From 2e77117b7c6bb681786be0c8f36cbcd22b08e006 Mon Sep 17 00:00:00 2001 From: Prachit Date: Sat, 26 Oct 2024 20:12:59 +0530 Subject: [PATCH 01/18] feat(csv): add sensitive data check for .csv and .xlsx files --- .gitignore | 1 + package-lock.json | 111 ++++++++++++++- package.json | 2 + src/proxy/chain.js | 4 +- .../push-action/checkSensitiveData.js | 131 ++++++++++++++++++ src/proxy/processors/push-action/getDiff.js | 1 + src/proxy/processors/push-action/index.js | 1 + test/CheckSensitive.test.js | 59 ++++++++ test/CreateExcel.js | 24 ++++ test/chain.test.js | 9 ++ test/test_data/sensitive_data.csv | 3 + test/test_data/sensitive_data2.xlsx | Bin 0 -> 16196 bytes 12 files changed, 344 insertions(+), 2 deletions(-) create mode 100644 src/proxy/processors/push-action/checkSensitiveData.js create mode 100644 test/CheckSensitive.test.js create mode 100644 test/CreateExcel.js create mode 100644 test/test_data/sensitive_data.csv create mode 100644 test/test_data/sensitive_data2.xlsx diff --git a/.gitignore b/.gitignore index 1849589c4..b398dc87e 100644 --- a/.gitignore +++ b/.gitignore @@ -11,6 +11,7 @@ yarn-debug.log* yarn-error.log* lerna-debug.log* package-lock.json +/git-proxy-test # Diagnostic reports (https://nodejs.org/api/report.html) diff --git a/package-lock.json b/package-lock.json index 51e24d1a0..de2d0a738 100644 --- a/package-lock.json +++ b/package-lock.json @@ -24,6 +24,7 @@ "concurrently": "^8.0.0", "connect-mongo": "^5.1.0", "cors": "^2.8.5", + "csv-parser": "^3.0.0", "diff2html": "^3.4.33", "express": "^4.18.2", "express-http-proxy": "^2.0.0", @@ -47,6 +48,7 @@ "react-html-parser": "^2.0.2", "react-router-dom": "6.26.2", "uuid": "^10.0.0", + "xlsx": "^0.18.5", "yargs": "^17.7.2" }, "bin": { @@ -3766,6 +3768,14 @@ "node": ">=4.0" } }, + "node_modules/adler-32": { + "version": "1.3.1", + "resolved": "https://registry.npmjs.org/adler-32/-/adler-32-1.3.1.tgz", + "integrity": "sha512-ynZ4w/nUUv5rrsR8UUGoe1VC9hZj6V5hU9Qw1HlMDJGEJw5S7TfTErWTjMys6M7vr0YWcPqs3qAr4ss0nDfP+A==", + "engines": { + "node": ">=0.8" + } + }, "node_modules/aggregate-error": { "version": "3.1.0", "resolved": "https://registry.npmjs.org/aggregate-error/-/aggregate-error-3.1.0.tgz", @@ -4534,6 +4544,18 @@ "integrity": "sha512-4tYFyifaFfGacoiObjJegolkwSU4xQNGbVgUiNYVUxbQ2x2lUsFvY4hVgVzGiIe6WLOPqycWXA40l+PWsxthUw==", "dev": true }, + "node_modules/cfb": { + "version": "1.2.2", + "resolved": "https://registry.npmjs.org/cfb/-/cfb-1.2.2.tgz", + "integrity": "sha512-KfdUZsSOw19/ObEWasvBP/Ac4reZvAGauZhs6S/gqNhXhI7cKwvlH7ulj+dOEYnca4bm4SGo8C1bTAQvnTjgQA==", + "dependencies": { + "adler-32": "~1.3.0", + "crc-32": "~1.2.0" + }, + "engines": { + "node": ">=0.8" + } + }, "node_modules/chai": { "version": "4.5.0", "resolved": "https://registry.npmjs.org/chai/-/chai-4.5.0.tgz", @@ -4867,6 +4889,14 @@ "node": ">=6" } }, + "node_modules/codepage": { + "version": "1.15.0", + "resolved": "https://registry.npmjs.org/codepage/-/codepage-1.15.0.tgz", + "integrity": "sha512-3g6NUTPd/YtuuGrhMnOMRjFc+LJw/bnMp3+0r/Wcz3IXUuCosKRJvMphm5+Q+bvTVGcJJuRvVLuYba+WojaFaA==", + "engines": { + "node": ">=0.8" + } + }, "node_modules/color-convert": { "version": "1.9.3", "resolved": "https://registry.npmjs.org/color-convert/-/color-convert-1.9.3.tgz", @@ -5218,6 +5248,17 @@ "typescript": ">=4" } }, + "node_modules/crc-32": { + "version": "1.2.2", + "resolved": "https://registry.npmjs.org/crc-32/-/crc-32-1.2.2.tgz", + "integrity": "sha512-ROmzCKrTnOwybPcJApAA6WBWij23HVfGVNKqqrZpuyZOHqK2CwHSvpGuyt/UNNvaIjEd8X5IFGp4Mh+Ie1IHJQ==", + "bin": { + "crc32": "bin/crc32.njs" + }, + "engines": { + "node": ">=0.8" + } + }, "node_modules/cross-spawn": { "version": "7.0.3", "resolved": "https://registry.npmjs.org/cross-spawn/-/cross-spawn-7.0.3.tgz", @@ -5245,6 +5286,20 @@ "resolved": "https://registry.npmjs.org/csstype/-/csstype-2.6.21.tgz", "integrity": "sha512-Z1PhmomIfypOpoMjRQB70jfvy/wxT50qW08YXO5lMIJkrdq4yOTR+AW7FqutScmB9NkLwxo+jU+kZLbofZZq/w==" }, + "node_modules/csv-parser": { + "version": "3.0.0", + "resolved": "https://registry.npmjs.org/csv-parser/-/csv-parser-3.0.0.tgz", + "integrity": "sha512-s6OYSXAK3IdKqYO33y09jhypG/bSDHPuyCme/IdEHfWpLf/jKcpitVFyOC6UemgGk8v7Q5u2XE0vvwmanxhGlQ==", + "dependencies": { + "minimist": "^1.2.0" + }, + "bin": { + "csv-parser": "bin/csv-parser" + }, + "engines": { + "node": ">= 10" + } + }, "node_modules/cypress": { "version": "13.14.2", "resolved": "https://registry.npmjs.org/cypress/-/cypress-13.14.2.tgz", @@ -7241,6 +7296,14 @@ "node": ">= 0.6" } }, + "node_modules/frac": { + "version": "1.1.2", + "resolved": "https://registry.npmjs.org/frac/-/frac-1.1.2.tgz", + "integrity": "sha512-w/XBfkibaTl3YDqASwfDUqkna4Z2p9cFSr1aHDt0WoMTECnRfBOv2WArlZILlqgWlmdIlALXGpM2AOhEk5W3IA==", + "engines": { + "node": ">=0.8" + } + }, "node_modules/fresh": { "version": "0.5.2", "resolved": "https://registry.npmjs.org/fresh/-/fresh-0.5.2.tgz", @@ -9689,7 +9752,6 @@ "version": "1.2.8", "resolved": "https://registry.npmjs.org/minimist/-/minimist-1.2.8.tgz", "integrity": "sha512-2yyAR8qBkN3YuheJanUpWC5U3bb5osDywNB8RzDVlDwDHbocAJveqqj1u8+SVD7jkWT4yvsHCpWqqWqAxb0zCA==", - "dev": true, "funding": { "url": "https://github.com/sponsors/ljharb" } @@ -11983,6 +12045,17 @@ "integrity": "sha512-D9cPgkvLlV3t3IzL0D0YLvGA9Ahk4PcvVwUbN0dSGr1aP0Nrt4AEnTUbuGvquEC0mA64Gqt1fzirlRs5ibXx8g==", "dev": true }, + "node_modules/ssf": { + "version": "0.11.2", + "resolved": "https://registry.npmjs.org/ssf/-/ssf-0.11.2.tgz", + "integrity": "sha512-+idbmIXoYET47hH+d7dfm2epdOMUDjqcB4648sTZ+t2JwoyBFL/insLfB/racrDmsKB3diwsDA696pZMieAC5g==", + "dependencies": { + "frac": "~1.1.2" + }, + "engines": { + "node": ">=0.8" + } + }, "node_modules/sshpk": { "version": "1.18.0", "resolved": "https://registry.npmjs.org/sshpk/-/sshpk-1.18.0.tgz", @@ -13076,6 +13149,22 @@ "url": "https://github.com/sponsors/ljharb" } }, + "node_modules/wmf": { + "version": "1.0.2", + "resolved": "https://registry.npmjs.org/wmf/-/wmf-1.0.2.tgz", + "integrity": "sha512-/p9K7bEh0Dj6WbXg4JG0xvLQmIadrner1bi45VMJTfnbVHsc7yIajZyoSoK60/dtVBs12Fm6WkUI5/3WAVsNMw==", + "engines": { + "node": ">=0.8" + } + }, + "node_modules/word": { + "version": "0.3.0", + "resolved": "https://registry.npmjs.org/word/-/word-0.3.0.tgz", + "integrity": "sha512-OELeY0Q61OXpdUfTp+oweA/vtLVg5VDOXh+3he3PNzLGG/y0oylSOC1xRVj0+l4vQ3tj/bB1HVHv1ocXkQceFA==", + "engines": { + "node": ">=0.8" + } + }, "node_modules/workerpool": { "version": "6.5.1", "resolved": "https://registry.npmjs.org/workerpool/-/workerpool-6.5.1.tgz", @@ -13217,6 +13306,26 @@ "typedarray-to-buffer": "^3.1.5" } }, + "node_modules/xlsx": { + "version": "0.18.5", + "resolved": "https://registry.npmjs.org/xlsx/-/xlsx-0.18.5.tgz", + "integrity": "sha512-dmg3LCjBPHZnQp5/F/+nnTa+miPJxUXB6vtk42YjBBKayDNagxGEeIdWApkYPOf3Z3pm3k62Knjzp7lMeTEtFQ==", + "dependencies": { + "adler-32": "~1.3.0", + "cfb": "~1.2.1", + "codepage": "~1.15.0", + "crc-32": "~1.2.1", + "ssf": "~0.11.2", + "wmf": "~1.0.1", + "word": "~0.3.0" + }, + "bin": { + "xlsx": "bin/xlsx.njs" + }, + "engines": { + "node": ">=0.8" + } + }, "node_modules/y18n": { "version": "5.0.8", "resolved": "https://registry.npmjs.org/y18n/-/y18n-5.0.8.tgz", diff --git a/package.json b/package.json index f4d6b4675..473bd225e 100644 --- a/package.json +++ b/package.json @@ -50,6 +50,7 @@ "concurrently": "^8.0.0", "connect-mongo": "^5.1.0", "cors": "^2.8.5", + "csv-parser": "^3.0.0", "diff2html": "^3.4.33", "express": "^4.18.2", "express-http-proxy": "^2.0.0", @@ -73,6 +74,7 @@ "react-html-parser": "^2.0.2", "react-router-dom": "6.26.2", "uuid": "^10.0.0", + "xlsx": "^0.18.5", "yargs": "^17.7.2" }, "devDependencies": { diff --git a/src/proxy/chain.js b/src/proxy/chain.js index 11e6ae106..332e53793 100644 --- a/src/proxy/chain.js +++ b/src/proxy/chain.js @@ -9,12 +9,14 @@ const pushActionChain = [ proc.push.checkIfWaitingAuth, proc.push.pullRemote, proc.push.writePack, - proc.push.getDiff, + proc.push.getDiff, + proc.push.checkSensitiveData, //checkSensitiveData added proc.push.clearBareClone, proc.push.scanDiff, proc.push.blockForAuth, ]; + const pullActionChain = [proc.push.checkRepoInAuthorisedList]; let pluginsInserted = false; diff --git a/src/proxy/processors/push-action/checkSensitiveData.js b/src/proxy/processors/push-action/checkSensitiveData.js new file mode 100644 index 000000000..a33614e19 --- /dev/null +++ b/src/proxy/processors/push-action/checkSensitiveData.js @@ -0,0 +1,131 @@ +const fs = require('fs'); +const csv = require('csv-parser'); +const XLSX = require('xlsx'); +const path = require('path'); +const { exec: getDiffExec } = require('./getDiff'); + +// Function to check for sensitive data patterns +const checkForSensitiveData = (cell) => { + const sensitivePatterns = [ + /\d{3}-\d{2}-\d{4}/, // Social Security Number (SSN) + /\b\d{16}\b/, // Credit card numbers + /\b\d{5}-\d{4}\b/, // ZIP+4 codes + // Add more patterns as needed + ]; + return sensitivePatterns.some(pattern => { + if (pattern.test(String(cell))) { + console.log(`\x1b[31mDetected sensitive data: ${cell}\x1b[0m`); // Log the detected sensitive data in red + return true; + } + return false; + }); +}; + +// Function to process CSV files +const processCSV = async (filePath) => { + return new Promise((resolve, reject) => { + let sensitiveDataFound = false; + + fs.createReadStream(filePath) + .pipe(csv()) + .on('data', (row) => { + for (const [key, value] of Object.entries(row)) { + if (checkForSensitiveData(value)) { + console.log(`\x1b[33mSensitive data found in CSV: ${key}: ${value}\x1b[0m`); // Log in yellow + sensitiveDataFound = true; + } + } + }) + .on('end', () => { + if (!sensitiveDataFound) { + console.log('No sensitive data found in CSV.'); + } + resolve(sensitiveDataFound); // Resolve with the flag indicating if sensitive data was found + }) + .on('error', (err) => { + console.error(`Error reading CSV file: ${err.message}`); + reject(err); // Reject the promise on error + }); + }); +}; + +// Function to process XLSX files +const processXLSX = async (filePath) => { + return new Promise((resolve, reject) => { + let sensitiveDataFound = false; + + try { + const workbook = XLSX.readFile(filePath); + const sheetName = workbook.SheetNames[0]; + const sheet = workbook.Sheets[sheetName]; + const jsonData = XLSX.utils.sheet_to_json(sheet); + + jsonData.forEach((row) => { + for (const [key, value] of Object.entries(row)) { + if (checkForSensitiveData(value)) { + console.log(`\x1b[33mSensitive data found in XLSX: ${key}: ${value}\x1b[0m`); // Log in yellow + sensitiveDataFound = true; + } + } + }); + + if (!sensitiveDataFound) { + console.log('No sensitive data found in XLSX.'); + } + resolve(sensitiveDataFound); // Resolve with the flag indicating if sensitive data was found + } catch (error) { + console.error(`Error reading XLSX file: ${error.message}`); + reject(error); // Reject the promise on error + } + }); +}; + +// Function to parse the file based on its extension +const parseFile = async (filePath) => { + const ext = path.extname(filePath).toLowerCase(); + + switch (ext) { + case '.csv': + return await processCSV(filePath); + case '.xlsx': + return await processXLSX(filePath); + default: + console.log(`Unsupported file type: ${ext} for file: ${filePath}`); + return false; // Indicate that no sensitive data was found for unsupported types + } +}; + +// Async exec function to handle actions +const exec = async (req, action) => { + // getDiffExec(req, action); // Call to getDiffExec if necessary + + const diffStep = action.steps.find((s) => s.stepName === 'diff'); + + if (diffStep && diffStep.content) { + console.log('Diff content:', diffStep.content); + + const filePaths = diffStep.content.filePaths || []; + + if (filePaths.length > 0) { + // Check for sensitive data in all files + const sensitiveDataFound = await Promise.all(filePaths.map(parseFile)); + const anySensitiveDataDetected = sensitiveDataFound.some(found => found); // Check if any file reported sensitive data + + if (anySensitiveDataDetected) { + action.pushBlocked = true; // Block the push + action.error = true; // Set error flag + action.errorMessage = 'Your push has been blocked due to sensitive data detection.'; // Set error message + console.log(action.errorMessage); + } + } else { + console.log('No file paths provided in the diff step.'); + } + } else { + console.log('No diff content available.'); + } + + return action; // Returning action for testing purposes +}; + +exec.displayName = 'logFileChanges.exec'; +exports.exec = exec; diff --git a/src/proxy/processors/push-action/getDiff.js b/src/proxy/processors/push-action/getDiff.js index 4344810b9..ed508ab9d 100644 --- a/src/proxy/processors/push-action/getDiff.js +++ b/src/proxy/processors/push-action/getDiff.js @@ -1,6 +1,7 @@ const child = require('child_process'); const Step = require('../../actions').Step; + const exec = async (req, action) => { const step = new Step('diff'); diff --git a/src/proxy/processors/push-action/index.js b/src/proxy/processors/push-action/index.js index 72a97b33c..927fd06f9 100644 --- a/src/proxy/processors/push-action/index.js +++ b/src/proxy/processors/push-action/index.js @@ -11,3 +11,4 @@ exports.checkCommitMessages = require('./checkCommitMessages').exec; exports.checkAuthorEmails = require('./checkAuthorEmails').exec; exports.checkUserPushPermission = require('./checkUserPushPermission').exec; exports.clearBareClone = require('./clearBareClone').exec; +exports.checkSensitiveData = require('./checkSensitiveData').exec; \ No newline at end of file diff --git a/test/CheckSensitive.test.js b/test/CheckSensitive.test.js new file mode 100644 index 000000000..2e4c84211 --- /dev/null +++ b/test/CheckSensitive.test.js @@ -0,0 +1,59 @@ +const path = require('path'); +const { exec } = require('../src/proxy/processors/push-action/checkSensitiveData.js'); // Adjust path as necessary +const sinon = require('sinon'); + +describe('Sensitive Data Detection', () => { + let logStub; + + beforeEach(() => { + logStub = sinon.stub(console, 'log'); // Stub console.log before each test + }); + + afterEach(() => { + logStub.restore(); // Restore console.log after each test + }); + + it('should detect sensitive data in CSV file and block execution', async () => { + // Set up the action with the correct file path + const action = { + steps: [{ + stepName: 'diff', + content: { + filePaths: [path.join(__dirname, 'test_data/sensitive_data.csv')] // Ensure this path is correct + } + }] + }; + + // Call exec with necessary parameters + await exec(null, action); // Ensure exec is awaited if it's a promise + + // Capture logged messages for debugging after exec execution + const loggedMessages = logStub.getCalls().map(call => call.args[0]); + console.log('Captured log messages for CSV:', loggedMessages); + + // Check if the blocking message is logged + sinon.assert.calledWith(logStub, sinon.match(/Your push has been blocked due to sensitive data detection/)); + }); + + it('should detect sensitive data in XLSX file and block execution', async () => { + // Set up the action with the correct file path for XLSX + const action = { + steps: [{ + stepName: 'diff', + content: { + filePaths: [path.join(__dirname, 'test_data/sensitive_data2.xlsx')] // Ensure this path is correct + } + }] + }; + + // Call exec with necessary parameters + await exec(null, action); // Ensure exec is awaited if it's a promise + + // Capture logged messages for debugging after exec execution + const loggedMessages = logStub.getCalls().map(call => call.args[0]); + console.log('Captured log messages for XLSX:', loggedMessages); + + // Check if the blocking message is logged + sinon.assert.calledWith(logStub, sinon.match(/Your push has been blocked due to sensitive data detection/)); + }); +}); diff --git a/test/CreateExcel.js b/test/CreateExcel.js new file mode 100644 index 000000000..be004b135 --- /dev/null +++ b/test/CreateExcel.js @@ -0,0 +1,24 @@ +const XLSX = require('xlsx'); +const fs = require('fs'); +const path = require('path'); + +// Example data with sensitive information +const data = [ + { Name: "John Doe", SSN: "123-45-6789", Email: "john@example.com" }, + { Name: "Jane Smith", SSN: "987-65-4321", Email: "jane@example.com" } +]; + +const worksheet = XLSX.utils.json_to_sheet(data); +const workbook = XLSX.utils.book_new(); +XLSX.utils.book_append_sheet(workbook, worksheet, "SensitiveData"); + +// Create the path to the test_data directory +const testDataPath = path.join(__dirname, 'test_data'); // Ensure this points to the correct directory + +// Create the test_data directory if it doesn't exist +if (!fs.existsSync(testDataPath)){ + fs.mkdirSync(testDataPath, { recursive: true }); // Using recursive to ensure all directories are created +} + +// Write the Excel file to the test_data directory +XLSX.writeFile(workbook, path.join(testDataPath, 'sensitive_data2.xlsx')); diff --git a/test/chain.test.js b/test/chain.test.js index 33d5750ac..97515fef2 100644 --- a/test/chain.test.js +++ b/test/chain.test.js @@ -1,6 +1,7 @@ const chai = require('chai'); const sinon = require('sinon'); const { PluginLoader } = require('../src/plugin'); +const { checkSensitiveData } = require('../src/proxy/processors/push-action'); chai.should(); const expect = chai.expect; @@ -25,6 +26,7 @@ const mockPushProcessors = { pullRemote: sinon.stub(), writePack: sinon.stub(), getDiff: sinon.stub(), + checkSensitiveData : sinon.stub(), clearBareClone: sinon.stub(), scanDiff: sinon.stub(), blockForAuth: sinon.stub(), @@ -39,6 +41,7 @@ mockPushProcessors.checkIfWaitingAuth.displayName = 'checkIfWaitingAuth'; mockPushProcessors.pullRemote.displayName = 'pullRemote'; mockPushProcessors.writePack.displayName = 'writePack'; mockPushProcessors.getDiff.displayName = 'getDiff'; +mockPushProcessors.checkSensitiveData.displayName = 'checkSensitiveData'; mockPushProcessors.clearBareClone.displayName = 'clearBareClone'; mockPushProcessors.scanDiff.displayName = 'scanDiff'; mockPushProcessors.blockForAuth.displayName = 'blockForAuth'; @@ -106,6 +109,7 @@ describe('proxy chain', function () { mockPushProcessors.checkCommitMessages.resolves(continuingAction); mockPushProcessors.checkAuthorEmails.resolves(continuingAction); mockPushProcessors.checkUserPushPermission.resolves(continuingAction); + mockPushProcessors.checkSensitiveData.resolves(continuingAction); // this stops the chain from further execution mockPushProcessors.checkIfWaitingAuth.resolves({ type: 'push', continue: () => false, allowPush: false }); @@ -120,6 +124,7 @@ describe('proxy chain', function () { expect(mockPushProcessors.checkIfWaitingAuth.called).to.be.true; expect(mockPushProcessors.pullRemote.called).to.be.false; expect(mockPushProcessors.audit.called).to.be.true; + expect(mockPushProcessors.checkSensitiveData.called).to.be.false; expect(result.type).to.equal('push'); expect(result.allowPush).to.be.false; @@ -135,6 +140,7 @@ describe('proxy chain', function () { mockPushProcessors.checkCommitMessages.resolves(continuingAction); mockPushProcessors.checkAuthorEmails.resolves(continuingAction); mockPushProcessors.checkUserPushPermission.resolves(continuingAction); + mockPushProcessors.checkSensitiveData.resolves(continuingAction); // this stops the chain from further execution mockPushProcessors.checkIfWaitingAuth.resolves({ type: 'push', continue: () => true, allowPush: true }); const result = await chain.executeChain(req); @@ -148,6 +154,7 @@ describe('proxy chain', function () { expect(mockPushProcessors.checkIfWaitingAuth.called).to.be.true; expect(mockPushProcessors.pullRemote.called).to.be.false; expect(mockPushProcessors.audit.called).to.be.true; + expect(mockPushProcessors.checkSensitiveData.called).to.be.false; expect(result.type).to.equal('push'); expect(result.allowPush).to.be.true; @@ -170,6 +177,7 @@ describe('proxy chain', function () { mockPushProcessors.clearBareClone.resolves(continuingAction); mockPushProcessors.scanDiff.resolves(continuingAction); mockPushProcessors.blockForAuth.resolves(continuingAction); + mockPushProcessors.checkSensitiveData.resolves(continuingAction); const result = await chain.executeChain(req); @@ -187,6 +195,7 @@ describe('proxy chain', function () { expect(mockPushProcessors.scanDiff.called).to.be.true; expect(mockPushProcessors.blockForAuth.called).to.be.true; expect(mockPushProcessors.audit.called).to.be.true; + expect(mockPushProcessors.checkSensitiveData.called).to.be.true; expect(result.type).to.equal('push'); expect(result.allowPush).to.be.false; diff --git a/test/test_data/sensitive_data.csv b/test/test_data/sensitive_data.csv new file mode 100644 index 000000000..d0381fa03 --- /dev/null +++ b/test/test_data/sensitive_data.csv @@ -0,0 +1,3 @@ +Name,SSN,Email +John Doe,123-45-6789,john@example.com +Jane Smith,987-65-4321,jane@example.com diff --git a/test/test_data/sensitive_data2.xlsx b/test/test_data/sensitive_data2.xlsx new file mode 100644 index 0000000000000000000000000000000000000000..3c9634cc7ee5f00e3e8bf7bbaeb8b19f615f1157 GIT binary patch literal 16196 zcmeHO*>5CA8FxrP(V{3sfP|2cS|br51-m_-vDbEN2YYO1FK;Z5cXJ>VYPxG?+U_ge zJw6g5B^wm2h(IEQ>j8-eq#z++r38_O@E7n7Pw=vvL=aG3ctPTU-&fUF_4JId5hxI^ zX1lxkyXw2@tD`qB-+j+##*)9E-Sy44e)F-hG5UQTjR&^=binOU-}i#umgntG960s_ zwJbb>J8h2#q2;-YmFmP~MdPmFnU>pGtX$h(AD^vgVZ>aM*`CW6D~CL+JhF7(xrHrm zvj|9G*YZORRNQc}(v2d2Ue`mT%N-U@cs_UWrtJj|i|`n9be|c!ti$!G$;lZV5@a+g zOA1ZxqPbWJE}GSfwteV>^U<`ucH1)es%P{Z?nWgnME}Ds=Mjjqpu?lZ3aLaig}S&@ zNjDX}T$rg*3KKy|JQGAb>f-;QGSo&XLl_;}uxP3c`8-So^^vkCTWs)%nJi+N6i(cd z$e}CFwzR1@`{eyMcmMo_u`&96S~`1Cm8bV|HZN#N|DI>Z@j^3T`-mRLmJaAJ%dKcG zbKt^{2?y1-h2fVLV&ZEy{J@PuYB21eNx{Pv41@-oH+QRa2@k`D9cX*ZhVNRg>Fsax z1NgJe!U!)GE0f}nJXlYW>}UXP4sTuj#dtA-xjQ9z2Ax*Qw7OoOJHMLJ7XWtD54X0q z)>x~i^aKDi4D?jWlBZc;pRKMWG;=`mwx4!ma(c3^!sqDM`edG4Sy`E$i)E2S1(3Y0 z_rcFj&eWHu6nFt7;ivoH>nqER#*6|lfF%4(AN>0HxtY2OFMztX8DU=&@zO#guzY0POFlzHWb{6G`diO`) z`O7a}D*;~)SSt^{Z8<#DuJV0t%X82-p%_(i-U?2JvE5~sg2B3=T|#;->MDR&51CyC zx58EBT@R2v$^akj?I^M~yFo9qN;qHcItt*1=h-V>P^y5-#4D%a?Vj5yXCCzOa9fP+ zmGN#cS268c&qvlwoKn$!qstXBH*MxdC_!8vY4pz9<-DYKPg<6u*A2@EywGb$+LM;H z!mLu2Y+EhGkuszUmIJ#Smh~B?R&=v*U0d<&vR<$9JrxoG!9=kl!#NGHZEh=Se3bPf z=9H1#W~g>@hPlF`ZkdqH!@$VHt%VUR-Ql*Ut(iOw%WxhG(BB;G%MAId)a)Dfp`$_u zk+oY!^9u94Jmjjk+vqaKFN1AbZZ{8mG2DfVGHugCvC$u-8=e{=^b9*Ncc8hiTU1GA zdE@9raLwu{B4rLjZ+bzASdVf~@!#g5-DX^58KiV2Q#+PBEN$Bs^0wsgQQBUtEMpKW z3!V#wWIYJ(LztphSCvi|0qL$l%XsC^BH!jnhFwGYm3U;8CZC? zE!%F=ocu~CYVQyOkhzXV!V}9XJe`R7UEES6gMk9q37Ejq0xx>pin`4%qXm?zm_~NO zm~WDdQ!l*_Bj?1ie zJ|>F3orYPJggQ32st`>iMTJ}1Wm2)2mqX=g*U*@16P1mIdI(yc!O|A7Mlr^0jzz3w z4xE^Uw3^(H*hF!!WkEhP$VYHBHL1uTbC~8E3^x7k1Q3Pq$ z<3}A%EGR+p?DRW%65s9lz(cvPR=%(4wNL5<4IAQg^T>xq=1j8 zrseH6H=?|;b1kGh`50$HuNU#4*){jImfZ`s7|aiyQh!V<#DawgXnMfv8fja+QgdsZ zY4U4Y0#3Fw+wZbCThi)G5^)k-xN0hcc*==~zLm-@I(PD}P{fa_D|t8mKkEt&2UtO< znPdS2i@O2SC{h+HUJ!LXWFfz68S4SYeUUrhEm)z&YbYNZDdHONJ-W)6lQcwFVYC4M*m^_vjW5B!i{M_ z-S)PSTQzJyNd0N>>T$|y@E}T%@~(xtM>a}lB2rSdadApoO9tx^S3xP?g0e}nZO(^zkI( zz~2mnceOn8Fut`zIp9jKqd5#g+U^!_YnFMC%s*01$Pkh{BuR-Zpb3o}Ek&%AO&V0h z7@kn&Xqh5U9gUn~2+l~^DY95lDFL5{3){ih{&CN1Pu(*%M!);y zc5o;*xoI=`^c%r~Mw7OykAK!7^aIXJajHPw4Hl;*=J${|Pj{%n^o-5G^TX@g*pv(5 zpKi}tccM@;yq*iHWI)-Z$qSvOn4YO<@+3yXGqD`-;4?ihdic&;-+JfUH}yMjy@HD- z+qzwOefP&VpM4JmN#K2ukXG7YK$YIAr@n4fr3Jjh8mU@!e?dBSH;$<;n`lG z2^+?fWZET{5Djb<#EaE!Y+TrfvRU9s$CM2+K*<{<2XVow1LcEM0E!}NSX#g+gi_yK z#{&&+bWbW=thhMbBDx^qj)2Cvby&r;QScRnb;1DOmKT^fOp`Z+Y+72dd7Io8Rb7{^ zk>}(8mKQ~ygB#Og9nWPpZuJBsz5!W-$JNynZH4whJ7-{wzoZ1RHQhp>_*T-B4@5st zP0~IyS?!=5Gh@DQA71S_EshOjI`Nc=ZsFDk5Y0YOGl_DPM3{}r?^aPhr4v1Obd7$+bq@jMvc@Z z5+SzC_F=E|UQ3Ro(TmKs>H7qB6$gY6Jl;Oln3UfPx>?5QFgO_YBGIz9bQSqyLEj@6 zj{#OxfM)Zm`o5vQU&Cn~JB84}F6Bu{MDmm>|9D+ z5NoJ#J0SKIet`W?lL9NEP(36?!CA0e_b)M*YfT3$zA2snTT#L0X3vk$Opn)V zQ&klXX3CS>0l6W<$m4R-E>;H{kK9}f0xy8Y@{g3DkPDg-0W61fScwd%h0mzoq34l6 zBRi{Ch^?=`F!th2#1;MSm$8*UFLwHnN~nx1q7Li;xwsHiPI8Wb?5oQoi+ZtAsGipY z%jn8eak5%CF#AuR9ha7Qh>_JYSb%Y>vUE<<7LvY-0wOnB;a%ZvoQ|KkvbwyvRnaiu zHhaF0RSs@mPmhhpD`bY}9}468IE==ZZOjp2Y4LEK**%Wk20UZ2q$9Q?w9vP$Xx$R) zCU}8xYj}3EYqh0|VAjdvK}2GThKA>e<8p!)3q$ygxHUW;(D5V?qOoKHX9(#*7yZ?h z4vVICFX{!Hz(~!7Zf1p))JSWWaD;N;z_jWSKSEn*(0YNjSb45xwpz1>X^gj7m5mYP?t_7-y6dRg(^v&Ml;R zE(GllFK+(+;$357^oxTwN&IK4%M&Ui3)+zlgNbCD0piQ#G&Z5y=vv|9@geMVOiaeO z*aw?5dPdeBr`(D}Ns|s587V^ME!>Dx(NxHZS4pmf5j-*Y#+t%5~UQG3{cTU^RiLg=3(>qR(*-8zi1ve zDj+pVLGVHqaodXUwZLQTO%~9CUhz5uY#_C1po{`jP%-8YxM?7uezx8Pm{t z{7Habov7-V1Jl}(GKD?}QM<(b+TY)w*slpO zP}5cQCpNB#H8(bHx%3&3L8~O{_ZL6^Gu(KKPi8Qmc5HFT%Yn0vPCsnXrMT=EJy;-av4}AnY%ad8ngIT){L*Cr137sa+JoU798^vALxN0s7g~;AP!W#s;oCB5FURodREHvx z#Gv+ajE>bV#h~_b4DOU;9E{VOa-98vIP|6*XU8w^%Z|?nbw<1@>;Dj(Xn+FHK1ee0 zs*KGL9N#QzEgvTIwp!Y z(22MeqDGnM$AL>hdJO(@e9wQRI66V7z!UV3kV7oi=f6=riwJ_)5e&1fo0A!NxZ1^j z&@j$v&6*SwC*z*DSYgg_EROJAQD&b-vn2)YFy3(Rq)s_A>kKcXh!7k;0HQICoU2w?jU9a{-p^5nNt=~i|hUw>Wg0#sA-_( zzcwyXDXws4RQ~iOK_zdkB64x1B}0Do%c%&-H{eC&;(|ejeD8#^d{9IzPWm#$=O_E8 tfJN+LEuUfEnaW`&!B|8uR-hTWQ!lMYH!pwu69jY)|DJ Date: Sat, 26 Oct 2024 21:57:12 +0530 Subject: [PATCH 02/18] feat(logging): add checks for .log and .json files --- .../push-action/checkSensitiveData.js | 156 ++++++++++++++++++ test/CheckSensitive.test.js | 89 ++++++++++ test/CreateExcel.js | 24 +++ test/test_data/sensitive_data.csv | 3 + test/test_data/sensitive_data2.xlsx | Bin 0 -> 16196 bytes test/test_data/sensitive_data4.json | 4 + 6 files changed, 276 insertions(+) create mode 100644 src/proxy/processors/push-action/checkSensitiveData.js create mode 100644 test/CheckSensitive.test.js create mode 100644 test/CreateExcel.js create mode 100644 test/test_data/sensitive_data.csv create mode 100644 test/test_data/sensitive_data2.xlsx create mode 100644 test/test_data/sensitive_data4.json diff --git a/src/proxy/processors/push-action/checkSensitiveData.js b/src/proxy/processors/push-action/checkSensitiveData.js new file mode 100644 index 000000000..c34ca4169 --- /dev/null +++ b/src/proxy/processors/push-action/checkSensitiveData.js @@ -0,0 +1,156 @@ +const fs = require('fs'); +const csv = require('csv-parser'); +const XLSX = require('xlsx'); +const path = require('path'); +const { exec: getDiffExec } = require('./getDiff'); + +// Function to check for sensitive data patterns +const checkForSensitiveData = (cell) => { + const sensitivePatterns = [ + /\d{3}-\d{2}-\d{4}/, // Social Security Number (SSN) + /\b\d{16}\b/, // Credit card numbers + /\b\d{5}-\d{4}\b/, // ZIP+4 codes + // Add more patterns as needed + ]; + return sensitivePatterns.some(pattern => { + if (pattern.test(String(cell))) { + console.log(`\x1b[31mDetected sensitive data: ${cell}\x1b[0m`); // Log the detected sensitive data in red + return true; + } + return false; + }); +}; + +// Function to process CSV files +const processCSV = async (filePath) => { + return new Promise((resolve, reject) => { + let sensitiveDataFound = false; + + fs.createReadStream(filePath) + .pipe(csv()) + .on('data', (row) => { + for (const [key, value] of Object.entries(row)) { + if (checkForSensitiveData(value)) { + console.log(`\x1b[33mSensitive data found in CSV: ${key}: ${value}\x1b[0m`); // Log in yellow + sensitiveDataFound = true; + } + } + }) + .on('end', () => { + if (!sensitiveDataFound) { + console.log('No sensitive data found in CSV.'); + } + resolve(sensitiveDataFound); // Resolve with the flag indicating if sensitive data was found + }) + .on('error', (err) => { + console.error(`Error reading CSV file: ${err.message}`); + reject(err); // Reject the promise on error + }); + }); +}; + +// Function to process XLSX files +const processXLSX = async (filePath) => { + return new Promise((resolve, reject) => { + let sensitiveDataFound = false; + + try { + const workbook = XLSX.readFile(filePath); + const sheetName = workbook.SheetNames[0]; + const sheet = workbook.Sheets[sheetName]; + const jsonData = XLSX.utils.sheet_to_json(sheet); + + jsonData.forEach((row) => { + for (const [key, value] of Object.entries(row)) { + if (checkForSensitiveData(value)) { + console.log(`\x1b[33mSensitive data found in XLSX: ${key}: ${value}\x1b[0m`); // Log in yellow + sensitiveDataFound = true; + } + } + }); + + if (!sensitiveDataFound) { + console.log('No sensitive data found in XLSX.'); + } + resolve(sensitiveDataFound); // Resolve with the flag indicating if sensitive data was found + } catch (error) { + console.error(`Error reading XLSX file: ${error.message}`); + reject(error); // Reject the promise on error + } + }); +}; + +// Function to check for sensitive data in .log and .json files +const checkLogJsonFiles = async (filePath) => { + return new Promise((resolve, reject) => { + let sensitiveDataFound = false; + + fs.readFile(filePath, 'utf8', (err, data) => { + if (err) { + console.error(`Error reading file ${filePath}: ${err.message}`); + return reject(err); + } + + if (checkForSensitiveData(data)) { + console.log(`\x1b[33mSensitive data found in ${filePath}\x1b[0m`); + sensitiveDataFound = true; + } + + resolve(sensitiveDataFound); + }); + }); +}; + +// Function to parse the file based on its extension +const parseFile = async (filePath) => { + const ext = path.extname(filePath).toLowerCase(); + + switch (ext) { + case '.csv': + return await processCSV(filePath); + case '.xlsx': + return await processXLSX(filePath); + case '.log': + return await checkLogJsonFiles(filePath); + case '.json': + return await checkLogJsonFiles(filePath); + default: + // Skip unsupported file types without logging + return false; // Indicate that no sensitive data was found for unsupported types + } +}; + +// Async exec function to handle actions +const exec = async (req, action) => { + // getDiffExec(req, action); // Call to getDiffExec if necessary + + const diffStep = action.steps.find((s) => s.stepName === 'diff'); + + if (diffStep && diffStep.content) { + console.log('Diff content:', diffStep.content); + + const filePaths = diffStep.content.filePaths || []; + + if (filePaths.length > 0) { + // Check for sensitive data in all files + const sensitiveDataFound = await Promise.all(filePaths.map(parseFile)); + const anySensitiveDataDetected = sensitiveDataFound.some(found => found); // Check if any file reported sensitive data + + if (anySensitiveDataDetected) { + action.pushBlocked = true; // Block the push + action.error = true; // Set error flag + action.errorMessage = 'Your push has been blocked due to sensitive data detection.'; // Set error message + console.log(action.errorMessage); + } + } else { + console.log('No file paths provided in the diff step.'); + } + } else { + console.log('No diff content available.'); + } + + return action; // Returning action for testing purposes +}; + +exec.displayName = 'logFileChanges.exec'; +exports.exec = exec; diff --git a/test/CheckSensitive.test.js b/test/CheckSensitive.test.js new file mode 100644 index 000000000..322b32f61 --- /dev/null +++ b/test/CheckSensitive.test.js @@ -0,0 +1,89 @@ +const path = require('path'); +const { exec } = require('../src/proxy/processors/push-action/checkSensitiveData.js'); // Adjust path as necessary +const sinon = require('sinon'); + +describe('Sensitive Data Detection', () => { + let logStub; + + beforeEach(() => { + logStub = sinon.stub(console, 'log'); // Stub console.log before each test + }); + + afterEach(() => { + logStub.restore(); // Restore console.log after each test + }); + + it('should detect sensitive data in CSV file and block execution', async () => { + const action = { + steps: [{ + stepName: 'diff', + content: { + filePaths: [path.join(__dirname, 'test_data/sensitive_data.csv')] // Ensure this path is correct + } + }] + }; + + await exec(null, action); + + const loggedMessages = logStub.getCalls().map(call => call.args[0]); + console.log('Captured log messages for CSV:', loggedMessages); + + sinon.assert.calledWith(logStub, sinon.match(/Your push has been blocked due to sensitive data detection/)); + }); + + it('should detect sensitive data in XLSX file and block execution', async () => { + const action = { + steps: [{ + stepName: 'diff', + content: { + filePaths: [path.join(__dirname, 'test_data/sensitive_data2.xlsx')] // Ensure this path is correct + } + }] + }; + + await exec(null, action); + + const loggedMessages = logStub.getCalls().map(call => call.args[0]); + console.log('Captured log messages for XLSX:', loggedMessages); + + sinon.assert.calledWith(logStub, sinon.match(/Your push has been blocked due to sensitive data detection/)); + }); + + it('should detect sensitive data in a log file and block execution', async () => { + const action = { + steps: [{ + stepName: 'diff', + content: { + filePaths: [path.join(__dirname, 'test_data/sensitive_data3.log')] // Ensure this path is correct + } + }] + }; + + await exec(null, action); + + const loggedMessages = logStub.getCalls().map(call => call.args[0]); + console.log('Captured log messages for log file:', loggedMessages); + + sinon.assert.calledWith(logStub, sinon.match(/Your push has been blocked due to sensitive data detection/)); + }); + + it('should detect sensitive data in a JSON file and block execution', async () => { + const action = { + steps: [{ + stepName: 'diff', + content: { + filePaths: [path.join(__dirname, 'test_data/sensitive_data4.json')] // Ensure this path is correct + } + }] + }; + + await exec(null, action); + + const loggedMessages = logStub.getCalls().map(call => call.args[0]); + console.log('Captured log messages for JSON file:', loggedMessages); + + sinon.assert.calledWith(logStub, sinon.match(/Your push has been blocked due to sensitive data detection/)); + }); + + +}); diff --git a/test/CreateExcel.js b/test/CreateExcel.js new file mode 100644 index 000000000..be004b135 --- /dev/null +++ b/test/CreateExcel.js @@ -0,0 +1,24 @@ +const XLSX = require('xlsx'); +const fs = require('fs'); +const path = require('path'); + +// Example data with sensitive information +const data = [ + { Name: "John Doe", SSN: "123-45-6789", Email: "john@example.com" }, + { Name: "Jane Smith", SSN: "987-65-4321", Email: "jane@example.com" } +]; + +const worksheet = XLSX.utils.json_to_sheet(data); +const workbook = XLSX.utils.book_new(); +XLSX.utils.book_append_sheet(workbook, worksheet, "SensitiveData"); + +// Create the path to the test_data directory +const testDataPath = path.join(__dirname, 'test_data'); // Ensure this points to the correct directory + +// Create the test_data directory if it doesn't exist +if (!fs.existsSync(testDataPath)){ + fs.mkdirSync(testDataPath, { recursive: true }); // Using recursive to ensure all directories are created +} + +// Write the Excel file to the test_data directory +XLSX.writeFile(workbook, path.join(testDataPath, 'sensitive_data2.xlsx')); diff --git a/test/test_data/sensitive_data.csv b/test/test_data/sensitive_data.csv new file mode 100644 index 000000000..d0381fa03 --- /dev/null +++ b/test/test_data/sensitive_data.csv @@ -0,0 +1,3 @@ +Name,SSN,Email +John Doe,123-45-6789,john@example.com +Jane Smith,987-65-4321,jane@example.com diff --git a/test/test_data/sensitive_data2.xlsx b/test/test_data/sensitive_data2.xlsx new file mode 100644 index 0000000000000000000000000000000000000000..3c9634cc7ee5f00e3e8bf7bbaeb8b19f615f1157 GIT binary patch literal 16196 zcmeHO*>5CA8FxrP(V{3sfP|2cS|br51-m_-vDbEN2YYO1FK;Z5cXJ>VYPxG?+U_ge zJw6g5B^wm2h(IEQ>j8-eq#z++r38_O@E7n7Pw=vvL=aG3ctPTU-&fUF_4JId5hxI^ zX1lxkyXw2@tD`qB-+j+##*)9E-Sy44e)F-hG5UQTjR&^=binOU-}i#umgntG960s_ zwJbb>J8h2#q2;-YmFmP~MdPmFnU>pGtX$h(AD^vgVZ>aM*`CW6D~CL+JhF7(xrHrm zvj|9G*YZORRNQc}(v2d2Ue`mT%N-U@cs_UWrtJj|i|`n9be|c!ti$!G$;lZV5@a+g zOA1ZxqPbWJE}GSfwteV>^U<`ucH1)es%P{Z?nWgnME}Ds=Mjjqpu?lZ3aLaig}S&@ zNjDX}T$rg*3KKy|JQGAb>f-;QGSo&XLl_;}uxP3c`8-So^^vkCTWs)%nJi+N6i(cd z$e}CFwzR1@`{eyMcmMo_u`&96S~`1Cm8bV|HZN#N|DI>Z@j^3T`-mRLmJaAJ%dKcG zbKt^{2?y1-h2fVLV&ZEy{J@PuYB21eNx{Pv41@-oH+QRa2@k`D9cX*ZhVNRg>Fsax z1NgJe!U!)GE0f}nJXlYW>}UXP4sTuj#dtA-xjQ9z2Ax*Qw7OoOJHMLJ7XWtD54X0q z)>x~i^aKDi4D?jWlBZc;pRKMWG;=`mwx4!ma(c3^!sqDM`edG4Sy`E$i)E2S1(3Y0 z_rcFj&eWHu6nFt7;ivoH>nqER#*6|lfF%4(AN>0HxtY2OFMztX8DU=&@zO#guzY0POFlzHWb{6G`diO`) z`O7a}D*;~)SSt^{Z8<#DuJV0t%X82-p%_(i-U?2JvE5~sg2B3=T|#;->MDR&51CyC zx58EBT@R2v$^akj?I^M~yFo9qN;qHcItt*1=h-V>P^y5-#4D%a?Vj5yXCCzOa9fP+ zmGN#cS268c&qvlwoKn$!qstXBH*MxdC_!8vY4pz9<-DYKPg<6u*A2@EywGb$+LM;H z!mLu2Y+EhGkuszUmIJ#Smh~B?R&=v*U0d<&vR<$9JrxoG!9=kl!#NGHZEh=Se3bPf z=9H1#W~g>@hPlF`ZkdqH!@$VHt%VUR-Ql*Ut(iOw%WxhG(BB;G%MAId)a)Dfp`$_u zk+oY!^9u94Jmjjk+vqaKFN1AbZZ{8mG2DfVGHugCvC$u-8=e{=^b9*Ncc8hiTU1GA zdE@9raLwu{B4rLjZ+bzASdVf~@!#g5-DX^58KiV2Q#+PBEN$Bs^0wsgQQBUtEMpKW z3!V#wWIYJ(LztphSCvi|0qL$l%XsC^BH!jnhFwGYm3U;8CZC? zE!%F=ocu~CYVQyOkhzXV!V}9XJe`R7UEES6gMk9q37Ejq0xx>pin`4%qXm?zm_~NO zm~WDdQ!l*_Bj?1ie zJ|>F3orYPJggQ32st`>iMTJ}1Wm2)2mqX=g*U*@16P1mIdI(yc!O|A7Mlr^0jzz3w z4xE^Uw3^(H*hF!!WkEhP$VYHBHL1uTbC~8E3^x7k1Q3Pq$ z<3}A%EGR+p?DRW%65s9lz(cvPR=%(4wNL5<4IAQg^T>xq=1j8 zrseH6H=?|;b1kGh`50$HuNU#4*){jImfZ`s7|aiyQh!V<#DawgXnMfv8fja+QgdsZ zY4U4Y0#3Fw+wZbCThi)G5^)k-xN0hcc*==~zLm-@I(PD}P{fa_D|t8mKkEt&2UtO< znPdS2i@O2SC{h+HUJ!LXWFfz68S4SYeUUrhEm)z&YbYNZDdHONJ-W)6lQcwFVYC4M*m^_vjW5B!i{M_ z-S)PSTQzJyNd0N>>T$|y@E}T%@~(xtM>a}lB2rSdadApoO9tx^S3xP?g0e}nZO(^zkI( zz~2mnceOn8Fut`zIp9jKqd5#g+U^!_YnFMC%s*01$Pkh{BuR-Zpb3o}Ek&%AO&V0h z7@kn&Xqh5U9gUn~2+l~^DY95lDFL5{3){ih{&CN1Pu(*%M!);y zc5o;*xoI=`^c%r~Mw7OykAK!7^aIXJajHPw4Hl;*=J${|Pj{%n^o-5G^TX@g*pv(5 zpKi}tccM@;yq*iHWI)-Z$qSvOn4YO<@+3yXGqD`-;4?ihdic&;-+JfUH}yMjy@HD- z+qzwOefP&VpM4JmN#K2ukXG7YK$YIAr@n4fr3Jjh8mU@!e?dBSH;$<;n`lG z2^+?fWZET{5Djb<#EaE!Y+TrfvRU9s$CM2+K*<{<2XVow1LcEM0E!}NSX#g+gi_yK z#{&&+bWbW=thhMbBDx^qj)2Cvby&r;QScRnb;1DOmKT^fOp`Z+Y+72dd7Io8Rb7{^ zk>}(8mKQ~ygB#Og9nWPpZuJBsz5!W-$JNynZH4whJ7-{wzoZ1RHQhp>_*T-B4@5st zP0~IyS?!=5Gh@DQA71S_EshOjI`Nc=ZsFDk5Y0YOGl_DPM3{}r?^aPhr4v1Obd7$+bq@jMvc@Z z5+SzC_F=E|UQ3Ro(TmKs>H7qB6$gY6Jl;Oln3UfPx>?5QFgO_YBGIz9bQSqyLEj@6 zj{#OxfM)Zm`o5vQU&Cn~JB84}F6Bu{MDmm>|9D+ z5NoJ#J0SKIet`W?lL9NEP(36?!CA0e_b)M*YfT3$zA2snTT#L0X3vk$Opn)V zQ&klXX3CS>0l6W<$m4R-E>;H{kK9}f0xy8Y@{g3DkPDg-0W61fScwd%h0mzoq34l6 zBRi{Ch^?=`F!th2#1;MSm$8*UFLwHnN~nx1q7Li;xwsHiPI8Wb?5oQoi+ZtAsGipY z%jn8eak5%CF#AuR9ha7Qh>_JYSb%Y>vUE<<7LvY-0wOnB;a%ZvoQ|KkvbwyvRnaiu zHhaF0RSs@mPmhhpD`bY}9}468IE==ZZOjp2Y4LEK**%Wk20UZ2q$9Q?w9vP$Xx$R) zCU}8xYj}3EYqh0|VAjdvK}2GThKA>e<8p!)3q$ygxHUW;(D5V?qOoKHX9(#*7yZ?h z4vVICFX{!Hz(~!7Zf1p))JSWWaD;N;z_jWSKSEn*(0YNjSb45xwpz1>X^gj7m5mYP?t_7-y6dRg(^v&Ml;R zE(GllFK+(+;$357^oxTwN&IK4%M&Ui3)+zlgNbCD0piQ#G&Z5y=vv|9@geMVOiaeO z*aw?5dPdeBr`(D}Ns|s587V^ME!>Dx(NxHZS4pmf5j-*Y#+t%5~UQG3{cTU^RiLg=3(>qR(*-8zi1ve zDj+pVLGVHqaodXUwZLQTO%~9CUhz5uY#_C1po{`jP%-8YxM?7uezx8Pm{t z{7Habov7-V1Jl}(GKD?}QM<(b+TY)w*slpO zP}5cQCpNB#H8(bHx%3&3L8~O{_ZL6^Gu(KKPi8Qmc5HFT%Yn0vPCsnXrMT=EJy;-av4}AnY%ad8ngIT){L*Cr137sa+JoU798^vALxN0s7g~;AP!W#s;oCB5FURodREHvx z#Gv+ajE>bV#h~_b4DOU;9E{VOa-98vIP|6*XU8w^%Z|?nbw<1@>;Dj(Xn+FHK1ee0 zs*KGL9N#QzEgvTIwp!Y z(22MeqDGnM$AL>hdJO(@e9wQRI66V7z!UV3kV7oi=f6=riwJ_)5e&1fo0A!NxZ1^j z&@j$v&6*SwC*z*DSYgg_EROJAQD&b-vn2)YFy3(Rq)s_A>kKcXh!7k;0HQICoU2w?jU9a{-p^5nNt=~i|hUw>Wg0#sA-_( zzcwyXDXws4RQ~iOK_zdkB64x1B}0Do%c%&-H{eC&;(|ejeD8#^d{9IzPWm#$=O_E8 tfJN+LEuUfEnaW`&!B|8uR-hTWQ!lMYH!pwu69jY)|DJ Date: Sat, 26 Oct 2024 22:28:19 +0530 Subject: [PATCH 03/18] fix: revert previous changes --- .../push-action/checkSensitiveData.js | 156 ------------------ test/CheckSensitive.test.js | 89 ---------- test/CreateExcel.js | 24 --- test/test_data/sensitive_data.csv | 3 - test/test_data/sensitive_data2.xlsx | Bin 16196 -> 0 bytes test/test_data/sensitive_data4.json | 4 - 6 files changed, 276 deletions(-) delete mode 100644 src/proxy/processors/push-action/checkSensitiveData.js delete mode 100644 test/CheckSensitive.test.js delete mode 100644 test/CreateExcel.js delete mode 100644 test/test_data/sensitive_data.csv delete mode 100644 test/test_data/sensitive_data2.xlsx delete mode 100644 test/test_data/sensitive_data4.json diff --git a/src/proxy/processors/push-action/checkSensitiveData.js b/src/proxy/processors/push-action/checkSensitiveData.js deleted file mode 100644 index c34ca4169..000000000 --- a/src/proxy/processors/push-action/checkSensitiveData.js +++ /dev/null @@ -1,156 +0,0 @@ -const fs = require('fs'); -const csv = require('csv-parser'); -const XLSX = require('xlsx'); -const path = require('path'); -const { exec: getDiffExec } = require('./getDiff'); - -// Function to check for sensitive data patterns -const checkForSensitiveData = (cell) => { - const sensitivePatterns = [ - /\d{3}-\d{2}-\d{4}/, // Social Security Number (SSN) - /\b\d{16}\b/, // Credit card numbers - /\b\d{5}-\d{4}\b/, // ZIP+4 codes - // Add more patterns as needed - ]; - return sensitivePatterns.some(pattern => { - if (pattern.test(String(cell))) { - console.log(`\x1b[31mDetected sensitive data: ${cell}\x1b[0m`); // Log the detected sensitive data in red - return true; - } - return false; - }); -}; - -// Function to process CSV files -const processCSV = async (filePath) => { - return new Promise((resolve, reject) => { - let sensitiveDataFound = false; - - fs.createReadStream(filePath) - .pipe(csv()) - .on('data', (row) => { - for (const [key, value] of Object.entries(row)) { - if (checkForSensitiveData(value)) { - console.log(`\x1b[33mSensitive data found in CSV: ${key}: ${value}\x1b[0m`); // Log in yellow - sensitiveDataFound = true; - } - } - }) - .on('end', () => { - if (!sensitiveDataFound) { - console.log('No sensitive data found in CSV.'); - } - resolve(sensitiveDataFound); // Resolve with the flag indicating if sensitive data was found - }) - .on('error', (err) => { - console.error(`Error reading CSV file: ${err.message}`); - reject(err); // Reject the promise on error - }); - }); -}; - -// Function to process XLSX files -const processXLSX = async (filePath) => { - return new Promise((resolve, reject) => { - let sensitiveDataFound = false; - - try { - const workbook = XLSX.readFile(filePath); - const sheetName = workbook.SheetNames[0]; - const sheet = workbook.Sheets[sheetName]; - const jsonData = XLSX.utils.sheet_to_json(sheet); - - jsonData.forEach((row) => { - for (const [key, value] of Object.entries(row)) { - if (checkForSensitiveData(value)) { - console.log(`\x1b[33mSensitive data found in XLSX: ${key}: ${value}\x1b[0m`); // Log in yellow - sensitiveDataFound = true; - } - } - }); - - if (!sensitiveDataFound) { - console.log('No sensitive data found in XLSX.'); - } - resolve(sensitiveDataFound); // Resolve with the flag indicating if sensitive data was found - } catch (error) { - console.error(`Error reading XLSX file: ${error.message}`); - reject(error); // Reject the promise on error - } - }); -}; - -// Function to check for sensitive data in .log and .json files -const checkLogJsonFiles = async (filePath) => { - return new Promise((resolve, reject) => { - let sensitiveDataFound = false; - - fs.readFile(filePath, 'utf8', (err, data) => { - if (err) { - console.error(`Error reading file ${filePath}: ${err.message}`); - return reject(err); - } - - if (checkForSensitiveData(data)) { - console.log(`\x1b[33mSensitive data found in ${filePath}\x1b[0m`); - sensitiveDataFound = true; - } - - resolve(sensitiveDataFound); - }); - }); -}; - -// Function to parse the file based on its extension -const parseFile = async (filePath) => { - const ext = path.extname(filePath).toLowerCase(); - - switch (ext) { - case '.csv': - return await processCSV(filePath); - case '.xlsx': - return await processXLSX(filePath); - case '.log': - return await checkLogJsonFiles(filePath); - case '.json': - return await checkLogJsonFiles(filePath); - default: - // Skip unsupported file types without logging - return false; // Indicate that no sensitive data was found for unsupported types - } -}; - -// Async exec function to handle actions -const exec = async (req, action) => { - // getDiffExec(req, action); // Call to getDiffExec if necessary - - const diffStep = action.steps.find((s) => s.stepName === 'diff'); - - if (diffStep && diffStep.content) { - console.log('Diff content:', diffStep.content); - - const filePaths = diffStep.content.filePaths || []; - - if (filePaths.length > 0) { - // Check for sensitive data in all files - const sensitiveDataFound = await Promise.all(filePaths.map(parseFile)); - const anySensitiveDataDetected = sensitiveDataFound.some(found => found); // Check if any file reported sensitive data - - if (anySensitiveDataDetected) { - action.pushBlocked = true; // Block the push - action.error = true; // Set error flag - action.errorMessage = 'Your push has been blocked due to sensitive data detection.'; // Set error message - console.log(action.errorMessage); - } - } else { - console.log('No file paths provided in the diff step.'); - } - } else { - console.log('No diff content available.'); - } - - return action; // Returning action for testing purposes -}; - -exec.displayName = 'logFileChanges.exec'; -exports.exec = exec; diff --git a/test/CheckSensitive.test.js b/test/CheckSensitive.test.js deleted file mode 100644 index 322b32f61..000000000 --- a/test/CheckSensitive.test.js +++ /dev/null @@ -1,89 +0,0 @@ -const path = require('path'); -const { exec } = require('../src/proxy/processors/push-action/checkSensitiveData.js'); // Adjust path as necessary -const sinon = require('sinon'); - -describe('Sensitive Data Detection', () => { - let logStub; - - beforeEach(() => { - logStub = sinon.stub(console, 'log'); // Stub console.log before each test - }); - - afterEach(() => { - logStub.restore(); // Restore console.log after each test - }); - - it('should detect sensitive data in CSV file and block execution', async () => { - const action = { - steps: [{ - stepName: 'diff', - content: { - filePaths: [path.join(__dirname, 'test_data/sensitive_data.csv')] // Ensure this path is correct - } - }] - }; - - await exec(null, action); - - const loggedMessages = logStub.getCalls().map(call => call.args[0]); - console.log('Captured log messages for CSV:', loggedMessages); - - sinon.assert.calledWith(logStub, sinon.match(/Your push has been blocked due to sensitive data detection/)); - }); - - it('should detect sensitive data in XLSX file and block execution', async () => { - const action = { - steps: [{ - stepName: 'diff', - content: { - filePaths: [path.join(__dirname, 'test_data/sensitive_data2.xlsx')] // Ensure this path is correct - } - }] - }; - - await exec(null, action); - - const loggedMessages = logStub.getCalls().map(call => call.args[0]); - console.log('Captured log messages for XLSX:', loggedMessages); - - sinon.assert.calledWith(logStub, sinon.match(/Your push has been blocked due to sensitive data detection/)); - }); - - it('should detect sensitive data in a log file and block execution', async () => { - const action = { - steps: [{ - stepName: 'diff', - content: { - filePaths: [path.join(__dirname, 'test_data/sensitive_data3.log')] // Ensure this path is correct - } - }] - }; - - await exec(null, action); - - const loggedMessages = logStub.getCalls().map(call => call.args[0]); - console.log('Captured log messages for log file:', loggedMessages); - - sinon.assert.calledWith(logStub, sinon.match(/Your push has been blocked due to sensitive data detection/)); - }); - - it('should detect sensitive data in a JSON file and block execution', async () => { - const action = { - steps: [{ - stepName: 'diff', - content: { - filePaths: [path.join(__dirname, 'test_data/sensitive_data4.json')] // Ensure this path is correct - } - }] - }; - - await exec(null, action); - - const loggedMessages = logStub.getCalls().map(call => call.args[0]); - console.log('Captured log messages for JSON file:', loggedMessages); - - sinon.assert.calledWith(logStub, sinon.match(/Your push has been blocked due to sensitive data detection/)); - }); - - -}); diff --git a/test/CreateExcel.js b/test/CreateExcel.js deleted file mode 100644 index be004b135..000000000 --- a/test/CreateExcel.js +++ /dev/null @@ -1,24 +0,0 @@ -const XLSX = require('xlsx'); -const fs = require('fs'); -const path = require('path'); - -// Example data with sensitive information -const data = [ - { Name: "John Doe", SSN: "123-45-6789", Email: "john@example.com" }, - { Name: "Jane Smith", SSN: "987-65-4321", Email: "jane@example.com" } -]; - -const worksheet = XLSX.utils.json_to_sheet(data); -const workbook = XLSX.utils.book_new(); -XLSX.utils.book_append_sheet(workbook, worksheet, "SensitiveData"); - -// Create the path to the test_data directory -const testDataPath = path.join(__dirname, 'test_data'); // Ensure this points to the correct directory - -// Create the test_data directory if it doesn't exist -if (!fs.existsSync(testDataPath)){ - fs.mkdirSync(testDataPath, { recursive: true }); // Using recursive to ensure all directories are created -} - -// Write the Excel file to the test_data directory -XLSX.writeFile(workbook, path.join(testDataPath, 'sensitive_data2.xlsx')); diff --git a/test/test_data/sensitive_data.csv b/test/test_data/sensitive_data.csv deleted file mode 100644 index d0381fa03..000000000 --- a/test/test_data/sensitive_data.csv +++ /dev/null @@ -1,3 +0,0 @@ -Name,SSN,Email -John Doe,123-45-6789,john@example.com -Jane Smith,987-65-4321,jane@example.com diff --git a/test/test_data/sensitive_data2.xlsx b/test/test_data/sensitive_data2.xlsx deleted file mode 100644 index 3c9634cc7ee5f00e3e8bf7bbaeb8b19f615f1157..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 16196 zcmeHO*>5CA8FxrP(V{3sfP|2cS|br51-m_-vDbEN2YYO1FK;Z5cXJ>VYPxG?+U_ge zJw6g5B^wm2h(IEQ>j8-eq#z++r38_O@E7n7Pw=vvL=aG3ctPTU-&fUF_4JId5hxI^ zX1lxkyXw2@tD`qB-+j+##*)9E-Sy44e)F-hG5UQTjR&^=binOU-}i#umgntG960s_ zwJbb>J8h2#q2;-YmFmP~MdPmFnU>pGtX$h(AD^vgVZ>aM*`CW6D~CL+JhF7(xrHrm zvj|9G*YZORRNQc}(v2d2Ue`mT%N-U@cs_UWrtJj|i|`n9be|c!ti$!G$;lZV5@a+g zOA1ZxqPbWJE}GSfwteV>^U<`ucH1)es%P{Z?nWgnME}Ds=Mjjqpu?lZ3aLaig}S&@ zNjDX}T$rg*3KKy|JQGAb>f-;QGSo&XLl_;}uxP3c`8-So^^vkCTWs)%nJi+N6i(cd z$e}CFwzR1@`{eyMcmMo_u`&96S~`1Cm8bV|HZN#N|DI>Z@j^3T`-mRLmJaAJ%dKcG zbKt^{2?y1-h2fVLV&ZEy{J@PuYB21eNx{Pv41@-oH+QRa2@k`D9cX*ZhVNRg>Fsax z1NgJe!U!)GE0f}nJXlYW>}UXP4sTuj#dtA-xjQ9z2Ax*Qw7OoOJHMLJ7XWtD54X0q z)>x~i^aKDi4D?jWlBZc;pRKMWG;=`mwx4!ma(c3^!sqDM`edG4Sy`E$i)E2S1(3Y0 z_rcFj&eWHu6nFt7;ivoH>nqER#*6|lfF%4(AN>0HxtY2OFMztX8DU=&@zO#guzY0POFlzHWb{6G`diO`) z`O7a}D*;~)SSt^{Z8<#DuJV0t%X82-p%_(i-U?2JvE5~sg2B3=T|#;->MDR&51CyC zx58EBT@R2v$^akj?I^M~yFo9qN;qHcItt*1=h-V>P^y5-#4D%a?Vj5yXCCzOa9fP+ zmGN#cS268c&qvlwoKn$!qstXBH*MxdC_!8vY4pz9<-DYKPg<6u*A2@EywGb$+LM;H z!mLu2Y+EhGkuszUmIJ#Smh~B?R&=v*U0d<&vR<$9JrxoG!9=kl!#NGHZEh=Se3bPf z=9H1#W~g>@hPlF`ZkdqH!@$VHt%VUR-Ql*Ut(iOw%WxhG(BB;G%MAId)a)Dfp`$_u zk+oY!^9u94Jmjjk+vqaKFN1AbZZ{8mG2DfVGHugCvC$u-8=e{=^b9*Ncc8hiTU1GA zdE@9raLwu{B4rLjZ+bzASdVf~@!#g5-DX^58KiV2Q#+PBEN$Bs^0wsgQQBUtEMpKW z3!V#wWIYJ(LztphSCvi|0qL$l%XsC^BH!jnhFwGYm3U;8CZC? zE!%F=ocu~CYVQyOkhzXV!V}9XJe`R7UEES6gMk9q37Ejq0xx>pin`4%qXm?zm_~NO zm~WDdQ!l*_Bj?1ie zJ|>F3orYPJggQ32st`>iMTJ}1Wm2)2mqX=g*U*@16P1mIdI(yc!O|A7Mlr^0jzz3w z4xE^Uw3^(H*hF!!WkEhP$VYHBHL1uTbC~8E3^x7k1Q3Pq$ z<3}A%EGR+p?DRW%65s9lz(cvPR=%(4wNL5<4IAQg^T>xq=1j8 zrseH6H=?|;b1kGh`50$HuNU#4*){jImfZ`s7|aiyQh!V<#DawgXnMfv8fja+QgdsZ zY4U4Y0#3Fw+wZbCThi)G5^)k-xN0hcc*==~zLm-@I(PD}P{fa_D|t8mKkEt&2UtO< znPdS2i@O2SC{h+HUJ!LXWFfz68S4SYeUUrhEm)z&YbYNZDdHONJ-W)6lQcwFVYC4M*m^_vjW5B!i{M_ z-S)PSTQzJyNd0N>>T$|y@E}T%@~(xtM>a}lB2rSdadApoO9tx^S3xP?g0e}nZO(^zkI( zz~2mnceOn8Fut`zIp9jKqd5#g+U^!_YnFMC%s*01$Pkh{BuR-Zpb3o}Ek&%AO&V0h z7@kn&Xqh5U9gUn~2+l~^DY95lDFL5{3){ih{&CN1Pu(*%M!);y zc5o;*xoI=`^c%r~Mw7OykAK!7^aIXJajHPw4Hl;*=J${|Pj{%n^o-5G^TX@g*pv(5 zpKi}tccM@;yq*iHWI)-Z$qSvOn4YO<@+3yXGqD`-;4?ihdic&;-+JfUH}yMjy@HD- z+qzwOefP&VpM4JmN#K2ukXG7YK$YIAr@n4fr3Jjh8mU@!e?dBSH;$<;n`lG z2^+?fWZET{5Djb<#EaE!Y+TrfvRU9s$CM2+K*<{<2XVow1LcEM0E!}NSX#g+gi_yK z#{&&+bWbW=thhMbBDx^qj)2Cvby&r;QScRnb;1DOmKT^fOp`Z+Y+72dd7Io8Rb7{^ zk>}(8mKQ~ygB#Og9nWPpZuJBsz5!W-$JNynZH4whJ7-{wzoZ1RHQhp>_*T-B4@5st zP0~IyS?!=5Gh@DQA71S_EshOjI`Nc=ZsFDk5Y0YOGl_DPM3{}r?^aPhr4v1Obd7$+bq@jMvc@Z z5+SzC_F=E|UQ3Ro(TmKs>H7qB6$gY6Jl;Oln3UfPx>?5QFgO_YBGIz9bQSqyLEj@6 zj{#OxfM)Zm`o5vQU&Cn~JB84}F6Bu{MDmm>|9D+ z5NoJ#J0SKIet`W?lL9NEP(36?!CA0e_b)M*YfT3$zA2snTT#L0X3vk$Opn)V zQ&klXX3CS>0l6W<$m4R-E>;H{kK9}f0xy8Y@{g3DkPDg-0W61fScwd%h0mzoq34l6 zBRi{Ch^?=`F!th2#1;MSm$8*UFLwHnN~nx1q7Li;xwsHiPI8Wb?5oQoi+ZtAsGipY z%jn8eak5%CF#AuR9ha7Qh>_JYSb%Y>vUE<<7LvY-0wOnB;a%ZvoQ|KkvbwyvRnaiu zHhaF0RSs@mPmhhpD`bY}9}468IE==ZZOjp2Y4LEK**%Wk20UZ2q$9Q?w9vP$Xx$R) zCU}8xYj}3EYqh0|VAjdvK}2GThKA>e<8p!)3q$ygxHUW;(D5V?qOoKHX9(#*7yZ?h z4vVICFX{!Hz(~!7Zf1p))JSWWaD;N;z_jWSKSEn*(0YNjSb45xwpz1>X^gj7m5mYP?t_7-y6dRg(^v&Ml;R zE(GllFK+(+;$357^oxTwN&IK4%M&Ui3)+zlgNbCD0piQ#G&Z5y=vv|9@geMVOiaeO z*aw?5dPdeBr`(D}Ns|s587V^ME!>Dx(NxHZS4pmf5j-*Y#+t%5~UQG3{cTU^RiLg=3(>qR(*-8zi1ve zDj+pVLGVHqaodXUwZLQTO%~9CUhz5uY#_C1po{`jP%-8YxM?7uezx8Pm{t z{7Habov7-V1Jl}(GKD?}QM<(b+TY)w*slpO zP}5cQCpNB#H8(bHx%3&3L8~O{_ZL6^Gu(KKPi8Qmc5HFT%Yn0vPCsnXrMT=EJy;-av4}AnY%ad8ngIT){L*Cr137sa+JoU798^vALxN0s7g~;AP!W#s;oCB5FURodREHvx z#Gv+ajE>bV#h~_b4DOU;9E{VOa-98vIP|6*XU8w^%Z|?nbw<1@>;Dj(Xn+FHK1ee0 zs*KGL9N#QzEgvTIwp!Y z(22MeqDGnM$AL>hdJO(@e9wQRI66V7z!UV3kV7oi=f6=riwJ_)5e&1fo0A!NxZ1^j z&@j$v&6*SwC*z*DSYgg_EROJAQD&b-vn2)YFy3(Rq)s_A>kKcXh!7k;0HQICoU2w?jU9a{-p^5nNt=~i|hUw>Wg0#sA-_( zzcwyXDXws4RQ~iOK_zdkB64x1B}0Do%c%&-H{eC&;(|ejeD8#^d{9IzPWm#$=O_E8 tfJN+LEuUfEnaW`&!B|8uR-hTWQ!lMYH!pwu69jY)|DJ Date: Sat, 26 Oct 2024 22:45:57 +0530 Subject: [PATCH 04/18] feat: add support for .log and .json files --- .husky/commit-msg | 3 +- src/proxy/chain.js | 2 +- .../push-action/checkSensitiveData.js | 43 ++++++++------- test/CheckSensitive.test.js | 54 +++++++++++-------- test/CreateExcel.js | 7 +-- test/chain.test.js | 2 +- test/test_data/sensitive_data4.json | 4 ++ 7 files changed, 64 insertions(+), 51 deletions(-) create mode 100644 test/test_data/sensitive_data4.json diff --git a/.husky/commit-msg b/.husky/commit-msg index 53b8922aa..22cbe859d 100755 --- a/.husky/commit-msg +++ b/.husky/commit-msg @@ -1,4 +1,3 @@ -#!/usr/bin/env sh -. "$(dirname -- "$0")/_/husky.sh" + npx --no -- commitlint --edit ${1} && npm run lint diff --git a/src/proxy/chain.js b/src/proxy/chain.js index 332e53793..05b8c7e2a 100644 --- a/src/proxy/chain.js +++ b/src/proxy/chain.js @@ -10,7 +10,7 @@ const pushActionChain = [ proc.push.pullRemote, proc.push.writePack, proc.push.getDiff, - proc.push.checkSensitiveData, //checkSensitiveData added + proc.push.checkSensitiveData, // checkSensitiveData added proc.push.clearBareClone, proc.push.scanDiff, proc.push.blockForAuth, diff --git a/src/proxy/processors/push-action/checkSensitiveData.js b/src/proxy/processors/push-action/checkSensitiveData.js index a33614e19..f082a8a37 100644 --- a/src/proxy/processors/push-action/checkSensitiveData.js +++ b/src/proxy/processors/push-action/checkSensitiveData.js @@ -2,8 +2,7 @@ const fs = require('fs'); const csv = require('csv-parser'); const XLSX = require('xlsx'); const path = require('path'); -const { exec: getDiffExec } = require('./getDiff'); - +// const { exec: getDiffExec } = require('./getDiff'); // Function to check for sensitive data patterns const checkForSensitiveData = (cell) => { const sensitivePatterns = [ @@ -20,12 +19,10 @@ const checkForSensitiveData = (cell) => { return false; }); }; - // Function to process CSV files const processCSV = async (filePath) => { return new Promise((resolve, reject) => { let sensitiveDataFound = false; - fs.createReadStream(filePath) .pipe(csv()) .on('data', (row) => { @@ -48,18 +45,15 @@ const processCSV = async (filePath) => { }); }); }; - // Function to process XLSX files const processXLSX = async (filePath) => { return new Promise((resolve, reject) => { let sensitiveDataFound = false; - try { const workbook = XLSX.readFile(filePath); const sheetName = workbook.SheetNames[0]; const sheet = workbook.Sheets[sheetName]; const jsonData = XLSX.utils.sheet_to_json(sheet); - jsonData.forEach((row) => { for (const [key, value] of Object.entries(row)) { if (checkForSensitiveData(value)) { @@ -68,7 +62,6 @@ const processXLSX = async (filePath) => { } } }); - if (!sensitiveDataFound) { console.log('No sensitive data found in XLSX.'); } @@ -79,7 +72,23 @@ const processXLSX = async (filePath) => { } }); }; - +// Function to check for sensitive data in .log and .json files +const checkLogJsonFiles = async (filePath) => { + return new Promise((resolve, reject) => { + let sensitiveDataFound = false; + fs.readFile(filePath, 'utf8', (err, data) => { + if (err) { + console.error(`Error reading file ${filePath}: ${err.message}`); + return reject(err); + } + if (checkForSensitiveData(data)) { + console.log(`\x1b[33mSensitive data found in ${filePath}\x1b[0m`); + sensitiveDataFound = true; + } + resolve(sensitiveDataFound); + }); + }); +}; // Function to parse the file based on its extension const parseFile = async (filePath) => { const ext = path.extname(filePath).toLowerCase(); @@ -89,28 +98,26 @@ const parseFile = async (filePath) => { return await processCSV(filePath); case '.xlsx': return await processXLSX(filePath); + case '.log': + return await checkLogJsonFiles(filePath); + case '.json': + return await checkLogJsonFiles(filePath); default: - console.log(`Unsupported file type: ${ext} for file: ${filePath}`); + // Skip unsupported file types without logging return false; // Indicate that no sensitive data was found for unsupported types } }; - // Async exec function to handle actions const exec = async (req, action) => { // getDiffExec(req, action); // Call to getDiffExec if necessary - const diffStep = action.steps.find((s) => s.stepName === 'diff'); - if (diffStep && diffStep.content) { console.log('Diff content:', diffStep.content); - const filePaths = diffStep.content.filePaths || []; - if (filePaths.length > 0) { // Check for sensitive data in all files const sensitiveDataFound = await Promise.all(filePaths.map(parseFile)); const anySensitiveDataDetected = sensitiveDataFound.some(found => found); // Check if any file reported sensitive data - if (anySensitiveDataDetected) { action.pushBlocked = true; // Block the push action.error = true; // Set error flag @@ -123,9 +130,7 @@ const exec = async (req, action) => { } else { console.log('No diff content available.'); } - return action; // Returning action for testing purposes }; - exec.displayName = 'logFileChanges.exec'; -exports.exec = exec; +exports.exec = exec; \ No newline at end of file diff --git a/test/CheckSensitive.test.js b/test/CheckSensitive.test.js index 2e4c84211..87340d9d0 100644 --- a/test/CheckSensitive.test.js +++ b/test/CheckSensitive.test.js @@ -1,20 +1,15 @@ const path = require('path'); const { exec } = require('../src/proxy/processors/push-action/checkSensitiveData.js'); // Adjust path as necessary const sinon = require('sinon'); - describe('Sensitive Data Detection', () => { let logStub; - beforeEach(() => { logStub = sinon.stub(console, 'log'); // Stub console.log before each test }); - afterEach(() => { logStub.restore(); // Restore console.log after each test }); - it('should detect sensitive data in CSV file and block execution', async () => { - // Set up the action with the correct file path const action = { steps: [{ stepName: 'diff', @@ -23,20 +18,12 @@ describe('Sensitive Data Detection', () => { } }] }; - - // Call exec with necessary parameters - await exec(null, action); // Ensure exec is awaited if it's a promise - - // Capture logged messages for debugging after exec execution + await exec(null, action); const loggedMessages = logStub.getCalls().map(call => call.args[0]); console.log('Captured log messages for CSV:', loggedMessages); - - // Check if the blocking message is logged sinon.assert.calledWith(logStub, sinon.match(/Your push has been blocked due to sensitive data detection/)); }); - it('should detect sensitive data in XLSX file and block execution', async () => { - // Set up the action with the correct file path for XLSX const action = { steps: [{ stepName: 'diff', @@ -45,15 +32,38 @@ describe('Sensitive Data Detection', () => { } }] }; - - // Call exec with necessary parameters - await exec(null, action); // Ensure exec is awaited if it's a promise - - // Capture logged messages for debugging after exec execution + await exec(null, action); const loggedMessages = logStub.getCalls().map(call => call.args[0]); console.log('Captured log messages for XLSX:', loggedMessages); - - // Check if the blocking message is logged sinon.assert.calledWith(logStub, sinon.match(/Your push has been blocked due to sensitive data detection/)); }); -}); + it('should detect sensitive data in a log file and block execution', async () => { + const action = { + steps: [{ + stepName: 'diff', + content: { + filePaths: [path.join(__dirname, 'test_data/sensitive_data3.log')] // Ensure this path is correct + } + }] + }; + await exec(null, action); + const loggedMessages = logStub.getCalls().map(call => call.args[0]); + console.log('Captured log messages for log file:', loggedMessages); + sinon.assert.calledWith(logStub, sinon.match(/Your push has been blocked due to sensitive data detection/)); + }); + it('should detect sensitive data in a JSON file and block execution', async () => { + const action = { + steps: [{ + stepName: 'diff', + content: { + filePaths: [path.join(__dirname, 'test_data/sensitive_data4.json')] // Ensure this path is correct + } + }] + }; + await exec(null, action); + const loggedMessages = logStub.getCalls().map(call => call.args[0]); + console.log('Captured log messages for JSON file:', loggedMessages); + sinon.assert.calledWith(logStub, sinon.match(/Your push has been blocked due to sensitive data detection/)); + }); + +}); \ No newline at end of file diff --git a/test/CreateExcel.js b/test/CreateExcel.js index be004b135..ea9f9af07 100644 --- a/test/CreateExcel.js +++ b/test/CreateExcel.js @@ -1,24 +1,19 @@ const XLSX = require('xlsx'); const fs = require('fs'); const path = require('path'); - // Example data with sensitive information const data = [ { Name: "John Doe", SSN: "123-45-6789", Email: "john@example.com" }, { Name: "Jane Smith", SSN: "987-65-4321", Email: "jane@example.com" } ]; - const worksheet = XLSX.utils.json_to_sheet(data); const workbook = XLSX.utils.book_new(); XLSX.utils.book_append_sheet(workbook, worksheet, "SensitiveData"); - // Create the path to the test_data directory const testDataPath = path.join(__dirname, 'test_data'); // Ensure this points to the correct directory - // Create the test_data directory if it doesn't exist if (!fs.existsSync(testDataPath)){ fs.mkdirSync(testDataPath, { recursive: true }); // Using recursive to ensure all directories are created } - // Write the Excel file to the test_data directory -XLSX.writeFile(workbook, path.join(testDataPath, 'sensitive_data2.xlsx')); +XLSX.writeFile(workbook, path.join(testDataPath, 'sensitive_data2.xlsx')); \ No newline at end of file diff --git a/test/chain.test.js b/test/chain.test.js index 97515fef2..beeea18a3 100644 --- a/test/chain.test.js +++ b/test/chain.test.js @@ -1,7 +1,7 @@ const chai = require('chai'); const sinon = require('sinon'); const { PluginLoader } = require('../src/plugin'); -const { checkSensitiveData } = require('../src/proxy/processors/push-action'); + chai.should(); const expect = chai.expect; diff --git a/test/test_data/sensitive_data4.json b/test/test_data/sensitive_data4.json new file mode 100644 index 000000000..50217f695 --- /dev/null +++ b/test/test_data/sensitive_data4.json @@ -0,0 +1,4 @@ +{ + "username": "johndoe", + "ssn": "123-45-6789" +} From 8b257a22ce03bff7ad63ba2018190bc8e7f2b8a3 Mon Sep 17 00:00:00 2001 From: ChaitanyaD48 Date: Sun, 27 Oct 2024 08:22:31 +0530 Subject: [PATCH 05/18] test: add test for edge cases Signed-off-by: ChaitanyaD48 --- test/CheckSensitive.test.js | 60 ++++++++++++++++++++++++++++++------- 1 file changed, 50 insertions(+), 10 deletions(-) diff --git a/test/CheckSensitive.test.js b/test/CheckSensitive.test.js index 87340d9d0..e1ca2b16d 100644 --- a/test/CheckSensitive.test.js +++ b/test/CheckSensitive.test.js @@ -1,14 +1,18 @@ const path = require('path'); const { exec } = require('../src/proxy/processors/push-action/checkSensitiveData.js'); // Adjust path as necessary const sinon = require('sinon'); + describe('Sensitive Data Detection', () => { let logStub; + beforeEach(() => { logStub = sinon.stub(console, 'log'); // Stub console.log before each test }); + afterEach(() => { logStub.restore(); // Restore console.log after each test }); + it('should detect sensitive data in CSV file and block execution', async () => { const action = { steps: [{ @@ -19,10 +23,9 @@ describe('Sensitive Data Detection', () => { }] }; await exec(null, action); - const loggedMessages = logStub.getCalls().map(call => call.args[0]); - console.log('Captured log messages for CSV:', loggedMessages); sinon.assert.calledWith(logStub, sinon.match(/Your push has been blocked due to sensitive data detection/)); }); + it('should detect sensitive data in XLSX file and block execution', async () => { const action = { steps: [{ @@ -33,10 +36,9 @@ describe('Sensitive Data Detection', () => { }] }; await exec(null, action); - const loggedMessages = logStub.getCalls().map(call => call.args[0]); - console.log('Captured log messages for XLSX:', loggedMessages); sinon.assert.calledWith(logStub, sinon.match(/Your push has been blocked due to sensitive data detection/)); }); + it('should detect sensitive data in a log file and block execution', async () => { const action = { steps: [{ @@ -47,10 +49,9 @@ describe('Sensitive Data Detection', () => { }] }; await exec(null, action); - const loggedMessages = logStub.getCalls().map(call => call.args[0]); - console.log('Captured log messages for log file:', loggedMessages); sinon.assert.calledWith(logStub, sinon.match(/Your push has been blocked due to sensitive data detection/)); }); + it('should detect sensitive data in a JSON file and block execution', async () => { const action = { steps: [{ @@ -61,9 +62,48 @@ describe('Sensitive Data Detection', () => { }] }; await exec(null, action); - const loggedMessages = logStub.getCalls().map(call => call.args[0]); - console.log('Captured log messages for JSON file:', loggedMessages); sinon.assert.calledWith(logStub, sinon.match(/Your push has been blocked due to sensitive data detection/)); }); - -}); \ No newline at end of file + + it('should allow execution if no sensitive data is found', async () => { + const action = { + steps: [{ + stepName: 'diff', + content: { + filePaths: [path.join(__dirname, 'test_data/no_sensitive_data.txt')] // Ensure this path is correct + } + }] + }; + await exec(null, action); + sinon.assert.neverCalledWith(logStub, sinon.match(/Your push has been blocked due to sensitive data detection/)); + }); + + it('should allow execution for an empty file', async () => { + const action = { + steps: [{ + stepName: 'diff', + content: { + filePaths: [path.join(__dirname, 'test_data/empty_file.txt')] // Ensure this path is correct + } + }] + }; + await exec(null, action); + sinon.assert.neverCalledWith(logStub, sinon.match(/Your push has been blocked due to sensitive data detection/)); + }); + + it('should handle file-not-found scenario gracefully', async () => { + const action = { + steps: [{ + stepName: 'diff', + content: { + filePaths: [path.join(__dirname, 'test_data/non_existent_file.txt')] // Ensure this path is correct + } + }] + }; + try { + await exec(null, action); + } catch (error) { + sinon.assert.match(error.message, /ENOENT: no such file or directory/); + } + }); +}); From 027a45903b43aa43a88b8b2eb78d8066db00b2cb Mon Sep 17 00:00:00 2001 From: Prachit Date: Mon, 28 Oct 2024 10:53:01 +0530 Subject: [PATCH 06/18] refactor: corrected the way filepaths are geting extracted from diff --- .../push-action/checkSensitiveData.js | 35 +++++++++++++++---- test/CheckSensitive.test.js | 35 +++++++------------ 2 files changed, 42 insertions(+), 28 deletions(-) diff --git a/src/proxy/processors/push-action/checkSensitiveData.js b/src/proxy/processors/push-action/checkSensitiveData.js index f082a8a37..f6d9326d8 100644 --- a/src/proxy/processors/push-action/checkSensitiveData.js +++ b/src/proxy/processors/push-action/checkSensitiveData.js @@ -108,20 +108,39 @@ const parseFile = async (filePath) => { } }; // Async exec function to handle actions +// Function to parse file paths from git diff content +const extractFilePathsFromDiff = (diffContent) => { + const filePaths = []; + const lines = diffContent.split('\n'); + + lines.forEach(line => { + const match = line.match(/^diff --git a\/(.+?) b\/(.+?)$/); + if (match) { + filePaths.push(match[1]); // Extract the file path from "a/" in the diff line + } + }); + + return filePaths; +}; + const exec = async (req, action) => { - // getDiffExec(req, action); // Call to getDiffExec if necessary const diffStep = action.steps.find((s) => s.stepName === 'diff'); + if (diffStep && diffStep.content) { console.log('Diff content:', diffStep.content); - const filePaths = diffStep.content.filePaths || []; + + // Use the parsing function to get file paths + const filePaths = extractFilePathsFromDiff(diffStep.content); + if (filePaths.length > 0) { // Check for sensitive data in all files const sensitiveDataFound = await Promise.all(filePaths.map(parseFile)); - const anySensitiveDataDetected = sensitiveDataFound.some(found => found); // Check if any file reported sensitive data + const anySensitiveDataDetected = sensitiveDataFound.some(found => found); + if (anySensitiveDataDetected) { - action.pushBlocked = true; // Block the push - action.error = true; // Set error flag - action.errorMessage = 'Your push has been blocked due to sensitive data detection.'; // Set error message + action.pushBlocked = true; + action.error = true; + action.errorMessage = 'Your push has been blocked due to sensitive data detection.'; console.log(action.errorMessage); } } else { @@ -130,7 +149,11 @@ const exec = async (req, action) => { } else { console.log('No diff content available.'); } + return action; // Returning action for testing purposes }; + + + exec.displayName = 'logFileChanges.exec'; exports.exec = exec; \ No newline at end of file diff --git a/test/CheckSensitive.test.js b/test/CheckSensitive.test.js index e1ca2b16d..f26324cd9 100644 --- a/test/CheckSensitive.test.js +++ b/test/CheckSensitive.test.js @@ -1,4 +1,4 @@ -const path = require('path'); +// const path = require('path'); const { exec } = require('../src/proxy/processors/push-action/checkSensitiveData.js'); // Adjust path as necessary const sinon = require('sinon'); @@ -13,13 +13,16 @@ describe('Sensitive Data Detection', () => { logStub.restore(); // Restore console.log after each test }); + const createDiffContent = (filePaths) => { + // Format file paths in diff format + return filePaths.map(filePath => `diff --git a/${filePath} b/${filePath}`).join('\n'); + }; + it('should detect sensitive data in CSV file and block execution', async () => { const action = { steps: [{ stepName: 'diff', - content: { - filePaths: [path.join(__dirname, 'test_data/sensitive_data.csv')] // Ensure this path is correct - } + content: createDiffContent(['test/test_data/sensitive_data.csv']) // Ensure this path is correct }] }; await exec(null, action); @@ -30,9 +33,7 @@ describe('Sensitive Data Detection', () => { const action = { steps: [{ stepName: 'diff', - content: { - filePaths: [path.join(__dirname, 'test_data/sensitive_data2.xlsx')] // Ensure this path is correct - } + content: createDiffContent(['test/test_data/sensitive_data2.xlsx']) // Ensure this path is correct }] }; await exec(null, action); @@ -43,9 +44,7 @@ describe('Sensitive Data Detection', () => { const action = { steps: [{ stepName: 'diff', - content: { - filePaths: [path.join(__dirname, 'test_data/sensitive_data3.log')] // Ensure this path is correct - } + content: createDiffContent(['test/test_data/sensitive_data3.log']) // Ensure this path is correct }] }; await exec(null, action); @@ -56,9 +55,7 @@ describe('Sensitive Data Detection', () => { const action = { steps: [{ stepName: 'diff', - content: { - filePaths: [path.join(__dirname, 'test_data/sensitive_data4.json')] // Ensure this path is correct - } + content: createDiffContent(['test/test_data/sensitive_data4.json']) // Ensure this path is correct }] }; await exec(null, action); @@ -69,9 +66,7 @@ describe('Sensitive Data Detection', () => { const action = { steps: [{ stepName: 'diff', - content: { - filePaths: [path.join(__dirname, 'test_data/no_sensitive_data.txt')] // Ensure this path is correct - } + content: createDiffContent(['test_data/no_sensitive_data.txt']) // Ensure this path is correct }] }; await exec(null, action); @@ -82,9 +77,7 @@ describe('Sensitive Data Detection', () => { const action = { steps: [{ stepName: 'diff', - content: { - filePaths: [path.join(__dirname, 'test_data/empty_file.txt')] // Ensure this path is correct - } + content: createDiffContent(['test_data/empty_file.txt']) // Ensure this path is correct }] }; await exec(null, action); @@ -95,9 +88,7 @@ describe('Sensitive Data Detection', () => { const action = { steps: [{ stepName: 'diff', - content: { - filePaths: [path.join(__dirname, 'test_data/non_existent_file.txt')] // Ensure this path is correct - } + content: createDiffContent(['test_data/non_existent_file.txt']) // Ensure this path is correct }] }; try { From df8254804cd7cee219d7e6e7c9dd56a0f34d6f3c Mon Sep 17 00:00:00 2001 From: Prachit Date: Mon, 28 Oct 2024 12:36:59 +0530 Subject: [PATCH 07/18] refactor: modified the test to provide exact action and diff content --- .../push-action/checkSensitiveData.js | 12 +-- test/CheckSensitive.test.js | 84 +++++++++---------- 2 files changed, 49 insertions(+), 47 deletions(-) diff --git a/src/proxy/processors/push-action/checkSensitiveData.js b/src/proxy/processors/push-action/checkSensitiveData.js index f6d9326d8..69faef378 100644 --- a/src/proxy/processors/push-action/checkSensitiveData.js +++ b/src/proxy/processors/push-action/checkSensitiveData.js @@ -2,6 +2,7 @@ const fs = require('fs'); const csv = require('csv-parser'); const XLSX = require('xlsx'); const path = require('path'); +const Step = require('../../actions').Step; // const { exec: getDiffExec } = require('./getDiff'); // Function to check for sensitive data patterns const checkForSensitiveData = (cell) => { @@ -125,6 +126,7 @@ const extractFilePathsFromDiff = (diffContent) => { const exec = async (req, action) => { const diffStep = action.steps.find((s) => s.stepName === 'diff'); + const step = new Step('checksensitiveData'); if (diffStep && diffStep.content) { console.log('Diff content:', diffStep.content); @@ -138,10 +140,10 @@ const exec = async (req, action) => { const anySensitiveDataDetected = sensitiveDataFound.some(found => found); if (anySensitiveDataDetected) { - action.pushBlocked = true; - action.error = true; - action.errorMessage = 'Your push has been blocked due to sensitive data detection.'; - console.log(action.errorMessage); + step.blocked= true; + step.error = true; + step.errorMessage = 'Your push has been blocked due to sensitive data detection.'; + console.log(step.errorMessage); } } else { console.log('No file paths provided in the diff step.'); @@ -149,7 +151,7 @@ const exec = async (req, action) => { } else { console.log('No diff content available.'); } - + action.addStep(step); return action; // Returning action for testing purposes }; diff --git a/test/CheckSensitive.test.js b/test/CheckSensitive.test.js index f26324cd9..3916780db 100644 --- a/test/CheckSensitive.test.js +++ b/test/CheckSensitive.test.js @@ -1,6 +1,8 @@ // const path = require('path'); const { exec } = require('../src/proxy/processors/push-action/checkSensitiveData.js'); // Adjust path as necessary const sinon = require('sinon'); +const {Action}=require('../src/proxy/actions/Action.js') +const {Step}=require('../src/proxy/actions/Step.js') describe('Sensitive Data Detection', () => { let logStub; @@ -19,78 +21,76 @@ describe('Sensitive Data Detection', () => { }; it('should detect sensitive data in CSV file and block execution', async () => { - const action = { - steps: [{ - stepName: 'diff', - content: createDiffContent(['test/test_data/sensitive_data.csv']) // Ensure this path is correct - }] - }; + const action = new Action('action_id', 'push', 'create', Date.now(), 'owner/repo'); + const step = new Step('diff'); + + // Create diff content simulating sensitive data in CSV + step.setContent(createDiffContent(['test/test_data/sensitive_data.csv'])); + action.addStep(step) + await exec(null, action); sinon.assert.calledWith(logStub, sinon.match(/Your push has been blocked due to sensitive data detection/)); }); it('should detect sensitive data in XLSX file and block execution', async () => { - const action = { - steps: [{ - stepName: 'diff', - content: createDiffContent(['test/test_data/sensitive_data2.xlsx']) // Ensure this path is correct - }] - }; + const action = new Action('action_id', 'push', 'create', Date.now(), 'owner/repo'); + const step = new Step('diff'); + step.setContent(createDiffContent(['test/test_data/sensitive_data2.xlsx'])); + action.addStep(step); + await exec(null, action); sinon.assert.calledWith(logStub, sinon.match(/Your push has been blocked due to sensitive data detection/)); }); it('should detect sensitive data in a log file and block execution', async () => { - const action = { - steps: [{ - stepName: 'diff', - content: createDiffContent(['test/test_data/sensitive_data3.log']) // Ensure this path is correct - }] - }; + + const action = new Action('action_id', 'push', 'create', Date.now(), 'owner/repo'); + const step = new Step('diff'); + step.setContent(createDiffContent(['test/test_data/sensitive_data3.log'])); + action.addStep(step); await exec(null, action); sinon.assert.calledWith(logStub, sinon.match(/Your push has been blocked due to sensitive data detection/)); }); it('should detect sensitive data in a JSON file and block execution', async () => { - const action = { - steps: [{ - stepName: 'diff', - content: createDiffContent(['test/test_data/sensitive_data4.json']) // Ensure this path is correct - }] - }; + + + const action = new Action('action_id', 'push', 'create', Date.now(), 'owner/repo'); + const step = new Step('diff'); + step.setContent(createDiffContent(['test/test_data/sensitive_data4.json'])); + action.addStep(step); await exec(null, action); sinon.assert.calledWith(logStub, sinon.match(/Your push has been blocked due to sensitive data detection/)); }); it('should allow execution if no sensitive data is found', async () => { - const action = { - steps: [{ - stepName: 'diff', - content: createDiffContent(['test_data/no_sensitive_data.txt']) // Ensure this path is correct - }] - }; + + + const action = new Action('action_id', 'push', 'create', Date.now(), 'owner/repo'); + const step = new Step('diff'); + step.setContent(createDiffContent(['test_data/no_sensitive_data.txt'])); + action.addStep(step); await exec(null, action); sinon.assert.neverCalledWith(logStub, sinon.match(/Your push has been blocked due to sensitive data detection/)); }); it('should allow execution for an empty file', async () => { - const action = { - steps: [{ - stepName: 'diff', - content: createDiffContent(['test_data/empty_file.txt']) // Ensure this path is correct - }] - }; + + + const action = new Action('action_id', 'push', 'create', Date.now(), 'owner/repo'); + const step = new Step('diff'); + step.setContent(createDiffContent(['test_data/empty_file.txt'])); + action.addStep(step); await exec(null, action); sinon.assert.neverCalledWith(logStub, sinon.match(/Your push has been blocked due to sensitive data detection/)); }); it('should handle file-not-found scenario gracefully', async () => { - const action = { - steps: [{ - stepName: 'diff', - content: createDiffContent(['test_data/non_existent_file.txt']) // Ensure this path is correct - }] - }; + + const action = new Action('action_id', 'push', 'create', Date.now(), 'owner/repo'); + const step = new Step('diff'); + step.setContent(createDiffContent(['test_data/non_existent_file.txt'])); + action.addStep(step); try { await exec(null, action); } catch (error) { From fd265237fe9f50946509b76e5f2c749f0effaa6f Mon Sep 17 00:00:00 2001 From: Prachit Date: Sun, 10 Nov 2024 21:53:59 +0530 Subject: [PATCH 08/18] refactor: modified proxy.config to support the feature --- proxy.config.json | 3 ++- .../processors/push-action/checkSensitiveData.js | 12 +++++++++++- test/CheckSensitive.test.js | 3 ++- 3 files changed, 15 insertions(+), 3 deletions(-) diff --git a/proxy.config.json b/proxy.config.json index df082a2e8..212a7fe91 100644 --- a/proxy.config.json +++ b/proxy.config.json @@ -77,7 +77,8 @@ "block": { "literals": [], "patterns": [], - "providers": {} + "providers": {}, + "proxyFileTypes":[] } } }, diff --git a/src/proxy/processors/push-action/checkSensitiveData.js b/src/proxy/processors/push-action/checkSensitiveData.js index 69faef378..0ea186798 100644 --- a/src/proxy/processors/push-action/checkSensitiveData.js +++ b/src/proxy/processors/push-action/checkSensitiveData.js @@ -3,8 +3,11 @@ const csv = require('csv-parser'); const XLSX = require('xlsx'); const path = require('path'); const Step = require('../../actions').Step; +const config = require('../../../config'); + // const { exec: getDiffExec } = require('./getDiff'); // Function to check for sensitive data patterns +const commitConfig = config.getCommitConfig(); const checkForSensitiveData = (cell) => { const sensitivePatterns = [ /\d{3}-\d{2}-\d{4}/, // Social Security Number (SSN) @@ -83,7 +86,7 @@ const checkLogJsonFiles = async (filePath) => { return reject(err); } if (checkForSensitiveData(data)) { - console.log(`\x1b[33mSensitive data found in ${filePath}\x1b[0m`); + console.log(`\x1b[Sensitive data found in ${filePath}\x1b[0m`); sensitiveDataFound = true; } resolve(sensitiveDataFound); @@ -92,7 +95,14 @@ const checkLogJsonFiles = async (filePath) => { }; // Function to parse the file based on its extension const parseFile = async (filePath) => { + const ext = path.extname(filePath).toLowerCase(); + const FilestoCheck = commitConfig.diff.block.proxyFileTypes; + if(!FilestoCheck.includes(ext)){ + + console.log(`${ext} should be included in CommitConfig for proxy Check!