From 605ed1fc7700dfe6637aaa9ff86c87de0712e8b0 Mon Sep 17 00:00:00 2001 From: Quentin Machu Date: Tue, 17 Nov 2015 17:42:52 -0500 Subject: [PATCH] Refactor security worker --- data/model/image.py | 75 +++++++- data/model/storage.py | 10 + data/model/tag.py | 31 +++- test/data/test.db | Bin 1105920 -> 535552 bytes workers/security_notification_worker.py | 17 +- workers/securityworker.py | 233 ++++++++---------------- 6 files changed, 184 insertions(+), 182 deletions(-) diff --git a/data/model/image.py b/data/model/image.py index 943d9f383..b22f70ce3 100644 --- a/data/model/image.py +++ b/data/model/image.py @@ -1,5 +1,6 @@ import logging import dateutil.parser +import random from peewee import JOIN_LEFT_OUTER, fn, SQL from datetime import datetime @@ -7,7 +8,8 @@ from datetime import datetime from data.model import (DataModelException, db_transaction, _basequery, storage, InvalidImageException, config) from data.database import (Image, Repository, ImageStoragePlacement, Namespace, ImageStorage, - ImageStorageLocation, RepositoryPermission, db_for_update) + ImageStorageLocation, RepositoryPermission, db_for_update, + db_random_func) logger = logging.getLogger(__name__) @@ -459,3 +461,74 @@ def ensure_image_locations(*names): data = [{'name': name} for name in insert_names] ImageStorageLocation.insert_many(data).execute() + +def get_secscan_candidates(engine_version, batch_size): + Parent = Image.alias() + ParentImageStorage = ImageStorage.alias() + rimages = [] + + # Collect the images without parents + candidates = (Image + .select(Image.id) + .join(ImageStorage) + .where(Image.security_indexed_engine < engine_version, + Image.parent >> None, + ImageStorage.uploading == False) + .limit(batch_size*10)) + + images = (Image + .select(Image, ImageStorage) + .join(ImageStorage) + .where(Image.id << candidates) + .order_by(db_random_func()) + .limit(batch_size)) + + for image in images: + rimages.append(image) + + # Collect the images with analyzed parents. + candidates = (Image + .select(Image.id) + .join(Parent, on=(Image.parent == Parent.id)) + .switch(Image) + .join(ImageStorage) + .where(Image.security_indexed_engine < engine_version, + Parent.security_indexed == True, + Parent.security_indexed_engine >= engine_version, + ImageStorage.uploading == False) + .limit(batch_size*10)) + + images = (Image + .select(Image, ImageStorage, Parent, ParentImageStorage) + .join(Parent, on=(Image.parent == Parent.id)) + .join(ParentImageStorage, on=(ParentImageStorage.id == Parent.storage)) + .switch(Image) + .join(ImageStorage) + .where(Image.id << candidates) + .order_by(db_random_func()) + .limit(batch_size)) + + for image in images: + rimages.append(image) + + # Shuffle the images, otherwise the images without parents will always be on the top + random.shuffle(rimages) + + return rimages + + +def set_secscan_status(image, indexed, version): + query = (Image + .select() + .join(ImageStorage) + .where(Image.docker_image_id == image.docker_image_id, + ImageStorage.uuid == image.storage.uuid)) + + ids_to_update = [row.id for row in query] + if not ids_to_update: + return + + (Image + .update(security_indexed=indexed, security_indexed_engine=version) + .where(Image.id << ids_to_update) + .execute()) diff --git a/data/model/storage.py b/data/model/storage.py index 77ab9148c..d3e452d9f 100644 --- a/data/model/storage.py +++ b/data/model/storage.py @@ -225,3 +225,13 @@ def lookup_repo_storages_by_content_checksum(repo, checksums): .select() .join(Image) .where(Image.repository == repo, ImageStorage.content_checksum << checksums)) + +def get_storage_locations(uuid): + query = (ImageStoragePlacement + .select() + .join(ImageStorageLocation) + .switch(ImageStoragePlacement) + .join(ImageStorage, JOIN_LEFT_OUTER) + .where(ImageStorage.uuid == uuid)) + + return [location.location.name for location in query] diff --git a/data/model/tag.py b/data/model/tag.py index 1a7932347..6883a39e3 100644 --- a/data/model/tag.py +++ b/data/model/tag.py @@ -3,7 +3,7 @@ from uuid import uuid4 from data.model import (image, db_transaction, DataModelException, _basequery, InvalidManifestException) from data.database import (RepositoryTag, Repository, Image, ImageStorage, Namespace, TagManifest, - get_epoch_timestamp, db_for_update) + RepositoryNotification, get_epoch_timestamp, db_for_update) def _tag_alive(query, now_ts=None): @@ -18,15 +18,29 @@ def get_matching_tags(docker_image_id, storage_uuid, *args): given docker_image_id and storage_uuid. """ image_query = image.get_repository_image_and_deriving(docker_image_id, storage_uuid) - return (RepositoryTag - .select(*args) - .distinct() - .join(Image) - .join(ImageStorage) - .where(Image.id << image_query, RepositoryTag.lifetime_end_ts >> None, - RepositoryTag.hidden == False)) + return _tag_alive(RepositoryTag + .select(*args) + .distinct() + .join(Image) + .join(ImageStorage) + .where(Image.id << image_query, RepositoryTag.hidden == False)) +def get_tags_for_image(image_id, *args): + return _tag_alive(RepositoryTag + .select(*args) + .distinct() + .where(RepositoryTag.image == image_id, + RepositoryTag.hidden == False)) + + +def filter_tags_have_repository_event(query, event): + return (query + .switch(RepositoryTag) + .join(Repository) + .join(RepositoryNotification) + .where(RepositoryNotification.event == event)) + def list_repository_tags(namespace_name, repository_name, include_hidden=False, include_storage=False): to_select = (RepositoryTag, Image) @@ -233,4 +247,3 @@ def _load_repo_manifests(namespace, repo_name): .join(Repository) .join(Namespace, on=(Namespace.id == Repository.namespace_user)) .where(Repository.name == repo_name, Namespace.username == namespace)) - diff --git a/test/data/test.db b/test/data/test.db index 33cbdddfe14ede7e515d48311c5c517bcfd411c4..e39fc8a8713cb94478b678254005b0c735d69c43 100644 GIT binary patch delta 81897 zcmeFa2XtFS7BKu~MzSQ!CEe+;OqWJ#7}OR}0R$%GhHH(8P`$t@&~fo16g z3>iA1vjq|eU^)R7SZZiXhtPKEz1MvANsi+bSkAZK+4GF{n>TOXlsmWIo6Wln zn_nz1_qc3rnP_<|+1(k;lq(nkgAlW}yqsZ#PKLqKv&*a3zyH3FVVEUk8I;Vw$dBY3 z@;Uj4yi499uaOtYv*bzg2>Bbim)t>aAv?%l$Tj40axtOg9C8LZnVdj2kv`H*;v`0n zB~8Rj9K=GZ$&o}&Sh8&AuA+842tB_svR2ek9Y;eM^+D0>hN8(1MWYo8cMTM_YA8%cL2;xO3Ka`Q6~7#d7C=!k2Z~uU zpqMrViU|{-D3n4WDd5M0$*Tes$hb5qXUvpOM#~;%PGc+R7z`cxy6QN^WGx2jmU%9C?`BNp6I< zE+NA=4%V0R11(@qWJovu4zEYgqQ!7?9Mp*l;0ePFpIGEC%3X~XBPX7YHj>HsMn=du z8H~}-tt_fjMr2B@RwvU&;Wijj%XMLmJjRA1!;KfS;$<_J z|8v#nscVMMym*sX^Mbs z<+qE5%P-v|X70J=Y*hFQM^7s&atwcUDJx!h!@0AR_o?osubl|(2QDiIm_*+X!D^zn zhTvqOXEs6cKra-xq@cLE4T|9q6sH1EqCqbd8GuI=22e!n*Fez#P>8H>M9^x0LR1Au z1I>Xmfl8*rdVEs?#n&Pp{tNIIP@?v5`5);M;Kvx{#bil#Cm1VKyKO zdVp-lQ_)9g-r4%u^sG&#vYmr}O=H+AR&<{5G^^cc!5v>w-?eQ2TGSh z3yi6_w=~yeey+(4=F$bic4$&LyyuFgmHa>uxsEU2B-g>k7UD$bV+;BWf5&K<_wcr} z_0usL8ouuiFaNUJ=6&W( z<|UX5|J(V}N0o#>Fgv1oF!}~6(R+XpKOpar*8yWbLmnp&0j|4)+zfc{I&uY&o~>jH zIhCCF+k}TKAaludGKmzC0>a=Q@K^W~{2qP_zlxv7PvJ-L-|#*7HhdHQ>ma@cZ^IYj zbMcw@WPCh64)@>`ZpRV49{aHy+i(qDi&tSKuEI-jC7z9^;R(193(zmiLYvV5%Af>lMIp2fH6kafMMiWK(jqx3 zU4a&%ax@c7K_v)I;!g3;pYS9Ty(=UL>Gk7Q=3lTf?~}KIFuwpG@ECaz$iwYqCy&JUI2KH;Fg^qS5#VD3&f+9MNEjc3eE=hM*o4;rlqj$a zFUA#k7M_Yr0Z<6~8GQ?&@*(;s+5^DyEP4Vx4B&Dnx&>_qfVmP~f+&E@Y3L7V5P&9) zI#CON&C#d<)dS!d(CW!Z1F*9kEkyGGdM2Y{Bw|KH#pu)A%KVdG830foTF6&?xgCzo zTjXVcmq*F{04+C>KLe~>2sGZfIV@OT3}9A5jj~#D#=WMk3xb0I=;Xk z0BpRBp8?3YAKw9R@n?Jm0L3}@Q~-$q+zkK`!c71U(OO&$&>+Xl02XHANdO5L{Qz+A z0eTCd;2HENz`z~oCV+q|(1o!7r=sIw_q$O$?0pk*!_HTuRj}{NP$g{oBvgnn^8=up z516-@mtiis-^k0e(M(bfGrK_~KnN+ZlE+U1pxQ)yzDq>DWyrUHZ9XRS+m)z9NWNppcX0m+ zq2H~6g%`l}4`izo2}dud6k`gQ@+zJ$h%i?X7r$08l9R;+)AJ;sUUf0Dp*i&Pi&2_3 zZ$>(L$t6gNW{;uEiNh;U51Ki4zjiW=WOA8CgHG(o6wDm$#c>gku6g`u>1!7O3-QoJ zu#9uZCc{@w8va1Mrhvzr%pv34x=kPyk&k)i>tmS1n}mM69ZeUJPZ;tE`37pBd=WmIPlj7w0{l9E$3GF?i3M_N+QG8;Z<-(%*?HD%L3gL7c3lIi{mdt3bX>& zVk&*?GNhuL&qXWIa=PPOz%R>k)$a3<7cHgNo`+6GOL8@)tx&U=Ubq$AfEMOz)>9O3 z+)q!K_ko^V0n}qNNx|{(5+k69B|t9<;Xu5A?*iIzGLB;pJ_?|H8u}5=@_lf2`_Xzp z?#q#s`H*>xxtY0``2&-H(T*f$<1@%Huov$w&Y#VX`HlIId`zwc0`nyxix=?~%t@#S zu+uq2&G?zei3xY&yO~RXe9dG&B1_TzcsVYEgY*+>hJ&&KkmvwuAYmfKUgj1iIpSY| z&m&8r+Yd@e1&T!D(M+^C6KpBwfmy_}z+VIPcole}hj;=B+k6qBH?G0ni9Dlu6EKOSn88Y)QU#O9xp^7%zaSk9# z`3O9-9|(I};KPTWi^JFM2hQ?havBV~oFVh@_2?^9&6I=OG44mxGFW@v$aykSjgXeU zSVe9`ntfvp(t$0g3aROzwxA?Z(ivx?HN3zi)y+pkWo-#6k&$I+6@79!sh|xqGWT~J zmwz|pImIwSF_UIMXt@S21LCU%;7kJ*_zu2Iw=5-<$Ut{4B`#D=h06db>S?f2G>x9M zjL6YidjB$V3R=StX*!K8CvE5`{<;UP&Q~3?f~-SF<^E#o+tF3%SeTU?BUye zK=wf0(}eEXP8LbX8+^MD$s17jOip$zpU59=OmbY*1-#hA&;aBU7s6YFRL>Q_6HIHOod-u^6X`#=4{F)@(Z3y+9sZz{wZr zvMIY`Wry9b?doc%O`2>@)k-evXo$MooC7g+moXcw%jzPLE~l=uW1u4xS46w}+tXnx zeuB&!)RuGFRZ96Pg|V@SAqY+&JtT%(XjLo!uFtB@%{bd%|n z8kI~LR>oMlTCLDVxKuV2Zwrr(N*mH@?OmL!yU!6dXXP~p>p*LJR%Mp=^wvkbCUbAF zN$IlNibGW%LzBNV8cg?fx6_?Zkjn8xVpXhGDd&e&L10KSW~f-qh$XqTl81Ei7{`TV z!6-{kp zvYKlYoTd- zScQtyDfmIkF${9fkkGtu-NY)LiVgAW77fc`-Pj1MTSOU@slyRPP^pM1A{tGkEzOTH zGP-iAlp~mFi${V!Z)0!2Q{}aqOr4=@pK>79A2+*H$r^_x99FlutbKho7N^(Os_oKO z(MR`^Idtw5L^5$~XqqauMx|0I>6+c7tVI)3aT8tS>2m< zd4l?+nclsdtX#H#3;_Ed^LXYXVKMm&;IDNE?F3O|0@=ab$gE=m!xLEpDOgiL9p$7< z5^Zja@UUG=CoLj=WThR8$Pu&6M--G*OhqlZW6eKq&g~|DWu}uB6C0|@p}EXrawIa2 z+_;$RL6z`LM!3{*WbW1M{#T=&!L~U6swMZ%3ya9SB|O@mfInbBQdi;+fN~I^AzuOC z`YuqbOMydu7tq(1&l9zu;H-a4-UFfNB_Lh9fz5poG(>NMXmlsJ zHAm)70W$X~@yf*rnTmbUs8(!Ilt2Iiq#w&Li&GmI|MYUbwRLRW-l}2u7wbp8-y~bk-G}Z*HzDBOWqq5Zc>m4<2 zf54`gU=j=!qo#&BwTqRzIE~e+G?@JXyFAe3vYWMPqr5?5Z?HHuUWZHRs;*W$%tmuv zt;VRb7`$%7V1r!6H5wJAxo+fstD*^xL#>%LxNEAlT7yxm&^nB)IiRf#=$$q825YU! zE7#dQb}c6lxV=8Bnrp20nGEtKuR&Fk>xHYSbKAX5p89}JU1w1ky>g}3s<#_la;@BE z=c?WICbvVBqa>P%ygxucKAL8KJR8IUDoWCng54`MkqnTrSO3PhkZ9x9$Vf&8bS zvSDMLaI~{h@;f1B@KBH$g&62fFxp!Q`A-1{IwPZ<6_fGsGx+ZS=y31@z2VW`3dny3 zMp4!Xy@BwX+XF)WQ*hd_F)v1b#o#M(CHgb-73g;@!xLGhxWG6nYJ6HwjzZ2H%KEs1 z%%r>T5s2uldj)A!zpru~y?8$GO%A$yJ{drE{?8m*TtNzHq=L++=Pn>CP~FIV3kZis zmAs%7{}DLzPxJZQKkiNA>Fu#=7nIG=4fWBETSWt>VE4P%~j^89*pmw+b z-d>Fd%|ZZ6^dCcI!Dv6f6ClUnac~TWjRK@_w4?tN76qgIj0eNRK;hs4c%z5w}!Zo6@H7n83e3}G0PA|O+pfi4#U?TF;O?L@~K%>nI$y4tZ zv?ABYrn?0(bU0vM`D+|HuQb4*8$JQ&bijuHpB^IxV)7NvXP07|**Lgf1w@>NU znrw1MwW5v-H2G9@MvcmCqxWtXEToq0g8C&+ugcP(GS&L*z6PUHp>?_(o*IwUQm+X3 z-8P5DZ!@v_I#09mZ=keIv1#6I>K7Es53eDawm`R_! zT@XROe1-WAm}kStjynYBqC@q^^xfTpxgzp)?sP%7@8=GkfPTM6P$VQ*FysoTJf9@i zfh^x3kyK1A(-#*5D;HIVSyrZ!E7US&G^7RoO%s!Gnpi}qRj{0zQ*=jD$yLEfXIml@ zO=mL6j%Z>W!z$-i$#tvb$|_c+(#p9!%2~~TqBP0uVOGO_%IGDx2&&OB`AKZKRZz6` zR>20eZtT7r9X)m}rIjNB4+_xKPQjFsQ%3~Pqe32*5P6XyFTxC-B=W_iLGpVBo_}wg zimOyuEF?bxg9ZJ3LFiBOgpvd9&ngs85HbOVwBr{L1@(0xXBb#5F7S-*&o?&;)}k;! z+J$u8O@a&x@zCi3*n@O=GPMG;+ci=ddMZxJjTozb|FtPx7~or(Rj z`2mU}UV_XpdZen z;wK^ZYnWo(rc5XhmXc=~@&oYX9{^YW3V9YLa4(_H&MT13=HXw+%w`C|7hwgu4lWsH zRG~sQeJfmyGQ1*h=E$yZg&Pq{=XS;Oy)cft`BAi>F8z z!icBS2NshhboL6-Ec(t5!cCL&NEY-3KY?!GpJdPIqCY;m8*i^Hs4OL~=Xc{XU?joP z0z-Xt^zmD33V<3v$M52o@cwh4hu}@yy9j-*zJL?q9SrHmJD}z&On0m=C|VHF2DKVF zSX^0Egp(;XtX8IzM_E~vi^U>bFv@Z)N8eaqzz+JNkrkiPgxSt)9|mQkxF9+Tj`w{HN35TI{I#$R_3?jZ(e7`A zji@(&{mwT+Kg!b8-wJc4%G2rb-wNlCgM`|B_#E`}ApOAzJ_HT@U_pt9Jivgl;{m7{ zA@qzJB*jOLAA4>M@EoF-9CnGuO>H}1PqH1lxso*VrrqDOmzYPi`&aeX7nKKkLOL0c zRWBu-@R4RhJGU1|2bBtCIK*l-GOa48l_?dR63B}(EDLfGZA7WnD1sr40I$Siu!Kv1 z?=520>TpmQj>zP4T}Y;kM07IHxNx$VGOPogm4el(RD`Sq+Znuo7AE6Oh~pnNG0IqghPnFpQ9X^%>y6jr3`msFF5+E<6Pt zM?bF;EvHX@E(8|%3*kz7;+KFo21f4q61apC9zqEDoZp|%a~6fS^D@=f_ZCc$TPm_fJhJ#5C-MoN>Ggd49KFAH?H&owW$PM0mJaVFib%_ z4_HIS4pCW)0uS}mUp@o0@YxE{3d|gzA2r;}pu1O!