRmgL70*#A zntiD|*DTT4LACaJHH)9QhL6QRqmx!&xjnL9xuY>%k?OtE!ytseSAzhVRBrt!h7Ymk zuZ^pDLIvMQc5N!%9Lpo15l`>qHWZPvN3K`yhrnYAd;lX z$1^U#87L=a$tU_vk2${C)drJm&t+MrGW+rSeBVtS`n+&oj&3B11>gnP5NQ@$nAiIe z5x7;5ZDE`*pLB(Cr=f==Kkml_M?D8}2t%@N1n6i*QAsAW2dEY{;TSG)wTx?IWW#t+ zgzJMGoN=EbG1}%G^Xal<2b|y)8>J_{SMS{1!vKOJLGsQ&y&b%jDQ!r!cX4`r`Rj-K zos%!Q?_OV)8PT6LC3WL0D%es|_k%o{l7=`SM+OdVrUCo&4n9^ZN0*eDi-?ug`cbJ~f{X=Ln zQ!Jgf3K=eLC_q$zmUW*c&hsE7wke*F0H4`Q8eRzv`tXbY$#><&kvUL6v{Wtq^S74p zJ=BKf8$Mi68t6Xo74o4>8YTqH(Nh;7K-yr0d>ay*y|YBkX2v05XtSR(@pu#+>AZ}d z|G@a_Ksb5(yA3r`p9Hfqs1b9X^7{`F^dhU-P@Bv&YR6nfdb`IVZvsy@OP4743UGwp zjea};`3`+NjzD3#)IFrl?D(!F;KRGSu|_qPI@g5XwT2IbGb$!1p|>t>^3l>aMIzOj z4ra(KQsx1ROv9bf=aU`ZYCwQK#4X(8ggaT;3?f#BU2|~PkL)1!Dy8o(Q z!Qs@m{3-Ucqa1?wAok5oq)8Fc{#r@L+aZs?{i2HtAKWecb6+!Qq5JLKGeq$?k6%wx z6x4VB1ekO}#vVWQ%o1X;yq}5d72TGZV1?}ld@D5$`cQ?G)lf>-Q%EPA_kiR$S5vn# zb}@P)j5WW7A9o==H&ZJt=+<~e((8=;PqVz9w$sw@yz2+%>8~41kgcc5Q^mgk;z$=7 zbs{_lQ6Mz}xf#W_FZ#wQI_kHb)e?Nqd_bR{;OFeVTpuqc1^Ujo>JC`S-X-7M(+HD{_97Zv z&o32nnPqvJvB&Rg4zU#8z;_%tB?RP;G>r0}RzhNTi@QJ+8S zN}tk;6D@=<&}=~UrYAHUwhv4+JZ5IRHb_H7Kus9y(-*w$dql@xR!fecAhG08%cSjQ z2yc^)B~n17FR+a90BEa#GDFm-*F$4bftrDLrx}lWTHa%--pKz(pz6ENGa?J!!GIS6 zgv$!{rk&rTf=b50|5@LsAHD)CkF|HBg*$#UnpzmJ79-bt+gwrKQEF=VG&d*3GLgrg z;j#lJGKcg4)EyC4pR;tQKi^$%ifMz%x&qLNYXFYnv0XzoDsO|$76DU*fqdwzR*7I> zt_g_D1i0ZB_V#FKa|Ym*!*-(y=X9}wHXA1qwoCIEMdqiSFVlPyFK@7r>D#H#?#a{6 zn}Q**bXpDv{2E~`=eRS$ZyS=2FLyg`aX`~Sc!Kl88_}7d_4ev^iMGjkL8EMXl+(IA z^1#(-!F^ETNn2}>?1|OsLRz7h%cpxasDpR=ooJ>nd~=}ZIgOx4hKJ>ISrkQe^8BMO zzGr-7R}eKGQ&g@?G2E~&$4mL{u1tvAk%p7Xe&D7v)hLo@&`3xf<9&)8dxIf8&AS=- z#smbSiBahIY0Gk;DoGp&`x##kAl7>N%?jtSrV_MVk$z9= z9p1$10>d*6L}REbqVp!#;e##ntdK{$t-Q$vf0;(j!2S-XVb!k-{(x;~LQUnZIEe6D zdwCA4DKLAwueSd6PjdS8PwDNSBA^8oX#!2_;UU2UiLmor!2UY$nr}7e)Zv_dwsAzz z*Eo!(Kylf`7jT9vYRL-u!?Rr$T9P-8NP&COvc9K7fZNxs$+bi!n)Oi8{p%q{*e*hj zU}d?!lY-UfJ4e*wH;=5sSxz4NGtb0)Smg+iL@9vINIlxUrq7CaNaJVU11#nv1t+od zB!JH6(2QRKY6Ml;!Emk`Y^X<{Rr%_@eCa>iv`>w*eeC&r^8OLkJLtc`kOEG1j3G{( zNm`cRa`Y4r2#beGe#SwYQRf+44lsRmt=@0zLWZ%3D66~I*{uHcX3w|O6!7`r8q50S z1;>{kOsS;=7G|q2r*c5Vkyty=v{v0Bt_0NGdD{AHC|_RQrH?3qB(fk2y5}3}P z15CDi-fG>oNIVhb3F=@H}$lHJkHlT6Y{MYR2#=cIzt?x3>(NSm&de`kN2d)&(C0=Xpa2 znmv!khFu}}+6oAWoQ1D@;!tM;HXY>Jqzxq0x$dD~(-RP6zV}LK?kLTeY*6a2W*H>V>F}U3 zL)nUa%l$fB0Qg;VkGE%Xzz}oUKoE)yB*oro^@r=T2#pklh9T6y0}=ebLwMuZwI@?V z#;ZR21o^k7&zRQv^mv~~wp*1RO7&egp?vIv$?YPMSSg3gOr5ZJ zva4biW&SRgWYypBK|-pxPeg~((ZprMS3A<`b!bK(ZaxX2z2nvIIRk00Cn_yRy zhk-7Es+5M3j{=&kfdihvd41ute>_%Ijf~0B(+NNK@3kk}`_hAo5J|zeAqN}tE$Ebg z&PG(wvqJlgOiVHZG+JiHLo8cTisXA-4vIKW8i3}>?$bdl z(=;ijj&o)QCsF76R3&n`idS&K-h{%*5qy-C?%A@o-!J@1|LtGiVuKm}v>(U=Ch6;0 zLP28q<%y)lp@DI!!z8S(0KD&on}YjWeZRX_PY)Wt`*elhGb~h0)DIf%Zri3Sb|l3} zeQW<1HV1Tj>_dnNskz^B|L8BV?LXBmvQx$cRnSq43w73D4iL;o2a1CpFmcICkqbY5 z-&CG7qtSqQ5}M-t@RPW3Vr?t}yXF~W*$)pVBkND<#%>rHP z64$tGhT!8CWHdiPf=90h3Yds<*x?&9>wgYA1t!#!O2651ZiTb;Baj0nhWN00vTi>qlUt9TpsSCk>~Z4uqA_WP0>a z6bWJATaf&Y-}n5F?9dwXcYnqp7o0d$cCa+VCL}ar%of?nxKM~-G_cmkCaDAk(v;Z@ z0E}DAnMaXWBb2#%dc||Y8HlVatJ%Pb-n;-Y1xE6|Hu8szBf{ImjHAW(5|uxzu5PIY zQJ8ozWTGDU&(3mA`vjzVqr|ZHOQ6llslQmNV+|>+v!9wzYu=g2g_*9;fPEadeX9TiY-Srl%A`iOtyiffqNE?UwlC+Ge31j@nODn}Xp z?zYdXNfM)Cs{x)WgN%5+3656SU~{>b-QAo%UkUBX_U`J!L0$e2It^KNfPTus7_ z*Ws7@MF;1O9wV>oSrgE}^)TO@+G4Eqt94EDdX`~4*`qq*(80~55rMU#5*_@Hf8`_##82|E+UTL=u0bUBS zir?RtDlQmsww_R;Phd_R4u?bI1ggj)ULJh^%w%QjYpzk{I`-ak6#v&^YNJ)d40nkfdrJva2s{4~4wD5wTvc>+!USyU;NH&Pupuj9=XQ=x(Jp>=) zv6%bV;lz_K4O0x+L)zoz?T^cdWkptu&tk{d6<%X?|nc^^<$}v{u3Whe*K!c*%&2 z)w6|mt&z1jm(@Ak)dRC$1P>yGgZL4g zo!kXPENt%0bY}DeyjkGDxLGCWjB~kPEW9b(=8BLoONDv==wj9s)OUU7sT?2uWJ zist)F>Tw-95t8I5Y+Wu}{Il*=(6|e!75As!t5>h@8bA5Kz^t+7+tj>+N2hh^LB1~p zgeQ-Hn)DG4>RCz_0qHr)cGzF6IZRXFfWjLy=1;BT$)zQLL2mk?!TJM*h>`m7P%H}5 z=jm=j-{X=73!-OXBOmO-6u-M%oQ}w;3n4Im?-9sa1tgd}673mtC ziRaBl>dN#q+=;ZX^NM=V%=w@nz$3iBN+;oP`N=;KDFW4~ej~%Vzn4k+_MG7K=Pe;0zNT(4&8$e4#9}3uBu3$A6WL`Bd0`V1ZRItLsK!{&{;!NXqNlX4#rp*Ba_0K;3Vw#cn+NyK3_2;($freMt@0wFLBPjmpgf5I|M;%T?!U@ZWUu8uX7xC|RZ+O21Wp z-YHmAi&?Sf6B9M8Bpy2pEX72n>exjw^knrS`LYagepkot(itS{Tb1buZ&IKMuLGehPm*>M@X_z&qDFr( zR#93`xLqNq6{u%^Yj*swVK16bi3fS%fHarAs?WHn?QFx;;RofrGzqwH9t{B4B1Z?| z41J>+dFu|0YM0D9{^c;#Ash$181{y^pEboIBaCBm2e$Ck+lNYuk~Ym-@bdNcX|WUA zXWK22F^YX@WNeA{f&3HGT=LaPDf|f1pWoHDm_I5-*&nnzV6i|jhv|O;i`4e zM9^+}Qt8aEUh$bi!@anU9>0EMW?0aAggK1D-b%`9pFB!K3?pCEG@G`Shkxh5LW-5k z9KU%Aee+Z}P#*L6Uk)6L!EUI0t4-U=uoxVmiCt3Ee$GF8^8e0@sdpCMa9-3V^=CY@ zVqFyb z?q=(wNXR@G`}(%ZDSQ9fQyK~Yqfz~`noavNw(2lqTqbr%1M$_A^|bvU1B8utYg-$B zU)O-T8P1P$Te$jq2N;`uTeZ&4xB5b8|JFK7il9dON6WpwUi3u|2mG^%fEk2^Ge$ej zblZAjbIYGCgZOV!T5ZDP6J+_EtYVOc){mT;g831@K?#Zh_7Ql!2 z+g|_SZ12n2-V4^kAH68FZ2rNCTVBv$e?h$a$da~C{M=&MX>uRlnHpDjyu3XQ$@Kj| zb9mzx(HpRUNL3((J>3CGWO|lvN&V?-CsJINiHW59)p5?LWE^?fFOsLB-F8yKm{xA` zlHtt>bT?I64l^uJLXnvX2E0{3Is{N>7cYPeHs-T&lseTG24wI&t`7i?b~qOQ#b-g7 z7JuYwkNtB_Lu+bs9Sp4$aM}_npX)I(Sf#ECB%k!9P2j8T_8kEw>~XW`CX(8_=9t-{ z=U~WhM7w19B)j{&y~_zgoFcU!!u$Mbtqir-2asnWq8R;KRhQxiPjMZ;DV_eP3jw<5hTTZz9WhI1eEW-E}U@=BO02@{i{B2MOZi3SvYv`QiN+ zCs8?%4eqNCGDZh>Y1;--o$h`XR|OvSmjXzT0_=9uB13Q!=Pws*(9H!LYT_dNyC%Ew z7m4q#3-&)ipV}rx0M3;=@iakmQjafMa3kxwioTzafenTq?NqqZz%uM}p&z;O!CL_Z8v(c?Pt2aLv(c|??spv+SP4XYd!-lJ^_Fj7&_WY#^N!u`bm_+sW@hZ~Q}nbn>4cW<&Fbfu12 zr_L_Or$e)1k*)NtOyBqa01wA}t;aBN0FlV}8RRzcyQaDj_?T73)&IQaABwedbdV?X@KfIwc+!^%4V69_6q&knz>;u21f1XQV zkneLLej(YzH=)bMPFMqDF%fzfAb-I!;oYr9{^03fZF6I~irAN1HTSjedk(*|*Ik{2 z)K*-?Tp?vxUo($tsc;U9^|yUL=g@uM2%)^kijF;0@UQ)P__(9AP z#s0TW#Tgd!efI~0n#fOm=V2v>G^-QoMP&3LE)bX{;IYlS{c7>P`sexXdp9d720a6~ zsQJYnR$vXnq~o~;hwcN|)q}oK&xGogyWHVF+A0e7ck2D{Cyr#BAt4tuY7BVHbD>h| zbBEEFx_biIy#DyjpL>V;)+oD!=ri+s?#$5e_WOgu#x_@*A}I9MsljemYi+^5x%u;b ze`*uLOJsic*p5#g9-8E5-h&k+OhbuN*OO&ZUw^#vZ>*&PcWW?=^~6a2{w@j*lPx<9 zVCGgEn1!NlR?eSYRIJZrzW*ae0fvX?F#2dp`8)S1A1{oo&v07JSA+(HldX^XPzde% z(dvIaI&Y?T5@hQt`?m1IRXQVq!6tGvB<9P-Ed;;!Lz!(|)R_M9Nn0!#`H;OkH7lBaF+G6wAMf4@kls}HxoK6L^k=U-4t&gZrg3YDU<_* z2m~Dl*Jw1y|Ir`6HGs7!Oi0_gQy6}JKZ+eo=*KF;Xg^4Rp3s7d()fR9M2mO|EJGdw z(Lv_V9H+AJ`3rdlyS9csI=sEz-El(gS6&#k;t$W>`Qu>RO_2~XxaLoN&nx^zB%#xb zXwVPS6o8I5VIu-T$o(2YgZOv8tf(9JdEdKekAW(F?wyaIQltqz_6E;Zkwh(dk&eG@ zv=#YoqYBHjTP8m`mO7qDhOThbJ5UD<00mZl zbGDu~8I~|Hw64l67XIeOYgoSPZIbWd)W7RTVWy5=j{Me7XEA2f3G7tT=!&gK!FHU#$AhIDL9Xp+21D|1%-*?$n8|ND z#P{5YA0+m#1w4Rs2hM1ZlH;9zCM{^vf9{cQ?|=J4poM;e>A`BuOkO)HNimx1eab~0 z&u&h5QjdRP$5GU8-=fCsqR9_FlBWDw9(0a^-|a=hkr*HwppnL9hCeSu^iQlRocpco zxb>TCe`?CNe&(4I8#36zF3%twbzTwAVe9^(&zaT9erf*20kyp|v1kcBoox3fNA0%= z9d((;Hj1sEd77tfF9VF*TzqS#KOXp3$BM#@%OU}blS%#D`}i){k7ymvROOFTZjGTFRF0VZ+#TX6#gP-N~TZ3CM-)imO_*$9zzL%UI8@6_9K%4iy zD^(uCKlx^w+jpgC4plmT3V-y<#5kav2OkO)uA!)NjLP8B)gIA9p8(}f+w$K&Zol8z z5`H_`zw_aNDS)tqRKW~tcM3~dYSOU&4vCdawT_+tiG7*5zGswN<@CZT<$Dbmc9ut@ z^brBnGmt*}>rN>ll`r_oxZ*!~ZWCXxOA;9B|E$Tq`BvwoZQ8j7k(yx3lIXBXUkeOg za(4*EnZWuppK!-5@~xddJcn}4-#VY?KEG?H=-o~AO9p~Z@rY^9OeybT1NUET{Ih;N zc?uero3Cg3&m53dgo`h&SYo}wAmeodPkg0y;kOGwbhs}3^IzQlKIWYZOl?-)@0g!z z$MVRIl8#re83A)Zrg9x_sELd zH}a^DeDbTwQP22y-NIKR=+{j<&%eB*bJ+PpR34csf~NaiXEQJWvJz?JGDMw4zmE4m z8tlnY9If#E7`cP|Q(tFZi~}rrEc+WJiDVywgcIo2Nk2~bss4wbxW0bkdfUt2{%6f6 zGHTGaMxi=T*$zcPaJyOiR_B&?@K5(6{)5Te7n5}bQJvo!%2M4Lg@h2z!GLkwYVe%< z0m-E|QXRd1G5mKgpMUcly1gE6rknpb_6o&fCd5)(!?$5j-e=$A& z-q6_wF;urmYON}TH0q%=aznEU;U5h;h|pKhBX<1E{=_28wdHM8jK^g<<#jcIL`O{$ zKoR*On#A8cJa_+j-iBGe&%1R)%RPsmxp0e;jYl8N-tCPsK*=Ia#}mOAW$ZJxLc~@7 zV2;Q}U(AWZEvtTOeWB==`lHX58?SOU6ZVPCQ?8qL4?2>T7P`#~#Pm%{mjaz5n!y}Ji`?=D6`HCeU) z;1l_~9$fgoQTETg&*LrNU5Lb>y#rK6fZBwD$+eY+^U_#G{5@;%rzVShwJCz+a##MH z$1_aMcuR1mOZ*7E-uI1H;rGnEQ~tu>M2ME*1pV7z+;^;|9oL%e&su?#HOax>>Kku8 zt$tGA$oFaf1p#O!;jzKuy;BVK^$+HKr+{w*fidvkbH5**DQO*zwGo-Wk6I)(Jk8&) z&%atO`r?M7z>4wf@v7=mJRRscm0JDAX-fv@xEs@ap-E^n`?hL7G%>vY;s1~I{;p9c z^XOMMxq`_)=rHS|Qv=bsz*f-1(_{kHW;>IJ`wtvw{NdKS+ujY}?|OX2^p};s{am8U zOFr%dJC8ja8d(VjHV3wQ!?l0;Uy<)DiDC0{+xCZV(&y6`YLrACgtZSlvCH#H4=_~p zjD6Ov#$x`G=3M4DL_8$XpmBjkAbv9Wq}BT>B{EJEnovFkIjI4^B%DSzBf9`Xd|(@Z9`+d;5vBvR+pQa#fBFl!t?aFr>fSEeKeYvs z^-pfoXAHPOH&%j^yG53CEX&C6(nk^kZF^b&@Wks|^A_j=gSqBU+q~*H9>5jDXnvlu zv|BcgZHbC^Husw58GBSB{RwS~`44|1-%v>6E`>lpcxFZlzy!9IK6Cheqbn$>TR_}S zV1b0Ur@GeTh>d^ip0{@t38s)qT%Hu>kN#A}nKSoqhJSUg4G=G59QOq8?&z3D*05U) zeG31CtqFOu>CL%;o-U{8tvVCc=~BNac44X7~DB_tX_-lvq#BdY)J+Yo)*5RQ{r z{5jKp7P~@EaVnYv+V8UpoW?$ly#VQ(^ch_4r2hE1-+Xt9#f11}y^KG;UmEH+C#DOz z{+um2CfmNpLI_RJa_4-uGG%O;|JE|Tdd@f+lRtmwLU3_rf-|L;HYRQM#563mT9w?t zx(tmDS1SI*k^fXimUgSQA)}ud{MJ_AYx^aGh zisFFAMKn5+(FEo|pz8Lr`~K@s%r6g`^?PpJ-*p+jaKrmt(w^nmAPq8`we$AmPq)cO z`;Y@zwnYD}H?in9_t4zyqCfNfyX7Cx2f-Th@t#Pi<+3Is8{Eh`IxZvVACFS7NinFe z`frWbx$|yoq4#d}Hb&EOwmwrMYg^=_59(hnciZvr9Ox_v1OI1Fg?Ct#N>0cqvssR6 z*QTxnRQ4NMdbIW*H4gi@y@i}MnEQ8M!0i!kU_{zAAvG-b_UjIln7`_Nl+%KpxaVJ; zAAY@5czY>@q5hoZkci(yUP9$Y4r+y=4F&*2{*RiPO~~K9bDsfz{8{gEDkbw+%pf@P zv>F$nT_2Tu9{*?(MSgzq?>W0|`X{G-1?P2gBlZTs6Hwktb#$_TZOT0Mr+?PK{NROc z=6m^u-YfR{r*`4G_KTwD@7|V_N_8;nT&_*&*xb#2U?2GLPu;NLzdCC6{lPi^YC5;# zS39C#us_@lCNcP!N3X6{|RkTL(&!cXRBZ#Vn5P3OlO=*a}NIz~`;1}|p)T5H<19QYOp z0Y}x>KYCbat1k{zKz}^`;>xgyU5$AM!rVgM_z3pqI^q+sdrS1_s(8ya6azJ&ospyQyWTa@{mj*-AU?#MnQ;j zKxtu5HIzM&?akt!8t%b9zint;wNU?ZlW30bnC#LFCcg5d^~cwreVFoLE(4z~RDBBo6?i?-OndID%m>|`lpW&q+~xf3i|5dP zeM&H{_Vf5{Lr@IRjC(*XIaEc6mvQ3?B|_Ul$9J?z@!vkch3q@mk*|}|{J}t6@XJg= zkt*0}WPnGyANE=Wdv)Q0z}}KGmfF#x{>1Lx*7k6pga|!C^!10QTq_c>8BCn=IFl{{ z{h9fs;9B+M_0XA<;yF|C#Zpc`t{~Fwe`1|LV(43gQ2^nB|QW~tf4)< z-lpR}>J@C^eBU|O3hw4 z@cBMtMdz9u!V46@q@|#ethA~oU9ku`5*P_OYF$!yaH!jj<~(X5(w}pdnd1Fa1?{GS zg?0IV*McCmhU7ho)0t6tU$2f9w4Ju`cAs_2YQ@ z$Cwbfe~!R4CZZS_|K!RHxdW5YEja$eOGVJI8;lcMTkZN{MDBqAzh@5>|GT-Czu5CX z*Z$|)|6Kc@YyWfYf3E${wg0*HKiB@}+W%bp|C4K~6<`v@lj-KzAddn2cYO!L*siBr z3eLTs&;RHD_5Xq)F_ywQN)A6!vj69-cJjh)*YNmXcjxSR6X5 zxQ{gHq#I^S1L1lbCT_T#pbUdW$^e?x-$=1h2JfUMuP&qSmLR4`(=p{-!5P!L zB_5y_s4aAXRBcxZY?c>5y5S)=O8;SNFiqkpe~qkw6UJgr`viR7ERm_$z|Xb&k_JT` z#bhjHV8Qhu=u|d8O&RB(4=J76rfUgftaR%fxSGWTaAX%M7;*{_q`coa#rL%45CPuP z49XeekBN>VH4Ti`b+Cbw1IQHpM^CIG&hdFkP2CfTif}w8*%?N!KTyL`BPiu&^`6E$ zMQoYcxuCEQmD=_#F%Wjuc9Q^kC6H_pOI`NCphO}y7s+$JyE0DzkJ!yK3S^;5N?!z- z(0EF4w_&g+ntiGXJE=8=REj9159fmp)6Qg|qg1!aZNf~w>>e6xhF~wV-k8xf6)@4D zH^<8B?ZTV<{Yd0D%y5m{%9xh$ih{^W#%HIkseH5}0`Zbq`OT_i{mFP7PDDA+vK9eG zuFxIa9En{w6XNCXLM@x_Q3LdIHWJ1&cqK|yHP+udEwYW*I3%&+3<=rgu_bb$g1bml z+~$MNQ{7$z2l6i*(fh|EXV>O>nn1D9-sGDM@K{?c0n81)n;lqLl<=vX-DBr4=1kw?*)G5sWgbaA*JfS7*kO|;#uB|^~o9+P`YIslg}cgTz$sMjj$Yn>+wSSBfW z=Iv8k?TL)(?Fk^D^XS<2@QmkEjd|iIguN)U0e&D=?mDx{FfVrSw-HIbL8ytG67pt;Kq{~lZBFE*C?G-U0^iF&V@GOJ=mFhz552U1#DEize8s}ZgeEE(Y z7Qi@;#fW=kAX$gE=7+vG@{^9uCHZ_HCwYqnHcFX!+*zw$W%J;RJ1p0>2?bU`GI90Y@4;PM=)Zk^;z?W@=0Z)qLq`$2^iUCBWTC z?O^B)pXZEEcbE)c#S#a;%ZhRDhlgxP@on$HK-m8Yf};c+p%8`qH-wPXe`7d>{&xfu z`G1p0gd=25lW2zhugqs(|CNah4nhAVK6xGaFJ@cItY51nT8H`nQxFHfe+i#o5a)OP zT}(eM3pCq;p3J;p31NOOSiR}O?9E1>`q-(r`K`4vaw3#ra@?QLe+ybN#H4s9q4#Hs zRbsmq>q%usrjV4efru>p=N>ncyYYq)pQ5NVoV%TjuyxA25#9L7anDNO+`<${6)Mu! zToi7!=Vwva98k)=#mSfi#YnzqJP0)Vw=eL59g`&Xz{G6Es^ZNN2V}yqIy@AQ@XVZ({pQVQ5_@AFShQ+ypIle#N zS8Qka^ZECO{d=qVeCj_xJ?~qUKQyV|z4Olp77X{#tvK`lwk-n7w2hA%_Ht=nVDqP= zOc5O8sU3Zfmdmj3i>K+1#(ES4J0>xOa z`x#d@$FxScKf5*|d_^loGWJoZci=EJ6(vJ`fq92kp4`Q~&sVE45ga*!79wpZ=ep2N zcq+;)l~HJnsif0q4{iF5F>aK~Z~A9k z_(N!@mUyKg0Ha7Pt%|!wD||srFGdtWd-gjmOfFh&D^Gs9^TW zd@ydw$SNdIOJKjrcy9UEsM{$6Fhwax6BfImUZ$Llr~dx?Jc+omlFTjb97rhI?5EQg zLe#}8H6z9Q)f8aT{Cx0(O&pqc>JQeCU_7nvp3s=#zb?sGr-w9`}n!iEk^WevXM1I1uz=z?sw2Qdw-i;p*@?LaYYtr z1SY4}mlFnV5bq74<`=H$HcZeN*qKF-VN%X?~pURo!DOH?jRC_z!qoD zSrJDk1bBjW(Y5s^(-tJ1p88WtP6sF4;zLuavE`YEo%II|_PBM1b`7eqA&(f_R8=WfLtPlvhb&VKhJ#rEUW6sIVx~TgXQgcy1SO4 z)_7Fcv_94H{R*~lYatVg9|Z0&!jf+9 z5oO&0xzB1AV(Z19-m}R7(8cTkT^)A~S4c&e{wQ9pqNGT(g+92dixq1WcmTFT6CNMJ zyZAi$67`L=QI!@?h@Jc_$33oD^CzC(ZxqurP)ilmnMkOI3EW1<^EKHRwt_8L>!|Mp zjV?4e$QoVPp6?aokbvaXSiXN^<?41C$UGFe)(Wkp*h@ONYamTcUy`#lXH2E*aXBeSW9(}5##O8`mA`p8Y*o+ z2w!4dM!bPH2?kf=370k4zG@G3ulP%q1@iTaz9*a2Ts%kUNLamc-v7C~x&;vJg+Nhf zG@CM}M`>fss;JG+E#F^WW(ChXJx9iRnnH`AwtG`citE2z{J;+V?(@#>!p*sKB`Ucr zg$SJt7Of}W9N*#bGq^u+K-c$t8>Hn*B?}?83Mn)`5d%_1)HGj@Kf!xz->vA$Z(KP2 zg%%jbD8|w`q27oAIC4MS&h4*Yes${*>{F}GinZ0+i$>l{q={Tr9;oN$p&k#Dqk71; zAi0&C&;e=q{(z6pE|l8dTK!P;B}JUa)gpG1DMBdYPiRE&8`f^lTG@tfO=U+E}eZPk# z^T#A-v@*eQt6z;)O-&8gNT|?Wnm3B7b@(GW$V6b9@#)F7OZ2DrgQ@2L=-$8`ivbr` zcQkt~v@qb*igk5pBmMB3!BR5xK!t(gXObuj{1khdW}<}z?B|%lqJuIju8M&jw|I^QC<} zbt-F&I9u{I4@-lAh5U<2{K3YAGZ-MUA$Y5jpG>lQ3$vanlM^HPWMkQ8Fki^S^HrIn z?9S}Lof7;7Zg-bPr*o0lE zAW^LAOPeoCLlA6Uq3;fj2{A_8J>TK;x0JLmtR(Cfq(cqZk&JTptx7$B5{~xK+ux^y z^6uk@<5)F+MDpz^1me35no4KM{Ly_RIQsu+;{mEo=C}RFk1zQBhbkB|{qwW&6ojAg zzT=j+HHQ7Y`o~NB+=Y&J-vP4yU|{gX~GboZGgcc95W zAH1eoT^J04y?mN89|##ZU-h$@`x`|cS8{XodF$QSBbqagl|P!Zyb=xlMzy7m6{A|(9Q_M&b{RvWWk#jQu}_YRNR9giTSYcI+dYaC%Pj*&TL zzWH9f=v?=&^I5=m+;WFtrv_MGM^CJi#N(Q+w9d%oh3_dG0UJG@GmXZlCdFWq^+EIX z3AFvA6R;bC4^|0KPjrUKXIt5h)%MeVv6`_^U-QG~+6lD*aAxxirDRR`cSAf~hWoCz z%o4$f$ovZAle)3{8Pi+@+rhT$0AvXarh)$I-;FX8{Tuj%(AT4Tp*{{<#NpyqRF{do*4-M>TD5!iPCHPTy(x4E<_MW^A!+ zkpUGZJs<{9w&KZjv-`!dyIsW2peQw${6+eW*WG$muqoZrSVncu|jdwFxer+0m4$B0FuM)d0Y;JT{EMt@}<0OcpVR~V=^u|t>!?il}qcvL< zAor#-g=d8(cx!wTWVqsSsaCe6n>s}1$aMDNg!_H=7E@vvJTuebp?L~C%Df8oi}{qO zm!7Xd+`*n>sUFO6Yn(*9I3IF|2`e0EW z5J9tSJd?23w-hOs_>qsde{Dz)P-_ecc65eMTrVx1Xr;rM2!cy+(7+|Ve$LCIv~KSV zSfxPZi-ZT%qDG@i8 z>bF;$z(E!_Cb_lOzVjjo0vmFL#6ns=%1Yzzk#ztL!tHBQu|^*cv&CV7kH^>!oPFjC z9=F~%o=e!Y3xkK6Pex?pTld3h(}QH-rk&-HuE!0!6dg4qV8!nOvO z>mUZ0+4XWLb6c`gjiH_?^XA=G443`1S2~6*fH2M+$Au9IGa@fMhBvr|Px!$xGTl9uB*o^Qg<1o>e>-giwpilS(GbHx+=6Uyr z+ctAXS#H%6wLv`un6l_>pX1|Ts7ER*a4zptZ`?Sy2>O1>etdu9&3DIJ48;~gP;uH4 zq*Ld|t<6Q9M$G-E7GhzDC*)9&A3Ia%a2T`aP>_Ji%lCwQz>0)@+#$(%Eu z-lAjLZT>DE57rM7?hs?Mn?=#&DAaHzcfoBR(ABqwSV-T5*FKT>rboo?<5_9_&PgK+ zyiKWe(w`P}k-QC;w=7g{m$T_dw&i9<8G&c*=5zc10gl#Mn#1l)>13}7ze?wv}S(Cp+7U$Zt?f0$0* zL5e-y<20bRtcv05Jra4iQ6LL2y3jjVJsk_;uh}sMh}%6o#7R|nxT1XHzQ+H zo>I=5h_qD~qB3FPp#ts_(8vq8{V5)kA7{3wlDxR@yX0Z}opZFlKeK5r$nu=Gy`oy# z4g9%<=A3{NCErmJPx$KH6GHenAdwmGFm2kKzr1b^<_d+0HHLG+8#gW)6}Lm;6`F2z z-P;-_>81LCFDHJUeHHw zA~c}!%sD~OHnO+S+EBg5K&IMad)|5|K4msNFge>uDz03Zprakeg-e~E4`o1g1E!@d zFqlVUgP=amuPqoyiozOPjF;D4Q|CFvJS-}2$gfvZ$ zO`->*Yf%LGVJ8OOowwUouq2_**q|qpT_Lq}eNWA|hS(QlP6XBrLJhMBIy*)WhVjv{ z2I$3Qk)w@pG_-&(>mVIY{xHejqN~b2A0&>*`?(9i3a|v!; zz0j&1N;=p9L9=W=@xiYm>HHSnKH<+?k4}CJV1Q?YG;_bC#rY!9emyCjWifaSnBvKe zV)c2iN}Zwkn1Uz_%^y4gjG(wQOS{7t1fHrMr~;{20g);#1-f_#=M#>uJ-!^*Jg{dq z&oVTxfeJ2Bd_3i>k_zbP2s&32in^|5uNMvuWBSv4PYr1%lBB!Rni20pGd7X8{`SI> z(Sw!9<1hcFNyT~r1c`reJX;1=%DfjJh20ent@)uTmsQrnvw%tWA2~>VO4{B77({z^ zhnKV)Y|982=~0utl&v&PJ#mOgSKE5w0}>(c9e3ikkMq2paT?gF;e88CF{MF}gkMXG z=TXUR?R5AW@0%{P<}CdoCJ>@N$?cpO4H+RM)fQOac0{wg0a)1QC|tMc68E4NAxB>l?p=bWi8Ywch$l%fcXrEt zZCi)j`mt5>JabbioT^xe7e{D6`77cOHFZG{J?oubbTZx56gB$C+&z?!Ef++R0toVv zq^lG&L*8;%Z!U#r_wnX0600yf)lqj2v0I(s@f?%oS8uLsfAlyuMVF_`!hRb5G!y8) z@5q(Z*&eJBMK#$e;2v!i$({F-BTw|*)$9VmOZ+%ftvi`!F>?W(z1yNrAZuwsplcg`Jo=C}TAX{CugV?^Q&&3$M%jV#;N2brb|viacg{?Wq%Wdz=|w~^T2 zLVXYBv8~&w4ZDd4bVPPH|6zbBJ&T!1M0SF?f)o;7TCrAIqsL-ALdW(`-+PTYoidUs z9>-^%3vgX3vUdCJfqeUq5w zCGQ(M-X6t1qd_luUjFuPkG@#dW0hrsxJ6vUOQ3Mpye8wCh_u)uW(4g+Ibb5FvCX3@ z0_`S8!StfMnJ*ziW+;#vO8N~xZp@@80>~=iBtCPEOpxM@2?>(UoF^|7EX@@xpRSTdUY+O54rX<-X-kvgpm8-sAXefU@1Ve6s^vTQlT5Yy`Jd{8 z48#{8mDcIhhXLfyLsXKNs|dA*4~6+gS}hiC|KBZl6HjRMXWuU0i%)puj?AC7x)2ft zfUW~RgmOk=IfP0|Y4SLKy_=dQLq?3#Pz_u(cAtGp*~+mszBIgBByK?Koj0z-G+bWI zq(l@Hg{RPRNd2Ar#nbwOf$>Q@Mz{wX8a%Kz;8&DPpY&CAF9wCdTX675pD)U-VE{!n z)K36X)3)P^+FgFI2oU(zKIj2L3Re&wSDFK%)EBaY4@5`wvSO+c*gw$z8Pv&tIU9^$ zwR4=wWYLB^?XGI{5(PwI0(2lLLQ{sp7&*^#tpN)>tcjE2_F{um^g3bhT{Q@~zz~35 zoXD0yl7J{8%RC7#!>wz}@u)sFILe65sHJ?nsd+(S(6IuHSpB}nr6v$1@3To{+fKYk zdIG9jdyLtj{eS`UFwL?4F&6I z(dRJUeyKiM)uDkiD8V9M<&5aQJH2ggcq_ghOT|gS^HgOUx6C#Y>{hPO zx=L#Zz8hi&D`g@8|4vdDt*~d*t`drpbRfexH7k+k?~}JZ%zQgBlD&Y6Tj1vPga1_l~>*y;IpWw@0Ix3pOKD8RF^#pTjWCj^M~}12P|!;d_$wKoX*zkA}>TL$=Q_ zSrsMG$PdE%zzuMu<@)jhlr*Nw&IPyRM;C2XSJm~of<&g@#PrtP*%o>kJsS@wwP;g3 zx2s2;F%A03qBnTB89p^ju+w+GOtVpc3fvuWoNoIRJ3n5Xp3uj}yu&%Yrjl>OnQ)Ly z*p)_ZoV&ft>vhpH2#nP|M$b*ZR0-`}DpQGvH}tMiJmnK8@3?_718H)7Vji-R1!_ws zsOLz{L3!1?oyqj#g6UNEPqgtwW-qI33*;{N&iY?6??^t&sdwgjjzKE z0rGl0`)e9^n7p0ha#ZF!>3gHBr|irP5thQy%@S32360IHgHf7s(7<$wV-g=hrb@;# z&1}X)CE{DZn>YvlzCK%^!KU$E;c?{isSie!dBhrdZVsqHulZ|3X3?bc%<~IqA0N1D5Bam;n@kkkWc<M_U*5IZH-`p{5iZ#jlDj%Qxaa-a(CDBPH zZXzakc8!*ZN@)N{OLZV&(>kr4pkpl%>RwJo@6>`FAa7~lwED~o*Oqz-N^bxL2Jf_U zGp;V=wnq~ne%cL56Lm%%veJ6W)SUSx^?mWo20Xh+dP5wV#=!uWFP$|~C7UUCFEZL0 zLM@me!>lh485mtx%960;=8OmynsKfSmUC$V)n3)KhHx`g5HQw;vFJ-WTV+~!8OYEP z#-}E6SwGR2>+m4u_I%<4S(%XavX>vif%ViIKB$ z8r_)&ZW_i3B)_bx8wxLiBh5nDmZ&B&dQSkliTW-Nw^%6kMa>^|I*sBE5HuGgz}+D* zIGplXyjszwqo9{H)~Kh81hOm-v*~|h?mu=dN4jlIu$=|eJKR2TK&_h8T-2Ie>``-3 zYxVTS9r2%&jk<|K7OGJja7VcN-YZD6Ip_EWX*LZ?yzzFfU^z_fzJXB0al(sGkZ{v@ zLtKS?!SO!8bVa!~g=Zp2fmB~Z;00DX@<0H5tU(1j+!ET% z){uk~d;r12dtR#1?`*X{dlD}J(M2192{>T*t=hO#5$2Njw{W1Ld;m?hDAFt(O^((; znhReZLQO@MaW%ysEKaP;?o$N-gvt+ljvrEgb^Z62ZDcdRCnH}UUZq93Z22m3IXkP! zNL0t>X1MZ;C2dE2H%m;(wY2U=JS3(8bj{vuaI!Cw)x-r9u5BN+SN z44@0JoNsw3!#r^-v?Scpos@H9uQk5_lYUiP}(j zAdDgNLVs++|IQiDLMH`* zdCwtbzsoE$i;@sU)b&d||H97{=sMxY<_?2%4iBEgqM1iy)%K_`?~@?)>oA&71W6{y z&#fb`u4|HeY-Q%#HRw}2{+(XOI||u+zE{=b;HiJ&87_`(1S=gFe(;QT%?qVu-rt9Q z{boqQ-JNZAG<<&Ky@jM9mEDZ_@`4bu9DcBCCyXshm!@WGv>V9jS`9rp%(74DP!+S( z3Of*nVR`@!0tW+){DO${8jP*%XLS(gCpe0)PdG+Gv=}X8Ip7g6Pag_yc_l2&3s2Kv zgf1x2N0zo1ujkNU((YL>aEpUrRPm!Eq`{JUnpl12d5%pOz>H zS9QqO1^P=-f_Yw`!+KeA^Ri6_Uc@-#12Vl99N7f+5XK#r2XHSt*F^(EMRK}%UKdSY zz#Ok7xHltz9xcUWB|-f%Ox8L@N^gf5&JoD3-w_sml7l_35HR<{Nlnvo#X*V1C(G@` zzQo4xH3euY0MOHHQf;1Bv~9SP0RUwXp^+9w_ZCS%=uXH*1>@cxbt7{#2w0OFr9({Md_I=hE{&ZqfU9sfYLjMXnu=*C8q34I_mvZ0cW1edjk^lf) zW*WS1(S1!tlq%1~RZazkPxs;8@aph#o`sG#zz_A^OtjoPEi>e${EkES6zHz`w5@hd zQI;_F<6~H$lnLeok%T6sO54%bgWnKmZ~ZD`gH5tc=j~@9ew#xf8;p7BpI7P+hp%7e zMrXNyz#mle#i-DdWzE;l6=T7C!Z_@)Z+4O-X9{`p3MF(y&%A6t5`ac(P*qU#{>M&gmMybbtRo zNdB5@JQsg>Hmeq;1~W9v-UPLQ{B(wV65UL;xC>CUA&$+0EWuJG&+p?)vPx<$^xn(p zXRQ`W1KEgj>9Ro)5edsKMQ|3?SFM_FLI6}d#^B%Tz)3*4{LA1)Q=h1&1I`vHMr_wLlIT#EQ zQG{Eq;{WsRMml}-ra)mJOLPZ!zP)4X9(0Mu2{_p%*Q}4YMo|kzvlP)&u){th7kDK< zae>zDzfga57;*K~Kv1_$O^&Io4p?wHFYH|yT%RDENQ2q%wtS_F}BU;tS@j zUp}kVSd{m50q2asGzBiLUV!Xh-{JW6t^sL={5!)@KZk3e_O78F<7XL`r#U(#EQ6+bm4&2~}mtj9Nh@9YqXFJa@4uq3Yfg#c3{+Ji=x0tTE;gbfcr)%W(Hli%q9_uAc%dgIysQ%ql3r zrQWZ&U*EoUJta5&$a_v1t=c3T{l0wIJpCpV;0d>9d?jt^y8emxKBV5fn+Z(n&|-;m zExNLFzQy4mE}i^6597d@JA2xZ8CS!xEc$7lNAgZ-;g{im-3m8UBbi_K&pj;7#k}Q< zpR%=jb`hM?7ay6nadS_&0hI}26 zyRR^il%nSd7AvH`HTs|=dw(8!!dg%Mfv;}E&hvWW(risM%=VC4C0Tw(Vn5By^}QFC zHRM<}82^wB1*Dqo&;@ajOG;9)70g=;2+yg6L|z@lW0DhH0;TdLvcn!JU zO9A-fC3=C?pOa1<{P*0Ph`?7^RH%r|n9kZEJG{{^p%12A_XZ|^fduEKYaWH(yZc-m z-g0XJ4T5Q~n?6lngEOKqF5{ys*VKXY&hf@kPcEScL#oJ|>saQV(@K~nxAXEq3i_=d z9R2fv?|q<%QE`J)Rj-G2?qWr6jZl30iF2BG_P0cC^KLTMkN;ak@j~@+z*hy3U?mq* z_FeKFnrjxrzJ~OILwO)=I_grkgEUR;cbpw7o`y_IyXryB-qr5RkI1!{J%LZvTaBhf zrZu{O?XB0V+t4IGuqFP8Uj;$5123=qaql?8i`ZPi&2#cY+rh)4s7w4yXb(olC|FMmPcpsD+<_c z0oX3QMI;RzUm}|z5>&mesMjvcYeBB^6I0~$r?ZQCu1FbSEv^#jx7>B1+)M%_s6%%X>ueul0uV7}cIL)} zZ@Uk>DEGlQ9f%CC-QZFEAu4j2)-1kGCcwLq^bzX3#lMNKjVM?79@)h}+4w6g@ zqVvj&vj^Ne)CYRKP;zb*?O=*oUvOq5LpHbw2L+#n&&?|r8YR7YK8M(o1xBPa<@y9r z8W`DGYN)iJ2>K4xK_wVtqrz4tl|E&RRoaCwo;O@xDDs(OA zzFd4k^yi$-rVNv5zh@@yv_P`*y;bZbfCzNZ^5MD2{9Zuj6gd1YIDx~-YQ<#%*||!2>_)^9#Cv%z2JUDS zwQ{&v!0`!Gz*DHg>Zsp-bixwa8XXM}d9QKA%#?HsSZHGw@ZMgvPYHP}u7N5XU3{v% zKjy4SVRO)w+Mfq!LQ7@KUcb8Up{^1Hc5aPYz4ku<5_}sAVj1w}6?J-QkyM&j@1M0- zru1o4yZxmgSq`OX5;Qq<4)AR}@~H$6R&z8(H$_JoVoR0ZV>XUIUtc{(8!KGw!qQqd z9%!J*?-PPhw?rhq2-Uxu_dF!oC>=bAp?H?L+M43CTl5Cf&VVbnrO82LP@-N8hs3L0 zG2`DQf@rHJ5^x4}Q*Op~y3VY|v(fjpWb6CpgA`NeH*>GKly8)tbt1Gf6Et2gBt;}u zn=lRf=f6PUA<;)OHn{OxR;Wb>$NRxF&ys4zDKT~qK~P%&#a9KosQYAJG4XMaw-Dsya!<*;^@L{HL56ZM@>>@F_1~V|rq*kj{Q%8w?ae0i#sr>y^Ix{2 z2kqH>ArXdUQ9M6>+5&jvgoDe?@kEYq#b!T*sAn18 z;$gR&uk`-1*AUN7{p4>JJ-i8l2U)`jF;rC%ZQPp^R2yw3P0`=Up?#0r3a!|M*S$^{ z#sJFpe#mr@O?QjznQ6RL6z#evh9c15ukap_d^l{KE(OjV?4-1eA;2jrifiQDrF$l^ zEa??Yk~u?7Zw32sn5~zI$tl`XUb*!PDnH4aRqdS}UDpA_C-e^h5cHesxRKJ1>EF^z6tDcMfqyI zgVdkbPs9HH)}G)XVVp!t0Dpu39IYEKwcZ?9-4P0DViv!B^EWb-H%~Dd&*xDPU1Tm! z9_yjSf!(;tc86_J=-`JO4aSV7*@j5#cz4wE@djJ4Hum411>8<@oVY_{KY#TYsbud+x z;9AnJWwi;UOMn-HJBr=Sr4<8~pMF7OT6UmFxn}qk*)5GC6nLYnf08$6KTp1@g( z)?$aj&N^BWpv~|?tR3scX8F19NW~zr238B@C2)C%bW5LRiSS~1a0-mHq8QV_?CEV7 zM7t#{6Rc(gRM(gW|JDjK77ckXbFce+9Kg$4eDtNdaQ+wxQ`trb|BCVjUO(=Go#2j| z&z~F^jG2DD3P35E`J1pSZ;D>pW+f2YSar?82vvF=b*qm#yJW%4Uhu^nX*2A+b z^wk|X3Jdt}c|7sAc_0TIEgq+C?_)FQe_v9*&U#J{V;FUXvDn;65cW_e1EkjEw4xo( zj<5Z9(68k{dx@AP;^DtKd@nT!zS3_DloqmWjYD7h7>omQ?w! zB7--h+`GLsM=A~p(DUEC z6qNw|X5hEWQ4RUcMm4~0^chZ*(f4W25As#|3&IJqEMMB%1`CBC2q5tIx$$gKrWhiK ztRh{5bF^CyIr30-SZ_bNr_1T#4Z%%B)|Upbf7Zxj`V;-FV@Qm+CF1Y2BFkIZho#}e zzjaZ8^ zZIV}(0xp!R?d5IUMwf~xbDHvQR(Z9UQ3EKeNtXncC8r z|FcKeDli*EaIdbg44krAMlH<6qZQ19*N2BjJij@y?2WUc@FYHe;}Sa*-a7^fg8dzP z)9vkGaYT_8p6boB*xoB)p-nq+3CnynP2Q5oXxn;MY_%@ZKyQs?m%h58K%-UY zS?4=_20JR5EhqVF>J5#-@|osd`o1VG$GZ1qUeESFJ+Cz5QMFzf<^=i57_;>#ef zzhgV2e?l)v4uf`(<#T4rknpY_UD(Y(T0+xk}*jPhV)AWiCvm+erCjHXyWWfL*ww5fp-T>$gZ{1EY?tn(jray2?fm(~f5|MqEz;Si5wXby_yS%U*JsC>0QpU7UBBR3en(e2Myj4zZNU8A6T z%9Lm{dNTT4fj0mbtmTZ&F*@uyBbypMwLi~uHUt5;U{Z)264_Cd1+EZbkACSuxhxAB z3TI0gD>P*g+`T@XSswXomXLk7)zSx__ol;R>FV~y%lq73_d<$p{e(M_zp6k_zgR0Y!~H#Q8erucIUrW*tx%jWH2p&vp3e>OrM0I;wvq2#nFjX zMat|q5#9BC{?<37?2vz7IqKqb;N|VRZc5x&Hlqt`4tQR*ZCi_f$AH?s@9KOUArVU5 zKek_(DcXUB{*t_ZO%+5rx%91<<*mtOW1`}7l5nyGI=c9MH+R&kTNY4#V!{Aq>gC?t zbTS}rS6KTHP9PA?k3bukB-UT*8f@)IKauM+ocIo)=CXsoDb_*F01kt`U^7fScX1y0 z8&DdSh5J9Pc89=^)>8JBrOp=Y??HE$7oW`E^E9z>WB9)DDK{|>omdVx&*68IMbO1E z-OL@x@?5K`d+4HI)50w>is`oXQTlh~b>&;8snM|uupIxw87zL_ zdfGN)a>d{Jx!Ypv6Ls2VT52EM+963)^y%rqib}-T7N=$HR&)qZ6ckMqGn%YkYM}wd z3xIasH1un(ue`V~;X|<=mnvMU|1>;%b$c(g`z7aNSUT$ZE}&`Cxf}tLx@P1Y{If&_ z2RdA;D*Ra(kp3OzOP<0u1e8P}AW|N-EDsvJ{4l0h8CU-mQ}0ScLq%+Pjy)QsX__U` zip3Nj#EA({cDCg&>YnKRHxmPIk0y1H8?Dvsrb ze(tdz;iPSNwtD>nbHT6~z8AT{Gz)0rO(VG!^7}S;4(lp9*ac-%`f`r@d|q(Qo9`Xbged3V7$X8-$f+=L8@VjjIQKE&@vR+8U#Rq2&+@%kD_^T& zI3RV!6qccpBK@tIo^lz-Ume<^#{LG^7xyPODJG8|J}U%~dU*3Biq@%f@>P#t8B}Mb ze1jR$r_E)A>IsQ-64yQ&FFfwZs+p+xpu8QAP^P!^v$`D@;UE)g@%flQX*kr%4oD!+7= z51?)jbBAGUd0`A%x%CtQr-Bb>kCZTb=Xj52`uf`sk!P!JxQ0Zz$n)u!pp!L}UsP0F zmI-->_{L?Nd-G_agS=aN`9gP|wdq8^PtGEc1LXhQ5E`Jl5X43@7)9CRp}5 zUi`j*f#k&&&cS%E39O@j2rej$OK6+${5#v?R;V^`yOir%`8UJCc{~Bl{C9r?BXg$o z0~1-gJo5-wEN2cVtX~zy3Yb zF<{aFziuF?bK19g9%&@_W|0j(i)c9no%@PS4k8$gHM9X-x_^A zFANwa@I3F?fWB6v?Bd^wgS1wI(N>J=9Mb@q26#$QB{k$k^{O*S5u7oVrX*6E z+q(XD9{O^aa2hlQycvbwQ`RJeg6tktZb7N2`BG_HB)p-A2rj&Yp>=+5Nkaq zAWBy!FU6~w3D8e-O0-ehafgRU4`>cG437rS71^3NIJGN6x6}K7_N;+=bbmz@-E@cH z8yS|Kp2%WrP=3QCd<|Ms$(+oz6KqrCEo%j(8~P7Ot9*ApP}xFRR&eRSOxoJGe zy?_P4*ZA)k2ehu8^6!1pt2J{M0;yh_6kQaiVNm2mr`H7C-`JAfag&a6XqR($ym-`b z0WCB$Uo}sTDKt89`ZcQNBYu=`5{(Iqyx76lc0YJ;maQR47c~C6{?@ijUQF$Vvp@pd zAIGu3CCT<@n%=x={97}%uXzfy8d?m|LabGcQa~CbpamTAFrcBOBg8Ybd1=241mhvK zD29M~9pfPBHat$ycF6|U0%PjdgdvgXaM4#IQ7W4WPimrvGRW86Z{o{B8puRDX>afk zo^K1`E87~79iSl(jQuu6YyP2DBRrz5I$AA22-p%Ee2HTQNX;lc5(c?FSi_Z;3a`KY zRB=REE$uudMZaIYa_z5$rhspz9uWzB7xj&(Au8K@-jA;RMiIvxhxPj%Uzk-~@>72q zW{!B!a+KsqmOcA)aFdS@`RkNC6c(Ele^=o-t!u!s601+QBWaHucQdRQF9FFIdVL*4 zDkjeca*hyA(?Lu2+2{Fzl`iAP%csNpvjMx$u}>e-0Yj7U1O}w$8H}tm`S%_ec38;3 z@0X25p;D_G@TgDH8?Zb{PApQA09<5M$~MzGiVMU|JAIW7>MN>rK{WCB`A{^tRO@JLLVUZUxyPvOD0iCGD<1uDj8JP@l;z;R+iSU zHY6}`e~Wk-wXz$t1ZBDU!dPBv;`_5xpe$PP;>=okUlDg#qgp`#dVeb2L#Yg~kgg_R!v7cFDQ1mejMLJ0_ln3dP z(;r$Dua zujIC?23&FPWk0RkiRf3vZq^eQe*Xd(>*1Iv$#rs41h<1g_t@%jp|}qSR#^1dvOxK; z*1xTM%_6(&B6;aJ6n9AGu|Gq1y4)6!{YD_#^_7qw3baV}BP9KU@vEXbW>=t(2KuIS zf7atj>;|XdjrZ=}!}tCJfMfy$YLXN8l<53Vxkrp-=kU|}W_4gB;;33t0%g{^NZKtO zv5`t@JXDtBEonJWKt-Cp=x}TLI%l{gKML%H9UG*84?MyCsH1F7>3pEQv?- z0Iaidne?#^had6{nR1f<9?low`tS@7f%1U1g41n^UG-7Ezu0^|$RSEm<6+0Kwbbk= z=Aec9lx~WFh<0B(Efs5hL0o2|efA&LS$zD)9tgGte*Vg+m=Di4Ki!RmC51#IIQPoT z#?smS=o0;57`!MVM|Ad@D0CX6QM2&2FZAeAcXOZ4#GK6Phf2jO>yO`6YSl~Dc=5Zw z;B?&DKD=UTk1oE>Pa6?KY40tR0`xL=8gQIGZo}XW&v1%+9|5bK4ic5-BsRZAmf8ND z8@dTNWkQtsD8K1*@*nx}u^-93SWk%9O9EAE}_04bzLY;%R}ag?f>YN{(2E*I`2@b}JG?eZ`u8=>gI*9FwE zf0P?^p?zfBME(`>J_$lCX;W4)%d#7b!eZGSh~-qk$9{McST7 z;v6A<-YXV=UZR*f$F{8UJ`-XKOA-DAisMU-rM{SBLx`W5zf(Cc>N@Vl0G7TO8cn2Z zrHh7AEov}>wKwsM-(`b2cH&_aA*2<^hr`=g$rhRPx4v65S5A81x&F9iN|KeoC6kXU zuOa7^zn8V2dSyxhwB!bcI0*OL`&-IFygNoPRlL($%W)U{t<%|y`~F*B z5Ct?yVbBU3qAVBU>UK}!ey1F5JDF?;B2R^EkRm|*v_I#&d>*!aNL{(=tOvl?M1|3M zEHOU+t!GiN{j9%<fSyhWUQT#P?P-gW$;gt zoK;zaSpV5&|T1j8#t2byPJow28nzP zN)vQhyKZ>`p3uiaj=@G_*B@?*tUtG>)vmJ7t%d?zQPSq=z6J>Z&8q234T7F=F2uig z&R;Kg!KnmH!#aB6BS>#2+;U z0gQAXn&zsCJXVf4A=i*yvC1jj4_92V+~dk=sF!3o1KFPa+t&$``~e*;V?+T8zO*p5OEMn6`8;VK=BRKEdqZ`BPjI-%IJToVmxcR- z(!k!2n27q@TQL@~b{vurSr#e&HlzP^mjcvN5SzTDIDNBP5ozjcBXOUrw9Ecwx92@) z{f=q`H)t_}#2ciA-ZEKP=$uL57djls&|Ur#ZuSly-dk&F^|HqxS3%I<%glN>+LXT9Ant06!{w3dk*z^Sc`VJ z+x9l^%hHXzo1CaixixpP$Bz$~FR*}GFt&66GeFG0aRd;F7MTdY1e4EU@RSm_D*#;b1ks`I466On|+1qTdL=A=*W2qgBJdv3$aKyp6$_U zk+2EA)*}a~y}a>UZAzE`GS4NzXY60kaA?NBcQ^3*?4hppx$93FNzG13hk>BULx0)2 zM}?oDr1Q-j_u)-iAs7U3d@Q#F!=L|3vyi%RKV9uC_6 z_pV2Uxz6K;2cb}B?u$%&9&BkaEPE>=7!ch%`_~MqQ-5|iNO}Ai+ONeuGvg?tB7ku>_kqqSfSj|X2-Psp%d=PrM4PB^Nx?AW@lNqy6@ z0Cz_8ZHuE}C%Y%kPtT)kvW<{vz*&N6slxsCQC_Yv zHdTYAjT`*hzB4Oz$#cY(C-M8F0-(42-(rpyHVoM>8`LQHA^~-9E4~MTr)O*#9rq2um#7@$-# z2Q8@{@kpb{fausei(3RQPm|Z5;Q{@S$oK)v*VDmiJfPHC-dLuJZ?p~F(11q-%Nq62 z6o|qx^^SVBz_3>qo#x?l|N3EK3t(I$Ur;{COOYJ&pJy_;2&+&dW`((S#DsUi>^vao zR-_5Gip(esnlv1o>#ZA5R2ra%fsnzbKGgBI=kR#FK+_&1Y$&twJ@y-Reh8fsMIIDH z0$*9F`PU!o+kS-T01p#C&TEi;hj1X$c*a{VlHQxzrw#}%wvJS)Ywf-3yAS>vn(PY} zbE}X9IMFmU4zwjF=+GG;QjnFgME;Shm|iU07#&#)HnW7Q)X{V19-@Em@+ms=qqTdY z&25@B_m^Y`5VO}V?OvyV*hN@6vL9VQD=Z&yUhn9OmDUjElr>m8ck{3p-q2=rKAwNw z{H=%Rev3~qj)HAT#Qat_HISbIN`6#apX4+&#`3@Opx;q72g5(p5fUT~$6_hy-BtZK zKr~)BILU*~Eg$joBoxqoD{X#tBjZP#@4-nXf)|XgVwWYoG|K0dclIG63isL%zl{SAq34%4{=T;bk3$ zKOW2HJZX&rQX_kyXX2&`M7~`lU`cKkIkZf0av`|)AfO3o4Q_7>V-fgk;t889BMY>lCFJDG;(TZENI;5lJnf|WX2f+Hjjd;P0t+oPwt2o(`(;13B>GCZSu z7_eb0sLAcd_1@||>n%~y2QRJPS*~_Y4D8^9 z#-A;L@rMg-TH6qThR4CnEfS8R*m4m_tIPo3w(Mf7TW^T|y;R?7NB{t7@#N5OAL-#a zk*yOG#Q2D2xU`Nu2h*yc+OmXxgyG^&1mUg@U-PI!E>))?2?R5N7Qf%TPp@w;=hXTf zq#z-h4glHfGFzaqq;{aJzK*tSzI<^}VbO76FWtgz5Gn7j-AJJ%SZ?b3S}t>@O#ZL& zOh?BfOfM04+m0K#hu_r~yrd1az814A59F1t=hgQ+J&wtmRysr%luXvYHAq7a=hUIo zYnhEE7mYQ>P|7~3RJy<`8TEY3g{cO_;W}j2{37_zR>2)#b7AlpV!=t4eJK}}04Jj>Hy4zPs(bQ;v;PpDSaW=O;GvPQRaFF1*o3LNr zU)-OyY!2+bNT-H$cWCY%G4?S3&IR%uv<-j3*V@MlRUgvmR(GSqucv?9 ziNHdlN~RrA`IezI?*JezqljZ6jUBYiYbPY5xpR+_PaSiV&|=P<_gfgV7R+ zhJ((X4tgGl$X+;E%aYG&FlN1)mhF!CL~Kjf`Hh)T^tV1g>}W9kMWeQn)7BCDPGq!t z_vv#G$vuP2cMV%=svTkXSopI4?dd8%$}yniWC@~3HS7vFP?1Oo2j1{I|K*}HwQc8= z@Spy&Qil^dhcxk5NB`{8 zg<}!?pFYHVJ%i&%%#Jn)s0Lup9BM#QvcO+emUm~};(vMyGuY<`ZC;Fnm>uFqlZLJy zAqO39A)HC*K#Qztk;h+FyV4a4~z>(M{U@bU8d*EL5;q~Ay$ zLiyi~ax4BxS4rYgz8hQd`7TQP&+`j3+|1>|X#BHi8eKT$|6CWBwU8##m=m3=yd za8+H?CI)@sM}s!YqZ6xl#9~!-S|13k0U`50y?FVLA1H1+U+D&s#hWqPFGY8A{#&aa z=i@6~FL$0DS&$#^q#_>2$Oln=wElZ6eEpZ3vdD!?K7BCc zZwd8Zz0iO!l-{UM7i%N9vC(3QBDT}-tFmn@l{1)kK>1qZ_MiR!hf@BZpH~HHpuFaQ zOq6^_QnH9vbW@Ng-f;8J&#KkP@i|7)|LHZ&Rjp{q9U1JfKgsAOLuYk#5Zpfs_xagJ ziT%Bc{&x^~-z+E!Emi3U?`XFSWyzU;2Ig<9tp6D+{k@Oe+^RX~sh7NjOh_uukXZ6bKbjUaN8``Q2LlP&R9 zxa>6lAjG!~-W2mAJXw!pVF!v?$^Y)#U8yizoe2>KaqE1%%nE<@BHowX6Eq&jT$aUn zI{o)Gu&emQ)7Wi&{VD!dSMw~js0T>6L|_i?+Ht`g(W&s?J-j)@eB*~ul4o91;Wips z#!EwbN|mB0K&8Vu*g^}F?f)5*5Otu9wKuRqMOa#R~`$j(Ychzj8Fb}dBHO_R}i zETnp0Ko-Ba|L*w>aFk183jcqr2l&o3Tr@La3Ou)W!S0eVAfCjfsG?cT3!wKmhCI`O zjll8PX$UU&)@;u&6E~PqN6R>H2yP_$quEOdoaNs!2N<>N!;f|l+?Bp&j4<*iw~sUW zJNqNj*7_ZeyTeC3Z1Vq{Wuui`%r?&rjv?NWluNO(0uTyk{;gXlmAq6U)Us;0(?~_s zX^8vxzBWo}g`*gRg@A#Sf>Nka4LL4z&->?Wrm;9Rx>dMRLl4PwH1*DPAZBC#PyjiY z_x2xwt2prNZJS=iDc};g_~(EFaG7vi!|pI6nB$WF*=NJPm)w2Ol=f-FJ&O6O3#_&1 z$hH2{YxN3qiTX(O7^riAW;yOMjSVJdDW2wGnR_gD+sXc2PoRJw-MVSv!1rGvi$A4E zhQf;e&D|HLF_?AIzySZA&CSz?xF_VB&<_T9OInswks-@$C92i6ctuU*_=NTQ(vj6PCNsX^e{mUr4ReU~$r1WH8keSTF z@XPJF*)Ad#TC0`j%-8w)K`_rpi6pg{th0Q)W3q06r<(FhgU_fg0qt-9eBR#~MmZmt z*~9M1k65NBS$z}D)=mXygNV5Ny`GL`#`U!}FoQWtGLfkdm=0aQk+S<0n2U`|U!d)0 zIHz`=t^FHHy_5sIJj6hmqiUGXVH&G5Bu++ z`jj1HNR)59-z6Iq$mU%UcyKRSP8KHhE9sjR@I8_|<<+x~+rM__AlA@yyLj&9Go;kJ zy6sU_MZ7$@YtmZx#i`^S@APlav*R9fba;{SS6ttFwA>90BXjTU~v#42b| zS=JJmCb{reombp>0PmrJHBM*aKeqG0F97!5-gK45O>PpQ*xZ%@uKmOI?5=B=9Jz0R zBvYnQgW(B82>gv1Y_TT8$0oU)4&9<@ukO!7Su-4XpOsh^_g`(9mfjuJb%uoSI9f%H z@hlu}HU;Q&RG$2RJcyyzOT9ld1&~mS%F$tl==IZkqFpV`GR@3FZPpzY{Y=^AO@LQTq~4L^yl49l-cSX_kD>fKpAVH0 zUg4Q{ivM$N-bY`YLIb+tTlvL@$Z=gKDEf(izA<{QZ#6_jgm#C+moJ$xua3LC%}G(` z4ij*KpV^16c5&J{ey}_h+fWt@QIm@=9hF7<>RN}8<@vAfV*Si5^@D%E5-q~1`yisE zJ$v@p??jwsagRdxYxm7e^=^?r9cuqm7a1+V27;Rv;Xa;BfU(`*d#9Qfe(v9yn~cgZVpjD&>i5MSTwlT) zCkKXjjNyc<8gU2vYSKSv_5J5Omze{gBlGaTeO@CeU+dyLB;i;YlPN|5clh;iKZV#} zkN(%sjVco+qp`2)Yw6IcxKrx$>epq$6U2DTuFUQoOwjF*E3`w+zgW(78mj(fiVS?I}3IoD@`H8Fl`CFkAz1H3Bp5y+X{|}@ra{|MW|AOE=`7exw%m1PfIQ_38 z!P1h*D1s!C|KlB<<<}Sgi^kypCI0g9|LzI6_CJ?d{pSSSq4VSa-<*KUFmWyf-&{0~ zcyQ2fq;xOu)Jcd#T90=*$3R-c?0O?#AE^)iqW`~-PLFmt=OZSIogOeurc}p@2+h}b zEJcKxBFv$ku(M^36{a-Dp^4sAP{nt`+)-at1n2S{)ON(ux>Dp4VW zPm%?h%{+?7IlN`sff7i}Hi8UuS@Pns3AoIf-J%KM(cb0NyupI?R=(Fk9E&}=0kly1 zR3u-r;L2vawU$^^T2zFl$S%RLY(GBL`@5Rop(pqFoMb=nB^{N$e#|oX6lxY_?5xtnO8%+LZs%#>FLEJ&XE=3ZBBPA!&Iu1U1K!zWWd3ywF8+5T*` zK7v$Y2@V3mAAtOf!nr818V;wt%H%gZZc7>h^!xZ$T4LxK_J(KVBs-}BLu#+rWWMw> zp?B=LI{&kSALs*ah1*}|Q<}Ym6zA$U47k)GsbOrf^bK7@{>UOG3wW^?Vl3EF<}HCY z_cO;3{(NOZrXuU1U!_-{UuR48q{l}c-?DT{XoVqcOW`p!(vU<&knwX@_;Vn()KY35 zuFr<8!^fhW*`a&hj`&X=yD2-y&?~SmVn%WFokWb%eHc3j6;6u~gC`9Y1)EbkD+o7U zLdyLP7Q;a|*2~?7rM}BY9PeNoM#SVEwz_zOWr-<0Tu*ua;-Unz6$Ig4nK}TO# z>ZT+_`y?`Md3|l1W%N$d~peZ z_<_XfGgU!ILP;GLUuZKbj$iVFW^-Cwb4s{wC`4V{vf>UyMBv-ENC!<)9Dh9Vz;@OXG#ugE++ z!B;sr5#iO#5?_jDX-Pk1>$XtRF8CZEcc25VG@fAiQ#vU5tiSwmHTx1L$(Kd`Q?i|4*y&AvE& zh374(o}F5XW4dpvIpuSmf*N%9AZ*l}J6%Z_?~!Fpe4 zfS|m&w;n%uOn)AJt0nCkU$Y70#=FZzcJ`cRA%hv$tbAdu^b8MI-|+eoP^teI zpU2dOEz`cCQi58y206)uN9MZpLFl@PczI+OnfJGV7#(olpS{lXhV=;owv8Uic5AeF z=j%CaGo=oqGiE@`@nhOF1)gB}J%5(Gl}!Pq2O_p0XBD-io6BmBp!Ul22uFMs>^}iy zPwi?h^-|49LS9F|{ZQhhOeY^Ci}bRp75AK@QvYCxrfYw#NdewgAs;<*zfbw^{LB}l zYh-bZ!6TO-WrO8;&*j0WVuc$?`YFfrFJ+k}jlKK$)} zwd!0Yt(#PB3y8^37&TIS$KIrrPC+mU1=Hqh9!2)czt=WHsLefbQNu8)VFMAS7ZGe`G{I!M`Mi)Vz8Wd>bmYWC<7Otp$7jK++Z|Fs4QG6!T-cI7B05=-dyiHZp7OB z8*&Vuj!5d>8j<_pM?inGKUCj09xEOu4G55^U;^xa#*Gm56I-UvEg@gkD8F+1bPhJ#+an`0Xk;e~{Ed!OC4M zHxb%QFL5aJaW*qUrEZ)k!?h60zXGF!L2sdE z1<0^5p8?VAbucpN$HTt2r`DJcB0fpXGgZ~GZy~!cgiLPczWn?jZi~_DH1!RXSpyf6 zJMtIcr1eagnnO~tqx__2ke}3N>X^`AV;AR-ur}~$z>0jFb87sF_l2A-@Y~-o+kYLc zo}Rb19@cjkzb%i`<56SzBQiw=A-y5qT*nENTy02oR@SG@(M{rMf<#}VBo^WE`vU&% z_J|E+W0c>7@%8#85uc3Rm}(`GCFBYXBblc zLiQWs_+eLR(O>{kfpoR%Gh@oAoVevFq*2Bnec{!IKY0aB+?f67tZx6j!{)I z)g}J;0;U-gg>-NcY?HpVp22<~n*wMDq(f_cWCODnUjtx3JXr)e>hXeqB`i^JG^GcF z;Blh@3({Qr& z@ZkCm8_0D*rjYVNU6eaG0WO2I>=QoprLndwmoTc%G6}0#=P#AChnGo#^0%Lf5*G?B zpWg&Fg^GT|C@EH)Y!=Qf;PEZzi^6`GR?(Tao-tKz$i=eL(GwX#4*Qk?f-XSP$AFqb zInPtNd_|-TBGLj)Jf;_tl&yU)3&PB&r^vhtD|IncjuDBtZN;DB%uvBjk~NF z8qwx2z&DF*3zF1123sP8CC($w#n~IUA?`1FRqqee$2Fr zz9uL!(q$4_>|PrD%zk4~=Hm++*2Gw!8piOln-|tvEd6y7^^w%~Uq5f@)WO*%NOBpJ z&DJ+ESP;CmJM$q%Q{V~aIr=)!*K3@Xi?P#5<_JcgOLL}Ed_L0g?r*sXtiwv{;AGrVws-j2c!0Cc9MjePa(UUXHbtw4Bz)HRlnLf}f1&Pl9r=!=Srd=;E zL2jYOj*tUFxm?n`QujwAI5zPp7H8pfwbd0%+41T&p9l870ym%^KGW=kppi`GJ;EPi%6A`Lus;00<0& zXz-z4AAL(M@0^Oo*Dyf1DI0e$|Rqi~_u z$Zd9s(+p>&5Dg<-PW;ATQJBSWO>Cw^Vm1;pnUM({NjnUOpS1LGB-rDi{(|T z`=Z8A>vM2X&k9WXHPON;zEMR+^UN1|+=bE3>aRB++))VNz! z=KuNsO|+Zicv?wnNP*d8`!uHuO|><-r9Hwjjf5ilY zgN2Heac=A&HWCxrk<-mV>Eleq*AzRgu>Lbj<0_XXn-$4D3-6M&R(bX z&5*<>fb<~wBe_`0Om`7Ka}cT6$_4wlzf@=@Rym!COLpFifR`QR*fn04 zdLRtaTYEBJ^Bh^qfRA16CpCCy&ikzq{g9aP-V~-ckrHc_NfgfrwktVgu<5qa$fHyn z+V$W@pL-^=tsg)0GH)G#`@6t$Gu2UM&Lw<;A+qOTzILZ(0vduA12Nc(m4!^;b5CIM}8^x(I|jJwz8y15WPKrc8N^aJBF}V_{1)Ezp8YH>=O?z!p7{E=?UmGl9>FOUk)2dY10dna_ z-d5pz-(SrA-jSrtv%D_Of@932qb(;QCs+3?V5YcVRli}xv3OdR;l^H!cq>>M;E3ix zw6*+Jf9DjFa=(Gb4BroLrV(T*+hJyBebw95%f|vjDX%=x&9-z=)mo(&HSBBN5+pba z@su!qS&)9!b=~emgh@2_tuD#toIVH;&}=kE8?)KSC=uHwP!AR<^v6N8Vd9E{7%gkyELvw=68ttvQ5J!d4;K*K&b%H z)l-CuwMusl8L6>~U;5BA!;pvL)cWQz;=8?Ws>vY7@-5X*)% zBAw{JcGgY*@jmG_fxW(}It(hTj@aIK%fH3=z@n^425$(x;ltYbiS(mRyI$&_rD6=z zZyS2(BCs03TfwVq^RG**R(9tYwT|8})^WJAgVn}Yt7IPnK#R{;OWxd(kS9I%NTa|t zDkX1%_F&Im5%{^C3))|@|HZfdIgh)kFKTqs6@Ar%bjDx2zqSn+1h%64uv|dJsB6>D znJ)q9fW*PU0~lB9Bvsj{NCG)HSGc9lpT88gDY zVDtfwWu;-Nm{k^d3(Hl_#%bh^7R(f^qen#4X^qI}V50gEl&NXIMoH+wm0MHLVA*77 z7F0-UD4%ug5^C?mICWMPyYpd_)I){_&yi~1gF$d(*K3o5(GoWA!A-PkHTi0V+G6=i zP~NuX5-(}2$)?E?Fb0)+k(3Hh2CP_>jtYaEaaRJ&DaYyD;g_mx z?CXNYduH5oojZ@)NAtjjCafKqdDdHoJIM9u`^07`)Vm1}ud8QYg`xsCo-DFY z#$)i8SVij(@B&@(%{@X=<@uTH0rpT#J%A383Q;-L>~E?A(iVN)Ct{n7-H42aHl^rf z5&OSWuA=UT@-N1Ht}lZ#abPIFXSP!2{BWY4c@Xtmge^4AcHQcs5->baWw$Eb@vZ6h zb50j?S78jt!)jx}BrN>vHv$lBNp~oB2wbOi+lD>L@okVy+%TkzbA zfEpn^)b5<(LiH1tD~vdr6p16Z)WChcjuM2mWm-?N|knR3km?z=Lj|{Wg8Hdd3QQK>DO^ED(`H5B+cfw8e$v! zAmb|?=qQ9#JA2i8@v|JIT5oq_hxNp#P8%`39^4aL`Q82NXwktCt09{Q$IATDU94Bm zh@;wXeLmU-@NR^FJndgbJcp^&3SUvU;qtedqhBKbRDjR#NJ}mcxi#Bi zL|dy$&SuOHBgTrX4|LuGK>GRt>B}~V$XIIK_3D#$E+_VknZ}G>8AzxS-#ApZl(mw# zBJoI_0`BDnn|&%W*t5G9^jufjV9o1or|GH~2U8;sTd`jU*LtD;a6sd2ivYhc;fZ6( zy>K|yvjRABmFS3b;QI9t&9-XD3v%QaM(n_92MW2ZzOZz)KG;v2Ix!CIO^$>2wljA| z@C;umjKfY0`_?Usv`X+zW1Na*YdT}3bn+;AO{c@#P%!q-Yyfg6<{ADq@0 zSE@GognMe6tJsEbS(_b<)%k1c>QINxF(x!H8Dn`g_u7=YNyZmFg?{D~0q!K9Fa%$b z`}8)j#TBibJC%FHOxpFM_V#8rDf7=rf$MkKxR zlPk&2xL3a72Zd>laFtUqrgIN_2i(4X)D5)|`6TgplB{Um>%bZm;%Fa0KT5`&6h#rX z&vX?xevl(j8E)NzxneN$*@-oce_1m5mf-AvjT1GFRDa8QZ{i?^_%Pk3sa4HA8R{^q zWM8Vqt@4uIy608I>sJ#lTM?r}`yy90^6g}E?W->6`!we|}x4ABp3M)l;olhcu_M>f|CF>c%HRi5D>$)j3p`N4(DhxSMA^ z$AbI{B-6m|?ui{)D5G$KMy;!9XM*pw=Ey#iNA$$|I}-4BHyrrnA;>Z-Q_eB%6P*PW zp7FWF3t{?F&Hjv9q`qF_+RnyA7}kM5!!7KFESg1(U-UP(SVo3h<6>EvPu}ix`*HTx zeCrsK(+O$HTj@c7p@vM3KFUl)ZkFh`O0>9le&G{2^jjNQb#lx}ZF47t`EX8`kHLzw z3p3gox5iUHuo25xL)R;5R|m+>UJ?bY-~k;2)Qt-yPR?bvBIs{DF1DVl#F_8E3H5N^ z)IC#MCKUH^^zWjAn*=6V(p7yHL2K)a%LJ*KroqJWR>VM-;D(>yl};3r6}xQDLA1^w(IXe4J; zg^Qz*(@v*-i|Wh1evLNDt`k(D2tJ&xU?qOUOxOl6LY{ZNFp?WDl~4U6dC4_4zk^7|4_n9RhP zr&kf}(3OOKnmo%1GP5Zk2V=t(E0}(aN2~-SlStaRxlPajN&|mzJ+i@JZLZcL5 zuX|ZrCn1V$7t50H(~FG#FyY4vM@5ks!rWi_C7E!8wr{Gr70Z07snuSz%hW;0>dFqF zH9+6*Lj3bXNEoN#uXwdaZAo8;4H+dCPob}M7-(OW$`8h1;dDf;(#9^LvcshGPmfj2 z21niP`tH$p?xt7Jl20y^(9P(Qr zN>8wSF2_}vUvI$v3dU9PX`I6HN2OG|m8n}864w+D!RXQiQCEI;Z8tahf%WhvGVvW6 zhu6Nl?>u%B!mO2AOm%(q5oEeOOTb7N0APu$G4VYU<`9F-<;Z9szFT{?y%<8q0zkM4 z-#!En`@QB-;GY(*fy|4knY%uwZ zUNs70&IxYiU&~4dB#G$A$f(Rd4Q0rh^?4@3=5oz*MpUqivT2q2n^)(RJ*HJ@??u*M zeEEvs1VkNLg=|zx(4CP$VBbMvAwjSJNWk7tR$?sR_zBQ@a(e}Tm)8XkLwDDp&9?T} z?kcA4jp&{ZdUBb*;`y6_;9-VW_O~duq)Q#j_-cBU17^04#u)eue=Btvg3HJhM3&!( zT?F^kiid**o2O@y25sSh`$YhV-fHHn%LLJf4M5*3=%ctA?_C&7|(PE74XUY_AF4IDuBNux$H4IRsnF10xz`)E$Up) zupBWr(*iRHK5hia%6LF5zTmCr=fP!BvX9lz!Yu#sNKt}OW?7{L`Dh6~7K-lkzVF>9 ze!lqWdmn)05V2Y-D{brDeCR`=UF>udZ-}QmgmMkf4l$kmmu!lnBqrlJ(2xXAklcpX z$JpWbRdW~{cz^|YnQIUJoEff*bt{GGtSP0A;a-);h^ksQ&WQaD7!pp<@JNkTqO$rpEL->?_^kqYtTV9iL1mrD$z1l>SlR! zrT2#jA=ESc(8UMb9>QEHcvC37j`HG+@kTvp7p@-*Qz~4Bf}!!C%O!P5=aus^MtZ{= zPHf;WjHo!YPs`+;tKhd&wqG<%4qqfoXU6qui~-(sqWnYzTbZR9Q#y*WRIk z2)??>=7x`c-ct?E!P+}JJk5$?G^Uat>m0jrz2*{VGNPK+t&Z;#5UStZ4Z{fKs8N)* z$tEOIr}_KW^q*dP{V&^W9HPIP@VVZIPJO8U(#lIkkesnT!c=`dLz_P+-SyY)uMP*x zP6L#FH1@#|bKgx!)zlm_@i6_h4S&e3TkAeaU)DKao zz=GQhVFb_3li_u@8A_gDSkA(X0I>D9Oe&jaN>224?uLTsA;GFXtNPI{o3|qkZbol{ z03u5z1$L3{Ev8`5Md{Vl_b5X%$THcS{tQvs$?V(Xzw%|gXGwOmi9Y@;@4Kx09Po|n zr4InkxvWP(Akj8{!e=$^)Dax%*?$ltZmxb8lm5lX(zL~&;H4c9>Ripm*y<0}^T__q z=S@#Xh>KL0+ASgC;$pJq{GX@=bAX1RLRSk5WBmDb$!y@t`NDu7f31k*M_QV`g=|U* zQi;FuJiY;(*q_f~g1!XP=%W4#b1$`PMDY0`_FW%rH8-Yr4giwq2A_E?^gNv;K`g_U zr(i;RdB2;8ZbG;FbJewmqk?p)#^a6i&l(~D5vH6e_5+68aDCZXX zACTQXa430){0OV-3KCMbJhw}e>%OsexC6)<_-DFji@QgmrDm$;0wIThFFyGDenRT# zR|s8Zmc#viHzRlxM&ZA2?Qxcr`la$B$oDJ!Bo48dcJ@_F{PvCuX#cmrq1&&$z+DJxsUIaDwI5nS-yol0K+}xs8gnQzv;93 z%OqhzrEI^878_ul&3n$mwD|@;X66^U=* zb1a?i`i9}{#(E4ziO>T`?u7nM+>|l2Vd*?>z;g}Jyt-cEfnw7`GV+ zmYdx~is>;YBA9f;asiLSNw=h(htfE}WazCaLFNuWhw53^5Mf*Y{a(;!9Ysj%OmLsO z?S}Al`MtAXz_H6M9eL-8W64P}oi5cP@NGW5Na)SROPPE)21rCrt7%K$k+X`Ondx{I zSaHiKSv3gULrJ6uje=eDfDfh`R=Fb}m=7h$CtNQCUeRcXPNn^l& z*30v+$vRVNt9`N_KT0liL>>#*{s^FVVRHIf&i?mSYPr81#bE)_D1X!0ut9R=My|t) zmffwj`24;Mx>BX**LF^>);h9PH`|4p=&ruA$!N`fEVsN9kjM{rdOr!7V%$PTqgfVN zvSIl<5G<)@)w8&%v&9_&IyLq3`w{0+NWSi(G_jp1cs3w7b32Nj2Pw`!G+eKg-3H1q z?erx<*N-yImT`PObkiEV&+v*r*V)Ius>5s&Tb)Hr3h?l%K|h?k(F5X6e|P|diKXHc z<}~icTvMT8wrG{%2iV{bVZA(TLo?PWR@|kb?{q82l=uJz+5uKS`E2~-f}a>fF{B5n z!juJH4+KppXp%fCfJAzL977T&AlhF70wGtJUjexUL6HWG!IvtjS{UQ40NkBvA?*TL zhk1n!SEntWIrH7nfN*#Io7$ENkm9e(hDkhow$^|b@XEVG{j4 z(`R%z!o5_#F8IPwCcpl=UQs@40|2{?z`U|mV7t(g2Q7Z(2*09VX$zi zG}u_wTFdDdu&F_oicR0U#1czx!((gVBRois7Pe@{U&FALQS*26t&x1nMCq#ia}T1l zMpqqGsB=Sax&7*?AdKcD3WfCk$zG&b*YJ<_<4$16=v4bfS6%^u&dMTY>AoM;r-m_4 zSrNJie7uT&uuZ~#zjDB{3bGMQLC13z4|A7{%?gl0Gk2fAdVX1FW=Nmej+b3k`bBUDfawA}t;mXihQNRH{lkkj`vfj! z(*T&7U_}YhNJ5g$Bz%%xR$b+MdkMS}*Cbx|`B|}j+bt4@xh9o-CDA)nojf?gN&+wM z=w9=`1q{KJLmOKztgrR|R3w;O+Hd*ZsXqQBMboL^RM9ly^@^uNr*f9OR@*6{%)~PC zpXQVdROK^Iton_#p^D~Ay1_*7bkxU6ukKe{Azxu1%2B>ym{vIlcA+T`!G3!dlAj?r z+c~m%$;af)436{9S=_c@$T(#!c)6I=87-9`jssEPK2cX=@Cu%lazZP`(rbWRQsPVD zMU{?5Q@|-C^&85CSEcO|m=c8ujW{<~gdcohepUDjSbvM7IBK6P zI1!yP6^-9PYd$B@cc~+k)*Mf5*7fme442XUa}?FH?IvIY55Yo#k^s;tkKt08HLKm1 zokU|zywPzHa0}cZYTj6%Nh&?5+(98e@>JpUA+froR87L2y4o_|y8V4jK{KBA)5Jzx z+j==Y_QyY8b<6L;D+0!{mli*2tF1O6`09{Wz=a{}p?Scc_?vIt{g~`#z;2L|$$=s- zv%xy9x@U5Fjn6gODCkA>RetC_odQ5FJC5Yp9C+?pqyP|IMq!sOAlkL(s@pws9ZOKo z;H}m8^Ay{$2VRAKE&MgE`Cj-KzWb8I!YYGBwphH9NJ zg}V8^ZwsvYQ!kQ~*d(&^V<;ljS8ra>&(+Wu?srn;GAc0NfABH9s%>>PxYom>_c^lW zlOYPkm>sVetw`z@6J0GgOZt{?KqOynbB#6NU2Ztg+YkDijRh|v~DN8V>@_b zfV4cPIR?2!=dq4qH%Eh$M^WT@VaaC>jzzl0EOkB2s*rewpz=^0?I(B75c=>N4qe|9 zPWXKYw}%g>pV&FWP*=JXlUj{?X8PuNoD2ky6FyL*gY?k=H$ce00i;xY6&1Z0t-ob` zjm7G~Nu_a{d4}559OxkPCJp5q3Cc&Q=LR`0%hIUPUlXHkS=Iacl-Mm&j zVN6QE`KdoCcJ(7`>O4+ihe!|(VOjsTW*50yrs_U zxYFjcmwB1fL70w8nb&V}NU>@BSh2{fdl_G`VQYUWB#6=}tFENENYzMZp??2+Y%oL# zv(ElTynA+qi=r}F&@fHYkTor|OCs*)>&UoZ@C5z;qV2zSWrfx?LGU_Ds&~kH`Uvm3 zRTp>@_y7X9!+Y;}`eyEZ^6Z_ZlDayjTGCuAVg@kA_|0cxVVu9adxBJH9is!#5BIe8 zt9rTdz$lK!*wgchoa?|>pjC+^_6>-AvqoB?(^fO^@pmQ!(yj8FigW-w+6hbk1$$r@ zUE0gGyX6oRfAtu|#tpwTe&Kri%YDud^=$VozWPBHV4Y>)*H%Wk1FhjJ0lL>>POJAE z^hk6r%_??;k*|_>?9J(IlybwZm86Uo_0(0)ui*i@dhs=-dX0aaF}#z{qq+rrkK6t_ zWo=m|vZB`1j5(4WPPcP>m;L#DIgXAA7$ zb7rsC=7lDwht*fR=Evnr{+1>(-`7`ag#c#9=#-u_!RS=isZ|G*3O!FuG@+Qt7jlD| zYp&{0OZf$2w=qbNhNtfsCo{`M_wfR77(w&3MT6*7{f_@mNx14e`@FJRFMzR1j%+fe zN{bKEk(A41?AMwrFD3)vLaZDCZO=J1f_O6t8*V?O@48qEj0{&qbeZEUmHf*@Ep=>X6S4qh2gcBZaeXTyhu{EPtxo6g8NV<7=b60X7hGH0e zmy4V8Gv)pSXGiTO98b+Qcg>O3 z00Uf#vJPSSlgI)wNV$UsL$vx=uz$mDrMQ$C7$doj5W<<@2;@t5?ue6_b>lFiyS{^4 z_vTfu3Y90{bs%);XdRNiI8DT5E*Dr^?Bjr!l5JU!CtyHh*kH7h8&&2Zt+6xm%5GFS z&PVHT0H9%1B8Aop{I|Sg2uNi)l1IrmY>zXV2r2SoB3%INlla)KO2wT%=3oq z{9g5oJoh`AvfT#QXf8KO(%AMRHE9tzBt`s&!CYiNUQwhELFN(r@(;TrDYjc4$n=)` zd~H`N2Q13&H9X3KBh8nT+yI4fkPHBl)j%Rcz+j#Mk|0o!qkSA+;>{ir%~^_ay7hys z$f(cb(t&j%>xxA9!irGkyBI^cZNg0(!oBp7O0;PZQwy=EukPfnGubdJ$>7Pt%M0~u z-B;kD{9Br(v2{vlHP-{|3ELkW{K3Z%a)YLRSc)YP^unp+{OX=;vq1D}3fP=_bpi=E zTvHecq2^#=2PwxUB{4g7>e@AYq+ggHa~8SgVLJEo2i9=hUWPR1u$VNr!s( z<|$*P^wRaz~K#twFMxJM8n8!7A*R+R5WZ#(U4mBU2#& zlhfSV{2JfG-TLtox&Rs`BMyS%j||2DyB=`)L{Kpj=s|{*qj8 zIiH=Cv;vsaPFr%bA~I^vdzrw=WW6j+4{+@qn#am%sv?iSd;R$h!kCJS!KH4<&EC@W zUTfZC%!~oih4}{OR4do`eUKH!61z7o}ZVl2rouL4LV56)?GBl3ec1xMIjw|1h5F)oYL zDQD6ChVvcHSKqRe*X3!TC`G`teP3Di6B^Y+-^K1Ufd_iDgAN1WCmsCVD2~o(-;@V) zfeA1$j~mBPN?>;{WAD9W8&`iN8@T^{9UHC4c~eWYJT(2%OZ9-15EOjZ!@Kv(haHGx zg1)Q*IE%d)Qe3bT97@bR*Z^QRL)9R*wbA5^Mycf8{Z&+VrF=LI5K{(;@;cuJrQk5% zlzJ5CsMCLSZj_Yc&f~L91BijJQ>u&yWeZrK`JJDW4f?dfR;cuqG9-Ew!0qev2TJYb zcu841kc7{dY(v->&r%e9fbDrpJ+BKZ=P7qdUw2Gy33#DL4xk7e9+0SiGqu6)d+Mia zOXzV!@k9%XH;{1y>$Yd|U}mv9?WGy|UN>Ts;#DH6BZZiWtkJ<3msY9IJjh?a2 zZ)bfrn6uo7z=_W^KW54Sl#OI^nN7u?SL!+a1D(XTk<6?n$A?_;AcM-y%{@`&51$p7 z`|noc`|zA6xR@1X56pR*{2FbeRtab!^Amnffa7&Jeuv95@T8)$AlS+vh0(yrJ9det zDBy@Ax~B4Yk8wL()jUDzq?KiGth>4>#0Dk0u*mMpTh{1{|Aqh~ha4P{Kn?uzQ&?Iv zoUDri`F?)y;v@sR{*J|UzL^}@iNc{_K>4EB)#Q(wzMoEg`p#fOyd~{h1+gV$ zS%3#4le;9#l&u^4XFpX{y>ONOyZ1NP4Jaa}Me5QRejKk9peR)XwjWt&s%buOC({D; z>R#k!xfOokHl;TQxDu^jWFD*~{5FVhF5RDRfu|@Y$|ohw=fi%PMS2JHQ7XqPKMEMWSG#?oi#Vx&-M#`D7XQ_nJ{G(1C6tx=F3H(Vo2dy;OP}Jr& z{k~t_G9Jx~Sldj{a^}{}1tRpSiiZKE=CRpUEtQ%-K9A%Mk7skzh#<9E`Yw-pcF*;m zfA?Wn>F0oVtohkZJah}i##knULJ!&KvguA5z^6Vn+F{kAYRx2HNIuO5k}msH(?>95 zNBk@t7i&e-W`)P-WR#sj=vMYF+GTs~pZt7@*A4Ks^J}#a1m%l`zQ8oeDLJhnVfX7^ zD5jV7j0W=~$Dg0Iy&B;tvJaJ^<{$Z^eKP)Lu>L#eJH$DHNpmm<*v0dRSKhIvhVx$x z6nkZAOP>cFF22#hYw?BMUswOZLxY5}NcW9KGwrI<{dG5pE2MHyEzI)ou{_;P>#b8H z*OD)DP1+A>Gs2oimRlirU%S5{M`!f&2m$V(B)5S!|iD6T>a6ncT_CX2kl- zi@DG~+XQ9Dg$t@Ww&wb(v(pIyMl?jJ7SAcnHfa^U0USOf&6f*l14j_HhEa{WZHmUJ zVAfIxXTpk>j*eh@)meuRN)#&M=ki*(MW?-pSeOV4LO#xsZ-&+j*kdOA-wyGVoD|Z* zHbQR7FHi~CpFucYnnB&dS>ww9C_qukJfnc^au>w;0UD##zew61**i1l7Z4spiZxp% z$1xWE1T5nHToWv#7GyW92k%?dcg4@NF9I|P-|GofL5b_{~?1!4i?T!@RLbD zm;r0qx}Dm-J0^mB@EWWBa5Qgj;iM6M%&jM6-kCm8QMF}3TM+Dyc7J+;6c#rVi<*;E z*N98Y#wxhy9Woa{)<16UT(+oRK4^sqJcSCw+LPB;r^gTTDQ{tJof0tW@XNKcD1?v6 znSBC8%x<`x##IWLhSpiLFV@Jv3=nMY?N85q@VY`nX>4?hS!>1&BWEroWgE*n>YZ$n zPqCs3^o|;Rgnuo79^a3~A`EuoBF0XJoIN|ya{0a_e)ai#m@mqi+lh#XY>8C)bveD= zjrfs}CKXjPi%l<-VnE@OS3sg7@)XIjoP|;zrM*c(YOoLM(HTN!R4P0jB3;q11^@ZP{v8M?!y%kb z#=ucqo|jU7SXCk`ProHlwADHB0$J=Vf-qtUk6^!Yq>#SAHSbiRx-L2K&x1B~@2s$9 zy_J7_emxQT}(42*m{jHGkIJ0^(Vv zNBf~(1x^^v@|^?lL^GY|m4`UKER1%Rn;l3#zZwyu98Hmnpk&Lv=;zBqtKBc)`(6i8 zkg1l5lA`7raLYuz*~yXyVG&aOV8ner_{Y~i2ttr2hzhiujqpaWXS@QAza3OzI(lD05DJbX1&&`rGZHlf0h;ssk!MX(89nU(!q_c- zpPeM&@9}p{H_?WR@pLCqnB2|-;}7>2{b*39cS>ZEMcyV1Q#6PxEg)INEDnoV?nJ|bxdP$&D4uSvvi4)wrHoXEyG04SdQDvDsyXtQ@^Wx{3>kq zWjR8=O3`o~gt8Uks+UhhNq&%6GJW98q2ze?OGIS9s(ly$gonNar${9WGhF?6?8Jbw zE&~+H3T-GI0mr%YPn#wctNF5@5MIEQXf1w&+GdyuvSExT1AXqVAmPjl^ne5mL~w{| zlE6soZeAQ|AevK@cBCmh*SAaF6nu*;zTTV?tMyQ?2FdK)Lw_DVTN*8uOtZq+`{>!tu2xQ@TaF+Dw+?CbASXUZ8Ox(zN?9lLv$u0u{JksnwaiBY-p}-WK{^ zd#LFtK1>g!U%{bT>`D@?Nsq|XRlYVcG%C*eSc%`AOUt4 z&5KTt@NBuyx16c%_fp^F5o&L3>CIPvK7F%|HrN}BS!n%u*K6t_h{D2P%Bi`j|3Vh! z8?js?1Lg7zCa`aT_EY`6lfL@-`zgtRvd?`}n1WP=d4_ze4K>wUP@4BJxuAa2kDvwa zn)aU};-s_X&*;~)o_<2ar;DAm+IDK`k^up;s|%mYu!_y_t1^MTiTR)^h!eq)CFpa@ z_mR?Y37sSWg(OX4Yd`2QA)|TcGM51YEDg@rwt37^JwKLL&cY~5xFrVQOo3?RlwE09 zG7-N7`o#8Cxs{X{Tr1AJTbkm|Xg}uS24>~^aS9oT8K|$PAexNN8^;5a1v*l@Gh%AR zu4;d*Rhs!n&Q4ev)YxoWAs^F0>gYmHqZ>XP0zmKlI7-&sjR~$|_9H!JmX+_fUVNsrM>g zK^+FYiu=5%)6#Lt?2Lzw5Hm(jjAg^+;28U!S}+sivL(w;3G(syyM%`2RgD%>v|m$c z#5|=}21wA~DdM47vqykw(DndjEie3iC*A3&**$3Wtc?#I71{0ErbcAO*}h@Y*>22E%zQrU3w=OOy=<$If_&D^32qV3 zjiPrO<*C@`XqJ@mI#MBb609CyD2&o5r;0Mx=MW-XswUaZqYiY=q-%`N@q(`18wEo| zvtQYJ4ov4?jTz8>iIrC;l0$@|_uT4AM3g1pxiOl(rpzqD{E&(ClcAn=G@gptH*iJt zdED4}0lP;dBnK~^IQ!keDUc*#b$fJb@>$QLYt5k-Mi)Y3)tSqe1{lASumZ8g?`(xJ zK`-mug3x{n*X+wP*QvfI5_E{%bz#iQDV5&n^touSx_rdEB(A!qCm3$&Nsko+LdLio zlhdz53|#Xxj!Mh@HKApvh7Bh938KDIZvLRR>-`%0Ax=PGj2Zro7i&*t6RvEe=yUTe zGuz8O)8<*Hc%CTU3A@ZrX33p!{(ml{^_#}94cskX{@|B z^E0{_I6!ZFfMws`j`Gd{Qv5_;<$jn#?(hM?I11Q|nq>E4|AB#@WD4PJwK0}-9Wbo0 zJOazO7+5uF^|(>|E1<&f+T((uSrVz!eHbd9F-5H80KV9g#n-(z8w!ih;<59g(3~_% z@@cyqun>%tql18!qT)uj+x}YC_?~}v#-mBY4&+R zHBn_55PpXt#Nt%z=L(%#vvcazOUwCPiXER!6KzO~vNe%V4vjg{@7-kP1h|#u`6ToTqpVKZqvbdh$C%T}H*1$FiJe)c`zr z>bySZGv4N2S}z33H|0;8yo@NqTB8#L_b`FOi8m#94 zSbi{R`6gm>zHQgrpHy89z!AJ|lx1JvLi64%BmRKaxJU$DFpkmrG2#v*#lWxvz2ftg zvZSzAF`8sH1@6}w^HVy6G~==Q@7x=si1`$^W=KiCA26JM3%St)WHSPXN1V8M*Mu%V zly!-`oKx?$RNwcKZc%R&Y5^5xQ@n%Fpl(*NAaH zH>Fju(~{?hUByD_IdIy_bKnE&;|wvo)%BdhxfcRX1aLSA@{+H4F-WKMe74}t0}_yH zRMSIkXNH9b-J0zLze)jAs;h-7d8m7cHf?A8ooWS5mqdEEU_fcDqvB@ghs~pB)8^7= z`>75weErI=UylL_Um7ts#5}N8WnaR#1^r-f!{Zv!MlBu4g5U<>?D{Nc?Y(st-l8YFzQ>kuAgthrd} zt4%Vd(t}Q?C{pra3Tv=2KUeA`SWiq7pBZHY+s#sJ4-nZREF)!rc`?A^TtUIEtM-cm zF%QUBw{z>S6XL_BQ+NqPM_5*Xy`Sf9b+Nj*xt!Y!nbbqlmpSoxfb>*Idtp#-_n-0& z?(n5Y^f&U^R*tq2pkSJ#qLUxTh`alO^R{u}Q7a za-^h|Y<8zUvd-aoDMvB!t&`!i`lb&c5splB!RmG`C57GOzD6#h{PpODV%)y(&q^a) zhCx`w92`OtcQ99m9sP;W%^=-^85J9uf^wbKtA%O9PZVo;*N>IRFd2f>!PjZy@(%;0hn|g(d*u z($jX8Ms^@Q8O7=pA*@>x1bfJ{{W%5QYBZh0MCeMFivG}{RcM%C0h^EE8NGjGv4bxLve-t2Jv#&XMbTzF zkB3O6M;Qh{PqQjdQ7D)~jrtp_<)qE~gDI6oN6hPzJbsB2?cSqfS(BTXn|w_f<0@df zqDS^tceE8SN;DR~&GnRgH~1DgVv!$XokC1s$@`T)`QQ21Nd0IP|M9I%$S*$*`!F(; z;86(j(|F$*G-5c;Re!f~mU4OgUiZChq7rG@ZW9f33ALyoB~wqcw{t?MQ-jV$Td|`3 z&+=;fGb&*Bw58Rg1}~&ONIPU0GN!Ii>&1YI*J_xczIExQkj z1G1%;=fQL{8>_4t_2VM@QvEDb%AiY z87p93;k)e`;gv@GePvpi`(;ryvG!SXyw70X>ffP#c(K6cXGLDN)6j0i)yjSMVQun7 zsN}`AwrFNwiT`Q=pCHlB&-0DUxw8Z(M`S~#=OlP>pQ-peV38p|qyOq9_V!0wZ?t~Pzp!5YNX$-s3 zj~BvuZPUy1$aEUIDmf6>Y8VmaIh>>)r%f!|S#cbS7)uX6+%Kxr;i7C0JkE#24RvSA z&!kk9`mmWETfGWAMCq(#ets@gMF@k6n3&Xq;hpsN8 z--cTXqAY5b8C8?9TH_RHm=K&q2MZrn;>)D;>-9GdQSQcg+7?tM+MSie}fp+hpoMlzOirjk+;pz^zXVDQ%&>NzA?m!{)l~C*c zC(*Z66xnI;C&0PmV3vAfSFhU_C95w`5?M*QcOZZzT#w=F^YmHsNo}5Zy?_f=(lY_K z9{*`ZTHYz7Y9_pgZs>`X$HJiV*UeEbu41^-A`T9}gzw z0$z@PbZBOlqFmydcubwM%HHJRK`F7$P{94-kdfn7hFnp57tXsbyPqt^W89lFIbdFe zU;L;Erc{UxCg6zH74la(>48&&UeD<|Ff?r3-rc00{!$bu*!A>t^tUqPOFcUwVAUo# zGo{q2OO?3CfS+;0<8REYAC;L;`>K)$po!{bDAXKWl%bN6jZS!ia1;IRD^VP;rfThN zrAzh5v%<`#GnA5jn8-lU^k`R;!ab@xk6bLquk3q6ucruScg+m7FUrZSU(MS7KH#Jx z{USwHzY4{H;ALuXS+&mNMt%g{f{BTJNt_X>^HWPdZ$3`oGihkZxI|U8@+X`9*12UZNsa|O_qv>_}TmPi|#|n4Ft^?~-ebfX#vmbN# z2|I*u!2HT13OG=rNiT*N)JBB$GT4*Vv?fF{VkI2bTc!@(Q+DI5%3as)I>C0rBr#DV=XO@p0bFA6=E&vb+lwziA_GLH&7PmM0+i^Xq8bISvF zLA!+lRr<_V1Wc>J>CGVbBD;r&?-N-id_z*&%f2(iaf4qk%vq}=XGB`+Jl+--D($)& zi_y(v$d6J=Pcy}gL*(!F+e@|oMp%h|2ZLO^M0O&7DNE4G3#;9Qfkfv0HeT22z{m&A zw@lc7+8_)~Z{TPDvpbvgYQ+Y5F%b*xDwzAx?JJ>H2~QSW4Ol4_))p?wx6l|pRUDdg z&dAuMG?^qlDL%#mp;}ixAH;uKh(|#fMM+7hmM~_d?5CG@^wmscKx8p9lKCJY-hVA z`MK?>!-;!I`Nq8EteoU27w`GX5;}C5J15i0GZ|182O#)N?3&1^+~8OYHxL7FEF7xS z0NkFCe@={7wTMurvmBHZ$)(4b|gdePYU1`wi#D^Havo0aKYKsjax#fh=|Z1zIsjWT;%<26|R z-R2LnDzQg)Cn2eo(hjwa0~5w2%k`BKX-fg%343|F;d|wAiZZ}7IFVE?miG2Rpe?`* z2LWa;R6!;Aoa-|h!oLhs?zFyf?8w+&?A-xK-^v%2L~j3Z4`QJCS)n&2(=gPhKl#oS z8%6ja{((0bu)Ix~@g1s#j-E02O-jqH%F)eURLz#56yc8|D5%*Lhf#-ZLEcz{Hn={B z^Sm)BQSnXgM2VZiV+2F8vu4<~;rR!^pI0OSRi#Kl*XiQ6@Zk=nsqj5-F&x8X@qAZL zw83`N12rRn$ z{M1ufpM2O3;U4^E)BuSFV0E+dAQl5FI96dF^y>_!AbpqZR08F5eIQ0tPzn1YFSq#Q zP>;1=Qql`Pew#7V%=Hvic`EawY+64DNqsltOLMK2cwWHvrR%tW@wIC4W{C-5<|ixf zaZE^J>uoMEiWyeF%P5@V-+6DYyHa{az8-_00`Qp!5DgBLobNO*wyc^q!(*7HdA5nf z!SK>_pf$6VZ2J}Ff7=*2!=5%^cftLs#DFggi2K$6fUx)>evDc`_>J?VEwOFg)6Y-9 zEO$P%n$YO+fEU$AAJ(FzVwx|tj$7Mn?Gw+og*+bXkR(TSpslh4yx!)kHQ*dpRDSjr|MWT9J{n=2m&xS`ws^mOOZfh~cIM_sVcqjX zfdJdhp@TU(CVQBkrp0RRW!INUS6cnJuXf-b@SMGtIt!5+ZsXCEE72I?SiiBK)&gc) z1L*jjfdXVZ^7~vn_U~veBnjP3Jr%xxkZb`ffRi4{gkYP`^V~GD7hGkn7D?i0z8(v= z44{!#cHXI;rj+WxDO{`RSwXn*7CvP^5e~Eurxl(1ugxy-h12XcY2c z5K6m1`rk?$2c=O}#*9H{;>sEg_(Hbt9JRbNEPm+ho&5%y>~)K=l3k7Pay~xMu;xRr zVojOTEfYNrObTc0Md;5ZyiwMqPm>-6Y=g-GOLB%Ktr@6-ub4K6kqMwGr7gRfC5`D^ zsG~O=*GDhfox}5R`)b%MEBXfxss7vo`bSWysaZ?+%PAB4AVRC$E zDCIee3a1!;mc>IZn{IR*4IDh3ZJJz-2GD&b=gZfMkyThf7qeWaD!{&~?NgBWGx7wG z7_WV*^>!(Hwkc=T{P1Qm0Ibubp{UNPQc2O0MqT(YiM=EWw{bI7|MZXHP)~*X=7#b0 zSKf@v!^O_g+t+qqilH;3sn^C)6k>d6-~M~Al9t@Y^{DoTXAL^59Fu4SJS1<{lf&pE zN6|;TB5v|G8!j+G$f}>`r{I`2!N7)GxsW)2a?b-}zPUGV&aKfl#a43X=*^^cTqCOm z*rqCoL3+%@<(!P{+G<;sul$(lS7?DTjC`M6nKnJIZYim*^VMK5hw7}s^#mDay1P%_ z%Wof{#quzg)>HJ&YwD&bUwjj^g37&<-4YI_eycpmA_HJQEEP5Fc!Xn2$^>F3r{-Q^ z@uhfs95X8?zS&pKFFGY#o5Hel{M^=xyCN)3 z&FjJe0sXs;J8*vfPKTiS;>_gNc_Y21{ZKw?J{@CUJVWuN$B{i6a!^E#Vs(ZCJ1T;$ zjWWxV&PC~y^(rteWCx-hUa9>Al;5}n%-FSA(CKsL92AH7@Ee}O^+b`+Cx%y^F(tS= z@v4eEEQwWHcMQ+RIu&(EHPbXLp0?-mw1?-wBkseMI9SLITSfC;nE5(8CqO)}UiR=p zr6lziFy^z2e|HquB_5z++{m`|fRs1A?SnkNx>f;F^5Dum^**(aE*D4VkT{{)HAP4X zd@Jsm!b#0P)-xh&ET-ACqxwlhVrb7*)X}9e!#tLpBXHW_HazvOBA1M|HwS|&)D9JH z`uf1V0lZj6?YH=fPqf2x$8hy%0{r6@V^t4N3ihFtw&7E7Ce!1NQ&3^xQ;tgbtW8HZDo42FSu=UtA3=kIFH9B7#(BXpQ|6(hvP|J_+W z_LC=c31i8qgme=u3KJ;k=MDx>eR^8Diqbpfk*pjMnKi3wScRYCwRqdskY2N}%#Bb) z{1~6b)Koz~r(3|ZXoi~|UN@#h?bcRSKYv_a4#$YRaVL0{!{FThITKpB^qeQd+1qfI zgfYewehzuf&tOXj4rEo=*d%*h_DntajZqt$>>yab$Rfi(0^*!{WRVkG^}EXzs{K&w z0Se{7^4&vi8>YA@>f(+0LQbQc=Gq3Oe0k*9Wwyi{`nM{6?5Yz-5Ed{{3TJO3pe|5L za@S8Ei%KRMSgfE{<6_7NsS3LxAIm-}RuO{1HcG&4Af$-%o@0Z6I1a}9Kv&e;M`0ZP(FLhT?vFFOzlxq zIfGJR5h(Sj-$KoeqeTYrv|%!lM7xFeEBbY2`#7@GMzDx6M>Ml`Xq_!o6Xk8|Mu|nu z40Mo>R1k9v!`45p;Am|CdOr z;BUqI>;gHaEV;}98{cUNF1Wkt!`Cp(q8DrvDYMbrLrBcrbQR#9mSW!^lWC<=U~LA> z_9OLzb_p}WWVlmZX_rwLm1c43+6}~HUm>Z}Zqf839rF2n*3$F2k_HL1FFuKxmLFN_au7^`hQ*O))N*x()* zz|;^Tfo(FzumZ?(KNNxKBnR-cP%O?)1d#*1!&i7_IfNOU7{L2e0~RrL7AYTNnbMJ~ zTu$;t6+wo}D?8};;4@ikhG&A&g8!H$_OTrBv+QpJh~3zK3HScpnR{fa3`;EkQIeQ@BubEM5im0q9~CLMaro{{p#yc<6b3dtIf z6#C`K-=>{A;e}>;mexvwJ3lwQR2ifG_rTI;W{X+WdX-`!LN6%1hxc%$b{_};)-)@R zpYs~oY{XEOjqk-)go9Taodro&(_$NaB^ABLqf%a8VR#r|G2Cz8kU1@AUij;6 z)x#chA;+O0x%u)bXN$TRXjFSeaG`7)FpM@|{h(qX;U?oF9U1$CK$-$2!$LJ)u-b{{ zv)hBolR_mkxRGI_qVnvpYmnJMx(;laS|M51K|II1O>T|oMJ49$`U^bj5n0qDr=ZfA zKIWIew;x|d_m-^RR~F%6S!VR2DTJdbN30||^xFW-7a?!eX`emQD3_=&d&V&g(OO5Y z-?uY^qTdAF=|D+kc{hc=g&hM#zgQn1F8;{dFFQfKww^KcOlmV?UX8(p5En za1A?3TgCWX(M8=6+FTi8!()^((qvEJJ*0BE$eX9{X(m)rIn9sMBQDTW?dRsInQUros+>Wvh$!+0o6@%PLzI zJ>c=<$@M<3SySn1k6B(fJyj0B)tw5r=>~aOCn+mjfT-$FA1fE2{mK{dfNuqmWQq*0 zsl${UNRY>5O`h?28z)_ulw40y+K(JU+R%MS=SAOG-7@AnM8FW@gaq@bD<`AO69-+T zQiV0$K{KnLZ#@{N%}nt&SId1bb@mb0$X&F!xi>d^0o9Ok210Yv zu+4^UE6iD=AD!y0ZjYJ))!dO`!=FMv)nF|B)D);cp8+4p3}{apJ^21wBA-G1y8T zvo)D$_k@d8pJ+SPyCKFq<_;`8!F1nwDfp71UYjUA@ZnMSOq0>On} z4ZOnS^??N2JTKQ_B(^Hq5_Q^8;4Qdc(E-asp+8v3JU?Lh!PE-WBL6gt{--j${@q?w)iy5Hf@=rt@-=gZ)@0LGs*Tgy$%9^D5i+X&h)dQ<^=eUI6@ac@bU z57`a1!$N7Bs2}7&sk>C#;)7?rO1rZCO3)?kaGYk)k2y1Uy=zz)%E5FVD7_x@^sx`i zPc>c2S=8d)UlO49594UA1r)#3msdf>ED{C%qeLY*(2skT5q(>w4x=BJOr=|y5r7?U zh%L&Cf8wUiY0X@(UKEPc?Kg7kGR=fF_8h>la3=iYxd7LKL>}zlL!#LQl8-+Rj!mD{Ed=Md%hqQD$K%g@W&}9J+8yJ9}%nf zn`5a=chw$A(;}d9p#DL~h5kv({Gs;U>c_O?vrA@5nuH)x7pjg49d^Ob@CWLTO&14_;BgF7vd}c8&Ww*zlxYJ0z;0$ z-I*C;QhPYBSPMC3Pa+l+{i$5iBm<&p@JnoykNScU$5k{gjYM00rBxmQ(3cfo>z_Rb z=3;`IlFGjQLj1w(J}VS?-#hE7Q{WQx5I(Q<*H(=LShip^r3`w;^h99@CR|6H_eg`f z)(Ih_iw9Ni298z_X}`YBHH)$W(Vhe|ZofziFJiko90}9-ICjofrM%twk(I(^_RO$+ z4Lm!T@%9RTu(KjD3i{aMYiJTiONs*AdlsV#pwlUgf(_j(hI){An6HMsOKf-jxQ*m2 zG_FP9o_(b4;#E`VN#m-5x&AxJj&0A9DLzo_I&XW6z_F`_`#_6_?)u`K&qSEu@J)$- zwA{;U&{t#LMVse|T+EY@d(o_t-p418v_TIsZ*1lzk3>a#O(3bykP*$x2un4V{)(kI zF^H>*jB6cSO&rRUYx;^u?UUF~}8-K#NtpjrV;#+E3)1};Omzwo0)@<{W@R_gh^w|tj zD2rc<8jf}KZl)^@H)f&kYb==tN=8<-!Jn6wUOW3se4jgG^6V3E|1~k*P9YtYnensp@3^`C{Ehbeu<(h^xkJw$Yo2Gp zYEiQPl6lm+8$_f!tHZKlOi4=ta-zzQ(I@J38jLXZXe z2kz0w2LXcK4r0<2uPrTXwsLwtb$A6hl;`>GcTwB3 zZ}+*)@QhOIO7BGqaPrlY?ouL(^2poT|CSMNdtQi%`{(MfZ}&*)F_o8E?eu0DO7jYG zTwN*&lE%tN=Ef8IH9JvTkT|`dA(DrA78ZZEp_)zB=8cI5f^RetAv%6d(z1g-+jO)< z%kMUP;IUCA$P33{4%JY7v3%gi09ZEUf*dq@E;Mc!kv3itI50-QF0A0qB~M+V(EQ|* zIN3U?Fj)T)JY&Ryilz94N!H{e9i4CGwm45urhBpUFPRfAt6eSVw7NsOqiVt9V$k4A z5R@!q%<7C-mc|)CaW)s8a(U&i6)Je81VMiJ^s83U3S-zMqw$i+8%B*fSSm|TtsOPU zhJ{O*s#!pUl|3;wQfSo1OEaCS>x+HoO`}$+bT7~SxsnLiQ!82#oi4H=HJs{m1}E$T z)DK}gM+U}Gfe{;@@%Frq@Y{iO`}ZWf=+ee7E-i|j@VA$ciysB0W-8L_>tYOZ@|W?$ zvvkE|y*);u^C!C=?5^^B6>9?~JAHlkBsySxHvs}3uE_vpiT40_AtBg zW2T~LZCeSq=+9N_9a~Iu(UleI9a7!CYo>3%*jM`F%%rk)GM)fQf5~ zX}PgPfd9JL3Q}t6P*wTHidD>CB$ltm_{Y5gk5CCkhUYa9dWnx>nUseu#2A{FvG38K zGT!A#aoMl)OpF<&VY9(k7j#c2IWj^n!5pTVmFg(A6^fn2z1hSgRknJ1T<%qTuGP%)=<6Yu&KI&^nN8Bp%Pfoyu7okKPaq&x#(BBr^ol2{3djdEWLY*!M*Q+C*RRLRX{y z@yf)xzl#Ef+MoZ0+P&BdXX8*f3E@o_=n zc_!C{;ON_Aqkfci=e=5Oc8-ln&tFGWkwku?ASMFB7z18>&~aVJs5fKp=u5hhVw)ay z851c7kZmZFx2>n?mp^aA3CE4wXC)n%{?{)Y#asGRz_`AM%QAL_!;g`SR zDJxH9H{>Um-ITZt)%_;zP)yBdN7rXr9Qe1DHB^wlS91qn0G~^nvG~tRN#u^LO2$98 zZLVofElt{r`;~4jFI>7y1HJEUW|`U6nfW7~ADtrZ>oND)3#Z?+2KIb|fFbBv6&*S5 zc}T6kkA?oUAu+XI-T)maAAXDG8vDwPbK#Uk{na7ILOAU!%j%f~OJPPaK)}n&yhn+^ za7>WI;2U^I7&?xQ2gC@q*f*xUpf0B#jjdk+N(M2El-C8Q&zH;asyc8E1*0xanhuTl zl{E33%#R2;(jFOq=65$3$(17tRs7eNFPf=u-vHt}sI(x`j*6{oy|jqoukNf#2-#1% zo`7h#-T8TJbQW&b@5DTh_Ckqa6eIx(-O@bqefk;E3E91Q2<4Dn@r^19)6ov(SLv^u zM^U;&v}i-HLRRlE@757%UP&QO;oiGTHpS4HVwYBe5xg&a9JFo{2;Z;4j!&o_VzF4N zHNmx1H($*%O=g9@7Y6$&u>gPHIvmLZLo)|~zZoSMy`aA&-$&4~(=xr^HbW~l@%K0z z!jR-+-+6^R#g_vt7MbDC%hmP;1qnT+A6ar$2;QAl@q4TmcjGGzPv~_4{VRwjXbku4 z$VYN~w(0Q>gf>{uwnln{h*a*tB?_D>r=?NX>Bj+X6PHDf?W}xhy|6&1Mz))HyGo42 zR>X0E6w^p2<1O5ze~(k(x>Hfa`dqs2(FK{k_hTX)o%rD=Rs0rMleZfY9&i+VEBRxf z+x%5=E(G{xq(TsgbzRH0caBTx+_8aj0`>7u>f_TrnL`38ICs|4&fk4;4pyCn7i^z( zx`V~(dpiWHNq^iDH)vQn_qF@#aIB}_0EH<9-YtmK9}hxwXz7)~u0)VCUf!@pC)Gbm6lN;7 zfj89`zn-bQrOnFnxE)UXxK(z-*hgus9zH*v7OmO2f4?W|k?Z*)OMNNe2C)S9yNl~=(u5v@TV2S6;1pNz5L5tcE};{4>^HAJkv z49&wkI7fzUBr59Nz|4_PN+M62W_Vq{2HNJ>G%C$?au{juE26wfO^S=-pipQ}0$l)C~9@J`UL zwyt7p3NAU*CHvj&-Rp|%`^0nt3$gOop4DC!;#y%2oFJ65Ir zFHvUnkK$xKq5K&J4}izp1mlwO&0U@X`p^)}2^0rvfk`)w0LLz_Rh;-?B2TX&d%iz}`Hakx{hhrjNR4au&MKhmj}Sp>IRXdw1Gq!doL)aV ze+!?aB50#D=iE_*Ds)>_K&$@%T@cE|V6MwJirgMw=x;m_1449nl?-jyCt z)KGMbK%@xx4Uwx*(1>k7qH23rzyM5;-)VZV{1$fZGqDj!6Xgq%E z&5s^H=QMLcy?mwSDS1%}#Lred#{_(PfJvsM6(p9TwgxDc9}SX;EDIZmd=dTE;SDcy z7-*}F$&j`pUu6jKnAOYvHTzCnTRz@(RQajwmn-L28#wFmMf-Z+7y37<_8gKOh30<` zWdIF3tFe^1!=I;SW_JHV!YmAz%(IM>$)e=|YsdhQ)5Xb{&dj@`dhwen-$2sNf!Dpj z9%{6iMmG1Yb=L9b@Brb5q@nLh9zWR(&k8#vBg<0gdBHFfRRFE}LoDe4guG30z%B(l z;8-i>Q^K2`LVvN6?0^X}jJ4Tt_lZAi^Qfa17#iy~Rkr=iQ z2TFEkdy=aup9Ub37b#x0po#nJv2J}Jv7sC_te8+H<-_T|!SL&0QNH|Wy!4@eQwDE1 zc{`cGoi2=>A94Ua)tI21RV0Tlrd{@k&-a^t9VZ_8w80)dAFrKSff1k{#l{(zlg;E3 zZ^^p{AY1U-kofUambrp*oG02B^Q(Cs4YY=FJEL#g#{*-M&M+99czpD0D%6Q1VCSVdvlL>yP(W zR>}Y88kInS%|nJ3o$g=OF4InY8-$aSqkS5>V1%XTq4l*H0r1)XwKh@vJ!?K$b=4*6 zN3tg&t}u<7A1~JdTeZ>Z@7d$br|P=WEqOh(-=X5VYiS{gz=A=gp|Yj%Pb%y#Mv%n% z#b)fb09R*G=9@}^&V>yA_W0Xcmb^=tl)Zt#Yalgy*c!tAEf!pz|vygH;;O-8>e zzNe~F=Xt>R^}{cD%&H})el%PGlxWyy$JcXeH#=rHiGLG61|wdBU9u~V9gXNy9W1Fl z+2@UUit_CqXgg|(i;9ZNM-*#H!I{g_NurREGwOiB+SlvuPES)H{FS6 zs%2UJAOFYy{=X44k|j7s{|6c8_Bvom=wPqzu{k z-#_{N-?Dg%|KD{VmpM2M<^Ly%*POuqU$xJg&Ix^_a{L?1_l{k>$=RH&l# z-JVDO-qIx#OqdhC$71gC>p841S2-EMV4}L6oU%t#HAc!|CXfYr;BTI*Kea`UVGxBl zthApDE{s8x8+@$To*^6LwIb2j^;cCH>bSfX;#01*xYj-CGMOGaqAiGS>R%_goQxnk zTxA3Mo?9sh&$flS#tNY5k?+7UwCMB2kg^z#oZfH>AW1Y(PJ#J<@{cD>twexA^MEKBHLb@-t>$1s#(aP zQ24a~D6$+{uYW8Ag_^myP<}OpLVh0MM+#SAO21yC#$Ve~Z2`~0*9roEjsw+;Epz_# zv$^PdUrbBlYX0EOf4505{5H~i3x>hS>`t~+D?&t3}e1Ic7 z1&WC0?F(;NFcGhv+#9j+8oz0A3;w+NfTk_2^dAq;&Zt&Opr6^?oC~wt!x7pCD0SyP zC}QiR&JUd7CLvnXhAb}OAJFp!lGRG`AF#CJ2&CpII9{rzna=-S(K^q>ZpnB)6aEH^ zUEG_qLK3h7BM_~^pd-G5wG%RnsCtStF3j;Vbv+*hF(l<*IR1=sR z8kwkEH(#|}Ko@@TZm{V9j)k?-?s3g`d!_&_U3t{dY$nP*0-Rx3sQ*6tF`zceVnBX0 zDljC)yLJH!er?S*pBq1{br0}Po4mM>Hhn=0^h0d!g1ftDxE*u?zsdNZ@dGZiiI@#) zpdC`X3elTQ8VZRJ;?taOg@@P6GQZRY-`ST<{of=3S5_zUj5GIRZUL&14%)dq3^`7n+j{UC3qgkeB7!0$7nF4%W8%gR_g%pGO z^3Gu!IR(rXppJwVXTnV54}oR*9{gB&wohV5H}8k;Z@jK%fM+^*rG8DRL_{0ejW3&1Vi^UymV~}VimfuWSvjgNar$4??KOo7*R2KcR+@~Mn z5LgZQEYbHAIvua$7Q9|p3uS{p;&?_ALRUirxzXOA>W~Svh~d~?J#VD zR|6aW_1Rf%Nj7)xw9o$hwi8ZQf%;vqE;2))HT3hbmemdBXZ4R++keMLxU-vf_hA3c zFtryNe4-?*!NlqlWa?{mEKb~uIT!!{0^siwhomUrPrBo|y*BfYV7Q3JC9is0#dj4Y z3J#Hpf5b25KAUP?MDTQ??_Kfy35?%7f(gIvhsF~mLNC6762zsr^K8L>`__gT_LD`~ zkfj7c)hsKwgI%F?woy^=j~EIEnP z>;@hMb1JYr4iQe2=jgq1{nxx7g018AgysrdAn?_~)-bauDLcjym+@{uZi3!YUNicXyKMk+*myx#^ zHX!Whn%)rPkiSrB!N)ldE0B6`^1t66taz7_8`)sQvU8iQMx0frf5sP^M%7X8B>2Zt_U$al&SQc0{<($(Y9%F5jO7p%jLAG z&5p>s(km0^>gzXr^YI;ziG2>VCmH-*zxNmOG)=rimjwd)>_}3%@~=78+LWv4oer(m zd+);0UZi!6U7c&0J&P|z^+{A3>JF={=wgv_gQP3GmYnqSnvuon82r_azd zTo3jL)lH=#X`is8mIGg-r#wyB-4Vq1RR(Mvp(FT}la8N+^*HFoPwtgS);@9M zEWtQ=Fapa}h?1YAi(BlH-BZ{M*7nW>4i^{!?vV<3geN^K3q}%!emiSlnEe4%AwL zycmMZ%$j^oBO}Paxp#N!zhc9*$KZn`xo$-kt31(F{_|Y~0>~GL0ONNls0OFtS3Wt= z434CKz1r(F>h)ikRnAh0r6lYJs0Gs@mmG)>b^nS#AsP<+Ld4KS`@LMKou>fNxBrzt zbFe23dA`qYLkyPucHl?ETfjw>S$$-LW+y@O6PJ{tx|ScfkYaBu(Z^x5Y?( z@P?KgKGGsv6`&7s7q5QkP;1Uiod-{ijt8ok zMRfz+=TO}L+xql>MbrN6^LgTaj~jnaC8gGbYy7}g6^UCctE?z|4+Ktv1j`clb)J{PybQj)CSpYw^Ta)#vpM~%F|POaBaEXIsIpeHVXs{j0b zC%Wx-w|kEJ-~YEHDX>?qlm9`GboL(wQKbKoVg>RaRGdOtR?rZP$Nx>Z(!5*qbpP*f zzrTNr3U4C+-Ez$T{`YpNxBGwPyB+2HdmsMuyB%gUE`RxZ!3C`H3v`BIN$!1{pQX4% zvIo4cMMdhopX`LLcM>5&Z(1+538Hq|P;KddF5BX1ES1EUjC@Fu)Gk80-TG?BPEz%| ze`|f!!0@2c4Ol+S zuOf-Aqt{uy@3$y$D(zOvoS(2HV4?VdYWwFL;VZF!0&FXSais5S+a5Zv9D1W{fBS2JfhU7gsSXHj(Ee(GQ1|e;)HRTjP#?BJ}3T zOAvZ}*Tw$xSgif7^ZmW?u7xRWNH0HPHYL4tWT-y?=8q*+*}l;p(rB;vZZ^h= z{l?*qhmjyoXML6D|NQyaGk8x{kErj~zcr_@D%1MiOqa(@_HEeA> zRrk-h|JBbVB!~h3qgI7Z_%}Rw>&TcQe)^y09KAgsxh49Jw;7L)hTk_wuG48h;R)Z^ z8Ls#mY5g(ysEb?$|F?0hwC{%ahgXU4);Q{KfA#Zk>uCR%*3tZ7+y979HKl+3GPHog zUw>Fac!+=f7bf)Aq{s&31QBHRVv|YTYeu0u{Lk8p-kSQ)z98OtKA9xGedw#so9Dk; z)B5g>$9U^*2}g}uM>X^}S6urU{aYhj_){?BhH(9-KVf6^x}>0{~Tf>cYI)Z`({S}<%c(a zXnMD`_J{i%{XfM)L;tU0bsqm$nEB7`|ACudM+pD1-GB1JKX~Hra|^A`@MkPhV3%(` z|M=)u8VUd*|8i`Gk%~8dg6PFe;GaQ}4yaF)pd8@fK?mDwNcfdhRYqYvEo7sft9#z( zyJ9;LRDLDoZ28b{%aWf%po1?V%do`ewpRS&c!lMlzuy=A_!Sd{_9)n`_8YS2F$i)2 z1~SJXto|53lfo%rK!&|uzo3drR2bzE61jrX^Arv^rU^w~uc&3!B1HLCgdf{5=VP42 zm?$WBx11D9s&QAE{yWQI87D(kIM(peajYSeN`R{n2}@&UMNg$MLw>*$^0ZiD^um-0 zTtlw8^vFU)VlF0xaHFMY1+pLH3-{`FdpK?QygPPD2lN^OJ z3%T)#dEATn;(ElC)<2${$ig9iF?19`pSDj0S?N<6)s7mK3;C7FQQo*psSAurcGPgS zRE37xfQB~I?5hrIw<+kjfUP-Knh)4nVJax}WxLyT$t61MZK!DYB4nk>aSc|K;dgcL z*@^RJhSYkWC#@Zu2n#_aU{mED_LoR zT9?x7BMrF@H6O*ih{*>)E!xwDycqp!9V2o17;Oh%^M&Y>DuqmZx%AYV5a++awDgPP z5-fK4HA`ngyX~qmo12^hl-d9SKV`_}#*I`mQm&U7NDrYvDVU2?5#P5>bjU2&Q*o?O1H1!XO)4}Jt&MMS^mZPO*RrY<|w6Ltb$3XY&Qv?s1v z4@I3e(eGNyY@qqi(N{MXBc(lXwaH2!Scg&%9X-gFbS@VV@0TQ{l$c zi~7}xj;QTt9OInfF>coqiM6|n6`H7(3Oew&9;-_3rTha3ME-$7V(=l!Ns!<-{%!Y(8s5p1-U!vkb52_(@Eq zj)lBD+tS1FEywt}d9yP2db(1&7{0^UaZRI{(K$)c&ZhFLSX@tr;K*K7`=Rq>(~f=} z{QG;hvEvD4%WmE6BHPRuB#!;?_2+QuXDNA&Z%WgXxKYX^E#<&_!YY=Q1d|KrAbPbu zxjLB$i7)3Uj6T^bmq(#k=%j&i78%>}SupO~rdFgaX?=v!{rmYjw?%r{;mZe|zO^+b zPepMIdFy2jOHq(d`+_~vR3b~*4FS{SUd6B0FLy1i&}7)-cBK!wOi`}w|N zgJbu@CG!2WE`4(j3|JhAz7%~gA>FW9&A6->v9&!E-^jQFLxID{Da=(1Rk^3UW`%&; zSeURI4Gr)=6>}IP(22|dxm)`@KlK!on-yN@*F1$6dpo-VFP+KNSAfs87S+yQ9f%HDO2N~ z)C10Dg`nkmOG-=ccLsm*1TKCMyT> zzL?A`7e>1(>Co-xI;r1jf2@{ZSKF3;PZkCvC^cF1I^K#x_(?C-W}9fwrBE7fMIe{P zw&B!7(cdBum%(p$WIObemit3pSlj%WA|trn;PVx|{*t;(Q$vT@L1=5HZ8f1{4gx+0m?{PXd&^1J&utDVHB)`nj4MRZl+6ogNp zFcKGY99_dCEk15wyGv!SlYuEm!R%4gE>o69Tqz*_kUvqX^q*H7UvRc1fY#(hZg?L6 z;kjm}vx?;)oZ-JU6MX#U8#|3%UlK2u3+iIxz%0;2A?Gi<#Vt_)33c5h-&w{kU+%&! zz0q78y)cu=x0M4Z3_RathBdv_CUxIrTBB*jV%zn*AMA^zc5Ry_aX2{Xinm`jcNlz~ z5VjdJlT>Psokg{_(L*hJ{|=!TTaMBH_=e}hU*-dcGens5cUHqYc=YvOWS&Qi>{i?| z{ld}`6Zv@ArUwY~!s1B?bP8nvoL$+{7@KI0e8oi|jgxX!exSVI2toS0;IJlX^IK8n z^hq5sOUIok>;Ws*mQ!u;L0^x~&W}gL)_ATao>Um4raQ>@GieX(@r@$z_-&7YkWvS! zPkR4dVoLkYlMqREjER9`bItzdQW}+d6AE-S3#Pwn^s8m`$M->zKzILX2u*23vvabN z@oa(7^%*_XtnwGQRd+4b`vDv0QNtojF&#Zs~!0@$E`$l-$Xg#`}Y77BK=@x5hQd(v^F8v!04)6h(_LUx+grE_-pVx6e2uwh6 zXh$OBSw0EQeZBJZ;A;g89N!_wu+=s~zsa9%DrCrQ?f^_8tBt(9; z1|uLu2^52V{6xj#8USB&^Tk$nR<7;`h3JzVr3dUi8aGd~eJo5*M15?*6nDm~jp=q6=Nls`+JmXE{4EECYx^dF?BBVKlw@=F&W^`Y52 zDGpn@J3N!pwsAwhmIY1NM3CsR+5|!kpL2gB?ITxSX)nNly1mg;FSrlkyR?6a zhHZAexIbvvrR(|TaLfmtq@lv{mEXl#ocikef#;SL+eenmeYvo-pgZb=kwJ#9NxsTY zC0$b4e0#2K8tpVk#$Yh+rjLpWNgtSzr|mZ$O^}o?kE}nBk#tSAHw?0Br7o0q^Z<#o zb_NjeHDpZlZ~>#XLEadz@JfK=gttpwFW29q|IQgy&6Z`D(x)K;WLVOlSE0POX4e?K z=5Yx#UdXY*`0WK}raNK55JA zI2ko)nD;;@{q7C(alG)Vpq_|g!%LURZ%T7pGz3kQ#H0|-v94vhg2>9N@$)`s2c}|| z68cCfqN-b-Slk=7{7ZS=MDG}V`EAJocp`GeK&xK8qBg2KtH^+hfE&KdCk{fMZhmWH zERn*aRN>gQl@Hf3@#mr67ce9})=?}$U^J_+RHbTqPRh8yeX+^r(@i@vd5;iYtKpXx zew~S1Ki$bN`JKO^;%Z6s>D$3DwhfVJV%6i-JXL?>gZ00O>d4gCJz1nLs8pUap*2+7QM^0Oax zDi{Xmv70S5@AI;y;wx4yuPx##q7=!Z@aMs*?~_xUm3juMZDc-lL(B&u>#Iv{;1M2v z@Z$Tbl^3VqfM>b@csFzGSjU?o4tkX1n}d?0yn&){66ff%F^qNBpGJa?qm-&y3NUP% z$i4kcG(PIYfK>xoVHs4W5$tvYL-~fBGbr>H$&AHUhp7{KKo-bW-Fa_W&S7IZx20N2 z&r~D$(;HyQDE_X11PssLc5a+qCKO`#rP?1K)u2`Ru|I(8d^TIg*{Bwo$1M>o@%+(b z2_%dNN$|?xW>$ccWS$V9fRG26?0p<|?L;vGc1Ta}WbbS4b+QRXVwjx9G%Eo8J+G{2fT&>p>w+HS6? z#qMFQLKPMH7SfT?Kg@>>p3urP`-%vM0l#XrYZnUNU4aA}_IccF6vUQZk|-FB>V?Nh zX9-H9GcUII_|U88A1J7=aLChP9^q~18)~%gjx3iU%?}O7cXZCXoqOEGqKSd^xn9Mr&Js(Dilk;`uV3kP?u@WLPnONbc|=Si_3fFT#$NJB*E>}Cnlcf4XlurO#-I?$YtaOKq< zkSem->l=M#!Ek^(>s^43@B*1({F8ILhzvsWv+L~msl4}!B=&`0^M~H>X02^ApzLcW zr7~~cEaq|?C!#xccPLi|+tBDj@ckf~+^Q@8<{A1O9e$$#MABd-@T9jI%Q_MY@NxGa z+xIwqNL)tii7K>jwqK!VYX-d`{onoVfQ4u!H82@Lb%5;)1=4e+=KFZ zJ!b1$7V*U#FX4JD)2lBo8&;=0G=m7S^j^j}<-@H}Wu{T9g)xY&LjBqp=B8N#&+6R8w3T@X9ARaK5xE8qmB>;S#WB9(cmtqPlB zsYjsVkvs8uKKgvzWh4iVd7<5oQyEBXJrB-r%iRdB7G+hB&?8tGNE^+KbtuVTBc7+Q z6|`1~FqAE{O4_E(*i9l}iS`s=qv+O5r7dl@Gy69sowsH&DU4|gzu~flzE$$VYL0?F z%|br9z@S(fUcW0cI%rr@zKPei?q;SVHUWCB z`=LTwB1#{yw@FMG(4BCg>M&s{Jzd>z989d2%;1XLeFIXoZtHya5zr9uH)=LL)e$aJ zMY(1R`Cw(2g)D0h(3E?D6SExSCazAX8Ck=ZpEm!#OePFWN#*x_DCj0@@R}(K@}qpF zf=bVXQpsT3Yo#pn!3F`mK?!Iu3U~ZyPoOiA>|@FI41}+%bRI9V!}|?|zslE4@|iwG zIIt=2)Lu5~8|1*fEp1hUQ3c>g^Ueub3?i#4F4l}g1I-y-I7&Nr`5tiBWV9*!mI)gz zKG0D{Xep*;k>+^@+^XLR^BXfJE||E3Q7VRF)1#yY#qwVSta}>%_;bgBjFl<(xUOkS z))w`%idkFfgKmM1s^kzueQ+k6%oXHl*yIJH7sE*Yy$_*wlO}!)b&@`I4z!I^1U@Do zytAvOBz#2QFwmwG1A;6X%wLa8?}qt;B?q(OL8h^(5tlK(8snP`Kv$9ri*%-C*~A9X zRczR;#Brp&de&5nreh}&C&s4m&EliIX5b7!(K_aae^c`((Beq(4Mcp+QnBp>dQW<%qj*J_#H|jHLB2%pONj*^Y4l)oBB2iE zy=7<`-;Z&KpH4{6MS=Z~@hH5piP-kp1e>aS~DaN~&s^5i|Z zktn;)WrA`*w8q9Aac-QTqu;X&LeJaUF0A5p$5+w5om9ZXY1kD%205Ky*--s`m0Mxs#M~_ z0#pgSV%y~cqEEqsb8EG5kxA2pZ>o_eaRDFqT{dn2-qkro3n$b>Eyl!)$m#DG-RF5b zMBT>+D;ffUu3&xX)|7mpTP&dKK}F_&kX{DNMd(%Tg_zg=dAgSbi=sxRO!PjA&-6% zJh|#m{}CD5jzPc`Q?eOIs-b!3ETq?waflMxE;F~^aM;X7W+a4Lze-ot-W8a(D&ITt zfh+z2jrj4@2$(_giRzOV%NK*h#3yHhH+apqn!6N#OZu`^(5=)-P$)$;h^nQHoRQ#J z?M7GXsWp=3+K!7u7JlOfANF zYsEGq&=)8A9w1wz>Q~w5RVH!_`7*2of6=v2QyjcT4V_h1P(D2}k2IkA5-z>=xWWPU zrp@|>I#M)3jH86lm^O>`vFmq05>X6R?-BimUZkP$$f`Y#2$mJDlbN8$j=w;GGon69 z-C;-5(~OLwTFNL#PE9$k3Ym(oK~m!bsKiBoSIACETg2JT-!bVMoo23X2YsN!CzZnN z5lQdb8igugI&{$(i;9|xu2XVut*DMXS|W8={qTGfauyw}T!~VUx#|;}(aalw-bhG| zWB9@sQOn;}cRH-2iQOyGf(lCWgxbFz@VL8!lc9HUklzSdl9HaMw*1_?-wr)>SGUN0 zT!y##NVnshFOzMJI=C24DG)EF%+!1>&s!k>66+m0`05Tlr6F`*AhjpDkm zu^gn6^zHnZ|FEG2bsmd?lOVT_sv!S1Ve%!w%qh5(LnpXRkvcp9^HF$;R?Ae6aP?_2 z5RB=kwsyTHLrqGrL;OgBfiudMWv$nNh|MSS6$lBgq4K+{h)!2}Bw`Z8@(@l_ATG;K*2)^upWkv8o$J@YcyK(;8iHoF}_$`wZ0lqVu9d2!+P zS=*%ERQ;904HyzNBYECNfdnzue@SMkO9usGO!2t80`mg@H0HrJr^*%^VW)KTu`y)$|a6V;QuQp2<~<3b?oXz z1V~dLeN>U=WgU%bkJQ+Al2CT#FdhG0%SonT3Px!RE-f+z97~IRCW_l$4eagnS+C0a zz-+Dh?}cml^Ie%b&si16kIb8$yY1o;u6JKS%>tENF?qvE8b2!U%xa*-_b%8K2X5J zn(?O`@L%P9zmmJZzPJN?EcGWs)-HdsbsXg5uOx~jH}GAvW6VLdfBU+|!-s|V-^BY6 zS?@pE1NS0yoTIyIf8{=J?!=5=8J7rmxyb*k%&>T_|7S@f@%#R-^3z`#rIC1*HQgS1N9em7%%G5UeIBo(tsrUO*!{_=MzKZ~dqOe+@ z>zjYOFCT|bi~8>PQ$|*^f6A<)K;HAvqTls@mRkOv^S>_h{Cxfg<(+MG|66G%%EDQH z{8a{v*o}(#OB}#mI@tH05>4mdN>hh_D+}ZP%kt2FFYWuQO!WHi+wFSL|7wZon*Mif z&>^q)`~TJF&fq6*MQ?wuxl`1?BE)y%AZq>(<)M4l*?Wo{|5XXx^(SUtA3X~6@#&xE z|EmA8%v7(TQ>&p{6aJK$-oIEfUjHj)rqQao?^U~5PvbH|yLm!)+yBKf)Bnk}{};+k z9kIJ}k-m!m(et>^^Kjowzy90vL`}i9Bt9k*u5QTNNU~{5st?fD{R=wZMu09`BDX+5 zRlncmdGg;%IOX&i*C@c7*!xo|`s>pz3A)y3WI?}$m)*vkbw{ZEV7Bc>xPE_l%k4O; zeIq&--FDL+|3&HPpZh)i{O|YU|EKr+?@B=J?#W3c4s0>&>GfAe`HMrN|1U~sTMyMd zS+rY$)0TtU#A_VH9UYk2z0Y9dH)bkT7CD$D%qe*Z-Y>%Z~@qzWMWe|BkW0|NnRF?$Z9(j`y$JpCsk*4~s+stNDBgf*{5F(>sil zT||uUl&K6IB*WM(O z^JWpnX%*0c+T2BV;xQxSMR##vht5bDHp(nZ98@u?tiW=vvs%S2u`phsTlaOR|TYvIHGN#V_XhJ;zmdf*lC?t?!&cfJ_0l%^REMivZ`5 zff(|{!ilS5RB-HKLz4eK@sp|r0(zxg>hgRm%m|t49P9bc1RIKPJ~|XhQC^~iiLG$M zF!(J)Rw|b3Ni#NaeEvvNk%up4#rK|cY&rP^XuLsr{u*Nm6d>>`FW6YKG=P_s2`^6#r?je7|I_rfz(`YyN) zGNt?)1z0SQaVX8pG1U1du3Ws=4 zltV)~Q?RnbU*M#)3c%{eO=VGpH7PC=8&(IeH^Ra(PN)Ii@)`DNb8TF9?}g(O?u3xF zrCFsp%^q&5V@6AJfc4BLqK#aUcVM5FXd8(vcukEp4tc zt@94dMS#J2Ow?jGliQ}sud)@^?8znwTdE!|bO(qNZWt4npT+ML;?)Hf)`6)g3)s0Jm}&CHNnb^ zw1+@q%gq&hWaWGPNb-zKGSrKZrer%(a#5lzP^`8Lyw_iXzy=VhG-fq@4Ap}kGNjC{ zh!OeK39(K!t+x>L)+Tgejs(D$D#i#n@TfH>t!HV?SW4@_sy!IKX%zxf8p$mFKeulo zC`l0*j{Kv9ko+GQiam0hEb@OONl8K|i4YV8|8GuG7J9M%N8x_kV)zeXTk7xdAFtQ{ zRh4c1*|1gp^JP3k=f%^X7KOTFLvLnYu#EU)3hcr1V3uKCXLIaSWO=_I{_Dj%{9yfj z1H|NbFQI>4E)?gyALYV-7Va|-N+%CGs6GB5H3L10XVV(#e2cx${N8l-PgD#yIOjqp zi|roJ4W?AS6%iPamCZ$n8YFCE@K?&6Y2p~8LV+yeL-yN+w#yF)0~ym= z@A)H}PxWzpCMSP8$Tmh!wcG3HI@tpS!7U}#PaWqowyW#j%zKNFd%owe+6<(5b2_?$ zIY5FdP*Na3Qi%fTT$0SlWaMF-o#S>TT(d@F+upJ5j%{~rblh<|+_7!jwr$(CZR>k) z;QTqi)~Fj;tE$#B=KRd^m(91K_6z(=F-n{w#`VqlO~*!6VgdGQZ8LAIYuMKgzhX@s zJ;b;LVny6d7f+{UZ^SmOD??8&Pb>EO5Bi>Fy={!gV_v+0AKlYy;vbGxsmOl)f3QWD z2&Ix}-BY7~n}D=xw37jKI)=f*MzdCt0mX~Zt}5Y(JDgw$F^wJ=dM%B!^N3YNSyeQ_ z!zMBsKA~cuI-L^$@25v;7J*7I6s!4q#BX9?`2-SQ4v<;5Pb&{%C&T@gL%!NVrruCj zS*I|tW9v#BNHkIyV6w_K(WwTHQA$~4SGhUp2)NZ-7IwB9zkNV#Ea$FWLhA^#X?2#D ziW7~xYY}W@Z)l0&*d@O?%tF`jfFX(40 z#7hA~pL+?_ue-3&wRz(>1yu;rL49D1(iaOixx<6X6a+0Z{>$=$_~qBh6oEs(J8bJ) zXDIt$@1b9_{t9)=8xM0PT%Mu6AlG&=jV4%tb(8ZNKPW0jhhU@w7gNTB$R7%I*3{5@ zLs&PMta5MIrtuedo6=N~bIVD6wCiD2dd&`@i+52tk{PK$xtDq>pw2{T_YwN8ARMmq zDV}!$SzSSF{OaC(OG0CLDl51s|BV62oe(0P`F|0IKcu@JPT}6q4Y_f7o zOS#!vXo5(Oz(F&OPV@C^78IwgX0;kld?)5|A^c*2MGA!cYCeqC!LootC9!_-kZtWss1DCY@IKQ>d1_jAabPM+TBbh^)91?W} z=i`5%??gK?=Xo)F*Yf+4W)J0rl;yv%8U0=2E*_Ws&0;*=vXmbzqx7oRj-_O_NWCbT z_8AnKD`pb9GpK)YLPy#G>`gBdcd3}}k15)kme*1ZB489{T;7c^_MY|`1|znob%BzVifsJac;l-lS{b;1M=m+z-f$I))8>4Pl+H`lF50P05& zm>6h@V~FEpnCkJqIGAaDw6=TYPk@krXG&u^ngu<#t zjB&Ce?3yj-bya8J9_9)_2GP+$)bB9ERp~G1HK}wy?`bFUdsBv__iFkp2adjCF5Z}) zGW~0uBV-#_8~^&y+D7b&!@}7DV{k8{h6Y(*8ojOP>95F0+17)?kNSKCpi%lky|j?f z=?nY`4a-(SPx4&u9t2xG^cR26w~_Ts%{iRRz_%LRzXudK=f|wHiZX(#=#1C|RkmIz zAVbOrcjsjF!S|S+Qlh_8$<1z~wFQUu_nhf{+Pmy4toOlcXuMZw#+@H6z)r7V*6Q|w zMe!O_y!>BxBV@LEPdk?t7!t7!<%ryVa)*Q+s%_HE;xV&<11QdPNk3Z z5X_!D@xW(k=FZ3siUNG)&u<+^wqoufJ(quFjqLn%ur8o-?NT8PnQ*_6L<+rzT2zxh z*E+>6zW81r_#!}V?-M*H^apktUG8LQEG1(iDMRsJXwk>E9n<5wt=XXvigOYO`mD|b zs-@ifD=2eSDsW>w2a$D(y+n&3nko?;V_`$&a^}JF9!U4!k_rB-6M@X}?zV1kP%Yps zlfkUcdy;QV){L#iSvO3ju7?ie2rvw_7|mh0`I71|4>Vw+|D9@;AfY{(qy+Ez?WM9omM78>h6d8^abpo{!(ZZG-eW*7 z_Iw(qRRYSpw*VTQhNt|7oyh`C;)NMc(mBHKWkai@y7?#c5+tA)5|`S%M1c26G04l;Mp@(FjD!bm7;Y;g@j zWN5VdK|LBk^IlM8k+?hQbQ@=m2GrXZc;vB{TBlMUj{kXKJ>5eF2ZYLemZ9h}G_v^A z%R6^@%(#dw?`OxF+&)GWP8XrIL3g`1W_RX=XS-E$r!JBR6@H@Dem~-qSU_{eWc?Nq zj3~R{VAv!sfh2`l>|ByDTfayQD7*^?Jv*_@1x=Ytp9+G!777kg`(uL6Zy(iWb~_Qr zWJ^_+=6_U?%0yb5st?SY-O!Ih!0fn@I*SfV-9Eb@L}+K@AUWyIfiP`;Qc)LOQ>Jj3 zSF&^`{Q0YRUI($zinq^PGcK4K;vLI}b$dRXF9~#(tF_MQRqY2kdWQcI9(xHzHOY@^I~x z;nc#6RnYc;z{d)kY=Y-&Pvn{#PxWPY6diK`Ab=QYo|WZZI^ZrDuwlAUHq~8tErGMJ z7&ed;>LYK5a9z0E77Pa?X4sg2nRd?hPN1KNcqwPsR{PrcUr*h*4aL8+9M5&&SHcJw zl6A34fsAg>2J=5b?QmX^PX zgat;^E}XTe3X*<=*#le38!ec9ONH9C8^c)0Rb?{ocNdrsp1bV@JGj~*<#kj4Ssy02 zJ3|aLG9Q~Qqjv}}PRcM{{KD%cG6s&5&8~QvMw|jekPQ3cVbEr0fCMrG55V_iI=AP_ zUFZ?N&aYs#G1U?!CrCLqC^*aANgXJ!GX8)i;tVhg=)#^Y_xR|vh7vGlVgh>q%bXk7 z6$*M4`&Um?X8(~Wut_P`b(rMdU#1yc2DT$yqgVo^M>}RtyHP~GJ+u>&<>av}Cg!Pl zFO1gbpD2f%ZW(Da2qI_Z?1Dc&1sC|%_Prd7KXLFQ^#lR4KDloGpWqX$hX4$SgCF8C zQekRpvN5!umHZW-YIl;K*`O64?jc?537=0veMS?~AEsBIpO_v2p`Q;Qx6s?4Pfv== zo21$vjs9J^ zd3*`O@X3+7`~Mt2Js7J`>mTCVj}XD1Uu6wWio-vat3O-gW_i=!9DWI+Dt*CV_4XwS`O6be zxFT-w{__GZ7sjtu8u{wC^Dh@q)k!HDT6|?9YTH^7_jp-vdTP_~ucHB9@hq@1agI#f zC{}_@=A*IskbPe8AJikEwMkDI`iv^z{|4d@dX@umlgldC=we=SZfGTrE8sp(PWs=! zn~Wz75q8ji2x|7-ISbw|8Wy|tH*;o~f`<$+A4+gO-@*>Of82jg%zoU+1MK{&FGmcM5A7&X$+xQCpm#!P~!nRAnD+e_*| zA^Wob8^j)(j-bcrw}XMdV!eV4!mNJQ_kcr}r&0A!