`); + return false; + } switch (ext) { case '.csv': diff --git a/test/CheckSensitive.test.js b/test/CheckSensitive.test.js index 3916780db..f51f79daa 100644 --- a/test/CheckSensitive.test.js +++ b/test/CheckSensitive.test.js @@ -4,6 +4,7 @@ const sinon = require('sinon'); const {Action}=require('../src/proxy/actions/Action.js') const {Step}=require('../src/proxy/actions/Step.js') + describe('Sensitive Data Detection', () => { let logStub; @@ -19,7 +20,7 @@ describe('Sensitive Data Detection', () => { // Format file paths in diff format return filePaths.map(filePath => `diff --git a/${filePath} b/${filePath}`).join('\n'); }; - +// make sure the file types are added in proxyfiletypes in proxy.config.json it('should detect sensitive data in CSV file and block execution', async () => { const action = new Action('action_id', 'push', 'create', Date.now(), 'owner/repo'); const step = new Step('diff'); From 77809a3ac17c6fcc77d38c1fc971412f57c2ec4a Mon Sep 17 00:00:00 2001 From: shabbir Date: Mon, 11 Nov 2024 00:20:38 +0530 Subject: [PATCH 09/18] feat: added logic for EXIF metadata retrieval --- package-lock.json | 203 +++++++++++++++++- package.json | 5 + .../processors/push-action/checkExifJpeg.js | 87 ++++++++ test/CheckExif.test.js | 90 ++++++++ test/test_data/jpg/Canon_PowerShot_S40.jpg | Bin 0 -> 38029 bytes .../jpg/Konica_Minolta_DiMAGE_Z3.jpg | Bin 0 -> 43564 bytes .../test_data/jpg/Reconyx_HC500_Hyperfire.jpg | Bin 0 -> 425890 bytes test/test_data/jpg/hehe.txt | 0 test/test_data/jpg/random.json | 0 9 files changed, 382 insertions(+), 3 deletions(-) create mode 100644 src/proxy/processors/push-action/checkExifJpeg.js create mode 100644 test/CheckExif.test.js create mode 100644 test/test_data/jpg/Canon_PowerShot_S40.jpg create mode 100644 test/test_data/jpg/Konica_Minolta_DiMAGE_Z3.jpg create mode 100644 test/test_data/jpg/Reconyx_HC500_Hyperfire.jpg create mode 100644 test/test_data/jpg/hehe.txt create mode 100644 test/test_data/jpg/random.json diff --git a/package-lock.json b/package-lock.json index 7c0aadf19..597cd6db5 100644 --- a/package-lock.json +++ b/package-lock.json @@ -24,11 +24,14 @@ "concurrently": "^8.0.0", "connect-mongo": "^5.1.0", "cors": "^2.8.5", + "csv-parser": "^3.0.0", "diff2html": "^3.4.33", + "exiftool-vendored": "^29.0.0", "express": "^4.18.2", "express-http-proxy": "^2.0.0", "express-rate-limit": "^7.1.5", "express-session": "^1.17.1", + "fs": "^0.0.1-security", "history": "5.3.0", "jsonschema": "^1.4.1", "load-plugin": "^6.0.0", @@ -40,6 +43,7 @@ "passport": "^0.7.0", "passport-activedirectory": "^1.0.4", "passport-local": "^1.0.0", + "path": "^0.12.7", "perfect-scrollbar": "^1.5.5", "prop-types": "15.8.1", "react": "^16.13.1", @@ -47,6 +51,7 @@ "react-html-parser": "^2.0.2", "react-router-dom": "6.26.2", "uuid": "^10.0.0", + "xlsx": "^0.18.5", "yargs": "^17.7.2" }, "bin": { @@ -2814,6 +2819,11 @@ "node": "^14.17.0 || ^16.13.0 || >=18.0.0" } }, + "node_modules/@photostructure/tz-lookup": { + "version": "11.0.0", + "resolved": "https://registry.npmjs.org/@photostructure/tz-lookup/-/tz-lookup-11.0.0.tgz", + "integrity": "sha512-QMV5/dWtY/MdVPXZs/EApqzyhnqDq1keYEqpS+Xj2uidyaqw2Nk/fWcsszdruIXjdqp1VoWNzsgrO6bUHU1mFw==" + }, "node_modules/@pkgjs/parseargs": { "version": "0.11.0", "resolved": "https://registry.npmjs.org/@pkgjs/parseargs/-/parseargs-0.11.0.tgz", @@ -3596,6 +3606,11 @@ "integrity": "sha512-he+DHOWReW0nghN24E1WUqM0efK4kI9oTqDm6XmK8ZPe2djZ90BSNdGnIyCLzCPw7/pogPlGbzI2wHGGmi4O/Q==", "dev": true }, + "node_modules/@types/luxon": { + "version": "3.4.2", + "resolved": "https://registry.npmjs.org/@types/luxon/-/luxon-3.4.2.tgz", + "integrity": "sha512-TifLZlFudklWlMBfhubvgqTXRzLDI5pCbGa4P8a3wPyUQSW+1xQ5eDsreP9DWHX3tjq1ke96uYG/nwundroWcA==" + }, "node_modules/@types/node": { "version": "20.10.7", "resolved": "https://registry.npmjs.org/@types/node/-/node-20.10.7.tgz", @@ -3766,6 +3781,14 @@ "node": ">=4.0" } }, + "node_modules/adler-32": { + "version": "1.3.1", + "resolved": "https://registry.npmjs.org/adler-32/-/adler-32-1.3.1.tgz", + "integrity": "sha512-ynZ4w/nUUv5rrsR8UUGoe1VC9hZj6V5hU9Qw1HlMDJGEJw5S7TfTErWTjMys6M7vr0YWcPqs3qAr4ss0nDfP+A==", + "engines": { + "node": ">=0.8" + } + }, "node_modules/aggregate-error": { "version": "3.1.0", "resolved": "https://registry.npmjs.org/aggregate-error/-/aggregate-error-3.1.0.tgz", @@ -4224,6 +4247,14 @@ } ] }, + "node_modules/batch-cluster": { + "version": "13.0.0", + "resolved": "https://registry.npmjs.org/batch-cluster/-/batch-cluster-13.0.0.tgz", + "integrity": "sha512-EreW0Vi8TwovhYUHBXXRA5tthuU2ynGsZFlboyMJHCCUXYa2AjgwnE3ubBOJs2xJLcuXFJbi6c/8pH5+FVj8Og==", + "engines": { + "node": ">=14" + } + }, "node_modules/bcrypt-pbkdf": { "version": "1.0.2", "resolved": "https://registry.npmjs.org/bcrypt-pbkdf/-/bcrypt-pbkdf-1.0.2.tgz", @@ -4534,6 +4565,18 @@ "integrity": "sha512-4tYFyifaFfGacoiObjJegolkwSU4xQNGbVgUiNYVUxbQ2x2lUsFvY4hVgVzGiIe6WLOPqycWXA40l+PWsxthUw==", "dev": true }, + "node_modules/cfb": { + "version": "1.2.2", + "resolved": "https://registry.npmjs.org/cfb/-/cfb-1.2.2.tgz", + "integrity": "sha512-KfdUZsSOw19/ObEWasvBP/Ac4reZvAGauZhs6S/gqNhXhI7cKwvlH7ulj+dOEYnca4bm4SGo8C1bTAQvnTjgQA==", + "dependencies": { + "adler-32": "~1.3.0", + "crc-32": "~1.2.0" + }, + "engines": { + "node": ">=0.8" + } + }, "node_modules/chai": { "version": "4.5.0", "resolved": "https://registry.npmjs.org/chai/-/chai-4.5.0.tgz", @@ -4867,6 +4910,14 @@ "node": ">=6" } }, + "node_modules/codepage": { + "version": "1.15.0", + "resolved": "https://registry.npmjs.org/codepage/-/codepage-1.15.0.tgz", + "integrity": "sha512-3g6NUTPd/YtuuGrhMnOMRjFc+LJw/bnMp3+0r/Wcz3IXUuCosKRJvMphm5+Q+bvTVGcJJuRvVLuYba+WojaFaA==", + "engines": { + "node": ">=0.8" + } + }, "node_modules/color-convert": { "version": "1.9.3", "resolved": "https://registry.npmjs.org/color-convert/-/color-convert-1.9.3.tgz", @@ -5218,6 +5269,17 @@ "typescript": ">=4" } }, + "node_modules/crc-32": { + "version": "1.2.2", + "resolved": "https://registry.npmjs.org/crc-32/-/crc-32-1.2.2.tgz", + "integrity": "sha512-ROmzCKrTnOwybPcJApAA6WBWij23HVfGVNKqqrZpuyZOHqK2CwHSvpGuyt/UNNvaIjEd8X5IFGp4Mh+Ie1IHJQ==", + "bin": { + "crc32": "bin/crc32.njs" + }, + "engines": { + "node": ">=0.8" + } + }, "node_modules/cross-spawn": { "version": "7.0.3", "resolved": "https://registry.npmjs.org/cross-spawn/-/cross-spawn-7.0.3.tgz", @@ -5245,6 +5307,20 @@ "resolved": "https://registry.npmjs.org/csstype/-/csstype-2.6.21.tgz", "integrity": "sha512-Z1PhmomIfypOpoMjRQB70jfvy/wxT50qW08YXO5lMIJkrdq4yOTR+AW7FqutScmB9NkLwxo+jU+kZLbofZZq/w==" }, + "node_modules/csv-parser": { + "version": "3.0.0", + "resolved": "https://registry.npmjs.org/csv-parser/-/csv-parser-3.0.0.tgz", + "integrity": "sha512-s6OYSXAK3IdKqYO33y09jhypG/bSDHPuyCme/IdEHfWpLf/jKcpitVFyOC6UemgGk8v7Q5u2XE0vvwmanxhGlQ==", + "dependencies": { + "minimist": "^1.2.0" + }, + "bin": { + "csv-parser": "bin/csv-parser" + }, + "engines": { + "node": ">= 10" + } + }, "node_modules/cypress": { "version": "13.14.2", "resolved": "https://registry.npmjs.org/cypress/-/cypress-13.14.2.tgz", @@ -6721,6 +6797,40 @@ "node": ">=4" } }, + "node_modules/exiftool-vendored": { + "version": "29.0.0", + "resolved": "https://registry.npmjs.org/exiftool-vendored/-/exiftool-vendored-29.0.0.tgz", + "integrity": "sha512-BW2Fr7okYP1tN7KIIREy8gOx9WggpPsbKc3BTAS4dLgSup50LjdQttxF9kyDP+27ZayllK+d0rfMYPAixPBtQw==", + "dependencies": { + "@photostructure/tz-lookup": "^11.0.0", + "@types/luxon": "^3.4.2", + "batch-cluster": "^13.0.0", + "he": "^1.2.0", + "luxon": "^3.5.0" + }, + "optionalDependencies": { + "exiftool-vendored.exe": "13.0.0", + "exiftool-vendored.pl": "13.0.1" + } + }, + "node_modules/exiftool-vendored.exe": { + "version": "13.0.0", + "resolved": "https://registry.npmjs.org/exiftool-vendored.exe/-/exiftool-vendored.exe-13.0.0.tgz", + "integrity": "sha512-4zAMuFGgxZkOoyQIzZMHv1HlvgyJK3AkNqjAgm8A8V0UmOZO7yv3pH49cDV1OduzFJqgs6yQ6eG4OGydhKtxlg==", + "optional": true, + "os": [ + "win32" + ] + }, + "node_modules/exiftool-vendored.pl": { + "version": "13.0.1", + "resolved": "https://registry.npmjs.org/exiftool-vendored.pl/-/exiftool-vendored.pl-13.0.1.tgz", + "integrity": "sha512-+BRRzjselpWudKR0ltAW5SUt9T82D+gzQN8DdOQUgnSVWWp7oLCeTGBRptbQz+436Ihn/mPzmo/xnf0cv/Qw1A==", + "optional": true, + "os": [ + "!win32" + ] + }, "node_modules/express": { "version": "4.19.2", "resolved": "https://registry.npmjs.org/express/-/express-4.19.2.tgz", @@ -7254,6 +7364,14 @@ "node": ">= 0.6" } }, + "node_modules/frac": { + "version": "1.1.2", + "resolved": "https://registry.npmjs.org/frac/-/frac-1.1.2.tgz", + "integrity": "sha512-w/XBfkibaTl3YDqASwfDUqkna4Z2p9cFSr1aHDt0WoMTECnRfBOv2WArlZILlqgWlmdIlALXGpM2AOhEk5W3IA==", + "engines": { + "node": ">=0.8" + } + }, "node_modules/fresh": { "version": "0.5.2", "resolved": "https://registry.npmjs.org/fresh/-/fresh-0.5.2.tgz", @@ -7282,6 +7400,11 @@ } ] }, + "node_modules/fs": { + "version": "0.0.1-security", + "resolved": "https://registry.npmjs.org/fs/-/fs-0.0.1-security.tgz", + "integrity": "sha512-3XY9e1pP0CVEUCdj5BmfIZxRBTSDycnbqhIOGec9QYtmVH2fbLpj86CFWkrNOkt/Fvty4KZG5lTglL9j/gJ87w==" + }, "node_modules/fs-extra": { "version": "9.1.0", "resolved": "https://registry.npmjs.org/fs-extra/-/fs-extra-9.1.0.tgz", @@ -7707,7 +7830,6 @@ "version": "1.2.0", "resolved": "https://registry.npmjs.org/he/-/he-1.2.0.tgz", "integrity": "sha512-F/1DnUGPopORZi0ni+CvrCgHQ5FyEAHRLSApuYWMmrbSwoN2Mn/7k+Gl38gJnR7yyDZk6WLXwiGod1JOWNDKGw==", - "dev": true, "bin": { "he": "bin/he" } @@ -9572,6 +9694,14 @@ "node": ">=0.8.x" } }, + "node_modules/luxon": { + "version": "3.5.0", + "resolved": "https://registry.npmjs.org/luxon/-/luxon-3.5.0.tgz", + "integrity": "sha512-rh+Zjr6DNfUYR3bPwJEnuwDdqMbxZW7LOQfUN4B54+Cl+0o5zaU9RJ6bcidfDtC1cWCZXQ+nvX8bf6bAji37QQ==", + "engines": { + "node": ">=12" + } + }, "node_modules/make-dir": { "version": "3.1.0", "resolved": "https://registry.npmjs.org/make-dir/-/make-dir-3.1.0.tgz", @@ -9702,7 +9832,6 @@ "version": "1.2.8", "resolved": "https://registry.npmjs.org/minimist/-/minimist-1.2.8.tgz", "integrity": "sha512-2yyAR8qBkN3YuheJanUpWC5U3bb5osDywNB8RzDVlDwDHbocAJveqqj1u8+SVD7jkWT4yvsHCpWqqWqAxb0zCA==", - "dev": true, "funding": { "url": "https://github.com/sponsors/ljharb" } @@ -10692,6 +10821,15 @@ "node": ">= 0.4.0" } }, + "node_modules/path": { + "version": "0.12.7", + "resolved": "https://registry.npmjs.org/path/-/path-0.12.7.tgz", + "integrity": "sha512-aXXC6s+1w7otVF9UletFkFcDsJeO7lSZBPUQhtb5O0xJe8LtYhj/GxldoL09bBj9+ZmE2hNoHqQSFMN5fikh4Q==", + "dependencies": { + "process": "^0.11.1", + "util": "^0.10.3" + } + }, "node_modules/path-exists": { "version": "4.0.0", "resolved": "https://registry.npmjs.org/path-exists/-/path-exists-4.0.0.tgz", @@ -10752,6 +10890,19 @@ "resolved": "https://registry.npmjs.org/path-to-regexp/-/path-to-regexp-0.1.7.tgz", "integrity": "sha512-5DFkuoqlv1uYQKxy8omFBeJPQcdoE07Kv2sferDCrAq1ohOU+MSDswDIbnx3YAM60qIOnYa53wBhXW0EbMonrQ==" }, + "node_modules/path/node_modules/inherits": { + "version": "2.0.3", + "resolved": "https://registry.npmjs.org/inherits/-/inherits-2.0.3.tgz", + "integrity": "sha512-x00IRNXNy63jwGkJmzPigoySHbaqpNuzKbBOmzK+g2OdZpQ9w+sxCN+VSB3ja7IAge2OP2qpfxTjeNcyjmW1uw==" + }, + "node_modules/path/node_modules/util": { + "version": "0.10.4", + "resolved": "https://registry.npmjs.org/util/-/util-0.10.4.tgz", + "integrity": "sha512-0Pm9hTQ3se5ll1XihRic3FDIku70C+iHUdT/W926rSgHV5QgXsYbKZN8MSC3tJtSkhuROzvsQjAaFENRXr+19A==", + "dependencies": { + "inherits": "2.0.3" + } + }, "node_modules/pathval": { "version": "1.1.1", "resolved": "https://registry.npmjs.org/pathval/-/pathval-1.1.1.tgz", @@ -11003,7 +11154,6 @@ "version": "0.11.10", "resolved": "https://registry.npmjs.org/process/-/process-0.11.10.tgz", "integrity": "sha512-cdGef/drWFoydD1JsMzuFf8100nZl+GT+yacc2bEced5f9Rjk4z+WtFUTBu9PhOi9j/jfmBPu0mMEY4wIdAF8A==", - "dev": true, "engines": { "node": ">= 0.6.0" } @@ -11996,6 +12146,17 @@ "integrity": "sha512-D9cPgkvLlV3t3IzL0D0YLvGA9Ahk4PcvVwUbN0dSGr1aP0Nrt4AEnTUbuGvquEC0mA64Gqt1fzirlRs5ibXx8g==", "dev": true }, + "node_modules/ssf": { + "version": "0.11.2", + "resolved": "https://registry.npmjs.org/ssf/-/ssf-0.11.2.tgz", + "integrity": "sha512-+idbmIXoYET47hH+d7dfm2epdOMUDjqcB4648sTZ+t2JwoyBFL/insLfB/racrDmsKB3diwsDA696pZMieAC5g==", + "dependencies": { + "frac": "~1.1.2" + }, + "engines": { + "node": ">=0.8" + } + }, "node_modules/sshpk": { "version": "1.18.0", "resolved": "https://registry.npmjs.org/sshpk/-/sshpk-1.18.0.tgz", @@ -13089,6 +13250,22 @@ "url": "https://github.com/sponsors/ljharb" } }, + "node_modules/wmf": { + "version": "1.0.2", + "resolved": "https://registry.npmjs.org/wmf/-/wmf-1.0.2.tgz", + "integrity": "sha512-/p9K7bEh0Dj6WbXg4JG0xvLQmIadrner1bi45VMJTfnbVHsc7yIajZyoSoK60/dtVBs12Fm6WkUI5/3WAVsNMw==", + "engines": { + "node": ">=0.8" + } + }, + "node_modules/word": { + "version": "0.3.0", + "resolved": "https://registry.npmjs.org/word/-/word-0.3.0.tgz", + "integrity": "sha512-OELeY0Q61OXpdUfTp+oweA/vtLVg5VDOXh+3he3PNzLGG/y0oylSOC1xRVj0+l4vQ3tj/bB1HVHv1ocXkQceFA==", + "engines": { + "node": ">=0.8" + } + }, "node_modules/workerpool": { "version": "6.5.1", "resolved": "https://registry.npmjs.org/workerpool/-/workerpool-6.5.1.tgz", @@ -13230,6 +13407,26 @@ "typedarray-to-buffer": "^3.1.5" } }, + "node_modules/xlsx": { + "version": "0.18.5", + "resolved": "https://registry.npmjs.org/xlsx/-/xlsx-0.18.5.tgz", + "integrity": "sha512-dmg3LCjBPHZnQp5/F/+nnTa+miPJxUXB6vtk42YjBBKayDNagxGEeIdWApkYPOf3Z3pm3k62Knjzp7lMeTEtFQ==", + "dependencies": { + "adler-32": "~1.3.0", + "cfb": "~1.2.1", + "codepage": "~1.15.0", + "crc-32": "~1.2.1", + "ssf": "~0.11.2", + "wmf": "~1.0.1", + "word": "~0.3.0" + }, + "bin": { + "xlsx": "bin/xlsx.njs" + }, + "engines": { + "node": ">=0.8" + } + }, "node_modules/y18n": { "version": "5.0.8", "resolved": "https://registry.npmjs.org/y18n/-/y18n-5.0.8.tgz", diff --git a/package.json b/package.json index cbbf7932c..24e4a6b08 100644 --- a/package.json +++ b/package.json @@ -50,11 +50,14 @@ "concurrently": "^8.0.0", "connect-mongo": "^5.1.0", "cors": "^2.8.5", + "csv-parser": "^3.0.0", "diff2html": "^3.4.33", + "exiftool-vendored": "^29.0.0", "express": "^4.18.2", "express-http-proxy": "^2.0.0", "express-rate-limit": "^7.1.5", "express-session": "^1.17.1", + "fs": "^0.0.1-security", "history": "5.3.0", "jsonschema": "^1.4.1", "load-plugin": "^6.0.0", @@ -66,6 +69,7 @@ "passport": "^0.7.0", "passport-activedirectory": "^1.0.4", "passport-local": "^1.0.0", + "path": "^0.12.7", "perfect-scrollbar": "^1.5.5", "prop-types": "15.8.1", "react": "^16.13.1", @@ -73,6 +77,7 @@ "react-html-parser": "^2.0.2", "react-router-dom": "6.26.2", "uuid": "^10.0.0", + "xlsx": "^0.18.5", "yargs": "^17.7.2" }, "devDependencies": { diff --git a/src/proxy/processors/push-action/checkExifJpeg.js b/src/proxy/processors/push-action/checkExifJpeg.js new file mode 100644 index 000000000..44d55826f --- /dev/null +++ b/src/proxy/processors/push-action/checkExifJpeg.js @@ -0,0 +1,87 @@ +const fs = require('fs'); +const { ExifTool } = require('exiftool-vendored'); +const path = require('path'); +const Step = require('../../actions').Step; +// const { exec: getDiffExec } = require('./getDiff'); + +// List of valid extensions +const validExtensions = ['.jpeg', '.jpeg', '.jpg', '.tiff'] + + +// // Function to parse the file based on its extension +const getExifData = async (filePath) => { + const exifTool = new ExifTool(); + try { + // Read EXIF data using ExifTool + const metadata = await exifTool.read(filePath); + // Check if EXIF data exists + if (metadata) { + console.log(`EXIF data for ${filePath}:`, metadata); + } else { + console.log(`No EXIF data found for ${filePath}`); + } + // Simulate random sensitive data detection + return Math.random() < 0.5; // Random true/false + } catch (error) { + console.error(`Error reading EXIF data from ${filePath}:`, error); + return false; // Return false if error occurs + } finally { + // Close exiftool process + await exifTool.end(); + } +}; +// Async exec function to handle actions +// Function to parse file paths from git diff content +const extractFilePathsFromDiff = (diffContent) => { + const filePaths = []; + const lines = diffContent.split('\n'); + + lines.forEach(line => { + const match = line.match(/^diff --git a\/(.+?) b\/(.+?)$/); + if (match) { + filePaths.push(match[1]); // Extract the file path from "a/" in the diff line + } + }); + + return filePaths; +}; + +const exec = async (req, action) => { + const diffStep = action.steps.find((s) => s.stepName === 'diff'); + const step = new Step('checkExifDataFromImage'); + + if (diffStep && diffStep.content) { + // console.log('Diff content! ', diffStep.content, "DIFF CONTENT END"); + + // Use the parsing function to get file paths + const filePaths = extractFilePathsFromDiff(diffStep.content); + // console.log("FILE PATHS!! ", filePaths, "FILE PATHS ENDS"); + const filteredPaths = filePaths.filter(path => validExtensions.some(x => path.endsWith(x)) ); + // console.log("FILTER PATHS!! ", filteredPaths, "FILTER PATHS ENDS"); + + if (filteredPaths.length > 0) { + // Check for sensitive data in all files + const sensitiveDataFound = await Promise.all(filePaths.map(getExifData)); + const anySensitiveDataDetected = sensitiveDataFound.some(found => found); + const ExifDataBlock = false; + + if (ExifDataBlock) { + step.blocked= true; + step.error = true; + step.errorMessage = 'Your push has been blocked due to sensitive data detection.'; + console.log(step.errorMessage); + } + } else { + console.log('No file paths provided in the diff step.'); + } + } else { + console.log('No diff content available.'); + } + action.addStep(step); + return action; // Returning action for testing purposes +}; + + + +exec.displayName = 'logFileChanges.exec'; +exports.exec = exec; \ No newline at end of file diff --git a/test/CheckExif.test.js b/test/CheckExif.test.js new file mode 100644 index 000000000..0dbe69ab0 --- /dev/null +++ b/test/CheckExif.test.js @@ -0,0 +1,90 @@ +// const path = require('path'); +const { exec } = require('../src/proxy/processors/push-action/checkExifJpeg.js'); // Adjust path as necessary +const sinon = require('sinon'); +const {Action} = require('../src/proxy/actions/Action.js') +const {Step} = require('../src/proxy/actions/Step.js') +const fs = require('fs').promises; +const path = require('path'); + +describe('Check EXIF Data From Images', () => { + let logStub; + + beforeEach(() => { + logStub = sinon.stub(console, 'log'); // Stub console.log before each test + }); + + afterEach(() => { + logStub.restore(); // Restore console.log after each test + }); + + const createDiffContent = (filePaths) => { + // Format file paths in diff format + return filePaths.map(filePath => `diff --git a/${filePath} b/${filePath}`).join('\n'); + }; + + const createDiffContentForFolder = async (folderPath) => { + let filePaths = []; + + // Recursively read all files in the folder and subfolders + const readFolder = async (dir) => { + const entries = await fs.readdir(dir, { withFileTypes: true }); // Get directory entries + // Process each directory entry + for (const entry of entries) { + let fullPath = path.join(dir, entry.name); + + if (entry.isDirectory()) { + // Recursively process subdirectories + await readFolder(fullPath); + } else { + // Add file path to diff content + fullPath = fullPath.replace(/\\/g, '/'); + filePaths.push(`diff --git a/${fullPath} b/${fullPath}`); + } + } + }; + + // Start reading the folder + await readFolder(folderPath); + // Join the array of diff entries with a newline character to ensure proper line breaks + const diffContent = filePaths.join('\n'); + return diffContent; + }; + + + it('Check for EXIF Data', async () => { + const action = new Action('action_id', 'push', 'create', Date.now(), 'owner/repo'); + const step = new Step('diff'); + + // Create diff content simulating sensitive data in CSV + // step.setContent(createDiffContent(['test/test_data/jpg/Pentax_K10D.jpg'])); + step.setContent(await createDiffContentForFolder('test/test_data/jpg')); + action.addStep(step); + + await exec(null, action); + sinon.assert.calledWith(logStub, sinon.match(/Your push has been blocked due to sensitive data detection/)); + }); + + it('should allow execution if no sensitive data is found', async () => { + + + const action = new Action('action_id', 'push', 'create', Date.now(), 'owner/repo'); + const step = new Step('diff'); + step.setContent(createDiffContent(['test_data/no_sensitive_data.txt'])); + action.addStep(step); + await exec(null, action); + sinon.assert.neverCalledWith(logStub, sinon.match(/Your push has been blocked due to sensitive data detection/)); + }); + + it('should handle file-not-found scenario gracefully', async () => { + + const action = new Action('action_id', 'push', 'create', Date.now(), 'owner/repo'); + const step = new Step('diff'); + step.setContent(createDiffContent(['test_data/non_existent_file.txt'])); + action.addStep(step); + try { + await exec(null, action); + } catch (error) { + sinon.assert.match(error.message, /ENOENT: no such file or directory/); + } + }); +}); \ No newline at end of file diff --git a/test/test_data/jpg/Canon_PowerShot_S40.jpg b/test/test_data/jpg/Canon_PowerShot_S40.jpg new file mode 100644 index 0000000000000000000000000000000000000000..0508a2a0e1d4596d4bd6116a6cfbc0063b4bf118 GIT binary patch literal 38029 zcmeFZbySp5*Ec+LNDD{|jihuA-6`EEHNemeASFmBAkwLbbf<_Qh#;Lxmw-rj2+|0= z*VuPFYd!b(uJ`-vKCYRwuYG=dpS}0VYtF%|$*VaKfr^5%0tg8S38V!416|F71?7EU zwjhwQG8+gJ1Oj1$@R5)~=l~T4d_LVbSD}J6aiE!Yw61N$Nm~IlQv44L5@0KG{0}{M5&Q(~?==SkG;+cZei%abCqD+D(SGt%02(9V zhpzw$!um;*0W|hcOa@SJF98G83%FAN&|v_L3D9l`1G9eG$-~W!l=UZO$Uo^hpovg^ z(nUbL(6WBSFAj(wUd|8Od;l8%CmjUP1UY}~x$zeb%EkEZ7Ya}hOpeX@NB}K5PYA;LiJ=Dg1V8y85FrvSppyi^NFbB}NfW>UZSh?WQTq>{ z5L$jD!tZ4$+(@7+AeA650yQUtntv64&#$g{Ky#Rg_C*4;l^|0iP5dqw1gIVan zfxx2tTtg62zt)*?;NjOgGYimvuQN!Dh7HwFf9!uEB`GU9}_S0AWG{)@C66FdukEMnOeG$H2tGzD58-MnXYBMnyqGLj_tGDFCrhp%S7I z(eX&5U)Qq4pm!(c4UW&oWRR(9A<-WC!pLU@55dAFy+KA!ag&Leg_Vt8Ku|~+A|fj% zub`-;tfHf%rmC@yY2K zFj@a_=eI|H`9lc!gN%xbf{KCg2MO65;VdC48XXThk+c?urTcYy-e62(nfUCg7Ayun z?Jp!&@F8qcM*jJmdkB}ld-T6^DCGZ>N538V?a$Q|2nPiiRfH&nAW2Y~ST>q6##GJz z>)Lu+ySf8`W_`9Bu|kH8Mo-zu@}}Af?;BgVKC3i-%Go#|>=Q?zfTYuc>gJ#(*e_gR zZaBTn-kR7us(|%D=*awG$F%zL1nngW*5U~D*eq}P-o@}2VOQf4uw7&duiP`(BFb#m zSh>XPi$rz>gE009m;2?nQ~8b8FXg54x%{E-s%$~TAdK603xp(%KRkVm?HV|veP@$! z{R6Q-PApxs{AR3ifK$b{$jAns9gc;jI;Ku$JRcwI#VgR5w&MI!%<8@Vdo@>}6yGI( zBFVyaL#vWjf_En8Rs4Rg^;rxtQ@rtPIeyrMfg?4gN>5_M0=|A;Hzjl6ZP#u1=*YxU z+HfQkbyE?P*_vNFYCL2_jSgkBIVRbJQ>rv1xH~EsH3YlR<2@iykS0m+W{*?AJUA%( z7Q+;d$EF+C*&G@o8u?y+h&x5RjbcWcslaB@6{n+@H2Cts6`U z{L;HS4e6Kk#e87*OuvsiMuey7IJWs1nKF(L7gd5euQ~6+)`!m^=qWuR92oZbQQ4r- z40&EZg{WseGIg5{%XO(m>3*9`^H(c?IrB!j#IrMsV(^F zKp*zmVtx6`4eH@Sz7yEySFlzajC4JJMvXx@L6O;I7CGv&CYLFjF^YFJ-!J+=8e+Cy zWl!-gr|FZrWFR}rm`Dpb24oOUlH_9yX4&Ylyb>`a282d;=c3hkf((UHX!S5EU|i$qth>u%+_SR-C?ITrLN55rvUF=6y4PpT7z!bCsR1XT>C`P!ZFZ^b_G}p(L&-p%<|dbRp;E+)8HIxe^1}_rhn#N5IW@;Q6=5>AceqVSQ6ZRxCk8d5 z-tQz{ogLFxuVgwZuvW?ms~!c^(KLDl;Y;SLn|zMxd|PI%y&SOXD(m-ZOoabTJ%5=? z267V#Z?`!z+n=3?!9sm&NA!iJ|47TQ_VdqexW?R(;}=nL)1W9j`$Gs*dSQIb;l|<3 z+CwItxMqC!ZyWDbpp?W!3YZ1-qq8U@n5Q-k53WE>_+LpfC4)=_odrl3X&P?%TqvIC zM;d%p=&jx?hB{TgDh0hXd6vMd+76fOIw;WyxbJ?whl2PK9$Du*?+qA>*{6%n(e-nf znYr3UqL9Xz-N>Qflj=8#kBHNENIsHA?%zxi(l;Q-jqJNlX{;(=4cU;{S9NS4Hs9B6 ztdG=I>7qVF3E>&_*qtqby^h$p*M+`fgcT^&BaX*6`@&uSjY)3yNF&6=NLX=KZt7OG zqw(RYbWr<# zHYd_8xw1DU{JAp8r^bWviQtF5O1*QjfwPkxf(z@nwr1^?tM*w|nO|?3j=5simEU}& z&a9D9tqN0B5Y>47^v3p$a6aMw*=})(8V5zp{71BYk^38c8GiS8hN&aU)b2QH)vaTe z>X;?4QpToNZHRz9kIOb6^}WV%H!q+D$9?sGD$Y+24&nQtL6JHyeT!R)q#o@>@ip|j zefV=2rx|1M3zVO%-doKgkvv_$b%)!vc>81|_U%>^*|*!{>0S-%Rco?(w+ZMhV~Iq<>CjP09pr)g^gO4A=8tOwV|_o~|!Y?9r2-oA9}cjg7Srrotib`;yg$ut42?gPnI_uD5;l z+PBS)LaKYQ66`u0l~hX*W)~mghp(?s2yDq4-JH~bw`;+v>Zsi0&0p0d=po(rrWOIl zWm0-3qu)+vs*WPGJdal82K57EHG@>Gci!zRk1!W4$!EkjJ(EaMXFLaUHtv|1Se@KY zIv;s#v3F4U%%O{RZjy}nxyDGoQfK{aS(G;&8JjP9{rTr>GKP)0Ph#(I)SI4D=N?wP z6=c#i%XqO#-8t$gqTRITr!GE}xiaAB!L+?_SF_Na9MvNBOU36lQuxN3pjuvDIUUaj zl{ihUjS=!HT8^;8eUa6@R;?52)Sai}SD@C{Lo4z5{?FR@n1*|Mg*zo1^ru|6`uLzL z*N;5gZI0DL_t#Ig9;c2KLrP}_MY#u$#wh%EqRey@sX5=h@DF3Pc5W=RY!lqF#F&5$ zWJxSMU&OU^-pU;*H|UGjL@pARqasagHxHMbPVzJ_5MJ|V?Gvic7c-LLV1@EpDo zmdZtMu}zPx+-=|%1>7Jb+6G$K{B zPMb1z9#VKMSqx>M(B0f=O?abm?eoI5dtJWub9XOT^Tzd&uRXSRNp%`34IYf|{^npJ zZhPEjK&WOv*Ph9h%B0klU8#d%v~P4z_xVJ28M``m&)OTRbV-tfx@?7aRT&U+II0}C z*m=CZ^P!^#Rh0>)5krtoK#pR|F_Pl^#6NxL$W(SsLyUDAjg1($FF4J(8?%&$2UH4s#It5#!+9s{} zdjz%?`$ApMyC9{j0x5z7$FS1;>W{=bT;^Y5d9GvofOLy}1qVweo5`Bj75RjhBZ^re zcam$IaSUtbeBv?BJaq2co2a9kz^KDrzm~CCLaD5Gx!Q+yGu4y{+dZ(XlXk!re)>t? z`p1MUi7uh=^q zQtRSnVpsEZ$(>v)!?BhqYPWZ{`(n{>SX(t=IO$GPEbds2;bGrX!EMb+d8#lpMt%5O z8P{78k2)7;>l~WwdYeWj2It-2MZ;^KXJQ_@IP*7(Gn%q6&?y=S^naS|D>8kRaDcHa zJ>&o_d{e7XR}#q`&2p&v#IVIhxXUk1V0I=gbl|3W9ZIaq6ALi4MrA%XPvMvGeAhmc z6q>E{F~#bPTcRbE*`nWIle2Yg*#697-X>Y$% z)lAK|iTaZ)nV?7n$1FrQ_%yP!ariKRox|IbfmW;sYxdn8*Ul=fWP!p)>WI~1g{g9_ zjH3^}gcJAs*&42JT2aQ@$Jg9vQM@!H{7CW#K)d!bODfqK*uqb>`8rVC^ zyvQu=F99j5^uK%5LX)AfXjpt>Dr>&kMoOwnYw!w0X97PTzdT-XW|`&iO^{~VoDAbF zk`|a~JS;B{I~g@qZ+k!$Tc0mI#nDu0l`Y(=*1*|`Taz%OG!<4JvA|4+Pksg3^!F}0 zq;e3AFrUS|@2S8$W8sgjs^-_XPgzvd(Nj8F`f{HqopeLhIylX*=vvGn$IMrgrn3}` z8I-Kz8;oce>+%njsX<4@H`49CmMGzEAMA2}`^cz6Db0ICcEBLe7;74sIbT#>`Cwlf zi`J{d6$Na=xvVp3M?5w=pEDWfwV9S(yrE``ELURF8R!xcwiUIZnj-e8R``?3z;^Z1 zJUM0jJ%wQW#h7=|)-$kaCAgtVA-(+E$_sam)%vz=XvI|2xGRn3i%))rpXi$7(!()g z+p4~?#iSdRMLIzf@1mSlng&{x92>7~+x91G!OhQ(zVdUFwL3NgzK`dZKXu}>Ti0<3 zXZQB@uV!e!vDa2y^R~=T;l{Ps!EyM9Wy@m>TKk{}Fit}$_)V-na!$=ltOoH%#6jDzC?CT$iz zoy2=8pe~8akU9G~ev6^ITs-N_$d{@F`>wVFslG9hnU57_*{l+$v5~F~D+onxVCM=}(_Vop zY&0!JNa%)YJ~@bp?)W61h^LP|7|jO-9#(%A8?^ZBF<3C_Lr)m%VVLT@fR*Oh@K6^e zD&1xzam~+L*=#L=w{S0sCxI?FU!v@8{_8bTHZK zCx8d2rMlhqEW%gsE#2#?9FHR%Webki^%6HU?&eseft+uziK7u3*d{G{uh$)p@)ySI zuZeLQBtQllB`IvKKsOsViVxgBcop;I#o23j^AX2)*KL#=@fi2yZYm6W@#N*+vlE9Y z7g~%t*1SoBzl!{*ZzDb8?T5D2a^EL7XuXq9wjeY9m7}t23B@swk~>F}0#681*|R#1 zm?E*dqt0fi`)itH+qvOfhXtqr4H5OG7zlDth;{5T}IJ zMa!nC$L#Ih#^t-N`d0Sxr5&*RV@8Uo_UP@mcoHs-IYY0O#_4#cK9C+r1WwIkG%)(UC|a}j6WZFt8_ z3$qbtHV{zbR&$eu+QXFm;7}bubzN&eM{9@;v!n#Jn2(5$vzs&2(~{Q5*~!I2#7CU@ zyK)hLMzFbden93H+do|ZlwE*=bk25j2zI^>`p)^M1cC*m9g zq0`dJ)yq?ynHih*r)nrr^>5w(5C=rb_do#JXlca|k0R1;P`IZT9I9{WChzRAgP9-QZ9U52%d{ z%+o^?3fF}BK%FE6xc<2NZvlT?_ww*`b=HQu*g)Y>8wtRq@9~uVNA_>HoTVpJ7v>C= zgW176VSa!F;#`u0hnItgU-#EZGCQ|`2;VPF|0?k>$~54BHWy2$|Fy2)0)JE??6Gt* zb_IMvw4DUc?+AQ1_3xtJLh?Yr`gu|(fjHX!>HFX8zp!qu9zge#fmwR|=z`q8YmoQ( z=dynhQ**U}{toUh{CDQRKoQ{u%opJPW6uxu-wS@j71X_)t)OrTeh3%OFXS)Y9}vt5 zs^jVf2l_wI2fw$h!XMTjn3JW4y&KHucQAnS^I!0PD*7YiYHjIs8|q@`X)nRc!}pgF ze-->ATGPqW1*#48aCP!R3@<$wn5V?A0jz+K`geeTqr&iy4haE4VQy|Np5M9U#R#S^IL_Yrp|4kgL!%Z?I|pLi&uz~2QYw}Tm7d6f0zG*kgE&OLlIH}g12~u zIr)Wwfx|8Tm(*{--(qT(ZomNYa+dgU*!KtiyWnp$qKD{sS~|P^J(9QuMfec+JBFzwRR;X=6ev!Z`N{E>xvLg6qM zyYB zxP&hEv13~covnWYB{doAb`XH875nzbfi8K3f0B4exUQV9O zTtD#Nm!+QqKMnmSoj=wS1ACY!RK^m}0!$gd8uA~Q!0P^8*O(a4|`X) z-$wq!&g6ITU*`Vii6GWGS>UFJ=f7VU#kl@G^#96WPnhlhu!};J{ADKMQRLTt0Wp*W z#kl^3hv;$NnQE4fP>JvN$$p}~GyW6<>zUJ!@_)Q(_6z;J{5Kp}uz{}oV^am}OupCf zH}5y_&$Rq&b@-0`C-!gn-?Kb04iz7@qfeh-*Ej$ z5%`b5|LtA>4cC7Zf&U2n-`@4#aQ#OS_>aK<|MaduKN17K-ib4N13v)+*K=h-nCR#j z=xCT27#LVsn7}n#T%2pyaL9?S;}cU+&`?uRfWfqkoXoWJw-~@+79rMK+&ujJ{4~rE zabaFDPCkBKgp%)9bg$u%;o_3<(t+uC|Ks%iiY}5p(i{pB{qHNfAmD2A_ba-;?&kuR zsewzZXy_me%&T^g^!Gcuz@=6op`oCl0vENv-_a$aL*tRwx=wHDjt<<=C6>vqV$g0G z!XV+ZnwN!tVNBQ~<<|+h8QKb{p!j)b_D=;r?*Id39Ke-XWF%B1RAeCgaiJawxQmL4 zxB+~fUdxi#9gUbF{tKT>aCX%{UR8xhuSF_-QpZ=3Vr{L%YgLQxGwH8b)xUdR%OJXH za*1ZVI;7m^-sP>pYc#z3hs5AFQQnm1SiJNvL~VR%B+deZS9H#iLUVq-8eWN%l5o^$J`9_MHwX4q1R{h)GSTm z{>?iWQQ|#L_i|n>qSWYqnZ~;10#=e`pka@Z(<|O`tW?9TJ7tq09Mznxe;QJ|<2}=i=5L%FEn$&G&neC{wc*<4O z0C&BNk$#R@#_1(}RRLv#^xH?Yw$@;y9u@U@hbnf+WEQNR;5TAiPc z-1foI7p#V?W-4%zn9-4Fh)&#n6^omgv==M{g=DL0>!E!|g#_3s=4Ofxuo-LqH+V4? z2ILSbT=(IV0g1zwkYx??uy`w55d%h=57V<1;nG=AIo0V=TkmEI`d04DSWRZzkb>-NJbR25-TsBf0gYcRh9wzx#5*>YW*U{Ryc_g&W}!K_ zuQ6(B+JF=0q9o6y(6h|pLUOa-jZV-<_ZLURg~^yUP>tcbS!IndwU1q^#L<1kAMrkd zJCOY!%8i>`I~$IooYS-F;VmIjB3n_@o;82kqqkqUVZWc>v2(%}8dt>kv5%k+jD5&| z#(b(Y&Lh~Gq>XJ}Gw6prlzlfw-fJ>cy0B10>J9^j=43Mie-z&HdaXK7D}O1B_voX; zPpt4dpRTNQyfpPRm_dmS>fY6Z%gyJhg2 zgY}DMXphdB9w*OhzkNfq_=x zT^FsP@D)`ea&P@*bt1y5&$DlA4XU1SwrkyN9@4DNsl9RQ(;4>N9F2Q}i{lDWICf9K z#pf*38!*tf;N5fW5J-BO1(gPynTdrHD>t>!(VW#C|95lP>3MYmRq7I zPsjh;U7{o<7&n4RLQ8U9-b5h|2J}V7qO+7{PRJ*hOlMHLis?W|&Cf`Sf_6 zOs=xRl5GU}DhHWbTx0kPLgM6VUNVn28Vv`gYUMQPJ; z`jKub%zr~Z)4il)Q**VL8`;XOq8 z6fDYRKxsFq#oTyPj-c~J%aE?M#7P0UfMB81>w|1{xn~t)%PV7j4EaMsGI+Y3BBs>o z#acBuha0SwD;0jQ$JrfK((#dTZGLle(Twxqw+@R8QXe@yoY@^xG#)2#{=)z49%@6q zl7W#Zwd&~5R-MO8QO2B$FPB4fbDhnM_Uc|L?HUcsy0PQ>_K9;-F&Pf-L;o~!`jF2I za{3y?`tdiMK%sc7}2lZUu$m*hZ{!0}LV*^|;rnOG+ov z@2^EHL#dM`!`*fGJ1JB8gnGM@7zpj|y_- z6SBaAPcCntt*cw?HBn+vt=H>Ze)e0xAZBsC&)u@anvX6xTbGT(km_e!F*k@o1o5bl z(+~5qK84GBfTKH0)?}*O@>Z26({2t9sk|&G=bWS>)8b+cgfNpm3n z>)_W)x}Ki%M`z%+qE#h4#T`~(9ZH}%btl4543k7sH(1MBQnjhNct#EQN^!V{KZ#Pr zy1kUQKfZRI7bRrQiT$48GP7!YhfoXk{vL-l=LyH4t~y~`{^CRvWBnK19Sw$cy?g3w zGYSOMZ#O39OCOgOs8bQ=kaa;s7Ka<3OJr~_r;V`*>fDiTTQE^&++*qlX{pto__@&0 z)-Ny{Xg)_X|I&otRz^Tb|F-a%;8NO4->g_?tHzs@-yTSXwF(p5vM0t@;hMi--FLrc zIB|2|AG@M{ks>A{B34|fr^F*l`DGB&q=CKcsXR-5hp%0s)O*6$JZB>mA22_r`wJ)) zYUh~he8HZ0@az%)wc;C_I!h-qhX%T0(yx|g?77l3V|HJ~1nj_K?*nJtO_0>M0LR zVkzU-T!k}UllX0EQ`qRtL${kTxiX6>Xj$z1viEtTW8I~i#bWIB_v6}emR#kN;PDWe z!3lNN&p5BP?5E>97?fvFHkH7O@A=M0+{*3>OFE2N@llz}9`M(;JnU2~Zh>$jC)^?2&}-PFm=YQ8(Zn++IJtC~`X82v{Rn)0162TgUDA59W+#rJ738-Y=&XXg=71DNmEhV^C(+FmUTROQBKuYawY0tqxk{Xk1f$ zm`cx3kMhjVU*97wvL27^qoZX2_-=5b&4qH&u~5RN*XeQ3NplIXk%B;E*bt=K{fVJ{ z*_EPN|{R))bBCBD9yuAvT4Jcn-FE^iVI!y9g9VpBie)Yf%8i;#X>8y4lB}y zp(!Ss!&NgV^QR}H%QH{5LNX)LetC)<79r7=0XSWUsmptz9Sp1{-VoC?_HwO-q6C9R6SHQNDU@IIX`UH+ll5B z1HIc^*^JL~CGmBFdIO5lQ}xk1Eg1{Sjd}`Z=%9)*P+!;5&4hJm+IQEKiOf!z>7X5W7+lXC(#WCG1!8 z=%xx2Dj}F|a2KQ50Y__g=Npz{4+j_X=p7$1x9u6gA)`IM5HGUV9DOezj%47F9?EbhCwD4B^?pnHlv8zl#&V%PB)*yI3$YXtUtde{_+F9}u%@xSyJal@v4= zb!b$H;^SvHRcfs=DV%V0&=Py9hjO%{i)Z~Xe@uXy#=R#oqtX=k^~LT=M%dRw?)yF9 zMk6OnurE1}* zWmQcPU3kW5&t%36r(MlwLKW>`e)OUERk0|xH36Oo_6}P@49nKz;@TtP<~q~Fl-)sH z&M>h!@6Py19h=GdKx0jL&nUc;&Y6eYXo+gjHZ-TDgIwdz38DD5D0aciF|V$8>U|7N zB*Rwcb=i5Nx7-lRlsh3$6(;*nm(>}v^SpZa2m70JR%pttVss)&AUdJza{A+LZiNT@ z?;Uz{GSze9g1id{@uBS1z|M9qDspaBJ!Qr-ujN}_=4_Eg?Bg5Hz0I#cvya|JJycI< zV~jLh)}+X&D)V8%grU1n>bN?9+H_+R1eY)@<+Yj!NL^Kwa!2vzklts=q$syWV=C!X zxfIm%*~Unmv$9jaFLG0|+aA2{hmzW#1NS={4qaDG|60k;3G3JI8tQGMgbTb!T9s|1 z8_jfp$1SoSV&vP^o=TsQQA)Rb@;}OlP6u?bb{Uh~#@_U%>2*jIe_S2<!v#{JkH=^3U|f(EUHlG z3cRz6MKRJvtk&r6pUA*Z@Ney0C}oM2RkP57D|uP-V^wVGSt-G*?xssbZ*NEG%rkdT zyZGzc^iWc*b(0vW3w^+pCG6*E`m{E;g?Yiox6I@vPBx?)h0^q`0~6X0YaR?Pw5<|% zUr0&A<+KOIXL6Uv;yO)-t{ZlUjyHrhl|qjS9vD6$l}%J9%!$I*WOdi2tIO|Hz!iy` z(?r9+{)#}bhFU?qUe7u-G)AxBZOTk@4?7N_Q7WySEIN5JL$X{lbzm;_gkuh4H)f0J zC}q%avJFj#TExJ6wxPYKMf98=GTbt#p$lfw+6n_bsE(QWD}}@R@vo2OCo4Z}t0f7i z>WY?ry#m1sA53egH`U}pmnkhi+~U)DR9gKeG;)$3|105}yN4uC-`4u8hCd9O`?{;w zx^I5nvrxwe^^}ZiWMrz+Wfy~>Mm03AHbIwqYj&nVT*YqB*?B7Nlki;*@hyqu7@k*gXK62&n%odYqEUm2+`^1 zZa8Ff1}MRa1Bdx&&qST4B9Z$-q$^IE__DN4s%hGBtercq2bFYzm!40b>6)ygzTChN z)lU542S2heT?$X$s5{DI4N{_wRncY*rCo-z;WLt}?F$|jB2(H<9ur?kzbymiql)~1 zhLP-O+U(C)ptQS*@2MJee51e?Ux_oo5we|LTzVe_ny;PsEL%;zkm{p8WSXLHuC7hq z=zNC5pq?9tx1Bkt^^6mAhb>0RfV5Bte2=qFb;)0%48#q*D{abJV0H-UW8uHH)>t+N zwyqxNSSHfLpSfhGqTgFR>7{&fK7vAaWLYc@i6l`Cqk6#Xq-jVZk`y;;_8cCrJvh0( z*dJR+9IY?^!$P zAd#)B_t?)+KZ^{(DDIwiSob(_3X{+$Zg+|)2SJ}wPdvN=wVBaq%|3_Yy#Byhk^?pwk9ce7 zoxff^HuLz!=$u2ga88De76wUdU4B(8oWtO`gYfnHsMzgY?YZLecfQ03pt1o&K4n}~ zP-C-0@eO*uqY~DWi;j_Gg%10yZwXTh(IUDFAA&Ty|83Ia-oBD01 zwH)8`dZj$u?u;0&+q!QFn35xZBF*Z;kKsDt&D3 z7T;*qW4!Mdp}DGBJeu{SXE|duv4ECOiqpa-j)r@BxOi)qQ&?^K&!rY>ZC55$$u9ZLp@&rR4jJQql3knBSljm>Gb_?R8S7k%E{*Yh-cw}Cq~I@| zeg%4!_M$V6{55l2*;0L;WqHTCU6O%W^r?cOKemiA@Q2hx-8vn^Dv42Nqia^UtxLTj z8(z^RjKkb9Li7~QE7lrLPxcE_14nU4A`^jI_Vfb;8+gDI9 zlUe3I5m4=*kZvoq5%wadQ4z>b?s$zIoNu+SR1cL*eNjHcMIZke$N$xE!k5-NQZ`|O z=pbuQ8nO(1e@Z{3N?=At-<-xl$)Z=OOGi37&yBn@IK~W?8^=Oi-}!MiUbmqn`lY-6 zJ$+(@;ILUWNeBPogxDSxp&RtcCk=+Zn}awsMa4WkDX6yHwpvE#lWzk#hjz0gX8iSI zbuAXrqjZHI@@(BAAwZO5%@rIQg zUDisgPL&d!Px@I*mW0KN#`l_PyiwVnw`>HkxY=5HBn>K*m*~D+Gjo0cerTP@05_bU zz5)%6<&X49$P-gl(8g+d;;3gaj!C|m*>hpQPwS#1%BZf= zE&9OkdWBfc!tt1r@83;5X9D9w+Z<$M{U}@)RH4u)aG+&XMXKsfLa}+{hA=MQy3R6q z@}S%jOGpXEqYkyIauQ7|Y%tPWB4@6-5#xTnEn6>GJ;!}lBh2k6a!0J)&hN-`(mGP` zTtGJh41uy%EGv|o%L{NSAA+q@jftzdo%=H#tieid3V4V4Pa%f-5Xv;$+3O&6-Hm(< z%SgRA_NaYP3c2)f3;T#E8;o5kYJE08u$CKAHs+o9-qrXHm4`v`9^G3G{Dn7Z>ORlt z3{{1yVZ@WTDQ)2KXrrqXpHbj!k#1^I3gbwYQ+aEP?y$&WciV)>Q6}(;cOGC;YKNW; zZRd?5^&fDDv93hnJ{oQ6ED7qo_6T%Z+`1z@{+JoGsJZn`;(pFbuBvrA-4#f`-;25` zZMgqaw{T-3c)j&-qprKJnw5GXwTqZI&$yDvayEZ@k6uG0Yi~Rjbpz}wH5yG@m!J=# z>M8A}HKap%<|XiK-T;e>AX2j2fug$mvx3p`JdULd^t1DZO#6H9NuB3&LC{Z%Di_m?#&wWny~FCa@LT#@Htb?V7A)#C$$)Z-rK{y*G+O*d%B!)+TjRUOqVvBQ z?A>_nMR(V7aw5&_(*S>FdwguZ(mYt(oZN>=MujR*V}(S!#r>Q~vuQwiEV-p(QBsba5b2w0d~_(w622e1n3cE@XvBsvstOgQ3dK!c zG4gY35;={gXxB8&YzbF0sh9`}skU)Rlmjnww&)e8Lw2~MAyKVvLF>yyqt7=znpjhg zOZ^E`=pMqAfd5B>_jLf(NYu+YBZ+IGI5+H#-d0xokNWzQfqAC-=ijbsUx6GVkF8q7 z?)C@WYxg`X!Mh26>vsuR1o2zr`N!*kU9<~_YE!7obOMF>Z@2hbyk27+N*PD@NR%?Q zAnZ->MRjYiBh!}Jm9KtZVJ}G(EMH`qkYK5i-H&V7i~5DdI>-$!zRCZNU|Q9J4vrJm zt7nqkefjiU@6&YZ+_A*9VERrY{7qv8kNk!(e?#}8md*x-J8>y0%?`Rr75*r_*|#!y z_M;*z)Y%!5U!~AD2N`CrbZTrGyWIG)OS}+&k}_VQi5t@#SW`xvX_uLJEvlHlX64KE z_G|HEW3OjpZ;+^qv&4K-*L!moduc!87_vuAf)hV$B4!yT;9+)Qe+S=K-p<*ZTapj$ zjuXysZxZS8lwilBGwqqT!TxBqb>2xE$xD~iA}pJSg?uOjB!)h1=6kH!daZI@s@}yC zq8{$0(+-;OO81n?ebqIdmKiXO%C>W+;1#Hm$3~$O4nUT$-w5pC zAyHox7vV%9-y8L|2@zZZk>A}lvg@zn6y+p@Tc^oii<&n$ESaVAp~S@F8_vGt4i(lF zM%_Os{4#C#HgONmX^qj1zj6hNjPeSl>`AN*U}9;L4fnhPF#|iomoFYBATij8x^A(V zzqs}_66{@?(&$ycFuCn&@e6<@`?zxrdks1#$>vmY2(4{dj>I&xL zQWV$%L?!|m;R%vgAe+3Lx8!cD>6K@ZU~ftaOZz2l?c3hCH4IPkP`g;jR>-V!LKl=6 zq~rYct3q8ORnDo2-!Jf=4>3QbecTrAY1Vh2ry@oEbyR1j(2Av|m_FR&CH{D$DVe^+ zIfph{xvSx;_|B&`>;>C_L<<%oz8g3uv{4gs&l6bm zc~K<%weebg{I{7R^c(68-Y99O;fHxq%l2_pIAl>Va^6{85vx9DtkYAOabGCBI2^$E z{ECvY{TWJ_<+FJva(CF!4eGZQRsH=9gOY1VmeT@oqFtTYtDtDQyJ=PJf>WyTl{Cgh z3z7tF_D@EU)y9Fyc08VKAeEQ$M4}m0j?@eBi|0 z=6rfqnI;z`ucvlN?arcXpC1Wb4-GY0eqJ3a&qt7pfjR~^KZ+HZe@p!}?DHc|=RB#b z9fi++FH;{YA~E~Yyp}eR=2W1>7#tOCB5B*j*t5{Hl7N!&r#nxx+Gy-6&|#etN={+a3|_bQ*7oa=WxbcuW=iHh!U62`a=oBziD;i;ytvLyHALcJH+ zyIloxhI={dqlEjhjd-dIH?!=g-{Wa%$X-NCLTI=))gRMC$KukT*cJLMyrF&uhHE&z zO$MtFr#_gG=kx7-KJXQ{`CwV^KHlsJPnW|+o+u2*BTmiSU7cDkVZ$RUINggmzH9>L zT@2?<+-Gg`4)^&86Qhb8c5qxO^<7rZq)TrBH{iQF{pvUiO#i1e{~g{^3M zx!pt4UDpln*=}=M5*fDqX_Q_}g{z+U+`fiWRm7%uNc1+$%{>mZuI1z0HFr|-K~Mn+ z_mJ$eX6UBMfDZ9&XVGEigTNau4DBvlTx2~~$T{c`+iAw@F(wxt=G6`_TCh8a9U^j( zbS;pKT)$i@Rb1lMWN@_ct;U-LCvqsR+!t`qdZibI(t{37B{#4n>R>mfVbk2{?F~8`1vNtInC$UmrBncof%Lo zIVY1j-h2ZK$0~AF*X$LXxhrr>j<$*}2zCd9qbYvCfusp1E!`m~=yvfSLZ!mF|G1+Bk#%JW7qEqqcx{LXJo{*;yJoJeu> z5^OC#;K%it>W#hHk|f{VY$`1UISWUIyW296;>^6Rlirnz=p30Z-{7d{-!Q4eAW^c}JAt{bGUd7b=*=yR%Z*H=^CdC+8Ux!Q$Avs^=uVUR;<_QL#V#y- zgjq_A{{Z2k+(T=6nkS80vBu(&;h21}$)t4yBA6VY$=SLJ=u%Iir$rst0l2l0$!L5< z8{?>{950NR^9;%|HY(dnamA(5`CjS71-tfu1JE&SS(Bot5de*KBtBxBmif44}$8|o{e3w!2ID8wI zf>@Yxbldl>BP7pLK92^edYIia%Jr4^qubm`6v-knRzr|QX!zg4J^?fE`4&jd<}leK z+Ol^OeiRj9h8+(|t;wDaqf3(ns%YO>aRtA&4!90Bb?jqqi2edf@R7YBW{+I2atp-xfYmEWG-F-)Dl`3|Q%~ZWS%OqC}#$3lO z)%il_1;mTu!tG!1>R5>P)G)bf z=-+7D9Jecpls6ZiJYde@hm}~Lm;V4WQsJA3-&jf>W@8)VocXuF`)n%j;vNo`_ab-@ zy08q($nQ&Mz?=M?#CHr{t0j!fG^fhMgOa?DwMuJc6RO->IcOIy3t&F|`s=6h9N8bf&;&Ym&T&W1wAz8PlZtdM6tE|1(3ZTBxW$@rUL8H8;AwQg+mYyN zz^;Q?Pc(8S3@k$cdvmX$T;+y7mEr#Y;$#iOc+Jp6Bk>EXBc?|G0M@b38;yg->QY1& z;xJw-6mWdlIO$OMo#C?K?C5gs^3)ChvBP50PD-OW)ZJ^imZ^t{9Fa)^HWaI8C)=JY ziQ!vo!C3IDnceV_UvY7B!~_=P68jB4rnS5}&MPZKf+iY9yf#)dODyrnmSR9%SnZGNS!KbKFA-cK^^)}`>BFR9 z$Rp+-r6x3wAt3whU8SQQMPi7U* zG%RuFL-!R1=3pC29QxIz@-&2=Y!Zle>SzK@Jh{_I+PI7g=!9#M(AT&z`I)|z8Lwn# z%J-C2`OsARYE8X0F~>PsBw(z2Fhx+z4H_=L5OOb7?5 z+?o`PB-%?payJ8>Yodwea1lv7v(Qzwy^2D)edW)%tkRxW^idk#!$?+~6^({K9cs}E zcxZ_j0dvf4T#*G`Il|{SqNo_!x}l9hQVfHApp%@``0$I&04gl^5L?HpQqWTR|^}7oGVQ9EA{H+TX$!;Z{!hta977X~ixg z-7|_xYssvzN-Kk2{KY+fv^F}J0Yw-BzGhq`ad;8VdD6x(DUR9No;F%fh=+k$v&h#C zmWG(l+X32~&9xQaK8_o<)bZ;~PFXbJx%Q!e?QXk+ihABkMjeaeqkzNpp)+l@AR0wA zClzP|c=2TFfC74~`ihMEkUG<_0`kptM_HO4Z}tP`v@^tGXx3=Y zMIn#dn5v1mQ@}}wC3>S02&)sF@lIRGlxQuff0c$u>s@gEMfEuU0HdP@rzRKdW`0}P zEl!J+mNxIG@A}mr7n6qZ5I1#hjt)=j&bE9)#?Oh{7^PN;{{Snd;2&fC>kY*|9pYR& zGc01}+<(=Je0z>!y7B69}Z{LSbAaYC+ z9mn#X^;(iPoDr4k4M>Gih$wJ-S4(P3Y|d<&Sj}$2?R+eV5 zw@}>J#o@|4bp*KnUG}P5o+TyZV$R_*g?4Vop|1FCk}J6)lV)VXA6(|Swlx};VK_XR zcN*)IX*D;C;ks&BcLW`j)ax`B^JTDVhw;rH8GasPAh-k`Slb}gq*p=X)1>NMo6ypY z)kxrk-WI+Yqn_3-C29f%@lsGB=?DVnHm#YswnLmrTY=Y%)pmxpyWY5@-{O47?J)Y;z#hJ`ZxjfDR#cKG3 z@myL)noF_RGIPgjhi~xD6@p*=C56kz2bGo*dDTI-gCrasrNbp~JE?4A;kOFmUN-Rn z?!A9vE8Q&a^K(ZajgQH-_BEIUxSo`c{YF?}IKrE8^zhJHf-_KgX4JCnI%VQ~FhB z!e0$v{Ab1%(rry|0o6Uj5_~o22dU^kwS5C`Z)L$aY*sc=tZ>9Iss`luKBlvVHFk2! zRl@8lEw2aR@!8nIvBetcL|#MJ{%Z~Kj}y^owz`RVj;F^kGyUsDeRi=z^UT3jMy5T7 zYV!^welPE2xOqU-e4vA{=qoL5Ur!#@+cL=ZL+z0ZM1Shz{@`hhq>m(u-pyR=tL0>G zV^!BOh>212b;Wp!KSv!Mb2gKtV^>pA)N>|TlN-B`_pF1_p6iOEO&zFOYHD zs$q#N-=!2k@ffkl3r#PKs2McX{u$14&Cj)ADYw~3Q$>00B#e8>fgG=)k>l|#?giVi4amT`|$MMY*Ca_?PfB#MkBCrEcq z_Nwd7E#aRE0h85_Ayb`5=eCZ-Eu>zq_b21eqp zqD;m%=}KnWXUjwZY6nVqw$Dt|@Pj<4o*vr@iaN$A%llLHV|tFHW60w^wCu14sptiK z{GjiX!D-k<^FOsYnu3RXb?Z(H3FoloQ(V}6j~fi0b;m5&?arFdwriJR&)m_^en2K^ z*$O>qVCQpO#FKz`=}NDFLV{WMh{|9@ok@!=8Ahx+XR! zPxAMbSN{N28!3$JbKGF_pe(Cy66BpSU^404YR_KX>eqGevgxMeS{ zRMP(dpGeug#d_H143V^Y5zFd(;7FG0?(d1)&Lq+Jq7jae0N;AhtN1Jn`BOM1vv$%& zBx@La1#NM$2RY)HUMpn>#I)>Zs*yq zo(>p!;j(-X+QOhkYZ4FkAQdPwgZ|&ztM$u|m{WtwahAsW?OM2!<9}VWHjy`j?Zj+WUdXu?7kM@v2gn}8*c7Lnn&tQE67>PKh4l~ zsO@xQlTkTtf~z>s67^1oJIo6)$s`@kLA#Vfxzre*KpOG$WO-+~o_0w&%En#FA|wJe5&3#k zIDZVf;&MNPq=Xq}Jt`6dG{YwuJkLt?Pls)+VBzT%yQ^eno2wevPlt2oqOn7B`aH(# z_zGcl#L9Q7i_Rv<3{d?2TeWNd0K|o~u)2w0Vfd*ANF5isuRV=Pan~n$?ewDGJ_j_D zp!Sg&Br-A1H}^DW*|XM*8muw+c*s3zte9=qzE&E zzI#-+T#^fDqqIc%{KvOSk)c#_tz5ni%z95VA}l!OGerXijuaa0 zBBztKF^p9t3-J2JYdOT=(RrkGtv0<2pMo{|r)3f=M` zWqcKodJfdBuWSNW_o4U-`6OWaZAmOo6oq1x;BpOIve8L($Z+`%A4v0a=qW=0a!%%= zc(TSni5{WcZ%Vf@6Uc+>T+_oP!$DsJwsZBa7*Xj!R#I{tHhNO)Im-`VD>oVj9d_LP zDXiz~(uQOJZ`Y8nR@jn#%_^=#>>`~$tZ6f=uHEUm2he`>g|W9UPV}qb2bKU}8ekdR z^6f}B!9QwKmOFEzz5wEPz@#_>o@>5e?@h*cJgA@*SgF(~7aTg$=?gStBbXe=wHTc2 zDFI|T1msruGfNb$f1=?h7H4Ppba|TAQ@`bEu;G$j@R*EVAS`)|)tNz!XfQLl9Vk;o zv!)2c4n%aXW;696x(46anp_g>IQ+JEX))g%*F42~&jjOETw2j&ibZX=?hmN11fCXI z2yLJDqge4ft{ma)=46x~nNLq%^zmvOeXM`nlUrtwqr^(XVh^#TOHCTQ%-K2I@~fZsK!q{;=I!7#Zo4SnJDaA>*NVl%TPVTf>0r!Q?^vRhs;5#XciVHdfz+faZ1-_$GHLNCWq+mQtFgI`2!h+% zuo&h>Gxe#AZZ2)!O#rlhVx8BmX%7sD465T5(b_C>DGD%lBCAjQZg{%ME)EInam$ps zGWPETid2Vz&*u4sX1*ZcoKVQuS_Q?h8$3rLN2um2a{M$axLxp0C}^_UNvR25qt1AmbW&N*YX!5%Bt@OMwMK3&bHcSxZ823Gl=3yLyZ9PN zA}q6VuQ}tP;k;`?+3?Q(^|WC$(k-VI$qxGZ=ZM}t-OPqbUztC(8pbTPykwqL7AVZJ z06Cs@Y7im-y(^&2v8|o*DVvlaoyRX~bDc}8JC1ZP;4nY@{XX_7XXnM=S&5q*+$iGW5OBm z(s>uxnW%<0K6*xw$0@psAVF%*bsfp8yIvb1P)GS`psX4N(itp5PCP~?t=;f-?AEHRT$@JSU& zcRzWRo(M!6fn+=}D?WiiOVGo#}2l@@pj} zR2nN-({`8~_7!Ud%A{g7Ad0A2G>ieYbZe(MBUevqd)w^ij%lZ9mjdfk5V+28a%ro? zdglVGhm)ujiU*1T->9Ud%6g2C$th=&J%gNe2XRjqj5jf>DciM07XW}tgWm?b#X_xx zBDiBY$EF0MeWy5pV2o_l(cQ*KJ{t@k`KZ`N8#t~A6~16<*3OJy8{nB*z8bIefjcMr-#k4g^?x-sgCL$L%8Lskgb83wml zvE^4(!MY&}z^4;NLweB!@ym=jUc#kLsO43ZA1J7@aLCp>5Zl5jm~+Pq$o0=rIm*8{aCqD?9R;flAXTIXFS zBjr4)x<^w)jD`gcH|6hLT3r5={+Q7Rh{fW;s1Gvl^r}$$PQ%Q3cC9JjA%OO(SuMm@ zY`7TCKs`lzS>s;xJ+?~W$)Y!wQM(*(=~UcKX)SoHjTtI+WD#0Omrb(iAPxENS^oft zBhz*m@2Nq~D&zPjbYS7p2+A(*e-M#`xcu5qH6G*Erf|3}Wbvb!U8R&1Ed24$nX1SR zhX`1cLUq=!wy4nevf zul{qbUCcS$R4J7%EUtKb*zoQnE5AnQe)y*2Xl^^v<=4L$+%=;I8b}=L%`RqZi-{$W zlJ44xt!Exl4TFqfi)pO15P0+8e4}$%NmHhC&hCj8cI6`R2=g~DYL=_wk~IKFQ%+Ik zz#9+Nnt+)?sMLDmvy(CMM`h6<8yxh{I+1N{8b}Psmmyr99lP=l{mm+dk?^aMdRIL1 z_(MvAyqL%hnvrG0=e=M+(;rqfW5W0vk>gzXyDv(+T`_>FpaIAVP{rm)W*si?bjY^c zG8ywOap#0uPsFV_bRH$dfOb*L z`&L@};#-^93c#WWx?|=)TBW$TlJ0L3X4GlXfS6;wWhu6gGd8MHe%=s&5#%{`EZp}r z_3A*tp)TwgY)?OGGd9FyCZObQ#LlygLrCXR6>^%``vKCUtb5=t!*<`T5VK=KjQi7n z0y&OOve^S;+?sM_x6br5!)(7O>yBr=JaY_5$3fiF`T;UVcN&i&>E4YH5vkZ3NTbu1 zVo5vZo+J#|*bb+)05lx7ugjiY%{&btles(Qmm}vO3~UEsT*o6(8iCjj=AY0U0NAnL z@{j9BRT$4U?@S4e+-_@uBoaZ=4gepTivu>CR&n#Hx6>6NII?7FS5xS7RQ1)-EEwN| z(At@zTj*riOuO`LsOc^S!y~$y%jTZ4IvlGIeGOwRBJjv~*Mm?lSR5AH)Kk20Mo3*% zo=zcfpPx|d!!&i`dH(=XFRGfs>1Mho(q+>aWFBQ9v(ARL(JX|9-y3>V6uyD~06QuF z0C1v*E;5W8)Ew4N9OK#{!Jv&D#7&SygWr0#wVaev{!(h2Tc{wZ!LD1UKt@m2oM$Mz zMAylqcLq`iDpq2Vk~6-*)eLv+qh{;MrmqnaC=7BJze?R|6YQD}!=6n=mLSeo17V7h z9I?p2=Wkj?h!@qU?sX%Cgwb5V=F-}GinRoTsEw%JA`%yD^{nNm zgn=@dFWetK8{VbIdmDB0deN?IZRK59(%sgpC*ktN=8yP`+*c+|D?{wGSxNb~^b}Cz zztXemb1WwSpJP)YzC(aUlk3X4Wr?7o*b-?}j+v;*Fd!B=_M->SErn-5I%!p8Qcuh? zQ14VSiB#@3HKySf5nsUJ&^D8e>Ri7HTF9gT=t$^xuWt|eFeJ_6jkKCFc2j0DgzwI) zJ|c{iiT?oGgZHUT9F}*F1MJbUQ%vJ4;_$fNIU$H6w<^yRs^H7V#LVnNQ3kb8>59_d zK_D3Mja8R~;}xQf!Qs$0cLb08`_s$#vs|Bv>Hh!Zb*XRh*BfRU?tDVLgN>`Z7NtCD%~q-tNlnvVR(qEa z;xSpM1;AsuB=Qx6pWhjn|hjaY6wx&xIN9Deeq7cF_+uKa@A337ljWmGYtJJMe$Mz?=0=W z+XR}Soq{+#he6i3Wi!mwDw{|{BPjt}1F6o!nc|Vkt5Y6qC{&$=N8+4yP&77;sreZPA?;TuM`Fzg$`wzoF5n zBpzUG^`ZtPwBTtQx3wZJh{oGffB^tF%N<`%l#XD7a!4DU=|Fusz|>9`+r1*jNzddP zv7;jsx!4Xvu%h?@RdgU2)8E#cg1H3wo0%O25XefMKokdmQ`(rJnB?y4Xh1nsHo%Yv zGuosgf(tOlHUqT{Mh=DDM>G7!id+TKFi(8Yz+;kd6mLiXI|G#)=eeX{RkVZV{NA3F z^%}O$6nw^*g&VF|9Rv0Bqo6`{zCh>zp)Wj~1s^EwPuH(eAcRr59epUP;Am8kmSW#7 zdG$Wj;g)SoakeqqgsxeJrQe_fkf(#K!ml&T_NPGX#tv20A?$8r`J!qWhDGLteJi%l zL}n|oOM*FyN(MU>*rgQe0OeYlWN`SX!jEcyi%6tfjOp)8AxYhS)KvhjE|6+vjuPz+ z!Y{N&HtO7tJ?L$1BK)NN4OziwEX}15n$Ymyg=Lw8N-#TCGSf%HGk9Y9F!`Dzu{%+d ziOU;}YmwT$T|N}y&kl+0)xCKiy;Wa-hjwy;*0a24vy6(z(Ue`IH-bx}7X|clDA6bl z)n1Cy6=KZ4QN16Cd#w& zJqZng*Pd#d{MoVmTSa5sHYl-in2UcET|M^|UZhB(Wy)L3;U)q(4<;RIzUIPPZ!q)5 zdWy4Vg8DG71IEMVUG$#y7Vm`dP8Ay5K_QaW{#Rcz`w`N!oK%ZS$Prvg3G$qe0X2rYVOki0Mbb7#rPx4emUX)0EFU^U7*5FyZ->(Kk!y^bK-F6hin@4 zFO0Zf`G>>P6S{8_ZbZb@NivQjjMcnyfBa(O^2vksAMsTH zVn!adWo&hD`;_XMTzwDx)k#`4lDM(AO^MNnI#^>g23<|1e=)}OYh?s?){;XZ$54A3 ziq=xvurlC*$kT$XX`GuIXpjyQ+hIVulx%~Nj8oaPsL#DYW->?zQfrg8YcoOc{9yyk zesZ3VK%~xw=OqPc*mz!hRoVlw92mCpAOXv^oSx5kLTJ0I3Crj=)td_Zqdg zB~iRb9T$-L*2*!0I^h^$k0jzfYbnR=)hr}paFW{;H^!60(inv!a5~UVGCQ59j69=GduEWR0FZN?fv9fZC!XZrVAv{>M=x3; zrq~qHq;EP1xe?bOj$>;|1AfDe^_Q{IXR zjx(?h+>c@Z05ru>f?MPq{ZDFeI0jccld{ub5I&X8GI92ys}(x`05SOnIeOES1F6r* zH}&?V=jU!`^r3Jeh^$y3874(ewG4r?0>FH11a2IlaTA`298_K-- zlh6v_17TNW9J9~d(@w*~Q=RI3{$k-(a!)E#fZ9{#{KR!X+L4<< z&<+^<=eMOQj15@Zr>!~}r#vnf`H)l_&Jk`#0t&u5k1CHPyGdKw>(Q5!;n-vc0-($A zzA{%ev-~TqBSOG(p-F>^FcN${Iu9=O4o(+w8Ql$fF+s?$=}c>ApPGt(p*ubgHE1MG zYG{_I-Z0qK{$3MrC*>b%OHKg;T&`DYYG^jJQd-zgbAcKYS`HiVw2tAX<=VCOJT41p z*GdYoSit#34qpXV$y;T?E$x893ba_21{48L3xmBl)Y!)9uIWpf?Wv(L0@Qn+A8B}{ zZY|@KALdYMP~MycGFgz~KjHrX3%doai`ze@>-MZ~75EE^*=l&=7cma8bNg4YoB=?Z z<`@@LvLX*tS<4(*o5vP-G;sbJd^mWV9r=S=J{!j6vjuV`iMDio)rYNX_}$L~;t`aV z)A0|{z|cq6onfWm$c2m&y6>&dRTT&aMp93PbD2Ajk0?zlzdastT8at%ap9IbRhmd8iETs%t? zESM@m1Rk~F_t6d=$EUUj$Rs*X`%P^B0MDi3_Q8?Dl03j3wUqdmhRYmld;vO69Qt>z zxy4Q!k*juQZWPCNBKp+s8HbtS{{ZsF$@Rw77WnI#B^;zsX>6wOt|NZLR3lW&P7rk5 z_(byrWK@nP9FB0ii1%SeOJiwpZ-hg_Sq>C)BOLz#TC5jOJV zU}H7ba5RstysOaBVYDv#lb5)V1 z{*+Z1J*$1ph~$#xGDX$X-fc0;{{Sv)th^P z&Q0>j{2PKLuoFp#kn-#*((39fC`_|96ms>ZPjHqty4Y?u1G%it)USIti8XuJ%7 zN=~hw;}qGrEzXrx(WLI%<0h%5Nm>Ms!)@H=l(1X#vG@{W^ANjHOheNyN}ZH$cjPOdGC0yb6nauRv^a-L0(WDNu%(z7V;}>qhCPQ< zPJnRpl~q1L$oKAPs!Xzi0n^Dv3ojkGTw$M|wMjUJ1z--g7*W`DG}0XjDIOq=50MYu zsNde&J0Cti`k%1~d@Cp(Y1yTS2b3dgKF&c*>&VE7L)`f0|4J?3#>-_+w ze-c?Uk27=~2WqMs4IE%7V#7~f^!3ZOF}WLd6b20PEKA9Gky1tI|@T?PfD>!I^v8V9jKrw&4^*jn0RhR!morN4wUtcX*h+M zv%@4DvqZMBnI%(=fvq2gpmMGV2O&#n>}*Md8KaB}A1X$bSDBzJCo@jPRZYd>f$&J8 z#l@}U{KBacPsJvhVqHSxA;ma4o=hkK;9yc}Ii=<(H&Xr{)=4^n<@f18J__C`#2pyH z3l(AWF#UyQ=M2xBmOV)|IrquV{O04t;--e36|I7N!v>>V+Q&K(-mK(%H_fuk@Ynp6VjDq*b_!kov}#FXaLjE z8O{KwBp?6|z;qQd82JSl9cgwUA%G|(o$6Fc%OHAEq*^nPy&5Id`5R+=(?diaGZuJE zjDITz6_YXn*0kRhNb&qVHiq*vs^oj;`d6I)0O}b0?O5c7=^Cz!<8Xtneze1R7~dd$ zDwn{Wxt68;G?>FT+|+tYVGi%(|;Wwef>>Ui*D{KyeP*v&#u6H7n z@ye&4*wuOPl;g~6jFG4x!#nqCev|kMMWlRINRDHWim~9Pl!0 zjOR%LH7%XCHESG~K;)lh`rC_HT#qcE9>-%-Mx8kXx4n6*Par|1KyJHosTSN~_6EY- zHh?*E6{1q|X5zdag`-~N413cWDBEHb{VOGF@qFnPso_S)RX8%6hSDNI@YIpW;-V)R;qJp13aolD#ZO!7cNj@f?c5rXI6r}c)c`(4 zPjSG&zSAG>VY4Dc=(xj;v+ZDv` z%n?e2Mr&By1!Ph)kTFWIBJz!W@lp;w{i#%H9I@|CfQ=or5w@Wg4{=DgaDqz5vF3l~ zq+}C?8TB;fi#+mZq&qfhnCVXnD7tHcirn=MRN9@UmjDV(=8zoRsTXSO8sf^Mb3nz- zHRedh=AqAe7a@7oWUVyKoRBC~46&bxjlvp%CBwfnLPRT&)Y%S`Qzj+J3h0)7>OY1- z*y5y03qHeoYev9srlH8S5sNg@{IWORjGRvDKh2tseQ9tpM)reZETZ^^RN2;#FBklL zYZ%)HCa4`~_8;pW+G@91o>==CV)!@|%_5w{5&;9;*JG%p&ozN$&#$F0#z;7+4V^SS z`{Iy@?3)?`Ci{=QOJI5Q^rjUAa-;+YLxKR>qr5=XlOPlqjC)c7u1LQ15?I&{Rc|Cc zswA-z2*zljD`1CR!31rj=j~BrQdp-zYTnKhZdz$??nlkDo5LIS^!Am1Lo&aV*q+$kq{`{`_Zw1ume5l z0YE3G-iaO+h7NJgnZH7DPE^W(JN@a5kHpf_OH_{WkRfegF~)IJR~P&y%n@%KPUDsq zp?pI;*Zf`51d-#22*w7-9RC1Z)EKx`^Zx+T3I70bq`B!Gv6_T-rO6KJ>`!p-EX%(^ z)9FzfXu3<2?N@{0>81YwQb?54$bJ^L{{X3T{{XdV``3aNDNWrOVQ`^JjYK!4a4Jao zkJ7gB{4>LV-QB*RRFwF4hK^C>`n4}{qSDO49VBdrKGnf;Fv%ZZU`_tcs zS*j4W(Ska`*kR0sGabIgI7KNz)^((I5(LU{_Z;I}dBT!4Gz zRmL)YPIr!_OsmmvCi)cmnkw5{fPaRY`c}H{hj9D#%#j6u=S_`MP4L|5{{Y(DtFJ|n zVEx5cMNdmL%H*jQmY6!BP=cNr40;3zyTm7}(QH>!bxcb0WL(1D2{RK~1D8>!h&2&dh240oGY=CsKPk zp_u_?-}3UJ2lb#Wk~PkZ5pE^eZ(z@{Q==EVMjPmrk@B_M=C{mAR`5s&X1Lk(_QRB9L@6 za4Sc!HYvHJ0Opm7sNB|vrY`2VvY_15S+5lbma8sr&JIo}52DU%skGZV(zX;`d!WQx3-~$Qs}dnu~43Ev{UoP6_4)dQ_rF zz|P0gpy86HE(z&OWo&Xd_o85({{U)fBpz6#ND?~lpK3$DQAYW>pS>}MpeBF>z+-cR z>p@|Tl^~vb5kq9pYCuJG9J7x~i8>Vo^s6RKut6T;qD>h&z|XY;BiKg9X35ASuS$&S zP0K2b08g5&cyvWfo19~{RgtFU^1$!QrB9N)5>x=V13t9i3EWp8#xOJQMn&8MxvCM- zpd9x;f{Toi+tRsIov5J)GHC$S0PUK1T;Od^Ra3TkQ}Lv1D6x%tp_vTNm@;3P*er(Wi&E0bJtw{M^_#v&$wUporBmxdYQSrq3Yp&lC|AC%Wx zXy_~XR~9`gT$XZ=%4w@=!*)|uU`JPwawdwiy7i(ugQk<8PP`+`_o%ros z>L6XKh{a3C64rU5FB?R}DF?l2oeYXs8ye5c3AVaAhS|+#80T5;A3n6go>gfRN_x?<`A0@P$wrwmqCE`;TL@(z#ez9M?oexsOq-ER zYr?$w(r{+0Bv}e?hxmMlXc{yA#v+1#5{36miIdy|R?%NZeqmE0yMXnm+9!_`ydyIw z!ZR-M-YNe8x;%ecjQj(LMo7#qKicGe;+JhNrbA3+)01?MSDN(@;8Yo|T24n56oPjqkQ!|C5Ufe-P%drV$vN7m7TTfQ zT%=&@kr8{b#Y1Hv7SJlUtx1|?h-8|jo8k^1Yp5iRJN7}h-l#9Q{ms)5im|UuoSL4I zj$F}Q8mYLvF@i%6y;aTeP>&)oT>4f~o#x4DH6GcfhUxlJNt}|+CS6?oN5rm_sFh-0 z_Tx2AERsm&otc}dW14BM)G>lGD(ub4zQon)YqfcBKqK3FMoey}E8n#=ni!5NftB2T z)S1D^rO8qVKGeH8=&$-30O89c>N``^{Y5ZkUj$%^AOZOR8}u{*F3REUZjyM;N*v?T zy%HJH<^+)smB3(Y%#;;9h^PoQsnx5=xV`$Z2B57(m5wq!h^e&>=W?nOxxV>T^{RC>L&23}<#Vb;GoI!l72hRLc?@qp7tJ zew04O`Xt1lu17BPWl%bOsj=XVxe6k;Ok@g7LaD~Wozwf%bB=f(l+tP6PDE5`I2xVQ)>_-* z8=&}Y{%Jefc3Cwf40 z?betbqnSq4>C{tB`*No+!N@1xls==0hJV~SkMB$d24y)@gGy9B>ww)?`%=0U8iCZE z2&Uk3|zgz^GT;4oo?UT_r|ysd^Di z)U0>%p8YB4B+erQllGwuaF7r+?m95$Dn+=GH(7OQ(sBsc)1$XY{LDPxrEzDM$q>lu zYGpMPQeI6z4db@*j}BP^KXb^{@<<&+MnewyuRn&+BW3qBV-)k-u40vkrfL>O`w2=d zn*ztE$GE2l+vcq0uO5(XI)=wlR?u-9YoC$8Zp80aq?oq+6E$?!e_CBw=4pVAzj|DZ z9XURf2u3PS*dyAb%O7~j9n{p42Q!?|WZS6ysi6k50b-EqEHs_ZN~BR3osTS@yv<%( zkYJN?Mw86dI!2~;Aa&_O>~Eq##xsv>)3R~cQ$Yap6x~3aoSH%$TOCDm5g|V|kw~qR zj8J%w5rc(Vc&;+X^wa|jvI z;~hmb-bX8v>!UwWRa%Z|Ly#~=YLjTCHjA_h!zw`@l=Bl2RI$qOHmJ!5w|diXSuMD; z3ucf*baqudpWD~ctxC;fG{|a&Pb!lXC5Eik#Qy*c-o$oXiV)%VFewcaeX5%oTCDN5 z#*Ft8s^k++YjzAtQYd9`Fllfw(Q!GG8IiWDYd?r*jDfErvr?%WflC{ZJ5vC^5y|7+ z3xUk@pm3?mPLH3I=91)@B01j`4%ST)cHXC^OukQ5wBlCs#DI~Ucd5)RWRE0@^Xq$t z5rPdE@i$$ypS@j;8v|);CoE9U3q$gn%dZ!8!PZ4fgW@ub0c`zgsR3^M9nRoXcj3|} zF;bxTg%}LfkMnD3H(~`FhsjGNyuchUDu~g@PnihCY8LX&LNLoj@GWH<70p$PlOR(R z7s$!YYiHpxILhLyAAy}@jL~6cLRRpu4z5O}MRJ8zQL+a*KOf=EYoW2R=T#QqEn@g! zz_OjsK|;<+#dURN`Z)&frz4+wQ>E7j3g6Ap``1@gfXp&B2;RFn{`J+=gfN1nXCtu` zrItg6I$Qa>``1@f0U25|h8XO7(@vA=U0py33&eKYJr3a0@RIzVNB&dD`&U;`Fl-3f zhB{IQbR5A$%pJk5uBMRCXzl!P4wgW9ikOk4F@U%Lbgr(co1{4M&cT11A$xbH3x$LQ z3xF%Dt0b?MOq;qnu1oGIM9-%c)zs+{J}}G)??IcyjkCRVbqOJ&Uk~E9@JWFoWa_QB ztzDhmcaiE*rN_*My1J=8Xwolt3^kA*PC!A|3Ps)&|$@{_+) zU0qZRl0i|+^rS-U+k=Yg>Y5Ojw~+ArZxUn6tEeDen8&%K&p};XKpmZ{x@V# zO6uw`<&>W#Mc-sgpM%>6L8_U)8M%#!12xsv)?E-M;P+9C7)~mR^3q#bGRjnYS65WB zS!u(wG!)m0MUeKcuBOKxfJ-B19Vlu*AlFw@K*=k5>3|I++(t$~px0MZp;!gHxsP>o zQ*C(l%q`}2#dUQ6Tto3Zx-wWAn``kff0=&O)zpV%Za>6Q_RIh`2D1=0tbxcf7WSn!>0Uu^L`QnCz;_M-erKGSXj4>T^=N?P~RSR)B_Y|}j=x@1~pj|*8 z;#HUmDaVKLn#@VijGf|7D)eu>kyQq@@eong6>`^ksGxm7Ka{GL)iXJpspWe3lqn5t z^u+f!FJW5npGGZJ7@L&WscVEW zHYq{hCk$0kk4a-WO-fGbrVkAa4{X6$XmD_gsNk@ukYIgC3w%d~N3w3F>^yUF3JVTx z5sWfUDCvujL=_0F14Z`%CNchPq3-y3HVjn_$G@e}fm7<1;W;J1N`K4POeXMA2Zx3R z&s5p4RYlBHD|E+MT$bUIip^Fr8bfHUdTO>>p@+v&T?d<2HhxG<%Y0H-@o^i6u5YLxO`#xV0W=Q6kyKnkAN~6gsoS z$wp6{zSt%Y9TrR0vP7%wXthnBiIWyPS^4!Kqp_2*^$Rw+*sfoTZT+G;UF_uDtTfFC zInZb~Li9s)smN|B;#n+~dnAuY0V!{WG?O_U6(gZ8P-XBMyaofV@<^q0&Io2+L=OZ@ z9m8r6?YRSmVwj$2Z#`pX7Zzhh$$$53HpPb6dt2F58@=`(RJP76G{zO$nU^6iam5lQ zHsK2Lkk=^kjB5oAeZbcVJu!Pn{VT9;|s^kABMH<%`QE|ZQoXVRf{OnQDPb7|Xo?Ub17oA04@FT@&%=$rN>#My`)F;?#*zJ^$rF<&#{ zQ;3jr-^!SW8)8i+jakd29^W&ed+P_X{&5XNANWjPJ|BZk&7f5VoTWUs`GUp)FX&wB63j_Wts5+2*&rDBJzH z%ax`dn%Ax~P0yzCTpgV%&(|Nn7jxEW*PE55AF5thkG##YpV?AN_BH#i34bHC4XHH! zaM`|*xtQk5KC;VN;U`_@V4lEN>fRbwY5L*$bvW}}kRki`hWCY!_nNmw_<4`9>6NA* z?ib!-?w@}yuTAL_#QNm%N`0|Lx!t3+xN-!ymM59(neXLw)%%!OTivFt7VE3ar{gO} zCxn)IeA8Zl)^4ovg7!dKe%}Mu|8mey!yaZjBJF3ecM*FU>|bbKqow{-lHh$2`>(y$ zy%_e8Vn3EC@5#K@RFY0WO<#&W_@3#!ai=9| zFVmUdV7jMfGp!NVuzD_M&T~FuTJ0pJyV!;4TH!vzHb3hfhZyt^=fC2f=~dhf@ddpD zX%u1(VtpL{fYb}=Z-~Eu)+7CaY0soFUEnlE?Q54T7CLA_lOE0kAyP?#)^vvHd=|^t zJ#7;BY0X~<44n^tUP*d^G5BQ&)6MB1kNcT6V(hgWF&;GjQx8>|e(2t-!JL1+FKkwK z)K9kCMhk`QI$!BrY5Jk4WO1`HBB?f0dXrXR9@h=aZ{i0u){Ul82{ zQIA+z!b2!Z*JG~2hq)n=ucL9;f%q|EB?&wRy2CFEAC37S{4^Y|@YTOnl1`ACM-U13 z9}s_p{$5D$BT^sMB36=sCkvFdk>S2D*CVRIqkesX=m-u390)iNa3J77z=41R0S5w= z4*@)SY9G`Sa8!ed=Q&w((3FpJ3QEQEn{ANNvz>bo>1lCm5Ij7>tu6vXk4R6PQ=oFh zb3sbal_9oMn!V?jRN?8CRSYfpXZ8aj&p#~NW>QqXCUG^L$XC-kNg2xp!0Vh_;05Crg6jSS)?*5TQE_$uRh`Sv5mJ%vq1i{`(LFT#_y@cSuLF?m-x2Kl zVr#E_KZswxAAi83Yd<26C4s*w*!waoEv^-iF1UZ`1l^q$V0fw`rXb=Pf@THc*N7Vt zmm}huf(E~X(BOA8PIP{L8PPfyC6rb7wD!g31MSn|Ja#Jm-G z7yL?z^rGj2-0_YQ+w(zXGzZ^L@ac^m&iF+WrE>IAXpX0*sD9!z%Y8xP*z(YFRiPi? z2|`&1Zn55r>v=kIVto*NSy%xAw|pYRKJjY zXt`$jO`)$7KH#e$bJOyGQbFHE?N%DCcq+7pJpo$C1GPE|?Zxnx5W%YSdtG4X4>SwsD6U2-(>m~p zr$*hbkf&6QcVSeq?0~#X`&kYs{JH{@`@pP}HMHDDdQYY?UNU_TJ@FQ_26^@IYeGsX z*2cKY^nHwaP0;s6^uiOPHrfSGE!t=;>`kF9cNN+Vwrb;h!-j2iRg4kQT0|e{Nhw8N z%Q=OvW;v_SJ{Wgd<{tC3oCK113k&pgvm6CFG*?LPgWwAqwzStum*N@LT?&20vPIAu z%U#Pk%Lau$Yx&$t-vNKUpq=mp>;=nLR{D3#CCgTYzG~T{(504Bf>r}#306irs4c(a zd0L$vUBixU011-01DPgP{vFtkjlPTC*<|iQ($6YS{}kh4l`o}Kq3_d^x}wffXnn~h zZ@FbTuh2Iv=M|aX>8W0;{C((3K?OU(FBAozXo;MVm9Jve?fCvy`X20B?w1PqtE{?# zMm{~2NOh9^U9-`aQp{NjBy-2ISD{NS+ii71X0w%F3aPCMeFyV}f(m1ILn(XLa@F#a z;7j0NhMiE5Q2RB@1v~ndsGs=P1(#&*!aK-gMD#7|uVjh73(rS^gT}12(u5CrCE}OD zqtJV3WE!n0^i9~Ujei;TNjOtImn{da{JXHF!*=w~HX12#hV>$%RbPzo1H^||H9Q56 zXeW9~m8@Pw)Go_FqdN+HOFXqL%EBTqpsbJwCg-f>9ssvrt@01Rhn>jn0^8qgI-u-T zI~o{TWp2?JTj_g1(x$VDxhu4W`GLMq$3V8JNJ(dJ*3zoOL-eqnmA1h1#>+IJz+ynt zET?DGTZ@!l5#`Q86J-d*y@3&w9#m_wn96@qg(5QcWz|m(@bul(4In``YWL?)kM$fJy1GPzl39~ zbm%)#_+V{?U$fE|EmuT2!tfa8myDZaIRKwyqxWOoCq2pPf5ZroK1BZ{{ESSW0RF_o z2wQ#;{z9fN!-{D&B>oLS%lsRdZN#I9mJ}Kq*wMmb2zgjA&0Fk2U_}>DlZ`%YxhV39 zf5dWDq4!`-As)?`Z!O0~O0)1A^pbWOWW}2xLp-84qb#NOkh>GD+2|iIlZYnoZ~(sM zK2oB8LL^zDkJGAcl{o?bW24Vt?$~6`GcUov3;D}f;YkKP07ve6HK722U=tPAIm(vA`PPtY|g+TBh9vk330Tv_>h# zIygt5e4=Yv`Lv&Y0yCT5O-Hc`>XG-@5?WO&v=cP8@g<;4@3q4*S&@~GISKzmbql$& zeLIk)a}b&Dg1K*_T@^mVT6RL907Nm;@|sKZb+QHupl=8aiNf5#NLulSM|e`9@7d80 z>|`E@eTA6ka(#|(2LgWs0yInhK@cbK)_l%Zu3TAypT_-;4^9y2$8;K|!9J}||DOFb z^m=_gJ(!$DP|)l9;KZ@H6VCbwqB`bdB*Pm8MetglpCD5eeLK?`yznoQRbEK7 zS7hZqCmmKy9R!~~j0NG-%>N6{z21{Wzp0Y%yENCPIX>WAI3Xw(SGx9yylz^gc`ZL+?~n17g~> z*m(5DN_rz@*|AL7*DG_Z+VL;=G9sl!D+AS)4;=sR@pw>usBR$5FXO8wsQanstJ~Re zHaW#R<*VRrUZ^AEH?}AB?s(+3=BvMPYUJ9=?P;CbtJHTb|CWuC zu4!s}3~|+~+|*xd`m!(i8a`9k#&x#lvMN|*P+#R1cASk-`8j{)n(CG1z0qr()RM>H zZJMj4soq{yCspm>mCFyY1?+uZqMGY5)2GB|vA2`lQ$7JFV0>!c2 z7jMO5c`{Gsy}5yBt2V2?P|a73QT0=`QH4uBlAlyxY9@tCZKU>m9bd&~@ez;>;f;bdOKvHzVoyoNB{g~6< zXHg3O9wP^fWiPC(5$q{>K9jc6FJ8+9{uMAC$#|sU(F~92j~@RAkEAu1nbZmA9LHjn zRz|bY`2FwGY$$I+yxLwW!s#YHY-QP2*eQH@VhL?BQIP)=%#@8SO9}|4#^z&muSS}~vbXTA?UU>R+YW!J!p{6D)`rz(@q8QPo!LNXnpA^rV5#g` zmIurF5G%%TSeXjm9al~8Z`VyB=fmr9U;Zq-MwrmOJ9Lj=#bU?ri?ahYRux+R_VYA8 zQhE!%t_fC^(QJ+sueqfOMNRe5LJibPE2NeU<6|YQv>mJ13ATvs;%>a5)Y;`(*kl!8 zLT`Mgj}wcOH1Llz*co;hax2*qwws-DqV>57kn@M-;##t3*%g$T&BwnfuS6f7W6Rhy z9*VXI3tzfw3@Huz(i&xwv7Wrl#jT)1XripS$D`xXUo}VSj%_u5BUaFV`&W^$ahO;rKRda>WeD6wkn^s=~yh@ zRQ(fMg_Z7-Dpwl9j`LvNpBs4&@25(FenCKt^nZ@sMQ@w%DAhI97XCK&Oh>s1@3{`d z3+Qh{XBYUjj;t{oz+0jxF04ouEA8dZ@Xu@5dt8HYejavCJ0u;DX^EXl3&=f*^=~Nl zJ)40{L)MI$pm!X5512T?T7pOdQ3Lx}%`d7xlnx@dJ9~%i;iXQ`s28K1#w?pfL7GNG z%iiD*rCosVb*^V8cr`wRPmxyYUdB1MKTwg+O3D5@NL#VyyYqM+1lziXzIgNI>RxEK z5iG2^ux7FsvIHks-cRfXX3!<}E<4ITcktl8Z)vd|*u{*|)I3jcgvQ z@NM=Q#;`7AeStRZ4>jodMb;ZgjEDVAMt&YMvcZ^<;o_{FdLi4DJMd@&I~oly(hKu! z5G*kZJ#|KpgVB<_tF+mb2jq&d3raIB=d}s7TzNSW2tw!5qSLxVUwT5j)3bdQU zu0mk5F97*0Sa~|j;t9O1lq-#6->Dnu&S^$Dzpq&#ZO5Fig&xkr`t>ZNO>7EwEZwCX zevO^xN&GU#CR_EUifl?A2_0+2OW0}l3_mJ$lor4zO@)s+hdp~$u9KdDTtlEtBi5I% zhZg?qsB}fz!>eJGW-<#q#C~QQc|LS@#te*thiS`CK;D`4mxl2hKsOo47=ZOs;Fpbh zXjEO`bz)%=POK_CqmB=O)dm6mnm}?qFwTR78ppNp?I~LS4*f7ndHe`QDhlH_SxVM= zX?o$hWPQwb+?NxmX_*20zF(wSQXbn6&$|(x*GFpO@*TX87cikYEBmVmevW7IBK+s& zx9oMCU%bh_Vf&pLpe=WxMpsL0{>lZ^a5e)TZ4o|C!y~-_TO_aRiBDA_rvXagC>aCf z$HNLHVvNSXTjdF@$l`5idth8r(f34r_rw?{;nM;0Q9k1+^H-jzs||V@&Dz3JI$<_N z3OTYmvQD{9vMcgOu8@oZo}n14`uL`6-(*Gh{z^uuA*@mlPg@H!trjRZ*nM-<-T<~3 z4~vV(h#uje@D=Q7)dJ07^?1z+bunKH^s2z}n?TcUu)a>v{d-u+BAx-{uJV@fMWxaJ z_y@T~XJ{0wI>3jrRNj-n%D?AzU>(oFAH2g>!^_NtTn%WTg`JF14M2Ztuo?UW-@`V+ zN(Mk`Hb!p@=DQk}&<@(wU`-_QB5v@56L~AlqX^*97Fg5SQ7_<2YmE!MP!rgoEA)L6 zpB>1nk6GvoKQFX)Sr=?K|oSob4=STk5dGuR|)<_ayTAB1)_n?K~l;ydhF5OXsM> z54EOrE=4kQJ(>88tSM>BdnTnfj|_)!aBz#L;IOC=;_5j00Fu_=i*zL#WjU>mM6*fz z`I8ELl+(&YeCR0A4oH?c0|czJdapzyN_^5m4s@1JMMbYdmT;XZ6U z^Kfx>cXjq~cXRjh^zinrU)|To$G4fjPR;t^fh{A#0z*TiV$&0&+IEQ!4ec-}xl4~; z{h#U|nJ^^R*e55wZ~xv@3HS8!@~!IIq1~h8iB)mmL%g9zy@$C~5lR6}K zOwZ`vqi3()eFkS5hhz=S9#&{BdU|B>sL?M>m^f+jl&RBZ&w1t5*Is{P?!1MI7B6{s z>9Y5hfBebnPuG05cHQS+f3tbZ)@|Qz-?4Y!{sTWAJaqWT$y2A#oc-n8ujhZecKyc9 zTep9|bC+(G*T$+KcT4G6xqf-0Uy@p_QfsMSoGvCvDsQz@oe)ix*i@}yMAf>X<8(f8 zv));?$+=!w+SO`>xZ9gaE-bqdiLi!HvXULnbNVcejQ$iMI$!R}L zHIJ!-^G-f>z0G^=noNIaVI6FRnm0KT2)$4j}ec+p|_|F?l zGk)10yvfvRxAbaq+w3j3rw?o4uD%y#VPp0r&1>uKGfZ3Kc;Bp*&vbvr!a~}7d9I+| zv<3NrAsbrO_Za2hG^%%>tfOb%?tFXYi#7c7rbb3QH^6PgxLtj|%uZQ5_S$S+?YO2d zf4cs)!yDpXy}WeE(>-*xb~NtvM6Cq%s#fnCyY_v{`-97eW@o>V*zv)|tZMW3bv2y| z?s)maf&+`MuGxEX&bawiGn)7M_EPA~jGIdvE?oKD>FwS3Ellw~6(MsGOqa!>QlN#ln! zN$jvycOkt&$-Ymb-ZVB_YP$68>A>Xs%NPCBDZgcDv$(X=3a9Rvu55L7}j4ieW7#4x^|%^&%xck?D*>XUdN9; z+_UiY(H1u9`6i9L&yB2oVcw#J(^mPGeCoM#fv2Iz*0;RdjT*af+KMNR9sQyEmXF3I z>)J&PoVd1W(@FmBK55By*0o$0G`G;g+V;G@a9X2}{SR9Xw8@x0x=Y63(ZdI~$_!{1?b4<=syMeG*Jw8Ai*s}G3ZshK z28ha|KodJCKrckh!`lWV=Nht%QBeuS*+Vk&^Ks#;^ujU^-zP0UewXvSUA{}U0}}6 z&(l+#hC%s7=C%O=E_!R#nS+&@3yMrRqTbBGLB<9QWwi|`ZVqp1D9SMhME}DfX%j@caFGEmcvBOU>jYO}-0hIKR)s)!v{F+2DX zwtQf1Nm2F>6|;3P&ulUjnxj#dwZ~RQS?7uh&H1@$#=K0U$(UIt_$XTuZ*MRgGqQ7y z?X$D8&Do<-f_6>KgTtDK1ZRY_z}_h;JhCbFQDL?wA20D(WnD3L*?ESXKV6qnpsXs= z$B@$}AAOyi zTt4ryVk!BVMg?4(ykI^i+Rc=oWisTFwTLmZN!$336`=8m4hae`(_dCc@D=IAE=9S6 zjHc+2@Sqmfnr*BynH)pm(1Pq@1r+S(ZL;OE%F5&qHso|R=4F|OMz?4c6rvQc<5wh{ zoEO$2H#admCpS7wQK+npUA9s>satwy46eBdShj4@EVM;ntH@x4E><1w^B*acp9kv@ zr6QWO2o4MmrD6$or4#}CVkw3K7;jN-w0we4Caz@IOB34ZW`kM-Bll@F*^1bQ#MJ9Mso96aBMV}NyacqInWX432-E?SpSVTxrq-b4O`(qMi zWsPQ|3B3@r#%3`o_Dn^zTXwNAr&oK7NS>J7Ep1Ab&v>*%@3InQhA)cP1Fpq zqbWW=m$o-$z5G*~m>^mH(fx@qv2u0FI`$lzZ8pXkuobei;YXO*q>0M@>CH?+FJ(J3 zIJ>|QIIKW8_;Nd$gkDj}d9d_+%oD?)?3`@#sAMe8#nHIXB2V={l=zo4EU@j;6(t|p zb1B(&>MFb_TIAzliROwo1Z{#U7X6nLHfIm{gZ&}p*r`c}Q81zc6Q&fc^_UTl@yOx? zQ|$5|8RNfc@BD|Y%X+04h8xRm%&pxJIg0+|9&@7GXQ#v_CFuKLZz<}Pxrz`rP?%Bj zHWvFNA!5%{1k;R#`8h?j-R+*2ZKg>pWXrJ?@$~#5=8*=IF*+$ZrJFu9Fgy^BT9i<7 z6xm*7l|;7;rR|y!v}Y@_z2gVPo4Vx}V$YeMhc$q9*h2cTjItsXSKr%?{V$mx&KoP9 zDYjEm`Q!v*QS!{7Iby#zu;S?1ot3k>s zuW*ns?*D8+Z~pVa(a2xI*a4RVuD^u9UlMj$mjkZ9guq`Cc377KuD^u9UlRU%tgGy1 z1+Kfc4H$`A5&vtqc{5q!Be!{L(#?6?I!zSxhz0?stbq$)(L8fuDHigBdy|W5Mo{;aZ%F^;T?xm`nkW~x!RV4}cUduAMqhk2u8O=hz1Mk{#uryCIjuS9Y+`+1yS#VhYfG1}PJDtD{#0e} zvvb$2-g3)#LXI(g-|=>viq5`zb7bv^1u>;l-`d_fHGJTy4;D=8=eI0m%e!0I>8j84 zdVhVK`?0W4?JI8@I&=?TGs)EP9g2 zFsBc`nU(JS_R5BnE}r^4;7G`_g2dxvHeQO#b5EET-Z!=8&Nt3fW0!va?w8&(rjI;# zWnk&|U%k+8XKJVF=Q^)wTBPo9CU5!|jU!UON?-PI$?$$_BMXA-=LXI_fBN_07o1ic z*Y+EdQ9ZP^PtX3_A|p4a_W$|CC#Slfz1Z%H-L)1EJ=3Ymw9@ZxjQg=^?i*?C=an8b zt7k`#FIo}S@QWrJmU!L2UDtE-#<-*vaYd&$uf6!xrqOT2y|(pOagy1b6WR1i=$$3| zdUV;CTzYHnnuXg^7QggNa?j{{9#I~1zFJz_)BnZwA-{F$yy%-duaBGXnf~b!`=2SD z8v2Z8&iV1Vt&_5s9z3@ESVD&n#)b{N8S?5o!+teocKvwXgv9-6hty+FyuCE&mwwOo znBVeN>hx#)ENuHW_1puyw%0s#e~*9Kk82DWZqxTJ@4tA}*FK56-)S`~{Pv3D51X8J zi@ULX+iKHmO}4*eGWU3IPiow(u_4ay2cCSTNz%So8V>mEY2 zyw+oFs8b8KTmD1L?;cz9$t!8^=D+)8|52%f+Wj)&Sjp!X8n>Pwyt{7eugx0=^l5cz z*txFhSsOyUrw{j>)9q&S`|W>uq1DAYI+oOUzvjv2_029ZyRZ0kKfcl9-5w`iop#H& z^)lb(ca5KWreCRQ&glMmu1LOSp%yj*DsB6>+-BI zrCQ#8SB*})boG+=7A0Igd?%y+^E2u_T)6*OfAhtaYZ7+H71n99y5DQ9qegqavOaD> z@9h(2m7Gfc#L%F3qVD2|qj5gT-wj)Lq+PQ;x=vnvPNO|(b!zxs+y8ZySylYIMGVS) gDrS(^ORo&^$XYaaLft1$@9R5buEwB?@w6QNe@Xc*!~g&Q literal 0 HcmV?d00001 diff --git a/test/test_data/jpg/Reconyx_HC500_Hyperfire.jpg b/test/test_data/jpg/Reconyx_HC500_Hyperfire.jpg new file mode 100644 index 0000000000000000000000000000000000000000..2d6a14bda1a3530e7129048ce24f78a8f0757e1e GIT binary patch literal 425890 zcmd43bwE|y`ZhY3#1f@LX^<8qrCVu`E@`AYrDK7Js5A&jNJzIdNQrbwcXu}|8tz=~ zbH07f@7{a%x%d12*mJoSgSp0-bHqE|_j#Uo;_dkD0#c@gyQLWb$jC4PcL4xE0f-?e z00b<_f^U+4lvTho0|e>!`8!}4@6MlP%OK?6=e5D}h(j8DBijG-CmH}mKmla%3>yar z8zl0NG6cK=kou4F>}+h1)IY9>Xn7~~k1HZNg!IocDge;G|D%oxSSR7lAHD1W%id8? zpcCxYFjz($pTPG#1=x!NBmle%fJ2E5QA2zI9*8jlz&-FhHn0r61E2zrz}`v&TmT#R zk^o<905`x6JOzJpf+b$Cb{Mb=hyoE{$pkPYlNRG*W22PTQj$=Slu?mDT<-tnfE*$N z4giV?jNT$=I@ zK=lcnaX$b8hy1=00M0z(fSh{qLj1Fp!~>-`p313;t0F9@6;JsUl*$pG!#^_ZF7@-0CIXd#eVV66PH)ieJ$Oh+L`+LZ&+wR$lZ%^& zmycgeTtZSxT1Hk?OYDFAn_F7j+B-VC28V`6M#sh{CKnc$mRDBS);Bf}4v&sc z;HPKj7l?5|z}f!i@yE#i$GC97aos^iMnZ-n#s#_K2ELJSkWn77qvAeOhQ4ydqvG(t zi~l?_t)vN!`l-r3fsxa|y$3X$3$zD_q5U4&e>bo<|G!4|zXtZ_xF!K~BybDkAmIQa z!1>KbfFTvj@JwPq_y#wH)!={z{I}K_;CAJE3lvD6M>b2943kUs9v21NurFQR0v1Z3 zOCdbCft53*oYjJ@aO|HN>@S0@mVSY)JYe|}=U=*I>L5D=}81#}= zm+~iVdo0YGiIus=-Pq83igXQrwP#-Y#S1s#**fkgH$y&-t2=eAgC3VU^vfSUv-GbE zU0n1-EcZ_r3|cTKlq>h~t`jcix@J6rvk!T=r8=1yY@0~ET#k!VPU`WL_g71VqYI`G zRqW#*ocPp!Vq1}czJmsclBewlFFd@W71nQDlx|#<>5E3)JG;IGUWOh~zY90c5e!e< z(1TtXx1Zniry~7hpqe5FZeSy-S+mB44zN-C7qHRcEuay6BoG_zRYnf&K2F7A9pIFg zYVm9#RtU9+CvJt#>gtT}*s8S0QexsK%lkmw5S?$nrckIn*t*WTSn8ef2+lZyS1NYm zvFWAtd!3x5-Wgih``P%OSUBBwp8k^Sq%r3E(L=>$JDcz*4W+3!yzs3J1CcFHy7Yx! zBOiLLDzHk!90&8}r5nSmt|%;YEL6Xz>#27>0{wrBz6dohJp9Ruxz&IjjxeW5gGr)8 z!x8{@uWP~*KDN{froD!-KNvC$iitsXs*$eL1N87(op zyGv8WneMkh3v1B#@aF4R%ta|X+&n~=w5tSy*Li_AqCJ|H-p*q=shGkDL%vfVfVlUW ztam-EB@)&WokE8(cW`-ALb57_LEf(9LBTWVhZW|Fw!at9_zku|I&{+t?<@D1YlxD+ z^e$}l31hGM?l~6T5B=s%btZ8Opee=`pGC2rML91w)!vA}Myb6!7ShKzv8Y!sG@t!r zBQSuWF$C`Lb0l?)#^OSb?;;}%YXiNnCQ3pDb`hXFWSn@_lM+Q| zSSyx#y0s;WlHEKP2*c*|k(~OW2)EvXF}bX=q;yPAP|y^lRUtd>j14xxMvvvCniE&RO`&0GWY8glDSl4))C2$$NR&0{I!;S)9sp zLw?0{220-V7G$Kr}AvUf4(2p$CU!h zmwZzMn=7cY0#^2NYH7#qv*sZW)2H+Mk8NAo+ZD3>u-+SBxljaM{M6ACnY6Kc3YY6) z^te>Nf93zVXz*;USXtNSZ(=2=AHG@%Q;$*(zP3ipn%&{zY;LVptY8V?ka1|ee!mgn z4k*?yT<iz_lm0o9fY{PpK&Nm5zV2gBdVaTnIc!!SW@z5*;`pv4@CE6c=6Qcb_L@^QVwh?X?uPE1kQ503UkRe$ z^w)7g6xurX)?h!_BjFYZ0{80&dh*vKjZ59v+N?dh+VZhbIR0Wb2fDjU?~bbco$0h7 zMrlDdL1KVY9#8pzyaY8mT?Y{@+~OXb$WN)2th`4Gq>t8LSh9bsPqy#&lVod-Y3KV) zO581ghcPJC=<+lC#H%ZW+V<+{sGl(GtKU5a0P%q|E{Jyv+_S#HxleKSqH&q$vakFW zXkWWJwr$+JF{r7^KI(P5A=+1LDki+nN4S`sM&pS!--|<`#46j%?WbP~hd_^s=T1LA z7SPZQIz+k@IBTW-A`G557c-6*&uHL^qan9vca1XaPTy@z|@UhAN_LFSZCYLoRe5B zADO4^X(|@wEfDOnm~s&z49<}OarTs(ufBe7<397vNc(>ixxvu&JAQox{tt!)f?ZD7|gLMh=UZGbohOIKpw#Pgv>ee>2PB!Ho}L z3y+UDDKO=J&(Q`P+|zp(RR%HroL*!v9enLG0Z-TuA3TMUGe^sO?J30C-vSlg_2Ka= zy^Pt&^M<4js9s||#Isafu)bA^ms}G7>mB(!a=9kf(Fa?yL zzsNz~^1jX(UVJ9Sc?(othns)7Twj`~b)9Qy=9`=mVoJRQ0%;GhZUXnNzEs@;OP>JP zGYTj2TWjl$F|aL~1OB|o2n<1Vn>xF2PC3m9FR-2(Kd1D%a_Gjon%?A0zOsaWZM zhs7&u7C+NjV#QhCx0>V*g(s4LWT4S1kjK_2`<;UnqZE~&kQf4<;#laj{)WaAjT7e} z=p&u8oFfIzm2aYo@(|Nm>lVOo;Iy2j9yqZ_w-}`WQPQDzz1%O8nTjZ}%PdhTM$PCw zQF4QY6y&quHW4e(?K&%7+KjdnTi4SEwHYC3v^DwZumr@SC3iW!;V>D z%R7y?0BI4dWftw=;s5aKq>1pInNz|gk{|8tH2yJYNJS$I#u z-yIMES;_+KoKs{W9<~W?(=Pj4z_yt6EO7r+`3zP-TQPK<)wU#JQui}Er9!E(gXrT9 zYnbN=KBRpBvEMaQy>V}WsQNV6RQpYIrzpAqr97;s_!h8-T}n2P+ zkf&&nQY3EZi-=NaUO@*qwkx_gTSj-oXAAF_HHU5ia!z^v%Z1j}LKpj014}RAP8K-1K|H7I6;eP1dk621 zCRA-%!JU`;sz6>fD&UQbWkeKd^&;H_(#`mft*7EuklQ=Id)}91fUr192;WDXfD%Pjpm;;XW z)&PvSj}K44Nb)=4dVdBZ?%qX1Bm?;`J zXM8n9L8AJq2@J8oU$2nzf1{@uoYCF_G(pcn4-tt$*Vu3>1sr0+HDZSXURYpIG30T-r~uh+wgr&B3e8 zD*%sw1yBembeEsr?)`4_1XonE{L~iezuT#m+({GNU6C0EDVh9K+wTSvHnR6c`9Ck0a_@=9M?5Vrd-a9jaB$eV! zl6{V{A2sM5Y_Y}t`IgE7{hmv`vw3ue&$I^zN7Y`m=XIypAvBvlyYCoGE&yPEX!w8k zM?B^b1t1u=hT+$lE((!@0@$eUkTHl=g15hA?Gz9?<=kC)Hs24W_+QN8FChImS7T5E z#+hb%pY!4xXx3R5r}l7{WV+H{ZFdZkxnB)Ri13^`@Pk)evJY;cItZUCsGBRXh)XuO zl7qL?_0}q0^!kVCx%u*L=)*)Qq`jeMf!XrulkO}V2-w%S9U2R(*tInEy|cg_uCZ42 zU+Gs!3wwV|AbhkKZcXCtQ*?CiMsmd|<&i0Kbr$c&@YpwRckn)9>9g)EBM7iowqqNs zSZZsLsc>)M6iafcF%$5<1^%OQ0>`jl*bDF_SU;LR12@*fo4XX3d&0S;?_bx zzm8Pwy`IJ_hqRwfE$$&;+ZHR&wl?ir9OxXbOFGN!hHlCXjpOv@!uT~)`k{jqkef%A zLl*Gl``;BoH?((2ZJM&=G*BJs3>BU z28(z~Flj(~vI$CDUWoATUm#SGf1S`aM`2y}voW$pH@ibi&hBv-zYEtk1-bAe%l`G# z< zO2pgB#fjyEF#fSuw*UsnEL6g8)EY0<0gC-0gA;~ZUR@dr zKJ1%ZJc@;tzlw~G@+%swnLkRlKu5v8%ys-&+st;dB0y`K-I4eSX%v`VpTsGfjVcGFLAm#bu>I9vv$JI)RI z3BvvYY=+`3#)Z`Jr8i})Pxeg|*q(Yg`oun*stG37LK7?zOaS0mZ*Bo>a8uPA!Kbto z!8w~))i)y)ZjFfuk5nV#i9rgl4LL2i1tzhYg~_T8T|oTq6RcA=a~aMeBMd5#iuGSg zwiP_RCqND+t#wqB~q87<{M(`n@ozU zTo^nL5Lw7-+*Af3AZS}wMIwt2!RBoj{FdC66cgO6DHW}2PrzhDGc`ReL@(31X-%*n z8aMV=_^bz}e|3kSr+Me6I1=bQlWU6&|-8%zIMugMQ#zSeBxl6ZOVDSAq(()hb$}!d( zgG0@7)=NKCyrK99KtcJ{!YkAZ&dIOqrLz4q%#q3k!i(Fn2UrenhVQhzm8 zbDjmy;>6C&Q#1VPIYKfO8O5F4xB=Z-N~!)U)xOCbgJtwq*SK~e&yRpG`4uRcQd(o# zf>7VAq^f;#kF9vwPV@2M1C^B0!+<=!D57-RMWP`63F3 zV>WwQSPOPGDDBxhS!m$een9;C&fQ>=>|5Z z;ULudOH>d1rCbch3a7v>Uw`e@hccNxXO}fGh>(g!^lAaf7Vdl3b zA8K-wL5R4wfQe1nb+NM?)BZ!Wa?dKEdZzZ9zZ9K;zm!<(1D4vs8b{Z&wF@|#IBcl(5L^^4=bn4Q9r&qo z@$*u)s(#bK5_lubaF6*~H3XUHtEkix?yUG4!^;#jEkqJ_^9gd~gHV1b46YDdQ0zAs z{3N6Mf6Ly%4ytZsFhSA)^2`fmGJxXWXlf5R+5ykiqgmFHv72`IT*-M#^^suxWxC1b zIB(nb@s21ov<}4OXyL(o6}Ldib?{EI!LDH6Q?v0AVK}ODm5{&~2pdUY%Mn|RaB#n8 z;`Bp1Kt=f?-C42vr{UG<}mj>V#MSxu}Z;OU0hR!Nn;C9z1;5 z=CwO>#TUFw?Q0Gf;}bF%P+sN-6eHt^Xi8b-V9uX!o!6sL%+gI=7i^1j&|fk z;@%-&g+9O(rB06Tv)aD^13&VWGdMVbpAY!4uBcONFDc@|m97F2y>#EHcUg#CyZ%W3 zzjhK-j{fYwdf(a9Qpy#bFm^*fm_ogLI3?IPcU{{vQ7HkdT?tvU;|B$CieiTW5sPcd zcBwa0S_2{##nEo@9`MY7o^D)WiC`qazg^e79stvO6ghJiM^hG)^lt z7ywgBzM%HhXPa)30%}iH-F25Lp!Vc1LM;&xad$1td9qFzA;SIdV3lI5|EvO={~=ZN z{~NkQJT&ny&=UjWRZ)(^uTv|amhkDYQ`yi2-s__mUpniznUk(`*&K|ZfBZy`k4;b!AysxAB7(t!{(p_G4kSKX< z^lMUxqIkXga4EIP%`f<1^4Ev!Lhr=7?!JmA-z$zUiYPTz~Q3U?m>kwgKFbbNhZ$C{rWUU6u5#40@e%_H7O zs-wiv5Sw=^~{kPHdBtXlwQfd}^yWQewR&<7+#A|_>BAQ@5;`9%Pd zp=8h31nvD0{e`c-;64uvN2x6P3bQt#+v5QDIW#_&#yj`{Dg-I4y3Z5fYMc~NZWvgr z94J@ZPF$N>nf1vvKivP368W{M1KD|qZ%6`eWReqPWwz6ftdws4;e;mttBzvs6% ztG~=JziiNI<1sF_I=BGST!OX-eK&X%cMU8=_QQM-@pbQJX4Phjs&VG9&AEyU^k(xZ zVK9U%ZU>*Vcu}HiT?yUXi!%2iY`)#ENcb3TA zQGDuMlC;yVe+*grZR@}L2*xk;20E~lH8;axidG692M+>aJFBo_Tp8>VBWVx5Aqs7o z`_Q;w(pY*6EGl0oUZBObQoRHYViJ zcCvH%u~A$35C`!f@R)7}G;vO6l-HFRHJ z(`PdZt*@(EMwH*v>>nl}r$5e0anSzS#b7!;?WGzcGV#l6HQ_;Pj`0nZqU>DBa1nE1 zdR3zJ)S8g6jgPaAs^xmS>wwYfE=ojwZd~^%ugI^j{28s@)w^~Ns61M-39m44?akC{ zVm^OsND+L*LMD6*s3t|8WLYIRa`)0jRbhdUn)vu@3Ww*m&@Zz|KEc63cKbq|qiGo& zrA)Oo&TKLp`R!v)qLsvJDh2Gz#r%$B6B;InRv|YU%UcIzv7}e6+HN}UN1%3DiN^KE zOniJ3I7?Zc!{45W(Y}c#FV`wWGAjDo&FPOLTbyMjH2cC!$A60RgBOAJ%=B80P_A$< z&5L`FnWQ)#Z)=Iqlt(}XM|(4xw@aVv8akya&2-8zcR6+3U%_7^q)S(+ZBLMSHb&1S z&rM(7u^j0=$i1W5KU(ye#vqyINoODa0*juVnhP`YaH#>&+FLtGC{m`CuD*_5x^(wS z^neupra&PPCaZIN^?S}D6WSmv>Fu{mPDw~ZAA2`)b@N}1Mi3Thk%mb=wtwO$@F`$7 zEAL679uX~(4Cz{h)T7s(WIpRAVId!+pFHkqcLkPJX2Qm3-*H<)2r*Q;SJNgv10;%$ zStcKFOkqE0x)@0lcs`F8Ijyc2Y9Yfl*@=DrfqFKrO7iI4+@f%~XIQ&>Hp!O<2N?n%5{XgZ5l=QM$^7;`K_iaY;bW#hm*+C4qa6i1Ql=_rSf-A{&lLry>_SVn za3Ti?eYj^|e^r{~A}jki1K`R<5XEtxr>Lksl*YZO5G{{(IF+`i9m``;l+T26+~*lD z7H>hVO%zzZ!?<9gIG8>%uTwitr}48Z-pPwX`?E!Xif4X&&&QHj+IY$5N3G1E(+920 zxgs@*dymOr#FI(GE=EzS{WkDY@yh{c5^_{`uHp5EQrm4!UmnT)8r9-w@fzh)iK@O< zaMLc=5mMf1W)hTdrY8whQ!%M_Z0{c+^B35BWqp^eLsBMdqeQ5_K?iVYvsMUX$qJ51 zA-~Qmjvbh`3E96cd+u|mH7bh@$$aZY>^zOB4sxN&rNoz(1Y>j5VE0`?#LRA^d=R|VG=BQqr#Y_SH*jZ?2O3h`qG^}1dM9Hh_ zKbrTrBV)IMJC)hif`w`sbE(2~c8(G&Zi}dZc-A~+#Ttzv-nL>S$r@V7}dc7_@ifKI&m*d|k@n*l8F!OYObi0qn@x{*t zsX|Sq&VQ^rzoOG39=dxd;F8UD#70oEBiU4a@acv5xcTVU_(TVT#ghy;>U)*({JmGB z*{m^0$i&(et|S&V?))^>2ZHQ9zAD*`o*P`JFDqo0kWkp51UltI(84?k?la=6J;{_3#)TK0943rU~k$2`k@mBD<&OM=y;I%InkwI zVJekNIr~yPQ0GgXie5{k=6&+@u@G{PylC$-Ox~Llx|U;!oN34MUA`TSq;JuJu3OS+ zp%Fiphx>c*BdhT?l0SJs@Za~ezDG@!5JWmR%NMQ8SmA~8@@>5Ec+NdAwxwGACF0qK zFaAv(Ct0K)?(q=ry~sah>blciO1dND;HkRo9CLqIC3-ygW$eq4jsmP6D3`YMj7MiL z%>}-=AxCF)drnT1O50;>&)4a$a;{H{UtxDwC@jcVeuxhV^4D~+jwxZ6v^aDSAs!iY zCbZcnDWql5dtdYV!J`-wi;X@ms>uu(+j-|z?h%ID6WO##)ak$tb?t}oi9nJo!NYIc z`eBoDwf4uRlk0r+S&SK8Z?>cNkhWA3rgAu>`~U~6E)J{0mPP3a(Kbnj$~f9uY$+V~ z@Pu))KnX!8#p4c?aZ=k*(T6j80ev+A?U&;tbwxGyTW-)Tq2U39w%$)ULA}+foiB)vfxm zuPjQYMZ0LGLc1J4+DcG3d z+)lckQvFWm2hs7)O$^B~Jk1iMnX4OJ7zZZWN#0>D)N`5Q#c-A3blH81GWPZ!_iU}X zUgH`~5{e>gY0l(~Zt*8&t<>zQ&7KL7i>h{HjLTEFqbuInK6%Hg{FIX(1&Pca#1CE! zR--%C=7QNA45F4X_S_aj^lJ+P93SQNqRoI+O7l#C3M*T$l7cBIB${LVk&q{W`#d;r zEQ4JIBlsg2gwQ(3S0i>+y&*L9(_h~(?jj^ zaAv6+saf_=VPmd*lY)T+H-iRdt5d0U<1;*@z&xsliWm9015 z6{#f)9jt&nx@b!I{v8aG_Zf#w?A_*rY0<{4x~k)5CO_eA=$t!q zmZyI`%e2Plp3!}1=L5yRu0<_xH3{it=8Yib^x#Q z*>RQqDa4dw0|u9c>f32qgLmEEfG@+*Qlf0gw~ zk8>2NrjWc&RS2P9N5_t$kBm5v=$_KUwB?V*9Db6czkC?1b#RwP&|@XV$=FrJo0iCg zHi=7VWFF0&dX88=G8%7_=SsaZRmEjQ_!;Z7vwC%~W6ro#g{D89PI&z1kkfS(T~20} z)vd`M_y(uGPFtO+qPB^~oaHn@EUUT58ka(^-h)92k0(XU8I(@>9YUd&8yCluzF!0x z1K*ybd_oGjFiVgX?_yN8{HzEeJRDAf3t9Cry@iFoj zmdNPWvhr9-(+|N*QBbR7TP{qUk}|yeOK#UE5*0sYr*4#Yo@?t$>@o7l=TntXQ-16_ zilH@$BWZ^OAsuEHzS|ZyO!GHl^BTsoTr(1fHP_#bEoh5JH}R|I?PYKgP$#^?Ei^4i z*Xo6J)`=5bebt+Z2)(bL30D|Hno&uIWTv?}Sk+aOYmo>@BWQnm2PL^=43LzTifaZO zMrtgTS^FQFyRRjm2v~6zJx@0LoQ3&pE1~ibO-~G+ZPUkE)^UXLgwyW0J#3UDIkK}W zc?5UrDHA(A)A)#bICY7o9=;q7uWH-Uk3t%muNJ{lZBD#fGHshHKiAh?LQV9VZH&lu z-#6$W1+=f}_V#=%i+yn;w25z1Aer+a(}M=HIY3d|lBP{^XfhX{sib1I=7$hgCXaby zGima4|M9bGPC@{3bkAhmLYfyHY8BdFm=+0FI_Kj%Rv}B~E^QXM;UPEoA*$z4T^Z-$4lj#)J3&?~ ztwHWR?UK)hEs6I?N#R9f(%%LfOHsz%qAZT8*-6yk?b%z(k88DQi(aOu4DW`-3F}Hx zo=_zxn>HlvI9JCJhD1;1by~3Ku_zgdTM?DiM)r!4wRE#jH?M5$NkrpR8FNmC*6L(1 zKW&c#U>BPL9wxZl%aK|fcXuC4Wb8OrTND`0cJd_XWjv9YkFp$fk}g0`@%V*mwOn5P zwVb??`C66R1=sfhYkicK|UhvZ{A#JQv0dR(5;_)y$+EH<6s;hLU)X?RTJ%mCjGc_Jy!uyT&+I8u(C*WzyKrec?(C&er6i-df-vyVv!b6naU z#1fR>ejFD}_W#ns(V>rbz=I|n3sI3+TR*I_P+t{!%)7~y;5Na2#Uw^|C5BR0LZ`MC zSY-LB>}tf?`kQuQGRY9}rBV4DHM6GOe#|E zW^=Ta5CDKsWYWr{>8m@o9VWX*CT%t}G{YrlCWJ+kEr3FKLu+8gls-zaUMUodEe~mH zOPoCi#c!o%xu2V+WtY}-L_;-vmThkAP6A$kLXT}^;#56N-(?$(lLhhcJKi9A!IQN9 zCjo96WEP&$-^OakKO;M~%7(7dZ6AH?!Fya|YN|JGb7;B3c247C74xwK?c?M4DiHCh zNRg7rUXLI}C)C@>HpEe1;@a{?Q;r5E;k2O|&=a;&vfN#w+@a)>a-okVr1#&n($a|% z8cV!Gbwal3B_;98bBWAKyI*3eHYc_G{(ThJ%XT53{0A)NQbwM~y)*?CNLsFhbPl5Q zAsS>I-FAXTN$RI~5~j=|T?P1$I=M_W9k(LYmo=K{-b4G8l}nZiB?h0`wLEFrm#3U= zco(yiCTz0bFfZqPHl$T;XO-NnQiG^-w0_s?G=IPIGN=QJR4<~OWhOh$ zOW1ju85sW#OVLx4AlT;lbEuf=&jre6yeJNgho<@Ws%+kx9zyG-k2nkT#(f^w7^K># z_OUueRZqh{<|#P5<2m=s4=GF?DywB`wR?taj(jnEXe0iEk`$g-Ya!2s{%%!h+`ex5 zj+dsKy>E$*hm2o!t3(lRY0ON^V_fjToRhpA*GNf|j?R-p^=;LNN|lK{yjf|&leXQI zLfi4Pw|Sp!m0JYo&BKeeRf1zLalagMaCvPkM|Xz5-TIhD%E5*{6@EyN=$%VLlN4_{ zs2M`|<-=ZQUYVGeU<&)>!{fY=Ax*=@y);2wpBPMq)sxfQtg7#y&`b!C5-MybEG^8k zFXoBjieDD{4a?c~uviI_Yc;qg7B*eV$K!~HO+s^^;KjrKP_(6bH7w(BcGW&AZ@Z=m-`_J< z=&>w+RR7h@{1WnNe&niS2R_3I?JnaFV2LjK`3yg(DGh&)b5!h^SlZBd)iyHg1hpCD z)bLE?e$X>f9T6z8d=GB$&XIl4yoM6l?dL)73of&g>5Y@e8jq3W7$kJb6&SBnX-d$j z4Z9?rwX+?9Pd~5NHoNj4XFOkXbPRJRACdgxav|YM7BK%J&h9k6=2ihd zlVUUe#NbIP11Y-E`&<|C#~DS2R;TdO67ye5kadBZiuP&3-i68O$EXP*vFm|MUuAaF z=*>>rM{{1ZHmPqYMeBqT;5-kg-aXEX!)Ths8Z37FgkD2Kj-e8X#7>_y@NGcRK6d5% z;^)1Z>NVj{+Dp@)QKjWg=4F`PI4d)w7z-ahA~7W?)RehPV=kzw9cj&B`XVH{X)B@1 z{*7#FgrdGBCraSZN(dU6j=hn!FkHfIocCfha!i?-=P{!VZP`$RwaRpU%l%62PhXni zsD_dqFLNe>a(Z z@-L!{r6vn&53+-l<{K3YEeTwaO9}20l4B`Yjbwj15RlF=bQ6MUXC;gfGqb2%%1zZ+ z%=|dUXkXE^El!UYaj&-7_kn58vaAQr5OaUEq<3K_`c!;Z;ju}D$V7B$orTe5$DBKb zl>+0%L!W!xxM;^>-^IhDTUP{lg5pK5ak9j^z5^NKXn~7IDl}=VS${2j^qg$K>i-aF+x>QWQE+ z{0NtpZJVIx?Y*y@HPPQ}YcKSTgH#qvd0Jf{haB*Zz$Rae^4#R}Ah6wgi~G6QBlJ7l zwr|DQgyjdfg_@!r+R!K#Ew2QXQGa!+%h-gB49m%Lp=_3D4(hfO`jR5E^CLA* zfn&;X->Jv(;N|RhIM65qUWPunn!kf0n-H6$C}mr~3VS$#fVaGW zA3GFt45)NYUi|JOr~76}t}JBg=Q~JfN9qIN?1a^oRjciZs{U1bJ6ub_R>2FiyzlYK z8PLcPs|Fm-JI~+_>`Cg0%8jdpUuoIL9B)?2)LKeP8Q)DV&3?GIGAsKgdsRO*xdP?r zYwHoZiA&DrV;iNaz%asNE`nh~8vlhhJ+SHDb%r3(bui!L@+gh`yYv$ zBNU5h9!Uv>q>{Ij49k=25r?(hd3kq5O(pG1$1{z^u-!to^Ul|u^#?(8vx&snwwTV^)l_3hNnws!aGw2XQ<_ko?3^u$ zFXe`blF_1cRX;iWJQh>mHkBG>$km*7p}4}glsfj0Wh~-i zfQq5f`$@TyI*lUrSNH0@M)c>!IBkA7Jrs0)=@}X}F}AWc>(BgSqiNxn!-%;;V5-K8 z6Cs(5TKw+ENCmaSr>n)m5su{3#I7|@K12rK>IC$wzan|{zEgFWnDb6ROUJgRV1n~= z!5HRF)zNoUKTQ~vU$DP5o8}K0rjer=TBO@>!i4k@th-jqyP3nkEZhq*&U79gQZXhv~D+rAI48q4-$b7ZA?R^bs<_ZD^e9o*g9hy`mZ+{ zE%WJA?bbebugZC`#?^dUKJ>bAK^YCAV(fjoYjZtkHPb8EkyE7i!bb+1>280NfTxBo zyRJUlINF`>)ERbdb=~)Yck@K3u7}`51VzDcNf#3oH8>~pOYWyA%w4u!RbpWkawMeW zHz(TDJS4nL0>b;t&g#$Wd(x>flAJYtxbQRuB!`#_>o|ka^Tv>b4WTJNYvy*?&13ockx%GiYqcrz8mflFB3z_j$Z6@BpXfLrFDt=KV+F?WdMD=Q+M`XhAV_5hgoEZDg_LlliRabVq#!^Ox6fWw8T| zMvsmpkD4T%V?~&hiq+TcczgBNN|F=KL%bUrBSj?WCiBVs16~{tGCL!Yf|8=k9cuQ@ zM>KUY)ej|ycL^|AqTu3@e5X@d1vtz z3F%60SY*iSnG%e(33)E?2RNe&Y`TYyYBnNr8E3pcHilY=FPS~K%9rHprEL+Vdf(SO z8?{Zx_zsEedgGE!sMoBVM!lWVB{z-HOx<`kTe(o)Ua;mq4lVWaQl{tW&-@zLH+q?p z0QSRHUE&ZD(?Vjik)67@ivg|AF-jt?7`FBw88k*8ATz8%GfA5#mk)aGLXjEfVM!xC zQcBh|N8F}R@NW%HHiwwv$B*U++*<_EnUjbv49THeYIQt0y{J)RESIZhyhO_*T^N!x z9d>Kh*14Ni7cbSs{bJfbd)TjOJ@gchM8V>$!jpCv2!n1Z#!DQ2)tfDt3zjOY`lif& z@9aFW-mDw$UWClHOBu3!q~$CtW)g}o$wu=mpg)XB_~O?bigAcJ8OpuuRv!f?J$AW0 znzhM%d6Kq!*}Yrpy*_P9Pw_=~D6|VXf2@&KV0GY@sI?S!lM)wlyyc{dR9T%qr;W?a z*)b%4Nx#Zz@GM&2)EJZ_7~YvWhgs?W(5wmVq{*T5QYS@E!n9-#8T*{rr{H{2xQ9N~ z?wHFs{i1~NYC`BbS1no@wJ^7~*g(RC?IT7$u7m4ok${qDsb3zORZceHM0lFoBa0b% zxmWn5-75hpsq%g#G%5NV4wc}@^_bJDN4pJ zAErBAhIsVRayVpo;@K`v!7bdE19ohR*`sweNaGZH4%SRsgdfSBJ98V_KApG;5Yp1d zdxlk{+q+XfN(^nNxUZzpw)g%@2YixCW3&&olTxp?4Rv$AXC;H$vCmlCXuigcZp=2K z+k-7K08R=%bTgJM!KY(1&@gK6>2=pyzc}fuloI>9Y+Xn=H?-??^=(1LGaso*gR2JJ zYDPw)OjRaq*(lx;$E`i`z&ZQ&wC84U*gN~n4BAH(^>2$Oi zIyfeb5&N;&uK48nc&e_jT2phFkGEU?!sK9--c|A=v=z?IBrbe0=Cr!s50H|oMV6MH zzi?=A3u)|1DP)ObS|AzO+{1_)s_a^?z(uyjiLpk*aa$E;gv8+0Olh%5{HF_PG; zxC3{(jwQtb|7HVuq~3)rB%djR1NvGJ=2~bq8QFl-9-8L9T4s4JeLhmvOp{Q;97V`%Tkdj!9ns%ag z!evDbe63cJ+D1ZLPZ8O%0LT01>da^rflqtyeLtV(L5Jj+HbiP^Kj72f0&{11wip%t zVb+(mCup3@d51`NH(W2|p4eggpOJsf>a4%JQdW|mB}->{ZyBHuK zunbc3(NCYFn45)nx_UcvSbSY4TPlUN*w@>e9fD4cL&Bcr*nLWx57^Ntr_=uGC-wdf zADBiGcxi5jmeoNu-W;>Bp@IL!FPHM8<_n#Nuj(U}#hjk@>V1@O(B%>9AG9thFm;kD zHwJ0Y)iq;lMPfmY^JU7S-FTW120`?2eXf2<1@_OqY=I=ltX1C8l15Xcj`UKQ()v{|x=kvN_H_T!{{@Xea=*2=kUYaAbR^U}+d;=d zEpF~LW3o&P=K$9+b9C|&h)Md>SFvi_mE^?ML`m0gdgUT_hW`K&j!Ef6djmQc#ltG# z;Ny@usUqAb4CLpbq@Q57Qu!-@a!9EnnjwtiKDAnk<(TdRF&q)?Nj%`~P;rlXECn!s z(l-EpwJ^By<;DX8PQcLFU8RsdaHF*)$_e8Pe){*J>=HX>) z8w46#iq|h%=15XjBLs2B{{UW@Gk*B6IT*nep2Tcf(`87mQKlF|diqyxnv8JABBX&! z4lsEBb&XWp2|kA>bW&@EW5Fjms=_d`Zr#xO)p-o>d?RmQfLz=*UpW9iG4Iy8EpNp( zi3zl|T=vdE{%}ymen1t(O59#vmD~3+5C%e zZL1ZobjvG9-KJt@1McLGe>&s*z?b`?VS;i;O1L>n?Ui)P7izQLD?m=y`@nOGr+YMh zV2xNGF1Cue8^$YZ?IX=QA(R2MD8OzjoDiv)i606FV@@sXOl5t_?4U~Ls2wSmU>!v~ z!a@_t^sQE<+|{_cbTY2vjB$?jO5)xRBuOaCzs;X&daZ`EMLCp|%5X8qy;m_325MyP zPf^dkAp{deBxB&@v5*A6+4)(Ur$s{oka7%iGC z7qJwI=t;@J^))q|IV@aY(Dt}kunPgrPEmZZlg$GnjusN`QVwcaBnvX6yyWpiR|{C4 z;M;8*Ll*SUO0JTqIO$QXti;Rq(njtYR^WT}sP0}lZXJ;E+NCFP8PX&9<7mjwCYE?) zNp~>9pIXy#vNu&cR6b_V!H);0YF>n~u+Qb>6UKX*UF)3WWY7t&rFV&of*4fMtFx*% z-4!pel5ChNERBLavsE2KyK)T)SgRy9IMrNp$f)O46C5!o&>EYuJ6Mt>`3Ymvqfym| zS{fjl3EfEtlkHMJ&4O{7ZR%GuXst31qmx&xFN82Y(gdTS{{RYBxjU7oy_R`TYm;u5L%l_=!Q=WxdfBVPv$1vj%r$WA3``)T5`<6R8y~JQgltMsYMmedG7uREM+BA5}7C$djRqi!q zR0*6AdS?}+A2Sh2k4RytG)a8l0e9GsO%AQPYtM{L;H7=j3J)~tz9l7Tf z&o!xw(Vab=&EBID2xA^W;fr!x^{hVVh%C{r&rEL0h zQ730(HrH>arbu^^Ta)QS5<;?~XA8*psKWgD&JSQJR)yIbP%AM=7w^9(n)a^) zTK$*8`Cc|iSdrY+$@{h+QfJlL-tJjI4ByVRwAVKfEY3=_hddtDT&Zdro9TvJaBDwX zSX)e)9d{gIKse^Lv9s9nOC2e0?{0{Uxz5xC^)>099`L=UnWm!7f?1eli+1)ErAF^& zX9ad`tT90uH~|Nz7_5t#(p#T3h*ao<`qq4;&e71XC=lZWag@+vcQbF+}%rN zlWx`^&$_vhcQY~CgE$}lx}>_mVB1J6c;~eow?MZtB%b0~SZ?FC4Oh6hF-AiX??bih zI~W%&B$5)1_*6TYMqKk$>{W*ulrBlZsLmuF)fXLzWZk!5=y<5(kIN(ye>z}CIW8O1 z7_5!EBqtowmcv9dyDJfl=e0l}Mnm$Q#-mlSiz~@$cLJx1y{1QtkgnJ#kXZ3j-h;Yq zwS4|w=2yu6b&K|cGmZ}jt#1ucO<0hw?2duGD*lra#959`dQy{iut#%d-udlj!Z`r? zSEBqsiSKnGa`PW7e+FsBT&m>GDcJS#z~YK$S;hF*LA1WLdw`%!2j^Y`tJ+Cxb07eb z(!DBe&Yh%i-Cd+}*9FUQ$Kh2AFm6q7)QU{i4ij){hN^Q6Johz&(W0rNu|efFM|zg% z{@{A`td^ubigzMeZIw|-s05#7wP7k{zgjoZF>Sb!nD1>^5Cnj6RaXldhvX^dscE2E z?5!}0S&F7qb|lcO5EOT+a(gnG&?5_+qo44pl_qA(4a3w@-$n$&M^)L54L8fqaxhQ5 zCBA@J)8b(%X30_Bq`3<=Q73RB(+S_GslA*POYBesa{Dfo%9k$Nd8o#YwA+m z>Tj-X*X)zQKl;=R$-5*qWB8*}w!PFNmewW+5C-YV@5K;J+T`5GwS>!b>lYkkWYdu) zNl!r8=BaOB^g0_24C)rLNMu-~Mad1`vE{aaxgmjJ##WSNcG50N+I1_7L_@jd40`Pq zGac66Vz0~YI*PWslC;>QW%B0=t@8I3qVNm5c9$6P`}%Of;gwG>Z4&9 zMn^o->!>$v22Co?hA>7z$oH(dZdrKX2IDxRsaxzrZN20mNZB2;){K&uys7FvDh5aM z$YaKM6t^9$UyWT9@to84s2N~RYT^v9J1#f`eQKPUJabAyA=t=%_gbDN*a$f}?rM6H zlS83}Rmmp=`_y-hx9$SRzk1PxgeqJC-k8w3a#!=DOI?WCGFL0bH3<)}@J&dpSWs1f zV0M~Q!~CpA<4kWt^b_1D7-GP2gUwzVl&NVYv5#qPxg68wOw#QTq{W~yzCq7gt>?r1F^&Xx@lJIx+TuQ^sray~=U{VJvWFS!^4hd_TC=&1eGpp~0y;zo+RzXuf! z&G(SFM#&w;V3paTMt#H=ELG>=zdJ~%SwM0@$x%bq*#maaTe%~9R2**#LFcV?MxAQD8}G6@H-T5p=lr1D6nRjyouK_ntZUJqJ6>cQhY`X5S>t|b5h>@n(3_|i+b?Q~B( zqE$_q2cbEqjUwb)E#rb9X4)jr8L3iH+!R|^H?*(Zkh{sq0}6W5-dj!QG^@J=^d_<9 z*HUatXMTu?f%fNz=cumE(&E!yPTUOB&4d9GE22W#E5lqswjh<_!D#2oRylB9U9PQ{vYB%#8 zGN83kBs3|=2dSx+CG!w20VA4M8KY{J^IbGoOtGwSle?zl+OqXIBbrEKfbbN9%{bjX zb{v{*A{QfK06J1^QrwYCU}cD{cf4b>8iM(RC~yY`sJj*BkSYzwsi_2kZV+dTb5(Al z*s#PF*oOlgoYh%ZF_a|d*EE=#9con(Q2pUd)RkHc^d_2mh01B0XqR_6IjvZjkgn&G z&j+;^4x}4b?eaEpxqH;xwnh~V3^gvn8T&5n*<)Pw(z9wTdVxuG7Q=4b{h~0g08vj4 z7ERgY^NIk_iGjmsigeO|a;zyW#z5_oIpg`%Ta_ONw=~|udKxC+d2!(7o1V2aDkXin zIXwj>q8SzLSNB|~6;e&nL7(BKny}WzXITSaju>%OS9>vBpOp8e)%6osW}Ga62--94 zN}!yQGfQ9_AOsHNRk#lI#s|Gi4Oq7&R19MytwbBlP7Mj$Q6eUic;o;Nm)e^(%C-=X zp0CXg%q`?+awIq+t*yHj$mXG-E<&poHzrA_CfKgcQjt55#V+HwBRS1l)r$WBXCtR4 zJma-DqZ2U_Xk^~yc3d}JO)PMhZ0GZ#JBcT9!fXx{oSL!#XvqVgY8vWm z(#2mavmV%{7#Vr(N$4huu8avIfu7VW6M@csO)FfDiym1BcA8@XF@saMtR!x#_+wTk zP|29dYJ8*URVq4@nuCzw4wYK1#I!7=N?0A(`qWb{8#{AT9ZIl~a-^QQsLZ}w;OFzF zDbv^gt*1G!dh89MQMlIXPTnuCm^*@euwA4I5B!>a5#{Bw< z-pZX@9TM32{&GvP1Yp%>g-T?4=ZemUYlSsxW7#q@EE zD0Jwiv8ViDMK+H&hC>1p{G8xWm!en32*q5Xc{WRnTAENWY=!64)RMVX;MP(OgenY; z*CMAu7?Wr5nqGsAjSVsfn^R7HQC``hN|wGD^0SvDoK|v|Vy&*G2$ab)6V6UBd9K#h zHX3Rw5Uf{^YPZmqYgsIdZUm<-Rdt40ZJN~>8D-!Ad0%?i*Hsd>pJS(Jmg=WuZTE>M zsrBZx2BmEA?~Xv=@GwP6ZR$#zj-5)njlp|yADFAV?;PU;^Q^nO>lTG$N8Pi!_cYRS z*%`^*m1Mav<8*JxH5|)+uMcn z74UPNxvEK|7w%`=&Le-7usicu)7=@Ig>pyMknBRpBOYT!j7?m%xMjea85B!5e#IWYJ^m|U8-?d<;a^Sy(xK&se5!eKyYf5SEUZ!#QkX~ z>2oHpsdnB)ayN_<+chlMNiv6N6$@}nLcG(0e|X#)rlT?+D+am}(5v4Ws^@vkY>>;>p{Qa2Ay_1L808%X1iyzY(#3si zDzGTrb5*rM3=j}=l4}QNW@!axcBvwg0OZkpxrm&ep0$i!mZUvXDnW3v1qFyH(+!HJ zG{){{LVq7xt5`yPouZ7DZb!Z;tgAFi5svQTHBG(7m5Vl>9iLDoVwDkq$SwXgm2qm( zOzF5gA;BV!c)bdeNNiYKaw|n|nkdH2ppVX`O5`mF1<;agxWPV^wQp#*C;%X5p{q*T zhUk^-&9qDu6OqZySGSAh`?>YzwdJ}5)x?n%pBVXvYII&XL=P(POAbCN$AF2U|LHFaXp$O!Z_w+$`QqR7B9^fcACDQF~DEUp$u>F-6sYnh3F zWmll@PWtLS_6s>4()u~r7F9no=bGr@DLlVuhA@yf3}nF>{OLPx*hWokKUS3?f&moo zCdAt68|4GHddL#_>$(N#YNN8ao4&)Qf=5ux_rT_?9c^XM{{XX$C?sC5ft>pFrqY)E z2JV%LM%oE1)QLZP(C3<-2|SxQE!cuxc9T=MG>o>8MvOVyeN98;x?)|d5xO^H_|Wg% zn_pqlh6=2Y&)2P0d3SuWC^_#-a9%{Vhiu8^fslH7)w}ytx@Rc64^T6j>EyIIiEZ41 z&dOb+!ucR)6}6^n5?d;z{8&QVKmPz;vWL99%94AQXOIi8Fdh5($g2>{uabDhUiyWs zj9p!W+y+zg0aTbr+Hej7cB<~I^OZF`!nUH$9s;{ri0&#_r&2c) zj8eV!8&=q!Ki+~tAI_ngA=e<$aJ7hHo5^f~Mk}GyZUyRXjPkv4P3%%GHM<H zo}ARZwI``!7T+Q2Gw)Ls3c%wvs?}I_BUS?Aa2t+#Rr!$IMo!gJ=mkU5Q73g`nn2r` zamS@Z@oWU+nnGwqB0@J2#U;RP%41yPxHRl58oE2dJ=8JWkdZTd%*UXs7pn{0$YXDm z94|TIlT8{v#dYBelfbI(t26%ZJ$uti;E~c>NYUvYQ!XV3mIoOXT1igD571VUmC{0r z*5+mH(J!?L`sS+zc1*n`8?6i37jCaw@;FvQ%xkwJ(x`bavwuAGH7Qt|6mM2Q0;UKf zo@)w74W6M4$L^9cDcvH~j+NwC)D`Gy8xJ1rn@h1UG(h zP3XkYqXog*LV?9TNyDab$e}KyAd$nSLt`DNE*c;~{{ZV#87-`^pg9?S=lq(L=4lm% zc=V&xTe6&!I!qTB;+hAUA!R>>HY80D$=bwXqnG7gohevjQeD{trAlQ*iIKR-??8-n zhxg(|U_k4Nvn*NKMsZEH!q*sN+j9_;B?nr%(kP2@A1!AsbR%)Lh^H=$KAEd66G;va zb4a8>gv6d%C9&T|2`a3O+B2?6Wv zT$GXhrgagiBm#EhH8HeSg~t03U3qB|qer$+V^Eh^pk^GC?^?w+Ci|J{!Q>~LpL)=W zIZS^cX7vKJleXn8NrVNJTW|#Q_ohh^f-?JvWA907g2;v$Uf{?;%K?MVDuQoYg;pf) z&wA5MiZ$=8V1UMAeZZhC&w9`KjGZzoG~3mKcW%YYTY}S~lZ z+X5IJ z`2#UI=9bj?k>?l&fJTfOe76yql|hYqny+zYjVL1+0+%+UL;}sAZ!jE#)}~wJLPtV< zYelLCOAX)3WDWxQ9&=J&SxG&=+LCD1ah<0*snRauQAS!Fjq@I9^3KviRhVt1Av+Xp z?ONg6Vc>dIpR;Tr5O|?$peUi=XI$iu!!(a<6c;UmIsj>{%C|zf0SU(@r;V`_89rQl z^`gSHgpJDrG4jyt3T-_-sAz9eBd~TPRX}pbjyqKBiE+@CW%-Ka5Cto+0B51^OF-o# zTXM&PijpExh~JN`E8S==TW&f;U7vVl^HhOQS(x+KdQ}5S4~!Q%2BdN_6^3d_PQ{hA zQyxZ1HCk&SxRP*Btrs*=T?I>U7dgdG=d@^%^#i!27jfFfg_MOHjGtQ2vS9fxLXaq6 z^eD+C#`kbZjGB_d-DYO$QyVQ^v)-jy3`e%x(>10jrbXq;!HqkMk2XOnNir>?