=FqH6G*2RJ7nK>H>GFKjTVJ@mIwj&ZQJEf|EgtKpfLg0WlQFY-tgiz4hbmDA+QctIkT=n$cH@U1bhPzUL*9wQqjzP zNdF)l%hWUAc~l9q%aP2ZO#Sdg_K1@HZc*9l3OqC~PnK*;MAM6S_9WewNp|-$r&8B| zcsgxdB9e=eUHL(uwS*t^DYX1Jcyf1-STyqJ5>XWrMN^`()CUK}#ybbLK+>9$Z?ye-qe|BCq|9a<(jT9i(R%5>1h+si~?138IGmy1lImQGO_ z2bI3%qWPFPk#1NnT73Xj$yuu2=P}Lu`89aISu|TjKuz>P4z6A&^n;{m+T#7D8+1MS z5zP3VScU$9&O#jXBJ)RPF%Ks2ql=Fd9l3y2hPfE0mCGV53w#`>f^#F6M?u9KRC96_ zoIzGc|9G58wm{1&l_4c)3>9)6An}MiB-619(08g?MU;((Sxr<)Up!8vTA&JX@|YGh z##(hmDO1XGs!%N;)<{&vs-s*q9F9?LqiEFv&?0N)YDE-OrJ%@EvZ|O&7gR+7*N1g# zRZtOCggJWFMp5O0SR||jv>lYGluFQCMxvZdE7vJNeW?If9<3szlFR8oHi}jstqtiw zy$p|oaGI6Ma99?KD5J8dCdhIjP92TLf@;uLNGcH1&=Tx!2_`bxU;-;RR;AVgiUEQI zu0bI+-~(k$DU$~|R;>ce5|hVh=O)qG1@dr616pQIrhp4jIja=#1+`A52}gshJQ!2x zBEaZv5-nb!)T*L@t$>gySm+ZY8v}f& zi-Kd4F02A<#;W98ND)$S9Bm(jg;2&qx~N(WJ@FJu$!dbKAfQATHm7DoN}W=nQ_vlQ zq7^2MT&E00wV+eg!DK+44$G|L2diPj8m$~yv&o&jm0_RvAFnyO6AWoTf)?o^VBEHdE+q8M%S5KB#pDk_`X({>XS@!~z>|hb zhe~_sE0v-OdjA6cWSx~ibDJwglc;#1Xi14GD=Jf|@JZ6#`Jok+qAAq9P&5TIXXXy! z$lyXzD-zAkh|22WoP4rKB*)Adv|_O+CK9GaWhSURbFoN9>j%U$>DtB6@6!7v6KKm~ z(X>+D7`WkgVF0dz$JoW>C!j#>jB$ZKoI zYw8}{r>iA@1!s+G;GJ}yT3o$bbnH^_b>pdg&g<`0aP4>q{Cn;KZ_5ioyZaG14?a(x z0`JSK$z||foX`vRh+;E~Ndid4Oa^>fwCEb<4Q6J}+QlOPTZPDh&f`s7%V?@XG?i|v z6wRgIRlq8r%h!&e;julE@-0O91>I38Dw&+qd$&a@mkw3*iOO6mJY=S`D@8Nune#;z zm^o+Mn^03s-rMdY z>p@`R<=%Ee&)+NRTuQ*F;zy7=^uy7H$&T!6^^6ZXR7R zD4s#LY!aVj6_?FK}3C{)Rh#2C9J6^DR7m!J_SU7R~#Q4FFTA+D@ zCvzQxUPP;y>xMxZl@65*Vc<`6JbyA_Ks=kiG$5XZF6Ae(kj~s7PN7Tk*E=?dljx!m zpw}N9Xy6{lAB?*Macm;f#1Id@32j9t@HlJA3GGL~f=Wggw5V6S5?!4m@vdHRE4qr_ z(JNkuuB2ss;#zdYNT^S2Md^5&FYkv2>IPno>-r!Z}~Y zpc8?|J%?EazD&Wh_0woYM!XdLIX8u4GvYwOpA2r3-bJ_MGvf6H*Ns(F@CcxQ zuFs0A(KRENXT=?e2Zshap;x>-zYG)7nP7KwHeE1OGP*>krNvtGmwo+9X2NY@@C(I2J(yu5_oag1cf zuRSYTFPT13dB{f(=vY8K>m>^&Dh_D{y}J)n{o#6vXQKR&*3hTnFx6K!OLVS7T5qV# zM1!5Y$lM(bMnGaMlopeAfEO79ZgrTP#heM3`+r?S6M;jWgLzL3a9xPg(4&&Y=tlbU z-z8=A@<%0=bm!xeDzt;ISU}f&DJ`HyPe^9b^Pi9`M>ph~z4C;_ivBusNlN@m4vZGk zv(n-Uy7&o+3~kRhi9aD(QO*N>5xIi_T05Qv8FO9)PzRpkj-;e+7P*fB#LH8?JQd{Q z4?Y5f`aF3IT3w!}ln)L{*3RO&6u!-!z^UXl94~>h&l5n)?}L`$?32?v-Fud#W)``f zmpJmDyB7?mdEd#~`N2Tb3r3sXeVN2E3p{gpnVMWh{s1O0Gk8Hsz$Nf8{8xMiH0{JW zIh%JFI1uQH<`O;nb$FHj_T$3eek?io@!)|U7a#omz{jEk9v=d_1qVDn1ZIVYc{~UT zn0?1haKQ6Jz!JP~$1Thuj}O#O9P*eK%>~RR27Fq@xCt)c2P*2}No)&!;~{|8TZgxm z&Y>QTvpc{xbLy?ms>eYh9M^&nYK zR+HKIM{xSQ9q+98+>dGRJ(AMHY;m~&yxo2SDM|lbgTjB;K(fEV;69&^1NTzAzs2Dj zhz@FS=yo5};Lr`vH5lAK(L-7Y4(j5NZ6osp%x~`cTzI~pr8wk$*rnM_5pHIH54#&T z1M}MpPKg{T!5`wkgCFil1wv~vZGK%c;n01WR#Yj3jry&fl1Tq;lj6dE+e9LPCWHUx zOX7dqjaYPWlSB4wa>2n(#`Z+E?;K7L{%V`CCIZUskxcd+2vQE4$TMd_J(zpGt~i4PL9SNnNc}YL#ZzW3yK46+T0qUCDVG%?$>lu}*I@d79Mq z8gI2utyR_gt!$HBYjN7-dV|eSQ&V^-8U^M_tyQR4dCIpN<3Y(f+VyndwBa?SQtEz4;y@$(lQpC4 zFHn~|p|2ZBy%9WHB>(ZOc+9n*YoiyPzD(pIy{j*jTSsEsYCZr^q6E0 zop8TIOl6Ntig_|VfxfW|BxciNl2W?ve#vTdS6(u(y$W$zk1i%vbV84K!U%alG8K<5 z#kf)CMm@&8PA7zs6cZ2N=nKG+0DXhpaIuBi0z){ixL~LvzXwCAp>lf3tA(@pk<6e~ zuNRh~2gZhGquXCEw4nRPD#Ucop28t?-?)l_J%z>esa=u{bmI5Y8FT`FyYVqe2_3u- zn3EqKlN9k>?De$paf$ig&HB(uCHbWvo7BOkze$8hB>Q<+bbe0onSe&-UQ*bI_Opp# z<&<*@xoYGOmlht2ju>MR0C;seg+>?3f{Psh0mXTRb2)<+fkRq34E&%Uz5T_))#zb< z{teXjQXz*P;;-k@i(e{qqrc_%>&V9>l93577oM_D{d^JwpaChU)~8IlQ(U(JZYTN*U0RNY*1B)xZqG+lJ`2Vd4~s03vTFz|G6g>>!6 zCYcmM5{_Q6`WAXYm9&YE1ll_UevRmdAwEv;t6Ws!$3x&?k6z&)z5tORXm>vpkM=-u ze;SJ0`B1}KJE6F_9g3S;p|~ar#ib!AE^3D2oOMu~9)RMMMktQ=K(W~g#U=+78~K2{ zEQH9S!Bh>D2_qB{Jrp5uU`NNUhNAfhD2~xV5zs*4Q$gWXK;hWdu@DL+_)8+T917W7C>G9wV(xS(W6!SGo{AldoFyY@rN7 zCSHHKupB*|uX6k%olmdcE1i#?8hs6}>4VP}&O%R)Kz!>AaD;=eVsZ_X=weV2T?77; zM}XqzeF(x@1)DvO6ytwERPEEiMgAFI3K4W?;f)X~q{mK(5n2Qxb9du1EQIKwM?mp$ z1G*Uf5uD<^NDX8EoOzVl2CAtCK~41+;7NOcnhinVffclhe6TYA8=lV25(r5t8oBgH zshIE(u&!D#B%<3^Nsk)j_u^Y>kkVz0gbv%yb0`7_k17X6y8f0gXmrez}$(hN7q6K=0)f{FawU_wrPJw>h>VWC#-)UX} z-TuFb!yL>7Vjch+|J69mDY-z*!^L6pi0yrTW%6;Dh2WkAHO~T!bi(BiXa@w18o?m> zB8oA$L-@(QAC<+Wp90oGD|0T%^s+=g-gzgz@mOgMe~O*_1G?k85`Cc^ZhskVS27{z z4R9QNGR>2ma9j-ePa{3snk=!HD~EB#q|33?t>elzJ& z&lZ-@qn|FEK=1uUT1t=RZ$EoPBA|~!9qAaVqB`z;ja|OtXO5%X|kU<%0t79YlM(@_$nKKO?_f zEd4fj%>S0JST&BZux4#9O(!+qTE(A2y31ip8n9E?SAEW01 z?Ocb>M#lkyal*MNhrRujd7in4xdt?iJmWrF9Z`e&y7e2UYvTx#}4QRl7xe_2lVepXgCnv6g~d zW!e5pRTXQ_S5DhssT{0gO?>SYlc(;lRaCKS^OaM^D)~7s&s9#He9!>$)zc=8trJ)e zAZn&%S-y{nV}10$6gLEpa$mNqu4tQr??&*x;{C5TW z0BNQGUZVVqQ;QB7QW^i~@@Zg77zI6*mJ7nDrGdVz__i}PIH)R^iBd_eiIsDLj=C0_GvTfDx1EIk@}=5dB*qFlu;y9W0l>d@FUJ*YlRk_;=E) z(QB0ZK{}hJzLQR(YrmJap;z-26J9H9N3ZbLo6t*RZAO(B&hMpD+eRn)@~D&Ps6Kzp zoB(X}|9vh50dQ{Lz%1W`Ob9Q-JiGD8%TEH841vTkYLhtBqCWy20oQ|x`AYB#xB!^t zvw(j50TAg1V3@lgCsGS|2pmKFfL0x_yhdOdR{`71!U8V>S~45bFie6arWIRCFM>2a zQVbHRkWSho-A({v>EHH9^qvA zn(z=1zdr-vI}-$f3~oicfPtL_vc@(Dir)-^+Od#Sq!!rwB1jGK2|pG9lJBlPwzvrA zW*ROny4<^nR0F(V$^T2Ce8jf3=&qcN>Wh&D(~6csKmi0}uY>~e^6AeqD8A!`)NhtU z@i{N4zOxjH*Oox>GB30KV-XZj^MdOWz-pm~`D{G9Kqy7`ltb~Sc~D#qDWcF;UXDE* z9QDv2XF$=%OSGNSps0snVPxaQ+L}oW1M$Zb;c^u(;cCFA8Yw``Ma$tFp_zQrpfcD1 z1Xz_p5)l*yJWoe>V*LZKM$Gp)9g+a@L_moC`FIgrs9+`MONT0kju4eu*We)&-SLHV z9zEtO>0IQA*3dk_tx5UrP%SdMjt+ed!x%5lw$1b)q-- z-8Z5=l>JuvWF9Q=Tl`7*9S#})_hJEn;sDNB@J9YsRWuWAJyt51CBS#V+!6SylJ)p5 z5V$uZ8*>vAh2urRhpA>HdSsC=m(A!*y7{OgJFFgnm0)NVqU_cpb0NqyXmS4jBX6l$ z$nVr5x>8$YA58_cje*0p4ZeLYq1)<<=37m2r`1|(RTvdkPHwF?E(i7ssbmri(af#M z?(Vhw;#aG}$xdC9(x6mSvo>dAgD22b#~&fgJFPILSI)tAyg9t;Sw(MXX8 z8PGlOVJ^25`ru&E8uwx*!GPP+GvIXe|28eeIbiYh2NN9B+|_Li#GRC*$OP8C#}FM1Z3h$gu8kptX z(Vl2`hR<110=Kj2+?80vAMV*Suo7RpwHynoreef^M&?-{-PeK+q6@T)M}T@ojNie# zAUDlbkY)#gc+mxl6FpuAE4UlcYnS7tG`RxLIwBp-WK;P$WxCs1S|EUbI#D60&R0gF z>2P;jieH1Nyz*$=fT(f>UNF0u%tNVcx;58aoWG05b9WMYsSMAe=gF{)u8?5|{fWPQ zS%xcV8RSP=$S+f}yQP_5Ro*e7xii`sigwQ`B6Cn@vL~0SqlkXA0+&zB^A4vlq#B+X$>Yi z(mZ_|Zp$)Q3sIc%j z9>33?wYNHS)tOYCn(lgpl#MMZ42tD+U|q@O@Q}cuAg##$)#G&F3a{nUW9YOns2KRH zha%CSjFm@XO0_m7hhP%kfod$-Nk^@{#n9{eWtFk8TmWDvKhgEkd zSBC4VS_kVKjb4S^+_iEbY*Ba;N$$5+PNA!Uh2!!ow@^H~#gJ$upOi(*X*Ho}SSJH7 za6Zx{EC)aPXbjS`gd#C@M6K1tV%Y>xkG5FbXcmt_`GSsqWu`Ag&gF5%y5b5`MBDGx^(Zvajw*xN+muZtRsUw7a*bM}%x&>P(ZR3?X-L#T zmW|0&gOK(ET=8?pX>e*+ao{DdQ7NNgSk7P~lI-N2iAQ(Y=V}ecss_5#9i5?2)bFY4 zkM%pUeh25t^t%l{trc>+gc}q+J#lNK);3^BSgJaz5=rH64RjFF$!N72PRsH8zPJEJ zsvDoXMW;|gR!|k>QBf*kAtT_TAL96EqhLfA3C851m^wI?=Vo~@k<7G4yK^}|eqY$M z>DLoL9CB`QL*-Oj_2{W5OgjTn^iMJE!xPzcw0(v2@4sme907aabX26;_@@iUOoqFf zOV-k#_ZEr3@Uo4;yU@+>rxyBKHOULx1`+b5pt0tEVhC-#e6e&b#8!#+Qt?u0k2t=~ z^CaIB-L*t&8hLD~v;+zG1gP}2Wm4Ou)q;uezGN0sR5a&}m-N!^5A344&^-03bux7lb^^ffzT^~si$O(su9!ri9& zhPbabo2ZY324ZfR&fVU~##-XdI;$pI-`$(=S=u^v_D)$a+ufh)tWCys!KhK|fWQxT zDi{s)Wej}-kyyK>y)No87zP45eL`(f`BgPs+km?xCQA>tCL?xPcXcw*P~BLgsq1lf zwZ;Z)O?Fp@F&gb@vSke#nVC~JTSLa4KvTw1-yhE;d;RWCTeQZYPG*7)0kbCLt+B~k z`n(Es&~45T(Ut|W0YGncB|E64AuJ^<6ZJz zo2k*E<*I#c##Ue2(BEkF_xV#^qt$ATn!5r~xl8Ygb9%@H)NG14vaViDN)`0jdQwrh zFWl_Sw3@3O16m|Ij{tZX!zl=bbde)zwa4n0vaZ_wKr zA27+yM!&5|6Ywdt_5EC=wXe+i7*%Dvqxu2)@O*W&I_#rsSHdQKHl^whQ)JtlLq&D+!0r}Jiv@@Tuh(G+Zs z`nr4S4SIQ}+St>W%y?|>L{Ob0uwnz|aZysshM=5;1&Iz7ED z1JzA^9hq8I5lO0mZggZh&MR-W_}Z1qw6npR4b^oRQ_Vf5u+!7g+~#eoZtj$^HSG=h zUTuA#t>5BE8d_WY^_^{XHPN^~5zA`b3RO*4oYiox@?=*}pt0ZObz7SfoTIL_#YDHv zE1iPA{2z$_H$nW;!-IHzyRFF`PYyU!b$w=qG7{)e**(@i{XiyQPXscKR)s#(l&Mzs z)CO#6M_MJb4zT*pXoJj?O6eL?X+yZ)+hS06CKNR+=dQKIsuik0usvKatIhT#8r{BZ zjnbP6Hr4=uXN{IXo!x1)$%2}2^?*8&at?YNtzGR3ZL2kuG9+7@T?5t{dpw)vg0*pj zw%gh7chxla+LYm>J#J0uI|2!_JgU@zP9U7Ab2fx6bvicXQ>pC%&eA7Wd4q9_TM^TR z29#cJcbm+a(06*&O|0DC7YGJx8^T^^TG`UoU*qhLJ1ySMTAv}U>}pPO{Vt0~HIVV@ zyS3)pPW6Dgv8&loqw@#4liE;+x3eqat<9Q~$(lgM*l2U~IJ?{f4z;$Sx;3vv{qVxiPrdVGs` z5>HZik}$MfNKaoRy%Q8vw|+wQ(7MIaizZi!c#;A3WktneVcy>*M{}rdiIjtuTkja$ zNfS$?7f$23UJ=s>Q8eHzkU;MN-}@@l2y|=he<4XXE9Plv?c3#7(d4QU$JQ;y0{5YV zVL%6X;BQ5#m}!8_?_vgm$|IUcR3i%mlM8W>>Iekwg*XUti~(C8jj5Ee*zjM^XT?W- zd|ZovhWUZv#GQ^|`30<4y>{anbzi>q9ew;kNFjb3)RZlJ<<|06#reaZU9d?!Pjbd< z%hL~CG~9ldWB6|u!bnek`}*21Ui4G$VQ61_5u4kSn%$p8Y5(+M$M927Q?591g>1@4 ztEp^JiG!!Y-%&kRVi|E>S9J6LsPcb_D&KGr%IeEg*I7SZfCaF#5uIardnsS+~x>$yJOj4yxwc7sS7nGLS4ZYtF|G|YCCEgVs(DK zKHThFH;sB~wLw%-nQ_1H7?tWZ~AL zxA&|1-$9^aXFlWc3}%jG@EqnyXvK~!zqRPKT&o{PmR?h|C+D*8Ej0S+e@EuO&dA<# z_#=~SwRhAR&8_KbWwR;P=xnNUDs;7$PP3*boUN64I~uiZ3Ri={Ue}lEZm@wuLml!c zx!(40Ca7&PWU5=+T`e(>r?Yy%<*6|`WMN;Y%MtR1l4iS0-e03>%yJe-W5CrMu(Y#1 z4Nc}?D_D8!y0W^2&g~!UPRN?{{S8rPQ>~(2)7NGWhID;4jYH{ADI=LoXSgF0H>Z1S zX`8w;m29*Q47jgmgZ>x44(GS5kj!9bSIdu{C5w_p9@;&v_DOEFOXiCivg1| zVFsd}{Y;n$@D98Vi_y*KSX2aQiEe{Itfr@ymmJOi+Ycj;uPD)ynS6UN8Sa3*oX`f| z6ksu42cm5lTASz@Y{_K0=ZXnyA(uk#A9yIb2!!Ct%S+nmBkIyMG`yl@3SGIhq=EkF z=8`qEY+1=vdi^f0LzrvP6R+)vZ+7THD!FPn({t<(%eF!Y1nr_y+VLt=w3uc>WP zHdv!df0H$)=}1`Ys#LWm%O&Em0lzEUWYiim&W_q9i!UXQJ3_HYyH6g{g7(hd!D*CH zBOsLOI(e6>qubISuWj*VWz~lMth-;|?NT%+`kJj>ad|c97}6TMPZjL9H@4dyx{SQ9 z(I=~6K(wsLl?@uZGANc>*Y45Lqf4aNgnrW~*OdhT!!Pe`v9WIxl)nD7(9O-U~ z>Ak%km#(+E!;ncjxwalpxIfU|9!sb)@fuaT&K=+kcDuD&!@4ZCPE#s2;4^UTF26O> z-p~a(f#Y1fFKCa2+T^mh#~N(RYR&O#NXi&?Mk8IV&bGL|UL9=6_>^fywal&U zNF_Tp)wOz)%dZNg+YM%UtUB9J-xAAq47At#y^*xvT+M?xsBWgtmiJ&N0u;t zAVccW7X@^aqbHS-nGYy|E zJ)7Q80`HaVdvE0_U>^DTWa*X#{H#hKWd~$F$dD> zmDq)OSN^W|OV^J4d|b)Zh!%B2fB9NSBc~sEZ&S$(1RiV9ANZ)<#&nPCa~=GvEKk9| zFl2;Bzd#fIR|9bcm=?dnv&W~>Ct9R+RDK+c>y&nB-3Z%XGJ+cquY5a=S3sq&KcCag6fpbqpRxbwx`P7Pj4U^-7}<5`!pu_suUHpM+M3yA8rWV*gN;mX+JoT4esnL>@K`c7w0&w#U2 z-Dr*)vbwCv){+?1w#ZUORiMiia>xSJ)vBb=-rK`@TjGEsGcmTk%LZ7oA#IWObSitQ zgH5JBQ=qpsp7gRRqbY55H7EK_1AbXwU9~I&>~|pQh^XyhtGT1K#;R&{=>~KIS(7~A zN;ZdkGVVU3&#&umjyE|PoNU;q^8012ZfAXuopbf|h8+s<_-JXisGRM=tfDm(O6k0+ zR!1b`)V8=Rj!w3*+0hqnYfXDQGBTA1{;dX6t0!PKSlljkB-UcqB^-50Q=PE`bPb~# zH1i%Ky&6f74ht_i*Q+e6TO!);ISz_uJ}w z?eS2uTg`gwU7AdrUgOC0K#SV$Mq9MDHfm|<4q6?~MwL9HXf=93dF86r1{JNq8FlzW^|oeb!lv#? z_4_;P8k+2lHZI0y8|)^o)7#M6leT-hk`_h8SX(1AM>BSNXH%^!*w9?9A4p_niDX^G z6w?JQ@!mj(*VF1Vn>u2S+S(fHK)fkzRT&d;r8d-Mip4s*O^v!tU9Y^|>Z@tAxdKt2 zF=P)nC%wr5o!izpkZ6u&9UgZiZDp-}_DsZHt7%L0JGB0~UWLJ@(^nRj=YAXczsD4A z1bF{H?0tE-8)eydW^&q|_B6?9Df`w!OBXslnaRv#2I!J~-}eZHWHQz9`62L6iWZpsxZdvLlP2;LEFs%BHUyuk^bo=d=j*yDs1F559kTuB+3@lSyVW z%l+KT@BaM`n{(hf#liH=r)B*AFY#;G7&K^7eyg$H<8+ip->cB^LA9%iwQ?b?ww4HR zY`m(@_49tGCCmrB245V(^5 zPBt2@deA)xc>&$wS2tYVSl5x$(dxd>)6~XG)7_xjn9pU4MqATNx>`^v7LzVhAzBew zwwW_D+ahZ)1x$rnDP(fGL;ZT10N>ng&@`fsW?da5ifI#*sa67ZeJhYMIHRRtuA6jm zf+bOBn%WlY)RA>Dv+uX*kjnq49R3sB}CWN9t z&8itLN+yElP{nIx+?*$1H&sbXuhgch5eMTXbB>n5=&02@>g2%K@L9BlUcF?qQ>Cs( zlc|x-108r;F`K`Un)Z)8c>jOu0j&F98U5p@-NmMwr7YQ0DO=X0+#L^HbP7I$E#xbu z!ufbPr3qWLO{?0KG<55lBuTgOkw(-`MXDvTO{eS4UXdW&ep9&W3N#XNXO=g*a($wj zj@i9HB;4<2ctg}=DrsF*G@$GHYlgu905gL`OXKlSrfGq!7P_rowo&wnghiW9`vNT4 zYiR>Mt}B$AK`md)nw{=k*q-NxskV!&i)o^>V4pXVi2p2lY<;D(pr0?@aKL zyi0@24v0k{z}zx6HnnUox_(^oxiKSu<{85^3l#vrlfof%$|8mHkkpco;*DeH!jwc2 z0@IflDQXaT{Kth~+lbr~irsVZ&w3etB{VDi4EFih(%@kS>{E(iVV{TXMUT%@JTaC$ z@{wbQ*Und@v2p7Wn)62`ig)KjiNZ6k@csJ{;<5W8L=u25Kt#;KDP|=>LAAso%_Ipy zRMR358f6$tn2GLGk1zSjm4_Yi+vk3V$Xg(q`vr^~_u%xsColM~57BqlLr|E$3_ucx z9hY$2cj@nDwhi4gZ^6LSJ+XQENB?sHVkDXM+KhVq&>Pfe9%r3A53Q2|%|FA)vhQ8< z!m+B!^)nkT-!`r}{MDZ2{3mandE&m=08tJsi1-i!L;_CG@ym7`eZ(jTTrHKo=BQba z^9zt#aNvsdW1R>7ymh!0SLCp$iF7#X8)yqPlhf(2w92u%GiN7EC6n4boo$(&y+JtKHYMGy3fZgb z%*m2%&~dSYLcBl`{SMQvIekvi0hwZxf#+&Aqt#}tB*FnxwNAuoXS5Lub_tFE{_?up znr-D{R6gZ*kPf#k<7?M7rLGU)|FvKw=B#u%Cchls#*zhHF0VDsasc#t(AvxbZmBVrNroe zrKlp%<`jJS+e!HF50a{NGauZs66kktlr583gQ}QW=8?aE9W#5_vK}1xB53)&4|sbr zz`e2zRLj2yy6snjvhj_eX^gGC?2fhQ;*4q?Jle7WdTk5ry*pF6Vf8v`$Fy3YQWCkl zs0Dg`ngT9(;ME8I__Ue_a(56c6&N5ge?F_)F!MJ2(jfd&^!uI4m7w2rjHudxmP-*DX*Hs`vO2zLJNIWa>@+7mXj;yn`@FpFb| z{j*{VwiMl=f%PxKC#CDU8@;u0aR{BX8NTf;5*Fc8U@@@~78_56#d~kS&r+YdSc$&C zE#4v-`L*coB`RXbw-ir~jQ+Ygqu)Dd^glJDzwKWeeZRlaDQ4Yv0Q*NwQL32?)6TGq zY$qI5GMQ^6idKKZmiLK`CP#Y#S=`o|n{{&{COUO#I$yUNYtvemw7Z+pWWG|@1QJ~% zAm07`Xd{<0nM+I})JYJbcFR_8Q|TrJGPnhrb$4t@OUXhMjVan%%Nq4OSqpW|LMa(6 zRhs&Aztjnq$S$X?dTmv&5Lef2IZ>0X#REE9tX1knSiQDkWW8mdpEN}yOj+%*>Gh3_ zzL{*KoxyxD#I};AWX)f-73{7c+jbF!n%T$dTDE8-Z|(Fwyd4HF*sla265gNkyC;P(k^R^Cn(Ip9v|g=s(YgwL?Nm8%m!GZ(z46w~TL@ zEvU>xXPz|&$r;(8?