`%0HJHkA~`EuT&|!~VCJRhVO& zlHF^51M_N$kx`Jxy4vnN*BZ{2S<~e9`}ZD^&d7cEKrSyAHfHX3Q`VjlwzR|U{+jvQ z+-CDa^z0XNzJwtSWwWv=8FPAyoN0cSQy7y@@)WZ7nO1w~9Tmd7BVv#ODYB~Y7D_sx z=p->YhVX|%qQ)|v7GcNdMK5}I+*FC82`=f*K#P+@LLB*Dn}e%8HHv+~8{My0AQ_!W zD&Q(Z2mQT1f4A-}e z$eqoo3>q)z^Jv$-_UDN&t+p=yQ@j0FqEh1)lWXZ~p`wPBM7fkT9kcb%rsf~El;h1~ za$Q!2hn6kb&1Q^9U%(=mZ(SS*;vy8_<6}Z2c&#uD;P^@qESchazwgUWa?oP0ez$?n zTXMB6fAtYx`l=Ti$+Rn_I=}f!J?`6J&b0c z(Y<0RblZldUcC~;tU~Y$DSZXyZ^DSH#s+hCFBrp2;$nH5!)egjHky_D0Z++XisBBl zG%pmT^V40Q@Z)Z0?b`#_A=nM2ORRw+3ars7%)^8p>I$)&o4-q+Q)KfjHhIqWu+BIm zHdW_&Ak`&Bl?8Vl)p^-Ys_Je>d2Tu0RotxV_$BM z#Xzg2RgBbOX-;qlUO5~9*DMIBfx8A!a1o z%F&rM^r1 z#d4Q?FfT(W@Y?KxQOd?rah>AAb8a$Z1 zO5s6ppKFwozGX;_j^h%1!`T8tdS8i-zoNTbYUk`KR~B{tPKMDtg#BKnWGn!QMEAzc z_+sY($DeJ;_oO(5kAE^3`EKoh=a@7XgnkKiuKmO9DYB+0blspmxa#4Q@?#4R^2kgj zrm>=PfT@CN#!XxGJCVS$g&RcUU)}F4Fyvkb%l;E%H|%Zf7h!NVJGG(#He;%pBe&ru ziyvG?zyN58-p;iE=o7*j~SE*{s3+%#5m6J$stz^EArNW=h1cRVs> z^EloM=G*3K?j$vD>f2Q-!H+})5SNga6BIAQQZ1&N{3ip}^a34;NmxBd_<1!{%lox$ zD8(8*Q&2-aJzg!2Uk5AoyEZNzlx&y~HY9((F?qZLeNRBs00k8#&d{wzz-PmNN-4{Z zjk-?-I}iBt9}G-~y~bH#Hm(->$m6@C=K~TYGe}6;wQ*fhCT4zE^WTzYi7r;U!Rp?J z^h{jcPK?2j(uij%#Yj|7tL7lm!P&$1*}+s7BE?&0H~}dFtL~#;q`q!U$<1xs9=2XV z8-L)@GzC6MGhUf9Bf5x+_+qDSj1N?ebE*zUY)`9w2!0iFr1E5ut4RT-h&}LY?|G#< zsA0Kg$Ns0vhx&Q>6fa6lHXpv`-6^+QV_4!nOLs}K8ItDe(mz@<>zWk!s8GZ{y^I@T zO#f>?+%<$-EAO^0vL_F<5AY{LumWBwi<0YRm^Fa()c8AL$es+^h)nRcWyGqxDIsU@ zT``p<#`#vsqWKslbNSznw)$^2$5mw{(UzJ$>Aj2Z)1gYGcqO~4!A{|)WWrOo`fqlN zTMt=LsqU;o%~OT#*+MTC!v6q$oF_+(c2Fh!pHCmW^jhHwy0haDC0PzF9{f#+o5Xb@ zAMR_k<=Y3wF0r^X%?BGPgfTdbKgh-U2EDgEH6|>3=hrbVcCScKn-X<5L^eO6_A`HI zaM6^%WgXb0fwZ4!Q0ZpzK@gcQn!WxJthCi|c^u}{s$iOz9_t198JQRbldTG%oEbfj zOCX&$8rX;}K(!Tnp9jcweA2%54tOjgc|f7{Cpb~~j;Pv1{-pPn@2 z>{qP|O{JCt+*O-G$M>$I1VoC5?$`D@RygsYp*MCGMw+>jw-$4Te+HbqX%0-T+?1EMTv5<#D<5sN4I2 z$GpY{ea^;{CK;mLRRNR;K6RWQg9M+JOtNZ3OK2kaFLnOpWk&RRZS)MnwWd)L{OM>S z;clL71K5uxInO~!uUo+grI4QS%Gup&G^nq=V*>A<&TZ5uVLsf^YO*YG0L4CZf}vzp z0oi51mZZPQEtAb>5MIPv#n%YH;C2ODjYa)?W~L{B@|#r;Z{Qct!1vRFk4Knbiax@` z_eoLmQ;Gr)&KDxfryvLM!RHAguKxQ<5&gvX5?1hA2g8p+%Tdu1c3$z6BH3U!DpX7? zMpCA(0B$BV{Y=)zqqy+U5o(U?>|kDejQI4xltRok#VY49Y}K@317_qe=yER2omgG* znm{C*Qu_K{$kgU2_HVKwdzFpBsSZ}3v@~@|;fDsFhS=n(m^7*}V804#mX$qilOOeEkb z%bgqUZc3`14Iu?Jk~hTybNZI$pTC{F_0>YUOfd%-nDgsNkCzfEZQxb$oe&E(MO4?Pe#QqU+bkm|cQRK8#GL;vn#s0tY$YKskbHpo_hqU7cZ%37dx< zc#%Zn@7m1_FIsV_JFDaJwLu)c1WgQ9tg)&1sA@2! zL6RQwvz}0y1eS(2V2^xrzFQS`$6k=a1L$|nx`OxHZ9gG|K3DFULXhQF8&G4--Ojed z*x0Qz@I_NM(w}VRQ^G0%$*SN_jd#NJEM<3TY|y$rC|r+K0hajfd~{nm3t=8(=O3xT z_f^_NhMNo;N5QHWz`WO|BqpK&?CDm+xoz=!AQ-nudLIDFFbjC+iq-^l4aayej}$l% z86*-bUY-sFHBEfG1rG;v)=I*Z6mzvwsB{_d{-W}iQVq6O77NYQ;>?m>1@MGp2)rss z$N1Pt1C;O)U|pSqnKoZnq2{DRcu@!G287X5B9Hl*_D8;}_*aw12}{k@&y|1NM)>Wu;Il5HTSi;Ui$OA7~khgi~Cupr~45Zl??L|L}_`s&FmRW2O+^UwZ# zqw?5F@=4n!>3E0Zz2{!;1+Y7@quS3I$%qTW_&(`9nG~qV$#^ju8ND_1f90MnYP?P$ zP#`!Dqr-w4!4s2)x2Q5uKJQ~{rh=d_#VZDkvSmjWVYj@FX^~nApl2xluD{j9Xxm8` z{`d1g;Lhv&=k%!SDk1yl9Z$uP9U(^TzsAt?ZrX1DA;)1n`)Ix`6c$UNfna>oYqhLT zX(#^I#TnhP+NWiWGq44vUw>J{`;o`>P>71d=0SV=zc+#xPjGOCEcq^E&Xi)~QOaZl z@XPS#^C&V*<8D$ytEcmIF^z_Qk51UARRnSK-yxslQ>J1<0gG*o$R(3Erp_W;z8Tqb z5QDCaN)v+Sg=j>Xyq#3U6if;mW5Q=^G%pbX&jBEn#Im;KrbMu_ItzaM`P|P!PUg^P zyg0&3AtoSiP*;6dWxJ#gXm7h0^_3j(_!fb@Ll}nwPZ*fn-)JgTGreCh1sNbw`8A^( z8bu;t;IGJ88v337ybC%pMtO5)7B}T2)(qI$ty96pVA3J!*}S{Q244U?xH`GDW=nO7 zMh@6=iYJim^fqmV#CQp<^nMouiBP>?B<4eiP|c;xi{L%D6#w3`6wQn05T28mVl%}} zuIL-oztQkI@)jV>)G2rheE+~xS(8mU_#8PmFU}d&G6>Saz z6)=}QXN=(o6zC!9A5hX4e)rWD@x&P<`z%_Mbag*vWFWfE4X=G4Zk>@CX~zg7{BsP0 zSo>*6f1=>>ZPv?CJ@f$)G1?>Fu*yrGD$*w#S)T(dmEfFI3lqFjbt$g8lo(^>DAsdQ ziFXoy^u0KryT((_^r1TQL0l-#n&ZKR9)Ynhsv9xE>`n9+RXb_@0C5-H^{Rix@N=0+ zgM9@in%X=q?q)xy>dGc*T&Ez`ZE1zmnD>-G z?O-j%z=?dqOAgPbryogfG$j4mFU5``IGF$- zPi61Ba5rhO$O`_o`%&7}i`hPGQG-LDUH)Y((TtdmIYZoB8B#VQKlVKDX$cL^jaLc{Df4gNVNx5mNszWM4WaejZ{S8Dm#r7zLy? zvCQqmE$be=zt)US$CH*33a59EHPD^wyLJU80+Q4rzZWI}#38YxJboAd4<9C1!!&5- zX#S~FVt_rS@{0Zl>&NqKzTx~8%3#qx)IbwpBJXwQKf&>7;sykwWv4w8it{AtJ}6#hXzf51Z-YQp#y@B0}wTEt7DVjjcd*D*1i=tG#f zFRprv?St$FS%n;fe`Y|o@4*qzuuIC?4C=tnFfR@>r#K&cp|&D(jqt> z4}Zp`$o%V$t&Ahc5gM;%1#+P)v3Td7I`hGvIsd6c8@JBdKS+iQ_N`ca>}9KXLb0!5 z2SfKyh5ak76!y)GTiYHvaT)sHX9y?b1_-k$w4Wycd8}8 z_Ew;4vi7~m;wHH8qm_#X%P3I8X^~*C4LfNej*fH!6yg`f**8oOja`v>V@rSC$LlS2 z*ivc&eks?;YJtM7v%=VnqFwccJpwl;MT_0&r*~Q(JNjw&&1e?K5K%R(c+=3(fq;$1 zTEa^_o#Nxd(j{20EUkXqwt-xSCPmEjw}~=UY|~RM>-BL`J7xVgm_Jyk&lJCVQq1?I zMUgzvNo*dG0sPc6O}ws(H0=bw9Yi@wgH2AyGHH?{0#0&YP&bqxU;v)O)`Vqf^`Af8ZBt#LlSF;s0ryE8*hzTK+W;fl{8 zJP7Mue?VQ={ys5iEKL|mAaytx;b$FX&;~TjZpC*nnvF2c(JapyrTRx?aKPb*DFz>r zSDm#(lBvI&nC^r$u@6Tk<3YQx^C~F@1fdXxAxUZ5Q~@o>7A4hQq4M{n7qN&Lb?m$M zDGUZ+vXB~#+UlEhx=ol;>TVI5AOUQ}faDI{CUg%kq1B zu{*Iko^PIq#|{RDF0D>!;!o>N>(tCDblai%p*D_Jit9J+0JDo`w^TkCHq?%w9z|3p z&rA#Y^!edzGvk2K#TkrZ>U!!ct3LPi54QSJew zd+yH8R9vd0c7NbC*1k4pm@BbBsoh=p@JW z_rs+Q%E4n*PtBjp8L#oR^?%OSChsv)o4(UMM7klCuTCuq@k+Bf>&4jfpUd8NoxfO^ zyDU~BU+hIiQ7=Sn#m7G7cmCCU>2o~8AR*z7i@UQUxZ}9{9L;YI}D$oSZhb2<&AV;hziI#YZ87K_0zfFQG?SQN;hGk@X#YoUYHf zEtY^svl=s>OL}iEb`sN^u9HYq_Ra39;KRlH*rKidLqACnh{5v$S4%ipR3LF|L*+xW zl%BS@Q+@0!27UzVj{YBQv|~Q#e|J<`OuW9Zj==!DryLRxV+44Qi&r{hH57} zyu8^K`OS{Ng%tIXmo$(G9LG<;eh(!aNZ{{SM6bhsc-|L?J2{ujf@{2jRyZcX z=eOuVJL?PoOpQc5fo#T_owl72MI`IK)Qzv`EIhB{vX!@jAb-`^(d_qPqMK;Yrn;k7B{e@AqH z*_|CFMVw-8y@x|kKL||tvJJp$8@T1tNbI+`Ckfq;XeKUYj*{poQ2CH4>G^wbXMy1~ zpl(dF(PPMs8))&e7^lVe=OnyAO_?=|50w#w$d}B9DHeNI z)TI1!+g>s|c(*jTy!r-{9PWUmc=XmR1n}q4%4@fPDr4W%iw!T*blwijt9O9zwoI=- z%lqCmed@T<-fqyL9pCYi=Zmr@ccJfdpzE_a88Db;A3M34Btewv*%?v1^@spw@)bGf z$!4o20v$uED)QJ9V6JZW1}31mDHIgeSj57TUx|^o9+!5`$j1ZO(AdiC&;^;@{%|2q z_si)p+~?|g7fAB67Hi)8RtX#P{CH>#<3fT?g*#LbD{COpIVO^t(M9H zwQsRrsEHcHKCyX!t~l$rPrX-l6TW(o@ZAF4(uwy$x|^tPJ#Nij_AntOprnIsAuVqRZ#GVRs=-SPb!R^8+d-f?-LDeJ&raE?qZKm8_D! z=BK7t?(sL)ZZnnF!Sq*s*wVdRXlq%lu|M{c8rC}|CM|jq#pn)vP)97k-kMVkD(NBf zK&U}Tik{}i$IL=V@Ls1JC1+lU%dmW{tNGWq+Lo=X!;_sD#1y7^aHjC%>1A%@;8bs@ zLeILdz36z&J_YnUsGi_1onnNa0VIQ@PQrc9X@zP(rCqtrFTB-)b|@BSHQ>JD@g5Cd zPmY1sIXEs58yDN;M*$1CagL&0i2p5h59o(R(2#$HDX`w5u(UN;*ORL%fD3&q_mKZx zOX)&)E)M~+jkfI?c(j5ak|AzRr~dlhb`%snL+tHk9`~$q<4D>>w16tKE1|H=rzsWv zFUym*UeQ@(RJuKc&14(DjgnIAz&v=gVK}8rV>Z4~;qTH@N2CyI$)OwwLAOKj15*%?>d z6>Cv$COZ$4%ZC->>RUa!A;S_F&QCT@P%NkghxmeH+dV_U`P9Exv&`C^mF6DhvF2Qm z2NPEw9)h5_eyLaV*+zV7_Z8}O=toqJwV!trCrASZ9yA4<`FF2lWWxwTs@TB#O4iQj z!GrDEAi>S<4Sz`=TQ)dG7YP|I8!>|KtOWRAT#bW?UDCdcfimmiXCyy-d_-)7N|qJz zJG*L%Z`>cyZBjv8X1mbSO%hG&Cl0rhR>LWx9JQ|n`N;9_Pv_Y)@`n~%BPX%dLy%|gg2P;2f0g20jbmMOQQTdk>$Rfc z#DKT2&_=Og2{X3$^!o+hgRpB2C~-Kjujvq4Dge7-DKIsMl}+uK4f;zix08^CN}U@< zUgWKiYkrV?#ncHq+3xT5)U*>H(wX|{%&8#X(3ZM+a2Z$XN^MI|{)Cb66tC-rMhvp& zenuCn;3=(!E8mJF@{U2q-GvNJLTAjr!Vl{wf;xjHFHj(w#-7;7=HT+6E^ExC-5p_W zZBS4o;=BC*?OBSd+4+L|lzGj;1j`rQA!bRvdC~*=5c(aXcFjhVBXt?a92c?`-2(lF z)Q9;zv4hmwMVG*gkyK9wLUkju3{9eX76eHdN{|F4O{*3;TNEKRE$LZS9QJBdmW^Q% zini6QWDcJsd2|}E(BZfth!IA_>$VTd9==w2-&c@gJ8)?Y#GGYT<}C=LuK`ifzDrbn zA``B!W2~B*#rS0@6jH0};W#kDZR%(^3dRfRXE{OQ-Z4(k79NiRv3MuL7qjd6$PsmG zY!c8%69TrIUw?*%NHgSkltBI0#==d$nOP<;loVmhiw zyg!$VZD4os*(Pumc^&c4jj=uXQeutDITuFjKi?Y605iWYk6%Eyj0CZblq{v83WT>5qD6^J}Ijl%Xn zo+C@?d8A8<*w!)^6G4{TAmWM2+a-AeI!M#fykxH#J)Gy<Vc$MsQY4U)+he&U1U_5e5~Opx4>vD|gO8Vgxh2|^GV zK`~Jdm>LcY>rNAZ`uOZxKbVxtXJ8g%5Tw3@Hc@`)rHbPKXm0Oe5NzlZtve>eh~z3)mVY zrjoE5ZbIPiIjh{G<+3!!Dbq*7_6{Mgr2>YchKTyWy7UO6?0Cu42S_x$I9i*Y?Bf;D zO#WB3VV;aX6~kIDa*Gx6By^E&XESt99aCOJQ&9>kJ^>t$d*L;55yiilP4*{z{_Y0091f?{xabgCAS07SC!fQdH8#c zWlqCeA3#HU-k`03kRac0&m^lt8OYm4s%ZlIGqp|%V?@_%2R4O$d_#Y9u(53V%zOf80 z1?!V{;KX{Lje0oJdOhUR?Ixz2nw+3Td(*+hyA1pT`FaJZNXUpqlLwfHPhiuT*dcn9 zd1fh)iZ`1W`Q^$?Y}ts*A?A9Os1C!`JV*M|4nCtToX+C%`%x3U0OWOgIyrWb4gWI4 z*_*;3F46*%;0W2DD$0AnF8S|Kzm#VbeN3$m^68hG~*8_%kjK@(tJ2xRZxwT2c z5*wStp#%0V8#rjLrRAT183VeD1$%g7L>f90Yu$Akz(F<7R=McH<8o`aoe9$yqKQ!o z6O}r>PO`C8qak7^$6tdf=j{h^5^QoAw9LDqdU*{j6F~GY>%k?G&k6VvH`49ziGIv; z$!vI`iuQ0s(#27MnAYqzyhO;h2W;vz4YI~ktKfd*!Si$9)otg1b^X@1aRJ*vR2 z72I%_gn4=rJ7#ePuvlMfh~9;sdxgxv5%ER(b4WSrn7CZh$CcMp_o5Ue zUpHrl#N0)QdB@D2G7-%Ceyw0<@#_0GXhc53R1eaW4)}i?Y3}r+THPk$1U`JcbR+(W zB+L77aS}(xcSlwz#KKqU38_7fG`0`DgfcCj#8ktQRR6hPqIud6p_4}#)NiY)LGqGn*t zJy`z)1auPr@H@3R90SQp%x8{JJZpQgX%NqxK&TOcYw?@Vj{2tvE)li*5-1kwP%vVs zpnRr?lvMBXKkaz=;VU&zwRH&%c)k^6k`1$}JrVkMuyZ#itm&*$!&m94t-rnICR@~- z%>bmc!c!q1_{}))tj6)|^X%woNX6AnM=(A2c`@JAw{Ps=T4k2i)$ss*#Io*A<~4bh1py zfV{pe0V_I%J|C85DlA`&hK-5HbwfeHeFWpS+V;)w<-%H)()*DNC{Hn2_bH;Db{oH9 z6bP5fC>8$a9cVP*7uF!(?v&{H<0@$xH^X(#I-MwxD|~60Mk-m<5(h#aDGO07N_HC) zxnCx__>|U~TC}oEcSpj+a{<@#*LrH-U(Dilo;x9Mac@GDKpqNGNAcWG=9_Nm`Z!)U z6tF#Nry`C(Pqs76!Yj}ehTln_N+l3gI4*I&+l~7Reg#@IP@&m_afn)VU%3&jLCoaM=~&@YbYxEamZaIZuJ-9fjrI&B&>UsWibZkf^mgymv{F^ZPb5C);e?o z5Duuz)N#EjrbJ5T7c&{mO9|AHuo zT*Xm&2gE)MTqxQIjH%z;rfBmu&Bjf(BD3`fc6YfOks%%zmn?$|Uu_Rm5w_F5y;+~V zuq>)-sMR%8RHdA{i0SzSbH)5GO;}cScQKxXERmpxPi zhI*}BQrk>_aTRf=Z7y>cBT0H$=))gA9FMPwg6a#gnWc*nI5r_K1B_S!@^aC8$&U9$ zSxRpT*_Bo`e{b56aJKzgz(H#CRA1gz&bx1%n}-csMU?!y1(1=hZjf~A6nUYhRWDka zuC~`vV%aai|46UG(6igz+M%ic2RQ+Y`NGX>6UcEWPH-ST3h79sDsg7bh|%C2?WJ}1 zU~sN6_3n>GdUfn*MSl^vp)xDK=qsi6+tN@L(6uAWc{wOCvh%DR*^$PfibLzo*%jSYWYuIsTYMCv*y!e{5(_~zYRZN=u*ZQbPZsy`9&H%XIerBPE6=W1ppKVE zeS)>^E>cxrgd9OgNQ6p(lH&*j_H&VV&_`6a^olv+Pg1fJ$e^rZ6d)esh z+MK+bmMbt1dIiX%`dUSUrlF6cN+){^I;+QAR6IVlwf z=wiA=eDtS4Xk&nG1 z{T#%pPGB+{polB5#?8U_R}N6Ssl5M=@NaQq;yRu3{Wcl{3i2}}hRQnw+Ob#t;AYjv z>+h=GGha_|N6c(U@@M+thH~ANXz3kw-M2X!WbtsVkKwSviwHU z`0MEitDgQTNZ{OL6(6h*lR6FjfP*pyffQho>XB+E>Ryf)qZcb?gqLZ-V_fV#1UGg2 z4yq;%ri17wpBB@PP8esLDC0S&Ku6aFJDEkJo=qmZJ2bjd%(4{mo^R#Kaqp#W-Wh}) zEz@DSUf(mtX)m*OfarxgxWZ4gp7p0kl>jC8g5RBHQ~=M^aPg=#d@(^Eu@=2MWWcb| zCi6ZEnED-P?@vD=X;T#tCV~Qi;s!KuEQ_$i_syC9)?T<`~e&X!+ZZz?shl73op&t@fYRnVrSAkaNnu{ z1})zZC=NQ19z4(yhB5F8voAfm*h(H-7bGF(c%AHfh(Q}0j~HhH`8bsqTHLF{!M~4FhjTsVkY~Ua7vek{c>yd zZToq>6^bdLqB^ds!^R*A`dDGAli%yAN+4b}sN>bYhQjj1DeueEC5W);BEUFrMWqr{ zG+#Jm2m><6UW7lHNFOE4T8nsj<#cY&fJ=*GiN%C>iA+F6RL1Bb)Lf_L)9X8a{2Grr zG*z3)^(XO1X$+bGS#>vD+#g9EM-sj)u523=VGZO2shlL3E4645d5GHS`2Z!DHA1*_ zr9PfJa*aXyY#I?>xT~pO=!e>(NF;c_3UfDNP?Dt?Vk@}Ovt+nR-MC#RXp$n^#NPiS5 zZOoht5RcU?x;r$N=nSEpW@MiQFol!ZzACq-K`b++-F<)bNs=z@UOk-)E@q10~kFv`<}ZPOPLfq!pP|_c#2j8 zGQ+$oBgfyiAORbogKT?V^2GmWmz>lLgdd47OQx?$6;CAg9NDtw);Z`Lm#qewA{*S8V+~xmL!%gA_Vf_H3*BH7JTJP93DDQBL@M+K9cf#(bpcQA_)k zFRKb+G8hqqNIsXIg+S-E)zQ#pV(1+~@>zQ0eBD3pa{95*usIn!wbb$e=OWNh4up0IPUYnx(`fcc zNW2}nzyp7IDncLOtpH=24S+)QW)o`VCBSnJU8-BC6O0&X)Yp0l*4%r)T0rtA`Su1k ziIra=_?s$R)KJAw>S+-7qn`wk@1A$g_k(;eft%lZ`Ic%*m4RWWVVU~RK7@Pfp<^uiIa*No6dc(Y}3BL1~VHO_VvEXaEmlF6Ivk?ccQbX^-IG}$JNnq#xz_a}#^ZMMhG9Yn&A-!gZ zgR~K@=l+HAaiJjvwZO;SwiClU2c1XvDiTp+d=pqsO2H`uVgBpdz)N%-$^CIw85;mj zRW(;X?qHx5In4BHw|%L-nt{m6%gU)>$a@3WpOW5E^DlPnJQ{L4lTWZ1E}ww#eSZ92 zrKp}oX-`0kTgwYEtE)SM$7)Uvy>y!;4;=03bbGUwjo21j(+jjHJ(*#Sb%0(s!N>2J0q&dEfuyjQ+86f1XOQ@Pu>$7A0!pWG3#XL+%&?7}gGDy+!vG zDbs-MZMY|o#0P;%!haHM7MjkCLA|B)xWC?fWK`{Q2ZqY~Z_+@|JeUASV>JPaVHjYf zN4C=Qx${m@EM5KF+Io>)WJrjZ^+$JCbIkG!^ss<1t$cEdDF$1$+KcXaE$@Yp`nk;@ zDiSqep1=t)w%kRF918v}XZA#LVX2Ypg())35f#y$m6wO0gyy}~^E>!S*a3-KcE=z~ zETy0b2}hRQ=708fLhVLG<(1SeVRzk$%J~27v6~<0rQ=&D(kHuE3L}w2aRpH{U9fpl z<3C@uAxm=~K|}JK?0>XjQ$p3{p=2n&u^QlTj+#0WjNy^ryZ@ee3-s=tV`fK9}TT+5!)dk!_Sr z#J_R(wol22PUis)war2B9dBkS_jPDn6oufNt*8kBx9wff2Ea8Q@YjeyW6OMaETUZOl0xpMg95atH9Gt!fpc;SeZ(yXCA=asXLX-(R#eg?L$LMGNkuab+qz*=o&nr{fw|O3_ zB=}^R9+KTPKD`4J{&istOYPzklkw=#S|CISRSFKksw65FXlpUP63bg_v`k^;hXvGY?ql_X`()V?kaR)g_4%u97u}fJbbE$)w%_-Cdmzd3CYoN|@%yWp z+Lk2MkyeT5zqv7X&BJJ)DYqx+Pt(L4Fux>HOo4Wx*cO9={nrD-*(9g ze|W~w%n?IE!+wR4N}^OY5w6&TH>H!0yI+Mz3#lLzZltxsH9TD=!c~?zAR9nKE*N`l zihj78TJ&HK*J^K7A0c2EoPGF#fdONxHJdimTQ z3rzu0rtBdJMYHlm)DV{KHEny>Mq&73_T8-OJ%U-;A>W^fVWyA+OH&uvr@4 zF$vYrCspg21fe$&dym73?>Q5xB>9Tz%aJpv{KVtO470K{>yIvizEjV_sej~6pF}9j zl}C)_r7Aqvj=nm-3W#1rZnk$#MuDO$K%MkZAt;7NT7+Vg2eVa%Wu2au+{wB(80y;3{rd;={97|$O67(B8aaNFV9CU_RodorNo`Gxlr-Y~9wx3IWp zBtf%v@A1uWRmo0f)_9a zdhvg{hqaUYMER`AnwBNVb>ri^9_J8?MD+n3^t?aYi66^#QQ!DXE~{$51$Q6qr*<0= z)Qz2Hi%WW_eR0=-qxGsNq??0aH0I1R6yd-X29 z^=|+q6TnxJoVdnB<7)Z(VkA2S@7^=29U~E2QHv5Nv(`b2!+d*W^LZn?Acl>L?fcqNlPw#A8f;^_$~q!geQCE; zto8+Q8jbqiYOFK4_=!CbYzzFT%dnVs*E8PTg#{&rgkNy#<%x~OqpRr>tuYLqW#L71 z){@9{>Zf5dbC$>V==|xXKAngunUpt`3TM{u^;xRbqpb0wJ|l44FLfIpGPS-AzD#!; z5<_WiEtCTE{Owd=KRn!m!3&8y%w1#t3FnA<#Eb@DC3sv@qKV_ z>GrUid_Bsk_=Gw_62@x#!8n5Ioa?<4?Zs76MK8PLMPgX`bFdspZAF$ zs7af$vQd`ZwL0!~Q5c^pJdTG;g=D z@_EeT<277gk^vCl9_=-yDex_FqV``UFTWy8pG>`hWEe%-o=D;xA!_#_i=US$#?H1( zv%HRkSc6i4-@a^nVq+?g%&{QE%Z&PvkCQt0Yu16eFNQ`HC`<0bp;U?wn8E6kczS(W zV2&Ml5QYe8`qFN57FM!FCjRQXRbzRHH#~jbPMMNq<*mu+;qqh1Ir+C(`~ECU$%CfU zz|afAUFV8QiHo&xKK?;KwU>78*5EiGq z6DJyTwCyCa9f&;Tvq202;oa7DG{0}Qy-7_zKUoiekBJJxWuIew`qi_@*miuPM0D0- z3&XHA9v|fu%tL`+1y7}1DMLz11n0Y z>rmgs5>4z9Ix$foqRZjSK01TW8jibHVwm}d%wr1RH8U&DM6Epjck1VoXq}?Xl=3~n zMZ(R3ip{puNNflsBZ5*LkI)bW^Kzj)`N^Iq-C3Hx8$x)bp1{mvdwXxK-+y~F6g`-> z;hHK-e?tZ@N4_^XpyM|5auZXOg9uSb=6ysb#9BJ>{T<}XZ2+lV(4@5AEy;7kriq51 z*`LN%H>P!88|=iR*P6G!_Km%x-HmR%=3l^`jL~N7{Ng9lImnIQW$m)&33xzn6WIp~ zjU8{eDDv~ZT=nC~+tjKk@G45$IGo2I0iaPeeW^mw{hbQox8@wVxdV5_)Qv8v)X0b z>%p<_Ws@-CyOMAoNSSY};1T&l6^H#XzI{miG%w`uiY(OB==(6zy=nSYRph?Bhy!wT z$q}lY!o6U@Wz*TuoQ8T)f-{iq+26iSnB;b7Zy7yY{bHBvNYv5B4JL~QfAF2g+t(lM z`oIj~BbugTJ$y0wZ;3{Y8J^!bOo8*g4?CKES};o#BNGy~^5v1{E4h9*mQ;{22wZCW zk@s@y$!%_7Y!f9se)4%#-^^a&FYF1`89u<_B;(i$pIqjzH%bFr|HTB$@!O1EYYqh{2QM^vNxihyYz3tGoGXcYuSz|wI=fu=K0Z&chH!%xUyyi$w9r~6 zD+}#q5cr7>J2G^qHwUY=fxG))Ev=l^*UuI3cSuBL-YdNgXi<3l&WCVC2;2y%1l`Q{ zY&(mMke~C5;fKCS{?rb5}sk>I2tZz~i%r&qtfO{-BZ6==gLP2%6lrM_czOU-NQ0UCe&%?x+^LP5}Gc zbV@L&y@wjdhX>=w&9iK|gRl=i&Pt$lNW-72hzI(n5i|!$0#%DL!~)b#dqQ87CT^>; zZ!=OkKwUl0+Bwrj`_3|DDnN@X2gWpp6HbeY=`Rllb^ERLDDbOuU&D=1s6F*XrrtL; zHyD;ZhzR;b_l*8ILCV-49S)Lihyz(xj$ttSBTh8C&dHgA(gw9VC`r1H;ZG8s+&wul{i0dM|*JOGzr29M>uP;H2#B3TqE>;I_dXU3SrRf~omV{BC z{N`LaaxAn_baUq5hIHfBCo=tyiddHN?Ve-=fOg#WG7La)Kqt8s{75P~qGE~4*ZZY@ zNho2d1j>6(IPLAdHsxJ7AG|2auDgMw1k+N1`}Hk9x236qC1L%;`6x0fnQM@bTN~-v17obQ3xqF@gfKD5bv$^{3{l z&Nok*KO5(lGa~%3%6!$MV=JT9Ul*&6$33VcUIQnQzRw)9A%<$-I=i|6n&uCfqlE=S z)}swRDELSMYJV;G=KHRev1Pbl7XY7vrhA`k4PK0jFNhm9FbOPYOdBKmJ=Oc?l6{n< zfgm3v5C(RRV0_LTlO;BUgi>jm2^iSR2+Ty$(fqT|Ok8cWq6=8pZ?Jqk9h}AkN-gDuWs2}b+t3XSxQDQ$Qa4S3C>&EyuV*t1yJgX-E95L7?Y}*T`{Mc5^;sv`Ba9~dvBd91L+ECNYI(UobxlRtTYiZ z#>mQy(C&5eiCu)HBWvgaT4DKs^Lj^LT4@bIPFaJsb2ksW!3}Lj@8Nmm2Pb*Z zx#c5%o`eFrs3P*vv5f!9v-E#QhyLHq%~&9>iD5IDF)ZTx`*;M|PlV{`3w-2Z^Qs=g z#*7oB0-!#ixiXPH^=LXP{41acss(YjJ~9CKwT66+XRZS4E0o!Gx`N9(3~xM^&w0`s z1*AsyK+nWY6^KNAC}2r$7CE#`aB?BI`yikRXf6KT7RDm*SHvNxJL1LRjOF(II}X9# z@u#2iUKHt{Qn>jtnu}K4qSYfkEzfkcW*-3i{awWKZ*2W4U{uA)mYntoCGI&@)YdMv|^CkefSJ&y8uvo`3(&D7LOd@4^dP&njH(R6*>&=rO5D%{=vW(w)~ph zZe0IaKi7IgRQSP5t2xW{n-jylHRFZs=GQSF@jz0wx2;K$XC0uZ#E=P~1yS!d{U5MR zI4R(OMy$ye^k{$olOItmU7GWGbLTVAfDgxq?M~AO@R3V3|(|`p0nLvxCnfK|{?d6iiry=x~_C<&I^`o5OSoGFw4OFYxl@d(pP z$lYJt37y01>kD4emRetlS(XR#!q)TR`<))gWKAm_pbJVS>)#oqA%}D7(CM|zMw1K2 z8e=GBpHwPc;FS!2e9Q%@2E@TSWY+vr@aC(6JHF<^;4;QvPMDW!1&j{%DG!2gbP^`u z`}y?2r|u8lsl95@iLC_CQtR)$7B0VZwjecr(8AVVWXNVkE)|seP2$ux@yp+-`R_CB z&3a1l%7z!zkF837iSsf>XHf=Brv>m!G|p5YFO7o_Qc8OFWw-Da&Z{dR8sOfOH;dWC z(i`YyWEm7a9xnaZ6E7LtkkW#syL*8YO^vPruUDy!v$_2;6OJ1h`DU6LXyl*KQRr6!mLl_;wQou`{TmPInI;>EVp5^|#r&C89sF;mvE(Z17 zW}63gFufth0s3X%mrwAQ&$gtmZKUgXEsYl@zl{Nkdp1l(5#Y57s!thkFj^wvaL~Ek zL(c;d*-K8=vgC6bj9Is)&l_%(d_9BXN6e1S_o)_O&Kzn%Q?kIOD$BdKZt*{J3NzTJfi^eBLF^mgMwa)=82KPdGcJx*67qlLY5pj`_!nyP%jL;@c=&5XZ#X`2eV?!Eby1Z7 zykH1tL^vXr#_@@IaJ=4Ho5*|RVNQ?5Nm>-A7cOD)5Uu~33r}xyQx>^k$)^v7{2ihG zix(OYLFtWpbg{OA6B`|tC}KA?k;-UuX|M8CUwOp=nJD>= zq+}7U=%ye~yy51bo>i-n<8zFp|1;M#S9PKx_oTnW-Xx=&44u`{L-6lWxKHyvO6>2m z=zmWF@0kTfp`|J{@Q(J&P?nteCt&{O%KGoQ(%*69=2p%Ak9wIG)CIuHYh-8g);U}? z_P^U>z1hFw?VL?#C1g|vz|v}27XEa4uc2a%{db<_zw@tM@Y?r_(WT?7y~3g~b$|ca z7*)8hV8H3F{8#>Gt}86L5o#=$8VhBaNVuhU?9K8g2b6FPS>GWTH zU{~>pr?KCD^{4ndUCp!9q8=dO5WYD$YtQ*}NT0G`jq*?0|8}vhK6z=rU{p zRsU~);-jXHHgym0pWrMY0^}4$xUWLPzE^4tHazw^cZ{Xuk% zI~(Ws!eKu6J@fsrIWD}GgV5mZ_%}+T=)K*?fk#F{mx-MNMFB+dUbamGpfuiA=zqro zi+%;IDuO|QufL$rUe*9DBF~cDZftQew)k^ZcWfa*@iIJz^3jWOwPOdsj>vv4o-5{1 zJUv0(9)42)*(_fj(5v<4rW@R`->=W>LO(|-wH(!k8~SD?B7_BSxVsjh>88o(JQh;D zFCdFw+<)c#1~|$gF@^tMl>>ZdS}vR!Fa@65y@)<2dtp;xL-k|`pKkwZ? z09SF~`TKt9MVx#tfs20%9DvJ&;~I7c8NnQv{Leib_U&^2K~vhJ5$7o8NEcXZ(UEKY zC)er~d{wcAI);yVcIX4n5B4{hh^@u*l#EM*B@U2Ke~0(!h!EiA&ZStBtv0^ z|MuONPGc}@r@jIH?aj^8hqxysO6Ugz+$Al`smPFJHk1N9gW~1D<~@Xn`)n@S|AfVS zNEHgBe$8URyS>n0|7~Z5FtI%ppz>VU&Hp2fN18B*hhc1>lG?7={^9HBGmUVcXd43c z!eWn(uO(|)x#z52x)U9x;$&z#xh)D(l^U-Iah9gmFpw=x6flZ{v7Y$XFBS**5Erzl zSBDS^`ieL-@YPNK5$C^i)v7KLj#BZP*5MU0gtPt#o~-0^gFk5K0RHvdzY)0qGbb%y zV5s3wjKY5jSA~Vn2~_7pR#H_P!SQ!yy584+udhm7KZ222u?26iA2*9uUAi#d;f;TJ zY=14TFz>454E^01KU6u;4+mOdR*TOwI-X_k+5M9mUzqwgN8zpF^C=|dNB#;jlUW#k zd3$bli%135YNa_7*^%e_^L&&@Qj5tt%f~w>>*l+vDZgy+8P&z7z3rd&{%RQIyl-X? zyC)5?Oi!|UCYr6i3eE-*a{1ezo@K`Ml{PSg*-A2zsRx)gUBIETdli_AtwUen*UNBD z?cJ~TZ&Uh7Il#+943s&l2KgMMv3h4jVP-Qe0BHPgZKf)?M?*Zo12Cyw9SY+PL7JAL zT`x8wX+dQncoR;SNUh9#1xIZB`#)=*MDIf^k2Z(#SR{)A0B_|lTdw_Nd--o!c15jV z_xsX1%sH^BM~+hxIjMaM#KNSz)A6s;eLAzKV)-Ehf|l@?@js3P2dhO7r2p})_m58G zP+$eU<_Z<5*0#UfkMR7RfB)W7*c~P~1VYc&CWhyDH>q!&xp1(5wdQfpgP+{t6PP4| zeAQw~6V+CN;5MRd%5LU&2Y1*)%F1f+E25IkpOL(v7a21!V;11K+jE&Du9*I?|DIHj z`uZ6X<{R(z$p-ndc~=DP-%FO0g-JCfeX|0-hmxzjc=mCAuiQC^H87n%o`3QgQ0iUX z-%(XXyga#U(mLm*Q^`Bu>EE4a+d1a&a6{!UxV~ewoDB>@X9P@${ddic4t|M=RnVZa ztR*l_a^bByuQ>An-a`v(oX*C7+|C6f0Q|Xo+gBPlIZ23Ob65Jf_7AsbcU{Be(0L6c znKF$U3|Alm;BU@gi!~WOHp%6*=?+bQ>i#^GHN(F9S&3zF{*5iu@^eOYogpDOj!uzd zJPU@KO#%8Gl_x(S7h1=$?f?DOy+KXqj| zJBJ)C?V=9e{hHTBJ6f7$nwbUKtlKR5nX=2B0JoY*y(h|HfVHH*-t<;87&eBAhx8B1+n` zXV3Rth_fv2QRtg)-^^6+7x~kp-+$sFqb1ltaI=E^?ZJ9I1-!D7$rz1U6;3HqUnG2N ze-h#!e)Zu}R0MgcW-8IfvQHE2gS=}uh{)7BHVGZ zVTi{VPPnQOx3Nf*{;AdXpY>d34uFo##sBVkjih|7i~W#PfP4z>TLAexW%K%@yP_ z_J=sROt2Y8V?{&SHVtX41zrTgRHJ`hO|gol6g7DN<#sMiP@7W0poySEsdc>!l#%;N zDJ0f*)E<$7eA4gDfcoz5zO3i|n}DIarLYzZ&E+*{C8;6 zVvYu7xV7eq&G+t4I^48~kcmCcaN>xZ{W+$8*GCk|9{9SnOkChRO~%UzD4SPISt+3k z%R2QjT5hf&ROOk41Tqbp9t_{QuVaHUH21 zBD%W^GD3q{^&0RKSO4?V|3yJuoI*%~gy?^zDVF{VOH=e;X;Q-fBA}v3Xd0oAg#6z` zd)lbQ{U2;I{)ba6O|kyRzy3qt`>pxcw2a%Bjs1TJd9yX+@E@@M#$)4uZH?T2m@QNO zyGAZ2`77}6iTGbxBUg^z*RzPk_(&sQf0&UP|J2A8YkBf>(lvZo9hDcpUR!$J%hwr}tG{6_m6Kn6#>9nh@r6$1JWEkLyU((}P% zv9~3d?>pWeK}9p&jaxJ2yF#YzSNy)8=&afelcP(T30v#7(Pu1)Ady$@_xM)8=@*by zHMRZa!BrDISiM%8N5tNg&leia=T|J#cgKn~u2$3Nq)R4qsLK!6g~=5&b&vEvR9v@} zl;{96(~V&4l+~2*o<9(&pNAThl+^npCqxitad?osNf?Q#O&!Le;Q*>uWr|;hekZh@ z{FLS%61|sPe-rzKNE3Porg;!TY}a?&u39G&>ct@UO%w~FpOc<6%I?IQA0x^4U`=U9 z`M(Id)@_)!UgUf(+8%dj4GR5Ey4Jc|apczHc!NR~)URu=7=6`vs`6!@$8&mkfa_J# z@EQ?Oe&2{FS6BcOUf`X_lXft%>ahS=12i2EsW`>X+{H@u*~I-4bsxbAn1coJvX^?u z!E#toBs_J1njVO@%E`I~;E?Tb;VQN#e3jc0bz;nbaHT}Qfi&v+9m z+|)W;kLb%W3E^lqN$%5n6UYxP>~$J0;#J-Ps{@}ETnT8^R6hbLx$toYD@!!bG$9E|wtq#hF13b!GHmI_)fI?=+A}}_3YFP3*?6F zem3<%Ij;IpU&li)e zO<#a}>J&nn1z#x=xT?;y2$65K9jjJG@LHeR$va?kulfcnYNU7rvx&YK+;;cQRmM|6 z$J0l;(>O2l7)MN($XYjBPDn!d7KInKkCuIQcMv9(B4X+@&LZ>K)065dnpuRz76K>! z0IiIL=|ohtKnsK7qGMt|yaDL%fWEIv!-<3%y`RADt9h|2XyCx62&vUEBHvP;beJpn z369LEdWo$MhXh48DyKk-az3I;i@5@aLGjh)un7aSAI2o}XS9m%R_>)rC^ZzNS|H&cjCJ8+ zx0gP>HpATXX5)FG*22%{9vJ4>O(77_5H)h9+-S_N5(z`X&v%33kgy6)0OzmxYBZIQ zFEa9QNIhh-46xDxW>QsI(935SqH>_bPv)3J&>VnpNV zPcXe8v4D1y@7kqCtJAGMb!ff$J!&aLqTYr~wq{!n*uhH3jtF8Vm5e$JHm=rkzC$3& zu1FBx(pJU6QrwOwK#v@eV_Vzq^COAYb*?+|;DzMowyPgY7t@2mv^C~O_`=noA@naK zz|DrYU*AP76<{I2Ic<=6ycEI4Xu~tY({Gt7*+!V3N3C>ud}muO;G$ZSOLk_7ILrL^ z#V^XZT~VCbY(g4mJY^fbyBB1MS|pF~|CSGuIg*q~p8qQ?iI)#z3G%Omc)uzr6fUzO zrHZor-?+&eGsgemT*gBFkMMs8*8f_%C;TI0s(;fxHjF^;pC51``w7B7=BMs|-!7H7 zk^Cq5`<)cpVj$aYio{TkhYK7&!EXOT$9qPJB-@T zL#=tr8!e5hllXlx0wQ34RBQKRLJU?BD)aZ*qFnpw-1AOnLF$c!C54g5Mj$bY#EfLm zY59v`n#M2kc?NU`i#!A9{AYKv&X1UkdJKqB*w+~4laU>(V$9BpSV|N6CHYNBvJ6E` zl{~%M-Z~4p25ByRHT1dwnUQ`WnNxm#;1j*!dZ0-b{0UfW1U?yRtc6@-86-5shZ{8l z0Dn*AcHMRd?oFj~q(NP>avy%aEN8v^6Q|%Gc+HyrSR@7>@CyvR^8{ydUjT3%WJHjQ zJ&H6g?5}ZQtX8>FOFG!gUbwxsF_VGNSG%rBMV*Xvaz@*J(LhDk?<>>dXIS4*sJQSD zuYkDDV*Yo>Rn8&r9?cFNSPR&vDE+(1lnx!U=HUqrbjHwUoHR4n0y2Y?B&6J5vI>9K z3KI?8YszF4^fo*P6Ebs0$ha`z8L9F zy7|giR4MelwGg5(Q*hQnRb{8fl2xW%6X-76L{KZq9|DeZF+(g#WTxu-1e1V-{<#on((yij@9 z5Dn~%8^O^|22v7aWM-romMymKBXjagh|~+Oj-noSc20jc3`o^?G}0%J3a-gGd0}uH z@PDHwc^LXY^pWf?m$)9RPOuqFzBIiy7bGh1lRO!MPRpGjVrQIF$S$(Ge%=irn`~35 z+U+MFJ`6dL=0%Oy1;#@(=}Z^}ukU6MbpO&Tgr@6ThT`kK=871VJ&C`wrG6n<>|tl( zONSDaqmII^i>odXf!Pe7n5LM%wz^&gd;vX!zbbLR@QRhmiscrUUUoFkBi7%#j+lIl z(Z~rp{>sRDfsf(^b}MGd7igt(oWnHqy_4(mpQI|v8QcDZZ_3b_?uh)lOc8oR3jBl^J)~c1hq(; z4xTxC<=PjMpEj?)s2j=fC+$RRXiGke-`=U(7vuuk_E`#LyC?2W7Oj?k!s49U!?2oI zPcA3SfB=}qTKs6K89J65sUjUuT^IX=*j5izeDt>|{6=Td{j->1NTUtOXB(*PCu!%}P$S*Er@~F-IRrtkS z@wbn5J2%OQfoV#7h&#$XD5F76z)aAl%yfT+g;FCyU3Y=_;aaZLk_|9^2{p&H(&rzp zlTri0GbDFkQ?RDj_m`IH(j1&=83FH5%502ZK9l^(Q}T$Z;vmgq0ZDl94ujTJ2l89fzLbe8Qd&zBt?&G_B9Hnl$8J`80y0c?#~Id} z_u)^vIJuw_sSN~~f*s;0D?cnGnYXZHB7{ma(S0K>){)#aG{Zl2$@wk&JMj1ipfQ|B zsQQchjbA9R$326uh(dfw#EnO2E?TyHT`m5_8`Phg+Q`fRTBM@7E+=8@)6`9l$Qfxu zH%5U(>HOA81m86WvnrCUTekD=U!2m!uhYg>wRwsc$3{>Xr-*3Y>f~#AL8% z`Q<|lTdkkzo~g|DM^)*djZj9;oPqUoR%0J8E6=Zp$|={t!Gjhro_@@3VWb4n{BkdH z461&JxhEtE4Xx}I%Wvx!b{H>gWx<7WsZvQJ){&+)k(wxyQc%(AY-f{^RiYzY9&GSG z5?$qLXGa&H8yNdA3C}a zxUh6eRaO6||I`2Oe~Um#MkX-%uZ)7Re_<4g{)|8vLqf9@Fn&mH6cxnul4cZ~n%j`9E8G5-IN z9pgWuN5MGsuQW;Ue_*-AQ_dWSV58h8)RxK%?r?fu$bNtKX`FsQp#bq^ zos_;sK)KBzTJas67md|efhFG$q6s$j6(#>Nr?Ea7xO$wp)x}bL;pV(+yfc~4*lpE{ zEplbQ%r?3h%FJ2$$}0ApwCXU;ND~L{W=)0P6Q_$06VFP4+Z$YK5qwTFq$<$Q-8~go zB?8#t;Rn~ONoxjW_O8OHI4uUTRSLz8NIp$~Pe}le$*=y!WiO2&xx6Ag+(}2JxueZ= ztPNESA∨VY6a8n8~tHE=1Ph2lf>vK;Hm7a*(wQf&fH?M@rYayU}GZu+(uZN;I2ZHxgvj{rXH zxqwC_t&M`03~q^{FiWkvYbWNV8=k5J^P|)@LkDn<22eLIE10gOb6R*f8ThX151KF> zZe~EGe!h&Y;GXfoD0uv;lM=CM4X1X#Osgo_5+#>`QvgLa+j7nD>l3+BrU3R&O8{lz z^4Dg$FDqshFD49|e}r0RjNoJ=jA@ILIT|)%856EPLBo_v#ZdRxAtRod7$L7jdQ?=8 zvF5L1jEs{r>{A)q$ZHrsV_ZSJN{kWOk2OS0LNTTOWu>?M&S7y*^c`lsEB&n4-`Cnb z0q{7+<2#?vY{n8g6^CBM%yF}*&SEmNG9k937)IRwt*oyVRNik?fI266PPn-_W$uN6 z((`;Gu1sFOD8LzeXY5`wK*^drqwW<3vSi7K06$UeMX&>9KAgaPI0m-A=V`OM$^o2U zJKV$BPgK=jg?nQGeMI=9p&w21q+b_iBmbGXan^M&jYb##z7fDzzX;5Ti9UN?Zj*1k zgE`bwrBR~4yzZQUgKlx}^-%6=JM2=f4nG_&gZ7aF3>rQ)p>(4Pe;iPDNpm)U`T55+gsFFB8 zs@D>)xokHX4X@9?(;P@s5d73l{Xqlj+_@$~9ccT6*Tu`{Mp|XngF7zqh1c!4ySPrX zN3H$_%6IGKMOCs96Ftix!^sw2M1&<^1oLkk*h3trYQ6Tq+fS7t7V=lFA}QYa+Bk(@ zcjKhQ1VWXguV7W;^=BwIuCYpJ+|8hxS$*T*r4M#@yWe;}Q9tr-N|nUjH*(*Q{ zQ-5#qi_M{^M*jSrk!HR{X7$~>EqqM%X~pCEJep)bojrW={a!{q0r%0Fro6CE>LhJu zMXkI!zWtxC_K7kt)Z}ZvPEX*hYu$#9O=+t@Mbm5tE3R)DiI^<@3?j=-w8Q)gzh##49SB-*ME#~g@@;;(}6*A7EFN70Z2@6RY}Icro@~p>(H<~PAM|v z&`;#MS#qN&u2(=Bg$(^%cWceMHP)&0%OdwmccZ`{>L)g_q8#3jhpyfgiwK{3R@jZ z@=jZER|29;qcDf)XF=mKOZoF><`>#qn_8eaLRyhS_Zl9DBVFp;y!r%OLWN>d6?rbl z3zUR)oMk#uQBL{Cuu(EWdcoSKNFm6e_E2vSpsB6AT+jloig7WP{)#07LHzfntPI+) zA5YA`9?hkZnN}SjNS}19&WYbVz5U)BFGAXS!V7P&u@YYM5iHA?Ewya%=53xrBG|kw zJu?jlBn;8=ud@T2!8aiu+&oEUWcA@D*(_V{r7Y0R`e(Eip{3&joR;0ftvE#F)yzNR z7jVQ{CeM%xIUqD2p!dLB z7>EHDv{D(xzTF=>q(3eaD={eDz@ot`ns+YXU^sfy{1TX3f|33WqZvSs#azOhy;r;| zqYP~7;w5|eN4JKjDrc{2c82D?OlCY%%Qp`GaSqt zZd+l&lmUN^rp5O4(*I^PpG90W#&u(v@;)-ep!zQCrDXhNl7`-N2A^9&gS z&vraB-hC1XX??_KI#_fap3k%&QJA((kU)ek1`ciYUozj+4aVK7c8kYW1Za;7BCrr? zfZJ_jeM5td_BU8gxNWcL{Xu>aiM5k#QaZtU_h#l{8Rv^nr=UxBxiL?~VcrThncj;1 zP#VGf$K3PbnTul3C_9(T-6RJ5%<@n~9*DI{Bs@4e--`3!09VmCbbA2a!)2Cs zBe~E}BLJ8d2Y9pKmV%7mH-73EqT1J zYa+qkBHbF4sR?if+%{(cL)>^Whl#$2w8c{}c&MUS9-#Pf1L1?qK-2)BlHqlMM7+g@ zYXRLs-&kHYKByk;auxJ4k?;T_RD5&>XgqZQ_UMJv7utrvL#|+EQ+QRbH8xwtYY5iR zgT>N(4~;)1un;J4MOm&Z{+B0*$iF>&^I{}lJ+btkbNK&0ImBl_zs{xpNE_CBiGTmf zoKtrzLgzg~Z>vgoBf{W6g#MRy>0HXcm&#r*e0@8zaX92)*2Aw5$oszf=9uN#OxZYf zVn}d9vi0_Z@Rz<1ZomS@H-RDvG5Nk7O{s$$6NhI*`eq$HcDAxY*ykjs-GE%-auain z9MW;7dMaU+@mV{r-_Wvrw2e$j@IlFA{njrVbVzVL9`w*b`~iO#!8j5ZBNixDD>an_ z@iEF)_c1fLq9+IW3W&o{cbdlu%BPIP4n<%x$z60K@nJsS&WlxD-scK7>>T1%Cy6d7%CPeO>+? z7u(Qx}BuwqFa7r7=?Gb5p?4^R5lfl3Haz~>&9CqL4<~bEV zzocY^Z2?DX!qdd7u#2e+*($o32o(=oVRFm8@pFC&LMJOOLibf=}x=CO%dWk zCbotR>(vCxG;q+wyqqY5=0KkT;Ld^vWenlBPGtI0@^lSl89+IrED+l1j{?lTTHiJp zH_;79{5tXHH59!sZK9*vn0M#}H`ekiqo%NID?aKq+EYYOgX*_og=Y?Zg9X3s^^u=b zbv_dn51$xMUn!I0UVJz^mfLCcyABJ}$>^QYCx&GUCjEA=5CT1lP&8S-!a!%0z%L(iYqT2hrhcflJHo`XaYanv@A(UO)A>nEReK#^9HFU6>tF2lOF^(M>8t+plQ0u zHKP?+uEwk)4RzDn%aqdP_PN8}w@In#`*EKGGq8A=njIHt&lhmhZcjX+zwG6TwPcpctZmLr88ZlA9!D{&ykVDfx^GP{7PiTqUhXlEMB`9 z)(RNaw0LdsR;RMe8L|4fZ(%hPVyIrf(m!UF&Ky}n7hT71ykH(R8W#3zRq6SXRmsUj z=4M2vrMxOdVfe3vMzk|P!L$L*x-I=_*mNQ~ZN=o{j;BZvBC`rtm(gQZ|8!`x$8c9? zd$F>Hg*UIEySF^>r(;VwX~d>~j#_^+txKn0&cH6Nn)U4(-2wlQb}dQ*&oBaZY~Pr1 zHBF5Wc_5CIIiYT_JQm3lC=5DXBM+Dmw`oQxOCvxlZlva`TT*EGXCq*obKY6>wO_}> zs>a~Q%tAY=4Y1$g(NFOroLqB=#=-X;RA-KUJ6T2$&oB7%h!j z>7@KEw6y_#@0gtpII#s_adze=Ulm6nK|tP(fvoKv6qyqAV8)*HA7}c75sIU0)*krI zpxWT_CDJ6AJHb47iwd^aQ*`USmvq-xg9=o0F|ng3Y`tThq3y6|A-pQQ)chp}|BOBn$kD4-cQTCQb9D2ymz~Z0lF`C+%zc1YbH!g0;Qk%TeHxWNJ@?P8Sl`Fh zE0nseHz&&ajeG6cbZd7$OICK_0~OrPZsDr6^Ysp8vIY?C#GX{}YY8c}x8|LWQ5YCZ zcu8DtJRei9tipDE)_;JS+ex@QC-461hLK)to}G3&S;aZv@uvptZ!LH zD;$x#M_|`OM;{X)W}tFg5d77ne^D=pOLgZ~?!c4O0Kzk^m+^|VQZadTI~Ti0IzxIO zzuHFYcD=unQ3I_tf_oE%QxPuDu5Oh}8`nU9Bv4Z_=zqE9)2ZSu+Y1Ap9994(5WjH- z`~KfM(E}rSk&_tyFYMKa|H8-|`&W`C$-fE`MoS#d36w_vH)7FjO)~rk)A!9_4#oc` zKFtyT`83Dl{(S{@`%5$Z|KQv|8%uN(JFJoh;%lNx9|bm^Wqtp5t)7+R$ro!V5MbT> z8As~i^}nCTu{8Y8i?RF(7BX8$$kyi^+r&XWr7hHuXVs0(^cEe@wiZ zc-4bjbhsCx(-J-XYg`oY;V;Y_>MfJtK7V6PA;D`p=tS|p{_WEd{XF9D`!w*O$f25# zToLaxXD+SurxUvrQTmTq8y?5BWkUPTqGoE_GR3Gj?|F&3V$x0WulVc0ffA=T**+0us#$2{fv!RY0{mZhGJ=%}H z@1%Dygx^8>Hne+2IT$x z-~X%Q&fwQ>CGU7&^Q5SMM~LslLDc>;A0b10Uz>=+cTBx~q{#U{*v$Vh*4K8vH*^1E zGhF@Z663|czu#5U|5ZD^Es0RuK_@O>zIs$7y!( z5lj8A@a$JPd-SLMQ_Rt(yPr*eSWo9OLVpCp_^Z~$|0!wapSj5R$%sSyoih=N{@1)# zvRm^PAK4GC^S?C=;5tUUBa`sq9n1f?ZiFNCPcG4S@qceT?mHfSyp8+6#uK##-;wx~ z$hfv6A2Z43J*jHo*Zer>`j`Q_?upU?0ag7yD+uJj=Z-a8cT&=KU84YRW3Lz9wf&pZ zJqh~GY!%UXM9%JF{`*9z-3piOM!50R!q@HjZ}&kAK6>o7JO79FgcLF0Hzw@4@PBFV zo#+3tJ>mapd;j?4JJ)ZBFgv?{eG-XZjg|dg2$KJ8hvu)}Gt{orpV2$s>z{wIiu?Q6 z^GoQRhw7dp*`3H6Z7%7qC>m{tnu5)mp22Z z*`D(Mv_0*4`_9q-#132X-;pX)CfierU~f!4kH2_j_KIM)|2+3U#@N5#|Btb|Pk(>? z_%zmok)#s-gCdd0>b?+yAV>-R{0ZaakPvg6GfhGs)9lU-VjX3h`z-Xa9Z2@A59;*k zNXujNh?cWOZ8syGsj^^tDq+X* zt0%!ugdCeEXAmG$fqnO;wjB}RIx`SMUR$_uO^OPhU2RDAKNo&cjYvRT+NZ7{bmD@L zsll_J@652N`c^6sNQw$FCC+Sxo2Du38M0Ba(#*QK|KZB5ca<@W&w8!^#H{X*`$rf_8^ZrSTi5Vlr7xG)?b zPWWL;Tw#&MJH!R%kHKK*}uM!00*Qax8t6@!{hin6N4!jE{B#VQsKYbjl^P zHs%h8RwsdvdLDD6W~FoTLMDTwS3qR3g29(sK6i!iX4q0&+r|0LvtUZq58wB?ZgLLJ z3PX;gSV?US>ctt>=_`6^cT(!ks=O#dh1T2}9lkM@iQr|Sa`oWndNDUE%i?RGSG1MzYkI|N#7ji z|2t>t`Sttn4fxnw_E*g0V@QlxTNbGj>|zsBABp?B_jM&c=U`G`&c1{P zn>MGLJ&N|2IGsO&m?|Q#wPKE{^x6jPgs#76q{3RgteWW`#OzhHy+g1T~~F&*c+e7*Z%Wa@&6y6 zT|0J98_W@K(@QV)@0rQz-k-0WE+cUR^~Zr(vmsIA`u?%KNnW`#jym*|Wj69d3r~nF*}!GIvp+ z5k+jyv=ol#y!~?muc@Q`(?THQ!zN(&aWK`);%RD`eflw6`1 zcuzVX!Y5@}0|Qp`DynYR{WB+%oORj9mu-_DkQAs!S77-U6&;~}mAN6&sZ5AM8wEg# z(&9~$82{rp)M~$pQPwwJ)R4s6BV){HN|bM-?|OH=n0cAvBk@n%k|V^Z-oZ=$q3E!A zV_IG(L|!23F~EeHc54Q}i6NyHSV7mCif11B;!8ETZ)b2>3DWeXm!q--QTB8sV2-(I1^HZ{NcLzmEawu%q8o9Irx=!9u}{h->X5 zyg;ZWd*gPT*9Ma>wI_(!K;VY!z5C;hzYDt!w#ysophArd;qo`srPfLg+r^vCg)I)h zzmJ3JE#Y*uB|^%}0Z|@G6fq-3{hu{6Lq2u33?a+o)JU2|d4%MLTFt7R+=>H*_zh{j ztF-E`&uu+*VW=LE$ z{Lwmisqq5~wN6H#o9aB2++lnNg0$ug2TR@J;3v6NWGp}pK)KC`Ewx)!rSW<;q;^2q zqI~$XOcu&jw}j4r>N&Ud-p1pzb5*5@tM}*Azm7HrNQRl1PBPzs9$@}D-Rtin*61KB9d>kgl%y)eSH<3OW7 zxBk0?!xU{d=*Q$-HC_){#)2FtvDiBSTLk829Ra`fC`Y`*aP}}Vzbb;S(V{%XEA31K zlV2Myt89hoqTcey6R(B)nv>>FzO-Ow*tccWO;)(Tm$d`zKk@4tnz0Z0JLf*zH|~<3 z#By0T&0KGOJ?Lv=RQBlyZ95rPw)I3kb5wKC@tkfQzVjhPxYzVQvoyCmneSLVid0x* z3F7L-@hNp?>ohVZ?D8H!TL83CibV5hVcF858$^W}yI)e!*d~_k!Aw|SV>J{Ix431s zv{@=ot!SV6lY3vxq~sXM!d=@*2&M=d$+khW&2{SSKRavx>gajn?^90g(>`N1IOhiI zLbdTz&e_~veo=|;-zHl9?mkij*S~&YGenvi0t> zH%_u<=1{A#H;#51k#jwLLZ#eWV2p-U zI`ok%6^>>&+T-G>cqSm?*=KYJ`qPeC$|uqUuq8i0Vj+6AjVvgNA21 z=>~8-UvgYQGrsH1J@fW+>7X7K@a((5xL(kaBjGP&0xj9?DDnGkJ&j$&S=irrd66Ut zV*7p^RLWLoDXt4n1AsP7IQ8p_Q}|1buzF{+`)IUDom(C#?1K*kK|r%GoyJiX&p&{E zM!G!0zbEd--SLC=9KA(%1=}NXy~aqP$#O6D^}8_53n3?I#w2-vjttE&p}V@U->wzk zkAZvW5`DBufXA}@ItMuc;v42kCv~Yr@3xzuzkv`s*v`##_8D9+Z$brO?{RicJOhn3 z4t8^XX4!C)@X8LBfxt3{Vne-q;|rPG5-1}rI}m7nEf6TPAxTwmokN$R*7cBh8aOP@ z*#vh(7VpY{SkKKX%Dd0>@`wOsG)_!4vAMFv0ksFTEGq)F?#@P(pc_29O90r{L*cTa zxgxJz=)<=-VYBWOl@=bg*=!lq*bE;m(_V0S;@VIVi5l*v~6&i-TYa&59(nSjZOPQp+lXG4oPNI2MK8&+s9_ItcIwEa^Rh*(9XdHGye zmStMrkE^U(Dnz~%+R@Qs!4j`c3W8w2#qUgdhc|lcw-2;>!$V6ARsu!oxPud|rGoF1 zfK2}z=v83Be9mP4t}7!}fm>)kv9BP%3YZ~Z@IT{`SH#q45|SfwN-J-#l|>>L1@#X*NfC|JMoIB zuZRP}6-o8T_}vk;LdYNA5x ztY$zXF#oy_@T!(y@jyG*(<7H&;{hpWh6ly)xxGg0JA(eLk=y3TJf`r#moA!O3|qe3 zth2CW0!e_+WqG^Eq!5y78+4`=y?y0O&BlwORh}1J8)q7RGg`P#nS zkE5d2Ex`a|eE$S1-}=C~(`x)Cb3ZsE@Ip;|=+awDGm3Z3kVthE=r!Q`>mV3U4&P;g z?pgmU1*qb*UKGE+2i;>F(F<1$(LRIu?rluIGV&8XmlEa}GVWi;Dy&^Bz_D(-&hj61 z@8*0h$}5f12^A*#o9vTbwxKja-J-czBHs19w_^Ll&DHLwTXi*#L6sYXIAmsxjj(5v zoOu*5OiY=637CipF^@F_>>p~f+ErZbL22|!{|XnujMy)vLN&pPQw5V~)xVS>{T;~T z9HU5>l+_do?z;5&qG#(dLWTj9YL%(ExdH^yGht3XUSZF!-LIv}RCcT(<))1Hy&+Y5Cp*3KZI`ZW4hSGOkt~Z9h>Svn*c439>w$O*n2YfQ&Bv5 z-;S|z!4US7wLEp8X5`+|tlr+(%=ct-ijf#b7(+1N1LjrXC*yP9H`-0(-a+41q~BRX z8&|a?Y{ms!PUOCvUpSI^&Mq%1ZA>I|Y4gH&)fXWNef@frKK4zm_TLT0KdMS7ta#x? z-b3inH+$k{MqZlIK}Vchoim_FIJKA*a{O&^sn0LeE{w~~UwN*wd4M~b&P@&g#XT*} ziR1EF1t2RwDEis~Hg-cVQI3-ba&R@+FS)xPTllgn$q~UP>awBa71QAof3ETcusrqt z&Qpe~Tp*^74Ob)DugVydUkBWjvq{L;==EFu24 z^SM3bZJK82nvi6GHl2Osw|FDJF34WYKM}6oh%#bJq`eIoSdDMgCUVe2u7V>;@3aph z&Mxg#5kU^v2ujNqeqW{GX+=$0CImbBrrW_aTMV9CkTsO{2i2Pwk-x_v79qVlTd%;m zVn_Q#)Tk|t9j@_q&y|^tJgUrJbYN{=Av$RH7A`z9d{o5~Qq7%MKH{r4phO=#>iGo_G~^hxz)t z#m-8b-><6LUrCLfDJnGT&~G~mIx>K$SBp)^f?he8qZH3+Gf=gQer&Q^$b*A}UsPTQ zn{gUp79sa*dhu+DZ#>gF3G_W*5f*7naWz!~tUM5c>bhqA!YV>MGIr0#?EjwW&=jM3 zg{H^=h>iK^8#m}+^sIyIbh07#SyVbK!AKe>dp`KNJO;^UaST}Ej)eDhhj)p)nSBGP zp_R|80VKlW#Mc$Te$T%Vl-Q_Q2-GwC`Af(!?rE}u`MsiMn5c-^hu6BR@G}F5a(wG( z6>4KdeL4I)JC0_(LshlBsw;Tz{Ud^al)Ztqc5CqIl5e5Yur@>{oT}K@O>ZK7H z?M0Wchgu_ais0f?S0b73nPPxnRD=d7a8h1b1+`|m$f+Kg}b9xj=}O?MwVMar8N ztCy0skvsov)?}08ryT0$9uzVHT{O{9$RXpxxBw1LUtXH})(M2*vvT;XA)m)dnGF7N ziZI+0yZip&tAaK3GBXe`Au$xem3PKJ7jt05arW<&yoBV*>DC~Y5Gve*N-Ej~EiBKU zA8wbMaBeNkQHb;vl*NlGmzqi_;X&7T>fGr$3usCHB&D3_W=X7^a~NyzG38!CsH-W53-#*wVu|^E|258AO)^b21oY|lPXd5HAB?Z|R!~9| zuJZ`Locl&>!_>U;BxNjG50MXrT@$E$ZkaX5aV9}sZuN(Z2(KJV_9oj3@`RSLfgug- zp?9sq>4eOcF2LktE$$0P)r{Yo<=yV3huWwf$(kB7G^d)B&;5yGkLD9(wNlitA%^Yu z$rHtdspyhmAY>X_CW z<8Ofs6`1_JT#ymE9PE?z?@o^?Adf+rkDA4f{C&n6{6>o8W^lKJvK!kg9rdlg5vZO` z_p#hD=QzyC?FPB}>0@IK7`i`2iaN~Wb?(KMcswRoS#TKh&;Xl$t88ho)R)kmk(-33 zQm0EVwa%KsH9O-{dLzOs8Z9f#(Avd%8n zvJfdQ{tVmdld>&uyNg9r8Cz{#gDYKL{9Oe19Fe1om-rOZsk{!f``#+^_Qys{>+4%< zi*sn$OW1Kz+p)@^Tz6wiOznL7AN#?#kFLfoMhlfm)1IyL7?xC}L&E-ChX~_hPE%(a z&)mLXXnsE`qlc&Q>`#z6Yqb&gh5{viEy5d0InRD#;AbyWy=^bCRiTH9vwf*dr+@*#b&+t9P@EMK?Y6(MopIQYgou2$a7eSHWC z+Mj>zu$3I`?N8{KY~}3~rD5j6-TG99d~k5tUgzJMw$~M>ePz6zDZfUIfPi74Q@(Ie zth%$jzW8=2N{VxYJHqC1ehk?O_EuYwuy#856&e;QeWPQgYKY8dIQWF@+y_f$K9Qc? zh2?L$;tO9?eB2euE!rGh8#;-5q21xH(jZ3ekMCcu-+#=nf)DNl_nI%BkeHbz*~%zL zeZF&7{n(4#l1(}zUHWiDUhL}Z+G=*u+D-ZkOtQbnp4X713s;Xv{`*RGozXP%W}v?! zvPg+&m1F)z^gFC1=EBr-VMHop_`lLa06>KUf%J3Lg*Cy>5Rn+K+QKsH5y}INW^ge_ zXjFYjrph1I%G-(jypdW5274wDA4`k8sU72729`E>rq@s?M$5jISDbx|Qsfz7X5c_ZYX)EM_eDVw+` z=4ry;Aryil^xaw{W1bN8e6B(ButC-hpMir5aU*tbQ_pPQ{m0VU+6t${vH2)~83;lJ zS9Xd!Xd64y28Rc~S`r1+MaE5-<_f{e5yCCDvtH(j2aqYAl|vCgo(8c6G|jpcHY7#q<$$nvzm0Fu^hg~*sn za9`j%SpPC8av3VN^haBqgW^eTL4WUa*Xj-=U)R=fN=U#FFtp`>N57Fogeis-^? z9LHIKq79aRF?@Z~)^o{7Ec%UP(@(;DgQPb+0llz%=FcG8kR9;Aw1`@s7<| zGoHaRgOpvH;w@Kq$+n`6aXtx@lncOFqP^}!q(@F=d04L6;;zOPK>QMD1 z8Q=C1#ngYes&dbkXP=xbqBS@vIJ0C1`rFSBf={j^rRno{{7^)00&wjxc>RkLucCA(3RuG1g+&NsS9${&cKT)g=Mieg5<}p= z$3DK(+P7Z7u;9hu()E|fRJ8hU0MW!a!5wlVsRSFY0!f?HQhZ-7@5 zhD&0%o-VJ5I9~sPb;OQI+46!m3(q_NTlg^+M#^5I0ME{Sap$r$p?orzcT=*H1xApS z`T}$7CkF`Zw}m&0kqe4pvD+&PrR3%GG87PvyfWxRxLA6E;y<167%*Es;|tEfw@?v7 z8ybSKlf_~s$!Y2NAQn!)*APGa&<}VUt7ic4o2cq)-R15(?rA?#cX)eg`tE`Yf&ieO z;{F?NmL_+DLY6^IxiNS00(IJiD_tp}FDc8>&mw*S(SaF+A{et zY=Qf|zF&t0#mnFCR*rz(#902_+Swt){?HACr=x}lvKRO(8K}m5!%}orGP+%#nDe`^oxB*4>;2>lmguDuv z9x&?b%0Yd;+*c+{w@C+l2gg=Tci3fX`V|0<_N8Eq1_t(1ia3(|R_AF}&G={$M^j>K z;vOC#Kha8ap9^CuDhj(>)xhruG{(Kbve=M0E+}W^>h8@zHGQ|p#GEe^6EFuo`1$PR z%k{a28wsY|H!;qVMKVnAgGQDeNJdY^+`4a`hggR0_%GHi>nlqQj?3b!iN85T^t@3q zq2n3+69SeHbzkyPMXoV*MVYLR60?yao=iGDHV7frulwF`p*a}Fue?4VBw(q>P4!t+ zP4n(`v6|LZ>L1uA+&tv<#EdY5<8i>Yb7q-!$mYU+IMQw;EOD}NGheKllVP1z4!f&^ zUE(==rEv&-QVb}HQm~8Ay6?~oE(NJSS@V*{w%S%dpVcV{m>-e#6>Em6e*!<^-I>+Z<7^<{QG9);dT6sr(+)<%PB^QB?QnQ@3eCxl*AR}N6N<*4HG zF7B0B7Fx(R20TYMYkn7{gWWo&9fdjHQ4UTN@^AK@k6BHA@>gC?Wo`PKwlIyA(FT0> zw4&lRysw&O9;1a#E3CZvENC7r5^&YcK3>{(ntif;FzI7riSvrTa5B&){#CAf*?B4Z z6t~koo#o@|wHN8Xt48@f#3L^zFQ<;bQDX>;^Qw^IQ%|3AQ9dMF1==qk)+Sk0^UNY? zr2v!T@44XAV6)E8R6R;{-A%bfd=BTmgc^n0O;sFiYPIU?->%XLwVzkmZ!}p(m6Xl` zb3quqv5nu&AFi4*`ETDgm7rHO9|NIj6Vi)piiwqSQ;y0(l#|$*oZEl%RzXi}eOI4$ zpeR$+eY|tpii{GD?r#7Nt_5(~-MWTG>diN2!`TvYJ!wDcffjkASbRz4fH0@ABAk{z z*pg0w^K7Q8TXywSHxpqe!Z1n(^S<;a*;1DCN|TsR=%7fl*&Jc(q+R-wA@I;9go%y@JAu;7J!V= zYH1ub>`CNm`zdP$`DhHhGe2W|?1+0ZTWPXErRlY%v>#3G?dVNJi!r~Sfx@|ae$jdW z`4Te^)W;;Rp;RM{Kee}q(zTgxKiP$px-VuxV4YSAdhIOx(gs<*se>&DsJx#Ngy$q0 zk%qvTA-jdgt>L8^LbWbi(=KEdw1vo#WdjOiH}tUvOi!{%OYD@Zc41WbY#gfKU6|7o znbpa|5`_eQjlV=LJ?dVL?LB;oz3pWY6gCy(&%5@{7%dc z-nQ~t;r&EN;Qm_l>2?SP(Q`G^sB{T0fjPaC@7-gwFX@BJ+~B_L}6|$4dxI)J1dDgmknpYC=vx_k6X1He1OA`)cO{GDUd}J72EkJ zzdLWBfa?71L;KdMJHZfpYJOl#EwoOY^U%7Qxkn?G6Q<<$gkcFU+G7MXZV^&-#`f~28&qLR~KK#Cl3~X zoOW-r>@u&*l4n`4Jq{2Q3g;>gu@z#|W}*1Rwx1G58Tw^ek_vG96t7}WH73fQi>0V) z?5c%BD{n1;LU^0P_HcSY2{7>Y8)mIvCR zdUO=BUEJ3Ybny00$tChtz>{7_$BKrSNE-0<@sV1ziO{=w&%5=)2BC^q2?9RnNUvmI zgbzcDVZ35}uz(me#L!N+lP!b&Iz zuZZMQxZ;rv0L9{b*NES(F6EiBkn+wdKg#Hw>b=OSYfr}h&G=a>XK?3gl=GiZZ+}(j z*|%B#8avYtZm^7z({yWr0c$kVHyrsrobDuUIon}8Ey0|?h=*7>)C-R(JSWz$9PHdk z(ieE%=o9x+ah`(jYO`wV<}$%l+sl3cTQF01p^4TDat@@T%O%& zl?r8F?hrY=R9ZL{(6r|-banI8{>CKT(C%67RfN@BeR)+i!vF4} zOj~h=pz;%;xk)cm%Rltqy^;>snajA$XD1QmLKX;;=<1psz9e|xqUe?|mvD8^m*Oz) z>v?Y=b-bVh6YUE0Pd7?Rj9EA3rxwl}9kYGqoXqIkN*26f!r%IPWe{9ZQ{lQD3dje< z1HiaY;x{eI;1y&SG?a&nGW*F{#+S5Yxhfta8Jmz90gsW;0;q#S|63k93zba>tQY1I94R&`LmKB-XL zU6Le$L(>NfQboRw`P=?94mY~m$9iMr2g0j%)~;PiIZAL|hd!E4_Jf~tI^6DF0zOOV zOt)uc?mZ)Zj`&P`u%6lA_*TUHi~Ig%MrwA_oZ*+Q<9u<&&`MH42E`R@zq(RGc}7E4 z?nnXRwuboWXLztv6XS1c=+Ew|FC zg5oW3_btEaE95&4rC)8`&d~CC>K#j8N=UFnEEhe7o92VoAm2}!vozd=CQ*ABH=H(A z-)C6KT~YIm9SBy0C4bEGi_iJ8gKi*e&2*SeXTii4Yf z^JnIx7>Bsa7B`VGE&i-3PrLM+gjcR!@39#dRN&Rwn-H&$Rzf+5VRd>T5J!Z(s~-?+ z;lxp{I{B(_Q=xC$4$zL6*=So`jY3uprHZsW-mV7;acrF9E@qwp4wvfyVP~ zF`5l+(htL*Wj-=~T$G*Br96bA{%&ju5!E8n%zCn*h}DVlGZoW9eYVq@I%K%Ak!Z>3 z7h8f?erqzhbwK|c7^L~)sT4kuv#Xk;1(J`ibgRlM668{w1y)o9BI$hZ*CbwT3J3gZ zA)AU|TO{%hx! zmD^oHFO3`_m!lunYNbv<{J*L`hL*{?$zRm>+(RWwuH8lJ`_46}3R&vN)o-V8Rmn|c zQ@`A7Y8~<5#K6CMt|VVb>8J^Q17-QTHxiUSI`A0cy9;HN=9gFa`;ia`Dm*dG#kMtd#cV=#MTzWq@F94JDw5%EnJPZnlZNWZHQUXE_ zGD4IQUI7OM5n?3fVgQtFZsUrdR}H7pL}L;D_NMTGnKsr>$Z3$XWIlILuhcGHLF zv5$a=Frny&zpm8FM@>ilXmJU@B*_-Gtht4S*h@$Q#!G^&VK6hhn`jnEk5Rm~?Sf{H zr{eq!5!(WdgN%@818gy%hw63zgXT#ZF1`qu518MOGu?OyZLN-JO<=8KI5$8e47au# z)ztbGQqp@yKmqQoK7OGauLgncLex9kj9%9V9g7HqbeLa!4^=DKTj!%!waJ!@9L z3Fe6!fBVJDB3D+tv|Su375lA|-{m3pwThETUOvVHSo@2VPr_4^%wabgxgQsD_faiB z1%fp=8PnoG@e(JeH>^_62_0L@N5EFH&f&=KLsgId7C`^>y*PV1G65GSiVYQN_cb7? zV?K>*W)iRra0haIUXJWN##{300jUH4z zT&%)8Qj9KoLC>+7E12)7M93VJ6WT@mgMj-^+=czaech%O+Cy*5X|%IDo?iW|Grj^jj*p5sy<=17#bP}U!n-)<9??v-q_7>taR;LWu2zP~)Q z30cxcWeqy?<;q}`^w4-1*2hl6dxxnDfWhezJ&Eq$&<$53{t2 z?}mEepT33m;zblAZmqrL`#JmOJyXgzm9b03Y=eBkCB)J9j;gp}H`qQk5Pu~ebtx@L z5ohipiDLZFL{(_DC5mA}YP(au7rmXwFb1R#LRK3W)&=V1u_@tC{biz{`rQe^OIZ%j zb>`>AV}nKyQy?;qyiv#z#~$~aQv{ir-bpg!m531dzRH&&(HA3z~#G_ zJwE!STn}y$f|6IANZB`(g2HCyrAx?RfE7o1;+|q)XnE4W50*ukrt;yu z*7cfI2Mi_Xjp65Yxu2BM^f608dC0Ea53Rm#Nxq9&yqyFCD})AzwR_=ye*Jryjnf~o z`by`g!{U(ZX0+Sy+r$cvw@cF9l?fNUpts?*x9nH-|j%9 z0i}QI`>|KRKSlk+WcU+sZRjy})VU^JIvoehSNrNo`|1UoiZpZF^A5cxr$m)1!VJy? zCjaZO8xj`@&CD0TtB%qaNRF$=xHvi|W0;+7uaIbK-=)+J9SivSA^bf4OsXR`gWB>D zeaFex7`)R$aS1VXMnW`TQR=h{*N?%UiqCB6h|qok=ZGL2!OA`SeCrVP=yZk%iizR`wNwQjbvx_0_koMmRpp;57*T%UeR=8Gdhk z&z#LHg<@(8&OW<{0aCY6IQ3+NQ-?6Zut@NtGIdY8hIIs8Jbh54VzEm#p4Bb zDCH1w!#r2^TjKid1W(}cALm85Mn1d43PeS#e-l!cHuj_jtGlZB?Nte5HwJ&bMM{0@ zkW)}XhIUNJ5!u)AoX(~d$XUEKOsi*hyV%G$QH-fD9mvc+ttX{prkCvw8>#q;VfQbi z>^rT*$~B|a&C-_a8XgaS>RO|qrW)NJ$iey&3J9R9$~P@C(!!iyD@=|RM(}THj7s=8 zA+Y4rH1&G}1#*T?M|V_-$$pti3%$fk+Khm~y$=gqt+S6_A-g{~6=WSlGzeFrZC+4( zgaF>JW7zI=8VOiS?#M6DJJag}qZ@DLP=&MeIQxDD*AnJW*#8u&VcqVGaZ`S`8A!%Q z*??S`rZ=eJy+6>V{u_}7Nbz)a?u?N&gI7&>S$l%7){nl_%eLXmD75Q_DtT&q75V!L zfFPp1eLh@$k*Ge5mlj$1#~q}lAGV#}@)UX9qN{xMiagq;p7cUzDoO`Sw7Sq{di3OM zF20f%-G4nFtrUY&6e6R7cDolN&{VF?$`oB?mg4w%mlsBoGPco>tqrc5~@NHZ)o{7^3A>nUbfpLo$J+3;rEYD>~BNpuVN-lvGwtN zM~7KrKU(iJMT0%F-CKLtYJIfiPA2_Jk+_QTyFDIin949c=v#}%S`n__dbm%iBD+v> z2l`6w@gvN{8~R0YsV@W3k=~pS`D?X3)*5KI zP#GRt{dXAXPV>L0&2BB^s0{)XM$k>jB9j*v7Y@{HHYKDHxkxu$%h%SJ0!wHw8Dpcy zjFyv7z>zG9`*$6z!4cOjCU!eT&jt!@(RNq}G>17gGIEr&Hz8;w;w2?9GXts?pexvC zfljCD0>1#EHK0_MoV}zb4GyV@9qr@S5mU1j;3W~^eB4y!lY}i>W9idOmU*X(Y*~*h zc~Aj6j!?#A%rFXHIZ#(y{Zb17%V(A5g~y5#&ivsFRF6$^Jx8fJFqTfEvQM@je6Km| zo|*Kh0MsQ!G0xf%WD@zs&k?hl@NXW|3~XTwIgn4;b{Nr`3ZA^r0RDlq}v z7a+Lsn?c#f%R*XCQ2OE0!^ze%vpp2? zDq`m)A6S^)H{bgBdV5|9mMjsARtkvQ%4PJGb)ii0rH-hw*cxY3Kgbu#r6hH~BMmru z^lm6Dg`^H1L1n36aH*?k^e51*wi>v)SFq}|z17uCttI>BR%gIaSZz^WhnH;1{i5K; znQgHkc}>}mEc@2qW%bkSQPZ`zPjrbvE3+vgTyBF_X4j5yHq54RkVs(PUn4DSl1z)@ zu8Xhet5P7N;Tz-A*t%O{ZXpe$tN7$ByW!sM8>y zvP7k{Mks#wuWq5lh`iy4CEoj7rJaNl)G)gh1s2QX->}(G=fU5Gx4nAvVmuLSAmt>j zf80Q7-RVw;a0dW--E23nuu5bW`;F_R#MSXmAZ?oj!q^K^SaU!-G*x=0;ZE-@?K#PqQk zP-v#AIrrTfsTeFir7piu8Doh`Eij#b)qZ!_?@kH*+)xT215_yA7N_i^z}L;MPp-Fyjh& zR9Z(hTz9e8>(uA&;97h0`I*z1Zn@efEQ%W@R;T0~aMA;oN6%U>1XPN17lgx1!OG$=L`fNUI6LI`v$UWb*Qw>?rc{V{jtdA8Lt*d2VI@6NN) ze#h0+Ng(O`P;?zZ&!hd(EI1I*5ft6dR=0+NiOY|KuIt7xy)PG@`|;>0FqU9}nZ!Dz z&Ln3n+cD7$rM`!ckfAauRIX?GyH@g15f4G@n`5SOD&em!YV<|V+R z26IDUdj;Beh`7bcJ23fz-j2NplgF@dwwf%|SHi)WCse;^hVKOYep}o225b9J1?Cyw zP(G#s0q+O$0)hFvoRs5h&n)eAHU{x=QzPP@R)47%JSn&&!daAiduA1c>jwGv9&meK zm7~O%@Q1{D0 zop>UA^E<`J+KEwVUO}xhgLg2+@#9N&`U&P6%a6*kxzFntvC+l<+H8>r_EQaL*LEd_ z#mhmQnBKja_IoKeNHJY!!mz%hZc{V1KMb{KNx4{M7BBXPaHX1z&aER0Z0=dZGoTk` zt=KAaAOHJz8+a6%)&=yzYGR6kED!HYG_xV<~AmD%jrk|rKsPJ?}0h!!EyKAU`MA@)CShMY9>F3 zy!t^Kp>%ViN2-;5?&>PNTjwwGm(R2I9saJDU8YJB!f?R{#@R-v-rJnW38({F?*BUuzf+)1Juq5Fx)cyYP1!VLge3z@Bv33yVYy8j!i8i5lD@ z1XqToro4^7@ufw`j3ktq*OxV{l4vD6egUc)F`elupy9eZe0wGJtH5{Ve0En30QBx2~g5uE3Nd>}BN6P^TSsv5a-Vt(9!DIta9{`nG1%_8kQYq!Fe& z3>IU5)f4?UmQ!08(%?{;PDgD?X8L%y)0-X|y9FWv#$x_FM!8TduYBTWr*`73(!&1r zoaI>P^f{V+3{ilc6_byXUGVlP{BF#3;dGa+oKo%#r-E5 zKc)A3b%gb8dZ|w{EmX}bBkA`^wp;#U7)sBY*jOqtG)zUe|E|-u^UP5k@^vRnZ}4Jr zVILDB{X?q~sCW;(5iT>)OJSa6?XP5hQ7qx;nw@Ii&LJ12Gp9`MDtn^N8qEaZbx{q0 z*ciQ6pv#YYg=g~1JOB1kxXL|#|86s|?$180zEad9mt`;uX+6O;R&9KPJ}M`3&%Y4b zxvAZ7+YZhZoEs%;tC7+eIsq7EBVL&{%v)jQQy{LF`MM(He4uYatQ2T z1h|X^KKh8`2}ueu+$oU!eCwq0@`~qDSTte$i7Yczk>_#(mItc>2Z55H`&acgE!T`^ z34JrtOj74QJ=dbtdhT6iz)}Ya;S);J=eu8hw))z}lryBve|I%2?XnG^HzNt)^41`s zKTUce~E8|CU5+mpSCR$@ErqJXJXTmuAk zXe8gpXkG?{AyF0G-f{5bxcanFf9wI%T5N{4XVATIC)zNDlvGoOkfkO-Eoq}Wn|8+~ z;WuIh?3JQyGK9+=_tcI;J?LgeB;3PvC)I$M1!gHEx(FXo>ICbT{^_6>`fL+#Pp-us z;3>*zs_BP@HI;=59Yecc?kQopE|5vSJjAR9!dMLJ`l=5Ir#~*IO*hpg z&I^2x|0qgJFX z)ie8yF{Uu5!J7nW!T(79VxF`lKU@5bt-@bA`0ygF`UzdC_Et4pmltlgD<}Q9xsC2{ zV)Q13$or6GrjG0W6~f(_W=oPQ1)t;fBz2^z1sN3k!uxE0cQ%5Og=)Y0G9u@E57eT= zMf`L~SE(KqDMk3GK`(Rbg)HjH z+rRZ-DiBfDB?cKVwXISn&yyGy&vn6P^>8;;qti?oMNweDJq=G4vu<}~N8*EB+oz3e z>z+ftNy_er@*Ufb46)|M!_xe_G06N|>qR|3?5=&iEmaVQ0*+vW@Z2D0WOga@@vd<> zxN`-B8IC7^F8csB#3hQ8a#-kn-p~ANH&L*@ja4}ae_Olm$!LVC@?8E#AiI1o3L}#G z_8HRQyLMUIp||l(mQj`IM0Qed(5n^JayBA|P7=?edz#rew*v7a?PV-~&h{f#yCrHN z&OfZ(M$;~q`dB~?QRwWZOTF@j@aGkz5F`gbh*#vYWP?GZaXgPZNq~)3s8TCBRjnxL zEsh8nPc_^Jmw16CQNgMGZSwPz7N{iWn4B}F#J&dKW$p^yi&y(<^aJYC*C@N)zCC55 zGTX1w3UQgcDRHcv;$6LI`PcGLxCaE9z9tzDgEGvWH+sSs@% zQu0g)FB{?k)FNgdebVw3&^F5LpF9lvClJh-vTKv;9&EWzxGsNOC)rADcKET0_0$5J ziN^X@8~3p}8E5tREq}aP(p}7&2DyEC)=vp4d--Tu08^M*zfnXBq zc~b5^oW%igbtD?P*43oUg!k$lktR$>YJ!le7k}qhs0+nd#o6$^+0p$;E-qv?+$G@Q zEFQ?UUFcd;h2;~+!ZDoQ*QI>Ac6?+UVA?UX#TSNVwshH1mL4o=0ipcu$g8ojMN-uD zG@vr&n!Wi%#&h+Nf@(xiAL51SBKx~EYy2eIs|CwyTQ5euKq-)6An{|I`_-gViW^z3 zBlX1Cja1TpeF%t0`l>0w`K9|1x;y^U1^d{>#98oCfP9B%qNfi_^iEyJNe@Fkd*O|B z=-%{z&-`866&`+^rAu7S!{DC3jov4Yh)a93mK{e_XO|mbddy4D%}wvDrEJDLw7+fl z<4JfrY^Ro4tG{OH8)u)tyW{LZRgKz};BfvGZA)G+=fXKr6gH3-y1YtqDW!}uAwWuw z!^L*5pSkFLlZil)dg84&>7KKuiw4Ztd9HLN!FL$SIN&2An4vc+LJhMb&e6FB9ctoi zk!yJd;79_%+}uwv$C}u^$(@O9@c0n!;RamQJ3omT6r_3{5LAUQJ$IFTC`0M&^@`Hb zrQUY+;chmZhu#yq55{!;VjKKDe>AZp#^Q-CXOFHA|5`vXO!t!DcNC9vYgd5vcvl8STqn`J*VG(gxl}geSXrX2}K^#MeQ>X@3Hwg}=XiQ$NVFsJ_8TJFoSN z%WC-^c)BmpXu$K`*N%f7eN@`?Zk0dZExmJ{>S+!6T{xvw)9~r4RJsAEsXpS*kUpv# zHkFZ5>I5DHitUTFBFhzdETIn%aHwocsrmwf$8k7eT4dc)8nvtMJ)|YS{(bH33`MNr zE7`7lq+7o(Q4j=tTC74tKz^rr1Hmn5K0KJCZ$sPj**j9%;G%q|P?b`>&3vv&X-OYB z4%g?em9&~Xfy0mBV#{2}es}WzoM2R5^OxdvVVGzGh=x>-&U!|MSwnb~+;NF=e)qUf zZJ}{fT#gDYS}j=UJ1YWDYG6LlPZ0*EcfYO1u^WfW>`Jisp(m~e-GkRDu)gv({K*jz zK}@hD_OJ@tvq&zIr2eKH*x#7@<*z0le%|hft{U08`EW?4`b^!fpP0JTTwye;!m0%V zGD!ZZeCx$8FAGJ}H5-{KE(nD^tZ;clS*X4r(&a@NiSaqDZ@f;MaV^LLV{mp!qbPEv zEGp}sbDaY|MffPkyPE`@_xJKG?}>c}NMMG16-~YknJX-cv+;RE1T(lB%q>!P=b z9z)omFo2u$bL5ueUFx6rTDIyyy(4-z^JGHh3l$N$k`Ouudu7jiWJ!Dzcdq|duc~t7 z&rfrBMv756H%ZDh1)qqj=EBP&Bdi6|ctyL#BfkdWGbLE4?XoYAB_(I@~3Ef+_}zdAI| zGyL%!7F9?pk;#SUI7Pu&X9sBfih*2T>A~*%y6DnnYZM3)$lqFfTva|yZT*H$1pO3z z(A46!<8L9d6&ar9_v;>az3a_i1oqX8IC=STR%K|2c;SqdD%+8$qVmQ2W+SK(d2R%& ze}Du&6Dlw0m}*Ey-{{q|(GHRq#_?bf@j_*7gg=QRlDSy4?oKH(&vZ2PwQE@==1fQX z2A%ce>2knZJnCwl(XRlrVtOR_{WY;?t9h~1_5ovC+0{T=HS3rI2vq(0!{eBqxEL+* z3BpYhpP7TRCY;y~#j~HT0_fny)5q@XH#w_s#`S2tSLY$xvlitM@~bxr(&Tw_r$^)R zvI+VwvkYh(jy|zl+kZ`BpY-s$XwfJf$DuoQl&hKn5UiF5TOsF3u{8{Yg6lSZD)?A6JGHA%D_m#c zCmbe7KUaYMyeCB+P`WPDgVSs$(mLIPH`)S!mv)l@p_U5>0Ok5bBm#WM8!* zsO`EwBBsMv`q3n5KXv7bH!E7;8TB3~Ab;vi?0_K%7;w0=+_i4CJBTt?dRpnd%hZq? z5%J`Hl=c+ZV{>$c#y<57-*)VEX`oGs;7i2_ZuhikMUHw~gMD*XoV_P|Q zm#*)^5n|LXN_!qR3-Z! ztm7~|bsALYE^iYlbU)p2%uNBnGk$w76x8kp7wtZ)8|u$#lFg;tiC`!%d~hPUqj&1# zQUH0P9!(n7C-(8;D*nCJeBDwT3ZJ4+tJlLZes8tRTd=XIibi9L-R^&}^zEvq0zlgC z9ixo{=o3}-7Azw>+)FN2Ka*F5;nrSZKdAg=!}asaAVr6%bG>QlE)ett3v>50sf|)e zvmF@YdYNSW)oA)0Pp<($H z5XQ+Q8vtq)$hP|V=$s=+?e~*Zj^ypP!FsP+dhXX(`ouZ@7EFC3xOW~cR3AL=#raGj z;8YnVxYUm?Meu-DA@rT~+0V`&A*MhvtbS_^U;e9M9|FFiG}2uT8o!+1OWH?@PMG>W zJr<79egOykjzMKT$2^zZhtUv!b+$)Q2|XcnQ!0HKnAI|?f6?!zcBYN8AF^4Njz&o( zvww4v*IIVg*#?(NqKQ}W|OEmYpX=0u}EK)V5)&90Sm!fDFtkN8xx!J{=)9>ll zLPnqp+)@Vzr*90P@?gDl#m)(dt>wQ3S?NZQUv4~J+THay{qW8*I}(Hh-?K3wPO27i zEfVAFrd0xtMPRhFh6%7(3ENpv@U54>Xn8If^6wvEp$WpJfH+YWgVpF4{M9_c*`P1R z&QA+!b{#>T{7QR1RRWc?>4pV$DAvC0(>Yn3I=7P4b*lFyfCa+!Wjr ze82tDQ8V?wWigu~Pp}E($w7^|(A;yG%RBbIAE570sxw}Yyr{#Pb#bW(oDrf+F^$)a z#`uw)6U#_2T!uB@6=WMlWd4$a?Xru8#~C%PLH*p2O+r|$Utx{DegXN$h%U943c?Qo zHH4DPQ&yd8BxQ#(KE_Q{;263MOV<1Y*_0bRbmkBr=Akxg<< zoLPFrj0qB0GhN@OgCz7X=a%5uK8UC-r}TSv;QI}q(%d8&TtwUZ5-V9w;TAHJXF4!7 zpys9xN>v9OSjP8_Z5NRe$0?<=sjF9ph}E7o`2T_vxj30DZBUnvey_@RD*#6@El+Zt5Hq6lGY zvGBmKQsn^=s

KJp{>b%3Phiy|gvXAEkfZrbmaG3slI>Wbk)+EDf>qwNI+UQr1h z$v5l(Dn1f%u82eNkGsVa)!dHG0e+_!M)U)GLGHc;8VAYMI>1q0;#>0%=;7zinSiLA z*oVg|21;#sCy4`9E>CUm3P``10pP67^j{@HEcgb^HyCT=$>7@n_D2VfLgw zufs#i(Ix#A=KHB?mXVr@5QYXO)}T0w>BI{+id^u*_ z?+vJmkcVc4aJmb=;fIf~DplNAYZRO3HUE+22mf$L3IVATPBzucN_Rn|YZvau1K#h= zR@Tf$!SlDUGTi9J;F+OS(6G}W56g|fOw4#K;*c$f3GC8XN|r7N_ISQ-;q4d^w17{X zwTPJ7OC;l)ig}9mXx}T*zfkgprIUm&{wouBlr9)VQ8V@Z95n$m8C_}u%#q?-X1nRd z{kbfr{CaB)R}$q?Co~{bk+N}}@;jWqec_#wB0|Lj;`bAL5~w1B{`F?I`JvV<`(^>2 z>h3;V>lP=ffp0Tv)FcVwePqFXS&AyCDgg07X5$h*2c8s6R~!oi3;IVBSa^*FD~e{K zTV&gbPWekOG%SssxKH@*G*qKQ2La7aGDDAH!t*X#>2co<^iaxIIIfO{(a$mEA}+?6 z?C%5*qw?DH^=+ydFTv6$q!*+A5z>_ck^%=jJL;Pb7aRad!-&LZpjh+H%I(m!!Mtne z$iuXJ9)oYD8)$7NlT8k${iYwm3c4Bk zs<_uH>GHJzk043_&IS1mwD>$> z?SB#q_+q-*hG}q0+)2*9GB_1tuJ2|<=nTXAw^lm=#5?p z>2uZAXF~zrrJkSwS3>VFg_5&I-lS6-~5;>_eyOj3pR6H?pca;mvQPxHQmauVw%k$PJlZL{-vciq}e+FHFd0-`Jq zfEWB8cifu`_t9HJff_$+#J(J%a7|qfEKssrgP6t@NeluB1OzXZ`N`Q}-tvo>N6C;J=o0rPNjccF=xb-MQ3TPma5KtKe zlqzuRXs`PETvY2pZ&ttU{#`r-G`z?H+6j4I4g;O&4HLhia7a93qFb?ng867;PPvN=HP9MwP{#pTX0G ziWIXWDpyQ7(~iJq+DA_E5jrAmmKAArPrNQ-lE(0%1UwvWsxaXErkN~7WZA+gyrQ65 zgWn*sCd3gT^v4%RWzM=OH9nQ$bzeR#TiLr_l2S*1_?D!sme_zDdl`{Z_`z((f9<~I zaIRI%YM)9U+D!>+VbG4DZ05F&&DG&gD5kh%nm~=*(Xu zz%BUsf&DSi2WKm<@j8A5F-;WfUh>YNi`+19_NiO#i zLUVyUAq13mLxa$}t27n9TWhScIl)viNAt5`qr>?(Hws!R4t&ARy`Thyc_Y$Yjsz@mG))%HW^NGKoRN2 zv>qCHy^h%U`>NKe2GLf$rk;#r3c4jn=!G8*|F-N~rVYqqY!1Js|A{xc< z=*P_*i%0N&ZTVjn$f*Lb<^_iB|ypemM*s+Xvx`Ab39LlL7X8JB%%be^g@;FQ6h1#g+%=p zY_C?kZhweTQnE`3<#bs9LhR)>8_$6AjxjQD+`hyP0m$=5KQ>{VP#dDqFoF94>Xdkg z1ocD7#C-=6a&TU~3DiaNXeANsMz{E<`Ppc|d;L9%LZAF%XS!}2j;6abs{KSoHYuv_ z?gFAVNv{vdim?4EmV^c?Q^!)*Lm?~_Z!T+x!E)GJCHbZUNQ>kOtVeS1kRPOD;xAhWNgl4I}V8zoDbf(JV zgk51*Q^n2Tvc&m?^Z`t=|U_Rkr08b zHNiBaxZ$i+*4KU?TTvLTm=O$LIjOgFGtB(GmtsYflOxHN`ZQg9TrFknb+OQT!1iF* zu#9T#RZmVpK!$+3B`yT3xoaP2o_lkNN`R?Q;_Jc|Ur4BC7zb*L%?x8CsU&}QM>@vq z{pM!pEO_sMa#Me6oP=)(R|PX4It)D|NkaYQ*B9R9?g5$pjNb>?b7VuL}woiAhqwBj~T2^Jw;!B3{ zqJZTZb?P>G!d8YpqMgB6X9%!}A8C~)?Kv~eGmM>630m#@t zyT3XW?lDwII=oFU>^Ckx%CmWd9vrr&9-8NSa89E~LGvZn58GiMT@LB>{;UnSna2;% z`gcDUnSmC<1*ON2MG7_czm?JaNTXKuk#=&v%eluWwomQk9Q%FpDU1@mj<~QlV@=(i zux$?o!kgo{`W7*D9E^_ANM?AzPo?0*dKE+aqG!ng$QS6Ago1UdXS!>}2Xj87EG8xZ zr17ZclC3Xd%fh0=wMs-t!p`-U0t0`nVZW83E>lRJ&DXXedK+uLFKMBC z0)Zz=bvxxwOBkAkd>~rH3SUn#VVaV=Tb5O+N)$7GrQ$^C%EvF1cDQJ1nC`k}mQZ+jXF(oH~NOgRom7X=b5#*BsuoBUfp3=_`62#{w+UYFXYx)SIMWC+SP>BNh=*~ z(pu5klWsoAZj!_gX>p~-l`Qh=!hp`QAFq8XJYC?r?Lv~YXl{i$){vTSa20V)|Dwsu z@|M@E<;xkBN9tsQ$NR)pLHFjP-qY^n7{c!F%KDb;!Nvoq&-oSe&LPt1*Z929SL4!u zI9&k#&J`ad$ApRg3P5Fi*uj3l!9I5J`6b{`K}`Rv0$Z8R3MT|JZB*+Q)0I<#7?d}F zL%J7mV8TtwNE(e#o!TsP`X8rWxn(`^Sfk;!E@CeSe&T>?I5V|wD#)FE-@^9@Zf64ada3D?-eiWGBm{Z-DQjO@iEA{$C5RjxDh(dVZIMJ|>LTz#Hs39*u z4?)F)@$fJVQZjx7B?-5OTYm7I=ri@)($ya&JK@|h$V`$5XfV6r5?Gj^0Mc>d{cF3u zT>ptVV!Y8R`Ro;kkOpUlEjR?utf>2mSQaP{c=m?eef>?wS$v_o?}dj17*)ma*T&#V z9mauyh;@(a52{Xyq}AWZ07?R6O3)WtHex+gpQR0a4;-x}2Wn>f!xd3)e^*z48oaVw z5~IFiAWwg~&t#M+MXswRSAuf>my0(VtdH1Vdhg2MkL1PrF9=yuCql#W^`gL5UFXT- zb2wehNe>iU;a5N6a>xuo`ymwwd@SA(0ntIRFj+&W4DsV9RokmfzdME5BueQ;2Vpu% zU~n?|{QT3q`|n;Ww)@JUj_U@hr=RD;EXbe5tQt|Jn$YIXECo0_2jA+olr)|K8r{G5 z6gLi#Cp_DqcKC4cg+#&EyyRuzs(QY1$&#utma&F1)&KXni&&6!%%p;63JDwKXP@x;|H9L|qhUwY1e zhyrsxK^JqEF;`z*)fdZmexzH(JLV$DSxhX%>K7ZgRNh z>!aeqhHLG+?)Y=I6X6I~&3+giP} z9DzMnY1(KtG{q&gf!5sO^FSTjriDLlcu+}-*&wW*Yk^Yg)V%309qCxab`$_wBH_$1&zx@cx2{9a&>(S~2S{m( zP*`j2h2k&Q3$yu~Yb2zqTYAdoa~6bezd}_B*o-%!hK{LCQ$}6M0%t&|YG3?NS0dv5uiw;vyCZ1-_vG)YY z6v*7e(~Pp$YP#1@#Z&_f;WI6*1(HY}m& z$8dAOg@ZpF__^HHR%gpr@9Wxsoo#uxFf-QMqh6I>3+w$|is^YVnImPcwPAtnJeDip zUZT!mXvk4nQ??KtNz(*ytVxJ$$X#VZ7@@y{sVU4E!#w%}*uGlBV*lobL#qIw>TZMU ztiZYQrVyI6u=vKG?9lul&2+5C=uVa}ig!yK5Ub@7{7H6C$d zmry~#r+!YZ)O}Wt=znao4<`gJaSre->gs@F7WX`p1!!V@uNEG#EIT0#hL-T(kLT+R z{Yuu%bIynT{TeNpYp3RY!glS&eYd|-m{Hzmq%gwOCIHT1fovdA@t&@zzf~hl-rP$D zkV~;aah@vxqmc^(*hCbyPU*`Pb5+y!WAdSBDvmGrXd|L&@Pn+HFKW%`bSmA}K)Zge zn!e0>RO?*{C^e+hPYl!-GaRRiT!B!F!{%F$VX%?|EzrsmalX#hJy#OrXlO0)<%2ZGrP&xo>FJX?Zv zlhlcZQP7YMG%hH ziEIoE+V(A*we58m_1K&H^mw1A`$xc3Wz(dKW$r)PD7fblm<^!UH$MRi<;G!mN~2yOW@ELPtyo~G)< z8XO|Pi3{4sZo*YKGc+`;aWNug_;;P1?v#X%4$R4DdCo*kX^Lk?&_PqRa16PMjp7X= z0NUDI)7bvaYig9P+1OpE!gSF7E+Z2X3?x^e5-r}8JLDX`I5HBCVh)qQoU`eC5WdYu z;!N5{6JM_huq<9uD9B*`-}7*=^q0xrnaX1~sCjhS)xDM2DmG5{A-<*g4e?53P=BhQ zuFSsi;?n4+0Tv?wM-mzwh@e(MmF)P(?>dvZspD1@ICZhj#D zk9lLku`5!BQYF#u{)YMk>i;5K41m3@!f{jPx5oH!2j!KO z+m;Czf34tUZV>(;Y9a6s1ZZOD`ingRDhK?{w@T;iw$O;whh^3O?#Fx+DZ=YB6KhvX zhW&b;!S$y0FCw+LAhZ}@mN!S5f46lmUlGIN*81yXOOOHNE3w~5c>7vSun@bRiTQi{ zB|_d+|K@g0QYZ)t`tRq9U&q!(```QLLN5WX|32>8=>Grhxg7n5YpmnSW=_#?|(7% z_%A``^ndYLz18FJU$S_M|F^o2%N(4B@_$d_HOJBaRKOOiTW97*NPRRX}fV0$f+AnuuDA z`{S+~gIw-;30yy*f^j^ro8AkJStb-QbVdlGt}VzPXVr5$-Q!80)Bb!epzx0eT5T}`|U zZh2Uj+${R3CoE403zftNxTsyd4G+6&UE?~Ey?w?TSKzw(!PSTakB{?*T?90cO|>t^ zeg?eU@u*KPo=PaFEWKKEXE1d2>sTRhiH&hRVpd< z8OuicVAXGGCij5#z3gfA#Z4;p2gvI2GVaA1I zVbGUv(+IXYEIOfp+M{$l%cGH-Td@}k{;i;>y1Ha_1KsWetu8n$a_IKv#v)15w7UkH z^fh|E*u>KAwhAtDin$Xfiogw%wH6`eWu?!U%SS~nmH7+xl&9xF1ald9hEh+l`&!7E z{K)hVPC-Ex^r@S7EEmjR`9+VIdTbLWsxM+P$~f>FSe7oiHcj7t^~Q00r3SKm4>W!3 zI`8vHfM^+AY!vF1v50;G+1#Kgz>S>c!PyjYYEf|MB0?8~ltUs4A1!QPCKQGFUTax0 z0XEsRSiz0_CTr|5@e{F%IIftW2V*v2Bd1|q!F6swntf`*KfmT{1m3JKFS+Tcb`Yr8 z7QlEGo8~c`IW)p|mh2NIrr@Z2A5)?^2ThdHK-YFy+Ve*<5M+swf*?l(V{y4RYH?}xUDyCt99W43u2qAh>h_FRr?P?6$9DG4?1RQslrpyn9WOpnEy3Y~Xma**~ zHxfuyWj|XQ+<@4eX7wWRqC3!^wpy2Y6D|k!L-hd;ZWg@tT^lx}j|Kp1H-74JVhC%K z4YEXKD|7u*e_;19d)to)gv%bFtVfbzc`Y0d{{094{y&0$B$A>8 z0#X0OagzLl!Vvini4xF1WRjBznP3ExCjYlL{r*n?{Ga$?d&yv_*ZgI`v3T|8fBp{y z{s#j81A+g6!2dwte<1Kb5cnSm{0{{Fe*^-PocItBg8qXMX#7t>P}DzIO5p!M)Q8F; z^uqqz&=B5l0}lKQ%kA%AHQ zUY9ZZ!0)kRjHNhHnkG{guE39LQd$lpcofqJR1rzfYYV)ca+bsq*`dlYLs|NE&F@PJ z#r;KToZ=8f-RWb4MwECZh++x8_y93Bmbp%IR#mJ68)V24WJj5y0!8q=Zu2_I_5r`6 z#gUzziVA?H*BVXIp?D4mg$Kx|U3E%`a1;Se@ytt1nAsyOqu*=0c~!LEOKk~L0*jLl zXKbCwPc~suZPOD}G8hwk=ofRL**GGLCZKVNP7^EnTTy;q$br`W93`d&@*l-_y_)$L z@dJM#9cFunqgAFs@M&Qs{lnu?u~a%U*|MK-K1Qeqs&!dqqLNdjap4(+F#8X({prSgk zZ`8>DX}!cRParLFcc`sfh3%dKX0k2D-uLlNUYl;!{FI$sCz3mKwg;zMD*VAohj@dJ z#nlmXe;H*l9U_rGp^)a}Cn3=jp}wcd;L}GHz1-|zrfHbso-|oEJvzbS3r1cB_c~e1 zBUOD;-Q?`;;jOQfUqS>M%8xB%I=nrZs?|s7UVlUTo96kr(hyTVVzhR=#utr@W@DjI zvmftCn_M%{{^PaJZ_+N54x8%h%Hbse<8)3}u7|W6l^u>l`;t4c0m}Vn>QY^n_2*Uu zAOzrVlKakg4+ZF6rS`X37)>mD>O~rUBCn6EeVGk1H7eSi)kz=YYT@h9Ph>i8 z7T44K`0l&ybOKg8>UW?Si^hG0&o{@upNFL%qKeFiE}eum41b)V8pdGYj_I2Iem=Yq zdzMl)F^%&pb{1tDgkAUoweq-^>560Koq8%j5DZNU1nz{~W z^Sz77m%Ct7DWhqAg8I$6RQ?J@i(_U;v$N$L9j5Pry%lC(JMt)%zwi5@gyQD1S0Lf8 zZly^s-+o6t;u#f}xab_!NSA^hABD{+7ZpRF=QUBDCN^W9EXoD_+AFFaPEQ84m6c6j zm`@eBxYpCBwMvW0L_J*MS+5U>Pl3&Yto6NQIy)v6PeO9f#L8QG!HapCRLjv%j?AQ9 zJ^@_ExlP&-7f1Vjx^suI-|~aGk;%#HWKRK$QOpI+1{OIOY1}iV5A7F6)E#}`5tiK7 z4@QoQl?U6i1?~y+6ZXZfn{;Z;$4YLW6XU)?PAmJAl?Kg~>+kW%2cW7^rA$B(i`i_f)e5aeC9b?Q+w>t`WL^SDI1Z}L}?VctX%++d@tjR{Qc?HIkeFSDL1GI z6xFIAnHJ~AovI(XAS~HGD2Ivw*~om!w~)TtsmVxU|VT6uqN5xBy`)Hh(mQ>6XAgK7!1l%;*c#QWNAEIy63;57R_*Tk-YIt4(H~D* zHp3-_mW~;sO$$^ZUu?r_|8r8y_~Ai4V?OjxHWfA?+>!Z&K zzaHTrO!bUELB=GJLk#F0m~5`Sh3^ebuBy2@^}VhjonE?0bp(ya>y?22#wogd9#HU4 zSCVJ_aa&W+&XM~WND}WAGB!l)(Cavh-i~oFxP{*EiiQfwnY6_~nm816IS-FcmwN-V z{d7oQY1?U~vc_#a4bLb5j+KK?1mQZwi#%n76%t^nOvw*&Rx)PH4bVv_%xjyk;AXIG znB-GtoWU^O1+EijZ!WX4MhrEqwau6zQYf_=ajTcpBRZ8M2OX{3@$B*`>8)~R)20j_ zmL6LY-~lq@CAVbIbW@|&%t=2?&rxf5fzf!!k8^x9QyFPYL31*?`AB{jupYFRhDjy_ zZ;a^Uw6d_Lz!~9q79TwzTtnDm6M6~*KdXGk zBX|k8a}E%#AgRf3M>}|oRyGO_pN*BmA8#&eDTMR#{d90f(i$@`y8!pp zSDd2NBU&fq)l-Z))%Mqe#fMEIlBya5R2*7b<^gECv(MZAWuP?KFCS{5d_1~Cbi?wN( ziG5;R00@O$&tWTH-XUHQDHJ`2E-rA)1ysfS^vwab+>jyzP{-NkfR5@_WAd%S{p3iB zu3Z$OJiIZuAKtHb?rR0El%{EDKzgL=lKKeRQ+& z_j@k8GUgg>77W&-N+1z4huG4%zfvzy7x44i+057ER{XQR4}-<4F1m!b?)W53m@l$) zsHYr=3R}f-K1>691Gd^alvgnHDG7|m1*P_IXo@l_iGe$ia+yQ68au_$`eJeyomGJ` zjuwtx+j76gOyJ!0b>-78@1kZlE)c&H1*D6SiI8tjA>h+`J{_>?_>7 z>WFZJV-r&vzWa{3b}vo8tv@rrU;Y@`PS(mPzCV#Bt?3xMXHvLR0>?B^sN`NbGriab zFUsWeynPL?m=Hvg1cJ?IKOwa93 zTUg0{zfXW2>*u32RbUiW9%LSg58&Fwiks&}k)&ePqT#jm3TgE9 zP7h8_2p9N`;gvU-)?leW5)WanMU8jPcvQ>cYbM&5F<$PFm|Fq#_{3`bLY*4b5d7XF z=N7-B5y8DOSgPFNZHXx1E$fT?NMGb?<)T1*MjDKQW4GdSjSX|31vH;L@b|XZFZQJt z{UHq67-hnw3nBN$4JW$8HWA5ds6c9kEY?z zCcNVw*dxIA^=eV7gt8S3f3@*f%!5aDM@<;w^U)A{?Y1pCb^lPBk?d*}5mwdZqE@{C;~>NYLb}4wnAomLFvNt>WHDs`Hhf%XTsut<&8RPA{`1Oya})uCdM_W&)%cH_UecQ5&$fQv{A!wBd1!a*(`5UiQx$<6EM94>e5*EWxys zYFP3^NkOe`ud017hgvbt0<|TMg@tyrM8aiac{{pj#47 zE>x+0RD1dD-F7k^{_GwrJpqSvJ}D!`SS7L4qgJgy4V;8#3%7m<1Cc=>kXENbFN^Dg%yscBA!AQ*gnNQx~Qt}$HSSTpd_~!sE(?p z8{a&Ke@MNN_*b?&9;&aH^Q7M^=F4N(otnrTP}F_@z$_5yjoeGPuRGToB|H-Kn^YZr zJCBSJra~olw>OOWHkGlxi4?#Rk1*pUO7}`t@3ZZ?P3>g@=wSKvNh2_Wy8#bv<4aul zIl&QMn83gnX?WD=ZrjF7W{F}pVm9w<2jg_#=+`S{aK2BfF=rg&*VUY?kS9Ist}Rgs z2_knucRzD-bUmsTEu;UQZUIR2_6pR`J*n(1h&O8<tp9?Tx z_h1+vjB4?*P$_pKe*Q)_+6m<*!R`mP4{PIp7^W=UxPT8a8PBt=kV3%1>_gDHdL@=U zCVvF_NNQg$xpi{(4FsZxr+{xgV1{W-&HMVD{%p`TuFX_R{$1v4b}zFw#k5O*`;}u1 z-9#DPJbWp3`cH^Iou3Z9`!RMZk+`T3FB{p%`kTf;4JrlzJmd-{-mqhsCx75(gdStH zYci#rs{B>f_ztW*}hR_N!tBChzsw6DK!AZGRP)v%vy z;D&sYubYJ}Oi8-&*oB5e8(-9u%qUYpEUg&+@@OlBW@%VO&`Bw`d0%KSzn;J9C}Pps0O|C9g*B9=a<( zg=x^gH~Zdz+RB*@3sxcysx(2$?fXC9=RfVZey|GsTOZl3iTGEBHl)M%ZHe zev&!n7~-}K&-qkex{~lvT9UvT*P0A0b3!}b@Ym9sE5JaqDbSl0-_<)4d|OFmde z>X9B)5}amCxt5`+jJf73pTv_3St-op8@S!ik=@K2WgzW0AMqQ<58;T;FlSMEV~mMf zz3k4b4x$1zHg@_odaP*N!X*k$`*%jyD zm)w+MNMno$P#Mz{%jfs0d8!1S*4UXZHmcs-P3(hE%&#p*-G}->*g839wkiPb5pKHC zU;dCyTm#$!Cf0>ia{K&j53aOFk#Ex}e7UwvxQ-0u~1iB0}|LdDhnuEGgSa1a3o=$J!Nw4HnH&F3QA zv2346u`tafBTbWgrH6ujW(^2XJtsR+S|*p*UzUw(dmF-$T1h?H!txN%2SiVjY0B#R zYBIi%BrN~DYKY0bqf)I0GSt8wI7;DP{0GaZM5}V`eZq}yFscytcly?Xj(1x z3by^H2(kVt`szFGru}@Iiw4-dO4SMf=&yLg+Z^06CnW9)N1=OMnwf7~wK?_(?Pk59E8KX`hT14YmULBC2*2Trry-r6O@ zwa)J-_si%McdlAX-}E~f#xW3Uo1;@?2X_nw=AtWs?kA^##_2;uQB9Z}5YoYo(!o_y ziQ)*UukCN~N|`2p2u)Rl?Utb4=@QWv-ZG=vIxm-Klo=skeh<#UH~qeu^B{w9u~6?< zZv7)%B!R?2p1&XG=H;?tF*OjWcxuvvW#VE97)f_E(o@~j;^#Ubd3Z<+@WvRE8a#5j zg$>TIZ%J%EuplK}(WNuBirZTIR|N5Q1!=heK&|6Lf?9coS8j07pF#e94=0|>2J%$|nnJ+<5TdG!fEKfTrDAhDV>19= z-CRx6$y@m4_0d_QY@hrL!bHni@Sx&Xg>0pb#Cwj`G*_BcH!^W4aNnGJ0dt33U3_V@ zA9U*>hm``jF{DaXvp{}J*_xrbN0IO^vquyC=4o*V1N)}fb^W#{cDnhFME0#h+cztN z-XTXAN_H2h-i-;yUvNyqk?%v>eQ#0SvioB^-rr&&&^kp{Nt6kb>`(#;q9`4mqXy~U zK40Dyj85!$Bl3Cl6@aDa`Ly7wrJo<<>xs5;85DZx(E9)XZ974XHTozC|3xn-r}tMRQ3?ow8<85LSQkMz6f~{9YaY>^ePD9Og+t zrC~yQ6t>}#l$Mqc(|zDc`AKmMXZ|x5xok4&ly@wjH~1w?wx*`SNaUN=Q|OwY9zC*~ z@>U*+Hjj*n%FZo#;>&WBqi3upSM(7mP&&Vv8%{XTAsq&Zeb>*2Oj^%hWxPC0~jl5i#cWD~MDuCnqzXQm>Z zWNHZu0vVM6_cu+i#TrWufA86-H)#W4Er9zepq?~U4m0K7-M6JmxiZxOtrMT#+^Bhu z>KGM^U0rg2;*rmLdvZV&8;KO~_t9)P1VD?RBw*(lFhvL&fH~Sc858WAfY7;z@&S7p zmhZc?UF$$#gZb)LDcy`TYt+~O`ncqG>lYhXb?~xn_CH{6B|5q1kg+i%LyjI^AMDd= z2IdLZY^Z68-%mEQZ;DySfV&D;J=l;3%o#I}+X##6VcU8om){-U5>%+Fxm=$WWetZ< z$Jc{WVV6^Sbp~MhW%Z#{RRS%Q^fIBGgh`}Q+omR-w>-foymd8+A0zTG_s1Gy_!+ui zEFpDE8!dOZ01{a^t0;+MV67^jE3WfR^eT!55ls@iWe&#ncvlpP(cH(GP+5VCU-kRg z<=kOCncC1+*c3HjP?K99SJ(*(CyL$(F_ySRW~sR@J@hL7HD34LhAlN*H6z96m>oPO)ZH?;u` zXQhQ4GAe=cLgA`}G=^*;hMwG%&yl<;gk>m)5MVR+m?9q-I*FfAC>*$F*pJTIH(}&_ z-0a`bew2WV?<2F`Jfhw$bN-z-hzI}&ucch|pMQ2Y0eZJ5PjrKW%T$1|_Jbwj%4T09 z7Z8G3DPX@Q4>T-hB2crouBPBG+78}HAb(i^*cRL;#}kT?mIh7ucT*;N%2abwb~Q`E ztdPf>bCryD+^Xe_=qgEAE4airDTV>unTeTUqZE8!dEjw4nFG2`_G3P;KAdb&G$}#? z#OnzwnS|GBcJmH-#t^6w0)T;YGF|L4#ciMR6djoIgOP}CBLKf6VhbwGl^!nQka$o$ zETmL>Fdu*HXEf<$XG_V$re0&Zk9e?%ua~&}An1rw73Ba#+RZjJ`~LpkMb;ZipU*m= zU4cbV{$sa-Hn2yGdXp(xB+Ru+oKfe&+hF&sx~;6g4gHaV2nr+G76U<^-P2)D7O zxr!NSo#syy|9|x{JTqYPJ6M{Nacr<(O>?-v1@hPm|JFH7pWOYT0I%dIC(AmO2VI4XUqGmR7$}Y+Uu@_o`BoGR<+{!~#dL(XyyHrN6IPG)Smf7r_>( zs!JMaj@7K;t=VsdV39(cQX=qYOOJ%B0ND;pj|Vl$Fh0_IBn%$9DgbmokF_WwQgI{Q zD6!S!TOVVwdTo{vE#te%WlZDWqMu?G=qYAGj#GA8zF-37_owHGH<~i3|;ZCY29AFh<6tNqb)7bWsmsB1bU( zHbcA8AH7o)zd(|G?z|wX()WqdCjTw4h*26gcLK5x)kHBNqr~P%BP=7b7Vz?3Tx2ExZ#dEt%8mxBdn!jsIo} z_u;;WWYR*W$Dd4rA-qRie>*k3dTW5IHg1u!o0se*Q*K!2q_d<2eR6-U&TVjD6&&*m zPs?nHt}f;Ys+TuEnVC_QIeqr+26fIf6e*OyfMCyAN~14_EdAuYgh0$e@zYnK6!mz8 zCpQODig3wj?B#nDSM=OV(&3v3u9T_LEdHVVWAwp< zE|=V2&a?Q*Y)?adyI=hErj55IXzGfX58d`{ra0MpXUP`RFRL}u!?A{%WbJ^{}3J*+(3pX7pw(N+a_^Nd3 z?5cpXKr64K4CR&?2KiEcUoV+yC1dCzYQ7fF8d|<|EZE+;4#yFV_>sLqm?u-zer3Ur z`m_ykY_}~O>i0IE5T)@=Q=%JdiHt&tjve|rr9~oe zxCmMjAs^+@7K|TIC!Z7h<@b@H)-J>!dz+@OSdk)qI*joyz&|8`4QX3! z8@V82f2PP=Qc8*#6Tlt%65jLtT^7=PwB8fz$fIJx7l&+*78v+ADx?Pk;`ol(nJ2^bjAOrUJmzHiU5#rOAQ^WXb@ z_oqD~F4qwcIln3J%A7io!Otx_FT|Onhx+p!jn+?1zEge%p@8>WUN-Z19G};QcqT;F zf`IP8gshJHppsg#b~B`HpI=x{bKl3{S!9&GUFMoBuQ$B^n6Kqx{L+5Qvi$G={lEQJ zi28g8BFFwAQH1yh#S`qGgo5FJ@)$>x4~52QLi`seF1vdC7wgc*=YNI&#oGT*r_u7z z-`C~;m`2M4A?QN?w`sJrvj2U#l)^@Ea{Tu*F|Y(*vYg}-LD@&RBa=ZgB;8{lThfnK z{k2Sje1{%DN%4IRR?@x}FSxNRZGAwUf#7=A0~XX1C+aASwB2cV!Ej8u%H><2pkNIQ zZwl8Xx&iFTEtW!)t2sLPEAJp|Bo(zgt#<_lBlVT z(n(9UQPO&Agbbh3Yhfd}n)&OY)?} zlhvBWM11A5nin`n&#Q3wnK_UwMJB2vGMVlCc|6y0EJ3d2I<4iG2F+1e;`dXgmlH0w?6+|g6NoR$zd zvL&CSTR(}W_tzNf<$WPMfE5QowPm|5N;7`6VRlM2X<8fV0$THhC!Fye&hN@@$_S@J zMe;5Kp?{zX_-{~I7W@Vji&epHu|&7Y&I;>bds{+CV@^AX3k>O;e5u(9)^#RTjAV2HZHuAp zqX@l2^$`{Du5lXx2uH#amgvEIOZcZ(@?TYZ*O5w!bFQSuy|LH75Cr%EX=ctj<`_sK z5rEiD5#;KVGeoA-EJ zS6OZMf_xD_0?S3%K0Kr6WJO9t%3M6p^GI};u4Cq-Az18y9skQIdQOhg3AbOuQcl=P z<|sp1#J=j}i!Uf0Z}PjccfK~V7h$G|dz-|!%KInf#+%W*+%r$2&%-~=QSw%gE3_mP zfaF+aauWyPqUd=e?&cjzfSeNThzUF8km;u6_eOu|*Mp43CMPe((7AU1_*DVY&5GsZ zfpB`7osas9eR+OT34-Jh8M*`@rEY}Jt$IKP5$`eFqTg(A&#CK`Hlf^2R@%7xQBXB$ zC1PlbM;d|Fy)+vZ0`~3m49>TA)E+!uF5N^#nXrXnIq{xSOoV|zC{Hxx-Y_$=FBevR zbTV;W;`a!Pr$e9g+p#Ci$M{IvA;mo4>RGeB=}p#Qne0LEsTeU{%ShkbL{>)~FFty_ z$OCY$h~Rc}q+P#TlN|XXas!eDAHUce>!Vzu_sZO`!O5@kart<=36p{u1kj$l1W5Xg za~k3V+=Q&pneEOne^yvfRc#=tLL(Gfyh27FGjmiuyG#{YIWaIY#WEMTf;EBIUmB)O zGI(Yc48B4+eG`vGofI|uz37X{ciP++2=~an^uYZ_;8&|TAVBon{RpeoQy&MLA3{({%nHL?&JWQi zEmR(n%}ZQT3Bl!=YVD5@=~!kOn&BV1?DWe9Iv({99--L>fAvuZ6dnV2fLlIFDwl2= zbE6TN^M)@#s6~AQB;29BYK0qMi+;XbSCEPCT~~F6DJg9t7s0?(;q>29g29->Y59@) zoq5+^*Lbkum!rZrHE%jm9U8IkkPL7$DgB(=@7erP^ZkX*$SW$^HB^Q$F3`St2MTp* zHWP7L&0)GHo|l2;#c2OH0QzvQ6>Wio@*g6flDc{!kdSK~Ke1AX!bQtGZe9(`+AqIr zwGk@pCchu;T#*{y=HZmX(GU-dTL~_};k*EHY^Mi}bt7|EAV)u+R z0s+xZMw0yARac5Ohlg_eoWl{aqLoqyQ!Z<=rPl$ z&qG4{G#^i9gOGUQ7&I;v4DYjBa8^3BOuM9bkdrjXAtp!MOP>u9YBhceRR43n)Ypp* znh(w?sWb3?#%uiTrNv=OxRMAp8r*me@~LXJ3n#~z<`-L@5lGo%<`&a5GBk>pFa6pr z{4k!xmxmX@Wr}C=;T?JU#&Z4n$O-(^s&wPyk$-;naJh-WS7o-$UhVsHLb^flHy1xR z#K7N}@m|gw%Hm;X*Kq%lJSMetjX6;1w5kTm=E zn8}&H6M2zkG{|Fgj{LVj3$b!tSI0w||IJ-C?{5xZvt9o09?AQkl@iuZE<6N*)Bh-j zM`=sHovh<^U;M4a@PL0?2{zvk;Zl6SQDecSu)~Qr{5eit@cFRdOrZZ9XASt9Tfo_E z!6`TfZudLq0)qNVk;k38_?mFfpf5|DX_Gm@$9|<16uGLq*!o0 zk+}=_9KdHmT+Tcd&uuM?ryWDR4do&Ig|j_*|&00cAgK>{kz{ z8w2P5sUvfD@VS7`0n`PKn;m?D;|A0P>i*RW&IO-fyLYfH|JeVl4d6WT&!@Y94eYzW zb}Zzd@O-{HIQE{XfcX_Wyq0{YM?YHvH%Jpq}NgKK|yJww_ zFK1jdhuHOpcmYX(n~#>V9tdP1Ja4y#_--@R@mAgSNZacS-$$!BK-uyWJex@N`v|M% z7(3Sl=kHAM@mx9Cf)My}bfk)?pCI4pO(eYA$pI(N=@3!H7{6Men}<1`m*qw6Uk#A4 zBquleV)q5+j#LxRG*K>ncwG!_A%^0hSrP)(6l3h2;VWDcxz>iiL(P91^Sme*SrUS*jf*6OnLu!^aP=vh~l3FG>>w2PcEm?{#5f}QpD?CXIu%_4zAt!y6#~0VpUZJ6v(>dAp9_~JUvVv^?%y(vI;1pZwxgcanJz%QNB=Vzf?% z;Rj2WV+6BPKq>D*5djiOx!4KV0O)bF^(;iX2Bb#D`^_AI_P_13eoC(qfL04bo z+qS8Eb6*7A9qJ%ir|(gM_FR|O^ytzSd8WIdr>Tt^X>)DnhYQ|G7z&(5Oyis6g$;$$ z{^DK)Sr(CzWt*)e&(+=RFjQ7)vyWw8pZ1dw+cGcWvn{{4y7HS__8DaQ>j4dzDk)bv zuYz{egqB)dU^ z_IdCe9$7PoO`Kj4e_AOP0}WI4+@nqIpoQTt zt+%_gD=Gx1Z2(MK5=HL?4|l)61Fi{PL#H0WnoPwTuQj4qba*0SIb-b$(kMZJZ>kXv zo0NqZbq>=k$C8Lf6ZlSyCbq2Xn++(H_?;%=(z4+_%|U#=>;vlp?_{rD+y%o{)OcG2 z#SUOw=h|Q`?D{_3q#Pn4@gRH*IuFuXmTe5ixC?c)a8+n#g9Ut^9aTdJ2es z74q5FRbr=$D_8^ zO85DEwlU>KePyc8OI_PMn%!B;`E2;U3*$l`fPA;*ZRD2Ss5au^y03~*0+~@j%l0x! zzyLud+tJ)@Zvw{bXlk~Pcm=sg{;m`9r_#f3O{+-L!!9$^kUJ|8>@o}-J*3Fc`&H|G zZEd|cpL$`M);5lSTFi8#b>i*O@rBi!V)jDrkJY*)8LKfx_U;l1^58_x94`^qCov&Z zee0sxEw{nN8M1h5DLPZ7jiRvH+AI-%rV;-dh&tkXB}?7i?n+RLAK*Cf@l36ec3yFD zoo%AV%iFbgE{jMHaAKLhpPr#LyVl{{px?MDGf~5qY=|>3!%b zLnk4vzulLPnXdzKSA``3D%{=TcF42YqAp^Pee-4+fyo0kPM4UEC>av3;B{i)pwv*{ zuU@r1dv_ze?q`d0dA2@4>iI-f&(;Y{^f)fw;UiITak#=*q1u>AECeXFcOiEr{ zwAA?;wp0CVaQXR#yQio}#UAzhw->NphS)x)Nz-{KZRYA|Aq!mNDjZxADhrG@* z4yd5x&kN8WM`to$dH~0L$)q^GjX^ufE_t^v12u5{M5Rw?;-ZxnTFw9s3lz9bLabGV zDUEQc)|1>}n;zpD4b$moCnvSP;7t_A57V2dI({LK?=I3F{9MvVXrPvQljz~{cgQVH zp|9F_wH+*k8){z2=R6RObF5bzdZVH3pd50k^=&4&r<1|JHWi-lN z;iFa&g(S4_i{63`%szSg1YJk6k`XDjx28$kUQ$etr)$r`r*^hIo%l08Kz+ra6VRMT z9Mib&4y*i5<@?iBVG}PHR-iqp-$!OldQawL|Ggx|j*Ol4C>gm!+4>X$N?0knO+717RL??!Rux9^e*JT4~068Yw#a zp?@8@MJ9?8hG!KT(NtU?w0%8^5Q@XQu7-d-Ss&viiWtZO=l-2sCYgjFG9>vs64UA5 z3mlLCUStIG_ku=AJY{GUC$ayg37?{G0PPtJ}W+Pv~UlH`OL`|5&*u*R%cn zx2qYd?=BF#-t`df^+)oT9B+#b_eWoI{I3kK0WIMD;}{fOipjqod!;!3=lLr5KbwGH z_>aE_f6D!{%+L4F$L~+h@sGcoB{+WkIN`f1NXn^kM|KhFQ>_RqF}^ZTel z>R5Rr>0{hAj0EkF+5~%c+8kc+iOMJvEgS>&Ge6I~J7#CN!&vrvWhP#1`vaE0 zx11+td?v3uBn+j8_H({vgGwLDojKA`&=$kovX$S1fg8oL$8du+cNV@_YroaN1>#zi zYQL2E7|s1dFKx9_`7*5-Th%yx2Y&?HV}UK*K1nFfD86P7YUBQacdI@hBwNAKcWEnEW5O%4!bmcwh=OYy0mH5DC z+bkVQkg)fusZZ4k(ca|#-dGax#c16X5h1lRE05ZCEQz{ITDz>8%usAF7OM69k{#PdgJy6@k(vCrMg1p)M*&_rdK}N z`_V{Gg8O`fdzOeAp7w>5pY4-$EK_)W^pR|abniupe|=tpz&tT+L!1%*etm_c%)TgC zgNp0NONcl^`aC01@ONzB{a54yZ{#|HFR4lMyF=i=BVWE&eR_&Q=^)&ZrNitHJQsM} z(dDft)(`vX2%oKY(WfVrnjn0x0XV_?F^UzhhlxgsHE&B`KXPY@=PE?7>t5?RR(Nxx zaMZm%p&;5Eis#;LM_mxl)gEuZ-QFWA&VFXx_?jFvD!9^p{r25gZgZ-*0YCAc@plL3 zbX+QVQ)j59D1@c_nAdG6JuUzkPioL1qI+JTkkRFNWuOk3W2;_mCQNCFefo47!_g zW%A-a!s5OhU?_3rbR~RJEeJWO-w1)UwX+$$_H;#sn3%HpQ#9D`6K@ zsint%Y*+TE%C^;vYt^YHqrz_gbaw*XwM$@35Y8T%e|He?9p{1l&Qxt+OfZzQ2aI{B z;#L0kuc75YcT0swg<#PRQHX5iKYfRJut?EpZef5pAom8q5&Fw50vw(JVM*{V#;i5* z<}jz)h&yXA_ z+*JA#4OD^s?$7=syiN&RtM$S&Y`(p;An_w4m^bmZaVQ}Q+Epb2;);fs++|q_GT1^} zO`Mha@I`aW1QYNnpgb3lIJpm81-)^Ypw9|mYSW9gF6t#s`2a9u7r3?63grvz&x1A#JU{+&P?FfOcmccuImdTFce(lxUK!nN2yX!daNW<-K>;j^ ze|RNRxC}7u4_^5mk%0hSe;C#HQ3HZ}{_Vf!+yr=q{qX8Ne@}3Z|HG@!Hxz(Z3COkc z$Oa#PS92)~^EI~(z$*h_6p93s4)Dqc*yRIbz5!nK0Hc5&^Lh}#Gr+Dn-9}ZEOBZ0& zy7D9Na?S_)z6rW3Xn*hu3r2ufFJR19JP(f%81si$da|S+QILLkW%zD|0Av2}syF;z z7x>o?uiAMc2+-XRz^k`B-#<+IgIB(X*AHJS z5e6cp6%mH{CiiYCE?gAbmLyQ|h|G`D-FoprLe67#5`T5%L=INtcQ#1Z!ZZG43uY$i zcWBVtEFvbP_xhrrEt@VyD$P(>gfAG^=(JlrGK47iB4Fhlsv4@FxZW^37!M>|vxQv; z`2pWog;S)WXYu}}yFq66hRx||-mwrP6Ld?cL4feYVRn`oI`{<}P&m`)w)sCU)cH_J zt_JP@em2U6`;XuUB1{)@7Tsq{iif5MxvOlsNzEGh{?$Fghl$sZGLBoG&Fq!W%;|h% zd%$q6M;C`sjM@a^%4FV8-aXDCa%d70ggMQ8AH+!mSe7dm<;%yqQf051KE4%+d7sCk zUo5>yF#k?=Jfw^fuvEyRvQneo_#A9WpcFNH@!#B)2xR+o;TsBGPby9}*=A4XD9-5~ zJcp+349_(Tv(pctf_9l}0536`Dp5NO+g!cxQwYyME=WTsfcx1xCE1FYYUbUG~+OyY^VguP6 zTE|LNUChS6x%GmyCkeu81eH&b<;vEH)gbc|qg%Vo`Elpfwi@L@ z9zc=q8Nm!s55E0(W8zUw11tp8B+sehL%0y~>5KQX_1!vKOK{ZUgS%!9Ujp z;FJoy@cCiHvzNxV`rsA&@i0;#IsrC40i~YQISP2L(SLd_Jx^5i_;Li8+mH1m+5c6? zf7MYP1@hV-T1JcbZ&4ta`_jsSz$m_xK7B4I$)XWN-o@>Dd2aD^LkZVM^sXY|jvW8o z(&CacZ1570gt=6f$x&dJ1Lg6P+6RaORws!1lQsK8k^#Wrv#Qvp=-Jl0X<%1@ zj4?XovPwL1W~?lNBLd_ioG+4EGKy-zquhPMOhVA(ou?l|L5|w*`F;2lLXyU4T~FM# zJGGtAHOPZ|c0*YsiV%?|2z1*!LG&I=OMVXN=1fb-yH*M|w{q*r+WV_Sx4^?82GR70 zy@5)(cG$$_B3wKXn)RCWhSsuH`ig}YU3BU9Z0bEA>Aim`K8qzOi(WUaA?uOg*(zjxLN`sm*YOip0vFsH?9{NZrxy(D+@T_t1pBc5JPeUg3pz>sY^n z53{TnhJ*o10}MQ1mchyN3$Izx{_aVwJ-gO8dDpO|q5GD{>nBZhY`q4MGjG^CaoPt7 z8DlKL{16-WT=P}z*7Y*;B1C-(v-0)c2RtQ^SbHEq>-_-E9UsV_kds%N4t*yHl|59OCr{Vi8-b;ot;S=aZMMDQA zBi596rBs_FCB-0mpD8@}K7!4Mk9DH5v!o%&jE!g~sVfeO;AuVLsfQVLhNpN`mBonQ&#??h2#f2UFw|2vbj7)7Hj zp0mk+6Nm4%)a&&(&U2ODi<7Kn{GXjs_%l5K81-Kd@gNQr{Pz#>{2$lCmrl9!0_FX2 zy@UE-?D`*fn16TN|8WD}day()OHGXV2mr7y!n)0Jw0)zQT9v!ja-N~#A%`3Ck0_`n zN13k3Hz>DzH+jD{W?hs-4r*jqtqMj(l6#PYUVN= z;JG{ z`?>#RmH_9`v_Jklc%@XMFyp-L8kQYF{Cl!cp4AZt3+OGdWFyA$u-M$6qrQ?3(;{Z7`5` z7$N_o{Z7$0nabYo_5PjU{`J9pDeL_$6ZAi2rjO~7_I{Pg?BxTMkv#s>cRaZQT#~&( zUk>%5qM*F;C8E^_`17Cdh4z0}hA)1?cV{{3r9V_ebGaLAsQ(agv*8f4QIFTnp=P5W zf5s!^C^ul+IEcu%EFqDL)IT3I1mw^!eDW9j0y)Kj4a)u?ru-qmHEZ!{aP;~}29gAn?iby@)Gb6ebW zZPIvr@W}bgM!?4?7k^Ga{P_gu|C8lI>f`)pyVW=}fUiGEtLB&=4w#+MrS5;k^EY<* zI}?2@drZ{_e@_WU0N*#R2#i4luufI}@@cdGKey`#Q<13A&&U;5BY5_o3)s~aL3_*F zz<{lrsslI%+SejRlXbwZ|Ev>_WqCaT_*5d(*NwJf?P`5HQ^N?H80D5yvqh-^XN={ydPll zylDz$DL-Im!H=je(!RBWOTDF;$Ay(-{`tIXP@L%M?QhXB9YBpmVjr=%#lw*g)zrD} z)F)j`L_^S@&G}JyJrV9CFsM~Zhd4v_`Oot^3%;dan(;mWFhI}0YvL^h=64y&!WOw2 z*gP*ZiZ@GnugCjz_+Ah@IKz=hb|)S>*K=H4YOAU z@7RJ5!(g)Rg5k?OM0|VnYme-^r8f%JQ)Cn+rqUdQ>?G-Vy&d%}eA5QxIw0HG9&?4n z4Q8G*o^49*kLoxNI_s}1aeFg+%m#5+#89Rs=Z4Q`i@XpNE2lmr1kRe#usVGO;ZrZ6F9r0``=Eq|muJE8Yt2eT2! z@6SqY#eH38XFls98BATR80&Ka{23U=lAp$UWA=&L-fTAOfUu$e_Klmt{`9T-@Q);Q zc|*iL3}rc;CmdX>@7;6l9fFh`uRgrjcNGydF4ILddLZ8fk=H|95gL(ShQ8nKv*+C* z<Y+al=IH1l3^hgKY(BG=*{7k9h(u08=ql!^lQW3ow{r$|dOe-|-{NU^C=N z=J;g%*u=xEJ`oqSNMpVFU;F)e5Mho%g6jNYN&JdwTMkyCbC-5wJV9@fZtD<;vbLkpO~3@O`=YJ`3Xis}tjxTQuza#;`OzZTQZ6t^N8sD7Iv<>*~B}(cmh*srZ!oU$^8xUW$ z5rsiTpRXX(b6=cA$qKSzBbYw>2$KI)gT!>7DrSR$i*-hm_DEr^6-kIsjn5+FgWyO$S<42AM8WCooEgu@z(08@2lcDyAKmddw8y9a0TyJSe)rwNO&}4m}M?FbR5$oa%Srz zIrR4GTG4KZ44$ZIVKdVBBC&nYwoT1+i0ZI4gzz&A`mcU4kDX=n))v;r)8L|kHX_p; z98PmGg)-*61-)xqjE>bSvF-RV7NKS?EAGB`db)N~B_HO5%CYB-AV9r*Zl@Qpqc?Gj zB$PoC#OOMZ$dx}OlbmC@VX!NYGUF97!Y%-Y*sKi*W%v^F24?A(6Owi*chajv0DDYR z$K!Vrs^oTuLr;A8D2f^(RlMC-^yFjh6HPJ!pCogVfZx`HdG`*q(abK^4Dp<$k3t~r=Cnn zdcOKyk<4iT9u~PP#_XGg*n|b+ zBS|);_)OS*-CZDxhhcr!Sll19e7|k&8H;f=_HTkn$B-$HIE7hffM9biZ0!4y`MUJ? zqUn59ED^bG?b5Q~;~3y;#TgE9!-YUMM~9PJ&hw>D+88u=z1vHEl0 z1az3>@o5-7TYMKJ5eR=3#!Tp{UM?*T4zogei6=8XlW6_oxZ)0D$nJb$?cN0M1`Ia{ z*X$vVQU~$6>P`^Tx>7;M_xK)QrGViT{s6h%ku98D^gDPRR53-)ry6CXu2*MsZz#i} z#EPf#NG-S^TAX>3UXco6g3gm4y$H85UjP9z$qrT9nNY4)9u+Q=uyqnP3-??Ov2p;C z;-p5m)}~7zOIRvRZ|CM<5($wpSm1^t8gfhv{G^R}2;%V%?b}52{ zs@ZS4MxOPnpZrqp!{$t$RHjbv`}b8z$958`gopQNpKuMkIW&;#4p$xrm8m?Jug$n` zYovNoPQOQPVTJ)W5rV)#0W<9V{TMRMeQPR_-}4KM%RqF+|OC-K_! z%@yuIK>awvjEbC8#~AALw$$^yZN!(NtyaU!(&L_DCVyot@eXf%QT~|7x2U)1RoSm7 z(-tb9J@1z$A>q;zfmDp?D>)N2&x!ahUrP0f9na9+W}+Rkz=YCV5~P!#N6K>*FHH+K zirhCSy;7Ge)x9l~p?jx>-`*a_+@U`#D}J14Lo+0M6FSFd8=g8qn^$JiM<7<@qsZ}v zY|y5I)`!pI_J-t)!bH+a=kWb{QFIGc>qdYP+SPnpW_l(EzfQGBJiiLTBc_ibj?@sx z@J_Csxft#_3(ga<$;_$F}e1h}QT4 z&VEIw3F8RsdcGE%Aogunh~M6-rMP-ljfT5^)N+RFp`R#LUf%E*X!bzx(l9i4Xj z$SVg82&1VVl6Hl@gCVhiTREBLAzY-sv0@*2O?Uu!APcE1GzqwdtkTCd;cP`%+8NOa zV4mIbL@KZ9qyD&?ayItC^sTl|80t`62QnnQZ*I#X5DBj?d+aDfe?yTgMVUWhyY5i8 zH?+kKs?U=vEVym^J6gF-IB6UzcDPUWON^UHdqy0uPX3Dkq@?m5&6Zp%kcQ@?q#bk( zr6@e1APzNzl0;Jh9%V~xp%78!>p6S{wu9onh7T|A{?LuDz=-)Ii`U2Rz@HxW`&QIw zH;852X5X2iX%5IfqH=s+HhgV`?Pw!ko2U&QOjwFGJX+ZzOSNxi6|m}ByHh>TfW{UyvAz4WgKqKoX;T9H?YiX}+!N{oL{9z&ajUT7l94+pf3|KR&r9 z_d#`+Q$bSP(?;%ruz zM-UHk0O-46GO6jSF?91d*`J0=^Fphw&`~8GWIjio7v&>JT9Lb1L$?7019r<($!Xbj|xqy5aZxZ7>wX zSHmYsQQS+s2DBnGlrX~$I^rLecPZaKZeDH18+eODKoCV!(RfeyT+MIpS>YWG;U5s& zhk95r6vB`Of=m>lI|7-5Baz&2PF&#}{-cavfmbd5=eOb#1k9l{C)s@hW`2YBNX)eTv<115!3Sx!IhTY$tz63+Scv1`$ zvi%;ydz!MLG7L>!=jQeeln39D5cv+aU@_&`7-*$ltotP*)qD~g_0yv!_H|YMdm_q! zd0E7=1baHq_u5~Py(eprH$Vn$vRjnFJWvYZ2E{vrU&8?@ROi(Is?c2#MFcuBh|S@b z-dj)U0CIeydUq6Q7^1K{-=A$*z@ldKbb4uF7}^Er)9@wP9Kl?4-!UaxV30Wc7VU&Ov*hT@I%t@tAdtU63*f(Pk`#8 z0c0lNmTpw^$&tPoSbt+|qK_nGn8lVsV9YN%7V zlg}yd^lIMr?Gq~sPJO&bt$Xu0UxVErCkpJOfV!z_160C)%mzjOeoUL7)arrWmrW1o zzs{F!=MhDQKtU7$EsED$4IzZ`=&ni(G-*Uh7+HKm>H|RNHa;DvsqOtLr}-mQ<_~4E zfk1@>IV~W5WEmqk=PO3bw$?J2kj0ZMb*Wj=&YBFMNBZu7ZW{FYy8#tKCc8(!*A{vK z_VAklExszRb=Sc=K>T-s;D-XOFk7eviGMwP;pLFNLo}tCLWw?y%Q@y!#q0xaTq2`6} zgS@XuK2I#PdZF}~``({?Coe+LSmgrpg494Bwi++~UFS;u8Qc~BbX^epOcEGPQUlkP z0ToP}asD8|n)#mnL@43CfK=5#BWWaoB>maZy2F=aOX?(TRr(z@d8)%3f;7XQcY1In zgBxY5WZ+iiIgP zoP#FmU&)g&xzcM#=BB>#qf0+8D!D_s`^M%Y!C?a1VKmv1j(#7x{3#wLky>f-O*6}y zGx}6jUL_NfL?fO;c$Tm3T;Hxsj&ItaSOLTX(9{T7C;;dYy7ZrTet(1}^?%Qu;td5e zSOixlN5LTH!Z-5W_ted;a3^XSCTeI|nu?&$Ifdb%#}XDc`I|mCmqurg;R&tWyzerP z`%J#~kM-crazja!y~>ZUNIQ*^&iuB2x7QURbHRx9>)m!kBa>cCVBWW}<%jJa{Gt6Y zP8fY2onhmw!jD zarY?