~lo#_huTZ(hO+vc6 z2*;Sn)@*OCuO2smp>^QD7$1#U@V1i`t>k7>9$uLDts7jr6>V(G`u(J7bY-41lggfg zxW&`2wJW(JwT+k#U7Mg4QEQg%=wB~$D(V-ux@g>Cqv3(3Nh9r0syXJiQN59dyQAAa z5MCRf4O~X(BY3AHX!OTg+ws<-Eqpz5ZlL*-uF!p}X(bwl{MT39`T9^p;EaJ&+q`>m zB4<98okz^fb}s3Jc-h#lK+bSK6Hv5cif1WvgpX^)%1?f^ zQqDHsU6hRU%~N*Ou}b!_sIu%$tJKp=l1}r;?O7RLLfyKC8-b@=jn_=l1B`Ko=jlp4 zO>{P_kJ-sfF{1>urO8LlMdfc_tEYP;!VIZE~&cWV{Y!KOPy{)~d4h-@U%QI*Bny+(iuO9Ils9r}wNy_?$_D4H1T-?fc zN>u>I9-o~`3|5fj3eX88MVKdV;k9zPcc|nl3erYWokdevj6Gs%= zcYr(QsX+vCg3A4U4r$%kr=cX4IXMhid(~UmcAycbG@H3dj@H~L%K@Kyu*-w;^r0YZ zc0gZ4O)3b^b5*e=8`l9!j=JF4@tYxebU2ZvIB=TyWuDfD{ zWOY3&ox8MD9;aJxjmN*zo2gDjTp!l4-%~csb-BZQxB{))D#X z9^m-zo@+i7RF`qe`h!%q9o@}{<}t=z5=R{KSeIP8vbQI(s7~cQS)H+uAknk>4jQ;?itwQPnEWHnEOF>@4?CzEem63*aoQlxZ^>);* zMA51t3KwicXs(q%aom@AG)1P~n`xKKAY}Az^{+mwZ}xK#jTkY`a5%1LE@>4hXjQkF zL*_licFE0ZTeHrsmBniJyD2-AZtT!8%kxxbwpil?F~_}UCviQ72#k?rWH3B?)kkyY zjr=xxnjML@q?aY}^A$PhLF-IN)nohop4p{sG%1opF@WHlq2T(|w=%@hffE8x<3^$& zf-ft<7Pru4PFrifvJkl=Z8Rx|r_U zMoiYSDa(v^8KEUkRq>P3gzmH{l_m^Bu6|rp8$yJ9=kckN4TSj?ew};Od6fCARD7q< z)QOI_eU36mHFb_xKDBY!Lt=#QFVxk&tcVzAait(5R$xiT%}t$Cb{HIy>q&09MdMvrlL#Ft~XF`kF{)@W;wG$NsL-Gx&3otdPyc1J-L zhd8nGZq&l0X9ulTGF#iA0auRw>o)JA7N}&pj^x4(qukYhwFby6p!?IckS#YNg`knh zVifw5Tj-WQ*`zAQNF29Z*3_@D6O-s*mbac=iH^L1Q%=n(D$Jv2$^i7N=B+JCj=Gq4 z>QLbcY#y~n;?&;8v7-fX&P`41?o!ljR`Hac*{Yt0bvX2pFT#dk`{!56VdPH1;SV01gcyHbJ*x z$OfklK^f`wqj8UANszkZHC0KrR$x9{)AAMWO&%F{XRkeKRAp8n%`SjZjFovGKPe{^ zts>5Y1P1gyY59o|!y71W{P(L_+IEwGdJ21w%%yOfq{tsi*wCKT$1GRLoybK?T-y^J zE>l}(hEmYB=+1C+(x#F_8~|sYy=Z-yioa@QR~vV380MDN<8KFw8qkzE?%kXO;D0)~ z6p|_s58kP1ST`h%Pu^mGI&^Y~t`+gn=QTTq+Z~nXh<~=U*zDuk7*H}#{{XJJ=`H26 zxy_q-t%4YX{WDzYDt_w}b~7X;nVw*BwOT{wgSV&Fw^|fN*36N4io&#X`I;EZwmNe} zpE4b+ThQ(x)OE{SdykgcT(dDat#2ExoVN&U1VJK9F^B*d{uJ!vCD?aQLyi*|i7Ccu zv6hojg<)SZM(Crt{Oa^~1g^xtdDiixnOZkff|=-PW0Pv~M&U`>=!LO0q2GB3$N;w| zHLrIAeUdXGVT+J+=|ziAp@(>(E<=yuUeu+(b{z4>b5&vPMzV%AY4UwdfDg<-L>qwgf*-R>)ht`#~0U5xX4Z-Yl)~s31 z=_wpzJZ6(uLVA~-w@N|D!V_4#n9b6r+6itFrsf;ER5Rmd*s@xvEqx1iNjOY(&uT7# zk#-YEvv@J?Za;KK<^KRYHQ-#lzN*+x%?k_^4TnVNj zvba4BX}||iLBQ)$#8%Z?Ww&0m{V`3-s8hx>%`4do=SI?n&~`zev1Iq6Y; zaon!a#$!@Q3+)Cpg6`>PGq& zqhJ^11ByugX3Gqk9>CqSFT*HMQF1*^RCe6$xa5QD%_}rg*Hl-yVgLw86p^!)8E{ss zMhfNC+Eq(rnw!k>@ONN+Xw?+aYtDU&ufp{Lu3JkFJI37gz^BW7idqs%Osam%5QTbg zb6M+cY?AqxQ=5qa;Z%@6pENBrTZ!1e=ZPR87nb~mW85^5Nwf^JR%=ZOdY3I_Wq>oV z4&8mLS54NXwz-U}?$~qlbpCZh+he7F5!qb{ro1TAk;~`u1D*wPmR=(^8v0EXfTI(* zlbjD>nkd1h)7X^THatb*v#5D8M~{?XcR2UwtsW285*v$wBAlOIg0yt~%Nj~f>9aG$ z&_LJEcN>HfH{BxszTj|s(_1^0b5h$@GQ3d6LIc4qUc;eAucO;WBvP2=y=o;M zR3$62^fM>gOiH6*J!?_5CXIH$qdxxt{<>D~Q#01`^78#pnY(Y~KMdDnXBtNWfy?70 zlaftc<9ihasRh(&cQ(gjB9E6K<38D}{YzA~+AZLoFgkps6GOWbYwt5ICS^$E-?S+H zChPjt32{95dy9aP=kUkpO>K6F(HXjquWe@JCDO8gKh~+Qh%MwoL&YHU2l{5E#oFx* zf%TOkwm3|V27mhX$Y0*e6zo<;E_pdQ#Z+`DBM(uUSC7n)lEUxU84SkN|Rh>rR9s&7&Bl2R~ZbiXkK}#evOdeL-qfky0ff zZ6>ejI^4Qkk(+sTxI7Wss!_VsN!;nD@on$gBbHmzNarDrbNSURXH~e=%E>Wy9<%O31d7W(?$oB?%a+(CSm?%XayGwVyJ+qHj|CbBLK6arWk}KC2-@o?{jIn$9zK zxudb2HR}0;o_@6eoxacsO8a*nJ60QRXCf4`lgknTkyh3=0yi8S^{VE$ZYdJH zhv&{})OO#y+W8}|T6b2k((X*C7T;*jKDC!Jtdp=~w1G)!svlC1m$lB;%^-+2K|G$A zs=dO*UPDKpn~-aA%HgE8^4NYf!N)=JTuB5TSQ#h1Wo-sR(?1@B(a!8ewdP?h#~Wh# zK<*7X-tK6!6~WJ`s*A9kZYvjbJGSJU?jxt`QJ^KZtNuBpq*tk+7Ut9=q{OM@6=Ot~ zcXGIQa?UyubNy+#Caj2hGDMD98_hpcih<?BTn5QdhBVT@0CL6Ut8PpRZbtRn8O~|cSc7_mU9)wvlLb%*wo8#R%oqk?GV_< za*k`w!-oq3?^ZNoulv-1;lT*_SFklCfy_tx<+_vOp$ph5Yr=^6nG~(3- z$z9HK)00-Fi|)7t1I}ppbS*oTZd{`D&T78magLNdKqSCygPhcD@~QPT1Kh06RO3DB z^b+qLqN*%Nu#7?A;~kAk(_z8g$EIo8;1NYMj>ThU2he7cRA}T@kyr)l4;0iJ*lk#P zvn!TCxF6v>@l8Yl{QG<0(9 z`c@UUx|Ufs~RM7UL$~2m%puNS(o!>VlF;%z- zNIVaEU`RK4cs%E&N0Wn`oK&C|+D4IZxd5MDwLFpKO1SINs#-CXlW-eB;Y~JKN``hF zIL#q4KQ2dvws22DPgsINr@lImT6YJc64WxYs3iBvsbp+Q6pl?GD<7KpLRb%Scon;$ z>C@d#ZmpqdMWY6j9H}1s(6rX}951|gEozWkOAW=|m`W*==7Txg^ym6lIXPxk8NmaZ z8@p|pwPFaQSIlkKKD73P#zQIN(xYN*O=hUq7-51vYgDRd8611klV}FZD26?rz3QT~ zkV71kOGJj2q>#xZGAZ6b&U*H)f?NA1rt;=_^tRow`jw-57_YwI~XLE6ZLS0Hq?^8vs{=;X!IdbZGAoKau(cFpj!mQxA z>ywjK+vV6Do4Jo5-I7}cdS;&$+S%PhaS)8A&|)%$ro{{Wt8H?gwS9CJ+a%I?_%IK^9e5#d!%2~g$IYHO?L*i)mjDQ?NdO;O1b$+Xk~3L{ko%Pp!no~KV_!GrVn97P zryT>RN_I*CJpE`HX539s(O%{11 z<(Wc-0DB4)Z>cPTF!D===zS{KwK&dr6{B`4J8CjP&&%GXNJq+PTziSA+&Ku2`6Ges zD>uw7mBFO66NvI3Ae`~nny}t&$&DlF=~~{%r5lmF!YJ4;QO0VJk(p0_#{wWaQLSC}4JhQ6aUZhzJUt<22YMj7kCI)biZU_Gr6sit&e0)37yAe97|-xTe*S za$QInSY@;Hrp7-r>qyL%epAU9sg_mTKgN{1k6ViE+#Y)IP#EOgA3Pdq+Q8Uhn~l*eGWy+q=!_6E!S7LBkCkOP5h;Wn#B)z=%S%fYC9u>K6E5{qI)9T@O_a(JvGbO6z_kYPJ_Tn%jB7{FTSb+4-xs&MG$S zTvD~qEw~4J6y8VHq_tON088bb`K+5J!{%pHbn}ie*QIlg&%Bi+pHg#8Y$-0oLvI^j zuc+@&g-CzhgY`6b7Ua{+Q9@@p7&TcJ=NmE!te%3k^ey?W-!G*yOMTt`YNYH}pwzc? zT!IS@9j(BUGG@PwQ1?Pn6*EO*;}%mM}rx-lK{k2;4a)oyO4VWC3~PnyS2#3H&J7 z3iqrdgpRe969UK7)JtKlSx)XP&OipT=3S(adRD4h8IcBJeq57U5M0l0yGi*^tt$sF zQgb9HEL$vlRc4b67#>G#(SG4=4&&jh7Pr14X?2){){sP7X&D**RTqmji+S}ameMtj zC1Mdk1B%i-)0X-qN}ZLCK56AFLu3l5^A*7))^gS87A{)cd8{`#Pg=ehZO(I8+RWRg zrfkHu$j7Z|#Rl>N^~bGkwxl#`>1i9w<;VjLn5z2ToM3WLe5SU8xtsDiiGOz0nXAYi zC~@j*I;&foQ%6H@x;eMB1+MhLZG2;F;q4rw~ZCXQBOu35l@$?r&J^U?T#PJ3&1(0jf0TD{KM9=lGK80 zhe-;r0Q%KwBE+RSW1;n`8zr@j?m0YrRhE%$;eD@?++g!Y{)5pNvPSKe$?M$GAt-Q8 zY00Ma6SqQtD$%3RG#;S#I=K$A7v2j-#B{E3EXgJ5EIQfjV zi_>vg?lvr`!4+e9QmhE#lX`{qEq`j=1o>Y8dS;w;S#Wo@ayjO<=8DjcTb0ezyJc7! zjLj^ZGUxED-I+=^9yc)BMOcE$=0aT&$_}MXO_CakYCARn?cCkYO-l`-l0vv)_|+?e ziXocXIOZz*vOP^E^p7}gpz+s=&R4jVknk{@h6whnNvJp2THj~MoaeZwYwlIdySW3n z3!kM+3~b0*PYdf!?Vu=@t>7MMB#@2NgWjlLLc&9gF!eNC9BpB3;*-fB@DD>oO!3RM zUY@3#wS%svqedkOw16tS@r81mc^&9lgI$Vi1EZFV^XO|<+fkQjihe$|ri>NKw{anb zSTHPk>zbhL<@}^#qjB7c+bjltluMARb4x(nf=K+-9Gstg8e&S&I)RbTdTCrv=GtOd zcLB~S&XcFjd2*_dyr4D;gU|ELZAo3~4cOf}P0SZ=$lh8f@HbpnMFhGN!oO{TDIXYP zo`0QXHt+kg`J7gpj5@xBYQ9ap5V8~80!Qmwike=pr#Z5*gh-s1F^Zm9rFO^9F6Sk2 zdmf)~RTTlx@Qh-r{jIM=l1SWi{{TGH$y-rxshxLh{X<}OtlT%A52qQXoyWPW1+!hg z$hdGaMRiM|Jl-CSqh(f4z8GNsHP2F_g^(*GWJ{J7y(_%dJ3kh1pM-yc&#@=dydo+FC`>_`D4hdHY@&*gV(JJ?P^jHFwV+- z`_XT16h6_(IWu})YDkz5!UXXZRmhFgh5cJYj0j`Zi4a1YH*isT?D1fB`1 zvxaE)^aZG}ShFA93P&Ea*HUshAW(p8F@YvMdh<-Xn=*wQ1vu$Nt`Bmwv4JU(n`!Nn zTUr;0XVIg$jyx~g7i$takIs`yUh5&dY(Qp}=V#tRxg>x{2CH3VQMmbv9= zketX1u)}f5p|-Wg3u7HI-iw0Vn%phkqYb05i6w2OM(Cr~v$Yi#TBOiM;e<|9FzDX( zqEsa1@l+p;> zf_i4I_9jlmFFX43YG-|rjNyszQ=?){*oxczA@+fs)u95U%BVW_q_ohax|{kc#*#|X zo-xKfYoLPO0)&Upo6jwpO|wMR&K_t)H*+R<5;a2Ps{)|$>T5^1J%@{|uq}=#p64mO zRD024cO3-cXnE`WsyGLgaUkjm;-8SwW@)5NyE-1CqK4oXVANXVvbw%q*?NL;TRIvU z9UXund8v>sjXg?JW>BMr>U}B1S`+Gk7^9I11-jtW)@mLQ zq~zl?bS#2ZSsF!SmR^`O8n9Bi9k6)sNJxCEx)6KN5J_q_{I5wn4Xcw{!a{C$ZNs3= zSdMdzu16+?v}5!RYoj^xcU2vch3 zcX|h6jeVR-2tZgM8tUm6qxO8%-1EK zZ>>s^p^#v6(={DPTJBxJMA?u5vL;;(a0A~IAQK58Ii86^I-o7~B*L@cEB%{7(5 z7{L0`xcUne%@o;jnw_O*Q-RitYjUFWu$xSH_oqj}!RIt=SCM)V899{a9RM{v*9&mv z6MzRn#%kAbtxB-|?Xsv_pIX+jh)o=Wf8%?E0Gwlrc`M$o{;<2^A z4=t_S7VtV1JTvX@T=ek@Qm~tq`Aj>zNiF1&JhSBv1CiFFfIN<|vhaF)R`Rn~MeGtm z91}1}1A39(l0hMbS~ov0Y}8+?M741m{$@~;5^=}*=A}uRKm$fFIn5^&MVYTKM8va4fv_}4t!j)?+lI+_v9r|B@bxKA|6_hUi8AMG61FRN*C zYx;q_6GLkN7|9q_1F#fQe3JIE`+;iR%G!19rJd91`ex|dDc^9dhjZ!Iflf9JBNLaF zX6i}JdR+2~v-LG^ncW%pmQ&frT3w``%5#scXTdQJLn#B-iXzn2(VJEyzMXug+7F=_ ztVX!nNKyLLBqp!0u`ABQ6{!`3$sXoY?@mo3RBx$X?f|Q~!3XJ2wNy-R=ZeZ(4LwJX zE#x~oR5MItJPrqQO>7q!E_XORbH*##wCP9oWtxlvBT>)Nl$DYa+@0px@)iTs`qXyp zC7hK!bg5eu^f&F9BZRBC1dhhCWt;6&t&&JsDa#z^`qM&4+qQ*cP@9Pdup=IVJ8Ia$?C0&Y0`vs*{daXIUl?iOVX z0QU5zS>0XR%Ob|5!*%qjvSseddX%y>$p{&hxgl!eM$jNsak-Ra8d9~A4^s3xoEG*^ z9n_(u1LaU^zMpsqXCs1Wv(=Jl4boxrflV%Q%2*m(fl5{+o^y{%azDvcU=ZQDVynoz zTOjA@KooTYn6Nt5Y#^+iswc44S}A- zWsVhYI2BQM4b{$mY?mcknY(rXHKTeA-O+qOK9LmhMsOw=VntH8yYpmcVo4^QJ4HKg z%=Kd$aKjkppmL+!)TGMaa7Ng`;{^Ivn4fG)cqhGQYnF=sXlsyhj(gV9x6G_6*5J!_ z^7&H+=t=8ZI?c>&V1%&UTElZWoNUEpW5r`@2ogAOdXvRxQR`z`U5PD2u!PYr=!po`VX6NaLNWf>LB3Bxm%M`m56sV zZNc)%B%IU|?RFu6J-HOGc0Q$xeHPYe+kAx&pcMrAM7C;Xhm>9ctLDCvDcr2m&I%Vo zPjE$F^A*=E7T3pWdRQ4(V)@v{3wEfdj4Kr*H4W>aUqTq;3fWR~^{KqZLxu+)riZC4 zwF035n2dT=$dV1LqvZ|MnyPZv#o0CHPjlg0<+O_R2%6eMg=HNNq2{yhZEiH;6vkt2 z`>TI)PeNMc*tw#lS63k}NeFo)HY(=7;ke*{U06Ff?xnJ8eHM>mIkvJnxZ#v%%mf41 zG^PTdI=9Mej!`MK*nnIGbI(0Fr>ue4F*P1yWa8;!JEKvN*BsO@Fp-OAudNc%SWfR@ zxk4Kximq1;)QXfefXK==mi#kQMV2EN&uXjnC7V`P%D9enOdnBN2G2^lUE5W2{nL-@ zT~L*^iAm^Z+~~GZw)A!@?$t(EB8~q5cgXdqsqbn_ky2<2Hub320d|p+JJt!NtWhzK zc+UWPQrp;@rzsi3d(&Dlj;xMr32f&m>UR#=rXA$)yoz_epwVfaih{!pR_!N|4gtcS zT1!pAKIW>%#z4Fbj-srjJ4XHM$E|3#G-d{;ITuX%1Rp_JqC)7yBL}@HF07TH`#Bw? z^1RFsdfAgrmd-ILZNxaCbdnt%AZ<>c)%k&hp3{~K*$nFH-j9XFQKc7ts@h= zk}Bial&;~4&h^5$US|kc{NGxqT6vauL~|0=O_Bq zN-4Wo8Y$_wk=*L4*FWk)kTdJp^{Vr_!G6rmgnZ!VidJe?V|tNXB9aJxYK-r`RoDT? z3<0e-AS8q*4V)fudsUbw5#x3Ok-@65qU&=b-x04qJ@yYDCGt&b!G6tu}j7 z235Ee)3Dy9&$}8cVH$&KsFLu8DPsi)&u|T9-oQhJ!4x1IHzo&Kcx8zn zc>C170Bl2fBo0MZxFE_8PI;yQBp!TZuTfQ8l|)Aea`BPrQpsqs8-PLGf$vhwxz!&b zszDN>EW21`M?xys*~gdjw+eU%y(a7?MRLp)MgbVWHC)C^jB-srfw^iu@x(_U)8UDy zjFQ-5I#ji#!6Kxne6lxv)7Q|`UIw?2GPz=VW~n<5(4HYHLib@$?t6pYv7OrL@tKZU zjU_D|g(Y^0Wc$HK1bfxE?o>po9ESAGD6qLbwyL)9%@l|oo1+oZu%>@9R%pjlnx?vh zrsZYWVUA6q+c@o3Qa5Np$vk(bVQek9!(?$+t@rOF4u`2VDOr`dyQN!~G9mBJCc3{5 zY4J%l&z&YhCKo4w)TJvYV@RAPx3zC>5dqw;dUveVc6@KG7_P|f6ES3QgP*NSXi{|A zagaOG=naV!eoHqX4AUXpnwHi%56G$w^)Bi}#RD?%M@oVOIL~r2YF5CPQX5qSp1hNs z*4>1{-qup5kz1Wlm7C^uW{0z!Ye5dE*RyH11F_ijSl2z$OrYJ!?_*j-H=E3 zk4mPn?M7qws#z^{C|uk>+R`;A1F1aL#kS>5#ODK=Z?HAgit0lo$;Sh^s#C}!nDPK> zNpur-CM3-e1mq6YEtIUXZEuuzrtZhFEP$4FUTOsj_Q3ZCts<>vC?(S?$j4mO2<}=t zpDZ!Q){AZ_8#XWJG04whR^9*@$T>chEG`QeSvPxA&jZ?%5d7p|)qg02KDnW2GO;eM zcW3EZR?fx%f2~s!88frS>zp2@z^cAdVtO@Nx92&%7`t@t(uAAw2?2NSW#rnu!3A@N-EILrQYXY>KP97|lqbJc3Jb zM@pYTnMTw!%t0Vf@$4KNk=m2c&PvEtc5{XeQ^t8ag%`NfAi4}Q zfW!dyB>pvaG+!(h>UvZ%5d@$loZtgf!_#gE$4a|ta^kGTb(D;%=iZS~_$~TXG@35O zh~j3?sHs$>N@Q`n=}9YSEw(Hz)N{bGqJ<>#!>{LC8hkLKsaaH$+tk#}xS;2KdYf9F zwSNtaW9?ETVC(@&3O`!qZahmb+J0s%>HYJc>rOF@qC$^UIxTuxoBbdu-RdePk&|@0 zxF>)q@};qH(O89F%#HGdx#+~zn-ynZ9zeT$deV?x+=fLBa#7bOHDTO`5w191K&IoM zGokSG3u~n6H@6A!0gUzM*i@ zs;iYxO#Z!k)hMJSuc>E58f+Sfc2{>jShrfYu4_N>HZfQc`BYbYp57 zoVRhTcnAkydP_Jw$p8zQ+A&c0F~QG8|xiYe=g_Ty5WTOGbyy zzl9VQ1oK^llY=mgB5&P}-~PJJYUHg^gR0y!A1ojqymM7mRlrDF3ageUl4p-cx~|gS{O0D`P7APZBxg1YUl%jxC-k84wlS-kR)C z)Y1e}G}7hC=dDRCgG(VJHo8}^@;tR%Qx zH$Pg72Esdy`-cLzZDh;{dV)IDSf_GnqzQr#O3c(RWsrd93+bBH4%(3=(4r*AEO@F~ z({6$W$?9tvYVKQx|Iu-6;5xKU8XXODM!>#U5l{D?4SY)_cY1yj(QQ?RPOW!h~P8*=$PPk z&MNb24$%NXSyc6_b{ke&fOR(BXAF09j-s5tSznn>4;ie`?6)&#-xQC7xko}OyWH}- z)Ss5AP> zmKh&S(c0Wj!6f;@7T}*@SbC-E%p&s-%sS?@l(f1RQzk7)!9LJbbJPmyzqYMD!d2Ka zk=?5&Ce@I+vHJ$cEdzOVr1RnKiYHMV~dom?x-0gMsreG<+>OBn>y9TUm zS!BW(l1@64Q%;4UBpeFaGMRyTHkl)k4`W!ehC)>GJw-&Gr0=lXVp2`O^sV@>JlJzVl}&0ZSY`8O zHwl&VBTU}P~T{{XLCex0MW?yNk9EETs9Ju4L4 zQ@K%h)Y_Lx=1i^`Pp@Cru(h`-YZ@w$az<&xRwt>86_oSF(h%4k4O)iQR1h$E{JgyjYLk`44bv zUEYCm#k_&y+=LwW>r7)Ncu>RMhO{YY!_SCrM<6yj8j>QI3LCFOnn^Sb*_KfXj#!NQ z)wt7m!8yfRcOkLYB~_3&N@TYw8tn_$uRUmK+!G?QcA43gj|YGaSiWyIJ;#Ey-r{-{ z;c%pG=}9xIwlXnCnD!A4*CAV=s@Duf!mA8|I?%NirK{j&X~$qn-TdQ{76 zi*3U4A?5}2sZs?ZA_pg>My&81eE$IT>h-KqAQLbgbWGB{_AO{>THKg-%0L|S9AdBOTCdrXS7teO?c7k1lhEch zOO^i7c?igqk_Q!6$=-V7HBEIWlILi(VT_Skmh$;C24=uLsq9AOi<_AFIRKwZmflsE zAp{m){pj@=`{{#2wD&a}4BlHdIXx(_(zyFb9e3qU3COFKO2HgR00p?`wGwyOmRj8s zE;sJYKx9q$RpZvDRt0JCzmHmuMklc1tDp&j&N`9lRz_X+@Sst!F61S1H^`-!cReb3 zE;Aya{t=22>J5tE<8c7ibM$!SbQKrN6>Y0Oy_RXTU2VZF2|%P3@E zSO*<5RHRps;g>k?R+$@`Hc>2b0{JAKnWwrUzVYkpN$y!{2*HWV9t~&8z&VX@1xHXE zt>mWOz*TFTAtNosOa?lNq{DMdOdufsm3`UCz#LTDQ56KtZVGnwtE_PlC#5+n2@X^8 z9%*AC@(_yQFK?|;gf#NAH{DNuDxIuK>_E3nvM>PQyHo6#`GI{;b5qn2 zw&-* z53-&7!6;La=~omZhIR*W?rP$+G>KGOPa`pk7kqjO*wAfemVKzXKBu*6+P30)GaJTa ze{2Z1WX3RXd)Fr>=98yN)9j&lIzI~uA6SKB0F_csYi{m&EpB8-t1#`6%_?!O#tyE%_otQEl zJV;b+004de z0Q&SThQ#xgoO*lJvv#Tb)gx#a&S_Xg(B26`w5^{+2dCDVcW}G%t@C4`G{lisE2n1t z_ReWv)PS`NFOhy35MijFB#d?a5<`SXABs0tJqtVWPEfr7nzo% zP{x!FJ$u!2bFy6IvikO+2!m0RehBocFux~^nwfSErF*#s@*I4mRwS~hbFhl2tp(&g zF9bw7s11x0Q5(iCT=Hq`CFU`F>$!O8R&H$C2!n^80?rSm}Jc{tBn>TRx| zy4i*t_BAp?i?)KfOM8NfRIYm($JYwHpC$ptIPYG7O$Y7u1ViaNU>Mf1PdH zTr74!FaWJKtUDRgUQ01MdUmR_$j((*lkZw+iM915jX_WiSJx0FrM5ektfjg%gSoJa zD46-j13e8%b8gZ^3Z7W>6)}#+JuWT1jnXN?k_hRZl!*ve!;l}|ijlIqD))8=x@a5Z zY#NUy;ln9Ay+w1!MRp~rdNNWlx%vC{%`#oFzS#yz??+ti>Ilo0 z+)qPSd!e^O^w~cL8qw0Et%_PRGqGy0k zP=z$ci4^dqPCFXXH|QqIR^ViAB>Hn*wX~7mXj^4p-bauQImJwqT9x)rX7R3z?R~`; zp+Ek*sX7@U+{7FVQ=Hq_iy4b-T0%4P3X)GT1~LvkDcxLTTbpnvoYI)Yhn}LC(&`MV ztH%eu5Z(Qpk}yf)majq^lhB07STP)A=AcjYp69JLRkSRvpk^HN=~q_KnFx$wg%@PE zs6@U{+ahG1IjKdfFV7ofAMUupL)8s z;HLCpQuN$OGCj_Zj@jnAFAjKPQ1K1RM_~zkedEv%t!W6Y*>vFK>`~V=>9k!!TU&vN zBRg1nRY;v!0k^G6h_vWmR4M|gBO}(U5*F-pjz&#d*sEEW^#B8_WF9$iYL&IRPbnLe zA8Jv02Ib{*3}JT+uLm4btg@FsF)Q0OvKg7I29=b60LLU&6D$4G$Q2T3jZrnRL_4JC z(x(g!&#-pyKa^2`}$i7l4NUWoP#2gyOzmP>SiW!WNo`sH0IQ2qnQTC~GZgLRF zho6?Wt*)V-*ePwYspxvp(M3C`WqDLTDBTF8wur?(2X3^c_7c#kdm)K>r{d2J(C=-^Q)GV;dYJ1k6~37 z)~IUx9VVM)2IFxgWU%M11zfn*C7wW$WmJE6fl}{#v9)~)S2xXVDhZkPHaB4Z0QKv> z@N}AUTuFBb*rh-Lk5l>AC08c28g@>`#m|wxUztd5gEh-)T4V`q?(!mndz_!jvQn^< z7`7JHdRdgqx;aPP3(a%aI;3{GLs_56Q$A=}D z;N#}}>gMmHcP>gQ_AvowXOkzB>sGCsa$`T4sBc>mm4?W>X6x79sol%71bp7S(+8^1 zY?lF|45SV@6_Fw}&J%V?G_R=Cb=26jfvs)A{pP1dGOkPD9QQR(RdKH5Q(eSm3I=`0 zH0{bp5r$1on$#{@IUzRWu=F*fZy-`$VcZ@ zZeID{w`- z$Q5H!S3ksR-lbrciyV`!YBq8jXh4iCx>GHW7x{{SGfL-K87gPMe!)$BI!p^tN{&i7_TC7kiaPj{+a-zo{o zVuJwZx93}0JCd%^RT$*t(@UMll4%X-ip0Ay891R~8Oh}OQ}hyD%Q2x`jDvyPRdx*Q z2VbQoQ#GvPM~e^3FRf3FpLey;9y7@_;+jOKa;By?O&dg|w)UYIl^HlR{YHXM z^%8W$ePWjp%F z%&u6sPPFzDS7pN?@|&FdR&21D=L4~z9)^r+kbtA_eQG(b{I?3@gWjYWn|~WIK3;Rz zih{~%ckE-4?^d-$Y-;W&3%qCAo`K6?=L6QJ{S6h%Y~fhPqVB^d&Z)hCyZ$?f{Co&RWwg z&MKa^9f#V@=0n9?jTNIVNLB}?d8E~VMqtf=I#QF7^r5Q=V?H5}oM#oDjva?w_Y@>M zi9Bb1dB@hFp3R{B<2EuqY4cciU0GIi2WdIZI+}by$892id#z9u*?gwx0)b6}R9V9- z9B04(0IrL5Ce}1>?nxn({J?jsT6CsZ2y=pJIs@E_;kuDUo1Nr8B+@CGBW^(axu`C1 zP>;@#jP^o$b*P=0CIH|9DJOIaXYJOa0?`2OcnT`_)eSeQIz2Aot+a=?*q=8t@%MAs`_@eQ&)GMN zcSy)Ry4O7@`|XiyYjcylFL`kDxGY<~YR$if{KmJD&h(h%h2vk%wqR^RH zfMsFn$6B!h4<}={1DsP}PnhFe0s-&MRhnTV5DrhOno8_sX(}wg#mB8dc`BT`96wI9 z?8mz>p_CcgIoOgLJ!@SzZ5~@-dS;0|L|aK?RREC8ee+oQh1_#9LP%EZ0jcUVW$ALX zlFGR((VTUyqi|x6bh$b8G~VI5Ga}TFoZEixc&P4f2}WX1HC7Tu6>%aE+#jtXM#TKx zsOmm~%^6k84l6yBlY!8h5DdH=0iH2bB0sz!4t;T1%Ty)t1>V$zvw%%=(&KT!tBcb@ zUW||BDtlB;-G@(VWA!GsxoAG`e)T(CE60a(nwxbEnCnPlxFoZM$GuG|h#f_|hwwcq zscT_3ag5h4clo6IgH_&H9rEXQ)~U%og4Pvwj#*7T_T@}`)Gf#A5GL!8SYUdZmhMsk zjT-{0_jX{lWNMA8m?9AgEq@ zp0zpzk--iI)6$xJwlRwCUmA=m-#Jl%jApX$1XAviI_Hy`C!!K&TQP16aw_GdWGKhy zT#|M}we~EAO~B;jQcDXf;=y#HN1Z3ichE40Z^r2|MEeA3`na4v>%@N1V znz{K2uBCK@i3cQe#b~*VTb;}SUdDy0DQ&3@yf*hThK+{t)MmEEn-$6dBqxsIj%J35 zS4^~t01%OndQZ0fk8&hmA@!xKw_{}so3T0=$qSx&?O1OtkxEA3LGMMn6D`100c`u4uTqwHPDZI-L5`k^p#YZa(!b+fcrul-u(6 z6%Ubz&Tu_yu7z^UFC0t@43Srj1c=0u=-JWcLnFK2CInVg>cMj?wHLzHW70)apNVr;=NnJ z+L-X(pK{QsX&mj^Mo-tRMD(&YjI9@K*}(YihNG=L{8F>M#tY}M^v9)OT4vktmFBgS zoUCUZ4S4?mdkV8)0nqfSw*d;a6o&mOUt}>5%l2|)`O_H3aZ%XJu}|}E!RgI4qb{oJQ^c+FGgq&Yi@{V53P{6BOOVHLp&2;q%fyR(EyWkhe7^;1h{ zp=(n*MwZ@H8_P$YGtMeODuPaM%qg*0sUj*mm2Cbwq$&}&^Y2g8orw?uAej%!dWz9N zlc5ZH)$WI42_QvJElFa>tw{qSLQz!j=yOpkvaMrcOOtP;EwY@UC)~|eW~VQVLvt1^IO0hf`JSz7d*-s0xwWe*fsHM*?CWCO@GW5c)RJ43aK zfO><9<&wI%Zme%Epwb*XrzhY40IyXwOMxwz^BnF|$j?zykuO6seL#JjBodvt>7ItU ztLfTV%C=Y$&2I%^*rwLPSr^M2fa-lJq>C&!0H#!f+O>}2YWo+aN$#Lm^4pKR*y5|k z)HsfK}UYI2i})Rk~LT*n&8WkT7lz zcr_HpTLQbe3_$+?Jk;n|vP|zHpGu6Vk;x;i7f(bhSXm+px!aNSswjbH1~J#Msa?vx zx*Lk4U=5C)Yc@-Cm5Qk6KDAfsB>E4A%p(;f4)ob$SjIplvp`$1X3j+?E%&ikSAPbW zGWb=vw<>uevSdt4<>#$c#626z1v~v}IUEMgIrXJ`fo8^Wu=L5H!+DvuBER~K=My&b`9;EoP>sXofZ48_96dU4Ad ztM?6_rB%0YHHl^`*cz=Rw7=SF_$~610OZqFlM4~N?e@GW&PQ6gvRMbr2mp1elsR=_ zYwC$1j|ua*tMJ@gDOkivSf9M(Bvy95z?(weNTB&KxNIDfJJe$WG6*chrCY?*eoRONZGL(#zVSqc(wjRZ3RhWkvC(u;rOEDP5HL4cHsifa* zu;c4ggfeam7}~k(O;|N7`B^7-PWUvc6-i}YoKoB$VeGifnd-T$d$$)ZF_Vr4JJVgs zd)T{d5;VoZ91LXDQD-AN8)Z9K{o~S|mtBI_Lz>ju4>9B{!@g?lGcS@{^&JH%YpN>t z(GXkSdGZmD&Y_V4%^@JP$S~@?>mBZzJ=iBSSukeKk}$EH5MP?yC<)0t z(tC+)X5BvCN#`{zG6z#0dJ4M^<*QW?w(R87+D+4v4s-8CwYYUB5=J8k8|OcIqw^Qc zW#5{KAQ6K+Bp?|zLPj?2hC9!#B+&X?e1GW?u{qCbhUp@L(o-aiSx3qV;F@u`{YVNl z(L*AFPTrKs9FgVV?#6hlNfOy!OM%2PZR4#1)*&D&aC*{};#T6$Rh_qV`qld^c_oEK zn$(nM-CVX#4;kZ{TMMUoK*tqHCW7wf+P?06J?f3*jtK*HDo42j%65)$X|J|d4$aey zno+VPXkTUt8n3N2T|rIYQj2d5@1JbWzuhkEp zUpZOPMkONZ*q0}L`v=;7G-a(c=fS+G_&V2;V2@|7kJx3<7PuV?* z(W2g;;d_ac4S|=Uu{crhU520GwzRWc-at%!Snvt-6`fkKdRTV0?6~Z<@W&BxE0)PB zGg#W?>~9a**pyy`(x$HNg?9HS*=rhQj4f+t8mV=|F*z;x)-Jbo_SIW-K!~S23?IbS z@ut-IrX-BJt00zsaCPH`HIWLV+#DR^xb?2cyP}%a9WRFn)9z=xDp`u{TAB+fuJzcZ zZh-G>({9e}Ev1h|w160Qo^#Whf=f~)CwI$P#n?p|Kwag2W;_awQdpnoA)UF}4QLt? z$q{fjx8NwYc+z7TPzE~E-$VjktSE)ivQMRE$#6E3#A6hg&N=5YUdbY{1T|}0>dLX~ znaIbzRF(7)qg7d0koZx@2C^GfM!9hkg(Onq0{lUV0Zc6pY1K=Cp56WTwGX239+TJ|rQqXi7(c^nE5%**Bg zf=}gCZP`qx2R_-Tp2V++i&l|_&2Zg@ zwI&#j254SjEJ2HH4T`hn%$Um@Q@TLcQGCfGQZQ;A+tDn8{Qb_Vnd91H(Owzddb0liVsr2tv-*(fG<2+>3)#-AbwiPYygnOP}o6|KV zw7^TTNg#3#YGj*FK}oKJ;QsjJ997ulTVA-lNGy%gq@%5-$Y&%%X)FfGfScXq*8qfPN zEAuG_xF((YB4n?r22^kwm4@;?scpHM&}Q7RAo40mA@k-Du~o^yEO05Q0@bUU>*4M8 zQcNFfMZ>LQ{fs=!BAHmI`cch$vYnf;U6MffEI}L^aZC^c7UPPo#bT_xqmZ)#GeUgl z?;IL_g!-0y~jy*~ke8C%{$TAOe_|<7`P3?7lhGwA6}N>{l2#`po-sng8aG)}C$X&FxMA~RTWQooX<4*QKKGF$Q8T`Tkt?LgGq;UP3;w|brH4Ss< zR@x1?^6u^AF}TR&4)u{0#`Oy)4V+b2lG8-#*OBUKM^BS;k%B6BDQGA`2HbtdspI3J z`AuwuO3WhIz~`LQW%te`#sT2svuI`3xq;9jaa5iqc3_eWeQCv5k?9L1u~W(IQ7xOf zCmVjIh}jQAPR_>J0Bflq+$qLuxwG+Zo22QUMVbiC++<^M{Bu<(x|%J9-j+ujt@x5# z;>Jk#l`C%Q`fV9DQ3Pl$go@#ZZ2Hq1cx5@`H8(+K%bruZmFht0n#quamG+|p zRd6p^+&tE#F~J8FExaVI;OhS4y*4DQO|TM7hXi^Wg^KLY2bz0~ScGGf)~pFhOsUAI zxHLW+mXAF3r>M&_ADg{s$tXXXbpl8tJaz3;JbbI;zd=LLEJpjHeab)?s|@?u2J99b z9MN&KRhckx$>)@1pXBGl^+-&eQ8?bTaIYZWD+ym6$u$kkLOJdq!FeD8^3yy zR4Kx?e;QA?t!)VmSzMpWrGZI24{DdF{S7ozg;yOqROaI12^Ka575@N;dQ@8dM$@pD zcd=X9xQzLXP81$U9{#4EV2cb<-!p8LkdlJ~AC)AUTJ;3|(zL;~7@B1nJFA_%jf%3$ zrFqAtYaI)Ux+G{{%a3brUgnZnq)=8ooOBg;LVA!T#mswtR>^PDx(zC5qrOQm$nr3E zDaK6=UtrsE)E9PT|Vt# zwVD|haggwPigvme+9y6^LzIZ%FWxnb_C;9BB$x#B9DiD9zFl=J+eDJabCLn>YgSod zOC*XircCGXr0&VNk$zX~+ri1tOw%p)yA^&HZ)&Ha1#6To-ED5lu{}@Ht-dBFV`uu* z$vwfBAhthdV0t%iO6ISl^5$XFno)Op2FU322+JU80pxIV+O^vo$m~7obtcv@H6s3J z%1VXeq+Tr`Z)o&fA>H6=>9 z{OdNsqG{$K2GhZ+#@1Vi%%~2)d1{8zKwE|nF582jddI(4xRpW3Rp9g1sv&0dHJ-uY zvx?!=?fa@dYb_UK?9YtioMp_k9F>_(qc137^Lq+(GX<2ZWEyfzm8PVzG){hU2=uG5 zB9v{13I`Q0L_4RUmn`+kc4FCJ##*sWCE)9xC*+ zZgcOyk(?TQWNj(Coch$g9)#UrQqhnU896mAqN~gU15L8;b4FepVB((B{{W+T1xDWf zwFz8%YCsY`HmT(IsN_UeJaOrotwQ5vjAJBXsdSY0?TV$S5AqaXr(XMw4#R)Wpkskj z##xC~t(o_9?NYiC2GQw9P%Ef0s4d6VoRRMNfx*pF6D=_tK@HDL=8}8xu!z*;)Fpku zuCr~3hU(P`JAoio4{>d!*u%^nJJpjSykEN`llMnj8tNr|hAd@|8Lf>P#V&7F7jqKz z+{UwzlU+`k^lNKGXNL4kIp{JuKVH?(-)MTP0VKSFe)jy)3X%J2#)>LhB9uCG@bE)O z`NnWS9{kmjIkyHBV#m1@PSSc2Bwn-C=d>G`u^pFj!2Bxz0H1$%Ze(D|6MWm*@%exC zt2CmuWT@ScUuuu1!xKo%SaZh<`qw>stIw%6c96Z!Kl=4_;r4|SD0$?wz^vg<-tAUk zo=I4l7$yhSx+K#Y^BU1fDin;fsO044tH!b!c5KGqN@=EBPodUn@I?AtaXA~y7Hl5X ztDg5P5j&N~XGvrBMXIN2DcmX~B1%-~75auoc&=B8gQ zRJ$-NdhWD*myO0jmmo4htN#(#xdizy!wW&y^ zmSQQ1VoqvHojqO>%1&|GlWl5I&0gF!rMpHqD-+hTVtJf5&I0wxCz^8D5;pW5KzR(3 zF(pq^+*ZUaZye`47o|?klWQ6(pePB(Dqy5USPp1NM1MZgTfH!ym~7Pv12Jwh#aEOn zu^n?rW(Khy-f_ScpKBRX9;R>I7f~;h&KXn9V@QmrY3)i6qZ8ak9B^o1yS{%KqHok` zhYOZJfTo2VGH6V9(&L^53K~97wIbZf(Y|f8_eE}9ONix%ZrmEGw&qE&FabSkZOgdt z(0$FQf$$FOcND-dxg7gbPU_^n#)Z#0#Xpt)FV?E!dZD;sk_}3-8~{M1^>;-1k5H@$ z+mr89wRdw2D!_#V;*_;|nnAmoBYyL{CkL%xS-gufALjI|bZH`OZG?vB%!n%~;MJB2 z*!i99C{1_0bWfx{btj_oh9VWf(Pg zXiaHkQu`yDkCYsP>sqowh=ZAMK+fKkE?SbWVUXT7(lT-?31@i;1d~+sLn}CvEI4eA z{eQ-!idU6@-f()-TZC@38E~PZ4=~HWric5hsKolQZ zf;Caj@53~FI~8}SDclAD1R6ja+KcrPX$j>q$paLr9ISA>ih3WADZDyo`Sst#TU}(?-rdSz|Rte%8ZVkd8&4kQ8f5s zlY5-a>e&kv5nLIieqBhwQ|(xrFwKPdbHN8Sq_o^$7PhckylErFFa$Z_kMP#bu8U(l zg(SR9-LcaZQI)z}YF5;#s_6d!Vz@<$bdd=JupI?Y;t%Zq05;vUu;MWo552c#y?WPF zTxA0*yQ>+h8C3aw>SUHi0bKO1Z!=pB^EXNvvBBsDDbf?>v#O1_=~=zN&v?A@&B9>S zaEz1VcNzTYAz0D!7!wr0VTMIVDm-Y58*W_k4GDupu+J1I-e<^2=-ulsXGrAUr{z64 zp)GV1=uaN|aw@wsMRck_W1bCCchHu#xzy>NP0AlRmnuDKt>gK(9$azljcYaW z8kUqKkp(!;DK>~AIm0by3b9KqY5rXWF9=~rxo)&x9R zF*jWFsphlPhK}b))M2{Oq_w>&s^smg+f6XpT*%&fgc$&5oL4Klx*ozsrrc_}n%di7 zyoUoPike>zYJMJRCDg4q!Jfnre_ACZqh{<~tgdW)K5KvNJwoBtB6VMo9ymR#FHidw z?zO5d?Yd0AGX%in-m$w}%{@WRQF=2H+TPyP+Gu4#^A*|DW8Si-hFh&cqKtwV;d5OS z-Sv?>v%2uthLG8wQnn7V@kIP^boDovNjk{@D;QNmdu{?q(5=j#jCpq=2@)qOn zq}&0I0kPhr^L|mhWAULND_ppj_eyYkW~{>rNR?T>WufVyF61|)q>4Yi=}kfjE1#N+ zbr7aTjxvqFC#^c(HjJ56WG|@5qhVX9Oy_SLliI5|+S|K&_NIjV$wMgsVDVZyMX~s?*y5~Nwzg}jwr>fLc|Nqoi^_LL=AQ1wwPH3M^U{=g zSjc0V9r_cX^=2Ri=QXC0i)BD?S&m8ctlwZo>F#5aNVX^pJvhxlb$o8l=~!ky03E1| zEvp^MzH05<;aK$*p$4aI9-AaUeDB5aE-4RqK=I86{*0D9qRZE#w zKp1S3PAR7DT6!3lQj2IuJ$S6OyJId1IW>EU+_@_R3nP8=!sOI97c!lw2_=p(RiXy2 zbXHim(PR!ml0kv%R1cdu^5Z)~(oa^{7AA;@VL~&3$*3L{3RfRWn}*|~RaMKLYUFs5 zA@g!NX0OamnsdT})-cb#h#BXlVckrz76*VjVzXL>t*Hi;BTp=YoDWl1ZeWkfEIQMB z=mi)M9OsfMP0CvbgHGLsHcmm@ap~_-4!)+SEG6SBah`&i3Zaja^8wt@nJ;rj-tnFR z5g;iWPq?ANn98>}=}n}zDGX03BP+niJ!+(m&$y^KJPK<@A(v4I^o~Ifo^o?kqtBM) zWbsZ+7UXxTuV#-K%dZC&MWuMvO0fjeTJ8^1PS*ZIv^x#8Pgzi0I*uE?8b(?RR;+L6 zcaeW)M-hzq!}zN~yYfbAEvvY%a~Abb%!Rla^{WXG`AIwu)vDNcFT-sl?y8DP^)$MM zVMc)o1a|kSa#yhJp-B<`>ywf@(=I+p&ez}`^*7W-fwEXaKR^a~tIQVSG>l2H7a7L@ zR5fAWLTj7LekAb&bg^$e>p+TLK!HJ=K514iG09G zr*RBny^9If>wp48pBbSdexxZA}jcI2ovNl3{V$@QsB zNe^dT%a_Rnm`JD;dJ3IxI1L%v z$EnRtxpfmPrNq-j0FjQ~m^9Drd)sNF24-*%MkJ5tNi^M=HqhO;)NgKW8bZ;&@H59X zlWJB;S{WE2Jy?#FnuKgr;=__lQb_DI7_J#3MgR=6cBa|JW0FZ<=S9f+8q)E4ptgrW zq+9N=GnOUXkiGCLtJ5J6#|&8{=O^Bl?U2paR1udSkF{ZHcgY#q8n7+agqs4HVHj4B z@_G!^Wx+;fILAsJgCR?Yk}{#gdSaCso&2*OBd%(NVzu?85=KK1tU7>eG+QJw;x)wy zyI5_GjaF#M#xdTayDuC>DZt z@sGRKlfL15822TFo@hA-ustf|8>NKqCAg=}pstG+lN=Smz%_icd1sC*Qu-BDnRq8H znzIXpau{tj6GK`dvdSLeSJtLf3Uaj;)DYP-lZuGQ6pxz+(==_MF+s$^n1Pelr?`+G zGBsh0aC1`Dw<6jZk;G#xTPzJUXMQt9>?DbzktYocec{tR>HvI+Sq27qs!GMZN6#cr z7~PH4O`0PSUA;PDp1lP7l)SCa!Q1q$3w0y`-kVoMHGK^=vUptzFt`pgwN6N_AuC(h z$!@31R&2CxFu?vaDBUR<@@aD>a=2~SC)8146i5jA)H5{f>_;txW=2&zeJY%` zep-eM2R!Dg;nPwziP#(-MJRBCBa%9boylmB+()-P52X=K44J2H;IFx-YjC^Im_mW; zPIYbj%94%HigDP#h_h)JMkPrMInHW3nPr+|EYcYY@yR6qwE3Nw%KmH0;Nt_*lg^eY zNFyuUQuP+874F$L`H7GZy-jC&+el(F>sJ?GOtxBkh5?)q5&IBjUYxLJt_%jbYen)xWUa!T8ZdW^Cf)efPE?IuH+V8oee;eY_?}- zAV@xC;2PJywYIi_Rfyi`930ZVsUokTg(hXfo)8>!=~b`oQXF|qSx-Y+c?)gGt)}vh z8wcxC+eng5+xaJ_H60j-tFp*UOu%=+t3vJLRvZ&k9I(R5obl_hEbLF_57dI0LP1&!kHVK=QJolmZm>1Kyi!MEZ%emDvT}nKiN!;4nYL zrl7La7Scl;gUpDG5t>tl^g>Shmu+UH`jg)KC_yZ6g9ZIL54C+UurOU8%oVjCDwnIwlB6O&bMak*~)071#@ z0H#1$znRWo>9P2DM=CL2v?va&dR7d{ZKlrC{h@z-8R*^XnMuoKxt-RhF7h<0+d~x% z_lH6Ct%2RueVt^E;CzjqGts?qR4lBo=e_%0oD|N| z6$7C>``0vMX4}{zuPbbH{wIW4==U?r8AGf6okh~G_qx(WHDc>a8DE!@I{Q^wr)3{1k?&L@ zxVm>@jCsc#)thBz4BN0fXT33^R|A3u8`#oDOU=+^dQwYKv2F*NDO{G`uNVW?tlP><{N9ue1Fz^TLdzr1 z_qlI+YBpr~hip=M5n+-L2^jpUAtxrLq|svj;lztj%b)6 zAg|+^$GUM8tc*DX^{mspnj14Ff0%_mY7%kYv}~OTW0axKr>$N~&G-y|6H?XKbu7&@ ze3B3s3xR>wv*nT1j!6ZLR>i$W`K+(Cj~`lYMTM`e*X3_bMkY?N@0Z_?{MYR=dNf>dn*$2B}^Lf}@n z6GB{FKF~Lu9y-($L*`?7>q$FmD_ow&FS8i{$4Y$1a-4Um-P~n2+XN2TGwW4-HicGO+1eZTC%xZCp zU3sHhf;v2LlI3A7})2WP}RcgsXP}fU*_-F)q!x{ zW(eTZuvocacon2vo<|v}9Y*6TFeB+u<7OqG*)OL61C9sWhhtuuD`8q{kGy8LYI)JEIOXJ{OFR7iS9jjL@DBywQnlfRR9<{s9Qc_Y?CrEPQ1vITx=Ki6;z4Tzzv>Tx(WID!rmAsqWZ0Kb>JJ zTKl^N-*TAS%cklb+_brKW@PIv)#OW;TgP;PJYtLn)#XPiw7Dydaowa++Pi;*B1RX7!CSauTX9pfQ!?^&!Qn=$_Y2zTtFV+@5VbC3r4n$WFy~|3J-HzVhk@_ik_q~%aAtl_*7GKz&!gJvP#=dPaP=8 zB<=?^t#OswBCn962hytQ3QDGk7s|u2p zJQ|QqmdWOxs~U%|qx-nL1lVv@u{m8inOh%@CLM@rH%?o#YINJj=hN`uZRw^GIDpR+M>*pphja<(OVrD7M5I954E zUwX4`b{V{~a!B>AcFXDwI1&}z`I?KCmy%97qkT!e$(4WyCW04XB^2Egl+)b>4UyFkcuoG+oO+eRgBq8#~v z4n`_PE)U54J7$ZZYeQ>7)+Ez4D5Yf%0T>K2Gx^s+;%OT9QCo|&Nc`pC#&9Z{S5h03 zl2_@W&R*F)sx(qOy27NfA?EZXSVy@xsNoXZ8%R4Q(DxzI)^!5YPJA&NKjdx;ezl?l zq0uI@(;$*dh|=a6)T4ufQ2LD5J8~m0Ayxqc9j83vqkFKMZM&JdQ0D`Ru^q?&24Tk- z?^*RB3Ff0eVhu`e;;8^VX!RU20_*kjfQ+ zs`7r~Oe^tDJ&3i(qwE;$$Ed45dh8332=(ty;xw%vDh_`NxbtBPWpXQ3sZUb6UU}{i z^&RTU%E&f#8K|1RgF=%TMs^r#t1O|=q2N?oxIIi&1}o4>;MUqsOCzcIvs985i>%^f zhg>&YirHvdTS)gyv4HtWJt;TJkt8<+QT>pH4>hsC1W|G zF`iF;#<~p)T)Wd4d2+Boc=^Bj^rn=RnCyCG+Miy-fcA7Wj?tVEZP}U4P}L6~-(VGqVyTog=|*q?`)UoOxhO z70D4xm$tVXBayNTbrse4H%V)gdmGG&<&pQ8jGt;6T}@I}ZcMW@Gh6Dy4>3p{ykff_ z3(IeFC}^G(l^BPNbw1*=O7cjRtK5&`bcQbrmdP1>99Nm^UKf)@i%+~_R^Ik7So89? zzo+@>U44JAA+@7sHl=IisxCn-$gY3x$oa|5MZpkBAqrKpDUogR^O3lE@@S5lmeFl6 zV>0f}dg7TYGoTxA2U2TB?nRLJ5fyO5C)TF(HV{DtO)K>n$t3eg+r>$09Emf7+J#|> z#AOdTs$#H>`=F-=tIr{k@&O=vRJ-&W z34?iHuOgiSuw0hO6vSDM1F*>5yJny}i{z1>*`cxZI*V(`?R0Z&g-DcP$9mrIZR1|w zE}J6pBa9KoKELEv9Fcm0ZEA{_i*ezP70+@JVVQRj1~5VPu6tP3CcT-KO{^H_AXeO{ zPVQQnQnY|!&d@s=fP=JxV1xV5eNz~=Y!s{?yg#SOEKjBbsW69jgTP)OEKn?cRX`W z;KwFO=BEJx$*C>W zH15Rpq=&wwH!-}Ik%b%s$*t`%OeLQgBc&2r2-mj@cKAE6I(E?QUM4zIaut}I_RUh%Maw@9 z>pIj;HlJlIupz-^Bl%}PrD^HD61cf}B61^W*K=eNcS5j5tU;SU zF5&@dfnnSTT;tZH%aggCd`wAzN$t&CvQ64xh0ikQ8Shad)|(i?B#Plv7+`uD)RETJ zfxtVcZ&AM@wDH+ICQwSVb_7;>{ERusqVju^>~HDKy~oS6blvG!OR6g&87g|yTC#ly z9kN4`IjtKjXvh*cJ6EPVnwiU%BOk2EEYU!?AOrHPR6=5L#?e{DryB$FBDhWOxp*|y zF+&L?29dhwwNu){D(+nM9GYy??ok@J!S6=lA;^XfOJ^N1R+L82GrmIOk_{e%*%;{- z!zc=;87ICyDKyz6Yl7$QAUq1!qY_%&+3@sHOLZW8gjU^>de(Nom)4~7KY)M~ae+$S z@chj6-jWbkj=WaorTWFAG#+0@Bo6hTE&7J49ECU0`?khWBf&e%^wNZTr%g`Wb zL!L+0q)(PrNRCS%T5L%Pe!gAa%n`>q?_Gz7JUe};*fZE5c=7wjBY{G-uFH&W*^jE* zHMFwER2Cc@R&A2tu*TwgW14bS0oPHP5UD(xuMM}B3XYYI%vK~W(Xa{EzG~19F5ROe zsj9b8SWC9swMP}4+_?mPG$3Vj^0C1=Jt<;fg_QDXG%bs8+g_oez$rZ)G@&FHgl24QCK!osyPaBezi_EO%1!)v3m4j4m-rJXBw{vvCJLI_kNAOYOc0fujzO(~b5OKJRWF59gAnJ052KA>seaS+icC8aa6ZMM+NgF z`^Iyc)mw#-4c#hhUA+X+2Bras5C%PK5UI~6ttjY$d5Ef1=YlHOPc<^5kxy`CbZj## z4Cb2daf6O1@&vk;78PqhGplFuscjp`iJVBdZVLCQZsw0eLgFy+B+-wRg;6S-PXwQ8 zB4+euH%t?X5S1L}s^esvGPxA!qB$ox2i}LFHbmku4hB!-R*)(VKJ`mvvFgmNky)Dj zrbL52rjy+lPj+Za5z3N&Y}T#3p;;93fyfn|?t=F#UfrN26on(!vwZS-$tT{OiBG7i zTa(mPxGvQctC5pKS6U9v>bAUQ#vn|=$ zP;-D!dYNoWMT>`0#Bs-3E!`G$&PP3JY{J*nb?P!+2N?_e=zG&0(ji=D6qcl|3;tOP zynNZHBqa%5-+QG}L+Vd#;zZhUl{FFKW6v4&ru8c2!S-;tm?;OiJkmvN=f>+9-lwAD zn$Kl+J@iI=~^WBLf+RRhyXCmex{*(35Zkk4^H(V9f>2m zDn{Xw4R2m+LibFH3;`s3Z~m0+rlYg9ib*7oAMYgHf!vy__CYaX9aN5Rd(=Hdh%PNW zuUwCMsKt@EqW9dL$26tz92(ZQzDsz7aW*sAsXOd9q9Oj$3`mkO!Kfv<4CBcR4{@5i z8Q8mSPR}r&eJes6$hPg7i*djmsyvZPO~{ft@2A8Ovw8}A;_gG_$tMx^^sSSOSovR~YASQAiQ3rpU7boEEJ&c`Tu1aCXQz zG`x#!&BpVUBA4v*5;mNVt#2E30%x?miY@Ydu^&^`vnFvSe75_%oSw8vTVh!XvhLvL zG!!SjW2q#nQ*w@=b*W^OdHixaRl`xYc8xnArWp(H-KslEc?QxBPfD3P>V}zNoeZT|@kH^*g=9RDQ0`LOQ#)d`pFT1= zQ<<1!%H)rF(kr-L=Ey+s$1H9)srF?klJd@LH4WdRCz7tNc;e;j(-~JG(9^~i(FUo5hjFX@sd9t zaZYkdO52wOZ4)hgLuszG`%ORPGfyUPxySg_-Zj(OPXj>?jD_J zwwYKQj2bKi%PG#y+0Sg$R|-=&&T5IVYToi_BjNt=#tE%Y4eK*$8nWHS%2{9OI{2mI~}?7+-pl2!m&W zSo9PQ$+Gj>eVhTfIU^_9tF%Rr8Kk?8*Bq$9PEJKJ5qBKWz++%H7&R*683u$A)Y^oT zV;Y`!bH!%fTW@9gatB&z*u6@(_=el%7+&>_3we_;IpdnGmBhCnzCh#(*0xfyDQ>u+ zcI-&GH_7t;Cbr-tvD?lnWGfe@kfc3%#bdDS2q`2PSZDsG2;4tG$sS(PM>!hxOM^_wIM45|puI@3>}bSFeD_ebGObm~~+ z6cT3LHva(P=zVFM(kp!A7izu6Pcs=YHQ{B4L)NlkU2g1BJs#=G809G~KleqUeC!T$UbJD~hwIC=`c&Yf6%BjAGJ8=QJx(Od4e(~*E z(ke%D4XWcRqmjjBE`)S4wOex)`a1pB=Q!_4dIXUIt;&wQYM(|enTX|?m}H-7o5^Mi zj=x%^1mvQ}8xiw+M!YTd_&wG@G*juX?7n%YLiX#V{`qOJdlWSsM4{8&ptXdGGp8ffzc%VD$ayejKz%8?Z zLb8|0m2|Z-S<1(gpK693R7bre=t0IkXiDN*np$1_azo{@B$LpZf_L4hv^g9OhKn^P za;|D-NUhXHfw-wq&H<&w8$-=yCTK z1k1SgrD7xjf$P?m#BN3)SA6c_Mrx`Jq02UMded&|%xze-(?-!N3~}Co!d@2{^{844 zb6-o;O|6yGInS85`FqtwfuSjJApuzQ?^gHq2(1gEQz|$BufzWzZWy=m?ayT7N zP!1@Nk#Qzqq_W_OmMuw-?tmQrbkfkJ*^xA+TZTKnV0x*m5;~Z1KPUU%m3F!n>}6dB zf=mYt8@Lq@nSueqtoJE-5-VijWK{8qNmT^mj%x!iTfjuQ3{E(n_XxjPoEb;&N6#c{@ySj|gZb$BqOKM;6^{PS~z}-$u z6WX^Vksdh#V9o1V-Sq@zY7UlGYvs1rez-iEf?YwRw2mZJ2f5E$(QBwQP4>eTsKFbQ zcR8r-uWoMHwxKArCA(o_*PD~hK@{w}4s(M=gjSgg1Cvp%cJ0T?JJSJ$S2^k`o#d(p z5rF(?13jT-K4UwP>6))OMr9jHgVg5~TzhO>wzH2rhc#tJ!@;Re;(C&nG69Cq<5lNJ zJe-kKgo@Z>CvXK`w=14a3<)G4HftAK=HG85nrn14ag)fgJ_;SxJ-nfZ&YV=#PWQQ6 zmM4xmq1qb)v1hm1!~>jn6*1F7HX+(os#vFF&O7l|CKALH2~_h?EPLeS@kR72LeekD zM(v~0qmBaaw{Tv6i-2l&R~^$Y!0)(Qvw)!YJXG>p^N4|Oe$^yB70At&6p0jvJq1Db zH(qw1%B~uP@1XM&Fz7{3YhujcxWJ-KBpa9Jw?&KO10tzLip+ZF)}lI&-N&SCT=AcJ z%GcsC#Q`TdEn7}DNT@Y^3-L(CU<-rIIp#6kG4%DWU5u?}Q@CR+hEBQbQ4EkkI#O$}o}xNAAA2Bosbf-Y%VZLxG;V<+$D8(xHEa#Q;;YMK?7`hwFdQ0-q$^#r z^lnzj?j$fBGf^bVEO^cd6;ag#O5)q2A`+)_e>%UXX%~8dk>O3n21x0}R*_AyrKu#k zbn(VsNL@hSlTStCn#5E(;BX_u#J}vKZ>N03~7$FHfwV4 zV#TYKiGb-z6lI(fF43RLnzhBdA-a&H#Y1_3bYMEv81ooZ$#Su7i6^yis>>j6ZuMLE z^T@~LMec;qn}L3~_o-Grr*Uvcv8Q%{v`Hh&u!L`y*wZcIxnsFEH{+TWtWJ#Rbo<%u za6rT3tu^K*LhZY8Jd@Iv#Wih0dD`b_W&|j}$E86w#8n%YaXl*8ItR;zIl&Z?#Jn=L zN$X1Y1+e5kL!_~s9{H_Pbhoe&>_Jh+X(UoBM;)WY^QU3aWUBL#X-Os zs*)Yh6;n!by^O3;*wLYV$2rE@vjen%Za5X23u~z?%@lGSgCC7QnQhtEhF*GRs1=KF z%Pdwzk&x8>S}g7dj`corQG>Dy=wYg#v=!C zKGZ!!Z3?X_tfciOk{8`61#z0RgxPincpMD;xvhBaO3VI;KxQ0_)Kpg;i~1YeHmelZ z(}Co+{jJDvV_mkR<6pLHip>Va`EaUnTvcHyPhG51yGk)JF7*q`h%O_yhDnPEYTw2CJ3&oydb7B<_?YFf~DD%!8_{KgmpwIiM>0gbSKrB>j`@t!u5^c60g ziyh%9PnqWj!Fe*9q zseWH90(l(;CIUK~bLmhZ0q}a#5+z}W4V)1}7GlhK2cZ>8!PL8TZwlH#=<3eP&MQ4* za@hwzO09`W&tlAKR1oCn(A1t&7S0YaQ73)E!6F4(s=y57)BxVA$2Ay>aq0O`4JJu| zu@E^Tn;IT@#%e^12HBMfYN;c*0eHanrnLehIpUufJbF@k0uj^({{R}A0AiFl8Ntm~ z;IuTaF5|c&Lc1H#00l!6M8xH?eT^$LJKSRsNdlmDAd%A^v>;?FwcC?{S0hM92J+uZ z8+`&6+|d^ZLdJw}G1i*yOYJ=kMXXz9cBLAdZKt`cTPVlcWKzREm1|H$@>{D01FyAd z;36+xf~gITv|l<;G>$>VY}>9F)JT!nPCy{~R$v8-4!x+3!bXLaoUul^jHzQ z;5LdzIud{Vbgj(v6DobJb}Vj2(m|^Fz0wQ)hyY!q6x3T`&~z?-#$^MNFe;?1%^4?( z7Jz0KQVttGT9yk5uD)pSNjTfZYTqube4N9sG;7NpuX7WiaCVmHex9|dXQ8b24|0+K zu_!D_>Q7)X{b=S^=IBdYuETBoH7(7omr6GUJ$nz%-3EIN zM@^4Ixn=WhMh7G2$9!k4d7s3XA=7mwv$DaJ`Y*L(PA{6>#F~;hXl*{lVp>e^bCSlh zo!zxTAY;=Q&lKdW-O0H%+`{I`NCR{Yo;sS%4Z3b|wDqXzsPC}^)}bcPIPFi53*Yso zo$O~ecKRlvIn$#Xm&;SY^sa&YNdnsylOAE?1HbEC@JZ}*$}Q|?j}S)}3c!Xr0QLTL zk*HrqJiDEDH*fQrna5oVgj(2i4;8|BR`$I2!0TDMg_|QBk1rjCOQiaiwb7L#(x!DY z09Acl;--%=u~#`Yjab`4?P6=2Wu5@MWYu(sVtIJR4RYU07DYUvPTo4y6HBZBxxRe=01@V%`jStB zFaRGg91>1zIls|#$R}4Le_(2*=4U5zvAZ*Y+zMo~0Hfxt8nX@2yWwqL`ysEJZs(pY zgTM8vw-MZ24>^l4W7?`xx6Gujk~6L?838Uis9}BCUV@;9qaMXy_fg~@;yLS7XGUGc zIl;y$%Rm~Nyt2FsziVZ_-K5@CyNb;*B(7e!Q3Z{`;FcKXuEA+7y~1@>S$`gcHP-E)tE842XV%51#{D> z35CJ>(H(^LxfCQQ(toGNAZh%gIr(hvsUYmwdiU%Ot(|$*zU)-2+IYLW<Awe`r89bvK;nxCV#Ew&n#9yB& z*0QA3QBGuVeY4V^E!EKcjXgV3NtX!6j`e&@WNfE7{A)XFs2AXjEMGC^o&Y0*Rk&G@ z+zBcj$GR;xo^Gron&0nxcdAM!h_IGYfOQ_UDJGhGj#27sX|~epFZPlCsC>NErPYK{ zpd@9!w3Fp_Lunai&5M@C6jGogfHf#WOQLUb zFrSF4aoI-8m0;gW9IOnGY1!sH;B~7hZ7ACwIQ6SjT}j_YjR@?nRl)g6W4Nd$f@rT4 zfrUM)<0NUImm$2}-H4@WUWdIS7c;cDOteYR4_M$4|TJAOp zo;h}BjP$K`9&`bikU;60nMTg!t&H22lW7r;l<;#|@!U16yJTFctBSUObQa9J5!KYI zbB^M+yg%aS)2^hn0ys-H1jRuhel>o{Rrgs=R!3*zO;XZ720M_KS5oI>h@R(WkCSn>h+F^_udWAJ61UK?#tPYK#G;q$pi z;ry$j5`&GR?pya0xy|ePSCk_bHw|}e$-m`ngg@h4OsgP~f-Z6ESxep~OHvh-##%RA zZuJ!`du|384k{hjQd7GnND>d2VCS$kJ6nlKCjfeirF)uL88-^3aB{;u5l{oO?t*>j zmHLX;*aYw9W=!MKrbsq3MYtVV20p=4~2rBryNL${~nO*@yMF5otkkF9Cg z$`BA+tpsd!b{4TaBy!*e87Dm}A5)br-dI&ZDt`B^36(c(5uFU%zGK_omPry;$A4O- zb2Yd=OIdTer%NDY(kN$5M4;>^w?93HffBP75^cs+1vOtfD{*tx+q5O$VKs33aQ z(eBE37JFYLtgR}!Zgz@^kIrzaK9w%pnc3K{EL)E~DI!1)D>lN`E8NCImK7XV5~wMW zw9`xxtz|rOppCPdidHJ*As~HeY|R;J0hk!|_oWm0e|dO4>E7aQ#$(D2?hxQnEK%R7)SGBnvbhqCjrWCJ05RlpJJsx3A2NRA0y1f~v9#D+7WS!=u)31ZZ^2hW8F;~} zaoRVVx2Ad?)RPNbid2$0%HSWZSn`ySpS_NvwNBubiz=DNJdawHLvLIV4G%;++_+CssqJ8dHOPrQQW>KlksTY_U`ZU|bh4})$K z&bVP6%m5R$8z<|E^ZC7-Y3K{7%->qHNW*IaPBxm*(=?eh=poeYZX;P-5YdmlEU$pqGv*G7ch-O(++xjb&$h+y4+ z&TFLbuZkqm^@!zUX11HP-}+maOv65$je{_=#?9ON9x8xP#Bx>UtcLKx^$lD8Ywbf`^ErjzKC7bSz+j2&It2xwZ=!JU_ z-S~Q4vQHFD6C~u5SuUaoj#%&PDipbdRDI_;7zfspJ7Xc_)i!|l2#{i2d|raQ5aFmX`*#mUdDHJ~GM8>JSgTLsi$dsi*0+%djlm@0A8 zlbRsC;M`bJ=3a!HdJ37XuHIns!ypHYmBn>Noz=%{YH2)jES^kJu|-jkJ!%`fNz&Af ztPiDU$W76fsL}oOAbZzy;EgKZQ`E(s#GYEH^Fa;N`c_p_NVR3T=vV#|wva~*mj*{{ z`C+?$zvEm7jFQ_-*IL@i!o>_~7zWSH{VO_ZN=m8HrzMrydr;7I4-DJBrF(fCayD2fVh_`=HBZ9UmU{lHCbi;;wje>|tG3X6{7O`Q>y1VsgH%>Shq7^gUKhgTV2pPnh{;kX{6Z* z>?8ATWII#>4?ewWHMX?V?S%K`X1IP%PC}ohCak>K7k_!qY8tyUm0U&XjmOvjRPdKg_#>JRdQM#O#yEW)>0+8i2`-G2V1t3sRf3SZ0zfz&ja99%uVRTua!TNHO;p=3 z4MnY>-*TMb3zh>td)4UW+=!rK9q8Smw{>%7-wYIF55})TA|Qtx_vWTxyOyTAj%yZ) z2e2d3yMF_C-7HkuYLXwbM;_D!_xw#dac(Xny_#ns<0+ zevCH&YPp?~VAi)NC&&nH1~MwM$WAtra%p*jTeNh#4UgNeHnIDvOJw$~zcL|b3j@e)SC7h-?vCCSKbXR!53S5eVC!L9T~v zb6G2M=3roEqFoq~P2M|V##X~)?vt9qxVyG+{$D57p082eTE=uw^8wbaNrSgM;*&E- zu24^%y+uaRlsk_A_omI zY%&kP(#!$cK@3NFE(Ug`YPVMVk1RV^19xjAcPtw?_p7G#Xs4m8p;*pK5*cIl&2Tip}mOS^`FpjNntGkzyDlntp_orI{senZ-mbk>t-$r5d8HEVgWeAk|4DK4<{+ z1ez`zoKC3Z-8csz8ndS=lrH$l6jyp^2$7Q~Db6{nlFZxi)tQ{5al`kg91nVTmA8zB z`cq4xoyzjVwC5dZzF!%|X=3^d2>tI~0ju|NLn1079D$6JQ1xX*=(HO~j?|^m!N%kn z>MIvlwPkZRI~ew;1m zDnZX`ku6Y=WKeVKQ_XD#yQ0t8Y=#S}ZtP7t9?md9DW9!Bd4pqaE-dzJMnYS@L9BbN zIvJOKMtfqkj9OZSimJ2PuLE+9f~ZS#Ae_4{4s*e(=IkRyFJzX}$`Z1vIor7Pscqik z(5#TkH>unPDPNuHQg(M|NWL|{xrt%DEX02h;~$Z&srBne(=ip>8JKdJ`48b)`!8ny z0CqKKt0Z8>tVtPih}mQ)ex8+8m&J+d79YE%tlMCr$gQSrl_ox-*L!P7>1*YYeo?C(Q zoKi&__sRTdZsJKKSdQ(jr45YZ*P2ssk0$g45__6Rci7cig!?bdeq+#7NiIns?LO72 zWwwS(GqZf>H3*yL!!P4eCPnTm+%NFAKJ<#g+mZz6Kb=sPB9jHDvnd)H zb<|dj#$0p7BispPVg(6bQm=B%U@R)zvJYTtCy}`W?$KdM+hU|}ypk3Jny@$g%1PZihRm(&K z(nQfZoE#nvSCes(kODa1isy^eb{lVbaRjQOMpn)S4_ftK21TlC7LDcVq7xbWt~Y1f ztxbMJlaeYaOLCWpwB1rYN65LF)H9wX0EPT(m%MxXMR+8*PCvR&H4)@bl`Vk|jkHYB+A}iBPGe>#Z@8;hz1G5S zvC3+Yl)G(=a1=KtvvLnT&0jV38Y&cdZqyKVXRT@cppL{-E1?bGX;7~3p{mfaiCI{l zDCkQhwUl|8Cpqs{E_jTQ(WuxrF`Ms@e+ssZ`;q+VTI|uHXgu&)NXS0*vXABI%95{a zW~$dFS{cs}1h8%0$2DTz_vE`^V;B_J3LL8yW4Lt{3o6Lmjso8F&@yGJ6%fq*pwvrhUBbC@^EsO(P z^%R=2A+h?dx?Lr5>T|#ff2DCP=3P!nz{h$i#YGbo$pyR5Dnwg`JQ8@TvFYKig}g`S z_0JVoG_jd;X7OFLZH&SB!z{P_$W0dQp8w$RC4-q!`Y6 zQ(!NacU6ZQV;GHH zVobM_dE|r6YT4#7&p4t$MlOI>P~AA|Sra&p=>G5=^UZ4r^$w?V;S0MvnUWU>k^%S6 zLtUNTl+2k`Mjze>itCJ0R%bQ!C@zX2lX+0buRgUx?@MM4xP9+hPAIF~z`wASBXcPE zcpM6fRJqY-OWRhEM9Khf=~=j^p{1^@bQ;%-uCA@L=Z5F^;c>AzDeigeT&|+Gvb>YB zwDPyUNk56Hr%Ou?_S~Aoz?!A@*SnHCWO1BrB>w<0Q?G`XN1ji%pty+eq>tCFcXC43 zkKQLW_73Yq@lKDWS%_h?iZ@lp;;WPR=QX2k<9C`9D#kI%;d+nGn!~N+%pB@o=a+b| z#Pj&0Q*$i4Y~bjCpPTin6KfYbluHGgu#GUPsnhw^Nl0~rn0n>L*1%#tD; za!QK0w4|FfTOOU@M_GI;1DxjEoDkT_&3C$W)|)(o?FTAHBX$TsoqBFE*2f*vcV+n? z@bZ@5F`fCQs(YUYfSlX_LjlP?Nn{n z_fnS=OjDjqlm0c7pH@<`)tlBjU7elYa&BfGm?J+*O?@L@CJZEH$zrSNLyngPCn+5D z&B;d=cpM*7TiPa%bA1!KVUZ8bgVvIL#T`zX??r~! zPD_hpxZ{xA^IU|fBo{?oV<$CneAl^d%VCQlGBF1=scCXTsdvJG>rIIndakgSEb+oI z=yDEgDm}O*@(;CKRh5L@%Xao{CSAyk4#t=WcOW;)z3LwJ8&*hkd6Gg95It%ehyCb} zu%_dtq&8U;HHRY5}p?uD#HBHQ$ z6(j?X%C0F|#TRX^#3)u=DC{$eLf&)iSNAwIYfVIJqQ?|U9ka)+HSR+Vii|*|sBS{i z%OJpAiaVaQ49>{AiTQo$=miO`6FZCG`WjfD&0OvSp48fCJx1I{o7WwC;MG|pmv+>1 z_?kB!guzU3ZF9MgOjQG-q>_1#22Cs5QKne8w~ZL0uL7)uiZJ(7!9X!G0CzU9~+39Gh2mfe{_ zBOK9NP(|x?V-qmopI$2><|k{01Fxk-BY6X{YR=5MqZS|&gPzrJ+kKW!g_k(4o>j4n z*I|rQ%YZrbs@Jm|e5j)p4mNsAGZ$f7UyHD%Pfv z)O5FIKzQG91Dy7(nb#7LyT7e)#Xh9$B9BAOOaTC7{HNBbjczcjHbzJkixUiF=8c7+ zWF3cZLszZ!Cbld0PAIj+_cS8c5#`L0lb*P%iF<71l?{W>T3nBzQMK%7L2S3yo@`I% z1tdBt!=+^0CDcDUIgvrZ9mOcx_GNOXu@%(LamgbUm*zQ>1>3K!Z5M3=p`wwvK>q;# zs%dsn(|5R`NKbJN@DCm7Eg3r+)_PUd z`xUl`NZmjkYhvHw_Pui#pB0R(oel`&^{$9Gb(W^lq}t{rx3q&#y;RjA43T`UtJm|a zeNqrE47SUdi)DV5m!CpgxU*ba$ESvpMGQKO@@pI>C|(YzHJFISh!S?TDcM<*B{`ezieBuv3} zkbboJbsFq##iuLV`G+J9m^E3U*hmB%R?AY{QW?A)j&o4U@*kKG4MWio*HXD(n~Z_$ z*EG*Plo8Vul21SZFi)peRK^rzHAPj;5Be zvX+~zf!%@zYCD@PkSlHkIH9q$QjSj}$o_JH5e9|#MPkPh| ztVf>&ip1r42AXm>9ervpTGYE?BEu+mUBGqbrPMCG=O;N)(xt6#CS}QRpq9a=EyOZ5 z19RzGMO;L=Dah$s8h!7RGRQ#V*P11)Y&ƞHms-XYRW@O45-*jVt@fve~TOq~Nb zecetvA5OK$&t{dk{R?SFLjzE{&}oYl_lMhosEwQS;3{>&3pE%XJH=I9$@cW z*NLK)wWevL^IiE24rx=B=G#E*<#ft6w(_Ly#l;e)5?=`t{39ut9r1<=ipBrkiTP_Ja3Cm|RCRh)i=p92|D~{{Z#>01D)9 zq89f|xI0fus7sq+wPrIb@`1-Z(>LvQ4l`Py9@%ur;QJW^r4JMkqo4ZV#eZ<#Ms zI{GwBO>fb-Wd5}rPl(T2yWCrbOZ@$DOS|VDv<$M#CzKx@D!eW8mTqZu0VU*PrfMAR zBh#l8#A`(Y{gb9i8LZv7&N-kB3u$(h60T776>=$-GQu|6r?!9k^(_gCM)=F`&pF0v zZ7oc~cHR+VT>X8kHu{sX9k4?(?qk91YkSHzW*f-BIc{=)`t+n|wz*XKQ{TLjkfWCT zeJdvAM7KNKe7WgTh;r2hZbU|O~+O9vU_ zigeM2QU*X2fST3;Apnj=U5?ZT$wEeOG3!$;2WyosWt~GTnE)JZ^r{<=JRhY}R@fGV zCkKqvQ2}gj#!Wt;Tn(`VS>&FyT+OjU=cw&Om4+?03TLUJS%Lyab5Xc63MpOgrO&T= zo@ap^U$S-2NY(bW@G` zi*3y>C*jz-*@|8S~&Xj4wrrHVHbWn~9D|=^g1;?B@1)Cs#wCiid zc4FBb@M~{nE9>|P-b+)V9xb!Bu|+PeI2gb^KU(ImwWrkE<#uJ=^KIw))k+O5jOoF) zOEulCuA0UxcanC;G7R8*WYjkvF=(_&wEK9J8IxgR266e;9F6=;+3Tr+Z)aw0vhp*` zM?XIU=rddTGTPZoovL!b#p_V7ChjRstE5TdjYd12F<=@v)y%C>Ra)~#yw1+nNJ6}d5JVc6kI z9l#t`x;K{MK{nv$k)D<6#n|JqpQ~TpJ;&K>*_n@_?fKMEL1U)dwbj?}t^mm_bA$Qu zRVg;Cx|eQMWz^2oZSJ*urnzM+89ymu$KhIcdH{mXX<&2a;~-B(kV>hFH=T0?+6t17Jy3ioAyD8f`Y4<}u@=~E4gzGd0S9TPaN zK3>MR>StWVCCvCxpg-MO&6do;a9bdfid{+ zjBXENY3y3w)JY>`I_?J;$F+AK4DHtH!u46gf)0C=Q@k5N_N-jKwMDcrOdVTsDob@0 z#cI1Z;Rabr8TG2_Q`qNAy1N|FJnpvSbDF-UYfZ{<49LIUHNB@=#|)x*NM`D*)`_x` zNGFb1?j@RXBad!E^ek&SA-T+lub`zHJ%=Wqh1GD2o&h4V+_cwQVjnl_Ls}WK*V*QU zH!wW&noEm-A_I2j?^&-Pvq+aul`vXCfm2;1Q*Ll_0OGo0t*I!)@}J9z};ll7^n z7q){`LTFkNwwh;?CRWGRo-Dr4IKKu)F95;8ayakeTF2+liH>cl{jCc<;O-m95oGHoX`?7)s_V{wu*nyj#h z$qH~iDwW0zM(zepPKvvO5(X#})U9_S%P0{7PI)ynD9V}7S{kwe5CF%D2Egpj1`kR| z8?cQU5LgliT<40ZCUzVidsDcI(njckv(}$)BR3Dl8Zcoz3R{2mtedvnW*HdSigy{s zU84DnGr+AK8Yj9_3^B7Da(h+E9LP=VX|1b4nB^mIr|Gsx`m}D!2yB8qYGI=j(Ojvm zBo=pbL^xsdC=HHk?uOrQv}KT}b>OM%T@v^cWG1dhHk=}z#yPC3`(NF#!31+z?_pZZ z!vKOsXxPKKS(-Lv9s6donl`Ze+mAI?H2`9xw^<~WQZbXB)i$yd)aW9Cj9^Gk@$Xk) zXO?x2LP94e-l2CIL-iZK+_Z3^{OYtZH`s=AlUhbP3~jxfrNYLnB^c`>B;*)!xR{{UvNuT$Dvm1vn% z9i=PwJibChj!rrp8k!q;T%FkZ6I|TZO2pq?39f8mLX8L@W1RZb@!4A&a%7MP{vUdL z%&w(pM8E*49>$s>UZbz2CJkFuTT-l>9Tff*T-&LXuFjq4+hQAc9JcGYfsbm@(adma zwx(WF%p29Z5m$R6>8H$@(P}RZhO<1nd+d$R-RwuDW6yH4-h8JE)b^=|b{!E6s)Aja zIO;Q5Zy9M{%K3ux#aiw*)yc)fNo}!CU#AA2XAH#RW7KptdJV3nsQ&=brQ0%{gYKV7 zqciWjJ5-FG{*^MaS2KEpTjFuEAd%SAo=mZkki>d}So3sZwZ)HBzO^7=!%l zu<*ac4NpldVZ03yB(!r9K|Z}}p-w4mYZ+M-wXYQ0>Jpip#w2Gf+gA#Gy3{v%%3TQ4 zO^Bx)l0Hy>I*v!X*o2M2Ps>C$o>WLl%||u*7OaJmO^iTXj+FGr z8Q_|wwZvOh{oW~pCkJp~0PJd028K-<%yuu$yVIOjakY=;NgQ#<9q6^mu})hiKulvG z)G=C_r68OY^`Y)2t~K_=N~?^HpwuQnP88y$x4Aoy7z8Vf=ia6^%Yan-<1{y5EXIVV z10-?9FOsPsF3ZoaT6+RRrc{#wTc^EO@|17}e;NS{XrpEf8m5i~z$(Kl*wg0NrM=FM z((i7XV%ka0b6JkXq&Tf(+_^1EF0LdcTZ(jtbU?7qI5ju9n%cw+RLAlh8jd*GN6+(T z(xq%j$*uBooqdfl1jtBT$J(h&O-fBQsiUXdgm7dy^-^kUzb;9Pk(E$ru^eGuoebGL%JAxOL)_RvTn4k)c@zGI^!TIy2;PNdaA0znG^v#XcozBPSz@)shzS z{hHyqC0~PD5UT$Gtm~6m$hEOE0TTwsLF-XY$+VdH&uRvY#0w}Ty?Tmt-vmQgp|C+A%M06MSZEBgsdGuqrF z!d$Zee(C;|!7IvXE|(miL~zkJ+GlirSGH=S#9@#frvT(vLhKtBC7C3eDb#r~uRkvU z)tjwG-sw@BG0r%1oGVev?wTdBEm@->)yo2KdEknY<})j^?_yJ?TaiamjaysKv5S-? z<0l({??5va%R=)tsd*@Q%)tDJx|IdeBckEIL$+Of96UZMniSSG+R4YP-sFW z6J12aF6ATEq?=bO2}uXknyV)CC8Dusk$1Cvr<_wapK+QP>^dnnt_RFbPLUiJC+6xX zxD%w3HWcJ9)}od@gphNS$P~JVky=?!;4_R;2P}m#$69s|LrE@}T7WwYRT$i}ns!39 zixI09RwR&3UoZ&HP~;w>rLYzwf_`G4cFjm;au_Qfdf@e?Yq2$PZNW)HdR2$Gn7YPG z6(`sK0Ix~gs9CaUSv?&agrR-j#;#XJrlxEx>`m;X2^4&w zder4wk=M=l8MkN&+^mV1ppKQc!>F;TJ}Kp^J1YHM?4bdangnmoqgT=xd4{hhqsvN8ITStrnYlUt&# z>HtX|)neLJjfrF2j2ac#ovd~G0?J@U^9o11IPG0Cv1oD%}*R%KJD#SBbY zK$P*E^GvnU&Gepq**;rxsh{Up9RpbEZ^nsl7+Ann9RR4VZevIo$ioNJ*4raHT;%ng zR9>mKw_-x|0M;aNWWcG(ksE><(fmu79ni97&$3a=8S&aft6LUqT|p}lSqZ5=+Dc3<~Q#UmNX z$)&yi&HF3JT~)h$+?v%ptpufKW0k&fD8iOx>6)SBl1WA*@vcekJsTeu@c#fmPMGzl zya8K&?4j-HQl7RNZp95v8XJPvQ~);f`OytzOq;dQtEk*XcWoRN?YOE8oaYtNd_C2dNrBX0`HzA~ z&-I}%b;XUcUmI&HGoo8e3F>fqS1+Z_6rtKrn4@>5m$_ly%^6o1^O^Dj^GT`_iAn4*bbi`S)BcHD4t%}kxxF6E1LjpF zy!+EFS)vtoW-37hcg3yAqANi(9)ZLnNrny?#)_wKRKk29Ep4F5_|S zf@&%y%X3L9G8rBGfRU0taB4`h6lJ-fTNV;sqX1T9!KBncEZIG?O*;ZD#T$!)xFKsq z!0w+j00(NDk6<82769g|c`1@eIqy`2NjtJa3`@BBRcNJ@@yliDDGeQUjxcOCA6>i@8WR#yUs^gAp zepK~lTa%quVhXgt1v5QgbbioCzlqIpq6&X;oH+hSYSC%b1aieB>Pdbls(S z1mstkpK_JiC!AV6yymT0%EyNp1J;g%^BZ%W<)dCZkyXURI46=QOm6JaiTu>v<@-}G z#GLR&P-;gYWciO2=VuJ8AD+1sbOP#J$uwaeLVf990&HOCr?oh-=!qUPFz7)8gIQ6r zw!D4AaBqI~Z$fXVd7wzlNM3q$t5)|!Mt5#L{ly4nrY#|g|2SeiBd9R`Hndi0dQHjuvQ(t zD@0rFP?WJ|+nm*SCS{jv@-xUa4Vk5Pa(N&=X5|=PN;m%i4%!;AERD+}WDNS#QeJoj zpGr$mu|Jm#=LNR6twS$*UP%qSXaH8p=OZ+y zu+XqeJUjfEii6YxL(0-%Nh$ghS*u$_4||hoXkO)j&m9TxT{Joc^~5bY*~uhp{6ug^ zqgwbly_{c zXKN{*SekW%%IdDz=h}%i7qw@Il##g`y+t)8H)KP%LH3&c&9$MoLOix@#1WoqL2*6T z?TUM>2OV*0Cd9vTAXn zHt5HEnM|cxZY#+2tn1ee6R`uD z60-{uT5$@fZZY1F{HF)jn1@C&F7QeAtE$_NS^!^s6v$YE>q!Xt z%F(!3vKwjH*oui$57hE#1Zvwuxp_S*@pHUIAouB-H0m_$ zTeyyObLK`5x|*hBbdg&ORCAB=X{4UQLtf~#jB)Q$i5acW03T{jHWjQ^!k`d3 z)36HZl)&bQEN8hniWid|)MmDgH!T4d?Q}casYFW|QR>y!S$sZMjD5cG5m<5u2l>}c zI7U4#$&}PaYF-V~?JXGFJd#Mg$;ijjxoEE6O?HRNOaq*rwN)d1^dVH|H!bzMNvz6B zeq{6`gZbAxe{~O-UIvh7ugy}`kr2K0IoaKrw-Qcj0?f<7HO$_+8kTHhF}pjS+*6U< zO6++Dp{(VrHHxvS0{xv&aw|Gk0Gy20XrZyhqY9^k%{EAOy2zc5D$uWUq0-@o3DRc( zx&14%O=1{r33mWv9eY{eYyQxw{%1QUh$4^T14PkscbEjCnlPq$lF3Taw&#$lJTE$5_qnXr{Zx^w^ z>sGBD-=A*#;%)&QYAYN0fbw0~AvrwN>l9mxlDVpy;DQMvgf<64PfymnKMCE7tsPJ} zFOqum{Oh8ex}39xk+dNB%dy5i{{Z^*yQAbY1Ni>{_3L*lnVH&vgu{hVlhpdx8?UT3 za3#bkK zn>~z~ZXW94iDFfAjMJ^HP1^&UDEr6KuJ@2$$aVFCT3LOm7_t+9dgh;_*}c`1-T*?Y zW8SpnzNFmLOE-9dP(UY^s&_gh({s7VV~!0G_d}U2jH|15S7;Ok^3PG;p|_3FV6Hw> zSWj1Cx7C&IQP95LFnFTc>HM?js495ltqCT>bW7s`B)GGhCH>P|g~;egta~QH=OkjB z^olFY>NEyvZ{kHcEZFN_l@*=+m@6+S?sJdUwWiY1nMo4`f8zOmrm5f9$8`}|0L5EZ z*im+8AA8}s;Vm=_Btg#A>sWe)&&pCT%0~rB&MGAyZH;t$8TQIpK66tnZ;XM(a?5>3 z&_s?z?~r;L(X+Sn2$JBijC2{s>ZbI#e_<6*=RzGBpah zUQc=$KO;v=Vdn=J+`pw=yqRQQyh-m;)}<{9(M7oOq>7<3m7Ris254@^axdwTnN~nf z0P1RM^($(-PsmRgs9TlL#&ym?2Q=(5r{2a#V_HPY#8|@eaw;HxY?1g>utbqKX+Zu} zrr;_74_al!s;sLwBph}Xde&0YsZoYz0B-j+tTmD*T1B3v@doQlUk}-Bo;RH%QSz|H zaa^v8cCu+V3!IbsRucXlt<>65ytEQBq!OJ6dQb^$^N+1GNh+KkwNYayP-fkZIH71W zO+X9@Jk-xF2-8(NPNF^mcVk#%Y0tZvxiwI;9GrZjLObL9+rESL~cCBqbH!+Ve0gjbY0$CaN5TlP;gLzPXVo$lL3lRm4 z`EF0vpq41aprEDH2aIG4gHg;?eq3%R^ri)AAVQ$H`ev)#PPX>1#z^f=YoI+4>s7e> z1;m8zSC1ijb5Y4|UrD#PCk8RduEdgB7^h=0{WnIt4(4InlR>%&_fg10JU|rBO3lXU zmnVITdgiXz8fTRpExY^N6%|Lr*U?=%+FTFbFWjr;_ib`^v8?Lv43VOrF-aNq6&;+S zNJ`w09S1{GZ3LUp=5OSQoUjLRW1ebl681ZLy|VygJH-u4ccEb6zyd!-NouzFUV zy{Y>mJN@I&6_sCgBwTx%mXR!wWMe+HT4@Tnhny45V+ZeQHncBVNESuM7~-^2;g)hY z93E?;o~CjvnOLtB&CEyMBQ@1@XJI_dKVH?ud`f-Rnt1;JZNHUeTj4gN@fZqr%yEJ< zSFnyg=mXlkx21=!$b?54u{@R)YbS2xP^x>-@6@{lilG2IvTCXz5@&DWPTB)6!y>AX zKP*uxQa5MvtB%4NQ+>HTYN9I>fyO;(L-Z}iL~*fU&umooDQARl_0A|!4;Us^!fRyoz~l&kw3w-s&C!(|BTQ7fmY zY*?|H*v!d)l}vo4cscj05)2)&wosgobBY>vze2B}8FLaI4I;Ovt!vOrb4U9wd+{vLE)qYyO+%{M-&n&Ex_L_28E)dW zP)@?S*|E^7EDjTbSFgQMONY0VB0CqyJn@Rf?pEfiY7ob4#n7~*U>{1xB-~1I^I-Gu zR|T!bvoFf2m5v6(ZO=7AX7ab0O8s$JwSC6+V%os01dE2xtu{>0Go7I}@rB?}(H46V zNWvsJZ^onYhQM6ocOZ(Tq9ldN;{&Mms?0p+2+x61v@S1p#1N?swBU~U>rz`p<-3ud zpw(QRnb2E?SdIe>ai3a^P?kHCocFC3#*C#P`N#zNVwn}AyD{6l9QCZ8=4hD8s=G6j z=}0420fE7)=nqmU1FLQ)Bc)W3F8$HA)9KQSz0o^vPL~ia42tE4aB)@!p=bxlj8FSj zQcl+zWoz4*u2FWXqYmJ8syLWRO1V`BfVU;-0D6}!#t5jg(PUKAU5Ud zDd!o>52+Qd;0Y=upaGD>txF(_etNBEBr=r8V_{FqdS;~sm<9bRm?Two-*U(l0{%ODF!%zdmRr0ba2dzhQac_O`a2VVEWc&2A3PRLL9Ng1t_V)d~p6{oqC?l-fLiEdKzxB_k)-rA%eb?=6aL>?IFbHbbSFR7sp>g)LJ1p27*kB9 zR*8!^3!lQY11cb9{b_22u*jJu%MRVDOyx+)q{fHG8zTn|)O5{G#1-lTRRHB#WMHxM z$2qAEo4y$tok7P=v|hu#iZ%;{Xq=K`I60@fE51cHbi{=U%69juBP1OE01)-040{64 zo}KC@!sHXym|H;`EC2)^Dp;b(4#zp;6z(CoD&#OcRL~%427PE?bQadT*;Ni$@ru%T zB1n=rL3xy&#<10k$boH@qjqn;It=xv+KA(dMRg_5L!Ok~*(8S5p3Ucti-kC0*A+%I z^AV7YkJhw`zQbLGdo0KDu1}!qDqCG1`siXP9E#|L2PJkURJ_x!EhaI~6C-rwVz20W zJ6+zOm;iw1o@qjrqb37RaXEea7nETe-^~>;m^*zAM={Hr5%ji8`#ai@k~-HMv@W7JcIpfjGpK1 zmn3H=*EN-Cnp1^_rL!xK-fbQ7dj7Sks@>^rrAHN_V&o5+Q97{pJo1KD80tsLPe6UGZF2mKu}WSw>PM;Xyehdz!;hxl3eX zvzGT|r+rI)XxJ4_c&d`F@>H752T_o=S)<3ygRNNIvK*e&*qSUwblz6*-973V@8@D8 zEOxiOG?EJ;_!~eCll7Uz)oB=Fl?>2}1s5O)rV_=@5Dec`KJ5?CG!h~%DLWed3T> zL2|uY2+Hcr-iHMFV*`yr#Y{Y^G<5^Lw%IwIVnx2KCXu5u}r!MqV zkxm>QN}9y+mxir$qO)o2TLb37$gZhN?6WvjZ$phO<{=G$*y)b@P?Iu|i@_tfRwQ9oBObUq)HJogaH`L44mfphG zcbkdH=o-1Sw3_&{jFH@vS7!WaV&(D99CmMuK{du7O<(@(k}N!c-X91 z0;@PCZVApi)@j(Ib_e@Dj;#G>Y-INX(x^&Pf0(MQJ#omUw-MZUEn00U*;@m709N(Y zo3wkFcPvK@24wM%U|};(|lUK$fv6*u6mi0QJ{Zq1gF89$3nOxMjcDuBg6* zw2Ia{~xW}hcOw}HH8+MV@qZ5Fw#W`B+l^eUGn@#1NpYOLlb4?=;8)GgFa6M&n zpw7A^TsB8iNve{{kA+nu-l=?A6K0KFQdpZxv{?XR7XWv~W5;X&%H@IVJ5!a>UlKL6 zXrF5GzQ&dQTcwUb!9BLx8U z^!ii3+AV3JKBpSNGQ_HIwUB;m)noS;x4k&&sO70G!-i}o0PamT&ej|X zH8{j~Amal9s;sKR1Ypy8tBAK@BF8@BG7r6IPYSiPlNpq4?dw^$XL9536{4KPyR*Qo z`6gK=AxI>iYM#3hC(!7;Ibttlb$JRXJ*z`s(*k*MT7L9*B8Ww~Si7rgbEd~+rZ-?* zbpxDKkEI5Wdq@C1t92W6Gi?l)L}=p$WKs{URG&z=jXcIe%jzlerU~{cA_bjtF^acw zDiEMHap-Fno%9Io%JGii5=~l&IAGg|#Y?!YsXg_?lG-yFS+0xRbvw2!_gzO^ zR-7C}uEdf>4(LN9ag(3B--@U9xLw*lLHDA~hQcyqaZ+>Jnyh4HL*^Wx=SJhP1Kx=E zcTt{zRI4a#K04809XQAbwNsuYn=75C8PB~`cN5rT7s3q^;yIL;T(3@|rX`<95iS*8 zKK-k;=wO#~I?hXRWg(Hog$6QBb1ibw-#NBoJi~*7iiFy3XR2FB$13fd(5+!f_dD|nJ1mHBNavol%xhV-l(Loqy$&j%O|Ekj{Kq-YYQ$E> z;#Wh@wP!75W@~#RQVRycGmM(=Ej05cl(Knz73*BJn4#uUw~dxJMF$}ErhSx1%-|A5 zD_NRe=xB+RhB!4~d7;#r(vrE9^e(RQpm(PL+2^fxBxEte1_rpli23^#od1Lf%^+*1XG?YZFZhL{tu~S7Njm7U2Vh+w%&jy$astc6DqFatG&7 zOqpQo^8IOCmhY(eqc6&^9@R1^DpvrIYe=EK#IYjbvD6-wS~%8QhE9ZY#SK}4S`sQS z%AB{QGH9Q0a7ts=saY_0FK<~b!x9NRWE#Z0kIR_kq>BVT;0VE|3 z4tk1v3GPD`lo4KnNY7wRNJ(j3V+;U2dr;NF_ZlrvK5*Qpq0J&(eVl}GxE_Z+sxN&9 zu`)!{Ib}nRxu^LK-^Ow{BBMkJSg{;np-gkxyViw>wo6HtaLqsP?KmHeR8x8(l!Aqm zJQXLPHKS=LX7XmbdsRFKW4I5)HIr89aJBa{?x2g!awJ(WcwjNR-k`T)hqqe2cM>m| zC52eWBdI-ua796JadmSbH!RK+a6K!cH7y$w;G4NMth*J9s3M~l=`@VMj%xyiNRwt5 z@+r3JsVUf?kaJolA}h9|K*9R>U*-ZjR4?r~YR_g-HJJY_lAgXq&1GgmA_$Bi$A&nS`GBJaL_*Kbia+a>gU2&;u)^>u* z=>4JwJF-X4KOELg_07K?Tr3~1NzHM_32PmJ`4uIQ+)7)^8@A()^x~46Q{^)$9Y7}r zv`>|a+7!3%k~rib5^=ez(yVsZsSyP??uEXjs`0{&*eIE zfXC(HnvIsAn>r_LmWa1ay%=`QCY7VZsLIjDFh?BYuN55Js^hu0AB3SpnWbkVu;Q!U zY1W#2$K~a4a7|{a%5K8u>|@=^Z*EpNQB;%BMLz1?ER@8K9h<9GwzZ;N`WSM?-f(6I zDtd~F;Th!lvyaNP^D4rt!xUdP48N@-OlF9<9DOK##6xT5Id3bFI*QPQe56Rco}Se^ z7i%Hwm277o#-!R=7=w~2l1pzXQM3#nQ(7W0AlxMdv7WRyVKWBWP;cf|Jr6Z$m1HH5 zfsSdhhW>InG}18Rnn(vq=ZqYmY8eYI;yX|XYA#U!0JGAjiMw^@H9$P>X|am1m=Xa% ztaREW?`bPen8`xC`_;`YirmdHOy`fKW6OJz?rP|EDL$of4azX{BVxU|rhmdUbnL|s zL;ic$O&U$f-(n>+i#lhAWROi1vfyWtoK@I7DQgVsz>>iAEnU&3qos_cQ?a`ahi0Vj zkwEG|>S|*w8f;G1kqy}U&CMry`?j(tn$~M`i)#zN7HfxK3Xz}QNsI**+}e0k#d61UvJj6dzNV41wq**|@h}~k0j%EJN{*vENuC{ZZk6!V|uTRBE z#%ec`PUcBil1HsR!C2eiV|oy zP3H$YThpz23Tg`JU9&Z4y;0{7NhDLcI3c5Aq#CmY#IW8h%IpX|jdQUS?ajBORm$gDEKq|J4ERO7LOij1#gkqlBs~IYYe>rw zw-LjP0aYnnEo}_j*7Bh_UQa%ip8CN>^6bHBThp~>*><^)s1g)3vYDr2$PNA`x{VgW zZ8X$bKKuN{A5&7FF;duzSB^O>=7j$M66JaC+PFpYe3y;7^fi@BBvN}Zfda-<=O^B( zoc*D2I-FJ|r_|EFn`n;MAN2$EqAOXXkIhvnp1$>4S+S+5+IT|YAk!TVH~ECuLpAan zcFc$~(C3fmUW%E;CGQyeo~9$VG1|WA2*yy8T*boQN((W4r;-Uj<54LyXvadmv!N^% z12F1OHMOXvt<{`6K#o|4J9yn#G}fhEnNTP1Sg^;|w{5H?x&dR1zB>xR$KEMyUDPxS zgwq=Kbn@a}6dp-6jAJw0Bo_Ywbbtx1EwzWCQvS|6U0>|`w-|sdJLbIuO);*EY>}%; zb2b1{conoRM3T83zL9ZnJoifDbaHY>Ps5s_;#+xj3v|2QMY<3Rw>yngoL-_$b7*rh zLLT&@eCRr2m~F(`qQDM0?b^ANb-8@TUZW3}cQi|%m52w{vCo(vY3rUSlC*$JEw!XMGV-Rz}8=WfYo~yAU!QbNJWMHuexkW1c13CeR7>;;u4k z2omOOb>)ON(UqNkVbO(iH`)Z&o1`DUhtzc+THcjK@IR1F7u3R<+skGs+#cSPwvY)4 zByIz!ts1uHInMaaV2Z_`7+`)?&2W~{hEF#Dusl~h)y|mei>YBSZTAY}c*xCDzktRH zfXshN&Pk?IRz_Jr-W@6NJ1eWkzz}-W%T3I8X0+Ojw~rLJOm@V$$m1fj?=?83lnBr$ zQH+kY5skLkrz>bQOiT{#lg9+tdGOy%H=0e|^AWk&q7Li_r8z4>vX{Kkhpa()Z>Zcy zIusz}XVS1$HqI3Nx2&vdIAsQ{jx>q67RGS4RLh|zno>sv-CZVjcm z)@c?nSin*?FV8G{)w#AhvFlxNg_X=4oSDr@Y~O7Uuwy+bw~&!~fM;pP0*+luY}2{3 z^B_SP00G{){a;s9hwOIPV!wH*HFaS|?8CRQy1tZ%!Q+!%6|aR)*|*Iv%zI*?L3S?b z6sFQIZKNPTU3(Q2*=?=`vk?m`4#ZI^De8?Dr1v(kC5%B;yvARjKD9$hf<)8_^4O^F zjw>}vNjr_5R77_?)VLe7T(049eq4>X%_syN$E^qjUCh}h@TcYSdE?%gSdnt8oYD=) zIG_Yo!TFo;q?d*L-ZMqOjy=V~k|}Oc+BQ^tWKamebY-~MIb&OpD|rjMwK+5bNrI#S z?NuU<7}&8;NuUB(2jv|qvqIAD9+ZJ-X31zo*^>cRnze89_xVLV#!T&lj8<*k!AVt+ zfI;t79mtl<&erb4*1NvxJU6(ZwG@|605Je2F`QRd+0e5sn!*NoPAyOi6cdw|$}Qab*1S4(nKZnZnDF6_^z#Q8bf&(^a1 zLZ#yb44+!oFH&M)!C@`t1WS@m54Cn$E`x7v30aZu=09~*?O(>Ct7}N^Xsx>?y3;PF zl_3ipV?6EYUY~8GM`xfSN&sOP{A-f3(kddp?X#V^vJk>#IKyxNrs)S(bIRs;xMvpOPxaO{orgaHZ1PmIKW7{>@jEJQmsU7Qv_>gmDr;qmA`BoLa z6M8=pn;QM#-1Ah~+)t2kj+N%bcj#ucmy_=7vK3V0pkrE8ykx5+3DBcfR zbB1ZQ;kFM-R&A0`8kn2{-zn)Fn{yU>s#X{@A}2i=Ap4O#M?V^t(>?s3+X zt*~0cHME6(Ouu{zuF(S-<8VF4YQ?LQYY7#@+aW~B4c4T$V)ElH^LkVB1*vg^TcC2v z!|Tm<{{Ra9$$8>;isNZ!g@{M~EK_?so71)1eTQp)7=lZS+2LjLJjN=jc|6t~#)~bk zk@lOYo-j@om}51UH$xQeu5;2A0FuW8-lI+JD8@F`#RAov^8|Z9`1_+3nt(SMG}5vQ zj*&(%Tnem)Se*4a9CO73BaUXv2}e2NmK&0@pWxlpp4Dhfj(Kg`b>GMbo@v*2@EH8K z_=t2A?JlBnOw1Rkir!GkKBJ1P5uE(1*R4*%V(lQ}ty#*E%a$Z!ngrY2S)HyQaLG`5 zRP2Lb+s-LU!)T4;8CKoJUa*BFo-i9c@ByMajtf(3TFRhMz>ol}1w$JWtOFjkq;?w< z&So1W9FCNi6GwrK+lOq_88+-U?F+_Kk6H&L709Ht1l`LM#Ir;j9OAQNCIEg=YMQu7 zYH3+1Fo#Cq^%ZJHl2-E8JfP}nB(7+eLnB$WNSPfM0Q#KPc#Q)ojk#~)Y;t?md*a*B4sq6q z{6ucZpCLgU)Rx(oQGgJ@gPgAwqk0W@Juwv}(uMH}x)Zg-cdlOU@n^VqMMWJj1#w0# zitA)lEU?5_^O{AzP@7O>n$woydzCI@^ILFS9@Ps$AOW4ZtLCun++ANzRnTG71lebD ztr;CX>Wjzrn>$F;Zt}nkb^K~nxs~5RUguSFp~D4)O?Q5L!TbZi(y>9F!gDNbBCkMw zMNB8px)zL{J!<)662~Jyw&VUa9nJN{)0r*B(x1Z19YY1x)S4mdpyDQNX5r#IRoyj3HHJ!?uN3ClOl?Nu)!2qYk} z80*l~Pdvcw3`TwFD=ow_+Sxq!aB|Jpp0%bUM2F`aMGf2;P$GsUT=UQx9Z3Lz$m>AF z0B-sC_otzfMIaggd@+I@Sb%=DCA#@%=Ei;Lu@)owrTi+@yar3S)DOHs=Bg_0!E?Wd z!}+%hxT*COcFRLZ+wZaGoY!n9D_rH3SFzE|-p=2LnyMQ;Rm@`$&I*#dFZcA&ATf1kI%S(uv&+vx?{#DEP z_WIh_PJu3W5hI=zuzFQfjH5Mm_nFj^anYVbf2qax(Du>oROw9AyiIke*d?s2NQ~qk z@@cI%GP7npa7!buLEPN09cmd6tdG2W!;EL4tRA|Q^eW(k$;qW`o=q!=mI(_u01wKq zJa~nTXDtmAxq{Mpmn<7NUVs|bv~RQ825;i^r28Sgg|$9pVeX>|>dqeMkL_t! zj$}O6sIWW65S2aa87s)v_8B&lKUGrSja87eQM7F2A57AI>MKbZa>%hZMoIRk#Wq_m z4h?7V3uaE~8!0PQo>?Fm61Lx5lT(+G8p-|>i)Pw&3*Q=k}QlkYj0gqq* z09|UO+=i5j`i`+A@%dw*?hjh6rrt+xURF}fd(^R{(Hb*cUNy)@V2!(;g0-U8-*^sx z3Zx8@?^3s#1D89oT;!}JAc7R0qt>#hpHZiEVh4sy{okf4)s~qn+{ZMlwGe`H-m}po zSf-1UM{O0PFk>&=q8_Wal4Oh?lSwh>L zzz(41l}#CNea6^Cw;Kx(0bnpX*I%Zh+D=SIBBl{fa%Cc?i#70VSxT@N2R$oPti?BV zscm&uXz5>DGT9@iCbQaf7$oQ18p5n~S2fvaZb@?t zIs|uyKwak9<&L0w)kyV3c@{i=HH_dFzQ;jjCen_F9M`URd&P1kv@u>{NPq)(@eju} z(T0kt7ft+(r7lTxBe#lJ=Zr}UtccwiPDMVs+HrPgVs|igTN`<0VyTDkT=uA9(rl!h zuv`v=_5EwHb2zJ*ih!0pdDt~*@t-P%ObS+AJBn5yMVMi7Hh!>ubg;udd8z>MnI^VP7l=H z)^;+yOEO+u%PGS@BQ?Xm1={Z&J?M^_4qFxHWe#xM{cAc)hIS!wfmU-#-HeJ?S2^eD zM6;6Lbb(Tp$ys^su46a7epy&ooRiDa(GRVp>DM?tR zu7@qDc#*Cj?ACm*@i_kg_0#lg8*7&hDDznLBBoJ$8fy)Xp4&}^-cr#ZU!`9Fde*U4 zMlVn}JqefBgi~%8KGNfBbrwRM9S<*EyYNi zM+|A-O#qfKg~`a{wrah^n-Q1;#UR}01;!_5ej7RFwd0wZBxH7Cdai2NSc>BB%RXK? zJ6*sXEhm{r+0e5o=M|(rBqyq79-^`(y2jwEW}ui9gfg6Q$n~zbqBD-V8PdweEM)cR zRXV=GGLyq(cchzS+o8~CT8Ri?Cq2b(wS>3JhXq!;Qsvc| zr(>T7yPtn`@5EX#9pMhQdmtwi56xmNvrg8f-W-Uqw7jmX09 z1&BEBUcsry5r)>?BMmE{0AoC2u&$NYkx-v>LHMmj(b%3&3XvLkITzs_xG+N;#!5W)A9ZG@9kLD z_)Vz%Ms$Ke#D&MUYJ`o6h`j=;F!eOpXIyz~N7k=kO^YVfayVeagPN?C=0+ef9q4Y$ zQ8jVa%jE8S7G(FS#Bt7s;|v&{L7`o09STxT$v4VaW3yC7>5R%)fI;t7ZFL%V+_^2Z zGsqbm40*Q_o|x zlj-fvO>?6{E><}39OHTHYn{uLg7PS9dSrHzv>=5b0uFOow$@U#65K+6)cyL>o90L_ zyEim6gIJB=EFR&P5rM}(^-s#U(=Mb6&XOUi9I8_0Gm^Q;-9s3C(HC5t?PF2ELtFsQjPwA| zv;_4!Xj5mFva4-u08c_Hz5Tb@rEP~JH7VR4=6uAMOL|fX5JDN9L0;LW8x&sp8295W z&FFJcq{uMta;Ls(wljO&WzFm*HbkJeW~M!%NL8LiZ!lzIG&gTi+p8F`D8OUazH4e7 z3SY1_#;5Eui&}vMBW;o4HaVUvK zGn4O0-Ma~ucRLUZ5<2r*`cte|aJXUeFea&AV&S>gc!6yvwp)l862qQzT*G20%l5@o zZ_B8gC>hL;y%&*BOIa^cN#SM8UwBq}Ey=a@Arfu*UyoY550&<2JBCLpb3@Qc**ggx z)_M`eB)VmvSy92$ENXGa@;wR(9G4f0dlFf zPczhdRY>HG%Ht#YQ6$jK$!=qo*-)?yz3QKu%GmQar+-?>65WQi=gtC}o;d@2**~3Y z&0yHPw>ywzjw)%cU8asieYjjyNUh6OO_nP7Q`a>#j-cZ_gW93otJrc#ry+PXob8F* zapI~dTa5DA{_7K-f~T?hFVS4>Y;m5oa(V%)HT}$Cp=NET-lWqCB%9>HImivoW3tdz zv2yOv+{V&IprW38RS4{|=VFt$(vo@&ElVab<&CSxd8qDfgDUMKBdtxwWzV_v`;;Kz z4@%3oG6aE_Io-x9L@QrIpe3eQ-r{fw!64R^<>j^HNRpKb1~53QjWs5k=w~O;f+Vqk ze(PxbYdct(Syy4sJu9L4f^D;&V=RglPY10;V-d7-l4>8O=R`l3c|UKomTa z>s8CR9>$IL1TXrIz@n!Nc* z$=#i)B&>ppk%bfin|-IpaU)H4I|x;HK*d1(jd`z$F5oxV(iUV2FhFv0e>&`^T70~# zW1dm>tshc=)BHk~(Q0u=apf_}%8X7u_&Fb1#nrDh8|Oc2o=c6L%M*{x*F{>EjgwFG z`~lNZ)skttMXb7A&E?FQXvYc;4r`fn$tp%OUUan|TOc<_a)87Y`4#lwsg4T60uIc{3e%#O_cu*%#Z_3u*ZGXWH8r|%E| zp=!%!rIcY&M$wwllZap0Yd5(sa}wS^CoH3>%@;C~`8ln3)MBw7TCwNpLNF0I<1BIo z0LB@M0K8yQ&iIW-si0dFu2_~-L(Y9`rSRL^oyx#@$Bs>JNnFaM>~3o_#)>?@;TRxu zT z(W0HFt|=lPJ`802Xy)n`eTT^VBPtYN(;&1Gfg`X$JDN^Li6yHpm$Qds^6b9#UVTO6 zSs6~$UrLo5>cg7)84_GGkV|Hb;H!Igt248?x#8Ga?dDipX-_M0SXWPI*DaoV~R zP_8<`8pW1I=)=8q= z=Chl6#?@nS1DCczy)AXwYik2YTmCgYk^^E0raJGkG zrcJsP9-j5xXrvfJvmL&ftuXG=GO24F6|LRXvxc^r*Vr+^{4-q@hl+!InuL2>`{)24 zh$g)nw3Z=um*z|=IB&7Ix3*6im|VhByB8Q0l5y!P^W_SXryyD zJ{G=>$VCm0d{s$&JE|;Xh(R8TXmF2Frn{2GX{a@{I(wr=@|~er{-(VLOSc*pkeWTD z%RIz>@uKKS>-bkKTSwhpbu_i?%$;TjOGgXxl*u`+4o7b^w1Wb(j;M-^j%lMGeSptS zYP>d#RpbYQO(wS@*B%ifTpSbYOc1oq@+R+aI#nozg5yjpvuN%W<0>_!$$Wk)ByNRT{Zbd8+$&S~5?A!#Ld5yZJ2=_QflVf($u+MSTB zIyo52v?&Do)K}hUh=JdZw5@H%iq_g^9&ErI_N$8mu6F#s)Ld67UD>>nE31!c&uu5n zxDP4ciW9L{Ew!pADaI-hIN!Cn$E_A(W8|9)gn!ngh4-#Q6Zp^}@^sE=kYpngI-1g% z67n-OT`*jQl0UqsJ4brwZY=H=LaiGr`eM4{sbHnr$k7#0LqFDnAo=Fr^MWkA?=9`zt*2a5F3gG8IV=bGWZCN^xe{{Z*f z`Bqi_6KX#ZPT||jB(5>vH9=wX9JUYEyvXQX?#oFKE}@%&>sxnvDT_ysP{=VmZ2%r? zMQb9gxpgtjA{O7fgV>swM#?kB2<=jVD-E`WFpr#*pISV$-MKlccVO7N19BMsDhTct zE6uVt(0J#yN_SQtQp9qBb0TgIzs{Ji{*dwHh})1eRTtb(YYQ!ti8rPQKDCo~6AO|U z;QI=;$w{VIfw62^mG>`1SxOUwKV-gJ5AnVlH_o4 zN&DIf=!vZNOFP^v5a*odrCzzXnkggmqz%934c|4CttVo(5t3`sCBmtY1;cm6a{mBn zlGbJ@?X~_=Gf6a^krM1%(eCXnbp?{(v5by^uvGfjQ*dmqt$x#KdA?#W7E&0IS1C$M zZ3lZJnq5%Z%>Ha>-l|6xb{L_a$*(QhQGxk_n$O|Y3isTrJ;a56a*i>8YnyAwf_B(( zgVwceNfFk?=r#L+B6+UNh;xE-{c8QrzAi>pN|W3CnpOhJUdcU}jKqKujFsfn15TD) z{N;U(5o$Y^X7wVv(^|?6^2nP{IO=OA?itW2Wo1U>d)1`ABqgiRkIYEG##r~Q2wq9> z!FH}O%|cgqWm@Lnhx8`C)uD<)#Uya7-IN~n>7Fsu^q&rB(dn9V8EzPS>`yrQ3a0s= zFJo!i6x3Gi@%x5pS%f&q_3Kf=Zt|n7gC730?2KZFUfW};fDSuS-A9!N)7GJ8FIFd{-!dYVc1DQ-ydM=&mo1664hDI!JPpIXt$+d*2}5D3OF7m8;Y;NbgK zZLrsJUoFTPY}CmYAU8BAb`vJ@6cNDZy-J}Y<0BPG++^{*dF0}(6Bamspr*=FMW43D z6$%V67(VpHb1RZF&myM7z4jin6p-&A5$jBm)tI+>xM~Ek9*xvhhlwsELP=kGsdpM6 zmE}nUZy{m)B%IazIaxNj0F^x}DG#A^>a3;X0DQw3qBXlw=E9Bv;kd}DNhPQx*>@6K z!??!45tEU{Rr7y%3l1256e}=ktr(L>8bLU9$aVRBjdGjWZ2?vR<9_tuyOVpCa+2Ys zox>5y4T_~atc2~9wml7W!fkXV*o~#QN5e?UPaqus0F7I?`$)1!U|2s!9Ssg@L$-!O z%OXrhaC6wxt|V-SJx6-U>dJ+^dWZ^&dbWRJK>tC0}UrtStP5d@K#+>P6T=xKxu z?QzMYa2+%&7T1iB+59SKlQM2&f+*BC7Gbxzvn*rwugJqyxe7O4ctQ$Qp%3UH`tCv1&sgUh#V4lZ0qH*?d?%5KX z_^fe~UomM?LUxh2gNn|QSk*$P8TB=cw9uuYNx{x>%_6Q%XK{~Vfr^NZao(gXUA2x= zfg6mPd&e9_jGU1~{D*x?UT~INFWsv506pXg-2v@MD>BX4GrbRN){}p#JmenLl!<06 zk^royjMWEbc@dcKIKZt|gC=$u!KmZj@srRRHVa%Mg^F(63WHMJb8Z6g!=*jgjP@-Y zxnZAr->|kfHgUX2>nT5Y917l+j_8?oEg7yY=Z-7nK2bk-)OzNn4TvjdM2oj9!0Gs4%1Xr6@T`jIjJ9gE;Y1u9_N}8Bu@-wkoNl-lB3* z+@*DH*2JWTaqo((WMZ2^z!g&8LL}I(xr-p=)KY~oY~wl2P3{{MB#&%l@=ZdHOj2{4 zj@0g2)atwmxpi5UeqdwCuBTs#mrI?KnF#BQ;<}Ws(|$%WTA5?_+AM9KofDdyNV%3v zToaJIXEbweD-^XPd%L8E?=U&7D-AftSyhN5f<+5ga+}bFAPspb&m)S0_{#))3*k?E z;;Uh9$YG5AmQ_$rMoILf)#TlxEwCWD#t(5xyDPGi)XKBe+fUP41YFG_8E^7yYfIC_ zko~gwmyu3DCpi2muIs2a(X9k**Cm^UE5e$me{}I!UB?*tA0XAFqKJ;J$1|o+CA4xy z_ctjA9qV7h-cXY3BoM>btwNRC9PW;P#CE1FUPkC70D)P1LaAVKYbw&aMZHjchD(U& zoGERKoQ~B_7d}%B$345$N81;orlT`cly>f5=zF}^E6e}fLTbB48(Kj4RM!tDAz}M8+zioqke_GO48|(%Q~|G zwR!+*(&@5X!c|>ih;=R8S3*wOnYNQL=dxib3Aupp>rIed!w6N4!usPGtvN5b4m`vO z_L&%OZN0L_rMuHrPZt7K#!lXqo3bH07}7?HPAS_YLmM!{^#J#zmb#i==-RQ?*2Zr- zGDdo!?^;o7seK`qbuRh&RGtUnn(5UmncI}PY|G{nWdnCSaf;lsmLj25w`0C(LEV!r zO*L?OQsiT;btYyTvDNNLA~a#;m>Dnp2CpBMfvEUQ*o-Fnw!?+^!dHT09UdLe1op z8;?%Zfulx0ymvJ+L<}(8&?F#*KmZ<3N|oc-FnOZ)0yT{g?)9k^5!*N!pf)1Bfr5>P z1oy1zEaoIJl$w0V3u}=OQNSJQGZtF_=8b>~g(r++v#cD+wtYD8yZ^#(QiDlsMDp&?$91~hWYG*fMMuh(WkxAq!;ea*KV>{eq zS;F08Q~v+~p=}`th>(61`A5vzI>ex0VxANV6iF>wT1#^KB3$~Ca0O~d4ThWZOzV3$ zWsLlb_2-(IHs36N;fA}iz3!=Vdfz()PRP6{{3@D6(jS+fdbJe=WG!UP{{RfbXf=qH z$Dc6ylmoyc`qz2lZB{rfzR4_QeB{Vx8QWa5=9JQAu$7|HJg$G5R@!*YZTLbTJH!ws zeNKAUMOSz;CGjJ$@iv^Yx|R8e9M_#++j&aX%_=OD-QJ=JqOa|6A6pwEOOKIAP%g)pEhxkS_yoSvVoolKx$&|pf*Q!BV0O=t;c*+Tjc~E z2wt=~E7%cxPt;1Yd53DAgFR}^Ly6w%1V z(*vnAJ%uebC=kvGFN}Jcv1xU28v>5m9kbS&m4ullqbte-u_+-OgT+!?>0yYVCz01Q zJx9{WZ`W)%8$>Qe~3I!4ymR_w$Yz9A+_Wf`GqA5%Hby2 zz^i$8C67ipHKHIfBDXjvIUbd>9CjOZY&_4jMBBIr9<^E5&sHp-cdjZga%8SRmbD zsoRzPb4$$9$(g#VG!tR6GsQmJXoPNWnzoL_>`sRbyLSehC6YBKcLTm^q?Lw?O*%9R z*9)FHj7v$H)GD4aSn@0+C>(7V9M@eeI)XCiXrX?rAthfbe@f)^ z=pRw>4X&75Z`!62?(2;Ap~sas*xH??HFMB44+FuY_<{{T&D@R#WS6EZp1jkd{?U6> z&ed!w_WreuX6L#G*^7VS=_8B~+us=j+OjW;+w4Gbk&*$(t5W9JO{6k=XtqZt;7g3~ zYMsai)y6Z5Yh6M%*$Jm0TQa#M^%<*?#`#jioMwxf*h}4#M5ACQJbKnt;L9{{1AtCA z>r}QQsiOj=yx}A4ImxT#iE)l4FAx`c#ZFAYgr{23vrXZ>@J<53H8sTQf4}?CHDcPfF;a_Mc?Sg|6A^lvV=@C;*~> z3eCLM?JY@DB9`^Y$MdZr2R20K%5hrGv2%5Evc$I1bA%_a=T&awy0z0j(LUiT@I&>k znL^Rn=W6=1g}Gu~i9Js=^wcDULc6xyV2t*zZeg`^HtKYd{!xme_}#^3-ld_OyKTi? zTR@7YKtmpO_ok4qVw|`PcJwqu7-N(9RE-+ZnCK_vNry;%_g-j-AN?8F|!D_Wc9^IzDd|3j{LFc zD7D8G)Vd+^;v*oOb~Rntl?j8BSX)xlA@X15ToLV1Isx^jn53*&iMDO`t8sugW2yJ4 zkS0%Rk-24IAqI-A+E#S>>dV!A2lwIQx&sfjeVG7{5rI@M7!x;Y$yQ$2M>Sd!9E z%D|J;jMRI}IT`Q8NfsF7WT81fT4eC7P?D#wQJNQGmX60s;7LMj48Pt(U1x~hrHjjp zr*Z3D4{~1SG!RW3TQQU)p%n_Gw#;LJj#%^*C8#xXXH2vLQ1Y%{sWp8zlQSvfHKNdm zsf!V0xMm$U9G_Z)S#va&@WKlgZa|@G%GunS;iI&&G5QMTWVtgPtbUahHXJ*PY!J$x zVEd;$*8c$ZtZK-s&O3V1NSP~%CZ{=+6xy4(;;Tyc5bs$eMvLzrd97QGtPx7)Exp)Q zm5TMxT5gx9&0}!EP@Ttv>sdwFv^K6ouN#ND6WkHK#&9|TSy6^?N$pcntpQJkH&OCAKbff(PM9_7 z#OEbTnIp!@7$5h)`t@=xa{d*>R}v5S5&r-hr^_uQt_w$WSJbt8+r2t?CY{|K2q3XJ z{c97z`sL1<6xPtNz-*D*`PMB(CmU#MZ+87o)^8MjrUH^$#2LD}j34J!ZS_cy{N83g zH-C*!v9hvab8>fO@9n4+cPp?ypXAa{7Q0Ist3Z4DC1tAvftS&lLdaJrSo zsWW%b*Y?fR8Rtl|)U#r`7(6MYd2c+|Wgd z(Ty~(&~2n=_?tww)74%8!HDOd=~+5$^4lvW#Vp^%dWt7^6>+z9p|5SI+b%K-vE$aZ zA=j)R!mMr|(*vK@h(=A2?(`=1}Xb-yfxp{bW1 zuc}-xnVA@#!AT#^tIeuvgdSNy@6-C$Zc!=2O^U|)?p9wiW+&ah`t@N-$^ywVH@Ra_ z=K3OTi-S#r$qu}wj5a$1_Fa_o=B0U4^YlY(m!g^f4cZc&`o z%T?M3YCv3Fq>>NoL2=3F9<;0lQ!A_dy!)D-8-<;Ul1Uv%rWUZ0mJ)?i_?mh%smFg> zcS5znn4Fe=l+q43=iZj%6_4)l%bfaEcW}8X2*Bw~2z=Hfb_oa4s$4S`8wEW8R4=!X zLHDM#j-ccMXhIst&Y{Lr-e4dsI95)Wl*!QbR5zc{j03ZZI8a@@bnqLrEvM7#GDc;>7bF#~L1PobvR^h;8uq~zT4*dw9M zXk6b9FUs6o2R(CxQGH0c1kxkKGm=d}vz@zRLJ0LV(tSqBZBkLW%k2lQIjWbh9`l2{ zJq=a)mV$aSIiw%n#TM>N>PheGOJQnmM!}=!86K5N`enw{&U^D&EyHaL@jIylBx1TR z59${G0Bj%H45BlDN$e{|haELKjbl;KboU?Gml4X0ytd(*<8=*9E)mr_H+s&Rmhwbh zvl}I!<*BmJxGYHe8r8(ET?s=Qh}d%9UbPz9r}1^Ey|f+B*N7n_sHn({azO@~zd>v` zBxG*K6bMzp+6HL9aJ|?FdBFr#*sSAd^X4c%o2b8GF`)r{pk}NxMt~FFwIzK7%L_Kd z{mO1)I`zd{TZXr?*vB$Ta(#tr?V)b`w;2xkLEQUPd*d}?((NLORR?ns!93JAcVt%O zRFCaf1?3!$c&mosk}!T#^3}+zXjQv>#L}a%E63KV$9mpY*ByI`&i5uup{ZwbJgjdU zTc{Mt;S9mboCB3LQB7)62xmbq)+g~a-9}i-f{&Iwb?I9>^)s6=rU^D|2p^F^Itue-Wi?mlvUndmx>dk_!rnA7{*eELF!~ zY?eEbzhNU4X{19D7&xonKumJDnLr3|DU(W3cZ_6lQOeV^6Lv*Zyp+BQ76-7cX!VHg zBM7niY<+r~-ZY;=b!$Pblk+Xh{|_YYH3IwbmiL zgZ*Sq9SQ73WhAAcaM0?tPaNLrcMCPi9%vZI{{Z#V?RA*mFFA*qC-tfJHjR-nGw=1A zo0*BrFKW*D=6%vWe!Xg1P*xqTO@&m!{OTn^CzyvA#zs$C&vRt2p&pwM7cwIrm9r>A z5)^QI98zmi*-m8nyYcH-lA#xXq2wI(t6CG()N60vtoh3xsz3d8WhE%=9dHjyo7`i> zjL1UqnsgGCje`%EcAyAU8S*iLY2H+@U^pZFsyv5qa=}5|7=w{kSe>%mj7`l0} zk@dxNQGXKhWkapcPNK0WD4+t00A!(zOcU>8is4&CyuH?1AX+%{l3%y$T@+eLkmek#>>DZiDGj897SrlT$=^<-_6FFWo1M)mM`| z6InN@HX(E*7f^9gZ8@c|iLHu9a~sN=ksBm>)y+>(j`Bj$#3RQ{dVeZ<*cHru!+Gml z+7*Gmk&XZnu6g4$qOQuZ9KyAmb99CYhcM|GF)b2eF5B~sOyH=VbnQGX!SE!Tu zw*bpJ{{X6sIScQM({+W^E-mDF;VO^M`R1+0>g=@}oSawFTT8doy=o0a%@9M*Pip6G z+9I~lon$NkQZfZkWf_zl5xKh)S?&z8Es%~>w}b|kUZ<`rPHQ-9Y!w43nD!m(qA|K5 zy=-U5l12!1E0Nx+vYqJI$OgG2tj%Igbtr*DgxpURQR7*#=t##=P?fbR*F+&p&A>Pn zb`=G4+MI}vh>%OeH6_^T0KvL=4_$atG40n$*O^4g-4gM#W!3yg;SF z`LYFCxyTCYMMK;S_uacYiO+ffc84t4IrXaBP_ez>^3m(?k6eRZq-`USivS7ru79_+Q4HKIDXY)!0Tv(hGPUz~^zQFi6{t!{>kLQnwq} zqpIAyA{jnYDfvcwesztO`%d-Y0I8|DOGt?FI+3^U6W+E~)=#qej=%xVan`092U4`R z0b{}f?bwQ|B3w1IOEWM8WDi=_`Ux(qr>5?a*&GrNIHXC`T@b&*+;dsmQ9X-#+`@RE za5)QtMPljaA{=Ux7ZF*b_%$j&QR zZe=5;iGwFx=BMqzuSzdNp28O5lg$9*sjC7Tsl2;qa(Dxvu0u(d;@ehoK|v#AhU`B& z%3566N8D#<7~q}{rAV*SIM3FpJEJ1Ra<}k|nzXNQ27JHLhLhYiC5Xz$E5Fp>xmjg6Spft3*F7|Pil~F_1hM08`js~o%Jnq5-IZgq)b!i2AS&(- ze)stB3;@v6Qyq(6nw*J6Nwt1$Fr6-Kl`_22Pi@O#T^u9_=vSjCiIHi+T zvV}OA6c2i|-&8GG!g!xrk5IW-;&5Y5*mvIS`aK5J+t{+N!7gD=BvkB4ym#EHdtlWk(r3>a&=cz(db^m)!~2zZ8Zj@T?pj!ngFR zb!a#L026hrrt~fak+;k%k(z79t}xv`wUacs_*5zoI(8K}K*^P*<{m=ENXR*;=bR{I z$-o^!ri5js+?$T(Cp{|Kz|rPIGb!tg;+xY^+qo21&E~OoEJp&K+Jh_QNn_udEvT$Z z{i7RT$`~JNvkl}jkCdGHXB4c^ig&uSFvuf}mU4P$if5TKvb2B|KAcnAaf@{*iF2GU zv8wS-WL@I}KJ=EL$v$jk9MdIYtCke^4T{m@JAuhHV2_hI=9srD81fjOnAWbG7woDs z3B_$ob2^(M$&Vb;h2pzRMcO;jg~t@^0uksbM0|5agjlw-X^$stW2>H(qPn55wrg7r zqj%nu9G{`AiQK`rihs(p|hKZ4b+HEAy9;yXkv zJvVl(nRO^tf{dVTET#O*Y)2{Og`A6jL+&u4MG956qX zblY@8*)yiI)@7dFL}n$n=O($U>0Wu6ocFG1K}KWyB~AdxT5GOO;47?w3C}CmxL=8< z{RdAS{Ko!Og@1(Tq45s4OWs}rAlzi&O3^hf#0D{YnGkM9B!+2s?vOp=9fWq&~brbe77gq z)T)S1LC@BbeMGKa^AVv4Q*Jx=s&f>{2mvC5^c&TcWxHrps+LlHO;wGW~7NWU$f%*E>d(4ba8TF{Ofs5oBK_joNS7_ZBjoHV&IJ@Xo z$Gp<)*vv>BjUtW9*P5pECF!Yd&QS!)#Yf6>S{LrRwEke)qz=^=uqN6`6pTXIfJ61C z`J@5>R?m7*xSAxj5j!&6a6NO1uXAn5@`!9xzi=TCzpvp_t)z+-fd@TtMbKzH$jX~?3B@E_cQodNTK&ub!}O>kXy-Dh7zm{2J?ZOWuC=*N*XInf@*g6r zzm*Z%z;))P+UQK0EyFrRA~X>O$MCqwHPP7JTi)Bbyo4`h1B`yPyjAtNE>6Q+OVi!F z#RuuQ*E^}(M3*eFHV1C?tGhC6$hnE(!6zX1%`s$bWqVgFknM2=##a8Kq?Xmu%Cdn=zbon#NAb=G5b>MD~^uTj~g8AS2{9 zdQ@_$7fcY3Eqh{!w)HieSJ1C4xZF4&TA(5S0889J=9|!zYDR#k%y#0TVjAON>yAC> zupnphzEe`#jrlE(dQdV@RU3?C9@Q49JCPPo4acQ5zNE4PAz%Xzm0%S-2FajfUOouw zYDkobNF(MH0~R)H^HL~cSdMUL5cNEF%}6txQwCd&urr=(tMF8f{{RU+n&*PY`Bz3C z;`u+w4`rgTGzusHqJRo00|Uf9B#%drY+GJ`L&zVkdCsrmnYCQUbfBkTILG6f=;cv` z`kb@8o$sN^T`(`l1M5{0cgO+ho^f2pg!+>r&9)D@fsCBhNSAvI(3dkruQPi80K*ry zcIiFLO$8sZ9;T4<$x$P6?tKYEIjk z{yVtS{{XcL>FO3Z#?#MJTr{zHj9Wj2I+t6O4Rs=c9yx;!ndw%-u($+|n>7W!4JljX z%5Z83<}9zA9CfL-f=H(VZD(PEj&d>DmSCnbIlvjF^<(rKZotHh4oKq}sibonjl%$( zb4ObPLr|FsRR`-)93-wdJabI}C5_zBnIgC6e<#|UtLL9C-1*lp+#Z$LA9~2f+MQO5 zqs3yLY`{G2)sOV6n#71K8A|2k8&p=!T*~*6<(KvzRl{dJYSx`;JHeRLkXx;DO45Mil|=R3dp^|TYQo8LlPdu~HN zBCFiS12N}=#Y-Aj(8`f;?90>ZL6|gKI*y*Sw<#rZt_}}50-U+vcFijVwXxB7RRe4A z^V251T@;AME1`5UlGLvuIXN{-P~6~FiCmJpf}OEf1OaWp1MhNblCYV}-j;b9AU;)M zNvLALV9q~uoRT}%JxwfN>es_k)LK}^BVUz00Hlf?9f3StQ4$Hd&@v zge91>an`Oqgx00o2!72XCC(XS>qflJkLAUWFBs#}w6a>VH)aL9GTrT010x*K0t0+Q zWRl&hHK}Pk8oG)iTc&b*W74_yQmjh!sCPx~NPc@$yN=bA6eOpfGg<5lL}=PL4eefw z;jb=jDUk>zTRm&0n$qTTX6>sO*rOk(HF!u##%s1L!J%*nKQR30j?Z!2Bn1BepL)J) z285>A54=G?TI4mLEcGH+0Jk-TSJc*?siSL6x%*AHA--%@jBC8}*V>&qXlBuR6ew~5 z{A)%ll6sN&)~``)U$#>tbAmrAz5SmT48b$?&1U6ohKxJE4%*z`HN@&BZo$6l{uPs~ z_+lB;WxQTmcU0r?sg&EXqLtpKFDHj@=eqJze@7@M=b=iUfp>@Mq>O9de-H)fe1+_yC-NF&P_x28E#2vbE8JKo`S&kO|otO*p=2^i!PSUE~tmwT7A`+%1*k(C+e2E7K>^4(w` zz6af!y6Lu(F=d6hf|bRl2v5 zOND6(5Dwn8Vn~j_A;1EYVj_k{+*IV_y*gmb*#wd3Y3vAzWeRqIj8e0f`=nE_i2T+F zRA)7%qek)DmUhWwk@T&pZe>u?IW0~D@vhSmIO&}JG>gXs)m&B_ah|lOaQuvqtspE- zbu7vhkOK4rf&A(Yan2}7MOZfsia7M4pgLVTQ(@u8RFDUnLR-`d&$-nt)j;wvpcGdr>zO@T4pWe>Lz4Tp!(HC9PV})9qGLZdJc-- zH*$B8@d(s)MeR4ZO4Q4s>v~rBn*lYx&*Ir@!bZ0oANX@!uh0N ziUp}k>M~q1@}`?^{!{WZo+`IRB1vH~YD0OWxZ5E{3fuyE8iH*SXqq$%L&^74_oS*O z?Q)XV%&9Gn%rZJOEEx~Yj&b=?$L2?d=%>AC+9uC(NoOWJ6$jpKGwF&h#~eib-vq;tngHEcE|DvpIt0r#bYPFa(cQhlnfX=P%C#iGG8 zB95N4^ie4aqX+3!)zLeXz^xnQhDhTyldmlXe`nNO6r>11{p(=mm9_9v_z3 zt=8g15?la$ynM^`tFnsJ)(XnyZDup}mxVz-P{6FaQnA4x;Fjx0L0;tpd*nz$;~A)K zCs`P@c;}o_acIs`y3mPk8CZK&;j8Vp2%v_|X-{!CeT_{%;zv!=G0rO|P?e;;+?eBx z*6r>~+@W(TI&3|vIC46JgVwNYt%o#OW3T{fYb(cvwz^>sinV{TWmS~}A9R}hDTvKi=T+BgDhu@4;xT8lMk}FAO(SqBFs$+*C zzF&OQrb8!XWkL=OItjL(`Nv~T3ic;inVSUE@DG@in&`h^TC&N6lrFA*fYS+8k0f$E zYdH<*DqJaFnF#mC6xVf`I9w4^YXf)CskPkT3<|QlPztL8T8=QQu5ryqAqky~K|bc5 z!}KAO%v^+QpL$};aU5TNuc4tyEy;GU!F4okxVZ=GO^)O3Gq9RXzL_<$s821(Wl`pp zT#^s1NS2Jw3#rFijorZ_YguEC^;#krjt4ciZs(MNyBPG%T6WcyYoaOj3F1?Rtf{Z% zkn%~P$rEis?zchZvg6*V8FsNAwTpKJsdCyyc>ZETXBo|G>C?5Np6cV1Q)cuxg6e2$ zP{$;;o?dp68M&&ugo)=Bi-3Cyal1p4zJ^iD%iMGM)bU4`$)xowWvKaB6Y}<`8sJAD zVlqWFccCd9vx-lmQ~ z&xJWXsaeNxy~}6J3%IXJa?S}PjAyMob_OVIyskeQdQKIxJN2b&iIc|4=A6T9fM+?N zWrYL)NaDIr2{DhvmJiT*pb~4R4e{I8@)Aw6+o-G!0*U}ApaO~j^Y0VKr+u#CaK=|* z{q6zv73S9s^SJk`sHL=yWvNb1Pc>+*y{)>-9IGQZA&`%|@7A*4Le!jgGUWNsT-LUn ze27HIspcWvH!gEjwPZ5hui{I+UKrxK+N&7A3&-`WA1DG?9Q)>qtt}!ntV=_~|q=VL~)?v9NyD5c2oSb&5_XA`S5uD_8q_-ZAa&0;}u5KC|WFWHPr0fND8cvmO zU{h*?BPq)h&*xqA)|NS@^faa05*80GH@*xJnOw5csNi51s&ImxQp_5HYkmG4prHe?{{ZXOeulTcrI>8Dp~2s~o()KgG!7s;;0~q_M-i4wP?o!mF*_J{H>57|9k~YG>PW6*lW}C#_vo?Qk z0!CjiVad%y9-i98^wY%?eV#55j`h4_)tTJ6ABP!icBz>$2D71k~xv+|3Qon_jX50)p%@(q=D8d6xM$kUo_O`G zq_h-uF{F)^iv#m7Bc8Ql&f$FZcHo1}bJ(WrUDPLzX!ge-Eu7XfHrBy4oZHx|T#jAx zrWLRUy=Ncwo~D+Y6qSt|cl)8gD(*ZnEHS{_r7G-wYoe2}jYo8Ja$UeBRY{b;rfU3b z3i5gS*JN3iUBw~9lvxR^YyD1_boGW276+< zbV}w{G*VXp0g!#FW|rV4L*!$oX5(kV&eiSZ88@seXdvBhXdnKAMY#-1B;0Ou4vfueZlRKQNY^|__u_?3AM6n1LTn`=^bXFxQV zys*&AD!3otHB0Rm$#7z}xZk(?*~jy)ziE9WJs#pqeSZrvnQ(n}dOk zk{2qjxIWcG@3#Epnrg!w6oHe?Gk9j(jGACdEF~+swx~5mb;Fg$aZPG6ixx8Rky<)) z6=vSq ?mW%(R35!W>ck%D8Qk6!eIK{UcLHvUy!Yv$;=s;~}>mH_9T^=2>t&PHgs z71*xl_4cieIR5~nAYV$}k(EO5>DGXGJm$Mmj^jrMB+~BVtuPZLw_0}a4&J7anDBk* z$@QiJ2FU6uhC&}|{qN;TjTd2^e1`KMEC(Fbb~}`ics0!%sTRoX&Slz2Aa$u3hE6M0 zxh$Fsw~7g)MmUsU;MH$z)hOBAOc&hIxpRu43A|^$aDNldY;^ws`sn`v%DM3$3B3=9 z=WYu@DcZaPQZ4vo+EqdNSC_grV-QTininVNX`*S#!E=%CRGLoX&?XzC%jb^5rMFny zaN189>q)jwsT1tVgBsvc+Xga_8-l4 zf;}oJLoo~i%{z~%!y(y*KZQh&azPjr>=!0k_WZab9nBJ5v5#&)8ZB^0EgDV0laZc= zwcleV-K4t?IjWVO#XA{S7V=xmi3U%g?Mn^Ju(o4z2YecfC#jn(KBYCpYZ;X6Ly$cW z=TA*iVCrOj;d*iZ0N1Fp1W$3PNph!f>bUFFR%@_hv@!ZsFCkeyitU^c{LM93t~jbl ze78e`6&}>2=jH^A(hge>T!yQwCeXf=Fn&dnP$*~452Zl2Vi``yYzJa0@-aDo* z$Uj<@Egjbh*VI*}@2Ju(C9H~ra_-GYu_Az3cpZ0DC8=vev+x&%?KK#$wY^cyHWs4^ z&Nn~!Q*>f=jcWG&okVtkn87*cwRBdExux4rpHo>$DRM50@nUEmn4$MrBt^D zMkSBl?O01gJ0h*zYaEAQ=g`$(vzI%Qt!H~~WR>%@>u= z-ls!3GcR%PRJ_YiQ`3A0q(P}oFO_xWOe5S?xy@vFf(x{^**fsUfDn(t9EwAW3ItU*4tS{B_l z8A%?s5?3iAk8%1V<7jHvBbSu5P&;q@4{{Ysjw)0#pX3FI@kGw0RkvQFS zH0xn!xMrD96SQ&fOuD#_8&GqOO=OmX>#3c|IUT#^oA!opmw-i1)w)PH&lb zIjkT5u1Pk^{7`C*8npd zd(gE8&4ptuO32`kN{BAzAd#8`v;qul12#eTr8o`p_o_fzwF|jxq z$gYROzb30_f9b0K06OTy=}{L+d+7HHD*y^80HS~j%)HmEEN*;><-?AoV*~ZADbsZw zkus8r=UyY%t?nLJ?GOOuhHMOx>54inPJ61;PlO8v@-X33Fe2- zUnvoGlbyNx){s(T<~gq%O=)+l?z96DuF^+(;-%X6369iH-L=Y&s_e11YBOS)V&!M# zel-O$X@T6scUq?|1SFnF>q_I;lF3MkTJ4k}l2V(qz_uxc87jO)CBcmtZ0>XO|uq__^Ju%dBRx+|Bdeo6BN<~d?9 z)~j2@kTXvCF8nC0BXF@C*6lhw9E=X8s_BRWux#e?1ZM z*bn~zT}m{0kQdpL>7V|+Pc%D|?Bpc6SdQ7}y7@v3oY$M`_fmL*K?S0fjUO2GKZP~# zU9FHPwDm$JlKNYQoM7!FisZF#H&M7joEaqAfOZ+ImW+1R;$7H7ZLV6`G2BxQ+k4`= zCuo!?2)iUxzyh6}kh!j4Nf~Y69sxalDJ)%}W>bJWbAwX{X#|zgx)?3DT#&uZa_WsO z-NSM6`qxCBjEJ24W*@c6E);b<^u=b(#yf^&`?=s(JhU{`=m{*3oE#ifF76HwU!`Zh ztaf9AoxF_xH2?|=5<1i{+d^1|e&uah$8;jxfQ9uHtv1ML=rnsbl3y{&Bd+3Wr~67r zAI$jM?_IHz>Sop1T76_k9_0s)=l=lLRA0mrH{9Ai{{YFTl zZx~y|z?|pX{{YusjCEQZ?kzKN*T>pRz zrf(tuJ;I;ytP$cnrJbcSu*u0EPT$5Qu&(OF`{Vl6&-h8|ivC_EZ zqXw;FIAEGd)m)IR@0wjk+8cQlP!?i3nziIR+hUX!#I|HpinVnTY()vTJ!({4$9Hmz z#?WpbHq-cKqKe*Yi9S$qM<%0X^PycEe>h=R`O@jq$!^6_h-%SB%R#ktZN)X~xLF=T z51~KfT6UIlt2~YwOMiN)H1;#Km5nQS1oqA)P)Rr$=ZeO?(jjSqk0{{aZ8)ty5yjs| zRdu+sjhU_k#+{C8do6VB0isgAy($_~*I;QH%dc6&pfWI#x&TKtxauXeLU_o{VOr@c zl}&4@OrRMmGHNy;Mofbk^)-Q^3G&r*j006#;TB*Qr*oPBZ1;cwLBIx{x2Psnc@(kf zKn&DlcKzo4!1My3fXEl-1##;_X`+jJ!B3df2I4f76&X-@#WaaDj-wBik&;hp%99dE zShxiCqRj#!OL*PbvFGbb=p(@dkH(e9xT`$O2~Jc~P0P61vzjNlr|+LZJvOvXEvBRFqLxU35Gs}mF`2R&)osw8eg&TQSqf{a5A{P|V6h z070s;EUweDNJ+(8fCd|T(DV!GU~4iY4Vr>ma2Svc3Ph$v0OS#qQ$q^McH<=Wr+YHf zTNeJzEkMY@J&i=qF_BmhyJ>ll-JOD8Hsj_b5O%saK?gLthJwvz#@w>ts`VqNstl40?fmgovNd)?0Xu$fwKOiLhB&6t zn;+&T{BYj%NaMFkNop7FPO~e+<&#ha0sH+Z)K7b|aC6vk=~rMf?fu^D`&C5*ZrNkc zyoir91qal1tt}$TZEI16#sp`U;erjLIQKr)yb^Ba^paCt%XJj_gNTqnp4)CLC>6)U`K0^XQ6%AO&ea1;MImzqoPDW-0SDcRY?O?T# z*W4Eeuhy$N;j(+uLPYlQtAa`WYTWj_BUeYoCi*e%MIGCsVEp6j#WF@`Y^ntwp0xJR zY-6cCDri)$2%+{Q=rk>6=S!T=1dN9mAx}|Lc!R`)QilQ}u6ZP!=Cy*kP2W?FkjXRr zg#9Ynh22xk2jv``(PFJ+TaONeW91xkRc>K*#>~+kz)cjAAW%m&e%=0Tsmb)K*%KW` z$npz=fDU_8T1i5k>57(+nHb#XAI_y%q$~#Rp7gC@C9TKF9@hDnpXX7ep?K|5hkG*2 zZ64lFK9rf*#I8uKdJoKLV&@peLnc)96`hAIP#cHYwMKo#HEbGa{MKRaGtE|rmF7n! zrTVKS|MH;9J$JhGTUn=D@T*^lJqd>C|SdNiHPD z;6d$IVo0QR-VY#CH+ zC(NCQ?OFm^B zHGBKlMj!Zy(wD}Ma-y&RqJRoUWkHr;qtu*HxNKnSJ|K?P-O|~|nbUFYUT3IZJhL%p zEKjMfnSSaVy;;uX%-xNo}#XCnQq>Xu?G+7|u!S z%|e@6?6Y#Y$>yp%iT66q8c+0AF|P&5=BsKq^IODYfbY1SzEvHo(T`?wrQD9+O@_h- zxV&xiKP0jKRRl$DZWik3i0z~MfSJDQ#PJ^1%(KQ6Nh0)tP zzUa?-#U`DKe+j1+6iJp1G_8S-z|v}3WL{Je$MVR})~l_>doZ@Sk`{Yw-cSq)2T$i$ z^dbxr#v69WI63WBqi;eUh`Vzb2Y?BztE(8_GBNvf5sVh*v7?OI-#lav)pZlKn4z;aq0{fBi_eZ1Xu#YE z?OkWW+3n-juTp1Ib39|qEJjEjK<`&VE>z{q*uRCVp0Qp7@fOlM4;--kTnp8#&h+nQK{YOM%xQRzxZKqJf1hTcodb5 z8KgPjE-UB?=&f#8dVZ|67Pks3oT9btyC7sl4#IL_nK(xMK=OrCk_E1A7+I~pE!%0rMq z81Gn7UCPUJK*JJqySLK1E}A2j+Z^kIJyxw^ggtxItl0hGlX(PIyn}t8) zRb(DxZUdTg(Oj$8hj9&zR1AJ&oPk;H4U^k4qkzQoUC)N$ismU5*X2xOHPcC4&Q9AM zFO-nLRxkketUH^TeA5~sAoQ+@Dr7#*3LB!cxUT@QM%MGc4Iw+_g7w3k?Hs3>IGZ3(M(xcw>D2KPc*r2 z>Ne8Yu|1p?-|E~9`qf0SSDVa~7SC*QYIR|I5Vg0PbisE7Q};z~!KXvysq)u$JNBlc zCi!+SH7zNwHBTxr!5ync-$9PqFry@nb5sqbv8p3Qgdqa}V!3Tr+B;j#>M$Fe_N36` zs?^ldOjE?JSZ)=zFjE~xC}`|U9)y8`(0kNI*?iA5lFT_3vt*+uP|V@cljQGNz?k7+ z6CYZ}NYq;k2e`S3kx9b>#GWx-NF6qX&g1Jys)deJA8LA_E4P`rk}x|{w++8^l4-vn7*5sa^rk#dG+Vb|QLqaH zpJ#!S8<_W|EPxVeG221N`;g_ZeQPdtZ!oZ9f#24eCfW<-0)U*8?^D97k-(`PiPik6 zHja&3R^+K%oDwUdk&Q!5I%heleex^07+44gp`&(AIHm#<%>%h6n1#vDUfn5FGhkA7 zLAf)ONW!TO$E#H~%RV~_lvh#`2`D`(R|KHxkj$Gso|IsX9b*9Y-9{{W!r!N);UwxhMm^M2qG7#wyr17dNIKyONR>SpyA_R4@Z?tQAnB&Y?t)Hk4?aZKd5 zPz@4%+yXhJVp6$IRaKB}`Hyp%2Q>C6t21U0_jc{)C;$!#6^|^QTd&$h`$Uwkt$3ADx*G0FDhR zLh2YccJ?Bjg=C2)xN%}pK5TWYfh+UK&!Ma64^cOk2d5N+Je(iGr6K6a0QpD6$_KmMoBeGL@3(i66xMV zSZsI{Jz`=3Jev`?9zy$uM&8u_040^w9F=3&r9H!P#pSw2p;Tv%wVasq3YtKP znOAEsQI08W<&C5A$@!PHG_(_Aoqlc(DbWHOnnNw4lfW4I)Yv0}aa2ns`9=uqTDnch zw$*JWf4Y(>KTOuNbebGyqV9XTT|n`xtf__>9Mb)!9@44$8eYzQgW5;9hUPGFoc$>c z%KrclU(TPhk(;d%!eNd`u6M*bzuDJpZ_lx-ryf^!XF8nLNb~#cMoWic#PVw?*s<$a z)R!|UD;19~_2U>`$vEInHccaS-uJA(EUCd?V+CJ#%TR2#h?g3T>*s10_ z`gWvUa!Yv3Ap()cPhaO(6=kTJZ&H(A%gMUdX|fPTU>8F#dJBT&qFzMI5%bV)pR{XBh_=tjCOjxOJ{+B#l-H_QQ02-~P-T^GvcVx7g z!XfHEI_+Ac3u$n@nWwmpTbaQ^d5m$#=TEkbPE6NdEJN-uY*LiF4{eM+QDKsHXb=EB zDorLx(qp|i$9m>cZJJ54*V{}to0Oe^YOWF+6N}BmDNPH`8vK=Htmmxkwx4 zbr~3{ou}#CzNeu02J#7+tR~t+p};-;t53xK5eks%ULHiWyR!v~#JDn#d=brF8mF+R zue02^B_z=wfc4E&U!LYm`G(6}Cei#v{x!gSPnUO%u0Z|>5qb5k>P9iCIK^7a{ELG9 z+h?9QDIoWxd^ZGq-9>quvn_}m5JBndR-zv;rJ&L2zX@2ciXBEU&^Bw^Yp)Qk$>_gR zc`H~dl-i7Gbhfc6mQ(k(@(_F0G~nj!WjS)K3n?UfepVksd8&8XhMi**&2v0Rano?g z`U-J`+^mqfp=-0pwc9IIwYtk>sdM-xQk0^u73Q-a2e<;S>4^UHze#< zF$UBfkTKjq;Pw@`@quh12Zo|Lqdl31k)kx}!=dY%h7|zh^IX&1yWJM1kTt0Z)Nx$d z%A~$w`Lpt<<8@MCkv(Ix?C4Gd}rjtsy9v^j4^C=wq3cwq> zGhhlQqOnVBuu=08#-WoNkMpQ|1M(z^mmr$%{5N}T2A;-A0+H96-j&gm*?M0R+NdHm zFOK7y%edAOX?()CVOrF^iAvj*Ce&rP8+s_GTUxEj0$EgZ>sZ3n>fWdE6U|b`-YsWz83=nJZ7j{TgJB=P6_W_6I}>S$g?+>2oA+b9R*OI zS0PHSGuVHVO{HQ|ZJ3hVUR_FNY#{CG1y5lLt2lCe&r)kYLfw+k=xtCS2RS_|)8LJ3?4r!iL*tu%hBD*Yi3Yn7ddaOO=D`eF%n&b zj(IhgHTD*$+|%t6(i0kza&k#ICa0Pp$aeL`Z*HXZGojOqOTOgqBcRP+Fh)8jYFxL} zFR6r4t@Xjr?$~s#-mAENv^CUkbDp@0^|fHo^iElcJo{HbnRu7XA2mBIEDVb2;J1j$ zJb@H?oL3jF>yS=FcJUV5&f;^Li#A*ndYP72SCY!RPnLv%!NqoHw^pdH9EMfLAo6N1 zmVqU$i`Mti&Il)Kj;c*q^H(^|YPQhKts_Udh)~QuPfF)*e90$oF~E!8rAvLy7RJ7T zaT4A|Y>WtY02AK57Vf~LSnJ11@wuTrG*ly+1+ zRdaKYGl5i<$hjnB$TOO;2H>PMCQ%{7I&|RH+*oBCAFXs!F{o)ljf0w-KK0hMFdAPS zX{veaRtsVI^)zk+y$Dtj+ek@EZut6f*$i=;BaascP-0tK({6bJ?RO@b4&)AHjJEcUVrf( z6e4rmgUUs%NdKxy$y;SZ8)~=*rH*h7jZRSG+^UAbLmxXr1_T%#1w)+JO^Mq3CY2y zp-CExvEvwEeX~h$tQY0vVzW-qQ8jX$E>X8T9Ez4}!pVg=HA_}YO65i}5J+>h`qg$$ zr##iCVcOjXBrFquIH$$~930fkLT+1tgnXWBsM8lrpG&y=WTj_A`?Uv#9`uuIWHgrM zX-z&RnoltpkGmV3=BwM?M8y1?ew5{X#m#0u>g8HBAZ-J#MQ(V1#1wi1zG32(>Qnedav7rU+ z_12#Dkf}D|x0MHgeQ}<@O067NZ=SZFy0jg&yCq~1sR4lp)~~_)yD;1k+>CathP6zk zF$~!a&Upr|+Dt8;Ih5g}V9V*6*4ITRXLEQ-7P69D#TumG{_-(^2==Nr&_?$r7}-mA zT-QCVbWY4K?4q{290H6poYiT<2+Fe*1CT-MNj;dG(9DA4GL=@{P+lwVQm>PqnXRL^ zmyux%j0AI|D|_)%$0TtKNr2s`X_tEi?b1tbzc4uJ1!lUV6*=qJRV$);n>t|Z083q)LUwF_DuzZK1({Y1NXgZ*whmo z5nVCvbH90z++A;s?d1Db9n3RM`IqJfoSF!$7GboEMU9F(Pn$-9LB9wHIR>^%L36as=F`5-c#|$04WIMPZKc95Ck^%Hh@_aM zscCMlq#IiUKbP~WvuN6F$=(3Z`z?ym#^fnVBrW0VM~tE&$?u$>=T@}eg||1;Zk2qC zb{~FTe<7UI`?US(9duit#j)B);cpE1a?DApm}O)b%%3Ry7d7M`5U=!`+tp1ZpDi)~ zExY>Gf4r!p%Tjs<1`qdd_EL#V0@9j|8wXTR{d@grq z2emdq&hURODS3@(TegvecpwfrH3ZC6%P%I2irq;=@B?5RXEf+R&gRMHmBy1at+za? zNhY-R;D(S5wM>>&)u)V=5&B}Wp)T_hF_BFxA(o1;9N^Vx+ZvBf2q+d z)~r5fzvuq|*RN69#}884BjYW}rIExy7C8FW8@nK73%yP_;cQ4V?0@?8!RlAdb2Aof z{xua}ENp2_bur~RJxw!bbNSZ^&`WElwcNrqIVY`k8h?i*v~e$79OEDTdg`SM?qxY7 ztX1&|n;0lnM|#P#vNJE*B^#13TY+0nDH9zLnAhY_C)v?hFCgPJi83^f(qocyn!-rY zC)8wClio_O!mRGy1$6o!h2$3?UBpz5YU$G|Pn8{3pc6^4Vu%^XAP@-@nl77jCYtwi zf*R#>gV=g?u8vMsbDb-zoIi=JSzN#O4l!6WE)$-(t_rJDvO5j7k8%;74>b!QNyz6oiDc0thuKM$rJ>O*f#K63isj zn|DQCDodcO<(B}JG-{dwAc|+VQa#nsplHXOX1%VO!iIkt7UQN zU51q$jbR_aaM9nsEPYw+k^E0+Gt2Tr?U_Xvj{G42OU*B9eW zP-{LSywnr@RDo3&xBz#pXHhuwz1p)XoTV7Jvz9n_8RH)G$qz<7tImEw~LA z9cNJ1?%o|e8XG_l&NycLL9UBTwKkSZ8;_r>5^_(}(OxQ)eVX5?gl^s29dgNQ1InqE z#~k;r7V|`&>T^BC;u741EPh|sqLoJ!*%NB^I4>4TeA{~s+mWBjc?Oaq#C7Jm z>TYRa((jFTX0k72^2wR7Gu+aS;8nHLR!CmrQdMLJ1o4wurXM;tBLF6Ou7|NL>!BUB zzDWAiGOFXR;aTdm8{A?h?&N+o&}n*2&D1Q>$lFxo zgIm&eA+^-fZ36KjJ7mD>cMOwRPL~$4;#4d;WqGZo6(lPsu`0VVk;1U+OvI=%BGCF@-f$vYgtGZ#eGI; zB*&2aj;F3EEs+Y0jFaA#?mda0F~W14bik~c8O6?WP`5?TCX?<6+R~(ysq-5(pk&D_ zo@-dNXJVb@%rGerf=^MJ<*sKJHz94~&dzwnXE)TPaDY9{&c`{&CkLf;b~alRB<;tc zr3I+l(9`Gu2buxrlls==4J^Yrp<9l6&;&1U8@Of}BB#ax7@&8#0Bkt~R5yBzRxp;3 zf#@^Vp^YO1Ti$EanI&e94E&&f`s+$x4_GC)meBxxPu@R`M5WR_4SB7iIa`Qhvbpk5 zFaXzArCp1gZM|7|so!x;SeAPvm*yE(^#-ZQZ+{B6lPb5=b60h<5^0Wt;uVNTa@!<5 zcOJEssgotb`AnM!9CMn6ntJRP-06HBrb7Dtw2YhBa)UkV)b1>s_l-1*xO7q4xT?$E zUWSzIYn(Q{V)7lZu6gU8m5|m7s*AvG^;giRpvml!mjLoTD$ia;t^f5CUDj z>da9Kc(zB>^)w)3#5;l9Nfk2SB|DNgaZ|wkC}jCbV}NK23@QN0H5o0RP-qwg!0Vb# zu6PIVphRx1oD62EH1kI;84D<)$&HP2v&)gjdsJ6oB85zQlS{}4*~2C`yJ39=TW7#5 zr>#5P=p=$5Op$}!*7|K22DhYRJ%XlKDA^zr~@L9+7ow}-om6;D&z`JR0G;aDspq4=9mE6k|>JhS_^V0 z_~$%RU3bmg5Ia)<*yQp-sTDA};9`OF7bg`2vuqsFVn$Wf>qz@S`A1xLt~bXnUdqUx zK6c~qu3FDSs+NqasMs56GC>=UQP9;f14wY0&2cB9WhcxH5@hpM!F{<*8qKEJnp%`* zTaPf4-k%&US96?Jjjo28Sd|=%s-AsmUM6vpLoocSK5H{3Le9}il6v(Str#Yaq5Hsb zR8)HuuGL*~4qH8Hx*wZv4o|%cQL7|5?WAlnpUl%T&Ne!pJ?idVu0rVBv7Se2d~T}1 z9!aO@EsaRjGV(d~6xk)28(?)H_B8@;T}sjhX6K5GrUybzF1i9*iIcY+{VE&+-D<8= zM*MPGojYQ#Ul=_rC1WV$08K=0OSGFD3Ez#PtbFBg2?nX?E?%TB87+|9k5fgmHuCI1 z3rV+Oq=My{$IFnWqKFc9^%YA^0C7T+ji>T8b~sF}^EL-@LVZPRD~mfKE)#+(x<3B7 z%@b^oG5%zU_f9>*rbQ!pxjApG5o22JcRm!sy({6bvVp=AdQVS7;}kaa6TrBy^TGqi@Vgj{H(f2bVX?$TgMj z!Lm*E(f#!g#Zo$iusQMxL?<{EbW^^h%TbMgEX|h>pHamhY>{wQL+%N#tF@r4koh&2 z;0FC^6I*Qm0F4ChXr{3li|>GaD!iJ`&W4@X65H#*;F5Fottk9Jn89z%{{Z#tSjxn> z+=^{vG5gv4fBN*(te_xn{b=S6TM7NE6F18y54ou$)_km=H}gOJdVbNM<+;*nUlHx} z>phQU6q2t=3W7)CO+j<KB{(+*}YC=W2xLC*sXzow>_N@EuGHY9=wpiHudYadln@em}u2b?JJgk7L zXQAU1Tql7_PROjTk}(O$9co59rB%iSO`3NE5(1-x%|i-FCQEQLj(gMT zah9WqO(5s)@NjDQw&*u-ed&6Ev1w}&LDP=;sjgsDjC|jYXt@pQbGI@EVhQQqsl^~k zbDp%zEx40(!jIOst2uKtDASFvVnCo(O-RJH#L97s z&YOJ7!Br&#&+j)~O8!yG4|>F!6OuX+RaxDcMOdsLc5DI7YJGsg0*8#VKT6J=9GOyf zH#8p&T!}p9LZI`{rFOCD=zs=0vFTkhnx?r{bXT>gM)!i?Zrw)T)MMAP1DOt(5LT7&UT93)4Vxva|FU@&h9{@lX{}0+BGx}3QY~r zF{tv8@>~4#UDdvuZ)`Vh4By@~Ri7@A+|m%gyv*qIU$twK-)aykj3`)>j5XZyUlBv*G^f>x;<%aI5_veRt1U-QVUUv2C{8djNpPg) zv&~@55ufDdQ200lin3zNVB?%o=1`F{EF*BoJ*!sad5|W-^JA?hBOx3aWJeo#>qE#4 zKYQ-`)3-r2awy}(hE^D69cofOWj(*00kL-2gXP4BIBm=Ure0h;@|aNJ6!P7xrY1HW zZ@SHdiZGIOCZW}?n)Z0Dt+K?`MP1#6wJY3M1Pu~=-cseyy-+|zgFQ2f&d%j|ogIuK z&rt#Y0M$r1Ip}I#Qr$)LN(OV1YfZ^c%yq0677ymB+>ODL*baKA(+iy1A3?Qq*Mob<;DP?gVGl*DZ3d zX)jD*`qv!OQqbKr(Q$+=YqgyDjmhS@`-t4Lq2PMfPF>1cnC}y#o=!b;Q8bxs9D8P| zzQi;D2Ots1_o>l>NsMzzYBQwp=Ak{7t#2))g(WN$F!!&a;Y%@Z8N8k;q;(lGzCro| zYqy?GoK#k<U}_Sd#w6*#LW(BT>K`!2E?p{jF@^`A!?qio@BcAoW=v@Ifd)s;r{IH)co0nIJMG9?6nIW^pPP;H7|pE$-vYe%ij=DM9I zWpF{oVCwP4hvgW@dg+u!61Au+?ew36PHW5X8)NhAby9qIDfT)88s$<6?! zBen%yu4Ibx+N8$}io@JiPNAg)f#eaC$2lBSyQ4_En!gO=l=!YEk=TgPoE9d%UiDr} zmO&xf+>@H)#I@}{MN`{Tp4DI$=jCsgy>ipL2^cTTN$XJ;bZF65dxu!@82P+w>z~Gh+tPp?l(QZ}TBg22C4*n{YgzoOP_7O7X~24o}vadWEcN z>36?rgBcr_ioTyG8*PEbB*1rriw5{bW$;?xnxL)0A>K6Q&JYl;=1)R z8H1W!;+UAc<27DsTVYfgCye?~GDzYIxF?^j9#|Z&S~m-hQM6;4P;%yz6CabtDEWvv zpb!NZ{{ZXMZ^J3;+cW_1GtE09fDWcyUhu~9`hup;xOz#XfP@w~!V zZ8rY^d8>}8(@%0KZe^a^$&@h)epjd?nc-pQFCCkvE0W7(CBCKjpUra0OJtC9QNTGZNc-3YG`MVDb-a)pRLpjRO|=!)zmtm0czBNy6@5ttG15b{RCHMBbo- zo|PO$+lOQHr)zFQT3L>eG<$zZm1zg+ikns*}30NOVw3 zE1d2N?N(aXYJfWb0D82t8yX0W3X)r%wMu3tMGAQ)g{bu$%F2YEbH-{|EyH} zLPT9p6`PQ{m2MnHyBD8ojWR&khbFXJTzswSP34psCnl^!-~p4C`qat0T?CO{Rt(%6 znnZT#Mem~`-N_z66mH|`Q5=2Y$)KG}wzIC@Pd{2^^D{UjflXa9uh6DT74^kvTj~Zo zZz;j6jfS=(+!|fLo@-LlPcAPlp8?M~t8YT1*_yB*LN-dRlhht5bp&A~Y{Z6MhOlqm zxH7c2O>1LxY2pcGFv0Vj1lvU=O(c)H0ev`JeBG(RR?Xu zb6y*ZR%%l8%QzHL{t?0hLqu)E5y1Bn%qOr*L~{KGFu0 zoMeA0b6GP<(2<_hSZxxE9g27Wj(Igy#_u3S$t3VIM0W?S#Qy+cx>f+BnLVk}X*Xz_ z-Z>RdLVMQSjcOdXDa{0sADxQ-06JlEG7A&!Sjs}MpElgFBigm}ZAmQyETEO=rYS~O z6}k{!-FeQ!H#-U76InAt%KY*5r#9_kqOGZF)&nlc)pE_!w`0>D+8Cx0l20TsZ^`VN0s&7>hB*a+-{?UPw|o2~Pa+ z{Oei@$;q6xo#k%DIISH6M+o^JoyMt4rIkKx!{q2a{{UKDHI_S-fz9K0{{}=URoG#q+c}Y)mb{ z#`ZiP#=0WghPxx3q@>Hf6|*{2#(ASMEBvfaW9ypq7_4AmvLb=FXO8t!mn!B&#ysxK zx~izVRA5rqGj}?+5tu5H#{#*1W_5ka8-dVfx-jcj&RXwOjt5_j&9k(8vgFqQa>!Y` znpMiBu^bzcLRXrS<0dfUsOl@0`kIZ4XgeSHhZN>es#Lclr2sIht)}Dr>S%75C>#(t z=9c;aUiL92CPu*rwN_ZU`kra0rGw17G;8t^z#g?9m%cV9KP?DMg&mE^TXsKplb)3- zERmDA7F_3dYTX$vN$1p}Hli3t`7w{BR@0qecbVJf?V7DfyC$}sjkVEkOvk5M$TBWY z)0`S7rlqUc(Kn4e2uTNLBQ>jOcOCugGM)%tb5{p+OE()HOE|#*_&^8009JLJGPEXW zoU0Okm3tDNg56&-LSvP1=Zubqq_U7(*gKK~@@qM6RkSGC$F?aakZx&-z|UHV;gZVY zITtc+`HGIC=~bo5dYe#cYdl2@;fUmVRSO+Ot&!kY%WpY8)mOHLX&VhPy}WLO;TRm| znW@_?)L^N@4r@89>Qo(!cgj8sWb~@DE=eb;t{1tgGG;s3ko5YGmett94-mNmN z)M7|>XSnNA#~^;Vr?C%1Ldo$ua#VxV8tU#Y?zevPQJ5rg@s=Qy>DIa_R&@4P4pjFk zCDyTWtK|viBalHSKZa_|J}%WP)WpS*gM**{09|xWTB->MTK9r2us} z{{ZXM(s-XxylEwAgDMOTI{vkvxQzLG84+pm2IaU;<%f$FQJ=nWhL#)qi!U0&;J0fqtvaedb&>6M9m#9 zU#(_q2nDk+``*5l)X0gQqg=-%Zi=sw#!XkfhA^!Kx`k&vlgX^4nq{r5W=(3=>Yrt2 z-TYW;xdeV{c~ayT9Z9U_xrUXC_PQiU6mDVx_3K-<(M1C7L663?i7cC9WH&#ZJBry5 zHTIRqT-7wwmw9$MG@7|rvL!KX`9R~^l1Et7l5>idv>xXts9yP(Oat-I^U{*q!|iir z<=}dEteYN)-?h`Bwm^F4)Ya6Ks0ypaX%cO6VJ3dGtjD!zA*}lpu{;lYsM?*f=QA#T zwGFYNy6cugOg!i@-*r&E@gv+z_H88$vbO=dP@>-Z7Z~fQQS_y?h}>#YnJyUco4S5x zx?4+_{DeS2+M|k>E^R_hwn}6&xM9xI$F(NnT;$Ux$2H=?xgx;M4<@rbF?8#w`F)QR zbS_&R@H}?SIX+{G6S6WanXRnj+~s$lQ(4z~y{pD|;~!C3%JMEc2ZOIoo%O}$+(nE6 zE3c1OlKq|4S!4G#%~n43*{wBWFH*V&Jo%-7?V9I>$(m+tkOykbY+FPdB$=D%!gr`9 zj72CRhf1sT7R6?Vdz1Rrm?K0aI|66{RIfRvnKloXlT~37qVDCfOd}0|+#^UmDtd zp2o%dvo{}wa!u%O4H<9Gwu(~Hy0+t-XNrZ4bF&f?%0I+=eJg?qy;!y*Xx7QYBkot| zM@n|~nM%p`yBfFVNQnvoiPVBBMG>3;G8E>bO^xVYiIk>CZ+e2^4s#l0(6$>YG6qIn zpr1k3mL(A&2l6#fVLJ|SyzdxM(XmD10A#0n(`9dmdvR;6pzNN%@YH=pdOU{N7R5FzcnwxPx;q3h6kxCe}S z@@m@Q_U>#Bxy@R38nLNsa|AznP5%H&)H6eUY|9xtlb?FdcleoGnYVE_+12+3=caiS z$q)KB1RnG)QeZ`IKEQrs&%J3R(UeErG7l@7Wg2P`z$YAc#b@8z$XK*M5$Y+&S7BdL ztacYNu3rEH>sO+)dsSC1%nv|1S5l^>pq!42PO(;iiQ8~1!nZi87y2MDmW?)%*jBNn zshggrbb2hsS8}#JYAefFt(m;ALGP2+tJ$@pA2zlwX)te|DG^9uc^!zYopRzOw(^=y zu6t({qE<4Ntmh#%ac+6YX*&RV(-PR~cPg6|19ZT}W}(dPYMb4fgF=^1x0XSIzO`1) z*ve#OZhbMf zaeYIbw!0koDx!#c+)S2$zeG@JPII-bN=IaefUcU!BL8TF{3o6S2LADs(OG$Uf9VAQQC z0|4av(*Q}>HXE9fMGki>bJrBM5UDQXw>;=TcV`(){aF*+zxGApSw=UsOW;1|$RIxTx_cVYPug#jCFasK;xX)$qPN8I)92U{K zi4=UwPdTo+STM-%TGWe9?3#1Fg$wwmxgsP(v(!~cv{ud->`zSO*3qdLK_VO+rE>oO z_H-pxTacp|=}}Ll#W6)V@|5RqHJYogsI^Yc_bx+k4Z7`yH9^yX&*xIsEw=8>LaNDl zKGZFtQzW0pM~m)3x(>V)2(e8 zx%-b}I<`vWHnQEjeSq3*hJFh;&Ik3brqUB{YLJo+!GK4lO+=#`AyP!t$!189v#=QV ztWs^+8p>R%=P{{kEbhvTLi->7yQx+Jja-)F zi+3#PP^{5PT#>M3Wc907Go_{f0GXUd{A1FTcd`_=I-8l%EF7mhhgyc)c~w+6Ra|ph zT#IN>xkaA!VqB6BCp29-+%5ME4y0Bs>RE2g6N2NF;15Ak|1Cj6{nb*HS}m+=Tf(} zL-WepK|I%`%i!s>XG@(@badO2nLDxT&1$Tby0FqQxz+f4R?w_;`Ej$%kYl!S?_OuG z+cdiTv)f0A-0xK$l@v|13*32c-WE&=zf%dJ6W zjKr=vJ*aKiao+5$Z#gbgk_URYTPSf{a@^5uMWqHeFUM2Cs(vCy4$Mc-)SpW1T?j^9 zq%uit-AFZBbvedyipE-$Mm|{q88sH93o1T&_MoJ%sST;mT;{qx8td%y2081}uAYp> zZ&SL4VJuzbs*(8DMP1d2T1c+cxa z$6>{?xKq!)W@<7aQxdjaxZu>Vj^0g(i7=a zA$g;BJ!y!B>5D+acu|f|rExbm5iHIk{plwIy-nM?MXeQ)V#h$dzhNcQG!YKn&2_dq zeXW9G1Oc(hJd^b_?|*d!rO_B#-_q~W6;BrGuoqT)j-_xJ?b2+iAc+oNp{7Z znSksKShTPTyQEN0rYcjpcd@F9BDN_KjIrn|e%eI0)5Iu*vk%s}>Z_W^xrcm(RH0#x zxz1|{D=A`|uxTbXIyu5{LsT-%vPqIKKD6w~0?K&=0qspj$v-zV0c0ww;nyVh6pa7_ zaH+V+-c}!YfIhV!7%ja1bil1P_ZW?a2U?oP3&GFh%^d-n62*kvNXe?~q^<=QxD{Qt z5;{{A*yQ4v6t3i831P?QQ0cmtl{o-#eW}|*WV)J?$1K=x8C$p*rkL3}oO@DMXk+Zr zn(+!AYpYR(8RUxVqp^ie$p<~@q-64Iq|7+!o@y?1Z%3VUb75GmrMFTX>X`=2eYH_q)<;FR3;B8zoqQ z$zT{{_NT{aV~tp;BOILY4Jk_2L$$XCo#TCqqi?A+379tLa1{CqYStTii7ZNgc@ZVL z=QT!Y2q5+MqU)&}I}*g}Bm}eaI~txDqlPx~8ykll)89h$L?U3SK+9AO_sPx)p{q7a z*J5auLj$;EQ;RAFZN%o1Zsev#=8z7~^wr;=nDzDMs_Nq`#F9uhfH?10C(~s6D4U=i zN3A=gUCgGHrUN-@3}pjL@qZIT7G&K+thlBH6GTuky{y`VA|V{-S1sa zmEfknww3MW2_#v}ed)>a#^YOD=XJ{&>{WxE#~9hnLF&J!s623os3_dT0Lt*F}=ldW;OF-TcTmJ02tlr9m35 z)-Ti6t-FcbmK25LRKaYYTG-Y!YkOpb+J{zk$py2`JG&$eUMRp8QwBdFCY9}oT##}q zSga94<`eBpEvqTYjMTj}5)f}tFnRZ<1rL^DcXr20TN2U%8xB>^)3pXQl{ap~j?~k> z?O6@6DJn%c3)6?}Yvvad>ae_q+U089@W!>PB%SIap zqk`slU7K<#HEkGbT8`3rRD>Xr$r!8lRx+`}wg~6zS|o???rvJ!b{IBqOBob<=7%wNnpEAdee^GcCO$vU9g8!ChS{{Ffm%zT12-|?rCF*f7>stC1lvi=0c_(^|jyhDv>~eR#ja^5>v)o#; zZIGzy7n;nn&`q0`l115$70)8AwXvSdQVZ(@x|lO4U9ENY2X&m^``vFrxhotx`%{r?FzJvk_Q{Ij7T4)W<#R1 zlCPJQAaYJvf1k#=G?TfzlIUKVz}Y-z;Y5hUecqU@=F}~g4Ui&ZAH&+TQ8JTnL}F?> zyzQ9SgafCzu2)fMWSlgBf_iq%M6J-MM#pLJ-t=joX}?*D+(6)YSvy@1T-Uc)c%MnX zi5YJqhDRCl<#4C<>rPaqS~r5#en(d_yGEy<4m0MaJ$DMj)%-+k!4_%e(mS(`zVW8Frp`Xt5n^tGZV3AGTz80kVSTMJUpcl9;S6#7>#kF!2YPGz z`;63inr)oOig2P?5rPxL5yAXuoR?69aynO;Q9f-=%p3J4W4jqW>b0!P6By;_PY0zf z^b&S2xB8N?<%eFi6{H)k3uhSSmF$Y#)kns7$)<^ZZr_a|C2^l=R+y&XPq%8YrT2WC zk8?m+MnEPG8w@(sH?xx-v=x&S`C@k|Q^a=dej zkr;c>AxA7QD#U6-nx(4)(e%#=UQec4UumX}qXZwv zHQyM$~DF=P{O@9t?4x= z)s@ucamYXZy6Kf0wPOg><%v#xZ~L5mKmB!+d8x@SS3jTs0A96?D8SBBbKJw0W@c=k z)~h_3?^Gg%+n*)Qdm7;7LIa$RSl1mpCyjF%S*nq*3O5lKTnuhXM z2#^esno&b$<%Dp>5Q=fN@DAfxTHGlW+p@Oc+~geAkKqWtS(^pZMJ7=3+-9`w=8i`o z;AhscS9*gqGb$=uvt}~Dsm*L$%(j+=vyLz;YuuN*F<`k6M?bd$l@y0dF)dw;|3kM=iscsdH`R zyNHh010(}Yu)IQ^RP4!~nLU46Pi+Ts;AJxGjO1dLRl=NC3*57wzmSGINbAz1iwUQ^ zqmoapQCBJ4kuADNG0$3~<&`Jq{Hd!TW~YZQg`bHmE*NLYkQ^HHyiMxC^E4prU~ss_mzUy)J<+cmXUd9JKG+$h|!Yq zqc%Y~sO&piQcX+ASO7!weR!%?cEWZ9umGG>O60R%O*8D|4DQJ5iix!OO8}s%e|tau zdZes7++>y+QL&khah&l~ZXo+T$wni9Gus6Arq$5P2^&WP$@f)9Q%P-k=0@Q49jh5b zOM+#MHuWN%x00*;>YlfFE(3XFZ9ctCZP3j-vpx%!x3ws63yuv^eBd3~tmINx9qk=P8L=bEI&D;)$E5?cgE$Wv3_&azrI z(ijn47to7aV>dy`46Zh^lb*u5Jm_RP+J@=bY2yImbPHDn`ifoW&2yc|G%0tSyHw`DSiOG{Nj@WPkwZDknHQ z!KNX6$lPbWG|0Fr-afB*;{1TC7LRkV6^$ zYSxQk1QN)E27m804oTi9ru5M0Vmkp}N|!vFnP`(b7O~Lkhl!?