*nLQWP=Xbal~;W?`_3L-Wz&43%;?kpjbP`KJnhw!;J;S8Q7TS z$1mJ9ytb$~1shXeaQNfsm6Brjzwg|x+~?e;Ks=cS*aX2Qp$0-T86H64(1n*FQX_gnXDxS6~h z-G4D`@TY5GgQcfj^6-(LpZY3Ve;sUa!ivv(rye`MhAuu4ykY01P(c|x^7muhdxs-6 z4I|G;Bl?Hl7`ybVn`aj7be}Al{Y6k#f=Uonmp)M)GJP`s(sv*EAH4ja$fx1+s19hpnD5EUHpU2AB;cy2m1Z32T zPlg#+WFfMdH??9fT9sA&cwGPeTP_-T%&%s^V?HgX@GI6Fzu)m*J%+BzDW=Dw?{d;Ya0wPp!lRVxO)X2KV0k+qJEOS(O5PHQ9`wVLQL2a9^Q zEz)k&$&kz5Y}9+EdSu`hlAWAM7b4;|4`=m|O-D1&mneW!0AxO4?s0K_Z_q8Wu972A z9#DRV!(LdFSQhrN2S(zN;qM844x1b@R-(0N(j878Y?x^JpDJZ4+iZq%pPx~tw|)9H4N z;(YOHgX@}-UZ=;yrgLPs>ixTw$|TSm9P$z-#15E_hf2A(%)b$N|C zYYKGTTC=-a071}b%g?6sZKtDOinhXDo?zq6Y&ut9BU&SuQ>O|983-B&wX~-0XP97j z&XNLY)+kzkeE6%I6(`Ao90VIlW#X7ihF=bgzkt#F?b6_hpM1v9B^N8VES)!X;@%y` z6ZSt$i7|9`T5;9b*5}?n9UUtwt~w;YVw6FUjO0H0QM5M$R&sGh(H~16a>izKVP^KB zW6>{HNeu({DGoLad|Dao@BZtDu9#&!V%{^b@l>9R`b&exz$|Fug-X#0_l2QC;q%URBG8tuGO*8MpxWXn6^ja{V3$WU4Cyf6!#G=A>XMNeKk)aUJEyB z4QIAp%l2wzSJ~jqbiy?*6d?<|NG0^pkRH%kNj9pE2g+q#JKN~d1|e4p2iyHbBCih{ zQlTC}&|QCts)!z@o2m`SLh4tw6#(00I7 zSgi(Ypa^XUajMhKu~BF*w$=@#!`!tpAu>Sfs^(g>l5jYano4QF(Osg&r`bXcYE!L! z8EpJ$8GbZOUQ6)d>U$Nhk4lydJbC;+4A#L}=l}PtQ;le=q{ATUYb+7-<;@fmcerf2 zV53Xa>R!sv`#Z&C)Zx!Kb9$|V2)Sc{bk3EoS5iT5cwh|+kjZJ~%gJ!Ko+VqJUL>4p z2p$_$N4!ic8OUgujzyQWrtCea&6xadHXr6vHX#v>=}4zKH66=Sjkqhu1&wN+(`6XJ z#Y9Wl45tGxxD%qGjmH-SedM;lmS~SXpGalwU6Z5L>6dhRw<%vsB}7MCFefTTvTP&< zp2Wai%UEawVQXjEJlwD@M^4k{qtLb^gpF~Xso~7~^;9Lu=Rrog9vx7bLNDU(lEUA*9OTnJkJnT%we!Tnst5vvyPOu<|I6jT+%YV8hZ);OTxV4Lq9!J@$$GomVaR6 zzb&~*X+nQWLg>HVY`zWlx;qoX>|5zV@{B~JdF17zzB|!hsaf0$52pK>Ytc2bg_s1*9w1 z-8Q);D%mQ@LsjLLvH4SL_M-K#LMA_Z=mV>VAHFJO@I@>TLZaH*hjlhA`R&uD+jve1R@fF189D zs+Y=lQxRv{F3Xc|3Z%-0n3C0{DVCnBdl#(vG-oAOsx_ zPn9ZZNZzI=1Dyy{QTIbdpFfut{DPrQbN&GxH4AQoj|_#}Lc@~qyDi;ZvzpV38kieO zQKu>GbC)WFo!2Cc2@6-&8!DVX6fgThqiaX)$vxCZU^i3ZmMOOKg7Npw_@BY*eW4q1)F=SfC0wM?5xC9^lq(4_LAaK+M3N7MO~I1ni=83{HDA(uI7YZiTK!P#oWi(Ypi zQclJD1~1W=bz{Z=g9vg^J1125aOIx?dMHKD#@Xh*j0}Gk%V3lDEK%c-q9P8MKXpG- zY&mlN6tQ|y*O5M{p{6ujM+WReVP%gg$ypaWmEn2tmcegx;9=}2{z2Lhy zcJwdYwF&*g{B)$LoW7{Ui|7+{a+jqIqNms(ismSoHK>4#jMxVVB+#r6jKHz!v z&n;AzvY(XXNR5SwGv+VdyaP}NBW?oBF&Al#D-VL@KCM)PQu%SD^qh(E_ZnG~#nOvX zT~jm}qKQDH77tsE?0|QRT-VdCr@~RbX3qks4u}Crvn3E^{e6EfL=}P+Yh4?!`B+mY z&N?fDf!YVLe%@rXYf~;mN9ek1;z_<6_I#ixMt}-@%0ov5v-42Zipk;0gi%onG*kOBK4UOBn~vcF||E z7^v8sMMUyfJ-=Hif-35h?`Q$pRtxU5&Uq+cNca10D+7y(l}Vhl*@}5KC#B z(H!-S<5DnM0U>m~O^T2ISlPs79h=|+4_rd%BQwPia zU;JdJS|oLmrrGHYMGKyQrcw-SmqFYgy=Y%i*%aOzDGq zy(tS!K9-otRT&uLe0$*Q)_^*|%qIr*nl9QHgnXG+i)?4rVvG%!TDrD9M#DX(561(x zw!P&s*;0aTx)txVD_yJ2R&Q7=VOHewQPyd7Ynz=;E<_aj4LX|$SZ#ulNLo@Ef#I!W zHDzlE8h5~3s<@1Fl#gU`KwW4L+N&u`A)aVDI&P~q9Br6|YDbd`@S%LN0BJ#eAskFs zGZ|yv(;8&6eLWY+4FJGL7#WkJU5xLB16|YreLz`>S@^~;A98Q zT(H^GM)l4pH*k47?+Hdrpc8i5p*O7<5%sZnSyyOi4g`xXQ?8Y(;of&Gf>P8X z*?O3(XFHc>t5ve~Qil}w@miG(t-nZVo(B^1&tPa;F{wjq&Qm%@?O*d2jjC6ld0nN$ zy6Clr@);@MG^4ozr)eEbRCe^%~h{FGJF^2k^K#x%HJ&wP95MGJn@Kf z%i;5i^1e#;3L z?{_!$JgwL=EIy++790EF&LaeL(X)!(>>~N;vLyhek^T29wnl=k$QQ{qct%3l;Fn;> zjUX)F2Pn(yfXdk;^8z~O1(0w!k2c${+&b2c*;A{l<3A2N``d`PTroY4HBQ}(&-cHF zc7GGz$9E~n1+OgM5%}q&$Dk#WyLG`X_!9ZVo-4)-Ujo*RT?+Sp_zr#-a9^B`Ee5`e zGlI}cOevqXIYxcl4z2VQ?@bl}`x^c{=xmc{m$AH8A!GxoFv_H~z4`P(s@ z=i-&<8k=(W3SibB1@rPXz&bJt;vu?^N@2a!Itqb3V2QM|v3x{SUV<_OFgMyX9Pbrb zh}eGvl11n*1*HL(SR>t$@L7*7$CiL@#{+OgbAOBEhvQSEhMkgqVZL02 zPsuKTH;5@1&}gUDPRNhO=GIRdmmfM>U$sQOdcO!A+R9F>L|ZpatUqe`XyaLNx?@Kh z!}>82NjQ3~qF9EW-ZXJ2`s=2NldvO@V)F$1*|}ZQQ?m2tR;el3=jT?{Q?hesS3&De zwtb=eaBPaC*eOuF9Ieq)Tj$oODG+}gjj5;lvuh+b)kO~N1gDsLO-|L;$|Fe0O&o<@ z(?W0WceN8gM6Yh1IBt6OSD!cg-{)rk+cEp!Ig%LP)V9&`?9p;CTJ}cE&S+U5EvuuY zI9eu0%QHsH=x7-jEp4Oa%F*)Z(Q+v)r?IJpqZjkWpUS>1y92I%7~h1S2#S6(*()GB_#}2C*1$H)e++^zA^D-Q-^r@7 z|CGH5TR#LB`g+-AvhA|Wz6&n>Ke{@+W(owHCb7GxIBtsLr+D=gPfneVB5+o)CFnaF zCxA(QY6E(4;{-6{qxVjm5YXgl6R*QOCp${cOR9v2qsqpKEyv)`$j0{H9V3at+1rOE zr`Dl)aBobR|LI18v=v}jMt9XejehJ_L*7jj%jccAd2Bl-?dDXJK6T=bSsNhxwG3~= z;!?0(JC+7PT;mgTJxh!u6L892bdyo}-q;mKfB($kl_ur+*hKmq^UgVIfNBpxnyqM2 z`cwaQ)V*cj{6g_0o1(ND0(e?LvX>Nr5KzPMgoaDfBBx1e)nsP7eDgwCXbiNBwyy;= z=*scaj=AzP!8PO4XyGLzERa$?J}&&`XA=)C`7GKFRDNi19So_AhWMe0o!e0HE*NrN z3KPc>`dhxV;?Hl*pwB}aHF`!GTKB}?ET_JGsTwWX34u6$cYclShwGn4mrAe5tIm4T z)HJ`1EHI_bnazbV{0f*{?}1bHm8HSc4mf2~vqgr}_M$s<%D3lX|9$n!Cx_SRl_Itf z`|(dtzF=hg-_wI__8XPJZ3Gt(2NFjpHKee`@TDIv4Q@K%OCh#;yR`OIH_>75U@=0J0$8TAd$KY@U7pJ zOWD;ixzx=+J3W5+7MK;Y7s9Og)P<@bI@JS&P{WH(4==RMMIW z&eR_e&>eaS27A6LGhi6Hdmj<^S@FM`CrpLGJ9p-OWj$vcTn=W~CSieKL z8yj17-d`?8sy)j81;Wg-@BT?8(@Bk>Ruh^OFsIWR9(q-HK$uY^cqTxXo=kBZdSo}; z4u>zCf9&$j&wmDexLdhxe9ar<-{v=OE}_$&mF|SAV1tDj0x8yfl}C%Nh7DHuuRy7`plz*x=;vPW^r3#?BdN3Bc3l zuIh3belE6L_G3854=xSr4>%#$iOMa9%%9Tl-EpSwBWD;m!gk-P{3ayPw!d=ShyrV* zaVur1hr7R~B(brJlMnq0J$ajQ)H|O+o32$-=;UR}yU=OZDK`!EcPU>PiMnLb&PNxo zLe(z;6z$x5lt_}p!E$MICQ>XPo;p74H;Hge!^L&OWfAG zzYBBjJ?Bm?L5+u$UqY(9Qaz*}R{mo2-9@zGvBf71x&Ki9Z1gRqSs1VD(SymUPbYs~ zM3J8=kNp^(^;~i)RCR}mOxmA}X+%rMM`dZI7^$QJ0jOAsPJ=0xVDcb@?(94KsZ@gG zwZ?cyA8|R`T4T4O^|ZOL*V9VYG+wc970qnM=*_jXoWGxHCnVl$&Z`@wdI7p0cCrxZ z3w}apZzLj~b|%na^cmxHs2r?`CZ~bd1|4aQyB|@DU8~EQ%r-1_i_fFB*edo)&glT~ z3sp$hnPkapN^}@AwA__KEwMdNdyI7ht*>*vhyMU%J zW)*_bmP-(QbuHAZa_xkx228|U)Lb4EIiFB>$8_4ZyIr@G#Y&JB`eC3S4AYH>FJTwe zZX-jwL~|V4ImJ}DmNfW%Mng9Zxp;Tqr}5{BWW&-3ksgP&A~?l%yJ~>slxOm=`M{g` zK1SXHyqVb0^NjL4qc;Bf@SUZ~MWbB0C>eCQ%pk-66T4StfJdJ}Pu;A1e(aUrqN|5r z`-*ZcHva6ASLclk_y=DB1AhE1O26VLP`84)cZAEGhqm3Ktb%87_d~i0dhZtH?h_=a z>SAy{<{W823d`4kTMczGsYV8Gj96JDtxpenGNpV0s#=owjyC6E;5<+OMU@=5*bB1Y zY~P!Mm&YZ+_r3+-s&l5wD#O2kS!M6T@xHM%XgR=C{pfnI-Il%Rh#QqRjpb9-7lser zsBB>Kuz9B+5<%?Ev$m*#>TSh(bnVq(s(Q~UFCCeNCffcZcx`=Ad9c3yY2~dyiSVB@ z4Q3PJNw8_r)YQ>Be@x?UsS6#KV7KcnS%b&xPBrSGdb@4ywM;p`C!Eo7agrY-nxr;T z(}^0b;H#OlC10@3nwo~hfJ%vUQ6KTuyxsu`$unRJ=)}9>ULr{9qYbW9w7NY+!P?7G ze!m^K!=~fzV6xN9az3-Vlj~QSu56-R$$G-}j;>8;D?PtAlXH869$UCjiWrSqiz^%J zH2R##ux2}-skO?@wu_9X2Nt8PVYOST^-7cL&<&SJ=^AMPDA&BsIHbLMDZ#<^Y|d~b zQ8HB`k+9X)Y#8-XuO>^@jCqo1k%elX>o=iq+g>x6f}*Eya^<=Ffa&s{xE-3yG8LOh zHJNI$l=gQ@Vxi3rvSpJw8mt=oC8`nWR#?tYbv#WCMMK{1>yw9i4`Ai~7sNpBeSV7o z>N5O568si5%RpX*gS-kOidxX~NG5r7G*Xh|r)>U>=)35)IEpR-U-w1?p2x|H zg*~SkFT5B%DGjZ;5{Be?@zk+L9{xQ#^Ga|=CKnU_!@7;HqPr#knEok__PyxP50%@;q+OxiA1a+okFx%gRU6ToBefLM^Lv$R!M{1L z-zx2QSRvSl4ye6KKl>$d%_O?rF>kA#p!=a}O=qhYJA8t4^<2)Jji=2GQL8mHORkDlUpMCL-cYMu=hEu1 zo#agsG46(nRMuXitL6G20OZ|71sHtDMBia1=xn9kPB}FKFl2QLtqM~NH)2{FqplaG zLrF2=%6PSGj>%MLH?Xd>w4HLg8+HcF)>x4WhKyyWQ&XZHR5I;%5}j17Z0TAG<#t#I zhl>_Xv7KmE0Hm%<`3irWM9D>jvZiRgM}`}~(&h7* z?PS>8iW;=>R3dB~Wl5eiqc zoj}h;h6O{o;s0Jwr;q3zUuXnV=)-6 z{3HHwv}x>YqFO&e4vVh!|R7q)G0g@(%u zy719!wyI7>L{GJPX8Mj*(zmS}{%$L5h(6m@t=a&N$vR#wGMt*F2_Z=V$r%HBM!dji z0SJ|Z?oL`mXObG(7e_mLYB#iIf<6Ft)^L1Wb?}k?|NKa&O?Fd2Oy;wu7B932bGMLT z>^Ymwqix3uu4IFz)vb_QS2yIWJ-fXqx`no>Hc+SQK3CXK&_?}nrz;SsK_55iYZcNF zq1rNA1%~xx7>zgL^*e*XvQH0eiPlWi90`(|aKYYirP|eE-I+>o(;=G#gbM|M1#fX)=`R!NqeAV z;p~Qxvk)#Dg&Zd^A#1h}&Sf(-jg9xW>$axRN?D0S$6;ixrCEBrJor(D zap#RI$B+KY_@k>&`pSPIQVYJ(UuVEKntFxVVZaW*7cC(m1+?vQ7&`77-`lqC@A|_~ zeH{#q?Sdgy>lfD?degNkblNU(#HjTA7tI$fyc{hAzC|>71#GZ+=_!Xtox}Ul#uH%Z z3TbFb^4%kk2>td!^!nuf+)+@5{}c<#K7>p0?$V&|fJ?FXkE2WB+lzksC*{lYFmB_K zXn4neD>q0n*-J|wLcjd8au!gv5Stj0$V=Vq*u*{(d4Q{rNa1I`_rNlAxKp(mOUpyBtJpHL{#(n?Lzm2!&t_g524|l7b`bsUbMW@N=R&S<%jZ>>A3y6X z9xtW5PL_eX^C$k$@84B^XG}VW!#m$o&chaG()WL3zw>u|5+cM8-&d+3Nou+Kuk`5t z82=;OA7}qbIU)=B9P;f_9*KTCPjw19YD&2grG^SE0=)Z{;eC^;{~jf!K0lk3diD_2 zY*OmH*`(B)hpP@Eraq;K=AC0zA4g2h`HuQx($CgwQA4`sY}<6T1Qkv2op2@-bQy?H zQPdVPIzv90?t1zTXO0WH3oK=Gmg#CDX9c?)cbDzWoR+Xh#Y(%+fOeERWyo0^Osp%? z4&Zt3r#N3F*QYAQUaiP9feOUapc_p~CqdbX5;-llEM~7W8Lg(unyv$aQ-8;p@;CHt zjyF5Wbk^J|10gRTP9#f-lsE40M2e1rn)K;7PblUultWzE8?Ff9wt*|h+8!fAR2qao zoy(W1ZG+hI1VIw3#Aet)HmQr3Ih(o{)E9%sklxD#Yt|His1w>ohUtb{+C1awXcA?Y zGve^%TUj&F_E|)ozb9sN0U{3w(yTX}iUcy5klH5_VuB1LhumgLiVbU1r zf;q(o*~}bb1Q%quaL*ET3?FL8R9_zTmY*x-jHKRjD1fbj@+%Z%B@SO;^Nm8*=r#Px zIc)W7%1NlhCm|>FYf)(hPHpUDNb7qun}G^!M+I@)LusWKy>KQZkxr75 zNMYrq744Be+R4D;5yhl_G?B<ZPIwP#8d{`XX-PTyzp)6jID%s`V$h9yB| zN<*gzF3oX3v80A*I|c8N6dHI`&{^_q^m0E8y zm%-2}58wZiUpF>|uDuLqgXKqEj<0_o&!Y!em0K-cABmdy6OHGiX7mx&ab4mq9{tTu z@Y89fZumuF@(2u-PnvY18#YXA8UAL&6Z6mq>r~%|D|Ookx1Wx_cd}~t zF^iyhG-^T`m*W7nI1|cBX$f#4zg-@InQGL8gpU7~bk#P2s>n~j0rV*GO@Pxqd^3oL zl&@55p1JhyWit=W0WAuf!IObs=*Q5RR+VdZ+PS1CIV;;oP>o|ZDz8{Bov4LCOaiPY z{{;*)jyZmk$APf~7*J$s*s*cmtW16U8MrsU&IA3)V;4+r!B!(sxR0SnAA@xQ{dyy; zkElx6!@zACpZ&;N&n>o~=}qvFM{k7_@>vb6@eFX61hud@fgcf_V3*E;54nR=$){7_ z0J+Xjf^X-hl6E){pxdEDhBE4bXpyM7B6-@X%ex#dDpP95#7Z{qNQ82NKdA{vjIMmW z<#oB6mPnE48W|@T*Q}9s28z(B*tDiVlUP#^RT~w%yXY^K_4!0Sn2vPZWG+!F6p~eu z^Cx?ZB?cLQzF2a)Ow(1j7?sfb0}#7x)l&{17wwk(Mj{{USS#L)qvtOfKxNotC-gMY zrh$CQ9|u6J)l75)C5Kh0G@|ZymeS`-YRXC_sGdh`_!@$PQIq{%-DDB;;V2sisR#fz zRvpoZ&r9-!xQ!u9WznkfM(fc?A=vbVp)03RF2$PJO4V5kR}A&G-;ofRYPgdQi@8EJ zLA84+y~bwK8wFBR)EVMhlV~${`o*5B+H_iSj33a;OqX+Oy186%q;dpQ^B;k4Y1PSc zsXgG5S=Y`hgJ9)hnHL^6J$iqo>Y1?z|FK*-d~6jEJB@99@Qg=>@16vLpJU-S-{#Ty z8rA=znk(!x+yW^80sxeo(*Q053_e2?9?>%_>QJ=rT zg~pvKDAs;&!&j$tw|onINqV)Md2JJM1pn?#>>)QwxnS#6m!Ekxef9ZU(1o{v0e@2( z!oGzUaN#Lnl5)dGPV+m~2Ak}B^z>@5-G6ec$OT)zZ;f93%1_XGk4n-8#CFY@fapOJ z@Tr-A&;Dy~GMe+&%GsznX!A4aT)$cK7$mqy zL8Dl3>RTN$&v{b3Zjj514s}nR3;DPjkZ87T(QwA(3;`B5E6}z?NbRh%0e7px)cs9h z&-k@E%97nK#f@HAw}XfgsoIWj#TVTUC3Z zrYJVpK@l<+?X;t>agqK#A$<++i3AP{2IMW<7Fs|fzeVfHD}Y)E_1*X3!7uM zNSF)-7^^+%ahv_om{T(+Q9ezOaNyj&Gr;n^RxQb?p9sQdArcC@pisYXd|W4A$feRG zN2M8n(Iy4(NGXO$Wl|bK5HcAxD`?WZmi*{ItKEty9cDb_V0~)JM`~?0+F*%-6i_Vg zb6GgnNQJbn(6rU74Z3}_Pp@a)7Nf;s*BTkCA?P=RK)O9_+;^OxI7|(%)k=qXk`fM6 z`?13mIG`g1t#^h_178zlOhB#zTxd=!@C*-WlMKUtbeNTCv0H6qN2>2s)CQ~>c98E; z8~kQH#~F;AhI1R$mKbM`>AYrF$YwVMDc%)uaU>P<2O~C?40|Fb0~HS%m;*%LrCW;O zHH;+szI~+vj#Tr{N2*D3f@WHzHNYS!3DgT>ibyd61(|0$#i<2Rqv28?9jZ{RmPW@( znjL;uFdp#4c-CRn7=siYwCP+1AH`8l7peEV;(jB`X#7srW#ApAfQPp-0m>H*8RIUq zKmM`fH0`_cG+cTL4)pBBDp}}w+0-}*mtDH- zQ+F&nvJEtj54TkWa_&~HL>CWK&!U$hlRtCj?W<6^4axm`s;X7!&a+g{pf@^@;oo-l zXodsQfTzw@xqzbY@v~KH=Yj~J)cHNON9KZOZnJ8~XA}Q~QyN3g6{>G87OvVewLhqM zXEFHD?h{n+FW$7kHM4&hV8~mB7oDg&92=8nT6D`wl_M_s^=q+^3=3g*Vpm~*$9{!9 zi~Rt5Q2uB6Tk_ZC&&wZ?e^Y*){Cs&y?v@ksmGUE?1!|q^DG9`{s$Y%an`cpdvFGoEUutKeY(G%1yB7NPdDH zTP`EuT!K4SR9-q|hI%D!kRJnh011`G=aTAl5F0jtSK%7Q_mNb-lbl-f4*c+Ej z=!cVwCv(_bnRX8#PJlji&j<=)T^bY)NEu>RskV$Qo)Y$=Jy)w99izYTJABx`Ms+kc zCb>`O%4=0WUVQG;Un=jvYS&eyK<+x#h^FBB;rOiw3pSsc=kv)Lta`QvYxDFhkpN*X zY79h{)Y+3BP9Q7ktlq=KybU7b0?yt}sA($mp-!i4Y1vZ_!Q`*I2!`VJ88(mD?S&IaOd@oEIq7-2hO|+(vDA*Gb!Ke#x`9jM{*?6ZAYBELtw6kTi zI&+n*k?dR5ZbQTqG24tKKBMn5`8?rIMPbiO*r#>*V*OU3>x$@@a!GJh%Q{YgBCD3k zQA{e*_O@-bi^-eq`4Cy>Y@CiP1Y8YoI+jgCt7FeiW^@%IW`@v-v4?Ux!5h+`*$Q7W&|I`h zbsb%TcKNf;swb#VSj_4QLHg{uV0_wJ;QR)2*-$E396=o)uvqd$EEfu824+J%T&{KX ztf!}GdzebvAr?a3J}76T{JGvB3O8K2pD8)g4P(tybrAg|a2t6$AcR-a33Mb@2i3b~ zk=2ws)_lkqD$#{r26+1$k%GzN01?Ix?^ZKW+OBQHq7ljwYIgOlZp!7cv^!C^x?rlaRLF>v{1GZ3I9q~b;nR2Kb8Iu8? z10bkAY$3=8O9aTXgve6iNb0MC$Kw4_R_>DXpy;Ex7bb_|7ggUud%p~6y^DYs`H5Z7 zH+A$ERR8$*nL-QuB7e1-f=)A$BOq7+JQSw|cTU3yga%qo*)&aqgD9dkRtVgc>JQ#K zsF+6s(@nf zG1Wne!B44*<$mH5d51ZxV=ROUbzQ?FgbZxm*7kXv4dx_YAuCRc!CN7%wE^TED|US> zpXoB{P|DqeINGg_n8GZODYx`tQ`T!V=8dT+=j?LTBpC}1+#N%=R?wxh@m7J$^?Dw{ z)2JkT1*hGb3lC~Ohp&@&#QOP8nq^v=RJ0Xhv^}=&s|7Urs>YUJy-i)UprwNqf@uV* zaX}NT=Id>S0dCSps%z5Iehp=C^1d2d=u-V~Bspj_{M|y=&l>$EhnI2Ctb;Cq)fpk6 z*2(Z?vUTuW9XCATXR2S1X5ZU}%O6p_IhuWMf!X)=gAc=}P6F_YfBi6IefmMg5wNn6 z0aNF5S(DA>(;8f+P|MaZW{SEx__3H)a}x ze1g#p{OL-Xh*q0rrq2Z(No$qPs+(Fvr{c^>`cPbmjpZ9qY|aLC?OKB}4@xE4S&Fxf zk*Zpta~#W5(hMZzfKnV}*U}=R zW<^qjoE0LsE;wbSS}k%E3yHU6ij*+SOorfr3y_dhO<5+X5j6sdF4?