1ARJRc7GYPit~l0kJ41$j0(bmZ&4OCtNm9gGLs&@M%|SRgo)S;&GVqR?+H z`m%R)-{bTE@~E||x6li(r^Pe$JA^;gx9H&dU3o8lyXi|TUZf(hE1r(` zeP4iJlnnDNo5Hjk1ybUe0Ml_Y>UT3N%WdMp*8)uT8081nl6d>m-*JGBA9tj@tecUkFX>gw zQ4UJ6((8>z;Ea-8_l-dJB3~2Z;i2vOh=}aLm&ehH!(9m|Tq0gtyuId05Da`zK+g&u z;02SY^G(~7EYyl=o_}oMVdeUF|n z$N}va?c$(Y#^He_6a~ST06LLpq@F(8bF*6Cd0`j~`w>l%csEXwEI*&H_Qjg>1B3+0?aB>37d^&X%vC$y znML(kXnFwWmNHWt!O~jCjIB6#P4~SG5xeDjjRD>aIZ4$?Xf=&nT@>Dbj>n?_;_KUp_EZb zpGG{efWRFE^H_UwD4@@<2Hk}h5Z$L~oYu}Q%H3?*eXY*tdaFSwm+Xfl=#Z~Jdo`Yt zmeWuZ8G0=7;>DmdQMK? zBCXSS(H!?}sXr=Ndly|uj}xeXxBbJAp^pxQ5f%66$FPQiKO6ijoRoAWf`P4UR`YK@cqyLn;>q>21B;RqVQP zLAy^J()`DinH5h6bHweI>WOAGVJ)YY89We-yceSfv`689G+5!E{w_D2V66mW)@4ax z9_WKwIOO(a8}IqXISkcM&Sg`P3F{PibxPzN4EIHhVTm8<^6xb|&SQVV#cmVLW&!Qu z%0-5HwH(hmA?J_p7cmnawg{lv5xZ`a1%GwZ5_D7iTO3uOcbpcaz@6G#>WoVHJ+@=H zNE18~wrK}xUL{xG+E!<7^H~z4i~A6nzNhic0U7r6s3o0Zsx>PhF`dsi4$Rf_A3@4P zmW~H;{=Bjm0rH}{>UKu1kUkvN_7ak6(yR2SSqHWSmJ>U>VXnD*Vf1H+l51YmWcVJn zbPRQ#v2;VugMDT>YwHmHo384g@sp|CWQCwIHohWP%7|ALS%r+#>;2JsHF_oxEFg7f zo_9C2DWR_1htQC8;3ZWJ^{j&kDqFPxPg&oOv1%Rs;Ppr_m2$nsCUyuerM!ReN;5eTo`mkKuc*IcFD$yxw{p9P*aQ2#Oi+h&FV0w9jDO9 zI^SmsJj1j5+1~tF!YGz?ySdy@I@WAm28lgO06Et2`4*gU=)TB2Xte=NPls5#{T03n zbd%{q=YEU#Ep{*%5sm@jX%Zc7>4X^rM$a=aZ@;Ocv#-i(*kXRY1xb6gv{p7wWaHiP zr6C4f`TWBtUEy<2OL|SB*vdd#eLu4No20rulo*E05m)53Y+vWW#m^J_-3yoWA42bWKw&L?6VJmR(< zE+82Qo%&c91lUcP^!BWdCqZ{jjx`p8%-HJ@26aB)8?{AI98U){1PX$?r{ZTukH?iD z0s?!+wzp~m;5mxisr2h*&{^FfWaNChHn1kfn%?d+dTOGrzJ5>6UM$e}L5P!7XY|I> z*)b)}!UBlfN6u9saK2xVPpKST-#&bZOx*^LaOn{JVN>r53QPggZ&x)AQ#^0)Hh&9D zA)0wsbnV{&$94bvUEIpupEZ>9&KnReH-M}I>ZdI+L!h;dy}(;y?$Xz_NKfbM)uJs3 z+~-{pLz`Eg0CK4Nuq}dLF~&}a`iyqf#qJ@xu=g!}21PIqqu=&wD%UtpAC*4(kFxW# zoQUuT%|2|<+TT5#2z6sEe_Uo9f&3qDcP_Nu+MBK-5|{pXa7b(bf6g`~w1yi@2md9OL# zAEiGf{oMb4xWn!dmRAM(?cv>Oq7BoV_lV>qw9Sj)6@qvzP9Frlyzxv#&%>@n(eRrM ztMa@c05#U|l@2C~@wn1{aNa4yWa?kaDGI`Iq?Ss(OMm@-^8uWe zya_SJ)+GUywEHqFd)}c^u$gOP#-u$XArdEfd<~Cn%L&PRKE2DBA&99L<4(~ug%Fe% z4Swz6;;tba=GEybq4%~mBmEMpF_t`{jXk&11KQCZHlwH3;C#v>HT9K)?Vp|c-#s=IcXSG-f4hkB*Dq-Ryf74u?z7o-HYmel@eo z42mEr9fipVcuV&! z@GlVfL^?}JqYH?8!~T&qHDGQ^e^0BHAq?(Q6xp_1c~~=!*1CObXsc}yNi@iSMiAV- z$|)7<2`)XV^zhPrQ)jN8Kr7Yf$P}ON&}#c1Z#ob1MC?2-oN=8QzhSm3Z z#q(I~a%51(#F8-j;)pm(vi6+3^$4Tfkni|PAO`X~2m--ZDQE_;Vx^_8i>|bum%l2C*X+Sae+%2aeBfUR_ahwb#^mgG%F z7fNk_c?+=h{Q2>`ZG{IS3f8R)U2cpSQ7^|#P2*x@FNw&=kUjq@IBEGXV@?Ztnu2)g+UNYY8&H^vn(fW;=gKLb^)|D3z zc$*--+QP{L>Q{j4JU_11eIPB{3t8e zPC$DHzh~aYPvQ2X0@N#@Bqo2$hKO90eLBwg0%<(8l-fqy`E`CHiBomqts=!3u9e{; zjMayZjG`pjfV|RFFYAPcorXXh2S%E$zt>X77!X~NhuTNnL3w$|JqdkM z4dMBYeC-%qJTrAl+d92pyX*^OG4LEZ15onA>y6dAfA>vXK7;wS#_sGQQ*^NR4=?N^$kEP4 zW*kVZ%BMXy_&4T>{gBES9X>CeXJZPQ98`28;nwq2hzUAi@vZTjB=r0yr>Mt=yKy6$?68brU=MdN&x2j!djXMhS~A0g20hGPMxgQ>NChlR zh@k9_@OnFYVLnz@cdPA91#u!VP^e*VIDM4Ev4P~eM^O0c(ks%5jLqT9kLfNHo7uy+ z#Upmd;{b&tPpKNUAV*C7kcclB`^Rk~^OLyCwj%YmMOxroqgo+5X?pN5Ouq9L)VDvQ z`P-$61^Y;zw*cdG{2NJ?Wm^N~&e-X!aG_HSmz>lmU&f05#uV>B?zI~U^`bpwKDU;j3gdOQPTi%c;P}K2au!yw&>kS` z!zqAz3NuohEwY;Wa`j^L4uSGq8{ejmgM}H+!sraup8UiD{0W6iJSO2<$AJFW4?F&( zRH}`$lp^~vK7-hNr?B+q1>#YfR)%Pl3G4}5y<3!DoN{!Wux+549`=2jpx<;eU>gQv z#s?V`aNL;Sv~Je2wI}01>Hwnz<0pRkQ!gy9qkuAgzQ;pJz9~txo%hl5Iy&tOJx2G+ zMERv(-!$BD)X(iCWNEdB}Qdw@Qc}{2|!VzHK1u4W` zR5#^4ZJ8q_OUhBr)cEX$*`0*8M6_uykKNj^yr*{h(c7vphCILKOP6 z#YQQ5J6}Z24DB5WMN&!ALr{UMbaijI^3-38aTeHAN3zx3LxR45wamn6+^#JRQUI<`YZ8rdCyDGldEDyWjfyJQ5HFq?3| z0S<;wXuiQ8^4&eBRZ4vF?eYAFA2ogM0rAu^Jkl38l*R^+o)Z(w->TQ=Gu^zAg)Z32 zYh=BhxzMnNds2aI1D+@gFJJzOo3w3EaVqFu?SU1-ka7@1MKj;ZQ6c<-?>CSn3Gz5o+r~FCY(Z1-DxyLL#KHxE(&pQ*L=r(;( zvdtDP9o4LpjNPHl%P;x~Ol7<D4Z^{_KEQ-$7CnFRymWig1?=`yUVlI*XnJh%qy|BqkG`o;(Z^Z_M!2P z3U`m2jM%Uic(*ZEgb0iqeKEAg_0$3|296QQpI$6j52UETq{zgrL4GyotYR=X$u$~a z?=(IqvkNpAjD1Y6)XRHTwpldY+ff7rh8lkiIL>CqiE+%%7AOA2H=>`>S??W`R6Iy{ z9a(LKTw55}cFReT%pu5mzS)yPV&(gpI%1!S8by38CGlBQ33&kYqF(6gRiqbkn=En7 z`;v5k7>QcV!e0{B33@=j`g0-fgr(CR(LtkRlpDyZ))w4?z1`El2qI3asmKD|lqS&l zhHCgev=Y5et4OyG*NrMGY#hx0Nzw#aF& zp>Qe58VYpe(5L8iTQVNUO^0kY$sn_nr*BrV@m-yH0HKZ2&sCWjs@NccKTK7#guY3# zogV58#i`$GR8rc!>-6M}PJs7KHeU3*?@gJ>Nn%+e*fn%+HSrJIp-OYo^m|ZS$2T4X z0(oAKHmqH}=7e$WJ~C2Bdubr~Q7iRe_Ymz;xOj={OV1rD*<7&@BgZLk7uIPLK*;te zKSHKcxe|p(Lq!uF$DTb8r^rmEHmhl$JIpKM@u@MV-7Dzkl(q9srFbTtE+r9Zb6uRJ zNuPOjUbQTa2EoP#X4y8ATT&ARA%MAagV0m3U@BS_8ZMT}6`qW%l%v7{4(maUp3y+4 z5|0`;F&bMLvqCtt|F|&~_PAtu-wE-iX(@bm_HODrgdoa*yv4CXO>GtmC8w5G;^^6^ z_Eq!TC(LR%$ugVqU5+CB0K~GR7zB?~JxNhF)64$)GPMyGzxx*UEUUktaMfZ^7nj_@ z3bz*T=#{4o)$G~yNz2t)TEHKMn#pQ*^dAHlK&eKWHaE(I^VJuS$$#4RLV_z7%qbs# zzajAWX*WAk84=@Azy=LxED}nl+acrC^?J>O^+aFSl% zHA>N$1R>CKd{Gis4G~tLEUMZX{bc?28>`;))r81*e;zLT=&acTSQqAG(|!+87`s&o zztnxK)<)cS^tEqc@37^zui)13m;oX|IzuO~h&Ywc-gwPUjtW5;E^lALAVRGu-2$YJ zJRK^WQ}O6oNs!87)_nzoypF2JF^jd%*!uqLAJ_lU>Ycl7=oy;N9Gn6bGC5f zMgc+;&iH#Uk$K4;M|z@qj&+V_FhA&YPxX={R&sIm~NGkR(nG3Vq~v8<`*f zT)p3mBwV)At22B@MvUxtiN4gFN$znr-`+srLrOAkzoFI{Ywec_QVBDr^YZ4C7qqbw z)r~!^FwIjTIK-tAJ3~{uHz*~NYm`Hl#hc-gm0|@}nS?Msq6;lRdJ%M6*=}Hy=alv` zN7RPZF#D<%j?wezz|OLzg|EYVpYzkpm_cAzyZKF6LvHvmwN7wC7KYi59Us1o+be>^ zK-1lLpTDVmA{s@lndL_J<`ssoD0VOT%_gq`mr4Vs*!=;_qgcpcKREwZ&QSM{fV0o5 z_gkh7zi8w1{Tlfr>}>5L^kaz{f=-1}5HdHA z%FnZugDI~o(pmMF!?(}JYf8kgLP|$39#j+fkt$Aagi5TZ`M|wI&?bPdzxfd&9CA&x zUihIyPlw00DtQOJ89yiKz>NNmF!+HKG=wWvaXhTa4(8~0FNS(2pPZiQjtCz_1QA1H z;qEh)9;wA;KB~Nm5cjHa&nKF;7t%KQ+IW{TPn_?wZhdA4mU$r#X}#3R^=?;{3SBIL z7Ili%-SiKFvk0vX+RjlFb;wrd^}gsz^h=@ID4ZM__?tCcRfwzXit$m8wl z`~ZEsf(UtmQPt$5*=*g%j?liJV^0OgYhYkeqPg+awxd`({w;9ES2_BsvA;`bto~XugV`ro6;>7 zze`v+5~ibv4YSk3x%vf`(3xan3L__X=bhAeK;OzP>C)Lx9_iaxQe7mZTrJGL3@L z%&n++0Y8imEhs$+YAw-~60h58u}6^u$~ih9#`4Ww_eu5ZYotm-qwNg)h1cwL=FjXK zH0`B(BZ(p!svrnL_GOlLL}kS7mmX4pA(KUD=bp3E!W7S^Pch!_0h7!G3^fX}IWgbS zDG18%i5uwyizC(3sQJSE_B9mK^Hx`0nt1Oya?)p!cv_2S#edCtwycS~bRRa$aOCQW znWLx{20%i0)Rgx=i966heBYda!Uoi)c!yJ8bT~6X5^?t}R&S9|^bu3}eVd7Up1#JO zBbop`TsQ9rk6V20ql(2f(Qc`E^MJtV5w{YZ~e;B?{D<7ix zb}H~T+3B_z$OiH09~SdC&{6ZL+ZFWgSAIVv_qYmZ1gN7?ItITw6_n)-lP{PNb)4G`fAIH!2{eM1-APYJzA7^_n=-;8QOnrtlP@ z6)wxL;;n&b^{V7ISGAFlOx?@Adu%$eb#B5(9$58y4!1O^|MuOpIZfwyN)dlY$Q=JW zficP783qG~X_6-hkuVsW{Wm91|5~}?m0y1|B;jw#^|#NK)an29`W3>T1)~^s` z{|o8=c13LNJ=h-lTZ#H?j-C0~e^$DFreYPPpdZQyT+d@N=VP@<{1&E8j6ZLCkt$^Z zqRBOURC>U8MzTk4J8J2$oXv%)q;Ymsv&EGAH@be{z>O9%IH!~j$ac_TvQhDfA-{`* z4LbI1*5HU7TJ;n{Ax>cs?UQ(Lkwgq>7t^ z?Hy4PSY1NgmtNLLkm=A9_28+&=g_2gAKBh^G?EM(X#G|yRE!Yg?Z3BdUQs@Su)%p< z4s2G}7lFDK&tbf^*?9*U$y;N>_Z@HhAUOc~+O4=^Oh@zWmyc~b@cH$wxeQ;DR9qXk z`KV(-1wbeY{q0+Upr24$R?Mo+f&Pm1;OjNoJYw(lsoKbB-hIAI_D1C2sQj8nE1wFT zA#Jw1E=qq1Q}<|JWumGn741? z=8SN*2$R>N=(1=|b`NsBQXYU4QH71wmQoS{N_l~I?03?l)K`y0$QqDozv-uwZ`_rC znJ%4#K7MT@JVA4?U|xEtoDwX%g?z-j3b|F|lJ8fkCc2j6e!uF*VwP)OLN5r}a2${G z;rJ<~z#l zW->57A7Yf_wR-AH>xw7RaBoN9K#Y;gr?rhRf$Xxdw69H-;iV4WCAW)y>S-VjK840m z16tIc*?xAXYCY@RldZkSi+Z7TrK8n|hj&1UyHkW5ludOY$3X^VV|Z(KFCVXuqzN2I zFrCG7mEH+b=+P_h`PRZHrJp{PV1^_FnYsmf=x(-H#J!&%6m1Pa+Fi)WUAcrZ!Y4KR z39!bKp9atPQuJ-g4?WWO6j%w&>0jdvV(dNQ)*MRj7-RLymsS4uMpT*M&`S za6s?A^ZELC|3;p#qkW}BpwxWZzZn%5gi>Yb(bS0fc1a6*drv-ZM6=|q7gK$#J6?4t zSKSFyP4;qa5SL?bz0VV!PcHq|T@G)FlZ#0j*z!jd$|}`9m~y?Ev1}BKtn{gwyd5>S zva5-_!g2u2CXOXfKvg!OH0~0JrS79Uwev-`aU^t^u5_~z#5hDRNkj%`Z}@w22XT5a zRK%#`EOF|V986oX+#<$rF>oRkY7`<&CaPpbRvex#KF06+VL&?Qko`~wK-HMh>qUP1 znkWB-4H84}VC9D?Eba^(4ky2^KuiRr z^#m8s>S*QmT5QFOdR9nOon7+vLeuF(qb?p~guH)9xHNCNQ}96q2`bwN-f9 zQ~Wq6x(K~b@~vg$RjoTV=IUNCOJ(aHGX<3?x8eO@;Vo0W-yi0(G-?6$(*`* zBXh|P7d^V=)EAmhq6IRk614{;;o3P9@p zGL{J}RDt@7Ldwbo5uR-+XO|bHob<;dk=L%!ML-k|G}Esa|2)5C$%o|RaB_t<>f%@A zZBqySF5M2Or*@FdT@f@ludiNf^eX@&l5E>@|Vgt60v+!oMy6szI$4|`~& z=d3sfN>AZl1p)br<{Y*O)_^_76*xZ_?NCw`UJ1h-m#oEmd^h>guM%7-FISoJ_N;2o zv{cA>&Xhwb5}~r6;BNV+I}%jw>31-JB(cEnI@`4K_4zvO7f2SL+sPN5tFa@ zMu0ZB6x02KaMO$av;=CLjpf)wAStdyQQp#&`OY(d^Tbex?H}iDt(*TCX}qd3-BAWF zq*u53`jLEc9UM$+ZK|S;mV<_|{qOn4H@fy+`)Qbf2qD2~g4BD+AJmu}SfDHCHP^bP z!yRV#P7u-fBfFup9vNN`jgMs$)I7BJ5qinI^X=Jq_BSXZsZ6#JU$_D~47xE*7J;te zB&-_OAY}MxsFPL?z=SNKw0xLWGjxVf#i{yDZq+$>Tjh1?(rhtG(YQks9v?EXi{zQE zl&RjYQddS`Z6!zZ@*AIuGt1QRdpRA`zo%@Rk|~?!M2!EpAIJMqKE59R=HyGA zfB*LPzv)}I)_url{4XN-UqtY~h~R$_!T%zH|3w7< ze}o7kbj%hEoBo|55I_V;miRlHk<{NQ49&;_&2f@R{+kh6fB^P&Iu6;EuFLq(*W(G} zP>f6e*GuN}?^+M#-vpPl{%^iGPf!2cs{98#eD3#i`*ZWMe`;^U=HTN2a~4$Yaqj-E zvtD;bqE5b6T8+(0;t)#V0WpUKAMVrKTDvw-w6s&#QztDZt zJFV|}CO_XSPGkVYZyKHmjfsX)a|z>qdn}cgL#@dcN3Q+jLl)90*4aWQtL!>g^G+No z^S0e;c0-0{*&51aE8dX9qmdb$UM|*8q=lpE`Sd>?F(O`&39Ti3W8@uZyp8m1xk)u% z?v;?+6ns35C($V?jKJ?tiZw3nboaNAXgx9DBlUW{*-Q}Sfj@>H>`o$fq=-bC%{zox zNcnDVcg`^01fg_Wnh3>+Bz@*Y^n>$ZdeF&h-aB*-C|${VMr6R|D#)^9>aGd%w?^Jo zRG;`POUoo#U3McO;z~-@Y!(7^CQd#^lMMK&h)wA{5R_@&jjl|Zh`bX}2fWM`cd&zi zM6HgGr4Xbte?x0|Crh~x6H0Q_7)?18nJ&a}ChC6(cbZiV-yWN5AGo)h{=8qQ%1#}wamxj zAV5G;PztFk@?hFGc|W48Grm(+c=n;hPi~}4T+=wcf)ph36krFW+p{whVmBLm{COUP z!M-2q)s%!zQktL^fQq>{KXd#-S^SLQvU^E^XtEVwQaH%Za6 zOfgq?>c%YcNcfZ`i4Lnn1?Vw9eF6doZ9kv5ZE_Kh9d5jgID#Q*R8m7WTg`%V+fZq> z0_k-6j$BW|Ldw~)*2ZV08m~G@cjeLG%|YuE!96|=3`cf?_oJXNyi=Vxr<|11d>ES0 zk8`+RcclWGWwxideUf&HcA5NPk+-;6A9qPK_9EdxBDxyYU|Y6S8^4;$?rAZ81fs@6 zqO(w60$X*TP4?ieIrdpfli$z8m0%fjYiRdT4j4L+RJQ#`TKk{SmaC9US|x4K z^|sj?BXm4^XeA=1!8u4r&Wkh4Db~>>KKFdQFT1~XR~u0R?%!nPKZhF*+swzM(IqlX zuFBB`K5W6<(@%*3dkQwYpqi=MdulHdmznNn1TV%dqZa>LW2&eW4CHY;_) zbIwDY8Xcy}e-KXJe2Xgsi*=CaR6ym^J(Gql7C`Kwh%jQr zXQM-Y$&?fDn|Y;%BE0<8Ae#(7Xm-l0s-sf9L^dyCL;niTV%;n`> zr|_GE8p^!S=Vp?frEp1yMq<5nir4}$L36cM8{N7kUYFBp2**%H0OyNWW9x(1QB^F$ zF&<;WN#BX-5hqz#sPgy8QElLDsxR0@5tsEr`^QaFgO@%JqeR~Kb*iEN>H{K+LXIfa|wqY-nUa4>Ez@a zC?GsJE?Bj_^ef{W!e}o}q>w&*e!D?io}c28`eKZTHK9KS!M4b!coe41V4Mx;nDc1K zV6}Y#9Uh)P8_%)?B8Lecb#BLnz(OqXWj?dPL4|jJ2T3!H&*~P4-rf2mp>&QRC;kJ3 z7@ki=$eUMza2oXZE^l=g-q$ezSB7+?=+Q<>;}3BOF2$9$PNXH=5b?|VC=2MTm%8PK za5qvV*$Z3N^a{+t$?&$Gbvj11e>`vE8BNHx?w4FgGk)&BiXQRDzLINPDpN^gQA&|1PE} zP(oVnZ%F50Gdq+q5J{37@*_}IWM+8f!Dx8LLNW%lfV=gp5q!9ocv8%$?xl4|S$;sW zAnjuR8*vUjdd2vGr(RwV&yV2qR@sG#@C(9V$>@rKv_vBgY|S zt1KKJG2Bp6Qvb*w@Dq^Ew=;2#d3wB=r#x90XA(ZmG$CAWQ=%=$Zc~pf190(Va@>0? zgx8(@#%@M$_}nL_+i&rrS$eZx%*P9tUe_uMNQX)l8L^ji)W<%I0aDrfdVf_ka{I2V z?5kv9gm-;^G>0z{Ki|afJsC1~zT!l4`>)~BA$4%^XVAkCju}LMjKIE2;VkA_(B*nx zibo#wv*TY7Gx-arakOH-(Z}(Azjje`+hrpC1=$IyeoID_MpBrz51HwNB}LK_d9&}T$^3rJ*Ix@{u{PNqI5m$>fZKbhmw|eKiJxGGoso} zGc0JhTpra~4ba&iCqk~ph`3KH@xv)5%yNMCX%PoizJj=TDR>W$CsU3~Yu{mrmz{l> zHL%^|Yhm;IGs{>qZxR{0pTR*FAbzHgXb;@T5=m}MR`y|_Wd5WTC9T>L)G;E@_M|-Q zm!;&UJB|(Wfyn3Ms)88`QFyJgZP{H1G?OF>%~@WT3LV_n)}LkEzZ~yz@(84Tp1@nP zWDw|;Cp1wl5dn@oVA1k{f zCKfH2CNY1PGOUVEz=aGh500rk9DzvM>ru8%YqeqzFKvw6iTA8F)qCXMM-~UW_f2M; z$g{)&xVwcbRPC zK_t{Bz)E3A*GUiF6vnf`^UvbDb7FSw zH|9sC&EZw!PFdB0dT&~RGb3^hHoVRoRL5?5QaLYG=&cRD1peO2wIP15g=XSYZDa-u z0KWhs4{@U@AsfR^_WRwkz;^Z{U#jQITYZ58g;f?NXp#7*Gu&HQ&*xs$&<$PmH>j+) zT`EeF-48c@8L!GKM&o@|@%tp6$0RhGW-5pHMwt$;bh_w1JwIMh04qS$zbe$|+CcBb z)aS%U#-SrM`J2NnkP%sc4ytJ#-1`P@apU>AXwC655xN?B+)fC$0%K`$j*F0bx66d5 z69XT7SrYPpIq85LgGkbm07TBpMg$x40Y$Xo^FSx%DLzwl)L!Ltj@}1U>H3p==!{EQ zG`xvz>NM!u)iM1s6}SvqpgDhQDZb7Srp)YVKcxc+Z09Pq05kgbp@P;mX)Ox(q}}qJ zz-9|U`j)YQ4kFZkUf2VawFjxYQ3F$4r0hLI2uj<_$J)kH3X`ymov?z+7W=AT+y1W? z205N@zF(y9QPuy?|N6gV6q?})L;oGm>GbbJoX3A>Qxf?*L7*v4qb!2Q*?)WGmmhE4 z`Zp&}Cyb=t=s)iu{olV^r2T0X_1E2^$7Snv^yhAoobj$Fg1^gVVXg1>_X9YAZyf1q zfF0!lu5Eag<7~+T$HEKzy>JPRGok%g9>{f^^h{O701T4jbgAziHp)M3L@zz%xkr8X zjckq!baUI#i~gyMPGVr@*!9W^aZCZ>Q|DlY4_Sk$go5~lLt;R7dycBmf-Xar&wl^EpHpL+(o8a zIV0cdILLjr1T~y1PUdG4ey^Cfx$r1?UZlMZ&s_QihFP`Jnn(hsuU+TM)uIb|p zWI2XRm2*#F(w?94VROiYc81wRWKXF=OcqkQ{z7+TD@JL+b(4%-hRe z1uQstudjY<0Vod^etEIZQK14r!?^K{=8`P`V4-l71yQEu&BC6 z&sJhCQiKg1J!11DsgB>8iFWdl&5cE90WZ!?*V&FV;pWE zNG=gaxoPJ5BUNGxeUCwvVsL)KS_^;kv0z9glG4LhWP1jwx@b&@KpFO3D9lGaD5iqx zZyn=e(+e3U4_|HtX$F90R!+;g%!i1n`EYdB^I=qrmX382>9U&QAR^q)!zdXj81}Be z;BVMG)4RF9U$;0w2Ew&oz^jQ0J3XPxI3)+Z&|>tNS?2jAWX@7ztwSihQQP=Vgw1NQ zZvD!o_|=3htGlJ+4)b#iNRNz zQjScy1~1K})JVjGbFP;U<$IJhrwXxHWupB+yg(PZU3?6ZZ1Ft&v8-xP@ zT#zqC_+bkFiiFH*;LB9R%v8_Z4mTTPDlP(NmIEs4Q~a9eM>IDgDGa`}8@yxKL0-o} zxdkH^jKOXTi!I}y6dUK_?LZZ}ax7chWWzlzMShlfGs?^)K*uJ0qXKK*5jmnhqxCW@6yN59+v?u%aJF_vgTPJz7HaTFy3 z98zEpcdI1NeY6*$Z!!SQH>%;mmX8Bv7vVxp4BGPxBu{Nj-9c=a*7CV$+7) z*8;NmJBzjCZ6*I3d;hg7J+owsV%J-M-k~ogPz&@6k{z3}$>Dvw3m#?^`0c4Zjvq|r% zVX=TYX)IpGO^A>8W{PKI_At-+jwnd4EIhK>dvP<^Vy1>ri z7_?}?9OzlZMxi5HVIpBCDesKNRoyTjWXaOnt1g}GBxb+VaQ5xfj}X!FRMcOGB&yh* zw#uvYlvU`jZ)7NKrV~M2{BwLs6t;TXw|yGN(`FRwkKr)^{y-3sqLxg+Wl z)!P^#S{fgu{%nX8`}tO`Ng1*9?^t^PE?qK-9tEM&Qr=i{;e9#t`5iLD3&|xWFxl&r z2IkIx6EY70M$FG7nKO-8JI!U*=L!n#OB|X4=K}nI!Aa2c?)OBT4o5!xsH@M^d>sxo zLUTIDQ_?*$fG1*UT{E+NaLe+5AjZ%^zA0YA$WWT;0qxU5%t`Y2fH-1Raw(H|X|XWv zqdx>lB)|@duB>5zIIs(xLZGE&h@oW;sbrCvAntS82pbC=Ga5lnLpofMJqu^j3)oow zy;aq2J9bPYe~f{q)h*$);a2tsXT0;w@(SQ1V&!vARb>m#eaVFaOhWfdce{kJ)|Kbn zcf&P_ogLQI@#$-fHqq&ztu-3(2G+y8bpzwG7Vy;!!h`KgYppJM#pQ>-ef`@tUdDBf zj*B6pT*7ypG-T2t%YZ>(PAAaSv$%GxotNC$OsL+;`y?aPe(;-ZSKiq@+dFc9fcbq- zM@KJ7N#KE1Ghu@7nom0tiNRQFuY8cjf+I3&#~xVAJ!<<7M1fBTEQ?T!x*TmufQwVj zgfEZD=}SD6dZXX!V@NupKF=Jv8E!r;Y5KrtpxUD+^gA|)483l3FxBjUA0PDq;sy5a z>0p%{pL0sVZf(rD7IO>Xl=g|XW$A`e}I?BakEA8rsYe~`Zm-1tR3_M1c$T`%HkP0 zyhwSz2T-0}FpWkeIsnUfEyS6 z0LMfwZ9b$F4#ElOpoT@n#Ico6axC+>k2o=b3vu`p2|r22C$B6Fp@%-gm8Orf)cN_; z3BHxhuBMn8N`&yZOR(IHlQ1Pjeu*7lpRn0YbSn|-#D1p1pfFf*3)m%7;tZ?-7oWVX{enS5Gy8-o;Xd(gWCBLEFOTu|(}_bdee3hg7M z_K1DrXQoXE$nys*i&cWpL)4zSNVT>rlKr{~enBS6EH84*_iH^&7~aW2nv$Z=q2aij zz3?Hpq?d^xKf|*@M|ct>ghoA>?d{OU8?`+%I&7q|A0*+HNckf-g{-Buqw#R>9?&j2 z{?SMSl#1&i`Qw62x`qjBbkM9^F90k#g`(yFB)DNq%HM+qCHw$Lv7MN}TVJZThz3ML z^Ts6>TL2FvCLk`CnK0<0L^DINANaTuN*a&{m{Ad-C-g@HFb`#>g*GJ^l0Td3q&A}A z0YAY!Buo&z*4V^CXe!hNiOYZ_KIO8aeG3u&s()9`Ng4YJ4BqoAzJM8n`C>UyvnQuk zhr24@UZ%BkluN!0q!IXCj>L#dy?-}Ewb@sk05|VP?fr4E&pSI2c``{)fno1|dT}}w z4F1&LEIQZHfzmQz6gFY3Y8F{2N8FJB1`qv6Yg%b>M#P;J%Jo^2ARqir8cb-w9DXb% zQjgp}aP6wO_0Rj3yYu_$p7%wd{8eFYY_`8b@$Pc#(|Ej z2$t4d7$Tkh)q%o*HXa4BR=<2ZZQ@JFw(_Jbwkp}wTGVsJFi*pA*xB2BhPevUZmndyM5NB9{tfH z1QYjV#@VmeDdiE)e@n4=JWQ3+*<`44qc(3ce1`fc#dTk12dg&_B3KpP#3#MJ#Cg%g zcv?pQ>vCbRr~u(iG}?d~XpTF#f?tS?u$ygrB5OB=le)J{iur&OyzY}dz8A}lXWPAK z+{u0J>Lug%B;wP#)3a1#1sgVIYS=UZgk2ZEB>x+-C=G)8jz7yl(!gFiR7N0az9QOJ zZ)M_R4G$hV;~D(|>h7}(-FakkM~SpRI*!8@MZ=8scCfEcEN^~%TfYVuInAMr&uBNTlXKf1yJv+n>>EY6kt#}4))Z%4 zpnip1i5D(Nf@dXPW_$$v9{zByhU`i}%u{At>gDvu(0$ObK7StGO>;6fc>Y~WfQ^Ii zuerM77!QKuSCyBsfEf-ia?yJ&FX5_U@8F6Fl<0PrTIJNJ=>_@+q^LBXAyUI>@`mmZ zRtDnbp!DB@YILagu1-Oleq7E8mhCC>`6;6O30fqjh}%yff^}4bAxDi%2-J}kTV zJbPw>I*+!>RnxbMME2EUfA>nA-ZC`^TPpWoxk8(f$L^gR-)DcnO`$}mi|vi!xQ632 zYOz(r!$T=}Wk`lrMgE-#iM~hcb#oQxiVGtd_is_x`>vUM@Zld?KGdNI6KIC~TAJ+S zf6PW_)ba(1?m1Ek8oJ@!kE-+}CCCQ#F$cbH-H8IU@Ofi)h;eZEj^_vHh{+a@Y8>{T zd~`pm+&3l`-QO>7BgFdtEpix$IbRApS6Bl=Ko|vrTP3JJ5B-{)$q2u&w7&gI!skUi zPor z!rHCyJuYh3)di9FjIV}q;XH=bGP6)pGpzR&8ts)WyLeZXFV^Ec?kfe9meHp{i zom3&Aw4msOui~ZQ)BB|U9KO#fP;V902*ARXZMFaEKhhD4i5Nd0|FfYao~QYaxB(ik zzd+#LX`x_5DR;WN+_5D`ULr- z=7K(yGyEA~a(l;GEIx;@yW*=c&|g%kJp>AZfO63%PT~1acZSqHTa)%EFJIhp7AxY7 zv=LaMH8Ez0NDRWFJXh$HZ!r%8nar)TqBHYXl&y`lFp`>N{H3y{G1h3I8wnq;V41gY z<{uoh@V<2vvfFHr%;p^@Ee7zP9!)h_uK0>r0>tK^*t&7sKST#jr6ZJ z7rin(kF+)&Ap1y?J9z=8{+v{)&$93WM`k{OeAU$AK|O@$*!Me?)Xq7-SW5niX^pEO z3oiSn-pNNuXZk(y_MXltrkg>#7sZw=1i%5egUW#0cj&ynXcp+wdj1uC_iYka#13|%TblgJ(v#q5|Bvmlbo5ffH z0N=Tusw;YI)Od=NC4*=9!mG|U&>s#Y(Hdw;LQw5^#>{t@Mwy^UqbLhzQty{JOL2yZ zY)O7H&??`=3SfU!ti&<_du~INhqba(c!6)?YIm5}6lgi?=bgv=7*GuWrQwoz6hTBw zd^2g{mi$e%leJ?dX>VeWNH2 zGzyH74D;iN1T^wF&zfBWWS{_MC|YNP``&j7XuZwTT@M90X?UtZEQZi<5KRD}R#5s| zqbUp*oH8Tr;?S2Wb-rzVU+rvsBnkJGSK8Xar-_$7qLKl664E0 zJGLy#z&D5Co~&N&n~eDF1OOnonMMm=wL-kUtSts$4=vn@NPisZlH9=^La+WUD4Zjx z_Ch65GGTQ*(RXD5t*^&KIG*^0u?rn>F%-AhR>)3#hvozC$x#b_sbUjk=Z64F?FRwM zb{un86aWIN!%r9Uk|_Y5RTP5Nx>F=*-gtgRb3fU-C?D)*D`5+@?)!4+`=+%_pbfzm zs3ezvMi8nWxd$;5{G!=uK1|KN7#hWHJVH7nFme8J=khCK6ooCH{)tEHuRxV?V)JTs zqwWi`eXtb!{Q>_3250Ecr|AC*xZS6&f)&0tm3YSb@4JTl)D`M=x2n{IQhRm%PzQ|w zH5J@@XO~Nn1b7gUQ;Avne0oT)2vhxsF}daE{Gyg!5^_UGJj^OB{r1rHaVn;@Qc+TDLr*enZIWI5pkg)cXQo`5`Q6xMM~d zeqTenWOMR?oM;(hklYLN_%Uf;Fg9zy3k-@&)v5@_%#=cRLA0S4gHciLd;j7zMUCAI z&90Imo)U=kK_c)Umcy5n#;oZB@;T#`C6qKD--s4v^LajW!z?PaF&`EymTn&`_WTO7 z+$o$h?rDz)dua}D6m?1#Gn(_@5Vpy;!B1LVNbV8x!-f|@um+ZNU_F1oewd~txG|Cs zi*5{)v^jc-VR`20cGhBwmOAa;esY9|&;h#pcp5`=vWMU83xFia0!uL4E&7-Lt5cX? zb~DdhmVMny)rH9+$vaOl>UA45Ic4#BQkJ$c1(0^W#sa~3nnSrn@{M(rjJ7?fMwPRE zO#LakEjD%6RpPb_KI%&tTV68Y?6qeY4mh=kclr|Ueb0|ezWFgIVMzV(`zTQPjMINb zo6s-k;feaPSF?2H4=KTPd7$V^Or#HS!kW;1zbxx~lYcHSui|ESrEg;*PTjGLf9k)2 z4GTcx_rc{kjZK(EVi-ol4-Lr3x05>qCvX7Hfb;S5Yf-aJ^wbO__H-w+D?pwQ8C9Dp zt(2!l3VC^~F028Or@H`2Nm*;w?#JFF)$L0zw00b3O84loSDHknRYXTnuz!@kL4K?R zJ;-qpmqy!j+k+>ty+L;5W-pB%I|BS00MG*bVdi8_53Rws1mZVzK#=}JCb)ZLC$X8g zl8>H^$1=VO}{ELlFNJd=8;J)^>$UaZ90DdL=eY+qRBW72hu<5Jls0 zN!Qc9<2yEAg>Ax2+KD0xvSz1iBEf1L|sRYXUgRL&LV2 z@Vw0pFAJ}^*c^hS)J;deX#20IgRTH{SIe$I+kb`M+CxK^IVp8^O+8+;NruH z*r43`G?-&wO;+Ki%c??C_Ohgfj<}zLCz*1dbR(}R&oKa>aK>k)=8RCHM#af}-^$Vw zKDSri;IWpo`SugWax+wfL%}-kYqG&2H7KxX8lEj*X@UO=!HwP7B+fAQ=}Q7r-#&9z zaas}k>Wec{rJSCg086BtL9hdsbI&!%N?X#UxfXIFHN^GC#D+O*ml(VZl}^*yO3&vS z#f^W>-M((O`@o%39rK62QE-PpiM~_Hhx!nO)+~QHe-2-_mnYKMqa{HTc2$!mc^H zJ>Mik4uzAw1Q5^Weaa(VRgh|pKe3eCuW3kjWz&+yK3ulxxUO?i*TWyb;f`30Ebf!L zzMI{IqYsKRV{aZye)5~wtpkO;>sN~=`{^Q6N$%Jve&-LU4a?=z(3=#Xnq*RLlG4>6eD6pW}elRAZQ8N{M}7ULXcq1 zf0~UsY?c8R&B|$lK)^m2f^zBX(}nV{*QqhaovS8PPkO!5Q|rgyOXO+Jxq+3q!PzgQzdbRE^d3C?Z*DKy$q?p^C2nON5$jPhuJ5@5#p_+=hpcKg&foJ&r`Va{?;@6}JHwhY zc~tLhQn>ij{?pB%=A9L37P6Qis-$os6>jeq=r`N$;+ta#hZQ8Rg;uxqh+bD#x_Bb} z`hDTV5E>ChQ+v3jji!NsREDFpOp{P}kC;Pcj6?`+I}(+>$g9V19(H-dG4MB(ZjFbufBgh&S6G{;LVv>m;{7Cgg`HLz_qF!p~WN z=^AI?ck%UtK3oV^IhErYiLa44APVX+!YHPQOn7mT@jD_fuFO0iJr2S1^vWI4uoqD& za5y#0MxGg6U-^EZCmQC0U<%~EjP^|=N%Hvk9{|3yYXX>xI!s7&8;1WDs9+mXee`^k_% zsj5yuy;tX_2ceN{4IbAWg1YN?-*)eaA;A(2W{kUdJ1lj8=?o`pzV)>Jo&g3b3;F=R zx>Y;*>-CN)ldk|cQdFxNS7zO+Gd_1VD8IDQh+WW&@0EAB1-TlEfX8us?-TPKN$gNV zT?RLw54Ex*OE|@Eu*fe*g*s{ZJ$f@i%d>sm9et&D9}Duwc50#-XEkF|1NKdph13%L zE3TrZ&N^q<=PaZatIwapMf9^HN4UKH_=RZ8r(P``8$bNx)r84r6VWBF1egfsV}1Fm z<0tMni8d}>wx=2xaP{<=jOWz)FF*CX&+Nl{hjy>(BKqDnhHMMqnz_!*bwnD=^gwx#64sk-jR_`kHMY-V`qzMD zj}X5nUH4oEINJ6~I}N!W5LmPM+ot;Xa3=bP6W{D3qH#X6_>dabH_$p{zOwKG7c=2B z1RLEL>DETE502v0wI~?#JI756XyAz^RIN3`0wtDYxfozI#hK8C=qm;P^3K2>17N9k z+SNNlUKw`Pe$iS3{iWJZRp38R<2Y?5-tnw`dFPIwD9|(6)#oVz8?UPl zCu`?An#^Udk{6YV?a_`SMh87ZO|x9H5OeiY5_GLCovC}vf8QN^D2qRFy!cx?^#jC8 zr7!O5x(lDO-w;)huBC*|uls%G@SpmLQv4<3KAJrX1>${8Jr9ab68SuC)|gRbNdU%6 zIwJ5Zlqq})w_e=ZUM=5@I;vX;;`lE&(R6JBiF@_3*_G0Rqre&m<-q9;4o|9&C#nXQGRYD z=@1=FVuHz7bc%}G4Tjbg!f z(hKu1;+RT?>|R0}3^0%R!9x`cCy2wo23&uFw4=|%Fa!%xrYhAGUe`F)1ZDsQd*680~WtdPTZ>8yB$Easym6k?1<(kGoI&ueL=V zD$@^1VQqp5+U;LP-m%-V>)HTwoOxfGgAxYo4ASyy>%y(`h?(^-o?Q|IypVO}g9Lm2 zSb(MvU$PK!$qv{g8q|U-fL2-CYlyVwMtVn6J;C@m z++yZeu$KjVCKTWse4KitHU+WmXM*YwFp< zvQ;2A#Nm4vFAbn`BBI0MBkyt7!0G!3%RZ7YdZtt$aTk}aAcL;_=-1dOMHr({P2)<*Vms%>CI2MZ!8o$}`*=P5|kgrM5s+7R(i$QsWD~S=P79VQDhb6 z68ulnHzQ$nB~9RuBe~cpby-`?b#^}X$scICS=rqGraAF|zmkAHQkm$URgnvD312`< zec@&Tlm$iVLpZ|*@Pi?w391}TBDo_=UQuugsw8*hRu-vMGO$_-JRT3AS;Q8%bcjyF z?h;XmGRB8t;l6A+ZMlP0-A^^h`|c0}mwdmyOLD(2z@2w$zXAs}J7&y+dDvmoHzVd} zVcbMjt$pf3^3>ka%p!yFWlIARD$@*(91=P3IPHu!2fKvXGM9;gWn%yz6z22< zys$!=e+<>)GTuV{59z{8;?HgTxe5^(5?3p3PrdFnRPd~SxGTcS1ElHuWjz-@R}q+- z&AO~-$cU%~6Wigvm`i+VdnfR|Pm4m#yTST~7XBT3&Eh%PY1*BQ3-k`#FEQx|U2b}CgO z7K<0|kJlN$!oO{o?&MCnA;VXy%xbpRBNgODIbxI{51cJY`P{ z3!St|8()sE3@xib2d5jo$PzUBbzU*Y2e(*5t-i>&cr$c`Fpd`OI->F(P7Qyhm}Vmq z*elo8m1o#WwylRQ37hjOE1ZFdqj6^n{ii&6-w?mAmYO(o{9|f$T=ZFah-3kdf$`Km zOBnJ=8K#Tex$f!@cPXs?&GhSIV#bWRlT#MZk*5gW;=(9Y%Ia z`(Sf{o}(rD)yTFTS@&g45@RauOMxz;ctyaA*YnT!XMtb=bcRanr=EcJY3Q4)DvdV~ zuppUyf&tf?{Z}?iyIH5)UOnBv zHy}3Ehqidk73E<^lke2adh<<%Yf!QJx?P*6;4}W{Jd6|#G184(h`%Rai|@$zzVS@O z=F|b$$c0qgVxc(TQ8H(SW89YOYCOs7+@YQ5~pP@TYk~H9)0!L2xEluft#7rl0%n)DwSyxl@ z=%|rJDnM3q1u#}bCoCXZ)jf^^MZ}B1=e<6zHFWqV^DAuPu}Ra;oo(GdEx_q zkyJpm@0qD`-Rbj*;d1!|#h?;@Met$m5DORu(0|`Dg!6!wxol7`^lLG&h;`oZZt~wa ziqj1taEK?uQ6V~aS`mY%UJc$*&#wf-y+%}!uI7fnd) zvDNzH{Nh;o#vTKlC|sX8pWT5k)I8$hzLJE1bTU>I5kRKw^8fo9MR=CLNeUPL`1>O0 zA7z5Sf8ZSYM*_oSLBd%=LdgGMy6#_|A^SIGn*Q(qwu~>X57oc1n(!ZwoBhA+RldJL zGvwpB{@?yhPqP2pzrBonzy5FkmJIp-v~Tfm`S|X;6iHqz>;LK#YU6$5g`K&-h_v_V4HaeVbivg6)+1OXzay zqAXBqaXO|!WplDEty78xOTdzZ-Q8^_kJ^;FK+>u%#{mY=sBgW~?*&S;#qH4e(U|B^ zMNrRL3ywY^v@?(L=wu|5QP^nJOw%=lWxVvNC8qM6BM+kC)H#W4Q5vujA3nFceS>_) zg41{DikEvxvm`getQVQ6F3t7f)rT^GokcfLoIAbbu~KeIJn=2vKc`wxZQhttjGGwq z_qt|2+@h%*Da9jDDydN9S%N;}k3U!#)m>mba=OJ= zKI*RSh($80$t#jU9e%J+WoFh*@-O?r`Ntnbqqcl|t9ro%iu*mtKA8|gMS&sXAOFi~ z@*U@*Yq-6Cc9QFV4GTC%5E}92diQ5xSK+BqxBsR$r{H?&CXP*sy+?HHX`owg`_e5L za2=z+ug4kGZ7imo4B3dZjW@vv9$V)3ByyXvydQ6E_np&2-z@c_XzPmJEoW-a@0q@x~8Rf6m*as#EkS?4=?~_REcbwBR$uatn-SGxL2)4q`cv>T> z&EiiK^%;%g!Ygwjwrf9I+C&#|Q`#&@eUPgB$8g(ra;E4F0iL8H{!NoDw?ho0sYr4X zd~$tfR2tE_*#bz5`Yq-0mkFBbE4*U~BV?j$f_t*#C=Tkw!-s%>21Nd>D7))^{^)Y& z9_{$~w3%A3l@{j>=u0?bkgW#qCI9`bKQI+FdmzW_N=NIQwTQ)J`PZhPu~(|vq56b) zjswYi_Hx+yjHwSunr4^E@I5|Np22I6FjJ}+GUp;$n{*h3FJWlFNyHZwkcpF#I2<{D zQ+FAj#<#5MvG?%h=w(bsW*STEFxKD=x!-*0P-qoFf2!o*Zj*9-aj4zcC8d>G4duA^<@}qHszF8 z48cyLA;Nu%x{T`35J&LS+-Xhz7X8TQ#z#H0!f35uycE=gl=Eqkjonrxwi;Vs=;sE< zh^K(scSV9QzJB0zMiP87IIjb^O<>woHJsa$zsNU*_`K8C067a(ghNjcG0zzC#gaL0s)a@WggRXA^yaKF#(B?^1P9j+?G?y zG|q8xK0v_Vqs;2rx)D^X@V0{9Ht5c|2WDAaDv=V?95eA zpWJR!l;1xN8)hk*Jw~NhtHWq7RL?YwTk(gb3Y&bV?N+wefq(sI{JerfC<1DpN{Zv5 z7LcHj8D1C=Jl&KnY`j%rPAye0-3l__r zu1B+8EDD=Hye3_~1x-cx@u&QJ?$b3JvHqfOo?vkSR_mgbSx@MKKkWBXj%Im<=hE1f zMJlGI!)0)YnYm!eMS|g`E>93P^7qcb>%nFPb_>2<#6ZqZ`Eh+p58|9Wjr@=+r07uB zdBoRKW_H{6*x8SD9N*OP%(&QX-+qggv~oPwSa)36E-T#Me|<|Dzy4n}tNHxmOg$1t zfW*pC<#=$D!VnBvHZ(Z#g9x-{YslUEUz~EKoe*FFFn2NOX!7BT`#V$mDgZV@sVSuAWNbp*8IvTBcDZ;CIS3h1MNaocYr{&cS}%b9B>AzlFY|O zx+)3l{Mb47I%%KBl0VR@MDgA}0(h@G7z&~SrJ?^xNmCpGjlNc``%s1#$(H+dD0E=) zjcjy=Oy$r?XSy>47XHl#=$r1>BN=l;D*geT;Z^xtT#WloUi<+VPD){N`jtW&!a4M( z?#WeB3WB!>Se(Jl^RC{AeWeG8NbgHd_`Jh?8>aCDmp@DFx%7F=cuIr=<^k2W-Td?!50!2+cUnDL#?{0b-L2>B}TxodN| zhS zz%LMH9wdA>FKE$9Ym�e;7i?c##TG5BlH(j;k0ZtI3ZA_h(_GImMQW<)q{+t{=m zRO@{9aU_p*Ef&1~NH7yS77U(;**WlMQ1%9T)uTs|Ksj%{KO1e^NmvFsUHEHS{K)d# zOQct&exoA=sX~8X-W1n9I``hU;rVkf@YAL-?)2AF?Ndz_C8B(6!$VDqy}odOzVwNo zMCVYP-|0$_A)aH@Sh^KE%9kClY|yn>I^TRZ3&h_oYbo@^R?a8-34=Ag_GQF_wcXyi zVo&7D0B_=ZBn~@Eflog$yNBt0^c8edf*Ua~!XbfyCzS?6h^I-75q<&v;Qu z_)3r{o45*1#4l&-LKLGa(3r+YG`hc)H;Y(vs`NLl4I!m1ux>3&=`E4=Jr&_jYu-)B z<)!|+@(meV5lsx8*pV^NkBKs>jR$IeaD!H5OLd63AC|p&TVXT})YV@#j?wZpKNwE; zUsZbwz3x1*N`xu%1SRlw{xQd&H$sLd_bLAipXxUvl3XD9mlSH}2jNDc<{3dOawh9x zjc5Fwbb6pdLUiq8Jn2@Oj6!n=24FVy7+Lnm2Uhnx3W^o=KD+A13TRemOn!{5-ab~X zr7Lq8u+1^Xfdc>JkQPh{u%)ha?Wnr3D{(a<3amnmuEX=c#omzE(mbspy07?iW9+JX zS;p1nVw+hQjsTJlu=?GOG2eO$JO|}}vm7`eb$tNyWLt-r@G$Rjy~XG!oHrrbY1=-4 zXW;09unk%6CdP)rs)Js3M7cQOinzLl;xARxXuyO3$wag!a-4ZO@nyO04YL#r`F9EH z=q(I|Bj0*HK1dP5A8`*}hIxP9gDs@v^3ISDNOvYy46?EM5U=P4KhVt?NnWXwYkQ|s7GGowr1Rv#pg*a=}~vUbS<3|fQx zz_c}nPE;yQJuwxO; zcIL?0K=@zz9^&10YGng5jLx`8vk~;*d0*jwXYHbtMl!UdlYe9ojQsd^Q$)X{9Kj`IhWB11ktC!XRCG~FLr)NV-y!qgfnka(<>f{H z6Ak2%zqfS7gcIhxp29G9^-mfo)dd;DV5+#Cl(9!!w?@WcCXk0k=x?5@KaE9>Q5Z)r zp#RhyE{)+MwfI=GJwvvL{)*4B>#w>tlyTV*Os&@Dvo<~HGPxc(A6xjinSY(&ax%il z;c6S$_rl6Rc(yIneH9vt9>oqE!w-GF7*dtPQP3Ms0VIir^7-#H{Qp<~dBXG)2{5## zL3SLfl52d!;DyejWMj+IqHS~_E(CJp&4T%Ca&*@+^1_3$efKv+pAq=;`t+u^{i03& z3^^1E!*Pfr%c1r9E5cByoqG%AS3@YJ=Me%@xJpwDdW{-`-;es0@Em@v@I{*>RJ_D8 zXSIKUN8kH$T2fc@2XF4Qr6~PhtoIfSgR$A2WcLWHAdPRkj~BbCj{+L%w-Tmk*e7Uo=<-5!n5K0ui} z_hFe>Cv~cDj+?~CqBdl43IBkeFOaTQS_HuI8%H2BPr>mrCCha_z+as>6T2nh#Z34c z{OOY3oMn=LWf*~I1qPiD{X04#w}`r@NaMmBFIU#{K@fAIn`oZG5l4|0iMzf9r%5q^ zxuubbDs(ePixRrl_-@Z-;78XUHMErsTE1f!urT;FY^&b*VXb?JciQA7eZ1)lTB0hkxeM;@AH(gS69^_lMUw|yW)m@6 z)Id9=ab==6+bj}NA;PD**h&v?mSu){6Tb5=oB6>c0$1Lo^Nch1V{Rd;kq+9qJPd`} zz&83DX-4J&l81W!?OU=g<$*uZVKDo~k{lL6AL=al!GJ8(o)vQoW|-mp?6qF{vHf6& zS#z@bRYh2WoVk*#X{;izSJj5AD&6yikMb(t=G{d&9l`c~)7Z#Nt+?+Sw)y^=apZ*$ z`*CdX|MM~SmnH+w+Y5ntO?Bq}t8VZ{LkA{Z=nIEH`1sI`x+M?B>j^2H`~xh<0A0id zfTkMdj{qU4=vV`(>*04oo0kaFXc~&YulIDvaO`(89_=zc!(f;d%#`51A|$ETHBt`B znB#|S6cjL9fHD$Vk_$79KLnN+dl<0NY@fuAZeD=yuf48zfM+^N@?;(6XP*Z=4#V59 zHxJuY$>$WeiiB<&)FdSmY*xNexwwOE3?eNj(mPYu>;T2g>5p$T4@j~JmB&F|`1C^@ z0;?hF5`Ryj)A1(xftTcrP(Ju0j^{KXBqg9X2azk^-=|TV?4qM0;ybiRx4wO*9fnQt zYGLC)x1IHt=5yyx`|QteIN@|1D&O_$Vlx6>-EcnEvby2?to|`;dvK`2o!_*(hkG!? z)Lv@viITAPYB!%CGhb_x&&0i$g8={_0RAp=NQMIbq&uG5Ycu}{hKp!i3VQSU`CCmJ z1&7$g)z24mpG~nYB7C}!?_J5PhDI=tV9Ia%q45NX(2H-N1aZmkJX^5;dws)<`pKef z$dbdbZkHbaI1(AR3SZ17N&s*OznvU50_G5FF;WS4#7lz$Wsct)s{;CCvpcmO^DcY$>Eulq~_;XW^$e|Lz6BLk7`APE963p;RoeNtQts;6Cantd4G zFhyl5{zh}P~84c=V%yO5}&*?7s>UCbb?Ckd?6(1v&*o{s2+eY2y>^l3-quhQBH7%i%THo^nSBrqrZ`1MUe5T3cbQ`e( z;f8VgMqn9BB;qL0g2)2;fAYOqOX3tGN7;FSO;J-oFs#%6O!@{;e=AFZ^BW^R{QVdI z$JGYt_p*TIZYXPo_^&xs8>Fwx3_G%?71?>cK8_jfqov!hb;W33QrC1ekFas)-&{_c z((Z_~%e_2tuD*VwcRs%3F|p5q_9TP9W-wfD+TSbHl|d^Z+B>= z*?Sj`_cCi5?CM<0>{)y%Yc*A9s5`8xrprYv43e(#Ms)7GS4uhctQR?@(pu=3o<2j{ zay{51R5w+IsHss$EeF2FPa|Ug5?^Z{xg&`0s|46MLdUP31ROt&nsLy}K{o+=AJN!a_TK~ewGz6juv{11U+Wt?B=WWVs08~J$zXh6#7d&6x zleXL+h7RfR)&FJgn_o06GtHHMro?Y@0{gha@ypl$bv%k15wTKcKzzOu?v_mQfOW@e zGs36;wLSTT6+<1nnJgnA)9)n|{Q@HXUvNN9ASxK#{6MdFy1rdB_7HjRCNA-jV+Z_B6;(=n;n>+cR2xMGNg3qA6`!Xg_q1pOj{=pAt((1 zG)8GN6~0G-x384<_rGG8iF^pUdGjcd7&zrCDM*E&0mC{zP4m86f?O(0-YK><7FU+cDvBEME_CwTy>4-}Y#D}{7vOn=L9QcKZp^f)@xlp^v z0HXi>=lq$2J!#1EeS!@!Sn}I}>IeS;E+Ws$Bf&LZnNq3YhcuIM1SEQ2bl>i-d_wEQ zO#uG0AKem{#)SkbOr%&rKzxd&0{LAjb2QEmO zES7FdkmleGEj@hXhir9-KEz$V{GmgwIX874JT*EQsB)IJU@bch6+W6E7;1sxyD!I` zUy#$X>7TN`flfVS_y22t`hSGe{vD$}Nxvtpzh|P{=;1Z0uvN#OEs>N}Q4jO=56l&JRF0}DZsBt)iOlgpnDDKorw8+k*?bnwUJHab3+FH+4hwT zSZ0o9BbErzl}dMBhiD+;1$lL;XhG`5t+1G;>o;)JxUObM`v0kr7uf0NwG@jnV-M)5 z3!uusfBvsuVn_!41I_a6uiyyw530b3f0P&nk!6jF`@4v6${r45T|Gt9v-&gSd`wHHFU%~tDD|r8Zas>~8N+>O8 z>K}Ac(*K|-BKZfFV#v$=vII-A6nRPD{}8UM=++|J|E>7Df$Kk>|NAsU^^$|78U9&{ z?mzGA`d{UO@?SAICi-_S$c)D2FMlt%kd=e*rG+f{#}0+eYt*>_MB-Omf|E#YP8Xk1IA zJ$3oSH^T-#6n$AN4X!2}?s3N*<`O1Luf(uL=a%mIdR;-q*$#L$pA@3|@Xg_qXeAbegUVy;<|tc>&cP z=KU2O&1EjLWe~H~artjqjDP=atcIbo-s#Ow5uD~f`*X))M9cl((xwcd-87n`*-OFn zJw=t_Js)nmzeDHcLvQ8n?|3aV@N{tMf`j+$*8l6gKc~wO<4*p@5YW3UDZjX#>ZqsT zoQE3uzuJ7q$^2`Z?|JZlx5*c8Qv^B+@pHay?>hI|T&lNJ#2>SF-T+p{Tyjpcp^i-Q z@07z|+hj*9>PH;B=pFcbF6oE<#jbzaRD{=bcvZDnAGt_BiAbOSdX9J79{szm_ka2W z%8n`O92rs{8An}O%N+l6zgfd|p(c?WDC5UNL-6N6eW*8%^h;w=$o#c`Y6!gjPklh0 zPd?cHUyhr8e5rfI1O1IdBS;|UqUMwKoKoz4+IQ2dTb|6727gHGcM-8yW)em4G< z7lw`RdYb%r>fHakH4RbJ3&!xu}5q+jQQ0e|=Bqe}w+%gu!Qv&R2xaGyj~! zjGv4@UytARqW_g+MW;3U_?>6C{_~?Gfa@6Xj!eXdcP!_>jFqroJG}NVQpD-3ul)SK zZvT1)|DSau-!W&fBH0bAIG&EY{XmQcy0upL_x=j7Vg9=PowqvejqdBcbN7c696lw1 zP3WzF89{VMeYBap-h9m|{^viFkRk^BPhS-} z;a~9J^&?}7`RRY^bNt49>{jU8-ex>H8hzh6a-B{KgeQ7!XSko=-|_(lA9t}Up>ec-*!I8Kr=GIEco}{#Ex!J+gzymm`cF*guSu2+ z$O&V}>_2TTc1PMmP4pkW7r#FBA8|pv{d{uq^TwgCIPX0F`I^>uuRX?FcPltP0?%qv&|tN;{f{)Kdb)T&sxLNUHkPhhA>?3 zUwrg`JH|NT!9k-?>Fgly(!ZGf{d6Mx$+v_7N2SmMyG-ue8?N4MNk00{Y)V>66c z{`(W^2^0EfSY`w2(Z_!Vrn1EL zu~`<5_=}YRp!>IH}UvSCR+}5t{RL>ftBBcSIg0M8rnpnRYW&K*+&b3GslQSnvC5#RS3Q9p| zIG7CttcwW_r1ice%xrh3ugqh=z!RaK6po@t(hP6w5su8Ox6DC*MRB5#uV*z8rGPGJ zGrx$*VurCPVay;CxwX{sJe|{VPJi72dED+NgG%d&jAPf5+=h)VX1OX3g$}i{>5^hs4h{&{ohskaf%f5U0%7sn-7?D89y&V}E$E5>YY zQU*{;3kdv_BbS@BV#SDsUgaP?L;@vavTWPjsZ_GAg)C$A)&2cBh>95x{bB~8JyEII zOM78aZ15pe{BTs`*z3zoNIP|PRY&mp#1{mI1{>91`xxo`L!wz#_Q8*HB2D2e2nZNPmHL8-h010sxBVFcGBMS+K3ka?pSFr=*8BnI zv$7eO-v(4;z|{M2zw3WmqH zT}wsQ?k-kn$grOyu!1v*>LU%0O;|N`Y4314UCcoOz z*`h*E*ZU0!>{Nq5+4W*$V})eWt3MHJJ{v@uzpOK}46hgXNlcZFMZ7fI;=}Pjj`4N# zW+m>`bk!@k`3_^pHH&9P=R{dM+uE~|&w4ThNA@43A39Gm?KtS*pvCUn@r3HfZr$x7 z+sqgwjs^G{I9#SK6|eDaWqKkvin*v|9C%My&C;S^a?u>dFSjRGC;vd7H|NNVKG`c* z#L=hJNdx69GO?wzWZXAQtyo*K=7_{Q2>gQEV!i6{MMbA?V~y!kQyfFydey*U92V2Q zV2?Oe$P#r!$h3u5^Q#pUuBDZl1bci^_CT+Vx3e9n5F1%P-&bOA?0&dJv7gqZZ_a@M zizCvPtnU@18#b#Mmz5y4wnv}WGVZ`o;4pGBb2UO;?HR9G5#Y8KChSH_1AL%h4r7Em zksBa)Yw8my=O?{c;e~$9llf0?=U3=uGr784B}$-bP0vFxPf^Qnorak7g3K`)(`yXYbEj4_yjUHS3Nl}?hRJPk6s929H5+}g&*{J zVUJ@ZK^O(=pyrk*Z`aTA{G=SregZ~g*$N0g{bvEyRMI~l5I!8!-__~8@kb(7`3)_J zA5c>3RGY5hCKpce)5G_hcF5abk4+@%-#PLYVbpQ2^<{k3(G*5cC^I6La2(yhB>j2Z z&~}&FUMB;SkCNHr__s`X7IT$=_(So;ncS-{H@@I}O98Ddh{Etx0O7fIrt_NRAe`a9 z4HK$<`%RqIZZ46Rss(ki&%i9uL?LI8-=8g&0TFfGwAfk3uHM{*TY9UxIC^0wQEV#* zP#Ac=lNmMi)|k|NlUajiHH&Rma6i}=%k0KBE8=i)(*4|i)!tF~bt2ei%v@BcIdK-n z+C~qx?EO1LpTu&EKHyuPkAmC>4rhol@$aVAxAFMvzsNj~7}>43W%{M1r6!_!`KE^m z^TOgu2y_PJ0Gwa>(i+>x9Qm4yK^iBex>BK{58XQ0cnBPl1HW5K%c0aG|lE{ufjA!{IIQPxU z(}S;-FmQZ_0>f6@i2SyAwyBgnXTaQ5$JRp!h2|@r`12R_XOy zKi#ZuiTckw-fSO-iA5oxyX|YFrz1ge*K(u_kg93+Ns7~v9uKp*&u11WCZYDRZ+1E8 zd7OB43g1+uBT4%=NJvmvE!uI1fmpFhY`_4%4P2JY`=^tlUPm6fk}c+~&fIh_75@?D z0TCp+ZVrJ^Lwy}G@_XqDm-ZhR&~_QUjDoKT-=+OqG##t!#p6Z8F5NDf$1xxLCM^|~ zT>cbSaT%NI2cBD2Y#-S!Kk{K|Lr>HP6N3z+MRH|bNw-wCW6%HER==!?F&T`1=(D0i z(gzmg?fZjAGbH8fOY5(5B3+B^O_QvCe&TSm;R;5-7LhSQ71RL7 z3Ga})UTManAD0ZO7TY$hzoHfaGOX#JR-rsucN&b|^0V^=ibVS*8z(S(H6z78p<~e~IGYV*w8aWMHH25{k+fFfvMQFglZ{8G;Pllo0nnRzg6xb`mfoS znN5WFq&0as?u~LCl%b^M{IV4bl1;JIU+>R8<^9>@jLTd-CYcmKe-GQ_m4zh+YY9= z?}$Vbn-OpBc`Y0hU5u>(2*@ouI3|1TyF~2gO1&?0u`#IKn5yly1w~xZIh`IUEeJFe z(1GM41`@!rgUwWlG~HF7x{(YSJG_LDto$JB<80E8Y4RSsJ5noOw<8s!Sp5Wj6*m#3 zNEU_b7pulMrg%H`OjO^=eCUQ)2twA^*4)G+Jgo6zSH$Vc0x9#tPv+ImP z?6FqItD{=9Dr=_(+;6=*3eHB2$h>NaV2QWUWDO*Y2ubkH;C4}gi)3CGpny;Sm`pxT zr};)P0(hGo!wjllPR;bcryGbe&DX?{U&m1bo>y4@#CQbJvWV_kg#RgozBtu9=x-KA zn3TP}->3ba`vr0KUA8@G@r6-C1n+&|i9X_&SMC90Gf}MTjE-^wgSxT3O2H1Vpr@Ch z@8$6MO##uiA+Z-k*=DA)L>;i)QT3BQ9n%_iB}TG>AWS?R7-W{Ow0M=sgXY?X;1}SG zFZb-W=CtJSi%l?kE3oxA%lesZA7;)N`XV~U3O|xpKHb7L#uXjb3r0V`dCVqeSE1;K z*V6?IQn6Lb|Ksf6s`;5-&EN}Dt@0WX|uJ;VAESDIo`WAH29Nx~<9^p2{qoSNmc4u&Tpby279T>f2z`bau+#KQ3 zbN4PkD(@JTrIJcmu-T(C`D(4#jvq_4`e~E` zr3+!AFEiKp-}K|B`3IT5Dq6U93G|n5qmG;FT5))ot5QWp%Aa&%jGC$0;B~D`ckYPz zGT^91hkm2*(-latWA&?Mqae18l0?C1(r!FPI{Txx2E(yM?L%BIyim~G;gF}pGQs=M zx76f39a*kJnx8t3ALx>I2mh*xRTo<+VqD9Gg!#-?^%OqBiE^A|%dY=|NfYdhD0rzV zNMyp;gU&OyDT>U>{oNCVJ9KiF5n*@a-hVyPS^7d^NicC!7PfL6XGsy|wMbj>g@F*p zbG?e$zH2P48j@O-vyBpW9n5FrR~3qMsmnNsT5b&yhKiX)SBpB2JX&Te z)z^XS;P@e=PlMn;I_PI zJJjvLTFjqeW(3#Bkrc4p%<4Zq!g}F~m~MpWj&}Q%3{scQ8PH$cjb@uIfJ1w=Z-pT6 z*pfWyS?Q*_w2K|@rLtvAI&Ah)Ui}fDX9_c2dUeh-s2ul-t+6cPoB1n>{7NRSFK!3c<~+252(gV` z!Fjdjx2Uqx=%n2G_^d-S+)I*x6QUX&A<+udd+?B1IdwX zhiNW6wGT%!5mWb;Ae=w-C4c-Xa3m$u^NY$tApk6nLP7rtVGQYaV$ML~WUlUH>`0!g ztCjqOqGsj1ynZ?R-m8BQUK{o3r&*HV0kFXSs-Xy|Q_s}kBhq7WfiGVdaQh<%3N4L~p z>A0QM%an9Iy3M38rmw<|D>f=?mjt2)5 zn^PEERk|@CMfCqD9Bo^=YmSFgwn`hKN__x^T7cDyhRCUFbj98_1Dpv zNb#{`yn@f@s+}i@>>$ff`1jybCizUCB0SiZPwK2YH3m8G?CY;;z^DRnq?L0*5rfFC zikr3K&_r{__?)GayFw4RTQWJ6^C*Oa7BzI15n76AS)_TM0gvW)pGC&ZnGa_EWYmhG z*z_!^LA8C3fDKQ_Uw!`lLgvPlN8B{Dt>~*(Z({bVjKQ$MR#S6`p=z87XKMp_8n%Rw z*^6PMWKP#KZqmlDpia_P&Vi13i9l@$ft=k9CE*h)!@w_{84zUAU>Q9!eOhJ&OCDy$ zlT2evCvJ1%T60VWpexChMLNs29b$**DmI;;#Pg)GdG_3h*4IfQUW~2Jn8oMsUVtkA zMf+S@L8g{E(Bnw;PczR;z0PsU<QFdF(1m%Hfi_ItE-8exfzh_s3UiR&`F8YtH zEjtCUqlN+ZVLP_#i5t671u;Jmn`q90MBlHET4_70K9KhQfqIl%{NjqI@*YDW)D##q z0-gQUY(30v3n5m zY~28Ss%wZ={?ibR7!w?k)8iC9*Y$jfrjJinG+P=rB?RQFSk42WTs@*dAamh|(J`m| z8w^&32B|Sg+frO_zU1a7ly1(3_(ozu%Mq_84kODivO~A^1uw;V@PX0CU)u@%@L>>1 z?9Og)m@KZZM%YO=j7v|GYC#PJv`+BkZtA`k8QO_Kz!g)n9Z0IBh3{2J+?nx+8aXbr z{KjzDtyWATd$rOdx~z;%K=` z36Er~dj&melLUoYRD-D5`ox*r51a!(yczXT>JA5*URGol)mlb5a_Q=MSIAs+Es~lwpb&t$1vEw2=sGu}YsAKeiSKXbw0?EZm zjuEmZCB4kQvVIQ#H}up~JtAMbjNk~7;l#O6Ci@n3a4}p`Al^)wY57)O&xiE49-+XA zUccWyHVZ5}v50*-(Ky#UzV;`jFHqz8lT;B)>`jTVC-Ww)96^rlQ~_$Zeu3$j3HJMgq*f1)uWh z4F6K32`|8U8J?;)3e_Wgb6E@oW5%U#U9T%po6_45zm#C$&GN^xHg_UoTW7usA;CRV zes>qqDA zY|3q{?f{T-gHbjWh{#SjKHTf=mo&R(j7DLf11@s25m{@0%TyveiMHDWmfDSA*H>2w z#r0-!upO1Vh9lAWI<3yZg3J7XpDkReCt+dD{^XbAsM8c3Cvpl4JTyHYFv3^Xi=IKg z<6}7>PDP_F>v5TxyNW?*C--DngglUL|RY`G-^CjXXPZJoa)PT!nl>QLc{`Fem>~+1}m0iPZqxtg6x56b?mLc$V#S0T7vrD(%0>bw$7c?wTDHW5q ztfUK*Dra^JCFWSi6&AIR7~BfecpM{nwr;S{&&dQkP1yu%9IydT3FUE1pK@fw|M{HG z-@RA3u>6#&s{SAUkN@-kDNC@dEaCJYctXMdz%U5=2L;pEKX5up(yW9D0!sgf%v(#- z7ypLRDD=;pO8-}H9ku^?>uB{KtHKPO7tjAk9wQP4`)>pgljFUF{Wztcbvb>})AQ z)FfdCgGVX<&NI)L6$)gL5VB(zI<7Dv2(%@tn-N%FvGc<=g6B_cJ~!uC&);1BBKs75 ztHaqQ_nZB?Hh83@`n$y_U$8^lj&?bI2zlg34r^~xw;tX=H!ufCa05yT1V}1TA%jnn z1)0q}jK?{+CE9@!=#y;(8RU}a#$)SqnKgflHh@Qamsa!DRjj-6y$<47?9wfu1)^M$ ze93|6u;j#HcBz~~f zyZzzs&Yq;0sPqH~E%~vp*m&~PP`>bT3Bhm&SA`NnZ{@*gS$xr!WWl(izDf!IxI0JG zX$u+P6!y%z?9~bdnnf8qtF*Dw2SS&15Zzk}{Jw!U4F~p@jP2qtT)Q@;$f3c6#~*$) zbNp6&z)9ho*9%Lr`b(h9zyd+clvW2UNS=yvw<|ZN{*+bz2D!AuCsRHPj<<~YYizYX z{8VHK4g$djKpLZPF6vVahf`i<(hSe{M;Zdu$exv!*ef@C!!>e}om7D#wYdB+5&cZ) z9lKwhZ*0E-J>Xm6cErf#t3isYZGxcdYTdXHNKI-_E#8X5o3}Js19#bO?iBt#~&3A?61F^*)rRKr< zY}h);7Uj$i-Sc+H%X$1w*)fLX4*eo#_>$S_gHgH%W9Oj4X%S%Xq@f?-Rid5c2OBRU z<$n8%;h-Dq=HHg3qDB6Ux4#V|VsZ~#UA)1v#1yK!bY2ZlS1PJzgq8gcR#cn@(6gR{ zA|5Mq6${6j4#3FeVy7xp<2bYWCvLA{kN`-2YbR>h)kg}OT;1f#z|U~(ycZpG^mL_e zOX6dnM8++Thi;s%@xgAdIqCq+iK+u@%2Fz^j0#JkuoYZP?4vQ16ksVLjK z;HMP!ysik(Du_?@K&eBN38D8xg#J4ItdpqKyjK{k2)RMk^Yo-&c{@$;MER30E+G)l z7dd^VDhO#E`^}T==p0d#xMzcU0vTa_l|exTLk9^Pcsa@kXt>y9;%QnyO=>_vjjD^6AaEj}zt zUxx=K*#}$&yCnFHi@fC|x6wNX^BWNnNXbcSM*VP{U?W~6f8`IkRilDDP+RMpWEO3Q zoQ3^~z)pk3Wgi*<7Q@U}AMWRI6E(zxd%!+fYNH2S9i{Fbe-+9-iQ< z9Gr;Y>LrmcKOdt8B*;#oGcj+yHwD1-4Ed#sTF1ad2c6J|ATe^rCT9|}d``&U?%>`g zNElx6{i!w}AGZ`p%EA}L7V{~RBzl6*tI^SEmGN6XkxC-r|qw z5EpMp-r=Tm{aeisyWU-c1Xr@UEn(y^GOgi(lP+gRoycMO*JYD{fY5P-^OTsM+26`& z&~bv9*pnWw(LWvi-PKT08usr-ZQ3`%L}%Z<8YESs?dvAwEHwi4*Cf$r-3%B5jN>muGC+{I{2H%R+OAm+|3%QeEjE{h2DU5ZCyMUMVfta`U=mR zUp+gu6vuSmR(ne4I{7vD-Tk0dbME|#!g!A?W8xEqqT>Vg$hMeb$V? zpk&}$Z0bmE#uS%$D6S!uFF(mjf?WZNF4EyD=fYBg5czTOBUPnvwVY_n@4(;jtRFy7 z-q>4@1|HMK#c#EwzeZ%XLEO4`nMlr_(~LB3(G)N*4AKHAZHb|sGG}bj-d9Y=@Ab3%HJCSe5LT! zUh1Wqp@`^2zBMRuQl^s+qD8t{_518ON2T7u5N-EsekKLDTZPDa_>G?O-{)t(7+oWa zVi z_*G1q%2c~F(PFNKde{r{MeQ$z3avIu0O;<$vqkppnhUBKM=V5+==Ire3wEEn1HM*j zM&-Z58FLcSsFDof4Ouhdl-N(}RunAElQbLRgx>4y7wf2IaFC?EZmL)_#!M`Ae)Vz8Wd>bmYWQi}(TP+C5XDofe zL9TGoxz?JkjPLK;c2R>njJ51u*Jn|$++a9}s3cq}!8e~@EL?0G-CXZE-;lNW*X0;I z9g*~VYeepWvVbj<#$TL2g4)2t0W0!x&Z)8a+!u2GfM$Q)Y;QVRJzaPG zxme#_{I)z!kB6=0jmQ)hg!sC6dmSfGaS; zv(f8zO(t-Jn2-txG`d{2ir;bQ02cgP3jy>qABU2!b-lLb3xT~V_{DJ`|BYc)GS&5I z_yVRG6NPke5p0vbwVuHmkWB%!1Jb|yge3#B7Ec3U;B&GFa@6AmHzh1ma5$w0gWz$i z0t?bz4uU0cPC3>il>0db*(wB$^7q&aAfqSXZ|Yi0l>{3<|;n*JlhNa!CqQj}PM;MmI%{)a1k z-GBSP@Sd(m|KG1#8|6}WT{D%N%pJG^`|LNIHW_8~`ns5qCKb?O&sV>s-HvB(7 z+xGW7mn^Y&io{bYzT#YJlfgFz|6@&`7Dds+;l5bIbi#IcwI|CTg=;Xz`+cKXwtx0_ ztm-lU`CcYCj^_y?)l>~*n(fHxA75B`c~lXm{K<)GR)i@x>q5Rty-nzZqJh)^moT*U zVx@58dCu}3)*XC#!!aU8pFOz{3XZ=hSHuc?w`D<9q}Sd|^TgbXi(j2(tQxTRbCFj@ zIx2=O3|-?Go^j)Y(b-#i)B5}p;Eahlfyr3t=hhl0Gae(bMEg_w_h0edmiJujGU|J3 zk=G(bYnczTF(NaRKMS4JFkqK7{(#r_GI}sFh>5y@3A7)Wfb+@cfri& zcV4kRm8tz}<4*KRIS#&9I1jZN8=v1VR4*HeY^Cmh%zpkq+54|u+qEQ15PXgX`XBtU z0OAz2dZZSMT9fD(E@~|n)#BF|_r31n*CQjVGO`PWPV_mz#@Txba!#9O!^R+O8pk1# zyccUQU`0{qv)Y^^I&xKk4>!}Xhr^JjF%bygQyZ~TkIGb=c((vN1J>-PeTykV+}D#AC4MVYnQhqm01_wutFSJYb4GJK+CP|GwBJag!) z2@l5NAvgILEVx;W3&V8Zk5e>_|8ifM-$Mu8VH@=UP8~pRpZQ1=z(l*FrF9;k7UF(0 zJCr>JJ2Hl`UgVpS{fFN0)dTZbMx!7=fuLVhs?9M;H@KP2Fi~fBTJOC+Hz@yvnDgS; z*UGXI=&=%aGi-gcY<{yGcvZ&aaH{_3fSTpF!DVDwtzPMuvztb`-%S2^*8vMmZs@F& zD(S9AQc(D(v$qmE+Zh zbsXgpI)-0e{xtiF7$|b7&{?J6HGE0?ERf%y9?Hj8I)v=%73u4HsLyKwzo!){O^!5G zhn>jwHB3}EsfV4dc51~ZG8Lu0AeDto6kt=?d74$s-j?v@nf>}0+{ddvTw=6eQfOA@ zyI%Ej2FuCs*a*iIaOJ1%R(`~AUM%F0QpFC=x?-(|0vWrns**Vy67oqk&W^7|nNz~>^N?ftA=YutB@|Y^EEoS@c|CQzdA?T?Obq zOY(tSc4|9nOcQDUviIOW0I+_Qs2dB9$9b!h0K2C8&ua`-CQCic2b9VG%!^x(y(slOr96xa{`(CK54dh1_@9~YBwJMhqsMs+2sON84rN1ilPQEKJ$3e?bE z%X#nMX8({|=yS{t&_o1dLHT(absh2-R*x@scuPzcCs&V3FCg|_aROnVkCjX$g9Tj^(rC?C0=Ol z9j`)}B_f7At-F%oT9-ME`o3A+*XArxxgK7+lWFl75EgfMBr6+dFK8MgE|(JwG}#0l zeY*G1G<(fgVp!e^uMM%Jg#Vu2n~;2yYTPP~h>U-9ZhnZizh45Cp)t2^pPCEwX8-gAdj1+i=S$CuCs*7owHfMk~f8N)I zDo5eGax1u^LL{Ig%m>nZpF1)k1h^YJK9f_KjnoN^-=PRSsb>a{=UVAkd|w zTxHy{A%IQDXjHy*tKnj_=Eb=Y0lFM{O}h{blyhYr||U)zYKQ*mIhxeV?y`VB`hl5lYZ3Upvgm_|G3wQYt6D71O7QS zkRnS{#%8qP0D~0q2hBzJEK=D#4_BP8bk=I+W6lZVDYa>;-f26`vaqSHmWr2uLz5dv zPR`U(X+X!=Bn1(S>{a6?)m4iZEiS1_lo55^<(a)^hIq{tbEjQ8@89`wFNHYIh$2B> z%UftYHr*~^FMFA4FENn>m`8j_kS}rd^;-k3kkGa-RrGeLrle`FOps^~aN5gz3dCuG zzmxnK@;*RP@Q%lqnWXF390r+v@9(zT27VtS2yVhhak1ou%yFUxUnmdFlwPF?|FqXt zEF@$gz}?=9k4P}0?e%55)U`SD$W1XW#VNe^KUJuBJNfhgV&`N7}( zoGv|(M*M&oNWMUPPKTR`!gLqCHM}%l#!gmb^5j|*w6umw(o(%Y5NW|~7g&xD^fp3n zTE2yH1W2Sq)*E?PF+>{CJ0x!u^hovCwtxu&0}kIoQf?|hTB!9X-DMxK{&_P>Ve=iy z+jUwl146QL5(rF=KJ1{b6*z87$14G4=5+x8IHO1Yg$$#DgEqM(tT9eU9y_AUR20k# z-dodry2#ZOWay$1Im~hmnYrP3rOv#0!?C^NekVNY1fcxApyNt8^rz(U6SBk}cMrq= zhGR;^n%5!a_r|_?pTKn4kT@#w?`cg)9I;FknXESe5Q6O0P#1yCgG2{^n346ua_jX) z0N)G9IvN&=h!Awi&4~hM%k!v$9JM`N*FH@_<{nWAe52~t0}=|3WBchbkYDIA(Uj!@4yDM{ z1R^c|DFY9Bm1K7fUI$VFgSR&*>9>}D{?L9gRJ-28S&Qb;Z3@RT43C39+ds|j(Q*Fy zk7sX~^CKA9{OEd6bbhoWkpI!&pfFaUhv+F1eg7Ik^f=0)z0G_`vLSQRZt%a-GTBql z+L0b0DoFBsuf>umi;e-QkYd-a&&&uCL;J=i+9y?GU8)%`fED9XS2%eM#^T31-o+i# z4f-u5Ls=esU8|d~4XsTY;TuQMyDQOqEOQzQAiM`Ey}h3q-XZIoW|p0pDw#+NwnbZjsel2lRcvNOr60H{b*)j*fkV0ZzY@dBlfdvbZ+jE z7AOj*qb3?S(BlE>HHw!-p66H{qx@9)x_$-kO%;Ammk!Dj}q z)Zj;@DOO2w_n~~l;gXxHJ|orHy89wng@d*48^iG99xlxjs^POoedx_3H_S*28so@X z%U6q3PI>cp@v~ltXSKHZ8Zxn7ddrivogi+#V&&?UAf1XwUAz?D01cCE&6oXp->JE$ zHFI*lRrf7eDBYCZxj}@JC_G2nCdb|`3a+N0Q2kdG*w&{+EM{d1y4MA^YAf>gea;xN zWrU0=_$&hO1z8X^z1it~aGZs4ec!_y1xHGr9ixIy% zxex?Tod@03(FDu7lq^RUl;@ZATx=Efe)D#`;pY_HUgZ3lK1C>a@9GpQ)CcBb-Zcs7D3)j}yWf+ewX57mU@ zbUQ}v?LoWN&&CEMr|6Ab3y}I`;70De{?ih}r;+hq(J=?}gM3F}wD0%P6$NUQ9h!h7 z$rm7y^9{5QGnRd)7Vlvj3zsFHFeL3$w-b~>R3cv3qUA0D-FVi>-&zz^EG_UG9ESnZwo2|8-b6+vzFas0ye(b!4RuMh_ z1P|ASL`Oei+h!(c@JpCtnvr=a4in8GBbK^OQ#S%o*$t(Jj=RoCk$eyJ@q^C5Y3cjYx5yw>3tM1*XSefzkOyd z&#raV7o#^~CmLqlX1Qa-qJKQ@V7%;pcJ%@{rI2z za}_Kh^;egk(4BIc+9}g(SQhW~>H`y!8ec?T>y({SdoE1SW@Bf^wr$(CtsUF8Z96-* zZQHhOKXK-r!^8nJ2!l^4{O>9K5%|yv&>M!#_o>9W#qPn-T;caa5sGJeLM-b!W3Aw?LuB zW7-#$H3!Sr!8Abc6J{%k>-A1{<;lbvT3qq|q9x66-HOa1YcIXlXS1*eb1^G)5or6sC2qOtB4=O&hXu zlIvJypH8&>=5z-@45J%m;WcI|&n0CRoF)oYr<=Of7KEl69rd#jq3k7x(aegC2SX$`E*S3+W*@k@BXr+v5syXkK35d1`k#L zN5w6&luz%7=CP|}v8|G>lr%Rh4niHI6SKi{JYQ$|@$yhvokpIS&+S4-Hez&Q3UAa* zUvFa zEf-Uz_GO^GEo+WrSPkUU57y6rD1O~ccf|Z!RT7zjGel#Enc=tWO8e(Vf-b?mS}Kkt zOauAm(~n~H1&F3=8+ZuslPea#+5E0Iedx-Tzv#oW>odF?`W0H&9)S@ajkpC@- z)Fv>yfIzTNVN*b`=C^jVtiSSt6k3UC@4{yuUQcHW46oD-0R<15@2)RX`BmPlLUegH zY?@_;d6(3b38{cf`UIu z`m4A`hEMXC*)nsL_FeM5CE}YQsg(ae);4}p0Qej%>(HQVy~MqlEwyJlGVKM5NsG;K zVNRK$Ll5%Eipzu^7}ld`BbIc2i6y33B8;$lgXzE9kNrG?h`0c2QYrbaM-PZgKCFy9 z2-ms(IAgF6-C{)a?MphrKU2$zbp4eL=tKlQCP-w8_CjyRL>j%nbkAzaeKya#K#cD| zVp+(Xar|c7qnKxV1k!#bT404TfJo0U=9@{603mOE5kuNq;6-LQO*-bM9M-o2Q@lBSCZS zRiO%i1_UN|42neJn68C};_b8m&{rIHN@g^3o;jC^_b|L%^RGyqT3t10cKCzp(MYTC ze-pdf@2ER$&a$e$>#NUUugGdM7Jikm7VnYaYq7aod8+nlf$UGqAL=c;ABz9Qh zJk7lwyY)>Vf=bQ^IU)q_9!Aq$4BfFxU2XH4DDThg*UD?O1@L3y^!2lfWcT_Hp;D3E z<4X^&8H!}lki8`K-*ThhK+KC@KTBwpvS#E){c>BpQo|$D1TD4pw}_$~@%Qovlm8y@ zCV+?c4cI1-dZCK*f{Ek~$#+O2_|*nZG)E;122! zMc@NX6#*LE`onf}+ECmms35wCO#VQ(#SB!s^(7!@b5L@BIT`eE}&J~^wV=x&1a7k+b2li?x~;+4x69>4gN1_<~MT=`L@n+o~T9*(@d6gSkLeDFkxTvxpqG6DD9<2Xxa-YH5 zbIE?zUq4}}k*kYOyl$x>%r64rn*&)Ip=cZjslosHXt(ZCU3$3w9CVlzm4pp(zWhib z`{3*D{VZK*$r?=m?FeQ@z_{)W{gwluwoiS<7@0obUjYYu&vNOlwB|0tdv^UrGp%LL zO3gTxI;P73a6=-PvvHBWGD*Sm3r2+@_z}xB7H6Ld9^;e&2{gVAZ30+^rjS|T5YZkW z>oE|)y5Cs5*yMMu?~g|ou;1Z)kfH4w^-w2h_gjo^{@|LH597!n2aoIE#)d9*?Z+Sk z{z8tuC0{%`y2c?h{FrUzoR_m)I5m)SQyFLPrKPfYK9L2j7I>we6fW;A0Dtjfxb|b9 zfU#85#@Ky=_CY0-Vsp>AP&H42dIEi5T{3ZFSmVHf2)4TrBM#e$C< zt+^#11*LFBV6Y-%saqaO*M|4!bjq5TdXO^yt!@)^G$#roC_+yVE>9Wg*E zU)tNgbRzq){Hvz*STu;Wd2bvbANv!H0@w#tUzXoX=k??RHzxK7*m@m%-P9rEka;CO zO!%0-LYjYy&tJT;AjOMK>}e+qHRK7k+v>Cg{P0UEWBzmTD~5UwDN|2kuhhYtEeow(~&t8 zhFx9h3K|!9>KIobW;PLl=V+Y$F83eP2Ltbp_{ch6{gQ>N>ZyvjyI)Oj#?f}+P0GG| ztZ9SlJQ?_rVpw!NYsM5wZa)IFy&&W}!ptzk`z6#*o{fZmWb4i6Gh~XSZlq2Z(tLY? z?e24UYqiMO0j=>m)>rh|m#1tM=bsyNLDW%Lgfh9Cj-+Ephve#hk=)38dQ(P)Q^>X$c+$>GsIIJ?|u+nYj5-bN#E?`NNQ~Bj&Mg ztOoSZk)tgI%u-FawF!xsQ$_IHA`d#6H-fzq&gu^QbHgI`Gniye@w7linJ{|{KM{m2 zpWV8_T^JMLcY_Wq)DNv@7n{Zu{Mk;&wz3qFr-{;yD(2&No^1$@bx)fA0>$WXi$8sp zfkS&tl>SY=e2fPKn4Z%KvPMWGo+_fYzlFQ56GB8FNwU3M$;^Kw&u;5d8|2TSJd&*h zXknQ>;upoR5@Jcq7a>M(C7&`7BNi(pC{)i4w^74fA%R*Fk|o%Au#rUB;=`r$uE)BE z+{6e>8r_{B*{jH~5+&Zl;R=-t3*65I)bar#FWYH93Ux<2(*s&TW^f86z+HM9wm7(j z>_I-5gR86M7aH`oCVbNwuo)_<$}8KL{!zyGfD&4R>KI!LF54TGtu~d2qs>3WMvpwW=?IpW@<|KtA8uoSb{)!#bYPzK+PwBEqq3_vyfMs75@WcRel8Is zZvBkPYa|mMQ*)|$0@4p+wvI)7cFp_z;1KWfb9+v*xzRNbLt+{99ciPiXo~mY+k#pw zNVrz zSZYr$$y%|<^7x*Hq=cUxuMabQDSBqbcg!2sd=cQtK1ID36KJHm`>4X|PcY-yECISY zp+Osi;ZK=*>8RZFcCg%=7l^HYzuWjv4~$>(p(~A(JQ0J$qr?09(ewYzSs=y(_+h;7~^VHp>%FRVnj zCv^y0Q2z-;Vn6%U*;lkH&Kg>9P>E0V-4Y5VxTsGrS8%71^l=(RJ!G%QL66y*mLqMAnV{aszEqXrYIF<-zG&NQ` z+5Cq_5)r+ZaDc6cYcWv)S_c7w!HCgdjsB5M71;2C`^@wCC2kQuuj>V02OdrDuIAN2E#>L`^6$Oo3VzSs7ffmf0DVi!1wbsHrj=+xh)GEXB5Y=ON*_ z7{rOKkUje_$GM|?Z+$+-G6(CHM+qdWF4bYH5C-bSCAn*hnD@N ziCbv&MeGNoua7bkiPt+{ucT_F`D~l3wJc&?0)uWSQ0-|4Q#RWoL%2)~-wUU_QdKPB zIihX(Be|}Dm9=iW!?^(a#`6jab4%o<3D___eZ<@JOT`I93bEfV=tOyAT^gtlu<@{k znsOt(rhY3H_V((h67dRBzBwL|iH%0?UdEjwKjm?@18|$(Iq;)+V<_!m7@b8Zue!3+ zRLYVuXSki}4CvUP$PR^^6)SXu=^PkLazWjQQN`xF?uysYzPdsVm4q>Zp|e$&4_=>% zNkPtL^?CIT;15v|&3)X^cH>oNU8=_FltAx$Wg0Td8(Be6yQ_ok8Ce+|T(|t!HLpK< zOR9{hskj3<=Nl*2PTGT3*rB5JyVorj&W#q;a64o~rBC~md{i;maJZZ{!!oRR^^lYq zuaCM2z#-j|i8AHS*eU#FW*MvZq=mbw<~C_w`1GvD37u-hM>4O!3pS(KGDw!u zzV^u6u@?1}UOtA#Kz+UW*uJuc$hA+V`|r!$w%R=s#&W6Gz4`M{)!ucV9AkMw9Y3{ zvFQv3y;-jD-)#Jmb6()*NAoeau(8yfe%BJs6a4htVv2t#2W1*zQCnj- zEys~vh@p44^i=8{^~|z9Kh6=q6}wx;rpQy<&J=TTs|+s5bd@y)zue4L^Z{Cco9hLW9kKO4s!nxI>s|40B zkxEh*shyT*W||Fa4X@CG2TMXC=V@uz_%Bo-TOD~Yr)hT09;OpA$9MLx=ok}FY^dh) z@x6lf54@&i9F*@O&@$4q?6}b=<)UZi6&cbbXc1WDGbRKJcUby9IXE2R>D|<3%2cR- zi)1iBLw6ZNUSGnX#mi4mbTf_JATiuD#ncYYRI8qZg&%CooMk6X++34ehT|B^V6`4i zI#T<;7FnHg(J@IArP?Ot&cr->F_w!K;cRbxZYcK`KDnzj+-)gB1)SvT_IWN zNF1Vs-h|D;!Q!i9nHg(l#c-~jf111)mwMK^AVv?Ru+P15_VdGaf?T3zk34|hazFzh zAuexWmxA%>Kb^?9zTyseNqHtI=~(4FHOYzE3_^bj-f=$`%3SsQ>@GX;3fEfzraV$(zgJRs)5 zV9Zv8kCImdAq42sh!`OX$PPN9~&I4gL6tazSRk2{) z2)K3`8ix$p4qkQA(*0B{_*?n7nQjIK1^Ww8g%Fp8P-4;79psk-2PEtpDLOmc8S0FP zBWgdD^_;KHY|8D2o>ZpI7lHNXnugTd?)+by9fGTkXoJ`J8!B3Z=G>fhTNM!kcMZu~ zf$D~+YjC{4F~m}bau+BIg0NmTqP@T+FVT5jl`qrBwodDNR8CT=DDdsnpQ~IV2NTso znq?FRR;o%U^qrCYy@awJ{c=2C>pN609nq_r&%jn&+@f|kBjEmKKrX_=1za>>ec0~& zi32SlnsS}a3_$nKS#a=ntH#YGY3#hp3-^4Toxesng^futA&X65WsvYj&mKL zQZ!I-;65Ooe3(m)I+X zbL8%|Qp{UNcX2p6h91mN#KvzwW}iCYEViQ*`}f?0r;^FPLZqzvW(06*>yX}BqY6;} zceLU#XxcAzBb?cLCEj`OJqGOlA z^`EYB(nb+jA%#F(wr*EtQLCf+0IA!)xFH2 z5XiTrD(b&a<>rIcLp_{%+^PRH$;p3n`(WQreD%6=<{N|U>UO}%%E#+15{OS{g6QeN zY}AP2BT_Rk{A*Q9sJ6d;gWN_6-N_9%uE2spQ`NL}TVj2<7KdjBR9%x!L|(s3B;&2y zA(K8a5Za4IIaFhhXs1ptaaLS|!(QDT9f}jEuK%Z)ug{(LjLBQGutQ z+@cY^+ZEw4p(buIsLl4PoAuAH%weT5S*GX36;C$U;TYZ3o1$=kwOj)?(gEpp|BvC& zhTY%4*g-R&LIFpqy8(Mn48!i<%+VviiqeHk>{+e_ix!neW+}tGg}~#0ofNYB5bacp zahAY10T{a9Y(61}tV9PX!#>8KNq-|#;BPMsvM*Tbdt@p{TzaF+J-^rAFB{0g-&1sJ z6`!B~i)9`=E%=qgZ2OzLcB=9}$P43?}vG@NT`=H)w z76CXUjn^81hW89GUg>>{LG*qL0`d9p8;o)0Cw-o$GK>j*T2T)iReJ*dpBT(<0PEns zt&m?kl%FoSw>$QO|8?<;&<4%Gm?22`_Dw?<4PbzqT{NHyIqgFX31SHmMk1B_jeXD` z0rZ?H7uOLo1rJpy#if)|=+GM=GwcsnB}^Z2KIRxYuLvc_*P{ z2D+R}(D`Z7=%5+`ZN-!KhAX*)$%BoJHrh~SV<9`aC_!bS3+Z~@lu2mrLI>cYtww%28U+$PAp;oRhWH-XjyrKjBTx`(}^g@cA z3k%WvG(BuWhxDlXK7*9mc6|9aP{LpyFC{HyyOss0-s%u|NY~h7m?M%y$Gn>cR|Vsa z(St>Vv03F@pX!S~XPnL2+LnLoSg)M)F{iefyJ+$^n?@VB9 zt{I!+h(_=9#G7QXufu^}`sws#?mw^h!6Vh0#yZV;GtglNUY7GM$C&hs7vxBdXV|f^ znGZ`;4-eoP_vzuvIisF_*s@f>Oq=(E%3({5cDse}5IJmStlnOyUH@?JJjNthpjEFB z`NH>Fiq6Me&Dtp&iY+yD7X+wbHugv12(~;6+nE$?X+Qg>lPIFMCo)g}SXF>R7(IImo0gh+6lxw9K-D~U_5$7Fw1XT81F-Q;d zAIWhw){m=PLa~=#qqg(rxMDYEFy6L+SCUA>TAX{S(PQm8@lbgF73=>j(9kp@&BRaH zJDp@;*+LyJwH+U1kH--tR@nsfq)ocpV^>uk@-b*L(+uC6` zJHw-;Q$%7I6>zX82QBGN$CsY zG;-4(BH3`5EhZ@`biQ3o4D6|YqL88}##h8XJ{s;*0FwWR@ga&U+8TP&BHfz4H2sk* z25OdvKrNm%@gAIDr$pz6ps8$8vu5RadO@pgC(Cs83e+JcUDGRM+WY|}2LnlcfDqEY z>q|dAV;_~LY*ywMqp~074^=9Co-ChrZxsJm@1j|yM6h$D*d+%cSlq{zWWv#SHg(c1 zid1UN5B1qo9$BJz(H+ z<>FsC{qZN-bHzx>hvT8J#n9#na9kION>=eCq=&+)1N=%89r`ev6_%BE3#a2LsYm8( zC}Mpb2!~E_WF!GcefY=T32pZ6YJ!(-uZ`vrab6&s_&s~YMVP>QxVbyi#m0^Se|f&9 zFJAQ`P0lOU$iTNC^|(|Jg!Xd`amOD(c6R$?=(L-Vbwc=}6m%Bt`@ntc>=0aPgj|-i zAT)(m-Lmw%YgN6$Pz3#1XLrYy|6yQXtPmci1X!cT?gyfmfbA$BPRp$5A?708{b!iN z)$ZX{3ZENX3*`tg#iqd^5#blu@BQI4Nic!x$b3ldYz(TxtM|X6k?lD#4MXY3i+UX4 zs7q2X?j&_J(cg{45#IxjO!K-UIrif~8vyeN=XT&!ced+NF7Dml+1RF(Rp$1p|LJ}; zhQ_sO_hs^N&^**VSV1s73uD)T-6baQaP4hvopO1-ZYiXoQL3kCp4v3#8bn7KR{*_K zs^}aDPa}Do2DBKox^2o?i}uE>_@nBo(&86>QsDmQcD1HGBhOFd8htW@I(~VxlT$;D z@?A+6whr0J>?KI7>my9yQx;tZlXN2tpTx6o>1)r~3}d7)#wwlC767A=q3GRW&;RfN z7wsYZ&e34<<;+Ys>rcKkbJ31PRQleTx-}_NmuVa)G%fezl0i~66pYsLXb=V}NYc`# zJbG-O%#Q@JF<2uB6o~kgD{6wnlp#A<>h0Xllufrvx|7SYvg+es->+98$6u}R-_&zZ zE)Z6pJW5L#m>uQ9H@EyevF4SRh*zN!frKJL6YVLH0au*hZVN0BDW}+;by-q}N-p&t zE(~>AX&p_vkk!;Gehdc#KAoTPLgbuhhp8y;)zZP5UHjeMKL{%{ar()Shx-XLBUT0V zHi`h@42Q-C1Ax*FNfD?8$*eq-&}mTdRwKrXlk+0Oh>i`^PajOUlNo!aKlvQLjL)z! zfkS1iY3KWL#nutAjAN6d$OKZGBaET?-Nx%V*MeCc#))(gm-^*Mhb{Rb$OL|+T(K)h z?Mx(q8V&Y}8!N|r^n8;HLhiE>J1FoU>S9_U!p)q9A?cnt5z4e?ym+Pg(M>U@bNs>U z|5HScs3iE|gmI~aLjYf`aJEJKNef{miZI1(_#BAGn2}WJh*;Ko(4Y zRa~$>)EPTm>I;c3L&=GTYN)z6x5XfUiMPFX`P8w#)~!Pd9e7YK#>el2#$XhiE|f;F ziF03H65+3Lr!^hckx(MWWnyTs!$kfN*to`-7+q9x~N^CmrJ z(a=+ckPwZ=x}_M8_gtV^SS|1f`E6>(_XgvTKQrP#zu&rP9lu`O{k4sDXFJwYb$0v8 z?h&zYzthUcl6}Z?#5zKZ1_mXG8gPT2eJWwWs6*3)b1gE8(i?TN>CHPlUwj$o)xVJ) zT5MVU^=#6Z(r5xN!ajXApBwQW`j8FCXX85`*#rpkq9-LXUVjp%V$-zb>%nTrWg^RR zA<&qFkwwP0RF>)cUg;XpI8H_Bf%BrPbbcW(QG=MDFA|MDo%W9%tvLm3sHEf;~fK+ zcn^-UZB;#qNa*WgpXgE($^S<M9P^Mu|%XpY1HU zpkB}JLgr1-ysT~dRESgEm2@8F;}7wb7eDrS;AXN_YaX1g_GzQA(KdjH0HOt|Xb(g=mkOZUH0_x1)Q(;SU74PvA5_+5hRddH!U+?^rk_Q{Xv zZry!wP)edd#LSy(=TP>U42pbZ^ob=7wOg%Z*;~NLq%P)v7v-Qs#NnkpWR?N+V z@=W|L{h**QR#xdh(m+m6BelgLNpiV!b3<Ec`^|iGvO*pH0u=><7vT*0=CYZ-E;i1M+OR_tF@br2ch&;D_I6?q!1cR` zP)ydU@*h8MrH-NZ2ATtffJ$%C-Hh=1XEKjLk{Kl03DF?3{nw}A!zk0Fgne$LG|m|- zTFWvrjK>tlGriEph;s<9pEhVq!n-(ximC`F7k&p`ENPE{h*gdKDXmZQm<7ZR*HJB_ zD8n8-QYeYQ{UL96k6A6Zyo!l51Ng_Ef|ntwQuPI{!{F|NKG++@`eP!$f~{95%g-zj zf7pbdVh6yxkIJW}2ruw11g^b7%(O^;K#SAfVO>$%`jZz9KdvE2p9g23(_;yQNa{z{ zDoFyNTZdeVP!hjO#06Z}7iOy=%(K**?;nT|_;>m0=*vMR8*Br-Badzpy;@j7Y8>OW zZG{`cM3q@z2OTi&3VQfThL5UfCJ0pnG{2{;h(v8XZEwYFCL$^JI-(hot22as%(}O) z?n&hCvlrkx>a24DJ5H}uV+d=|OlF3iJ2=Udam3h(7qcu9A;97!OkkeiT1wEOgRg$8 z1$gSbw9bvQAihJ!F$v@$`tCRMM;K*AYeZxX))qX^6Pv&QRVvhQ4u`q5l^UD5W5ORo zf6IPTqH{cUi8UYQSe+IqF>eD!jF6^$$z@j}qS*E0n$*NT*kwwZ~y~X2yG@Y=B@}IjwnV_qKQE4A#2p*_%S?St@ zYs9NI{VxFKsFc5aW<*+s$PVqP&Iiz;FksB{!sruLmMY}76O1S%FOm7-Ben|~sejlg zc2gL5?2)(ewch-k_<&HUNE0`d$69NWx{Cz41hqu#Vug2W;qK* zIs^9sG6C9xK0J|;MeD4SPN{W9r6b`31}gd>4%5lF1q=dA@o_KG)tS@&6!|*AsMAR; z!E$xKQBLt0z$VjN%&9Iu_6A=CpMWsho8X|-Wx4JFIJqX}kl$Eoj6OKtKZ#nzd+3-1 zA)q;RVjRkAy&ghkRz&3E8x8V5SQ18~9LaeGO;V4;+}QZ+rp;9NCl*=z#It2pK_*_* zty`|Sk5cbHPsr~*bNx&AY+xVwh)bOG#$8kVkh4;DU~<7R)xscw7*M}%pdcFtxQ~de zU@_tqFAj*__8TILBz8C_c&Xto(%^D+vw$PxnFkPNmeCgHFI2{1nVw7~ z0#|*GP9nlZ)1Nr%(fK)U#JMAleisC@M`iUatU1T;o6^W(^o^(03~#!mzRwkhv1DF*I-q28pQz7#Zq~ z61_k9=Ui3iCh;u^U%{s4rG?ef@)n0*i}0tJ0sn!zH@o8s=5*Y|a^9l&k4_tBBD*gu z{&k~HwX`k{#pOk;0<{;0((Yl&w<@h!W)ODCBsb^e-<5MFbBm@%*q;lI!Q#a>Wxn(< z`Jh{d{FGF}BBTrW>UCHmB`Wx})Ic4h>}H)-Knf|mi6--7X_AdiZDEpY2Yg%gGO^Qu zAzAe&IFsci%yr;GLUQ!ovI~ZYpqYQ0$)Flv%qZIL=D*_&3vkfHQ9wBzib?^q|7D^~ z2@m#c(^diZ^=$(4?wTSA0czpHhCLA;UQ|&*cJwCJ50CZ%;X;NM@!x~pNFog_m3oz* z&&GAU(RsPrVc%Q;R>aKi?V=UOodV%(;1(7#k%KV6?^W|K)mVSOuKwIX^HgAp1Yzdx ziAA$$y%FrJ0?5@kY$LCbBVoM+F=k8;DL|D_IAx9mQ4fWyB&xBNZ@Foz7n>f&VDs#yQI_cU~qGJe@us8`3oJd zSld~fl2ccnnYn-i8Ge3Hh-Zz}1#{TrfK;=_4#Y)obH9zXbzhQ7d)g}=bWYtDO{i5i zpSGgy zb%9;dk^F(|Hrr|yG`z|f+Io1TbI{ykj}h(6Px44u*EcZl9Z4R$5N7OkfXo(kMUwGP z*=$#lq;tT1jsKT z%q}45E26-t7a#$}5>GE>=6KKp;P^t+LEF-e0p+hm#JISB3OXaEUWffDY4Yk%HvYWS zgne0x%Hd-sZ10ZF^G_~RuJYW7wx45LLUcd-c?|wMUHovQMZVPclqyDN!j~h3=Vhzv z0#~t@_!M@|0CxFOuj6qXPtWM&%rQ_HoQfY3XCU)HpwlLA0N?vO=i&KRcz`iivctnj zWIV#9g+B?mueub2{Si`8K4iY&XMJ8MzSpxowVU>AZE+!k_>?-p=a-w&m2!;q-yNg8 zM?m|~MB+gZR59GYMX+;XM}y312<=L7ROHx+Bb|i!d690al&P;ZfZBJKi3dgOh(eC& z5_=0g`UnXy@{RTgN_G$+Xj7aB_;)u`WOKdTPn#=R=390rV^hkGxCmBWZH0S@2R=yX zuh$gI=>P%%zCqT|j$1*Uan2Oz_F&<;6oWpzdFVDWMpzhY(~=BX)zIejCqOp?g;?kY zx|UACE5Mh9hUss`@ZKrx`r{gQG;s~46#9$2=Mw<1NdyszI12eh?BC>IRG({%C+M6e zTCPYB_Oh)6kVyMz>en;HY>}L(pa_Q%Rx8 z@P_nv6-rmrxpzudY`sEU4#_9BOPE_b3|UqhcEZQi`zU4BSK_@&d+4c!s&4MyqW+(M zw`VX;v0~wRR)Klvru$Im#4mT9wxBaGEwg7KV|?ztg_i*I50FXr2dT%s7Y5c%9Vw6s zdX0W51BJ3N3PIii#CuN?e}B{!gof=_Z}-Sk6AUoH#ocv^{oqBZ23O8xM|oYA6E%FZ zHjZ&&Y~?3Hr5)czO~ZP;*W<;5Z>&IZE-Hn1?}L)16MyG0R{MdyUdx0_JNYdRop8tg zr)%vpNtK8Ycy0-=Dz$MMUU#Lq&wqOmlwaf!uzKeT)rK0fuU)Icu@buvJ_hz9;ESuy zB@Sl1zeuJp?vQ&KQCf(Waf(D1=haZ6iKfoGwt->TTrqicjt7qc1~>zt$z@h;Q1)>i z(eIeR1n@bD^mm8|xa(Vh2`#a`sz`r0Rsk`QtpgcdPI`9MR$F{KIIZtqMg#5?2Xdq! zoJj)>>-n~kVCL}vf`B|X-_2fg zre~?bf-mUFl2qLn5^QrQ&FWevpb4Jyb42#Tj{qA_X;;1&$27mE$)CA)=4U@+%D98R zN!$rPBgRkxT#h;a)Davn5?0w_t%o{2Y(L2-0Uoxmk1Yc)H)zi$wxzc&>!G_^_`WXo zuiMT0|G)Sp*29rR4MqeD_fM6S{vMQu`tI1*`Vwy9NbG}#@)kMoyV>pZZ|yU<{-R;| zs$1m0K#({8`OY$3?ESp>P0O+^rCsWebZ%hh^|RZ9Y99ONJRIDIf&3+r`0*6qIR6nN zVk}486%}qMD-z>(OzY{BN)2zTeZjK+q)CDj!=LI^g1NFQVa}2OM=a*Tdw@D`g;}|8 zevQ|lgUr=Jytbt?XzyHYVT#zrQTTd#|HaquOAj5sSf9bQs`EOoGo`j6T9`fjU2$hh zjq|TBa;je&$Nqs%Fy2UUX@tJ0MdACuxn^BX=NcZj0bXaBJvRd)Hvvjmx|+Z4{`ZlD zC-cUOTye%dkHp8B$1=TViW)VK;;2G+*r~rge($KdWpI=X137A_@G0kj&HKc2JZd0z&zk^610?%5W> zj@^3L(Iltyde_VN*#g#2p7Gp?k{`xh*psGV^S#fR5|j z^t3C81*m@eSq%|3!{h-{J*uGgS#XMEB;-6mHPna*KXkw?S-puUJkR zowMLwd5=Ea38Ij^mhgEe+Vh`S#(4f?l!ozOfRO$YPL{2 z`G1{M3Ha4`!WDZCV%-m#wzB_i{Q#V?HJQ!|Tq81tVEo5&g_wIE{+)F1ddmwpuhqfj zW8!<(!9DE>YxI6xKdSS)pT6*rLCA)=pnoV3|Fz%!Es~oS&>ozhe1nu%t0lM>r`aDx zY4Zx!^N&ksy_zbNfDz;_s3jet$#~cggGb>fYyb80NP+LH=VpO{a5}w@#t| zgS+I{9{)XU5DxdJ)>Tx9weBwYznROJKE&Mqgu(0)A5$LT_YoldUL5WX55k-N%NalN zdD>X9Ueqb@<++VBY(_cg>Xjg2MX7xBA) zPQbZ{<9o_ysrWNc^`6{$y?10;Yy6DR?YVk?*Nd?kuYfg=!jQoA>>bAa^7-Jp=D+$* z5ys{7(;%_EilC!lm3zkys&xAXEA%n5tzF)4_GVavVE|G0I_I6vAMw)U_sdC0Ue`3IN5*sWZ%3MQT(@rnl@tg+pWbu4w-o#YF>pWkGXw^UVSe&&(5pH{ z@*dyv?PFt}C#$?=a=iX5e63R0?Q4nVvBEg9_O0^WZ~4|drz(%h*}vYH&NTi58U8+F zoJk8p1liB8D0c{Xi_!oJeQM&*=`}9qVt(ehcm51dDqUONr>y)8Fa5gHzV#Nl{C85x zc|JdfFU#boHw=T5^WWwCUnB{;i1-Z@;|qna@sGZ(W&Gg>f!Y@Y`QNV}eD({-CVZSO zsf_12fWOV2v#+)`)+kj94Q~6CWM~x#a!YZFJ;A;yiH9Q#H ze{`FG%kC#$6ZFh~-*k_^7nH)*mCtYK`xxzr$?keEcK72v*jDn8Pt%#_`w8&AzfRy- z{Lg8%v$v+O@MIc6=%us{A0gU{XBci-bU#V&z>QlGR8 z@KMU;#T@#e$>))uH)YBw;Y%8c9yck<@c`&sK}*`({|Dt=LYq zh!#+O2+GM`fyNkO)&e5;f5xx67Q5p2NW-mb1G&ADj$=iLEuVa2hUsdf&oD-Wn0GihkuT-=RI5dFmm)hm8Ca>)CoN|tMhS@7Pw zcl=ZxbSBf*GOZ{Mto(-U7WT@n9_DG4STFsL9_|51Gff~b5m!Aunvsv42#?Y;a;mYB z4yaipEsw8gZ0;gEf40=qMRre}$w0=VmQUO#7|^_dT=@)(I8)i!II&HFdp&ySzpZ^y zef6H(O{8V~hg2$sOca;pOP#o9ZCu@UpF6P2S{F6}e=@}+C56j3iX7CI-zvm%l~n%^ zZ}+eziWX!GG;KRi+O}=mwr$(CZQHhO+qV7g>sF(h)!Xq25qpifwgqm3yZw>GIb{p% z@sM`x9v|NG!73%C5#Gu1d=xLW#SCGhFe84vkQ3DKL(*~IvlX#2 zJzSr+^l(agDBFWF+hVF<6fEpxk_EU+$&}kc%kIo3452|LxeC*a1t6F!N%UAj#FCBB z08mh&a0(Q#(tGEiz3jyB7J^lIX{W4dBg%aIYje^#cd!HEjHb%ni0AjaV*PAUH~p7+ z#})IMJeNVj$&q+e*F6x!EG{SnCj%zx2HXlTfv^yjM4zoClfk)4tUfARuG=7(kndQ% z$21n!qXsfEn&iV{75>BKq0|>2J&r%EcCu~GAKBzhBQJfI2fHv7mE`zor^3MCKIJtl zsl{f@SFo%qnuSqfK!sJs+i6{eTV3LR9CMa5nm3|oIS^6c(wxxefI%=0jLUufZY(C@ znBZ_L?J<}`+)VERc$m&blE4Q{Zn&V|s}J;l=^lTH)bWa*VW>`gf z5TuXDxMmSAnPadkC31Bm;&r|zBzk!&)dvny$8V_!*Y@JRYd0=f0QLTjT7wuIY9brD zAP5ik10$e&b*>&R%z!^vO+USNv=OuP;FFH9)ABq15ZHl&wjlVc+`J3>~AQo?~0K0oc}N zycRw(sx_+z@{;ph-FJPk!4batjCAEy5KBsIh$803r^(P`0@yfdu6%r>GQP(_u$Dtj z>NR^&+-BEosJ7G4l7R!BvHBgk*uUAWI}@(cM0>`EIluEdRohAmcoBy8iViv@M4*lS zIVq@880>jPswrY=9fDIoPk|%9o$NqciIuB)PJ9vE0;+c;nLxF&z(U4yu1%!y=f{Qx2F%5G}>fJoWR?Oej~s_477f zxYNq%vvc|FUHSM@J^P=-U)1*HFab50LGLi`CYPWUL6qhPS`iF26YxT74y|`{0O!7j;>j>NrcDYc5~J8 z?yo-*LrsFWO6ycTI%x&P2e66Tl zt<&sORxlS1Eg}mA2BM`((vc~hV;B)T#HjEvUS}h0CdM=1{Os^Np>7sa$pNIJ00Q;K zBi1Y>YVQk`%&b%bnoiql@vaHSNU)J3A(+&< zhq;*B#Wf>7TTA+e!}V>ls2WTvzIdU{Mz>d#oSZ(x?9ZD(;^(k5s1mmypCu?T%QbkBc|K@S9jAT-+__& zXUOLzqH`)C_2qFw9_MXAd-|9l{Y@j;we*wG>s;%Kc9j|KAJVGU*ETh!?#9-Eb(gC$ ztw+VRoYX?y8%=f{bHneIfA2mEy>8wNEST`#ysQ?N$!!=G>=VU1;q5)n+Luecz4=Kj z)4i>&G%oBUrwoG2{guK@n1kEG9qDPW;!yxD%YS;hGq?6%isHAh6?3#F<*5$r!G zEJ_Ss0A*f0L9}YaqX=-!s2<$On%q%F32P-{e-w!uzeyYrefTLSVl*SsnZPT%Q*|+&8}D5(>Z6vDF9uA-J-^h+pX78sKbo~atB!|1kBM)+DcV2koWC`P zzhwDe_|$fy`&T-n_onY>Kl|NhobjKG_U0_%(F8HetardirOGconuIoj9?yu6Z`^Dm zv6m0Ll1tXgS3Z)-5>ey zmg?QB*060pzJR(XoPs@0gZqujrcO(*eOm(VM|R_br554x|l zNBu$H>-+ViGVi~#=ilGByFcxySCbd<(BCJfGZQQ;0HF`!YWO63I@H>jd+jY({H}8osI%&Ym^Nw;znShLE{-mh6J$K8Ka=`?AL-Lw%+3 zK3>pp@x=bN6Ccw&od1-b%>C+b@LnsY@zQmaG zCFEo6@AHdj_~d_uDk+QTd(oOE`dNVg?spuy5S4WgeHwtsw;$ck5zaBh$2n^&I(#gB zUA`ARF*ME#>+($#*K=)zOY z!Yp0+|4@t-5Vq;Ln)PIIF>SHzu$Sv<{Yy0}?c%#4809bJuxu@Rt^HhLvE>1nUX3jz zcdfE)GnZEc|5FnoYeaH!mjvTK_+5tx&m5kiYpl@)N(ye0APONbj<8Rqrj2kP;v_&% z%Y$00dJVjjo#Tg4|3|}wpv`skJy57Kw8s(T(^uNjk(b~K>WUtl)DWXz!*k*Q-JN*I zMn+@iN*q|qw8ljmi3Lx|66k1&*JXDX<(SdU@KM&~TRfcA-qQRdpjV3a$?k#ONG5>- zx~;8RsoHsmJHrzNCPCc{>@`CZ)Gj=5z3gUlba9(klhMje)@Ee5T%+*mD6|*UG@BW# zo6E1&rqOb7kKi+UN|`27-da%&ovN)4G$}>TQ{xKJhXZ~CigOt7rUL&L$bo=n-sIqn zo84z_$baGon)|=LxJ!Bhsn#(K3)qU>W0T zUR=F(PMotBaa{OqYi>~Gt+B)Gt~69O%jb%zeZ>v)1+OLP=nUWh;gNMWWMCIr9%17%{ zCZ@$XU!9dk?@nasAYx!x7lW!yQ8S^;x^Xoa_r>k!h!3RO zuHc|!lVyw{74oxpBf<~RSx>b}%j)j4Jbeg8t#Lg5kPB;I^SF|NL43N=*V z48}MbN*&Qaf?=K#!vZCOCrv5qZeRd2GA3*0R1HeIYLGHny2NaJ*Q1T4^EoqbJvEX& zJJW}y)}_Lw4LZ_h3^ATlwcxyL@UtNGq8HdkV2(NH}-ec1@>m12NQ z)~aG;P!lKYx`gXbtPwmMG|UVzb?NSt(y4HwJUkjovb>5pkk3!kQabXYq!vf+c}8XP zs5LNhl2C4}t@b2G<|YuZIl?dLUwf@LCDw-wqI~*d>6CH0Ui9EM&_?kcsE7FqhD_>O z4q19@r1cI-Dbkvwf%}+Lo0^H!wY!BUhHfU}lA_|@kFi4*%)W+DC8$$5E%LKPN?W~C zqu+unQp~MZu^XOYhw}GZh3h=MeF~bk)R(?$DPjrwJXiV^kx-v{4cnO2#{az;4L67A zJ>gMNb4yXNV7`7dWBUta_0GEH3mO^^J@zOD8NCe=MgBC?`Z&SCsN+QRqWIL|@6>C| zv{$1vwD6$eO}P^Z1sn}iOs_z=w3v09j`*)>rq^T9z}^=`azrCu2;2H^t9k7dct+mQ zQE|`LeL&H{x%!Iuw#MVdRS{!)YdrZNPwOmCCYi<0Vr(5!@7Y~7jSe@+?8c-}NRwN? z%Eyg1LzYKR0mp+k^s4`J5uNPpBhPEAO0K%#zeF@^5?p@hCNW9*?|%)RCtwP}@a;Lu zm!h!{{+~cFvM-gct12zgCj7ktV}fu%`2-mk04*ugRmeiFB&YLRrz|D+P1*|L^;m1k z{p^uBPzkFX?ueEW1m9K4rY+Nr7mDOi4g|{La!dB7>hsvdkqb;G&Ia61@yUU_+A6D% zk}*gf9&m3d-$7SJ8_N@oJe6Op9l&s3>Z`$UKm z68QU9G0r2FcdQKI~d?;hbrF-llmm)@l6i2MBej=J3U1Lv6D_>Iph1kTk z#A1z8E{Qe?{($Ac}jo=x}lmPos7c6p5;Hpf{>hA^@ zks8&d!QpuIyflGXy5Go64FJ-m$DN@WW|yZUy6r{H>B0GbC_{q}yZ>PSlg4y=LEC6? zuO6e-e6?xA4OAc7sbR*>x~T{@oUG>|TluCPc84s?R&<6GWlQmFrRLUgQEE?@5p`** z5e&iJqc`>`pgp@$pu|}W{@esIn|r)R27Tk-ekx{i>MLtPTArO}Fg-kVZZN-@JY4@r zN?lDu#Od&wHqatF#o7uqrDQAu@%LbHXt7LNY2`->hkmXMm%=8IsxPN(%K(-SGiTQ} zZ-VC12g8F~41;BB(06_O>o~4$qQ6-C4w#@MPx0;sn{jtAT=tht_mhz)7JDnRb-VIn zF>{uDAzqVlXqA8tO_`nmKqN>fxSN!@Bvocll3KJKbaXA8hy0KTv8ptYlRbSyhkDH5X5jo(t z;Ox@Xlz={41)^Y_Xv%j=vd(~tEHk?n4xEoSMyzC!QTz-PEpkFlR0sV>!$nH(rGz*d zyF2tG0tZG5v23x!;8n$7Fb8!3RE-}u&Wejy>tcMyQ6G3_7N22}ZowY>AQ8T-Vf^I{ zy>OrxxSfMN;D}(&Is$Y>`&NYa=lfI{u`BS45BUavyR;!=4FJwdsgaVjeNk2I(KFD3 zdsI}e;Wlx3@8!(}T)2Z70;3az9gVfeb=s{<{cbi@daKjvFr$0V8VZP*0923BKch#W ziBEGvS9MOLJW)8(N!6SkamTE? zt1y+STdXu4wh;)Je0O*?f*+B$%osf<5|B*3!%YX=u!UWVJ?{g`u^i5f8V2axw~DI9Nm=VV@2!dR^`Xfr5`-F zL#(pMiqUJs^Grt}<#e^Mj|667rG|VY%2Rg2ORwB59-ys3cTrst11w>Vm*a@;+>S&1 zT^rwp3{_lJpU!&tc|P-DGbAIF@e6?xB7fJU79JR?XTqD^$E zmCQTi5~%R6kXqOWJy&L>xD15nu+tX{$F$$7Z|FnEZngX)ZA1%Wtwk2MT!c%*ro>rp zx>RGs=tfomK#o;#vKPAGxCtN~ns--<)-aZAr&F(6frPd1*>ZWwY9Rlh&-oo8fg$(T z2TW^;GjFLHY>kBm;P^<4srbe}*|XZrGrQ+*W49^S))Jy5DmexI#Iu4GiK7Nzf>f4} zmAZdkWt8_OysyWEA&6M#c{?J;+?9_;hFR!h*=+mUxBUj?67M7p_p&v{fa zwaR6u@T23Y<9j-v23mKP24H;suIxNZG#S)U{3(u%Hvup)@|?QZW_{664CCZnxH&6D zsv2D_`<iBA=zK%}_IWcUiA5fLGMnc8*q`b8Mypym0A0i;W_%a+<50s($Y ziT}X8&Kia|(XlUD@bM3E8H+$1W|8v~HiyR4Y#1j?_PW9zwN+6#Kbf5B+{%g*}8qzaC3`h>T@ zMq<%TvT&cU9sIq8lnHvYI$5s;VT?gTFYLD!=BM+_ABYpMBwA2MXVaLtcbjyoh7$Yi zoP*<~0;;z%&qBG@OvQ);Yy;oo4N}k9k3w$_W zvSpPSZ5+$=-1nF4&tJ%6>FZMLI_>XZOlw4c=Q)d*vS%D*k~~5BZ0aO4sqc%`t8>R``mGa%ggG#8R`r$i?wWWu6f9+R*QzrdTl~&qdsshIImXDT zQ{;OwleRf?XjdI=$*tMTh2smfcz1Msf=ls*!KODx0$OnNjj7e=M2S%8a~+U9vO7ju zjD}*AfHP$fr>%LuK9AZE$7Eb+ws@9RCaUp`32-fnils*VB&im1sQUMq>CFdf^&p(v zFt6>*KZ-Z{;cbY>5b!ZtprH>|(Uv#!HAt!W@V6e~P?Xo&V_nj7u;^5eNq@0$TN%UGEeuZ3P+^=aWYpuc>0nPE92e&!TH89#DetDJ(LAm#=;c(a>39|d4`QSQ zL5*S@38t2c{?+K;9NlUA&kZsJqY-Iri&|aKtKP>rwf57gLRbJCK{5>K`B1h8z(wtE z%p#dzs}FbwT;B~x1511WC~dp~up~&V6JVeWc=z2FJLxI=o7}?~m`vUfZbQH9wa-SI z986GQbD+D0t%(CD+$7Z%$5e%S;SB zRIH%mu9*LN_U>wyW8ACx$97TW#EoJ494~r?q3fNQcA{ci92yNdX_4x0Z|LpZ)@)eA zFb!--!V%{gkcrwo1Khkb~ zDsg2TWI}6+mh70?vT$F^i5YE+9IDadbX=E}QlBSI(^8CY+>(*s&9&_llos*5&4@iO z?G){U0m<6fAK>;y(DHDc-KwPe46eqT9f;sn+w&wu+%!%FG*kR&`T}f;mg#3}I$FuA zJItT&A@Hje7_w#dQizJ>paX!}%cW~(7DsEc4Vf^t$S%YW4ePq-Xvx(J?-XW2$GprS zIrFFGj68`I@t($Mxu@crSb8dF%)O%r5#;Yd>Oq8b!R8?W@SQjDm~+LK9afjf2`45w zX6v%y>6mHUfEq8wJFYFk^y=a`hs)0-`1Q%}`BoA9Wkgyoc(5_fXm*E+PlgO545wN! z#~igBx&SFU0_YkbUv?|I2FMmH59q(H=iGDS`SIRDW%tH<6l|w1naf*q!%Nz2?bz2M zq0T_W59wLRDM9IR&K4$QiL@NvO(!e)sNAULfGyoW^FrYRV7JW zbh~855-97v!zx(|uZBa{up?1lg}8eMNHC)OXOeOE>hu(6eA)o(?F{j9Bq4D^JvDA4 z35Id36^*&M99_5Gsv7pg!MWFJCF)5IKFv*SkTMhkx((`zL_sOtVs82x@f$Zm#Z*Xg zy$74`y;8UhRE-u8l(P}B>eGI3u?9>e2PtTSHQ#KA8ODN=dUA})Xz%ImNL%vKWjX89 zd|qiKj^26YDYz&aq2`zfSEMS5j+zNu2KU{hWS&{v0nk;8+Sju&xlzBA&0p|;~I-?I^%b&SjQ)6+wUtH~`mX`bHyBpZkl(iFn2Iv^08-?g0 zOIQf8JCeD4+@91foX5}B?87Cd>?eSW(~f$em03J?w#ZRUGg``K^ErUmpfOJji^;xL z{unrn-#cGVoZYdR*E;uxsfcVu_L`qilFAr7hr%vrW(G2A7(Tl-s`?kB*31&Iy2$-wi^3PigjIGA6& zo5Wh%z$yG$IvE=5uQu9%@9|ec$do0p$I7eDoLQHXX@Gqxr1=6-;oCz$nJ8H4_ai1+HZh$JLd#Uckh8aIOlqPB4t##*bB741m>;hv2&|hVXLA*h&&UXXP!V(#OJ5K{CJ+-n4T8_!giS_Ll-MCY(;&-~0L@P}P#XJVkcR#kv<~u^0>_ScDPc8$LE;0?fV| zx562!Wd`?_Un@kf>DWlecl%tgkZ(C$U&vn+pFw9|pxKinK)a~N6 zM>oTx&Xzw&!8oMORUE?DKJ(~%_%Agt%4`M2NP@8+DKGn@*6Z#L7IZrO5@Zy6v2|Ai z^k8I^yvo6q=Q|<$rq-#BbxaunNG--)b&sWqmDiw6{WWLxu0OZ=piMVlPuwcj zrQ(c~YBpjQ`~~YImn5nC^C*sKu%MEnL$R2Q3`D0E9nncPo_V-uM%o}YIAFQo{=5yd z=i6i%lB#cuv)o$VJ=KOS)8W<~4E2i`b3d_6AMZaIfsuqxi4Gg)p0U^qquo?gLOZdS z*kBFnUZrwuW~usIXnI9tCaSL3F@Wl&2|8BMYh?KMGPR%NpoKno<(NqbRbfy3Ii7`u zN(Nw3Gz`?apDrY1>OmS@A;4irldkFQvJo-PbAE0-a@wLmOelt2Z6Sssr6MTeIR9^1 zS#jO>w|bmgk?w}b0I4es^wrRIveLGmMEEJnu~x1JwI z7L+QjnE1SAOoRlvrf&e_H_6z;lwnkPS>sNw-Dyn}4c56Y;HZW0tzXzs>CXT~em2f9 zLcdh9($n(sNsnJ*M!`e?*!0dXj#D&%x*^_?V>KuBX+nEkpY2ZbmM0$LmW9 zAR~T=+~5uj`QD>tU(`mDwE)FxO?~2jt&gCQ`GbIDktE%#L6e>Bx6)Wz<*_i_ZL>3Xkpd&l%WSJHnl+l<*sH+l4JWd_1-IF%nk`C|vYucnXyHX?T*M-lU9X9FaTpVj2caN?ACWnL zqCS-jd!os5!d`jX##O3l!gx&1sAUhj7)nrp?PVYxCw?)xR_A=D2xF{0dEKq~sCU9(8+vvf!r(AB?mFU>Pn)Anq2*Ha!1#61n6N7&kktik#()0oA}f}dQP<(kqct=y zR~{|ga*$(+JU*vg*{Vjk+r{b1`ZuN*(kD%Zs4sUcXY7D)KRBO|&x!-@OrHtQmH9i* zb}F#GG5z|tXw&wR3^W*nk5Zu$7heQ<8>u2XE)LLpc-hJjWCS;K?`ZN-LrDIm>SL%qA6uE`XI5#3B&R&^$m=vs z4Yr#PWv`|T1zfg~T@jQH5wz~&u~Z4EVz(i_z<=GOL}G{+D0ZDEVJvwlP=o}*f(6^8 zhihA_L-07kGG!mLs;O5h>mJ%XlMy;W2^`4=0bnmQpJ{?>xKdKNHCQm~?2vY249Ep3z{>pu1lXn*Mo@L@ejJy; zh5Seo@z3xP@#A>Rq2qiGkLVBCLXfB<_PK%&f1zC;Y>PAS_D{gu-vDfU{r}_12V$Qj zDvvwxZggje@f9@4@JmK$a4!cG2$4G^kB#`z$NfOp^^1-*bKwVWO8)D_{fjjc>an&q z`1^;szhL+0&eL!lZtv}#@|2Q_lHZnh0Ndc-?9(< zh>+g<0#!5mHcji}=F1NFHaMgJ!AZa35dkW8vU}hq1*e_VGTS``QQZ@P zelIwQBLm|vxE(UZ^r+g;14M87V2t#3r|+)BmHc{Ve8EJbk(=15jY#qZ69kIS@yR>>eZ6sJ@3SSTbLbr8O-V8cofq{z-VW(gktj9e<0op&N&N z8_gU^*QkkGLJ~ek!COPLy~idQ6FHP7vlf4oyITf4-3Iz4Px~zPUOA7TBpRw-u5__g zTCsSYWI=@(qBxWO8ad%uGhfzds~e3(y+W=1V0R-k>qmd6DPzPE|sm z6J0@Xr|dLt7N*omSK7P7QkoL6%*(a|Tmzv`@X&>3W+-V_OAF|K7YaE%Bf3v9W=D0!nTV_0 zWo{SiL>#rM=zk%~E9va4qkv4NHBi}3hYE~NvJUT@41O6=7O@sd{Vu8N)Z~ndrr?mI zC6k5KM&hr_-@BFuB|LkC!Dr}4g0GR6u1(%xVss~2s@a7VOAINs|5AO15>YqcBH5`|D0awWFVKLdL@g3i=T7 zX8a(r8r?0(w`=PV###XY61=xTn%lmbQoi_nK?$q!azd_2lD-h=Fl0|9p z0&p$F3-`&t9JrdOlFvPs0!{vzZls}7vi$?MvCFl#1AfrLBeCUWEux#4hn|BXQj*)W zCR;`?i%iVi`^+O++%1j}B|tX$udV%^p0(GX&ViGJ2#f`xy+TFJWGL2_b)zL&HAeAp z!8aGw0olCcWa=Y2rVbVA7KSzT8*Bw+$K{7D1k(;r!*%tkWRRVC7Nhs3Wff`s~;ugyIOj`oI_nKLvJ2S(Z#L>WO zWt^R!^&|`JzdUcf0X`+_L0yjaP(-rw4x6W%8j@o|6n|{g2{{yv6^5%Qo+?j!K%A9r zYOhGm6)>vUO&)_72t@|OId_k%o-8!hxBmOX`pn&cGQhC5%~nQx)>8GbTJi1`2V@et z8S;F@E@|PM9h;}k9@>*KW+6Y}$WHjhd0jnxYBnc|E@wx#OWr-Sl%3S1j?6U<+hO|7LD0rjoTw^;w1*bOsf1D7Dmuo6( z^V{Ki+0GyuM?IMhGJUwgJa!zXyJ@nlyGx2HP721UyEKl5f%ccI;`MmE?TeO4DJbRS z-m-fvGM$~*Ph9=EV_^`6QPtHOKeO^&V>oTYTCuV+nOZgX9@n)-MHg_#wO+5j7a?43 zVC8T{WVN!d%b~wzF3BsOwQYII3DY1@CV;ruPz;XaVz39A!W&4JdcZyn_8VqC-3xN@1a;z9w(?SwsrEQ0!?`g z9^thrqg63vxF-8SuY?|baeLH*bu!zd949v|DweS}QSVAO^9bRUvcq-y0h@J9vDq>@ zm?cBwEeVI+6cA&DIo*($!#Z^NG+4Fu;Dt@%FTPcQgDEfhf#_Qu#B~hqFXxDaD3;I5 zu9}ASJgMw0A-tQ+G4<(-EVg&Du0-Bf&@xfQy9}%zj&(J01W}a^>2)q}a9oBx_n$JZ z8;3lIJ*T$I5~vXXP&;#9pA3Revm9>3v(kjNOBRW82a1GBNNoDjKq5}oc;|D__tCwS4be96GlJX(-i+yI54Dq*H5f@BVU|O_ymSnM@ zLjsR!jmJo1*!f1P|G=JmmX?&$(g;6Q8Vl3`Bk4)mO=Bgx11$C_=GQh;GhH_C@8G92xQQT_gzbx)2}s|&*pj;W zUj{=o&aHUnGdVK5p(5#WkqIczG_F25tjb{gdzS*}bsgrH6G~ByDzm&352xOaKvF8U z3=4Wad%6tbT1(r0KQV$eS%9ZmA<|JpSE_R4ta(4c@L~o5ZA0GDuVnd-i`t}LBm%@% z@ZXt417F##Ef++ylhykfWT)#*tVE&b# z0H_WAdamFMoI-fR;8Jc#ZF*b0FlW}!?tV`+-?BeQ)1LQqO(`1R!46vACLXlMW3SbfFAvBflb7du(w9n&AJ8W0 zPEa4a(*C12kcDD3a!#abc!bur%X0LX?o5`umrt(b4 zw~y89Z3shsVXU@p*hk?sl(b;&@e*;{yCNX*2)hpsmz2`2z_byJ>yTR%hVTc|Hp#c^ z5Q?*w@V|+&pk@(^Rp3GT)`_i~w#d;mGU7P+I9l$^9cJ-eH(w6>N0RsWBn647sRUDM zZFb!7s1y;ar@8=^t`6_{5z}D6h6#B&Zf?8L&O}t8o(H|n%-@%(@-qpYw#%&ab&X)1 z`(!M$&Z#!T-6H@F!~z0%9cNq3-!2mP*{~he`Aoi^Kk(tp z6`D)e55xrA8}7$vrz=*}{KSLXj>j`pW|K=)J=Io3@%ck;7Cy;$j+rC3>5fNTq}GJb z{Z_0uv}NIcuiGIk>atOo^zGsB{wdPO6}zBAmLg0I!YzUZbOf-Q{KN$+zF6h45+ty( z3Cpw!at!K2HB}ZK-~p~otpG4OIj@=r$O)J`9MUFhDfY*Keuxioh9CGXfE53pWGwzl z2I_POpMHj!T0$OO@W)meEdMgXSJeCU0-o|NK;kPOfv0@)k{bBq26sSNdm@g075v25 zKQ(zh)Jql#{Tb^YZTV|8Cx54K>GOx#t$$;4^AV@H={FVr{^<^jDAZJe38|Rtx8K$- zaRk+su`HQFpUQZapZG^x6vS-~JcX;&qE-rXb;!_w3R1~rILCP?m+-?PR{YTnm279s zs|aN-fAjnr;k*f3y?1)bu#X^{!w_)-<+{K0BWQ)|R3krl$%%8mdA%!FoF9hZG4nUM>qk9NORN=m z-u_#78joVn3IdLe4aW;?1~>cg0{@lmWoPO#b)~lQV>wTFLD=9H95$eDTG{DL1D|ej zCIu7rZCveatoIPI?PQa1_~VR$ZhZqF;(uG$EAEmd83RX!C;razIhi8a(db6JloCSU zuy-$aB8H09io4T$T0}H*$NrnV`<6RJqd8uWa*XDP_@2=*P#NEK(OUOs zD>F+>`UVKgT1^`s!6-V?9-q)gI=T;+I-R{Bw8Zqv^lvm@pD&%djg$Ro6=G9!601qc zLsH?y2eZC(HecJ&WY0AAn-(4aL_On^nIBKv-oP{($Hi1t4g=fB|6~XyS}1axSC$C) zQ*N*gX6N9ubb?ORFyBEfF$x3o}ihLCfAjaNLP1w#@ zMFKg@tF$YDCdyM?VkQ>Q)=R8E9tv8p`Fx=Z;Yi);OCenX7y1+C#f3=Px~k5jMm}kx zNb!uzp2^olV_HIm;}cGr(s~)0@axq@Zjqf7)sORHuw2HfK7+{L>{7{lg__X} z{&+Zz8mfA|97V6!zw5=9OS&p{eR@`XKJ3uxB8a2%U(!0xy7_yl;+*Emf{}e|jcBCa zKaw^PUpax(fZ8q%+F5dyQlD=SR2U{2ajvsF6HD`p}{}cNFF??!2YhwEi*5 z8GL$M4QR{>sM3CvCMay$i5%Pof@|#pvd@h`r3lQRTp$MB;;%yhxpJKp?z1Wiw5+GD zxGl#yn${pTSx}}8UNhtEEUVpsSGF}(hk<%uKK_T*e_Vg*nd3iz?9v}Po*kWS;y218 zMA@|RTeg>WvU`OVaBGytwv*JUS0D8(raYs8*TvcAgNXWedRxDud7)NUJW#zZ#;m@Y zLH8Ux5nqtb_ETcqBze?|WIPDq$kk9PbLtoi+n#Od2V1!RZFj4vQqiAnen0LS>)6fy zY{;yp_ug5H0#*}hFNe@YG*th-IgCn&yznd$*1Fvqb^2#vk$ah6$;a6?k@d-H&9K** z5me&nqh3F2s3Co<>(Hnf0P?}EEw8V;3>A}6g|(Q(^|yjQ(KL8Y^s{X>C(g9c0j#cQ0yeBQeX2$8E#Hi8{<4>R&JV$L$Bo z(%V_eJEF@nhLnU*i?xxR@K7jCH1Pe2O8@1M(sEgVBQJ+a$FAQ75OMA(MtTJ0_p3{C ze6{;#VS6Od?L9$`zD@fwn4G05-E1?DbpBeu3+8)qC zOv)(jw*km#mLTimaC$bL?(_K&H#;alIhEf;BW9P~5qDE(9l$NczB5yGaOh4m)ye5*3W+^5gG}}t~_fPJ0Liq$FNHQI_VK^)6 z#l;!K^UK1WTD#FPh%EeQ7>xJCI~@(@B5&V5JQ=Ql7BAE>C9K;NzT2GSuZiHMTZI}G zsV@^eG8+wAOw<)}!uw4;yev=JU%ayft+2A3VVK1|P;1eY)30?lGpnJ!$A zI!twEl`wl}pSQiDR?_w?=e57jhD*?nFH(ZhHAywEo!~o+3xHO1FhhwULixTctRy^( zuC-Q#dbz9Vtp8{*ei`C<|uZT2l4Rg@kAbflVvcATm@3x6ct1y!uq{(n89 z7}}m55?;>6X1XDug+{`lHE+F5&bdeV)kl#P3*k79`9(O|sC``ddj_J;PsRSWsCw=6 zW|#4c2tM)NRwjv}2wxL&v?8mb9-4%l0}J1wVgx!6c^z&U$NI!`j%Fq;m;&vOOuK=- z%TH(hS@S%%`8b`u8-CJU=x4tU1M#?xw;FiI=sHU9X@d0_d@bj{+$|qZ+f4xNQ$8UN zEBf0c#Vw^$7?B}IZywq;j@}8h>T+hPgb}r1M3!}3~e-bCZ<`kq+Zew+)P5- zxAAEs(PKEA@xQ?c_t?h5fbos3IXx=K1+dZOQP5Z&n^m}$lOaHh z;a^R%7X@=A@!Retk61L@x#g!Vx4Ikq19%g)+?&rg>kZv!$%E$5z~4po<|2E!#^<%> zJPz!BrA>4BGY3_YR~7XyUATv0E+s?Yd?vVYU%d%8d^qk)cHDf3&1+3fy54$A<3*fC zJjeZSObPzs4p>?=iHO%m|D94UZH)D%T!kj{FyNQlQRS>`1nKV37Kf{3xDcv#KgJKg z&M7Xa?Q`isl2J&!Qg$5?0ORQNp0J|9`}pU*Z7k%6ljufMb@13FM*o#E>y$p88P9Gd zw=iIz#=LCx4}j~`3zjcd!4o7;%h|XTEC#xfuFlMRuj?XK=7Dd_6#yu7mN-c|m*+Kq zef*pKwl?}2evw<(fK>~K7Y{8=@<+%@pg#~*aGHYX(5PTI_kGkUIW5HWDc7q#h#Y)f zr$PM37K)nH;n(_9Himp7U1|F+ws^Z#SA2cl0v2$7@Pq^$MXqLlJ3Fy1fb$DezxTsY>Y;6 zyt3n8l0WtBv(hUc_lhGilEX#6RF>V?1gp~CP5jMWN3p9sj>5FW7`BOBi>z-hj=|(t zpQNBp@%;T9Xea07eYZ4`@foQ&fXdt1p|oSvsCOBpLV7%YPm1+lKo%;Cy9a9p2z4De zfu!i<69u`_o5}l(-o3*!Tg`=2vfCqRW>Z1Utd!nFAs^b775h^P` zXv6L-W|O_d`~qq6N@@kYhHtbAO%~W^qRU4JNgmd6rP61NI0Y7_GBOKnm2qzKfskj(03E&kz7e&rd(QnK?SSaN*!Bt#Y7BTS#>;;+c zoos)h*u?#fo~oLn=(#q?(*v@h4eKx%y(+=To?lM=$&W1DD4fr~uqXzALDyEi3%Jxn z9gZ3+xVx^^C-e24`uJwfu6rW<9u|$-GHD2u4R{Zksz<&xfL>AW5^GVWv#bb$@;C=F zLuyAFB-b&quiAqDI3~GmRq*7SdDz(0d{$h z;m;j=r75t?fsy)elB|$7Q?P_HTV+-jELG)${9(u)1a9k*!gysI*Q%dSYVhDhkC+$_ z;|Vq>AS=mdZv)}ympoXWX2JP>SY6EKFUma%PDD7`&O`ON-Yx63wq6v`kV$5|WS&eX z*L>PX@nJ+8LBAbSjmwqgel?1la)-k@VDwnrg($vHDZ5bT9fs`(I@+1{L}Tp$VBX^#pKb4Db<%Qt?s9dm%T|Q&F)wU;FT;3o6nsRyW^%kzA_ER-)_Rzz)YqxO55!@X}9Id-VdWtW9|qX3Y#KY?r{=Q z9LT)=e*iZ?$iGD9W_U!FUFxPpI< zm+TXvJU{iMp9B|5{b<`fMnmkuU*{)GjnF=dYN&?D&{b@2v_8BgD&sov&7xDQT7+%M z;~kGv)o^vK>yebj5kRzgEig>Ul!)moTCS*gJ(qK~30meM^F4>+DL?)FTSiV01;lwU z`6puRG#k{KvBMn{MjVPwWt-N}k14!+8n@~cXx4B+M!H3V!O4WRn0fc#+He%oXafn>C|`VrG6i+Ql&_zyvzXweJB=F${Dy* z-;v-!`b8%__rqw71IE!#OJruR<_uM^Ifs%F)9C8lW*mxq`Y)-!Qc8jG4)>k-ET>kq z-)xz($Jr2z>@lTo50oNMHt$FxiYHT?LOk#QiXfGi@#$4UDoqTvlddb&ihaX< zOyJy4tMa6i$S@?ivhP=gd*D^ZD*~mq35rHq8HVq;A4OA3wLQ2ba{>KyiA0{s4GAFM z8&G(i3!$cxPwVv37V-S~Ioe^Ygj`dRJrmqJf|>15Ev^mL?QJ+!ET2Lh1Kflw*%2UF zo{jZU@tq7xMlHR9K_)WRW%)!6>_hwCQa&;7-;1@ZurxhlhGeW%YU_;{t87NvjEw!U$f>&?mV9DxWe?If8NhY|f6S<^HFPH>liy(~%H<%j7 zD#p+CN_3PR8%l61v0za9TAw4d{rhB5hK54eXt;9OSPf~73R zB%j2a*J^6EA>n@b&j!*0ZduN1F~8(P9P6tMROPcjrZUep_Cd5o6D~g@gwSNsnjg=* zT<%kcEW5w0m24})WHwA96D{QZl|c!?4MZ^Hxvl^g&0M*RgCZ+w%#vCKK=l&_9n%@Z z6m)7o5~P_pKG9Qprnw9_;HvLjygMJrC^$viW4QnioPvTld+E zh*zZOE2`+{66&cAMhtoK0c$}tD<{Rkd^*--Ig(`;GVH>g(QA1_#r>x@2CGi*oE=E~ zqiq(SuRg+YbUQs$B?CRc2Lpf0DfJ}iES%k|nOGM(DF9FP)j|wC|e5VJLHrggfD-1PdReA0tv#gg2@wnKS>)8@GkkYLs z@%=qWa#QWq(Z2n^mfx6|ZDuF*|r=biJ+aTkdFHuWo@WPSUi-)!SYPq48 zdGD*))5r`>31OQ$!zo!2WI^QV(i}Cr%xK}*)lmWwDZQs;9IsAMA zg!@KZ{;F~zZ9Ta%O|BTq?3_w8=O#W?c?!#&aMV2(gg)kj66H|gd#Qg6k9f^sO*E!z!s1tj`riY zR7KD;=E6T8nWl%qsiMssS_;2m*z2nx*7iL+MZH9#9HTrVO%A7`oOU9$hMX>bhC)W^ zcmAu+CWv2jc$q4Xk=A32b_g?~HC1R$`E|!1qjd+74QQ@bU&|vp-JY)e@ksiFH~cMZ z*|@2N{)neKG{u}31_AkY*M_t%TkdcV1r$BN>cIXRzkmL0@$lEmri)>qsZr zE_RXjEw#VXTPh$EjgjOA6g9lcBd{faeST=Z$ttRJ=Y+aoAm*BAeUB2wriy6@Sfnj7 z84K3(m8o+rQ>lBAtf+gw7w39XoZlQ0>6nCkNe`+;j?4wL`}7&9_%HEdycSL?RaGoS z$QziDOL2?D?*UuK4KsXc|LPJcjPIF8$*xJ9aZ%fqsb9h+(6q97!Lnb`?m|^DNxn`o zM;AXe;D*916U>f0kDXRN(oBJ$#H8j>`Opw*F- zUe26E;dC}iD}G{WwOD}1YaI9%AUXQHc}KrBx2YRmFLRe>J@YbP$vgg~(p^2==dKK< zO{vcif{AzjYUiN#Tn+72x_0!4x|jfZoTGE#^lL{3zK#Ej%=}A?hY9bK&z-U3&wao1 zbJ((#lUrZdP8;-0D3(aj-?J5!^y=9>d%Q0di?{VPw@|XKgk$XHW)MbYWJ&~Ue=!HA z$MK(giCs1krvK_G^@yj^&6x^s=a4BSSd}$;H)xI6TsuYxaqUk(xG9NEwfZ zU*DBj-zrCIK28pt3_F1jfn!Ix29|7fsMmC39&u+<#i0krgRMJa5D-WyKj|LO?fvTeBQB7JaPnN8!zgxa|H$u|IH$X`&zaM z#n#3YZ0fJ1cqI%iTM4EhcCx-y#%?{9=lUcYxlFbPyo-$=j7YP&(QKEdA1zhv7Z{`5 zR&uQ8Z3>(8?ubCb6O48cBPNP&`TEm3{=FBMf1YozT-M7%L;s}#U#ui?iFQfiI? z$#T2w#dK%g4==`5gc8-p=72$2dHwTyyttRNI)ucf>s_06zh0#35Hf=!V~lg+VkRJg zmD{>UYAFPqbdX|hw*5m03-J7_TWp8C{`PREls-!cM(Z3Z{mHOZ;otFR5*UJS0I|j z)yCxPx-B{$Q|xF-=#>Zn^;5Bvmn@35E;^W&v>WN8BjAyw#U+tm^|zTzw5hvi6YcMJ z(zZFEni-PolDz3SC2oSXZwVOIYMxqxOL}V5$COxk~kv&}l(}HPZm{e9DW4n4|iWhcy3H8Oz zG9*XB%i!NpaQDqCcsFj!@j~vDB&tjEbXiolZdpFT`B5cMB>Y=b9Eio=u(AZs#A=jm54x;0?A!LMY5A!HDDLgF3vf}H^>7L0bcXd-={cC!L{=v`B zPY*r#=1|V;HEHp~%WW>MSQ$8iD|tK`He^ByeEhXw1>E0t+8shw%11Shql7^E+R(lX zXl`HiX5=VdqJt%8Rz&pl&Hm>eH7cTp;!1Jl>L3I;u}$_h3x}LhWBHvxhUwR#+pzcQ z803@wIPeFAhw#(mb0q3w*%g|ISMK(H^P50&$!8OR?>?`XJ9TXfe$L5~)t~d({gN4j z`-gvA-AH41lONmi#l|{iN(Y&BLiQC=TT{YB(AF9nR@T>srsh{e&;R;~*LjJRFT9by zOc}BCY5;w-pRK=Zfmy!)G1FrG2nI??D*4)FZ$J9)A)h)-_;A>4gM;igYZgjXk&0iu z6qXlBY@N156DcEydGss^w4g;W*&=QcV4&F|w5~h}w34(T%|?^?<)@FraFO>at`4SH zbxrt)p$WFD!Ycu4E@aLBe?PnSzw$df0x!zegzfy@lxh6+u%Hh)ehtNco!2+DS?~Wj zLyys0=GOn?+&;s%PyHFMzs~LZ^WL9x`C_x9jX{)Ke5~1?AzMUu z)_DB&S6v&QaoG?|t=2|do1S!;T#p>l7DPAmuM=EOMi3pYwt;;wtPF%_+d^Gq1yJ-T zcHkH~^!Z{)RSri%Z#V^zBpNEG!2IugdBW651Q=S=pg0ayDK)-f@Iq%%va#i9(Kb2| z7XrEQX2EzWW=Z&j>8C-Sv7@zi5*`Lk@+)a2%q@a%jD-S_lfYb8n&i zY6zwLJVHPUS7}N?uTf*rbyQcvbNIEw(4Uj=<0Y0ktNm;)`ren*lDe8dc=JzNiqh|5 zy|-W(jLqLk{vLr9+w09diUZNb;eIe!oz#3xTh5T%`h@fSiEyok z+FV^=&DthBV?XnEb!yRpHlli#ub;i7m7n|h`+bGq5uE}>B=h!#w>+E(3f=ZrY`xZR zJKTcRC7@~A(klP)@cfJ$r2_hyEzG$ze|t1S`v7I`+=pdioz$tqIc^f7MQzC968-@_ zUm#trvoBPnPR^fH%!N6T2nj#Z34cEdG+-oE4IQ6&Qi&4-7gY-5oz6 zw}`r@NaMmBFaNB6&O0$Dx{2l~9B~wBk@(lQ;52ke2V<1uP7@hHcdwKdf~R z@t-z%Ngr?ef|jUCZ0>@)yJ)yS=mdhvP|@T8m)S(j7B$cx(zpuIn{5^esSx4QTx_L> zH_I}^yb0g=m(BcOl7K63(s{<2`+3zBs*w)*b9opFwSjH)H`0vE17r{N{M)w_UCsl4 zqQhYJjU_oOfFl*$`mq(U!>l<){i+fyL(W_&)ihR-*Q;v7 zRh91fg81PgrFokOrz6;2H;s+L)F1c#fo;BBGmg9XtkhuP3B@@(-{a19TA=0Geu)KLUiHl4A{|u7}?VZ364)9DzNuI33{Ot39$6z!4Qi4S2{wPe zQMtH-Z445vB=T!1Yj%KQ=Jdxmng=A=Jop?mzLm7(t(%kj8H!K zBaY`ZAtWWBHwTe_zMa^pO?J^y5%E8?NVmRyrX7Y&@M>Y>zkYYtTbj>5ciLxve!~f; z>+thkuU~9NKxgRZV=b#2&d=%}v$h9^D%|-^yL-3?GfeHJ2A?PiYcR3;1ey6-lZX@d zVh#oXfB^Wr#3309_>=BMMwU#mz6JO6D0sR zgx^698v%2OwHT?4JJO{=!Do)&AZ6)BnlScC9ZOE*PksZBf;lx<9ft^~%5(Hywf=M5 z55YFcdO~vzE)YoAmNm>QO3Kdj$DYd9LjffTD@pc^*7$uu5alfS+vzR|2HrHWpCrD8 zp8+<~4?84vmP^3B!lcWr=Mqzx)6#J8lztj?*OQUg88#s5=Z4-8;iDOcY+ChY>3f~CLS^|m?>t_;TNe;vCcsY#pL8wJ0nz~TWA1MULp>R;PT z0^vUReZ38$;mAN_J4k{6%)$=bUY|bhtJ%as6t_ko!5uHe1q}rWsJ~AEHL_|B98m%hsu#n(fUM*N7!N z0OjHLWs^yQ5?`~=-nIO5%1yyJt+eNhTkZ;(jDQ|{&ok8k4(Fh^muB%>gcKwxHTCMc zEq0xK?WnY(p{6BNQtR74aJ2{+b(@Yy=QB+nr`w1X2sez=Hv%hIA`?e}7DN`%|AX(% zS`w!iIV#QzY#%iR1j9Ogand({q7iEc=Ql=t`1>#ZkE;#P?_~kazoD!@#6NAQHm{~C zGwjHoR$}M%5*;(zN9)x{))k|DNnO*?Ji^AEe{4BzpLR#&UFnsHbM^Hbz4rKy$HYDd z+LH|a&foj9=2@0{hb{{Qr0z&syK>MTYh%iF{0@iyG<)yD@m^+4gIzz@GJ6(Z%34i7 zH1s>Hs;0|DDh!gYUy0=0cmFAs)U#gXluK)&UwZlsZOipwk5IpYNgyg1-26bV*IZymtFHOx?E|wRkX7C_qBg-tHkpHRpmhrrS>MHR8|q(T6U}w{ zI{>Jep@<=KkxCZB6F%QEr?5$l?(V09U#Z7R$skImd^EkS14}wSf1u*$|8s7stP;ta z*WK*E{QQ>_K&C*SANmI`r+?xla}v|`Q-%Jm%9Rx4hoAw&Iz;GqJ9PIi7;M?()WjXIxP>eosI`PeIfR#)x5b>rMp%3c@BV%M zxi(C93_eJb>sIE;hbMlu|9lsL0Ez`7z~r3@s=*ofl}`>d!z1lqt@dh-X8k8-RkKuK z843F#YQc2Gr3d0ezkjYjAsP<+Ld4L<`@LMKU1R{!cmHKSbFe23dA?7uAqGo+f1oPj z9pEC${CQ-!#w$}U|9nV0lW_zjdSCp$zq|4Y?I&#l@L%KjEpcgFNT9+*iWLNuKCVZ` z&gUEBmXZ8Et>kC)=lIRTFGa8|R0N&KCKQ|z6D;uz$4@DKL(D4M)xsapUt}81W&@}X z9V0aU;)j=!7pO^P`_vo-GDoipT=Bp7m;DPLxFBh=SbkfAGzV{J>ERI z=Nk1%`aNm=J(H9_Rft9vw(3~i68W=g+^5O1OWcu*R>yPc*X-3QmGg?Oe*A$E@Uttt z?Q|H5TBVzl22>HV_SI$Y#8;U7{T`Y|#Lqt8d!&2$-hduTHdS@!BX-GJQGY)&}dlIST_ve*VEjFNS-sbMl!!an_ z2k44aEko1|e(!>MCt`Ll(*5?2+9)O>-jIQd+rE+k%goVi#4-W8a_P?N5Di4UAg?Z! zEJ(e$6_(O;{RWO2*VPQk|67H;z)qdlQY^-dJ)oy9fPVgd|6f1JL7^0fP`vm@j?m;k zu(E{z0l`rEk0j4Cnn)8Op{f674#js$hX2khl43D`_TPqZ^1u2~j`n9KEx&WjUmxiV z?1ngh8c3ld2D0O(NDSrgTE;f}pT#UbX&?@<|M^9MgJ;?AXZ^VVb0%M`p+JCj^RL1i z|5ZriPjQRCU;GIcGFwN;_RBf8c}2$br}zL#?%?YyQ_Mq+|L1uh0e-2XKPFyHWWDbe z9qvWwv_#LZ`*X0q!e5yAr(l8v|8hzAuYw-Md;NbD49>%SBZ zs11)}`4oM>=d)dJ;8y3E^Zg#zTCp)&zc!vL-p2sZ7qt9pg`~cy#D%!@#whGIg-i$PZlQmul}O{x&HWx|NFya`t~LINcn#j zAoBjDaE`(&kJj4%V=(86-`w?Nbqja6A&I`9AINGM6L?<4)*05YG8J6B88T?KmkLn=%a z###NncmXUkajVU_*UDFoC1)w+n}u@C6E52|o(k7n8%AEY$wMC>Vx&^JZhCJ|y#^j1 z9koopBepcbT!?lp7X#JrxW41~U0Et~)vBh_v>qwRI8d(paGfZe(j>_A=aZv838uqp zY5pY(^F_6468y$5G=(vej}Og%!yn!6T0^8Li<#|8|L`U|D4u)!vRe%B?hA zB_Kb%g10mj>nd6Z;EMbFh>>_mf_h33`izl!k#DA~u|$awr!P@}nTTc<9L44<%G6$L z5}nBZ3biLYSfRK2qc-cpUyPOXzZnJiDnYj89qS;mT?D*FdB@^EG*El5J{_>aZ zHiCOeuVneo3#({}1~c;Ig&rshh!0np-~L2Kg}0>w_oJksi&^YQp*O@o65LcwM*w8; zdEQ99V+H~(sB{?w9A%mXF%4i#NZa=m+V&pR@bH^L@Ijm;@uh4}os2Kh9f|R}BqY+< z2L{IBbJxI^hS?mQvuGBXpXZphPPDn_)8b*?zuZTb@39$?n}6~uE(g^ftuFv3C~dp+ z=6BwF*7>ct7IB`0qAWfsN~1{xA~BI>ZxI?K`vXsj37T8*G<-vT4)QUaUQW@=&@R*V z08K~X2Aw0neZa}f7*_bx(Q}>c?$68%f3~2Nw97pStq=onNdjeL*h>vY#@qtvePVJoN+pt@DuP2yAf1S2_)l^nnZP&zLX5`4!o-PJUJ6!sh zzd>(7gwH40HhnLc-Ovw}C!VHcJHDhoF!Gyme8?VNupcUVAS8q94*H#=Y(K0!Xj=fM z%1eIM1$un=U7oK>8=xGQ84ce1wQvyDTx8NfDQaxkPLXSnAp>T;3wiTWB z_M)V46lQn`X8c!UfBT%Dkn#abpDCR%e5N0_9QnSV&fY$tWmyQ22;>hkiVp(%KS$WG z64f3;+HtJh`wIQV=#Q3Maa;Gx>dlcW+F{ki8XmYx6%yaFVQ_KGp5uqrYj_lKfsG|H zJof1NvxolM)8%M5j!^B~I&^&(&h*0i4)J5FVTJz-z2%rrk+4wI2KL9+gC$T_a@NG> zOM%8PQ7^`mbUxy#>kkrC)RaGemc0j33-3VsIYHX_U8V=UN#>b7_qTDs<405yCK4Y8 z)@v7M{CVN=_%UP0jK9zG(&Zcx3@GUGTx(0~TdNi2*oRm!+W96Xk*XGJ;HCZqQoEZ7 z@JGA*5pFO+$j$eeCKV2TXy`SqUG)dhp z?N=7q<=5TiG%d*h5xKOvD7H)WxaOntLsAv7S8>qLVGLz7cZurMe+HDU`(rh;>hr4K zeIl^=v(qc3LyAZX)WwYbg_+BZOe47xNnl&#Rz{DUUZGut*Ux()kRQ6^`Mf|&IKp#o z-sD8G++-S;0Dx>0>bGEJ5MB<;`#=JmmQS)~JEM+^Frvq*fC7(kVoJv!>?ng9$5nSn z$KOK?44KVyYN|sV4H`$zXwX6kY%laCp@*9p616E`Ku}@yJwu|j-ry6YO|h(JhNO>tQ5Buz#hIA5Qx5Lj09yZsn+wAkcknYGPgxq@$x z7=N9osR$G~Ayzgh6M`dWqR(z4hY!VZmnN+E56^k5WN%Jy>+9mgJVovF1f{UGBL=C5 zSV?cb8>ugkMRMbfLBOw>R%P07+aKy`n!plkKgP`Z>OS8K0zYh5>Xo@sR{eXef_#yO z-UFLUen#Q)pX9Rwgi3y3iq)Ccklcw@L+%4I!X3$F7BX`-8;C^Hw+-G5sFUp$ydk6n z0`a*Q?GrPz=mzqk@hh>|Cb1>08~S?|zFc2_K1<{t%sYV# z69exhET`85l_N5-BMeyNQJFEq9Leyat6uzAc)m2u?xLZv=dN{}IwAfK4<*!mdR%v25q8w7HsW9Sciwhdix zCbZY6F7M*l+V{yuSUJ&nVblDI!Y9w;olXpVa;Bjc3TcsTh zaIi^j+@zi_MNr`|JAza=Kl7Wsa-eLkev0rbXZP9r#IV|@_dX4p&BD#TsKl=IvJ-k3K^SR%)%i#SahF%SE)Gg?@6jlGvsq?>Q?H#QqSITO)0uz68lUg(oN^bFj|5FO!9Z?uS0^t z3yD+N0z{nrfS4Q(|K()&o!RA*;kk6Hws5Wi$8q&x>Tg!Aw~8Zhn|y|L+b!bLqzTZm zCG~av8%%3z`+i7e!0s$JNIrMHvIN90qVYbBXn&3hwc9IPB^-!|gn>bh{d8Ap|3ov! z6Mxl!-Gvb)jSEB2?R=4esh5$60>Yhc$FWN*y_Qlam3V5iV^WvN%yLY*@=;;5wv+1C zK8OG+m(#s1IsZ=y>T(A@a=^ir7!{t~^P@M-2{bZUdOh)aRol1b*58)~<4rB;H&M=x zo?VcXv>mYKS%3sxnB`E|>?JUD6Hmp{a};e*gFD*FK>w=O;}D3H@MBYT<`*%O+Dy#p znP80F)BK@1gCRdGcj&1SS3$TpFHldwzjmdxsT zH~=3Dai~;=BMys!*R^C5h!eAmOs5@993xv==h)xoUMJ|8dtaOYx}nBH97pH96tXMG z4~O%;TK5_N1sqG!nlsxBh1j$4b1=VO@UBEJa4U!2tz#NmfgHo+on)V{<>K^sat?u1 zK>L`QkL8zl)2`}=R4M@QLDI6)fbJ*fF94PCTW`HPcR#RhWbQ!^#aL4_S};-xxPC7e z9h*a3oUJqb+=BC19a@z(Rdf?788045zckbZKmtc{hgZL|m|skek$=eaz-xCQ*Y_dz z<@E)w-7G)y@lfrWTQs4EFkt1Si|FHOLvzt%@PY`+@Kp*rF@rW`J%-=PiZO@%0eD1R zPzMFTsvEvR48BWRB>~^SKjKfxwpZi7sgD~vV%WQ&-SLE#4B;^8-27k^lEzj^L{@6A zk7BoIbXY%zO@>J<2>zS%zY#pc1S92d5F}(BUbkfo1v!ga-%m^l)4HQ({c+K|yhIsI z20E|cLPP&KwgnFA-MX+0dE4*6wva$786|tE_)>K=TM)ViyvIh6Ziq3~d@(Zn+Az z8hzf#1!cmdi^%NrdDBI>KO^A|dsSr3PkG!j9^>xot3JueshvGa_qFP)cRsC9VNS2} zowYHyYrdooNuaN#@m44oP%Lj4h1TS5k{$Pf0`Q<+%<(F$+Bj_2+K64j?fQPb@IWAc zZQS`y^nSk70!z(qz@4trSs*Qij4HKSK~cftsl}k0-^^`2_S$K%unJbSu{&uEe7>mf zoP5zYu?}aS5~|w*r$je(e{qvaVox(>oDA8PVRpo9SaNO6CwIB%*5Qko-72ovq460; z$zoBr$8pSP=bsq3%7z@EB!JmxnOg88!*nzN{$H6<21J?QPnn2cktnp2?7Oz>|$RyWPRCQW(DoPmM}H@uQVyUeLq}0`A)t_t4fb z^b6$9ns^to%2!+ZiJFn#>Kaa-ds`k8B^07l@(Ru-!!XG0ea$81X#nl8hil#>K3VLbrJ;;$d+5{aJVt$7D4XYjGZYX?Vg?G}e3bN^X(SkwJ2B|qn za(hz;7o+Z1h14(0hO_-@C_{4%Vtm?tcH2Mx8#uyw%I~#hjP? z@aTEsL}y6#N->2XmEJnblO$?Szm1s0^SO1V1b>au7Un|XQnyk`r}wK^*KgI{GiI(v z+DGzZBvK1^Dp-SR3SavHSfqp>VEXDe_Xwa4Yy48C=`vDQyvtbetQ1gM(`ANZ^rV=R ziXYE1&@mw#QWRLT{h{}fybN03JmuLwzcgFx6>SxE{(zQX4G=B64Q;s(Qshr}YEjzY z4gq18JLPkcn!f$Rgu|~EgS8$OJ#UF5vPyP{W_=!3J{s}OoS^Vk^0dXj$~}d_3o75+ ze{ZiBuFv6kQ@J5W>Ui>LO6%cbo}k$?KjH!j1;6}Z$RXe& zUOsF9IlWEC+NWTSB7Y@!;ss*wQO7n=Z+gwhji0O&zBH`-<%teqCaF<3Vw)&(Goc}* zd52Wim{G_20#%ynKH1n2Xo4QM#r>oeZZ7T?1j6j}sZu?k^oh+K+)<+W>8+LGI^onT ztB6XS#dTOLOdoq34C$Xt2xcMfKdha82fIn#a9vEHXN+VFjgV8|M28c)0LWq&IJ$4o z8BFc)*7`&-oF8`v9o2b$`&~0H+mtdKxO7jYb=+Y|wXj((5O1-!%%85Bh1O5zDuQ2p z0hau}VHv}GHYjUzef_2O@X%+MwF)7Qetl()ptwf7g6lWe2|nE8&u1sxWZ=JS-7_m7 zS?rHIMRdNlLTY|ixOG;p_QzbP1HmECSYrqUbv2dtXv+!oa8~@W7zKR1Xlv;paKM3# zii4yt5d9Qv5xA9}R*0XI;GaNULP;>@#n4h%t!QQi2mfcyfh;-a_hs{0y&;}8|JcNr z=7E*S28@^~K~$};db&xuvP$aD^`$xcy7vkcCyk`-M>b#lp$>PY>ljjuiMn8*}?(1$ZXn!`{{MV#(7gf)@9zmN-2J%9o zG0lORk-hk9n?Kw3TocME4m8UIePvICsAcS<*TCRoh1Ow|f4+NXdb^FZ^YY#IHRs-> zp~zo!TQVW%_FeS%FMjDu*lL9Bz@gf(_^35HYRHojhVmUb)EA! z7rt^g=9*#6N4nTRLiTX~oFcK{2~i`iC_L(_&sK{u*{r3KFI7@;gYLIp037+2n%QqS z;$vxo2?16)Wk-b9fX(Z<_e;Nys-Jbm{c?B4k|5HELd$D0&NMDmoMx9hJJN_p2=-tj zWvMIDVY##h`&&6ZjAAhK3L*_X6!02S

!8jTKKeXmJ`8g1s|fJ>{ZRRm-uB65kc*(*Tv-QWD}UWselAy|t66n5+KWWA?~PXmPC z83IR_OWQ57Y|o31O`V}BP!F`?B+KYG8gqeal^L&2quKMzz$ec5990737ptEVJmsQ! zurGyFi1z0A`7|k!s167Yrqc;-WqY+>E4VP47kmrnd&sbaLigF|e15u@Je4by+*NeB z`kgyvyItK$fTu~LMQ%CM3*C&>QiYJG)tsD`)`M@yVAsO@`GFK+$71U;6xJN z+<-qi^F-7ByQ!}bL;~NcHKu7#7sTnfC57RM0iAw-Rf}*hxgJBcPJoC1rM-5v=U2sA zt2p>qfy)tAvQo40Zx2G_#4BzmPljTB58zTy3_Nm5LOxDqw5JV^^fbXFpBE&kc%P7O zpt49zxj)Q&4k0UIflN1H`g(9Nxwu1%C@ErPAgiqP>S(S+@9f7oK(QXAP_a@h`jj|I z9p6`J;c1zLzqFyx4Q%*s*Kp0!C0)AFD0~P{5|MJy4H@9l^qAn55*F}C`&qh%S@FTB zkH!V2ea7Jjn+Jhd6+5QB1EN|{`h_34oyk&Wq5KLI>B}(Lhyc+9!eEbmDFnMmB+4h^ z(r3+Y9f;Q4{Z{#D9L7AkQ5uBd6u1+&IjO_7?ywNQ^ymVkxM;5=SitIr)TJhtI4FrX zF1g{SPLArR8uZ|-<;aUb5J_iBsi>lbkut>ay9?E|O2~R8G4WFposg1gABFuZO|&`N zIkjNnFNnpi2p9IZz_~Wv$8#!$&E^)gl)i^fdgC=t1vEJi<9$VkL>_2ax=8pIy^It1 z3SY>_7B^-aD755rrSrJFxov4*GNR>?lYcw}J95kMfG2CA$@Q1^*G=H*Mu<)O-qPfx zFLfA;J1IxJk;_ZIdU-sj#u5bRBm|SK5*Fq{h_isvg>4}1FOa?)> zpCL+M6{AG>t)1ihLbQ;d=rY#2o>fdr;%rv+=MU&6c1=Tw|4@R07~&((cc$mIycyK) zrO#*mmAl<;V2Hv57^E;WZRxl-(5F~gbFF`kTGZwQheyA$E(XEi_B$c>RLPoos&KN+ zI`am`SCzcPZ>k!CjdzC)3XR@+1QzecuYz(EXdWN#Y=fj@CZGEvd6vP8eSipDXE{+r z?DU%fd2fC%dkCv8@1IFj`U3cB_%F=FD!M*ToKoLq3I{5;KdWfo{wG|IVraTUN>^yX zbM&wd!X9@1teqqLcbQFn_L1xSc9ZP87PF|Hb=Wm%iR{YB}j-7 z?0(S>yEv6EE+AyKPR8Ny#|x5HHu1BTXbD9xf)bg5AP%1tK*cxL$^Pvc!*{`9tF6yu zFYIP<&3mP^$L2t+HsQb~)t>g5S)iA5%VE?_;k{tD!-Sd^G0e{}kO31#3g=JJNM3l+ zz+Ql?Q{HOflb8q0674kmN;sSRlVniz>ufUiirOZm6Aj8mlXn(->D>}xhK_$#Cs=qL z>2n5214*;T%i{UP{(5AsTE8Q@sT0b$k(ZNT63&@b;y^hF{`)Hla-0G5_*96p zD~@y&6DdQ`Z~oTHIYTZE_#mWk(I9`fD8M(;_HJ8`bzmOCFTO0-ETo@MO= zX8lFPQOLWo*}UDbBN(Z1UTvSAKa*FLzgp=2-O1s@>eTH^MYbXu9-dp^hnL^-?p8O8 zz&#*-m#^@{v|6R2uQnhK^qiTrs~cNd<*WA`pxTxk`eG0Y%`BEJS^V2>q26x0t^=(> zYX_HwuZgDYOwO4I2sydx0JVn-{IYo$s6zY^VZxDQnW+BgmYLbTTpCrf@Us(D3o6Q@act0=vM za$Z+H17vX8uTirK;Rs!{Ka{)9i~$s%*jursecj7F{a$w{uMawKb6kBk5#N=lVV zF8B;M97Nh*$r+DWh*fUzXzb^VKQ@!k1m=`hT0bhLy19F?PV0;qE_@)?1eii`vzmwt zU#Xcc8i8s;23^I>}w&m*a zk6}(U^l8W^I?q4}qTIstoAzJ`Mpbj%3ebS(b$ihLY3)_f zFR8Tg1c34}uwpBws7pA!9jbWC&_*z}U$;|pNLW9&$}lgN3Tnm6L@d@>xN zW$Cx2aT>@dZVd5F&BM^z(pATO+{lwQphpEw-uTJ=nCOIzEhtu@y6kx|abF{SO)si%5P`p#(Hu=EsyGLL)ym@Q(c3 z38r|QgbMQXl3V*1PJQ}_DD^Nph$=yJI&^Et`=3&sj9)D;@n?1%`BnF?D`&O&>iNbu zpcy6}&74QxqA)wuISDV)r^*XAfZ(9p1ioeWxM?7E6+GZ$x+K5%@Qv2r> z*O66w(E=YWodC#QPk@QVN%+J7nZWdnTg%`du6OH8=&#F>B690P($<9Mr zZG|BQ7=h>S3j$=I2;Bxq&xFzlT`f74?6*vl0d%qoj0K;lDmG+67#+aE@S6AKH}BV) zidKgj1{`2`SfW6q!iR|;03za9;L{)t;JHb}sIK*Z+r=A%AZZ$}{BmLypFYX)Df$gA zlgPU6IPmv42!3)-s3}!m_sTOg!*#DzYZ<+C8CsXwn?iAXf>4&cN>m)^b1CTyOvr~) z!7@7t5ws721?@cdfq`P#iX*u`%4=eZ{;Gube=5+Hr38&paPbeSEXjYokV*f8MvLqp zP=b&MoxnJjQ2*@@S^jg>2mar`#nKe(|LQIg?yp;ye;@e4N&f4pf4vhLUk6f{WyLb$ zukvxuV0$q8wz=B#pd#D*^X7jY?jipvY0e@N<0FlL{W&lrHU2u>L#*Y=&q>$tVUY*X z9H-C1{wmd%W^CqVF&bmX4P8!!|G+Ps4BU9ZgKNsj0PhAZ!CM85DSTbNFZdyAy9HyhecJ6jYWF z^+nZs;Wit3tQou)FiuT$`q=jNvlXQmEgDCzVIhVL$9ML8-e5Kdkl|IWU(l@Y6#{-8 zT7YP0)APY&v9~3d?|;2Lf{JFk8@Fc4F&jM#xs2T-*t zQ~WaYJE5JV|1|fI=s(HzH=LbQf+$K71>3f5+qP}necQHe+qP}nwr$(<)-XS{gsQB} zJP{9V2o^$j{m)dn2wN{Z4wbLikS|8@Uu2P>4_Qh07Rfsi?7YMiZw9g!;vYUBx>sy6 zTk^-=beni?=CDvLe?01Uwj))LxpnN`i_Cclx0^K(%7#!lLM1Ka1#dsC5*kIP^0-jA8T( zXW0f(>Z=wP)w0S5wJ}#q>Zg1!CCAW9FUn3y)@;a$RsQc6pCv%k7n~?0E|h zkP!wSXobPX%gEvr3BVs2y_?I@NM4%^PHD{x}$)$75c+tvoK0@_ddBz(gQ2 zeWClWYF#NDDu5iP$5_9XtlP+aU{W7P+-<7DV_Xyz`{SLu&@%0I zvqgd*Y|_0UW7q?}_XqXL4v6$lXzP6sngXc-Yceaz^An--?hHaMW;800@cakmfn?fU zh^X~FZ*D)=u7KzYH946rd5LjI_ETZh6_Lm?N8B1fCcejTmIZR{H9T7G*0$*@{ejKm z@^o6!+p;Ly?1mHpeIcEt9zL%xvNQiFZ-M}W9Uu4=t%!Spf0mn3YRZGq&Sg1D!)ps+p++czf1{ zus~Z^BC%J^u~^8n6uQx9VG3OPT$bAf%<_7%sxK6aL{FDRk>s~=yVEh{L3QTollWuX zL){!hTq12;ok>MbMCcU-#Of8F;_KpuNcud}a5c>q728-!x}?g~3?4=dw5tZFi4M6C zQE3){9vTxJ8}@Jqp5KGq=;qlM5sJ~Hum7^tyN1HzsP_q8zQjndqm<{GMpX$U{!-(Q zsEMP8jI>pe3qU#X7D+*K0@Vi_QBNBpgPHe?mNYYMhVr6*QzGSKMOj;;*X^1Ael1u? z=E3WdaeFe(DAj!J0tF_k6LU=AZXczGoeW?Dox#7C1yrW z=S=Pw0?aL7V*c($vn)jjSvY_}VO{VheTqdd#HI86mdKcEQLF?-sx_#FM(=9+UbJGK zmi>F;OjfWeDBK1f!s(&}0m3R2n@z@!`A{V?lqg@vMhOd6wFlzZG7_YxBGflIK8W`m zH^DSGK~I-dHRWH^Qne13*B7fiP}BUz^0Ph^$zhVTWV;>+mhM=$;go;g<_0xl|5&Wxgp&6(afMjGtJoV*_xlM`|PvOqV1rf(weNYUzDN_^$v)3T|sw zb*M*aJA%9yjy=E9*t&fpj#zc6^*b4Wo|v&w=TD_O1qWMNO^-AfTFEDL#z)#e?brTq zDKZtR9$~-NCf=hPWnlCfl(X@-(y7Rb>s|Qz7kijw@(f;qm3YK45K)s&Y+Cp&yC7{A zd`q{+yiO1^O0_fYd@#8`k4U0aQn;U2Cw(O!3jj6&%&#faFC#ugH5EQl3T_U7#_!5E zjms1cr>c`)H=9<9PTTF@5c8mNmkj@gSo&m%Km zKX%T>>_2{#qmyX<<+_;PA`JQ=>dY5Eb32A9j6eEa?CYD+yqAVJ@oH>W4-%*qYK2N z@Rim0pXgo9Uv(dU8SDpzd6Z(lcj@#8fA#99vqAdit-be~D9pN`Ou9i%TwzPPfNQ#8 ztRC=dpkE8RcPyZ|Usia8R_(XXe%DuX-LD#+Usu-C4psveO-t_1>+Zo*9ygz_fZVxZ z7=f{uf%aJ4_CL~odC$666#ZN4U*>+2_jNxbi+?(PFou16I3cqMKiTRcd4GpT*Xf0K zUlKkhb#+_pPFLOj)H*gI0gNR>d3&mVac{_f8}#3$b#iIH|CuOwM_~mWt_HLSctW#m z9H{dbmIM)z{$Sd=e(!F{*><4fbWT5-^49;v;Bmq`hA{Q z&?F7B33^K;eE-0cnZ*EU@dx+OpRa7V{k|z?*a%@!q<^N-$9U5UuvLKx89^V3TLpU` z#EmPo+YM2)Vl?eqI#&+UPJcNSvsr6}WK`&*ooi0EVQX1nbOzpQ6`u}RiUQXG2-w7x z>vmQ6asH=*pTb9Fe&yezD&7Ke~v%wtxK(Q zm2WLAwXlA)m;7PeRZf8Kj@+rXdOg4*sRWTr5UDAkaeJYGTVcm-p})KN1zhtOD5i8%y&QxKmPqF7`VJ$_!t?%n4Sq#7|8L8`biFn z$GL=RfbhEDI|fW{)Pf*%!LnQ;gTQHaQG<%Nh z?0j@KN~6_{Xd6d8#4r~Ini?Q-RvN?<{zMWGUh1gceA_&KA72tL0Z(}o9`y!Dl;!XaX|-ac&C4M29#U2HPwokpS}f3VC%RA#zC@f?!scT~qga2@l{SMMkL> z*Yq&B|8~k+Oi^wzS3Ld-mnq88z7+s=6h#mYrmBmlkXKjlizXPJwp_xa!U#wioyeLJ zF_OafR$%-@hW*Xreg8qFn=q`^4z$tCn97Gn$SfBQS)9<)iSSm%8(CHv8ng4W*9JW6 z0Y&7Oa7y|>%G|rhQql)U7GxrZCpj?O3IBO?CiD8aXObc4nWFE|hqWvWyDl(BWwyp7 za^*V_qIE>+oZ%0jM=-(1kXy*Zo3fbMqlb#7`M%HJR3a>?s`^RIKF}f1IS=xbos~i3 z4zE|(`B!))uIzDO;SMqAw9qi06ZFJjl8*2(P-3k>-HBrsECX!4e44|0F&`v=Ghn2B zn?OUQ%bTDcUX{WjF^-_G@uo6BHg@D@gJ*PFyNF$4Vsn0|o_;Zh(@lB77~{Q0EepKy zuiC(4zQfIlMsL9!EOZ|udlgRq>zkfV0_cE3M2ZzCrR*Ev=1YjoxOaisXBH`cG2y47 z#%JjIRp zKVDBHI*iB9E5KQ(G}Q2J}UD|(41Xr@?_%M@S<;HyGN*nb*c}L^zt^)BdhYllLb8r(hmOX5ChgbrK zG#lLCAMYJZ#^&-6@A0I0jxQg^z{aqFFNQx-@#v#-o8miIE&r*5u{YW-n*2Hpwa0h`bO=5_9?SK+vA|@!ub`}MoZC}`;llY(E_jm8AMWtLySiDDGsCQ zTXJ{vG=oqLI1kisJ;&v`9|_8KPApvJM@Vqcy(@XZ`g}hEf47%YT(Lj-og26Lnz#5f z^?e$g#yCayYh=)z-hOdvjRlXD8fz-hL^i!6`)h|SvF4$wIOST za>=rXuh@v=^BRg4+`1{Moo0@dJLj3)(CV z_x&?uWXd1|5Z7|@ULy%hvolKp7^~a6g#RV03Wx^~2;x)knxyeE57PeRylqIO&Z`zr zp)UOF8XeI(PTV2-EiNX=VRBR4^G;{P7mxX^3>e4;#?OFlBxI@@y6MiLySfZ84#DYwSErVvN~iBR zjeL&NA-EESZrAKi5~xya3yD66Rmf!mlvGxue~M~tGw1WA2h$nqTNdQ zKrZ_}*8`6|sN?=f3{h8^I?vmA*Oa>%vNACeJpNtj{g`{5b-72s^P3h^uEHJi)g8{q z%Hz|#Ocs^Mr_WvF?HKFAlV0#T`l}xcvA(J8X^;d{ho*SC5+|}O9yC|9$HmTKB9FpN zdhlC`KK8ocgBDwS-eg8O>e$=|KE3OsJt?bC zJbSbX2#BLEX?P;oDFDqI^F!DDga9Z%L(VSQPyvr&+a-_Yp^Z$gN^=9H9My0F-Aof{PFn}HgV+!0NxMX@eIxJ{;zDU z>~wG6pP&ztme}M~KP3RuSC`@4cS(3mvIl zuiZC87_=GK5U}xZi|29SceG20M>)LK-!To%LIkzdrkme*3PFZrL?i`%GPswXwexpq z;oZw7%9i${L4I?~+Ij`Vr`d*2tLDU%qXWno;TFI(fB3xmEALk_X}9G)9wYW7EBmh+ zG|1y7d!NgP>(c<=WyH)=a?$jkN!(boo$b$+(2)o3r&WSc6r!%9!;}`|=TyPVp-tvuG`jv837iE!VW_R=|D$mkQ+O}s^M4^wsOE7~C>*XC3M8#TY< z0)uZ@REx`;^QZ$*d%4G|h;~JavTU@8^GZ-eS-Mfez=o;uQfCKH>WkzH! zDTq|_35zdwwPAYM7ky%d^}Q1$kF)`>r^os_iU71hQhO7UNJB^Ph^Tb zK!MiiYx6lnzMe!aeAcLVG@K8RAK|P&lDWQiQ5%VTP;Ws-9@iN_Qo;I=;O>=k%gixr zo8M-tj0b`4->DA}HIY&@?~7Lg@VT@)D5ttBAkKZNR(YyMlarZ;vDv}Q(rrtbcBtMU zh8*1CUEdjdILXYyEBt|dGF||%_ZBaiZcquqb3^`Ko*TUL`X(phzZk&na}IDAs4!|Q z{&Nl%*GV8h$CIYdWPyJ=nAC^V;d%^ki=zovslxR5Wp29AEKR_3P;4>~4Eb+3V1PK@ z>V-`W&!GKy0v7^}9(SZb-+A3Mj@=FP6DvYnr09NZf;GI9;L8+21V~9q=xC&YfrQ#+ zz2?N7j%5T;3x%4s)6d~H9y(4`pY9h@`TB0tLwtT`f~`bt9xD1cL1_8l%pAv($YQ?5 zW`Qh}^C7K!yw6}UeH4AHiFS{qT-;oX6tLwduE(&+gep&`tSt$@rwC?^ttX4mJyDh- z_^B&xN@vDX!pzl9&g`kOB5Nd(VL;xH~)Q`5%se$@^v{1@9& z*h*>;Q(-jgB_n4O%|3!8Y<&*JQwsMdE*+LIZ%rDEh<%Bi>_f)P)#q7$RK^6yUw1RP z58D`Dwq)(6DKP!@%ov~2LIrlc0BM*MhFoKa(6`})4x9dpWuuc%;K@fV_JWJWtSB_| z9o@eap_lyjA1t;IUqJS5;+R%f$*x6b^`7)1ZpYpI}|FX^cF4NwaA+9d)T#q0AKq{k8i+7?g zLyuX=j>{R`bLqFugjqVqQr7xpOD?{4wRLj!v*O+k^Z^1K$enr@K6_DYr6_s^d_Bps z36nVt*Wz)9Edb~u1g*D;&t==xQi-7TgWKOZAE!=}q8q2~>1V?&OL-On?Q=(8-bZRPkVN zm;IiaTwea*PhjxEc8p-n=vOP4qlH3 zpmB&*;C;M&3$jSPukT%pv@$+1K5veCKgsU(l!NqA^+j;HOY5Vq6JyeLx@7p?+}H!u z|6QaYbu>zXBR}tN5&p}KKi2Ot?t}Wi;v*F(0B1eZZ#ME1#U7bg)U#fGc5wQg-Q0Y( zMi%r)bp>+tV6XaK;HDH_3jo{Eu=?kcJDuni*IysoYu0aAtIAdERFGRue&tcRmdyR> zLtXlh|GGzWsc~|V&3zkp;qQREY)=3Tv@$y%1U2Dc&5f~~=j&&-tM7bk zoqJV_T|qS?#p5JJQ&jLkyoL%;NK)KQe7nY2amcwBk24BnaHH132xz5bu&4=TSFBsR~%Qy zytF<4G027zK9RSVj_5$6iiXdCZn$wut6u6YvaQ1b9y4Sx*$OyWEbGzj$JRKes{pBD zUmm8$3N#U8HZ~lDEu3EU2x`iW@Vy`NNfM4i|0CK{9`)d-*S_XI2$L8i?7Dd~JN?$k zu22t%kNGj=Jk7_$(GskBZ1AB0YkozUATEisvI+`0rGMFKCQfxV(Jmqp!Z&2m`YS}) zos=4hcEePvLC8!joq7UU*5njN=4yaLQMUVhzU1_RxXFv&8xFaqdVCZe?Oc1*;D?@h zq4JcF=>?kHskS5T4l$w(p(x~i=pH?C1&CgYw+=$HjBJTSRG{#qNnCD1r%B={l`8`r zfMm%i4u}VCNhG&tS+>Exe{6yQV;#9^DS83Kl)qhiS2~+Hq}e2UBsEEnyx2Bd`?iFZ zr^o8>knBD25=>aP4#KrDRu{{31N1fpfaP(z(RrPVj4M)5fWsl z6ZVgoUYb~7+f)+?tHIC-?eTNt^FN{gHr^DK=e}|7xFFY+Z}<|Y2g>eTOCJ1BK!M4y z>8(sl168zFzX+?(t!U5Zjmlo3iFKsPWRb5$&w(mSX>=btMBftdG7Ov75xijhN(AEg zTd`0S?W(4p^n#@nX-qR7?V>xj3;OgAMJ1YDLC)PLmpC!<2-M7IH7gOz>|W)_DOaFc zbLMN`bQW6RX-p4=_IvK*iap_}Vw45Q>eVwftQd+bi(QB{lO#b(0n|nDi~|t8d}!`j z#)$!@HSQW0gldO-JNg&Z=%zt&Ap&p0o(OyZlwf78y@4S{TBhy5S#4qB$Kszo%`ah6 zEKxsD(&(Wbv7oPlqOC-T#hm@(cH=4!KUx3LzR9r23#gb3;C-43dySW{7j-8atb2zP zs5zRXoX;|B3o`G?o)2X+U^I+^%=p`>&VE1wG9+=)UKr;Tq>XOJTZuxVceiQ`%STUJ zR<(l~_qrn%B73UdH^8s*Hi2*Zkmk183ECP-o?N13U4-%IK?WwMj_ml=vXr-<*e0v2R>g9RTyS zL+@_n%eRo}7)&o;93lOVEv~yK-b#|Rdo%1(*i=6fz=!O^|j_dflyZUO)~2u)FD@EUN!ZH)vpa+xj<*w!>sz+%rAZG>-ot;!!{=N7E- zd=zp%v%a49cz!hoAcC7S^Qc!1o^^Qt>Uh20zr{FU6#jw5ljxGFy3YF-*wT@TU$D2W zS3dg(m`ltV${ll<^Q_H+&((1oT>Z=J0)q9(2VNh=`AHZNqf_)W`37*8(>DK6scUJ2 z2NAA`GmB(d=0jr)hd;Kdw+YehG5ET1r~+ju-9y{u47wq5XiM%MT6P{XlW?38GQ+4MXn?G=P|a8|sQY~4TR@$X2XJScPsh<6LOX4WngJW$qDvt;#Z zC}Uh?2*R_+yu`iF0W`*v9|o)1);K;)YsEV`*z{H3ynabSOd>}Z7Ol8O4Vtixo8 zhV<3;s-6%4G#P1PwTI|A}1PuAz#v<9}A=G%DjNm|b*B2gB^uSCdDxC&iws4!c00 zw+hJ%G$1qFqeha5<2n%N`M()Q`Bi7y=9fYcsj?-7_@^IoR2 zESj4%Ti9iD#3Et!(3oMgTDT*;1qGI|P+$4wiE;tXPE6|r(D}tkzi@K(t74ftJvEo! zXeeW%1HdJ%H;0x2^aDCJBc;BvcUv&`VB@}EdGWY#H<{2=Vi-BE*sopIJ~B#n+ZA#p z#79o)7~3mFSmSY3RGx;!ZxP;tS90IE=nRE564S-5n$DAQ$U7}b6pP-)R3njV60)GO zJRaPQ`amED%r=6Vxhe5j$+!Anwu9|vgmaFW1Q5=I8+Q>&F%?1kXlc z9}f0T_8mCz36&h4KK)P|1Jltk`l-tIZE(K~bdR*HTNhFcz~QR?YHbQjslxe6V#V~J zZ|@HGIm}W=+;D);pN{>|@OTm&I88}zPY_BJf~soXKhJWQEl(KLjDbu5HS(rOWmn9T z8Cil|7?NAE7z;H4DVm@O>~rl`6m9{njH}JfT;KBkG5h7pK%jL@n-n$RA-fjK7g}d$ z((^jPe!Z43H_z(xA}NAm-J9W&2M)v+?1uEn01i-3EcnBV*vv(4!%VjG>ezRDT4M^p zS4va?RXBT@TgWum7Z-lL$Rbs_0fOFXw>g#owxKq(VfJ(<$cfX1uj17`J@Wy0AXQG( z7MEZZf4idZso_lBuCr1}u3Mr-;p#+_<0BKs0Rv+JgivRx{q}L&=^Wd?nJiU-66vxL z=P;SQnO2q+2QprN=V3d`f8(?_V!dWC>>{;}6Sg=>b}ZuAR$ZGFfJK}?Ch1J4H3!lb zuJ5SC(!rDU+<|gcjI+i~6pavTb)3~Zh04xr2yKgJ4&M?F(#!QQ@tSGFZ!={5%;4nq zR+Hgg-^O0JIQNXy;5ZaWz}MJxAx*f;{LEnz7neo;?0n(wr67b8F1@|Sf_&~V)d}Po z&_iFC%neOq-srJ$8gZXOdDc~Rx=z+0F`@_gF=J_PsS+N*TCEc{D8De~6#)(3i$S2> zFLYEdHU|r(<>268p+j^{+Bw5$PwHa>%Pd8O5?6KwZLJw!=`)o-ZXJqtzpTt?3`GMG zZz;w}z#Y^+ce!T^niR;TE5o|rV>56@F<##827yA`w-U1{2FAE~#R;2W7(UK0s zYQSd&Jt`>Q_)1w;A1zhCdn81rm+S@EXDw5;N?-%MTnp9X?`~&U8i?(86LsRn%51T< zy}x^$ljtC*N0ya$@tN=OUIBSaA)hBa*+7~vz9pnr_4u`zv)^#gYWO%cnmp%{V8oXG z9p5U-XfbBamLawHL1rHRvYF4|iB)kd>qOYAQ zfMHk%tF6u5L=|>%VxMt_f9CId1YHr9eaoP$R-_}faL|)go}#bDW{i!t{=L=0Q4{TM z-bt~>`c?}S26e$JjFCqveBEgJL#Fj(vl`Cm`GG_lWu-oI7jL+mlLZjA@oxKZuj55i zZ>t+Il9#41s5Rxom2_?Nwy4QId@R0inP>hDG%*ERZmNBTa6Rn&6h{j~qU>cwz{k76 z?BMS4KVA+V50c-M4UKa^vL4rh+Rp+R&uZpj1$?~B)#S{mJDc-@olELYs zN-}5~MUEAm=kkhF(3^W=aB|Qd91#UaZrdh$n2dq71kR5qM#jGEP<^kqO&&;%J$hBo zeA{TiIgr)&8A5d9GI0kJpn`oJT1iBxfKD`W-9DUOYVoIIylCqj0+Cg;gCYc*AVM{Y z`Yrg|RqIIiG#c@#?JI^avfHNY3wdc1H{{gwj|=1=0iQWMwZaNY8J#%0(w6=c16bqb zj{T^P`WfES8mco?E$&%A8mQz8_2Jg)2Mgw})`?9;S8^%JBFwz7BqcW1>B2EB=PU1z z@NpX^aR5~8dv#RYZ??r+xZ_RRKSX5$p3bqY3zotmq7F;CdGxv@de_ODsEn-_Px5sH z_Ss0F>7jD{99ZAaeWv430iW&=+~>0Y?4h^7Oyn!HJH2^d|(_192yiIjpDVsR; zvyk=4h{EpmUk9*lBRe+wb(Up5Gz`k0`(VfC$#BHz5(*P&*0zs=E~h~ZyFL2YjRr_B z8~dU>%Xl32KcfQWCQ|>t*t&a-sMm;39VTwApn1j@Y^Pqz>}^6lk)vnz;W(Bx{5fit z?EX@)<3C@S$qv{{^+rW7eS&tTPu*cGi07IGeDeY8u7-|)*A>pnSDvTX z!5@hdkASTUeM~X?!Lv(!Brf3pLb25^>;Ix+Vo&AAdb*cYun$7?eSt$I6~}r-fA@L` z8?dKTVZTzma&l=M`=4B+0keI+9%SdM>)_@K5opL`E9?j2$OR&+_f*EMUZU~N=9m1O z>L=md(CUc_)1*k`_zK4QdQkzMSS0L2{!Q~%AHE)`dTWRy+CM%8g+RUyXAz@kTnM<} z!-n@ia$RnsEo5}-m{6)fs)_Qfzj>xk0nKh2-&R5`pf$-pAl{~g%^#s8J4f3*!gn3K z3m`(gw!)EFW|1wr)mqdf5u9l(0p$q!k&m8rY&><}8Lj$AzN_1U$IcF#akpUm=rE-G z7qw&6HfXh@(QBW>0jekAtBz^CHP+RM^_;=FiMl{%buzrw(q^3=CYvp3X=0qHbl}e~ zyBY<|`g!`^&AW~J{8q>2vIAA^v2G9h_f<8xu-GYh881-9RN zdt001lY>y+(8TeHEWZ3=HW8nakJ6k$7$!+JS0sJUV@Bofs*riEZ65C5u! zTXi;jWi)Q8TDZ|LHV=3_l6b`qVw6KxhS-82P3nZhQ|5cX{ySNQd(dhNDdZNi4K}*d zTU*SxLPKDVE^4xl;$gna;U_Z1y%stgro!NWXQQy6o|FH0JusyaCXAO4q9BBBwluW0 zlykB{>w7PF)Ke7v>DGl=-fe_M_Z>(K!Xv(7Y*HU9lB}`RkAIV}y%vp`kvD!eGmg$v z3ix;0MIJkO@S$}}@Hr^4JOzuKoYzN1KDL0S?$FA7FMB%1{@+V@Lax*yHQ_ii zf1YaEbH)l1O$_&dd1}YcfA%2`cVg!2NL=-!tw%cRZ;IrX(KewlS3Hzfy*^s#Z%dEi zDCWN4Ga1#O)^hhFrt%}|bYdu{O+Sy@>N91WTfb`CP9x0C!4K!!XO{?!4*p4F{`#3V zDbBCw97o$m$N{uvuOLtAeXwBX+VHhL-H#zEm}Nw)UYPe!^=>Y*d7wG zw^Yn=PVsYH5nvq`Nwpj|z&$NKp3#=w*rp5b5h(oTKH=*@v;nr5mMzV$70-+XoCSsl z#sHaLubBbOc8)i06YWk}3kMFOs(#x`cHUW6uka{&s2V=AEK@BG+ltVS75Zv^%f}l~ zj*zlwMv@o4acMV|t)mgq>CFYWUKhI6OOHAHx4s|FIVk4*yD)AG=o+iq%@V=D(#c?c z%>ppFET4-Z@sn)`NYx1LU;i@y6rM$#!hG0)$IBZz(fK_Gy26?d`M0 z2%wR`rZr|9#)GA_M$St!3Oil&7VRR9zKVG(NI?! z_R);ST@4SAp~vLCv7`LAB|Iyu1-dJp_SWCkfPxO_Bh{ukgu00K%vM7k(4Sqm!|>jW zr3l`3YSarSsy{6TBwFKZ%)QH&+*C`)eofk3d;cmC;^L~MMHzPE7@ad$u|_goxJoGY zT>4=5-g%V+q6#Kt2{8ilCMr0wfnPn}F#e2el6-oG@Dul5bVziG5^!!{6a6arSJLB) zjU7L%3SGpXMd8vd0$x60BMY8o;~912gT=3(b4`9X%fxIymti+gK$WI>%|Pt8F3HOT z6=aAVhPlDl0{;=n!1*6O?Sq#{`fTCGQ$gwPc)}%^zztPG_7uW0JVN9g=NK~pc+xyL4z&`__(2?o@+>2eP;q3RH*q;lI(eFOI9T&&q*@(Tv5AaULjVdr8?SfzQE@Cz`Ye6G4g=~JK8d_nFu=6RneoLaU0m5H++*q#ARUon#g=!VH*)8DV@h#O_E2} zW*(=`@S)j7RPg2dF0)16elD%*1|jUD_>8I%$g!{8KepH5KnUDDzs~7*7vSr76xLce z$g)qwjM0D*PdN-+GZrK_#uFm-RE+2^m$H2F7549;G`iUeh|_#n=D__xKToo_h?kyU~s+t z*6`GtxZCTRKvk{p1{xOLJS&aCH-{T+CpY&U^7jhZMGaku3$Z@pu$>=2%M0ti z*~HhG@=RaXlL}WkOjwr2ts_L3dlyk+VL~v1)llp!|2RPrZ0K`V{e%))rj0EM*PN<_ zB;*Q#SENPtv_vt;ahX#3*SYw1X;2fXY#cP9AOp+{Y;N1tDz2Q74$(W z^u3s7j}D+7wN?!|I*mm9w_tIAFFxUvaWdIu(g9v+`b8J)3khK_FMpeLz$#9-LnJVV zh&5jHP*%M}oYT>Ihff06dy8EkdSbO)7p=gv_HQXP%-P{Pn zyXE%VnLxVt57WO`Nhlxnn=f={By%;}{Y52e9I!l0OE2VG)f#+`1FrE`^I7m~-Rt5| zlWEoe_0SdA0^D3$AU5LrWSyuu7eEKpU7dA{^BYHw- z)2=)GXd0T&T|-3&^okaL5sb|;d^FU73mNQsnr(Z*=*WNu(~{7*t~ym8<&5MRzV4qm zS}aSc2q14rm+UH1jo5iuh4XUpFMpKsXk$x9IsBoG}WtK_}T4kWBz+@Np=T%@7Dqn)n@vZ>80VA@@50L@UrbECfs7rx&cX z+z7cZ`#9=MAQ6xe9Hd*N_}Oq}$t z$Xl_?#<);RLw%D~#T$u2NW|nfs3-lrNi5Q*J zY&7vm+;f26=T&($_#Qxa%7ZMKCpfHzDAX1#-3Mnf5pb|@PG(GEF{)U#AwD!`hvw>$ z0C)&~19j${X%R;ijBO$YO!ibeV(6n;-k9B|&WL>g_KBk@d9vlx^a4Z=Zf%m+$*(mE z5>Uo4{L`$*p2u0i9@~F&HG}NL8Fb)_D9zB;3AcP4_jQFNZy3*3KnIgS+=V@44(W5h z?2Lu0B58a}UF1b9k)XcS>r-rE81}_!S8SXLY@-oU{B*jIT%kPGa{=l%v$%l7gQ5!! zFBrbo#+8~|0~F1J+ci++9)Ik+5K~dMdD5Vn#4-Vv8p`_C+^A6Xmn%5$|L)bUx)mSKeUg)9j9F#xLyn65!;9X45ItA+??WNpGbc9KJAN2}yBa{qM; zcvlsOTlQ4MO}bV20d87vx*0nVDPD{vf-Su<&;qE#GCZ!KQyg`j?fq&#vNi`Gk?)SN z&iff2^jJ;mEv$IpSleEX&Az2Z0k&m9EgY#DVnqPgWbg1GFsgXO?ZmHc>3GOXbb0C1 zbzB*V?X3c_as7h`+osRSF{uqB7D;-BpN-6wq{~qrBptd3Uln z@5k5J-c9n(Cl9UpxX)h}Pi=u%&1(*A=1mVK#7BU6DZPA$DLflF!)mx4Q2L}sCAscC zH<=2d*%yUfZe&I0tl3MK{ykp16qgB{?-Kg#zxRtivs){RsUfuHnp;y@74`2s10Bjw zzr1udI^0zoc7FL<-7&#kDPH6$-f?QUs^%F>c(KSvOkc@ycj}PB6Y1J|E04`IG{||LA9%ZWao}eKsho$u$!E3<=_2^{quRQ;XvEb@ zM0ax z?YE|hrm`B1=vO>6BOiE)ZJl6IHju~~Dm-H%vYE1k_ zYMIANcutQ^xiPa@?mCPH(LKYry4*@9V?fIco;9<+-)Yit=`Sx^ya##q4^SU^4uV!~ zOdm8(s_B-jIUnfi>h|D2QEsWB%uE3r72!}e@A`nsH&sx2diZVGckYr66u}WjytWRB zU&dImk4W$=0h5+?eIZfdfq1sSzF9Z;ZF8uZ{PT8~8osZKvXZx$Kmy5?CaOPsY!^<% zByEG)E8NfD40cQ1k`sFEIfsqp2A$8u!oqeUc%A7sbVk;s%KIN$y}QUZ{WJm~4SpGY zz4i;M$^4G4eU|!$^8S&&of^P7-#O)s)}-eby_L#YT=l-z$v%}OPMAka$Gr6p_E1SMSwzfFnXDP2yg6GLf9D)9TtI zrrHTLhzxC3Y|%PY1NA}La2z|(?}o_y3n(?9M%2fvXi_RLMemADsQwrQ#q2ZZO4MVD z@oq(zD>b%<@_+Kki&ffpqH(QmUgs<`!dg^0y5x*=wNvV`jc+qmzR2vHbd0s3SvJWO zW$kX#j=dxJq{Mu+g0!wZQ2SC@J|Acy(g-Wg%?DgZ!lvQDv(TlK`bGs^`_w(F?hNTw{x;@$;ZM+6$?Mc?7ugI79=Eem=D+qMJeegR zzOG%7e)is}eAjKmnBO$xQa{Ru>#4LRirA}b*(AIj;y2_2S7PbmsU8Pju%gLu0XCwQm_LRMw`eL@uqFncuhU%zRpx+uMtkSS~xLjwm zd@YS{ttU+v)EjacZ^2MYXnq{omJrgbuGTv!itYG4j%WEp9nN^4M?yx^0%ClYfC|jG762AvZkCa{ zN|g?mtuDs9KH(cIRX5h{@G-Ig4pmjBMaHXVeGLG|mW+LwbK0%15A-QxiBYHG4V6ery5b|LsKX?cba1k3!5Fv3 z2cBBrn=WR?)^aAhC_(0~k1wFdkf-m?;D$J=Eop4uHH&*afs{ysm@iC#LQ`|h(y^D> zx+2xD?e?%wT`&`61)OQLFwTm(4srwqUdIkZ=X9j~SKLW$KB@F~E%Uhiw|z(v zjO(%<6n`5h)mrt`zlmAqL>6%Lt7 zO6s5i&jztc@EnP^C+$^U@x3)74p}cb18&k&|E$V@r$DjPnnUw<=viF=;cmd(y^jAl zW`Z(=r?X{T95BX<(=_mpT*dbx5X~cJJ*o$LEei!E3bhaRh{?prb0Q-YW-z*x z0F^4XN$s)L+$i|Qv>>wo>h1$|sVBsKOUK8OcAIPOd46KWdHeLYgrU+)PXt{&w9+r_ zZHWk#vdtK5n_{+R*2lRf60lkq8x{{cw<3OS+-zLt9`QavHSO8k-di^yr@{p{0Ir79ZHq3hST*W~Di$|YFvx5B}V`mW+2NShv zECGVUhiifdcL)|dxCf_kg1b8ecXygVaF^ijF2UVt+_jtT{&QwAXJ%HjsdG0~wW(8e z>(*QE11^1<&#l`_`Nk7V3s86u|AJUab#d1w@FU}^3(FTI_jMiAqfP2LPQ70#(<1Z7 zUGtbDCJ#umN>Q`IA}8Baq{k?4L5N)Re7F1nJknt-Tj}~8e(^&P21eT2S4jpyF)UJ*@bH-`bco69 z168d7@?Ul2o*egiPCWQMu{?16V<+sniJ_hd4dv^|m~UN~2ph76)a8bNjG`tt*kT{Q zAzg&zZzo^I{$BN`Li6Lt31$9sexMTEhSq!%IT(C-3>IoV))DXd3OnAo5J(R^&RzLa z<6^}6;qk-9$I<{hC{D+UQd#xw0<%H+y>;3e&smTNEwmu}+1xpEXLA~Yr%UW_h+Ur! zp5+nu8S@cGdI4qoh;KFH{Dv=ycq;!sZrlFGcC$99N|i8mw(KHcdHk>x&;nkI@>u)K z_!#(XBv^5woV|vYTp4=X*BXjAJ-Q0B|7o`h6nD1ZZc6sUg}#Mg^|;{u*ahFCifI%9 z<1NPbKsaa3I{x)|^+GQ$?W(md=+kA@y$T2rkAGAd(q+BDb+pXToYS(WKa`SC>>UEVhxgGovb{^PaI;jg^!*99d(0B4mn8!sv3??ZEpp!G`#JjjqsiY$|3IW<_8Q1#7O^Rv z^!%JC;dla&Q zK>)IU?pM^9Rch668r+<5aI@!==!|CXYF`KeB8XvuIzU7S5Clei5B^!}vGFM9nOg%B zM$PLqY4CSm5%s_6;fzfzN8`A$DiztwbM1Fh;S1!*Gi8LCL|)8d`>Yep=mad`=*5j? zQ_uNBQ{PQl?sf7Eg*X^IZlQ(x_<=TAs;cq4TgH|Qop>W0^VD{(vT0n%UVu=EJwl+ z4}<_vO&#k}xbyQ;Hqk8)1zOjzoVDwsw0QohohaLNlBk3VAsUaNrl!|&2G2t8wv#}w zwMwFq#BcaaAmCWMGs^nq>m6*CfiQrbmM@j7;FaL@f%(WeJn?IF_IWIBCQkt2eanEJ z!EAfaTy{@^TYw(?BsO>aC9&r(sQ^p=zO}hOrzTx2@SpO#Arn9mOp&JE!|!>Tcnn?5 zTGR!QcRKIKg)P_KH*q!W1@SXb2lAJ)F9G9k%YcaubOvwkp7`0o8Q3kC$+SEF!HECq z)S}Q*uQxP zrVlesE{)5Pjd$S*Oq0dHP-A9#g&7Ekm(Qr{}5k@dK7Y-EL+ zHsE#=9n$38!;fe_qXcl8e+ARdwD8noB>;lDpfiq_To*6#?Sv97xDsg;qplE zvp)@RP-0kdqekYTCT=9{;oaAPamIk|s-{(8)2uo-^x#QqTb~5tUGApX=ftkBU0I`f zvXJplvle^u)}@LcAf`uMi7&#VXhHesc90{&>vF`VSB>Fo|71JA1gDugHkGVadhbpr zgGe8PqL*P}jjYyTA;22m&1@S{Q_HH4f&D+r7@^E$(J2d*`xZwY(pVpZk!rRh>Hx~X z1G8cu1ISw2MbJY!)Z*~i;kK!z&)zWU(y38zHlp!$PTz`7h|sn5lX&XsxW*W&WfzKjaJt?fO_(hKpN~$zk9f$bn!B!hiH-C}vRLjn(_1?S zpd)rW-lQJ*TVPwaXU(s8CN5UR3IBHJ3FkYUWd4unSh22La|o2g0-0%P#PUmMdf_p7$hTF1Feqq+1VJx7JFbrX-huV>^`i=s&2afLH3)J0&H| zgB!4;0+gj{$9NjyOzbIH!?|)J=lB7abvoq4?HQb!wPlWi*z4?ZTf#ny*jK`D%Ps0}woTb5F^cn`D!aiCUM*G&$~udBW)e7k3gZT_wBWHG_77;6Gg zz5xL!*V2!_*+^AI{3&)aF0STh`yJ8M2bemcDl(75#JkmJ)^J~}OCarcOf!Zk_Wyu> z6tFRztZ`$%-1XQ8$K$#riy$cSVK>y88BwZn_62x&?A&d33B9&4U4K`!YR^l1lQc_-jvve6MMuNalNmxumps_p)IXT?2` z+0DF{H(Z6cCmxZjRN7xY-`H1w{ov?j-;c$^q5h|T^8vJ8%(ATb3Tw$*F_Y_%!Gp1I z^qtD-OS`e7_H{DrD=R_D8rQKO2vL#Fw3AQ*zcH?D&>P$)!rE(4-&w1cB_>MSa`??& zUg7=tGHAQOLG}E0y6T3#=bvG*s9QUCu;MgC$*WOJbXh7uL@EqbikU ze+H{qLHu8$o?@Y1KY9Ua*r*|3$h}lk*{5r{+gseFm!if-;moC~ z_5Ip|a8bhRbiV{K8*jMx>3S5iM}BQ>S*%;x`gMB(UnHj8^TciyODJ;1b9qp*`VROt zehipFbt{Za8pwK6?QS(TkEPOl)eCT)LZ?NycIp*Dca{cRBlu^(-KmMCnD#L5i59?y z7*UwS>L-FmKKD{HZrgKwgixD@`!EES*7i%P*d;cD%*}By60wF-&t@*Kmo|hB1Dn>7 zrqWGnS2h2%ch&s^TH!j&fydqp1$U?hJ~dI;7hA@(w+d;RF$_3H%S-joMWXLPs>HvKJ5J&rKAk zbQgBb0y+*$v}RMzLP*^WLLU9!xSx&~#0~UshlTsk6+d*qOxA#xH{VTfzs0uw_)xHr z-L$|%1}{(1@18n$;tV2t7=yB0S5S|>dn+ELF!yT(dr_zc?xID$=7G$XH+U&$9mqx? zNdeT`{`DVAT#pAtY($ohDozn1G{~ME!V_!rXOlM{fqnwY3v<`ds%n{*23MPW#{5X z@KZ2cr{j1&;p42XGw*)xF3(2y=MT^ZVTB&}%Rk=PSZ9h@_>jm!7M9uBGoz-NCQ7-+fsiv`y1m zu}vJUsk~K$0$z6r*QwoM1S`bA1R2<9G}{gR1+VS63jW;li#(US0KKlk*JxPQ8oHTM zZdTPxuT3pBEx94cljFI+HEicm4t9>hL<)H3?k+)43GafvAx` zpR>DJfED{?ZZAjQb*UVO@7!5#X2p;yD0lpt&FC2p>vLg-RjJ$m{U?5T^=6&p!r5~z z)AY)QCPh4cX=9Xz6?eNC;d{;YXx__Cp*-1gzGQkP<%E{p7PL$?{DmBpBW}^Em{M}` z%RtrBB=n#@qNILSqy9Dvx8^#J?7*)x`N46Tk1FVn1t$*l{2t#$*f-YmaXoO9zlUIO z`7|gY9*`f=U~>xtHjF>IEYdo?JvX>)xjSy&{|PoXu=vN;D>?gjOcmgM^C8m_>;@S8 zbIfH13H!2^8K#wtI!U_x!7F4=H_S_9y))a?3FID%;FQ$Kd#HOn9~|82&M@lXX%&V( z6ea9Dg}Xg>yhm|wJ=cNV<}+_6{x}yyr&2c&v7TWOCYI+Yt8*By7Fx|1()S@P*m^=n z>=LTgxv>O|BaWPGKRi#i)n#!I|N69(ly8|fCt4P`{j{hWDr{tu0@zqszZJfcm0Z$d zJqLCp?Rzhi|GP$Z1`+ZaD@`7Xa9=?Vzj5)(Ta9GeRa9~L$?gB_u~H>YO_PFL#>t?mvcTxcJITeYc5(ODj-Gm8F}0w&S5dw z{}u5&_IV-$nwnA4$P>}bgTtS#BbE z?8@rdgM22@)>kX{2yMIm`_ws*Yi(0*8)n{GOh!u3HR1$vp@Ch1Quo~;m~pqcZuYGf=+IwkDPr0&;n)d1WsyHEMc>Z$HL1gVNBR~AcPsTSRs zh7U#p-=ROi5xZx?9QfIyBiHagn6nJ!D6vo?hR-)b7YbF<1T5#kzrYPluv4ni`KCfp z;7$49f^|?$-fmq6c~3Fwi`n|*m|W`?nb2dWbR@f&HQ&vjkt0*$B@@_XFKlqxkT0-z z4%7phn)B|^VAxov&vl`amodE7w#&=)sJh#F@ly1O1LGH86pudeu-|fa6VHS>&$9t^ zT;3S=J8s20MB&8-RGZri!tuV>F&leMU{F4Pv0frS>cgyXHeY0o*PvG;_!dm=C9;EI zv0=GzdHKkc8y|;N&vzXUp?1Hz599;|xEuICP1YXJiwCUCXNvpP`M5RZkHFV7O&gcN zaXG+D%n^vLMN`&QlkP1o+-JBxwRh3ex~aH^Q#@Zk4>DizBOyTU&03XBAmCs2e6qny zJ&7t{hDJ@;`eT*sL$ZsGyj-{u^9F3CJD+UL@o!{5Z{(lF62363}e0y-PgEM`kI9m3J zu|RsjK^y!aNL*76pD_Uh|HMvm514hO08%Bq2A&^XN=doNSG8hV=H$eSF~ za9qOeA$aTkt;bt$$_7_Q;j;+1S9SER@e_R3Vl+pkTUYS_W@g?LAMPMdC!ey2`Tbv?+&f8?i61ad%&s7SJ={1! zxJS$5B>nl!mCpa>eCggj#VGYQd&4~UQu}+l)~FiGe~*&*CEi}`4Wd$8C=ZaY9PtOY zC9KpR!`W~nil)gWd8h6kGBPm+Xt$$D=v*>uohMJ!M2CKa#l$I6RQspxwEF~;KS1c6 z+(XSCh)dy;5 zM7g!CiW$Tj6@Lzr(u`=&BgR)?I)%8p+;7a7bWB{5aFlR_wyF&Z1eWR~9@%=VhUZ?6 zY<%3`;BoRQ${>XL7RRI;eMjrYez>%J{GFHxb~TEfRGzy%x}z%()_S|VN*Qrh>IifY zd>%5AHf7#C-Ku15jb>RB^ws5gG-`eRL|Ny?KP2Pkx2;xT_xnUhoL#?z{lw#A)4YL- zA!dzXOvM5u;h>oipVc$ORXojO0>GS}DL8N;nI-eqkffYpHn+!h9PZ8lh;OfcR;nr z4(E`Rhd+D1zGI6pTg~Tp&&31jmPz0`xA9s5;`wz!gZqnvQOaIF_5`m3$&^W{dR;5; z++9h%mYFAQ%Dm~)nyh1(w~1b{sOoltw_p)1S=qwihUwb<7U_x{iQ+P~6zSk}^wI-LbCtS3g$lY#xL=i+q!<{o~Tu+%waeIctRfP{Alr=xvN;W zze@L@=_}dR2bCMhWT>cTnwL9w346kSbOM@L(-r_gAsL;8bx$`b6J-`$(9BtskiPsDvPgdjzyWRjEK6(40Uf3!VB)d927LnjvR4|v>e~a+H>pAR=_t5HI5SClQWa2WXanyz*ZVB$kLUQk<@fBme!W zd&V^6@%POz+3cPV?Q*Ww8a)y|k3DGthSe8SuS4-LukcT}TWjYmTcE6Z4*yYZGiL6c z^bua!?#`GEQ$?&DqqBfh`@3|_na&qKT#c}LB6hlm!Hu(p=;m4>m z>6@xW<0-{*tBgOSk3={{I=NzsX(lm9uLVwv#WFo{~vZ2vS}nqsw> zBln?SZU)Zu73!>*tNrubi5{1T_MzKQ;*4>K3vqq*VmcKM#nb%lTJzOs-F&)J7R=9s ztHSsTJ5dt7>0%gwVk7CsuePT#+qyFD_=}ZhJ`z}*@_+aeFMedCY_0M$f3UloCWckp zt$#q@t{nKjcn>o042k*L_PR+!n`?MnIfRwV*R#0dXcX?FS$X~~z7q2aY<9?J zoTj>gh}~0_pK$gH14Tsn-9{54;EmN$7uTCdta#nQ@4!F+ukep?^!B|;R2p4V`7fid zXKuffC(!Wj!IrY!n0amJaoC&ZP6SfD>>MbPR^qRp@>u&vYTs)f-^QvXW`8`jmQ&0z z{m%Q)#W3SO@YT)BW2d-c`Jz-ArZ z!&zt|=jv94e6p#$gD4JHx|Gj2;RJ<5*H(4(Lzp4!RN#P{&!^TokQonasYg&(yW8=p zvlG_FngfbTAX(NBQT|J@{QGO8YkU8Z7a@b&7msltgBJ*l|1(F2@EKaXgsvbC1z#O) zg<;_6)XfvUjppuiH zU1s^A!C*!D(!_fP!5G_(2N9)7k{);{kAx6@YUzM9bEHmsBX}vq+q(MZM%k(zpXhaJAPj7N(W|A`@{O{9!A5Q9ETh41{7iJBqVWshRSa5^Y2bnNOE;R9QQaHqad{F#rkgwV@pbc9zF z%=}MhZ1>T}PbUI6U@Xg10BOnNVspSL<=?Jl+m8iAGlXCL=pqIEdl~(MEdXh$f;3V0 zDdVKCNVu)Nd}tGr8~iQ4v^NR<-E4by7u+46p2U&_%%)ww(mjjr7_JXdY^Cg-2H0}j z!tJxg3q_$G6-G8n65Lm_nKs5(FR4k7Vi=g4#J99Q766)5c|5YABw`k-F|{9*Xq~kC z;I9vg=PI5~f`IOtvZ?oU$Z~XYZhMP3Nf@WrnYiB{}t#;{9E;128wF%XAWV*ISd6(f1~AAvMcBX@FMYqFW;6Yr7zxNh#c(ulOd4 zkHBiz7(@iq_Zgc)HB^!de_dJ%rP|)L2M+OsE5)!`@h@9$|3w!2==G%crQ-D+bF4we zO&X>!2E(g_wN&M%B}u9;_+twj$v8^EGZoc0#C7#IX-1sj1oF2r!YvlkzhAOv#@c_< zO0JM1Na)RdjKs7|{&2$)-nNV-{GO>`w#5;z#$sPn12L=rvDMt zf7$xsCOFMYOUdy(d|g z8dfgWGkWuj;49fD*5A57riKA^#c5NdnWx7nj`>0c1l^A{L?^ioEU>qNrGal#dVHE` z1Wk@r;H3rs(|3PMmpn44eb$0VB?_ZzJif_4Dv6c2$1?lW93!Pz6AZmWJ1M^TA~b0D zZFFlWAu6sXHW(*-?%dDp+9lvB9-L0Y2a+s8PKvi5>7#NTs=Nldh)_w!-d7-RSOPk+ zeuaN43?0x0=|5Sh^Y8?yikcvAHp-V%Oqbs{0u;W7GQLb=(Po%TsD}1lEyTU8g}P7P zJ|wa>c*P94efABy`ZYa~^^cNmO*hSf{OKfMd&^?Fs)no0($S$Ov{hU4z8f3-iQr6z#jo}=jH6QVL!MI5^Hake2`L5k(B(FZIWBplZ91$pj)gvujQO;G!!aeLmxms_j~S|YNRj`mOGfX zo_~V+Rg?>_W6q44hD~g`;Y2|q0IUiLvGSq8|Mx|j(&?ohi4oN=5!f8IE20=y-f^~oZ>8~&xZXb)4LE}P?y{a3v?U{+%GJkwCOPi zFm7%;#+o|C_t{RNLUJ@@{`>T%h)f+rL8KUVK2|{L_grV5>}ci%yMLyN^n_+)RlZE= zk~ON`eO2xo%$Pd2ergQJAEfzX=_yPjbX%K5CR(b1MqnVVSoOk(iGR+@ixQ1~fL z@oDx)`TelF7G;wh<%w`l#d*AjVL+Baz@Y)w4wU?b8Hplhz&7aF>4*q2K_LYt9X+`a zlX?(-3HEqy{3LW``7)P(%4QL0-b7Flqr~4mw*|CW@;ZnEw z3cB`-CFo!IH*9;ubhGS0aR^q`K3w!f4SJlEvV?3fxD#)=17l!Ry`E#n^J%Z|4rUS_gZ2 zobvUTo2+?Tf9ieNRFFZ80RYR`7hgEoyZB|A;I4q{_}FcTd9FCjZ&uYQTQLaqE8qqA zOBfBUs_3gCUqSO@2mLzlY%8vec>fU@kcyt-{UK|hKN^};+h zg5a!#oxQC-fV$pr|K=#BIrzZOXF=76W5c&PHz-Go#F+s9omk+#Y&U!Z-U|x=(NN&+ zvpjW91KTU4#7BX|=IcH2hMfySC%y;o0uCDE0l*&5&d2wmm^u-~`~&fc+b};v7%AZI zFJfdG^Tk>3=6NP9-}A@oSoG#iXgc!J&XZ*+{G#&;ZUOg?LB2?Y2XTDvxz+D>dHZXX z`Oz5OeLF31cJI^z$q(AIgyY`?{V5xthZ9Y@;-3Y*g~BaYf;OId2bOzp@`~Y464tTT zJ83bn$n{&NKrjGmRtkS~^9I1L>fnFsg20DBvDY$H*lFtj9bUI{> zeW!ywfP^8<5$xnb#2^!zPH^ozXfLJrf zNzMOab8Eg{pSx!!)Bl1Z7daFoFW|$1qmVJNhcy1L7^Z zq-cz>Jp&`swT-Y0iV4Zr8meG?3vtS+Tfn(UN|)G~`0sn#%n(s~_b_=i8mOC2V2F|H zC!6b|;|3EzFI}fSx4JU*0D#41)LZ|9ouew@)9RZh=iFX?-4T}$!;tB!{y61(QIk%p zLak&^d6f46BM$^4O#|pxfjXlr+v8%Ad>N+IUE?}nA&KMcPO1W~+zLPING9lu1r5X^ ztbkr!Vwg>0pJT;*eWbNs$JaH1qT|vUGf2Pf>}%$HwCZ)`r?B}UwuKJjofDo)N;3hk zspdU_H{Q*}dRdn*#va#R5?`vsGg6wg$<`Jkp#%B+&4{yTTAyZ0c>-Hfe+wTwCDtb! z+Pp8d8mSVLY2;lKD&Q+=Avd~Q`_v(BELkrVN_vLFPZRl3Sp5(8P^6yM;@47j>=_GH zk7mx13_ZP-l*ZwC#17`WDrF`@!^*Sn4iDojn`{x3(E6oI&Lzc!77EV6z;sKl$dR)C zWv0&_NdGOwmp|X^p2}#r9;{xF@jY+0Anh8c_hA-aVz;6y252jrV9UzkJhuL1erzI* z4&1~be;}Nj)ICf26`CV{S$Tri01|bhVEh>My6=;SWeFv-#6sT`%HT9Jq7y5tF#nnG zo>;8*+$ZGo!4H+juaecl>VeXrbBVDb1C~Ui2MNp%NXArHjxj{XlbXO1iOAB5Zm@7- zd>y#kPFDRV2Wrx0qRVX?m!o#(2g=x<_-al$t2xYkp~_SsyKyur4meH{zs(r5 z-N$ynKaKq`qqIUmfDgtUj#3<#1T+qF>+DBV?J1u>yK*(7^B@>>C5B)x3XQLkj?R*j z+$}aZUPSdztPf`KL8d0P)0o^#SsTi9g|G0&e4j(lWxRV>zqF(AzX?%eSC}{?m$hZE z4HNzSlQD5~Kd!v`jNS?L(D1tx%>IrKcay>0jikn z_Ho)HF8oUfqR|Of0UM}=$Vl>Oe4owf-u!#7(V$;@9xYiaQA(=jMyv)X4SRTX`dGp*Ww-%wj$<2P>>6m9V{0zPYhUyjP zmFtHFJF!6=UM2#(_?S)n_(^V7l=mdh7m{Qe?Wd*T23dGETz4UXWegmR&@ydQxKP2} zFLvAA8msyn8DV{4(hG+xC%Q+VDlJi-=dUBHE(F`wn|WwkZ9^^=An=86@1)>Eo3{ax zw9|44+S{_nqZA@Pnpua>@0)%pdEpFq%9Mu?41Z9!8-64P&%HbInTLLuwNP2Sy8xZC z**zBG2FT@S#(yHCy88Jo>B`jQrzF#8sH&??KrV_#gpBM$;?F=L-}*?Df7`P2@U7 z>S+-P4{M!ckv^J0(;N6PDHun*!>3iC0Gu0^=I<+e&do*4sb9-_~{GR zMdsJT$dn5d=P$T6H*r%G*zT(W^r8saVuukKjY+!IF*IJK%!R{eaysT0+Lp^isrS)WDHeo04HdR z2F){i(?J#QV7m3Z!k^HD)oLPzxaN>o^b>Z&^%HFb*E!pHS3Y`~L{VYg)OWKC^*vOT z+Q*?Oy!^fx%X_zcup80CMH(+Sq7PIqSI$?FiW$RuPF9@JI)D+3%v#f%({||@2aEqL z>d}^bS>oWoCHRbKN$1gJK56tF!SkU$RUHkRAKWWR7Xu*6cDPaMxFE3&*LUtt4-diyGAnYR)eZE=J-BMZG`Vc;VGCr5F zm@!F*4j7M*TO=jNxO9qY_-(FFnm_}gn77&ZD0fPnu{pvm&-YI6?Y|qY04Jo*s3S35 z+-HM)irUOYeqn>`G`)6%)#=GhYI&67o5G+RH3EBhRipgJk>V$Bn7#U%I@0az*X8~y zXdjV;n}=i}PWan=H?v0|VO{QF-%~Wpm*CK>GI=%=@_$MT-x|pZD|9EtfAx69`khE_ z5UOa|fV9OuF_K(Uv*r`gK`(Wnv&c?;uORXG9sITz?qnm0k1ja?r-?~>L4DtQ&4fP* zPsS&aJhBNfV|oRWJR5AnIo$H|;Aq;zPt~m55wTvmp_f!8$?lXBr6c>#R@xIsN6TqfUymBU zp8 z2=)Tf%XP)GDnUSZ>z|;$*B<1vEXu8LeXmpRITj&y!+ITb9ct8{U6^Kkde@yjt(lJ zdT`Y7k%kJ8NHGxi$4o3WlZd7Ag{2i8!l8LjKU@Pis) zTxRx&&66i}kySfVJ4gI#N5*HXs?6J}8)w>Y@M>D=#ljjv=Q9Y0+qH`XA4SCi-3%A` z7_qzKoaK4 zhmiatP2rR;V+hXqNMB|If3`dJF`}p1){t2)?^Ir^X$|6cl`LY$3;Xe=K6~Z6o=JH$ zE50PrCNMd`Qn;dzip2DLhy7d)OuVQrhQ9qBZbhb$@$rcnJZ*2nzn|pyL3h#!Fp6k* ze>&Iwa90?v0&W&(WqmIocS3>?N2qMMnKSkg`Wbv$m7vj&jt|gdc9eac`1#)eZ+X3a z*njl>(31m6bD{t2f=x{9jZmB}Y*n%c-1UAU{``F0VQYrJJA9Tcrt)^DjmL=~yJ%?@AuAu;oK!rLBtvv;vxme&Q- z|NZ^8h_TarGvzKJDO|HP-!~st${%4s^xh7Ws$8fKx#n#A*)8g!%zYwS`C#nqh-c^A zV+9L^LgZ-@BR`0$e4@hJI=cJK0A%ydEU6Q_2r#eb5!GxKZXm|yVUGc|@fs66@6@Bb?6 z$vn9x?{JME3hr|Xb)gxJ)u}_|X(^vpxZrq~|HDK6D)1R%yaqVYhu-{Z!sLWjUuxC7 z7zepepwHz_=n3mhJV?@Z??-ZoALYoW--D-y+|3z{p?Mn;7fBf=VT+$Qm)j?O8bu6|17&F#fL_MQt8@03Q25`+>* z%FOKbLe)G~Od9yE+5blC^j>d!W{<#p|D22~?AD-PHa;276b^g;E77vC5{~ZtVE!5O z+VC{FtrBUPFgBe9WjF}652Wb`THpc_RgAbg-jPI`8+t|bB@&6&+$tRG>;5TGBZt+O z`4NacVj*SkD8J1}rC_aTId)cg9B7!GzELDvCb8N<@$*=-#kP9<7CrByTqV|>jKdF) zEF4o1ohowYZI+OwZ?OgZ_QUj*=jot7e}Rv5J``di+YSxHk|H1w&hAT|W=?8vE4`RN zx*uq^a6u{qfK#4Q$pP{6Ggm)uipuEgNZzy|u;Z#plO{vnvFgTpSSvxHB>u!vMsR=N zG_{^)Gt~9mX>R^NOJNRO^4mN03U6kF&pEvTG$#mW=w&>4zmLM&{z=^h)N9vQzVTk5 zv&2fTf5SCVsi{USKxXU4RXm$nS7>!|^6OhbN15O4;>sow3Ag&B=5J>jh4g|&AaXPF zp0)0)cohk8)qSb59J^sP?u_gwL;SmU8zc2oup}FLQ=iNrv0odsI4jcs^_e@`IgZ{f zI2oBG@kKFaAQ8@x%`mSPOjioYp=j^*{W2uN=TMN|a=czh`^d4^k^dj9^EyDIStEyy;Xu$Joje+*EZ@cLUdC3|QtuZ%$7bP~$*SE+T&pQX z;_dy9-`GRsy>d8W{_e|m#a@+Fb_pZ|so~dHSrt)N@!h+CZO|DtU86+^W>1lhIhq%o+3jx% z?*I?f`aP9>F1OuBdyeO^f==}NFG3vH<26Cpa&6!F*^CzBe3q3rZ7J39KAE&vLTBw> z4l&oTMyfE)jqYYl?drXMKg)KTW@;uLal}T61*=N-eNsbGS=-JON}{-jD9&cEYwJ93Uy0hZVUawk7l915sy(+2@u<)mH4Ll{XdN7Qe_S4tpMzt!rOP4^wW&i5h{@#EopFXr+BPE;wsbzf+G8+9^MRbLdcdmtd&7{nhW$&m-p6*`p$ot>WClI#sZ&U0?qQUg)Zojis6}$j zAbIloN2$I*xcC5U2Neec-@6F2h6*^*jb)P7B9hGhd#CmHI!BzWGM*ubRrs1|KT0v# zR8A1PCyvjz#=<-E9pi@TqegNpc5&Ys2Gc^TEuDC*I9bpa4gX6(JB=?7yEE{&b{B%35v{-V`%ht1AmSyhi%H9up2q?Z)U(= zJ;K>#Ei+UHGij8f^i5B+5jI{7o$IT`Ro?S%)wUcHUuP!fLsq!OI~(Zl_t2DDUp$yx!}87(@vZ7=0h2|Ds$L z@#rrcqdR9CIBCwac{fN}Z3b#j-*so6{RVXOvOP~>?957O{9f<>q>&+xXf39Y=S>@l zU?xRFE7JL<*@~FpHHh9bQ>^8@9PYDk-$i0az*&v0>T&zm%~Ejsj?{Z>FH5 zO-PSEG=tHE50K@q@E1phRB7TPpEi&{H}4Xn3=A9t1l)OX0yLoi17JX(ztelG>-3)u zVdq(+pB(k{kJXO>Urm*x(NzA-_s+x_L$#8N{JGB9Z0mxgx+HP~zNMF5SeQWYo?6p5 zL5}0NAJCVRer`RYQ%;`rKpHKyE6uz(G&WkRfZ;|(zQF+ZG^6RXa3DwTY1$?uMMSEK zuDm>|TVQKBWbh!jDL>G3Hxc&Pa{DG}c2Lj{M3};Z-!B&L93yX9Yfn_t*gr#7N;Rf{ zRJx$F1SJR05%PoyoNpl`MFvAq0ysWjxgCxqeOyCgt|{{?JhaDX20b|asW3z$Jp-27B9yEAcc*vYwo9Z5XmX$ zHrx_`R;){%>WlvBB8&l*Z-qY}RlrEK4$Q-^jffCM>!TvgOY7$iu=Q{B+rDK9KJ)s5 zR~1h5A8t6hm2LQI0~yjse9{bv44v6dU9Di z5nP6IV`aP&>*6#;z32DoePF0fgw`O`Yd9vrNA(Y?(LTRNyEf#5)4)_X<_(%|yzW>r z8U@XB2o_vTx-|FmW;}ry3<5HE4ew8|Nl*8|TlQD%R;0VhsQM`J^M@&q!_d=^SdX;B7kN-z^4^$-7@Cbx&TBA!Z4q?9MwDGBbc zEKJ{84**31iDb6ak!305$CjZSpiCk!vet>SPWsfS$YrXFhG+t7_Bf(LvV-7#6QJr7 zcPBDY7#Vt5uF^HkwD2%(hQ%|`?|+ve}{&Z97*he>|7(ZqRdp3Mg~B(y1BjjO8rH?At$bCukaEBn9FLyg)vw;}gj7<&c-4Az(O)t&4+L zx@Rv*54nAm4pbVFDdAPE`lWA-HRl(|j0jhM<5s{BOSHFUfgiBA)QYk}Z2P-?0;|{_ z&aZDtsH*?t|M=hkH<~PnghHWzWHgTa10yl$A2eQO{~$Ax$}^hG3XJ?u(UCTP)>LAf z>0g{;ZHnz*{_!u`(eKSa=5^YqZ0i4o&zrrO#((*L@Z(;r^V)31znJS(HhuB`{J*vW zQ~CD_Oq}R%fcAgo8wx3U_h%82@sWnd{;Xb=>VMyTRZFvx85fl-CgTg|9hbcs34L zGkS6m{ZzpoV#_;ztsuTku(72Y=3_{=ef!9l9cFU?8J+L#fJS|95YTsM0ivBnFXsn~ zy*zJDw_Fj+?pw0e;Kx4eU9UYE?>K0a&%2IesA42lBbdgUJ=g?k8cK?b^%#c zQ@gqZ+BeaH&1=mX zG=N#?hSv|uY)bgZABfa`=Qk)RvG*sAk08wC@E~`SFcMOmI`vb1)x@_d(>F1-JE84l zP?~#8v|e=mUFcULO03slJulrc0ars7*V=Mb51+T zAEH;B?Bl%m0_Stl{Zm-YU}RBnVXN}jS5*%L)Tt0`bxU=`ziZ8UeeP8T(1(x zH;9PRLK;)5umC2!!26v~+QG!8#XMk+(0o3m;uLQcDmJRmW^PEn#{|y661<8e`^k(H ztfvV@FXIcDU1id3lj@ml#AG<{rZuVcUe?eHLOPtL-*q!bsk7^hp{BtKVcd5mrG4yX z$>w|dF~9kEkP9e-^8r75UeMdHJ$JQdHo?KaG=E-JZS)KNipS`c=E+_w+S1ohxUGd%4)Z|TzVPS!5n_bP#xuI;bn4DCuQNTmXS#_m z+|(LePp?P`2>x`+kOA_!3B)AGfqV)d^%=z9Hxg8i*=(jaS*F%{P6$16XFcCsDXH=^ zMG6)`fS|cwfsf|qtBF156~S<)YxU&weI9TtKsOVZQZC6CfUct6&u+VWOI!E*2r_qZs2ikY*f~p$B)2 zUV2=37C2MuNnR16VoMfO+pr06T&yg;vfi|T@FknEQz7uUeI@pl%{dM0A3#8^H zGBzcn99PK{ITH-+jsv^Gr)I|ppO*5()7W1A zcVH6rw__Y;{4`K+n6 zwzSB|cxDMju#kagtc(o5ua#OTL}oNN0|iwu=6*TwLa@SBiytxbxi(7GK*VK?b>ZT$ z*FL>=-PpBe|9tpb4Q2Tr8Rk3;KHy(!q~}bz)0kf+B8G&rwL@`8m<7j!izO8F`X!`` zj659ro)TFGSm^)@`TerWwN(`x;l(OSg}{l!?#Kli8VCy9w&2~59o*M0V5jqNKFBX{ID{l%G93j^$13iG5sjxk z!Tc796||fDP_J*aIo;+{r`j9VS&JbO^)_U%HQRE)0ako=Mi4W9$*99%{c26e8UsOc z1%mL_wkl4R;to6kdgP28+uRTTGm&Ur=b9spUP$h4yZNzrF+CW}dt=DF1y`er&_hUo zyAAI{-$gAIU?IRcZIF2%F@p8k0XedEzDuL28rUP&-~=&=e)0#Xnu%gLUXM%*BbKpy zexa8xC)-`EXKg_l3srhd=*pD9PbXW$pdsKMFU)LE6@bP_g`KSayiCZ%D$@r^IfoYj zmYjMx#7oRHFSD$m zNr*&}e`kmIzjDKWvb}$@y??U3f3m%Qvb}$@y??U3f3m%Qvc3PCusw<*2?B-Ff8vR)gfagjk zNIt@}84|#`kjFX`g;bZJaEVr@ZC__>6rKE*-uZRFO0ay5eK=2Jxy1%S_= zRqwET%r4a-!afd&BONioY$yCJXL%U)vLoZVn;h#G1;CTQb~4+(Tp#;=d6EFoPKngv zhK1{GxxN#rP=M{DK?ywAndYUGt}PnmTcZtkc3hYN%@2g>AD=41HGuPw0?nsDcS5Qo zZ~rz6b*$U@y`T1-#7Q3bdp__Oi=hqa{3zdUjTs+^Hmy~;>%@oK0Y74(lwjWCCE?QC z@0~5^o+i!o74-(YkzEZBvLMAP3$9J&icz`k7UzaJ39Ua5549Kt8qdT3C@1I@+xL2H zkQ?3g1kvkelLkvve(R-NPqAe4eisGbZd$&@7^5CU>vh^hkf-=fHF z$uO@;F#51=ElQKGi8%In5kMQMhrZx$q;UzB_onk10Y}t`xE||5Ogv9KP=( z zF@FO`sj*^RmYFeKVw{uIf^?3rA_XYW=b}n+U%wA?lJuRToKRto(<#D{AUC{`4t`(i= ztVR$m$Og-hFk1QLts)x0dy>J3|95AJKzVIsF%9G8&VTX5wycPCMo2QW|K0ZfMT?)fEIDxGbu+ zYQ8Ul;oXdrEBl9gm3A=ebX9vGm~7<3Fj|tY>NAd_*!>)JHJEo|kT!F3-f2Rrxf>meM4sIMDoIn%${Z6@ zjX5Dd#je`xZl3`8?_4;l!#^JFzZJ(o4fkXYN2Dy1o)f zXNojiOd>v#ilt9Pmcp?+{0hNzi0J1d-^;}hJ^qq|eciJH&At{k4@0zJlsBkje~FiGfx55X;rhvH z&}y7mGxA#*j9BGUMHtH+`d+{7z|-xpTJO#TqE>W*A3<#XIMVbfYAs0nl%DFX+Q`9~ z`El*zWa~>Y!IE7*CT5hcagJ2r3Xtc_-o9NO=! z7IOaj!{2ZoMj;zXp}`^7?O1m)ASHl%!eq>{u1!Daw@J&viK^2o{3Fa?QE8lgljm?x zNWtScr!gHJKu$@hlw0}|I2mB*4<3w~lIJW!*eZ6e%%C)JT_BhXmvaU*v1d{WIZ;Wb zIvPD(ud+aYS7+!H3Jv~`=6kS65@y#m-y%ulo(3woKJNKKY3nX|89${bIv6^Xj@sJu z3Eq|*;p7Hgc5?+K=A(#4K@by+kj$i4I|>>FJGi5smeC@z0zgSq!^4#f6yWdg|FV_{ zFHbd?97U2u2D~ARk~S1uNZ%>B8{4!18*#dgyuwz$(DF8}P|2qrsZDobaJWp!!PE5gi*kcF08t&aUID!B!qn^L5+pF zidaZ%-oQ$5t1`&1XUIDw9_QBp=l)xl{)q?vK&Zy1=*Wlj??6-8#I}*V6AVH@qXY~` zZ6pWD{Sfo-U`MKWE)~#X`cqe!w_}#e6g{wT=GU5V8uB5Ge9&1k$Vb3}cF2f)lP4pn zx0b9^BeuRn*q!EQf71m0kuR5fCD~D44M(z9Zt18i9yr1o< zZnrG#m?P|J@7#ns?}>vQpsT}nYSl>)lvtt)w;w9I(C0(Ns5`74xEQzuXsXGL!W(Xn zq!&xZgZGu?$&h#+Z<`Lzn<~(NU$_10s_=5{5VDtkjYH>UY+4_4BtU)fZ^k8KdA(4- zpj9qwWA@ar(0Hv$1RzkU@i)84wbSU>i}39dc4<%@D`2CSVU{=4V%On)5OD$GsI8i< zgYfouS^eD zre&nQ2J7I+8&o#t--2uq~fRn=)xR@Wm zC^N*5y&a3xMx$87lPe;y7L?gd@Gk`tbA|Lsiti|5Z5 zy{+E)0+K1tqaV^w&$0O=DZp>1JjJV|-+bp33WM645~T%UHA3E#hl5>0WXyb(w3~rk z{_QvZ=e>aq65e2)m6P!VNe(!~6CubEgUV$R;C44d^QMyX;}!cQ6B1?07^S?Hu;I!o zB+c8_x}mxM=%{mT3OzQo$hUrlV)@Ek`?BKuW$qWeey$2pm-E3e^3}IjaE26$>5%%? zk?SSiTLxfNsPI%r+>%9>9zS^2i_i^6SVwQ(SkH_7rBG-6wd;w5#JvRt@wf$6p#_6x zvO|D#920Sw(D<;X8^{#6LL|g`FQknI~wr&hQ@`i@SM^@&N#w_o=P)2wEFaF?H{lsz%zAj=|oJqnn~700nFBfV=1hKJzAYM8J@Jl<_#g`z> zxIxmILu7ukJ0mYX*7UCnM}@C-`esDRQlR{rTllYr?Vj1r5(Qc+ZDhCDUpBP4O9>0G zGK=g0x-L1~yp8!Mb#;Vtwtz>&`^?et{<{+79VX8QJ7yP}r#}j$B9{qD#HYdIG|JBT zbF{O9@A9UD9_^XMDUd#MtKf_4{JJ06eRNJHs2IVNl`T*oAGE~9xfR%T82{!@hjoHZ z{*V&aPBW~YwE$Q!CZJ%>d+fM=B~^{B?AJvX_vtd#M@ExI5R75M^QM)$UH=)hx5x>f zc^bXVZDPvK#^fP*i^(8ARnomtcjDMGNbX{Ei8-V48kFNGQ4LZ#ckvfB9icwrDNa4f zf20N1?l$xAdDD517!o{>N&w`;pi;omcJkuWvt5PdHO02P{6EW}@u)_rGry6qJ z6!B&Kghd&6DO7hs`_87d;1>&xK$)u17x2*fy`+cs>50e)aQ|1J_lu$!kIEmGEif1e z7OdhI6=}I3z(Ak|>%#OO^gzRx0tJQR2eTk*zF_J9>IKZsNekTd_!FWydo)tW9pnXkWJ3olBgQ8M*SR zCj<#Oxor3JUq2g#Bktr1sZ;CTFDCIP+mn`bZ*<*j90a;Inxc;}*z zU|<*?vb2$M($3YruvCP);yjh2){^szddYuoj}1LDXDDkJMAjVKLXy;A7=igD3YuMK zPOAXf27qWAA$}jQCoBiF(7R8a zpbmF~cvUrIykdU0W>P4ryi;U`C>Uw$a zPfHBLpgL{JfPgI8D-e9VG-^?WP}R9u;d2BIY*Ve|!q+)=!)}fr$KS8!MgT)G(G)o? zgl?)n`tOftA_6Ja?WGfLM?J_1%M(0MVaqXWpSh7a4dMmEmQJgiBXOH)ClpT87LR`_?zgxWQt75JgT(x2t2>xKEVc6Rq_<_qE&2h6#nK|l^N z7ai8$QgBkCLI@m^@5{NiAjacp>4uj|*xBtjN(c{%qE^Wua7sNup7_yfNb;-X&Hv)Z zbh)k>i94ki_L$Lx+H(GoJo8!mBD=_EPSg=Hy|ShTn+`VOdtw0~Vcj+Za1Qn2IlBFd z1RZgbVT3;;zBkCX@xb=5;Wn1QI{y*};Y0wLifan6O0Xec@=1uPcj9t_X4ltlatH$z z#N#Dgf@YXeT{yWUUoY&(0Q-IAbNsnz6m`|QeCTi~x36Fr-;YetzIW#P8yp^eRNE*~ zJ}A)rW$&f0k&1Kq)vCdXFPnZ3a3^8(ydeTD%(9l?EJStB1ABB)f2ca6Z#0(vb3lCC2m zx6^SwX&bR#G|5mzwNF?Pd>Bh{(@jRUB(uEgM8>=!-2j6ApnOaNo!~s=z(Sr6ennF6 zigOTba=F{-NqfBwL5XLrLOZDD#Rz)d0fJoC0%DBC<(Tz==aM$8-vmGqIx6Vnb_`#7 ztdfA!`YJwl^`)Bx(?uk!{D6qxLUO*au|6?eP3`DCjuCebqYf!!0Y#v*GBk==K1Gj0 z9ezGE`50F_3t!4SPlhbJfj2(upD$?fFS(On^>@$b$f)O=`GfTG{nu#26K&$(@ADrB zvPdk+3h@~Tm-_2ggwPfO$?l@i?v3H^RnB9JxwQ|EsV;-7u8jB}`7v4#Gg=w@KFn>j z%&&Z7HUI0nwh!5U4aI*}ZFlEAMeI2qJ4S1n%iy5jp9^q$Z{6B6!N%uRV%+xA+Uch; z_z`K{pR46z(c4ijD0P0bzigm~B)EE6vhhsxsy{1uM?Z!sl&7VtpPc#8^wnnbrY;5d zW#*l!st%gU--n#WvPWy=ioL#&TX>Yl8f5v;ZRqgmO-lxoE{mD6AhQD=5;Dx4mB z|0k=Nltl&+WCH)=Wl+#RunaH$kzyJ2k1RtGl*Gu_Pw;>Gh9m_4i!&ta?oM4X{`I}W z|Lj)?+Miz^`Co4&*@G`p{PBv<_q^rX7;+%_D@_C6b{GHyDF^&n`55)<*IJ2WQ8*0R zG)>??))pwADDhgWf_zS~nayFXX|eO=ih-|1l&$fo&_mNNq^ytGL3bDEGm4C3@iJAM z{KvOMHyeszwCFpE`>6{KhvxEWAbJ6saSg~2j707%w?VP!-2`~fS`b&q`=K`S{ zXQNIyObNemOO6h}eelwto6sCDg7}cVw|7VgA_GQ~<*5HM9xDKrxsEyK#pOhO?^TSP z_(B9P^W{?IES0p#S4LU6p7;B)S@$7)`^}w(R9NrnU5x(o+?DXr_%63=Vlo}K^QhV3 z9CIV^knB2YZgfd9`;Ai+Gvxx!^S+uBeYMuV3&rb{#Y+yzg0iQKq{ubTz|uU(FA zc+TyAfWmgWi+=H9)}mJ!G-IE9i7k53#TEydcLo_071zA)K*>exNB^SKSSpm4y)K!( zocF(;&Fw6a;HnT{y8-$advNUsf^f0@p2Tcp7(f$eYrIKv+e~%m$mg(aWjC^0vwbp0 zzX-(Yg0=z6om$u>SFY_Wz~;ot=hNzQzu4?BsnmvpfPfEMZtSlgz7DQ@+a#VEN4)*- zmSYhiSJ2UZzg~Sfg_WCSNy||s8PO$n%I(a?x?aL_o3_MP*CVpI7|gPjwY<<=_0L@K z#K%DETP8@)>Y_6%Ru&)e5ZF0?T6~o8{hvp#Du3LLSC!$9X|pP`I}gzj&}w?T)y@(+BN!&!bECVZgcD$2JyO!U|BW;H72!>znQxtLpeWBF4!>s z;j8){UWT6vn$0Cm=mthgh5R1u-v~&#kTAs9{n7>}@WhU9tKEsJ?TfhL)KUCseeJ~` z$4_=IYd*?5h2NKN6@ukko4OE-ZyTS%*J^e&sS)m%()FvgePvRKI>#NN>{mDM{8#2x z>f^%StmHg4wQ`Q3bU!Fjnfay$H_U~_Us`wbV%aGfRj)2wo`-_draz@7%Vhnr$j2_j5*HZ;eEV$1*eZm*21_FQ) z{?sv(1~*pu&6_#K3WeXX=fuz0pk!f6Xuv4Ar`JUKoUy^Z68h^2yxm8>&EQ4_5GGA- zLPlMpez#IMTEyHsvRo0>k9W3W%l$plt_N?%{<^I%cq(@U)G+#rLuDgSY3_`!>JV_dJVNbp)k(^sb zaJOL=e1H~q8 zqIFy8E^vwtLuQWvo{^Iu1h1PKqo97cOf{^m>gtkoJ>i}BJ3nN{UX|DD-)mmJjPD^| zROQp78sG#TLaTLAUpod}EjCWFhnc%_5U}#{B?g(3O1!4db!_v)tHb@D5_}a!a*=}6 zQ_yrxM11{M6{lm7(GhLqZVXSt3uDs8{zqD^{@%pllXUzYhWv*8Y^F~iCH6Xt!B3H@ z^&*2e0ML7kY^^cBMrTpsNgBKgL)%k?=%uNYZ2iECMhxB5)B;-QeUU`phuKDS@$BKK$8OQalg zg}1mg%HiKA@aQI}na|><8s_G@k(SW!4&PH5O*`n7n1g_7a^9d6NQ9Wn%Gubuj9ING z-#KYz*Y1^6E(cglqSsGE~Huj5|+-`_q@eCIX7cSn`YAeuE! zL$8{32K1hrUUFWSU4n_jL{%AuH7VA>75svJn8ooh%<1OJ!u3!OeV^S09HrYnt+%Lx zCTo+u{CJNlQ%721${k4ZOQ>M~+zi6Sm6aCnM$YR{y$3=v9P9Ej&l!7wnz^q$ixeKN z;6hHfT@6iv2g3e^+1<&WjG)CGp~k*YV_Z&7I`?#2!)HF%%`l1SO!Y=>46L4rKN6t` zJHt}7V@y*tLT(a4Ew(-Rid_OOKwxeE&V4MtNKcXrK;sUAV zsfB*(729v6Rpe+uv0v^uq5?QKXUF0~&_&_96k3EISR8Ug8DAS~Qn(!WzQ1);*3Do} z5J|Hq0$>Ma(%*wPi&ih(tftI_ytQ!{-2ei)qx4Bt@&ffoj`Ks%IZD!jZ8?7y&*7b@ zu-opf8SRmm^XI|nkQcjY(j8a-bWE)Dh{dR|*#G$wm^1qb9I@*SSO~2zo>50hSyg!i z!ZYMOE%-A9>3a&V2+9$f{0CN+ z@IO)rO8=4Mc}5dyLL@ZxpNz3^=4AYrk1Wb2<2e5!gz&$x^8d6V`s=2u&++$7Rouw# zi2Y{+@o%B(rbrCsh;YXi%l_S}js5FxmDpGMD0oF<*7xS09WZ5K-C`1AMQZ3?MI{@1pJxwz4C_jkKG zS*UgIQkzW-#0*1)ayVSev>Ty2F$Z~a<-`bOt|)hn)Vt)YH;LtWYp-G2#c_kB74 zp-n)G{r{?k;lGW`$D!V4L;w4$Wm?1j)m|$Klr#U+`mK@wziM6hrwv{z;*T-vkT>}M z#hl+UkAJo6@mGsUw5~JmPisNu%;3K+9GveyPm20?g!oPzMD6R(|4VKE{&PD%`cD4D z#~^IBNVj;2abN#wY3GadnZD<2{cZos6YKN+{7FRmjaB(kTdVpCf9zzxv8By_$IHK; zWB_(67%Gj%<-+20y_y3)Ca}7hO=)dRQU)%j_>(Rejk^cGr z|49pv`wy0YtYwaWuEa#F%{!I+YdSRA_~*{TB$yrzHH}Y4>}i6z5bc^S27aAs zd*{(#St@bW_D#ikJ5!Rep@sOV} z5|2qx&nZIxVx(TBn<;B7kt4(&N)%vbqFH!bwmubQs4q4NcH}#J?MXIPXsz~qn{EAE zjF}Amf&!l^LH6~X>nO5a1iVgp=U}I=^CCoPd%TEW?EQUj?0C;_{d32!gGaORrzFZO z;2$6&0tkMGROp!>J0nRnj6XX5Cm__3VNrMV67UZP05&a%D&Dp6rZy1dW> z1s?I?D)ZZ3V7~CaR^V}#6m&7G70L9D_-BF}vSIUpBs|ZXsdvmkpb3>OgMgDnvmmAd zYze8ykwW`1pei0ZDFmOyk0cz*^1id~5Z#&RZ%9G{jVUlNjmljE4h^$8x@6HJFui9R zwMMkL=hMPz+yC(7b5wg7cq##ZP z5eURg8iPrwkmQdaN=VS$gy+!-KTD8L;rw!nL4pp6w*EYrRk%TCOYazP@-l`ERyumA zv%~F;yzmzj+DNNBlF$q>0GE3r8As3xkBDfQ7Cg#DIu{RJ0P-bqrs{xR5M;f)Y^^&L zAUqEv?bLZla|AZplL^x!Br0%${h9Mc*nd_!-*cZf8i;5nTlHa>bB zTZpP8bf}Li*DXE%^ihjJAzbsZ5i*e5&~7IJn>XH zJMcC2f$6jBr}C=I73)#K10f0A4$$vxdGE3Aq%9ttD=+EI3-msrvp&w3$aVKtjZVps zgSI|J@4=krBNQLXGH4u|a12nhCg%~QLWIBeVATmezOysZZmLkjBUgR-#5XM%Ty10EKI7&!9~5zcoh33n_UKwULjN7MsCH>>y1om0 zeqsH9K2xh=h2MwXdd@$AFj3S3j>po1HIO%QQH95$Kz*F47vo7fpYYW6M-eJ&%3qZA z7=YBoJCJ^UAZ_=T;X!Yac^1#@cdkEsq7pHIP#9RNU7Yck^@GQc5!*)WJkLv)bA;ES zpv!Z$ElsEXR+Md>LcyrNw=fA*wVLBc9DYD*bu$6>w0oT44ikjbIL|zP;h;xDuW5Oc zN7dpbna}jaCP7T-n=}hoUjv{FuV-Yz6h6V2W^*?LAU7oeNMzGJ5E3;d6HtvCZ2vW~ zstfTV-zza^IENe)vl_qU5pXw4)aRuXz%MdVP)}4V2D6X_wd5&C^`4UxjtQQ;?u>=W z)>XNm{svpHqmAS@%|(Gl@55!>-^d8>f(;W*Qg>_XNIbjt-CfS}nv4*Ui@S?rhgeTr zKG{8zei3UEMim{WP(pK;sD4_nL+N%rX0v?#&)4si2yB@7W>Y$(h_pamOg~{fa&=Z6@5#?FW62(GBCVT_gbduo<`3g9Q!eKv54VF9lu*) zt5@RH`Ebq&kGd`N8DmSpX26`hV&i`-44wpc8e@%<5E$9|fMK#?EBN;+jgaAeQ)uiME{ zp*ZeR`3>*!{DYP3&1r3YU7V1osFnUeF>I}fLFzG<)BDp+l=HzNsqv;D_-vV4W$Jia z3UxJ2U<$P#V@7>-igQ7r!gi%r89Qax{p%IPK_2=DEH3Hw!u=?TvH`@GRA7qLm{u3v znf`{H0y6v^No5u?OSb5UNYl3k-VCUb?H;@-BnLd9+^ed@%p$mfbgG|?SS^FtlY^wP zKrD$Y&TSF~?3YV70nv@az3>h<)QYl3?#a9-aA88=y@ciGH9=(yOlrFSYv3 zHQ8>0F?IrY0z7micR3g0>MMVJCSD|FRWOdAXRndKb75lnG%%{$Vf) z6TUmZU|9|#exptP_|0j|FIvOiC~;sk?z%pQ_-*!eYc$^YP~~#%%hz;p1J1O(E6xwD zUHdk#ZR7Qu2C)>y=ztzH#(hWK)aGLw9J%eW<+_r4Q^tc)6-kZX--1BcJm%&~Kl6O0 zQXeZtNS8?PlNj*S`WV?PR1O6@1ahRUYY+Qt8@k>N=%`UmI)tgU?jIXr#GdCth)xI?|jA&iq%l1LkH5tJN zo#^;%&tuIO;vtszbOGZqLYV;)tDg_~pj5{EiSb_|BFGE=IU^yDXcvvrik*}`94q4$%z z0eXtb$aJs9?M8Pdb=1wbdG@O;5-}YHIrb6t>yy~ACxF%)4|eRh1SII*W9#QRJH@S6vMLSXgGKAT)RPQ}@wMXvB53w4!g$R{@W9f{wB? z?y}T96xwN*b&A4ZG0G@f5}n0rxtS4wO5)R`WCu@VEGjHpd?liy&soq^VB4atbcCR8 z#lb7J?48$~qB|zC&s-wi{8MzjB`Clk`=9m(BpAGqIF~Iz#7Pgt``KHHpkj+mI?B17ATen>V9T=r3A!-Lp|CkhVD9D* z70=IEv_TCXXe$B3t6tBOCsM+Xjjz4Dh?&$zV$9DBW9*UU56$Tesj%R!6*1d?O>!S7 zhtSJU-pRQ{w_g8YfKz|5#yyjHrOS_vZJ+(c(X<_Q@BjhRW&oxKqdUvTJO$X1=jS;J?XKSYHC3XMl1o>AEcsVbBK$xZGoSgw;!`ZtJ0#1Zbn7@ z#Urs#LyZSSa3T+Q^E;F2V{(f8Q=-R@dKXfCpTbaH4sabtsYvHTwOek|gcibpnU^l2 zO`8QR#el&p!poy07j$9-ZOVGgXD=(p7>@_|Am0_WQ2?yE(FtPkHEERup9b!UY*_AB z5e_?`= zk`n|8S%=qc>SIAJf;tQ{Q^K@nf3xAd=tEkgj3xu^BjbESgXk2&L4BAPmLc!<2e7Xs z5Su$xtvJU%xFsGp>l^?JtqwB(M(E3}H1}C;y&E?u)$lXLWvzO0lgg;Q$|khKwBODt`wf(dOwS$Vl`1ESS${fEnquK>HW%#z2sr&xhNS5tdsdpy zicbbRm)a^D-Wt$6e3w{-h@qiQ>p4Rkx|*A=Ol|s*H&Q_vFzF%^`zUX@2#;qX-0`T2 ztm);)E#oQf9RKT+oRnJGBX^EjUxTf*e1+MA_UX)>xn1KWbw~m^rus2Mseoc>$0)QW z4}#^5CgN0eJUkkgFR>zl%a+btF-@-cnhLrfaE$|cRrXDVC{*u_! zOc^IZmZ=*ZvFN5$o6C>8Ty*d7RmkoyuGOKgjFV`xs5{^|rngHk1g^XzCn)k@rmS-d zDiUl311g^KQsnD~B3*H1X4yVJJt&20whY*9m5ES@aCpi@a0H@If8@}$-5|9H!su73 zURvq0Bt#~;`bEEXi|%CvENsEf)T=hWb!P`tWA-n*QJI@M;6+_u>UdS0f3IU&M0;`8XpN<~l!TP%sCk@RH<+NW(Ly`4*D?gxI4S9F8K=gdgKhqk~7_T`UuFoewjc8aDZ;R*(E^*zWIJK6wk z7h-z->x9(-ayJydu=26fy$Z7VdeMSG(gvwHNOT8716REsHks5e(}J_(YA6O7W|-oE z4|{y4Uq&ewF4$Q6U31sDFD9H7VA<>SaxnWPKOgk>!--B8>y2UxUM#(Bk!Dd)pJAUc z@lRLQUrKzgDcZxFFI?)DEAi*`73=!#ckuLutC98*{TPY9g*z9lPBn$E_5c>ip#sc~ zc5@F8YOwlQ%QRgl%8U;QE1r!4N^`!9aEhK3vr|FwOdXvP!X^ctHQFA%&*Wv$+V08E zuJmcP)f?K%?4p1sZ;lWxxeaZ)4^re$_fw;^!EFMQa-~|=u_TR&6h3j)T-c)YLks6*TO=&({{2^%e zm!ENgggjX1$%ED9YG;y@{v3i(AKzGPk6 z+``kvAs5<64SK~39^9z6w9q0n*#3r|4cP=-#H+#vkUdy*tSSX_7Wpf=6E6@3k2?2} zddq7@?w{HG!Iz4aeV%9#W{@g%BbI?8Hxuf7ns-QLP8oG>FHohK=97&Tfd=Stdpyi) z;pW0&LLkh}N|kE)tj%n0fRzSX_gJ!tk-j#*pF3_+a7VL1C@b z8LcLD!)-PAfzgvG)I&~&6Ae!20w9Zn=jfsREnsSew>l)UZui_T=%~)~TW8C>Y?sS$ zDj~=mys3828@_FLB8rx4Rn)oWtG&*<xGpgI5DZkg$&|f_TxMxhHPLh1!AYw~M!e7$TSbYmqR&mm`Wc5q zPDI$_o`(=ZB5b)wz&Kj%qw0C>5wyvyBQF%{^AdbBauE8qsdfT$4JfBL&?po1l|2#i zEn^?OMh2fMv<{!4F!o|Jab4w;13y1eraO@xb^k>)0;sbgP78pz5e9z zfi8OO*3@yAub2z(p_)xE!qqko{KSXth|W|kZYaGu+jxL0U3p!vs6@5nbD(4%&|P60 zAC~eH=fJo72Q5Up@~qW>y`-p~fVjOj8LnlS=N9sim-Cx)>-x)a1U+%U)aQsYXZ^&J z9{SVqBfkaP;DMX?jdF$iTANZgpPx6lrvSCnuZt9I6_m5&%F!zFc21o4Mc!dFOl*#@ zbYJgvzZ5?LHKmsSeC>~!ym$}z%rpi9{-;gdP9v=TF&fs4nb`}_00w0OgYZqp(V#zN zk76l73vMe(kf6un*+#Sam}k!^p#s@Nv0_JhUMaaSOV;y+cK4F`@n|=Z9L9GOx!CYB z7D;nn>StJHH!vJY`#Kuu-fLszZ+cz7#mRX`>ZV-P&E-s23rNTT9-f~-taw7yh%4~V zcheTL#h7eSQ_&YIvA99ksaF6;oKiK09Y=gDO)x&dD!c56@EWmY`yInNY}41zy5fGh zJ7bCvsYjvdwHRmU7b?t)%l$f1k0%KBU_E82E7D-8G)K#+>;XnG7ofjj4Qw z43EaLC+V~>k21mD8L<5%M*>Itf^Tr<&<)n7IscUSr4u4RI07!abL7+PW5}4VUdcTB z7&t~h9YY$AkiKeR{VGwP4C&}@VscHq{9xN=5$U*Sa1PBMELAePy8t~v!oL~bK9IB@ zM>%q{+`B3@DMuX7iP=kPD!-aqBXh#Epzt^2FT6Y~Z8=@8;HpMhxPp$r|C_b0XQb{f3`f2*9vgmnR!MRd^a8bbjDxa@n-qBJ1mU(XpvNa1PW1 zsaVl6hK)j9pjsu`tJCP``DNhaXM9d7{^1sDm=i2zqu= zc5utv>-}2Zg^;}9S}5N`n!#mi$R=CqbuW1;moM3?=yKKhb@Fz*x}8XuI@RZe8xWR) z<9zteujCWnG{Lqft#9edBYP&ywN}MPR%2 QEdOKsfLFvygj7dcSY!pHR3)j%%Oz zT;lPT8DbIu3f+%6ru7+MbhWH7T+L*(_;kjruj|C`s|r+m&@_j7O_wy7TU+FLy!j5j zuIv!1c>*P20i^9dq|S70q`- zf5N&HLFAB%KVGv0QrY_*y6#F7oTP_Z^xQ4G?&wxlpTA)r#HuUeRW#q|`bbpkwGpAOp5o{oyPR&j8z1D7JSWW>LX?^=~_?0Ch# z$&(@IFaVf1;3Eg0BA-ul`M0Mm2M-iZC&~*FWW3L?6Q~RvlWvci&%tL!%oFLx&yEKb zvy0i3fDi&&29nBHua9O+`KB(BH`8tNe{gXM|NN zN*(Bt+8`TZiMS7%$bRSkSF#|F6+^vEsS1D>q?E0tW@zMDU%8^K@7_m(Cne6ee}S!0>l6AQ{VbO-a7?o-B{ zgSGozJB;G5u5b2qOstaMx1b9BhL;jvc_Jeloq^!(XRsVt#U$c>`^~X^!CTNzbO~); z&njj)u{W#w`vBcUuXzly9>GbF#ue#zXL|mXHiO)~^ikHn+`sMi2@weY1Sv$%TRQCx zs1z$>u65t2MQzSdcnllkq9F9y`V(|dm8j{b3g@p`XWmHrs+^bDO;%&DaqhT*p)ptw z&tTo;$Oub*%tK+%Hb^>p_E`tcvkY3k#|MV$EXQk*nfo6g?M?rxhp_7M;h6<_C;&&p z`Y;o!=u)0IC7opsM>78^t6<)~60S!vHr*knE4W}ea##oM61tr=@x5aI70;KuxuxQ7(IAsUpVIo^+mdnL8!%YM+>gn}=j4wO&- zcxpMf975a_+6!hoOt5KT!&JtR2*oOQk)W94Rq@>Nbv&Y0 zt^SB^@&q$>;-n;)`SZufaUdT!=kz5`Og{iQlnR!2*%pt2I8sS;Qba?4S!?{n#bkzN zSM$P{@D#}}30r?*Z%_!wVpJ~Dyk~p9c#lTF$bt%}U1M{kJN{F5~0lMNRhMLnLd#k=hdbR z+?l+t{PjY2ec*5-`T9K@sJ0~s9TY^sAA@E~7WdoD*W3NA>p*Le+QuZ_F_Dz{5x-0T_?+bMOqPmF zcJoh_Ppu|een3i<+YfikY6y*MGLNt`T{%RxWgh#cP>?bd&}&dz-T9hD%w$DUEmsNP zSAu(v_n~S)8^Es4n)JaK zPDn9N2L9DF^W(IK{wtq5SWD<`K}@HaGRVG z9>xh#z-A7(QEd)^oY$bW^b<3IGEIvb^54dKL@m4i-u!`_@?;?Il$FM*b6fZ0YWyJd zWqT3hB%H~#Y(2etLQlEIywSO>tJTcSfnq`ArK(`QiMQeB?6v7em(L*Wb&(8vO7Zo>y3{r=uGHn8+Wwmjr8tljafAsWcNrfM?8o~Q zdG`FQ>oc3yBna;)oPs3O^b6~?e7#-KyQ5ovJeJeMDljVS6`E6b#NXbSy;RbVVa^n& zG{h5~XCMbrZlU^3c@PL8syS`N$AEt8_8|Myepgw)#PW+JFZ)l4mxH`tR( ziS&w&3U&jTUeZ54|EV~XnFx0lSdUfnM!0Py!(d7h`z?*rKteEMjBoNcj_p^x>UfA7 zY1T&M2m?tb_Z8654*~T6VeQO`cikR9c`n-wjRr7vuj)7eFixe#HkX_SnO0QChw;!~ z*-WDDRY3UAgVSN*Nk12IKw)Km%qh$_((?u0o;w|H3df17AC6jbYyUeCo;o5@J&X<{ z%MUUiy0v3NFIOk+SIaB>=^can>h8Ppr#6nBZ(Q>+!^ETL^T=BSV#YcrphZ-wyl?{$ zYMa1{7Adj^YL&s*q0c+wxay~EhRmgnP?avZE3dhZtlEnf=xC_~fcJU^Of*iyCkBWF zqJEgQjQ-(zx4wk_x*RDiwLU8j$o%z(VBjLjen_jWP}ulHpR;#901?Q1w*lfaBNR+k zOHL;HEm1@Oo{S8kff7~41}`wJ185jtzrPcn_iIfBt3wO}3Q#O85uj0_!^92%7O*Vv zsSgEUxrxV!t_^_O#Ty92X&SHGa-tQNKFOgJ!v>W}WLN|x8Xax_J= z-D}laS}$Fi(k1355e%C_gdwgH5k~4+xJEj1w?IrT;-;X!#!~h(iC7fKd7$MS+$Gl0hhz;{RLnuYGr?5&GZ% z<6m3x{vXi)+e(r2pSqCiU$yfz$M5Dpg&%Cl$U&&T9n1c9$qe~Q7)MI^`@bLzy%$J! z;&1!V*j^NJ2X7-bVG)V zgL-zP`Hp=9cYC{iW8a#=AA0?*djD6I$G@sR{=53%-&Ugk{ru00aP5|>|6CysCeMGb zt`B(VEAz(jdg#h%&{GRuQ^x6)@pQZHMxf!!h{pbH*C78@Ec|^zn#&_*`$f%GzyC)y z2unAAtIq#ft==oV{omCPe^nd*UJZfdNVeyXzNd&XzW2jSw>#eZA9^cqf7ffFfu*Be z7c8`AxBlPv{a;qW%m1npsiT2{at>_%zf@rSQwcKI?Y~!nWUo|9S?rBXcEqB7#KG17 zv)W(M58Xkpe`5MyRWJWmrSN}WNy1DiVjme?AOBTR@;~>RF;xU&)A`yI5dttRNC0{;lJt-`Cs=u&F){@ zb-d%`r7*R=&-GswQQv>7Y^dIG+jWPY{5Ox^za!b*{V!D=KL5A-?ktB#3H0|H=w#Ch%x)0Z9l-~pNga#JPj7SjQ)F>+;o}l1ewl% zZui0dSD*hXq=diiM(Y1J*S_P6#{+ez@AJOTIsa4f|N3|33mV`5+Ggav*W-0LEAzeZeWJJB2!5aajn}{W>v|yW1laTT`OOdi->QB3 zziJ=Y5bY*zJv3&)cb-J3=2ob|Wn0whnBjofJ4Z32^{&YMp1Sz`e^l*bw00K_5oC(r z?VWqD$%3fKeGx5?AJg^T-|_I<7NiF}sB=vBuQB<{%h}3?eoO+aPWk^I@Bcql@YHkm z7t68xt9tvV;>&~m>wjRtaLs>JJ$4v_<{-5HRED)+6Cq0fmt*lemj5{q@Z|s3xc+CG zV?MaVxX#i4c8zhwqm4wN(tm@zPygoV|ES9Q zcRcv3x{kn+|6N7&hs*6hulx6E!oR=&dzE6J4u9h*zZ`=<<{Q(O=yn7ASB1rB!c>u-kn4vf zfP;?(=$eKDZ1gHyp11j_>nrmTC?>N^u}yS;IoXY8h-L5 zL27G;kuJHRtMz(r&N%B>8 z3jq4Yr9%;UM-?-)v8+^3`3grJfTWp(x3Wd?_K-=O7`GUCB3T()x^s0=e-&mMXrkgT zRygi@0su>oq1Vcygd73kRDOzm_$fmr1{TZcXQXka?DuBp>00+2kP!aUQ_#ZtAyq4W z1iaE1DBI#-5*TtzDgg=U>*}{Y1w0#9x2h(ZAJp%x_0~GuZ7T7_13&8+{d_EkViRrU zRG?OEXW9>H9HC=MCOm*b%Z)DmOe8jLE=sxR%}`;Xc|swnpnEUFQuDTj@>zcx%bzc5 zJdH5q$m(z%*&sS+N1>XtHy7(B;u0}r20?d_9Q{P zHu(b?)XYtJnjSl>%Ka&QEop6m9YhQjk{6`&!V8uHAyw6Ai0Sx7BW2J8Z{!^?X*MnJ zsAUTnq4F1G{wvSVvjD(CdCq`V;6thmi1<|@2AQbfq{#B_T*(D27a#n};vnSTC!4Kk05BE zhNo@N{S_6gB>k#RzxB0+*$a+FCuXs=PyAAKiTTcex}o@G2pTm!5(&QiwEvP-1 zoN)DYwyZT1KZsT(z$fF?y+71LBQdg^zpVxf<2_1s}99{N-pao~t zr*)PG@-QuszG7<=k1UTq$MEY$6-IMhDlEcZ+r+hHuD{`QHrZz;@SR*0F~HmPC+q&V z)ah0a?#iw4)q!(S6?Qs)a}wGbv6|)lm#rI08$E)J{eo^%J@cI8rv8n82pUnw(VqdZ9sU~)%IX@_@G&^Ac2P?s#@saFHsROEEmQuZ_Qh7)AQtZ z>I1DmS2lko_Ci}X3abi11)CMyZ$bEF!7w@@i)nH@c6I2nv z$NV9xoAP>9dKBk<{VSsH$v&bb|$&uLrv`T z0xc0Q(B^%zUz{~rslUEOJv4VA8M^noA2~P3Tsk-*&Stci*QX`>xKq(OHhc78rpK+! z=ag>@yy!y2y&p61$BxSMn0S-XFkN~}Vcd+{`7FY2Ob z7%`OAvQ|jFZ8EkH{rQBk4?A}8hcM415;|8m3izAzk+ggihF`8RwKdpvZSnpD6`B#! z4r$MehEx*3jueygCftU00Wq!XmD|f>@$=fnGlB+;m*S)=s4Tn&%L7~HC7}7w#qQtbApD~R-^*QM z(Y2;35H6_H?^Q3%K&Sa9t(S7^eyS;CIRYv@pU3+*QK~mlmse&4d_!U3v_tXqg6BnwF*oIc(@BBa# zI=fKP)6nKN_3j9LqNO$Lw=dO8=BC9zq5^qY65zx0j!A(tgNF$?yk!q6_dWI_lb>s} zF$qCX)IiaqCq|o<DvG1Ue|mBE>0w*9D9S z>49X_XCfhIIM#;2mPfeNtLrY>HO%+h)m18CuDE~oKkV+n=<;?R_iu35G0fzFPazL9 zRA6ixihrN%OzL5|e5(&Ze~q?E3H|_%db9_@rvIkvNg;0mc_Xh-4+Bqoap@NpHUm1lf*&;T*$uY z=P(L6Ui7C2Jey7=z^r`;yj=0idz2=p1QQcR$Z9V~S%Sc5vKV?Y0~*O#NG);@g1xr=Z zO6Q~tS&@X$0dCzC!XOt>z<05S1H>H|yXkrN>tJt@mSo)ky(VIITSMytrI>=KU|CXb z`I(xMtHr!0;u^IO;EGl-7^23;t?ghR%@ejfR`UAIp|1biO8sxEE`JKyS5RrIo8X(a zpB<5Ze+9taxmE(C|04B#Ec1R zOu2)W%On}rHsYcIUwJYZLOra<_ZO(dz5g7AM)F-jkRYi$)2FtEVGPPWr=Fs(TtI3i~R01by^>qK!ea-w7?wH zfp0$niu_o;yAa$G?s_?A^{!d}6|?HM@Mgd6^Cx`Ol4ms4lsn;PFe4TdCRFmj?N?Q% zCN#Jhs>AvcZXcO~^@Vx38UNZeD9WxU}udAY4f2&lq)#m6gqV=gLihhB4nRt>1v!K%}oA^eeDr`iUi4Mpi|u3 zZSLbJO)*Op+0F`>lOs1N@E-o;hf%l7^{MNmSxZEH7kTi0!GLbhj-3@QVJWOT>POfug*dkIZ!lpd;cH79!ib%7$S&ruKi zeHbdI=a=j}$iV}{Ka$E}c0nLUiD?5>iC;)Rm&)TL{CZLkO#!spnd(!+Y>k8m>{}P^ zN%qzjBYW~Ap9ov+-?cz6b9|{zV`D$?E0u`G4uKUPI|Oh z9aeStR$A5Z5Mu^R|n7nS5YJMRMZCAgO=GDCL7#>2YU~1$97@mu_QF zKxZ`cwdK{czsp<4WUWBu(Z_^2x#tX#h-8n*Ay^Qg-6|u;Kn&AQK?tvPxR$XlFESXK zyz;-xvj*!GAy!aJLXd1-;F#dUW9xsmO$V`^KC*rr2jJASm$v3~pF4vUB>($N-_33O zAdB(NG4@U&^=E9=gCkG{6%U!aUh`5I#X;AnQPS>d?(eT|>!&isq3EAXjuv;xo|)oX zUhraVo|r@AFG>*)O2Tdo`#()#A4E-3_jyK<*VL9~~nj+9i2y$DIlV-Nngq-z_``sIb3`su|6+*)@lysmM1g(E;rXH#5!;~&RgNYT2hxOv*qFs6A=}K85 zq%`(U9)$+hv*1l#O!X)OyVL;|LG?BB>ty))t!-oba!3(|MTZOezPMX5A)b=#@>EdK z!IaVFtHHEnx!y~*sy+p(}anE9w)Hx)c=`>~|_aU62YQSQ!Tp-xR z+AGD;WkW?gDBm$ePPo^JVzBHFvz*?}rDq832e{dZ0H>peo8RfB_a+H9MUDbSg#ixB zKSmbGPF(#!-qG-Em_{3mIyuJgfa~rLk#4FO2*8%=Mj+>yd46m-Gf4GAGl3nL`oW|q zy)&N+YX>BqS*XoF!3||nn$;NJAz_SCz+A1#nioy{Xaoo;QjiGkmwa>gMNI?|THcIp ze;B^t5cuGeb^4TSAqUObvWT&=;%PS!^D|d#=g3sa=0Z9lh~-3Rm4{ky?YwdEe_opTRCqVA5@8tP%^u5J@07RQJu35ny9r1WhDe$hZhzN^wmX)~R% zK%odhv7s8Vk@TUNG1^8_T_u^VY0^QD1)v3L@#@>3x7Tw3(+GMb_G@CNXrCyf#n$?b zKWAU1QPJPa*-Z-kJ?gQoW!CfEl_}8}DlvGh@;Ey85ZB>2iK_8pd$-CUMn+fT6yLO= zkNU{+h3vNuCAvia>MAu@=qIAw z2U_(67zzzs+JnDIR~fJmmQ1xNWm;a8Xkd?k@f$V_Sip!#BGjE7 z-MFOlz>2}5poFU<$;MV&BvdZdDIVJNave?`JSa4iSDEbFaXLBDVG6#ek+@4 zR9j5vogOZyF4Q>-s45})Lr@1W&&-@dgZ*49G#2MRNq1Rd!bd}Vh2#?iZ!Y-dSkhJj z1+r&E2$8YwsT5Mz>Rz`2#}YJN52ak5BM_D&4~|0gj_l&cBU(qS&M{iqSLi`pgXPo9 zKti+B&ap38oq*^OR?Ci@+!3tLB{~O>Tnta}^G5-p5=Fdmi7_KIRowQIt$_vz^!LkO zLq__uRCTTWVQR%S3RQ&Z;p_HVn!MM)er=6999Vf3T zF{^91SoMvxEcM6(Zx04@vwZVMAY&<~ovW;hAB($1-pm)~QYdn{0epj}R* z!5F{-xX*a)>FQq~*0Hdgo*UYA$n#aPIiN!9vcrCL`% z?k&7bsOHWO;w9U1=_R&=AC+%8%1|}30#Jj=6e`)k^t6EXS&J!i&{KgK&Aqv64SLGl zJ&eR%!b2enTnNj`V+9{q@|}p?&H3tEs@7y~eH@JFF`k|ATL9%WIps3Z_5_VcbXu&DzFr3A!RBsSZQx))3Zo2Qn?A zoA2Agv!@`;l<9~aln3bJrgdo~w;#4DMN^(`##vnvSrrloXf5@TgkR_4$c~#dqOPV4 zd#nw|x+`+;Lb>Hx_t5=J;fRozpiks5^=*_n38`a1)(T~IMiLUp+bTI@$Fm~&qdHMp zxJq#Eiv9-$_DYNivB~8bp@&H^AG$(0tHCLh|GWw*dUYo4kljGT%O$?VeKKS?woy+t zHG%FM&ZQwmdf4}u@BTSv)pso#d)t6 z2|{hiKnF0wy5ZOxtUb~%&kIEshZAM> z!8QjdHy$o_yjsoK7a2lJ`Z<|`droU`?cad)7HPqn3<$wo{{$>BkF>^*^KVr*`z;Yh z->e=&xsJzSch%M;9M&bw(LWa}5p@H>5j=%pm=%K+@rw%!BaE9_|n=bqU+#56>TpB}^d z9%Crrf;fmeHX!N2(Qu)1A1$Byr2Fwv<~;Z)3Lt*&u|mj!WVI?h4P^g>?q;|o&kE)b ziJ@yMZR<%_i5E%RU|@7u;m~jKc#xxoc#Z$7u{7s{UtNdvFJN9gQnum87q&)OR0^q% z6}UE-`UqTgonzd4BwfM-o`{|O(#Ch}nk($6B-qJ0uJA#H?~T9`;Bzf#jT#^GpqJCk zZlq2TE~BkZjw*0+q=?e7`qBT2KLZlWjMdXn-F`@_Y%3#_l+pl&mrX?h>ha- z((b7hddG6`Z6hzfs*?hdJwYukQNk+GYUXg=P@En`YeB}E=QrmQ0C%Slh}@P3jE)eN zY9xIyiI!n~C81SLm*OJ5r(zK!u}T|Nn@Vushu^+I(DaK`SVkgfLfb!|@|wPz_*@13s&sGp;E;F5XL z@)WdRf1&PbdL8mI-b~_Sky4o&a1a;wzoQ)I4*KG(h(oIfIr}#xO;9~wr~A#W6tC6w ztJayc8LE+gLg9pd`w?`kUv2&;ZRCrnUxNH9!7X&saZ*+B8bi3P5|l@tF~ylxJZR~) za-E6$eZ4iIhnE_*yteyqg^4S>I<<(BBJsP%=9PmMBRId_D?|g@Pa!3A)!#yzKZG7hU6pi5nz2WCQxNf-@Nc_i%f4`UJ<8;nQ-V@18E1(*m2rehBuxQexI9Fi`~pfM+r%dUOcs7yFJ)V_cs?^A%MXeC zX7yG)zZ@J=iPN$Zjha>d7MI24U;iYLIVz=$gq_!65)XH#05hKyJR?Fs#Z55+UP17= z1)!E%W5_qt_SickK!upUxPAu!ZxK=IiQk-VS(%ss8*RF}dn{PsuDf4L3OX;ky?T6( zy|8N4?c1nA-BF)?riD7=ag>Q95ZJba^Iz4S(3tv4i^Y%d>~kmdR~P*)$wUW%j>c3p ze2KI6yQX;-+;kop1#5HyX^}a?Net%B9a3>5XK}{~npf8^*Y!qgLec#GfUQus@pp{X z`?bM+^?h+5XflSvp`63O+3Rd?BA}P-3&4OX?nAW?*$VPEH>VfJCsjdz!M1Em19mEe zk^8(KaW=4&+F+F&WP3gcx9tAH*uSCtZhrl%^@+55BiE-Nq}@G#HBIw}Zs+kST0J`` zqL6#&vZRqqQH^vFZI%7?{uW>2e3jaM12XiylHA`nkRyGw^6N^(+ttNBQcX*P-JhbX zvq6icM8<%9I6F*YfSg8YLzouHmr<|r7Ch|&Z|XFFuF(c1IJRrE_U{fhf+jgPjupUt z4Vx1NG0Nv1WgV8s^i|?tW%v~qo^Vv>JQN?rKjoHvc>F$~fI2a2gkr}dS-a^;?n7%0 zLNDY8!28ndQTd=bbVmA6p<>yL$|Bx8#$`P0W)LQp#aKjmO#ccg-7H8H%E+F#gbbBc z$BQvPJb{&s<{Mi}`Jh6r_D(tQwT;9$LSt`h?00*K@ACduq9_?~qcX%|bys#h73f>a zY5nz+4&kAxyt#b*;MBG#evhD)X@5a9wS`PK4EHu@@LB!<;Q6{uWSflwo1dy=jtoUb z>Xq#4%3|pG<2p4E$lJcu^FEMd&6sav-;sz2^WQT_n_?)hT3BEl|8@M5wzJB@mjiu4 z>2;qpeC4;JmYnz#@oTrHjn$GgX$1$r$5`wIGF^sgY%$#m#k^qgo1_-n-E}e*IN|w( z+YKMq&eKq29*A7cPuJ_Hz<##x9fPzL#6enKka+UM(O*e~6O z(W3g-zbbZ!`*x12rX9sif~S5%azmR_(&lD37=ce6{qbX?gd9(}F0n2tU24R&Nv$6Q zwL!WQO%eBt?HUPuwaU3WQ4RLxcl!m}pzp*#czl?=<+uHizmm>W=*pPibiHR&J)pXw zm2*npFRSi7+(?4p1wX3xwZT#y@31D)f!6Am-i~8{L@mNO_hcCt(m8p8IB=H6B@C>! zCFGJHeiVh?rlS+&j43)1+jh%jLJv^i#^_gp6|G(oZpNzvGL<+vtXZ|kFsl*L?s4f> zP41)kPS|K$f;JvIufB%J-zKp9yLGN+Cz-v^occn|{uKZn4(`DBl653y{?>2QaIYFs zixk@BZ}Yr^AR=sky5?AfN%K{OUrseYa{|^9-M-aO$OOajI0ED77N`X{ z1e2W{Kh%wL*b|XvHJ77SPvP`ffmAOV35h3K|M=Vr<($U!98b$YcSZbfhq6Ww%L02N zKdw9kh=2wgPq1>ou1_G!XEK3MDY_)mGX>?s-1LK-Z_+7vF`3FSEFeUSg|&OQ;g*nL zdbHmSo`8QphmJ-(!S&w`$ftcR)26AN0k@pxcBmp$3Et>R8_7CFN5<}Ybv^i{F74`m zW50!MF2vdL`Xr#42QC3*oH7vo3qzO?`GEbVy;;OdwCaNuR$Ht%p8`O3xM4zPr#id* zi2y_^$#I8c_7%~+P?@*^kjY{`aDKWdTAGcs(AF%f-E zw4Gvn-g(I^c^$4mQm59(QSFbFyuTZmv~Ne^GMhy1FTB$DF69psr?=C;ij_)^^`}lq zVZch^*^QeC;RhiOa`aFKG_qV6hZXUWL|#^VIW48!PfwI$pPzbi9u*gwtOP$h@SBC4 zHYp!=sXk5f;-hvZ1tZpn&~(tLw)#uW;I`J$Jwq47-X;%|PhGu6Qy-0heIL*d!5<+p zZJ5`DO~C#sQD>(89q~mrBOSk;*q~c7;0EP-_*_lwCKYsg#q1@Quh$F0CAq02L_*zp zu=3Lb_tu~D&+?H0baRsLUkMA&C0Vwrs^aX3;fnw#_^4|RfkS{vK;C$d*U6U5=ZSjR zh>Z%TL)`o7W}QSK%w5=l^e}*87a|6M&Tj1u7VDHIGymfME6y-d=y&`Q9!viwQ^+#< zrLQ6Woe(5zMGe$TzGd2R-_=J5qkga118CcweX;h{8LEv)=TbY;a0NRs20KRZV7q33 zp-gw&?Yyf#%+ZeWCI>$H8$9QRUR)}g@>0auAH#nIkQTMPfgUng6d{+Dyi8|a}AbB|H~n%JauDFh-p zf(x^1rH?KBKF&*5;?G25dTF>SohXqioY?X{jzU0|u!ny@Q& z$+UdF`Bb(g?n6$rH=3M0XT5kDD{>?3H+u9NR-kQwcf+j>`vsPOTakeJ>h(+4e@HqQ z1!JjSXO)4=qp@`n5O5rA%Si5V-?)#9i?W;ymHbs@!m-^vovr&`!MWJ&f?7*LtxL4l&-4uNdoo_|rzHEJ@TRga z6_;@}4^RN;Y5v5wc|8PXL zfbc%Vmy3dc(W*bKprT19E!wf4wNYg|gv-;C!-9RDh}lqng~43xBPAN@j3J#@ zN0q_Az8Wd5wRViBtLX@BQFwkp-F=G!vi&4b-`5dkr-`{XXOC$S3x(QE6{^1V;;;vXbFjt%+Q8lvC&ysuq7D;De(UbaZESGkHNjm1J#~Ja+caNcCnm+CsTK|9$m1 z0}HO;#eEF9|J%>ma!@GsotTY0wSAMOM)ipYr z#UGFADpveCMDWgV5UmRpM*NU+bu$(`*@uwEa*!cPJF<1XI*C2P_K#V9) zzf^gD4;A?RMyDHnY(zr1X$E`bF*haRgax?F2*Jj#ncH&681B|lU$4_~2W#0J@H12g ziZy0ayq@5MzkqtM3Wx%`QK`Z36TU?|d{}4Um@!M~=Q`b$Q)@ia8^g24$h#pP-ukwF z2}%19P_{E0`!qvQYF4EkeT@X|-+K1kIZtQKYXu$|j8sX=Z+^4=J)%g_^e-|%a}qtU z)dYLqKaeLhz@P@Ee3Rxd7Nh%M0Kh;%A^|l%qcA*V;PMOZ*i34H4A@5dZ-FCvrDy50>E8s8gQ z6c0GjUsIj5#4>TOC3BmzB%kwl(qBM=PIf2uyA;l1xznIGb#*c)T%Yi2@1Eaq$^6@w z`E{wI4YEi5Q}GSq*@>dDjM>i5uDy96ym=s1J<}NN4aR27ln^shu)pml(ct!6Wwa29AC0d)@Mt(`6{-t zR}8^Igu&T6bN@6;OOL4tSgE0Kxk`9yw%N|Nf;cdRD@C$MepjKb40`SR{-b@j^#Q!D z&NP-}^qYvHE^MGM+V0UV@vm&$__ynD_rYI=HtH%J_Kp_L{6m*pOt&LL9`7`&l{I9{ z*DH$`B)I?u+D=@=D6POoZ@-wXlI7oSaDa#tB^?Zg!~du;;KEg_}?8Chtqh20o=5cKrXIDfvR zoov8L?ljLW&0^Q2SVFL}F5}J|p7Z!QVdnIznNMD$Nm=QCURXIfkoXK{D#9oiVshaw z8snV}IAoi%mjVJ^li*`qy|_AO*1O6sujaq!y+6hgNBfV#$Y@QbB2U(=>c8;ng+qa` z?Q$($gyX@cQQ3ECgd_yD-kBUxC}K6o*FXy(YWq7&Dv`>+3KH!JB*P>H8yk2pzX)ri z2&t6rWEA>~68TgYqe=m{x(IvtAkcPdX6P9ptwqC30-%mJBMGDUE`*|8rAXt0{Uukj zOYcw#TM-c^U^eQoaBN)ep7_lw4Sd~@-1XPdb3P#c?JI_$Ereuf4&LMbw}Yp1ktLX4 zxBS|sr8&T`@l9Vec4bm{igeQs2(D~n6asV=vfAcR7HPO?z1%} z;R{~$f;)yj`}TH8kr&V3H*HSRtOu7=15_cKG4LjM;3%so(osa%qheIBW^LOO8=Ow)s}9@^Qy6tiL#m$dFD)Ia zH;fjoHP`E`+QiU*!{r@kdB)D4+CA_``M7ago>b8^y8SP+KAJ^Fy^U)C4am) zQSlH1&-vaMpY@v=C3A!^b3L>rbuxO>Q~rVHIO61h5a=VE#*kfJH&&EAq{ zdF2sggQT|u$j%rMl6UAov!#F=@uU3a7CL)eq9rSYIz&8p#mX3UIN0M^ic#_v1Vj8` z=xuNDf+~X=Ge4i|cy$68tY4fO3Fbo$$+JjMiyuvW&^FQ;Cw>T z<{~pr8Bx-OVnN~ISV$9orBA`1iA1sQ^=4pd)_?1)se%tp_i~O6hK(pgnZMI)*0>Rz zV4ybxRu|MoU@%f1uGnfnq7y6H+7Sw*?ytHaQ8mwvX)I6~ocB)?;Q6aV z9?2=_TnBnXI&6$u0XZz^B}fGR$2&9{hoe_Z^pgR~c#j4O z;(^}SWE{jAzps8-E4^U>fme>{SNFQ=HaY$nXFqZ4Dwps0Km&zKUw%h|y|i=s6<8<~ z=`Uu&#bpdhjk5kZwr4m`jo*|569zrJYeUM@fBeG=pPbewAGG-$B4A88QVXK?b2iEPeC-~DCkO;o9FW{dS3eRX8Wy%7FJr>-^B zi$M=`^pOj~cS0?ZBp6=|mi#^*WgiC;q|1Mw9J0;p6{%p5J1o+u`KMe?Wy~D2iDIk(ML@d0(nxG|>U?{ZUme}VeR)^(XN~)@_G_cQSO(ol`jS8=8Tm{p$g_L6 zT%EA65jjFpu%tQs0`4Vou$&mRG-KXIrnI)p44%g}Y1=%R zT>AaWL2RTBw?l*o<<=YT(mKk`YX=S>4Cb9yn*rJv*Yb_`D4~Bt)kI+hgk&khL^!{*5ya`m4n=)YZ^fkI40ehElgN!WsCHnlUHfz5(+7eT^Pf znxS>fLwY08s13_eKt@mO%QE%>J!gpqC*riekH^cW~l=`aXBx zH4bSoKKQR^qPTTA_f;tVjWbHkNXnX+LT-t>DO>DLaz**FSQUx-Ta(AMcr{k|9@oP9p)@S1W{cTQ%& zxXzdB?@5GZaJ&>p`+r^u&SmwpE)IJYv+%^n(1~oq$>O$}^CEIboHfv^*g`8Q^XQBw zEtmxcSE?++@4%`B4g0*2gnKz=ejHmm7#|-^91z?JdlN*#(;jtIW`36Ts!a!hc5>6V zH*RBt=gyiXcsr_G8B1)z(K~$XMmln{`<% zff28c6Iwbs=BzQ6#Az_z21~M~Cp&Kt-0UST&w}OYwAIQoF2ALKlBSQ?qYiqWf6JL; z@R;<8fuUv&sl_Sc5MqjDe3AlV&FMqaT&_0d2hJJ?E zy>-y2`W@mIM(6?989H6IT0ysvaT%%AIGWM1#D9$$UGp&v9=p!;!R^2s3F}W2+x7U* zJ`&lJxvDYSzC#$M4jqjIXvG#-uTC`TMGRctgNWeTx66xwVfk9Cx)BW(?Klft85MuL zu1!LT(XS|P;@AUyc#!KLx}N;y9%W+9@`o8s^)@9qadowto4m$x+I@nVZybGXRh$;# zC?Dpct3dh1nMjx5Qi*Ggetn8q@LQe!t}R2veRw`;Jbr&=QaK;%_GfZojy?~#9JB4y zhWb6({qNE{G2|a6^ejKb>K**=Ocn1YZ6a8JCfR~r4|G~cCCQJ)hDLNP?7!NUJ>HT@ zm|x)^(_Z8@;#HCetfJO)?DSqAq{;wKV5Ac(!8gHCG)CQLlX<)bF^FxNSF{ZQY&Y?% z>EVNBXycQrc#k10$@7F_&xpn17nLseZ&+I);jBJRE@-jpW;X~h&Qdbn+)PIO;_swQ z5!X#bo$UElhl!e<@#^pSJ!a{8BKD^zq*p9OHWg!pFJ)izrR}|>Lg;Ip@SnG`70T~i z&i5@|`OVOchc0m37bxb~9rjU6uHtS>MXquEdAgQ9$I7BYqNtH~v_v=C)?Co5!aePJ(F+42@4JVY6i>tk*xey4pI@4JC#fC9~3dn9Bs zFl@f=QDuPLdj7&-w7G+k1eNG7R^Q=<;FZ6%*YcxY3UJ2m;%}G_*!It!%a~8OT0BV1 zZIl4NDx&?=6&VC--h944Cu+58cxNGo^eXReme2~+$AiG={Pe^8rn1kKn_pxa;(zWD zB1GNS^#0R-+_C|t7BKVZojhv#XOfh;`VuB6`@n-GyOdC(6w9v8Q&S96-sz$;xx1AD3GHKF9GTiB~{v z>e~T2>6U3k%tI|4_p~(ai24p=cA`LXSho^7;mvWowtOM;X$*SGBOPiIepoK#3WWbA zRJ6t{u|dLc$WzB89uCtZ(TOg><9!NvHlCa%is8(Fa428gm+PtmE#}78 zJj#A-JX)-mDpvx3=GW+~u+AEd=`Ji$W{meEV+Hl68Mz7$Ya23cyVcZ=cS5RiA88c%@pd^i^Q~ z`gVApXn%#J=MtF}ey{7{5s3D#yVMSrX)klySjGH=dOlIiX9W(Eps^PKK{2#W`-jO? ztWq4aqj8?7n4H>dRTDsj0yN54;m}Q}2MyW-_hYsxNo>f{lJm44Fg0oh&3-2MxY~ilIq<2) z(uQ_EdcNtGB2Ee8ZW_yTc6T&a&2d8nukPW2mS+Z%UH!Sx&PHu8Z>iw{m3y=ag@x7_ zQ*`Wa>0RHSJ05hTlS*O*f|b|S4?;UZ4n;+_wNm59%+O@`Bdi&KGFop^Zuiy;<2v{K9+jf+7$*gr4z>oW1(P zA9HWe9q8s48{Zls+9I=*t6vzJKNusbQHxcF6CTYMsmPeF=yYQwl2fP|ix&+P_IUYt zoTS8u@-&*qiPXQ_r3lgI5~|?qvLNP@W7u(sIJ-oFWosmM1iN)bkhO4Fw5L?7tKOD^ z*qUKfkwZko!~VS}BgQpTO*BN>H>Oy-`^BUwwhEHHxnV8X*MBAvLBV8j)oAN2E80YE zyCgp=vA|*pAq5=GZ;2P18uTby61BEN6d3otbKj@GybgMbH7PfJd4z>q^&Xn}0hPT# zF7oKXk2hWBR*u9j>Sk!*zId2z$2g@|&$GvLY!f-fT!T-jCBV?ga5dxSBvb8@PwxyO zZPYEM+B=YL2Zt2W5l9QZj-76^ssa+cmFmHxlo&@TKmJkf-MW>CCP)XnO|J;9+y|IaQ3+ZQpDDy%Gw!zpf>m?zRjUn zSfjJg8j||D+E3`Gk!qzyDv*n6(Qwi$N|ebIJk|zxG}x8iKz`K=OWNKT-O+4oUS2xV z-Z*~Iz6{=KSC%1kkik@%xO=f}b~+*I;OFo8EfCo^{`H+RYXFeBe27sd3BH+s&@(E7 ztnvga6BOb7G656}1If+h;vINZ1^Ip-lnpxf%N}B*LN$(RudH$Fi?@tOoMlC>Qfz1a z04&xwAvQvx=!;PuzH#wdP(milbR*MC{u6FG=9v`0o}!~`bbn^L(mg%U+k}JJsqsg zZ#FP6AU{CM33q_7U&3;uTG(zE!!4CE0fmLfAM1AHcKK=r<|+XZgmJuP<;Dbq{GDgZ zTp8bPj`-&bg!q2Z1?eq{xXzS9`Y;yBqzm=J7cc482ro(yPOA@ZMcfRRO^Hy%d9KFs zJzq+Q>_3wZY_PCs6(p1ec%31o`zvd)pK#~AwFOa&X|j~h$zmxe%=7=2Nc%~!%Yz*7 z@avb7^N7BBAMRhY7hJ28zj_)9`P4uaU*!w;#dAAtKnE-U1g>BA_X|_%1bSR1$1!b} z-7%1WOSW7=$~|Nfm4pUkp212UmgR!b<0>(0NAqTbuPwyNAEjj_wW#1lSvS;>Jro41 z9r!DU^KCL+`Z0c080Cb6&AomLkuS#eX=teD5h~p`#eR?xPKaBR54*h<8Oi$R^|9c% zoBriqMmSDA=(j z@Lc(zsaG{)EHp6V+5aFxv4YE%Z`-+CXfN&=s~?VR>@X)S5UudSY% zIg_Cvtk&ufa(HDDv=6P^xHbQxlyJh+`Q%Urp?6e5Xc16aic;K3NIGXjXM0OfAdY2X zbBRhM1%y7%4k8QcMyzqojA@9UD~W~Q7to!Rccs4Z_R{|$pJ6?GVY8_q(Cxro>7h}w zK>PLe&RBv9^*PsI5*RDcuhEWsbg^E9`K%uCb6AtVdM31 zfhZLsQhiX1puZ?1Rn{S$3__({7|);A35C81UArdy&Mwr@^jooNE6kSE-y4oRLBA_% zlh-Qi*VZ+NY5|H##wkXCf3mt!itQ5LnU^%;!>gn2P{1rh$}i=9Pe`2V!B{qhY6p!l z^s!_XK3*LAx0Omm{>qE|Vs*CFQYEb+(4hv~V=~@vuyqD5ykmChML7AoWzhf>)`fQy+s)$`3;Bo^s_zdW;UAQWZxF z%S)~3Q;GGvlrDbv0rk~kdFI9n^(~TVZ_I#eT6Uy8knFkGgZIt8p&XGEjKn$wTP#i! z+4cBPI~||=hkH&PQB2xB!`<`eT&{n)9@zFI%`E~6pdw4W2ZbC(A$Q`c%X%euAN`~y za_B9yH3f#gP@625x89sXavK1L`*t7HIt zNS`P_R-cuOG!v|b8JUK!NA>;mWrYHngC_URJscr^+(c}gLI#V-#JblyVnSuKG6TAW z-=xXfJFlHt6617>Yb(PSKi}63=L?!3IieZq4@Bs?y^GoRM>1CBpl0z;?OsdFir{iB z%;Um*Lxp|68Vs9NVLuk$ zAFixgR2?hprz~yJv1ht$O9GB*2=-*C#HTpbKfq|s#<(H*N>1igUal5C_3~!04~?FY zgCF_@so!!X>(1pK0T1()iW!BdZ!S~RV`&bao49Ek$M3L=gD#a|rUgL)ut`;ynn zmkZCiWEQ%V#LV;^jOb?))Wb}wc~b*!i(#1{Bj)c!Ib3h5N#(4?fmqhiPvkk zoZ0uYHtmttqPk4HuKqO|d;n3m-{^n2i-bbCMBN-*VGp3L_9j_|FnJq9iMSRE$w_ob zvQ|a(gW62Ef`*#V#*yZIkMPBa3e{PON`$a~WfsUvtjRCIyii@iIqL!vKTG_X8lgdR zkO$Ca)&kw7ODlZZ&-6LyC5vI{@4ZA36$(bV6qX%@5OfHe`aW~yA|oq`dNjuf`CTwr z6JX44Jwq*`pi3o{_EvClfLk1&U-1(?0OLXk>~cnjl?rpp+C)omm_oRU>P8}sgX>Sj zQ@+SCy&$PvukH>wS+eL(UK=$0#h_VE;Tfoi7& zpwia@T~@D3?Wx&5{j_^sMZGMZ9<~-{1e%E~LQ)f!E3h*R!g@Xv8zZusA9hvg)Ec55 zoEl*)CPtfEJAhe;^1K4L!~G;xK~(bRjgt(=uWRxyBBO0mh6Q?p`4KZ;MxA`V=TmUe|urayGqGe@E4hq5c`I;o7&GMuKECBLi*C<_Il$N zZ_mujhWFky@Y*pkW~0bNe^+u%8_mYy+Ot79zUlyW{2j7icK-WZ!f|q-|2vEB+ea!g zaq=QjFbZY zd}T)OO1T>L5;3+5_1n)=uO5qBLG5RNGK$$J?T&uw8NQTQJN>sITY#d()KAUZUt|)e zGKnL*6`iujP_1*>qte7=^?aDq~0%=7*sWBfCOwa(}46Zp=IjCPu%I65-^j(HsBBi)Qs9E%_9%k!h!ez=;ib z?=vq~M$*eoq*HcX*Ax?VLhYKF=;4b}w%IXFqE zI7AbK`Rq#Fz9Ou>!m1#RSiG;1!b!|=vI;hc4;u}Mxjbh_!1WzJ--#dupeN~ev`u} zlG7Ow7XCOf^Ou*r9|19e&Rmi2lb-yAD zq|Skbh{r}yfz&h2WM2IvBq4IT1sp&hvyUVB88)7iRBq{EIl{&D+eDr2YQG#;HDv7< z8^9Y0fn3iz2h>)iEqn~bZ9+osADw5 zBoS5bNUd)1B4hyk3iA+MQFhf&f1X-YD)1c%rNep!N&ux`l49G)8s`L}N+rCxVev}R zj0#16@&+o7Qap^4J;JTAMLD_dzxd?GnHK?oCrau8d9DdG;4KTKMS3ks^1xQ1 zT;U*?Qk{8pK^#Dk?|0G>`)P?0s5P_P`&_LMj&4S$1u4hLuiF;Q`{jZH-aY(jXgK(O zx9H>P6G$}hxure_!6}SD`;Y)72uC%UXNnAl{GoOFZqfa7$1|+_tXzQ-A-R+**{((yWQaK#)zFk9 z;GS98&7a2T+{VW;`gab6u!be|e0)6NLf}rwxOa3rqt!F$qsT#+;I|j)9UnAv(&>X3 zDNIInFWC;WEDc)pgcmu%CJtLFe{1rJ82ZMcxmbZmK{j*DDWo$|g+6zKJ~`2_4-KYv z$}ikh6Xyj&K>1QmdP*Wv9)>)ipgQB}^p(;7^sOg~BO%xT@+H{3_ttsog%ykNYIx$f z2HA3f^!FD(ir}e_6MRNQ3ez3pZ?zI!${JJ!TcR?By_2%g`Y)#$^K1_TyqdW(VEv{D zqCfxz(ZA1Yk;Z`Nu5qK~Ac;q(jJ8^oqf6GKJ(AyR^;p)w{PPz#X6lqd6bAL^|*V4(`MEy_S-;U6K{cU-n zq2DInYjyr@;_uv%2xI@w{`iX@_fJROc18B>$Un~-Rj}JG8catK{N1z$1*ny|!uK@; zP5!;+YJijGPOadG>L7Wp3RgxzX@xmdl*v!wcz;q321AXKK~6(z4&nt|`tMmxlywu@ zKGl*gFRmKi@jJ(YAUl?7N_s`bFbdvhXG`WUX70*T)nC!)S&^L4?BkI$1D-ag0lv2S zb2=Fl(g>-4nD);H5!hi|EDkk&uX{UurPY8p?I)5`j28E5gFoN<{Y2lS)s?DV(y=^$rfb3wth zeOCU*&}~*f`jgTg@sTR)M6xn^0lNVx=&OURB2>a$*D8k!0Pp?Pjo$mK5cfvZ*ry9? zl3^lhIHYx3Qi_G{dEPIt{L&y?&3+fDdkHP10p zN7$0&Wys$Zwys%yC_3XP!!i92VBZ$<;@>}s`K2u-aW(`kS%S*PBI-}6938$pERYDA zO=`B^#}`9$6Og4Cklj?|Bd#*;wc0d>!qj8cBCj)-envomF`vK9v5_gaH<)i7GOJ-H zj6}ht*cqeA@Z$5oTJiTr;(NoP0Ia$7>Bp!LvfE9P|5Wg40Oj)vckcYUdLRwJ*s^q? z%&3{R^$K(I9M$ucXE^}h0_q*hYqfto)%>6}zm^ox8l~rgKrJ}{v#J6pfvdY(QK;x4 zSq+AiKH7eo-aw|WNSo|rEd#DRBmUr@uZaS?88Y+*`1f_p3To!e+=SVj}pe#6o!usdwVL4m?BXDAWJcJ{|X2Gzve)_udZlVsBYKmef=ctV<7Ik#d&8O8X? ztJH=SU_a-AN~M2%bX|xT{$bv5blL8*2i(J9-Og;|7vPIioPV}W{tZy4X0HVPE-vk^ z4JV6AokXuXx30X<0D^(dV!9#}b8bUhEUT5Oa+Oiue@w0rb=%fY`Svk+>`xLy7ch0M z9`zP{yLM;YgVl!bR6K*PyINwnIv?y~<#nu)Pz1B-3HY|`gnOuy ze)AR1D!P8(Btz&e=&=_k042G^6GvVBk|354@1&B)#Z%AY*7)1f=qx_M}3n$^OU>ix(Jxd0Ax^JQG!O|C~8x_B(T&eCgmE zfoOI(Ko#q0EhlrNGoMB}`G21PS!GN`*Bw<)Q0kWez4E6cZLRKVml(?$gAwr)$g!gl z(%*73Niv9ga8>ar5IC3Y2+*Fh$ML{GAF+BT%Qj@g4#C! z{1k>D4gt`hlduJQd?y&J&*Oc3Hguj#qONHvA+V=ZT~nVk@1HiLt^N2W#P;vK*He~O zb7vzHw4vjmtLV723mAh?^xrW>eN*lu(g6L4qCz~4=38TqeFb{jI!#1soIk9)f|GS% zqc3C*CRQRT9S_9qNqrSgXsrO$shtT5{TkJpH%-h{p<)`7JhRwmor6S34 z>9MS$o}4;;=m9(KP!9Wg&E&YJdAEH*OgVJ{hsvI}pY0k5qV<}NHQyxY0t{Hoeo&Yn zb>Cy&~*EAB=>#`LKL%jIK+y6-j<3VdJ}ejuTVMV)`|$s zahD|ncDcX(`w4O>;{-7SgjZMPe{*>*>KTy`5=1mZh;|qpzjys@bR3;^G8}yz{rDI> zBC)M}0skq51R8{0<)g>Z!GOPX-S}!t(HKAo!I?{fyUtHBwMS(N+Ix)rI*U^5foM8C3Ia*>oR=HB&I1*GztutN7jtLbnh zB#g8T^{WIIspB91&8R84*uHXVLU1Hn_}Co({rlX)M71wu@kdtdxq|+57BB_vl*7>e z=Dk_-_&Y3D7KHtFni+=!#I5z_)JLU)@F(cfNu4+As_y*i#xK7KE6M78VIWnW*>fK# zIM?_T`4b!kBgy*yr9a_-IE)W`@*+y;yW3nCJ(sp{!?iaA?wQi>rLMeTgQip z3cZ?w0a^4M&i&#wp`K~&Mb&LL6KkCG&S<)CII&JF&EAQDlGBtlYq9JG6A{GP- zB-d$VLLSWS)ZhNB9~Z*l%orrX+W{QKJw?WYf(;AqxUJwh$NKHnKW85n_N%)xZp41u zs{Qz$NiHp4e7p?sZ6N}-G$<(xf8s~RFtiQ&vk4m}`;B$tn&z}#V!Ga_L^uTpkq>3m zi{$-z3YF|?QgEvY=>HCzdh@VQi2MBcB@y)>gId12q`xwXUec{Xe5ebUE%XvaxcOb# zlCV*7bEGmwlE;v5F7<@|^Q^|gv#KEDK7_K=k)(oBnD1%h2t}-Yb3K6BsK$K4!P$U8 zkz3E;@p39fd|G_%o+4QtQX=*d^y}(s1)=@pWsNUsq1@i42qiGg&90uYc>3k%u3TcCUAi{W!sm1(_SCXT2`SQ;TC7;n#Muk_x zQ&GQa$vd=vj*U(-^WWN?JH8THSeiQbtAK+_Tlw4mJ=i(i;{V>W{`0Rwjg1vZa#n54 zb}-!F#)#if+U#rFpW(Voi=}iD%~pqw-Cr|!HCXt}^Mv^jPP67|f#aVBv+7raIsejN z*J+in4g3P;0~A7&Lnc38#TFeQp3D5ViP%A@py%<_dpC!n6@Ju!nEQObzKyhBI<5cZ z$-hHbXtz1N%r?5f^6lrW;902u(df*0kAuHrSDE@Sr8JQ`rB4y!Qd+-0`t=GrtGwEo zQayRLQk1kZ!1MbgN+1lFCxkD z;WP+3N{95{XVPn^B8`6G3nw4dYi-PMf85Ra`cg+-P=0`GWMszc?-bpEdU0d%ZLAyyZ_jgomsa;v33d2JDfhXK_-1lP=nrk&mO%^djIs| z{P(H4=gOBL2$B}onk#1}GZ^ui@r@B=1oz}R;qHlyiq5#dS%&e#30{N1{ii<* z$~X^_1@rTRLZ=E2@H^fYT28E?`%@18u7V;JPL`txKF@#7U1SespbQuqEC}3Y6-ocA z&!p#mM({dWlPD?>_9Ban-XYUJOfBgCMk)|IcaqLjfCU6Cd{6e;!roq-WkK3%$1NX) zft&v3YmKP=C!TIfJaYiQED*$g18DwU{EPo=(bD`W9+iv&PEUS!l10uoGo;Ye$MgEf zMoiiD8Rb?fkfLw_aAwt@8j6*3T(>mz@42}W)&BPVEf5o3WKuM19sSxT@Wyk%{Mmx2 z<*@qO1hEEpc2My$q`I>SKA+4EY|rhMDv44Qd>yc=Z={h#MAw(M{^JG)fuPO)cHyoD>=*|jE0G(U}1%2ETQXFPlI40`L^zhf7$ z@>*>p0zWkKd&Mzb@9 zI)9Kfz4g6`bKn@FVOqhM$_d0*0qpO4cM0P=I6Kf+g*UnZADoQoK(kgu6%)QLkzY_7 zy{gI#x4=|<{Q2~1WDErH0r;udN~VNO{z3Zl0dIx}zVtvAqr0YPDOS~hd%}>NuOIEV zOf~hfEf;G{X-T%~1aXb(S#2^>!FrAxwuobT;i#j2GUZ1npXfWsjYW|Zy_#?I3(-<( zh*A*ytrzJqkqB{EjScj?8wHfNf=wMA>k;@W1D1TsGDF^kzp|=|(U|{YBm+X=G>?xA zs~$23&@LsG6R*EDA?0B{Xw8mj3Y*#kSfbAfe>Top^^?UTgDsk;lFm23hKi*A_F=%Q z?coK^#uJ9{Hrg@1k+ndA3da@qXc?$PT?_Vga!{k4;eq9P%a3G_%0w>PhTlM3m!{%! zSJ&`Q4fV)l?C4P^H{7YuJir~WUbNOkbagMll*8ik+i9_!VLgu(ykaZwic#s!qc^aL zlgXhRUJ;c0kq(*ds)}BZ(423|zcD~3X0#*+LvZtFQQHT-rV?#6w`krR8E#UOrD&JZ zv7BoPdBgY>S1mehxzFgo>KzdMLAb4#y2V7Xdi81mm-zWcq?Sl((N&UmqLwiSP2h7& zfA=DoJwRR6VT;1Z@P#?%OfD28?DWTO0phd2q?1cOntGb%XR52RTf?fPDrd`^bQz#- z7z0WJ_`EJ~`k!mI^TC#W*U!DKuedHg9ubA%rn2hD z$Ul|37{A4%VnhX16w&TjX2OS5mRA_^rArilB9NE&0T(GG*H#`lHQ_Pk* zelWDpoUampZ&Qsp)^6nL8<9^eYwColMQRnYX^hp@P)Gc@1-( z5u)f0Ns&`3WD6H;z2#8v-MPV6&au zj}@MXN)bb809hFgdO3wwQo{-Prcf#(cOxEw5M$0kpu^f-N|mIGV;517AK_*e;rW+7Y#1USK8g-|f1@ zmLFyAUkhwwd;VPgN+4$2Y2*IZ_)eot6p9)q#<|pJkW*B;5F%-|s+9{x+y&){{N5SB^iF(oR6kdk>*8 z;dC^64eTBdS%cW6<{|LuDUz(X%%}CdMVD+z4xmzi^j_}${hO=TN^c;1H4lwi*ccH( zz2y=l|6%@sIkee?>5LeKaG3}DW~Z=h!S73|F`>PW3*4EK-mcBEUM8hQ=Nt5=Zm>I6 z;LQra#IkDN5S>Gn=>hS(L%JOM+{Oz2@wK#Pq!aRkjhKcFs!HL~6lH;cYE2w`pl97_ z31pAcq^{fqok~Bis`;KuLAw|FH*bC^Ye8)KG=0us4dK#(dYKtM13&@Vg+MRF^7~>` zs;$LzqJlS-h~ZlKt9_MCzTLssPEN-2&>lsvOvy~W*?D?COH{E?<4G-V>f-J{;aZDnXVz--kKT_ zveZ}7_QU#twk>Qn=ba=ExeLy{^(l^OS`@5gxP+ud`E(TTMgN`T(RXyz`a4H6M?SXBYAov~7o4Adh0&C)qwim8d;8dA&G(kxTVIGF@FO$ zvI-ht3Kst7-q$cH@|H6i%=1TQ#wW~O^2jBZ2tjCo@-d<~`qT^NT`0n77*8DW-C@gi|$a_I`f*`6XvfoJKJ!gDLXL*B&Ji z=pX!ebGxkylrxXzcZFO2ZQn{rCzuuds0r*mY$fhpWbGM0H{mA*V-k2>x8^Y}Z9)vz z8HE#gsf$t_>$o|%V)OQE0kc;Rguq@fV5Jbr3x3y2iDfJi3JOFywD$+0$DTb$>@=tS z-u!#CD$SS$stQW^dD#VgGD~+o8*F)oK`A+x@}D@k*8K(eFwD0vEY0-Cw)g8;Df3JL z>y`FCz--xbqA#BgUYW(XCkHG9_z*__vw&^2&>nj+cZ?+gGqp>U7jAXB0^?t;8c`m% zXwwVsY|Cx1l%Q5wk_i2)08{q+c5vk@x+41TUiDz{e`;DeVD|TXXOPOyI$U19bpjC? zB`FM^3|SH{zsOLy=bq85K+7+fx3tP|j~ax@UsuL>3f%go{3E@_UZG3a*H2xnl|)T= zjoYodo#EJpLCVg%p39fExvqjG*LoK8fe%%Ya|v*nDHuwxERdUPW=U~3@^Af9Hh#od{33@AT5R{^fm|t&y|Csm5vu`w$14CZW;fZ{9JbUO70NJ;`)6{AorQ<(q*n+z0?0Wx1DNu$cN&mw9=A zad*sC(BqX`u2^5zRCy`dm!IT|U%57Oz+F&%9#omoCYl~WAY`ICs)syI8W6YZsdTap zRY8cHGwe~uq#m>cME9I4adW=$=;yB}eU-zPY?~LWf<`XYIMH`cPV}G|uB!H&Rf>GN z6*jZSGP1Lr8Cs-~cFxb}Ck)>~xLb}qAwoq_(x7#m!>hWDv@WR-wF?@q_g5!hTYri} zb&{`KjozH0Q@|ep;yGyNQObSCQeX6mXP3r0L|wGIG-vPb;!u@X%ba60YA5@W+Be>F zW0>6CdHCB_i~7cXk~Y>D{Z!&0<|hT?CA7&)sx76=AIr!T;CXr}D9jUP;n zocU*DiHg`jAcgevsd9YSSC=^Pv-6O^GYB@!zl)OABd}QwmK@h`*GyBOKh>>o+|hg6 zI|81g@vBR>F}bg1d`Vu;O92BM0{hA42F?Km_X{3?+UBuVXHGNir=n+I9=dyzcJ7~nIQG1FrJ{(( zF?7yI0E}_^QP6tTN^@TpWUcqQ$aNdf?#-)5VceN{wW!2&rOewmNY5SsfH z_EwLi`0ki3F3|$1SF>d$%?&{A9g%{Gak`Q2Fxf7~*$eHw4O^s{T+Q%5$y?t&o)w}{OVnP@ z4~YFxtGdfG?DJ|&q8Bi4;Fk}nx0*k#Iar%I%`Lhf1lR}HCm>kO-xSl+C*Ssv?^S%x zf$^=&BWmI3qYshzad8S1%=xCtr_i~#@M#Rx!h<@N9WNvAMQ;3UcJpo4HRYK@zU5ya zWG_j^yv%SF;#iC^+Gc3yW(=3sAE{{vKBpLA+Zp1(B;0kH#I zgT;d=#X$QQFWZHSmZE34?qq1jW)Fp>UX*+$X)r0{n{v7apoVJxQkLuz z?5idfAN#a#nHjgJKz%eE^W`xTv~L0bW3*eWveV_d$&$cq^T{l3k&5C+HzP)2cl=Xu zSTV5@Xjwbywl(}PkFbZ^;q_FX3^0=|kLdG{a-JtqVK1}DjX6}P-|8z)oz?KX`maXY z<%DBt;gu0^H9GKa&$5s~anIr8F8?UkV#6ls2!$c_@Jfj10kJ5 zNdXEoDNTtfDH{)0Zzb|jn(eLBCVB0b@C`(%7J_S>+OI9(z>KJl^9obqpD;#1H=~$I zjy=o`fu(DQIi6I!Ga=jP?^wet;~@fvjmCx?b+5Lw3-U`_1|osRj9-C^T}#nJKTSg$-RBP^mS@RpV9a&2r!pgg)tt?XAr$ylqBjI$!5HE*bT?E5jt z5o{%lxSQQTImU3QO+4<*Y2J|;4#&@o`ua`sGxTIvXZ)Sw6mTbqEN#myuaIF) z%49F5mpOGlz|uT$^7%>iATA$Gsl)KMy_w$tlZp0WBu@kU5;%WJt{?AQ&CE^>g*ehT zT?0t9qc{jJN7atu`Yh2VGBWLFLyEsRz~IkCU9CQx6VE`4E0H4fmW=Mjwu^&hMCBay zgN!2`?eh*jE#kfA$kwLNf?v!`j5tv1M+?bRG#$Hg)UO%%4j&zF?U#jL+lR?By(s6-19apO0=AJJm;_u4Bb|%2*Z~^iKHXayc%CLTG`jFPIC0%+t7)ZiXt}M z_bNM85^T$pY-o=*zrcrutT<4WM{(&9`S|OhVOx7-jHxv`7Vk26DUs{c3E2+PYf;fZ}8b#U2;}f&cJc$g(Jr!>5i+3 ztT-vzH?67}Ke@hNqH7Yz0btM7Gy$cNiwXMXWfB#fx6Lm~7|6RJInz{hGeqwfeF5ND zix-z}vF(qm)(?u5?3bHO6~8qMWS1~c7p?jwVVum;y5-oFNTVll)=#yIazC{v^|$AE zcK|d-LntsXv71{`bcuLcICuP3c=GSLq4wTzbB~+3CM8$I-D5w!piBPyI>jgOH=tX! zf3CNIf7c5CFRnoV!T?uu^h9qiP(G0i#-mnMD`_L4{ zT9AKETAz%aBWikso+ucGINZaB|>gMMz#v!0z?dW*soIn`lrlj~$%-v*DE zRPE&0`GOwmcC^dU!Nidt`A2OB!hBdA*}xnizzrx#5Fp4zfpj)W7I-%DFdpaN7QZ%> zKz#OhTW>B3ZalU=lbN$qw83Yzc5yXsu%O?V`e`7B#_qQT)Ig9bf_*jAN@uLOmS|X- zWQe5jE_`CqdOY%lUM0T+SNvgfk~Lr}QVM-HC6v+&pq@!6nUUFP`CO`Gmf?&xgcl&a)Yrd>yckDVE+gN@BdVo`5 zRzyjq@e|i2wq+x>w+}I6J8th2p7QmZnj4}8~k%)_AXg*&x z&6KC=~gv!UxCnWR12-yds* ztdz%2N{=xl^@sx-VH`#ikCK}ALC-neS%l-Bj-9|Rr&7GDe zqebG!+uw!}HkgO5E>@>$dhwuHvl7- ziS4RT^yAFxPS{?WW0yR1>rYw|WVfu|t!&jtCC+w;1@ zJ+r|1>VZ-lFB4q*4H44y?D>lDR`oo*SYcv=s^|F;e&y|7oW;vdyqE-sJzrq7nXDkV zwXLD~(W8AtP2!$Ec-YF|doUdlKzSst;3-YqEjGG{7$mCtI-0d+_o6k=P$ z#+#nLhRpbc%XLgYSIa-1MLfsYzg1#>tf|X7Eb4(@f<7h2i5X)w22>? zEz>wu)THjG2)b2nQlT}IDCqnF3v7Wt%vsl@#>NkCNL3C^um?R%? zW%Lq1Z(igrBf5>&+o<0NFh_`XT2l(oFq{Q@k>p4`u~nlCKTun1n`jhm51)m_M_@0+ zr8Dp)8=18C_OTNgjm}k)2qs$7LZy27p@SXnv<)>BdI0pw8A@h(>S1xV%E1W_uAeBd zCC}?MAVSuw6%*sueg+2^o-TozqxRGX@1YaoaRMb~bh0NQ%jbmXb{q3HPDEd}_&b#b zWaE|u35jzMbTOVHNunp{y&4(qRvsT)6GnsL^aN_)+!cg^n@E?Je1%{0=vr z>uxo8dcFGw4z6T%TU^gS@U(^pM!1X>^#X%xj!P#24!ykYlc)In%>GtJgNEVMM4#XB z8vWDO-a~Z-`F{MnQJVHGFwyzz&0J08Xmi|zn8k(yc3`wzwsts~-ln6@T~H8%>-avw zWjD}fHrytj@|F5)SOjvg6p5V!7KCZfIPUrKy+;1p1(e$8_9QA<~MG35=f28T+mp*$8BNSi_ z&$kA_PtvgSK`;q7t2%zq88Y<_3UB+a=?oHZw+fcD(21V%-~O2|N>hpA7ztwA1|9^V zA?miO=A!-*)j4@&cx$;iUBAuk1mOT5C~Hx@04By7(QQDv>BHV$q*muDsQsjSeRj zSICu63xAw+k^A4n+RQde0OC<5??yR3aLU%gq;v$5{$pyAiMIq;OpU+vL*en>P2u?X>}b# z9pqm8uU3}fqQ)-?I1kcE&d)DE;&!v@=(i&F8u4o$HF@0n$>2wwKb5qj_0Oj%&He7g zML?%qfo@cKc&)zR=W_`k#*zqYC-|4dkdjxAjBP`ulr-)DKeGiP>5N4O9Ha^p>}##* zN_RS^?V|>>DRbGq{+C5R`3A#5Kt%3RaJJ#Qn7imUx|yG6J0WecZ^%(tI>M=Qt9b5# z5{ERiH&oFZj}`kNbO;bge*&z3?1uB&i7r#`l#s`{yskH2{sCDn5I~^etWGr3pH4b( z8gD3&)=vu!n2a=Z&aa;yq_~d??{uOEuCX)}c02OT9t63NANekp8xJh%Col*k*_)9e zLO)KV?wGLYUB2FbKzAW$_&SaYC(W)|%W5clvc#`1R9aq-4wxX!K(x2@jm^*gLH?fo z`o>K3`6zY^1zolA;Q6ziHzp6OehK1Fpb|AQ%^PMb$jqbXD-!Fp-ultgKIq`L>Cxa>Dl-1-=N5CIY264TpDKV@hjZ=@FutT;x}qN8u4b{H-h3XKjmij!w-F0sqMRN*JJ=k zi2gm51R7l?TLotvdVmH?JV-!4^D!uK%~@^1X+CZ3CL*y8i03oPU(} zfAGyv70a|V!}cFcvgH4>Qk?&%6COipfB$cExAcE6gwW;#(RNcfhH{v{V~eI^;oHOx zEvErL#J=1|fsJKZ-<$98v=~o5Uqb=+(Ttydqz+d9`*;jZL+amu*b^*XIUd2=E5+$1 z4)W=hZw*20pw!S)%tDR-_`1e@P7C(O#H;b_=etFRc@Z)#(bIQQO9B#mp~g^enegdz zfvXDPv!;WF7w`AqJ{{4|!~cFy10RYUvXR6Je~&qHVf{)S-=(nJOMI<+49%v<`eEX1F^?|a8Lc^PhpsSkClk94cy`~Bwg6afZBVYR*A zZ~sfXTpYeV`t|P^`Xg=VI~F253gjaXt*_Kb|BDUYasJnHzVGe-X_GyIznhBGb;gjF z+P*5Hq0uzB_UxIu=z*G-ML`)m9x6hAvfsJCwi#5|ZdKS{2{wBAwy zdyIh|Q^YPT$YxSRa_@0UIg;GR+kEagJK~MGmU-#Sfps)0+py8nrp7g(b}pI-aCpHALjNl~yUqpgE49+8xzVP%(xyGMr?DBX zJshsP-J-D-uCdfVw#e8?k3;*l84pGOGv5{L*7(Io_WRWNpAUmi9mC#{3E1$C<-ht3 zcZB}Qh3{SbUmK76j)xs@{r>OciQ0ng2y9A3Ox)Ou+B!0-FD}HX^%@`{qthNo^$_8d#|1UYkS=P!}k8k$=B8|L>Qgjzc~rVfh}ae z@Aejxf8x;i^?Qcc^-H#T$9wbh5388h3W0@dorh?iEZ7~->TND)?kiW@4ly{JepM=C zwGpJZx?s3}KK<|Qy>X2ATl`|fe`&A#U$-a!KWtBZ-o7*6f3U+A{CA}Cl!^9~!sv^s z=kbSEMlW-A`_FOz6=VNC|F78Hr@y~`NR9cR1R;n2RFR0MHJ=MX5F|N&mclqW1lSno zOcmhAFuHStXh+`WJ_~(x2anb703Cpn+ zWeAg`yQV46@hL;kg@=wdxFnQUfOK*~bz=SH<2qwQ(e7Mj{Ay}b3rTWFzrjc5n+qXs zTB-*`*+2c%F`_->q{ZtfB8;f#|5&zq67+UhD2Ywu#0SX9AeTwbvdr%7nn$OmiByS{uqjHrrgUQ5KbidnXWLyFt|N~H!_x+ zSu=KFdQZ|;#OVuJF+Q`7PFLldR@d@TmHM*6dNs?m(UP1dHlv(dG2c?sY;kM0$;y~R zHaIm)wbiO#$!2$bJKfexXi>DC=|45n(9Or>q`T;hXAJ=N#xhkLSIh=-&H1RC<6I?D zSz`9sFe9OrrcVJX+0@6<5`2?UfWdch7dY~#v(nAa6=;~Crg?ke;L=PwUnr*vT6VY_ zoRv-iX#IT1EQ-)J#bkU(n}CsE`V(Wg8ekolp>>yQ(|ULehLM;PLe`#Ul|J8P#qwO{ zZU72_kb~(LbSBJ+7)qBJDTPS`L`4(yd7W{>0}kUJ+iv2Sz+@xtt}<`S0W5#Bp?Zur zLcb9EuF6c=@muz06NIkS?^Eaw5GU*~B`&uJ;~iqM0yo-2UMn;hXCP!I`%2R}VRAHm zUi!_(KQN&cfEyq61j1UUo9GlvXl;!B6Pld>KFWE_k&>0p$#R(pj$Q!~#R>)%xkz^f zvqspGTieC?&eC8?)(_kFnr1K#Msq`sA!tc%4dTTa+G#6tsdrLp&MLoEgbdBO)jMpX zDg(yKLSgE`&)F7~Aztf@)dMe$KA@AYqker3DHIHvOv(rGO(Y{@H`zrgwmSTTpOwfy~U6;_acU6rsrdwY&&no zzk8Q_3vA%60C_xW6-Iyx zcUw*BJUUI-xic#eT?#!iiZT@130c3bzV%Nr+8;(bXhrEgYASpB(#ed35W!0zg}g@enkUJ`E4MLbsZ z*_Rx@1i%)?>ab$bx_%=WjPhY+iA7S;W(iFX}t zlLhF9ITFyVbG$+hJ+>V=B(bpH^z-vx09bA*?1sW+G4?HCfK`+IstkclWr>S=fHZpR zG&}XsbA|_DR^0zsnf4PS@iurIee1=aZ}J+X-g@QmqGIG8`}1oDy}DxA!Gmp_LRa`z zVPfXf0@To6i+OKjM*pQlXgwwyXhNJaq5M4cx(?V2tp|nvr2>^j@zo=O0z|G7#c$P) zua9-=kGTAdB4)Av@cnAunu+9NQDG)u>7B$E?(y)I-#pDrF;|;UenQokfGOna+GgrwnC4HU^Go7+*A95?;_lq4ctcGE5r(Vj%rKU4SlJ<#=e)Zqsd z=?6Q?4W^TVAJ=Ve;9cFBZs4+qkXeZ>L|ZHM$I&*cS}Sy$v8Lud$z?o(QVRXdu>pA($w3Hhh&p zt`O>BX(OEeAdrjOa?ByqHfSD+E%!&!oe`KDY&P`~*;@xU$!L%JLHqbk9&r8YTqmYB z^REA}_1Hj?C=C&vkcI(tg2!Go=RaqWh{kz1{B$LgT1%@j#gr@6h9SGBWmEG^Cz@PJ zZhi*_GYpKF$*+b6ZG96YnA0<*#tgEnW;dK2LKa9p?7GV}desQ9nklAEy)@Q)^4~KT z{4~Lm0NtiLf3?VPx|qJKd92;ofMZ}9uwM+{_|?~`3S0rMZZ}!fcZv7|Hk5 zFWA~%SCOv@dU?Ep#sNK_bjY z$UeX)cR$q|p};39XJN2cfRBF4QoAXSWq$dsMnr6T0nLwl0b)dUpgB3XJ#fu*(sTOAPLzYs>AsVvH3UH4CM3e!c@gdUD0=VpH=i5JNy9Y@*(X!;Bz857U5n5YQ#$W7~Yn_w`SZ`f<6*0AV5~j?42tp#A${ zn0$;h6u0X%9SVd*>BQj=F?b&vaZKNK+HbVrP-a{g0Du#6w8f#r z%S=Z87BRU?l8+a$7@P=QUsw#XT!km*cPNQHZSL>b(x~5YmplO|PiJIUNc+2%EOtUB z-($|9dv`D-c%-@=T;30Q=Y9P7mJNX+0-KIYOkl8SAn<6W0DyC%TSHw4HZKw#>|una zg65`j!+_`dL>>NS5)WZy&W(`-C)0Jwf*902S(ZLah+!`l_*1|sg4=tclSKYiKNxAJ z;Aaa8!$tC=)bSK7`7aoj{PyBqQ+}UyC*Uv}h#4kb;wrx!yIFb9B2np^p94Vj_CUn% ze2PUye#OiNGog-5^DUO2_WZJR1iU3~7uYCWhPDC>cW6vR{o>_4Smd{R?ibcUyaCsJ z=db7}kJiV(r2)mQJ;vqTV+NRpcMlc|gDISOkZP|zMVU;oj55mYu_R&~W23 zA{Tgl%l3rsVZ4u3wcK*)kVT>58HSuF25^`tjaD@p9zzwYz)(W-%CI}c)i@tM-!KrO z+@8NKS#|nnPGHDqdq2)%&x)o!Rvc&(-7NXu=Yxy;GUF@wthi&sU3k9GM?I}Fix!TQ z8`7bUHI0!#X#sDChob&Qm7-3AHP3uhbCHGVE-`9^L=hPi73@2?{wF^*?4;`i$Uo%8vIPNs2o96o{1u6R5RpooabFMJs z%v7)75dR+QHKE^i2|neo@6BhK^cqEb6_WSVx%07qGx5F z&{fb%Dod?2HfPE5j<7W|_^S=+o$7 zu#|GDsZfa?4O@}gp|E^CMSe)r0Aa(46L3D0Q1tr-?mc8x6-PB*==_MhDB&Ycf=zXx zItmUEh=7+V>o+;*ZHajf<2a6VqG-rQXkJ^&6tX9&H_bd9DShUJ&ws{qq+T)`{Dwt? z6thG&9PoKH`{);G?qG)NP4u>-m}^&TaE=xE(30LOzrOhr5(R<88*?x6;?L_xq)^wI z;?Q5NVgVRJ|3X1S`o9%`%J(36Mk_iRS&%a6hmvq#p9RbG=HdTxCMx-q7@QW^zw$Ck z|Aitr`mYrGWdDNG9R1?y2Td^izZr~6xs352-1F}%zVJVnf8qb2JXhp&S7IpFu>WVL zr?|f#wDj-$uxX!2b@6@S_}+g`obPZ-e`*i=s-hN*&O-Ene5&$siIA78;C5qc2iZ`)t7ZO0i!FJ|J~Yl<4ZcSFXbCmTs^* zCGciCUe}STkK$)Akctd6m8K21%4e&V&JmDlleL^nG6QOdd=hu$5J-Bu+sucJ)gurA za8>16T|Usqc7Jo2mkg~K72x2qRTSFvnc8?uFo=xC~q-xS`^Hz>sn$6D53Y_m}TwbN=I3?0L4o$*N5Sy zaOzlG?Snz9X@g#N4>mB6l}p5aVM8e5W>h>_FMT|zjt~m0dmjP>3)~E1RLEa1) z9Aejzx!S!By1!)x_6Ri~&ORo#1jIonG#Cp%BRB}6M`UWrmBTVw8b;W4uSdmad~0D) zx{oK~;Ni9MjF9=UMcqClIDn1 z!h*RXCGuKsG@&{p(=ft!-Sne&`dV)`r_@#D$6+YA2B~a00p4TCJ_rF98dI+}_-`N~=SAV!5$@`l=aWa2>1Yw;7 zYH1Q2{M=H8;o~u;qttI?;LDhV_dP10%cIQa>j*vbU>-U7nx9tE2>b>;$|w73b^axq z7BCUb0Zi(;zoQ}Qlg)8|g~+LrC+T|4UG0;PZ98V9*x|C<3Y5?(255x3(>5}%42sYy^_&@ z$ixUhCXfw8ikdb^1Ngo^_``lVkf4h(e!NQU2a%Dt9wdG$pE9emlaLrG_FII4gj!8V zi`eN)V(z~6)rQkJ+!tu9#b3CkF=oH*FS4D}WQW&E$KO77Fb`L%ASS)BG`zIe_}}u z-EBKWj4{MD)FiDLix5hwR@$v*NDAx01QZm=3jP1&@5j4@yvpiT`-X z#2R&Mh^LCL9;U23?)dYE)^X^VtF(I_csB2#H7Rw9IRNOc8tN2iqVKAYQf#ISeY(_o z<(OBFW6_(oj;2+aro}SI;44hnOg5))oagYTL_$COK6X|zZmhf&nwVl$SnJS_CN*|i z8wvpJ#`EH51Id0n7}G!fp4tz=81;!r))yRu%lO-3Yr|6QLrYXos3OjYgCb=;a=1Si zQTFevEAZUCSffR1w?BpIIIxedWu~LkLm8!%x#M(UgOJ*meXPWwJ?LA>aaIL7tiE7{ z7WHX*S}(a;GTJidbd5gWd5{t-kVHGb`(Qd~-CihblRvEH;VgOqv7;i=kFt20#o zj!My4+4x{(;H4iYZIp2T=qByAPU6w0 zge|W!M(6Ctz>LUm!g_;@h-o!Ka0Q`XK0u*xvzMLw)_Xb3`x0Py-6u?LZ#!3BfD*B% zJ=7myh(_4o05@l~KDGg*6L17&MZa+SsA!xLk-sm^Eb zSN7N1=DkEigbSW(G;z!}6h|7rPv??O(K+lDQl?WS8)b})_~A&Eu?#3>d`O%;y2nZ1 zUq>$#S>IJLg!tg?Z--0EhMWy#KIkQC3s@I)*?tj4Y5w-O*pa3Co_I|It1KEaqKzl0 zY0yBG!7)Wt{Sqtp3)+HiNuu%@!MjI*fVH}}-OZtrgMO<^Z8+F()IFkumP!`+bDupB zXc;B5)S;u4tu50;vhYb#e^G4^AD^;=V0?Ow&J%C@1V=PLh|L&|{rHd{FlZUMAN0Up z7VuOGGI2ShexHi?p7UfLD!q@M&Cdz0$Sh`mDnv?EPh2sRyygZU>+0n0qe1+{j{Dg>w=t*%|!dqH0%{C;rh~$xN$GJfjVSb z1skPDi?t)xJ2#RC;WE{cDHNzIs|wUT>xxMPtdh4jJAhs4Q_`>wyJqpn zksHnBoje!;-*P&WeGPI#zD!0uwgLXlBvONtt+nS*uS)R3%bSh7135yWv?9y!&co7g z|3S~gF{m-cUbs|h)by&c;KIfo1>YC&_IAUGft02)WtT1|Oa1cJcN#~9)hV=Y{ZHwH z62~mVt)#Mmo2O9B0Hm`jWKbr&}2Tz;5ZG zs8J!D_Y_P*&GbeI-^QbEY3VLwQeCSa3+Cg1ws^UiHz;8)?rEyklwFnvhRjT$x^Nq_|W+mRTYaA~cIKWI(@PYT5VML}qu80)^3*ASXqN z6%EZqEU}Bb*W609aYLcg&CMi!=VaQceBd^X3x-s6D$*x|!c*Os94;P>YM}*hiqLl; zO#q>l2nM`@*c2dx(uwqE5>WQ93SB&&D9h2DlwlmUo7dlca~+yf=xDBex2S;7&lJS` zdcoY z^@TNMB+8&z$Ml^TN9>Qaw2@{+1>C*3r>s~x{Q9pB18 zYFIdjt^Bsl%*+rmB0Nd~msFq70ZGqTop5jL6q6Kkj)!;Z(`_;z-;Eb_7v?eJEOa7A zN1&}L3R`07*)Hab9lZKbyJaWYRq$pwvG$|p5)+?q)f4Ju%|Crnr24_zc5m+4@+e0B zIllB)nn=00N!BYf9+8*|el1p#sLpUsUU*erJ+(AkyaYYHgvII;6R?ce9Uas0z|8bu zXI>)E4NBqGOM`elqfn7a5jh&8>rVW@5%6Z5mo8@n9aD~jtf1rf%eu5T8p~+taElPW zu8~qf)4l@kJP06F#kG8d*sJvfLC(gl*QTr=WogZN$v|^&=qbpAQgKtVrt6jXi>F2v z#eMx;(-PAG*9|WVak*Z5t9MBB6-+$4FbvcZtZ&yGJ$bfQ0w25cw@>Mt;B0UAwugLt z!sQ>r)+ZAtI0(_>zW9Q$sW=59GgO_~hBwqw@B`+zet1MEk2vAi6Z%UH95=1ykv=Z@ zDnac&gVgv|le8Gl9caCr7lz{x3II1(7=*H~6Q}=4b6CBz3ldBxEjA_BXFTRw%4((4 zDMZ1|$*7O-5k;^2cDcM-U#FZf)1g)VK18H}^+57>Mo-bRox-Pb9pe2tqMq0D zkZ}i00AUf+Vb-BiVYCZQcYU1C67AM&DGTO)N<@0yWGkIADXH(EnBHI?hEnkSbhY;B zm@D&V^J5JC7o7F24;53Pgg4RsL5C|d%tZU_EKFt{I&hpDG_zyz-&o*|fMw_J*3O$7 z5Lxlbt&f_{oPC!fd&4N+?OF|m(J~4kr8m{+vmguX7D^gD zVtqvZ)ZmI6HzrBw?RD(e8|m^vcOVu}pAA(Z4l;NA%Gy%lw*wzi+sO(sSj;+nK6052 zqAD{56jT5bxgq-l8JKj*PrQ!WxrJYcCAkbbytir}*RYUct-QVz#-d6cw?f^*r-ktC zUBkV+$ez8`2DT8vQ~0Mh=%z-qEEo>-x{ZcE**qdKq68=DCZi+?%VB~&%T+)3Dno&pf&l&oHmN#S~(U%d7@f7_F zx>%@RUA;g|J7DR{b$0EHk0EV3h3F~?Q;DE0RmC|zKVf3BT4Do_c-c9&(M`z0i{ri| zZOXYXJkfhj#A~$D2$lq%@4O*%12zWf*qfC#x#HVzkNY%Fri1zn#)G_a2KtORmW0&g zb^PaLy>4mzNM}a_)>cpM_tN0LLWI6}YTx5o3sZyPtqCWU5|IRJgC^qSj{<2fDk?UJ zu*M^Q0p+>J=%>Fe0NsXf>*I1 z==DP7?l%OiTIp9?z+0l%xtOiwFhn00N%VPkIZ%T!Dni~0;# zMYY*Q`jml_-cMDVxBn+vPXw%+)E1+SMS4jJIW~0JU2E=5MmC5SE@fnS#cqsL&gGH6 zp{Z5OkKo)xJo0@cdTF@oaoeU2aK-p&eHekD3}d{s>LWgRXTAWTpIRFjPVs71pj8CsFPy(Bv|!cWkyv9}^@u zP|a!+t(>qRqtPTCMkbhqt`JcTWBK>o7F7@y0Ap&IheE$E+ zVmRuy|9^ThoOb`S819nTzng41NOvPxbN;;;PHV{X@893TADtaPdi%HF=l`!3!~N%i zq5r#!+0ZEb&qZwTXZx=U*)qibTTJ%<>_WE37yC1IzRo+QxBqhc7fW%Y{r3f3?CbOT zZ^4x>e2?_?srB#vSDsKG@B2?8yak-o-M7Gw?kltZ_B#5zZCr8wy_n4PAlwPCCl~m4 z%)V^DZT!8j{`xn@UJ!11*6<|QaDDpE=bGnztj?xw&N{75<~1+o?Y0(d=6`9=7QSu% z?*)PXr9Jz9)t>eLxV?X3_rEXBio>@a|NPD#xao*qOCQ_eKpf7P~RdIm56;Qtaa`{-WP&MivY>!tKXQGt)ie#p!yOrin;sQU+%H{#dLY+pZbOl)zLv=5se3=sCjiBADY$Kpl zQ(1;2?cKK_Ee$saO8)+GF$BBJtjzP5c-B=*8~?sX@i9dqoJ`gneSlfkE){i4G%UAT z4^ix>Pb_Uwd?PWoMQk~J(lwFvYUPXLL!*gho=vfL*TMa5NT9>oKe6&u5sI2o^Blyvbzik%kZmn83l;d3V4e64gZC{pR8HQ#s zi^Box;Y^`!5S-l@!8za2wTcII#1UvkOOOs|QWjbe0asb{`>G{9!=P~|Vkl@Yc3aaBhF z#n3d;eFezU688>SO~okInuRPbEYJ3;s>YrlYip2rl2P=YIp^Qdl)xX&ON0}JnANno zGpenN@sYW{^)HQPBjPELm)t>mtJhY~TbJ&Z11siYUNQUdKd6>oG^MOpxH)rLRF^l&;xMM*WVU@nQ{FyiHTBc`lgABdR~e5i%v`CAC`lPg~21n z^;IXMyb|GIa`=7c0KMkwCyfW2vrINP&-$fuQYMXl)`+pj(%d_blPY!mM~Mmbr96;& zvaUxfN%h=dNTNVtzEwAF@srWrSsEn_V4oMLTRCE*W2G3h(Y>SUO09v$^Y@bxiJfY3 zGNS&K^e`86f`MPK9mbR)3rU3kA_0gVE8otZb{1A=1;zbg5k0CKk08T28xoza=O;_c znP;WKk)Bh`a^}>rn93{q&Q#Zdc=k7oxFMb|K@2^3xT~sVj^@(sdc@4b+;xevM}xi^ zs680CVIOzyYtvU@hO@gauI=b~gGDF}Phe1?qLv@Yy^awYwzw!N&M5nHL2zxS9oCMD z*yZ;wBm~{m)Hp2-6f;tdM)b*E{JeO>d@_qq5u5lc~yRZGN$V)igHZSG=-03dblfekjd7*&Bw>alclKk{JT! zCMc7tVN(STk*3T_a?0WSxmh)q5<97qQyQ!mmp3KmkJH`2>L21_}+?Tp4nA|Neub&jJ+8dlGhroCUAkBf|{Tb)$Lek%OM zk7y*%fu?@(cBFf4jfOqS_=-sy{)QULVkf5hjEC~AU!>X+JJZ3<+IL2WliFOX%ciU!%qDgeCokfoAO| zA+_0CUbp^=JD2)tZylUPZD=|_V?X&pvK9N?e*9=x(kol={HYgNI9X}V&p-B{*z7O* z4Ngj`KNXT6@0(ML$KMJNqeW{%*2*C6c-9J;6#PYW_A0(mDmAKlDk`7GeUPr0UIQ*3;jlxgB1i zB2-49M=SKlg>AF_aIFd#mHzUP#HeFW+H66CfM$<`AZV+bj|4*A>_DNn5`Mb_S@fKl zJj)&-pE#KNz$5AC}EcL{uWLk10Vzq+Kv1Bine>rl>$yG>WwQ|zA z*DNGKqb@+6-rLqU{@av{wiT(f#r$SoR_)A|RISadRmvD;&cw6JR|abYkDi?{i3h)l z@&d_GH68;ofFavs4K9s(=SoR2qOuAgixX?};^;vB)f%%t>S*1`@24rIez7NB^augA zbptbg6;rTV2{0^9lK33ban8NI8lIa7$Rgyx2y{;Tro9(DV7-2|M#Ui33Ozh~Ytea2 zAeL_GW8k`QiuW8yUm;usw>cM8hjN_3g98#gFjNcu z1!(4&Rnw?n#c?xCQ8=Y%#SQ3mtD|JnBu?D?l*}e_WlxJ6J=_jSJ#zJ7vH5;$=o{F4 zT4FsHTx*3=R?erx{you^g8iXE3b4$^YDil~ zfvxDEcDKhxM|uZN=+LVzoRMieTe@9NHpLhYHaQC{DS>(#tzsBzYdVrH!@`LsqKi%r zxlZxG75iEAWz@V`Mi&LlawKl+3$+rqR}UbPPZy6IFWF&1g(Ttp4DE=$dVBd!a9pe< z;L@TN_G!vwYjPwp%3l?;`*tCbCh~4HOdhS6Xld$YZIX2Vd>on%Im@L! zl-M5||GXPiiP$1_kNV;_>`7k?I=+wAaPiQ?)j2S=RlqM_6QD=vrI%cr-{?(C$C8>C z$|Fwtjo^#y{UwRrYgGOwSz5TDs3*_U6TcZ1>HTRwb9!N)RidyYF0bV@H$z<09`(wP zbW+FftRA*5vsciT5blP?sv9CLQsp{VpHOVD2RudV8bf+wD44u?quP1Az_^hltXOSV zYx8(nq6qPMVyY5ZQUERY8blB_ycQuDWOei zzbZ&ArhuLvYN@Re(lZ`nNS}SWLOSKZhj z`!G*+)!vZ4M;zc~hL795LMT-3M2HR$V)W-j(R+~|H~BjU(+K1J%QKt-dskANr_{+X zp_xyKIjZw17M@jMp7PQ_hx;&4yrX+6HjWq)SEy$lhBfR03esk?!PutIc?x%pCpHY1> zpMBGT`pvhM1hnd7SRaydDOr_G$>>1Q2hIr++ZB zic0Q6tbi&~GZN~AN6dnl^#}LqZ99j!6$Y@^|&P|CU90u=iZi>sT0s_m4G z0R@^W#R<)fpOE@kaom7TAKKJ~0XNOS)XDctbP1?m8&(22q*9-q)c&@!vykN{1U=7Z z;f3M6+{u!Y{IpnCv0qcBj5O}m{GAl;p5C+|;l0-(O{dlwxa4{am>5fp(4W$mh8kg) zR6~A;PN+x_?mH-~ zTi8&#~VP;yE)=tz};xxLpLvKbj4T@V06A8UHlzD%~WKG8RoODAvp7=%khVh zM><-6hM6|~m%)J9m)=BPwQwa^Gkr9Qwsz5dVD?r|)W;O@7jUyXSqf>>E+uX) z@O9)&-hddvhh7UpCIRK)z>eYGT-msfggr;8{G74 zxNjDI?y!LX-Ip}(%SS#7{vp1s#Yb#N*1mnqvf_LWWggy+>rBDr$q67X&=nd$vI+4~ zDBJwv<_&_aGi$6`aI6^3D+k@27gYS|E$}WzVI9E^vuzFZ15o=~ySZf^_b`(MT6~lj z zV1d5R`xMLKhn+nyXK}~JISY5o!f(({g12(!P~e*NGAz{L_Khmo@PyZsW?*9d!5`19Bd+m=WRY>IxwMcHhYd#&;b;1t&F*RJFF^{ zu3=%@Rz9NgWy?vSmH7Kf&@3Z!qEF++3~ch+VP>Qz&;HEcIF9^zdJ?w!&2O#u2MBb9 z$y$AHp{P|=p-!-DkIh+e^qAXPLP6;bZD1KnJKS2Ll4al=xh@B}4gA`w@EZ4#0Qf%N z0z?GyXc98w_rNfh@(0(}`=T;xc>cChsyncS{KjprD=>%UHNiHjq%U6jbj4oebp zK1KbJWb8(p4J0sg15DpHLG$z^a+h;YrHz+SxyR)HKoKU~3R0QpZ-!09KMM59*YR&U z1S8Uh$?4XOp(uwjazPW~IuxdSj-2*8`4x*ackdicpQx5N)e*?0U8eC%QW@PInH+xE zdQR5lkLhE$ExNVjFyg)s;J)HkN%@e^yT+xG(y)M0aRN)Pm>5zG<5_1E*!^T`wZbzZ z5=RM54Z5=eQ@+Jqa)nA@(AeeZk#^14d1FqmX>%azB(YXF>PlXyLt1t*?Jn>kE#2R2 zk;s?SyOPZp^oOHB6M`=`akK5J*D?OZL-TFx+q9#jKcU(Cz^GSAP4V29k!S}Nj0|!L zUK~ofBhX-1(D$#QNFt@fNP1PCNGi*y?Kc^3_i<2H7MjOr7PoJ{z}M526-21$S;40N z+^l{A4W|7ZbMm)+rZZ<=>yJL(fctTsi#qN+20A4o+d_@O&`h^)a-&Bkks+NbLx&bz zSYv#flMU$@L}A48TjaoCWgzk^$q7{`eUoYJt{FFFP1jNzqDgT$a(cmq30-xWOM(Ax z5El1Bd+untk`~F^q23|!fXGA~R;n?{r1GehUt(W_8rQfc9l)_Om@fyE>t;FzFj4VI z2f1UEs)_qOh+ZM0bnxXD0Q&=MhMVFwGl9}L@NC?MJ6jM_kzsq)_@pj#^h2L9ZH>B? zn-*B(+C>y`@LMc*5%H)}7rw=m2@u5rIVEGJW~uDXuUjj{!ySi|96W6mEZ#JJ>$Fc8 zvxAV_ikUqPKRZB0?DzCnf5cD_!_SR+BH2CcJ85=o!Z(tBp|T1+>0YVIO!aHcHG%yV z+hk-5uZlvj2yko(zafP*viLzxjzij>!pA zMwUZbFIW1+%`dC(I!RHX7Gqnj&w8Vuc$(n+sEv$x-`j#Ovsd=8yw?YAnj2N?IIswO zA#L#l&1%(G8JCk_0H*Qdp~g{<-anFgFo~~C27ufN=r~N?ZHl*x!e0XqSY$-o<0J1S zs%Skf!+L3{pJyb$P^T;vn<}FKwL9uX@-w^fcpgGpE;WGz{lmEdt5Jv6-<#B;?KcN# z$vR&88WHd?=tSUrSvhx{6k`j# zv_wbM=EeNL1MY7x$F$&A7%vnoOB6rbPM`i3YGAdwFooUNkT3Zt{p}Rf8-6|#uCwPB zEG6*R3Lt#~iUA{=9*^FuGi*Hu+tEYj#IxAhK5F3NIqLo0_=Ff#FkXFz^H@YyNK*GY zoEM0;5-Nl*F*57{kj1(FIbw;>IrEdLN!>(0mJAS`xh$@`{7U z#I|+W;2YKIf$|!k(!>aYvh>fhSt!Tz4O_vONRs}y|C=I1KIvQ1{skxR4>ToBrxOV6xBsk9Cf@8<2r-I~0I|qywH-K1BVZSPP!aGJ`^^_Es&{S_7Gl z60fx?$Y*4mS{>RNXFH#-7*H&{Y>h{Sp6~Y}p5=M-`tAaKLf~O2G62QCu-;N9_5b-l ziiDLf^Nh-)kxywc(&@7!3x;N;kLGEQ?*sOvW!M04j?dpE{5S{k#g{|cPI9k>JiNf^ zSpe`rUS+r;{)d!hbs&Hn^tTfJCdW<)-;hrqe0esIob)9D2o(U##e5rNdk8eu0>Qd+ zn-Tn*{XXCP8~$xJ1%RH5q=!fg%|a|d=BsJvOl^&W8K^GUH@w&jgl>$EI(|1r?7}Q5 z+5z{$O5@vv=5XOSOZ48>!669$&@WLA`k8TP0npU7PdO*d2jY9{#WR9O%bdiObCuI% z(!z>_&{92Z_w&k+S47(5$7l$d_MYBFzktx-JgaeCZrAu|I&SBYlfyXXien+sb>!6O zqG)(a!b@J>bJ7huGQ$}Lsnnz%19^@DwLDo3N?N30ayUj%u zteCXu*ZIxRCknns=RMiNPvV@P1PZci-ghA9f^~k+C^hB^;Uuq1CNJlF#j}}>#uH5C z19US$|Dt!MWg!R?TIIke8%2RH{_5d3Np72}?i^-!+m<&YyEWS8x+1_C_xTXSQ3{h&CQth7lyHjZ%n%9^7QE>+OpDvDR{ zPGRL{S$?Ic5{>8*UODYd#)m^Q6aoAcn^ta9b5(|SyP#C!C{-U&L)l}_-X zc4t02lxLyhDoR>T#;@XdlNuG%?$-hB3=R&oO6D%`ubiGI=j{*1a#el*rsYa`&1RA& zbOR$LLv9N;B?3|=#0?>Km9N3@9KK=e-&F$D_61CK>L`A+zV>3)@srKV8diS0a4K9Y z<22X4WFEG-w(%)!sU}Ag8~*+>NWWOCA`x=bIqomY&boQ~zfirS3^RArqVw3~!Z?Q9 zolv4u(@p-|Fz07~Zr#<3C2z+9wATzrQcZZ##tZA($OO5u$(|=@*SD?OS?aO(Eeq^9#)3xxd^)K(;3GYJ)-fir;0B=V?O8f30J5Z2mnTSszWCJ+*svSZ(=Ab zl%-HPF0;Zy5K zQiYESw=jJ93G)dgwxp~2dy(ZXHz|PYe(SXG5^?4A{mApPB(|2)KdB#cBT{BQYnscBpd&MWbzAN(aE$hsP42;G zf)DP;d)?R=1$kl;+0c@zt8>!zxOZT0|KJVX`@PqdYnm0x_h1E4xj)(TNj|^OYF)(F z_Mfg6DHsxFGZtG+h%GUjJ3a;aEhp zN9(W|zbE1NA!%cu6&I_&SK-Gd9e0Nzx1y&__30zWUT0C*A&|9RWSoL|6FAmG zEBB(?{Vf@cFNiT!9#^hx!n1k1GwOmShN($x^5pOr#k-ef%|&sO!6*#e-OW#ag!Chi z1^ne9?%sXy9YB&3)ryxILC45mbZ_icij zVrM_qP&e0&w1mz(e1|facJNYU1_G+ld4rNCV0?PX^h(!dOlv*y)?7tyiU9ajfjsPU zolEcQNg=uy;7?TQ88rU^iU6dpWb*3`L=ypuTce!)+%}V{+?AL_q0Og zI}oLpP<{MkHEem!lz;DWj z-kj{o@UO7JE>U{SM29H4*lsJ|z1 zX04u?NlmE{erw}za03Wr_R=R*(F@d*7^VmR<_Pf(Y|F97d*z(}6MKKs>?*RQi=yp3 zX7@j2Uly0TYP<#lL?Hn})bu0}h(ZVnMD^>RyE9kph!y)}p1k(V-fO&_HZ$g$$iaR1 zD86ru;V8aesv5+M>YL@AywXCXsP*e*xt=B0Vq!F;Bc2Ggac_bmotqeI=@}?2PCaHt zJhhtfIqB^#8Y9IwLs@e$QuwsUC^8WLGg^KO=&R)oPjS-{-bsGQuH84!Zk^)Ka ze`M5^`GX+t*&o;ZO8kM7G@wreiQ_o=AMOOd<+>dHvveQjy~$9w^ZE1opE4o~zD-s( zw-*!dOU2RzG^79FH*m^5{Mrys7Sn8et6+eXjIMv#2ioJ#CAgOD*MNxSNcQg6-mOVR zndTTgRdnDHI{BqYnJ69O+5sL1gdkB-isGR=iYAtiY(9z6?Q}i736|r?@%|Nr4!b8r zgypN!U4iw>2^$8&K&{#Z&k8DODQtX>#IMxH{_N0#Hu|hJ51%yaKOVu|`H1-9{e74NtUj>!u;FfG<~Qa0 z6t%@!9Xp~@&09e1-(ip+Q!CF^-qP3U@wVmfE*;tYtW-^3x=L>W{h_609(7if917>! z>-0Y7`y#F$)1s?Y!F_Daq9_-@glI=He%>@gNDZ2qGF0%wIOWVtrF1+JBUUbga8zHf z(dU*X?{CJ-BVK7;GWQEJN~h|U#BT1X&x0uM9%NeXLPxqwa+}~cq8-z=g2NEl0OpFaoOBXuTw=z1DGl3Xp8=6MtLjwE#Z)D=X&`A$HmQ{MV$aq%uwzGuJO zi|}$A@MNHECS%oR(|o>JnU+`@e1NF;qam$+WgLuN-QC1O(uy*$r&(`KQ}v>5lEC1} z_2vgEHS)$6ubRlk2JU+IsYl{}DS;`<%j$Mh-+zXF+D~`Gd^mJZ<^`z|#FIBp=l=P+ zs?~?I^PtAtmOHmiMZ8a|@CdAB$IE1WvMwtxXhJ8eF*ccw@f&&g#0o@`Qe*Hi(owR7eXdr1>b1wXnDQX|bfopXG2G{R%jUb#GW!S@PG2JJ zTcaa5OFB`jN;MBW!e98ymTqHIk~*0CH5H?CIqT7548PcEB(m(l9J9oVPRtHiEBEBB zV>PlI5w!XgV*zJ7>oeBGiME!sJRYj?{bo)#y&q2}`ORc!PkvM9x3R-|+Qw20zs(&V zO{Hx6Rlgg>D^0M|3!@fRzn$OHoxhK*(rI>kY47D}Ck%?ft|RCA%?!T#8fqJ81F z^U#I@OBtMy9}PgJLbA9K>|&?+r#{$p&P0!DnKeD^xPr~Tm1XzWPlF4l{mCWz7T0%S z9~?eHG=-BSYucY}RZU=wKRe!l# zDRq)KTlM$nQ@z)WK+^*AbZV7L&)$}9^pY-EX`*@iRV5tO52b>J?Q1#N0)@2k%hZ^;2NHLzM58| z{HV{<=*6%xFMM=UeO%I;bQh}oE$Z|`AykjHlfbQJ)mbfhG&QmByThb)yzen=;vI?e zi^a^>6Vnr4dfw?b^WaASB0mg6zLimMjvpaD-B#zwt+ zsCmjYYwB|JNc+3`s=;=LMR@sFZ1hz+wL&FykF23)BK~>ThR(ga*twQrLuAHPVQr#6 zyts}ErtooZg?xYgurk5s-uYA{ht(yxM|n9vgHiY%LVk=z4lI1R*w4d*z;64Oo^aNp zT-&#?@1mrRZVRJT@1pTo@-aWtS)&pu!rYFU^4FLC1U4??AIyxB?rVxwfYk2Y zdDgGr!6GixiMt$+j=3Zx-#z6-F4ZZ;1}y{Btnw!65doTY{`P@8lW*2`_tQX?x|)%5 zRy-%B{%T<-m{vobVtet!jxrD539w*i`waVNhTh;A5B$o2~F{G|OFi zxznC-I~^@r5G8xP+voS|TP?x3sL}oQxPFd@NVQ#hDgeGQ=y#kfk?pb(=9_pU^B-C1 znHj!PE*i$n$Urdbxvt69^r{}2T3GxQW5+0*E6WM6?6RBGy-SoTZBREe(YTX+zX`tK zGNK!EXVthR$9!f%xHouKzS+)!4kua74(%!q4JiP?c0GUx+`gx;5kA;?=9#jPs_&J| z&)3y@Ka=P6_|e(Z`xQE8***!yaI;>R?|iP4ie;L9J%@N$49@jM*w!@&>%{WcdM%a% z#qRMs^-nP_Re9T|fUxGiQyg~Zy>1jK$$Vw)aF+m+Jhk=ITbbslnW|oTXL3oRI*99o ziD)rvug4wMHEl*MS+*5Ly|V&W+dO6W%Y9-01Mfyx zI&9zELt8$z<^pIitN53(>7G&PPb{ZFf6AZcEw4>4Z_En(UV-1OyaiFQ(OE9oWtzE{ zsA~1YoPKqHq)+~CENH%xZ_$8XZ2fewbMi`^rdUv@NL<2n^!dBwFK$7>J~%`CKDM+RPpZz?##8w$?BD5c6fBNntJ8=Fu)-fA>fBy^_UW zE*~@4gSgu@LRA|msD?jJkqJHFxd68_LBP$nFCIyZCzpAYdNuruU*de+8#!d(b*T6 z?upp>(~&d`!alt&=d8Pb1bHf4{iTWauIk;gYL{2#J(J|_n5^L>%`Pk$75EYzyBP|} z+{|`v4yzE|)8SzXvsmAm`IflG!<{b6u4#;eDpr;x`0M`FdSuySk$D}wxA&ZcKGEqh zk3;GC_%_sSSj6O})tnRcpOR&sYtEb=hU#3-fi;hcM#ghVQg`y9wZpTnTw}Q@V125> z3!(X9c5@_g$G*;EJtW*S_I*u2F*P^cz5P{irm~{rciHW^QI+?en~3zlU+k!xZHx`VLeU)J(0yg)BU5{=k%frA zUu(S4SCz!-TqNW7GvZp^9ux&nndSIho*GX`C3j?u@N*m5iZ$|)AhF0vdZM8AbZij! zqIa1Cpm|-hKC#R7QF@wZ`(*;cHTen7*T%d{M0buZ*kX&G9e5{eeIE_&Oyq9?&_o=7 zxRkuvp&JYzoe9rmarpp`ba?B@agM)|Shx(%+QynjeIhyE!e86)9GGt546A!=$eVMO z2bMcblL8*_a{K5#o3G=kmA*TF=W`gLKZ5i6s+ROkO!4JyQ3aD5POZYZs00He0*YTbfU;Cuq$l(J>>N z%Cl>*zLQ@XmUzbleAvq=(vTsniOWz~drC( zGkm@J7PANW{=KJ9AKTv_-^ZPqrsry&mwn=aeP(yfZNdwT(F$U39@R;-+ORqJeDjXD zK=+7b3CL_smb<&B+D?_f=D^d1R0s@J&;D21Kl3v8LPNst*m2gHlD59nghCInEj6zmvh_5i^tcKlYXvulc6&a|1q z{y79896^^4`=`Dx&`8`SDss5oYtZ{2C(9=+3j0rtO6 zSg4Wd(x~ZjxTZisGWVLO9ia~$!}AyV`t;K*no=pC?{Drb$;UmtkGV^DP1ZrQ=0@bM zIC0L2$9Z@>8-VSVuNbaM{P^LUN25Kv?4)$kgW;o|UEE|bz5O*jIJTI-Dkrk?(0}sO zTNZVzpihbUnDb{~?h0CM%3*(`o|O(fx+BfQ3NVE;$m!`cq{d3*i+9MDaaoHO_NBkV zmmV;~;)OnAIEi35lVnO`SaA0yQ%rwLnf6m$)+hN`M-6cOWK}RA^6&C?$Mxt?$#9Gk z!Emm@a`l>>duew5)>^~&O>Po|9@0upisx>JE`hg-K3RA~z3w_bf0 z+#ZuzE3Fn#C0t@I>G|#AhKqr)B8vEJ9@{_^`9&q$gMK-WDS`;Pb=lby_GZfR1V~aJ`=ZfCBU56o#fL7HtHwL^IA$Vrnt-2 z?2=8{^)w7Z*Y!zlvdds%uHuBJ&-FsR@l#R1ceeLVI>t^LmAS`&piQ^(j+| zE9LK_CJ;)Sn9FbkGI9 z>jDnd>;cKUs=iXcjc{qmBOO+5ufFPP_hxkbO}f^R`AF{h?TKZg;78>=u(;Gdrls8r zPOWjFG~7=>XC}GJ7Ryc-HrRKretI*puX7`L%?~etB^?Pb@k_J35_~uKtQd66wJ|bZ zkF-LN@fJX>RMum8=kJppP$`Y z>;Am^Ug%(dv6;`>dC_Cf>?hIi3q18-68S2=<6(T8QD9;0biPV+!qbxeQbp<`1a8=0 zo&G(XipQCzp2zr=nNx-<+^k^cDVlG2`7-QpRv1rJdpe#_QLp>H%f;2bNP1KS_>$3O zeG9Y%cN^WD#Nh2cwChP&05Qn)@7Gv86BBsB!arHW8xrXsi9-n7n13m2?WC0tBTi-E zr3C!ja5+<_cJrH5d{Vfla?@JkfgPj+b8&7$_`$`4cd3LX-@PtP5tZcN^uB}(^vCSl zroTAXWTMvmGys=be1Y#RORu?H^+-AUQBQz)d3NNpF|}54)?;-z-#ct!E}!Ck#Xt}Z z?3{~F7yE`kbSube1u!e#Z)LuGa^x%P3&o=YZeOoXG431}D|e^xevPZ)^;HeZ^VZ>2 zvKByp!}2`yc$tLt^3{@uQtvshD6X0&@U2N;I?#hxX^=fT9wtLG<*t35a)~Xxcl$hj z-xJ%_*>%do_~4m6Yp2xpK_!dr-GSuf!#!ohGggNo->m+((vDRbPuSJanl*V|!o?bH z$17kh7`HfQ_j!L7*wxEwUFB9A@U7l5y$3)`@_r=vDiQJb**)#dw{cC?&(+kJrnt@I zb5(ac*L+`^MPfUcAJ?zk93x+NDCfD7!6x)t{5YmciFs!F765My4_vZnGY`SV_o&pS-cGq2% z7vseB&4G>FB6@stx;%u~NyN{vnUW_T*_9%A8D=+ctexzKYCL*x=KPxJZ{i6bg&tJG zJ@E29a>Up5WY-<{fm!=*$l~`ZS%=T#wJ9 zoSY(A7joy()iu<)-F#4E*PU!ZVI-61nMp2A_(d+F=c@(0ro8b))v|bae&QaDy@Rwi z28O#llnkHC^_)A-755i%z}}fLN_5LxcP(KrYhf!XUeK=AbmaX>AM?=s@=U+T_3ie# z5H9`NyY9OfK5|^#rRt!w)hm3s>_<-rN)d2g_}HiKa~F@7Kvh5SWa4%5?p9^4o|miI z%s${jvgy8a?3BoH)YpJCU3sE3cBC6>S^u$e?;%Jmn;fNUcns86H)zYJ@y{QLRUh{$ z93o6KOM}_t&N)f_i^NV%aV&D#QslQUzwz;VI~;a5PORz};7;Yk>V)M6IXkPU|$RQdmYO1e0JY4naFa)+zjfVi2!RF=in@# z2}~LZvAL-)mwNKfIpqD39JKN*m#ctXbYJFfyRR4L)$iDjptptEx2Nl2M^q z=YFh8zVAL%Lc?>neiC~_dR*r8@_sn`#&NHYu=|!p@c6{4S_V&hZ^1V$IfS(=^ZR{2 z-uiHsx++y=?6w!l#FF+{+F^4wwhMjX@9k*y>``c&o8p(b=C87G_IB2{a^&S zzFv6#UP*Dhex32k$73sX zuLtbV?wp*OsaK#@A7cJ0`ReO1pMG0o@Dm!`>Q;{|&WHG&5BQJ|^?0+{P}ll4lxMS2 zGkrDeB#xpJu|*9`dPmJ$!jT4dPsPf(9Y1-B2g~dT}4- zb1sJTl$j1jy;&p8kLuxEiDP}fe^=6L3a8xXy{lW5NuK2HXpE~KP`mT2J=i*#ESx-B z6%Ih*LfV(y5cT+8<+vLKxciEpnxpx1{Ys9SYD>1k58QQsE(rFjtP4YNdA-DTL(o`e zCd7Priv0S@$aCoi zVcg(H`DUj(jZUuB7;sjv)A#7;UZSU)+#8dS0eQ_NmA5fTb6czmk`>57Na#p@&fwI}b4sJv(Uwa4G|IV0Q;+n(vwE(<@Vp4JkZ99OE%v8PBSwTF^<#+N%e zlg*jU-Y#o7Uh?5rNzxBBV7Z5gcQ4E;jt-p_tZe8HsV1IrurkS#0$+-GALBu$!ZYMD zHQlG=so);1y7qWo9RdC*af=LAg?(X!HMYztBLUGTyzl$2pS@J$vG`)O-{jd5dFlUx($&vHkMA-EY8GxQvfy z(by{|06X%J6y`xqlx9tQt&COowbU-W@ivuRh^ zYg|80b=gFeZiK0MjPEZ>X~g0(=10iuyCo=rRMc;Ko_JyM*-!I6w}GQo0g-Zy!7wL0 z$*CA%ZzUza-aEX%can$S4>J_>Y{dbwn4g(&sgXGgWM#j+hS?8F2AnfwW`+|^I1-HU0?=I5KS_mGGhYR=6( zmAU<@mODCK598Tm<DYm(^gYtkteV&2%ZD6u~@~a38*{wZ?RL!go!?zFgib2)_T5PSgQQwt(j(WwVa-U{FR+4 zCbA?1{IpwI>auW^8@WzvG>$CDzH03l2X;>L&**@4%)r zfE1KHTjZ_0K3qx}6vNrB%z%x4#lhpb9Mb){Yrszads>7q+-& zJj93It&b;p8N1P2#aAixC+dt-JP5)7cP!Iuq)y)J)t>Nol@pxelxZXPRW?f3+h?BH z_wh>v6kA6p;ih0OsXd#9R)A<_xKKLfbD9eKh)Sxuw;cGtbhgp4V zyHQ!Vb1X8HdbF*4x+j;9NOvT5xYw^T{M?v}6jAAe7&+ZJemwDXKls}1K3}UfApuFh zU-#aQa$O!@mL0WpJ4ymSWg@A=m>7P9FQ?>ghX--FJi-!Clmi{!?NzMrUJ+a`D(wK2 zzV9yDGFG0lYh|%b2~rYYt#v-x$47Rmmx|8UJK++0GZ_2J!?lkvzm6X%|8;Rnfx64r z^(5Uw>2ew(f?mgHpv>!gA01e1kEwh8a`=)d+i6b_U?25~e4KOP+rYd(f7dRfu6eOl z^gfd(__SIli~^j#ex*!v^v1~9>HRcT4zJXcD6`}wyU$}RH#K><%FO;a)3gEb+F{|0 zm!+;d$9!x1y}#C~A?|{cG=IhL^0YBO9m7vQIv3oSZ_dn&52`-ZN)ti+bGpM5#n%I1 z`_7B23R96Stm#C(VPHMoQukj9Ga7ckaPL>Y@4NR=(@ZKhLamKU+wd%ssz_i z7fgz>w_f>UGOo#0;{>IYrj%8}vdDnFt$~j1$fDxM2H@EET5ybzc7jO46e6^NqI~7wev^&l!L6sivy4M1U;G^6 zdXx{6)&L(e7_f~Q4spDi`WkKarnIBAd;J$Ac+d1y7?;5Xu7Kh>e zJaL3o800N?)fcb{z)C-N<3?Oh!tAXFGW8yObOD&R>*&~TsasCJfIkA@@~Q8xipGUx z8=#St0kXq%#bg*a`5aZ zIUjPXD6L9)-gtA~;U`bv>^&Y?K0kU>SlU%{*}wU>#D9r_{SpoRdEN5JyxgDZGi~Z3 zV>5ZQ5+R=NRm2aLR>Zl>83$ZyKbK)r`6Ylft*>UHbM`tx{1i2NKMA~8 zzYNL?o99sa0U)wr$GDek(kVMb9y#W=|FW4$rvA6$m5Inne!k;4IeOQ_xu=aT8)+e9 zIt^b1N&K|pnVdWOUi&BhORvo9aJ5(_d+Z)ZVzi#;;gSMOKd3_5IA{HB+{nQkoZIJ0 zxY58GE}7L`p7|AayQJ84HnHnN%dhj{u^Std zj|I6t)Nt;!{Bh_3>B=w9r=3T%W$C?KL|(d_^t(u(df=bSxzrY}(n>-r^y8|Y%Xt5m zZGhGR@%}P9e2gRJI@L$+dwQP6p}bAHaovnByc@@UN| zYUikVHKCMP@rZJ~D7?;y1RFD7ti)BV?Or*j!Fu>+pYy=jr<>TYwsU4mu`DBfs;nnKKbx(1;eCL99x<90Aec)a!3Ldrv7-cKhn9J;UvH<}GC}2skx!YV~g$J$q-2 zKFmWG*8b`=NjkX;HezSzwnmNyJEqRcmCwmj9mt=wApvfhm_n?K#Auty#$5^^#S}1y z2Y!18glM-NEzRNb)Eg||55-!?(|(-{CYHG%=Jvy`?`}VRjBIwug0j4nIJqwl7&B&9 z)m-=S(d@0EE4zif=;U{3?^sxAAA)~12D5Nif6cJVI++;zJTLGR3an||&}vv3Rvc*Aw*FUFx7D~x!>tEm;SG|zOm=+h<031PZ~ zm+nH`wP0D&XPXa0Vsi<}zrxFSxzS}K2J_qs%TL?v~%`_|IR8B~P>T;o5=F=tQHujnJth@kP>-N+w zS{-Z@ocAf2k8#1L&gqq;{b_6|i~J_@)GTfgIJ{X!Kt%CyWWK}ImWA`_HsPP}rVi^v zpRf8e!b3;u){p7s<<937axlMGrTL7iwzU9T>zn?~7&bH#ZNzibdL5^R; z8;%Wqp(eI8qaw)Pyu}|$QNP=|f6_FG4wX!$?jdG{_a|Wmo^a;Aa-qSsyx*^^4akdq z4bSt#{mR!~I34wK;`i&eQzHJRZ@?xlR!Q}Bfwm07GO^->f#DEs#n0`3XW4wRKfMeo= zw->(4(!A)epRJn35^8RmjASIuaqh0?8t=Y97O72rzwhWlMP~INwC4k$edlcK*W!$& z*6ZZP^Mf#ouc~zMJ8CWyeb=%petJ{*)Q|G1vX57$O7y5;u|*FOtWkXiV*x(^Fz|Ex*~f;d2vuxu#?OZL3#u?a!^Pn&c^46 zvK}S6#_sXKWp&k@539BvKZMrwxdm%XfUtd08;{THoGJa5xTIv}-KE@*w=*1L>6kRI z&~c&deUSy$$8Cc(R3m_~e3|1u=?#SNaQ9&dT2uw;F|GE}wy*S#QEA4LoW<_*0E@nF zasZ^Ip{$Q@$qxN4?+2Xuo*yJb$%QH3r*ti!R)15m#|~J??wB9#9r_aZe|!@Hi*Ve8SQD+CsP*3luBB?+>_TZpq!@wAeBDp zvRIgvPwKKxSf#!@tCuEe%^i3aeh=s7Tr$;7GY2yop4V{h?a~DIO6f#)xRkmq09!Pt zDC-jK^0KS_be9L=ED39-HGSgI{E7T^Kck5$r-;ey0+aHTxV>FUg7nt8UP3T!2j~M@m$SI5?Z*fT74W@>)AE7Im7z_S(%=> zo+=02uNL%5$4`|`fag-z@Pc2#b=xbx<_eytKALNoy|Taj?X=Q-`V6W}+E+LAu%;_s zf;FrsPk~>~@Ynk>U{13MWNt}%k&#WEsqlJDpDGhxer9|A?@JX|LfWnf#*0AX6atPn;n!SwjcLNKxTu`jbj20!f?1ifvnq@!(X{RPV7v~l z#}l|d+p+?#$ME^9xzMz^Dg}7n3^ap;&o|flYs*at=182Xl(K#EFJl}E>=!A zi8dDzw`Coy$)t5zp{<2pP1!6gxd3yHaa)-dcuz0~V7dNemSD%%1gzNsYgQP`1#*U8 z4YJmoWiMdOt5bk=&T!4}`K`eX;Mf9(;lc-u2c6OW-a9M9VR z0W`ZnUdRLTDrw4GV<-=J@5#hXAa5}D)dbH5>y+rpmZ7{IaPM@s79bA~%uPn}!Yvoh zEd|#Vu(pD*z}jrj`C1j6n-11O1C{~TR=}?}0c#P#bp^~Ft&OruF!u^Pzp9~Z7qqrD z{(?Ec=Y##BDO(PJ>`fq>n6eb}FV`I$>?dWy`Bf>HpO1s_IB@$wc3?#^*b8uf3)~<4 zjeyrpd;(X%{E$95B=TJA0qnf90DU2B35>5&u($P$^yx=FmK=lii6qpgf62!IUYEvA z*$V%ZAMt-G`+w~#*f*#Pv+0|EwFNLAuzt^k9v+8t1G>0C`vAH}K)nEKUreaW74UX4 z*c*I;U+n_M!>^Np`UTIz0Lgjv1oj5$72HFhR}9okAlt>NoWh1S18qx0eDh>d-b^vkc@7 znB32tfG!usU+jMd`t^nT`&U~4D>er|kYuqs9>a9srQ0qa?TuUVmQ zc2;Olzx@q-&Lr(a4CV}dQcQyTP{`-N&jBO@{1l8UU|)fcM}Gsh25cAo4aSNJ+-Hs9 zeOAk#!1H0O@E35MhQ1TXLf(8=y1?IP@pZ3jK5pd@|5$WE&;}WCe5`ex?SW@qum@APuzsIP9y)k7GTXH{2bh; z8SXjI1*lIed=}74p!YS9p#yvhO#&MLb8&Fwe-{`V;aXC#R|<;vFkXY$2>k#9?*HeS z{}M0%^*0&XsXti+*mLNMR*?(=-btQK55MwB2f76IbG?)RffX+vVHV)KAp)ZbI%B9m z7>2(8L323%2af;zzhD3R5BK`)zisiK=WE~pS13#t=vz1eloc!~*^KbZ$lw=Tft_w{ zPisun=9>Vl8Uz>hjPwHg3o|x zx%vf+0=5SPovB65$cVjSOFXh<^Zmt{{lHc4h5{#_JHTwuFViVgLR-a{(dj; zT!3~I^jvfK$2`ECb;gw8`a$ITZ4F>AR~RiJ%7lLdytaoZ!CA%M0r>owN4)kAryT=fdLVu%lh+JpKb0&bVfj<$RNozG3 z;^N|O20BHbJ25g@J(GThgVsjwk zfd~ck5=CwhO#!L{*CBg=NDH!8zz~2C#yfJhv} zwJs>)0@Mqvi8%q(Z9xPM?8`#yh7r&KXtIXv6x|!#2iR8(7&Ne5$S9%z@=SoZ;k^MG z@_Y)QQOJtGJY&G(YG8{{?tl@?HF&NGkx>EeMO$zkD?n<{Mr8P0A3O)F3D^)sqTs&Z zdhyTeaGub{0m1<`3g-po1?CC-hy9BAmXQKn)AJ_zi~c3=3}VnM7DW&$94 z19C@fs)QK|=>O6M*#rDCMGrowMtg_i6hLlZz682YrGUM67;s(j1bPbh zNrcZJ0i){yiUzXMf$kL)(o=}oWjOzMv0Nkv3i^5*vKqi{fIQ%yQ81oBmH@_rdn2C> z`$_|Z4bkla z{U?~$y6FR8h?PS^n}fau*})1tt_*O<0{1}#dtSo~)&yfG&}Aqmz&fCB0D2C_+lZZr zkP*Vz0rvsQ3i>XfhbElovh6!$(GbBydHT?{fGt74r9f5)uLE6!G6Cq<+k6$o1;7UY z7Kp9`n@DjqW=-LBux{Xg;5aB3n2C@fJB0Bc#!zUx0CTJ;-&`Qf0IKr$E_-sLf81&=oP;5hf6J>6Y&c-H67R!C@Dn~lIMiiq|A>^+bpjEV5eonyFv0NVmz2V`tQ`-1xgZ5`+etT1uci7|~bBn!;u>IAs&Km6{0=a-T1u27W)Vn5tM_kdgv_;@%! zsCPftP3S|>K0qvN!t6SU>}-KLo6wh`VboeeMb9_#-^}xwQMmPJQMg!h=I1TCX6MJKO!7~Vi=Gi@MUmLz(>arTg{tJ z>M(l-V;hXw+Zq6tfU)NHv2Y$H#{ zYXJBh;))*|gm`4*=kOZ9Y`_=($VuF=A(9iSy~21mZMrVPj40G^8pgN3-xu*g;E27I&*CG!#sYj&ImkC4Ot?Z_hQ8g0 zS!*C`o!GD*up?lbuu6dBfvQZv=3yog`Ctd;Q6`kdg;`pJ^->DqVGnUKVvF}C%pOCV zWwv~Pzi}>4XOPa7u)0)0U0(h<7G~O!ub}?mmOIY~M#d!v1w%nDwtjYQq&e31ici z2lyEa@ioF;fHQi)rU52JIYKlRVB!j5Z)L*~9*l|3zs5og4e^(|@hh-K5FcS~!H2$x zfNS2cPyw^_U>-h>?hUaphP#`C#P} z=o45w1@j~)gq?q42HJb5t5E*_&))v^x(Ia#_%I*x_ibL#4?(^Ns|j!{&|zRB)RxaM zakxhi_aj-LN;1^l^cR08Q0!XupRpje1HZJzJRg2`hTITV;b8s(=2gJ6`i&RD+=fFU z`NNpK#xMpln@=h>9JoTC^!Ks9ak8H|!5l5rDd`}1R5?ceT}K#ln=kO^E5LqRTp%pSJw1r);5EP>fgae~eExN9(-)X$ha7OjPr%Mi zs8fIH1k4kd8^%E~ttfue&wtJnaWxpj{NRLOu&C{cvAQl(&U3JBBs~<*-@^|HVDx)sV-m z(9Yq#VYM}7VEozmF7O#LjJqcJr#-Kb%fuTl1M>pwftCGVK8Au-K~qNf7w9D5PasD8 z=|=#TwqaEcVQ1*43n-srdoJ{C3i0E&fggm}`j_tl*a7U9Eh9V+o?jEFvb*gMut%5+ zfVpMpLxByh5SOGsb_e_wT+WF!vIpd?3PGFi#3_ z9Ee|(h5P{I>(Ey_#dZzm1@s>u0Qabd&-u9qd51{-@MmC`KJZ<|CL>hMcA(yFaceah z6x#vEgPl9D0uF7?f^ie&1t1QBc(Yi3*&UD##AyG#es~og}^U!gD32@C0nGr`=# zkIv597nU|+yI z6&M5Iy64TG!Mab~Z+sZ$-Jnl(eqEms$CUnYZ&($EJPzj9{>{80{!l20i>>9~$pq%b z9Ekn!e{&t;84BJX`Qgg{H+u$o3-D(!|NC#AkGe@JU@1Va{<&`83qahoA-~)5GQX`m z-msGla}xjD6XgFqln)QAh_3cgu!9KJ z2dJOg-16f$R#+iNx&?Dpu)_)Fa4UT^|DD{yy@9U5ItTG@udk@qK_Q-s@VZHFxZ0th ze>PEU1U_SR=zp`e^#|`joH+mY*Z;9LX3PD+e1P(A)>c3agRl?8B_8T%fcgI7C+BU# zS|S5;4gd2xk^g(0XhE@f^${Q5a#p|($&g3<;zW>x!(4~H#W|Q$ggS?6tq@N^>}JAi zB+Qv19EfU=G|VF}TOG!P`vq&UFkcDpOCj#R>M+hj{|)o#q>btnU@YPdFvq3*rED?ZhjW9UB@o9ek)MGbP(Qw)Ks5oFTLRA|QO&M`HP(8IN65Y$m`5WZ zcLDqa=r!_>sBQrB{iyQ^#>WbAxS#wEHPUivQ?1c!mSUI`A63%_rV!I2F7P)H8r3T=-1DL1FhT#0nM6 zgQX^SXUh7|ePK7FNuheH2Wz>2vq7FOAs+&D#P3e#8fDTK^}$n z73BxF9OaDac(BVB%ZUseh!eEN&e}3WYiT;z_D8#H7V3p3*~_1lHzE-5O=Hv zX`$Kx@*f1MLBNh+q-!w$47tqaBTRT-=ub*C7JL@s!kXUXzxfPn`R&@aukao?>^$A> z3pg+8Stx#TgCfFVKljC9{$i^MLCg&B_6q9<+k8=N5BhI-U)V_q>)j}STW^>K$R6b! zpsvBZmR!I+XHZuvtVPKMobTV_+*StwzO(}S{NtPcJ{Eo!@(bA6iN?a1&cK=i>f(j9 zU6k`e`VaI2?mJv7#90pHQNRcO!V3ij=K<@esP>2Q#_<-{-OYbO{eojHln(&08gZA@71+wjhpydjX#I%SVH~f%d+Q1%3(W#k^qx)X@*?6HrfS)Dr=H&ZS1MpBMpHM8S^ldEA9dMo8Vmj>8Dd2M<@1;-<3)WZG z`o}hO3i)goUMpa|5yrKDMDQJn#w~yX1G^`0aD1L(Z{yuiva!AVhQ-?*d z9Ol0^tOolsP;bCbEw!ML&)Mo}4C>q2d=JbS!d^uff42PfmZu@iO@_cn0ht5c+G@0r zOY0NLW5Et=59*-)Q0qzZ|4=!783#={F>xPG+-Ph1(Z@GHZ69KWMj`{^*-qS*{ z3g#7J$fIze4-4v)hj>wrfAmb>>YXyGM+0AsdW<$-3F|+QN3XE9@ONzg8}3Bi@FuKD zf!Mp{6JSn4*`5XSw130?Ke<+@(<`jS{C00}4aPY5T;N|8l+WJQgKv2`*pmYF3*~Mm z)E@-#B)ac*S_(Ul`92-?dTg0CwVU>w$F%$fdVDfC6j73$jU+|AM$1U_z9Of?QIBH4<{m z&7c~>gzk&#_zvXG0JHq+$A!I6u(u6ibXco~d(CWlAD=>d>;8uQ<-f~+%bzGPM&jFi zAqGgHeN*N?$HH6?>|=uci5nmBAjYbp9ifO6h)2C%L-p}sws1N&{Pg|L3SomfMs z8cevx`5(Lh^%p^0SVNxkJ1>B_HL#bk{s#F7#9**4>&z&|!qamyti9GhoC4O`;Ryj) zb4GbL3Sz_`3=eS}?8l)Iu7Wy_^2;&gn&j5krmXg_T7;L*HaZmqufhHxsFx1D=>&`^ z4&;IVVDoow0Q1VQXAssc=znkn*q;jfFFeG#f8z#!?}Pn~8$g>xJ>>BEKe@qgWB<+# z&{$~u5HtLP8>}(vNwgupUVi5WaIMAWtJd^)ZUEN`{RfQI%s;rniu4Drf!?k`yp^Jp zW?SuQ^8+Xk>!Fi4u(yQV{F(!?0_3+F&W8Om>rY(~)kYN9qqJ<;AH-7_qqdws{)45# z-!_a6`>tS)1Ld=kpL4eU{l8&Hh5F^79ALkP2V>NB$`ANi80&ua4RTUg z<1Y}W1HK&EC;o4^!MfG_V6O(`@xOBe=$jx`g?1PJ&JB=%LA?>EzW*CHSW)eHMz-Vr zgBw5}vZ7pmRWtwK23t)4#$3vBf9D1!I++D|{w8DCqi4cBVgB_05Szk&$$yT;5uSs2 zuhrki!oHssozU8HTL8OS)plPL7iGvTf8v!4{lI2df8z#!k7d7c1LT`vy&s43{RcPr z$JoDe12lF*oEBY!XBS{CF8#R%&nf`?EF;VdYf=>KFa3oVAm4-f5B44Qmci%3oXyWz zWGk>g3S3K3{~E-ozhs2YP;6Klas(Rn{rvLLkjDdjxZT%>SP%B({lw4$>NMnEa4hU+ zn=N!Q64}mAPTcu7+yIV+by{>{_;+rA>N!7rcm9nVz-y$9`dMS*pWFbQC4spIm@oUC z8>~P5>tG%!@eghQV4*6V#}u z2H_nY#zE9u590c!6YvBdKut0p?p#pYnuyGyx8TeTyj0!TuNt$$#DaCG`I=U*jWx1N#HP z-c9Hf>DG_eZ~PGI8tf-PIsq}rf=-G5&JPggf_O({HXQ#~egJh1o(&Sg{+Pe>gLTUj z!J4c7kK8}PO`ZtzxUe_m-|z!v!%i#0cYpE&h}*aRLTBrdfIVl@pW|U&6`tNEwt2zW zkGKT^dqrU067}+-S~SGh=o*b`0ju(JUs$(-+ybl@@dFrlVDDV|(|79s%0)ssuCT6w z&P;86r!@Na3i$!_%dr0s<|Tjiox*bpsF$|iFeQvL@KpCte>CFH^-pgvh+(krQdWL? ztI-)d=Fi+6>QjOF<>|NQq8PpWW$fRdi%!@=8wS4cr=Jq`CZqi6ma8NzglCsLJ`&55n4h6B;wRq={UF5g z>(9A5nBRbY_a}b`V=jzGF?_oKx!Hv{|KJ9AZUFdI^yUH7b8f*nT%tG&{taRt?CVv~ zDQ*VZ`A^<^LbVIn6DooIfLQgX7k-N$(6%5}(+d>&}!Jf22T(#+glZ4h@Xj{9uOFVDR>@cn{Nzjfs^^uPXz0q z$Oi$u4d1c={)?lU@|HJ&c#irxH#MPLHtH8eJu4LIFNC-P=`h6Ku(t;6JMx>bZy|;F z7WVzlTWuL~6LZT4pgBO9LYc$9ofP&I{^Ukru3ACog@CR>-6IkA+iH;8`Av8}Xw%af z=@xv$!=L^Q?laU0*jt&dsBX3V=AV#%Lp{7JRHJw@qkILxnVarGUJcLY6k8la{oSz6hV&NLy$Rq~#0UxmGd7Q*ZGcIJG;2RP#E9`qq8>J>!&A22_P z&S%5?Dez;kK8kW`KJ3p}xA%d;7y{=A`NYNamB4RwxZfQv*oV}oFea4zhjMY-jlxCY;-1ncYTR)2

Eyt?81ewjFG$R&MDx=tzwW7TPF zs=DQz;pM1xVURkY+$$Y49!eC*8Xf~#!w(>9c)w?uN(!fF&sYoFZ#XQa^WZuaN6-7v z1%}}-GMI@A^@)ySfJSNE_g~d80MRE{H7m#{IKw*w5m2pQVvh;eYhbW(N6a!PNp?PO z3xfo2TQ{Lh0L^JGn$V7i8#vI%K0I(Yh%rG9-?yh9LReO*M}*O?FP|JCM$C!#FeTJ_ zJ#NfwZ(gNOMDhhh5K(eIz{syxr6p#pD^$iX6k%o%HR+}*RahL}_J}e_BY*P#ir2}) zgeDKDZI28Wc270GwzN>Tp7LAOw6CNhvggLK< zogu0_Prh`k54xJCrJHcRpbfkwau8f(^K(Kub3Pzx;5xqc5@&9P`UQ$j4(r6Ppg72I zEqu>a7HSAt^uxt3Ql>>q9os$i3qKU1(kRC`H7U$l`07=7MC(93iQDqV&%jIcy zjuIwk4h2OS;U%i7RrsV#wz{YdmtAAp@{)jgj7cp9?&$WXdGFRFCMm`51JZ?XYS2E} z=N#DMJ9l8Qc@fN(3i$|PKA zB`SFc2aESfPD+|^V=w|!cZC*VA^_TA&&d{fc!>}63rUMpNk-Zc9M=LF;re7d-`aYj@Btoyw} zbOE4ShgAF-XVYi+rHCP~X2k;q59f_Kgc^Iu1o<;|u8@H&MkUIk(3=3P`aSD+OA$KS zp2MRwt-VDJY(dT~B@{3wolq?AH1frDFtq7>6dY&(_!I+bh7CZ?kW;A}1d#s!(+s_x zv|@1>lZ$4!vkQpSK*wRCZ%$c+P&`l{L0Q7VOwxJ*ar{9ApLK?$bVx>{sbHFItNQU_ zT4XVp}{({+GIoOw)#D9SgzK90<`6Ohxb#YWlgA+^<3y+w%?O zYkj4tJM{r(;grLF$S*uIhKV+FFh#C@2nQRn`%HjJ>>1e1k#$_*vJ)M<5G6n7W?|Wj-^LncLcyi(VL6Ihlq6@+l3{SN%W2s_Cv*S1H*oNWa|#zurmpSlvvBOy zL0Zdd#Z}fL*B;!D56Jbl#&^Wac9T3n{+`yIWCo}OZ(nuQq z$1?QzuVn~qG852)pgHp7Fy`+@<=gI2s+tn(L#T+xZ7N{hf<6&AN5N@*R6@I!1e zg9_Lnk!AAem>v`9r>(EW@94Z!95$h4YsJwUV~l{JbyGRlt&{xSZbfL5iz|3e{h(jm zQK+01Hr0!&np+yDz7S#d%%+>F)Xsegb}Uh{3^iK>5ij&lNrUB zUGawop66?Q82&>U;^5U`ag~$#MQc?-8on%-qaIS?EE^uq#V6-!mcmKBa9eN?zQc?@ zWFT()Q@4HIEk!{AMlr9~SSWFiLDg*~5kf-Pk(FZ31yPapfJxbu>~bU1W4r0B&N_~x3E)ihghd1v1G_>>g6E)w(HE)ygpbQ>E28X6|J>TVj2hAgEF{A6 zyiV-1l_6?Npxe8flix?62g$81n9+(<&HxN~f!#yF+J@_H3A7dW2Or6{4#rZS8QhS# zDFqfvgWmP#Vy^^#wkOVTMal@8cu8!q2=`Edk+x`UgfT0Yw0ON###mP-i}G?I<5IX! zc|P_S>5owGEQ3JR>~eXQL;>oHk`7A(2VkqrOxE2G8?AJ?@|E~8$$3ir&3=K}+`PlA zzaikKl&UKrirk5U(j!gIS@(&3&)|?g#h>>W-8)Yg>Rl)zzaDWasJ+mo_qZBM zaHawwODwhN|6>@|{>Ly(5SZ`OY_jF%S3QC)4DLu1w)uA4J%RrC3)+Bwn?bKcfp_+T za#f3}-FmK?cZ-v)PC}p;vlK7G2gM9w97i@ug`}2v>FjOorU?^Nb@7=m%qn#52q!%P z&2J6z$r`!3s>Du?PxvuRQcu*D9=0$xI394V$dT9ecnfdT{BuR>pq3=!KX&2sf9yi& z|FsLJYfwg)=v|F<&$OXrq_F&d4iG0qaMqDvN10$COfAZN_`sH%`f?THnr;)SA#xhh z1BoN5A$J0h;gDJ~k^I))W1-GL#$&jV83#$jCDh#l;QV&1!6z7baC@IiqLNKR86JXO z=1_rSbc%gw`aD_6@7$#ctVZw{48r&L#cD&tIqg#xg&yZv za-#5^n>i11@pOZASjFF7@T!tno<*K;e*_e#6lcBQF#QQZo?sDcr~tEn0*|3kIP#^0 z8-HqT?6A3I6mpqN4olRA2HGB`cIkY5B0Yv?4>NgHa!nQI@TQA^dg0xTV7e(9O2xJm zwrsK84CRL>j)D=?ysXNP>#$q>Y6td$hs0>77N_zwQB?WI3HsR1fJAPbRpz~jF0>R! zFe3>|L8X!D0gak9jay$%>vTgLGUfxA;aFb(#GvzO_PkFSm$rI4-Si;e&j)sE zDD-8!!#8 zZ_=T1yX&X=YQs#2Mj-VP5(T#Oc)^0Ea9Ybo)cKYj)Lf*;6WikrTC%6$br8kWrJ2#j zM))o6VZxwP9)4tzd+{+6M_l7VYa*p0x&NV+&L+se-^s}^?K?DBd?&^hOR6IA%N7{n zola$?pWupqCSgb=%upo$WX0K_uzRtq2hx{Ku*vo)vEiP7e@tdB@FNK+d0zhy5^opTF+@&qRSY*>TSGH-4BO*4v^h@n#X^s_IS%V$J7d*;rh zsYqlFL<~;FJh=&&*LilfNgfZ7^r7Yy{U{CYchRR^b1MR}h5Ow>Yl^b3&Eg`cve^sV z>OWnAQaA8t7*2k`Mi=vE>+o#d;!5b%d>s-e#2rLXdE3R`ig-X?}9;U(OIIdlM#0UNXYg~w+sk4 zEFyB5^h?0T8bTlGT58FkT3Dx~!2!3B6j~qrO823b=9pQG;-$S4yX{kH5B0+lJ-?Nv zshLLcJKxpIdtNH=4oTXDb&bw~%NCL_$Ses$he1gbX50_>YR%=jOeEzrAz!WkWkgtNia8FiL@N$1LnJ_@kca zEYF2z{|}BZQ@r;7s)ca-iwB~*Hp924>2?n1OJkX@{sa= z(L$4{rt`FeMW%hC2(#k4zqko>p`mH_HFh3gMVT!b|LYdAFGzNhloE`}iPHrcV{qYG ztuhm_TM?%api>m33e`u&JSnFZYy=*p1~4g=t`|h(gRFkmi%s~;_I0`=S@}f<1zgf`HTtS#g3^1S0NR-|5FQb@jfO$?23_o&O5;8!`!E& zzI0hZPa^xsf%+m@;FRawJ1=7XUQ@(xfcP+_lrr9@$&S?m6I<9k49AA1ByA?1X;0^7 zm6d?*`5D)ik#L6P9gWZvCk5`of>l<;E_h4q3$7Zk!1k&HpFgT106xHgC~h+l8|x>= zf0vTWoTkjte=4Z~>>Bg2uIY=s5a=OZ!WpmN4_#FBAGL7fCByDuj5dH2fWHx0y3Gsw zD(>Dp&__&|lyD-2eaN%YcM6ks=+a8?t&Lqn(_BrfjFYsV4O7RiIS7CV>4auy=GvY{(Y{jp%BrI)M_=u ziH`_7s$Y}<;sVrGB5@C55IJ&KqTgb1#@zz(Ve$yoj`DF{Ks#zKqXIh~PLm<|dpWos zASlc;8d7=86BegQogA8lkP&t4;+^Uf7YTvO13flh>7Q}EWWG-Am`}XoaXk%+L{;*b zfDIpv8+sjC!9x}7gK=gOcSFG4d4FRpvo(AMmC~ya%){OP$1IfoU$d|>kBS4!vvg{T z0I^O(eSHDdpxYd;f<43Vx*y1tm7tsqdQ)_td2f35>ck0zRA)P$N^w3<27@pNa_+^G z?C<5X{8Gjtvjl*YR*uTA>@VEl8;XbXLo*@PIalSM93TiweiD0KSuk8#YY~1Ky%3b? zk9kv@2r=pxBgC$f>*mZLX!_nC5UnTfDDxpB5s#~=j&=uuTB+SwrG)Kqpg>}?AB0*8 z1%oyiq0|G-LTYBRE_)9lbcqi{DJgVDb|^U-KBl;HqR$l>2svrPuD3q_A)r~9WXcZ* zGz*LHv|0YgEL?{f;Z(f?KknNV+vqj@O4w|KHr&GPXO&eu8SV}LuUQyteirH+*f`pY zVp{!rBZeqS`?Z&wGX6<5pfV(D5M|Ww{9BZxM zw9LS&wFEHM;3AyQp_aR*YR zJ4*S*6$T*LXCAd2<-W3K)HHGPmGYKSm)-+AN5z6LuO zUH$EJkorj&h1!pKK$@!*idhpaA-jl3fhP2{cXO~!GLw^^G6*Vl~T5kzl{OeMZvGbqz-*lT@@{6c=?S zs8t(_4Gwv%u77+OWUaWGkNE55z^lfpfrad|-7lu|$>(KcMH|;L1sGloZmt)9;86^x zLY|X}fKo8z0jO)EwtCOb4>FcLuazA){-&_HmTZ zrFk7H@usnj%-4$6*>V}qB|UdCUeMile34TmV*qBiXf?dBaath*M|OtwqanQANQud- zZ9q$V_d`Q2>u+U#7a96q%BD6^9r~Y1^}gf2wN@(G6(6w>aPcZYwy>xp=FBPD&<6n& zvU9CWf1nX9xkCFN1e{ZYg-f0)JPF(@{h8BvXbjG{VtkeyrW^8kCZhdgKXo4WP%~__ z%{V8eHhf6^TIVPc!wr>%12Z+N1Lr zQYt@D913*Zol5=-dsdjPTx>1Q>31~6ep_XV?y;m5fxR-*ha8CNeQ6SRtQDBh7JFRY zX1!YO9ryf$kap_c_6!Z0Xo*m%x;?hro$=>{UzZtHw`j}tOGL6Kv1q|d--~)W6DDcRUPV7kzlTUV$L5^()$oFG21S9^FVcd?Domu?Bi7i ztzZqV&I!yJ_Vi@hTM02bos^%AQ@e7*LE5@(R=e*wr#Yq2%#E78^=J0cnLIpl6Og`{ z--gP;5CsCIJgHIl(Sef3vL%Xx={wbJL%vVPsVEer?Oc59xffU5?JdNdM6~zKiZr9L zopCU%gg~_r+=VhLuQ+ze6su`};>F-yL|;HL;#I|c620+1Y$1148IUcUX$|_J^zOe1 zN2yY&=r^&=9(%mtCW*JydaQUnS{kXgZnh*dgi?Rjxlo+<;%o&tP*SDE$mS|DfJWds;_t`Y^ei0^3)`2mRt`xZ&7BF=pfbTRP z&B2Fz<&f{_twLii>q>{#$R{CQ&B=~4umg420>ek)fKyyCC9aI*bjrKbm-jkA7y(xB4YUBg!rZF%?fM=53dFb_zOToL0`Bi8rHRd1 z;N5(`S9(6f=%1`rd_S6Sl&o)j@5@_gGFW$b*(u0B;?6nZzTcjEzFuz~>7K)OVqj}@ zvlB8}L`N)=BI*82GM0_#T~F8%WGT3n&Ft{jpCxyQOraBebeK|~^k7TPJRR}cyoyhe zj|)c+yEL(W94lRj#Qa$|A3a*9D%YHOWhhyC-ucY?{@T*>{lS^IZ;^s210Hu>?-&(f0r`Q>wgBknY7}Zm%wP zs-^aJx7nhB?1{k6ffLy2@T zXoy=v!l~4hCRA5nzbaQx4(t1;yVP)+vy-p#0}&tfRa+(N%FS|8xe1Tc!|m-5SBI8m zr&Q;!u4b|w4+jiy>j&R)g?QW8yQ$FJrYJWKwVe9N)49lHuV=dI4y%)R^X}N;279-a zYK95K9LH1G9xobh`VGWL?f28?WegP4Sj&@2bGO>-?&%E56}*rkE9~V0vAnm>#ayDC zp1a*Tu~%PKM<~0>+7?j`YKxqy(;h$=a=}fyGY7SwM+cxyPav>AUbKapDp6~_jZPrA zLcT3k^@Uz#jLdPJ(R#lZO<*YO_VR7KSf|q+ETW^=YIv3|bP+5Y|Wm2j|yss46?dfyx}Pe^}d179Mbc(Fl#?pyoPGUd|kgs_SE z=G)8JO1JnmTW9|au`4n-U<29<9UHNs`uRRQR8@2i^c*3EQW0XcCDxGfiCSXE34|Ou zXt+2eZCPTV!H=Mp@^Gu0!Y#AHtm&v8b^4nzm3D)IZR!3_NWP@%87E_tk~y~dR(DgA z{b$zk{vO!r`8?1g7tQl|FC*-J?~tv1S^-X50t8+eZN9Hj5>GvL-#5@f{G>w%J>N%h z2!kVf_sHafZf*VD&WGtS>WayLIbIax?&`m7RMP-B6|xocw#3sdq+N^0Y9=fq`n7|d zudfjSzxU^F_m7tAub{G>tl8@o4Qtg5DL8-!6p!CCIi|1XPbgIsQ?6KxW?K$BG6yT( zUs_vDUQ!rpufG(l*3Z!c(igvCtde`WHOlURzd-)!4H@x;72eU7=9XwK9LLG*L6~QP zwWp2Fu=^`GtD(hrMk+R*_iAAcbrbkHUH3~yVg=1ZEP+n@J=s5{)G?Ygu+Y?k)>~<{ zxfnoL7rvc;`fTz>J`-m8;St&e#Pr!BL{%F%Urn75L`I!9T{wHDcoBi?*?fL}RPn&%5zi;BYtgm=4$V8oSq~M-W0*sh+t36}u z2FfKib3{xibAUA}DP+Ki_As#KDV(EDef|xoS-(X5qWEqRH_18vvDN6u+W!)CK*Cc? zMKVDLvyG%?_b-*Nt3>eg>nyfBI6>@1_3ml~Dq=-$z2uyXJe7LZXgzrGqld5N}`WwUKG%5fpZI^?| zag1KjQ^rz{w;I(>x}S^mQh*e8JVUiYEcQXQ9phPw(hHqzAm!p`1-}_S)~vE23b4&y zg<9M;kCt6***Q7F-O25M5$7%nsA*Q-28!WA8vR^BJLn)OoKn~HD;`RvztpWwkZk=; zHC_2+jq9GUE$m+EXGCC{&oY}Y#I(rm8m+m^p2_qW->MSln5E%6E#lfCOAQchuQeFo zFW=$?NLwD#Y_Aw>g*(4MbN+0So_1c8jKPiy(OMlhTzQMNo z7+H7II*#R1VTT9bsj_NWzUEEjp9Vuq%W}o^+wwwdhLOE_A4aNk$zZoB*4;NX(OjV2 zxFAJKT)|>sz<)b1S61yM<-JBhw`cKf5r_D1t(Q)p`o+}ce&igd$$NuB24Y$^J?e1n z9jecH-~;(+uub#;E1Z4v*xKm+=p$RYGp`4_CvNok(CvBL_>68r=!KaJf6jB7<%nn{ zQkvz>1Y+$O3qI%&aY;<*n<*ygH5R+!h|DG=UY`fEa8+lHy~%AGvZNf&?^_^eK)1`d z8e=e?@X<5f|0z9*yq9-LeH=v;IDshp*!tlsD8KNBZToY7hc}bZl55z9 zK`>>{uH|0>`HGZ#JN?z!((ySg`r|9#-x~)8UcK*VjcTz{WM_IA*QGMj&rnEab%yb}o z3OD^C>;O&wB~s_h=i3&Zw;R@>^3^;>cb0k-zMXGv1Mw+KXowLS2P;@JG&BOw+5yw` z9?wlPRvHY}yd>r*w8obW>AG_9q0A=5CdMrMG;uq5FlmJ`50YRHE&@Ao5wifn$C}vw z!Vy>T!4cPk#^&2Z+h5UJdSJ;Oo7$Lj>pE73*b;HmI=Pl=Naq|y<@$; z;SF{~^qOzp2FnPuxu(6*5sHCt`epIl7C$Dmj)RY z?w-mDyxgbC_nAaF=pm;qY5_sn>if2 z`cFBc^xDx~h+SWV0Cc`9)((bA3t$^0&b%I>*(?LO;nM|0TjMsS&Lx5gbVEoEv-hcl z`$}O-fupcXSbKlf=qieU_7N=oPj|JS1IY*7I&G`&9^2IQ?XVAUxdLAqBd z3d-nw8fDK`=zg1D=d|X>cn0^b*pMboPw-OwVDG}56%g?}M_D7E7Wk|kkS!OXEdwyp zc5dPa6It)YUi1J;UpLXRDIBBB&E1K!oYAy{+oPs+CWhPlqvTsskA3jZ7TRA0?e@zW zqLZ>Hg@dt)oZ$=BQRcb7sAHN2@z^#V_AA`8UJS>n=8Z#O`kUfzxXb)0Yon}i@(bVM zZ3fjcH^fCOg>4o~6*Oxie*P{ss(1UB?Z%UgN!lm&iJBGum$fWnc=3W&spqA#(<5n# zXQqbM+WDm~)9S+YmKNX3;gQ+whFWEA7jTCT@TnEg;0@(n%61=Yt<>11Ao@4k$>zjdsv;guQWviipKt8m;}S-E(FLiGx0l!>f>iITfJo>m^~ zfF&0s3Idlvek(4uwb6HEObTO ztz*$6lgKSOVI74~(4d;RCLLt?r2R+bquC`t&-MPVZ3o=Lf~hi#hh^)LEGw_~2gJ5D zV(aqFt*TRVOGmKEF2#YVRc})^m;#%IZDe1>j>6znsy~g~N3K@&CW>97=p5a#&BTu} zh?Gff_D$z>+dkmd%9Q?wm&!W zAFbg2Izr?Fr;DP`a$kMJ=G#Ry^l^u1TlJMMYzcD?))*bo?ojW4YF)^BelTt%%BMF) zuJF;cO8tyPRVo$cESBVnTq@I+y&71$niEOOT;*f!&_?d&spR{os62r_kn+Yj=xxa5sS5%3R+J@_$OH}iw;=I6h0_8K>*x40x_0ENKGMAwYN6%Jew zx0DV8&x2mVIrFFF8H%WuA z&7Qx0;`ZRuw$TJceGmvbcQxU~J2wP1?ta-P$UX{}m~0Sf7nf=uHx?iodvZcO*s$ z#)^K+o<4uU3q4}XktUXPM^g#6iyzr*R^?XQr{A3iGOKsy%B;9(+Wx{(1J@~Fv?zI4 z@^i_D#MgBQ5hROz7N&xwv7rF#=>5psbb!DvtIBW8%imUp@rQ}v*YpO#U6hRjug2QH zjki!69mXcKb+||cTkyHAf1FkOpB?9oTcgRWSIto7s)1Y!Z zR5CVVAGRt@JnG#NQ6s28A!DkK&0Rsbf#zOWXDOe@mTjbB6Mf3#X+fq4^3r@DPQiU) zGN@trIG%?rBlxA3U#0`PY~{RcnBaDYSCFu}miTxe&|UbdU}}F^^Tv8DCT$gGG4&n; zgXeDBHUv^_d!X!LGH#Yihj~WC2_Agb5jXEFlxDN0W;*MLxAB*KEV>X~46H$q$HUnk z9Bv>VZ8*g$!8)z2jSF7F!n&)pHKOH&2V5k+hh0lEe#L>Serx}yVzwDH@Y;1Gm<_%@ zgw}C8#3q?oDoNz?`Ui|M1(hu1c8UjACK_saB+@6`>48egM7lcz-wNl`=;%@D0-2VSVX|jL>!Mck=jf6I1{Ti0RCpxQ0DY z(y|~H_scLL|Aq9RRGOXR`d-f5G!v zdBeE-Fk{QlnZerESbMJ$>SUp^*b0iOJ?*%Bt8Xp2Bb+iq+i2F9#Dwnl`MqFA%inf@ zZACKS0$X{w@#$b!`L%>h7nafdcjXR(CO>$*Ub@BNV+1aPm!(7&-0dGLk8A!-ahCl0 zBK9G+mN1HACYN6q=oNEsZY(NMxr!bYZG)?TL>{W3x6rp|9DE~cx($qLt61cBYX_|+ z9f#^cb=RkMDc^Le%*{mzq|5aYgGsw9sGe%qXMxl6t4BJ`#Vy^9&dCZSBMs4sZ>quJR9fXncZFWsdL$~$@gynuZwV);J!HBz8uvs!! zCHe<@!FSJl!kg7*WeYTf&>w{$dZ-uF!ja*##vPnkf>#!jZ)b&N4ES2MY2U}UsyRDP zY4Gp&^=SL&&r=;|a;urjGg&d|9XDzp_R%Kq@0YuEuW!WQqn`gp>2`LuyV(VFKwPA) zVSshI6q50sE&YQS8$Ij-_>3+x*3c?x4TQ4!z=Os6R*fbs-`1mJg3e|-wP-zU4K(B2 zl>fl&IQU-v9)!KJ{)my0QoMzIPV#QbSjx|Oym$CT-qfEiPpD5Dz49q}I)ekBOFfU6!^uzjQ)V0lkn+kTurjbX&; zkDr4eY}y8rczO?EFnIkA!p`f9Yx}rg=J_2!#M$l3dxwCzs6JOMp=Nr}%kQIwk$N0v z=*X2mB#$~bTtQi(1Kri3`APN2j6=MuMt1`Cg@f>(=ZaEP3`N6js3+lzebgXkGyd-# z3lZUK`3yy9k-zb%H~x(>&BFEghLVKzOdIVf3tviLZY zPUP>bT`$|H^=q0w{#;(g+d5wRRp`xew)b!4znR8D0Gkr;Ce7dtGaJa9VUsOSN_F^p z>NP*~aO-xm^zd5|F}9Ip4 z-4Ef<25wFE4OH`N=JO`;`#E7i<&K)|oNs7e0VV4XAVGz(hhA zH6un159$<@_wa$RYt1j+uB+|X$))unCEb0rlfRb}Aj19tSm{wsb76_AYB>pBln%G(v@;VdGU0f)nBqTgfnC5`CF4ijth9jhP3C4 z-&YMm-aBO95^BFUUT98MhDk2k8NdIv4!EQjyZo+XFaLi`-D7ke-QzakB#mv`wr$(C z?c~Ib&BnITB#mvSX>2=bZ1g?t^ZT#$ew}sJ9L!lWv#+`Ly(1_fRXS8+wo>veBeR~H zNXB=JQ1?GNy6r^ppX#=bu@$r8y}5>>q>k4gVSGBj-vUcK+Qc6q{Si^Uv8w>G_aWrR z4{b6aP7B+PBhIEy`>41|`jaA8`!R;qt@C!CwUpG=Rs5|rIgVOVsJ&=}I^&T^9)1_B zjv^|i;&(UnMU&P}(d^+v>ZhadcVNWvap7;l?)%s)lI<#Clr$zQ-)FX4_9tFt`}tj2 z+Jc!UUF4e{I^QEDvZ-8rcPAM?r;BNY;OZ9j0!gviJdJOcpU&L3?jX88H7I zhCQ8DNqj3MuMoDPN7~5ACf$rE+?|s09Y6|C8p(+P7=_jkA}x%`{sv{@hVfk!bmht)bqF4-MM*EGffM{C$tWX8uNrpY4Pg) zIdVffjM;BztuI6H`+)*&&_X60r0NM)D1L9+BlPWUP_D`8)FYMyCj0JY)PI%UG?0*a z6)f8&^6U;`x4o;U_o9(s#6oz43{ePD)IW1Q1nDsqi}zMZ@;mLKV5L;1LIiH#HXLpG zMoP*zSl3OefHkB=dBBmP;CU?|et?^C6iFHreEiskNGZw}t&84+Od9VoBg&YYFyuZj zH|y8&el-T%%16~E?rz|1pq=`XjbU7GR0BJEobV^e%NUaV*_bPwXqyL77Suv4hKrop zPLyOP^8J>f!hU1be61#-V`VqV-7oMHy`CpYD-gcZ{z)W=gR#4`0ONKe%aEQePa??V zKBz*_LaN`LQ(vX!TX0MSc!zG%#N0qjUK^EGwK7AN!pR&#{ep%!vRn5H(pjU=6q7F% zf;&on(6ffEVsMaF%y1fXwP9QjxhAXrL{;7pYtl8xy;sZ>A5AFgAl4B01mA$oP!w%o zy38@*jU8+G;>HWfCGV{!Wm112(AVzrv!8bgRQc7^m4ySch|$5@_Yr%`!X(&6hLgZ^ zQ1+RaPvg61lO#sI-IOIKh_=sUUKjC^qruUWHB{53fMNYp9RcagjT6-3c2}VMPv70z z2NC?C-*yh~vpAoS&!(Tt<%1K9^R|6)pp@-wpwt~*^ z;?tvezi{;p9rtu1nQC+RMgaL7Ca8Z2D!lHSTkKaVXxewZEA@Xe%1PMy$+Cl!)=Sh< zHvtgK@Fx_#`LY_RQvja03E^v6Ds?6CR0#;1S=U=k|VCy`zYp<^HIEznjjq1 zcCB;k(G~xi&_5FO!VUcJRc)b`zeX5EobtfgBwDv{(G2I9Zd6d>Bgynk>x=pTHhaIQZBJ}oc)jRVH)eN4A=%$>})G4@jTo}NLehIJ@oyiQ#bljSM`g(eP$5T=WqPFx#6DZSct*`TdFhigP{p$!Fs6ezwkbPA$s-Nu@3$DFMkAA&#=)Ie(3HK+u#U1R^0G$#C-ZZd8l4C$)NnE; z0n0i71?<`6LGzaajGTRSOxJc}HaFZw-ReszYI^QNjMOMwLP))e^cV4gxL7LsRxV96 z_c`k`AQ!jHa(&1yJTEp$LYP1I zYXa2Y!K{RshZa3j3eWjp_CKp{EsL|0py&!|nJ4sOVKd5<*KCa>tu(U9FK#|~hefpW z^cX3P#(0Ai{!`MI(e8b5K+TCHa$FQkaCSN-XGWE5Z^bO}JiJiv@#0HgKIW|`px}8) z8Yyxw<}rh_nwT+gE*+g|Mzq7)4N7dAaHg7;S~Ovq8%wf_s-0=(bItm01rzg0hQG$+i$>n-Rvh2<+v#8sK_St?wHS`=03 zX8R*))u(Nye}D(Oylp!`?B=}1Dh3X|t^RkDL{u^@GaiFW?2*=4T^kIH<=5qjEfMCY ziKfb^yz2S4A5l?`fgYIbZq*GhU9rK9YkL&5M1}q)_!{72Xm`{5pUsFxo56Zsqw9s> z91VP>H;2>y^8!Nf=zowa6tiVUn%n!A=lL?3M)xP}ewY~^98c2h!+aTrdUeui6!qAx zsgKOiVHA%dpm0GhU)4krZ(6{$i{q(kv02r);ru@OEv0fC7A4e^9QUUI}A)7>-{HXcW63>+a+ZKgQs@5X=iw}<5((w1RE4$3xp@ja^ zE-hQPDPL4?GPuc}Df{;prkT;n?>)CQSjROVdheAJ9!Bj==Xl~55DSbnRiyNslQjHt z3|E#J1-5u;R_MJRwI}6jRH^HU&m*X|THq|>`{qpuy*Rp?Ka~{~2oOBxP3M$~4RoQ} zBc44=KNw}sh#8t{8%t+Y?JVUGs@9w;6>rv;q65~Z>pMPVfiIO&IIKKOW1GKbzD4t% z_t?`N98+6d&AUd856+Lxu0vaPMF)PTb{@!FP$3j91IoGscyHSdSF^4;REgG%j#@2x zv<2N39(=eQJz!`bOG*xK8fIP2oPLgaro zbSEq_d`_FGZL#q=D<#z!lNxoj=0-$22x7mI$_Ha72DG%R+^@{;1O5mNy|}p0SIdNX z?TzLNU%;~A$d+?uX};ZHiaALDSIvnl4WQLJcV#U`4`bp1PqON8_<4FxhRv&Iz|q_k){XL(WqK zQawpoH7E_<=3v-g>gC11g|zwp_FG@5`?Yk+KhOd9k4hKCFnhARLj*s30(?(dzsyQ`o)Q$ZL`xjhTi;B9;O4UON?=W&w8 z;?=8lAm!7a=NVBj5?5frr$#cyyv^DR4Aw7g2EmG%e4;$l7(oYyBc(!Cho1%?Y{3M| zw}{YSs`7nvrGwGduLut}(L`U)Uo8971|{MKD13b}g#2*(HN4$+41&Ew1S-aDK{_3z z>K6=1axK}6SJS^^rJMet45&!hAc5ELr)_FRh+ zD=?mW1Cy5cs8Jt1sw>Ge{qyl@O&H>cM5soc=p|be_1OKjtdffh7tZ6i=IiPtq=KC@ z*g1L!k#PzYz4WaGRh6S27#v?hytVst8i*u!?A`kpZKHJ6c|22nl}Y-)zuK2`pp{Pf zW{2Y;8_wmoeNO>eDbfRM?ndRwCFJ^cH*(Y2=3MTvg!L*FnCHyP(#V`on+niML$ia5 zUg9f|CYKF~(}7m{;#m)-xa>3I8#uV;IDcAh$4mFU7FPfNtW@S>(GQLiK2Oty>}MGa zNALwag2OW~tHhJ9(>S_rd2V!T*tf1KFM<2B@D4Ki-Bgc$R^#!tC9Y5pOSv|(C3-Jq zJ;?n^SF!q;rQ@P`a|#ESvB4OqrSa4F>p(3voMs`PUs%FktY>rjtECS9Hyd8o8C;83 z+}PoVkD>m`=@6a%|Fjgsjn*edF@W^8>c%)0jw)mcsHG#;@lpFQ_34^1Z!Z67X(x#N zb$+O|*6-4e8WFFJ=y;8GuA;k(%5+V*wZ(9veDLy2SgW|szTe+0QO^c>87?_<46E~T z*M|b{KmytZM%s|z_F+0BBxCff`kO4c4EG58S~kjwSCd{mtLZCl^8`yH0=~_hCi@Z= z>0twBjXhs*>F@UVdu~k~7tRIW{j_#DuQp4|S!z}L z|MqsiUdZc+2BcQ3aR6t(SaGRCaKj;*d~o%eoQE5xOUe_Gz-J&nVi2p3o%qou^& zIOuS|ARq%nrcuN2nqf(M6mh^m}xwKEOE zgZU{{8Wz#nrD|CYjw`CDsI_j=k51E=G-l-R%^L|I6Qr#2tH|q+a|@L)XsW8}L zeD4j9*Yg<$c)hywt9K5*>CM=C#NH7za>4y3(lXXf@upscytO--9&kfu+D>?+x&Thv z_Z+T0dXo`Vu!Utp;0p-6Yfl$D+#CMHJAGE(^&PB*$b|b|JB~V&HUoX5YPkN69I%q* z;gzrL+XQ*I9i1+66>*;^>lQ?$rlyxQeOWtTP!MugnLudwDXUSf~R99$cHo~c#2yasFm{LL?*qwN-j2uq&x{Dil=vNA5PT zzqfeC;Ff&8yaTN{cTJf$a@KOmu~H0ljiw-7rRKw*WSDH?p2+qIegFz+MJ% zPA4IE5P%cG@ZsC~`tngZT!~^-oXHt5rw5z-qFIsQ`Uc$irOGkNq43Q0DFpT#aHBeW zLW}!RJ^~L8^i>U<<{np+r-Tlag~5(PIecL1yK{b7nTrZ6t>Es=w|dSdT#xxrLB`pV zH0=5FFR@WK9YnPdmT@pj9LF!ebfIE&imp6R!IDiPTj6hJODa zMwWWQZ|@&{Ze#v-Mi}d_77w~N9O!S|FN4LgYy zh)P_6(2$RS3+L+6Lmc0HRE;$mNr6DXZbPXGC)yNruIua1)-yw zffXn+P!8yPlJRxnzW}yVSyrQ%QFhn@`Z|24Z_hlQJk32Vv7`V|ayj)K#-QM!Bw6&% z+54iYuSY8AoiN25d~*!S-fyIhx9gvW8}@Y%LaUM1qh z_pGI-@RlzKZ(s|*4+Z$r-!6!We8>K%U@UVs^uPSLX>4Mg`osI%nSj!U0IM4D)}&IT z#BrhI39|s_56P#!bR(rU>hZ^Gx4j7cQ=Q=nwl0t{h5MppfQ;#2*V+F+#+39&LiNF} z14Q4GB^^C<$q+lOTse-onAY#JPN*Qom<5hifDqt1k z-kR0>=gkYa)Qo|eT?VL_h^nvSq`>FfQ{ek#pzl=uag}Y02vOkF%y9Wd7oWwlormB> zJeAkCOmj={k{_B3NGi$)9vuy)Azi`*)3hx;#k195{FfvtiNTmOx*ZQAIEo7kq~&vH&n)Z&4$vj@!O81M(H#&}^IzhiqgJhH z`6ZbaLK@JV48HNyvZ*u1PJ_>=K_N>!z@k2!-^2i##1$xQbiNaIQ=*dPP?3VFWygkg z4Xfi%Qhp5#YJ|1uUt{K8nd$GNS*Fowrd?PX@JSImwV(oe*< zvd;bpfTE-*UJ`kpLtY)SW6BQ~hWMR^8JI^iP|39@scDch2`Vm#9>ie5-r+?F5-dfz z1hDqd2U-~FV`I`a57zOANJXU{G#F_cls@Pz_sGfm#hBRZsHsW+3B7`v1p(907QQiy zef{k0bK-lcwnfeea!w(*7Ti^N>>Zv;QzhpO_*j4TA9Q~jrKZpYJNN?Y3?1t-Z5XKV^qGPpkQVr|~ z8Syz?wk#|oF8Iv|taR=$&_mla=+F_1$o<;B6Smx_p`3Y4i3h2cEg`R`!)ygz%iQ_K z2{8SdFX33{BGTXxcyJjT=FIWOAAcGkU}b`#2KrqpLWAcOK2)pA(?RZqwyb8y8h*SbE6Wcs#dM^o@ex@++AiYU3 zMkzqoAPOzXKgu{lj!GfcvCzCR<9FD%{k)(pWtsW>M(!dijd|=X01cU;C~$C!npMF2 zbXrIf8-trJ(mj&Ao^po`ZR=)=@WnKGr7kg;nBFybSvv=TO&>B^#*R%#n<0)gOOjni zGg~oYMF9_?mA-EQ!k}kTC#*SArEQILVchPu>|82Xc5U&|wLoxI!WdqN!i*-FTejm(|*_c!d~SjtnLU114y2Trc_+Fk5JoZ6Hy zGVIY8gnXO{+dHlTg)Lrxc2bn+UmSj$fBz`CYZc{P5p0y?#41rss-8iIkprv87P_se z!bHlL8v3D!xM&&0i z#HXx1FtI!zVi)s=I;xNr(o0z-P;Cm)5J~7qK9pUbeKJIaA}Y%yIxrweGlRzT-b2t6 z#jmFN`$1`QxHqJReoi9&ZqR?@y;5v-FK!PH-!5k_5t`ZK_K_{@Vk2#)OxX3=(_CzG zQ8_CK{^ffo%0|IwT0z*3?F-i|6ap2Rn(5~c_YXiI3*r|OFnSlMK2I;6qhI%ZauhqM z;VPK1Ch1I6@~iq!*=YlAI*zkD_;8m>^hq{Q_n1`>WQ?y0r`q@WojNNJQM*LNxra=u zSP{OuXw(TsjTlM5gglDh1a9i<{W*PozV8+KM62(gU8Oq*6a>CrIsu}#-!0W;0_MJw z>W6th(RBLh>dqnpv^C16U);BhXf2^)&YV?z^NYeq{b5fN!vGS=8Y4;(??aGp81;gl zL`IrI_@%i{fo9Wy0H=ZHs-m%K=hL{6PgYqw0xM*sF=j-K&eg4!BOtCtavZvD`>bel0Q)V}( z7B%?68V1pH^6BIdaFg&szp&wWq3svsDcuwJjBk={4T!g_uuI&tS!3^#+1yZsgz~O7 zqOwCY9E{S)spGgwV<9!di|e>CIT5V~;xj9Lfz&Sxh51vFZ0Jzb`p*k}>F3a3mWPPA z$-nq7>;LLF8>-B&X6Uo9dTc;bZf!5+A%d{mZ3S2(ttvUS3}zn6NLyS59KPr4us;WR zmf&3I3t3hoG(>frHC8<+LiWKT7he7T+k<--^S(A=%B#mzIY%?-QRLp~(lya)dMNxjYKp%c$=yd%5o4pl_{9_)))e_#;;)5=B&Wy`#`BB;Vv2$XwWdN%_qqSP6xR z*!-{Tgb18j!lqO^LI^miWO?%dG}2F(dx7X*ke9J&LWJ)s79N>9VFr;=Q&zFKi96!b zKAP<~KmTQd?Q(c#lKS9sl7MBgaXgg_K?DpcQJUOnU%7+UT9CM+urNi8*4$EdO9t37 zeM4k$>I*gU2OBhx&+Zww6&(U|GmWENguaLA;C!PqM?OXFHK_jX#?#*ryU(sivZ@~O z47TQX$6c6vU{}Z&E%QV2lPq%ZV(##*xw5~RTDoQ6lz+%XyEgr73|IHvzACs1&~3ZG znjo!O{*ra}13!F`?!TBux*AhqvurTOq8(4H`^4{*fm;HML0%-vPUoiMPis`S1ps)G5Iw}o_JX&-FIE2Qr*SP)-vnHNI_k1?Lm6Mrp z$R*N-&Exi)Tml4PnHq{9P}qMtSa=Zb*&1Bt>T4Oj47gg)255o1V23RZL?CS0FB@g| zB{v@fbnu6o^^gVE@87UEq(;hbqULsE@O% zf(%VKB62_zLFTx*!x3v>PY!FIiilsqpK!J(_Y8%wv3@am4W6nydhIp!sYGL(9bkx< zp!m#O07o*ng-v#VydF!?AN#l!UL2z;25_gCj+RJIT=A<2J|wIdyWH8Znn+0OFa5dmWk1AseLKI+pxB-Xtc6ga+HO`_15dk$ z)JnIHzYdOsU~$ZnMjg{cU9FY<&<%ktQX^IF#%4V+$jq?V>hB_G=pzV2qC>DKM>TV8 z$pV^0fr%P^?v#`@kqo&a&twBvS>3ZYzs|sP3NYr3p0f!;)_; zB{gSQWSFZ+180374ZEV42U*!2eJSojRc9vC#geSGyIgY6{gG&92Zz^ShlbOSUnt)hN6Vk$!iA8*KbkA-?|b6&EsB^M>`C9=Q*^DD z$rui~JEZJc`gJxf7YkruWVfCC;HEog)>;4I#+DZ{@tepsIW;Hve2TkcxoOgYIn5X`;N)iNTX4ZxzV*ml6`hbJ(uY}cKU6~2@(hg3v1E^_wyza;d1Nj&Z7&N@<9(FQhoLQ%tD%_Ott z{;6G=%8Vjjjs2bv1t8QowY`zbyKs`Q3}4)3=ksriRm)Oew1qnXO(O(3u`S=FGCPVd zD4X|0lAZ^~sxs?Zk_nHyh}r!a(NJtxPx|Act6)P)*&daQ`9bs7r^kWVzG;vZ11}F* z+-@ynO)y$rn=#6h05XScEVKh?SMsK%)+EiIo!(~wC?6mG0#ubb_aJ-|+>I*0{#Lum zN@A9)p^?S-A-PPC;uumX_XwGI@2Eg#n1Q8%U$YT7^0Ez?ATdvrZThF>ONi$l?H~<; z=DH5{F@JajabJM7wlCT|VtiO8pMXpfL!RmW4`LG_)u=nQocAs4a-xtu7Ds*Bg&^!V z#G`htIZk13S5h;e%&sJj-_rfcq9oUMklE??0Tp*VBkpkJQs)pgOI~bYjcDJB58dWG;<2)exl^%- zRg_6(wW2j3dAEo}tEjDWemk@QxHrE61Iy8)d{ssV<8$p3hTEQP@+ssc-VldY&>*I) zqN9?s$OgDolgnarU4=iY_rMk{+OG{K;XxfEswj9d2*vPoFRA40axAQOrzd1;(nH17 zo`xh1o>f$ua}A!+M*%39a7J^PV}8g){$?-(5G8ylI5OT|Rj(1~>;=>`>4rGdNydVb zAd8vMQHI_VGx)BT!le?iA-1Pn?3Pi?L}ZaQRMNJ!Gx)((*;%?2{7hBBMZ7xC@UHRT zA;_l=Pz`uIQA*&ls#jM86dDFYtG`4nf#-q<>%Ep#xyG3^m9!{zll20yyF8@vZ?&}P z@_ml>1X3ul6RBmjFkn+smbaP>WmRc-svSqjiC#NJj9;Rc8(GclBMKYrynf9{tKNZ} zT!3M)PftcO;;%8sJ)u({T?ryg482j;t~SQkw1?iB`jg?ljlaA@mD&{(hY(lT;WKn8 z@g%*(?L15B@lsdi#26)D>Ph`@B|z_Dt2iWMxQwtNs(GInmC=IsK)(9R<NnQ=3!!2zY z5B}L!`HH*<9wBr5;m&m)C26mnP*X>yFD}Q_VGwjDq(;oy29sRa74 zMbBe}2is#rm7maBeghIGSfxB1YGSEZ#Rm=(8zRtsmq)7KN0S%ArOIB@D$%zGx+L$SHAtLtFSW|BkX+2#hlODSa zklB;!=2I0W>X0sp^$y;k@iEz`S3eK(++T0p^>^B|`Bj~Bwsp^&+u>jsh~4Chqld1KjB9odd@N1hcG$XR{Iw`d)a+|O~a6JtkbIp&Q^Lo~-V zYrTedC4<(%+-H|t=7cx!WP=(E23g6dvLUoWk;PJa;YfPXeJdkgws4-*IaV}nZc*c$ z@~iFcrf{Br6SxpMy+0jil~4(DX>TOCO)_3vN~LTb+khV{uaPt~MKx}|js7VXBypW- z)zAzDe7MO;R3?GCEJqcdPuAZ&97Nfy57l_6b}2BA4M4W5t3o49hnC&YUT zA)!;gxMohh-_4qYW;$ud$u$~q($(NC$ltW=jhfRJ*2pmbc%uUu} zE+-+*mQ7YhXQxyRThZ7L4L7AD64sj9^It}}ap~CtV_F)ce*fM3ngC2hODoRt6XtT? zGeaJtoHr+-zTOGn>&J15@4c=$NTG1R3z+#-<674l~h`0UTq_Hi6N^9|CEcU{vNqgEFsjo@@9%2G^dAW z+|Zdt8Gex^i7(d2k{UL3BV(tSnWUy)(vgUB&4pI@8&0N}L;eFjiS;*v>>Vf0lPBN( zU7Of{272HO&&7mRQBJjn-yL|^YpT7UP(5Ae`xqDu*S(}^OKG3a~r_G8y$&xTjMG?+~Bc8iNQ+}cW6djICo!6?CZ4%RRrF4 zF;*phqsu@;3MWSQ>{iq^xLb91swJDsOBnvp8(EqM;Et+jXMPEP#FCyln()i?>My&^sr)RUVwIVe}!3*F0DDpMJF4u^{B)TDnl4kiWUB|XVGSMv(v62%d-5{Mf!9Nod z#QFuM^J>@xb!bY+kO(T{iXWZQ10al3YP*Uj2$9V~Wc-p`?WpSPaO<>)8p$v`}E2JFFBKKOC2?$YBLvVrfDl}cHL_oZzu zgn|TuVZ%#4O$FVOM`!(}kfs72XDn+-MM7Wi-mUpzXG!ZG6K$ie=hi@HarN!oBO;~< zF~V{KC#xNBf1e~VyIR=A{%6JZL-yD6Vw^5aP}ZSohPQlG_nA4N`tmEGgjiF!NJZWg$omI>6A&a6(eg z|Cpwp=HX-ZEhbFPU0E-hvdQIfQkogH0=qg5fhpmFKyY!c?y;lTi{P(us*f3gz8bgg zyQeHBF3Oe0hPPY3Suqbm7h-@Wgd@_gvHpOCKM`;G!|g=h5VuY;(84ubtepg9Ty^yojV+ zHXhy4=|kSoxHNmbRCNTE6knac=S7J}Y@k#3r~{so!kPP2l!xm=9xa@)cldBZ1#3~j zpHoBV18cnp3`5B}!nF`?oUJwSXU{^re9c6Zu@@yF=YLN$!(Y?d5k`(Cati+r;jBNY z5PbJ5`%CDyIN6`#0@^^qHf);oc=Fj;6u~a9re7l_6pOxBgPMG0DxPc+6|7FRl95;f zCQ^*0QARn_^AU9ntTdX75E()$%{Jv=aDKE`SCJxU;o|!f&cCK2vZU@-&V(3epFYep zBH7{AnD_9)msPocuvZQIZJy9V=c&@P%|HyPB#6}_(h$99)Q}*6IOLUe$CkH)G6blH zJ$dy^(5{kJ8%l*ChS<vHPV_RltuKYoGX)j_4p(+ALf=wc~u(N0{>* zH%g_w72PI9q@FGwz&Q3ILl(?|x&eWnYVX@n^giQZ>ZuKlMx8glv6vukiehV|+^HuH zjGyQJL&7Zv9+b^s!zUGA4@k8zmke?A zTCR0~3t@1Pm~oOCk#eJ@iHNm+xcBv9k_G5#Q*PWy&OCv{4}e=|)1Ue~`*Mrab~dIB z_(-ff6zw3WC6nM3P@cS}KZBSwPk#zQiUL^{ zIi2DUG5GTMSUpUKvplwKu3AyuA!>b>o3jJXV`bytkhSQ*mG&O38d}8ma4opUmovr6 zVRu<*jdfd*U}Ne`dK-h3^~KL?l=%Tn;FJ9Gm4@=iL{Sln|3czWSC3nelgyK=NeFHc zs$}u3rqpAoqD}ona&i?&x7ihM44h3#qEx!^^T|gy!B29MItmLO1BG$aYxZd^crz>$ zY`Ro2QhM=j_tWtVSaBCuzEdD`yh-4d>4BnF9>o(o=q!6Gpe zXz;#u$eosFGBYBTjsh(Wn_YF$k4(77VG9O@iOm8N z-`j@hf80HjA;Me?6w3|1L8xaWaG-xbQCi+}$JHqG-n^UMBS5fItwY6xy~(JFCjb7V zEPXT`e@5J2E#54~Uq-i(h^=+}nsNe3M`Nm-Uo%jjef}n7K$QRaG#a?a@ysK{)pzOg zDD?5z+BM`9z*a@w+aiKeC))M)%|MW$-Y(*+oI%;#f2>aOkJYP+;zvJ_Pdomydg_Q; zME^nf8wM3~TDCBd)erH1evV{4yl;WyYC_DSwE4XclOGMfKG_=1uI{?>=GEs8gY@lT zMgm#gPz1>8Gw3qsJK(YnVA_=Vm687c+BK~1K<&OskXPM3ye)t@1%7M3?beGSSVK!f z0pJGKnA6S#W0D&QW(~$v3Ss6J1N9($&sHZzQ%70+bPsA)kpH;qvNh5*j;s3)OTvX< zVKQROmo3kd+R}lq!`udwmK>T5|EQWi`JHDQY_JC6S5TDA5ZpO2Q?YUGT~pMBQ%i~) z@!nU4+f*7C$#^(aaf?R9`+H)xh*yVPiJ5&pSJHHE;1n1?*|~cBA)M$h=!^lZyOUn% z5KXT&R2Bru`b~Fo6i2klB{nDvF-F<9mVRF#vog4#rvc@#7}e5A1>`z@W!U>%Rjkfq zXILpqiPo>-@>2@Ho(i*t`Fddv%%}I#Di6d&_ za3X|=k@_KT9!N&}`2^yFUaGK$V-?E}UpjHd+8@)2jkY?AD?&UT)o@Sm!PZp`2E|jm z#B-cO7D6RVhBk|z?WT$c&8J(0TI>2740su>F>FprfC>(1J*FI%fkx*<&eNlk+fFU<}|)6?st9N|0%__`BTAori`! zAhuGwr?=bRA%L;mRMaLF{Jd)A7W=Yb6U!A#y%}-B+d+aOK?l={$0CMzWK~wpB!4uc zaZjbOzC$5fC|#{38cer_o#hb_OG_8O2y6y13vm2Q4x}%4$(8c>(P&@`@Mgbi_itDH z^yzGL-S&u}RsEF;>6kx?pjL4uc_U*O*&n$*U__AxX}qgiWAJf@1dK{^*bOKh9XX@v zk_q0Z*TM#q>rg2}8}C-@YNFS;%`D1~wm@N%btwj3+_e=7z2>@mQI9`SB$EQ~-DZ+D zxut|kv9vKlsBvW`8hMdiesF>*_TbgznaJGR8vlptdl9%>v8~$keT~iKk^fNr^LGK) zK7%ENHl{^V2G0Z#)&2O^QZ8RDm6b66Lv^0Ns7@D6aPt?{V~F$tY=pUo=Ke>f|4`jT z^dG9@d#osgjRR5L^dG8kxlbjU&|LpTb+L1EK^)m!c#eOlE_8@}+=edy57kwGsLo09 z57mc@8OpB>>xC3%_CTUG%j*B3`YmBB(tN4#KUDt-3Bm9W)jz&MvKTnkYzD>mG+-}~ zPfR`}owDlJ&&of1F`T?053uIuQ#umY$&t|ME|S_|7@)Qlkj-6JR3p5$sr*;S@#{_- zdi<=yP%tx+YhQ&s>vi;X;tDOd>Cx%txG_HYn+6kC7ZZ5bPF(B4xkE{81|)&4=P6`u~ghYOtDhj?Iv{P@|LMx=_s{9{e_x- zjwBO#>Qj8%f>;W{Fi0LF+VOnI%~S?g_=TU2oe2N1sUSFWu|qpR$vk$~wm|+N>3O81 zLvW_Gnif~$Tg@G9Bazm2Q_vAn1XqdlY#ThQ`-!oKGpafVLwW*cK7HT&JaE}*RN`!( z^9Uz^gp2+$poNALRBnocdj2r78s=LK(sRgai zWnOJ*H_~7gPfU`+kH5B9Cca%ZOx-)jQo>eO&@Vwp-tM#~T4c^~tvCq*&l4RpI+C>C^%Rd2G)uqeV6=Y)1uT)Sq| zNFw+JU1qgFHU5HeQU!Te))6|!2fUvJTOJl!p|NfevrvnRPrWi)Ert_h9L zAcE_>aRWxIep}miI6YBw#)+zbJB_BhcG-#R;8h;#9mee#=$<7~ct7cOS)hc_yY=eB;y0ig@zblFkS$vyo18)^IS9usM zU+KN^Um)Kj&NDPI|3kj`Mp|GJcYqpR%k ztS}VyVO@l>em%-vQw(0;md!Q-;8m3y()KKA?22zLgMrb~7xZQ}0#D86jjr23AV+K> zg;VJ|l0RY?bk9hO(pxfLTrchb4GA4j#n8Jaq`Eq-php9&G#_@DGwG2l z*lnfonOWsM@KbMZQ&TOS+LYCT>BZSQ{Hd+g{^8ojpS9*+Hvd=iJO&~ zN)MBme;Sf9&{SpV$?g95r|L0AOj%e9PszSR0m&!G>DAy-J@#-NVcw9>^1}%NtfQ>#gziFD`VU6u8 z0cKu)ACL>7(93l9zI{{oK(U&H>Qcbm!OWm^^lvvmx97FUlrCz)U}b*NGtO+>JWPgN zS+Cuv78PkW!B#-c;4OEzWYSgl8X)7 zzE=OAs#pD0^+T_&4;>~B%73a}{a4jLFSlT7j`>{vr|O3PsX9_DIG=E-wi4@&Q!X%aZU?eh!#y-2gAP@Kn6`~gWYvD)BdnI6Aa3xDdp6{u zyj5_rG%XR>_R-j;kArUN+hM$=)ABAMZ`2dxq_E;wR%AB9Ud$R9;^%J$f34r&>>Z)_ zbf6aSf{4YXTa>At{`?CKDbjybWYTi75o7;=_>25o|`mrVVKEv|;Y)Uk?Zp>AM$SzY{}q z)=j|l>4g5m_*I}_-n&IeKjwvV;kq=Pf?a#nhR|f>l;8|=aUX#4ro_6Udh5?HU)5f^EbH1u#g{&+mb?6F%Q z!?2uW52HbcDyu3Vy_idi1ib#8gvXO}&O9f?hl;2y+5G4^KA{*o$n8s8LJ-Cn9Srj) zE>Y=iNN#y|oB z7#b$!Gl)^ru|sT%wk(NWc8%xfM*30+Q!&EzC-gCl&%O*y{l6$^eD~V0qKh&`n_+d6 z_l+TDiC}RhGbsI#p#^rCOHevePyW~+&9)uCLgx9(pQm!px@RS^sL3OCFUx{8>6bW>L9BaWtl(%3b+DT%(H5!2@ zy_gL9oN4v4kHnzxbv1t_p@=&xFceG}rzZ(V39(^7jdkTE+E(OODE8Adl*dxZET`79 z6W|hqE>wMrT;x=NqaQ$`#JEk4$7+O9AzzG}H zt*%q)N!hJ@TC{5?C*315f!il%s0OJ|p&m=Q1n0+;CSnh6{C`cIV|Qjga^EYh4$IBVQOOe2~~_L5IK&QXjsleC*PNN@dWIjvTUTz{2Q145V3- zOL|^mGja*h2&9ks(<1GcAjc|mWxd!c*+8kAcn-C7JoIuFFo6x3rv)*uZ909xd67Z=}GlP6-QP{Qt`h0Q)+^Odty*-hGLR^`~M*K zl1kAL=lB0Y?vnoxatl>{q)(*|n8Fck48-xwUV4|aXO=i-!}jOBVZ{%;Cg%o;vxqV7 zlu-9onHB2CV}~4k6?_={gWRfh00i*roP3bgMgRm8-GpHkB%&nhXM5gwx557DzeBd6 z4;dg2x^&IASwbJQNyuFM1hBH1gZ@G8jcKeYOl_3OPc zYz;w=TK)TJ7tiniD?xtsMXFrXJqk>(0MtuBoHFelNAVUtgWQpWmIgwBZ|yy(h)r zeZRhRApVZ_e%^)h`+ks@2tMq)`L!W_2JWAq5<*3E$u@spWX6W~q@J;TdQP|!(nDpuL6ldTv_5bT0Dav{t4_Phlpn?^W_sB{RNok!1csudU+;~l{4o5 zgT^I48!gfm_J6A~UU*NTdGKS*rx6`A5=n+UItb0Ei2shVqAw+@bE;X82Yk)@Gcl@n@*;sp-kB ze}7)imTqE~Up5BnT@#4=rh<~xQZ>~lUqbOLXg4OEU3ImoF$!Oo1c(9j^zt3sWwK`9 z5ulYgsEUd{Hd@p(u5-hhbj`E&$g33FZHt&6*{o`-l*%-b zMp5gthi#nT+QH~L#)lwm+RI>wek5?Hmu&-y{6ofrThVOUL5j}c{u3h6fvHRekO!qhE3>Y!j8tg&{Rt$W2 z$(7XRTM9Fn@6Pr-+T3B9~ z*-~ebK^B4+OrIVwbbhc`ErA!?PS$sNvdeGpD#eV~oX*ib6=~^LO)!&C$Jn_`Q4+Vi z0XH;?<0p&Y@_RpJdiydL|0VYS;@hugb8I~eo3y~j`)~TyKsla6BvcYuTSkdCmYuJY zf0?;1b9H<=E_HCNe%&~ zAGD+He{gWmQ^Roe7PeNORA+wBd^3 zJE84WT(#Z90IkE^%!*BAnVzCotr<~Qpv2nD^Nn&TN#paLVOIOX87`U8Dk%WALHBT8AQ4C9F z?V5Z^S~YODW&jaqOBRHINgpQ`s0r4b^`RhWgsgTGrDR^ChJ?5qbc!+=oieAvA%MX-^(>lZ3=-tKDx3aTq>O}ziLh;TcRNG=kU zvFloHZx9gQZ_*Y(@7ic${ejGoPcs#`rNW783uD_EO}oa3n%uE~DC`QIrHz=BVrL(@ z`|{+{P1E}?9-ZF)z_Uu={ymSj+?!GCW<88vGQV<;F^Ym=(V`)>J`KKXwc~$pt}wkT zdi?BD>LKIp)4aoguE5;+AN##4KXR10s#P`%0(!d12(exq+`J3yaprW{E7$g;LHH`!x6B-!Z9bs4!?cUlaFPjA19;Z*}eQplwh0kDNm$~@`mbz(AytKB~PS2V?{G6UsmV8;75M&@& z8LcDRIz?Q~Ap>tNZZ$)fQqiHUrNW;*b4?t4ujW>%f@|ZTgG#c+wU`k5*mHeaJRfS? z`}J1o+uiZD*!y)~1w%=Oy({$??`!+<8_Q?!8JW@BZaw+8*FW<5%5I2T0Hbz3GRnR~ zHDx0yUmd%dK)>wZXX)FKc~e|yBpp~+CFxpPayfprsjBPgz17k%6VwMJ_Ptd#Bdl$c z<$;X0-0Cqh^cTaSMkzzs6)pJapnKG(0Qyr*~w~^#UUZ0^A@g zA=<5Egd}%MS9s&IYFf)HAZ=Jsdh*DYmer0YdW`=P#Q7=iHzjP*z$?RmM{+9mE$Ge$ zPvF8XGlasVdyVYv>WM_&*Rsv-3~r>ruMAQJ&)VQy|Hq!_qvH9|MhDAPrx#6A@;l(M zxQ&#Ho&jVN2Q-tXkx_kM#aPx=78x$NQs1=JAWhc)!Beu9Z9G*00oFdgoD?rtCBQCk zuQF~&_(X5B_J=Cqgea|Y(rEck8AqbhtveQ2Xgj^2yr>r?{#VNH7}xIOJG#U0f7wue zjdN92uxxX|Zu@UNWXx7ac0Tc>jAFCya8gG(<=Pr&7c*%+US)oavcMM*O|ZdLVWW6T zZAMcp*s$q%4~fkY>r6l>n; z)m33auKBsmt`TVhEOqJ|rDO5{D^B~l*~5WP|HEdv#-6g8e+CgtSqcAT zp|d}Iu-Wo+=^i#wmu>@FE+_9^?=`P~?z`sFmqwBEqT-+RmNr|fprR~Z*jmBq*_^b} zmhI1W+7N4()ZNR!=_D0$%?4D*BA=Ka?@oPZxXK3XeX|F`e<#2;C^qxL+~d>0%$ZyBHXYGFMauJCftW^b)Elx11}M(>T7`0KmvfBnnp ze7M|7*-$(^pnv(dvo{k8I}$?lO!S_YK?s88xTl7tr+_(}tB#jdS_WNRZg=GPabUn` z8P)Tfx?9KxXjDZ0jmb(jcUE%-=F2nB1{!^GcWw@;D^J zBf4ZxXfmP#sWXnCGC*GjTop8KhMuC8q(Saih_$*2w2Cmzfe+F6r^YCm0J0ghu8^7!!7{rUEWt9kY1v^os4+*hDV*4|m`z`24=dHk zg1{6L?lum58s5&dSp zEaOaLaWMU0QRho3nOL9`hx1Uu88&+;ax7%mjXX$YK&Vt$<-=g}PIN;P*+XIi<)O9C z$l^mNT$rW95EPByQzy+7`WfdTdqDA^s*I~lOJb+o0ex@6-uRlXhyQDs83)-eZW<`% zo+W$(QqJSk_M0X3ba5HW4Dn~KCYR6=t$|Hy3-l75UZ9=TN!f$j0}a&&b|8rTrD)!o zJZw?XG(;|w;g1ZnNMF5P27%3NMB0P|3CrVeYf4i*tHQqFD&E>8XASMu>8K#ftWpOK zleO(lj%pM3U4lWQwQb?^(mW4P}E4ZWVc4(pIZnL-;HP~TA*|%*Dm`;N+=P#r!B>@#-Bdm*t-X0iZ6(T% zc8kYgg=PuNkn1YrUf!w7CR-K+d~`;|iCgSFG1Cucm@ZclI|tEx+gAwjF~u=|HN1SP zfL?AG{h#{ua|AF?X@0tZ=P9%&yTJR(>~?+jOtdb+*>H(Oh$`Az!S%nYp9q49WBntw zdQH2Ya%%EBq7caL*LJyv-mp6a6bFEh5qxaQ;*42@AlF~DQ6kSDeq$a7fx}=Ro{8e_ z3n|^u_ACa32@p{3|7MbX8bDc~P*Z=$&cl$&g`c7z7t!Yp1(w$;aL$mht7HThqxUyP zLc%K|C2R>v@L=>OW4UYb@xDgTBJkNK1P#%~t4NHXOtP}0-3UmV{CA{g+ih8D!^R`s zLK>yr*C@L+7my@QR>!Iw(uN~ID`&;#;aZcUN907&+IJ9Ofqa*bYGEPcs>!RpU;a3njOCg$$P^Th+uHmX@eH$QH*KmWi;MXpA_MiA zwUT(jSo{Ra%Qa~_>$-6wA|K`DLRpMRGGamdi^jGFb)hxW06FNLz)lQ)sbly1VO0>z zOu57-=!@2we^42w{be!4&pp1p(q7hXK61hnq4+VqRllBGd;((-O^#Atfz0}ouIjYB zv_Dgu@?MhIY~}rz=>{>rd3Th5#0(W#78E13afMI`}T>& z<-zQ8Jo)f!0+H_(CFISmW&1><4Ht(Q`DNyzd%Tm01_6R_kh~YyxX}Og@Wt7WKVjNE zY=fvMi9KUYo<&?pPHj9tl{4vhhUuht!kMSA=uWxjwj*E0GTJ{dY})hyj8y_cGj&GZ zcrNX5REa{okhA%&-1T`+jfT7=3DkmDB%{pN;zrv#QeT@+F!$&9)O?+)XMDRD`&f6v zggu`hkBy|<5gj3pkm$H$qhjZ@Ke7)841KIKj?wU-FMAUF!-6=za_XfH6KVt!hUpIZ zLD*frh8N$r>-2r}i!JGkxOJml`c4rTv6wMl3p~M95m+2X?RA4XTaP_cu~vn(l{!N# z^4#o>#t$#j>Z@@SUi5lMl!lG3%5lh+K!}_+&}a$vyvtQP8$wr^kp?RZHrMnfIs{m|t_jyUSb(%~*Gi&+B|4#+y^)qK z5de|^kTAvo!GsIa7pKXnwvh;m!#(^_YXPKEf zwgH()exQZV7n=$sY*}*4R~v#JoM>HZf`~k7I$Vl5{BZ?Ntqg&~w5<)dDVcuVaAnKR z97V2vYHVaORa_>d5O{1&&`ZNifRoFm%p+RZKs24m`jTQ(0N1|C-p0!TUYl>Z_cEf} z8acfa>G}1g~~2x-Ox@g(wl*ems2flbZK$TL=y~$QTwM! zd0DU|4fO?^I0l)ld5vRgFRb6*`sW$V6{z1#eBf$rqHRJ~Bqn(7HBd&C`{DB`5F(Sr7)(UqguV1~d~=Ed2ikpn_oCj2`O^$h>%b+lZ>~I9K}q zExXZcwdZr{+wtg*ev@ID2%g|+M=CLCvk#Wq6g)*$rUKV$#8A>`dcquuj3gEi$@`ex zQh$0sgE(fCJ7AE?0;cW^!-Zj?dQ(wD-zsHvt@I!(r^)b*Mfjgb`6>j%3R&LFFxEhl zlw;O!oFq|}9J`#;;+$sdeji|HS$JqUjjHZT`W4LEZY>QaJiji|R;`2&hrW_yiAMqI z%of}(j>Z@cLY9-YzsR(Awzu#+w+@2dDek2^ViH4C9pB10Sm0=;U~o0CMi8yeb_G~1 zXI1x8#i&HCkYL{8z!L}=cv{C4v4&nL8E%7PGmRwTGmLNS2!m)9_0rjXi&1Gs(NKCm??=vi}?GLjW%E4~=yw7>eWo~{9{w|A@l z!Wf;ppsd!1RtjihhAZOQ@Y2IE($%nB3nl0+oDZOh>+Nk})6X&Q+;mKm=oKzB?14W6ng87h?+Y zE7CZ4J=)Om{{c6`CuHfLjtHQts)>>q5IFt#n6w;mQuga{TGUC`uYDS2 z{7`zIB#1Ncsbg~SLRHw-DYx5eWvrTfne`-&YKC&#yL2S;UD4Ho>?Dp=Q%iMxWCNHW z?FfQ8C1lP^(?EBOj@CKl;Uw_ABYiGBLfG78H500V8YcUyi!v|AR;vC8DpbI=dmX=X zU~Zgi_WhBx5(ByGX}|6^^G|&wboQyuOhiVGwU{9l)HNVOb6EQLG6jQkP0N!vz&4Xi zBZmoL8={S+X#y+N&yh=KvsLXH>Ubua5K*l$QAboja88Qq_S7epXr-T^hNML$R1m7b zoo0KC7LahUi;tRK(pF^V(v1k7<&me$WUQc}&xv{=_}V#dqJIi&s9qs0(XDWc_(2C(wd6R{Je0)(0EoVG6yf(GyW)l=kA zhvK}tr(NueeVR&~y)@vN>>`sGOWo%OPDvmwS?9tkf@gyi&U11h`{~^7(5=2>I4mOE zK8UwrNZSQ6?NsnvF-K5Kh`SIwIdW}>gDZZ!cd_j_>!(hh8oenjJH%mFWqoL{+Av^A zKvEdjvDT*o&26|Mby35J@DtthKLKc$%Tduohb z_;L$Ub5PpcuCAu!7KUn6M&!@7>x9A(ZENVKYZJtp8=GJ;RQHMB)9$%&=JoUSO|JH6 z#EvVFIF|T0*Q}DnsIYN&9%e|+t&VxlGC#0MU(Q6r5y4SH%CA1G=%fl@4yn9SVk-tt zG3$)dmwE}_w(Xr&d#gHfOh2Y1^*woAq1h6!2n=f;6d~BNsW=f$i{oFuUQu<{pktX} z=T~^}$-2InD(gHKsveu3sFlj{E5FQDb;+`*GLpltSTTlDS~=yEMy8rP7kk45OfwW} zHulA_zBLc0T`&b@-yu-HX<*vGhLRF9KBtC5DF>FStN;LSE7cqQ5cc|5aNiWvM(w2b z*z>FS89a#~%J|4PZNP$nDlum8zb0E-sl5OwvpHeTH~@KDKWsvnE(+m8>7~t(JW-EU zJG)qh)nw?OJ0S<%qzP4OsD!L7VTKovdcid0C5;-QdiE8JH>#8{-;lvaF4P=O0w(6QeJ? zZN?CRDE@XrE?eV2Q9;y|pj^%W>BGBYC9eKt38H-WJ&3KA3%->V>Y0Z~9^^@-RS2ZN zwI!0y6aD2Jm(Y6iyS9 z{O5~B-Zb|#)~I`+(-V|*#E6b4=&Mai3^sRsl7dWI_jJ^E;hi)ojUYj!z7!wz^bIW8Hh#;~bAve&K<6lCkBAF*b7dJ!Tcw)QVuxvAmn ztErlYacPH@YXdK8H0>nDl+PD>dt1{O^{?Tldeb4@$S{51D&l0a)O0d zwEl^ed%ER08Ka=365nkWdp{5OuSIy?qAaKBM%QKEC)quolIYvOI+r&5?W<{~?>Apc z0FyM5BTjhbZd~^pU=)}ww{4I@oE$gWAO*IdLmIBzo}^2WV-`u`E{knrCO52*#vp(S zGLEG0L(u~sBJD^S=rJY|06=a^{An!gbGzc1(KsoLnAM z^*NDt6#vfm4)2Ce$FVQ6aldq0-0Pv4dc60?7aPs@Pi_JZ-Y@520=96F)uz>9ie1Q5 zz%g$D`f>f)fT~+%w!pu7*o@f;(#2cFxVl-pDVnA!(|M=tbp+aPhHL ztHN625Yi|LTdaW24a-B)EpUNT)cDw4yWA`Y@aCd4pdxM7s&gSDV^X1dnMaGxgdqfq-@kyz_5IX@X5|J$$DP=r!%s{> zsV5Pi2!uBU(b~?6HJMUo5sV5}0d~f-q?4`A~kmrEN0wd}OJJT3{8YJ9GWA6@~NBA`~Ea24|(##?)Sg z4a_#CuXx|wXG$=_Dy`->i=6gm>)a0l(EPNycA}xZzQ@TA3oEX5HMKQJ|Jlukf>ss6 zqD&uvncSjeGUYHaQWT{SAOH;@wMa2uN(C=BD)l+8{sE^hOl!;mB_X~dgve4=0!4@>qG8sv3Q4Wc zK-q7_Q|eX56uWZv#Va=PZuQkr83Bq+`bdjsU9&U*Xz^n}ylYz(+rPV8&J`~h21X1V zyL>5SinOdeq9Nv5;7fsyU4sT^t|m;n+Yg%>{F;z$oqY4`O<(RNp-(V;cx2~)Pm0(=E+$XHjCjh(8#dB6SFI2#h(GEIyX7| zAXttPtJMRJLYo5(%7rcqX$+Wk+aT4ZLiI>E#e-VwlZNIgJAY=jY*lxB{_LYldN2IV zGRfGoBS~TrlpYFX%7!ZoPG?4+9bd`;KCDa-KQ|U=cWJRMWG)8z5ok*P`})o`h?GRi z5Wey5*RSm+ki~R_IZcOUWJ2w-t@S5im7Q*uQe}~i!8vP6w8)TtO2p}Dyv)jQJmGGX zQ-{YeAq6RslYVff&Q1MRKmS4}{xUaRQg;%qsH0Dx-YmOi4dR2+4m8}qOk{-)rpF#u z9}QkF`543_EI&iE3uFU8b}4myB1#?a0$K>GD*^Sh8aM43;P2laUXaC}c@_l;BzFui z?Re&Gb%GYGMGrWs)_m)F7aK9?m14Yw8R0|1y~a9q1Uj|a;Nw8~?+=-km*qTU@FLHp z?Qo0gXHg?~U5N;U@?CTXu3Ccpx=kNkb|aY^n-jWVMqE-`vJl#sH<9!5MXrQmam;Bp zv1OfisSq^oXdddqtzg8J2@EX^@WmO!JW#j!O3*m)5{$G?M~yGh9-gaa%VB7GxsF$=PP%S4ebY)81c>HA4rl zx^T=&!93$tiK2Z(vH~dl6+z0OvJUPv)dy{VmX#~3{st=@NsnL@ccN=}SO4|;1Qstp3?dZem4^9kGIeZ`gvK-r@4}~hv3m%>4@LzUV_2?qg18sC zEpJFbONe|q&4y`rCW2?0F)HB^rfA8A4mD0jn6%tVCyxg&gbB`0op-)hphlfIEukgeuE%PA#B6ku|byxP@ZGSA?Y^K>1F zqRqhi3rZoN?O-8L&VjN>64V!6v_(~S`S?Ruj)g}rX4QRF@XMdn)I-b%E|nZbK;gG? zu=*wI_u^owaq2}XVae4)&HlPLCNYiC#vsdP&@r32ttD9K7MOFyqLRej#jfAQuI#IO z6;b?q8fkWu51T+?4le*tDth8*u0_y=GN#IkYA|iGWrmYr9lYLh699*JUYSAOlwg6p z`Oey^*%P#E1D3aC2}&^^(4)*6AN)aEjzdVE;FB0ct+ew=Qi#>3XF(+3Lj8_Xv`12S zl!y8OyG0wcU}PF$*R!h?c!`;Q;vX3=wP`&z%wjtdWRiRiH9lF15X&_1)iNtPd%J^I zm9LB%)2F+Kogh2P=27W74nkk6_55@DC<4wvUfwSfJe<_(H$8C&-rbpZT^_O*YOim- zuS+l{ne>@Qf|mUe0t3&JMOI6gl$+7F&%1KC-r3dMR%mMBAyxE^zuT`=qznTSmuDaq z=6nW)6Wz!&aYd$YB_HsZax7-?v6K;<6MJ?0mf%j(C#6&6v>|*Qv!u3_Ei-i)4(>oE z?6(<6NX1;@2_8ONI7=KnxQS4K=`J|8&HiWc>SmnxQnS{tIPzqS`@ezEe3H!#5VK4@ zvYf6Bs&8pnnd7ifLqbth0ddP>+BE7Y`+pmg%oNAUJTxZt-wiB3E5v%Y|LTNZd?-;x zKl9{4#h2&%%r?hUFHuK6F!=bQnh`H65HznzRkokeG5Rp@TY;B1bZEl={{CtV59T^p z#v-9uT_PZJ$?~#EySChu1CZa>ho50U%<7$gW=FO91F|b1XEG${kbs2hkxihZW*>&>81PTZd0SgMs5OVRE1bin&1&%L$H_HvATnivd5<#zm386H zfwnle45|0m^Y%chA^6j>oRVO9RGlw)4`Ps(}L6DFV` zu}^G4-l6vjwwF6AdvTMZqjn<<1gU|S&O4JQEjpTl$7M3y$u!FLIT-$va#8=JoHIP| zuHqcefml2>!b_LtqKSnbJ2z5=L(YgnvYDITaZ?U1s(Bxbky^DpRg5=|lx>SU8FOL; zY8tPX2e$MlGvU%TTm5`pB}a4;-3THf&Gz{kZ)}djB-CSzc2~W7wHLdvJ)Tkc5x-q~ zr^*r3Qa4?Xb%e;>hd1wcX#_FRjN*D@U|t$wvWJUev<5$Xox=P~1gkr;yP7**JjJ*X zy!fp&7GG?E!qiU2O67u@%LnvCtd$h$3m2swgEtv}Vp?|cz^I#~%E%em&&Z7`*SN6% zTD=#ZaA8U|qjnczc_tyzLjBSmznxry%F*{1Ox-u;R4T<`mI>oCmuK*0`U?gI>rHoV z7majZUx{##gb3=(J4O{g89iYVY zgnbklgB`D%i?tBavHl$i?I!u8sH*iUip6}~9QzhRt4NR@mTeP%?af{EgH z1qVLcf&J4Eoe8tk0Bv?Mn5PW`3v|V# zDtr|6C=hU4G+8~Fl%velZ<d(+HK2?DBhqX zVZJ^fT)uC)6)&E9&Z@Y3QTx;jS4;raMWCn5v73m?@$uHzn^JlWZ!B#bXN-AL)A#Ii zwv2l-n8sNf#*OF6z+q8v@cK3gz;}6#HtJ#cyHe)g3%A^FOQQj<@x7J6BuS|<_|l+E z66k&nCRmD4y-TKFHlO~>{V&XCOjun-iNxqi%CS-6DDg{!U<~Y%_J8ct1;Od-jbk;u z=wV*}X}R#&2Su8ZK?5KV*ska=finR2Scr>T&c6?lJ-T0fh4?&Yyz3uzMg`K{R~ z{epukJA_vkj}Qll6vZ`k=FO4Ut=1{W?A8utMJ6eOmQy^5BD?_N+2E( zvvJBm;m~XB_+^79OW)memQ!m1vgmV9$ih<@wUF>Xzzh`q)3T4Q%ZIBSPtzHnpIgQt zjhvF4g59NgV;oD0`veD%uM3)SjUzRjdVe2q7$`!+=c9{9g$x2itc(8AG7-=i9K6&s z@+x3WV2brdpJXJpud{dgurS#S#w`?m7=gP`exu8U=5QJjjnJ?84iIWF z@aOU8%6IFO4WBgH+~!!C4g*P31aB4sKq62mbZToU98y`7?z>leMMb$g5U8y4jYAl7 zXV$sM0%5*n04lp@gD|z%nk_i+fbIU5+GG zr0j3ABqOOk{r!t?17W1W3P+g+n((60_U83t-xcCLpe&fi0uRG!Y==*qSE`N_&5MkB_ssfXKbVVtOMD z@%WXo%QHg-%q9v(SNp3nF>CDSxD_+DHCbDfibM)YmIs7tgMl;7p(vqeF>6I*?BCjr zAPTv7={@r^O(j8BMhJlUsy2evTZ2NA5QV%znJaT<%UjR`%G;k3_cdfzUGG*cA16X3 z5}qzv^yQyqCa>GgKc$GV17k7RPu{$rhPmPzHO{v>HMJ)cGtuWV?7Q&l#nPqav9^ae zCTt~6OV5Cr3*{G1gxA@XB}s~Rh2M{?6)LN>;#B=`>!VFGabw<7tTPHNe+(EazC!tF zdQs`=v))rLE1?*H#(GA@anka%%P5jEhD)qZ2ARrT4-71(G#=}uEhbEgc0cP-&?8g7 zBA=QsT%B&hA0+Yldm>Nn7}4Fsl(C4D-!V9+*ik+UZlPz&9;@XRsIHbM&Wk8`=1?-bB%!2G6#J3%Wv~9GYsLn!uFVXZBT?siKL6M(JO9g0GuLGWqf_F zhpK+%*{S!!orA8+R;6jbC-jnVl$NMDA)=W=dCvtlPA7G2(wcG4iL+yJI_VeDO!TK# z8Pnlzea&iP1SrOn!%uQ_%9$eaV@!u1FXxoZ%a!{x8^|e!7Sa{yddI9%hwZitXb_KlO)8tS?98!f z!5K(-Mw&A-e@Z_#o@mwrAp(NTCv?*7Hejr|&-2H{t>f2|PtVi=xU#fG0%cH9thuG? zqS+kNghqW@Ooz&@w)E*!`KEO|&kTyJQ2KB6+F!iY_M(5-PB%Nv3bx)gbd2E253&^L zy(D**78@p+<3p=qHyaYzR!9KGNyOFbS(18|p`2t~J@%2a*+-YuW`bmuaipxeb{-RS zOkTZDWvHK$lp;vgI8b^nrzzG|LS|QgG&#NIaGE|o_*0J^(l{N1cSS3wmAmHvW_UTp z61dO`kvW-8;n<(^4OL{Iq)C?PgQVbtuqMik@zpXW?;a&$(Z&nYa<3!{LWXBV$O#n) zob#eKfYrO7zjtrYBGM8vDhxwlEwlc{3&;c{rQw~=ZClcFX{Py)#^|$aG8a$?So%~Y z@ks|s1BABql;#PILxG4%s{&fJ%WYHva3Rw9hNzLNS z zhyH0fzs*c^)Fw$(L1+8_tK~9(v|Qo;Xt~O_ceFwEKII^F{r}Z+`9E52sDYaKbv-0jAgg65#JuTL2kNF`?=1X=`jxdfA5+S~W`Ob=f#1QK1#vd)0YSS5~FZKSv zTJHWoE%$wbuu5|#;1L+sGbkc(Wz+Ga<;woka$f(mTz8iFJKu(Du<72m^S9rc^ zOz+Z@TqXAm%S!#IjJ{PuaQUSYZV6=SnX}PXRJ=4}z9y3&U58uK9GVBSuz($cw7Z7K zH7qtMal<1QILr!QnTkdn@WEp3;a7f-k44utK}|)S6y9rYg|J{#LDI+7-yzqIzgN9@7NsRqi2Ptz6>VKv1<_hA-!2{f zKFj&v>o=;nepg>r;>igACKCLzU6x&xcFbV#vvo^@A&~BD>i6$%Uk|CTKfJq>8DMW% z5`Ur`{j=PvCeDXIrL=GNvQc&nH&n9Rm6f2f3-eU$a&4sut^mRvK0#o}(;wyq!_e)? z33A4q@A8z~lh)ml>#VwO9sFy^1P$7+k+3p(&O*}5#6orJ5{ZOU)@bT0nnJfaq_Od* zI@0Ok&n$12zp3nSrcP;Y3gZHv9FQj~CKx0EvGXozn(B*2l;M!V&GFDIs=r2Zka|T$ zb6jujsMobrrEc^d)sCP0;{|d?rjrFc%R!KQ?6I{nNK{THL*i&dE}SaVDzCR2+O)4Q z0Z4?8ShxD`0v-7}le#kBWnqsmqzT$c3>FvMyR4|DR_o zJ(0Fc#e4BG5W|khW+;~*p+2qt%*^JS8K$)xVzp^Rob$$|e*oJiF_pI2IPHEokvr|P z;F1VUa;ouIp);-BSqDtE0QA9m-q|aJZ_{|@-=!zbgGmhHDP^r_b?XDjGu-pIAWO@; z>#`$EXi&u?U+{P-P9mo&mBiYgwxUiPUzEr)0a4KCpMS(>Mmj~@*RW*;?%(fJW4DoYnXg~IemdWzGsCGUfvsdp P-}nSOS@|ZyqyYa1mI3F} literal 0 HcmV?d00001 diff --git a/docker/dev/Dockerfile b/docker/dev/Dockerfile index bb4ac6d44..dcb1f1f9b 100644 --- a/docker/dev/Dockerfile +++ b/docker/dev/Dockerfile @@ -29,7 +29,8 @@ COPY scripts/install-s6 /tmp/install-s6 RUN rm -f /etc/nginx/conf.d/production.conf \ && chmod 644 /etc/logrotate.d/nginx-proxy-manager \ && /tmp/install-s6 "${TARGETPLATFORM}" \ - && rm -f /tmp/install-s6 + && rm -f /tmp/install-s6 \ + && chmod 644 -R /root/.cache # Certs for testing purposes COPY --from=pebbleca /test/certs/pebble.minica.pem /etc/ssl/certs/pebble.minica.pem diff --git a/docker/docker-compose.ci.postgres.yml b/docker/docker-compose.ci.postgres.yml new file mode 100644 index 000000000..c4468c68b --- /dev/null +++ b/docker/docker-compose.ci.postgres.yml @@ -0,0 +1,78 @@ +# WARNING: This is a CI docker-compose file used for building and testing of the entire app, it should not be used for production. +services: + + cypress: + environment: + CYPRESS_stack: 'postgres' + + fullstack: + environment: + DB_POSTGRES_HOST: 'db-postgres' + DB_POSTGRES_PORT: '5432' + DB_POSTGRES_USER: 'npm' + DB_POSTGRES_PASSWORD: 'npmpass' + DB_POSTGRES_NAME: 'npm' + depends_on: + - db-postgres + - authentik + - authentik-worker + - authentik-ldap + + db-postgres: + image: postgres:latest + environment: + POSTGRES_USER: 'npm' + POSTGRES_PASSWORD: 'npmpass' + POSTGRES_DB: 'npm' + volumes: + - psql_vol:/var/lib/postgresql/data + - ./ci/postgres:/docker-entrypoint-initdb.d + networks: + - fulltest + + authentik-redis: + image: 'redis:alpine' + command: --save 60 1 --loglevel warning + restart: unless-stopped + healthcheck: + test: ['CMD-SHELL', 'redis-cli ping | grep PONG'] + start_period: 20s + interval: 30s + retries: 5 + timeout: 3s + volumes: + - redis_vol:/data + + authentik: + image: ghcr.io/goauthentik/server:2024.10.1 + restart: unless-stopped + command: server + env_file: + - ci.env + depends_on: + - authentik-redis + - db-postgres + + authentik-worker: + image: ghcr.io/goauthentik/server:2024.10.1 + restart: unless-stopped + command: worker + env_file: + - ci.env + depends_on: + - authentik-redis + - db-postgres + + authentik-ldap: + image: ghcr.io/goauthentik/ldap:2024.10.1 + environment: + AUTHENTIK_HOST: 'http://authentik:9000' + AUTHENTIK_INSECURE: 'true' + AUTHENTIK_TOKEN: 'wKYZuRcI0ETtb8vWzMCr04oNbhrQUUICy89hSpDln1OEKLjiNEuQ51044Vkp' + restart: unless-stopped + depends_on: + - authentik + +volumes: + psql_vol: + redis_vol: diff --git a/docker/docker-compose.dev.yml b/docker/docker-compose.dev.yml index 2bfa2b798..ea186a57d 100644 --- a/docker/docker-compose.dev.yml +++ b/docker/docker-compose.dev.yml @@ -2,8 +2,8 @@ services: fullstack: - image: nginxproxymanager:dev - container_name: npm_core + image: npm2dev:core + container_name: npm2dev.core build: context: ./ dockerfile: ./dev/Dockerfile @@ -26,11 +26,17 @@ services: DEVELOPMENT: 'true' LE_STAGING: 'true' # db: - DB_MYSQL_HOST: 'db' - DB_MYSQL_PORT: '3306' - DB_MYSQL_USER: 'npm' - DB_MYSQL_PASSWORD: 'npm' - DB_MYSQL_NAME: 'npm' + # DB_MYSQL_HOST: 'db' + # DB_MYSQL_PORT: '3306' + # DB_MYSQL_USER: 'npm' + # DB_MYSQL_PASSWORD: 'npm' + # DB_MYSQL_NAME: 'npm' + # db-postgres: + DB_POSTGRES_HOST: 'db-postgres' + DB_POSTGRES_PORT: '5432' + DB_POSTGRES_USER: 'npm' + DB_POSTGRES_PASSWORD: 'npmpass' + DB_POSTGRES_NAME: 'npm' # DB_SQLITE_FILE: "/data/database.sqlite" # DISABLE_IPV6: "true" # Required for DNS Certificate provisioning testing: @@ -49,11 +55,15 @@ services: timeout: 3s depends_on: - db + - db-postgres + - authentik + - authentik-worker + - authentik-ldap working_dir: /app db: image: jc21/mariadb-aria - container_name: npm_db + container_name: npm2dev.db ports: - 33306:3306 networks: @@ -66,8 +76,22 @@ services: volumes: - db_data:/var/lib/mysql + db-postgres: + image: postgres:latest + container_name: npm2dev.db-postgres + networks: + - nginx_proxy_manager + environment: + POSTGRES_USER: 'npm' + POSTGRES_PASSWORD: 'npmpass' + POSTGRES_DB: 'npm' + volumes: + - psql_data:/var/lib/postgresql/data + - ./ci/postgres:/docker-entrypoint-initdb.d + stepca: image: jc21/testca + container_name: npm2dev.stepca volumes: - './dev/resolv.conf:/etc/resolv.conf:ro' - '/etc/localtime:/etc/localtime:ro' @@ -78,6 +102,7 @@ services: dnsrouter: image: jc21/dnsrouter + container_name: npm2dev.dnsrouter volumes: - ./dev/dnsrouter-config.json.tmp:/dnsrouter-config.json:ro networks: @@ -85,7 +110,7 @@ services: swagger: image: swaggerapi/swagger-ui:latest - container_name: npm_swagger + container_name: npm2dev.swagger ports: - 3082:80 environment: @@ -96,7 +121,7 @@ services: squid: image: ubuntu/squid - container_name: npm_squid + container_name: npm2dev.squid volumes: - './dev/squid.conf:/etc/squid/squid.conf:ro' - './dev/resolv.conf:/etc/resolv.conf:ro' @@ -108,6 +133,7 @@ services: pdns: image: pschiffe/pdns-mysql + container_name: npm2dev.pdns volumes: - '/etc/localtime:/etc/localtime:ro' environment: @@ -136,6 +162,7 @@ services: pdns-db: image: mariadb + container_name: npm2dev.pdns-db environment: MYSQL_ROOT_PASSWORD: 'pdns' MYSQL_DATABASE: 'pdns' @@ -149,7 +176,8 @@ services: - nginx_proxy_manager cypress: - image: "npm_dev_cypress" + image: npm2dev:cypress + container_name: npm2dev.cypress build: context: ../ dockerfile: test/cypress/Dockerfile @@ -164,16 +192,75 @@ services: networks: - nginx_proxy_manager + authentik-redis: + image: 'redis:alpine' + container_name: npm2dev.authentik-redis + command: --save 60 1 --loglevel warning + networks: + - nginx_proxy_manager + restart: unless-stopped + healthcheck: + test: ['CMD-SHELL', 'redis-cli ping | grep PONG'] + start_period: 20s + interval: 30s + retries: 5 + timeout: 3s + volumes: + - redis_data:/data + + authentik: + image: ghcr.io/goauthentik/server:2024.10.1 + container_name: npm2dev.authentik + restart: unless-stopped + command: server + networks: + - nginx_proxy_manager + env_file: + - ci.env + depends_on: + - authentik-redis + - db-postgres + + authentik-worker: + image: ghcr.io/goauthentik/server:2024.10.1 + container_name: npm2dev.authentik-worker + restart: unless-stopped + command: worker + networks: + - nginx_proxy_manager + env_file: + - ci.env + depends_on: + - authentik-redis + - db-postgres + + authentik-ldap: + image: ghcr.io/goauthentik/ldap:2024.10.1 + container_name: npm2dev.authentik-ldap + networks: + - nginx_proxy_manager + environment: + AUTHENTIK_HOST: 'http://authentik:9000' + AUTHENTIK_INSECURE: 'true' + AUTHENTIK_TOKEN: 'wKYZuRcI0ETtb8vWzMCr04oNbhrQUUICy89hSpDln1OEKLjiNEuQ51044Vkp' + restart: unless-stopped + depends_on: + - authentik + volumes: npm_data: - name: npm_core_data + name: npm2dev_core_data le_data: - name: npm_le_data + name: npm2dev_le_data db_data: - name: npm_db_data + name: npm2dev_db_data pdns_mysql: - name: npm_pdns_mysql + name: npnpm2dev_pdns_mysql + psql_data: + name: npm2dev_psql_data + redis_data: + name: npm2dev_redis_data networks: nginx_proxy_manager: - name: npm_network + name: npm2dev_network diff --git a/docs/src/setup/index.md b/docs/src/setup/index.md index 0b5d69da8..d0b826d2f 100644 --- a/docs/src/setup/index.md +++ b/docs/src/setup/index.md @@ -99,6 +99,53 @@ Please note, that `DB_MYSQL_*` environment variables will take precedent over `D ::: +## Using Postgres database + +Similar to the MySQL server setup: + +```yml +services: + app: + image: 'jc21/nginx-proxy-manager:latest' + restart: unless-stopped + ports: + # These ports are in format : + - '80:80' # Public HTTP Port + - '443:443' # Public HTTPS Port + - '81:81' # Admin Web Port + # Add any other Stream port you want to expose + # - '21:21' # FTP + environment: + # Postgres parameters: + DB_POSTGRES_HOST: 'db' + DB_POSTGRES_PORT: '5432' + DB_POSTGRES_USER: 'npm' + DB_POSTGRES_PASSWORD: 'npmpass' + DB_POSTGRES_NAME: 'npm' + # Uncomment this if IPv6 is not enabled on your host + # DISABLE_IPV6: 'true' + volumes: + - ./data:/data + - ./letsencrypt:/etc/letsencrypt + depends_on: + - db + + db: + image: postgres:latest + environment: + POSTGRES_USER: 'npm' + POSTGRES_PASSWORD: 'npmpass' + POSTGRES_DB: 'npm' + volumes: + - ./postgres:/var/lib/postgresql/data +``` + +::: warning + +Custom Postgres schema is not supported, as such `public` will be used. + +::: + ## Running on Raspberry PI / ARM devices The docker images support the following architectures: diff --git a/scripts/.common.sh b/scripts/.common.sh index 4111db3b5..c89dbf4f2 100644 --- a/scripts/.common.sh +++ b/scripts/.common.sh @@ -11,7 +11,7 @@ YELLOW='\E[1;33m' export BLUE CYAN GREEN RED RESET YELLOW # Docker Compose -COMPOSE_PROJECT_NAME="npmdev" +COMPOSE_PROJECT_NAME="npm2dev" COMPOSE_FILE="docker/docker-compose.dev.yml" export COMPOSE_FILE COMPOSE_PROJECT_NAME diff --git a/scripts/ci/fulltest-cypress b/scripts/ci/fulltest-cypress index 9101189c2..c7255ffb2 100755 --- a/scripts/ci/fulltest-cypress +++ b/scripts/ci/fulltest-cypress @@ -67,6 +67,8 @@ printf "nameserver %s\noptions ndots:0" "${DNSROUTER_IP}" > "${LOCAL_RESOLVE}" # bring up all remaining containers, except cypress! docker-compose up -d --remove-orphans stepca squid docker-compose pull db-mysql || true # ok to fail +docker-compose pull db-postgres || true # ok to fail +docker-compose pull authentik authentik-redis authentik-ldap || true # ok to fail docker-compose up -d --remove-orphans --pull=never fullstack # wait for main container to be healthy diff --git a/scripts/start-dev b/scripts/start-dev index 9da6ed450..b972ab805 100755 --- a/scripts/start-dev +++ b/scripts/start-dev @@ -36,12 +36,11 @@ if hash docker-compose 2>/dev/null; then # bring up all remaining containers, except cypress! docker-compose up -d --remove-orphans stepca squid - docker-compose pull db - docker-compose up -d --remove-orphans --pull=never fullstack + docker-compose pull db db-postgres authentik-redis authentik authentik-worker authentik-ldap + docker-compose build --pull --parallel fullstack + docker-compose up -d --remove-orphans fullstack docker-compose up -d --remove-orphans swagger - # docker-compose up -d --remove-orphans --force-recreate --build - # wait for main container to be healthy bash "$DIR/wait-healthy" "$(docker-compose ps --all -q fullstack)" 120 @@ -53,10 +52,10 @@ if hash docker-compose 2>/dev/null; then if [ "$1" == "-f" ]; then echo -e "${BLUE}❯ ${YELLOW}Following Backend Container:${RESET}" - docker logs -f npm_core + docker logs -f npm2dev.core else echo -e "${YELLOW}Hint:${RESET} You can follow the output of some of the containers with:" - echo " docker logs -f npm_core" + echo " docker logs -f npm2dev.core" fi else echo -e "${RED}❯ docker-compose command is not available${RESET}" diff --git a/test/cypress/e2e/api/Ldap.cy.js b/test/cypress/e2e/api/Ldap.cy.js new file mode 100644 index 000000000..6b7e5f76c --- /dev/null +++ b/test/cypress/e2e/api/Ldap.cy.js @@ -0,0 +1,64 @@ +/// + +describe('LDAP with Authentik', () => { + let token; + if (Cypress.env('skipStackCheck') === 'true' || Cypress.env('stack') === 'postgres') { + + before(() => { + cy.getToken().then((tok) => { + token = tok; + + // cy.task('backendApiPut', { + // token: token, + // path: '/api/settings/ldap-auth', + // data: { + // value: { + // host: 'authentik-ldap:3389', + // base_dn: 'ou=users,DC=ldap,DC=goauthentik,DC=io', + // user_dn: 'cn={{USERNAME}},ou=users,DC=ldap,DC=goauthentik,DC=io', + // email_property: 'mail', + // name_property: 'sn', + // self_filter: '(&(cn={{USERNAME}})(ak-active=TRUE))', + // auto_create_user: true + // } + // } + // }).then((data) => { + // cy.validateSwaggerSchema('put', 200, '/settings/{name}', data); + // expect(data.result).to.have.property('id'); + // expect(data.result.id).to.be.greaterThan(0); + // }); + + // cy.task('backendApiPut', { + // token: token, + // path: '/api/settings/auth-methods', + // data: { + // value: [ + // 'local', + // 'ldap' + // ] + // } + // }).then((data) => { + // cy.validateSwaggerSchema('put', 200, '/settings/{name}', data); + // expect(data.result).to.have.property('id'); + // expect(data.result.id).to.be.greaterThan(0); + // }); + }); + }); + + it.skip('Should log in with LDAP', function() { + // cy.task('backendApiPost', { + // token: token, + // path: '/api/auth', + // data: { + // // Authentik LDAP creds: + // type: 'ldap', + // identity: 'cypress', + // secret: 'fqXBfUYqHvYqiwBHWW7f' + // } + // }).then((data) => { + // cy.validateSwaggerSchema('post', 200, '/auth', data); + // expect(data.result).to.have.property('token'); + // }); + }); + } +}); diff --git a/test/cypress/e2e/api/OAuth.cy.js b/test/cypress/e2e/api/OAuth.cy.js new file mode 100644 index 000000000..044bb2757 --- /dev/null +++ b/test/cypress/e2e/api/OAuth.cy.js @@ -0,0 +1,97 @@ +/// + +describe('OAuth with Authentik', () => { + let token; + if (Cypress.env('skipStackCheck') === 'true' || Cypress.env('stack') === 'postgres') { + + before(() => { + cy.getToken().then((tok) => { + token = tok; + + // cy.task('backendApiPut', { + // token: token, + // path: '/api/settings/oauth-auth', + // data: { + // value: { + // client_id: '7iO2AvuUp9JxiSVkCcjiIbQn4mHmUMBj7yU8EjqU', + // client_secret: 'VUMZzaGTrmXJ8PLksyqzyZ6lrtz04VvejFhPMBP9hGZNCMrn2LLBanySs4ta7XGrDr05xexPyZT1XThaf4ubg00WqvHRVvlu4Naa1aMootNmSRx3VAk6RSslUJmGyHzq', + // authorization_url: 'http://authentik:9000/application/o/authorize/', + // resource_url: 'http://authentik:9000/application/o/userinfo/', + // token_url: 'http://authentik:9000/application/o/token/', + // logout_url: 'http://authentik:9000/application/o/npm/end-session/', + // identifier: 'preferred_username', + // scopes: [], + // auto_create_user: true + // } + // } + // }).then((data) => { + // cy.validateSwaggerSchema('put', 200, '/settings/{name}', data); + // expect(data.result).to.have.property('id'); + // expect(data.result.id).to.be.greaterThan(0); + // }); + + // cy.task('backendApiPut', { + // token: token, + // path: '/api/settings/auth-methods', + // data: { + // value: [ + // 'local', + // 'oauth' + // ] + // } + // }).then((data) => { + // cy.validateSwaggerSchema('put', 200, '/settings/{name}', data); + // expect(data.result).to.have.property('id'); + // expect(data.result.id).to.be.greaterThan(0); + // }); + }); + }); + + it.skip('Should log in with OAuth', function() { + // cy.task('backendApiGet', { + // path: '/oauth/login?redirect_base=' + encodeURI(Cypress.config('baseUrl')), + // }).then((data) => { + // expect(data).to.have.property('result'); + + // cy.origin('http://authentik:9000', {args: data.result}, (url) => { + // cy.visit(url); + // cy.get('ak-flow-executor') + // .shadow() + // .find('ak-stage-identification') + // .shadow() + // .find('input[name="uidField"]', { visible: true }) + // .type('cypress'); + + // cy.get('ak-flow-executor') + // .shadow() + // .find('ak-stage-identification') + // .shadow() + // .find('button[type="submit"]', { visible: true }) + // .click(); + + // cy.get('ak-flow-executor') + // .shadow() + // .find('ak-stage-password') + // .shadow() + // .find('input[name="password"]', { visible: true }) + // .type('fqXBfUYqHvYqiwBHWW7f'); + + // cy.get('ak-flow-executor') + // .shadow() + // .find('ak-stage-password') + // .shadow() + // .find('button[type="submit"]', { visible: true }) + // .click(); + // }) + + // // we should be logged in + // cy.get('#root p.chakra-text') + // .first() + // .should('have.text', 'Nginx Proxy Manager'); + + // // logout: + // cy.clearLocalStorage(); + // }); + }); + } +}); From e2011ee45cb5722ea7e2a31c4f348b02f7fa9bb4 Mon Sep 17 00:00:00 2001 From: Jamie Curnow Date: Tue, 24 Dec 2024 17:51:25 +1000 Subject: [PATCH 095/175] Bump version --- .version | 2 +- README.md | 2 +- docs/src/setup/index.md | 3 +-- 3 files changed, 3 insertions(+), 4 deletions(-) diff --git a/.version b/.version index 3cf561c0b..371a952d6 100644 --- a/.version +++ b/.version @@ -1 +1 @@ -2.12.1 +2.12.2 diff --git a/README.md b/README.md index 9ac6a6c85..0e46f00f1 100644 --- a/README.md +++ b/README.md @@ -1,7 +1,7 @@



- + diff --git a/docs/src/setup/index.md b/docs/src/setup/index.md index d0b826d2f..5e126754f 100644 --- a/docs/src/setup/index.md +++ b/docs/src/setup/index.md @@ -21,8 +21,7 @@ services: # Add any other Stream port you want to expose # - '21:21' # FTP - # Uncomment the next line if you uncomment anything in the section - # environment: + environment: # Uncomment this if you want to change the location of # the SQLite DB file within the container # DB_SQLITE_FILE: "/data/database.sqlite" From fc30a92bd4d7cbacc7285eedd631893381d2ddde Mon Sep 17 00:00:00 2001 From: Jamie Curnow Date: Tue, 24 Dec 2024 18:19:52 +1000 Subject: [PATCH 096/175] Open port for authentik in dev --- docker/docker-compose.dev.yml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/docker/docker-compose.dev.yml b/docker/docker-compose.dev.yml index ea186a57d..50ca55537 100644 --- a/docker/docker-compose.dev.yml +++ b/docker/docker-compose.dev.yml @@ -217,6 +217,8 @@ services: - nginx_proxy_manager env_file: - ci.env + ports: + - 9000:9000 depends_on: - authentik-redis - db-postgres From 98e5997f0a793c2014f7e4a12d35d0cebc3fc82f Mon Sep 17 00:00:00 2001 From: Chris Xiong Date: Thu, 26 Dec 2024 09:51:28 +0800 Subject: [PATCH 097/175] upgrade certbot-dns-aliyun plugin from 0.38.1 to 2.0.0 --- global/certbot-dns-plugins.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/global/certbot-dns-plugins.json b/global/certbot-dns-plugins.json index d439bc99a..784d55a61 100644 --- a/global/certbot-dns-plugins.json +++ b/global/certbot-dns-plugins.json @@ -18,7 +18,7 @@ "aliyun": { "name": "Aliyun", "package_name": "certbot-dns-aliyun", - "version": "~=0.38.1", + "version": "~=2.0.0", "dependencies": "", "credentials": "dns_aliyun_access_key = 12345678\ndns_aliyun_access_key_secret = 1234567890abcdef1234567890abcdef", "full_plugin_name": "dns-aliyun" From f1c97c7c36db1471feb5044e51da23a821f764c5 Mon Sep 17 00:00:00 2001 From: dim145 Date: Fri, 3 Jan 2025 00:39:29 +0100 Subject: [PATCH 098/175] fix: add missing group_by clause for access_list get --- backend/internal/access-list.js | 1 + 1 file changed, 1 insertion(+) diff --git a/backend/internal/access-list.js b/backend/internal/access-list.js index 41c975e6e..10743bf60 100644 --- a/backend/internal/access-list.js +++ b/backend/internal/access-list.js @@ -258,6 +258,7 @@ const internalAccessList = { }) .where('access_list.is_deleted', 0) .andWhere('access_list.id', data.id) + .groupBy('access_list.id') .allowGraph('[owner,items,clients,proxy_hosts.[certificate,access_list.[clients,items]]]') .first(); From 5a234bb88ccbef3e051f5331845d103319a518b6 Mon Sep 17 00:00:00 2001 From: Jamie Curnow Date: Tue, 7 Jan 2025 08:13:04 +1000 Subject: [PATCH 099/175] Fix incorrect test folder in ci results --- Jenkinsfile | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/Jenkinsfile b/Jenkinsfile index 224138bf4..66ed7cb6a 100644 --- a/Jenkinsfile +++ b/Jenkinsfile @@ -128,7 +128,7 @@ pipeline { sh 'docker-compose down --remove-orphans --volumes -t 30 || true' } unstable { - dir(path: 'testing/results') { + dir(path: 'test/results') { archiveArtifacts(allowEmptyArchive: true, artifacts: '**/*', excludes: '**/*.xml') } } @@ -161,7 +161,7 @@ pipeline { sh 'docker-compose down --remove-orphans --volumes -t 30 || true' } unstable { - dir(path: 'testing/results') { + dir(path: 'test/results') { archiveArtifacts(allowEmptyArchive: true, artifacts: '**/*', excludes: '**/*.xml') } } @@ -199,7 +199,7 @@ pipeline { sh 'docker-compose down --remove-orphans --volumes -t 30 || true' } unstable { - dir(path: 'testing/results') { + dir(path: 'test/results') { archiveArtifacts(allowEmptyArchive: true, artifacts: '**/*', excludes: '**/*.xml') } } From 9687e9e450eaf7370f9c17dbfbdd4e2cbf4032d3 Mon Sep 17 00:00:00 2001 From: Jamie Curnow Date: Tue, 7 Jan 2025 10:30:08 +1000 Subject: [PATCH 100/175] Use previous version of powerdns image, newer version is broken --- docker/docker-compose.ci.yml | 2 +- docker/docker-compose.dev.yml | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/docker/docker-compose.ci.yml b/docker/docker-compose.ci.yml index bb68858f9..022f28131 100644 --- a/docker/docker-compose.ci.yml +++ b/docker/docker-compose.ci.yml @@ -40,7 +40,7 @@ services: - ca.internal pdns: - image: pschiffe/pdns-mysql + image: pschiffe/pdns-mysql:4.8 volumes: - '/etc/localtime:/etc/localtime:ro' environment: diff --git a/docker/docker-compose.dev.yml b/docker/docker-compose.dev.yml index 50ca55537..5abe057b0 100644 --- a/docker/docker-compose.dev.yml +++ b/docker/docker-compose.dev.yml @@ -132,7 +132,7 @@ services: - 8128:3128 pdns: - image: pschiffe/pdns-mysql + image: pschiffe/pdns-mysql:4.8 container_name: npm2dev.pdns volumes: - '/etc/localtime:/etc/localtime:ro' @@ -218,7 +218,7 @@ services: env_file: - ci.env ports: - - 9000:9000 + - 9000:9000 depends_on: - authentik-redis - db-postgres From 080bd0b7497361f098f76d116ebdcfce368a822c Mon Sep 17 00:00:00 2001 From: Julian Gassner Date: Wed, 4 Dec 2024 03:45:56 +0100 Subject: [PATCH 101/175] Added status of certificates to the certificate list and show on which domain names the certificates are in use --- backend/internal/certificate.js | 6 +++ backend/models/certificate.js | 39 ++++++++++++++++++- frontend/js/app/dashboard/main.js | 4 +- .../js/app/nginx/certificates/list/item.ejs | 16 +++++++- .../js/app/nginx/certificates/list/item.js | 22 ++++++++--- .../js/app/nginx/certificates/list/main.ejs | 1 + frontend/js/app/nginx/certificates/main.js | 4 +- frontend/js/app/user/form.ejs | 24 ++++++------ frontend/js/app/user/form.js | 2 +- frontend/js/i18n/messages.json | 5 ++- 10 files changed, 96 insertions(+), 27 deletions(-) diff --git a/backend/internal/certificate.js b/backend/internal/certificate.js index 34b8fdf5a..f2e845a24 100644 --- a/backend/internal/certificate.js +++ b/backend/internal/certificate.js @@ -313,6 +313,9 @@ const internalCertificate = { .where('is_deleted', 0) .andWhere('id', data.id) .allowGraph('[owner]') + .allowGraph('[proxy_hosts]') + .allowGraph('[redirection_hosts]') + .allowGraph('[dead_hosts]') .first(); if (access_data.permission_visibility !== 'all') { @@ -464,6 +467,9 @@ const internalCertificate = { .where('is_deleted', 0) .groupBy('id') .allowGraph('[owner]') + .allowGraph('[proxy_hosts]') + .allowGraph('[redirection_hosts]') + .allowGraph('[dead_hosts]') .orderBy('nice_name', 'ASC'); if (access_data.permission_visibility !== 'all') { diff --git a/backend/models/certificate.js b/backend/models/certificate.js index 534d927cb..294d6de59 100644 --- a/backend/models/certificate.js +++ b/backend/models/certificate.js @@ -4,7 +4,6 @@ const db = require('../db'); const helpers = require('../lib/helpers'); const Model = require('objection').Model; -const User = require('./user'); const now = require('./now_helper'); Model.knex(db); @@ -68,6 +67,11 @@ class Certificate extends Model { } static get relationMappings () { + const ProxyHost = require('./proxy_host'); + const DeadHost = require('./dead_host'); + const User = require('./user'); + const RedirectionHost = require('./redirection_host'); + return { owner: { relation: Model.HasOneRelation, @@ -79,6 +83,39 @@ class Certificate extends Model { modify: function (qb) { qb.where('user.is_deleted', 0); } + }, + proxy_hosts: { + relation: Model.HasManyRelation, + modelClass: ProxyHost, + join: { + from: 'certificate.id', + to: 'proxy_host.certificate_id' + }, + modify: function (qb) { + qb.where('proxy_host.is_deleted', 0); + } + }, + dead_hosts: { + relation: Model.HasManyRelation, + modelClass: DeadHost, + join: { + from: 'certificate.id', + to: 'dead_host.certificate_id' + }, + modify: function (qb) { + qb.where('dead_host.is_deleted', 0); + } + }, + redirection_hosts: { + relation: Model.HasManyRelation, + modelClass: RedirectionHost, + join: { + from: 'certificate.id', + to: 'redirection_host.certificate_id' + }, + modify: function (qb) { + qb.where('redirection_host.is_deleted', 0); + } } }; } diff --git a/frontend/js/app/dashboard/main.js b/frontend/js/app/dashboard/main.js index c2e82f855..4765d061e 100644 --- a/frontend/js/app/dashboard/main.js +++ b/frontend/js/app/dashboard/main.js @@ -50,8 +50,7 @@ module.exports = Mn.View.extend({ onRender: function () { let view = this; - if (typeof view.stats.hosts === 'undefined') { - Api.Reports.getHostStats() + Api.Reports.getHostStats() .then(response => { if (!view.isDestroyed()) { view.stats.hosts = response; @@ -61,7 +60,6 @@ module.exports = Mn.View.extend({ .catch(err => { console.log(err); }); - } }, /** diff --git a/frontend/js/app/nginx/certificates/list/item.ejs b/frontend/js/app/nginx/certificates/list/item.ejs index 9a0d6b27d..179a81955 100644 --- a/frontend/js/app/nginx/certificates/list/item.ejs +++ b/frontend/js/app/nginx/certificates/list/item.ejs @@ -33,6 +33,13 @@ <%- formatDbDate(expires_on, 'Do MMMM YYYY, h:mm a') %> + + <% if (active_domain_names().length > 0) { %> + <%- i18n('certificates', 'in-use') %> + <% } else { %> + <%- i18n('certificates', 'inactive') %> + <% } %> + <% if (canManage) { %>

@@ -48,7 +55,14 @@
<% } %> <%- i18n('str', 'delete') %> + <% if (active_domain_names().length > 0) { %> +
+ <%- i18n('certificates', 'active-domain_names') %> + <% active_domain_names().forEach(function(host) { %> + <%- host %> + <% }); %> + <% } %>

av_NS<{zI;p)*u4uYqC? zd~=M>pjr)z@yd3V5XDR%`6+Y5B!Al<+eO$9atRX2c*BV_#F$&0hJDQ9y6r3M7lAq0 zKe;mWeZ+Q##zb!qfoJJ|V)zQ*dID^7*>nxoG@-vJesS>4r)@Y0<}P3!kNTAt0R8~x z4}UNe>}iAfp!DC3WqxA8vWB&s8?kPjhD0`U<%O9o;(8cU*j z$B$q6IZKG!+kN4EpfB0DGORnS4z=~gqcd9&FV67%C(+`10q#@06n zc^st6l?Zh$iZ*-p=ytsHbS- z5$OE=jC!!D;vX>u#aDC&1=eKHdjkG?Z*uGD^8l=#1W-0ej_8jvb!4gYP5&SaSEq4zwJvz_oZ|6|p88(#LL^XNXPq+N4X>M^%gtaXa<%^Mx6+hS<;vM)# zGxY8f*e}7L_oSd+F6d9;xs`O;aLV7uA|8us6HbBr1*|K1I*j=!UuL5-1~9(Fzv`6a z53YxOxeGckFCkeli1Wj|*VaQ1^JB1PMr;@dp1VZnmw#|Q%7?%{g1^aldnW*T``2V` z_k|b=Vob=ZVEqv0n(*!XF6#M*`5WSAERN21%Fwrq_||ud-hY5FKRP1}bEb%!qCR#U z)fTsYMs$ALLT_dhf78Xk>-m3aBmZR|<}@a1@Jv^lPnJENJ`dlNOvdzy3wnE5;*eQy zU|ixB1F#vG&nQl?h7UOD5x%QLO$+q?ABjMHo9I0%&*`O;^`F->&3N2e>v^M$0bKui z#{9@s|MlyhU@b6)bnv}F|Lr^^bdF<2`iI_41AoxFLtrfU>wQp<=_x|*MFIB-mYY;m zS5N7-_Y(>IJP4zNa3q%`|%nwIDD5YTJLs#i~4!D5_&Jo-_M8q_Kpnc zpYOeZ@4))?K3uT>-y6v^e|_uPrA}1%^IysAM5h0(E`eCQ@$0|*AA08sdea=NdBC`W z&aA_l%zvXJ{(q+%|DSQ$SFKwjf5kuz6T_~XW-ciPhQA6J4({}ArCjLig+p)>YB zMDKWC{%`5}$^KLF#54JS<9~gxTGtl8-lG-C zVKbff8jfrC&$IN3@tG!M<$1PW@loWW=M!J9r%KL}hjh?~cRx6{;dR*yhaoJoobBsNT1E=b>P3U-Q&$`V)u`s!!C~= z_c7|kNPfb()A^i9PZE1GNA(`L>Qz4PpT3(?{jR;7+T=Re=OfwUYE0^B$C>vci`OI-m&3R3j?}5<4E%9$ z9+b7$FS6vH9{XG!fo>w3z~% z^*z3UX}!Y3=Qc6^*nXK{DvslDROJI%XC`(w@z+OXh0X=I=XMJ$QfN+b+e=x_YDp&O z)6%eCoIJbLGjXU(&k{mjPgKW=Q+Um$krBOHKKrDXOLwD77Rf!NMR&$Z_A)KVy1qVzO;&f! zP)2y1=EruhRek7-OUNpg)l`vH)1S|4qWJ@fsrHN=KT*_O-mNoSnz;Db5<~6X7N0|x zeXrMm$nP({kBmBC_?_fvBS~B?b~rwy(>HYKJh!rz>Ge%e;X7(k1%oEjh@@AcqO0Jh0{jnqO75ECi!6?R<_$I zM+L(og8MG}(-&08ZYztZcPsI2rX<)I%x zm*q947FJS;q8&f|vy#8(Ll8br+A>jyXOUA|#)OLE4CpA~| zTf2WxO+m~qbFk`$@Ct6qPop`$zHI(sK2~mg?_HbeCxBkjUda zHs|Eff9BqRBFp(ZTi>80(m`4)%XQ#|kXS+g_w!u}Lx4)#b4E>&2ule8S$PaJZ( z_yY2#yNCVMW?LC$RpF{-XPvbdSK0RA@wnbk4X`cAIm*?bhUSTxCf3Y{hOzl~@Gt=+ zy}G%2E%MvZA=5X`pDz<7kCziu$lAkC?=gRTRGwDiPVS6UI8X0nQgIT+RMGVV`*LKY zSl9nw|JVPz^XxUt((Dh8BZxm}?#}#iqsi+ZDZ!Hrcf)TvOZNGOfs1Q$B`5}6!{X>xh)EL+TvuYwJ2+(|$8h_X52LK817 zbKh@SvV_0)VADtl`U$(vK@yFyPU^%9Dh9mxOcsN$hVzE z$?F|1nsC9d_#quwF3dF5OI}qVrRTSMuR`MGe6`+Qu>0QY<)?`;bm9rs?i8we!O8g^ z>-VXA?sGcI&wNDP$gfHynzQ=+)Bhf`CG@l>^S-7fR%zmKzmz$C+kbYa=^E)k-)l2_ z=O;eO!mjBFQKSgWsq9JMPrNJK_$ z`v5-P!n)`w_MdOj>o3@ylleIFntZrC4tbHCR6+X^lbEj`hN(om zE}i3J3~uV4m2eCzcVubZFEf8A+VPUl`L%3Ux8^JbfNlSL%V}x~pO$B3+`c<1B6mvi zgBS~IM=goxnsVs`C5QxW!8oy~=k`-2?^EwrBKCQN+=<@bKhH{d;Qnh*+WVcCcp<&V zYTjN{Y>`U)6%u-^u^JzpSK)L^k89aD>Z3E0@sTW=I;m7allz)y68Gp&^ zl8##Q$1LpEf$m%V%wOIY;VCIhIp zT913xxRg6HeM)#N(|LBJqt`s=ce=Y zU2R>Q?5SR;mv0)6DrXPQ#HP|`^{GKJPjdKm`i#2l#ECk#dxtqLZS|yrx#|0}REo7dVbU0Ko(RLOkv1x{8Mr!AlR*JX^$t2aH#cF03vlxi--vsmk~$sky& zX76V5b?{J-rkg4piQayP;;8$0#0;gJ4Au<@HdPg+7_>0!M}t?$R{Z*NdFz-*XbR*@ z&dKElw)i+xAH_Q0ujy52PyAtYV|5MUb0w9o7?(GXxQBIblsBoy&QHc?%9Q`iPS<4S z<=k;v(`%2nA1jV*T#5%U-><5<7kSs|!Ok=2StEd5WB^-vrP*BQpj1hP(=NA%csxjw z;*frMk>S-OxVp$lu{i(u#(B5LcO%iwx`7aDHm4oF5L>W2fQH4WF*|Vm@tUXZx0prS7Q_ z3AVu}{J?TF_oll`r>5Ea%GKWs;}42PgMj&*jwL216_0Vc;!^a-UhmgyyoQbcpk9~C zc&!&xec7U7UGb94JXO6b9q%2C=UE=(QT_N|5-j)je$>5v*!N3Q0^EGb`>^k6V*r#cn?dulW^B7ZZHcI#L1=EakDRK!Ay- zXLHU@HzOWg@5;TkQrvxaFUOM~u43$mZhT}OrfT6l3TrrDN_;q%%Aifgd<**M5yE|} zRP8dUU;BX<0aJVS-7K-k<2=h!9G{$7GJE1Z1jYL0Klia)mUA^}Q{M#-%>4#obR@f7vycK4bO`$KlvO;_FxUZ=EwJtNAz|?MNj}HXBNcop}3_ zwd$Gk(xN_mGl{?XqsUfGUDh_g^M-=d&B%?{eA}P*ESe|oKE60^7}^7d;cZ+G#Y2gk zSv$S2t3eKx^1k&#xwv7}k|QlUVxwYLyN~x(2>9bFFMfO~rd~ZY-SIR8Y-br-kkGMq z%CR;#_Mt94NG)@esATU`V}AH1GZ-x%M(%Mrn!7q>CiuNxs=s1{B+=9u9lkvMsUp9_{J!($>qST87z3SkE37#@nw@*T*>S$PGjU?I*O3!h zzfH>*!>iA(AMW=(A#=h$V(xlD=ak%0cBk4Wv%%_op2>MVeDaD9qN35T_i2CXUy+3= z!2cJ$EGcmrzd(^#;mRVhuGkE~oC>O`6MRlG<~|Kdh_2e7J_$lPA!&0S7x z=3}}-m2bZ-VxW(OOmG&yQ~99VIY@5o!JOz%*SI&TH!5YP~|>5^hAS+3UMO8`>Pdt_NNq?#Wfar$u%RP9Rf)p& z%V4LJ+Ppg6a?j-1p98BQFz>^^$$1=SmOs~JpBHW3@HsmRc<%TO-7>2B-o@YQu`uuT zOHk6KY=F+h1aZ7ncvu(10h^u|7wF{ZJODs^s^aw&pU(>^7x+1gS3%?Yu3s#{nf+YC z%P3zC=i$|sL}RM&IqjsQA8U__a%y#!j$OFJo|$g!p}m})mpaDIRrp3ZM>HMF8plQ( zc+Bbj%MOpc=qoD4JbpxM|2pL#(#f?CrmoHXc|5vi{B3K^b62G~(YyX|m5The+wZur zve%Y8IelxTYAF-G_r0B8S$kkQRb0EG7{5cf|9)7F8|?3=^h?G$L~eLA2Ta>rjB;Hf z|FfF}GgZ23RFCwS>$fS$CSLCvF|_uH%gAH+u$ZW&@7e2}@vri*%;Z$>$}do}Z`laP z$@BW!qo2(z51;k&WTNWqzsN4Svno*WY96OuE-!dk%a2%ofK7=U+Uo=j%B>_ zzwVQCcIhk17S@VO%bu3t{L$3?g90J%>r4IJW1f+dAF%3CV6&Y^Rz~tg^}??j)t$t~ zveXQKY@p%H=oGhmMeo=G6N=t^i?&8-fTT{!ElTC_dG{Wp-+6a|U1(=DIbeB0j3>gO z%g*VO9j&ex2caM4&fbj?t=tq6e|b{ctM039c6%&m!z&h~0fS%N^9*Dw-ty8{+(W7+ACpcm}^|^bZXiK!?Ay8g@%de#BJY| zx8@~3KUnVD`rmW*5lP;f;}5vLQiD!c%+9kY`^OU6j>wgIhO_MkB{zpzQ z_dn?Dp8s(pIsA`%ej{)IHq#q@|BrjPH~;f~0JIDL&x0=8s2RHlIP)FBo^qUTb9z_}bZUgE3dBZ}K{v67P|Lt6q zz1Y+tb$0vJ3L;ltyyN>y+?dS0X33Gg)4N(*g{MHb6ox&;)KMO^r|R97(2Vw6FV|wrU03yK-=5pvt3m9y_HPcavkCC@!&kLiU8CF0E3$ zn2jY~iL0kr3E3n@ZY$0EF`h$P7NoNXmvk_?=m4caL%DK_JK01JZgA*n8<+-p# z=a{|cF>!^M7X52x!~)tEc~WY=Va*KN5foWz!_gnE1F_;_d${tf5V&zxIMQ`+FL{dO z!i&Zk$TTrZwJr}=VUuX*7HPH}NG|u!|qDIM(DojNC3Vl*N5r4_YQcIUS|qpq5hpJ)N10jsdP&Yx1+aPZE8) z%@>DlNv7;wz-+UsCqUv$++CsTLZv+1!i`c9SEUnRv)qUy-vRBQl$KCQwzdSYh+uy|lGx7Zn zOYF3&@H%{4UeI1e@vFU+HY4V?<;4jzdKY`L2D2XKBGG-daqC8}?k_hu9%-)dkM_xI5Pt zkUMr>+VK1Km1e0c(Ld~WwIb&HV0ua9N4K$NPx%VpB`z$1uo9f$+Vr6*rw4;klk7(o zdWLaln)kjnB%nlxC~^-U$s0(|W)$}yH*;}`DEnPf@^@~~HPv>ub59p%AAYe;uF{^Gzs1K)m8 zF8+86vF3ET7rX8yc=midj3bkIyaPE1XWb(Ds1AP}_F@?|?@@Hs z$8NBJSGWZ4aLMD#l`;JxOR*$Lh+~~o=kYCWYgU=b@D;3&N~5!}>x;ElNh}?_$|(@~ z9|C9dhgQCqlv>T8#4obo8b zcRMai{+avXpIrcHt8*k!qIRn_bBN#Twlk@ZauG)Pl ze2$i%W5GdlU|Cn3mZ+54&;0y^YezPOX1n8+zW{|CKc{;_4}kpydVSwvKJ7--;Q2!` z;3raSr^0NG$BeAMNr(-n{&KSbzuUQeI1dQg-C#9uVQjz5das zIHqX(j#=4}^4=WY5-j6V-D197njWx*t86OtqS{t!2HT&XNwdTQEs+r?140je+Z#&= zsO4RB4d7>ofFK&#B7(#CUK@PVGgWeV#}k`LSIkS=9&ES5C zbYPyHc+nlDp()n~p(SJNEf%ZvWCNK$-DmRkR{MB;NcRk9Z7%AqmWw6%$=q~+@SPVm z#GiUP^lPSFNcLNjg(atlh&z#|EFY#H<<+M1w`e)27hbzk1x<^`bN}=byFNr%C!yFb zjb`*QpTjE}-_7ZBynHLm6v(*0S_i3oOjO|KiG6#$y;DGbdosVI3qIi%GpfY&bccPfN79!dOs?O!RUBLGQhKa9)q{z8`G%t$~lMkut}6hnh=!{MwJ2l-@mIOJcL~; zPVHqr5a(*cSM5$;rRc-fSKAfLVYK`1o|@6(e<`9_!a7siOvFk}e^GYBf6m@5xHF2% z8q@%A&>(F(A=6SP7`S1DpYCMFd`2`n1%OOVXCGH-r0>U`WX%7p)*PJPkBVlOhFjXD zuW76>HlHL<`y1=M&KUV6ndZdJcg<}t^hM9aob5P$e=}T>4wXDv%+l!$|C1qnCW{B` zVHO?B-#X%(Tm_|J#{s*&#q;$2L`q$TRTM#8`vmMKMDyMAh0oXQp-!I3k-Xk)yKnNo zuUU4VmsI?uZtUSk`eQy43y$P8_IphkFSw1@*pm~FK(;4d-93ow*ac&}c$Dm`D8}ti zxq3AKr%+g#-{*Yx(Hw;PIIIi*#KteYa>Q-^6XFHi|M)_5vY+42x}u={26`*Imbl;k z`oksA&_&$u|25QcHk>qxmX3?c4+a$7f89`2v_FUL_xo)wqWJ%x%m3rKNM^aPr&|Rv zLK4_f2!Nz|%((uM64&Eik>~IGMPWxzAp`kJU0weAaJWyq?%x3SvimwwShGxtbA7Ns z*{;yBa>b1zmaal{!Sj0>dONYMV^eu(32`ki?5cPMTfloRed&BncCJ6hT<YHzL zjgEu)gSS+G%A?m^GgfB&&b!-jv1xNx?#8>vnrTiX2kIC9!d_{^{m`%fpW=4^ySYr4 zI*hzq8nhjIJ9aL+)VJ5_owMgjtuD^%m0ComV9E9RTwX~Ch*pJ5T9%TrMU-qbnGg6) zqiZ_)S3Bpbb^R>k*TDk5nlB#K0gu}31^%OaT}+_rQtj|@&fWwLWTqKU%-QRzY@II8 zBzh@sKi5nCVvQX<##Vn?;6>Fn1u=R7c=r~t^>Vu%e=z4mDjHfhPBi0SF`wQO<#gk( z^P9XB_PzkHZU9d&5;kny;QH*-!KE)|0r03Bk3?qyeZ+9vGWqaOF{DUKq9KVN5bqDG zklW$9=mi1vR+MH%psyA$RA_~XK0KA`ypx<-PqcJM<+x^bUj=Jb0P2NqP+a+^^iy zQRl~3JTljaexpJ%jAKoCx=$1gqv~x_klleco4bj9=MDEWTv< zWNS=H7b$i;)UCIB-Fv#r(&XuXcX$ZLoPNg8UhrY}V2mXnm+q9+3>y*>am(T?(UY+3 z(huEV+=GZ6#caaG-SJ!K;`8G}KL+N-jv__zpNG71VI4dHUR7M4*H=Iam(Hg5skE)d zo50?c;eL)kZ(sqAdW@8r|9uOh6|ZAGy&qa7-b7Cc)@2iz8nAd+w zQ@r~su*3cC_`WO#&;e-xT-SCj_p^HVpx3qskr<$``T4ot44MxOhQlZ-$yORbZ+h8F zj8!G!b+`}5T^_ubjQAV{R=#vP%OwMIdz?yFvmG1fa`L^jhc^?p_xO;puUFvQZQ@ny zicE=Sae_XdKiH2Tv~X$KFWuubi4(v$fEQg!pgUH(&~-lo&QM+OFZLu^w-mla&EBl% z&=?sT#_F++`lE`o!hV1Ia755HJa>37Q{DmoT64kfRMBKKQXgVr?8n7s8*TF5EGwl9 zc4joY(m%cWxB%|FyErF#qWp7lno1aV&U0`qyh60S2gwuzr3jUTy?nM(}(xkkT7KBUmOl zkE;>hz!O2do8m)qXmFA`yuT^=JbhGv%@4LfIwQ)3Txc>-atv6*iL|8m7y@VczHsY% z-IHJ6Rrk+M$EJZ#@udIW4aw`4ptorYkiS)CqG2YJ5f|P4_reQYr&L5~JR?9Ks3E+( zZb}xjL8Fs55FSaly?u^N`1G>t1p}m1TZFlxd@^s6J~ounf9CsaHe93rP@*F5-FgQ6 z|3zGfO8X?wB@@zb8Gja`4aO)P$hzfsi(r=Ik3 z;qJGr5aougoqYC?J^A|C+1k6_@BQKR;TeF)CiuSk=Ir5uZ0(W|;F!Ij&EL;Q1Wdng z*xPr>%%ur01T~$c&U=|xvwqdF1tK#2&NJQ{(t~iRio@|uAEwjJ?<0XUcYvQVH*WSm z?)$;5Qo~^a;l{Zn*rR@be+urge7Z$CF5{L}5_Q54Vh7Z; zZb1ABo}cJbQUp8Ph+GM}uatI2|4H5k{0+S8*i-~3^d-q-$7m62p0b~ZWq?qA$(__VPVpj%PD62B!Fx31pXa=xca`^HQ0lDyi3kK zeYDm(2|FD4%$WDT!uu@z6bkz&p^b(gs#F_>mUoPIQeEv z4uDf8XKft$Z>do`f5bS}C9dD_?dO@F(Dze;--N_GeX2rywn6_6@tdVd+I!C(oR-b8 z2Z+n8+aJ#5=UacD>D^{8%&M16uUA1kmgJreRd%L!9l`C`DIZTK4%0EwKQZUDad&R) z@WR{~VKk_ecNw}oeLeC1NNcOhvdf9FMY(=BF0bS=v0w4osIOEcFn4dkF!y|qmBz)Z z;kLV<+(WYfJak)(eKyg?{mb#U(kEEqIueYso<6#Id{Oq95VUV}7S-CtF#G*6zfsrm zJY6$~Tfc(!pStYMlJ+`~y|=O#n!le}{=ozUGe7)`cG-=(nh1i>)u|nI{)K0`dH)uP z(Tn}2Bs7ikx|&+Z`3;RBj<|L~ z|6R{#D)jr=Y`y*=>-a5psf%@o6(Fg(4#(2w-weOYPwoy_Pj+|u2;k~oIJt>tW6xbw z_ur76nYBotVMBc91l4+MZa(i`#E0aZJbVa;&&pBlu<-VNPZL8V7P{0O$~hj6)t$<_ z45JAAGc)P#92Ki|v4HwwJN;xwCxts+A~riVJmxb`B7ZZ~&@%nBeqQ^f{Co`jGejq> zzuqR@xR+XiPfu3JPbtr@Ydu!IL?kz1uHE>6*Kdv!o{!6i3|8vCPmOO2xUhC^vGO1@ zW(dOM@nY^+j+q(e-oJe99+>hqd9KN;ab|({_s5|KF1xoKsyW8Z55XNH0;AgfNc7qB zWPnd>CQ(EnhJJn1@WjFpe<$hRLrF z>D#=g(2_&P$A^3`%pi8JbMq>Zr_9GNYNig+ymmxVQ8n8q2JdvunlEg&f)vR zQsX$1Yg*mMXt?rxeP0wN5H3Xu>|XPXw*W-F?{`FhQDMol$;m=X< z9-Hf-1weg_K3!8a?YDeWs-!UkEnzho6P^=CEl+;9m4 zv&)4{)SSaK&7V(!4SmT~e*0BPC_hfx?NW7N!meJD`^4=qF=yKd=XoA;89+_$-ZLb3 z!72DsY<=gCd0V@;uUd>BDr&VL$m0-j^!`$+gJG~N0CBafVaig;mcdvDvZ4FKofSen z-#H|8{(idCVb^?(YxFkx;3Ge9))0A&e?5d4Q-ROqd3JX%m4%%@75T=GL6>qE=Y8_j zq_BrG;ETiJ`d6aKocHf59m93kLi1|Q=hEp8eeNBv09wcMitnPr5FN@ni!$7|57_%K z(}I*6?)J0EnqV*pf}Wf}<)~GT!WR;i*2$;OXLX~`>Fo*^%OIlKw@8H@*tG*n!I-B@ z=rKB%Sz!J8N#&x0xziq(#jB?CF89>KF*W_8Qd!KaaALBtZVKT4&mK&1!H4h@x{tUI z*?=3#&)k$N$x*xA^SPVZ<8nPbUdb`zEu;HD?sm%3*PZR&uks~byXQQ4Ehk6)8TX(Y0OwO=NyW*WOKf_F~F=u1T^-9++0ahWcx<CtqEVgE9!tkS1uz~b&UhJ`2$q`dYo3tOL zSa!Q{#>e?}dWWX>C78AHrX_t}gtPG;{nNSC_}w*0cTbEv;O{$4(A?+qsjOX3yoS`v z7`Jz^_tjj8ATDc?>j`{Et|&ik+T!V905Mym;_bSndspSm4go~!uXEh{Ckptc?E8wo*W;(k zmn9GdJI9&BzK9P1yFHv^cC7n5H|6dSeLn6eI|CnEF>g~N$$f&+?*(2Uh{_e1AaXK7 zHfG~X-A1dUrxsYxs6E-lPn3&(5tdg6_);}BCr{Wd(E}^;!ML-}i|1ml^fE_Z&_wYq zeTPA?KR$m;3t8q%_Y7e6Ii&$|#fL!~5-hIS4^|%E>@EaG>Qg1HUz2N%z7B`b}xC0LE|IOTg>{!cn?ZQ~wmV6F> zA8nCS!wupB7CA$YoO4*f(VKdn_xrrJwJrO1%OzFm4z*y0F|Gh(&Pm!{plm=*W2)jl za8F)_=%|LO?(z;2h4B(oWO%D1j0$>pK2Yn)@%6o-oejn^X_-Y|@bC(J>9+8s-+WnC zv%MGdFMzzj7OEw z(W45L`1sT4nU$>EK>fxIRG3It8VmDLzD20^WTv{CfG)u*Z7xjQvM5kbeslCUXMXwD zzfb!oQBa!C-VRvtlOoy zOH+iUc=n1+H9SIR3;V}>yLr;Vd`nXjpFyU{<~lDN#z!UM@A=)rx$uFcx>XJoi@`IK*2!~gcYTMZ3-Nmm%4>4+<18nvEJd*ZC;%a) z{ng6JVTU0a`0e&Y@83aEEdbZt2eN;1t<&}tE!RejoSbzqS}-K#BgvT*sNSC-riW(m zt?akr&yPDjY52na-xi_%D}-2NEhyN&lC&CLwHGw@`NT~vgFr`54geNO>aF(VN=wOxljq9sDnG9!9&-|16yhaf@?`g9OQ@U%fV@^G61MEyJ_$P2 zL!lj&T=Z`}JOT2R25xVxyzm^kpP}>tU|<;KgI92ErSv130jcbCBu%sh^;5pR|6RJf ze57%#eF0}HC^lqEode(4TO2MB(4}Ys(CK|!b^2r&4kQ-4bDzL z#M~-<`rtmEd~>B6M|igF2{m|%RT;c*U?PnQpCzmH>2;nI)UHl|Y^A7?J1&e;%**VpH1N_eP9WuDH^Wr<37qIQ%JxLF zkV&)v=ph=XGQDD*5$Bro~1xw)nPsZ<@?1yigpzdB2JaBa{x^D)~1#Gnf~H75>RUUJ49mKKepw^ zcX%!c*uU-Ac9{J!XHgpaj<_nkK!mpBueD!}a^tyAu%19_ny)EqDdKhUj*OzH$bWD7_*!AB50-RD&`+MR8dd?fMe6MeW7n1BPi*L_=O zE`t2y{uK_iln0>69)_xkqsiInNPFSyLwr+_WgJ!UMw1ikvX?6#fKcgSf0ImVFRwQ* zY$Ll4J{kG?@G33JbOHD@I5j#{kEWZ z6tn1sD1VU~qTnxynJ+e>@dUw^&b9mEYLh#ZwhNh(#0(50J5u2*}hriu7rsa_Old?dQ#Q0EB0 zugcL!XKPW2vWW^v$(2TYhh=1|0lp za=gIBxldrF0b>I%Xy3k~l+1_w)UIZMKDcwR?STeQL*9Ep>YuV-Fi%<$LXrX*yADF% z!*p$HwnqDroUcvSlG7-Mgbu!9mYP8i!Z1vapibbRuaXgn*ssCZ%VGJB;_~=s5qX5I zCq#$Q5|#rl0rT{!;HF!`!m{!-4Tk875<_UJNAY?N6(&u0&Q5@)ffOg7CSCHhBxwis z66kZNc5A;epoJjI?C{+$la+!B)Kc4d<}M6-P)A5?j_unMx?}5MUtW<`PPpVG^hK26 zTJ5!D%j};&C5gue_8Tx0N%HB4f^fbz`MN-FElM!Y3v}ErQ)*vrlYtj8E%=DcuLVbT zfjx!kfTa;U%HDBMU;iRG-9E32rY~TLw-P+siT|A)#bhNxH5n$Uz4A$Kn;Cx-kYCLi z6kd{p1FsM;*Wje8s<~pL#Ojgd{=*_-XZV@|)Gq+g^I}k4o>#P`JF^Y|r5~c98ie;A zej4ab$n^`xgEeWo@4Q;~PO%xUcH;XD33^VPvAjmZE*Mb!JhRErN^?HnIZqkz^Ufif z-=eSJ)oV)VWmih~Q003MU8oX}Nc}+!_D$m7Lb_E4bFLQ5r^?11~LeJ}< zOhvnamPfBXhy2En>@{L#yETNtBiFv z$@afvI98(BZ3@|8%uWBi(s0^*{c3J>k%k9spqeixh5nf4avfYT6^tCj!GJ~Ck0d!m z$di{Sp&NRZb@vb-)Ki_hvM)!k(&OEVa2F=~5-~M$bFP)?wc)eS9$S(9zKW=5kLfN% z1QY~GzjQuNzu3&zD`HCKzn%@akNxNP^U``j;YKZSaCWptV0+b zOg<&P1wsK7ygyq~8A7$VF;-#m1@mT;FW+h^%KN&2--5t21+JY|fGk@8ef)Y?pELsg zo#Aj;g3bR9j;@}QypHSBo;?y2#TM;g>58Pjb=K3=2Zh9>xW)U)V(JVqx0kMcd+5)J z>-_j?SeXWqANb(e!842v;Uu1<>60Soat*DwrDF)Z!+rO}XmyGc&R+>k_5fZ>JV~aL z*xepKOEPoHr3e6%PTz>|=VA~=V3otyS7{uMKmHo)2;l@%(Y$(bUdkj7aS8m@7;_4m z-qX&dJ4c|#hTT3_qX6q@RR{*N3JP$k+Z6Zf+xLE;q;{Bi*Dk|Noh5xZR+-JyD4_sX zxLrN^sB7O3Pkamk_2%6|V4of>);L$gD@&JK9RJa!vv=e{?AuFk%?GmJ-(V_>VP2Mr zyi;0eGF<-?B&bR-XKuoEiM5aEkaM^pf z%gT>~c5FetJa-3671J-89^K4Yle95!qHz@wIs!(k)f*7{E38c?BHw7d;zSjC#qmUC zd>%I=vL1VgXLjfA7fW$}4Vfg+fNq-mX9tbbUtVis6oAm%*%p#`W`o0+u3R#G$cR?K zS*a1c{aN`n*nOxoOFGteMA0&4q6(lZgq&&V9leZ{hhoa+wbGTBl-%lNVLr|5<+zGG4$t0qP~}B+b;P5!-)?hJ6SvzC zAIMjHmX#$sS@9YGev?4q85e?h4Y@Xae6Zm^^a_6)JDq#@@3}by6$kmwr0dh5%t*V5EIXS-NZr97(&@4T$DKq~#!JI?Sb zwij@7Jw(nZ`8t5MKOrL4+vW1KHK9!B($ba0;~MgLR)GwTYynABj!*H6xuAr3bg1=Y zkz@bUB5r9EtORrXaHnERrYB~}Py&x0VDz&@_L6jvD0Mfdvvg3Jpt=@VUJ@6t~=N?XZ_By|zfYlX%<-mJL(!d!J*$k23R~+v7)$`v$`T@kNYoP?C z7LZorT&4lc_~_z&9#YDWW0<1PlkXi;lm&(-IfAUYGx^?0 zpf3oP{Pp4zM1QjC(G!gTL`+%ir8VH&8iGE|Jups3BExIPf4*LF@}GgO7wK4?_aaZc zt?QdQuW+T49TbgmPVEiy6zQ2yl1vMtcgu^jM%+EW5A=GWK}m8z{Hm1Ig;x}XRup@%{GHT+qOXP`5=Jz-Gjx6 z{vQ9j8lrygzZ$^SPOfSM?w*{@LR0-d;^GUU<=lOjh(Jd* zAD@fN?-gWz0*BuPr&H&31Z7*-7Y*I;P|J?^>A`Xot5?cOf19MIvGzil4<>n!HMHH$ zrB5=?x8gFN>>Z^%4?W}v;%%OTfd?9fofNDlaLWD{a22XBd#X9kURVQ5rNi+d?=23Q zh5FnA7Fd`GyxpsgIU�(NTq?3%SaNbIIBiHbzycy=Am#v{d%&^{dAbXkUWBetY|^ zUiU^Y zw==}&FzFqn?GaZjQ+4~agizQe8Cu|h4{I6jPq@hhoL zoD==v5CpXZP<&aS5BtUyTay>DdxBiY8}3XO8X`n#+W(%GWstXi8*ERad5pkerhA39`yLqOz&imz&~B>dCQ3celg{=S40i}BP_BM)=#+bK$LekloTbqp>o~o=B_L_l zN63<}8Q5sr5M&ZoNqGf<*Z$1V+Fb8E)5$!N%FA8fH>Y$mTYp?OD!?vzdL#DSw!UFU z2SRz={Dph9{KiamzZexIu*((Y%k?%=%dek?z2n6m|0H3YL`ndEga0>~H(siPF|wL1 z6rY({z3$E5P*>hO#b`WVCP8$NrTFpK0IfFk#%kC?IrCCSKqlK`o`*q>6x6**fY1&b z!ya2UDnceO4SSrkTQCf@Hh;hnF5_-OmkQYDC5(&cqUCgiek;bY2_&iWKR-AjkYYwWk>EeS(^1ZU>c7lCBSb+r?KL1KxAIEjC3T!>AoD z007YIKau$JV*goK&QPBFPEJzo&s8Nj=BMdcbq47Y;6?uqV`q10MTezlSkai4Y$#N& z1%63(Ps0!e-sl>h9p71vlWPF!t*Qvfb7It>@nEhCi4TR3%n9r&$_Wu%GVu!F-WX|%|!VR zxV}TWr%$_vc(Fb>1%_%-OsQ`S^gfQF)e)uvRto}tx0nY1YK0k-hTKN0$@acN!HSZc65QR1%0CK{CObWIa|c}EI^0{(j*Py8(&$N^i8r@23d*zkuYBBkqB zFX^d|lcq2xo7)M(p31C))Rz3r@PM;3vh?6ZX&X99#4r#SZ|dM}s_#diX7ZH|vMiND zU-dDbErH-)C|Lu8o0C@tkuNkX11xl*vQ(|dZbMRi3N5;v>9qR60%5R{UeN zflJC>Z|Ex^zMt{fog_O^aX^5s_vWRj_-K@YQJ)k z39>9-wY85X3PBJ+;PG?g*{aMjL=ag;Iyz^ow-j*X`PE>plQmb9($gLNn+VN_2C#o> zwFMJ1`Den`0N(7)vk=H;DX|GXNJ<3ZJ)y5P!o2pd{r``jd_hVIc9-b7=pWXg=OHJEfQ*C4jyh`?!P`f(BtLJ ziS=mh4TWd%`5TwmrtrbmNe~?F*qv|p0E;sW)!_HNc@{ecB`DPSATD8DuC~oP5}7PZ z>x;d%r1DMZJ)tJwCvUfYA*slM=vA?IXxU(q4Y7;i)e}>cB}neDM)@z{tm>UqFhmf7 zwr~Xidk>5{{CA{^LlCE_XfCml455txt1!Q4{%X&c7FvIhhY=jnaSm)b{N&N?_pc88 zYmbAb^S@=Mg$=q}C^_`ij|CcT!ob?mERR-LI#HztkfI$DC=1efy-rB100JOxA~pvk zY1d0HgCCOYsxTe`gy;J^rQ)kWUVq2-`tSs@*G_=o|p0*{-*KdZa0(+iN$T zoWQo7RnYylcK55z?K490z4);gVZEC3Lu7TF>}z@>l7qo5XjUqhz3SqCV|2?cg}P zA!)4sD2dOp3+f0tU_QTr=*ILnX?Bi!&`r-L*vb2b`pR;eNW!wNQ+nOYnOJRQR4$w@ z_}UI2UI}k9fz+u~&sF^|q6guy^mZS4IzNlIo59Hv_n?63^517D#S_fJ#Ijf2(`n$4 zqiUmnwVU1AziK1C0Z9EdUTz!?@lr++N@3rZYLCAU-g}?eOTEJ{nP`?uMFAVy*wPMCVs>966lruZS^!07xr?9 z^6_2b_wpm?yd-ceZKc#8UYa9!7{1Z{&sR*ZC^`F9L64Lv(QtAl^tpU@1TI+38H-~y*tI7%)d%W$p6AyR z1l)m1A#zA)g<;LC5PgLCcc z?vJKV9%X!+9}>bH{^);5T#8RM6_Zub>#+Za6Y+0S-fbbsqIj$T4jscRn^ z;;(7*Ubf4Ji8#i}ADHcCWi`#pd44JkY3(Mv~t{2O^`kG5Tjhst6! zVaoy6t@eHI@M!X>!;LmuwuM9}HSgS;AXC&63%oUX|CuU?a(3ujE6ZDz%GN-|=SRZH z?rZ4k4gJznn`W9oCC7vgNYtx)bHmPnxZ7Y=CTw3I+J-<|m?X9)b#%72KaI%sDo#Wr zs5ztY>ShR49jAA%l{gfq4+IKG|J3{O- zLjBckTvxtl>Nh+O0hZz>SiqtIx1VJ(23P#m&)p_l|4_SY=e730y&IF{i#`MGn_-FQ z`)YTr)rmF%ih`nwVn&nIt6FFPaebg$b`_0`?WGszRrpY>#pM?+zkl`8`ODi!q28}@ zKF77Eu4n}fi_WDGn7>;_F8)6yDmc*NpQ^&2l>zDIEMMg*?4wV8CgXV8M38@OwAzUHa z5v6APD(QvO(NK~^F`fImUuP?FnP z(xbdV5UB+>Poij@+CRP;@GFDrtdwpLXd~pRNC0n-(f!>ibDa+#jC5bl zViaAuy9EhWjr;eVN{iAQ)2Lh?Q6&6z<)_Ofgc^tsZQn#sd^q%&G4lDC=SO%|UIE?5 zJbn}78ybXg{?+G${#t_BVv>FM>&dc*$;SsN4(J2 z-+G8V+ce$LKa_(!^04~7q@w)#Ma6ZUk#~r1T*A3GZ^mVz(pU0c#BrWZyut+PdYNb; zxKxy7o*%_H3=f>g>YJCr?402YOK#7L(JL^Jyx4=qpYAPzHPj2h6@~E++9f>y&bGK0 zUkkV$%5ls*%5ZR*et>HHyS{;uIOEfB!C&oo0`X_J}>)31LrnsL#H){XNssVNwSp#}~d!I&^s+swDVknI4k;J-?#^6#ji< z3`?D#EhyD3qiCG2k}zmTj|A7h8htG_hR}k zF%6KZkEaw>Qe#e3FFS)2!Rd2pd_-z@I>(EaaVWMo>&O-h@pI;QOv*0IMSMzh6>5I^&MEO%? z_@Y7t2#Vg=u975nQiZ;hrMBpwHZDmD2-D5ZOYv$K0`$_H5-pUro$(>k6Iucl!^6>a zM7AbQ?%NlE(`&;&Yt}$5ydx1scg<$_R)RmzKxDBwD$O_xkxqZUWKL%45A0I?g|&jx zbgco>DnD!)Dmy64itc&CnK~dMH}nU&SFiy18gI^NMC;lv|K2CPT(k56kZPqt(M4hC zIz`TOdd<)s#iry;`{yjjZv7p$8&4`OpoMDWo9aq2g@!+zevPW}h_VtT;gqn*D?9kw z8bu~jij z0cnhYCU8pQhz6#H5YO1FW@v;4`Pj3<(XJ3nP_8 zsca$KPa8gzPQLDb7hf%;f=qaj)($uDa+?TWS>}iw01dfd>~$$x^AEM@!5Qw=*{ME4 zz^2&ZYaBB`YJ};TFv#t~Dz0=?aQ&^PibKlmX!|KC`u!S|>v%0R1w`5R3`rOW-UGun3+ed%YGYBTzSRx5l$;DYEX^M~7O9T_Tx3;B7Sr~s zn0c4ml%w_M)nw0*kX0L#dPGm61M)E0zD?`xV)tr@0C|V&!UTz4Oxn8RlR#V|HT@IC z1>&adp-RW^OR981wDBa%6b-J`wp}uyyNBD;o|0_b^lf3YG^RNT)w)jAW+g#L24e4Z zIPtS)A1X^aZGs9x4XK_)3fL)8@fym7!UXvLV@WK4F>acQL+ZK{$dm?WLta@CopuD1zf%>;yp zwh^C)0!@;Yg=Bazep9}-(HH2Wf}ZiY#E1RzeImJ)dy4ZQ{9ktksF{;5ar@NvfqBWFuN5$$;5SP)a^3hG z1%o%dz$xy^0#@5SBr5HX*u4%}7pwX0=q})t0a3=IG_(BUW$E#-hU8x5R7{`1fl>3j ze_XvoTGK>CV0jUcXFICHiDar0GQj|}ds!Lw0H2ALFP)pqe8)zQLJ)dKp+0m2JhVao zx30=t{SP0WaT4AB>jp4<97m))DhVASuN<$J+cP&KeK-08_g=Dr6w*Sry@KvM%kMW; zzm8NmTyRXl-#g=Pp9eYF3dI1vE})LRv)rKz9YXyk@<_;s#1GV@OIgJz%YG^flVuMe zmS$=@x+i&YTip#bfzs=qNVi__5&b;Ma2KUM*tqhQ2jDsI{LV<=&b62QQFa_4<;T;4-NoPfHIJ{?aD7PuK!AU> z*OI2dROCeCbETkg5vDJu-a-nDBHchFagGp;`;x_y0S|(3Dyj;vn30?x>XbSPMs# z&U4rWcxMV>s(7chmg3(3tJ67(`~Ish2z?r)FlYl#QIZOAbNVN7qB%#qULw1Z$WtL3 zKOrE>U1LY9{IK0aYRXk-0|34zDhRi8jq&BLo<+fqUmYbMXD^O03_IiXQC`7tKT7WK z$sZM!jl9>YyT^i%vHF9An&h8|!Q~>!eT%pGT2%v>%Jv^tlv3ZLzKJE;r%&j_M1hDd z$BBJ)2A#D$|LnxL3NM+*6d-73R$Pf%c>>$5{g!C`S6iv?bb*_Mn*|k{U9XYY7)VA0 zr8*v=AqwW@MtRDcJ#V_RH2t)M_)0yISwG$5$=Y!Kt9diI+r_OC!W2| zeDr;2?Gx=E^bj=v2F_%T4&xLyKas9cY5hLywmnb4A0(T|Ia+A!c;iixwS2p3?I_36 zsVKk|C2jni*B}9)QME& zV)B9j2baP%w=xFTkRN-Izaj3@S6xzM5ri*b|H8%lcs;UNKJm8Oe*^2&uxn=W7j^73 zOe_F?wdi_W4+$Kf<9T`Yy43p07l^?H+#^-rnGIC@duT|lYM&k4i(}JmlQ81Dl6d`) zGCx?+Bl4Fjes*n4LrDB-UdTVcir7%I@54wh(==CAbr4 zhK7#>XCOPUf9pD7l0TudWAt$Mi&JT$kB+u(uvj$s2j6LYO#W;)Kg0?BT!V^v*geyYiXGkUJc70ac*=&TYuL;9{`XTvC zH{y|JZnw>#ag1SdDe^UR3>@n5uo@n4zaL#bl%*5*H#t+6a;wg4O|l0VuV4XHf9mMs z^dS;0G7)|iOuhvEQ|<&frcXT7KPw+=y_m?^D>daiicmDOcdEgeV}iA8|JWb7TUYRX zp?aCdo?O2fpYeY&$+2s#0rvgwpy(0DI3&MyzfubXGt z@&sWYe4Uj@>yU=OpCVr9TV~K4B?(k5%J>wZcG(NcQQGI&zvr;=@+t=P%ZrXRY zB~tsb-=qLTl!%;o{-t~N8u6McdK`7K-h9Xm+2U}YV%U(nTeWHJ7|5~8$ zJp6hbB;61PvaFoLVD)F5XiuG2vM)*-)ajrk>Ar?PNp$k`g!}+gk<^F6rB#0m&IjL6 zSIDqI<1TM$e{fi-*}3<9n|g+60?vYH`yPkmLH19a|6G@@$u30VqsP!hXJ5nBZW=y5 zcw8c`i=1AY>BX3y>tb*dLCnNz8b1E1ez@sD4!@M9^E-|tjE3aznJZ7ug*JcOocZx% zdhq)jnSQMzmi3+bHyHt-n~$>$0}ve1Md?I8l8TT7KbSmz7sn==)cNKRY*iwRLA^>X5$)Tc5-mk_v!c_{R-b38d(U zf8&0M$wxHSbc$%;%TrtU`fc?bKJyz`37yUuL4jG6(i1}cQ*+hihbOJ|!TaTkh<{jR za?R}6-&q^(n^ouEGpaM*02h(USB}{bLv^yw?k<3)`3vS~VZo5~YJ(aDUr9in+=d^% z?`j!ahUa|)@Fi-xS7&>`F)F?xZrH*kuw5~2%;7QIZCNe2zdEIC+Bcd2>#- z*boy+rD-N$U@s#u6Gdn9pLJ%R-9}4lKwMHUG9WyU-sD!n&C}%dXSh#4Br?fh`Fc7y zjYpK)${WkR;u~#aKepf*!jeioGzFq?OueI?tuXACMX$Q}GQ576*nJpR$yX?!xmiffyI76(5XlR>=cPn7&K`)IM+JIr>N9NPaPrs{rgbo-Os%snED>_DR3k>!Z7E7m)1US<)HI1|>CFt1eAX1Q(zJ}hJe=)6CxhXue z4s4eX{-w@=GmZfLdzVkqnHO&T6YfsiZn?K62Y?uZda3s|`@|u_pEGOd0@`5dg!B49 zUs-96K~9;Yd2lxmyTJ|Zdhg+RwqP%VhF z^_c;{(CX4P{qircy+)aB=PS6(Q}?EGm4824rGQk=9_X35xdM@>4+SjAjUtEE8BQ() zcOL{a0JX)fePv7ne@z^Mx)WZU&Q$K!UpWMO$8taCy(rRyQn>j#8LL{{qS+%oEiH7k zWio&be+%*a8`~@ejH)=+@Q{04@6 zlSfW)K$I^WEslxS3LOUbT4Z=e4=`ZCreBl$jcbEBxaJE{p^TSi^D8$iC&p!OrVBX? z%P}7DMAC0>o3kP<8bDErE)hTrqTX%z1F+9HDd2!gY{?$a!1&XFcC~8>U&Ukp)h!oPl_FhAW$nL{1!`*L~W`h`W?f!%Zu z_EDtVyLLi_`oL0K-`9E>3uW+s8_)D~Ji+uDa<^qWp>ukDeZgzmQrl}W%ko5C+In7o zzti)a&3U5(bVbQz`>R13b2z6?jo!*^GPrQ6F@{o(`AelMypiF+$6S!AKpbpiW-hM; zZ>%qP;9D+?E~EeL3G+&=fYHD{t8_@5S1~%PGGZDnfELj> zbAh}v4nE0G(z~y^h4*mTTmex5_ny5)%x0F}K`$fApy=^%?Wdl2#n_INCj7a(mq^i6 z?;7xWo!Yb*`;ZxMoDn!kaNJE;uijss#$0zBc3(-S7}k;nHFBrj>c~?Vn-=)kQ#7iUN4Li?I)k-< z*E%=o53y%7BB>5(&qX&g~w09*D?Zak7;qpVMH>x-~6XJt2o|N7wm{ z8DaQWpC9xzm^R_0?&Q4p#BmTA{k@0uIf>+6KqlIPj+$#*I9wLKtbg}(l^*3BQF1l~ zQKVXS18k^BJ_rZi@H_wIsxh@?<&^NB{bftp{~7^+(|(MTm}dTMAp*;b2*WsjIoLp0 z6gK|n43kKENPkccx$VPuepiKlRcIH7Y$6`MNzXPqt_i{O9nL(JC;ILTsmcD_%w0Q1YC7BoI4*i>bC z_vS7BXHQ`UlN)GvV;sb+0N2|zaI_FP>0l4w?1PR3*`7b?zxKzKMcSLo6#m=P3HA}< zR{j7zK*GQFhT*)Pb?L^`J-m$mcFj?ePcxCHQ2y6OxfTDU+vmfhd_Q&K6Rk@3&+`j3 z*p2nVXk1=Zl`ib^zuU!S9b`!SHg3<0vQLi?&R0{_nL%Iiqe8ps(uq0PVzGTSS{n(h z1tH@YVrvB_);law#BOe) zFWbeRasl%mC|_&b{j=WxRLcM7^(z1CE3Y{q6D2>8lq|vx-4*1Ccii~%v)^js_#7kY z|Lir*Rh_6yJ?S5?H%sU)LBHzkA$WKcPHwET#Qxqz|2qi0XA~5LmfueUA85ahWyu+T z2Ig<9%>N!M?d?Zy?A78A)T_LpE&yI#BRR9TE#aoJ|9w5yTl_2De~aO4goH`}Seh-% z!g8neDk|34fA6#WSO3}tZ+yQTT{`}^S6DQrZtI^1qY7sUI-DNLf9?Owb%iN4LX8D; zW1=h*3HRsid$Yc%P5AG)5kyXMjrE^>vOl~TtOw0M2oZJun_^ywC);_h>_{;i`Ct2X zS6`T|ehCr#ac9eJW(JM5iuYv=1dYcrmt`@Y&i~a0b`zg?p89>L<>IfpnrEr?dxC^R z_{QjLJ?AeWoeKZ8hc|~9Z~PES@+?~_++3eY7_qw8>GCyakg^ZxZ5U4||2)&4u5_^7F){dAUG?C069ew z?(5Jn>q_o+Z0O z-{WFx@#m`U*hGNhRd^2NqZj3>=K+8nkqs`ME5=wnJwe?b{-geLS-v`<*Xu1!H@Z`Q zT=JVjgQJvcj;iAgSy_n)VF8@(p$2HWs}j0Q#iu@2ki{?VzxMnFILaY0h5tXb2l&CX zT(~fQ=c3>41v_iTfOry@;upQ=wQargLy2W|eJvuxCoi`n+M z!70Fdl5!|ERscfbjK8{dQprmtL`}1XdzDl~jfS{?`?XU_C!ED7tON|C6qG{kSC`^4 zcin%^W}1qhN_PrZs_6M~ZS{NS8W6LwcPfD7FGu$e!Brgi8!U@n#o6Z)xcKLQ18|*j zT*dAnBbf7&{#j?kzD@3BG^ITnan53iG=Vi&4Y{^|_FBDy{6oo~dh)-Ek7haUFs%h9 zMk)S`(=?7)?Drr0*B)O1WzD>4;lz)okiLnVHoS^=i6@BA@g-4&lB7y>W)CYu-cR3tI1YY?r-^CniHL+;$&z# zyDbV*)i>S{;#V4K!$9_DrhrKl^zDaRez7`$OkB|Vy*h+Y(AUJFf&bmLf%yHqSMAp& z!s$~C^ESRlhH$ol;K@q*?XZl74&YzUJxsv;pFL^$0z-9wW)$8c+%GJ2PVjYPvielD z9-MzQ)Ah0aJHKD*8VE*W#TLB5e%ej?>(Yh(c5nLI$98COg?VQsXK3qS{P4?xemK$! zvzdIJ(eWaA&*A^5>7}WEH41MQvRr(WfgB1llUNvjb$f1ft4IarW~Mn4*^%e_%W{@T zQj5v9Nas5y+wQwxLweQVGksT|_V$0S_jiU-&ih98ut(Am>-;2}XQ0{Ef5Am3LN0&X z)3eO9z19Y1Fk4AxGW7t%rVBV!4zB`pv32MRw7d-GzP)Ry|Ax}=$pKy(W1!5@Z;&rR z8h`JMD2!~O1ptlz^=4lM_h^U*cmO8Vt3zSjAxOhi)a&I&BrT{c1aHFWl20o!mf(nu zfB)yqlj!{=mPeaYe@v1^0f0C2S1s3mvcLMbEW4ssu>1XJ9p)U^)Dy=kiImj731VT= z-RblbY%g6{R5AUK0YOvv+wnh+1P7}{52XLet@leKawsr^UUh|v{MNRA*pKl1)xTT! z9CoJxj)Bm#wSnO|-p$_^XD%G5g0?i7TdM_TNGED9g`~FyDEvPj<+cjJqOm|6a44 zEDWkC>6;bsBmB6^%V)APymsd#w!m=ucp0Q$Kz;A(wx;h_#LFLd&1&boaw>VpJN;Yp zY&+)?o^Gi8f$Q5x)7ilwbSA)n*niL5=-^kFm<0_g>sA8uEEV3S@rtvI;61jm%4ux; zr|n!Y0>HsN+P+e`*-1haTe{N6)qk`-duS>qh0Yrw$(*UwsJj9Y0Dof!o2)=e^ZGnW~JUc~-@hli`HU;S4q&)cvxe!Bb*Y}ob z3Lv2lmBP~q(5q3`URn3V{O2kxdMMxO3xvmMA{qO7^M_d(keaZ} zQxG?~b1eVP=R+lgS9s=~;{TkRCu^%+s6anPl~>3_ zj%yl0(NElX`sBX8RTmKvI&2PKBQjxL9(Q<)`-HtS&cF|p7Z1L=)$W$~!SYn>0!b`H zRVpGnEQ{{twH_hM-@m+z4GXu{4<1DyT7*;QLBx;x9NA;N6Y(pHdlLGlJ9Z=0`c;y9 z)cOY(88yL1f?E{i?-{JuQ^0F0nT%1HP2rRx^+m$Rjwd1h(N{8;q9VwDYNirxER&ny zn0}0pvHjnBrbZAxFDJ8%B zbs6vsF)ni`i*x%kbbHeV9Z>tPEa!TaRe&~G3N($2f|mieqiR2Z7K~)v>g6xnbNVN> z6S*v)KmC&W=fBwa9fr)wId3(6#3)UGCzXwIa|OBd;~{=rCfJOlvZDUkcNJ;O6rmhQt(W!O ze+3wNmK!4e@UcWZb-}?$c5DC7>vndZA^M&C^&y}SSyH;Vo$F|z z;hcvW`Tu#(x1Y@ae9!kf_`hS~;BAWht$G)K@4XL=d&gX=_w<85#$dPa*iE@)|BQw@ zGs(YG4u8icJL8Xb#=+IUWBm#a?bICX`e#f(@Rp7mk$vhj|IknJp@0ALHQxU_qJPKw z_$MAvc1ltE%#ixbIOG>lcb>cyp|`hR?7!Dy zt+$`=zw2*bn972*>MQ1RI@o89YV$w+2^qpdl|BmX-u{SC{Psy}-?-tRpYA}n23v2O zO_0VgP(pH_h0vg-|_B;!n5oA}|1`JTHQsx_eNW>%LVGkq=d)GgD?;O$ zf95dbXZLZ`ry*}U5WRtJwH5wtuK?>t*B|e^)#;%3j`z;p zA5L)ioCFr3wF0IG(H#xZZt(tKIB*-c7ODnfWANE-xMHgz@)Nggqd#^3@3{ZP&n%>f z4*wIYLNEMJc<{!NKF9q0zqC1ib3S$}^u6D%KN=c2?;N>yuLi;syh_{_j{t@3i^cDM^=f7A}hyERp>DJr| zj$5UP8|bgCxEkog8zXxZ$e4aZxEA~!@~#isM@Eg0*ZlWA$9#$d>_2f<{TpYk?rE;| z#u!8BuJ=F1=zo1iKjYCxqfqIsAn((^obCS2aasJI@qy*7o0{Gng9O&Ke*}GLiEq?{f8I+;fcThH_`eR1^OC?R`t&3A0ORvO93F{ zU-qj#KIJ=pg6Jho=>Nhp8&RJoK`F$+lMeU%MEQ+Wlvi1JYQ)9^*9^SR_vQXWP-%&d z#q^$oPy{z|CT_Da)6gTO(*e$B*@H3?Ry24ns_Izg_$NESGRHD5h2 zD4YUDWIUS90TuK^MR5@$u`9>}PvL-V7*OnZWg{sjAxgI_1Z>Ov9{op5sf==W$9_>*0Rr(BLVP4JS|ojy)sn_H;}8iQt;u9 ziSX(|Q1XTz{u~CCeWL|Ka)5HaoMRxb_{n9~vRv~b!&{o zjm|004Iz64+F`mQ&N4LTwY)RKw5nxab9GIC%?$mDO_?0m#itYTo}E=}{nauTs(dK{ z6@L|CCsiC*IKPslYT*IDt!4^5E?0JV*hh&#^E)FJiIk+Xe1sEs@^El@Z&ksFVh$GsQ_ z*J7qJKkZ|&EFAF{L&q`n?S@Q{ zj8(Ozt3TL(uOTvDTGUotvQ)RVsyo%PMz2U|gy$eE4WlMDN2ScJ)vR2NKA+^5lcf?y zrws+ApfMcG1_IW{1P9XEP!dLVxU(bkSQmI7Xds2N7?3o>+j@c{;~Gq3)Z7_K6!ML% zCZZJ3B`v0lm@H-(ixQ>`GLTzMZO_v<4d=8s9FWKDI~i13`@`5)Ey-=zXrC~$(Sr#7WY#sSyMxn(TD1GIve?7`a{2% zL8wnus@B?GSQP7g2o)WUsvLVc%#5^iUsrVmZ%=$daHzAPChRq{SZqM!H3SjXDF{ie z?Aj4}niWE#9YV-V*PNl>DnS5(sE7s}{Z0X`R#PAkwqFtF3 z&+q|G&_0a7X$&BPKZ*-K9Am(3cT#X9ZLD!z6$-odI&q>nJCq-^9cM?X!kG{dydGN`3MLjRi>chU(*TJ5}Yf{S3!9M&4`wF2UEYGr=uUCGgmcza~$Y#QgDHjzqsfH-s zcbbyo@66;wO+T#FU#!r^-KV5Oe;=^A;$F%>fl%ZhDAH#_SCdQNhj84WI~ML~g04{p zrzV?{uC_I{sL-G5bt3}X)hJL_y;|5*A(@m~C4w!#29XwrwHKD*wF3VUbERPsFD=&R z;rNbYe9gF7iF-X=^|=_n$JlAh;)T(;kF5UM+A|Yz`!NJZ4x%!Qy(bw~9Q1I|V)t!( zLe;T*f4j)OFgl520loz`mwnfYSNXOwybm{h^3UIkmwU!)mi`C^7cF7@YI}0Ca}g3> z&XE~ywl=PaBeB#-9py|iv7}$gxNn-8vASl>8GY^`@C$B_wW`P0FFHGoIi*icaSVBD zRRe$Gu$Ye(dp>i8tWiIPOj~$0znMYdnrf*^u*WCm01WDM+xv+Mv7QafeI+`_9;Ztb z$Ira9-99m3wLkPFYexlXy2YycWhRKF9+CKtj5{(EI8L0*T#ZmyN5-pW1h}n<35VX& z03Rrr&FG;<h}qhpP1gP@It@p$-FpN`4xKELT)ZseI)Q}&d)`WhrXyvKXw2dOk(~D z23&=->F#^|sNiRP&5mF<%lZUQ9)%P5Y4iAXyfuaJvsNkXKGU8{p)}lyK=GNnmQzw$ zdxJb$N54Ce{nUQ6G@Q!HT1H@qjNta8&)4)8q)nA&x(2hO&^1igsY1<4JNk03KfKBz z$Is^~K!Miohy2?I4l5VIX?(=*H^97$Xh2M}14V7CB;K5!K<1WeAV{VdOal#N+Wz^E)+0f9J(EBH+%P4s~9;h5pBe%_mZ zBx06MXiEHul4}38=o)Tv;r9^-_jA@i;o*x?pj;htYh+7GDjSD>)$!ETqPj>SUhni58qcCUvR#sfZ7&Bp?hBd;kkC9 z^P1%#oZ+2@3BP{pBz9{x*N2y?6?HLjWL9XVkYAAB;-1RD2X)=FI9SH2Uhcw8tyNtd zy)c6)_KgE54E(*588!6Y7}R}}S%YRZi|to%KbV7MR%00zaoRZPinm|2cN98y1Y3-e ze-vs->{T)M$wN)+aK=bXOj{oUzUBES$bI0n#~Azk9t3%B9y|Vv%*%w4{f3){Uz%!a zAYU)vwGd%mSo{$Jok2MO=U2YA`Ysw1Uvn`?n)4HDcw~af$^#=nkJ^ZI7RJj$6-p(t=vjj%d z7W7o|+F#*LIn+!WMr>Lp6^l*Tus;$fe|%kVYo%iMk-jO7T`wx%$V{xm9GU70DPO4s zjE;p`H^S3;=h5BVUwlF-`mX52EG8(z0zaAIY_s&pZ;NN2OUbiG%-u9>J2g;f9Eo*BkgmOugvjsSVg!W9 zp{&!7pDI|=0N`tG9BgA3`RW5GLZAGsJm476qw3tJ}nW`R>WL#C|7k`8Z6h3IW~iP$L5!35vUw6J3B*O|wr@{OrFKeikQ+i$F06 zbxcEZ$icwl#OqV|rXp=gI-DROL18m#+Z{(@!>UgM2Jo%pvSi$yMt-z9^3aWJF>kY% zrhlb)M;IqWkm$DC1VWAVb;?Nh$`vjhL>N#H8NKv^uL<9!{rh9sW7Q4jJXy0FjNbFOgc&d7*PK}IL*a6R{lpem=G)>^`W2Z=TShHycv)40H{1e(Hje?8OfQI>ubTXXYxc+_| zUKP|EQEYhY3OS`Te?()@MoCPH(HiSorhgIT%e8(!{ddxlp?Bnb@__S;6 zSU;H|e)O!w4-X~3@&Ss%Nu1x1&0(y&{xTDE9HmslQh#siiQGG{L=&R^6R>Kad|3un zXasxQ!1zuf?~Gsih!n;Ws-LM7dO#M)Q9b!!SD?2Yi8)4ek95?-x6DX14jvXUSatk#v_QDMfAWTe5VlF zYFEpsy)29{DSLaJ*gC)Cf;j6g+krIsLa!l$_e6N6&-m4qN5EK26l)rzp`5^=ZftE* zaKIbrX(i};Is9`{;A2_PXAnNJ#mr@i+F*I0Uon4rrq!+L6UhpKF!6k1kWs$Y;&mbq znyWj4Uw}Qm+OyxApDBk9HpA$xz~*DGo48m$%=}`=K{SjNI+9n!eq|f|ica$dqt0(0 zqlwu~D2DNkbOFP7Y^CrbA6Z=F5@Wx<30*XYw+nSdxJB{kN6u!e*SS2<#^TIQj9xR~ zUR6W>JDq3X?n8dQyscN}msG-n%^r=(H*>oV4AE^&BB|J|Uv~e#KvR()7Am>TM${8z zWjxxiPNftmT?qqymAT4ybH~q12N_)ztz5eX+N-xw+s!q#I6ch$Qbk3|VmdQ=&D3o0 zhE}H8cSJZ0IH}R8-6;I@1ri)s{kqvGh%LP&Q81d-8;_CR62Gm^aBNZg5H|=f6f}1@ z=IOZ3@G%Z8HQP^5mfM)-KMluEbj|ydf8E5UeOf7ET+@Yw<(F-L3loJO%5jni(D!Ark_L?(ePy}e%33H{f%cyHARcGPxjho%_vMut|D$u zj2RFY$WK84V=lUphJ2u_UnNLC@rn(>!k|s*hvq_rf4Tk#sUJ4urf5<`!vUUbZ~;2P z3uJ}yI_J+1GK%e=U1#UI^5h*!>>Iz=nm+J$Z)`K5?E568GH+!Tb9tWspeOe9C|?H0 z*y>_1)rh8a>MqCvL(9?6Z@&PMv{(te>8-|!j)WrodxqNfJzgIZm(d2I3hjp-c4%fu z-$K^D&Y*O#Ld_b@)#!91Be+J6q=4lXR_n9~8-y!j`U$3c+8s7BNL@N-K!0_2nr-#~ z4z10)6@tKHQ}U!|qnqkdFLt`u%91hZwAkkx|15uCaQ>!1B!o2LBL=PD8-;NNUIm|Ta^*PV@<+#^uO=S_^%#RcA*D`TKaoe!E zzyHOvM;C_+ZkQ1dKjzil_&7Tanx1KVus zHTQjtBuBPArn>OlJ{-wJOg)%_@aw*>_~SQ$BPp3)UQ`we0bp?y3I;KRF=RN1B?E~c zbM-&QisYrbTFFl+YEgcdH>|&5FwOo3i)G6B`z3?WYoh@bn>7g@01GVV8w>tYHJc{5 ziD9&#drG8I%yjY7vz@B)f?5F=C}ls;t1R-nZjDu8ODqitRJ?L0zOGlF&!>Xqz;E4X zx93#``gEQL=a1zc1mAoVRgchLurrW0n+NMqlEFrTKw&#*?Gj;pkI*VD@&X}i5S$dq(Fn#H6rrftH3D;6rNX^AL(z&@5w!hr6A167ZS zOX=zA`QTt;aSDTfm3|7ykM&rWJVZcCz*E#7da5IQrhb%$EtDUtxGZE@Yk;Oa2QJL^ zn~%@#gqo4HLRokD#FTYj2=4k>X>?bOqw%etS>&u%j$PAsM$yCi%>eB0SiZPik)mH3d2F99vg4U{nD( z(#koZe1gcTikmg#&_HuW7k{OlyTSmtdotUU{V0Tu7B%!MBeeXaWs&B220W_Yi>r(o z3m+`}kNH*%#iqZK8o!p$5wPxQ`0LLd2Qqf1JmaRJEk)bZdjDiyrH{G=w(2*B7^=pZ za4~m~r(shNjo}kUN@n*><0ftV8tNo{?Hp(u*9WLgA&|4Xp(K1pWfmCM!*z^A&#XygA*RQbdNN96Q0N6&RV4$%zpkNp@e4I2^y@>MM70Z?up zQ6P}9^5bM1bM6GAS)oCy&(gjY*UOjO@`TdOSrFeyENI%FtBJ$N^o#7&EN#WhPd)m; zvHm6Q}OIiMOS$x#ihe|Z?D+)0}RE5$|GcJRKu06US%Ji zAvwcJaE@-ohT`EpYU!-9g7O`ab*2H;mvD(Y;|d4Zhc=rB>dB80Vmu|*bJ}iJZ8vg2 z5>X6R@{CTQ7ilOwv+95&qGg5qVkYSC#5qvpjcABc_ixLJ%Z!Yo+R7+LF75lfD`YA9 z7DGwKcF0aj`-8KGe`3-UU1qKxKl+D`bt;9~E0W~DL%*wl>CsJNEGlX%x=G2k zv!W*QXo=KewHAanYNpPq}f;BS-9 zggPe=c-`HPS0K6gkyC_hNlC9uSJuzzcjG`k)$`$Nml13s((O1G%H-Ii9xld93O+Ye zW@^5d*CUetJ|Gl0)0^WAu~A^z4~y8R|CqlW1@X-K&D(FU;8hu9d#nepN*MP$L{Ofe zBkles!#W4UvlG|4Lm8wZO7t`SVWE#koY7NZbs9?M-)ddlpaNEQYrJN4i-yYSbC=Gi zc%3c6A+(T#mwca*$g_pXb~DF}pC~3-OdLW|qxgO@wjb#vL$|)>KWu4HUFV|UCCF`} zD#)icOeO-%oPtkzbb-4RX~GLIUxoM88ig7VzPU^Wf-(Kl_I}V5s7>j8j9*DG@Ubp~RD+uz}%>v3Nhv~`}nYCAuFnq1prjsuhBetrwBb>8~O z@Q0bM1QN&u!-IolKv+S{JmV>j{m#NcJI1J)Dovpee(AgEZ1(39O-$ETLN$OfOG^5W`6=mxx*-%3PfZj93LL_-X+bU>XTkrzY+g%iyoQVaLZI8 z+lhKu1eRKjVAWS&3B~oYIM`0gUBl7GcI;N;V8LZNptFQ4^&~8;*-m~n&Uc=p^N0L| z6&{;`4;aCbwPIipXL?K<#HnbqgoEMumrW}cH3CCoa;v<^q%;>w6JHzxg+yS!KRYJN zA_~7ZR2=#D{>)qAchASsU(7IEd7k%=hA`@jip(ID_VHz_rW6JCHTwN#f}L@EBQx=) z;+TZbFPf!uxmLRP(od)H&dWE>rty=)91pVcnNfq|`Q7|6(D_TXnrPl(xOtSaBVGUD zzozCe4BJRQOvmuEaBH(9+<;E+URA0e!E=w^#I9aMfV2cst$t`h(b1^!NR5?~gt9A# z>4j-87lno?7^N||w8#{2EG_n#DDDO|u#dXl@5-uSwo!d~<6Gg9D^nMEtKx;3k=eCB zZUNy3mkSyesFaGyTUOG9`738u3nj)>#}yW}&nLJQrtvsN@+?hfq0Y_(D^1x1YizIq ze-g^$rZ(ruj{j39`&WB~3u~uTRrP=WzyIIhX z358G?l$BKWe=#_haXI7v5FYDD#{ECFq^}v31l@i8qHEayXNyUNzaOmpZ!szBld1l< zsMhhlUa)){Lk{FMz_o|ds-y*zvywgFpGmf1@ZjdoYEOE^aGlyrljvL)Sw&6Le3cKM zSH3FQLf<3FBC}0feD$ytlW6$rk~5IpHMg|6H?17t6plaQ9QPueixGHXBT^KzbCWoD zAz*7h&w58g9vny?kV#+eOOL<{n$SPw;DdfH%N-%T;ue8#vc9PI3V2tBv!rH!D;UG% z@p$o*K@<|KEErKnU!hb7F* z7gmf4a0o@Kcz4tKX}??R>(CV?HO1}-`XN<13&^e&5Aba1z&dt8Qol(`;?D>}(>ZeM zR~@JAStkh-U+<9?#fu}lmb~;&>b*2&S^K#1S(Yuph_AUF5M(W!I+iy304ngK^Z{5Ek{d(=V4X>edq zPy-VDW8!N-o@~N`@n^Rgt?XTR z2PM7Lf}02ooQ;FVghE^b9sn|FuK4^ENJu`&s3bi@RpqCm4M2ysE#cJzHPFyj7mdKa zS`iGSK6CSExwm4M!@5l+6Wp^g4%=c?RkAgmq$t!@oY${@ZB!B+w~G$!jQmV;NbLYG ze6F=ipkk*yuS5RsheQf`h_JuDvpd+K4#Y=RjyHYcWTAZ&<(&j-SqdEe-1?3q>~W^^ zt>4HX)+q_^d-{T|h;cCOy!z-jMZ= z&k28nsJbOuW4QrN^7FFK?>5dXdf0v6pr_u~MzD4ENq6pX)*o5DNh#Z>SwD%KbqCpX>BL~w42C_!3L7!c5tqL z`XjZU*M!tRRJLev3NEAlMC*>H8qCT}PpT5ZN#jerJ$kx>i+&Fp#wj9qFWzX;+UO65+*D}-5*|CgL#ykkNut7*|%Rc_bpgrn)DF{{tI=sH(g%?AMR<~Ei+7+1BJc7qAAa+z#J~LLwBPq4a*Nrxp8wx*ecHUgtU!p*4 zhRdl>xi{E)AO??C#~H3DEsRx0Ft$@hm{HJ-S&&@a3U!7l^zYZ1G8+qhNN08%2M9;uGyEWX}?)cJ5G>Kw7;P<2t}_ zDomRiOUf8YIiCT!Mw_f$e%WZ6dTGhG*mY!77b)Mlss3|her;jX;H=#ru+@Xd8Ja}G z3zgUel{2mKEqB^CYqpsUD&5(cS(Rhg#~zR}xasuRv)jVk` zszO`x%-6noe&4s`A4A5pWwrbvc@YSRzYG-zbX;G83-eub4wgZ4+a zWa$e};N7D@z+2sW-Q8i5lYQBxHXMAIbdT(ywNfPUcPt(VwA?qd)Uji}dt0W7Y!S1p z4pD88u+P{*Fg?A-=83n%!5NJZYIBBTKR)CK99BjyjGg$a0-oxN&O*+q^i%O(&V;j= z3Fsx;jMrfu(#g4ZO5dL}Z;UB|3T}M;_{u`m{s5@_+e(Zno$+T1WygRW0FVXZAwT0n z>W!^s*XJD(YsmL4K{=sLb_&R15NplU zo_RwYIu(ZmMBtT5wqzIqgj~j9=T~EIF%q~&#t5#7vib8d1z-Nb)K0F|Br47*ecF@# zveFeAmOXwgTYCZXjaVUgC);yaiq6yfx2O)CQvF{c{2c)pDHKxLE*yR?`2wJze` zs@~fT5thB%B0vqnl{E+QuPss*qoQlREgO53T=bJQyu+_W8U$)*g}hTnBM@6b=Q7%$ zW|ZbK^05uj!QwA7ezUFi{P}eWUU+$nk$0d#ei^OEGNSYFl(e~9*W!iuWn%Z+9 zw=p1pOND5c+v^DSl;xa{1|x)|XuY1i`^!P;$9V=6{;iqSj!w+N;uTed!)xCY!lcWA zeCzA+q{3W1!47Ckmy3JjH_W9YO|_b_%hJHnWiKNfy5e<&W4BVJ3%}X;?{ORt zjjNk~=hqv3U8bMPERjeFS|kNBpkYWY`~EeN*`3sf!CC90Bt?oB4a-G5c}R!X+}~&y z#zJSCn@jx8$+X`WM%pwkI7-!-NS_UcNOfO!gm^NlmHl{gguNYU0tl-lFc80}%>W80 z|Iq%I1dKgYp-aRwV>z0Wa-73=%QoD%&|x`)P3G2js|tMjg@L%C|2VynkhTQ7$iuvP zuSR$~$8V%XtAXUdCh<<9Yt)8iyT1K(YvEc0P$56dwOm_c`ofws3ga-mboqic~*E+wRRHTc59y!zazs@=PhkP4Qlt ziKxs~$U9;sh3TB&!{vYi9$CB*ImL&*|^DlA^c>>Oc;G7vaX5a?S0Rz6i;Wr|y zUUrvARg7xT0g-dW-P}w~b(6K%0+cLkS8$SvYv)PT&^Ziwm-SZTSPdKPF)Dt)Xr*CU zUjug$hLElkMlnJBuk|HK&8NLL=DeR&Wy^cT!U})v8OVk*dDrr$>$QX?GOLc0{`>sq zHDN=c8($XU3BB=F?}+ScgnSNZ9GNxT-mbZ3`s}X+J`Z=fQRPi=zW?+eAB6+b6Cd(p z&Ne~{5NalUNrQ;3xh1M{%s2m7{`ghG0a)Jp;ggX%5oGY4u_3bv!gl^{VS3c71daO& zGmEZgWwqQpG@gce04|d@-KAhK54k8R%O!?jX(K>C`vcSb~v%z7G(TL*mjP~icUmh$r zY>hn)F6Q1xnyoR?o9Mx4BDEdm^5^OtT;*Lhbln@Y^K%W}SP;&T=NEc!m)#4=yo3t} z*0V+U+?CAV2u5^=@r9yzog|Pkn|ca(kOvOx@xg73s-e{DL-DwT5)X)n(#DMW09D~H zxDnQkD++e|9Z&lcTRqqTBoY?zkuD`+?oG66tTl1F$f>lQs*$6^Z6ge;RX)nP%9T)9 z18D3;`~Y$Y6+Ui&YPM9xya^oYm!r^1lvQE4?_F4J55xkCn| z+fRrQ8TUkEN0A?y5;BArhL9<2v`~|vkvR<#U z2Fg9KkpJkHFuXLluTiNlpKsucyo2lE_|}Ar$;enijM0z@YG6QCh|8J}W4!UHA!K~d zBW5Y@ZFrmSGnx}JuKePSZaTojoE0{9^G<*_1Y;l}{cLwi3cN+zN>RtdulA)l8fJsDQBu z${%#SdHa81-Ao7oeraVS5{Aom0PK3!`cO-?naAFWmF_~l_uOd%9;uw$81E|28i zV={?-Ec;osnMvDbF7Qi;$$>eEWGrj?88s|FMQ6VNVP3Q!e`0e&@;y;DAcT`DuGyWNnwZmTN*Oy3d<)1Y{x6SF>n^VHt_ss!`4EFeUb!&>FF=yiO3JEmgii^`)zT zUcFE0koGBlTZlPZjMncV)*)#y(GFoToUy0Fi%ONY7Pr1$QqPQM5C$igPhM|t$<9Qb ztAfcv;tCmgAb6tEVxJ|>IAnCzA8_%O?l*DHiC5T@pp@lw>e-ex-&lxviZo6MLdJYa`j>vQ__H;+!luYS2 zJgQ4PeL;}1I9+vKOd5?DKq`EOBgGgoEtd* zY&20Z->&(mqneJA*N*zDT}wj5pm!v=DblL?GR;?u)<0pesA4bpGO<9?PVB>i$<9hG6)hO@To zXLR-Px)#}G%|4Ri_j_%4Arvg^k4v3HELT3?jMmuK=(E6W`aR(w!A+lSx-E&*U)UPi z8;R>^mleQBB|#gMVSFWlA;Ibya%!ZXCsRCowD%oq@icje-TN zk#I(<++M?~090fj!e#4g;2^+72W))XR5fLZ<#;1a+jl=N+i*Bpg3rx4YCUAPq}1%D z>KInXzcEii$d+q2+%ER3%LS|Cfbfk!@yUC3V1LGk$w&2`hdK>bwPP>lqr6p+ZDR#u z(rN_^v!$vha9B+X85LEt0QFRgyr#Th()e6|EqgFp#_gjkk| zlKnc@8%*pj<`KpjrkhQh;w_uw>gt?Xz1EQ-Ld`0hiB-<1D_LUM~ignB>XQNO2Lvrlx?Ijv6vz$Ug=MZ<-R^3|v% zZSKsrYPZ_00ABkH_=B3#D;1Z%VKW0{GjVUp$eg@aP>UDc1i}}Q`{O}I}9W8;ZHdD$FtO8=(GslvoPF} zuMujh#S}kF)(3-Zt-zWb;Ux8R@t(BCiowPx5<=4Ogp$Ec5OyZLE9IYclM<3KVmXD#CuH#`*z-n?Qp2$eZb>h?(h zE0cWlf-W7TIX>v`&PDg$*qUJ3LFqL``PH!CISqhR+PR%I63-2fSP1U_qJaLr{L))~ zH-Ic#t}CH@tw!b4&hCc;cJo}OZk-(dwRf{h;^shQ15O$A=Az!O8q+$n}|DwGav ztx<*nm=8K|u3#8EaQ~Ryb|iq^U_;Ere>d5sPt&W7fLxqlvMhscX&vAC?Cc27xhaF>oOx`LtOzjV+?-};K6{F7CwUafpi<{MI~i^9=@K;VBf@N z9=1{gsfnoPHohb;Fz8F^EXK-8Ln_3(w)GytQ_Iqd0QMVIJpgP+1GorZJ4<5$>NnM- zP=PuJn@Y~$=N`i(s6}1ZTS`PY`xqZEed;$n_BBC1_X8_s)>_q_JgkXU=9jQzo^Wly z+w>*A;_(YjzGC4{CJA+}Ndu6?w0hJPlToLuJrs8#f#%{L4F_{}RgO984CabIU5EVi zh<8;-PLQIX$q!JGj4(BkmClU*WsTOyWqzD!)T0= zB6Hwh2Nko4JtZJCP*##nCn?0wpjrp$IO^FZ8xrSll~%h}%>eb>kjC=LXB_26c1-PHC1_XzbPCwr09Ed_ z=_R$dC}r$*OAdY6m+~KiKLLqh_2xp2yI`sT%Q+uP&E>QFm^+`75-3>Tdx4DzJ-8O^ zy6U&!xQC|TMZ+aNCf zXSXKmERxr#;+N~Fjl*$u2@DvrAHQF zQe9&|T~LVe4O{y!hrDoMU3{9z-!78BXE{Z9##0QY?jMjd7$15XK`g{vyv#4tkKZ4UrfKnVr6DlzaW)-> z#cuX;0@<7D$}AIT=CNz{;FIK80pt%(h?a@2zh4wtuOg#gX+yu{$A7g3C6El`hvwAc z2`)mq3Ox95GtY6&%8&959ZA$eW+zqsU59wdOc?IJMtJNJL$gS?KZI?Rzne8wvo$a+v#sUziJYH^7j z^FZp=q3n(%zd+0VtiL`)kG&Ma#(8C)XRQZ|E@a6Ih|OX=U09SoL03^Lx;k8Y+}&82 z1{b~pHqMqHH)Wkwf~G12*mS;2%RX8p?h*V1xejWZl*2&JBldgiNF>91k}<*aQ3$!( zp}lV++jBNcN1icSiUk|+qC??gfYPtS>F?NVH?G2Uw*)q!ctKTpA zvyAnkQD>*~Y?>RKfc3AVT>KJsirs(qc-(;){S7lb?r!zu=GV*_&!XnXIP~F{inij7 zwq<>wibM3u1o7*Gh@KyzZ*FIp?Xd_ehQZQ1YWZOd7hOFZrt?*l@2BK0-g*uBO8X=X zzSg(=eK?yyP?)B&w3C>_Hpa=|msC95m*)sa^Vl)V76XFw%rz42i6;t%6H^PX@baLH z;{qQhlZ=Re>kdQ+`##ESL-H_EfmPcK25?byYkz8+f#xh5>&VH(H+t^7r`np)1mHZ` zmNoLS)P^~Q^^kK}7lJ;cJqH;5$j!Cr-PQB~J1mO}d>2MQcj44;EDhxNO%CLl2pxK> z4^nh9&Qa}Nr~s~#B*Yt)v{%Oj9VW0VJYkY%QgKjA7C<$HGuLvlqpu%!u_Y3B=2&eV zruj{`_!GRF=jW8=v_^_(LH`!~)W7At*qPGRG5n~UjXCDrdqPlUnR;XDS4HTk~)_-B`QDJ)QV2K zv6l(7TDI5MJ2-2EZ$m+84vR3O0{JF;U$M{_8mF9hGb3ejar8OMM;WVl!Rb5fgA7ub7JffH<*4@n#~Pq(`##CQO3j34lT z=}*iLFFTHeP9uN*^=+z%HW-p7k>w8V`m_S0By6;Iu^5AtaRM4xqORWHeoY)}1QL}v z&K=Bo`~Z=ElxyT>eerJVQpB%F8j#K(>tj1f?Sm+Hd6>#vpFyr^qr?nbvG*|O6PkWy zYMUX!h95gdkCd#@E%Ob!d@@beaI+#HPYVIRBjKhsCh@~GWleYKcqcuO%rIp3(tZry zBJ2C$`^Cifk8=}dGA0$r0_!7#T(5{DXI>Vo#1Kx`K8gc5gaepuKJ$mu)93SxCBA+? zLq*p|$70ep{!Ta2ePAsW{bOcM|Lfp2S#EqmSkiGyg{sByWt=4(;TI^{#MVroeNz99 zz`Abh&P4AG&|xj_=+l{mE|XCC@dPl-QRSe5Pn2DB@EZuUg(IJ30OsPb7ejJam_LAw z*}D!7CXk>#@$uK=E;YrKLZ>uuw^BVJ`{8yNnJxbcgJRRII!V0;Kuwwemivacnh_`v z3;@5Mg=_uD7U9P&Bj9H?oG+bs=lx<8i>NFm7Vp%wV168}gF45zUf0}%I#UbW@_rrN(Mq5f7;)5X@xcs!JWt9SToRoB@;fDd5zjs%S^KTv z1;|RYf8c%z_4_7Bo$DS0+@y~WPpt9gP~I8^L1#NazU)R#9^%Vm?a#xHf2yPH76)!EM}Nw?3}x<~Jg^Bl%ShrIx-M5|i8CK+oe&&u9-<;yn|mW0J%@n_{a z$9l%9-kwC-lwE@eHHkNc|5&S_22zt#a6ot zJHB5H2i^{r7|NBsfo#_ZIZ&ctIrC&hDVagp;4|O{4%hLv8VWbGAi!Z@ z!fGKssQ_do-AvvzAAw0_Ar(A?!Py&Ov8Fe=njWBi$GQX< z<~L%>cy)u^pwr(%&zO08v|B_-O?=t2-y>RxRH^-fQ?;>RXMu}_-({@GQAEpGf!^nH zn@75ZF5P+AMb7FpQ#OLHDCqV+co4s;=T7BHW*zYo;0h`s{Qh!g84-nyWmFlDwhT`l z>DCM~;ftrno|eAisX@(pKu7VI?U(j!XC2F$2M(z4H?IDIXi;7G|=Gj^jH+Ttj$|HpW=4u=Cu~|4=X5A}c=R0?-VM zrX(85NHwjTAqYPW6}1i7pF?I`;LM7}qp^4$gKuKuJG5N%fO6U^Z=gq1P>(xqDxTmYj$d~iNOkb@Gh{q z3P^{d-#w+8#$BudO`Z6n1*#1}Q1&#>m}ptr$3g9O_zYGBiXe7Ij;cYcr-5Z?vc6QU zwbuQwm{0UMYznUxC0i8mYFzmK?a}%Bsw^S|Ea6>eu@W+cw#wg3`kS~; z{PJ1X8>%!PIq4aeXuRFBLaiNvX>u&~u$-%bnkYWali9Wc@+tH3ixvU0uWS|>@$1uvI^^w~h_Y(IRU&s~V$vHW$VPU_+p1g|qj zet$Qn=Z_Bvl?#+x8Y>Wc#!L~7J~0<-kbqd0mP?UCf#_hQD3Ymv@}FjQD z3Aug&BJ)!Mti|=v{0R(#nQ|<8{lMAXbf1o-w*#M2NKy18fY%kc29{mkdR9uX7dau~ z6Wg&dk6HGWr;ufts=@jFG`J{~(JI3E1C2J2s0m$cL;nf6D!#;nW%K*{nZW9l(5w?z zb6XiKvpuVsejqKyd2QfKF_H)pO^kIRFC1#7eM8%~iO|``52-fT0>hYP&m2>zl^^dD`wZQOiDp170P>HW1>aoa=`8DVm zmON{~$i!9w$-q*&_^3)tiOljh0r`c^=@w)RON~~2y!b6StuUr$B`mah>j|vPpz6EU zq*KAyYs7+;Sw`@ck&KD*DO4)s;^wVLA&Dv$Z@UjQfl_e-6(oS=cTJHUt*!1=SF4Sz zGYnwpaI$fDVNyW2r`#EA$&3SGzhZNKVF^*gY(S50hwY5{)=i4uyEZ#Wz?j)fumq+F z{oJypHbmy7>`5n%^~g{3xixLO9q{zDhvy@q6bou4j9*sDSthZZ#d~HV}1Aso8Vb zKC%%H(Lc{xFn@^=;U`Qj@zghodU&}go%z*R2hcZ_>XzsR1LRheP~5C|kt^B$khXpF z-da1{mnLcNRjv20OOS%9Leqaqm1>U&UEEu%jDEnCm#=UQSHJoWz4PuNNx=#osC*$6 z7sy|k-Ap>qANSbNV-hx0uV#4!k(GEuB@2w;RhYHfTduRQMMzcv^;TvrB|}#$X*4Q< zL|$$166Olq^Se<~;0WIu0vD(|D^D8=eF;eQE0v`I)NW&%clOHlI3~dgV_`ZA$z6cR z=eq0<)|9UD3y>!{P824sXWI?ic_^h>zfUO9WJ_f(jut*DWDGM;J9ZrWV=A3(wAM3{ zmDP*2@wt+YvpzQ*I36yJ1f*(`S%0JMU{T|F--pJSY!%;Hqq}|O6wxt|56a<@xDP5t z5nqfGQ90N%l+C^@b^p{OX^&?gl0GSrq)V7PIiPye1?AH{C4K=?{IGmauru-TSPrez zhIgJ)QQIol``kiLJ0pbAc?4VUq9gJ6y;DwjgWX%1w zeypsC01CH7Ki(8} zv(qcLfNL{Bkiv9HDPyxSBN-p+8_(ROScc8r%F1FN@u3aH!>XGG?<%vtMaBOAo&*Bt z5Jlh!^)H+%@PAbZ4F8Kl(EML0PLLE)q6CaV|AX15?SFFVT3GIXtla!BPD5a|zoR-# z?LVg>RG^ETe{YbYj~L1yFGCWjK*T$7*#C7Pf|`Zmm;`DchaWu8`~L6nBv0u7*(kj< z*9|RTT%ZQTu=o_GNA&j`+#2__$G8foFnV+wuE8>_T5G&Oau{8QCC4(Km{VfU@mhhB z(IvQd$^l#`0MKPQ-#qMu$HtP?S{HIzgOq?Q=06XI`S0t$um8UO`}*(ezpwvi7aw;h zmHcz)tKPQ2tKR6$&;O{9_;5Wp7n*GfV_GVV0_$C*a%Clp`+q_{Bzalus~v6d-PxegZ*7(f}qTa zK92S7sxMmp@`G0rMr$Xqr4%i%{Td>{EFvlpDf@vY@gH~ZWyr6{xGk*n zaUjVsA8xFdxRD=q!^JeGC-^Ln?~k*xr6djt9lc6K zwss(A8>UwD;fK{qMp|zybelpBpp2_IMqHe2sR|bP5TuC!1h}S2N?T6dhgA}!frB#I zA_TdnKqm8s2)~3VnTIuOvNfd2EXiAGRbiUue?`W5$1bh{Y-_*2qXrR0j-kg8XD5~z zx(&f!%}uN(d)b6D43{;XG-KEXCMZSlm+Fyb87OWeKip8Os|1mR`F;6i+(Fk&EmoBY z!k<6WlUX?bwe9k=e5PIMl>sK#eRc|(+doG&F>19p0I)~!hD*_TwFEas?-BbSgG^N0 zn{5YKWX5FFAuyTDz5h;R46O{qh6*LnXi^DvtwoW`E+0w%4(@Z^_1hp|-H=Gn*Oy{@ z0?b;01J{+WsTtxquW>{Ue#a9x%ET^NF4Z)KTlkcIWnCE=bx}pXV6<;`H?FNl7w1!a z$@v&-dP}V5wXiT8V}0T3r(`4L!xV!VEH1E#409{~s@pjfnAaO0bo0=pigAp*{f z?|RNJYgpxLNc^t#j}61OZ7(39>QlbHJJB2 zmJ#3o>Q|fm)AsWw%VJQd12f_KBZF`kbQXfdXl(TY!wafk>vhomA`(-5rI@Lw_l3}D znTvgWoH4!0IB#q+s>UO(et!S#sB012ygq=K-=ChzS_plEgMoXk@|4$ZT=T{lhbHe> z7`r3Rwu!-Nf`7{IT+CAt)Q^}mYYlg@cfOdS{N*{seZT=y2pxGQ6x_iu$Ii2M6BF^3 z`9JNfash^&9+CnwTPstSUo#>TUqPkcShxcW3LcLUm{%g5?T~_J>pPCt2{XcyOmA7* zYd7m{fL+bXyCA{m)xOFYIz#LA!H;@pfO_6gFxO5Hq{q*XDroK_X(;GqY( z#Yv~JCRY9YoDJ*eR5IRfDkKw_qf9Sv?s6>$(ESLTawW!Qc@YtqIdkVFr@f;fpxcKw z0+kkfCR)dp)h?Ln^nYVz$o2ZMP+o*D*45zeqyU}y?oj5|K>VDx`TTldR6?Jx^b?PA zZYhrPjfX~j<7+$j#%!Q@h7X@O<-S>}i<=A(B_^xPDn@?FLZm=jjsTNRS=GIysR;=# zJ*qRbzSh)~jGtMAskm*q5L_vzyd4kRLSjhA)9ZgILzj$;Ou$EFT#bxbj~gjZfL5ayck5qi1Pu6t(Z%wJp&A_+#B)M`v!+jtJ#Y z3$Q}o!Y->o2kYIAH?>oI)$W%^+tvj!^HsGhT3Hm>jv$FXIK2`b1e;H#DBdOxpDC@S zQSj(ux)|w(rg)7YvHDhHUsTLlxbY6+4>O$!ea2SFF5g-K&EK+r7jjs4o*{*(!x>I) zX^vGQ40uQjCUzZqbok)mV@8gp|Lh4ekxkBTLA z@;hqr-nXj3Gx9JZ6sggi=R#{}C5=zKma4urNoYuNfeu)u!4|-%UO4dsAhe8(UO3d2 zpCWHUzbHP5>Hg$03{Vhh@R*jHv@a@5!NfiLMu|;h@SAPI`T94SLz8@PSpHt8fZIK{$s=@I17W1nZ6wJyt z?*J?Y`Jo&jv_DcRWDMYA%jkO~VF`Cb@^z4UzrNf)ZgCAbCV>7rxC7h?A&8pvLmD0g zb9n%dP4+yQ-r&tE21|$Vp#rBTV}W>B-Ox+&_)?*BvYA zWfaFJ16C3Dp$YP5egR%rs=;8BIReFrjqF+*6D=go0%WjBpoc7R%xn5NW!nKmF0~rW z|M=D{0nsB5Krp8S{qx}7+vbHduXZLQ?1$aOu=$s9=Sk;PaQdhTffh6Tw?O0NV^?W^ zafKF#?8iQg`**;q4FQ&}lLB2`0P$GT$Lzx$Gmw`SQ$*%)@(NKPlqc3pFnwX}>o?H; z2JKPhE|fReFWNDXnY{3aRiEb24y?eaG}*kh5v)S`>RR|DjxaFsmpuC|wX_);4V3*G zS=$e948dez;5^WG;1}t{c^^Fend!T7&}q331g;9mV)By}!6G9wE4$eBX8+B4hkr|J5G8e>(SWTAG!GJPwoZ%4}JicGa9>!!p78d#-5gBXa!zP zg z#dT$>byvgS9-l%2L&3RBWxq}I82%24X6RkNaPD6CCq6!q-Hpv&O8ML7fm$y=e`|iY z5b&15okP^LcYQ9lY@FAJKn1!zK%bI>XD`+L`6$g8@}XBvWIwKHxhGIv6tC+bIZivo zutMEiS0;%S{5z9=1rO^rq30vo_hnl7<<~QYp74WK7rib4(MAC~mga`KEFJ(AgfywhV(uj$#tQ_M)y0}`L=I$TD%=r3hVB+y+)HK3aT)9XTAS7;_~ViiPJ>rKd83f&|8t{x#OS4oCij@pI3Xo*o-hl8Ff zVtd8liNc?LznOrBm5Nv3zE>A!bWS!;!DRGJVDtyF$*PS^QJj7eq!_s4ctlg>qcfa*e@pzV?*dmuU%2lt&cdf2c~TC>fOHytCavG`^leT)toRouuQs){IKa#k}$%nEigIz z$gr)jzktR-KO41b=mYI1{!RnmdFK`CJDQq}Z%q(}(-*X7Q6=6x=E zCDHd0q8t8Hy~s;59uI=W1nBfZm}OYKi~M<4g5bWZunQ(KoX*7<8;(Dl_-$9l;;($} ztC+$E1L_%ft^=?fUKum2^Gseh0hZ)7YQWg8z4*#V54PGPm6%U0yn54>X3}cUk~)EN zmjE2cVg?as@YP@+3E#~+!a^ZsI8F6x(R5KxCv%`4Q6!PwbIYTretCTHjn7N<{Le|- zmq(Q41(Y<&Q|LNDN`!M*%~Xx@j=3`yBB`&1xX0N;^s-cKlArCgKkKxgw!`=}cF{>_ zR~n!ao-}zg3cZ&;TWYUXq0|)cBIquX?EbNI{IY8ip*ip}KTz{4Hk~&hDfqILa#lCb zL+!!)V0-PjyysT(>4o`j=m};{K@NM%ztMj5ko65=fQ2vPpi*_kndL{=*z#txQG$o- zi6>Do=e-gA%`9W-(~hA3-RC>#Ra?=lxW(T*lAV}wN6>>Md`CtGrm3XX!D^Y6y#!?` z)#^XCPW#G(=<#)njO)#~hX4^M4*SwoUnWmG`w=)|vjmT%6fa-~TovMUJf-xl+4v)K z+R)}gUWpm}*4d&#U&bt>XVHA27O%h6>A*BU%FXW;kwz9g>XpmJQ3m@F5jd@224iy$ z_Q~PpO*jJ8O)$HfD)T~RgP0k3;5l5#~_8GdA=l-bF~3_ zAh_9Lp_B}cD`{5MIFqEQ()uC3L#umJ680c-=1E=wT0J2)2Z0J5lZq z;GiLaw;!jWNJ>P?p77g&U@Cauj2=9rUQMwjjH z7jZlYSDWY-ap=9ZCtM4exfWo{_T+iRV1U|x`@}3F5yw20{OvAgd#5{G=W?ET{$<@* zTY@D2ZMGf$3`C0{Xp-9o$x-6>xlQ#dMzVY`(Ej-Br=xJ(fwv{_=|pbBY2AQzaZW&9 zve4gYg)w}qo-IyKjuxt&Y_75z(GH5Q55_M(b3ls-=^{C3{U&)Y$Csct{P2aVmRTqo zykYE-mOL_vSM4NFHl1T^-~&J99171{cd#!2TYj-giW95py5d#2zJ{`_gZ{FgdT*!K zbx*_jL)QI}N&;6Zt6^)uiqox-7i|)p{t4Q5fnE-zA7u8{gji#VY`s+9=d0I#vlpU$ z08>IUN9Z7reAUDJ;NW7Bk&4{sh)#Ia%Qa2=dUF^i4G{b!FEp=c?STXMRzD;aTUL(9 z{+4R(#i|M`2xF<5_^f()%dqE~P$@l$mPofT2j%X^R$4%y3A{ln6;UDZY=lUW@^YM0 zN|Zie42m9Xwx!av04sRP-ENeP7xLsD{I>}Wg<}0-tw~v1tu`*w;Q8jpWiXw1!bUcB4>PN3R1{25*8)Z7H~bFd!^7I zjYr=I>I{XM9VdMGKJlF=nDyXo?a^KP`me@mfJ*$%9h5LpDtgx7wq$g^SZ&dki7rlt zVlycbAD3EP{322+`%?LihL(SQ!FzQ1vVL(RKHm9B^5~!ixB7pHyIhjdt^OV2mzV-(jsm$@__~{&#rE|-OV9B68zDWRH~<` z`|D@%80o3Z9ZvIULEqa_)~407H@op$B8`27R;UM1t|Rk<5W!INNne&m)5;5yqVHkKeZo{?TE!jQsZ?o2Q`;|VU|Ybd4ufYZ=+7T&NX2|}W`^ZO zHGc;$2QYt)uP>#cGwwRkC^TeoyBItAlNfB3$hY#7v#V2URgc;op|3_t%-t*GOeiWE zC+!vxeNa2<>T-K6=+7k3@Wk!j93S_C)A%S}5-|&3z-ZUaPMlKQ0*MGMek(p~4&i7V zYS^3R#_|CIg^i%bdi$AfvxbCj?2lC?2ziZU8uy8_^5fsM_<4)kS-uK!up{aIkrYY4 z#YA@8Nj@#01F{t8a5#Bs-I6lspP!4ua2VKtvuXkpkbDRafk#sT2x}YmE+u&aGdwM_ zT0}5>Y4FdJeh_+@EXt@|CQANtBzUE_3xvRB_nkX0tFPRC=n1#LZ@BhO`}w)MwWL0ym(^x9k+*qy5*i-8WPA)g~D=L%zN+1w{ zK8+P$PY3SUf<0Q2Jx`av=Rg|4T2c1^j3;6xFN3Thl~l=Egri9_I32Z1H_z7m54&E)`s9BoRxB`K=#&3<*lv{yS$KtFJ6kG~in z_ohll8!di`K(pum3XWxQ>c;=o&@x1Fg(gctgCC>PRPyiH{0d-pA*c`cTiz1cLEhux zF0xiR2N{gyFB#u~^5Pe1j5d7qs4r>doZtI3i+s@4d_>?|`q#3k8SKR=UHw_iJ?EjY z1M^PzDyeWivqu-3K>`aT0@VAEb@gdZA22AFq>lnzP$UAC5FnxRk0@;v71iz>|6}_a zrA>>(9}tkW?DX@0`qbGr=<>})1~J@tM&6 z%QcY?3Q_~ozuQjH@ko4(m*NrMv?6UwR20Dn0-I*64i`+9cK^fs3(>0Zf_Z7h( zT=9zKp6#D~ij7IFSv@{?g>@PCJrv*#&OlYoworH@msR~$lUj6Yz|ulRLb^8mRdQu= zVKH+9YH2>J(A&Ec}v{m-j=-}!L) zG(Vj~(ddgfjiSkf%ld!@lsNYN-vd>=|e6g?uX1Xt`3KjD$jByrdd z8wG!ML1|Syh{UX<@l|np)RRVCS7;es@z?C610gr-K8M58)6$i#FTLEQNI>Yzk^!~` zue3>=Px5jcpdpcMsoeS;Dn1o^bpCt(aK3aH1gUMf@Sq@?^nwx+a%NM-{qon)xEFOg zGYU)q|BY*-^i#1lvj(D{7k0LHXdZQs>S=Npji2$tS80toH_p!9HAZx?@ahid60E(U zPFqq*VA9Jtb1=ro2(ozR=>M?fL1r>N`GkISxps)|R}nS#l`&Wn!3*j8m_ETWiH6Sx zvmIqv@(-sumTb1_mr`Sf00ky29Y(>Lcd}YFZTS5971Q;FiU(@ewG!fSn2fM4#SV() zH5bG~iRQytv8R$82#zAG7HlM)hTJd}32G$~HKL1d%!wF8a?SWl&wexbD)lUnO$% zYScKl%a?+4^UJF(KJ9x@7dUc)SGyrAy7f?W-(LWE$nEVPdw%ZcGYXh_gJTE?;zZ+Ql%0@rUP?NWxT__ z19%?;M2ui>+mZGpwJ%{K1i>cfZNrN@Rq**s(p@XAf9eLq*w!9pr&(HWV!<$wAyf9s z0dGMQ+c4->E^?8?kt57xnj}uo%YqOAiTD**uMZ;Ny9V%S45R8EcAKf|){)jhEUIzZCG7No2LunL|jy5ckcWr4) zG=U_~BO)p8p3j^HB0Z4%jorah;A8|I>%3OTke$);j8{QEF7}x;O{c?r0jh0rg(&;W z4G7YYPw2mL1qkF}py$7WSy%fKMW4~%@cy{woEm!0XbRt{8?lAS^^tF6;D$f(7p{Xbf!3e;C? zwLQ9R8@(Rbn5>6OVeG4QoqqeXlW9rW34{(*;mMjzlW=wfl*)ntOH}@jA(m~ zj=SzE-Dnv5p)nVxi>lx5c8ey{Hj@aw@13D7eD+J`(X=}-b7Gau{P+EAdCiVX_4OwH zJRUo?Gkh8a0{L;dGJ>y@K4w>af4dvd^sflTKGMaFCoA4?I9BtOEjQ3&Ie;59)==;E z&j9iPuYRPw!Xd@*W#ktPK~eW+e2Sxw`zr#=O6yz<83gA5+rdWRYdfzYf|(z73jND; z5~13_L&YZB+5jusNPsqker(YlMYQ=9>A;fyw71p)%c}vkA~$O)-1AG-%;nht2)n_o z2LirD-SM}gXe8ytn-0IOYH>SRZ-BRZZ~K9VQ}<5mP}0c>#AnAHE8MNY@%f=>1(^3= zJ@6fkXM*|b?eCF;e#w#jun6SeLh|08-jG@DizyPBsvyiZ)w#@L;8)r0%lBkFf;DJU zy;%mQ1vK?3VqAh@q8l@e5)z)crR13L|{lrm}bHx*#=mM(tIZ@c=8mc7%b zd%`vI!fj^ouQ-LFIK+R)Z#W6ePtDmS3p~QzCm-N;5?yn&eY$jYg*JKSqPR@=kOV}r zs%?(@TIBC*x*nL{3Nti#!aN40FVfj=yIVs-NT zgV_WI0Wa$E8-km5#xF$|J3o?ajCJr5wi6l*kYfv}GvfZaAHBEf^p=OA>X0I|4SymN zCI+c;F_tDi>CUeN`_*B0(3|0{hVHre`i#og_dAZ9`E|$x2Rbl^D_Eax_6iWTq4&W~ z9^_O(_wQ~riWDVI(S8iR_@MaMQu6mo{8nv{mlDcIfj3b-CVK2ytSiIcI=>vrT8)DV zmFH@qkwXC{Ec8m)d;Tk2W)So#l@eQpmx?;ZXq*Xla{zFQKWFWy1YeE3$Jmn)77csb+%nIX!0QUj* zrdP!Lq*!g7kgj2tns{yI^tOv^X=c?>RS++)-)GXX-)!>0G^uzryO>A3B*w`7?H7HpEO7>Eq`@iYgQ5FzzN zf%I5PR5DZ2&J;6}Cs`oKgl?JM{d+vvsAL$Z?l>dZiwPmvxf|%y zV*d#1m`ktj5_K1EgD!%oS;n#_0)vQ4?XdqemeT|5%ZQlfzXIfLpqt)?6}4u zCibKA?Tb3YtGzbLWCGq%$2euRrlEcWc!uCY=`sW=_zAppZyvQ{!@78|=SH$;^Q~z) zY&#vL%}Ju$bi8CpfL&m6c(V{N@%dTFsK7@uHhM50>5>kw&Oz)B_JbisV(OIoe9@+3%t{$$?2Q ztcd0hQqz5JOPzZ;c0cg{Xv*4DrUn8_qNPQ%RQ0c=Wnix-D73F>kk#x*p;fOH&pm_= zb()Cc#OuL#ZQ(6@1NN7)no$$CieP9&D*PgWML`cf7>${XQFvgIk@xC-QlJUq&279N zLhsoqC)kgKX_&fA2bdsn5Nhf9xrND0)~iBLFpq#h%%yL8mNZz4!tT4H^p2p}$ZcVd zFY)$&p$sPAVjjzC`4Jyt*}s#tyx7$@FX3Xf19#Cqf50aeNFgAgwp>W@1nuf9+ZHXd z{%QQ%?q`8jC0cG9RC1(fMXiwrAl#567HrC+Y9F`gpWIp6Apf$_ORmwI{psw?K#F~< zzb1OT`zw+0#YjE$X=yC-0d{GXZ+aK9(M-xIBG3=}jFMWNLT4O{1o8KGhkhM8um+#! z)I?nwV^)y_tqyo1r!;k3kV174kJf^=Qhrd~tnURlu<-j0DXhhYoui{Gi@g8tz-NpnhZnY{% z(4gKiYCu)Rue0HB=;Ws#>sx&qvGp|nc~yDUraPe@Vc08ui7Y>g`spCYfLg%9Wo6!V zX0-<qNi!AX1 zEC8D^ODxZ8D!xP>`_o4$@9EnY&mG4=wJ34H9Oa_>@b{`Nf;L+tcrGwcqlXdAxgdka z@-0erZ(*9i6s(ec&wVDE*+~?oHQT_R`IpTyW`yE{58+>Yt0)AQh}NBm`Ah+sj_MO< z-*FtXRU$QJu-0$R30Bqjr;1It$L;fE@ss~h5e(Bgoov)Rr?L-FEidmO-i#fQRPc3r}cAVgYEs)S_zO5+p%`tgTV50Ggq5|J6$+a27v$8tA3W=q3Ch z_^b5g?+a5*Z$U8%%?2SdvW97n0cVY;^W7u!sXP$cP9UKBC5E|}m-`jAC^BPf5@_@| zVm*83x+7R0HCL9y)g-~@nv;#spWl{T|0JM>ZS3@G>T*996xZ$|JT=6Ihjf)YpmobC zA;eyQV1CtRQg{ha$@ozs?M&8h{u^oz4rO-*!9R<1Q`#gFPn-&V$wZjWP7YLtNhAF> z2~L3&cMugb1DKsmIR8Y;G@T-)oVA(j^;|z2LU3FgfH@(<*J9>3Z^6CqK&u4p<|dAC z*hZ)K3Hd++%`rnaj~a|WTl+#RJl&{3se6;~E{oflK>pyg8F!SQcX2_if z?(%c9Xq9E}WipAcu6du9lEMR=PdY38nVccca&!5@y`3|(OG=0uuV(wv%E4>uJv|53*zRD`{k<1Cd>_cX4l0AY?&|3 zUQhb(eAUvIO$T5-Ib@;Nu#WzA3;1Aqwja?MJ2mWh45@hM@8C}6Ye8;IXD)j(+t)#{ z^gd4;Agyl!=|vA?>GR;lRq^uaqCUvnVjo=4BK-`OAs1}ykgV#Rv%c>ob0EVBUi?A6 zayWmKK6WWNeJ-5cwEza4X(JzS4b4b8vV(3S;@r3BWz@)>I6-OT13p=Wm2CvCE7QJ) z5X*O;h|~7zGMLKc`d{Jzmj?c(h=#7k&aWSLw)Qvtg}lGKHD_5}@(J;C>!&&-&J;AZ zrKY49vey%6Sn)3~KJgn$j6Gp+C0t~`a4@-SgmD)izm#qQ`^{Wjlz-bSpN9W_0DZX- zWH~$~%tZtA`E!0QKMpeP_eAj%0c2ulPDF>Xf#8bbgT!|MDB;Ru``7 z<@5uIW_E+aYxaw?EDVeQJw_pM>sr%sro2}Ecm7xV7!(*npE z%~RSa;UA-&Iw@ZAX-uqEhZ_n?lS;js{uctB>F_BI@zmdP5U~NfR0Jh{*}(usK)Szh zC~#;)@C z`Ah%JC+i_WH6Ez3jPOX)%K#&9Dze#Mw^aJ=WH{t2+3R49bRypK-05tA{i)p%QPH-+ z1y7b2;58%RB@Y^eWQiaCxz+ncro52CkHMetq^OAt&-v%o%82WC6|J7GJ}Z%evvu*R z6ZK0ZH?NE@rXGm;<&e;^{m2BD7AmQubiW7Y7F@*^xpA*I(8d-@;{yKnX-gG}WYuN< zYnyx^=xe?OpXY)u>D}9Hw#|OJ z#JPcSuo3hbh&Kt4kDe=Yv8j@{jSbFZ{)rw3)f1)c`JeG~mrq3HQr+bfk(wt=Mr(7> zznkjvXUb|(KkAvGHH7$ZXNJE77`5dJCnd6v(Kbf}?)U95nv|{E!B{VILlB|H_|%M( zCC#gpoOCJV#Lwx0M|%T&uAJ4rDL!n7xr9>vy;G?cFV$OxJq%1oU0(gAJwvOsD1TBs z(|a){+7=yN>8VF2meknz7~eNuklv=5rK}Jt57}2KxMo$lQZ&uirkl;h1O*BqtnI}x z%Q?!McjjEY#6Fgo>2H?zQV(4gn>D!;e1X`?j>9^oqNizjG60OL<%DcBk z&j?70OB`e-mW8cbG?{eDHoEyQwZ+cttHx3w!_|djKn&Ai_U;|C`gadut;1nC1WdmR zZ`UFbOKD>zRJHJ!$^E+_WAGRbU;hsyE(dDxw+;P%BCJlh| zPM(x}L7t!I@TSwJP4 zM5W1SAk%nE)5u#t=ae!)em*6XxR3(ExwJ`6hW=FB5>Kf|qXK_l$9S0Iw-NraQ%t7j zlBSrMsDJZuo(pEP3o`5Ieuw!FQ#8whl_(NOzQ>jTpq6tu017(Ea3>x+EVT zdXvJk^|Z}DJ%WcVf-7`#&NC!=V7?A8mZ*?mPwQwWy>yx*T&MJ?BQshZMh4$V_z9f5 zFQr%o5o_;1Bd5WsgBC>yZIvXPb|$`f@oH^@DDoCCJVyv=10;0($v`!S=>GE8fC#n3Pa4!Fc7-7<}juoO5*jWD`7a6fA5#WirTSgQ3T$D)&UdB_YOKKbk5Du+gJg2{(g;) z9^q%0mLE6BV6wBwM1l9HwLfqy%y0|GZ8{O`wi2!#>-=wlb*n0X#Q}ZGo+P9Xs3r5k zT=gXg7>UHxi6z4OAf)FF7K^HUYXJBL7j_ATxX-kmJ2-v=s|~{-yX2Sh=8%TGImB|I z!g8a2xLHh@0cnST-YQGQ1?;{F*g{{5!@e#f2IU3|_?1rFPDYe?@?u%5 zurPn&2@!^fixr3izzsGyfNo14#}8pTCv~Iic|D((kD;6v!Kf3p4*CmL3QO7N3*0ka zEfAy&%uxcSQZ(utTeadyOIARLrvTOB$TO-F&-}&L@Qd0DUW*i3dR`j%0}SpM?mfB} z|5&^GjFuXu<3V<~0z66;XbiaO4{Q`)llj|!R&RaVf3fM8BoAp_Q_{<#W3_%QdyRu6 ziI36M4cVA+p5Ra5gC%Az9!T7gp*SA{tLq=l;@VN+SWXYmlbWMi6eHlE}x-qTo7#I;>hfup1a6GU}F} z3?3j*>!hU^pO}DbjW*bEw?Z)aur5*nRRPW(|9R5o!0qW~F4{d)JN#(5vdXaNxdn|- znv<7C1B3*WGYD~TA}-K-HF6QcE>$=@iE2>|a3*wY)NtX}q~L878J(*(dU6Gl_=(J{ zwl0SUiWq_T54`|8i1(cMz4OnRqsFrcfjyX6(IeG(sf8Q4S+n#cq>x4`9wE;uD~&tA zn9@{y;=3-zeWs-sz!xocer_qKuh*wrT9TPBKOvL^->PBo)4o2(f+puu@L@(nl<}t2 zTZ=>^`|Q6A7Cvm28= z+!jTG`c@|WXP$TRENL^Ni4;!F@?+$}+%Mzo1wYS2WgO4ds>0|V`05IHh>q@g{w6Q| zF9LELoiWnDrrF9&2eN(;dIqZI%36s>3%0j(NZK%7eV;7AY(!;Z8aKd_8gl!`QF{Hi z@f{Y=GZsBFoWYB32cYzq*Oe}<8n_#Dm1mRU+y$;sRac_$fo^N^mGiWj;^!RL-&fO0 zi}nzfjwVDiE@cW4g~2=%x`SLrUP{)|_wggCS-*b#0H#3`3#;VlRfC@;+?Jq5pD|Rv zqPSsQ2=dB`dc-Mdks)z_Q_`Z)FYx=3jDlIe=?SSz^#0b|VuTpa&$IMn<<>Gad8l#{ImKN3ng9f%<`^c1^-esHza+cj$5Pw?6|* z5ov8C(5t?(D*LT2Lx|@SeQi%af(I0$r?_HCdsLNk#dT^j< z?Mk%q)oT!$#+ZI661w~ePx}U*Y%*R=9 zP;U@vC+Y);0#V*Ua(z_z27a`C*pg;#d<)ulcO}4Y0|Ndv&|u4UqO40^@qZcTkZP^wG=xJr*guH$)JojDs zHwhB0Sv(7nNN%W+^Y321w^ayAt^1XZ;qPD{1?6)Xf_R?FlytK)#Z>YKvxaoi+QH& zg?$CePFTnTBK1`S(GTt+WHCXgj?r1MevIS>X}1Yor&kyUpdU^BRO=j8QI1W#I&zTQo_H%Zm$mf+p85gAePHr7B z(~G~008^kg?@t95@>?0);UNxbJ%1%0{xTTAVNjfEE?5Bo2h{;8E&UMU*lIjy@E$VG z6gPx`1ytr2>veyajrN{( zya_rE$;Dt~DC!AzDI5VzQJ$Gm{IGMBB@OsW2LdiWr?w<`)Q+!B?lgc6ek+}{qoy=J zGd6bg=}gLGt!&6tydx4vyZ6Ow>9e`XiFz8S?ZA9QE8#5LT|P#u{qH;BK0Vsd z7j9EDI)w>of-XNM#W@P8@^80gdrphHuU)3yBJaDu_`aC$_!-mt{qi$eDNAv2teON$gPN4uWq(0tstIY4G?BuXcoAbSXk`9NLC%UcAMf%iZs%f4VR9>KTnW zV5N3s6MFMQnrD)RKnFGt*lzw-%B6z4KE{a!vc&?BH)xB3u?}OaZaTd@nw1X-kYFKA zWB{sIXOsK7n4jH4zm$GrTPJ7~SpR3C<*jmmJ z5dGBK3lmztb?j0P-Z0u3$9d3pg~i$A>W|6{`lHh@oX92c3Ks=uGqv_F9w zS5@N$m^cm@P(SOUD8EfA`CY%s6rc%IN=BOh`$m$;j$p73;9n`s34K=i>ISiJQ9_n@V zZ_y@)=*+GVVpmpk*f_(Cn}20&#*x+tW|cchuaEp~De z#_y!bfBRX*Hfr8pt@yeGkUOpQlfoJ;8q?$tgqH0-_sCk~t`^g)M<<{pI8ZdEe{7cg z2Iuc)a{Oe^56FiSKUOM>$g^%<>CxJD-%c~oZ<@ae3r%s+eYTkRh81IeDgRL{rgyi! zld6PgE1M=MozI;81!+A9>hs#ne6z<=2K8@&3j=qElhDI1 zQe(cn(Hg*su+i0on`Ha3WPEc2X({z8+zwSO!@q4s96rmStYHr~c|5{Q^M=OCeHZ6& zM9SZyz;m_lUW?POp}?KaWuR8R^og(V_DZ>b^5LKdC3-b%^*Nqng8AsT0P_YvmAY5F z_OoQ~b*V((m84AljF0Ny`keqH;k%7h&5;cNe0ja%{ms*O?Z|t1`}-8nG*TF#T&CM+ z?YA;3U8VfFv$HI-NQtjr;#^h?7J8ypf$2aNp}m1kGQt$~41mOEBT{d?bIVa()27(= zn`gy7WBmvQS2e40ze|@dUAdE-Z)@ZW$+R(k^GYJb+WMVWZ)DMZc*(N;qESU@w}wn} zz2cXj9Isj`lJ1|7eXABAJ5+x*#q$s{yL^;4qlPNbol`+F+$^7?+Hv|kNhGW$LpEhp z`2vBiJrHQ`xRpE=D?N*diAdmeI!=NkeCY@u{l)T>0oDiTxjtV;lwI8ETMhEO^w<)a zs4(bYCw>6Y*nKu=S92f-(EK>NoLRs8(QmrL&8warHqya5mcHBDl~{FOQ2MJKDT;c+ z45&Zsmh|PM0CPSe0$K;Mal5xPPBX);Pox&VKmL2{Pqxqb-<_$KTw^ERqVulk?FfB( zP4Vj9U?2mLVjLIgEK6{6pAgM^s~cfC$lBS=!Ua}LMg@lYHOL2chT6>6hY}bAM}Rm! znBwjdTm4=Et9d?WPkKe3XIZ zC+u4;?D+>WeF#+rNUlbQM~Q*64qLboRb#k)0fKkKObj9rN+bx?hR-6afb@4CWy9L* z)^wy#v;ur-)$&S;w%Os5z43E>d0c!^go+xA`e>uuu#dLUj|-$eMPN3J(upQ_F^hNY zKs{f_Z|K~Qkz0p*6n*>(!L%WoP2i8n(x>r^JT=%b6vdK)p&x-!R*0* z>6vxM8!&OhF1^GqL11)MI^JF7uV}3ep?%qN|uO-PNTvN9}l2OYr-1 zw|pcAtsuv9il9lt8_W9Ja;Qt}1x*GkVvjL*q^)OTB6}&j z7mHwUyvj3QuZpZ@s>K0tIL~a4j54cVCgkvst{uFEpCou8=n%wm92H4GSLQT60R98b z@vcl~N4X#r@_^jZRPa; z>b}YUwTrUBq=pRcpI-zSd}#;A*8eYe>c6l5zW)3A@9Y2XFaA~Ig2Zrpe8?ABg}wUE z%m3REG$aYZP*#xtLSQ8Q7gpu;zcK_R{#77(ikEbOK@|2s#Io6&bo`%eGui33{l_sh z|C2fPZ#nKwp6=87Up$nC5&!9m&oO^{qBA?&t^MB*|J6fjSUH&k@e73lY*>SNW-k8y zkN4wP7X2?fTwp1)-x%5Zf@7N`Eat3*8j?IfrD5lUhnnCCOhbS#2MMOs{}TBScx8wC zF*>jD(|1Zs0Sf=atns_&65JP(P?r+CWurlq@8{n>o$=rkf4^s80L3oVC~{4_@3{(T zqm@qVGDPha@oV}V%V+5OGw&Z}1Gfe*KnkDZdMm(Yo8#tv)ke$wOpdxNj=BvFx-4&k zjc2-yhN%_qKmWB@ZOdwxw6psW;{T&R`S2NRSDgy^b6E{_7HEO$kzyha)w75kT4|L3(+2N2 z|NT4P*N*?R$q^&;uA|>?&QU+TWzN^;SQh?{{F%G>ftpnQKsi61I?BTNa2>C0MjiRI zIudM22>03edGtp(jDKwU-7^V)tnn48=;zFl@0s)e)&_#V>;J?9eWel&WvKbS z|8FBy?9%W5z2BY>(aP|J3Yj5Z^?Ky@{}DrNhCpX2iPt~h&(VAKzxBa{{2>_rpN>0+ z-?)|h^Zm?Avx7TE0yhcc_8)sh4B@;n5l8Qs`p=mm*T2Qgzm4^c9p`55e`1FFnsI2( zuYKOX)${*XJN-uzp~Qole`2YDen#`Ry}$D_`RVzKC5ziGi+^K^`^O%a)xl>X^+V}@ zzJ=t|N~>Ik7w?9r?8d|T2A>ngBM_$7tp;Bc2G9Isi=3a$B>KEI6QTIO@>%KAT0?T? z1N<%id>F#t1o6*Y!pC@V@M-5+< zKAp&$Z6O(+D4K1DTEd65e3Nt97&2Q^vb;Z^{;&4lI7Wj#d9mT&+Ux%J_SFB|_VnlN zJ4gS69Um!pN2<=b{FyTZdolGo|M1G{RpHbA^S*z_*uTI3J9hWk@YfHeu^)^i)##rp z5{s-62oVT^ln^XRl%%JGSksd067pD9ckR&M#EPZQqX0XA^w|6Gn>`(A`-~COa=vQq zZe|Nrl}t~i?6f@(ea=O@Nz$^5=tv#jX1d9o6Y6GqIB-J0SQ`(@t|}bVF{-M;YHjjI zt>b^H?(1hK_+Uu)@wp`96{Z!V#EM}r-OU`O->=@>I7e5^5U|Q%nUp7xUe;DS(b3*$WA3{vl!MP&F`1AHF*V6UQW+qV)L&KY^Q6*xXuDqm%|FHL`OR8gAf-v~|q*=a0bpH9OjPyYBkY)7)5Q6{- z1Y!_fZO1er5Hk`8sjMF8dyamwUTbfGM6ZBDywG3BEyF#TQT{@R`Q`woCp0`d>bug?N#^e%?CHuV1Axiz3xM}*rY7-d8iu~=EGBLZp5?}4LETb_8P1GG|=K|muVTBK{Bb{jQW+yS}P}PwwKcm%P%k5 zgvqs5-vvol9_?qH`toA8rd-t=zGBX&Lgu+8T&Ev(akRXN=s7 zhtX*@=ua46hRW~~F1T)E+gg}PyqP4DdfB*YI6O*~=CUu;T4DvHwXwH8cT&Hu7~5*J z$!g7b)02c=+!=S&cEo_i1Y4iZd+O8`luGq!FSQ1T>8=G|r{`vKVx1FI-XaUcaWTTG(A`=PCzJOlOu~X{@yC zNjgZb#vY~O%oiE1NxjxyN*$SRi`mSYO}DG79*uRa3j5hF*dA%E&P0v+E%h&_(?OgM zch~sho=%Rtyf&#}%Wc$q^LF#L6Qt9rNYBIF@G#T6Zsy$#(#K#fuP)VM;b?ll$0y4f zQ+3)(Wq+t%2mCs!RqFP>cj_M6(^}74RBrv2rVlNdsWn^cC|mSRiP_5?&as(b&U?3h zZMf=k^`XjNYjN(0_?{zWy%s+(YnoWU^j6J2JI_JX^XKP@PtFqKu&LGbhJNbl1E+mawVU4AsN3$bsk4Vg|L9cG5q)Q+p9QliPX(&HJFVI&rJfYnft!C7ux#$h%R@epI z<}#f0;$3evKDjnSm%X+>&limYjE$_<;iw<+YSe&z*{qEjJimvrkw-iINh;2pZGC#G z9#_Lr5vHT8Ngl7sOt-lM9RoTKk50%0V&%p0wblV*Ne?9YB! z$EDOYqcxgrM(f+eXHKg&9qzWbW46i|7HV;@bWP$q(FDg*tF0`Xth)kmyOr4eS!07( z2trq#kVEjA_5C`E##1-m&BLTSQ-g^?-mP1gORkOTv(sgksZN+)0Ov+0dRS~t@$^A+ zJ3HL=$x_%3ot3(hsOnzpZHH;ki6Tp5FGKFs9{0$&>tVihvg%~raua#as4Z1u+mR&< zyK--RI-Lx2o;20wEw7!G*2YYWsKw{ozS88jjmZZD7fkdczs zW_qnIFGbzbEOuG-%~5}?o|pBC7Y?kV?_9ZSy?Sh)VlV5|%}%>2k5*USN#lmni)E$N z;q@JV&{p21VCTGaGApN})mdJSv8~Q`8mk^;Ih5x6k?Jk&WpB8Wdy|zSEw}1oq-^?; zJvwFmQ&^q%a(PU&b~n9T zfj1S&UbTUBbvx4HAhSwk*UXgVu(fneBj(z5^Wtejpm}HLF10$cEF@fY$%Gl7H|x&9 zZdFckwR#>euj;lj+*c0VMIKh>A+OH{yx!dnb;UeuuEov!GJiSi-R5$n@kKN|GOgyY za?>2G;TGa4---&)vifGB1+YM)(fadP6iM6jzR_7(C0Pp`PGaSn~%(sudSlM^RM8$0Ie9`Y~{ zubO=oTdhqm9#rSUb7Pub$MSWdZf?i5yF1)AQXp$5L;pn-?hU1PdLhJ$g9@lD0D(D;jrZbKkpU z>Mm$+t;0||UeCVjah1IQWRIK{w~hI{dp$yTpA zX;qiK*^SkLZe7@(=6&Y88!c|EKE0&PH0bm}&Cx_nMssC{dTFQ2OIFtL9#_v8~u1FzWW$+jA2&8L0iDW0))3nGN=* zxV`X$qtuOCQoLNYcjNpR%GJ)TT~VW9PZ?E;e6-^oyIN6`l@Y2&*sokC+jefBj@Q`* zL@ZX?tb6UtCK>pA@4B{(ePrhe|a`W7qfaAY?A31Vd`dc zGBE3AvEw_f>wYrWCae(j__9B3C>nEei~iNMK*l<3os&Fl ziMzSZPL7^9WK;WOby|Vq^bgzP=-gL!CrfLem&>VoDCD!xRHc~LmR+x<9>vZquf`Z6 z&by84DH=#S)z91M@GLNwuEQ@xkaa@4vC=(}UkLM!Ht#O1UJUed+&oCy$nvboez}k< zvv9O5E|u-duvTMxd z?!3-iI$A2D?m_dmX0fMCqOmqjnMPwc?aR}6H8?dv_d80;{e`=AdsCZJ+k1U) zntOM=QKi)-gTBtvrJ5`n#2RTVy)Mf(jB+yaIGZdyX%9_6n?$JEeHMh=qC12;A)Cx-nhelY>m6K6`$|xyNf1w zjLWfi9Gq&Gn&|Dj)^N5_A~VyQlE6;*&21ZOC4kwQ+HW6thi5kFzNZ%QaXvUN=DmKR zF!Q;mPMP!4uciJtjjG<*W^0|!LJeDz=M|B3m}}dBJIGGHm|fkCR53?9(+Rpq`7pSx z+HTz+Zuz1*Zq^&MSsxTVU)+r9Tdg;*46c)!;m&W2)M=Z!y482Lu{2m@_T&)S($^xBX6rxb!baAVEmr(4sow~YM!~lOt{Qjj=|hvdUJ6m!&FW)iA0OIU zFLyu}JNM2_?bbOfYL5$M=5#r_2|TRQDV^^Iz9Wn;qe>|4MdelnC3aBVacWZnc36P0 zKEGM}{sMM#oGy1=fOA!3+Uo`AqHsqFf@HKj`MoXc2+P3lpSL;-ye(jrp|1u9{_eWmsCdMEQPRoI}JTn(ny|f3J zeU_Wvl|Rm#S2?y9r_NPKBhfWMr5wrY-7W8=28gtUJ1yqbS>h`_PTSbixtbmPL9`B= z^(MELa(6Rtaj6#{Z}a%LZ*R8#B2FzfSX=@jYLpmjr$f`jotC*#lZrj7`a#h*xynDDQ*YptV z(;y5w!&zM6`v)g6Az2UWo@4GN^zFeirN{Do!jKpbM;!QeLj!G zqtR6x*L^>!O*?{p@odK3v=`k)KF&9TL{Ro~%Q;Nl!OG811An&?I!Ci3s?%fCj}Dr) zV7zKEyJ(fr5DO)5GLGD524W@Ps?+^B+ykjey6t#4s9%Hgin*;@B0p{?`}s2MZT9J8 zSCzJBrgs&$`n6eO?4f*0^=5_HC55C7%zdL`rYhrG9vdfmsJMemEwOgD!i%l;F6E_- zc?AIM-@Ji+9*xsVhh2bMq;kwP`Ioo*+t0`t+wRL+HbFi@wS_8ivEV1iJ>d#s(Y=Zjk$M)weJ^&*RbmAxLOx>liR?v z>Ki#7?fcQyk=ELUxfqgHuddEHGYnRHb$D&)_+ zZ-%0L3{RD1L+AvSrkpwcX!_}>dX^+^8OTnPug>Sanb}&8+GtNbF6=gY+WS~gIGFb? zW*sCIVLyzvljE6hoE2{p?&^Yj9@gD`#h6rzsCI1ZS+71AUXyIQpA_kNKdq{PJ&juP z<46d@o7d6nJ*-G=ao{o>kes>b2^@NeC*P-35ZBLV0Pmzw(T&VWW zo-6X9Z&tm=Fz2}@VCSv2ZUOOI%id1EdB;L-AKSr+lN_TVUFAV5QhJwYEDAxtc3#L9 zx2Q9l?H-tDbc!u!$*vEb`S{fBDD@pHTx;vX9m$$MKHoqp+SMc3o6V$gKCJP*UhmeWu4JcIC|UU?08BZCI-OTikYovnYQXJ zo5wxq_BXTJ1^vDa8k*|$#+U=AM)RYWySv`4ozA=cu@Vg9>0zwSqjb>*9w2Ggy~8If|chczPp%i7lV!=hiO;P$Ln5=Ik(Ip6I$U&9G@e}?YZjoX2Mw4 z=gDw?%W|`KPUNm51#)IZn%Wh^i4WJdx>N@@1#oeaw*3629EXc)VylZ#b@wWB zS_e|wJ$2_p{oMAo<;Aj;`es-g*bKX=_Pp-kRvjxaDO_m{+y2&m14DQ zfr=n!9CMwjF{jdDAvmv-yk4C|uqB&O3l2`G(otWbO);O*8(L7ABmWpvYT+X9Tn#QZ-q#rqb#kQ-9^-kjA zgz06fbQu)YQ{)FlkZn|Vlg>)nirX0yrUx=04KH3zVkP8inS57(;i#$h8)LPu#Ow_`YP zgZBR1IbTK75$f}`Q266v~7EB&8D}l z5ii*3Aic52bQ(5BecRDki<81QnF^y}YE*jb+I)L329h{B=LO$6S<2l4jExs#2Rs{6_&?ewO5-`cgcV!YZ_ z9DOovZ#H?rR~P;{Vm7n!s99a~w+Fq#-2{=H?bd^n5V3KkG1EIue!FA2V})&v48IU5l#c)Uz4S9;bucJ1=az$r^U9je3d3r2f&J%xltaq2!u9P1{bsW`dq$x0N;k zRNXln+g^9x+zH+!6UJkEYsUQCt4>F?i9I~)!?2bFqd}vt^M2h}O|&33P&fQC>_gOKM&XGMS_T$JsiH_>^I}7$Sm^HSwz^ggMCG!V2dspi> ze3i5FYZ6;yC+0S65*~)C#hCjZn=~(uw7txx@_tq|6nm(6orNCO&QW#7RNYFPJHftC&e}jK|STv<@RxKMcFFv0E*N$_aEaW!h;c1AZo@*~HWj+GNu{^}K1+ z>96PMz?)Y3Tx%(;I_kWrh;?B|c&F$W)Q+Kzk z#^D-PqmIX&G%gA4wlfS@3?FpYwcglclNx{4wGJP}^X1B!jkB4}dHt*r_}x<&tF1w% z$IMl3&TH4jwS7=)C+%o#`fg=&8Kiz+h}rJAUu@g8qA{wRtWf2*uHCN;V?%Avjk#2v zYpTlHiGSSOIMxqEk(#5 zuRYS5HD{vlbS^qh_}#g2n%?50*J}18p>@c&GqE44UgOZ%96eiIcc+@;O$Ra8ss+WN z+dR*zJ;Uu;J*nl@8p)xZH&f-Zw5P6`T_b)~b>n(X(3r8cpVW(i*f4dzRyoE%A$(Wa z>X-D?^*ZCw@nUv0-@Hmfks6@ zLZ>tH#4TEz_4*9TVR7g;r6j1y@|j)r*`$$fYFx9}MYA5;Y-IUB5d4`d^*ZB`s~Fqd zALbLm-VgHnaNb^eGj~xt7``|>Yx)U5A+oZ=WXV*Nox%3!mwj?uj0crkjdMKawB3#^ z3Bz7fspG1_NZ5?hd^u}%^!j=|RM*j0WO&V|~mgTsEAI+s&;JdX-yW6M^}&J-v~v?8Rod;##)e9PYfzR48hiZ91BNX=M9K z5+&ie#a@hYl#H28SMQ#?t>&f`xA;X>aO1{e?m3}sNkM&AC+%zvw%X;-hw8~0fc89H z2DYA!mN8p^-e^xps;aIeVIK@<+eW9>$T!X0>h(KZR~F-1&7F+hOV6sX)1`41?76ht zPxSV=Zx-6x+_p~KMmMKYT+|mfz6)#A?rf`|U>@g_hL~;TR%Je7jx~@6Tp?+$qjfNn z>xCT0S8p@Foi4iNA3OeXK0N_HuNgJzD&55M%3QT(wQT217dN9ixK^uPHLDvx>cQ> zZ!?+fVKA8}qjt@7H!;q^8QZm0Rpt*z!sx@Z9A zhPTNO;B%H&j&?h$pV&;~o7YaH>=QQ@g3&bXPStCa*gbc$Vw!5rtm{{I#vSG6aSNn} zH4cmJuxQWJ+H}*4T4Q%DrsfFveDydVO{9wMv5~NF8{O&P;I*A<^*VEJjGN8$G!qx~ zq_Wu^5BYu^+fg(MZ=0i_~`2_jjLAo_@%cqYs0pn zhIXZ&Y-)xv6^P@24wfo}4@WKwOS3e^fJLz1wbW%~7|wK|QpTjPAGID7VbR4(3H?n4W`v)>4tk>F&7 zlrpLtTlIsYDud2;Ig)c_>$m)U(OA{a(^V%eTtAkSt^!nWaW+-ExcCDnt9I+cX6*9S zwKEC!?dgUKcehzR%F{-D6{pSc9CS|YPQTIXf~rv$t<`Rr$Y&Uf&y3n*6U4(A#wIC2 z@5WRo6AQ3v+|6o7;@ed7fSdSn+ens`P0P}zB5JBHAG`b8^0M>l`Jfvc*2Npl1?jvh<^!`jjR&LFZPu>K?uyy?r<-f% zQ?YJ1dDB;iXTWxGD;0-}$P`$N#PwOZy=t`vYZLu~r`AkOtm7GEhT7FX97B<_4*U8N z{p$^hABXeQ?#SF~cpcrGpwCV-&av~}GG3m$`j{CH)y!*g&Z4z->+Jrt?9PIL%32r6 z^_C+OXjf-y<;Eg67tP+fS#Qp^j4}biF78fS)Ai0e54TKU?(3aY1o^ADwu|bu)hwD? zy|%=-p;y*`y@Jyy8+NQbKUY9w|RBFN^0{_t;udXhk=x6Y^t0F_?|FT24;hWWU@kx3V*xDOXwVH&?*)xq&`|y;0UqV)%ZT>wT{8 zc-^yE38uHn(LU5SCszrBbA6xY*JW)pKJAugTLI-$iw~8adKs(ZZk^8;64TY<@va|O z!(tRB{Z6mKU6qbFoD1xAly-xt09Zh$zb2bU$pBFfh~c<5W>01@-nMr!AhoG$5h z?=*I@*yPXaC6}$!RXnrY?sS={T1AQX6Lxo*x830+t=)>zLG2&rV>@UmduyoG(r`1b z*JORcZqv}K#l383xW~G_QMWtJ>a{x=Fcpb4g6XQMbK3(Oj>C;@^uHY zT4q#5U<+ML7Q*p58&9s=TJy5Xn9*g$gRZnVwXW3@=!R#r!S4g-GC!LGC+;TQ+vE%{ za^mH{R?-`YhI@6IjV!m{;hUD~wMv z#tT2FRCz@Z7qiF*;;`Juw@?h+cx$z0EkN_G#cYmi8QSzslat#_^r6MJY~7qekSUa19R^@4mT82wpuFCX^$pxHE|N^f^M?UnO+ zInEP9XSQj2o5ZQWuT5*P$y9l2vxb|UchO?rYEK(eJTM02@~(WCBx$=+ucVPG&Q3+G ztrz?;x=jx2$-WzR8jbdKwz!_8vo!ZR-aJgN^00cHbJtc<6O3CnS-KNG3Oo#Ss|w@E zs6K7C#cL%Kl2E^F8R@*9g~#b3o}aF~%&rX1PcL?399Fl(xV~C#tk%L4FV)#5W;LXl zoy9hB2bD39Rp+{FI(}@mnukNXty+hEc*{rifiaD3tqz-N>4SyLONU9OodX{juPU}G z*EML`O0Qb+X8XnM(pIa|Ne$ymu{DnClYir-sm%;WqS4)`$L%;9gMK;XJjb-A=Sd^U z$Gw~x@=cIcCX4J)NxMAPtPW?ZMd;gJYS$MXFP)et$EvsWQJs_2nRZ&wtq2r>d8*Dv z%|@#>?_4W~u5_+f^5nRyUf6i8kJk%*+e|^mk&i{Z1iVR9-i~IglkN`B!r2UXW~YEG zAu~PB$pR){=|gL-% z;=Eb&hIP{S;yCDnJiPSxyH%L`Gg+`spxLR{dg4td#qQXcw_DLBN!Sz9p4`~&t<`Ha zdZ*j0xlpI4kv=fHZpNp9xSQ&rUo*z63#&Rvlu2t`lRB-#@-&ARQn~F+4#Q2H2*X=b zVRX*Du9J2(a2xI7nmT^b$UCW1G#0DHY;w&ulL|A@HVN?HC1altt;sq&PKH^(Sx5{F zZ`$XY*oa!gvTfkua4*O_?346ZxQunRe5U(`BQuSK=I43dlO^ z<0j#5TGf^Z`=C4M6`=HI0`T<9WXi3XXf+z^OYwAUC7Gg5u7$rdru=ji*|pn7?Xd$f zHf|fC?ri4U!PwfYvtdVBupMg{wB;!?HceR;hAUS~?dzzuZF!?C6>ghoxQlMJ>#Exq z`pw=|uH2djZ|^hhvwyHvQBuQ`IlVdQWU>LFUW(@mJJaN3rp|+15*htwa;eIb+GJ5p zTg?#{p4aj*1cudL9NXg+JGSygb95e!#8@{f-Lq3weElYSHfLXqZ3;5f()D`z%YPYn?Vu4Pr)mY*8CTA>rqe*4BGMephHQ5B`T2%?wk`=hORv;9M?!-Or zm*#a^3FCRyncY_7X=-KFO=t>|tJOh2T&D3ZEJQ0zq-Eh~qsr<-K5`JFP~P zM5eo#hU_qO*sQl-F89-L7}>q_yq{Nw8?SeDcZ$0kXL8IeCnJ@)c)k5CXmV~ZaE|J+ zXin{eFs!zWdWH4)!%71IR@g5Fh18nHRW;O<%TOyS1I}O@W+ZCono#Lfu0|!|E{$79 zcGUUhQd1V!usFDEwV|FbZ8H{4%T3$eCc zhps%n&KX1IDsk17nrhV+cDtt9IUcuteVLq;eSD3Vi^DKphLtLJ@)zA%r*f$*>Z_aG z3XX}>>W-vhddV9%<|;OerPmzqs^Y1sjl_0dFnZ^t25P%=8qH=aMm;B2X~hi1t>2d? z(b?b346V}Ow_E)*6oW&?&PVo5Vbsp~)ZVj|!}%OvM}}LGkMV8f^upM@vKBiVcIx_} zvhCD@i?7tU3JNavbMgQ*y`mXTVvnU)^WkzK-ILX znQ*j+LgP4E?<(DKz3F*Dzc>%PVx#vum4y+9u>R|mX|3y3 zX)^Jof9sw4oog0vyu`UqSa#lQHtKnI-5oE^{oyjYn%h3NHPgMU9{R1Szh$k?aoOVP zi>j#Z7t#s@zG+vChUti(%W-{jV3VM)8Z%p6*T#BVKQ9Bx=ISGPS?PA9%yin)Za+WG zQlHU!?qV;cE9IItXVqq2TL;q<+snC@$G56VoNn7y?r2myJIC$LU9TRuCiCw0ENk1o zn_hatZhBQ!K)7@naQ4|gt=8-9Vwy%>Yo_y+n{k$a&ujy^v(yefEzI}qaj5#;mAn$T zr8E*3m)X%eG{SAY)jqc5{XyXDb~4pxnJjm&S!mBZmN$}1cN|Tu)68Cth8rWD9>vKu zZdOi9G3bmMjd;P07PW&L*Vo=f=la~p-T@jo3O62lv#?)Rr@C<+AJzG4z%7)`=(^9; zZQ;A?Nb#%n#c(mL&CFR-T)6Z3#mfd~*LU+%dTI%A?#(9oHA*B!Y76t!RHME%>uOwA zaX{5PH&j>}B_FG^?Gym7!}WB3Ia=3Nk*vl=-En+pzOzsJ{JP)+uN@>tSJ_m@ED5 zF03jCK|5Ur)sbCn>dl62kCUc;0g`{`znjs_VskUQNckP4hfQKwNF`cUSFq6ZquI(n4&hkWYW&KMOS{dNrI-e^*YgN+{#x`mFw2! z&S2l_$0nB<$#%FLSGz53Ijg3_ZsQ#Dr>Qx*>71r)22o9&?9O|+daSG`!l>JHZ~30N zE;MrxEqg#~&8b`8b_9kg%;jm#nO$eC?j5;cW?9ePY*b0})Z^jUzBO9~Ta7ifCEnV@ zoyARuGikCt1sBF!NT6x6S(V*KN_-8}sl2i>zUW1_^@8a;;j)o&%IbO$r7+UtaYb6~ zR7ak;OIGi!9jzy`^_@0rNDQd+(omDdb>f}Ym6YM8#Ht>?8DKI^iKMhavRdhQQmeX^wxv|H~ z3A^m7s}To8Y<^LfN?Pfimop2mB_ zU$W;`%f7NF16X1<&ng~p+g(|W==Lr;-2C0Dd!EZ{s_T1n&9 zXZ)TLwWFp4(kDd|f)rhcjQ_pN~rw>fhg8Bw|y_Y7B!#>=#~ zy!H0pY2gk}{?ZgyYP_$r>Sa>j*flfHNShsR-2@#|7}nRr6&s`r`M4PxE9G=i?2s*L zW^Gy5H?>;3e!fMWbt3e&Ty=`|v{P#j9djS=stMBSzI~BfPR(x)EKIOWPx{&fY+lZe ztD@36dKTKv`?bE%$RN%cZOD_KfVOj^eDkt>7#m`J=acqzVC;DE}U)mm{Y+0}cz+BIwAx<_H4HU;U%udwcF zBb+w1eziNny^*pb}tb3aTuN~#i^LQYSv-S zjr*LZXVdU+?D5zW`{9nCS$Rin*39OpThnV%YnDWcrLFSXsXO%t(+PW>9h6$64M?tI zqMtjx)RVK>Xg066J@f^-XJ$SL*26}lAt4D#qP<~ zcy`yEDt@XA&b`aFcBu6^eM`pO8SvtH8+05uI)OU6c0j*9&6z2X?08)pp~(+K+r7M9 z*PS!SrixG(FqdYhSM@`E&}`5>9k#+k+SG0r(e7a$Z{w;d^2mznE6f9}Ma`>2@FcZd zduBzGLiN;+WvtH2sWJpT<9NNL2%CB~ADls85w1abVH(Bt*4Kvgje*30v(A>yLMJiFf$&!t6T55{5yKy6S^ZeK#?D~hsrrFA9c8n6FtaDkRdXpReCOO(mc@{ZiPPzPBJKqtoGDn(oVIIq##$cU^lYZQ&j*K@eySi>Y+cu8Ae| z(EiJ+i)!7ftCQ_~TFr*5S&vVR;WTYqBsac0nuyKwrW-}kfB*0Q`Y#I4dostmZ_A~) zd=mnOdGkCjeDi|9bl6{|!~QBA z_E+h!zet4xki=SZhIHBhaHn!FBf?u7lF|FS74sNAk`w+`M`juAgpwg z#h3*F);uqG5bOX*fk|B!b3ZZ~wM^HVA_$!zG=jL-UTxi3a6o2l#G@<(!6Ddfw*k|= zq7eM)`A%?LbVi5aSkKK)T>vJgfM6X1A>X;PTY~*~oVW#Md05Q0d$$9`J;wK;U2eMp z?ep=QF#d*q9mcmk{AD2E9P~CkzhSt+SjY$C>}F_-xNjR5V46U$1rVee5UMw~zShk8 zc9ZYNx`^MM9E1lD1dTj{>pJ{Jmx1l4ur}~lF9r?rE(qQk3g7TokIh_w>+rnREc$U& z^fl{ZXhve#{>6wl@L4|?F$nbbR0F1Wfwnnw4cG`MY^(*rSZD0xZ)1S4BJgkze+zxh z2LaJ%`dX9>>_uVNn~PakiK*THMlp=-GSKt{#)RW5U_MMgp1?a+4&z~9-V7+GbS>rw z*sI0SYl9HEHW(w0*imdDBmQCi^%xjBiJxtMX3LR&D744!ucSdV;CY}kHm!G1?PeQpD5WWZ;{ zgaAW}-8S)HJ~}h4o0?IW<4<$A4PcChUE_jS=UfmL&ApQj+6KUg1#ktzY%Z`c4(KmR z2OT2?n1C@&@OJ`p7VhsD@j^H3ANnl}# zPVU9!z4m)s)0ub-ItIv{(_%62+J3tQx`BF`&dn{5wBB7GhcyCyr51VIV&`*HhKzk( zN4+KM&p;Oi{RL5Op>054(OG@1R2p}EUb~U!^tQTN?9DCN`mrAQsP{Ek&_i!mAI7G0 z)71lX@AGe{xNe~Hbvr)jzAow-S~)K5_W53e+B_U2t6G!jYCwKqeKxQrn;Th^T;R-N zb0g~)BMAVMvunj*jHFmcvP{s6!s-vMGRg0PL!k znVV(~I4KTnD>7mO*e|daz;h}>=nOss>=bZ*h2;2R6q^inev`Zd>=N0x=J4gG;Mjz1 zz#R0*u$#~xklA&O&<&JaQ%VK!Q9>Ac<_mR zN00r+I~fn=-K5trS3Q8apwnG>dvoXU-4y1Ydpxm!91L40^T5B}eNVI-?DZrH3B5`r zx6|D&aPRoqJG}QVvyOM%_!DD~ zA7iSKamDVu8++|ZuZI14^)^RQYHRLFHz^nj^TpYXBQSTZ8>5q28}4f3z--_Q<+C=JBiR@(hY<5Cp8k z%5Uycbl(I?=H6V+Q{VWI4+2#LVarwj0>!^T@jn3+gFpyIG@TZbJJYL}<7zI_i_C zzd~E6XIl)h6T}l}6Yj;JUxNMx*ZKQzpV$io6jGpX9q+?+i|vChZ^UR@05mA{1R0>2 zGsMOKa|XeX-UHzzMZw9y&%yy+6R)EkU>n0&STYY=hxvh`WaF4Y*R?IQZ{T%?jK%h0 zo({~nmYV2Xv^NQ9BQ{c#v^7agv~_6B$8S(}P(RP;Jgl79NisA*Cn)F{@znLk3=1Rz1Vn~0&_*&d zVB9cvTq_&(Zyi2~J*M0*9c?LCLu}5emw?oDT?*S?~&}S_Ny$0LnKa7FQXM^uQjhD;^#^y)Q^L=mgeZG(W*`qli z;Ozja)DY!Br}8I+JY|Cj0Uy?oPH+((mTF|fPZfS6C41@@09 z3mg*Gb%W%(KwWNtdr)jddd-LX6S#&FMU#bjAo=GFO()mPIAX9LKxNh_B5a36(vG&H z0h&}bA5a^{f%l6I(1lwW(H_pn5bvjHS9}(_Tj#c zrq~?sLtpuT=$th)aq?yp-;c1b8+jj1l(=W)eOR+GzK^V6Q(n`Fxg4*-J``3#+RWfP z-bb;a4K6L=};9s${7>HCOFmO%FdB^q2CWRV*RLytXfA{%E6ZS@QzH)J>P zn|+26gOI)nH~0X9%^NY17o(X$*qVPEOpNFI0%0AnPS5QRa2?V1LdF*X&PLFF1noze z3Gbts8J@+x6W}|n58_J=S$&D4#PrURy+eE~aC`{w=){u7WQM3p~MUO@qC{_`ePz3d}`lBTp;*`*P1|s@S2bI9)xx5 zGlRL}eZ+ZyUpi*Mc^os^Av3xMC~n;EJ4h3G@;>$%BMhU6(JaS|VguTf;5V*kjJSj} z(?>dZL(vF$5D)lY5Z6p`zi$X8?s0+r*Kj{kOk;qq;QbqEpX^73A_!iCbs+r|#I0d( zHG0kG=)NIb`Upz}u|JXhB4Q&$aG^lHg8OB#D9#PazF{tG2@8Nfe%ZI54M>}~UltkL z)7a5oRv1inLw*8c9kH_!_$GVwSdW~DK;;@Ezbdcgblp(AL0a2Hw~J7&FFzpk3&n3( zpGFB2T9ZCUcvAFXe~GvSGD5k(B}}1+3i$XDrl_V!=<7So5HS&W&=l|-`J53io?(_H zG*_E^fY~QL_5}0DpFvJ3$oq)Hum%$p#WG5hanJP}_KGF$CA!uqLPLAN=VK=`H@GJg zTvHgYMbrw4-w*snxG$(YaK~@7TW(O?zZsM0M(n>J9wTihw0r#F9pn)}v;FsX2t7v^ zmw~)EL-Eqka1IYT^%yUq?LbFi94w*t+Jt|meJJ|?jpxnn2bbW@vVp%(9AXC@QZ=s9 zpyH(>gaRWdZ>)&+wjf~M6iHy-mcmkE6qffDclpf($r2^ZKb9^(*(V0{@9&o!iN&+N z0==9H%&#Rx(DS!hf8J$1j7r;0xy4MpF4}0BBo05^ZNkOOqOK8)Ldj!Hq#YuG7$`X* zl_`*GpeM?~UE*Qy@0MzoTAh)q5vw;s3fx<0K$&3m31@_B(TC>;AKMb1`T?jwjt3MM zpwvWcC??2B(2-n#GzUBEpoAz6?5$xEj_xDnLuv&a(cx^s4uHe@1h-2$#5_5meh0P=u(B1MRhnny?x zfoowO&+F;FEB|_IG|jp-X*E7tcn@gd4P8#)JmF2?efY;^y*I^U<+mV^0>+a(H}s`% zy)ZofN&v*OHuJ)f`od5_{@#@?&^j)QKWm4J0gKxHT~i?%4e{*kvV+c+oy%8f~eQYc9HL^`_>+>1y0qtBM}=<|c(%>acce5!nZ z8ZY9TRnYNTfGdb^O=65990Vo)0>;*IIONJe)pNK{j8}j|k%@s0HgE+T8%k7KO(2or zwv!F)z@QR#4RAan9LTUu>;;SvDS>i1lz<{; zFv(a9UI6-n(gD>b?9~hdE0E&?J$SrBB~IAit%GX{+{Y4sb7j~n6W0AEw$MR&M?R=z{~M57=`AQNVaMm5yhi_x#{*Nti` z4&g0;TY`yWEO9`mhDlh9m5v5Y6Y*v1V1EGnjxeT%JCIgZGc=$LU`-9gp%NdS@dYG7 zG*T8Oz~rYsKS&N{d$cidji}^s=fCK~C=FNu`=tlg&v3j0x;{5LUeKbng+YUvBGlqg ziUOXCFpkDQhf2;Eyaf`XO$@t{K%`~lZJ^oEaYyKZN0@~E0H<+X)~LDq9L4hu_Vbf< zCc!ejyMF}MoyZ9j3OCf_kF;E?FHOYZmQnzogOp4xR@6W79NgCUV6*?gPXcar4BC^s zr1jp9MtqWG zOXw$`7sl}g^6+TkHVC3vC>jIeuRxITi7JmGxJi)42eI5hb()IHL~wEhU~~mx5*iWa zP#6@6sUk+z8U&>Vi0~S!9L?M+bd2-^l|)Cifmq;?siG=w5_LisiI72lqsO8N#KK2Y z1ez4cbr1%T0T)OxOu|@E{frQ(GeRJVD&&KJSOa81lbVGlPM(HWpfE|S_wbI+6P2~V zHc@Q^Arbl>Ah9iwutkNjLDc{Vf;|EOH7baz0E`7yPf*L@86U0ZXzmecBqB0*zaWGI zRjq=k7d!|FD4?Qq5AXA2tibq@`H{J-YdjTj(In_|gpn8cKJjJh!ClXaFRoN$he65YoJP9kToxG?lm+a=G2tpvy>U2YPvx$RE{b+ ztSyHEIWQFr%gBj26URdcvrYsdgP0a{SX&@e$OLn0b^(HhOd8c)rZg$xexV5#)*2ZI zn#7tSF@eN^W)d%wQxFrcjl>R3w1!B`i3JK_Xa;Da$qN{G6ZaEMygUlupdOPD9e<~u z(G-3sAdhQf_8pH3{rNh@3$B&XP?YIqK|_V8V|PZvEmyNap!TLc#+6@qWKVEu?g#G0Zu&sM#66hM0qI4^MI2Rk*KU_9@c6%@_S=2 z17aGD`0_qO6)3##AmgL(r#2E*_| z^s3v$SV8#9fUJ>2BFM?QVQ40rq>ByC5qQ1D($H3zD-kX?99b)*`^4;OG00a84HPvE zO}S`FwWwhx#yum7UP*LsAtZ2qW6CWsvxR$6i7Y@2ISYkFr zR|3ce@IH={A?vRpKi;6Br69Z&1mg02(F9q6@FL)kC4I}NJCH;LFdwej6I51kk4QfQ z>T*D%4`-Hr6LT`kFgDKBr!Jf^8nDQkRuzh059nO~(u|-;z*HVqPuixSJ$e zgY-w-n8>#=`X2UiVt_0l+(5=b{J0SwS&(s)`4gE(qkJEgUUUyplQYUn6Hr=^SLy&e zxX(>AVsXTMhVDXQctd!Lh}jgL13W}`0*O{YI8W)?qUn{o?qKgxP6FI%W;pi&@!b0a z9!+B0LU{(|Ef~87cpjrnFcHa~6Feet!V*Osa1M=Q0~=wjM&v+v9`?*2*$)Q741t3Q zD!)i4c$1i}ePX~PV+Gm(bRT6zTzgc0nUYShCNcY3XlUR{Iw2A|fZ_6}= z(Kf^&k-yWU85)LA{;&~;N;wy$lNgo5O-|tql~vr2r)z|dq6PueFiS}RI;%4uW>(k?5bdxGnTdpf5c!vB+YnJXVgYXU_Cl|F_DLWQOb6_2q@_mlb`T|2CHW&&~P?tv&;S}9Mga(pp zfSY6<80w95jI?PWzUKoHF-5}5Nt*=62<#a=xkf_sQQpRJHaVn41{sGzaIAC(<2V@- z)<34Y5|KGHbT{GJBW$A!84WP-W=uj7kiR2cLj9^BE?OJ$TIUG=AZvp(0>(+`8_M_& z2XjaI1-yPz(rum0y$n%7`644OO>{98=x)L=d34j_`##9k261^&7ct^HW)mSFL<3I5 z5x3#GY@f^tbhOf?hP(^*UZC{Qxx1)Ys+*#G?e$0zft4r z=I*vfx|tJMg1W$SjGCe}cvFyYd*bRup5dcQP(YU=b-Sa3VImMCT0sm{clyp!12XbT zogpq?!hZ~Op|OK831cbU+>Sup%p}ACbudbAsB7Gz20Jvu6}Y|;_RkY1ND z`gK9|FYAXWvw9Pr5gs!C!w}_(yednWs;VgBo9jy6n;&}1w@~CbiE{;Bbvc?rw!Z9s ztDg^95}v>P5A$FDMV47lP?o_P2-%9eBjdW^`(?zd(T{d(rvr#NX+ zZDPz`oEeKMoZ-y3TOUB-&zh(Hky&bgD)zd}^th{v{n@*U)w5HzPh*GkkW*3RI|iMN zgrvo^KfX^hidxB6@An(DU$c`QeNIh4t-;C*k~>FL5i5i|o-IO-s7+FtB~qH%^z>aF zwLqN0v%4Q{UNOVVosYx;jl7d7SRG4~9eHo%HQ4verv{ThjgS4IPcjE*mVN9qf9iAp z$Mf&o)^Wfy2+DNrjrZe%+Mv%0z-D+V#Us@_==^&M((8BdX_P zJs-G>CZ9{0VfQjCuTPS9%XMo$nOpuO?Dk3GeT49OBPt~3LQwd<5mRHadCz=B(RqD` zUo=Pjn5FoC2>i};anS~K;mb8|a<5?+)VA4Z_w{=Y|MES}5sbFQ|0#UYYW$#WG5zY z{A>chKyeIJUW@E4iRNl-{!Etd3;0HL#(89(dIS!(%u`W^SGXsdu81lic6W*It?a9d0qxxyASke0=FHc)as9kNjfo-*X8^$Dj=|+Ge_0 zaMPvTR`(vO056%MS%ro78EB8>AC_*a&$)Z|7$}U?1X>2FCrOxchzbhwyLSJqVF8sg ziHQ_XK{HE2qyHmJAj^mg4hzHJvttI`o?@TGHeqoYj8ewLvRX<^FqnLVNlEtP@td0E zyLA#ptif3BpR{-kCZAz!A0`E5<_zRn%qAd3OrjKH`QSTN6ae~zrjaNyN&5!APh664 zpCcIp;|x{l0>+9eJ;KNRH&2V+)Nmb0q8pkF`e;5xGlRWIh>K#32~(rGVWX)Li?fjE zRe;-a?u`u17713{gYhPCohh$lvKX!lhvOb#0vV09U_QY3p2`kH#~4Q`iF?Xx_$h)8 zLFxC){nY>3&;Os=PvgFyH(JTTf-zvUJ{H44Gq|20&okEdJ<8C0h)JEfiEBb+@Wlb&m6N$+n>met#iBmt=lvOu zCaIFRL(VB`DVpy3B%T)&GjSdczznPh@^4IR%n{BIu4)O1!KL?Mt{B(XT2XflNw6$R zne4t#HzF5|GZtU~eHCd9i1aL!KeB%sFR;>B{d53j$D`8TjfaabbDpizw zdn45<2pq*mgr5UjKT=*xW4nIHWoF*1d?3ytoRJDBh1qQK7$ex%=$_v3gP6|N8JZN~ zJIaCjaF&dB zO=I269qa?fHX>LBQ%EOhd@ z$$KA)Tz$-`NBO#p-D8QHgNz5w+pD;bIyy<9t+ALm4Y+}BSxmNteZVz#2u(rrK1qzt zF_skejnH5{A!g(}qhT8e(?D+!KatLn#BH*U6Tm5SWvuEZiNkb~`{!f*VuB}FxQ#P8 zVmlzPUw+=#u^?`ooWW2pVbDf>2#auG;&3y?!eJJ#oNBrGgecnUnj-x;$x-q)oXmU96Bm4wfiRO8Y!2jbrnz_sQU1*pT z7JAcZwHpnSp6NA|_XZ6DnO{)>FNFR!4oOIBE4{U z$3_<(ws-%$(_G>@2VREZ8Ij;%#?%^P?lD;$i@{--pMi2nnG|mkx0Y4tdCA+U>lbN` zM(Gvho7s&fwKwVSUGp=&w+XD>h>K@OV!mmC0NgXoFl#UzarqEl`S@Otg!=|bHmCF% z@elh${WB-=vIR}hp9qwX;Tl8~7BDjnVH86sV?r-)6o=8?`G6;e@-GYljA)?&yK7@s zS)XR^uX=8%E=A9mzv@uru%Xx>!0J6sxa_y1Yc<+XIOU>s_b@<y-vNy;z%Jxcl{6)wv#EtaIu(~@8eGMe)9T_D0fu(BkFgagN+-zbBE=hj$3 z5(Nl{@z5Aa2xGG(<|IuIeiL6{Ql@DOB_d-2!}V@p{Zw$~y*wU??-@K|_ei>DX1+TD zNLun!X}p3YDdfM@c0uA|^GDk>R(brv$sigJCj%j%z{tL4>ckL5nL7HfvC61u%$uk* zAmPV7OG^P5nPG13(RWMM3J6m$Gf71h{pQ=Xgrv`|nesmRP+JUDHi(cafKYuSu}|ad z{`uH5jB`T*ZrIy|q`lg@NQmzyqbZS^L50J3TF3nbr675HK7=Ps@WINcn_Ib8uLYUL zea;4PE)c<)!~&ZDmq>7la==nS(kB%|`c#1+1ZU93@(_d|-#_1(`h>OVOZ8Vym^Sf$6QQ?|P| zB&NV9Qj@GlGr9l9BpSyijwk`~grsk4#(ll8A}Ur%<;cF`o{;!Br|hrEy)zY3#t<1A zNsC4$q!cj9&--&5%Aj!^#i~w)1U-3t-uH>b+(oD$-AHT*EwT4U3Vvze1ZGI$9u3B! zRd;w=b>?|}d|JT;ee<)7R?CgM2NW!vf~3fjXK7pvD9AJ|7U78{ReMN0oR!;Hx@1l0 z4q-@!wslJ*6-j~p*MA8_K~XpojxELHG+S z<|$OW_Cs|QBYRz41+Qc1%Ri*L${tb0o!3&b6;BlaF%QLPDck`5jPYjuDQ~JEm0nm9 zCLfcqn~bCvkgx;{bwJ&ymXq)k>iZ^o8w~}j>nPI#dXta|w2hLGlcKE1`2Oy5AG7y& z@EH<64e?^lw zC!?nIDn}7zKN><<(D2cT0P{jpm>XqS?jxVFATkt&L1DNXNlQREjb@~m*P0PW!x(jF z2T_Nnhmh=k66S~%SbUMDKRnt-SxP9|M$*EY_DVB}9KOMmVG0@oTPrKmVECa=@_(UC zkb7wb7$8p=wni$~06E8M4yYHvINsl(p_fez#lz579`q=lRDb{$GSD`WNyvgjDw7O| zTt4Ao9wf7#zy`6?O)#X97Qx1vYBaPdBcW&osdz!sT}Wk<7~l6vE~iODT98~}ro2GI zoeUDnM{>XlC&DTn03Tu*-p3ELfK(ZQF)?%x^fHx&R&XH|dSX)0s;s7hWY!_oISmrB z8ECW$3JGz|%e-t-MS&JGBRT?GRz|>3xf0$ZmQ;)(Ha+YQa~uU)DW$-WB@$+Yp_&4z zCV^{7LUwV_b^cx2t0JMJxOPa3NLV|Jh1dwpvdR)o+oE8oPa)#q1;lRM!AE9tq-GbzPPIyAAP@kvpdLyBq1Xf6TmO$=5 z;2qjWF_(m*p-q;A0OvH6&>`tWghmiri@x~{$v1t+H&VGeCwoUkYoAnQVHq9@2Nv{b3^OubUiU#kKjC39VzeW(fuB&m__))WeDRTYN%A~fRP`agzuhBWUx2?G$Lf?N=e8zi|LWW~RQ4VA;__3zrUzHsHs^s`r zCCC3St>h?4F5~+i|Kho<@>_j<_-#EH|2Eco z|9qUsQePY`LPLXg!m_ZAw`;Av_9S(7t=Q!PnnS7`pH7SMY562%VsWzmcv{P&{7`Nc z-L_dg9D_V{_@R#0iiu&F?6*bqPI|(}CM5=O*b}co46o??gy&ZWv_GNlO^p4phX}7g zdr%m{Ad0(l7{7BR{-wr_8f2+cHaHOY9M=sp?sZ1;y+RD)ZK$-E%jY?;BRu|0dlV8v zL5!!kG>SoIMcRfiToBqYMq1(!ngL^D2~0Kc+Jru1-=CSnyY&A1bwWQ=QaZhf`87fb zYk&tROdyV~k^UiV^r_*y@jUh)PXIH(nA0xV2=|Kz)Y2zxeH6aQBaZJCTt&33H&Nr4+u2 zjKsdlyv)DdujA!!!}B3M?0@^Us*3+-6!rOFEhY{DVx2-qkx`)cn7D1CFqM`!mFtn%uDhn29|CUITckz96Dq3g}L#7<5BiUNat0Q$(3Io1wTLG6Q7bH+U(*mu>zP<4 z-;((aNKNYvNq~Q!-vDkvk-sLRRV1DF`85rZC_yB_^nHEB3@kpcjZ`8~J)m>)}u@L**1 zV|)t@t;(cg<+%1o^TT?&xIe;&_erD-7I~>X&F^`AAM-1S^*+X=;K%q4tfGncp?w~s z%dpC#RTwnd2a~^vb=skYHAoF-Odj`1Gzu;3M2Z?=;RfC$g&88W@Qbv@t`TAN%X_jc zu|AW+41P|Mvx)UI;z|n}PuJff$+je-Ohbz|I-Vn*7GoloHwFuD(4sVG0gRZkCGbWuc~=B!`#n8^p`fBt?wS0!l4_23bEmk`j}1OY3evAcg}h%JDuw zdLJ#OcpnvMog|;rWabune@GDmVu3C0iLLMJOD)=%3`>r-q&1m|wb0?rN%pj7I*kak zThA7{9}9flBgU6lr4h!zG_ij5>q1|z+6H*45qd+d(KugH&;kiJXV994?PGpV`1(G-r}rQ8gZ@Q> z7O04x=J!M|-skr;{>S`m&EZKDZ|uC^ZyL|^>V1As?LW~w#E0@+fO32rAj_I^WL0%Sm zA^gPWNOJiD-+UA{xB<{(ng||Y@;OhE*GYv=T^N+!99U1JhXqYUzvH`4*Pj$EdC&`< zcr;*a&-B71?bos&=n+Q(SBlmQ_8W_Fksgs&1Sadp zlA<*adPz<*5=we|pC7$X3!I3g@+c`r5|NA`qb%4!=`|^MmlJyXzP{9(gkF?)9*|QS z?y&aLo>8wN@ZafEMaz2@al3W&_SS8FFLB9?f0i3bPaffOww9#LA*#V2Q8z<*>9vFHOWiZCH`ixwq9 zy5Z-f=mX+4Jx8J_Yx6VEH^3Ij!Y*t0JLr9;g`!9yJB%8{GYKc?70t?`Ddo5`o(AQR zVoU`I76QHlG#8D>0xA4M+QuS+SilJ1x5~mn$R8&d6-Wvzk|IR~7Mt*CFb)Ze%9jEM>Hj+(TnU`Fb?V|{oM ztTJKjr+J!X0Vv~MI4j3Ois)S=vKcuq1@NB)H_;+T_qC14`JTu_X+bC>BQ${&Zy-G7 zzF*JR9{W0=26M!Nf_U!8nUIfuo?r!K4_fqu7^X?Rc^?C&fF87r2kegT^pu=`@Fc$y z`HiK;Htzg}%5Ns(261{gjQNn?EcE_9$F257` zE&GArQu&P($9asu>KGvIo}VJ`RA zb9NXKh4f(}Cug8r+f{T{QhM z$fGj<=d4(q$Cp(I{+M^(gIx_0tz+1aiW(`Uv#^$rfLBW(4naG@XGk_}SqzN-Q|Bk& z*ZuPvaU*S1A8nkU>@CnKl#O2Qk6sKWOrpGxm?l3iG!tQVE%t~-B3@7PlQCB=&|`U?2hU-a%TdiPJJcV9;7 z1Rg7}9`_~&itr`~eE6ogy!a+as^W8u=!y)7rhyi+Hg!zF?7mqG$za2inWac$^pL zKkR%iAXC=(KE4+LY0@L%ipQZnu+~_3N-qexYA*y57)aDYixiSt>^CqMrZCCjE(Rru zr0zGW^=R5RepbZi$3#qy)b}rguu+9G$D7FK%$0}t(Oppd-Nj?DMxiixSumu&GulqJ zX#A-HS!GS^SM3p;WQ?B`6M5C1jdg8bwb$Ajv&rp?@sZ;~jW3Fwkh+(J^$MS}MU3;d z{-#1h-ui*hHyX^Z^Y8deG5`QkiXQLqbKp;l{ZTO7w za~q8F{DjXssV%E>|D1v|-L1L90RBHyaAvV`$k`Hq6YgeDxJ%C@AP2>p_jN6ZNfGns z_T?VYGXz+&ANM^%lSO=Ady?ZQQhfhE3U6N)eKL2gwTZ#)f2Oe6Zo)aS&i!qLl=OQM zt%9Cgg2~Kf5i_8J#8gO*8hxyJP7*Ru#(1o`A(BIs(8PT&u!J?Gv5xkifp;2=FVX^? zXf~YOp41F<8KS!bi!Sh(c>GV0JF@cNq*pQrs6tre>cyV59cB?@;jEWM1^*^G6pY{L zkU{8x#XZp>p46+iec_1?<+S#=^F)U*DFe;a(Os^{N$p;{_UHEHKS8c|Nq;zpUBuI! z`6UmSfc*JVUEdiXJuIl&@x|Id)CXme*UMaMW_>TZ>dw^5V7DziN)u!vPnY@V4k;e% zmol`0^ZD_>DU`!M9&SkS<=5J8xwo*uu06PL^CbMv6EWq0x4vH`KFkxuhlT7pQi^;V$lms;KOrS=zWktGkRRQ zMdGRZ+Ecsm+b_@zAJO0FQo{tDafa^-r0^~=({IxIJtHUg#J>Ih9_e#>Oi9c)x;ya5 z-d5mYA62Z_n3EVxoZe<|v;59*jwR5~#2fk;Y8@@Z9}AhB%O% z1`Hw5%ljDez&zfckQ(?t>K_TI+m3PePwQ~MR-R8I(nCu>6v*B7?BvrqHG{aGg+!C{UgA6 z>dvFo+1)^Ywo-4VZWi`2Avn^WUf}+Fv0{=K_9xcyFI@OP5f_e#3-5a10o~N{=X0_S zncs=z=R!46}E*Ec`XH1iL5113Md%NES~hkd@j z*k^J!o~dD+utCp@u$xHdN<4P%bR!##->-e58*%MUFL;yG$RPK*7uPTstb7M^`0n@7 zHBjE4lJl1EEWp2&Ze0Eh5B0}C(tc8)2}9^^pe?2}BnNT4mQp&4XK-MVB+wNxCi?x_ zjfQ6#tdDWe+JqE#x?k&)Luv8wY*Md-zB7KhZ@+lQzP~d`N%#QroTqE=?J$pbezGnZ zp{KL0(4Tb^kYhLf84GgkMDp5Lv|_aN;veX3@h8?XzptY~@;zyxPEr_w!NQs33_qF^ zh&gqb#7zno7=x$3%>z--+RAV^X`OAUTb|A80KfEUJ*ve0!$C&MH+BHzK8h%B%}|+o8Jpm@+8r}Acg1{*eAX$TnDtViPw0f zjVOB#8Z^feLmEutjzqdginanx!~(B)u8qOaVtYgfMYkobb3@h}WiaHMo2T{3?(0*) z-rqKW8y@yjATWWv znaCIp=0e}d`Ly?Z4{{CH$r4H7-A1{7q`nRbBSn~^d9;Ov^__BZ7AzJy#IS3Eo3Qs9 zDcXnU%wn!AtbbHcJpyQXgTeD{1-jSh67~^pL~_0o)&e3$GNPQq4EjAtZK)fc*G2o& z0j63UDPREeHMoo(4vps+YP1kA!Wju?v+-O&ro6vFn!sUbSeeU>1ujvpVhMj~5I!x? z!iE#%L-ZcXWI4(JeokpHz;Od}eqoIe-^e|37EwV82$L{6J$Fc0hnC+4wC)#A=Y#St+QAum4fQ%QjtQQvm6G#+Nf;SJYnl~U_!Q6jvk*U1Qj`$g zvqbi@_{aETTG){knT#zguFB9e#~fPpk`$37avM2E4hzK6L+4SBB6S3)tWEOgLFQ^5 zQyQ*^A<_&zV>uojNF4xsA_Qwv*cs37y}4R>4eP$4uM2P!^VCr`BXCO2>+`cg8|&5i zxaTRJ`!>+5ci2PtCb{4dDO7{`>8R71Bqw}>ML_QR^8OBid!5MQ^h`p~hjD#ua;`5& zLu%e=Fe3SD(Y2C9sPNXEayg-^u3X`H7P1-aIBIDrs)`Fiuu94@>_h-`k zGqhMS!setL3qy*}7$od=Qr6GI{{K+c{BtzyPw3ad3;p^o#{rKlNC*KI|HXO;r7meU zvUl0?p|e`QsIyxCT%C2tqz^bCxEKk>?k{-z5#Bs}M#FPTvx2^FJ>%_9@f+5-AUuxf z)FfP&6qZG~5YJXLA2bQik2BJ;pcv39=1z->@_ufXH1{uF_kTREds-iYD=aB4z9#3Y z^0WpF!Xxm)7oXYN-21J}BzmW($#S7 zlkCt@shP4Js%|SgbBf55ePjA#7p+t+e@f=2!q54Qe zkJOEmt6Q%(5Qm+mBXZgN1gDbz@zN-p~BQ6y0CTczu5F7elYentiVC z=wMAe4(qE8$dUC9skH{AllJlC*1_u}gD!T&avk1}MgM#c_gnG_3x@sM*YgFs$M%bD zd7rA`0D8vyKDH0Afwis_Z#D%u7_EYKlRR^O@98=T|H8E$Y`e`7d)g z(KTJnM=Mem+Ac%h?sF{NW>`mzp7)4#!|E2A)5tzPt=&`oFHo`d_qja1^M@{G6qjlr z*7qLa3-Hk7=pH}rk*sVypAFbgrZ+KT4?bH?WHjnJW`m;{h?)f7$MC^zd7o$J%QN7} zQKRI)vQ#rE4e;UGJFJ^|3E$8rH9rC?ZV*@J(|V9K-2=-Yr3~KJ@xE5C>zGdH8VJ3y z{sB(z{g^-YL)YkMb;yahG_XsSOpdvafK|ND;fFqQG8gJz_@ST2yojk4=+dV)U@V`- z?%233Knxnt^4(A2Zin0bn!lgIJH*W^0nA(ne94OFwe3fkpnn9H$2Huq$jNId5fzDB zgOo|eOr#5`mq<)y8}9vxaV&p;A~9zAk(zxhmVqW2eFbKilM-K8l0hWm9cH#-eMS_O zQ3N0vO%r6vw2VURFnGopsV58K_JAINeA63DSu=8SKNo~2_27v~KH{iYG{M@jDKX8& zykT4P~69Ii>wCtNk>X8aGi#(&MFNUbJ=~;W2jRtUYqpZo6+|p0;`M~Rj{(oo zLDLv!Y(xK~3?3?4|u2I8yU z#2TdJY!MuvNamp#5jjtRxY$UoQF?4Sc^?Bw@jN5UK5dfhZerdgWyXoAjAm!kGbYfi zo0qUg&vnHz-Ka8Qm@*YB#ZuJFN#>+YvwpGUH3=oda4ve(d(tnn7;xQ5=4PzpHIi{_ zuIn*9Yq7@kiD+G8u@)x666_%{V`8?uPF1U-e>Vr)M!E0Ab%^kY+5Rapb)pNOWL-uA zg$K-x%x=WgYB!_sLF@fLO9yF&T7k!mX9cN@5o6et{$m?7WTeoU*SzY9R_+On#IV25 zbn-_rdku3eT04-#=()mAA)JG_dB2ti@Xi2hWbcn#f2YWIv%{dQoBe{`5;vDlOx9#S z$k7HAZ_yMDbP&tlknG4Pp+^^>S-)1g@+WW&&m|~aI;qxRP*a`O#N*U&wCVCXm6M7g zh+7(-d9opNhT>EWd9Xmvgo+Wj2`%GjSxg7BPl-tl!|3`NEk{r2EXndk8sHOE4(SQj z%r$AB_w3`e%sNN9MC!Ma_DGg*jUjXv)qPOmbV`TObpmUFb!;81qCrYgBD|9$0Bk(E z9!q^<=oz80_xjTqT7f22qGGNMUr)S@FKGo@K!Yp8h1HPa~-c&_3`-tPql8#Rs4L3C$3Gk!BP|<9|ENFiV=D-OtM{L!~l< z@K1C{;aO2wOC3WiOJ0fmhJ+Uby+FAI&j>{Mid?Jl6s~IIT%Gc)AQrQ-k>1l9)38@~ zju5~$Uc)nmC_WK+Lm)gKakK!rtwBn%-U!|zjA|SHe$61V1M)J9d0fM44dfodDa>xe zsuV;%^pM^m4iR$`rYK;hCeTZQtI>_%B?%M540}@L0{bHPfVI5wnt>Vcz~{(Whqg~; zA$x;#1I;ol9TW0nz;mR(c$Od5@rQRvwT~Ea4f{ru9;{P=?yLyijR@BwK1Z_93*^@X zhk0_XLC!PeNtPj@HwLaPLuD?9&{0yGT0>We`JyN90Q2pAY$o@@oPkRz%I7Rzge8HThBwM%sSAMritg z@Db$82!~E7Q(vSc%52 z5gQi3>jNJ8Gm^FzJM)?Z`X%e_tRL^4JZ^g#?AT+_p5_ldbj+q$2i@PnGqWuNu$MjE z+caiBl4^fse@aP)YQ>;!i;ZY{Q^D_Vj5Hk^xePDFy{SUSaYRdOP`5d5ZltdCJ_G==!zw zf3`f8(Blznx4Zs{;e>s(MUYBYdMUqSiW=G-i4L0Ur5;PpF-2X1UN1@)F-vs5$F=+W zxQ~y%sM{FR5$txzP`zQZ9iOl z>__d{E>!O8eQ(J5R^++IzF;MBK&t zlgfR>{??>nY^BW{k6)qJ(7r(C!BKk;UL#dG>Dg?=CP(b`3_aV3goV&F#r*yZ%z+$3 zh!q-1IH^$D!}0;K%i{5kG!4MSqYE3q;@1BkzyIsM;D2v#`1hOUrtWXc!}&MU-G%@0 zn|n!D;XYk&z9*?0g~@l{J*NK3y?>Ic|Lr$BKf=Ryt=@0`rq%4)fBS9hufm=CAHN+h z-gfQ(x8DZYK0H6QM?3u2e`yScPWjO9ztq`p|Al;fKc?sJ>)_wZcfW7K9KN5|S2qpm z5BIqKemQUd{kJ%wpW*p@IDbFvzpwXKce@V0C;s6a{`+s_U#h0zwHh|_`@tY zpOFPOP~Ieo!Ke?Jee)DPd<(o#cKra4g%Q4GVYo^DyYP)Pwcba6^Wt2R@LYcXr?1UZ zU%&kqToAetN%;k)fiQH0Hr#ZLPy>(PI~3}|^KP9aa6S29!Psvc!wGLJ_r|inG2DM} z(tq&6?=sJdf?8piZ|OJIRTOvW`fonN`gBQEkyqZZy1J+Y0jny~H~AaPbiMuUa18hB z03iFYTyMiay|6*J&&fakTzLD~&5w{q?(V`Qfs2115(SstE~o$glPB~;M?X#ph{7TJ zPAJOXHzTsk^xuE(jDGCs#~G~-NeXa%IHwfM_b^`g?IuZfI8)I7o^BKRB}ssurt4jJ zxWMDf^I`Yh4FW(OxSt+2;hs_zpu)+;i$fnCO2gf83&fc=5N!{hyZxSoX$pu2Z@GR- zX*WSJK)2-L`_SIsx4P>9e=grq`1$8QcfJ3(>mPT3%zU{Hw*k_i{rRxn?vPL|w*YGR zz&Z2}*YKRbU-8`pDL2rtWDVH;@5}1)&E*y0&G(m_rjc?%T9dlN#Be*>{Id}CdicSGJ~mOk@M{I&#PmR+i{yj0#8feYRQ zHCVo>fe^fjydX)e%kY8E{>j1L$F>R2UU)tv^zmN#>rc+*4;SUnO!m*hGDtngwEXzz zf$(!Lzx|i;C#7aYR-no*;oTr)!5~mhI9-6uA=BQveu%m&vj2Yr;0(|IMr5+@X?RON z+((HG1vtR*JGEQyL8t&J4YcLUk3XLt{{i4-)(gBK;NC(t6yF4aQQs67esa9zvI@uX zzQ}w#9K7&t6}r&z8xH03g#_u153Kkb3tAKK<+A%XkQpz>H!}C~g>SQP>mPO@h@S7O z`~UcDxD7!(`VF4{&3yz5d5-ZtbcnQ>$rF+@J!vU!MzfqCN-H>0uBYdd5 z!ZJKBzwxd@q#5qbbw%%uVFefOEJeB0+P*c(zw~?htwtK8zgUL-YBKZz?1>R1(F+C8 zA_J_~DoY?YDH8jp$f~bM%g}Qr@!Ney--h=uk1Of>HU8_xdpwR^a*U|30;u?bB1j-Q z`O=%a1WXTPnHM=hm6`CpgYW0?2t4!A%WwaMUih!ChVXuq|9bBC_uk5uaY%rwph_#S z${YhjTH^7u9K*lKoG1p%K!PjMpIe1;hu?bx*>xXe`9?WwjhM1P$d`k zL6!m^c4a9j?muWfer;6GE8~SO=P`cpwq%hki%aIsl^F5OlO@p&MU|0Q?%Q3!{WiIO zd0a`~udyFjhEm(NckQDb#p6}%eyJ)zOF^Rd!$5(J;e-3!e$N$*>2LA(9#<9D$*91f7=eEi z*rfz;1<<6(iWmT*hk_j9S>B4vFrNG-hOF==crpm2ANdHtH<)gO{ zs4bQZ_udrG2jaT~A<$=8RS`ryFH+<|*9Nd)85anV3O&MWpx}F+q_CVA`2Ig&flI5% zf8siqJyJFK`TG0s&+E_e-+pBazWoYggVuy!YwcG!6||;)`<0FV_A9g<=oa&9t^Eq& zh1S?#YwcIa5wynrT5G>Td!aSq+pnO)w_jn&(3<+~S5W5LugK7Vqs*_h_A7!bV*IbQ z_AA0Ew8s5fYri6Q{v#*|@%T{-$ngL~VEs=t!~I(KU(go3n}4P)!mk0fDvJQSq5zPx z4BrGrao^M>5(8dRLY@F>43m zHY{Bb^y@!&vOnqbr+ofzncDUct@q?B`SzbMu~$9*xS0vHAbbxlXM!B)COU(%jEe@kU6VCkL#%zV4Ix$<|>T*CV9(c!1FFI$;_V{<=+T^Xh|;N0lxm{fZ&Th ze~Me|lJNxJmES-VfDQ1L0kClR$;*Q0GLq!;0sprxKz3f2cuv0kCrtlUkDu)Q#Q8xU zN&sBG1MZ?LYdhENz3I}AzXUgG8Dz1xA3bFkcNAA zpC;df11Q`71n1Ys_Nh!kzyJGhYZOJ+I~V=%^tr#Cm)!fIpZ~mh&`*F;(%N@wh%N_D zt={w!>_>n>URN0KIr;ay@s;O?lJua7dA=toIw} zF$#|G5=d{`H9CV}xpzlEmBYT|WcS8tJj6SP`*?jD?xS?|!=}*H`R0PQvxNV@u_7=P zLFGY?^MNA-3@Cpb$bO#7f757l-_mc1ZuAzH803`bFyd-}6fBwISmmByi z8czN@DsjxOLja%w;nk~kk{-_aKOO{r=zzlVzoDQ9Bx`s4w}1bweB$4KL*LRT%3TIt zv2QH@8^itwBm4);{;o(oEFK14;oaX^=6CknAI&+40TK>`mm&lp5&K8Y_C?clp6>DZ zy>#Lr{oH<<-1|Bm%aTgTcl3#U!+-9VfZ2chgj3(>CupB9?onES`o%FKlz*M(PhbD_ zUqtw|J@}jQ18C>{f`|Wx!Tq{STL1PQ83%-#ULwrnU;jn@R!$pdojm`5`Jn_tCB6F> z^gccf*gxmT^zh9O&t=3yxC!&4yM{Tl&yz;aZSoEOg&X{*8-)A89pU9GD1{P++d9>k>fieMb@BKM7cyb}$c``Ocpe>ei6J09s6_@6y{4wo1$U7`pt z{Ono$_i$bpWPN-XH@qPJ?1dmikiNGq{j_ZoJa~Upe)%YTy8&F{zfVh{ynOcT2J1`m zjea~mt^WGc@Cmdr%^xc%FfU(D+}-vY{`2{T*PHtMLOCws^@b+?diM?gd2jOdZayA- zYV!47etNPb_QLC({PZ}ATk!PrW}ZFQ|8_oLw6h@pcsc&py**k^Ay3vWQ>3#{bHoKF>vX@!D}4-oD{K zkC}*HJw=A}{^*AhNq^k*=kds2y@X5lMMtl;`T_orIlS6x@)Xf!A5T8FEWO%k@(!8z z7cafq_8*4xY2MPSU4Nj(eGbyAP5$Aj64Rtt8~ekf6w9PnoBP9)pU3-QbE$RVegUMg z!x8N%F6}41big!wbqEy^!pZkG;W#dvEHmybOQ$-el$vU!YM)A3G%1 z%06ZG7n`6TkDj?d^;*fuWd4udN)PGr<7n~9eXPPSy^jAp#wq^ME2U>6{MhUL>b>Vb z1fneT@WTGv{Y%O0iFP3WAs9Vg|8V(!^*)L}1gZ2+c)|Fs_2VN`tV5El=@7B3oo|n-5c`lqc;RY3cr3Fl)7&}SgzrP7aRC)>;3l8){6-dPmg0m{EdgTUh}8RQ;;UzNW_7xx^j-F+#Uker@pAxu@?A0Z;o=O>cjFM%zSM7dg)-1#S_~2cUXM`6cD8*iu5r4c{@?DmZe!TOPE{ON# zPxs%6O&GkJIT+<-7q8~b>}ypbIvgI#|1o+@Hs1QR|LhV_2PyBpue|TqgutfU= zvn26Z>F3X$FI&=`{PV}~5#{HPfH<-`95zqutbTrhs>Z3CY|!%gyb&aZ{aa~0FU{-t z%q#uno|i#s(EZm7TExFnWFBvSd=VdirO|xx_-DA{Unx0{w-H!>Hqt*7V(%dLJqpqv zr2YFXymJR2{tw03j}6{`-K9yE|3iWHXAL}0?w33nyLCjpPyeu(r%w$(ycl-}9pQ!H zXD7`E9{|HJ?Dx`L^}&6^{D;63_YDW!5%cEJv+?7r-1l?1J6yvL?v(FkT=}cERDqF6 zTND<5p?i^)RQihWc!m4!ZqX0;F5QqmNd*b&&ikS*Sz$QRmiTCkFWaJ7wIoIRkD8GL zj%P_T(xVySxtY5M^ZNnh*w<~ytRN_)4f)ZA_}s=8)R{7ZXMfp#u{g3KGjt@%qZR3U znSJ#AdAGjfvb}CZ!Qqoe)JG$7Ih0b1JYZ--5YTk{dm(`@W(Lc{Pd-Rr;z%a{xzZ_B7rWWld zxO}}vDsXkFT%!k6v)uEJJMv5WqD}T!$j0;m z@|~3g`E_Fo$MCeRXA(=DcYiPx?srBI_&f9{uU_XrjD!EqB3pailE{~|=7R|JXi0i% zN#fM+43LK}S^|VGDIoKzCHbi(8Aix4qWVQkGAC24{~&!mDSv;sLOd^WG6ld7vf0Nr zxbL5|$U8ZB-KxNfB1N?iLfpqz@3iuB+h34;XjtNTx(gpvjQFA%PLU(k|5I!;y=eZKtsZZhQ#k2&wn)}5x|kQB)w`${QhHX1*k0U z_Clh3_ur3O_ci7~!}qDaBIfK94F$!M`wmLaYZ?ktoLFKD|B9}&?=+NUc%a5W)`c%x zLZU!hdIi?3^8Ik|egaA&@XHbsgjXQV-USQ-P*|D(rGtI&x-o&Jj8k|8+Z;n1!5B5b zSZ}>ur#Xqv{HigDqo^Xh0&SNV z#FB*zukeH8|J3?&s!HKTc!eXJ@Z8uhuQM+QrB3m|f=C0L{*ZEug3MEF6FwOj|L|o= zf$q!BUz>-B|MCypkvZuOdao@+_hz^Una3;N@0$JhQni1LBp|1-3Z0|)lOPGgJf8y} zz9)}lfG^rr7?I9i{7EbYRj8iCGv+(1ip*C{Dy4=fei3w0HYwh<)ej?vFBqwEpfS~7 zbO98f(n0Z)4f~UD{H0LJ{|Hr8KBjo1V$3#CH+3KOIcV^NV4Dql3j$@e|{WQzYm!d8Hr0c^5g zG$h>B5Al<`gX*F04Iyt9U$RteNMcJBP5R^>A#zU{kPqN>IZ|uw7Y)gGF--d8L!m0@ zJCg@C$O4)Fq9M>>>C~i89v313JwTeMjVQ`~(U7W^8!vqkd{iQg^b%pdkoBQq6?87T ziyuNF-svh=hVg$-!tL^VvX1s)@O|^eFjY|&C<&5&8kF`2q>}%g2ZnTS>8CMkWP~3> z^S)!LmM=I7w9JD9SMJGchrxTxAH+hCoH#TgzidT;h}9&T%irZEOhC9m=uf7hD1e*3R97 zr1(mFgSSygp;C(cfa5bQ$@{n==sky7E7U+@Ni z<+2T8fV2GL}D?v_q0r{N#-8&r81UUSI&Hd|b4z zWi4n(DHrUO0$r+_KN*Oi$fX9ZywaNyT<^HZaxgnY$uC+`C6OYv`bvQYSS8xn*3B`3 z=4BH|RwyW`FBNB=HUTiS#@c^hX`9fJ%#_w8^`*)z(1xCn=gXE9mJ#SqsV}u-@hk24 zM^nnr>~j3?Du-e)?dKJRS3iI#kuqPm!;73)j`tP7GauT)D%Ri8mlS5-Q`dXlq9Dl% z<=E;gh-W_#NRom2`1ZO%8FbxpcU}QM_rd*gbkDDWU-%u(U!~fpz99bqF6GFcZV_7h z-S<5%6oDGuezq&Z?<@z>YYEh^n1gWd;R|vBE%4&qS@k)f>Ir-v!VNz1$i5&@^}1b& z<4f!H$0)2HV*39;3>JO|6$@mtvZ0@(Cs4yWeEUMDftD18FAXRkgStMq#FKAdK`}PP zveJEaKS^*PvhH)*!e>Lqm$-txa7?+oAH&H$_ac7mCA|6DOK?xZE_1qoAo+*OKK(gJ zL8mHHx(b=sddIy}lz)lRMsc7-hz|ohm1f zLrn!g5T-A*F5!1j68Ta&`55i@E)zYw`7i5NayT?2$h=e{2K$P2DIbaCJLCSEN(!>5 zuy-hU#k|z_Hqqvcx#s(D`^+PgpQE!RDnQ}O9$s)WP+uMu7hX0XBc;2CGrZtpJo~(Q zUpAvCpf{Domwmyic&;QLn85W)-xq#YMOnU6Chi5V;y(n%eC-8=mOuq64VoVV3hyo5 zm4a8=OL_3gPuE@i9ppQ;^oo3pM!a_+evl%{(f+(m7%Ow987~uHKN)Pk_6Uk-y=2w< zBD@F>FXP((fbc>)Akvj8%*QCmPwj9&8ex=|5eMS$90;52y~!6bbMH+)(_2t{pvjkZ zNN7?}74aTP^CF7wy-DF-hwEPM_;q_Q=TaX27=`(%y(b9@TYVH?e%-7BFn-_Suk#V8 zmHN5aFAz@z(k-)Ppw!3U&QC4Mj{;;bt2_UHxcm1W*>Njh5dAw1_&ek^aHnnD%4~@b zJ#1irYP5N+Bt-u8qo_89}bc zkL2Paxwr^ZCn=U2NOo9gyL*av{k!)A8y<`%k9m@&!a6pW7ZFB#B*AH_31En)@gZ50IMJe@e!Ys>g-2{m(2;Py$w64w53NBy-xNJ2RTI4v|$~cxAdr@_od3s z25`{Bq1+I*LrhJ;Bt5Y(6&6+BqWuuaMelS-0E_px*sJ-PlC?rs6Q z9rT&<52b9@VR|1v?hWjiff3(0Tm$+XvG$d59-(!l-V%(O-;JeSE_3hf@-#;z8(Zu# zE-|50wmN~wMJ&0f^Eks#07=FH8!58kiEBn7JDFUt`l%}3g+udte0hNnOBu~DMp(`( z1j@P4;H$PFTy8ggP9nDSQ^L7o1S7u)3`Q-+BvI(O;sxVfKPiIN{=ihOT+S?GkYXaw zYeMUU-DHs142@G5qBzyJDlX`ndu&@7Ri>QVD5?LhG^*dCUP}>ti++VTwFfS5kzo{I@Gv^MI1AxKl91 zms3P)aSY}IPy{23AY}wY$V=q}F;XidFn55W7{l$w=IcVP@3C2)#K7|Q_)=0<1-sBt*KMiyI;L8s2qbHtqIR9fE%4(?J*QoxyZ z+Tkc-%Pa-%&>+GlxW((9yPyUmtN$MM!?ro5sfK%KoDr)*)r%N1`)hMAfgddKw28wb zB?)kX6?o9rLZo)V<&J%?^9<+{vz0uX!zB55Xe8=DEx7|`?N~Jzo8{_nkRMy~M3HPX zC`tgwI=;m*7+|td8p~#ZLI!XG9Y!!8IOoq;mE5HhE(uIK4YehN;s|hRw}5p@-M`E- z2oFlagsA4QE@ZZsmPe*oP9#m#eHbg!z$Sv!26tnx=QJ@R}c=^FW}_PX=5x; zb;B5PHv6>Ajh-;%ft6s)Hm6PWwpIdWuItez7HzacaFh$DO#>N28zvsf?kx9&&x6hl zDnUC@dkzVl5U)!+vS^FL258Rav^8ZoZ(f&jY*FSRkl-yNPB~6xTzi;+3HExl&FC4# z9kvJz#p1M+M7cl-n3JzZ+wx+V?}kEfhmq4xBQ<9vU;@7`ZQG-9Z#Blxg!L$O^qF`K z#V|Biv8 zOLaUTIYVa&%;s2bN8ka;CWKJ!SfxPT27B=v^1o2%7~Cmy%H`P^vf?~iT4r!1??0Rj zOe+eaP|*rOTCwQ~u%Q*CF1aE$CCU4UR&+;8D=}&DQ=^E&c9&UnX2K*b4AM$1TC5$J zQFPFv6v>;V0g(1X%m-$sjUAZmW7kdV;b0c)%dr7C7}x}1G2^5zdZXq?7alxyfFui! z5o>Z7^iG%qk!n1^F%n{5pCOG|J1JV=7-1$~X8(ojGqbDU0>_1I%!lky8Yf8Z+@la2 z7u;l*r92LB&`62&I8g|W2iqDC%99`@_x?}_jt49HIAt9JF~8qI3)4X9295`PX%Ozb zGJA|8w3agOyQ z*|n)~U>a-+NtD9yOwr!f(xlj;|FFM&+Ubn+Ln}GXg!wK?P^R$a6GPIl8>nx$o#jvYrZE-^}FWGAx1Gjx{mkx4yyPS{#NlL#Fo%y~UQ5x>0) z&Fh?6oXU_BWQAau)UZWO#1BJjKTa)4m}n*jmn$1`dui6TXfIH*}$ z+uWkY-~~NKjV9mFzW70^Wjd0Cc!;0A#6#l z(m#L+?mH7bp8`S(?&Nc7NG0S!R_ujIEoH;*r=7@&aCq^F?&oxI7%3^iJo#eUSK*Xx zIwco1we^m$V>~eP-DK+DU0<6_P7YEemcc{_JH`c@%lm>cyL;HZANK$C4v*P{P?D$w z8jc}iT_!>zQAptGI1!S|6oef^#JW->mj49Y$l=stwabpMV~B**a_Cr}K`vuJR1zhG z9V0|9&QzCn#MB64iJG3UV}!6dU(s|9I6&@j0`sA4?NJo-#^*cUw4;_!>H0k z&(hd2TC^jeL>}9RO}KXvBGuTA!GZ!mMAPR009in$zePmuQ6b_OEc$BFI5k43+?7HE zT>dvHZbv4hlsOHNx}}W>xWd@?z=H_#lBiX<)aXbDkxKhGlEoft#z z7=nZoN>wf{3J-0IFxhpVuK`i7bN+0u6ZI%i8S)SXM|$)2%_!axjZ%fm@Y6V>q>_L{ zS|)ICnzY&uC^gon#Nrqg<`7b>JWUD?PLl)fa>(Aq4ViNPvIlb@G6wu&lj?ooSTq@s z9s{5qS?{Qlz}b#$*`e})QEib<@F)#S^h379AG&pG-W3@#S zfdkfftZ2B^QNU9-sO_x?9IrMpb5n{98^`UO7#n}9_jC8B{%8DH z*Qg1y=BFtNAaF$6tjVtX3KZNE>Y$7rJ%Mv2I*lWWz#(mOrKZB_+CujuFpiTmVuui%v;#Kn*raU&Cs%a4lweZEBbyYQZ$ed09OTG- z(aZcj+P{;OCc0VRt7i~VeUEe?LAl4p5GFv%&)Zc~!57pZ0q`*EHY|IDJ5yf9grPWS z^ZAe97Cz&cDyieps)yLzbYRPx!c0oaXfaO&q(m_5Bho0x!xz-BeL?N5&Uh*uu^l;} zW%x|lN3X=ck>uU=7=Do`YaTsrb(K| z8YGN%L5!f;2=NSR`W}%L1H2A3M6DmI`fdWG{>1by>55~_z_Pir!uRHO+pM!dW)xAcPKw+YqdTdcY?#p8Lk1wAu zj!)muuR}c!^Zce5E42n+9PFG@^4*^>gtnsi>#q?d>clgFhh81l>=IfnX8t||~ zP>+aCsXCT3Ds|)>(m4*{O%cH+)}C=Pl2FRb@6{ZXvH|0unuIcmCraQ6wWS)mx564y zDONa)q>u`G8Lyg`8^xucCjU2okQQc>>h(-Ak~d06xbP3GHz)bdYT*Dn4pi1ql#b+( z(!nj==DcL^9YH}q)Vo_Le9gP1Z^obT#Cjoy66*=7texdNk-}4GOEsDW3rf{GCLI}? z`oOdUOS6qX+`KW?8>;E}Se1u}67OCbwf)P1A0P0q2J8-bW{ZGO?a-&=W4Oac?BJ@i zea35WS|!YhWy=pal2eb73?bQL336f!H+68Bjt}k*3t_R9!5>s8L5Rp8S(J{CeAoi| zX_Tgzs3Y8TeDoVn#{%T&bI7I!nQA!j9qQ&=w?1wmeUAAv05T7;Bbkad;@d}T#RwHA z&%jtUz8m76CNY*9)7X)LrEeK5C0+PM&p}Gm-T-#wWU-8bp_#glzb^sR%rD)#MbC&Q z50dOhjD?PLGldw>1;CilBv#kiu_KR*c!6Qe5ssdDLRXm!89S1*XiBL0RgaJ2c>KKQ z$Q0)a2xJk|qeO1dV@EC)O&xcs4_z@v@iQN|8fkclYuZ+XobyVTAj;ZL^&WUIYohi& zF_A+R^5Z#COr;Bn9hq4)(WryM<@5g3q?kHaFW_30(l=7EM34wyqfx0Tk;a zh^mDab|h%gG|gnPDGqi)0>!`yno*=Wo8z%HO*FNF3z)wcLxE(1XdGij6drMksO^NZ zCS%3|NM#|2rZ`qahX+`baMozD`gs15of{kC^3nMvpnwv^VR+z$j)B+Q_I6MYBTapH z;IZK_ASBjQhKE>4M8c*;$aq8)Y5RZ;EP^!%yHR4N>p2W8%coK^;& ze;cuhF@M=WoMt^bY6ss&^7{Mb>Qdd!v{TKS&H>f#-I7L*U1dl%Xu>ELTCNv?5 zk`*3iEh!{_hxYPd>S>@txG;i;SxX&vsCN(n7$n?crc^Z~JOWz=+8rEXGXOkeN3e_) z#b`L2er)H$wq0f59GwvlF~+JX@NhDHGjNOFp9%wTYE9U1VryfG4<1gWpLS@ne;hQ^ zP$fOXcrcT`J)iLVX*`)3L^Hzr9RZ97lZ~_Kq?cu!JDo$lB#!i*DU2P-10{7duwjxs zrvYb!TLBFE3wYxY$<84g({#vw*Td9K)z3{Y}V-Pz`|f2l54_RR}( z&##}}hU_4ZfI)g1#PIl3+^EgXbI7F6d<#Oi?BGKdY$ao}JFa>p^+$FQtcL zV9FGVahqsT{Kor^N@A%$7-Ys)XH+><#4%1KGrikk^X%;HJDK5t!IuyjA%V$oR!`8Ah7TP3kcPY=v5>_pXQ)^z8HA6{pJPK6y@y$xuoToy!usyxm?@?|w6gR>V9L z-84|<0lf>JG}oVvO>ZNIt`q-T-DqdOx;70s=?E#Wj6i2MiZW?XZ3!EowjWMt((oCv zHIY1u!UQ_x@puM@kzvSTHI68Bu+u(+lNkqEc!w}_Sxiuj0~xV_DRiFGzI@YCjCjOs z3SH9?6q879{$UE8;XrTR#6065f{sxH#gqg}YiKaGPu}p~WM@!QY7-*?6K3mTs+5NY zTKhDJK{$Kmxqs1+;p3ZFoiNWNjoI?_-*B&sKKd1Gv44GM% z4PwZ@WE3MBMl$3cgGqB*ze=QT&~guj@-wu%tMMWQZgN z6YD^JmSi-+%i^38wn~xiCzx@k^|6HcgitcLkFJX_dPXRX)N6`h3Le|%l4@BV7fd%z zs7z{t!9+YBDaIKYij!2W3nOqiS_#Je^=3*3fr5JU>F)A<>=idgGT}FQfHw%0qI9U>X`o`b1sUPje*rSqn)AJpQYCi508_GQYfyZOt%}h@>hw8plAoV2~uTKW3jQ_>OP8!~0tf-NfR| zc%BtG<;FlxVUU>-sUz->1qpQ2EvScBHw}!7Kk-SK*A{%p`=K1RKN;dwwElN5OlDC_QW_$K4VLG!|X zvmj@XMrt@E9_$>unIiQY!SWZ5UQ+eY9r=vq(k;mM~$m|O~CWdkolcXcNh|ANeB^68=yQySdJ>uhqvQNbmGckAu7ohUDZinq zp1B_#;3i$qH7;Wjs*O?-j1Fy+1J-}(2L_lSIlqD1hMbSVXmpgDj7&cQi(JgmBjODU zHO-S?bflXsEHAlI-!vmqoIRPFR}S7tMZ}O`)C`!sqXFJ_t?YWuicfFV;G1Pa7Ob9o zCE=)rFlCALv5&C=>bA3UQ-gCR>cMRij@l8Evx+9{_Nj9vuC!&ZJLs{AhGi*iFYJE()$Zz`R4;myYn;Z#8?T*O;+uy0LnnqFm zlMRLo6lugcQxwa9K@yIdBa^dj@tmg;5x*l6Ne7TXu9L7`U(Wl6Y$E;^e;TF@z9B>C zb4X}PRO5`AG*f;$gq-p>K)9PINux*sIBI+h z>dXepTMN@V%8)ILo})NY7b6Mu^qO0oa7Yd@-|_GHI<~s-m%w25X^fESuv3g#h=$lJ zEA8coL~Jq5W?nfjK`*-1QQ!m^6RTlW^{t2?1V!@WCNR z#KS*lvLrftJAvMjE3(tI_%wEVm=WTqh4O|Afu4^u2qE={?764CxUXq__>ZwWoLB?~ zhw_RJ!GM)ASYn%cbv`p>`L&OOXiR=Z^*lI+;^#03Rn}O70fSZWTa|~gcMv(DlxV2| z!(-5~wmbMTG9^H;JR^w_Q7=&w444~(rj?@e<5KnkfpEoPf`<;&~X`NMwSQyZ{4X@S<&GGyh2L*@KbpoG_v)bpXM@m^TPVfD+DdX-=A| zL}Ua5gP1wzWA}6zk(eebc!FSH_$ew#{H7+i!`Izgb-BQk4>Ne*Kuq zOf%eGUEal=GMEL9sB+o}^cbpN_9aFMCsB+PCFl)QF!z%5O+ICZ7w3*?^2}eJR(=0zH#zrC>5GBY%ksbdD4L z-k^G=lThfTR4dJr*+I|_A?UsnBgzlWB`g#eY$_vZ;gd=Ur_Vu@M#`d6V3_skSrLRh z=p8{f`3X-hltj`jP+;WsDO-_*{Gqf6n#KfWHb$i3qQJ20lO~9^ zR{9+wm@Av<5~UC@H2YlbZ2Fkz+jT%ik-X+XC@>=Xlp|0d=2?G{SprL83LMNZQEnv# zMs1&)&dm!kjQ1D3crTE=fKlA%rB-baD`DM4sy4u~32tnXR4oLI;y$+&#<2<0 za`0eFUO50GU{LpXgaODyr=D{x4h5@Nr4J^N&sYz`o4`u~t(cD`V5zypbU+o}(uP(?Uj1^gE=v!p1bd=7=Ed*IiWVj1~VhC-r z#Q1y1lWD(-&gr1cjjp5&jcALqIf@(@cJninlYmAH>4#HGEUr32kR%?PXBgz~d+0TGMvp>RMB!aQL1i65h(ahQ)=I5 zZs-YU`R*NGr+WyEo>3C()h`rr*Rl!~Eom0{#@c%Yf7m9o9oQ~l+~ZWAr9n}6%_KEu zj1j*cL^T~?6pER(N%c8K3_pj6*>*YVpl~@sOgvgTPK!T#BLi*-6eMTUYVIhAKjlm< zF)ZZ{G0cOlM${S)3XZdR;2u#943x8zk){z%)usy+7H5+tUGcB{#@>OidXHk~NOFdZ z9cGg=Gs=pW>zqgPqFr9h|E+km?CyVC?_)cSgs??mptfY8P&fMwY?u^Vw(8?FV942|x-Y6RZx`}g$TMau z7IlyY#kbjHarcz2+5J|ptMX}6Y?wgE5}rgfmY1Lj6vbxqB7?jfk4Q5v6l0a+lt6K9 zHWvz>JBqw81IsU-ZY!nob~1s&+iWgTPnYaq=>zhJ*eXSB)Ip(bHV?g&9AP!o`{{F# z1nQ15u_Dr%x0_V-eiQuEJm;j&;+hE10h33cL;i+|>cr`Twkso@pYlZhvCKwJt-vzw z;K}-z|9a0Ze0^@;?-RN7PyoFy$_d95%R^9VMVBeUp*58Fok>cN$tyGuTro=dvz^dh z1m_hIxfMpOP&3U--Nfb}?DDMm%)2>jE`uE+W|@M`;SBD4|GK|^b!@^5&aqsh(ZKZ} zQrJ;y^hp#!H$jT7-;=U7ml-co3a-rih$UM%nS#12Zubgm=lQ)<*|~6K65@RLF`?>o zBgy-~45i&}GAB=BBS%7&93#oTY?JRZ}j*bU2NlpssU0Q7gENAGALN z_Un|Gzkr7cwPu<`2RVxu*$zCvILs<#i*40%3BU^Vx9e@=Xuf!d#37Aq4&{lVB&W2` zsh5QzWV3OnL)saDxR>YP6h<<>nL3i5!S4^4Ew<3Z0YV(4o+_uq$#&MCj<-c98*sv?I3;lsDvXD>*4wRMYdf5;{;ER>H6eOtlXui$^q(|gWVVZVF)>z6}y{_UfdzhU&tU;O^BfBO$v=y{OIJyyVK`y9@#v^ z{fOq#3;vyv9*qAfHZ}I;Zyx{k?|=RCaYrNz}&Vx$sd?U6{Qaes}PFHMEuS=X^P_-XVnub!}^I-Mf8-> zDtIb*Qhm%54YKLAsf@<(<+$wp5LLTLBbcgU&mGbYj(pSr5b`|Q{HqRV;luBrvp-ROA!%4*2PJO6U0Kj$4q>HLFy2L7Ra6aJUKh)p$h z38|kdl$e_7LQ*AFC~cL|MT8cr0PCkpls`22gs~8%NiHn9r6G$hB4yE~kSUBVC56$Y za4U^2Bc#zKh?eH`@+dZG`E~;lBAs5;2dp49#j?vv*{tG`DW6?j3TYLOTS4u@LRzb6 zVoLmaEIzaG-$={+fgKq z@S`}OO@%P>BmN1`lV*z4DJ>r?`;WF5HeL>G?kJEifjv{F7f1 zHzhVoNojRKVvQ)Hpp>#LXpAYNn2@e5)Q+m(x325czg1r!|Ca6945)HD0{@k-A;V^_;_FEsKVa&nzBgif`SGMF zy(%K5l|_sJrV0pony+colGRUqeg2r~BFzV?P}7Qgwu)!7tSt3U7gnn(-i4pcYRGR@ z74-0bDVD5ckufLe@vXX^_r=8$VJE)gPV&R=U)hZAtWof9?JDh9Y~1j$nP0^p>}zZM z=@P0h%R<(e(}h$&mW7OQri(OvSQbdEc6|JvfBg6_&0+IHNOY@;^70UxRZF`q+^=c0 zw_Q03x^3UDZ1jXq<etzNN&(w~#)vbD3E6a^IOt0D z_sF8~p-Y{4KM?S8vRSr%iEl=jhGqzt<;{!{;momI80pR2Z1 z3M61zMHd07BS^romaghTWvFu6TG7ABy|c&fcvx-=SmRNtoi!1&tAR@`>*=PTRyi;c z%WArbsKpOV#ITlb63vl%g+ ztl6}9zg}zU{#$kY$hyVV%FwJ429}}fR#6K@yNY3mx)qvrqg@>J zJFKcet)ALe!C)tCYjt{OTakbrv#r?ak!?i^bjG%t)eGB7tr7aWe*Rt8YMie2UHG<| zWq`n%Ix4U}Q`2~pfpl$Q@3D(Wgd4S6l(&`sCs zsm5zzP$^xfqZ6;u8V;p;<4d*rT1KKRr23sMXBmXHoa$z}oH6*@QcbVYWs+w3*nHnx z4%+3_dNAbsfnp8muGXv~JM~b|!9XvBP-+tKu_pXfV9;VdVQo{zpuEi-A)sK z{g$81{_|f?)!~nSXwMsP;}Y5D&%CBJX}Bw^wN$r0wq_7_eYJe*)iuQT@*G;=^)~_k;u2qk;R)^QpZ{j}w zo`<92#-+*LJFn&Pik9_(>q<4j>XsFPt4mG6>V`FfD+^`8s>V`Y!~!aS8rR2oznK@d zm+YPLYMo_Qv6tqZDr%u+S2361oeIrL%P!uvERWxcKo3=^@pFve4_*hbDZOf{y{wuP zuqM5ls;TUnJv-8?*R+yd%kWNl)UaW6n%NXkweuzlCm9ZC4pIf700^T2WI)0oQ~+V@L=GeiKnW0St6p1`P z>%VKr$yoMloRXSwVPckL8z-hFVwjj=^TtUv6EsXHfsuM3p$UxcvZ)ghUc&}JRf+?r z=Dd=vsIC+`G~`uGg>(hOcl!Mw|J)*?flxk_ejt(8vRx=wMeRyib!|_|RabjdR$bGf za@CZMl~pf-wR|90YiEKIJJsVg47JQkiBm6L$eg9R1yokG zBe%w?HlVPo9lP{Zb$jZnnyq#D`|-7UAaWCl{m#F&jEO3sCZwiJYS|7|M$IjbiEnt#sK-YqY3uM( zpYvKx8&~E23f1DDL$%uW6|sHaHz@;1qJtBg7-C-3YV1yFBQ{Z0K=w{?v7FGsR|Gz4$VP=JtzQz6hsCj*MSNk)>+vrm}$`N z$Fwl_7xYGXa|@=e(qG3LRm@$Nwn}&TZd7PDT6A$^_xIn~$hE3G8t0C*ae+icbW6ZI zbVT;X@EA3z?;t^IZW<#f(HJCXOjcv$1XhE@+S%*B@d?dM47HJcPGZ)SHcHP71ay+L z=DAUlX565Yq%rx85^Tc^o#Ya5^z?@!#ogi5ABtgrTVjY_f4KEYqW*rx5Xt^<1W0x_ zGKL6thbutN*x`7se$qo-MnUU$rg>3&Z^JIFHa4sZ_O6CqL2YSR70mq%yLhviVHJ)# zqsORWbtKvj9_TS`PAcw?9XB;|=(q?b{gLA)Xbv0~!L&PW+~nF};~-`P4x3c^9VqH_ zf`0e0qm0L>^*RYa5IOn`NU+z50D>6oQy{rcCj*EPd#-aeLae7cR};|QOy{O$Omr@C zQE#4elQX6{7rD4I%ejf^NzO&8vm>HLbfWh|^nk|w-H^7lu@|B%kp50cTfx`|X)APh zLE7Sa52P)O?6x*4SQwqn);P6Vq+&BGt9X z4pLFjT4Wa~z#_Y;nHJea5U|K@f~G}w5$suHH@Vg#JBZN$8YO)j6@{H)(>GBxbc`a9 zT5nhZ1d(HufdqTQ4j_oZQ3#Uj3`>BRu{X{4$>fNR+TBS#pzZMYPHAJer>$V`G20c4 z4W71wxsPlY*Lyl`VdMG<-v(;Fkegl+?#M59ypSCs4_54{qUzcK@?hPbR=TcvZw0E^ zQBc=Ipq65*DG~)3KexF;YLfPi3gkqw2uRziQ9LwIW^n(c@P8}+NNpSKM$HUw`=9P{ZPWf7VYzb4r%Y8Yc$zWrH5J&u+%) zLH*dGXV|TAYW+TJ(Ly$As+TmbUHdvSFN%Axw525mb_LSYyR9IVv@6h#Vr_AughuW8>HIrQ$3oAt4}?|3DBK*m2{vh@mgRn;u$c4fgZ#w zf}Mv~44oZ^R|EPCuVf^4X!2z#Tx7Zo<2^`T+)n1uts!;lRLut~fWZA!7C8bHHl40O_RT@p~3b=EAEh{}F z?RmAV!3+0KsEzW*=B-hse+F$-F*az8D&13Nqk`UqHHw>2h4z88>beZAW->n^zXa?d@V+)Ee2H(t1g2RIpD4Iu-Py z)~sNR!%`OsBO$P~MY`X{u#o_A4F8d#KE@D-) z@l)Cy#k!I;;-Pv<>wZ;h`Jw*9Jx1%N6xTK20EK*NV5?&!u#QdlisxTg>=AHllt z@;xnh`501wm+pwp%eK})->#LKCe{^Tt)^uY`gPPfbElfU|J|>qPLsRU4ExZp)SMZ2 zt629&_@hHfs_u)hzj%r6MG;x3y&xjXb#I2qa_x-}SNb(OR$c3Z&^UKNi!bM+teb^x!^PS_1EU8_H7cPkn*cc*TD z_U_g-rtnVP?lj)5sps-ey-t+DpZKFasut2pwr~0HI{koxPBlYCyJkOjpi|RO(5~4H z6X?{_>e;oDo_5D~-R#&@kA1FdrI3DBMO#6muD$CE*0ohM>xO+Dt(vBiX1z}Iz<=kj z&!}2NE7?9u!|U_|1v=FX744e+n1D`ALqWS{_xQh4PpfCwYAwmX@WlKNY2!SIEdBg@ z%XsJ_QhZ&?vKP9P6jhfpOoT2Y#8M@UUDSVheXmaEJ@fhh$UEGDEyhxnh*EyDmtXLT zmSKSFDw(0`mTiEmD`lYShIxQ1H(EkfTMHo$T4gq2Ght*J8!@Au48)v*WiJMZSb?Gd z9m{$Q(6ORJ0Xl{)8K7c>gaR~L%ffpsL?LNokb(M^jd7DO1CM)Dh`n3urea1L15^yV zk#x47qukj{V>zv{d~2=;80xrMha*i5EEY zPt>zw&BwfG(*^c#OpVKtzqR)$-rAEFLRdZHD_&kU_rOIIu5)vRq+w=WAt7=rbnGGu zqoFUN0951#=;>UwZB_D=*kb2_Nun- z7O*?B0;gm7oAzluPvRrpJNpctgk2xBU$OP`x^=sLX}@mk@OA6jzG}aw^8C8>+F7Rw zD|q19hQ#rb45}faHSrjw)S;3tXw5xFL3Na*3mVgpQLH&YQiY6sDWc_M@JJiu^}rJy z={Uh&02s0Jrwq_A;{yRQsAqd%GG<&LKn8b=4@{(u2Lwp8Gn7n58DM!NB#zsNom8bQ zqYr{)F>8Kli|OMZS2} zDP3F4oU?f`<1SoVsGX8|k@(?TH3*pPd$FVvmg{9 z_c|kV@2IFM+w{=HYF0Oi{=tw%#cFjomHsi1MaAe8ZW`S~AB#fVab_WFW8^jmtc~1T zw7glEiWMph5K8;*EKJA>5$+R`dyR%a3zIQIg8?GOa~1odI$ZeNBd<_4fAd22I~7Jb zbvd#vYClk66jj$A+oI;n6h^`3LStKub|qw9AYVF$GL^b4`hF1$MdlNetoeeIt-nroBH*`mhLc$if$bE^udk?I_iB6y1kVX7Gn;@i#F7A28z+r|d&KfRnNg3GwQCEy+R1G*#-=?^>#Z=xM5v zN1tnH4gjes#^Y#8>yQk9DQ!cNcwwmt4nnDDrd~*Dnu9<}nrYyHqoz0jqoUW&Fn|B{ z_XF9)!cZlmEBf1AsWq>R6O!n`w5-`=oR&llre(|_Snq{~==%j&V!Fm;}U1eRzvQWJ`)&{ex6B-t%SHswA z*5z9ZBi@L32xZ29@hAi@U>T3LjOt{nm}M8*VybJYV#bhf3pE`|6=_HFUyP@&AAeA9 zT|a~}p+EQ%cJto5A@Tqbse_Y_HR=cGNF|+g3`;OTMWEoMk;16_{r#1#Nl^pPuX#1xp_`}# zsMWms4XPxn^t5T7>Qb+izc(Z(hCr`#ZD5s>J#Iuv1@k4lEx3O}?uQ4Jk8S+gKyM`0bnZjcINKhgYfbMybdAIAA-cwN??Y9e zeh<-Xr+?*&cP>ZCO*oZlpRFLTiV?p$)%buIxPYh}`Iqvlt`k#gc?~ymgl?6AOf6^Q zMyAk}Gmxp_quj`{e;*BGi2E%mZ+nIEkpopt-S(oCfX!i4>n!=&niRy;sM%TjwKXFE z7^9xG2yAP$Gl%-_vH8+Euau7-*ww8LPp#=>gchj1P0pHQM#zDXSmYvO;u#?Z;AE2e z&*xwMg8%>NiU0Tb2OjWMvu^d5?5+Ckqv}nc+u+ShKaTTvk3W1pvC=<$`!9d`?(q-b z{_ySZ9=|U>Rd3mEADK6Gdd;q^%wNA8s65rfAjdSfB);BS@Cjz_?^fnOrFBL7pTA~ruMhw8f4Sv} zxjYZ=htG%Om&3!Amv!luViLM_V;)m1bt}s_#Yu#pa8x0t8wsD1stlj9EKS)*K^UZ| zp_^E&U)mMxs7jO|O!FsZ z?1Cp!#SDTZ#7`*9<0Pn)iYK^iwK8S}zKG?IA%ofj*qJr;DiiB&v;|5|hNggHS}$$c+jc6RLj{X_OQp?;ja`Vtp`WLnH{E;xwSR zF5;v>wE>Dq6yX60P|gn!o^`?t4yFR}hl56FV7#PJgd`qG9G6K_7f(sa`UgpA$$rc8 zCtTENUFUhlZ>qL>>dWjNm^jM%;i7KGdtt-$iTtri2F6bqBn`|A8XOlTWmfa4W}e^^ zDZ=6@$5H(h{MaVRaDvh+<$_~x6!b76T=2vjgD8xsdrAqzMA;C; zX3C1>Y>rHm=!vko<|$!lKUH}ZpeUtDRwf1p`m~3)UHjA-7yt3s)lWRkaesZ3m(za( z0yK?;3q5rP^JGzZQuUu?{SizV4*p{!Bj#ZEXN3@QfaKa69l~!zy%EG6# z#3jwLybP^rdJvKQ+s&Z%NK6D()%OII0WqPY#!-UYpfbpnVUN5{3YC z2t&e<3F7oALq+yPvpmBU%}P||ePpV``S|+!#_y?&q0%Wjf=F9>1PvNYnDJOYAp;#H z3iON@Y zKx|Q&Vq88kLmrnIE{fVhKqohhIJa0wP`T^{x9GDp8r#2<w(>RGgntH4ay)cvM75hk}zZI$0~WstC~KgL6wmhvjtQ@ z9{#+4IXAYAYa{OK9ACxVD4wpN-dC@sxu4)u{8!&R{^~W$tJe#w@jrjn?pZy*9Q9V# z^ZxkHWpyde`x7VE(ysW`BBmRDM&CT1CL+n*U$6iafrFTSH<8^7Zxq_v=sB>*?~_fBxsLM91Rt&$5tc*niGc-6#3+ zZ=V12KM%utH5f3ftiV%furAYl_s{yfkxqgL^&gsXm_`F82}hx_$wh)|oTqH@PzJ20 zAohc;AlRxM)e$q!QNfeR$;0@kfmrS*brxuj(Mk2@cB~dkeFgfdi6wv1!Q>;@GCcgv zeM|{*&v%GK&87guHo#fRR`=0USmpT>sq=uDd*(BzY-C1N$(*7hZLxJmgbqXNQEf?N zbwKKqh)5j)mdNcPFJO}ZNACR;M59!7+B%^n!g=_Fxcfi|pHD&*vmboltqho_Nm^j# zJKP2^-}7hhK{Q=umxNGMKqJU8ZN1mFD8a#y2f~)VYEwIp2wT8J!Bd#giq8ot8}2B7 zqIp#1Q5rB$EN+qeoAucDAaIVNOX7CoEJk2ss(NpLqa+T}fsq`?sXhx}j$2u?MN6JB z?~NpR%8z=|Ct7gVHBL|#&=xi;T6uW%I*Kj{+c_&nKx2yfgT`EnWT3Al307WTnBgEU z%lIi{Ba$t6aP*Ypq<*SGS`@fI6)mC`H2Xp9Vbok@mxPVK1~Y;i)79T^OKBXt7m6rN zVuc$iqlDyT@svafeIgk{Fp0zZsVIXgDsh$ZS43JYtaqqKaC4Mh6t`mkHi8?|)f+b) zgh}Wgq&P^4!mUorG^bVegp-IZtC@%UlwoGu7>XpqaT$iS;mVj#st%(Dm%JS_8EXB+ z-)$X6jB5!Z<{KYS9M4T)(mKHan*8Ih`EkBlYs<5Gk(TWn;ixwU{q_FLK5l*&C7NGF z8qsea_m^E(T=ze+Pk7kC?jOhffuHG{p#qA-PGx3g1)1xAy`J~^`?b2L5CWb*yL0Ft zKK#Gl|Ks>A{_CeA`r&;1o+SVN@_+yN8vgrV|NMXCrzrf};XnQ@ynO$E{5AOt?^NF& zj)$*r$M=i4m&5*d?KTnlZ5TZBnUjhM8#C(`)y&M*rP$_SZb@3RMMF;Nu*^u3m1+Ip zpn;_W#M-t=3M8J0K4h={EzLJOF5>4pP2JLe{5Ah+MQ~hR-(Og(RXmB2STwPAIKJ+S zulfGK(0>u(7`xN;yyJDQ`|B&KlxM|fzIHp5JWk_{HQYYmzwWPJMf3*mAzzR0S5Ef8 zBR;aCA#Cq#b{e^4%iyeHt6m&tHJh(f^u$k?p5iJ<6P#p-X4S)=jxR54CCJn49cwc; z(nIf?PL~*9`1tEn z{wBLf^X;xWFl$hWw(X8g9~860*D)x{e=wVH+{u`q9k&5XDh`lu%pPmWotP26c@)a` z437bsnl8no-4Fand)EsY1sRKs%_$GfzrXwi2EHqg%y9BN9uKD%VL92@F@F8!FDU!# z^;mqC|NQb7k@_I#KdVxG9t-LZW`4J%`AA;eOdq7$Tgy@nGo3?IX<=g?_)qo)?tLL+CHbX!po;ib_CZ#Nf`#NQEq3Csy%3s*m@xa&2K6j(_!UQT`a){4R@f0fl`8{VQpQmXBs_-j|{c$HUhd+p) z%^>5iOhW}lSk>+=yRxo-eh`1jKXg3=*8AzSKeIk1XWiycT?IR;oMmF3_E%knKviC< z-eq3s_E%jc_O8MoW&#R7Xi};BTiqcs)PfIv%gG;` z01Za7d+^Zw(;5wohDu-fVq8bzV?0#$T-B_(KFJ}1$xvDA_`YCr^Q_rJ738xfl6Evm zTcjjZMPsn2*b;aUKMg1nuR-Blxi|nT^R?px|Ix1iH>z1d-S~wY zlrOIy_>Yz(+?u+eK@x7uUP*OJA8yHBad{ivY)pRg^uSM^cy5XA=gsoRN+N2um|PaM zGowy_n2wj~-#7_?N}`877!TI-E0oT1BJpWk)(Z7T&RR|OSVuMNBNT9Z2B^j##C|Ye ztf$mfYT&VU8jX|g%M-gQamXBupr+Q{U+VxhwJ7C&7dnDkTGSbM5;=mJy(3Of?+9vj zJuH+C5!A??QgWn4P{VeLHlr+p8n;ujFR#_O+&{Y5H&OVLnh(||?W3Sk>{HozlQT-j zDqP+!Hn;YP$|&`zY`hQ|2cs24pm2ww`8;AAdXl(UZxP05QZ+e|#dxe1kK?taH6Fr? ziC1;=1-h7yRZ)+v*<3qMu*IXDNCnzHKyR4EquoeXw?6JX+7*v>E{7DXD$up$Yf}&Q zt5XTkr({IpgZ-*g0(2c!(t1280XhqRsp!FYt|$SzhT+<)Qa}$7J7*8(Gdu~<=zHt6 znuk5~cufMda{GwNL+>e=1ZY;UJSz$`UC)zOWP!G7;wc_Z@|lqoXe6tMB$Wb9B$B;0 z_qZNI6&_oKfnkvo~b*g;(WamDQ*N^9^{Jz zso7ZV2J{1v%0G=CUf#2Fxz7#{j=c71(iVYpy{BfY@IBv$W>ONVzwIx2bC5`(ZI@9K zrN~*`r`w;bMQ&%ipjyZW1du?wy&^BL{iU3DMJ`|a8!LmZ$dB9kzBM*Ra#@i$7GMGC zV1iij{aw~nm+C<$I~6HS2TI5+qG1RxC7RHOoeq6?7)z8HhVV+mmk_4_FF|}MsMZMK z^@%ST*%?E4*`fm%IHc$7VI(D97{ZHFKQg>NykhmMuMvTlvVKGq9BN5JL+YUAvnaBgD{(#!%YNFu zR)-f>3Z_Mx*h+q`qG(}BOZaiZ4<9F!VsVq4pT;OM#3ZB6%XdfS%fd7g+{D-ElN&~Z znl#$;_ub+B)d5bD1St_z5=|vyZSq{*V{j%>w=nG3PA0kIWMbR4%}FM|MQjt!wFBzc<)o%xUo;Wd%vDLlE4v{1hWiEgVfD z)porW)eXDPh(YogKbxf;LbVZ0-9{-(^S_A(or=fAdV4g$ph$UA#3}p1$8uTM3dl#U z1XMA`HwHI77NaNS2kO93qk(U06b|JJdg#{QobQiJ3H7?LOpqV0sAtHHxy{~WTJ-Gy_%5Q{M=M1`Z? z>ky(7ElQL{)7ucrgOqVZWBh{NL6M`;>L};%_h*K9DChF);8VjYspfPzMgyyK>Q~(O z?drM*H>KTg82kUQY60p`3k)RJ&@e7n@1WU>NnyhqApy)+23C>-AS_9EcWM9dla&{v z@ev*`8Q1XRUIp!bN~KFG!7SE@9GQmmFF~~j3<9p0EXiTOTyhP=Fd4F-%ij;^i_zdB=ZjvU@@q{6vTKmMl$&Zf#Fh< zxF@6txIH7>U}=5wMNrwH#3|iGXP4};%dsymq-)@NT|XVtx#TG#=N0!6uCb`NB{#gj zB7FHBo=bn08{A2uaQI{)14xIr*6} zEa#;t0TW6pwbZ_pnEu&+pdR}%r4-hHKO~gME|T=*+UR9lzrYidkr!pygn4P>56`Hk zeS72|1fiq?eQA^AW{<8*1*cPA%$gGH*>Mh5HGH|+u{n~?vypI4Hmev;`%9UhkQ_qr7V7kU7sn!=HE;)HF-f{;BXd&l84z)Oj5(TB0_Ee?%A@T&LW` z$e*ANONE| zDBJyeOe_f1T3DDzF|Nt>DpLko=D>RR*$V-Ah1 zB7|G{epb~Ze@r_0-ARox%W+!-C?CkKCR2h2QY594H1VpKrlAI0Fq348*FB^fxx-mR zh$FFO>%@43TXN8cil-PPh#>g@j7GU)@+^dd8gHQt%~ki1h%vYkph$|je<4hwmP!yh zN~Cz8*3uapC;Op-J3%z~4kw)0>iNe4D9|~E`JhZAa_?hNP95Qy6E?{r1AYZ!(`K}z zSK`-g6JL5F$f6h+dVZz5kjv&ns(fTapr-J#LXn3n)<}dE8_**T#q31|j0L!uN{LLYm_?Eoq%m=9a+}I(TsGRLq@%rN^dWXguw3~a z03j1i^?Qy0iJ_3eINTNzy%a)b?xMF+KK(nKA)EJrlRSb~2Oi3nmbK&Jf@7pVR7Luy zhc^bornz}D%&J|r?j%(St7=#nxCTLRkCm?Rshuh32;4y;L@;Flw5>D@;mW@9r)p<+ znp~P$NT#;#T1AVC$q`P z0<1Ssbgd~fi$&0HUs%$~we4hR@e8~n$svjDUt+Qy@leFD34)O9U#(dLu~?8L=R)ur z%bWO3D-{~_W|?GTOEm6enP7h`#vfp6hkadpjbfRpQl_4C5wkjwHHTQ2*|bCy!$vx9 zg0Q-j(8+aQPqLumRcJVcb|N4j1DLYPilL5~oBdIx?`PrD1tX0rYr&5h@iJGr#zO%vlr7hJ!==3t9Dwc?@ z&R816EG=v#D5xV2UtDO1lpJp`{3)k=y0FM^v5r4spB#)B_(*KeFiT|XM*dO zn!(V+^R3SEuh?b5pa_fiS0xOfgJ+vCbz~ApcZSGu{BR&j zvHqE);wP^anYk-uSBxIFzW?@t924gpx(gme+PX-Hv96DG7@;f$j6tU3|63~p&}dmx zDXQkh*2Lfz*lCI^8sSK3Y$KuBxGCIL`=R^k4+JGd8zoB`S1mYs&>1ue)IXMT?>7cX zX@kAF!;%Zy7lV0KvfQVFsLvtolknp&t;HcBXQ7iasX+u}VHU1P1x{VQIt^(o(l4s8 z9~zfO;2W;b7e#KTQFCbb3Nc6@HizOnSpFnGV>{EN?>929$A6ZZ-_5WytFRd17KCQB zW;yRIRzy=F)8UTJ{p|y<*8-x0Bp+XfoTQTAQn(!!*8#?3sz1n4tJe#|JbQ?#Vvb+Y z@=$o}W|Wb3of(bO!8?UICXVSD4Qm>!Oo>W%(;7~O60g%7f9I({~y*+ zULZb6I?FjP8?6<7C3kN>p6A8-uD^Fp-BRttPDS z*9nigII9{W*w%%uM)kP;je>U|J;Wp6uNa4WPft(i(Jhqm$V@suhDs(iO8&(6CEPM^ zwlU2m2He9D2C6o$WZ*O@N>0&ta^7kg@opYmU;(!mLLV(yq#;6!iWk|Ekj|xRz!?X{%CP2@>C|3tRU_K)^U_z^s2Hzu(Ke9QCi5TH(+! zT101l{yZ8IGA0@mdi8A3(~qA`p!6L7yt>R3iN{TUl_>JE0$j3FH{a`@Dl)aF9WOaX z8RRL|WFRRefuv#Q5EG7IJ!~YUk_LYMRyYKAcszs7)i|JTEry4T(E$y;X)w4SXc}?^ zxJYjGEHj5IM81Zm9-8RPSl2MdP1jrVE%PpqL?}|A7PGhDX3^P+w|v&Wx@-P6rCD5y z{1K_|)Zcy&XsL12d(wbHf4{Kt!#@mKb&T3oyai2)S^KpnPGkrHOG2fw$8@Oo1e>`> z0|R}5WgmFbD8kn_6yLE{W^;8POpII^yx$CIb9^-#o9pj!;n^4=hI@$uIQ(hOl0^OP zv7hiZ?Wpvkdb*y6)|hdY>`r0t*-3vnT1bb4lkbtWP#VwarA~@F;)J42>vIzC zT^BTTk|Ly7$e$Gu#4$Yj@QS@;PsAl4Z5T+>lmOgZXT;gv5647}mMlh6P_9A68)m_t zlhnXKs

-<% } %> +<% } %> \ No newline at end of file diff --git a/frontend/js/app/nginx/certificates/list/item.js b/frontend/js/app/nginx/certificates/list/item.js index 7fa1c6814..b9a927adc 100644 --- a/frontend/js/app/nginx/certificates/list/item.js +++ b/frontend/js/app/nginx/certificates/list/item.js @@ -44,14 +44,24 @@ module.exports = Mn.View.extend({ }, }, - templateContext: { - canManage: App.Cache.User.canManage('certificates'), - isExpired: function () { - return moment(this.expires_on).isBefore(moment()); - }, - dns_providers: dns_providers + templateContext: function () { + return { + canManage: App.Cache.User.canManage('certificates'), + isExpired: function () { + return moment(this.expires_on).isBefore(moment()); + }, + dns_providers: dns_providers, + active_domain_names: function () { + const { proxy_hosts = [], redirect_hosts = [], dead_hosts = [] } = this; + return [...proxy_hosts, ...redirect_hosts, ...dead_hosts].reduce((acc, host) => { + acc.push(...(host.domain_names || [])); + return acc; + }, []); + } + }; }, + initialize: function () { this.listenTo(this.model, 'change', this.render); } diff --git a/frontend/js/app/nginx/certificates/list/main.ejs b/frontend/js/app/nginx/certificates/list/main.ejs index aa49a27fb..329b58434 100644 --- a/frontend/js/app/nginx/certificates/list/main.ejs +++ b/frontend/js/app/nginx/certificates/list/main.ejs @@ -3,6 +3,7 @@ <%- i18n('str', 'name') %> <%- i18n('all-hosts', 'cert-provider') %> <%- i18n('str', 'expires') %> + <%- i18n('str', 'status') %> <% if (canManage) { %>   <% } %> diff --git a/frontend/js/app/nginx/certificates/main.js b/frontend/js/app/nginx/certificates/main.js index 89562768b..3f9f022eb 100644 --- a/frontend/js/app/nginx/certificates/main.js +++ b/frontend/js/app/nginx/certificates/main.js @@ -74,7 +74,7 @@ module.exports = Mn.View.extend({ e.preventDefault(); let query = this.ui.query.val(); - this.fetch(['owner'], query) + this.fetch(['owner','proxy_hosts', 'dead_hosts', 'redirection_hosts'], query) .then(response => this.showData(response)) .catch(err => { this.showError(err); @@ -89,7 +89,7 @@ module.exports = Mn.View.extend({ onRender: function () { let view = this; - view.fetch(['owner']) + view.fetch(['owner','proxy_hosts', 'dead_hosts', 'redirection_hosts']) .then(response => { if (!view.isDestroyed()) { if (response && response.length) { diff --git a/frontend/js/app/user/form.ejs b/frontend/js/app/user/form.ejs index aeb268f7c..9ba84438a 100644 --- a/frontend/js/app/user/form.ejs +++ b/frontend/js/app/user/form.ejs @@ -1,10 +1,10 @@
-
-
<%- i18n('users', 'form-title', {id: id}) %>
- -
-
-
+ +
+
<%- i18n('users', 'form-title', {id: id}) %>
+ +
+
@@ -49,10 +49,10 @@
<% } %>
- -
-
- - -
+
+
+ + +
+
diff --git a/frontend/js/app/user/form.js b/frontend/js/app/user/form.js index ef92ec3e9..617a75fc9 100644 --- a/frontend/js/app/user/form.js +++ b/frontend/js/app/user/form.js @@ -19,7 +19,7 @@ module.exports = Mn.View.extend({ events: { - 'click @ui.save': function (e) { + 'submit @ui.form': function (e) { e.preventDefault(); this.ui.error.hide(); let view = this; diff --git a/frontend/js/i18n/messages.json b/frontend/js/i18n/messages.json index 0bbde4541..8eb68d18f 100644 --- a/frontend/js/i18n/messages.json +++ b/frontend/js/i18n/messages.json @@ -206,7 +206,10 @@ "reachability-other": "There is a server found at this domain but it returned an unexpected status code {code}. Is it the NPM server? Please make sure your domain points to the IP where your NPM instance is running.", "download": "Download", "renew-title": "Renew Let's Encrypt Certificate", - "search": "Search Certificate…" + "search": "Search Certificate…", + "in-use" : "In use", + "inactive": "Inactive", + "active-domain_names": "Active domain names" }, "access-lists": { "title": "Access Lists", From aedaaa18e0dd768c6c5f3fc470843b466453fcd1 Mon Sep 17 00:00:00 2001 From: Julian Gassner Date: Fri, 10 Jan 2025 05:20:28 +0100 Subject: [PATCH 102/175] Fix whitespace --- backend/models/certificate.js | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/backend/models/certificate.js b/backend/models/certificate.js index 294d6de59..d4ea21ad5 100644 --- a/backend/models/certificate.js +++ b/backend/models/certificate.js @@ -67,9 +67,9 @@ class Certificate extends Model { } static get relationMappings () { - const ProxyHost = require('./proxy_host'); - const DeadHost = require('./dead_host'); - const User = require('./user'); + const ProxyHost = require('./proxy_host'); + const DeadHost = require('./dead_host'); + const User = require('./user'); const RedirectionHost = require('./redirection_host'); return { From 59362b7477cfe998986473a7c2e2fa9583057be4 Mon Sep 17 00:00:00 2001 From: icaksh Date: Sun, 12 Jan 2025 19:16:38 +0700 Subject: [PATCH 103/175] feat: change htpasswd to openssl --- backend/internal/access-list.js | 9 +++++++-- 1 file changed, 7 insertions(+), 2 deletions(-) diff --git a/backend/internal/access-list.js b/backend/internal/access-list.js index 41c975e6e..3438abf44 100644 --- a/backend/internal/access-list.js +++ b/backend/internal/access-list.js @@ -507,8 +507,13 @@ const internalAccessList = { if (typeof item.password !== 'undefined' && item.password.length) { logger.info('Adding: ' + item.username); - utils.execFile('/usr/bin/htpasswd', ['-b', htpasswd_file, item.username, item.password]) - .then((/*result*/) => { + utils.execFile('openssl', ['passwd', '-apr1', item.password]) + .then((res) => { + try { + fs.appendFileSync(htpasswd_file, item.username + ':' + res + '\n', {encoding: 'utf8'}); + } catch (err) { + reject(err); + } next(); }) .catch((err) => { From 6343b398f011c2760639637181f9fc935cc0efa4 Mon Sep 17 00:00:00 2001 From: Julian Gassner Date: Wed, 15 Jan 2025 14:36:38 +0000 Subject: [PATCH 104/175] Add --no-deps --- global/certbot-dns-plugins.json | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/global/certbot-dns-plugins.json b/global/certbot-dns-plugins.json index 31d721cda..dad4ed1bf 100644 --- a/global/certbot-dns-plugins.json +++ b/global/certbot-dns-plugins.json @@ -515,8 +515,8 @@ "name": "ZoneEdit", "package_name": "certbot-dns-zoneedit", "version": "~=0.3.2", - "dependencies": "", + "dependencies": "--no-deps dnspython", "credentials": "dns_zoneedit_user = \ndns_zoneedit_token = ", "full_plugin_name": "dns-zoneedit" - } + } } From bb4ecf812d53cae5e8cd1519fc1224c1100ae98b Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 22 Jan 2025 07:09:04 +0000 Subject: [PATCH 105/175] Bump vite from 5.4.8 to 5.4.14 in /docs Bumps [vite](https://github.com/vitejs/vite/tree/HEAD/packages/vite) from 5.4.8 to 5.4.14. - [Release notes](https://github.com/vitejs/vite/releases) - [Changelog](https://github.com/vitejs/vite/blob/v5.4.14/packages/vite/CHANGELOG.md) - [Commits](https://github.com/vitejs/vite/commits/v5.4.14/packages/vite) --- updated-dependencies: - dependency-name: vite dependency-type: indirect ... Signed-off-by: dependabot[bot] --- docs/yarn.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/docs/yarn.lock b/docs/yarn.lock index f89b80fdf..2adc44fd4 100644 --- a/docs/yarn.lock +++ b/docs/yarn.lock @@ -1065,9 +1065,9 @@ vfile@^6.0.0: vfile-message "^4.0.0" vite@^5.4.8: - version "5.4.8" - resolved "https://registry.yarnpkg.com/vite/-/vite-5.4.8.tgz#af548ce1c211b2785478d3ba3e8da51e39a287e8" - integrity sha512-FqrItQ4DT1NC4zCUqMB4c4AZORMKIa0m8/URVCZ77OZ/QSNeJ54bU1vrFADbDsuwfIPcgknRkmqakQcgnL4GiQ== + version "5.4.14" + resolved "https://registry.yarnpkg.com/vite/-/vite-5.4.14.tgz#ff8255edb02134df180dcfca1916c37a6abe8408" + integrity sha512-EK5cY7Q1D8JNhSaPKVK4pwBFvaTmZxEnoKXLG/U9gmdDcihQGNzFlgIvaxezFR4glP1LsuiedwMBqCXH3wZccA== dependencies: esbuild "^0.21.3" postcss "^8.4.43" From ad5936c530db6748bd292ee3954e980926091a34 Mon Sep 17 00:00:00 2001 From: nwagenmakers <61746683+nwagenmakers@users.noreply.github.com> Date: Sat, 1 Feb 2025 13:10:53 +0100 Subject: [PATCH 106/175] Update certbot-dns-plugins.json (mijn-host) Updated credentials hint/text in mijn-host plugin entry --- global/certbot-dns-plugins.json | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/global/certbot-dns-plugins.json b/global/certbot-dns-plugins.json index bb0682a01..01d3bd51a 100644 --- a/global/certbot-dns-plugins.json +++ b/global/certbot-dns-plugins.json @@ -364,7 +364,7 @@ "package_name": "certbot-dns-mijn-host", "version": "~=0.0.4", "dependencies": "", - "credentials": "dns-mijn-host-credentials = /etc/letsencrypt/mijnhost-credentials.ini", + "credentials": "dns_mijn_host_api_key=0123456789abcdef0123456789abcdef", "full_plugin_name": "dns-mijn-host" }, "namecheap": { @@ -535,4 +535,4 @@ "credentials": "edgedns_client_secret = as3d1asd5d1a32sdfsdfs2d1asd5=\nedgedns_host = sdflskjdf-dfsdfsdf-sdfsdfsdf.luna.akamaiapis.net\nedgedns_access_token = kjdsi3-34rfsdfsdf-234234fsdfsdf\nedgedns_client_token = dkfjdf-342fsdfsd-23fsdfsdfsdf", "full_plugin_name": "edgedns" } -} \ No newline at end of file +} From 57cd2a19198e7f7589529f477c4ed5dbfe1d26b5 Mon Sep 17 00:00:00 2001 From: Sander Jochems Date: Mon, 3 Feb 2025 21:47:41 +0100 Subject: [PATCH 107/175] Fix type for token.expires --- backend/schema/components/token-object.json | 7 +++---- backend/schema/paths/tokens/get.json | 2 +- backend/schema/paths/tokens/post.json | 2 +- 3 files changed, 5 insertions(+), 6 deletions(-) diff --git a/backend/schema/components/token-object.json b/backend/schema/components/token-object.json index a7044bce9..6ec4e4348 100644 --- a/backend/schema/components/token-object.json +++ b/backend/schema/components/token-object.json @@ -5,10 +5,9 @@ "additionalProperties": false, "properties": { "expires": { - "description": "Token Expiry Unix Time", - "example": 1566540249, - "minimum": 1, - "type": "number" + "description": "Token Expiry ISO Time String", + "example": "2025-02-04T20:40:46.340Z", + "type": "string" }, "token": { "description": "JWT Token", diff --git a/backend/schema/paths/tokens/get.json b/backend/schema/paths/tokens/get.json index 859bc61a4..ef842eafe 100644 --- a/backend/schema/paths/tokens/get.json +++ b/backend/schema/paths/tokens/get.json @@ -15,7 +15,7 @@ "examples": { "default": { "value": { - "expires": 1566540510, + "expires": "2025-02-04T20:40:46.340Z", "token": "eyJhbGciOiJSUzUxMiIsInR5cCI6IkpXVCJ9.ey...xaHKYr3Kk6MvkUjcC4" } } diff --git a/backend/schema/paths/tokens/post.json b/backend/schema/paths/tokens/post.json index dece6b656..99703ff0d 100644 --- a/backend/schema/paths/tokens/post.json +++ b/backend/schema/paths/tokens/post.json @@ -38,7 +38,7 @@ "default": { "value": { "result": { - "expires": 1566540510, + "expires": "2025-02-04T20:40:46.340Z", "token": "eyJhbGciOiJSUzUxMiIsInR5cCI6IkpXVCJ9.ey...xaHKYr3Kk6MvkUjcC4" } } From 3091c21caef3fc68fefb105b26ef7cb11e5ef1a9 Mon Sep 17 00:00:00 2001 From: jbowring Date: Sun, 24 Mar 2024 17:11:04 +0000 Subject: [PATCH 108/175] Add SSL certificate to TCP streams if certificate in database --- backend/templates/_certificates.conf | 1 + backend/templates/_certificates_stream.conf | 13 +++++++++++++ backend/templates/stream.conf | 8 +++++--- .../etc/nginx/conf.d/include/ssl-cache-stream.conf | 2 ++ .../rootfs/etc/nginx/conf.d/include/ssl-cache.conf | 2 ++ .../etc/nginx/conf.d/include/ssl-ciphers.conf | 3 --- 6 files changed, 23 insertions(+), 6 deletions(-) create mode 100644 backend/templates/_certificates_stream.conf create mode 100644 docker/rootfs/etc/nginx/conf.d/include/ssl-cache-stream.conf create mode 100644 docker/rootfs/etc/nginx/conf.d/include/ssl-cache.conf diff --git a/backend/templates/_certificates.conf b/backend/templates/_certificates.conf index 06ca7bb87..efcca5cd5 100644 --- a/backend/templates/_certificates.conf +++ b/backend/templates/_certificates.conf @@ -2,6 +2,7 @@ {% if certificate.provider == "letsencrypt" %} # Let's Encrypt SSL include conf.d/include/letsencrypt-acme-challenge.conf; + include conf.d/include/ssl-cache.conf; include conf.d/include/ssl-ciphers.conf; ssl_certificate /etc/letsencrypt/live/npm-{{ certificate_id }}/fullchain.pem; ssl_certificate_key /etc/letsencrypt/live/npm-{{ certificate_id }}/privkey.pem; diff --git a/backend/templates/_certificates_stream.conf b/backend/templates/_certificates_stream.conf new file mode 100644 index 000000000..b213cf666 --- /dev/null +++ b/backend/templates/_certificates_stream.conf @@ -0,0 +1,13 @@ +{% if certificate and certificate_id > 0 -%} +{% if certificate.provider == "letsencrypt" %} + # Let's Encrypt SSL + include conf.d/include/ssl-cache-stream.conf; + include conf.d/include/ssl-ciphers.conf; + ssl_certificate /etc/letsencrypt/live/npm-{{ certificate_id }}/fullchain.pem; + ssl_certificate_key /etc/letsencrypt/live/npm-{{ certificate_id }}/privkey.pem; +{% else %} + # Custom SSL + ssl_certificate /data/custom_ssl/npm-{{ certificate_id }}/fullchain.pem; + ssl_certificate_key /data/custom_ssl/npm-{{ certificate_id }}/privkey.pem; +{% endif %} +{% endif %} diff --git a/backend/templates/stream.conf b/backend/templates/stream.conf index 76159a646..8345699c4 100644 --- a/backend/templates/stream.conf +++ b/backend/templates/stream.conf @@ -5,13 +5,15 @@ {% if enabled %} {% if tcp_forwarding == 1 or tcp_forwarding == true -%} server { - listen {{ incoming_port }}; + listen {{ incoming_port }}{% if certificate %} ssl{% endif %}; {% if ipv6 -%} - listen [::]:{{ incoming_port }}; + listen [::]:{{ incoming_port }}{% if certificate %} ssl{% endif %}; {% else -%} - #listen [::]:{{ incoming_port }}; + #listen [::]:{{ incoming_port }}{% if certificate %} ssl{% endif %}; {% endif %} +{% include "_certificates_stream.conf" %} + proxy_pass {{ forwarding_host }}:{{ forwarding_port }}; # Custom diff --git a/docker/rootfs/etc/nginx/conf.d/include/ssl-cache-stream.conf b/docker/rootfs/etc/nginx/conf.d/include/ssl-cache-stream.conf new file mode 100644 index 000000000..433555dfa --- /dev/null +++ b/docker/rootfs/etc/nginx/conf.d/include/ssl-cache-stream.conf @@ -0,0 +1,2 @@ +ssl_session_timeout 5m; +ssl_session_cache shared:SSL_stream:50m; diff --git a/docker/rootfs/etc/nginx/conf.d/include/ssl-cache.conf b/docker/rootfs/etc/nginx/conf.d/include/ssl-cache.conf new file mode 100644 index 000000000..aa7ba2cb7 --- /dev/null +++ b/docker/rootfs/etc/nginx/conf.d/include/ssl-cache.conf @@ -0,0 +1,2 @@ +ssl_session_timeout 5m; +ssl_session_cache shared:SSL:50m; diff --git a/docker/rootfs/etc/nginx/conf.d/include/ssl-ciphers.conf b/docker/rootfs/etc/nginx/conf.d/include/ssl-ciphers.conf index 233abb6e9..b5dacfb57 100644 --- a/docker/rootfs/etc/nginx/conf.d/include/ssl-ciphers.conf +++ b/docker/rootfs/etc/nginx/conf.d/include/ssl-ciphers.conf @@ -1,6 +1,3 @@ -ssl_session_timeout 5m; -ssl_session_cache shared:SSL:50m; - # intermediate configuration. tweak to your needs. ssl_protocols TLSv1.2 TLSv1.3; ssl_ciphers 'ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384'; From 3dbc70faa6619d3918a2528f9ac9f632116c2450 Mon Sep 17 00:00:00 2001 From: jbowring Date: Sun, 24 Mar 2024 19:01:24 +0000 Subject: [PATCH 109/175] Add SSL tab to stream UI --- frontend/js/app/nginx/stream/form.ejs | 213 +++++++++++++++++++++----- frontend/js/app/nginx/stream/form.js | 167 ++++++++++++++++++-- frontend/js/i18n/messages.json | 3 +- frontend/js/models/stream.js | 5 +- 4 files changed, 336 insertions(+), 52 deletions(-) diff --git a/frontend/js/app/nginx/stream/form.ejs b/frontend/js/app/nginx/stream/form.ejs index 1fc4f1342..800945f36 100644 --- a/frontend/js/app/nginx/stream/form.ejs +++ b/frontend/js/app/nginx/stream/form.ejs @@ -3,48 +3,187 @@
<%- i18n('streams', 'form-title', {id: id}) %>
-
+
+
-
-
-
- - + +
+ +
+
+
+
+ + +
+
+
+
+ + +
+
+
+
+ + +
+
+
+
+ +
+
+
+
+ +
+
+
+
<%- i18n('streams', 'forward-type-error') %>
+
-
-
- - + + +
+
+
+
+ + +
+
+ + +
+
+ + +
+
+ +
+
+
+
+
<%= i18n('ssl', 'certbot-warning') %>
+ + +
+
+
+ + +
+
+
+ + +
+
+
+ + +
+ + <%= i18n('ssl', 'credentials-file-content-info') %> +
+
+ + <%= i18n('ssl', 'stored-as-plaintext-info') %> +
+
+
+
+ + +
+
+
+ + +
+ + <%= i18n('ssl', 'propagation-seconds-info') %> +
+
+
+
+
+
+ + +
+
+ + +
+
+
+
+ +
+
-
-
- - -
-
-
-
- -
-
-
-
- -
-
-
-
<%- i18n('streams', 'forward-type-error') %>
-
diff --git a/frontend/js/app/nginx/stream/form.js b/frontend/js/app/nginx/stream/form.js index be8fc8bc2..cd012f9b0 100644 --- a/frontend/js/app/nginx/stream/form.js +++ b/frontend/js/app/nginx/stream/form.js @@ -1,24 +1,38 @@ -const Mn = require('backbone.marionette'); -const App = require('../../main'); -const StreamModel = require('../../../models/stream'); -const template = require('./form.ejs'); +const Mn = require('backbone.marionette'); +const App = require('../../main'); +const StreamModel = require('../../../models/stream'); +const template = require('./form.ejs'); +const dns_providers = require('../../../../../global/certbot-dns-plugins'); require('jquery-serializejson'); require('jquery-mask-plugin'); require('selectize'); +const Helpers = require("../../../lib/helpers"); +const certListItemTemplate = require("../certificates-list-item.ejs"); +const i18n = require("../../i18n"); module.exports = Mn.View.extend({ template: template, className: 'modal-dialog', ui: { - form: 'form', - forwarding_host: 'input[name="forwarding_host"]', - type_error: '.forward-type-error', - buttons: '.modal-footer button', - switches: '.custom-switch-input', - cancel: 'button.cancel', - save: 'button.save' + form: 'form', + forwarding_host: 'input[name="forwarding_host"]', + type_error: '.forward-type-error', + buttons: '.modal-footer button', + switches: '.custom-switch-input', + cancel: 'button.cancel', + save: 'button.save', + le_error_info: '#le-error-info', + certificate_select: 'select[name="certificate_id"]', + domain_names: 'input[name="domain_names"]', + dns_challenge_switch: 'input[name="meta[dns_challenge]"]', + dns_challenge_content: '.dns-challenge', + dns_provider: 'select[name="meta[dns_provider]"]', + credentials_file_content: '.credentials-file-content', + dns_provider_credentials: 'textarea[name="meta[dns_provider_credentials]"]', + propagation_seconds: 'input[name="meta[propagation_seconds]"]', + letsencrypt: '.letsencrypt' }, events: { @@ -48,6 +62,35 @@ module.exports = Mn.View.extend({ data.tcp_forwarding = !!data.tcp_forwarding; data.udp_forwarding = !!data.udp_forwarding; + if (typeof data.meta === 'undefined') data.meta = {}; + data.meta.letsencrypt_agree = data.meta.letsencrypt_agree == 1; + data.meta.dns_challenge = true; + + if (data.meta.propagation_seconds === '') data.meta.propagation_seconds = undefined; + + if (typeof data.domain_names === 'string' && data.domain_names) { + data.domain_names = data.domain_names.split(','); + } + + // Check for any domain names containing wildcards, which are not allowed with letsencrypt + if (data.certificate_id === 'new') { + let domain_err = false; + if (!data.meta.dns_challenge) { + data.domain_names.map(function (name) { + if (name.match(/\*/im)) { + domain_err = true; + } + }); + } + + if (domain_err) { + alert(i18n('ssl', 'no-wildcard-without-dns')); + return; + } + } else { + data.certificate_id = parseInt(data.certificate_id, 10); + } + let method = App.Api.Nginx.Streams.create; let is_new = true; @@ -70,10 +113,108 @@ module.exports = Mn.View.extend({ }); }) .catch(err => { - alert(err.message); + let more_info = ''; + if (err.code === 500 && err.debug) { + try { + more_info = JSON.parse(err.debug).debug.stack.join("\n"); + } catch (e) { + } + } + this.ui.le_error_info[0].innerHTML = `${err.message}${more_info !== '' ? `
${more_info}
` : ''}`; + this.ui.le_error_info.show(); + this.ui.le_error_info[0].scrollIntoView(); this.ui.buttons.prop('disabled', false).removeClass('btn-disabled'); + this.ui.save.removeClass('btn-loading'); }); - } + }, + + 'change @ui.certificate_select': function () { + let id = this.ui.certificate_select.val(); + if (id === 'new') { + this.ui.letsencrypt.show().find('input').prop('disabled', false); + this.ui.domain_names.prop('required', 'required'); + + this.ui.dns_challenge_switch + .prop('disabled', true) + .parents('.form-group') + .css('opacity', 0.5); + + this.ui.dns_provider.prop('required', 'required'); + const selected_provider = this.ui.dns_provider[0].options[this.ui.dns_provider[0].selectedIndex].value; + if (selected_provider != '' && dns_providers[selected_provider].credentials !== false) { + this.ui.dns_provider_credentials.prop('required', 'required'); + } + this.ui.dns_challenge_content.show(); + } else { + this.ui.letsencrypt.hide().find('input').prop('disabled', true); + } + }, + + 'change @ui.dns_provider': function () { + const selected_provider = this.ui.dns_provider[0].options[this.ui.dns_provider[0].selectedIndex].value; + if (selected_provider != '' && dns_providers[selected_provider].credentials !== false) { + this.ui.dns_provider_credentials.prop('required', 'required'); + this.ui.dns_provider_credentials[0].value = dns_providers[selected_provider].credentials; + this.ui.credentials_file_content.show(); + } else { + this.ui.dns_provider_credentials.prop('required', false); + this.ui.credentials_file_content.hide(); + } + }, + }, + + templateContext: { + getLetsencryptEmail: function () { + return App.Cache.User.get('email'); + }, + getDnsProvider: function () { + return typeof this.meta.dns_provider !== 'undefined' && this.meta.dns_provider != '' ? this.meta.dns_provider : null; + }, + getDnsProviderCredentials: function () { + return typeof this.meta.dns_provider_credentials !== 'undefined' ? this.meta.dns_provider_credentials : ''; + }, + getPropagationSeconds: function () { + return typeof this.meta.propagation_seconds !== 'undefined' ? this.meta.propagation_seconds : ''; + }, + dns_plugins: dns_providers, + }, + + onRender: function () { + let view = this; + + // Certificates + this.ui.le_error_info.hide(); + this.ui.dns_challenge_content.hide(); + this.ui.credentials_file_content.hide(); + this.ui.letsencrypt.hide(); + this.ui.certificate_select.selectize({ + valueField: 'id', + labelField: 'nice_name', + searchField: ['nice_name', 'domain_names'], + create: false, + preload: true, + allowEmptyOption: true, + render: { + option: function (item) { + item.i18n = App.i18n; + item.formatDbDate = Helpers.formatDbDate; + return certListItemTemplate(item); + } + }, + load: function (query, callback) { + App.Api.Nginx.Certificates.getAll() + .then(rows => { + callback(rows); + }) + .catch(err => { + console.error(err); + callback(); + }); + }, + onLoad: function () { + view.ui.certificate_select[0].selectize.setValue(view.model.get('certificate_id')); + } + }); }, initialize: function (options) { diff --git a/frontend/js/i18n/messages.json b/frontend/js/i18n/messages.json index 0bbde4541..5aabbb0ce 100644 --- a/frontend/js/i18n/messages.json +++ b/frontend/js/i18n/messages.json @@ -179,7 +179,8 @@ "delete-confirm": "Are you sure you want to delete this Stream?", "help-title": "What is a Stream?", "help-content": "A relatively new feature for Nginx, a Stream will serve to forward TCP/UDP traffic directly to another computer on the network.\nIf you're running game servers, FTP or SSH servers this can come in handy.", - "search": "Search Incoming Port…" + "search": "Search Incoming Port…", + "ssl-certificate": "SSL Certificate for TCP Forwarding" }, "certificates": { "title": "SSL Certificates", diff --git a/frontend/js/models/stream.js b/frontend/js/models/stream.js index ba035429a..390c4fb05 100644 --- a/frontend/js/models/stream.js +++ b/frontend/js/models/stream.js @@ -15,8 +15,11 @@ const model = Backbone.Model.extend({ udp_forwarding: false, enabled: true, meta: {}, + certificate_id: 0, + domain_names: [], // The following are expansions: - owner: null + owner: null, + certificate: null }; } }); From ee4250d770f7b9792e201107ef96798d4543a0da Mon Sep 17 00:00:00 2001 From: jbowring Date: Sat, 27 Apr 2024 15:49:23 +0100 Subject: [PATCH 110/175] Add SSL column to streams table UI --- frontend/js/app/nginx/stream/list/item.ejs | 8 +++++++- frontend/js/app/nginx/stream/list/main.ejs | 1 + frontend/js/i18n/messages.json | 3 ++- 3 files changed, 10 insertions(+), 2 deletions(-) diff --git a/frontend/js/app/nginx/stream/list/item.ejs b/frontend/js/app/nginx/stream/list/item.ejs index 2b4cb626b..936247ef8 100644 --- a/frontend/js/app/nginx/stream/list/item.ejs +++ b/frontend/js/app/nginx/stream/list/item.ejs @@ -16,7 +16,10 @@
- <% if (tcp_forwarding) { %> + <% if (certificate) { %> + <%- i18n('streams', 'tcp+ssl') %> + <% } + else if (tcp_forwarding) { %> <%- i18n('streams', 'tcp') %> <% } if (udp_forwarding) { %> @@ -24,6 +27,9 @@ <% } %>
+ +
<%- certificate && certificate_id ? i18n('ssl', certificate.provider) : i18n('all-hosts', 'none') %>
+ <% var o = isOnline(); diff --git a/frontend/js/app/nginx/stream/list/main.ejs b/frontend/js/app/nginx/stream/list/main.ejs index 5304f6145..57ab6b2ad 100644 --- a/frontend/js/app/nginx/stream/list/main.ejs +++ b/frontend/js/app/nginx/stream/list/main.ejs @@ -3,6 +3,7 @@ <%- i18n('streams', 'incoming-port') %> <%- i18n('str', 'destination') %> <%- i18n('streams', 'protocol') %> + <%- i18n('str', 'ssl') %> <%- i18n('str', 'status') %> <% if (canManage) { %>   diff --git a/frontend/js/i18n/messages.json b/frontend/js/i18n/messages.json index 5aabbb0ce..aa42cbbd8 100644 --- a/frontend/js/i18n/messages.json +++ b/frontend/js/i18n/messages.json @@ -180,7 +180,8 @@ "help-title": "What is a Stream?", "help-content": "A relatively new feature for Nginx, a Stream will serve to forward TCP/UDP traffic directly to another computer on the network.\nIf you're running game servers, FTP or SSH servers this can come in handy.", "search": "Search Incoming Port…", - "ssl-certificate": "SSL Certificate for TCP Forwarding" + "ssl-certificate": "SSL Certificate for TCP Forwarding", + "tcp+ssl": "TCP+SSL" }, "certificates": { "title": "SSL Certificates", From cd80cc8e4db0edcd482ce8fe99be2c21e589a473 Mon Sep 17 00:00:00 2001 From: jbowring Date: Sun, 2 Jun 2024 20:03:28 +0100 Subject: [PATCH 111/175] Add certificate to streams database model --- backend/internal/stream.js | 99 ++++++++++++++++--- .../migrations/20240427161436_stream_ssl.js | 38 +++++++ backend/models/stream.js | 25 +++-- frontend/js/app/nginx/stream/main.js | 2 +- 4 files changed, 142 insertions(+), 22 deletions(-) create mode 100644 backend/migrations/20240427161436_stream_ssl.js diff --git a/backend/internal/stream.js b/backend/internal/stream.js index 9f76a1def..526ceba82 100644 --- a/backend/internal/stream.js +++ b/backend/internal/stream.js @@ -1,10 +1,12 @@ -const _ = require('lodash'); -const error = require('../lib/error'); -const utils = require('../lib/utils'); -const streamModel = require('../models/stream'); -const internalNginx = require('./nginx'); -const internalAuditLog = require('./audit-log'); -const {castJsonIfNeed} = require('../lib/helpers'); +const _ = require('lodash'); +const error = require('../lib/error'); +const utils = require('../lib/utils'); +const streamModel = require('../models/stream'); +const internalNginx = require('./nginx'); +const internalAuditLog = require('./audit-log'); +const internalCertificate = require('./certificate'); +const internalHost = require('./host'); +const {castJsonIfNeed} = require('../lib/helpers'); function omissions () { return ['is_deleted']; @@ -18,6 +20,12 @@ const internalStream = { * @returns {Promise} */ create: (access, data) => { + let create_certificate = data.certificate_id === 'new'; + + if (create_certificate) { + delete data.certificate_id; + } + return access.can('streams:create', data) .then((/*access_data*/) => { // TODO: At this point the existing ports should have been checked @@ -27,11 +35,40 @@ const internalStream = { data.meta = {}; } + let data_no_domains = structuredClone(data); + + // streams aren't routed by domain name so don't store domain names in the DB + delete data_no_domains.domain_names; + return streamModel .query() - .insertAndFetch(data) + .insertAndFetch(data_no_domains) .then(utils.omitRow(omissions())); }) + .then((row) => { + if (create_certificate) { + return internalCertificate.createQuickCertificate(access, data) + .then((cert) => { + // update host with cert id + return internalStream.update(access, { + id: row.id, + certificate_id: cert.id + }); + }) + .then(() => { + return row; + }); + } else { + return row; + } + }) + .then((row) => { + // re-fetch with cert + return internalStream.get(access, { + id: row.id, + expand: ['certificate', 'owner'] + }); + }) .then((row) => { // Configure nginx return internalNginx.configure(streamModel, 'stream', row) @@ -60,6 +97,12 @@ const internalStream = { * @return {Promise} */ update: (access, data) => { + let create_certificate = data.certificate_id === 'new'; + + if (create_certificate) { + delete data.certificate_id; + } + return access.can('streams:update', data.id) .then((/*access_data*/) => { // TODO: at this point the existing streams should have been checked @@ -71,6 +114,28 @@ const internalStream = { throw new error.InternalValidationError('Stream could not be updated, IDs do not match: ' + row.id + ' !== ' + data.id); } + if (create_certificate) { + return internalCertificate.createQuickCertificate(access, { + domain_names: data.domain_names || row.domain_names, + meta: _.assign({}, row.meta, data.meta) + }) + .then((cert) => { + // update host with cert id + data.certificate_id = cert.id; + }) + .then(() => { + return row; + }); + } else { + return row; + } + }) + .then((row) => { + // Add domain_names to the data in case it isn't there, so that the audit log renders correctly. The order is important here. + data = _.assign({}, { + domain_names: row.domain_names + }, data); + return streamModel .query() .patchAndFetchById(row.id, data) @@ -115,7 +180,7 @@ const internalStream = { .query() .where('is_deleted', 0) .andWhere('id', data.id) - .allowGraph('[owner]') + .allowGraph('[owner,certificate]') .first(); if (access_data.permission_visibility !== 'all') { @@ -132,6 +197,7 @@ const internalStream = { if (!row || !row.id) { throw new error.ItemNotFoundError(data.id); } + row = internalHost.cleanRowCertificateMeta(row); // Custom omissions if (typeof data.omit !== 'undefined' && data.omit !== null) { row = _.omit(row, data.omit); @@ -197,14 +263,14 @@ const internalStream = { .then(() => { return internalStream.get(access, { id: data.id, - expand: ['owner'] + expand: ['certificate', 'owner'] }); }) .then((row) => { if (!row || !row.id) { throw new error.ItemNotFoundError(data.id); } else if (row.enabled) { - throw new error.ValidationError('Host is already enabled'); + throw new error.ValidationError('Stream is already enabled'); } row.enabled = 1; @@ -250,7 +316,7 @@ const internalStream = { if (!row || !row.id) { throw new error.ItemNotFoundError(data.id); } else if (!row.enabled) { - throw new error.ValidationError('Host is already disabled'); + throw new error.ValidationError('Stream is already disabled'); } row.enabled = 0; @@ -298,7 +364,7 @@ const internalStream = { .query() .where('is_deleted', 0) .groupBy('id') - .allowGraph('[owner]') + .allowGraph('[owner,certificate]') .orderByRaw('CAST(incoming_port AS INTEGER) ASC'); if (access_data.permission_visibility !== 'all') { @@ -317,6 +383,13 @@ const internalStream = { } return query.then(utils.omitRows(omissions())); + }) + .then((rows) => { + if (typeof expand !== 'undefined' && expand !== null && expand.indexOf('certificate') !== -1) { + return internalHost.cleanAllRowsCertificateMeta(rows); + } + + return rows; }); }, diff --git a/backend/migrations/20240427161436_stream_ssl.js b/backend/migrations/20240427161436_stream_ssl.js new file mode 100644 index 000000000..5f47b18ec --- /dev/null +++ b/backend/migrations/20240427161436_stream_ssl.js @@ -0,0 +1,38 @@ +const migrate_name = 'stream_ssl'; +const logger = require('../logger').migrate; + +/** + * Migrate + * + * @see http://knexjs.org/#Schema + * + * @param {Object} knex + * @returns {Promise} + */ +exports.up = function (knex) { + logger.info('[' + migrate_name + '] Migrating Up...'); + + return knex.schema.table('stream', (table) => { + table.integer('certificate_id').notNull().unsigned().defaultTo(0); + }) + .then(function () { + logger.info('[' + migrate_name + '] stream Table altered'); + }); +}; + +/** + * Undo Migrate + * + * @param {Object} knex + * @returns {Promise} + */ +exports.down = function (knex) { + logger.info('[' + migrate_name + '] Migrating Down...'); + + return knex.schema.table('stream', (table) => { + table.dropColumn('certificate_id'); + }) + .then(function () { + logger.info('[' + migrate_name + '] stream Table altered'); + }); +}; diff --git a/backend/models/stream.js b/backend/models/stream.js index b96ca5a17..40fd601ce 100644 --- a/backend/models/stream.js +++ b/backend/models/stream.js @@ -1,11 +1,9 @@ -// Objection Docs: -// http://vincit.github.io/objection.js/ - -const db = require('../db'); -const helpers = require('../lib/helpers'); -const Model = require('objection').Model; -const User = require('./user'); -const now = require('./now_helper'); +const Model = require('objection').Model; +const db = require('../db'); +const helpers = require('../lib/helpers'); +const User = require('./user'); +const Certificate = require('./certificate'); +const now = require('./now_helper'); Model.knex(db); @@ -64,6 +62,17 @@ class Stream extends Model { modify: function (qb) { qb.where('user.is_deleted', 0); } + }, + certificate: { + relation: Model.HasOneRelation, + modelClass: Certificate, + join: { + from: 'stream.certificate_id', + to: 'certificate.id' + }, + modify: function (qb) { + qb.where('certificate.is_deleted', 0); + } } }; } diff --git a/frontend/js/app/nginx/stream/main.js b/frontend/js/app/nginx/stream/main.js index 8a86e5836..83bdc15e1 100644 --- a/frontend/js/app/nginx/stream/main.js +++ b/frontend/js/app/nginx/stream/main.js @@ -88,7 +88,7 @@ module.exports = Mn.View.extend({ onRender: function () { let view = this; - view.fetch(['owner']) + view.fetch(['owner', 'certificate']) .then(response => { if (!view.isDestroyed()) { if (response && response.length) { From 4452f014b9b0125e2a6cf07d1f46e104355e912d Mon Sep 17 00:00:00 2001 From: jbowring Date: Mon, 22 Jul 2024 20:53:21 +0100 Subject: [PATCH 112/175] Fix whitespace in nginx stream config --- backend/templates/_certificates_stream.conf | 8 ++++---- backend/templates/stream.conf | 20 +++++++------------- 2 files changed, 11 insertions(+), 17 deletions(-) diff --git a/backend/templates/_certificates_stream.conf b/backend/templates/_certificates_stream.conf index b213cf666..ba7812fdd 100644 --- a/backend/templates/_certificates_stream.conf +++ b/backend/templates/_certificates_stream.conf @@ -1,13 +1,13 @@ -{% if certificate and certificate_id > 0 -%} +{% if certificate and certificate_id > 0 %} {% if certificate.provider == "letsencrypt" %} # Let's Encrypt SSL include conf.d/include/ssl-cache-stream.conf; include conf.d/include/ssl-ciphers.conf; ssl_certificate /etc/letsencrypt/live/npm-{{ certificate_id }}/fullchain.pem; ssl_certificate_key /etc/letsencrypt/live/npm-{{ certificate_id }}/privkey.pem; -{% else %} +{%- else %} # Custom SSL ssl_certificate /data/custom_ssl/npm-{{ certificate_id }}/fullchain.pem; ssl_certificate_key /data/custom_ssl/npm-{{ certificate_id }}/privkey.pem; -{% endif %} -{% endif %} +{%- endif -%} +{%- endif -%} diff --git a/backend/templates/stream.conf b/backend/templates/stream.conf index 8345699c4..7333aaee1 100644 --- a/backend/templates/stream.conf +++ b/backend/templates/stream.conf @@ -5,14 +5,10 @@ {% if enabled %} {% if tcp_forwarding == 1 or tcp_forwarding == true -%} server { - listen {{ incoming_port }}{% if certificate %} ssl{% endif %}; -{% if ipv6 -%} - listen [::]:{{ incoming_port }}{% if certificate %} ssl{% endif %}; -{% else -%} - #listen [::]:{{ incoming_port }}{% if certificate %} ssl{% endif %}; -{% endif %} + listen {{ incoming_port }} {%- if certificate %} ssl {%- endif %}; + {% unless ipv6 -%} # {%- endunless -%} listen [::]:{{ incoming_port }} {%- if certificate %} ssl {%- endif %}; -{% include "_certificates_stream.conf" %} + {%- include "_certificates_stream.conf" %} proxy_pass {{ forwarding_host }}:{{ forwarding_port }}; @@ -21,14 +17,12 @@ server { include /data/nginx/custom/server_stream_tcp[.]conf; } {% endif %} -{% if udp_forwarding == 1 or udp_forwarding == true %} + +{% if udp_forwarding == 1 or udp_forwarding == true -%} server { listen {{ incoming_port }} udp; -{% if ipv6 -%} - listen [::]:{{ incoming_port }} udp; -{% else -%} - #listen [::]:{{ incoming_port }} udp; -{% endif %} + {% unless ipv6 -%} # {%- endunless -%} listen [::]:{{ incoming_port }} udp; + proxy_pass {{ forwarding_host }}:{{ forwarding_port }}; # Custom From 2657af97cf1e0ec46fdc4cde43e2a69482993d4c Mon Sep 17 00:00:00 2001 From: jbowring Date: Tue, 23 Jul 2024 08:39:18 +0100 Subject: [PATCH 113/175] Fix stream update not persisting --- backend/internal/stream.js | 22 +++++++++++++--------- 1 file changed, 13 insertions(+), 9 deletions(-) diff --git a/backend/internal/stream.js b/backend/internal/stream.js index 526ceba82..36cb40554 100644 --- a/backend/internal/stream.js +++ b/backend/internal/stream.js @@ -35,9 +35,8 @@ const internalStream = { data.meta = {}; } - let data_no_domains = structuredClone(data); - // streams aren't routed by domain name so don't store domain names in the DB + let data_no_domains = structuredClone(data); delete data_no_domains.domain_names; return streamModel @@ -73,7 +72,7 @@ const internalStream = { // Configure nginx return internalNginx.configure(streamModel, 'stream', row) .then(() => { - return internalStream.get(access, {id: row.id, expand: ['owner']}); + return row; }); }) .then((row) => { @@ -140,12 +139,6 @@ const internalStream = { .query() .patchAndFetchById(row.id, data) .then(utils.omitRow(omissions())) - .then((saved_row) => { - return internalNginx.configure(streamModel, 'stream', saved_row) - .then(() => { - return internalStream.get(access, {id: row.id, expand: ['owner']}); - }); - }) .then((saved_row) => { // Add to audit log return internalAuditLog.add(access, { @@ -158,6 +151,17 @@ const internalStream = { return saved_row; }); }); + }) + .then(() => { + return internalStream.get(access, {id: data.id, expand: ['owner', 'certificate']}) + .then((row) => { + return internalNginx.configure(streamModel, 'stream', row) + .then((new_meta) => { + row.meta = new_meta; + row = internalHost.cleanRowCertificateMeta(row); + return _.omit(row, omissions()); + }); + }); }); }, From 68a78035134395cf9ef4a0739a9e6ccc9ee568cc Mon Sep 17 00:00:00 2001 From: Jamie Curnow Date: Tue, 4 Feb 2025 17:53:59 +1000 Subject: [PATCH 114/175] Fix api schema after merging latest changes --- backend/internal/stream.js | 4 +- backend/schema/components/stream-object.json | 3 + backend/schema/paths/nginx/streams/get.json | 5 +- backend/schema/paths/nginx/streams/post.json | 6 +- .../paths/nginx/streams/streamID/get.json | 3 +- .../paths/nginx/streams/streamID/put.json | 90 ++++++------------- 6 files changed, 40 insertions(+), 71 deletions(-) diff --git a/backend/internal/stream.js b/backend/internal/stream.js index 36cb40554..f69a5c176 100644 --- a/backend/internal/stream.js +++ b/backend/internal/stream.js @@ -20,7 +20,7 @@ const internalStream = { * @returns {Promise} */ create: (access, data) => { - let create_certificate = data.certificate_id === 'new'; + const create_certificate = data.certificate_id === 'new'; if (create_certificate) { delete data.certificate_id; @@ -96,7 +96,7 @@ const internalStream = { * @return {Promise} */ update: (access, data) => { - let create_certificate = data.certificate_id === 'new'; + const create_certificate = data.certificate_id === 'new'; if (create_certificate) { delete data.certificate_id; diff --git a/backend/schema/components/stream-object.json b/backend/schema/components/stream-object.json index e17749940..0ab8f907a 100644 --- a/backend/schema/components/stream-object.json +++ b/backend/schema/components/stream-object.json @@ -55,6 +55,9 @@ "enabled": { "$ref": "../common.json#/properties/enabled" }, + "certificate_id": { + "$ref": "../common.json#/properties/certificate_id" + }, "meta": { "type": "object" } diff --git a/backend/schema/paths/nginx/streams/get.json b/backend/schema/paths/nginx/streams/get.json index 596afc6e7..17969ee4e 100644 --- a/backend/schema/paths/nginx/streams/get.json +++ b/backend/schema/paths/nginx/streams/get.json @@ -14,7 +14,7 @@ "description": "Expansions", "schema": { "type": "string", - "enum": ["access_list", "owner", "certificate"] + "enum": ["owner", "certificate"] } } ], @@ -40,7 +40,8 @@ "nginx_online": true, "nginx_err": null }, - "enabled": true + "enabled": true, + "certificate_id": 0 } ] } diff --git a/backend/schema/paths/nginx/streams/post.json b/backend/schema/paths/nginx/streams/post.json index 9f3514e0f..d26996b69 100644 --- a/backend/schema/paths/nginx/streams/post.json +++ b/backend/schema/paths/nginx/streams/post.json @@ -32,6 +32,9 @@ "udp_forwarding": { "$ref": "../../../components/stream-object.json#/properties/udp_forwarding" }, + "certificate_id": { + "$ref": "../../../components/stream-object.json#/properties/certificate_id" + }, "meta": { "$ref": "../../../components/stream-object.json#/properties/meta" } @@ -73,7 +76,8 @@ "nickname": "Admin", "avatar": "", "roles": ["admin"] - } + }, + "certificate_id": 0 } } }, diff --git a/backend/schema/paths/nginx/streams/streamID/get.json b/backend/schema/paths/nginx/streams/streamID/get.json index 6547656df..801af13a7 100644 --- a/backend/schema/paths/nginx/streams/streamID/get.json +++ b/backend/schema/paths/nginx/streams/streamID/get.json @@ -40,7 +40,8 @@ "nginx_online": true, "nginx_err": null }, - "enabled": true + "enabled": true, + "certificate_id": 0 } } }, diff --git a/backend/schema/paths/nginx/streams/streamID/put.json b/backend/schema/paths/nginx/streams/streamID/put.json index fbfdc901b..14adb1631 100644 --- a/backend/schema/paths/nginx/streams/streamID/put.json +++ b/backend/schema/paths/nginx/streams/streamID/put.json @@ -29,56 +29,26 @@ "additionalProperties": false, "minProperties": 1, "properties": { - "domain_names": { - "$ref": "../../../../components/proxy-host-object.json#/properties/domain_names" + "incoming_port": { + "$ref": "../../../../components/stream-object.json#/properties/incoming_port" }, - "forward_scheme": { - "$ref": "../../../../components/proxy-host-object.json#/properties/forward_scheme" + "forwarding_host": { + "$ref": "../../../../components/stream-object.json#/properties/forwarding_host" }, - "forward_host": { - "$ref": "../../../../components/proxy-host-object.json#/properties/forward_host" + "forwarding_port": { + "$ref": "../../../../components/stream-object.json#/properties/forwarding_port" }, - "forward_port": { - "$ref": "../../../../components/proxy-host-object.json#/properties/forward_port" + "tcp_forwarding": { + "$ref": "../../../../components/stream-object.json#/properties/tcp_forwarding" }, - "certificate_id": { - "$ref": "../../../../components/proxy-host-object.json#/properties/certificate_id" - }, - "ssl_forced": { - "$ref": "../../../../components/proxy-host-object.json#/properties/ssl_forced" - }, - "hsts_enabled": { - "$ref": "../../../../components/proxy-host-object.json#/properties/hsts_enabled" - }, - "hsts_subdomains": { - "$ref": "../../../../components/proxy-host-object.json#/properties/hsts_subdomains" - }, - "http2_support": { - "$ref": "../../../../components/proxy-host-object.json#/properties/http2_support" - }, - "block_exploits": { - "$ref": "../../../../components/proxy-host-object.json#/properties/block_exploits" + "udp_forwarding": { + "$ref": "../../../../components/stream-object.json#/properties/udp_forwarding" }, - "caching_enabled": { - "$ref": "../../../../components/proxy-host-object.json#/properties/caching_enabled" - }, - "allow_websocket_upgrade": { - "$ref": "../../../../components/proxy-host-object.json#/properties/allow_websocket_upgrade" - }, - "access_list_id": { - "$ref": "../../../../components/proxy-host-object.json#/properties/access_list_id" - }, - "advanced_config": { - "$ref": "../../../../components/proxy-host-object.json#/properties/advanced_config" - }, - "enabled": { - "$ref": "../../../../components/proxy-host-object.json#/properties/enabled" + "certificate_id": { + "$ref": "../../../../components/stream-object.json#/properties/certificate_id" }, "meta": { - "$ref": "../../../../components/proxy-host-object.json#/properties/meta" - }, - "locations": { - "$ref": "../../../../components/proxy-host-object.json#/properties/locations" + "$ref": "../../../../components/stream-object.json#/properties/meta" } } } @@ -94,42 +64,32 @@ "default": { "value": { "id": 1, - "created_on": "2024-10-08T23:23:03.000Z", - "modified_on": "2024-10-08T23:26:37.000Z", + "created_on": "2024-10-09T02:33:45.000Z", + "modified_on": "2024-10-09T02:33:45.000Z", "owner_user_id": 1, - "domain_names": ["test.example.com"], - "forward_host": "192.168.0.10", - "forward_port": 8989, - "access_list_id": 0, - "certificate_id": 0, - "ssl_forced": false, - "caching_enabled": false, - "block_exploits": false, - "advanced_config": "", + "incoming_port": 9090, + "forwarding_host": "router.internal", + "forwarding_port": 80, + "tcp_forwarding": true, + "udp_forwarding": false, "meta": { "nginx_online": true, "nginx_err": null }, - "allow_websocket_upgrade": false, - "http2_support": false, - "forward_scheme": "http", "enabled": true, - "hsts_enabled": false, - "hsts_subdomains": false, "owner": { "id": 1, - "created_on": "2024-10-07T22:43:55.000Z", - "modified_on": "2024-10-08T12:52:54.000Z", + "created_on": "2024-10-09T02:33:16.000Z", + "modified_on": "2024-10-09T02:33:16.000Z", "is_deleted": false, "is_disabled": false, "email": "admin@example.com", "name": "Administrator", - "nickname": "some guy", - "avatar": "//www.gravatar.com/avatar/e64c7d89f26bd1972efa854d13d7dd61?default=mm", + "nickname": "Admin", + "avatar": "", "roles": ["admin"] }, - "certificate": null, - "access_list": null + "certificate_id": 0 } } }, From b4793d3c162561f7a4d13dc61947334eeea618d9 Mon Sep 17 00:00:00 2001 From: Jamie Curnow Date: Wed, 5 Feb 2025 08:10:11 +1000 Subject: [PATCH 115/175] Adds testssl.sh and mkcert to cypress stack --- test/cypress/Dockerfile | 12 ++++++++++++ 1 file changed, 12 insertions(+) diff --git a/test/cypress/Dockerfile b/test/cypress/Dockerfile index 6de4c2454..c0bc0ba8b 100644 --- a/test/cypress/Dockerfile +++ b/test/cypress/Dockerfile @@ -6,6 +6,18 @@ COPY --chown=1000 ./test /test ENV FORCE_COLOR=0 ENV NO_COLOR=1 +# testssl.sh and mkcert +RUN wget "https://github.com/testssl/testssl.sh/archive/refs/tags/v3.2rc4.tar.gz" -O /tmp/testssl.tgz -q \ + && tar -xzf /tmp/testssl.tgz -C /tmp \ + && mv /tmp/testssl.sh-3.2rc4 /testssl \ + && rm /tmp/testssl.tgz \ + && apt-get update \ + && apt-get install -y bsdmainutils \ + && apt-get clean \ + && rm -rf /var/lib/apt/lists/* \ + && wget "https://github.com/FiloSottile/mkcert/releases/download/v1.4.4/mkcert-v1.4.4-linux-amd64" -O /bin/mkcert \ + && chmod +x /bin/mkcert + WORKDIR /test RUN yarn install && yarn cache clean ENTRYPOINT [] From 6a606278339f87cd6ed5769d375e706359a8c61c Mon Sep 17 00:00:00 2001 From: Jamie Curnow Date: Wed, 5 Feb 2025 09:00:31 +1000 Subject: [PATCH 116/175] Cypress test for Streams and updated cypress + packages --- backend/internal/stream.js | 2 +- backend/models/stream.js | 1 + backend/schema/components/stream-object.json | 17 +- docker/docker-compose.ci.yml | 6 +- docker/scripts/install-s6 | 2 +- test/cypress/Dockerfile | 7 +- test/cypress/e2e/api/Streams.cy.js | 213 +++++++++++++++++++ test/package.json | 14 +- 8 files changed, 245 insertions(+), 17 deletions(-) create mode 100644 test/cypress/e2e/api/Streams.cy.js diff --git a/backend/internal/stream.js b/backend/internal/stream.js index f69a5c176..4d49bc3aa 100644 --- a/backend/internal/stream.js +++ b/backend/internal/stream.js @@ -9,7 +9,7 @@ const internalHost = require('./host'); const {castJsonIfNeed} = require('../lib/helpers'); function omissions () { - return ['is_deleted']; + return ['is_deleted', 'owner.is_deleted', 'certificate.is_deleted']; } const internalStream = { diff --git a/backend/models/stream.js b/backend/models/stream.js index 40fd601ce..dbec2dcb7 100644 --- a/backend/models/stream.js +++ b/backend/models/stream.js @@ -8,6 +8,7 @@ const now = require('./now_helper'); Model.knex(db); const boolFields = [ + 'enabled', 'is_deleted', 'tcp_forwarding', 'udp_forwarding', diff --git a/backend/schema/components/stream-object.json b/backend/schema/components/stream-object.json index 0ab8f907a..848c30e6e 100644 --- a/backend/schema/components/stream-object.json +++ b/backend/schema/components/stream-object.json @@ -19,9 +19,7 @@ "incoming_port": { "type": "integer", "minimum": 1, - "maximum": 65535, - "if": {"properties": {"tcp_forwarding": {"const": true}}}, - "then": {"not": {"oneOf": [{"const": 80}, {"const": 443}]}} + "maximum": 65535 }, "forwarding_host": { "anyOf": [ @@ -60,6 +58,19 @@ }, "meta": { "type": "object" + }, + "owner": { + "$ref": "./user-object.json" + }, + "certificate": { + "oneOf": [ + { + "type": "null" + }, + { + "$ref": "./certificate-object.json" + } + ] } } } diff --git a/docker/docker-compose.ci.yml b/docker/docker-compose.ci.yml index 022f28131..280a05465 100644 --- a/docker/docker-compose.ci.yml +++ b/docker/docker-compose.ci.yml @@ -22,6 +22,10 @@ services: test: ["CMD", "/usr/bin/check-health"] interval: 10s timeout: 3s + expose: + - '80-81/tcp' + - '443/tcp' + - '1500-1503/tcp' networks: fulltest: aliases: @@ -97,7 +101,7 @@ services: HTTP_PROXY: 'squid:3128' HTTPS_PROXY: 'squid:3128' volumes: - - 'cypress_logs:/results' + - 'cypress_logs:/test/results' - './dev/resolv.conf:/etc/resolv.conf:ro' - '/etc/localtime:/etc/localtime:ro' command: cypress run --browser chrome --config-file=cypress/config/ci.js diff --git a/docker/scripts/install-s6 b/docker/scripts/install-s6 index 2922735b2..5f3b73ec5 100755 --- a/docker/scripts/install-s6 +++ b/docker/scripts/install-s6 @@ -8,7 +8,7 @@ BLUE='\E[1;34m' GREEN='\E[1;32m' RESET='\E[0m' -S6_OVERLAY_VERSION=3.1.5.0 +S6_OVERLAY_VERSION=3.2.0.2 TARGETPLATFORM=${1:-linux/amd64} # Determine the correct binary file for the architecture given diff --git a/test/cypress/Dockerfile b/test/cypress/Dockerfile index c0bc0ba8b..9b835fe0e 100644 --- a/test/cypress/Dockerfile +++ b/test/cypress/Dockerfile @@ -1,6 +1,4 @@ -FROM cypress/included:13.9.0 - -COPY --chown=1000 ./test /test +FROM cypress/included:14.0.1 # Disable Cypress CLI colors ENV FORCE_COLOR=0 @@ -12,12 +10,13 @@ RUN wget "https://github.com/testssl/testssl.sh/archive/refs/tags/v3.2rc4.tar.gz && mv /tmp/testssl.sh-3.2rc4 /testssl \ && rm /tmp/testssl.tgz \ && apt-get update \ - && apt-get install -y bsdmainutils \ + && apt-get install -y bsdmainutils curl dnsutils \ && apt-get clean \ && rm -rf /var/lib/apt/lists/* \ && wget "https://github.com/FiloSottile/mkcert/releases/download/v1.4.4/mkcert-v1.4.4-linux-amd64" -O /bin/mkcert \ && chmod +x /bin/mkcert +COPY --chown=1000 ./test /test WORKDIR /test RUN yarn install && yarn cache clean ENTRYPOINT [] diff --git a/test/cypress/e2e/api/Streams.cy.js b/test/cypress/e2e/api/Streams.cy.js new file mode 100644 index 000000000..9de43157e --- /dev/null +++ b/test/cypress/e2e/api/Streams.cy.js @@ -0,0 +1,213 @@ +/// + +describe('Streams', () => { + let token; + + before(() => { + cy.getToken().then((tok) => { + token = tok; + // Set default site content + cy.task('backendApiPut', { + token: token, + path: '/api/settings/default-site', + data: { + value: 'html', + meta: { + html: '

yay it works

' + }, + }, + }).then((data) => { + cy.validateSwaggerSchema('put', 200, '/settings/{settingID}', data); + }); + }); + + // Create a custom cert pair + cy.exec('mkcert -cert-file=/test/cypress/fixtures/website1.pem -key-file=/test/cypress/fixtures/website1.key.pem website1.example.com').then((result) => { + expect(result.code).to.eq(0); + // Install CA + cy.exec('mkcert -install').then((result) => { + expect(result.code).to.eq(0); + }); + }); + + cy.exec('rm -f /test/results/testssl.json'); + }); + + it('Should be able to create TCP Stream', function() { + cy.task('backendApiPost', { + token: token, + path: '/api/nginx/streams', + data: { + incoming_port: 1500, + forwarding_host: '127.0.0.1', + forwarding_port: 80, + certificate_id: 0, + meta: { + dns_provider_credentials: "", + letsencrypt_agree: false, + dns_challenge: true + }, + tcp_forwarding: true, + udp_forwarding: false + } + }).then((data) => { + cy.validateSwaggerSchema('post', 201, '/nginx/streams', data); + expect(data).to.have.property('id'); + expect(data.id).to.be.greaterThan(0); + expect(data).to.have.property('enabled', true); + expect(data).to.have.property('tcp_forwarding', true); + expect(data).to.have.property('udp_forwarding', false); + + cy.exec('curl --noproxy -- http://website1.example.com:1500').then((result) => { + expect(result.code).to.eq(0); + expect(result.stdout).to.contain('yay it works'); + }); + }); + }); + + it('Should be able to create UDP Stream', function() { + cy.task('backendApiPost', { + token: token, + path: '/api/nginx/streams', + data: { + incoming_port: 1501, + forwarding_host: '127.0.0.1', + forwarding_port: 80, + certificate_id: 0, + meta: { + dns_provider_credentials: "", + letsencrypt_agree: false, + dns_challenge: true + }, + tcp_forwarding: false, + udp_forwarding: true + } + }).then((data) => { + cy.validateSwaggerSchema('post', 201, '/nginx/streams', data); + expect(data).to.have.property('id'); + expect(data.id).to.be.greaterThan(0); + expect(data).to.have.property('enabled', true); + expect(data).to.have.property('tcp_forwarding', false); + expect(data).to.have.property('udp_forwarding', true); + }); + }); + + it('Should be able to create TCP/UDP Stream', function() { + cy.task('backendApiPost', { + token: token, + path: '/api/nginx/streams', + data: { + incoming_port: 1502, + forwarding_host: '127.0.0.1', + forwarding_port: 80, + certificate_id: 0, + meta: { + dns_provider_credentials: "", + letsencrypt_agree: false, + dns_challenge: true + }, + tcp_forwarding: true, + udp_forwarding: true + } + }).then((data) => { + cy.validateSwaggerSchema('post', 201, '/nginx/streams', data); + expect(data).to.have.property('id'); + expect(data.id).to.be.greaterThan(0); + expect(data).to.have.property('enabled', true); + expect(data).to.have.property('tcp_forwarding', true); + expect(data).to.have.property('udp_forwarding', true); + + cy.exec('curl --noproxy -- http://website1.example.com:1502').then((result) => { + expect(result.code).to.eq(0); + expect(result.stdout).to.contain('yay it works'); + }); + }); + }); + + it('Should be able to create SSL TCP Stream', function() { + let certID = 0; + + // Create custom cert + cy.task('backendApiPost', { + token: token, + path: '/api/nginx/certificates', + data: { + provider: "other", + nice_name: "Custom Certificate for SSL Stream", + }, + }).then((data) => { + cy.validateSwaggerSchema('post', 201, '/nginx/certificates', data); + expect(data).to.have.property('id'); + certID = data.id; + + // Upload files + cy.task('backendApiPostFiles', { + token: token, + path: `/api/nginx/certificates/${certID}/upload`, + files: { + certificate: 'website1.pem', + certificate_key: 'website1.key.pem', + }, + }).then((data) => { + cy.validateSwaggerSchema('post', 200, '/nginx/certificates/{certID}/upload', data); + expect(data).to.have.property('certificate'); + expect(data).to.have.property('certificate_key'); + + // Create the stream + cy.task('backendApiPost', { + token: token, + path: '/api/nginx/streams', + data: { + incoming_port: 1503, + forwarding_host: '127.0.0.1', + forwarding_port: 80, + certificate_id: certID, + meta: { + dns_provider_credentials: "", + letsencrypt_agree: false, + dns_challenge: true + }, + tcp_forwarding: true, + udp_forwarding: false + } + }).then((data) => { + cy.validateSwaggerSchema('post', 201, '/nginx/streams', data); + expect(data).to.have.property('id'); + expect(data.id).to.be.greaterThan(0); + expect(data).to.have.property("enabled", true); + expect(data).to.have.property('tcp_forwarding', true); + expect(data).to.have.property('udp_forwarding', false); + expect(data).to.have.property('certificate_id', certID); + + // Check the ssl termination + cy.task('log', '[testssl.sh] Running ...'); + cy.exec('/testssl/testssl.sh --quiet --add-ca="$(/bin/mkcert -CAROOT)/rootCA.pem" --jsonfile=/test/results/testssl.json website1.example.com:1503', { + timeout: 120000, // 2 minutes + }).then((result) => { + cy.task('log', '[testssl.sh] ' + result.stdout); + + const allowedSeverities = ["INFO", "OK", "LOW", "MEDIUM"]; + const ignoredIDs = [ + 'cert_chain_of_trust', + 'cert_extlifeSpan', + 'cert_revocation', + 'overall_grade', + ]; + + cy.readFile('/test/results/testssl.json').then((data) => { + // Parse each array item + for (let i = 0; i < data.length; i++) { + const item = data[i]; + if (ignoredIDs.includes(item.id)) { + continue; + } + expect(item.severity).to.be.oneOf(allowedSeverities); + } + }); + }); + }); + }); + }); + }); + +}); diff --git a/test/package.json b/test/package.json index b52ecfbd7..a3a3cad6d 100644 --- a/test/package.json +++ b/test/package.json @@ -4,18 +4,18 @@ "description": "", "main": "index.js", "dependencies": { - "@jc21/cypress-swagger-validation": "^0.3.1", - "axios": "^1.7.7", - "cypress": "^13.15.0", - "cypress-multi-reporters": "^1.6.4", + "@jc21/cypress-swagger-validation": "^0.3.2", + "axios": "^1.7.9", + "cypress": "^14.0.1", + "cypress-multi-reporters": "^2.0.5", "cypress-wait-until": "^3.0.2", - "eslint": "^9.12.0", + "eslint": "^9.19.0", "eslint-plugin-align-assignments": "^1.1.2", "eslint-plugin-chai-friendly": "^1.0.1", - "eslint-plugin-cypress": "^3.5.0", + "eslint-plugin-cypress": "^4.1.0", "form-data": "^4.0.1", "lodash": "^4.17.21", - "mocha": "^10.7.3", + "mocha": "^11.1.0", "mocha-junit-reporter": "^2.2.1" }, "scripts": { From cfcf78aaeec548cb178946bcc05592dc5c85d343 Mon Sep 17 00:00:00 2001 From: Sander Jochems Date: Wed, 5 Feb 2025 17:29:40 +0100 Subject: [PATCH 117/175] Set bearer auth security component --- backend/schema/swagger.json | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/backend/schema/swagger.json b/backend/schema/swagger.json index 5a0142bff..b3bba7f97 100644 --- a/backend/schema/swagger.json +++ b/backend/schema/swagger.json @@ -9,6 +9,15 @@ "url": "http://127.0.0.1:81/api" } ], + "components": { + "securitySchemes": { + "bearerAuth": { + "type": "http", + "scheme": "bearer", + "bearerFormat": "JWT" + } + } + }, "paths": { "/": { "get": { From 14d7c35fd77131f8744174f438a9f54c5a61b448 Mon Sep 17 00:00:00 2001 From: Sander Jochems Date: Wed, 5 Feb 2025 17:31:09 +0100 Subject: [PATCH 118/175] Fix whitespaces --- backend/schema/swagger.json | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/backend/schema/swagger.json b/backend/schema/swagger.json index b3bba7f97..4a502b4e4 100644 --- a/backend/schema/swagger.json +++ b/backend/schema/swagger.json @@ -13,8 +13,8 @@ "securitySchemes": { "bearerAuth": { "type": "http", - "scheme": "bearer", - "bearerFormat": "JWT" + "scheme": "bearer", + "bearerFormat": "JWT" } } }, From a6af5ec2c760b3906164a1f4bf1529335938bb0a Mon Sep 17 00:00:00 2001 From: Sander Jochems Date: Wed, 5 Feb 2025 18:18:50 +0100 Subject: [PATCH 119/175] Remove certificate as required from proxy host --- backend/schema/components/proxy-host-object.json | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/backend/schema/components/proxy-host-object.json b/backend/schema/components/proxy-host-object.json index 5098802b1..e9dcacb5e 100644 --- a/backend/schema/components/proxy-host-object.json +++ b/backend/schema/components/proxy-host-object.json @@ -22,8 +22,7 @@ "enabled", "locations", "hsts_enabled", - "hsts_subdomains", - "certificate" + "hsts_subdomains" ], "additionalProperties": false, "properties": { From 8a1557154a39a34293485523dae5bbb8f152a840 Mon Sep 17 00:00:00 2001 From: Sander Jochems Date: Wed, 5 Feb 2025 22:15:12 +0100 Subject: [PATCH 120/175] Add certificate fields to boolFields --- backend/models/dead_host.js | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/backend/models/dead_host.js b/backend/models/dead_host.js index 483da3b6b..3386caabf 100644 --- a/backend/models/dead_host.js +++ b/backend/models/dead_host.js @@ -12,7 +12,11 @@ Model.knex(db); const boolFields = [ 'is_deleted', + 'ssl_forced', + 'http2_support', 'enabled', + 'hsts_enabled', + 'hsts_subdomains', ]; class DeadHost extends Model { From df48b835c4401d88fa4317d7093e6d7f74fbb088 Mon Sep 17 00:00:00 2001 From: Sander Jochems Date: Wed, 5 Feb 2025 22:20:21 +0100 Subject: [PATCH 121/175] Update order to match others --- backend/models/stream.js | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/backend/models/stream.js b/backend/models/stream.js index dbec2dcb7..5d1cb6c1c 100644 --- a/backend/models/stream.js +++ b/backend/models/stream.js @@ -8,8 +8,8 @@ const now = require('./now_helper'); Model.knex(db); const boolFields = [ - 'enabled', 'is_deleted', + 'enabled', 'tcp_forwarding', 'udp_forwarding', ]; From 0a05d8f0adc110b4589ca122ee69fac994a27b13 Mon Sep 17 00:00:00 2001 From: Jamie Curnow Date: Thu, 6 Feb 2025 08:39:03 +1000 Subject: [PATCH 122/175] Bump version --- .version | 2 +- README.md | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/.version b/.version index 371a952d6..ccc99d021 100644 --- a/.version +++ b/.version @@ -1 +1 @@ -2.12.2 +2.12.3 diff --git a/README.md b/README.md index 0e46f00f1..925aeb23d 100644 --- a/README.md +++ b/README.md @@ -1,7 +1,7 @@