|01`c? z7^?AKUbOiUF(^{^{29(r)i?$xgVQ2Z=Hz(rZc%rhRF0ZG=jn)^Aw3WG=|P3Z)$dbEVSfC`g-?Ju3CYLRiTQ$f>rsLh>Tg*B7HBn&``5bT!*e z9P`|8Y^?!#&-JZ{95Mb)80S1y2vgIoH)#hX&@p{^qa1al0|pBce-3Hc1t5B6o#X(Yx>LOK z!Od_hgGs9k9i-bgY-5wxwL9#sw;-N78XG5OTUQT;oPtzfA4+>&NhDrLzyRk0p{u)% z$VsB#8ny@?wN8A5Cs$$FN~WK;t!|>2dTTP;;J#(yV#wl_WBe*PabOK)W?uuB*Vl=(pdp{aaP+|fI$3*yn>&0z%g*P_1#514cv z>Mg1h*jogVm~TSS`VO@P+(&yxnNghJ_p3-xVk=0lA-G0V-GiTM=x3aHo7jK~^v_DP zS438@Ws>qu&5%^$nKjINS|JwZ&NIa(wXjQMQ~<2u4;iaX7!87Xq~cEHX`@0mA%!Gtq5g7Dw@RCKGit<#EQUAa1_h>qztq zUgtw$Ft`Wg#(IjrEqu_vXYh2cr44RFb}g)NLNX>sE!d3-@7+f51g>&b>+Q z&efu_G4+28Tk4rBGr-6G1V1d)`d*b5lVjvuOtK91bB;e6w^yD#w$#l=Fe&Sw*jFzT zU&3b6(Cg?0w83}TJPz`h1DUezyj#p=4c|4C+u0Qh?991RTg}%6PnX-=RN968 zmDZ6ADHuzL$jS8;n^(}$-B}`*lXoVabtH-vgsHW%E3VP*4yNWgfefGp1B`yPbY|~# z$1OEFTUfO_7R+q(!kn1hj_i9J{*|)_jr4n4BCl-UXhKL=+HiexYofHJRcOr9z1lpx zUe#sP?&Xlk0y7c^`888SuzgEWNOAkHa?Mb^%n$Ehlm{NSvxtpllheB6|tVfJ;8#|V;SFy5PO-Nt&K2+kh%i0DE|Ok#aoPwQ?&=xR=dDF}M2+R3E@`R%yy|p5h8B04SgWiU3An zgDh(wQMyu2-nG#}ExVlcq`nghSkRK~!S&5lo_ma7KHxiN{{XLD=^VE+t}d<&skO{% zKJY#N036iPN=O+wH7%jFVx*7wel=C3B;uirrF$StXDoYH7b!cWLy`%|#d22I-kC(M z3mlxUUTROhu(1`)ZdSb_Hw=gBD($fw0dv>Zj)Gz%DUx*H4x*hC6K>-?(Q62b({jdF zp;Me@lt$lZ-U-9gZ&m=RWRZzDJ*m@55-_ZCXp>_1Dbr=v2McN>RTJ372qtgE0@|13N0khoL$~)w7{yHFw)O|yAL~{0_D{74 zq#yt@ob{>=(Y9C>+r?(;GlVdV=VOn2RiYBONdn66GLU!vm6av3LqG31Pzn5NCd*B+ z_AVM@&m*;4xMStBdsiH{EgZD(=16v)NvUL%M`h*j0G{;5wK9z5L0prLoYc{{bR>eL z_on-es|>W2W4=aWat~VUEp-?^(8hkO02sw=lX@9Q)sj0ql7O>0?5b%l?4by_8vtIl zqq+q8Gn$sa`@rX#(RLM#%|Zv9m0#lOY1T2@+7Bg^DC?Fqx6o|UNe~Z^f<28# zEyf5$`{%iy6Kj$DG%mvY>WB_lFgfo#SJ8>}=@Ph+p^Y7ueTVZD|Tg zkOAY0g{hl*nkWX|gA~UMy#j6Tn%k8UXt$UBhMrkdxw?bFs^R>Z5P92hKIk>aCuY&o zwjFtN(k4uWfa%R*G`zNXsY^g)8C!5B4XV#Jnkn)r&N1^qiz)sso z8%`-Ox%o#XkZe4I860)=s3f>_1)SoR<0H3|&T2DaqUxWH5pxG z1mIIvU+duxxghGY%9Je<~}U52*>T|;9agUK{FTsAT;ZY8-avPptFXBn*Fyfbb! zS}h5)6ueE>R>Pt|{?N$IHk*hMSAf zEYWrg$fL?l7;VFfqj;^Km3sPB`Lf&6#c>+|4>_rR%_ND*!J_D52%0`vlZwA(J*bZk z&%f(U$@B#x;@v>bibu*i<+|34YieY~QlK7#zvD_yRtwy=EufHrFv#pdsDHBtS)uu{ z+piU$GhT%!atN&Bn&DDK^1~cwu&o(nJm4HXX@H&!*OuQD#(a%F;?4hu-mnf zMm8?U3`&FyZc&WX6Wc1u@{)7Osq#Xey0RG87iw8a9<@C2nPom%`eL?Gl$foc!)qdu zgm!okpPPK_}z+QYvUX7gOMJi{m}^{%+xBQ~36Z}#MECf(Tg{{SYZ z8mwdPIrr!P0IyG-pyee^Vlr@FAB|tP)pjswy&T8vybtGEs8W;WxApf9btJ}(Z%`^&T(}O@r5ypX*$*sGIkVc{`Ww z{vm5t&PbQPasL3V z#=uEvrtJz#jzAy%deu!Oqasn|5?wVx{nC?F*jw7j1=H;I$OrYS=FraPE#o~`OpX;x zQsz=Ru^d+k2Dr$L980~QrUyUHx#xGev}1Hpx@+v0b#%}7zx{PcA^X#kK^frJJf*FX z(3Q3|Al0Y2uuBVAlw;-39R9U#e+A7Rl-Hu@Nh*!SM@rtx3eR#r4f>c7h7OA7l5t(e zfePE)sxcmD!N~3_o}QB(O;Ok1YKvoP(m5N5z^^pFylcCr^7FZmKx=A_`x(%Vw<{Y- z<341txr}x8tw=8+j!4?sL_tOiDeLvD;}*3vp1KV24fK~2#vVZ9Z%}IxzswbnIO4Lc zE@oU6kgkeA4nCEUcWOn!WdmvL(=~!-h_06=2~0!~kJK8T778M|%4#yP7PBlx<|NYZ`jS1n9-BwiclHD)}w3-qg{@vDt%vGf*@ z5p;Vo5hX+`jGXqXv`^w@j3}rOQ9uP008v00mzRskAE~TMiL=y<*QG`rvDEXWE6U|L zWaF(;k;w#PeigGK#W`aPIdjjwS0YGH%H`M4)H3Ww*8#Z52hg5soz%h*SjrdJ;4LEgs1UI1!xUSUlHYbR2NjP)L6@-;5yx6f zVoX3cBymSTu&{&@N(sr$ScnMIaTp%7Fe@~Xi4QwTJxQt7VH%YgCXXf}F)VAH-Az}J zj1t703TO@MJ7I69Mt{=vp3FacG#xTp9$M_5gFluuIX-9%Vbfw<22&$ z5?-vqkGC(y7fm zN}*2#8l*HpqxYjd>USF$9tir;)Kbtu1HW8j^Q}t>*<}b&vyMhE2r3`^&E`#;0eL~mN&4~h9$twaJoaFYXEpHkv@4GB}gIV6fWfJWz)?8pSS7=t= zND~Jo617hI2B@WNF-HbW1w8?)vbsSTkT4s&=NPNGFU-KbmF{r_a*~APk=)g!RJ6E{ zd0ZgQG0tf@T%#LayB9Z$<&t)aBWWQECBv}*bk8-Mo|X-Smf5GeSGPiUa(x9Y_$f4M z#1effQrI6>L#PuWR6&5Nl50D503B*%#v>fp7$6^d zzH6DcsWH~Pw!kNYjz9f$_VE|X%vsHA6>&687OfFN*(lz}6`^gbM&JjKW8SScC#c)a zXht@{jQX0+wbo~8z?hOV{(I8qO@Y!ubd!U$=A7Igy;>)rksG-jhUr=J-`^`0jWWKV zR$R$FO*w8-n_rd%B0x8Etoe1hol7jd`V9X7jSbsYD_v+;{@uG^5lQFQtyP|OmB_iB zhq2ETu9m}OLTICZk&J|T3X{#6WjlIzz^Rqn7cRFZw6HR6^K<#uhLj?O+lDKgZ|(Wf z6@3QvS2eCJ;W&2h+Mr8ql9cS+@l==zBnI8os5~BO^4cWI8MEt(cIpIQyh#a&V;lfG z)`ht*7Ej*qp4DksPeNUp=e=iYF}C$!PaOtnuv(BNqxNYZ^s?*;|aCX}tnEmD_ zr9*bq4CY(wlO#|`T~qHcViZ;cq2iI7Ic)l7l&sOLRhEXfkM?p2xMR5VJC7B$92Zes zm(%7FARQd$h`VpGo{vUoN3Aq(vhFR7R!#gj3$Pp$+O6raHn98a-L}y~8-p5ifmJPw zPdby4?rWA^&C#Uss8fTwvnK$t;HmbgOl+!D2iy)#GFZ#tb&MDM%&=<&UvCxbN>L>r)M1FHPS;9cQmG$2v`oM@uu(e z&S@c7a6g?PVmb`a02rL)Vw4|RKnE0=>}fUwC7w8tvoIL{QhsUn$PV5`Fe&2h!* zC**6~d2bq`Y%2`|Q4ZZV9FSsbHnl>d`-cOlJ6O3n?Y%#L# z^A2%Z>|L#)N!vFh?#4Z8HY`}SK?0{l$$AJ`D`9S7 zmN4-izr&uCyTw!7}g1BNZ}9p!F*ope5ZP&QEVz-m|>(fLocA zC{3Vl!N;e)XDE-Mji|AQEdKyBZTE0%9vS0`No8gLu)wY1u+i9fTKzPy4c}bu25W*q z!R=he+3u~|Y8H2FkEiEbMm*Q`9JQ0VGU<0K8Ina%sxo=zr?SyS>|$1vF}L??XwyiC zB$d%%Xf}|moNi&s<5L)(cZ6NbuNWik{NYTscH1>sduzjiik@w3v4UDo?4+ zGUm$O+?|RE_pSLG(Gr__6y&yIGQ(g#wKcY%9l+VYZ{f{n$l_brqcx5$zRwXdHgGFe z$HU!P?(yWaV z;TJ0-=dWM>y;mbD=!9vSobqh9f=SqRK~ljD^}Dc<0=jia;i!~(R-<W85<{?A+%d;x%~UVl5aG(yc;+OR?CcH*Vn_9&`%Sh)S#B=U<8BEG z`Oo8;bDNHqB_#_Pw+@$T(OFtEmf=Y1J*o(NH>kU1;gLt`Drj?e)9mH@ zIby-c;YZe}SZJ;_G>-g<5OP2#1Xi4i4}C_x%^v4Ac<|qWr9gLp*gsmxrJ)tv5lb1` z2JzCf-g6NtELbFPM|!BPZ2{_y-5xw!i5rG)YTWOHIW)xgIo(Qa@(92tt=UANEocgk?$TEb0>!E9lDr@eAca1PmPx?*ild*qJRo0 z0SN$P)@AOYwf07F?^{uaJhd>bJ1$gXPjk4QYMaO#sjo`M8Cpjes**|*sr+d@K@}vs zk9Xe(>CHm(u|Fyk_2Q+MV<%L)Xf4aO2hzBi^%>@yX?AXLjMp@!*wQPwWn+D^a{mBY zk>x8qNBCG`xaF(4vU(4=7(&LIW3f|U;2wFX=vo$a65Oh1f+{V(Oq*MPPBTm%sC3KZ zOtR!{ZnXKQU7-ma^FVG?xQLk9)2Qo71LaF+wHtulyRH*(BvM{{vVk8QRV~EM??cnt z^F@ph4p*9~d2C~|SR-M(%?LoxO6rT~bGs4iS0dg43_mlvg#dc`)OPWhY$JrRc03=c zqS_644wCXaD7>dqT@M4+x&2;QFC+w@UNSwZWUQ`KS92X9WScyi){XCBMUXb+VT=>b zD=4+pZ7YZ)H&e#|I0WR^QMDqs*aiZM(mJ6@>Wrq-A)e5@1r7);Lj#xZNBwq2#DD`&p<_D8wjwoWbQcYj-S?|Y@>ec9D_x{kBJMCRf%)d zW~>E$xF2}aZu$)(TNGdwnMld&Q)(v=aBC^6Fihm`pCz~?pIV}leBAOy0l9WJj3(w^ zr7~v@-!4d`?|X@+_ZAXN>bNJ61$L)NSgn#!nV+^h*3lBxmTc~$XvnzQt=~PWjm5Y2 zgzm}2X~;gccC!(Oe>)_N6lAgrr{^I6bUo`i`3di0OL+Xr!Q22H>vqQS9n7rwBZ{cK zGz$-%5yzMqWE#!6zmnoqw~qv81l6Z;+_3QZGTSKV8!gR2c*a|YksAs)G+b6OTj!El zG0KsGYiIi}&4n9zE!P>PW`*X>7%bKpRyE@sv8)|ha4!HHg{H^3lO@9zU^*VSrUvw&y@ zl=_@9?O67Y_K*JnUaY>caSQy(y!Ym{_jXKnOF^x!NX$QQ>OD!~tu~RGkSufaZs7w*qT@Iw$$1x?v|}2c;#}pKgwjMCM7`lE*lz zyH7+r>7jbpN?a^Uh69#3>sn0(rL1Jhfq~Yh*A@Dh*BXpZIam~x0~~Rh+0r2r>EOx3 zF(lO`WGm`4m$jTM&RGHD+M6rNW#1k^9Pa-B>(yUdjhaFuJ*u4UEHj$B1Un)KdBs#w zEOCbbk=C>0k?m(>e6Vwoj@3cAch5Ne+7>j{w~@x@kPQ2Dq#GC-wZ7K*oMW-7wpMp{ zEJSPN!QMm0ewCh`OY=7xOD#6U#_ouqbS;uiad)Ih=3M-&atENPZp!_~0!sr4m07t9 z)O4D>`|cDUnwv(9vP;R)Sd^Zj=Ch1y~1h&MCdb(JHR+ zdB!Oilg3GJYC&s|PO@MX&hL7bIGy7jV{_@68_;B!jQ|@-KJ{3Jf^RSdJ@9ESF|xb) zlgM0P6WCL>$e$}6#*3|j!Z~6#fsEC8ZQOzL5%|-+hO{ZoXPon&tq|Kri-vq;(B1YY zK)7`dktxRGR={k8QOB)2Y$RA=wL#4ZlG!cA0BGq&y!klF;y5#mXI>^#7?onBQ40bnv}5w;zQSJ`(A_c*vS>nTg;7+Mp83 z@@|YA*9>E&!tY|@+_*#L5?kwvSe&pdI@XR!p(9gCmL<7yF#r+PwjWEV+jIG%2=~-gwoy+d|k5N@?3dGS%<^zIqc;cXvCk@FU9`vos^&3`K zEotqtUc6NIj>^Gf$lb{~=}qXxx-;A6VnFA;IDEry;HT5phP5Zjm7YlxF}#F*O(ZAg z4B5}E3>M~zDJ(xY`In|DGFN6t2c|JjTNKCv#(6oYT!w5qjMjEC^c*cCxNX~TaZY;y z3WFFV)hE!=H?b2h7y#sT1XF-;pLdUXwu0Tsp97mYjxtzG7x(A{c9Rq*)Aq76evD|q3O9PKBZYfxoxYGSCB_F&tFTjXFtWBYbu)P zZ53o@Z!*8$=j&Z2nFx;D%Oa3HX+<Fr$&nbWl9Eop3JVm@ZM z`Tqb;)zQk@v72^QTa+$sp}Dweo*;5_>5Av|N!BN5?ZC&NrzqJFn|cuF#xpZD(&T}- z9CWKXhOQ@L4YHmGCZ%dNn`T<+H&?7B+m$E1b{bBF4YjaqrbxE(eQJ|PsXHqdZ#4}P z-rbfbd1W1e09IOfmfkb~Td3#ny3=uOYC^l{Y3ZIVgU&m|D953|{{R}u*FMcX#J4cd z7<0*8!{zOhgPz&xDk<$oMNV(IZ5hm%gtnHH-I($ zMl`xxYh_m*H-O*aRP_&so*{`@-)_|(-(H{h)l{7rX@BePG^mt!e}T^0-0EH)yYsf^ zX~)bm59?YI_}b=H-XhvhBoANCvyUs*=2C_AG!KvU7qs$LGypGA{{ZW(34BASOyv2c zf88X1TBpdi)R@z=B2jxhzi9G}#t$TnkD<*}n%3jbapaVcbzEZ~g=XV@QLm83wUJkG zVM!5?IQhzf+*CNYy-+n{O6Jnl?F6D%c^j_gHM!wU1!bN)r;V8d4l$AS&238Uitfzs zwXHH}?F?4R0A;~$fDg{NDXp!o?}CY0usMH!YTYE3hcc1ZY0O^LNuSP)4iBKNKgF`F z(`{K5fZ$;CtCO-6HIc(Lw30|sTcPBdyO9h+G$%be^ImIrm5$VnOG_8E5niN=Kg>5M z9FKbRT{}^Rc#sDHi0F8)MwaItR^_RvaDV-EnXGB>UBkLX$zOa|RMpXpU7gQ2@fEZ- z?5zTf^d)i4VZyX%g9;BH0zH!K>I#_146aN$t>1lNw{qKa%)v_ zfK<|#kjWX>urztUIK?C;GIWYrD2?u|hBCk(b6EP;tgtS~Ta(-x$-d)Bvyi*I zxVclg*sr5>iVyjz#C2$DFdQb$jGN(PoR(;Ok;GFmLp$g}u_*OGEjt1fceNU}LabWUm%K+sa zOn`&X*HU^j3o=~;!s+52erGIWu(bI@7Rh$+_a{E)0r+Miocr zSPaqAZMLYKkC~4ZYVK)vY+M$80IrCT^<)v++<9j%P!7s#0Kq^$zc%s*Spt)h??Y*g zG9IUXm*JvBD{6JJGFPepUUUQ#c){Ax_7h#N$p+N-t zn$e9)<#_3gnj$vI?2~+DSmdJ~wUw+*uvpj);!B9L@93H19A$3$vr%kCGB`*R5qIaa^~iks~sx!NoYkAak=T&w6*Z z;buA3bcb=6Z6Cu;)71IwEAr{ZzHwsBVm8WwxM4AY-957bSOP%|# zVGAJ`Ue#6`*JE2t)I7^{8-pBu-u0|zBLFT*_3c*{iQJJ}jQ6SD7Olkv0o4w7}s~{j8h{50rrK;;H(U@%sMI3y* zW~TRLEp=uLuw2TXW2^gQ^{8f7NcK1&j@{}id&ZZ$Bej$vIT$|mwPysk4TS-RY-XlA z8Okr1+_#2k*;QawBy+m2O=?6Tq;IGL6{VGe`k6}W6vP9^y=&Os#sMradUIUW6Es9K zGBYt!Iqy}$E-|#?r=ZxviXYH>&^~PKAmW&b6OqRsS~^HD4k?VV>WzY1k?&RIypA>s zpd8X#i*h4*xbOxAG`E=C^F@X?8ygBLL!PX1Xt0P}7CAW;9Il&rG!J5|fUx8AruksT zGuOGLu$ms$h~O5^MPIj6Nd9h5trxlth*<7&F_B7C0l0CBpz<_y8P->jFHm`{@CU7S z!COO>?gVGOE;y~OAni!KIWz#d1HCt?$TWe2bUgD|H}>*7mM_5kDkmh1f-`201=_x5 z<|B{|L{P@xxckTPu3O4X+m&u1u(`S9g1PEg(<9Slw`{e!kb~HDt$JGGZu=b$k8t-g zG%?vcW-*iU)z!F-8RfcS2SreMtf%g1o!K#s^=3Y)svF)L<&Am)#bG_#J3MH^fz4%Y z4H*i>Yvi*uft%8oOV*;X-5-`qXXVB#M4YtP%(?xuaF+&Ui!A*;hv!*7G`hRGva)-W z+MAnc&tKM*`FVFLm&D3P{aG7w+3IP@BSgEKze?q`(8d{xk zb!28o$?Q7P*5v$J5WC8#Bt$;sRD$%&w7A?y8Shk(Y{x5)n1D`CO0)JaFb5~*9RTZB zYXz=M_G)4cG=GT|Qs_qluD}f|TvDeUK4WQ4 zrqj+cy?sq;mB-82zXhzmSYUu)Vu5IJAnJXtU0UJPJ}dhQV$&0RCEnm8F{0{Dv%pq zg^3|t<(u%$Z8V_mE&CVnE6b@)!%0|fKhW*oVmdQ&KD^gK28ScJnR{^*efDQRr8N|u zy0RrBMkA-#kQUp|e?r(Fl~=lwYsdZwQ?AIy+*Z+tR%G8&IIVVq2`!&fRW%JVIidMf zE;-;;$z2kjx)?HPS22=NT}NY#W~v8Ec@LN{6Jm_3nTA_1=B6NVkqQS#5TVY$2EV)HgZl9gXEU#n^rJwP9gw)6H;ra*QG3yeMpPc7il|mKU}6XH zHO~7XrDDy#6~~$Z4b;~5kEA}Uc2dgGq<)zMDEwGrL*s*`t*RP1x<;wu9zUYoP7#8`r)GvX zt!ScT;FhIt6kW+Zi^p!*$;StrSDM|HwV6o=8TpAd)g+Qg=ca4vx|s5$*&@b(XC&kL z*CnXW_N%ri-zh%5YdOjC*wUPR;s^4eToxO>Dxo-$Wo+#SInFDJ3AtR}=V$g==CoN< z6?YsSa79HG)Ybv~{{Y>#?is%6`g&KPA0wT{=H;J>X7eMC;vxY!+&liYv#C0@j_~1C z$FEx5KXk>y&dl>45h#ja7bSW1>sULmp60x|`pV~RJ&En6D#Z`pq0S`$kG)*|O$CZH zX>rrs)}6E<6V&_AgxMw3iwq2N&{r`l87~y|8O=5bw;H;ZAn{Ychl2d(q@u}9*uWVS z`4sG2WO~y?hm?nwZ`P1Su;+O+?f}>)cNwW|<4wnVaYm>Gl2VcsLQ47?h{nT{Phc#@ zs!z&u?Mfv1u}y9p9^LTz=g;t@3PwD#R=TRXs?%jf-CQUn0g`YlGJ=}!sHL5Pf!vyQ zzJhHfc4S`aA;#2fFQ}}^=Ky1zA4>G8!;&^QCnqO!I9!Etg|a$>o@g>>p0%aOu^TrB zHCAv)$bGo)MeGYhBKG+piLo|G^lHJAQwqC`py$_`=bVjVu8bS)PDvy?9OKy4LS?v6 z(nvz~B<8V{&6H9_dD~#yyEPOlzGhuXtVUdtlj z)4fSMfpHeo)by#{jgPx^1RP}X(w`%2w{QkH&P@pcUH4B2D0uHtLP}0ks)5tefE?E> zj6x~Tr9~0M%v|G~&;-)BkTDCu6;9dSPEI|k*hixHD&z=cidNxy#(L8Dp7uR5{wupu z1G*5vo`d;T@p{p7Rlx!sLn~OFLP6)3b7<0 zFbchBhCeb{CpjSS1#cIjh)C|Sw$(M1izMz?_4lf4L8M!Fe3+xhW6fu3fJq>9ARJ?k z^$$U&QMN~EHfN6H)}mPX;{ig9ec~!X3vFV|r^|9M*aoC+F7))c=yT3b^{rx(-38ZD z2;;qu;p1tQK>50L{c47`SzadN2cfLzZfypP8DwEGEC{D8o0Ninm5Wx?Qrw80rx~U+ zguXGwHLJN+<{Xo4kwMSi2EAc51iI3q^4Sy=89A-ev{9QzJ;o;tt%Dl$!To*fm%L!I z6+@gFOnnF}p;@mpAm9Vv9Mf(T3$G{;K|PH_R~F;q5h7Fuhp0^>JaB4dS?carK+FyC>F;yQ`;;66zbwlLU5SLT=*IsOch=6bNRQb8*)=sO7LtyQD24>RHJ(ZRk>V z*v|V_*;)%o)tvXo-KI6fI$l*+OK|@HefMV-ou0tTg>Q8x$TAde`?5csSX}|(D$+1v z{ORAIKE><%n_CDGSyiP2f$3bF(*2@IB;#`)DkQzqqvlw$(v8K+ME?LXwP;$hNm+xlb|rmYTSg0Y2_T$rAO5CxU2K>Ni@>ibF_0sfJBjlZBdi& zQ!e-8g&oZd2F-xD-TwgBs!U02V(!f@-W@yFYz}D$6uefXiPOIn!zVo`1S#p0(vc;Pb{*9RsWpV^TVm8M^&yv6 zvW;0H9(0F+j%tP6mlshMF{}yx*Z5XEvVQc9?xUeb*Glu`4qq$RHMtd(F(?Rwj{WOp z8<@&h9`THA;12atOPgzVF76wg1s!T;`XG#Xw;yw?NhQCP1Yc*j1Cx$l@vI37)!)DN*fF*^l&vFWmH} z%Jvq=V%ls`TddNt&t#n)zgTS)sOHY*nStZ5AxOFg>EQDg7dbwYBlo=UfB$5fTb z+*MUml^hznc!gPi9Mrb@lKYUxk-fk&E;H#`iEC>nRn9*gS43Y_7rumM1h>mUHdOE` zYb$vf#AFrhyj(qxpYJuMt85Q z=5GhsQG211A1N0J&$z28B$lCMBO8aWCW$+4P05YQT_OGwdsHG7X4>ixu17Q{VvA{G zZiugLtl2wHwL_^!Z3=8szl}xi#PnK_CCW@N?emVcJ+0JjxkCei$Th5EpmP_jrcJF3 zqmk3U6<1n_G-CvXQN?Vjt<2>n-HZrrn4QNvb49|cWFZ7rQ;vXFNKm%n$sMy-L{GDr z_&&7?PpN)`;`u-2ntoMbBwgGf8S8;V?p?%Nb&^s*;QqCxE}!IiVO@S<+nO(Sk&-p- zJQgpJWg3u-FwQpr0QKsIp`pvBT#b?og#Pg2y40_tMRP0K#9wLt2#ZIaywn#+i*DGE zyB@x^jHLErFh#tM?0m9)Dtl<nf_t&5NiEFn)s|p|g5~*tTDKe}k6pE;(JxV6DC5gJaap%o&84U~41XR) zMC9Isj;A+!uU^lQ7JQ@kSgr}I3zm`OCHZ6CxT;xfZy2OWZDVn9gAn?2*1L@_!-;LC z8{JGwxICdG5PiiI-zw8`<)m&>)-0`O)!_cek{>L9+n9`J-vYWF7hF#aM9@5-xH&3N z43qCo>!aMBXBBi-)qW=3$s?=Y88nO*EsQChON&~6^%%7!Or9aM9HTC#XxTG)M}U~+!%BNUY;E^AxN z=zKHah;#U@p>fkA_$({sXRU6 z7Sg3;l(R&8XQgkf8ILc!V@m7BF-;+f7h<>Z=cnsgH)$NI@+_gtbJsOfmvU5jOlZE- zeC1*U0Cw@lezm=2pc@!k_U(b%xd*T`Ev#ImqO>@DK)koIy0P24rA=w&X6t4u73?78b)?hi%2UEJgqWHQ5eUw>jjj^ex5UtxCWL zfj-d)Ir7im1M}v(Q{l@!M%p-MX(1{%3>;>O)Qnd&9nCp?<#Wt_Bk0zed#BiL506=76}n@ZaN89qxl*&N|Q*7aNcgXZ8T%qKlfQoX|GulNq}JF$w}uM8UZ2jB`$Re&-A`bD`t;Tw+M&A5 ztx9K6XpR|)UdKH@S|q*`Lyg;k_pSY!PUcQheN3yD*pABo0D(1=CbJZ4wo+94^ZjY+ z_5`j`mr#mxg;@#gMhEq%hN*P{D)ARy-1GeEZ2GdTeFS}Ka~m>4v=8rp`s*V90K~Jb zWj95W{onrpT}-6Agkf`%l=vy2L(UQ&> zt)q@G%yE+E`chhtV=Ga&NYzAO?(d&kpdEvPPdiw*cI=!`HjWs6G$zPeJqbLs$Cb`{*Gmnh!dfF++&0{D zo2z(A%TUp>ocC^u%4cwTZ6}({R^H{0%spw$RwVgUZ(ZM=HX@AeD=-WX9qJQ%2@>pC zE|zzffO!?EHQG!P7~AC?NHtf`dy1$L)JKv{TwDms^>11usvXQpS&j6WJHYqpP^2Pz zIm*l7SIfdQQA^Q?s(+#Y7M1J#UkOVWVx8v za+Xv+I%B^jv;yX%{Xzj)s-VNKa?1xT$7yyTK= zZpzvPj4YroKRShRx7@Wf3$Pfla4RWVNhS!Oo@t_>Rm3O;31lM%yYh_U3 zijEa)F6YFpCVaGE>CIA$OHwS%dz;s|ki6vN`_wW@+$?c4Xgx-A_||gQZH;3RYh6Kw z!bZi8PgOXsw%u)*FPS{>li8#^)y2525t~-rj_Xd0%jP8SDuMS|_XAnX_R-yJiaoM- z1EBmWWZPP3X%XR(p9CC^yw-#cqB0kOT+Zd(cww~edaSYqE=bAkLK`Iyl=r6Z3JozK zRi7NL2dz!GD)l(;N1#}(<_RPvh7fcU$i|L2x?LzMNK#i*OOK87GfZRW9%BtyHg=C6x43 zHO)D>K3E$@7S)-vPkDMgxZ*L6**G+@X%d0D;$p=03UN*`NOGODMUXA**AT`YL;NF? zRldse%o^h>lbwL{`q6$}St&M);^y8KSk#Q3IPF%HZ&8K-o}0Qa{q z*NvwYPV4NpflHn84o*!sE9_TWA{Duk@zs+o2S7Si%aP?o0}vY=jC8E|ZpPh=W^uiY zX_M<$bnPx%gx@gZwKT1{7grsBqeQWhoy>byO}ay-NYhML%;>6nQj@x}8hu93tIcrO zAnomnz}Mw6M+SQn-mspQNV6(cpFl=iZ)X zk>CpL_|-RiTvyPur@8|ozb6?4nseOlZU^GDhkKgZVOE^lT}|$y z5tQV2qAO9Oy7+mc-0HJp>M2&qGFh{X`vYEusQ7z8@|M-C1djazmM!__yQMojMWadk zt4+@|@t1_O{VE@|>5@J(^G08G+Vjb#eDoiUVJpktW-3=51j-n1Jk_Rk$R<3GQCX*E zSY{_A^T%qIIiQGqsxo_;(oXsg%(${`UD(LS9Moq}yo8egU=MZTnv#2qmf-{3O(y3% z8>uA!0QKu?%2*{*Wx7b1bPRble$v}3iGhQ%`5?Qm(!O(sc+38*zzPf}+yS%^e7UTKXR9Z`!iNi~aKAjv7gE3+_;E+F^ zH(^!8Y=0hWUCeG~>e6ks+GN}AYmc~x&q*C85_x@adsjV2WLz{T%czV;9?(3$PUe>C z_8XK%^1uLdfsEH9HM2xknvAwnhm4RHwQFiVFTT_*#3i<-FhI{gtyCJl*h(pwOFZID z>mvsB%}mqJESu$h%~L9u7}k$@$>4oyQFgXLBzx8^wgZ^ucI_Q{j`D7#IEJy>+FQntI7RMVrf(gbp4ImgSi{&mw%Kh3bDxvY)f4S0RDsG56( zL3tn{uygv=Tdh9lRMcd*aG_#t%s1nMS}DcJ%dp&i<#VZuBuLO~P*p%2bg3(myPW|@ zsuU2Q44m*O0iS)ShzX58_pNgJgb?Zy7q}absWs_Pr^_C0tn=zmnnyFO#bc*H9V1Qt z-Rp{{Rr;o4#nl^4oIyX0YaKb6-+uwKHoQ6;<4Q zxfLzXiS947@3Krr(f!eb{OedrEmgjt{+av7tfNk8@m= z+rFl-X)Oo9z|Kh-0;iaUMaEAxjkPM}m9+tuLy_&8utV<1913DG=PYiRllV~TP>(}W z-lYh{ZNM}{SdF~U1CcPzlbltEq-5zp6EvCNepJnl>;UKMK!*?%VSuOb*xJLTEyJkE zaH>cY*w_r8T3|hMN>~HZs1HW)6ti3DaycZUx5~bi(n&K)+m)FQs+?D;9j;#R?ZIaX2eo8P;tNR2#*v(3h6b~h%2$!kTwP6b zArZ^5PrXHNZy(Onw)I}%2rA~5#VItZar!b?DrB% z?m~$8Ez}d~Qzn*!NxewnW=TLJj;5O=o8}=fcN)p=X|Zk3lMoBmtHmj6l{>HpG`d_? zyB(=cNr|{WHY)1`mIYN{SkbaWASy$Ur>7K%Hb&8&Gv1m4InYCDWCwOCyrqStYJT&P z$fmUx`W6adHVll8wH<>cyrpL)un#l|qICV~lW#(DD%GWvTa`PHnKu~4TsN^V%-&mA zqnIqE&f$O*@loDf+gq!KT*`mdsOl?cc0q`*=P-M>+{N;6a4}SF8DyE{zzPq_D=E8_ zuCyqtGtNLCDCaf5q@micgSS0FsgC28h}DsNyM&Sxxy@M@lH3BS0uk5Nx8GAc6>gD{ zRIy`|>rw47uIzEw2by4J+{&^@OJ^OkPqVZVoy}3JV|yA>Hbo!H=> zwMXAZ~Kvh}#O+pb#$PX?k)sOn))z2V8^ zDeqA2`AHr9D;uJSOR&a!QcW{60&$PZosd|3S4KAD1bSClWf7L%DG6<^Ir+L)upz4u zYO(n%<#5W}=hCqPl+H5QsGH~w>tR{;j2?4HgE_&?LRKZ{IE)Meb54tL@=3?mv`*+w z%(-uMG;By9k9yI!yG^9NNi|pO2*#Fm7gAuKpN=bHI6~Qiqnu|ss(Y5a#>scO+b+Bj z$GuXsh>LZRpQ|0K=}%<9ieL@c+x$G#ckZ%Wp@yQvYbeN7EHAbOV4-f0s9IX$Y}8bdI|py%GH zT?l-dG05A=s4nbE6-VpsLqOMJ_Mc_t##jy6^{V$4%(9ZXC(s&pur;Bh83NOQbBf23 zLRg5`E$vdq_7>LE&pu_rVbdnA+}U|(6;u{JpW#KW2&VSxtA-m-(xE0e3ELrWp`z^( zYZZ;d4c=MD)X{Briy<;0E$iz__tA#hlTE3C#4EJbAGJvG6DyWKT3pu9tzM;vnb}mR zD~{)idR)t#A$c3n8WSD0BNN=bg?5aeUU5*!W(-TS1@_}LcS( zzVfgGf#24lx43Vy5GWJnEX~%Wh8CQY$j4Jk?{*JD&5f6tc^Djw=O(vxc%idZd16*2 zae-Fjdmx0hxq-7ym6g?+DFMzKp{|4NQCq}}+hvW1D~eI(y_r+d^CHN$Sz`073k z*5D&oqR3kfis;&V(lz^)0@yZIH zl=Z0#VDrra9)yM^am5dCHw^U#s0R72(hxb%e$^xAXy^2y37rj#1hkLbb*m410s>l9 z(RsyZI+uK?+7L@~HU_-Db`K*)x#&%3 zLt_oN$}U^`&B?72u@aT^LYd)0#obpO$;DK;)S5t2z!_No01y>XUvQLfsG4*a(9UNp zv64C6$*Auye4C%%ZZ3PCMMR>Tx+|NpBHuw6SspG=1d-CLjY0++gvbZhvyWCxx3P_> zY6YYsBZ1d-Vo59#J|>VmeQI2q*wsZER(gevfXniIYAgMA+UOQQN{>o$O|D}*Hp&od z7Mt<3f!x;hw}|xU;}NWxAauz802*N&ywyd+Kb9R&Zfg=quU5!3PGgPeYvv zmaJWXUB^8KG)-zzfdd~yOJZJv#U$3}a0I7+YP}uAQY$cR#FO$LaUf9LsUaoY>om_7-)Z`JvWi`i zpH2_xYTciXbsHc`-4-YN{{T1hHEE=++#FN8De7J-pHa7DlLK+dmS0a&_p`M4wLn)J)R zh_7>Dn6^a3e86yjoo@uB?=FUO_-wkFRvP4Y>e4fSSFKuyQMQ%JtelT}>gPFS7LHe6 z)Q!c=kjE(4efX|@cR)YZhAqL{>0GrP-zqv_u8FPuJE>oO^4892mAM-iB>n=lqVOMx zS}`JNbFvYTKnFjqQ=pQ(rElxd>Qsz-%|3fsni=D0-$+Q9O#>J((w z5u)3%idQt?@V2ics~Xr(y@ph5JdbZ$xi^C~YiLBba2R7h#@vdj(B)dO$~ITIQav7a zED?7g{vqG#Op8jISzUa$48Oub$^0ugQs#C-O8OlYx5Le5dv%;!?N%8I%rlS9y4^d% zEu!hc+TEwPmxfdui2ncz)zgB}GO9+)O-N+;eQ~HbmVYWB+~Bd@k9=2Sp?G@FLADWF z1}~0Xj!hG(6&^^H7}(dUqfdf4WSSLZnb&E3#F9T6!ZUHYT|!ajMp9^RY9y9jTI}^; z1K~mXS2<(jX1CWG+f$iZCCY{zAF1aR+s>;e?%T1Q`DJ8w(Q1}6z$S*~H$pSRW~tok zYBI16PjmkO>#V8aK#JbPayvQ4tB8~qoq*P zt)uhV?MVtx$i3^0>$b-BZKPJb(l0G-QtI*&kxTbZLFTgjz0MVKNjLy^qmuGUF5wtA zE=9SceWB`FJh8{A+DUBECiGV$<{rEg`E{uyonwn=U^wJdREkpfUBRWX(CId|{vgri zwK7K((H!n0n&mE5dkd2fm`O&)RO2>uJDeu`env1 z5J?=Q0^NU|YZ*DK662v?;%KmaMiXTks4KYRrfbhe;KfPEJu8~Cc2_imZE7kB7bYRQ zCz{iPWNb{NanM&er$R{XOqXC|Dmzu@{{U9aR3o3bka@(Adi4|ugOCXW(=|3IkRp&v z98nI?#ClL6<(DJ_$)=e~w-f;Q=N@4XfNI=q6-0r#G%z8Rfso|no}AO+lWJ{0tpE%Q zNAr62H3%R%1GQGW$8`3~X0FFzwQ@zNPZ$XI*Q-BuOpFEO;aQnn`sV zsiald>cnTQ9;GOEGPMJDCRO=QV^K$?GuugVC&{p63dyuuX)76GNK8)bNnya|sy)nV zxK=nld8{4NEoxqY%2^f!s&ypwHK*b0YiPpV-bzz*6M}ig7qWH}b}o36#xNKnwbF@I zOyuX2T&ynIgmZnW;jp822|S-pwN~U_V3%=q4K{0g6ukccR7L<&aDSa;{iVLlBHme< zw?8$F?v3QV?FO@BB=Su%AiK8!LG-M`#h(8FG3(l@TM}MeE^v6D1fEi3!w#Ob>uaVk z?%V;PD+{S^3x$q7&(*o5naO2t)CGvX6^gfhW38sC>S${m%IWjfJ zQ;hYYSS)SYMTSxVOX|f7c(oS-{Kl89w{J$>ja=f^mV(Wa>BGN)hsac;=;`GHr`po#2y$$2qNtBrvAX0e-@v zZd=%y2K6#Za_z-eb$>l0CnKolt?nXqb%n|vq-UCIO01hy0#AQR7%Q3W5NojN3k5u9 zo@%zTJjgiDJYd#s+_>&xe7|FFQ=C;uiwN_{#be#F$WP7)C!Vy&VYB8W(dbRAM%Zj% z@m~{Avd3h^CX=g8jr0{gGIVzo<1yp$NGGqChj^EYJu&}eK+-S_~$9Xi!r)hd2ARhH2 zN$On_O&<8!RBq>*rFU{=`VT>hZ*2lAQ#|K9jx$!4<$~Z05$jnsamid?KhI?)M&%=# z>2)`b<3jV31gIIU;+>bMMSIp`w1OnlLxGGO)bdGk?Ax%Bk4~nk>2euDR5P(&NItcp zrr5@-%8n@|akEd#MClkb?=L*@S}2kx(!BAS#<>zT)>@R1(IvE!#O%{>ov51bC1T76 z(DP9Ihp`&meXsXWjAV5@Rfu%8jB%aEsXWk^MgqFp+c!OawFLLzBm8P!)Zb5(L!on4BTA{ZM6KAirJ8TVHwk5VzEbnpbQTS$;Ey%sDOB@mtw;Ms~1xWEcZRN$0 z&mhxE!nM`TlSZ|Dq2}0jj+LL{OOfYC3H!&AJ*!BhRCUzJlG-yEZaJ=k+eEi(1%H^i z8P4O^=~>22Eeda24X~P9d&h$xDDKr$R#_*w-LQe4g05OHQS1ZvadZRQy+jq8Ck#Hd z%xEu{j22P&QWgkF#z(y*4(nnD+_R&PmwCl$h_;S^`sSN=2cbMMCQC*e-is<6k%=eRV? z23$}DTb;mdDaXB5iJ#5G50;GqmweR+8*}(mC5O#91yp+q7Jw1OfrV}`k)GJe{&lx1iua$$g&S^H8e-3L zw8~Y6!7*rcTsZGmpmgKo+7(tU*I-3NNNYTN#$0x2TYIYn}moa5BHL}J5 zBpj3PO!I^=mSRH=)z5y2w7Rn{;_i7%95&VG(y3b~n>Jm@=cOi^*l$A2_L982LE|-{ zZKgu@yCje<-bwChMpjx7-I<UsF>(7UP!0<`tBjzbCe9J6}SUmZPffY#Perr|~lU&UclUA+ylb<@Q?x zxCT9qVai2{;#7Qpd%aAOZ*@fgQ*j2YHh3Lh0AuS*7DE6>T2Eo_i|Mmz0CSFN^|Y-W zgF@-PGIB6+gX=_7WiGZUZ*}3*jPu1N;v@{Fm8{9LG~;6NeB@@UI4t?=Ph#JZGCv+# zpUh^M>S1lU3Td<=I9Q4DSp7k%=9x(yII6Ib7gBOQUuv&31zRz;N3p6}Yz$~JNW*t( zmN>y|G3Jv^uuA)nn#{VA0T}Pnpn~5ehDjryOhkaEZIHPO#`T00?Be5rRZE@jhn z{i~$F$clbq&5&!HxYMQ9@0uB|Uv4r0Kc_U*Z26_Rik7!!OT7X;Il^!G$T%;L%N5Su zMDa(TJRFmh1o2t*(6ugNZ8qvSP?mQ;?zSsh-$vEtM!bLoh4~qLl0Jg8l62zS^fYkS zQk|xWe}8__2q$n38bngTPrs#gkoY>|N4vDV)FO%OT#fF-0e+wy)$%1~`j@N`>=p*l z*~V-(c^LV2bgMPO(@#@Fn%BG?WvtATDlBtu%dyTI@T>ZFhV-o}e?H35BA0H`%ig#4 z%|n%LDBe06)tRs4=`y0kBr;(+1C00PvZk*zpK(t1(7=n~^@Cb$mga1*&&qHY{A+(n z(5y6Tb&ApvxC|K^mv6+@)hpdN#aN}K>}k>x2P{DP*DyD2$e!vX{xE)qtIw<2TSjD_ zK&m~(Z5lI{#tytwv7S6*qPBM3DaW|QW8V1c&`44_dUs#{09|xL4C4LsDwSm|B4=Ir zvKP1A=a)wx-oYP%HRn35%FA@p#&9$1%~eOrv_w-@W$ib`Hx_Cm+|nM%1MlTk5mZc^_WIe|fofnAiZEhKXE)PuAxi*PZjZHtrYjb!L zR`Y((kGm1a=gnQz_02BwDJ|@+?I1uh8PgII?885;KVep`u};gevgd;L2tT(hZ8T+` z7B49VHjK%ZUvr+d=dF9?UitXm0~P@P0EKcm@+WXtyJUBIrPbmXnc1TUAxYp>uM1Ca zZ>kCIB#nHmGKU%D9@Hgedls99t8-_^o*@3*ytlXr5mj(7bCF!Nl#%}cXhJ30VP?bU z)A6M3bdf7(b8o|UNuzkJ;dy`2rphaJ_BGmT-WRsjR7e6w-}BW*Gxe^k=%104rDZo_{O&X0dXVeiUual6Pm7`2Gmt z)S`|Xq_{;)WqW&dt}&Eu&QD6hv)HIRtCK;sBN;t=)RL2sI^wY`w_*p)A>#t3mT%l1 zPATk#)W_UB!^kx7ir+9bC2S1K82QdBjF*NY+ejevt4iV>4d0r52&-czBKXN3^&m|i z*-q`e;-(A0A+e8ITLB!1!0$MxZYLadrWPC;MM4Su4KS$(b8sn%4qBFK>e(j83R#az!@8RLP-cP{uz>yM?@6w#sPCzf z2AMit6u5G#4o(dv;fP#$R@ryy*ENo^c1D*rw7m^sQ!T*BBRN0*x_+mq+1T)eGm*gt zhpC%wy$)tu^|`-Uq{_vNkb9b;sp`(f;(?CF>?;>58giLSX)DBEk~@K(DkMY=l78%~|W@_f=t#j)2Ww00RlVdn<~^XuA+i41MA8zlO1S-l5sO!pkH&oy^K zd7`>>hy#(99@S8Libqp#y_H$Bl6%#iqYOJ5=rJ?yFVf!K)SsDn>s-NUudWG^u$3}p zMAEi|TAl02BZ}3wKq4~9_lT_09GHOZUF3D>DUb#?F3;B$eMQi1!5(NU$vjfHNaF|& zU5BqCfFh1D90wfXy477^C)m8g26qfrZ*t?g%eZC@kA5l$!AP6dvTo(B#dkOz#X~RM zBxL50TEasSl=Z-_iqN#SK2}P`o%7bUi?TC%k?rJ@-`BMzv|*%TGmezEBwM?Un;;n^ z9-^hUQt_8K`Fk2|57et9dx>v;v@)nbM_SG3LK?B>kO69)WMn^gj+7^HjJT94jAuEg zrlQb=b_9j!4O~a5O8Zi4la1R~(=`>cg&?sfHCO0YL6;ckYMj-pDV8{P{{Rm~S8%f+xdTrZ6mCB6dfx*p4q#O_{JL)#9%i4Yg(gw!NK_C#ENhL|<1vE-5NYe~G-RrzD5t zte%B$u~KWxi4>$3@@*a40<+?V=I-aq+Nad@#SJduYi?Y+vo_If5|YQRI2DxWu#Lq? zf7YR~w{$FRp0WmZ?0Gdb=<-AvF~#FjUda8Dwf4xTNIudXOd4TNeXedHFm<(2HMeO`t<2e z-4UOfH%^@dcEy!3CNrAng{upqtl(#yvCUT7j@L&0q^W6TB$7Ivqmm7B8iT#%+_zY4 z6UVToo{g0R+ABn}FfIrRJ!`np9LuH0o};}&wTYhNE^UvR%$-kqse6})frlMw&tl@W zG9wd=nFbYkB=@ZaK4b;T;Es#Zx#ec`Eev)K8i2Sx>bof33pe}*mct+?{w5KS-ze-& zY>*rQx379np(KQum62E~k=Hc}4crGMv&AuzOS(20Jv-C0zAeSSI#<%+)P@F+&CG;j zHE?atMo9Ib7_6vy1RA9(lP?)RN&r!pIc)wl8#1f#c^>qKyQ|&5xj? z$O&Sa89JVO)S_f!MnyX`A*A834Kh_Mgl8t5#5&Hx?ZT^#ipPLYTIe9tEv<)|>KW8^ zJ*%cGv6Q6kWJcPuyO?ZO&0s!fA9ZS)TRq*@`3ZB}{{RU33fA1BS}T`bV6bJ_z%zF0 zO-kNu=orL!>`p0K`mrZ%NJAK1Sa5w0_|)>>!iWr#4d2}cp2BM7Ta9SP8S+3G=uKlp zWtQQYxM%85dd5uFE0k=7l3l35@z@Hhdv7CvNB}ou)}k@i;U}RWu($ggGqz4XnXI(a z&za^Z+Mx8RzK-NO-$K>OIz|~A4tV0LByJFyq$k)`3S6d*UEHtsuPl(KimNr#xxgbC zqTN_|0k$)oynu1uqJehHu(m+-q}q_Kn=dRLYvmZ{&}OM?*78MRYVRRsc5Dw%)|K=w z7HsMD?I1z>@Wq#L7(7-L&?Ke_=~-U(BStlvJ%e)`(2^7zlb=k`wcH-M^2p<;h{ z1w#xhh+OlEiE0g5=pmhkNF6^ay=gND)v}1JahB*Rk}4NOgl0Bk30&}fY67a~<>38l zY}*LfxoSRrkIIq9H6w*12st0ETZP9jA^?pWhG0iM>b9XV-I1DZHX*GF*77-&7H&O_ zNG=Gx!vaNK`W4jDj0awoFOnE;C|C}{mZEF8g3rtu17P>5tgHjG4DzS1t!o&F(UQy< zih;-#O5Vv`jyPrOT3W!FrEPB?D}dEz>ql8E{L~{pl`;g&8a{~}&m2=>Nh6cmyF0H1 zM+_=FrQYW|v)YBAOP=Xe1ymzB;TN=ksNuwtNKBBW`(%+m$b3>-slkP|TnKCZ(8QbgWQwtk| z31o$x7pViKVak)#)0X9P8hKsb0Zw zWrk9%>P~6i?#OBpH*Pe2Z&I;qO05;(C2COsjD7ue&xm7o{HxzD4+&QD#W>9PtvH( zsqOozk8}S3>#gb1=hVWbURPvh&#KS3;y?lP{{Z#XX1|fX^o&o`{{W485TyvM5yvUH zZpfPL{{X&!I;VD`@*^CFK7`hmT?yF2J{_^&x<+iD_OV#{tXgHG1&%xs*Cg}!)-s%) zhRSl2u}aR_^&5{a&OM3Tw<4$2d^GlvsS;!#yvWxFFU)j3BW7*}0QXgb6K#C3z^Oa+1ts`B>)^$eb*T)Qt03Us0O6sYB%4+T;!g4bK&=2a4|n zg2f{osK8*ve_H5_`ZE^=D65$_chcTrjE$V+5=~ZZR{A#q=a-H?`TqbKsLoNnk)n=- z6VCI#_IH2xn>Aj30B)f1T$7hPwKQ55)iD?i(-hD?RyjOYV=Y=KODPG+-P4+ZoVB?C zn$&AFvV5KN_ua%Wn~E1@y%dR~kn>CAHS8 zIS}MWo};~M#iiJ3&@8triO^>UsjhiDDNFe2ZPnjCoe4J$EMdc;H;BcRi{#(}&s3%fHGxA6n*m6>*nLkd;^;dXdg5 zw1{E_$l5&#sbfp2PFWbQ)~soIe3!REG+o}l)Z(r+x#`*uhSg(IBEtYMNC)-rS^hQB zS5MQ-i5mu#@<`xTi8jf;r@tL|C%eGM%UTx8o$r81rqzI&K&&?}IH-38IU=N6mF`&>5$oQn z!X)z*0~X_q8h7p?*9=h)%2>A*Ev2?1A;tkcX{~^KamgF(`H0V2(H3EWaNEv5Dx}G< z^qyN{A{;w$ihQ$4Ay^wIzs2uXnkK}MMJJeJ2zf)zVze&PgU(m2K}l*>xK=YcKz8=4 zIvvQg)dS3aMi}c?9>S74ByjPoDeu;yxx7eKgE!4vUqcnC&D=9w&cJ7$*{N-98VBWb zn$5eGXrU6y6ev|tdivDv`)$TZ=dCrMGAEQ5Md~ryn;hg!z~ecozN59!N_^SIe}~eR zG9;CxJZ<9@cN10EWu{d(3d>T7EZ zE}?LFr$uTU2HXmLX+5qdpp*Gg9kJu5QCI9I-)tfS+?sG#GM0tAxWqPrnBbn&np;M| zhX8J?YfS>y)T4ZV)0=NQcokw6*#=wqha)uZ56p^bwxLxVdsAaak}R?7(xO5`QbPeF z8E)C7+|obIkUgqG%VKZ?DFA|M8DZXpFeLj@*rlPAZJf#7fb^*tnA1Ce1A*&WC)_NW zEB&e23Z90hg;+3ddF`53=rv8KkYI|Z zEwoXCjt|z8(FMxiW(~oU9^}#+M8W;_bjc#Wx@9dXLGEi*(Cm?+4vvc+ z>7|vsFyCmBK1utd(zn~oXgtV=%-sfa ziY;Pqcd0@oOKDCHSe&wo($nqa59Z@&bC4U8RJC^{nsaj-4{GP9jfBH!&QB!Ov^2CS z>UZbK5g{8_(ywXyYmF((sNE>Z$f&owsa{5WXd(mYbN4smDGE8_p&GmFVFXxCo0#UY04;@@&hTQIYE)3K65I+N0_Ni=Y&B=UL==BoE4 z>g;0P&hvb`!l~>!(-Tj5VHpGu?;6fev8~ili*E`in>3q%;0mcU$nynKRek!@Np%wU ziR~8O=VCr_(=_?Hg^!d<{{VQ7D?9feD{RKOc?jDKWc!YlT(p1%VnFXzEf6)R(Bf9| zz9*k zN03ctXQDIQQKmGO-g5&U@4LIbXN1`%4H1)-##)8MXXQJ6b5`WKLd%1}9O9*k>PFH6 zt%|vBciC*g3=VsWrJ^o9%`0+?ZbY1q?&hEo?w4@s=}J1gg|1t;k8D0a?PffTedH(?SBk^9jZgD5w|X{*pkGBa+on^T#@KJn zbp0rGIo+wD%|;7Djqz@)r(D8g(%@tS~CeZkv24E2Q*csZ4pwBE3rZdmv+}6XZVhIsTDvc zjDhJ~(m?bqLiXWC=)fTLCbT}mXFb1~lH{M@&os4Sxf#>rjYe`0p{sD;Nu@GNZn2zo z$f7?Mp}vLF_Ky*(&UEiQE(0`7H!t8$O>OA94viFvA-20lPFv55IQ*-=DeVTI<~T-M zExzNqzVSYdq-o>Jo;Ue$v8!|V=CSNGKMZQOR@S2087^*fxGImm_01m2q*dOGTFPGT z#)apCbl)m(v$?nP203Ct_T<-=YaSZZ^!v#Y(mR)pNjrcbeMf4ZbvJ$sn&Pb)%o&K}lZ@7oaatn@L#r*@_@>t8K^btb?nn64w|evt zM$D`U9{&LSde@&q99lWG@qB{l;~R6_)$jOB?Uj0NIPKW}buL{IUd+k9@hrEBRdTuL zMJAnLHlpHL_cAX-S##Z*#yqO$LFYrIW#b6EbjK#6WWU$S0@2#WMpdLZ3@WaYyA)%8 zen#(yd^KrfI~&`ZW+#jm=jo0szP6U!gB7*_kBy;mis!1OEmF|wr!^vafv;^6Pc80Y zSwFg5XY#Bg2~XiyG;J-(B$XnJ$s>h8GFY4nz}5U?rs=kgBr_$&@!6!H32 zzlStKt~`hc+ZW!;?IZeDsWd-zYT2o*Y17zT!xo(crUIk)g-ZZ`-W*p!b8Vn%UK>cD zSX)v>23BsQ_v`&BG}W5lsVSus%kLwGD~4NkVw<=G=N{Rpq=lOWM;-aBr}1iNwM3D# zGPZcdGB21mPBZUNGe|~O&@N9Rvzbbdm)4^9EtS00k5I-B%qr_og!y@^Xogo=)V>%T zQ;Cn9FXKs}p{>aWx3x88`HG%#-l;7Blgw2k8O={@>A15tJ+nwfw0*#~c&g7K4rs6v zZ&IKiy;b)d{V9QBHo(p*dq6(b8)H8>;YG!d`;S zUhT> zck@h-Qdp}2u<;6cbEVaL+6Nk86A z`V%PgHr~fEtJzxESwj*deWAbB9yzQF+oTrDZxJ94pq};4+j@y=X9mFy&PTm0o1__X zaarB5>}Y73NYu3m;gJ6Ax}4XnXg(j&^tSmIdwP@2Zj-f<4t6^WIHE|;mxGg<=Kdm0 z0(esKSrO&ifyPSIq}@vzXrQco?H2%_K}2KkIqO-}_?coXfrA1@N9jor{o!F*Y&EGO zzWcC180dJbmtjc^4lprB!nvJm8pm@akBk#qsHL3k;ajygxD0UdhU4WO>58&UjD0#$ z<}wWVv4tRK)KnJn{hH=RxB2CPa zz0sC~62%~p9OMzrOE%D;Mh52SeX2(H1psZ@Xt+|=DRp zO=EpaGz)(WT@M7*xe+rjTG@uaOC<_D=|>WGl4?fPgSU;1cY)(HM6DL5QAtXO0GU5inrtMI48~K#4W_1sc8hO0$E`wF z4TUbxCgb0*r^KLw0Ob18v$%97$CH3h-tAJzh2q`!SJd~XZlh1RR$ZbJtAc%fYc#Ir z0zvfVoq{?Ik_CmA1RU~xt3^y^JVwfLIHSx>m1W-$>ON|U;joHV1e#a5X=+pwp46)R zl0l-tXxd7^aniKyFEGqIFzK4rY)4YQpLT68NWmeSis}||=7L566{Y%%ay#8e$dBYI zPo`@TwF%{N?AZSRKU#@TL2N2JPQWzfN2oZf1`HgD*_3ifW6esHx&l{0_PbsFSfXpyX%Qu&~fz#Iy{!s6UIbs&`t1Xxk!Za5&+(G|^YTLZQ?ol0mg&LEMqeSC|>@G90lz+KcunG=yjs z2ph7)oSK~(u24tM9+fE)*}tdhj}or~X&mJ9O_2?y)2?!j)1H;0LerrIy7{*Z<<}mh z@m&S81&vTJJaB4|or_!^wVkQY6_u;70K4!7Q&-Rv)aN17-s4e@IZiY4usy4&W|9a< z`B@Zk+NHadqh}MU+&PuVd@gzlt)^;ISx>$!wt2zkr8_-#E=uQNW#SuqgaUKrzr8kB z^B9CY6W7+FrifJ4j4S&D4qjIr`qn(ssvW39FSTUknZTYv{jkU*WV6nfB`Lb+i%V5m6trrg`PJC*T@SFmVRGb#;-B+>~V zf^r9?I{=Esq~KMC+aiT*W`+X<#tg5PaCjV3jEqRfAB7g`7O=^84tO7jHC9_znlg9o z{3yM(8ZjiflTT+rz}6JAdD1g6B$L#NeQtr4tWlaxiJohsw^0@WJkhy6Wy6+C9DWq3 z@~GRv6ay^m2WTWSp60Jb<;Faqa^3M)6E-?qmJQ@axX<2iN|x1P11*e>Ij!$v9)eAK zVjKR|6YPY4;k6OD5}ompy7?n|CX9ViR`kz~u2# zHT;Q=;+hhQxl&8vF74fW3Qgh&#&Nm1#U~pg+R&ER8QbK+an33a5Y4{Q);wctHA~$h zpslH^cn~>d-cEliYMACttW{5`H4;q8Xj!*1JWCsr(5FBSDx|25Aqb=)JZG90kxZ#9 zZ5t3U!`hgx3BedN?Qq<>mf;XPu;-jq@V;LJhF?KWI_gnnm4faa_^E7<3>=*HCaD74 zz9e;pmx84ArdiG9>hR+uajhw>S!Tb8E;q#tFZW#X)ybsq4D71d2Aq+UM=^CdW+a}3 zRI!$Ehg^f}Q)}v3e@(PQc?yIBE;;nCL4Oa-fHF-RjC+dcPhm}zXR(?OzPJP4vmlL{ z?o2NSy;ZJ4SJ<}DFgd}^R=c*$K#+1hC~6-@{r3v}uvxKuK+PjDY z@~Gu?ETy6}bu6rmIs8Ye+(>_ZP#%E}&_7zup3_v+Wx$GAob>8zqm^6TRzyM)sO&n| z!Pk4&`${7U$k-0utFpK7Z-*`7Rl0&3iAceD9F5)nYky=E~N8&PkP_i-g1|}3@%R= z(t;PEAawle3s&$hsiw!oX(;RFM%ey!m7viwcHHFTw4O3@t$=yrmL_x{DPY5%wVS0V zyVy+~zlXG;u3P!3hB2@2c*zIoXt~pEAW3&JyQ5=I=|hgTL`k^lVMs-_+kKSD zZz2qjEw%&rSD<)1#vydSvtQd>%Oq@bJWIVu?Vn2Rh8m>dX07LM_y-CYvsj$)GEX#W7~)XBzOKHzan-br5P0j!eY-&nu}q!Tr|xj^Iw1bTtioLj^_Y>g)#X(be0(X`vw)FZl< z-f1HXxl1SjAE7+f?Y^k?vOIUTGesjY+p`1_>(+@uO7Z4b`TqcsEjn*ha~>n{biQGV z#La4Oer9Y2`e4^9V=l2h;JAu8r*d<-h}wS>)~P>d8!x<-uI87BHT_;24(Aq+QrnDEbj!7ZB-cS zpTf12U95=RG<3S|wDH=RQKO4`aT_Bme>{G*!ll|l1F_4`Av>5i7(UskwUyUVTGvdL zEfig85?}qHGKW52f30LQ1(0VXdJ4*Vml<4^3^K7%-@Qh1UkW<Ax_+yX}n^sIjxYQNdqR^ESk!NKiYr|l+)sbw1@ z%7FgUGTq!{MApP2nC3RMP1Zgvyb*0Y*G zpKPoHg1tbYt;%h(y~E%TeR!ypq2Pm)+)`H%*+&=+pRHEQ$0E4ury~?W``Uxp>TRyR z(-dcB3F=K*l4OB%BlBH1=wea1xM`62YIr?qpg4#U*<;5&sTX3(uGHJqiX~=fPw>)v z2^bT^!H;~@kVHz1j{PeRrmtgQCdikuG}*QZkS{#)YoTmrK0Y@NywyEYL-uF)QZY)y ziOD`0v(y2Kj3_f;)-Q7JVp;JQ$sYjqH9=6BNcHJdqUEqy+SBxDNm*__RnH5aYokS2 zBin!gtMW5BOX(JC;sa+Nl}$6Hy`J8zMGtarI@Bf3ohlBi{OY!zxNn;TgXvD&k8*qX zSIt7W`MXpwL*~0GDQ$<7QjnjKG~h!ddBWz961%1t3ZAsXa+%ajlP?41InS*&^HX`7 zYFH9)%C`9|GQyxbl;M?C$dyZj$28 zwUvvDmD2@+*tRlWbRikgJH7VNag+d3ah9pMCywwk~)Po z3E7FeD;4f_3#m{>I8Z*7O)ciQme*|L(-?_$?9zM)Ygwofi@PqL}uqC z^*)uaZ?z-aki>qps%n;mCw66PC|x)e%@rH4+#1b23+i37jb?G2ZCc;ADHi|_%9gJ{ z+_{mn4Et$^cap@m;yMvd;bJ(hUM%^CIqg!UYV;;K}i}`afsX$=C&hOWXS*;7_Ds)I^__P$@QcHM&vLQEyVUU;)F*BoXiG0 z8h~B{x#I^XrCVleQiav++&D;W$zplQs}}Rkvoo?GJ%P!pbBb3^>}oy8E@XbZ{uLZI zfk;$ft=zp$`L!*ikn78-k|Udf#Qy*a@l-_6TViX5k(l-;IID89)2SrOtqa`7p|R5@ zmK|OVJhB*pZ}x{2xor7F^%1qXuOpC0oG9qLW~oW2YCmV&9&zY$ar)JymW)+i&C9Z~K*P(${L7!4;)w=1%*L;!>H~YD)pqjmk zS~EWCS5j0)bK4bGIVX}pgZQ|uESXm2z0HXGs^Wk_b7cB^S+my#I= zm|NxdxfICdisnp4i_Ju0)~1(odXe8o$iN^E z$6-{&7#qrT>MFeq^xU%(q>!D%0CuS%Sh}uqJ5yI$6?-!CuzP*o#XbZoszAYST4|2j zlg&6)5va}&G+M^e>UNBrfgsIoOLDh5FA&=cSkzpv1QIx|Aymv*Da#K2qLc2)MTqnF z7-JPWqbVG5LPJKzk{NH{WnM#!SFl-qzThgXc|MpQ*0$xkO^RtUd)*rP=nG|zFw%9- zI2B^c!ZJg19I}{pgxbRyB-MMdT7)5frn2~U(6;FjTO9`4WygiI>xkVM2;4EpZ^EI} z?2Gnj<;6=qoc3zoby)GZ$mk|Sjx9cl?+vyH1(>_ zwTS~PPjYIbxsfC)Avx-4@-dM0IIUwA_7P^@&f@3ycCfsRdk$*Nr-HRRd$Bahx&}FP z4mSbnD_JPh(r(P?g*$5_wzJT*%XL?Z+&StRLQm<^v|A{ci2=tzI2FM;%5UCgyDbX0 zb|&>vWpJSzaM~#ig}j5yX5Eh2=BZWXR*Exp?)79V;r%&oJo5`k*lsPwU9S?a8)}Z?w`ZEUnfUZDPPsrHTU0^*!p+szV+W1VtSOYUG^d zH+FPNP5aVkCE`6Z!`k(`Pchp(IsN1u<45Jj8j?|NpicK z*Zd;>T-oDpd-Ga<@QYbAJfK(g_5En%>|3a3H-%Ad5EUdbIp_IQR~{Tl2@F*a_pzFZ z!3VS{+gQLREXQ`<#C5K>!`IqU&JyBJFK-|*$KmfvDXkJ4ZJqv|szY%rN2gg$BtUP2B~ zrt2lyhv%LEg@iCN@UQc*{{RZnO+|ac_I%R0i{d>GOwn}4nJ&uAoTvl_C*Hh@{_bnr zqVqYCiN@k-UCCa+tmMl&hllR0EY{)UEgJxLuOMgF(y;uZ;He-JSVKuEd7HIndxUE* zjQkx1rM0+3iU6iYAPwMl1LTO~{h`>_?#Hpg#_;H7zCYV)CNMEfh>hY!6%t#x_dw1h01b9JQ-9nPI3}>XAB^ zLFASPsOy9N70oP)$8lhB(9*3AQ6%EpVyyTiE_w8$b1B{xi51IZL|?R>u2GK07#+oD z-AN-k+J}xaQ5fsEP1vpbz;aNN^%VaAIrj3WK7*RO32H^;O2oT@2cf4d;GqDHDYbo2 zU!d!9uKxfrsSJvlA9|LcHbAl4tsYXFkeDcdB9xMS+Q>v+>~k36(SQheGjhZL`**=bS9 zEKbr&2$46Q59eI8jpoa;Fm|(H0qs(`r2XPs)wFt5^_`E0JU1MWzwg>GKnJ<&Rdg1J zX>T>~Q6sVY-EsKVs_qvuZ(Eid#1RxQ!IojbQNg8#-ZJSdvNK8dh&+K-lSo@`Yd*DY zWo}%BQlqKB&3P8PskPnw^OpPUc&w%Frd2hq&UQv2^NzhL#?8nW=i0et-031j+q=xj z2c+sYOuVF+J%d1)FyfN5H7$9%AlX{M-y05Dt$JBB<@& zq(_mq!1<0UIV|4Q*nnJpDy?)R z%=zVQ+1gZl)oCQo-z@SEO3lX1uOm}Txpi`rGa?`2&IW5jSWIueW@%HmHPEy~SbQ=g zFxU<%%P3{{&S> zmPq(w2Ws1)2y86dHu|2mS5w+8v?w0$FQc=h({yCOipXV>vXzAMXxNHJ+)Iwk&kF^3>(ClTfqvVZf)&VFWCy zIax-y}1GzMEu7tSQw`~-2ljX2) zQ=Hb6Hj1(aVm7a1S}5CcjZ~2e;cB#6a*KwM$!yk~p|Pfl5pXHl?OH7e7uJ|rQ#s@7 zOgAaqYEeWmr*l?Rw>LMAL~DWi)=id>`+YROGMtgtrk;CyI2l>hh#zrysoZGhr@pwE z&e<9?>;c6x6?q&D+0S#$Oy5Cmp?t>$ykN-c&EBd#*+9Y^1#aeqyOQ-QBz|G@3-k4@ zNRYt~nt-yNywP#q@2X`Hn$3j zKb;QOQ7g!?qiy>!+QK#N0p_Ve8eZ!s<}Rz;l56seyiHLuGFj zyehj!^VE}9yuGZX@k^+SFM%HH41q~*46*VG=9}0C%WR;Q8P8!%OLsxIugWN1WfL8N zcu~y}#UAb1B>HFiQ&%SBj*E{%_OjwUEA;nZ(5s$h?+JS+74-l zr_4DNF{2v(+{)#E;+tuv?#f1ko zXqTy{v1tXhkvKwpZftu9JK^#LkvWjQ$H)jv3Se4Mpq6{dr2qVy0kxASIv zmRzd$#Z;H~_RfS9*m*tiPiJ&3%J%tqnU%ATyHqbQ4kX;i>r|U^2eE%nMS?FgXa&7$ zJG*!uaD2rs-Lq92-sH*XT(-1Ja0!u2XRbfSr@Owhir>qPu-L_0_nw5L>~hZQ9Q()3 z&T&&6N?Du?Z2))aQzn^Qx7C^QZY)cFl(3KwE0OP5rur6NiW{l0(WYbdHDAjx&R$Xm zJu0lNrs2MfTdhH+k7rR;ZDnhFxaUEZLy?->*~&J!+vs$W-~Fx9R^m+Zql%^C`>AfD zwP{aG;+j~$t|`)Q;-QAE152v_&LXOSu|$vxb5+l$rYs(v3W(5#*8{+ z+sR92<3gaf(9JqBnV zaTz%vdKwUUB1p(yWgriFp3?Bguh^LWR5Gfu_RV$Sz3FOePgx{-Z^hSw3oSZ0VqNYz zaeVX0Y$PK?IWj0Ha$49k*cDSF@K^a>`fO$GE(f;khRsgMmzr8Dwp$q?6jN zG3Y{F5xu5(PWJ4Fx&Hu1kNvU9{4-r$pN6#SJQER_$MHyW`gEmIx`O40-gZJfn)Nl6 zRTL^HP&xoHOI%x&WnSJ-rd_0u9{VXy9mo8$KDDR_Wehn7ky_3xl}Qs9eHb!^Ql~gR zhZKm4g90#Tb>M0Cs@7R2@19sdpDm0XXwr~->dpFXlB-faUsHqvjc6jCtc9 z7$MWxaTq!Ov_P~!*N2A=wkQ8`P;GEMu# z$?n~1h2{VPJg@sX&2moZnszG3=g11jxZ|i53G-3%3H<6Fg&GlRE|6>pq>+MZyAbM0 z193UcDM>L}!{8B>$p<6Q;<>ZP^{!V} z@haUm=tC*@KmB^fq>Uj4^(sTJP4;GqV_k=?MoxWmSM)tv(#BIX_S@gn)P8xcR^LW+ z$K5?5!{QE-ZPqJjHn&}y_!Tat;%^U1i6)@}-AbIO$RqIPsX@i_C#j;TC_AF$J~q-G z!_I-61Q_zj8UA%WzOAcjDg~{I+in>W&(M!x4r-Mual5N8yRYCOCugf@s=PJ;C#2ZhGew=D8B?&NZsK9eu4_%AQD>#ABlFKjT=Q zV;Ko2tzkJXg~eFX(xiCqRiknUInHa?d?VsJ?MCD5lBk(ca$BPT>zwmi!70J>bSgLI z(8BnwsM@+iYXpk-37;@2<$VFEye;6Hd+!EBF0BL?mj`&ba2bLgnCFVUr9LRBuw|}Xx8u3hNCbvDrY64D60a|Lg+wM(Sb5v({@Ycf1UePD}bGzKy%dl;b zwa2)Nn_7!?&SDSI@Emn;qs;!Jv7{*cV${USfPAn*9sic4=AH_S3R z=QyaBG-8u5jJcZ`35{8{f+|*J*l-%KWfN)gHrW$68RI?a(^#XS+)hdCX{BMdR5p>J z=3l^?X|?kk_h=zvzYrzZngHL$ThBs~Zp^t3= zBMZW~Vee2}2?OLN2dJdCD&nNb7!BP0YW2C_CkHh)eM05QK@pQx!6AUAB6zX9D^gTmWwOH+=Y$x##lz%$v zQMRvS3JzPE8drj6iJ7NOvV)wSbNbeq&>lCz8KkD3gh^|2fbq?w_E)H`#6s)x;MbmA zmS;HRRu!dt8bfUerBcrr9978hGL3<^^{#iZp+;GZlbDZghNprI@H)`+3l1X$?>vr` zUg(7!j!#MuB3pKO5Uv5h>r*D~4mhgNOnk_N6U$)7IXI+^Smfsvt`@mT;zXH>cO6YF zlDoId_dR;id+skYQWyEQ=cQbdL*xWFr47iDBx|)s?wzV~7ieNLRV8s1u4Y_h{sOX! z<@bYw){9uBu_SIMx{1qRt8goS<&|@vY*$2eMo&g_y3~7Ilo(VQHG${mKyUz4oYqs0 zsMTt8`aIBF*}Oj~Bs9uV z)bf3MQjpOL#u#Uy2aMCDw_GcQ%L9>FJt^!ik-86cN96|X`WQU}~xH0$e{ zW%MKL(+1}Vc{B#cA1Eh`{G@fKY1(t&P9TT_xbohW7P~dQj{8p0;L{-47|R~4depL} z?gu8cPWqV<%?Or1LMsh`~Olq+X;@e)>jdU^u2~0an#j4(D@> zj?`OGqaDab!VX8RNIbNNG32*zO3wP1VlO*sAx3@a&HKo6gUu^l+?!lv41VQo3t0jn zErlaFs#x!o#-7f>>&jPCb1g=_4h{I!$ zc*RQv!wHDoaMbP4MOkg0Yn((0B-dA`Sfn<}glCTROH?l&T2Gzuv(Ng3DzQWGZ*dyU}mYoX>oZb<_Bdo`mwb78drLJVhF|vJt{M$Gp(WW0Zy-1My3?aSxLjFlbgo4=qT*7nmk%d;T+b5E5nBK_F~Q1D9*VC;^D6e$|35J(jAp!F59M3KoXaVac70=cWJ zhSX+p9}$C$`u?>qLrAL<#Wl8_yvS4>a1BE6U23o91dQt1-g+U1zx&+!^BeSzA>#-vv3O=1sf;;t>^R5CMQdQ{2jW>hvErfoM%xPnJ& z>Y*WY?)f$$KF$M1;GR*^o zkLS;NJeY1;j4&IVjM7hZsTskwAVGtltwzoyVybcnaYp)#tuFrnQctY}0)PNX?r19giW8_yp_>YsHA!9AMA~hfNbM!WEOztXJ-t^-Z!R$qC3!VESe@(7^VWx>F3KbxNn|^*xPCdP;$NQzvXJ*f?$Ria?#VeF3C&iI0lDWjDYBY0 z5<8h0BY?Xp#|n5Au^y4J)ZSZ2;E%lDcDgxQU6~s6I#<)Qp`uF597@W*gCN(Rq9W>G zpvs2nR|ec)Fs|9Pwm&esrqFuU7l@}>k`1Kb7VBKHz0E1;Sr!+U1iHdWJm#vHok_^a z6)!|e+%o2Lk?xdWArqG!zG00b;#a@XH+%M#6Y&5w?p&MK< z&-ACl=WYSbQA9GZS0gzm)Y3=_?Qwv^2Ckg>T424`bZz*9#WHJ_c6RqG^S}b`QgMpF z*i^71BCdNRD8|K$c|KCRN&b~~9;3Yra*pHS+T+GHN>H9j&!-jdb={0sRQ*3zY}Ua| zl33wF^17l9tj7YlQf=81+FG+3=fyS3 z*&0fovfr`KQe4_2AVSg}0Vb~7=r@-bWVd`C`)b;t}Nbbibu$4yiiZzT9+_Kk}>;C{Pke@)n)L(0PA8b*OJy=vmlipeu=g}6%a5L7F zkOoP>tW5}{NbaI|q+Rj12R-Vho|iW7Bod+fI-lJ!Y>+(-YZkd&WX06bto=h-veSkp znOa_gC1JbrrB0lx%a$lol8I{8admF9Ele+_y@ddd1Q*m?`di0bI2sc559Gt)%D-WZuW*BdDipz8Ng!+YFxhtv#LME_9iUbStFJ zW8`%Ll{E3Q=Q~fmb551DFPSlo1-x7a+-fFtOb~u*$Cb8Ltb1L~V=BAI^;%1PPFr(= z(rx!+TgLI+T!@-oY260Lbz$7KMs@qmn+%yAwX3R6A)hVGvoS8@lTWv{lHj)7Wkzs) zE1q+{tkGE##c}pm;WoEJoAYYjFMdFJMCiW+?j#y>d%F6zSt!>(A(p<>C zeab}}sUxX5spc9<^*YTT!--`JPBoi1FaH26nmxpQern0_Ca0-sD3+sBj_wjNrZRp{ zZ04>qi+AOB{=9`bb4zn0O7V^DjIF)Q!MX-H0Q&XfyNxr%(nV&s+Rm@IZ^^WUhW)<$ z{*}_F7pqrq@blOkQQP|dyv}RKULw5=$M!0RnHwLk+xmr!#qE+47 z7|wD|X`?yG>sVQ`%Q4)nM{pl7^sNgo65rTdiR@=+B*s2oX?!Kh33ck}-MBM-FB%flDCrlF*+fnnay-^Dv`W5j*t4Wop?6w6OZw2+)O{v?l;EgET=y&=Uhap56P3k&BR4<|9{UZIZeC`t1720rxF*!fv>UQZ(JmLgZwP_kQZ#NQ$JH7$QAHDTu31_hE) z?S`n7azg?@<1~S6A0Xf!J-Ui~Y6etfgWR0ZF%7(B^6Ry|MJlO=U}IoG>q)+aqUy=G z<97$KH5!kYf^upEPJ<7x7Mo~3buQW)lWnxsLO1$fYpiAnN$v^rA&7T7gZcGhUG_Ul4mNU z5C(fzt5Y*M&z~~I!N*c5;w8&~I8n|kHd#etG0W!U`vF?^mny^WaC-AvLPSYi&c0da zTZWBB#^WS*u3rldEVT^E@ zVbZITU0WuhjRAnPN;e)3YIx9v0lRwCG%;k9`HDjE(xf1jEhkS(w6qaa27=@_7(J+DGKY4Iy*ml(AA%xD$5{&bXE4b0L_-w7gMFo#jQ*B2tBT2|BliRgZ@0!sf2De@Y zL8@109DKOX>Nd*=a838!%~wOWPRg&O_Am^IeOLR}T0*`Jg zlDL~4_+%B#nSQOUrKUY>XUgFMpC@+g@lF}r$A0vHW5|)P&N=RD zr|?o~^6Ih;P(~o~$qgX@X02aab|Ov3V{^opdL@h=U7X1?pSqC_3HnzXePwy4+ojH- z0f{CVQ0E5~tYZ07mW_tVnGk_~8+#EKPAIj|H(ipAh{rjp_+5$HbD*}cf+)^&yVRfQ zP$G@)%Bl!Ig%;|=bQ4G;i3>2@oSrdNuJ44FxEuGZLfPqjW{?>{zt3fl#!H z1!Y}?`%4J$SG7TMT7rg$Yn%{GUj_*ib~&N4bg<~_RF!++v@<>^2fgz@0g#eFQ_PMod2!8$4MEWaa z{*~2Q^?6ivvazJ4Z5fk&;;3Pa{gyJ%>iEa#Yn8s%?ys9N$i!!b2MhUTh(%M|R&vfx zMI`fPY$}pZVOyGKhA!^Ndym}3>cf*&Wd+S3gf8_u>n$G2#YdG0E!~@wSL=>*b9ZM_ zRtjX0$0)>#4N7flgw^*VTT5uq%Nl}x`Kek+=CbR+>=rg zsHL5-2PBigq|&{R?`3vm&*E(=*-4t|aykM0UryD=YhEn8yu2}KuKPNtm(*89I&LqT zNXfT3S!`Xf)qF{>*fe&?5XNxRh6u#|f6}&eZ659^{QW^=m53plMl8qhBDR}_D7dGu z_2g~J)UN*kuf*v93NWAmI|^F!#zQ^KHqo=p;X;h#Jl7Aa{6+E~%hN4)usviM&)^Mo z(WB0}rLl~vYs(WFABq}`cLdzp#Ue1_6>*Q&q?6*5(%Q6XY@$}^o@v6a#Djl z!C@Qo=~z^VQ`c4!X|o{x?h_rViH)}qy!(pA*EUTva?eJL>3?mOQk>$d#}rXY#aqqK zKpLve=uP!zou;2P>?E6Q!zTm)KU!p#?{7LGD;tBs905}$Z3ny5j_OY)Qtc<0=kF27 z6?09yw2CHc+k>7mmq zDhu9!b)V~@$=umXZ7U>*%2eTj9V>goEuhP1b!D$cs_l~n%H%R1L+klhETK3z6}iuL zlSpmfha0D*6!+kRH`t2vUn8J^RKn4i+J^uht#-^P{wYBVD z!!*Cl^c#CSdsRUMO1lssAak^I6+Lsd-sZanAz-5{K>E@P*u&Qz&gKS$vY80RK^#|~ zYc?@i=@PY@H<+hCc-K^CD5ROroSmYBXaTGY6D0`@@>BWR6h2zSNj{3nI6cN$uLAg%qeijXQy00p@Tzj`bDD9zzh= z9VwvPSdI}v-~mz2?HoILvz&CK436BSXJP=vbv3bT5qJv)`ABH3tRSjMbZ*QGV96Jq&=$0zWl%~>L38qU9f zH_et}cmk6e8Es(E;kf6uUNI4m%M;BuG|E!xO*#^4x>!qYan(gF z2j)j}zBt&0Ju4RQ2&{sVOR>q#C!qE*wuR@Zrz1A-DU5=7^642*IbL zVZ(EuT1b|zUY>6{B~UO_b;Uyvk73S9t9w{oh(;P!`qyJ%0>YpSamcDyu*=}op^vp_ zA$RkNkTK~@Rur-*%dj6>%f8jbP37C=o77Ta>Sd+8_p-Cd><6JWW(!pF3c?7$`H85# z#?{G|*=3v{$x+mkTaiSu#uZd?R*^dOCjNA&gmT8L0m6`1*0V;77upP^iDTA>aoo~K zl@KT#EjX_S-h`}3(l((W)fnM77Y`_vL&Fny4&^Xht16|Od0 zr-InaaWF&Z1#`C(-CxK8v2mWBpITaOX%%H~`!woTEFT`DBk-*&WI?o;#?#jWtwL9N z1G+BB5=O+MY{>o-ip6P9+L>mR*f#((6IXX)P}%nwnmADrd$UyqFrgWj%zX4(=bZZ* z#djt%vm646k;fd>R*Z)^ZYu{ah)!1>Xa}3QUp1>6DErO%RceN`E-3~-l;)~O5%Wnr zeQF9UDj_Fv$@Zn1JVXlgJ*ut-Ya^gVMKUI1rREnZ8z|X> zIo$sBC`FIuG+nV+u>(g4CutWfl169lQpC+QbCvF zH1E(%*|73#Lf_xAv#%}7}|=1ZU^UGEBU)@WMmfd&~gAHwQp#% zz-{oSCp`UYE8Scj+ciXLOG^9>!=+{YvJ{!sh~&~zyC}!Ll+AWk8wh*nHJ@{+2=_x7 z;B+FX>!9{4CCQp23piZ#CaF3!ZbRoHv%f-K#4bkqvw&=~o`$8e(Nz=7d}LL~t=eW0 zoCE7XY)tl2!i~6%!`M}LrV;((S-THPcTZwgx|UM@Lb#E*^h(;adugKo08*?7`HON^ zsx9K3Io-66>j$RE$zf{ftpipO(EE)Yd!4Im5L^j6y)t(k@(aeBACl- zZMYR7j#QqUQ>hCi(BWii-(B45H!Rzj_Q0uaVRXj+m5Y+m3M$%`uiqAp<+j`oee0W6 zIr)!zR?si0VPtYTk_As3a=I5pW*&ghfsmPqeXJQ+cB^q*XO=l4orN8CB9`VxbF>V1 z%`s(T)9%q^m|FXWTyjapPY{+&U=!_C%1-(kcG`T>FhLtLw?GATdS8Jx`=T9e86zB) zk<~^&6IPTy)RHx_ioCWbyYO@tQU}zvC}URYu>9;lJ_T5`{{V!0OyCjch%1Y5zUx_}|+R*#Wt6f3wzI6Hxybr>*Ec8uE@wcRMZ9U1ruDC;$YoQ7)=xxE^ z>xlsSRl=b3A2F>fe+bw`%&jD+>$FyKtr+P9Y@m^^Z((U_F>h{(j^K0o(Q$bdxXTj9 z(Qr*+?^KqhN=iGGpI41kx0cu*qzcTF#KR;CqR`w~);xbn$DO~!u z{{UX7Ka4)fytBNeMsQmr`PH<$81qTHTxxipJwXM<&Dz_h-O7RRTlK0@d_=LfxZ07s z;Qi)dQ>)Qzii&*2o1cpIal`wIMtMEhV!3@w$GWDtk8XrSjr=GGKcT9HI7e5jG?nJ{ zdKn44ZiZ{t~t$fy>>TD zOL%W$e>6oZp2SwHz9qYY)JEHt$9AfWt);?HQZZ)KZZ2PRlQ%!@8nbN;u}$|9G0$AJ zH&yfoxmJbaZEp7Yx4jW#v26bUTBGOO*|`zihdJx(RH|E`mbwnQyS%zUB_xkrALmy5 zJ7~vI1&RD=MoGwRa>bs8kg!lONMdGwc@^HQ(aI>d#~@(+XbX;=Y1j#3)8v@$BLm)x zi$=GJn>>Nivy&d@535Ccd2(S`nDxOUx8qfG{W>d1S)8j*rz5}MYnrC7LwNhD#<=kK zzqL!r?ghM3@w5&!K-1r^<{=+xD8=!2l^9bF`d)DoY(Mr)MReje&m>N}>mj^QP2ZvcWl@&5qVrx`*km92lTBPhpJ zCO=>B7MG)FD?D$y;aCQeLPDJTXOGsoO)JBH+FIl`Y{FRB{N_GFkF8W>r6p3<{{Vn# z2|sD*d$qg?ZEX}03?xbsN3azoaW{8z&I{ruiviK)y;HXg2|?37wc@T>UxWD8vzIhf znTD5Wy=AORXB#9^unoymf-~!b(y8I6l(QaK+BHjzeW|}ksiwsv)RT$Dr>gMYFwjtIpmrrP}9w{aY8w!IsIP2EFd)99L z*{j@K4g>N7`10FI2w`{{SPRSB;w);tfvT+f9>g!lb}%LaoY?USp{E=TN(WmF`fE zg+RbRtwl7W3(0D6N%OXr#}9JeX68~d$0ngwlWEQ{Yno2(=C-k1MHI@yW0DWjp}Avj znT!$-8O;))pWDI4Kl{^JJ^H8(#7t{adJD|*m;&RrNO^E(l}!Ybr2 z&!uE)I*}+9a5?S&0PCkpmGx#dCx3Mj+TFW-^PF@BwqUptE*OA)s_Mf_p;DclnCpwE z?V>U{$R3rKVXf)6GEK7)Nu0Pn>lo9Mi)hu(HzK|9U4^OGgu9-H91pEpw%6@0AQEoD z?g15k!Q0GU)pa1a@d7SHV16}`b*)Jt;fc?`{{UXKjWq)aP0Mqd)HQ~JGD{up=~*|r zm}?gs@?CvvDY3;IH0B{WS-Osfqm5TA&D5SNl1%ABT+Oq;II6biF<=~ma%pUUiKHod zibx=gVAYQ=o#5bu(whPAxs;N5rHOu1%`p-?4Xc27?@2xyG0$GqhAKlN!@~|Ly}BnDgOD4X*7Bf*0x9CD>}F?Pw&}nel@%7_ymj1q4{DUIi@7|Kvd6XC z1Fi*Aw~)&0ae2f5j zNLfF;KRRyR#~ICC$Q^>Go|Rq5X-_xm4f6_TE@eb7^*iqRkX-M#u}5q zL8fvSx>G@N<7;_+kEKgzqO{B~ay=-vw<-2D-@^-WgCj8G0|ywY=fWtzc6JBU(@xz3 znLdTFpu0iknFDc*kx)nBGP&P5=g?xBX>=DdL{~l(!V?6oxPN-NtIH`Y< z7$??+B(50MbRU?XD#$P~npyHbV8OkG07JKV$pDkv(xtb9%459cXbs0)BF3fSP*1-# znIW0v$z7w`oL5#Sa(L8$H|C|u-SXvWfbi|KiiMQ!=f8SDAo+TAqp3Nd1USViF%8d3 z03_NN5I@F-B#iCb??r}J9KSt1YB#uw7CXsi&j3@3yCP1?L}A*i(5J#tmy}I-=WciGgBI7_8RT8(N*}LbK?GPf?zoD~Y&+60uW*o}}?u z)04X!*kHE}oX8xC#J_+f#~7`7uElK%87jcz7^{T+rY-w(T`$qYTKo< zLaPHaN_jl+D@eDx89XY`Le9sIxU5U7gDm8povKs3t~(v}ngy1V1|kg3xi}qbj`3dO zBu>k;GdC4-T3niYiw)F}{KzuHy(`_xAujI0k6>#7v@~DLNLOO(^`up2ljiwBp|mbk ziva{rhHT_t#m30? zy$3+ibm#!G@@@}l2@Gp|U<@t*9feIvN>5W{@2V7#0VLoK=Arvlz6ldXap=I*D7UIY za!Yb4FJn1K-5I~$6_<5)6}mG{R6k+5w2En1=v_JlG{lg_VZhs1asKj%I3~#fnT~1lUn;JSh%ZddIgt_wPvzW4wxj`Hh?2xkFPkV zP2=rWHdJjR$$pLIBY%x;8Wf)IUtjnFyIp^;ywM^wiEVyD)>hPy6{^ zX*vY!ioE(|#PJ4`Y5~qM&0zJ_nmZ!1#SA=3IdTKP--9;IZ zflw;35|$@%KT0H?!_kwOFKv}w$=G@m$f>`zr)d$!5!0bwKb0uiJBrBk4-I&cZz5Q4 zW>uIE;$SydMmL41c^o#=GM#hb-gD?1^k{?R7#;oQl}sfJT3vUN$h>k1~Ih zdzz_K<U4WFiz86ht}T`YkOUufa%x!oJE~kG%Qe7U4udB@tzF|{ zy~vxIUxT!$l_v28^Tr$a18vFtIj-MM@GpjLE!InGGSD3S@;PR2$2E*| z3Aga*Y2U}D_*X@FH2Vl+KXe67Sf5kW*9wr_>o?HG_J3zGxGrBgk#o>{el$W3YuZiq z4QElgGu5DiJ6m*y6bTv(1r-bi8D}#p$Ry+)+2i_GGP_No>2!xBq)^;6>%k)w#=T#+ zEF+K?EPW}Y>M|SlX(N~Tiz*!ia(HiAr{E7F<_PDBM023SAMXm<%~Mw<6T5A9JG+aB z?V)*QV5*}$n!{fi=|5+AWtV2o!v{ZztYJybT^A~rc0B(8#hxI(@d7!qjn=?%mOn4& zUVSuT6UzrD)3se&B%>aLB-QV@)>*HLghIwKkC1k+MDRa@thKvmn)VBb(Le#Q^11JW z>srE;=|xnM)6c2V2;1Ih^<6hiwbE>o(#AcJCp?^zeM#?D>ymPFlauNrgx361b)|TU zXV|Z08f;+8(EA$k?PBiU>r=S6fp(;hSPx3+sG_2|dn27{PvQMg={n`5^lgI^uk{Pj`x#$I0)9vPUb)R~sI3}xPG_<)Y>5(j% zRFXsMxDiSq#D!!JgXnRJT+Nj1(P&#CQi-^KymL_fiyRD+dB`-mtWS{Tg|Ua+pm*z2 zBx{Y^v)k~Yv8@Q?f3rH3Ip5ZjN5TNC4(_6%jcPhHMvE_<-MOh$41FmSAbc-1BoY&x zo+{(Gtb1R>y*j{XFkVR-wCqpJdsk~Tz{W&aW74;hl%=l5PHUC-GmX5=$9K#4)p;zK zxZt&Qsji1Ti!oRbK4#h}Z*MKMyGDKBzBuNwl$@U`DOoF=MdymICvAd3gTct@P*|O} z8`%Bsaw@Erh#RpEtQm`#`ukOVGgfrOQYirUq3#P*Yc-4nK!k@;A-3r9tDN)XSX|fTtW1y#~iIQ*J z^NN6MX@h4JkQ&gPvl6_3paWLl{Z{8Z;;*5a+`=s*%I80Or6s?fZh$IEj->Xckluv4 zo^Zat)XOo101mVVLqZ@t&<|R;BaHmT6p_=4(IOce5QO7^Y8I1xskb|G#Vcwu)SoyD zj!CTdL-xXee7LBbY>JB_p4~Dk-LxC+_QNS(Z1kw6$0l7%HQE%hE$f5e9f=}JgN^{}UgG@w4cCI?pHss{c1Jnv}Q=Tb^X;Ts+{{xkrl07t*AIeuOoW8R&Cl7wB^+6ke${nBViLyDhT zUKMjpLIaVKdeY+_l*S^DT5$%33}^s!>rUN)l0_jDH5G>99jtd_u&OtAA7ru-?I7cf zky85>VLii5i1z@1=Zb5`^9F`v$KJx=EoaTH#TWF;i+NMYZ4Vi2K>* zpTfyn?jX6jc{a-^M91*)QOkD>YEl@??f(Eh3C=${o^FV>ro|>JjI(clLDG??C2+t1 zIKZxXzT>;p@ zVn_$gk|~#K6YmQb)}r}J=W!Jq40IA?9^=&1*;2URel=lXtr9jj$O9gks|ju*T$c^> zp}vA6P`-9!IX%G@B+43-+!lj3MiXn(VuUl2NWkP|Q}qFp7>03;-qo7(N?&e3ro6zi zTm%?G4|ATi8q2wgniiq3j2LGCnrT+Xe@XyBAO!CNKGY4)c;I`{u$eZ|-zOB=LNa`W zmi|;LkH}}2p2W5)klFK@Bi>cG$f`t1TyVUO6qm_T46B2laal6OFn(hzp6oGB*CUsg zQpm8Fz;Xe{LIpu?l0^6lHv`udHb|!X9s6n%L!-xU8tn|D=5A}Bo@9lyDBaxFP+g09 z7>#}AO(P)rdkSpMliTC?$4)Aw?8ruVQ=P5Jts64XNU=)@*xgThY2QHe9X^dDtX>z5 zK|KlPsLy23A1$3&lhjt4Tg)!H6UC-Z3yz*c+do@{<>K@k-6$28+76?Rqc zxnAxz`x|-zT-ioxKN{+eisbIKI;|%Ddv)D;lNcCX#PRr6XN)eRx%)AT0A$ro-&9R4 z8$>S%k2@PV_o#f5&Icm7)6(T`PLb^dXPR(U8RCawHDF>%$)y=#lgJ*F^b<(2ZwzxB z9CPi>ZAYLimYd>pk5VLw*V0U& zte43cN~QGw05c%!@maAE+%hA7d9(V`UEEyUTbUx0c1Ibgxt+O=GF?LU-uGPlUL5HsGg3i+;1?zNn+&}kMRiZ%pDjLq8}D*lmU zB$vocKqh;lTqKH0RG3b{_3T z<~H6NdpmRvspbXRTL2STlgk1m(P0@}lZ*rFkVITcu6+UI*D0xMZ8H_MK3e-9{=H13w_}WM^$2fmEh9-2 z=bNb{=bB~5i6@X13ZN5_$NvCcvgYn-$#PBk~Cq^9x5qqb|&YMNcJ_HnR{qw zJczIIih8)nEzUhEdW_SCT(6j^v<|G;#cpZ$EpUjdWi7;GmS`7n{{ZWLb+lsMx6|+% zjn;FS1&IL~tjK@caf<4U zn$p6RTPrnl681ao9l^KNS@3x=Lj)rN?O>a*C#){ zxR{^!vrK|g)8z(ObjhxHRg||XU3|%h#q2XM;42$9@3vZUd$ZL38q1^U+8mjZKew~Dn8)uj z_5<76yB!YNI3b=$V`$cSOqeVP{Wul9SvSo3J6PABo<@kCCSt21l06M`z9aE{wu%ff zDVpJj7$X9*rA5wGmWa-EEWO>&8`ibEtx{ih#tctv{{Z#s8T_)Kc_g1)^rHIQ zHL)eG!bap$N3C9eE#um7G3ip+G*aA<5)7ngzG;5h6ObDR-1n!r?bv%XPC*0=dLFba zkgh;*q|tY439AHuKgt-sd(*B!iZB5DX^!?Yu8A?=ocd7;e5;nH?CxhOdXrb<-gdg>e6Z18!73E^1x%6L#^gryq9^TQ;LJq#QypgI5D8*Fg zeGw3iwPN6PsN|9$yt0$^sETdqIkc9hRQDhj1;^)DdZVS(CM@UQHRvT{gyz4oj9CSP zsX63xR}dsB5OwvXZAxzCJLYL4CO^DAYbQ>FEZg5KtD=aa$ zk$@oQr)m(HdKlYc`t_*|s{+zzcXNtYLnQNj*gU-F9rI8z#HB}SX>=CkyS4$y$*8An zMnD;6?M*QgB5k&3KX~@4<0e%A_MvJ9#i*5eZgMGZt{Id@JDgzE*vyVVp;L}(+Nwtg zV0w(2s{=9TcDT6!0#`MqZEgS@Q{@7456-+3p17-92wVVbL`hQWKRRW%jGe=lBCJPf z#vJU=mO=LvSPg{I$yIqiT-IK(Vl8D^lbnniiE4)vn7F#kyRvXQS4E_#n#ecZJr^ z85173Jo?pDDz_&*lir5G7DMtyHS^oAwE`jqnC(BENwXQI0`wmK^z`RB?@R(k09A5- z6G8?vVI(tt0;He=r@a|Hb4iF{akvU&kWMp8VUa2`6OmIQW9v*Fg6-!dnoXd#X@KQC zWKP50|y;w5P>-4(lkoL7^1+%3KV0tMCcUm zUbI*TA}%ryUwU1m9Vh_cbf!MiFx=*g0wYjiIT>X&D0F7XY|sq~*~c7yH30-+3lhv} z+zG%K!0k@QwJ;P>-i;87v$`S4aHrIot@fw^%eilS>F-YX?8A99=&^2ad|LuTb%KMS8EKin~VjHa(yam zG5f+;eswEi%QKR22LhrQVncMKhp}lwgbEU$8grM%DWNi1zHhozibQESE;yyob`mm< z>|?-T>p_x#?tVR~+qj73#F%LZBhrQ_V>?R&>}lS?Vwq;gJpF1HkTJ#pKBk5;!a)8} zV%!gUgv_XVQd)?TOSs4%IQnLhcSRVe{IQmr~N`&G+3TVSK_$_6D=Bp_W8DW5;Zoh`-5F3pR>AyhlB0CjGAUUbaN1gF&*dwD9y5$*^(LD4R zvKew5k6WFl&Pudr1NKkgku3yDEb65*-&%Cib)kb|R6w<5k^>lwcfJsJWD*p`Di1+#crvkyE&&WbaVID(`3j9 z+VN?IWV2?dgnk{AhY=$x*qDER$R*CA_jasn0)!bsh)1xwg7_-rMa^fwh#8 z$G8=TJ=0gQva(F8;(XoQ8>J29mLL`#t2)vP28YX3l3TVsFd0HVl%AUk3EIPxLW&tw zPRk>^4Y+&(_z_(kI#-6Qe8s+a=gM%QzIAWHtDaBcMRPl7DtK7kcPkj9g66^LSK zZ+tPWX>zQwKxKIqC0Za!GQ1vTCEs&EC3nF|sRM?r0oiJXf7+7ZWAZsA4d2ipHa|(9)VIGtB(4 zV^NeW-3hKaHup9eu!GGhPMHK$fYwzXbe#QZtGUh@$oy&CJw}^w4oL)5sS*|G->zvU z2Iq#ZY%T8gUc`>9+&qIguUE5uI!R)UCbmfAToJXd+D@xFhy;jN7?T+kC8dmVQs$q=bt&j z?fKP3-PvwiO+>qO;?W(>>p3^XdvwKBzwvC7$FwRJ#y5e3{OeaFv>{V4#;rG)8bBl& z&KspQ882>&O2J254lABgzNWUZejOs(>Sx_9$WQ`E>sR!z3R>!JvD@luvb$|mG3WIL zlv;fXPWmKo*?ce6R`>~S76^08fFF;h?AM@J_-{|r?N`k~Dw;{pbe0t)Sl+0%|SM`94S57y&P*4YZ?qH zi~*d}tBt$rbOjWEYP!C5uxxN}bBc8~t+*T)#LY&}`xoqfVl}~R?F=%t=Js++9g@X+ zBQ3beRn7%+Llg?H)64b#VKL!nWhJ zz4v0O*r)vPPw(T zjlA%sm!5i)_}4Ld=`HMxoGUg!^sYH2jzJJXjB?*v$|XI?<&+cx zINZnF;5CQ(9?2=}J~Bidx?p7iboqbAIl$j4Dfm}ZNSk~*JS z6BUY=YN0_LM@pN@I}w+bJ*i&cv?qAkBT`4!qHJRVf!rO!Cg(Oq)`+gmWNc{>c0LCuk=gxvu!rP*z7HZcgl}CCrVMW;puPO)f@B{c5a93(20QpeJ)4v(8ZCFop!UIR=;)mkNOOz^1IZ-JS&r z2ogT52tCKWAo+nf%Qxv&a7?YW%*H-&JJZ$!B-nn5??Pb7?x&6`b_bvxDy_OmW8VB9 zN;VO(VRX4A!N4620i(IOCmec;(IYa;z`>&j2c9Z-h?sy?$?hveg?o*T&2SFP9`$Kr zQOA0ugx$qxwvIT*H0N+4%JNT7tuYH}0>ic221e>?*t%Gq!mkbKM=ij**Xrmq*j6^V zGfQN|4spdy)|MQ1I9US_f$*$by>$8nq2-z#!wLcGS;uk9LvMV1kar%H6pesMIIYne zjZc_U@HrHQ9ZgxbRoocT0%@c!-FW)cCBGW3gpstI6N;*<`{pF%)UuIf0H-nLs6&=E zCyJG#DmrF?73Iz`o@vV4Qyu6S48AgWqhJljC;_Z8ew5w5l|UHgnnfWH$cLyr)@=7; z8-TLso}ARQ-o>p=OCR)@!;VE=7RR`zgf*Zb(>$s!D-tX{swcFKj!sGX&;t1ig9D{P zK;2Y;Hw74`ZwKo_5bXQY9FbH5mmqT4rOBot3#j|Y6cfcDBPhyuFC)^CWmEV5Q|~~> zl>}$jlODLEa00pDoYY=XMlBvbhJd)DL7(1be!VF;`$kFNjwlg6KwnCYoCAZL9`s(o zLpAhpj)jQytjYC9bAZKtfvn{#YEoUwGfvpt$9LDQXH9xR#^GG9ZbdyA42<%Dv>ekG z-gyS*VlnzsPQcjV8!P4JEI{c$P+YT|_h~V4K0}y#8g`r(6U6K6B z5;PlEBDZdJ2<;$>1S(}=is+`VWM=odN>CaWxZA+vJ*pvLCy>`NC{@OCX|;V>N?I8y zbsW=RRqK0r#a=~RjPu1dtUL8%j`N%y4#%m6Q6troDxdCv@+al72qlUyOdVmF?`ov*3^E$2RN z-hV2wJCMJ-1d~gs3m9nAIOO}((aK#2Wh4615lPYIY$TZHrYJV=5}dJY)4Bo|!Hfo| z3I-XSw`^;*N3AEW;EJ)!BRLJo z^{bJhCp-#mY7bIH+79DMCLC^B1V^x#+~Dz5B$6nX40`+1*JLNK#M9@NGd@3b-59XN zR~B<`2(g(mdMK?qQ+6Tw8jGQ%P?;_m6+d)xy#D}Nrx;6V7(#wy(xzTWFLFV0@U|pl zxQz2rKDRQ13XR*3R_7l|l#?4XuAQCBm;V5O)b{rGN`hp!LNU?TC-SR|S5i{3cG|*Q zm3d_)NdEw5H3!&bNejkK0qc&HO)J=)ZKgI*BdUyJ z*YVA1T6|8wi}!I%9UG?MlC^5xLK~YlpB1M_U2Y)rT#u3Qj30XFJTc?X?MMi|Sj51Q zgajYTwRGU(+B9;urR_(=7i)!uRTa7r4u73Rb+}K;Sg4{`VS>?ehr;o~+ z1*NQoBQ3z{P~hk3Pno`ixis`GT-Rns5~s93%fV|#PE@dVY{H7t-lHvCO{ z4Q@NjF)x>NH6_et8FJX>m*{i&*5+0Yd-GYBIt8uN%_}Y# z^{J97F4~~~0EBwbL{LOI@7}O=Uk^MbO}g{xp0$*rrll#}>R?`2&2E2stfr!Z+G~f| z7%Xd*LA_DBS1tblVcanuTA2@hqab~2R^!1p_VyoZbl8Ao?&7qSK2>>WHn~;V&&y>Z zw{Rm3EM^^VPA6O53O`|dhBr9#J*(N957&{Vy-QZ({iouvpkMU zT{#2pfB?-vGQUq1hj(=M2QoV|9=SDAsNRIwia5z$GD-BS_Cg3rl2u6gh6H{*(;@h%Rf@}}05j1}Kdm)FlHOm}+*dRC8bjh`qrlEBL~gw8d4^Bq zDj0q#TS~zWo4#uZ?Vh6(H z5O}VHyQ4LuxpKzGRnlZxqhTVE&elCCH7^j$sFbz}(aOgFp5FayXsFugG?Tg_n^%WR z)7sJ^9^~-vT+(VL4eg(q`kKb1wDl?ruW}{5R9Os&9iO4}svC(U`qw<2(W1S^^*ovj z64+cEb4nYlgY1t*v$Ka;(x8na@_>vII2kpYcc6WOUBW`Fqd67dYa<0KT^z2lbtn49 zc4l5VB-I!uGr|~fNv;~Z+~|w8gyuq>NF%jevw+IoLC>XP+C`QngsH3?AhPZHzPT4tAbTrCWz!Ms{up?@hlTSFug5 zhVzrsk?uUrxE)V%PnD(xue_KYX+({)YYv^oARxRsw`X3X*R4;dPremrs^|>6Jc}aj z#Z;5zP*;LIX$Y@#a3o!wJ?h4jbSKKNTwLU zB!SIDibM^S2XOpJs?O)`t_vQOn=5lF_S`D@gT6~wAv+H{eshM+anwfecM$P5aP!68C0kdQN)NZho91vv+r0g%tKYm*sV?Hj$SP{Bam%{_JzVmQ3V+Z%)CakO== zlFP&UE!5{N^sS=I*q8SHL%_Jt&&^tn(;$#ItxVGw$=jYXY3Uk)mc~s3WD_XbcH`+( z;Q~vHc8qk-dO%!!0y9;MW`C%vTL_z+cc|`A%WUJ?rh63=iM_(lv)--gmuUv1rQ9mG z!O5(nzJ*BZ0|J4UjQY?*xa@0WLL90TaloOo(Rrcj1gfAeJDQMuqZA=FFrRvFM#$=F zgc%>5RX;7s?i!*+BFg>VwIU4id8%6yU4k-jdsNb6XbD3Z0Jdj54ACWlQM#CHR&-@- zVvnr=JIc>A#!Lz~0fHl*xv2yUdILaMo;wzh<7ug1!xLQ(k|4+2QW`ci&kD@Xhkl!)ROapb5>HL6cSIfGY4YObTz)=Q#JM4&KZSFC>d ztt8tBISurt1%;Ui$zVN+sRIMZIj8DPh0PzW7XmjMzFY!3({{Rj+%k^FgvYq#kT)2? z^fauh%ku&F(-I-sEPrtBU+$U(!sF)~54|n+0l||v$miaJGATJD^QCdvuQlzmq2AzD zaMTQvDp~&U1Cm(qKU!Sf#+At~HHSb|qAQN1o+_XAjm+zqmCE{q#ZAgk*HXLOk_eEn z{A#(8Kp`{rJl8ziV=B8epD&q@Y}8^kQI`3QD>jL2upI(qsn4}W^DzZeJo;4ZJ;+Ot z3iWSlVIcq#Zfw-80@g1?RHhJdP|D1QKm3V$&}@YQax)@8w2K>hXjmz*F`aE zTZsk4u|U6ZK4ui{dp}|^A;2S`u7{wO=N7R%5@dog+O_Q@Sr-k3Q`EOw<#K$*EdaPT zS%9~fA8hqB>!&Rjo4c<}994oOw+gXtW6nF&R}y@f-SZxUJk~u;b}ItvGT_wk+&)QM z3R~(scOvsR$k(m z44Zg_?Wz{m5?>w6c7S;A&0H5!C8{;%wwfqXHc+ZRhzyFiV>OHl%+8z+M;SGzD{Deq zzJ^|WYupX_+YNYR@B3;pU5Pg$npiwM?(wS|i$-8vzy-!`E6{o0N zu`&xNOWCkudv!I>q_dsw(J*3jk}>*F(zV{<6@5`Pwd}4MB_uJb=JM{rbQjDLiK^r}&IxSoZ`QFa!Vs!I~95~MXHzmV02 zDn2qWDp;M+k=Hccm`Ptk(!>Z1z><4XN_?Y_;Xag@KEqYEkjo|s_pK=PDHQ-&IUHn~ z)-OvkNG`5qnnAd!{{VFHQ%7=?CNZ08I9c%lh&UF<$fy$@Nw z4Xj;3HqJD!?dR!YOGbbHE<8lx?yU zRkTNA;g1PPsK_C_k>Px92>DWLsJ8G(OZQM6g7hTu`SD#kTyk$jj;`Os_Q?wQp}fF4 z?#*gL3c(nSIuBaTQ@)0=iisswzL-O7&6UribTu$nl0?;Zi#ZF+mU#(`>`R0M$MwM`lm)2%SrvX+t*E)kdxc&r^-d)w7ZJvP!tc5WLVu4;LC zp1T(qUFvUX{spy`+7{Kz$sivxZt8xuxohEl7R=@g2*JiaY@CmL^{!b~Ye?*NrDbGj z2(7JQ;y9v>IpIJ8xepR}k4Th=C0TA11OBbM`}0!>&Ti<&t5Ww?=Lvgnb$tmMZIr?e zNMbn0*S&LcSxFo1d~VN5Qiis^q}t5CZ=k)y#-4hv{(4pG-5$!pe6uG0GGDD0RppU;_~YyX%^!v1gObL%S%`wT8pXEisdSpgdD<7C*TJdk1oQ)79=5VkM5yuH+2! z*R^`bg1jB2e`Y29?Tk}TBV{*|!AH|L{VPaK(~EK3>7^-0-j0W5C)l*xHvQaC!a3N8 z06&1QKGp8qRc5ulvldpxvZN-=`_)1+adW@?6De9!_r8DD=4OfE3oT2>8Qp#+g&@GIkg0n({su^P2s4Z zmRpT728zfNw|ci8+quu@T!2{}_70-4sdXlfWp}$aWLup%(8_I*fDAAW7=1ccYMYCR zB$6~zr;>QAm8=d|+@1xJDI&QNFPj@~Ronh^QC%7CXOdE<<~cZ~1R~n+U~ei?r+{#9 zYimoexPhcMwihIf5EvC7Lz=rd#`i6*RdaR}zSeI8X?CUriwf%Va0jO+Bvsu)O;f|! z#Nj1yKuBZj_?~}CwHVzesf@H%+~w{pZ|?!S)a59wbF{JCYbxMGcSjPb$8k!fpTn>w zwnk`XOP{(9D$3l+3wxj8HHmLglEzs}AL8c}mJ&l1$M4WOdKx122K2G1eRFQmsERKw zdlllbTIh?Q+m7Mf8rjOkC3A8Q6kJ1U(QjuYU=}3f^{lghEVJ$`12-G9j8l};Lya{Z zNlQYi#$sfAb6MUeBBs_?F8v54`A-z}jXuxj z2{ORor+Oi|I(0oCMTy3rZ9R;kwjkUI&V8!o^GAHccwpdRqv@LUBdktV{p*|ui7l21 zUuHJ9KT758XUE7n0Pt(hs~fYbI;)yQ2Oa9wlSmtG@H5X^=k+YS^6yZpNh7^boQ$03 zr2){VZ!Tgxk3-Z`AiFC$QO-|X(9qFhK+*%AbK0W>gR~6)07^9k31_}i!<xJR0ubhmj)su;81J;>88or1uG@nCb(<*(C7U@VnwtzD&O!bW*Vdux zQIW2pwXl{zI0rSs5g(LfZdjf`u4hHr5*y+{p=((T3uPG}X$g&z5)A*9m)ImtA}Jn_Nl zP)LA~eJMytmLb@hm=0+~Wsv+}8kIRXJt~CFC`ts$>ru|&_oRTKI*b#LYMXs&jC^to zV<6Lr&#edxHukMEg-~l|8wlVbBpGi?mv^EWX`+rYzFKphmDp((%9e`kgL85+DrTHx zc3c(NdRT;!mG!PiRM1*UNJjaMO*vZVbr!cUu5?DW2QCX%f1cK_hUXQx#ANjxZ?~Kg zimP#O2*zn3C`l%G>s87rJqI;g0U3bH?AZ!!Jr7_2j6lRS_c7WR{ z95XM`jWog|Oe~TU{{1_#XvjR5N8K#abJ0VZdBl8up^JKFCXR0**>)k3t{mbZSo*NV zOs#kjZb-BBG-wuGM9uC`%NOQpJe#=>?C;8Sho7oQf+^a3BNW^dB)Ken1NLz4b!0sEZE3`6GaTYd^9sLJ6rcHBqDu_}w zKzIRHni9U?@3=0JakG5nfzv0;G=k+*_FFPbuK9MR4~1gJu`6O|VPdB!b4c(K`*s}A;!D()B`UmAC5(Vb8fmo(D=6 zyM>Fg`ST*HuRfxkappxA?$e;=jW!L6aL6Ayr@3vrgJcfW`ir3!`PY@*&p=6_7cGg` z=04P&idqvv`?n|M1Ky>Q)y$^d>{Yzff_=r@M?_(qRcIlXP<~WK4_uGwS~b)@67;$>5l5Dl znfnd^q_xu(nVvx!_S>@tmAi|blv7Yagzz5o;$GBd^^69Mtuf-%oEos(LY%l6wQnE}eVJ$hi$c+n(|+R0^=WjSs^tm59n450WgS54n#bBp5JfG9yNW|bdLPcD^3Te07@tZm zHtcI!&kS*oKHqkD`ADi)A!Lx01TSIfRV83<`w0v{=OUG(2RltePoTX>2xK6h1xpbG z`+L<~My-wHHtNDaPI=FzdIy9qG#y?>T|~zRmbom)ujN~7%GxxFY?kL$@aB`QLM)10 z+q8qtXH_YWZ~nbxd_mT9ZAR)p>==YG0rM)TMJLn&T^4CxTiZ}_oax5>_BkspLG2~; zR1Mh0F|Hm-{LVub&Oycva;7gb#l_^;0esiV9S?v0y(ymO%G%DweK%H$GPcE9`iT^d z3HiEn)}IyItfED1GMt0&SzDG@5#4EiK9V^gH!-Vh7$-ez(!b#$iF`jEsb_H$AzjRl z+p+DCYoR4&*v+qJ?;^K{{B<6;axK2fM8xs5jAQeyy<1iZd0b&?S5CF+F&}sTWP#)!ei&0X1k-t-FaOTw5R8?K7pbtt#iZyM@fFEI89L(yn zdXK1@V6V4p5Pyrc30zW@hFwASm>M=55m{Eg7Sp3gGr+PtoSgRhRmP_*Y>4H2&6cOp zqI+``EMv&pex8-i-S{FuEzQ5o=aZiGQJi*Wa;DR~Olf={duTk*m2u86O>;VqB)DMM zETis$j%mu)yh8fez?Ly2$BcVox*Z$C>vOhD#L9SJ{{a1Zg{I@ZmB_q7rPx?pn5|rv zQO|CDt0LaT|+-)A&JPO(hGF+e6zWOkRDj*~TuJkv#U2q2Y44gG7A@o$O6#+mkA9yXC1 z0iS2fj>45XQq!A6DSQ6xL*dSqs@VOa;_^0%8M>^41fNk}fl*zjJq_FD)bk%6_?p<> zHG-jW5|B>r3Hn!+ypESXWJ4J|1A|U+NzCCTuZp)j2u$hG_f&-5as&k zy=JW4jVyLn+C7EFkY{n^OoQgh83+9ORyKog6#g!P(a3n*_397Swo98qMe|9fdXA|! zi{W^dL#GCD^DY!&Ti4pW?&n_AHO+n9B43z#V*}eAO%SK2G?_cgU6I;Bd87DfnMy0% z%7B&wC+KU9@gIm=Qoc7U^5Ad{IIDZio@Y09b5qZCdGpON1G3d8Wsh+raaqb;5mvEB z%mMf3Jk-f5OD<#}dx2S^nQ4@HB!iLKvq}B#Gqn1il_`KpaQh5J$x-i6Myy!;xhAUj z1dEpTGS9fCK3=&vs`74$h$o?{acFnGgG1++Y=iGo0PweQQjxb z!95stuSPpu=Be>q^Dh}h)|1H#w&qd6t}5RpM_#$ED$dO5g_*Jk$QX0QItDJ>61?L* zE0EPAO%N&q4?XHB&x;RD|~_U(9@=8uR$n{vLtuFT`P$8yN+y#W|C?t6+w&Tn@D;jFJBU*QCZf$ldj)3uOnAGf>@z zI7WqlE61%*<)}gwb*$LX@e1RbuPh2CXW%N1wJ$-QapHY?SJb7n0}$gF&sxA#2G<<& zc+GQF(#J#>X{6~=AX*}nED|ocgoS}V75o-{<%_NLbK)|H9@dP^u zk_+dI{{WL$cF5&r_%9LS1sD=XOx1vdDL4Z(l&%FyRm4(!xX%F8;Wi?#psPU8>}MIF zn<{@w1U)3&p#K0Wig3(_xHP0RahlDsit0k0cq0`>6z6d~`_?zJG-&Pg(6edq5}@FB z^{c^aRE*eT=E*ew0CF=|VF}6UNJ-8B%>ox?AsF|jfMXNhnbh^9#!DIGb5CZFJ_3S0 zYGMScNU39!2CtxrzR*~3e_CTodzwM$M9xX;QLzWDF^d`u3_GnU68S{{U;XC#Z&)ORzIJIP5qS(Fl%4Yzz^_46BnW z@z*r&p7hXzZbvl6WQ_?Y0DID4k)JK+oZBK!zr<yIyuJBdRL&#~J)88!0Og#RQVv;xCmuvF%&d>2GRxG|0>cIblr@-$JITsVt~s zw~!Ox8LUXMB%6>Lt6&V{*!jtPgs)@*PIv-WKEomc?{Iq|DmT=obnCDBx3%-9Jj-p(y07!<&n; z2>GNvX|DpyC;H4cbI?{5ej`|wV~$xh0Fi?tp{-3sKp{|2texs@wS~JXBwOS8Nvb!_ zVvA|rv{oClYZyXe@{9m^?^*`rv_c@iTnZW!)X}t!(gJc+x2dSoFw=hR!76!Tb4B$H zjfkem+DO3eYDQ&f$Ya)$LPlFb7oI}42Yec^(8jBbk?%yC9-EL{Jdq&shD~NoG~4j` z4NX`HBa?a!&y${TYeEQy(Si+2V?@(Rp#t>HLST%1<&G(*VDe-`V-ud8xS?4UzFbo! zSd=(DPAXJ#C>R#q+N;RR=55LPQvo(^V7&5sR)ffiAC$Rv$5F*;3y{^=+igF6!aU?E zo^TCr7Kt#4u;aaKmCW0_Do$ZnDl>K2hO2<}S%0DR=tIWgIpxA)P^`$O=@ zBbu7t`dAQ%#Ei#|7mCXL$IGiGH_}RgN(%PD9MojSjgx`LagkX``@>pnO=o{1O|xbd zxZXzstKVD3%*AGq?mV~fkHWTtwy2kT8S+5Zq>r*DAJ8C!2 zYm0Lh;t!xbY0%iu99yz5dB!=YPopX5S+qo1RizHVdY&qKn{Z_lM*d!S3Wo-?Qg_sc zBF(;>N*%;7Jxyo5xJ%O-vD`Xlp}X9ru?DNTV^q#@*0Ir!@rBM0Pg=|3MYW;OM+cn% zm7_7py$4Fc@g3B+4G5Qwq~KGW7u+g$zNbYtn<7YElY)ARk{ee%Ml#-*s8M#iCd^qa zrUUn}zazNoRh|?Jl~bSPP|(WE3uGPu^`uZYgjOTm@rn|@f=cF&pQgz@$WJjyJuq@B ztG4h=*HAQ(qmsRL^IEwjxlYKVt9Wz!5)JZBk0vv>7&TZ)YjLI*SR+{zxEL)--bnrV}8^{D4;8yu{xa95>ocxS`6o+Q+Tm4Hxjx!sQlzO~VZj9ccO$kGWm zu6rhv@TbGp06pT*s7a1Q@A7BZC?BnCp9c73vxL(vk(6PAa2N3D`c{*~PJ3v*4X0bq z%eC}8+r>Ty((SF~ywbHKbGYIX!14HEyx`2p`&a|FfHRy_PA*r{#~N-##Uv~|v|?Ci z6@J$4cqEED?>JiL=2hU4N(xalTNm#&OM6y|Z5?H|VfRTt$>z~mOCXWh5XMF1 z{xtP*T-%w?-rU21jMI6cj?i=0IIf<)Nl^ElKmr=VVtZ zuu}^jiZXp_5ZkuHhI`V|7*Rk46ailLVQ*<9hp?{~y|sI-Qf35~k&oS8D|%|_m^IB% z*@M706ImI-lH0-aT4Xg69r`adElgyC3r?Kmr(>iV3 zm$sJD!Q>>Q4DH1@rsb(!Y2 zn!i(wvAvek-^^|h5*|GK*!+6eN2U0N#%Ok0>G_&68+3@RpU16e({He%?R1Xz(qlEM zNMdMmKI3+-cg4OTeLBUG#D{hmF0J=!DaASKumhM7b$@>2QD#?=OM{MVhtwg2Jq^tt&X8qcH#Pk&uvCI$e zax>bdj87g3QtYl z>uSSK@`#jhMV^W1g=8-ulGQ%nM2(& zjJ@j|;ZH6St>4z2YOV`Ow6f#!t}7iHiz$|O8A5h?3ekf_yq3-GHvFnHf!4H8y15HO z7GxwIK5t4}259dhard_cIqA)39VKH;8$A!fu!g+5)1*;_C9#g6*JEOS&2Vg_;Hb=G zo~vGzb~z_z^gQ3Mm5f3j1*E9>r#siU`ts!hhaN>B`RCeuI&l|-EF%sjr%{04$>`8Ahk|uBp z;-3jJ9ovsu9ncrhI9&9oFaX{3)kRbM}dl9H0RRuBuVG zY|2d}buhL4sl!XWj@hmKK6{Cx{qhy`HP;r7c9EdD1CnY*8@im;l1!1Ja@^4Jp~w{= zK=*2%^ocoSEKWTtTOEi6>xbGfYe^*~1Acj^YQ=OCOP`Y<^z=Pywbl9iEP-$sso?t5 z%V0;1YEnrp^sL9{4br6&JgAF|GLF^DSK>O6BA~!xgy)K$NH+!YhdAc38Z*z!IZ_W5 zAd_PU@6woVi6oVUx0$ypPhPcAW)jG7X#p*kSIjIx86;<=DmX4k8TP7rhT0Tnl~&|A z2c9ucxr2|03^9f| zC-SD4k2`pv1wcU?s$y|PfHQ$i^G51SWZ}MEb4+IdRNN5K{{Sv?nr8ft)LeEi*@2K> zrF3?`W{nlc-t^5Tm>njWs6*zB&9Gv(R$n-N>!JQC&QaG>N^;W0No?+p;~m?NL6cdM zPjw6V6J+z(J!@FXGSMpvX`@%{Nj18Yki=GW+Cjl{&$U9St(cq|)Wf^5$}_Gw>sXV5 zvEcRet0cvo;g2;=NAFDuj0Zf5QJiy3LQ?0RwLk>aZy*^9^EagcS6CgS%#2U+t15v; z2Nb{x`68xi(emdEBgTbo;Nn}(Ad zD6E;U#P7ZM!Qnya^{iy?tVsD9U9Y+H9E$PfYWQp3NOE3z-2>*y&W3qHQ%}rUV59 zpT?T}sX5}cZ$c6|i)k?T1g7J>+d&0a>T_BOQZNMchd;HauG2EEiK zl2QAlW-zwG*oSG}$!p$YAq%9EP3_}T$t51=@w{&u^J?dAPUWJu# zsN376R}!N>dXHLYl4#wxmP{(1=dD?{zO}V>GONhnhCf=?8oMH7n;iPwZn-ea<^KQ( z!2bXmY`V-!zq+@<^*9Ift*vgPa@fhd)i0UII9E$0Lf+04!?Geq;Jjo}{(Q zseabt7}31>g7L>})?7e6`^~!}u{|oA(Xq#&Q&t1b1TY}_8pzsXl}|VXb6IXv*`3@m z!G8z=_}DO1@+*t+WIjx=u0iY4u1`w^H>vNsH-$dZqB(?V6LMNkl{T~R*G`HfHkWzj zTnmq!g zi+j8wZ@sj7bK0RLcOK%Tuch}p{cFO09Mxi)+d;Ndddt7f5-~*|iR~dk4=jdyGbq4uX`~Lt|BI$4XmKR4z?oGYUvjj1dxr~mb zv;Aq2TIsi!e`B6_=0#$uDz9I9=aX`G<$e5z8m^+{w*LU|#{U4Br+7z2Gc+;Xu{lY0 za6P_mpM@uf+ez_UmosXLBaSr;slw#_d(jx^>KQxT$@D1S==xpd;qtadgMf*EF<4rr ziY(&t;3bgs&rw&)(V6qUr9C50mF|4E$^+llv`&+AZzGu4k~#s#X>ul0mZVDr{{U#& zFY$E-ugRtPO0wjme-CDnyKp}`+wj(pt!bLPYk6kv82io$ zz#m%KLNRu3#<7X$v{xapQ9uP008u~%6ah<8hFhygf(#aJ54C0Jz88m0nn|Y#G>$Qo zl0PF|5t@xVbtWp!v!DPf;BW2e>s;scUkuRQj^tL5i<)XBEo_k#{l!v>rubot?)x^D7*! z--E^F`7)}cGIc6>TF<}m-M)mLZLR2OP=mFG2(53?8N0$aCx^tEw}>p|w$mV3#SQ@ z9`R&p%Q8j*R?c%-EjKW`mD@1&YqXh)qN0F!AY!u+$r6?*Ks_52oJ&hU%#-An8T8Lu zuP7>TTPC5PLpL`VCY;;xl4&A_gd}b`0;Gc5&Ic?M4)pn0o3P)pNxL!1fR6d6TU*a{ zBS(jK2dJw`;&vmtx0c#mFd&Zpm2Fl@ZM?}YLk0d4d8U=L4IZRS-pJX=5qAX;|{>gZtLwsi=|4NE~Az1r#v^ccGH!Txy?~p%;0=?H`{!MTn1&qJ!_9+ zxfMt7^{z}su8xX-2_eZ}nyK8QN>vxPdgV16400KEoR9}x)t|bAZ3VlU9-(43x)8?3 zJY0OZwIpK-wN??uK73ZI#YB>U9hVR4F(7^xZ^-OUn9wlXq* zI!z2}%1ZYYUglNu9kHAP%}kbqO!Cb}8PtAktS+UrzKr%5sX_p~Z+%W5&lwVK@7@Ji=%KB7ML{Uo-+MBh8SGtvwAc>O1 z^r<1Z1_BXCVZkPyu7%KnqAtOMat>-+sfk#!a7ph}wPM(vodg+bGqzQ1@I^vh2F)!t z!KZbQAlMF0d)Az~ewQr4T_X}6z~I+JQ(GB1K7`F>9g=Q|oB(=m&0Gw=N#m%^Hm*&| z8I}m!g8bwGO9-CemX!*xU}#AL66W1@j1VwIX~v2pQ|cD*L+ z#&hdX;fqokK6(t(807UPkif7}*EEr??oWC{W{tU30B5CZMSB2?VdVPeo4-OwK{+!4 z8y;({(zQ`N4SpHzpK~Z+Jw;Q3+&SM_ML-p^2)@3E&Zm zdjJ4ceQ3!wLP5 zw)gZE3f$bw5igwf+A&dn$jvGIYOT%H-qlbyS(8+AeCktCh)*{o#P^pRd$K!{wn7>t41sECY`h9n&J6wxheYsF%_72BWbPiu(L zakC_M6j*7MTHr_=oSY6b-lo#+8sjeDkF60`2F?3rx3;(;S#U>O)K@Ys#OjeY;7>g9 zT?yEeL1RG>!i)-~WfHa2j)Nd^nsygL{G0>pisbJjkNZSOcsc0Z={*?w9Rv&KVX?G< z&{LY>Kxo$rM_+0>0@awiR$G}Q1dMd`HEzRi_I#VZQp``iO~&;uT3yIt!Cb2Gl6j{+ z!(1x@j~qk4cK-nDR*mSym5gg(QQj!{$tSOB-m|obL>p)=>rj>5!cVadv2z`zp#z3~ z1}ih>x6|Xv$C=6Xr#*^^4ZMZPEHFD%H!%Yy4?|o}Mr@4ByFwr3r=WPFP`M+$E8J|g z6~kw2sf9kh>ilSce1Ks3Q+g6dJ=75pvN2}tqmpW@x3V5K`2h6Y)|!uSWHK~lf{N0) z{v+CuhnwX;FV=_V1KtKIpbYKivUMq+e$2NNmaKL%<7W?@xC6dxN6imwjr{f$HD{n$ zlF>|mIVYODo>QE$B>I!mo!iu#+j3-RqGPa}dXrY6+Q&J_q4yfoLK~>p%^v-#tC*Fx z#&Z4XFCjJ5Y22!JWP?SrgwFmw1y=hB8n(7(;Bt14T8jS0+7=3gl6to9{=IDtHZzo& zhkqc4Y9lrWy;qH;oNbGCezfIswlCXhjUv3aEX{$(YIUWsxR9zvu@jTKxvJeVZfILa zX&OjnL;!gFuy^4-qN$5sW zD3@slM<2sjI=tIAO>TLl7%D=H50;lIyKF6~ zl^eX%sgU(OYi;1Pbl-6#ai|@0&12U>mX5|evqrNKY+00Y3sk>rGsZwTBhsQ?>nWsB zl4;9;<*}ORVxKmt9C0_x{8;N+NnSoewze`g6p>{N?ZFwUjOIiEkIXybvwlUIw(TXY zzVwzvBy~M216sIw-ZJuUJk`znx{8{y^%Fw$-N55IbcpJ$h=kHdt{nv^xL=5xb0X;h@(?IO8uuiJ7Y({B8u zBo?!XbB{2g+w?8crfKC%gfqq#RKOTeD(UFcMvY1i(r31Kd&kxhcv=>|Z}gZKYa)-m zj-I%#dsX{3p`_z5}ky9k&7a1!uT+)+op?kz$5z#N#&C+JIj^zF5)h#g z#I~svit6XfB)MgeJdCMH`M8bZjilK4g>+K?A zbmh#dFjWZoPtYDJCgPH_{=VW{akNYgLhDnzjHK;6s83FCDhn&A>|okLA%z$l~vMF2-|+b!gL0#!*FuRPTjOUV$%vRum}09_;? zbMK4*D|$;qDJ#h%v(WT((d}L(V#Y??**WL(6)vf(TIqJOOFXC;4ij+6KT4ZAv(T!N z<%?&6Yr3(%zLrKifn$z)R&~AY!nVj|WCUXw?OIf8n87V9O=)D`Y!gd@tI7J*`kmWc zNFq?Kr=bIiHwUXL*+m7U{%yfl0CY8-dRAMObsQ7LOLrR8m$dC3TfLo_;XUuQ9xa(NPE$Us4>rA(n*2&gIF@ip5#|J;>(yIN2OO}#(;hADyoQxmVyB6D+ zH@i74L?F6-pL84w&1b>Dt|>2g+V(G`VXZ`ga@`GT>34VXL}P~Rp^y8_e=6Rbxk;U^ zsLf`1CXqbED&6zZz3T#4cDON;7@V5tto1G{L_pV}7Yq(T#%jVakOxzP?_BRqO)SXd zcjS)0&Z>qrW-JGmP{#UxNkoVOJ=E1_v4ILS38;08?=5gSOk z!0SqujUnCMlhA0HtO!6e$*0`gTiV#an}S&nTE=qH$Y}9xNunB?6;ZQ);Z{~iko?)( zish=E&a2#j09lzv1u7h5oSMv`izZm-0OF;LM=BL#ljvz|0~LXk#4*79sJTNL=XW4> zrb%AY$sox;UwVZ3QCz#m*bUn>_0%t^J1CJbt-O)KJ=5Y%Qx|(+LeJq zu;+?)lN(&m7U;+c)Ec-elJ+}TbjztBCf43YQPq`lDk{f?lhlXw1khXCV*yh^{FE#bx6s>9OIgi80V6IIsq3TnURLm(zKUU zkyqyA`q5!DK`yfUpgOhhwSTxrhfRnu~>p=g-V)fxSuSDOXQhUoet4GXDUaR&MRsFJmV9Se`#E zw+0+=0ID|d6_+W-eR|fMt!PX4nPyp}Pm^xk{{R+hq>^oIizecFkxE)1dzP&&%(4X^ zjdgam!rsWD9!*s=Pg5pwvRw2XD%FfBFD3qOOx52~q{+1lrGm`I6v|xj*QHa^WSTM% zo*($S)%ufTd1Fw$$@MkLYY|H}qJGcSe}q%pQO8o%hM_1c6yHuOQb=RCk81a*UP8T! z=S@hIn4OE`=JXX7ov>RoPRh6^uX=X5SGg&WCoF|yJ-QaAywY8KvBsf&Na;z7(5Ylf zUrQds%j;WEE>yH`!w05#s!G83)Wp;S>Ke3mz>*WG?MAGP6!D`Rs*XJ=Ph^c2vMRwT z^7j?*PA}%aPHTc(&)$L$P%(EYtY`?s9+`U=+m$6HXj%NF33 z7^-?%67@Ch;f5HzzrKgpoKjpYHt1xHK;yR*0_N7J|5m-!po7E1j;uDuR>#GWJp zC5Gq1b6V;QrQw(4EuUP0k}J>e^-W*wk=><(**KFwRzA)tb6(aV zsK;N(t#f0l7{oJ87Udg6Dt=%;t#g-AG%^%o+m!skjAEmGA}4Fy=zKFBoz>haJ-V|3 z2k#UW>&ZE*{xY|FouiaJ)#M zfWSCh_Nvo-Ke3uiiQ&2_EQdRh6pyAoD=WHpOxK!CC**Uocz0O0b0iU2yzr?T9T*lK zqnu{4bRQJz-W}9rj`vP7hin{2f(Nn9Z|+L!_W6;`?^(N@9>4J^W3}6350+hd^Sb^R zHRM;`A=R!g9zitB81~O2^Q_|-q-SnvHpZph>qn5XE?Xxn$JVyZ?YxktB92DK%*>-1 zqRI6ouEYy#Z!7SdNk77IS_eq95sb{)9anZ~-okRRqYU;oNUG8)^%?11cZSza)Xw11 zv}${vm1)^rQM-3L_yxRi?107T5YRa!pw4AhY_Fgt!bw#ubGWjklP(%E9*ZdT}-{qOhXvt z+mZNJKdNcArb*_S<>ft8G@MsdXUdvN*E!`;-shd_OKkT{BVI4 z%{o|9a+tu{{DvIXP7d}oS7`4oW-n-l1qiIXdYa}uNjH+dUN<>Bl5@>zC1}{jE8Y{s z`V-y{I41H2NGsmDJD&~D6@%&$K=DTq&RF9=L0BsrOS?S!`Gwu%c^u}oygJvKF0C8O z0dPP&SaFJktnA9!YI_`a8h)jqO?P!`8Y-a;l^k(jKWh{2yqrYYj4|3X+MBvkxF>mh zirOWtx|XdRXn>I2O65nfuR_02u;iI(Sof?}rjp#qo#eM9DaLAp zmS9a#xsrDW?D zvIrTTMmgiHMD#^RbI#{Kyk^dMCp99mkq&wh+PGxy&XkJwlH|ylZ$ zsg{hbigAUNr7iN6IK?rQ&s^y_B%%qM6X!8}x$1#%F#&KPT!`mx;M_HB`nIj6B z8^_-Etsu2*O!hf1wEZd-iORUmLuDMMmqsh}Gptp#(%YDlP|K@`UWnqwo4a(eSpX$v1pgt;tv;+O}S#%ZC68Ob$54AN&bfNN*AX*Y35VuR^RK!%=&CYq!k zl|U&p3IK-Y?i*C!G>ShO<~1Ef?q12!!sjbw8&cZG>XVjdU zg{FYpy^1e?Ez9|EAXOj5>s1;FB$sIU*z$8jve2Yjf;dBMEw>dE=%#GMOD9dl(16mh z2#DTlm0wzA-OMhh%8_{Eo=qBpG3T&rjjVz8_s=z}6c)C&OSMBbIX&s_g#3(qsbT@f za!<8nh*{(>wDId%$WK#$MT2v4Fnw#MP()xF-UyqRnw&1ufTNEBjQ%UGv z{{Uq(`qEm4MckZ`Ma1v3HlTKRL2v=8cQF=b*nXr8)wQ6Jjzn`W#S9L=cuaM#E9`g699s80I8DI zG&tVp+puYNcDE8-TgBx`C*Ii16#oFgbC1%a)n4)|QueXOaJj^hx^5+VJ;x4?w&*AyDMvZxHU}{<_k-RoEC}%FtVRs4;9k*TjF$Aiw&l*qA7q2=7YnZQ_mHw zrmE9Ptx*w^Ygc!3d&IYvF9Q%^k)3hoHV6ytUS|d9l4i8IlYN_IQ~)~HBD9RRY|*x{ zOFL4QggIvUqm$+YdXE19t!3)Q*@K9nNF`RmmKMRs&|+H*Rdq3;3tKjV$K)JV_ zH4Bd-^KZx}m&#n9=kzt#C&M_etQGFHRJf2Ff{U23`RDbml=*JuA5Ty7Ewsijg}f^* zvsr2A*IJB!D+pbN*6p002jf*>_)%{Soz2#(cG1ojd2eAY#Pezogy2RbE4%WpuIt7&`YWWi&n_kbnmK-aemSXfb9QJOwy3iHIkCTp zGZ@AOe(Z02kj-m#hX22{@ z*0r?ezP4@fi84Fx#aiY?Y-p~ttnGC3TzeMh`PFrwRddgn+~sop~o^W&&sUQXY6Jjv{GT9=Ns8=1tGM8c|m>XU=@8LS;=Rn;{q)@kAq$~np=Gw)7r z3rO_-yBR%qF;OpNmPt{wAnG~Er^L4x2xEJ#vW|#HC-I^(&`s!4z0U>9NZ*;Q;*I>txrx~mzWmQ<#O7Lv+Z5P3B2DvNVN46B?GjKnh zQSnrNXCG;Rx)f{%2en(XmCX6QJh!m+RBcB`9MxH?^?xP?8bid?sESC z+9N@@kXyPqCnr3N`&5^DzN4sFH0DDbAY&Ve&*7R}>*8hGne#K9^AwU?b5Jn^<2`GN zSLQC|iw#KWm$A%^${hOUx|1aO$ulHDdt#mvU@Pm&ZQXkHJfo8 z5{5oN>MIF5Gh~*G(vC%V#@8Hn%|&$_Qm-q`Vu$8q-P_3r%^Nc3(9_c27QSS}GZEJ` zJ#02sAbD(2M*_6;XnghF!-|%yi;m|`n`!mOO4&ukU3yg1yBu~bWbHtB^s4tH2G1s?I}MrgeEWdxY6dts&P`~D zEL&sc>-Wd=uWzvhY@*!X!Yk0Dwx>01EKaUVbik_JlG|IF)?4jC%E=0%=<1AY2mnT zYV>Nm`Q&@jVPcKeQvEWaLFtON&@`=rPvK9Xmvbue*UFqKH_InnQ|+|q(>uw}u4(gG z2FPry99Ig7o_*_D#beyhz~dM+JJ>{|oHtBnwRH8lwpiNSm6Pve5-VDIG8wo1t#NY@ z7Y<3-)z_ZgsM{{R(HC23KN zrIdE-Qk~!o9x+9RFi7Zf{4F`II6Ft@NwF2p`HYb2r|4-;r3!#uO6HaO50sEjCFNWN zJ*$n?<9KInz+s6azZ9jZQS4+9yPlQWcx1=@pRga89#5?(HaRT~@x?A{b0GDon2h3p zK)iIO<+l?+AsxV8YBBr6!Rbh3*ucR#sMYtmU+&NYh+um0QUm!=0ZlZ;u%C?tbCW>B zwJzg;DF)J3Yf(zfOU%O%XY++TOT zYW|<6f21Qgz|W;;yDOousJdIjzj#nRJJ&i=Th=bm@_#zJ*b#7faKgAalcqCK#_~qa z*kW7ssPYdn%V|8r%wzI*9SvC8@Tf&hp4C&Jq1v+v3r|_bu1zWsXb^! zvu-=3g@k~@qOl%VyqjeCkB)5Qe~5;8+0Ty9y!Z#P{ARM zfDU^0Jk%lR&8R1KhycKr=zG)}j5D$-B;pi5c=MB5>C}{Dv@nD|R^nHyw?j(={y_l= z8^4ICHJzRHEw{O~3q;mz!MAX7NURMu{n4ZVtcuJ)9@Tvqmd4UcCN?)l=N^Kd*DABK ze+sTBzJj-79Nk=8YvE!k!sHwtDs5`-bOPOgSsSitw63gGwQRQpP}^80scNb7lR%QSb zSA5V=m0(Epr(%;C!A!c5nv8;e?%aFRL$Mns2Y=415<}#4`ckl3?2z8Dk7&o?)}cv5 zE=rS1{I0;*A{Q*u4WOO{Ol_Y4pvFI18}1^dI=K$ zvnr)Z_cb>JtYS+W>O7={il4easikL_e&*OIa5>sKQ7cPA_S~y&Vq}$`=&{E^QEGw& zK(X-M$u$qil{=XUaUyO=+Z(tz?^D|=dAmHo3I6qGCTYvu(2CvBm;)IHxD}>g*=@8e zLP9?C9GYpX=tha^VHo6!SIeE=tHx@)q=E7hex{s?O5{=QcTgDQo`Ba%f#SBtR{&=? zu6l!I7^IHoO_}7L)o1Kc!rQZoiA$B(hkF%n?xT_xNXN_$GwWRa=IyDw)Yg%UOH){C zeR`i1bSIHhY}=UQjB)kmnc_bgT9{TFY1%MG=5=fkdkl`1yMu+9H6Ju=(dQTNCajNg z?7~yiFPw^{{{RT{8)bO+2R#@!6&&p_PnTmkhNm3wYYdY}Nx?wm=kTg>NqcPDnP*IK zlaW_`W>u5aRMl>lK+;bu73^Hq`z>D1YsQjz!i;|(BR_>pZR`tsCMD*kmiIyQsa+3V z56PclTB)n+*Y6WZLrabxMgS4*TE!`8F+wXw(bb=az9iJvJDD$RZOfjW#PgopSmMi;R}c%o9F>x+79Ck0m8{=Vor@8h-3`yX&Xx)aN9yzR~qIhRS1W zH0!x%nqsW$^z)%zWd>lk1iL02-OcU0sb6?1Wj=%3@$q@sJz1 z_Ni(bv0+6>1rz{KKp=uL4FEMGjy(Bjsh{qQQ>nJztOANaAyu28w~#4u@d8SWZ+5Ecwq9Q*QX&CQ{f=*FRo1JHAtZMv6c zGM6llfpmFqVF>^c{J+GxIrOM+^n1NCPyYZ)T&~}|dr+XGp_H0uJ*L?Sr80S+HhEuB zQ)+s2P}}+ZMJk-&bt1J&#L7-Dq*zI<$u?>N-{1O9|AovMSAc4YHMqnaS;*2jN-LT-`S;hiUFcX*=4% z7~fV_5u6!eVhHWtwzPdt-+7AmJ(4#bVc<~)_9|MdqorGR+=**+&z^EVU_GkX)GqYN zRWIQ#hoh+D`PWQk&*aQ3o`#~!2C=8iZ2o*H$oH&UE1&G^7K_PsxMn`ztq$(#jYsU3 z>~uMGSZ9)A=_njC4nCaL?}j`bHHYsn3d))JSEpZE&Qpp^*(k>me+4m%Hu9W$s+y&ysO2&AUcbiXvk$#g2NpBE4M`yaiw`2Ye6JZ zjpPjWH9XECj3~g*Aos3h^*3(&9Y&Yq6^l(+COMx1?f6$u zO$?(3nV2l)JDy-mdR5q7G}C5D8CjTd?O5MZ+U#VkZ6VmB6;?(u@Id0Taq3cfl`csV zEA!7l|3t-va{tX3d+Q~YbTiD!5QRa^{aCt9F-pZYoAitR#GJ!TyFQQi@CmI5|g!i zW~nZsxR&qxhXH=I(r9p~wNejLn#yLe*t>ah9QjIfih@Dqo!kS8Q3hgaWu8EAPAZ+c zmHEN%TCKDpnilYRj2~`Vtx1(a0`pNPcVf{dHzFP?z1p1dNn2rcDN7sqe=k~&J4P%F zk_Gmy6G;I)(Y3k$o*Rxx`Z6N@E0RC0qLs+JBR=$@f&mBKnGI{2@j0{f@+Dk33 zpKJ2Z7a)$bXj-AZuwOa9db~AD*sal}k-Is~A((n`K_ZEAJ*W;CW{~V50Qyo8Fmpo# zChuE<7BNB$vJXnay<3aGW_959^sZX1t0;BGZRgr+fWrQ(I;G<;Un z%xAdpfgO>KLv#4kB=ccpR6Fz7*4vV`CJb4!S7F6AL!Ne$!@el6iwBhl0-l)16-Z5k z5Thj3X1<9=7cw9Ad82)T&6TD5UDE=gV~logO)>QOywzbYPki*G^eH=OnQ`Q1kCyABGgh^2X$285J;N zmCm2>=9;^eeq)ne214YXvj&1+&xS2}dF zHbj69;;h=nEu-4(ynEE4H*qJww}^82C$iRE&ZI_KHNgJ>Z04MswxhMRGG&@chzFeY z$9m|r+hpOWhb1DGg+0; zWY7Dv^5lB67R^Nr22>9WWS?wtQuQ9n#f7^z7+Ii_M`M7gf`6S}GA+bg-Zn+XO21#y zw6jY0Csb3G7o2>-V~_o+&X(N3#O?|K<13nmi%&w#3nSZ;BX5m|-RYmovK2%!GXMcr zJa(mhG#2R9x0YF3p60V~C-AjyGlT3}6z+FBv)SLSl}Er*xG#C-bHvoE&m$ zmc?vK85zUWiXv7l7weNrf@XH0%P0D%@&}-(k|n?(GK!fyB3`AtVH%9`5BpUtv!Fw? ztDkB&)TGiyQ!~gmi15A1sgXb#0|K9;4y1yAn8yoz!_?CwkjF52LC2{zanX|}rP0;e zO&pM^N{;jiBV|03&2SzPkVZRFZ>TL9&0ofgC^5&e zbID`Ys^-_uUCf8qZA_bXv1;!^{PV*cM`gJr54?D+xL|wBgT1o8ig=`*mB!oHY^1H% zk!tL#{6rIqzOvg}!eiZ!Q=U)bNw(1s%%O365gTI%1Gzb@iTBF<0!>49Rw^pQv1zvq zq0D;+ZQNDJwBiowUj%g9T<&Y2`Ig1xK_EN~r!>{nQY0!=u{?3qQ-WZX%2zjOC?qZj z^%a>UnfXGTn!ckgS;C7tDL*$-eJfVr?zeSU?de&unRbk^$V(H)rA%(O$Ww7S=uIg{ zTZODPGaat;BuybBk4)A+p(9DKkO0ZR&0BoQF~M2tdMvJjR?c?@>J405x0=^uIR!do zRYkX8>0_wUt!)+VIvOg-)OOh()Zpmx8%{GV{@a}XcCI>OIAi#Kjd?b?;)!C` z?iHP8wUqq3&@tQT%|oYT<0CnxDXk7_{j8)V?UBPCeFbOaw+&qKZ>dYnh2zFf>UFKt z+cDZRp4h2Z*fbVvqa=l~f_meMnmM5&^Ag zd>g1*q8aVdRnH2KfDfqWuhy|{E!yNtDlxG{+Uq)f@wtafnbHrKhL3n3Tvtb;_{!F6 zq=Qok%>Mv$%R#ks>zX44FNNKUl_#m)K|D7RhqrZf>{q2rT z4ubAc8ovRLWA9ZMxw|1bCAno~jiU2a)S(&N4;0Am?d1f=Ixt?OH%eTR*FbVf*w4S# z;?wSuDNy2Hy8FIb<$O!yS*&j(iqX}!^2HCz->q*-3AEm(E_ae%XI-Ic$*k#dT?_|d z^Qi1=O0lUPNi=TkitT-9tW?~?yZgJwe=3c?eYst0`bHS8bIBDDu&9*78NB1?B{vvYqdv}D4cTD zUG+55Lk0>q3j5Yih_B|qw=rBcTMWYK#a!z>N z+K;ilsAsrlm@vpaK&150I(nG$TL~_=#5z}5r0B_UZd&Cs4;xri#awOK5Zri2&AB24 z+P#=`AB9UVf!auL-F{v$}1ttTF8 zk5Y47`xJ||dSusuR4S?*;nZ?*PrcF-+WH8gW@bF@Jab(NHqe(V9YmTnv|2yfZshXY z9XEaI;x3!_gv5*$jt9LdM(XGw`He3Ph*JJRdl-1iW1iKO;%g+e)E#Z#F}KXQG%bgB z%w?fgj4NQ8@4g@2c~*CpkGIQ<=U-lGXv;>2QG2H+t2zGAl1TVhlf6;7B!2CO8S9G1 zzr<@EgYGv#w(>?Xo(c7>HVDyYo=0luWi_FlDR|&7-m#=5n7PgmO3^C{`kH!v!D>zc zC#`B)UHMj|CtldBXRFlGHydrfTY$v%Jm#$3KK3eyIH^xjvX#U|kdIMS1*-_M0RVQb zR>bu!S+~j#gj^?vz-%^CYDx#sBVU9afM6#;<%Y)XdzW)F){M-)JqV44RIf2wz}+wxBkN4c?!gqmcp`=yff%V^VZNHS z?;|3O(i&v(?9=7Q=)Bi0MSV?^xy0Sb9OU(>teX&Jj|*I~RyHbJy1mMf-*ofMT{7;B zB9VdChPEh-I*YL$GPun(-60HHuWBqIkvx)>Vo6`+S6?d`X!_!Z*a}v$4XpEh@@iFe zGO!3j(C*k0BugZ0#d>fvQAzu@N5>g4?eVR4U-@l!RzTmt}{)cBQoL!XUdb4*A+Yv1z(tF-mp>B zw)89@1BK`-GhD&71Rg={T1jbPM@Di}@8qe;tsf1!7cIP;uLpGsgM$>bbT;;2E=kH(k=a5?6WaA*N3I?@0X#w46#oq&E+FFa9^ia<4( zV>Owmd1fQ#%eOrM?@=jOXy>N#qB&N{{HhYoA>da#SJZ5tD<|9xfPws}&u&zFgDiSb zknP;D1*u5O$OAvERAN<%x5{(coRbTa!3@4=^73=uoplRDaUshZEpcdQ=^A-PGDtW) zirNSiU<_9AM6s_Tpd_-2$+*>;C&$Wp?apbo78xF^ERJ>o^gXIGb_?#6_c!-P6*ufv ztT~;oh-HW<$E8=A)%>$2!c=$bQrAJ0VS%NSC`NOd>TJskbrNHB5YU-wSRj%P>|&JT z6}|K%=k+&{q-}_Bz3SDSz>p|pBaXG0*z4mHAOc)BU<@Ug+;YuIWNmg zox8j6c%^CNei_;{?5H{X=t{`FI+fw_p=Oox<$4A=CaKN#i-|CizS47!!nL|uv0D2O z#}DraJ4WAHZOloYPI2gJF8Pq3Vx*GCv}f`(Mdipr!hu@a$QrSFIWXH)Wqos1H5->i z+N+%R6f0b9XjOx7!n$yK)qxO|enJK+8dtczNS@hq*X9*0B~TDfPrXpDsN!H|%Mvl^ zQhlXB0x(JXRqFQ(+=feu7@d)BYFOcSUH38-1Nc^rwE}Pvl;He>u&VPA0LZ|sWw`nj zCA-#`67$^Bj70kvHpgs)xaYa5%1z4v zfa9nJn%7ZD+d}26lA-_f+^%lh|ojF6Dj(u@e76Pr;r5C>CbuL?Zl4T!}*qWiQMyVVaKpP|y2U?A! zk_c$o-pw9i04np&?)9Uk>K0aZHwipZ&oikDzaJ;K&r?>lRt}HMhTi%sLb5E)oN^aG z)YZ#9W?_F7+)SryWT-gE^sOT9?!>p$^r>}y7gf;|t-3E@AADlC?Q>lg*6fzD zpO}24Xa4}LP9G9X$;VcUo*L5ijZZ|m)I-A1x62|7nRfc)r|Vo6tjlewNo~7&#@sh= zuRMyM?L+37_4~*XzemYSyyx1(%2~{{Z53c((gj_haTE z$EOCJ9%kI0t!-pFjW>FFSm;0D6@yoj*-$ig`N@_U3FEg?aaevP)Z_5Y&BPisQ3#5N zoWI@JXa&P8V8#eU+; zA(b(O$nQ`rGJWzm^{BR@YpH6^+3qfqDB*cs$N^AfpTfF}zXWPg`ih672zs$&&!}^31h^{Oyqmcgq14O~UELO^RA6R>TH8i{B0A!Yn10RW| z@ch3MLG0ygt9|Ifds*$~aUyN<&KNPq4SHvTJY}U>+QkgEaKh*SYl1hi{{RY=6>d>M zw!PMN8i$UwXlx{&*HVgUm!cvNPv=xW;b!PJRxGj$l#s98z|MZ4*1p0?Ue>s`l(JX`kbb!+LNiW`24tOGybf5xV6`rA?@ zl3MIHUh(Fi1d9cfay)JK*bsMnaBEt}!|-3}HkWqM$!~DZBx53t$~`gv0N1OsgjAa} zrkqzgT~3C3n>{jk#GtE7!Eg>g99D=q8TGDdCuJwp((UR{zSb;k5scRn?;rBaINkYX zyuZYrC7)51x0F~xzyW&xwX9&_9%sAQ!gA(%bTi=9t`ZL}-tJUFFhOIt@}@1^w!_RC ziQIX@o_{>i?O#+Y>#@;jdY+%EKa;C!43c9AWgjT~N$2saI`)$txEE2}+FU3Y3ZE%H z{8E>D6!ea!HIMuyJEXYN?PY`k^AYm#^v_SiuRxwIyp>*Lx}Gz}1cgWQu835GR_gx% z*O2sjHg4&jv< z)E&;F9`($VdluSTnRkihais=fI(@THsOi91&vO=l%{WNEvyE@}Q2Y25=uhCGr<8LrODLu)uz zGD*iwnv3%8IT~>3TxGcW)q`cRa0Y8PSvO(2Qn8(@cxvBSvS@A)ZX@Mx;Mb7r-WAlm zF?r?{FBWpLDEUoPB&Y86E(ybPw(xeZr)u^F-ryqMDEqB}n$MGWh5SM1vj<6==GuPf z%{X4}EQx70yPdk-rQ9M&UvfC$gH`TtqqI-oJ`Z7@wW`rr!S*W4JkJN5@~ymNdSus{ z_`6y2U+nPRJiPVZf0ZXL#lkm{&cmfoA{j0Ti?|Fr)mg2kmSBK}{{VLt$s})ky$Eh% zYaPof{KBb0EY}i+Rc)l;f!?JnjcR%?hji)I%L=|zD`ao&pK772?9*?=lS(Eo4;??P zbzAQ;zrCTHvR-R4qLU!CQ-G&Ar{6-?I*q-Jx-Qs;;&>G;r>A0_qU?;Ny*g#x#^nxN z6~X4RuU>n+OFFjEz$8>8?R03DQn`m{+y*O8MSHcmlvp3$82)ATUiFM6Yuu|}MnQMF zOO@O@9PlarTFWPv_`?dyrmWD-)n#ac+vg!V8q(ALdnJBP6$}``8%^c{Gw3Tm;@W9J zQ2|v!jN+>4brqe<)_QmltYr1{;;hT3y_$TygIw+1o7`=zn`9?$2&tl0l16NGG|?=U zcuY(49$KQEOm^vzFx8@FY?3(B%2HPinpqGS$iS@Gr$LdgAbM3>w#2v{>7d<^CUL;( zYAdm{eQQXf9)woeGux=fT2&vddt@XeD4=!~=+XFB%;v7GVam)K=I>ADx(;D-0LeVn zTfrRm?-OzuVxmJwEM2rK;QQIF$@Q+L3yAM+)<~QcJn(8$>Rh{$u?h!Y!ke%&Zt7~u z23@P)*0H~|ZX(r^ImlRv#Y@y^)R3#mlaebFSMyp4L|9ZEYYBHQ2MKy`Lk@6y3YHD* z7-Ikm3=gKtq3{f(f>x|QAO7flK#{uMSItZv(6Ce|3mI^niL#Bgz2Er>8~t?sa7np~;q26IF< zHxi&eNMCp4)HQPUMBmubHVa4r^j<2`Y3myN!F|Z4khzNU%wt`VFMMvrU9>x(2*dNF z7BOz3+kWCRh8=}kwYvS_j#)6nu{13hNuyz81bnA7ypfZ|YPKNfwHX-BQ9$FKYFjoY zRM>JmfTpv1*tUz;mTxyIK>F1rf_TYLH)F3jqQQL)D01pI@CR>NpLP#XS|UpG%p2rJ z9R1_zRodxd`4^Gvnu$9h?q%J1a!a4Qd*ZBG%@ir}l}5)yjGFW6w0%_vB~3*3rqvz?wqJdxKO zXltQJw`*wW0F|;!aB2&|5{xc#X-8RTJ&ar1M?<@=d7|Dj@qjW7Z@!@JT>Bl;jK?n3 z`czS&X^!`4G1omRG;2gBrlhjO0(qSWZfdEy!w?PtsWW?ulH~lk`kIa9`M3bmY4r=c z5WT@HL~5Y=)57ln%ONZ14l1w9>N}I9?1}re8276Y$VdiNJH0vz627QwQ6-q?Xd6f8 zRG-YAOe-ELR;+fr9JVBKag*y>Q8;CoDu0%w?shy2MQ~)0CwkVKQd=u^iZvyO&P`&| zlNXtr{i7?n-PF*Rdz`5`KJ{%_EpqjX#~s(1GMs_H&ILD9xqGJA2E-im&1{*P(b%H| zGBbrx7!GRR*-@kl$8?^8v2RmbT$<&Q)(xZ`^^TJ>&QDqwaah+0HOy+!gS!|aqdHx~ zHd(gNO|6W<^d~jD3TBe z!vK1U)3Bb()?_op)9oOPj^CXSZ7YV5(q@J5M_zuFROT$BV!7oT zGffM+NA9&7dy_K4B9UJuv5*fquX?ihgQH(gkizYjz%0ZCAFXsH?P8+38!2d!)Rc~8 z%PL5ucNxg8W5zRGX__pu>5Ve83=jt8AA#wgYR;SYxn9Dn@SX*6HRDeyk|rD5EX=2m zt!cpqmk^3suJ%a7aUD?manh8VQoMB%_fgg9n%0Kebe4BMOgo?Cc3s(C<2dK>#d8{w zu(j3-=}ulF)t{a_@lREL#5UXYGj66uR#;~zC!WHndD2GTE1$sBb69DzM7Wc1V&@>| zlU{?Od{5Lg`xvcejyaYt0};+W`RDT$YD!v2(lWBKCa>ectjMNjlG#&~5S$f0=QUJ# z-ug5Lx=a z={YD!2enuGLzA4Jz}8KLi#FPX*89S+!*FscMAU8so7QO*j+kO8#%&b#v9AY{3C%_ z+SS2@1TioJ7}_dlu;T90GBo>fcH}tZHFj23rrI11eJW|Imo{5f4!=Jg>fN$=t+&#) zxfV3to89F zo~2;RsFqu(xEs1j{cF%~nkrE_o#edH*?4bMi0GwaWf(jF*}$wlM&?_MS(a(O&uJf4 zX2Un*O-n}1wv)Nd>wYDX^J`%%h?kGPPU^9s_;P8AUS6m;&MP?k+C`djUhAo6!&+QgpNZDbR91}0rGmax?)Meb_}52{ z-$#xZZPi2v49YS1)wJ${Zp|clu5t=w5mt07g|yY9mOx5!t_M;pk~%kX{E04z`(%$F z5wns3>MJ_uP+M8D;PcZJoVAflL}p#xt;?2Be;VA=^Y%E@94mFGmWdY~QJ|10Qd2)% z)8Vx;+ZBFG9R3xYq*7f+M;Kd$Ok)*p^@orVx%a5ul+26;d~i2ayFjYMKNY2kWtov? zkpLj(rIyJ`0(lEg_9ntSN+VJ_gVL(V14c>fQc~Eb$YIE;*BLMEOg0!e994VVl?OGX zce^4(ERXtSpyNJp{&nrCk128JE77Cyqnfut2?LUHX(V?8fn5d`Dw)qhYBRZyTF&<= z47$@&?gEl7bKlar_@uq?-PuVAlGV?rN=bAs_f|U#ONj3+)>w|6K%s$B*^1jR zVV23}i*gFGza(&JzM*Xi)Nuo~r z4mvZCa}@soF!{0CujqjnRfWO985PePr(;Pwqq1k*2=wS_0Fdy1I_NUkl~Vxbnoe5+ znh>Dia%p#GAW$+UsFFt9%Go^eMZk~}M|yTWs1SFg&pl`up!LltKP?~`&U%_&)Bt2= zj+6kIJ!wWxXaLXSO<)PZpaleD1EnE289gWgsUpa^Ly=GE^`HQrDy_xzFoLDQZ%R^N zk%4t}E!3V|NL2~yyk?{R%aqE$BVoO3D{4`$Ea9_+xoo%{>Ycr`ms0u63BllYr(n6V zEzrgTC{yWCtWd)z%Mr=$1z#OBOHj7@m&lm zp*};AS&f)icJhB|`K|~|@@ezgt;N8S7f=QVUbL^R#_Vd^qN)L&p0#9jtyaW6S%-Xq z?u0{^W7@9RT78`{llb#fYmQ8w;$sYCsun)gO4eDfgAmJre(4l8gQ0v34%HOWDvhI- zH1A;aGOp&>3M&q3j7u!7_lM(Lvz^UWgsl)v_cX*pTOmOQ*17j#=39={qjhOWBytC8 zx8@00Z3Ge7de*N|o3Q}1WnHJSFcjh|))eQI??xppf}a_%`f9)Qv!XPl4EnjXS>Zb%!;BxE<#)pvF$ zA9PgS`-ld>*icJ))wp2uPfmSle9E)f(T*~MvB$Ma$(YNw0IOC-EezS57G;TdH?O5F zsAL6*8Sjqt^aRP@=fNBwN^lur^9&BT6m=f#c|~D?gX}6YnEwEljl0mAF4lnb9Rz=P z$%oIUYO`x;zUM3Y)kkt<`jTG2A)QW36V!C1#4`M`Zc;xw+p{E@C2)-l?ZMy^O;}pk z1{ifd)Y}q8Y2%LR@x6NSNd=ryO3_WpJqhNE^b_3A)Yj72HrVp#(~83Kor!LM`qOu| zrKGx&NeHwVmN3kHYLiUO(CqqF9ZIog%@mO=gq1^+lh&uc^5+6b{{V`oTijhrmhmZO z+}|)ADi`@ACj=jUD#nX3Tq|Hm{W}V`AxQ=zB#!y0*j$~&Nqn?BNGBe(E|x>wyUU!d zPP&x$A=DYKFFd#uvFHU~wa|^CtoKX3s3*I0UZ64W=}VT| zj{S;O_l{+eS&QU#Bc){P#1Re#22D4(;`$$2UVJt1{miCV)_Y@)k;##tUzij6*AuP$ zHoLU4mhRr=F0$A~h~p#QJXchzDKB{nqe?fo_1|-Z8XL=SV-QHvqwSFZGJFP{l*mcII46Y*t?IQxMLvstnB6R^rLTb@1G;LU1 zS=vMxNP&s(TlU~y!b~by9{#n^o|iLew{n!W(gPs5)2Dr%9RWG6S5VUY_jbsKAHd@T z)-@pQb*ZXNZgaDwkw{~Ff;&^KZ>6=JUN$?FgVwQxxmj_QozGP8$Hi!DY<|tETC?qJ ztHwb7XPVX2ektiQTe_qZHsSK&fFS$U?wXV4Px||fD*MsU^UYUQi&dUkZPdh$zc%ax zn!&kQ?x#)8q>uo>+n>vd!K*tMrDC#qqZYLmqREm1Bv)dbX+r3=>0J3T%I6UT+n&=G=+{9-*QN6usY$3}b>DH_W zW-Gg4Dm&1w!H66Tf+_18<0_|`Id7oJ(%NJE41FqOwtc}ul22@NS}JXesiO^p$Tqr| z$nN}9S6Xzj5>SWZkSg6fElB3*NoQoUp)Da&y~)K+ZS@2I+cQpsoT%wn0XCbnEm&*q zZI~_0<(5(xY?a39nEu^wS}~jywc7|>Z%PA*iq4ybUrRTpqqy5 zliXKeH!#BSk6KVxDtnT}6om4jzLl$K0-*;LO)y7FEg-qJRhlsC*96sq$q)(#0O$p9 zHstJdt3o#wSUAY1R5fi46S}xjNMThjui~~-lexVGTp;HwBRZ4hMiu4ox<*NqGB*Ss zn6ESOM}^?t_Zoi(sf<^k;-IXyIN>&=bNVi`CW&(*%+0ZeF`kB-tLrlBmuewRr=SXJ z6#AVUx0f-gplQ~2vX{MNX@A=O6I)mM<%OlQ1e+vrg>Ij%X%_c6>Nhu`!RmVCw~oL_ zS#yz|YZ>lHR#Hjb&syi4{o`2ZEIScF&SX5~aavL86Gst_Ka`WZk6O<9>RQx-N$w?( zG^DxrHDPWdPnutxkA9TpE9^0^u1q8Ht;tcGWOX&xX*vX&ME3fetM;QJhIHGUe}!oj zlJyJnp*1_(Z8ygD8k8~lcJG5Cwm2Q@L&jb((=Xt7EE%L%UB5Ok59eDbxutDvjNDwT zd4mR4#yIt;(6E?bf%L8y@iSvYDRH|akJh=(bpHUPg$K54HMvD)McTRVT^5?*5kUuO zsFtOpdtec51MgLZP^t$^RxGqrmBLON-mFfZWM>E7oLDtuCO}cfPc`+x_oKQru{#D}B%^yquw23XocvW>24QaB4YE-u0^3L}`=7L3D?2 zY}KYFu1BUXnX6hU{{Wt%y{a>n3NkP&)1{vJlLscG zSU{nmOqU#wT8iSrE7(kOpdk9x%VDQu3MZGtx561gHj*A2(z=w9WsE#$a-QOc-?-Tz z0543M!SPH>_E=;CkZD=AhO{%a2!F8V({(t|G*W=FDDPJMS**l#n4y9*8IzJ2Rx(#f znxxyg=P|+^`Kgp`Qs5#k zGnL3u#ye92B#e24bp-Y`7223aQHDvz4FcS;6kcj1ubi*FNV5h<9Wm21w*sr+TglfW zoQkb)F56x563piS^{U+k$F}(4+UF$nKGhA3j|ARgvB*4w-mWr9lJ+|1yn^FMB^g5n z!Jq>9eG9IJl7${CU z(iw<2TvHJ5FphfANOU0aOg0mC-V~Z?mABxG`_!_AzUcgw!=-brWNP+1n2|^h4-L&& zCukVt`&U$TImQ;K@=3@dm;qjT^`ty>{HOtdlhk6KR1TFR1pv^;6+#Z9wJ@pYp1tV+ z;JZ`;b4i*2Xl`lw6j)(F>(-DBBxe~JrQ@f1U^JWznuX*f;2M^Il05C?)OS3>+~bNm z0wL3sCAb{tJY|%f2AHu9`UqQtQ2##B2ko^4n zQpawwaHI65kX(}ozcNOS2x4J7v!N@z^4{;&Q7YFSG{SnQ%q5(65rv7&vz2hxPB4UpVH=Ylhj zsI26*mKjI~cpjWowP4*B?Thjlezh}@s94qPgk@TTCG*I0*0o#Y9CJ&k-mJ~PmC6u} zf`5b_Y8^j(T$N#(&FII|LR+i<04(iKn?3W=vt*sv}0w(8DQk+2`f^Q9eSpqV|$3Zof2dsbpd8bUIE3ffmiA)7Z& z0x2MMENa`UDh2Y?ulpqb0F7ZSMEB6HLiHnP6&rlnJYaeXg}F-1h|L&a9PS>KR%z5t zx<9+z3f*WYA_H>H=W6jxI49<8A4-KQGFx{CkL3l1ew9&zhxw06Y21BBq#zLcP7OXz z4(+)20+V-QcWi~3nEbrw+M*$wJ9|)qmZXzYLZQ=^!R`U2eQpb|l9@M%(~^7C@a~L)+|_6`bi!6` z+lz2|3{oUUMJ4hL4THI75yYcwspHm>XOrggLEVnkaeC@0Yq1QkC`Fb=VAIR~aH)ccgtLU(xvTYE6|HCbaU-11LhQr*oKh}yQcNeHyw zs1$A_`qJOPwsESYio|pxoMWMrcXl%o=8j<8gVYmIPD8%pcN0oT(`HExzT7;6YM)xW zz9od?2h#?#)s=fY5Ex{}LT=sD9M*=NYbv9D>4P6$D0^zbd&SFND$&VsqFmH>cZO+( z=LgtSrLD%^mMgu=o(UU=N{bC4-zPO_OJPW5{vEmFJ*uCGkrv+6uOyR`N$qft#bfOI z%Uj#CEK78dTe=nbW6KpYv;2!zOIj+T0mnS2O`}+OE zscu(w{e9=2&Ebu9JxU_-hy=~E?JgWHJeFsrgC7*xEE3+QIG0k(%Ztf#* zK#N4V)EoU8Hf}SOBaf{|9-P+h!SY;j*0FXzFt_+P2sPb&uqLtrBeu^zoeQPjQ@Yqn8&kfL4> z?!+w0syfLcU&*a?NO$*~YSqLOoO`&`|zSOLK)_9Mxz&pLM zoYZp08?s%Jx-JigcMD}Cg@TYy06nXVxYAx5t*YvFwg_hLP})~!ahh(!wTDS1jyIS# z#Q+?A(dq9*ca|2m$RLDCaJ-grm2be*rFCRnZk5qiJzD14d0IAASqCZwW2oEcbQU*OcQF>giN`r4Rf~JO zM45<{cW0gjZ57bP-(yvLxgzs-{G@sc%$mqu$-detGn^J=@-6HC|5;;QsC* z_|Y6Dy0YDV$g3{DBaOJmf4VC^Yr`QWnT>S9lxgg9%1%z~&AQdCEx|HK2_1(fxxG(a zvYy$DcS{)^7rCgEyoVUKspr>^_M3)f`qXg9(6;T|`*B`-e(~0|+`e@<3|Ky4e|OGm zgNZH+7?GHI3f0Zn&dn4ZNNv3uqY*azw`#@e2@>vD$FJj4THQvn7M)8Dz#1BBa??l* z_>r0x#(io4&h3^b1GOHZex|mOi*wD^(QPm^d-&1)M; ztBI#8CUaMo*YZeYyJlAdAsCazcm4*p(l0zeD7m(aamZbe;F4&Xwta_U*SpyN3_N{11 z`zo+*dvj4O3P)3>$>u~i^#Y}7L1tATkyy2N-OiZ| zk?|?&YQ4hecRz(xMX?T;ajM##q~cM+o@?5WF-5@V73tFWQOjF&CzQmE&5D&(P~$w- z$icDUv)Z1$c_N!YJDl{V2Efm1kRiQ_E6a9^T;kka_;!3SX{^cM^(*?)OYD@j z(C93+7;lq&G6SC3=BoIRt7%)alN)5z^#!?ytZGr;cv2NkWQB(Zj8-e@d?*^9v&!u{m6hl~?M7T}IguQ&2Wqdana4qb0be)~W*aIx=QD8OkMru?f^Eys5CqaKEk z#`orso_@3pRVOEmd(tuIngk;Qx8*pcQ^zKd0W_x+z>V7-DWXtLI#e-_C9{BXDH!b? z38n%eB=QRWG@(EwCb5gv<$fVe+S%9p|i|x5shX>ZOn?s7ZL&}ldyPgd_n1$M^ zG4$rSWh?AiExw-eeC)s}?cTH_v{+&}8;SL%)uJZvp-SzpSq6-*j@0faq8`$!^cWRgj_EKn z^%R3`OC?S=mOqK8N^Rr47rGBJVZnV~@H)4fomxIZsu6fAC0M*H% zMt%bwwP;2oJaT<%8|W`2HKzHo$*VD{?8^X2{OR7sCDf2Yp-9FvRl_1S)4=wmUfT~u zjoWl`Wc!+&M}hO4k7HVM_XLQFZ*WiDUett!Z@;(ePWKe7x|JMCWjG}IVzn$41XyA7 zo(meNvJg%cNR8$~zTIjO9C6Rj2*atZtWNqCmfixHh0&z;BpPc;Bv^)2%O69UH_?<- zxnzJA3PC+{R9bxGfttpB!K;xpobJX5s087htc*ZDhNkx&hkcbwx)#pl3;7xGwa;ADjY1p`RpzK)VZWQTbG%BjK5g zxu|cUr}o0;f!`Z)gGzJ@(M$+jW+=9xY~KiUH|-|1r8L$qOWs#(do zzlRC{^y^j2r!B7hjclpf?@{N*8fd=zE+%Kja;gaZ4O_eM4ULVkp6#9$Zh}FynjRKv z-hRL2Ta}gBTTk(hhpAtiJ8Sq%+j0XoH+?;8YFVO%Lro%}JY|k6I+SNksI|B`B(BaY z;vS=>!=@_FDw)Pg0M+H1SBy0cF7Fm^D@Doj)RLt7ITuCy)=$`+y*Rb=_-! z3^e;qBYv3^wCX-$?pl*-Hj1&Vx=kqm*sK~ulUxgF4ijPtxdgG%Desb>uq)a z0G4gRs#dl(I*}{66;$vBGgrx>ijzi!J|2S7K_q8)J?Ywoip^@^1tX{cRr1{s~A zG}A6Jx;JgLi9wD#gmAq%TvuBIt3;+UHlIr9itb@GVP?X{=Z=+5-F$}f*ylWq)sl-W z-3>t@l2ft<+B>!=dV(O6NrGYw=1EBY^BSY5>3VDy&c*;-jydMDo%$6SHM2QHvw4_^ z1eoYXc&*sw)-xgZJEmfOrn_h;rF4!ul5Mogj_NoEIO<8L z9%b%8u9G{FG^acM+teTO>oS{MrJ;yszj6BN#(&5vcGVhtC6`)opDw-VDO#v(S~K%Phu(yuMNGa zU$mF`kMR0Y$dL-Bx)ctTB!Rxk9Fi*YoMNDg{%a6bcJw0zb6Ggsa^0kgsf&pVW9BEO zYeLh?x1Tdc7>-78R-<=e{5m4N{Od2urZfKUYR@sRVa+B=RxH|BNi?e%{n&5fJb_oI z({1fy$huaPpSn4%E#wbNSgj0lTwJUL)-#S8v~6t-mB=#5vPAijy6&M_1fN4v=HYH& zFD%QuA9CXk}KGY)Hs#I5I+E>Aq>h~r{+F!^gbkKQ#_ zM#X}Ht^gl56@#lnv0jndvAx+$s8=N5;{&}~h1f!?&{A(evDMkRjsWAFt!G+X$~6}A zGxHwxoNUuCsjG6Om^YktA$LAey3PGHp?kqP0rQM!k>))7XmW zTMXcXo;ucZdX$KpjGjhn3#Q!|2oJfWftiHuJwXS(R|l5oI5k2nDET<57azsXHAt2k zDPQfYLm>e?(UV@(j5dJ0@m`%R5;L4zrn3M!Xu;sp$*jeFr%eo>yPs|fwM3oO`xV7hF>=7KolsVAKy2VubODAK|v zjoqYe&4eAzOK#hwEC|PAL$EE26EWHVHI;4)M&UqK40BBgvm^#c&&o)s#7ejUaYsO~ z){Vd=c|GyXO=EK{oStNI9mBP030NAs)aoq!M;w@2rP=<~Yp@a`%8kI}W4(1nobEOx zEQ^LX1kvUL$T_P*8pk>5QH5>!Ex_$Xz4a5Hc5#pn1&U)s67-lRw z(@D>BNDen#S(i{{KsKIvtagRVt1u@Wg>y>D+~_+E4rP+q#yX{IbJDsZ^e}sa2FE6u zkDIR*LLaz}F~u(PnpXh{9edMG2;k5$!1n7#K+OSRj7jND3f{B;@Ia-{J!t^KyN@)X zK|Lve?%1Y%?xKqT>0%{Lf1p)rU@dTGvi#wY(em+}3h-DQaU+ zb1d({$FQcV42N@)I&)leo%Sx)EF#Gw`CUHaW6UiYek7j(NaKh{2=pOwH?`3 zxhZ)XG3F>y>FZhY--vfck%7CvTFE6X0m{h9kY^mE1*wLz3W- zdR18qWP+xX*5K8Mww{MWWUI} zSK6eB9sdA}f$LL!1$%5u=0_02j(zGCm3-rrz%@%?=4`k7r5QoZIyUnTNvVsz+DzkldEKlTNJ=B$QG8)g1n2 zv!)Tee0hxBxvidx=#AZm*hoPt=va=!tys9h`=z+#1JqKuEsVLZBxAA2z~k1cnH5eC z&7VrbrlqT-I}3~gd8+eU7CFfTRH-C8*mP4AV3OyaD@x+oQrjHvamhI1lXhgS4C`+y zEQWB)p8mCFdx*TDg!z5XTIo`Dy9lP)1S%#uNR~LqbKa~+HJlP*P`i2#O=9l!Mu@ie z7cwvIR7Ae7+Nc?PrXqWQve6XX#an{v=VsMG)c35(%Sk5SI@6Bg=uH)~GXlV_ zJDRz+IL1N($M~pj??AnWt;mNR2{i_zGG}*kC`(&{W?H#2jAV03suIE`CnV;Sv}mZF zlx{Agxpdz9w_$;9^{J#^n@iy>$IR$P)n*{)@~xvbwk2BHoo2b?32t=Ow`kraae!fz z9Q{X9ezn6-alYkbx`sv=+DYsB(@<$zQ7fUS zSbTb~kpo+m1RvsV)kp6>;t%0bEk>hlNutJBXCkfX^Q;#@%R5G$_R&r2U~1=0rfJri zr0llWWq*q^au3i9R;9m&qk{0f@yB?i^6_@|!LG#mJ5P54fT@dh3 zwmR1}F26O*epa7i8cbs#b^01yzs;aUIo(`M4%c3{x$_>~LovulInUwVu1Vp2XIRvP z5+d9Aq`u}D1L@5_c2aE`r5mHAxzX>u52L)cnw%qgVfRLUW9)OqaNZifd+l-VH7QV| zWa3egpK27+i;_<4(k}CT9gk$S*E~OEY?3wooGerZ!v#N=TH`!*1_ zHB?)(A3e0Wp%t#3so9|WZ2ov3Fp=^B^rgAJdpmIo!whVLZur+}Z>X%~+`cdJGnAa2 zna?zmdFt|Ixyb<6UuUR`i&)YdE16+lt^WYmtsw8!AaT95I?XG^8h(|GD#HB_WBTJY zw{zm?E^Ug5V=CSE5Amy1@2fGCrLo6ry3(qdEyCao5stOQN2@$HEh6P&ExThmrLf?w zyE?r;T(rBlRG3B?#y0getRB)3qjC&%=~|>jlTO4p^4Q!dj(HQ2*F1{n;)m?hFtnB+ z$CWtXicO9!tEOpN>V`6@bucb^=ZQYO&6Ra)AT zXI+@&n3o%Y;3(>8t7YevB}`}s-R^$0t*y%FTzhDlK#>8*Y*W>|wb>dF2SH6M5;8#{ z026>uN|Jc-5O7XV=BNSiVcZX1hMs{{I^*7f6t6Wnp%@Rh{i@~ewFbGkVHs|C$voCG zk*p(f&Yx`ZzQqoQsXa0EHPz|5IhKkNL-V)%*S=^txPEJORwoPLJ1qVYzLbcESoLvTlBZbfB0 zB}i_xCUfOiGIbqC?Ju3@1JL5L{O+~a1d`CCmjx5sk>B^Qvj#xzHum+bJaR85{%eT^6$QWT$0!xgFMncFE^$P*?bQ&1B4H zk1H~;#{)GEJ%Z`%R*K}k%88pQobgw62(8*hlFX8Emd9gRJqo_YcBwzxB#qe=GOi8= zGgZMGKp<99=!&sC1(C^I@;@rV)LrDg`MTz%G?{kPWTONcxg0^Fj~wLmseKt~9bJ{X zBw!ZE$3iL_n_w=~;~3|qVHc@Sa!ZE701q{o$0~OobJDIZ#IlX_q+u|B3Zy0|4&J@< zTBJd-rri0CsJPwUx+{5e)b!%An$+2BO)d%^Dx3;x-mT$_XagC?CcR2}MI5!A>`YZuU~+0Bv^OJ~ z*uXL~P`Z=emcd~*A6h~P$0HOr0k{*^nbgo?k2)pUC$|}>mYSCr zW^*@DDj^b*7;)FVB&)X8FjN}hnmSXtMno*Fj^mnrl+LoGLymD+m1~-}R?oCEU=nz& zyW=yXK>5$N8K#=KJC}^%G|135&5TtTZzS`?YBIgasr4xsM7F3w_b~)7=Rx7jUwicI(!tM~i!jlblIH>?<02dv9?O1dnl6 zX0cYd!gs2%H?d0U)Y>uJ+0RT>U9qt00i@GKr*Xe|wyy)dZCLBgZ5rE32|zFjJl2qv zv}8&*HX+pGxKN`XjaX-3ykj2Kx{;Gs9}^HV%vri2<=uOg`A!T6uDu}DFYO?eL0{E4i7ZMC}WOIICIG~0FJD10o(MY1BzfVmjfi? zgu&;vA&+bxYCXet(bP}_@x>=<02h<=r(?Yr6AnFS?bd(}ezex-iUtE9Vv}hnk;MWZ zjyqD0l)z)Y(d$uy@1C_Rq$n)CMMyd8LPBAIOWTTK3QqW^a1nrEjM89WiU33#Ml(*N zFeaPtid%()y)~FGUTKAZ5JqrnCRJw39-Xs80erEJnWliC;~4xX82$$%G}m?8l5t7s zO^P=cK(5s!d*-s_kdi@=n&qiG>}Zlh;fS#W@I7kU*{k!01Js(v3CWF@V~j+*Mln^G zAGGB3HPveg65O*a2WZHuOFG39XRp?>>J~CC?&P@}NgD@BY*3KHc3bhHZrTdh+_=po zX9}Ypn{!L%Z99o7ee0OEthEQbc>vB^9<@U2dmNk!anP2u7!d5^pL(1ks)9{7u7Htg z*?)+T!*(QG8g?z2w?Wa0 z;0j12a66yIld?v3NEn$U!#5_aBxs|M0UhbTA==s!1P`2(f$2{Ph51JnNg~qFuQP2N zfJH$ZrKH=&3Hns-$ZE{GxmVg$W3~n>V!$YjFg4Pt))5heM zB}W{Z)!SiPL6*}5W)ftn?mE_n^=opf!Smeptlomy!1Nro^;7rd%?qC3((xsg1#5<(3;j>VNw5)~Ih{G8KP=KT3h(6FBnKv*>BXz1Y%d zU5br{B!99ED4arDXaM?}scLB*HzByYm+awpH_hs6GYryqCaEiIGjcTBr3GX2IjCca zU`&C$p2o6|R86{zCBuv!r22Fe>11y$Ph;1bs}95xfPQT8NhuP-GxW_>*d$ad<*@!P zdenN0<~WC@Y9+Z*-1Pl!(mg);k_(l%L&$aSS@6u#N~+Gvx$D;zQGHpGe8)*+aLTvLNFfHh+y;xA6Y}n;uX( zR`;bS*(N*L88;df>vUIcG1!{YO$ZB6SxIwCmgDEq6(-Rphm}lc)YUt^D()mQ$eUKD zm#xE?uW#o^um+U@Zp7ld-3wN0IeyL=rb03qzFuphGWTo~S5`0Uo=LVXbVEr005Jz0 zJu8y7mdUk26hy%r9AOR^A5l>$U1%yzw_|2~Yx^Gl54AbCwuSTMaIg5*?Ee54ZR2p( znqg$d4(8g_B&L(Sk)(859Im+l6>-yH_lj3XpA z8qLbgt7unN^5fgr6;gL+R&d)u=sQr^Nory00I3qra=7isG|Nb$E+&#Z?)$l{99wra zTODSdXc9flIc~V(x+_w##sY!Bt$G;A*ygp#%&y1GjJNkkQC%m5?;y0&T32w)-GQv8 zw6%?)J0quUPA!AV21yU_4_|t#AQQ65dR4;oKscag7^{{Ra%<5EN8c@c4UXvF^j zc@78bSHDXY$fmBeERPpOB5sKjaqRiy@vBg3GioRY+9Db1ke}vrM>V%0)8*XKwvIbc z1IM><`{SN{%|WbdHX39lWN$W8$WVG3Ij^xTIX_c}idi*{M}DJl(OM6iEJ(=o2D&BH zqF8>@_x6aice632G$#;HqpaX1US?Hv>x3c^xt>S&{V$!zrLZl_(a zJfo>q?^iCgn}{GX7?#~hz(yHro?C9l+D0ASyil%Kx0rg0j?UIgi9n1IpK6!pB_m4a z(kNg)W(0$cr?pgy35nd6(y;YaG)4{VT71TZgI;O(!sQ}kkG!lo#a+JfMAsM#09~!P zeSPbA%Fgm+N}6pnZ)yG|)2~o1+bj~5#>YGpS(>f&v`pyHq>>zk?^g9jDiTt$&G~VF z6UzPb9x+wr^PwyXvbUvkwbawdrRHRk?TphJKnKcy8p2Oo8YOgCj#K0YIpeQt!MuIf zMEaVQxoEo_K(g-VHKzn?<{}~-gTbk3l%A(a5;vGJ=}npw=I`rR7E!tcNIsR9E_Wjn zj(Qr>D?%hvyTeXKP6wq@b^YcBYgEZ=LiUz~ULnb@zTO?9esh}6ZtT%$g`Bp}ma|%1 z7VDZ2h%PYEuQfw(4t)($xLmg!vBeQA!AHGg-d}EZSetM?#Z*1!M44y9Hot1|6^cG~ z`I$BEQA5xUwdzIaj#`b}wAQ;J*o;dZW9#B5CTr5IlW<7EAsX!Y( zbJyOHTMgQSl_r?&lh7J=CF(#E<}BTPD!ucn#0GwI&@GtcR8&4iR1eM ze|+PQO5>T*nL*r%6_@UwDS-a~q@%CiQ;}TPv8+wYigOu7-8RMsG4jN?AFykutLS~swi$dD1}DammIrbK`f>S~n4 z(=2(hvVa&9?M==*)hBTdA79p-L8rJF9w3|{iBEj-T(!icV2u3*VKu3=b|=#Be5=J{ z*yg*aE``DeU%G2Z8Oaj%>qgK8Xh4Kxr8}t4S^~pJ;+hm>oO4Vz5S(_-Y2)9D1}^N1 zC=iC4O(BRl>Uz@P1CfeI2j-gFPkI1AK%l=I8bM+BWAfHN5 z*%_pOai;V<(*bfRFaYaH*_O_I>XUx$ zw>LG+)y)knR5K`S06i;36Kde%w5J;o-Nh#rR%Ql81J<>Y1Wd`gFnub8%v>|M9e4t= zQ5tJGPvA8f4@+ z!YdDUr{>9S+6;|CaM(2_a(aPN)Llv9j7G$=gP%$sC1(4)9{8uN&5>$5P-DvDKT0CE zo!e{?mNiRox4m;p)((j<6-uNkO3)m(;F&1%HjxdX zv7*R9DdcpmYgAQ)af;pokt+@0j+IX4K7mjZ?_0?kre$2)v|yImyFCD^@xvo2Wh7^= zd9G<`sZCt1J+WYN-1`cyP^MELk?3nF=u&Bjk+g(iPCJ@(i{;=j{6MMl75WoHC_$1l zo|M*zNJ$3=G+nKQevDQMtQCkX2WnWZm+s+yqMKJ6@+;lCoRF@*q>i|3gtd?CtLBgbj`fu^$sYBA$lu z6Vs*BW%B&l3YBBWIi|&AWgtSV$EFsu=f0#ZU6Fb%Csw%g~~Leul=n8zxS3?#Y|+cc*Tu6P3XS^S5xq=q}og0&8)$4io3S?j#&Kx zu0qWcOOfZzDs3Z`>MFFBsax*-1sTVh(fde6wsHkgO}u3|tw= zh$@EU0h5nvl@`^d_#rv#xh|F9`^IxTg6=$Vy)p;qReVR`ElSI5(h22L>yv@+O{KA2 zZ)2RXus1i$2FA%e^NQ2f{5C8w>W-j}=Q*tTZJ{l-YaIBsZ$nk)g;zKg&f?P=(0ov< zN6EpaENrjEEkJVyBLvez#kBmzU-{Eb^b)ZoGP;}tob~3lR^xrX-GFC|){$w69Y2QF zC|t7@T#iXKw{fG{U6RFqez^v_Q_#+&ttQdN>)LYK-Cx7J@8)|6`cIOnrM(hO5Y|)Y)qz+gG`kI1Pdz5JH z*bdwMK9nYySb;QKZ!M#J&Rg#i$C`*kHjY9w87)cqU%Go5iEFuPSJ1x~+3plPQ>1|U z5l(AZ^OKT(v?3eSr*N>x_mDGo7^qSND9w+Y`c$=I&8;z(L`;#2=uq0n3C=fT)|0-- z9)};QCAZqLxXyPFF}T)e_Ria=?JaPH+-}EVO3vlR?do>cT8hLz&upzLV>{UK_?ooh z=19v=au?b$kJQkYeaL=iIeM`NBlnjQbPCK`vs%VAn45(G7-wpHxT?F{6KIJN&G#E? zR8i0|0J9%zbXo|xIk{b^KI;DfQ%c>&=p zh27{T08C>W6mUPKSa~%@kOtU+M+=<(f|5v9inYm%ddon~EV4xq9W%G|tcYMYcZMCz zWG9wmLwDF~mN&7lb)iFPZW?JzIq8lCQTr3yH<>2X<0u=D!lACD^Ya>Q;t#W!ZXsCw z!5+c~YRj8Zp8nv;G>ob__NL^LB}FY+l{*RMJe+&;SL~K%LY7dow|2)$h{u_i6{e=` zj)Nzc_PfL85zf+0bsAJF6`GGM4cy}us*TL&E9h9bvWDi}(8jyi95EdYaT=e6=dysh z$R=V*+6FO0ir7$}F6S>abHOgzK}MvC_Dg9`m<+iXN-m|8| zN~bk8vne~8#!(u^y>p7_bjSh2zcrJ3T%_)6Z^QB0q-I`+ipZln=M8YYcC72Tls*Ok z2Q{Qb%)7v>`Huwm#a0Zv8FusQSL98siyB$ob_d~Ik~l?BIO3vvqVIGPIvCHbV%*Oh za{}iB>p~HkbE(6FwX=?xthq1TleK#K*2+2=IbDz$WPjo(J%vdHqsU2MR~*&+C|?$* zRp8jy{t` z5+pdsY6)*!4ZT(o#SD9iW5`k3iJ%@zwt475q3lx7icsE0a(Er8wTWSCxbj0Dv~(pB z#(+#^Jm#;gu__Wq8`g)Y6=igo6Pl;J#pnZ&M_Q=%WVjD8ia=ov?~YPK_b znQOY{<)b+pPBU8Zpos$W#c3DNQU~M=R8mD0h79-YaN0-gSe>AP;0-_ zog}b|L<0py5ZIZM2V&%7k6Mv>)}%4V7^dc!4F{fR;8Ab^jB!nDo`)0y5O8|XvVuq| z*`Wa9X`~V|y=gWfgc2}F-R)9t+Azce??_@2an_hV_srA)K6?Uwl!XuR14V{Pg9E)g zcReYg0meGhau|;E&=Pj*N#EX!h*}Bam=)N~zdM4ZOVnf9c-?b;0vK_c4 zfs+n66r}KJl0~?NJQGS7o}kdihi9KkC_pACpa{H_+*=ea#>O!xYeR zGeyA*P|Cz9+A?V{DYR0^ethH8H7SnX**CTU$6CddP>xTv+?Qq|HS7;sE@O`3RgMwJ zsq0~yx_zw00)Q|*s{FRa7oKZa*%DKA0CQQ)H(Y=@!2qQ|TEC>qMed1=R(h`YARha?{cNW;mWJCf!~@$iY6dCVD>a8*v%_4S>f`N zpg#4U>`D2saZ|WUdkA)53~sAXTOm?*Hb*(@Ndnc_e$pHQPc>*j$}_ZpeQCW5hKQLN zRAX;nLt5515WyGvznu31fuS#?TZPHOu=F*Y&fyOwkFIK#)*CWzAeKz=k9^g5;dtBT z&OK?*s3 zLPTi8>T4MdGPJSe6(qj8yK=y{_duy*Y(6u|>q<#qK$7Y#(D|xJBWV2UwCa%HgvaC7t}mfcdX(AZpF5a^ zAC*sK0Qt#M*ck^DTT3FzVbZ6#a?T2a{q8GZXx>Bsz8L!AlbYEL-D+oDO*A2(OgGe4 zSU}le4)027TVO540$bYo&;GHvPS>_Y)JyV!@;5-lYJUM)v3FNxefx z%HZZx0!O*oxHziXtUf@BHpiF=%_%*RQPBDaRrqnQ+APw;<=nuTAS30m>o*WPpS-QC)=40-m15M>eaLH9M%cxP4c z-G%F$>qNYXkZhJ@S9JFIyL~HYt<+6o++Q?wHg&755pOK@Edo1LDBGL`3a#}OX4l4g zUH#}=t9xV$K-kEmC+c(g@l@jH9dB_)tdg;3S<(DEt|!TFZycRf?VKZL@atT@wGO+X zTP?kwwkI|{X?>N;)K zO~Z&^Ir-OvOINBZm933cxEhpZ7;e%VRXa;F;J4G-rqld2V{asr{Ii8W>ob#0zFjO$ z?V;G|&{)WTv#9`fss7J3=-sB+EYPcCcJ&1QeX6}(kug_#oh_TeZEPWuF#rQBt^Rqe z+tt&OS*~K0B#NRaQM~Q3J?PIM;brS6k+nXH$KJ~Q&!K`WV ztd|JRr#KC}iqXELY?ECG6GXOIyMOY^{N_=hJcKD5w_#%X>!~-j#B4Np3#q* zqybSQh64lU70Wo;mYv>(xvf*m5<9NqI#dx@o4GD@i6G zCgR;d2A?IJ#T#x&UgFwKrbj|M6Iz;nv2cx_HMaNZTSivVgR|&Ctm;zTxCOJ0IRI8< zQOf6Pb*P&X&{*2yDGHo|D!{p!WKhmZ=Oh!w3F=noK(N>w4?8i)?08i;&*4skON!#) zGUN<$rnONaI~zwqkIEk|8?josZEU(-p=Jzna!Ia*8zVkzl0~iC0!+JrQP@>G?-bjg zlEm)McH*0pdIz&+P3_BEl;5Z-_aR@8=S{QmC-!B-M90sB^kGt@-j+1>e9FeGzA(2D zmW?vrhPm7C5nbMw*sQ90ft*sDthE$rYj#t$yS{=?GT6vT>HsFTaNzFZ zlxN(zK}na>U$mHpob4^|QZBV_90ZNz1oarJzcHUIjk_trOg5>*@+$nzEW9gi2lK0n zGm|R4rL0jglK`LM?rM#umk-)mk}wpUl0e*l8XCT(DKmd)g%#smZS?e}T;8yR5J@e- z0;bj{c2vqho2GRH^(|b_i1mmQWN}E0+3S!%rF-mDb(MzcI^LOXr|lOQkn{5ckHW7> z<2@`k#gy&!1Fcew+P#Z#lVy948)?wQO}aZsdz=sJT#lu!TDK0_|dw34?AQj%KS(a67R;X@XsG-xBlLku!o zn!R(PTUtT$LUMn*)vDsV7*0)?7gj=RrCXF1@UJ^FgZS4ad@-y}(1wd|-3!G;-Lxt< zVDFYio>shyQxpmNiZRLrPt`O~Rpq_D3T~8C@J9S{A zgPygWuJkGU);F|Y3MK3db#W;Oc?zc)uDeXIx3hy}5rrPL)d<|mr0=0M>?mLf>U)}4 zT~^&yRJI3E(zR;p#zkA3nITX~Sd{lXn&!2=eJ#O`0A1K%vmBbv+St)Yndox!eWK%P ztV9_P8@ih4ZM+Z#pqlFJZX-Q76$%S`T-DE$LaFeT_SZ1tMfNx~kv@}g0chl3DcAeP zvZ(}>(Mn22Tdm3xoRtUGow8R^@_seW-OUo{Q<}m_7@fgD?oCB5nvuiiEzDB4qV*L@ zN%SXTipuFIB$5ZMboN^80x++YBC@Fq>|9-uXZw2DUzWv5{{RUMrZ8m9X6eYKE0pHe z?b=MMa68l&dY!zbLcT%jXi$<1nb#6WxHNJCeX6R=5t!#W9gS&b$#N#L)IQB7=3J0- z#c9dnS3II)>rKDg1tw*OzpWcGB zHjr|fwsugbA$K2BPH~yo4#KkC>RVRO*6?}q{7q!v-6YqtNvS(7)xaLr>C;z8V*rekMDQc2Wnwn-ib>d)qbR|shPn%|oxEoh`EK^i@r)3|G~7xlM{)Bs zUwWWoV!0q6l=Dq!D>6%ag_>531A*SHDuTu{&!sJev0aM7N}e;?mLyXmF&X!!v=z>u zOWEWw9dpfIlX9*j>UgcAv6J6YJ6IKDV~jRx^5;C(sS?L91azp~KvVRpU{#0!jqC4B zl}640$*d%_E2%;<*nu#Mw>NW`2VVfjZZJeT1o(3DEFoS8$EML#%K+N zJvcOjBdN^*#9{#C6G}R9KnTNkr5ix#KPo^Q{RJpIW|#*Qb)W-pIn5dO6aawdkaJ0& zYCstFqlzv96Q5dW-HuLa0GkF$B+`H=7=gn%9mN>r@jwwgv8n$6XmqOP(XWYV8))>b z8`NZ@M~P5vk+*wPw$>3qcQO+H09q0QMm!EzEA%xL&Ckn$l50Rle2&FWH53u-EJ(>d zw4USWS?$GT-jLUWjO-cWrcTHaUG4}{b|@!|_o}-Cv0~dty>c?fy^LlSaLv5*=BvVz zD(%T9rYlZu39>|5gLx4J&&+*ISAu^%Oj*FkAW;SlYG~TV3T;3D9fe6Y7B*aD{cAaH zQ|e?*a_NK&2iKajZJ8ta+b5_r*)c?tTrfi!D#P4WBM>KywtG~!VEBn6fD#7M1zc#_ z6&_e59-@frxN^H(ghmPZNK>Ahs>(55By5kZIW`eW<$|#U4IAZ;Vrpn73VvlCgKbQSE#-?Wqj~L$Y(bb2BJ=M< z)dlpr99g43DC5$daV5Og{{TB|e?v=sP@-oYnO`lpvHl!Y;!G&NF6Qc1wPmH;(b7xm zcMg)dQy9+F;*#`D1fd#206%rAR`x|}xs!I}&L0_CeZ8qK<~a(3p1o*VAbZ$~_J2Ld zUI5?g8&o$A`H{L~*08l146dwO zInR1E-IWz%?%^~=1Bno$bZqcziSY-8G|f{`mP>e@CzVTikrSQc+x#o0nv%P)O*^L@ z&OY+nT+!?vEpi))Y`P@G{lnX>b^aIB?Yv9jr_&Q_%@4@_XF@%3Te>%oJa$@&RO0Uh z{{XM*#FP9yws;ChbkHG87?Co$_2kzO{tS&GmCfIiAjyt7R|W8UbI;*fN^z3BSM~P} zUg~b&@L%<*i27ajoidx4nKE)2xk5g*e%M&sU)tSH!ew>^;Ze>#jZ9^IR;1m%k46ld zv|d()VH`$0W=R!C@;R)nd&2j3&kJf2LWvGD<*6C|hL(`CZtPC#(r>Akt9W|i;_BYQ z)or#+zbm9*XZ5Gpd_1>AZ|x|T2-^u(WjXccoNXAcUHs2K+?`h^*pEKn(e%Gc5p>!A43n>cb#(=$ah1F~pJCYL?e%!{rD;Z_v}JPNI$4y6(0#RNP-n`rOc#0`oa5D+V9lP`~3? zJ|Ob!;RpLYPDd`7E&Aj6)=~GZ8<|vAPRn!3d_`$>G_AJH&@sxEBag2&$~0HjEKkh1 zJb-XNomH*2q{XXPp3hml7XT=5$JZvi>p6VuNZwKNk)B0u9_)&W#vZfeypC|E<>Z>= zR@g}6%Esb-D=Lw`!40lQbEe;h1OijquIaZi*`2eg-VZ=IsEl?r-05yC;MCwrV^#+k z#yP08%@N|CGL}#dagHl)Q!Ck6q2ib$-@Z3j1G4oM&RNdsF4)i(Z}dNi`R6C$^6wPJq@DYEuZZfjuM?!9QtYaqUs~H;a=^GrKyZ3v zoK?2k(9Ocm$33htb&;&w5i#m`II4P0o}BWzznuovByTv${}eatI}Ny-Nw=7l zDJubm#{!nmT+*Q~8qqS}##9_r_nw3I-%`!B&X;$2Toyrcep(~D~2ZTIee_Fo2CDQ)zyNnUR1oWqN_Cj%e3Kt$XwTa3qnY{=g3eA_qv)r7k#cqR@ zC+7WnR7y#1Txr=|nRC6(%akb~L{#v`yIV zJSV2W&d|kmFYtf^ey62!y5_vM$7QXoHt~8YfkmYClMjAdvX+r&V{?BP)b4z^Ny)=w zKaFo{cJ_8Ramk_;VIL=*z|;4Z>q4a4YAE!-2|k~#Xy$pOjjqV$QMp>_tnC`sc>paO zML{P#o;`bhm78|DW^YeJ6HT5oJ=)r#l4g*SPeD^$s@lUO_f8DB$zpi=3ffXzbuxM$ zeW=~2mPw~w&gASF#}&ri$WvBVaDINEdR9|?4WNqm45DKB+7IyhihaCtT*^g_yUIsi zGlN;ExfYg!+^qg~%d@q|Z%VzR=~3KHqD2w{dC1_3agE-9-zw1Sv^mN9-{-YD!p1NPTf}cJ&)$+xxRsk-4vTWe$4jH=!UuUSz?Nfz6CCD6{1C8}NGj{ePWA z(rLHoToa0NJl1=kEwhC_#-A137Y&IJr~ADt&YUdS(4}&X^pQs^joC)&lUc+oNEHal z^{BmzS48Jcc_au51~n|2J;l5wnNfi5I?_`}ER6AGaXambGQ{-3sRoaKpY;vzSI-r@ z5{<}TPrFlt3ucq-H(&F`zY1LOeMX?iiwmLi7+)UZi8T9^$!Lnzd%eYLGAM1Hd6qTc zvBhq~;dvW}n0*4&N@^ofxpof=+o}29LPxze`$-W1V;h3@H5~lgm$4jwEJJ{}Jt`Sp zS;u--65N&`0sfh&3;zJ5u)wDfdYaxA+e5;xlDEVt7&NDf*uV$f z=9|23z*F_1g@rOGp`Qae6*mhJlho%lD~3HOvDlCb#@98twB#|N-7^jcr9_zGuJkj<4n=D* zvS&uXW6e+HNb+xuuvfJ`w+21RRD&5lKO z)6p487ITA4VYuY>t%=xaVt8Ja#`u8*cWmPui3HS0xEVrOUG|0>Ph3|^;oHEIHM!{B z4QB<>4qF{7l5z)b^bGChw?<@agrB`m+wx;HfCdy|m#E}Z03MVu1ZS-<5H~$BQgrP= z2u(&^vH%~A7aguH12qC92cQ&$I{*$To3@^mz(XY<-Pb>bO9VeB6ds(KUo z9VjFYrhu>mo@rI4LHV$|sys7}i2NRAMj=dzu&vjGR*Aia;}H>x>#1zEeqoR!Dc8}MIV-|#N<1*fVc`X^r{nFPtTTipK20BN?i&pt(?l-pGva|9i4Oaq3gLeCJL-D8)>NwV5SMG zS|XYvSTcDy6=oy|y}9mdIXy)c)Ug3w;1=e!(4C_d)k%{fSRSC%WRMP6)~(qHr!1#& z2PfL9l=B;QM;)Sod4G2u&lGaIppMr?NZn)vDFpiBsa#t~TXPJrwOn1ErJ`$b6`