-^gq4}JKm)ot z33(;R*uXcD1V=%diBD^II?ZWP3`L>mw=UTD87{^1=`_5Z6kwOMAP}iE^qh;@q?$~T zEM%mT?ED3?h0v}U%0gBzS!uPC6gykWZ2XXf-XQp3s$eBq27?DImj?+K%Rnz zC6OfIpgEBj$utQ4r8Qb~%=ChFD+R5VOiF4N8aQ(V&5JxVp#ch#lK2rJ1q4YT5*4Q5 zM9`TOFS0Cr6T`xZP-`J!$-!w(lO*IkK?z91YtUWO3)XMYQaqg!xeOul@MAzB2u?FE z9jsO@XgP|}KzpQ=mc`^hlF5H`&l2@Ra`f(53l5ovUm&uO{v;Tlf*&YmL?R`q0g@?- zNl_qyQH}*!51CAZ7i99k%io7&%dg}w%b$Uc*Y86u`Wy1whHKLvspFL5}7G{3v`Wz6i%5>+?Pcp8N`X8G8o%F|=7ffPDkI z4O(z_W0!$G?+$DL&A0_ zzv0WrU?<6;Ph2L80TfpLSNXg0H|4L%Uz9&3e@y-`|U`33TG=>8;Q^RdXV{hQo(ghY}FUjP8lfNhbEhNQW zl0Pl~k^Fn|`{j4bzb3yy{$=P={sQ#4_vLkY9=h9Oa-ZBL*U5P~DPJpJAwN>SM7~gt z;eW&5!+#5$7cYT9`OzqOb~pYt{08WQ-idz!-;Ve3I-Z9<_!#bkPIw*8<0N#$$5-G- z;!E&_&=CJO>^*=OzmC0xJ&pYcGLQFTcVl0}ZU8ckoxq;I9qVItERQ9jH{OTYpg*3+ zNNg?iGaZR70ZbPr`7d9!*7}WyXU3fua-xp-?s+8`Ty-Iog_a7?!s~WL;O#0 z559)~41XN%!22LAcr!c>PW+y&zdL=F>_9FH$?&(Z|B!{?+**)rm+Gmp)KB00{_xl< z0LVNZuH|=+{O;-%;CDkS>W{`aUFCQbzf!e(q!OTz)g+ikQ%>N&fs^(bpbB{cy8zS6 z{s+X$YWR(FzX_dm(xeGJu@0~q5AL4aJb!u?w*f4nIut*7(t%8?C(Y<9Cj(A%4ww0Z z$t??H7tC(9>1_xaPF_FhLQDITo6+Xglk*X@U2VYtZFAD3Wmb6LVVzQ^I(4=jvq^?u zjBS#=3BT#(rNQC>`91)IZW&Wd75Ad^FH_w;*8Ig8vf*hnswy^C`|uC7+KJCAHA;w#^8k)S5rOVCF+-?n3t(A(WzD zx4dN^CkN;>6TI5|rN3Sf{oph2p%u?V*fwc~&6ofBju$qlzWWHWnqdR}+b4Lu&-~~H z^n~wcH_OZ_i`@xdHpd-vi z!4M8hM3iuEsDV%S6|FLaK7jCd*khGGY-Zj=haj#6Fv-?^%g|;mT*V)9%6~x5-Zg;v z4FYms_6A0P-Kok~Brw zCawEZzxyz}M=Y8|2*Eq3J0BM37eU5-UwZh4Hl&BuW0MQeqhpi%U_h&6cn?d}WtJD<4urE-6Y#pz0Q`wT&?%;E=P|BQPY<;~|Q)V5ZfG$dw!{Bp9 z31_67>{NTsL^wp*t1c!N?pX9jVA+pad$t@oaQ1+MuIY>brKT>fskCZVI_B_NoGp_# zPexsypxG8k0Z7wtG~1a}wd=4(T*1gbtYuP$C+}IJj^IP;In`C8$n*ip-k=ATO2KBz4U5sJ=_TA5Pc>U}5>z!UG)$gQDPnI|Jn7UR<0p83A*{}1O9|elZF?Hs zO2nEk^R66SLo#bY$W>5we?JluaR+I2>w$Bw%N9IAt)!v3Ns4ftQrW`$iB+P=-Px+N4ieQ zHJ#x^1=C$}xWRO5Eh*H-$4ml5x^=kQPD;Q!6-<$Ujb5rw@Cg}YE0df`4!R}pz?1c~ zBKfqtDQHDb3#Y{z6nmj*qU%0Q=Lnj_ur<5eX-u9s3Cn#7&yvE7@?_cDV(5W-Q^t!b9QW1RPBr>)Is=0fAIOS6U_pO_eBbhb zr2rozv7R3u<|QRo+jebUd(QBcOHUh27iYJ^Qts&obYmUYg6sD1^Ya8$tKR(5y=N^? zkl3{_LGJqT{FhcpiPaxoT=$cC0hw{HeB%D8ANls5%m@DVHSqC4*9xn82ugxLuZ))= za&thK=!UQv0!j+Qt1b+8;!fimyTJK5^@bO2!~b#9hm9M|B9c4}ren_SZatp+>gSBT zSAvW5v}rnteec8D-+S}izK;S9uIdHL)|>7;|Lk3nV~tz9rjND%wuR)wPk+>SHwI@> z7-(>Ii1@F!S+-nYoWCBD%zrRV=BJ8xuKA-;1U&RKuJWLY89Dyi`ZMcu*6+g);cq_w6 ze-9DXe?ScRUGy91SAd`CVesKU3PI$Z=m#LZe?9t6h_WUSMmA9iUAPeFni3Fb(GW?x z(6iA~A>Y3lBCT17CI5u{26+*A9{B;pT2DYU`B~&s$OFiIK-_g3#3}DVu0bwGE`f-v zi_{@f$s=hb3gwb-Lnw&5&V-oqIOG@v2*H8V>kkmE{B+d{WCnSqzx2>sdRYAP2jD`DMkJsqOVVg9OXV=9K%DtQh@`&`am?q@PlG1tM<7PK1HB1-FM1t% zCAt8yX5R!YqUT(IW&rOHfN;|T@$^~fDd-76T(%ZniM)*b7QTb$knh2o(N~bqBM-qh zupfT=uPko)z+BoalQ}X|{k;VSUO!W1mu4!JpHRbUE)gCuLoSd7sjhf4+7p9VfvJs~ z-EJ@0YdD1=>x?wz9^-EYhvOzcV$<1Vf837PmEMF@R2mAWH5@CHhgy%8^+1)E$F$su zWayZ8BH~n=(b|<1h|&_7iR1;3z*k^sUo;|x7FfyR3(a3bXSaC}mkq?my)rfo~M0{Dh6nPq`g}5a$Q;~Wn6xV zJXk#q1N42Cbw-1--C}}uzp&Uk8fGjrY5yqvf6?Hcw3UrpFwmF&XSXeHhAhwz9z4c& z{Sl9??;J(hY}}1`1=&{@2FxTI%8he9-WLi5DuKROadI@*!ss-WF0fKu<)F}&D5j%Y zuaXkV1%6l$c;h;z2DH>jPUNedj^H$I-edy||J!V@F9*YxU@S$a<_SoW7$!1qN4FR* zc!a11S$G~BklnJI;dMGxlLEy|w;QdN?Z9STm5M6gji+0bhtE{BQDYDYcyfv1fQ!l{ zSiPnD39QPM2i^>e4Fq84E+=Gd#CN=7r!!P*M*JyHzR)hEiU8WB7y52bV9-ts?TIE) z)iJxw&}lv&@0N-w(d`h(a!%%mdW7~0by#Yedc!Bp!FoX94} z6S-L9iZK?`lwdEACPTGJ-+?D9wZ6Z$9H12t3{^qHBF!fD#KQkYgzqF&iuF&W9 zXQzcecRS8|)TsSv{-$;EaJt|0h4wDYqPgXlInV2ZeLRk=bu90lz zfyMo_?n<6f?84V4MZWF7>Nawu3DN1Xvh>cGtw!S!+sraOp4*K zlwui?0AcuYC!)ISY(pVbB0>ZwN{I;yb|$8j>=>x-l_$<}OM{>srp6Q&fJ)2*VbJR| zGyJw6A=_a_`SMX#J1BEQ%6e%t4Bl{xuLGqApf-`R@v=Pk+G_swmdlrx zJRh{6w?lyQprrzRJ+q$I4-0UfINi3(y7nC1cxsRB%DEjMR5l)nVvJrIYC7**u%(R4 zpPnDCIQC5!JhJ%G)AMVP6`sfP4;yQqnRfIe{^A?rFE;A})yNHWNsQ2gRINO01yqOF z;D#N!pT~Q2%ULb;0x^Q)3a(nco>hy3T87lp7@o|OLS#&~w}cp!1!RJ%&Zj~h@37Dv zgv$0*w%};m^*U%zX=A>x^vnHpgT;qLT~5-eXvE)Q9HQ7-=%u(G!`GX5%OB@;X51Zx zBarYOYTjH#@OdV#Rwg_uF=}&2c_pGL@`gh9EPYtXFnUs+F8LEal@RJP^h3yuIM? z_52~Kn~hZ)nOtnrjFmIaJcc=j&Jvx=@pU>zQ4W2GWwW~bB=xU*_6IRLo^ zH7I4Q=qW;u*aOnpHXtAU9e?IY*Uq<$A6^F0d8rMix6VG<&I|$7_Q+WfegDKXo%*?7 z-Gx7W<#Wb~9owFnlRuKFV88p`uZ+q*aNj^a=6 zHO@~#upT!T2FyNu@+m)|K{9+kZa3Fz)>+Q9K>F%scvwUpf3?^cVF1&2HSm&{e`Y$$ z_|HWc4icx@LI>DEpg@>59y3!`KRDGEFs?iu@>)vTcHW|JhV2CtoO5Jkctb{pdeY8v zn97LVK3gqC*$CO-3aQ?t+$2QBH+0rHRj;@E-e%h6tMa2pXOs;!6Q#~rboQ!wp5y{_ zy@rF!?c@C;&~I*N>Tr}1b0Vl`Xvw_P;<8H6gVlvVpJgdL*r??kgMlwq;v;Q0CoLo< zUZtH3=$(eMO3=~-7nN=b4@&-eZBp=1u4=WI9ZST>ems z9p~k&O2-0nIiC#6VYehY>7ZE3WUG#3JlK(8q9>&)6yO5VRUngoAw8@LeAMIVCHflV zG%$=Myds{>c+zAFCmZS@7ZfC3W>m$lP*lIx9QoB&QKWqd=SamPNpR8=Y=(=bsrDe9 zV9UKqITpz$Vu=O|qS`~hKiBnl4ytb~j|?piMuyX1WcbEW$iKo|e~Seu6rM&6Gy#;G zKL#R&TTIzHbd_1m0h6!Gz)(osZLr!x#@$w%cXhxl+CbJWP4HivwapkuPi(tp_L%+6 zw4Zn}qep!pe)$y-k1nK{5&%cTd81|NYoPMm?9-r|hyi37`;@3){YB3D}8Z}Gt! zyS1w;{`{Ihi&mF&7bX;QFjjS<;l><(} zHmHEL?K*bbC9jx+$7@52y&0Hbn ziDCmbTEog2iRi?YT#mG-#SD`bGEA?pMBEdCFLo+jX&3#A47V4u$bKoa(6TMU@2y$HTQ5@56C&Rs)i!MZ(~W#q8m3Ck;uM%+7^1iM&z z;_hn!uH^PI1vbOVOvFzPLak`U+rXqRvS*GAAGGeBee zi+8Wtw9*twSxP0g_Cmio9{SBw<_t4~6f8>ukB~J1xgN9B1m>6k0>orBV^b7@-&cvr zGR8k{UbD-%|GIhE*m>oAdf#my<4t~hdW$J?Fk_J{uhok*$!VY~M)#crxSZ~du=FdR zyDo;BarH}x=|RVh*|&mxGBgu0m>U1+OYlTf;8?p$vBgXxt={sH*r#$i;j9dJ|bH%-KE9#tY&J#(w^glRgr0j8Y`N{atj>q+CQ6vRW1m?jT@=G95> zZPy#e|1-1-HoD2XXE;o z&E)hrGSI#u18u?+#+?Nk2z=eccCrx}+k?4rAIp3DleRad)Ij|uKGFU0c)rGD+G7EC zMyk$`?C92mfk+S7E6V;(%9C!_Ju!QhK))@!7o)%FsZblZ8RfSFeky zoLX#V2YzwTsp@qg5)PNe23yloHE%J>W!Vm)rn5{gAiF!ga4ekHTai%8moKQba;PQZ z5~j4ZY!^sHXb7z^qB~GSL5kGnMl%3;k$f3vd>kFlyHiqMb52rSQOIV;PN<@B;=z`S zn6$+lGxY0fOX#s}4F{%?q23*rQ|&luAIFD6KF^g|x>Uq!99HUt91sANMT*36sMjU9 zM75vcGP2fi4!pjWD$x!?15^}nkVZ77F1Sfg+L<5~y6ZnIfcf~1Fw!nS7k<_pX?LM} z|5nwks~~rOiFE{+;-<9%d27*{w#KXhz!mR+%=I~dEI!$Kf^{=si{~JN{|case~rEf z3!y)R9RB}DzXk~7&!P`O{`#Y!w6t(HdMm(;_dyE#od7hx2vyN8K#j}jg;2B4p%Iit z&x0(s3$>%CqbH%qK^}V^viVlXWd9y8$1lJb^8-K~e;u;f{|30@2O*#RFMvG06S*1I zMsI+e{uRgqppOSg8>vB7|9oH*NB{zvLEZ{^eGEBkEpjTd6=294Aho~RvbcIJ@-n&* zMc-l~7=B~@Ibg$|u|5Ua`^N$Q{yFQX0jK#fn2GKIg!ucd@3meJ81YL1$Djd9ykV8B zyJ3z>S)*1zAjQwM;*iBZ1JLltTQ>n(9OfWEGyDM%@jpYKhd}W=fM@tBV8%a#ehU3K z%xnLQ-i6)*xbgR(CtQnOf$l*^03DYB8-G5^qcPME--8=q*KdJ=`)XwI?lmAkHicX4 zLNB#gUjkNyUjkJBM*z6^Hh}dX19pUeh1Hz@YrPNP>~~l{V0|CJ4Xy@6&K`iYE5Mmh z1=vO2$^&;o5P93zHv_bNJwPv30l58-0G<9hzz&{4p91*w;{f6R8~_hK zfqo4AFnSM6A`9;a?7{VbbH5b57-$xHfIg7W-GFsZp;5TtT>!$s(d~eD--aHKZUPv_ zQRoWf&j5M<73ilu51{w&Am0F}^cMiw|0z&V`v^e$?*i!ijR3~D7PRNy0r37Ia8}m= z0)GLLMUnvV_W>Zo4Iuxs0SbTOQGoM523coXYrH!(z8@I71r zw=IhL(4FudoDC3+{)fI?lS$ zIuB(SR)G2Z9ttsDK%WC3_>%zi`3m}PP>k^)`T+Q?9|XYD!p*R}bOU+~3=a!{c^W|R zR}HE%&IhIG!4WuIjSIR9sD$m|6QD_Dn{Uy8%0_1R~g zX4|!LEr=q%0_v`|TUVHFG#^`1y~?6 zec>}LyDcy(f7ALflui8uloK^!s@!2c&AJZm^iyzm{{Po%Kz) zIrqZcburwABn);Z!ua+J%Qr2bw%lX6-lD-N;cwHKvzFr!SZ1G@X%&Z+0hIr)%|;)+ zd(#=Fec?4b+?OovIQ@_VsEd~DryXJ^CrkEI53v)YseSV)vz8NH`^K14UD|Q-t2>N8 zeR%Gu~UC%mrh+vm)-#tr-Dj#)4dI_{8zE|`V=cW!*sA!cD_YCiT5b859|-mqo) zEi`hwBe-g6-2AGM*zO1{88^LZ#223u;)ap?#3rWJ6IVIH_~%^{bx+1z#ern%)yBHUQf>BenV)4t)T<omZ%hAr0T!NvL* zAX)c-*B6GF9k&|yerRqp7k%`eE$2W-Kwr}XG0Jj{`J=vP%l1R}kd~{K_Sg^ILs;H9 z-DB83Jhyp=dGJ|>HgQ=lGn?GKNqalnvf?lDJ-BZUX0za#ACeYU>{=Nz@usv{nb zjg>L$YiX@atjI*_Vv81;P_mkoWF`y5e7ckHml(bX8GL^VDu0z;2N)S7-4%3dOrP>3 zeKlt!%+)3nuN=Y3x}7X=5w=QunmJcFp+=$hBT&IbOciQTtr^z!q|yNrg|fQfNcjtX zM^}o3d7=`}grhN{Ita@3j>|Fh=|s9% zid9O5T&6W~1IJy1u68jp!1^g7pb|;eKggDe$v_b7^+sK!oPs_Wms}x1#dXy%iZqP?y+!YQhLFg?HDVlh$6cP=(>uqCE3>@SZ(QkDR+(R9t82Y2lK z5ScpAG`a=6pYKCx_z^^fLg5&c2vZO{oP=xyIQMA~0PX}2M*?T=KLMxxG}JkNW9rC# zbn41|2;8{4m!mul;yg3TGvnRBG~%Tp+T8&`)50m%^$;svib~VyX^qt~l@wlzoSs>Z zmJS9>2SX(@P>KOcn+9oV0zC%`YEK57_Ih*;6F$#r@VS--DHOH5!?JfJgmIR4Ot+V=uv!pMSO&x8=2MVahNoAWPeE%Lp1#X` z3WCe<^lI}dK;bRxhw4fzf+)kO`MT-$T61R~(JiaGJ@e_xF7kkdH1=FFN41d0EbGgX zc}S^jZi^+eMG<+{vcB+k)3Cc>ZZF(znlA*WYs>i;n1=lM=2py`+ni|b%%LY(wqym< zkja``K4Wgvyty-t=HMMq+A~LOf;#mz{-C+bA27G4`q6h;wiul~b8j-&@bZh-?wK1d zg77N8JqzY1zW5Szt6yYp#}jj_jm+(-m9PjfLI)UYC!y!%`vI z2be$WnUr+5D^#Ql&Xg-!>guJ&2q@8mWWg27MHd>FLraEI-EqK^YW5`|$(4G;bgC>v zed^d#mtx_`uvbqPvaztQz}E2$*YP&hh!zu*Bvr{f+cH@nNBzKk&bQlag>z?{NtuZI zM@l@?A1UrJ*9a#^Ab$zO^0MA$(@H>0S31oRmSlCln9F;7X||{3-NWjzFw{CB7slYN zV6HM$Bhje0&kyCkTq=F&3mln3P0Q_$1~oS0}80SQym;-sq^*Dr-Y{ z!@^;c-UIi-q-WMH{Pu`{_xA=-9QsqwFO}(9zK+tT0KpL6{QFoW}RG_ zVqAKt7wdB_2h<_^@)+k4Izum3W+qrebb7=lUK=cM?#g7`t@+awTVs`6HyY9^fjHp~ zGNRxgK}sU&oB)qsA>WsTDu7sOV!HFq@!DK4!C+@q^XoPa_1ZsRm>`WAYM|0TwBV9xh&`@jD7gZn|IJ-{Yyk`IRPc)wRcSsPTRWPk` zH~5(ciuW2js*oVWfB4l&c;>~YjN`up4Qw@Nu%Ulh{W$mKpEL5G0h3{xj{3tFAD+J; zc9-#lX?k-VOy@i|@n{7S zy092^)houm55Z!T`Cf~WPs3u=8viT%f4w|E0wcsOWBm$TF;~_jMCicHKd$h~6hnm6dCZl@?v}@%Nyg*HU4nxnb4|)y%rEg(%^3rBa@8TF6Jd<3zlZ=``}ehRWA{ ztk@Nb!J^&OBGL{J7!a{0l}@#4UP>W*R4o#g9IfVPX!okk2u)G0v|Xrqn!W5e4os?? z67o9vrndkb5eba&CiFP#ytGAs(D4!X(qmh_e z>65zP)@95W?-lcq0+vRRIvEt=WtT_ANv%y`A>qgyW>snuPk?Fv-=s_9|RbtIRGvG=|K|?_U1)qN>3tc71`^`r&x-R6s$w_RVI`l=-CM| z8Mjhnd$b*BxTr9u#V2WpG|p-%HN$XrD6ARp!QbKGD*KHQ}T}LLL`MHWSI-av{uMR+lgR1*bQXtzSLOhxV&yy z6~a7tCyCWVxGr`}G@sN-KGqZSp=67td=0I|`lZlV0ZMNScbEB6x~tX{9JmWbhb-yA zdOlGA@{<6=gA^+@Vap<$Oax-NbQp7V8;q-06@Ya)7zZ>cC6kFF3)G2|5h$KE145ki zQxa9S=W@Z6JrW4%bRt;GDh{D%Z>F14f81{0_xsz<+;_|VGxt6I{!{k7`@WU? zZn)#rP3GxVBhOio=U$ZwL!EG%uOY?_7+{l&{|@z4he(9oW8~fnSmvf{jR}%EGTZ%q zQ9*yD>#0m5*vaI2EeMk$SOHgpH7}zyYD9+hgk1hS$pqw@VDC%8DBDihi{)OPDm&SZ z9*wtZ&b;Ue`Fidy6Y5iKzJ+ziUa^wv_wn;U2e6_nIDD)Q1?zP_+2yLWY!yYZ*OMyg9zUQemNGgyHb|V0*tA)d^ zRG&}wNuQ#O`t6MD9{Q{0NqUs2hf0!vlEULjsfFc2p~Je~1K)l_ zCwGL5^Y+ds04sRJP4vA1ZerNpY_L^XXT1_91&4e$tj8UbcG1fx-5Dt1?Pw&CANU;U z?l9m<0QGa)f!C^qgcSEswN$PuM8iU+no2yn4EvXiU z1z$+lv-VWJsN2i+SPo)cTyMro3qCLFbaN4=64H5hmo9+gS0f{%dZn&*xJe_2H|c)3 zD3rrc;p^{>D8^9;n2ZCyv}}jpa@*YuwCg^pTTgh}RF`q3+|FUHDeywL!+@F}WHstJ zJ0J9Cn~p)oUk$|lgr0I2i_MZ)pD1CdZ!T6@#o_hI{;@{od^*lZd2ZsD*in$r5u^qe zlpmC#tR4e7SMQ)tVNx`ft*MS8T@!>nr`PjPS)8^Lacwe5mdc%BrJwK}>LxaxI51_+ zn0;Z+!dL);bun=IJp$~XYXO)hLy_H$7G~ekj#JM_L+TV*FA>^On_V;aTG5~-y)1G& z4z#pR!blWmHyZD_U>18-OKW-GyLQi>WxRO7>=}Py-@)Tn8oMr>rT;<$IQR_XlNZh& z``7lZ**&}EX#Ajn*Ycab?!+sM^zPYHj&>c^3eKMT3+5Mg&!&%d9@ZMp$@~TLorPJ? z_QP6Vv~5@^wzr*o;x>@$k}Aqz+a*hb&sK|dD-1pxtw!m5xO5OqI^?^&=KR_BoJK&j iL4hoooscM?PI3XwZn09T0+W(Nmfa;67#uQ#?h~E4*7skhSOsgPrrj&>Bs10ye1$Rb}lFd7#byErLAFB%_tureo7w$OscM#<2NnU^Unq;LUX&lXV)2xLb7ACr$IOlP8MyIRq>L;(V;f?C;yOgbQ@j!JY$Kw8!YZVQ zKIi?}Ns-c&*+?E`Y-7q;gk;b#VZ;9Mk;SKpBd^SQFOry86}c1(ckE9*Oe}<+y1OqG zj#u|hgX8&qG#uNP!(o{Z4n^f~(3s&cnMay5o^K}DcLeO$>^nQgF8i9?k+^LCkVAw^ zFh|~zq)OO#1?*w=-BEBdBkwBaDA;`h_Ivgd_Dy!*D0pd+eXLQzJ}+S3g75eP`}`<) z>3F{a2_rAZX;^lXfc=I&z`n%pX76G*jlAJyGO{VYm1Q>z*tbw@&JnZs2;k{Yu@AAIv-hyCoeUp3 ziH+PduRKr4egU^2$uU`_9Euke1@eE&&yYPJQ%moZo+i0YGFg0?m=T>XB7`f*AIMhX z5aB`Zp(?@4f+Dy%`iH-}U&u+-TV$(pUe8#G=l2U&N#}?BpPsSs$}D{MGeRqNv;qRR zaO!JW=PkJuA6X%>;&*tE@Xl6Bd?A^QAO4QCVpkhaCNGek!+2?0j2n#oq-1;f%}G&dTfeC*k?+fH3Zip3^2>aNCu5`z3(j z&;r7=msTXFKC=HeyuDHckLE#wyRX?R_^xX|KF|XUx^w_a7GI%Gzu}GdvGZa8ea3?p zJ=;CgaklvxoTvxN5+d#+*$ejtF?})rXgwfIS+Y3)w4w{2iG0vl%BD|y z2XFro-pTPQ$w?(YmQGX5mOX~Y{tTdZcu;zH=PQ}vtM_0h0i;~70ci2LpQ)=3k9{9s z@fx{GI&u4vrWt!b--HuihpRD-tBNN6y7Fp#Gk+!i^opSD_M60b{u^*L?umZOku~B{a?HKz!9;pz)|oM`wDTtv{(2n`=)rmLc=QLmx%Td z?~4vm0{H=IA1M{i7RMor^hU+ql0T?ago$x6 z`~haCw2WBK)X`T6zC{NmOW4|TCFh8y2}@;LSgq)Cs+_r0>=k}TzD6x4&z5~I_mMS{ z*Xca@BKmRpc!eBI73GKm>{i8@%mi60;i10}Uo5;q*dus`RLOEBcS&UEQQ2eSg^D+% z-_tXA{_#1aBo&`2kt%V-Cr-u8g~C+)!ui6P*q<*F(=j66q}LJr^$hKZ{aOIbM4qocI0$=cV|%{i0O-=mC)uf1M9!4IjWEnLk^` zKO{peO^sA&X5kw=VkM407eE_%4F5W~IUDe z$3F2~>;!W7+x_sO$^2ve_rcw7@bCD54_+tz*&W&NjP^cFjo5^&~Gf@9|B#qF+EWT-|I*IGo;q@5=gM1ngxQN*<0CC zNe?v^eM~#WFUj`OwCFXoh}01W*t?`j%yz*+YNt>o*d(7MP9@jL+N2$fOg4?aPrQ=y zlJBzBiiaipgm20B5bH%sRwP`DHpp9~Pcusi6JY}FJx3%Y1&G7T-V%?;&%G(G!0E}N z#aQw-T<%^jF=MG(9ETUo6lGw^8qs+Cyb{h7>xJWS;9@{t9}kyzbV46o>HTv-Ws|FHsitGYxOhoAk9tiZd&aJdWt)9FFsV!VWa zv%uT%yanw%ZT^nkmxzIpN>K$~W{1neJ%D!