- + From c4df89df1f11ef8cb26ab375d161f6c82e72d401 Mon Sep 17 00:00:00 2001 From: Jamie Curnow Date: Thu, 6 Feb 2025 13:38:47 +1000 Subject: [PATCH 123/175] Fix dashboard loading loop and freezing the page --- frontend/js/app/controller.js | 874 +++++++++++++++--------------- frontend/js/app/dashboard/main.js | 162 +++--- 2 files changed, 515 insertions(+), 521 deletions(-) diff --git a/frontend/js/app/controller.js b/frontend/js/app/controller.js index ccb2978a8..ebddd7807 100644 --- a/frontend/js/app/controller.js +++ b/frontend/js/app/controller.js @@ -4,444 +4,438 @@ const Tokens = require('./tokens'); module.exports = { - /** - * @param {String} route - * @param {Object} [options] - * @returns {Boolean} - */ - navigate: function (route, options) { - options = options || {}; - Backbone.history.navigate(route.toString(), options); - return true; - }, - - /** - * Login - */ - showLogin: function () { - window.location = '/login'; - }, - - /** - * Users - */ - showUsers: function () { - let controller = this; - if (Cache.User.isAdmin()) { - require(['./main', './users/main'], (App, View) => { - controller.navigate('/users'); - App.UI.showAppContent(new View()); - }); - } else { - this.showDashboard(); - } - }, - - /** - * User Form - * - * @param [model] - */ - showUserForm: function (model) { - if (Cache.User.isAdmin()) { - require(['./main', './user/form'], function (App, View) { - App.UI.showModalDialog(new View({model: model})); - }); - } - }, - - /** - * User Permissions Form - * - * @param model - */ - showUserPermissions: function (model) { - if (Cache.User.isAdmin()) { - require(['./main', './user/permissions'], function (App, View) { - App.UI.showModalDialog(new View({model: model})); - }); - } - }, - - /** - * User Password Form - * - * @param model - */ - showUserPasswordForm: function (model) { - if (Cache.User.isAdmin() || model.get('id') === Cache.User.get('id')) { - require(['./main', './user/password'], function (App, View) { - App.UI.showModalDialog(new View({model: model})); - }); - } - }, - - /** - * User Delete Confirm - * - * @param model - */ - showUserDeleteConfirm: function (model) { - if (Cache.User.isAdmin() && model.get('id') !== Cache.User.get('id')) { - require(['./main', './user/delete'], function (App, View) { - App.UI.showModalDialog(new View({model: model})); - }); - } - }, - - /** - * Dashboard - */ - showDashboard: function () { - let controller = this; - - require(['./main', './dashboard/main'], (App, View) => { - controller.navigate('/'); - App.UI.showAppContent(new View()); - }); - }, - - /** - * Nginx Proxy Hosts - */ - showNginxProxy: function () { - if (Cache.User.isAdmin() || Cache.User.canView('proxy_hosts')) { - let controller = this; - - require(['./main', './nginx/proxy/main'], (App, View) => { - controller.navigate('/nginx/proxy'); - App.UI.showAppContent(new View()); - }); - } - }, - - /** - * Nginx Proxy Host Form - * - * @param [model] - */ - showNginxProxyForm: function (model) { - if (Cache.User.isAdmin() || Cache.User.canManage('proxy_hosts')) { - require(['./main', './nginx/proxy/form'], function (App, View) { - App.UI.showModalDialog(new View({model: model})); - }); - } - }, - - /** - * Proxy Host Delete Confirm - * - * @param model - */ - showNginxProxyDeleteConfirm: function (model) { - if (Cache.User.isAdmin() || Cache.User.canManage('proxy_hosts')) { - require(['./main', './nginx/proxy/delete'], function (App, View) { - App.UI.showModalDialog(new View({model: model})); - }); - } - }, - - /** - * Nginx Redirection Hosts - */ - showNginxRedirection: function () { - if (Cache.User.isAdmin() || Cache.User.canView('redirection_hosts')) { - let controller = this; - - require(['./main', './nginx/redirection/main'], (App, View) => { - controller.navigate('/nginx/redirection'); - App.UI.showAppContent(new View()); - }); - } - }, - - /** - * Nginx Redirection Host Form - * - * @param [model] - */ - showNginxRedirectionForm: function (model) { - if (Cache.User.isAdmin() || Cache.User.canManage('redirection_hosts')) { - require(['./main', './nginx/redirection/form'], function (App, View) { - App.UI.showModalDialog(new View({model: model})); - }); - } - }, - - /** - * Proxy Redirection Delete Confirm - * - * @param model - */ - showNginxRedirectionDeleteConfirm: function (model) { - if (Cache.User.isAdmin() || Cache.User.canManage('redirection_hosts')) { - require(['./main', './nginx/redirection/delete'], function (App, View) { - App.UI.showModalDialog(new View({model: model})); - }); - } - }, - - /** - * Nginx Stream Hosts - */ - showNginxStream: function () { - if (Cache.User.isAdmin() || Cache.User.canView('streams')) { - let controller = this; - - require(['./main', './nginx/stream/main'], (App, View) => { - controller.navigate('/nginx/stream'); - App.UI.showAppContent(new View()); - }); - } - }, - - /** - * Stream Form - * - * @param [model] - */ - showNginxStreamForm: function (model) { - if (Cache.User.isAdmin() || Cache.User.canManage('streams')) { - require(['./main', './nginx/stream/form'], function (App, View) { - App.UI.showModalDialog(new View({model: model})); - }); - } - }, - - /** - * Stream Delete Confirm - * - * @param model - */ - showNginxStreamDeleteConfirm: function (model) { - if (Cache.User.isAdmin() || Cache.User.canManage('streams')) { - require(['./main', './nginx/stream/delete'], function (App, View) { - App.UI.showModalDialog(new View({model: model})); - }); - } - }, - - /** - * Nginx Dead Hosts - */ - showNginxDead: function () { - if (Cache.User.isAdmin() || Cache.User.canView('dead_hosts')) { - let controller = this; - - require(['./main', './nginx/dead/main'], (App, View) => { - controller.navigate('/nginx/404'); - App.UI.showAppContent(new View()); - }); - } - }, - - /** - * Dead Host Form - * - * @param [model] - */ - showNginxDeadForm: function (model) { - if (Cache.User.isAdmin() || Cache.User.canManage('dead_hosts')) { - require(['./main', './nginx/dead/form'], function (App, View) { - App.UI.showModalDialog(new View({model: model})); - }); - } - }, - - /** - * Dead Host Delete Confirm - * - * @param model - */ - showNginxDeadDeleteConfirm: function (model) { - if (Cache.User.isAdmin() || Cache.User.canManage('dead_hosts')) { - require(['./main', './nginx/dead/delete'], function (App, View) { - App.UI.showModalDialog(new View({model: model})); - }); - } - }, - - /** - * Help Dialog - * - * @param {String} title - * @param {String} content - */ - showHelp: function (title, content) { - require(['./main', './help/main'], function (App, View) { - App.UI.showModalDialog(new View({title: title, content: content})); - }); - }, - - /** - * Nginx Access - */ - showNginxAccess: function () { - if (Cache.User.isAdmin() || Cache.User.canView('access_lists')) { - let controller = this; - - require(['./main', './nginx/access/main'], (App, View) => { - controller.navigate('/nginx/access'); - App.UI.showAppContent(new View()); - }); - } - }, - - /** - * Nginx Access List Form - * - * @param [model] - */ - showNginxAccessListForm: function (model) { - if (Cache.User.isAdmin() || Cache.User.canManage('access_lists')) { - require(['./main', './nginx/access/form'], function (App, View) { - App.UI.showModalDialog(new View({model: model})); - }); - } - }, - - /** - * Access List Delete Confirm - * - * @param model - */ - showNginxAccessListDeleteConfirm: function (model) { - if (Cache.User.isAdmin() || Cache.User.canManage('access_lists')) { - require(['./main', './nginx/access/delete'], function (App, View) { - App.UI.showModalDialog(new View({model: model})); - }); - } - }, - - /** - * Nginx Certificates - */ - showNginxCertificates: function () { - if (Cache.User.isAdmin() || Cache.User.canView('certificates')) { - let controller = this; - - require(['./main', './nginx/certificates/main'], (App, View) => { - controller.navigate('/nginx/certificates'); - App.UI.showAppContent(new View()); - }); - } - }, - - /** - * Nginx Certificate Form - * - * @param [model] - */ - showNginxCertificateForm: function (model) { - if (Cache.User.isAdmin() || Cache.User.canManage('certificates')) { - require(['./main', './nginx/certificates/form'], function (App, View) { - App.UI.showModalDialog(new View({model: model})); - }); - } - }, - - /** - * Certificate Renew - * - * @param model - */ - showNginxCertificateRenew: function (model) { - if (Cache.User.isAdmin() || Cache.User.canManage('certificates')) { - require(['./main', './nginx/certificates/renew'], function (App, View) { - App.UI.showModalDialog(new View({model: model})); - }); - } - }, - - /** - * Certificate Delete Confirm - * - * @param model - */ - showNginxCertificateDeleteConfirm: function (model) { - if (Cache.User.isAdmin() || Cache.User.canManage('certificates')) { - require(['./main', './nginx/certificates/delete'], function (App, View) { - App.UI.showModalDialog(new View({model: model})); - }); - } - }, - - /** - * Certificate Test Reachability - * - * @param model - */ - showNginxCertificateTestReachability: function (model) { - if (Cache.User.isAdmin() || Cache.User.canManage('certificates')) { - require(['./main', './nginx/certificates/test'], function (App, View) { - App.UI.showModalDialog(new View({model: model})); - }); - } - }, - - /** - * Audit Log - */ - showAuditLog: function () { - let controller = this; - if (Cache.User.isAdmin()) { - require(['./main', './audit-log/main'], (App, View) => { - controller.navigate('/audit-log'); - App.UI.showAppContent(new View()); - }); - } else { - this.showDashboard(); - } - }, - - /** - * Audit Log Metadata - * - * @param model - */ - showAuditMeta: function (model) { - if (Cache.User.isAdmin()) { - require(['./main', './audit-log/meta'], function (App, View) { - App.UI.showModalDialog(new View({model: model})); - }); - } - }, - - /** - * Settings - */ - showSettings: function () { - let controller = this; - if (Cache.User.isAdmin()) { - require(['./main', './settings/main'], (App, View) => { - controller.navigate('/settings'); - App.UI.showAppContent(new View()); - }); - } else { - this.showDashboard(); - } - }, - - /** - * Settings Item Form - * - * @param model - */ - showSettingForm: function (model) { - if (Cache.User.isAdmin()) { - if (model.get('id') === 'default-site') { - require(['./main', './settings/default-site/main'], function (App, View) { - App.UI.showModalDialog(new View({model: model})); - }); - } - } - }, - - /** - * Logout - */ - logout: function () { - Tokens.dropTopToken(); - this.showLogin(); - } + /** + * @param {String} route + * @param {Object} [options] + * @returns {Boolean} + */ + navigate: function (route, options) { + options = options || {}; + Backbone.history.navigate(route.toString(), options); + return true; + }, + + /** + * Login + */ + showLogin: function () { + window.location = '/login'; + }, + + /** + * Users + */ + showUsers: function () { + const controller = this; + if (Cache.User.isAdmin()) { + require(['./main', './users/main'], (App, View) => { + controller.navigate('/users'); + App.UI.showAppContent(new View()); + }); + } else { + this.showDashboard(); + } + }, + + /** + * User Form + * + * @param [model] + */ + showUserForm: function (model) { + if (Cache.User.isAdmin()) { + require(['./main', './user/form'], function (App, View) { + App.UI.showModalDialog(new View({model: model})); + }); + } + }, + + /** + * User Permissions Form + * + * @param model + */ + showUserPermissions: function (model) { + if (Cache.User.isAdmin()) { + require(['./main', './user/permissions'], function (App, View) { + App.UI.showModalDialog(new View({model: model})); + }); + } + }, + + /** + * User Password Form + * + * @param model + */ + showUserPasswordForm: function (model) { + if (Cache.User.isAdmin() || model.get('id') === Cache.User.get('id')) { + require(['./main', './user/password'], function (App, View) { + App.UI.showModalDialog(new View({model: model})); + }); + } + }, + + /** + * User Delete Confirm + * + * @param model + */ + showUserDeleteConfirm: function (model) { + if (Cache.User.isAdmin() && model.get('id') !== Cache.User.get('id')) { + require(['./main', './user/delete'], function (App, View) { + App.UI.showModalDialog(new View({model: model})); + }); + } + }, + + /** + * Dashboard + */ + showDashboard: function () { + const controller = this; + require(['./main', './dashboard/main'], (App, View) => { + controller.navigate('/'); + App.UI.showAppContent(new View()); + }); + }, + + /** + * Nginx Proxy Hosts + */ + showNginxProxy: function () { + if (Cache.User.isAdmin() || Cache.User.canView('proxy_hosts')) { + const controller = this; + + require(['./main', './nginx/proxy/main'], (App, View) => { + controller.navigate('/nginx/proxy'); + App.UI.showAppContent(new View()); + }); + } + }, + + /** + * Nginx Proxy Host Form + * + * @param [model] + */ + showNginxProxyForm: function (model) { + if (Cache.User.isAdmin() || Cache.User.canManage('proxy_hosts')) { + require(['./main', './nginx/proxy/form'], function (App, View) { + App.UI.showModalDialog(new View({model: model})); + }); + } + }, + + /** + * Proxy Host Delete Confirm + * + * @param model + */ + showNginxProxyDeleteConfirm: function (model) { + if (Cache.User.isAdmin() || Cache.User.canManage('proxy_hosts')) { + require(['./main', './nginx/proxy/delete'], function (App, View) { + App.UI.showModalDialog(new View({model: model})); + }); + } + }, + + /** + * Nginx Redirection Hosts + */ + showNginxRedirection: function () { + if (Cache.User.isAdmin() || Cache.User.canView('redirection_hosts')) { + const controller = this; + require(['./main', './nginx/redirection/main'], (App, View) => { + controller.navigate('/nginx/redirection'); + App.UI.showAppContent(new View()); + }); + } + }, + + /** + * Nginx Redirection Host Form + * + * @param [model] + */ + showNginxRedirectionForm: function (model) { + if (Cache.User.isAdmin() || Cache.User.canManage('redirection_hosts')) { + require(['./main', './nginx/redirection/form'], function (App, View) { + App.UI.showModalDialog(new View({model: model})); + }); + } + }, + + /** + * Proxy Redirection Delete Confirm + * + * @param model + */ + showNginxRedirectionDeleteConfirm: function (model) { + if (Cache.User.isAdmin() || Cache.User.canManage('redirection_hosts')) { + require(['./main', './nginx/redirection/delete'], function (App, View) { + App.UI.showModalDialog(new View({model: model})); + }); + } + }, + + /** + * Nginx Stream Hosts + */ + showNginxStream: function () { + if (Cache.User.isAdmin() || Cache.User.canView('streams')) { + const controller = this; + require(['./main', './nginx/stream/main'], (App, View) => { + controller.navigate('/nginx/stream'); + App.UI.showAppContent(new View()); + }); + } + }, + + /** + * Stream Form + * + * @param [model] + */ + showNginxStreamForm: function (model) { + if (Cache.User.isAdmin() || Cache.User.canManage('streams')) { + require(['./main', './nginx/stream/form'], function (App, View) { + App.UI.showModalDialog(new View({model: model})); + }); + } + }, + + /** + * Stream Delete Confirm + * + * @param model + */ + showNginxStreamDeleteConfirm: function (model) { + if (Cache.User.isAdmin() || Cache.User.canManage('streams')) { + require(['./main', './nginx/stream/delete'], function (App, View) { + App.UI.showModalDialog(new View({model: model})); + }); + } + }, + + /** + * Nginx Dead Hosts + */ + showNginxDead: function () { + if (Cache.User.isAdmin() || Cache.User.canView('dead_hosts')) { + const controller = this; + require(['./main', './nginx/dead/main'], (App, View) => { + controller.navigate('/nginx/404'); + App.UI.showAppContent(new View()); + }); + } + }, + + /** + * Dead Host Form + * + * @param [model] + */ + showNginxDeadForm: function (model) { + if (Cache.User.isAdmin() || Cache.User.canManage('dead_hosts')) { + require(['./main', './nginx/dead/form'], function (App, View) { + App.UI.showModalDialog(new View({model: model})); + }); + } + }, + + /** + * Dead Host Delete Confirm + * + * @param model + */ + showNginxDeadDeleteConfirm: function (model) { + if (Cache.User.isAdmin() || Cache.User.canManage('dead_hosts')) { + require(['./main', './nginx/dead/delete'], function (App, View) { + App.UI.showModalDialog(new View({model: model})); + }); + } + }, + + /** + * Help Dialog + * + * @param {String} title + * @param {String} content + */ + showHelp: function (title, content) { + require(['./main', './help/main'], function (App, View) { + App.UI.showModalDialog(new View({title: title, content: content})); + }); + }, + + /** + * Nginx Access + */ + showNginxAccess: function () { + if (Cache.User.isAdmin() || Cache.User.canView('access_lists')) { + const controller = this; + require(['./main', './nginx/access/main'], (App, View) => { + controller.navigate('/nginx/access'); + App.UI.showAppContent(new View()); + }); + } + }, + + /** + * Nginx Access List Form + * + * @param [model] + */ + showNginxAccessListForm: function (model) { + if (Cache.User.isAdmin() || Cache.User.canManage('access_lists')) { + require(['./main', './nginx/access/form'], function (App, View) { + App.UI.showModalDialog(new View({model: model})); + }); + } + }, + + /** + * Access List Delete Confirm + * + * @param model + */ + showNginxAccessListDeleteConfirm: function (model) { + if (Cache.User.isAdmin() || Cache.User.canManage('access_lists')) { + require(['./main', './nginx/access/delete'], function (App, View) { + App.UI.showModalDialog(new View({model: model})); + }); + } + }, + + /** + * Nginx Certificates + */ + showNginxCertificates: function () { + if (Cache.User.isAdmin() || Cache.User.canView('certificates')) { + const controller = this; + require(['./main', './nginx/certificates/main'], (App, View) => { + controller.navigate('/nginx/certificates'); + App.UI.showAppContent(new View()); + }); + } + }, + + /** + * Nginx Certificate Form + * + * @param [model] + */ + showNginxCertificateForm: function (model) { + if (Cache.User.isAdmin() || Cache.User.canManage('certificates')) { + require(['./main', './nginx/certificates/form'], function (App, View) { + App.UI.showModalDialog(new View({model: model})); + }); + } + }, + + /** + * Certificate Renew + * + * @param model + */ + showNginxCertificateRenew: function (model) { + if (Cache.User.isAdmin() || Cache.User.canManage('certificates')) { + require(['./main', './nginx/certificates/renew'], function (App, View) { + App.UI.showModalDialog(new View({model: model})); + }); + } + }, + + /** + * Certificate Delete Confirm + * + * @param model + */ + showNginxCertificateDeleteConfirm: function (model) { + if (Cache.User.isAdmin() || Cache.User.canManage('certificates')) { + require(['./main', './nginx/certificates/delete'], function (App, View) { + App.UI.showModalDialog(new View({model: model})); + }); + } + }, + + /** + * Certificate Test Reachability + * + * @param model + */ + showNginxCertificateTestReachability: function (model) { + if (Cache.User.isAdmin() || Cache.User.canManage('certificates')) { + require(['./main', './nginx/certificates/test'], function (App, View) { + App.UI.showModalDialog(new View({model: model})); + }); + } + }, + + /** + * Audit Log + */ + showAuditLog: function () { + const controller = this; + if (Cache.User.isAdmin()) { + require(['./main', './audit-log/main'], (App, View) => { + controller.navigate('/audit-log'); + App.UI.showAppContent(new View()); + }); + } else { + this.showDashboard(); + } + }, + + /** + * Audit Log Metadata + * + * @param model + */ + showAuditMeta: function (model) { + if (Cache.User.isAdmin()) { + require(['./main', './audit-log/meta'], function (App, View) { + App.UI.showModalDialog(new View({model: model})); + }); + } + }, + + /** + * Settings + */ + showSettings: function () { + const controller = this; + if (Cache.User.isAdmin()) { + require(['./main', './settings/main'], (App, View) => { + controller.navigate('/settings'); + App.UI.showAppContent(new View()); + }); + } else { + this.showDashboard(); + } + }, + + /** + * Settings Item Form + * + * @param model + */ + showSettingForm: function (model) { + if (Cache.User.isAdmin()) { + if (model.get('id') === 'default-site') { + require(['./main', './settings/default-site/main'], function (App, View) { + App.UI.showModalDialog(new View({model: model})); + }); + } + } + }, + + /** + * Logout + */ + logout: function () { + Tokens.dropTopToken(); + this.showLogin(); + } }; diff --git a/frontend/js/app/dashboard/main.js b/frontend/js/app/dashboard/main.js index 4765d061e..ba4a99a67 100644 --- a/frontend/js/app/dashboard/main.js +++ b/frontend/js/app/dashboard/main.js @@ -6,85 +6,85 @@ const Helpers = require('../../lib/helpers'); const template = require('./main.ejs'); module.exports = Mn.View.extend({ - template: template, - id: 'dashboard', - columns: 0, - - stats: {}, - - ui: { - links: 'a' - }, - - events: { - 'click @ui.links': function (e) { - e.preventDefault(); - Controller.navigate($(e.currentTarget).attr('href'), true); - } - }, - - templateContext: function () { - let view = this; - - return { - getUserName: function () { - return Cache.User.get('nickname') || Cache.User.get('name'); - }, - - getHostStat: function (type) { - if (view.stats && typeof view.stats.hosts !== 'undefined' && typeof view.stats.hosts[type] !== 'undefined') { - return Helpers.niceNumber(view.stats.hosts[type]); - } - - return '-'; - }, - - canShow: function (perm) { - return Cache.User.isAdmin() || Cache.User.canView(perm); - }, - - columns: view.columns - }; - }, - - onRender: function () { - let view = this; - - Api.Reports.getHostStats() - .then(response => { - if (!view.isDestroyed()) { - view.stats.hosts = response; - view.render(); - } - }) - .catch(err => { - console.log(err); - }); - }, - - /** - * @param {Object} [model] - */ - preRender: function (model) { - this.columns = 0; - - // calculate the available columns based on permissions for the objects - // and store as a variable - //let view = this; - let perms = ['proxy_hosts', 'redirection_hosts', 'streams', 'dead_hosts']; - - perms.map(perm => { - this.columns += Cache.User.isAdmin() || Cache.User.canView(perm) ? 1 : 0; - }); - - // Prevent double rendering on initial calls - if (typeof model !== 'undefined') { - this.render(); - } - }, - - initialize: function () { - this.preRender(); - this.listenTo(Cache.User, 'change', this.preRender); - } + template: template, + id: 'dashboard', + columns: 0, + + stats: {}, + + ui: { + links: 'a' + }, + + events: { + 'click @ui.links': function (e) { + e.preventDefault(); + Controller.navigate($(e.currentTarget).attr('href'), true); + } + }, + + templateContext: function () { + const view = this; + + return { + getUserName: function () { + return Cache.User.get('nickname') || Cache.User.get('name'); + }, + + getHostStat: function (type) { + if (view.stats && typeof view.stats.hosts !== 'undefined' && typeof view.stats.hosts[type] !== 'undefined') { + return Helpers.niceNumber(view.stats.hosts[type]); + } + + return '-'; + }, + + canShow: function (perm) { + return Cache.User.isAdmin() || Cache.User.canView(perm); + }, + + columns: view.columns + }; + }, + + onRender: function () { + const view = this; + if (typeof view.stats.hosts === 'undefined') { + Api.Reports.getHostStats() + .then(response => { + if (!view.isDestroyed()) { + view.stats.hosts = response; + view.render(); + } + }) + .catch(err => { + console.log(err); + }); + } + }, + + /** + * @param {Object} [model] + */ + preRender: function (model) { + this.columns = 0; + + // calculate the available columns based on permissions for the objects + // and store as a variable + const perms = ['proxy_hosts', 'redirection_hosts', 'streams', 'dead_hosts']; + + perms.map(perm => { + this.columns += Cache.User.isAdmin() || Cache.User.canView(perm) ? 1 : 0; + }); + + // Prevent double rendering on initial calls + if (typeof model !== 'undefined') { + this.render(); + } + }, + + initialize: function () { + this.preRender(); + this.listenTo(Cache.User, 'change', this.preRender); + } }); From b09147eca8928599bfbfe1c67e6b783bbebfa6b8 Mon Sep 17 00:00:00 2001 From: Mordy Ovits Date: Thu, 6 Feb 2025 19:40:23 -0500 Subject: [PATCH 124/175] Update frontend copyright year to 2025 --- frontend/js/i18n/messages.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/frontend/js/i18n/messages.json b/frontend/js/i18n/messages.json index a154921b5..d409942ff 100644 --- a/frontend/js/i18n/messages.json +++ b/frontend/js/i18n/messages.json @@ -60,7 +60,7 @@ }, "footer": { "fork-me": "Fork me on Github", - "copy": "© 2024 jc21.com.", + "copy": "© 2025 jc21.com.", "theme": "Theme by Tabler" }, "dashboard": { From 03fd292c610de28dd57ff3cbdb4b13dd3cad8d1b Mon Sep 17 00:00:00 2001 From: Marc <7147324+pustekuchen91@users.noreply.github.com> Date: Sun, 9 Feb 2025 11:41:30 +0100 Subject: [PATCH 125/175] use latest certbot-dns-cpanel version this allows to use token for authentication --- global/certbot-dns-plugins.json | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/global/certbot-dns-plugins.json b/global/certbot-dns-plugins.json index 606e7083c..0c1086429 100644 --- a/global/certbot-dns-plugins.json +++ b/global/certbot-dns-plugins.json @@ -74,9 +74,9 @@ "cpanel": { "name": "cPanel", "package_name": "certbot-dns-cpanel", - "version": "~=0.2.2", + "version": "~=0.4.0", "dependencies": "", - "credentials": "cpanel_url = https://cpanel.example.com:2083\ncpanel_username = user\ncpanel_password = hunter2", + "credentials": "cpanel_url = https://cpanel.example.com:2083\ncpanel_username = your_username\ncpanel_password = your_password\ncpanel_token = your_api_token", "full_plugin_name": "cpanel" }, "desec": { From d147ccd88dc4d2463a98596ef133b2cf25df0ed2 Mon Sep 17 00:00:00 2001 From: Wise <33370380+wisewtf@users.noreply.github.com> Date: Fri, 14 Feb 2025 14:44:54 +0100 Subject: [PATCH 126/175] Fixed error in sqlite installation compose file If people copy and paste the sqlite installation without commenting environment docker compose will throw an error because environment will be null. --- docs/src/setup/index.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/src/setup/index.md b/docs/src/setup/index.md index 5e126754f..c2296da7f 100644 --- a/docs/src/setup/index.md +++ b/docs/src/setup/index.md @@ -21,7 +21,7 @@ services: # Add any other Stream port you want to expose # - '21:21' # FTP - environment: + #environment: # Uncomment this if you want to change the location of # the SQLite DB file within the container # DB_SQLITE_FILE: "/data/database.sqlite" From 312e2ab80c223de10642ce9f084e8c9337fd7e0a Mon Sep 17 00:00:00 2001 From: ZeroDeng Date: Fri, 21 Feb 2025 14:56:00 +0800 Subject: [PATCH 127/175] [fix]Stream List error code 500 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Fix stream list page error code 500。 --- backend/internal/stream.js | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/backend/internal/stream.js b/backend/internal/stream.js index 4d49bc3aa..50ce08324 100644 --- a/backend/internal/stream.js +++ b/backend/internal/stream.js @@ -369,7 +369,7 @@ const internalStream = { .where('is_deleted', 0) .groupBy('id') .allowGraph('[owner,certificate]') - .orderByRaw('CAST(incoming_port AS INTEGER) ASC'); + .orderBy('incoming_port', 'ASC'); if (access_data.permission_visibility !== 'all') { query.andWhere('owner_user_id', access.token.getUserId(1)); From 1c47fc2ba4ab72cbaf7b3397038ed370a8891650 Mon Sep 17 00:00:00 2001 From: cg-zhou Date: Wed, 26 Feb 2025 19:25:50 +0800 Subject: [PATCH 128/175] feat: Add IP_RANGES_FETCH_ENABLED environment variable This change adds a new environment variable to control whether IP ranges are fetched during application startup. When set to 'false', the initial fetch will be skipped, which can: 1. Speed up application startup 2. Avoid connectivity issues in environments with restricted internet access 3. Prevent startup failures when CloudFront or CloudFlare services are unreachable --- backend/index.js | 15 ++++++++++++++- docs/src/advanced-config/index.md | 8 ++++++++ 2 files changed, 22 insertions(+), 1 deletion(-) diff --git a/backend/index.js b/backend/index.js index 551378251..196226ccd 100644 --- a/backend/index.js +++ b/backend/index.js @@ -3,6 +3,8 @@ const schema = require('./schema'); const logger = require('./logger').global; +const IP_RANGES_FETCH_ENABLED = process.env.IP_RANGES_FETCH_ENABLED !== 'false'; + async function appStart () { const migrate = require('./migrate'); const setup = require('./setup'); @@ -13,7 +15,18 @@ async function appStart () { return migrate.latest() .then(setup) .then(schema.getCompiledSchema) - .then(internalIpRanges.fetch) + .then(() => { + if (IP_RANGES_FETCH_ENABLED) { + logger.info('IP Ranges fetch is enabled'); + return internalIpRanges.fetch().catch(err => { + logger.error('IP Ranges fetch failed, continuing anyway:', err.message); + return Promise.resolve(); + }); + } else { + logger.info('IP Ranges fetch is disabled by environment variable'); + return Promise.resolve(); + } + }) .then(() => { internalCertificate.initTimer(); internalIpRanges.initTimer(); diff --git a/docs/src/advanced-config/index.md b/docs/src/advanced-config/index.md index 373fd08bb..4a7c260eb 100644 --- a/docs/src/advanced-config/index.md +++ b/docs/src/advanced-config/index.md @@ -161,6 +161,14 @@ The easy fix is to add a Docker environment variable to the Nginx Proxy Manager DISABLE_IPV6: 'true' ``` +## Disabling IP Ranges Fetch + +By default, NPM fetches IP ranges from CloudFront and Cloudflare during application startup. In environments with limited internet access or to speed up container startup, this fetch can be disabled: + +```yml + environment: + IP_RANGES_FETCH_ENABLED: 'false' +``` ## Custom Nginx Configurations From a394b25e61c997ead062783934cf99c7e5b71f6c Mon Sep 17 00:00:00 2001 From: cg-zhou Date: Wed, 26 Feb 2025 19:45:49 +0800 Subject: [PATCH 129/175] fix eslint error --- backend/index.js | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/backend/index.js b/backend/index.js index 196226ccd..7e9a1842b 100644 --- a/backend/index.js +++ b/backend/index.js @@ -18,7 +18,7 @@ async function appStart () { .then(() => { if (IP_RANGES_FETCH_ENABLED) { logger.info('IP Ranges fetch is enabled'); - return internalIpRanges.fetch().catch(err => { + return internalIpRanges.fetch().catch((err) => { logger.error('IP Ranges fetch failed, continuing anyway:', err.message); return Promise.resolve(); }); From bf9d9bd43bd220823846b837ba8f22122859be36 Mon Sep 17 00:00:00 2001 From: Michael Heilig Date: Fri, 28 Feb 2025 21:00:36 +0100 Subject: [PATCH 130/175] Fix DomainOffensive certbot plugin In https://github.com/NginxProxyManager/nginx-proxy-manager/pull/4235 the certbot plugin for do.de (Domain Offensive) was updated to use the more official version. One necessary line modification was missed, resulting in an error when creating a new certificate. --- global/certbot-dns-plugins.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/global/certbot-dns-plugins.json b/global/certbot-dns-plugins.json index 2191c2138..f3871ec46 100644 --- a/global/certbot-dns-plugins.json +++ b/global/certbot-dns-plugins.json @@ -164,7 +164,7 @@ "package_name": "certbot-dns-domainoffensive", "version": "~=2.0.0", "dependencies": "", - "credentials": "dns_do_api_token = YOUR_DO_DE_AUTH_TOKEN", + "credentials": "dns_domainoffensive_api_token = YOUR_DO_DE_AUTH_TOKEN", "full_plugin_name": "dns-domainoffensive" }, "domeneshop": { From 078baa255a458fae461965faff8dd963ea3a6efa Mon Sep 17 00:00:00 2001 From: henmohr Date: Mon, 3 Mar 2025 16:40:38 -0300 Subject: [PATCH 131/175] Update certbot-dns-plugins.json --- global/certbot-dns-plugins.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/global/certbot-dns-plugins.json b/global/certbot-dns-plugins.json index 2191c2138..5524a391b 100644 --- a/global/certbot-dns-plugins.json +++ b/global/certbot-dns-plugins.json @@ -51,7 +51,7 @@ "name": "Cloudflare", "package_name": "certbot-dns-cloudflare", "version": "=={{certbot-version}}", - "dependencies": "cloudflare==2.19.* acme=={{certbot-version}}", + "dependencies": "cloudflare==4.0.* acme=={{certbot-version}}", "credentials": "# Cloudflare API token\ndns_cloudflare_api_token=0123456789abcdef0123456789abcdef01234567", "full_plugin_name": "dns-cloudflare" }, From 341ac65587984332bf49f1ad6960a9480d825080 Mon Sep 17 00:00:00 2001 From: FoxtrotCZ <10333810+foxtrotcz@users.noreply.github.com> Date: Sun, 9 Mar 2025 19:54:11 +0100 Subject: [PATCH 132/175] Updates Active24 plugin to API v2 --- global/certbot-dns-plugins.json | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/global/certbot-dns-plugins.json b/global/certbot-dns-plugins.json index 2191c2138..7b94c4864 100644 --- a/global/certbot-dns-plugins.json +++ b/global/certbot-dns-plugins.json @@ -10,9 +10,9 @@ "active24": { "name": "Active24", "package_name": "certbot-dns-active24", - "version": "~=1.5.1", + "version": "~=2.0.0", "dependencies": "", - "credentials": "dns_active24_token=\"TOKEN\"", + "credentials": "dns_active24_api_key = \ndns_active24_secret = ", "full_plugin_name": "dns-active24" }, "aliyun": { From 18830f81b050549d4ea22a9eff0c5d9367f22e97 Mon Sep 17 00:00:00 2001 From: Andrei Mateescu Date: Thu, 13 Mar 2025 23:47:31 +0200 Subject: [PATCH 133/175] Update the Gandi plugin. --- global/certbot-dns-plugins.json | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/global/certbot-dns-plugins.json b/global/certbot-dns-plugins.json index 2191c2138..14925ccfd 100644 --- a/global/certbot-dns-plugins.json +++ b/global/certbot-dns-plugins.json @@ -209,8 +209,8 @@ }, "gandi": { "name": "Gandi Live DNS", - "package_name": "certbot_plugin_gandi", - "version": "~=1.5.0", + "package_name": "certbot-dns-gandi", + "version": "~=1.6.1", "dependencies": "", "credentials": "# Gandi personal access token\ndns_gandi_token=PERSONAL_ACCESS_TOKEN", "full_plugin_name": "dns-gandi" From 5e66d677f1402b0414ae07124ad810fbc12c36ec Mon Sep 17 00:00:00 2001 From: Jamie Curnow Date: Mon, 24 Mar 2025 14:34:45 +1000 Subject: [PATCH 134/175] Adds test for dashboard endpoints --- docker/docker-compose.ci.mysql.yml | 1 + test/cypress/e2e/api/Dashboard.cy.js | 25 +++++++++++++++++++++++++ 2 files changed, 26 insertions(+) create mode 100644 test/cypress/e2e/api/Dashboard.cy.js diff --git a/docker/docker-compose.ci.mysql.yml b/docker/docker-compose.ci.mysql.yml index 388cdb382..108a1dca3 100644 --- a/docker/docker-compose.ci.mysql.yml +++ b/docker/docker-compose.ci.mysql.yml @@ -18,6 +18,7 @@ services: MYSQL_DATABASE: 'npm' MYSQL_USER: 'npm' MYSQL_PASSWORD: 'npmpass' + MARIADB_AUTO_UPGRADE: '1' volumes: - mysql_vol:/var/lib/mysql networks: diff --git a/test/cypress/e2e/api/Dashboard.cy.js b/test/cypress/e2e/api/Dashboard.cy.js new file mode 100644 index 000000000..8fbb97155 --- /dev/null +++ b/test/cypress/e2e/api/Dashboard.cy.js @@ -0,0 +1,25 @@ +/// + +describe('Dashboard endpoints', () => { + let token; + + before(() => { + cy.getToken().then((tok) => { + token = tok; + }); + }); + + it('Should be able to get host counts', function() { + cy.task('backendApiGet', { + token: token, + path: '/api/reports/hosts' + }).then((data) => { + cy.validateSwaggerSchema('get', 200, '/reports/hosts', data); + expect(data).to.have.property('dead'); + expect(data).to.have.property('proxy'); + expect(data).to.have.property('redirection'); + expect(data).to.have.property('stream'); + }); + }); + +}); From f5879dff6c001914743f977fe978a6f7b9d1d1eb Mon Sep 17 00:00:00 2001 From: Ryan P Date: Thu, 10 Apr 2025 19:56:06 -0400 Subject: [PATCH 135/175] Update certbot-dns-plugins.json Fix for bug #4429 add cpanel_api_token entry to credentials check. Will still need to update the documentation that the user will need to retrieve the api token from their cPanel. --- global/certbot-dns-plugins.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/global/certbot-dns-plugins.json b/global/certbot-dns-plugins.json index 2191c2138..909dd7407 100644 --- a/global/certbot-dns-plugins.json +++ b/global/certbot-dns-plugins.json @@ -92,7 +92,7 @@ "package_name": "certbot-dns-cpanel", "version": "~=0.2.2", "dependencies": "", - "credentials": "cpanel_url = https://cpanel.example.com:2083\ncpanel_username = user\ncpanel_password = hunter2", + "credentials": "cpanel_url = https://cpanel.example.com:2083\ncpanel_username = user\ncpanel_password = hunter2\ncpanel_api_token = token", "full_plugin_name": "cpanel" }, "desec": { From 0cab720f235d84e865f284cca33e9389d9a5faa2 Mon Sep 17 00:00:00 2001 From: Aditya Date: Sun, 20 Apr 2025 20:38:54 +1000 Subject: [PATCH 136/175] fix: optimize certbot ownership script to reduce container startup time Replace inefficient find/execdir implementation that was causing 3+ minute startup delays with a more efficient approach that: 1. Uses a flag file to skip redundant operations on container restarts 2. Processes site-packages directories with bulk chown operations instead of individual file checks and changes 3. Maintains the same functionality while dramatically improving performance This change should significantly reduce container startup time while ensuring all necessary file permissions are still properly set. --- .../s6-rc.d/prepare/30-ownership.sh | 19 ++++++++++++++++--- 1 file changed, 16 insertions(+), 3 deletions(-) diff --git a/docker/rootfs/etc/s6-overlay/s6-rc.d/prepare/30-ownership.sh b/docker/rootfs/etc/s6-overlay/s6-rc.d/prepare/30-ownership.sh index 378cc9caa..17bfa1a95 100755 --- a/docker/rootfs/etc/s6-overlay/s6-rc.d/prepare/30-ownership.sh +++ b/docker/rootfs/etc/s6-overlay/s6-rc.d/prepare/30-ownership.sh @@ -23,6 +23,19 @@ chown -R "$PUID:$PGID" /etc/nginx/nginx chown -R "$PUID:$PGID" /etc/nginx/nginx.conf chown -R "$PUID:$PGID" /etc/nginx/conf.d -# Prevents errors when installing python certbot plugins when non-root -chown "$PUID:$PGID" /opt/certbot /opt/certbot/bin -find /opt/certbot/lib/python*/site-packages -not -user "$PUID" -execdir chown "$PUID:$PGID" {} \+ +# Certbot directories - optimized approach +CERT_INIT_FLAG="/opt/certbot/.ownership_initialized" + +if [ ! -f "$CERT_INIT_FLAG" ]; then + # Prevents errors when installing python certbot plugins when non-root + chown "$PUID:$PGID" /opt/certbot /opt/certbot/bin + + # Handle all site-packages directories efficiently + find /opt/certbot/lib -type d -name "site-packages" | while read -r SITE_PACKAGES_DIR; do + chown -R "$PUID:$PGID" "$SITE_PACKAGES_DIR" + done + + # Create a flag file to skip this step on subsequent runs + touch "$CERT_INIT_FLAG" + chown "$PUID:$PGID" "$CERT_INIT_FLAG" +fi \ No newline at end of file From d9cdb3dc2cafd4b00989c502352553fd4267e4a9 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E9=B9=8F=E9=B9=8F?= Date: Sun, 11 May 2025 12:45:13 +0800 Subject: [PATCH 137/175] add Baidu as DNS provider --- global/certbot-dns-plugins.json | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/global/certbot-dns-plugins.json b/global/certbot-dns-plugins.json index 2191c2138..97bc79534 100644 --- a/global/certbot-dns-plugins.json +++ b/global/certbot-dns-plugins.json @@ -31,6 +31,14 @@ "credentials": "# This plugin supported API authentication using either Service Principals or utilizing a Managed Identity assigned to the virtual machine.\n# Regardless which authentication method used, the identity will need the “DNS Zone Contributor” role assigned to it.\n# As multiple Azure DNS Zones in multiple resource groups can exist, the config file needs a mapping of zone to resource group ID. Multiple zones -> ID mappings can be listed by using the key dns_azure_zoneX where X is a unique number. At least 1 zone mapping is required.\n\n# Using a service principal (option 1)\ndns_azure_sp_client_id = 912ce44a-0156-4669-ae22-c16a17d34ca5\ndns_azure_sp_client_secret = E-xqXU83Y-jzTI6xe9fs2YC~mck3ZzUih9\ndns_azure_tenant_id = ed1090f3-ab18-4b12-816c-599af8a88cf7\n\n# Using used assigned MSI (option 2)\n# dns_azure_msi_client_id = 912ce44a-0156-4669-ae22-c16a17d34ca5\n\n# Using system assigned MSI (option 3)\n# dns_azure_msi_system_assigned = true\n\n# Zones (at least one always required)\ndns_azure_zone1 = example.com:/subscriptions/c135abce-d87d-48df-936c-15596c6968a5/resourceGroups/dns1\ndns_azure_zone2 = example.org:/subscriptions/99800903-fb14-4992-9aff-12eaf2744622/resourceGroups/dns2", "full_plugin_name": "dns-azure" }, + "baidu": { + "name": "baidu", + "package_name": "certbot-dns-baidu", + "version": "~=0.1.1", + "dependencies": "", + "credentials": "dns_baidu_access_key = 12345678\ndns_baidu_secret_key = 1234567890abcdef1234567890abcdef", + "full_plugin_name": "dns-baidu" + }, "beget": { "name":"Beget", "package_name": "certbot-beget-plugin", From 76be31cf7600f8383e2e03838daa6fafbc570e79 Mon Sep 17 00:00:00 2001 From: "A. Stamminger" Date: Thu, 8 May 2025 17:29:24 +0200 Subject: [PATCH 138/175] Update certbot-dns-plugins.json with dns-ddns plugin This commit extends the global plugin list with the configuration for certbot-dns-ddnss (https://pypi.org/project/certbot-dns-ddnss/), a new plugin providing DNS-01 challenges for ddnss.de --- global/certbot-dns-plugins.json | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/global/certbot-dns-plugins.json b/global/certbot-dns-plugins.json index 2191c2138..5737a4345 100644 --- a/global/certbot-dns-plugins.json +++ b/global/certbot-dns-plugins.json @@ -95,6 +95,14 @@ "credentials": "cpanel_url = https://cpanel.example.com:2083\ncpanel_username = user\ncpanel_password = hunter2", "full_plugin_name": "cpanel" }, + "ddnss": { + "name": "DDNSS", + "package_name": "certbot-dns-ddnss", + "version": "~=1.1.0", + "dependencies": "", + "credentials": "dns_ddnss_token = YOUR_DDNSS_API_TOKEN", + "full_plugin_name": "dns-ddnss" + }, "desec": { "name": "deSEC", "package_name": "certbot-dns-desec", From 4fe305520acc33c856b579be070ba1a96aed583b Mon Sep 17 00:00:00 2001 From: vzagorovskiy Date: Mon, 19 May 2025 13:18:58 +0300 Subject: [PATCH 139/175] Added nic.ru dns provider --- global/certbot-dns-plugins.json | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/global/certbot-dns-plugins.json b/global/certbot-dns-plugins.json index 2191c2138..8c4ac00db 100644 --- a/global/certbot-dns-plugins.json +++ b/global/certbot-dns-plugins.json @@ -383,6 +383,14 @@ "credentials": "dns_netcup_customer_id = 123456\ndns_netcup_api_key = 0123456789abcdef0123456789abcdef01234567\ndns_netcup_api_password = abcdef0123456789abcdef01234567abcdef0123", "full_plugin_name": "dns-netcup" }, + "nicru": { + "name": "nic.ru", + "package_name": "certbot-dns-nicru", + "version": "~=1.0.3", + "dependencies": "", + "credentials": "dns_nicru_client_id = application-id\ndns_nicru_client_secret = application-token\ndns_nicru_username = 0001110/NIC-D\ndns_nicru_password = password\ndns_nicru_scope = .+:.+/zones/example.com(/.+)?\ndns_nicru_service = DNS_SERVICE_NAME\ndns_nicru_zone = example.com", + "full_plugin_name": "dns-nicru" + }, "njalla": { "name": "Njalla", "package_name": "certbot-dns-njalla", From 34267e0af96bd8cf09a3864bc03567a5ffb277f7 Mon Sep 17 00:00:00 2001 From: jelly_moon Date: Fri, 23 May 2025 04:43:52 +0200 Subject: [PATCH 140/175] Update strato dns plugin from 0.2.1 to 0.2.2 --- global/certbot-dns-plugins.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/global/certbot-dns-plugins.json b/global/certbot-dns-plugins.json index 1f98eaea0..4f0439e5a 100644 --- a/global/certbot-dns-plugins.json +++ b/global/certbot-dns-plugins.json @@ -506,7 +506,7 @@ "strato": { "name": "Strato", "package_name": "certbot-dns-strato", - "version": "~=0.2.1", + "version": "~=0.2.2", "dependencies": "", "credentials": "dns_strato_username = user\ndns_strato_password = pass\n# uncomment if youre using two factor authentication:\n# dns_strato_totp_devicename = 2fa_device\n# dns_strato_totp_secret = 2fa_secret\n#\n# uncomment if domain name contains special characters\n# insert domain display name as seen on your account page here\n# dns_strato_domain_display_name = my-punicode-url.de\n#\n# if youre not using strato.de or another special endpoint you can customise it below\n# you will probably only need to adjust the host, but you can also change the complete endpoint url\n# dns_strato_custom_api_scheme = https\n# dns_strato_custom_api_host = www.strato.de\n# dns_strato_custom_api_port = 443\n# dns_strato_custom_api_path = \"/apps/CustomerService\"", "full_plugin_name": "dns-strato" From 0291cfc270603fa16577d077f55055ce10daecff Mon Sep 17 00:00:00 2001 From: gustavfroding <49125732+gustavfroding@users.noreply.github.com> Date: Fri, 23 May 2025 13:18:07 +0200 Subject: [PATCH 141/175] Added spaceship DNS provider --- global/certbot-dns-plugins.json | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/global/certbot-dns-plugins.json b/global/certbot-dns-plugins.json index 1f98eaea0..4ed7a530f 100644 --- a/global/certbot-dns-plugins.json +++ b/global/certbot-dns-plugins.json @@ -503,6 +503,14 @@ "credentials": "[default]\naws_access_key_id=AKIAIOSFODNN7EXAMPLE\naws_secret_access_key=wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY", "full_plugin_name": "dns-route53" }, + "spaceship": { + "name": "Spaceship", + "package_name": "certbot-dns-spaceship", + "version": "~=1.0.4", + "dependencies": "", + "credentials": "[spaceship]\napi_key=your_api_key\napi_secret=your_api_secret", + "full_plugin_name": "dns-spaceship" + }, "strato": { "name": "Strato", "package_name": "certbot-dns-strato", From 09ba400d09d1d3c8389c6bdfcf38c40c4dfaec52 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Luk=C3=A1=C5=A1=20Tesa=C5=99?= Date: Mon, 26 May 2025 19:40:08 +0200 Subject: [PATCH 142/175] fix(modal): make textarea font actually monospace Modal `textarea` element has this class `text-monospace`, but there is actually no CSS definition that sets the monospace font for it (neither in custom SCSS files, nor in included libs). This commit fixes the issue by setting `monospace` `font-family` for the `textarea`, greatly enhancing UX of configuration editing in UI. --- frontend/scss/tabler-extra.scss | 1 + 1 file changed, 1 insertion(+) diff --git a/frontend/scss/tabler-extra.scss b/frontend/scss/tabler-extra.scss index 3ddd0ed4d..c56aedbce 100644 --- a/frontend/scss/tabler-extra.scss +++ b/frontend/scss/tabler-extra.scss @@ -167,4 +167,5 @@ $pink: #f66d9b; textarea.form-control.text-monospace { font-size: 12px; + font-family: monospace; } From b6afc191352f28d604ab645fa43f6b3fb467161d Mon Sep 17 00:00:00 2001 From: Oleg Date: Wed, 28 May 2025 18:10:21 +0300 Subject: [PATCH 143/175] Added selectel v2 DNS provider --- global/certbot-dns-plugins.json | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/global/certbot-dns-plugins.json b/global/certbot-dns-plugins.json index 1f98eaea0..48335b705 100644 --- a/global/certbot-dns-plugins.json +++ b/global/certbot-dns-plugins.json @@ -511,6 +511,14 @@ "credentials": "dns_strato_username = user\ndns_strato_password = pass\n# uncomment if youre using two factor authentication:\n# dns_strato_totp_devicename = 2fa_device\n# dns_strato_totp_secret = 2fa_secret\n#\n# uncomment if domain name contains special characters\n# insert domain display name as seen on your account page here\n# dns_strato_domain_display_name = my-punicode-url.de\n#\n# if youre not using strato.de or another special endpoint you can customise it below\n# you will probably only need to adjust the host, but you can also change the complete endpoint url\n# dns_strato_custom_api_scheme = https\n# dns_strato_custom_api_host = www.strato.de\n# dns_strato_custom_api_port = 443\n# dns_strato_custom_api_path = \"/apps/CustomerService\"", "full_plugin_name": "dns-strato" }, + "selectelv2": { + "name": "Selectel api v2", + "package_name": "certbot-dns-selectel-api-v2", + "version": "~=0.3.0", + "dependencies": "", + "credentials": "dns_selectel_api_v2_account_id = your_account_id\ndns_selectel_api_v2_project_name = your_project\ndns_selectel_api_v2_username = your_username\ndns_selectel_api_v2_password = your_password", + "full_plugin_name": "dns-selectel-api-v2" + }, "timeweb": { "name": "Timeweb Cloud", "package_name": "certbot-dns-timeweb", From 77061a7bd6ad33694273a8a09886bf47d1b2af87 Mon Sep 17 00:00:00 2001 From: "Tom.KST" Date: Wed, 11 Jun 2025 17:33:44 +0800 Subject: [PATCH 144/175] Update certbot-dns-plugins.json I've tried multi times failed, and I found that show be a 'space break' ahead & after the equal mark... So the correct script should be "dns_cloudflare_api_token = 0123456789abcdef0123456789abcdef01234567", instead of "dns_cloudflare_api_token=0123456789abcdef0123456789abcdef01234567" --- global/certbot-dns-plugins.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/global/certbot-dns-plugins.json b/global/certbot-dns-plugins.json index 1f98eaea0..cae9de148 100644 --- a/global/certbot-dns-plugins.json +++ b/global/certbot-dns-plugins.json @@ -60,7 +60,7 @@ "package_name": "certbot-dns-cloudflare", "version": "=={{certbot-version}}", "dependencies": "cloudflare==4.0.* acme=={{certbot-version}}", - "credentials": "# Cloudflare API token\ndns_cloudflare_api_token=0123456789abcdef0123456789abcdef01234567", + "credentials": "# Cloudflare API token\ndns_cloudflare_api_token = 0123456789abcdef0123456789abcdef01234567", "full_plugin_name": "dns-cloudflare" }, "cloudns": { From f11dc5d7c1d8fc6ac4f71c4078c2be4291c9950f Mon Sep 17 00:00:00 2001 From: "Tom.KST" Date: Wed, 11 Jun 2025 17:36:21 +0800 Subject: [PATCH 145/175] Update certbot-dns-plugins.json --- global/certbot-dns-plugins.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/global/certbot-dns-plugins.json b/global/certbot-dns-plugins.json index cae9de148..a961cc42b 100644 --- a/global/certbot-dns-plugins.json +++ b/global/certbot-dns-plugins.json @@ -60,7 +60,7 @@ "package_name": "certbot-dns-cloudflare", "version": "=={{certbot-version}}", "dependencies": "cloudflare==4.0.* acme=={{certbot-version}}", - "credentials": "# Cloudflare API token\ndns_cloudflare_api_token = 0123456789abcdef0123456789abcdef01234567", + "credentials": "# Cloudflare API credentials used by Certbot\ndns_cloudflare_email = cloudflare@example.com\ndns_cloudflare_api_key = 0123456789abcdef0123456789abcdef01234", "full_plugin_name": "dns-cloudflare" }, "cloudns": { From 7580e65dd4b3ebac5467b619cef5cfe050df604a Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 11 Jun 2025 21:02:35 +0000 Subject: [PATCH 146/175] Bump brace-expansion from 1.1.11 to 1.1.12 in /test Bumps [brace-expansion](https://github.com/juliangruber/brace-expansion) from 1.1.11 to 1.1.12. - [Release notes](https://github.com/juliangruber/brace-expansion/releases) - [Commits](https://github.com/juliangruber/brace-expansion/compare/1.1.11...v1.1.12) --- updated-dependencies: - dependency-name: brace-expansion dependency-version: 1.1.12 dependency-type: indirect ... Signed-off-by: dependabot[bot] --- test/yarn.lock | 946 ++++++++++++++++++++++++++----------------------- 1 file changed, 509 insertions(+), 437 deletions(-) diff --git a/test/yarn.lock b/test/yarn.lock index b79e90e80..e03a70eb3 100644 --- a/test/yarn.lock +++ b/test/yarn.lock @@ -43,15 +43,10 @@ ajv-draft-04 "^1.0.0" call-me-maybe "^1.0.1" -"@colors/colors@1.5.0": - version "1.5.0" - resolved "https://registry.yarnpkg.com/@colors/colors/-/colors-1.5.0.tgz#bb504579c1cae923e6576a4f5da43d25f97bdbd9" - integrity sha512-ooWCrlZP11i8GImSjTHYHLkvFDP48nS4+204nGb1RiX/WXYHmJA2III9/e2DWVabCESdW7hBAEzHRqUn9OUVvQ== - -"@cypress/request@^3.0.4": - version "3.0.5" - resolved "https://registry.yarnpkg.com/@cypress/request/-/request-3.0.5.tgz#d893a6e68ce2636c085fcd8d7283c3186499ba63" - integrity sha512-v+XHd9XmWbufxF1/bTaVm2yhbxY+TB4YtWRqF2zaXBlDNMkls34KiATz0AVDLavL3iB6bQk9/7n3oY1EoLSWGA== +"@cypress/request@^3.0.8": + version "3.0.8" + resolved "https://registry.yarnpkg.com/@cypress/request/-/request-3.0.8.tgz#992f1f42ba03ebb14fa5d97290abe9d015ed0815" + integrity sha512-h0NFgh1mJmm1nr4jCwkGHwKneVYKghUyWe6TMNrk0B9zsjAJxpg8C4/+BAcmLgCPa1vj1V8rNUaILl+zYRUWBQ== dependencies: aws-sign2 "~0.7.0" aws4 "^1.8.0" @@ -66,9 +61,9 @@ json-stringify-safe "~5.0.1" mime-types "~2.1.19" performance-now "^2.1.0" - qs "6.13.0" + qs "6.14.0" safe-buffer "^5.1.2" - tough-cookie "^4.1.3" + tough-cookie "^5.0.0" tunnel-agent "^0.6.0" uuid "^8.3.2" @@ -87,29 +82,43 @@ dependencies: eslint-visitor-keys "^3.3.0" -"@eslint-community/regexpp@^4.11.0": - version "4.11.1" - resolved "https://registry.yarnpkg.com/@eslint-community/regexpp/-/regexpp-4.11.1.tgz#a547badfc719eb3e5f4b556325e542fbe9d7a18f" - integrity sha512-m4DVN9ZqskZoLU5GlWZadwDnYo3vAEydiUayB9widCl9ffWx2IvPnp6n3on5rJmziJSw9Bv+Z3ChDVdMwXCY8Q== +"@eslint-community/regexpp@^4.12.1": + version "4.12.1" + resolved "https://registry.yarnpkg.com/@eslint-community/regexpp/-/regexpp-4.12.1.tgz#cfc6cffe39df390a3841cde2abccf92eaa7ae0e0" + integrity sha512-CCZCDJuduB9OUkFkY2IgppNZMi2lBQgD2qzwXkEia16cge2pijY/aXi96CJMquDMn3nJdlPV1A5KrJEXwfLNzQ== -"@eslint/config-array@^0.18.0": - version "0.18.0" - resolved "https://registry.yarnpkg.com/@eslint/config-array/-/config-array-0.18.0.tgz#37d8fe656e0d5e3dbaea7758ea56540867fd074d" - integrity sha512-fTxvnS1sRMu3+JjXwJG0j/i4RT9u4qJ+lqS/yCGap4lH4zZGzQ7tu+xZqQmcMZq5OBZDL4QRxQzRjkWcGt8IVw== +"@eslint/config-array@^0.20.0": + version "0.20.1" + resolved "https://registry.yarnpkg.com/@eslint/config-array/-/config-array-0.20.1.tgz#454f89be82b0e5b1ae872c154c7e2f3dd42c3979" + integrity sha512-OL0RJzC/CBzli0DrrR31qzj6d6i6Mm3HByuhflhl4LOBiWxN+3i6/t/ZQQNii4tjksXi8r2CRW1wMpWA2ULUEw== dependencies: - "@eslint/object-schema" "^2.1.4" + "@eslint/object-schema" "^2.1.6" debug "^4.3.1" minimatch "^3.1.2" -"@eslint/core@^0.6.0": - version "0.6.0" - resolved "https://registry.yarnpkg.com/@eslint/core/-/core-0.6.0.tgz#9930b5ba24c406d67a1760e94cdbac616a6eb674" - integrity sha512-8I2Q8ykA4J0x0o7cg67FPVnehcqWTBehu/lmY+bolPFHGjh49YzGBMXTvpqVgEbBdvNCSxj6iFgiIyHzf03lzg== +"@eslint/config-helpers@^0.2.1": + version "0.2.3" + resolved "https://registry.yarnpkg.com/@eslint/config-helpers/-/config-helpers-0.2.3.tgz#39d6da64ed05d7662659aa7035b54cd55a9f3672" + integrity sha512-u180qk2Um1le4yf0ruXH3PYFeEZeYC3p/4wCTKrr2U1CmGdzGi3KtY0nuPDH48UJxlKCC5RDzbcbh4X0XlqgHg== -"@eslint/eslintrc@^3.1.0": - version "3.1.0" - resolved "https://registry.yarnpkg.com/@eslint/eslintrc/-/eslintrc-3.1.0.tgz#dbd3482bfd91efa663cbe7aa1f506839868207b6" - integrity sha512-4Bfj15dVJdoy3RfZmmo86RK1Fwzn6SstsvK9JS+BaVKqC6QQQQyXekNaC+g+LKNgkQ+2VhGAzm6hO40AhMR3zQ== +"@eslint/core@^0.14.0": + version "0.14.0" + resolved "https://registry.yarnpkg.com/@eslint/core/-/core-0.14.0.tgz#326289380968eaf7e96f364e1e4cf8f3adf2d003" + integrity sha512-qIbV0/JZr7iSDjqAc60IqbLdsj9GDt16xQtWD+B78d/HAlvysGdZZ6rpJHGAc2T0FQx1X6thsSPdnoiGKdNtdg== + dependencies: + "@types/json-schema" "^7.0.15" + +"@eslint/core@^0.15.0": + version "0.15.0" + resolved "https://registry.yarnpkg.com/@eslint/core/-/core-0.15.0.tgz#8fc04709a7b9a179d9f7d93068fc000cb8c5603d" + integrity sha512-b7ePw78tEWWkpgZCDYkbqDOP8dmM6qe+AOC6iuJqlq1R/0ahMAeH3qynpnqKFGkMltrp44ohV4ubGyvLX28tzw== + dependencies: + "@types/json-schema" "^7.0.15" + +"@eslint/eslintrc@^3.3.1": + version "3.3.1" + resolved "https://registry.yarnpkg.com/@eslint/eslintrc/-/eslintrc-3.3.1.tgz#e55f7f1dd400600dd066dbba349c4c0bac916964" + integrity sha512-gtF186CXhIl1p4pJNGZw8Yc6RlshoePRvE0X91oPGb3vZ8pM3qOS9W9NGPat9LziaBV7XrJWGylNQXkGcnM3IQ== dependencies: ajv "^6.12.4" debug "^4.3.2" @@ -121,34 +130,35 @@ minimatch "^3.1.2" strip-json-comments "^3.1.1" -"@eslint/js@9.12.0": - version "9.12.0" - resolved "https://registry.yarnpkg.com/@eslint/js/-/js-9.12.0.tgz#69ca3ca9fab9a808ec6d67b8f6edb156cbac91e1" - integrity sha512-eohesHH8WFRUprDNyEREgqP6beG6htMeUYeCpkEgBCieCMme5r9zFWjzAJp//9S+Kub4rqE+jXe9Cp1a7IYIIA== +"@eslint/js@9.28.0": + version "9.28.0" + resolved "https://registry.yarnpkg.com/@eslint/js/-/js-9.28.0.tgz#7822ccc2f8cae7c3cd4f902377d520e9ae03f844" + integrity sha512-fnqSjGWd/CoIp4EXIxWVK/sHA6DOHN4+8Ix2cX5ycOY7LG0UY8nHCU5pIp2eaE1Mc7Qd8kHspYNzYXT2ojPLzg== -"@eslint/object-schema@^2.1.4": - version "2.1.4" - resolved "https://registry.yarnpkg.com/@eslint/object-schema/-/object-schema-2.1.4.tgz#9e69f8bb4031e11df79e03db09f9dbbae1740843" - integrity sha512-BsWiH1yFGjXXS2yvrf5LyuoSIIbPrGUWob917o+BTKuZ7qJdxX8aJLRxs1fS9n6r7vESrq1OUqb68dANcFXuQQ== +"@eslint/object-schema@^2.1.6": + version "2.1.6" + resolved "https://registry.yarnpkg.com/@eslint/object-schema/-/object-schema-2.1.6.tgz#58369ab5b5b3ca117880c0f6c0b0f32f6950f24f" + integrity sha512-RBMg5FRL0I0gs51M/guSAj5/e14VQ4tpZnQNWwuDT66P14I43ItmPfIZRhO9fUVIPOAQXU47atlywZ/czoqFPA== -"@eslint/plugin-kit@^0.2.0": - version "0.2.3" - resolved "https://registry.yarnpkg.com/@eslint/plugin-kit/-/plugin-kit-0.2.3.tgz#812980a6a41ecf3a8341719f92a6d1e784a2e0e8" - integrity sha512-2b/g5hRmpbb1o4GnTZax9N9m0FXzz9OV42ZzI4rDDMDuHUqigAiQCEWChBWCY4ztAGVRjoWT19v0yMmc5/L5kA== +"@eslint/plugin-kit@^0.3.1": + version "0.3.2" + resolved "https://registry.yarnpkg.com/@eslint/plugin-kit/-/plugin-kit-0.3.2.tgz#0cad96b134d23a653348e3342f485636b5ef4732" + integrity sha512-4SaFZCNfJqvk/kenHpI8xvN42DMaoycy4PzKc5otHxRswww1kAt82OlBuwRVLofCACCTZEcla2Ydxv8scMXaTg== dependencies: + "@eslint/core" "^0.15.0" levn "^0.4.1" -"@humanfs/core@^0.19.0": - version "0.19.0" - resolved "https://registry.yarnpkg.com/@humanfs/core/-/core-0.19.0.tgz#08db7a8c73bb07673d9ebd925f2dad746411fcec" - integrity sha512-2cbWIHbZVEweE853g8jymffCA+NCMiuqeECeBBLm8dg2oFdjuGJhgN4UAbI+6v0CKbbhvtXA4qV8YR5Ji86nmw== +"@humanfs/core@^0.19.1": + version "0.19.1" + resolved "https://registry.yarnpkg.com/@humanfs/core/-/core-0.19.1.tgz#17c55ca7d426733fe3c561906b8173c336b40a77" + integrity sha512-5DyQ4+1JEUzejeK1JGICcideyfUbGixgS9jNgex5nqkW+cY7WZhxBigmieN5Qnw9ZosSNVC9KQKyb+GUaGyKUA== -"@humanfs/node@^0.16.5": - version "0.16.5" - resolved "https://registry.yarnpkg.com/@humanfs/node/-/node-0.16.5.tgz#a9febb7e7ad2aff65890fdc630938f8d20aa84ba" - integrity sha512-KSPA4umqSG4LHYRodq31VDwKAvaTF4xmVlzM8Aeh4PlU1JQ3IG0wiA8C25d3RQ9nJyM3mBHyI53K06VVL/oFFg== +"@humanfs/node@^0.16.6": + version "0.16.6" + resolved "https://registry.yarnpkg.com/@humanfs/node/-/node-0.16.6.tgz#ee2a10eaabd1131987bf0488fd9b820174cd765e" + integrity sha512-YuI2ZHQL78Q5HbhDiBA1X4LmYdXCKCMQIfw0pw7piHJwyREFebJUvrQN4cMssyES6x+vfUbx1CIpaQUKYdQZOw== dependencies: - "@humanfs/core" "^0.19.0" + "@humanfs/core" "^0.19.1" "@humanwhocodes/retry" "^0.3.0" "@humanwhocodes/module-importer@^1.0.1": @@ -161,19 +171,32 @@ resolved "https://registry.yarnpkg.com/@humanwhocodes/retry/-/retry-0.3.0.tgz#6d86b8cb322660f03d3f0aa94b99bdd8e172d570" integrity sha512-d2CGZR2o7fS6sWB7DG/3a95bGKQyHMACZ5aW8qGkkqQpUoZV6C0X7Pc7l4ZNMZkfNBf4VWNe9E1jRsf0G146Ew== -"@humanwhocodes/retry@^0.3.1": - version "0.3.1" - resolved "https://registry.yarnpkg.com/@humanwhocodes/retry/-/retry-0.3.1.tgz#c72a5c76a9fbaf3488e231b13dc52c0da7bab42a" - integrity sha512-JBxkERygn7Bv/GbN5Rv8Ul6LVknS+5Bp6RgDC/O8gEBU/yeH5Ui5C/OlWrTb6qct7LjjfT6Re2NxB0ln0yYybA== +"@humanwhocodes/retry@^0.4.2": + version "0.4.3" + resolved "https://registry.yarnpkg.com/@humanwhocodes/retry/-/retry-0.4.3.tgz#c2b9d2e374ee62c586d3adbea87199b1d7a7a6ba" + integrity sha512-bV0Tgo9K4hfPCek+aMAn81RppFKv2ySDQeMoSZuvTASywNTnVJCArCZE2FWqpvIatKu7VMRLWlR1EazvVhDyhQ== -"@jc21/cypress-swagger-validation@^0.3.1": - version "0.3.1" - resolved "https://registry.yarnpkg.com/@jc21/cypress-swagger-validation/-/cypress-swagger-validation-0.3.1.tgz#1cdd49850a20f876ed62149623f99988264751be" - integrity sha512-Vdt1gLfj8p0tJhA42Cfn43XBbsKocNfVCEVSwkn7RmZgWUyRKjqhBBRTVa9cKZTozyg8Co/yhBMsNyjmHFVXtQ== +"@isaacs/cliui@^8.0.2": + version "8.0.2" + resolved "https://registry.yarnpkg.com/@isaacs/cliui/-/cliui-8.0.2.tgz#b37667b7bc181c168782259bab42474fbf52b550" + integrity sha512-O8jcjabXaleOG9DQ0+ARXWZBTfnP4WNAqzuiJK7ll44AmxGKv/J2M4TPjxjY3znBCfvBXFzucm1twdyFybFqEA== + dependencies: + string-width "^5.1.2" + string-width-cjs "npm:string-width@^4.2.0" + strip-ansi "^7.0.1" + strip-ansi-cjs "npm:strip-ansi@^6.0.1" + wrap-ansi "^8.1.0" + wrap-ansi-cjs "npm:wrap-ansi@^7.0.0" + +"@jc21/cypress-swagger-validation@^0.3.2": + version "0.3.2" + resolved "https://registry.yarnpkg.com/@jc21/cypress-swagger-validation/-/cypress-swagger-validation-0.3.2.tgz#6d1cd6c702405caf7661398b662de84a3fa50f8e" + integrity sha512-ml6wnYcCRlkvV/UFyIIg1nBGWajKEA7+52kxT/J6LHjv/QweaUpNbD1z0P6GqaIWLJbgerP0tsn/PRZTR8QCMw== dependencies: "@apidevtools/json-schema-ref-parser" "^11.7.2" "@apidevtools/swagger-parser" "^10.1.0" ajv "^8.17.1" + ajv-formats "^3.0.1" axios "^1.7.7" json-schema "^0.4.0" jsonpath "^1.1.1" @@ -186,6 +209,11 @@ resolved "https://registry.yarnpkg.com/@jsdevtools/ono/-/ono-7.1.3.tgz#9df03bbd7c696a5c58885c34aa06da41c8543796" integrity sha512-4JQNk+3mVzK3xh2rqd6RB4J46qUR19azEHBneZyTZM+c456qOrbbM/5xcR8huNCCcbVt7+UmizG6GuUvPvKUYg== +"@pkgjs/parseargs@^0.11.0": + version "0.11.0" + resolved "https://registry.yarnpkg.com/@pkgjs/parseargs/-/parseargs-0.11.0.tgz#a77ea742fab25775145434eb1d2328cf5013ac33" + integrity sha512-+1VkjdD0QBLPodGrJUeqarH8VAIvQODIbwh9XpP5Syisf7YoQgsJKPNFoqqLQlu+VQ/tVSshMR6loPMn8U+dPg== + "@types/color-name@^1.1.1": version "1.1.1" resolved "https://registry.yarnpkg.com/@types/color-name/-/color-name-1.1.1.tgz#1c1261bbeaa10a8055bbc5d8ab84b7b2afc846a0" @@ -233,10 +261,10 @@ acorn@^8.11.3: resolved "https://registry.yarnpkg.com/acorn/-/acorn-8.11.3.tgz#71e0b14e13a4ec160724b38fb7b0f233b1b81d7a" integrity sha512-Y9rRfJG5jcKOE0CLisYbojUjIrIEE7AGMzA/Sm4BslANhbS+cDMpgBdcPT91oJ7OuJ9hYJBx59RjbhxVnrF8Xg== -acorn@^8.12.0: - version "8.12.1" - resolved "https://registry.yarnpkg.com/acorn/-/acorn-8.12.1.tgz#71616bdccbe25e27a54439e0046e89ca76df2248" - integrity sha512-tcpGyI9zbizT9JbV6oYE477V6mTlXvvi0T0G3SNIYE2apm/G5huBa1+K89VGeovbg+jycCrfhl3ADxErOuO6Jg== +acorn@^8.15.0: + version "8.15.0" + resolved "https://registry.yarnpkg.com/acorn/-/acorn-8.15.0.tgz#a360898bc415edaac46c8241f6383975b930b816" + integrity sha512-NZyJarBfL7nWwIq+FDL6Zp/yHEhePMNnnJ0y3qfieCrmNvYct8uvtiV41UvlSe6apAfk0fY1FbWx+NwfmpvtTg== aggregate-error@^3.0.0: version "3.1.0" @@ -251,6 +279,13 @@ ajv-draft-04@^1.0.0: resolved "https://registry.yarnpkg.com/ajv-draft-04/-/ajv-draft-04-1.0.0.tgz#3b64761b268ba0b9e668f0b41ba53fce0ad77fc8" integrity sha512-mv00Te6nmYbRp5DCwclxtt7yV/joXJPGS7nM+97GdxvuttCOfgI3K4U25zboyeX0O+myI8ERluxQe5wljMmVIw== +ajv-formats@^3.0.1: + version "3.0.1" + resolved "https://registry.yarnpkg.com/ajv-formats/-/ajv-formats-3.0.1.tgz#3d5dc762bca17679c3c2ea7e90ad6b7532309578" + integrity sha512-8iUql50EUR+uUcdRQ3HDqa6EVyo3docL8g5WJ3FNcWmu62IbkGUue/pEyLBW8VGKKucTPgqeks4fIU1DA4yowQ== + dependencies: + ajv "^8.0.0" + ajv@^6.12.4: version "6.12.6" resolved "https://registry.yarnpkg.com/ajv/-/ajv-6.12.6.tgz#baf5a62e802b07d977034586f8c3baf5adf26df4" @@ -261,7 +296,7 @@ ajv@^6.12.4: json-schema-traverse "^0.4.1" uri-js "^4.2.2" -ajv@^8.17.1: +ajv@^8.0.0, ajv@^8.17.1: version "8.17.1" resolved "https://registry.yarnpkg.com/ajv/-/ajv-8.17.1.tgz#37d9a5c776af6bc92d7f4f9510eba4c0a60d11a6" integrity sha512-B/gBuNg5SiMTrPkC+A2+cW0RszwxYmn6VYxB/inlBStS5nx6xHIt/ehKRhIMhqusl7a8LjQoZnjCs5vhwxOQ1g== @@ -286,11 +321,6 @@ ansi-colors@^4.1.1: resolved "https://registry.yarnpkg.com/ansi-colors/-/ansi-colors-4.1.1.tgz#cbb9ae256bf750af1eab344f229aa27fe94ba348" integrity sha512-JoX0apGbHaUJBNl6yF+p6JAFYZ666/hhCGKN5t9QFjbJQKUU/g8MNbFDbvfrgKXvI1QpZplPOnwIo99lX/AAmA== -ansi-colors@^4.1.3: - version "4.1.3" - resolved "https://registry.yarnpkg.com/ansi-colors/-/ansi-colors-4.1.3.tgz#37611340eb2243e70cc604cad35d63270d48781b" - integrity sha512-/6w/C21Pm1A7aZitlI5Ni/2J6FFQN8i1Cvz3kHABAAbw93v/NlvKdVOqz7CCWz/3iv/JplRSEEZ83XION15ovw== - ansi-escapes@^4.3.0: version "4.3.2" resolved "https://registry.yarnpkg.com/ansi-escapes/-/ansi-escapes-4.3.2.tgz#6b2291d1db7d98b6521d5f1efa42d0f3a9feb65e" @@ -308,6 +338,11 @@ ansi-regex@^5.0.1: resolved "https://registry.yarnpkg.com/ansi-regex/-/ansi-regex-5.0.1.tgz#082cb2c89c9fe8659a311a53bd6a4dc5301db304" integrity sha512-quJQXlTSUGL2LH9SUXo8VwsY4soanhgo6LNSm84E1LBcE8s3O0wpdiRzyR9z/ZZJMlMWv37qOOb9pdJlMUEKFQ== +ansi-regex@^6.0.1: + version "6.1.0" + resolved "https://registry.yarnpkg.com/ansi-regex/-/ansi-regex-6.1.0.tgz#95ec409c69619d6cb1b8b34f14b660ef28ebd654" + integrity sha512-7HSX4QQb4CspciLpVFwyRe79O3xsIZDDLER21kERQ71oaPodF8jL725AgJMFAYbooIqolJoRLuM81SpeUkpkvA== + ansi-styles@^4.0.0: version "4.3.0" resolved "https://registry.yarnpkg.com/ansi-styles/-/ansi-styles-4.3.0.tgz#edd803628ae71c04c85ae7a0906edad34b648937" @@ -323,13 +358,10 @@ ansi-styles@^4.1.0: "@types/color-name" "^1.1.1" color-convert "^2.0.1" -anymatch@~3.1.2: - version "3.1.3" - resolved "https://registry.yarnpkg.com/anymatch/-/anymatch-3.1.3.tgz#790c58b19ba1720a84205b57c618d5ad8524973e" - integrity sha512-KMReFUr0B4t+D+OBkjR3KYqvocp2XaSzO55UcB6mgQMd3KbcE+mWTyvVV7D/zsdEbNnV6acZUutkiHQXvTr1Rw== - dependencies: - normalize-path "^3.0.0" - picomatch "^2.0.4" +ansi-styles@^6.1.0: + version "6.2.1" + resolved "https://registry.yarnpkg.com/ansi-styles/-/ansi-styles-6.2.1.tgz#0e62320cf99c21afff3b3012192546aacbfb05c5" + integrity sha512-bN798gFfQX+viw3R7yrGWRqnrN2oRkEkUjjl4JNn4E8GxxbjtG3FbrEIIY3l8/hrwUwIeCZvi4QuOTP4MErVug== arch@^2.2.0: version "2.2.0" @@ -399,6 +431,15 @@ axios@^1.7.7: form-data "^4.0.0" proxy-from-env "^1.1.0" +axios@^1.7.9: + version "1.9.0" + resolved "https://registry.yarnpkg.com/axios/-/axios-1.9.0.tgz#25534e3b72b54540077d33046f77e3b8d7081901" + integrity sha512-re4CqKTJaURpzbLHtIi6XpDv20/CnpXOtjRY5/CU32L8gU8ek9UIivcfvSWvmKEngmVbrUtPpdDwWDWL7DNHvg== + dependencies: + follow-redirects "^1.15.6" + form-data "^4.0.0" + proxy-from-env "^1.1.0" + balanced-match@^1.0.0: version "1.0.0" resolved "https://registry.yarnpkg.com/balanced-match/-/balanced-match-1.0.0.tgz#89b4d199ab2bee49de164ea02b89ce462d71b767" @@ -416,11 +457,6 @@ bcrypt-pbkdf@^1.0.0: dependencies: tweetnacl "^0.14.3" -binary-extensions@^2.0.0: - version "2.1.0" - resolved "https://registry.yarnpkg.com/binary-extensions/-/binary-extensions-2.1.0.tgz#30fa40c9e7fe07dbc895678cd287024dea241dd9" - integrity sha512-1Yj8h9Q+QDF5FzhMs/c9+6UntbD5MkRfRwac8DoEm9ZfUBZ7tZ55YcGVAzEe4bXsdQHEk+s9S5wsOKVdZrw0tQ== - blob-util@^2.0.2: version "2.0.2" resolved "https://registry.yarnpkg.com/blob-util/-/blob-util-2.0.2.tgz#3b4e3c281111bb7f11128518006cdc60b403a1eb" @@ -432,27 +468,20 @@ bluebird@^3.7.2: integrity sha512-XpNj6GDQzdfW+r2Wnn7xiSAd7TM3jzkxGXBGTtWKuSXv1xUV+azxAm8jdWZN06QTQk+2N2XB9jRDkvbmQmcRtg== brace-expansion@^1.1.7: - version "1.1.11" - resolved "https://registry.yarnpkg.com/brace-expansion/-/brace-expansion-1.1.11.tgz#3c7fcbf529d87226f3d2f52b966ff5271eb441dd" - integrity sha512-iCuPHDFgrHX7H2vEI/5xpz07zSHB00TpugqhmYtVmMO6518mCuRMoOYFldEBl0g187ufozdaHgWKcYFb61qGiA== + version "1.1.12" + resolved "https://registry.yarnpkg.com/brace-expansion/-/brace-expansion-1.1.12.tgz#ab9b454466e5a8cc3a187beaad580412a9c5b843" + integrity sha512-9T9UjW3r0UW5c1Q7GTwllptXwhvYmEzFhzMfZ9H7FQWt+uZePjZPjBP/W1ZEyZ1twGWom5/56TF4lPcqjnDHcg== dependencies: balanced-match "^1.0.0" concat-map "0.0.1" brace-expansion@^2.0.1: - version "2.0.1" - resolved "https://registry.yarnpkg.com/brace-expansion/-/brace-expansion-2.0.1.tgz#1edc459e0f0c548486ecf9fc99f2221364b9a0ae" - integrity sha512-XnAIvQ8eM+kC6aULx6wuQiwVsnzsi9d3WxzV3FpWTGA19F621kwdbsAcFKXgKUHZWsy+mY6iL1sHTxWEFCytDA== + version "2.0.2" + resolved "https://registry.yarnpkg.com/brace-expansion/-/brace-expansion-2.0.2.tgz#54fc53237a613d854c7bd37463aad17df87214e7" + integrity sha512-Jt0vHyM+jmUBqojB7E1NIYadt0vI0Qxjxd2TErW94wDz+E2LAm5vKMXXwg6ZZBTHPuUlDgQHKXvjGBdfcF1ZDQ== dependencies: balanced-match "^1.0.0" -braces@~3.0.2: - version "3.0.3" - resolved "https://registry.yarnpkg.com/braces/-/braces-3.0.3.tgz#490332f40919452272d55a8480adc0c441358789" - integrity sha512-yQbXgO/OSZVD2IsiLlro+7Hf6Q18EJrKSEsdoMzKePKXct3gvD8oLcOQdIzGupr5Fj+EDe8gO/lxc1BzfMpxvA== - dependencies: - fill-range "^7.1.1" - browser-stdout@^1.3.1: version "1.3.1" resolved "https://registry.yarnpkg.com/browser-stdout/-/browser-stdout-1.3.1.tgz#baa559ee14ced73452229bad7326467c61fabd60" @@ -476,16 +505,21 @@ cachedir@^2.3.0: resolved "https://registry.yarnpkg.com/cachedir/-/cachedir-2.3.0.tgz#0c75892a052198f0b21c7c1804d8331edfcae0e8" integrity sha512-A+Fezp4zxnit6FanDmv9EqXNAi3vt9DWp51/71UEhXukb7QUuvtv9344h91dyAxuTLoSYJFU299qzR3tzwPAhw== -call-bind@^1.0.7: - version "1.0.7" - resolved "https://registry.yarnpkg.com/call-bind/-/call-bind-1.0.7.tgz#06016599c40c56498c18769d2730be242b6fa3b9" - integrity sha512-GHTSNSYICQ7scH7sZ+M2rFopRoLh8t2bLSW6BbgrtLsahOIB5iyAVJf9GjWK3cYTDaMj4XdBpM1cA6pIS0Kv2w== +call-bind-apply-helpers@^1.0.1, call-bind-apply-helpers@^1.0.2: + version "1.0.2" + resolved "https://registry.yarnpkg.com/call-bind-apply-helpers/-/call-bind-apply-helpers-1.0.2.tgz#4b5428c222be985d79c3d82657479dbe0b59b2d6" + integrity sha512-Sp1ablJ0ivDkSzjcaJdxEunN5/XvksFJ2sMBFfq6x0ryhQV/2b/KwFe21cMpmHtPOSij8K99/wSfoEuTObmuMQ== dependencies: - es-define-property "^1.0.0" es-errors "^1.3.0" function-bind "^1.1.2" - get-intrinsic "^1.2.4" - set-function-length "^1.2.1" + +call-bound@^1.0.2: + version "1.0.4" + resolved "https://registry.yarnpkg.com/call-bound/-/call-bound-1.0.4.tgz#238de935d2a2a692928c538c7ccfa91067fd062a" + integrity sha512-+ys997U96po4Kx/ABpBCqhA9EuxJaQWDQg7295H4hBphv3IZg0boBKuwYpt4YXp6MZ5AmZQnU/tyMTlRpaSejg== + dependencies: + call-bind-apply-helpers "^1.0.2" + get-intrinsic "^1.3.0" call-me-maybe@^1.0.1: version "1.0.1" @@ -525,25 +559,17 @@ check-more-types@^2.24.0: resolved "https://registry.yarnpkg.com/check-more-types/-/check-more-types-2.24.0.tgz#1420ffb10fd444dcfc79b43891bbfffd32a84600" integrity sha1-FCD/sQ/URNz8ebQ4kbv//TKoRgA= -chokidar@^3.5.3: - version "3.6.0" - resolved "https://registry.yarnpkg.com/chokidar/-/chokidar-3.6.0.tgz#197c6cc669ef2a8dc5e7b4d97ee4e092c3eb0d5b" - integrity sha512-7VT13fmjotKpGipCW9JEQAusEPE+Ei8nl6/g4FBAmIm0GOOLMua9NDDo/DWp0ZAxCr3cPq5ZpBqmPAQgDda2Pw== - dependencies: - anymatch "~3.1.2" - braces "~3.0.2" - glob-parent "~5.1.2" - is-binary-path "~2.1.0" - is-glob "~4.0.1" - normalize-path "~3.0.0" - readdirp "~3.6.0" - optionalDependencies: - fsevents "~2.3.2" +chokidar@^4.0.1: + version "4.0.3" + resolved "https://registry.yarnpkg.com/chokidar/-/chokidar-4.0.3.tgz#7be37a4c03c9aee1ecfe862a4a23b2c70c205d30" + integrity sha512-Qgzu8kfBvo+cA4962jnP1KkS6Dop5NS6g7R5LFYJr4b8Ub94PPQXUksCw9PvXoeXPRRddRNC5C1JQUR2SMGtnA== + dependencies: + readdirp "^4.0.1" -ci-info@^3.2.0: - version "3.8.0" - resolved "https://registry.yarnpkg.com/ci-info/-/ci-info-3.8.0.tgz#81408265a5380c929f0bc665d62256628ce9ef91" - integrity sha512-eXTggHWSooYhq49F2opQhuHWgzucfF2YgODK4e1566GQs5BIfP30B0oenwBJHfWxAs2fyPB1s7Mg949zLf61Yw== +ci-info@^4.1.0: + version "4.2.0" + resolved "https://registry.yarnpkg.com/ci-info/-/ci-info-4.2.0.tgz#cbd21386152ebfe1d56f280a3b5feccbd96764c7" + integrity sha512-cYY9mypksY8NRqgDB1XD1RiJL338v/551niynFTGkZOO2LHuB2OmOYxDIe/ttN9AHwrqdum1360G3ald0W9kCg== clean-stack@^2.0.0: version "2.2.0" @@ -557,14 +583,14 @@ cli-cursor@^3.1.0: dependencies: restore-cursor "^3.1.0" -cli-table3@~0.6.1: - version "0.6.3" - resolved "https://registry.yarnpkg.com/cli-table3/-/cli-table3-0.6.3.tgz#61ab765aac156b52f222954ffc607a6f01dbeeb2" - integrity sha512-w5Jac5SykAeZJKntOxJCrm63Eg5/4dhMWIcuTbo9rpE+brgaSZo0RuNJZeOyMgsUdhDeojvgyQLmjI+K50ZGyg== +cli-table3@0.6.1: + version "0.6.1" + resolved "https://registry.yarnpkg.com/cli-table3/-/cli-table3-0.6.1.tgz#36ce9b7af4847f288d3cdd081fbd09bf7bd237b8" + integrity sha512-w0q/enDHhPLq44ovMGdQeeDLvwxwavsJX7oQGYt/LrBlYsyaxyDnp6z3QzFut/6kLLKnlcUVJLrpB7KBfgG/RA== dependencies: string-width "^4.2.0" optionalDependencies: - "@colors/colors" "1.5.0" + colors "1.4.0" cli-truncate@^2.1.0: version "2.1.0" @@ -574,13 +600,13 @@ cli-truncate@^2.1.0: slice-ansi "^3.0.0" string-width "^4.2.0" -cliui@^7.0.2: - version "7.0.4" - resolved "https://registry.yarnpkg.com/cliui/-/cliui-7.0.4.tgz#a0265ee655476fc807aea9df3df8df7783808b4f" - integrity sha512-OcRE68cOsVMXp1Yvonl/fzkQOyjLSu/8bhPDfQt0e0/Eb283TKP20Fs2MqoPsr9SwA595rRCA+QMzYc9nBP+JQ== +cliui@^8.0.1: + version "8.0.1" + resolved "https://registry.yarnpkg.com/cliui/-/cliui-8.0.1.tgz#0c04b075db02cbfe60dc8e6cf2f5486b1a3608aa" + integrity sha512-BSeNnyus75C4//NQ9gQt1/csTXyo/8Sb+afLAkzAptFuMsod9HFokGNudZpi/oQV73hnVK+sR+5PVRMd+Dr7YQ== dependencies: string-width "^4.2.0" - strip-ansi "^6.0.0" + strip-ansi "^6.0.1" wrap-ansi "^7.0.0" color-convert@^2.0.1: @@ -600,6 +626,11 @@ colorette@^2.0.16: resolved "https://registry.yarnpkg.com/colorette/-/colorette-2.0.19.tgz#cdf044f47ad41a0f4b56b3a0d5b4e6e1a2d5a798" integrity sha512-3tlv/dIP7FWvj3BsbHrGLJ6l/oKh1O3TcgBqMn+yyCagOxc23fyzDS6HypQbgxWbkpDnf52p1LuR4eWDQ/K9WQ== +colors@1.4.0: + version "1.4.0" + resolved "https://registry.yarnpkg.com/colors/-/colors-1.4.0.tgz#c50491479d4c1bdaed2c9ced32cf7c7dc2360f78" + integrity sha512-a+UqTh4kgZg/SlGvfbzDHpgRu7AAQOmmqRHJnxhRZICKFUT91brVhNNt58CMWU9PsBbv3PDCZUHbVxuDiH2mtA== + combined-stream@^1.0.8, combined-stream@~1.0.6: version "1.0.8" resolved "https://registry.yarnpkg.com/combined-stream/-/combined-stream-1.0.8.tgz#c3d45a8b34fd730631a110a8a2520682b31d5a7f" @@ -627,7 +658,7 @@ core-util-is@1.0.2: resolved "https://registry.yarnpkg.com/core-util-is/-/core-util-is-1.0.2.tgz#b5fd54220aa2bc5ab57aab7140c940754503c1a7" integrity sha1-tf1UIgqivFq1eqtxQMlAdUUDwac= -cross-spawn@^7.0.0, cross-spawn@^7.0.2: +cross-spawn@^7.0.0, cross-spawn@^7.0.6: version "7.0.6" resolved "https://registry.yarnpkg.com/cross-spawn/-/cross-spawn-7.0.6.tgz#8a58fe78f00dcd70c370451759dfbfaf03e8ee9f" integrity sha512-uV2QOWP2nWzsy2aMp8aRibhi9dlzF5Hgh5SHaB9OiTGEyDTiJJyx0uy51QXdyWbtAHNua4XJzUKca3OzKUd3vA== @@ -641,25 +672,26 @@ crypt@0.0.2: resolved "https://registry.yarnpkg.com/crypt/-/crypt-0.0.2.tgz#88d7ff7ec0dfb86f713dc87bbb42d044d3e6c41b" integrity sha512-mCxBlsHFYh9C+HVpiEacem8FEBnMXgU9gy4zmNC+SXAZNB/1idgp/aulFJ4FgCi7GPEVbfyng092GqL2k2rmow== -cypress-multi-reporters@^1.6.4: - version "1.6.4" - resolved "https://registry.yarnpkg.com/cypress-multi-reporters/-/cypress-multi-reporters-1.6.4.tgz#6f9d25ed8a0d8d7fa5597977adcd2237d1249931" - integrity sha512-3xU2t6pZjZy/ORHaCvci5OT1DAboS4UuMMM8NBAizeb2C9qmHt+cgAjXgurazkwkPRdO7ccK39M5ZaPCju0r6A== +cypress-multi-reporters@^2.0.5: + version "2.0.5" + resolved "https://registry.yarnpkg.com/cypress-multi-reporters/-/cypress-multi-reporters-2.0.5.tgz#2ef058ac7ea1f03adf368eee47c61d7d4f2644db" + integrity sha512-5ReXlNE7C/9/rpDI3z0tAJbPXsTHK7P3ogvUtBntQlmctRQ+sSMts7dIQY5MTb0XfBSge3CuwvNvaoqtw90KSQ== dependencies: - debug "^4.3.4" + debug "^4.4.0" lodash "^4.17.21" + semver "^7.6.3" cypress-wait-until@^3.0.2: version "3.0.2" resolved "https://registry.yarnpkg.com/cypress-wait-until/-/cypress-wait-until-3.0.2.tgz#c90dddfa4c46a2c422f5b91d486531c560bae46e" integrity sha512-iemies796dD5CgjG5kV0MnpEmKSH+s7O83ZoJLVzuVbZmm4lheMsZqAVT73hlMx4QlkwhxbyUzhOBUOZwoOe0w== -cypress@^13.15.0: - version "13.15.0" - resolved "https://registry.yarnpkg.com/cypress/-/cypress-13.15.0.tgz#5eca5387ef34b2e611cfa291967c69c2cd39381d" - integrity sha512-53aO7PwOfi604qzOkCSzNlWquCynLlKE/rmmpSPcziRH6LNfaDUAklQT6WJIsD8ywxlIy+uVZsnTMCCQVd2kTw== +cypress@^14.0.1: + version "14.4.1" + resolved "https://registry.yarnpkg.com/cypress/-/cypress-14.4.1.tgz#6e586ba098503b594561d5f8f746a9db6556ed2a" + integrity sha512-YSGvVXtTqSGRTyHbaxHI5dHU/9xc5ymaTIM4BU85GKhj980y6XgA3fShSpj5DatS8knXMsAvYItQxVQFHGpUtw== dependencies: - "@cypress/request" "^3.0.4" + "@cypress/request" "^3.0.8" "@cypress/xvfb" "^1.2.4" "@types/sinonjs__fake-timers" "8.1.1" "@types/sizzle" "^2.3.2" @@ -670,8 +702,9 @@ cypress@^13.15.0: cachedir "^2.3.0" chalk "^4.1.0" check-more-types "^2.24.0" + ci-info "^4.1.0" cli-cursor "^3.1.0" - cli-table3 "~0.6.1" + cli-table3 "0.6.1" commander "^6.2.1" common-tags "^1.8.0" dayjs "^1.10.4" @@ -684,7 +717,6 @@ cypress@^13.15.0: figures "^3.2.0" fs-extra "^9.1.0" getos "^3.2.1" - is-ci "^3.0.1" is-installed-globally "~0.4.0" lazy-ass "^1.6.0" listr2 "^3.8.3" @@ -696,9 +728,10 @@ cypress@^13.15.0: process "^0.11.10" proxy-from-env "1.0.0" request-progress "^3.0.0" - semver "^7.5.3" + semver "^7.7.1" supports-color "^8.1.1" tmp "~0.2.3" + tree-kill "1.2.2" untildify "^4.0.0" yauzl "^2.10.0" @@ -742,6 +775,13 @@ debug@^4.3.5: dependencies: ms "^2.1.3" +debug@^4.4.0: + version "4.4.1" + resolved "https://registry.yarnpkg.com/debug/-/debug-4.4.1.tgz#e5a8bc6cbc4c6cd3e64308b0693a3d4fa550189b" + integrity sha512-KcKCqiftBJcZr++7ykoDIEwSa3XWowTfNPo92BYxjXiyYEVrUQh2aLyhxBCwww+heortUFxEJYcRzosstTEBYQ== + dependencies: + ms "^2.1.3" + decamelize@^4.0.0: version "4.0.0" resolved "https://registry.yarnpkg.com/decamelize/-/decamelize-4.0.0.tgz#aa472d7bf660eb15f3494efd531cab7f2a709837" @@ -752,24 +792,29 @@ deep-is@^0.1.3, deep-is@~0.1.3: resolved "https://registry.yarnpkg.com/deep-is/-/deep-is-0.1.3.tgz#b369d6fb5dbc13eecf524f91b070feedc357cf34" integrity sha1-s2nW+128E+7PUk+RsHD+7cNXzzQ= -define-data-property@^1.1.4: - version "1.1.4" - resolved "https://registry.yarnpkg.com/define-data-property/-/define-data-property-1.1.4.tgz#894dc141bb7d3060ae4366f6a0107e68fbe48c5e" - integrity sha512-rBMvIzlpA8v6E+SJZoo++HAYqsLrkg7MSfIinMPFhmkorw7X+dOXVJQs+QT69zGkzMyfDnIMN2Wid1+NbL3T+A== - dependencies: - es-define-property "^1.0.0" - es-errors "^1.3.0" - gopd "^1.0.1" - delayed-stream@~1.0.0: version "1.0.0" resolved "https://registry.yarnpkg.com/delayed-stream/-/delayed-stream-1.0.0.tgz#df3ae199acadfb7d440aaae0b29e2272b24ec619" integrity sha1-3zrhmayt+31ECqrgsp4icrJOxhk= -diff@^5.2.0: - version "5.2.0" - resolved "https://registry.yarnpkg.com/diff/-/diff-5.2.0.tgz#26ded047cd1179b78b9537d5ef725503ce1ae531" - integrity sha512-uIFDxqpRZGZ6ThOk84hEfqWoHx2devRFvpTZcTHur85vImfaxUbTW9Ryh4CpCuDnToOP1CEtXKIgytHBPVff5A== +diff@^7.0.0: + version "7.0.0" + resolved "https://registry.yarnpkg.com/diff/-/diff-7.0.0.tgz#3fb34d387cd76d803f6eebea67b921dab0182a9a" + integrity sha512-PJWHUb1RFevKCwaFA9RlG5tCd+FO5iRh9A8HEtkmBH2Li03iJriB6m6JIN4rGz3K3JLawI7/veA1xzRKP6ISBw== + +dunder-proto@^1.0.1: + version "1.0.1" + resolved "https://registry.yarnpkg.com/dunder-proto/-/dunder-proto-1.0.1.tgz#d7ae667e1dc83482f8b70fd0f6eefc50da30f58a" + integrity sha512-KIN/nDJBQRcXw0MLVhZE9iQHmG68qAVIBg9CqmUYjmQIhgij9U5MFvrqkUL5FbtyyzZuOeOt0zdeRe4UY7ct+A== + dependencies: + call-bind-apply-helpers "^1.0.1" + es-errors "^1.3.0" + gopd "^1.2.0" + +eastasianwidth@^0.2.0: + version "0.2.0" + resolved "https://registry.yarnpkg.com/eastasianwidth/-/eastasianwidth-0.2.0.tgz#696ce2ec0aa0e6ea93a397ffcf24aa7840c827cb" + integrity sha512-I88TYZWc9XiYHRQ4/3c5rjjfgkjhLyW2luGIheGERbNQ6OY7yTybanSpDXZa8y7VUP9YmDcYa+eyq4ca7iLqWA== ecc-jsbn@~0.1.1: version "0.1.2" @@ -784,6 +829,11 @@ emoji-regex@^8.0.0: resolved "https://registry.yarnpkg.com/emoji-regex/-/emoji-regex-8.0.0.tgz#e818fd69ce5ccfcb404594f842963bf53164cc37" integrity sha512-MSjYzcWNOA0ewAHpz0MxpYFvwg6yjy1NG3xteoqz644VCo/RPgnr1/GGt+ic3iJTzQ8Eu3TdM14SawnVUmGE6A== +emoji-regex@^9.2.2: + version "9.2.2" + resolved "https://registry.yarnpkg.com/emoji-regex/-/emoji-regex-9.2.2.tgz#840c8803b0d8047f4ff0cf963176b32d4ef3ed72" + integrity sha512-L18DaJsXSUk2+42pv8mLs5jJT2hqFkFE4j21wOmgbUqsZ2hL72NsUU785g9RXgo3s0ZNgVl42TiHp3ZtOv/Vyg== + end-of-stream@^1.1.0: version "1.4.4" resolved "https://registry.yarnpkg.com/end-of-stream/-/end-of-stream-1.4.4.tgz#5ae64a5f45057baf3626ec14da0ca5e4b2431eb0" @@ -798,18 +848,23 @@ enquirer@^2.3.6: dependencies: ansi-colors "^4.1.1" -es-define-property@^1.0.0: - version "1.0.0" - resolved "https://registry.yarnpkg.com/es-define-property/-/es-define-property-1.0.0.tgz#c7faefbdff8b2696cf5f46921edfb77cc4ba3845" - integrity sha512-jxayLKShrEqqzJ0eumQbVhTYQM27CfT1T35+gCgDFoL82JLsXqTJ76zv6A0YLOgEnLUMvLzsDsGIrl8NFpT2gQ== - dependencies: - get-intrinsic "^1.2.4" +es-define-property@^1.0.1: + version "1.0.1" + resolved "https://registry.yarnpkg.com/es-define-property/-/es-define-property-1.0.1.tgz#983eb2f9a6724e9303f61addf011c72e09e0b0fa" + integrity sha512-e3nRfgfUZ4rNGL232gUgX06QNyyez04KdjFrF+LTRoOXmrOgFKDg4BCdsjW8EnT69eqdYGmRpJwiPVYNrCaW3g== es-errors@^1.3.0: version "1.3.0" resolved "https://registry.yarnpkg.com/es-errors/-/es-errors-1.3.0.tgz#05f75a25dab98e4fb1dcd5e1472c0546d5057c8f" integrity sha512-Zf5H2Kxt2xjTvbJvP2ZWLEICxA6j+hAmMzIlypy4xcBg1vKVnx89Wy0GbS+kf5cwCVFFzdCFh2XSCFNULS6csw== +es-object-atoms@^1.0.0, es-object-atoms@^1.1.1: + version "1.1.1" + resolved "https://registry.yarnpkg.com/es-object-atoms/-/es-object-atoms-1.1.1.tgz#1c4f2c4837327597ce69d2ca190a7fdd172338c1" + integrity sha512-FGgH2h8zKNim9ljj7dankFPcICIK9Cp5bm+c2gQSYePhpaG5+esrLODihIorn+Pe6FGJzWhXQotPv73jTaldXA== + dependencies: + es-errors "^1.3.0" + escalade@^3.1.1: version "3.1.2" resolved "https://registry.yarnpkg.com/escalade/-/escalade-3.1.2.tgz#54076e9ab29ea5bf3d8f1ed62acffbb88272df27" @@ -847,17 +902,17 @@ eslint-plugin-chai-friendly@^1.0.1: resolved "https://registry.yarnpkg.com/eslint-plugin-chai-friendly/-/eslint-plugin-chai-friendly-1.0.1.tgz#c3290b5294c1145934cf9c07eaa4cec87921d18c" integrity sha512-dxD/uz1YKJ8U4yah1i+V/p/u+kHRy3YxTPe2nJGqb5lCR+ucan/KIexfZ5+q4X+tkllyMe86EBbAkdlwxNy3oQ== -eslint-plugin-cypress@^3.5.0: - version "3.5.0" - resolved "https://registry.yarnpkg.com/eslint-plugin-cypress/-/eslint-plugin-cypress-3.5.0.tgz#380ef5049ad80ebeca923db69e4aa96e72fcd893" - integrity sha512-JZQ6XnBTNI8h1B9M7wJSFzc48SYbh7VMMKaNTQOFa3BQlnmXPrVc4PKen8R+fpv6VleiPeej6VxloGb42zdRvw== +eslint-plugin-cypress@^4.1.0: + version "4.3.0" + resolved "https://registry.yarnpkg.com/eslint-plugin-cypress/-/eslint-plugin-cypress-4.3.0.tgz#fce3c67c836541cb652c653f5e33088c8926a988" + integrity sha512-CgS/S940MJlT8jtnWGKI0LvZQBGb/BB0QCpgBOxFMM/Z6znD+PZUwBhCTwHKN2GEr5AOny3xB92an0QfzBGooQ== dependencies: - globals "^13.20.0" + globals "^15.15.0" -eslint-scope@^8.1.0: - version "8.1.0" - resolved "https://registry.yarnpkg.com/eslint-scope/-/eslint-scope-8.1.0.tgz#70214a174d4cbffbc3e8a26911d8bf51b9ae9d30" - integrity sha512-14dSvlhaVhKKsa9Fx1l8A17s7ah7Ef7wCakJ10LYk6+GYmP9yDti2oq2SEwcyndt6knfcZyhyxwY3i9yL78EQw== +eslint-scope@^8.3.0: + version "8.4.0" + resolved "https://registry.yarnpkg.com/eslint-scope/-/eslint-scope-8.4.0.tgz#88e646a207fad61436ffa39eb505147200655c82" + integrity sha512-sNXOfKCn74rt8RICKMvJS7XKV/Xk9kA7DyJr8mJik3S7Cwgy3qlkkmyS2uQB3jiJg6VNdZd/pDBJu0nvG2NlTg== dependencies: esrecurse "^4.3.0" estraverse "^5.2.0" @@ -872,36 +927,37 @@ eslint-visitor-keys@^4.0.0: resolved "https://registry.yarnpkg.com/eslint-visitor-keys/-/eslint-visitor-keys-4.0.0.tgz#e3adc021aa038a2a8e0b2f8b0ce8f66b9483b1fb" integrity sha512-OtIRv/2GyiF6o/d8K7MYKKbXrOUBIK6SfkIRM4Z0dY3w+LiQ0vy3F57m0Z71bjbyeiWFiHJ8brqnmE6H6/jEuw== -eslint-visitor-keys@^4.1.0: - version "4.1.0" - resolved "https://registry.yarnpkg.com/eslint-visitor-keys/-/eslint-visitor-keys-4.1.0.tgz#1f785cc5e81eb7534523d85922248232077d2f8c" - integrity sha512-Q7lok0mqMUSf5a/AdAZkA5a/gHcO6snwQClVNNvFKCAVlxXucdU8pKydU5ZVZjBx5xr37vGbFFWtLQYreLzrZg== +eslint-visitor-keys@^4.2.0, eslint-visitor-keys@^4.2.1: + version "4.2.1" + resolved "https://registry.yarnpkg.com/eslint-visitor-keys/-/eslint-visitor-keys-4.2.1.tgz#4cfea60fe7dd0ad8e816e1ed026c1d5251b512c1" + integrity sha512-Uhdk5sfqcee/9H/rCOJikYz67o0a2Tw2hGRPOG2Y1R2dg7brRe1uG0yaNQDHu+TO/uQPF/5eCapvYSmHUjt7JQ== -eslint@^9.12.0: - version "9.12.0" - resolved "https://registry.yarnpkg.com/eslint/-/eslint-9.12.0.tgz#54fcba2876c90528396da0fa44b6446329031e86" - integrity sha512-UVIOlTEWxwIopRL1wgSQYdnVDcEvs2wyaO6DGo5mXqe3r16IoCNWkR29iHhyaP4cICWjbgbmFUGAhh0GJRuGZw== +eslint@^9.19.0: + version "9.28.0" + resolved "https://registry.yarnpkg.com/eslint/-/eslint-9.28.0.tgz#b0bcbe82a16945a40906924bea75e8b4980ced7d" + integrity sha512-ocgh41VhRlf9+fVpe7QKzwLj9c92fDiqOj8Y3Sd4/ZmVA4Btx4PlUYPq4pp9JDyupkf1upbEXecxL2mwNV7jPQ== dependencies: "@eslint-community/eslint-utils" "^4.2.0" - "@eslint-community/regexpp" "^4.11.0" - "@eslint/config-array" "^0.18.0" - "@eslint/core" "^0.6.0" - "@eslint/eslintrc" "^3.1.0" - "@eslint/js" "9.12.0" - "@eslint/plugin-kit" "^0.2.0" - "@humanfs/node" "^0.16.5" + "@eslint-community/regexpp" "^4.12.1" + "@eslint/config-array" "^0.20.0" + "@eslint/config-helpers" "^0.2.1" + "@eslint/core" "^0.14.0" + "@eslint/eslintrc" "^3.3.1" + "@eslint/js" "9.28.0" + "@eslint/plugin-kit" "^0.3.1" + "@humanfs/node" "^0.16.6" "@humanwhocodes/module-importer" "^1.0.1" - "@humanwhocodes/retry" "^0.3.1" + "@humanwhocodes/retry" "^0.4.2" "@types/estree" "^1.0.6" "@types/json-schema" "^7.0.15" ajv "^6.12.4" chalk "^4.0.0" - cross-spawn "^7.0.2" + cross-spawn "^7.0.6" debug "^4.3.2" escape-string-regexp "^4.0.0" - eslint-scope "^8.1.0" - eslint-visitor-keys "^4.1.0" - espree "^10.2.0" + eslint-scope "^8.3.0" + eslint-visitor-keys "^4.2.0" + espree "^10.3.0" esquery "^1.5.0" esutils "^2.0.2" fast-deep-equal "^3.1.3" @@ -916,7 +972,6 @@ eslint@^9.12.0: minimatch "^3.1.2" natural-compare "^1.4.0" optionator "^0.9.3" - text-table "^0.2.0" espree@^10.0.1: version "10.0.1" @@ -927,14 +982,14 @@ espree@^10.0.1: acorn-jsx "^5.3.2" eslint-visitor-keys "^4.0.0" -espree@^10.2.0: - version "10.2.0" - resolved "https://registry.yarnpkg.com/espree/-/espree-10.2.0.tgz#f4bcead9e05b0615c968e85f83816bc386a45df6" - integrity sha512-upbkBJbckcCNBDBDXEbuhjbP68n+scUd3k/U2EkyM9nw+I/jPiL4cLF/Al06CF96wRltFda16sxDFrxsI1v0/g== +espree@^10.3.0: + version "10.4.0" + resolved "https://registry.yarnpkg.com/espree/-/espree-10.4.0.tgz#d54f4949d4629005a1fa168d937c3ff1f7e2a837" + integrity sha512-j6PAQ2uUr79PZhBjP5C5fhl8e39FmRnOjsD5lGnWrFU8i2G776tBK7+nP8KuQUTTyAZUwfQqXAgrVH5MbH9CYQ== dependencies: - acorn "^8.12.0" + acorn "^8.15.0" acorn-jsx "^5.3.2" - eslint-visitor-keys "^4.1.0" + eslint-visitor-keys "^4.2.1" esprima@1.2.2: version "1.2.2" @@ -1079,13 +1134,6 @@ file-entry-cache@^8.0.0: dependencies: flat-cache "^4.0.0" -fill-range@^7.1.1: - version "7.1.1" - resolved "https://registry.yarnpkg.com/fill-range/-/fill-range-7.1.1.tgz#44265d3cac07e3ea7dc247516380643754a05292" - integrity sha512-YsGpe3WHLK8ZYi4tWDg2Jy3ebRz2rXowDxnld4bkQB00cc/1Zw9AWnC0i9ztDJitivtQvaI9KaLyKrc+hBW0yg== - dependencies: - to-regex-range "^5.0.1" - find-up@^5.0.0: version "5.0.0" resolved "https://registry.yarnpkg.com/find-up/-/find-up-5.0.0.tgz#4c92819ecb7083561e4f4a240a86be5198f536fc" @@ -1117,6 +1165,14 @@ follow-redirects@^1.15.6: resolved "https://registry.yarnpkg.com/follow-redirects/-/follow-redirects-1.15.9.tgz#a604fa10e443bf98ca94228d9eebcc2e8a2c8ee1" integrity sha512-gew4GsXizNgdoRyqmyfMHyAmXsZDk6mHkSxZFCzW9gwlbtOW44CDtYavM+y+72qD/Vq2l550kMF52DT8fOLJqQ== +foreground-child@^3.1.0: + version "3.3.1" + resolved "https://registry.yarnpkg.com/foreground-child/-/foreground-child-3.3.1.tgz#32e8e9ed1b68a3497befb9ac2b6adf92a638576f" + integrity sha512-gIXjKqtFuWEgzFRJA9WCQeSJLZDjgJUOMCMzxtvFq/37KojM1BFGufqsCy0r4qSQmYLsZYMeyRqzIWOMup03sw== + dependencies: + cross-spawn "^7.0.6" + signal-exit "^4.0.1" + forever-agent@~0.6.1: version "0.6.1" resolved "https://registry.yarnpkg.com/forever-agent/-/forever-agent-0.6.1.tgz#fbc71f0c41adeb37f96c577ad1ed42d8fdacca91" @@ -1150,16 +1206,6 @@ fs-extra@^9.1.0: jsonfile "^6.0.1" universalify "^2.0.0" -fs.realpath@^1.0.0: - version "1.0.0" - resolved "https://registry.yarnpkg.com/fs.realpath/-/fs.realpath-1.0.0.tgz#1504ad2523158caa40db4a2787cb01411994ea4f" - integrity sha1-FQStJSMVjKpA20onh8sBQRmU6k8= - -fsevents@~2.3.2: - version "2.3.3" - resolved "https://registry.yarnpkg.com/fsevents/-/fsevents-2.3.3.tgz#cac6407785d03675a2a5e1a5305c697b347d90d6" - integrity sha512-5xoDfX+fL7faATnagmWPpbFtwh/R77WmMMqqHGS65C3vvB0YHrgF+B1YmZ3441tMj5n63k0212XNoJwzlhffQw== - function-bind@^1.1.2: version "1.1.2" resolved "https://registry.yarnpkg.com/function-bind/-/function-bind-1.1.2.tgz#2c02d864d97f3ea6c8830c464cbd11ab6eab7a1c" @@ -1170,16 +1216,29 @@ get-caller-file@^2.0.5: resolved "https://registry.yarnpkg.com/get-caller-file/-/get-caller-file-2.0.5.tgz#4f94412a82db32f36e3b0b9741f8a97feb031f7e" integrity sha512-DyFP3BM/3YHTQOCUL/w0OZHR0lpKeGrxotcHWcqNEdnltqFwXVfhEBQ94eIo34AfQpo0rGki4cyIiftY06h2Fg== -get-intrinsic@^1.1.3, get-intrinsic@^1.2.4: - version "1.2.4" - resolved "https://registry.yarnpkg.com/get-intrinsic/-/get-intrinsic-1.2.4.tgz#e385f5a4b5227d449c3eabbad05494ef0abbeadd" - integrity sha512-5uYhsJH8VJBTv7oslg4BznJYhDoRI6waYCxMmCdnTrcCrHA/fCFKoTFz2JKKE0HdDFUF7/oQuhzumXJK7paBRQ== +get-intrinsic@^1.2.5, get-intrinsic@^1.3.0: + version "1.3.0" + resolved "https://registry.yarnpkg.com/get-intrinsic/-/get-intrinsic-1.3.0.tgz#743f0e3b6964a93a5491ed1bffaae054d7f98d01" + integrity sha512-9fSjSaos/fRIVIp+xSJlE6lfwhES7LNtKaCBIamHsjr2na1BiABJPo0mOjjz8GJDURarmCPGqaiVg5mfjb98CQ== dependencies: + call-bind-apply-helpers "^1.0.2" + es-define-property "^1.0.1" es-errors "^1.3.0" + es-object-atoms "^1.1.1" function-bind "^1.1.2" - has-proto "^1.0.1" - has-symbols "^1.0.3" - hasown "^2.0.0" + get-proto "^1.0.1" + gopd "^1.2.0" + has-symbols "^1.1.0" + hasown "^2.0.2" + math-intrinsics "^1.1.0" + +get-proto@^1.0.1: + version "1.0.1" + resolved "https://registry.yarnpkg.com/get-proto/-/get-proto-1.0.1.tgz#150b3f2743869ef3e851ec0c49d15b1d14d00ee1" + integrity sha512-sTSfBjoXBp89JvIKIefqw7U2CCebsc74kiY6awiGogKtoSGbgjYE/G/+l9sF3MWFPNc9IcoOC4ODfKHfxFmp0g== + dependencies: + dunder-proto "^1.0.1" + es-object-atoms "^1.0.0" get-stream@^5.0.0, get-stream@^5.1.0: version "5.2.0" @@ -1209,23 +1268,17 @@ glob-parent@^6.0.2: dependencies: is-glob "^4.0.3" -glob-parent@~5.1.2: - version "5.1.2" - resolved "https://registry.yarnpkg.com/glob-parent/-/glob-parent-5.1.2.tgz#869832c58034fe68a4093c17dc15e8340d8401c4" - integrity sha512-AOIgSQCepiJYwP3ARnGx+5VnTu2HBYdzbGP45eLw1vr3zB3vZLeyed1sC9hnbcOc9/SrMyM5RPQrkGz4aS9Zow== - dependencies: - is-glob "^4.0.1" - -glob@^8.1.0: - version "8.1.0" - resolved "https://registry.yarnpkg.com/glob/-/glob-8.1.0.tgz#d388f656593ef708ee3e34640fdfb99a9fd1c33e" - integrity sha512-r8hpEjiQEYlF2QU0df3dS+nxxSIreXQS1qRhMJM0Q5NDdR386C7jb7Hwwod8Fgiuex+k0GFjgft18yvxm5XoCQ== +glob@^10.4.5: + version "10.4.5" + resolved "https://registry.yarnpkg.com/glob/-/glob-10.4.5.tgz#f4d9f0b90ffdbab09c9d77f5f29b4262517b0956" + integrity sha512-7Bv8RF0k6xjo7d4A/PxYLbUCfb6c+Vpd2/mB2yRDlew7Jb5hEXiCD9ibfO7wpk8i4sevK6DFny9h7EYbM3/sHg== dependencies: - fs.realpath "^1.0.0" - inflight "^1.0.4" - inherits "2" - minimatch "^5.0.1" - once "^1.3.0" + foreground-child "^3.1.0" + jackspeak "^3.1.2" + minimatch "^9.0.4" + minipass "^7.1.2" + package-json-from-dist "^1.0.0" + path-scurry "^1.11.1" global-dirs@^3.0.0: version "3.0.1" @@ -1234,24 +1287,20 @@ global-dirs@^3.0.0: dependencies: ini "2.0.0" -globals@^13.20.0: - version "13.24.0" - resolved "https://registry.yarnpkg.com/globals/-/globals-13.24.0.tgz#8432a19d78ce0c1e833949c36adb345400bb1171" - integrity sha512-AhO5QUcj8llrbG09iWhPU2B204J1xnPeL8kQmVorSsy+Sjj1sk8gIyh6cUocGmH4L0UuhAJy+hJMRA4mgA4mFQ== - dependencies: - type-fest "^0.20.2" - globals@^14.0.0: version "14.0.0" resolved "https://registry.yarnpkg.com/globals/-/globals-14.0.0.tgz#898d7413c29babcf6bafe56fcadded858ada724e" integrity sha512-oahGvuMGQlPw/ivIYBjVSrWAfWLBeku5tpPE2fOPLi+WHffIWbuh2tCjhyQhTBPMf5E9jDEH4FOmTYgYwbKwtQ== -gopd@^1.0.1: - version "1.0.1" - resolved "https://registry.yarnpkg.com/gopd/-/gopd-1.0.1.tgz#29ff76de69dac7489b7c0918a5788e56477c332c" - integrity sha512-d65bNlIadxvpb/A2abVdlqKqV563juRnZ1Wtk6s1sIR8uNsXR70xqIzVqxVf1eTqDunwT2MkczEeaezCKTZhwA== - dependencies: - get-intrinsic "^1.1.3" +globals@^15.15.0: + version "15.15.0" + resolved "https://registry.yarnpkg.com/globals/-/globals-15.15.0.tgz#7c4761299d41c32b075715a4ce1ede7897ff72a8" + integrity sha512-7ACyT3wmyp3I61S4fG682L0VA2RGD9otkqGJIwNUMF1SWUombIIk+af1unuDYgMm082aHYwD+mzJvv9Iu8dsgg== + +gopd@^1.2.0: + version "1.2.0" + resolved "https://registry.yarnpkg.com/gopd/-/gopd-1.2.0.tgz#89f56b8217bdbc8802bd299df6d7f1081d7e51a1" + integrity sha512-ZUKRh6/kUFoAiTAtTYPZJ3hw9wNxx+BIBOijnlG9PnrJsCcSjs1wyyD6vJpaYtgnzDrKYRSqf3OO6Rfa93xsRg== graceful-fs@^4.1.6, graceful-fs@^4.2.0: version "4.2.3" @@ -1263,24 +1312,12 @@ has-flag@^4.0.0: resolved "https://registry.yarnpkg.com/has-flag/-/has-flag-4.0.0.tgz#944771fd9c81c81265c4d6941860da06bb59479b" integrity sha512-EykJT/Q1KjTWctppgIAgfSO0tKVuZUjhgMr17kqTumMl6Afv3EISleU7qZUzoXDFTAHTDC4NOoG/ZxU3EvlMPQ== -has-property-descriptors@^1.0.2: - version "1.0.2" - resolved "https://registry.yarnpkg.com/has-property-descriptors/-/has-property-descriptors-1.0.2.tgz#963ed7d071dc7bf5f084c5bfbe0d1b6222586854" - integrity sha512-55JNKuIW+vq4Ke1BjOTjM2YctQIvCT7GFzHwmfZPGo5wnrgkid0YQtnAleFSqumZm4az3n2BS+erby5ipJdgrg== - dependencies: - es-define-property "^1.0.0" - -has-proto@^1.0.1: - version "1.0.3" - resolved "https://registry.yarnpkg.com/has-proto/-/has-proto-1.0.3.tgz#b31ddfe9b0e6e9914536a6ab286426d0214f77fd" - integrity sha512-SJ1amZAJUiZS+PhsVLf5tGydlaVB8EdFpaSO4gmiUKUOxk8qzn5AIy4ZeJUmh22znIdk/uMAUT2pl3FxzVUH+Q== - -has-symbols@^1.0.3: - version "1.0.3" - resolved "https://registry.yarnpkg.com/has-symbols/-/has-symbols-1.0.3.tgz#bb7b2c4349251dce87b125f7bdf874aa7c8b39f8" - integrity sha512-l3LCuF6MgDNwTDKkdYGEihYjt5pRPbEg46rtlmnSPlUbgmB8LOIrKJbYYFBSbnPaJexMKtiPO8hmeRjRz2Td+A== +has-symbols@^1.1.0: + version "1.1.0" + resolved "https://registry.yarnpkg.com/has-symbols/-/has-symbols-1.1.0.tgz#fc9c6a783a084951d0b971fe1018de813707a338" + integrity sha512-1cDNdwJ2Jaohmb3sg4OmKaMBwuC48sYni5HUw2DvsC8LjGTLK9h+eb1X6RyuOHe4hT0ULCW68iomhjUoKUqlPQ== -hasown@^2.0.0: +hasown@^2.0.2: version "2.0.2" resolved "https://registry.yarnpkg.com/hasown/-/hasown-2.0.2.tgz#003eaf91be7adc372e84ec59dc37252cedb80003" integrity sha512-0hJU9SCPvmMzIBdZFqNPXWa6dqh7WdH0cII9y+CyS8rG3nL48Bclra9HmKhVVUHyPWNH5Y7xDwAB7bfgSjkUMQ== @@ -1334,43 +1371,16 @@ indent-string@^4.0.0: resolved "https://registry.yarnpkg.com/indent-string/-/indent-string-4.0.0.tgz#624f8f4497d619b2d9768531d58f4122854d7251" integrity sha512-EdDDZu4A2OyIK7Lr/2zG+w5jmbuk1DVBnEwREQvBzspBJkCEbRa8GxU1lghYcaGJCnRWibjDXlq779X1/y5xwg== -inflight@^1.0.4: - version "1.0.6" - resolved "https://registry.yarnpkg.com/inflight/-/inflight-1.0.6.tgz#49bd6331d7d02d0c09bc910a1075ba8165b56df9" - integrity sha1-Sb1jMdfQLQwJvJEKEHW6gWW1bfk= - dependencies: - once "^1.3.0" - wrappy "1" - -inherits@2: - version "2.0.4" - resolved "https://registry.yarnpkg.com/inherits/-/inherits-2.0.4.tgz#0fa2c64f932917c3433a0ded55363aae37416b7c" - integrity sha512-k/vGaX4/Yla3WzyMCvTQOXYeIHvqOKtnqBduzTHpzpQZzAskKMhZ2K+EnBiSM9zGSoIFeMpXKxa4dYeZIQqewQ== - ini@2.0.0: version "2.0.0" resolved "https://registry.yarnpkg.com/ini/-/ini-2.0.0.tgz#e5fd556ecdd5726be978fa1001862eacb0a94bc5" integrity sha512-7PnF4oN3CvZF23ADhA5wRaYEQpJ8qygSkbtTXWBeXWXmEVRXK+1ITciHWwHhsjv1TmW0MgacIv6hEi5pX5NQdA== -is-binary-path@~2.1.0: - version "2.1.0" - resolved "https://registry.yarnpkg.com/is-binary-path/-/is-binary-path-2.1.0.tgz#ea1f7f3b80f064236e83470f86c09c254fb45b09" - integrity sha512-ZMERYes6pDydyuGidse7OsHxtbI7WVeUEozgR/g7rd0xUimYNlvZRE/K2MgZTjWy725IfelLeVcEM97mmtRGXw== - dependencies: - binary-extensions "^2.0.0" - is-buffer@~1.1.6: version "1.1.6" resolved "https://registry.yarnpkg.com/is-buffer/-/is-buffer-1.1.6.tgz#efaa2ea9daa0d7ab2ea13a97b2b8ad51fefbe8be" integrity sha512-NcdALwpXkTm5Zvvbk7owOUSvVvBKDgKP5/ewfXEznmQFfs4ZRmanOeKBTjRVjka3QFoN6XJ+9F3USqfHqTaU5w== -is-ci@^3.0.1: - version "3.0.1" - resolved "https://registry.yarnpkg.com/is-ci/-/is-ci-3.0.1.tgz#db6ecbed1bd659c43dac0f45661e7674103d1867" - integrity sha512-ZYvCgrefwqoQ6yTyYUbQu64HsITZ3NfKX1lzaEYdkTDcfKzzCI/wthRRYKkdjHKFVgNiXKAKm65Zo1pk2as/QQ== - dependencies: - ci-info "^3.2.0" - is-extglob@^2.1.1: version "2.1.1" resolved "https://registry.yarnpkg.com/is-extglob/-/is-extglob-2.1.1.tgz#a88c02535791f02ed37c76a1b9ea9773c833f8c2" @@ -1381,7 +1391,7 @@ is-fullwidth-code-point@^3.0.0: resolved "https://registry.yarnpkg.com/is-fullwidth-code-point/-/is-fullwidth-code-point-3.0.0.tgz#f116f8064fe90b3f7844a38997c0b75051269f1d" integrity sha512-zymm5+u+sCsSWyD9qNaejV3DFvhCKclKdizYaJUuHA83RLjb7nSuGnddCHGv0hk+KY7BMAlsWeK4Ueg6EV6XQg== -is-glob@^4.0.0, is-glob@^4.0.1, is-glob@~4.0.1: +is-glob@^4.0.0: version "4.0.1" resolved "https://registry.yarnpkg.com/is-glob/-/is-glob-4.0.1.tgz#7567dbe9f2f5e2467bc77ab83c4a29482407a5dc" integrity sha512-5G0tKtBTFImOqDnLB2hG6Bp2qcKEFduo4tZu9MT/H6NQv/ghhy30o55ufafxJ/LdH79LLs2Kfrn85TLKyA7BUg== @@ -1403,11 +1413,6 @@ is-installed-globally@~0.4.0: global-dirs "^3.0.0" is-path-inside "^3.0.2" -is-number@^7.0.0: - version "7.0.0" - resolved "https://registry.yarnpkg.com/is-number/-/is-number-7.0.0.tgz#7535345b896734d5f80c4d06c50955527a14f12b" - integrity sha512-41Cifkg6e8TylSpdtTpeLVMqvSBEVzTttHvERD741+pnZ8ANv0004MRL43QKPDlK9cGvNp6NZWZUBlbGXYxxng== - is-path-inside@^3.0.2: version "3.0.3" resolved "https://registry.yarnpkg.com/is-path-inside/-/is-path-inside-3.0.3.tgz#d231362e53a07ff2b0e0ea7fed049161ffd16283" @@ -1443,6 +1448,15 @@ isstream@~0.1.2: resolved "https://registry.yarnpkg.com/isstream/-/isstream-0.1.2.tgz#47e63f7af55afa6f92e1500e690eb8b8529c099a" integrity sha1-R+Y/evVa+m+S4VAOaQ64uFKcCZo= +jackspeak@^3.1.2: + version "3.4.3" + resolved "https://registry.yarnpkg.com/jackspeak/-/jackspeak-3.4.3.tgz#8833a9d89ab4acde6188942bd1c53b6390ed5a8a" + integrity sha512-OGlZQpz2yfahA/Rd1Y8Cd9SIEsqvXkLVoSw/cgwhnhFMDbsQFeZYoJJ7bIZBS9BcamUW96asq/npPWugM+RQBw== + dependencies: + "@isaacs/cliui" "^8.0.2" + optionalDependencies: + "@pkgjs/parseargs" "^0.11.0" + js-yaml@^3.13.1: version "3.13.1" resolved "https://registry.yarnpkg.com/js-yaml/-/js-yaml-3.13.1.tgz#aff151b30bfdfa8e49e05da22e7415e9dfa37847" @@ -1603,6 +1617,16 @@ log-update@^4.0.0: slice-ansi "^4.0.0" wrap-ansi "^6.2.0" +lru-cache@^10.2.0: + version "10.4.3" + resolved "https://registry.yarnpkg.com/lru-cache/-/lru-cache-10.4.3.tgz#410fc8a17b70e598013df257c2446b7f3383f119" + integrity sha512-JNAzZcXrCt42VGLuYz0zfAzDfAvJWW6AfYlDBQyDV5DClI2m5sAmK+OIO7s59XfsRsWHp02jAJrRadPRGTt6SQ== + +math-intrinsics@^1.1.0: + version "1.1.0" + resolved "https://registry.yarnpkg.com/math-intrinsics/-/math-intrinsics-1.1.0.tgz#a0dd74be81e2aa5c2f27e65ce283605ee4e2b7f9" + integrity sha512-/IXtbwEk5HTPyEwyKX6hGkYXxM9nbj64B+ilVJnC/R6B0pH5G4V3b0pVbL7DBj4tkhBAppbQUlf6F6Xl9LHu1g== + md5@^2.3.0: version "2.3.0" resolved "https://registry.yarnpkg.com/md5/-/md5-2.3.0.tgz#c3da9a6aae3a30b46b7b0c349b87b110dc3bda4f" @@ -1641,10 +1665,10 @@ minimatch@^3.1.2: dependencies: brace-expansion "^1.1.7" -minimatch@^5.0.1, minimatch@^5.1.6: - version "5.1.6" - resolved "https://registry.yarnpkg.com/minimatch/-/minimatch-5.1.6.tgz#1cfcb8cf5522ea69952cd2af95ae09477f122a96" - integrity sha512-lKwV/1brpG6mBUFHtb7NUmtABCb2WZZmm2wNiOA5hAb8VdCS4B3dtMWyvcoViccwAW/COERjXLt0zP1zXUN26g== +minimatch@^9.0.4, minimatch@^9.0.5: + version "9.0.5" + resolved "https://registry.yarnpkg.com/minimatch/-/minimatch-9.0.5.tgz#d74f9dd6b57d83d8e98cfb82133b03978bc929e5" + integrity sha512-G6T0ZX48xgozx7587koeX9Ys2NYy6Gmv//P89sEte9V9whIapMNF4idKxnW2QtCcLiTWlb/wfCabAtAFWhhBow== dependencies: brace-expansion "^2.0.1" @@ -1653,6 +1677,11 @@ minimist@^1.2.8: resolved "https://registry.yarnpkg.com/minimist/-/minimist-1.2.8.tgz#c1a464e7693302e082a075cee0c057741ac4772c" integrity sha512-2yyAR8qBkN3YuheJanUpWC5U3bb5osDywNB8RzDVlDwDHbocAJveqqj1u8+SVD7jkWT4yvsHCpWqqWqAxb0zCA== +"minipass@^5.0.0 || ^6.0.2 || ^7.0.0", minipass@^7.1.2: + version "7.1.2" + resolved "https://registry.yarnpkg.com/minipass/-/minipass-7.1.2.tgz#93a9626ce5e5e66bd4db86849e7515e92340a707" + integrity sha512-qOOzS1cBTWYF4BH8fVePDBOO9iptMnGUEZwNc/cMWnTV2nVLZ7VoNWEPHkYczZA0pdoA7dl6e7FL659nX9S2aw== + mkdirp@^3.0.0: version "3.0.1" resolved "https://registry.yarnpkg.com/mkdirp/-/mkdirp-3.0.1.tgz#e44e4c5607fb279c168241713cc6e0fea9adcb50" @@ -1669,30 +1698,30 @@ mocha-junit-reporter@^2.2.1: strip-ansi "^6.0.1" xml "^1.0.1" -mocha@^10.7.3: - version "10.7.3" - resolved "https://registry.yarnpkg.com/mocha/-/mocha-10.7.3.tgz#ae32003cabbd52b59aece17846056a68eb4b0752" - integrity sha512-uQWxAu44wwiACGqjbPYmjo7Lg8sFrS3dQe7PP2FQI+woptP4vZXSMcfMyFL/e1yFEeEpV4RtyTpZROOKmxis+A== +mocha@^11.1.0: + version "11.6.0" + resolved "https://registry.yarnpkg.com/mocha/-/mocha-11.6.0.tgz#8b695dff6386f18297d55b201ae598389198e8f7" + integrity sha512-i0JVb+OUBqw63X/1pC3jCyJsqYisgxySBbsQa8TKvefpA1oEnw7JXxXnftfMHRsw7bEEVGRtVlHcDYXBa7FzVw== dependencies: - ansi-colors "^4.1.3" browser-stdout "^1.3.1" - chokidar "^3.5.3" + chokidar "^4.0.1" debug "^4.3.5" - diff "^5.2.0" + diff "^7.0.0" escape-string-regexp "^4.0.0" find-up "^5.0.0" - glob "^8.1.0" + glob "^10.4.5" he "^1.2.0" js-yaml "^4.1.0" log-symbols "^4.1.0" - minimatch "^5.1.6" + minimatch "^9.0.5" ms "^2.1.3" + picocolors "^1.1.1" serialize-javascript "^6.0.2" strip-json-comments "^3.1.1" supports-color "^8.1.1" - workerpool "^6.5.1" - yargs "^16.2.0" - yargs-parser "^20.2.9" + workerpool "^9.2.0" + yargs "^17.7.2" + yargs-parser "^21.1.1" yargs-unparser "^2.0.0" ms@2.1.2, ms@^2.1.1: @@ -1710,11 +1739,6 @@ natural-compare@^1.4.0: resolved "https://registry.yarnpkg.com/natural-compare/-/natural-compare-1.4.0.tgz#4abebfeed7541f2c27acfb29bdbbd15c8d5ba4f7" integrity sha1-Sr6/7tdUHywnrPspvbvRXI1bpPc= -normalize-path@^3.0.0, normalize-path@~3.0.0: - version "3.0.0" - resolved "https://registry.yarnpkg.com/normalize-path/-/normalize-path-3.0.0.tgz#0dcd69ff23a1c9b11fd0978316644a0388216a65" - integrity sha512-6eZs5Ls3WtCisHWp9S2GUy8dqkpGi4BVSz3GaqiE6ezub0512ESztXUwUB6C6IKbQkY2Pnb/mD4WYojCRwcwLA== - npm-run-path@^4.0.0: version "4.0.1" resolved "https://registry.yarnpkg.com/npm-run-path/-/npm-run-path-4.0.1.tgz#b7ecd1e5ed53da8e37a55e1c2269e0b97ed748ea" @@ -1722,12 +1746,12 @@ npm-run-path@^4.0.0: dependencies: path-key "^3.0.0" -object-inspect@^1.13.1: - version "1.13.2" - resolved "https://registry.yarnpkg.com/object-inspect/-/object-inspect-1.13.2.tgz#dea0088467fb991e67af4058147a24824a3043ff" - integrity sha512-IRZSRuzJiynemAXPYtPe5BoI/RESNYR7TYm50MC5Mqbd3Jmw5y790sErYw3V6SryFJD64b74qQQs9wn5Bg/k3g== +object-inspect@^1.13.3: + version "1.13.4" + resolved "https://registry.yarnpkg.com/object-inspect/-/object-inspect-1.13.4.tgz#8375265e21bc20d0fa582c22e1b13485d6e00213" + integrity sha512-W67iLl4J2EXEGTbfeHCffrjDfitvLANg0UlX3wFUUSTx92KXRFegMHUVgSqE+wvhAbi4WqjGg9czysTV2Epbew== -once@^1.3.0, once@^1.3.1, once@^1.4.0: +once@^1.3.1, once@^1.4.0: version "1.4.0" resolved "https://registry.yarnpkg.com/once/-/once-1.4.0.tgz#583b1aa775961d4b113ac17d9c50baef9dd76bd1" integrity sha1-WDsap3WWHUsROsF9nFC6753Xa9E= @@ -1796,6 +1820,11 @@ p-map@^4.0.0: dependencies: aggregate-error "^3.0.0" +package-json-from-dist@^1.0.0: + version "1.0.1" + resolved "https://registry.yarnpkg.com/package-json-from-dist/-/package-json-from-dist-1.0.1.tgz#4f1471a010827a86f94cfd9b0727e36d267de505" + integrity sha512-UEZIS3/by4OC8vL3P2dTXRETpebLI2NiI5vIrjaD/5UtrkFX/tNbwjTSRAGC/+7CAo2pIcBaRgWmcBBHcsaCIw== + parent-module@^1.0.0: version "1.0.1" resolved "https://registry.yarnpkg.com/parent-module/-/parent-module-1.0.1.tgz#691d2709e78c79fae3a156622452d00762caaaa2" @@ -1813,6 +1842,14 @@ path-key@^3.0.0, path-key@^3.1.0: resolved "https://registry.yarnpkg.com/path-key/-/path-key-3.1.1.tgz#581f6ade658cbba65a0d3380de7753295054f375" integrity sha512-ojmeN0qd+y0jszEtoY48r0Peq5dwMEkIlCOu6Q5f41lfkswXuKtYrhgoTpLnyIcHm24Uhqx+5Tqm2InSwLhE6Q== +path-scurry@^1.11.1: + version "1.11.1" + resolved "https://registry.yarnpkg.com/path-scurry/-/path-scurry-1.11.1.tgz#7960a668888594a0720b12a911d1a742ab9f11d2" + integrity sha512-Xa4Nw17FS9ApQFJ9umLiJS4orGjm7ZzwUrwamcGQuHSzDyth9boKDaycYdDcZDuqYATXw4HFXgaqWTctW/v1HA== + dependencies: + lru-cache "^10.2.0" + minipass "^5.0.0 || ^6.0.2 || ^7.0.0" + pend@~1.2.0: version "1.2.0" resolved "https://registry.yarnpkg.com/pend/-/pend-1.2.0.tgz#7a57eb550a6783f9115331fcf4663d5c8e007a50" @@ -1828,15 +1865,10 @@ picocolors@^1.1.0: resolved "https://registry.yarnpkg.com/picocolors/-/picocolors-1.1.0.tgz#5358b76a78cde483ba5cef6a9dc9671440b27d59" integrity sha512-TQ92mBOW0l3LeMeyLV6mzy/kWr8lkd/hp3mTg7wYK7zJhuBStmGMBG0BdeDZS/dZx1IukaX6Bk11zcln25o1Aw== -picomatch@^2.0.4: - version "2.2.2" - resolved "https://registry.yarnpkg.com/picomatch/-/picomatch-2.2.2.tgz#21f333e9b6b8eaff02468f5146ea406d345f4dad" - integrity sha512-q0M/9eZHzmr0AulXyPwNfZjtwZ/RBZlbN3K3CErVrk50T2ASYI7Bye0EvekFY3IP1Nt2DHu0re+V2ZHIpMkuWg== - -picomatch@^2.2.1: - version "2.3.1" - resolved "https://registry.yarnpkg.com/picomatch/-/picomatch-2.3.1.tgz#3ba3833733646d9d3e4995946c1365a67fb07a42" - integrity sha512-JU3teHTNjmE2VCGFzuY8EXzCDVwEqB2a8fsIvwaStHhAWJEeVd1o1QD80CU6+ZdEXXSLbSsuLwJjkCBWqRQUVA== +picocolors@^1.1.1: + version "1.1.1" + resolved "https://registry.yarnpkg.com/picocolors/-/picocolors-1.1.1.tgz#3d321af3eab939b083c8f929a1d12cda81c26b6b" + integrity sha512-xceH2snhtb5M9liqDsmEw56le376mTZkEX/jEb/RxNFyegNul7eNslCXP9FDj/Lcu0X8KEyMceP2ntpaHrDEVA== pify@^2.2.0: version "2.3.0" @@ -1873,11 +1905,6 @@ proxy-from-env@^1.1.0: resolved "https://registry.yarnpkg.com/proxy-from-env/-/proxy-from-env-1.1.0.tgz#e102f16ca355424865755d2c9e8ea4f24d58c3e2" integrity sha512-D+zkORCbA9f1tdWRK0RaCR3GPv50cMxcrz4X8k5LTSUD1Dkw47mKJEZQNunItRTkWwgtaUSo1RVFRIG9ZXiFYg== -psl@^1.1.33: - version "1.9.0" - resolved "https://registry.yarnpkg.com/psl/-/psl-1.9.0.tgz#d0df2a137f00794565fcaf3b2c00cd09f8d5a5a7" - integrity sha512-E/ZsdU4HLs/68gYzgGTkMicWTLPdAftJLfJFlLUAAKZGkStNU72sZjT66SnMDVOfOWY/YAoiD7Jxa9iHvngcag== - pump@^3.0.0: version "3.0.0" resolved "https://registry.yarnpkg.com/pump/-/pump-3.0.0.tgz#b4a2116815bde2f4e1ea602354e8c75565107a64" @@ -1886,22 +1913,17 @@ pump@^3.0.0: end-of-stream "^1.1.0" once "^1.3.1" -punycode@^2.1.0, punycode@^2.1.1: +punycode@^2.1.0: version "2.1.1" resolved "https://registry.yarnpkg.com/punycode/-/punycode-2.1.1.tgz#b58b010ac40c22c5657616c8d2c2c02c7bf479ec" integrity sha512-XRsRjdf+j5ml+y/6GKHPZbrF/8p2Yga0JPtdqTIY2Xe5ohJPD9saDJJLPvp9+NSBprVvevdXZybnj2cv8OEd0A== -qs@6.13.0: - version "6.13.0" - resolved "https://registry.yarnpkg.com/qs/-/qs-6.13.0.tgz#6ca3bd58439f7e245655798997787b0d88a51906" - integrity sha512-+38qI9SOr8tfZ4QmJNplMUxqjbe7LKvvZgWdExBOmd+egZTtjLB67Gu0HRX3u/XOq7UU2Nx6nsjvS16Z9uwfpg== +qs@6.14.0: + version "6.14.0" + resolved "https://registry.yarnpkg.com/qs/-/qs-6.14.0.tgz#c63fa40680d2c5c941412a0e899c89af60c0a930" + integrity sha512-YWWTjgABSKcvs/nWBi9PycY/JiPJqOD4JA6o9Sej2AtvSGarXxKC3OQSk4pAarbdQlKAh5D4FCQkJNkW+GAn3w== dependencies: - side-channel "^1.0.6" - -querystringify@^2.1.1: - version "2.2.0" - resolved "https://registry.yarnpkg.com/querystringify/-/querystringify-2.2.0.tgz#3345941b4153cb9d082d8eee4cda2016a9aef7f6" - integrity sha512-FIqgj2EUvTa7R50u0rGsyTftzjYmv/a3hO345bZNrqabNqjtgiDMgmo4mkUjd+nzU5oF3dClKqFIPUKybUyqoQ== + side-channel "^1.1.0" randombytes@^2.1.0: version "2.1.0" @@ -1910,12 +1932,10 @@ randombytes@^2.1.0: dependencies: safe-buffer "^5.1.0" -readdirp@~3.6.0: - version "3.6.0" - resolved "https://registry.yarnpkg.com/readdirp/-/readdirp-3.6.0.tgz#74a370bd857116e245b29cc97340cd431a02a6c7" - integrity sha512-hOS089on8RduqdbhvQ5Z37A0ESjsqz6qnRcffsMU3495FuTdqSm+7bhJ29JvIOsBDEEnan5DPu9t3To9VRlMzA== - dependencies: - picomatch "^2.2.1" +readdirp@^4.0.1: + version "4.1.2" + resolved "https://registry.yarnpkg.com/readdirp/-/readdirp-4.1.2.tgz#eb85801435fbf2a7ee58f19e0921b068fc69948d" + integrity sha512-GDhwkLfywWL2s6vEjyhri+eXmfH6j1L7JE27WhqLeYzoh/A3DBaYGEj2H/HFZCn/kMfim73FXxEJTw06WtxQwg== request-progress@^3.0.0: version "3.0.0" @@ -1934,11 +1954,6 @@ require-from-string@^2.0.2: resolved "https://registry.yarnpkg.com/require-from-string/-/require-from-string-2.0.2.tgz#89a7fdd938261267318eafe14f9c32e598c36909" integrity sha512-Xf0nWe6RseziFMu+Ap9biiUbmplq6S9/p+7w7YXP/JBHhrUDDUhwa+vANyubuqfZWTveU//DYVGsDG7RKL/vEw== -requires-port@^1.0.0: - version "1.0.0" - resolved "https://registry.yarnpkg.com/requires-port/-/requires-port-1.0.0.tgz#925d2601d39ac485e091cf0da5c6e694dc3dcaff" - integrity sha512-KigOCHcocU3XODJxsu8i/j8T9tzT4adHiecwORRQ0ZZFcp7ahwXuRU1m+yuO90C5ZUyGeGfocHDI14M3L3yDAQ== - resolve-from@^4.0.0: version "4.0.0" resolved "https://registry.yarnpkg.com/resolve-from/-/resolve-from-4.0.0.tgz#4abcd852ad32dd7baabfe9b40e00a36db5f392e6" @@ -1979,10 +1994,10 @@ safer-buffer@^2.0.2, safer-buffer@^2.1.0, safer-buffer@~2.1.0: resolved "https://registry.yarnpkg.com/safer-buffer/-/safer-buffer-2.1.2.tgz#44fa161b0187b9549dd84bb91802f9bd8385cd6a" integrity sha512-YZo3K82SD7Riyi0E1EQPojLz7kpepnSQI9IyPbHHg1XXXevb5dJI7tpyN2ADxGcQbHG7vcyRHk0cbwqcQriUtg== -semver@^7.5.3: - version "7.6.2" - resolved "https://registry.yarnpkg.com/semver/-/semver-7.6.2.tgz#1e3b34759f896e8f14d6134732ce798aeb0c6e13" - integrity sha512-FNAIBWCx9qcRhoHcgcJ0gvU7SN1lYU2ZXuSfl04bSC5OpvDHFyJCjdNHomPXxjQlCBU67YW64PzY7/VIEH7F2w== +semver@^7.6.3, semver@^7.7.1: + version "7.7.2" + resolved "https://registry.yarnpkg.com/semver/-/semver-7.7.2.tgz#67d99fdcd35cec21e6f8b87a7fd515a33f982b58" + integrity sha512-RF0Fw+rO5AMf9MAyaRXI4AV0Ulj5lMHqVxxdSgiVbixSCXoEmmX/jk0CuJw4+3SqroYO9VoUh+HcuJivvtJemA== serialize-javascript@^6.0.2: version "6.0.2" @@ -1991,18 +2006,6 @@ serialize-javascript@^6.0.2: dependencies: randombytes "^2.1.0" -set-function-length@^1.2.1: - version "1.2.2" - resolved "https://registry.yarnpkg.com/set-function-length/-/set-function-length-1.2.2.tgz#aac72314198eaed975cf77b2c3b6b880695e5449" - integrity sha512-pgRc4hJ4/sNjWCSS9AmnS40x3bNMDTknHgL5UaMBTMyJnU90EgWh1Rz+MC9eFu4BuN/UwZjKQuY/1v3rM7HMfg== - dependencies: - define-data-property "^1.1.4" - es-errors "^1.3.0" - function-bind "^1.1.2" - get-intrinsic "^1.2.4" - gopd "^1.0.1" - has-property-descriptors "^1.0.2" - shebang-command@^2.0.0: version "2.0.0" resolved "https://registry.yarnpkg.com/shebang-command/-/shebang-command-2.0.0.tgz#ccd0af4f8835fbdc265b82461aaf0c36663f34ea" @@ -2015,21 +2018,56 @@ shebang-regex@^3.0.0: resolved "https://registry.yarnpkg.com/shebang-regex/-/shebang-regex-3.0.0.tgz#ae16f1644d873ecad843b0307b143362d4c42172" integrity sha512-7++dFhtcx3353uBaq8DDR4NuxBetBzC7ZQOhmTQInHEd6bSrXdiEyzCvG07Z44UYdLShWUyXt5M/yhz8ekcb1A== -side-channel@^1.0.6: - version "1.0.6" - resolved "https://registry.yarnpkg.com/side-channel/-/side-channel-1.0.6.tgz#abd25fb7cd24baf45466406b1096b7831c9215f2" - integrity sha512-fDW/EZ6Q9RiO8eFG8Hj+7u/oW+XrPTIChwCOM2+th2A6OblDtYYIpve9m+KvI9Z4C9qSEXlaGR6bTEYHReuglA== +side-channel-list@^1.0.0: + version "1.0.0" + resolved "https://registry.yarnpkg.com/side-channel-list/-/side-channel-list-1.0.0.tgz#10cb5984263115d3b7a0e336591e290a830af8ad" + integrity sha512-FCLHtRD/gnpCiCHEiJLOwdmFP+wzCmDEkc9y7NsYxeF4u7Btsn1ZuwgwJGxImImHicJArLP4R0yX4c2KCrMrTA== + dependencies: + es-errors "^1.3.0" + object-inspect "^1.13.3" + +side-channel-map@^1.0.1: + version "1.0.1" + resolved "https://registry.yarnpkg.com/side-channel-map/-/side-channel-map-1.0.1.tgz#d6bb6b37902c6fef5174e5f533fab4c732a26f42" + integrity sha512-VCjCNfgMsby3tTdo02nbjtM/ewra6jPHmpThenkTYh8pG9ucZ/1P8So4u4FGBek/BjpOVsDCMoLA/iuBKIFXRA== + dependencies: + call-bound "^1.0.2" + es-errors "^1.3.0" + get-intrinsic "^1.2.5" + object-inspect "^1.13.3" + +side-channel-weakmap@^1.0.2: + version "1.0.2" + resolved "https://registry.yarnpkg.com/side-channel-weakmap/-/side-channel-weakmap-1.0.2.tgz#11dda19d5368e40ce9ec2bdc1fb0ecbc0790ecea" + integrity sha512-WPS/HvHQTYnHisLo9McqBHOJk2FkHO/tlpvldyrnem4aeQp4hai3gythswg6p01oSoTl58rcpiFAjF2br2Ak2A== dependencies: - call-bind "^1.0.7" + call-bound "^1.0.2" es-errors "^1.3.0" - get-intrinsic "^1.2.4" - object-inspect "^1.13.1" + get-intrinsic "^1.2.5" + object-inspect "^1.13.3" + side-channel-map "^1.0.1" + +side-channel@^1.1.0: + version "1.1.0" + resolved "https://registry.yarnpkg.com/side-channel/-/side-channel-1.1.0.tgz#c3fcff9c4da932784873335ec9765fa94ff66bc9" + integrity sha512-ZX99e6tRweoUXqR+VBrslhda51Nh5MTQwou5tnUDgbtyM0dBgmhEDtWGP/xbKn6hqfPRHujUNwz5fy/wbbhnpw== + dependencies: + es-errors "^1.3.0" + object-inspect "^1.13.3" + side-channel-list "^1.0.0" + side-channel-map "^1.0.1" + side-channel-weakmap "^1.0.2" signal-exit@^3.0.2: version "3.0.2" resolved "https://registry.yarnpkg.com/signal-exit/-/signal-exit-3.0.2.tgz#b5fdc08f1287ea1178628e415e25132b73646c6d" integrity sha1-tf3AjxKH6hF4Yo5BXiUTK3NkbG0= +signal-exit@^4.0.1: + version "4.1.0" + resolved "https://registry.yarnpkg.com/signal-exit/-/signal-exit-4.1.0.tgz#952188c1cbd546070e2dd20d0f41c0ae0530cb04" + integrity sha512-bzyZ1e88w9O1iNJbKnOlvYTrWPDl46O1bG0D3XInv+9tkPrxrN8jUUTiFlDkkmKWgn1M6CfIA13SuGqOa9Korw== + slice-ansi@^3.0.0: version "3.0.0" resolved "https://registry.yarnpkg.com/slice-ansi/-/slice-ansi-3.0.0.tgz#31ddc10930a1b7e0b67b08c96c2f49b77a789787" @@ -2080,7 +2118,16 @@ static-eval@2.0.2: dependencies: escodegen "^1.8.1" -string-width@^4.1.0: +"string-width-cjs@npm:string-width@^4.2.0": + version "4.2.3" + resolved "https://registry.yarnpkg.com/string-width/-/string-width-4.2.3.tgz#269c7117d27b05ad2e536830a8ec895ef9c6d010" + integrity sha512-wKyQRQpjJ0sIp62ErSZdGsjMJWsap5oRNihHhu6G7JVO/9jIB6UyevL+tXuOqrng8j/cxKTWyWUwvSTriiZz/g== + dependencies: + emoji-regex "^8.0.0" + is-fullwidth-code-point "^3.0.0" + strip-ansi "^6.0.1" + +string-width@^4.1.0, string-width@^4.2.3: version "4.2.3" resolved "https://registry.yarnpkg.com/string-width/-/string-width-4.2.3.tgz#269c7117d27b05ad2e536830a8ec895ef9c6d010" integrity sha512-wKyQRQpjJ0sIp62ErSZdGsjMJWsap5oRNihHhu6G7JVO/9jIB6UyevL+tXuOqrng8j/cxKTWyWUwvSTriiZz/g== @@ -2098,6 +2145,22 @@ string-width@^4.2.0: is-fullwidth-code-point "^3.0.0" strip-ansi "^6.0.0" +string-width@^5.0.1, string-width@^5.1.2: + version "5.1.2" + resolved "https://registry.yarnpkg.com/string-width/-/string-width-5.1.2.tgz#14f8daec6d81e7221d2a357e668cab73bdbca794" + integrity sha512-HnLOCR3vjcY8beoNLtcjZ5/nxn2afmME6lhrDrebokqMap+XbeW8n9TXpPDOqdGK5qcI3oT0GKTW6wC7EMiVqA== + dependencies: + eastasianwidth "^0.2.0" + emoji-regex "^9.2.2" + strip-ansi "^7.0.1" + +"strip-ansi-cjs@npm:strip-ansi@^6.0.1": + version "6.0.1" + resolved "https://registry.yarnpkg.com/strip-ansi/-/strip-ansi-6.0.1.tgz#9e26c63d30f53443e9489495b2105d37b67a85d9" + integrity sha512-Y38VPSHcqkFrCpFnQ9vuSXmquuv5oXOKpGeT6aGrr3o3Gc9AlVa6JBfUSOCnbxGGZF+/0ooI7KrPuUSztUdU5A== + dependencies: + ansi-regex "^5.0.1" + strip-ansi@^6.0.0: version "6.0.0" resolved "https://registry.yarnpkg.com/strip-ansi/-/strip-ansi-6.0.0.tgz#0b1571dd7669ccd4f3e06e14ef1eed26225ae532" @@ -2112,6 +2175,13 @@ strip-ansi@^6.0.1: dependencies: ansi-regex "^5.0.1" +strip-ansi@^7.0.1: + version "7.1.0" + resolved "https://registry.yarnpkg.com/strip-ansi/-/strip-ansi-7.1.0.tgz#d5b6568ca689d8561370b0707685d22434faff45" + integrity sha512-iq6eVVI64nQQTRYq2KtEg2d2uU7LElhTJwsH4YzIHZshxlgZms/wIc4VoDQTlG/IvVIrBKG06CrZnp0qv7hkcQ== + dependencies: + ansi-regex "^6.0.1" + strip-final-newline@^2.0.0: version "2.0.0" resolved "https://registry.yarnpkg.com/strip-final-newline/-/strip-final-newline-2.0.0.tgz#89b852fb2fcbe936f6f4b3187afb0a12c1ab58ad" @@ -2136,11 +2206,6 @@ supports-color@^8.1.1: dependencies: has-flag "^4.0.0" -text-table@^0.2.0: - version "0.2.0" - resolved "https://registry.yarnpkg.com/text-table/-/text-table-0.2.0.tgz#7f5ee823ae805207c00af2df4a84ec3fcfa570b4" - integrity sha1-f17oI66AUgfACvLfSoTsP8+lcLQ= - throttleit@^1.0.0: version "1.0.0" resolved "https://registry.yarnpkg.com/throttleit/-/throttleit-1.0.0.tgz#9e785836daf46743145a5984b6268d828528ac6c" @@ -2151,27 +2216,34 @@ through@^2.3.8: resolved "https://registry.yarnpkg.com/through/-/through-2.3.8.tgz#0dd4c9ffaabc357960b1b724115d7e0e86a2e1f5" integrity sha512-w89qg7PI8wAdvX60bMDP+bFoD5Dvhm9oLheFp5O4a2QF0cSBGsBX4qZmadPMvVqlLJBBci+WqGGOAPvcDeNSVg== +tldts-core@^6.1.86: + version "6.1.86" + resolved "https://registry.yarnpkg.com/tldts-core/-/tldts-core-6.1.86.tgz#a93e6ed9d505cb54c542ce43feb14c73913265d8" + integrity sha512-Je6p7pkk+KMzMv2XXKmAE3McmolOQFdxkKw0R8EYNr7sELW46JqnNeTX8ybPiQgvg1ymCoF8LXs5fzFaZvJPTA== + +tldts@^6.1.32: + version "6.1.86" + resolved "https://registry.yarnpkg.com/tldts/-/tldts-6.1.86.tgz#087e0555b31b9725ee48ca7e77edc56115cd82f7" + integrity sha512-WMi/OQ2axVTf/ykqCQgXiIct+mSQDFdH2fkwhPwgEwvJ1kSzZRiinb0zF2Xb8u4+OqPChmyI6MEu4EezNJz+FQ== + dependencies: + tldts-core "^6.1.86" + tmp@~0.2.3: version "0.2.3" resolved "https://registry.yarnpkg.com/tmp/-/tmp-0.2.3.tgz#eb783cc22bc1e8bebd0671476d46ea4eb32a79ae" integrity sha512-nZD7m9iCPC5g0pYmcaxogYKggSfLsdxl8of3Q/oIbqCqLLIO9IAF0GWjX1z9NZRHPiXv8Wex4yDCaZsgEw0Y8w== -to-regex-range@^5.0.1: - version "5.0.1" - resolved "https://registry.yarnpkg.com/to-regex-range/-/to-regex-range-5.0.1.tgz#1648c44aae7c8d988a326018ed72f5b4dd0392e4" - integrity sha512-65P7iz6X5yEr1cwcgvQxbbIw7Uk3gOy5dIdtZ4rDveLqhrdJP+Li/Hx6tyK0NEb+2GCyneCMJiGqrADCSNk8sQ== +tough-cookie@^5.0.0: + version "5.1.2" + resolved "https://registry.yarnpkg.com/tough-cookie/-/tough-cookie-5.1.2.tgz#66d774b4a1d9e12dc75089725af3ac75ec31bed7" + integrity sha512-FVDYdxtnj0G6Qm/DhNPSb8Ju59ULcup3tuJxkFb5K8Bv2pUXILbf0xZWU8PX8Ov19OXljbUyveOFwRMwkXzO+A== dependencies: - is-number "^7.0.0" + tldts "^6.1.32" -tough-cookie@^4.1.3: - version "4.1.4" - resolved "https://registry.yarnpkg.com/tough-cookie/-/tough-cookie-4.1.4.tgz#945f1461b45b5a8c76821c33ea49c3ac192c1b36" - integrity sha512-Loo5UUvLD9ScZ6jh8beX1T6sO1w2/MpCRpEP7V280GKMVUQ0Jzar2U3UJPsrdbziLEMMhu3Ujnq//rhiFuIeag== - dependencies: - psl "^1.1.33" - punycode "^2.1.1" - universalify "^0.2.0" - url-parse "^1.5.3" +tree-kill@1.2.2: + version "1.2.2" + resolved "https://registry.yarnpkg.com/tree-kill/-/tree-kill-1.2.2.tgz#4ca09a9092c88b73a7cdc5e8a01b507b0790a0cc" + integrity sha512-L0Orpi8qGpRG//Nd+H90vFB+3iHnue1zSSGmNOOCh1GLJ7rUKVwV2HvijphGQS2UmhUZewS9VgvxYIdgr+fG1A== tslib@^2.1.0: version "2.5.0" @@ -2204,11 +2276,6 @@ type-check@~0.3.2: dependencies: prelude-ls "~1.1.2" -type-fest@^0.20.2: - version "0.20.2" - resolved "https://registry.yarnpkg.com/type-fest/-/type-fest-0.20.2.tgz#1bf207f4b28f91583666cb5fbd327887301cd5f4" - integrity sha512-Ne+eE4r0/iWnpAxD852z3A+N0Bt5RN//NjJwRd2VFHEmrywxf5vsZlh4R6lixl6B+wz/8d+maTSAkN1FIkI3LQ== - type-fest@^0.21.3: version "0.21.3" resolved "https://registry.yarnpkg.com/type-fest/-/type-fest-0.21.3.tgz#d260a24b0198436e133fa26a524a6d65fa3b2e37" @@ -2219,11 +2286,6 @@ underscore@1.12.1: resolved "https://registry.yarnpkg.com/underscore/-/underscore-1.12.1.tgz#7bb8cc9b3d397e201cf8553336d262544ead829e" integrity sha512-hEQt0+ZLDVUMhebKxL4x1BTtDY7bavVofhZ9KZ4aI26X9SRaE+Y3m83XUL1UP2jn8ynjndwCCpEHdUG+9pP1Tw== -universalify@^0.2.0: - version "0.2.0" - resolved "https://registry.yarnpkg.com/universalify/-/universalify-0.2.0.tgz#6451760566fa857534745ab1dde952d1b1761be0" - integrity sha512-CJ1QgKmNg3CwvAv/kOFmtnEN05f0D/cn9QntgNOQlQF9dgvVTHj3t+8JPdjqawCHk7V/KA+fbUqzZ9XWhcqPUg== - universalify@^2.0.0: version "2.0.0" resolved "https://registry.yarnpkg.com/universalify/-/universalify-2.0.0.tgz#75a4984efedc4b08975c5aeb73f530d02df25717" @@ -2248,14 +2310,6 @@ uri-js@^4.4.1: dependencies: punycode "^2.1.0" -url-parse@^1.5.3: - version "1.5.10" - resolved "https://registry.yarnpkg.com/url-parse/-/url-parse-1.5.10.tgz#9d3c2f736c1d75dd3bd2be507dcc111f1e2ea9c1" - integrity sha512-WypcfiRhfeUP9vvF0j6rw0J3hrWrw6iZv3+22h6iRMJ/8z1Tj6XfLP4DsUix5MhMPnXpiHDoKyoZ/bdCkwBCiQ== - dependencies: - querystringify "^2.1.1" - requires-port "^1.0.0" - uuid@^8.3.2: version "8.3.2" resolved "https://registry.yarnpkg.com/uuid/-/uuid-8.3.2.tgz#80d5b5ced271bb9af6c445f21a1a04c606cefbe2" @@ -2287,10 +2341,19 @@ word-wrap@~1.2.3: resolved "https://registry.yarnpkg.com/word-wrap/-/word-wrap-1.2.4.tgz#cb4b50ec9aca570abd1f52f33cd45b6c61739a9f" integrity sha512-2V81OA4ugVo5pRo46hAoD2ivUJx8jXmWXfUkY4KFNw0hEptvN0QfH3K4nHiwzGeKl5rFKedV48QVoqYavy4YpA== -workerpool@^6.5.1: - version "6.5.1" - resolved "https://registry.yarnpkg.com/workerpool/-/workerpool-6.5.1.tgz#060f73b39d0caf97c6db64da004cd01b4c099544" - integrity sha512-Fs4dNYcsdpYSAfVxhnl1L5zTksjvOJxtC5hzMNl+1t9B8hTJTdKDyZ5ju7ztgPy+ft9tBFXoOlDNiOT9WUXZlA== +workerpool@^9.2.0: + version "9.3.2" + resolved "https://registry.yarnpkg.com/workerpool/-/workerpool-9.3.2.tgz#4c045a8b437ae1bc70c646af11929a8b4d238656" + integrity sha512-Xz4Nm9c+LiBHhDR5bDLnNzmj6+5F+cyEAWPMkbs2awq/dYazR/efelZzUAjB/y3kNHL+uzkHvxVVpaOfGCPV7A== + +"wrap-ansi-cjs@npm:wrap-ansi@^7.0.0": + version "7.0.0" + resolved "https://registry.yarnpkg.com/wrap-ansi/-/wrap-ansi-7.0.0.tgz#67e145cff510a6a6984bdf1152911d69d2eb9e43" + integrity sha512-YVGIj2kamLSTxw6NsZjoBxfSwsn0ycdesmc4p+Q21c5zPuZ1pl+NfxVdxPtdHvmNVOQ6XSYG4AUtyt/Fi7D16Q== + dependencies: + ansi-styles "^4.0.0" + string-width "^4.1.0" + strip-ansi "^6.0.0" wrap-ansi@^6.2.0: version "6.2.0" @@ -2310,6 +2373,15 @@ wrap-ansi@^7.0.0: string-width "^4.1.0" strip-ansi "^6.0.0" +wrap-ansi@^8.1.0: + version "8.1.0" + resolved "https://registry.yarnpkg.com/wrap-ansi/-/wrap-ansi-8.1.0.tgz#56dc22368ee570face1b49819975d9b9a5ead214" + integrity sha512-si7QWI6zUMq56bESFvagtmzMdGOtoxfR+Sez11Mobfc7tm+VkUckk9bW2UeffTGVUbOksxmSw0AA2gs8g71NCQ== + dependencies: + ansi-styles "^6.1.0" + string-width "^5.0.1" + strip-ansi "^7.0.1" + wrappy@1: version "1.0.2" resolved "https://registry.yarnpkg.com/wrappy/-/wrappy-1.0.2.tgz#b5243d8f3ec1aa35f1364605bc0d1036e30ab69f" @@ -2325,10 +2397,10 @@ y18n@^5.0.5: resolved "https://registry.yarnpkg.com/y18n/-/y18n-5.0.8.tgz#7f4934d0f7ca8c56f95314939ddcd2dd91ce1d55" integrity sha512-0pfFzegeDWJHJIAmTLRP2DwHjdF5s7jo9tuztdQxAhINCdvS+3nGINqPd00AphqJR/0LhANUS6/+7SCb98YOfA== -yargs-parser@^20.2.2, yargs-parser@^20.2.9: - version "20.2.9" - resolved "https://registry.yarnpkg.com/yargs-parser/-/yargs-parser-20.2.9.tgz#2eb7dc3b0289718fc295f362753845c41a0c94ee" - integrity sha512-y11nGElTIV+CT3Zv9t7VKl+Q3hTQoT9a1Qzezhhl6Rp21gJ/IVTW7Z3y9EWXhuUBC2Shnf+DX0antecpAwSP8w== +yargs-parser@^21.1.1: + version "21.1.1" + resolved "https://registry.yarnpkg.com/yargs-parser/-/yargs-parser-21.1.1.tgz#9096bceebf990d21bb31fa9516e0ede294a77d35" + integrity sha512-tVpsJW7DdjecAiFpbIB1e3qxIQsE6NoPc5/eTdrbbIC4h0LVsWhnoa3g+m2HclBIujHzsxZ4VJVA+GUuc2/LBw== yargs-unparser@^2.0.0: version "2.0.0" @@ -2340,18 +2412,18 @@ yargs-unparser@^2.0.0: flat "^5.0.2" is-plain-obj "^2.1.0" -yargs@^16.2.0: - version "16.2.0" - resolved "https://registry.yarnpkg.com/yargs/-/yargs-16.2.0.tgz#1c82bf0f6b6a66eafce7ef30e376f49a12477f66" - integrity sha512-D1mvvtDG0L5ft/jGWkLpG1+m0eQxOfaBvTNELraWj22wSVUMWxZUvYgJYcKh6jGGIkJFhH4IZPQhR4TKpc8mBw== +yargs@^17.7.2: + version "17.7.2" + resolved "https://registry.yarnpkg.com/yargs/-/yargs-17.7.2.tgz#991df39aca675a192b816e1e0363f9d75d2aa269" + integrity sha512-7dSzzRQ++CKnNI/krKnYRV7JKKPUXMEh61soaHKg9mrWEhzFWhFnxPxGl+69cD1Ou63C13NUPCnmIcrvqCuM6w== dependencies: - cliui "^7.0.2" + cliui "^8.0.1" escalade "^3.1.1" get-caller-file "^2.0.5" require-directory "^2.1.1" - string-width "^4.2.0" + string-width "^4.2.3" y18n "^5.0.5" - yargs-parser "^20.2.2" + yargs-parser "^21.1.1" yauzl@^2.10.0: version "2.10.0" From ef69be2036a423090df367ceafe1663d038e7676 Mon Sep 17 00:00:00 2001 From: h33n0k Date: Thu, 12 Jun 2025 08:58:17 +0200 Subject: [PATCH 147/175] Fix Incorrect Api status codes Update Incorrect status code based off the api schema --- backend/routes/users.js | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/backend/routes/users.js b/backend/routes/users.js index f8ce366c9..e41bf6cfb 100644 --- a/backend/routes/users.js +++ b/backend/routes/users.js @@ -181,7 +181,7 @@ router return internalUser.setPassword(res.locals.access, payload); }) .then((result) => { - res.status(201) + res.status(200) .send(result); }) .catch(next); @@ -212,7 +212,7 @@ router return internalUser.setPermissions(res.locals.access, payload); }) .then((result) => { - res.status(201) + res.status(200) .send(result); }) .catch(next); @@ -238,7 +238,7 @@ router .post((req, res, next) => { internalUser.loginAs(res.locals.access, {id: parseInt(req.params.user_id, 10)}) .then((result) => { - res.status(201) + res.status(200) .send(result); }) .catch(next); From b873499feba803107412932d3b84881128c2319b Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 24 Jun 2025 09:20:21 +0000 Subject: [PATCH 148/175] Bump pbkdf2 from 3.1.1 to 3.1.3 in /frontend Bumps [pbkdf2](https://github.com/crypto-browserify/pbkdf2) from 3.1.1 to 3.1.3. - [Changelog](https://github.com/browserify/pbkdf2/blob/master/CHANGELOG.md) - [Commits](https://github.com/crypto-browserify/pbkdf2/compare/v3.1.1...v3.1.3) --- updated-dependencies: - dependency-name: pbkdf2 dependency-version: 3.1.3 dependency-type: indirect ... Signed-off-by: dependabot[bot] --- frontend/yarn.lock | 253 +++++++++++++++++++++++++++++++++++++++++++-- 1 file changed, 242 insertions(+), 11 deletions(-) diff --git a/frontend/yarn.lock b/frontend/yarn.lock index 02655441f..a0b363144 100644 --- a/frontend/yarn.lock +++ b/frontend/yarn.lock @@ -907,6 +907,13 @@ atob@^2.1.2: resolved "https://registry.yarnpkg.com/atob/-/atob-2.1.2.tgz#6d9517eb9e030d2436666651e86bd9f6f13533c9" integrity sha512-Wm6ukoaOGJi/73p/cl2GvLjTI5JM1k/O14isD73YML8StrH/7/lRFgmg8nICZgD3bZZvjwCGxtMOD3wWNAu8cg== +available-typed-arrays@^1.0.7: + version "1.0.7" + resolved "https://registry.yarnpkg.com/available-typed-arrays/-/available-typed-arrays-1.0.7.tgz#a5cc375d6a03c2efc87a553f3e0b1522def14846" + integrity sha512-wvUjBtSGN7+7SjNpq/9M2Tg350UZD3q62IFZLbRAR1bSMlCo1ZaeW+BJ+D090e4hIIZLBcTDWe4Mh4jvUDajzQ== + dependencies: + possible-typed-array-names "^1.0.0" + babel-code-frame@^6.26.0: version "6.26.0" resolved "https://registry.yarnpkg.com/babel-code-frame/-/babel-code-frame-6.26.0.tgz#63fd43f7dc1e3bb7ce35947db8fe369a3f58c74b" @@ -1790,6 +1797,32 @@ cacheable-request@^6.0.0: normalize-url "^4.1.0" responselike "^1.0.2" +call-bind-apply-helpers@^1.0.0, call-bind-apply-helpers@^1.0.1, call-bind-apply-helpers@^1.0.2: + version "1.0.2" + resolved "https://registry.yarnpkg.com/call-bind-apply-helpers/-/call-bind-apply-helpers-1.0.2.tgz#4b5428c222be985d79c3d82657479dbe0b59b2d6" + integrity sha512-Sp1ablJ0ivDkSzjcaJdxEunN5/XvksFJ2sMBFfq6x0ryhQV/2b/KwFe21cMpmHtPOSij8K99/wSfoEuTObmuMQ== + dependencies: + es-errors "^1.3.0" + function-bind "^1.1.2" + +call-bind@^1.0.8: + version "1.0.8" + resolved "https://registry.yarnpkg.com/call-bind/-/call-bind-1.0.8.tgz#0736a9660f537e3388826f440d5ec45f744eaa4c" + integrity sha512-oKlSFMcMwpUg2ednkhQ454wfWiU/ul3CkJe/PEHcTKuiX6RpbehUiFMXu13HalGZxfUwCQzZG747YXBn1im9ww== + dependencies: + call-bind-apply-helpers "^1.0.0" + es-define-property "^1.0.0" + get-intrinsic "^1.2.4" + set-function-length "^1.2.2" + +call-bound@^1.0.3, call-bound@^1.0.4: + version "1.0.4" + resolved "https://registry.yarnpkg.com/call-bound/-/call-bound-1.0.4.tgz#238de935d2a2a692928c538c7ccfa91067fd062a" + integrity sha512-+ys997U96po4Kx/ABpBCqhA9EuxJaQWDQg7295H4hBphv3IZg0boBKuwYpt4YXp6MZ5AmZQnU/tyMTlRpaSejg== + dependencies: + call-bind-apply-helpers "^1.0.2" + get-intrinsic "^1.3.0" + callsites@^3.0.0: version "3.1.0" resolved "https://registry.yarnpkg.com/callsites/-/callsites-3.1.0.tgz#b3630abd8943432f54b3f0519238e33cd7df2f73" @@ -2232,7 +2265,7 @@ create-ecdh@^4.0.0: bn.js "^4.1.0" elliptic "^6.5.3" -create-hash@^1.1.0, create-hash@^1.1.2, create-hash@^1.2.0: +create-hash@^1.1.0, create-hash@^1.2.0: version "1.2.0" resolved "https://registry.yarnpkg.com/create-hash/-/create-hash-1.2.0.tgz#889078af11a63756bcfb59bd221996be3a9ef196" integrity sha512-z00bCGNHDG8mHAkP7CtT1qVu+bFQUPjYq/4Iv3C3kWjTFV10zIjfSoeqXo9Asws8gwSHDGj/hl2u4OGIjapeCg== @@ -2243,7 +2276,17 @@ create-hash@^1.1.0, create-hash@^1.1.2, create-hash@^1.2.0: ripemd160 "^2.0.1" sha.js "^2.4.0" -create-hmac@^1.1.0, create-hmac@^1.1.4, create-hmac@^1.1.7: +create-hash@~1.1.3: + version "1.1.3" + resolved "https://registry.yarnpkg.com/create-hash/-/create-hash-1.1.3.tgz#606042ac8b9262750f483caddab0f5819172d8fd" + integrity sha512-snRpch/kwQhcdlnZKYanNF1m0RDlrCdSKQaH87w1FCFPVPNCQ/Il9QJKAX2jVBZddRdaHBMC+zXa9Gw9tmkNUA== + dependencies: + cipher-base "^1.0.1" + inherits "^2.0.1" + ripemd160 "^2.0.0" + sha.js "^2.4.0" + +create-hmac@^1.1.0, create-hmac@^1.1.7: version "1.1.7" resolved "https://registry.yarnpkg.com/create-hmac/-/create-hmac-1.1.7.tgz#69170c78b3ab957147b2b8b04572e47ead2243ff" integrity sha512-MJG9liiZ+ogc4TzUwuvbER1JRdgvUFSB5+VR/g5h82fGaIRWMWddtKBHi7/sVhfjQZ6SehlyhvQYrcYkaUIpLg== @@ -2414,6 +2457,15 @@ defer-to-connect@^1.0.1: resolved "https://registry.yarnpkg.com/defer-to-connect/-/defer-to-connect-1.1.3.tgz#331ae050c08dcf789f8c83a7b81f0ed94f4ac591" integrity sha512-0ISdNousHvZT2EiFlZeZAHBUvSxmKswVCEf8hW7KWgG4a8MVEu/3Vb6uWYozkjylyCxe0JBIiRB1jV45S70WVQ== +define-data-property@^1.1.4: + version "1.1.4" + resolved "https://registry.yarnpkg.com/define-data-property/-/define-data-property-1.1.4.tgz#894dc141bb7d3060ae4366f6a0107e68fbe48c5e" + integrity sha512-rBMvIzlpA8v6E+SJZoo++HAYqsLrkg7MSfIinMPFhmkorw7X+dOXVJQs+QT69zGkzMyfDnIMN2Wid1+NbL3T+A== + dependencies: + es-define-property "^1.0.0" + es-errors "^1.3.0" + gopd "^1.0.1" + define-properties@^1.1.2, define-properties@^1.1.3: version "1.1.3" resolved "https://registry.yarnpkg.com/define-properties/-/define-properties-1.1.3.tgz#cf88da6cbee26fe6db7094f61d870cbd84cee9f1" @@ -2579,6 +2631,15 @@ dot-prop@^5.2.0: dependencies: is-obj "^2.0.0" +dunder-proto@^1.0.1: + version "1.0.1" + resolved "https://registry.yarnpkg.com/dunder-proto/-/dunder-proto-1.0.1.tgz#d7ae667e1dc83482f8b70fd0f6eefc50da30f58a" + integrity sha512-KIN/nDJBQRcXw0MLVhZE9iQHmG68qAVIBg9CqmUYjmQIhgij9U5MFvrqkUL5FbtyyzZuOeOt0zdeRe4UY7ct+A== + dependencies: + call-bind-apply-helpers "^1.0.1" + es-errors "^1.3.0" + gopd "^1.2.0" + duplexer3@^0.1.4: version "0.1.4" resolved "https://registry.yarnpkg.com/duplexer3/-/duplexer3-0.1.4.tgz#ee01dd1cac0ed3cbc7fdbea37dc0a8f1ce002ce2" @@ -2762,6 +2823,23 @@ es-abstract@^1.17.0-next.1, es-abstract@^1.17.5: string.prototype.trimend "^1.0.1" string.prototype.trimstart "^1.0.1" +es-define-property@^1.0.0, es-define-property@^1.0.1: + version "1.0.1" + resolved "https://registry.yarnpkg.com/es-define-property/-/es-define-property-1.0.1.tgz#983eb2f9a6724e9303f61addf011c72e09e0b0fa" + integrity sha512-e3nRfgfUZ4rNGL232gUgX06QNyyez04KdjFrF+LTRoOXmrOgFKDg4BCdsjW8EnT69eqdYGmRpJwiPVYNrCaW3g== + +es-errors@^1.3.0: + version "1.3.0" + resolved "https://registry.yarnpkg.com/es-errors/-/es-errors-1.3.0.tgz#05f75a25dab98e4fb1dcd5e1472c0546d5057c8f" + integrity sha512-Zf5H2Kxt2xjTvbJvP2ZWLEICxA6j+hAmMzIlypy4xcBg1vKVnx89Wy0GbS+kf5cwCVFFzdCFh2XSCFNULS6csw== + +es-object-atoms@^1.0.0, es-object-atoms@^1.1.1: + version "1.1.1" + resolved "https://registry.yarnpkg.com/es-object-atoms/-/es-object-atoms-1.1.1.tgz#1c4f2c4837327597ce69d2ca190a7fdd172338c1" + integrity sha512-FGgH2h8zKNim9ljj7dankFPcICIK9Cp5bm+c2gQSYePhpaG5+esrLODihIorn+Pe6FGJzWhXQotPv73jTaldXA== + dependencies: + es-errors "^1.3.0" + es-to-primitive@^1.2.1: version "1.2.1" resolved "https://registry.yarnpkg.com/es-to-primitive/-/es-to-primitive-1.2.1.tgz#e55cd4c9cdc188bcefb03b366c736323fc5c898a" @@ -3131,6 +3209,13 @@ flush-write-stream@^1.0.0: inherits "^2.0.3" readable-stream "^2.3.6" +for-each@^0.3.5: + version "0.3.5" + resolved "https://registry.yarnpkg.com/for-each/-/for-each-0.3.5.tgz#d650688027826920feeb0af747ee7b9421a41d47" + integrity sha512-dKx12eRCVIzqCxFGplyFKJMPvLEWgmNtUrpTiJIR5u97zEhRG8ySrtboPHZXx7daLxQVrl643cTzbab2tkQjxg== + dependencies: + is-callable "^1.2.7" + for-in@^1.0.2: version "1.0.2" resolved "https://registry.yarnpkg.com/for-in/-/for-in-1.0.2.tgz#81068d295a8142ec0ac726c6e2200c30fb6d5e80" @@ -3191,6 +3276,11 @@ function-bind@^1.1.1: resolved "https://registry.yarnpkg.com/function-bind/-/function-bind-1.1.1.tgz#a56899d3ea3c9bab874bb9773b7c5ede92f4895d" integrity sha512-yIovAzMX49sF8Yl58fSCWJ5svSLuaibPxXQJFLmBObTuCr0Mf1KiPopGM9NiFjiYBCbfaa2Fh6breQ6ANVTI0A== +function-bind@^1.1.2: + version "1.1.2" + resolved "https://registry.yarnpkg.com/function-bind/-/function-bind-1.1.2.tgz#2c02d864d97f3ea6c8830c464cbd11ab6eab7a1c" + integrity sha512-7XHNxH7qX9xG5mIwxkhumTox/MIRNcOgDrxWsMt2pAr23WHp6MrRlN7FBSFpCpr+oVO0F744iUgR82nJMfG2SA== + functional-red-black-tree@^1.0.1: version "1.0.1" resolved "https://registry.yarnpkg.com/functional-red-black-tree/-/functional-red-black-tree-1.0.1.tgz#1b0ab3bd553b2a0d6399d29c0e3ea0b252078327" @@ -3227,6 +3317,30 @@ get-caller-file@^2.0.1, get-caller-file@^2.0.5: resolved "https://registry.yarnpkg.com/get-caller-file/-/get-caller-file-2.0.5.tgz#4f94412a82db32f36e3b0b9741f8a97feb031f7e" integrity sha512-DyFP3BM/3YHTQOCUL/w0OZHR0lpKeGrxotcHWcqNEdnltqFwXVfhEBQ94eIo34AfQpo0rGki4cyIiftY06h2Fg== +get-intrinsic@^1.2.4, get-intrinsic@^1.3.0: + version "1.3.0" + resolved "https://registry.yarnpkg.com/get-intrinsic/-/get-intrinsic-1.3.0.tgz#743f0e3b6964a93a5491ed1bffaae054d7f98d01" + integrity sha512-9fSjSaos/fRIVIp+xSJlE6lfwhES7LNtKaCBIamHsjr2na1BiABJPo0mOjjz8GJDURarmCPGqaiVg5mfjb98CQ== + dependencies: + call-bind-apply-helpers "^1.0.2" + es-define-property "^1.0.1" + es-errors "^1.3.0" + es-object-atoms "^1.1.1" + function-bind "^1.1.2" + get-proto "^1.0.1" + gopd "^1.2.0" + has-symbols "^1.1.0" + hasown "^2.0.2" + math-intrinsics "^1.1.0" + +get-proto@^1.0.1: + version "1.0.1" + resolved "https://registry.yarnpkg.com/get-proto/-/get-proto-1.0.1.tgz#150b3f2743869ef3e851ec0c49d15b1d14d00ee1" + integrity sha512-sTSfBjoXBp89JvIKIefqw7U2CCebsc74kiY6awiGogKtoSGbgjYE/G/+l9sF3MWFPNc9IcoOC4ODfKHfxFmp0g== + dependencies: + dunder-proto "^1.0.1" + es-object-atoms "^1.0.0" + get-stdin@^4.0.1: version "4.0.1" resolved "https://registry.yarnpkg.com/get-stdin/-/get-stdin-4.0.1.tgz#b968c6b0a04384324902e8bf1a5df32579a450fe" @@ -3393,6 +3507,11 @@ globule@^1.0.0: lodash "~4.17.10" minimatch "~3.0.2" +gopd@^1.0.1, gopd@^1.2.0: + version "1.2.0" + resolved "https://registry.yarnpkg.com/gopd/-/gopd-1.2.0.tgz#89f56b8217bdbc8802bd299df6d7f1081d7e51a1" + integrity sha512-ZUKRh6/kUFoAiTAtTYPZJ3hw9wNxx+BIBOijnlG9PnrJsCcSjs1wyyD6vJpaYtgnzDrKYRSqf3OO6Rfa93xsRg== + got@^9.6.0: version "9.6.0" resolved "https://registry.yarnpkg.com/got/-/got-9.6.0.tgz#edf45e7d67f99545705de1f7bbeeeb121765ed85" @@ -3442,11 +3561,30 @@ has-flag@^4.0.0: resolved "https://registry.yarnpkg.com/has-flag/-/has-flag-4.0.0.tgz#944771fd9c81c81265c4d6941860da06bb59479b" integrity sha512-EykJT/Q1KjTWctppgIAgfSO0tKVuZUjhgMr17kqTumMl6Afv3EISleU7qZUzoXDFTAHTDC4NOoG/ZxU3EvlMPQ== +has-property-descriptors@^1.0.2: + version "1.0.2" + resolved "https://registry.yarnpkg.com/has-property-descriptors/-/has-property-descriptors-1.0.2.tgz#963ed7d071dc7bf5f084c5bfbe0d1b6222586854" + integrity sha512-55JNKuIW+vq4Ke1BjOTjM2YctQIvCT7GFzHwmfZPGo5wnrgkid0YQtnAleFSqumZm4az3n2BS+erby5ipJdgrg== + dependencies: + es-define-property "^1.0.0" + has-symbols@^1.0.0, has-symbols@^1.0.1: version "1.0.1" resolved "https://registry.yarnpkg.com/has-symbols/-/has-symbols-1.0.1.tgz#9f5214758a44196c406d9bd76cebf81ec2dd31e8" integrity sha512-PLcsoqu++dmEIZB+6totNFKq/7Do+Z0u4oT0zKOJNl3lYK6vGwwu2hjHs+68OEZbTjiUE9bgOABXbP/GvrS0Kg== +has-symbols@^1.0.3, has-symbols@^1.1.0: + version "1.1.0" + resolved "https://registry.yarnpkg.com/has-symbols/-/has-symbols-1.1.0.tgz#fc9c6a783a084951d0b971fe1018de813707a338" + integrity sha512-1cDNdwJ2Jaohmb3sg4OmKaMBwuC48sYni5HUw2DvsC8LjGTLK9h+eb1X6RyuOHe4hT0ULCW68iomhjUoKUqlPQ== + +has-tostringtag@^1.0.2: + version "1.0.2" + resolved "https://registry.yarnpkg.com/has-tostringtag/-/has-tostringtag-1.0.2.tgz#2cdc42d40bef2e5b4eeab7c01a73c54ce7ab5abc" + integrity sha512-NqADB8VjPFLM2V0VvHUewwwsw0ZWBaIdgo+ieHtK3hasLz4qeCRjYcqfB6AQrBggRKppKF8L52/VqdVsO47Dlw== + dependencies: + has-symbols "^1.0.3" + has-unicode@^2.0.1: version "2.0.1" resolved "https://registry.yarnpkg.com/has-unicode/-/has-unicode-2.0.1.tgz#e0e6fe6a28cf51138855e086d1691e771de2a8b9" @@ -3495,6 +3633,13 @@ has@^1.0.3: dependencies: function-bind "^1.1.1" +hash-base@^2.0.0: + version "2.0.2" + resolved "https://registry.yarnpkg.com/hash-base/-/hash-base-2.0.2.tgz#66ea1d856db4e8a5470cadf6fce23ae5244ef2e1" + integrity sha512-0TROgQ1/SxE6KmxWSvXHvRj90/Xo1JvZShofnYF+f6ZsGtR4eES7WfrQzPalmyagfKZCXpVnitiRebZulWsbiw== + dependencies: + inherits "^2.0.1" + hash-base@^3.0.0: version "3.1.0" resolved "https://registry.yarnpkg.com/hash-base/-/hash-base-3.1.0.tgz#55c381d9e06e1d2997a883b4a3fddfe7f0d3af33" @@ -3512,6 +3657,13 @@ hash.js@^1.0.0, hash.js@^1.0.3: inherits "^2.0.3" minimalistic-assert "^1.0.1" +hasown@^2.0.2: + version "2.0.2" + resolved "https://registry.yarnpkg.com/hasown/-/hasown-2.0.2.tgz#003eaf91be7adc372e84ec59dc37252cedb80003" + integrity sha512-0hJU9SCPvmMzIBdZFqNPXWa6dqh7WdH0cII9y+CyS8rG3nL48Bclra9HmKhVVUHyPWNH5Y7xDwAB7bfgSjkUMQ== + dependencies: + function-bind "^1.1.2" + he@1.2.x, he@^1.2.0: version "1.2.0" resolved "https://registry.yarnpkg.com/he/-/he-1.2.0.tgz#84ae65fa7eafb165fddb61566ae14baf05664f0f" @@ -3856,6 +4008,11 @@ is-callable@^1.1.4, is-callable@^1.2.0: resolved "https://registry.yarnpkg.com/is-callable/-/is-callable-1.2.0.tgz#83336560b54a38e35e3a2df7afd0454d691468bb" integrity sha512-pyVD9AaGLxtg6srb2Ng6ynWJqkHU9bEM087AKck0w8QwDarTfNcpIYoU8x8Hv2Icm8u6kFJM18Dag8lyqGkviw== +is-callable@^1.2.7: + version "1.2.7" + resolved "https://registry.yarnpkg.com/is-callable/-/is-callable-1.2.7.tgz#3bc2a85ea742d9e36205dcacdd72ca1fdc51b055" + integrity sha512-1BC0BVFhS/p0qtw6enp8e+8OD0UrK0oFLztSjNzhcKA3WDuJxxAPXzPuPtKkjEY9UUoEWlX/8fgKeu2S8i9JTA== + is-ci@^2.0.0: version "2.0.0" resolved "https://registry.yarnpkg.com/is-ci/-/is-ci-2.0.0.tgz#6bc6334181810e04b5c22b3d589fdca55026404c" @@ -4019,6 +4176,13 @@ is-symbol@^1.0.2: dependencies: has-symbols "^1.0.1" +is-typed-array@^1.1.14: + version "1.1.15" + resolved "https://registry.yarnpkg.com/is-typed-array/-/is-typed-array-1.1.15.tgz#4bfb4a45b61cee83a5a46fba778e4e8d59c0ce0b" + integrity sha512-p3EcsicXjit7SaskXHs1hA91QxgTw46Fv6EFKKGS5DRFLD8yKnohjF3hxoju94b/OcMZoQukzpPpBE9uLVKzgQ== + dependencies: + which-typed-array "^1.1.16" + is-typedarray@^1.0.0: version "1.0.0" resolved "https://registry.yarnpkg.com/is-typedarray/-/is-typedarray-1.0.0.tgz#e479c80858df0c1b11ddda6940f96011fcda4a9a" @@ -4044,6 +4208,11 @@ isarray@1.0.0, isarray@^1.0.0, isarray@~1.0.0: resolved "https://registry.yarnpkg.com/isarray/-/isarray-1.0.0.tgz#bb935d48582cba168c06834957a54a3e07124f11" integrity sha1-u5NdSFgsuhaMBoNJV6VKPgcSTxE= +isarray@^2.0.5: + version "2.0.5" + resolved "https://registry.yarnpkg.com/isarray/-/isarray-2.0.5.tgz#8af1e4c1221244cc62459faf38940d4e644a5723" + integrity sha512-xHjhDr3cNBK0BzdUJSPXZntQUx/mwMS5Rw4A7lPJ90XGAO6ISP/ePDNuo0vhqOZU+UD5JoodwCAAoZQd3FeAKw== + isexe@^2.0.0: version "2.0.0" resolved "https://registry.yarnpkg.com/isexe/-/isexe-2.0.0.tgz#e8fbf374dc556ff8947a10dcb0572d633f2cfa10" @@ -4436,6 +4605,11 @@ marionette.templatecache@^1.0.0: dependencies: backbone.marionette "^4.0.0, 4.0.0-beta.1" +math-intrinsics@^1.1.0: + version "1.1.0" + resolved "https://registry.yarnpkg.com/math-intrinsics/-/math-intrinsics-1.1.0.tgz#a0dd74be81e2aa5c2f27e65ce283605ee4e2b7f9" + integrity sha512-/IXtbwEk5HTPyEwyKX6hGkYXxM9nbj64B+ilVJnC/R6B0pH5G4V3b0pVbL7DBj4tkhBAppbQUlf6F6Xl9LHu1g== + md5.js@^1.3.4: version "1.3.5" resolved "https://registry.yarnpkg.com/md5.js/-/md5.js-1.3.5.tgz#b5d07b8e3216e3e27cd728d72f70d1e6a342005f" @@ -5289,15 +5463,16 @@ path-type@^4.0.0: integrity sha512-gDKb8aZMDeD/tZWs9P6+q0J9Mwkdl6xMV8TjnGP3qJVJ06bdMgkbBlLU8IdfOsIsFz2BW1rNVT3XuNEl8zPAvw== pbkdf2@^3.0.3: - version "3.1.1" - resolved "https://registry.yarnpkg.com/pbkdf2/-/pbkdf2-3.1.1.tgz#cb8724b0fada984596856d1a6ebafd3584654b94" - integrity sha512-4Ejy1OPxi9f2tt1rRV7Go7zmfDQ+ZectEQz3VGUQhgq62HtIRPDyG/JtnwIxs6x3uNMwo2V7q1fMvKjb+Tnpqg== + version "3.1.3" + resolved "https://registry.yarnpkg.com/pbkdf2/-/pbkdf2-3.1.3.tgz#8be674d591d65658113424592a95d1517318dd4b" + integrity sha512-wfRLBZ0feWRhCIkoMB6ete7czJcnNnqRpcoWQBLqatqXXmelSRqfdDK4F3u9T2s2cXas/hQJcryI/4lAL+XTlA== dependencies: - create-hash "^1.1.2" - create-hmac "^1.1.4" - ripemd160 "^2.0.1" - safe-buffer "^5.0.1" - sha.js "^2.4.8" + create-hash "~1.1.3" + create-hmac "^1.1.7" + ripemd160 "=2.0.1" + safe-buffer "^5.2.1" + sha.js "^2.4.11" + to-buffer "^1.2.0" picomatch@^2.0.4, picomatch@^2.0.5, picomatch@^2.2.1: version "2.2.2" @@ -5326,6 +5501,11 @@ posix-character-classes@^0.1.0: resolved "https://registry.yarnpkg.com/posix-character-classes/-/posix-character-classes-0.1.1.tgz#01eac0fe3b5af71a2a6c02feabb8c1fef7e00eab" integrity sha1-AerA/jta9xoqbAL+q7jB/vfgDqs= +possible-typed-array-names@^1.0.0: + version "1.1.0" + resolved "https://registry.yarnpkg.com/possible-typed-array-names/-/possible-typed-array-names-1.1.0.tgz#93e3582bc0e5426586d9d07b79ee40fc841de4ae" + integrity sha512-/+5VFTchJDoVj3bhoqi6UeymcD00DAwb1nJwamzPvHEszJ4FpF6SNNbUbOS8yI56qHzdV8eK0qEfOSiodkTdxg== + postcss-modules-extract-imports@^2.0.0: version "2.0.0" resolved "https://registry.yarnpkg.com/postcss-modules-extract-imports/-/postcss-modules-extract-imports-2.0.0.tgz#818719a1ae1da325f9832446b01136eeb493cd7e" @@ -5886,6 +6066,14 @@ rimraf@^3.0.2: dependencies: glob "^7.1.3" +ripemd160@=2.0.1: + version "2.0.1" + resolved "https://registry.yarnpkg.com/ripemd160/-/ripemd160-2.0.1.tgz#0f4584295c53a3628af7e6d79aca21ce57d1c6e7" + integrity sha512-J7f4wutN8mdbV08MJnXibYpCOPHR+yzy+iQ/AsjMv2j8cLavQ8VGagDFUwwTAdF8FmRKVeNpbTTEwNHCW1g94w== + dependencies: + hash-base "^2.0.0" + inherits "^2.0.1" + ripemd160@^2.0.0, ripemd160@^2.0.1: version "2.0.2" resolved "https://registry.yarnpkg.com/ripemd160/-/ripemd160-2.0.2.tgz#a1c1a6f624751577ba5d07914cbc92850585890c" @@ -6037,6 +6225,18 @@ set-blocking@^2.0.0: resolved "https://registry.yarnpkg.com/set-blocking/-/set-blocking-2.0.0.tgz#045f9782d011ae9a6803ddd382b24392b3d890f7" integrity sha1-BF+XgtARrppoA93TgrJDkrPYkPc= +set-function-length@^1.2.2: + version "1.2.2" + resolved "https://registry.yarnpkg.com/set-function-length/-/set-function-length-1.2.2.tgz#aac72314198eaed975cf77b2c3b6b880695e5449" + integrity sha512-pgRc4hJ4/sNjWCSS9AmnS40x3bNMDTknHgL5UaMBTMyJnU90EgWh1Rz+MC9eFu4BuN/UwZjKQuY/1v3rM7HMfg== + dependencies: + define-data-property "^1.1.4" + es-errors "^1.3.0" + function-bind "^1.1.2" + get-intrinsic "^1.2.4" + gopd "^1.0.1" + has-property-descriptors "^1.0.2" + set-value@^2.0.0, set-value@^2.0.1: version "2.0.1" resolved "https://registry.yarnpkg.com/set-value/-/set-value-2.0.1.tgz#a18d40530e6f07de4228c7defe4227af8cad005b" @@ -6052,7 +6252,7 @@ setimmediate@^1.0.4: resolved "https://registry.yarnpkg.com/setimmediate/-/setimmediate-1.0.5.tgz#290cbb232e306942d7d7ea9b83732ab7856f8285" integrity sha1-KQy7Iy4waULX1+qbg3Mqt4VvgoU= -sha.js@^2.4.0, sha.js@^2.4.8: +sha.js@^2.4.0, sha.js@^2.4.11, sha.js@^2.4.8: version "2.4.11" resolved "https://registry.yarnpkg.com/sha.js/-/sha.js-2.4.11.tgz#37a5cf0b81ecbc6943de109ba2960d1b26584ae7" integrity sha512-QMEp5B7cftE7APOjk5Y6xgrbWu+WkLVQwk8JNjZ8nKRciZaByEW6MubieAiToS7+dwvrjGhH8jRXz3MVd0AYqQ== @@ -6592,6 +6792,15 @@ to-arraybuffer@^1.0.0: resolved "https://registry.yarnpkg.com/to-arraybuffer/-/to-arraybuffer-1.0.1.tgz#7d229b1fcc637e466ca081180836a7aabff83f43" integrity sha1-fSKbH8xjfkZsoIEYCDanqr/4P0M= +to-buffer@^1.2.0: + version "1.2.1" + resolved "https://registry.yarnpkg.com/to-buffer/-/to-buffer-1.2.1.tgz#2ce650cdb262e9112a18e65dc29dcb513c8155e0" + integrity sha512-tB82LpAIWjhLYbqjx3X4zEeHN6M8CiuOEy2JY8SEQVdYRe3CCHOFaqrBW1doLDrfpWhplcW7BL+bO3/6S3pcDQ== + dependencies: + isarray "^2.0.5" + safe-buffer "^5.2.1" + typed-array-buffer "^1.0.3" + to-fast-properties@^1.0.3: version "1.0.3" resolved "https://registry.yarnpkg.com/to-fast-properties/-/to-fast-properties-1.0.3.tgz#b83571fa4d8c25b82e231b06e3a3055de4ca1a47" @@ -6698,6 +6907,15 @@ type-fest@^0.8.1: resolved "https://registry.yarnpkg.com/type-fest/-/type-fest-0.8.1.tgz#09e249ebde851d3b1e48d27c105444667f17b83d" integrity sha512-4dbzIzqvjtgiM5rw1k5rEHtBANKmdudhGyBEajN01fEyhaAIhsoKNy6y7+IN93IfpFtwY9iqi7kD+xwKhQsNJA== +typed-array-buffer@^1.0.3: + version "1.0.3" + resolved "https://registry.yarnpkg.com/typed-array-buffer/-/typed-array-buffer-1.0.3.tgz#a72395450a4869ec033fd549371b47af3a2ee536" + integrity sha512-nAYYwfY3qnzX30IkA6AQZjVbtK6duGontcQm1WSG1MD94YLqK0515GNApXkoxKOWMusVssAHWLh9SeaoefYFGw== + dependencies: + call-bound "^1.0.3" + es-errors "^1.3.0" + is-typed-array "^1.1.14" + typedarray-to-buffer@^3.1.5: version "3.1.5" resolved "https://registry.yarnpkg.com/typedarray-to-buffer/-/typedarray-to-buffer-3.1.5.tgz#a97ee7a9ff42691b9f783ff1bc5112fe3fca9080" @@ -7024,6 +7242,19 @@ which-module@^2.0.0: resolved "https://registry.yarnpkg.com/which-module/-/which-module-2.0.0.tgz#d9ef07dce77b9902b8a3a8fa4b31c3e3f7e6e87a" integrity sha1-2e8H3Od7mQK4o6j6SzHD4/fm6Ho= +which-typed-array@^1.1.16: + version "1.1.19" + resolved "https://registry.yarnpkg.com/which-typed-array/-/which-typed-array-1.1.19.tgz#df03842e870b6b88e117524a4b364b6fc689f956" + integrity sha512-rEvr90Bck4WZt9HHFC4DJMsjvu7x+r6bImz0/BrbWb7A2djJ8hnZMrWnHo9F8ssv0OMErasDhftrfROTyqSDrw== + dependencies: + available-typed-arrays "^1.0.7" + call-bind "^1.0.8" + call-bound "^1.0.4" + for-each "^0.3.5" + get-proto "^1.0.1" + gopd "^1.2.0" + has-tostringtag "^1.0.2" + which@^1.2.14, which@^1.2.9, which@^1.3.1: version "1.3.1" resolved "https://registry.yarnpkg.com/which/-/which-1.3.1.tgz#a45043d54f5805316da8d62f9f50918d3da70b0a" From 30dfa9e3dea282138100384b10c1b33a98302747 Mon Sep 17 00:00:00 2001 From: aitor422 Date: Wed, 25 Jun 2025 13:32:14 +0200 Subject: [PATCH 149/175] added CDMon DNS provider --- global/certbot-dns-plugins.json | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/global/certbot-dns-plugins.json b/global/certbot-dns-plugins.json index 1f98eaea0..9bde9577b 100644 --- a/global/certbot-dns-plugins.json +++ b/global/certbot-dns-plugins.json @@ -55,6 +55,14 @@ "credentials": "# Bunny API token used by Certbot (see https://dash.bunny.net/account/settings)\ndns_bunny_api_key = xxxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxxxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxx", "full_plugin_name": "dns-bunny" }, + "cdmon": { + "name": "cdmon", + "package_name": "certbot-dns-cdmon", + "version": "~=0.4.1", + "dependencies": "", + "credentials": "dns_cdmon_api_key=your-cdmon-api-token\ndns_cdmon_domain=your_domain_is_optional", + "full_plugin_name": "dns-cdmon" + }, "cloudflare": { "name": "Cloudflare", "package_name": "certbot-dns-cloudflare", From a573450bb8cea3924c158ccee4913b4a58d56d41 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 30 Jun 2025 00:54:38 +0000 Subject: [PATCH 150/175] Bump axios from 1.7.7 to 1.10.0 in /test Bumps [axios](https://github.com/axios/axios) from 1.7.7 to 1.10.0. - [Release notes](https://github.com/axios/axios/releases) - [Changelog](https://github.com/axios/axios/blob/v1.x/CHANGELOG.md) - [Commits](https://github.com/axios/axios/compare/v1.7.7...v1.10.0) --- updated-dependencies: - dependency-name: axios dependency-version: 1.10.0 dependency-type: indirect ... Signed-off-by: dependabot[bot] --- test/yarn.lock | 17 ++++------------- 1 file changed, 4 insertions(+), 13 deletions(-) diff --git a/test/yarn.lock b/test/yarn.lock index e03a70eb3..9b9d86fe7 100644 --- a/test/yarn.lock +++ b/test/yarn.lock @@ -422,19 +422,10 @@ aws4@^1.8.0: resolved "https://registry.yarnpkg.com/aws4/-/aws4-1.9.0.tgz#24390e6ad61386b0a747265754d2a17219de862c" integrity sha512-Uvq6hVe90D0B2WEnUqtdgY1bATGz3mw33nH9Y+dmA+w5DHvUmBgkr5rM/KCHpCsiFNRUfokW/szpPPgMK2hm4A== -axios@^1.7.7: - version "1.7.7" - resolved "https://registry.yarnpkg.com/axios/-/axios-1.7.7.tgz#2f554296f9892a72ac8d8e4c5b79c14a91d0a47f" - integrity sha512-S4kL7XrjgBmvdGut0sN3yJxqYzrDOnivkBiN0OFs6hLiUam3UPvswUo0kqGyhqUZGEOytHyumEdXsAkgCOUf3Q== - dependencies: - follow-redirects "^1.15.6" - form-data "^4.0.0" - proxy-from-env "^1.1.0" - -axios@^1.7.9: - version "1.9.0" - resolved "https://registry.yarnpkg.com/axios/-/axios-1.9.0.tgz#25534e3b72b54540077d33046f77e3b8d7081901" - integrity sha512-re4CqKTJaURpzbLHtIi6XpDv20/CnpXOtjRY5/CU32L8gU8ek9UIivcfvSWvmKEngmVbrUtPpdDwWDWL7DNHvg== +axios@^1.7.7, axios@^1.7.9: + version "1.10.0" + resolved "https://registry.yarnpkg.com/axios/-/axios-1.10.0.tgz#af320aee8632eaf2a400b6a1979fa75856f38d54" + integrity sha512-/1xYAC4MP/HEG+3duIhFr4ZQXR4sQXOIe+o6sdqzeykGLx6Upp/1p8MHqhINOvGeP7xyNHe7tsiJByc4SSVUxw== dependencies: follow-redirects "^1.15.6" form-data "^4.0.0" From 9a96fbb5f4cd779497b3b6675223a5a1105a7baa Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 30 Jun 2025 00:56:15 +0000 Subject: [PATCH 151/175] Bump vite from 5.4.14 to 5.4.19 in /docs --- updated-dependencies: - dependency-name: vite dependency-version: 5.4.19 dependency-type: indirect ... Signed-off-by: dependabot[bot] --- docs/yarn.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/docs/yarn.lock b/docs/yarn.lock index 2adc44fd4..c95905f68 100644 --- a/docs/yarn.lock +++ b/docs/yarn.lock @@ -1065,9 +1065,9 @@ vfile@^6.0.0: vfile-message "^4.0.0" vite@^5.4.8: - version "5.4.14" - resolved "https://registry.yarnpkg.com/vite/-/vite-5.4.14.tgz#ff8255edb02134df180dcfca1916c37a6abe8408" - integrity sha512-EK5cY7Q1D8JNhSaPKVK4pwBFvaTmZxEnoKXLG/U9gmdDcihQGNzFlgIvaxezFR4glP1LsuiedwMBqCXH3wZccA== + version "5.4.19" + resolved "https://registry.yarnpkg.com/vite/-/vite-5.4.19.tgz#20efd060410044b3ed555049418a5e7d1998f959" + integrity sha512-qO3aKv3HoQC8QKiNSTuUM1l9o/XX3+c+VTgLHbJWHZGeTPVAg2XwazI9UWzoxjIJCGCV2zU60uqMzjeLZuULqA== dependencies: esbuild "^0.21.3" postcss "^8.4.43" From d0ec8e89aaf5987950adda6794be177cdbcc6ed3 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 30 Jun 2025 00:56:57 +0000 Subject: [PATCH 152/175] Bump elliptic from 6.6.0 to 6.6.1 in /frontend Bumps [elliptic](https://github.com/indutny/elliptic) from 6.6.0 to 6.6.1. - [Commits](https://github.com/indutny/elliptic/compare/v6.6.0...v6.6.1) --- updated-dependencies: - dependency-name: elliptic dependency-version: 6.6.1 dependency-type: indirect ... Signed-off-by: dependabot[bot] --- frontend/yarn.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/frontend/yarn.lock b/frontend/yarn.lock index a0b363144..a7eca950b 100644 --- a/frontend/yarn.lock +++ b/frontend/yarn.lock @@ -2709,9 +2709,9 @@ electron-to-chromium@^1.3.47: integrity sha512-67V62Z4CFOiAtox+o+tosGfVk0QX4DJgH609tjT8QymbJZVAI/jWnAthnr8c5hnRNziIRwkc9EMQYejiVz3/9Q== elliptic@^6.5.3, elliptic@^6.5.4: - version "6.6.0" - resolved "https://registry.yarnpkg.com/elliptic/-/elliptic-6.6.0.tgz#5919ec723286c1edf28685aa89261d4761afa210" - integrity sha512-dpwoQcLc/2WLQvJvLRHKZ+f9FgOdjnq11rurqwekGQygGPsYSK29OMMD2WalatiqQ+XGFDglTNixpPfI+lpaAA== + version "6.6.1" + resolved "https://registry.yarnpkg.com/elliptic/-/elliptic-6.6.1.tgz#3b8ffb02670bf69e382c7f65bf524c97c5405c06" + integrity sha512-RaddvvMatK2LJHqFJ+YA4WysVN5Ita9E35botqIYspQ4TkRAlCicdzKOjlyv/1Za5RyTNn7di//eEV0uTAfe3g== dependencies: bn.js "^4.11.9" brorand "^1.1.0" From ec81f2489a387a2ac1b9d9a17322202a7e055b83 Mon Sep 17 00:00:00 2001 From: Jamie Curnow Date: Mon, 30 Jun 2025 11:10:45 +1000 Subject: [PATCH 153/175] Add cypress test to list streams --- test/cypress/e2e/api/Streams.cy.js | 12 ++++++++++++ 1 file changed, 12 insertions(+) diff --git a/test/cypress/e2e/api/Streams.cy.js b/test/cypress/e2e/api/Streams.cy.js index 9de43157e..fce04101b 100644 --- a/test/cypress/e2e/api/Streams.cy.js +++ b/test/cypress/e2e/api/Streams.cy.js @@ -210,4 +210,16 @@ describe('Streams', () => { }); }); + it('Should be able to List Streams', function() { + cy.task('backendApiGet', { + token: token, + path: '/api/nginx/streams?expand=owner,certificate', + }).then((data) => { + cy.validateSwaggerSchema('get', 200, '/nginx/streams', data); + expect(data.length).to.be.greaterThan(0); + expect(data[0]).to.have.property('id'); + expect(data[0]).to.have.property('enabled'); + }); + }); + }); From 97dbbdd60fabd057055c354bf5cd7a95e5bd2f4e Mon Sep 17 00:00:00 2001 From: Jamie Curnow Date: Mon, 30 Jun 2025 13:00:25 +1000 Subject: [PATCH 154/175] Fix incorrect swagger for streams list --- backend/schema/components/stream-list.json | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/backend/schema/components/stream-list.json b/backend/schema/components/stream-list.json index 39789b4a7..b6e8b6d44 100644 --- a/backend/schema/components/stream-list.json +++ b/backend/schema/components/stream-list.json @@ -1,7 +1,7 @@ { "type": "array", - "description": "Proxy Hosts list", + "description": "Streams list", "items": { - "$ref": "./proxy-host-object.json" + "$ref": "./stream-object.json" } } From ccd69c88676c36ad4f6a6560b69e3a5a4ce18863 Mon Sep 17 00:00:00 2001 From: jc21 Date: Mon, 30 Jun 2025 13:52:07 +1000 Subject: [PATCH 155/175] Update certbot-dns-plugins.json --- global/certbot-dns-plugins.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/global/certbot-dns-plugins.json b/global/certbot-dns-plugins.json index d0f993ab1..65e45f3af 100644 --- a/global/certbot-dns-plugins.json +++ b/global/certbot-dns-plugins.json @@ -103,7 +103,7 @@ "credentials": "dns_corenetworks_username = asaHB12r\ndns_corenetworks_password = secure_password", "full_plugin_name": "dns-corenetworks" }, - "cpanel": { + "cpanel": { "name": "cPanel", "package_name": "certbot-dns-cpanel", "version": "~=0.4.0", From 9758c12ca3a08351e3d2a249ae995f23220438b4 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 30 Jun 2025 03:55:09 +0000 Subject: [PATCH 156/175] Bump brace-expansion from 1.1.11 to 1.1.12 in /backend Bumps [brace-expansion](https://github.com/juliangruber/brace-expansion) from 1.1.11 to 1.1.12. - [Release notes](https://github.com/juliangruber/brace-expansion/releases) - [Commits](https://github.com/juliangruber/brace-expansion/compare/1.1.11...v1.1.12) --- updated-dependencies: - dependency-name: brace-expansion dependency-version: 1.1.12 dependency-type: indirect ... Signed-off-by: dependabot[bot] --- backend/yarn.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/backend/yarn.lock b/backend/yarn.lock index cea8210bc..bae734b43 100644 --- a/backend/yarn.lock +++ b/backend/yarn.lock @@ -492,9 +492,9 @@ boxen@^4.2.0: widest-line "^3.1.0" brace-expansion@^1.1.7: - version "1.1.11" - resolved "https://registry.yarnpkg.com/brace-expansion/-/brace-expansion-1.1.11.tgz#3c7fcbf529d87226f3d2f52b966ff5271eb441dd" - integrity sha512-iCuPHDFgrHX7H2vEI/5xpz07zSHB00TpugqhmYtVmMO6518mCuRMoOYFldEBl0g187ufozdaHgWKcYFb61qGiA== + version "1.1.12" + resolved "https://registry.yarnpkg.com/brace-expansion/-/brace-expansion-1.1.12.tgz#ab9b454466e5a8cc3a187beaad580412a9c5b843" + integrity sha512-9T9UjW3r0UW5c1Q7GTwllptXwhvYmEzFhzMfZ9H7FQWt+uZePjZPjBP/W1ZEyZ1twGWom5/56TF4lPcqjnDHcg== dependencies: balanced-match "^1.0.0" concat-map "0.0.1" From 0792fc07680aadc8416951616ff58079fb3fccbc Mon Sep 17 00:00:00 2001 From: cg-zhou Date: Mon, 30 Jun 2025 12:31:23 +0800 Subject: [PATCH 157/175] Remove unnecessary Promise.resolve() calls --- backend/index.js | 2 -- 1 file changed, 2 deletions(-) diff --git a/backend/index.js b/backend/index.js index 7e9a1842b..d334a7c2d 100644 --- a/backend/index.js +++ b/backend/index.js @@ -20,11 +20,9 @@ async function appStart () { logger.info('IP Ranges fetch is enabled'); return internalIpRanges.fetch().catch((err) => { logger.error('IP Ranges fetch failed, continuing anyway:', err.message); - return Promise.resolve(); }); } else { logger.info('IP Ranges fetch is disabled by environment variable'); - return Promise.resolve(); } }) .then(() => { From c58f3f3ec9ff5080bd61cceb9115fa24c5109aca Mon Sep 17 00:00:00 2001 From: Jamie Curnow Date: Tue, 1 Jul 2025 07:32:39 +1000 Subject: [PATCH 158/175] Bump version --- .version | 2 +- README.md | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/.version b/.version index ccc99d021..56beced9a 100644 --- a/.version +++ b/.version @@ -1 +1 @@ -2.12.3 +2.12.4 diff --git a/README.md b/README.md index 925aeb23d..905e83cfb 100644 --- a/README.md +++ b/README.md @@ -1,7 +1,7 @@



- + From 3735f3c11d0dc3d2447250829c20f3d09093c006 Mon Sep 17 00:00:00 2001 From: Jamie Curnow Date: Tue, 8 Jul 2025 09:44:10 +1000 Subject: [PATCH 159/175] Formating for ownership script --- .../s6-rc.d/prepare/30-ownership.sh | 24 +++++++++---------- 1 file changed, 12 insertions(+), 12 deletions(-) diff --git a/docker/rootfs/etc/s6-overlay/s6-rc.d/prepare/30-ownership.sh b/docker/rootfs/etc/s6-overlay/s6-rc.d/prepare/30-ownership.sh index 17bfa1a95..5632b91e0 100755 --- a/docker/rootfs/etc/s6-overlay/s6-rc.d/prepare/30-ownership.sh +++ b/docker/rootfs/etc/s6-overlay/s6-rc.d/prepare/30-ownership.sh @@ -27,15 +27,15 @@ chown -R "$PUID:$PGID" /etc/nginx/conf.d CERT_INIT_FLAG="/opt/certbot/.ownership_initialized" if [ ! -f "$CERT_INIT_FLAG" ]; then - # Prevents errors when installing python certbot plugins when non-root - chown "$PUID:$PGID" /opt/certbot /opt/certbot/bin - - # Handle all site-packages directories efficiently - find /opt/certbot/lib -type d -name "site-packages" | while read -r SITE_PACKAGES_DIR; do - chown -R "$PUID:$PGID" "$SITE_PACKAGES_DIR" - done - - # Create a flag file to skip this step on subsequent runs - touch "$CERT_INIT_FLAG" - chown "$PUID:$PGID" "$CERT_INIT_FLAG" -fi \ No newline at end of file + # Prevents errors when installing python certbot plugins when non-root + chown "$PUID:$PGID" /opt/certbot /opt/certbot/bin + + # Handle all site-packages directories efficiently + find /opt/certbot/lib -type d -name "site-packages" | while read -r SITE_PACKAGES_DIR; do + chown -R "$PUID:$PGID" "$SITE_PACKAGES_DIR" + done + + # Create a flag file to skip this step on subsequent runs + touch "$CERT_INIT_FLAG" + chown "$PUID:$PGID" "$CERT_INIT_FLAG" +fi From aade8b42fcde02423561c4114efd073f6c74b7ed Mon Sep 17 00:00:00 2001 From: jc21 Date: Tue, 8 Jul 2025 10:26:46 +1000 Subject: [PATCH 160/175] Revert "Update 'global/certbot-dns-plugins.json' to apply SSL certs for CloudFlare." --- global/certbot-dns-plugins.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/global/certbot-dns-plugins.json b/global/certbot-dns-plugins.json index 65e45f3af..3dd67cc8c 100644 --- a/global/certbot-dns-plugins.json +++ b/global/certbot-dns-plugins.json @@ -68,7 +68,7 @@ "package_name": "certbot-dns-cloudflare", "version": "=={{certbot-version}}", "dependencies": "cloudflare==4.0.* acme=={{certbot-version}}", - "credentials": "# Cloudflare API credentials used by Certbot\ndns_cloudflare_email = cloudflare@example.com\ndns_cloudflare_api_key = 0123456789abcdef0123456789abcdef01234", + "credentials": "# Cloudflare API token\ndns_cloudflare_api_token=0123456789abcdef0123456789abcdef01234567", "full_plugin_name": "dns-cloudflare" }, "cloudns": { From db9f25638f25386a821665116ce25e11c6350a99 Mon Sep 17 00:00:00 2001 From: Jamie Curnow Date: Tue, 8 Jul 2025 14:17:21 +1000 Subject: [PATCH 161/175] Update PR comments to highlight verification requirements --- Jenkinsfile | 15 ++++++++++----- 1 file changed, 10 insertions(+), 5 deletions(-) diff --git a/Jenkinsfile b/Jenkinsfile index 66ed7cb6a..af913c2e0 100644 --- a/Jenkinsfile +++ b/Jenkinsfile @@ -241,12 +241,17 @@ pipeline { } steps { script { - npmGithubPrComment("""Docker Image for build ${BUILD_NUMBER} is available on -[DockerHub](https://cloud.docker.com/repository/docker/nginxproxymanager/${IMAGE}-dev) -as `nginxproxymanager/${IMAGE}-dev:${BRANCH_LOWER}` + npmGithubPrComment("""Docker Image for build ${BUILD_NUMBER} is available on [DockerHub](https://cloud.docker.com/repository/docker/nginxproxymanager/${IMAGE}-dev): +``` +nginxproxymanager/${IMAGE}-dev:${BRANCH_LOWER} +``` -**Note:** ensure you backup your NPM instance before testing this image! Especially if there are database changes -**Note:** this is a different docker image namespace than the official image +> [!NOTE] +> Ensure you backup your NPM instance before testing this image! Especially if there are database changes. +> This is a different docker image namespace than the official image. + +> [!WARNING] +> Changes and additions to DNS Providers require verification by at least 2 members of the community! """, true) } } From 36e3449a56456f50b0b30ffadc4dfc604994bfe7 Mon Sep 17 00:00:00 2001 From: Jamie Curnow Date: Tue, 8 Jul 2025 17:14:20 +1000 Subject: [PATCH 162/175] Update cloudflare dependency --- global/certbot-dns-plugins.json | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/global/certbot-dns-plugins.json b/global/certbot-dns-plugins.json index 3dd67cc8c..f4793c7f7 100644 --- a/global/certbot-dns-plugins.json +++ b/global/certbot-dns-plugins.json @@ -56,18 +56,18 @@ "full_plugin_name": "dns-bunny" }, "cdmon": { - "name": "cdmon", - "package_name": "certbot-dns-cdmon", - "version": "~=0.4.1", - "dependencies": "", - "credentials": "dns_cdmon_api_key=your-cdmon-api-token\ndns_cdmon_domain=your_domain_is_optional", - "full_plugin_name": "dns-cdmon" - }, + "name": "cdmon", + "package_name": "certbot-dns-cdmon", + "version": "~=0.4.1", + "dependencies": "", + "credentials": "dns_cdmon_api_key=your-cdmon-api-token\ndns_cdmon_domain=your_domain_is_optional", + "full_plugin_name": "dns-cdmon" + }, "cloudflare": { "name": "Cloudflare", "package_name": "certbot-dns-cloudflare", "version": "=={{certbot-version}}", - "dependencies": "cloudflare==4.0.* acme=={{certbot-version}}", + "dependencies": "cloudflare~=4.3.1 acme=={{certbot-version}}", "credentials": "# Cloudflare API token\ndns_cloudflare_api_token=0123456789abcdef0123456789abcdef01234567", "full_plugin_name": "dns-cloudflare" }, From 817021a43df959d7285354a388fb1c24da0bc243 Mon Sep 17 00:00:00 2001 From: Jamie Curnow Date: Tue, 8 Jul 2025 17:32:23 +1000 Subject: [PATCH 163/175] Update s6 overlay --- docker/scripts/install-s6 | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docker/scripts/install-s6 b/docker/scripts/install-s6 index 5f3b73ec5..639c65dd6 100755 --- a/docker/scripts/install-s6 +++ b/docker/scripts/install-s6 @@ -8,7 +8,7 @@ BLUE='\E[1;34m' GREEN='\E[1;32m' RESET='\E[0m' -S6_OVERLAY_VERSION=3.2.0.2 +S6_OVERLAY_VERSION=3.2.1.0 TARGETPLATFORM=${1:-linux/amd64} # Determine the correct binary file for the architecture given From 70894e55b8f84a3728bf785d4a7460b0d99923a5 Mon Sep 17 00:00:00 2001 From: Jamie Curnow Date: Wed, 9 Jul 2025 09:36:57 +1000 Subject: [PATCH 164/175] Remove cloudflare dep for certbot plugin, tested --- global/certbot-dns-plugins.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/global/certbot-dns-plugins.json b/global/certbot-dns-plugins.json index f4793c7f7..9f8788096 100644 --- a/global/certbot-dns-plugins.json +++ b/global/certbot-dns-plugins.json @@ -67,7 +67,7 @@ "name": "Cloudflare", "package_name": "certbot-dns-cloudflare", "version": "=={{certbot-version}}", - "dependencies": "cloudflare~=4.3.1 acme=={{certbot-version}}", + "dependencies": "acme=={{certbot-version}}", "credentials": "# Cloudflare API token\ndns_cloudflare_api_token=0123456789abcdef0123456789abcdef01234567", "full_plugin_name": "dns-cloudflare" }, From ed1d90ee7ff521dee0088e952ce37b3c394be329 Mon Sep 17 00:00:00 2001 From: Jamie Curnow Date: Wed, 9 Jul 2025 11:34:19 +1000 Subject: [PATCH 165/175] Fix powerdns dns plugin install, deps are outrageously old ;( --- backend/lib/certbot.js | 16 +++++++++++----- global/certbot-dns-plugins.json | 5 ++++- 2 files changed, 15 insertions(+), 6 deletions(-) diff --git a/backend/lib/certbot.js b/backend/lib/certbot.js index eb1966dc7..0f4918835 100644 --- a/backend/lib/certbot.js +++ b/backend/lib/certbot.js @@ -11,7 +11,7 @@ const certbot = { /** * @param {array} pluginKeys */ - installPlugins: async function (pluginKeys) { + installPlugins: async (pluginKeys) => { let hasErrors = false; return new Promise((resolve, reject) => { @@ -21,7 +21,7 @@ const certbot = { } batchflow(pluginKeys).sequential() - .each((i, pluginKey, next) => { + .each((_i, pluginKey, next) => { certbot.installPlugin(pluginKey) .then(() => { next(); @@ -51,7 +51,7 @@ const certbot = { * @param {string} pluginKey * @returns {Object} */ - installPlugin: async function (pluginKey) { + installPlugin: async (pluginKey) => { if (typeof dnsPlugins[pluginKey] === 'undefined') { // throw Error(`Certbot plugin ${pluginKey} not found`); throw new error.ItemNotFoundError(pluginKey); @@ -63,8 +63,14 @@ const certbot = { plugin.version = plugin.version.replace(/{{certbot-version}}/g, CERTBOT_VERSION_REPLACEMENT); plugin.dependencies = plugin.dependencies.replace(/{{certbot-version}}/g, CERTBOT_VERSION_REPLACEMENT); - const cmd = '. /opt/certbot/bin/activate && pip install --no-cache-dir ' + plugin.dependencies + ' ' + plugin.package_name + plugin.version + ' ' + ' && deactivate'; - return utils.exec(cmd) + const opts = {}; + if (typeof plugin.env === 'object') { + // include process.env in opts + opts.env = Object.assign({}, process.env, plugin.env); + } + + const cmd = `. /opt/certbot/bin/activate && pip install --no-cache-dir ${plugin.dependencies} ${plugin.package_name}${plugin.version} && deactivate`; + return utils.exec(cmd, opts) .then((result) => { logger.complete(`Installed ${pluginKey}`); return result; diff --git a/global/certbot-dns-plugins.json b/global/certbot-dns-plugins.json index 9f8788096..87e1de607 100644 --- a/global/certbot-dns-plugins.json +++ b/global/certbot-dns-plugins.json @@ -477,7 +477,10 @@ "version": "~=0.2.1", "dependencies": "PyYAML==5.3.1", "credentials": "dns_powerdns_api_url = https://api.mypowerdns.example.org\ndns_powerdns_api_key = AbCbASsd!@34", - "full_plugin_name": "dns-powerdns" + "full_plugin_name": "dns-powerdns", + "env": { + "SETUPTOOLS_USE_DISTUTILS": "stdlib" + } }, "regru": { "name": "reg.ru", From c97b8a339d7610677de7e7dda4a9b692d376d13b Mon Sep 17 00:00:00 2001 From: Jamie Curnow Date: Wed, 9 Jul 2025 11:34:57 +1000 Subject: [PATCH 166/175] Some auto formatting changes suggested by ide --- backend/lib/utils.js | 18 +++++++++--------- test/cypress/e2e/api/Certificates.cy.js | 6 +++--- test/cypress/e2e/api/Dashboard.cy.js | 2 +- test/cypress/e2e/api/FullCertProvision.cy.js | 4 ++-- test/cypress/e2e/api/Health.cy.js | 6 +++--- test/cypress/e2e/api/Ldap.cy.js | 6 +++--- test/cypress/e2e/api/OAuth.cy.js | 6 +++--- test/cypress/e2e/api/ProxyHosts.cy.js | 2 +- test/cypress/e2e/api/Settings.cy.js | 14 +++++++------- test/cypress/e2e/api/Streams.cy.js | 12 ++++++------ test/cypress/e2e/api/Users.cy.js | 6 +++--- 11 files changed, 41 insertions(+), 41 deletions(-) diff --git a/backend/lib/utils.js b/backend/lib/utils.js index bcdb3341c..66f2dfd95 100644 --- a/backend/lib/utils.js +++ b/backend/lib/utils.js @@ -1,13 +1,13 @@ const _ = require('lodash'); -const exec = require('child_process').exec; -const execFile = require('child_process').execFile; +const exec = require('node:child_process').exec; +const execFile = require('node:child_process').execFile; const { Liquid } = require('liquidjs'); const logger = require('../logger').global; const error = require('./error'); module.exports = { - exec: async function(cmd, options = {}) { + exec: async (cmd, options = {}) => { logger.debug('CMD:', cmd); const { stdout, stderr } = await new Promise((resolve, reject) => { @@ -31,11 +31,11 @@ module.exports = { * @param {Array} args * @returns {Promise} */ - execFile: function (cmd, args) { + execFile: (cmd, args) => { // logger.debug('CMD: ' + cmd + ' ' + (args ? args.join(' ') : '')); return new Promise((resolve, reject) => { - execFile(cmd, args, function (err, stdout, /*stderr*/) { + execFile(cmd, args, (err, stdout, /*stderr*/) => { if (err && typeof err === 'object') { reject(err); } else { @@ -51,7 +51,7 @@ module.exports = { * @param {Array} omissions * @returns {Function} */ - omitRow: function (omissions) { + omitRow: (omissions) => { /** * @param {Object} row * @returns {Object} @@ -67,7 +67,7 @@ module.exports = { * @param {Array} omissions * @returns {Function} */ - omitRows: function (omissions) { + omitRows: (omissions) => { /** * @param {Array} rows * @returns {Object} @@ -83,9 +83,9 @@ module.exports = { /** * @returns {Object} Liquid render engine */ - getRenderEngine: function () { + getRenderEngine: () => { const renderEngine = new Liquid({ - root: __dirname + '/../templates/' + root: `${__dirname}/../templates/` }); /** diff --git a/test/cypress/e2e/api/Certificates.cy.js b/test/cypress/e2e/api/Certificates.cy.js index 1e8a6fed4..9f47edcbf 100644 --- a/test/cypress/e2e/api/Certificates.cy.js +++ b/test/cypress/e2e/api/Certificates.cy.js @@ -10,7 +10,7 @@ describe('Certificates endpoints', () => { }); }); - it('Validate custom certificate', function() { + it('Validate custom certificate', () => { cy.task('backendApiPostFiles', { token: token, path: '/api/nginx/certificates/validate', @@ -25,7 +25,7 @@ describe('Certificates endpoints', () => { }); }); - it('Custom certificate lifecycle', function() { + it('Custom certificate lifecycle', () => { // Create custom cert cy.task('backendApiPost', { token: token, @@ -73,7 +73,7 @@ describe('Certificates endpoints', () => { }); }); - it('Request Certificate - CVE-2024-46256/CVE-2024-46257', function() { + it('Request Certificate - CVE-2024-46256/CVE-2024-46257', () => { cy.task('backendApiPost', { token: token, path: '/api/nginx/certificates', diff --git a/test/cypress/e2e/api/Dashboard.cy.js b/test/cypress/e2e/api/Dashboard.cy.js index 8fbb97155..62cb40e44 100644 --- a/test/cypress/e2e/api/Dashboard.cy.js +++ b/test/cypress/e2e/api/Dashboard.cy.js @@ -9,7 +9,7 @@ describe('Dashboard endpoints', () => { }); }); - it('Should be able to get host counts', function() { + it('Should be able to get host counts', () => { cy.task('backendApiGet', { token: token, path: '/api/reports/hosts' diff --git a/test/cypress/e2e/api/FullCertProvision.cy.js b/test/cypress/e2e/api/FullCertProvision.cy.js index 5ca5692cd..9c6a7d2d2 100644 --- a/test/cypress/e2e/api/FullCertProvision.cy.js +++ b/test/cypress/e2e/api/FullCertProvision.cy.js @@ -9,7 +9,7 @@ describe('Full Certificate Provisions', () => { }); }); - it('Should be able to create new http certificate', function() { + it('Should be able to create new http certificate', () => { cy.task('backendApiPost', { token: token, path: '/api/nginx/certificates', @@ -32,7 +32,7 @@ describe('Full Certificate Provisions', () => { }); }); - it('Should be able to create new DNS certificate with Powerdns', function() { + it('Should be able to create new DNS certificate with Powerdns', () => { cy.task('backendApiPost', { token: token, path: '/api/nginx/certificates', diff --git a/test/cypress/e2e/api/Health.cy.js b/test/cypress/e2e/api/Health.cy.js index 49881e97b..d3e3306d4 100644 --- a/test/cypress/e2e/api/Health.cy.js +++ b/test/cypress/e2e/api/Health.cy.js @@ -1,7 +1,7 @@ /// describe('Basic API checks', () => { - it('Should return a valid health payload', function () { + it('Should return a valid health payload', () => { cy.task('backendApiGet', { path: '/api/', }).then((data) => { @@ -10,9 +10,9 @@ describe('Basic API checks', () => { }); }); - it('Should return a valid schema payload', function () { + it('Should return a valid schema payload', () => { cy.task('backendApiGet', { - path: '/api/schema?ts=' + Date.now(), + path: `/api/schema?ts=${Date.now()}`, }).then((data) => { expect(data.openapi).to.be.equal('3.1.0'); }); diff --git a/test/cypress/e2e/api/Ldap.cy.js b/test/cypress/e2e/api/Ldap.cy.js index 6b7e5f76c..715c793be 100644 --- a/test/cypress/e2e/api/Ldap.cy.js +++ b/test/cypress/e2e/api/Ldap.cy.js @@ -1,12 +1,12 @@ /// describe('LDAP with Authentik', () => { - let token; + let _token; if (Cypress.env('skipStackCheck') === 'true' || Cypress.env('stack') === 'postgres') { before(() => { cy.getToken().then((tok) => { - token = tok; + _token = tok; // cy.task('backendApiPut', { // token: token, @@ -45,7 +45,7 @@ describe('LDAP with Authentik', () => { }); }); - it.skip('Should log in with LDAP', function() { + it.skip('Should log in with LDAP', () => { // cy.task('backendApiPost', { // token: token, // path: '/api/auth', diff --git a/test/cypress/e2e/api/OAuth.cy.js b/test/cypress/e2e/api/OAuth.cy.js index 044bb2757..c5c819f9b 100644 --- a/test/cypress/e2e/api/OAuth.cy.js +++ b/test/cypress/e2e/api/OAuth.cy.js @@ -1,12 +1,12 @@ /// describe('OAuth with Authentik', () => { - let token; + let _token; if (Cypress.env('skipStackCheck') === 'true' || Cypress.env('stack') === 'postgres') { before(() => { cy.getToken().then((tok) => { - token = tok; + _token = tok; // cy.task('backendApiPut', { // token: token, @@ -47,7 +47,7 @@ describe('OAuth with Authentik', () => { }); }); - it.skip('Should log in with OAuth', function() { + it.skip('Should log in with OAuth', () => { // cy.task('backendApiGet', { // path: '/oauth/login?redirect_base=' + encodeURI(Cypress.config('baseUrl')), // }).then((data) => { diff --git a/test/cypress/e2e/api/ProxyHosts.cy.js b/test/cypress/e2e/api/ProxyHosts.cy.js index 5bc645800..476945e79 100644 --- a/test/cypress/e2e/api/ProxyHosts.cy.js +++ b/test/cypress/e2e/api/ProxyHosts.cy.js @@ -9,7 +9,7 @@ describe('Proxy Hosts endpoints', () => { }); }); - it('Should be able to create a http host', function() { + it('Should be able to create a http host', () => { cy.task('backendApiPost', { token: token, path: '/api/nginx/proxy-hosts', diff --git a/test/cypress/e2e/api/Settings.cy.js b/test/cypress/e2e/api/Settings.cy.js index 6942760c7..fcaa0628e 100644 --- a/test/cypress/e2e/api/Settings.cy.js +++ b/test/cypress/e2e/api/Settings.cy.js @@ -9,7 +9,7 @@ describe('Settings endpoints', () => { }); }); - it('Get all settings', function() { + it('Get all settings', () => { cy.task('backendApiGet', { token: token, path: '/api/settings', @@ -19,7 +19,7 @@ describe('Settings endpoints', () => { }); }); - it('Get default-site setting', function() { + it('Get default-site setting', () => { cy.task('backendApiGet', { token: token, path: '/api/settings/default-site', @@ -30,7 +30,7 @@ describe('Settings endpoints', () => { }); }); - it('Default Site congratulations', function() { + it('Default Site congratulations', () => { cy.task('backendApiPut', { token: token, path: '/api/settings/default-site', @@ -46,7 +46,7 @@ describe('Settings endpoints', () => { }); }); - it('Default Site 404', function() { + it('Default Site 404', () => { cy.task('backendApiPut', { token: token, path: '/api/settings/default-site', @@ -62,7 +62,7 @@ describe('Settings endpoints', () => { }); }); - it('Default Site 444', function() { + it('Default Site 444', () => { cy.task('backendApiPut', { token: token, path: '/api/settings/default-site', @@ -78,7 +78,7 @@ describe('Settings endpoints', () => { }); }); - it('Default Site redirect', function() { + it('Default Site redirect', () => { cy.task('backendApiPut', { token: token, path: '/api/settings/default-site', @@ -100,7 +100,7 @@ describe('Settings endpoints', () => { }); }); - it('Default Site html', function() { + it('Default Site html', () => { cy.task('backendApiPut', { token: token, path: '/api/settings/default-site', diff --git a/test/cypress/e2e/api/Streams.cy.js b/test/cypress/e2e/api/Streams.cy.js index fce04101b..e38f9dba8 100644 --- a/test/cypress/e2e/api/Streams.cy.js +++ b/test/cypress/e2e/api/Streams.cy.js @@ -33,7 +33,7 @@ describe('Streams', () => { cy.exec('rm -f /test/results/testssl.json'); }); - it('Should be able to create TCP Stream', function() { + it('Should be able to create TCP Stream', () => { cy.task('backendApiPost', { token: token, path: '/api/nginx/streams', @@ -65,7 +65,7 @@ describe('Streams', () => { }); }); - it('Should be able to create UDP Stream', function() { + it('Should be able to create UDP Stream', () => { cy.task('backendApiPost', { token: token, path: '/api/nginx/streams', @@ -92,7 +92,7 @@ describe('Streams', () => { }); }); - it('Should be able to create TCP/UDP Stream', function() { + it('Should be able to create TCP/UDP Stream', () => { cy.task('backendApiPost', { token: token, path: '/api/nginx/streams', @@ -124,7 +124,7 @@ describe('Streams', () => { }); }); - it('Should be able to create SSL TCP Stream', function() { + it('Should be able to create SSL TCP Stream', () => { let certID = 0; // Create custom cert @@ -184,7 +184,7 @@ describe('Streams', () => { cy.exec('/testssl/testssl.sh --quiet --add-ca="$(/bin/mkcert -CAROOT)/rootCA.pem" --jsonfile=/test/results/testssl.json website1.example.com:1503', { timeout: 120000, // 2 minutes }).then((result) => { - cy.task('log', '[testssl.sh] ' + result.stdout); + cy.task('log', `[testssl.sh] ${result.stdout}`); const allowedSeverities = ["INFO", "OK", "LOW", "MEDIUM"]; const ignoredIDs = [ @@ -210,7 +210,7 @@ describe('Streams', () => { }); }); - it('Should be able to List Streams', function() { + it('Should be able to List Streams', () => { cy.task('backendApiGet', { token: token, path: '/api/nginx/streams?expand=owner,certificate', diff --git a/test/cypress/e2e/api/Users.cy.js b/test/cypress/e2e/api/Users.cy.js index 06b183176..7307f87d0 100644 --- a/test/cypress/e2e/api/Users.cy.js +++ b/test/cypress/e2e/api/Users.cy.js @@ -9,7 +9,7 @@ describe('Users endpoints', () => { }); }); - it('Should be able to get yourself', function() { + it('Should be able to get yourself', () => { cy.task('backendApiGet', { token: token, path: '/api/users/me' @@ -20,7 +20,7 @@ describe('Users endpoints', () => { }); }); - it('Should be able to get all users', function() { + it('Should be able to get all users', () => { cy.task('backendApiGet', { token: token, path: '/api/users' @@ -30,7 +30,7 @@ describe('Users endpoints', () => { }); }); - it('Should be able to update yourself', function() { + it('Should be able to update yourself', () => { cy.task('backendApiPut', { token: token, path: '/api/users/me', From 5f54490d86fa79f2abccbdbcee3e01f656525959 Mon Sep 17 00:00:00 2001 From: Jamie Curnow Date: Wed, 9 Jul 2025 12:35:20 +1000 Subject: [PATCH 167/175] Set SETUPTOOLS_USE_DISTUTILS for all plugin installs, seems like they all need it. --- backend/lib/certbot.js | 9 +++++---- global/certbot-dns-plugins.json | 5 +---- 2 files changed, 6 insertions(+), 8 deletions(-) diff --git a/backend/lib/certbot.js b/backend/lib/certbot.js index 0f4918835..96d947102 100644 --- a/backend/lib/certbot.js +++ b/backend/lib/certbot.js @@ -63,14 +63,15 @@ const certbot = { plugin.version = plugin.version.replace(/{{certbot-version}}/g, CERTBOT_VERSION_REPLACEMENT); plugin.dependencies = plugin.dependencies.replace(/{{certbot-version}}/g, CERTBOT_VERSION_REPLACEMENT); - const opts = {}; + // SETUPTOOLS_USE_DISTUTILS is required for certbot plugins to install correctly + // in new versions of Python + let env = Object.assign({}, process.env, {SETUPTOOLS_USE_DISTUTILS: 'stdlib'}); if (typeof plugin.env === 'object') { - // include process.env in opts - opts.env = Object.assign({}, process.env, plugin.env); + env = Object.assign(env, plugin.env); } const cmd = `. /opt/certbot/bin/activate && pip install --no-cache-dir ${plugin.dependencies} ${plugin.package_name}${plugin.version} && deactivate`; - return utils.exec(cmd, opts) + return utils.exec(cmd, {env}) .then((result) => { logger.complete(`Installed ${pluginKey}`); return result; diff --git a/global/certbot-dns-plugins.json b/global/certbot-dns-plugins.json index 87e1de607..9f8788096 100644 --- a/global/certbot-dns-plugins.json +++ b/global/certbot-dns-plugins.json @@ -477,10 +477,7 @@ "version": "~=0.2.1", "dependencies": "PyYAML==5.3.1", "credentials": "dns_powerdns_api_url = https://api.mypowerdns.example.org\ndns_powerdns_api_key = AbCbASsd!@34", - "full_plugin_name": "dns-powerdns", - "env": { - "SETUPTOOLS_USE_DISTUTILS": "stdlib" - } + "full_plugin_name": "dns-powerdns" }, "regru": { "name": "reg.ru", From 1357774f219d9617455731a23e3642910821de17 Mon Sep 17 00:00:00 2001 From: Jamie Curnow Date: Wed, 9 Jul 2025 13:14:27 +1000 Subject: [PATCH 168/175] Add SKIP_CERTBOT_OWNERSHIP env var support to skip certbot folder ownership --- docker/rootfs/etc/s6-overlay/s6-rc.d/prepare/30-ownership.sh | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/docker/rootfs/etc/s6-overlay/s6-rc.d/prepare/30-ownership.sh b/docker/rootfs/etc/s6-overlay/s6-rc.d/prepare/30-ownership.sh index 5632b91e0..1ec117e1b 100755 --- a/docker/rootfs/etc/s6-overlay/s6-rc.d/prepare/30-ownership.sh +++ b/docker/rootfs/etc/s6-overlay/s6-rc.d/prepare/30-ownership.sh @@ -28,7 +28,10 @@ CERT_INIT_FLAG="/opt/certbot/.ownership_initialized" if [ ! -f "$CERT_INIT_FLAG" ]; then # Prevents errors when installing python certbot plugins when non-root - chown "$PUID:$PGID" /opt/certbot /opt/certbot/bin + if [ "$SKIP_CERTBOT_OWNERSHIP" != "true" ]; then + log_info 'Changing ownership of /opt/certbot directories ...' + chown "$PUID:$PGID" /opt/certbot /opt/certbot/bin + fi # Handle all site-packages directories efficiently find /opt/certbot/lib -type d -name "site-packages" | while read -r SITE_PACKAGES_DIR; do From 1710a263c06c69ee51242a10f55221a247508c9c Mon Sep 17 00:00:00 2001 From: Jamie Curnow Date: Wed, 9 Jul 2025 13:15:15 +1000 Subject: [PATCH 169/175] Bump version --- .version | 2 +- README.md | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/.version b/.version index 56beced9a..dcb27a75e 100644 --- a/.version +++ b/.version @@ -1 +1 @@ -2.12.4 +2.12.5 diff --git a/README.md b/README.md index 905e83cfb..3f7c21781 100644 --- a/README.md +++ b/README.md @@ -1,7 +1,7 @@



- + From 9a0383bc730b85e365e737deef8a8e2bed981cec Mon Sep 17 00:00:00 2001 From: Jamie Curnow Date: Wed, 9 Jul 2025 16:30:45 +1000 Subject: [PATCH 170/175] Move SKIP_CERTBOT_OWNERSHIP check around the entire certbot code --- .../rootfs/etc/s6-overlay/s6-rc.d/prepare/30-ownership.sh | 8 +++----- 1 file changed, 3 insertions(+), 5 deletions(-) diff --git a/docker/rootfs/etc/s6-overlay/s6-rc.d/prepare/30-ownership.sh b/docker/rootfs/etc/s6-overlay/s6-rc.d/prepare/30-ownership.sh index 1ec117e1b..05cbddeab 100755 --- a/docker/rootfs/etc/s6-overlay/s6-rc.d/prepare/30-ownership.sh +++ b/docker/rootfs/etc/s6-overlay/s6-rc.d/prepare/30-ownership.sh @@ -26,12 +26,10 @@ chown -R "$PUID:$PGID" /etc/nginx/conf.d # Certbot directories - optimized approach CERT_INIT_FLAG="/opt/certbot/.ownership_initialized" -if [ ! -f "$CERT_INIT_FLAG" ]; then +if [ ! -f "$CERT_INIT_FLAG" ] || [ "$SKIP_CERTBOT_OWNERSHIP" != "true" ]; then # Prevents errors when installing python certbot plugins when non-root - if [ "$SKIP_CERTBOT_OWNERSHIP" != "true" ]; then - log_info 'Changing ownership of /opt/certbot directories ...' - chown "$PUID:$PGID" /opt/certbot /opt/certbot/bin - fi + log_info 'Changing ownership of /opt/certbot directories ...' + chown "$PUID:$PGID" /opt/certbot /opt/certbot/bin # Handle all site-packages directories efficiently find /opt/certbot/lib -type d -name "site-packages" | while read -r SITE_PACKAGES_DIR; do From ddbafb62a608fcc53293ee1920dc9e3db06ea565 Mon Sep 17 00:00:00 2001 From: Jamie Curnow Date: Wed, 9 Jul 2025 16:33:50 +1000 Subject: [PATCH 171/175] bump version --- .version | 2 +- README.md | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/.version b/.version index dcb27a75e..e4643748f 100644 --- a/.version +++ b/.version @@ -1 +1 @@ -2.12.5 +2.12.6 diff --git a/README.md b/README.md index 3f7c21781..2116a55ae 100644 --- a/README.md +++ b/README.md @@ -1,7 +1,7 @@



- + From 304b38e82ba64234ec1953d048c7fc429e06f0ba Mon Sep 17 00:00:00 2001 From: Jamie Curnow Date: Wed, 9 Jul 2025 18:19:07 +1000 Subject: [PATCH 172/175] Fix ownership if statement --- docker/rootfs/etc/s6-overlay/s6-rc.d/prepare/30-ownership.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docker/rootfs/etc/s6-overlay/s6-rc.d/prepare/30-ownership.sh b/docker/rootfs/etc/s6-overlay/s6-rc.d/prepare/30-ownership.sh index 05cbddeab..4ecd11da5 100755 --- a/docker/rootfs/etc/s6-overlay/s6-rc.d/prepare/30-ownership.sh +++ b/docker/rootfs/etc/s6-overlay/s6-rc.d/prepare/30-ownership.sh @@ -26,7 +26,7 @@ chown -R "$PUID:$PGID" /etc/nginx/conf.d # Certbot directories - optimized approach CERT_INIT_FLAG="/opt/certbot/.ownership_initialized" -if [ ! -f "$CERT_INIT_FLAG" ] || [ "$SKIP_CERTBOT_OWNERSHIP" != "true" ]; then +if [ ! -f "$CERT_INIT_FLAG" ] && [ "$SKIP_CERTBOT_OWNERSHIP" != "true" ]; then # Prevents errors when installing python certbot plugins when non-root log_info 'Changing ownership of /opt/certbot directories ...' chown "$PUID:$PGID" /opt/certbot /opt/certbot/bin From 4f9df893c80b59d07d2602bb55314e7eefa7bbc1 Mon Sep 17 00:00:00 2001 From: Jamie Curnow Date: Wed, 9 Jul 2025 20:30:27 +1000 Subject: [PATCH 173/175] Ownership script shakeup - Don't touch a file to determine if we need to run - Instead, check ownership of each location and skip it if we are happy - Keeping SKIP_CERTBOT_OWNERSHIP flag - More vebose logging of outcomes --- .../s6-rc.d/prepare/30-ownership.sh | 72 ++++++++++++------- 1 file changed, 45 insertions(+), 27 deletions(-) diff --git a/docker/rootfs/etc/s6-overlay/s6-rc.d/prepare/30-ownership.sh b/docker/rootfs/etc/s6-overlay/s6-rc.d/prepare/30-ownership.sh index 4ecd11da5..ee6b7dbe0 100755 --- a/docker/rootfs/etc/s6-overlay/s6-rc.d/prepare/30-ownership.sh +++ b/docker/rootfs/etc/s6-overlay/s6-rc.d/prepare/30-ownership.sh @@ -8,35 +8,53 @@ log_info 'Setting ownership ...' # root chown root /tmp/nginx -# npm user and group -chown -R "$PUID:$PGID" /data -chown -R "$PUID:$PGID" /etc/letsencrypt -chown -R "$PUID:$PGID" /run/nginx -chown -R "$PUID:$PGID" /tmp/nginx -chown -R "$PUID:$PGID" /var/cache/nginx -chown -R "$PUID:$PGID" /var/lib/logrotate -chown -R "$PUID:$PGID" /var/lib/nginx -chown -R "$PUID:$PGID" /var/log/nginx - -# Don't chown entire /etc/nginx folder as this causes crashes on some systems -chown -R "$PUID:$PGID" /etc/nginx/nginx -chown -R "$PUID:$PGID" /etc/nginx/nginx.conf -chown -R "$PUID:$PGID" /etc/nginx/conf.d - -# Certbot directories - optimized approach -CERT_INIT_FLAG="/opt/certbot/.ownership_initialized" - -if [ ! -f "$CERT_INIT_FLAG" ] && [ "$SKIP_CERTBOT_OWNERSHIP" != "true" ]; then - # Prevents errors when installing python certbot plugins when non-root - log_info 'Changing ownership of /opt/certbot directories ...' - chown "$PUID:$PGID" /opt/certbot /opt/certbot/bin +locations=( + "/data" + "/etc/letsencrypt" + "/run/nginx" + "/tmp/nginx" + "/var/cache/nginx" + "/var/lib/logrotate" + "/var/lib/nginx" + "/var/log/nginx" + "/etc/nginx/nginx" + "/etc/nginx/nginx.conf" + "/etc/nginx/conf.d" +) + +chownit() { + local dir="$1" + local recursive="${2:-true}" + + local have + have="$(stat -c '%u:%g' "$dir")" + echo -n " $dir ... " + + if [ "$have" != "$PUID:$PGID" ]; then + if [ "$recursive" = 'true' ] && [ -d "$dir" ]; then + chown -R "$PUID:$PGID" "$dir" + else + chown "$PUID:$PGID" "$dir" + fi + echo "DONE" + else + echo "SKIPPED" + fi +} + +for loc in "${locations[@]}"; do + chownit "$loc" +done + +if [ "${SKIP_CERTBOT_OWNERSHIP:-}" != "true" ]; then + log_info 'Changing ownership of certbot directories, this may take some time ...' + chownit "/opt/certbot" false + chownit "/opt/certbot/bin" false # Handle all site-packages directories efficiently find /opt/certbot/lib -type d -name "site-packages" | while read -r SITE_PACKAGES_DIR; do - chown -R "$PUID:$PGID" "$SITE_PACKAGES_DIR" + chownit "$SITE_PACKAGES_DIR" done - - # Create a flag file to skip this step on subsequent runs - touch "$CERT_INIT_FLAG" - chown "$PUID:$PGID" "$CERT_INIT_FLAG" +else + log_info 'Skipping ownership change of certbot directories' fi From a23dc2402150a045b2e1be2ceb37cceb4b802d11 Mon Sep 17 00:00:00 2001 From: Jamie Curnow Date: Wed, 9 Jul 2025 21:01:21 +1000 Subject: [PATCH 174/175] Tweak ownership output --- docker/rootfs/etc/s6-overlay/s6-rc.d/prepare/30-ownership.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docker/rootfs/etc/s6-overlay/s6-rc.d/prepare/30-ownership.sh b/docker/rootfs/etc/s6-overlay/s6-rc.d/prepare/30-ownership.sh index ee6b7dbe0..24906e43e 100755 --- a/docker/rootfs/etc/s6-overlay/s6-rc.d/prepare/30-ownership.sh +++ b/docker/rootfs/etc/s6-overlay/s6-rc.d/prepare/30-ownership.sh @@ -28,7 +28,7 @@ chownit() { local have have="$(stat -c '%u:%g' "$dir")" - echo -n " $dir ... " + echo -n "- $dir ... " if [ "$have" != "$PUID:$PGID" ]; then if [ "$recursive" = 'true' ] && [ -d "$dir" ]; then From 54d463ac3656f85f63451b229f8e6a25601f7dcc Mon Sep 17 00:00:00 2001 From: Jamie Curnow Date: Wed, 9 Jul 2025 21:27:50 +1000 Subject: [PATCH 175/175] Safer and flexible boolean env vars --- .../etc/s6-overlay/s6-rc.d/prepare/30-ownership.sh | 12 ++++++------ .../etc/s6-overlay/s6-rc.d/prepare/40-dynamic.sh | 5 +---- .../rootfs/etc/s6-overlay/s6-rc.d/prepare/50-ipv6.sh | 5 +---- docker/rootfs/usr/bin/common.sh | 10 ++++++++++ 4 files changed, 18 insertions(+), 14 deletions(-) diff --git a/docker/rootfs/etc/s6-overlay/s6-rc.d/prepare/30-ownership.sh b/docker/rootfs/etc/s6-overlay/s6-rc.d/prepare/30-ownership.sh index 24906e43e..fa9465189 100755 --- a/docker/rootfs/etc/s6-overlay/s6-rc.d/prepare/30-ownership.sh +++ b/docker/rootfs/etc/s6-overlay/s6-rc.d/prepare/30-ownership.sh @@ -28,7 +28,7 @@ chownit() { local have have="$(stat -c '%u:%g' "$dir")" - echo -n "- $dir ... " + echo "- $dir ... " if [ "$have" != "$PUID:$PGID" ]; then if [ "$recursive" = 'true' ] && [ -d "$dir" ]; then @@ -36,9 +36,9 @@ chownit() { else chown "$PUID:$PGID" "$dir" fi - echo "DONE" + echo " DONE" else - echo "SKIPPED" + echo " SKIPPED" fi } @@ -46,7 +46,9 @@ for loc in "${locations[@]}"; do chownit "$loc" done -if [ "${SKIP_CERTBOT_OWNERSHIP:-}" != "true" ]; then +if [ "$(is_true "${SKIP_CERTBOT_OWNERSHIP:-}")" = '1' ]; then + log_info 'Skipping ownership change of certbot directories' +else log_info 'Changing ownership of certbot directories, this may take some time ...' chownit "/opt/certbot" false chownit "/opt/certbot/bin" false @@ -55,6 +57,4 @@ if [ "${SKIP_CERTBOT_OWNERSHIP:-}" != "true" ]; then find /opt/certbot/lib -type d -name "site-packages" | while read -r SITE_PACKAGES_DIR; do chownit "$SITE_PACKAGES_DIR" done -else - log_info 'Skipping ownership change of certbot directories' fi diff --git a/docker/rootfs/etc/s6-overlay/s6-rc.d/prepare/40-dynamic.sh b/docker/rootfs/etc/s6-overlay/s6-rc.d/prepare/40-dynamic.sh index 0cb9f1264..e02f41ca1 100755 --- a/docker/rootfs/etc/s6-overlay/s6-rc.d/prepare/40-dynamic.sh +++ b/docker/rootfs/etc/s6-overlay/s6-rc.d/prepare/40-dynamic.sh @@ -5,12 +5,9 @@ set -e log_info 'Dynamic resolvers ...' -DISABLE_IPV6=$(echo "${DISABLE_IPV6:-}" | tr '[:upper:]' '[:lower:]') - # Dynamically generate resolvers file, if resolver is IPv6, enclose in `[]` # thanks @tfmm -if [ "$DISABLE_IPV6" == "true" ] || [ "$DISABLE_IPV6" == "on" ] || [ "$DISABLE_IPV6" == "1" ] || [ "$DISABLE_IPV6" == "yes" ]; -then +if [ "$(is_true "$DISABLE_IPV6")" = '1' ]; then echo resolver "$(awk 'BEGIN{ORS=" "} $1=="nameserver" { sub(/%.*$/,"",$2); print ($2 ~ ":")? "["$2"]": $2}' /etc/resolv.conf) ipv6=off valid=10s;" > /etc/nginx/conf.d/include/resolvers.conf else echo resolver "$(awk 'BEGIN{ORS=" "} $1=="nameserver" { sub(/%.*$/,"",$2); print ($2 ~ ":")? "["$2"]": $2}' /etc/resolv.conf) valid=10s;" > /etc/nginx/conf.d/include/resolvers.conf diff --git a/docker/rootfs/etc/s6-overlay/s6-rc.d/prepare/50-ipv6.sh b/docker/rootfs/etc/s6-overlay/s6-rc.d/prepare/50-ipv6.sh index 0c4d261ce..2ae61ae55 100755 --- a/docker/rootfs/etc/s6-overlay/s6-rc.d/prepare/50-ipv6.sh +++ b/docker/rootfs/etc/s6-overlay/s6-rc.d/prepare/50-ipv6.sh @@ -8,14 +8,11 @@ set -e log_info 'IPv6 ...' -# Lowercase -DISABLE_IPV6=$(echo "${DISABLE_IPV6:-}" | tr '[:upper:]' '[:lower:]') - process_folder () { FILES=$(find "$1" -type f -name "*.conf") SED_REGEX= - if [ "$DISABLE_IPV6" == "true" ] || [ "$DISABLE_IPV6" == "on" ] || [ "$DISABLE_IPV6" == "1" ] || [ "$DISABLE_IPV6" == "yes" ]; then + if [ "$(is_true "$DISABLE_IPV6")" = '1' ]; then # IPV6 is disabled echo "Disabling IPV6 in hosts in: $1" SED_REGEX='s/^([^#]*)listen \[::\]/\1#listen [::]/g' diff --git a/docker/rootfs/usr/bin/common.sh b/docker/rootfs/usr/bin/common.sh index 13cf06acd..46529870a 100644 --- a/docker/rootfs/usr/bin/common.sh +++ b/docker/rootfs/usr/bin/common.sh @@ -56,3 +56,13 @@ get_group_id () { getent group "$1" | cut -d: -f3 fi } + +# param $1: value +is_true () { + VAL=$(echo "${1:-}" | tr '[:upper:]' '[:lower:]') + if [ "$VAL" == 'true' ] || [ "$VAL" == 'on' ] || [ "$VAL" == '1' ] || [ "$VAL" == 'yes' ]; then + echo '1' + else + echo '0' + fi +}