O-#Cv40CdF`=3}>0Jx+H&UqPC*Hi*NV=Nt;TF!dpTJIS7E^}VO>3$_RyjZ1b7 zi0>IBC2#=kjw=%N3Ty|SxTh@=E*i7zABT5^?{BPbBrIS#gfnL&Jwi*qF1E5M zNzGlEn(UT;*;f!=%K~|^uvL|S+;Q7AZ1Tu!s+t@i|OlQ zp0n{Tt)K}ll38MrPSc*eeMV^;#oi*llJ%1Y3@fXB0JtLoW0FgTk1Vw8z*(Y z^%_}5yRZL~0eEfA5>i)MuRi@}vf3k=A20gTsCWi&Uifx{lT^sOLF<84dvz!2^O+N`W$ zhbOIUm56%kM)r{TY`aDeVcxK$(iGgZvV=uEZ6_6+)yEfNw7wokC+yLD+3I)(rm)d2 zE@v=I3dny8|%b~9}nwBK+y~I-NXxdEm87CE!;w>avTY=J4srFN$%m6GH<)sF@z?Kl zr(4G)?SRAq)tRZOF}YZ5n2tlvK=-E?+%wP6R&GxB5^ad`x~Ln8tCqHxmobR~5f*Wg z$^5(3Cw`@}-K@$@yUB@Nte6LEW^DjhFWw2$o&>r+MM9Q>s9 z_vW+pYrRqw#QMCGu>KNH_|}rBn)rVsHOk({J#(mCNWjfAvyPneQQX>HBE>Dv;AQ)v zk2tPta~f#2H*Nef(b@f`=^9U$AO`966|HY17FGmVGH%Dto$Ey%45uz_5zd$%{{T}T zXg*kzqaKyq=^B67t>aZH>N(w3qLURzWnyc+a?a7raySp(vnTN$lIgN_5}w%u`PRCb zMl$GOORiblJIiN0=>3qkR208(n`77Fu9YpM*8c!u%C>)u4E~0o*SvqHYJLco&r3;QoTx`hHjSgdLsJ@Dtv4;5 z`kfO^!pq3qgsbS7>Q)`UV zND;?DimjL#@=Cm?fF+l!-t3BLm!Zj9;vP8} zrTjlS+{WW~D)4GHan30)A@bRqJHHB_ZvZz2kj2=&xu&*507Ij)Ch?xNgkCQtl?SIpPSx|(6l8a z#;oKi&pg#sA80$6kTXqa8;`hwA}ca6Bpe>xRLcHR?&-RRs?
    zP?sm0^-94Ur&Z zM#E#KYJuoo(h;VS?=yY;>kE!2tC%pn^}e0v7|)j*CnL z;*O(=Kqfutp^Q&_({=*cB>r@OaWuh`)_@(r`p^$1kOpZmGn!y7067#IKsB2KlS1^* zKaB$sn`q8B6sp0LGMtJoA#yW}^Fd?jngd|Y0VbTdBO|2%I0}9Te)IriZ)#y|lj}?d zkb4?w4m~PH1QI&pl_LP>9Qx1*wGw;O&OjKzq`<80nuj2gC>s>x6&X0q0vbuiX{RTp z3}fMix*lsqEtL~2e+pL-6qhR(%DkGXEUe53Vm+yhiQglwN1W0D3X#{XG=biLDbKeg z79UL3dmk?(?e@iT)YaIcySm0pmK7bn$C}4HikP9dt%_QqJ4YQm)q8o0Cj|WsYVTrg zsZx1N(lKBSNu#FgYeTNwid7LfMrpas900C3Dub0D#02KEC3m z>P#+(C5Vyp3=!UyBvPS5sd^CA*{$~bZcw34-@F{uiF<4#3Au>&q?71ZOOf2huNi2Y<@6%4-Aa-O89$vD z=taog7^g#@b4^QsFP8-7n%tEev1N!#-**_Nh*xIZbL~~JT)Nzc_iA~@ed$_$21p?G z6;^BqCKzyrrC82F^fi{_O3ZqwR=_zUwP`}+FC!mX)|{;MGm^0}U`M?{D;ykGL)8;w zK1_)+Sf6TmD$A4Buzd0^ zyACh_!N3O|m0teI<5!#it5s<~@X>Kfuxxa}n5R^8pkZDWo`4~54}QkO)B=24DAjiZ6vjw+n% zxm$5L2CHTSFaTuvjsW+ol3WK;m`hd*NYW>~&2Oz}_scx%b!#?qta5~puX^wNC#dR|amjabWV>LvNX+=% z?~3k{ny0E>w*LTt3C21z8diyatIR}5tg1j} zXU0CYgQL#$cT4*0Wf-Wmq|Sy;5&IqX{HyC|_m$euWJO!#Y&=QbnmpJX4_IU5sG;2mb)ByBmq(@Ya&@Oj=7=uoMh# z0QU4X(J0GGR^HbBx{sRC{=dxeU3u2)Q@FT|gNdB5AYfLei=%Fdh1y#ffd?$7pKOkQ zm1R&%LxOM4P_9*6!z=>Q(~A;Gr$a!Q7+~T}GAS8(8#5vXNmj9uLSAk@c(` zd4$`P8b={~U1oVLhm;#XC?=>Ixf=pg)6$1KiReb`7-SF+r+SDnM#yI8-m_9^f;4Tl zY3*0#D(ZTv>sKPz$cTvIDo?F+#%b$uxF>rWaQLPswlUm{@xTJGE-pmZO(4M!*z~7T zc1CIrET}FGt;lG*9M<>zCNr|eg$Er-;)-)t4qkPsJiaHrniCo*Qb*nbuxGv0rI!ry z7CZybH2thzfS{1Xvb{evis1hMwZ&*y*%6&`k3<|i$+61N0)7-1jWYddr+clw? z6ULH!(hQN_t2EYdF)RWf?>G3;a=wGs#IWAlZr%2XkNgZ(>wQAkc4L+z!`vDgYjgy% zYDyb2PZ%A(VOg4tws&QG$>As6fuoi5MC|k_OK+xmWl{#2y<=0H{c5zA*EVs8E$xvr zzz%Y1TJC6*leC!&32n1I+eIXYpP!)m3g)#>6Wxg&BXAR@&?_lPZaAdbk8N^qrXuF( z!~p&yfKS$vXND}ObGtuyF|4H9=xu9gilXJjyP;+c>zYi@Gn}4JwPfA&4W6XYBW>Da zCq3~}c>pj!e0p(?&$KG8`Ekfz4@X`YqPC zc$T(@8S34I3te8tMH93R4~$!_u7a0%YOC;$*e2v@ng;VoWWHtEX3cV`$^+n>PotuGa7_c!y$ zC=x@3+87PFKc7m~C3}%AUC1_;>QCi;A zNws7Q21x2FN;7e%+K~=q{{Uq3ilpq2p1K%!nrq)oZm#Z<7#L*dIjjkxw=y(V8JL62 zhoxsZUt>siD@h8$o!`8F&{Go9c0$EjM_duoxv$i>y~q_FIWn>lx10mTSvSFx4AL1o zeeNo~qXN8_Q*0}|9*FIrHl~+l0!E=YfD~n9h(@}ApE4( zw!Be_e9~7qyN~$yE!=uiU6Np3qXz>Su0E#hu^fN};F`5{XsxzI9QxHs>Nl|cAbEPMUhU0xtfhGs(+!b?^kYNd*dNOQJipbT@YFsk-+9T4o?r)+M&3&xoNk=&GgR|Y4{ngC7QXEd1@$)IFR3%DZ~9Kr%UbQ_VqZlNs7c=8zT@cJg^@cPE+v za2cml5a4+0N_rF4ki;0p1b3zbXw5gUSU?FiFi(6`g^3h}TxO8A?{P?EWqxjYR8FHg z98d&o-z`Uzngjsnq2`x3Gz^j}g$z_2kyAC%E7p*aQb}@p^GGsj>^lu0=8XO{fQ_U8 zbS9e87F>=#v;mKNN=dttd-GN2ndfD~;Nt;n8LPXNo}_X{uA5J#RJ2Bh;go~VBD07| zYBN&Y%19gzwU_2EKyzAM*e%qA{qx$iv@kx~k~4vv)OQ)VE4v)$Ao?1DP{aTZDjTrn zu-_r}=NTQ%PZ3DAy5!@wb5fWg&2}Xu2+uvKiWN?IQ}0)67SN2$?emP{tXm?=O0YkL z0=X=po$`hqeT721cP9M_W{b?);mVRT#Y+@S zs0lmGHG2wATM~(KKrE;|_{B#!ZM%c~r}eEl?5xO2#aP1^&fJQgXtqbVaYEE(7MwGM zA2A(GU53>si*o(p)Eb^qc?uy|Ta0e>6)b>&1_}C9P9>+I5etsLH7eVK^AMnqQA?Gf zd5~Obw$tYdyU(RoO+6qVcoFSN?$%_qGD~RX81j_kxf!aGXo)0E|oQk9WPO&?UZA->Ha_g;UMBU;L1#L+sr z^%$!5Yjnzc+@mB+rvPA8h%L&%&Tw)#s*O1=f^yjpiX5S4`B-!q>sMnR=<2MbvGu5x zCWWvytF%qD{vGQJRfIznJs|UO+tFh|r>kwX*!h+;^= zIUy7bn&y&}8;dMdmN^Rqbz+AM0qAMgRU@MPz2`oaCuYb;sAX{3d=)*~?t29I*H#yvB;x6-;}B{(amr}T_w zqLWs?{5ivTk>b79jJCR)-XPT}?S! zCNfSok}$74R4(rX#@%-A&Ku`p_?pYQzKY`Esrv}X;}j&=A|V8-bdBx_1YwEZtps_}J{@Jwg8f>(os%NCK&LZ)3%E+?2F6?6ikv4KyXUbDSFK zwD^|764J7)eL=0D?u_Q{NH48~zGP(pJ^gD+)x_X3ox|F+y@|Gj(-esdN^k{JGtD8& zVm0>}H0~>PBQXY2UP&CER{oT+*v7|mM!!-jcPjQ;33OUG7+J=w`0I`gpp{z56m-mai`qw1oeGOu)5<+)p z?)nN(C}yUz*FX#{gRT*C~C+k|dLc_|Ej1*K_ajJ|Cve@VrlV=3JFnRD8R=eSPVg&E>4N zGDB{nMqqGpL+mYEG4wlhzPDIG3oIn$=aE`a+*?{pDqlDg0&qb4!n1nabuL$CW$vkL z@!-jqjrSssaYVi?xRxOmt-tRF8;I*uC()G}cUqY2_ZPP$U0tMQk3vobTk_V%-)WIZ zWB1jEPo-rk^J!wV*%*@~uOT-3oCBPSkv`mV2z{ro6qFo_Sa6G3d$Ohgyrq?qqb~nzEze9%h6~^`H*16}kZ#057xTh%DT+LawR(RN40Vv4* zDyx6T{{XHytXi`=BeFUR7cDBDl@y_k+b{!)&29`tKfD58dtq}(6_Jol{44X-c*v%N(uOwOQkGsvciBaSg0!v(+#`qhU6BB%*fO0N}OUWdMD z0|xPeT)6Ho}jiPoxHukbM&a9Z{NgEQh4H;5pMS23wIeAJPJgSQrT6q zSnvfjv?PY+K@32K!8c-#tn5tRABcWV2fceNz8&5P_QQt#UFEq!)w%lY2=vpHoo=P0k;X9Y7BAP(h^MS==>w|TmQP(_B z#_O&#s2-rMeEjhJ;%O$vn8rEsv;zJ+iZfHf+(k#eMBkOts5>S^PxFkwhdFc6&6Ni{bFCTI`N zF+jk8!v~rM2LgcsARbL2$65esEP8QGJAgSLQt}w|TrPT=c1{fdF;FgYdeg=`3{kiZ zB%YmU`Sa9Jz;~Dd!6P*8O$Y@U0+-t~z+BSM02H@scb56!QezwxDLGTcSXj3%X$Hdm zm7L%yIrJ2=S+ooD14Y4=*r?!|uEb=}1WoCRX#k2k0MuQi{J5u<7~+5-ao27EJ?U4b z4o}vA1A#{2iU3TCLTCaPU^;SXtVka8n9L1Q;H;uJh~4~M%|6aK84Rp4PeWO<_92bN z9J;VzPvcNL!RG0LM-?qulYI%y26#%a=hm?%v@p(6NZ1a|o()pI$gK#aja2kMooZ;7 z`H|%0jB#06+U!?XHRO++4k|yhZejBheE_W3+HAS@NAd~A2I3A|cNK1<(A7DwLAVGc+8eby36|oL zNYtt}@O@88MVJ>m-voQo4Tr}t5`5&a^{dwJESrR2FzbUuUBIt+%C4mf@AU+6O#4i` zc9#Ttp0w?CsBTt~v7N_{T8cfT`F@pFVztTTiHQY%@2RDVA(BDnvXrzFeFw;kk&-A= z7*a+!q6$RFw7Z8VOie5R#*d&;TZn_yIl>mA}EFibLu&*Ag(V$8_*(Au|X%A%Z6j-=0lwI z6y}GjG)h7mH&A&!`KzV~9Q+u{2yLua2?8WE8D);{#dDD zxDh_>rM+uAS=?psv_m8e?oc*3Ui9l!T!IJQ8Ld*di_I9>mILvsH#WP7kf^{lX(1u; z+D5|-8WZjXJlRBwPn3XvyGp~m5j5!B7HE^7YKQwj6CagF85~r&jY!M;G^>0!D(xqs z70-CuGZI><8fsEF3OG_Hl(X@S^QOycYn_sBqSannCC{LB$8of%9-XXjG&%10~ z?cRqt^AvX;{-UJRCYsj5Y3=qFi5a%Kmd*#Ut+^LEPiOj*&2@BR_+L}JyV8vJdTj9) za@&DZyFS^?Y0a)_w#>_Obdb9BSpie|8s4@U%Cw_N^LiJ{%B=c&7Oiffyn$!8kVzYK zAm*?&{{R&>j}(C{q-j^~vvQdA;O4p15}z$cYY^RzA$})n%`}^m(8j=xxFE0NTrKp{ zn~5cavWXbG0C>rwrC7r1o`_AW-5E_J<(raw@@fl*muL?+&^953NdSp%L2CaNrG(zcuI zahF^WMj2RS8l!V}=gX7@3G}Xp^b22M%jPoVocfX|Sy|-T2jy7FT&1D8rQEHoo0J7& zFxeU1T5?JNho-D=SE-e80vTio!Bx2+9)hs$EZR5Rhvjd&NbC61rz?=r zG!a~Re=@E+8k*gX;5@UCdX6i1D?5*KT$#R4Az2^=uXo4&K^e%=%DZ^>l~7t zs^n8nPbG;lX~hq8aCRR!hvK)Cpq2RQctQp(qW%+gOOKqTCsjPA-si>JVhs5 zoK?*iS^m$R*5XxU0|T~eNIPgt*66b@iy)R}MvSVSj4IW(yQV^_5>Tq#w_Xi(MlYf> z_ER(;#F|6Lx9x}l9`%iNuj$Hm+sauPzI=BTO;2kIG^cWosju75v{@vW0~kC5_*EFE z)D=wMV{pITkPtteV}6rJhpF{u~szwCih&pE#{w?^4TV{<}}he znn%KtB+qWl&f|^P;cx0_Bc+=M`cYOHULs6Saul z?NFO3YIoij@Ty(A`7yD8$@huf&%Ji{+D3r&Ei2;DY}k$W^pU}1oBR|{O;C}-R9 z@G4^l(Po~JWMQ~3ByG8Q#?osF_y@Y3j&RIyY4Y1qC+}SEJSQwyo*he9A2I^JFsvS)MIW&TmcXz8sdnZl9}8KOZGVpZG^9Eza?IG=VggIJVZbRolHtwf=e zGgAgtnF`!78T_e1BxKVWI}r<4$uW>g>S~;z z`PE2+Z^7}Q)|1U6X3}tL)RCi90d|4d3iM$m)a9-55zQJ%F)>^pTF1Gu(_EEnw2b>W z6{j_}GEJisP+_JxXm7m3oM5(aD(%0FY~r?6nnr0pqLOY;L~F|Av>ScnXjUQiBr-^S zasD-fd8=ODCT=C*{{RT>QBqv1UCM+lt219dSpXKzSkv^Ii`nBvRsi)R@C9?hb33zH zH57U+m5f$a%Ni&c>T%Ykxt%TT-ex!oGhJy}9IsYnX=)5hc1UKK$!kp#)5$IH(Z^ zpX*u6QkKP>b5yTmCNqwvqJIfddX-|z{I#VS!VKcFrMXiTzu6SXzt$cxn%dfsPV7RH zOhLf>>qa5;(eiKxX^4GO)UCYe3uNU1I21LY)3Z3a?f{U0rz5Q}HsOxF@GAtZBSwzu z#!)qlE~F4tRhr#wWz+!_8moa?RB7^{kfy1=j)di;f6k{=Qk97z)0QGgBH}Mc@)P@`mf|}|i7&-jt z1ct0=r+_n3W`r=^gVvNaF%HH>Nem3fuO5`H1?cU-$0IeVZKWBPcE-o9DqHF?w>o#0 zxK6cND``RbhaR}00c>4IYyij2>s0RUR!p4dG*}GBUCo+|L)w@MEtr}b0KH8Y0v1K* znu&%79cU2{82Zt;6M;Yp%{K?R%>xd7>6s^}#UYJ6R1?U{6CU)KBb}QC@JMGTp{v&O z?1yV8$RESNtlKEcn(JhP2N}&rEX}!Cr)XjDBYY6NT}vvr^B^Z6*AXCqCPvuDi{prv?C^1L!c_&)y~z8EH+o4ZZdK0 zR2jE6(1bYaLa^S3g{88#1F7BaD#Jv$Do}lB+)F|eY!)&zjMgm5rdD0qBB^Q@5n$Y- zErC>TAaMTxCUfgW_0%>bwwiPSP~`n-W|mf99Y#UwD7t!$7on7J7~_hzmyw~tG_2UH zR@7$_x`?+*D8j=ZN z=xV%|MpnSU9>W-^QElClwkLuIZQZD)5O&6U)%#tr@LvG> znwU4SE$V22k-^O{sq;GYt;9idVlEEs42sO2!T0Qpbo3lna)D`-m?OJsUcBL;=mwcQAPz8L{w$f+^sH_Cod`q5w}kR)&rd(}IcRc=u> z=W^net~6KG;Y9MKiAXEjxi5%iTTj!SMhi24D#m{b^){#RA6rX#1+Kw$GR9wkTaIdV zbadXXtcRVzh31?jqxK-u+i=9CAXE{1PPU4f-5Ui@!htm zcjsJLDx$T<5c1_g2uk|XWn)g}HL9ZC&b&6S0OJ@pk`h!tkc!Eh{Wb>se z-FG=4{&me#tDcOBNy~jqlXQ}91;8h{sQ&=8Br0GmrFv%-&nT{-r1l~gYKlWA&FfSy z?!>RiKT%O(H`Gg8osXQFzcs{956`$aw-uy&h1)Y^IOHBruX?80E^1!)B1}g{!NvxA z(nhYWl_cV&I|#KDlCU8153M>fQe2fS_*RNnV@$qg^HUFipkNO593U)%V-L!k-o@-` z7D%CB;E6qW#X8#XPK8|l^PnP>mC%SLGew^<3upL%q&9NPZnC4RCr(dFNvMq^O%zEH zMOG4I@<%~dmeiSwL{yqi@|L2JV%EyqBF9m-WlrSgnk@9jc9It&FnhKuzB(f-vu$-7 zD;+hwqB42_Mr)LxTAoRX$Rjz;RHbAnM_aRFO4UQQCL5Uh;MYdF{4qqpE(q;JUBXC~ z(^a?BR}t>W<*+yvaw$?)D!c(&b8BK;THKh#04>E(Xv~stZgck+)843_q!(8aX`sl! zv*WiWxh+dxxYRBJTLz3b%eu2t)VRj(?34QdE}!SiF%mZ?J?jkFtS#VA%rZ*qvb%OEYwt5E;bB>% z@`3Wfz{$z0nr@YOsY?*FhFz?2xk1O{RZ5hk?_)|-`JLOcJzG%lhMT7Nc_NnLX|CM^ zC>$Updshp2;EVfd5b6@8xR3^qJeCLaADt%jvtEX6$C~|R!C(;-b<5=epL}k-M)pzB<#-C`{8P7`dY{)lIHP_He_udrEzzD9+nHA zBWrH#6!oh3^)hnznlmS{^4*Z1nL3Y3spK{e2I|eLjY|5V!Zt|vsBpHJekpe z?VgoN=zQ&+g_>!S>7!yo?t9>7wFZr+yhAq8azDB&stKI(oRi$opGwo<44-00m9w)0 ztw9EvWo@Rt#IQi}u1Vej=g?Kk{lnT$+n6>MrtsGeMwTr9EqPv+k zhR8mi)oSxvOQ;!A28_2;$2FR}S2T34%o#{+#e0lkisz<@kjTfaa>?DArOJ&BB2%$c z;PuT68)6kXD@M2v4;jdK~OwjpMOAcBtG9?T)$TtdWe^ zJaT=isTr7)RJ0QXxM~WYx)AU%x0r+&Kr; ziKRu{`|7w)U@}lD3F*yoNEk$X83B>738?DO?XZ_Rlt6`z_mk<`poZYdIu#kg`G=^Y z*4$R=Y&8B@-Prc1Jfvo4PUfX(1%;9`X|;O$)Myq+m@wxZY3hXT%9gHe<=ZAo_G4PE zit+CsT5oVN=5SayLMuYYS-7=Ok^>^1neAG^+eSlI)YpT=7K}p4xij6mR-{)E&+|gz z*VI<`YjZaihsl5mHBL1$TnP}6tKZg>++7RHP|Ss?OH6tOw6`Uhsy+lMQ zoRVrltGjo4*pQRvz#VDW2fyV^1Uzw!(}zl87b6tM`IUk0DKJM3sKDNHh2sR(7zB~- z0B79R4|AcNZ-%F7G~KPqMk2OBC65NTTb%50Tzx4EVABELh7B)nv>+RtcBI}j??3@? zy-zeAMF2M+ojV{7O&}9^>~ldhz(N7*OeBt&q`**k;B)ClaY$n0G+^V3U@j@8GwVzQ z5ryPuG`KkTsR4RpJkzo<>p(q29`v}Tz-wT2r4#_ufOARaE^xmw_N3TuN~}*}D%3%^ z0MG`_oM?bF!z0qR;??0*5u{`&9+fRNGQ5|DSw2|CJ?YK3#7I>fdQt-pXj)co4_`{7 zBxM`F<5Ucf=JctAM;SDLQMNKO%|&x66+1pw^`H#b+)2!&{RTgkH=K3NFk@*xln6bk z4^LVEU_9rVjn+bVem;~jfKt2?O;FTk^5Y;7J?a?ZVM3(7{DaSawCjLWle^`pZ%}4k z)P%4-sh()qyRv@@o!I1!n+cbO=jmGlV5_?sX6P!`s=`|8S9@%OF5|o$2Q;;9-*DVk2OHel*GK%3!l#`hiPr z2HnjKIxT<+er9jFYI%fF7FT88+nQZ;1W|L;k{YO8EI)f_4eLxyrzNq*G8=qJT5w9;+s8#Jo(->k4ksc7g4QhHw76abj3(w;42-c)X+Uj7nZLK z%FO%J`V3Q`wOHiy1LS9bO&7kz@40L^d2l(!EzlwZNg>|mY+H+Avx?HRfJ^gjAPT3Z z#M@H-!n|OCNatebCZ}<-)wC@3!GSCdMDcYSjz?;@7Ga?p$GC>)Bc)o38>Vr#MLvL< zaD(a^Ey)_f@@d!@`2(=6EjvlLc|truA6#eu0IyV{f#`IR*tN7@y$gZ;+Ru>(o?b-* zJprweB`d`R4ng4dtcl|e`(n3{u}-B@(aHyJ%cx z7&qlskut=Q&1{GyWMH{fC65CYJQ`#9dE3{mH()b0O)SYEjR)^BoPpA_E%fQ_%N787 z6W+0sMXOwtOwkjOg1vjyqa;#54tZ|)p*snua#+=57*D(0`qi+ZQwzmf)RHNY+B^n1 z`c{41+is&?g?gG8)})$?d6qkr=D1H9&*y2Hc+V>AG5A(fUg^Cri1wS=?M3ucr183! z;aXkY{Y_fG)L!>cOKmyhjy2$wI9&b}wK~-zlkA9%SuU*0*R@IIwHAh8TsGHL7{zgK zyv$M}82bw3n{Pma5;if+1ivuuxy4O1sU(2LrEoAuYMC;hkplzH(0*@fM73u-NWeYn zV-~G)JQT>OV8-khS@A?37+*%+!4KvlzIH7YvTvfNhduo(jL?NQvq zBWx}}rL(X-hzbI5z~-7%V*yFWb5U|w&9C=VZqIB}ge;se!+X-WtV%GX0zVN}5fzWj zLXXy}EO#fkv)yhc1Z@ML7_7rLm%}4}jcs8j_7s^n23^1&#I?~z_z`$7Zy>7r|abaHn+GvtDCyh zuQcn1l33YT9&_5ND$iZU%Mxl2dv0NtMI?GAIIK5 z=1+g=T{p5awze>C?;_Qk_qdD>ob~)GF`!#3#byD3RE zfOY+ACi_!a6J@iu)6`=Wr0%o@6tpu)J9iB8PKIlZtqdUH`t<&Fit{OxTiPQzOR4r8 z_sOk&A49Z~XOW_sHEz|-|jAW6T-=Tta*CHx0#cLQ}=K>w+A)u zc9w8h+NHg;YaD31KpvmYv8#2bL#8eA+UF;$-rB%!(rvHg^X9wf1b+?>^r$ooqvIVp zquOD&gXG@o31j}xJq1%-_mkNi@K@N!@h65yhpffbz1&fq*#7`kjl?^zn6CLHO7s<^ zVxpQk<#i^{Ik|>U?H3HgEOC?Gw5+sucFQTl4itB!<91tiMSWLK@)u$*#UFduHJfhX zCJQTM3eIS#yQ6O2)+U}K1f)pZ;2xFNLvSLD3A4K#XT5Ju??XB2IpRi%rk#Lh91?Mg z=XFSnUqGgP>7TfVA-=V%WX0W=62e>ARyIK#D}qrt1M63{4MNh!FS8Ok7$A13OG_a= zU6IAzEwgIMWz076FW$~GQiueK1Vn8^fVR>fQBNBD-h#HVih7xv zw9;R1FZ-ntX8`r~s`_n_o5Ru}`=v{acQur@w_{C_OTtzucRkWg)eaQbL8{00TWy|7 znNP|a92y)I+8pKY9L3~N>B;6@6=@uBndoZ*@pr)^fsFH9vyHVhPUweB-R2htz24ura~yP>9FcGtlETnML(XsNfnHW7qJei7GRx zlisUb^k6!gp`jpL?)DVP$w=EB#UZnwiHgrB116X6D`%5b_W_NyVqctZYIl$g{hJxf-lzk!$`^QPL~oojU% z^wi1KirAjxLbKEDw#ylwLOxJB)-z}~nJ0*X}|Yg-6oNEMFbf$Lno{nJmX8Bi9EE;0sieQH@z z(C97Ee6b+v!!-7dcNPJ2QuYzV>dK<}U+-?|RGKg%Jag8#Dtt#&c0@_FZO9ocdx}T4 zSuKjUQ{J;|(8LzrRp?gvuxiB7v@-dS^fcbCh}bTA$sLN1^7eO2jpEZ$~M(j0YGesHwsQP%EN3nJ_QT z6-geVpO2T`sfca>qagR@gn&oeicjL8VqosvY2fiq2tr19%{U)g07k|=>ptUDx3vEN zUmypkT2EaN(aq`(v&hc_hE_S^siZ*^?qUh9X){}QHvBm<`O?A&Ao4!7(r41QiId!1 z{xll9h&p$s?odum03$Xz0guv-`NlIq2Hc#JnoxQLBReB0QSVTDk8LizfP5VQr+mdNL17m&k z84*5Q@z~Tq*}+(H6!+X}Zaax_U}G6c1AQrhXY%o!kEJzc1$T~KMgaQOe74Swms$`I z$u7Z-fK>^uar|GEI{{s#X6R}+=yKRJ0T%0&Q&WaA)Y(&yHM z0BOAjNzDLPn&}Yj&&^!@{o>qAAw^+>gP!#%Hp;b?%U@&>N5JP5M)4Wr^3Y`WsIb+H z*3<4-7Td>af=el)19BdFj%ix^GF^>J3t1GaI3l)_mkiheX`o8Ta9p$C=RJX_@D=fa zxcbtXE+WXMvVdx9Nl5uz0)25EwnGl3mI6qpS`#oGMF=qT~xvi)>4wm2M0R}+yrkhy~P6)*z?#2LDi~-FI z>?i@wOQ0bbGW0b2otKdZj3PP=9CxHWic`R4w>XIJ9SP`bI$6!FxCMhU_2Pj$ zJxJ{JAKvbe1D?XH&vvr6mY|>MRc%FLOKWhelb(9jfipw$s*y(QRxHOkDV7H{6s{UJ zCp>ncXbj%cu`Pm}3ci*iLITF5`-|DUnB7riH$yMb-ZRoq(eNbrq3uA$Ht5R*6_;JA?bC zH5>_q+(ADPI~elWu_elu2e_(pK_Z1!QbG33X3)(IIUP{%-T2k< z?^hCD!V&-{BZ|lJn&L;CjEtOMQ)5NOgtfj=atO&4!1(&uK@F2H3hc)o^^Hx9sqS|c z^Fwag!x=Ni>>L{EEF@^Gw?c|sFm`k6RJD$#Q@>N3*KS0&a!t6ITl=+>rUp0a#djR^ z^{nlwQFcc~d!$?3TNg|tW7j;_IH=aLJa@6WgZCStp~B;faxSE>A|orTtUmD1TEA_5 zWhw(aklUc@rN-k`2)@M0GL_V}k2|%wjG_0wfv4u$^qKD9TH z&I1+seQO&JaauUzP6*9Zc?0pDMLRYoCh&O!IO|d)f%Eb)-h}MLA=Tww$O(A+jMX-| zS>HKeM{3)24%#zBY*?3UnaJd^rH@eZ+hYCDdo?s3rO5Ro=9dR(?Z#@|zlcmg?HKGq z=zj`o$ZZ;0e~H-uNf?C(IUTCa{{V?nSUjw@{<(hi=VpQSGCtPwx|aYj_Tsl9(QNM^ z4;|90k)8;yDa)5+H=`Y=X^&}gzIk1zJ9!5+)7nfSl&!oXKt|H!=lRw=*LrMB?Q+yp zMkP|@xCfA1ueVBY;9A*_@wLbA!URYPsIbeMzbl*;raQ zN0B#f`^Wfe)a6WE?XmB3V{ZfE;c%m-?xwh1Li5d;o&w9yUD={iX%!OAnP>K}WSVk9 z`<{O)FHqY%B!rFUp&hFpYv^fqWzD*5qF`gDI@B>lBVurP>z->BE`zqE%bSI{Q~?Tw z0C00tM{cPa$twJ~$ie2CP3VTKjlT_P(Q22nr`V*pTyUy{{yE~k7sJ|B?}l!g?O=gm zZ=yy*t4g zt(BI7u}2VINjpFs`_ob8k17+JgiMbb_>SLEfvuV@SAmn$-vYe8W|9l2W(ZhD*#Ol^ zdpjcvZM)y8rTwJ0j-f-san93CivHp<=<>+RoCCbz(HYx9n!e_Y8eEssE4l>k4$?WU zg4i{@W-0coFK{?&)(YlReF~Sla$H-xOU8N0t|Io`MZ+XH!tiQppo8dN(B+CLn9k)- zK4eEY%>;#%f6GTXAC(Zg+^O$!MbqB*8Fun>&g04d01AEHnQIlXjtH?J=W_kw z_}0n3geg6QlJ#_(G!iLt!-JlG8s*%}eS7Agnm0W=)JcvDsb5^OxwMYnS%3GWL;Z7||~Yf|ZYFs>Otc-YOBSKqjB2fbd>CJl5?wI{03B6V<_l0o94nbb}jKGl*a zzY`6M?@>IvU506hflwDMj!jm&R_D}FaiMK^LzBs*ya3ygNDKiGSr~!atw)fc^U|%m zi(;hnhXqvRQ=%Chbj4k)Eg8Sy%W*ENBA$Uit#sZawgNS1feZ$6I@hHYqB$x*e6Qi{ zWyu!TPBYk=>H!$eLCt9kUdB?5nG0JZOlEJHz3Nl6FF32Pge(Z-r>!yHAB`ITqt`uX zG_D0(=?qqK9tp+NbuG zP?aRVxpn^c2B29ot)EKatMMIiwTPm~I6Q)C$QhB9$SYYr#%0_`vryfEw2T8*q>M`g zZ5)A`cLO>bnV9WW+&%kNf^Wx8wM`^Qkx3xESlj}PDK4V&?n9yB{{TuBjAJel_JjjF zt3{ZIg0Ee;rM-zQY5H)w)5NX}a^#GPC9}J>ZLXebe|UARoEE~2u0A6XZN6Yqdo@gv zy2+0(3+gIu+)bJ=As;ex_|(ld#VsjS9`&?zF=8ysDxWF2r4B&~ai3bT*poDHX^27t zaA^W!fr>}1H#jsg4U$F}3aoyV@D4rc0Z&r%p4pP$JI|$K+UXLwf3=P5PI=Gup}h-E z#VuOQ*#NO{tm1e|e<(_>e`-a+;h10VQMK7>#qzz@cgJohvJQUVw8^`yodg&`x?@S@-*K;e!l z`1ha&s<1zMBi@yqFCBAC2cj7vR2ob66pfGAzJlmuza(tb5s7?bU57Tv{pX7{P{ zDeP$&_$M8!IvC84BQWT3M?qY%Z4h|AVa{<<8%Xi@1v?2lmCR$#*rS2h+N{SP911Kp z8w$us01SFlN-DnXn~$w$Gf0t1D*^|WaC_5&g&UZVD+XT0S#PAbB&w3Wy=n*4nnWc* zs<%)QE4N|Psx|%wS==2LYR@V*)$;i!hwiFR%qXB~6eu&XO88_`>{sZS3}e#ZraRfb%_mepZ-t=*f2l~@%%^`31k>~BUV z4YfMPbCc;!KOrl<38qyWBi>juzR@ zLjB@CwQXs4v6b6rK6Lp!;@H3kjMqhHV$W=+VL3bkI@T#BXtYLVp>J^v>>dH1?vM^E zGHDb-BV{4M&&(>^Y%AzgnkG%JkOO*CHxQ?3$UGX!t2>hQdJx06c>w3yr8dNmG;|d~ zVFRhaIs7VU?U9@S+ld+aRmI&{S1uqCDGWLHs7yvf@*l)gwTiX(937(JzdDvD^H}A& zd(^PK%jo%ya4<)4-nDEbo;4)_sgxT6$J_2BeD26SMl)Rnrlhf26ENM8z!l9>owgL8 zG9PcO22$vN6+dzDlU7HF~ z0(>(8k4oM!(OvFruL#{~d)&^_Q(d)tsYj7*0X*+)ZT6*y!#*n4uKd9ATiYvV&6-wK zYv&%!yIOLOEcZW486+EDuqdgdQtE5EsHZN@Lx0!(H{#!d zp!EZc*0YVw>ASMswua!8oA-o|lLxIk>?Y0s0C^KMefj8W66{lz$?dQ1EuZ8=ECZ%< zk?or3;g|bPG%7s4Gn(2giASkJTfH`x#seVp8>Tyo!?M$FCQZp1#H3`f&*e&1dxR3T z+0rM6?c%aNckd(vIX%A$&$ZDmuIJqmYj{VmdM#j#x4F{A2iWa`JNd290Z?43+uFM^ z1&H;n5t+~4+FWXZM-iYL5PH=1x?kAs(l=4DPD^K;`qVwm8?v%7d|#?TaR9PHS(B1S ztz_Ei-)quV;wJ@$cPnv<&TCCdhr1I)K)klKl%%SwA>(PrYopX}E#D` zIOr*JH*!4!ODl^|s7!YeaNzaNy>7=dZwOa#{_q@D$@FAPSE*nTp4C?HY%xCWje}RY zI}K@8E5$*aIL#MVs}@xT_w>(7kg=N-a$OznIo;(`djM6mDBF{6RCk zR{DG``^nEwYRNYL0NBzAU>Uo0sWjG9!2{+dlhz|!ok~lxAiQoql?p3KGZs8nOG1qlm&*Z1 zII6Ec`5BD}26@fK4M#hYdE$T)CM0LQ7mQ80#!U-wG6*9i9^ERf#!M}awQF%Qj7r2D zbrn1Z923o3SJ8B|CE1HsLDF!)!Y$yefM6RSXx>LuVL9OPoU z4HH*0D1zsQQPk6m)KXVS-rbSyNs@9gTN#bcIK@Wgk7`T=R$=#rNEj1HY_E44O7Q?P zp|aH|AW{Pr{L5W*vZ*l4nLfs^O6=%-ybwi1yOeNuv9kHgf*d&q28H=;A3u9<6~j|= zt!l1C3;d{9I7szoU$(4G>$MZ z2OR}D%7y8g>q_Y6*sF12Z*Vfm0rlxs?d{A<<%T2!-5S_XN^#R3tIDU6}H%?x7; z?e198sdLHW>q}stc}C1??`$Ti7L2x+sPaal;!Y)KB?y9ZP0U5$*6Es;)1 z019y-q{~Yo$IaK;pSraqO~=xL8>pZK8OJ7${Llf{zG*OXoX{~d^J5vM#wY;+$vtU( zjRF*kUAgN(#0!kmfD{VB&V8t$1S%L~Bz-9Y?HI{FT0KSzjrYCb`ntK6CQ01~kK-nE>TnyWr$4ium zM9inD1EpD3Uc>`Pdk*bUmm{IgCNwm=9)hD~lXm6c)PS+&iQUFKRN+Q5`qMzbsmBJG zMg~c$5gtp9I(pO-l(&evIH`NsXwO`)`b?wdVaL*)W|@(gVWEeWjU8FVT~%~u=l5)UGnTFk8!M22C>C%sq+f$u;vt;FIP0(B;u@({xu z?yP2M6=Fy>GvS;odK#K-sxU&ndkV$wQZlcjWjjn|Rl5;T8$Xa90qg}AuL`-g?PXP!2iBJ|y@0ZCsgOtp zv2`?8Rwa4u>rFjLD%jhqjo-!ZTM=#8Il-%L>_c4?l1a^1E6oBNr*nWh3YrxX-bEQC z0>D#_;+DszXxe(YKu8PkU5T}}wuEhECmls=uEr)k;|C;eteKo9K{a4wB*Yn8+=>Hb zed&PGPIxAt8U}1JrURyk859g)3VpUhfsSf-22M%u%{(2$rBImh3b?A%T5V!MKS~B? zTuB@Rl6kD)(o1yhARq<#MIK;U!7z+<9E!0NyQAwxgf=-kspN`DIRlRL)__<{Vz1f3 z=ExKdwJnOrMW@(X&#l|rNC8*|_ZaWmy#hF5i9n7uP(1}McO4GcEP0TTSA_zQYg+@q+-m+xjCzm%@9K0Hyw#JeC%&hoVNm3 zz-;5*qRTV0Pj8UeQ9M;~`_#wsajwHsGP?X~`z@ygSrZ!Ey&h|VjQz0sOi zXOEc4`A=NeM=jGbcT&4E=hL3n9nFFdZn&x*R^Pdj8}+PQZa1!|YQRQaflPL#MrQ># zU>{RSs|D?$7=hO;q?}Z$a;?ez z_FRYE&P7CrY0eMfQ`b^a)oHgDvcVe3pFHt_>0KR-m8_BGH{3_3IIftj33o(yI&j}4 zfkOTrYd%=60Z_}de|oZ=D{2YfLf)5Vw>pZ$DmL78?^}0TRJM^7wzqj=eRM7am;GkrFD7pD4v`XgVa$im7MV##6n~oo%Yj&@bBY=cvITaBGtBUZAqMZOT}2f-6ZRV6~Qq2Rk!4 zZM#RXsC>Z7liRQr#`I@LLdBH8F%GOyj1Z@q+|n-o!uz2h#7_&JYie%7YWf|BkX_s1 zNDN0$O62uDGVaidNA7JMMR@=*Ia|0lBJBRS| z{HhWOM92QfG0YhRr8CnQAFWcqg7-|h6GB;Il;EIjel|b?O0fgLwy|!FM;(d4tPNvc@_>n2BG16uGm6Qw(&lGAV1?Z9WM>?nywrMB z(OH|jDUQcux;@-h7j3g%mLk4Y5eC6o2j@)E<`YO(>P{DwB%BZay+UtfJGP6nwZ)ke zTMfW+NExn|LDeRm0J$m1$iTs^;L#ITS2_iibJnWfT*4O{^4Z}*$*r60WR|5HtxPnj z1P~KD;{@_WT(_`Q0q$GOld0yV4`f@70+Y9l_NZ@&SV4Z9g;70De@|t))vh%OkM5%R zBh5kLYsjLuW^xSj3X3TFo&on2=oZhn_Y&Yb{%pZDe9HNzWCPeTt*AIo?uGM>WzT`I>sSagGIWPR~=R zY!?WvXSj}{vh7gp+C6Gk!PMBWVpNC8#b1MOm`Tn-;Xq#aHkyCL%)D~R<}gSSZU<$C-9?yIOdqFH#t1wf&gyR3}=~; zath**xB!wtsbE#emSXw&0KoJ$8*YV(T$Mel8CE#0QJd{@ob_sr+cxaLZpTn7hI^e$ zVi+*$Mk>T{lCBBC1B!>BbRddGa^7J%Q;JERIFNIUntQtr#HiQ`K_D8;)g=us_{mlS z28F%G##`M^@dS9;m!?HuwjO%EMgsI0=APQ3ZDPcZ9w=0Ds@-!_3>)ZI9EJxqP~8da zb{NP9wHtWiy4J@y&=`UZL9=baH7#5bWPUW54aHasv{H1XU=RUK3JVj1Kn~3*=8)_( z=QMLbhLBE0Ajs-Lq{cVRC+>`6){wucpe#_-@hy~tJb{|!nmiJHMP(yIv@L1YUTooq z-Cm-)c%#|?0;v+&D2(SMky33V80YI+5-0;ab51#?A%t==K>TPU)Mk*!0YC%~T4EDt z&ATTwz5VF`ap^(pOatpn#UYE4NkD>van$00hG^#;(gB+RZ1YaYq{6|R_oNIxb3y@6 zG<_<7MmX<^f9pVOOBlz}ulaB-zV>if^a7RNK)sCq70FtEoWv2HDy#@Zkb|6>l-y)e z5d%rjtu<$0dUT+62DxTqkVoTDwp*#CYXHVUOc64%A-FxLuo4h4%^*eep`aHFo|KFS zaZ1A@Xvz80fvMy0V5B94$OqUl7 zE*KSz^aB+PrLjv=o#b>#dBNllO1ogK<>iJuQnipWr6<>x{ZvlAwoj&RHU59!?rtDJhwOK3%l>`=CmS5xQB5$ zBcbnEx7CcRGfKoGjpL?s$f+Iy5-wVs+dxJ^f+n5!4CLoDA!LwXa63_Z?iMyJF3Wt3 zpaI(yj_dZ1loGy_x{AeseGWeyQzyFe*Rdy#v~C?t=8&^)J${uKE47FxaOsK$#g5_G zcD8>inMAVupn?azR>Qc*5{#}%$E8+(oZ?aW(1>V7K&{1Fj7bsf!1~bNaNKOH6|zVf z?MRrD?uuv`Ka`+nr>UspNu<4oJ0&kEakK%P)l=3;iTo$9>G1hB@tJ{HFft8Yc>@d+ zTExhsGJ<~gD=OqF=bn{U8H%!g?f3&MY3;bi0t_EodoUVUKmqA+gX30V5q@l37gC;GV$tsBV-C zl|SB6IH%NQi*ty^PHCapWGl6bp7bFxPY=7EY3=uD0@OepX16ryql|(;;-XrCrJ>v; z+J(i?Y?f`Hk3n98Zzq`wwPQ4CN8)6);XkyR0j21SI3{=h0MKh0YlB%r zabId}&El_K6}Zl6Ewni7icIQGVr~sdg6cTVDm4)_R`R+MgY&4RZHLLmU#Y>ZEq#h^ z!=bjwB%Ei~wKO!1FZRqp4Zu0ADeCMwX&W7k_Rwregk#N4j45E6Srq>O3j0@Gj$7%e zld8r891=;YFrwORnMvFaAlEBi@v?V`JhrU!tc>Gp_QfU6jS*erB%fZDQjV7;J2Ym0 zWl0k|p#ev)TF-b~62$zuu4t?3Y9idUEH`A2UbwB*z4L7Vg@XV(cdg>|B3hXjS2Ibu zSOPsgD!s9r&Bnk-P&3w-P(t1zxGdgSi_~KntmADc0I1;9$qK;Gx(}N?jz(%|?b>7; zK6YNK(;tl}`HNydCQmSKC;8Q#ta#jb^zTmn5YaMPvklA%A442DHWMAZZ7UPVLD18JE=u8b{Bl{AqGsS%hjU*y*&%&Y@}M zO8eEh+It$d`%I{v0t}3b=!(+DExV1mx{BT+(hQGbSQ7o8R+Nb2+q3)K%@PHD%=`T& zc}JCN5OR8z=qnQAN1oC`j=3YK70)_m(UK|=vQ@_i(zHZGK;JSJ9P!OWG-Wn+ULBN6 zr>nUIhaGCBuc^B%imjN{xg(nE=wWNftZd}epjSo?nBa~G{{R|orRBzza;bA3BPSb; zO6+Kom%4U#b4PUuk}?=~sjjT;?=8$zt_NZdAl2UHHnE+i-lmx&+uiNp{H6PfnXcOH z+(uPx$esRP zdrHVh>0Fd{$5OwM*dHYh0}oolY|u4+=T zSG<*sndXvM#9>P2we+1Wr$tr+2dAxJ9m~Curt+<*dlI0pO~<$R)f+hy*6^>KK>ilb z%4>a7BHCQ*Y_1}@L%L$*afCR{R@H7UE!2o3i3^McJhAt!7Q30-TM>9~OqvIl>g~77 zCqvf)x-g_4>sFoh3AEVOxQaF^&I492h_6+2^BTA^NN}JUVp_8{;&st9s8Ig^tUoqA zO>=Ww++SNssa>&ECkPwA(y?z#n?rtMrts-mygrd`2_#wCPf}}Q&ULzj_orpVd>+QC zJxt}h68BJ5u$?4eB-%jtt_J&aSUARO3h!fDO3AYr+cvm%0C*5*$r-K#EObQU&g13JgMw!Hp(nUod$PfsivQqjWw`}j)XBjl+Z{7 zk&)hkiX0fm(Tb{AJ29$6va4eZM+T{9F*rQcZYDF%*$=O3Y$R_dp*2ZZoy|=W?JYGw zF~gL>1TT8&rq}J<0Sr=|yz(p1rxxRMVNy4d9J<}Zkn!0_6#oDdbg6#Ztvq4ji8dcj zf30cmt=SF{Ov<^QS!LgF2$c`_con&AcRR!xiFE_2^GRqntXxZ}7>$5PJD*ChBw~3& zGggd=N9#;*#EraD0WbjdG{?4j$g#$j6{puvfFk6a^SjYkowaB^2Jb);;x7}{UjztW2WEQRph~FdACz^*; zg>Z~IQL`oLEts0!7v&6xoRL>ynm3*Dn9owYQ}hxaC9)JAPC!P<2BoruzN;B0BO?N? z4^cgizqK!3gmGPHz)t;WVz}xv>q7xo1aV7|>xw`j=cP2$0Kf;W7#ZS=fV>WKNDsCs z0L>vIG=Oe@I&WG-8?fh!jiGk$iU5L386{Gs#tl}FK!s25S)cL6PoYXyFU4yevSKK} z_7yq;N6Y{;>`34--k0&J+yek}MKK7=xE?v61B@QD3{G>5(w>}9AQ_~_2_qRa3^}DV z2#k^&j-ACmkj4Bc%^(xLX*%^30u%}j03pseriEkHkX&7~z_>gUM#Ci?I?+uM1wlOX zP8g)wM2CPeO)c+KgeWwIn1Yk@q%btYK!iTj4|)bICwx)>BQ&(w2q-x3NCe<^B-0)v zDEYo$r&^KhK#@pXppz&&p1++=mg>C+KC}(?8#oZc%-w}jvVoZkvgditPUG1ZlSvNS zgkT@1HFgaXju7IFgi88CuLgwD-Hs7+Men%oEVd1751i>Avl`90b=pE@&umb&*jFpt z2UxJp-lq$mYJ`WqnVQ+Kgy*=fdg97EX9_oNJ#$?0z3gnBg0-umLNT=W#S^T8KixOV zD?6){No{Fx>a5Cra(mR**1lvwlY%`BE9wR#TL5tK(8d zh%c9ncRlG^{X*9%OLQ3tRl^g`4ONq5U@<$lbJCi2&>HFqa+&+UR+K}0Tl1Vy#8s9M z>`53t^&~qZ;~e_a4asGEpd$bp)bMVrW2E?uPpL#?g_mNUK2m%0S5I4|yECb^&s5X` zU{4n)<16&6iElRWF&NB=5IPdjPwW6ns!>0GFZxF zR(0Ao7D6~ys#XyA#?kWf4NHPYy(A$v=dCznr7$K|^re#P$c39cfyE$3$A{$*LZ>{p zC+l8;rRqvhAtRc~O7BpMBf-spPMd6g5L8XPtNU{U-A&9x2oE1Sh&VL$-0%KVnxjpK5An%jUrAJbhhLn0tvjk{Wij#uIv?9=F zTag|Y2e}!pm{Y!_^H|@u(h@EtMI?@$t5Vh#hA^OD4&Ig57$X+$SYVBf=o=oRr6tAL zx3zbPGE`&$Dw?p2n+KXM$WjxfVC8-VE z&o_?5oZ_-|Eq)6$VjUVm+aoni6T7lFy-Qa&zrMJbgV{#|@~lBK7sM-&PIJ#S%`bV_ z=!{LhD?)3gd9Dd5{n5b9Znd)7*^sdZ0Ng+$zkb+JR-tubWi4!BrLDqW3EncTo;M2W zVO3-V#H*fo6>*BVru5L9w$bP-Hup_S*)u$hRCG{rTQp>yn6_38WH!Xd%g^0Cs?kIC zjl}k$XgNEWy8E(16cyg*08;6?T#?(R*4TfKBRQ zX*w`f+&JtjUW6v3&CLasau41eKcWm#A!ZIPGHQTX`gi?rfYX1CP$7(QRdq1Q6*U!z*>HTGZF<+}G6a z#*<iJ;KbvE@D+F##CdUS|tAPjmw%$*Lrqm zkTb$N^)<6;sX=!+kfCyVZ8;*eTC1XDud%sc`_b{72Iy+<7{RTgVp6<$6n^0qnD=hg z$lNnsY7#Zfiet4Ki67qfshhI7a9vDuE9!cR$$Z7_)bt(w1$0;1TT7(LJ;3tTHT~2> zfWKdQjrBEt>qNRuy0?bmlW5*JEIRe8mo}2Xf_TF|069*$^dhfgHtxu;MYYD1(#E8* z9ZxmN-XI!$ymBj!yLZ&ulJ|8o{$XXDbBcYVpD*Sa&2mW{2^Rz46{o?0Fg>aYE^>j0 z=hKRs7RrD>8qPySq)-7MW}@4}8baKz7ltj(S8!X{dQ}4&=gW&fl~##~LQPuOOsOft zJ_ai-W=*g6vQK)Xt|s*u>{xuf)tCT3H#q{W3GQ$BQWc)|Y@fOZY>Mn9w*Au|DI1P3 zFl)XL(^HnC_lWI+ENUfOdV(pgR?cA2H|}IOW%NJNw2VyOVjV&#CwmFQTWb~;n7?{sJsRx;zY%`L6_Gr8YRg7TcI5?{6A@TzqvVpq` z&{OTA`2h#7TASz{O9?NRY{3C;d(`#}TUUfAI4hDzL0Z9GlP6?#LxYBF=7v*(6yVoV zFa;cBk(x%2cV20+f}8@QwMN^##T}2ONE2q7SZ9_WN@Cbt14=0jGfD42tOlA$11E|Y z!`_&|&)p)B4qSnPd82nY#Q|Y{l!r6`zs`d33(XXp03_m?U$r5jyXiLPo@hWg=lp3g ziedquT6F*=M!|{cKo3`(&JBqdOh$)SvN5Vpadr;}FF)$x#~q!8J33#~*dBPu3- zY@XH7*!W@y;!w@Gfcz?MwnK6*OQpwc8EhPVD(szo9S7-8G9pjSS%{7)DG2;e$H2FDeKmuZZyoYJhsW@yMSuQ zc%_eNQV+1E`;B=OlF^z&z?iU*@vHjzKY0%E{0q#OE9oRJXV!52# zWSoQnNaHoJW?neL?%WLzYYTgqU#B?yDh5(=X%Aut^AwOnZ63882+w${gMvrDdfJk_ zu8is{#>cT-Y6YzA^C37vraSq(I zNEi$yBtu>}26CWqTRc}nizU4-h%c;+e{>DLwVw@}JiAv16%IP+PWrQM*GeJrEM#D3 z=BRF9jt0t{XQoYCjfKsrb4l?8R<{dpaTZkZxOO$%AxRNf5J4Fg*-cp@CatJA1dZen zDn;`4;=KpQy_8gQz6)nT|Uf699y7a{6KR+k~l^euhx=G8*D>%*gWU) zs2b(7mTc7_T(5G|O&Jk3(~nx`ZfqsA-!#kif_Wu~;#l(A5to-%sZ zNv3Fm-XPN9n>=ySv5a*!ld`fl!C2P{0QMBdF6V(=2^ji|9I* zTrtSaScmN-(_8>@c|Mc@PU}h+&ZnG%pIX(l)BLEyupkdpS(UORl~oVQDvi_)G-Y>f z2h+V%B%KyQX$`63GpMw<80dE0Q-^ zzC+8YCm@W~Fovz2c90=47KrCPk5O8K10)L8D?>SM87GQO+ebXr2x~4!9ci0X9+~&e zFhqlEcBgCvQzei~7{~wcgs#=7c4jD#wd(_(RLZq)9H#6nbytxr&Ms+-)P&oS6Ijb`@-<}2m zJPJ~1Nju%0CW|aLmcj@5$y})SsP!0RvUt+X404f@!xeEv-tNTuKC?Bn?`^0qBq#55 z{Oh7?ut*F0#`H?rG9<66Gc_xlrMH?$8#^)%tva$~ zWNJ2#Z1OB*`BI$Ywriiii*2*|cNM{ie)-o=;WAue(SrJPs4WS`4_fBvYt*qJE0Q@h zv9mG~O-V+Tyn*8b8NjKK;Nr4lETa+*YBJ|(1BwJ!W@H?k`&0`cW9dXpHQ6h0 zImoY08ys~NrpW&Qi#QzAbAcil!U7w=rCo^XRfW+M+sXlC@9HYlZi<*(3{+oInz
    4t&(gFykPs9L5Twp*}UNhE|k@(Oph}n6_JkpM| zh6b5{dB-#iRn9raX?YY}1DZ_pKm|0Mw$dp89Qx2s26I3QjEZWh2PEc@4x@@-CgGe4 z1AEdPg$IvXDToJNX-W5{0h%ZfnHlDn=|BvTH?9dI=y6I002Ewe@kbuC01yoXfGGeD zl#DVtpalYsC;-4TaZbPhaZNY?nm|N~U5gz4H8I=>0*%028d_iim{CHPn)P^Ajmjksi34l4I&PNo0K-~WTT1Icim@=HKGA?#SE(gj7TCr)U!3z(N z$VX~+WVA!8-dtR!<^l+Z_qeV)>U7*f9p3cUkji9|bDB&J)Wj|+2>DG6Wq9!!$?sOs z9D+EhW3hA0+PsrldWV}T9fW>045VWm#ModeSTVmU!D|T`5~DDbm2dE+mRJcRBQ-mY z)-bME`Q!n{deomN0ftL`YM+qyCyL{05QhevBjpZAEPZKMmE6L+Nxadx5zT7pkxo&a zQwQ8tJ6LUZHX|w`+dnLQD=zlgRq`KqdX=~>3R0se-P)=)@<=QQG-!dAE%6%lIrOK< zyU^!6`cuDAZ?Q;Qm6I`y;Po}DX$vXb&G=B*ZeL=hdB%Mym>Y4ClR^PXuaM;^7hG93<_(jFB4RiPh;XOVJ|l75soVWHOk z6}c$Q{3KV`-&}n`ec{a&}Rqk4)*$Ujw$m{K_V781b zaj(}EIYm8GAHuP6XHtqqE4?b(??&JuILYZ*@CFwxa7h99=8KHg zj$%3oc!nfYV@%yL`iQvuKR?TWjum2U5=09r?&zNq-IgT zZ1O6jC9!Ti%ErXrA%x0-8#}slTXxqGO%QF{PCaWyBNrBtI{9saB+XogQyO7O#a`rG zNiHPh1IMjKoQ&@+pM2FNU?0?Vq#;4c&S((5t3OkUNn!~J<&UOmFk6Xbr--8hKno7y zv@ig`;*?c~C#ai8KK``e1yzM{N%?V23(r$P6D(}!1Dd@Bj^pzTQf|XV;in*8zl~Rx z))mg+KN?)ZB3Ftdh`-W>aRqWsZ>|#34enlE;mr zrdQ}VtFx4d1E~3c4DQ>3+*Zx?{J&)pE(SQsJ*%BNn#)#`Bh##;jXuy=7AJ9HJ9<`T zsdY4ID@QR@k-p&0DLV@KnNkF6GmQDFLub~s?OXds)R{c9A}$D1f(=62<+D0TZUAV* z3=Zct33n-(j^YPOneIM??Gf4wv?${_!5QRNcR7J}%GfevjPgxy4N;WNX7=9V;_g!% zVH+EcMo-eJTWj;#;@zSpj~^iBho+Y;E@jGw>YCxWxBC^mOs?FW-A!ufS_(sGms5Q6 zNzM;yX>$X7k<+Qvd0}EdAP1nRZ^I2bR8f*pj8=@pbDQwg@-3wCJ_rqt2O_#irShBr zK2{&CKCHRu$6dtI#wOZIMsj$rM^=kVGz5IH9blwkK z3zEZ(it4=B!Q_BF>(ZyO%U9!Me`$${*y?fbLtMr8cZ}ASeT>Yu!|J~)WNqfPb|x`d zEy@?m+HxE4pl(skSc+HBw3wO$iBt6+lVR zltwX8N`Qk>*c>LKIBWTc!5OTu+b0ra;kdu~5IaF`%+DobS&F5HZcC}O!<5)9KL4DDhwO}2=6?x%$(HBU>REyIg@mH=Q8#X?(a z%%E`H$?rl9$pJCh51W8GX0`Mz<+lCYWSY2cMBawxN3Rrq71UxhKIS8yDR6WCG{8nY za%nnpYFG*mMMLGb^2M|5NsN>n(&OHpz*<8<4IL=sIma}BZ!OPCQ;cGh02HK(1_0;1 zHID|Eki{hDG^aH-7y?ILDZ?$^gafd1MnLcR)reX-pa_ob+^-(BEiHgbJJSJsQ%71r zFEk&1^uSt9-n4*Ddx}-YC;%tYlwyPe(hv;+VLtCcfl0gCfDD2-#W)%OGe|%u-iv_D zWb>L(iaEsqJ0g@~fe3o{qdd?tKC}~#f}~e+3^D$5OSdMAh+0qq;(#Ye z_Yl2VxE0;#J``CXS!O#|^))V5)TFPW+1lB|X&6XX81LSzYI=kgkTSah=lDfruQ?mL zMm9LP?PtA|ym7YPxgx4fcOI3Ts=S}dwtBu)bK2)Us%qCdfy2HR&~aITfjdVgs>x`8 zQRz;k0g5)BXc87Hd;_?5Gj8bDqHFE0nwpe>qNh$L_ zQVnA*%?m-<5bO%)xUA=ujHhxk)GbN^hE7RdJ9nlMBP2QesqO?!!>bLEgW9V@Xwn|I z6j%yECfq4p`4`EwVdf6D%U0KFl+4*yv0k%$f^{N*ZjHH}arWZ5h zU8e@2JabG6OwIPMHGb#aJXO#^9jOBo13f9Z#ZZd(ZTr2y#QX|Wj0pDoP{txLRw#RS zrd{4gYXdVLdrdQ+RX|RB|J*wx~ zU3dyh<2V(UEr_}-4O{&HTL{$|8#x}oN~t0v6|b!O9`2o#vd zTz9E1yh|*Be1I1Nt}A6E)!CGzsZB5Ao?!E?7>pcKh76>RhPmeTHt1!~9BnHMWM-;9 zp2VLl@z(~S?nSPG-q<9Aa^Q;U>@6cP2Ui@AyPT0)^5_?^w^0R=RA7VL)Gff;G5A&u z6tzRejMoUIM;^6mT_Qw?Fkap3p;Njc$y}(=Tw5j)3FkX&cS)Jj+sxSG*8;jJt1U^M zsI|Q%xsKz6J#klA+GbFMFMdUIT^TbYR=Kq*%W@Za7zViZnS-*&DJTtd)OI(e*_UnP zf_z7D_q#DT#b#=7!m|(nV5jd2&Ay_NwuV#2oAVgPeFZ&1&N-~Pn|2aRzZ4UUNR7w8 zYTVOB?3qa4j^tNN82V~%MPqs;Qu7waPB^ZD-zyjxKKZV=nMvG~pK5Tzin18Hxa&WO|(m;O}Uj~8DM#A zbguhLvk4iU=QESt{{V)yrJ@Ri6BjZ|XALYylJ?wBXGw`a8@d7n^bMP2Sp(F%`#G~j0<%gD_({N z9j5I|yVzCAux-QMx=2I3F|*=KV2*K$mi082=BL}ET?*wHO1pH=YT)%uNovTaC#kP8 zrj;4l_ECotKa@);7&M4jTJ02FJBLv$*KN@w9FDcNgkV%l za=H`qox_1uZzS^JXBZ?>T7xj=x(?&soeSig@mir1ISq{S?@+SiY$)%+b4t4 zrd9IDEP9Hj!IcJn)OMZ^TC$0Selbmm>O3Nc$hkhP*0+)axS2kD*QZZol5gH*p;b;c zkII}v<0VHP)oobJ%w$<7XHY`}#ax8>v4Y$Y!K~42m;eR|r8vRntdXKI*9NoiZCVLM zDE8-wa9!m!3cphEeidea(0b5g?HPd&SpTT-|kFysoUJW8q5 zoE(m8j-s@VtKD3kncB?(=+sTUpxQ||6`Ck~C8oCoa8zQXu|~io{b*t%kd?l5C_<6e zqlJoIIBrHVDuY5<9mLA*z^Oj^JGUnp6op~2#?o1^d=kTGe}A8Kn!LBuX=bn zpaY(1n^lkA%^QI3gNlu^X$8ei+38LoH+o`mK&9zO10sykae<>~??8kI z2LhL%xEr6G%-&Wz9kjOUtg^`;2h(Ch`p+B32G8ugnfg}tI7BZ1bjo9JmzcFNj@rk2qk zEynL(O5^Tzdtoto*tx5MX=o|FW@c($D|sREZB#^qxa(ZZ)4a@Cn6`aQX%)(ddKJ&H z=8;e?Pjg5IVd#u zNG5IHH$H}-m&4vhUI`9;3C$O|NtIEWISg*SDP)Nxal(qlt1_+z1UwKk>x!XsZHD=K zdQdcD&pTSrwaFm*ik{T8nP~cY)8*3ad+bm4Si=C>+o#|OsI8`{LP=&j9sIFozxu${WQ}V=k;GcTE6v|`A zao(HMor=VUmpS}sX|g^}eZ@OmW$ivAEycKhy3!~)`q$9$=^$zFsty7U)uPcO2`1+3 zShCXg9LPAWWmQpy0DUN&ud%H-*j>mvZ7$(o{=y%mzYMH^hAXlEXjW zZ{=82*t%}*oh%VsS! zhO`PtnAzMr4)to*#I#QR4hsT>ckYiLC@LwvfBPo>O8_1U}p_o$$nYj-H>RlR!A zHD#eumCIsc#BVt{rIepDaI7z>Mvb1VmQnuscM8*8YToHEyGI?*O7Euc6A4FKklpGQ zw($uhJqH=AX#7NZL~=5FVx9B|#`};@tNBw2A}x{EJabh);U>LjVys8|RK2CkaZTz) zd8oDC-Q=@(HJY+YB=5I1jGe+7Geph2e3;MDpxDy4Ad^|9T%&P|V7^YEc_my#-J@(rrF# zs-D1BQmJhUQNH6WwJ9Bl3>Xu}>e*aK0XZc48gP}ts}gbt6ovNnHK`&Af%T}aOT1g7 z8QOEwi;l#}DA)<_PW!`*(1b2P_NEre>%}k=2dcOAq>@yLOUOcxT1|n=>Uy)!GbBGc zFHBXdDEA}=3!=g`muGsb*|3Z1h47{z5bV(IU5LrOzxw7%m{Obc+tu3d-9RjM6o+&pqX6sSSQJ!-=GnYLQQixR~>yll~M z2;sk4r*=f~I}l@Ro*SvGkdMy`T1NxKfPL+#RLQKb2Egb}cI;yPXWyc(Sy%gy3WneQA;D z`y0+ZnuTo)lW5!y7BR>IsLdnY?n_gF(8=5ItuLV|9F4@0X`0lE$YzXi!17Le*HvW6 zEuu?jCj@jSBBt+iNotb~M(LK%Yp7CBAXh48V$yO*BE0IF$(>Qyk`WuiRO2SI*4@9f zLiQai4X$1FHI_ZRkq!SvD^!`}$b4Y)is++U$Dc}4v#~|RAG#d#Sz5MM z(ec+bqqsfJZ5Xw{Q`A-QfNMc9^17;S&uXg#zGiXFHL51UpOhR^OS46ixFUeD9li{w zBcG*NVZo{utaM%(V3v{`;1{luB~#GzUX?eY$u;jW#E#@scc}ydD@ODn%@YAJ1aca* zRh35y25Tt2N|0|-dFw`b?^eVsO@USAnTZS6cWOhiQcD&j%L5o>^c@X4+V#io?pI^> zJ(`P;a^Z7|joalo^r?FbbAr58H}YcxYaE|bROFB}9F8|)xhh@A>hv$1J))okAaROf z{{X2Vl1*eXT{Jew3@N#2rDLCvo;|7V#KJ@7OuJOJ-g8x?ZP)3PB!N_rnWJ=>h%$^~ zk{!NT&UqCpR54;;V8%copUR}s-Hxuoa1bfyJ!?pA$$K46Xs(k0%^9F!{OJk6qW1x$ zo`Qw%)S5sjY|@iL0Vxkoywd>`9ltkPbs!Lo^`un`&`<*8{b54J7~}1o50xJgl7L&?}DH z?@Dn%2yso$dr|}dA7M_Rj7mbl@kj=!QP5(XNCP;ha2k>aO{pb zG;OY$4pic=j}TodY*`-z+|Y-yLg!YwpZ#Q~9+|A^CT4C}{&f8W*%KdHZ2%`Hwkby^ zr63(g<46Xxfz;IT5CLxVp2I{lTrngm#b>?3q?u~QVqF_zgE!?(vTSBv#Tx!p4AfCXvFBoi1F#hO4`J*XxgfK4_N!Lm$`3G&-qe^}WU!AkKOm1oPDunn zmPUU=McC1mbu6ZHCJGGu)bL)!%%VWtcgI?%s5N5Qku#mc2c~JWxMaeRN%W~DqM{>@ zyr7S*3^oJFsvFQq`VceETADqoxC5VB7>2NYbOY6nDwMi>f>sf!AaTLXO|&Jn-hmyog_JPl9`(_~;p1^=vPN^BqOLLS zP5D*I_c|ll@=i~tX)J8_-Ksyzr1EG`_p~(Tyl!;I!|Mn#+qjdA;r)H9Qqxd`qQ@vP zNsf(Ouv%zy$+_xU7cq8VY0%EIX9~j|$m?2MixW27Qe@H813dFa-n)%EfZ>j#ns$3q z0j97uyXj%faO5|wWl~l}MO~cg+}^hB;E;bhk{cPW&&;d`sjgIKS|V8Fj37P!wBwDu;8OzwP}Uz#oT7lh{*_)2 z7~1)PE)nDZ0BGYCn|hk6e9GvtbK;u_itHwA_fBz7gTz*ME)_`x{{VWQGbh=}YFVFE zw}LW50)INjn(pgUV2DD*$EZ`%hVBtvS#AvsMTSya-yQ2_+7!1=2GV(@6e&vNjUt{n zKGYmA!8rO=u^D$dTg!4Jjj@j8)|5!g5LqxyN*i}TP=m*MkY^m{HDVWOK9s!ypa$}K zQW1bzhyYQro3YQ|_=Xs_#)!m@;e}@CT65Y4~W^=e4l6zGdVUEh??q_i2e(yi6V{KYA zz1@zBLes-q!*>}NkZwKd#-rs47AWEKBxcARf%U6Pp)cN%$6VVjp16L|^DLf+02+?z z5t>2B3-@!*YZ><`JEJXJq@jjaY4ycy{{U}Z+(s=Se5vE7H8GcR)ufYVmWyh(>}8a1 zke=0JSGh;jETe1^8#wl^h`YO!EoE};)&9vL2pPyZA$wHD_DNwoBfve_(_0a4<#;Y7 zyJktgNYk>Py;qubjv`kI6j5=#G%&Qdqq~;k>Tn5mAQMwYUrV?wTm2qG`5I4lhTlTo zth@B+?oop)9B^v}*#pSq+Ze71%I%#oT3BkM#y}m9G~`e8m3)0`CRug9QfnGf{*fns zw2%|&(W!*7^{q&hEN(q|R6WWb(+J`x9XnQjqabTHZup@sLFkTo4kkm?ku{nouym#tu+_^G^{E^viyg%vMR-Bpc*Rc2LUZd>n2R=-GTU0W zl;Knykb9ci)3pbd6?QzD?2FLnm78Y7aH5bn+~TPJfSQ@Dl2#^5^oRps1Kc?t(A2X7; z-N7{Bxg%586d{N~2+y9J)tv%8*IU~eU`RD^WXnZ!sibGxK*w6@F%)ts4_|sr05)lQ z^`rtEV~(^8{xks6xgh7II)DmmcJEDq5ziT=&IKR>!xVL*;3qU1Kt^~pxdMTX03K;^ z>L>u|(w8QvL7si69q9nLqJR_W){K$TfENcm&?x}8{OIUufF1^EyRbUY8;%DwqJSI# zJW{gbngEH0cr+*gP%(FYG`P(OOi(@Pe_8-(q@V(f;(!pG_B53@7*W8^JJSI&bJL1A zC#?W9d>7WkZ9G&DN!XU5@Dq!R<-A4Hj+W2`~V4tv@uk1(Y(6H>J(P!xBl%SE`3{0nxniZUB6%tvay2rct6 zl09e3($Y3T^9*2d zT0K7FC|%0ssw*>~D4+t004pO@iRABlHQSVRV5cmn?$qM;-3c+<#DRFpz^ytN zJG5bH^R4slkAgU=k?AwM22e5wUTX;}y-G`!YAp7G8!+pJW7m$AMh)aJi*RAi4@w%c zEj#WoyR-iA;r)eLi-DZ;T=JHqNWE<2WRQNe`-{f6K`1{ic|EI2QnZjr(Vtt1w6Ga+ z?b4qV@lR^9Mx}VtksaH#ELD;A&#r+Y`7bCb<#4MxgnJfNy3{__D=yM(WO3_HEzM)HaE;){Jr z?Nnoy_oC_OE4C5eJhK;&ZQajGxdra0J9$vZ;xW(<{{UTFU6?Cu(X$P%qahz@48Z&J z6?$t|wJRsfwm#j+t)jKKuC_-(Xd#{?kw(TNHEFG5b@|m#xZ<`(Qf(E6o>jg{n2x_c z&5E$GG+<$v{#5J@+;oWVkC@}qo|#p_s@PY!5(fktaOvql3!Dl}j=7*iNjN#;vhJ+D z(I(@QSxs{eF2s;&QK<~wM{2$zR2T{e;Z6{+Jx7ECBxa46Im!HMK@mL32`tQUPL6e( zn9fJ706QcxB-2@kag#&Q0mpcfMxIQ@22kLR^^Pol(+1(gR|Q#WZyga8uAd;d3n@6y zO3}Z8V+v9tPx~X96T4O^%T#P>dV0@pk22)-+TY<@(87>{5->f$#dXCP$=sjj^#Yp1 za`on{fdpzjbLwf_h8V^vjDBCvPND6ThPhE->>(ammF$A(uF&0$}Gks4p&J zh87YqB#xCVH#pC*i|gWGV18_nd)Gy42lhpShT5d$-PUX&6 zf%K{Ewy9E12|VJkPRxEsNo9JmhAh3fH3h@S`kFY%V7=>jy$RXfn)a}H3LS}Z{E~ZB zqx-*^K`MHR(GcFFVr5&G$4m-lr7%rCRtKD5Q$f^+NsPx~7-O9CQs1(Dj#DNu2Nath zQl^wHZ#+G7DBSQvC|vp)sb`aSD`S8;t_g1=x>4noi*h0#n;mJP0l*l@tZpj~m$!V@ zUcmQ^4snWTI+v0qShlWeW!<}hP&Pp%%4FEboYhOEK2(4n4;4#rYeN(6&WET26=DVk z(U4CKWMG+K5~L-RVy> z!*Lwp4;iLLyHt9fO#yMoo`S2vk-Q#AG`0&6-ozvd*uhiORSBotYjGT_hYCO=y+pPx zT;yX>8E1OV_V8({m8_q$dK9$9-vxPI#uk4-{sQ3(XlcfNy?H zAIg{rdQ);u04O|jM(`;NUE-85CY{6~12mZHKn@sDO=lygCV(BBeQ3=9DD|W)1pqI- zFTDUK29A`N4Gp{QgHH#adIl-{=@^P)7qvIb0k?Oc2~{}hnlaakE&>tGaz!b8^)w7; zT5E13W2Gj*krZQ-P9P4H(1v98rKAH%0+%?Zz)tj(hq!UtlQaNkj`V;}=SQV643WZ& zk_A$2N)?z#oUu6hX>L`Es@YuUG^0K8XaRbf26KuDBt;zws|bp`(`;e#?(I)vpnRhy zmY_qukmQbPHgd$0XhR#t6kGz6-xSFjNiD@Z3PWR$T0@h-rUEcH^{SE*D>)R37gI`z ze7>i)D?j@(_fVHI#>&6mH7Rvv-pGdQ!`E=1+y#(&gM(1b_KRrLOKBl)lsKt%8j>ih zTt{)bP0D)h^sRWW%P`%=Os&uhW=}NXIjE+AatUxfYC!@NA9cs$PIpy2uHo%cGBY42 z8!!)gPb+(Hc%t?Tj0jPUJ)2^Z0W>k9n(APdR#V4nf=kGpZrW9cL+L|S0?ng}M)5>GCDG3j34T@`GaOQIr@c5U@xMPh6ePys~%6`!dPtL{ZyJ|il- z95$x^0KGXik1W7(-ntA5&mlibuOalOaS=DEs^wZ%<2!r%)3}9HWh7wYos3ffFsG6z zIPE|YO1p+eHx86VHsOQA4x)f0-S1WHU*>%O0C>^?+JxdeV}LT;S37AJoqxFCs&n|% zHeW+yVM1iV&!Da^;vDNOwTiE1Z{=Ck_)4d{I$5qFSr`@R!5QoCOfPI>k;%`?h3AlJ zd7X)OGsLeT13V9Gb5f=3$lhO>h4rl5njM!?8TAuy8zEe)9=NK)?T#de<>H!mR|{I? zGD;nTV+3_Iprix@4%yBtDerQkPA)<(7|HEW+{(T|$mIG|M?$35wlfu#xN^q_AOl*u zb?HorG7_p&a?ndc=$F98|Yvg{Fmlba+Pq^vzt0!dFhtBtoQj#Whd3 zpDJW>_*&{Axj}4tAL&+f{T}`@%^PfE*CVxPqhWI+qp^bUPaoO{Dh4x(zp28XWp`pR zj2 zhFnp&Sa$yaWA&pRx%}yXg@!uRWc1p18URzf7(CO$fIaC9a3FT0Ii`dqeIs#9cG#1V*@`z=r(U%_xzN0CPxtj(2FH+(9SOxt&tx zS)>Y~RovqM<*Fpd6{#MLZ17z(%g2^^&lH-@qdTz>+^lKooaVD`#+FW6nKtTW!$}}= zI&q5WG>brrw+AG!r4h}SZ|_>()!7D4IIar%No2SWbWhGcUbxBRi^B6-c?8Eh`OZM+HO<{J#jMX1Dnw+O;J3dcx^J1LD@ZZ)ph!wCJ!&i>Mi@+< z^-44%;f^@%K#^>d(@S=LgFvpD-On@xFFlTJBgT^F)m3bnw|hW@49&vsXa+1 zVTR667_9gX2?X^#Pz3U>Sw|xj#yB*V;VngogK`de+g2p#4tv&%aUCazfEsp3Qs=F1 zuFx}z^rNCUr0&Grndk|oNpP{LW7?=gA-GwFS3LUE)CRyw>}fX;Ip%->;Pj($%@+#} z=qfnI*KGAX(%g5@NlAZ@E;H1c&vhO}#^I2;6`Zyy98Z_N&;h{w%?Mt_ot=AN2yH3W7v5tK9u{V&8P>d z9jNRg8%c0B7UcB=)ve$$Tnu7{wE`=@-as?*kbBmikXbIFP)6S5)x=L`bwqj^W*%ysIJx%{`uhCD@$4M-&6ctywHw0((*%4zvKHp47eQ z0n~>b`cMLT5O}9!y#OY_4FqSt4FkBUxE!CxjC|cG0P-?1P1*p!6vRDa-f_sMh)6t& zKuUJw9qI<;@j%AY9kz^$8w4Veie22|kPhe8kheJNR3Pu^MF0kZX

    G;*hY%6ovrg zP=4vBa2SoAIi=6(Kn~4D@_?tBOctj2IZw^aP0R3^Gy!HSH*QF$I!A2WfX0>j45KWbW0TsVrXV7Yf|v{SrNA@@YN!O_ zo(QBc??4pL0j7&x?UwwiWQLhCTO#yPQf*K%j%sWKO&L8gRcC-YkiZ|pn?R0#Qqvm@ z(GQxiQDu&8vLO_?ZjDuqI3{S*o<9nXYvS2dOq1N!RsmuUCO7=7eQD$}HaCNgqN4XK zv=vNzbu`bqdLP1)CcwlWT47~zv=C3F11e8svS)BS)d#ZZiVic$=|#%Eh3H~1FYdrT z#;m6H9H{1t-%%|I)j(VUOaKWso`!@bFO{^DxcwL8bHkf^`gp~WrNA#@Lq+ZC>Hum3U%us?y%tDT8yc$$DG5O6V#b)Cp7^b6kOKv-q z^-Ve`fmO_l^{Vz(_P%DxGqess?Mtb5(5I+J3fz+b!XDJPA;{Z}Fk#MsZoTwv`PXJeJQZr7)=rkFdYm%isde?8I*vB23D@3G$)UP$s2&PQs zb)l&oXq*KARD}nnbST)wV?`MlDmnEOiEfF)3{hYd#0cqG_pv*~;#`RF&~-FRLZYlO zB3W$Xnk=hEI*QV^e>OFLT1af008~-~xD{@lMk>e`cfBA4o_bOkagZ=_Do&!9tR~g; zrBw^q(qk8|G=)JqG{grd-kb-u0}gsp5<_&LLrzE_k?o3&BN2kUob$=e7Xeoa3iPJ+ zW06UKjJX)9&uFfB8K`l%)3Gd8qCPl3g-BySeqsQom4?Zb05}v92V7GSpCQdA#B36| z$9iB%z!((W!#;$2(*eBm-k8LnT6O_K6U|7V_v6}&0PUc9Q(3kg98|F!_O+;Fx}?gX zM@)?W06OR3lgXJUmnSD6lUPnxb~J+1Q&IJpj^vts z)ac5=!3U`6S{j-2ZFlz-3q(0C$0Uz0n#m9(vFTSXkU}arR~-!Ba%e~9+jV{FqYmADKIhCeu=} z-;H}AB~$uQOwR^Q4fTou%$bh$47^z^$%98`Lg-ioAE!Wo{ESU6IQ3mFpB(pJm%*BJ zW*NSvZ`q$DZOt1FW^6L#)0GU=@U-kg_hshTAU!YV4J_G|b+=PIL~hcs@lvuX_`kog^AUbA9p%?SWt*=2kFGVGo`2p1eA zdiQaAyMftPLvPB0GS%zqUwJXc7N#jKrGd7Y_lku|_VSW?&~07}fM3Y)6~-*=X19?P z_7_vy3pEbdNYkwNkj4S6YSv)j&jnD}-IB;9Pp{j)=*8GEd1jq>tmoQ-BlTg3T@=!} z-b%aYP<-!c=<;L}MWn`MZzEGtE&524`LzsLIzU{w&qNyEY&a^+E=YJq-dWtfIhmPD zgR5JgR50E*P`>lE!n;KyIe(#JbF0Zzq@bfOmSonHgS6>zX|Pq;Du$%d{?}!ow)T_i zgYJF_0OyO}%6@RVF^snL4J9SmVWVRnVwFtgill9GP(r22ju&P?}s- z4v+_%k;aPXr3*U~{L^`=4h-DAW;#y68idUtQD#X`OkR!p56xrUk!(zc77@2dLNlBh z^|E$*DVDzK$Oy!cfFZlrsq8fyI3q&}t-(^r<$qhQwxN=tzHe>d#yqYtP#RYeCkh6S zg0WgA2bb6eb^y=h+V6sWnA2-5$h8y$-YAW zo25h)NVyd&Z3v!~w|9xCf*yL2&dmH1pa#>Zzgec)6*|Z!&v99?~u$~ zoATa;c;-mVTMlDgH(FvQDt|FlV%J2mRDOO|8*x1gbDxh3q8?vO=|DY^u=9x(jy8C|Vlb^S0ee~*@19V@eDjTYmRZC@YxP3X9 zHR@SLh3*>}bA?R54dY+D5(T9f&f~dHaNCZnZ;g&b%j1Vj-#elXW4b<&zJ8X`BeT_+ zczo)-9h7@MDV`-H`Qq*3Lx?ytKlj9u)owjht~XQdRAi<6g709p=84q9&!R1}tL-JkZ5+67+V?BfJ;O)Tf*U8D> z0|XD~b!79ldN?ckVXNPmu}=8#Cl>RNhI={vN#P%f4#5D4M$y#FIfecsYuNyL;g1*> zvBv)aj@*ULIgln#oMgUrQ!PvMWZSXHcDGQS;4`G@N+^H?D_=5OXKk?IwZbNt;eUV( z{+HOceVjoPanuu|95E|DL&_0{@jDIy4TOC)bu)_`xWZ$cdEMnVAzw-XL7d(6O=gbNA%x>$dbnl)f?zvGdr)W z6$s@%U-y2|kxC+2g*X-UuP^SUGn+onX6}eu{Hwm_RIwX3XMvC!%bqWyTHR||u7-!~2gtvmdWzy0OkMSBQJ-aO3qcv8Ak-@)c<3EVqJg>tD& zp()VQMaaL*^Y#Ptj09V|LNZPm4`Q=YMK85)KFQagi`s3f&ZzpHd-^{>utv0%e#&s@ z-fJIi%8WD;Bylick< z3K5X_Xh`a)zhoa@uAS-!9vkifDM3iZB&f4bR>ddNU4pG-C7Tj9T2$kfyntNZ%!f~% zo*RHCU%^zXGER+%MODku2f(0vE(@=Z^v0C*m#gE@2Zr1^_ak8DHFT8a-m*x5GZK!4 zZzKaX2e&(|-{-(mb3oED(Ka94^7pAD+)+E#RrGIabCbIF(a!Q~-<;U;WrgkqXdNRC ze}i>Dpi~sfsvP}{QfNj4%P#X!Zkn-W@XA7h|G_#3NFwfvN`VYMi{PZt@umOw9ih~QF{1{p(%^PcF9fs_2v%@m@Skx&fjM?0=&P}E2gMqoGob* zb_F2hcj!&LdKoC+npfO*;y8b3C>e?3qq$NS4=335Xw)y?lCs1c(cD<(Aks~UVY55L zwryCOnTwTLKBqc#?=?K&6ErW?7OH?IYetxc<%qu=q&+Yw@J^t&d@9rSoVz<;x|gRx zD7%;>b*|I&cX>VEhveHf5-A2t9 z3C_ySh^ogD;}!lQB1pagmOK_uq$D#F{);_-aD_D->Jq zs4269uaxy+FsvMKM6x}4j58VGr8F|P00GFQBw``FgmOm!V{5f2B6ciIpz>+pPrQqL zgwgvCIo@x-O-|l%U+R^y*u|%(jFv_> zMjzYk?5-)=179nM-JObeawX%9MrOCnXRVqOxO_u78ocipsSSLIt4p;9PfT7ZD)%r? zOsA;pMSkv0#l@1R(6_-0I*|EXt&j*yk zB1Tn}B!6cbJq>!&cJvS8mLCB8`|(j6T&_cteXnz!Q)@-9eX8F8G^g?3?YH-(+G){( z6_Zk&4?FJ}?0W6wN-#v8*+@UrXJKiD&A#Yg>C9li5wK-(1S=POviC7tnCtY6N%n9% zJ1>t~?8r<1Z@D29lvdKC(i~|>hGgwwlDFXAC``5N9d$<9nq3wqkJd0a|Z69E8YQ7h8qE>I&&TKt4s{1MG z&N#e)5hqr-jLC<`i4A|f2?~fz(}{mGZL?Z)6-^cgKc;)Nd49jDvEiHSM1FDiJt>@6 z-Ka4b6mqAFwoy@-a^jA%D-(K5lw8u}AI?JS+%ttTwJ@C&qcO%&ekd8;@9r-;#MS-H znPHVwL@@(-n5dWM^s1bcoiTR}#>>!kAujG=OmY+36kwX|uY>_v0WryG5fE(VjJj&e zs_8jE!}d;0+=v1S5g-ARELXE8b{ITRJv7uo)o2R?Lc04^dh`Znqb;&pu6cXKsgDf4 zh|LC@xOjpm_A2FH2arnugwF%yGoy;>%PQmA0uM|%=LCub+sZDnB$}ft2gHBUF)tEo zfhwtSoGhK%_XtoVoD+by7=!g;e56THozP4LdK7JEK)=`Tru?0G(u@&cS;yZZ$h-h& z^U0q17uc(R-)oWtQk4Y$Kc48|z6?GTl}cDDOj;95Hz5J0?J$NO(n=t^6vaq?nZm#`k^hsQ&+P~CYDog#Tm4re@s)}NXrElI9 zrx1-TXSbG^m8q3a|j$mb}e7i z<56lKa4;~#&g%AnL@mL2F!{Hdg0=^J^X61C#EiSZGMpnPc4PhGlI8t2_FVVQL+@G$CT0d+knr;m~v2457WarTgl|L|pBfTgT zVnesEJ$(is^oOv=j@-16rKb9hDxb7dK(nEcHue}w+5hB~jy7w!^cHiVqw3>QvAfGj z|3amzQ=ZBZ>JPF|UuN5-?HqRQD^Z^!V1~#M$_QxQq~9>KR#-WQNamf|j$)8wGI&(l zX6@v7``PWM#-I6)yM0{OOG66$k?aQI^WbFe zNH>Uf;(;ZXmyRjtR$R&wDwmWsotTm)!eeW*%aUX1HeD8sT|%*RI2|hon?@Oi=ucAN zffC)4&Slj$@}@7X@SZ#M&?{WpJ&_gVSdBdHG#$TLAm=7g>b*!2yn$mfPQd5VV0pSr z@NB#t6a&Wq$Rc7_f)%ub%Ee(r<$X_2H=NZX&Cf_2Q*%i87CMtJg?JEKaTE+MYJf*3 zV0Q*F)gRi-a!xsN5p1Hg;4O6cJX|O^9r=t>Q0T(gHD4AJCPwwJsJ>P*fuA<+6OR{{ zP^z8YRN1>lQB4x89aFt}qp+ps)bDVp3z0!aO<>YG)BHI06sOpn@Zm*vW=-&!d}J|7 zegoZ!R%r8?gM78k{M6~d-Uh#U_D{GiTxSiZ-r(GxuX17`(f0T)meEr0RHjl0dSG$z6q!>?ByN_KYWc z5ze^^NrTM?xmoo{b0H8oJDJ0|2|fT`k(NuM(VuT)bLZ z(q){{XBHpob>(y}?20u#ogY_~(d$8qdlh`>O1_L!o&0GMkJ0UfS7pzQ zoWkTR`LfHD8lf?TxOj86506cPmIJ6JXpgJ~w)ARNi|RIRH_xlx-sq)EB#$x3KB%cT zwrp38pNhU#9Q}E9^S}XB7`FYrq3L^pG0a=BPpBDt;i#l)v#`@%0$+eOyMlD)7d!DA z!q&T8i${mv{l`K265wsO(y*(V<5ztBA1qfDx~42`IPS=-qD^AhVXM0($^jqHPGfo9 zBA981OD2?aNh{>XpPr_$E{iwMrky-s5>J@+k2TcAKd##7*IAVQAH z$1Z5~e}HO*>au9ARBwf22TFf{Tgk%=A$G8h><-YjR`M>lJ%E^e9ZO;u2?Kq~vp>ta zkCWj?-1WZ-{BbzWX7tmDf9*HL#?WhDwu zSzbSBT9X`!pt@n*UP47dB*gL!Rix$53sW)LTEi86e@C-pr@W=Loh0&x8nvqALCU2Z z@jcAOZP

    X2Vw1Z?|Kr*ar2BQMndp7P&DwE%lVN5rX>LkO=5XD~yJ~PY zfZBGy$43JgeVjG$JQ%iVU_NQ%4i)K_WdlFkD&{9ij>H*AIMeR~`&FlS+VUWO5lZSG z>AwyP)PGD~1SK2&Jg3(unfAo=9F8uZgxsA)GoLx$rRI6MfEs6wici=mO}J`gIu0}u z@!qG16<~NQ5l^oYcvUTHsIs$Hj5ds2u^=A8(qQ$5oc9H^y_^FgAlcIZt|HIUhnh4q zC2mC;CW0luvYpY3r97l0oorcIjLrmHxr_`Tfk2!y!RELPY5i^;%EX;QEgJ72YcGZW z8YGXu^(`NgJuyR1YZ|2|tb){!M}Ajw+J~4P4%do{!o>t&MD5ms6Y2bC>YmE@2sL|C zzd>IMIy#y+KC{|qAfolPnn5yfU{o2c4ZLSbz%_pren8@{`83~Y3FDDt=eD1?-^p;@ z`;eNJ&Gc0M6y^=liN||dcDA0)BF=2GskPU`ccMtJ+j|D1 zYuT6cypvgTqg%A(Z4p_pqusU4n?p1o)OW!>q|exM7j@!`4rw}+nhAZ@ zqGyoUCL+)r_fvsb=mmrwLKOfrG@=SS?yES0Hn8%j39VY zm*Ex!EfAjum^oBk=#K9fOZNzzU!b1DkqYKLNSO-IqpA*tDkMuY1QRR5pyE`l83c&BJ6hlW!f4#lC7*0D3?jbUI~( zV0c zEw7LY*OK*cN3c2Su9wWq7yRJOmi$5O0zVJ3 z=XqMvhJVugqLfDTG|gQ~NCp%b}7_KCfZAjLJ$z;=KNj=xuK`O<5T z*D?JP#2qiE)$;P#?T&9&h__b6UuwllrXP`+IQsf~bgbj}ycTXI?wsJsY6g0MM8-s* z4KnZdGDR#HfxX%)Omx$eF`*VDbBn!$Htzd@rC4|@!voG`sbzP&($}k5G2WLP*izMsM1msd27atp+-!*Y{{z%cM-@oG8G5U zZl9vUMH=*{3dS-0L1JxUrGw)zi~O><*0#-kHeFaBIFH1kED)ok`|-p9@OblJ)R1S& zNYw>JrDzDGrXh2q6mlz~EsUiU3KLGFD$y_tF2Ngxm98HwOTxNERMZhif~;ev77l@k z`+epQWHkIbVjn{TONh<1ThP3NBaor=8&geeH4ELm`qIGwvm;pC0J|T zS`|41qzL{acv-c#E%>TNmdc(CW9xrr8I%y9#+zG>BE%|N%K^?zv?+YDp2Ajoch-lM!jo0@D@HAf7OUMNdD20;9Bx?s8IvBR;4~ZT*d#7Hpf0hHrn0h#no#hl z&#uYTO2=Pg;bwptWxk6t1Ykb0PIPYJ0JbUiNY+5M6dNCnCnK{KqTS6}A6HOMA#D0p z3P&Hjf8MP1A@upQ;?#ani&qZ8fB_F`ERJ zkOFOR65^#*s~Fy9-8NmdjJb3o|F^J%y!ZxbrtamKAl3A5*CFOqq9Q3_wFyp!#23kN zeSU5YM`tvTFUhvrlp(&i-x57}Qr<#jf%$L@Q zQDG;0Cin&u@L+Z7?zs1uTsZf9g;Ym&aCfG6Oy}psukCt|wKje;=KTHK+Nh7umzy^B z;ros0z-TX*$!9$qBG-auFev#^z7yAN*4g*5vI(uHiz_}&UwAD>`!=B`&?!p&bfIIL za;d?G?!cuunl9wbQ6@Vf&QVawgaJWM%B=tCN8P+^1U67pUFWK%mXF6vJ?0x=wT#d+ zFb=T*Fo;gn4rBtuO)xLKA7P1YO{fL|P%1j>MZ%zOL=Bz+@<%cp0}z|P@U1k4^|dZc zJK2|&U!N9!!eA=%$l{~-ajsv!7!sMb6Y4YW56Vfxo+VB4NCcZ3>VHWuxdAEG`JMmNvx|ENt*P>FA8H>=$wdZIp|%!m{akhH##yFFjGG1;H%o!GgA`Q@i+C89&D+$ zM<=FKwwhI7Hqb=od53G<3DVTrYx*5NckB`QivIWOW=0ubuU%7=3Ln8p*&a5f8|dje z_zfX+OA%zKafLosS!dGNH>>{Z&CCoGT6pi;rSg6zvNo&;arfW?m$!Ha^p;(umkX$~|?j zYQS_oaY)?mrzl)BtppD|-N@};tF|=Y2z**3k0vbkftjW6096iFde>eF?0zo@Vm|`* zG*M>byI}5?vO+udoIe=xiuD^Tn}1U=9cfllyp4PA5?bWPApD*&L@(xvfX2jU`T^ztFg@|ZC z;HcqF16X0$bxYB5fcQHyp%DDgr$VxbJZ^WO=K+zVQ0q*y=DcVlmCRFRf^b) zW!*bOBzm5OVJXGP!o0&pI=O+MXH^)}VHMI?H+D)v&KjHRQNVpSRPjiHey5i=ot%>JH^bXYj8S?hCh&vCQ+ckCLXfem< zZ}V2?&5Bi*{J<9`2?lKv{76WGtpkw`qO;yj#(OfN%^NA5#&Bkku*3QID>j~yuS_`+ z4RE95p?rkDA1U1}{Jbd`mgNXCQ>pjqu56n&c=0@PMn^6WN|{-sb7jD{tO>RG@5Yf zCDLY$?2cMehW>VYjqVLt#s!N$xX4EK`3$ZKRaR381(1rxAgyT+@my6wAuyNtL&?8t z^D1zrN9_~n%iEAz#rfipkjZUKNb~;yp7eKwf-Njb!m_vFB|yv@A$Jl%g4kBdC+)UOGxt}C(pyc<;(i_0j(8Y_RoDyex8>e+$z*A`_fn>#R)?Ho$GuCg~H*^NeqTI_b0jIuF+3aODvkvVbkJKo5>U*Ik2x*5MULich@oqSACHwQ`0J$nfD7{M|(t2q&& zMpGcccIb2PiY|BeLdljQB{9pg1cw_#HL}~*w-Nt-j_Smh zeFa=F>;$^rL9+7`0KC`yqmj zhM4f47#HDS(|zdrI1#3`QvB0e=&?7-!icFq#tWdSy?Ip^<3&=PG>d5bI;MGG9Qe{+ zL=kesygKFxBaJoMdm8x*%|wm5Lm+VY``51C2Etzimw9vl7M;(K+AekDD=$XR82Zfl zM;%US^GdKaSVeK{yY9n=%N7v^0-Yw4+4^yU|7|;mk7)f)WBs>4-2T0%u92EEmnKUI zn4GK=<8GI~Z1(y#z1ya`dG2kt=GIU3T9|)KOip~X2Nl4GvrPz)7MfKK1tq6RboN+L zUDxlVM^5Qeps;Bwn}NpYl?E#368se<5fP$IZe4;>KN!^_237`6v@G-$lKJ!?1b>wj zUQgbiRRNIKl+N`>N18zqb*@yy0fV(KlXs8xz3p2kwc}=#1K07T1CJ2gwaV}V1Bz&C4nHvQ30p&b$*^Pn_h+oNcl-w&`AFNK6>xl?D}2h_ z5zdI65hVFkf_Ibmd-UM(2i?W_(Rx=`k}Ofn4c`t)h~)hTDEz++bF37 zV?VDp(IpF2B8!Jb-=N5=A^Crd9O~>#mXf^6^h0D9wjddq?7U7!#nHu8kJp<^d?B5ggkgM zVDp)h2}|h3w1-oZUU1(90LdTmkoMaf{(;&Ru3lHImw9*6c=K2_+x>zD=Hre%l-MTb z1X>(TTQ^CAR|>NHpxY02_8S_TpW&udK&$WKJ1^n537v@vMep^*0zNoN|P&a`%>dQO(8^?6~6pD=VhK_$$PC{1vEi zI1;kg>VZAx0MUhFwG9vHZM2FEXT8yYB1&t5jWQXXwQgH|#8xSVTG#kZrXzSt?$s~1 zl7L{#$vC2v8RtED{7_IV{ff=%?(hWliP^o}us7y^5-R=&2y1EgbN1-lZX1u$%Lqe7 zD)RXkq82Mz3E|LcK*Cayz-6_E$~GCkXUrY-S)=1>+dzeAK#UHk!@);H68c1g6psW6TBREwGssD_ zrN6Eha&hZS9x=)I3f=r+`dj9Xe9%+7iC(K{hn+PUE%hVmL%i)v>Gh+s$i3d(CdpY} zv6_2}FM(~f`gOO(!zFn{B75Hc!jfd08fwvildPQoHnWC<^@9CWUp8rS{fmg=BZ>kw ziu*?X55bor1=Fh~tXD^7ulr>TFO;VuB#hQ6($GonSFl|(uhyQGJte-a3gnXXWI)>a z{{YO5qj}T_nw@I}{N2M-tHLv(l&vOgm>*L)7DxH!zk|cJsnbn5nrvx-^_v2m@nYum z$0YddkBMJ+`LVl0+d!N&*6Z^_-5t^UrM_dDq&P&coCqa8nG+{%K*-RC-xA6$0kP<% zQldcsg<$X^foXIE6WIeGe098NRBW75!2ME{?@%lSa}Hz8y>g>)05({2to%*1{r#v% zhF_-g^#p(8#&@lw8C0{E4})Q2Vvq@r-{Y8^^PN*x&Y)6!RUsmb?_n5tzHT}u(>v|A zl~aub7gJenrqVr!**85ApZw$uk1$oDZ`^=6l$JAh?-G1-9yt81gk8u5K2*;@RyLyI zQ|gPFAeu27RrpuKgN?fECh7K^Tb&9o32XcXxo74s9`D+M;Xbr{HWvLy@o$!nYkK&c zrB8=DjZE`A#szO*f{B<|>%&unjxekaZTjZLvDg6bEr?F1yO&J>Mm2e-ly7;C;1QCs z&HgV)X54Z2#Am;>Ot>r8(ituba-MFx)@0p* z{6;oOHHqiv{m3*EbEZm}elI#>>hCjc_I2`DJn`uYLe6A>430UJd@I{QQS5bnW@M@# zR9Vsio941@1}0A4G|_`I^z%sDM92bUBshdWzlk?^`e0~ZvQA?JIkCuRv!29eWLh-K zzP#Kxrjq>SN*9r6&3K6!tfG?DHn2$RpQEV&w^3aaRFVnin>7qUW|J$+PxpX zBP9NpOZ81$sg2>eOEaUJykW&!#@qYw|Abd$HX3Cu-zWL3KYuLC{kh>`W$teDYw4T8 z*Kggm-#Tyd6(6)6zk zDKh{;h;)FdtTQ@+^Nu6w@Gm?sqi|v2`x<3I6=L+5)C(XwZe$Xjd)7&HA|TW%9YxdN zPxi@2q#qJ$b6I_9FX1-2JGC+p#>9;sbshHll{mU1N$wf#ZS|2WzfGT;EK{g{uyz9Y z&;T2Z+N%`n*Xl!`cmPhf&?+jV2o7jNSir z>Fg$d0^X{+AQ9Qf7*W*6{y`XL;)LY{wuRB*JP6smjWAXpahd47+Am3SI0@9S+BCtJ zPXvW{Y{7+(CYZ_q&?qrFbLF7#vKV>mzzn$Q2IzuFAU|2Na3U>y879Fq&A4yA6XjOZ zmc9>FNA$IiBTc-t|7=y}J3qso6Kg!JgdrqM{m@Td;5@vy;CP<*enz9g34Re^hTTIS z+l{>hh~CtyiczY2>puCwD~ zBV{V6$KQGPCjJJU`cf>p?;xuan}W-6WR+VcOo125HJUs5BAgpXtJg&^fsg-Q34D#!SG7n=>8K&OP!G70!K}?VG!PcpUTLBb^>=E~dUO z1S@l^S8yC&>)%Y8NasVl$pPy}iD6K##Z2IRqp;aqHup8_TRaOQ)`i*h{(p}UfVe@0 zGfCM)FHTVtI-1AgFcn=%b1Y7fgI}H25}}%ykcPO=HmVm`>D*x@*e=Kfqn>#Jy<5BM zu%8nD(tN`iWfnm0z{}XdTzU@m$G7)i>-F}(gnv&AgbDQS_% zMgCu-KRmwjYp;98;9Zea;rn{Xwtv)9H25hC0WC2)GBe1jW-UTFvjg9F-Pz5}x9sQ) z005!2UozSU{(`PROWV45U(c6UFxPmAu5>p=-uTYi4*6n&J^-1r2MKL*$LbwrW0JNe zHLglqhIS|jz${q{HE(V&=kC^uk!rg)3x9T@W(l276fv-6wD@`>cQhYAX7KS-vGq(N z_9c}RAf~wWwZw!_ny`r+rb#H!C@4|vvZ>p~DonD%;4AxCdGXIapv7B%x~lYcB5%36 z9q;xvC^q@bR5he`Z8O_U+1$c0T?y|uME5VR4)NsotI~j&`g!>O0I%WXFGVn^3b}S` zoGJKn#l(lI5$?Bl*Z_EkHp$z$ui9{*Ui#uy6l;W{-$y@o>x>6B8ntVqazecHaTY$9wjL=4y`OqF1Z2~sT13UWBNw6VBSj-?&*5Du{;sAZY4YZz!TgNZ<<$~yb)(qNo`@fWzTof$=OmO zeVUA_m5eaCuJhflk)`G7lbtYox9I+$J^f@aF8#MWz-fvv^V+-jB0RS1oOx{`4Zxm%tHye0d1tzkTP`S z4sE3z%bGJDijrz>T&b#FR+DYJLU>~upFjfiq+-L?&NV4lilsWN`5#z1^J3HSor7M% zT(9DNrD@e`U9x_~e3|N5?WedgEq{V%<&6lPrN4LKb)#gp$NyU+NR{UBts+(YNC}kauKV?!Bj-H ztu`Nnh)p32Hn8EP2Z#dbNc8*pxC}29Vb_0se}Lf6W(F)_r=!xl(J|^Z1t%Pj<*%=C zeC5*Q#y4egLB(FGwN21-pBmXRWwrsf-X~vai$yhiBDQ(Ptsl$=pbGlL+TMR=x666` z=XAeeMltD47d%PpN+7>|G0pd7>EJ)+pVm64HRhGlMB(Fd$1M#Z_;EfMe7kyUW4nyc zKfdIMnH^S3n5d;oNcX6~nS6{QCi3iL)Kx$Es;4if&=V{NHtphBk?z@&X`SynVzq1R zX;za}xuRU^K&QaCfxWC&*TJngWHqxD1-O<^vS(-id-XNSs}Q z-){Fq=4Gj&+n`HT|Y9*wP9J`Vqiwj@ue6!LpsGP}==;LthVPx{qF7D&4tld!Ev3Y5_-3fCS zDj^jmRm&GD!4rGPXV;^$g}gHpX;qJk^rv@*Fw>$va&p@c zf|WAawgMgN^XaVMTN|Vygh`sHC!&1(H@ls~kPJ5OxYGv1YI0^#L%NJKHGRYf}xHbt-Y6i@vLoKc|}DIZRu- zH`!Ct-KmIG_>lT+k{af`->>-z4%*?x6Uxl-xrIOImLiK@0;1&WY zVLvmKAiYqPaC;?&?g5kH*w%v98NDlBPLO_=eGsrelXbQCIywENpVya@hnx}l!sQL&h=He)0GRO_o0%K)`B z$Mj86viO70hpcAKS`g@+iy6RQ@5sibbG-vLIIYzWqct(+F;b$s;&aQ2$A75)gL=_I zFHZ-TfEKnb_sd|M=_iQw+iN zjdhp%IRO&VybJnkDkzZ`mUk#8Yx!t%l{9Lv&8c8MwCnb3I{EApMPK6o0CrW&cCExq z(@NgrHE*$@V(kvfB>O^21xq}!e0nI6i47ZuKoABz4-iq?tIXdJnVX`AD-xn6b zwic$AIfC(k8INv>3L``^jUlJX6=G&1HbOat1${UlyIXLagLTsHi!!Jt6tNsqwX=i2Z~YXY;yn%BFC z;ntOCs~#zeaqQ|V7J21u^M6BabJI!hYHQEodv09?o-D709&A;jxD5zszYjkxJq91< zyBa*vwjjIQ#+15PK%w{Z)GeCHwNZ=;jU<5V8FkG^TEE{~^L%OLyus4Vm<_(#CW)o% zr)rk{`ZVPkJNRnU6t7@4zq}Bl-wI(eJVP!csVV97znaP`H~6VAYJ0E0E8bK2Ko|Wn znxxOSZWR{$w(0=WI&7vl845l+vus*swmm(5Xr4Qny}Yehs_^|Hqti&rPoT-HXDH6{ zHth@O#5Lo;3m2Mv<-u>}Urk`8ogE9Cje(~US_<8ndqj0iD{Cq{L+`{*Q~s}BV!Z$x z%@y#J$aHP??&p2&@rP5!8}eUUv&XL-9y7v=4<>)bIYawwD4)6$>g7sx-PV7mOi$ACjZB@yMOw-E?U}TnDq1;b4+<3V^HP27w%M$Q5~=rVnuA|usQsie5s!uT)ks-X$6qO4T96?Lo$5|Vlb!c=S(mim+!9)` zQl3j+1dj#;n~={w?}#OGDl9Pozti;tViQPSlb*Iai`ZA(ya7=;2gVtB0jfoi((H0) zp^EnG*Vswnx&OZZD{M)|4~?6TpnW~q66<1^ znl&y)0MZjS;+aPKEul(zD2JV2n0hTe60Ke7NFjo5+g!f`v00aZiAZPYhz+nE)0zqR z!oq1<8cX?eHFK!Fu|uJzPn~5;zPBWl@}gFEwS6=ytg#Il#liGr+$c;-ej0pjV*a~wK zd?b&VnOD!FVWT|tgKs0KrybjyA`xGkO8k!j~{D_WNUk)iGx+>C1r~y1$5J zm2J>+i!=W1{ikp%@BNevP*_u`4QvdH^v&@S(U;_OPfPS-5cAa@g4!Ge#SWDym+l zUch4v=c05t0!KL;z)Na2bcQOA-gPR2cQxzO%^T`Z@2>P|4J#VMMoR` zQg7tdv%U{3Dx(^tBvs0 zgx6CZIKqUWpp~J6Vsa|ZOI%uv)ZL6{(>r#JO3OvYru1wb4h!DtOEF7GX`zjo4pc-_ zo7i%j>sS5vF>}((3ng(&P2OefrGDn02eTL*jV71t)QwmioE-te8TnPRePXs&hR5Wd zlPyUb`wyxRpM)ntBLlyfodUltv{FKTf3jCZJ+JBbm`SPjE3~QWA6H-R{oc6mFVetw ziWYe#@aPx4Z%oJebJw|V&9T|6P{{`a26Amr~I zGs*d(_Fm|RXUqTc{<|(KW}H#T7UKaia9Y=Dwuj{_9&wZYzm+W#ota9n3FZ+>mU)>}; z@{8)d$AW|x1fC#1@X!kMjs)%-RPT^?V)Pxfr?JL5zo9kL?=Pg)x4?C{JfD4$?du0I*AF|C4tn$hupIzqtzt^XQH3oLcI*q zS)E?IyDwZ6;>YUOs{mv2v_Nkuf8TMERAnTXtJi$#^HTyOuq&xB=O7ZndLx6KnNOrk zpn}dzr~%71|2u_?Vr7S3sV?!vvo|*Q`Nf}mRh|w!T5h5WC8%Nw$*Bt_kEwt`mO%qgIty}1Go2(ab@CNIl}um|8zBJ^orVP zH9H?3tV0~;+oAlWPm+6l zx!q!y;t=wA`@)K$*sQpew&=qP4v@c&emSKqvCx1Uvr+IHl69xyx9n!q3YN*^jc``C zS}MIDGHHGA8z7;bJFywmHo|m?f`bOc>Uh~`C#s3+lyNRscaSa}93VaNV~EBvRst{7x3>PrTutMifS!&Ly&T82c}Torq00&I zi!y0p9#HnGa4eC4H&2#999SR7pCqP#p&>Qyximh|51=O;lF@ew8prHEUs{RXhiFXB z^$5omq%u%n?W8*Sx4(YJ+nXzN$e3;-({59~nY{t9%gf2wtY>`M%E%+&T&t9XiHv4m z0yf3gWwro_!m+ZA$oOkl&D<1X&{OwpgNXGjas>^}Vm*=AZ!LOeY5;^AOe?9$p)&(h z#Gh1B(|ds|l)0v7*N)Oq)WrpPlrm*NTRI8)6N6VQt_}x>b1M2YIp0rkvNZa2pdr{s z`;Qo;6B2qO=iOhweOOM<3!k8ShYKd)zA4#AJC+aWskwAw^lBE3u{0&gfKHgF8Q3oJ z2a#}WP_}IY0y&hA3pV4PPPK&weU=`lGpLG-udPvh{e(K2dDehZ?zp(QCA+^~Ud30W zXI4Q}sQrbk>1G#tlm!pUIsCM_?X(|Qwa-&d-2%Vc2Ox6VpBOcb25l2&#k+0OUAysw z1Wyr>4AT|(YWeM5ly*CI3vp7d7&BuI@o%3nD+dZ+z^Nnb>C(>;AQ)OM^?lol!3iHg zsFf_aN$$qoZxzli)o;{C<>=r4$f(BfNTsKsi%z*;Y2?>vwIt)H#J;Qj zP_KO|^b?!UVcvaKD?}NTfeY2vqCgA}jt*CL+`!*o{}AO`F+aCQa8}mvS&lL5p-iQE zwvMU%g<6G!e2qQewBNTtL})fy?nWH9rlCt)So@wKSD~39+l@AhPC$u6RFX1pE;<1aO+flD()$ZnhfQv1Kk6 zW;T#H=WiliD^>+1f!DOoTq{|>73vi8R|PV7j-4d=p-u4FN4(Ew7Tpy2w`Wt=3K0N? z0wi%irY1X`T-jt5>z0xEZc@7ztrR7038@OdQMGoV4T!2%M`xBE$a26G16qiW}$e z@9Mpv*{pQ^!s$2vdXbX-XG#ulIA&9=&;Y_<7h)w!2&IR+)N@&eF%aj?`b;pVb8dPk$5jhsh(imlRrM_2LU zeO;p5#-~}J$Qku13DLE{?qq3Xz9BwE%5@8uqz(KB<+Al!PZ{+EYs-g7JdvSYslS^m zyE1>3@EBZc+a#kSG!R+qj(2RA(*acASGWLNbFAoqKXJCaA^nm0VgBvP@QUAOsktm)>+7~G{=MiesNBk)YWvP~jVi8?4-TGm)TfDV+ILxCuaA&Y zi0Fki!STRqjE(JI^SMuZu0;yslW+OF1N{%3@=u+5CQfy?M5M+@O?g$j3fZVTPQ;8$ z;=X29U~8d77}!3hwSz~K-*Gy|aF1>LKJ4C!cSka;L%-yY&5d^+LChDkwI=vHK|U*^ z{L|6^hMa*=)uQg1EiE>uv|SXt$P+`vxS6~b6qG%P{B=Z^Nfja%1T;;QtNA3R(&%s! zxDJDRvk`Ua;j)y&?Di2{p`iN4!L|+dY$oMH<&HSx69(v+mqv7DrX*iWLQU0`7{_-C z+fvR`UCll;Z4U6^M42c3%qyvGJnB@Rgc0<wWuCRd|YP+)}REh?a$Ys|Nf- z)|se{MwVFB{zF-I*7y^uyleaJeOjYaiNDlGg05X{Rq6Qm9O+V@E6%Go)%cw*Z8H@t zGI_k5=}jd#Rb!A+$Cu7U;+9<)$eJI$n`3|a5XbD@opzp?&vCnl*WO0B-l6uSk6CPi zI%xn#W=BuCOir)M{&7LSH>U9R0pz&)6!lp&x8{LsIMa1*A~`81E1cx4dyBYa|L(;H zaoso+yVc*Rwtku7RXCM@)B`kFR2x49)U#L~`w2r>)C`ydWbk06aH`#^5q~*JR-!<8 z9ZNg{GS1_zkfc?ZoJqU^=Wx50TIQdfO8wXvJN+o1>2-E>F zp)Te}w#;bI3I_#k>(PP)Z;!kv7w~ls$zQ?nP>`nv;3vC1(?WeAgaFHYgz^-i8$5~9(z040^&$DVKi}EBk zrhZuk6b%N)6>Tq5@l1$(>khK4M4x8WjwjhhsUs>dj@e`g6J}8G8@zQ+QTS$00u=en zeULb&nn+t$eMO#9t}kSg@B{L!XUMX5Bcbfw~fdh|^tJ;jwz zRs>m>oUSEwG+9M|l@4844Er~^Jb&m1-+*my+xR`VKnt*Vo9qA5fA^%S?$L1d_FIJT z1mEc*^tkSPz1j774i8WhTM6Y~T3ssEtrEDYt~_@K%T*J#a)gddxx%Lc?m;|ScTssA z1g_}M-Rv8$Q_7|6DU~W>Pe79tRnm7QH3QfM=ieluqklPD99R3BEUk)xB}UU5_A*@&R`|UVo1EEg9Pv0` z(}A3=fp7wnsZEXS9iGcVbP$}Bpw^17HR5M`g1Wvqc0<0WPxZp%(!SmCs#0RTlRsTHdHdoCCdqZO1}b(^-}ST zG@fmAi!wnIq=L3^tFGS9uskzEw;yyMa*|tP-uDkQ{>f)WR?|vMLdb}S& z^TpFlicc^5PS=DGA-PwueZyIH6ZnO@JBl2fog*f}KXDIcy5r?8za5x{K$16G_(Yv_ z+tR~lZ}mQo?9wG`f>k#rBM3>>=lPA*WWg5cAfc6FiK9)pJ@hHcL%(ENA$L3om&t>>4nEumQTeCYyWG>?nYD!*Ww)b)O@CcK-3O{qU98t*6y`bt=IPm{#66;}0q~VSO8f zq?dv1zEW-}7~2qayRg0OWr3bP5-ogB=*xy=*xa6%0OghmU77o+r2Y?pmnWODnooyEEn`s2ZV6O?s6W!L9HL+X6z(Cx|pk2cNyV~ z+bg}yf({J>^lb%SVpQpNC9kpHRzI9wft5@VSOMV|YMUvD|{ zV)X0pp8gsBs;f#da^NulpJCiSlyLtTSw%ifn+sV==T?!wmE-3&a{}*Ok84hf+QC|h zr!M-dizSB8a_R?YQU1)!cg^Ih;OkB9jaJ2u@zFK2wLW!A@p2X)V8v#b&PR$iQi8Th zk)%Glm_s7fu<|mqwxzl!2;juxb%4i?vgf}70sdMj*Ca-N*_|vZi;X@%`)}`m_G~X55L5FjW1d0#9uDVrOU3Af%+W(da=-Nax@QkPv&(2nz zHE5~7YD{hG+{SKU`Kl`>o;MD~pHej((^6CV5ap=hGKT1&%`h)`?RS+@ZtWp-G{(Wl z0iZcRLEY7$o{Bw<3JhI@CC@WtU+kQ!In{xsITszq+V2t|4@FA8@$GM1Fb@Euu%QT1W=(*8}AnoEjy4+4qnIUP#c zf=cB64CR^&-BrB2h_;pwCqPbHl*4L)A61Pt`-H-()qBeQZ=pbJLPbG_lhtLc0^X0< z`GWRLbUDM14vZbKmh@GXzGo$?bgD;AihcQ!$)AC7;JNM75MUa}8B~S*Mm|!@CsG@9 zUph~!@_Q!CPjI^2XjZI5e(PSU2!*aqHaqv**o^tNvGoFDky0LqFQWPrYgZQt$5!nz zi%~03rHUF>pJO;bQ|w^4rK1u=pb8SIq_$Bg1I!93BcGKoX>vFtUNIgLyvU$m0zKPk z41Nqk&Zl$#gN9QIj?|9Iz{4;N)_BVg4E?TOqAWFqvEQ9kJoD6B3wU9=TWk_{fN(7V6vQJo{s2*FI{|fYyxX%=3 z-AUxvTtfE0UrXry=Q3RI3|JNYbzoT=@4KeBe>`W$E)q|r*`7mR1u)_MOLnUMck_%g z;W2G-`m?Bmzs!|gDpDLLoWg=9)o91SQuhb142mw>1V7aqUB5zBGNG!}p$?J>Uz}Q} z_KKbRLmT(MM))a_5$-OnWN~ljfwq(?`ULp|31t`Vfuo&((>GhbSODD^lin^k+iCRlI(pa_J*_d? zg@Cf}mcBQi8GMn{q?8XMFq#K_WP}~zpsv4b6I_Gw%b(d;dNjKA`E?s-hN|Z8 z40T-64M^urRyB@c-hJsXCFriHeKf#o0ZA{OUZKn3f%@CJvBFk@h3Ni3Kv%)(ABHUG zLMK|J0aONo)Em<+f(T?cnm(D1z6w zVl z0*kb^s=>x!Wz4HK{{_&gAhQL8wC5b;R*<>w1OI_1MCMV3ib0c zB*qY}gal3T31QRzT26xVEg92>%E)|INqH@;!E8i|g*`$tDh5ZH)4@g`Zf!CCYmA@1 zTWuvXQY_JFlC?{Q8M5@+mlh+VwCqgsbs3)`fYP)D%T;|5G^}`xnBk>4hp;Rhq+%^#nz@W+?nT=8`jP$f^E5TR?eOoGH;;1idPDg`uD=>i)YPA&w6AQ=K#YA0EpO4L&s7lX{$K2lq1JvXMTO#iJ+v=Iws+%hDj%2=< z&_R949qy_6aaj4pA)E4Pr`&b%k}ZW9*_(YD8BxFA6*5B+K_=3D;ntWq%$D-iHY~o3 z67g7lJBDv1YlNXoriD)e4ag5t4~~P7`75!P$(E$#V+pp50%^&awKHqxWLYZ&!TErh%Spu2y~^`jDG;Qe z?0QAY(=a|1Ux?dp?~10sF9M`F_HE+K%$4PR^=OWy5uZ-}2O{69yJ9Y#KN5Q4|MPhA z&pFK$4=>5u+5S#SxtlmC!V^96sW$8Jf7wYgnp+*3KU~FIulVL=lm!CSZ>0QJWB*e6 z)jkDVLs72U1G>poU+6lB_dYRYOerz6u z0G&0iG%aer`S!>2;{Bb%*0wtTpS%n3c`O)rEgn4W?uWSJd4sxa2r6p!%Z`7_!-vI` zzN$3$DSOmydcz+m$f9j52Q1+FieqdB)dCgNlepojKgyJ`FCM^g`-d*Cwtf41zmn88 zp6G01F%?V(c-Dpd%(%polrE9HXLdh=Y@+I!8?LNLhx{ql)-4V8L%hQr2 zSwR{3h0e^dd8S3r_{;ME_W#idD74t?9!@_qQep#H4}a zTyv&1jmD^kXyq9!QKn0R}%bs0W(cwj)WtV7QCdctmTfeM#06dr5Uj z0eBpX^|KA+k`h%J$55jh&NuRzacbSWsbvuyk~bS?Wqk$Nkv*NO;=q0BebCIm;41(w zas#tqMt*7aiH4ltav&*l05h0IO3GpDM}U@tud0Ipc03;|P)IU#V**%d3pEj@TUtna z2v753+B^mhSt4w*mm%7Hl8=9%0Q7qVt)#wRvwOyzg)_4=ZL0l0WEmM^4D3AU^DlVa zQhA67y(z9NkYiuy|AHn0!_>VgvV{)gO6v!SrD+Yq`}uRO+RnD3;W2#IaNVSq6e zV*EH&@uEb(sf<4sEOtB0O%G0YgSZ3z@@=$o=)BK(HKAedrTor43X&w8DlP7A2$%B9Xf@~yxDdj{BX zPlmRY47Fu*vK7E&sD%w$r0;#LbTKJIYt)tjAP|4V0C*>0+$7e~UPksfncf0LF|TTF zePIqWDV$m4t(W1r#mZXUoigda>RLVYZIbS z-l5`c5p}d-&2KQS^{=I~O5u2r^nuBCax-KL7Q?MnL()S`=#KA-;v2nR*w?3D-$qxS@h##=Z7A6CbiLW{v*Ad_1{r ze#gO?PIdYQKKWA?KXy@tcRZD=5QW6ZnDB;{qXx29N|^kXxo~&jx0Q)$q%uk-IlPq) zZ1V{+UKKqdkW@+}y1ZK?xWT3u@7#3`e;kdNfMZNmH~%Z&)9Mov-N;m&%}IbNSHrGc zx{-vo5fa-`i}unFN^xpePrZAvxc4Oq0WPiJS-wRjKYi2&x2#LJbJbko`DpqkT0 zC1Hawx9Q|8$&YdCwrb)TMP9j5kKB^lE^v2$+dI-}Jie-V+Wa!SA*#iI`mHuo^|>`Y zvGQ`7p?$a%4ud^P;Ih<*2Q>8zAB-WK!pL%%dHx4-a2C`0p@;rxJJkc&RO@PF%DZZG zADYXdLbyV(c=rpdul7gDA7>!9Q1_E%%-)Odear~;UltM(spOirXq%e+{*2?$M}9Oh z;nQC`Gq+#dDpUG76_0s3X)LQs%S;66HWtnM$$aAFlOo}+Wep(*wemD#AZu@q3daq% z{Xlf3Gs`+E<9QuJ#H`8QNq;xu`W}L zzYJ~JaV1r}YKGQJCh2gSoIUK0XWLDRXjHjVz|x!fd%EOaX#*(k8pAF0XRu)G;4fQZ ztGnw0waAQRV}m`Jt_byoOW^0bKbnaSvgY zJSBOjIbqk!TYR_)mzWi;? zw5z~?Z|QBl?EEUu!mG8REAq!C(bDanQ}P_yyL~k@2VUQADDqyMXXELQ)SVDnzvl)| zgTKQNTPn7}-_pMXnrRwN=}O@pKbAjU3{S4WGG!#A)0K2e$`~LxJ2Gvb(tH@n_d&RS z0L~=QZ6N8}aT!>vds}D56(2OHX=s7bRR#TCTc)8>2O%+LqJHC3MGp7d)Wu-78Gd3Z z627bK#nA%H8e!LBpU|*1iL1{oH^I+0psLB}`XG_Bh5wM>{3XT$cZU~)2EwPcAG41K znXdY+8eT1!SsAUjx}Z{J2rjQcK!6Ej6}F|_j{yF$&>>OC0VK>HRgJ(oV%$9{9l+p5 zvBUs1E5@rY`HV5=lVmwP%F0Lz@R8QsKE2JgnDPY3lA&z1u(_uDsHaAUw_V>wJ9tpd zygRm$?{`JR3gt5Rw3@9_y{!!1tu!uXj}OwKqSMn=MS_@3cr_xcL3DwIvYtjW$OrDmzBb7U0$+X>C9>X zs08~XcENnQV?-=dSlYhlcZ1)$C=2>q&~?Mlu()kAO9XHf*OA8zXo|bAiNO0rgiA6< zJ_V}(yo1ZObgsCQG@3G7sLh=O0xQy)D2Z<4$d>I0XiJqz2uiv1KjNLR<8mTpy4*Zr zv@Kwa|AYgG2S`sBHv55_FRTnba9YA7D2QN|lN@UfQA>3Ux+$`2D9aUH`Q+@K*02Ij zhL#@@l6HX74-~`n3%w`zO>xL`0f@WLo3_v;f?7A$xq?eai8|+MPvM2ODz2C|mO-{M zi9th$d?%8Z_nZ)2eT9xtHWNRdkW%T)17Zw2-c94k4SrT4 ze`VxbH9Cc;qs#RJPR6LY@OA+ri!g8I-1R@ zvLi58a6_y%{E!MzP_6d68P$owJ`HFZzSQ`PYfoO{FYvPyVo*J<7kh5}k|r%_@0*(C z#>Y6N^v^4z#?Mz4v+)?Cn-+R{0~HCrA9Qm)X?Rwgz0$^OY!T06QY z=Jb4`SZbhD@%!`WK-Ht!>K<>Y@#oD#*J7$o@*uIEgxYxGn0xS4H6vTz0c{_7uBlSdon%uG!(`TC)a;gFxIFS! z5Sgdw5(%m<1?zp~R-IlnvoJmECe!3ldp{&J$!`jV%oeq34CK%dGq4Nub>$rhHaK1X z9P+zkb~kse?SyU^XZwZahPIm*FMU-{P>NSOWeUvL2=T%c)bG9{9Y0bOxZ=>8zz(- zZhm=YCtp(;`K7?LpSn})*GCKU|ABf91PWv1D}{XYRVn{4w_29&n!oSh{R0eeu{tTP zjvXBHEzL0pMZGmf5#S+w`rvGJ5WmmeZvkK|{wrFV@gm=^8mYpouOSe!OweCdJ^Tyzo+_=p?90 z{aJ-e>h+2)C?O2xDC9ofgtMa^(4c2u3$iHrb=KH(QW=l|1mbuxa4Id%zlo=nbnUxF zT5fH?;^{XlPetLf=vr_ob`k~{-r7M{oB^jqS8P8&{Q@#p_;Y^7n6xqx$+tR9yV$e{9F{{3R;D0`%z1g~4YLG!G2+QoIr%0dSi>$b|U%0p8jhs>h=8N%CN9Ktyq~*_>@mgpbClY506+c zLW^z=K_cj>nv<;xR){ePbOIiF2t0=1k(H6|$*>RFHE3ouCKns5*K3!wgW||Olzuq5uyuYA!CdKt$o6XxC|xTUMt55w2;qggCj;@)a&sQT zkne%R%Ql_ylwgybzq9$c7E%-KxIeaOz8uSwQvLTq@vyGuO1QbO?%38C^&=kb4;)mp z4RKB5{13X&rR%F)R&4_#9X+eirMJ>nkL}&$hpqI`jE!DXItm?_2;7_Nk8wW)Mw`?> zxW2cXl-#$8bRJrNd~UaBW5B~cJjcLzy?AtQMBBTR?l<}C_3nv}CJc{~g?e}@-uZoY zyvd_p+iu{jE>>uXDuryEl-KGsMNOdSD(-0U#rGl7Jk-%VbWe@ zDGR1njgygPD-1iSamT3~k?@eemf*_kbWL&7tBrEJ+i)@kk_%62>ysMfnqlhM`0!5d zc^9_3Jc5>~WR<=09Voy6qxaDr1HpK$`7aD~51q3}y2#z(7tnyV)r_$Tkpt<1-vXV5 z?!HI2;r~%{N9ysouR({;m;m zb%+R2Hz*zIAn3?I!`<$F%w*DEqrH58l-&Fayi=-aNQrvik?;j!HR#KAPrO|NXsX@j zGteT){(zrx@-aL)m5pT4&@XzC)ru~Sl%8a|CZj`F+rMn|*@z09MS1mt`|}}B<#iZY zqVf0^18hgJ$b9PHDmSI)ExYOp{xCr-AzUzH=t>NcUiSRBT5x*3FrYbIvjgWG!oeGV zufnb!k5N{Q3q=g1@u6nKlQFi;k+jQo2^RMV6mS5GL?LTH?rA^OmiM-OWM@7`RVH0W z{}D80q`g`iV$dPN4Qlw9tuN=hqji|Q^MWpmI>;ECdtCJeT`-s~N`{clp5ug0S`(Rf z^*%EsKZ7FI@60{Up*vi7JKg7-j807R?OAV^7s-^{KB*@2EVkHoU}Upv)o9L{s`Qm) zgOIh>dBlowW-{L!R%NB-DWCPH)V4a2=lroSpb=&rC66;H;2Lee-{Ku`7WHJH_G1?l z7u&?9Lyg^!T$M7WzezNV9KKO~M>d~+@n_OGifr3f>-vdUbR`z`G09y1Bvl*LH>tJP z8c5+6#D;4TP;x@GaJhscB*meY3j0RLWrF2?dD;S0>7=B$O-$UB`pQHsbdw;-${&)+ zWJgHZV~sHVy1A63k|aNaEuVqq!!6EdcKl=&6(YB$i3Km=23PvXPYPl1J~2?CmZo8- zxz;KiCcr-osoJ$l%q;3aLC+1t`fq>FO8CJ}guV*E`&vf!%Z)tM{EX8wO|9NhK7${K zt1kpnR~$2Z)JdC7s}Gta++lHH#C!aQT(QyrA)LyBPl#Z~hg39=PIsBJ{22BF7=2o5 zXT&@90sW9lft>zsBqpevH;a!?VOO%OeV8Zn;N1WhlYw9*(#f3|fE{BS^z&r+j59ur zn5GojHgW4GV|&OA+)|>A4>f!&TvB$853#;|8GlJ_G_FD!`O}YFm~N^q2baxB8P1+P zHt(OTPJko59(T?e{F`chydp z1286!?tq@TO)pj5%{eV~CQ?XjR|b)%mgmix@81;o zDRT9PFVYLu6Y{wNI*SoL6j(UZu9{zx2QIuCM1YHr&|8dIN}{|=_iaw}NXCCl-{*uf z_9lFk<9Ku1vVqjT6}dG-;l%O!iE<5tJ9td*OZ#$ECdTdg4=6nESwDnfz>sAS{!?no zzcy7AWPWWxmM;sf=Yw=;%;4j`Rl{W@*ecnFXk*NhjHC@&PSwog`{zCvqRY}|Qau?u zx^^}G^&gnm4A~(&M@;8mR&L+$EDcy(YN@IzZQ<-l|IsgG6>(AnDg|!%{0Kw%*-Gk- zcgZFQl&da;yLAZZ}ond&*A z#vw^&8A7BWr|*p`aC}3%g@#2fhfkZ*BKc$81LgEQZ!F%h3XGtUlz4R%jP#+zE}BV( zjETJdYt9b~{?Sf!4GVTVB9albC)@~HY!<^Ssj`K5S}Gkbg1O-dJbuuRZK9qX-iL69 z^*Q6iNpckGKt3MoqDSlhlljH!s2T6^)Tb=B|ED#+n-ca|nj5r2abo1gf~ArJu2#u% z4r{LWU(iHST1Gm26+V20S;~BkYA8Dsluxohc_c*_cwl;ThkLNF+lK8pFIIUj;JDw7 z{ox(Qx2k#8`0M|HivA{)Tgib%@3gY__QfKai*a<+rwpl8-V`a?yq7j8bd<)> zd(2+F-qFFKLM7S#-m`&vvx>{wz#XU9`|&Zyt8^O-QPXi(YMi5VQ%Lz-%&pUWUnpiSl=gb>p{9@O8tPbpc%eS`X zOQsw~gqGyZez`d?6D9C+Q&98v*|V{SDdw$D&xfE(?|oi#(j`q*{9xoc@dyOI7=v_a zJr%&`R6NmE8G(r#Qlc^IQdQnVx%(^!%*^=8)~x5yWDg`tOS?tO{tmLXviT_ucehqR zCLvX4WDcx^O!qKyrppgZWPg<|TD#Vo`MD~&SOuSwH9daV(Qm-^b7q=neW)b%wxDp% zk)(SZ!UrSjpKIV4j)TWG$jjdjz*PN%p{~rbr#wHHQO$)~j z@8LkH{M^#3m7bHCi9_IEa4awp2Y@B>U{t0=i`t-VFmfUj8M_GlWI)|$fOoEQEXgwQdZYo z4i|yAaVWi_G7~M7G}B=3wrg~n1x?A@5^c0kHQ56msh?DUH~0=roXcDN1hR`8JH9my zm&*p^Phz}Bw04_kq*NKdAz^WIt#9O+m){7bguDNiyvsOBc~-fuyxlLu9XB`vu1ee_ zrFO4!dubLEDO15iYEx-TSlTch+L?)#;(r44Z50h8jqCoq9lSZELK!KuSn7;I&mAQ| zoKDNfydxGZQ@QSBPLAQZvNGuD2MHo*%))Es9?6=&lP16t7Pxi zCA0@P$I5m5&dAbyHkFR_sEY?aZ`@hxZ=~8>dZV4%5l*O*b!=A@SLU+1L#F7fndO68 zyX=39QtuKs#sj4KK`%`jEzSs>$zTK3#U#bOg9ow!HyXLS$8>qxz1$C%?7t4W&S_@d zjD))BirB6P7&_)pwlEB+1&<-hx`)}|-PSouBQlzX0k=L7$nV<3Fq3jDnvO=g0s1#w zfXbqK(TEoqFsv0G_ubBHUk0PJ;h^p>e49VvZ5o-~&@NG~<1&ywJV&Gp z#EHJiz?Qc3DsEVYf|f%=5w@D@2@XmAUg^71<^oJi4V+fhrojpg;WRo>pz04)ReCHO z=JQr~axkf1Mg?UYSFVv5@?A3o0d@s={8>LASpUTUhKo)N$ZVw;${lFMi6pDcc)f+* z%Hi!z9o#Qp1XKVU8TBBA)c6UQCZiUW_6a-zyQ>Ae2Vv4IH&{>6MujwX1k9)6$dNJI z#_l4s*ka0GJ-~uucoU}uDqN*(d-5{j`i9x&KLbo*tXLm(vlw*=4b!3-qEqD5~|rVH_NDt8vZJ|^zX>ujzQok`NSaDbN%%?U8lQy zz*Vi?WX_hx9)A*(n2`PVh%>L3x2$ucdTyAARB=UF3;ol*_2pH`?EZ?@Hz3tR)LfR( zQDtj-xsF!#6p;U&Ku$6c3i@llt2YTd`Zb$|?u(-}Xl=kn7G^jBg z=@&MDeKY^`CyKJgIpQTsb%Mpvmi;}Z+3m~PS>+>!2;0|kuI#D&eE+F@4GJkp4l)>$ z3X*kfWiHCqxhy=V0j@Q+G%|}xZpP(xlSd;KE#WQK#d> zzf3pJWh<7UvZI$g77quq1!Z0=$uj;H^OSWHj~PQ$IB@|1>nFn_{$7gN{!tbLa8q|j z1J~)cg&@ldsbu;m0b0zjS2yH2Wmg-}iEvTiRAN&#ury%>*UCXf?QinT9JObz0kLo@ zHTUCEzKdxv^@O2c5P>3U*_we;bOA@H#=NZ;w5^pm&$qnB^Q>5Kjx0Gk$B#3toHN1e z4w=Dkv9co)mSHG~e^BYPm~Q}VHE4{>#JSZcjJ{V_%5pqKwMCuB2nm!YL?MF#9?zu=Q z$#4G_??EaW+9ObSzx=jnuBGORO_Ykiz6>-GbFELR+|~Qlc2#{c2DS?^+tq5hgMlng zb)<9lrOSy15=X<)bTvle}_{XW#X$Az4VrUr>G&>B%&uGgm;8I3j!E6fHPbD5D zn0pz!Z@jXnIG86G#%N)(#!aNnNi(k8rAo+w`Bf1Cj5cQ}Ob~Kh8K6a{w2O+=8UrEM z4mF%C@n`Hr%Iu!)F@dHZV<0sib@ca#I%0{`Ab)Ww65>}h(3uKhl*beWNf`RxoG;7( zvXxl&*`HldsZ1gx!l z^LGm8EUbVpM8gxH1U6ciIT~NSwx((pEAKRp? z;yA(irV90LmYPr*-?yHV0-!dQSG5m^(ZT|o+w*zp_Vr`RVnoQvX zdC&*4-XeY#??1+;N`wrz=s*VBOIGBY{oOX+h0}%zrvJ$nPNhss9DsU#IXa=<`m_#f8>+vtDYs$=5I3YFB6G2vO#7F#Nmq zy}QaIetB79xiDwrwS{jnlfFu}ELYl&4EoQH`|Qzdj-JOg+znm}hNQu4ow5*l)$m|> z^xP|Z?@_qhX24*V)oVK}^}-QHc8^4wbXEEZWWE7u;dGZAM|E5so>a@VQNc03){>)i zfVCKG02X%HGQbUG%hGP~tIAkOPg{PGp~q=gX46$qWL1+|J)>ibCdm_ z69vy#RhAv}V2xmZm!AG}nz630wx)tUybgZ0+P;SRR^*!#R?N$r&go2SH z_z%50Ze{gDS(67bwobkXd<3bh$II{{)|Z`);@v`H?X1GK2E5T$9a;}|_bj+Q%Kq## zy_0pS)>O2O0k2^*|2?{}sxr2VDSwF%ene176}g{nPG}?ri0+>QQ&7K(GNg)+gRHNU zBh(O-ss|!w+5iO%aV49;(7uY*i4Oml+5OD85WNt7S|LIdPd@(F88@bY*k+IV z`bg3}qa;oDH^tU-jYCoZA5`+k0&SM9d~Q1_^2;8qAl_VU9duK+Th_Z*HQ!5&%XeY<#pRJV zwAj+G714H-DI-s5XcSW9bOCq#;r1tzY;%-#GyFf5Ry}A}ljOVmCCIf?u}-$MSfI&6 z8=SWPJLjCI>-12-uS3seMA8DZh*Xes%#Fr5{vg+wHuAJ9dYGoGl$Ds5!q4qK$#3Ix zpw^W354#p2_^0NoB?tpJO%chq-nfLb#*!^b&(T|(ST)ryuxL|c)5cp)RfD|e*qa58 zLn*AyLGw z^UaEj!>MrZ4XW#$6^*gI$IQHq8UqXwdsZKtWl|kN+p0Fk)VS9l)-7rlB;M!)FB35v zz9+^6PFdJ3g7BB_H#3QT&itMDXR)ozpsfW(hezO}vZ|-LSV3f5?TOh*F3x~?^s{qp z`L;%6$%1d*IEYnl*)%XCpJnkySxUiITEU^{H`Pf@VYi%3s@XCZFi5b|l=Z$d52FFF zCgwO8Z!>xjh4s2jjt^32`uh#HFM_bNlHQHy)(c{tpI**MV}`a?NhTJvNBbr#P`tT5 zjqlXp(~OOK!>tXrEvZ`K6F~rCSIJwCIdU!kK@isbjU4<5^ruU}>vMny$$qUcX}ak9 zfFf%#Cv0hT{R^^Bosfl0g!Pr-4JNXT)(QuaEH{R0QWkWmMxXZ>_uJNKdc<0T5=Qt$ zGZdDkj9FM>!ULaj7N@uWD)GG_dwfS>$@^61UAhFy2o?&B*~S}!11~TD(-tsOunxyT z3Av2QNOf<)aj=HDS=4WE*`P$sxYNyGkd%GnwkR9hw3Bkjg3kJ^lh8^BbiN#<$v@wxs%qi)tLKw!Ri#oC zFiI!b%@hnkPF}4J9ewlTr58j9=(q4DkTL+@ddv?ykB%@TL>kDzJCea7wAau@vY(VE ztMtV46>BdZjy~E$uM2b@ZZLFMxdbnpX4V1a-NW$3;>p#6AqELz|F-X@jmV>^L94$j z*N^|Nx9)Uv)9$+OFYkRF?K+3KPdCvIcFSJdopl>-maowLs^wVwil7kBF=qNsVAM8G zz2`SLDXR1?h%&}Xa@ZEzO5V75aC%_YZ*U=?yXmva?Pjjk=sg|(zMXte$Ax|vFz~GH zv%wYW-I-GsvhfSw-@;n%Ze@;5EF=4pl;a--wm_nM`PV;d3&vus7vPWb{~d&kh0FVz zpEefuD&ZY$SlDbe((KQ^@$bM%@$Tvj<+U(p-_#XdJ97q$y26P#P@)cDUhzfsTD6J? zu4B4EGx7Y9Kr4UJn6OHrNAu~o3)zYN<;}Wt>btDv@|pght2Qrlsl zV&SgM9CvF`%@==NDP*aRKYuT1dEsV zThSK%7YP>++{LGZKJz>U6r!SHyF zxOD`L6c3P%v!i0S1Qky;s4-r99bi{~)ng`_D%&oG=WClGDFFx3;G#AI2is?iBu zY?-e%>MH`POoUWJr^J1*jr&di0cvd}Wk?x;9U!cC+PX$ZHUI-H*@CD-$vD+_^$K%?-X9muAW zvJeOlIhW*67S$h~|I_UtJNd#arjI|{mS8nv;pXC;uT}Z|u$&J%x?n-bX#ac9PdKoX z9JfLlc$=?z82Dluz2A{r+>o-B(N}hT#MS7$*&cjm8{5(iC%C!oYX5vs3Grg>sEq!% zEzS1SM71Jf)I|_D=DbyTgC2K5W z%kd+cU9B=lefxJMQBpKs=~UMWMUzRW>-PDz%ll)7V{9T+U)z`ZjBAGzpRlRjL77RY zPgd2a;o^g}RQX%U<>9s_9RB)#aZ}Soj03oEYWogad@|~*NDoT6=!%`7Az!Mpk0DaE zS)dRLm;mSujU_V0E6szISkKzvf~%9nY;kiwKj);}2~S_K-7QfcR=k$4zE94Ho<-6V zqH&7hzlIC75@5ZuCj5uRT|EX?A3!!iwrtr#mnlQ!*hyI}F89@?V@lAe=YvMaI7b-^ z^qWuYWyd^Sg>+b33PcrPJ?Or**{dxBMC=10KXrWmYZZTZ!H947c{+zfYgDPEdK$V zCStFR0~o~qrIltTAZCM6nlzINA(a*IfPf?-3!JgFG6xQTb*F3~b2;4blC>gmXF{3=+GEoP{ zx?%)&23bf9DnW?kr6i*(7p(>Zy_o~r6()5#nMG>Uu6;73$=psmfO(Vhu}nF!a0Ug7 zn(UHr0nzqRe%}8(nTHNIX5lp@15XsT)ZFlqXSHlnxVw#y_9o&z=O`*-9cve=!p1Jz z<~pVOZWu{fSA;?~^1OoKN%nNvj)RHVPX_X-Lf{wt&;Qa(J>pIaotQtCEv=9KEG(53 zUeviTsphr1BGNP$5@dT$Z?3bjYe{Is>{*%X3DkU6jKo!Wfd>H*H!Ci5iAuKLkLu13 zO}Jz|YE@ZQtsv35J+9ojqrdP#@m;$%e_ZGVEB{RQ8_ea_kMd7X&auLyn=x#0+wR?u zy3JW_wG9rq?nv8uueJP5d^elvclYc|R{D;0MyR?C^TbgmdZ%9KYJ{7WlcI-5r>ORp z3tO>ynAOhW{lc8kAq1BPbnxoML59f@AK#5}4d-V~QL3tUe{4rjn_=q#Qwl`doWe`kh?BRJgIdU&AX14Xi#AVme<(wJ;wi937 zD#x}3GINa_??95uX%3%tf}iju6lSZ)f3cMv{xt%`y8evZv}ju-o2He3peZwS>VvDI z5ibOcc|3SlnoT-$fNI7U`S7po^0yq_o0nCeN22syPQRRtoN+qiqJtj3yjy$^r+ysS z*gn{XZZ;UD7cy(cMYiO&^<%Z~7doVp>gAt(L|9G;5^>>&UGn=1W9Hl>Y6BeX!Z&)|?+rFc)E$ktg)33e^xGJ!He_d|czp`xi ztlnjuA*WkchPsAj#9&q57>>`dgb{*+@%(H1vXbj@H+a26X_6y6OZT_4^|px0G1yAeDc&AJFY(s@31rm^4V(iGYk(V~ zedsDg05eV{-3GdNe_Xd@O2oU<6W3#=l73-Dw~W7bvg zGF0jKIT0=aJ6mq)%kMfj!1Y>f_NeL_Q~})h$2s@5mX%CGJ_nRI{lXqnS$3yHYP4Nf z67fvaWTJ&cLP1J&3$HPfm|o_|!baM3fKNi+G4gAzv5IIC7O_7DXqs^kF{Naa1?+?* zhEjkqq-e&zQ$hhy@pF~`fX2+9gG@IMWp_^9qPQZcA6`W-ld|T9DjDe$KX5XOZb}~0 zWjAVsC4FFHUDZs91hR8Scs`?;D0?s_W9$Gc9xRm2e3nGvOVxBu8?}!|CbSJQFZt)+ zK&uIdp?jVjPeOWR^W|tvVhq7Soh|!CgPNTFF)hhyE|YTW%RcrfI@Pp3Ykj}A&>738 z@3^;1W?1Z&phWgzr0n5;l1Tl&*`$3chhQhClf~sRwUg2M6gN(z8d+(;Ft%V=BdNR@ zDz@7|&d))bq+wlF#js}!9<9^_nyHY+AmKxpdUZUowb*w5FP_!rnFnE9vqowip#&XItd2e44d0(Rq=RcCnan`kL(R#X4tl2abX zl-%ftf0sn-XJaD~v_C<~@C0;u3Lw=CU#Ce6voUfK^_(Fz*C#}Wt_qxzHV}_w8H!uZ z$NZpZK~BU%EuJBX-Z+bPX|Y*}1_g@+PethaR5QT({=OD&s%zAs3QfFolD8N4mlgS%L|^D>-NFVNUVBCQ5BOSb zIXnRxSm!a_RsJkc;lP^TzWY?O=%h1Kk}DZFUz4_n6HmpmBaD)U2V{T@ORPJ(7_G+l zqWOqeb4UA0vgo1Usc6ZL(O!sAnq-@F*T+-;(D!+1YJ6F`E~YI}6bLV;9_J?m#qcY& zhksXYDGxq)0ZMe*8~?)aG8WjhwJ|F^RMediin}o;U$6A;?v#ve5LPM<-K>9AjJ`3^ zZ2vO0vU#`RmH3w9kjU4o%Bu*FL|2NMdqnAxGUh#Ee>O<`#x_cnQ%yIwosB2`ENX;jvdc+KA%pT z(-=eX;&gpz9A(p}j407Ju~nwR zEJ6hOld@P@BqQL>t>$0fo+>(;QZeiv^I6y~{zF}vY1aE{w(WNQy3xoO(o0Qbb24_4 z*aLS|RPVsBXr8AzKN9qbw}3UVMCUD=yegC=IvYQPmj&&g$b!d;*`|quMLK**;p^96 z#uKUpQ4xK=>(ndN?YYMwF5N-0R0R%>#!+H!1`^$cyY!F)Y0~*0fymH?*UZ(D?sJvS zmJGhN>GzrZ!u(XDFRaK5Z-ohB>u(=NS89Y_H%@NC@+KUl5n|8X_V+h9cmt~>jCu|F zy$k*YCAlC(bq0f`WOB768cr`945*vIlLiwKi}3q3C=R1OQFJJ_R~ptNqjeW}V9gO6 z`BzC48sd9bbRD)NEPBHH)0!$zd_Av31JMN6MlM%wIYa{os}VZ;wV{_riDHlCIv}F8 zCv)jF(xTghpU#g50O?>xSt$~Dtzl@Z^cVlzq8&ijqLaNNN2cH)@+!rqJ|TrCVd@;n$WTmCFxrei&1L ztUpyDlb?x;JIs`p8`%Y_sZ1ak-s{aOx6?IjCc&fvD_C;&AU4b~`(HaCx5|~sHj|QT z`I4Uk6kV&UMy;1k_p?F&*rEB1v-DB2Wp1yE-XuD+-HwrbxwpcveVuUfO zQQ^fX(e*+006?EWSHvzCbIX!4?m`oO91K_j&|IvVwj8Btp%vE0Ek{$UacGyhlZe^S z-uhpo(s$h{O^Nx=v%(<2DBK#B1d=R)PZWE?9!@+p&PjmHixaELqg}nOty2R%ulEFM zbYiY>(A1+IQ5Fw^Sw=(ULKkDInIG!~f8=$XpQ%py)6ZMxu;EgC+Y&J;+*-LL;|JF? z6jQ4X&mPU$x}1_wo}#*_J%~)_o%W}A@Ia`{+&?GPMRo}rmOk6)*I8@DGCfJpAWP0~ z30pRodHKoL*K!6m7@2f@dVu!&hMl*C5$L~u?9D1$!$+E4BZ^A{e$XMBX?5qRuHz|@ zKLm3myO-2>K^VyOoR8oYrR`dM3xvF2Vr$k1cvY}GqmcvRxI?K-Cb2g%<3L@Rexx&Y z5FFu{Ou>Mu!hi6;$k+@mpxVa>8X7+!%~yvBoCOcLAQO%ClRDeYNtu^y2;Xw+s6a@| zy!m!bfq;1+WOfW5i(?M`%^G$0*r}ea1e6ciC>N?=M9>0s>`YvFiUOb|xRYpLE9nRA zy(RN}7JFS8;&Q5^J^dc^9Cd^&7<4nN>(aeWDVoa1u+Wu1y-qO!?SSe_tFFWw)zCD# z8oX|n5tVsp-O^kMpkwMY#mcBo)2a%S?ess6BCS);H>++bk9NKYv530#A>3y-hCafN zv4~A+muMN(CQdj6m2$Kno|+Gm^y5mg{}y59Bp_(0=@B&+py+>bfYdz|#U}TT^177W zhwZHTv}9f3N^Z!zsAZApI@uiaf%HF0_H(HN2XBcfx$bOmSIxrDmkO?A3KaG~N!xKD z$;dc3Qf^Vo!(sf3cUayT_f$Y`tK`qR2-RL0-#HUK>3pX*xm_3Sm&bJ~WLvu~Z%#O+ z&)j)JyE$0ZNw}5A#kf{`HQ=eP%B9o1b36=Q=*-=LU{q*T>diVf%n!Hoo|zu18vC_z zw>Q22O(k0B0NIz_P9Gqm5Rp=;$Yy5Sv)XWp>VU;Yj;g!1DdRdDCAgU?%QFFV@(?J! z8}E*Yx4G)vh+ScanYvXIqg1I1FbXrRd_+hCi;nRvk*WWWW^sja`;N0!DQ21 zlaDk~@22o9MLWH$WhP8W{0-7E_lSe#I=mWJQ+~8juAuqn{if?EN0D^L?mM=U$Qn$? znuv(>!9gY6KEvYqOm*Mc^FWV7xD7eO=jp(F22LG`F+aPtTKMlf$A)_dx;7^zOZ^t7 zss^>=jlfyfrL7~`#;*pRgKy|CrR|_I;a-ClKt&Nj46yvpBizKWhZ@k-sec>k4H z2>B+ZN$m&w;>X2MJ7=-X)fQ8|?){n~HyN=-+nt_#MFv$vv>+LRiylx}5bqXyBs1Y` zQ5@mm6mMZI#(zTR^j;)20#A}==4q=^?1c4ea1jdWNA;IeXxgsYf?7SwgHOxTwp-X` zWno8hOr581D(5bZZkC4zf+rhX@bn$C_B*YH#73lVXqqhQmz!!8+J&JAK!||kbo)Ij zdEPvB#%{Gbe@z?uuvz*^@$@xco?WL=H;qnx|3~j{w$o2JJojAaZ+HmaEL6EQL4j^1 z_oGIoaQMUI`iAkm-yS%3pI7_jA`q9OU7xH6@~UsNe)xwLN5lCks$8UH7i}EdC!F?a z`f_o4KbJ5-jys^u8DZF|XTmMfGhWwgpd6QQLDFBw(gz*t;5c>fE|Dch@bCu3hfkV~ zbnKXIja9$|%9Vl9&91f5(x-u}$Q;?vt+wi+`aGao?|K{TpReW7^Cyvl#h}q(nsFAR zeNg*rl$Bu1EG(bu5^k%mgJG|HDfvk9#+VG~n!0bKBU=@*apZnoNMvcX4&jttyeg&% z`S2IdK86Ckc#z>+me3H@ab16s7p{voPhkr;wdnz&`!}Dp(J!ZH+!aN$`+oJ6^1>aQ zcx2ChSX07F12h5^6-oejWChvR_Zhz7>(J-593J{Oes&);_JgT5r~Gjw@&0{`o$4Xn zzc}?jK^BXPD`I+1NJUob-OSzJJOf?w=hI)-Yom{@ z8&g5v?n;JVYs(jdBNKZ%)z4W)Q_T`AQ|D{DrQWD>gieZZbq{SVG}vDf0Y&hAh`Aoc zKG_Kpy+_7*mC>D<)D3krtC$lbEUU%u2$=hmJIC`*Qy<{r~ZP$ZJuzkjIufSc@^VmiqXR+xo zO7a)}p;HLscrU*@^tJLC62JcCwAi#)Dmy#aBM|wZxTFLDw71HG?5Bwrr;8QKH_Yh1 zjSnG~Y%}ST)RzKy;2VTd1fPPiA66r>-ot<&sy7DEpSwk=?5nr$R|y`$?wmk=zFoOw zGZ^<~sBVm%Wz(94$)`o#9{Cp!l(Gdog^JVw4mVw#hWTyyDOmRTB8Ae4U}ph|GF|6r zrZ6zQ^fhzpbXftwbquz4_z^5ktV`DNzaohX1o|I5Cs?|AG{h!I|Ks!@kp2ILi-N## zQM7+k{`~0st}vY?r@vV<&MDI1;Bnghs?SLunW(;yvJVY~)2Cp?AN8--1$}FN{kE(7 zl}v!h(vP|7RINS8qE`S-Yqq-S;@oGf$3oIphB>1~M;`bW*&W(>GB!t{^vpdn+%5B2 z+2)8`m_ARTGKbzBAC=8>e!XwvegqytQ=Qt9=?}x+VF3T9dkxKEe>>oP$ z7e948q<__}?IoC~Urws^e$nAT{Zsttl}<>R1GMD9*?bMlD2o ztI(=bN%@=Sgil&O_VWwDSO{XQ9lG27UZIVCj=-1i+(8$hbQWUcTq`f82ED{Ir4SL2 zaV4>~GXDkM!8@7nAG_)3zh&m*L4GEXS67}o${q9IS@p!Cm_>&E11?fxm#$NR)7re& zwm!?Hb2%+Q=!TmNsoJ{%{0W522kwSlQ1O`?|Dr0B27QnBTv<4usk)!}j`Nd63$}&e z{!pMpf5`O>%4f#&MFf#A3^iJ)#O_C<8L6OV2jnYT$s_TtP}vn;w*ohyR>vCq{g-XpEa4 zxf-s1H#p@$-!TsO8RFvo@D%9X{#DQUiK*^TP>)=J8Q(Q0xMCGITyoMv=o=Zn2D(gx zb;iKz=K_fJ35^g}?SpFdRkuglBW%0%|6WGCt~`O4A6bXe&@JdpaYLR9i=8`iYJ@4l<4{qc_3YKi1~z4IivAa=9vwfGO;eMaNArNxm93R5JgRS)>gygj z`XDF_sxtsqm8=!4JfI0Pp_IFo4ZhcAI|Xv5Ikyg)p_%-kWz(6``pyvZIA@Z#`XL~ie z?mdkwtT!GnlkMhvl%l_9i$x|R5>-aTf2AD3W1-ftkk4AY;S{$n0cqf}aNx1iBi2DI zg5WT0@|`z$s?g#SmS+y+JZR?VPBNv;PfuBghAJ^BWS_RZ@pEYzOoOt}`__u^|AVM< zP~)1RM#R|bN7Vq>&LtvQz?I9$N!?m2g2JZ&Y2PW>{UYt*5n3GZtt1S2Ldr9a$h6*! zUixmH0Q%(Q;9JlIoV=GLc)QPvlm+T6m++W}W0U2hS;j>U4{Cko7IV1NcyEHNxL{Ng z_z>>1HwcPCl@+jS3_aD`98-gZ>{G!#HOIs7X~wr96I)eO;e^9y`}ac$pof4Mam(6k z8GL{{#73=r{Dp%a?N`-#*0D zUi-7bovE{pELW3O&jrhwm#C}Gropv4ez8sv%Yz!eTgg)pFa*B>{a(9^*#OcoPo~29 z{{s%{AVxbG&SYnA<6UOM@Yb)ac)9M|S#P8#DwY`29I49@?6O6FeqfV_CBD%0vjQdQ z5xUOsoaz)9lN5&RC;seT`|RQN({3Yl z@T;SBQ6^E%q4_*{0b$9{ek7Msu_sG-OQ7H@19gP-RHuUuUyU^ z?fIbB_aubu8*$HXdyITb`JVNh+!d%3MsiRim#OtX;A%OeSxWhXwyWc;Qe8yEWV0-p zJIMG=Tal_9IevOOp?zKV_HWbGp;GF1)PRe9{D;B0_pA31Ugl4SH*I^Kh|F_du@Hef ze@H?KiF^ai4>uZTO>d!Y=I;xtKY&loMk@eW#3|yil&X@kq#R=U$GqP62C&NP1m0&U zqRXJTF$}MzA@!l(>e$&>v$C4f~Ct7lY(*&-dmY*#_4p zUCu=54!_!$P}Z6bZq%$InqJL*(V)@$Qq{82`UQmS+pe7l+Y-;F*7TbT#h|)^r9Mam z4V#g#q_VXjL)H7ECREju{|PqZEA2G6O#9=t|NJoP$wKu^Zk*a@m&Hx}8T-44@@yS| zoA6gs4@H_3^}clI`ik>bK2`#sLKy&(M>j{CDrz5d;gM`+_N1H3llbYa;knv({{e3= zaK7;@8Q)q6`tqaV?+O9u)yIroVV<)8mg+mE#GB$tss?%U{ieAOb9!3+8yypkYM4_z zRD*i+_;{P8V+&#g+N$%$<`UQU8d>`{t+I4+GF41e&0)r`%=|3u7RBw`3FA=Ij-|OB zE=jw3kT4(&$#UVnFS3u8aXx}U%u@A8<4AR0-=C8J$hbzseGza9;O)wW`MdE`WSGh_ z1SaMIb-Wkg&Dg36<3ESMZDfwo0e zDLzvI{t_&W%etu01U4x8jarmU>;q2`dN&(vr1WqZ)%{e7U*Jy1KNcy^GQAk9*JKUQ zx{c92nch{c3_19N1VScaHQ~`?jb|1E$@dV5&9k|OMWm;(%0DyuB=A&m(^G^_Tj zQ7apEQQlhDZaRYT zu}6XB*f=s8{vEk}nuwChl#!TF$mw^gF87RjV~e$b-H%Y}>VLm=?0oa_w0{o&lU8OX zBM>m)0U5X4!SY;q|BG0Ye;1>~l+~y=e-7O^ICsa+t+)N$M}(GiK&}mK=+T)N(_7-< z4&!VDTS=;T*k{YXNJCFRo!gYY{#m4&DRm`ft=bK7^Hl~`X6QO%I(Ro}x2~oyCfg#v zapgO8ci0lnsi(0#ZKAO70co*`UoHmz z9zQ_aSgM08g;25%);vwD#n&52?z1PvBW<|6ld#w2M%RkKh=o_M-P11vfJ9f#p<;an zaaum@HO)>hgPD2d0oY05AW=#k25^84&gcMMqn#k_146OZ7y%k z!keEs09(_*XTS0!