>FbFRq1kUwFXOxAsr5n|UjHee-BBr; zfLk3RTjW+{2ClqBJU)_^mVuY>T^s0>7-jHzKZ?EA75QSTXc=68h?l9Ld8%5RLB*_v zPXwS~KN&?47DhffeKN&sPJ;bZz<$SmItpS@f8#YzGDGuU&6ctGteG{jDmIl(Vkfa3n4%7l}cNz7PA#vuA< z`UriHK0v=kzeGPx@1b|n+v(fr>*+1@26`RcNB7WebOY_AtLZX2pElDbT1BVQN%SOo zEG?rE^)q#ZI!GO$-lATjo~HItJE`r|ZPfMD7HR{vj_RX&s5YvBa#Gb)8I@0&DHEll zQd6iTY7#Y;k}3XBe6RRiaX|5gVxQu1#ZJXm#Z8JU6&n=iDOL{YKrZ1TqW>R{iO)p+ zZ#^WQO@{f7UQb;vV1EN^>M$5KAF=O&{q-{Y9QyCrUdjoqFyP3U|y?{N3 zUBz~@LAIIovCG&Rwt}^?d2A-TkkzvsJC{vir?Uy{IF@3?tbqB2`HuOD`HcC1d53wO zd69XB`6u%T^8j-Xb0>2%a~%`Dg1L;jm^q(W!>nLBnO3He@i1pGRZKZk#N;p;%mPNs zq%m`tWM(Qekr~6t86ka?{)zsE{(}C5-cP?xze+z(KSe)AKSbY8Z=-Lg|3P0vUrukN zFQU(-SJS<8i1yR51%q=Zy912QTR;x4WH+&wfFz#Hu4KDF7MoZvTMN=?V~g2bkjK+m9h(jk zIg_2n#)C{MSP}CFNaeT8m&~Uim;Yj3V_pEse4Kfh=?B@ogSm;h7Nj%6gx53Yfq*V& zI+y^6sGC{JRDzHeG8Serh^dBAGP9W^W(qTbVL?(!`gi(Akk!xWkLmY8T3?~}(NBWB z?xOFbw}QmpNMB83kl73AwR9Myww-RF>p*Uo&~~~6BsYs*L>oYM=h3t186drJi8M`1 zp#OfRzM(#+KBC^GUZ-Aw9^6AcNbR8Rq;47_e~HF>$^N;UC9k9Yh5802bsHq-3Su5hV2D;Yh+y@ZRKnM$l3x{4U(43P6j!Xvjj-l zH_RcBvA3C*LBbwm9t8Qiown2r^VdmxBal(hER-=F-U^JmY9N zO;EqUs~@61px&llrk^ag>}AD1K0Uq4+@Yrs8?UKNSxuwkd8_T&38kIA5`9NZ)Y@>xurUJH;On{jU4P z*C07R_aXL20sG?+tik0MEGo{5{J4Y>u|EmepGLu`jr>$gqcNkjHf{8X{v(YcAvYfV zAYg;cPs~{$fwQS|6t5}LP|Yj|A?W9Qom8 zJ4%b5`Cge7S$uCgxEBKVS|Xl?>=XPR`pEkGXQBB!cHCc#;%Se7j`>L%{GPsX6D0Au z;55-hohGL>P8;STx&N|sbQ-?ubu@Y7rXZTdJ0c?IZ>m5kk#{$pk7h=%mv62>$&nW~ z-;I)@*ByP+BGq_Yh#c)pj+A0qH6O$W%OXxffT*0iC>?TvY8DiBMGY;9s9$xT5tCF+vd+Ega*TNE#eUkW_8M|qyo z5EpgyB!Ks(o!5;eBfUV1_^fh^xx$i|Z_SR}dv7Y57iIL@drRoK11%Ni%pyx{kNz zEB1#`aBPvUmdF1`2JF8-4}^rSbj8gA_A{8 z4}q<9KGV$DV2wGKnMnT%s%a0Xq8|DzFqY=g3eYXjQuk6692|%@-8+ zDsCRyAI3Hk8*e0^>i1toZX`F~O7aZcB4A%(`$0Y5$gER*$$U%A0NwZ|a|3lQO@T7r z$m*#o>N(cJv?yL=9;U9QBw#X5roLcP>BpFPOgw0Y-{@MH`R9Xm(aYLdx8gp#f+R+_lc`vGGigYOCpF09ZT5z|wLx!dptj5Fst*L3=Ha$~kQ4Cg+sTw2 zRab2y@t3!dahtCrh2tc=gXw$FhwlK(Pw;l^P~yj&Ya2?b$o3m6#`4~!d%&~w19+nz z1fSGN9c&v)>Bv2|*ru?PPH=^>VYVLZk1Vh|CJlcEmry`PCf)JH6n64)w;2D;IIyBu zgZ(~vq>GG8C?q43w|@TbO5j8PwzB#6@BH@#``^Fwl-!1d&IBS~K+Yz15&3K`vk43^ z8Fel-NpZCzUVexCEZHZrOC?(*i^V^PZx-i@z7cK`jwi1|5y98uc-t9*0+_U7e~bBR zaeV3o)CH5Xx4Wa=8?0>)1shs%*n;#ZpPzp4vles)E}f6gK)KQDZMonG`EEYSMmfi> zC*x^KMB@%6(*3!nWO4JKp5%_N!UYv&HIGlz`P*(p7X-I|enPboll!;f2 zK~>-?d2I|j9dC<6Q&2|qnFr#~3_NBmTrbA+$D$&1MihMUShNr=>VI}DdLKomeUXe7 zMl!xAL#IbJe$kE=@F21!nOt8;}9ck|HaOwwKl;E=soOWv7_e27>={OX-wS_M1q? zekg#k{{{Qu@Bz%*fnWmWL_Yi@S;l?@Mj|ZjMpG`i_#+Y}$=LUKVu#rGMHD-aH*6S|eaHnf0(TKAl>pcwb?VUn2WlmLt7JnkeZJzbKw7 zS`(wfB{U)Y(K2yd*zH!iG%llFY0~L@O07quQaW8awNmHgbOw)3rS`Z~u8tmmvol!d zo#zgEouNR`6$n*VY7KeW#TKqaZ@1?bRpeKcYYmQKE~hHHCa1<^HLLS7i?WI;j5!v2 zw%+2fX*GsoM}fndlc%Y$R~M-{l}@Qrg_SCOqRO;DrC*>jrWw^bgF!W}L(n&q9V4)- z1bwtrAO!=C$?gF0V?fb{W*i z+46h40>Qdq05~gAXG2fv%WCZTRko^XOL-Y*)#g=|W$R4k#_XIdTV+|6%24glmZ>Ys zbF4YmDuX7goa0LE`PG^Bn!*@kVbw6sv>a#PJ1~WY4%7_oK$FQ}f`2NdMy)m}wMMm5 zX;P`YN`qHtbQ;_)qYn^ zHKu$^b%|M1Qf4)mnjKb0O^vD~Gq*ZVTcoMd=jEKN2MzEwbv&OdC{|#fAxM|1;4AZ= z*`rZAjqqWWdZX5()VkDOkW8&wX)w5*2B%B!a_XIfT())K$K2w%;UOYqFmNV~k?(<7 z3h05PK2fSn0Hk@^K9!T>Tn4?8Gq_Yrt&EnRpoho~# zNvrn<)ES|Ar@yH^%^heN*#+7(&ZIIKqq3eX2S%q1WmIi6>0Blc2$e?7@v^RhGmv$Y zN8{3Y^*)!u#0?BZp37QbQ>*W?ln1MOe7eq-v$Dn;iqjgEI<>*6)WY`we!Om_ zk8^Qqy-uz6xm++kc)Y=Zo^zU1Ra!@NZeey$udO+~x}7tY`Ab4+w!FHa&)aNHFYh*W znRSLHRhPjTsy5f@ii3szfa>Hdg$HH{O`48V8`WI&6H5m^G0YONPweuT+&-1Zpfvhi z8l~3h^eUYoI!cXO$N5w~&a39s9sW*lu)){h^$ajtQ`n#hxVS1?s5H-5Q<)w#l;t*e zc=A=P`aoAfzR9C%ZLo(ur6!lg-QzL3e3>P!9S#0~?&O>fGOFfuYL!09sARY-ntX0I z=hd2&ZjB12GmjQzk)MIxoYvs;y0r$K!4-7+J%JY9k^n}-yf7A+>U-Pkn{+v5e@B+C z)RL+3wN{tpS2gM%8I1mByeq@r=$E z1EZ#)(}vEZGpS9SE37n`T>OYMfLMAx(64T_$Ent9OnRrs7xcE*^Nh}O`U9bQZ!kJ_ z*bDR)du5HjB!^RH*-XWm1-c?G3&c-jEiz>5vMY?5>|C>2SEf=`W*hRXYQ3e>Y_3$B zN;JiGm={kNHsPp_0A4vGXH@gNri*~r8GWL~g9BXab9sC^wMPjo!Pi%7d`gqXim@wRp9wblA8ETU2J@p(s`rdM%#U356l69QY4`b3Kc*)qT|cB(ivd}|GSYqwUf zGP3 z?(ERlx0YAYCcjPBSy#XF zl@FAG$K yk5|z29LKhyrpc+Pw5V&! zbBise>cXmUl_R$*r?SXaRZ(Th%*?jhGqWukTduZ51&S=D^M`0Gb()4Vnz-m-RujPF zv_4Vpv3`^KoKC09qjD>~UYKmOJbxx12L_54pgx~UZ}Mq84edOS$A+@5%2L!=-lnnT zHKy5|x~zsAW0T&HR@CIScNeCGD)Kxgqd`>=vbU!Pxr*`@du4Bi!0{>}JUqBpZ2Xn#5M_-A;7GWQa{;sh&CQ9YcY`K$}a^a!2 z92+I`cMUHlO6AmM(V$f{X;iZaubYmRXZ+nM5@*jq=8V5GGEX%y@!lCIV^BW6iAujJs+r{0cs@qcSUab zN`6KY^NDIhf_cNg{J^?;0X}>s65$UtFp2#S?hxVw29&}uWdb&p*~0E*4zO*Izqc@B zXnc|P@j>v0z)LGgN%-%I7WjxjM$uoDs^LNv9$a^d1_=FKff5eT87fPoi&A*>WgIy` z=-bwN;I)JB zUIBA6T?EMt+49x0pJmG=IpP<@i$zz9B*GA>CC&wuhXfUZ!VTuQvDprB{EP|69j=tb zFP?z<4EXsC=rl;;`hEkr2&?+78&NXC)!irqRpQkiG#=mGjn+a!-LdnrnC(FfuIoWf zw0&q8250o3g#I6U&@_Z9c=Q?g$6jz}=6WHYX~}X_jBGqK5ns3*psz1SbMYb%%7oM~ zfL@8pqK%uqkQf7ZECJ_el*D6R1f9}9(T5HpJk^dCBP-u99=F=jDpWjpuE2}~Ek%X> z%?@-K!oOrA6Dq)33+g-Wf2~J({n{MlLx0Hy`1k>3hrI2fP@u`{A7W^$)eAWF0v-6)IF8d8_(6l%HwEmQCwo4)Fc+(5 zlXlr(d2Wo~COpj`B1&{;eI!{ufZfNcJBY-n`Q{Bw!z5FK0s|-oe;U z;?O1NB8Kk@lKpx>m5soQIfu(*67Vf#rOVjE135sW;M#cH2{K;S9Rw%wN#jiLu`=+x z*P=Nx_6^?l`i^~L6lx3b8#kh~|49FYgoWeL4FaM7Iw+qdnKjfGR5Jt$U2?DNciASH zT(U~Sh%Xn<5$z$*0mSbFMGL%=c#Q^~KP9@jZ1o0P8rs_%0{*^P^?3S0l#0`SL6eam z=l_D7xaBjHhg$gaWPIsoXdJ%#Cs?UT4x$>=%tPnl^#_q2>o=nK!FlWPgGh&(`hPx% zBn0k%70pA9c=u~)3O@QOvZ99AdHrk1f$I75c2pMwSzm{E`P7HdY~<^Qu(=1}TOURm zBc)fk<4|MQ3o7YF?F6Cvne4Rj{*^W?GUgEmnKGbEQhKQTEJsP#BQ-sA;| z$s@4UT+|PB4148}saBJZl9jhE131g~7aXMY{u0R#4NOu59#2_cDO11bwL zm0+xS3`(unt5KSqeAooUOQi*u zs8OXO$#fLG0SORg0`I*>rBx}7E|(re5h7|XwbQ9oo17+ByvnIEYScO*8Pgd@_^)(i z)EtuveB^61UdBezeq@h~c(0ghsfdlM@4rQ3qPYCltI=eoVw#YYA(GG9j*5%$f3Cbh z(S6OY+D75#n4%*IP;{U3a}SL2QE;vJa|to|6sjpC)J;G|0=67-3=`=HwNLSYqE!A4 zMCN~zo+qUx=ZZfOr35{}-0Of8oF?DkmF$Jv}f|ij*q)Gdj&f_RpKOb;b4#DZ1Pozt<9g=t*P`MK> z(25w#>*o^;uFOF*`%hC62EzTxHz3KO1guR_(e$wUzARyq8`4XV5YxK5}%ZW z*3OP<=;QYtKkM#?el13GJgt)WdGH)r^f{dk?G3Jm=7vyDt>4+=J$~60<*|1hkt$gc zh|DcVAsSEGf@aX9!D%nSu?IV zdh^+VC}VuQA?U3G)8Y785VOCcBl5niCP{pq2KB)k{S1n@@F!T_w8hMbO+O*KMBXTg z&(a`##KdHNE~FJ;Vs3*(-l>pc-@@qV*XT=V6{K6AN6l6Y*XUqM z&cILa5XYrJl*Fg=dA*HYDw7+xBoi4a294UKGeTI`sa3;j&Z`C8 z<29<4PM^;S>IX~}qXEB^Ow3L(a6X;erE@CvZm?;z8k0_Gg2w}4Ew8O0VDD7psWXYW zDMkpBYXMgYaT}nihfEHm6F!3;7JF)w+hg!)-MDckbcD~PcdArAr_$?k0iPO;NomsS zol1jCt2e0h@FBDYylo~i-{SP?4SEl}k-=buxQkZ{PvrcW)3Eqx81GblDti%+Zh3QXL$!DM&>eAV~B&Vg&#%i!idwi9*?xY$Yvwqy+-k6eO}#90R7u~hc@ zsEGyf6F#Cc)L*{$SUiQj6E-89kTA)+8xxKHB=Pm96P{G|ien@Wz>7Z%eC&a(t9L*y z{{4_<^a;Oj8V2!A?6t$WNHji7;wu&tzReF2!ntwmr97R#u%~1sogE~;G?(Z|Wno*& z)zPoPJMo`^sM4*lru!H==X3To_MhON{}nb@JaQ7pg>e^&FE1ooQrQ)}N&g*m$0x9G zcoX6P&#;ff``ib+T5e&lgHN-Oy^vkOo;{L_Ye~GKgjko#whLeb!ng49ud&ZV4(WBU ziK895<`MX|Pk=>vIam{y0{nBqdddK@>Vzj=@BNxd$(mctJl8A&7Ef@YFTqjH-FBB{n+#@)H zCwJ@*U%ZV-W49bnrnXciCgYavL=xHz3E&g^Z`w}mMWa|vjaL#zv?;2@^S6L`^x~BS zhv!}n7QPMn1{;?uVfezc+g_AQVHk84(db#rMH|JoHq zJ-P%-R}yEUi?MelQGnL>Z(B*^BXkk&YawRg8DS!fE{vV`hGXW|82m^JF$Q;R0b}mg zW+D?^5NjXPLbRfF{P|_*yr}impXMiCMp#t^Hp;otCxWpj$JbO5SE02r>kG~&@iyET zyrP;|iq08?Qut^!k@~lk`6(U7r)u1M4j~fpOX>GUku3{;?>u7cl))vLG0gx8Un+e} z*#3f}?NoA$f4zi|i`ZYlVjt!4PW(%RP@KYAKh?|q=eD;@p%g9wOb;vA*|3*z8AHSN zss`$J>T)VeFo%27rFN;4SK1W(;!uFhf;t(c7@ST<(k$6ZK;rqGgz6;EJO6HC9{%!9 zV$Mn0j@>818FvxplOVv&bMS+A5tBx1qwXdW#;QlWG7$0(*IK$m?w3ohz|yvG(L>D3D?w6o4up5)3@Pv+rc$xS>>m zAM7Uzr?7hjplNu`$tO2_6RkM%1*nYI*=J979|*uWyk{4YJ%zVE_*-^?1rqahy#<>9 z_JJ+2=VUj+CV-gfvU@j?GlkvBFM?xx4|hWnMQktPPM-gh-Hb0?NK$y$<3zy}1|sF) zbYcI&u7!|yF6_#X!G5}DVUOne;dgQgj}TEO44-LqqOelaNi!NctZOK@gh&%e4_Je#NGTvN-qtkr>hS;eehsi$2Tp;tDXXf$+eN|W=`tg{S@&pgs#En zX9*>K>KURNUB#cDjjrVXi^uOgOQc}sHo(6k258>!lr@)&2Y?jYu4VmmPp;TT}@b}-&bwiAnonyQJhp;{||rN+Zd zEi9S3V4ItYWth*Ir(hfM2^*nfqx4b&*S<`Q897QPQpqA1rl%UGGR2>w(DFY;k;woh z{3lP6{wW!$WH`!*5gR8SjxsnR!^aGsF``j%22q5=QAUhA37I5qTWZvfTwQUQA-AGPugT1T0p;J9pSku|&AAs?YLVc&@Xd^{>W@t3V=FdTLb z*VO}|nB{Z7k`&1P3MG;R)=x$0FQpE2A*q~HY!@(>(9;zsrnkOI_D9YVm!lI_ zQ+fmJWpH&gG<%f13%h?hO*+t^h0TkK9(F;P`qwh#GL(AED&yfgom$HszmtDOl08?z zo_q2**wZB5`XS`BT^LXH%KmEVz!Y+vl=oHeR_jUq6F5}A0p=ofM?p-2BhM!|9>pMI3ir5*sjyFfQ)lYJ@#TNR`sRf1QVHv9>69OX&{^Wlz5YkoQ?YN!!|N&){?&Y;&^2| z5spR$8d{unUf2p52=f0oc%s*W`*Fxfo(}Q*ZANkyx(~l@B+WQzB9qX)_%ah&j&}5a zY9c2Q`1C~5fbJR8C1SiGk*q`82LV$2ULq;SGm}Us+BOIk;;Vlnrr>~&JRN^< z82kzAd}JJc-A67#599516D&u!4n8YpbUgYy(f8+;NLE!aiLPY>ePaY<(WR@z%@pzK}uWyqL+flIKKMM@Mb)f*RXs@N>*smyUm(lzbq|o8 zLX~BztAFxNvJyq>(M7pv-bv;%YZeQ6LNfj_wIcldgXColRAWoriw8;VUJM1Y?%oBY z8t)~aqB?a84-K|CzY=BiuhNn6NN9fl(6s(7_mc@I%vY{EhN5zrU{8ftr`DU`GfDfz z(D#4vh3tN5g2T79a5!v(!{@nh_?WM2_nrz4Z_I+jOOxR6VpRUti=i0Qudoc>!Dhi0 zfYasUWF@jV=^N6!q-TRi@@$DkqLa*$Opu7g--X2=z!ua;#CM9X5T6e&-h=GB(jIA( zv|5@aO_eGn2PKcgPV04&9!ZmAsiaVHx@4YYibNs)ReVtVhIp@dhxmH&CE}G(k0yb+LbaLGpgh#W@=N7Fbz z$=;DYDcdT$Ox7v0%W`B3WbDSVC!CikH1PnGp*q|PApem)$OCOW&kp4q@ zxpWX07RWG zSQ~?!GXUYz1!u<~Yhn|37bk*4P0x}S4OW_M6c(m)avx* zQ9$ni0+-$sz3z@(tBmPg(d$l}+9)zkik`O(w5iftqt}5{vJ&ra6ivqGH;VR&qcAUK z{o<6^xf5#!&zIsoez86VufjjVxh#rrON7x^77$Oy1p)DOTojhifIdiv-q9G+4P1KO ziI=$wa>}vR9Q;8G6w|x1MVvHd2-wW;)xc&ylw}*^7qOTNi^k!LTg0?5Q`jdtNrOzZ zc(Je#4R5gqMEBsuEusVcM;4Oz5#e+dm#&bIaVXuCE|0P*i#}DCu1`0lOQYSxpG%@R zy7buVilR8GbalEWT^Q>^I47exs&vT4U}fpN-LRgz?O0goOK@i$fOyPnAdOFh)97J{ ziEL-Xcd!r>f_O>{tWx@%L|2`meh z*GT4f=0~W#_Br!0^FHj_d4<`>JPAJ2UCe#VR;a*sBXc!_p$6N9%v#up(ZjSu=(rB* zuq|QiObJwC%VHKW21XTzDjlLakNuOHmFsw*dYGe3S#MujdSs zuZ7bXgIgN`KcEE$$(?{Y2A_Er^oF{KJcKVkLe7D_`lAa00Orgw)}EWiKXwrh)C>}A z-3bLLMfkzRq8!2^#Obqzr}Ms|gE(!TIESx0`B{vAzRSa^*qj9p@!ufu`vQ1kyetQ$ zg%V&^cn_-GZKFG&o?9{0^D#h0pCoz$ErIfNpF`=o7pOh3lHtAY`ymYfYIKI%9-ZUv zfa&cf2*zK`o)6WuIw7>v3b`zN3BTNE5kE7OGdew50C8LxD$=cCJkd&sP)&dp|49|Z zV?_{;l|bYRAQm&ZU^|@7=$LePc$n2^RHJWQBwz2*E{y^&(OL|3|Mb5L_6& zx*&RWzF=MS>ip={xq|beSLa5r&JnDQUY!%YS|d0+dbOsXHj@X5Fy!_{*M0(7tPX5F zKb8^HmaK)Ga)9kl1y=ac zhfC%PCHUq!!b|a4bA)+Vp9+VwX9@EViJfPO%=pU`X#aFByoh72a0C9X0*cX=&Jt?z zcPW7BNfGAuKRZi!HR8w9r?@mI&g0KM!H+@*3={}Wh~-Rv0ofPtfo=UFjEl!0N_8*f zU)&7i;&LeKbpe#NTmeeo&(=X<&}t~vSP12!7C~9ibOt*$o9jw}a7qBXbqA395mf$E*fLA7q-K7HD`W;{ZLM2V-FYl(L);N`5-b z@MEBmB>{u^JNio~1NuH#(=S2c#>b%u=zU;U-$GvpWmh*s3CnXpxp%@)sD}cUHK5vy zXbY78G|(I<_GB0kZ9)BE4M-&&J|#nltRVQ zL|O{A$LnBm+)Q0eby8YhwNLs&6|>2S1R&aejK%GeFFhrtcYWAM|4!Sy{c_^e@YT~`zyp8_lmeXvU1 z5o?%F|~EPSE> z#o*%z9$ChZW*(V;yH(?1Q^%wjEH=WUP~HOK7^n`$duB&u6TsYkA9#UpV{e2EI}Ee; zg%J7=Ly_!uwgu*IC%c55ZD&isd5{HDxB-G#^VnJ7F7WZx#~68=cgp;4S4bAZ+VKbA;xnj^{Psvb9w++WZY1X+H%lL1 zybe!`?1wDNyCAXfM#!|>0_NQ%pvcz36ulfwyf&zET?bj0OW7)zu&vM=*|3IP0EQk1 z{c##7wW(06c^ve}LnEL51A*xPc`pgVfd3gF&2IWKKAZY;P@u0s4d~6#<^O=61>v(i zTVa*F7%CfALH{y9R|~7+pP=sZ2T=3*DOd^L4XSZ7b0Pf|)Gy8gZTBKrefL12=F7mt z6o9p`4hlR^Viff6Be__K`Y&rEn+cBBL*of3RDBb>2o~CHP-3&4x?lc>yc4`he(5Wc zqY|ljvp7Zgrcgun5;yHgO6VZ)zD?i>eCl|<+SMz_G5E(#;8Tt!s=+0TUt9s+=nFQJ z4d}_3-#Cgi6_e+oCr-F?HQF1CGY{U@pTClnBlOQG+P_voK1#xMsuLq~eRp3wQ2k)H+tfzS}>~f&E^$+YAb_S&5ya&atp8!kg zcCeBzhUG19x!z5o^t6x8_siWiiT0+EkyS=K=kQL%J) zk=K{cVtI!uVovH8e;U$kcS8=;eUS5e2bg--4_41OAI!Z~Fkyti%hL$Ut7R}{IKa*M<|UfNYCgmdI$yt7X2i?IGm~F0v)Q{;?Df;>ULFQeRrkP z8^~_x(gd7bZJF9$P*HC$4Vi3Zx7XKZ(lz!dHN{qC zPJUxcdu5%gG_Ts&?8vr3&9oeY&Y9JvZ)>U#GOgU@jtdsqEn!`G zc~1dU#j7v$nR1#84vjBA)T(Of%&N#OblNn%US*HYQ&AE0xuC|Jp)FUhF=jVA)j1u# zN>i4#uDq;~E6CGn13ImtvZ=5jOWB&MY~&g%vV+Fv-u9~cU`>{xxxm@3?QttRTSJ;` zJ=c({bywE5G##S3-1)kCdzrPXwZu_VTcYu)g7*BP+NN^+>CfVNY<-MO zq}7gWi>{>6qK1DQUVgJMF&xsBXO&e23X0ub<*vd4Ygdb>x2dqUQ{Ph8Qr6y~aawd0 z1#M-eU3EPrIgMTQWp;-qr0FThGu6BOri!k*P-T(5#abAu(e!q=bT_Mg&Bn%@7Egz> zr7$zQ)zH=B3VF+$tu|L-E);po@|9GVK`ld<+hVYJjZI-?Zf1kJzDwt<>n!f*?rHN? z=6Z6pJ-$vYa8RgkD)ZInm1wGbt`c{L5oD51gM(r|9OQH1Ae#dR@o8`nrNBWr6AnZ& z2=CEEIQ%{x4!`j~TJ`HxIQ%dL4&P0N!x26>@O8XE5Egtj5l%ng9Xki&;IMxj9Nr%b zhj+)o;T;wZ|AMH7;7xwEe4T>BYYI5L%ImOKcqhZlQaHRIfy48Bd}1H}17pwetEFd2 zI6T9zZl6XmjrYL_pI_FA(*TcPduNv2=y}BZUgRNBtrBfZoDRravLNWfLWNA|*Kv zmR+mS2C^1PIov~eg*h@eTL&SKyJf$#_Y!-B5y>Xd74SWTyYb6(Bp8*IgJ_`tZS|QF5Pbm`iO+omb4Df;dei=NaW3o5{O~OYngZpHJ`(1FQ>t)_uz29!15W{j!ILnM zlv*_k{L}zAy|mn?;Z7* zTjt`uSCWgxNSq=NrySD(^N9cIfdA@%e^&hgP&QY1w6*AWw8_S!Wb;?F-L1lxzLRHsXo7dUusjcy4>zbMz`mTmDeRhSp#Szk3 zLpf#LT#u)uvb4J-*XgSAS9Z8MY%SUzjWfGN*<6pmmIx<`#IpqAS;r)QKGCn*Pk#7c z>*xR6`gvxg_4BqUF>JTl^*uE;)|}j~61z34vaqpH@3H!8TRV#L%)UyMw%1x;6Ufao zD4R7di>lq`E`hQO1^FFa+0}ubP)&=cRio|kcB_@4;@XOaoYuCwVq0ZNr=`rLan#m& zvV$EB`GsnqwzFH?)E%<;%9NQZ&fL}GEpj%5G+|??p|HKpVJR+fceWQ;3M*UNL&g#= zOQ&hGI}9CF`oiA&-Y&O2)YOq#%z1JQZN*jQp7yL@uDzFQ_uC2#+QLAtt1!o^^R(8q zW?7oNEtTeCZ+mZ`x~!tO#!;{Ghm?lA(kj1R8PsG}RC(*%-u4!wvCd!LsjhUklz7Uk zYbzYJ-DO3&`FUl{WudHYrP&i|X==53YKon$=EB-`&Z9P2t8|XWn$9e{voq6MobB#) zcnw{xJ)sUqTe-U-pl{M@L7Q=wUZ>8C4@-m-MB-F|IQ5w5b435NPssP9qA%lrFKlst z(VPFZ{Qoa3|My19{$u2fa8|Liu-P4|^9JgjJ*FzRy}G=lK-V2CDy}ZcbLN$oW;NyI zwfAIYH(Bz%K22_CNp@aio!zJJ;xgMyLvBrbQ)PZuiPhg@D=Rb9GXNFVn2LNzL|dAcl_eph3CrnA(P znWy&T2dx#EHOhj*3V%nHsoPsym)}zDtj}y|%-8kgXJ(soT}4J`wXwzQ=(V@x=k=O% zIhU%kqBP&(cGxp}vhtm^-R>N<)!n9Pb=tI5n#$&!u2Q?YuHNUVvvie~ShP@_yrinl znr+H&)aMj8nDR1%_4=-!F0jjgrI*H~YyHrm><8vTA( zUWu!@wz<=hrzy^=w7By$?ag)h^(ISmxvIFgqcvcL4eQDVr8DF&Xll{)xV!ECU?7mG zFYR?SHg#CKdNPaibDi}a))G^@wlJ)!&dsg%m-wrDid2nsY2QDxHSY zmvpz3w=@;|jHMn+eSKALeo)twS=~}?%*{1))M%7BuG01zRfn?JZ+CdD%Dm=6o!M6m z>E;cMT6<j*Vg zS_^wUrCp_^b(!wof?i`*ZoWb74yanxML}&zbz#V6>j`*!YaE3Qy6oPbI(1HCm8&ev zP^&NPYHZRJD$NBNM{aXb%;XWiFA&ClE&_J3ebWDmRG3QQ^yR|E_hkuTKlp!LJ^yJ} z4+!`Pt{xR$&QJKh5{IFs&e~F5*VCx?H3Y5QwVC$Tta^*tnp0L?;w&ol^=LHes_xFx zP^YapSnP5Z)p(2@RZU!lwY9FHv%0F*(ctec$gVJ$x~j6Bjjrl)uC$}tXwS>3D1q{5 zR+~CMPg&4aU$68vsQfBbc9pNZy1u?Gue2UYvp3ZB=G6q1RqZv(sIT2Aqd?hQ zT3Ods+pg4?I&E#4tu@}dyq1z;U0I$wuO+LnI|RQ`;cd40LiyhEP^PM_R$G$iw`GNL zy!mBamCiDQKhM%^g4)&9#ePR~xh_Xt;ixJxl;(Cfs#HxHPS;Qts;p?YbW|BTidwrf zE9yNQ$h@P@&>0LBd5S{$dR3@a>#yz7JKIXywM8w>%|VUF2Fz&z`vHdSTj6uBGipsdVVPghyY+8HkOucQI%_Wu2y56=zeP>g#%TiNeaCCM;J$+YezCFvL?aHeR zm1K9hZKaL5o>qfLU#Yj0*IBDQ6|UCi_PkQ7zDv_yP}ii+Z)h#6^Vhj@4aTMx7#OCa ztQLJ{ceOEG)nF>CY;#zV+e+hCbdmngQSku)l!I%*?|tTO7oOOykqLomgG4W@(;0^9(`CImrfhJ+GA zap;#&Y#@m#p~Vma34CjgeM|!RetggKUG5+Ic{q&LtX*bi&z`;4de^&Lii$;1q)#?Jvp7WrF#}uT}}B+A+sZursZj0CF)5h-A+wXr_(BI-h`GmgxijSLvJ+c z%08VjNoV9PULOo))VYqb#lQy~5JdMcUal;K*!ZYfsG?UvcuwYyv{Z`@Ul zn@Kub>NWJiXhCHx=#`c%4>Uo>dSbGmw|OYY1OX&Q=6*4ztT+`8O4~N*a;<)>Tl1L; zoGRP$`)YZm&24MDBH4Ia(Qw0;!(C+6wUXcFV981%820r;R1aq8v?{9$1}O;5v2b)( z6YCaYX|kg%wH?Yj=k^zSE}br6jS9naG4ZCuqvZrk(W0|Gro?sqG?)qO2_K?hDTZHn&Py|P);bznN+pmg1P>8 zl3DY{MG!Kj9N#*YA6+^!XILivBXJ6z!Bg!ST3n-@xqe1npEV!AwK5 zzeZax#V#E~rN6vC9c+RwQUGvn<9f_Lv3Bl3QxP&t;37mgI=YF~!L@VFC8OTK<|dXE zW6vyo`PYNFZOkH;U3~G4384x|c8)<{P6zX${P$}n88;iEG3q$Ic@XoDHU&7 zP^o~*U0Li*EcWca!NJNLHX+82{ayD^}ccqquAK)DGxCsQqZ6_SD2T5lKhvE~Q|=#j)j|k|s9ap8W$l>MO~HT{(xpW8t@A zyS=>VPRJoYV2;7|x_Q3`H?QeGul>1dh1bWG)evhmn%Rz%3G2ftxx!Mkbd+Xmv*<2F zyDVm(Aja_KzNV>W0!pT=kXHg7Qr?ONOvzlsWuSGbay;4YXY(O89V+kLnfB3GH#WpqNW{THtzLQ1EqQ`YwUR2 zDswlYNj6p9V8@;9tE^2^EpKr~tKnjb&l$SbPO02>rcK^rR9|R>!wyf(|MT5J+I4d1uciXY_d{mG&|9Fx)Ld+Jr->}lnt%DtaD#F-enH*EGsxsYhYcik=mD&|IYp=IhL%LFp1_~~Up%gK> z*2-%Vu1M6tr?_N1l(g{tSAHn_F|c}wz70O2jdXg%Z`(X{Q?|4HICIMKC zKqk~m=v`SgWzNR}KA;Jvy`hk@rscDNpt0#O^&FY3u^m^?`EuB!U`n2ZrJ79{ot`+~ z(Ka}@CG(%R0Fmh}z<~1Zwf1};=KcS$?-i^)WuJz*3RgI&q@AOSnqD+@) zQ#;p5xe_Ucwkewy%0z2wr5;6rV<%%v*O zX3aJfUQMMW85Iw>#1$GTj_AGEhKDTR)V2ZLo>Qb!pBNvl!i?-<*3 z%V;3moh;{w!<%d7inUU)pHLQ)rARQRw)G>CdN$DuHbP}bR_k#vx+voU<5N=AcRDh1 zVl zUXtpDJW)?9;mG8gbg$atY~c2-Wir(y?MM|$QE$4<`6F^uAQ5UrwS6P$NXfYrAJhlx z+78`}vs}bOISipJ+x5!x<)qD_tjRr|UcO`S6^r3XD(mW`RcQ`Ln|rBlHCxfxJf2dt zS2C&q89=(_lsQU8RAeaa>jo6=lD=Dn90QJ2M;X>9YhiF%aR9u{bYq?x&(y7sMve<4 zokb3Oz@?nZqqJ*Oa!$`E8FR`4&a!UTswk9|VI38(W?D5i>`L>6w5eH!1VX)XxUS=a zbcF7C%8*N$QUp918wCll!=Z}7?=%7nQ?sgVl!0QKR%xT*T!L07%qDBs?}#`I`Wi=7 zsC*i5b_sCj-a_m@SA3{w;{5UUn11A?;a|xvlrF{xSXm+)vcQR_z~FNWitoT)!L-{y zj0{%2Bkbsx{QX%u^1TZ?`sATg`{+ZacJw&9V(-rU&c7 zJ*EfX)Hv=b>?$xlobf@}g}#8}S%pKssZ5UV<`bEU6MW}stOtm|(_XRJr;H8E(}J<# z889}K?#G_MfxnIHen}-vH0;{K0a7_2X>TLrrzl^K1p=C(%U)_Mj&=Iu(|LAi6;R#qM}TC4!1 zY8$}AO~tZ)lQ&y%=gMTf$TEp&-w2;jTR*5v#`LyY+7^h|UADBzF=;5|8d?P#i}woZ ze8R)>bU(|6TZSN0^u$V3q)!h=Z9}yGyx%d!vvg9*Kb?Dupl=yXVMD#2a-u(~lybB{`$}5LYwZ6Fe6tsMR zohn=2EdP1sF;`J&;}e)0g{q)H9y8|!>YU>)MjxLnb)#1Wk?^V#7f8(L{+$vxO4NjE zY!$PW&t8f)PlDDCK{VslH?KZGbL?ugpbj+;uY7&h*vHp+Q2Z6bjds>SVdWLdc=#vV z4nfNsps?@C-eEsD|G%z6n=b-|kQx-`{{G~J%O2SF541UqL(_stwDHYXonyYtf!$fj8C8iTBun%wBOsq&-}8E#@7i=YeC`Q<5t-Z zV=j1dy;1E(eH};)AAR(&Z{FNj(dNIwHHDs+kTU7tymLpF3_px!{vAZG3Zf$??|IHN zdCfy8J_J=IUI5Xmvv(*XAI*FNZFoU)s_cNx9~b67^4?`=!He)~pZuxJ0bibS4Z2bI zB~UXB|NLhJTK*FJ+V|0cWwt&21-j=#%)LIeoRlqFJ=kh^2=Wz9{#oK)|0+oK8-L{R z*|%qhrdwoJqP7y90?&=@BeuI2c`rf&>tvKL^i`Oq$ajHxm^gm@cuf7|_+fw)X zohwM$5f2}Gc0GW3HJYQ9PMb~q)hVACkEVf55&T@ z@l$1nvHfrNyf*k0%?!em+t~(%A0!R44?X{#^U*k53+i`3B>(!2_gAM4r=XdC5k{LA zMEkohnlbnJ_;xf?0XO(nK{Ro`lbv;()`&KDU}zlSXkRXzdV0nzwJd z$l36IiQ*qXU1dLrhWNSLCD9Y4=(Nj(PWW+!^o=JMvd_MIIa1|Sq?tfWm_z);^ z_!$@6cJ!H_J%AQ0gd+QX#QkRW8Jpffn@@ty?pz28D&@VW(6<%eM9U8ag#(?J9Jt`> zuUNE2E;RZP488rY?uzCan@_?37Oq(k$)2_{W9&aLG;Ya8cCe|*?q(H0y; zI|R{z)iZy&VCy|F%s+u)J~scT8~6GAEH~OnfWppCKw)CX+#_bae$g@O#X7j!JwB@&$dza-OdsBqHIfZnCz3@AO7azwC zo8Aj=+51`kK0eEj{^!p!-O5Eh?MAOxDM#6!Cf(9oL)KnR%?1+PWYX;6s)4>eWXvX8 z9Xsy{=b2>B+jdqQ_EcHR7Ufk#ITeoitX*Ty;Iu0v;VN(CVma1Xt5O;|QS-4?Z`fg1 zT6!vbGMxt?5Tv#t``TX384~wTV?b6QyL@YshBJYE!)t_cgd~z~qa%bV^NFZ_1c#a(SR# zbm#i{MoCH5ytM{+4Ltrvp|7YG>QqG&&y&qCZ3=?TwVYBiB{C!D$}Nu1%WZMauC6yS zjZ(AM);6*R*6r}ST$NOnVbM$e}Xx|23_H@MpZ zL@W^zOQ!LiD~1LKzk+Swh3iLOpDYD`*VeuMuJ2>)zxb`OuS6#S)_=0r&Z`QXQ{U{@ z$b{e3&$*a9qfG=;yvgI&H+8x;=~WlWEN!$U+@W5>P9>A7ULaI&`fI^NUy&&=WTG1k zxKe&!HV{oaDW@;oH>W(QZjZLA*i6qF%oN;uH{mqR3>fRau`xy1#p7CMS3mdU? zC=@6ZN+zyMDZ_SCimpM3N-5xL@g}we6Pr4qX(VgGYTV8g%Pw`a9t?3!t+$qAB9^Mo zY4Jr0l#g$eizEOmoxF<9=6bC}-dZV{NWG8Z$Y!KOQO&k4tZtV2YQ9nT)s6B*M4r{? z494nY$zKVC%;~;0nc}P}1r_OLDxFeEn^0#oYFj);TfGURU7qe{xD090bTryhn5n2&(TFrlCQH6oRysOKm#v{Tun16H_)MwB@neB1%1KR^H(i~3RQ|%DQDYT z4p?YX>9Vq3d53MAVl-xI>Crvfi;8A{}z2|#IKr_mQNXZrs!LD<2A&)$fn*k;cc1y zS^J!+`dlWVJ_`5kzc#!48@teMumTrziNEx5#LyUFtmL( zK8Y2tSa~l>AB=C){bTPu@_o!B-}W8CJaQ_SlB;>fMf=p6GNtvk8cZx%akhJMcfg`*h2;^0k*4c? zOWxkKbsKs`NFNPEGcC8p9PzhmopguFCE1);TL^jjiDEOFR5?@rw5}8HmMngknX&}q zr9`(>r6W1A?n*aP#(XcPRn#n*q$1qcwoBegf6*DW$xHpJ)>5h(Rho#Q(T-RuWZE2z zSBid0Ue2qOuxM=eqFks`XV{=AQ_ztmeXC})HPW@3L#KC}S~gGGQql(5O1P~gb)IK4x#{Bk639c4$~bt7l{!ifSU%Hu}o-svkhU&2Xq>_K{@P&4((wES1d`>#cqe zLN6LN61WTUl-8q86~JU{E;a%^U)o-XQ1)6nsj??JZDYAxsj$tel1)TH5iLt;I69KF z=UL@$p!j!?QU~DEd>Auyuy7p1_X4H<7l2YQ^sj}XPc_U+ODd)bd9AvPqUvy#GF@## z<#FaxthwY$rFuS3td;M!I?9H+TDN)(_Ee{?>2n?cS~FdjyDEa)ZFz+seErC`%nsaBn zv>I%(^18;MttM@yaxKCo;+15;X-R3-I)_ck`N6*02e)V=qO;h+^Ad}iO?{Im(js{_ zp;O1~#SGU^GnTeKV3=Mwz9zz6n>H1^J^1}{{D^5&!6JNbXwdgC>JP{NJv0bLy&pz> zp9W}Bw2{%8wQgrPoa0R9j3yFbwGoA{lJ;xrOx#%3c~}Vb=>$vKYTlG&Yvo>1ZPS)2 z24^s!Q_{(J-)Be!Qf;oS@z8BUNAGug1DZ&v>ZrNoiKr^%WNNA;ya1ta-N4wYuDr4* zuZQH#{$#1DZv<^Tr*ZWFNp5NTa%{q73r06_ zie{SWb~OckH>GToQC*D*hRhyoA_vHFd#1~%odsGObcZM}Te2`7qfgt=`?+*foAWdP z=LgWkWV#V_It*bi#CcZS{+z8zQpS`@+w13@Y=oknnG{)f7&iErFd5}og{c6sR_LQQB>PK;K7@Fu#Y57@-(>hgjG0x;55W>cX`u>7l(==+MmWr)uB;96!YcOfrl6EzX=}gnf)OD6d zBB+YiA`T|i(?wZ8*6OpIJe+dVCPT5R=e1;`1X0Zmg+&pyD(&)CrmWUls7zI-H>%s! zhyr+$+@=1c*5PiJGHr`OL(+`dsW!Isw70D_IlB2$E8?Whg{%fPZd!9coJuCCj5%O2 zB|RZVt1il&k#bcf!@n7>4$l!EC3{@flr4}xDeX!Z zL869}iKY1S_-XiZ;HWzjBPFj&&XuT#whjGIe9@3z^hYtQtY)qu4n-&IlpKfRbMXC8 z?n5ky=A9*7JtR7Fm*jyDF%#Of4x5EGog!Vm>*z@tv1%}QA9D@u`u&WNSS1b%$NQt7 zYp|8*_I23(=Njya@XdT5}pV6Iv zmt;}(3ki$XT?V_PR zpi>e-=ROm$8vWw$aP-<7>1uHut@%_kYw+YwiC&U8QUnQ9zc~49zxkU(v|2J zLC9WkR0G(&4;1byT+kVC&1(edM?G-SpEwu)l^D(64yt#~!S_c8%*WqFYyO*^OcCc5k+_d7wz(3h~&juP-`rx7I>|nHu)iNl=q>_-k16 z`VX!gOhoa3Shn&3dSt4-HBq6xl=P`syE&WWY@$VhHimddzv;| zHpQ|nUWmLKvCEP6HYm~%YUtjEeVdMZnt)sSKh3nQ9hw}~L&Bl0BI(OB?gsYHr4!pm zJ{q}sWX;GyxEH@-c&qecnBH~_pF6x-_PK16R3yua4-&7DL?rtRohG?%=yAw>{gL=) z;%?DaT!wAIxvG?(%$~Rl9KxVMC^n!~_X}fY5x)40wAyzk;J1@5Wz758Mlc z=D>9BL7Sh2A^IQ>Cmx+kT!M6S2^yY3{BW=!T?bs}=mVji6NNwR`S9n|x$x&&fjRw8 z^Wf-FfomOx04*LyGv(048}kS$3jGSC0&zOjB;;8@58i`&;P~J8)z1^S)Da4&aS9i2 z8W)eF@>|4eS$P+c`Z)UVUHFxs{~(cMK(cG@d*6NPM?cAq(=q?or$fKd@i{|Qj{D9U$_n5JUTd9zv7^;aVw;e8A9R%W$PaeKuo-cDd$4PaH4X zmnh?*(a6LBL)-9u#E*|}9ois$a{T%G@skV!%Xc_YvZe}QZJiI7A?$Z~=Hyb@>7K9>=z zaegYZg+eEV+jJ}d+x~JQzTfnv2`_-yh5iA#J$Bdo&`x|c?w%_0%xAcfV0PWg2k)Iu z*YQveUV`IJgxY7Mp+)F`6m^e>FVp!a;Fk#F$cmoVK&lWJRz}zZ4Bdks_#FY}-Ca*a zNTLCQa@}r|?w=h}8k8hMNXP;Lu1L|)eUM0gR~C}$;{=0-eoL$d4e`5Zn_FTTx2w_~bjQ2cDj~B7 z%n(}WEGA_8*aAt%c8#g&G$2w`yGK|Ay$@F_IRQV%Eqq<)iQKzjOjXErl^T0}EHe7+ zC^Pct$m-!=4Xb4vWlN>kOXmRH@ILtYIEI}HL%lxq{!m)HO&k?H4~6&qL$59(NZC=_ z#~$~WEeD~EAwV`H7J~@az95n^zkU*JSWKKMn{n0^ukC;Dum&wS41N){-11?3`AcYv z5!81c2I~9uiqV59v>C;}0K89s35X85@N4hFHGCCqG=Wy=bAWTqdFD~&($M}rwC;0& zbC6eWx!yc+lO4_c6v`z2E&xIvx#1^AZ$E7o+WaMmb_k-8xd%2Tmj0@Q!~#01`~`?+ zD^Fq<-L~I28W!+II|b1!*FUbBQ(93+_sgKM{+A#!JjmVWeR?XSB1i7UBf?ibN!K_T%JC@i?+llSD01@>S66Ad&kNF>GBo!AraC(weY zp~%pR`m>Vp=RN`85fs_^G$@Q_c0N1fZy#}JO&|K#e?};Cmhbo2Utazg-6MdXLg#|$ zfWXo$J779boCl(%TdQ9h4*h)$Z8#4aJGy#vl-2nU zM4KhhSowTVn77aIuN;2Bjug6bi-1!RL}U49@12>58qhuufvA50h=`m1bi}Z)RayVB z+ATX>ylPk!lt|EtO?)Y_`jU&Id=kYj2HjVipu5<8%RTC&KFR^WOTerMaHNs*sPiVa z9Kj*iCAfRRuGQR~qKW?+A05pNzc0H$S|uoei*iE;iS87g2^i47is?-xcK zY5N*o{Ve|InD^et&f2s5n)-i7J9Wy9IrG7haLYPnh?Y zDXpvS5*BI$+&5$GiN|OpKi+y6&{W<7eR;#A9b}nfPc=H(^ePZk_|(Oq_z>gT-n|9h!eCzCo}*`~}Tj zhpikex&(i92%XlGEJhD@U@p)72uBk1?#sj>gT+_ie~_RHhH>>ke>MKN1YLYB5U z4&N@67a?OECkG3Eg1-*5?`~qr;D{UW7pAegH}AFd{g1nL3dr}cWbVI_0IASPZXmvr zr~DyKZ&62$%@W&Tz50^Q;db&NQ>jJDgOxg8X!q>40Wa6G)|F z3X19X3l5!4S8b*mhHACKRIO=+2W)!!WVvd}=xGatkQu-dP*7NMx{R`)Ra97KCstFY zmg;r}O$oB}h<7nh$o zgk#^ruPZj=fM36Gm;n6x7JLtW{Wp8xiU09;0yxlb{1#XU-U%(RfLa+370;V(#d986+hCZw8WfDQ1&u-VUv^ClA#tmVWj%l+UsvYH&pY9`x=`1riZmuM?2$-1(qDyDQQ#_CH`8J&|&T1~;U z)9O&QSWc5Nl$u?6(&|YX65Y7m=#6B`5OiY?>3#7;xN9_bd&{0h)mUC!~ za(&OOF~pceCzOY9%d(5tW<1_PHNo)HM2O!8%Ds;72Fk6Ua(6zz*WLMj4E=B8RP+* z4r}c}Z@|blOFVCvtF<+cqF@QzH5PAFS&JG9K5*6dtX5wrYHP6dUaAbik9?5tn=6J? zH5bTE=IP%%ZdQt%tNrr+z;8_j0gSEH1PHr)&Bx~`hhv$Qm1!)SMD`vC}Oj9D8@BB66= zG(`mjV#f7WPd7_b;jkg#2sh%kT03Jk>e}{_!fk4knZAdMM@sR4*PzZ*j(WV8VXS>~ zD*+sknJld{m^xJ1rHF&AUzucb7L&>n@cV*2gO7*c%|@u$5rW1JnDf2}5}58kwrP|e zk;tx=_6RHX6r?iwT=c%^a`-?r_YDNTvjqKmAz>N{e2wN~#Qm7C+Zb%a2waRE^xW~U z4Bo+sF03~{7{A-FXCb%GKZS*yl<=d#Kk-+_MQ?p{-IVchDi1YSZ&ss|zQX@BF8b{Q ziyM0iZU0Ir^fj#h$es9E*e|O~Uq<)r1msc5HMPW_Nhml)dNXPx0pHNt>RT zLLLcb%LgIm6Xid{KOf`&dGVC}ajMC!p9xj}4XRdtjQ)5^?W_Mj=e)gl&iP-Oa|CQ|+n7z;gQ0LC zk=NBjfTwBu9NJDvRROF|K4K`anQ#eEu@$R7XXhX$%5OL2bkSN@U$rXpO-AXc_2WjM z?;|sD*2L6;(ReHC^?0<6mbG8Cvss?c`@5Vk)ur2=VA^hRby}3Cs8wkj39eY|OorNV zU8Y1a{#?sTY64W-Y0dR2wKC&TcJ%O-)+K>CMqhDQbpdF9mmLS6sZ%D>iA36`w;i-jpP2G&&UJpl>fFvQ||)tI!UuC z)$zg@$y?%Crs!=34JD__5GyKG#Q>*F7cwckE)jJk*{q?Z_WHGjDygo~d^A}rw=6y? zX0Wlk#!=vExWnaP5>#L2mlu^~?nTnE8 zRqgtSuAmP0s*z$?N1Hhgs08{3gNdv=Q);b=tE&3OwkmASIOU832&OtwJ{MqgMYG-1 zc9@zuMwxZltZEg|5%{%isa4R+OC@!X%hdZ0eU3DmGHIqACxOh{*)^N8u8@uLd95jD zCumSr%J!y(jzo9~baecUE0vTr_C!Y6iPhw#r>yC(K8W*QtF zpC#^uu;@!PwFd{Ya>P;MF}D8c&-N5N_(XWuHspx|#ba~xch&aD#RX!u1ipUAYbKr@ zyY1O!AM82x;Jsj?E?bCKvGT1qts1zk#4NGQb4`D$Qgoe_0D}=t_>g5eu?3rTU+J~M zu$<6|r%a(jCFnRgLC;uQ41e>Hmt*MK6~x2X6XzKJ-y!sv}@#I|L zG8YhCtk?MD)WPyYh(p8}|Havh2EK*FO!1hjc=q#q`Z;5spnND10*vpsAYZGAJ&-Rw zu^007{Xo9{jU!aOiz754oikZ!G`bm5S?k#3Wre?~s|THII3#bIon+M7vUEvf&8G;o zd~IC{$VxhigfXA%*5M^p7Gt@VQbSr|IlkET+RagaNZr!%osdhzHRy8FE_eI*sNT%k zdg{KX*a>iHTZ=U-Ly8U+bkLz>EZp->n$uh+V(cVCJ*Lh1!alvR8c(|+bel;tRc<^W0cSAw%L_2sLxkx z^z8*76IXRqU3angU4YJ0(+)3^9?AXe!_AvYUf zTYx0gvB%-@?YQm#cZWxxmXb2@?