$Lj_=FDHv?oD(EGmtyM-K=&$%Ja`Qd!K($|r%C>znkHRK*yqC_ zA)=cWB9$w$d3H&9;DX|0mXO3YnQ;o5eo#I1*^JKq!0;z+AggrZPg|%V=Znr4S1qEh ze$=;yca3wqbWF?1UH!W_wsEdPX!S`3`a^e^a^r=kLx18P6tf?5M*Fsk4Mo26%gp}l z$yfYhD@Vc1?e__vr(3Jxf-Z8HSeNjN?XTF&*`jH7gFO_Pn{5#DgCknVo6J6Q-r%L^>q)s&B6X6>Y{{Xa7D2Z!R5rP4mInq88hGZ0q_k|+LHUnb zaXC$I+-wdrf3$@jN(AYYeHtp=^L+?ojWq zc7dfY%`fDkyRtuji4`OH#`#38f+u75j^vHHo4*~P(=&-VuRx<}&`Vq8_rtITk~s#M zr;1D{*hV#lAN4q!ux=eYNu*u>pRBM~Rw!-9Wp|1s7=3b*bN?FGPg(T)_=cME4gD5- zG(}&_)1lFhkGv6B7RM}BpjH5OC0#JL`E84-g1UgL^S>V(9&=?6SnrB+uP;bljCw0S zIqno7P6&@_wDpYEb1<59jmcXaF$nK|iV5n?Ey}$gee(!VWs?3vj-;PuGbVl3MpLd+O_u%`0|C3jS+~cD)7jn)}H-9TGLySq4i2j+i|Sa+&JME?1L$n^oo5xQ7At}As-@ZlEI$vZP9b< z5f!{3QbG|xO}}N&=LA>bo)=vCBqwI)Mdg;a4J@xB?3^Y=Uc(Ql<=}}8v~zjC;N%Y|S=h&kAD6+0yIqHv?SE7+wFItR*LARXtyHMcgvc zXNf`12xQg?ZA+Fcrm{43))|^2! zBC_tD2o9=7C~-o0zl3J((=XMc31ut*_Z|}9ns%)D*lQGo#jKnIK8!1$d1O&ir*lk+ zjt3r|gu=eT_bb>hDV15)rvL8~@CYsEZp~&FK8)W0DnGQ2u$D+4=rg(oJPM{kRy>Qe z$Qz_SkGZX8W4m0ef3UHSPt8_qiWpM!7rzH~qiJ7cltf@jL_1(+=ID_gK zH;CRb+-S^7#0Zwy=TC}E$hESNQyk5j?-Lijs0Z|0iw9`VvcgJ5> zm~Ve}joKL1=^vbEaB)bm(q|!enoI(*7`?6aiff7z4HwB~@vVbtQ28gz_14UOyI2gz zSuIxlMi8O&mqcHqme2%JKlht*-E%NcyvjJ9=n}~xXfuJhLg6H-!^AF zfjL2)9UpqW^c-9EE#st2wzr?FlKbIPSx(k$yYCN@rKeWT z&;NYsCFy#;lJ`<`P*5zT=T2OV!KLLZ+D#8$ZwK$YvHO?5;y8IZK0atQ>Wmy~S57W? zrQd8r-?KK?4fzIc@IzXsqgoKW9mBh$?}zj!+uUVFx7R}6e$R5MpL^_ASR3K7RfaF&iK1Q z$B=ey{-@8Nyn@+Myx~P<_-|p6kCPAc@nSx?Crw3eMX#MLjajA{n>`|8JnNk!qVI*` z1IgkOd>=mah+@ZoU}Pouju_z zE{p+>3%C0P?#1ybgF1`sqQ}$WE%XEsJl>BCX0m$0IJKE4$jdfG0op|ZM3r2AzwK)N zFwT@0XuTBt{%6A1F!tmW!~O-gzqP5}>Hg6R@xnBuoypjJbBVF^5bsWrRQXFc3C`|d z`mIM3WSu%<|1Y%%2DoSm2paPVymfT<8+$M65X8tEkJ+z#_Nr6$|(LoUx0?9>H zj-xb#HJ%NO-4v5I+~NFVrWc%dG%*dtmLrqWsJKw@?0>#r^7)+p zHO{H(WCHQ~;upt94#6j_skkn#kWIwI`O*iQrAZ$AIP27^XgY5yE{3kf6& z3~&q|&<<9~;I4Fe9YSDhg4 zY!zc7HCzxW&wIQV@fGU!tjMO9oeIUF7JDZdMOXRQtnaGH;QUH_sByIMld6j^QtD1y z3GPx0HytqGAX@*hHvJu}-w+75UjQoU$b3cxo~;=$o%o2Z#P+U(zNnjwkCBdv7HFBw zaB{foXVoT7h3~N|?M(9Y!En1%Y!ZPIDezrno^kVDo{_|Ww9r}RPhKZ&G1NChxu<&iI2po@{h`DciI*D|ip{4}!jt*-d-|4%3tlTU_j_HV_5KodqRa%2 z2sPIlwpdx^0H1Cr1Df-%6cC9{!Sudj+|_(uu+=nJz^h7$JC z_Mp3zwX-;U8_1fiGKc0`Pwj2lairVpInOwNJyDkI;9?I}zktFw`}DxEIer4f!^Zu#~OfzG+4c`>O~axL>JF~%J>b~H_R}_&3RPl*f~i^bmO3!iyh$$ zpJFN@98XHGpOt<7zmW`&0CIDHYa{D9O-)&!zbAl@^sOIP$Cq6?@s48u8+MyuKOTs% zw%-S)W~!8a?}}$zvuYzHV#ZVeb9SjhX+GsF;4d%7h1l zs(KtHdp2e2N_-P)jin1olhYNCcd#ger8rrPSyZwhd7Xsi4vpnB+8~RWNc>t$0$Ump zk%rAOxL7AXBL7@=F#+4}kHISR{$5Vnel(RPca+(8>~^;32{_S@ zkUVp3*nGNxpEL=~{#D3l^lK@J9@Z&z1~XMPUqPyuftK#s^j9IPv2Xo5d_I>fmEEg8 z2&e?3=;nd+_vPUdug@SkARCxBF~MiKGM{TSI8uz)gL2NEdVuB+7?hU$x5p!JVn*3 zcf}01Br>@goI57K?#n?vk>u;DVc$8L>WJ!(E>WSVF1fM7fT5xXbe zF>-zPo^ZXDQ6HUaP*MeTB+t&N)h=(jJHY;Mq#J-*pGMIOx!4&p}kyeCGIPKjEno z^Q@Qe?atYqbSf&kJuSI4Ab=0GdvoT{Yi9K32A?mZaro|6bw<+9X=D`lC}D!xItGYy zb!d;N+YVGfoBzPmC7!fpEOLl*fE8;_snH;%bFgkc~R)D(GwrO zIPxv)FHLQ6=cP5N(f{_iW(cKi7N&9`=PJy+13~zW8SwwTINF87rMLA#V()hUs8_>U z36`Tz z>NKF|?MT$FdH#VuVUSoHe1iRwlbv4RdIscnCzN(#L=Hs6V8s`UNPRWTr?z^6ua@78 ztbNo958tu$lSRV*j5~aChWwfm9M~H2)YK$UfH2UmoooJbk;IWm=!1<_3pkiy>7XQ_ zxOeR2trg|auE0KAEzSz)AJCixi4%&H%WH=E0l&aFwpzzx(tgd(h55%n9sPv_{mmnY zyUO{kz1^p z#l%!RWOZy~n0uV;wwSs9E(|e&z9+hY$GKz&@!@=5)oPgDU?( z2+F1t%_Qdg(hn4(2V^+fqG8Mu*oulw4|>GH-drizD&P@X_XF&#Plk3w3&%7>4q$Yz z-!37#gR>Zic1dG|s+xwqfG^yiDA*!sZi#*qkv$4Rzf$%HlP-R(itT{5&=82MVemCE zWqab+?vS%wSqOKB|Lu6njy^z?AEluoGC5}w0{0;LIBCR5vQxmMvj`RX?w2D8n=BpY z#0SPGHNOWgafx}$Rca9&e}$A6&i`1;7n4fLvbRHL5yn8vdNpI^M-5W~Yyl2B`G{2| z4AK~s=@uu)a&hvwodO4}xc?;&C|fCZQH_Np3mW!;XWrx7iX|x>t0y-sP41;Tg@e(A zET>nag@>}mL)+C0NMK5t%o$Pgo5IWt1<#*>B7_Y)<(O5R^nBLA`hNh7E~Fb}xDHyp zKsoA~+1Ih7&)Erh?Ewd4WLu3oRCqm45NSqX(oIvd7rkk}}+@1!%6PU>ZE z-I+7Fa&|q;D>D__>~pu-$wDIN-RJ+FypeteB8s^I$=ZA@=MCok0bmuHgbkH@?8~WB zZQ94ujV_k=2}7bLo}y*u1GOa!SdxcyYPp;i{Blhhn&2k-aY(?mQ0B*GTb}%+(|PnOBdT`LbqVm8ePtF6=laZcTa7f%Wmd*8BDzS z7r*@2TOYKN)b2K_ZFIWZGV?t?xkag?YBk;DZ&=`-N?(%ND&NSM>-Y{2GQ1T<*btk# zE+f%?*5yCo!3G6&!@{c5o3WFV{p-t1w*AIOc9pY0-q|*Tr0%-4Qj1EJyL#%vGicK# zbi}PE_Zk$|e;Z|N#3q1${K^gPyqY&--)}u}`Oc^FchWw_gr)QPt-hUYvlF+s+bxLD z8>KS{8vxEGLM8iT;Gwcvm-*$P;jWh0y#dC;$<@I+WW%+XlX@cV?z4#-*I$oUb9#87OgNzuiZ&(cnZUpz97T{xa zuu;MDxZA#v+u>JcM92)IPn*lb3PfbC;xwK2YlB!5y!=817Be@pdzA7yOp+a zg&hhsR}WRq}H!GqTHq;O4Dmm1laS+ulFqBT}Sh zHJ6c?yk28yeZzUf)?K0#V^uu|=FyC{%->9~5@CROxD6PWF6Np42=k5}17y5)vkDky z3d|Srr?c>VAOh^d`!71x^Q0YHc)gKHe?~!()TfmQCf05#W$30xX4;o*Pts2 z_HF9Wx0Mv)WqAP0|Gy6W<Ym;0?hC#8MA zYFDp*Z=>5v{>6t?)ltD+56G|li}YaL9gKAZ*Fd0)*(HDrl>N^j`|qc!#ZHZu1i+xa z8bj7mH#V^S+!J!J&`oTrb4}z}6h<6VIKZZQ>qVZC@jK&3hx zhFbxwPzC-Un$A6*>Hh!!?-_<1Gc}o0Tnr^+&Zi-a97pAnt1!h>GRiS*gjzF%NDeFJ zP$^vzl1yPJhsGrd$uWeS3w8Zo*XMWp{_W;=V|%}!ujlLed_3-tv<{`c<-?gaur-6_ zt8VbdnD@OnQN0C+ff=Bua^hN?PiG$@A54^eBT!Gy%hpDC`&TE2cYy6xGw3lTdM|mq*|}g~BkuhJ z`Ea+*d+zpr#ca`|g)clWL~|BgHo>elh9P3JKQUT%SL2f%Sl{XB5l(6wnYjtYN0kh$ z;l+E={n$n@5~XH{WbUVMWLal_P}6jcENUDy;w27dNb2$#yF00)kKdEJWs7CsOO!!9 z5009M7MI*-F#s#MSb9vUb2Mv6ba1pdxy6mwQGqZbWo?Vx{$`qAP0l~w2-CZyP)^%@ zct45w{*m8thw+=~Uyu!f=9#62|KvQr>Q`oyDSIpYH)nF=!QQ9`+iO~WzF#F)4Ap8p zk;iAcvTORvaKD0Aof>hcUKC7JJxMt{>Aba_INNMFY4hN2%@w^LFBlHHNBnohIvXgv zreP9uuDR`lC+4PyhW8>|zbNKtI~<$nYplroFlN-8tFiZb%kK#=QQ+L(od0suLCbg5 zs+;J}Y;|0A(barI! z<|&xc6(u*6LP`$3zJ>^3{Qo2Ji_p(s|I)rWwGOYsJ^rS~8|iKQN9DMZ;_GVlf9kMO zP97x%fHwHtg)IqsDtdX5vQDFwWMbmq=g8-g$Vbug2vriulv&RRWk**!h3^@FV#Y7{XgBpFtXAv^iWre?5T^BDoSpA zYmNXet?%E{^_FU)=pAoffp3H3zQx983#Xm!P)h2?+18wm+QrDKokHPCE>&S+SADPS zY8sFVh^T<-*$Q?Kh*#^aI@0B0+SjgMVv|&t>FDk%m{F_9BvY74xGh*%17{v%3gSPM zIii@EnS0#-arZ-jc2 zPW5hJQH?)UR79dY1|oOJwmVy^MqEG*Nq7(t=%Q34=cj*37G7FQJg@BtiY2r;6)0Oa z4(~;#*58Xni-HTfLP}w)_L!a{*80GKm4_?zup{yq$yaC0$<~wgECFbXt!;&dow2m0YaN8l?*HJVci6i?&HmG&^Ic?5VSfy7TUDeFWw^1;t@4zL>pqVw) zh<=7UwIm-3e(_?O;J4_amUnFy2LxN+|AX3OmE$-zAB<-1a*PjBQC*5k<8<3(gstp0 zk)+5p@rVGHbV=G=zVoa5wCniZ7>Rx$(Ykuwgyx6>`4&D1coty81BZ;GKk1n0<+8NV zuc$A}-A6!%lALkx7Z>iVlQpS0=C3lUWMv!BbpJq7MW)=J=k0l(72>Qk6oM_nEaKa5 zTeaK8%?$yRikT=a-*##iN%bK$>6ae0#I^ui>(#G2)!PTMb-0fFDgg`<@+McdBvc`W zVsG@{frx8G@sp6rwra4NK%O@UA#l^L1kI;iF+&7l3_Y6gBa0QbFsgR5Df}=4D zvAJlc6U~zJXNEf=NQ2B@362JP=m=aMQgFPIX^bUhG_FhuMqAtvF{m)J<_LCa5SC^nBTu- z!eDGX>LwJ;@b9eIN!;^0Hrw_uWWImx;Z&~QU&5Q$n_p?9$A%OJAj1eQ6bN*4X+w;&U~59K5={X#B|IoVLT-uC!OTBei0aVZAH(RjHH5-V)Ru(X%%XAG^N z;KK~qMj79DBntx&tgVo%pF0UxH!XtP(|Jw zpMY0{;iep_V=Je(QHC|xakFAqr;^}fSwMU1US623dN*FUCTn0O$Ii$MJU_jB z3_h%r%>ad2lMO}A9oq%~jd7muT2XeLpjr<`qYY96n!~7dkgq##AXIi+oGjtzE+VS! zY&y$z<F>d*2QpCifVKYSTh|;!Y1iX{2;n|(fS4RaKh2BQ;&)h@~!sTg_R)1CtG@Bh~~+B(wA^D79cF8yy?hQ z56Sd`tM$G0tUyH_kmezuId`o2NepC{H3$xT4qt|t*exp}cC4@ng99Y_h?fi#b8d{It%pDh~GX;4`?`FmYE-??^Y{zWYy}B3sl31ay&)`_S5y zq?yk4jRhAiz41p@ODCT=#zM`>AZy)#*|Y$HvHrh4252=0e>hhxb>Fts3mnXkoK;$J zyP+Vgq8fiWG6JJ?%r!DZ!;}d&vHoHM{3Hh9vg`fd4J&D#32=_b#}zN`@U;EA84qk3jnnTqSORJR3&Ph9v=ED(19)oGte5!s}G=474R*{uw7 zRl&jJ49gNUL;daHYb*h?ehQP~gaCLSco7C>c&>yD$j#`PCN0}5{BwyX=}qOM`mI(s z`OF25;p$$Tx4%`hfqyxPm^;DfM5r6FR(c)%A|)+)MSD_ie)H`XfkXv=h$RrI^#c@bDNYD zP)WQ*XGkZ6|5jA_zHdR2`;1Cum&hZe=f$Uk-bCV{j~Cx1N2?&rJnvC9?oZTz6CZ$a z;XpqwD?}u8wpq=6Z)9oZR@LeG8akMk`MIbI!)=rF=`~SbOya zJnS@`~Vh@7_66|pIMnK zPxxT}`*_;Lw2G!bAO8zQzpA;pJoxMs^zDF9#{+BmboP<&n`Lq-QK&f=Fk{fCMxsHxD&Rjh zu&c0sP2H3nj&IwTxHV=_A0et!QU$lWo+98R(793Z+}h&zx458Z>H~jeNaq2QvE)+E zDV+G^ono|x#lUr+qLYegL~FDQ4`dc=TnIJEhXlusr*?=16B)uOz1}_^(2!mMkui%> z|IP~N3|Zba^PG4S)M=S_ZDAu>4`zIfv_h*-5LFq(u+gms2@>wA;uC_55rTjZf`gh5Hx3@ zGc~@GDl6sDFQ@X!KBRyGuuj5z!3)-$td~*SJ05Z~ld5qTm>mQJ-H`za8x_#uHsw%+ zqokLWfx|da7Pa|HW9aCmdiwrQkQ*qd9X)4f@8~bBg1g4ZqT|(1*VHd}vF+%xG= z2(Z*i68?n__*DfVJ}6l%OpoeFmn#&R7!P@Ep&Qdl*K<}j6L z%$I?@gp1P7SUw%s{Ofp*cuqLUVlUob{%Q9S_sYu#zB~2i!SSa3*2rr4WV@Xq3Oy3m zfePio7l_}uX8n>f%Of5Jd||FQsNP(_)K@-+SAXG%3)HO^Cjdv;NOQ^;Hx}@^kNWIn zOGmom(xl!YNfGnf+y)CTW=bvskPY@1Ol@p?x?EqrZAmThZT2Vp2Y&oqeuV@WqF$|z>3=R7+ovRA(%){b zK`lp)gpoxN$mx)wIUC7_UO`6XBofDWd5)lH9<)a=X1hNUtpIogvb`ZSAF>Zlca*+v zJJEdN;!~B5xMVMcrZCDP`(ne1r|46R$3x0-n(eXuQs_rlpKA?-^Kw-8Dyguc|D*;7 zX^9xgJ5vSWE*)PJav<4tWdA^*;4PSr-Y^xxh7ia$x$xVgOFM!7R`(H9Oi=7XpOE!Jbjw=42Q}#>Y@KKdaf1 z4;ZT&qg&K&QXBCl@+)Ov9dkzF?pKv^2VuE~=2vLi`@CUMEl?}FL zGNvvgMQ<*;FKPM+uA6zBZDd-$B=puEw)eAr?U)o2U4Fk{7TN0P+3zYJ#S$#Cm)8{b zoD`XMSSARzvW>@!iJF&;TfSoIy*#vxrpc*mEZaYCc_?8!Jid2SN{$}c?$x$hY++ya zcxreYf!Zt?doYy($s1SvaVaCY@Bd!R`H@j2lR(X?I!+-=1=j$10D|lLTXf-$N;eF zsO0Prq4CY#ubLQ`QCSi2-ofc0%!vNyj(Fj}&|iu_Pw2->dz(J*u{KqcYRt|_WsOHU%z5*~=c1N2Q!}+7RhUfTrUmkY4T0)*IsW{O)?R4~R z>=m{VynGJt6=v7Fs~Q)~X?0(8|G|UZ(3$qy{p=Vo^J49Xhjd@0h=uzPkJKith|%I; zwg#8)Cc`gz=+|U=@EMJ4`J|Z*9Q0!%`^mePTbxRPn$#bz(|Cy;bp02JX`*(qo~X{J zAH<6Sohe28mld*C_>{)?#!+mS_RACp?SLG)Fs}kBI@!xm>741atSrZuTirSV#CK1P z#C0UX3F>x6r|o%QL6gNRtYgNyQ-mU@ktBsOYK5J3`eO|*QoE_h9)S%@$5Q2m1%SX< zpZtu3NN9J)W-0%J`b9gKDoA=sK`<>vqL0)m1-O}JzW!scUIz!xaUU*y6IcFjv;}qW zHZAPLU0?pn1hz(APLDy~!E8fkik82cNO_9+e4lFdW|@Jh#lYRvcu*dI{ld{rC&rDc z2hx6H0z`Zv3NNjx7neBU3+KpgyB7^Tki3K1s_0xtgAI{?_}sBNd0WW9-qUO)U+U&% z5Afjvi>w&9k%oL*srf~50qos~y|M9NP3af}^2wH+oyM2o!?g4v33rzvJ+5LhA6n4l zJ<|dZ=ms<0!pCy2Kxz()?k`e$?C0?R+z)?83sDsRTg3#s1^YDQaNgUCR;#0NLERU36;boC2Cwxn-b&QS6L~=hG`m#C{pIZ zyM5a@Wn?wjT}yhE4)=TX?qfHamJhjU=!B84M;f|*U<-gLgM{`_1zI|z zQRWcK|B+*fNd2zH-^xZUE%!M(st>|fGuJC&6W1i%%zjy9-vtUKC=mI@Zh|kiD4REL z+;Q*ekULPRX1|Q-`n`K%o!$E(uhuxdZd3FOO$_t$ z7Hn6e(Yi<+gBo`oOpLleZm%?!hp3Vg^n4RekW~YoqL_1e^sTU$IyIRU7hg^eR(c1| zT`@}Y%M3Gl-*AFA!)j5eNo%~+HS!CidTtKef&9g7Qcf9n5wgrNiuI8EZV%Ybbx4Te zV#0%Gc0=e`BBdKHl_wJ9>+0U7HDvRw=ws|T1A3GY*@xAH69R|Ahk ztDk};xX^B;0~hkJdNmb&VWoeL5ax^(o-U3dKRsnF17nDtMPoMbwnD~{Vj+7hR0|C1oJ?E5bXJK_Is{JA?bcMF(WID!JAzAT_1 z!??`!mX_$b?C~vJt0+NH+krhw>-82iHkNJI_)#W$#k%*l3WAQmadL?XcF1Uua;)Re zETjAHS1iP!Kxzo*9}t%C-KKnpgdCZvmX2Y=jo2%8;omU9 z!zoK`*K2m}2u{LT8+dJaBGN!DKVKSm@Vy-p^DkuSXna>n_V4GmT*U4#jce8~p}g`6vBMWia=lZI z-3<-Zjcdc@$)xe3uPt_P9n+q;2zmXJAo38d@y^@LMnMeURZ*fIq)^jpkG|XKGpmsF zFI08H;PQgC+=2Jn(QdBw6=U+PzBv{H(1tZD%-Iz3fU!alVYJ1;!q05%o<;i@UsIa1 zX)pYzn~85%Q@ zA;tmhE*HtOjc#!G?I{gzeR&0VZam>{VS^caM}hI|boggnAR=ENwAb&$oI}<|d3F0N zvj$x^3c^E^dd-Mbgb|BBP~_$MM%fJq^=XbmP13svxbH-9U3v^Z?n!r6zDS4?<2RBM z#;x%^m#sZkBP6^#7tM8v&*oT5u$B13G?w70$Ztsm{==V;4eB6)tH|w;@S>|Gj2${+ zgv{gj^?(`dzCrSIqL=YvO0-OZOuDy?d{0;qw+`2e@!>79AQ^?3>@Fh|4wA+1#t@_L z%nec{8{=^e+vhU6axdu&XDVOh-ZDMjG3hHvmbizpnd?4sn>>o;Yb;s4 z;Ld*VnP}A zP#5I3e9sjL2GyquHIc7^xgTEnsMiAh%pr*wIOUe86qC%jn~GD@HBYu!O3=(I2MXnh zjF3*yrB{^B8n?kEs?=kw1$*p(xXxIPGAOA%#Nt+B+VV{U9Kkb*H7>K01 zypdWuo_=Sa{f>T+G`BgJ|C`YyO8+!L5}ibIPK;1vRGyZYcG>EkBM8opF;k7oICghb zT5#W|`Xx)j32{q6`9`CeZ@$RVydGX`-@II?hpUoI3yZ+i7ZK_qe`NUwOl_4g08WOv zC!%A$?C{H=V*)Mu`{X<8;Z5qZp2}g^+Y?kza3I$U0{?xyCzuF3Yuh(LhVfDDV(La; zQsT2k-C9Krab;Fa7LRZL#YqwDvYVX0YnMxGzP9O5-QJwjwTJnWF8aeUyOp~3V6GkJ ztZtd6BN|zPh_F=_aWJnYv&mGFQXn!}KuPk+Rif`!8AOgq`hfV(GC1HKCxET`r(I|w z14?uAb&FD17sW^Yq?S_{Fl(?DyiQyjaZ}!*&_N8d;6&CXV+4+a?MBn_xB~QeA4)O^ zcHiqQDHMb&u74v#fv+(93Lked(5^;uc#)+eKTbowz9iv7xRWnhx`rxdCW%lN%t*bOG;j^*Sk$2x*=-Zs3PBTELHUvhTjPs*OT(*mFC3R8BmPn z(R*7h{v#=!_oU@Kzhm=Ptn|XOgXJe1<@zhjQBt(&77_Ry3NW>!ZUxwbxWM|ENMg01PM6x^ls*X}=&*$Rl&2Lt-DMH{Dfex1bKQVdk#fErJ#uieCY!a=i|ukoBFGZVYM?>7}iF;&4VN z;(`bFXSa@Z@@Bcr@T+wpTg4mfxxqY9UG4C(A_i)P#^kJ*RioCyWUq(%Jy<{Ilo8k> zOKs))gd)zwWIshiL8$vq;!zb7d7W7dFq%}`_9-|=6O*{j^&w`QYDQj=6GXVIj~mb7 zh3i1Whd27_3>Q@xC=4&|Dde~mK67BuAzKe#sZclp5v^1d?z&n(9*!45!up8I?s(7T zP6R2bmLBreESE2o*P=zy=+>!M@|&0Uj(U5K3CtY zl~+sgHPV?$yjY7!aAF0%Nj^P*VihN8nO=QDrmuXwdvx9vXe>BG>%u z^6SYr=qsh>dPQWRps88h*%+dHt9ew}ijx&rq1e$-^g9UIG#AG8ukVssqG3@B_I<<= zcv#9Xp>xjhB%^N~mUqU5EFub^^3dh7OfJ}^Ug9SY(2na~`c8jZ!1o84jlDZ&O;Q?#=K!yx3RUay$-=O!wEl!vGBu>%= zaTzc3gR8GDS~4+W+)4BVBeIQ8GCkNy8ZUY_eeh^+F>M@))_F=#{F@eeNvJ0v3y^>g6*CD zl-M==o|-FM91+&oFp*oUBaP5U(`5-}zcdm9urKf4F_f-Z$Z~>ZRvED}jSG~y70|nben0OGERSNh1!>n2s*{n&UL+(kv-pN&;;@2}< z)_d%youA(8;E5h$DQ+e^{Gbq=tn~&cP64tkn+WmA%wxQaj?rUb;=}l!lH$8#S)~05 zW(@M&`{WIFeunV9Xs|j*lxc>u_fMr+EQup(n?zST#=k=?p z62WIGfVY)l%_tJEeTn_)nJ<{i@*B9q9&);SW3JCbkO12y+pAIe8oufR5lEI3RA_0(5o&GDXxBF zpZ40v?L{9lJvnrIXoG-V3y34HR*%%YsA}N+iP!fx9SZnTcxpH&&nu%>;(OiC-3R*` z{I-NF8W!=&Gm~K(5AH9%9F!A(KeAOqk$g8{O^~tsYqn%@7vl{>^suIH9$-8VlLgFG zUlb$meJ?NXZB~198QkfDOY{V_s77hTtU35RR8nP16V4!rODNngIez@Ys@E27V^8`n zrpMKX9%RLw$OU3aAlvtlq|AXn0hh>4w6pY%7}K>28uH!W=RrlW_)Wt<6gwWb7XJpg zd8?-DIF9%d-ZI%Bl@jKlB*Du?pvvG^Gh&`8wii7;IF&s6IbZwrq-wp_Z#P|Tb)`xt z+_LL7%b{bdtlG2*Z1)FtCUQ=$mhG4S#LI7mwL4>F&|O@#=8kCo?SoiaR=PXUT~o&x z9dM<5Y9D~rD&yzebN*<4VUaE5cC&F{pkQ`5@!AD2L&^6i(EwZR+KMeFj2=3-K!;A> zXT+>I9leNB&;03;mHwqo2*rMN#@knQQ|0^pN%?l;$?p}3V$<2-_*6*>XLbxY3Sf0+ z6S0D<8P#JEHHhj&A^ z8k)MW3)>#0ehE;KR0*LVc+hGRU7IL@%-orS8JnHpm5KKV~XY z^sd?DV4}H6pEAq9#dSu*3c*;#4Eb6Y=~x!($;B_j=LnL0li_e~lhNgcZ4XI!4|dzV zev07++n5~7f_C0h(g2J_&Kbfzn-#g%m)X(XP``-;0pDrLT$xk;axRT#K4`#cC{;R7u4#dj-qD`4X0wuW$AihL}O(k*1;VzO0n z=WgUE*bv%CUQ&#FMrgM0xBuQ_qn(h(_;*R&kjXT>MP9c zS!EsOQw2Jqo>(`krHHj2? zwXcF~P4vp(QtJ=K38h+RQy*)desh#%2_rz2uK+A>LlE-ZJYNzZz%iD z1<+9v93Kxp`mAF=`3X!6jz3WKOR5--uV<$@#_?j6OGtBe4vPgK5PFjJ3!^eK=R`11!+;;cGDrLw zD;q3$bCvQ&8-y*g9`fXvuMsguGZ~2P0#T0_BEGU^dgH61ruit5Mnczk(ufC_M@5}| zHuEL#(B^89nr zm&=sduniVQ{u$oKja8J*wyu2r8|fwTiG3O7ab5vD9b(QRLaEN&23)jgwCWB~u^iWm zJ*AG4y*EWQC0ZCu9s%y|MjZAjPJVu?zsS;Y~vLS`j!N)U0aVZa#@kBCU_zL1^(S# zhpUs&m4}0WB6ooR8k8+_E_KSU{XLk^H#yZ#M|lhDdU< zs{3B5Y5Kl;&uYPC)&|;b-&2W?+`^ghkapqnoDR?>rx{?-D+?}NTP)}z_Y5y>+yKBi ze3I5n$H5?vN-g9vF)ERlc+?>*U5|#BnL42=8ER|p00MRKi2mX#ouwYDjwKE1H$%3z z+$AR-3~=*6GF6|2;b{X7(e<~$&+x0v?k$*0ut`SA><-d9OG-JnmvjA z?K6-J7Y7dpyw5k;3Rp=tw~6&)QAg?aD!6+QRLeqBDvfXfWKspmyg{#*Tsrfe1rJ2c zFd`S1@q0M9z+tMi8e_ACCHXnni5eD#6SYx`?H5^=Cu~y)0;&?Z#@*T@3P0|T|7T_Q zvjSSi!L#bJtcjb{0x;MRgEY{;ksnT~Yz4qU${_Z5k4?p{Mhh|&>p0$~NiNe@$*|P) zmpCMTbDMZ!fmxHH?SiErzfj-?e|;;V%FK4bDf6`%FqgGsJG$ZZ(WIS{)l#g8HIsii|NwP$I^CMdOhTP%M$p(geF}vr-=7(T_Auz6N-+>`pEYCf!>Q_JZa@LOgTJ`hzwLa}L89L@) z!w9lU-*-Q^&Rdkr=zQnh+VfYd#T`o?GrmK*;ohY$g{JVHBC^B|{9owl!|pGOx<)IP z{K8GQ8>MzDjeB3%#QY0!6!)iQi+%P>QThE@zv}$`acD~ewQiL@=W%(rbLLh08R8__ zU{5DmUFESWI36CnjOf%MjQ`c_$d1^5_N}Rk9t9!)>df!jATjx&)dz@vP`I5AeLQzq z=N=rLP#oMxAI35GSef&he?B_6MM85-1pZgtJs(%`#vvn-a9+M$Snax6D(Vesf&O=y zfU#+qX$~mY?jhGJ^amn`ecgXQ6*%6|&_6vvhLZ{cCh{3|c1+6iq+E|@$6wbgyw2Sr zezuHx`0;71=aJ29L`mQpYwY!|Bq|mp6dXBs>_O32`pKGvFFyZ5jX>)3KzGl{KmM|s zWE=ti4D&<)?~--)3#7F6v=96%IMnRUh>2JH*ap9P()^lxuI+8T0o@&q2Rt%S;q$$+ zvXm1h9=5%=VH-ed<9#nS5+SFzE_2d4z~WSx!9=>oi;28egKwji&4EKvD2vxOsl3t{ zz`VP{9lXY$&}4b#gQ6o}wdtK3WqYi?B>m!vDJ$v7{!9;s`~4{UWsl>y85xxvq`{2M zu9WE-d=KYR@Dj3ZP@pjjN=nZmA1BD-IDgej+r23SEE(Z+XmVhu-&-|Mj@vz)L)&{O z3RylaJ4@#`ILJfSoQ<#5aWSv_){apaD5YC#Il&1+^XAuJaW=I!x)* zCFojOxr{;M;fn-Vn0<4TVdpusr(D)V-UTyj@ENKNfVzrTo9;1*mr>FLSUvVY!gj@I zj|O!2&DDp4xvZ%^c$i$RUB&fp91yDX@OpT_I<7cP`6d;B9~Fx8Sg3Cp~^h{P!!s`@RO|kcxLtx!Hb4Tk@&@s{~D>l<= zrg7=4W+6?+0sv%7t&$j*%h0pKd5GZaJr6=Z=fKf_r+gJsA1<9pqwW#0Ge*J`Go`X3 z+78d#9!m!wnwP-5aoKOdJRxeLgPB6kkqf{IaGd9~s5Dun9a`#7m5#hhd>DH`QrzNB zCoAB}Odb^Cg3%6VOnzry-lrgLKbR8=@=+Tm(#ln;+#VaL%V2z%g%}wi9`JCeJbO^h zQeVx&15{QU%Xj`+%jtt<+D#Hjm|V}zg7Eb+)ds}0ra7T(pMtP4!ZOFO(`Ep^fy9a^ zSphWS>%?T&(cNU{6#e`Bi6_;^*l3EgviR~sKF~9no6Ow5rGkO0BgKNuPX@JP+G9PW z2gKy-kwBi2XwvV?8j@B1HW|0GKyE&+*;ZWC^ZhjosxMu|tmvx~WT%_!%<=hX)L% zJ1i1uO~Q8g*?b8W&Ib>hG-6Exk;=HeDm^JbMJum#bUL&C3Nr7T*J=Dj`s-_azT46c zH5r=rv<9f`Y@Wz%&4rWH^CfE7Zs z#jmNTgU6>t4@6jGUsHoDz5k2O;t_XhfIs zNwo`u2PY%hn13c?`JPfwjGJc`$Vld^7uaMEoBqxgbuQ_r-4w#y)GA1^r^& z=)6Vul8#58nA7HhCT^|9XU(Rrl*=Nvg6h4_O}N^)Acp#|Rkz|7?M|u)mJ01&gLX@h ziGQ5-1l!K>SNEBPK`^pJKOJ&OWkV7!VA0TqQekx~d-=FCgTzuYowZs@O&P*joip{8 zbfuf}MuES*Emt2sw7fjb{I=AJdF*;Rc3|acj{z+`xJ_%``K<`A4w7D1{1yCEtZ<r{faAT!D}$gr9t6xjoSSDx&wD{m<>= z?FSo#8?!8<@?Gl)me-TK{}gx|IzR0xESS*Cd(3@ss$k!zpWwFOV+xBgr;yq^k+9#r zpg=x8a^t>x&#c88a3deALzDf-dRt2SD<-tDCS+`MP26m}`>;rUgI zi0}4S0l_ih`K;dua9LRJsLr@qNjMc5QxN>etF?sUE^1TT{@_tpi<-fP-h{QE9@28N z<5Ql+=VhnHcm9R8EB5YlI3}v%yFF2mg*@#8&;jjcqwo(vbaRk)xvAH64Jd{GB9ukE zvII?{Se%OJe)aGFT?}O5e^qll4?DbU6f}bkXIaZCcbHph-qS>9adtII1&?p=hF_!* zZ6f)um!3)l4WV|75Vuzk8KnATtV6da!{1;DZSML_9hgej)Npr!=0>=onUPcKL!B>wt&T*jfyu< zoH_Y2Z^Enzld|QKp_IYA>yr*17NmgwlyG1ly`qgM$6_`@r~M1HSw19i9ZDFjQwkN5v0WR8(Tw~^!usOHW_+FwAz zkCC0mtCQZ)d7I+Xn4yG@vi;z#imvqC!^rxD30!Pb#opofP0(a~JMHuPiZ%LgEzu_` zbA%;3@sZg+H^|El=I>yx=~KLl!OH`5R#XR)bAI{bH6x3OJE+X4jHGoWpBkL*h6Tp! zwIPup07~$u_GP^_pSw%3<>*p)iLC{ZEI6WBea^})esy*penYNYVq`N!o`7W zg7&07_u#*0-`!Oz`p1;V+Nvl#nJnyt&#lrBDl@&cR z3xn)zLo{*Up1};68Rscol0~UUj?0K*UV1Q;=}y_Q189R}$KBUy)X?J!*%L_d>{fj` z6YHcc{8dBruZA++@kzR`e%&ms%`7GppFELK%}3p@L^qEDHsnxK9y+kx(N`NDK$Mxx zx2h%~`wK#iSwg$d&%M1|`A^jPe-k^?nSA?T-)n7#qzyD(GPz~FTp~tL*)5icEalL; z5JPqj-^ibY7Ps9R8Fn5?AS)x$PIZaPh6+S(ANAyq2VJyfXDy+>Seqs1T$>;{ zXEm^a)p8y-$H1^lLG5Ikv@mQkAB0q{RS`ZK=s9_Xa`_83aZAchQ8QU@jh8T}yAnTT zL+QwIxhB2gf_E)Os5kPw~PUnAsPU+7BHJDbr5{uVNyS4_=7p=Tdmc-TLhPVDarR`v`LB>#{ zqv2|)sq%!G!dCU%;ry;9piI*KDL&e>m^Z1If?@Z*CWx95IihjRT zulL?F%L$tPq?gN94ztvjV`5|3FigR=XX1s}em>jmP0JLG1+042e%QBtHbp7<2KTt( zj^l*0D$R5F?CSsOczwzp9bIy9km6^g==q)>zdjP<+AQR9Kdp@y2jlz|E+L)(VM^In z6{P><$K;crn-!`=no+J6~{uBxx*n;}ouuR3C-0!8z8fi*S@HOc^n6<)q@|4-*_sbrdlki%ID;mhl z{`-i#&0gtu>#Tx&8_30ka%}5GzyC;Nmw^71h;9@gRoV5k&N)TQT;>TFyxcnobuU?a z1ux=7LK6eEoP|uojLKdioU&~A?ck)WW7BI3L~O)1-2gry(UphD9g^S`RtKWyoM6wN z9A;`_jU!&$wE`WC*B!gb&)+Nm0iiiF`4k67LSx|_xJSF5jI`46$@~!A=-Kb(p=jx9MYbs!J;~-n zmme}JpRF}eE)-8-AIT$Zut=x0#m6L?aH5L&zzQ>jg5&zL28hrfRAi^rD8VB!NdC2@ zj*`Sy<4*s9y{l($C|%~G`Q(XGT<1+@sFMA{306PdU~5^t;@(hl$^`Qz?>EGQfH7k` zL31zQ!G;1);G%l1j*Okjip%6Koq!66@d#%INzz)rh7(+k+OV0?#<{U!!I$3PXw_WR zegc3Yy-(^k!pLrwamXH7nFNnt`H&qH@k_&CM-c@7k%-|*ZE{HTIMLS>4x)4-fs(@+ z_NqA<(ir`eA0iPN1QU<56!kb&1ag#NPZc)hJ+2rj{NUCqDPS4AeOzNcnn+cBK$v+@ zry%XR*RP;82;B$2Mg_w|(@=9;NcrsgFO9}*CSndRda)d|e}t3uv)@^Q830njhO1l= zON?eI0Mp|&OQ0Na4^kLM5*HOx@*WGsy4Mu}z&N711PLkF#q=;~4&s0bk2f=h;)xCzYz7=Wy7>8Er+{(PMe~M+z1moWVO!b90WLTW4;od$BP_a9<2TT z#nMTjOc4zO>@I~?k80r#i{@nI9>7|km4E8oxqxq<9cC0e`pe(41GTgwp%3@I_-D|+ zP*=mkRW(pdqj-LwR09qi&3$+EQFCPV-0lOS%-cOm^E0K#uK%1=`0*gpUvZOGN42Og z=?y83&;EZToqHhD`~Sy3yVzXjmUWuk%@-3&_Dsv>G2w`)pc4qFS zrCBkTPP!eHj?^ed<KW{@Jp&y z)GO|OvNqFDWeR!W0_L}S<*x;mQ#%F8eE^_?%wr^-1A@G!V=#m;GBUv8f!Ax<8w$lrIaZM#G>(b%~>HF57tX9Jqx% zDr{>bl9GcN*!Nvf&vIB?T07zs7MhV7!@f=wmr*sOJ+gm!;R6UvLp_oc=w>c(41-6L zdueDB(54E8GA1g~jh+>F^k5TY6daIMj$HXs{XH&1Ew~=5UlcH4!JpJ^EyW`%dT`d< z6TMZrodmRdD6E!fY?@X6)VTWLWKkrwtKV@8b=PlmLk%isR}x17pq6PpKz)q9hT^K< zL2LIc*4=HzS)gs|u>}4_ywZ_vJg` zYwd{7t&Y?jb_!R6wF>Y+#<|=Gjf3sq`v(WALv*?Vaim(JN1t)d15)EN2n|K6Xm;C- zsip>oi+{pR$=C<%t9sKR4v0>5JD0~HeFX1@F0?AZr(i@7pkI|q2#=w%d({As8CCP^ z^)NM~B8tFrgHDEKX5-(1FOyOILAFktydOUrKd9E0@4A`PGx?oRx~+>`djuK94Uf&! zN$Y=B-3*)d9!k~wl+_%QT@v7(+DC}Rot^wF^!9R!H@CTJVrx^Z;4X*ahOB*B5KBkv zo8x5#P$qs@ZP((bAi$XeTLN{*m%_&d?_%eXbTl@?^zIKVWH5WaEvq8z*9T^2%XK6D z8g#zdN6*27+x)NTv^9>|k#yLD(_Z@|aKqbEzz@akVqpNeN9g*Qs>^WW72`W0mt)4l z?8?^UFbfyLB-0-`=YzCHi|a9(RO?{iv5_W1po?-Un~FY+1Q*EH4NJ;1DGnwv;# z^ZXXeO?Dlq_4mmfL0=o6snS!Iy!z1#$6U<iB*E6XJgWUe*dBh)=9vo)sh_9rtO?mCF z*-=WH5bA&O^>M1}`}%xyFyQ8|EvNI?^MYJm82 zljT9#y6$R}=US@gAq&J+pk=(bcTZyd>Ml~Pvq>Y0{liH;Am)4Qs4z0ZoSD){mR##T zaFBmEh&{wq6w@x`LtqNcBEH4zJquTQKC021QI*l6J0{LdQ`L9MFRnMAUun?We*$F0 z|4wVSuV|Lpg`9|k+n=<1g)U@Y;wL7dxPZTQiCpMDALQq4t$ zD)g3l_G49$Mt`up(n5N)?pD~5?}U-pY~G{Gw0Ep0E19feWH%T#-!wX9IuEmonW`VF zX;{f$j|sL_AV}f9bjiVe`KZ_Ot^9~c+nhosV{{vwnrBOO%&NLg5(zGWo|Fz zxly&u+%`wmSO$k1r;i0Q>S>PoM1UP2W7L-!4tsNoJ(6c9I6fzOM?`=A%R}N#8gW9{ zmwx3@695Ygj!S_Nm%iIlPV}xauF|QXo|+R8gN*fQNLKVt%{?2^nSEmiP9(1HJc@ji z7q2szyHLMBnft8J>!QXuYkM)=v1_Yi;Pumezx-#v!>Z?olY{rE_kDc$N2bmf1FMqv zS~K>y`l8+8ML{e+^;kQ4wjNd@uaGi4d$28}aVC7%5Vx$S(Z_b-<4CdQY{U? z?6xUxV|#GkW!*KgGC0SinfoQqaBbM}O9lJruvKU)co={AX>Kcdf@8MK^eITXJAjY^ zP0Zn2;CyU0OApO;XCQFVH=QOp7Q*fMF85!24EEKzaHh@PL@;&XbYPX*fy0qB{qWiw z_fi}({;5>#$JqeO;vI9ai!}x{YxQoI1PV#4_Cf})+)0VWy)kCX&yQs=SIZ8HmM)wE zenQ{QFDrj`;$Qr8ohs8Wp~{|dp~-pGHt@(Bo0iK#V}9bQ`BOnGWSs-6MG*a`OL{?! zysagU+-ts`a`mH2sjeh=%>~4)q-FGu%UoSf^2Y#}z*iUhqV~%aXE@j<^%aFMz4j^< zAIbg-h{8HUyL{NW-4dw{7zhS(25;Z;f^O25 z2N;Fn3@>qS5{gyE4#qzCQUK)psgwpQg`gRw2)j0&8?5~m+;k6Y1#NMbH=>&-4{+ZH zTptI=vZy(4^F@>VO{JcisP!N%(%CHF}v=ACUzf2)B?TMz$>!i5Q%(;~!j( z%EOd-lvg6Z4X#?7ZT6_l+&G(FQt)1H^6tRelkvHKMzLZme`k)uPJ;+}d{;uq(w zQ%`AB?-nDaGN-PsmL=64WhPyRfZXAo1bJGuBFhEwqXC8C~G_JSQO+YLF-^{4;V(rb@Vi0J+=9C)Q4y5~*@&Mv*^S5S3lW&(*k$eHk7 zeVO?bMeD+A3CtrDLMpbXm8!X>>S#T?zX{retul~TYK(Gh4GnK8Se{vZsxNC zHkqCO3vP|&%kqS1AYB_XfgBN&1 z2t`#28b^gZ%s{B{{){$fW|M>eSvc@`OXIle>a56IT_8UXXTZElf7(uf& z;u^~fIszQcxM<1x)jtU}+V31-*t`rT+{|_#>AK~?$k0mFzH6gv!#;F*2LHHeb#{wQ z0*h$4Q^?&x!|Gd|;GowvH%;Jq>NeBcqALHQuaiC6C3=J}C7<=Hm|dQ#ZfIUzQ$hdS z`tN3Q{ui;=UxJ|)MSXCb*iz(Oa=MSW{qlW z3KV}w>#TaV1ES|`usCsEmZzl|1ODR$v^#s-0v6-#y`Z99$(xLL+Cog#o>W@OMMj`A zKkG@4FT+Wr`3LV~!#7*K8sp{HX_Xu*#k_yJ5DbF0}{H&$+jhf zRYEZsYHZ5^um?Sx=%Po3xxh`M38}p5;0I%s5+6*{h7)E-*rf!uQ?u+5p>cE$0bITk z)8;G41Q|=VJIAJ&{xVW61H^vPG ziaaSlHuf6lGI*1G4mV!)jR`4H=lIHhRa8yij~zvSLt0f|BoQXfi?yRObcMk|6M~dE z=Cc?Rx)dgLuUTTIfPEgSBoIt&P*Oj5v9%)?Ja+9S)Rjh*x+DSwIymn+Y^hAab}(_#@F zl#VDPUsloVEZ8c-^!Aq|6_&gsh?sw_+0jjDxS#l|q0A{;R1Sq6(vi?=E#P@LnKHN= z=-FZUR_tdvHP`A8!NyDn4U*zhEs^a%!-E1+I$aWsNMhKDTWMlgKejT@X5{XdiL?KO zynY7F|Foq5*xI&~)Y`0tlQq?|1WSAAf;hP=jzi=HaDXZQubJhLG7(zktH2(-KU;GT zrj!?lI}_gB>9lMF*Qf3dMa6eQCkG@#4WmxGrH4hG@7Hc zE#k-abtT+>Cyo{-nY&PbP=Jbs)uV;nsZ&8(nCdx|?`5EjcW@0m@5(bkp+&=HbZGc) z%y$+)j+A(;9lK(B{;hWYD7V*cz>TqUf~yNcQLOx zWCmLAc#s#Tdy__bOZZ@o4_9Ij$+nBVxc_3$f-w|w6R}7Aj^(pjYG)E~pnFAr1$UxS z;sg^+P7eHsdDXO>!*ECr0-)aq4Jt5mBB=truc>%}wTqqR`ZYjlgRT)2|W~~*v&CPbtOU_s*l|rt42js43iCx;b*`rFG z+P7&vVjph5b-6y!?zUnRD7^^Wo~vKO2rbGdvb{vA=1VS13_j_^!oMe~ER(zNdbo2G zf~F{MZ3OYzZ}(fnGfG0?+tViH14y#r#(|-|v0bYh##p)`7GxV?5B1_ z?}Fb=0>Y!E77>V;>xA4lU7f9010RQ0e*fV|!bkSU8qy1~HG>o1Lhc-WEIRw=%U$tN z6~i)hnRun~H5JsVQEM6LVf%H`vnpbJtdN8ea>Gz5>P`C>v08*tL$BRae)PQ9=a%y7 ztYm~(5)hT?M|V4DEQj3{smoq_1;-Cy;L8G*G33gG?c|%OXnT~Sp#R!L`ci{17O+Zf z+T1MV+!N?qo|+)Fqm@fS+sMn4fs^HTbMqY7itXl;m`~`}{(|@W@Q6-a#4)j&TEVvD z`G%^dhY2Usj6uz(?(1M~W<5?JJnfcTdz|~0mEdq((0p(FKxLlgh~O)LaivdO%yv8` zHOlx*(}4AWW8lNI%xOSr%lrfKvi2SB-f1Qfd;(6)SRX$tj}q2FWkjxR-Jrib2-96P(Qrs#vYnOE@a zU&8};I}>MHRDm79WPvgRz;UUHOU>6RY61n|RAGlA1r%)j%vf04+{-gh%##D6(qwle zb1pht;Rfpj>f<26$vAWdged6)8HHO&qQT+Yo^*RRVA_!3YD|Y9wf_1yLAJ2T1I605 zp51l&{opbvsXACqKe`5%l~X2~m%6aGy#nJZ&QZV!8$?-jWvaZCLdYdr+-anOTHm=C zUGIcL>ey;$ux1}dz1p2Zz*;A=9JDPoH6&=KhnrqAo{Xa1bE(S}`NE}p@m3c;pnbk> zzt(hn%1pBURbsq)`*>)y5J?D*3phl1+XBfbp#Ap&i5*?R&jeK9fH6rQpiXmXks|N| z72W{_FEaW62&nb{n~NSSR66D0VHTGnKY`qE`GNK#^X_Qvj-Aur{Llm z!|wz{%=pGoz0X6TB{Nk0;++-YWkDg7Wk9E8xO9$4-Rr|6dU%2@~V&4OKLIG~!d8g<;2)eegd|%2RC~ zZ=eJsf*YgUjtv~YwB{`_c$moXr0Z2qE<24S}2SGyCzkSkGe*P8Hmp04h&` zpH>y-wzzKHdCBDT)-H02ec#XO$f$3&RsD;Y`sBeygODo2>oa!Ng3C z_}B9h_m8h39Q>G?W{s%%!kKGz7VUS&HB*8mG^q=&i#2vo0vV@gmG|DUc`53!JiYN< znCM=Gaf(XMVhvVj*#M-Q$@ZxNkUP4qatP8dVC#^6WI{-_tOC|u%QgtsEsh9p7?1hJ zj45wWG(ir(#(zlZ`IBtoDvwOEAMf62+!TQ0%Ih9riPQYS+XLof1i=`X--vNuop0iQ=0W?E{($75CcAuDB$WgjO-eiIRGs)h~rf`;MDghSNB*<4s=gaLm0j({MIVm$;K`H zo#{y17V_xPgLOp`sA~rLL>O*Y1t6;CYitArVgdT6mXB!By64k;T~)3SD$3G$&+4%b zW(2O$T7{_^%$dPfYNi{!6q4U-o3B;4^Y~W*A#+9sG7tc*AP)L%qRjTiTfH~?7weqb zaoTrH=L`Hf!xR>~M~t*V-*%E`djbggA<+Zj@4sj!I#Qn^qe35c`!6d<5*zGekyU33j6X z;Cwa(Wa@a$?ByY-SE@WrTC6ox7RejDIq6kksC>gOTh1|0?4mM6u1bl2Q6ERY+cIQW!dKPSE8?X-v$h9x2V4Sh-7c_cSva9=D5*`Jh zCnpv62>G2dZ00x%Y8MsKsg@#^{c2(mJP&UFK6X?_kMJ`uo-;Hn+_1m@Rk&HgJf`~v3JSm!>ix$?0^)KMWfo$!@=Xf{wY z(>BMXD})B96A?dGbw!3&Ni0sQFPOTFH~@EgqRHRPytwS|VGn871^49@*V-Dcg-4oy z2X6oIsZ!h>6T;=u%ubtzfv#*SOLDGG_YL*3P2c09H@r&f% zvezEx1>U^f!ZlD19xzV(ST9u2fEP(JD!Rzk`0Ji0-J3{#kS(tJh`wpRCF#lPq!n0@ zZc9u^gefetTU=kin~E; zlWFlT>_J{gkr&t(@nL<$fLU4AeY)Mo0;gT%)%u~XjCOs0&A(p{+0U=bXK?U1pm^er z&ex|%v6vV^H!N(^bZCNtRL@2wk?Y0}0zetyzxmxtXK;W~^Nej<_HL+zUQ)8s_;v4# z*wtP0GeJ@?AI3$P`B1ffY*j}&Tsc;Uo#KwctLAGh2M$yg2qT#-Sr<8GMd^`+S_!s} z(>x!Okur1>92Ya9^M0x<>-G6Mj0IlL{DC{``F7Q_YpR|Bg8+8tL?p~DcJ_#wAhLoDP zh8kzaQKK(d0(Gdb`-yO~eY>N7ZU5*G0i_}_nRYj?qs+3#jEoyb|E>a_ff92Y(H&63?%5Xb z{ex)e<6q{A70|-()JKeT;7T1bm&8!p8Z)mz=*0th;SdaY#){rRUYL-)nw@)D>ExLB z9)N}|ZxZz%n|lo;j|~P~*-6ZIDkxcdsz>dt-?i1w4a4NeN{)|UySX0I;=i31j7%zE%9U3i269;=;u8IlU z6GQ&8SkFG`lHa~`a#6CA!W!FQrEBB)nif#_E;b&;8Dn(bD=5~_EAHNt`dGzmSTJ0? z@Xp~VHNA=Su=dE*887YG>m$V-4mzH6ct;wTNgb~lW5TwCUEBm@f?FKrXJU<`xFr>a zs(@ITlB%C(tI><56cEPL{-eX@F|9So%0Vnt;Qb;N0`|;NLGWyS$@H`0@I(f_OSerO zVMY(il`v4`I__3!7O8Wq<)z~_R&tmnOLs%7Uw!(Sgk)dN!{I>EmP|aXV?)wbk{^i7 zRL>}q=bTvK#rx2g!ISi-!;>p(?F}>4r_MC=V2KQRNp)OG2QY_H&mH@5q%%|QFk^Wb z;4Z22l6DzZst%f~3TsrFSZ(wj-qs&HnK-G$N)E}y^~qyd&EmlSI5@oxiTiRUZzu?5EsVWe!=mNW6h$jJShZ}o_77T8ez@@hY z&UL2(&$Nl+dydmvIe%oVk>bqg<)*GbNVV`%x9HhAJza()EhgT6SnI1?{}om}S~o75 zrg!`w>dAYnHRzrsCwa9yz`)sjm!`5ZKE2;gmLCY}`#Ql3D1 z%YvRoU~hRswpQym^+Z$tm2+ER z0cw32QD@h!3B5B7G@TnVpq}1M{TMbHAi0ni-n+PS)Jo)LD;DT>mfg_4}_2 zhA^>Ijf5Y~@8|doh_o=36O_)>>)_nBB-h(sGKTTsiu-hXaHha#lq89<4uP}QLA?$( zSjut*pz9RD%76|EKZdj!wH9Z)`s9O>Ny6qmeY8_^JZrTRyMm!%^=(kA$T%s`a7A^} zZLM2|90qG&kStwa5J&Mt=LGW)P294|qn*?`RYON=`@Bd_7%%hWa&zuj*x9#iA=1u) zrB0qK#%u9tGtUa21O7FV$7q=n!oL3F0!rDY|A%h(c2d#jOqnB`Ia2SlD`dlg4&XLK5iIN_QU8 z4QIobn|k%yL*#{e3@EO+e+)KR`vt24Ib94d6SZ~XFc?;D=xQ#rtd^|0#@}QTEHOIi zV`#HZ$e5hmuKtSyX@;rZwH2b(G&ymf6?ZAY($X^}6J&Gq6Wf7Onuf-z|J;HX8_2$H zhpz!<+J{PR0Lo?GZjD-Gyv{LWAnGe61J!R1rLJlna^5LC>b({S@POx8Bst3ed}39) zA7r%ObA3AH6wr7xku1^7VBT3*>=%~+*jU4TAYEt>*7}#obFD)%@Z_Y}Ob0$@_gW+T6UGN`FMixA z)tZc8;9y`W*HRsjNibac5DOE=QO8>Zi&Du^+^4Kz2R;1@vtQPXt#}u z266vtliNO0UyF>pb|P z$`_nr>L2L~Otd?M4v2ao|HcO98aGTDklPUgXI#YIxvf z$5$ig`y7ivmsqMBpNXd=5l*r^ozp}8Nqp_@huOz4^0A20+M3CTSM);urO})ZzzN3O199smn_Nslw)@Sf4U~Ev_eqd{cKv_N9i$5R>U_viugb5SD z!Cf5eDpq?SWR%ux6O`Ko$Lj8l1t&*>UmKFm1#l>R<2RMUvcsm$7;k$WwatcSlftfE z2SGRza1nkB;R>OEEYT3)c%xjB657cg73TZmyw@DE7(Y@6=Pt<&{(Z(Vur%p4N*?)R zIO=cWTlQC`d%eC=v>zVD|N!_U}=Z0(9Vnn$k;ytIVqTh%SFS$#n*N~RF`_tJL zsNi6UI_gxkJ9~+_h{nm#^1>~h0(Hf2*ZDdtV2zdr+*Xn`Fj?FrH^j4_o4dr2dYLUb zec~L!4uog*Rbt2QHAAgQ>7g@9h^g0#mRN-ARG$x&CXmN}TA!M`?4Fp$j;e~fL=$UF zhbqOWc@xLL$0=A$;$Fww!kEjJ;R^P9s20ii^RJJ^<0-g5{}|-Os`Xg0{S1L_%p!t7 zN&s=;Buz>u@l?-@SHO3cI?sO{H`SlJP#2g|>@!7#v2-3BTKKi4*p^`Hn;Ol#JA9;l z^^R*tt(f^Hs-}7IY3oD>LSf>`#NFpi6>FzGH&CxHvv)+TOB59^MH*yFU{FPWI zCz;Ou?{UO3QC`@ocP@!Y`3J?wdBD6~taYz?nrPSufFuL|J52h>o{uVTbom=12N3Pb zx=!|kNaTrfvpo2o*k3$JTiWVbFe3n&EpF^}@I9_7#pr;7omEYA0FU3#{c z5DKEr_#FnI00WN&o%aD!Q83--jzxSDYt{A$HsFpVm(gKLPPQhp>&s+lQTUH?X*lNR zFKoqxUGSY~Pg{_5YX+x#-PwKxioc>M1axkUfTi=yln4@qh$Vq1Beqi1{N8jIR!o|9 z758wg(nBweGxfd?&j=06=j)Jx?c?nEI)An?X%2^39vaIi!d$IN_HPzdt&LjSUf=*A zk>KDA0xG~kumx?^=!fT=7+@eb=~2?Zg`WJnjyv`{^@{yFT&C^TB^0q!U2PNh9YL!M zWSAl2`_fF>E^Rr^fPVm5t`qWNH9UHxfx2_(K-F~)34VIq?J@eM>8?76!AyxRqoLkU zkA+-2=oF45yc9A3sd5+K%PjH*$#kjp%VZT5+wr>75+NY15Fo_BLWAN5 z|IrO`Z1?`fM(-)^g_J5jpfiEWgkiy>{TIS8Z#c>;VbdH!8%Pp>nQsaQInV>nhAY{c z#9lbuvkyNi8miP8c`j-1_nO%%RaZ<0w$InW50O=LuP)axfdY!JTIH9%x2Arxw~=fK zTMyi02=~F(m;t0itNA1AcTqv5*TV}RG}L|*bTo^N&By+UO!Ml}hOgmAl^FvZ-Evkr zdq^h}54V*C>Bfb=}WPBdT5YwM7{{!6(#bWG}X$Y1HNrGOP;EaWgoN!Bvg6bg1 za$Qa7y03=jx^z3@TizdlZ_WJtFV9&|C!MhiCg*BY0kXLjz=>i~6a1Xo{!XT%t>#re zCT+<=6!Z-oSVG_6CnT}YUT4cmsj0$ggH__g|7quIQ>{k1vT3SjdeuJ(7NuTBS1qd< z#86*nz9}0xAl*w;0R`S+ANGQdwp4d_I3I*UlGh6e>yOxXiX= zC^iqKiBmdBS`9$gO-Q1UJ^t}F5VZX$Z(C+UifL*;5U)co?#_DBLyG8juzrd6H|#IT z90F!t=8_w2@AHq$G%o12<9yGUvX=ZFPYZ5Z`|Z{vCK35D-w9y9-AUBc$uK3bpu0() z5~CpjfxBbdK8Jn8f=rZa=;q5w7yS0>HU(WiRN9G56z>{@va9J;4n>DM{)|Med?Na{ zd;nYT`}9*a`|gIBHDT0mFGbt6Sk12{9Y5+R`BnVI%AoP>R?5Eb!l+@Fr0fnp$8lT4 zy42OMI}G~dD%<_yZu$GI4?nb?tB*S~6QVTY+FX;chqLCMXRnR$ozptKVw<;tFO3W< z&Ah+-kFoO`jg&Wq#PD18=>ohbeFL1oyw+1!&M|5hHDmi9#ll{KS^#*2=30|;-?P8t zTL#U`f>?SNN=^dDz(17c16G<#OUL?~0zYVqhb#fyP?^oY*qQsz8A2D>>&&gd z;xfV21;g5)a)`|f5DY=*1g@dKEZu9C>SF&ruEVl-cyoB;sBxob#m1WxD8oo$*YcU@ ztp|22N)oolorV77zWQ80__G_q*4O_Wo$3iPV@W`NRfh;7{wLLWDxXVwwW0N~#RDeodt=sTY zQ{w)mDDUKzU6KQjHgx_nguvB3L9O9W0&@Da-u9)PW?n%ElR|axiF3C&yY=%A&9q?B zht6eQr^5EdMK>4=?cfoI`r`sCfoxo$CH0h-gAfXMF$Ld+@|&%LfAlC%NveaW^L6839HPl1b`c=Cc+siV!I6d>?NONJTlXLCX2S9_w&Ua7&ox@VC>`S6 zIkGOdRErggb)3S{`;>3%rBm= zagxS$@4Kh%iR9TCX`AL{mEW29{xhB~P1zany(p;ve+a`JKl8f!hHv-1vI~lR=bD9m z))jqyW+^m6$pvQt%4mfbomQ0}6r4RvaQ3K~D9qvWg=Gn#j!v*6jVA{({tG<>XRO;B zbjfn)=aEVxxP@dO>PMgEcPkLG8(XYLj;9Y8=}1*W@|i{1YbuIl_B!Bz41ny_So_QG zJ>*|=FB{(8to_&2e4R_AqCSX4qpxL3E#*VhV&h zePyh{BzlWje;Vh#8H*m!M6+K9gIlvh!uQVP9LFqu+fDOoF7d<+YNI`?W zLxwi&R1fe5foK6OL7y8Yli=P58tQPbGSS)IEpruT8355**)wF?{Gnldu!WBh&(lj; zFZUcQnpFNM72vtf-)Oc4KZp(eySi%&u(#48qLVoKC8l9aZ`O0o9}PKE8Oq) z=ujs{?QDgm-SFk3H_|@tojlDr2AFsRhqNP~Cf7t!XLcN#*`k$)Gi&;_A=!D4W~QfR z3W^f<)CCf=dCob>{cor+5>T%eJ!rCDgO-<+i_U{<=Tj}4A9C%pj9iPXNu1esvnYiA z7ImY_)FJbdI& zX^Fmy?Z{CK9j}_G0icDG02zBY0$1Z%VZSETgrE}(qx?OPRuf^6ldJ;8%ouX&VsVVV z4|4yj3p89#GEdp`VXuadssHB3HU|!wg#3M`V5_#MBIRZBx^a=MV%^$-zY9yYeSP+p zo1tiOvq}*|qOLOc`ChoCaO)|p+fbMW+o5=YhVc;dw2+%fNC>Re`g)~PF8+74^H=FT4 zZMDf_aax>o3OL%e16TzQ248P>7sWE&Cd|>n=Q}*IG>l-+1Q$N!Y0in}ImawNFNaX`yWg^ah7=SzdVe=X~`|8_L%PLBw~oX^5M|^RRXR#J#{nWp>&*$~gwdUfnjoEg>my?~X$5 zfF>uu;}57i$glr**z!>)&4=D8Hs80Y zEo_cVGwgK8x4dRN_#YUW@+~CAA_amF@LZ`o!>HtS<(zcB5e+s7*JHcVc~RQU`LJmr z6-Ggu(TUR|mEp%!{1~}n(3pWp?r$=~Pgcu0mIt6%Hl{Pw))wCFhn z504;CooRzxvR_u7yF2w`#-gl9VmIK+?zsdTmRT1sOmMYFl6j1(Z{MCKn%r)4%eUk~ zp?CS% zz?M4VU>)IPP!*5V#in*@l51jtZn-jVbaWZym^DF$IAu|X5V$Q^7y)$`J8+jEDP111 zo_Yi0OfzYm*u0mx9GcE~wcduLdS}ZJr-&oFg2)m}tuT<{PWLl@ns~=>zk4=4iCdjc z1>q+m@j;2b6%5=2?SsZcABc4U+YkJGxEb$N>?)5_1eEvpWwHtaWt7afdQxT8M7eV? zU5qe&{V!r9KW`n!u_zs`SouqU*ViB6>dZ>r1^0$7BnE$FKv|V5gu6;0j7M&oom*)P z0}emOXXOmIS$OCg27ByjBDO5I6QKg5&Q;mn4KWUXMG?90wnAk6ibR>svsx#pvioDm zZIBzS>EiXDTj_#|zBuP8GEA%eO8UuXl!A84h7p=9YJGHY5==?H9J$fkx1%(XrMUHb zb9ZXO*}A#G>PMBjeSSf#7BU#6z^^%_ zX`62wOCj+p3Tun$8_93Oo5Ak;a!J53W6dJ4Pk2`cB@beg2cP}H8Hdf}&ezY#egdok z&8R~sBRzzz#TTNeJ$1w&T{C$xP@NEVA*|Tcx5w&WU5x$GLMs1kzoJ`h24FBiC5Elp6_niLWi;{(vR!16|3_>TVw9$&GGp3+8QZp=U? zJu1u|7Jn%`~}WHaH8L9It*P8hN@S5*#Vlt zpT>D8N|>Ug7Yz9<5aP%j2V18Tk6)*!ha{Trq}*vRJh0CS!p80#;4P<>!~)Yg9h0}Ei<9I;4eX1F+8fz+v|8V*O-<=rWr@- zPHO^-m!9h#MHLf3d9Brq*!@dC!X6r@m`U)H2MUPf_Fn@jzP|56^_COb|3%o0RBAP+ zCsVCV*)$jI?VCOupCpdAsx1!;TWv_yf7DuYG=4cbxW8!)?wt_ZadMIb|l;(wR z_XW1zIhDCMPzVN$&x@nJasM6R9|ieEx2O-R^fE6oD2-~e2n3aKY@!l_ug!VEQoLGX zaDMv=ZuP1;5bYTLU#N%3B)c@HR(3CpeGEJ{yM_CzFb6m~ zcP5H+f#TID(4K#g46Ju*WN0pE37bq;to=1KF&Hr-!Fcs2Q&DrOomWyOJm2-pH-b0s-crMcJdC(=<#i%qU7PQ;?Wx>AGW!)ZREcH z&x{vSphn4aLiM^G2DNE~JQFCl?BH40JjB8>qsx2XPmj6({9O(`JfQxGbO40 zi$1P5o)yV==j%_059}8DpQAtES9e@i>!-gD=y^+OkVxGp8oY|)SfIBt+)eufA-Y+V zEZO#Jdx?V<#$e>)j(4FcCOUcgNlN9ksOnk8&C91u|24n%kw*(0YctMB7sVxTQdib{ zsRwRR0Jt6|_KJ1v@a3AfFE06r?)MeLzuP9hyx0(+g;5$acT>?nTmQBD20&^jmxeM# zpM5i4FfA834r1+ff>`X)WpFK{ZyJ%@k6c{T%L7Sk?;2j{IMPrk6W!guXV-iLZjP>e zjQT>aTWW0AQfXnWDY|62OX{sLRZ3Xm^h))&Mv9|GwTzScobxG_^Ra zD65OJx?)!ZC#$(@6t`IGu(|w9`(E4QQyhb;&@60%g*s{C;+d3=ofc<=xThwUr;g>? zKhU`w_QWjF5}8_m?L-bRqzfVETp3mrn)?yF61)WatY%K2SOmTZdsjeG**73}0dd-g zXY2JBrvAw9`pLGCt}yW45XKwjDDWu%2e!0ZjXf+giPP{oyw58@19Cg&{1S>Oor3FboGO6O++OHPIZhmgL;IZvk;-Q6X-oY}ro8Q5KcGU#0$?e5PtB52L| znYn==X|_oAdKc);-+t)p3*~j5z2^9`p?CdVuK8qYJlosC;H1E-pMIv^Bpb{Q>|TTC zrt;eO+-Z;bj>$1|W$sUtAkvQ1i&x3Hh3ilE5jwqQ0-$J|*`q3SG!PJm59W*;@bqB2 zsi+L)$~T7jyaJnC6~zUc3pyTldDtSDsq!no(}NV+fxXBP2#{Ho*zkbF$!v~9+HY>w zQJJUJAHd{*fR7JuW<{_4iwPHWzQ~-a1|a{bbNx)PP+2=BP&@EK)s!-RMy6!;Mx7R( zK6Lrn3vWc(jxCuDLF3P@J(~IF+EEQ9+f%N9Yt48qnbAe1o<`5&^Hlq4KadCEx5s^VV@>ilvvMs`HrWot7jy-9IdPDL1z*D(Be8; z{cuQsU2Ka+?vJf@FJp1#pGdWsV83hLgWhW9D45+B*pq)k{dVFCb<*c}+fRlh zYKwJ-#xMro@i2H1J=ESYY@MNGmtR2H!1m+8#C~<%ri~}A$8E-o4TNQ8`Jt;Hh*k!6 zZ2}h}2TQQAuF}(?u)@*fIyo0l?^4(rkBiXQjnqU08Os(%;AJK%jU|u{5Y7e9M~%4< z`rY^-0^2(zb#eA}`{(!8vytIjjod_)0MI@@=Uy?V`^3*ZwQ-GkG?@Z06Mfm=w_{J; zjRMuhlr}5WPJfS@>uxWn&G|zQS%u_V*@jg}22TG$=uj|t3>TSXA80(~I+6-n zs2-X{y7VP|M$72uR6PosRyu0OnZv(tkdwFzg(+?n=QmB;FL?NygQugHo?WzmLi6;ilA{)?>qsb>6u z+1i9iB704a#jJjMrZ6gV6nGiMG%AnoR776WsV>o4jPNMz zbHF--Z#VKpN?cpH@#fAwnFh;sZB`ajG(D@t(dboO@35!Z!%|b7sx&+|;(2#K)SL?O zDVR4vEKw*oPmF`z1Ip+mN*T3RP5>Ha*Y`WvrG7WYjFLdSik#hT+_){(7oWV2IvR9_ z%W4_tmdq(>dM3YT>fej10TR|vTapsaW*A53UQeh#(Cfwaj>?(@LZ_&uQr1uv-z7E! zJ=RU*PeK6wY>)imnNDMDI(3as8)JZJPZ-Ar-iq1r&q`R2&NA zgA3>DQr7x*eO0#G^OKO$QJn2AL%`7a>`g3ZF*5e6l2J^RTH&vSuYYELzEsI z;pe6GYo*UzMRmJ(x(68Z&h>z2)bT6=e;sxJZ?$nKo>$`}D&n$ER+aEg)hz)e0e>dbW2PRgIm zxq1`+!c_nXFJ=P*+S2Le#0{Aps8TaOD(8BnLR_SMd-ass7j6t(vrr{+>#O3oei8TE z*xfUT&As-P_>X#r`6crmIZcIQzrTy}h%nOOZbhYp(?P+qnoFs9A+jLc2N6_-bzGL| zXCWnOO&G1mOZu$~#CLSCI=m>KWd-t@@_Uw;fmzYh7G;2#q!2VP5Km^YtgITooWW7= za~`q-lalKgyd`Mh24_RI61HOCdtfZ($=FLal;NC%qR5+f@w!=7X4edFT^SIe4H=1I zLPKm`sUPZ48W-4}4r>Dfv2(pB8ey9LNrN0CV^c!>GiIj)!!J=zblO8zoQyyMt++q7 z2rxn@?F^3v(^dy23({>7s%!qDY|kSr3%fOq>qxmm(ojg4~?A@$3)DmPo;TRN44l$ z5u^8Beg^LA=1o6#{#B#t6B*U@JLmMi7l7705~UlpIw-FD5EXc_r{JJ1Rb<%oX^Av) zE^xsgq=GxY4vzzn+bn41b=})H?u?duAH=U)z5hD>Kmk;|f+rl=86J`8tQ(#kqB2mw z1hTY!(~l~bbV;w+egQx1r`pukcwa+wwUd$)x3kYkBg2SX5DumW$rqv!?KJ+iAbOnN zSGN68Kzjn?<7*k14-Jj^#q>~dM*R`--M!5Bjl#3>3bl`;jAqNTe@HJGD?2Re|D6 zJ}6iWGL&HpIV3_trf@fM0PjG!OxTTYousj=bCPs6%I5?Ld(XJd*WcI@+_d+?_1izy zCz*V{IMnwRwHSRbyw#Df-{!I3)b5@d6U2BSX_KEBAuwq0a1LoSwLQOz@vp4v6V)8@ zhw)6?(oN!k9q!RzJ3N8@?3GtmL*w+LlFku#GjgiCcKr2%XP`=X*0LDS_GhbRzjMv- zxi5@!ow^9Wfe_+^2=fc5`KP(V1 ze9r-ceLmxn5)sB||8;W(sHLQ7GhzOhhkH+7jzDYoSn92@6U8R$(0;F8#t zZW8?2aPM*iH5D1Yw~Xf&H%Ap6+JlMzgTJx0R#Npl3jgjoWI4>?&mJnxpA*pVtGPdK zDh-OqcemFQ79XY{g!E2JH3nKM7+cs*9DT2cTD!%fsA0B=Ih5{j@aM^}^luK|jz4jX zG9{JOSyaDI)G0!mlwqr52h8NR|FHu8b%EvjUR@eN_Y*XovpjBz#mPX{pH9_g&y-)i zPS$>+_j;3aVVDV(dj4$U>%@@KTYV|`<)ko(`tsl}C(7~2z+-;-sN+EqOS2=$GkV_COzH#UxMrRna8hx^JJ)J z?KG1&8~N_16qi-{H|dGpmHJFNHkQm5t{$F+6-H8E>#={X5Uug&r zI79HF4R^5uo-eIL>*n_PY>&}R7hsHyB}#vX$g%~-Dm^hzK38vydZP)q&Cvv6l%hu6 z0hcB_W94{x%Vsk%gu;$&eTBcP5TT83hRf=nZ)PS*E@Aw|ZX&HIKZDWR1IO@UhqUV5 z@9QiSGH5miIK2V>pH`y9711CgfA?Y;SSlv$O7HSIucOY%DE<*hGVva~y&FmZ`$m#? z-CVs_$9{7;JEK~bl|2#|0!+GqQ3CR1K#Fk|qedJx$Z1d+P{nrl92J*5T~bnD zxus?W`acKCKq+k-bK`@PWJYPXkn$y`cp?nLukbT1dyKzG8OF2I&Ru<1KYS~g0Q4Q) zQ~eAp_I0%rDGE(|URwbB+J^6VtMv}&u%Zm#l3Hp@iN{-*J{2|y!3us+@$oZ8Hs^mn z_PF|0Q9#LrM^~W#=KKar+`-%HkHcx7BU467K$?_!Dv&CDNsCF9ly*yAM(vy8#=0?{p1Y<} z3AZ6W2W7rQiY z*z4rb29dL+uY|6X2Ku9jZGK|Nvl3Cbp{~ZJWKF+nMVpCR4?yKs^P(pw6H%TQ07O>f zmtV$s@-m!XSjIU`3xAX?liy-~xs%5AyB#4ea@D_0enOm)%4*n_ipL-7=V6`9_8a|(KM%p{Xv3+M zJiBE5Pl>3bR5#pgwQhfGYWm3 zS_CHKyYz3(G)KAiUR`F}%*x-7VmwD(E|UjGpFPC5~EOByF9OGRBYAZ08fxcMQy&8t$+Wl!6TY`@$5qMzEw3B zO1chWyp+F`Dj|D}f2O{2c8a!Rl#6n%w>T*Fi439{C3X@_7wR2Gap&xuOShe?FVUYI zj0`>Io|aFO#4z6r9p>i*C@5A0DUl2Klm1^SK}g0Gug|~djqR-0Uj+RBe)FaGXCFR0 zSAFDQ(Tl3Ew!8G76B4MpsYy$j;Dg30lNDWi#I{$r_u7PNK|7>et6pU2Y;$}u9syPY zLqfZ7&<`5eQ#SLLVW79{@gA(i7wT$R;IP@L6}J0D7UpbsbW(?ko>583Qn{oojt-y- zT9gqRev_>+bivMmms_0gTtjR&W5jPXo{!x_(A9m$lE{P@FQCmMEFgKqnRgzoHtZ!y zJfjddi4I+;col(N_$Y{Xe)wyFb+Xsd?WMV_lS0Ot0;>;=OIL4YxCykVbAmZ#i1t*f z?(^s*pvN1&wfk#)X{gsk@5BoZjj-5ndC+q$rMBZKM~l;Ae*fI?W9KQ>i2))bHF%U2 zgt?s6YXX($v)LJ;DWqtgO)rJH;acs6M4*3hfSxIWPwyzYPv)sFU?DlTFX0n^IDlF7tZFJf5 z@_<9HIK>iti+Qo^#4(o{dLUj*yPXaeXQROF!FOpH<8R~Y2trKDTc^*Fl5E5erOL4O z4Z(t`T_ivSYt=g}(uEtaAdS^%on38q?P|#}0j|7|PH=_RryA!2nnrs$H*}?qgc215 z{BW3rzPg3TX<131&<-aTgFRIbGIsiIm>vZuZ+=zz4!;Vt*n935-*0xFx}RshM`NQ| zt>S|q9j;A=0ioTZB#ev;1mC4ICTh%?di1t);+cSs)xD&b8LRXK%BZ8ZH=Ket_*BR9 z|3zTWk8Yg`p)3bN@`0BIE388m(ld`bx*mJHk+ zrQY#2tu90`Dj{R!Q;*I7$@s+;c%ujwB?!Q&GEEg-mwP3(i?0r=f2~z=7rHhE$e4Dg3jbU zC34Gmo82wI#IIuYI=D%-Nrt4JH{@aLb{b(0AFJRev3b;bGe#9cb1Cs)bO9>~JT!yv zUZQBcOB~TU&x15ys`M_<4OJrPAQrSpynN@~SPfxZJG3bfA?7$!tPI_D_``(~-0){v z+KZ}qBXf~?f#uQdiD79pZKNT#A1+8if^0|&7>4tTonPgRoB#h6vFhQoMbk5kww5|_5liJF{*6jS_eZ9V99h&czE2;K;SD4l&3Y54qEj~=KX&S2gU7-7PC7D*qPeo};VPGX76)Td zuz|6MM*?U?BkF`UiMk`)M%axdMwk?)CO##z4K(Yj-(x4>U{3^P=4qN2VeqLGZU(qT zBZ7!~xZB#Rk?E=}pc*;GDDEmNrfb-mvVyA!TFr`^69M8&)w93{Gnnsz$Y-2eUlRLn zfoT>9vq_x;zb`W->@lY$g&5gHUa33;1Bu64`11qAp)s|mHL z;OZIrA#?U#qMMb+v9ZF-MjQ5ZoBoSv`w58gCFn*e zj47i)JFII6pIwOh0wV^7{c)MBsetvcwu8^nxdxJyI>yH6&oHq=4BcN;zkZCtXv-(n zw(TMfnNh(DYD}BTf+g}H_`}A%Y8z0Bg{ajldEG(>g&7ctzX@^0eEx zI)D6f`v9JO?8+M5lJy&{)}8B$Jk|5?_Ja(I;+I}}+rRTb#rn=U?~u1T@KEAjYLl0b zyA~0ddvzKEO;S+_g?ssJ4pr#5VKzX{J0;A2`Sd>P_28^) z_NHvaBF-nL$p6-Gp5_ zoXD8l$Bh%qPtAda7e7F3eW0Om1c!C*Z2n~kgjAdtrX)f=1JJV2@tP#9!lf@O_%k2t zbqQ>6wsJ&n%TO0+L4+oJ(MYk3osC<_Iapuz!jwFsrdL|ELr_JtH5L(<6H%HU>&v@6 z!HP=Th@TerVel|iH`~+vy1BX%%BC(WGxuEQGt<$QX`Prd0EKXU`t+TDm1we{(R=R^ zh59{qhMSC@fg7%9BmYT*{Wg#pzq1L#9fDBDm$ZDVdH_4nI1-^RoFH8QTS8}K#4zCb zXMrE{j-Ji)rH6-*O!y`9w)^YOOb2LLi~}COV{Tvf_yGX|R**yemYT-GpY%X1>vdOT zlGCJ1q0^QU<1I@ny71NWP544%0kaL5tw<)&a+ZDQlpu`P&rc~FMR*) z9hHS|Yuv1vM-`I^z^CGA)lkpjSLHX{wV5rWzEgBP2h-YQawfE#yKBl@7Y+(A#ej84 z!~bHV-IUOR(hV?6TupW!)qS7 zsEV=G-+753-Gd~fU@OgF>wk_|NA})3syk5X!X`vG(lp!|rdhBLE75G!Qm75Kn3dn7 z9QQ=4%=aT9gdDt;OYGf?W#!uOMu)?lh5B8Ude$W_ye}%p7Qe%8$-w)~1tEe;SH9SY z^3JzaMjBe$+9rZJ$?w9H)Xnx$_0>k}DOf!*+S-dTcSzkZS zE@@b`@n#dhIx{g_)^lOZ%m_dP(d3GXA{D-u5p2qWWtrAzh9m?o4t%EEnbT@Tlp(r- zk>S{3c#sIuAZ_X5wUZluimv{{41pcLLl^KINvP=EjTZujw7@6Ge|2J9c=X3!$NyPi zS{hkaM@0qrh?(dJ-|k^HPU#ie5BVcaA9dnO>evkFlHKBV>MnRgAB2BBGk5~yfP+k zP8s%0a_QR?0KB8dRReak#W&m^U%*f5%B$9gio1#?UjU;U#dTwiGSqKQs#P+#Hf%lR ztw|VZi!>5UaE9HQG@Lq-ptbqWn^t|7k~2FMV)xZ=SR_!s`Bq{(P+`vC*ZxeEwAna% zjeH<|Q=E-DQSY<>e1uBEb|-kVQLx~n3hVG)G68kU6GXU;Ega#`U9&R<$(XdmV#l-$VEz7|Y8 z_O}q{HRE?4!So2QD7uS6EduSJ-U7g^?caxrvqS9d+n@6Oiw)6?U{0(t493qa-CZ2C zAi8F*Y_TAwL#lLsAIQZU=U!FnS@q{uU~c`&ym^_7OxR|6k%xV|f$C!z=v$RH7}cy> zdh**IiL5Tzb$qnZ`&w5p&wv#s&4yS9@JoG+U&_s+#~T%g%T8nZqfkd6khASIO_CP+ zQ(dgd&1xn$G~ZdA624z{nt;D-VP$)FB9h)2U18j*zV7y_!jg$Q$zzvxTQw*{LiPG$ zCXyt{2QeRn;?Q5gpfSvx{yhqJaICC!h=Gh~EpRldwgOcyqFQy$S#eR#R;GUhcV$P| zvtd;U=X6?z}+-FSKh0xx3BoI)Yi3YrpiM$FF2k0Ve-MI*5lZAm{ zb(EZogbJz+t6UHYmuCMkOlK+ttNwABwEi)d7T`O*BXefwis%2Ujce|#&W74pvLx{Y zSh6pxXK~9nydz+(FJj#J5?xwx!(-d0PA~Vud)Wut1~;#qoajwF9Jq5L`sse(8&sD= zyQ;59O_!T=;@;#oycb!26xiDz>W4;hK7#T@Zmw8}2=A?qW}p2%EU&`VM}c=RO3t3I zBY5W735|?yLNmd~hO1aU^@z_-5lI;^W?<2mk~YcBGOH6g#0Fk>HS72w#Ar7Yb*r)> zJhbgmHMGu+S2WnhwYA9VFyoQDzc}2C%kZ9TH4UT(X^zht-_4+z(@Tsn*fNl*o#-#4 z=OFdyH1J;)lmX?(V!Xy9Lepn^ER_?&s==lyHwz4?S)AAo%$LET{l7@oUz=H?v4ZzR zCK@it*x@_ozdLdDhbw!sB4MA30_#j3Zcx)?X(r?+U6pT;|LOcKg~7m&D?;7`vj+FWFS!R z(&$EaP=XLADf+Z0JoAg}jCVs&vsvzxJnnj$+zujdGftqNfC+IgT!vHM)tt`iA4xmTc!qjSp{ z=hp7_Q4seT{L}Fccw}&l>OIE>UR)MYMzg1sg+43j0oXP9{Z^~0eLu|yt830Q5U!R5ZCxv<`8DhbXz9hFEzW{NyDB?vO&hm{*n|^&trUpSkGURDDs6JezttIcCB_!c%gsgh9)s*7jf=~q zuE0kZN1b|%$9GSLX=C^J8<_^UM<48nRn+c5GTyEYtQOcNL4KsEqA;X!T(-c=l0f>- zLTh`22K<9Qc@54kNVmW*xy~DQIB{jY-?BXo5(()9e9=H@$aiKjdox+3FJSbEKC`(} zsyF<+{;jKxc&-jZwSo~rtOjoSC0M8nB|48q-?9};WOgt6!!)OAIeTWNA$~az;uRE5o)~9%HmQJ&-uZ__Kjm z#d^dx{llxV%Oe7z)z^wF{BcetB)!L6|B>9Zb`dcG*d;siO;^f$Osg_IYpxZ#nq9ap zAM5TcJo_*5qj~XP06*42A9;;6TP?q2(Ur2N%*hB`@v9Pw!U*i#bBQl#W)6X-dM*K5 z-q02YXb$c*>{?OKosLTp5+s#109Q6Y)Kc&Hz4z2l_|e|iK6V-&7KgJVtJ8(+T%P+5 zeJk)@aD#Tio%{URJ?K>b(QowmE55OfNZ|g zcv7PD(@EL|g8uIxnYom8#dKDSXYj>XBB$PFGXJG_$EW0c(e&PS#n6-NP~ zJ;iGeIhlDZwnTFZo>#bFD%D_W{Y3N?uQ&a=zw)n@49yeVypo0#Rl@aro&3$kd*b76 z_NUDWKTg9Eb)&_rk^{Y{IAd3{K&9Ws!ztKN659811O8pOFX$ES<`nv9Z~1BepQ+^h z!ILHYYz9i-*qXV9$oQ>;MD25rjJ5t32>5WLyHshu0{zk+mwrmdyd2uz%8yHlpbc~2 zl(3{SwrOd8=eqUD@nOEN5pbBb;?>M`{lq8)7LbN<$$@nh1PAH%Z&AaAEWl3B0ZCOb z;;`*d#A?&Kbl(&UxyZH`LV?vxzTVoM>@=_@Hr1^m#q{yhGJ;PZ2eB&U=Dl2uaL}ot zZ2kk9{0 zBkue=Fi|;}w;(|)TdY$xAQ^x=wc|Uq>yU3BgsgN-A!eZ%|AdxpgMScFVMUK35X|CcDTc zp+>SJ+-t~sxIT}lcc39K&-#Rac@mzgrW;7)+_YU)P9O<}Us~EygNXB6eeo5Ik6tS)p?3 z^yXOI171mo(!tG0zBG2WFN{R^XKT-fv?!(*ImVyWcSu%a#|}GUHrN2%%7Vf~+gE+y z5D_ed{Abya@${VN4Y@duil@j$mRgdS2z>&qtYV=7+0oX>Tsx8`E1O_;K~&<=y=tt; zYsNlwU)H1<7Jojkk3<6sw&$+0WDj_;S_)wBjFw+AYBoHjP5Y(?EUT)EC;VcG%-V^7 zgK7+eBOgFooh0#07sRhon|pO;oSZT=o*ktY_G?*plix<-t_rbVej|AI(i5@V44{k7 zM~K5WUdAdztW2*0x|cRD>~hbIM%qA5QGl%{YmDtv)aPmYxs9(?b0zfJs>$0N@cL3^ zfb^0D+JO?xgLM;PuTN))l{CXMh0FP6o25IFbYslvzgm`G)ol6Hi5zDhKW4lVJ!?1> zq zr~OoSZrs!sBc`?O=~Ri@X!OIUN7^Oc_5Ap=wohrJ49|kTlwdE|z)Wt5Db0|BuPw?G zca5E!{ju@y8Jv!OJ&bSjY8GW#)F>}U@}146bWLhTA`j`u@BHTe2NibMNW*~B3uJPP zV5cO>N!pktHvv`+a}yF8?;V2ce~sKi|9(;R;tZ6Qryg+q`}3AxbX8hVO_Nge_k+-J z|8*M~N-SJ=`-Hn`cP37bf3+*oRlVKxSbe1Rw#0T~0%K^bvhduHXEeCWS!O(-yi1A+ z9{Sw~Bl2i~wvJ7>Y+`W$+h#x0LbkGDn;GQ??!fMe1%GS#XlO~^@tI0A3v)DX^ikj&539iC3Q^U&O0I_-wdFXAR zl2*yIRZa!q;Bf#M&9k>NOwLf7#}|4eNnU!_Q~+hjQuqKoS3+*+e?@;hzKh}1Cm!RFRDW5Z@-I^wXmMNW32*QNn= z{<|&5x&d7n@188)tDQ;rHyVIo8{OfnRdFdFz$98zH7ri>NTbZ9WwLtblNDA#`{N}z z0GS4l`a1qN)u8@5e8-$F1tKNbV0Pm&+b`Qk5cpoJqJ*fu4sOse-|kPmRK_X3FC<9X z(74)_i$A+kcTV`PMKsb@@+zno7jr8tz@-6BSDma<*Ulq4%eZHJfM$!m?tGp(2X4on zSNTapIs?V<*_l;-b+wF5;^Xq7LLwU5*lRbcOB$=_a{J#^ag(dr*tyO)f72G>v#DMO z^gV!1@uM|hq&96z>N`m2buf+W(M-i16k4vavJag3h8{reG$Lts>Dh+NHPMI|as4ON z`=j1Lo$B;h$I&SZO%A|OXu7k8+blh64xdvwKB0GGc~v{=L`I0j6bJ&E7G?*X(N@7{ zGb9A>wxSIWY+N^eIyyo7_?7L3Go&rI@)=;RUQ{7{1`z(Xvu??Wg!ew~5nh2lboG`a zX@NGCs6_@#3h#f58sOjrHc9W^H&Y8-4PZ#=hPKGdst~v7g$Tdn-cnPF3^;+r z_VSkeD^w9M*GC`&^M|DI2sHNo2hd`#H)|QI`0FWZ!LpqG+~dVeR$y=ZpKw zu+AJ#49{#+;Kar@BV!Bkc+_drnT5y{|6e-a(drjw6w})1dt5P(?j zol1^T|6V~Dt7g4+3eotoHgbSBU~rz(JslK~B^3L2`AFv)lkvYV-F6UCntUDOP}uWVIQ7N< z-&Q>G*}0C!4KKDQV!X)01bcUoTXrkfd~bU1bs8t&AhdD!>__Cd`mnj(OQ<G8oDIFl51e1J&{EqnGi%)oDRt1GIdWRRcZ&GR%&g8!}CL)0WmF^eDE{DRDDx zQmeU_S1WQ3lYdI4D$H7%5EYt7OkX0K^h0*CR{iDCl!K6R&~@WX= z%jryTTzhvzvt$Y~i0E-UKEJ9gz+gnSxo4Kh$fHRyjG=#df<)T#YCAF&)Kh~9g1%#~ zfA=Q0eDw8CLz*M*+;5F-+?2A@R7z2IHF~Gcps7)E(+0qK-1i|nqOOB?gX^)PMx6;DCj#YQguS<7RfSO9Ctt*AalX7Q^{j|paIn%U{~ zQ&MYiJAmHRi9fPTE@lP(O$j65HGl5D`r#hgX+vPc%Yg9gSkjLj9O)&` zjSJ2Qb6|l%ETM!LY_zH;v!*t^Lz}6xn4DB37(MpYPam5+uXoxQwXQx_Sdg2Kw`hK~ zH`**$Nyo7sogFlE$zHo9KCK-_l7b-0XR1=Q_)TGL`fJ=t<0CcS_-=)Wa{Q0#+KE8tqpaUGJQd2$b+=IW$ANLdZI~(yI}?*vW7j`f z78HLVnVcbmIJTM4pS;gBq!2RYNYrH-B$=)}pUcI&th+RPjdl7v^`n)DlR@`0yp z2)OFU$*T>+UOUlrV;wbnE&H56gxbzlOomeQo)~`;u}(}>^B6ZEoyFj+qtD_$hBRCd z?3e5V<3jWfZ(5JE`iw^{gGqGU08wWDZXDDn+p-i_oS9{vmPOL!v8oZid%q1WzGSZS z?#7kt0s9(kmy@jeVYt%093OoXY=$dhk#uwRg)vYlEOCFV8;P(?ac6A%>CXYw6NG6l zadlPvm?9Cb6v0t4xed`-^Qofo2ax5y`hORIswjQVY4l~0BC0z|F45+Bx{ zs)XR@)TA%Vf68K=@8n#x`6WT76H~A&(6-g=x`U5rB-ltDWt3IstS_23Dh$9ddx>%@xQjAo#SQyJEPgwdAc!(} zn^qM9n!#^B_b9jQU>R%}Om-+#+DwG~od5aaljecIW#`$CBEyMy7NUpJ89?a z%BHAYG!5*0r!A{1Et@17hHhsG%TLFv%M5XqqMMUj**pMhKvOgQ`AIf9nGAD*6Q5 z=CLsbc4gzy;EGB@td_=3n+-Y;@c<(DarjPi0(G(KA=hPDl`p+EQPo+8p-qL~zUIJN z{TB7~qz*5h_A-B6h=B*H;{0749UwK5B|EZ3|SX?aQ)$S=u zF1hiS_Dx_vO-8=fimCPbb7hT*gPyGMd$p3X{;`Hty1QY9>@_X0a(knWUTq6cjGKjB z;vy*mel~`tn^>{f=yMc4&yk{t^t#xVrI`}a5(({9OW8aB@qBUYT@l7GT46iC#umdF zj2cpxh%CDm`5}H9RJRx?`|H%PshqOGe(^!;n(}92I0jUMKvVDXTO3%HYB=bI>3d&a z8)!!vN%er=Og~N*(#(0~Lijk}6rU>h2wLRE_m@48)+c44hH|6XpzVQqJr7kn6{6vs zn?&=quZPC)nHGtV_V3{LMzK`{p=7IqLH3h8AW;%{^2~rizb5st)pz4R{ z?X}hEO-HtwYAwO9aaoW5p^=0r|7-vK2L1L)_GH3r2u#m8bCK)*R7y~s1eS;qzQjCm z7+8Hcd)MhiTWbA1BF@1nkO3*M#+X9`H-2dYPF1RVlx9~jrfkaJ;5Xa|PS49l{-~q} zWmYR9sHKk;v6(pc=)F!Mes7&|8{j>`5j{ifvjeUqII25FDZb%827MdNgCcK=ta z|2FP&@BhK8(OBo#Q|j19H4Q|=psj0!@Xh24tZ2;d?wO6_8}xhf-;fb37FDQ!9zWLL zJ&53N`p#1gp0XjVzK9BDL1u>-ski`u*w3m4MTVxavIj_Zv3!_}l5~?I4l!}_^J?K_8o$CSq?x-Mq>TEdyR(t z!@j=PgNHH87n!DwER%*{mh`f_J>w}v=fZGM${f12CCl_`@G3_)@j|GD%_M+NY%@rG zI_4J++G$*{AYM_NCo+boV+1~KQ3iS1iE1wsKMB!jrvcF5^`pxId`&?GTi>j~Ze4Br zt#JT0!##>=G?JR6#T;6RX5*`J-~7tPtgtq>peE^`bhIS7_2-Hu@8OF^*ieZX%W$%p zCWo~|)14G-WOuJA$VLQlpcw}tf~}WR#C_wi2n@dt&(S|#G3Y`TYcM~^pI4z?CTW{> z%w70|;t8A7(0T!9eDgoSN6&pXXue~v-|(szB8Ue|_-xq>P0!8QJh>cU4n{VEv3QV1 z<>Qn1+~~8uE9T$`sqTe`t@SDu*SGTxsQ)y8K?F;3puAuvj0OHdA8pREQz@{1LER`L z&IYLs!M@_hJ9V=HHJzG4B24mIezMA!)z7*_QTA{fSmRG&!T@3v$a6}tXJh&^u2z1>h1Io)2@%I_MGanLgjq6T30KLt75KA zTM2}hzl`ODmD75V=||`CX(+MP5=koPr6d!28V=^x`6!gZ?Ds7SbHxXd1Vmp51=hF& z;Aa`QpsIiMNEQ|{y4l1O_kIekTS+$>VyejVkk47!6^ut3nuX$e487PFs&sHO_)s2Y zE{zqnf)B(Ck-bx=Lkr}L5fxYwqIM`P;9Zun5d8&|AXBY7uDw&!AY0ph;@uH57o#MJ z+|*3B`Q)USUr(*^ODBjhmk-tlwe~3KY3+cdW39>{)c_WUG|lil<^LXUP4iD@Z+zDy z37h+ber~*=8@R9-UD_o!mDrp#?QvOD@o!W8h>+lw-=j-uW{yC^)U&n$L2^{Z5S9hq zrj(EbY zx%!&hTaZ>PkC6o#$|ra+WBFBnt3Bn$b!s4Q0@Pl%J)I7B zu+Qqn81r{4aPZLwf%+M3C4Wqub zb2IKB`POc?N1yx~yju%`1=yzb?f6?Q%Fq3%_D^sSm9!)4hZ`0a8UFx>w8xt7nE*Cw z{I}vM@tp9!`AwU0TS(wtJ7nsHKeLdeyX)=8dbu0S8-|)!E#s=qE(q=N04iar`Jc?Q z+qn@24I@bW%;t5kd7t&I)%N0;o9j;NwXE*-Qq%a>tLeJ~zN}GDYn>qIhI{s}Ke|HNC`3jgTV3j_B}m3h*80(hB|p`NyN;g$PG1uavt-!r^8bj5_G! zE5T42sAFzY^ZV?Uwt#T&K{Vx49-U_6HhQ40_5-;<%)cE)SazamTDiTdS?!gmbF72I zg*a+8tD!0yKt%IVC{sDF=&h0WZN~STPJ6gXva!wYXs`Gb8OQM2{RSNCbEM*4UQyB> zN_&1W$k-wDO{`c~mT1KZ(iHwwwAoO`xqdnYZcuXHCQ^7GyXC_fA~*GlDap?WTTiOT z7_+H96?)g^oskxKRmAO#Uc}ymDKf=TdIaj`mn_>MZz`1Q{dzK-;FTpn_-Xv4j`sr1 z2fCvSP3$BnC`{WsQP5GVB`h*rzOqdcic2;=7^n&%)=;2%NqR>Dk5ClkW>KkKp%zB< zIZ3XEn2=ffl^i&@JUP5w`+YJ_w+PX5lVDaxH6=IW>Nug`ac9Gc+2PK}ZkB|D;L3TR z*TRShnqN(*5r(wUsG`3h{VFQ$dC6IWar5nNQ=uHKjPJ)8`5K>^mZ@fOT$LNHn^w`3nTd`6>gd+Xl_v~R;eFkK_OX^ z1z6cdf(ab@dG$c1Ss1yXu+X-iHP>)T+~p>8+4%R1m5W(ePhM5LX|sYlR@KRb38hxX z8Tsx&-k)jUoflz4%)k%u{!76CgqzSKh^;OKpXj07azj1~-nY3rBB&#F>lNKC+QPX=6Sx2vng=K@r&W$Z)w>_RuRF}5X~V2dGW)-6G$5x+ z$p?|tRMj5)hw1r#`)3~#o8{Ks^q6(>!d?PU3jp<K7yWmZ&W_h{d%jOqR@SBvSHdY$H{U&5yp?jkILC8t5*v}ZLexa(kxq?>)! z3#FQn?ekX83H;3WFms&z(8lIhOx*_!9=!U>B85aY!t3g8RE7;tMIXm+yr~SsU>bZB zPuVIV=ndc*>2x|Y+FD0o4(ro@6eP$2cRAoacvn?~434A?luf}u-0&9mM^Ec6xxN>C zx6#amW%|aS@XK!Jm`pP&Rf4Y30#|X39B9|Q2Mwpn0{$|{t0AWXcUwd8YCN~xJdW1= z>GE>hGKC%ubS#t^r3NcIcMUg~jAq(F!{$>#mKWU~Fc_$w4dw&n1-m8!RjFcZgb?Qd zHrs7BcNwj@xXN)4&7}&_0k`lpc=A-w$UiLlQ4@=NJ!+TFayrr#`G04f5_^3NsI5F* z(Iqa4s1CPrhIPS@xj*$<4E?&dz~;bsqq6E&zVtzenLO;^tMYH1?|B*=`p<*aXvaAv zFO8>tN|VwT`tA9xC6vA#vTiQ=Jr+;_mr}tF1A%kH8?H@j^~@M7-I>E~RiV<(?K**ExG>{!|UxH;S5+U*(l(ILojz^- zAas%J-SV398B&$*7NA-lMXqeZOc03uYOaRYu2!@!v^DkL``)49CjRjF^I(bd1y3L# zl1;MU4baULLltyU zSmFi>JSKlfXe(nlU|Xo573W5a?A7VwP8m^sJJ0Hw_qLRmibF~IllG+Qf|jB zH_W0)@zR}td+9(q<)v=I9(}RVVz)Ag<`wvI zWs`$p1QHY}RSoYo4j#F+pe@-O_Kb{k;zgkM^++K+1kvA)=%`Q9_F&_3>uR_A(~hVu zuGIh+LVK^fbQh3Q__A=R)Lwh+!29zSx>1zqn41_dB#1fezB>4Y2e`q5YPyUY0oNw- z;Fx`-wzBj7C0%)GKnL^24Jx5N*o0GIau#e-)^pExci76q39mKu zEWXwPE$`_|6l6ydfypMdXd8^O0>DvxI>pTBu6cz$6pne&zk;4YJAYVJSECHk+?546du^O`|u0YAgyWI@Uy2sP7{ zt}i&YyJp)zoav=Tjg2p>BD^*^=>Js)O_nBgI!x8|3N%_wC3tj3Kczj@efN98#vSev z7Q<4y%V@t5&NW?0cSvFrnfOeQkF|&oK=mX-o1(P|vo=EG*$ZX(&dM4xvXsDFWKj5t zD4I&DBpiN>fg94nf(WGrFl+r;u9|sf@%Fsrae&H3 zs@bRv#gfA5IwzLHFR3*hTs99m!w2DJ56c1dYfMVGh)Qag!+hg!a0D}8Eb`=l-2$Qi zB9699QVvE~UYdm)kKxzvpqca~JUbH^a)&=>Q^a*Ftgo!hqMA#ie44p=MRvOE(P8$+ z?cp0%OFszw537SG&beutL3rxAQOjL(=#x*CikNEwK9?{Foqvu;B|{qJ5l7v*z9dJj z#eTJXh-*c{!+{3I&m#8cPJ=o#xz8zdJs*ts*Ai|7kXigg{V0`~Cio^5>{TAFpN~+9 zGCUH8+2j~PS7-;pxqFnP|M$H^13D+C+^{~|GpS1Ys8zy73=mfYt58-NY&6&iUo>I$ zQQnf-4id}Yy82*<(&4*B4jr-N&Nm&b7o&{5R|XUEK{7boAAjaWl^Sxu=5%5Y_^-Z| z69l%+y|BM$4f_;eR8q;-G4`PhftvN9+~|SFpadJ5^i6JS)X}P;a2)`f-6tQ+A=#z% zN1<&?EEhhTUAy?Q%eNcy&Y2$%r@^U0Qk+73c{qULK#`y!Jxi4qqdKDc|d&rtrg3S9jP14A;)A|%T3ApJIasPpcHHHCzMs0&HY37xCbY4 zD_r+h`5B>0mfZxIE&n_V16G+|?BcGn{X`kc2Y2mgDVPBSQC zOrKtS{o?-BOYcFAbZ#=|6)+1fuhel=jYRzoCx18Mx)rErrIUzNv@5HYyCye-(4K;+nims)u1&-?jr*K`aG$Kax%U|(G0#E%quY9iJW)`>M`#f z9Z4WdI-B;WQr5-4I@9t|;A*Co`~tuLO|13qrDZaEs_yqH8Z0XyJQ2)r+Ww5dxD?%! z&o!|4ROoJYg22H9byT!oq)E!Q#n%3J~Lek%ZaJd^hs~%84#Ax?p_c!cwC__p4R^ho^6k zhdTfMf6oj?8n-pAk$Y^6c4e@+o1t~hb?CBXOQy|b3zJeP#=X_Jg_6V+~nnQ=c@6Vz@n(*L=Ukp$q=Nldob=Db;EzyK_yUd ze^T6L=xn~tbmbw-&!-=9uR4pm1Ge+_JUC#ZB}P-6-_v@@EvCnaK*UH}=!wT0bQtAs zhanp-?(gYQypf(9WTwp#yq*(qJ2+obQ99Q*4cjT(fILqMiV!8b~2#09WWV# zhV4G#9IFSn8|mq8_m02bu;{Y3ZA;FM+?$l=^utRNn-jh<98|4)s z$XxHG>PzVM({rHGO61n|a-pRkXid(_eC>r8MvzS>-E(IQsPwY^Pie8Uwo)ceD$6XB zM~St|fds?PB6wdW^1!JlFvj?Fo#)6Uni5NS&pbZzqn%+yE};4tUsEf~xr)QO3dWaV9v`4W7D~Lk zYHW0#BrCX>ef6XHFg}Cq_!&K2kSdU6dPs7cO5?lnu@YCBP~s&w@nE(r!hm?FeN92| z850<%EKDl(qp@d0$t(vKywVqZ!Ij8xPV;xCI{bX+Kk+wXb6Q`SVRG#&hN2^Wc(vk{ zlkOO_|JRem1)Dkya;TiCQRnNBnSsXn7Q?wla>J4Gh<%uj@}>1dCa#w0^n=WOV|+6$ zj4w}Ly+LJI$tT)k)2M&6vSDbo#3{3ed|4(b)Db2_8I(&Pl~g*S3&USl9|k8x#{L}% zUFEZFqD|xg=?)&-zRoTmr>YwKdnQj@ku!-mL2sw*J5h(HeA`KusOQx zrX78vTOG6Lq?$RHCl<80|jCt zr3#mvc<0f;{Oq`H?fKFd!zf^ zd9suVTjq!=C~nQeOr-|fU`l1{Iwl zBFMite<9!it(We^P{vr+6=B*nxXS6C3(=3FE2gVx_1`ZabfFxY%KDvuy#9djkeI)2 zPJ2Q9dh)+@13|XbzVx$weulq0$gz;cpjFx4=%)m1-0FOOSR$T`b<>$3h|V2Ut-FS8Vg^*nDU zOt&gn>7Ko5rbDdXj>hxRd-4=tb}9Ix?3dp-K}}Zck2K__PWq;-b!iM4+`e_?$wJ3L zWHn2C8ha6JsG#+Er}qZNqhfAw*%xGP@qB^PyKnQ;`$fLJU`w4tGz{b3x-TRx)IPX> z@17faU2W6{sp*Db<04Lcu0Cbw#)Cje_L{L{%M#q$T`*V>R1lQzC80|dD*K~S^l?7{ zB!4EcuC{*o$O)>OFVyujdJw%=|U5JrkP3fp<>EIH|dDVgri~QbPWVH(%u9Yw> zOLLM;q8|78-Nd`R{Af9KW!LPaH#YpNT7ukU**#b+Mn;{9TKf2;Q;08g<0*9}0Ea8@ zxjpoTJFs5Z9{N;icm1>PsJA?8PyJQihJWE<1MvIB+H~a^>gu3_BTLldte{oH6|DEj z_E$4$sB0}xm=$hq4?ywemF#!oT6n{JyGMRuGWthzkbU&@QhRs^J=_L7t$)#G(O8Mr zy@b41C2e`HoF}}W2WQ`mfM&#ValYF;S-Cr0XRyd+u zWe$Jh$>ydN{&&y()uEvrD{{1kZKr7_z zOgYF#VmkM%E1*|p4M%O%;X2BVUfcskcM54;&htg802o?&s;A4N__zZ$lqy0>jka;W zgdz72+ULce0QQrAA09j1lb0NDPZKlZ?mdwk-RBn7lVW4f#DUB{Ghs8PJ38s+5B-%Z zu3A}FK7VH{P<&BwWfy<#R%=7$rXpeND<_J9#P&^ z2mN8rjTBaZXn;c3eQNTu+LplIW3qyqqv|DYi*m{GTOAs@MmGOT#p^8lwSc8h87c;sxSeiQm>yo?UAzra0m9EIj?ho7=FC!^aIT^zhL%$-w}kOtQD0&Vi)n#jK4Khh(D{1=^wuVlGo$0O?xaFRrpb z-O&QoiG1HcApzMxz9p>>S^}A$wGs=P*-)zgSOfL3sO6h0j+@2lBCEEEn?sZuDLs*7 za#L;;0J}RKsPaZN;$GN$a+=Xl2O&8J(;6+)>~x-##={L2ul(W2oCF1sA z+s0@ffG85%^_Y10nWE3>V2Bw>q6AI)18pP+KA?Olsg{C zB|JDCdKGauv20FXzf|4G>*TiKwom?ds=_EkZhQl)YAB$OLqf|YL1!m@P9~;Ta18BTl7vJVUl=h&}9#!)+bUni< zMwW8Tt`^+D(tN4?RE9~`^<}nzVr;&eT&(wy?O!?Faju%LuKlOHHhUq!U9sD54dZOw za^d8CK`V}p8|f+4ITy~!FpbHII^E^9On$G|=i>?(N@n-;B%_%NTzz~@DI3ysJ*{1( zA!n1Hkz1@R?{E9*4&X6cDT`31ttKf!k#0b#=l&BOb+R0`DQP2D*E7fKZ73?@vvI8A8<1Ps@)N}EZu;s_gUb`fEYfqR(cdJ&(?vJ+bo!t!=8#SSeK*Nt%ijf! zJXzI|*~fO(5jqvR4N${;`Mzi!ujxmOcG# z)$_#;+fNjU`{lF=kN@MTHJ5&Jk0Fa5-cw9-i`GFWRf#UR;qZG243NhzlN^+iPITRyU48Cd=%oA#A4 zi&yff9w`aaNl_CK_?8d)*;xz|FL?i|L`F5QAu1IU1zhVnnM|DC{41-0_$d@zO%;D{^+|UDG1Cw(=^|Xa1eii?kcdDBn3nJ%N zdw+1r_ak&V)cKdaIVop%Slhy*Am<3rIWGB#(TD0<+4unL$LIEeJ`=V|Kw&H%zO8Xl z;Q%jZZpBr3P-W<;?4OPARbv&!jRZ^=2+wmjkKJ@&I8gV=)Hx&-{VbXXpH%sKEP?+^ zU}%0|ahizNO3P68>c(~XQHeVXh5paV(e|!@xnv9l4}5{cTa}Jgzf*p1UtnGsW@r;H z5y;5{2yXORwZOz)mY=p?q9z=$O@NSqBWMS@=IJOa+Lz&m0hM7kC!i)?UZ+MUDD&625vdS@_j{8taUNC_rC?O=}mwxVNh-qTF_aVE~j`X6+6tpIs(jrjd5%(#Phi>tu(wUIAE{ zXd=F}?mH#2a*Lm4mc_Em`UdF58Cp2VpBviqH9$r1aXFBsE$0S8QZQwJ_SmHAAC57O zo!UO`i2)nTOSTbF)^AT1fcn<6d04nD_Ez@GU`w~+zPj3?wcY*arjg6;AK^zkuyos` za>=H8$1$l%$4_WyLTxDfemSC{dCBO#ho}<1f)~SOA<9XBv!RdxOAW(%Mz4ur`T@@D zm}H18L?8w!)**A$<8!j`(|?$~pD(&N#o;zG|5Lk3{i&_ikyD%5eY=L2!nRN(^I4||IcyH~PTYv! zy6iqTrw;gF;Rjj)L^OUh<*#?2TBW!i=C5wOF$aFDB1Y$p)f3EZ>?s9~BK1x*knceM#o$te zsZ6-qI=k;XeLEh@>4`S95ce`R`8H;iN{ zYk=(p{t`z@epnlXQN{FD*xDOa5^wyN_5OivZbU+|Q6#{<6>w5;&vcQH;`%EO8R>-4 zR?1j1Ls7)z3&(PMIQmvL0@XDq6Uu#isYyYdUgHb6;(&A@<>nb(wSSK%=hEiw7I{@7HI=|Y^C)zAj3C8WW0|;jHvB1uC>EXX-C76HK0*aTy62w1 z&Glcb5WY^6-5jp8QmKKz^H)s+`&>RI!awTdvHMg^|-~If1-A}Z~boGN2c0_KTvlQ3MZ%R@Hg@uoS zccSIV9RnL6CfW~JWIX4oi_FlWPrMvgSv~S4ih_lUF!qQTh&6JNg>5(=8x8(UXFO9) z#U-;{H=7>C$CFeaQ(#Ae$|h(7ivg(c&a@$r`INDnYt<=wBE!9v3JiPyXq6Ew2tiWL z=XwU~`$o7ljd2snoW#ldZ%*3OUz1f3f2_j?L%(nUNAtSZ#;e%Wd_X}>XT&zq^)%cy zuTaGom3zG0_^#|{awRG-Nvvu%Kfi<*f=cN5{^h+A2EiKBV!g^1mM~1NXj}NeDFs}W z;DC0OKAH+Ja59ckl^4fLAaSo6T19@TJ#BQ8rql&8;kVr)uvKmDt)_8c4RJ}zv-AES zuj0kJ6;4ZqIoIW0y}#ZgT4MhQzDq*cYng7r)JB=L<^aN^>55+DrM*Sg_B>g@lT&?b;VQ2!7cSQ(h&>9K3nX4Ls6bPpG3m8Cwe)o!RN6-wq(kiv5%TpdmHS_& zwyLit#IVax4M3FKRAh8}@4OgyER+5q+b*a5T89RCg57J`fmPcGMJP)4B>)u=GmoOc zpf)lNRPmIakE5vd4w&G=AdF>rNF;Ik`tn;{ttA8-gD!<~&!G4j$HFFYgMy!u4Rmhr z$Uv|8L&YF?yXt)?I@fEXlKd((5CS>$H4*8?0Z`x_Nd&*I;3faVnGiiQ`_B_5F2V7M z7fNt2*o0YLg|G`eW_5@HMKSC11>7WLX*fa~p;o|EHsHJZnMYZGReL%X3V*u?aO{S9 zuS6C+g6EJmSE)#Y3%z4J;$NXXeD{v=UQi8)*1fJFMg_J2dHaQ9R8CK`7Hk^k9-Zfw z@?NAlbcQoIKE~SZi>)uL%s@7^Hc#Fmp<7c~L=n;9+Pax=5fBbr@N*5r#g8qTSmm=! zlz)7wzL@0{;?!wwgZ#i9##n6?N1pE6l&Ujo0O9BP)(Fjo#7 z^s3N{`4ZSL1~LqUQC(lY2A1>@-g1kn(g?M*uu1DZBDc~0>Oh=|GQ~b_Z5nba<2-9pV51g z0qEP**Gs{Ps)wC)QZ41f0E7#Lx0(v=fP{u~nz?M01>&sf%XPo;a*BBy)WYT}f^Ece z710J8-ub@N_)NaPt&`?1+h-f#Y6Zdy3(Kn%o8$aXZ|;CGSJ@gTZ+YmN|5ma#Dqk{Xz+{Yk$wI&i{})A< z@hNuPf4b*d&B!>38)alQ=8crWVnJ%9NEoiAL;JGX@8tUqy<9JNCps-njt=kqipLrC zWUz5rsgFDKDhThX*-FZHICRhGpxDRywAegf^4TK@YyqOn3l8}zAsJjt=$U70id)@& z{0anxkJdicD4k*G8xChmoYIm@bsrS9&?-cc5o-jKPK>QNg##opnYOaMjk;0mgUMx? z6n~*e;`815Am;AfxzUs&0^d2(Ks$&aaleQOxMf;uOu`-egB8r}>N-z#nzRa1lq14q z4Q>IMt}{#^-%+He5S9z#t#evqr~m|muCnm2xwGzW+UDUrl`B$qQk!ywsk~PL6NtX< zMBSi7=hMW?7G73lR06J+$(h3{7N>o>w5fV(Hsk#-^2@bd%rxFm-x~`pZ{aq4uFyhx zI*xrO)dxfQb~4WYSwl}n)V^6p%jc?VZ9dQszGilZ(df@6*BUDc*Spr7O$BrcuaaC= z&ZlBZvg#Dpzj+_O-jD~~r2+ONqqU;~$irWlaz+mE2w>2{Wy$FKDS?vH>6>PRp0imD z$RO$M$mmo zCK~q{fm^o3@L{WJFXTCuFfE=q--Cp7c_XJXPn8fcwjRwn*UU5MwAAse)zv_ zOq30J%G=@~@JZ+B9+sMd&3(7rAs^OiJriy2&}zD)*ASRha%=Q8hDJ)~YVlwF@bVo6 zM!dH)-xt#73~-ivnOk`1)A_C1@g=*jzJ_uyOn)c~KfXd+8K7I&W3^Z$RM@Q+`$W2M zYUD%S8^U#9vM6(K3=S1T@ucdSp(|kc)}*sE1HoWQJj~V-zS&XckkSCMnnI^Wk<`a> zs!L~3ppJh%`H6Q(ivFmmb~1F4P2wm=p$rauKd~BF)AfV`fYxP<$&+=OJmg`5SbI)c zFAS-5BOC5ZlJB%|k8;xJki5FkVXt$e#Ry0%o9!qI=z=Yjj<+%H9fIH)W5KGk54okz zBApZP<+ZyDJGz78L(&r~_6QH@p<9vjjR?`Wwb6Jtr>wX(Wg6W9fzZ3Qpu^WH(Yy~> z@wH~UT!^29|6vAjU2iOtP(Hg@)6r)8hJ)R27@MnHCs1+06p~}wh&`oB3DIGAb3=0y zD=LvX>>8)-P$O8G<+Y?dzp#0&{^7$liywA{$%yY$Nzrgyh9qiM!v~;k^O5(fE})TMsF!jGk9?t8t!EV zV!Xrgx@WVz!sRbt`RtRVkkswR3G1-WqF5ngU3*-;x~Ec?k5L>81yTa=0bkf0?nJWL znj?RE$fP<`Us%n!-GsVMwY`#KVXn?_iZN^Tt&3$_(N+w6DBndW=Noz$=av;t@<;&! zVJK*fTFF4;+%KsTPe0~%(%$A?fR;>rb@_IjW8wG_U_Ig*m3-mYmq$eFh@^F8Jyc+? zum^mQ8$EKcb*)V$eglzG(;?G?%b=e%m}h1<$XDG|Isd7ikX7i8ssWpwZfi~StnX+f zS`JO-{?8T7-8KmMPBdL9oEzyTTpJ{x+X^TWM-fy>s5uq7=_EDm41K#<9Hmkp(<=iC z5U0J9IIB)%Sj5Mr($|%d8U>X!P5(YyLTjN)<_utP;(t(N)-OXu77!*4QX54 zyM)&jfBf>(XE(n7*W?Mcrk{Le z>dr2M`esb-uBPNU;CkyP!J-`or5R|(it0J9|ERAKO#hx&zdFdSW6;_yu{ajKP}z6X zUDh~(v<#gVpTh?>a(AuYd4F&zLMA9-$(YiUDX1zEYsR2T!N4z33i<6sX*&IjosSD) zUlOSQ3g1(YD+ASawhsnke;--Q?+ho&J7$z@y@{E%7L?81z2eVM+^U$L;&`F_Sua_3 zV(TetOz|MGo7?+(mi8xR^dcMg&XaEI4D2r%BYLjXlkXcFCDTrHXo%>ZHgo4OwP#RA zvOo~Fb!Ga@6kqfRRgMfVF1;rrSak!DtZ!z#N)|ZTvTHBo{&rVLY(_D-DsAO?Dxj8{+0HMiIB5ZC^U zo0T`}UXNnN?~*5xQONo02s3a&jBG#NRjuHpv; zQ2*hHEA44Q)#hZZz6YzW4pZc>Bu#<6T@Mgr@tJI64pD(?4ME3l`TQ#F>1*6W^Tp+|f8G83p zTE{G=_2VX}je!RV(y&BD@X4~reNqGsicR9e6vy4E@2NS%PBy|SO>UO2SwW5+n|ULv z+QAt2_ag)6$HJ-|H%?OH)WaNP4bAs59(K(y8E^Yk7Khr+-mkTD2-EAuOu*M%gg4+> z$L`5Xe*wIwXsJ&osOh8v4ACS%-eLJ3zse9^*NN|6xq5ttFoua6KCB%aNs>=z_Ml2WJJ}_va*a-Nft( zg9RRg`3rug6*@p$%gWq$JuhhgF0U9Sl#!Z#+$2T2J~sL#@$LT15w?Z*X~04byR@v8 zi$7Gs@zt*7WW8%P!2zYBGzQ`;%!o2p-c+)qJJFegDZ_@Y?TWPd zB1hMb@oON->M1v0GS-Gz3~ZAT{lUe1{VdgA9wioT`{Q=Vz#V;alCEcra%W!Jin4o- zg`>Vsz&51Fc37sq(a=iul6eu$i;typtr%{5uZ_^Uh_|5Z~Zg~~f` zV3V8!#s*bDi2F{qePs0kaVe>ra38thSUZ;VG!`qqU<<2?#$d*hKylqOz@*1Y(JRCv zU)jcZKOfXWuNd@yELZ97YT~Ho1p|O@b{W&#TP*j=!oP4_G|EV8v)!A!6LM*nHp@8# zMs4f`bsPrcW@ul3-E! z3$yZ{j?Wa@r*ZcS!8>}+o%EqC1Q>c(zbaMNcF{jcQtL-2E#TLyN66UO|FBMK%vI`sQz8LC&}cOc3rbE$kqZ7#Kcr_HOAHz^a8Qewi}l_ zo8^USDNnGc_IWOviB%lM)ZTKwCR9*9BF8y|k2Y3m+e<)OuIxZT4g^y+Z@39ScA<0V zUBCrD(n?Ug3%iDIGZcWMT90QruWq*QC0}(M^faZ#5iKV`0;`e`SK0B|Qs{UgZ|=ft zm9fRFDA*?(bp#?GZ);=6j1$M51#e0~@nfx98GGFOu&`Dm&@!9q@ckvK_1l<@!FKb# z9`*&TcE`gx`z2fvfr@qM4&qYWU2Du3Vd<; zxM){X_WkFT`2B=i7Lz{m4k*UnK)6clovVCdb#Q$7m@$K5a1FjV-I%naA6e}x%xOgF zKC<-gIFa?YN@MCX17L{r0TxS`?E=riN`JrwjK%Ahb*g(`QVkcBii|s~p{F?Luy#Gj zm7IU04^=Iz*F}y$15StC zl_-FVb{~j=yalG`)bE;=_}^h=^Y5n=>sx*2IORC^5m0j!+G4x*B^EYhLN>1y2Ti55 zeUMwHfli z-q%eqjtIRQLbkKr$SQRR5%7o zao8B&jxvG*UAz^2S2g&oiZ(kn6gg5VB%VYg=sS{U-y!ObeW+zX3!{!YTHo{|5+=ck z0($3uHVziT{|Uw&QBp5SUK`S4uHtsok2Ym;VN|eaLU|Le zIm(^c)B98cN`!&`9oHgZT8k0@4+mu z9g<7pW5z{JgnM2v&o)nK=)16e`+?etozR=pO*i^5BdF5CtEKD1_xnYgHIMp-Ak48w8+L1EK$5uU^OP${9NZi+)HEqhiJteNn zFRSz|MBiFZJlbq{!N=GoJ~T#~d5OsGGd zVwx)*a|2PbQ_TXGm2UZ^x$(sW22MlD5VXQ}%>Cx(##r=yHSNCf|x-d(+!yZJ3 z+70mR#TwU*B*v}R;F5h;w$T7;ax7v%eT>x&i@cK!FauyKZbd6;lPLzfZdF`P}elps=)e&dZ zpf%3(aJQ*_JX1{I>k|#&n9cAp&cXgU%l_8U;%U;D_|BX}fu$H@cmpZX~5h zIY(4IOTk9xy;3 z;eYgUfE!J;8O!%sP)2Wqfps9lo?m;~Xr?cCI}*Wwf++(Dq+|I#6oJnZx_^5)GG~FGHC%-}c1HplLNnLY1w>BEAw~T3H&N*n}#F<0&1v~q#ESBrwri=ax zZ$@9*wG`oZ52CW68+Tw}LDMi7mR#_u5?7x^8${V0=UJZ7?K$%MizlruQyP1-d?0qm zB5k0|*e>Rqsp$;DjJ^>juG+|Y32ldT!ZZ(?hS|S$@qRMrT&%Q)xMS61sE{{!1|=kt zTZ}gPtaNFU_3?3&06S|SH^O<1u~+gv69#3B{tzB0uvj64bkDk4M9F4@hgb^iS2Z17 zfW)>mVAGXIU-ZlY0##BOqq=6Sd=~n0CZu(X6&hLrxO;z!;&_Eh?Y#X%SlCS9PExTBP zf4#~^;!Q1k&Xb!zcFkFIqmKCiD?)C_Mz&09QCj_=fhM5A9j0ceFIo>bPrI${ZB`0o z;bd<@cL2`AQW<#VI#dggDOS6rN9m+;4v)?I7nHJKLMG&tADJ;9E7%#f>{e|X_=*R4 zsRTfjia>aU1ij^a;SfwNpg|83E$2pyRqwxr@GVih#yslbO1K*b$6YbYG*Awc>zxlO~j)Lju=8mx+ zjPa>mYaV7-U;5Sg*O-l(KeV}d(xLGir!}^)Rd(8r9s(P8yaK4}(0C5ib*>Wh1{p8- zohjyhUWRw+=eBDW8cJ3Mv%R;x1Y0YOL6kA^zl8@SS;2h(G*wU#P&`+05+;RC|ilZKGlrOD^ z`>g1s^Vi}=q0+oq$G95}ejNfgkSHGaa!M_eK4!ripi=t>t4Ae|X$CJ)%GV}pwLg({EXpTs7$D|9;Zqk)2p9JoE2N!d_6amLgUYde8fX2)_}J* z>>~7w$p;!4I_1G@qm{ztWc36u&t^WN>$~svF{69_j2kv{2#*!p2dvD(iG0G|aHy|B zC%+dg!(WfBiYW)KXGW{mC*GC$R+^$7b9W{fv=ZC_INd<0sU<|_3{J#TmkC0? zS;g(@bbhp!I;=E(*tJI)UakUmSOywRv**rdyyo~u0Wo8Ay8TU2+ghP5P;<=WW!6jF z3Fjru6#1b5l{)J;=b%nF+;br=CB+@(g=gH?gfz!+LwVIhpvc>U&y{3lixu0@{=!T< zZJDdY9B&+Z1C;L?HqaQ#D<*qioVzaIIj@qm>g>`0Hn!PJOh5U8e)%+6c%YU0^@h{Q3|5-omNq>xT5c*Q3@kIUr3C_|#CHD?=)&O^n9Avf_Kwv)=| zz;L)o!?}uBMIa^mOu+H4J$#UY{>n@}(az7u2@A=~m^8X+oXaN=)OXT7Lr;a_(mf^t zw=wk7uQ^7J(WX6m0~*Bq>?SNJk47_AyVomBKxb`-rhaXd%~7zui;e>rOQ2aFwH zo^r{?XE5?QA0pc`6JaX%TbQA!xX5UJXBOt*kgcvp&WE|}S_gS@L&%(@n}S5O?rbaY z675mk$RcoiHTxTGVi~h#g~M4JNioP)pqk(+wMS|-YcgxPe@xDBvEwp9bJDHeQeJ)z zz4b_95R)=GE|mDZGgj4%0@%=>77Wo5c@5EUB&4!WUcy|<=r)Z>E&;7cKv-Ai^iO&} z_mWwcHI!&H&8m){iW>cOOQPh`PtOOgYqzlM%bpC-B%)#GzDGOV{Bti^oqN7S3nX+P z!9SA`5-S&c$NlnQpZ-#|Gfa~opY(PRlI0pZr2%O40`z8ba04Vn$B4CPGZrWbzcuS@ zs?Pzt&691_M5N8bFm@OPKi=)g?JMtueu|;{%|NCk<}{$V$)hxB0o(w#r%YN<6&0{# zO}2rena*v9ypHUYUQ5P${XVq+Nmz}Wa@-1l$&E|-^MfRVXE!uz`kDu^|kCa zQ_z>w2vPP7+t{pBbuJ$g>M;!6aM(vZDZazNMIIqaA^VG=_Q7xARYk`ireUKN&-WzA=u~1z6Gic)tM_DZK8+q4(dXBBqWxPdWGb&!Idh1 ztGVMz)7;Qkxy@2HVFq~(>VK$Kaj-$ajLLZrI7&+q_V;6M9Al%s3ff@j8W5w=j?;~= ze+d{H^*MmK@L9?|w+6J{zFpcTX%=8VKZZ%(rfW26?u3qfy=wo@^I1s@4$gCq>V|+A>z=#EsAK{eV)#V{s^`#~yXc zq|--2?9pgzeMt-zl3Jldj zWN|jicdY}xUq!RD5v60T&iz~226GoCR_HSyDA8$KDvq;2Y1lt{{l|hP~^0HtgbL0qX7>N_uDg~bO^X9{3= zt{H*8d}aCO&l%RBcH+#^`^3lmu-H;AQ0)lUA-&9j;`(>~F9;9iY})eFXO ze&+2}=EIo}MZ=6syJO2z$$$hd`03wC(rqg7AS9Or8`&Ljv&{1GrC4T|9;@lHfn?w- z^L|$}5XbD$?h&P!&#~3*gUKb?&GB`7N7cH}LP+wY7;qR-Iaju+02CDl{Gxc#@%9 z8;BPJk8&cEiws~eRfE!MvlYWz>-H+ zpt=*|jz~+${p=TMdWK3BQmKHvcqy(GfNORo7Z|3WPdhe%D8SJ1?JG#{-i^pkj&E@uOC5w&QHMmO27SwV$}ogfdT@xx zUKC!%P9kTVbauwraRjAD>Lu<^uBR(F)PA~dIexDoGG2McSo_pyX{fz_?rbht z{gayRUn`KW2)G8KTRhqRemEQ^k)6ksr3=_$t%Xc+jkd4!Nt2beePtjGg1l_5(xJuR z1(#hK+^dq7Xe5EoEEjd$^GOtvT5-N^n~5jE-{BTRt3X0zFb7aPCWBJYWM<6cQuD=UjqK6`y-2V z-1S6`E%Fnp$uLFN%MV}#)zYySX#a-~nbvc!2X+YBr#anwoI3>FFeQ1(K= zZ!Ld3UhkCuSIR~qy~vxZ5Nu7#DQqp;R;2Bwg>-clp6MpnKj{`lM9u-fVBF6#ZL5;Q zJBGvmAolho?EWbKKi?bk20z>{tnd5r*PU)Y5i2T90+lKkn5VDn8`X7+1IRcEzN=d=#adr6^LxwDQ7-ChzpVG* zXvJJzdFZDusizMrvsRJek6XicZH2;`(ezoA;Y)llu%|*G<7f& z*(x&?ox~~MS&6GnC;BH|IiNGK5U+WOpbl-SJy!_TLtz61m=vIs7Q)eNLryPGddlzy zcCHDDtIkD>JDX3vh&L|{$#)OTI&%BZ=JkH^@P;?H_x-&*9qqDi&@cG9n<3~2=04yH zAKRS>S#jx6s)k-b&kueWWzod7HSEc3ZV#80m9R2;uY$vJq1=E)4wdr=NLRT{d5~NI zwV{ao%I;&OeE91E$F_4qzh;o*EZ-T1Q`E4;N@rUw3V@ia1XbPbg_!b~&%)|`1g*J> zkCnx#yf$MxC`B2KevfEnI61NX?9hLg`ju>3Bi_+?aaU6hVoPPMa zXoAMKc~h`o9Y;%UuTuTDNcgAdVUIxh&$zGOmzU2Y9h$nO-iRI7{})H5bxa{pyXyDf zGU;f;l$fu@prya-CS3y9(Nl)@EO!Z(YWry|E$I>Ta?Y(re^AYmlz4^7xiv_kq0qq2 zDd@?SSvwt*#uQ1vaBsM#VQ@SSee{;N@9)%=@PBB}PS;Brns~MF_9-x^(<(;RFoD&N z@Cg7Ez9a`hAT9QI-(7t3^=79AyUWasaqm}9v{uKDD4)HOXpGw=OZ19Vyu*@Qmq z^9gH{A{iUX5o6#oA!QoLC3w_pyMg^Vaak9w62;a`YxTFu^ zm2t85Y*fif zrJ=0D8b&e)D}qr+r-HNgbuRMjuDQ|H$iZ&aZdd%9Ajlrv1&`~QhHFaBjRLk#>e`*s zHI5}p_idda1(RC8?Bgir%4_|9DYdsj?v~*2>#$EaoTAOYeWd|g2E*6 zk<%)Mb&hR-()))%z^;@BsVxuAyiBOh6YMZ z?{xSa@)~V~Seh5ZK)1gjz zx7=lboKrybk896ON}(s_rA*xz>90?muYA>X_QxbSl&x((HBgnf5fKT!e%jye6_J!C zojtdC?@X^<4(hDI{gE&8o#~JOVzQ^2JMt`Upar^k{E}g$zy!jmB85LwkGA_duzeZb zH{=om?%vIDaY*Zs`4vtjC@=`)q`bp*od2-(GK&pp2b7TKq-KS;!lF?ML%Z(r9^RxV z0@vPHaCyanLI5T!5H||W_ z8U ziys@nn-6uDGs|v<{j!7B6~D#n(3F=PP-H-LC@(x~SR!%GJ^Snfj|gbgT4c`|w1196 z_rLK8qkPX#6d3|f>hbyOU^X~D9}Uq_a-fw*$QT*Ghs;oNyn)7d13Y^72_x%PJwe(* zv2+EANC(-tMRicJdHaiDAEwt=v#z-dc7>LbW8qnOZFzEr<#`9&fDOT=F#PWm`D_9V zn?B&JzZ05xfg-oKO48hHEZU;7WoJyXr_`rYYa;^x*Y zQFqh&SDSV|+_Jpu;@`727hl)z81DgDnTaOoQy*!y&{dxQ||H8+HMbgxlZOzLG z5Ev!yta&{Bee9X6hvwW52HCO88a97v|JYN1hgq@d>H4J~cFnDBWWBrS6FblU539VO z;kf3v3CE!8*JDXF#IeVr|6xsk#7XGOGUXpCXR?Y;PrcjOzjJ2sRr-&o4yjL7C*9w5 zR{4u}l!MWKn6O}(ob>-cUArvIoL#?2T$WD?-Z+1H8FDKb`tZ+p=Rjr!@B3v-%F$o$ z7?VzRUKubsuUo!qlTocp;%okudslQj-YNfZ?&q&(`loV7I(C2g)BF*Cq$nfqJJ&l& zT3S#4!@g{*SdNE7K6twBlg&BVh(nt5)n7V-GE*N>!&g|%`oigWHfK3B{qcnPjg(bf zZmE}5qT8xV%2@~Jt>W(Qv6kGnD1T6&6LXvgvk310;d|Rb_lngb`Px&-j{e@Smm7!; zuXf&gy6=6~yt?YCeZwBjiLRIbI?y?)ecXqjbPOKY$G<80UziTM| z)A&-{C3{h*<6yeXAu#Ndwi&CS-zhD|MHs$)$k7=4@!-T^*t|uot*nUkTMq5x_Ndk0 z+m;1fwis!Gyn3RucO0l!jzi*mFrF(rP1)QWbfk^}6AGXE88kNp8bajo96&8k-)-=NfRvDe0 z8TsH?4!Dh$~MAFVDJ6~((NPU!lPBHoM5gR5rB$ewzRfk7bR`Z zYh`Em<}`TjrIhbR3EX+Sb~j4{F5$V4|I}jj$k$w`f*9_n85~IO0(yEWf&dq4G-tHi zq_-1P&}NIWczM4SFzZpqmd1_V zW(4jYl%u35nyDujaF@wvkd}~QUqvj)hoX22zv4o;*3k)atX7ies){TpiVdrOG0W7v z8{%MuRGgWRHUGtQa~yIdzZi01M?u`8L;$c96g1?Wz;+N)P7cg11f-DW#1ao~z;{=_ zb)$P5^Fk>I9gv3^TLl!vlnYxQjRfodue&#ohw^Rv$1f>LBBksm5lND*EMxyfD0`H( z5ZQ^c8(JvI*cDl_FEPo!j-@Q22_fqcvhVAdF}~+D-M`;+f1dmGx}Wd!&-ah}ABAz9 z=XIXvaUAdCeJp402n8B=LKA-wo}Bhns7c^En3_nB6S;ghNeb;3_d-10ulA634Tb=<1Pq}vlnt0%-PShnfv<0%$-7}E7d4ov0>$ApmZPDm zWPm7>p5k_Ncs@zJKFa;0`Xw|`APm4ykWb`B#)(Vf5iouV@9-Jse+(K4Ze_nz=c8(c zy;c29st?^)KZ5rn4WoT55kopn91ztI@Dwv!oW}rVpORnDc&l*&hbAxr6mNK4#6Lx zzI{RUThpHwl{|NNM_IsSi*z8x^K$p~15vb!GO9)QCqY5P~QnZK?{ zrHzS+v5xW3$pHsKKn0eqa@LA{$d>X{D|)YA!3SQ{QhO0|X z1kk&Po}EpdLmNKbxwn)fIBGSmhU?-Q0;TG~O6Ro}v2jx3*}8704OYVdP}Yb{V0y&QI*Y-JhbT7XdG{i^87ZsmxfkOX+k`(sbx z?i0h8Zp77~;{_Q$u$$km|9@t6HC9g{fP{c3cXtWx~37R9@KoOJ{I0Y;5Qr7#Y+|BEYF%N0sq4KY% zKK>veG~=QFx)gE!`l-mugYg$?xR2Qmn}JSPr2I6dqIT(ZHqVn$;3bsR4gzCOG|cJv z@Yx642YCTh9P&J)-@{dcOaZa<*Ln0%?Z&S)C-gWje4m* zQ-jO|YUaYrqPf$|-rf_;rZf_^A3?&ZV3zn`(r2}zKoC4nuCaV`j8-6fR(l8>Mp(r~ zFswDemE5^QOlsPI7e8M)1G^$L7vZiT^tKV|;8tjtfmYBtBnETW(MnZ~qJM85!D-~b zFdval=Z=Axl81YIDd2gV72DJk3X%&_RSwH(8#^?!-V1hD`Qgbb9O=V=o$k&bHYr{| z>2z=Li((H?u&3eL67OJBI#okH=-LIe#N&^mW41#eDxeHAW=tIE)=qLVt6I7szyR7@ zu9Clbjr42eA9Vh9@(6z&JYi6GFW{0(?;rxqRE z%g|67frHj`*JuTJ3(km_a`|faoT`~ssS1m|Va*_uJj}Un8lJs+;c(`VWnMkE*Qho( zxCc#gy?34c=i92=!f`-kgl1jjTngek*3ImH=1ScwvFPlXN+<3^N9`Z7Buo5oZo{b( zzb;*ue@9Q(5^aQyeO%fe^o~@aPY5*-%ahofCE|SR_90BtvU@ROY*+e++Ue=N0M83Z zv`~EHz|Tz^Y5qj>G>r?bnp*M{lmyCYrc#<6cc^f@Lt60aJ6y_HBvt_ydXF# zGt9^W*E5}FA&2b6@V>MZx@VpHt87+e9T7u}nb_C)>CW%pS`}Hr_$8bV~ooXDtssq;=dt`cux|#UKF+`koEH?ppnY@qV9{g z;nt3Ty~~t?5}j!&iqt^s3m6j%a{78WiZnu$QXT>&l~Gwgpq6uj@$w1{>@aCvrNU9P zK^BiUS0zkQxZx47Q4OSu0K`5)k9;7IeHbJ-xJ1ZKgRp~nQ^iWPPrz-UEN%%alVwe8 z{hPcv>28?3ODg@beUHLX;g^QU}ZT?o(zh>_>rcs@bN z;}_rt1WCq$6Yi9XNj=cG7e+jeqA2b4jr4=xIY4_Ccmk_G|0EGTqYx??f5?w|eY7?O z|LBKV2>=%706-N|us&B6Poa>F!L}g$9wmhcKF>O(|BX^%^^Vz!6&|5+qP|6!628(5 za|ij`Gz#C&Q!<|7MC*RS1cr~tEDTaotr*yfhGuWhxP>Q!^?ncTyT*a59Y!fY05Yos zh%eo?AFRm|ReADTc<0V5`vMCdb*jZ1^%7pnI_2e&5@*;-S1|n4cGNLIkGH{yqQ2m2 zLZ(Kc5_|>v4e@>#_$0iyzam8)oie5O#GMj;hQ`}y5!o6#O`oRmK<6u7vJ0aa{M;Al z4v@eLo<0hC-co^7$1q#ir-oQ*f!>ynx%(7A&^NTw1Z+Im#eYP7sh@1Mz=Ndb%utS9 zs!ZSzxZi`Tvc&@ACmo0b$!I{^R8CV`$|=$!w3~p2*9PDui`od;Q%orU%wl2xn&G|+ z+JDxA+|qpE3h!GV)d5b}G0ULW14Wy(m>-zgY zRoda=p;jkXNT}BA0Jx_kJ*Y))p@fxhT#`7i12z$)xXS__Y$Jo}hc(^9+?EkQ$bic* z|9nV;dHa1}HDJ-;Mo0}0-NWU$pR zhY?|zqMLKK2BQEripp(HycdO=(i&v6zsupXs;j&xcy~1h8nb?saVRr{ixyt2Yyx6| z3_o2ooerFn=V&;z(qwrJjr>#Sly#aIOh*CodUp|)3L^^ef~Rb$>Qc&`KxXU>H8yfA z^JAQ3qqwcT2kWxpl5+!efre7^TEJT1O~F5jPihy8Pum;OW`inup3+c6MY?{+>E?plGO4sh4$`>L?+L)59+kA;MW&GLaovb%LrNon&7i{+Hr(>65m z6@kt|Sah3ZExUsla?zLm%4*6uA|fZVM0J{S$nx}U9%g`&i&dwHakmX{tgfuXhpqRM z?PX>&IGNzR6r5w7HYQYamvh$x#u3G~QR0!5wptltF<}*B^gzehe|QMm0Kh8XW!#t) zFG)y?g&H*J084)?=%HYMbB#ZE=3Uc58OrJyK78G2C9fy#vX$Ey4LF#jD|vges1$qN zgC`R2U#%1V0iO6Zug&}2Hh`+7MTtVl$!VCsx%0DJ<>?J0-eD91#Fs!jyf=r%lchUF z>ckbFU6c)#Q%XIk;F-xkjsu|>;5>PQc1i9z)efjb0c5+gl+-RLHS$D) z5S9uzgAXIDG_>klw30!aQB%-fQ=D6k60THyL8|#vO&W1P7FJfCR717J;F?mYbv@bfSv@g`_b-qh|(U-I6)r?ZWz9Nz}pmte%6syfkx$}>P8hiZTDKgXdG@9 zjFJipAAprb=v8(aWY8=@x4aHyIV0<|{}hOV{L8doT$Geal^zO*D~+SPiF&d^b0U@8 zi{EdW;0j%;qrr31Idoh@FFN@p#OCIX3fUxk(!C0c5c8Ir-RX~az%pGbWJ~=>#msqM zo2xopTLt{|Wq3@HWI+BA<101T>jaC($#X;b*)4kSif+k0GfS%zNp2@?4345-`4V3` zTP1s*lyGFd7|1-q=`{N^T+L_xgFxt7v*2K3!<~lK(~(wZCWv*t4R3q4BlB~f@^=N@inW8i4VKC1hiz`7|-hs=4XmY)DImYxM0i>1xuTf?~Of*ir@1O z`e1}b@D6q^nkM>IDoK|-#(xjoj%HeGxDpwqNF8;3lGt~@cg~K?QxU)L_|toxI(_9t z+ON__!>C(KeRg~GpN)zYoV#k1VwAa9R%N_;*)!JXjeU<^?62r3?P>?j z-I-dSnYdz%5q-Y2Y^E)O=v}*6hrZeO>MzX?>Mq%BP7b#B4}7?9BYc+dnum?m(&uTo zVq=Pu(IpRGC#??C0i`X6a&!mN`>)sCqTc%i%h5>9TnYPKY0h78;qn)anUm;LBm!Pe;ZTIt@!g8P}pCBn+*`A$a<8h`zSJ)wC(R*;uVv*Q!_C?Rn`a#>EYdSmeGh=jx!z1+iw2{{{4bL7R1 z9V}xdnJ;Ybi9l#~pVYHdWTax`M@xpT2&x7uERT++@8r&7MzO|D>k1W4mo2Y$G5TD; zi8GT{(eKu8gK(68aM&$%cj-HG%cXao)gzleOPl>>1-YnemE~1E zUB=z5ZHEsJ6(^NNJ(oXMRs-B(H>6aApjS^mTTGVCwbU*YU=SN-Jm_X)1my$dT^w~bQ_-(gr*Nag7E zM_K)|)-}62ai_CCM%P$0?PB7m2JQ$xL2H3vo~yzsua7;b`E;OvH}V#IJj!hy>s_3s zaWKS8Y@DQ!DY=f8{C@?m0yuk1M}~@^&pJlywqr$6)D&;3UbH_vCR2r;2}V-K10gAk z?qq1=H)wPTNA8kggDx7}1v^eRVEh$yw465^HsDzjihJXcO91i}iZ-xtLZX!1fkBw@ zm;yOLw4v5PiFDcE;)N53Kpr-*Ub09J7=BQ*b~AN7q$H=js{|eUxk^yLNxUU84v$Y2 z#z;67k~gcoVr_j{&ffGxvr@KQV+WJKC2fl}A)A9-kCWwcw02|KUw{Zr3}ZY{&3SDs z2$0JP(oX*T6I=f}2+m%Jldl8_sFHt_LUL(Ae^?^}p1>0W4RGJadHoi-KX8o}r2tGI z+7Y%DkgGY!%mVikl5!vgO1A|U*6m&W1E*OnM`q8YbPm&5aWcq|W6lh}yL!-RPo}5% zDQGLE^Af^2g6ni;%YhH6ckFYEjv9Ete6u(Rh3VBFMo_r28**-xz@y4>>g0F8hX2S^ zhuOvVbUA<0TLjHzU~Cuo-hD8sB;)g~q<(OHm$Mr;P1iUT>>H-3IDR?W}+$+@)RPx}aG}N@?VN9ZmlW_v?f*F+d4d0UoQHq6?C$b6A)Dq%WNegbQXBCE8i%RJC2!1hbq) z*(Z0m$Oa#N9_4h|&XAUG%x?ApbrRKHyI|`z#Nkj~D)nd>{YDnQ2m+K#D8wFo$RNG> z1>%f`nW|bfc+$RMD)5o-z0*_^Xl1_*gI4wG0|F||q6raKS*a=BU;>rS)F-uBJ$jD= z8MKE$JHcxB^=}+H3a2UMN%LJNxT70`j;W`+2Q|Pyxhq!;;@#BW4^O~ROPf)pdK~Ch zY8B=bE(%H)9;mPI|dW*w^Q1B0ML z*yr!`EV8N-(Ziv}km}vgJK@m#+hW1`5q3j4nD54d^ygt@9D4idnoO^{KC}w*u;gPu zocsPemqRu!Uy7QSM2@UMr(}y3Zir}e2B64!MVyOItFtLSr)lsnf9y2a8UyQ?f3Qby zLZ{_pIqs(Tdec7*PoF55&co$K$FE|l7S7sf?|iqHZmC8VeQ95+ym!A)%Q7k*7!N- zj?jXxJ&B({p#Q_=oS~<1ix4I@=Dyuq^tOJM=$&Jtbcf}efU6Z6<|+>UqTh9=o_Ny&=Qq$U%pKgdkwn}RJX3*p)T1h2>V@uCZ!d;= z-Gfy!^mw`Pi7G|*R2am8AR;Vgm5-0A|9Tn;dic{k8Ib0DoPkUR-3~$26%_XJgi*Kx zCHK!HyI(?ygl_1DTkJ@Qd!XxO#!6br7Ne)}qaL*-b%Iy$`0}(F%zH0ZsV=>^wch3a z{;yvf%z|I;Lub4c#w>Q33jHQ_j`nZZ^1G1^&F_lUMLRO2qaJ?BSN~mO$rR`_%@+l2 zAi~|k-6dz82RGC_oww!!3HD9P^b@Xfho$DECPJqhzlwiRQXgo(FzRDbp4c-z`t{j8 zeJ(v0)iUjXexPk6eIMBExR8~)QT_U)=X^SM+J9-rRW-E+(d%9&m@cvj^dm-=@qtRW zY-POiy0fd$pdlBg9VLerPjD?TYw|~JWct@sZHRfCWicuBe;+FP2xkLDpbk)xgit2? zPz3N>RuFrKZ%t&3UWswZN_pEKt~tMf-$7k@C|Z5(Y-ZM1Dl4!ms?VHA|iEB}pc<6^6EQdf5#w0P8kJArCdRoIq?x*U4_~Tz{#2mz>*>x-sFEzO>ybs?0DQ|?)AjP+nv+p;?r#nn$e2-*+91z z?stz07WsGZcY-6Hig96v;|DO|euJif7Hpm2UbKo*$5$)Z1H??0la?ck7i`Nk5+8X{LP_dfEe9G9#*06NS4y zz5%N{B%$y5pJeRh?o9nKRJ*RLh`8=2ykjzkXCg^;mpa+15^rv{B>mRh%8hrpY+OvVQ+~O$3lM}Svy{2Fw4I>>l#u#!pl;cnW}|!b_dw# zBiiwpohXr=DEG;RYO(^VkJqntJpJb!Bk%8Bqk9E2DF^(dKWJynU)hIj>dJ?HU#lZ* zE$KAH@^Q0rAA{KWU#5as) zjyWkK$TihfNP#Rm0fK`MbU=a^D}an8LMf}|Btgv1Un1D?V?bi?OXSXd2$8bh<+%@i zAO!qg!s3|0&7}MVIyFEqX9^4E|5woJ7a&QtW#dP?I#W8bOL9weY&Y`&04V#hCD?dPbeD9>{q%tT*Q z>gMiUv9*P?8+xOP4vTinpn2ZqCUOom=eW*w^}82dwyQ=P<9jkIqJBCzv@uE z_LjpuO6bw=ODV0x0|>qk@5>LmE%tZUq53v%sx>8i-qk900Uz!q-leBBNb`?Up~qZMY3ukkiVxMJ9hG~os+-hERPAOmV@PL zUcMx}-BxWMhb)3zGu9kh$UJ^>KLQZ*N1On#w=1f^4TxOMonAB$S);M6)|^PLy$1RI z&r|>Z$D{to;WJX0aM{tfSb1TAY6Pl{2RpKtNLEmoPFvoG?yT)~j)1#Rs6XzQtduv@ z@$R@~+7Etv4P*i>+Y!I0&%anK6Mm|m^E@XVZXXKs0@itund*Jo10Y{&ACxj?`oL7{ zDn_Qh)Df;a>9xe2VPHXgr6Y9; zpe~B=pQl#&t4sdi-v!%$?Y|@nBqzMEV0?rK*=;m2Qy6q~7T?nBxZq8^b(9qJrm%Zw z8Z`3bZunme2$C=VY}qN?&JdZopLCYx&%3x#-UW>#%v1yL<%f0mw3rTsR(H=sX@PYA zAzx&UX|ZlPocnR{C^F&+|BJ{<9S=uF?L_28!^{!RJ?{bEsjL}nCZ1O>Cr$<1FP_sy+;K6x%oPyNE8WA+NYNQd@aF=-^-Or{>f zB421GjvR*_`ElF0B>iQ+p3}ntLjILHBKho`+n0?mg~} za|sxk&u5+ry(QS=bIoB|XmrSUSnv>t_&Je1w{APl4|VgSlJDTneA+46#!l-EuO+vD1d3y=w)?Ui@55c*1J$ zM*h3Qld3P@IO{aYYO&hBpME0!yTa#JTlA}3mZ{yym@6}~+j~qS#;U7#lsI$R&Z_2p zZ8~(F^NCPM)YVYca06?Pb9Zjv&E--$m1U-P0%MHxeDu3;lcd`j1umk;#m_n2c_3E% zEMBa>yOYm$VQXxxOpO7RfH9mXqkb?G-|1;%XefM9jb2+%7BRbHC^g%{#Qs_#s4zvK zpbBg8Tt3Tdu;@#7%mn5lmZltUQk&xPR`c_gSAv|XB*B(oQ$KqKSb+na>uo&qDHt{3 z+{MdXLpLSXhE|Fe?%MmBBF`1}_4`X;zcrZAyruWK8Ewxp6{Q|{{PW@AR-ZCPOnbPG z^~RYb(N92ng4eoS`u%GPJBn#LZ|YhwkHr7Rr_H%<7~Pwp#KjR7q!R#HtGq`IwUA@f zO=(HuB6~OSgq!=&VhMz565EG<0Hz@ZPaXo=yctj6lUd#a>S^{b56JJI|I*@&4wYGO z`Ko5KId9i=_oF0RU|~4?TI<^BoCh01E(C@f0Ep+0SkWY_GXQ_m1+lAp&K0rJf!(}{ zn!36Vm3;?zj2`5L=zEg&QA8(i)cDxpw&7Yhb>}&yO@CqSn!C<6RIh+{+R)86LkT9A)-f4NvM74q_xmmY- z$t;xUDX8CcfRSG9Y+cIEYMNa?o(uPKJ>(5?Yf5u5g7XJmv9Dh@cn%#7i^XwcCRdu zamU7DHxav*xDO3EV0VW0A-)i>rRAu-^WlL=l`-sRVc7=uFNm#P;fjx(R$LCLJF6?(x*@k~Rx|VWvYIDs2m9$#tOtw!dKcFY+LE@Qz*U*lB)K0p zeZojP0G4cu%JEy*8nJ`h7mE~lJ|$}Btq=88?nAE;$4izu=1&_Aih0M$SiGGYy&p1& z{1TQD8FOmTAlyB*d*l19#kebXEPtIBjEWZ z@2nonY!wFl$KV?ZPP;f@p`AT^vG3chpl@P|0%dNqCdck)I$Shw9J^yC+7^6mZ$Q5O zVa);8s|=`TMsGu>n||C*u%EXRxkS##WhL16CxRd0=9zo@y3HKR96BBP@ClvKH>y6? zK9QaBy%kx1GE8iO_uOqxPTL|TbW<@pX%Cny0eK5)NM4@lj z=;UXEsNzPEc`~TttLn_&G%LevlVYwFeY!xXLnoq4+>)7ZkR;ahR%#LwEiRAD6=S_;ckOtZ$;7mX22 zNJmw%qVrPw5H?nmeeWJ(U&!7e8V=6 z9@R$`NuYKaQIo)jo`}`F{6+X9kam!zt#Kz<&?$su0T?I^k40pj;40s9ohRw-rh;6e z#8JUdcE;A7RW3}(FdDHgLCUB{+05kcKkuLJM}7LsEq45aYZ(x50@Ld3*7269FTd=p zZp01dq*_l1aJzgY<$jt?aB9$3crh81GnhGHSpUscTp(8=31Lz=joUQyokw9~cwb?T zNUI&S*+UVS@B>@i79gYJh(xt$x$~E1Inm!g+-BJg^e#qv1x0=jHoUEKiuXNjM>ePP z*<%&s1^(OM9h5BRb1E)gLT8l$Ev{bIV!IEi{Iw5l15$dTl)1|AEizcW=C3tr=(JbN zJF1|z=Ojc3~|B#FqMMcvN%P!>9GTOHt{RYt;V zv7|8R{<0SmPOGWj#a>EqNPm=rxxUdD3Y|}7#QaSuVIs~$7z`OuPi;K?s6{+bRJ^Iw zWAUUYuA}5pg^e@~f{IC(B!a==m>oO0)P77nS!~* zvRte7}Ykh5}lq$P)|Z=6l^2{Fg6Ja1{5HLTLGXB`zgDhn?4^hz5ey4yTafPo(vvPvPc$_+dQaFL0+E#v^z!;W?t``FmfZ80i^l z0ws_q!LwON=e86m-mlAc3h;i7fcHBDyx;gG=Xuhqg*NPsN2wG7eUBx_s3~%W)T3S) zdko5DKUs>ZKZI$%pQ{~c#EcIo7UO=n*pBQ!~Q$2W(h(05{RmfU0Imh#E`o<43c z$6}KH%j5VKIiFBSo*S6+M6IuG}H_S7yfU9DOz@ zXOcV`3k=BdI_^0I#?5DCRVc7TwhQrZ4A!^uSP0ajW|^xv^Rz(55G-)WU$8d~8Dj@N zIIV6~cL)(UV!!%5k16{FI^&8ff&%--C<`1)^gVk%?$KJ+VTFBQqN4=Ikg0BcYf?H}TovT`WeM`gKOzBa)1-xGTN z7XLak$S9S9@oOpGL3EoUcM$O=ssjViJBp}Uhx!*0i;=kLqPz0Dh^8Rj)IVVt?-_sT zi+^=Y?syP|;zOwILtkWxie4(@psLZ7eaMWT$UsmSJIcQif_L`!A&nQzB%nhiUv4DX z;Ng?%*IJ&xIQ%~3!gb_jBs;W={hPQR_|HNO6zCwifV}2!Q@~M~%);v7z8!)@=;Blo zO1C;`b@clCY`RS+ODhMe%Pv!yT6L-Q7y21ju*cZU-{VRg@j&&r6*%^_pp9q^pN*LE z;umVMl2b!{gLHnP%&i!!yf0_pO=X3plCCV{P}f^QMlC8z!?yo<}bl^>S1h_X1 zitV*WK2#z`>&VHT*FD6I_54cXdDn-QXV=TBgx>ZvNS1US>(EoVus0d0@o~9TlFMf` zDoXEFm2Cl=;JNeFSw7#G6Xfa&LNgS%SuX#9N_~tW7FxZad2Z;iK5+-jeIax_%`_ zvTH-j^J{fgvfS592cxzh6nbupU<-Edh{_M7&d#wncZ_OAshDyReXR~2YL+wD^RX-d zg;#~vuSkjheRpx~?)AA17@ zm;a3Lwa6@Uy~RAZR)x&&K+Z&va#34(plBxxJEsdSD+N%(9wV~zeD$dAPSA&Qo!$Nk z&3Fat;;&dhqbYnlrRgk~?Bl@|F~nd7*8*f$w> z>@d4AsI|;}XfOxxk--VTQ3S$y!D2732K$TUv#{DPnvd~U)wdit{Pv=77s#qpiXc7u zmT*Ou_w08aT7>y{T0qzC>u~g;vf?z9g9ZPx*!rR-?b|p$zgMSesHnp$a6XVEc2GgL zu4}rit3-Ptae8QK)IZmDZKXaXGOeNYpnH$>qB%nGkZ{1R*0 zaitfzZEi=dUA)bDkU?fbZU(Lud$6ZUR7)OG?Na#UlHwBYy_K2L-gF>9^%dL<1Xd}g|7qCWW?V$foc+lW*{ zkT>t#hZe55V}~*!#K{1DFkUmceII(Mw&k*g0-qO=_k4@BB_0iP+@3c_0fu-iB^0RJ=D#?vy4BwpCFeG7nZxwr53b=c6eznyw{b@I}LR?HIyax(orG-RLA`GKe4W6_&=`&u|6r*?`` zmE$Z5Z_>$34hp+RaQjdoQ2ODzdj&5umwK}>>*%o_;*!Xs<4uvr1(KkfGffKK6^NWM zj{F3O-q;!7&&8k`g>CmCC7`WVj-yt;DwKgkB_B^d1k`fK)-YTp3d*aoM4f;6JFA(? z0dv2XJYxgay}Q1o>>N3U?&tzT=Pz}Gq2tG*h)amUp9yt~7XVt94mcuG_lra1m@=~I zV)vmli&r)3iN|w}Ae80P;upDDLDI~51z9xtLP|-ekWgm(OcZ#3%nq%*oyn;AavIPo z8r6F=h~sueU&@YM8eW7h)P7JyKRy$^DJ{{CX0_-@WO>}P9e0PVVPm7u*vi_vi7Wp0yZ%kz)_SW|MbRyoc>{B`*!I?i1)pNhX!BBf c;fpfcEb!)Y*Z$Z4kEK; Date: Mon, 11 Nov 2024 00:25:07 +0530 Subject: [PATCH 10/18] feat: added logic for EXIF metadata retrieval --- src/proxy/processors/push-action/checkExifJpeg.js | 8 ++++---- test/CheckExif.test.js | 2 +- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/src/proxy/processors/push-action/checkExifJpeg.js b/src/proxy/processors/push-action/checkExifJpeg.js index 44d55826f..aea03c133 100644 --- a/src/proxy/processors/push-action/checkExifJpeg.js +++ b/src/proxy/processors/push-action/checkExifJpeg.js @@ -1,6 +1,6 @@ -const fs = require('fs'); +// const fs = require('fs'); const { ExifTool } = require('exiftool-vendored'); -const path = require('path'); +// const path = require('path'); const Step = require('../../actions').Step; // const { exec: getDiffExec } = require('./getDiff'); @@ -62,8 +62,8 @@ const exec = async (req, action) => { if (filteredPaths.length > 0) { // Check for sensitive data in all files const sensitiveDataFound = await Promise.all(filePaths.map(getExifData)); - const anySensitiveDataDetected = sensitiveDataFound.some(found => found); - const ExifDataBlock = false; + // const anySensitiveDataDetected = sensitiveDataFound.some(found => found); + const ExifDataBlock = !sensitiveDataFound; if (ExifDataBlock) { step.blocked= true; diff --git a/test/CheckExif.test.js b/test/CheckExif.test.js index 0dbe69ab0..dce08298b 100644 --- a/test/CheckExif.test.js +++ b/test/CheckExif.test.js @@ -23,7 +23,7 @@ describe('Check EXIF Data From Images', () => { }; const createDiffContentForFolder = async (folderPath) => { - let filePaths = []; + const filePaths = []; // Recursively read all files in the folder and subfolders const readFolder = async (dir) => { From 7f60205cb357b425bbbc56dc3bc48f8ee0fd8466 Mon Sep 17 00:00:00 2001 From: ChaitanyaD48 Date: Mon, 11 Nov 2024 00:52:18 +0530 Subject: [PATCH 11/18] feat: create checkCryptoImplementation file for detecting non-standard cryptography Signed-off-by: ChaitanyaD48 --- .../push-action/checkCryptoImplementation.js | 140 ++++++++++++++++++ src/proxy/processors/push-action/index.js | 1 + 2 files changed, 141 insertions(+) create mode 100644 src/proxy/processors/push-action/checkCryptoImplementation.js diff --git a/src/proxy/processors/push-action/checkCryptoImplementation.js b/src/proxy/processors/push-action/checkCryptoImplementation.js new file mode 100644 index 000000000..5be14bf30 --- /dev/null +++ b/src/proxy/processors/push-action/checkCryptoImplementation.js @@ -0,0 +1,140 @@ +const Step = require('../../actions').Step; + +// Common encryption-related patterns and keywords +const CRYPTO_PATTERNS = { + // Known non-standard encryption algorithms + nonStandardAlgorithms: [ + 'xor\\s*\\(', + 'rot13', + 'caesar\\s*cipher', + 'custom\\s*encrypt', + 'simple\\s*encrypt', + 'homebrew\\s*crypto', + 'custom\\s*hash' + ], + + // Suspicious operations that might indicate custom crypto Implementation + suspiciousOperations: [ + 'bit\\s*shift', + 'bit\\s*rotate', + '\\^=', + '\\^', + '>>>', + '<<<', + 'shuffle\\s*bytes' + ], + + // Common encryption-related variable names + suspiciousVariables: [ + 'cipher', + 'encrypt', + 'decrypt', + 'scramble', + 'salt(?!\\w)', + 'iv(?!\\w)', + 'nonce' + ] +}; + +function analyzeCodeForCrypto(diffContent) { + const issues = []; + // Check for above mentioned cryto Patterns + if(!diffContent) return issues; + + CRYPTO_PATTERNS.nonStandardAlgorithms.forEach(pattern => { + const regex = new RegExp(pattern, 'gi'); + const matches = diffContent.match(regex); + if (matches) { + issues.push({ + type: 'non_standard_algorithm', + pattern: pattern, + matches: matches, + severity: 'high', + message: `Detected possible non-standard encryption algorithm: ${matches.join(', ')}` + }); + } + }); + + CRYPTO_PATTERNS.suspiciousOperations.forEach(pattern => { + const regex = new RegExp(pattern, 'gi'); + const matches = diffContent.match(regex); + if (matches) { + issues.push({ + type: 'suspicious_operation', + pattern: pattern, + matches: matches, + severity: 'medium', + message: `Detected suspicious cryptographic operation: ${matches.join(', ')}` + }); + } + }); + + CRYPTO_PATTERNS.suspiciousVariables.forEach(pattern => { + const regex = new RegExp(pattern, 'gi'); + const matches = diffContent.match(regex); + if (matches) { + issues.push({ + type: 'suspicious_variable', + pattern: pattern, + matches: matches, + severity: 'low', + message: `Detected potential encryption-related variable: ${matches.join(', ')}` + }); + } + }); + + return issues; +} + +const exec = async (req, action) => { + const step = new Step('checkCryptoImplementation'); + + try { + let hasIssues = false; + const allIssues = []; + + for (const commit of action.commitData) { + const diff = commit.diff || ''; + const issues = analyzeCodeForCrypto(diff); + + if (issues.length > 0) { + hasIssues = true; + allIssues.push({ + commit: commit.hash, + issues: issues + }); + } + } + + if (hasIssues) { + step.error = true; + + const errorMessage = allIssues.map(commitIssues => { + return `Commit ${commitIssues.commit}:\n` + + commitIssues.issues.map(issue => + `- ${issue.severity.toUpperCase()}: ${issue.message}` + ).join('\n'); + }).join('\n\n'); + + step.setError( + '\n\nYour push has been blocked.\n' + + 'Potential non-standard cryptographic implementations detected:\n\n' + + `${errorMessage}\n\n` + + 'Please use standard cryptographic libraries instead of custom implementations.\n' + + 'Recommended: Use established libraries like crypto, node-forge, or Web Crypto API.\n' + ); + } + + action.addStep(step); + return action; + } catch (error) { + step.error = true; + step.setError(`Error analyzing crypto implementation: ${error.message}`); + action.addStep(step); + return action; + } +}; + +// exec.displayName = 'checkCryptoImplementation.exec'; +exports.exec = exec; +exports.analyzeCodeForCrypto = analyzeCodeForCrypto; \ No newline at end of file diff --git a/src/proxy/processors/push-action/index.js b/src/proxy/processors/push-action/index.js index 72a97b33c..2832ae42a 100644 --- a/src/proxy/processors/push-action/index.js +++ b/src/proxy/processors/push-action/index.js @@ -11,3 +11,4 @@ exports.checkCommitMessages = require('./checkCommitMessages').exec; exports.checkAuthorEmails = require('./checkAuthorEmails').exec; exports.checkUserPushPermission = require('./checkUserPushPermission').exec; exports.clearBareClone = require('./clearBareClone').exec; +exports.checkCryptoImplementation = require('./checkCryptoImplementation').exec; \ No newline at end of file From d6510e8db149fec9a9484127108e75e974cafce0 Mon Sep 17 00:00:00 2001 From: ChaitanyaD48 Date: Mon, 11 Nov 2024 00:52:49 +0530 Subject: [PATCH 12/18] test: add test cases for checkCryptoImplementation Signed-off-by: ChaitanyaD48 --- test/checkCryptoImplementation.test.js | 223 +++++++++++++++++++++++++ 1 file changed, 223 insertions(+) create mode 100644 test/checkCryptoImplementation.test.js diff --git a/test/checkCryptoImplementation.test.js b/test/checkCryptoImplementation.test.js new file mode 100644 index 000000000..1d181c572 --- /dev/null +++ b/test/checkCryptoImplementation.test.js @@ -0,0 +1,223 @@ +const { expect } = require('chai'); +const { analyzeCodeForCrypto, exec } = require('../src/proxy/processors/push-action/checkCryptoImplementation.js'); + +describe('Crypto Implementation Check Plugin', () => { + describe('analyzeCodeForCrypto', () => { + it('should detect non-standard encryption algorithms', () => { + const testCode = ` + function customEncrypt(data) { + return data.split('').map(char => + String.fromCharCode(char.charCodeAt(0) ^ 0x7F) + ).join(''); + } + `; + + const issues = analyzeCodeForCrypto(testCode); + expect(issues).to.have.lengthOf.at.least(1); + expect(issues.some(i => i.type === 'non_standard_algorithm')).to.be.true; + }); + + it('should detect suspicious bit operations', () => { + const testCode = ` + function scrambleData(data) { + let result = ''; + for(let i = 0; i < data.length; i++) { + result += String.fromCharCode(data.charCodeAt(i) >>> 2); + } + return result; + } + `; + + const issues = analyzeCodeForCrypto(testCode); + expect(issues).to.have.lengthOf.at.least(1); + expect(issues.some(i => i.type === 'suspicious_operation')).to.be.true; + }); + + it('should detect suspicious variable names', () => { + const testCode = ` + const cipher = {}; + let salt = generateRandomBytes(16); + const iv = new Uint8Array(12); + `; + + const issues = analyzeCodeForCrypto(testCode); + expect(issues).to.have.lengthOf.at.least(3); + expect(issues.some(i => i.type === 'suspicious_variable')).to.be.true; + }); + + it('should not flag standard crypto library usage', () => { + const testCode = ` + const crypto = require('crypto'); + const cipher = crypto.createCipheriv('aes-256-gcm', key, iv); + `; + + const issues = analyzeCodeForCrypto(testCode); + expect(issues.filter(i => i.severity === 'high')).to.have.lengthOf(0); + }); + + it('should handle empty input', () => { + const issues = analyzeCodeForCrypto(''); + expect(issues).to.be.an('array').that.is.empty; + }); + + it('should handle null or undefined input', () => { + expect(analyzeCodeForCrypto(null)).to.be.an('array').that.is.empty; + expect(analyzeCodeForCrypto(undefined)).to.be.an('array').that.is.empty; + }); + + }); + + describe('exec', () => { + + it('should handle empty diff content', async () => { + const req = {}; + const action = { + commitData: [{ + hash: '123abc', + diff: '' + }], + addStep: function(step) { this.step = step; } + }; + + const result = await exec(req, action); + expect(result.step.error).to.be.false; + }); + + it('should handle undefined diff content', async () => { + const req = {}; + const action = { + commitData: [{ + hash: '123abc' + // diff is undefined + }], + addStep: function(step) { this.step = step; } + }; + + const result = await exec(req, action); + expect(result.step.error).to.be.false; + }); + + it('should handle empty commitData array', async () => { + const req = {}; + const action = { + commitData: [], + addStep: function(step) { this.step = step; } + }; + + const result = await exec(req, action); + expect(result.step.error).to.be.false; + }); + it('should block commits with non-standard crypto implementations', async () => { + const req = {}; + const action = { + commitData: [{ + hash: '123abc', + diff: ` + function customEncrypt(data) { + return data.split('').map(char => + String.fromCharCode(char.charCodeAt(0) ^ 0x7F) + ).join(''); + } + ` + }], + addStep: function(step) { this.step = step; } + }; + + const result = await exec(req, action); + expect(result.step.error).to.be.true; + }); + + it('should allow commits without crypto issues', async () => { + const req = {}; + const action = { + commitData: [{ + hash: '123abc', + diff: ` + function normalFunction() { + return 'Hello World'; + } + ` + }], + addStep: function(step) { this.step = step; } + }; + + const result = await exec(req, action); + expect(result.step.error).to.be.false; + }); + + it('should handle multiple commits', async () => { + const req = {}; + const action = { + commitData: [ + { + hash: '123abc', + diff: `function safe() { return true; }` + }, + { + hash: '456def', + diff: ` + function rot13(str) { + return str.replace(/[a-zA-Z]/g, c => + String.fromCharCode((c <= 'Z' ? 90 : 122) >= (c = c.charCodeAt(0) + 13) ? c : c - 26) + ); + } + ` + } + ], + addStep: function(step) { this.step = step; } + }; + + const result = await exec(req, action); + expect(result.step).to.have.property('error', true); +}); + + + it('should handle errors gracefully', async () => { + const req = {}; + const action = { + commitData: null, + addStep: function(step) { this.step = step; } + }; + + const result = await exec(req, action); + expect(result.step.error).to.be.true; + }); + }); + + describe('Pattern Detection', () => { + it('should detect various forms of XOR encryption', () => { + const testCases = [ + `function encrypt(a, b) { return a ^= b; }`, + `const result = data ^ key;`, + `function xor(plaintext, key) { return plaintext ^ key; }`, + `return char ^ 0xFF;` + ]; + + testCases.forEach(testCode => { + const issues = analyzeCodeForCrypto(testCode); + const hasXORIssue = issues.some(issue => + issue.type === 'suspicious_operation' || + issue.message.toLowerCase().includes('xor') + ); + expect(hasXORIssue, `Failed to detect XOR in: ${testCode}`).to.be.true; + }); + }); + + it('should detect custom hash implementations', () => { + const testCode = ` + function customHash(input) { + let hash = 0; + for(let i = 0; i < input.length; i++) { + hash = ((hash << 5) - hash) + input.charCodeAt(i); + hash = hash & hash; + } + return hash; + } + `; + + const issues = analyzeCodeForCrypto(testCode); + expect(issues).to.have.lengthOf.at.least(1); + expect(issues.some(i => i.severity === 'high')).to.be.true; + }); + }); +}); \ No newline at end of file From 57add830c9bdf1b241a5e7ac22d80042cd594120 Mon Sep 17 00:00:00 2001 From: ChaitanyaD48 Date: Mon, 11 Nov 2024 00:53:17 +0530 Subject: [PATCH 13/18] feat: integrate checkCryptoImplementation into the main processing chain Signed-off-by: ChaitanyaD48 --- src/proxy/chain.js | 1 + test/chain.test.js | 9 +++++++++ 2 files changed, 10 insertions(+) diff --git a/src/proxy/chain.js b/src/proxy/chain.js index 11e6ae106..a7ba7203e 100644 --- a/src/proxy/chain.js +++ b/src/proxy/chain.js @@ -11,6 +11,7 @@ const pushActionChain = [ proc.push.writePack, proc.push.getDiff, proc.push.clearBareClone, + proc.push.checkCryptoImplementation, proc.push.scanDiff, proc.push.blockForAuth, ]; diff --git a/test/chain.test.js b/test/chain.test.js index 33d5750ac..cc5f5ab6d 100644 --- a/test/chain.test.js +++ b/test/chain.test.js @@ -19,6 +19,7 @@ const mockPushProcessors = { audit: sinon.stub(), checkRepoInAuthorisedList: sinon.stub(), checkCommitMessages: sinon.stub(), + checkCryptoImplementation: sinon.stub(), checkAuthorEmails: sinon.stub(), checkUserPushPermission: sinon.stub(), checkIfWaitingAuth: sinon.stub(), @@ -33,6 +34,7 @@ mockPushProcessors.parsePush.displayName = 'parsePush'; mockPushProcessors.audit.displayName = 'audit'; mockPushProcessors.checkRepoInAuthorisedList.displayName = 'checkRepoInAuthorisedList'; mockPushProcessors.checkCommitMessages.displayName = 'checkCommitMessages'; +mockPushProcessors.checkCryptoImplementation.displayName = 'checkCryptoImplementation'; mockPushProcessors.checkAuthorEmails.displayName = 'checkAuthorEmails'; mockPushProcessors.checkUserPushPermission.displayName = 'checkUserPushPermission'; mockPushProcessors.checkIfWaitingAuth.displayName = 'checkIfWaitingAuth'; @@ -106,6 +108,7 @@ describe('proxy chain', function () { mockPushProcessors.checkCommitMessages.resolves(continuingAction); mockPushProcessors.checkAuthorEmails.resolves(continuingAction); mockPushProcessors.checkUserPushPermission.resolves(continuingAction); + mockPushProcessors.checkCryptoImplementation.resolves(continuingAction); // this stops the chain from further execution mockPushProcessors.checkIfWaitingAuth.resolves({ type: 'push', continue: () => false, allowPush: false }); @@ -120,6 +123,7 @@ describe('proxy chain', function () { expect(mockPushProcessors.checkIfWaitingAuth.called).to.be.true; expect(mockPushProcessors.pullRemote.called).to.be.false; expect(mockPushProcessors.audit.called).to.be.true; + expect(mockPushProcessors.checkCryptoImplementation.called).to.be.true; expect(result.type).to.equal('push'); expect(result.allowPush).to.be.false; @@ -131,10 +135,12 @@ describe('proxy chain', function () { const continuingAction = { type: 'push', continue: () => true, allowPush: false }; mockPreProcessors.parseAction.resolves({ type: 'push' }); mockPushProcessors.parsePush.resolves(continuingAction); + mockPushProcessors.checkCryptoImplementation.resolves(continuingAction); mockPushProcessors.checkRepoInAuthorisedList.resolves(continuingAction); mockPushProcessors.checkCommitMessages.resolves(continuingAction); mockPushProcessors.checkAuthorEmails.resolves(continuingAction); mockPushProcessors.checkUserPushPermission.resolves(continuingAction); + // this stops the chain from further execution mockPushProcessors.checkIfWaitingAuth.resolves({ type: 'push', continue: () => true, allowPush: true }); const result = await chain.executeChain(req); @@ -148,6 +154,7 @@ describe('proxy chain', function () { expect(mockPushProcessors.checkIfWaitingAuth.called).to.be.true; expect(mockPushProcessors.pullRemote.called).to.be.false; expect(mockPushProcessors.audit.called).to.be.true; + expect(mockPushProcessors.checkCryptoImplementation.called).to.be.true; expect(result.type).to.equal('push'); expect(result.allowPush).to.be.true; @@ -170,6 +177,7 @@ describe('proxy chain', function () { mockPushProcessors.clearBareClone.resolves(continuingAction); mockPushProcessors.scanDiff.resolves(continuingAction); mockPushProcessors.blockForAuth.resolves(continuingAction); + mockPushProcessors.checkCryptoImplementation.resolves(continuingAction); const result = await chain.executeChain(req); @@ -187,6 +195,7 @@ describe('proxy chain', function () { expect(mockPushProcessors.scanDiff.called).to.be.true; expect(mockPushProcessors.blockForAuth.called).to.be.true; expect(mockPushProcessors.audit.called).to.be.true; + expect(mockPushProcessors.checkCryptoImplementation.called).to.be.true; expect(result.type).to.equal('push'); expect(result.allowPush).to.be.false; From f2588644b3c0efb6be2f319718160228e9cbd173 Mon Sep 17 00:00:00 2001 From: shabbir Date: Mon, 11 Nov 2024 00:59:25 +0530 Subject: [PATCH 14/18] feat: added test cases for exif data retrieval & push - blocking --- .../processors/push-action/checkExifJpeg.js | 35 ++++++++++++++----- test/CheckExif.test.js | 26 ++++---------- test/test_data/jpg/hehe.txt | 0 test/test_data/jpg/random.json | 0 4 files changed, 32 insertions(+), 29 deletions(-) delete mode 100644 test/test_data/jpg/hehe.txt delete mode 100644 test/test_data/jpg/random.json diff --git a/src/proxy/processors/push-action/checkExifJpeg.js b/src/proxy/processors/push-action/checkExifJpeg.js index aea03c133..59f2fa2a8 100644 --- a/src/proxy/processors/push-action/checkExifJpeg.js +++ b/src/proxy/processors/push-action/checkExifJpeg.js @@ -7,8 +7,26 @@ const Step = require('../../actions').Step; // List of valid extensions const validExtensions = ['.jpeg', '.jpeg', '.jpg', '.tiff'] +//check for sensitive image embedded metadata +const checkSensitiveExifData = (metadata) => { + // Check for GPS latitude and longitude in the EXIF data + if (metadata.GPSLatitude || metadata.GPSLongitude) { + // Return false if sensitive GPS data is detected + return false; + } + + // Additional checks can be added here as needed + // Example: Check for specific timestamps, author information, etc. + // if (metadata.Make || metadata.Model || metadata.Software) { + // console.warn("Sensitive metadata found in image"); + // return false; + // } + + // Return true if no sensitive data is found + return true; +}; -// // Function to parse the file based on its extension +// Function to parse the file based on its extension const getExifData = async (filePath) => { const exifTool = new ExifTool(); try { @@ -16,12 +34,12 @@ const getExifData = async (filePath) => { const metadata = await exifTool.read(filePath); // Check if EXIF data exists if (metadata) { - console.log(`EXIF data for ${filePath}:`, metadata); + // console.log(`EXIF data for ${filePath}:`, metadata); + return checkSensitiveExifData(metadata); } else { - console.log(`No EXIF data found for ${filePath}`); + // console.log(`No EXIF data found for ${filePath}`); + return true; } - // Simulate random sensitive data detection - return Math.random() < 0.5; // Random true/false } catch (error) { console.error(`Error reading EXIF data from ${filePath}:`, error); return false; // Return false if error occurs @@ -51,7 +69,6 @@ const exec = async (req, action) => { const step = new Step('checkExifDataFromImage'); if (diffStep && diffStep.content) { - // console.log('Diff content! ', diffStep.content, "DIFF CONTENT END"); // Use the parsing function to get file paths const filePaths = extractFilePathsFromDiff(diffStep.content); @@ -61,14 +78,14 @@ const exec = async (req, action) => { if (filteredPaths.length > 0) { // Check for sensitive data in all files - const sensitiveDataFound = await Promise.all(filePaths.map(getExifData)); + const sensitiveDataFound = await Promise.all(filteredPaths.map(getExifData)); // const anySensitiveDataDetected = sensitiveDataFound.some(found => found); - const ExifDataBlock = !sensitiveDataFound; + const ExifDataBlock = sensitiveDataFound.some(found => !found); if (ExifDataBlock) { step.blocked= true; step.error = true; - step.errorMessage = 'Your push has been blocked due to sensitive data detection.'; + step.errorMessage = 'Your push has been blocked due to sensitive EXIF metadata detection in an image'; console.log(step.errorMessage); } } else { diff --git a/test/CheckExif.test.js b/test/CheckExif.test.js index dce08298b..8d3f5184c 100644 --- a/test/CheckExif.test.js +++ b/test/CheckExif.test.js @@ -51,40 +51,26 @@ describe('Check EXIF Data From Images', () => { }; - it('Check for EXIF Data', async () => { + it('Should block push when sensitive EXIF metadata found', async () => { const action = new Action('action_id', 'push', 'create', Date.now(), 'owner/repo'); const step = new Step('diff'); // Create diff content simulating sensitive data in CSV - // step.setContent(createDiffContent(['test/test_data/jpg/Pentax_K10D.jpg'])); - step.setContent(await createDiffContentForFolder('test/test_data/jpg')); + step.setContent(createDiffContent(['test/test_data/jpg/Canon_PowerShot_S40.jpg'])); action.addStep(step); await exec(null, action); - sinon.assert.calledWith(logStub, sinon.match(/Your push has been blocked due to sensitive data detection/)); + sinon.assert.calledWith(logStub, sinon.match(/Your push has been blocked due to sensitive EXIF metadata detection in an image/)); }); - it('should allow execution if no sensitive data is found', async () => { - + it('Should allow push when no sensitive EXIF metadata found', async () => { const action = new Action('action_id', 'push', 'create', Date.now(), 'owner/repo'); const step = new Step('diff'); - step.setContent(createDiffContent(['test_data/no_sensitive_data.txt'])); + step.setContent(createDiffContent(['test/test_data/jpg/Reconyx_HC500_Hyperfire.jpg'])); action.addStep(step); await exec(null, action); - sinon.assert.neverCalledWith(logStub, sinon.match(/Your push has been blocked due to sensitive data detection/)); + sinon.assert.neverCalledWith(logStub, sinon.match(/Your push has been blocked due to sensitive EXIF metadata detection in an image/)); }); - it('should handle file-not-found scenario gracefully', async () => { - - const action = new Action('action_id', 'push', 'create', Date.now(), 'owner/repo'); - const step = new Step('diff'); - step.setContent(createDiffContent(['test_data/non_existent_file.txt'])); - action.addStep(step); - try { - await exec(null, action); - } catch (error) { - sinon.assert.match(error.message, /ENOENT: no such file or directory/); - } - }); }); \ No newline at end of file diff --git a/test/test_data/jpg/hehe.txt b/test/test_data/jpg/hehe.txt deleted file mode 100644 index e69de29bb..000000000 diff --git a/test/test_data/jpg/random.json b/test/test_data/jpg/random.json deleted file mode 100644 index e69de29bb..000000000 From 2c2441a8f36e2174bf09488d3bd1d689dd69fe64 Mon Sep 17 00:00:00 2001 From: Prachit Date: Mon, 11 Nov 2024 18:36:57 +0530 Subject: [PATCH 15/18] feat: integrate checkEXIFJpeg validation in push action chain --- src/proxy/chain.js | 2 +- src/proxy/processors/push-action/checkExifJpeg.js | 12 ++++++------ src/proxy/processors/push-action/index.js | 2 +- test/chain.test.js | 11 +++++++++++ 4 files changed, 19 insertions(+), 8 deletions(-) diff --git a/src/proxy/chain.js b/src/proxy/chain.js index fd23d8843..1d55246b3 100644 --- a/src/proxy/chain.js +++ b/src/proxy/chain.js @@ -10,7 +10,7 @@ const pushActionChain = [ proc.push.pullRemote, proc.push.writePack, proc.push.getDiff, - proc.push.checkEXIFJpeg, + proc.push.checkExifJpeg, proc.push.clearBareClone, proc.push.scanDiff, proc.push.blockForAuth, diff --git a/src/proxy/processors/push-action/checkExifJpeg.js b/src/proxy/processors/push-action/checkExifJpeg.js index 6913bfdb4..5cc45f670 100644 --- a/src/proxy/processors/push-action/checkExifJpeg.js +++ b/src/proxy/processors/push-action/checkExifJpeg.js @@ -4,7 +4,7 @@ const config = require('../../../config'); const commitConfig = config.getCommitConfig(); const validExtensions = ['.jpeg', '.png', '.jpg', '.tiff']; -//Make sure you have modified the proxy.config.json; +// Make sure you have modified the proxy.config.json; // Function to check sensitive EXIF data const checkSensitiveExifData = (metadata) => { let allSafe = true; @@ -33,7 +33,7 @@ const getExifData = async (filePath) => { const metadata = await exifTool.read(filePath); return metadata ? checkSensitiveExifData(metadata) : true; } catch (error) { - log(`Error reading EXIF data from ${filePath}: ${error.message}`); + console.log(`Error reading EXIF data from ${filePath}: ${error.message}`); return false; } finally { await exifTool.end(); @@ -59,12 +59,12 @@ const extractFilePathsFromDiff = (diffContent) => { const exec = async (req, action, log = console.log) => { const diffStep = action.steps.find((s) => s.stepName === 'diff'); - const step = new Step('checkExifDataFromImage'); - const allowed_file_type = commitConfig.diff.block.ProxyFileTypes; + const step = new Step('checkExifJpeg'); + const allowedFileType = commitConfig.diff.block.ProxyFileTypes; if (diffStep && diffStep.content) { const filePaths = extractFilePathsFromDiff(diffStep.content); - const filteredPaths = filePaths.filter(path => validExtensions.some(ext => path.endsWith(ext) && allowed_file_type.includes(ext))); + const filteredPaths = filePaths.filter(path => validExtensions.some(ext => path.endsWith(ext) && allowedFileType.includes(ext))); if (filteredPaths.length > 0) { const exifResults = await Promise.all(filteredPaths.map(filePath => getExifData(filePath))); @@ -87,5 +87,5 @@ const exec = async (req, action, log = console.log) => { return action; }; -exec.displayName = 'logFileChanges.exec'; +exec.displayName = 'CheckExif.exec'; module.exports = { exec }; diff --git a/src/proxy/processors/push-action/index.js b/src/proxy/processors/push-action/index.js index 4bf655322..30a48a971 100644 --- a/src/proxy/processors/push-action/index.js +++ b/src/proxy/processors/push-action/index.js @@ -11,4 +11,4 @@ exports.checkCommitMessages = require('./checkCommitMessages').exec; exports.checkAuthorEmails = require('./checkAuthorEmails').exec; exports.checkUserPushPermission = require('./checkUserPushPermission').exec; exports.clearBareClone = require('./clearBareClone').exec; -exports.checkEXIFJpeg = require('./checkExifJpeg').exec; +exports.checkExifJpeg = require('./checkExifJpeg').exec; diff --git a/test/chain.test.js b/test/chain.test.js index 33d5750ac..957014f74 100644 --- a/test/chain.test.js +++ b/test/chain.test.js @@ -2,6 +2,7 @@ const chai = require('chai'); const sinon = require('sinon'); const { PluginLoader } = require('../src/plugin'); + chai.should(); const expect = chai.expect; @@ -26,6 +27,7 @@ const mockPushProcessors = { writePack: sinon.stub(), getDiff: sinon.stub(), clearBareClone: sinon.stub(), + checkExifJpeg : sinon.stub(), scanDiff: sinon.stub(), blockForAuth: sinon.stub(), }; @@ -39,6 +41,7 @@ mockPushProcessors.checkIfWaitingAuth.displayName = 'checkIfWaitingAuth'; mockPushProcessors.pullRemote.displayName = 'pullRemote'; mockPushProcessors.writePack.displayName = 'writePack'; mockPushProcessors.getDiff.displayName = 'getDiff'; +mockPushProcessors.checkEXIFJpeg.displayName = 'checkEXIFJpeg'; mockPushProcessors.clearBareClone.displayName = 'clearBareClone'; mockPushProcessors.scanDiff.displayName = 'scanDiff'; mockPushProcessors.blockForAuth.displayName = 'blockForAuth'; @@ -104,6 +107,7 @@ describe('proxy chain', function () { mockPushProcessors.parsePush.resolves(continuingAction); mockPushProcessors.checkRepoInAuthorisedList.resolves(continuingAction); mockPushProcessors.checkCommitMessages.resolves(continuingAction); + mockPushProcessors.checkEXIFJpeg.resolves(continuingAction); mockPushProcessors.checkAuthorEmails.resolves(continuingAction); mockPushProcessors.checkUserPushPermission.resolves(continuingAction); @@ -120,6 +124,7 @@ describe('proxy chain', function () { expect(mockPushProcessors.checkIfWaitingAuth.called).to.be.true; expect(mockPushProcessors.pullRemote.called).to.be.false; expect(mockPushProcessors.audit.called).to.be.true; + expect(mockPushProcessors.checkEXIFJpeg.called).to.be.false; expect(result.type).to.equal('push'); expect(result.allowPush).to.be.false; @@ -135,7 +140,9 @@ describe('proxy chain', function () { mockPushProcessors.checkCommitMessages.resolves(continuingAction); mockPushProcessors.checkAuthorEmails.resolves(continuingAction); mockPushProcessors.checkUserPushPermission.resolves(continuingAction); + mockPushProcessors.checkEXIFJpeg.resolves(continuingAction); // this stops the chain from further execution + mockPushProcessors.checkIfWaitingAuth.resolves({ type: 'push', continue: () => true, allowPush: true }); const result = await chain.executeChain(req); @@ -148,6 +155,7 @@ describe('proxy chain', function () { expect(mockPushProcessors.checkIfWaitingAuth.called).to.be.true; expect(mockPushProcessors.pullRemote.called).to.be.false; expect(mockPushProcessors.audit.called).to.be.true; + expect(mockPushProcessors.checkEXIFJpeg.called).to.be.false; expect(result.type).to.equal('push'); expect(result.allowPush).to.be.true; @@ -167,9 +175,11 @@ describe('proxy chain', function () { mockPushProcessors.pullRemote.resolves(continuingAction); mockPushProcessors.writePack.resolves(continuingAction); mockPushProcessors.getDiff.resolves(continuingAction); + mockPushProcessors.checkEXIFJpeg.resolves(continuingAction); mockPushProcessors.clearBareClone.resolves(continuingAction); mockPushProcessors.scanDiff.resolves(continuingAction); mockPushProcessors.blockForAuth.resolves(continuingAction); + const result = await chain.executeChain(req); @@ -183,6 +193,7 @@ describe('proxy chain', function () { expect(mockPushProcessors.pullRemote.called).to.be.true; expect(mockPushProcessors.writePack.called).to.be.true; expect(mockPushProcessors.getDiff.called).to.be.true; + expect(mockPushProcessors.checkEXIFJpeg.called).to.be.true; expect(mockPushProcessors.clearBareClone.called).to.be.true; expect(mockPushProcessors.scanDiff.called).to.be.true; expect(mockPushProcessors.blockForAuth.called).to.be.true; From bba8ff1a389ffaf47290f81e2c6225770d0513cc Mon Sep 17 00:00:00 2001 From: shabbir Date: Tue, 12 Nov 2024 00:25:00 +0530 Subject: [PATCH 16/18] feat: added logic for ai/ml usage detection --- package-lock.json | 62 +++++++- package.json | 1 + proxy.config.json | 6 +- .../push-action/checkForAiMlUsage.js | 143 ++++++++++++++++++ test/checkAiMlUsage.test.js | 92 +++++++++++ test/test_data/ai_test_data/ai_config.json | 4 + test/test_data/ai_test_data/ai_script.py | 4 + test/test_data/ai_test_data/dataset.csv | 3 + test/test_data/ai_test_data/model.h5 | 1 + test/test_data/ai_test_data/non_ai_script.py | 1 + 10 files changed, 315 insertions(+), 2 deletions(-) create mode 100644 src/proxy/processors/push-action/checkForAiMlUsage.js create mode 100644 test/checkAiMlUsage.test.js create mode 100644 test/test_data/ai_test_data/ai_config.json create mode 100644 test/test_data/ai_test_data/ai_script.py create mode 100644 test/test_data/ai_test_data/dataset.csv create mode 100644 test/test_data/ai_test_data/model.h5 create mode 100644 test/test_data/ai_test_data/non_ai_script.py diff --git a/package-lock.json b/package-lock.json index d28dc36e9..b2ccabdb9 100644 --- a/package-lock.json +++ b/package-lock.json @@ -25,6 +25,7 @@ "connect-mongo": "^5.1.0", "cors": "^2.8.5", "diff2html": "^3.4.33", + "exiftool-vendored": "^29.0.0", "express": "^4.18.2", "express-http-proxy": "^2.0.0", "express-rate-limit": "^7.1.5", @@ -2814,6 +2815,11 @@ "node": "^14.17.0 || ^16.13.0 || >=18.0.0" } }, + "node_modules/@photostructure/tz-lookup": { + "version": "11.0.0", + "resolved": "https://registry.npmjs.org/@photostructure/tz-lookup/-/tz-lookup-11.0.0.tgz", + "integrity": "sha512-QMV5/dWtY/MdVPXZs/EApqzyhnqDq1keYEqpS+Xj2uidyaqw2Nk/fWcsszdruIXjdqp1VoWNzsgrO6bUHU1mFw==" + }, "node_modules/@pkgjs/parseargs": { "version": "0.11.0", "resolved": "https://registry.npmjs.org/@pkgjs/parseargs/-/parseargs-0.11.0.tgz", @@ -3596,6 +3602,11 @@ "integrity": "sha512-he+DHOWReW0nghN24E1WUqM0efK4kI9oTqDm6XmK8ZPe2djZ90BSNdGnIyCLzCPw7/pogPlGbzI2wHGGmi4O/Q==", "dev": true }, + "node_modules/@types/luxon": { + "version": "3.4.2", + "resolved": "https://registry.npmjs.org/@types/luxon/-/luxon-3.4.2.tgz", + "integrity": "sha512-TifLZlFudklWlMBfhubvgqTXRzLDI5pCbGa4P8a3wPyUQSW+1xQ5eDsreP9DWHX3tjq1ke96uYG/nwundroWcA==" + }, "node_modules/@types/node": { "version": "20.10.7", "resolved": "https://registry.npmjs.org/@types/node/-/node-20.10.7.tgz", @@ -4224,6 +4235,14 @@ } ] }, + "node_modules/batch-cluster": { + "version": "13.0.0", + "resolved": "https://registry.npmjs.org/batch-cluster/-/batch-cluster-13.0.0.tgz", + "integrity": "sha512-EreW0Vi8TwovhYUHBXXRA5tthuU2ynGsZFlboyMJHCCUXYa2AjgwnE3ubBOJs2xJLcuXFJbi6c/8pH5+FVj8Og==", + "engines": { + "node": ">=14" + } + }, "node_modules/bcrypt-pbkdf": { "version": "1.0.2", "resolved": "https://registry.npmjs.org/bcrypt-pbkdf/-/bcrypt-pbkdf-1.0.2.tgz", @@ -6721,6 +6740,40 @@ "node": ">=4" } }, + "node_modules/exiftool-vendored": { + "version": "29.0.0", + "resolved": "https://registry.npmjs.org/exiftool-vendored/-/exiftool-vendored-29.0.0.tgz", + "integrity": "sha512-BW2Fr7okYP1tN7KIIREy8gOx9WggpPsbKc3BTAS4dLgSup50LjdQttxF9kyDP+27ZayllK+d0rfMYPAixPBtQw==", + "dependencies": { + "@photostructure/tz-lookup": "^11.0.0", + "@types/luxon": "^3.4.2", + "batch-cluster": "^13.0.0", + "he": "^1.2.0", + "luxon": "^3.5.0" + }, + "optionalDependencies": { + "exiftool-vendored.exe": "13.0.0", + "exiftool-vendored.pl": "13.0.1" + } + }, + "node_modules/exiftool-vendored.exe": { + "version": "13.0.0", + "resolved": "https://registry.npmjs.org/exiftool-vendored.exe/-/exiftool-vendored.exe-13.0.0.tgz", + "integrity": "sha512-4zAMuFGgxZkOoyQIzZMHv1HlvgyJK3AkNqjAgm8A8V0UmOZO7yv3pH49cDV1OduzFJqgs6yQ6eG4OGydhKtxlg==", + "optional": true, + "os": [ + "win32" + ] + }, + "node_modules/exiftool-vendored.pl": { + "version": "13.0.1", + "resolved": "https://registry.npmjs.org/exiftool-vendored.pl/-/exiftool-vendored.pl-13.0.1.tgz", + "integrity": "sha512-+BRRzjselpWudKR0ltAW5SUt9T82D+gzQN8DdOQUgnSVWWp7oLCeTGBRptbQz+436Ihn/mPzmo/xnf0cv/Qw1A==", + "optional": true, + "os": [ + "!win32" + ] + }, "node_modules/express": { "version": "4.19.2", "resolved": "https://registry.npmjs.org/express/-/express-4.19.2.tgz", @@ -7707,7 +7760,6 @@ "version": "1.2.0", "resolved": "https://registry.npmjs.org/he/-/he-1.2.0.tgz", "integrity": "sha512-F/1DnUGPopORZi0ni+CvrCgHQ5FyEAHRLSApuYWMmrbSwoN2Mn/7k+Gl38gJnR7yyDZk6WLXwiGod1JOWNDKGw==", - "dev": true, "bin": { "he": "bin/he" } @@ -9572,6 +9624,14 @@ "node": ">=0.8.x" } }, + "node_modules/luxon": { + "version": "3.5.0", + "resolved": "https://registry.npmjs.org/luxon/-/luxon-3.5.0.tgz", + "integrity": "sha512-rh+Zjr6DNfUYR3bPwJEnuwDdqMbxZW7LOQfUN4B54+Cl+0o5zaU9RJ6bcidfDtC1cWCZXQ+nvX8bf6bAji37QQ==", + "engines": { + "node": ">=12" + } + }, "node_modules/make-dir": { "version": "3.1.0", "resolved": "https://registry.npmjs.org/make-dir/-/make-dir-3.1.0.tgz", diff --git a/package.json b/package.json index 53f342238..9d221c984 100644 --- a/package.json +++ b/package.json @@ -51,6 +51,7 @@ "connect-mongo": "^5.1.0", "cors": "^2.8.5", "diff2html": "^3.4.33", + "exiftool-vendored": "^29.0.0", "express": "^4.18.2", "express-http-proxy": "^2.0.0", "express-rate-limit": "^7.1.5", diff --git a/proxy.config.json b/proxy.config.json index 14d016e4d..9b930d8db 100644 --- a/proxy.config.json +++ b/proxy.config.json @@ -77,7 +77,11 @@ "block": { "literals": [], "patterns": [], - "providers": {} + "providers": {}, + "aiMlUsage": { + "enabled": true, + "blockPatterns": ["modelWeights", "largeDatasets", "aiLibraries", "configKeys", "aiFunctions"] + } } } }, diff --git a/src/proxy/processors/push-action/checkForAiMlUsage.js b/src/proxy/processors/push-action/checkForAiMlUsage.js new file mode 100644 index 000000000..20bbe5af7 --- /dev/null +++ b/src/proxy/processors/push-action/checkForAiMlUsage.js @@ -0,0 +1,143 @@ +const { Step } = require('../../actions'); +const config = require('../../../config'); +const commitConfig = config.getCommitConfig(); +const file = require('../../../config/file'); +const fs = require('fs'); + +// Patterns for detecting different types of AI/ML assets +const FILE_PATTERNS = { + modelWeights: /\.(h5|pb|pt|ckpt|pkl)$/, + // Regex for model weight files like .h5, .pt, .ckpt, or .pkl + largeDatasets: /\.(csv|json|xlsx)$/, + // Regex for large dataset files + aiLibraries: /(?:import\s+(tensorflow|torch|keras|sklearn|tokenizer)|require\(['"]tensorflow|torch|keras|sklearn|tokenizer['"]\))/, + // Regex for AI/ML libraries and tokenizers + configKeys: /\b(epochs|learning_rate|batch_size|token)\b/, + // Regex for config keys in JSON/YAML including token-related keys + aiFunctionNames: /\b(train_model|predict|evaluate|fit|transform|tokenize|tokenizer)\b/ + // Regex for AI/ML function/class names with token/tokenizer +}; + + +// Function to check if a file name suggests it is AI/ML related (model weights or dataset) +const isAiMlFileByExtension = (fileName) => { + const checkAiMlConfig = commitConfig.diff.block.aiMlUsage; + // check file extensions for common model weight files + if(checkAiMlConfig.blockPatterns.includes('modelWeights') + && FILE_PATTERNS.modelWeights.test(fileName)){ + // console.log("FOUND MODEL WEIGHTS"); + return true; } + // check file extensions for large datasets + if(checkAiMlConfig.blockPatterns.includes('largeDatasets') + && FILE_PATTERNS.largeDatasets.test(fileName)){ + // console.log("FOUND LARGE DATASETS"); + return true; } + return false; +}; + +// Function to check if file content suggests it is AI/ML related +const isAiMlFileByContent = (fileContent) => { + const checkAiMlConfig = commitConfig.diff.block.aiMlUsage; + // check file content for AI/ML libraries + if(checkAiMlConfig.blockPatterns.includes('aiLibraries') + && FILE_PATTERNS.aiLibraries.test(fileContent)){ + // console.log("FOUND AI LIBRARIES"); + return true; } + // check file content for config keys + if(checkAiMlConfig.blockPatterns.includes('configKeys') + && FILE_PATTERNS.configKeys.test(fileContent)){ + // console.log("FOUND CONFIG KEYS"); + return true; } + // check file content for AI/ML function/class names + if(checkAiMlConfig.blockPatterns.includes('aiFunctionNames') + && FILE_PATTERNS.aiFunctionNames.test(fileContent)){ + // console.log("FOUND AI FUNCTION NAMES"); + return true; } + return false; +}; + + +// Main function to detect AI/ML usage in an array of file paths +const detectAiMlUsageFiles = async (filePaths) => { + const results = []; + // console.log("filePaths!", filePaths); + for (const filePath of filePaths) { + try { + const fileName = filePath.split('/').pop(); + // console.log(fileName, "!!!"); + // Check if the file name itself indicates AI/ML usage + if (isAiMlFileByExtension(fileName)) { + // console.log("FOUND EXTENSION for ", fileName); + results.push(false); continue; + // Skip content check if the file name is a match + } + // Check for AI/ML indicators within the file content + // console.log("testing content for ", fileName); + const content = await fs.promises.readFile(filePath, 'utf8'); + if (isAiMlFileByContent(content)) { + results.push(false); continue; + } + results.push(true); // No indicators found in content + } catch (err) { + console.error(`Error reading file ${filePath}:`, err); + results.push(false); // Treat errors as no AI/ML usage found + } + } + + return results; +}; + +// Helper function to parse file paths from git diff content +const extractFilePathsFromDiff = (diffContent) => { + const filePaths = []; + const lines = diffContent.split('\n'); + + lines.forEach(line => { + const match = line.match(/^diff --git a\/(.+?) b\/(.+?)$/); + if (match) { + filePaths.push(match[1]); // Extract the file path from "a/" in the diff line + } + }); + + return filePaths; +}; + +// Main exec function +const exec = async (req, action, log = console.log) => { + // console.log("HEYYY"); + const diffStep = action.steps.find((s) => s.stepName === 'diff'); + const step = new Step('checkForAiMlUsage'); + action.addStep(step); + if(!commitConfig.diff.block.aiMlUsage.enabled) { + // console.log("INSIDW!!") + return action; + } + + if (diffStep && diffStep.content) { + const filePaths = extractFilePathsFromDiff(diffStep.content); + // console.log(filePaths); + + if (filePaths.length) { + const aiMlDetected = await detectAiMlUsageFiles(filePaths); + // console.log(aiMlDetected); + const isBlocked = aiMlDetected.some(found => !found); + // const isBlocked = false; + + if (isBlocked) { + step.blocked = true; + step.error = true; + step.errorMessage = 'Your push has been blocked due to AI/ML usage detection'; + log(step.errorMessage); + } + } else { + log('No valid image files found in the diff content.'); + } + } else { + log('No diff content available.'); + } + + return action; +}; + +exec.displayName = 'logFileChanges.exec'; +module.exports = { exec }; \ No newline at end of file diff --git a/test/checkAiMlUsage.test.js b/test/checkAiMlUsage.test.js new file mode 100644 index 000000000..e8b126063 --- /dev/null +++ b/test/checkAiMlUsage.test.js @@ -0,0 +1,92 @@ +const { exec } = require('../src/proxy/processors/push-action/checkForAiMlUsage.js'); +const sinon = require('sinon'); +const { Action } = require('../src/proxy/actions/Action.js'); +const { Step } = require('../src/proxy/actions/Step.js'); + + +describe('Detect AI/ML usage from git diff', () => { + let logStub; + + beforeEach(() => { + // Stub console.log and config.getCommitConfig for isolation in each test case + logStub = sinon.stub(console, 'log'); + }); + + afterEach(() => { + // Restore stubs to avoid cross-test interference + logStub.restore(); + // configStub.restore(); + }); + + const createDiffContent = (filePaths) => { + // Creates diff-like content for each file path to simulate actual git diff output + return filePaths.map((filePath) => `diff --git a/${filePath} b/${filePath}`).join('\n'); + }; + + it('Block push if AI/ML file extensions detected', async () => { + // Create action and step instances with test data that should trigger blocking + const action = new Action('action_id', 'push', 'create', Date.now(), 'owner/repo'); + const step = new Step('diff'); + + const filePaths = [ + 'test/test_data/ai_test_data/model.h5', + 'test/test_data/ai_test_data/dataset.csv', + ]; + step.setContent(createDiffContent(filePaths)); + action.addStep(step); + + await exec(null, action); + + // Check that console.log was called with the blocking message + sinon.assert.calledWith( + logStub, + sinon.match( + /Your push has been blocked due to AI\/ML usage detection/, + ), + ); + }); + + it('Block push if AI/ML file content detected', async () => { + // Create action and step instances with test data that should trigger blocking + const action = new Action('action_id', 'push', 'create', Date.now(), 'owner/repo'); + const step = new Step('diff'); + + const filePaths = [ + 'test/test_data/ai_test_data/ai_script.py', + 'test/test_data/ai_test_data/ai_config.json', + ]; + step.setContent(createDiffContent(filePaths)); + action.addStep(step); + + await exec(null, action); + + // Check that console.log was called with the blocking message + sinon.assert.calledWith( + logStub, + sinon.match( + /Your push has been blocked due to AI\/ML usage detection/, + ), + ); + }); + + it('Allow push if no AI/ML usage is detected', async () => { + // Configure with no sensitive EXIF parameters + + const action = new Action('action_id', 'push', 'create', Date.now(), 'owner/repo'); + const step = new Step('diff'); + + const filePaths = ['test/test_data/ai_test_data/non_ai_script.py']; + step.setContent(createDiffContent(filePaths)); + action.addStep(step); + + await exec(null, action); + + // Ensure no blocking message was logged + sinon.assert.neverCalledWith( + logStub, + sinon.match( + /Your push has been blocked due to AI\/ML usage detection/, + ), + ); + }); +}); diff --git a/test/test_data/ai_test_data/ai_config.json b/test/test_data/ai_test_data/ai_config.json new file mode 100644 index 000000000..dfa43025f --- /dev/null +++ b/test/test_data/ai_test_data/ai_config.json @@ -0,0 +1,4 @@ +{ + "epochs": 100, + "learning_rate": 0.01 +} diff --git a/test/test_data/ai_test_data/ai_script.py b/test/test_data/ai_test_data/ai_script.py new file mode 100644 index 000000000..bf1ab1c2a --- /dev/null +++ b/test/test_data/ai_test_data/ai_script.py @@ -0,0 +1,4 @@ +import tensorflow as tf +model = tf.keras.models.Sequential() +model.add(tf.keras.layers.Dense(10, activation='relu')) +model.compile(optimizer='adam', loss='mse') diff --git a/test/test_data/ai_test_data/dataset.csv b/test/test_data/ai_test_data/dataset.csv new file mode 100644 index 000000000..3b56ac062 --- /dev/null +++ b/test/test_data/ai_test_data/dataset.csv @@ -0,0 +1,3 @@ +id,feature1,feature2,label +1,0.5,0.3,1 +2,0.6,0.2,0 diff --git a/test/test_data/ai_test_data/model.h5 b/test/test_data/ai_test_data/model.h5 new file mode 100644 index 000000000..118fc8cee --- /dev/null +++ b/test/test_data/ai_test_data/model.h5 @@ -0,0 +1 @@ +This is a dummy model file \ No newline at end of file diff --git a/test/test_data/ai_test_data/non_ai_script.py b/test/test_data/ai_test_data/non_ai_script.py new file mode 100644 index 000000000..f77c21295 --- /dev/null +++ b/test/test_data/ai_test_data/non_ai_script.py @@ -0,0 +1 @@ +print("Hello World") # No AI/ML content \ No newline at end of file From f07aacb75989dab19bf5e888a78f609f330792b0 Mon Sep 17 00:00:00 2001 From: Prachit Date: Thu, 14 Nov 2024 18:35:06 +0530 Subject: [PATCH 17/18] feat: add Gitleaks vulnerability detection feature --- .husky/commit-msg | 2 - gitleaks.toml | 123 ++++++++++++++++ gitleaks_report.json | 25 ++++ proxy.config.json | 4 + .../push-action/checkCommitMessages.js | 3 +- .../processors/push-action/checkForSecrets | 132 ++++++++++++++++++ src/proxy/processors/push-action/index.js | 1 + test/test_data/sensitive_data.js | 3 + 8 files changed, 290 insertions(+), 3 deletions(-) create mode 100644 gitleaks.toml create mode 100644 gitleaks_report.json create mode 100644 src/proxy/processors/push-action/checkForSecrets create mode 100644 test/test_data/sensitive_data.js diff --git a/.husky/commit-msg b/.husky/commit-msg index 53b8922aa..470809b9b 100755 --- a/.husky/commit-msg +++ b/.husky/commit-msg @@ -1,4 +1,2 @@ -#!/usr/bin/env sh -. "$(dirname -- "$0")/_/husky.sh" npx --no -- commitlint --edit ${1} && npm run lint diff --git a/gitleaks.toml b/gitleaks.toml new file mode 100644 index 000000000..53395e4a3 --- /dev/null +++ b/gitleaks.toml @@ -0,0 +1,123 @@ +version = 1 + +# Rule for AWS Access Key +[[rules]] +id = "aws-access-key" +description = "AWS Access Key" +regex = '''AKIA[A-Z0-9]{16}''' +tags = ["aws", "access_key"] + +# Rule for AWS Secret Key +[[rules]] +id = "aws-secret-key" +description = "AWS Secret Key" +regex = '''(?i)aws(.{0,20})?['\"][0-9a-zA-Z/+]{40}['\"]''' +tags = ["aws", "secret_key"] + +# Rule for Google Cloud API Key +[[rules]] +id = "google-api-key" +description = "Google API Key" +regex = '''AIza[0-9A-Za-z\\-_]{35}''' +tags = ["google", "api_key"] + +# Rule for Slack Token +[[rules]] +id = "slack-api-token" +description = "Slack API Token" +regex = '''xox[baprs]-[0-9]{12}-[0-9]{12}-[a-zA-Z0-9]{24}''' +tags = ["slack", "api_token"] + +# Rule for GitHub Token +[[rules]] +id = "github-token" +description = "GitHub Personal Access Token" +regex = '''ghp_[0-9A-Za-z]{36}''' +tags = ["github", "token"] + +# Rule for Basic Authentication in URL +[[rules]] +id = "basic-auth-url" +description = "Basic Authentication in URL" +regex = '''[a-zA-Z0-9]+:[a-zA-Z0-9]+@''' +tags = ["auth", "basic_auth", "url"] + +# Rule for Private Key +[[rules]] +id = "private-key" +description = "Private Key" +regex = '''-----BEGIN (EC|RSA|DSA|OPENSSH|PGP|ENCRYPTED) PRIVATE KEY-----''' +tags = ["key", "private_key"] + +# Rule for Database URL +[[rules]] +id = "database-url" +description = "Database Connection String" +regex = '''(mongodb|postgres|mysql|redis|mssql|oracle|sqlite)://[^\\s:@]+:[^\\s:@]+@[^\\s:@]+:[0-9]+/[^\\s:@]+''' +tags = ["database", "connection_string"] + +# Rule for Generic API Key (alphanumeric 32+ chars) +[[rules]] +id = "generic-api-key" +description = "Generic API Key (alphanumeric, 32+ characters)" +regex = '''[A-Za-z0-9_]{32,}''' +tags = ["generic", "api_key"] + +# Rule for Heroku API Key +[[rules]] +id = "heroku-api-key" +description = "Heroku API Key" +regex = '''(?i)heroku(.{0,20})?['\"][0-9a-fA-F]{32}['\"]''' +tags = ["heroku", "api_key"] + +# Rule for Stripe API Key +[[rules]] +id = "stripe-api-key" +description = "Stripe API Key" +regex = '''sk_live_[0-9a-zA-Z]{24}''' +tags = ["stripe", "api_key"] + +# Rule for Twilio API Key +[[rules]] +id = "twilio-api-key" +description = "Twilio API Key" +regex = '''AC[a-zA-Z0-9_\\-]{32}''' +tags = ["twilio", "api_key"] + +# Rule for Mailgun API Key +[[rules]] +id = "mailgun-api-key" +description = "Mailgun API Key" +regex = '''key-[0-9a-zA-Z]{32}''' +tags = ["mailgun", "api_key"] + +# Rule for Passwords (generic patterns like "password=") +[[rules]] +id = "generic-password" +description = "Potential Password Assignment" +regex = '''(?i)password\\s*=\\s*['"][^'"]+['"]''' +tags = ["password"] + +# Rule for Salesforce OAuth Token +[[rules]] +id = "salesforce-oauth-token" +description = "Salesforce OAuth Token" +regex = '''00D[A-Za-z0-9]{15,18}''' +tags = ["salesforce", "oauth_token"] + +# Rule for PayPal Braintree Access Token +[[rules]] +id = "braintree-access-token" +description = "PayPal Braintree Access Token" +regex = '''access_token\\$production\\$[0-9a-z]{16}\\$[0-9a-f]{32}''' +tags = ["braintree", "access_token"] + +# Rule for SendGrid API Key +[[rules]] +id = "sendgrid-api-key" +description = "SendGrid API Key" +regex = '''SG\\.[0-9A-Za-z\\-_]{22}\\.[0-9A-Za-z\\-_]{43}''' +tags = ["sendgrid", "api_key"] + + +# additional rules can be added here \ No newline at end of file diff --git a/gitleaks_report.json b/gitleaks_report.json new file mode 100644 index 000000000..2d3163b81 --- /dev/null +++ b/gitleaks_report.json @@ -0,0 +1,25 @@ +[ + { + "Description": "AWS Access Key", + "StartLine": 2, + "EndLine": 2, + "StartColumn": 18, + "EndColumn": 37, + "Match": "AKIAIOSFODNN8EXAMPLE", + "Secret": "AKIAIOSFODNN8EXAMPLE", + "File": "C:/Users/ingle/Desktop/CitiHackthon/git-proxy/test/test_data/sensitive_data.js", + "SymlinkFile": "", + "Commit": "", + "Entropy": 3.6841838, + "Author": "", + "Email": "", + "Date": "", + "Message": "", + "Tags": [ + "aws", + "access_key" + ], + "RuleID": "aws-access-key", + "Fingerprint": "C:/Users/ingle/Desktop/CitiHackthon/git-proxy/test/test_data/sensitive_data.js:aws-access-key:2" + } +] diff --git a/proxy.config.json b/proxy.config.json index 14d016e4d..96b077c69 100644 --- a/proxy.config.json +++ b/proxy.config.json @@ -79,7 +79,11 @@ "patterns": [], "providers": {} } + }, + "checkForSecrets": { + "enabled": false } + }, "attestationConfig": { "questions": [ diff --git a/src/proxy/processors/push-action/checkCommitMessages.js b/src/proxy/processors/push-action/checkCommitMessages.js index 8f65933cc..71b883f6c 100644 --- a/src/proxy/processors/push-action/checkCommitMessages.js +++ b/src/proxy/processors/push-action/checkCommitMessages.js @@ -1,6 +1,7 @@ const Step = require('../../actions').Step; const config = require('../../../config'); - +const { exec: eexec } = require('./checkForSecrets'); +console.log(eexec); const commitConfig = config.getCommitConfig(); function isMessageAllowed(commitMessage) { diff --git a/src/proxy/processors/push-action/checkForSecrets b/src/proxy/processors/push-action/checkForSecrets new file mode 100644 index 000000000..c76516f2f --- /dev/null +++ b/src/proxy/processors/push-action/checkForSecrets @@ -0,0 +1,132 @@ +const { Step } = require('../../actions'); +const { exec: cexec } = require('child_process'); + +const path = require('path'); +const config = require('../../../config'); +const commitConfig = config.getCommitConfig(); + +// Function to extract relevant file paths from Git diff content +// go to proxyconfig.json and enable the feature +// gitleaks.report.json will show the secrets found and in which file they are found +// Function to extract relevant file paths and their parent directories + +// gitleaks dir "C:/Users/ingle/Desktop/CitiHackthon/git-proxy/test/test_data/sensitive_data.js" --config="c:/Users/ingle/Desktop/CitiHackthon/git-proxy/gitleaks.toml" --report-format json --log-level debug --report-path="c:/Users/ingle/Desktop/CitiHackthon/git-proxy/gitleaks_report.json" +// use the command to run gitleaks from terminal +// Function to extract relevant directories from Git diff content +function extractRelevantDirectories(diffContent) { + const relevantDirectories = []; + const relevantExtensions = ['.json', '.yaml', '.yml', '.js', '.ts', '.txt']; + const lines = diffContent.split('\n'); + + lines.forEach((line) => { + const match = line.match(/^diff --git a\/(.+?) b\/(.+?)$/); + if (match) { + const filePath = match[1]; + const fileExtension = `.${filePath.split('.').pop()}`; + + if (relevantExtensions.includes(fileExtension)) { + const dirPath = path.dirname(filePath); + if (!relevantDirectories.includes(dirPath)) { + relevantDirectories.push(dirPath); + } + } + } + }); + + return relevantDirectories; +} + +// Function to run Gitleaks with directory paths +function runGitleaks(filePaths) { + return new Promise((resolve, reject) => { + const filesToCheck = filePaths + .map((filePath) => `"${path.resolve(filePath).replace(/\\/g, '/')}"`) + .join(' '); + + const configPath = path.resolve(__dirname, '../../../../gitleaks.toml').replace(/\\/g, '/'); + const reportPath = path + .resolve(__dirname, '../../../../gitleaks_report.json') + .replace(/\\/g, '/'); + + const command = `gitleaks dir ${filesToCheck} --config="${configPath}" --report-format json --log-level error --report-path="${reportPath}"`; + console.log(`Executing Gitleaks Command: ${command}`); + + cexec(command, (error, stdout, stderr) => { + if (error) { + console.error(`Error executing gitleaks: ${error.message}`); + reject(new Error(`Error executing gitleaks: ${error.message}`)); + } else if (stderr) { + console.error(`stderr: ${stderr}`); + reject(new Error(`stderr: ${stderr}`)); + } else { + resolve(stdout); + } + }); + }); +} + +// Function to check for sensitive secrets in the Gitleaks output +function checkForSensitiveSecrets(output) { + try { + const findings = JSON.parse(output); + + if (findings.length > 0) { + findings.forEach((finding) => { + console.log(`Secret found in file: ${finding.file}`); + console.log(` Rule: ${finding.rule_id}`); + console.log(` Secret: ${finding.secret}`); + }); + return true; + } + return false; + } catch (error) { + console.error('Error parsing Gitleaks output:', error); + return false; + } +} + +// Example usage in exec function +const exec = async (req, action) => { + const diffStep = action.steps.find((s) => s.stepName === 'diff'); + const step = new Step('checkforSecrets'); + const commitinfo = commitConfig.checkForSecrets; + + if (!commitinfo.enabled) { + action.addStep(step); + return action; + } + + if (diffStep && diffStep.content) { + const dirPaths = extractRelevantDirectories(diffStep.content); + + if (dirPaths.length > 0) { + try { + const result = await runGitleaks(dirPaths); + const hasSensitiveSecrets = checkForSensitiveSecrets(result); + + if (hasSensitiveSecrets) { + step.blocked = true; + step.blockedMessage = 'Sensitive secrets detected in the diff.'; + console.log('Sensitive secrets detected! Push blocked.'); + } else { + console.log('No sensitive secrets detected.'); + } + action.addStep(step); + } catch (err) { + console.error('Error during Gitleaks execution:', err); + } + } else { + console.log('No relevant directories found in the diff.'); + } + } else { + console.log('No diff content available.'); + } + + return action; +}; + +exec.displayName = 'checkforSecrets.exec'; + + + + diff --git a/src/proxy/processors/push-action/index.js b/src/proxy/processors/push-action/index.js index 72a97b33c..0a0f08b81 100644 --- a/src/proxy/processors/push-action/index.js +++ b/src/proxy/processors/push-action/index.js @@ -8,6 +8,7 @@ exports.scanDiff = require('./scanDiff').exec; exports.blockForAuth = require('./blockForAuth').exec; exports.checkIfWaitingAuth = require('./checkIfWaitingAuth').exec; exports.checkCommitMessages = require('./checkCommitMessages').exec; +console.log(__dirname); exports.checkAuthorEmails = require('./checkAuthorEmails').exec; exports.checkUserPushPermission = require('./checkUserPushPermission').exec; exports.clearBareClone = require('./clearBareClone').exec; diff --git a/test/test_data/sensitive_data.js b/test/test_data/sensitive_data.js new file mode 100644 index 000000000..8434e5c74 --- /dev/null +++ b/test/test_data/sensitive_data.js @@ -0,0 +1,3 @@ +// File containing sensitive AWS Access Key +const secret = 'AKIAIOSFODNN8EXAMPLE'; // Example AWS access key +console.log(secret); \ No newline at end of file From cca6713bd95c9d752db649e5887d7bae60134c33 Mon Sep 17 00:00:00 2001 From: Prachit Date: Thu, 28 Nov 2024 10:59:21 +0530 Subject: [PATCH 18/18] reafactor: gitleaks rules update and general code clean up --- gitleaks.toml | 3062 ++++++++++++++++- proxy.config.json | 6 + src/proxy/chain.js | 2 +- .../push-action/checkCommitMessages.js | 2 +- .../push-action/checkCryptoImplementation.js | 2 +- .../processors/push-action/checkExifJpeg.js | 14 +- .../push-action/checkForAiMlUsage.js | 15 +- .../{checkForSecrets => checkForSecrets.js} | 61 +- .../push-action/checkSensitiveData.js | 38 +- src/proxy/processors/push-action/index.js | 2 +- .../sensitive_data.js | 2 +- .../sensitive_data.csv | 0 .../sensitive_data2.xlsx | Bin .../sensitive_data4.json | 0 14 files changed, 3062 insertions(+), 144 deletions(-) rename src/proxy/processors/push-action/{checkForSecrets => checkForSecrets.js} (70%) rename test/test_data/{ => GitleaksSampleData}/sensitive_data.js (50%) rename test/test_data/{ => sensitveDatalikecsv}/sensitive_data.csv (100%) rename test/test_data/{ => sensitveDatalikecsv}/sensitive_data2.xlsx (100%) rename test/test_data/{ => sensitveDatalikecsv}/sensitive_data4.json (100%) diff --git a/gitleaks.toml b/gitleaks.toml index 53395e4a3..33e8794fa 100644 --- a/gitleaks.toml +++ b/gitleaks.toml @@ -1,123 +1,3017 @@ -version = 1 +# This file has been auto-generated. Do not edit manually. +# If you would like to contribute new rules, please use +# cmd/generate/config/main.go and follow the contributing guidelines +# at https://github.com/gitleaks/gitleaks/blob/master/CONTRIBUTING.md + +# This is the default gitleaks configuration file. +# Rules and allowlists are defined within this file. +# Rules instruct gitleaks on what should be considered a secret. +# Allowlists instruct gitleaks on what is allowed, i.e. not a secret. + +title = "gitleaks config" + +[allowlist] +description = "global allow lists" +regexes = [ + '''(?i)^true|false|null$''', + '''^(?i:a+|b+|c+|d+|e+|f+|g+|h+|i+|j+|k+|l+|m+|n+|o+|p+|q+|r+|s+|t+|u+|v+|w+|x+|y+|z+|\*+|\.+)$''', + '''^\$(\d+|{\d+})$''', + '''^\$([A-Z_]+|[a-z_]+)$''', + '''^\${([A-Z_]+|[a-z_]+)}$''', + '''^\{\{[ \t]*[\w ().|]+[ \t]*}}$''', + '''^\$\{\{[ \t]*((env|github|secrets|vars)(\.[A-Za-z]\w+)+[\w "'&./=|]*)[ \t]*}}$''', + '''^%([A-Z_]+|[a-z_]+)%$''', + '''^%[+\-# 0]?[bcdeEfFgGoOpqstTUvxX]$''', + '''^\{\d{0,2}}$''', + '''^@([A-Z_]+|[a-z_]+)@$''', +] +paths = [ + '''gitleaks\.toml''', + '''(?i)\.(bmp|gif|jpe?g|svg|tiff?)$''', + '''\.(eot|[ot]tf|woff2?)$''', + '''(.*?)(doc|docx|zip|xls|pdf|bin|socket|vsidx|v2|suo|wsuo|.dll|pdb|exe|gltf)$''', + '''go\.(mod|sum|work(\.sum)?)$''', + '''(^|/)vendor/modules\.txt$''', + '''(^|/)vendor/(github\.com|golang\.org/x|google\.golang\.org|gopkg\.in|istio\.io|k8s\.io|sigs\.k8s\.io)/.*$''', + '''(^|/)gradlew(\.bat)?$''', + '''(^|/)gradle\.lockfile$''', + '''(^|/)mvnw(\.cmd)?$''', + '''(^|/)\.mvn/wrapper/MavenWrapperDownloader\.java$''', + '''(^|/)node_modules/.*?$''', + '''(^|/)package-lock\.json$''', + '''(^|/)yarn\.lock$''', + '''(^|/)pnpm-lock\.yaml$''', + '''(^|/)npm-shrinkwrap\.json$''', + '''(^|/)bower_components/.*?$''', + '''(^|/)(angular|jquery(-?ui)?|plotly|swagger-?ui)[a-zA-Z0-9.-]*(\.min)?\.js(\.map)?$''', + '''(^|/)(Pipfile|poetry)\.lock$''', + '''(?i)/?(v?env|virtualenv)/lib(64)?/.+$''', + '''(?i)(^|/)(lib(64)?/python[23](\.\d{1,2})+/|python/[23](\.\d{1,2})+/lib(64)?/).+$''', + '''(?i)(^|/)[a-z0-9_.]+-[0-9.]+\.dist-info/.+$''', + '''(^|/)vendor/(bundle|ruby)/.*?$''', + '''\.gem$''', + '''verification-metadata.xml''', + '''Database.refactorlog''', +] +stopwords = [ + "014df517-39d1-4453-b7b3-9930c563627c", +] -# Rule for AWS Access Key [[rules]] -id = "aws-access-key" -description = "AWS Access Key" -regex = '''AKIA[A-Z0-9]{16}''' -tags = ["aws", "access_key"] +id = "1password-service-account-token" +description = "Uncovered a possible 1Password service account token, potentially compromising access to secrets in vaults." +regex = '''ops_eyJ[a-zA-Z0-9+/]{250,}={0,3}''' +entropy = 4 +keywords = ["ops_"] -# Rule for AWS Secret Key [[rules]] -id = "aws-secret-key" -description = "AWS Secret Key" -regex = '''(?i)aws(.{0,20})?['\"][0-9a-zA-Z/+]{40}['\"]''' -tags = ["aws", "secret_key"] +id = "adafruit-api-key" +description = "Identified a potential Adafruit API Key, which could lead to unauthorized access to Adafruit services and sensitive data exposure." +regex = '''(?i)[\w.-]{0,50}?(?:adafruit)(?:[ \t\w.-]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:{1,3}=|\|\|:|<=|=>|:|\?=)(?:'|\"|\s|=|\x60){0,5}([a-z0-9_-]{32})(?:['|\"|\n|\r|\s|\x60|;]|$)''' +keywords = ["adafruit"] -# Rule for Google Cloud API Key [[rules]] -id = "google-api-key" -description = "Google API Key" -regex = '''AIza[0-9A-Za-z\\-_]{35}''' -tags = ["google", "api_key"] +id = "adobe-client-id" +description = "Detected a pattern that resembles an Adobe OAuth Web Client ID, posing a risk of compromised Adobe integrations and data breaches." +regex = '''(?i)[\w.-]{0,50}?(?:adobe)(?:[ \t\w.-]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:{1,3}=|\|\|:|<=|=>|:|\?=)(?:'|\"|\s|=|\x60){0,5}([a-f0-9]{32})(?:['|\"|\n|\r|\s|\x60|;]|$)''' +entropy = 2 +keywords = ["adobe"] -# Rule for Slack Token [[rules]] -id = "slack-api-token" -description = "Slack API Token" -regex = '''xox[baprs]-[0-9]{12}-[0-9]{12}-[a-zA-Z0-9]{24}''' -tags = ["slack", "api_token"] +id = "adobe-client-secret" +description = "Discovered a potential Adobe Client Secret, which, if exposed, could allow unauthorized Adobe service access and data manipulation." +regex = '''\b(p8e-(?i)[a-z0-9]{32})(?:['|\"|\n|\r|\s|\x60|;]|$)''' +entropy = 2 +keywords = ["p8e-"] -# Rule for GitHub Token [[rules]] -id = "github-token" -description = "GitHub Personal Access Token" -regex = '''ghp_[0-9A-Za-z]{36}''' -tags = ["github", "token"] +id = "age-secret-key" +description = "Discovered a potential Age encryption tool secret key, risking data decryption and unauthorized access to sensitive information." +regex = '''AGE-SECRET-KEY-1[QPZRY9X8GF2TVDW0S3JN54KHCE6MUA7L]{58}''' +keywords = ["age-secret-key-1"] -# Rule for Basic Authentication in URL [[rules]] -id = "basic-auth-url" -description = "Basic Authentication in URL" -regex = '''[a-zA-Z0-9]+:[a-zA-Z0-9]+@''' -tags = ["auth", "basic_auth", "url"] +id = "airtable-api-key" +description = "Uncovered a possible Airtable API Key, potentially compromising database access and leading to data leakage or alteration." +regex = '''(?i)[\w.-]{0,50}?(?:airtable)(?:[ \t\w.-]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:{1,3}=|\|\|:|<=|=>|:|\?=)(?:'|\"|\s|=|\x60){0,5}([a-z0-9]{17})(?:['|\"|\n|\r|\s|\x60|;]|$)''' +keywords = ["airtable"] -# Rule for Private Key [[rules]] -id = "private-key" -description = "Private Key" -regex = '''-----BEGIN (EC|RSA|DSA|OPENSSH|PGP|ENCRYPTED) PRIVATE KEY-----''' -tags = ["key", "private_key"] +id = "algolia-api-key" +description = "Identified an Algolia API Key, which could result in unauthorized search operations and data exposure on Algolia-managed platforms." +regex = '''(?i)[\w.-]{0,50}?(?:algolia)(?:[ \t\w.-]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:{1,3}=|\|\|:|<=|=>|:|\?=)(?:'|\"|\s|=|\x60){0,5}([a-z0-9]{32})(?:['|\"|\n|\r|\s|\x60|;]|$)''' +keywords = ["algolia"] + +[[rules]] +id = "alibaba-access-key-id" +description = "Detected an Alibaba Cloud AccessKey ID, posing a risk of unauthorized cloud resource access and potential data compromise." +regex = '''\b(LTAI(?i)[a-z0-9]{20})(?:['|\"|\n|\r|\s|\x60|;]|$)''' +entropy = 2 +keywords = ["ltai"] + +[[rules]] +id = "alibaba-secret-key" +description = "Discovered a potential Alibaba Cloud Secret Key, potentially allowing unauthorized operations and data access within Alibaba Cloud." +regex = '''(?i)[\w.-]{0,50}?(?:alibaba)(?:[ \t\w.-]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:{1,3}=|\|\|:|<=|=>|:|\?=)(?:'|\"|\s|=|\x60){0,5}([a-z0-9]{30})(?:['|\"|\n|\r|\s|\x60|;]|$)''' +entropy = 2 +keywords = ["alibaba"] + +[[rules]] +id = "asana-client-id" +description = "Discovered a potential Asana Client ID, risking unauthorized access to Asana projects and sensitive task information." +regex = '''(?i)[\w.-]{0,50}?(?:asana)(?:[ \t\w.-]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:{1,3}=|\|\|:|<=|=>|:|\?=)(?:'|\"|\s|=|\x60){0,5}([0-9]{16})(?:['|\"|\n|\r|\s|\x60|;]|$)''' +keywords = ["asana"] + +[[rules]] +id = "asana-client-secret" +description = "Identified an Asana Client Secret, which could lead to compromised project management integrity and unauthorized access." +regex = '''(?i)[\w.-]{0,50}?(?:asana)(?:[ \t\w.-]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:{1,3}=|\|\|:|<=|=>|:|\?=)(?:'|\"|\s|=|\x60){0,5}([a-z0-9]{32})(?:['|\"|\n|\r|\s|\x60|;]|$)''' +keywords = ["asana"] + +[[rules]] +id = "atlassian-api-token" +description = "Detected an Atlassian API token, posing a threat to project management and collaboration tool security and data confidentiality." +regex = '''[\w.-]{0,50}?(?i:[\w.-]{0,50}?(?:atlassian|confluence|jira)(?:[ \t\w.-]{0,20})(?:[\s|']|[\s|"]){0,3})(?:=|>|:{1,3}=|\|\|:|<=|=>|:|\?=)(?:'|\"|\s|=|\x60){0,5}([a-zA-Z0-9]{24})(?:['|\"|\n|\r|\s|\x60|;]|$)|\b(ATATT3[A-Za-z0-9_\-=]{186})(?:['|\"|\n|\r|\s|\x60|;]|$)''' +entropy = 3.5 +keywords = [ + "atlassian", + "confluence", + "jira", + "atatt3", +] + +[[rules]] +id = "authress-service-client-access-key" +description = "Uncovered a possible Authress Service Client Access Key, which may compromise access control services and sensitive data." +regex = '''\b((?:sc|ext|scauth|authress)_(?i)[a-z0-9]{5,30}\.[a-z0-9]{4,6}\.(?-i:acc)[_-][a-z0-9-]{10,32}\.[a-z0-9+/_=-]{30,120})(?:['|\"|\n|\r|\s|\x60|;]|$)''' +entropy = 2 +keywords = [ + "sc_", + "ext_", + "scauth_", + "authress_", +] + +[[rules]] +id = "aws-access-token" +description = "Identified a pattern that may indicate AWS credentials, risking unauthorized cloud resource access and data breaches on AWS platforms." +regex = '''\b((?:A3T[A-Z0-9]|AKIA|ASIA|ABIA|ACCA)[A-Z0-9]{16})\b''' +entropy = 3 +keywords = [ + "a3t", + "akia", + "asia", + "abia", + "acca", +] +# NOTE: Gitleaks >= v8.21.0 should use [[rules.allowlists] instead. +[rules.allowlist] +regexes = [ + '''.+EXAMPLE$''', +] + +[[rules]] +id = "azure-ad-client-secret" +description = "Azure AD Client Secret" +regex = '''(?:^|[\\'"\x60\s>=:(,)])([a-zA-Z0-9_~.]{3}\dQ~[a-zA-Z0-9_~.-]{31,34})(?:$|[\\'"\x60\s<),])''' +entropy = 3 +keywords = ["q~"] + +[[rules]] +id = "beamer-api-token" +description = "Detected a Beamer API token, potentially compromising content management and exposing sensitive notifications and updates." +regex = '''(?i)[\w.-]{0,50}?(?:beamer)(?:[ \t\w.-]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:{1,3}=|\|\|:|<=|=>|:|\?=)(?:'|\"|\s|=|\x60){0,5}(b_[a-z0-9=_\-]{44})(?:['|\"|\n|\r|\s|\x60|;]|$)''' +keywords = ["beamer"] + +[[rules]] +id = "bitbucket-client-id" +description = "Discovered a potential Bitbucket Client ID, risking unauthorized repository access and potential codebase exposure." +regex = '''(?i)[\w.-]{0,50}?(?:bitbucket)(?:[ \t\w.-]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:{1,3}=|\|\|:|<=|=>|:|\?=)(?:'|\"|\s|=|\x60){0,5}([a-z0-9]{32})(?:['|\"|\n|\r|\s|\x60|;]|$)''' +keywords = ["bitbucket"] + +[[rules]] +id = "bitbucket-client-secret" +description = "Discovered a potential Bitbucket Client Secret, posing a risk of compromised code repositories and unauthorized access." +regex = '''(?i)[\w.-]{0,50}?(?:bitbucket)(?:[ \t\w.-]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:{1,3}=|\|\|:|<=|=>|:|\?=)(?:'|\"|\s|=|\x60){0,5}([a-z0-9=_\-]{64})(?:['|\"|\n|\r|\s|\x60|;]|$)''' +keywords = ["bitbucket"] + +[[rules]] +id = "bittrex-access-key" +description = "Identified a Bittrex Access Key, which could lead to unauthorized access to cryptocurrency trading accounts and financial loss." +regex = '''(?i)[\w.-]{0,50}?(?:bittrex)(?:[ \t\w.-]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:{1,3}=|\|\|:|<=|=>|:|\?=)(?:'|\"|\s|=|\x60){0,5}([a-z0-9]{32})(?:['|\"|\n|\r|\s|\x60|;]|$)''' +keywords = ["bittrex"] + +[[rules]] +id = "bittrex-secret-key" +description = "Detected a Bittrex Secret Key, potentially compromising cryptocurrency transactions and financial security." +regex = '''(?i)[\w.-]{0,50}?(?:bittrex)(?:[ \t\w.-]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:{1,3}=|\|\|:|<=|=>|:|\?=)(?:'|\"|\s|=|\x60){0,5}([a-z0-9]{32})(?:['|\"|\n|\r|\s|\x60|;]|$)''' +keywords = ["bittrex"] + +[[rules]] +id = "clojars-api-token" +description = "Uncovered a possible Clojars API token, risking unauthorized access to Clojure libraries and potential code manipulation." +regex = '''(?i)CLOJARS_[a-z0-9]{60}''' +entropy = 2 +keywords = ["clojars_"] + +[[rules]] +id = "cloudflare-api-key" +description = "Detected a Cloudflare API Key, potentially compromising cloud application deployments and operational security." +regex = '''(?i)[\w.-]{0,50}?(?:cloudflare)(?:[ \t\w.-]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:{1,3}=|\|\|:|<=|=>|:|\?=)(?:'|\"|\s|=|\x60){0,5}([a-z0-9_-]{40})(?:['|\"|\n|\r|\s|\x60|;]|$)''' +entropy = 2 +keywords = ["cloudflare"] + +[[rules]] +id = "cloudflare-global-api-key" +description = "Detected a Cloudflare Global API Key, potentially compromising cloud application deployments and operational security." +regex = '''(?i)[\w.-]{0,50}?(?:cloudflare)(?:[ \t\w.-]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:{1,3}=|\|\|:|<=|=>|:|\?=)(?:'|\"|\s|=|\x60){0,5}([a-f0-9]{37})(?:['|\"|\n|\r|\s|\x60|;]|$)''' +entropy = 2 +keywords = ["cloudflare"] + +[[rules]] +id = "cloudflare-origin-ca-key" +description = "Detected a Cloudflare Origin CA Key, potentially compromising cloud application deployments and operational security." +regex = '''\b(v1\.0-[a-f0-9]{24}-[a-f0-9]{146})(?:['|\"|\n|\r|\s|\x60|;]|$)''' +entropy = 2 +keywords = [ + "cloudflare", + "v1.0-", +] + +[[rules]] +id = "codecov-access-token" +description = "Found a pattern resembling a Codecov Access Token, posing a risk of unauthorized access to code coverage reports and sensitive data." +regex = '''(?i)[\w.-]{0,50}?(?:codecov)(?:[ \t\w.-]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:{1,3}=|\|\|:|<=|=>|:|\?=)(?:'|\"|\s|=|\x60){0,5}([a-z0-9]{32})(?:['|\"|\n|\r|\s|\x60|;]|$)''' +keywords = ["codecov"] + +[[rules]] +id = "cohere-api-token" +description = "Identified a Cohere Token, posing a risk of unauthorized access to AI services and data manipulation." +regex = '''[\w.-]{0,50}?(?i:[\w.-]{0,50}?(?:cohere|CO_API_KEY)(?:[ \t\w.-]{0,20})(?:[\s|']|[\s|"]){0,3})(?:=|>|:{1,3}=|\|\|:|<=|=>|:|\?=)(?:'|\"|\s|=|\x60){0,5}([a-zA-Z0-9]{40})(?:['|\"|\n|\r|\s|\x60|;]|$)''' +entropy = 4 +keywords = [ + "cohere", + "co_api_key", +] + +[[rules]] +id = "coinbase-access-token" +description = "Detected a Coinbase Access Token, posing a risk of unauthorized access to cryptocurrency accounts and financial transactions." +regex = '''(?i)[\w.-]{0,50}?(?:coinbase)(?:[ \t\w.-]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:{1,3}=|\|\|:|<=|=>|:|\?=)(?:'|\"|\s|=|\x60){0,5}([a-z0-9_-]{64})(?:['|\"|\n|\r|\s|\x60|;]|$)''' +keywords = ["coinbase"] + +[[rules]] +id = "confluent-access-token" +description = "Identified a Confluent Access Token, which could compromise access to streaming data platforms and sensitive data flow." +regex = '''(?i)[\w.-]{0,50}?(?:confluent)(?:[ \t\w.-]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:{1,3}=|\|\|:|<=|=>|:|\?=)(?:'|\"|\s|=|\x60){0,5}([a-z0-9]{16})(?:['|\"|\n|\r|\s|\x60|;]|$)''' +keywords = ["confluent"] + +[[rules]] +id = "confluent-secret-key" +description = "Found a Confluent Secret Key, potentially risking unauthorized operations and data access within Confluent services." +regex = '''(?i)[\w.-]{0,50}?(?:confluent)(?:[ \t\w.-]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:{1,3}=|\|\|:|<=|=>|:|\?=)(?:'|\"|\s|=|\x60){0,5}([a-z0-9]{64})(?:['|\"|\n|\r|\s|\x60|;]|$)''' +keywords = ["confluent"] + +[[rules]] +id = "contentful-delivery-api-token" +description = "Discovered a Contentful delivery API token, posing a risk to content management systems and data integrity." +regex = '''(?i)[\w.-]{0,50}?(?:contentful)(?:[ \t\w.-]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:{1,3}=|\|\|:|<=|=>|:|\?=)(?:'|\"|\s|=|\x60){0,5}([a-z0-9=_\-]{43})(?:['|\"|\n|\r|\s|\x60|;]|$)''' +keywords = ["contentful"] + +[[rules]] +id = "curl-auth-header" +description = "Discovered a potential authorization token provided in a curl command header, which could compromise the curl accessed resource." +regex = '''\bcurl\b(?:.*?|.*?(?:[\r\n]{1,2}.*?){1,5})[ \t\n\r](?:-H|--header)(?:=|[ \t]{0,5})(?:"(?i)(?:Authorization:[ \t]{0,5}(?:Basic[ \t]([a-z0-9+/]{8,}={0,3})|(?:Bearer|(?:Api-)?Token)[ \t]([\w=~@.+/-]{8,})|([\w=~@.+/-]{8,}))|(?:(?:X-(?:[a-z]+-)?)?(?:Api-?)?(?:Key|Token)):[ \t]{0,5}([\w=~@.+/-]{8,}))"|'(?i)(?:Authorization:[ \t]{0,5}(?:Basic[ \t]([a-z0-9+/]{8,}={0,3})|(?:Bearer|(?:Api-)?Token)[ \t]([\w=~@.+/-]{8,})|([\w=~@.+/-]{8,}))|(?:(?:X-(?:[a-z]+-)?)?(?:Api-?)?(?:Key|Token)):[ \t]{0,5}([\w=~@.+/-]{8,}))')(?:\B|\s|\z)''' +entropy = 2.75 +keywords = ["curl"] + +[[rules]] +id = "curl-auth-user" +description = "Discovered a potential basic authorization token provided in a curl command, which could compromise the curl accessed resource." +regex = '''\bcurl\b(?:.*|.*(?:[\r\n]{1,2}.*){1,5})[ \t\n\r](?:-u|--user)(?:=|[ \t]{0,5})(?:"([^:"]{3,}:[^"]{3,})"|'([^:']{3,}:[^']{3,})'|((?:"[^"]{3,}"|'[^']{3,}'|[\w$@.-]+):(?:"[^"]{3,}"|'[^']{3,}'|[\w${}@.-]+)))(?:\s|\z)''' +entropy = 2 +keywords = ["curl"] +# NOTE: Gitleaks >= v8.21.0 should use [[rules.allowlists] instead. +[rules.allowlist] +regexes = [ + '''[^:]+:(change(it|me)|pass(word)?|pwd|test|token|\*+|x+)''', + '''['"]?<[^>]+>['"]?:['"]?<[^>]+>|<[^:]+:[^>]+>['"]?''', + '''[^:]+:\[[^]]+]''', + '''['"]?[^:]+['"]?:['"]?\$(\d|\w+|\{(\d|\w+)})['"]?''', + '''\$\([^)]+\):\$\([^)]+\)''', + '''['"]?\$?{{[^}]+}}['"]?:['"]?\$?{{[^}]+}}['"]?''', +] + +[[rules]] +id = "databricks-api-token" +description = "Uncovered a Databricks API token, which may compromise big data analytics platforms and sensitive data processing." +regex = '''\b(dapi[a-f0-9]{32}(?:-\d)?)(?:['|\"|\n|\r|\s|\x60|;]|$)''' +entropy = 3 +keywords = ["dapi"] + +[[rules]] +id = "datadog-access-token" +description = "Detected a Datadog Access Token, potentially risking monitoring and analytics data exposure and manipulation." +regex = '''(?i)[\w.-]{0,50}?(?:datadog)(?:[ \t\w.-]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:{1,3}=|\|\|:|<=|=>|:|\?=)(?:'|\"|\s|=|\x60){0,5}([a-z0-9]{40})(?:['|\"|\n|\r|\s|\x60|;]|$)''' +keywords = ["datadog"] + +[[rules]] +id = "defined-networking-api-token" +description = "Identified a Defined Networking API token, which could lead to unauthorized network operations and data breaches." +regex = '''(?i)[\w.-]{0,50}?(?:dnkey)(?:[ \t\w.-]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:{1,3}=|\|\|:|<=|=>|:|\?=)(?:'|\"|\s|=|\x60){0,5}(dnkey-[a-z0-9=_\-]{26}-[a-z0-9=_\-]{52})(?:['|\"|\n|\r|\s|\x60|;]|$)''' +keywords = ["dnkey"] + +[[rules]] +id = "digitalocean-access-token" +description = "Found a DigitalOcean OAuth Access Token, risking unauthorized cloud resource access and data compromise." +regex = '''\b(doo_v1_[a-f0-9]{64})(?:['|\"|\n|\r|\s|\x60|;]|$)''' +entropy = 3 +keywords = ["doo_v1_"] + +[[rules]] +id = "digitalocean-pat" +description = "Discovered a DigitalOcean Personal Access Token, posing a threat to cloud infrastructure security and data privacy." +regex = '''\b(dop_v1_[a-f0-9]{64})(?:['|\"|\n|\r|\s|\x60|;]|$)''' +entropy = 3 +keywords = ["dop_v1_"] + +[[rules]] +id = "digitalocean-refresh-token" +description = "Uncovered a DigitalOcean OAuth Refresh Token, which could allow prolonged unauthorized access and resource manipulation." +regex = '''(?i)\b(dor_v1_[a-f0-9]{64})(?:['|\"|\n|\r|\s|\x60|;]|$)''' +keywords = ["dor_v1_"] + +[[rules]] +id = "discord-api-token" +description = "Detected a Discord API key, potentially compromising communication channels and user data privacy on Discord." +regex = '''(?i)[\w.-]{0,50}?(?:discord)(?:[ \t\w.-]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:{1,3}=|\|\|:|<=|=>|:|\?=)(?:'|\"|\s|=|\x60){0,5}([a-f0-9]{64})(?:['|\"|\n|\r|\s|\x60|;]|$)''' +keywords = ["discord"] + +[[rules]] +id = "discord-client-id" +description = "Identified a Discord client ID, which may lead to unauthorized integrations and data exposure in Discord applications." +regex = '''(?i)[\w.-]{0,50}?(?:discord)(?:[ \t\w.-]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:{1,3}=|\|\|:|<=|=>|:|\?=)(?:'|\"|\s|=|\x60){0,5}([0-9]{18})(?:['|\"|\n|\r|\s|\x60|;]|$)''' +entropy = 2 +keywords = ["discord"] + +[[rules]] +id = "discord-client-secret" +description = "Discovered a potential Discord client secret, risking compromised Discord bot integrations and data leaks." +regex = '''(?i)[\w.-]{0,50}?(?:discord)(?:[ \t\w.-]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:{1,3}=|\|\|:|<=|=>|:|\?=)(?:'|\"|\s|=|\x60){0,5}([a-z0-9=_\-]{32})(?:['|\"|\n|\r|\s|\x60|;]|$)''' +entropy = 2 +keywords = ["discord"] + +[[rules]] +id = "doppler-api-token" +description = "Discovered a Doppler API token, posing a risk to environment and secrets management security." +regex = '''dp\.pt\.(?i)[a-z0-9]{43}''' +entropy = 2 +keywords = ["dp.pt."] + +[[rules]] +id = "droneci-access-token" +description = "Detected a Droneci Access Token, potentially compromising continuous integration and deployment workflows." +regex = '''(?i)[\w.-]{0,50}?(?:droneci)(?:[ \t\w.-]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:{1,3}=|\|\|:|<=|=>|:|\?=)(?:'|\"|\s|=|\x60){0,5}([a-z0-9]{32})(?:['|\"|\n|\r|\s|\x60|;]|$)''' +keywords = ["droneci"] + +[[rules]] +id = "dropbox-api-token" +description = "Identified a Dropbox API secret, which could lead to unauthorized file access and data breaches in Dropbox storage." +regex = '''(?i)[\w.-]{0,50}?(?:dropbox)(?:[ \t\w.-]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:{1,3}=|\|\|:|<=|=>|:|\?=)(?:'|\"|\s|=|\x60){0,5}([a-z0-9]{15})(?:['|\"|\n|\r|\s|\x60|;]|$)''' +keywords = ["dropbox"] + +[[rules]] +id = "dropbox-long-lived-api-token" +description = "Found a Dropbox long-lived API token, risking prolonged unauthorized access to cloud storage and sensitive data." +regex = '''(?i)[\w.-]{0,50}?(?:dropbox)(?:[ \t\w.-]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:{1,3}=|\|\|:|<=|=>|:|\?=)(?:'|\"|\s|=|\x60){0,5}([a-z0-9]{11}(AAAAAAAAAA)[a-z0-9\-_=]{43})(?:['|\"|\n|\r|\s|\x60|;]|$)''' +keywords = ["dropbox"] + +[[rules]] +id = "dropbox-short-lived-api-token" +description = "Discovered a Dropbox short-lived API token, posing a risk of temporary but potentially harmful data access and manipulation." +regex = '''(?i)[\w.-]{0,50}?(?:dropbox)(?:[ \t\w.-]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:{1,3}=|\|\|:|<=|=>|:|\?=)(?:'|\"|\s|=|\x60){0,5}(sl\.[a-z0-9\-=_]{135})(?:['|\"|\n|\r|\s|\x60|;]|$)''' +keywords = ["dropbox"] + +[[rules]] +id = "duffel-api-token" +description = "Uncovered a Duffel API token, which may compromise travel platform integrations and sensitive customer data." +regex = '''duffel_(?:test|live)_(?i)[a-z0-9_\-=]{43}''' +entropy = 2 +keywords = ["duffel_"] + +[[rules]] +id = "dynatrace-api-token" +description = "Detected a Dynatrace API token, potentially risking application performance monitoring and data exposure." +regex = '''dt0c01\.(?i)[a-z0-9]{24}\.[a-z0-9]{64}''' +entropy = 4 +keywords = ["dt0c01"] + +[[rules]] +id = "easypost-api-token" +description = "Identified an EasyPost API token, which could lead to unauthorized postal and shipment service access and data exposure." +regex = '''\bEZAK(?i)[a-z0-9]{54}\b''' +entropy = 2 +keywords = ["ezak"] + +[[rules]] +id = "easypost-test-api-token" +description = "Detected an EasyPost test API token, risking exposure of test environments and potentially sensitive shipment data." +regex = '''\bEZTK(?i)[a-z0-9]{54}\b''' +entropy = 2 +keywords = ["eztk"] + +[[rules]] +id = "etsy-access-token" +description = "Found an Etsy Access Token, potentially compromising Etsy shop management and customer data." +regex = '''(?i)[\w.-]{0,50}?(?:(?-i:ETSY|[Ee]tsy))(?:[ \t\w.-]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:{1,3}=|\|\|:|<=|=>|:|\?=)(?:'|\"|\s|=|\x60){0,5}([a-z0-9]{24})(?:['|\"|\n|\r|\s|\x60|;]|$)''' +entropy = 3 +keywords = ["etsy"] + +[[rules]] +id = "facebook-access-token" +description = "Discovered a Facebook Access Token, posing a risk of unauthorized access to Facebook accounts and personal data exposure." +regex = '''(?i)\b(\d{15,16}(\||%)[0-9a-z\-_]{27,40})(?:['|\"|\n|\r|\s|\x60|;]|$)''' +entropy = 3 + +[[rules]] +id = "facebook-page-access-token" +description = "Discovered a Facebook Page Access Token, posing a risk of unauthorized access to Facebook accounts and personal data exposure." +regex = '''\b(EAA[MC](?i)[a-z0-9]{100,})(?:['|\"|\n|\r|\s|\x60|;]|$)''' +entropy = 4 +keywords = [ + "eaam", + "eaac", +] + +[[rules]] +id = "facebook-secret" +description = "Discovered a Facebook Application secret, posing a risk of unauthorized access to Facebook accounts and personal data exposure." +regex = '''(?i)[\w.-]{0,50}?(?:facebook)(?:[ \t\w.-]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:{1,3}=|\|\|:|<=|=>|:|\?=)(?:'|\"|\s|=|\x60){0,5}([a-f0-9]{32})(?:['|\"|\n|\r|\s|\x60|;]|$)''' +entropy = 3 +keywords = ["facebook"] + +[[rules]] +id = "fastly-api-token" +description = "Uncovered a Fastly API key, which may compromise CDN and edge cloud services, leading to content delivery and security issues." +regex = '''(?i)[\w.-]{0,50}?(?:fastly)(?:[ \t\w.-]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:{1,3}=|\|\|:|<=|=>|:|\?=)(?:'|\"|\s|=|\x60){0,5}([a-z0-9=_\-]{32})(?:['|\"|\n|\r|\s|\x60|;]|$)''' +keywords = ["fastly"] + +[[rules]] +id = "finicity-api-token" +description = "Detected a Finicity API token, potentially risking financial data access and unauthorized financial operations." +regex = '''(?i)[\w.-]{0,50}?(?:finicity)(?:[ \t\w.-]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:{1,3}=|\|\|:|<=|=>|:|\?=)(?:'|\"|\s|=|\x60){0,5}([a-f0-9]{32})(?:['|\"|\n|\r|\s|\x60|;]|$)''' +keywords = ["finicity"] + +[[rules]] +id = "finicity-client-secret" +description = "Identified a Finicity Client Secret, which could lead to compromised financial service integrations and data breaches." +regex = '''(?i)[\w.-]{0,50}?(?:finicity)(?:[ \t\w.-]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:{1,3}=|\|\|:|<=|=>|:|\?=)(?:'|\"|\s|=|\x60){0,5}([a-z0-9]{20})(?:['|\"|\n|\r|\s|\x60|;]|$)''' +keywords = ["finicity"] + +[[rules]] +id = "finnhub-access-token" +description = "Found a Finnhub Access Token, risking unauthorized access to financial market data and analytics." +regex = '''(?i)[\w.-]{0,50}?(?:finnhub)(?:[ \t\w.-]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:{1,3}=|\|\|:|<=|=>|:|\?=)(?:'|\"|\s|=|\x60){0,5}([a-z0-9]{20})(?:['|\"|\n|\r|\s|\x60|;]|$)''' +keywords = ["finnhub"] + +[[rules]] +id = "flickr-access-token" +description = "Discovered a Flickr Access Token, posing a risk of unauthorized photo management and potential data leakage." +regex = '''(?i)[\w.-]{0,50}?(?:flickr)(?:[ \t\w.-]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:{1,3}=|\|\|:|<=|=>|:|\?=)(?:'|\"|\s|=|\x60){0,5}([a-z0-9]{32})(?:['|\"|\n|\r|\s|\x60|;]|$)''' +keywords = ["flickr"] + +[[rules]] +id = "flutterwave-encryption-key" +description = "Uncovered a Flutterwave Encryption Key, which may compromise payment processing and sensitive financial information." +regex = '''FLWSECK_TEST-(?i)[a-h0-9]{12}''' +entropy = 2 +keywords = ["flwseck_test"] + +[[rules]] +id = "flutterwave-public-key" +description = "Detected a Finicity Public Key, potentially exposing public cryptographic operations and integrations." +regex = '''FLWPUBK_TEST-(?i)[a-h0-9]{32}-X''' +entropy = 2 +keywords = ["flwpubk_test"] + +[[rules]] +id = "flutterwave-secret-key" +description = "Identified a Flutterwave Secret Key, risking unauthorized financial transactions and data breaches." +regex = '''FLWSECK_TEST-(?i)[a-h0-9]{32}-X''' +entropy = 2 +keywords = ["flwseck_test"] -# Rule for Database URL [[rules]] -id = "database-url" -description = "Database Connection String" -regex = '''(mongodb|postgres|mysql|redis|mssql|oracle|sqlite)://[^\\s:@]+:[^\\s:@]+@[^\\s:@]+:[0-9]+/[^\\s:@]+''' -tags = ["database", "connection_string"] +id = "flyio-access-token" +description = "Uncovered a Fly.io API key" +regex = '''\b((?:fo1_[\w-]{43}|fm1[ar]_[a-zA-Z0-9+\/]{100,}={0,3}|fm2_[a-zA-Z0-9+\/]{100,}={0,3}))(?:['|\"|\n|\r|\s|\x60|;]|$)''' +entropy = 4 +keywords = [ + "fo1_", + "fm1", + "fm2_", +] + +[[rules]] +id = "frameio-api-token" +description = "Found a Frame.io API token, potentially compromising video collaboration and project management." +regex = '''fio-u-(?i)[a-z0-9\-_=]{64}''' +keywords = ["fio-u-"] + +[[rules]] +id = "freshbooks-access-token" +description = "Discovered a Freshbooks Access Token, posing a risk to accounting software access and sensitive financial data exposure." +regex = '''(?i)[\w.-]{0,50}?(?:freshbooks)(?:[ \t\w.-]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:{1,3}=|\|\|:|<=|=>|:|\?=)(?:'|\"|\s|=|\x60){0,5}([a-z0-9]{64})(?:['|\"|\n|\r|\s|\x60|;]|$)''' +keywords = ["freshbooks"] + +[[rules]] +id = "gcp-api-key" +description = "Uncovered a GCP API key, which could lead to unauthorized access to Google Cloud services and data breaches." +regex = '''\b(AIza[\w-]{35})(?:['|\"|\n|\r|\s|\x60|;]|$)''' +entropy = 3 +keywords = ["aiza"] -# Rule for Generic API Key (alphanumeric 32+ chars) [[rules]] id = "generic-api-key" -description = "Generic API Key (alphanumeric, 32+ characters)" -regex = '''[A-Za-z0-9_]{32,}''' -tags = ["generic", "api_key"] +description = "Detected a Generic API Key, potentially exposing access to various services and sensitive operations." +regex = '''(?i)[\w.-]{0,50}?(?:access|auth|(?-i:[Aa]pi|API)|credential|creds|key|passwd|password|secret|token)(?:[ \t\w.-]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:{1,3}=|\|\|:|<=|=>|:|\?=)(?:'|\"|\s|=|\x60){0,5}([\w.=-]{10,150})(?:['|\"|\n|\r|\s|\x60|;]|$)''' +entropy = 3.5 +keywords = [ + "access", + "api", + "auth", + "key", + "credential", + "creds", + "passwd", + "password", + "secret", + "token", +] +# NOTE: Gitleaks >= v8.21.0 should use [[rules.allowlists] instead. +[rules.allowlist] +regexTarget = "match" +regexes = [ + '''(?i)(accessor|access[_.-]?id|api[_.-]?(version|id)|rapid|capital|[a-z0-9-]*?api[a-z0-9-]*?:jar:|author|X-MS-Exchange-Organization-Auth|Authentication-Results|(credentials?[_.-]?id|withCredentials)|(bucket|foreign|hot|natural|primary|schema|sequence)[_.-]?key|key[_.-]?(alias|board|code|ring|selector|size|stone|storetype|word|up|down|left|right)|key(store|tab)[_.-]?(file|path)|issuerkeyhash|(?-i:[DdMm]onkey|[DM]ONKEY)|keying|(secret)[_.-]?name|UserSecretsId|(api|credentials|token)[_.-]?(endpoint|ur[il])|public[_.-]?(key|token)|(key|token)[_.-]?file)''', +] +stopwords = [ + "000000", + "aaaaaa", + "about", + "abstract", + "academy", + "acces", + "account", + "act-", + "act.", + "act_", + "action", + "active", + "actively", + "activity", + "adapter", + "add-", + "add.", + "add_", + "add-on", + "addon", + "addres", + "admin", + "adobe", + "advanced", + "adventure", + "agent", + "agile", + "air-", + "air.", + "air_", + "ajax", + "akka", + "alert", + "alfred", + "algorithm", + "all-", + "all.", + "all_", + "alloy", + "alpha", + "amazon", + "amqp", + "analysi", + "analytic", + "analyzer", + "android", + "angular", + "angularj", + "animate", + "animation", + "another", + "ansible", + "answer", + "ant-", + "ant.", + "ant_", + "any-", + "any.", + "any_", + "apache", + "app-", + "app-", + "app.", + "app.", + "app_", + "app_", + "apple", + "arch", + "archive", + "archived", + "arduino", + "array", + "art-", + "art.", + "art_", + "article", + "asp-", + "asp.", + "asp_", + "asset", + "async", + "atom", + "attention", + "audio", + "audit", + "aura", + "auth", + "author", + "author", + "authorize", + "auto", + "automated", + "automatic", + "awesome", + "aws_", + "azure", + "back", + "backbone", + "backend", + "backup", + "bar-", + "bar.", + "bar_", + "base", + "based", + "bash", + "basic", + "batch", + "been", + "beer", + "behavior", + "being", + "benchmark", + "best", + "beta", + "better", + "big-", + "big.", + "big_", + "binary", + "binding", + "bit-", + "bit.", + "bit_", + "bitcoin", + "block", + "blog", + "board", + "book", + "bookmark", + "boost", + "boot", + "bootstrap", + "bosh", + "bot-", + "bot.", + "bot_", + "bower", + "box-", + "box.", + "box_", + "boxen", + "bracket", + "branch", + "bridge", + "browser", + "brunch", + "buffer", + "bug-", + "bug.", + "bug_", + "build", + "builder", + "building", + "buildout", + "buildpack", + "built", + "bundle", + "busines", + "but-", + "but.", + "but_", + "button", + "cache", + "caching", + "cakephp", + "calendar", + "call", + "camera", + "campfire", + "can-", + "can.", + "can_", + "canva", + "captcha", + "capture", + "card", + "carousel", + "case", + "cassandra", + "cat-", + "cat.", + "cat_", + "category", + "center", + "cento", + "challenge", + "change", + "changelog", + "channel", + "chart", + "chat", + "cheat", + "check", + "checker", + "chef", + "ches", + "chinese", + "chosen", + "chrome", + "ckeditor", + "clas", + "classe", + "classic", + "clean", + "cli-", + "cli.", + "cli_", + "client", + "client", + "clojure", + "clone", + "closure", + "cloud", + "club", + "cluster", + "cms-", + "cms_", + "coco", + "code", + "coding", + "coffee", + "color", + "combination", + "combo", + "command", + "commander", + "comment", + "commit", + "common", + "community", + "compas", + "compiler", + "complete", + "component", + "composer", + "computer", + "computing", + "con-", + "con.", + "con_", + "concept", + "conf", + "config", + "config", + "connect", + "connector", + "console", + "contact", + "container", + "contao", + "content", + "contest", + "context", + "control", + "convert", + "converter", + "conway'", + "cookbook", + "cookie", + "cool", + "copy", + "cordova", + "core", + "couchbase", + "couchdb", + "countdown", + "counter", + "course", + "craft", + "crawler", + "create", + "creating", + "creator", + "credential", + "crm-", + "crm.", + "crm_", + "cros", + "crud", + "csv-", + "csv.", + "csv_", + "cube", + "cucumber", + "cuda", + "current", + "currently", + "custom", + "daemon", + "dark", + "dart", + "dash", + "dashboard", + "data", + "database", + "date", + "day-", + "day.", + "day_", + "dead", + "debian", + "debug", + "debug", + "debugger", + "deck", + "define", + "del-", + "del.", + "del_", + "delete", + "demo", + "deploy", + "design", + "designer", + "desktop", + "detection", + "detector", + "dev-", + "dev.", + "dev_", + "develop", + "developer", + "device", + "devise", + "diff", + "digital", + "directive", + "directory", + "discovery", + "display", + "django", + "dns-", + "dns_", + "doc-", + "doc-", + "doc.", + "doc.", + "doc_", + "doc_", + "docker", + "docpad", + "doctrine", + "document", + "doe-", + "doe.", + "doe_", + "dojo", + "dom-", + "dom.", + "dom_", + "domain", + "done", + "don't", + "dot-", + "dot.", + "dot_", + "dotfile", + "download", + "draft", + "drag", + "drill", + "drive", + "driven", + "driver", + "drop", + "dropbox", + "drupal", + "dsl-", + "dsl.", + "dsl_", + "dynamic", + "easy", + "_ec2_", + "ecdsa", + "eclipse", + "edit", + "editing", + "edition", + "editor", + "element", + "emac", + "email", + "embed", + "embedded", + "ember", + "emitter", + "emulator", + "encoding", + "endpoint", + "engine", + "english", + "enhanced", + "entity", + "entry", + "env_", + "episode", + "erlang", + "error", + "espresso", + "event", + "evented", + "example", + "example", + "exchange", + "exercise", + "experiment", + "expire", + "exploit", + "explorer", + "export", + "exporter", + "expres", + "ext-", + "ext.", + "ext_", + "extended", + "extension", + "external", + "extra", + "extractor", + "fabric", + "facebook", + "factory", + "fake", + "fast", + "feature", + "feed", + "fewfwef", + "ffmpeg", + "field", + "file", + "filter", + "find", + "finder", + "firefox", + "firmware", + "first", + "fish", + "fix-", + "fix_", + "flash", + "flask", + "flat", + "flex", + "flexible", + "flickr", + "flow", + "fluent", + "fluentd", + "fluid", + "folder", + "font", + "force", + "foreman", + "fork", + "form", + "format", + "formatter", + "forum", + "foundry", + "framework", + "free", + "friend", + "friendly", + "front-end", + "frontend", + "ftp-", + "ftp.", + "ftp_", + "fuel", + "full", + "fun-", + "fun.", + "fun_", + "func", + "future", + "gaia", + "gallery", + "game", + "gateway", + "gem-", + "gem.", + "gem_", + "gen-", + "gen.", + "gen_", + "general", + "generator", + "generic", + "genetic", + "get-", + "get.", + "get_", + "getenv", + "getting", + "ghost", + "gist", + "git-", + "git.", + "git_", + "github", + "gitignore", + "gitlab", + "glas", + "gmail", + "gnome", + "gnu-", + "gnu.", + "gnu_", + "goal", + "golang", + "gollum", + "good", + "google", + "gpu-", + "gpu.", + "gpu_", + "gradle", + "grail", + "graph", + "graphic", + "great", + "grid", + "groovy", + "group", + "grunt", + "guard", + "gui-", + "gui.", + "gui_", + "guide", + "guideline", + "gulp", + "gwt-", + "gwt.", + "gwt_", + "hack", + "hackathon", + "hacker", + "hacking", + "hadoop", + "haml", + "handler", + "hardware", + "has-", + "has_", + "hash", + "haskell", + "have", + "haxe", + "hello", + "help", + "helper", + "here", + "hero", + "heroku", + "high", + "hipchat", + "history", + "home", + "homebrew", + "homepage", + "hook", + "host", + "hosting", + "hot-", + "hot.", + "hot_", + "house", + "how-", + "how.", + "how_", + "html", + "http", + "hub-", + "hub.", + "hub_", + "hubot", + "human", + "icon", + "ide-", + "ide.", + "ide_", + "idea", + "identity", + "idiomatic", + "image", + "impact", + "import", + "important", + "importer", + "impres", + "index", + "infinite", + "info", + "injection", + "inline", + "input", + "inside", + "inspector", + "instagram", + "install", + "installer", + "instant", + "intellij", + "interface", + "internet", + "interview", + "into", + "intro", + "ionic", + "iphone", + "ipython", + "irc-", + "irc_", + "iso-", + "iso.", + "iso_", + "issue", + "jade", + "jasmine", + "java", + "jbos", + "jekyll", + "jenkin", + "jetbrains", + "job-", + "job.", + "job_", + "joomla", + "jpa-", + "jpa.", + "jpa_", + "jquery", + "json", + "just", + "kafka", + "karma", + "kata", + "kernel", + "keyboard", + "kindle", + "kit-", + "kit.", + "kit_", + "kitchen", + "knife", + "koan", + "kohana", + "lab-", + "lab-", + "lab.", + "lab.", + "lab_", + "lab_", + "lambda", + "lamp", + "language", + "laravel", + "last", + "latest", + "latex", + "launcher", + "layer", + "layout", + "lazy", + "ldap", + "leaflet", + "league", + "learn", + "learning", + "led-", + "led.", + "led_", + "leetcode", + "les-", + "les.", + "les_", + "level", + "leveldb", + "lib-", + "lib.", + "lib_", + "librarie", + "library", + "license", + "life", + "liferay", + "light", + "lightbox", + "like", + "line", + "link", + "linked", + "linkedin", + "linux", + "lisp", + "list", + "lite", + "little", + "load", + "loader", + "local", + "location", + "lock", + "log-", + "log.", + "log_", + "logger", + "logging", + "logic", + "login", + "logstash", + "longer", + "look", + "love", + "lua-", + "lua.", + "lua_", + "mac-", + "mac.", + "mac_", + "machine", + "made", + "magento", + "magic", + "mail", + "make", + "maker", + "making", + "man-", + "man.", + "man_", + "manage", + "manager", + "manifest", + "manual", + "map-", + "map-", + "map.", + "map.", + "map_", + "map_", + "mapper", + "mapping", + "markdown", + "markup", + "master", + "math", + "matrix", + "maven", + "md5", + "mean", + "media", + "mediawiki", + "meetup", + "memcached", + "memory", + "menu", + "merchant", + "message", + "messaging", + "meta", + "metadata", + "meteor", + "method", + "metric", + "micro", + "middleman", + "migration", + "minecraft", + "miner", + "mini", + "minimal", + "mirror", + "mit-", + "mit.", + "mit_", + "mobile", + "mocha", + "mock", + "mod-", + "mod.", + "mod_", + "mode", + "model", + "modern", + "modular", + "module", + "modx", + "money", + "mongo", + "mongodb", + "mongoid", + "mongoose", + "monitor", + "monkey", + "more", + "motion", + "moved", + "movie", + "mozilla", + "mqtt", + "mule", + "multi", + "multiple", + "music", + "mustache", + "mvc-", + "mvc.", + "mvc_", + "mysql", + "nagio", + "name", + "native", + "need", + "neo-", + "neo.", + "neo_", + "nest", + "nested", + "net-", + "net.", + "net_", + "nette", + "network", + "new-", + "new-", + "new.", + "new.", + "new_", + "new_", + "next", + "nginx", + "ninja", + "nlp-", + "nlp.", + "nlp_", + "node", + "nodej", + "nosql", + "not-", + "not.", + "not_", + "note", + "notebook", + "notepad", + "notice", + "notifier", + "now-", + "now.", + "now_", + "number", + "oauth", + "object", + "objective", + "obsolete", + "ocaml", + "octopres", + "official", + "old-", + "old.", + "old_", + "onboard", + "online", + "only", + "open", + "opencv", + "opengl", + "openshift", + "openwrt", + "option", + "oracle", + "org-", + "org.", + "org_", + "origin", + "original", + "orm-", + "orm.", + "orm_", + "osx-", + "osx_", + "our-", + "our.", + "our_", + "out-", + "out.", + "out_", + "output", + "over", + "overview", + "own-", + "own.", + "own_", + "pack", + "package", + "packet", + "page", + "page", + "panel", + "paper", + "paperclip", + "para", + "parallax", + "parallel", + "parse", + "parser", + "parsing", + "particle", + "party", + "password", + "patch", + "path", + "pattern", + "payment", + "paypal", + "pdf-", + "pdf.", + "pdf_", + "pebble", + "people", + "perl", + "personal", + "phalcon", + "phoenix", + "phone", + "phonegap", + "photo", + "php-", + "php.", + "php_", + "physic", + "picker", + "pipeline", + "platform", + "play", + "player", + "please", + "plu-", + "plu.", + "plu_", + "plug-in", + "plugin", + "plupload", + "png-", + "png.", + "png_", + "poker", + "polyfill", + "polymer", + "pool", + "pop-", + "pop.", + "pop_", + "popcorn", + "popup", + "port", + "portable", + "portal", + "portfolio", + "post", + "power", + "powered", + "powerful", + "prelude", + "pretty", + "preview", + "principle", + "print", + "pro-", + "pro.", + "pro_", + "problem", + "proc", + "product", + "profile", + "profiler", + "program", + "progres", + "project", + "protocol", + "prototype", + "provider", + "proxy", + "public", + "pull", + "puppet", + "pure", + "purpose", + "push", + "pusher", + "pyramid", + "python", + "quality", + "query", + "queue", + "quick", + "rabbitmq", + "rack", + "radio", + "rail", + "railscast", + "random", + "range", + "raspberry", + "rdf-", + "rdf.", + "rdf_", + "react", + "reactive", + "read", + "reader", + "readme", + "ready", + "real", + "reality", + "real-time", + "realtime", + "recipe", + "recorder", + "red-", + "red.", + "red_", + "reddit", + "redi", + "redmine", + "reference", + "refinery", + "refresh", + "registry", + "related", + "release", + "remote", + "rendering", + "repo", + "report", + "request", + "require", + "required", + "requirej", + "research", + "resource", + "response", + "resque", + "rest", + "restful", + "resume", + "reveal", + "reverse", + "review", + "riak", + "rich", + "right", + "ring", + "robot", + "role", + "room", + "router", + "routing", + "rpc-", + "rpc.", + "rpc_", + "rpg-", + "rpg.", + "rpg_", + "rspec", + "ruby-", + "ruby.", + "ruby_", + "rule", + "run-", + "run.", + "run_", + "runner", + "running", + "runtime", + "rust", + "rvm-", + "rvm.", + "rvm_", + "salt", + "sample", + "sample", + "sandbox", + "sas-", + "sas.", + "sas_", + "sbt-", + "sbt.", + "sbt_", + "scala", + "scalable", + "scanner", + "schema", + "scheme", + "school", + "science", + "scraper", + "scratch", + "screen", + "script", + "scroll", + "scs-", + "scs.", + "scs_", + "sdk-", + "sdk.", + "sdk_", + "sdl-", + "sdl.", + "sdl_", + "search", + "secure", + "security", + "see-", + "see.", + "see_", + "seed", + "select", + "selector", + "selenium", + "semantic", + "sencha", + "send", + "sentiment", + "serie", + "server", + "service", + "session", + "set-", + "set.", + "set_", + "setting", + "setting", + "setup", + "sha1", + "sha2", + "sha256", + "share", + "shared", + "sharing", + "sheet", + "shell", + "shield", + "shipping", + "shop", + "shopify", + "shortener", + "should", + "show", + "showcase", + "side", + "silex", + "simple", + "simulator", + "single", + "site", + "skeleton", + "sketch", + "skin", + "slack", + "slide", + "slider", + "slim", + "small", + "smart", + "smtp", + "snake", + "snapshot", + "snippet", + "soap", + "social", + "socket", + "software", + "solarized", + "solr", + "solution", + "solver", + "some", + "soon", + "source", + "space", + "spark", + "spatial", + "spec", + "sphinx", + "spine", + "spotify", + "spree", + "spring", + "sprite", + "sql-", + "sql.", + "sql_", + "sqlite", + "ssh-", + "ssh.", + "ssh_", + "stack", + "staging", + "standard", + "stanford", + "start", + "started", + "starter", + "startup", + "stat", + "statamic", + "state", + "static", + "statistic", + "statsd", + "statu", + "steam", + "step", + "still", + "stm-", + "stm.", + "stm_", + "storage", + "store", + "storm", + "story", + "strategy", + "stream", + "streaming", + "string", + "stripe", + "structure", + "studio", + "study", + "stuff", + "style", + "sublime", + "sugar", + "suite", + "summary", + "super", + "support", + "supported", + "svg-", + "svg.", + "svg_", + "svn-", + "svn.", + "svn_", + "swagger", + "swift", + "switch", + "switcher", + "symfony", + "symphony", + "sync", + "synopsi", + "syntax", + "system", + "system", + "tab-", + "tab-", + "tab.", + "tab.", + "tab_", + "tab_", + "table", + "tag-", + "tag-", + "tag.", + "tag.", + "tag_", + "tag_", + "talk", + "target", + "task", + "tcp-", + "tcp.", + "tcp_", + "tdd-", + "tdd.", + "tdd_", + "team", + "tech", + "template", + "term", + "terminal", + "testing", + "tetri", + "text", + "textmate", + "theme", + "theory", + "three", + "thrift", + "time", + "timeline", + "timer", + "tiny", + "tinymce", + "tip-", + "tip.", + "tip_", + "title", + "todo", + "todomvc", + "token", + "tool", + "toolbox", + "toolkit", + "top-", + "top.", + "top_", + "tornado", + "touch", + "tower", + "tracker", + "tracking", + "traffic", + "training", + "transfer", + "translate", + "transport", + "tree", + "trello", + "try-", + "try.", + "try_", + "tumblr", + "tut-", + "tut.", + "tut_", + "tutorial", + "tweet", + "twig", + "twitter", + "type", + "typo", + "ubuntu", + "uiview", + "ultimate", + "under", + "unit", + "unity", + "universal", + "unix", + "update", + "updated", + "upgrade", + "upload", + "uploader", + "uri-", + "uri.", + "uri_", + "url-", + "url.", + "url_", + "usage", + "usb-", + "usb.", + "usb_", + "use-", + "use.", + "use_", + "used", + "useful", + "user", + "using", + "util", + "utilitie", + "utility", + "vagrant", + "validator", + "value", + "variou", + "varnish", + "version", + "via-", + "via.", + "via_", + "video", + "view", + "viewer", + "vim-", + "vim.", + "vim_", + "vimrc", + "virtual", + "vision", + "visual", + "vpn", + "want", + "warning", + "watch", + "watcher", + "wave", + "way-", + "way.", + "way_", + "weather", + "web-", + "web_", + "webapp", + "webgl", + "webhook", + "webkit", + "webrtc", + "website", + "websocket", + "welcome", + "welcome", + "what", + "what'", + "when", + "where", + "which", + "why-", + "why.", + "why_", + "widget", + "wifi", + "wiki", + "win-", + "win.", + "win_", + "window", + "wip-", + "wip.", + "wip_", + "within", + "without", + "wizard", + "word", + "wordpres", + "work", + "worker", + "workflow", + "working", + "workshop", + "world", + "wrapper", + "write", + "writer", + "writing", + "written", + "www-", + "www.", + "www_", + "xamarin", + "xcode", + "xml-", + "xml.", + "xml_", + "xmpp", + "xxxxxx", + "yahoo", + "yaml", + "yandex", + "yeoman", + "yet-", + "yet.", + "yet_", + "yii-", + "yii.", + "yii_", + "youtube", + "yui-", + "yui.", + "yui_", + "zend", + "zero", + "zip-", + "zip.", + "zip_", + "zsh-", + "zsh.", + "zsh_", +] + +[[rules]] +id = "github-app-token" +description = "Identified a GitHub App Token, which may compromise GitHub application integrations and source code security." +regex = '''(?:ghu|ghs)_[0-9a-zA-Z]{36}''' +entropy = 3 +keywords = [ + "ghu_", + "ghs_", +] +# NOTE: Gitleaks >= v8.21.0 should use [[rules.allowlists] instead. +[rules.allowlist] +paths = [ + '''(^|/)@octokit/auth-token/README\.md$''', +] + +[[rules]] +id = "github-fine-grained-pat" +description = "Found a GitHub Fine-Grained Personal Access Token, risking unauthorized repository access and code manipulation." +regex = '''github_pat_\w{82}''' +entropy = 3 +keywords = ["github_pat_"] + +[[rules]] +id = "github-oauth" +description = "Discovered a GitHub OAuth Access Token, posing a risk of compromised GitHub account integrations and data leaks." +regex = '''gho_[0-9a-zA-Z]{36}''' +entropy = 3 +keywords = ["gho_"] + +[[rules]] +id = "github-pat" +description = "Uncovered a GitHub Personal Access Token, potentially leading to unauthorized repository access and sensitive content exposure." +regex = '''ghp_[0-9a-zA-Z]{36}''' +entropy = 3 +keywords = ["ghp_"] +# NOTE: Gitleaks >= v8.21.0 should use [[rules.allowlists] instead. +[rules.allowlist] +paths = [ + '''(^|/)@octokit/auth-token/README\.md$''', +] + +[[rules]] +id = "github-refresh-token" +description = "Detected a GitHub Refresh Token, which could allow prolonged unauthorized access to GitHub services." +regex = '''ghr_[0-9a-zA-Z]{36}''' +entropy = 3 +keywords = ["ghr_"] + +[[rules]] +id = "gitlab-cicd-job-token" +description = "Identified a GitLab CI/CD Job Token, potential access to projects and some APIs on behalf of a user while the CI job is running." +regex = '''glcbt-[0-9a-zA-Z]{1,5}_[0-9a-zA-Z_-]{20}''' +entropy = 3 +keywords = ["glcbt-"] + +[[rules]] +id = "gitlab-deploy-token" +description = "Identified a GitLab Deploy Token, risking access to repositories, packages and containers with write access." +regex = '''gldt-[0-9a-zA-Z_\-]{20}''' +entropy = 3 +keywords = ["gldt-"] + +[[rules]] +id = "gitlab-feature-flag-client-token" +description = "Identified a GitLab feature flag client token, risks exposing user lists and features flags used by an application." +regex = '''glffct-[0-9a-zA-Z_\-]{20}''' +entropy = 3 +keywords = ["glffct-"] + +[[rules]] +id = "gitlab-feed-token" +description = "Identified a GitLab feed token, risking exposure of user data." +regex = '''glft-[0-9a-zA-Z_\-]{20}''' +entropy = 3 +keywords = ["glft-"] + +[[rules]] +id = "gitlab-incoming-mail-token" +description = "Identified a GitLab incoming mail token, risking manipulation of data sent by mail." +regex = '''glimt-[0-9a-zA-Z_\-]{25}''' +entropy = 3 +keywords = ["glimt-"] + +[[rules]] +id = "gitlab-kubernetes-agent-token" +description = "Identified a GitLab Kubernetes Agent token, risking access to repos and registry of projects connected via agent." +regex = '''glagent-[0-9a-zA-Z_\-]{50}''' +entropy = 3 +keywords = ["glagent-"] + +[[rules]] +id = "gitlab-oauth-app-secret" +description = "Identified a GitLab OIDC Application Secret, risking access to apps using GitLab as authentication provider." +regex = '''gloas-[0-9a-zA-Z_\-]{64}''' +entropy = 3 +keywords = ["gloas-"] + +[[rules]] +id = "gitlab-pat" +description = "Identified a GitLab Personal Access Token, risking unauthorized access to GitLab repositories and codebase exposure." +regex = '''glpat-[\w-]{20}''' +entropy = 3 +keywords = ["glpat-"] + +[[rules]] +id = "gitlab-ptt" +description = "Found a GitLab Pipeline Trigger Token, potentially compromising continuous integration workflows and project security." +regex = '''glptt-[0-9a-f]{40}''' +entropy = 3 +keywords = ["glptt-"] + +[[rules]] +id = "gitlab-rrt" +description = "Discovered a GitLab Runner Registration Token, posing a risk to CI/CD pipeline integrity and unauthorized access." +regex = '''GR1348941[\w-]{20}''' +entropy = 3 +keywords = ["gr1348941"] + +[[rules]] +id = "gitlab-runner-authentication-token" +description = "Discovered a GitLab Runner Authentication Token, posing a risk to CI/CD pipeline integrity and unauthorized access." +regex = '''glrt-[0-9a-zA-Z_\-]{20}''' +entropy = 3 +keywords = ["glrt-"] + +[[rules]] +id = "gitlab-scim-token" +description = "Discovered a GitLab SCIM Token, posing a risk to unauthorized access for a organization or instance." +regex = '''glsoat-[0-9a-zA-Z_\-]{20}''' +entropy = 3 +keywords = ["glsoat-"] + +[[rules]] +id = "gitlab-session-cookie" +description = "Discovered a GitLab Session Cookie, posing a risk to unauthorized access to a user account." +regex = '''_gitlab_session=[0-9a-z]{32}''' +entropy = 3 +keywords = ["_gitlab_session="] + +[[rules]] +id = "gitter-access-token" +description = "Uncovered a Gitter Access Token, which may lead to unauthorized access to chat and communication services." +regex = '''(?i)[\w.-]{0,50}?(?:gitter)(?:[ \t\w.-]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:{1,3}=|\|\|:|<=|=>|:|\?=)(?:'|\"|\s|=|\x60){0,5}([a-z0-9_-]{40})(?:['|\"|\n|\r|\s|\x60|;]|$)''' +keywords = ["gitter"] + +[[rules]] +id = "gocardless-api-token" +description = "Detected a GoCardless API token, potentially risking unauthorized direct debit payment operations and financial data exposure." +regex = '''(?i)[\w.-]{0,50}?(?:gocardless)(?:[ \t\w.-]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:{1,3}=|\|\|:|<=|=>|:|\?=)(?:'|\"|\s|=|\x60){0,5}(live_(?i)[a-z0-9\-_=]{40})(?:['|\"|\n|\r|\s|\x60|;]|$)''' +keywords = [ + "live_", + "gocardless", +] + +[[rules]] +id = "grafana-api-key" +description = "Identified a Grafana API key, which could compromise monitoring dashboards and sensitive data analytics." +regex = '''(?i)\b(eyJrIjoi[A-Za-z0-9]{70,400}={0,3})(?:['|\"|\n|\r|\s|\x60|;]|$)''' +entropy = 3 +keywords = ["eyjrijoi"] + +[[rules]] +id = "grafana-cloud-api-token" +description = "Found a Grafana cloud API token, risking unauthorized access to cloud-based monitoring services and data exposure." +regex = '''(?i)\b(glc_[A-Za-z0-9+/]{32,400}={0,3})(?:['|\"|\n|\r|\s|\x60|;]|$)''' +entropy = 3 +keywords = ["glc_"] + +[[rules]] +id = "grafana-service-account-token" +description = "Discovered a Grafana service account token, posing a risk of compromised monitoring services and data integrity." +regex = '''(?i)\b(glsa_[A-Za-z0-9]{32}_[A-Fa-f0-9]{8})(?:['|\"|\n|\r|\s|\x60|;]|$)''' +entropy = 3 +keywords = ["glsa_"] + +[[rules]] +id = "harness-api-key" +description = "Identified a Harness Access Token (PAT or SAT), risking unauthorized access to a Harness account." +regex = '''(?:pat|sat)\.[a-zA-Z0-9_-]{22}\.[a-zA-Z0-9]{24}\.[a-zA-Z0-9]{20}''' +keywords = [ + "pat.", + "sat.", +] + +[[rules]] +id = "hashicorp-tf-api-token" +description = "Uncovered a HashiCorp Terraform user/org API token, which may lead to unauthorized infrastructure management and security breaches." +regex = '''(?i)[a-z0-9]{14}\.(?-i:atlasv1)\.[a-z0-9\-_=]{60,70}''' +entropy = 3.5 +keywords = ["atlasv1"] + +[[rules]] +id = "hashicorp-tf-password" +description = "Identified a HashiCorp Terraform password field, risking unauthorized infrastructure configuration and security breaches." +regex = '''(?i)[\w.-]{0,50}?(?:administrator_login_password|password)(?:[ \t\w.-]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:{1,3}=|\|\|:|<=|=>|:|\?=)(?:'|\"|\s|=|\x60){0,5}("[a-z0-9=_\-]{8,20}")(?:['|\"|\n|\r|\s|\x60|;]|$)''' +path = '''(?i)\.(?:tf|hcl)$''' +entropy = 2 +keywords = [ + "administrator_login_password", + "password", +] -# Rule for Heroku API Key [[rules]] id = "heroku-api-key" -description = "Heroku API Key" -regex = '''(?i)heroku(.{0,20})?['\"][0-9a-fA-F]{32}['\"]''' -tags = ["heroku", "api_key"] +description = "Detected a Heroku API Key, potentially compromising cloud application deployments and operational security." +regex = '''(?i)[\w.-]{0,50}?(?:heroku)(?:[ \t\w.-]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:{1,3}=|\|\|:|<=|=>|:|\?=)(?:'|\"|\s|=|\x60){0,5}([0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12})(?:['|\"|\n|\r|\s|\x60|;]|$)''' +keywords = ["heroku"] + +[[rules]] +id = "hubspot-api-key" +description = "Found a HubSpot API Token, posing a risk to CRM data integrity and unauthorized marketing operations." +regex = '''(?i)[\w.-]{0,50}?(?:hubspot)(?:[ \t\w.-]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:{1,3}=|\|\|:|<=|=>|:|\?=)(?:'|\"|\s|=|\x60){0,5}([0-9A-F]{8}-[0-9A-F]{4}-[0-9A-F]{4}-[0-9A-F]{4}-[0-9A-F]{12})(?:['|\"|\n|\r|\s|\x60|;]|$)''' +keywords = ["hubspot"] + +[[rules]] +id = "huggingface-access-token" +description = "Discovered a Hugging Face Access token, which could lead to unauthorized access to AI models and sensitive data." +regex = '''\b(hf_(?i:[a-z]{34}))(?:['|\"|\n|\r|\s|\x60|;]|$)''' +entropy = 2 +keywords = ["hf_"] + +[[rules]] +id = "huggingface-organization-api-token" +description = "Uncovered a Hugging Face Organization API token, potentially compromising AI organization accounts and associated data." +regex = '''\b(api_org_(?i:[a-z]{34}))(?:['|\"|\n|\r|\s|\x60|;]|$)''' +entropy = 2 +keywords = ["api_org_"] + +[[rules]] +id = "infracost-api-token" +description = "Detected an Infracost API Token, risking unauthorized access to cloud cost estimation tools and financial data." +regex = '''\b(ico-[a-zA-Z0-9]{32})(?:['|\"|\n|\r|\s|\x60|;]|$)''' +entropy = 3 +keywords = ["ico-"] + +[[rules]] +id = "intercom-api-key" +description = "Identified an Intercom API Token, which could compromise customer communication channels and data privacy." +regex = '''(?i)[\w.-]{0,50}?(?:intercom)(?:[ \t\w.-]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:{1,3}=|\|\|:|<=|=>|:|\?=)(?:'|\"|\s|=|\x60){0,5}([a-z0-9=_\-]{60})(?:['|\"|\n|\r|\s|\x60|;]|$)''' +keywords = ["intercom"] -# Rule for Stripe API Key [[rules]] -id = "stripe-api-key" -description = "Stripe API Key" -regex = '''sk_live_[0-9a-zA-Z]{24}''' -tags = ["stripe", "api_key"] +id = "intra42-client-secret" +description = "Found a Intra42 client secret, which could lead to unauthorized access to the 42School API and sensitive data." +regex = '''\b(s-s4t2(?:ud|af)-(?i)[abcdef0123456789]{64})(?:['|\"|\n|\r|\s|\x60|;]|$)''' +entropy = 3 +keywords = [ + "intra", + "s-s4t2ud-", + "s-s4t2af-", +] + +[[rules]] +id = "jfrog-api-key" +description = "Found a JFrog API Key, posing a risk of unauthorized access to software artifact repositories and build pipelines." +regex = '''(?i)[\w.-]{0,50}?(?:jfrog|artifactory|bintray|xray)(?:[ \t\w.-]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:{1,3}=|\|\|:|<=|=>|:|\?=)(?:'|\"|\s|=|\x60){0,5}([a-z0-9]{73})(?:['|\"|\n|\r|\s|\x60|;]|$)''' +keywords = [ + "jfrog", + "artifactory", + "bintray", + "xray", +] + +[[rules]] +id = "jfrog-identity-token" +description = "Discovered a JFrog Identity Token, potentially compromising access to JFrog services and sensitive software artifacts." +regex = '''(?i)[\w.-]{0,50}?(?:jfrog|artifactory|bintray|xray)(?:[ \t\w.-]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:{1,3}=|\|\|:|<=|=>|:|\?=)(?:'|\"|\s|=|\x60){0,5}([a-z0-9]{64})(?:['|\"|\n|\r|\s|\x60|;]|$)''' +keywords = [ + "jfrog", + "artifactory", + "bintray", + "xray", +] + +[[rules]] +id = "jwt" +description = "Uncovered a JSON Web Token, which may lead to unauthorized access to web applications and sensitive user data." +regex = '''\b(ey[a-zA-Z0-9]{17,}\.ey[a-zA-Z0-9\/\\_-]{17,}\.(?:[a-zA-Z0-9\/\\_-]{10,}={0,2})?)(?:['|\"|\n|\r|\s|\x60|;]|$)''' +entropy = 3 +keywords = ["ey"] + +[[rules]] +id = "jwt-base64" +description = "Detected a Base64-encoded JSON Web Token, posing a risk of exposing encoded authentication and data exchange information." +regex = '''\bZXlK(?:(?PaGJHY2lPaU)|(?PaGNIVWlPaU)|(?PaGNIWWlPaU)|(?PaGRXUWlPaU)|(?PaU5qUWlP)|(?PamNtbDBJanBi)|(?PamRIa2lPaU)|(?PbGNHc2lPbn)|(?PbGJtTWlPaU)|(?PcWEzVWlPaU)|(?PcWQyc2lPb)|(?PcGMzTWlPaU)|(?PcGRpSTZJ)|(?PcmFXUWlP)|(?PclpYbGZiM0J6SWpwY)|(?PcmRIa2lPaUp)|(?PdWIyNWpaU0k2)|(?Pd01tTWlP)|(?Pd01uTWlPaU)|(?Pd2NIUWlPaU)|(?PemRXSWlPaU)|(?PemRuUWlP)|(?PMFlXY2lPaU)|(?PMGVYQWlPaUp)|(?PMWNtd2l)|(?PMWMyVWlPaUp)|(?PMlpYSWlPaU)|(?PMlpYSnphVzl1SWpv)|(?PNElqb2)|(?PNE5XTWlP)|(?PNE5YUWlPaU)|(?PNE5YUWpVekkxTmlJNkl)|(?PNE5YVWlPaU)|(?PNmFYQWlPaU))[a-zA-Z0-9\/\\_+\-\r\n]{40,}={0,2}''' +entropy = 2 +keywords = ["zxlk"] + +[[rules]] +id = "kraken-access-token" +description = "Identified a Kraken Access Token, potentially compromising cryptocurrency trading accounts and financial security." +regex = '''(?i)[\w.-]{0,50}?(?:kraken)(?:[ \t\w.-]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:{1,3}=|\|\|:|<=|=>|:|\?=)(?:'|\"|\s|=|\x60){0,5}([a-z0-9\/=_\+\-]{80,90})(?:['|\"|\n|\r|\s|\x60|;]|$)''' +keywords = ["kraken"] + +[[rules]] +id = "kubernetes-secret-yaml" +description = "Possible Kubernetes Secret detected, posing a risk of leaking credentials/tokens from your deployments" +regex = '''(?i)(?:\bkind:[ \t]*["']?secret["']?(?:.|\s){0,200}?\bdata:(?:.|\s){0,100}?\s+([\w.-]+:(?:[ \t]*(?:\||>[-+]?)\s+)?[ \t]*(?:["']?[a-z0-9+/]{10,}={0,3}["']?|\{\{[ \t\w"|$:=,.-]+}}|""|''))|\bdata:(?:.|\s){0,100}?\s+([\w.-]+:(?:[ \t]*(?:\||>[-+]?)\s+)?[ \t]*(?:["']?[a-z0-9+/]{10,}={0,3}["']?|\{\{[ \t\w"|$:=,.-]+}}|""|''))(?:.|\s){0,200}?\bkind:[ \t]*["']?secret["']?)''' +path = '''(?i)\.ya?ml$''' +keywords = ["secret"] +# NOTE: Gitleaks >= v8.21.0 should use [[rules.allowlists] instead. +[rules.allowlist] +regexes = [ + '''[\w.-]+:(?:[ \t]*(?:\||>[-+]?)\s+)?[ \t]*(?:\{\{[ \t\w"|$:=,.-]+}}|""|'')''', +] + +[[rules]] +id = "kucoin-access-token" +description = "Found a Kucoin Access Token, risking unauthorized access to cryptocurrency exchange services and transactions." +regex = '''(?i)[\w.-]{0,50}?(?:kucoin)(?:[ \t\w.-]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:{1,3}=|\|\|:|<=|=>|:|\?=)(?:'|\"|\s|=|\x60){0,5}([a-f0-9]{24})(?:['|\"|\n|\r|\s|\x60|;]|$)''' +keywords = ["kucoin"] + +[[rules]] +id = "kucoin-secret-key" +description = "Discovered a Kucoin Secret Key, which could lead to compromised cryptocurrency operations and financial data breaches." +regex = '''(?i)[\w.-]{0,50}?(?:kucoin)(?:[ \t\w.-]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:{1,3}=|\|\|:|<=|=>|:|\?=)(?:'|\"|\s|=|\x60){0,5}([0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12})(?:['|\"|\n|\r|\s|\x60|;]|$)''' +keywords = ["kucoin"] + +[[rules]] +id = "launchdarkly-access-token" +description = "Uncovered a Launchdarkly Access Token, potentially compromising feature flag management and application functionality." +regex = '''(?i)[\w.-]{0,50}?(?:launchdarkly)(?:[ \t\w.-]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:{1,3}=|\|\|:|<=|=>|:|\?=)(?:'|\"|\s|=|\x60){0,5}([a-z0-9=_\-]{40})(?:['|\"|\n|\r|\s|\x60|;]|$)''' +keywords = ["launchdarkly"] + +[[rules]] +id = "linear-api-key" +description = "Detected a Linear API Token, posing a risk to project management tools and sensitive task data." +regex = '''lin_api_(?i)[a-z0-9]{40}''' +entropy = 2 +keywords = ["lin_api_"] + +[[rules]] +id = "linear-client-secret" +description = "Identified a Linear Client Secret, which may compromise secure integrations and sensitive project management data." +regex = '''(?i)[\w.-]{0,50}?(?:linear)(?:[ \t\w.-]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:{1,3}=|\|\|:|<=|=>|:|\?=)(?:'|\"|\s|=|\x60){0,5}([a-f0-9]{32})(?:['|\"|\n|\r|\s|\x60|;]|$)''' +entropy = 2 +keywords = ["linear"] + +[[rules]] +id = "linkedin-client-id" +description = "Found a LinkedIn Client ID, risking unauthorized access to LinkedIn integrations and professional data exposure." +regex = '''(?i)[\w.-]{0,50}?(?:linked[_-]?in)(?:[ \t\w.-]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:{1,3}=|\|\|:|<=|=>|:|\?=)(?:'|\"|\s|=|\x60){0,5}([a-z0-9]{14})(?:['|\"|\n|\r|\s|\x60|;]|$)''' +entropy = 2 +keywords = [ + "linkedin", + "linked_in", + "linked-in", +] + +[[rules]] +id = "linkedin-client-secret" +description = "Discovered a LinkedIn Client secret, potentially compromising LinkedIn application integrations and user data." +regex = '''(?i)[\w.-]{0,50}?(?:linked[_-]?in)(?:[ \t\w.-]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:{1,3}=|\|\|:|<=|=>|:|\?=)(?:'|\"|\s|=|\x60){0,5}([a-z0-9]{16})(?:['|\"|\n|\r|\s|\x60|;]|$)''' +entropy = 2 +keywords = [ + "linkedin", + "linked_in", + "linked-in", +] + +[[rules]] +id = "lob-api-key" +description = "Uncovered a Lob API Key, which could lead to unauthorized access to mailing and address verification services." +regex = '''(?i)[\w.-]{0,50}?(?:lob)(?:[ \t\w.-]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:{1,3}=|\|\|:|<=|=>|:|\?=)(?:'|\"|\s|=|\x60){0,5}((live|test)_[a-f0-9]{35})(?:['|\"|\n|\r|\s|\x60|;]|$)''' +keywords = [ + "test_", + "live_", +] + +[[rules]] +id = "lob-pub-api-key" +description = "Detected a Lob Publishable API Key, posing a risk of exposing mail and print service integrations." +regex = '''(?i)[\w.-]{0,50}?(?:lob)(?:[ \t\w.-]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:{1,3}=|\|\|:|<=|=>|:|\?=)(?:'|\"|\s|=|\x60){0,5}((test|live)_pub_[a-f0-9]{31})(?:['|\"|\n|\r|\s|\x60|;]|$)''' +keywords = [ + "test_pub", + "live_pub", + "_pub", +] + +[[rules]] +id = "mailchimp-api-key" +description = "Identified a Mailchimp API key, potentially compromising email marketing campaigns and subscriber data." +regex = '''(?i)[\w.-]{0,50}?(?:MailchimpSDK.initialize|mailchimp)(?:[ \t\w.-]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:{1,3}=|\|\|:|<=|=>|:|\?=)(?:'|\"|\s|=|\x60){0,5}([a-f0-9]{32}-us\d\d)(?:['|\"|\n|\r|\s|\x60|;]|$)''' +keywords = ["mailchimp"] + +[[rules]] +id = "mailgun-private-api-token" +description = "Found a Mailgun private API token, risking unauthorized email service operations and data breaches." +regex = '''(?i)[\w.-]{0,50}?(?:mailgun)(?:[ \t\w.-]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:{1,3}=|\|\|:|<=|=>|:|\?=)(?:'|\"|\s|=|\x60){0,5}(key-[a-f0-9]{32})(?:['|\"|\n|\r|\s|\x60|;]|$)''' +keywords = ["mailgun"] + +[[rules]] +id = "mailgun-pub-key" +description = "Discovered a Mailgun public validation key, which could expose email verification processes and associated data." +regex = '''(?i)[\w.-]{0,50}?(?:mailgun)(?:[ \t\w.-]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:{1,3}=|\|\|:|<=|=>|:|\?=)(?:'|\"|\s|=|\x60){0,5}(pubkey-[a-f0-9]{32})(?:['|\"|\n|\r|\s|\x60|;]|$)''' +keywords = ["mailgun"] + +[[rules]] +id = "mailgun-signing-key" +description = "Uncovered a Mailgun webhook signing key, potentially compromising email automation and data integrity." +regex = '''(?i)[\w.-]{0,50}?(?:mailgun)(?:[ \t\w.-]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:{1,3}=|\|\|:|<=|=>|:|\?=)(?:'|\"|\s|=|\x60){0,5}([a-h0-9]{32}-[a-h0-9]{8}-[a-h0-9]{8})(?:['|\"|\n|\r|\s|\x60|;]|$)''' +keywords = ["mailgun"] + +[[rules]] +id = "mapbox-api-token" +description = "Detected a MapBox API token, posing a risk to geospatial services and sensitive location data exposure." +regex = '''(?i)[\w.-]{0,50}?(?:mapbox)(?:[ \t\w.-]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:{1,3}=|\|\|:|<=|=>|:|\?=)(?:'|\"|\s|=|\x60){0,5}(pk\.[a-z0-9]{60}\.[a-z0-9]{22})(?:['|\"|\n|\r|\s|\x60|;]|$)''' +keywords = ["mapbox"] + +[[rules]] +id = "mattermost-access-token" +description = "Identified a Mattermost Access Token, which may compromise team communication channels and data privacy." +regex = '''(?i)[\w.-]{0,50}?(?:mattermost)(?:[ \t\w.-]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:{1,3}=|\|\|:|<=|=>|:|\?=)(?:'|\"|\s|=|\x60){0,5}([a-z0-9]{26})(?:['|\"|\n|\r|\s|\x60|;]|$)''' +keywords = ["mattermost"] + +[[rules]] +id = "messagebird-api-token" +description = "Found a MessageBird API token, risking unauthorized access to communication platforms and message data." +regex = '''(?i)[\w.-]{0,50}?(?:message[_-]?bird)(?:[ \t\w.-]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:{1,3}=|\|\|:|<=|=>|:|\?=)(?:'|\"|\s|=|\x60){0,5}([a-z0-9]{25})(?:['|\"|\n|\r|\s|\x60|;]|$)''' +keywords = [ + "messagebird", + "message-bird", + "message_bird", +] + +[[rules]] +id = "messagebird-client-id" +description = "Discovered a MessageBird client ID, potentially compromising API integrations and sensitive communication data." +regex = '''(?i)[\w.-]{0,50}?(?:message[_-]?bird)(?:[ \t\w.-]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:{1,3}=|\|\|:|<=|=>|:|\?=)(?:'|\"|\s|=|\x60){0,5}([0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12})(?:['|\"|\n|\r|\s|\x60|;]|$)''' +keywords = [ + "messagebird", + "message-bird", + "message_bird", +] + +[[rules]] +id = "microsoft-teams-webhook" +description = "Uncovered a Microsoft Teams Webhook, which could lead to unauthorized access to team collaboration tools and data leaks." +regex = '''https://[a-z0-9]+\.webhook\.office\.com/webhookb2/[a-z0-9]{8}-([a-z0-9]{4}-){3}[a-z0-9]{12}@[a-z0-9]{8}-([a-z0-9]{4}-){3}[a-z0-9]{12}/IncomingWebhook/[a-z0-9]{32}/[a-z0-9]{8}-([a-z0-9]{4}-){3}[a-z0-9]{12}''' +keywords = [ + "webhook.office.com", + "webhookb2", + "incomingwebhook", +] + +[[rules]] +id = "netlify-access-token" +description = "Detected a Netlify Access Token, potentially compromising web hosting services and site management." +regex = '''(?i)[\w.-]{0,50}?(?:netlify)(?:[ \t\w.-]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:{1,3}=|\|\|:|<=|=>|:|\?=)(?:'|\"|\s|=|\x60){0,5}([a-z0-9=_\-]{40,46})(?:['|\"|\n|\r|\s|\x60|;]|$)''' +keywords = ["netlify"] + +[[rules]] +id = "new-relic-browser-api-token" +description = "Identified a New Relic ingest browser API token, risking unauthorized access to application performance data and analytics." +regex = '''(?i)[\w.-]{0,50}?(?:new-relic|newrelic|new_relic)(?:[ \t\w.-]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:{1,3}=|\|\|:|<=|=>|:|\?=)(?:'|\"|\s|=|\x60){0,5}(NRJS-[a-f0-9]{19})(?:['|\"|\n|\r|\s|\x60|;]|$)''' +keywords = ["nrjs-"] + +[[rules]] +id = "new-relic-insert-key" +description = "Discovered a New Relic insight insert key, compromising data injection into the platform." +regex = '''(?i)[\w.-]{0,50}?(?:new-relic|newrelic|new_relic)(?:[ \t\w.-]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:{1,3}=|\|\|:|<=|=>|:|\?=)(?:'|\"|\s|=|\x60){0,5}(NRII-[a-z0-9-]{32})(?:['|\"|\n|\r|\s|\x60|;]|$)''' +keywords = ["nrii-"] + +[[rules]] +id = "new-relic-user-api-id" +description = "Found a New Relic user API ID, posing a risk to application monitoring services and data integrity." +regex = '''(?i)[\w.-]{0,50}?(?:new-relic|newrelic|new_relic)(?:[ \t\w.-]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:{1,3}=|\|\|:|<=|=>|:|\?=)(?:'|\"|\s|=|\x60){0,5}([a-z0-9]{64})(?:['|\"|\n|\r|\s|\x60|;]|$)''' +keywords = [ + "new-relic", + "newrelic", + "new_relic", +] + +[[rules]] +id = "new-relic-user-api-key" +description = "Discovered a New Relic user API Key, which could lead to compromised application insights and performance monitoring." +regex = '''(?i)[\w.-]{0,50}?(?:new-relic|newrelic|new_relic)(?:[ \t\w.-]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:{1,3}=|\|\|:|<=|=>|:|\?=)(?:'|\"|\s|=|\x60){0,5}(NRAK-[a-z0-9]{27})(?:['|\"|\n|\r|\s|\x60|;]|$)''' +keywords = ["nrak"] + +[[rules]] +id = "npm-access-token" +description = "Uncovered an npm access token, potentially compromising package management and code repository access." +regex = '''(?i)\b(npm_[a-z0-9]{36})(?:['|\"|\n|\r|\s|\x60|;]|$)''' +entropy = 2 +keywords = ["npm_"] + +[[rules]] +id = "nuget-config-password" +description = "Identified a password within a Nuget config file, potentially compromising package management access." +regex = '''(?i)''' +path = '''(?i)nuget\.config$''' +entropy = 1 +keywords = ["|:{1,3}=|\|\|:|<=|=>|:|\?=)(?:'|\"|\s|=|\x60){0,5}([a-z0-9=_\-]{32})(?:['|\"|\n|\r|\s|\x60|;]|$)''' +keywords = [ + "nytimes", + "new-york-times", + "newyorktimes", +] + +[[rules]] +id = "octopus-deploy-api-key" +description = "Discovered a potential Octopus Deploy API key, risking application deployments and operational security." +regex = '''\b(API-[A-Z0-9]{26})(?:['|\"|\n|\r|\s|\x60|;]|$)''' +entropy = 3 +keywords = ["api-"] + +[[rules]] +id = "okta-access-token" +description = "Identified an Okta Access Token, which may compromise identity management services and user authentication data." +regex = '''[\w.-]{0,50}?(?i:[\w.-]{0,50}?(?:(?-i:[Oo]kta|OKTA))(?:[ \t\w.-]{0,20})(?:[\s|']|[\s|"]){0,3})(?:=|>|:{1,3}=|\|\|:|<=|=>|:|\?=)(?:'|\"|\s|=|\x60){0,5}(00[\w=\-]{40})(?:['|\"|\n|\r|\s|\x60|;]|$)''' +entropy = 4 +keywords = ["okta"] + +[[rules]] +id = "openai-api-key" +description = "Found an OpenAI API Key, posing a risk of unauthorized access to AI services and data manipulation." +regex = '''\b(sk-[a-zA-Z0-9]{20}T3BlbkFJ[a-zA-Z0-9]{20})(?:['|\"|\n|\r|\s|\x60|;]|$)''' +entropy = 3 +keywords = ["t3blbkfj"] + +[[rules]] +id = "openshift-user-token" +description = "Found an OpenShift user token, potentially compromising an OpenShift/Kubernetes cluster." +regex = '''\b(sha256~[\w-]{43})(?:[^\w-]|\z)''' +entropy = 3.5 +keywords = ["sha256~"] + +[[rules]] +id = "plaid-api-token" +description = "Discovered a Plaid API Token, potentially compromising financial data aggregation and banking services." +regex = '''(?i)[\w.-]{0,50}?(?:plaid)(?:[ \t\w.-]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:{1,3}=|\|\|:|<=|=>|:|\?=)(?:'|\"|\s|=|\x60){0,5}(access-(?:sandbox|development|production)-[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12})(?:['|\"|\n|\r|\s|\x60|;]|$)''' +keywords = ["plaid"] + +[[rules]] +id = "plaid-client-id" +description = "Uncovered a Plaid Client ID, which could lead to unauthorized financial service integrations and data breaches." +regex = '''(?i)[\w.-]{0,50}?(?:plaid)(?:[ \t\w.-]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:{1,3}=|\|\|:|<=|=>|:|\?=)(?:'|\"|\s|=|\x60){0,5}([a-z0-9]{24})(?:['|\"|\n|\r|\s|\x60|;]|$)''' +entropy = 3.5 +keywords = ["plaid"] + +[[rules]] +id = "plaid-secret-key" +description = "Detected a Plaid Secret key, risking unauthorized access to financial accounts and sensitive transaction data." +regex = '''(?i)[\w.-]{0,50}?(?:plaid)(?:[ \t\w.-]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:{1,3}=|\|\|:|<=|=>|:|\?=)(?:'|\"|\s|=|\x60){0,5}([a-z0-9]{30})(?:['|\"|\n|\r|\s|\x60|;]|$)''' +entropy = 3.5 +keywords = ["plaid"] + +[[rules]] +id = "planetscale-api-token" +description = "Identified a PlanetScale API token, potentially compromising database management and operations." +regex = '''\b(pscale_tkn_(?i)[\w=\.-]{32,64})(?:['|\"|\n|\r|\s|\x60|;]|$)''' +entropy = 3 +keywords = ["pscale_tkn_"] + +[[rules]] +id = "planetscale-oauth-token" +description = "Found a PlanetScale OAuth token, posing a risk to database access control and sensitive data integrity." +regex = '''\b(pscale_oauth_[\w=\.-]{32,64})(?:['|\"|\n|\r|\s|\x60|;]|$)''' +entropy = 3 +keywords = ["pscale_oauth_"] + +[[rules]] +id = "planetscale-password" +description = "Discovered a PlanetScale password, which could lead to unauthorized database operations and data breaches." +regex = '''(?i)\b(pscale_pw_(?i)[\w=\.-]{32,64})(?:['|\"|\n|\r|\s|\x60|;]|$)''' +entropy = 3 +keywords = ["pscale_pw_"] + +[[rules]] +id = "postman-api-token" +description = "Uncovered a Postman API token, potentially compromising API testing and development workflows." +regex = '''\b(PMAK-(?i)[a-f0-9]{24}\-[a-f0-9]{34})(?:['|\"|\n|\r|\s|\x60|;]|$)''' +entropy = 3 +keywords = ["pmak-"] + +[[rules]] +id = "prefect-api-token" +description = "Detected a Prefect API token, risking unauthorized access to workflow management and automation services." +regex = '''\b(pnu_[a-zA-Z0-9]{36})(?:['|\"|\n|\r|\s|\x60|;]|$)''' +entropy = 2 +keywords = ["pnu_"] + +[[rules]] +id = "private-key" +description = "Identified a Private Key, which may compromise cryptographic security and sensitive data encryption." +regex = '''(?i)-----BEGIN[ A-Z0-9_-]{0,100}PRIVATE KEY(?: BLOCK)?-----[\s\S-]*?KEY(?: BLOCK)?-----''' +keywords = ["-----begin"] + +[[rules]] +id = "privateai-api-token" +description = "Identified a PrivateAI Token, posing a risk of unauthorized access to AI services and data manipulation." +regex = '''[\w.-]{0,50}?(?i:[\w.-]{0,50}?(?:private[_-]?ai)(?:[ \t\w.-]{0,20})(?:[\s|']|[\s|"]){0,3})(?:=|>|:{1,3}=|\|\|:|<=|=>|:|\?=)(?:'|\"|\s|=|\x60){0,5}([a-z0-9]{32})(?:['|\"|\n|\r|\s|\x60|;]|$)''' +entropy = 3 +keywords = [ + "privateai", + "private_ai", + "private-ai", +] + +[[rules]] +id = "pulumi-api-token" +description = "Found a Pulumi API token, posing a risk to infrastructure as code services and cloud resource management." +regex = '''\b(pul-[a-f0-9]{40})(?:['|\"|\n|\r|\s|\x60|;]|$)''' +entropy = 2 +keywords = ["pul-"] + +[[rules]] +id = "pypi-upload-token" +description = "Discovered a PyPI upload token, potentially compromising Python package distribution and repository integrity." +regex = '''pypi-AgEIcHlwaS5vcmc[\w-]{50,1000}''' +entropy = 3 +keywords = ["pypi-ageichlwas5vcmc"] + +[[rules]] +id = "rapidapi-access-token" +description = "Uncovered a RapidAPI Access Token, which could lead to unauthorized access to various APIs and data services." +regex = '''(?i)[\w.-]{0,50}?(?:rapidapi)(?:[ \t\w.-]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:{1,3}=|\|\|:|<=|=>|:|\?=)(?:'|\"|\s|=|\x60){0,5}([a-z0-9_-]{50})(?:['|\"|\n|\r|\s|\x60|;]|$)''' +keywords = ["rapidapi"] + +[[rules]] +id = "readme-api-token" +description = "Detected a Readme API token, risking unauthorized documentation management and content exposure." +regex = '''\b(rdme_[a-z0-9]{70})(?:['|\"|\n|\r|\s|\x60|;]|$)''' +entropy = 2 +keywords = ["rdme_"] + +[[rules]] +id = "rubygems-api-token" +description = "Identified a Rubygem API token, potentially compromising Ruby library distribution and package management." +regex = '''\b(rubygems_[a-f0-9]{48})(?:['|\"|\n|\r|\s|\x60|;]|$)''' +entropy = 2 +keywords = ["rubygems_"] + +[[rules]] +id = "scalingo-api-token" +description = "Found a Scalingo API token, posing a risk to cloud platform services and application deployment security." +regex = '''\b(tk-us-[\w-]{48})(?:['|\"|\n|\r|\s|\x60|;]|$)''' +entropy = 2 +keywords = ["tk-us-"] + +[[rules]] +id = "sendbird-access-id" +description = "Discovered a Sendbird Access ID, which could compromise chat and messaging platform integrations." +regex = '''(?i)[\w.-]{0,50}?(?:sendbird)(?:[ \t\w.-]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:{1,3}=|\|\|:|<=|=>|:|\?=)(?:'|\"|\s|=|\x60){0,5}([0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12})(?:['|\"|\n|\r|\s|\x60|;]|$)''' +keywords = ["sendbird"] + +[[rules]] +id = "sendbird-access-token" +description = "Uncovered a Sendbird Access Token, potentially risking unauthorized access to communication services and user data." +regex = '''(?i)[\w.-]{0,50}?(?:sendbird)(?:[ \t\w.-]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:{1,3}=|\|\|:|<=|=>|:|\?=)(?:'|\"|\s|=|\x60){0,5}([a-f0-9]{40})(?:['|\"|\n|\r|\s|\x60|;]|$)''' +keywords = ["sendbird"] + +[[rules]] +id = "sendgrid-api-token" +description = "Detected a SendGrid API token, posing a risk of unauthorized email service operations and data exposure." +regex = '''\b(SG\.(?i)[a-z0-9=_\-\.]{66})(?:['|\"|\n|\r|\s|\x60|;]|$)''' +entropy = 2 +keywords = ["sg."] + +[[rules]] +id = "sendinblue-api-token" +description = "Identified a Sendinblue API token, which may compromise email marketing services and subscriber data privacy." +regex = '''\b(xkeysib-[a-f0-9]{64}\-(?i)[a-z0-9]{16})(?:['|\"|\n|\r|\s|\x60|;]|$)''' +entropy = 2 +keywords = ["xkeysib-"] + +[[rules]] +id = "sentry-access-token" +description = "Found a Sentry.io Access Token (old format), risking unauthorized access to error tracking services and sensitive application data." +regex = '''(?i)[\w.-]{0,50}?(?:sentry)(?:[ \t\w.-]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:{1,3}=|\|\|:|<=|=>|:|\?=)(?:'|\"|\s|=|\x60){0,5}([a-f0-9]{64})(?:['|\"|\n|\r|\s|\x60|;]|$)''' +entropy = 3 +keywords = ["sentry"] + +[[rules]] +id = "sentry-org-token" +description = "Found a Sentry.io Organization Token, risking unauthorized access to error tracking services and sensitive application data." +regex = '''\bsntrys_eyJpYXQiO[a-zA-Z0-9+/]{10,200}(?:LCJyZWdpb25fdXJs|InJlZ2lvbl91cmwi|cmVnaW9uX3VybCI6)[a-zA-Z0-9+/]{10,200}={0,2}_[a-zA-Z0-9+/]{43}\b''' +entropy = 4.5 +keywords = ["sntrys_eyjpyxqio"] + +[[rules]] +id = "sentry-user-token" +description = "Found a Sentry.io User Token, risking unauthorized access to error tracking services and sensitive application data." +regex = '''\b(sntryu_[a-f0-9]{64})(?:['|\"|\n|\r|\s|\x60|;]|$)''' +entropy = 3.5 +keywords = ["sntryu_"] + +[[rules]] +id = "shippo-api-token" +description = "Discovered a Shippo API token, potentially compromising shipping services and customer order data." +regex = '''\b(shippo_(?:live|test)_[a-fA-F0-9]{40})(?:['|\"|\n|\r|\s|\x60|;]|$)''' +entropy = 2 +keywords = ["shippo_"] + +[[rules]] +id = "shopify-access-token" +description = "Uncovered a Shopify access token, which could lead to unauthorized e-commerce platform access and data breaches." +regex = '''shpat_[a-fA-F0-9]{32}''' +entropy = 2 +keywords = ["shpat_"] + +[[rules]] +id = "shopify-custom-access-token" +description = "Detected a Shopify custom access token, potentially compromising custom app integrations and e-commerce data security." +regex = '''shpca_[a-fA-F0-9]{32}''' +entropy = 2 +keywords = ["shpca_"] + +[[rules]] +id = "shopify-private-app-access-token" +description = "Identified a Shopify private app access token, risking unauthorized access to private app data and store operations." +regex = '''shppa_[a-fA-F0-9]{32}''' +entropy = 2 +keywords = ["shppa_"] + +[[rules]] +id = "shopify-shared-secret" +description = "Found a Shopify shared secret, posing a risk to application authentication and e-commerce platform security." +regex = '''shpss_[a-fA-F0-9]{32}''' +entropy = 2 +keywords = ["shpss_"] + +[[rules]] +id = "sidekiq-secret" +description = "Discovered a Sidekiq Secret, which could lead to compromised background job processing and application data breaches." +regex = '''(?i)[\w.-]{0,50}?(?:BUNDLE_ENTERPRISE__CONTRIBSYS__COM|BUNDLE_GEMS__CONTRIBSYS__COM)(?:[ \t\w.-]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:{1,3}=|\|\|:|<=|=>|:|\?=)(?:'|\"|\s|=|\x60){0,5}([a-f0-9]{8}:[a-f0-9]{8})(?:['|\"|\n|\r|\s|\x60|;]|$)''' +keywords = [ + "bundle_enterprise__contribsys__com", + "bundle_gems__contribsys__com", +] + +[[rules]] +id = "sidekiq-sensitive-url" +description = "Uncovered a Sidekiq Sensitive URL, potentially exposing internal job queues and sensitive operation details." +regex = '''(?i)\bhttps?://([a-f0-9]{8}:[a-f0-9]{8})@(?:gems.contribsys.com|enterprise.contribsys.com)(?:[\/|\#|\?|:]|$)''' +keywords = [ + "gems.contribsys.com", + "enterprise.contribsys.com", +] + +[[rules]] +id = "slack-app-token" +description = "Detected a Slack App-level token, risking unauthorized access to Slack applications and workspace data." +regex = '''(?i)xapp-\d-[A-Z0-9]+-\d+-[a-z0-9]+''' +entropy = 2 +keywords = ["xapp"] + +[[rules]] +id = "slack-bot-token" +description = "Identified a Slack Bot token, which may compromise bot integrations and communication channel security." +regex = '''xoxb-[0-9]{10,13}-[0-9]{10,13}[a-zA-Z0-9-]*''' +entropy = 3 +keywords = ["xoxb"] + +[[rules]] +id = "slack-config-access-token" +description = "Found a Slack Configuration access token, posing a risk to workspace configuration and sensitive data access." +regex = '''(?i)xoxe.xox[bp]-\d-[A-Z0-9]{163,166}''' +entropy = 2 +keywords = [ + "xoxe.xoxb-", + "xoxe.xoxp-", +] + +[[rules]] +id = "slack-config-refresh-token" +description = "Discovered a Slack Configuration refresh token, potentially allowing prolonged unauthorized access to configuration settings." +regex = '''(?i)xoxe-\d-[A-Z0-9]{146}''' +entropy = 2 +keywords = ["xoxe-"] + +[[rules]] +id = "slack-legacy-bot-token" +description = "Uncovered a Slack Legacy bot token, which could lead to compromised legacy bot operations and data exposure." +regex = '''xoxb-[0-9]{8,14}-[a-zA-Z0-9]{18,26}''' +entropy = 2 +keywords = ["xoxb"] + +[[rules]] +id = "slack-legacy-token" +description = "Detected a Slack Legacy token, risking unauthorized access to older Slack integrations and user data." +regex = '''xox[os]-\d+-\d+-\d+-[a-fA-F\d]+''' +entropy = 2 +keywords = [ + "xoxo", + "xoxs", +] + +[[rules]] +id = "slack-legacy-workspace-token" +description = "Identified a Slack Legacy Workspace token, potentially compromising access to workspace data and legacy features." +regex = '''xox[ar]-(?:\d-)?[0-9a-zA-Z]{8,48}''' +entropy = 2 +keywords = [ + "xoxa", + "xoxr", +] + +[[rules]] +id = "slack-user-token" +description = "Found a Slack User token, posing a risk of unauthorized user impersonation and data access within Slack workspaces." +regex = '''xox[pe](?:-[0-9]{10,13}){3}-[a-zA-Z0-9-]{28,34}''' +entropy = 2 +keywords = [ + "xoxp-", + "xoxe-", +] + +[[rules]] +id = "slack-webhook-url" +description = "Discovered a Slack Webhook, which could lead to unauthorized message posting and data leakage in Slack channels." +regex = '''(?:https?://)?hooks.slack.com/(?:services|workflows)/[A-Za-z0-9+/]{43,46}''' +keywords = ["hooks.slack.com"] + +[[rules]] +id = "snyk-api-token" +description = "Uncovered a Snyk API token, potentially compromising software vulnerability scanning and code security." +regex = '''(?i)[\w.-]{0,50}?(?:snyk[_.-]?(?:(?:api|oauth)[_.-]?)?(?:key|token))(?:[ \t\w.-]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:{1,3}=|\|\|:|<=|=>|:|\?=)(?:'|\"|\s|=|\x60){0,5}([0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12})(?:['|\"|\n|\r|\s|\x60|;]|$)''' +keywords = ["snyk"] + +[[rules]] +id = "square-access-token" +description = "Detected a Square Access Token, risking unauthorized payment processing and financial transaction exposure." +regex = '''\b((?:EAAA|sq0atp-)[\w-]{22,60})(?:['|\"|\n|\r|\s|\x60|;]|$)''' +entropy = 2 +keywords = [ + "sq0atp-", + "eaaa", +] + +[[rules]] +id = "squarespace-access-token" +description = "Identified a Squarespace Access Token, which may compromise website management and content control on Squarespace." +regex = '''(?i)[\w.-]{0,50}?(?:squarespace)(?:[ \t\w.-]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:{1,3}=|\|\|:|<=|=>|:|\?=)(?:'|\"|\s|=|\x60){0,5}([0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12})(?:['|\"|\n|\r|\s|\x60|;]|$)''' +keywords = ["squarespace"] + +[[rules]] +id = "stripe-access-token" +description = "Found a Stripe Access Token, posing a risk to payment processing services and sensitive financial data." +regex = '''\b((?:sk|rk)_(?:test|live|prod)_[a-zA-Z0-9]{10,99})(?:['|\"|\n|\r|\s|\x60|;]|$)''' +entropy = 2 +keywords = [ + "sk_test", + "sk_live", + "sk_prod", + "rk_test", + "rk_live", + "rk_prod", +] + +[[rules]] +id = "sumologic-access-id" +description = "Discovered a SumoLogic Access ID, potentially compromising log management services and data analytics integrity." +regex = '''[\w.-]{0,50}?(?i:[\w.-]{0,50}?(?:(?-i:[Ss]umo|SUMO))(?:[ \t\w.-]{0,20})(?:[\s|']|[\s|"]){0,3})(?:=|>|:{1,3}=|\|\|:|<=|=>|:|\?=)(?:'|\"|\s|=|\x60){0,5}(su[a-zA-Z0-9]{12})(?:['|\"|\n|\r|\s|\x60|;]|$)''' +entropy = 3 +keywords = ["sumo"] + +[[rules]] +id = "sumologic-access-token" +description = "Uncovered a SumoLogic Access Token, which could lead to unauthorized access to log data and analytics insights." +regex = '''(?i)[\w.-]{0,50}?(?:(?-i:[Ss]umo|SUMO))(?:[ \t\w.-]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:{1,3}=|\|\|:|<=|=>|:|\?=)(?:'|\"|\s|=|\x60){0,5}([a-z0-9]{64})(?:['|\"|\n|\r|\s|\x60|;]|$)''' +entropy = 3 +keywords = ["sumo"] + +[[rules]] +id = "telegram-bot-api-token" +description = "Detected a Telegram Bot API Token, risking unauthorized bot operations and message interception on Telegram." +regex = '''(?i)[\w.-]{0,50}?(?:telegr)(?:[ \t\w.-]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:{1,3}=|\|\|:|<=|=>|:|\?=)(?:'|\"|\s|=|\x60){0,5}([0-9]{5,16}:(?-i:A)[a-z0-9_\-]{34})(?:['|\"|\n|\r|\s|\x60|;]|$)''' +keywords = ["telegr"] + +[[rules]] +id = "travisci-access-token" +description = "Identified a Travis CI Access Token, potentially compromising continuous integration services and codebase security." +regex = '''(?i)[\w.-]{0,50}?(?:travis)(?:[ \t\w.-]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:{1,3}=|\|\|:|<=|=>|:|\?=)(?:'|\"|\s|=|\x60){0,5}([a-z0-9]{22})(?:['|\"|\n|\r|\s|\x60|;]|$)''' +keywords = ["travis"] -# Rule for Twilio API Key [[rules]] id = "twilio-api-key" -description = "Twilio API Key" -regex = '''AC[a-zA-Z0-9_\\-]{32}''' -tags = ["twilio", "api_key"] +description = "Found a Twilio API Key, posing a risk to communication services and sensitive customer interaction data." +regex = '''SK[0-9a-fA-F]{32}''' +entropy = 3 +keywords = ["sk"] + +[[rules]] +id = "twitch-api-token" +description = "Discovered a Twitch API token, which could compromise streaming services and account integrations." +regex = '''(?i)[\w.-]{0,50}?(?:twitch)(?:[ \t\w.-]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:{1,3}=|\|\|:|<=|=>|:|\?=)(?:'|\"|\s|=|\x60){0,5}([a-z0-9]{30})(?:['|\"|\n|\r|\s|\x60|;]|$)''' +keywords = ["twitch"] + +[[rules]] +id = "twitter-access-secret" +description = "Uncovered a Twitter Access Secret, potentially risking unauthorized Twitter integrations and data breaches." +regex = '''(?i)[\w.-]{0,50}?(?:twitter)(?:[ \t\w.-]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:{1,3}=|\|\|:|<=|=>|:|\?=)(?:'|\"|\s|=|\x60){0,5}([a-z0-9]{45})(?:['|\"|\n|\r|\s|\x60|;]|$)''' +keywords = ["twitter"] + +[[rules]] +id = "twitter-access-token" +description = "Detected a Twitter Access Token, posing a risk of unauthorized account operations and social media data exposure." +regex = '''(?i)[\w.-]{0,50}?(?:twitter)(?:[ \t\w.-]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:{1,3}=|\|\|:|<=|=>|:|\?=)(?:'|\"|\s|=|\x60){0,5}([0-9]{15,25}-[a-zA-Z0-9]{20,40})(?:['|\"|\n|\r|\s|\x60|;]|$)''' +keywords = ["twitter"] -# Rule for Mailgun API Key [[rules]] -id = "mailgun-api-key" -description = "Mailgun API Key" -regex = '''key-[0-9a-zA-Z]{32}''' -tags = ["mailgun", "api_key"] +id = "twitter-api-key" +description = "Identified a Twitter API Key, which may compromise Twitter application integrations and user data security." +regex = '''(?i)[\w.-]{0,50}?(?:twitter)(?:[ \t\w.-]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:{1,3}=|\|\|:|<=|=>|:|\?=)(?:'|\"|\s|=|\x60){0,5}([a-z0-9]{25})(?:['|\"|\n|\r|\s|\x60|;]|$)''' +keywords = ["twitter"] -# Rule for Passwords (generic patterns like "password=") [[rules]] -id = "generic-password" -description = "Potential Password Assignment" -regex = '''(?i)password\\s*=\\s*['"][^'"]+['"]''' -tags = ["password"] +id = "twitter-api-secret" +description = "Found a Twitter API Secret, risking the security of Twitter app integrations and sensitive data access." +regex = '''(?i)[\w.-]{0,50}?(?:twitter)(?:[ \t\w.-]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:{1,3}=|\|\|:|<=|=>|:|\?=)(?:'|\"|\s|=|\x60){0,5}([a-z0-9]{50})(?:['|\"|\n|\r|\s|\x60|;]|$)''' +keywords = ["twitter"] -# Rule for Salesforce OAuth Token [[rules]] -id = "salesforce-oauth-token" -description = "Salesforce OAuth Token" -regex = '''00D[A-Za-z0-9]{15,18}''' -tags = ["salesforce", "oauth_token"] +id = "twitter-bearer-token" +description = "Discovered a Twitter Bearer Token, potentially compromising API access and data retrieval from Twitter." +regex = '''(?i)[\w.-]{0,50}?(?:twitter)(?:[ \t\w.-]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:{1,3}=|\|\|:|<=|=>|:|\?=)(?:'|\"|\s|=|\x60){0,5}(A{22}[a-zA-Z0-9%]{80,100})(?:['|\"|\n|\r|\s|\x60|;]|$)''' +keywords = ["twitter"] -# Rule for PayPal Braintree Access Token [[rules]] -id = "braintree-access-token" -description = "PayPal Braintree Access Token" -regex = '''access_token\\$production\\$[0-9a-z]{16}\\$[0-9a-f]{32}''' -tags = ["braintree", "access_token"] +id = "typeform-api-token" +description = "Uncovered a Typeform API token, which could lead to unauthorized survey management and data collection." +regex = '''(?i)[\w.-]{0,50}?(?:typeform)(?:[ \t\w.-]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:{1,3}=|\|\|:|<=|=>|:|\?=)(?:'|\"|\s|=|\x60){0,5}(tfp_[a-z0-9\-_\.=]{59})(?:['|\"|\n|\r|\s|\x60|;]|$)''' +keywords = ["tfp_"] -# Rule for SendGrid API Key [[rules]] -id = "sendgrid-api-key" -description = "SendGrid API Key" -regex = '''SG\\.[0-9A-Za-z\\-_]{22}\\.[0-9A-Za-z\\-_]{43}''' -tags = ["sendgrid", "api_key"] +id = "vault-batch-token" +description = "Detected a Vault Batch Token, risking unauthorized access to secret management services and sensitive data." +regex = '''\b(hvb\.[\w-]{138,300})(?:['|\"|\n|\r|\s|\x60|;]|$)''' +entropy = 4 +keywords = ["hvb."] +[[rules]] +id = "vault-service-token" +description = "Identified a Vault Service Token, potentially compromising infrastructure security and access to sensitive credentials." +regex = '''\b((?:hvs\.[\w-]{90,120}|s\.(?i:[a-z0-9]{24})))(?:['|\"|\n|\r|\s|\x60|;]|$)''' +entropy = 3.5 +keywords = [ + "hvs.", + "s.", +] +# NOTE: Gitleaks >= v8.21.0 should use [[rules.allowlists] instead. +[rules.allowlist] +regexes = [ + '''s\.[A-Za-z]{24}''', +] + +[[rules]] +id = "yandex-access-token" +description = "Found a Yandex Access Token, posing a risk to Yandex service integrations and user data privacy." +regex = '''(?i)[\w.-]{0,50}?(?:yandex)(?:[ \t\w.-]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:{1,3}=|\|\|:|<=|=>|:|\?=)(?:'|\"|\s|=|\x60){0,5}(t1\.[A-Z0-9a-z_-]+[=]{0,2}\.[A-Z0-9a-z_-]{86}[=]{0,2})(?:['|\"|\n|\r|\s|\x60|;]|$)''' +keywords = ["yandex"] -# additional rules can be added here \ No newline at end of file +[[rules]] +id = "yandex-api-key" +description = "Discovered a Yandex API Key, which could lead to unauthorized access to Yandex services and data manipulation." +regex = '''(?i)[\w.-]{0,50}?(?:yandex)(?:[ \t\w.-]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:{1,3}=|\|\|:|<=|=>|:|\?=)(?:'|\"|\s|=|\x60){0,5}(AQVN[A-Za-z0-9_\-]{35,38})(?:['|\"|\n|\r|\s|\x60|;]|$)''' +keywords = ["yandex"] + +[[rules]] +id = "yandex-aws-access-token" +description = "Uncovered a Yandex AWS Access Token, potentially compromising cloud resource access and data security on Yandex Cloud." +regex = '''(?i)[\w.-]{0,50}?(?:yandex)(?:[ \t\w.-]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:{1,3}=|\|\|:|<=|=>|:|\?=)(?:'|\"|\s|=|\x60){0,5}(YC[a-zA-Z0-9_\-]{38})(?:['|\"|\n|\r|\s|\x60|;]|$)''' +keywords = ["yandex"] + +[[rules]] +id = "zendesk-secret-key" +description = "Detected a Zendesk Secret Key, risking unauthorized access to customer support services and sensitive ticketing data." +regex = '''(?i)[\w.-]{0,50}?(?:zendesk)(?:[ \t\w.-]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:{1,3}=|\|\|:|<=|=>|:|\?=)(?:'|\"|\s|=|\x60){0,5}([a-z0-9]{40})(?:['|\"|\n|\r|\s|\x60|;]|$)''' +keywords = ["zendesk"] diff --git a/proxy.config.json b/proxy.config.json index 51e9aa938..ae01e7b8c 100644 --- a/proxy.config.json +++ b/proxy.config.json @@ -11,6 +11,12 @@ "project": "finos", "name": "git-proxy", "url": "https://github.com/finos/git-proxy.git" + }, + { + "project": "project name", + "name": "repo name", + "url": "repo url", + "LocalRepoRoot": "specify you local repository path" } ], "sink": [ diff --git a/src/proxy/chain.js b/src/proxy/chain.js index 7f8755ba2..363f37aea 100644 --- a/src/proxy/chain.js +++ b/src/proxy/chain.js @@ -12,7 +12,7 @@ const pushActionChain = [ proc.push.getDiff, proc.push.checkSensitiveData, // checkSensitiveData added proc.push.checkExifJpeg, - proc.push.checkForAiMlUsage, + proc.push.checkForAiMlusage, proc.push.clearBareClone, proc.push.checkCryptoImplementation, proc.push.scanDiff, diff --git a/src/proxy/processors/push-action/checkCommitMessages.js b/src/proxy/processors/push-action/checkCommitMessages.js index 71b883f6c..d60d4277a 100644 --- a/src/proxy/processors/push-action/checkCommitMessages.js +++ b/src/proxy/processors/push-action/checkCommitMessages.js @@ -1,6 +1,6 @@ const Step = require('../../actions').Step; const config = require('../../../config'); -const { exec: eexec } = require('./checkForSecrets'); +const { exec: eexec } = require('./checkForSecrets.js'); console.log(eexec); const commitConfig = config.getCommitConfig(); diff --git a/src/proxy/processors/push-action/checkCryptoImplementation.js b/src/proxy/processors/push-action/checkCryptoImplementation.js index 5be14bf30..1e9d4b9ae 100644 --- a/src/proxy/processors/push-action/checkCryptoImplementation.js +++ b/src/proxy/processors/push-action/checkCryptoImplementation.js @@ -135,6 +135,6 @@ const exec = async (req, action) => { } }; -// exec.displayName = 'checkCryptoImplementation.exec'; +exec.displayName = 'checkCryptoImplementation.exec'; exports.exec = exec; exports.analyzeCodeForCrypto = analyzeCodeForCrypto; \ No newline at end of file diff --git a/src/proxy/processors/push-action/checkExifJpeg.js b/src/proxy/processors/push-action/checkExifJpeg.js index 5cc45f670..7190db8d0 100644 --- a/src/proxy/processors/push-action/checkExifJpeg.js +++ b/src/proxy/processors/push-action/checkExifJpeg.js @@ -3,6 +3,8 @@ const { Step } = require('../../actions'); const config = require('../../../config'); const commitConfig = config.getCommitConfig(); +const authorizedlist = config.getAuthorisedList(); + const validExtensions = ['.jpeg', '.png', '.jpg', '.tiff']; // Make sure you have modified the proxy.config.json; // Function to check sensitive EXIF data @@ -27,8 +29,9 @@ const checkSensitiveExifData = (metadata) => { }; // Function to retrieve EXIF data using ExifTool -const getExifData = async (filePath) => { +const getExifData = async (relativePath,repoRoot) => { const exifTool = new ExifTool(); + const filePath = path.join(repoRoot, relativePath); try { const metadata = await exifTool.read(filePath); return metadata ? checkSensitiveExifData(metadata) : true; @@ -67,7 +70,14 @@ const exec = async (req, action, log = console.log) => { const filteredPaths = filePaths.filter(path => validExtensions.some(ext => path.endsWith(ext) && allowedFileType.includes(ext))); if (filteredPaths.length > 0) { - const exifResults = await Promise.all(filteredPaths.map(filePath => getExifData(filePath))); + + const exifResults = await Promise.all( + filteredPaths.map((Path) => { + const repo = action.url; + const repoRoot = authorizedlist.find((item) => item.url === repo).LocalRepoRoot; + getExifData(Path, repoRoot); + }), + ); const isBlocked = exifResults.some(result => !result); if (isBlocked) { diff --git a/src/proxy/processors/push-action/checkForAiMlUsage.js b/src/proxy/processors/push-action/checkForAiMlUsage.js index d9b403f18..a167cc0bd 100644 --- a/src/proxy/processors/push-action/checkForAiMlUsage.js +++ b/src/proxy/processors/push-action/checkForAiMlUsage.js @@ -1,6 +1,7 @@ const { Step } = require('../../actions'); const config = require('../../../config'); const commitConfig = config.getCommitConfig(); +const authorizedlist = config.getAuthorisedList(); const fs = require('fs'); @@ -58,21 +59,23 @@ const isAiMlFileByContent = (fileContent) => { // Main function to detect AI/ML usage in an array of file paths -const detectAiMlUsageFiles = async (filePaths) => { +const detectAiMlUsageFiles = async (filePaths,repoRoot) => { const results = []; // console.log("filePaths!", filePaths); - for (const filePath of filePaths) { + for (let filePath of filePaths) { try { const fileName = filePath.split('/').pop(); // console.log(fileName, "!!!"); // Check if the file name itself indicates AI/ML usage if (isAiMlFileByExtension(fileName)) { - // console.log("FOUND EXTENSION for ", fileName); + console.log("FOUND EXTENSION for ", fileName); results.push(false); continue; // Skip content check if the file name is a match } // Check for AI/ML indicators within the file content // console.log("testing content for ", fileName); + filePath = path.join(repoRoot, filePath); + const content = await fs.promises.readFile(filePath, 'utf8'); if (isAiMlFileByContent(content)) { results.push(false); continue; @@ -118,7 +121,9 @@ const exec = async (req, action, log = console.log) => { // console.log(filePaths); if (filePaths.length) { - const aiMlDetected = await detectAiMlUsageFiles(filePaths); + const repoRoot = authorizedlist.find((item) => item.url === action.url).LocalRepoRoot; + + const aiMlDetected = await detectAiMlUsageFiles(filePaths,repoRoot); // console.log(aiMlDetected); const isBlocked = aiMlDetected.some(found => !found); // const isBlocked = false; @@ -139,5 +144,5 @@ const exec = async (req, action, log = console.log) => { return action; }; -exec.displayName = 'logFileChanges.exec'; +exec.displayName = 'checkForAiMlUsage.exec'; module.exports = { exec }; \ No newline at end of file diff --git a/src/proxy/processors/push-action/checkForSecrets b/src/proxy/processors/push-action/checkForSecrets.js similarity index 70% rename from src/proxy/processors/push-action/checkForSecrets rename to src/proxy/processors/push-action/checkForSecrets.js index c76516f2f..4c99e13d3 100644 --- a/src/proxy/processors/push-action/checkForSecrets +++ b/src/proxy/processors/push-action/checkForSecrets.js @@ -4,6 +4,8 @@ const { exec: cexec } = require('child_process'); const path = require('path'); const config = require('../../../config'); const commitConfig = config.getCommitConfig(); +const authorizedlist = config.getAuthorisedList(); + // Function to extract relevant file paths from Git diff content // go to proxyconfig.json and enable the feature @@ -37,53 +39,39 @@ function extractRelevantDirectories(diffContent) { } // Function to run Gitleaks with directory paths -function runGitleaks(filePaths) { +function runGitleaks(filePaths,repoRoot) { return new Promise((resolve, reject) => { const filesToCheck = filePaths - .map((filePath) => `"${path.resolve(filePath).replace(/\\/g, '/')}"`) + .map((filePath) => `"${path.resolve(repoRoot,filePath).replace(/\\/g, '/')}"`) .join(' '); + console.log("filesToCheck:", filesToCheck); const configPath = path.resolve(__dirname, '../../../../gitleaks.toml').replace(/\\/g, '/'); - const reportPath = path - .resolve(__dirname, '../../../../gitleaks_report.json') - .replace(/\\/g, '/'); + const reportPath = repoRoot + '/gitleaks_report.json'; - const command = `gitleaks dir ${filesToCheck} --config="${configPath}" --report-format json --log-level error --report-path="${reportPath}"`; + const command = `gitleaks dir ${filesToCheck} --config="${configPath}" --report-format json --log-level debug --report-path="${reportPath}"`; console.log(`Executing Gitleaks Command: ${command}`); cexec(command, (error, stdout, stderr) => { if (error) { - console.error(`Error executing gitleaks: ${error.message}`); - reject(new Error(`Error executing gitleaks: ${error.message}`)); - } else if (stderr) { - console.error(`stderr: ${stderr}`); - reject(new Error(`stderr: ${stderr}`)); + // If leaks are found, handle the warning gracefully + console.log("stderrrrr:",stderr); + if (stderr.includes("leaks found")) { + console.warn("Leaks were found, but execution succeeded."); + resolve(true); // Consider this a successful run + } else { + console.error(`Error executing gitleaks: ${error.message}`); + reject(new Error(`Error executing gitleaks: ${error.message}`)); + } } else { - resolve(stdout); + resolve(false); } }); }); } -// Function to check for sensitive secrets in the Gitleaks output -function checkForSensitiveSecrets(output) { - try { - const findings = JSON.parse(output); - - if (findings.length > 0) { - findings.forEach((finding) => { - console.log(`Secret found in file: ${finding.file}`); - console.log(` Rule: ${finding.rule_id}`); - console.log(` Secret: ${finding.secret}`); - }); - return true; - } - return false; - } catch (error) { - console.error('Error parsing Gitleaks output:', error); - return false; - } -} + + // Example usage in exec function const exec = async (req, action) => { @@ -98,13 +86,14 @@ const exec = async (req, action) => { if (diffStep && diffStep.content) { const dirPaths = extractRelevantDirectories(diffStep.content); - + const repoRoot = authorizedlist.find((item) => item.url === action.url).LocalRepoRoot; + if (dirPaths.length > 0) { try { - const result = await runGitleaks(dirPaths); - const hasSensitiveSecrets = checkForSensitiveSecrets(result); + const res = await runGitleaks(dirPaths,repoRoot); + - if (hasSensitiveSecrets) { + if (res) { step.blocked = true; step.blockedMessage = 'Sensitive secrets detected in the diff.'; console.log('Sensitive secrets detected! Push blocked.'); @@ -126,7 +115,7 @@ const exec = async (req, action) => { }; exec.displayName = 'checkforSecrets.exec'; - +module.exports = { exec }; diff --git a/src/proxy/processors/push-action/checkSensitiveData.js b/src/proxy/processors/push-action/checkSensitiveData.js index 0ea186798..51a50e440 100644 --- a/src/proxy/processors/push-action/checkSensitiveData.js +++ b/src/proxy/processors/push-action/checkSensitiveData.js @@ -8,6 +8,8 @@ const config = require('../../../config'); // const { exec: getDiffExec } = require('./getDiff'); // Function to check for sensitive data patterns const commitConfig = config.getCommitConfig(); +const authorizedlist = config.getAuthorisedList(); + const checkForSensitiveData = (cell) => { const sensitivePatterns = [ /\d{3}-\d{2}-\d{4}/, // Social Security Number (SSN) @@ -94,8 +96,9 @@ const checkLogJsonFiles = async (filePath) => { }); }; // Function to parse the file based on its extension -const parseFile = async (filePath) => { - +const parseFile = async (repoRoot, relativePath) => { + const filePath = path.join(repoRoot, relativePath); + const ext = path.extname(filePath).toLowerCase(); const FilestoCheck = commitConfig.diff.block.proxyFileTypes; if(!FilestoCheck.includes(ext)){ @@ -145,16 +148,27 @@ const exec = async (req, action) => { const filePaths = extractFilePathsFromDiff(diffStep.content); if (filePaths.length > 0) { - // Check for sensitive data in all files - const sensitiveDataFound = await Promise.all(filePaths.map(parseFile)); - const anySensitiveDataDetected = sensitiveDataFound.some(found => found); - - if (anySensitiveDataDetected) { - step.blocked= true; - step.error = true; - step.errorMessage = 'Your push has been blocked due to sensitive data detection.'; - console.log(step.errorMessage); - } + try { + const repoUrl = action.url; + const repo = authorizedlist.find((item) => item.url === repoUrl); + // console.log(repo); + const repoRoot = repo.LocalRepoRoot; + // console.log('my reporoot is ' + repoRoot); + + const sensitiveDataFound = await Promise.all( + filePaths.map((filePath) => parseFile(repoRoot, filePath)), + ); + const anySensitiveDataDetected = sensitiveDataFound.some((found) => found); + + if (anySensitiveDataDetected) { + step.blocked = true; + step.error = true; + step.errorMessage = 'Your push has been blocked due to sensitive data detection.'; + console.log(step.errorMessage); + } + } catch (error) { + console.error(`Error processing files: ${error.message}`); + } } else { console.log('No file paths provided in the diff step.'); } diff --git a/src/proxy/processors/push-action/index.js b/src/proxy/processors/push-action/index.js index 0ff22b9b1..a0aa0d545 100644 --- a/src/proxy/processors/push-action/index.js +++ b/src/proxy/processors/push-action/index.js @@ -8,11 +8,11 @@ exports.scanDiff = require('./scanDiff').exec; exports.blockForAuth = require('./blockForAuth').exec; exports.checkIfWaitingAuth = require('./checkIfWaitingAuth').exec; exports.checkCommitMessages = require('./checkCommitMessages').exec; -console.log(__dirname); exports.checkAuthorEmails = require('./checkAuthorEmails').exec; exports.checkUserPushPermission = require('./checkUserPushPermission').exec; exports.clearBareClone = require('./clearBareClone').exec; exports.checkSensitiveData = require('./checkSensitiveData').exec; exports.checkExifJpeg = require('./checkExifJpeg').exec; exports.checkForAiMlusage = require('./checkForAiMlUsage').exec; +exports.checkForSecrets = require('./checkForSecrets').exec; exports.checkCryptoImplementation = require('./checkCryptoImplementation').exec; diff --git a/test/test_data/sensitive_data.js b/test/test_data/GitleaksSampleData/sensitive_data.js similarity index 50% rename from test/test_data/sensitive_data.js rename to test/test_data/GitleaksSampleData/sensitive_data.js index 8434e5c74..395e80b55 100644 --- a/test/test_data/sensitive_data.js +++ b/test/test_data/GitleaksSampleData/sensitive_data.js @@ -1,3 +1,3 @@ // File containing sensitive AWS Access Key -const secret = 'AKIAIOSFODNN8EXAMPLE'; // Example AWS access key +const secret = 'AKIAIOSFODNN9EXPLEAM'; // Example AWS access key console.log(secret); \ No newline at end of file diff --git a/test/test_data/sensitive_data.csv b/test/test_data/sensitveDatalikecsv/sensitive_data.csv similarity index 100% rename from test/test_data/sensitive_data.csv rename to test/test_data/sensitveDatalikecsv/sensitive_data.csv diff --git a/test/test_data/sensitive_data2.xlsx b/test/test_data/sensitveDatalikecsv/sensitive_data2.xlsx similarity index 100% rename from test/test_data/sensitive_data2.xlsx rename to test/test_data/sensitveDatalikecsv/sensitive_data2.xlsx diff --git a/test/test_data/sensitive_data4.json b/test/test_data/sensitveDatalikecsv/sensitive_data4.json similarity index 100% rename from test/test_data/sensitive_data4.json rename to test/test_data/sensitveDatalikecsv/sensitive_data4.json