}o%fYp>3rVIeLyBm>dHC5Mh5xiw`$>txbXWx7?X zO|Hm=%g{{0(4QCvg?XQ>eeMYMjGbtFDsWa1Ew9^MD-BmZix!MP8RcgF28q6+9)d%*<5$0bWW7%d%?px=FMsg#tiLZ> zfZ|XUI2!m}j)wN7#8Sd?)SNZ%!o3nAig#WL%G$S2Tg?3TX)1_O2T^}Lh!)+&J*DC| zy@w`$3Re`efk~VBIDLe%`C@g#Kn!Ar$2chm8?4WS$ z!za%UwQqX>`PM?u%MPI(*($a3XNzrUOz_9-6hy)&VcCkW3+RNYrk#XBx_IsFk<48X zV|}`C69gaF{29wP9C6YOFQIjdi0NqD?ILXZ^mb^+;DrFOWEx`2?457Fk6n-dKQHTC z2|mwwEAqZhUdVXKT-Q&t32V3yfr7b=lS;RN1*+4qK{hxSQse>8eYm@wq+GT+`&ryX?hm*%)h-j8T7^w3qT!R~rme6Fo&#$J%{eN61Xs@(rib zU2uB&Nv3Nl+N0&3#b3*2Lj6#r+#f(~!6ZSBVT6=Sw%qKi!zUrDh!;O6w! zdv%h7twx5`INhC0)l)Qfw%)NWN{Mw{N$(i=0KZlmAlodv#F z)|Wg@7v*NPIpd_K+pTJfz>#QU?D2%ozg}YwsqL&z9r@0(ZUoyYGKu~w8v9JVMf}dt z(fAcaQud@|GCGtRx=Yr_ekZ*}^1_UliEX2*8KWZ?VLkjIiDKvt%!|J}CK}l;ePQe= zi40ppTuAIEw#a@ux>5S|*fQKIM&dd6oS}UsXN=c|=Sh{~GF}X52n{{KWpl)uGh* z`@}lzdaNgULZTR^rMF3k#ao6SCXN|>N%raZd|}~<&Xh=(q2r}8Ir{KC>~J*W0&FRI z=3MMhRJP*;I_P|C8M@;fIC1_taN_Fou*K;3bFdX?{n_yI4^r7;#Gj4HQTgxqBC#Kx zbpagTbS9L!_iSw0`i-i^=si0wM<1L8qJ?&R8Cr7z90kwB7KvNv(=$PPy#u5No{cTW zh+{-c(T;QRMd+dPparAQ^dE(@J7m&D;x>9xPaCAdx4=<(3beV~n+XJLyaqc4fjSp!gG|61g~>?G(N94uSUC_320#iEneKc;X?-~g3gkStz*tdfayl zFT#(zl}91UiT?o6aL=$AXG14qZ^2#2JK$nr$UwiH__9lnT!arTkpzd)+0RK9O(Fdp z*jyn|euhdan=vAdLYC~iCoY;uPaHcjYy3Uz!|{h@OUAF1o-tmPens3h zPUF=0JmSK!Psg4d`{`Jpcw@{rwsiFC(HBQ=8$A;*jUFd`VN^LfJhE+MFtQH+!3d9U z897F(z-lA=;qMH;JNyuihOZc&Q^9EBXl(AVl}HWGmF<*yWxtbMk6k6bmDpE?6e(gJ zkUOO$$ZNx~%Y4$qP-;keIJ!+DJ^Zpy-~hyjBhNN`sest^q=>`OZ?}QuU7lEh-X4Mn zeM$m&$X*B5?ts z?eN6Pm%wobUBMG_)V~ytdGwATuZyLJuV18CDhw(XRbWV?2gTAOQDrf4sF*|RhNNLM zA(8sfxiHGsdsWNO^(o>@K(j&OY@r+QEYLA&;yI+x5U%w$g&f_Hf!bB*x^3{>{wnmY zu^o;c*^VE+{&aH5AonK3kD~I&FdmnpV+ffa-A%|&N(k9L<>I46Lpt$W;){0SoOfZL zC9h&H1MN59p9L)S3~cBE0R2s&sfne#@YK>p0-{>_RUbrjBT_n-5=fe1nfz}VLXTCgm4yJZH5zJ z31DoGtOHi)xFO>H_50{nqgy3JV0S%0mE#tVBCI3L0C*Y@x+_MY%q?d?Yn#>rUU<%0 z{3dj@4IowtfKL;%2Gw-{3?9JYK4P?HE$H5T8mJw8D4?gLYXM7q&7IKF=;?5D^A>!S z7{J^@H49G1Z(9Gg8bHXW!>?*vdNW#gAQZW!BMqWh3mPw7jIS22LTkjt%?kx<@|bvE z(ZpL5`;BcJwG4kP+bMmW7~povi$mwYiTmL0Y}hwY{Eo%G@&Z`wi(jJ)UL;-`+x*TE z%{|-T>s}PL!7qVne&tid=F!&rz>jvHLm#|L7zal`O)L?Q78d>D;A!!L?}1Hy<1_R;F=4AN0gx zz=p7~Nj!!{Zr<7*^jgHhVoX@qqAS|O6Jz%d&*<#A#s{a(AG>MbzwPZ?OH9*Z%MN-UOxklKuRC0 z*xE^T(N*K=T1XYjk|fzS8u+5AW)G$(HO3YlQpD@dq#7_7xtK>uwmiXV)Mj8j@sh#h zZN^(X&jYsxUK0xw^-BqbZ)K`GN$#J z4xi1?9euDGGzJP0CY*~V3I&B(S&wGaT*?RlmvC6)DHY<;dYo&inMPJAZ!4nZCTDLc zAl`)wP`Q4D(fU$V*4kj@3A$RRTX|B;sGR+}w%(~(+tq%o?y)$EdcGD=TY*fuSaNc^ zBOJe-^HP5ru`B1L4DB8N-($A>Z|A(!>_R_5VpV5A7mrpT?%P+lm6}FAZt!Mp?NpKK z+iH$v9T=#K`8L}sB+B-b9)<@5az!#etv97mDm8ko!RupVkuKLRMQNs8bcFr(k~0RG zD${zmJFQPtV{t<+SBlzP5!O-;w!(P>r?WSxqOE9DPSz^fd_wO?76Hg%Why#zQqfQN zoVI?w5>TZyNp;lX;hLd>svp&xG_^h%Gppn+#$ol6oGw*~nCr@vK9I|_qD7ZotGA?d zu|hTIhpx3-87-TPQ?*Q~tnK+#s*=L14y65tbXA*fwbc|;@!G>(A8T$DJJyEY<}+(U zm3)>TIv?@T&`9k_O~XO##5VUbEw(5(!n9)09;i$b1(K$X!B)0$ORv>+XjYu7(N%jcxHP*-L~~U1KUBjO(w}J8) zBl)~L=Zw}u3T2vCm-0z6We$3abuOOh^AuwPNNGA2NN_!kJ`)c+ypTID$K^7;WD-*4 zX#E~*KA%_Fie7~I_l;1_H;f_GzJYdXCNmpwCo&Pi>8!1ebJJOQXYUQM6)R~W9GFL z-e*w7l;N<7q1YnJ*%@Ws+hpQ?xhd?fG+iEr)j}(KZZMqL9IZ;V<^uLSczcs^NMoq8 zC*&>z7qY3d?NB-$smAKocqgQ1)B&ryuG1#ShDsXfYRqVLIhC*o$=+OHanCC+_AO5s0C+B~t%>YZo=9Hd8{eCA-sNk;mXhG>l6%W8t6Q^2MGmDvp6J{t%Zw zfi3#G^_fAGkcP!m&XlRW)~y7@7A@XJ`~+KZ(aQG*Pi!M%KpPHDl!5$BLLNvDfTz}UAe(S&lAhV*vrR$btC%t1!4-VFA~CpR}Fsj_BVizU*ih~%XbjZ zgXJG0l?LYb_X0Y;j}PxB-<@X!3IVQFEOm2AUA90{v@u1wY+bHY&={D0%^a>OY#pa#n{DJlve`>utJSiC^)%+^$y7R7k%36<9s;N>>0t`aLb;`X4n=%j5O-dp3M zWk;x`@8^T+J}|FwaY~Nst_#6!5(7GzNMAn|5x*3I% zSEdNzP}46|1`uPq+I( zsZ`{?WBCUI%?XnuqmPT0iB1v`cZ)-#r$J2ZNx&9h8~I2o5|4`^>{asTk(-IC^x~nu z5L!F*>*1}#=Sp9e1c{}?t0mXUK9`JPUD+n_k0FSb6#WLjV#Wa9Hl&bcaW70)He3u5 zmg5S&LZQ>d6?|H$AhiZkshpb1gtHPjy(a>bcvotd?kx&$ z2{6eD(;28r(Vs(78~Rz5Fz(Ts3Xq*HvgQe}S5?E(ixC-w#&!kPPM@4If4N_WUJBv2 z;yk)R=+%)m;$k7d_QP@U7&^TL(-W!_xqk_--QChRF~FX0#|=Ypu@T+>j?}&j11c_x zWOs>+zc}QeHR8d>gQRW=!agT1nl!-xYbj_~+YanYihQ;kj`J0BuA{2N$(T*gx1dWNhsLCd7Z@9#PEYB^-JFjxz^kSc9&Ru!c-6`-AQ zR@LX_JxwYQsHYQd+M=t`T9w{hj4Q3JzT7~$Gk#y5bl5cNibkyq7n}}CUZv%EG9NJ4 z^~HW8lC4K6UC|M5sK57IYv;_223>)I))nC3zhc~8Ceh@>l7lCc8q!u$g^dMH?N&zJ z9x9N`a~@SquTwO$ZB>xwQnn^I9ZmnIy>E?~9j))%v%BZa**#||o5G5crCCr&*n~;O zm$Ap81;!qGd>P-y9^a5U*kh0HGq%Sbdz{i&C|LqcNJ*MQE zQWO$EAt_b0RYJK`DpAuAl$KniJ}onk+co(<)cmGn$%pLl%vtCVU{OhWgyem0BIz^O^yusXf9>PaxbaN8pI2X zV|>-wb~MQaH{u{-*jj|!i^O50j{*}dvrRT^N^v)$#sW^b3uEs~TQ|~rOP!t?L^Fs; zM5u+~$gM>Q8D)T&XEP)gX0jw)STlTWefTzc(X9{t`L#RK{KdvmzvDD_(6Pf%ghLWZ z8q!`HkisT$f{7duT-|YczYQ90lF1E3&Fez%#(tePF>ze*qs@K;$wb975WP3xCiW(W ziZ|ebN%pK|qkOZeM$Ba*>)*m=7nsL5flCKyj+1Dt56~BE(@rR60@+Ym#lM zmN;O4J6M^e$HaD6*%5s_-6PY}>cR4Tu_ZEd9;}DB)(Ox`~Of>O%(@TzVSD5CmR}F)D z#uP|+4 z9sK6i`|l^Of7hiM0I&-JHUL+D@A?M@@49||?Hhnd;E}ig{yo5>{^!q+vV)&~Rsnx` z{~g@*?q{tN{^#Y*_+958{M0r2?z?{M{GLaFl>YJ-`>YQCVs-o14_QDi{}0dqm>U3% zI|n)&pW_CjyPq9*>0WWoenz|hJXQWrog2_Nu|ppa1+%u6eh%4-X!{L(zWmDcY|a zJaY3n`Rd%c|Mx(^uwmenV@|huYKt~k#fplQF&+cNYu=}ODl2lUBg);d<3;aeG=ZaN zJjTsBWVIHhX|)Lf0NW&6WHW|$0(SdQEaYv=QZ$w|DC5*yC`m zFBRPyn|Rd4$yJ8#qVl`YIvbqA-vxl<0hm1D(Xb7QRz`CgoOwhaI6a^`vTA4Fd z7pLwaIUOydgOcr%D(W_gG?#-Q)~-QL4i>E4(KuRGy4MVS7|_@iWM|TCRkhvLh)KNF z>b-oxifCGCQ%B7M+&HS)aI0k97QotnDHwcSn(nLM!Iz&w&29nPtLs;8z2ecqAKZN> zXRdy+bLId>_5zc?F!f@$@nFmQ7>m)%|D~A&&kYn5H0`T6}K51-* zbBMPJn+Pv3fXYGiZthQq2iN67oO4bJ#xCF%-uYHM+aG(NFPyGUeuJs4A~~eH)`e6Q zV6Bgc)K5FnRDmDe`e<}2UC4<#uW}s zaA2((KvbSB)4mMyabzgnNggSCf4c#Sd9_~HAr|txLniFyh6UP&zz-{}*pK~DJlc-X zjnK^r(AHr{k&ol@pShi(4a9xoyPs+3Vi2f8aP zkO{s}6jYQXJn;C5Q?}+JICk<+PwmI#8?} zRoKNRWxt4Qpp@O=2#@*uQE~z#MhVw^b;^ndM~a{=F^La=Ua#)ZgM?o&nq>sqW-)r!_WG6{ca|(ecDp18ORz)u; zM^Ytil85$r02_`QaIhB~#|N6UCcdC)`cY~*WU<0v(94eze*t!|{+vms=1EL@V-k04 zYVIpH`Zk%`tq;BR&NP2%ruqNA=iv)(n$Od5uN;$ZEIWIREvYfG7!$Bg4P zv7j>`16hvL-8hQ7K3ES+BUe%J0AQ3XRri5NC4vBfBy{88SNqL^rnm#PCV*wGZlw@P zP*V`CS@15kl@FG*WD!`(6g@*PswI`WaG)U@YG@bn{IrVaOj|`zS8+hJ#p+zMRGZ$z zWnG+bkun_?Py^bKB#TTZ#CAs}iFjNEfSICI9smzhn(RwYY=KAXj10W>LOWJwyxvTf z&Svf%7bYsEU`K+?6i~y7p-GNGp~be|VqUTi#eovX^L>Y`q+zh&mP>RqVj+_$=eSug zY88*lMOAdIqoXP(Ct5@s7O9S!vAAQVo5FI29yDuqi)SPtKlDn#MSfm%-)C>I_kZ&K zAGz-%_r3A@F9HkB^Wf#z-gE8lt3P`0H~zAD`1$kcyRSpn-{@o2n_vHx-#)+m3J?;= zzdwMk51)MB-+#;3|KfG$k3S3~0RQFk5cKp@KTCh+eV;r3tuGEPu0vn@+#k_j`gec# z99<^$eff)Ez(enO=bwDfd*z=zKZSs|N&g2p^u6C$ei!m@tFNA~e-C(@uU{T|#n*rD zRj<*nzV`gY9}T4Q=}QA>@M!R_A0WQ*(esDD1du)D$HAcc!jHf0fgkw%-#I_^V_?u1 zE)V^{Z~rLvrawLj=a)YQKK}c@_Sp})5y-mgEd{NnkIKLJE3ul?F5AN%2VkdK_7 zcrO@W%zy&rLE=|__EoR>x#axQGce%QzpDhV|C#&0|NKM=26!|W0RO@t{x{~!51-GE z(_p~&|LS``h`;}v-T4s)Ji7b(LtnZ3zdrK7S^Y;~_%|3Z{JwwrXaD(uiy?RZFgOL@ zdrAI#*G&J8!fP#U0sId;ilto4Y@7rMqhb(B-$BzxLI^uiv~p zF}GVhS1wD&*S+KX%fC5z_r2(kU_W!~&A&Bx@XEJN%(uEc@B1x)y?)>`ga2@I_Q41L z*X`GhJ_TyOCqD}qrT^@y!3XcXJWaQ-4-X!?aoA-CN&s`>^{lz}Ngx3fg9m zTcB-rdERcl$sWAo%FRcA?O*-)?P34qvZj5%bNPiXPv7~YZvz&2AD;{!yLn^x7oWO4 z40P(iXA^_v3qi5PorV3SS=cY3*bXP9O+GQFqiS|?`>I;2uIR~$ z@9>l}nhQd_m`-^|CCBJ4-jf#xZpgIWl5{t4tApi#xM&l0v=99g6neC)R*RsX3Yr4f zOIU_xY5;ExZ_}Na`6@@938c&k-O0j3MOQ52$Fe)&d+o4MPGz~GIDbsEA#FNq-X)M7 zF6!2>#N1|9_#*ftPF50W&kmwu_T z+rZg_Y=M&oxIBKknhaB)WrPJOk$8y(^O`m!v#^9oq2aC;AX|DVEDl^$h1hhREr}?@ zOwfk_jL(SaMwXbc+eEDor!qZEzTWSb7o&xLU5At$*$5na&yYvCGe5rS0jf2rLwS4 z@EHJeZIl)W@6b-Y?K&HmZPZpHwAz8~4gxZj1vvm)ntsIXEQ^Rx&L83SLggm)8gD7W z1+-d*f@jOJ#x1yGLASSL&=WdaizQ=F#B?(OsfnzAlJq4Ksz&b47OenwL1mmCSQlj^ zD9ZqgC_tv()45;7VxqbYNAbG1Jz#EQhCDQ?nGTy)Wpa5i{s$Od{ahUU5@RT-pl zECdEvIfPF5&!ljpHZcXhE-=NdhM z{Bp<{n;EZYcp7)sjx8G zI^arM_l|k;f~F)2j0*#HL3B~EteN9t)2$*RgQ)|1QmUQ^w(DFUj=i=3ebFdt!R-yo zD0U$&gHuqMl*v%(_TXslCf34k3G?hG5>OLZqLHOAHd{nLy4(!gAt)Zbz;gamcb4-P ze>s2PISu551mx@i@C9n}xv2(eAVlW4cE)sQmZp2`8rXpyMCHb208@lu^9Z1lWZ_9l zNCD+xyIaf9#Ph?to@$P?($es-)3?GtcBDx+wJWn`Eob8>Hg_DJ)=QKbEo@WYQ-L2b z$B`Wl=pryAo9sH>g*>WeVwkQ{Mk(T+cKv*}f_Aazdr)_bldZRBgT-#@Zq;hW zFZQ0H?sa0%xCgw0k21)K_x+ubK$9Yv5L6_i2D`!`gpUuF5X)w`Zjsg2p3js>Xi2Pg zl2)|(z~nJrk$B2q@hnw?+I6%XP6;jnDNQz}OlIA72li;)ngHb|WfhfwU^L z`iMBPb-IppegwRBG!FdNy%-ZS3$UVQ;E|{FQv(utIZLPoF*oVq@iav?t*L|S=mHq= z&DX}z!YEz=OxPS#*W;A#o(Rt`BYJ)@zV|=9T$gQHLwv2U^lE4lYijFq6ME6`s==9Qo zy=7+CCjlm~wU&#UEt^d&87rfM6tvStkuKXKI}3n8Sk6R+#l;4DV%8^Z7R}@Z4nl1B zoq#3;RxlvzOr*84eZIZVttWry&Mf~Mp5@Ph&xLMEbGz~0?T=%c-|o`BO+e^Yq5v<| zgHwT+)uzG~WSI5xp-}8~UcsYj!Da!KFiPKmv@tYpiDg}MI}GYXm2r1Wqvm`XqJ>K{ zqG67~b&{=I1rq~jxW=nKoOME{&RZO)rN0>rQbxBjODue*d5Z=reS~?0@ZNF5QRTiO`Cm8E) zyUOW#mv<_@S=hjzP21woalKh^L{CT7mWC-6R_9yac6dI_!_8#w$C!l7*Yub(dtgwd zMo!JgtZ9w+UNWV1^GNVW#A;%kOQK+p1f!9*oj=3OAkM0A*=>`{49QPledU9Lr|){% z&pq&OZZbFCdH>t)V+Kz@%My6|7w$Q~^Oe^>eXsN2um935<)P~UM7jhGZ{s!J3WvCa ztNtH=t2Uo{=eusb`J0z;)g^FvIq3YpZ(hPxe+uBLH@)L`{>tU*?LP!iqbL9D60Z6( zfU7PM#9P=`F43VkTaUf|tbBFw{$~-O=iF#M`sDRH6~l{5Qu+?}nM(l3Ce!Sc=o4U& z)^31HtDjqth3c}C?R^$BS<@X{fL<+>l+Z-S`*Gdtl)I^pdCF&p6tL53o$AYJ6a~N_ z9B2`mmZj@rdJ31T?uZ0ya2dK-u?LodjkRsksxk5H#Gdpi5|Ut7bFtmYo-hMsMt|nQ z2S;3h1n9^-0&zlaPV9ba(X9zB=?>vsUYL3A+}}*=pvAe~N5-bEjDVkaTw?Ia^4LVQ zn6)+BOS*cHXX7y|<@{EG6CGrdrD!F_AtZ0qQQ4igYjHeZR=E(ljR|F(;>=}9CsWDS zvlRu&Q8qVhWxU9_H3BVS%A}6fI(BE0Wd~!=FZ@`)+Z(u$7f9~99{)TTf&)H73Rg2p@FcXKsp;Igr{fLQBtT><_d)V6RYU|d(s8^tn z@wCDk-SK#1gLBg*Zu`rHP_8}G5j(vO6IM1yr9(2r1X$LraDZo;A)IeLj#ufZ3Abt1 zq+K{shvo_nu|;|aO5X#!S@=Uj80c8uL zBb69<+^*?S+i%oNjW(@Q@wS`;%^CuwGdNmn6L^=|Sf@=fidUWegsExU)}n^(b*o&| z-JVB7+->xb71&{HE+uWU;c6)~?#F6=stb7jHT9z)zQ(DnpsA_oR&T9VBO!IH8=9`LTXNpo^Qat-S z;`F@tfF4&R#=x|%otzA_4@P#5CT*=r{BX&4i*z5%6nI(EsRo%eh2`T~L}_aUI+?P~ zAhDH&v2}Ff360Dwf21x8gl`3UFT)YBC%co1)hpZ$jI@|ua5Y4dhBKOovKw;_PFjq- zfQAfuWYq>p{$sAKy3@>R0;?}xY;nrxCx7S>P&-vL9JW4K8VxE^<))4 z*`UjSU#hO>SPCCis0n=*l(JqX(fz0sw##Fgu>5Ko)l-lQvGLdyIY}M6+_y}pN-;Sc z7qbN#;0VpvMedjVk!!`34qW&^NVsZ=fK{yo4tF{rjZs)fY^dTBkYX9`jp>LQp~Dwg z&0l_Jn!hyDT)Ow+3r{RNTtZ`VM@+L~yuuIVG@E;Jo0*7;b;%SdmW(h2bgRRR1<~6+ zy3s8l;lBJ^%C|?kf9EM`1H>tjE^*Ngng;~#W zV0hb=dqkA?8?=p;Qa&9=p&C=03;8{JXE4Unu^9%{RJrHuH;yOD{ fmdCIH`sf+CbsEK5t}$D(>ky@L$+X>XLplFHf?DPK diff --git a/workers/security_notification_worker.py b/workers/security_notification_worker.py index e54847abf..603633343 100644 --- a/workers/security_notification_worker.py +++ b/workers/security_notification_worker.py @@ -8,6 +8,7 @@ import features from app import secscan_notification_queue, secscan_api from data import model +from data.model.tag import filter_tags_have_repository_event, get_matching_tags from data.database import (Image, ImageStorage, ExternalNotificationEvent, Repository, RepositoryNotification, RepositoryTag) from endpoints.notificationhelper import spawn_notification @@ -31,23 +32,19 @@ class SecurityNotificationWorker(QueueWorker): tag_map = defaultdict(set) repository_map = {} - # Find all tags that contain the layer(s) introducing the vulnerability. + # Find all tags that contain the layer(s) introducing the vulnerability, + # in repositories that have the event setup. content = data['Content'] layer_ids = content.get('NewIntroducingLayersIDs', content.get('IntroducingLayersIDs', [])) for layer_id in layer_ids: (docker_image_id, storage_uuid) = layer_id.split('.', 2) - tags = model.tag.get_matching_tags(docker_image_id, storage_uuid, RepositoryTag, - Repository, Image, ImageStorage) - # Additionally filter to tags only in repositories that have the event setup. - matching = list(tags - .switch(RepositoryTag) - .join(Repository) - .join(RepositoryNotification) - .where(RepositoryNotification.event == event)) + matching = get_matching_tags(docker_image_id, storage_uuid, RepositoryTag, Repository, + Image, ImageStorage) + tags = list(filter_tags_have_repository_event(matching, event)) check_map = {} - for tag in matching: + for tag in tags: # Verify that the tag's root image has the vulnerability. tag_layer_id = '%s.%s' % (tag.image.docker_image_id, tag.image.storage.uuid) logger.debug('Checking if layer %s is vulnerable to %s', tag_layer_id, cve_id) diff --git a/workers/securityworker.py b/workers/securityworker.py index 2ce3fac9e..786085abe 100644 --- a/workers/securityworker.py +++ b/workers/securityworker.py @@ -4,121 +4,25 @@ import logging.config import requests import features import time -import os -import random from endpoints.notificationhelper import spawn_notification from collections import defaultdict -from peewee import JOIN_LEFT_OUTER -from app import app, config_provider, storage, OVERRIDE_CONFIG_DIRECTORY, secscan_api +from app import app, config_provider, storage, secscan_api from workers.worker import Worker -from data.database import (Image, ImageStorage, ImageStorageLocation, ImageStoragePlacement, - db_random_func, UseThenDisconnect, RepositoryTag, Repository, - ExternalNotificationEvent, RepositoryNotification) +from data import model +from data.model.tag import filter_tags_have_repository_event, get_tags_for_image +from data.model.image import get_secscan_candidates, set_secscan_status +from data.model.storage import get_storage_locations +from data.database import (UseThenDisconnect, ExternalNotificationEvent) from util.secscan.api import SecurityConfigValidator logger = logging.getLogger(__name__) -BATCH_SIZE = 20 -INDEXING_INTERVAL = 10 +BATCH_SIZE = 5 +INDEXING_INTERVAL = 30 API_METHOD_INSERT = '/v1/layers' API_METHOD_VERSION = '/v1/versions/engine' -def _get_images_to_export_list(version): - Parent = Image.alias() - ParentImageStorage = ImageStorage.alias() - rimages = [] - - # Collect the images without parents - candidates = (Image - .select(Image.id, Image.docker_image_id, ImageStorage.uuid) - .join(ImageStorage) - .where(Image.security_indexed_engine < version, - Image.parent_id >> None, - ImageStorage.uploading == False) - .limit(BATCH_SIZE*10) - .alias('candidates')) - - images = (Image - .select(candidates.c.id, candidates.c.docker_image_id, candidates.c.uuid) - .from_(candidates) - .order_by(db_random_func()) - .tuples() - .limit(BATCH_SIZE)) - - for image in images: - rimages.append({'image_id': image[0], - 'docker_image_id': image[1], - 'storage_uuid': image[2], - 'parent_docker_image_id': None, - 'parent_storage_uuid': None}) - - # Collect the images with analyzed parents. - candidates = (Image - .select(Image.id, - Image.docker_image_id, - ImageStorage.uuid, - Parent.docker_image_id.alias('parent_docker_image_id'), - ParentImageStorage.uuid.alias('parent_storage_uuid')) - .join(Parent, on=(Image.parent_id == Parent.id)) - .join(ParentImageStorage, on=(ParentImageStorage.id == Parent.storage)) - .switch(Image) - .join(ImageStorage) - .where(Image.security_indexed_engine < version, - Parent.security_indexed == True, - Parent.security_indexed_engine >= version, - ImageStorage.uploading == False) - .limit(BATCH_SIZE*10) - .alias('candidates')) - - images = (Image - .select(candidates.c.id, - candidates.c.docker_image_id, - candidates.c.uuid, - candidates.c.parent_docker_image_id, - candidates.c.parent_storage_uuid) - .from_(candidates) - .order_by(db_random_func()) - .tuples() - .limit(BATCH_SIZE)) - - for image in images: - rimages.append({'image_id': image[0], - 'docker_image_id': image[1], - 'storage_uuid': image[2], - 'parent_docker_image_id': image[3], - 'parent_storage_uuid': image[4]}) - - # Shuffle the images, otherwise the images without parents will always be on the top - random.shuffle(rimages) - return rimages - -def _get_storage_locations(uuid): - query = (ImageStoragePlacement - .select() - .join(ImageStorageLocation) - .switch(ImageStoragePlacement) - .join(ImageStorage, JOIN_LEFT_OUTER) - .where(ImageStorage.uuid == uuid)) - - return [location.location.name for location in query] - -def _update_image(image, indexed, version): - query = (Image - .select() - .join(ImageStorage) - .where(Image.docker_image_id == image['docker_image_id'], - ImageStorage.uuid == image['storage_uuid'])) - - ids_to_update = [row.id for row in query] - if not ids_to_update: - return - - (Image - .update(security_indexed=indexed, security_indexed_engine=version) - .where(Image.id << ids_to_update) - .execute()) - class SecurityWorker(Worker): def __init__(self): @@ -133,21 +37,22 @@ class SecurityWorker(Worker): self._keys = validator.keypair() self.add_operation(self._index_images, INDEXING_INTERVAL) - logger.warning('Failed to validate security scan configuration') + else: + logger.warning('Failed to validate security scan configuration') def _get_image_url(self, image): """ Gets the download URL for an image and if the storage doesn't exist, marks the image as unindexed. """ - path = storage.image_layer_path(image['storage_uuid']) + path = model.storage.get_layer_path(image.storage) locations = self._default_storage_locations if not storage.exists(locations, path): - locations = _get_storage_locations(image['storage_uuid']) + locations = get_storage_locations(image.storage.uuid) if not locations or not storage.exists(locations, path): - logger.warning('Could not find a valid location to download layer %s', - image['docker_image_id']+'.'+image['storage_uuid']) - _update_image(image, False, self._target_version) + logger.warning('Could not find a valid location to download layer %s.%s', + image.docker_image_id, image.storage.uuid) + set_secscan_status(image, False, self._target_version) return None uri = storage.get_direct_download_url(locations, path) @@ -172,23 +77,21 @@ class SecurityWorker(Worker): return None request = { - 'ID': '%s.%s' % (image['docker_image_id'], image['storage_uuid']), + 'ID': '%s.%s' % (image.docker_image_id, image.storage.uuid), 'Path': url, } - if image['parent_docker_image_id'] is not None and image['parent_storage_uuid'] is not None: - request['ParentID'] = '%s.%s' % (image['parent_docker_image_id'], - image['parent_storage_uuid']) + if image.parent is not None: + request['ParentID'] = '%s.%s' % (image.parent.docker_image_id, + image.parent.storage.uuid) return request def _analyze_image(self, image): - """ Analyzes an image by passing it to Clair. Returns the vulnerabilities detected - (if any) or None on error. - """ + """ Analyzes an image by passing it to Clair. """ request = self._new_request(image) if request is None: - return None + return False # Analyze the image. try: @@ -200,7 +103,7 @@ class SecurityWorker(Worker): jsonResponse = httpResponse.json() except (requests.exceptions.RequestException, ValueError): logger.exception('An exception occurred when analyzing layer ID %s', request['ID']) - return None + return False # Handle any errors from the security scanner. if httpResponse.status_code != 201: @@ -210,11 +113,12 @@ class SecurityWorker(Worker): request['ID'], jsonResponse['Message']) # Hopefully, there is no version lower than the target one running - _update_image(image, False, self._target_version) + set_secscan_status(image, False, self._target_version) + + return True else: logger.warning('Got non-201 when analyzing layer ID %s: %s', request['ID'], jsonResponse) - - return None + return False # Verify that the version matches. api_version = jsonResponse['Version'] @@ -222,25 +126,29 @@ class SecurityWorker(Worker): logger.warning('An engine runs on version %d but the target version is %d') # Mark the image as analyzed. - logger.debug('Layer %s analyzed successfully; Loading vulnerabilities for layer', - image['image_id']) - _update_image(image, True, api_version) + logger.debug('Layer %s analyzed successfully', image.id) + set_secscan_status(image, True, api_version) - # Lookup the vulnerabilities for the image, now that it is analyzed. + return True + + def _get_vulnerabilities(self, image): + """ Returns the vulnerabilities detected (if any) or None on error. """ try: - response = secscan_api.call('layers/%s/vulnerabilities', None, request['ID']) + response = secscan_api.call('layers/%s/vulnerabilities', None, + '%s.%s' % (image.docker_image_id, image.storage.uuid)) logger.debug('Got response %s for vulnerabilities for layer %s', - response.status_code, image['image_id']) + response.status_code, image.id) if response.status_code == 404: return None except (requests.exceptions.RequestException, ValueError): - logger.exception('Failed to get vulnerability response for %s', image['image_id']) + logger.exception('Failed to get vulnerability response for %s', image.id) return None return response.json() def _index_images(self): logger.debug('Started indexing') + event = ExternalNotificationEvent.get(name='vulnerability_found') with UseThenDisconnect(app.config): while True: @@ -248,7 +156,7 @@ class SecurityWorker(Worker): images = [] try: logger.debug('Looking up images to index') - images = _get_images_to_export_list(self._target_version) + images = get_secscan_candidates(self._target_version, BATCH_SIZE) except Image.DoesNotExist: pass @@ -258,48 +166,49 @@ class SecurityWorker(Worker): logger.debug('Found %d images to index', len(images)) for image in images: - # Analyze the image, retrieving the vulnerabilities (if any). - sec_data = self._analyze_image(image) - if sec_data is None: - continue + # Analyze the image. + analyzed = self._analyze_image(image) + if not analyzed: + return - if not sec_data.get('Vulnerabilities'): - continue - - # Dispatch events for any detected vulnerabilities - logger.debug('Got vulnerabilities for layer %s: %s', image['image_id'], sec_data) - event = ExternalNotificationEvent.get(name='vulnerability_found') - matching = (RepositoryTag - .select(RepositoryTag, Repository) - .distinct() - .join(Repository) - .join(RepositoryNotification) - .where(RepositoryNotification.event == event, - RepositoryTag.image == image['image_id'], - RepositoryTag.hidden == False, - RepositoryTag.lifetime_end_ts >> None)) + # Get the tags of the image we analyzed + matching = list(filter_tags_have_repository_event(get_tags_for_image(image.id), event)) repository_map = defaultdict(list) for tag in matching: repository_map[tag.repository_id].append(tag) - for repository_id in repository_map: - tags = repository_map[repository_id] + # If there is at least one tag, + # Lookup the vulnerabilities for the image, now that it is analyzed. + if len(repository_map) > 0: + logger.debug('Loading vulnerabilities for layer %s', image.id) + sec_data = self._get_vulnerabilities(image) - for vuln in sec_data['Vulnerabilities']: - event_data = { - 'tags': [tag.name for tag in tags], - 'vulnerability': { - 'id': vuln['ID'], - 'description': vuln['Description'], - 'link': vuln['Link'], - 'priority': vuln['Priority'], - }, - } + if sec_data is None: + continue - spawn_notification(tags[0].repository, 'vulnerability_found', event_data) + if not sec_data.get('Vulnerabilities'): + continue + # Dispatch events for any detected vulnerabilities + logger.debug('Got vulnerabilities for layer %s: %s', image.id, sec_data) + + for repository_id in repository_map: + tags = repository_map[repository_id] + + for vuln in sec_data['Vulnerabilities']: + event_data = { + 'tags': [tag.name for tag in tags], + 'vulnerability': { + 'id': vuln['ID'], + 'description': vuln['Description'], + 'link': vuln['Link'], + 'priority': vuln['Priority'], + }, + } + + spawn_notification(tags[0].repository, 'vulnerability_found', event_data) if __name__ == '__main__': if not features.SECURITY_SCANNER: