From d08b77897d382278c956a2a70cff5b8d06113b2c Mon Sep 17 00:00:00 2001 From: Maria Bermudez Date: Fri, 24 May 2019 16:55:33 -0700 Subject: [PATCH 01/35] Sync published with master (#8848) * update python and flask usage in dockerfile * Uses the modern Python 3.7 image, as 3.4 is EOL. * Separates copying and installing requirements from copying project, to make rebuilds more efficient. * Uses the recommended `flask run` command. This is especially needed on Windows, where `app.py` incorrectly looks like an executable file when copying into Docker. * Uses the `FLASK_ENV` env var to control development mode. * remove unused `app.run()` call This is not needed when using the recommended `flask run` command to run the development server. * remove 0.0.0.0 url * add gcc so markupsafe compiles speedups * Published into master (#8824) * Sync published with master (#8822) * Updated Windows Release that supports Kubernetes Changed from old outdated Edge release to reflect use of a stable release. Kubernetes page actually reflects this version as well (so its an error on this page only). * Interlock link fixes (#8798) * Remove outdated links/fix links * Next steps link fix * Next steps link fixes * Logging driver 920 (#8625) * Logging driver port from vnext-engine * Update json-file.md * Update json-file.md * Port changes from vnext-engine * Updates based on feedback * Added note back in * Added note back in * Added limitations per Anusha * New dual logging info * Added link to new topic Needs verification. * Changes per feedback. * Updates per feedback * Updates per feedback * Updated 20m * Added CE version * Added missing comma * Updates per feedback * Add raw tag Add TOC entry - subject to change * Add entry for local logging driver * Update config/containers/logging/configure.md Co-Authored-By: Sebastiaan van Stijn * Update config/containers/logging/configure.md Co-Authored-By: Sebastiaan van Stijn * Update config/containers/logging/configure.md Co-Authored-By: Sebastiaan van Stijn * Update config/containers/logging/configure.md Co-Authored-By: Sebastiaan van Stijn * Updates per feedback * Updates per feedback * Update zfs-driver.md (#8735) * Update zfs-driver.md * Add suggested correction * Removed HA Proxy Link * Added Azure Disk and Azure File Storage for UCP Workloads (#8774) * Added Azure Disk and Azure File I have added Azure Disk and Azure file documentation for use with UCP 3.0 or newer. * Added the Azure Disk Content * Added the Azure File Content * Updated the Toc to include Azure Disk and Azure File Signed-off-by: Olly Pomeroy * Responding to feedback, inc changing Azure File to Azure Files Following on from Steven and Deeps feedback this commit addresses those nits. Including changing `Operators` to `Platform Operators`, switching `Azure File` to `Azure Files` and many small formating changes. Signed-off-by: Olly Pomeroy * Minor style updates * Minor style updates * Final edits * Removed Ubuntu 14.04 warnings from Docker UCP install Page (#8804) We dropped support for Ubuntu 14.04 in Enterprise 2.1 / UCP 3.1, however the installation instructions still carry 14.04 warnings. Signed-off-by: Olly Pomeroy * Fix broken link (#8801) * ubuntu.md: remove old docker-ce-cli (#8665) I hit the following error when "upgrading" docker-ce 18.09 to docker-ee 17.06: > dpkg: error processing archive /var/cache/apt/archives/docker-ee_3%3a17.06.2~ee~19~3-0~ubuntu_amd64.deb (--unpack): trying to overwrite '/usr/share/fish/vendor_completions.d/docker.fish', which is also in package docker-ce-cli 5:18.09.4~2.1.rc1-0~ubuntu-xenial This commit adds `docker-ce-cli` to the list in "uninstall old packages" to fix this. * Updated UCP CLI Reference to 3.1.7 (#8805) -Updated all of the UCP 3.1.7 references. -Alphabeticalised each reference -Added very a value is expected or not after each variable. Signed-off-by: Olly Pomeroy * Fix numbering issue * Fix formatting * Added UCP Kubernetes Secure RBAC Defaults (#8810) * Added Kubernetes Secure RBAC Defaults * Style updates * Final edits * Sync published with master (#8823) * Updated Windows Release that supports Kubernetes Changed from old outdated Edge release to reflect use of a stable release. Kubernetes page actually reflects this version as well (so its an error on this page only). * Interlock link fixes (#8798) * Remove outdated links/fix links * Next steps link fix * Next steps link fixes * Logging driver 920 (#8625) * Logging driver port from vnext-engine * Update json-file.md * Update json-file.md * Port changes from vnext-engine * Updates based on feedback * Added note back in * Added note back in * Added limitations per Anusha * New dual logging info * Added link to new topic Needs verification. * Changes per feedback. * Updates per feedback * Updates per feedback * Updated 20m * Added CE version * Added missing comma * Updates per feedback * Add raw tag Add TOC entry - subject to change * Add entry for local logging driver * Update config/containers/logging/configure.md Co-Authored-By: Sebastiaan van Stijn * Update config/containers/logging/configure.md Co-Authored-By: Sebastiaan van Stijn * Update config/containers/logging/configure.md Co-Authored-By: Sebastiaan van Stijn * Update config/containers/logging/configure.md Co-Authored-By: Sebastiaan van Stijn * Updates per feedback * Updates per feedback * Update zfs-driver.md (#8735) * Update zfs-driver.md * Add suggested correction * Removed HA Proxy Link * Added Azure Disk and Azure File Storage for UCP Workloads (#8774) * Added Azure Disk and Azure File I have added Azure Disk and Azure file documentation for use with UCP 3.0 or newer. * Added the Azure Disk Content * Added the Azure File Content * Updated the Toc to include Azure Disk and Azure File Signed-off-by: Olly Pomeroy * Responding to feedback, inc changing Azure File to Azure Files Following on from Steven and Deeps feedback this commit addresses those nits. Including changing `Operators` to `Platform Operators`, switching `Azure File` to `Azure Files` and many small formating changes. Signed-off-by: Olly Pomeroy * Minor style updates * Minor style updates * Final edits * Removed Ubuntu 14.04 warnings from Docker UCP install Page (#8804) We dropped support for Ubuntu 14.04 in Enterprise 2.1 / UCP 3.1, however the installation instructions still carry 14.04 warnings. Signed-off-by: Olly Pomeroy * Fix broken link (#8801) * ubuntu.md: remove old docker-ce-cli (#8665) I hit the following error when "upgrading" docker-ce 18.09 to docker-ee 17.06: > dpkg: error processing archive /var/cache/apt/archives/docker-ee_3%3a17.06.2~ee~19~3-0~ubuntu_amd64.deb (--unpack): trying to overwrite '/usr/share/fish/vendor_completions.d/docker.fish', which is also in package docker-ce-cli 5:18.09.4~2.1.rc1-0~ubuntu-xenial This commit adds `docker-ce-cli` to the list in "uninstall old packages" to fix this. * Updated UCP CLI Reference to 3.1.7 (#8805) -Updated all of the UCP 3.1.7 references. -Alphabeticalised each reference -Added very a value is expected or not after each variable. Signed-off-by: Olly Pomeroy * Fix numbering issue * Fix formatting * Added UCP Kubernetes Secure RBAC Defaults (#8810) * Added Kubernetes Secure RBAC Defaults * Style updates * Final edits * Add deprecation notice for Hub discovery (#8828) * Hub Swarm discovery service deprecation Document the deprecation Add warning graphic Fix formatting * updated Layer 7 UI image to have correct http port, updated deployment steps to make it clear what can be done via the UI and the alternative manualy approach Signed-off-by: Steve Richards * Propose 3 as the number of manager nodes (#8827) * Propose 3 as the number of manager nodes Propose 3 managers as the default number of manager nodes. * Minor style updates * typeo in document and small update to image (#8837) * Fix typos (#8650) * remove extra 'but' on line 40 (#8626) * Removed redundant TOC entries at top * Update index.md * SAML updates for ADFS (#8832) * Updates for ADFS * Syntax fix * Updates per feedback * Update enable-saml-authentication.md * Improve webhook management docs for DTR (#8794) * Improve webhook management docs UI and API updates Final updates Fix link to event types Standardize word usage Remove old page Add clarification of webhook scope * Incorporate feedback --- _data/toc.yaml | 10 +- compose/gettingstarted.md | 42 ++- .../configure/auto-delete-repo-events.md | 4 +- ee/dtr/admin/manage-webhooks/index.md | 36 ++ ee/dtr/admin/manage-webhooks/use-the-api.md | 311 ++++++++++++++++++ .../admin/manage-webhooks/use-the-web-ui.md | 54 +++ ee/dtr/images/manage-webhooks-1.png | Bin 272659 -> 46221 bytes ee/dtr/images/manage-webhooks-2.png | Bin 273718 -> 34931 bytes ee/dtr/user/audit-repository-events.md | 4 +- ee/dtr/user/create-and-manage-webhooks.md | 50 --- .../configure/enable-saml-authentication.md | 44 ++- ee/ucp/interlock/deploy/index.md | 11 +- 12 files changed, 472 insertions(+), 94 deletions(-) create mode 100644 ee/dtr/admin/manage-webhooks/index.md create mode 100644 ee/dtr/admin/manage-webhooks/use-the-api.md create mode 100644 ee/dtr/admin/manage-webhooks/use-the-web-ui.md delete mode 100644 ee/dtr/user/create-and-manage-webhooks.md diff --git a/_data/toc.yaml b/_data/toc.yaml index 8c7efc3bd4..71d17e6d18 100644 --- a/_data/toc.yaml +++ b/_data/toc.yaml @@ -2299,8 +2299,14 @@ manuals: path: /ee/dtr/user/audit-repository-events/ - title: Auto-delete repository events path: /ee/dtr/admin/configure/auto-delete-repo-events/ - - path: /ee/dtr/user/create-and-manage-webhooks/ - title: Create and manage webhooks + - sectiontitle: Manage webhooks + section: + - title: Create and manage webhooks + path: /ee/dtr/admin/manage-webhooks/ + - title: Use the web interface + path: /ee/dtr/admin/manage-webhooks/use-the-web-ui + - title: Use the API + path: /ee/dtr/admin/manage-webhooks/use-the-api - title: Manage access tokens path: /ee/dtr/user/access-tokens/ - title: Tag pruning diff --git a/compose/gettingstarted.md b/compose/gettingstarted.md index 35189c3ce4..55198f2f3c 100644 --- a/compose/gettingstarted.md +++ b/compose/gettingstarted.md @@ -31,7 +31,6 @@ Define the application dependencies. import redis from flask import Flask - app = Flask(__name__) cache = redis.Redis(host='redis', port=6379) @@ -53,9 +52,6 @@ Define the application dependencies. count = get_hit_count() return 'Hello World! I have been seen {} times.\n'.format(count) - if __name__ == "__main__": - app.run(host="0.0.0.0", debug=True) - In this example, `redis` is the hostname of the redis container on the application's network. We use the default port for Redis, `6379`. @@ -86,19 +82,25 @@ itself. In your project directory, create a file named `Dockerfile` and paste the following: - FROM python:3.4-alpine - ADD . /code + FROM python:3.7-alpine WORKDIR /code + ENV FLASK_APP app.py + ENV FLASK_RUN_HOST 0.0.0.0 + RUN apk add --no-cache gcc musl-dev linux-headers + COPY requirements.txt requirements.txt RUN pip install -r requirements.txt - CMD ["python", "app.py"] + COPY . . + CMD ["flask", "run"] This tells Docker to: -* Build an image starting with the Python 3.4 image. -* Add the current directory `.` into the path `/code` in the image. +* Build an image starting with the Python 3.7 image. * Set the working directory to `/code`. -* Install the Python dependencies. -* Set the default command for the container to `python app.py`. +* Set environment variables used by the `flask` command. +* Install gcc so Python packages such as MarkupSafe and SQLAlchemy can compile speedups. +* Copy `requirements.txt` and install the Python dependencies. +* Copy the current directory `.` in the project to the workdir `.` in the image. +* Set the default command for the container to `flask run`. For more information on how to write Dockerfiles, see the [Docker user guide](/engine/tutorials/dockerimages.md#building-an-image-from-a-dockerfile) @@ -115,7 +117,7 @@ the following: web: build: . ports: - - "5000:5000" + - "5000:5000" redis: image: "redis:alpine" @@ -161,13 +163,13 @@ image pulled from the Docker Hub registry. Compose pulls a Redis image, builds an image for your code, and starts the services you defined. In this case, the code is statically copied into the image at build time. -2. Enter `http://0.0.0.0:5000/` in a browser to see the application running. +2. Enter http://localhost:5000/ in a browser to see the application running. If you're using Docker natively on Linux, Docker Desktop for Mac, or Docker Desktop for Windows, then the web app should now be listening on port 5000 on your - Docker daemon host. Point your web browser to `http://localhost:5000` to + Docker daemon host. Point your web browser to http://localhost:5000 to find the `Hello World` message. If this doesn't resolve, you can also try - `http://0.0.0.0:5000`. + http://127.0.0.1:5000. If you're using Docker Machine on a Mac or Windows, use `docker-machine ip MACHINE_VM` to get the IP address of your Docker host. Then, open @@ -219,15 +221,19 @@ Edit `docker-compose.yml` in your project directory to add a [bind mount](/engin web: build: . ports: - - "5000:5000" + - "5000:5000" volumes: - - .:/code + - .:/code + environment: + FLASK_ENV: development redis: image: "redis:alpine" The new `volumes` key mounts the project directory (current directory) on the host to `/code` inside the container, allowing you to modify the code on the -fly, without having to rebuild the image. +fly, without having to rebuild the image. The `environment` key sets the +`FLASK_ENV` environment variable, which tells `flask run` to run in development +mode and reload the code on change. This mode should only be used in development. ## Step 6: Re-build and run the app with Compose diff --git a/ee/dtr/admin/configure/auto-delete-repo-events.md b/ee/dtr/admin/configure/auto-delete-repo-events.md index d613729927..bff0a4b6a7 100644 --- a/ee/dtr/admin/configure/auto-delete-repo-events.md +++ b/ee/dtr/admin/configure/auto-delete-repo-events.md @@ -10,9 +10,9 @@ Docker Trusted Registry has a global setting for repository event auto-deletion. ## Steps -1. In your browser, navigate to `https://` and log in with your UCP credentials. +1. In your browser, navigate to `https://` and log in with your admin credentials. -2. Select **System** on the left navigation pane which will display the **Settings** page by default. +2. Select **System** from the left navigation pane which displays the **Settings** page by default. 3. Scroll down to **Repository Events** and turn on ***Auto-Deletion***. diff --git a/ee/dtr/admin/manage-webhooks/index.md b/ee/dtr/admin/manage-webhooks/index.md new file mode 100644 index 0000000000..a9eaa8d778 --- /dev/null +++ b/ee/dtr/admin/manage-webhooks/index.md @@ -0,0 +1,36 @@ +--- +title: Manage webhooks +description: Learn how to create, configure, and test webhooks in Docker Trusted Registry. +keywords: registry, webhooks +redirect_from: + - /datacenter/dtr/2.5/guides/user/create-and-manage-webhooks/ + - /ee/dtr/user/create-and-manage-webhooks/ +--- + +You can configure DTR to automatically post event notifications to a webhook URL of your choosing. This lets you build complex CI and CD pipelines with your Docker images. The following is a complete list of event types you can trigger webhook notifications for via the [web interface](use-the-web-ui) or the [API](use-the-API). + +## Webhook types + +| Event Type | Scope | Access Level | Availability | +| --------------------------------------- | ----------------------- | ---------------- | ------------ | +| Tag pushed to repository (`TAG_PUSH`) | Individual repositories | Repository admin | Web UI & API | +| Tag pulled from repository (`TAG_PULL`) | Individual repositories | Repository admin | Web UI & API | +| Tag deleted from repository (`TAG_DELETE`) | Individual repositories | Repository admin | Web UI & API | +| Manifest pushed to repository (`MANIFEST_PUSH`) | Individual repositories | Repository admin | Web UI & API | +| Manifest pulled from repository (`MANIFEST_PULL`) | Individual repositories | Repository admin | Web UI & API | +| Manifest deleted from repository (`MANIFEST_DELETE`) | Individual repositories | Repository admin | Web UI & API | +| Security scan completed (`SCAN_COMPLETED`) | Individual repositories | Repository admin | Web UI & API | +| Security scan failed (`SCAN_FAILED`) | Individual repositories | Repository admin | Web UI & API | +| Image promoted from repository (`PROMOTION`) | Individual repositories | Repository admin | Web UI & API | +| Image mirrored from repository (`PUSH_MIRRORING`) | Individual repositories | Repository admin | Web UI & API | +| Image mirrored from remote repository (`POLL_MIRRORING`) | Individual repositories | Repository admin | Web UI & API | +| Repository created, updated, or deleted (`REPO_CREATED`, `REPO_UPDATED`, and `REPO_DELETED`) | Namespaces / Organizations | Namespace / Org owners | API Only | +| Security scanner update completed (`SCANNER_UPDATE_COMPLETED`) | Global | DTR admin | API only | + +You must have admin privileges to a repository or namespace in order to +subscribe to its webhook events. For example, a user must be an admin of repository "foo/bar" to subscribe to its tag push events. A DTR admin can subscribe to any event. + +## Where to go next + +- [Manage webhooks via the web interface](use-the-web-ui) +- [Manage webhooks via the the API](use-the-api) diff --git a/ee/dtr/admin/manage-webhooks/use-the-api.md b/ee/dtr/admin/manage-webhooks/use-the-api.md new file mode 100644 index 0000000000..1066bcaea0 --- /dev/null +++ b/ee/dtr/admin/manage-webhooks/use-the-api.md @@ -0,0 +1,311 @@ +--- +title: Manage webhooks via the API +description: Learn how to create, configure, and test webhooks for DTR using the API. +keywords: dtr, webhooks, api, registry +--- + +## Prerequisite + +See [Event types for webhooks](/ee/dtr/admin/manage-webhooks/index.md/#event-types-for-webhooks) for a complete list of event types you can trigger notifications for via the API. + +## API Base URL + +Your DTR hostname serves as the base URL for your API requests. + +## Swagger API explorer + +From the DTR web interface, click **API** on the bottom left navigation pane to explore the API resources and endpoints. Click **Execute** to send your API request. + +## API requests via curl + +You can use [curl](https://curl.haxx.se/docs/manpage.html) to send HTTP or HTTPS API requests. Note that you will have to specify `skipTLSVerification: true` on your request in order to test the webhook endpoint over HTTP. + +### Example curl request + +```bash +curl -u test-user:$TOKEN -X POST "https://dtr-example.com/api/v0/webhooks" -H "accept: application/json" -H "content-type: application/json" -d "{ \"endpoint\": \"https://webhook.site/441b1584-949d-4608-a7f3-f240bdd31019\", \"key\": \"maria-testorg/lab-words\", \"skipTLSVerification\": true, \"type\": \"TAG_PULL\"}" +``` + +### Example JSON response + +```json +{ + "id": "b7bf702c31601efb4796da59900ddc1b7c72eb8ca80fdfb1b9fecdbad5418155", + "type": "TAG_PULL", + "key": "maria-testorg/lab-words", + "endpoint": "https://webhook.site/441b1584-949d-4608-a7f3-f240bdd31019", + "authorID": "194efd8e-9ee6-4d43-a34b-eefd9ce39087", + "createdAt": "2019-05-22T01:55:20.471286995Z", + "lastSuccessfulAt": "0001-01-01T00:00:00Z", + "inactive": false, + "tlsCert": "", + "skipTLSVerification": true +} +``` + +## Subscribe to events + +To subscribe to events, send a `POST` request to +`/api/v0/webhooks` with the following JSON payload: + +### Example usage + +``` +{ + "type": "TAG_PUSH", + "key": "foo/bar", + "endpoint": "https://example.com" +} +``` + +The keys in the payload are: + +- `type`: The event type to subcribe to. +- `key`: The namespace/organization or repo to subscribe to. For example, "foo/bar" to subscribe to +pushes to the "bar" repository within the namespace/organization "foo". +- `endpoint`: The URL to send the JSON payload to. + +Normal users **must** supply a "key" to scope a particular webhook event to +a repository or a namespace/organization. DTR admins can choose to omit this, +meaning a POST event notification of your specified type will be sent for all DTR repositories and namespaces. + +### Receive a payload + +Whenever your specified event type occurs, DTR will send a POST request to the given +endpoint with a JSON-encoded payload. The payload will always have the +following wrapper: + +``` +{ + "type": "...", + "createdAt": "2012-04-23T18:25:43.511Z", + "contents": {...} +} +``` + +- `type` refers to the event type received at the specified subscription endpoint. +- `contents` refers to the payload of the event itself. Each event is different, therefore the +structure of the JSON object in `contents` will change depending on the event +type. See [Content structure](#content-structure) for more details. + +### Test payload subscriptions + +Before subscribing to an event, you can view and test your endpoints using +fake data. To send a test payload, send `POST` request to +`/api/v0/webhooks/test` with the following payload: + +``` +{ + "type": "...", + "endpoint": "https://www.example.com/" +} +``` + +Change `type` to the event type that you want to receive. DTR will then send +an example payload to your specified endpoint. The example +payload sent is always the same. + +## Content structure + +Comments after (`//`) are for informational purposes only, and the example payloads have been clipped for brevity. + +### Repository event content structure + +**Tag push** + +``` +{ + "namespace": "", // (string) namespace/organization for the repository + "repository": "", // (string) repository name + "tag": "", // (string) the name of the tag just pushed + "digest": "", // (string) sha256 digest of the manifest the tag points to (eg. "sha256:0afb...") + "imageName": "", // (string) the fully-qualified image name including DTR host used to pull the image (eg. 10.10.10.1/foo/bar:tag) + "os": "", // (string) the OS for the tag's manifest + "architecture": "", // (string) the architecture for the tag's manifest + "author": "", // (string) the username of the person who pushed the tag + "pushedAt": "", // (string) JSON-encoded timestamp of when the push occurred + ... +} +``` + +**Tag delete** + +``` +{ + "namespace": "", // (string) namespace/organization for the repository + "repository": "", // (string) repository name + "tag": "", // (string) the name of the tag just deleted + "digest": "", // (string) sha256 digest of the manifest the tag points to (eg. "sha256:0afb...") + "imageName": "", // (string) the fully-qualified image name including DTR host used to pull the image (eg. 10.10.10.1/foo/bar:tag) + "os": "", // (string) the OS for the tag's manifest + "architecture": "", // (string) the architecture for the tag's manifest + "author": "", // (string) the username of the person who deleted the tag + "deletedAt": "", // (string) JSON-encoded timestamp of when the delete occurred + ... +} +``` +**Manifest push** + +``` +{ + "namespace": "", // (string) namespace/organization for the repository + "repository": "", // (string) repository name + "digest": "", // (string) sha256 digest of the manifest (eg. "sha256:0afb...") + "imageName": "", // (string) the fully-qualified image name including DTR host used to pull the image (eg. 10.10.10.1/foo/bar@sha256:0afb...) + "os": "", // (string) the OS for the manifest + "architecture": "", // (string) the architecture for the manifest + "author": "", // (string) the username of the person who pushed the manifest + ... +} +``` + +**Manifest delete** + +``` +{ + "namespace": "", // (string) namespace/organization for the repository + "repository": "", // (string) repository name + "digest": "", // (string) sha256 digest of the manifest (eg. "sha256:0afb...") + "imageName": "", // (string) the fully-qualified image name including DTR host used to pull the image (eg. 10.10.10.1/foo/bar@sha256:0afb...) + "os": "", // (string) the OS for the manifest + "architecture": "", // (string) the architecture for the manifest + "author": "", // (string) the username of the person who deleted the manifest + "deletedAt": "", // (string) JSON-encoded timestamp of when the delete occurred + ... +} +``` + +**Security scan completed** + +``` +{ + "namespace": "", // (string) namespace/organization for the repository + "repository": "", // (string) repository name + "tag": "", // (string) the name of the tag scanned + "imageName": "", // (string) the fully-qualified image name including DTR host used to pull the image (eg. 10.10.10.1/foo/bar:tag) + "scanSummary": { + "namespace": "", // (string) repository's namespace/organization name + "repository": "", // (string) repository name + "tag": "", // (string) the name of the tag just pushed + "critical": 0, // (int) number of critical issues, where CVSS >= 7.0 + "major": 0, // (int) number of major issues, where CVSS >= 4.0 && CVSS < 7 + "minor": 0, // (int) number of minor issues, where CVSS > 0 && CVSS < 4.0 + "last_scan_status": 0, // (int) enum; see scan status section + "check_completed_at": "", // (string) JSON-encoded timestamp of when the scan completed + ... + } +} +``` + +**Security scan failed** + +``` +{ + "namespace": "", // (string) namespace/organization for the repository + "repository": "", // (string) repository name + "tag": "", // (string) the name of the tag scanned + "imageName": "", // (string) the fully-qualified image name including DTR host used to pull the image (eg. 10.10.10.1/foo/bar@sha256:0afb...) + "error": "", // (string) the error that occurred while scanning + ... +} +``` + +### Namespace-specific event structure + +**Repository event (created/updated/deleted)** + +``` +{ + "namespace": "", // (string) repository's namespace/organization name + "repository": "", // (string) repository name + "event": "", // (string) enum: "REPO_CREATED", "REPO_DELETED" or "REPO_UPDATED" + "author": "", // (string) the name of the user responsible for the event + "data": {} // (object) when updating or creating a repo this follows the same format as an API response from /api/v0/repositories/{namespace}/{repository} +} +``` + +### Global event structure + +**Security scanner update complete** + +``` +{ + "scanner_version": "", + "scanner_updated_at": "", // (string) JSON-encoded timestamp of when the scanner updated + "db_version": 0, // (int) newly updated database version + "db_updated_at": "", // (string) JSON-encoded timestamp of when the database updated + "success": // (bool) whether the update was successful + "replicas": { // (object) a map keyed by replica ID containing update information for each replica + "replica_id": { + "db_updated_at": "", // (string) JSON-encoded time of when the replica updated + "version": "", // (string) version updated to + "replica_id": "" // (string) replica ID + }, + ... + } +} +``` + +### Security scan status codes + + +- 0: **Failed**. An error occurred checking an image's layer +- 1: **Unscanned**. The image has not yet been scanned +- 2: **Scanning**. Scanning in progress +- 3: **Pending**: The image will be scanned when a worker is available +- 4: **Scanned**: The image has been scanned but vulnerabilities have not yet been checked +- 5: **Checking**: The image is being checked for vulnerabilities +- 6: **Completed**: The image has been fully security scanned + + +## View and manage existing subscriptions + +### View all subscriptions + +To view existing subscriptions, send a `GET` request to `/api/v0/webhooks`. As +a normal user (i.e. not a DTR admin), this will show all of your +current subscriptions across every namespace/organization and repository. As a DTR +admin, this will show **every** webhook configured for your DTR. + +The API response will be in the following format: + +``` +[ + { + "id": "", // (string): UUID of the webhook subscription + "type": "", // (string): webhook event type + "key": "", // (string): the individual resource this subscription is scoped to + "endpoint": "", // (string): the endpoint to send POST event notifications to + "authorID": "", // (string): the user ID resposible for creating the subscription + "createdAt": "", // (string): JSON-encoded datetime when the subscription was created + }, + ... +] +``` + +For more information, [view the API documentation](/reference/dtr/{{site.dtr_version}}/api/). + +### View subscriptions for a particular resource + +You can also view subscriptions for a given resource that you are an +admin of. For example, if you have admin rights to the repository +"foo/bar", you can view all subscriptions (even other people's) from a +particular API endpoint. These endpoints are: + +- `GET /api/v0/repositories/{namespace}/{repository}/webhooks`: View all +webhook subscriptions for a repository +- `GET /api/v0/repositories/{namespace}/webhooks`: View all webhook subscriptions for a +namespace/organization + +### Delete a subscription + +To delete a webhook subscription, send a `DELETE` request to +`/api/v0/webhooks/{id}`, replacing `{id}` with the webhook subscription ID +which you would like to delete. + +Only a DTR admin or an admin for the resource with the event subscription can delete a subscription. As a normal user, you can only +delete subscriptions for repositories which you manage. + +## Where to go next + +- [Create promotion policies](promotion-policies/index.md) diff --git a/ee/dtr/admin/manage-webhooks/use-the-web-ui.md b/ee/dtr/admin/manage-webhooks/use-the-web-ui.md new file mode 100644 index 0000000000..dc62f21b9b --- /dev/null +++ b/ee/dtr/admin/manage-webhooks/use-the-web-ui.md @@ -0,0 +1,54 @@ +--- +title: Manage repository webhooks via the web interface +description: Learn how to create, configure, and test repository webhooks for DTR using the web interface. +keywords: dtr, webhooks, ui, web interface, registry +--- + +## Prerequisites + +- You must have admin privileges to the repository in order to create a webhook. +- See [Event types](/ee/dtr/admin/manage-webhooks/index.md/#event-types-for-webhooks) for a complete list of event types you can trigger notifications for using the web interface. + +## Create a webhook for your repository + +1. In your browser, navigate to `https://` and log in with your credentials. + +2. Select **Repositories** from the left navigation pane, and then click on the name of the repository that you want to view. Note that you will have to click on the repository name following the `/` after the specific namespace for your repository. + +3. Select the **Webhooks** tab, and click **New Webhook**. + + ![](/ee/dtr/images/manage-webhooks-1.png){: .with-border} + +4. From the drop-down list, select the event that will trigger the webhook. +5. Set the URL which will receive the JSON payload. Click **Test** next to the **Webhook URL** field, so that you can validate that the integration is working. At your specified URL, you should receive a JSON payload for your chosen event type notification. + + ```json + { + "type": "TAG_PUSH", + "createdAt": "2019-05-15T19:39:40.607337713Z", + "contents": { + "namespace": "foo", + "repository": "bar", + "tag": "latest", + "digest": "sha256:b5bb9d8014a0f9b1d61e21e796d78dccdf1352f23cd32812f4850b878ae4944c", + "imageName": "foo/bar:latest", + "os": "linux", + "architecture": "amd64", + "author": "", + "pushedAt": "2015-01-02T15:04:05Z" + }, + "location": "/repositories/foo/bar/tags/latest" + } + ``` + +6. Expand "Show advanced settings" to paste the TLS certificate associated with your webhook URL. For testing purposes, you can test over HTTP instead of HTTPS. + +7. Click **Create** to save. Once saved, your webhook is active and starts sending POST notifications whenever your chosen event type is triggered. + + ![](/ee/dtr/images/manage-webhooks-2.png){: .with-border} + +As a repository admin, you can add or delete a webhook at any point. Additionally, you can create, view, and delete webhooks for your organization or trusted registry [using the API](use-the-api). + +## Where to go next + +- [Manage webhooks via the API](use-the-api) diff --git a/ee/dtr/images/manage-webhooks-1.png b/ee/dtr/images/manage-webhooks-1.png index 632a5315b7c082ef4e21b0762cd3845d88ad3079..86e6ee80f05dc63e7986168591f9a4f982e8df86 100644 GIT binary patch literal 46221 zcmdSBcTiJb*FPGhsWb(tQdAVANbl7KNSEHb^bSG@Ra8WzN$()irAZAvD7}P$h;%{^ zHIx9Mgm4c&-}ia%@Ap3Qo4GUh{&A0!IZn>b*=w)8_FA9yS!;-Rsi8!1o#{FV1fo!W z@mw1OBAf?-u6SQ10lta-3b_y5NUT+ro`Wtf|9xpKN&vpO=JCSF8w9%f{qjT5%Xz2^ zd`bFRSzUp2iTLIf+WW7)zmhG>i^hE3C z=a?@a4Xg636{=c}%(b5AJ|-s0f3c&o(+YlZ_5SBM@kuzkEyShzM*QQ4)_oYs9-CA- z>|9zFaz==xdDczo`M)l_w&H`(kN>)^c-;KgMLd7+U)NWV=|AHL8vge|S|Gmv8iaFy zRsCk0|M(lE@C0^PascDb!t+(Fi&>Al+Ah8oHM+wwrs(gs$CzqeO_SinKJI^r4U+2U z?yIei8~Xc>iv|!bkJhNA>V5(=*-psGOl(?X<=mAs-nM>pw}yx{JKI+e+I-p&CdI}n z}@6?~g5JmSj}E@CFty8CGGFaB;Jzdj2t=J0JW$DpS>} ze~5X`FkZP^@(G5%v<6~t#6hg%;_K(^$bock@o1`$u`7g&E90sQj#t_YvlKGi<0rgN zH!LFGaTa-Y6z9XrwkqXsA$Vw@yHm^M%Z5WkCapW_8v$UIzRRM_uhnBumy$uqx&5_RsUEOc+8kNJ*C( z`AG7ywqnKg)XUApl{T8Mlk}f3PM)e=9pTb`qC0Zsr$Y#KGd+Fk1CNdM{0k z!$tUJmUV&gXC7?*?!DhVRpY>tis#+)-BNjM#9ocow2`jhOm{uPbVnzr23(8wQ)~Fc zqfDi@zcr3Rb4fuFM!vz5PK$(=`H2kM%TT{>KfR`fe0Q6jWjb1;O2}K2Pbp!4*F)69#Fa{F z+!yS&`SK|%w*J6+Io+lIgo$zHXX#6+f|ZH1M$T|qPe^LHZ@Ph(%}Zha8M9A_9i;Cn zXc*=>0t&_`lSNW4Q>VDGclPwo!dr^z(Ti#(7GT1|{zf66@QBC!?6J^8j`q>^A4EJl z;Bz60Lv~kMWXU&fC_n!Wt{T9#38p6nXf7?-52UnhGb@&{+C7u2w{jf6kx3&>2?tibTy!yb0cx_RT7@5R}QeEwq(5KL610lB+$8nAEGWpq`Yq!WVeS2w<#W zam;d-ZH!&J@}$@w1*77dTPjbJqcv>e`-G-T7#I7?WE<7ytgP4Be-QaIrPd3FtJOsF z)@0?oNRJzMb52{^4wBIPFjt(?^S0^I5`I^duLaBGp*@e55#`BxcWti4D}m}+VNum# zewc>n>}0@{nss6M1SoJ0&s;s|OCqwzE#$7Am{ygc7KL>Anwb;VT7*e$>3IG*B~HMC zopcd%3@ns~jjB-bJK3}i<`@zgVRy4)>m%HzKZZHDk>^c@v(%MV&kQwQiO&N=4KgHR zhxf%RJ)~@xr%wDJbntsKy<*dVStsZ?ikUZ07EJ_Zw@HWVC(Rbq>54qf0oD^ONaqyR zBxD1o)B&%4UyZQ*85FHHoz}6JD04+7`Z$0=BGJKi=^7afN#DEosobj};py)Hn#YV*o9F-^%h05}tZ zJEz~!_g_smtem})F{P+2-{?k_RvUT^5AI+|rJyIh6(ANxnJyWMBd#Zamv_4#waH9%m+GQSJpR~-rCxe1s@j8lLY-lNL);rn zcQMxU?QjdHRf2c5{($qiw0 z=ib`M(X2~44zfZK2d2{euMdbV%@V`lf^@8oOK?C#jI-izeltr8V>4Y9Hx{fd;R$!k z{CFAUsR$G5C7leER>f^BPCW!lS*Z$DS-{E6LN#ZvS&M!#tH0h1Zx*Ufkq^kGD)4m} zvD`fiCU}!~*B4%!jjr)i>=pSl$|*O5~YOSA_w35rmM3i>F;c(>A&hyhUyzOayc z;5M)Is+oP6O32?jj`}lZ^FScMofrzR2b|Go*p2$Gyc|KU zm2LA5Ju7c9l)3-0IRj!{{}k4p&C5#Nx#ZefHECsEmbdOzNy6&FLiaN@m>_U?jOq>G za>C5tzdvD`l;eFL>xSj2&QT#y^p$1n?+hh~f(e5(4Ge<@O}7MH2P+p^Yn1okw^D}i?4JsU&(moP3QlBa?|oS}Uh{@5udYmPz& z2xT`jS=7CV$Sf-1tDAN9XJPa*#e{%cowp+r2NR0EHJe~eQK}fLa)Zd{)xR*PRARR_vmz)yv#?y1>vZL|C%9$Jk>z@`0BH1aEK#S)*b z*B38K)PKUqq>#aRnpQ8SQ`vSU(@ig`$2!5AH4(~nRw6GQ%tHZxLW4HJT`P~R-yNz} zJIdJEbPyV%7K%dN+eSH)+{+Go2SZ@;Afih=5+dl`t&Xt8f^ z+qFBq+4#Xn1d*haXdjrDS^bqrkMd;k_`P-HZW;)8d$JkvAlxfLrE1^M#2qk!6VHSQ z1yb*bf$t;b*#>w?iK75)Wf*C{bedgPDqA#NzTS_jtbkxpd8tH9o%R>@)*864wRX9o z%W%V6o(jdD$WZ?kQzOscYEP5Pby3b$lMt(H8`Cf=mcUHg<2bQ709Y)X%hxcp%4OWl z3T$jnL)j*s%Vb1jN$M=SK1!Hpe-CS(GLS!e%X^p1J3Bf$oaSnPWxTh)nsxFL@#DO! za#=MQ1=2PVpAgGuJyXIV&g7d^-8KFfj>d`~sJAwA|8a8Cgu9mR>^eKwmiN+P?0#VD zzYjNkx=mmn^Typl+Wk~S=IoC7jkQ}u<@Oi#3)UcUcE9G^FZ$|j>ZIS+zr~N=og=}? zk`D$6e6$UR2iD3Y?3t*E@b0LLH?b<1lV>8NVRk~IJsNs<#+Dgg@OGkHJT{#2JLhlT zX&?P4iRcDG18q8b$IMvr}A)yewjpHH?b;?G{@40If}80)5d z<-C<;ZQJ=%jVT#yyZQYNwUFz~k&Q~+ip;DEB{(}fOXE{tcT4zNhnGW1O>CTW&6#~y zys@ZX++$VgwEY0O#XR&V5qukT(QEfQH-nMt7mKtydNTK_2s zy+$hMnbF7iIsAk{kjYXdn8LgH8~Vg{unNhxvs>ifJEw`geu7c?u42O~^G{XdJ!y_~e z?DiIMFAW-|D<@ZozxiCxkfH*=CZKAUW;Rs747WR!{#VNJ4v_AmmwTQlU{vhW>eK8 z8e~8@uE)omYFgnkFbT_xFAuCa`la**AvRq#eOGdzTim%u6}Jj`LgB6)1g^m##+=@5 z0|`uZ-m#`)Ys;N?7WGob0>@3a9ZVNo+NA(oMN=;+H>r1{mIT7c5S$l_fnCQda+5L{ z1$Pd{W~c?Wac6Wygk@A&l+7gRI}WHmfxBIFXFvF}CC0t;2^JpeqeaJkdb{N2*4v!$ zP!3vCqoA26f=u>paLLjH9$}&m1T2X(C);i`GfswF;nzl;0wbul+-pzkl>JJS2=`9^ zHygW4#O$RmCT)#r5d6iWIsPlFvY9M!YBu(!_*pgTHLE+n_wv{TE*(d*V&<5bQ-lhM z#Ay%U2ZGXXEN>1a=h<6a40oT^fH?4?@+aO1Vy*}>I+}H#j|rBr%)Ul%63LNkG7uA zb#$B&F1NBK6y&C`2$Q{#=Hf+zqYl(iCmwEo6AxcJ+@jnjAI~&Qb-Dk(JI` z>eH9oT2+et_)DC~ui_omyL8AtU_)TF7b|^f>z&Ku7iL}$Q_hMCM|M(l2lb_Qe7R;& z{y>IROm>jlrhE9)Y|R|;PPPcsVDpqaiO}pLd1GxmzL8QcwOn9#T;z{}$){~BWemX| zKHZM#=1@-2XJ(i1oeG!S4J3=7i1LD2V^(J?d0!K`=Df!8h*V>Jl4kubV%6wadkca@ z#Xrlg|M8~!D2Q` z<~HCGHv%1B+vH2{%&ZQe8)PoCrXZbB!+;hK7_K?pe-F==#w+Vm_>2O~+Ast_Uy-It z`NM(6{iA9%IrBJ$GbgveU$Z;$L-foxw_X=7FkDzJgql)5SlwIRSwFyYB^_$nvAQlP z%nGFNaG!G-n=XNLk5TU=;lWzb6`m%)ag0a^Tpp78x$lBChr>ul+{5 z`p`hMqqiT+*Fsx^xi(wM?L*ZzIo`Y8ewq6N z*Z&*@Nc~r^d;dM?`TwLZ|2^nGaGd{hzW*NdKj-^D3H9-Ra;pE9{67fw?^pfzeE*jG z|Cvz#K?(ns{67fwALjeF4^C_HMl41GFudWbYxk^R$NJ##X>^tGTJwFIUtHe4?TlB}! zVE>|8;1#iq=HbG{dMoJ5|RA zIqzJ46(6td;p0c+@lW=jl_^b{n2^{n)92QI7+VzHBWeV_@3_9+$$5Vfg;G7) z^?0KVBd?m??#z;Vrf5fZ_ebda5ASi?Dgwuil-KX`iaZB1{uRG*A2j14 zHu_D+0Ms3OdYwKmj;f8JuR``Lb3nILJ1yk{MS)FoJ+qvD6juK1le!618bwM%w0ryv z>xsw$-jy?tHl}hXOi32e z2VXhcqe&HWrtIS?8CoAJ)nBLzN9UcnLd{3LuHVS{+&hkpwe4f$=^gC%(x_zCiVGm6 zoUaIOt#sre`>VSkKXY zNIz7=K6i&(s_=zCo!z-2w~}tYMtOSJYPn%+45E!y-6@@Y4YRk`?N(z|Gp($mVYTo} z-oX&YH}*}}w}OV&J6@8EE-oQMHQd+LZ@15iS<1`z{%i zWZtDCJ}BMktMMs{jEU+XPUSu>z`TUqegbU2H)1tstbgvDbh6D^T()^m|Ka17cpv`N z=Yz^<)_o$SSS8x@?BwhpUu{Dc7Z;xn_UV8Qwnw6`uME&~^FR9_H_+0hD!8%?n%`V{ zH)(xW^ij0!fB}K8ah-!Nynnr_*nvbAci#lO)tQN``|{Xdk)(9ob>2|-7If~n79l#~ zZ%nZ=C|7XQQJd@ zA!$P8y<*M2ZE3eF+&gY}rYT91c$DwU8 z1{Mt6(v_5`!rN0x8-W$CkzG}jE`w&ZL~o88D7(~OxM{i_v}WH61hHCP$TS@C9{pS9W(;7v^XqbNvND_tA>k&O7p!O7^tFzYKTmdasytt#y^AnN_h`QeX@4Iu ze%iWfxI{@lUPoJyDcZ#Xqg0|qv?IDJ7sD(a6B$V+J&s>5Gcs)rW{;%^7-^jO-ov)A zaJIwcdmAi!{ID5|?t#OjS)B0?4_QAW8@NPkZ|P*rv@M18 zAgUR!v)mH5kU$0D;ozvOT^*ggl(CJZ27TBBxpOP}VQaUbl5M}^s*j~*z#+^g2XSu65F`1ptDFCm05=y|E zBTgeOEJzfwVtDzmnBZfvAwh_|1q#+YrNb;TI7i0?v(qN)R%EpFp)>Q7G>TXmZVfeQH6F7rVv}aw z#s&OLbR2wGxE^4Q2l<5UukrI1p(uw9O6{Vpp=Ql?`IwzNt&t(7pnq^cuo0gab$#<$ zfoL-vE-JjZjWw#>(nN`f8yLKO_ilIZh=WJ^wyOCYF?3-E1vWx?i5>;DDGVe_JG%!U z=MLllL<8s~fxkuDK|s=-pZ^LW;Vu@-&h;QH^64n zfl279I@4&G=QB0b@5HktfvLt=C^&*&@cR7+MW3ImM4(Kx@uu5e{%-IP<(};&Z(sjE zlBhd>vB>py{(&*pS;*kAMP{h!JAWUBJ)E$}Hw&s1TpKi2UOZFJdHmu*#J<5+fNwAc zv!PcyT>PZxqovJ%^#Zi28iS87<~&J|v(2wpBkp2#>bxGHaLFvv7PVY0eY!Z@vbUV$ z>dLxL*XExJqr8bJ)Gltvik@=HJ94&S(uL2rDP??eb%USccE9?zs#~`^uN7}-shP&R zp%ackeP7=ylHGVt?rKuUD|GI6aLwM*I5+T^w(@L^5W5e2 zlKq%z`%}R9AYSgK30sXUY{d5~sNnra4@8r=Q7!L}n{~^z8TT!^ndQ8qhV>Pc>g5Bs z{Hp#@qiy6~j=$wPBO|Dxxmia}rfj%nqG1$3EI5mr9U#U@5{_k?xi^>D5EPqoeeK28 z8zfhAv^Cf*+=jX=J;!6~H^)l!7RCE2U(I4f-GB9-VBbC%_-mG#(66Cp{j8p)c>+9tW1b<= zwJ(PUf=%F8smppa4c`BwlylRYn-0Jcm-3E*(T#Goah;i3#uEcI<*&5fmo%`)E#! z@2))+&e|Fo;*Ntp@C+#n-N56n@y_ln4o>lu*#InN?K}Mogh$K62Jn2ApI^gf1^cBP zXe*xEWPG7o8y%HQKQdtp?zgvy?Y66la}`=xT7rKeI8Qy8jtarGiM!6C$sh99ok&WM z>~8!yv0LRceapoej>l5meJJo|aFCZ50{Q)^>U8h65@(KG`!0UjPeY`LfcW4$4)Va%Y|F01`?B zu$|ZZuoXH4=ZNx0#c0e`oga?pXEKqK%!SwxQOWF)bJ{GW3fMBy6sqx5&rrCUTs+9> z{M)n<7ZMxdLg9zZh6-=(DP^i>2-j2t^Ev3kSYd%!(O6kOq#oPL&B_Vz6O1<-o4Z?M zRfjDL;x@mmCLl)EnVPbChaJ>=8ZIt~p5|Yl++GYlpJq3=9)1%X=43fLGqZ+lCe4#O z>opn(t{Z=(k!2i*6Y;-Ku{rigq}A)WLfgp!p*aLyLOnV@JDVkF5!4@vkWucsZhw|Q zPlTMCGoSIrL=WxwT9DE5B%+`>A@f6Rt)HT*Sy}1&y`QlyWgz4_52;6$|Hdf13HecE z5NyNUPAo%`j#fQ;Oyy)(;OVoc{he)*2>?cmNZ|DJ_9@VQ-enCl2&zE9PGYKPf{88r z8w5q1UQz+ZG$P1ZHSMBXZra$1@G|RbO1aEp_97yPj?Z)ov^yVEhDga}cjmv^5|a)M zCD7%yK*w8LHC3mJ3~Ly*e=*Q|M?&E9$4|7cQ~sWdoAYclM6GX{o27l6$GN@F_%zPSQRBc0x@C`Rx+w_wq%5b$Obz}u{L^Vq?Aw3(l=dyYaIF3HYX3K8 z;Qy2q|NkUY?+uABjep!9ZyNdQOBu#Phv^bD_adK({tp`D|Kr8tsgl!@x>E9B_7ek@ zn9bTW?wk9Sfg>i3d&i9!+ zIVOu?iCqQG1(4xatI>Y|@T`c#Y;NZT;CsIEtWv{`zJFfbmfqbOs04Zjg4(l0+>xPa z-m6kYEV99wz?0!d`yFl9fU_YpUc;uuVj9j0hqThW!omr}swvf5h?V{WYn+^WE=I~} zZh`KSVXz3ocE}%v^2xF%yzk6^I+`7{LXnJb)J{9$=ci&!OFLjZ02M7QCEZNfZJxkp zlYYtyIq(yqFb2R9yzYrAj|&ALravSH{`?LEYqdV+rgyRcw{UPY!qn`{{4CLm|+% zMjinBE1XN!5qNlekI{NZR5;HuzhPNMtk)>D#x7aTojh^Qg^%uW33D*;p&o9u~}hd90BWVZVcaCsJ%sG~5DcS}V_Z?CI$1 za#QK>80M9C2-spzT+V2Vqm7H$?SLbeFVoL;{yt7-0yzq|-dGUB&gH^2Sf*<{F=F*w6UvrvMTWoKBzIku|;J)15xHNAR4fvECh}iiSm1rVTVmylM z-4Dz5j*ix05pi(?ln4;APt{E>Q(<5?f0yeeu+F-5z{j+r0C)^TnDpkdEA8za`Bsdt zBx^j^uk5~r(M^F57>$gc>ps*(Wk_ikcokf{PS<~E5d*kG3EJB|d&Le;x|Q9le9lU#euA@@4v$d$8JhKl!;2TWLCY&Edn?5wTa(SP z+(|r`?UUAr=nOgaP(v7<1%iifq!$ zbp?{wk1IR|adB}^>YTrO*v(4FQJ6sv*^5@n5B)4 zr>~-!4mNzxh@pEq%?nKpm)i?Kh5Z8?D$D{sJLJ3o_1%zHEmJD%2O+7zHdgX72H(X} z-ur4DMm87AOGgI8SrovNq)GTldD;)Xgt@Vt9=2q4D8&kcN2r14KmxsT`e&S0Dp}s3 z!s>kW5d%4io5OTEkf{^410eg7lhNZbxCf90B!?SbHfNhgb-sjfCh>gzR}>&GFYh!_ z_q(K2Y(J2QShSg&&rtKkIrOnn3#X|vq_=nQ6*BbM!8WAX`*xA_5?}?iSY(iW$*)=K zDgpZ+_gEQ3Zn(Si|8bjm4}-DMsj{l#O+$ZJe(5-L1t401H(Nws-(ae2?C9P#B4VQX z#YG1hgWZf1i!#SGH|9VeFxm|QeN6r&(YJpW1*Dh&hxd{e6}Rc84mc%8;ss)W^bt^5Q*Z4P z!c*G*QNWKf%LKj$)FtFS6!`1csG}i_Rkqm|;DA=PWPQh&#M~x7j5u_T_e}3CmIup9 z)jFHlVFnmqAhLVl;=Xsp_+lWD$wIp^a$&0(US6q57c%Rco6m|U#Vy4$_>ZR(oyBV0 zFP@MbZ0k9gjM~8q+_uw?Pfn|SJ2*%v)(l+cP)6mo?xUZ2H^wqIv!kMI7UJdoj`0Dv z1pD<4bI^oxu78+WgEt`cF32YU%OQ~FwHC5-L!+lBAvrFzD<1GacSP>L_gYwJV2I9) ziq1oPA$_5yQs}s(m?`1&Dfk`ReaQ!PgY?M&>DsNHsRjVuL#Oe@B8#H^$??1_Ob#oa z31GYmH_OF!_++AXy3e0B?s~j^_jaPzM_Q9AB*|;RO2qZ|8-P!YNs4QeASO6GGK*nC z!%d(B9s|+h@$u>1z&0>rz|yN0%y6vA((S4Zf6#2ROL@`M#W;?T{bx*{OW4J(GLGnCUy&n@aB)T zoa|3}-PTBhM!U)E4+^Vgi)9I4+k4*ADPXmKOCvLit7bd_a7|8iE2IjLK+#iD^Pn?A zU-YDE-8a46!^6h4^Iq$|r5bld;jN@`PjByn;903C#tSk{*a5eD3-+cSx57(4-l!sT z<{uy6CRu0rwE_2I>)#Acx}_?B{kEL%p#tTDuYimuCmR|Y7j|}(0JY-Iahcdr;5bWP zp)O52V+%+JxZq#K!Ll>6vkbW2mw>71e>^v#1zlk2swa^f`I&zqdCJj+WQ2AYoRQJ3~qn85kJ2 z?F5o>m6WKZ2}XW6++0{))#upf;76z+S!YvWevAOugE|0&(9Sc~>kkW~gB(3<&{ydn z0C;EN;Kf_nA&2U32?7qXXzRLB4|MkV@#(23p zKw-K}RM$7IIkb4O`++vpbl`S@Q_Goi6Iu=?+6Y0O|$b^te;j zaom2_Bm(eH{e4@bvjN61=&0rAc*aQLKzK%!nN#p<@-Na*^PNuLx^<&HASYPa z+G}4DQO?zJwub^>IgQV~ZplA7o+r#f_de{=aMDX9mk8Te?aV(>i1a$NXulZO{O${X zfyeHXfetqQgt0VZzq@tVT@qmc*N2+bY@7d+AtmAL*2XHFTmki6tfS8%{-TMkXxaZ0 z5GaneSCqL>OXK6sy?YlYu)lT31gKsF9;}GB;I?$~3+%u9&yv)anZ5;}{G$v}DxYWeX{1Vv0%6i}LoRE9K>wx1WXg8w?IOcFt(wv~%CV9r9ZD$** zKm}+`{@DD8O{TLxOWJWRKf*h0e*VsCOxh;`!gF+E`0@Ma_1hDDp;0Zo67$FL;Aldo3}>5MNM2m6WigI@9kN4Zdc4wX(Y))pG)|~t# zP`UIU6+@??jOk!ef_*S&`+YT zL`Z?LT=clWiyA6fm{by!oiVbsR;2EMmyxuLlLeRO_>}_&# z$H#s;Mag+oy8ix5fTN6I1-Fdt%+>LLwx{avN<94Ra*6dRy^q(lfFh%l!XFPYlbw;S zn~%098p)bxgO8%KOL-8{3{L>g{ux`)``hjgRFB`l*;?9OF8mb#9&zNYG~T(4AB53OHuG)S!qCD738tivhe*S1SMh(|MTP8Apq{JMx(v+&KrPK-s^RV^DzlszSrx#~QsJ(1|CldYZnjwv zl}Ydp#b^37hqWM}*#xSuey`NPW~5r41z|VsYgsq-2}ct75X4W6v?lSD5Vw@Da58Sf za2U1sOg9fl*Or|wpdw~4y$JvmB$BtVc=~Ke4g{dI{drkJ2v9Z*Jc2v0hPX)p8e5;h z`-8ak%Gz5>XdGw1O6~;WB+t>1&p@HX_TKEzj;AHY1wxnbxov8s4AVphzeYh>s95K; zH3^MvJ!7FV7+;}kPmV`lO*S<%?X5BHt1-StPM&{$=vrc4Zk)TFb2h)VfL;TK;2ruy z3G90W9v*AeEFF_0Pd2ak`T2n?>x}yby@+(ts6niZy(uUIzM9DjBxPDB@Q?KTXL-Z# zx_UL`7uuc>?j0OhPVOg>2On$IyG)zgRpd0)IafQZ-V)=t7zENzzxnJ?1y+G8ggE}q z;N_)ly)|U^$q9Hanm;7NQ6U-j`^?lBP|`}e_c<=4CeU!8y=3CjN)^UFkly-0oL!=MazG z$Ez1&*MKU6V)S{Rr+j~J`|K=*0X;n`BvwwK;iWusAfW!BabENYsI_DI4D$RgYAXHC zTVp4_L&&gHO{IgVabR`;LH8AwPeaaUWBq{7$4@a<_{D-$FE15b5Lda0w9j&9Ujnl% zYuDZy4RhqD)p`x_WdCz~kiSIp36KuHXGI-u(l;85lpR924L;qGTD@OxoXHX)1%w*_ z4JNL??t_bB;Hgz=tl}R|eOT(gsHV{4x1IrK?W3g6r~2`_eC)PaB(DAB*v}hi2)K0V zEoXi7fv1NL+wjNdLUF;5GQ>GgpOZ%>^YPqrfI3aS3buuD3Ltnv$d!gi1NhsXA4o-c*dnt}GPApx&2;gGMGt{TfA|ZwBRR&0^(ODan_k z7ZB2(LQfA~NO3^R$>uu(K;`6TSM8qVYQ|x^x_la+? zc*k$KBw)fh?@L@2H-G}v0xy!@NDWy)JbB8!yQZ%J#Z$3O|p@gF{5awn5GvRJE}JCp$b%FZq>Dap(Z^96`ejPi~`0MJm7Q}!)T z@ph%-1hU;>@a(f^Z#{i{9?|^3hCU0IOp>ciBL7EJ-NC zDiQd;1((cz_s0+5(DVI{&u?%{aXK%2)X>mygNZpRqxtr=YY{_C`_<_d`lU%o6yHN% z-cLZ$SRm++sgl54op4B*A-tX?rUD|C0XO3Es6rOLMHUqd7*xML`9vlr&(D|B+S;<_ zJN*b?Zc~6xp_5N0DjyS{i_W7Mhl@Dv7ireyECqmd-7hNiLcEb)^WTI61_Pvo5VtiO znY|eg?nM6ZNte}=B34wZChYZ`;Xn$R{Si)~%(R9TXk-9r5h*72WPItNWwMcv5HH{@56fOHd zCwFd!;Lrdo-NzZDHB80&6F4`dq{t=Qhm({3@NmpVB>%}UHsIGf;VDgO(^pykZ_ zh#_0It>Nqd(z)`CA<;HAh+l*7DJGTy-z|+h9;lpf(f|4E*$L2Fkof}xu%>>?Y4j5< zuB1Se@uK9_{Q{6#K-&s!HY=VRjYb2#LL-H?k@td9`SZ&F%&r6+4xoC(*-APGB;5i4 zHe+Q96h}s%o$ycF16Zu?p7ZWX@y_1vZhL%+($lB+5OM(0a^Fj)9fvw8zkGb>+}{_r zG0g|BGs^7Dzt75aT4tkbPeoN-quzp<8nC@54>VyRI4y!U8B*G(BQs}A(Oc7zXZ!L4 zY3~uR{tP``cLoNae8o1%N8nts3RivwRFX zqhei6g3b}&;gST%mfWcG)d8Ul3!d?cp3#oHmys1$WSeKZQOKBuwY`TMV^yjWu9R4)i1x!$|KX8=e0js9+NuYgB_Q7r34R`Vob9t%# z6u}Ap--2c2!Wr=U1^Lv}w+xGSoQ+a|<|v?jVTv$iQ%aB7X|1?WiBotgxs9p!9tlsDprswtA&}&+VMKOy9f90OB8pm07>Ol@?F@L zCZW;(K0rfpv?D4zL2}ct?mc>xH9Y+JDSTap=aFodi_Q?z-we{Q9<2N2OOlG`3OB;( z0f5~<&(Bk1rhxM3=hXMHvEl#*PcdJ`6JXzmcRo~doO#q!f}JLPffA9pP8K6zsMZM|{K>A{0XzD=2x|J4gX(F_OJ z2ahV0Ta_UoV|Pza(Tj1a=Gkm{#BF!}O6sDdKLDiz0Wd_WP_SC=HU;A;Gj!&6XejuA zYxKm2i#j2GcX!vrH;iZ7UB{6&1p(Cl)`PI;Wu^j~@y*vF5|f?URp-%YjWDkTm5&%d zf4^H9d_8%2j=zena@pdd%GA8zc5mM?Q{4bik8Si3hSKg*7H^4 zWs%)7gsQ9WJuav9EGFiwQ@aF?BV&%{>6Orz3i<4<1|`4VzE(*8@^N>PmglMp?aR+G zZ?1m4wXUatQ*P>I3KC)v_yOM26?(gM)**E~c4#t&qgn z@$ClR=DBUWYkzrW3?}mgS)v|U_}=|S``!-LrHImh>HO|>$sk2YV2jU+O5)L${1@nj z_~SYAY>^uvnfIqhe)<;ySVGZn21+rMlv3X4mSAa!O5TUy7fT>XASDQ04T0$rB7-%% zBI&fOt>b+!sx4^yleLykeH^}oln7b`7JL@Ar}bYgqubpTov|l>(j%LYm{|5qDV9r+ zOL@-RoE!7JPdYfM^L$@`@<~tYO0Rd@n`vs#lj`8Jr9>fN;T6U1Zse8Ib4xZ`4rvslwD@=r`)_*8SvOoV2yzEa@ahZ zCDay6U`!DE`EmOE%^n!!^6AU}eri)?$SXp4ITVDYm!1FnpBwE2m-jnw{`LJoGyNZ> z`CotX81#4Y|7`*Pi~;?x3;1W2e}3{`i~MKJ|M@5XNbF)nVY(+>m8lEF_)#a)_qd?dYa@AWH@oko{`eFPNi4}#hCeHxSUI9?0+X654I zA|ZYGJqQ~$J4?6w>ZDpK0RQ$w40CA#GWd~n!up2+x7juwpv6Q-KUpD(J5eXRzWkL? z+5!CMPEvY$VQ_1cYWz@m*ygl?>cO#1*MVAwetbS)YL2sok2VfX=~plq;r^BcpFA7u z!|ksRuFHDspI}Z(pH2VaHn07zXQngyOT=@EH|x4=xwQgW>3EIV$^zPM5DKjs1yF^E z^V}5$MTJt`K5G98Z&FEVNydRp@@r#@E2XzQ*Q;^o``>Ju|M=so7Q1m#gKFpBy`qm; zCGyM4c=bwg`Pq)sDo4JOY{{t;67W=E%}`>pV(0KXL*|zY_WL;FL)FmQ+B(N1^0?@! zrZf7jg1D*MLOk0+f5y9{)WrJ+^!Cvwi#)A|3on(mC%Uc%NxBvS9P0yRKpUgDos^A% zlA5T)lycM30v>&ySSVDl5!&qLrSeG%yHT{_{HG7eUkT*=xs(X(NCXo9og15{skA;k zVxxlS9X^=Eh|I&m<>20KMcFed?c=ViU0q$yKbO}}J&qsR9F5SxzS+dKO;NX)9UUD_ z)!U><9c~q|_h>K-w4C5?P_P^}Qd3hWX2ySAu<71B{K2*|5gehcyn%&@*IHr3M2mGI zh3PNX$yx`>j!*w4_9&yoc!g6G((Mvv5!LIN#$PlvJPObL)j5*0o(G;Amae4u{Q*9G zaMpKYtV9dw)lfL2WR1V?imWq%=Q!o}7C$@>7J43EYmW@R)a};xc6oo>tPcusMnJjm z;Lw0Z46h=xs!Oa1O1K-(mH*+Gov2xcza0>MAWDhc^#CH&ZZeDoab~<_eJu88ZF5 z+rO_gOu8iB4>~^D6v}`z$=S8s-wY^5WXcu+)GsjnQjN~Xse4m(_LcY7b=MsA%5nM3 z%*?ewlhy-{2kY|-c}}BWO8|>=LZMr)!x(bO7U=bg><(R~VY5C|Y_fc$q@+R34iO(> z87t$K+7fx`0GoEzbBpFqibif;OfKP+UKEcBjboqF^JxEH)V+65lk3|qYFUcP5^SJ? zz*0d31QZ3Nt0+jXA#|3~Lz4~(#m-Wi(tB@7C{jWXs0av1Cm>zvgc4flgnegyzddul zIcMg~-ZT4;?Tq7qDewC{&)u%;y6;yXYip~lq!!7|A>sT0At1x2!R)CNhQ|kzdvdbU zdHoOoQH5Np9XLzVeYLG{QH@>n12>2CO5fg^kWkz9Ot;p6|IDXr{<6xC7|)O89)UZ2 z9`Iq9$e*MC@hh1`!~?OIt!DJf(sS7N2Pi4RxWi`)s*@WV6-}i6z}~wjDS?^w4l#mc(7j z3$;>`#(Odn67{HyfNG6d2dock~QPKqw%KU`aun#YO zJuCy3d0_xUQ1oeS;6mi9^0gWMyDt%k%ejd?_<&x=O|7d9zI>p_G)Mpb{4y+~i-)Vv zXrKMVc%?f^x4XO`%eF7cOc(pqyQ2IqUXO}G`~N%!-bE+%%K6RfX*2hO_cF8g|~)tze$k2s&wLea#iZ6$F=YiMG!atbx@@hx+!h|1N^3%{H?;JNgvCP7liz`y`0@779&Q#bI*JDyDI zH!{JaSu8CqZ06QEB-Z`d5AKTfE)1k5-e3(J+5Y<<`YnJA9}B+RR%M9^FJkRqrD;?~ z>1oGo%(mDTPfU@~-IBW|eN6Ya7bf`BVx&z1LOJ?+3Z_x}sdeNPRVgKH$OR(%#6ufY z6LJ@-Jm#i}J9k`mA9|NpVJ*8G^bQV*YjB<*p!@JZVp%izmV+6u}agVB>uf`hL_hg8 zr>v$%+Wc6T`?l1~+*-tTe(7?N{tbF+)%^X(#Qc9*#6Q841Ljrxmz$dS-UkPUX9olr zo0xF^3<3S7NzEBPBO{|NFHBQJ-A>DG5s`BjSp>~SrNw>3H}Zhxxh^890BBAB;_=#R z*TmFgV`H1=;sb7Ng!f;p9R|+W`*4b(s~>12Bc|6K z5JeB2)sk;(n5pe==d*u#T6lf!hXLNUd-_Lrbhp(=Ujws*?|Q1F0qva_J+XVfkE>cd z*xuaSm2J*zGh{7K!6optAe%Zn@3(uP8)DW;h@Qzc7i5fCS|TI4Bd?np zgU&Xe{rAs;TH9W6#yd|YZki7~uOUW6M!Ju($#&cKJ{KS9+_oH*xx?GC=XjQWPn*KG zPhJ$U_@0=9c%1W|g^!z;mp4($|9-MYLYnLOujkIPTe z4TCHWIm$1#oRFkULf|*7mi@)PA?H!+$<>uzx`C@-40Ktk$liJ%)(b zSgaY-CEb2)jqiXzMHf6ojil8Z5**Xj-z4aDetk1BKObSflPuwB3PLSiPA(^38K)Ow z4kz`9hN2dQ`X$aSVuJeBs*QeoYFoQ2&E4H~`V^~$2*^t)QM)OSE6x3=SmoEsjk$Db zo~Oy?EX0*onnx;sgy7ZiCX0wFyLMs8N)NDKT;6dE#Cza;+)H z8T`)==UCNZ0~s^642MBaobjx-%d=0&4Zi{#*o3eQ(1i344z|?Qnb7?FR-SoAa|@c* zX!FXe3kY4lfAL~$QDNanrzGi>jn(j`UOmVt(&)af^!C%CXg1L&VY@5a{D1k&z6nsg zuv!zhOn}0uIZ`MSQeABO^FD4R=i|p+TwKD!!_z_d5X5+t{sF%@s)DGBYB3qh;n`RS z&HTEbp37d8QSY{HFFujX^(Q-)uXrlw;c{AYJZ~s%W07ItQnic`#(2;yJP$&OAN^YL zn)J?p73QDmH+>)UUax*-(oN`wYP%aHZzkp^`_ZKeMpo?T{)i^ZFi!cL0KXEOgkPG~ zkHms5jfe) zG>4_H8~2fkmh98xH9adwTzhg%Ip}c^HZPsY!N}4`uC_K=vcw@1GAz7O9hzUOT0i8; z+76c+8WIzip>;yhc|oImcNNxV z$f&u2IbuWY8#@u~NDutHeR+Ur>$zmQ%jiidi}k7X-%KO0~&F2`YhJsfVFXkspk2(b3V9cvUfUAJ_PvrS+DN8DnGZrMnqRfv1&KmBWaM ziBOCLb5i0ZT;^Yc3wZk4Ns0fQz9y7cb3fmW_T>0+C~3bbvJ8Sxh4h5F)1*@|5+JV_ zLLTm8Fi^vrRb^TI*jj%(2PhZYZ=*0M^MxS$5;Q1mj$!3Io%*5M+Oc1qfr;zmE8;7w zAA9SSOM{6U#vWAM#7fOb?%%Meg|3Zf1@_aH5myyUYgNk288(`S;14ANjM#BCQj zU+JeoVc|L!c00&UXXj-XclSa=+Q9VY=4(vRUiqe1MdjV;yG|RzJEXB#$AKEVGSzG0 zfT>*Xwr_LqFLZX6h+2T|+w#}7WXj@H+}@#jhk1E><7(g&9V>(94-ReDkT+ld(cj#M?c)qusd9oI5vLP!pVua*saEnzdt-6!AWUmX|~%7HHwUk%p}c;^XIs?7?b|X zmps~7lle6)S=t8<)n<3X*2QCc?#q)GM-I7x&&FG}CrAlnq@*TSH^RC5hh8xrn6CS3 zS*V|j9>~OR_-~-|1JNFH_OCnUl9Ol~llwxS{yvykb;=6ik=38O`s6pi?#*8zWV`S> zP6pN+DImhgfoPgHfYtnRs6t5m)4k_i-QA>gBWrx%Ulq35pI;tvyEPVumgy5k4uai1 z2#m_p{P^{Si`z5JNM3;n+`l-=()G&h+3yVv3U#tx$QHePEeqW>_xpL7bYTG$iI2m& zy1J;75f@LOR!f%8ElA7CLd@6>DKjZHWHGqG+G_IYdkm}d)(YW0pTriq?hAOcnz&no zs9|^|y+)s6Uwhw&(?fW8cx-!go-rTDb(#_g4J}(%E*Xq$Y%~Jgv=R{iTX|4^$5s9P z@k)Ar4fEbuW=mX|%{$3byTmycJKek+*1WuGaWq1qoRU%#AX&SDgIHkH2TFajUwYE) zMTJEqB^w=NNS|ud-z4>Zt(VI&!AB{i)FL?k^*#sun9uQ@%b^Lc=|WX~EAQd*Q#RU{ zzfYp4eML`_b1MZ0zPGih7chHu>QD8nx7&4K zGN@e?S8hQT=5oi#d*DIVYbapilNKTtD@}%)v+uIhZfglcnMb8=j?p-=PQC zdjh$~q;=3!YcRhZk0`!|>dbJ?Z*hP2tmE~^I%;?RFs}Dg1)DTS#?ic&LA-6Fxrt!B zxf*h8xq#>78LB1eEo9}9Diq~Rg32StOA{_}kf4psfoUY)LqojX{okd532NpQemB;A zqu?+LeAEJ~`WSDwzLR;o)e7(uKIqJvUs&{U^YM9*24a$+jUW{yrl#QGqo$T_9rciq z{$2piAf7})$!VOB=%nwV>lVaq5a}zPe==ZWW$jK@W_Gp!|1~}DYU0GNU(XsX8^1O1 z$;g<<%8p2sTB|R(uh5Z+9`%fnPS*Gr65q%H;Ck*$$fvGLs z`#C)Oe)*k}VUZ*L>DU>YM+ZL3wY7Aca2VbB5D?EE47SU8LX0)A-i247&9K_=Bo3jw z{Pl<}{dGc61012qWQ=eabzT4L+LCj*PwfosF5tY zKk#;IJXEg4lQM$Q8+i|+ebBZ$pr1ZX`&w7WMGl{NbKbOLvL$-|_RitItlzzRS0+k7 z5WVxXcfmLGKivz9NJz+idy;*mJ83dtxFMK55>hwyL`j*Folj5ePe9d5vtDPo=aHJ4 zdV+~b53iROA?{>qj(+_3pHjzRTw9`43v?L0g|+eOIJj%IP8ltz4?Hh$E;W zoyVr8rYDXc2i8=Dx<2T{-qIc~4(RoHWS$}694l*9Q#h}{ojbZf5TJ%D2?Hgz<~O9= z$+`RBvug)Q$E$6T=4q!AHJKv z1L9;br7M#y*|3KK@L@)qQ5ibf>acoh^cNmFbm$Id-Tow}w7yQ3s@8)CFGING90@)) zHaVvc$nDJECO8c0CHt(r6EdmHn3w=pb&_4o=KF`s`S@bF+^)zAxsz93DhXTR>X!uf*psyCONkzqr^AtYU=g5EN5@PikHkVp43@bTW1%VH=@SAy+cz;NO!RGJcD8dGoR%*mpC}w*JiZ5y}gyfm@eH- zSzBAXv@!j&(40-eB|{ug_tqkBb;+r%FXEn{zCh!ivhukbB!y_w{)LB_!AU-_hYu z2~mPZxQFk~Km;KL3fJU}`tO@SGhNwGO?-U3-yRhSHh%rDzdqx#E8vZ&o}7;f2?@HH z$}F&W7nm;@6-nyJr;0qPFqMMgmCRHwEGqn zISfMicr9EB(h3)6=Z{SmU0^c^oGzazs^_tgkPyzGIEzipJ_mu4t>_2f!b?jeYub6WkyU99a>8K%AuAFerLxQt8%tRzvzSXvp0uBPLiZ zR?=nSpTZHs^r4B?cqF*ADDLsJCir^l=6ERk^ugy0Twi^CeF>fv(@0@6(@d4hz0^=fbelbA1KTz%tCw&s&Ja^C;E7XVC#~-kWQXK2{$%2eyd> z|KOzGMkUq((7&>=(O%fMMH%tm_f?A(dBh>9Yq-c&J4l11t8Wd zR~~TrZKi?)&V8A|4fmh~hg3WZf-*a?zU&MqXa370jD~8AfBvca`0?YAmYtm)c4}k> zEC7eJmu5?}uy~e9t%H-3llkKcZkFqs_rMccQ_>xz;Fg|`2gTXvfP@o?VGz>5i zefsSfRM2>2fhm2V^VhSL!mstO^FnZ7;n)2D7>m|dlwXy{0{w(W^64nd_2%io->s}e z`)9z5RC+C^?e6Zb%@x$*yq3rM6{aV|UaR<1U!R2qJ8*DUb`Zh}tB`SygzMCII5gmS z8}`13goKd0vqQxk1~R&{HSlmUz#WgAYRWjSdgX44!Q-;2Q9|&B@8x zkKP_18=F{INE~13GdobuT5440n5UO#I9cxF<5NwVhQkO}-DDxsRA2w7u&@x$U=%k! zO9G(#*b>>=Mfskd`7;ESn>=Aa*%xcqK`DFW!9(r=GqxpRfLY!E`?~C@3O1 zIT=ndPt%1HzO4{VN#M1pGo5u_oBhGNa4?lMG@`j3Myd_Kl=$^OrGN{+=f_p^KeYha zu=7{F6dpdD0XM66P`6U@oXqv>kCFMtO^9LkJ2oj!HCqkGHmr*Ky;wBhjtEw*Z0X|r z*~xy|hK7bAlhE72CnD0dXAWzxkS zUrW(QR|qcg*>W-84~0+x0T--qG3)$g_@FHCx;VeR?S`|x2c_?x7c%Yu@1p1BYqW!EXG2*gL4TYGP#OU)4kd*Ck#Ox!Unrc^X%*_SX&>s z-Wzn2%EhxFdO=~J*H?7DaYfpT!wgfn#ls9tJ>NfGCFPq)d1EjFl9GlL;zknW30RMXfmsL! z4cr(M)9@;q6a*#CY=3T}{PMP6Rl066AwK+V&iIw6+$;6VY83rwlsBzQ3pf zhg_X%b*JrmyOVpAATA)l@(tmbo;UTnAEuk5dD)@A=#lHx4=r8Y2yoR;f+W2lK8ad< zKSh57-My@>^?bN2&u!u>ybb@-?*oEoQ+vB`+$vFY3A$-(CX^1WbM|axQj(CcZ~;4$RPD#LH8&n^?hAG01<`SF zIQR*VDRF%&7SD3_Y`V1f%7wbZR;%J$Yr7Qr64$E&0xF%Ioi5Osf&L)>;K3Rsp?0%f znQ(s}^YR=*h%JyvLokR83{)vaH^6m*L%EQZG`Ob(-;Y9}LK?5}*6yvx%WnQUEND>l z+KKPE|AfreHelj4Z8x+Kgx5kPjGEfQUL~CZ~>?|Hdb7Vl`G`An7x|>08jaS&-%I@$W)% z`W)ceT*t7j)+6=0d-uy9S>pP->6(H#S^KrSCpoug1zUp3edsj0bGN160JZq**Q<+m z=?{%-(((p9r%?Ssp68&`StZ)$ZvPT(-S@*TZ(&P05LsxMNUW&_Ax=7Paqpj@Cs@cYcnOjj!?1nHp}7l**xw9{VcbwigF50{g$!3EUsM@NCFx^>%Zo4ptSlcH{erGPSMe17rnb0j{kU3UM0^YZbPwP#2@y(m!2 zr`O0Nk#O$pROMRPFuKyVYNo)YHWV}3h5S`^907T$qc>xG0;x>lQ5FGkd4{ogvo4gwAr}IjHGLzEn zc=L>_?(Z;N(k{I6MuMFV9R8A<55as6WEJAxul6Q@)?BIU<2Wz9I#6F2B(GJtR(j1A zal_TW09=$hD|UshHoc7Kj?U4myTzs^$~rgi~o^CK3_4P1n?hi9=% zFfNi{J$g_y-wZkEF|SP=5S8S0Y^G7h_{tYxs3o9~=ztMd6^bxf|V2`5o%B<4oQL1$tzwG7v0=tJC83Pd~KW1pS_d7NY2QJRWHL z%!{tIq@apXe(5U@c;#v2gB#21MQrM(+wU4dFwmZOI}5>Y)`sH*qTw6|hOn{yz3?nB zga4ea;lXPDeSfljy1<;*FPs~6?79Ry-D3W9zlFE~|D{jM{ZIyRF>&!JZ7(hKQ4C&b zBuN+@9z|;i6Sqs-5^Gc5m}x{Z{+Ca?cc3C^dJ$4H$@JO{ryS+z&2Qmi!N22`x{!#*WwnAWVJck}H(J3Etf z*&u4Yj1f^|e6eEp;y;H0-UlpErqVqs&!Mefj$hIc1}GHm-!8v)jfW3TYu|<$9V!PR z6Uf6LUYvDYt0Wg|{(~cjgDl&UYEw{=$#;6CKpBZ>$GmvH8@D_;O?QoG=zbbRm&IFa|~o3Dnk(y8j-`1tQx>t;!To^c?kIGTUA~l1*yYyzL?V>Ni7+iGznw zdiXS;crVtq7uf2TMfExk*i*L)*$@IP{Y^^YS^f@dY`i=?bh5HR#MX8;uIyRivNySJ zG{=6H_niJ;e<7(@L>>-yVGXoy4J8JnKafC%B5ok{!g>l#>;QIu{839QECVjeZX}I| z{4<|whP+0rKCnc7e%{jDF8!97dYdyQiE|OvTmIs0$c1#UCMev8#L!>4C8VS-)=^wn zdQ+ka)NGCcqEjttEu!Zf5AQxT{9|lW?7s>>W{IjQ!4y3L47416N-EH4L7`ts5=6bH zF5wT5fBi~1el=ij@5$9Wo?os&IRsRnffJLD!J`vLl*8iWNRN5t{|lG(|COz6GC$VP@W0;t$AO`XQgQHgzuM-15|NGS zyZpdDgE|=jToL#%|Hes#UC)C65Br*I_gqp&q=%CMuM~8H9zDQ(;a?x+X*0NM*b|074FWnlKxP0Ij>%Wp+X8%*_$F-iJ{wd9TJ)>zD!;MWdKPdW4 zD1TeMp7gn5(|6FLLL`&4ILjKAk@kks?swND4q252(9Qb1R7%Hf>qw~3z?DZPHf6vx zFRbYT8%QX^K;NH5&Q7cXn&g$eC1u!Ovo={e^U%R9Qi{4@|A6U&l#;S?Z^$slZA&>L z$*cM`P7i038~!0Cr}fLArC2pczL?W44jT`jjC;=u#sUG>GE9st1tG=l$DJ%s^`NIHTkGeBTw%s#OxsA96HB|K!d zW9#PLhuUa<$v=j=(U73#g5Hq?^Z4$7G?lnBa8F4)kBmUz(Ik9rUk)yxXa+6@HL7qn z>xZT$9#5PS=yT8vbxh1_uD;-`#4hgC{dO`Cf*w|WP>(G03$Xxan7&n^`H4Z69Pesjs)yI*p&xN?4ohy+~^Uvh2owV+E`ja*fdLoyR<2K3Aa z6tos?&49ARabsQTPXM;n4J$%Vzu-t>!I|q>CQ14#@Nf!PQGb=JSSrtLglFq!D~K+@ zhl0*q`@w^>E9vQozx@4_kO7g=LR;m9>X4`A9$FWL45vq!feGu-#|aA7*h-H-!>Z!r zX?I!DhIiKS=Aq}gl|Uc|#qsT4%x>Y+2FhZ7J_roPEdF>t_-r&F#s8N3+cRg*?&}1z zUS!F%Ev~Kjy$jWZ&2U!hhUFm4FX)5@5{lQ}#KgHr3W}rAl~6bc0DJFjs$gZ6Z}w`X zj_fW;o1<(jY=Zphx{&Pekc~-n=dHr#=H|-ZyP(wu`?ZSaJkOPkU*AME^u2!1gzfK{v`*o0nzgXdD#v)7#Dv_Nk}~MHT6c& zh0#jpiZ+`J6vMpkR0lh{j>b-mmZR4icVWZBZ2WJhf{0q*#&CMFJ&~~&z+|^}-pm%n z&!V>T$Eel$8$(S^TDE$&78ZxW@1~0FoyUn0- z;B;HhSjBCE)v}N82KA1)jFi;2A1cF48{)QoJ08(JkeLqpnYQ=a%^BvBT+5$JWU4CqQA#Bo-eM?Yv!Alh=! z#qQYy9z8{ocDe0kmIAsJre_gOJzqE9y$`uX8(&$OqvT*l52ClIo{-*~N_x^BlomOa z3isI`A4$EoAc@_#bHZB&I1UtIoI+Yoa!BaiA4an!%eN+VRN16aNAceHRovbFIv8K_xyI>^&-M^zYR$9v;<<7iynd>vwIa z4mNs8Dv}qcYx)WE9ctjaDi&P1!3y!_nnW!|ghPjFB6>X%z;vHSF!`pC+?S8#6^Q6A zH1pTl@H>2N&0d(wvG&%`Z6*t37DJzQAr9I89^>jsQ!-}}FxGcH?^j^8P&Jd;H=@<; zk$C4x^O`Y12g+R8UAG8BcRzI#Ol?NAsc*}%nX>Jq(ZyxBhmJ57e6Z_2TsUs)wu$Jk zU{6vG^|oQ9i+g_C@=T1r`&_r#@Xkri7N+4lPl~8DRu&dB#qG5nIu24+__~bQ;+|X+ zYx-3|hXAH;zjv(dQdI=@P+h?VIUYqt+<3MAf=sgWpe4t#7G33r^uD(caZ0YtdgVv^ zH>GE_v25Kl+b#{~ZdLl3?Z9_=gAfvZ^{S<{$ZXS!C65xQ!b;*s*JoKzj1;Os*h%y7 zXL?j?`o_hQu8m3DTczkec$x;NKqh3#0>Q6^lwp-~F=D!jVCe*Ns0^H)k4rc*9$1QIKws>J zsJiq)gIc%S-%tW$dIYZC)&Z60R7lJ4N;gxaz}{=0YGROWOJ6Q2CzWfYxN`94Pw5DT zY8_4Xblx>c)8i!V^1<7B7+LNT1wkA^+;6fL_Zgdg-PFypROXq+DdF*e;=2-yLt-<& zeapBsu+cDRR_zm6W3=*0S;q8%f&Y#?7Yj$;3*mLGcIzq&Bg&4Yz{KP%wrN~JDQrq; z*VIfsKC`e+u8mq_%xFdTJ7u?d1whmTiWa@veIk}?syzxKW#Lfof|NUtNHc19BOthg zvE5S#rh|ZHKFxZkCRaowLKn(!%4W<|Ng_B>;wIS$Jsug|1IiD)H^e9^>4$`&v}YE* z|A6{d4ZR{Vle=^@NJwn+vz@PUQ038t>eW5U2%=hlD9TWb2xCsMji&i+p3ztVJ#cFhGg1ho+heM7LTh|H%) z2>zwfD_c8Q_?~gTslGvI4p7jD$vJfJ;QNpet+^>R=z7X>$yC8&qC?0%=>>GPshE&y z;$Rt~EM&o{vKBA~U7W>ncT8$6y+`DrFJ_g8;W-1#=l#1E)0hK7wN>pC_z~B$k!FjK zoGUq1%RNlZZqET}>O_2_q8ht+2lBR6OKU5_=%r_l=SDtIGsp+pX^;ls0LA-GZwNpa zhAQuQ`*(lp9EV!=GygL|vtrZs67PXcA2>Bd1W~MRQ==&AD>tM)pEpCda*l`V-u$cf z^d_=kGzUhexjT;PO$)uY{W@VQiIG*cOuCNkGxOFmO+p5IlDK=<2H?8wCnUrEfdP8c z79cvyW(T#!wq3}oM<_pegoQPzvm>ourvmGrcEZG+62Dcw*xRir{jyTDCj~W>?!NdS z=9+pu7IcZ{^i!UL3$gqod=3g#+aJ;4h{>iCp!#$y{UG{e#SJ=d1UeQHv2V0ik20zp2?tG`2uF>Uxs7k?C#s z-b?h}q>ozt0i~3YGBXf#YH7wt4M0+UYq+Ib-YkTs3-a2|-eeCeBjHATuSs!xREnZfIq>Qk|3ry%5-?MEqsDbZ zqF?&y&&d4YlzIWZCIvC_xgJBN^>y(*$H|gJyJ_dh_bf$koMy>VcIrxm{N%iqnL?PzT{VeGj_bOm zlOW_=t7|40O77dy8^h>2&~KS7WPp^Ziz5g+#${Lo`u6(z#_94_x}Y4yxb#|SDI{4G z^)moP%6)fh6ns3iu66>v)UdG&js&Fjl^(~!_LAlKlPLpA!nL%J)1RHFGPV87P)qbo z#1<1=H%zy-H)mq!I8`SmW^zEK%bvVCy&9dEmoFN1lQ7K6%;MMZ3|% zp=7a9kiN%5#wMam^)U9kaLlm6@f8VOJ1>{Rsv#<7is{L+ydAuQ!U-uDYtw2?{;HEp zfBHNz3GYVrl3ujSzArFF*fD-P5ba)#X0lXTWzLwHF21__7mAFSA;*e6?r2XEmr;+8pY`uaLml%Js zUoB{^>oz_?oipjQsxBtDzNg<*Q`ADtn%_+oZ#^iL1!{ zPg3VSs(xGx=PX}ccWEy)%w<8>_R)OY))3hq4x)Q48WGXST$@Z088I{0)%I7+Cnu+) z?KWk`IvFS=`Hep#`{u%1t@743E8WN`>d6|qets{$etmE_`Bj)(YYMH>O4EOGVv6q$ zw|-Pnd#RKY5j!M?g1Zsa+;CJ&Sv>cgOL^b$9zwJ(&BBrcEMA zHEIIByKQ$*R_7KtR&9(n3okJTP?qwaxc58Sg5%3_Fwt!@VoUGE4~?=L%o*cU@y98@QfhKbtr9G{BKKecz;$BI3JD^Wx#2DyV^&bJm!wCl6kFQ-!8L``dUeisoi}Ib(LTT}ZqSqq(m__%)r0hW^((s{vfp<@08?1;zis)|9tvP0nWYJv_M%Uaq{KQnxZ~naZV6Lf6L44Y^I}k zON*IOjBP=vnT3%plqIVclD%ws+^S=--ijYpwp)M<1*u`R)j;z3oxW&mYFD zH(Q9zwi!8facnSmk7d@*be?XYu%@51dLaEfU zZc<*0_xs=wz3g=dcR0YP?xIJ(eEqmTSy@ioENtr%@2;O5_8X^0F0RJi-*Y$J@t_}Z z`oX-_xOSc6_)ff-lVIPDZ<@u%Uj(Xlt3QONYfRMR;1`ZYXoX!2a%7ln9O<`4Ix1)_E^C*=uRj5ZB|GfRF0LDs^!x%9~Wp_=4qNjcs zrL+hw`+sp?{At>P+`&9OPpj5VlycVu38}~YfM9e>=4h{zCPa}t*0e(en}LTMgJqFT z_FZbP3OZL1wMW0^bXs)D>{mX5J5|Oak*^BaGG=dwGF3Q`(qhpY)%Vs@{&KhPQ@GXH zIZ!n!7dqF{G)n%x1CLzwNqCx`PW@KLJllfpo>=y}Go5_|!2XZ)H+}iy;Vx5d>4A17x&YCoJIMQCVF@H$3jH{g^34KlwHuNpoHvYB3jGi@J z(X%alqhzoV5>{S{gp2i2o_5LAYmJ{>`h5cmtZBnSbnu7|<#3)cQQ_#T{e?BEcsFM9!lOE&YI!EL z_xHBfWPjh{{?>?9$!0oH)UR8n?f{pWyJtJOpW|LJyzSN%@%hSqP>!2zsAjoPR;gHa z_r}A_bE&_to;%H%wQgD05_;aExXD7S2}R()`_uGE%w|quf$iV5H7`tuan0D065Ues z=C4o1T0jq`rH$^|*lNn}D~Tf5>Ig(|pCPwAV`1S@TfjW5kH z8x7PjtknQ%q)XEq8BxpaKU-sD6oEhK(Gd>PGxfXw=1ua_bpMCny=B-;wz3TU_C5Wa z0j+B$J)gN^^thhcO=W4zV4P!2YwoC0Oi$+@RC8b}{=Co8ll@Wca0|LQx#p(sIKvyf zW-|s+U>3 z#Id%?Zd`EEAuqFOV>XfhYZ><>T7_0LUb~vANFDpxC%V4%k!7U&!1LNNIm=_{v0E}d zdU(PRIU)Os(6y|gcF{0=@+a$O13&uNM8}ptx5HF31U$lng`I=r*lN|ryv`G?k5g@C z8Ta>u5V{Xv`x$=HcYrRcSKICoJJNi2x=U92L@O)j#V&>E);c;&MpJVX6cwWEeyid1 z)B>Yv+OrZn?SpCB+5VObuL78`3M-vYx^8u96&c=;bi1npeid=G0$tJ9i~E?HC*^U} z&vd2bge7NNSI+4=jk}7}eqPS*x$#k*Q2~azF;f}0J_m6`zqXJPhWV1_6D_R@*C_6? zK^mod@Lf#c_u^N65}RQJJhcA z@$~j)V8I=i&8yo>-NFP9U!33Olz_K1r;OYbLS}0y5N$gVj!0?=Zztx6&S~!jpU{xb z63a83S>0%~TPfK`E$+S{d(gZgi%32*W)3X8pRdewa-EQu94aWAuy=PWRhUl zjeC>jxBY_KpR%InIg;H!s@j!z+I^6p}dj9S7v^`eci;hGhI%R`j8b*sfMg-GuQBroy*r%#!?1^ z%fbm33r5LV3=T$BqbXD*Bo-AbUc^f8B~io8RqcANRnxlUxxpT7-*`h0BOKXEt@@hw z7uJ32ZSo#X>w=1h6ya7~att8R5k_M=3aQBBsR;3ep1@nPIM&Iz`VV6F;|LYHa`t?P z{VXxHQOz{;t!solzr_L+u`dz7$S~6TlI$tabS|GsY(I{L_r$0_!PC??79@wKpd>#! zzF+#GbGeM6xw%bCnMeMqxZ? zf%JaK)3o%p-5BJgOVuG)t@QLOBxP* z_dktqXHzk6$$7`QW@{9aI(R7|_@adLt5-p5h;@?P$?0kg6>h0mJ#V`nx_Ve3EjlWS zyu;ji$FpU8d1l(OMby7RoR>JY^`6VwlfOO(+Bofe5}WB{MUa<$jIoflLB(4Ja$|>)W5fj4#ig~JX!p^M z!8=aBpDqmg-y7axis0Uw&~Yx5=fJFYHd3ln6;5iqQB!Cy#&yQ<3xSR>Y7k1m&X_EGZGx7Uvxh~LhMw*bF@-SAM+N&IPB;^~(4|*=1ke*uhDxutq zgHkjVPW$ytQxk&Suy$Avp!d|OwWoXKe}8nWp&3#uQ&bF2{i#=2mx_TWRuo*T$*v^W zDTN)qRCcDSeY#sQ**CQ@K*r0kFAstYj2cu{k;_r!EH8Vog`6Ukjds%x+p?|hc0;@f zHwl#_plm3#y%+64GMEj%TbE7s@UXg5-*Ujeh8Oc@CV%y% zJEg>@bwnF?C0nEO3ysq9QhVR#y?H=}xJF5iciN*UolW&%M(id>PhLJk^lI?77~!Eq zxS(P9RPR|C`L?E_z?(-AGe<_JBy$;=sxyy}D0=QX-<0Y+U*Gyi83cIUdzt3Ukc1%S zpZ!6ziQIL~3`wR`Kc%v9NKa6fWj{pa!#E6_PJqXY#!|-(;S3RnsT(Jyt^8a()bq8) z9rZ%xed`LE|tn;F4>NoTGu4yR)(wo;OPMG=WorN|GhS)3;AeQB93hwAcNT~_ayuMfGb zR)?R#WAE>w(ZBKssU1tFU+gHgZ$5GSMXOPC{KCr0hQl+gcc=dNaiZ}wD=SVuHsG*a zU!IQ9eX)3}A4xhwn&rm%$}KLlLl+HYo%DXyw(OYZeyro_{CQphH58*Y$;mFUd)j1V zV@&77XxN>dM(-D^hUFHqFBk4diru;7)PAdsMF6s`1lVut0lZ+a?<$9=-Oyu#U2lh=xG~aEYCm!9U0C=Tg3rhe zQPca8%xsKrZ2-Q4#XNlQLVOk^#Vc=jh`&b-6zlhJFv(`Fhc zhqUe5s*j*zv|)-P0(3T=yY(s&&fm>=ty=e#mYoZg)s=O%34b_@RtVh8=%1sa>aqlJ z23HLrHvGEq^3?+WT`P{G{@#xH&vweU0;9j%izT~7ZU9giQKhl)o@6)SR;hct0v$Q& z|80(<+CeLEBd&b??&5k;LrA4`WBxn*OqVW>>{Z zaUl=(oVj?ii$$=l_0&MKp?6)U2QmtM=|Vwd=FXi>ZkbWufujcw_-E9*4H>{udJ(-r z`aI{PHw=0inq0cOck;+~pKo0W#PfWCqZUvew>Rv)JbcxC< z(H>#xZc(1g=i%?vRPf(9XzjFX)wjf!8aEQW8AYFrSvNN~X-zXNH0OOYj#T8TM%F3H z7PREoK<4`BLAleOjCdc0#!3DRD(R)ye0WdknZ zu8i#bL7C+r*NMAB-Ie7?PZ{d2%0O~de$Mw}mKL17pLP~;OWW}D(pk}L9ptD_m87Rl z0RyE*o*r~L{XHT^wwBI9+pxqXCSMxOt9AE@W2WVn;_PsGRelv!9sUPUpt(%zq(5`d zm__m?W3*xeiqBoV2sU=(WOa4u(Fp2*oXh?&+U=Wb-1cZJJdm}yrM++FqXsR1oLzL? z-C>|oZFZJ{RO4VrbbCJ-OWU(oi7N(T1w)QyBFxsabR?oq6uBbk#rpV|C_w0^WOmF`Ym@{@DOO@8T^+cLXXy%U zd=d9kl|$~#-b+%%xJXwLi2JwG|3`aY9t~w1{;!QUg%(RhmSkU2mLx<;lh8EAVC-23 zqq5b6Ns^GA)L4crV<(1TtdYtdW-Nmw#Eg9z`|^9H_kI6(-_sxO`JLZ6zwaO4bH?%T z%y3=zbzS%Uxj*-HU60woY)e+5eAhWPw@@|(Db;s0Z@LTo5H&tX2ep=93($?~)H|!C zP@gC2vN8jv)O&;G!DO4gX&jyn$nbS#wzAg)VV}L9N9Wk=5$9g4k=`4#oCfRp!kgn)xadW5U$z@4taoyuK zHWMwy#o0II65v3Tpq)8Pk(S>M!_ex{w!zn$*n@4~y^~U31=u`uWFKhqBdiI07pP0x zzejtI1FuE2v9WWo<*g6}2g-Y>cdtL{-!u0IuxkA4*T!Zq3~-Rg8;3%}LkjO0SQfzs zDl2!%uI*4l4?_dH3x{4*?pewa;FXn+S=rb&ummq+1ZnN0zDG9A&%b0kKEX;Tk9>DD z$yWpW@ZmDhM$f;mtfQkD8rAOIfbx8I??Gi!Xhi7dpiHf|SY6nzOb##7;)<~N`GXcQ zLzdKcYb9P4{dqb*O%g50ubY8L^(*ODb69qIKy3ikr|eyGACxVc^HJ7f%e2t=bvuus zija9AW`N}8TmD1)6$W+BE_18y9-`I(DMhY=J)bW5H2HJC^$~tG(pk6dJ$(2E$me*& zKBm1kCd+tW8qRGWET66vKQo5d$JDXG<$7PEJ@K<(An9lx;4`@QP1n1+Lo$7?Kx-L?Xq0^h|9BmRLo#^YIfNk5 z?S#AgXUC@RZFxNRy5R>Jx$ISP@9BrVLdQ1E!%buH<)7-jmeWAu0ulZY6SW%dLF@wC zue$Z8ng-eA)Y@=YbgM_0B1NfyB5U@&KkZP&EaO{Q2mb2Sd1Mi8Zgo?pg89!%_oTzS zsXLP|W~!^Nu3zDx$d)6soSZP8HY;^w<; z^Ibj~c$k%N($(wN4+a62yYOd6&8Lvh{Qqd}`B#<4zmg_@-{$h4oiYE)VEk8h;_o|# z{AQ?G*htU<5Oww+2MF}2iMY2yDFwc8Nz$0!=wCN#gK-+X=09~ z%f$)$j>2Kz#fU4JlQ5ZdFJ~Q!XR+^C6H9A1of>+y{dW5g3n0J&_w~Qro5@A});t&o zow!L-U$PvNewEHh61qQjUpElxb6!bk&Hz!T1Kb(W9QK%Z4*BjPgODeX!H#sZ4 zwgujy(F*b)o`a7=s>2v5x=AP799siq1_5Yc$oKVv!Mx?*)fl56tH!71TnVS>UGgmS z;mtKsZ`@*B2kr@SdRa$1Ml zV*FrfBZDOi8QU`pspEc68x%FmL}Jfii2BTdTJGj=MS33SbHXo#(kE!wC~@F?TbwR^ zY=)Sp=cV+Lz>=~&_L|?XSjNJDU_z|Dl}w$a2q4%*~E!btpgxu9p`$_>A&N0RiegDuuR;4 zOwP1?K1VgSFpf>rHhomBK@KmQUhN1$#2u5t8gBYRU(}97Wu73w^mBuzYLCRkA9IKn z-SF*xqSvG7a;;os#$k9^2_%+2zL>Jk=U*cRxdn;iV>G<@}49ZEavdyFV3K`9Iz$qdF6i|W_Sbii^3^US)m`1&sx^N=FPV;OZv^#dpC z2WzU$s!H{w{PMj$qm0!lbz(({v@in7I^Qgv{P=kSJlO9yNWR!+pjW{SOQH_=9lT_ z$zun_gj$@TyPYVQs9L7eF}J<)1uTVq^}4$)Hc%d2`!YWc*emj_Fx>rSdv`aQ05;Fo zapB-ZEPM=K+RP9t1s@?yN;M!^t2N|E?|_&o8?^=tJ?#VpYIeCm&bpB;G9%{JEJ40l z>MgA>l#3WO_9N^TXBDaCOA?fzYjHQZ;vOm5yJc}BJE0C~dePpc4+W62Ln(RBP7rRa zMKXs`6KhDwuuCZZRVF0WBlA z9+|0CZE+(|%R_m-_uXtI<{=zXbICE%c&3>{@%~JQ9C-GPkiJD?4q)+{F&9{qHl1A} zFyb%bl={bAD8xnt?BZ>}%?>~~x#z!-)3g&ro^9J-cmgRGX`y}oA@G>*k}wo>+}MJA z+0tqcb(6Yb;FT*-ICU)SOmg`(s~yzM#WZf6U=zG6tXA7i?AL1dv{d?OWR;XopFdtp zr(?+?;{$iPW!;5|j3U9WBF5OlFJEJlAM>sF=MsCvzIr5(!KEejUe~okbi)K)3tlXK zATIXkW6BiZ9?Fy1uttgY{-{i@C#*)&lq|t{w@m9i5Ud)TYvnyTU31Qvh=Y3pfl%-b zo+^Tag%Kt}F>(mbOe^n+*2!4FH1xf~e8R?~K7!#_AkyRbonuAmymbcBYn)Ehjw^Kc z<9Ubmx+mzM1jUHn&)4`|9A94>wz4|;$Z!5eSLk5{m!1!{ZmpgY=Q;|h)9hP>VL7cB z(s^N%RzYMQ>b+LXc34G?GP;ft;B%6?jn;r86j_;C^%3;GR_SdAYy`Kf@^#_LYxUZ@ zb88OW3N5C6-ZGQaAiX24h$!hD1>XqJ8$%mFikq@^ILg7dUz(;*&XM0>SE*xMEOhHN zyPBH*y8huFKg4wHk=*G#D-LQ(5g~bDbH_XNPK+lg_Ee3Z*MZ8K+WMrmx2Ly1cNaRm zaTq2yplif45Fg6T3n=i^2e3?uzR}+N@B!4%?#skXNLju25j}O(!%uP+6vZ3!9LPuA zs5pz6-k4xYHsDGs{zTA-`=u=ZxON_N>XQ!$4|V82mCFQ@9PsYbF}k6JsjO?g=1*j#8Gkg!{_-{=mq-p zk4Rz69qZ65TTU^%^i-_93}{XCsQ7CoQp3L@<7qaou`JTJEtL%_b- zXwMJPpI(KtgpDt)+W~XVcaj_5QnT0&UP(6wuas`0V^G9C{`yu7k~YQB2rG*y^1NRE zp6y5sBkn2TrkNZGnbN{-W^+V4?#o_dxI|CjYyaTL!>P8yqa%e5=;vJkE#jwYvs{QMW!rPt= zYsZyKwK(WEdoiCWdG0+DWvZ3rK z?3r0SInamMeCH0r%q&N>9NxCJ)EkxGqC~R~J}W7?RIWAtGQT7WsmuqM9(Zw{wCw_7 znIt4^!rs>fuRoMf^UW!0hP&r*kwqtSG{zSWDJ$a2@>9)3A%4nPtaUN(?Y8VMZocn{ zmR$6vRxI1yN# zX`BAnyoHPe!DPgcj4vZBIu>MIG!#V*8qd`6!3KpK*aMv)tuUPk11}ft^Vz=C! zEu{h+)`FBa#<`-|egx7@O)H^Jho#hbCm-Zh3mon;AgsmFz)<@WXY7n0MVZ#{9n90K z`GfotPyHd*6|k(rn+aEg_Jj+ZSo!p9har_%fkuXny2}EHff~Qh9QlqrT^;!d?M$rQ zk%hRqyvQ-DfQI?-Cu99`nae_ZfH~2*YxTj2B)p~)$BBf3i*W!00L6(znwkNIc=X~F{q!Y3u7Q40M2h2V(RH@k>vz%>~>zd1t zxy6G!JtU`9C(xfWuVR;DjMty+3yBg98fXh3f3jM)A=q9kK+R9$d*nLz$=cF?B&nN~ zTr`CF7i%e{yKdV1)LPEKV8b+>T(5`OfMrOjhjVB>qBjm@o{=4l$Km913fRjUNOh0% zYb|4Q5;ceOYxVEprz&2&7*k&ymb2%oB*{o#M@AZIVC|H6Ih|FeX}u3NJFERLHInda z;%?BejAQnkmz3OH3jO`Fy-WiG&;~o}P0o}Q>Yd?JRdX~9=NlJIG`#SIU)41Ytl=K7 z(Vh>v)$J`Kq?%{x&hFkJs}peum#k|$n5JwS?c&XvD$DS^pltsni>;OyUtmWFOOn3~ z@amGw+<|Yk#&5LUb}L6>`|P9${RL<*15#`PNn^t8;|mkTiE;--H0Qg4#FAEHd^s)I z<#g_Yvh>CZdDm02k$rpHXOAQUaVHkpHzMsjqwV;anChRgsT2tg8O)nR_osWYgsyz^ zn&4rs%F?ecbmGDR4u{SEa>pqObgk1cx41ystf|>S`OCzj^ZlylS3BKalCz`zXkYB& zG`1&F#dc!~*O*mgR5EsqNH0sMji>o?P#OA1$|q>CT)a{;^lY;?Q0Bmu0eyWE4um(J zmHi3;w`tAgRjPF@q|4qT1xtg#+heukQszmYTRCVn?51>`!sHSxR1%%x{(5g znEl7XK3Vl#^$r7*8wxO+MOh4;b6hUcSJtZNt3U7$3651Y9x(`A7H2dvM`Lp$wR>6b zK)5h~p@6LbeQ_x;pmMfOw_-TMtV`LgL!vjhj-Lc$nCs4m@QPHDDr_Bq(V(xpzl? zN$(1R-hJ!bb5kXo``4O+%mDpXwrA8a<#WZ~h?jNx@FB3Yp7bGGg2=2x5aqV7Hba3+ z_d1B@QqrGwwh8O7>^;DF`(D~UyXsCj1+8&ir@xixImtH8QGN<~k@j&5bR}H4A6S_{ z$9rR64~MjLT1Np3%U;w{o20jN-N*FJ2VzaZrd-Y{($YPdHLAPReQd4V#3N-GgC}@~ z*D@uAmKL(`ucr^GJWi}N_sbrd2i88+N&_Z9=~p`hfMrP92aGuWT)K%R))25LB85{b zulec+#;5<{G!}fUGk(?9|NV>KGZw$+PX0?}=kK|be=!z+5h4HNPX0x5{GM+4ZH+0@ zKcAxVzrr&N{(GY9uaVz&Z{z%+**fHAP*av+l6Y}gN`ej+ax{6n&m z*)_xqH_q+_f4FM19o^F6vt`3!&+uW!9ithkM7R3Hm@wb zT_6$bFvOR6KT&JzVT~F3YbH^_q3m{vMEch)9Dg8L)K5wD?h&8MUTZ2F=A4Ybd2j); zxNR8JBE3kRJ}u(q@22;Cjesv@*`2))DlLygY*^v|iklpIf%@9p`&`i0XAPdqeyGP< z(Ys_}lQ17uMmp7~7PAFekh>tREd7@_P0`%VaFy$G7w%cJH8pqcIub!9$zd zeJAX>9+QPS@&_;Xa~-!!UFE;`F({3dz>9yBpr@kW0(CZJ@w{6BR%PE?2ud6rAYW+C zw;ADba>7~D^MPYiO>P>&lc1f?Jlxe)7@<@k^Lo}i z3}siJ!2Wdip_N(*EUg0+#LD%eJ37p~q;jIp81r)%!wB6X85y8z87asZgx%q4PrIk?*{REaOqz>Rr$rUS|>|*w$VSK9dJX80lw~ z8qSL>%kf_+6H8wi6X+_zWW;Y-@SRtHEtkjVg3XJKXFQxcjB#@s@+O8WtU1Mz2|sxx zl}XvoD!R>x7$m|G)<-C1j0;;5Kdx^+Oa1B|MLoxzgIB6MO4BaKErDTkYy zWPn`sI1x%yZ@;Bs$};go$5tQ%8Vt?0&mO4Ab8S)@lk_}a)IZrx+mW;9d{n01Dwwf! ztEE%5HnmXc*fEIh4lW5ggYKXx?zwELltPI+z`x@Za3x*zIC7xwB438=+vnx?PG5>x zNNVt$56KIqZ(w5TJ7rJq^oh!SOywvFjmoH3e8&8K_o-_X36C-L@hQ(mRe&C(?S4+5 z5ib(OmH08lS=VJ=_;^0{6|=LWG5MtDeB$dOcZeRjE=OPgWSbQIjVQDlW;(7QJo}}t zg&PX%*t3j|C4e4{|)g?-c94)!CiYpr~J8^Eqq`Byjbp#35ki;>Yq0e;So@FvQvW!h|FM zv1+o?YMIcRSw(&qlNt~I(W8;Wfg5@izyLz6TLG``>6vJ0Ej)HLz&j}@$NOKQ(}=+Piusy2A?k0yez#YWPM z-svq}iKAF(s$lsga%Q;>!AC~(Q2oh%+$f&#OCGf1*Z|6UukY-2u|Q8Ut`fB~Y1=+P zBa!HtdJV`ichnj^%wv{3j09zH#Ab%KFWu zXR=U^lUQQy^+TB&bfh&o@j!zTKGwp};#4m7#SNB}lO~{=0t+8c{B&lm4Oh8`P$ybn zF588y=hvu6oKgMT#_7prW7&g!#ZzI^XX!&j+BMaw5(`_K@5R)=^^E9gR6D-3#K1D- z+#RJgNZDO}jh>(5dZtHTm7HGbQaX;ZyAgm)oI$(M|45&k{~_q(@A0IHof}2(YWZ=s z-jG#=R&8dC=u`k^Rq7`Y@C092Hs9w&Bl%CF*o=|xp@)K0cFllS+C_z1S77q1Y(4c3 z%4{-;k#)ZFUDSi}?ee7O(q|dTO#%orC4^;~9MT#RSdpI2?N9khYDhM)xYL&_?Dh;V zH|*Ck$au=zQ%%f=$>oiX)xb9C#hhXi?q*e5LqQ$CoaE%-*F+0VI}*bUr_xX2fDa!FWCK=eV}GG#$1@L{N*l;`Ur%#A=J z*|zL_5%>5;O8N}5>1}2Ksg;!8)xAGhQeKTgfYcMF`pT2_50HoM{|Tjx?EV{OTqJPv z8hLLi1_m^&pN)@qPp$rI(eI2o;j+3HsMfgyRM!*y^Fw|$;Rd$k;>5{qYt~Ui&-o2u zP6mp7$^<;F+-FL&nE_2IGj75!s7pyqbYq=ulmq#i-g~3R-3kES`Zt1IaJ2p7 zGUMmJA4buvTfV8ZM&+wY}>YN+qP}%DceR@m+R|ypY!hjzdsi_B4gx5ju>l2 z%(>=VnGuTe5^&Ji&_F;ya8i<@%0NK>xrKm+g!nt)*fCH39e|ybC4_-$XK~N}PN3{1 zwVZ%}(8>OD0ZS>9-T?s#0!fJqsk#GS>HYYHs`mD60}VwQ0EP@n*yBc<9}eP4?K;~O z(DOx?{W-fc$MZDXl>Mo?{CFce7psYY219ufpbS_m64f=L7lOph;Q_dm9KH9i6$Qg}99fAG4F=LWcr@^YuE)NQvHjZ9X5! zx>h)D^uV}5JS;Grf%q#|7ikcS6b5#noby-%Q8`sEcS*GS6ZB*9)q_D&;Ze2JdhBT( zzPfankx9nBx^$7%HxVL^!S}i(Iub~*KMy47_lH6lkFqyG5=HF2&%%`RyYI$QomtjB zlK>#!%x0MX-Tm_1!I0LlDwp;9y}+y|hso##uprp|j3l}H(HxuuOKtZ7(P0x zOLbmI2C-u{C7*Dy$rpkOaIcr%Pvk^i3pcZxXBH8Scno0O6d`0Ava(GrA%}Q=7=(3u z+cz6LB&_K0W)12o+BL{f$^KX-A3V!#ieMX@nRZ5Cp&;vu6EL_k?lv?Dxobg|&@!&B z{~^~fjd>}#@kEMX+6cQ45z9o42fPDckxt`+1s5~CS930H!_OqbEVG8sP8p_=rk;2v zEP`3UDClq=cyNT0!J1A9hsG2O>S3h9@_bV>kos^9s5gM|)#`$BdCyG9NeP-}Umu?y z7llYds=lzYu@N(JLU~@j7P;LgVKiTsbUs@oi-pD}2ZIC__D3ZAKMZ9^OF@j>v88|aA=kcc3` zKtzK7hXEbwOkF$Lb__38K8Jhn5?p3seCK&Hv}c8*sGtI>%gU0;eOiT9-NKLwN;T*y$ zTQt1StDxv>k+c98v4sqa{m(+-#-RQRBk+z@PnH;IFr!-357Bk zaLo^(GCK<0+|*js0A{tVe8v)K(g}oro*oeHJ@xR%a{m)LKO(_7Z~c)V5;>S!4f7=Y z0Ktbjdlme2Vsy-fbqz>GSRXWaiD;xY{vSqDQ9y3jTT#aXX+)r0HjM61TbgHSUN#Dt$*_AV{q6s;PR`_8IlElVrz>%w9$t}m8 zTQ+w*=`@c5T1twUgm958!-sGa3YY?M&nW=j3$l23De&XemIR=biX{|b4jG^-O!&Df zc3XrI)8MVgzWBVOzc`K*9-H}-NeZ3@PgvnLO!!sRQBton5{Zj!)^{)s+E z{Gg02dWD(L#c2mye6)Qzo^@18^>3Q}f)60oE~?J7Oqs)thgaUz15TPX_|dS0G-BX_ zg3V!a*)AsX1_{WKds~c&QMSY!qS7l@<{)S{^G$a+Pn5DaFtIyxia`A_m=Ls928*?EV96RCkM0I!$maToaY;g3^auPg;~ik(o?%Rw?L zT;xB7CVQP{5e0>h(}OfnCDRJUwrtU(N1Ud;A35V5HKN>7Y5nhp&5!ffY{}`xIkRHp zzhLNUX9Hn674oEZcP;&339g7u%-%(mVbmM*K239v1mE<+u@f)@J+gp*NHLm z1qzoxYt~5YWT*@^NSfh#{<#XRPNXk6QIt`$L|_&wM@(W=D|pKKx!@i}`7$%<+)BYM zd>#$ zop?b)Ft(e~?`8_YxiFpRZ|c(!jDA-=b~bh{1?rTg9N$x%S(&qPMV@}31^JNaVx?F zkF<9AZqLdf|J0LBko!$Y`Xhm)BIc`2BU>Ag3(vuO4qrlm=<~j}8?-Gke})Aup_7^Z zmI_v{U9xz}p5?fFXg7-xT~UNfzU=~vOJi?nS@A3t2ERf+>AByOtYL)-l5;ef zN#|I9hCOCjW+z_FSc7s_vpB(W=4s~{BXd!>m!v}b)%LRGdz0#B3HOeu&!fd`B^%zs zEHTKKRJQMC>X^5+Q?5oA>)c=0Yu#UO`#zrY#Pmlw^t-D!6L;FR$6`34fCY&5W_Vrg z@FK%Xl)j@EN0v@c+?fI96W_xnVPsAzvRfa?F)@o;ovDbD+aQ7yVi?#`{Ofvx!(qf0 zT#p8dBq6@i%j@*&RdchRWl|u zESajjrgrTV@mCu(t^*kXF!L4ZzVxKAV1G5R#MhgP%IjL_Htd?GeHo3HPbHx71-G~P zB#YAuF>;Mn)t1~i93?b`*h>40=paG=Pv&vRH-}+T@AP*;ti(IUc;Nr#4^X20XP;X+ z?&At!Z92lXsH3o^e73=XRW`qj+1= zB2n6I-xFzgunB45{y&i6R99Xi6N29)d&bNQd}8?-(UOpx9<$^{pI>=a5e*X-~D6Wp^bZqFu8S}Em|7AdemBjJ6Zi+o-k*ZP6t4%6}AJJ(JzD*nn zoUd>&NIZS(Ddm_6`hO!PNe{MozLTe$z+_m{4vJMkhW$?%qe*@pb+F@U5XQ=IzuE9Q zO)FwgFta=yEJ4S_j?Fs+-1`tg3lRQt7K^6{9~UNho_dX*zg)7nFm1k+DN+(9%t2)2 zUR#1fd06oRtFGH?{_-NABf-XtiTeG-Xh^+)2vP}2+6pwkerl}t!-Xg0%RNb9ej>QS zc|yD>D_gx{5Z14mwUaqe&~ksOiQ*oAf==a{M$757+$0;VD~qNuD%( zEf13P#&@D=ar56E`gc8*ns&Q zsY>tQK}j=Sw%p@a)eb8YHm#hw%AeX}A!B9b5dF?`?&=JqPF>b?5Xf*7%5CNT2VJRv z^i4M*;}{<)S5igT>wJmsXGF=XNGS!s=R%1si$FocGK)4=~*ovtseGJH^BZN2X_mna%Q=5Bf|@z|LHg3vlg8H8`NXG%s6n%SAq7cv%LtW9hA zYs4Kn6QV?7l5FN+2}mFo5&r26@|<%fCAZy9$Wj!A37A;tIiL{(TjlDvhKJuBe^)GC zgi`oerFYV;Sd_Yp^^r$liT~2@H_r*KWo)yO&y;ttBgzD&B65-RFIk1FT%f3CEI2T; z^9be7QHf3=14Ky#r(_FB;%VQmcjmKyt7sa1p;wF&6`!w{kCsU&7)|^ooi+ZvC^5#? zj(ZB~rMMuydekG;_cZ}jY0yWA5`sr~1w#M9Qvdevms6?P4iLfptnkL2jk01i-Uxo2 z<|#t0!X7EC&zhPV&0a?`YS$}4nJ9h3kxpxF^-?TDmr`qlu-rST^}9qPdXitZ=Zoy2 zC;1TUU!dfOkomcJ9TN(Zs$~NM*mr zCc5Prw20HP$BBq!V1)Q@f^+M=e~4LVWsm#P{W&POq8yC?BcyV+5~HGurXax+?3aZo zpVdPHUX-qw%r|U~ghivikOl=S-jV|SIUyG7pD|(QEF=ZnILOU{KcY?D9>RJ&cV)<% zs!}z^8=onwD*cOu?o0fz9?8njV?omsDdIq(mY<1p(oObBi}dLx-VvA-IpYb z0W00>u?o7-SG^np`sI)D~d3H zR@VsE(bm4(J{Y0A<^T%Iu}5ZRVbNO<5r+D2MMr^TZfiSQNZ{Mw7KLtbb+#}*K5j4D zEr3si=OlrgOg*P}GctCDQVmwYfIWDj8d1j}$Yv6ZbR?E63ng!1NK#(H3ZyhkhJ|gB zJ$q5RL^D{lm_e_Ks5pm2Pr=Fp*I9hS7^n2DC9xnV1X3f(%;hv^PdR`G;ckZadQZ@0%ddvFL&Wfx~(vvi~V91p|@xz%PHq;6=%olmN7q5`I~I)adgP zy=+d3YE$HjqgVv_Y;VEz;rcd?5TvKSLQN2$C!tXV`fKh4nx%#*txZeNtWkl)^lc-$ z**ZM8wHV_O?XiJ)pEo+DAEU4+-dc~qA4ti8x#t#7C2;p<>Y=#@&)gNmE1!JGr)3EG zlCyxAnmRhZOz8pW zi`YCW6#`3s9jIG+M*NiyDhSso`Lno$LG6s)aW##U;I|rZzP+4n{*q0RJx@*Akr@7c zjN!uKa`1!ACZqkZWD%|Czt!~%bbyl4sNr=eoVlf~<1)Qxt^=z4ScnG}0fP${JSr6F z|F9){B;d9iMB51$q{w2F9BDBusUN=5Sh5+(%KM~di^#yfb8L@Hpo#HTp%f0ysjDm_ zBvE8o)bu=L5@M__NFY?f{+dRpC<`PA7P%Y1+)PYOMojm}AQN9>K%PzV)upXP)n&u2 z_Q?4WK>M{&F#-_CScHF^-z$L>!8Z8ZLLj)kB7ka=O%S}i}tJdly+Vp!C*cs+z zoTM=Rs}byBf_&hw_PE(q>$lA^Wsp*CBkuLJE`P6(`PDAI7n2*lr4K)@k2jg~V)^1I zh~*)NFd3X9Js5hx?m1E)}WR1|*QB?zZ#(No;v0#C+qS8b>L+!k|+D$*H((^)=6ohyD;IJOA^R+0& z8GbYV?V#Cz`GO+|GL7gP^YnKqkfLpt`B;Mz2i0%)4)2(uMp-zIWjula^XcEUg(mmg z->qsl{q>;m;rRJ9|5C&W#JxX_(5?zjo*4b4K|)JgXJw#r%-Hex&od%Im{msN?d6BU zJw#xX0^O5fvCW|7mmm23GzuTZV|#UaAI8k<$fAV$#5{}|kQNGvh)#_9qCJeG2<-0r z6z7CsM}P4&AIGMncG)V*tjXOh&kMiTWD)!9ku$;LFG#c79nScW99G(v_?D>zG!aY8 zlGv5;UmO`U67@eWiN=Q7o?h*)-bqv@C)SC9fD!55(wblAilnZm7>4d5#l%7~8L=%u zAjOweHPVGi+R4hB71rQ5zUn5o$&LS^si@tB$EtzQI#Xy^5uc_!{&+SvmfR(S)_Oh~ z(XJy?Sg1pXZ0Xem-^UN(CCj1Gk~ZyR4+laBe8Du@cTkF&DXr0I_*tiKo|a}Oi>UOk z0K_krZ^P3HL%6x%>g3U(Ku6k?ElxOVR3YbbBi&|^P2R<$zL{3}o3`>?auOae#*9`_ z@L^9=38K}K2WE3t%*y_{)DBl2u>uZ88K4KWfBOSiZaXea|%LX0hM1+ zkR7eq!eD@QTi4N1TC;ve4qdMgPi#zB7CEF~?hks#10TGke5_OW@P6(!JYym0C|G`7S18=HeMFb&4 zdwe{vrP(~OX*VN1DqBV#mRP;aHk*W>yfB6OH39O<&_y|Q)bKzyj-{%Ar8OS42@*2` ze+I9q{4Igswpb6AWzFW~P~xM|#u2I7T+CSva+na&jeg9&*z!kS*g=vc!H|~?qY5Q^ zM060+Hu2Blbw~xvrSk18l}#hJ9+?Za{@Q!u3|69($Jq}ehxL}ZZp#Bn9I#NR4Yzr(GS@@i8 zn`D91SuCmxaDUybNbl_bnZ{`BP$WeNMGw56@!?CW zkY|c z4O}lbvfaBv*S~08C%MB+1TIVT_dSv*0jg%iDBhkv6ILri?r2W91A6VMdrOZY_9jsV~4tZ;~ihvrc zDfft-)5Nw1!bh)pTn%SNXDH3Ue|9~q7PQv#a{}l&eu&{g&$kqVeR?`eq{-uv$Tq6$ z@)$R(XKqr%ZD>^6=Aq@7y0q`Aw1lEU%AXcP95_2vIEVx&HYG{(uH)^v?u+J ziLWX}AG4?RwgyKXt0niW5Gh|%^l*PBCB3a?u@c)Ngzk=+QOIdao1t4Mxp^FMPXICk zHOb{imczqj2Q6Y`GprJ}>Cpz)Wwd#dXc8E?_5;m!I%RAq@y*c{d+|JTf@a(_bog(^ z`jf7ZjYZ?9M$=?cy%*ba=IWh#q`z4ipSA|SzW!JGpN2(d)K_Fd zt0;c48CVIH>FkGuNPCtqQA(tU-0|CZaXP+Ov*s{(!Nb?h4+ zpjC4hn(?;o^%SvcHmhx>lAJ4#?Yp~mMaO5AF`Jq__MI>iv7Poh(U}DJ9&lBy2(I}|v zCR`P!F=$6>!}2L0kl+^Jc*fNrtQ8tLq`VdzChmijnT2P{W@>to zW_eGn8b0TeO4S&}RHMovsx1p#k~$%K9-i*!F&>}UG1h{H_^pK|Vd4jP(?w(C0Q=}> z;S!9U`cm`6Gn%B);E9DNtW@LrH%-=*-g*J&_FGRV5B!`yLF?U$S4qDwpG*<~^ zF$m;vY-04v^QcLDTRn&9vtq2=++)OsY}(SF>O$(11_Jo&bU;VwW9cYMNcWdxXjS(s z-@c*-N<`ewXa3RAu+7p>g-Fb-{qldUG(eLXg6r)@%n$-*j8f3MSnz~)APWHPnPpWE zD@gotEKlQ5rs^4wGje_Hr${5qHf|q-pXT%(4RgdUJ+3d|*qp_CVSHLPtb}4G`^L+D zSsvq4e^C9;yk2pw@Yw%)Ka$vB>@_-3CcA!dK>%BSSA^d@^?DUw$8D!|DP_Wknt-O6 z_FQvmD}E1~sPM03Qaq-a=GUz#_$O>KFSdzqMm zsyXgu%xMdCRhvj7`(fQhFR?%xF()#WE>?tb#1K2fZQXl z57`4IHbm=L^;(Pt#wV`#Q`K>>Q}^J1xjG@(M<7t&7~SXokE@+7jF9WiP3EZ%o_ac# zaIGJ}_q^1()-IANu9RAjtUZS0%xor0^A2N)Y;|})2I~bUnT8a#NLA;g2Knf-Yw4e* zKlIel*VKp!!LA7Vn=~>OT#v{?HGE2Bqv?v-@DL?qJd$V=q(44fX?D(EpYmPDm~4F*vtMRCqtavK0ckT=m&(&uPIoU8r_U35a07PykX5VILc2sFimJ-Q7!o%B zVoV9*_%FY$dV_21WY?Q)W#5kL=vNAu4zcI<imT4a+!m;vaJO z*s)mqrfmAb*;q%sqEjMjrigdBss4BPP95UlUjs5F-*(g)EzydMQR#f1gPZuiq3uD0GzseZIEltl<5V#>K4_SZb5uMtK_&Cm?WhmS zpQppvuz^b4I3+CfO2|3raEC7?;J8P{@E}l=XmTx?pxpfP@mye>qxbyxq@jn&^Y%~# zPu4Dzf+U^7uI4J-CQ-S4vvFi)E3=2cBn%%L(;QCt6bx?C)Hv_Xf|UG6Uk;j4s3JKu zLsR?-R~US;+W6iediA%0iBQ5w`bwxK>FpS@fdvI?dA&|$stK^d@uJ_wHl)a-S8a|qH`8J^b0S8C=Fn=BGVwtqWn z$#4AW*y?THI7G33Z7{k&1)ZUN`lf5T-k)!#TE&?82^pWV^PPS3dR$@5*sVE2Ly zf3HHK3RL%1zvJS}z(XxzWai#P3qq#{$4A#J=>e{}v%KTH&JE2}J#%FkJ1A0Vu_03T z{!Mn`R}ba|(%m~bT#(|Z{VBabe=PY}8}hOj#Bp~bATTt0VqLOY+_gG|0NjEfqXTb+ z0i@kb9!cljU_YUZ>T-p-HK3sNfkAx(gZ3J6AYek^rjH8zpz*^=3nq;=>KAee>!MBb zh)IWKo{|Xb*;f5650@{trw2!vI?RrwUvUYEv|D-f^%WrQ`YSCVqe4a^=wGF{k);3D z<#U~{&ie7h*e&ErgYegPgd`E;2>tfZ7~cdHI*8*KIGFo$$EU-9br5lqxh+{j1;jv` zD0*N(e?3^Pk*w|BZK&)RF1e6JpubGtH%ElNIX$2)WXj>dXwf?_esgS&B9=4)E7&a& zY?6${<6~ru46SsS{3b$Juc@Cr;gK|J;!j-RVl?~$Wv z)QI$#Kvy{X5`Z>=DbD#xq~ln^hu2p_e~L&HU*;+1BO~dV3=Tu&I*Lkn8(YF zAI(~-0np}k=$KMhJA*cA*=GLNF)`x!Q zgXeyRf9`zX;Bt)&{`fM$&Q6aDc4gx_o7D-@8~7~?g=v9B^A?OuI#c^LB%*8^!NrN{ zT$g+S04S#V2e-lW6uu|Sb`r?PQpg#W{O~7S$Vm(**QD^V{*pU@l*~IKFj%5~6^Y^m zqR=Dq#5q*I_S|loT3i_#tpsrkGjRNadu(7oT1cU~5GvQx^fg58in;jPRE&fpJ-3`; zfM28NGTo2WdYNS4&;n^>;RK$+Elw^}Gfl~YCIlqKVRT6OeFBxznw0Nz<(vJ%WXfPNp>6IZ+;)x zu8-|Rva{tP3JB+G%k(k3;QuhMG5vsU10$@-HoLL$fuK**LMpFle$aIvedh1WxNsbC zn`nE*sJ|5IBh>$sZ8%y&HwytiFMS`BR5pt+zv%Zat22}#BGTbSic(S>**LGV%-?c^ z8}g2;GP{lYh>CfbuXJU?oe_%RP!pUg$y@u?Ma>ZL)`A30RRi>~4u`?!jwx&7Ol#w&i})J;_I!oS6U;9b9UMiyZQLiWCPo6AOc9$M zBJU~4=6qK>zIZ%AQ+fQx1>E0{`dOiTno}2z&#cU)SFUG(4xUa|`?A_H-#K(^KsSoq zbQwgmkilB+*=h}>O(wDH51YAPyDY1r?9vmqYw#IYUJ|cJ^H_E^=AtBzjdD0AcI2Do z*4v(;elChXmF9%b)QWq;cTbEK0~PxD#lGd=nah2ms>G8z66(&fFqd?=HjIQ#%>f|LrTWy zJVGlC zf~Hs=MUtP2eZLqH?}P>1l8>o@1)C>^l)XkvQ|3ltQmu)CKykRb@i2kz#7j^egY#!A z^TYUX(rP_i%MCwD$4o+p|E!tELH_i5A!om;y1Ga6ZPkhM^Z8V5Y%J#w#+Jh;))`Vc zeC+M}n|yQ*zVhAW*jJc*GUbX z@O{_}+g@bP43YHHQDn=P`x_z>S(A2m!#x=L4Gf}jAG}CzJ-nc0v1f!Xu7G=Vaa;$p zySG_{wY}y=Zi{G+!ZD8edqn)#t{u@`lAB+sOLx;%5{CO3X~Gf4-;V@CDr-6Zvj7aT zq@PD?v|}u7*|7pu0FQgn+r37VFv2z_P2l!EXoj139E+)ti&hKsFK0{kkCp z0G$_TYO)i0Br5)h%AveT-wBL$mxLeJ2m2= z!B!P$TY~%Q}sc-x|fKI2a z(Cp7Ati@G7^l4>f<$Q0?_o{&iJZ1RX^JSPx6na5(@$hn0Jenb_ZsnE}oIMs16G_I> z+uh&3FI#T$BwEbz!^~+W8T4*EnR--=WcB-Gg+bJ~s?D1cwVif2@(BvCMQC7czUdI2 z&%1-Uapx}fG%`^eBw&+5vPT4SbfP;ForA%ASxAAxBwKbR*+sg8*f*MzxaIJ0jq^xY zWttMCUk#`4^Dh+OXA>MHk90z_$8EI(KJR(BD&C_rTCZ@5p0Ri8*!!_fBsZ)7j0};?pT-FS@;K=u#+}~WbyboZgtYXm1?n3)x z3{lX-RO!oU7?7(ZG+ppfxtwTbd>#Cxny*pAlsM4g2+sx^Yh8nH2`T zkfOedVG6t4xY?Kl;(pgIfx(HSS_#YxNRjs6A95;p-s`lq-4FhfNWZM~&7WF!4IiwS zXyKjjt`PY{hOsIc5-C!&Xe=);loBVRtP0U!xI9Dr3-1)>#b;}*c}8XJ*B6m4vsjDQ z?xy+qNSsHJP4ZH7GS+$b?~lR#QDXVze*l|>HEtRgm894JYmc=aO;3u8Z(5t7VJ4_Q zve*i^XxEQR=Y5d!-rx9ex+xR*Fk{0J&uh0qvy{rS`CGC6a+})@7Bc!!msANEdF&lX z%@lXWVS+01YK~&x7@=vX(+s<-0vuLY*64?L$+HE%t9}>_z34ApGXXd)Hw(EB4mC~+&>h_Aq^|np=I!$ zv%4uXq#hyt)q7v?fL|kVTGdLXZuR4Rq=Nm&UXL5N#Rv^s#-1rPdHasgOV$*qb46sK zRS1Ad1is$v9?E=m$3=t%(SS3fE9+nCmp&;_VLE;VjD*c6N^wJu_g&P#1zR6A2#$e) zikO;)Ek=<_8X6QXI)jcQMsz{mY2180J=l?q_yyIC(kSQ$8{p|IG<)#h@EdT`gyM`w zhtso7O##9sYEee~RPKhy{Dy<+3j{fCwPH^h1n}bM%&dRTiFhoXQyMe0)JzH>`sDy^ z^}AKSzj=IUI&s5KMO<;GX>?(-jM%y^%?CN|^OLRxisb@#YKXlTu8=jPZJhN52*gedA4_=$$M#E$MzKR)E1H8QM zI!v>%1Rb2z0tTUhWTwMoWj4P*`VQ}D5G4Mz%9#TiFd5_pID+>lz3zs~RP5*W3-C}j zkL^Zx#U&!YSR5QdXR**0tp(`0_)h>=X8Iz~HQoU+Vb;02<*cl`U z%wy>N#Q#Zqlt*y49VdhIOKpbkN-b*OT`%gS)kG-k;_^~aNAI}Y2e{R%gt9RbeHz2@ zl?i7_0Y4y!Q)JkJnfj72O&oKT#M6Amw>mcc@(KfJp|Wxgs1&_636}+&95KyG`gOeeEiR& z&e{(n*5AvU_fBlv&ej1Lqtn+>+=b;T6n7fSI9$@)F2lWiUh|~yFnA>1zNJ*>TUa`- zSHHmDECnJe1!Bk_qnk{5#>Bm+B~pn|;~%=|f+RCVH#2zVa+ z5$#cdTe2#Z12|CBD^hBqfPWxCk~K)W{Qxhkrxd0M39{N`^BiP`Bmy=;q;xWtAFQN~ z%JrHCC#|SB*H4SyU&<*YE-syoPSa`1E;8Hp~$5&@AogQ_EU22r&Sls9jYw4 z3Y++zT~gj2dvbE>$Zt-E{1Wu4AzhW+*C5r8u`XsF*pV0o(Py}6YbdRqqb`}8I{x^M{&~XhQ;=ZV@8%rpO#NU6&KR#1` z7U;;sXzMV?>p272`Z}1_KP9U4_^ea`5>YmaE5645+-s))PVW*JV@&^ync{zk;_z*P=b)|a7s0uxFYAEfsdO!9GLG}qpaZ@?P6gV(-Yy#~mP*^Hx!}rgSB8CIlt=A2uV*GeTNJ! z#=4@u9OygQ>NzwfWAV6t9KP-TPW~O7*%AQk{_BP!{e2>>-N_rrqPwL9IOe_e@bC|R z;@eToASiiL;NblItiVZ8WKTvEfz8I%XqiIz+V@T{l#eDwmi0Q??qMz=xcwd9ngN*W zk2=w-%*>6w@Fsd_6(E7?4YI%8)zB1tv2py_VRL=mc-xj2fyB(r+5mA%mvX9i+&Vv^ zVrZD*mYzqK?+&mL7a||w#n~;Um!jZL=qsCPVRd!T)M*b=S!N`RZ_{wXwApv==rJ~m z5Qd-GVK!PFi<;$3uycC8up1nmKkt){X=R}W044_S&*s+F#!#r#tA}Df2P?gvb>As6 z$RYj*(_`(j^gI{!d(majVpvvJgSXFEkHo2!j;Hd*rzeFnZc2hEGDc+-RdPD4U>6I+ zk)Ms44WcOT&5i8L%=5`J=)))C&8GF)#&y7}+?JY5>+hRc4IlYUcm11odtWfVL9(r0 zc}WssTbdrPBSH3~GYkhB5(EJ#aqZNqE}u_S?w=3PvT(g_d>es+kG9pijj+dF!Z6~l z`b=-|Ska5TUl%r?MV;PczS=El1wM#P3oUbkuvZqo5~HQtDdp9NZ%qk5x1e4dL9X(B zqEd^pduCG!*6}tx_q*P0Bc^vtK}1ue>WpDRzGX>}T)Q>Hm)Ia2Q@M1LHg ze=cogMzDh$K)31|SKQE#^cFD{wpC#3(5$OhuUB){sr*1|kpnapA-`icDJ{2Pa#43u zPo)~Jl;T-`8X7)u|LXe+T4-W?gHY7#!1>+9{>wshs8bC`v7-x2&IMSl!}Kl&b33@v zB&xnPkx#Kco1XSOU;xyMIP5yw!pyH1J^_|j$u%9A64el4Q@O5o z?9!7(z-yc+5rOja{xV5O^74=>7!FsL1AgXINB1V zCK%{rGC2lKI(jBM$jr~I2?9oo!-vNHZ^8R zlbtWoyD1*Lj2y;d9ZX!Wbp!KOYb2<=Tx=_Gb21okG`<7r$;b@SXnB{(kTAD+zGPrd z;pyqPn4IuoP8HD-69>c%XmXZ*0RMSp_E<}KngHQbpz`%R17OR{Zr0GHMXY;(9a*3@ z;5f3@37p&Y#)uM26p6*ZY%8xmC6m+I3GQ1a!^xJlS_vWwr^U1BBh58f*7<45=xb{SsCY7a zuQ%KzQP{6mv`HEnAiHuy&H3JQWOHSz$xg&xl=w;H4cQs-q1=xrNgS-x+(zEPf51%o zwrAViT0XO5t0Q{k^vD{OTZrDKrp*lzt$lEqZ*I}u8p!%K;{|MxahA;u@4auEO>ah? zze~8HS8Kgv-E?_E=e`h&v&HruSn%GBHO)uWj0S{?rLS_3iYV54Ucf&2P&>07M#-h~ zb1T1CqyMBY>F_49?R%m`)1e>4$-_rb@+5iUaj>{%hVaY@uE~P$RL9$WJ+2u%w0uYJbN#;IaF|Q5V)7om1puU8 z3O~@IXJKrLbb6wX0YnA3QL#p7z3Cnd^4-rFm>#;LCnJ$hWxp zk^Rs_DyE1*G;|$8Q~_mbV3Z7BR%^9*oN-BG@d-ushWErG;Qk&qn?!M+A+xo5U5cuz zN5xoBNhxV#tHJCx^-h0mooQ)Vt;13XYGGj%SO!H6Esi8I&$?#=V%)MEZISr?#w}^ z?I($CGMVbqug>_@2h(1vth(#3?j=2kqq%as%GVF-qimDFZ6HD2_ufYKQc)AF%LuU|@l47cAJ5WpR zmS#={pUeRg>$BI>eQYv+JnjzZ`RVzmHV2b&A5qBiHGB5?cbbRIN#<@qsBL|@fTpXN|~1U;P)`H}5~Wiy4 z?dP34*=CzHd@MP*m)lm$ZnjGmFu<%?Qsc$_bW2)2D$KDNj(Yff=sg7HPa7$Pt^0wj z@~pntYf8+1p=%b0Re%8|bABIO)M3*z=NGi>Sd)8T(w7kvyMUu|y<+rF`dklua@{GI z%3-GH9v$xtRmMN_PZRFu=Y5Lzr%6STK%gyA_Ack5-GqRbzg6WgkM`mB&mRuB?;l?0 z^w|IvKa7FQpZW$PerX{t@Iy_H-!y37bl+gX;K=^>*h$>uR6BA}n)7lra>; zA}rpc{dLM?@z<{+QVFLYedfZC8sbl_t#`zxzReP@j1s6GbLvZq9+)Ihtl(5Z-^;Ya zB}HX>d=+Mxu>!r}Y5{&|S03LLQ}@2$^(H4;<7T(DX~vRI3F2ARlDyS>IDmUBUq185 zQ8;IEdA`K7uPz^05eFU!^%uw!BMveCNFmqU@4FGqCp|88UwgPt>5)9SmzP=;hYOM2 zNlKE}@6qkP0US4pP;4^(zuuuEEqAN{zYnl{_dQC4#dt7^lJYBlFQk0bdb;nHbu&Ex z`fKv+D)1&+ULT0E0r+z`HAz+@+uK&)Ofh>x^QTFk+0F~ZpB#73WnFNu`#*zj`YxfJwqEVx*yrKT1ZnF z7Fx-){b-3@Jppq@SABoKdvfh2*LMNinzKo=Lg5I9|HtZHgax*slfT0@m+i@>W>P?L zgh`}UTlP&$R)rsrR)Zj7svu+u&-`oA_9H3E%k7-LJ*lcpqVc#xqRGD#A90&o28v?>w!x_f#(bDt+>ilIscX3jf4ICK<#G_SM6K)v_ubg7h1fBWT9Pa)My1erI&RvI7!{d}_=Ww9 zexK!n29<$cC{UsDL|;3c%0d|U7F!dBe!k;Ub|Zvf)+v;J7HzxYMM&|=n6cy`ITrOc zhhKve!z|l7U+)vccrI;+)a_1*+1jedTgRIRRjXzorWm~aa?5OZ$DVBAnWsP33>Wh8 zGUV7?2stEyemxTNDO9MHf1)~Xhoz62I%>Sew_WD|2)(z{mfgdwm$g_aIx~y^To=Oy z)H|R+z!BV--xIV|QnBE8X&U@=k;k`$fkygO_cn7RR`%i2pOIm13hoy}8=$>$LXw2G zU|fHYy%9*f+&Up2cZx}t9F*p2PRwrwZ&q-kt7 zw#^eYX`BB80+UAW3RpET$9f;7bn8wxfE{-?`8k|^?B0xlh2dv)8PZv zg4(eiEp>`%6>ybA_0!KyYZ$@KvMzXE`gRo9xYK9c{uxiAtaASiyM7tFPUp%o2lt>~ z)p9qw&LfK6!(ov6(Eye9ga1Ql%1}4B2jmy3f9BrbbnzT7;k&e(FDKWsKx-T3@e#}P z!Oz}ZrE7F*r+p2QXk7!*otd?&tE+EiYkSK5w8#;Fq#t<~If>^;=nA0f)zyu-xrtx7 zS>mm%`<9^0zwGk!va*dhCFav1^Im~PvB{z*u}3#;YnFYGt1p0eQ&$(|tBlZuRGv!! zN;l!TxJV3HIXA0==~;m3eN%6|Tqmdh;D2X+s*M}TJEhkRD`z^gB|m-5oRKnHAk8Up}Hn7=m9B5-$M5-|&r z_Q~IHHU!ZAZg+=9w-R>|+gWKC0+750U3)?u4!2#t6I}W?;m8TURY|<8_4OwDv_>Ea z9GY9~D*93V{Tuyc#MqQQVs%(mous-GY`*TMZ6I^ zy=TrbMa-(X?PEd|!6jW@P#eHbA%1q#eC!Hc3CG~_*lAr6TMw5fNQPT&Y7#Ur!uhlP zyV^jq&CXI8@wnymz3MXUPSnnnxD_0YM7stVKXVPZ<>`^lT=xQ03~WUZ+t5cBXStyqMf%|%D|M{lMN4wXQ&^b zBWvn^)E#R-EK>UGGGlD}E52WCj4Ka;X!5F0y$F}3h&i;!#bfs* zpNyzFH4_+An%|3iVG4>5Y=z-g%8m<#K@quhD7AyE_Bqq5?O`|i+ndL8ivk<*bm$jD zf;|Hu*zPH0>b65)<&v5J4*n1;&$&3-a0P=wIbnW98W;88Oo=-pe)Wd_QwoL!lskbuH0B$jyKI}1#<`l=198Xmo_?D4 z#LN^c3~1`4E_$3r8Lx~WkUyNS0pQ5Go=31B!$+IHYLm?A179cvMIwh4?$Q4-4)bj@ z4ldTWmsM3m7d`4nlLn=y!vmh7)pZtMZEcg_v`(FePLRdJhpWc=@(SwIh=u{!*vnHn zZ)ltDNa;%#S&}>SBQiHi zQ{!EZE~N9-kwk2rFRN{OglId245=H1-mnK|C{|ouH`80+dGLN_%Uk95!(EkD@z0#) zGJ9eO0?_ZC2kz$E{4a%m@c+02QM`V9yc2w-N~HsuIBl&5Mn~7nyMVwCLoYw7kN0D) zXpK#tyR^rvlZ|p?W#{iVH+-aqY6_FldRF{3+)3mU17$nh0F>07us4JDtAV=f8`qib zjzbG$`9r<&Y`X|&gQrSy2LseDhT{Y4Z=kZqMAqGr`hPJO+g_v??eJWjaYq<>-4;xC<5e7YdN^r$m{I6`b{VThm%j2 zCaT001*zq^P#gn$RHj2FNDg2;VfS*=^X&owYc$(#g)u=oXay@+NjNZ_4Y&F0Nde*! zjYMEoDg=H8zY>RApD*-Z8#Yqg990d)O?iJ6m$x@#?yu4R8q#WH8-TMCcJ#5%5U#$O zGo4GVgoAPgwuEUsQ;JqX9RD$tf;9O(t+FeF`(L7hF_hIe7cMNGyq(?Zz2;P^tr9hb zHB1>#fWAMv(yaGBokcB$Sq#jeY<0ER@N>=w&vE);V>QHaM`6i7d#JZx2vf+#wynNY zUDUvHmS1nf-<3JGNM)a=UM)WThr7B4!<`H&r>Ng` zUten4uWsa=f&23-FoMb4xE5v{#kCG3uM35>v;x9UvbL2AQXT+apC_5U#*7eWhHiA8dGyYe$sW;&PEKW>!=S$P322DFtTw?3CT~)m+o2Q+y zP?d=jbbJC=)`OLl!Q9KOeI@$hy{p&+M$m3d1rD14(}*`pU}EQ4R1NDelV^Pl&12%P z1j!7Z1F*Bz7DNRF0jpWbAiQc8IZVj^;2xL45g;H%4VX;PQ%21B+?}-bELK;zHBkCi zfH-T#5<)`ZTQqCk@b54v7Hc7u)qEji!_V=F!Xwel0YR#UnURj!d<7IuL_b{k3-pE7 z>e!Rw<22HCfX`>{F}br1_R?-NM{y$A4-AkU0UG^Z#q@-8z9Q9Zi0Wy&Q8lW_!0DWK zj9RS?n3->a(C&7ReHa=6QPPmYyYUz5UYAotPU|H@3R=e;$3k{*-u^N)^gH~I1qrMO zI&z6axtb5~_kk?1RkmWP{-A{WIr@+~|0{VQy}Ecwx5(vh=_QlJN_DN43uC08@bf21 zp9$7OOi@1PjwMftlfcLp`o3@Q0vC>7%^I(Ln?JFiYmX~UrIOFthOJUCW;K)3#LQhc zwa3kyt3=g799~m{xt^bha+99Y9vTdU!L*h+!R*sK#P2upLS;Hbo}f*}pJ$F8*EtzP z_PV-=&Z|UJh=-WQ&-;a{|7u*h?~Z24pN>~sU?URw@lblH;mS=e{Hf(;2ygt}PR#-1 zF{gufnW5zTMvXNI-0BUH&r2|8m@T3VpEI}^@5+O`u8|5O!pv}!EKUdum!YW72ab*a z*L>!oJRc1nLLnIWH_q5uJf7_W;-bkrZTdPFSmMyN$cW+VWw2W!7;)IZ_shxchfC)v zaPMud+^>9G8*0oG@~-G9@ile8qw0L}BAKAgj%&~2aK~ifY;~Mii1ULDkc1hChQ*%m zaW(h>^9-8jF)hx}pO$fzLI9dUODANJBscBIk$J-nNfce`ZoD}!oB`UVlZ^ih$D}}k z7y!Xg+}H3{#6L2rlo-A`bvFySxGq@j?S5FvIXn*$`qM*|yr|VC#sC}L>a*4w=ChWxBA&dL&A?keGZbG<$2!Yg$?grlQ zFVIiA9b}v8-1kG~CT$`Dktxji(dzewMael|W2AgvH3)CZFU84Vru&C$?M!R0l9yi) z0|Li_aVLeB{qWmRnVSA|HCHTBJI)Nw_=(+ z!PN;IvS=jXzI?Q-8C%M>FghB#gBd(I@Z&d%g(rT~?HjyA<}r)`ws0$^Jy94pM!fi7 z4j4+=R8;)jG?i7>~sQ%lTg}lOIheWOKn5bf5T~XtW$m+SmZewE)SYOz4$(g4wW{Of<1uz zb0CExjkBys3C94>-rQHMgRsf|@E%!s8v@C+E?s|A{&}mAekF2^1F2l!nTm?UorQ{+ zFYnyPa$Siykp5}HRM^;!+Cu#7oU$AQ&XW=!HR$0`VG4K-9P(sm8Ya~)G##eeiV#m6 zycNgd!fG>l#u1jIg7WOQ+e|2R71IY8aL96gdVja=Yfufs0VR9gpRxmtnfp(cJc)4PO*%khv6oHCnHmE}bQSc*%}r9#lc8O3L|Q zm?jygi@+D>B<#|W-YHD48xB4c!lMXynj`NAYK@g-rEm4$aXTp*wvMB|8hT&xNTv5) zA-R5xZN(Pc>~?1*4LcV{noiXZtmyP|wyzn``>NYo0ffKEwthJMW1QvN{I|||4RPs{ zPN!Rq9mt<+nhxN7E^<%2nI74#zl){wd&j1uH%Au~1tRax#|{2=p%~SDN|L{FG$5F2 zSmE;Cw!UR0au=lb!0>eTp#^_sFm6pKnP;l%Jp?OV^fJE4t)`#J~?`7(K#U}YgMC^sEsP*tK&q}7(b0be5uOnvyB#C+7DIk~gd|cG7Nl2ns zhU?PCT_|#x8+U}czR!-uj+{Q4KvG*u+a`E?G}YXRNkn}79aQlQh)>MxR(zp{oPM~? z!Est{!P#whhMWyJ0o6CI#>sb>ym#XVEC7vrl9$1x4LHlgb@n&^k5%=09L^t!tq96-s>Bs>;vUt9KztNrel>jQVCrOWrr zR7}f-(L2Mcj7q6`>vrY`#w^U&sDIMkvFhn`D6XniF?0bVex@OoD7HiIb zBRdjEJ>73xw}JC<(GJxStc<4Pp03)kMY3F><8x-NWP0&vDCL1|rY3xja6OLK8ON`` zI*uHAG1xA20vbBEJx-AOU`LtJ_mmIQH+bWILhrrO*<12KLplhIvn9pxgSxlf^XC*(0Fb=Q^tvlBVFx}HEy67C9stzx+J|dS z4m6~{<;@>q{q?D6sW!~4?$}|{rj}sAf9_6y9Cn$;G<3q*S5V-Oc5}1(J==acW8AvTuk=dAWoPh1`GG>>Ih-V39)AJHZiKil7=oxE5HKh38- zK>N_(FLVm5f^E`5lX^~U|A-SugFCc{vufj?5FU!dS&nFq6GrU;URZ-84Tr(^`x@5& z`g2~btg`#3W`!yKYLGVIj+i_8{T2R|Vc;RR8m`gSYPtb=7qE@96VY3BwVd8-A&|KH z?-sV`tOZd8cPY4A=$HQ%w6P~qaJ5dE+^*GpVeF`ki+kG*r`*uqTVCY$v}W&+f^X~2 zp}FvOAmZU}UlZ}5@3z=@R~b=IZ7e-YOI`4eR_xOQF?+N&z|=5d<5f#2>_nE6p>;{n z`|jgtt*LH!{W5s@>T!7*PNP@Y<)(+n_q7=JH^GFYB4z`;*UmhNv)ZA&mE{kvPRx4R z)m0Md{QjFjWdT1-UY{x<8X7(B2C=sXEx`@I{! z-H$wqcVB`MST!F-M-Zu{g{yIszIx#;ZUO<5ew`uD!-kLoyJ7QWb)Q6m;K-*V4vQuM zBN$S`WG4ZYIg zO8rBN)rgMpEt4hj9J{Bd5q+a`1?bQ2{SQ^?i#N04`0xaszE>}P|9zQto|c<1bZ$9B z0{c2&V232xvg@f?V*48enS%gV(RuvA!u;SDI;EYdq%*Vv_M7(}1B6g+CE4rW%<>Fw zIvMy5I`QLqN)Z;=+RJNMl{SHaT+?)u<1KiH5(;c^RuofduS9{#JKDwP7N32W7OUz< ze(MT%`nR!Tri*~Pl~#r3l?l?gy+o^7y_A8JIR!N5P{k|?ZW{H}xT?n7$U%d(5Vfyo zXyedE@o>m_!k~6@B#tp5681_XSlyvvwU(hR?~E}okcqUwuqdy3%~mmB_K zS6QK^8mys@9>PN?+771e5+2CinO@{_19$wgy7jnR_o?(V51QjyoLpBtZ^1Tlh{&yp zBX5Wc!v}i3CJ!R6b2CB0vvBNPUfeSBio`s0oHj5hTUwBm$z6414bmt&?r`;^`N!-|I*{3LA<& zl`jo&HC~C*7Tqmx)37eD#RMyqBfKY=0Q(EZqOSa0D&(=szZI_$R$;hkfwl#+Q~PG* zrmr^Z{GEs|kEb}27aNjT2Cu4rykbrT9zzVFW6yLlRg2{9KH^Xs4$|PGTIvyEak`1P zI8p3}*ag|P)3-slOFJ1AkS6ODOoq`|*}%cfMR@XuO9It1j@{rsqn9heqsCei2Q$ei zqq=9o+q%%J+56qWMi zF^f_5^G%&*TiQ&YyB>FvT#4c5dY^$mG{AU%rZRWVhKfA_HFWG12#L7+^2_$K0D#+^a-z7>3=1ysBM7jqr@0gk^LHE zq`dgd2zR{X&+K8-Y$#e}9+>wGARKZiDNfy1TeWn%a-GUd-)iMg-%-LLjDhv8?Gqvp z7UqI3zQufrgIg-4?XP3%g~_<3nZIVm-q=7P5$a$XbAC2YAs=b!WV8Cm1Yt80SoALu z=RH~qgrHn zTL0&0xmP>?t>5S}^>wj~Ks?*eRC5I;N%NH;Cr_E2fpMZWbb57SR*W<)umy-%_|T{Y zZzzTX81`XYOVXPr%0P{IGqw&PUK9!Z9}7rQ_$I~x^MvAA{=%GutF};|%G($$l|0sf z2kjNxb*bdf3va7Us@)~uADL_k62(+x%xvF%e%Hc*r@)mQ39v?oD7dr$$6kl+TIdWE zYSpz*{5%-d(zDKbJe(3E{}2IXL+ER0vw~er)c;{BLK2g14Zd+Qux+juxf$xR>=&X} z{c91KVwgLb`?Jgd0TI~bCv}vay;e{UP(A|m{f zc|If~kF+n;S#c~a6h|*Ixt~u8#jrZlN^9P6vc}2zAQ_X)4$aJRqTis+dSJ7D=X}UP zTf;hOFb_g#`k`50fBElSdTYTnVVJU9X<+d%5AE%W>vGrB0Oxc3daLu@&d^e0gi)2B-`^tso(4`e>U82eFw3yYxd|ZXX=A~qDK6mg*NmT=bIs_iGr)m z3KqD{2F9z+zLa^r&HPLODl%Pgn)$23ekwtbikKdP36X{$+NiRJM8e%+^ahBA2G;~g z$d{dI!domkcozY;pC2K0p3>61s4MY-27EBm#NHGMIV_N;1nL$J7?jPwk8LpF@L7e@A_9+oZH7 z3>V*yr>Kixo}dA@E!j-N&2nYim63;Zn>IP&g&5S5t-x=K!jWe6Zt)8}^dmY$+D1)vfc|LwFYn(o7HBI<1<{Ddpan2Ef+Hu8fiZiL~@=1HO()r=2bmFk{# zP?3WR?H~QeZjtx*ui)VB#=ZY7PkYn=a=r3lQY-JKQ7OQH7-7}SbeZYl z?qE4Ve;P!-M=urAZ@&Ibds71Ico>{=y59L+;usx*5AElup7;4LNs1+AxTC!YdaBX+ z@|&h`dXFS!v3_f);hpil8xF4D6A|#aTwm-Eh+0x3nsZYQz$Q-hcr;qh0Z~Ky3l?fj zTgMm$K69<`ESDA8f$c6wjpDx`FNfs(7WsyTyeI{%W{K=G%}K!)p%fFh@5$(qXtNdyL;a=_U1Vv1R5g z2*EMnaU}8GjrH_zR9vKY`3ZWy%urisXc5G40*(EqRixirXh|!gEborP32vmBt~oRU z0;0;^TowFGwg9}e2GiibjVczSNfV@v2aM56odj3ir9v~1fxzsu^4m{9D+JQC@B@nQ z?FKFW%2MuP^;KO~s?OJ7GOt-94K5epbYS4cY*0K%S}7ZWY=|UqAo~%(#aff%}ER&+P@_GLks<%l!D3{V%92!%#@z zX1I{_IvuNUz;*IZ`=7R5@6H>=(%}G$?e;v&?ZxLlqnSKG8r=s@;*KZHLj8B#k@ha; zxH(#QB<}WVK%ke@Nx)O{{PohRGS=E3Yi`+ad!>AC^ge$VrU?(t;)ouIM}U&SXva|b z*1+;60B6#(UQ^E_$?U0Pw$;Bx=VN<5Af6iZiI&>sS?ssyiPR?UoZzM2G#H&_?r1b^ z>v}b(U%s`z3A*WH1Agx%csDT3Iwyd3m24irt{8&K2& zvZ?cXkLloY;J`xcl=%^QqDcEN1YxU_uA_eE9EA zy?9Yc%kAXyyg^kZ!4SE%$001{TD0PbY3-F*Ue^Po=~w2h=6MIWRppshirP9_K!~U1 zR)p|15fadO9UgbkV2Cjxp>$~QFR*<-A-%!Q9?V8k<^x98XA+l#fIL z!Uk`0ndVtKHsK{#f|O56@rNR}Hd!CAL%n&|xS*XGKwf^`EZU!+S=gte)ue4`u?nR( zqhi~CB73)}71MP{U;P(<$dvpOE+8QG)_y%~U{H&X9#tlnbGeQ8k4O&Fe`lY`2tXKA zzwf{>2zPCFBwa?>36IGKcV*)oA4Dos)_jwKFbk6c57NeNxTz7#dZ;<-Aa4RJDJ^aX*W~vm}m1>3v3yRLqKEc);KK zA}6?={Ud&#taM%uiMP}2uWx(1?^URdiRp9Hv-`wjcr%3#x##35aKXCBV1er6^Xshiyb&3Q>h-rtJ7x~LX5`3dT_BGXX2Uy%+R^i2^D4ivwBj1}(1^Of)F&Aue;`bqw9;WN+8t+%do?LapHN^#VuI~V#x8_t1i$x&i_trvNLlj zD;fPWFel>o48Ge?*+v9noga03)dn+4Ziu#}x`_=BGeGZA>Fs$uTZz@rrrA2Xq!Y}cgOh_*3+)st-9HW$9{Y#*o>i* zt`$H*fglKQ`Nnx;ekS;McnUS+zjaz(*WX^QZMtQs{4li7T6exUQAO%{mCr!PmYT{b zG!99^cag_sK(~qI@8$s;JX8kS zjx#KxQVAWAI$bKEWjv|908A-Zr=mSn_g~mrg&*Uj^$mg*@!a0&X>eC1j~-Gc2 z+I^3sWcH<{(0PU^=5pxfTor_{njZ=NRwp}0}bn@E!hEkmpy-Y++4 zAbxY)Lk7{zyij+>pv;d&PQdJnlu$T;u=m{tytOI!K&R1FSz9-;n9qFYY_r;|JSLS! zy-B1|uLpP7<6C!|DYQY~9mR6&=SP0eZBSz6kIxV05>YYI z;4qQ?f8vfI2vMXSqL^6qkA1dlSf0y`U7b}IFDI2Ef1!ra?{=}4%ydTmAt2K{bo82H(6!`${Sc^?Fvp`aoO)R1h`#k ze`pHqAHN;itp+UAsl41Cwma$sm)EP-4t2@3?smw%c&9~g*7f7b8cq0e1?cwUYc@oV&a=9#PS)>blN;AhT;zsTez z+-_x~^4>^t%l=i8rE;=!c%_ehNR%cy7d@lH@ESbpf=>s2zkB%>M;heAiiYt#>qZd! zgaM^>X(ktcq*?rC8>uf0o8g(?$LAy9+XTW}5IR(J^2#+~ z_3Mpx&az<@od-Zs^4I+M!b*DT^SaLp@ZZK~Enqlh6%UFXPZ7f9L#ABFa5~WDvoWEX zel6_v$W2d3hk|-nS-YdO_J;qUsJTKC{A>Zf>+!tJEU+N;%x4+C+0gJ_d|tMdE1C53 z58Ep)R`Ncp?{KXPRr7h_kvWZESk*m;kAa|4`VO!#&TWy|QgCSL*r zemE;`u3#tyQV66}riEvs<{~>82xm#sv1J(J;@!NvK)@eP!uwqW#rlbeziQ-ifyYLv zZJSI_9i}~rWj|H@L)(0imoDlRdW^6dSD75J+H8zCPM$+-S_8tAq-(J(?EK>swfzmf zJtl4zmB7qTFcAx)Z*&S<5f2Du3>9h}kfwvF02wge)J7gdK6M*+KfFFi4l*hoHySE( z-D|3QCADiT=bC&FvoR~QCm6U-2N{&?F$Zp$?WwlQ7f(}XI_#?;&wvnMp%N{vgTqNA z4oYKTHT3DeTMuf3lEnqg3kidi!d4?Y^@X`ei_WYj^>QC4`GHb1!J+?Z`sd-NR`T_a zCnmnGSV;zpMJ5!RArIbk&ar z@RN54XJ~l0wkbM9NF{AmW}>eW2{rnan`>P;xrchN@oRUA5*qH?L zn}kL>J`R)aGJ2}jYGdwG!MV9r8!oQ+lLyxD!})i^ z?_-M}1y;8fcF*375#R8S(nX3h4(XR`q|-N{Cp<<22!=(Wt>-%zg-tT*E7T{`jAvI| zQ{m;f)52dC0Qs)nGoxwhSGufX8yQE&9})P1{%%;48+>(BDMD0JhViEPg zTb;#AiMBO@((`8kD*$NL^cqYF1T11$e{iRtGPBT`?6)Tn|wJ4L>ih!x;M}|L1)v>uJ^!wECjZ*H(V53->tskYckpEVfxn#7WM~~UM>EtzbH&zdXbKF_S zic2Hjyo=3zQyzeV<6HOwWaMn*+JlWus$UA6g5_? zC|ibCDA$FFohxA2Ws@qHB*9n6kRrX&U-U^ORle9_n*hFZJ(las{|5BN_Z}2Uo)h?w zvvjss-1sdgZuVEaJkR%6er)b{q-mudDlyO8gxOOe2jwlEjjO~X{v94qg$mx(JjA0<|;l{nY>EQFpb!15{O@c_f>ln0dj8$V6$C6<9|Ie zd&bt|`mU6)UuZt&N5I7LS@9H%Iz~piKz$cBvK)9?mxU zNPH_RXNxVFZxNg`x;$ryDbzI!rE!bl2|%Gm5o1?;I~9qA|I$P9zWFaAS1^R=cN`y& zllgSws<~ETVRYgy+{i~5&aPN)$(C9lcx}=rH_p#|eoFj^=eY!YT-$0qmW9j&L@ZIK z{@~Bz(^^jB45dIFyQ)+j?5PqlYj10L=i@OCu{E#l=9WKbIe-0>bG#w{7zvZt_-un%wBs?$OShi-7Qmu z6?dJKMSKq<+iWCO=q-Z&C(5?<1O?Bu^LLN~c94QgS)lc=_!<jf68kur^FV>^J z%^5$^F)ANQp*1cNeB#(j+w7Vil7wqH60<_LStP8N%+DU{llbJ+>F#k3KB*tPg?HQf ziBWuDKANGF8gOBj2s}PqibMUctgRZ1vi+S3*-2|H1TRR$MHV;m5ELR1g&0rfyiCFu zNPY*u7d%((+x_Qg#}sM-FOHyr{QOU`)7@a^n5(W7Q!o0BV%_UOqE8f%Lw+z2#J8At z6Vu4(R=NKtJgY;VLj@vx`6H}HQWBT6wd>K7klzDoa;a8)1{_ji;a}Od#40J7i^H4s zH$_Y?N=g_4lX((e=?)-4d`lYmLgQ1>er4>4)X#6r5#Th~UW;%Z`(-)QiS@@jz|?G} zymaIFk)|qAmoQN@Wflm1C}Uq&8}#Af7Ce+(FmY&`Ph765*I&Xni0%-LJ;D$VprQ|- zI1%qFDQM8#e6`3D9sle70)-eatE~hnIT~TrpA6!FrjSr$ReJu6$|wOdZ?lyWj*%6K z{#x)~?EOUyv5R(W^_kJ|80#$2-z=OKTBtHw?TXRiE`wa+)TSE(kcR}|LdT3~SGiE^ zF)*ts3tMj;f*yYBU>AQq>=WH;X! zp-W}vo$Je;pQv6&A_wusW+(!M@A3{RQyA-e7c^>bY=%8D=$GG0BtGSke1zpSGrP&a z(MiEmgW_&H6QXX~6#ugDg5Gu>z0Q6OP*Jk}R_`E8;ma+wdp-Sk;^WtKYK>&?%MkIq zgl?9~NsXs}oF<4o0!ef-?IZWaBmGSDxj~9>xy80wy{+a`pWlO&y#bof^UN$;-Z5kf zWY@jennbb^n;O|KRrUE?+uFPVre6Q(y4Q6VW>bZnx6?y#SvsuY-+hPX<`E{)WRfNN z?`o&C@LS3XvTCl46B85yyTI;p^=L41P_QE363TB8FNb-NmimqWE2;3M)kVyz)6`u5 zP8-z1stm6F6PmD5x*a&Oudctcm=%#mo-r12$gJH71!_2Wj99utVEYgf=hRM3oDzm% zL=9GOuk|6Hh z6m9+eqLWD_b^QReIs-CQNM#OK+0Sjp+88v(=Z=c#*jSsW%4B)Bt#=RieqglLXkDyE z`ZtP;q34bkeyinns|^Zmn#w-gD#>g^SogV1v)}Cec6{E%`ZSy}#c#?4p9BUUCPP~2 zfr9PNNS3`UZGdn+s$ za>Ul_2^7=ax1I41p^Gm8nc>u|qbQp3yP0IG?&ZJGrJ=5|f(ob_xqpH>b~3Ocu?0IF zI=EDBQ9NWE=VA+N8d;H!Zzdl4jRb;3VCPgnyf2^zJ+o~D$C=1HXCfSwkI*^h8Q1JB z^L;MS+foMZptM>I10JpCCMh>{g$T?-sGH*`C{UQ;;ANnuZf!F-CXkhrk zOn%pnou-GACr-a5El7C{wsE_h#*l{m{&QFu+w6&bFfjkrZ0#s;BmGTrLIo@(7)x|^g+^Z^t9xzYV0{WDD6nMb8X62 ztM#1xD<{y=d6?1W8h&sLMl-oV+0kk}s7cq@4-Pdac0NKkCSsmOhpN_rK_LD$VLgM$OE+mO7r;2dWH~B%e+Po7Zjo z%38=X@I;lWGt5y%*JqFErc(H!iuDd8&MNUj!aX>?k>KKdc>KYSWjlJqi7lRMc0&L$ zRyxlGUZGFn@MUFyp+Df7Ct^mfYAjVHy&zUJNH+JzMM->OFUAG51exZ+{%OQ$J@(45 zfT0m?t&Fs_fqtQuXupeMTx}?d|J&RX?b@f`y@*JT-6H3yKDc5YCQ+3Z-q8i;ZfYSp zPr%MjPo9dC8N8PvX(J$h4mfx=YHC-mX>upV4~MobSCRTN3S1DX@58OZB@RjkS99lH zel-O94(EP3TxP3IPJb7tUwIzqy)^&fgQ(EyX~|OM(sOiJ+>uCjsujl>Pq)IfzM?{7 z4T{N3KZ!W5=y$V1)4DIyTO)MlVLG*nII^c z{s0J-fC!+YGAX+0v1q~P9wREERvR9w@}&y>VS7K?n?H`9To7{5>K+_)F;xkWI)TVm zEeGSv*RG#wqyAUnzBaWYDdu+7YE~X0*`5^S@<~X*wwa2tOzqury9E1Cex1BQw&nH8O2`4&f zFfK)ZsSph8NZk)Y&c3KDtMLBT&s5YsJ=TCYBc8-K4ijObiPy5a*4_z*pR8!xo*tRa z4J*2YYO&qUvd$vmbfaj&`XeJe$IbJ*GNzS3{;SX;5ZB@bGX(=$T!F-Vo+o>n$6;Ym zNCf{#d><~v$J4|X7MAICAtvpEPfvGkZMU$aqpjvEDG?%&?`=I-=*Rjr$UdhpEYe6Q zO9BEuD_t(V!l8&Ve34r=^qK!)d_ z{)&PKPV{jYBwslZG%&JP!x4t5I8F59AX7Stv?vO%&p8S@zDJggZyAy1H@O-wI z9pRazpoSmDhsVlA>12|$_<0O=6cUAl4B=7<#n%%w7YaK|R~#RuxCf#QE|L8|9e|)F zB?tRTRYi`2A;-q2TPX@u0eWLfrBM)C+UoWd3e_5wm9ve15=X0o(ZhSnkmqqU;FhD z4N|@wv=r&Z=J$47Sb;5Mv%;F?;I@RWOe_{nU4lQit0-1N-jwdsjJk)!;Uie!?iEq= zrP&pYgjHp1S0^$r-XgE;+%YIlix7cyTx~9|gdbT1yj2gQr>{CJKDyc@A<3uVEvXmX z9QHmyE*JN~>sE_7@PFnHD=3?ienB|b&Pqp9F&^im1sKvWR+Lp=yZN#LUkggCV5VPG ztIIFb99Bf#!$${y4{*4B9zQEh4pP|JwI7Z2-i(clkRFk*2ntVNRGS^fwZC!TmHRqG zJHLWPIESd#7?`P()hDS=O$_7AKN=ik{^Gj~0+D|2$dFpVhjk+Bc!xh&`~5+9!kiWh zgbL9;UsO5Vdfu%{)djOJjG?MMrrKNI>9*)Q=o|*f= z7|~}-eILEl^7;PvOGVaEmGfFmv;ZZ@qQ}N9#>#`)qfb&3F-C6+WNNW|7<`p7aq5k+#0q6T4}qxBv&J39&s*sQT3nmI0RioX6vfGGlu- z{^yWV&@M^9=vgpS7E5r!2fo@Tro*5fnYoVg8+obT)SdVbR(4FaFsLkka3*QveDK2W z2P9J4xTL&P!2#>{aQ1o|rIIIEx3oV?fJ$C)!-xJj#Mlawbb#iHIJ2-bWs*&_lZ1`2 zN6O98{x?sP8%4GlPT&$gy=NF&l;g0C?^ zLeHi+!lJt7SF(!$BL8px)=njr2&tT$M@wD(nw)9L|EHxZ5(U1ZBx)MVTQcUQ3g|~(7!3&mJ{B_BE@c-!eFeG>r4r^1l zS3RW{(f<6z8nstNa2wK7#qr0~?Xo!o?y-_|T1t>G1UQK11L}o2Q7ru2{EkCSXLM|_Z<)(;4UUm|Cqr-nLX)ePJd5*p)r$|KK6E!^jVR20ZDWy#Sp#^87t zqZV<>CCt@V{CjL283FA{&A(+LgR$RgEu<|%Iv$QIGWuL*uxBTM>UtrY?=P`LK^Vp5 zP`*_ENv^(pfQ1BUp(NrykUoFFn0Mz`l7az@<~P)!5~)p__5vTWuh-@-lUaQBV_2r+v{CeFr=7WWn&r$0zN!x~`%|KA&vNs9>iqNJr3wze_} zu_5S=!hHa_k4Tlj7IC%{k56b(KpND@Lt z7l-i#hkda<0x+dK97l%M?M=3#KDAX!_7w&`pux?PGsv5qH}O{nvO|eUFWqZ`3_JW+ zs%2c-`6YL^_hLiq*yuHY>eO0HKR>k^2FA!V?$PbX-nk4JTaUtREZrG!28B*z3^6XrgQmJ2x*>CogP!sLKX_kV+k>YT1`K{pT$#=uxYI=yH?`<)td$%R;G8 zJ3e8MbtJhcg4;<^3w>!n4EYy1*O!44QEM`TQYso8mbo8Lcx9%Wa+9v5l zIL74%8adhr)Oxm_x5WnOl&4?l``MDn(VyZ(JfECIoYk@|bbs@FM1^ufP6V*eQ6^A@ zaTohY=lufAQhpbCi+u^+B9fcb37F?)Md3CKZCW znz{e)k0Ax;ha0nWvexF^W9O}oe4UI*oL;CLZQ8Zu5W>fc-P!-TkMrLj->^B>V3`(> zS3=VJfCmP~y8Lf$G7hLI5+V7YVuuM%DXnSu(8sGCn&0J6d6RRcTrU)hvD zn?a+I9tPoDA@d zID#o0bEsIN9H{<0*1rO4bTFBC*NVUdEA>YKQC%R~&D!D^wja5^AOx*aOv;f3hf@6S zgx|SP3JTNh(K`0mQ;v)`~8bqcpf_>@n8Rsv$p_htLxf^X-iA-;toYx++9P97I&B8 z?yiBhxR(N@NLt+8-JMX}p=fZo07?Gb-z)#jGjo66b3d8n%$dwNd(K|7&$X{>?X}jv zc8lYwNNMB~`=y2PMdh^z+pFeZd+Q8K_&Uj?1G^tl3++8fcXsV^ojjJAht@Br8sLr; z9H!*Z+5uzqh%!mTX2lJD^gf&?rneClRz_eyhk|`s9+{_RuV1Czs$j8DeP#(WYxtte zKo*`>neM5%Taa#Dp5>T)M&u1U=qG|#E(d|$0t3pwzP@ItUfd5-^{+ICl_m4<{>4_4{=XN9a-vs}kwj=QB z=d+*Kub4mmH*NS|82&d;=#-HHGwCfD{%>CYua|YbKz5++37yP;anOH!l*~i_{e)|( z@4p20KfWC)eyscFK%z(CVvR`l2ZVIKc(6 ziHV6J+uN4N&riiP4%^ihFHK(VvKt0UiNNpFYGyJ@8`YAMBKOD0RON@8W2txVp18Za zCw~33mP;BuCOZx>wkCz)+ z)e*9>q@go2Gj{^vOaBWF|8~a+7}N|6ktJYs>3Dewpirpt@AnVN_GX>(3JjqObgvs> z?99whvJmDDMn%~FEh_%qwo%YY(TBQBrUvCsE|`OYeeW10(IgSEdh}rQqqTO5XJ|N< z+nqu*awV$&aG?LbLYHUk`t<3kJcx!GjvOq%0rYc`9#4sgh=#!6cn{VhiGTd4e7H}A zg@qF(0Ai2G_x~qQwhRw~imXjc2IB+|CLa7#!}8HQWoBmnm*&VRD3THrUqN)#g8nhK z*ixhBRVG|PH#R^>c!BYnWB=8}nc|<{zoZgrsQ)QOFuY>^3uOrHZlwO9@&5-f%NBAQYY5!`u*UUOv_gB-Z)t>trnchowLa?i83mJC9YviQHg@m8q zEnW_F$jD}$#mQGXIy&Ll6apWSAW~Fb-k&WVK*%rRb?{|oMhlCS3k7z6joe-&RrOlp z@k~l7OJvrDiufNx7Sc7DEvca?{g`jRuzihKbFBw2?kn+%gc2^vIB5HK{x4&)ej4; zgcqMsf8d24l(>J>j#SlF=B*J4R&pw;2#NJI(Ajm}jHekdF6MkXOXRN9UzoG>U#b;V z<`0uM{87B)@ko(vu?fJ0p5#EN+R~yfY)~pqk_O-@5kJteKCfvg>7mUnnKQ@KiNOiY zEyCYo8*E`2s*aCeJK`sO>b;WYJ@iu6M|7F*ImOZTJN>`2SheD7QV75<&Xe?;)7Fk& z)yL3+67F&Nh!J zEq(TN>bEc_MO1t57qX?aZf0facoR6Ox8S|l4 zf<2LY2$Wa}`Crm-zZHD*_FZ30h4n=1!Li3#-!g#32+bHCU^HWhs7~Tv(AGP91XR~) zv;p2`g{-fNKBGclfx%( z(5T$~Vx08t-=WtJp(nRPKve*&PBq4*6XspM(q69f$|8#2VUDR=TdUskCsDefrM%^% z`Ao3ijmm3#oDgd;aNLYyp^PoULA6czNsB1r`fy%#aZa~>P^f=fr}M(&@qCaKvn!U2 zmv68ei7S832WjM-oTejrE($q8{k)^rWaGM&Paq^P>f88Me4x;^K^l)CXMF0%T{+-j z{h{FZm{kefTXt0NsSg@;t1q1h+UBJtM^dvHUE+@^Cb3VU;a8TZtxUSQRPW*$xyPRjvrw+k$mjD2!Ue|#Vz$~e1-K}fYTDNuSMiVC!+^c;Cg>Y%H*``{HOWzksk3E&jVL- z!wpV`i$>AiV6KgY%|>Y?$KKptot`t^ZYX6$lVj2*<``2`Pkk`G@TfP#fW}fsT?M-Z z6Rixe^6pEhW%(Avej4-IJ90xtf47{*w~QL~O2X15m!$iQ0>*Y0sPQ!Xn^y1zH`68B zUR-b$iQsdJ9-Jtuznw)Szr18K?O4fWOrKw&M3IXl->G?C^@Z-zeB*Z~fAmj*@mZ*< zOqs}de+tx{@&w@O{ZjG!`;doe{rm$q}+$Fp8sgT1MO%}2q2Ub=oLC+{2V z+xSj$g8Nu?y|&t2#mCMt7iJK*aYPt1{vQ>ws|7FLIxvD`4dm#HPa|#+iG8~g>MTLo z8;HYzN&o(}`rUg}uNhdZsdzA&HSLqxbVNkWe%g1rvuXoQrZ+j0MOcR3LqTWK+c|Z? zd*-{3j0y?g2wA{Djb2*V<@Ruc#j%5~#hDi`vi4-T@FzpG!sWLapXj9jq`kbJj%^Y4 zcI964bb}`k6uvkzBE)p>X%6PwVV*Smt(F%f{3p^YD<%|Lk+dJZ+woJe|+(t9e1oaiu3* z^D@T?*hhtu(Rv9I`E$OB%G4XjVcepnO%W=Du#1y^FZ;}>-aaLU{#Uga^)$ldU?Ij> z1hFdS9&P<8_C9T~hX3TprHdE~-Rro0_!k{(U32IWnsFu~+^3ZsA$DnWH8Dp_YcIih3yB1C*YrYMZj&t4u&BFZC+ucR>2L8`1 z>a!bfxKlalJ%n=v zLhT>%GEb3R0c$Tgh$oC1U3wU4+qG-@SJdZvg52x`i;Hi;z@G1Y3_&IgZ)5;s)ttr_ zq3!h$V>VlI6RIKFw!n-QPcW!JqNgt5@5%3LBh*xO!-7Z^W##^#?>>J^P#W!ZboiJb zf{@OX>}w<1d$f^gsHQ}(Dk~f7w{zL-i`tdF8}_0J0L*Sx2-T(>_~(~qgJ#t`t3hglulc!U_8CkafnqH_KHr@Vbd5U*!Xl){TJo^2 zzyNR^jx=TK*RRJyYMKdG0?@tmau4SsrtW)W=1|IvLS0(W%twa}ceYja*p_gSx>J7v z@F_&%#jnLZd$*=a%9}C{jsdeb3K}f_*FsNn{VCDXWLg^tDPo=vwt%XZgc&tP1uS;J z$3u9J2VYo!_RQOh_p@~y*8zU3CDeIC_fnXV8(|GL(1fkvCsjzx zqAJ=Ale4Y1$qacMxnxeYV8);FW5KYt?54&vQuBw5h;!S&JzlZzRvIK=xP8tmuzcMK zd7UX#lMu=B9gDYfajKlcP0beCt6Iuu4Ag5TH=JJ1?Wn;ik3Wp7(2rkSSJR2TZk0a% z=6Q9ptT{Gs?`T~AQW3Zm*0N+!N8$d2gLL*o@|LI@DMcDb&(~Q|HCEFS>4zidUM~BU z4|_+!wftHi5ATnQNK}4#c@6JLG!^=N>x(vjtZPRqLGxIHom`iBC0(K~nQ;!O8<4nG zHQEUEtMsqBAxXKixi<05t;MPtVUgcrD@cXG>2>6^;l+=BR{1z8yV{6%NWIjrg4z!=fPYG3j^do@7={;9SA($H=N6 zEz?qq-RNmwZR3{bF(e!^8&9geS$fk$E2QK;#`4_8@?Y0YdY4`nzpK)}TfJpsOM>Om zezxHE^S$qAKAj){_kxkWo+v=Q$(a==vV($!rO%>{{vMn9 z%L-N_7?}}~ljkZfaJs;#<8{twXDg{V*&zpdx@~g^kmq({;TcsFu-Mwgr^GwnPMQ&+ z5cl_U2p~jLh*qb4{ieX09-zCHuQ8xPNensezsEK4c3BPoI)lYGLoH+Pon6&`)KBla z8uxgC3gA{ydBDY(rbt{<7SnxDxY=z{2wF{$9Q?f?!4*7^szbjhvfDLTqCx1q7QJe2 zoMaK3y2wPjus%iFdV_p_$IiXN77S^v6L^9Qq9LldSEm`3W6JYOC%SUgm1m5O3oN_Y zwwVlT>oua(5l?NFmo9>sm`m|J#IgOL%_9bf9Pdmr#BWP+zI`+e%S`?-bbQjJYP1~f zMsmtIQl>oeJ~(@sS4AszEc%uTkGI>evUyddd%-yfPF6?c|M)m9a>S7qoBUg0#bQwS zlv^+bEA9)Nwvs4Ge>zqHEeJ4^n(Ny8;z;Nx994QOpTnHvn)vcJ3B#mc-7c+ znMaad0Hq)o7~AfN_qmvgQlI*{(b&jngfGLP+{;TD zk{-gpb=UAYJ2#?sC$`DyT6;Yo!3OQ?jt+Fh#tDjm=bjo;Rr5bm4Sv9_ zK0s|kN}sr&l)T!i?9=aif{xhv%!q)feS&-~teKz@_WM8k%O?F&BPaeJ_WnS#7!?`= zKbf|}_;!Cd%?nX9ogNjsO$-H_h_Lh*(!jCPD%bz$cf7QfR(%Xude$^GPUfixD;@#-7NQ)^Wq4Su@aAEu*V{1k)r6c z7?%#T-mH64qT+>4(u58lnrs$csDc}gtI?X(cfbDYJqY(rPq)*KKV_Nn`?T)CT!-*R z$$EQBj$dgBL&3qh?OKjq7P>cs;vmv`-Rb1>?jOMScY{q-5$Eu{;JdixIv_Nh+jmjF zc94Fw>KZqmy%FetXpYqxl+KhMTRFcHjvJ8~g&=2$_uKYW#0f#u2?{|_xS>l3)bYQi z$-X9l`*yz;FSTZOrgZ0-2^k~EMm(u?AuC8@E$;O_9^q(GsYisT7XkO_3N38-gTJ3M zRAk>XZg@HdXWn)xwFREa?ESeBFst)(n{2;x>_PX{1LoQGI0HS{vs>I>H;ns{icd7_ zjtahY2Kte~{a{flS(I;D9?$jE`6>80*TOXmI_(_`@=yIP(H>z6KCSiUG*Phc(D_5I z9r(ofp^`sVsc9#sRLxjS5JX|I5p(f0pjd#+g(H|+_lHpUL4#q2s)Nm1LboQ|eraN1 z|McU)vv#ib^{A0H9i!QMM8x)Jqo@O?XBmRPZYSOFD6=i0wk%tX_<`viuCy}C(b6?D9wjHDV zR9Xp&rFM4MzX{{qI@adTF&E)@=yg#;s>kouBMS*q13k?&x${k|uKmULH0mc*FpWF$ zH9rW&kq_sqc}&RD^mf($owV3XSA%b}r8njMgQpXHyF3%sMoe>;d0=|iogIQn?OI*F zlI7@mlfZereExmZ$CEYmO)`@(nacK0Db5}_mXla*OlxG@NkV%(D?aL>TRl*hs+PmY zrHxOes@)}m5(Cbkx9du%anK|+jj@SREL|;_GG6pgl*x008YcmMcat#G^6v~RY}hh&qigtA67cuypj z9(v(a2n`>mguuD& z1><%z0z*3awR36er-uYz*gD8p;u$f!w8b2XQP3)3f=wa|?E?Qo#Z3w2ga;9ECmgkd zLj(R>J9?r8IzgJkI{#S>5@X{s_P1&vv_SUHjC{1ixsq5S+YW#iN<_c98lGNtq7FxK8e$0LLSK7Fj6??(T z;F@{u_lg_X4L|9{%+8SS8J4nYy1+vbk!89g{qmAm#V_GTiz%Bazu{w{25el|mWBreU^9#A*w0R56o#gI z;$fHh?b}uxnCN`Ajm8h06Ye>0U?0E?yr2MjAXTh#>XUvu@Y?*ZrVBjN9?9YjILpi1+I3|kwIE(c4F^6;-*F*iB0 zOs27{%f24)9HitIbR=|f`!DKB;K$P84qJXx*dg^R>F)?6x$ zX6-i*jjtysh~o?dw-;QK!cqTDAp3r(Z&XKXp?;5DY`-6>>SSutgff9R#&#^#@W`~m zi#s0%0xb_73+Eh}OrqwgGeX;)d&_z39kXm{TfRvd*w>U!`!XT12xr4W5CT{@ZB2XEr8q%0;_UcgVzd6a zOt#kuuxDDe?GX78I+cBmE@Dw+qj{GgF^%>KB2Ap)J;An&DGj)0-F{-K4#ArYj9G@n zDk{U9<~5rsb=yIKYv$DWC##uYAng+M(BtyOj>j$-s4`yK5EwFAfri<{U>`F&o?y^yxS2S&6 zfRyuTl4n$d^DeVvPYS7d*e_??flvA^O_jT$swX_xod_7N&w5bfMUq`Q31-Bt+EW4B z+i}75kJksY9ACHV1F{vvP&idYkNGl#@AscH)D+%t^hT)DHke}0tLrmw?$z0b3OFr& zDa8c2TNSBX?=4J<>x3I@!q{@f1nT7z(%NrrzRf?snk{~6YX}Wqxf#yYqt9Uv3(ULf z$IhbQYFya($Or809SYhe5cAnh5o(=4*|rjTUwVHG`7_`2M-fk_&u_-k~+-ug07h`^>g1&Vcx3t-OdmLhcySCfWU94|f zQ#YFRakpe_pj)-4gLe{$0lmgOS^IT3ILZrdkAe_<#4!?V0%-Jk=f^qu3z2`Z%tc7_ zs^`kTOi8-7HV%9~;0Y#f^+^3wT1hidf9S)sS}*@S&PG?Io1VVqr`IiO)qX>aOcs&Q zLki>TWdR0IXnx~b2xWCx<-!CJm9%sLL(KIz94y4qN+*V>jHS$*uUq{-<~a)&jaI9) zZ2E8-qcfO!et~BXCE_0I8#*JKmoEf({V6A=Obz6XVQuP8F%ZShksMFmJr`%X2_{46 zWUAz|=>B3foqXdX^vlQWIUf=qok(K#_)m_+O}J)4XL#d@NJ07MI{GO6F3U zwi(!)>~RJeRh1NV!%V4oAP16pMJYC$)MHoZ>%}Ve5qR!zX}ZDbafoln3}OOg8>Q+c z*I7zGo2)YM!-~n8;AOw$iwTxLTHkUPn++}TQb0fmU2!StY{SROL$0dNO}eb!Tb~Dk zVHu!D6J}7*AgLGt{?eK1s7be0^#N0&c}p1yT1iZ%5txIc{m}*P0!#rYom&6|--Smm0UyK9h0ylaP)rGr% zI(RE4cfYUo2DaVhY#p=#+K>9IZT1+LvgF@xxjlfGz z)*ju;l?Z0wE0xG_+s+Dd!%iCYdNP-ZwGw_B_MGlw=QV?Z6lta5^ZMZLq{(Ykg&`udGuG%v?=tHH0%E7r-@!8NHjB#?;RI7Fow+5b7?~-bC+(-p-A30|(8@DHgT09VMr8M6! zM4~-?YZQ$0V!K|>+?Y&&;~uLvRXCe-O85YK!}1D3A!nze=g^VOx?-OhQFZ=kNAl4% z*pPvmXqm(LRT8dE@L{B5N)-->gX}ZK;P*C8dpyf&F8G}3mgUA)k#e{JLD9Y_~D?04?L@aoKPR?Ljn;pXm>-dk&u^(f0 zV@iCI!U$QY9SJBl-p)K#`*`3}f<)gBSUfiE@Jb?9Sz-IVaRm0EBG+481TMzR z@f?-W^!=|^e0EW-Wo6}%#mCZRUR)PW(Vv3yC!cCLGQNa1_dL;Sqc4N`r}|yVw1?3W zJsOz3+LRABQ^vdxeidJ5S~gF$vMu&Q%>Ok{e|D#~`NK64Xrk-W`*Vpm@$8_Ws7*87 z+}cvk>iOG&voV@qL!mpqUSL@nMrcCpmH+;XW)g_`bX0>a8}=lXSetog2Qbz}@+_dK zY}G)DyOyf7Gt$-fhA)#YSn{<%Yk!BA`P!I%srJLowf^31mlgFS`z*%DL83_rIthql z4!E&x5QI|N30Lz`A#u3VWgXm%#-o~fOA7$>RELXx zrn}9U^BGN5JHs6V$8hAb`%uHAh>FNQgVo_$Nm~7tHH4i>rvoWvz`%-iwGVO2Q~$rm|=M zvG4{zN@AvCWdd1xWVYtwV&?lt1D#qW)UC(DPhV9+ZYbH^)@IP$a$H9>5~Qn*PmXI5 zArh)e@9*gaw^V7`BTg|Ib9>my6AVn7qRilwctPXolW$IOD1QWF%3?%>#MaFXjc{}+ z>vo2!-Z#$wSh*R0FFrEg4Q;AbyB%ru*o^Uo5xr}zC*95B zEwAb8k;`@ge>RIbn`8Sov)_>MJ`QFFDWtD_x+~2< ze45U`1dZYOUr};BuQcINc8IZuVH%S`8R<1a^RLcnHCH>jv?=`K#`1L%ZKiEG<1yrX zf}>*ACt24KP?a`57@Oz#@cVFA$$f5j^0ksXyw2mwdF}!p_lv~jln7^IFSM_ZC#y+s zE_VFWXGb!CFqF2=Ur$xng1KMZ9!GV2j>vV%&a7OEe=!ztqvM3R_Ox2&bVK!|rzm^z z{REcf&ULRc;zxoDHDx|})A7FWeLKsLs{c0dF2&$})x{MOv7AyWoS-yGNf{u)h3gaR zE-Q|o&mTc~2t+*TTG;13?}nwB$94xpD63k`c3umgU7Hs^OIk`8g(|Q~ zT)i#8nUIq$#quN%GU9xWeTzsx;wplnG-O0zKDM$phCpI?$@!g zLvyxIpN5{A9v$x&G|@$HdAqR=IV5r+h@X;>-Xppl>prDf+i#-|5kyvg;M!r>e!1rE zd?kFWGsX(V+L|Q>8OP{TK4#K4AAq$dW(8JqjrY|Jn=zxej5_t?im|X`G#`Dkw|8#QsK6Cm$ z)6P}$l4HG{VPN}C53s_odf@-|q~+2+mTWJbmGmBm0jGM&xGlqw@NZmlau z)i*ZuhGG*ubus|0Rj+!=V#`d9JJWzQThECJso>kSPq|S(%>lKE1HY+*Q?q?k+NbZc zA^ki_Uft!d>m$9FMv4k=IFl-cgjuZ+{Q5q7Zf@aP^x@#np%+`;Q&U!>uy7k?On7h+ z$NHh?CxT9NGCu8exhbeBwOx7^_sK;m_xp;^BQCiIL^kHSF?~&y>pNri$c4`9+X~k) z8ZwyoxUQ)kc>05%&Bn=oa*EG4KH-W*W49ar&fabKeNeMwMeu3UA;t^}3`jRiVdW>?2MTEvz> zTGP(H;gIp5P8X``b_8eyB;o|}+JLn<*+J`pm&$)>?$%-<#D`aksch$e%u*rh%umV8 zkg-#f(4HXa99$Oxc}R>aP0}9yihx=$>B~B*2$$en2KdxF#HRdlzRaqQSnZ9Kk}pJe zC}2-%1RC6=)eJ0Q-1KWl5aXH0rP zHIQ1aavN4hy=R^SDhteOl7HxFa&ggR+`Tq^luPs3muos**}8JzpY>;g-|qruSvw&u zB3YGVhbF-PD91H0O1@u>xe3;=xJ#?fy%v6Nf6noSjj#MB&s1IQ;-!@m#Am zo?}j5uU&c}x#S1YK)=deaKVhj;uijxgJWL{h@$#zI7X}iH!USR)4$;DrF;^wStG2MnY{^1r2Ztq6_a7;?&n!M2B8R8FH zL({X_&e?6vnh(B+-E|c{AJ%nES@iY#5lLdwuHyg&2_M$iRrdLRc6@0AZXNg`t>|%3 zKJ0g3HGe*Xfl`U&-UJeNl_uvf8<$ra;tABrC%vWQ7PsyWw-#O-lz{~z==|Q@RwP*7 zB$oRkbK7?Y03+;?{+UtP4C!Nn<)jLuJmC;aYQXcYOL5TRkOW>@=E?_xX7{**yc{cG z{10^gGwJOsJUdpz;EqkUi1nBz1t#OqR3#JHzBGDy!mpp&D2dPW@mMT(*lcAwT7oUI9*XP*=#f%p8B{|DgHy&_S}7yli1#IMqK$&VC*v2rhtuR)G29 z0Dv)hD6$Lk&#JOWZ;108zUQ|WAaBi%K@aj`^eBH_&&tseSm(Vjz7ZpZbARnE;_=pT z@Fu9_8SB|-{5AMC-_p`bc#Via0khh$T~0dULEzw&^Z7HXQ;c6rC(aS`P{v&-j~9$E zZoq{53DvcsI)TSZF^Pp`i>qs`J8G>?(-8L758`cD;@%xuRF2h7w+0ECO2mQwci)F+ zO$b$UcK<&wl6?k;z%-F=#zp1r$F7t4xk}l1QKas0LQl6ERVMx7RZ)&!T8^4QlV}3V zNUuivH!geynG88$q6ydQ6_b>%vton7WHw6Fr_k&-7!k1m?SNn{=T-LLfi1E3#-F8} zDi3~TYko!T&DFaB6WkfJ+H5y;h7SS3Ex#s6>NT_fH*NJ_BgbBIJ-tBdnwnIG4Rx{b z+-I%O>55xs8*oh2D6>&cp`YUd?>^)2$`h^t{zdgb6iiY%^Fo#Uw#@-6P>h&Ryvl%?C+Cn+& zb6(=y>ck+>`TW2*=bAvlTq!haE0vHG$vpQ61DB2P+9$R%OqscIlks;dxa8FYnIS zE!r;}gC5`b)*(*aCj1MFUa4BBo=|^BwPLlYA4b_`(9SIz+cr_QkK=&Jh! zudh5`&2`!O7LXcU*67;4!TmUO(3z74GD~tNm#!N)2q&MJ;rrRqK^-7?s?+} z_kpich>Y>tO~|?_t<>YgZtHU1T>HbYqH>mX%7x07>vVC~G3K^5ZNqV8_e;QX9tA`; z;S;5n?zeZ}kNg>;Y`;VAm+0wb^@U?=Xgd5e=l#%r-A)&l_#-~iyALT-8n=TB>8*sy zSUg8~g=$OFyq-I8K~-@#T2xOo9a^(tYYF+^VH@s~18#tuAHKh$w!%u~FH7~3w*p{X zOTWMChj0u;*)uuXy1FLmJBeETY$$o^b<*J+#VkLb8m}JkEj62iT0y`+OMJ-@LkMFT zw=eOkvPwgrgte-(4d=P}gDxq}oE<$E*TnK^Fh2L6yzaZ2J-G-m_OGDHxE$*Bj&srm zED54QtkW29^MGwoymbSdqUNMx$@6r%o4CHT1fb@EK)$A zw>i#Ux%@%;3e~(W=&T6-Ha-k2U=EM_y=%&DpNGi0Lqv~Yz>Gc4Vao0^{*E6683A4#-!ZDjw8)MToV?D*8%5&3|2p-3ev7kr7crB zCl@$nqC25{RIwhs-yw2E$N3WB^uK~>I_}Q&%Xoxzvc0yH?~y>$^3tn=)QVgAZ=>94 z@e{!=JWtn-8`r6G^3DWZkg;_+kZDx__C5_m!p`WPf^qY(e>x3uDiAW~jVw$K0-ne#Gs9Y$d$?C{`OmD<_+bGd4 zKDG%fs^Jm6R&U5L;n>v}fww10D3t%kpDuu*;{qN?qce%t4IjkT3=f-zCdfk+F~D8V z=?5(2y&z5sDRuH?!%XWKjE|$*PhL@dJj9L zzBggGReQ-{23lh6D+VLc<7=4@WmmuJJw$0{m&_J?&wJ`WMitfKys@g^JaT9=Mo!`c z{(s15re<>%J#>GX-*cVf7%0f-E>ely8Hg_bT>kC+{*-RgU1H7&`rKw$o{@XLmtvV- z6i8g2Dfcd0H70pVY^OvSmgU2KM>8i(MMBOix7kA=Hu&DOdAlHTSFUV0)D`3@O~!8s zSaCcfhiVEDJ0&M6P^pB7S|dn+pyRo@?Hb2rV!YLoLb=|@t&7-exE2N<#nPX7JmpM9>QkJ&3bu5t3Y%8a{b}OBQOj*=%=1etarX;{%Uub?of8 z87cQO4SYQ1h&1M;oOt=?RRghZZda9Yqef-*v!!&he2fnc<&MwTTtKK!`8t?cHs{nU z!x^!ty_!pBTcl~tWPO+P%-fKJ4D6JQ>X9?Jf7$vXa=|G_zv!~R+{WZ@6HO#*>0VRa zoM2|22i~IuJ{?G zxs7uxRkJaVWH+eIdTGT=>gzzOyXd3B`b&ainbL^iz4hLVXPG9fYZ^NPoSytUts6ZK zb(n9s-RnBQt>5?vH_|buxb9Y#&(>dMB8)7<_j@u3GM9{1Iyzr|u^)d0&Nx`rkptHB zwH+SqGvqWXybpD?{v978&fsN}r5QhZL7uOjOrw;u$@u89L2WZ?snoXVNHBOm0dx0-jiA@{Y_HEvi^J2v}% zkePNx5>t+ciWetKUcdQ!A=;vz=lg%sBiq2~EvQx(FC!$K$Q0iB|JahF_s{Rr2o}!s z>JGsfB>aWmPZ4$q61pKVubqC;K8Ze_~IZd*tx=f#sWAgG6uWz5`%Y*-c?JB zNVZZ>W&kSu?^;U)^kEdW?n${ELvU2B6Pe=2tk27nObrwDEbkr2yH@yug1;=8X!eOs zn)kNe<(x(O{i+i92Hlils{LDX{d4hEqDshAsH(GR8Ffd)Ie+T#YYXK?sOp8hfCw6$0`btHh$C zqg^kC8CmV%1TUW2L7Q$4Ajq11GEKEYUxv{Crxw7NTPebbtpopfRg+Ef-aM$xjjaPZ zTR((n7%(yfSW95=JYl1knSISzj>j_=9gA_-yQUDUoipO=vR|H8tuBp)aYw=IGG%lr zRXeGzlUMO5vLd5^X9Jijo|t#L`lB=E9^9O*2RT4V`6i6g3GHljQ`BZ|Aav=P8fWG5 zIc&UZQj*znX6hd~upRsXJcd+CZE>YFd|uHGXSPoEl~8m%Ea)qp!w5r~Osq zDuC#YirA%@it3;gwo*F0w=&95vK(6J`XF9mkMLgF`rfuL;ps6xfXlh^X&ErdJ7|2P z`*?pax%V|Ws_x3O&S{#Ozm!^T{gP&$Rfai*u4CaQSZfQ?5Afv_V4j48FMPTkx4K&` zx+x+yq<#?jy6icbS=ctO7|yZ0-c~wLQh80IkcYZQzQQ7k_UsGYVIQQ`1w-8p;R~2V zZ+AE@&+`Y-_9T5z!UP09Q4|xJjbbmo-jh9rU(yUI6iYeX6gM3&O-4%@lnp1{+#3Sg zxZNgPm>ayc=uy0>e3-%Pua;3L8f83PURNZ4p$CTR2Y;=MuwwTn8n*phA!iSCYTwqiF10C z;lz=>Be~}i$LeRDuEpQ++*sM5dPtW2)-L;lo3jheBetT|tw}b{eF^2DFkZ`XM4v|+ zIc$YK*$&&jx?HVgS~ysD*OlKsbgUt#m&Zn{Yl;PrNG;&Zo_+R0YZYV$EF8w>r+b*ZQd9RbjadSY&u_+R*DK)~t8# zNyl_l)cw!9RypI<;`UKx4D<3cj`4bF5P@WsgTdLY6kSVP<`+>p6-j7^Iib_~mmcLX zCN`GY^(cJrtz;6@cgwBL0@5?_SC2{Hll!KeYEcg8?4s?o+94$3>4zZ!sF~z@sP_@E zO3?Fx`FC4Yd(oW@DB!ljSYNm$J5gvUxX9^=t&1cPTsw(ft(;b?e z<`IL)n%n45&!?VYl%vSp7tQ^n`EoABU zmZ6@9uL7b#UW^61g%7X3hH0X`6ihr7WcI?qrP2Yjd!R)&*~CR(>PY$9Tn&qYKV3#I zDJxz{IKNgqN-P#3D#<^Aynqn5e;DBG%}g<1c#P$L=xgXH5ctv{7G|B>N;G~cQh$Wz zSkZ#fEB*|?EP0bwHro|@B=Xx6=S}|3PZt*`UJ^5HLovsCte~}6h-gfHEy~$sLX7%b zN)&b%UlaA%axf=+>i$N+>syk0Orv8mqg$O6X9B0z^2gr`#a*H_Ec^{F>$tId6?x+D z;>EZ(FXV(0F1T#!jzkD`BPG^SVVP4@K>^N6ArusaR8p1TU{Zcuol17I%|CfW$ zhGjh>Wa_8#Ab4o}@&si^^|m%=NM=SI=t9%H@*iM${u_jIC~ zpW1o9!sVu%UbX6+JEgw3f4VHDlG3Pj@Tu7d1WUcXArOst><&dSru18Qeko8k%oT;t zmq4)ywWil$sFZMnN^QS=xqrnx<54mt3< z`?IwJw)rhlw&sT_elIe=963RQ_c+B>A@7m^_G_jsi;1Y}d?dwipM@5Os^NR}keM2{ z6ZGAT!%rON=hiCUn|yW(hD)yG3a$r}iBKID%{rT zdnDzPOT-5p3&aY}!V|%{EW`}6>ylkz@dw9+D%w1!fSuG%jc|Wbt5QF)2ga&^=?LHI zyMP^DC-8f~Bm+y8Wo@s%nu0{R9HSiChw?hkTg{TS{zHo3^QH56C)V@T@O(XkCgbIb zdZ&Vu4;Lq&$QCy9ud}srX%BySq)g;-0tL$J4-- z6D(T;5)duce(e`jQD6t&_2=T@)AWh9_FaKba6*Q* z+<+pW=U2^h(o?oacmm_b4u6Whwwua(1&Zqn1tWpUX{c%{M=(OWUPEgFw0@5|rAVdb)ArhICI+7@6vT0t6A!s11I65!wAzu{i7cm+q;oJyeNF-;660ML9WSKM4F zVe#%)I67)SK1Rvc3YJw%&%9EO#j{Wvo9Mex95WrCAU4eT#BHyoWp0ihS;R!_Upe(o zL@okxId*ac1|Odsn`}5YpOy}SRs0}X6JrhOHrcwt?&~9wZc!4|M-pWBrVZ9#VsA;* zK~xiqEn3djO!CDgv-BDl4|071{eEBdImP+B=9ZIX2;yZpWezRjM^NzkNIACzL8q^2 zsw{{>6aswfant%l&nrLpHC$m@%_=;=Oxci0)281avA_XR#Q=V_nZYSY6wzZ~O=C~C zx^Hw3I-j%IZAj&7v4%t71z|JZxau%@=HZ5R-+Aflom9R)gonQpbIL~z@ zZyve59QvBce$^*FwsV&zic>XSJ?-+#{A>Q+SA39}T8|{?N!x?pZ}e@CY12pQKDL5; zt84FHW{X8zozY_@&n_ry6u=oHBAw1;ib)0A2b_~E)fhEFm053MOScl zu=c#OdGz6COZdTHuoR`LvJ1TadT2zxJ;|k8J=TvUrTT$wHDZy7^-m3v4vi@+CczOw z=T}lMd92Ptf^NOjOBg;eW7w%@_T9_|hA$xed$0=6i6 z_GVBz%lM1;z72Amr~3FIe#tL%d)2zA1ZELQ))GP)ClUKH@BLXsHeM7_Uma#M@6nv3 zT|W6K4O)6EnY5qbR4O-jng8e3%k%(jw_0)j2#pg~GiZN^J&^v2(q^@>W`yz^+r7|F ze7#l@&MBCjC@&BM|Mo|l^{A4w^ebD;_sjh)F`sHmuML#ZzJe=9H8taO*LPa<)IQ%n zw6>GEoiW^?xU0g%7ANRu;w)DD!Di=%@9rdQEe%8>j;vjWx74XG9T6IuKvuugUb^og zj2kpGNgnr*h}vG7^EK_g+!^QqXEt1T((Gt>$l~jFVWUQqb|FdIoAL_yfo~q6a@A`6 ziGj9xYKIz|OJc)X%|U9FUc-{HpN+2XF%JE}L_V`vf(^<0e!$6Kq6bUQy_)(7pIwl? z=?79z@|!q5sk!-CoY(L%wT zURTIyP0(>E2Rk3CN6G2%V?J^7ay?0^~Qnio=+a@OztxH3^e)E)Zq9||P zKrI-S%SV;}aG!;90yRQ1Bu(AAjsmU4Du!B^_e+%YU-320x#;%2tuW*zof>pPOXqtw z7|I=*KoObK?JqH9?^S+rAhMiE`jSHS`klVWI9yG@Ps`)}BxM%{txATja-BH#J>0Fj zPi{GaQn>4O2e_zEX?02xUsN^?zu)_skH>%d@A7aF!&%wJjwD%RC^A{vL<8*r8*Nz-Y6yy`@9Z5Y79v9X*hIQ z3%q})Pq#*rb38mYI}CZsq2~jLZd==!i*c~k9_l#up#3e}vMEy$ z`$e&oaqqVPo-Ay(wa9h+Q_m-lEMUJEU=c{MVo9Ck%O3`PbeiF#&h^u$w@V}^k&zgYyQ8tcX;;+#lCt}{*yII^@I=nk^d;Y$_g^V2<%@w^nY zOvzXffHdwYa<189T;u%ptB*i$C-z)~!-E%b?b<$+m$~K!2%dEK+6vXSTaZ%j8Nagu ztEkU{;V{C%v$0(c;gk+lG6Kp{Q2Z=M6p~8`)Q8O*>so5DQ2={6-yaP zG*!t=+mGDvqHKEnwD!$9w_w*#2*Z<=lUs}D)6+F=>^yR&Y(2tNcSli89UTBjmS7ek$_y`gcm}W{&6v!%__QonF=FvIK<} zrX9O{EMZuoKMh=qXn-W){khD1%(@|~v&Wg_pgca<{!de$;ak7(v^PtuNoZC#Xejpl z_c||k|IE6uI#})FC)8)56SUQ^P4t-^=`FBb>Il7bfPuL{ZF0$~Q*r|i`uNSiUr~L( z+^S)$2s5TW#3P`;}{{NI9*)_FY$&a~S;etHd0}pc%3-5ImS6 z%g-?8(XbXo0FH%*|D zpjGy!!MzL`5o8n^vFos|NYe`~=1E>AxH~-F z;U%%`*G?}VN-_N(5ZWu(jhoi#>^z1y4o2wM3jMK!Fna;Aw&B6Udf)XvYGiqQZO)>L z)(ph#59r;%Z@kTJ#~X{S`=Hm3ON`iiHn!`d9;A6qn`ZRzJ6YK2=;=c(r;-4jUL}3E z#gO^A{n&7Fg;#?%0&iIuT98Vfl0LYlm70aK`~blf%~n8?NvaBrJE`~uoBHlGqmNDc zvAfUY$jQSg?S*&QntPKDK6(p$d5BoelCO?8Jp{=OZRtH~x=}g4jYr<*k+ zGA}9NEftK=qQp@!iZ~Qwl~Zr*JT!iJb#{Kh=(&WPHGv8rN{M6FBqAnfK% zUj*mw>;wL_P;}8krburCl?l5s!%hkv-cLnt5nnC9vmh0707I+>i#N3SJFw8z;oh_s z8WM`u27Sp|n5BJ8-S8E8FbpH<3>Jnqh`@QKO>hZWjDkqdKH~#6N}}t(X}7c6+-YZT zesPeIwOAvKaWdj&0iQI^i{Mr?kQNIQA#)=QlLsUE8y~{jc!Mx+=rUN|vup}(`y4Fo z;-C14rmy4JUj<1S(crCXdDA&Qz=iIae^V++HO(1SvWBDEjAl#Ht&L{yvq&&FVST&&Bi5QWIX%8*xl#RiFzDFAAf}uKRdS}#Q_OirWb=F&1ZFw zlP}AW#)0z36jn%thrh5&McW>)xi3z_C143BW(8UdDm6-S`oQek>eZdF!se`paFGI{I~%+*zH7+%cmZ3TxEd*<|KH#|54H z*;bEY*W6`G_<zPR$kVWSm& z2f%f)f`W}!1t>9FVfO@t9Hcy76#5#^h4#awSr}SFLobP2VmP&|ya>}PbX#mFwAhnq zmP1!(yg^#%Z?p@SHVSyD~*m3@yuKH6BjIXX^*A4DuTD)hj zCsIHGcxNif3A)k0YKIoQ$Gg{RkIv=4IO%1bFi#@^@7 zq|Yz(^Tgo^o0=1{tg7yMYiaWU-LaMHy!Gkc2YeEhKv*jXvwJ+i;P6z8(7>Ik(IwPO zIz>BuK^u4y#zXG6&~#)H4xDUDX@u2E(B z_buVT><|;x**5o3mD5eF*_-_@XJ7h7U~D*;q~^v_FGXzo*TA%qe(8IwSpHYx-_$pg zIWGgMQd&*b(qtLFiM(!-L|2w}23O-h_XQ^{4kI3htD!0(M}Yo|;fGMh62x%_V{mu*{l#!7FrZDzVIC^4u8Lz1<7SDDOw5!Y=${Snsj ztvd`~4MG9;KHg#IuS(%CJpRBp#Xf!^d_>PF;GgBo&^tLT!4bvM`i6Oy_R6>Vyc#JL z|JV4os1JM?6!f`zs&SBdG1;&QE(%fsNfsz~(+8fc~?1kwbQUlw$**1c92dt6!$<=eX zY*r6;7QXfk+pwyte$(Q81nIF1UGuZH_Rmb$Yz(6sm?^W|8jfd;7Ak$e!rvJOX>y%H zHx|Y2&a}5U95^Dc)T9TD_=jYz2E{3OwwnpuP&O6=Pu<{*KP*_|gUUn0sRdhxdBo8* zNxH*ma-F8cy6Nat`5cPhD)etIu@o=mdO=L@0lxR_8_RD~=w2RL+jy&Fcli5L>@3eK>h_@RIkS-5 z*zNZK5RW&jc{MjuIYBJP)RlgKQwLNY&!4-pSzpn_4 zo2G=e#~Hf7ZwVlh)C!o>s32U4<3Dh0PwftJS6^bIbaGBHYL5@qW+21ol{2-I5^Lwi z{7alQQ3-4BjMKyPEDyv=GtLd*Ahn0ft&XAvCXIc=D@?79*|pl=slQjg-$dMw%)dM|Ky^ zk07n%3)51&6CJK;EEfvo&7ZH|9vh6)cZBiHoJO}{wD(Tn5T#kfdA>WWbnamF9Milm>>**B?=tYc95xa5+YtebN-TnB@lj;8DiCSj?Tq1mKWL#=j1P!Kd*IN{#L5m@IDVcB+fSh zcgd9uT+PK_lsqgk&~gl_=z{UM*3oIc|1I-$7<5&*`UxpfM1g2qm3UYe4e9%VXFb17 zZF&na(7WBC+?l7lv8Y(IBn2b$+MY;2)Ib)tfYTsl?kgiE6LAulFY{j0gx={a_!D_L z5oe>iB`E~PXW+{-HRFZnnsz5^%BYkv(t}z4xLg6ig|JXX!3AnaWG!4^D0RVI)EXRF zlzo93km{R)xg>wf=(edCU%lgNvEy;@cAB@FbNh=<>!sCC=-gE7bS?u&g*uS%EkIoT zVSjGl(QM>b-eASJOiK)suV2G-`ddb#EV=1PqKf3oKyOF784nxGlv6p#uON>k& zw%TOhH)MCqz!aRZzw!kNh{>OPyCfYUI8=_92(C?ac?EWuL^|FM2x1kNCu4)w*+@RX zZ%g%Vq*u|w9w>iB&uaR+*Cf&g@4uW_=?c5#BDE&-_`nBS37vHE&39~Fdv|IPx!IFK z<|FBjp|0OZ<$4LbV{4VlDE_ET#ShUwHs|q1vTnf089-b0Of9vegW%sLa%t?3(~dvX ze%dN^ESj6L6bR~_! zhSd_1BWsrLKigoB;0mF8Z?O|eTD$LMb@T{y*b02v*&T|l>H9i(d3DZY7NxLJ=bV;s zAQe9UCfsU340ml?0sjmiFEn?w821w0ioVQTGY-_f3w~sC3iJb%alrf#_74hhx#a$; zxsRykeY2y1xU>V9xJ!!RZou1xi}&q!R9lSCrs8lor*zg8Ff-WUlZ26$`#kO7GIw9} zf!G~?{oQ1OXARqB@oP|eRQd=6_`X=FvgL&uvrrb$hI%Wmvy`R5vc4?;+($qJXN6Uq3|;S!vi?LdYaq0aM8l~ zUSN)=?N8sN>27!a2SU&>%s|$NN#fjA!coLru7aUZWpU$qZDY`)kNMAw0rP@zEn?7?~%kgWdh3rzs`_&85qOCC^5k47P&O%eyvD8 ze9xiKKhCx%KwxWDC}94s=N8RqRUOP(;v=;2cSj5S_S{J=Mclddt)I}RdMeLF%8BU> zt5<%ut`>Qg6S4fJt_EcbT(Kkm26m=Y7~hHGa`CnDci@8d%X7sds1eiZmNn-=BHAF9 z%J~)fxV++?e)S&bpVElmXh#Ywio~`x#OzSgK_!eF0%89E^esmjZ!(9f#`v$_b z#v)}D) zhAt{e;G!2MVGmxgh7gfl`R5;vcOqd z#W7=Wg$MV%ZTw!fXlNs$*fq#Th0B@e>V%`+ZJv`|!uNYA<7(nOp&XhnG)<{Y;@%2` zg1SXP*uCygZ(+BUXHQ4vS^5svpw#w21s*o+am|JyoWVu9()|BJi?OwmHwD||_8Omy_8?S7q_^FcJ7*?u+ z(d&alt8Hy@H(a3Gj@>ClUh2+og7ux4qf}7yIuXEQ|J2|py&}7*8pVmf$Yv7RNldMD@2f#&0sc_m)hM8Jc`qXOKs2=-TLW`%K;> zPFk#EwC6rqpIFM>!4!G?%}pgfM2qqo<`z>yb-|1R@|wq>Jv{Pg`_s+>kC^HK2caHj zU3d1axlQ=F55f#+X*=S15VcFA9BoNF?FL2h)SHKAlJUN(KNx8I&FZJlz2Kk3#*5pO zpp=KNyje!1Cw@>SE&xs(6oR%ZOL!A=3QWCdE`m)_$%g7zjM^9KWEb%OTCo*@`U7@| zTVpu;>5 zQ>W_&YMA-4dvS(m-#B?TbP_}r%#%Cs?)d#hok`p+0VW=GrE^@ucg*e#(8PN)sJd)7 zSIEIyNiBT-OK1Wiv#f#>c1qGZcPj|G&-R@3M)X%E!=_m9&`CzR*w`Zx#(}ryS{RzX z;wr-aowlY_%PSIH{{*=li*txi@)r zQvo2aiF&(^k3LX=N;Fka_!F+U9de*JLuKj2VHNL1Lz>HU|WTD{s>gt(dfXGx)PJ%SYdHoAAaW&L+n@Zl5b3 znTG~oY>cr6A`pyCU|Nk~^U!RgK}Pq$STG^F)QJ^GwIpw?i+UX^I~}3cFH-Cn_&tie z#$5qfmWcko$&lJHZj*-URT0XfQzh@FzCqI;PAbk;DIz|8)<{>H7STZkPsx&N1RG*V zF_%g)7o+%GxAdjA-k4@!I`1x}N_5&R-i49pd#=`fHTzjXhPjq)}J#mU;8wyu^srO*3>-LXWt+zy(qNkYW$B1wz)=biW3U8NBf(zptm`J zOS1Y_>3qjc@m#1jfF5n9&g9T33u!q1uy0vTlkbj(p7-SnNSl%-%p@Ykdacy$X7lTn zQpDqu;&g;As9hbg#AjS2X+K^55* zgN{W)P2()-4%sLgjz*&=LzZ<;I`h>b>XN6cPpA>83Z*hnGRD{0Sk3tSqUx)jBmm^i zlJv<)uDnf^9(|%;53Rpsx2L>uBR}MEu*VdS2|Z&9Cz3+xR_$g@{Kl2SQfY9+vRS)L z4fwUel)q-R6#9Li&lm-Bd<zR_Hb|lq-qFeb)kXPOu_<5`TVQ~~lsAuF4O-9! zN1PiJc1r4h{j`3Ju<@CD;=9}`vKIF4QsFC^SDc77nL$lad=$RdA!*|Sjmqwv^0j#e zqF9>9k*Q~{ugOG%Vjqccz53Vu=I>G|c-6sws-OBzCY;=EILKKk#oaXvx&UQCzvfeWKcOao!FPGLF0wZ(xo%TPRn7$Z*t&PeAC+Div zJ7usP8;MGz>SVTxgFUkD?@CR#ofKvzyiI+zJ0{=dsvUrz@e%B(r&PSgj`2;iEK1?` z7ohXQxz+C-xnwn!IDNTaBPGQ)avOTB6kI5u+~u@-&;W{%W0JU$uUg(gyufwQ!YCDV zD~Ih@$bfK-gF^2igz&La>I;i3F>cq|O0Vx_If`ziSBRp+yVwbN;k>!4wzMDM_DreW zz~%GIRYl|z5{(i#%BYnEentol{uK#)G6yWShk+I)rj%;vasj@r+Tw+A1EOM4gO z01uyF9Uf33fLmYtHJ0DB+EUY@aZl_{5G;LG$LfcU`BEpljJ}wa$khyDCkgc1p3d@P zTtd3Vt#r^)P3pwps%Qd1*H$!cLdM-q_e`B5aqgXBC5keo z=cWk-efeLHX?E{+e-I1$ocWaeSH|%BwWUoO1z39^2s8LvW@+>8m*-yP*Xj6IH{sHN zN~J4~3vIJ@@+KxGDYjHGzh`WWLg9v~(8I^My&`BGhXG59vZi+_j#Z1AYNGq>TRs7X zWh+CyYy{k;ai7HB3S0ky-=*)`Y(1MXz2ME+mi-Vx+u4^uZ`6a+)|_6*HGQd+2mfX* z2*^#k{8}5qt&i21Lf$&zZaIk15yjmT;(Ga)3dgodXOn;6H!H+4oq9FM5hf$eu9X4U zTE55+{nh^R_iGwB5}|&GlKtzyp7cxd@?R2Ep`U43iE6)oC}a6|!u;j)La*H<+(x2N zR&Rf`u&AhyP)n#nr@)r-U%~0W6UFPhwR$X3r}@d;@g@h{1EJFP6oi&Ay@U$-Mc&A{ zGVuMzb|s3{wKeT6%&6!;A7A+O+*q|qF-RCE4f@q%{gCS+91PFoKT}Lp=&BP68zuiV zltKTJmiQNu5Cl=mOu``IoSc=FwOvhii@RxN80)g*8G8Io?%2<9<*cj|Jh`T zLhV`2I)iCel5%tT{+KeW6QN&Dq;gJ-*i8ke(5^@-C;_rt5%Pg!V1FOGiP8j1YilI~ z0|R@PdsXtkT-9Hw0P6=b?&=;AJVAu3hX;0_+6@4Xibm>T=gCAJr1@Wvn>S}#JxVGG zpC<|KX=8R5`7q=!W&YEL6NUEQswFj{qoYeqN?P$eS6+v#VlEMf^!Yv$`Oh`!_i#x2 zWu9D$E!iLD{A=a-<(NVX34T!Jb5#0&tQmi3ODR1GDUnVLR+{U-co#vq3Q8eF9fd7l z=zbySUykpO|Am&{mnJfsoS|wY`S0%ge|&OdQl}?Lg*0Z?|DnPBCA`vr(8exE zzsWqboTJwK=y{3E2fpf31IhxS|IDnVH9~kp#P0l;8X!YVLZszdGHUtX4f+bv>b+k% zs(*itm5hv_+MU^QN&lU0vl7Ky{Ci#eONRgW-q1UDSc#sJ`OvG%{Z}`J5J|`W>UsY^ z*EBT<26SiMPVm38AcD-r$p3et{&%7N!RY?iqW&<5|Fx+9&z1dOxjqH;PT}!id-GVo z&{&~kB}6nhF~M7}P>xbjS$W(EAa(73U>l8FB#~=-@32_6&G;RutcP3}oBnU%>38cM zZ2yVnL){4uwwCc(*|lG}#?XV?wz;k9WA+ot^g<5X1>UO(#WEpl+G0ollP8uWro>W< z1t{R9*zGP;DV@`wTfVzR93uHJ=WpSP#u@<&Rl0+IBftME7;C18w^xXXzMgP+ovC_@ zl*pc5I*dq6^dG%y-aHxi3EyBn-i~M~|JCK9^-!$4Egt7?N_F?oh)DXB;wF(Eu6W|( z-{Y2lc$aiK+1S|8gs~q_*{$nDDi!ZKgEOwi|4&-&ZAizvx}D%DvOO85u|*b|n+kuT z&Cn-&1eBDrC@XmL7gEZ5eoYjPH=ymnq@k>d*okVNGgCMU{KGoPzhqTyz!y!5vb#%9 z7so|%Q;U)P`JD1LBH|G3Algyse{dgv%{z4aQM@&SlRo}X9Y5M>wwLQosq#PZZ@>0Z zJUMR5`Ilq*OQ!#_e*f#F{=RNE6(au*vPvC88!s1YdsD{( zkEooq)yX#(DH??P+noHh+|OepoD>w_)5rYE(Ehykn8Vem>$$sH5=!PE%- zEq)t|gaHFn_Ho_a#nfIw@A;uK7AJEH(Yn-#*L~Kt*WTRmX1f* zP!ZI{jUf^khBPlu3{X$xQwM-@$=)wAZbUXe_nl5f_d z1ja@|lR!QwhCLJi(GHcBZmBKD`n!CbYR0$3Z#a}M2QSC#P zs>Q4~>1ShvVV{4c7t(82?`(^$=nf$sfsbCiS6n+;pFP+Tg0ICM>-HB2Or;5mkKdAJ z?Ityk#23#*j2Qi8#;h6Aw3LkgMgn(*$65KWk;o@WCjsg52kpKRyCm02Ye{S^^U#Q< zm3LF(8ZiFHzU9v9Ubf9XQu}k2H~h1le#u$oxs&EF&I#u)Ni};ljXU(_Ml_~&4l3Wc z=b5&Ai3RkmaKmC8+9TFc*+{M18DTo-r z+L4r-$%6(Ud1Pa_|JZ@!l}L;;CqCIaPZKQfT{qyP+lxQ;xkq5>AT=JbRx4w%`%>}- z6BR`p_1{8+#gCbief?GtX%61~X%#+7qqtW^rni*;g&CDr$Ww1{?CYzf^E1f^)iRjo z8Z_r7(C^xBL#{L^%{^1wTRiC{sKDbI-q{BtZ4DEF{l7D@zoUlammNUz9UA|?Y5|-# zRR-hCWkPDQ7DuHrHvagNe169~C5R1RkNWZTd;8&ti1D9rPg{G5cDE*eer|O4=^St)Z+zz+{T_1# zH-+_bl*sTjLYcPmS-qA?<>d3+nkk7r>IUH-S&>)&m_-@i-fHyGkepyy=6w&rOX9P5 z&EVX6G6EreN`j=HNX_&YNeT1ob^&~v1d@A=t;OO_`F&5lPhrgrR@1l+mk)Yq0p@?% zRm~|59Sty|iIvgxV-+$?r`8^;suOk7{dWlbXFq}9VqOLdXocU4AbeNg7KWdHSOu$# zBa)^K|Kp3YP&VGDjoK1)dBLOoN|f^rORXknmkP9#x%~mrgXpaY<7WuhZR1w>)@P9^ zKSySY+m3lM5xVvrCY1+afbPX27wB1&`5-D9vj5%sF&)u+yT}*&_}cUL-QK6uKCl&M zmj~1ZlUU3*o}nNW%TqnH;CN+J_>ta0Gw8*3EMVx3{lu%d!N-09suPg+-E-c~k>q1f zL;{FmVY*KG;z87peX>U8ul{z#5;?jJIO}%^<`@%Rm&pTCI8LG-vV3U=00nBX1ldZr zUX9+#;!N{)dAog`xa1CbJE5*%AH6=nOTD!z>hr%W{_loYI`q46I>EUrd!|~*8th2` zP);li6si3OIyxaG2UPR<972y{C|_is!EbQBN7d)V6q!P^TF}u*)0iQCE{M-O97ivs3*R0>_~raN0r`e8_;E1gXF6?Pn@RZV6@z< zvQVjcsQJav(BM4Gh~;^awk@C!+I$!4>FtyzH>Mruk8ecLU(A&F#tQJf4ZSfi>1a1T zg^HgwJdThvoo^34G$oa3IOlt0#-Jg;1Adiu_YQXE7%r|!*IQm z|7wAdIQ&gFvy)-aOhuWcRiUg3Lun_uF~eolNA5Wv4d$_srxe$tbls0oJ;bMC-E(zD z;dj?LhrbPdg!iGO8JtHoc%IVfjW-T*l$lBBO~7I=u=eqMA+UczUd> zyW`uqV$)TPH8(~MjX_>-Khm*teeFAmY`4DX32Hn7A{tltltI;v<}izMiJVVjrUc+& zLATqqwRl-4*tbm>{(Q$PaloOW5vmU&_ItVW zL9QchvFY!S?CRk&IlRmcE?dU zF!)C-C7;n>Sch8C{3fh*N&5EVqB8N(ye3No^Hg1EbdZf*8OcvaLmrC7>`MpTjBQr& zd1Wr3!eBXr2`fpMRG>f7U&%7+2vW_sZAV=2& zH4&)O`AXX)i&)U>OM4OIml&}EUXxJ=&UMS_IZG7@^cp@g%^iJ2nSi&Kw(14!`(^2C zSB-~^7nq&ecmxzd+x{At*14ZoEIe^rG)mhN!D}*dD-aBQa9UmEM=2e1f zoHD^sj`Iv}#P7JLJW{$UL+DUkZQQ&wAW|@B7fF_xJ-mJi^IbQ?j&?^RXU6Ec$hFHy zFz!>ouQ+oox1XK0yU3lB@{Py;9HLEXn*9KN_j~#|Qoyi=L-zDBi%Y_jXHJLvs%t&q zOsG1pNd@=9;#G>RmL0>WEXWLZyk@+nrP?;;GCx12)8&3elq5k{L8k0xsAV|bglX0! z0wL@A7rF7aQo1qP4{P{AfL`)hVD?3vb%^pqgt0F`bd>e^?sJ~n0i4nk3n4QUZoG?b zMJZ#k*bq$3hv0tIGZ@EEDq`Yd`O%ueg()>*bQ^VX5?$EFleB2+8MuI5ueJd#JUfc; zez(I@;*xW< zWbXPzx-5ec8-(L<;PJ1NAi{T7gPCqaIfkywgY=?XEH2|0-C>t_L)oT$=%#eS~@8O)Tj-n2#ajj>oJ_mdvgbcnf2-`JAw?~=Z$ zY?i!WIrg^U)E6oThT?`zE0f4F&21?3nmr)%0(M0nIS77mU3aF0t6tBGQ}an){T4CI z!NQUDx+~?N-X=Pe$t}-HtvrQqhpkBuTKeV z_)zZn`zL2GnFr;xis@7pB7wIq48Idw=|k(35+{VvtF{I)j69bYD7IrD>~^oCCYg9n z_!59TT_$a;(iP$cd%0c=PUq|+ai z)dXO+O-pBIWZ)C%WpRP0__lA5s3DBo!n9H)q;77z3I;4fmBDPzq5VZQJfEBN2KHI( zr`tQj{t`(xdl^cOZ>w06aysx#d;-Ss~?=r1;$!pZ6++~x8wmd7Xa zqn%UhP;!+0QM!))Ch1x)VDV&|-TkchY9t+cuo=E1EYX|B#f@H^4Y_TEXf(@qFL&}5 zPsj2?62;4O#+9lb@j((Qp4xintmrUdh?hn7jxeV|bF;+4vV#zX_1Df|lsiD}Skxn& zh;#G&BU$UigSqI`(2*+fbfk}I=I+);sFj6h)Z{y3XAp4*>iuqk>M{A+T;uSHXAROg zl|U4g29Y>1Or+jNdawy!7p1rxCYEYwWz5c;)Zn99}*zx!2+B=N@7 zTjqKrRfx=#cKGQ({bNM=_(`qzFfrYEr;@LuUZ$o~=hs31RTGJ3H5tOW9Cza=N!y~CU9IFiqDw-0IH$iNv%^~op~6JCoA$`g6&f#waS6or8z{oMe(Yl$fn# zUaNKFk>e|;RU}ih2lzi9O+^Q*Hp1F{Xq;nv>vi2@`Uc+_Pn?C1RdS6@H)bv#owZ0` zqIhl>Z>;5%ed@~PXXi)*(j-}BPRd3)>H2_q72ZE80ci+K| zsfF_11H5UGUa0b*SwipBb=eH;_wkqpSgKynuo?39G>e(Fj7J@CsVT%Hc+apA2;0W7 zOcV!wuXAy#bNo=Z?G4)wZe(qt0FncLc$df;mYn<5E*ZM)JF8nkgpoo!PKzA$GbbV5 zaHfhZ9X%=YvBOF674qwH0|V3qb@V3j?)oI+kxSh6EZE~^XRt|S@Bq#vc02?~lf$6v zI74zh&H1rd{D`5hEEOzoBhGjEREJUnT>HM=u!hbkcRbAbq#yWU7pnVd>b zj*ngLTb$Fr&PFOC>t{)h+w}4Cbh{I4ZQUe?L-$1Zw%derC*L_4=6BjGo2zjMhhVgdl7v+vAyH;p^FMo+H?A2lsYFsn~Er+L^+d^|)8{s2~EQhfq?fIjqH zgfOk+)2SERO~8&MD?Y12B%fWM+hc)3K)8?Z^6Q|qhU3ceJ47>i-oUImK)YVvBBAYw zB_;x1Z?qWfvm^ef$urBU6*0>Vy-Lz3-5L5pjDAABSy7Ss#z5>px-0^qzd=%PWQ5?_ z@Je2o6IXm-6-SPR@8gtCcjvM{4VZAOmle>R`5<=DW63I5CW!8^{9DU9^kto$HhI}p zwmKdhW_m*Wr4u?44%j)Qudld6TnvyDKh~VXB3**L{7ov9yF)n z8PBX5-fmxN`hY60IJB4`Dp0a@L!31|nA)boMSUq%=kBOhxHQDQl9>{0Tij892THO* znN<(01CIP!L$j)qa-}?_TJJpH4tZU;b39AqULh*E@wC)mVGM7V*t4LWSZZW2ycN@Q`!C zz#>DkJ)H=bx%m9iK7sQq<1wRqhuuw62JGC0(r9GVOG`;PD!Q0R1V3CFn=s6Q9@^f!Cd%e9xOU^6d3NLeIg?0XTSd^BD3^fC<*v6 za^}bESdkmk>3gfCi`729!30x6w_?y?1jvA%o3pusN0nx2qsdgFL_s(8 z41K_F@b<{Q_3Plenx`UK+g4M_s(v^$103TowA_9f=*7`_npX;#zR-J&!o!?A zD`ph<+)?QlZSWt@2fxWxi7(M?sQ;(-~tXtWs( zLvvw5>T?deSG|L*BTd5VQJE~bfU35ZypyJcVB-$iILDhd%EUc$WkKY&h|GKhNN!q0I*o1|)Y`Diz+CQ@boy;$c#^|0%Y1T9!qET*<$hYxIcm)9Do=ZksjBFuddB6w-LOc(z_; zu{M!M=5sJ;Ha zj&PI^gbKU)bziF|a+LfyR&7I;$K zYM$H`;o36?v;L&Sp_})|Q^bq1b3&TY?mUMPrFXkyW@{Jz#_jxBme#E6ZC0+V#Y0RFRAM9;%xVm9&SG(eTsuoT%jX3=j zT7~F4eU2>pFzWxj1=CVICUa?95@W>YREj+7X=PfS5I)LgAYC-7)gL>W58?QF(nVz; zE^<9~g#Att$cw+tN@|*@D>r-INO)(CkEYOC#67nh=4ym??BU#iXPCpK{gt`Ey!J@1 zhTDE6v$bTrbBDW4yuo&9X^*{Q*QqWUZu_CLmn2|-0EtKox`)ByrA3EM>1;L#z-hx1 zlj_iT^&2i+O-C0%xF|li$k0o|%kp)}iyrvxY?X-+ZI`+u{nGJ$dQs8k#38l4ax&6l z2R7PGvGmutKs%Ghir~S0bc=QJ=xP_IS>?yZl(@<^7u&}lP&tf%KVt#Ngr^E4Y zyVrTko;BMg*J4uuf>R&YAThRlHcfFm-^v<~>KK2gFQkv|e0i^*w%xk?3@`^wj7eGM z`SD;)c#a?L3k5|1{Bl!89Xo9>DSC7*|GmiQUm9(14*uAN&mm8#Iq185>o)SkW zMwj%jv$TXhaVkk1WbDREc*TCb-^s%&hXWpMl$MjeYDv3%G0g$#5NP$!( zNbs5unQf;T#wSV8LrqC9eoBzC)R1}YvYl^Z_aa$c)iAJ7wK1TKQ>~5oE8I(8glNRH z*~x*wo1~#F)T57^!NKHwKiknY-6|2Cx@IWk`bxcJ#`J+zxXWVp(pK!ZMar7&k4o02 zkZL&C{}K_{D{TTmc7}V$sXEW9OtI7$Xcs(X?V#Ld){(f)H+X2-ya-M(CW1jpA5oW9Y-C?_tG!4os$BG9eL(b-t6+P6 zCZnvmX&PV%YufSDy7qlW55atbJT+v0rG9&tH{Xzf;*Mjsp)&oJzX!nN(Mc!Z`}Rd+{3j)D*fy z(`EIN)T#K}_{t^jRq;c1*(S&?j1UD*iY%ow*EIuJj@}b_@yxMbOY&(7f{30)29@bF z^cO&jM8`Ngb)22`ycFQc=Un!+diIx@DR#tc-rFfaZQF;QCoQR;SmVjO^%P(^)Nv}i zE<^L2|4@QMV_aW5v|@OsSyB$y>c5?lngi-$OW~Anii$t&D$J*RGt+b?-O)7&H>a~b z?KrXU{)N`-29O=5`gM3&l+Zi9HY@O@co2NP*@Po8uXgUvs>(Oq9cxCVZ|*8l zBPQ=>klUk2u>q>b+nH=9C=%(e0DmpyFibBJpDB1RAq(>~!|)CkxE$B&#eE_Zb$RCJ zbd}thC=u;cuXE|DnUd6mvAa)76W3=&J;NzO(LU0OzAa*;&-DIYDngZ5x$~=0vg7wB zcQ6ClZ}(&oU8~!0L>&f}8TP>_%e2@Mz<57;WU7$HcWipNU2?!9Gf?toI>=S8w<#3F z@d+_n)A^8I2@E@^l>t#xpDRROiW9_XRqoe@lv9)j>bNF*NS(o17~f*JvxD*kf4X8& zz{KE!{U~TZIX8k;j>o%njR%I5dzQ>pcb=rRgi{V@iB>AH&#Yh*1Bz)w$g>cNi0^*x zHpM&fn7k{d%AXh-+_%laz$>hE?dyxv{L`jy_G8N(%>b9W%uy;M_@b$6fO;>}VvD*t z=Er+|?)V)*%KRjLJ;kYMX&0rx@tAZ}o1&vZyYXbho4NjA@%tm0y-zFK<4R>C17<4J zq%0Xm^)6M@B9OM=XrBZxchLpEc$5ew`Vn~iFd94E^uDz*e6OxGoJw^5wxDNOu%Pg@ zbDwB5#+_YLmz=nx1uNE*%w3Znq!o;c;qW&<{9HN3&tlOSeq^m!t41b2*f`rGsWt(i zt#~tFiI> z=J2{~o9X%&$Gm-S`i!wx*`K?-s0t}Cqj!#1ZtHO1@J!)zY5ag(`!-D|aw)Q5rx?w( z+g~IlRWMAcxV1Ih9ACU2M#}-;wX&!+e7avyr-(V!lSWDtYWFo5UzS<=>;=^cu^u_& z%u1saR4gx&>hoah(cuzw6k?+dx@&zF9`z7dnSKFE1mlE~Q1e2Y98Jc8lO3RG#{p_3 zm`~Ggh!$`i@}YHgapqAS!1n-|jKME{QSD)8ag`A^?{h=XsKDH&SZzu^y-En%>g;7) zSgD3xdT%eIXb#9-LRMUL;J%?or7Lo;ZS?Y!S!bhYGdr?r^5MrnEseFV1z-IIquamPamN>TAa4rA)0!~4mgK3Ju$A{KP zj3+adww;upTxBqSk|d1HBwl@P^m@fy)|f~0(NUX()B3dyX>%|l@kLKK#gvD~F_3k2 zD*%6E7jT;LJ3t$!j$|aCxFmjY=jKxqUJq#t1B_ z<=%qj6G?K9bLBj9XE_DMcY41B9lKAM>tQ=9iztXW3<{?$CC>@06doL0Xlks^5TjVa zFR?k#GsX04E?Sr098^^r1nnL;H^?aE(ql2Qe$_(b7QkxZM%{ggaQQ%A?qUGtLJSC> zLQ&6?rI;M@UJL+EpOEwE`s68CA$pjXGNWw#bW0>1o(4K&_^D}hK$*G#!z;57n1TnF z-W8uKKovlY?auY&IZqv%Cf&`c%oQwhTcqrI%u;B|Vy)%bE@rh?M_!Iaqa7SLUV#q6 z8?iS5rtP#kY>5kfRQ#eC8>b%5_j1LF^A9ztDLsSFv2({Hw-!aVF)%sW9uUhu2A8v(%*r@gf#EX*up!malD7RJT@A7~Cwtai16qJQz++Q@8;obc za=rb%zjxZPwD{1206D_p*oZ#5_4PBe@X~YJWm#FNCRaBo8fBKCMQH&O$E&YJ$pm;X zk9r4SKa6f_=F3Ga_0k#ZeQAO+tkNy#9L4Bx00#_Hc;os}qhLPI(wxCrz61}JnSt|1 z&gQe33O)*pJEx9UC!91aZKVEnbNM6WOyT$J7b?Ow zU4#y2Q`amo(Jz`t#yt0HO+BV;mh%0ILmjBc%zB|I*WF?5&Blk--fs&2$5|_NqJhuZ zFj0PUjwz1IRR{V{DUcKF{?Ioxp@eohHi6A}N0Xy^UX@(y5%=qQrCA@J(xwgb3mhsK ziPP_m)SeO5yJk$00t@Rc1s(fq?6-qUCme7S>iedcYudqGh&MLV?pf)B~bKZ z+$yJ%zvbH~$M0nx)QRhe!kX!{|FTYZcg%2LWDtH#fw`*k9e~(~*Sa zOyBDp;+JFS#!OwZF!q=*SeuIi)|Z*oa-uVE7Kti=&@{)#qv=hdyVVZ2LJv5Lt8Pzl z6q?Rt$su!qrqYe33%@XGl$RP%^G;hAtJj6akD!wS!e)c&DIQ7hTJ?;x7JkCeTxMVm zGU`h<*HA}{GV<-FJa$-8%!$*9EiG4=$z0M21S|OeoXP0anps5mbmiwg!<0-nC4s&s z_%L*BaO!>(2CylL*UI+#?@B4mrD?k4E_p-Jm+oL?{KKs6yN2EGB@?)Yqg2iuYmGA& zpQHFZMNbBhJ~yMjj$#>gYPu!A5O>6>T?z*onFjdO8BJj*6W<8_(>;?EnGyd@mo9ZK z=P3?mlxGRiCl$D0%VMFt*CeV4ad&`CP`l(Nu54kIBw z1_#!Anq_d{>ZjVxIr2b0HIj}=)*__CInfMtVwmZa?@c_saako*jlrMxsL31j3Mmog znS?M64F~dAjBjUv)MnWsQ&wEg9VhxQQz_!;OfabxR`ki0T@hiqmxgV59Zre;)H)Sx z@zpcIB+(FiCha&b^&RHhXZ~_@20`voQ-w3lP5J6`S40^$$PDE1KUQOsVJq$+^&n)q zZJBU@RALU2e)BP3N-^pE>jzCGlQfZ#abio%axr;qQ zcTqX%@PtA@uG6+fsXrotN8H##cgVj`WH^Rmpr)%LVLlB$d65I$_oSiAe6w1GAw5_; zncJO49vx0mSkFF_l=PPOCPjbVyMhZI^E4zg{zo@^xNR30h#&T7NphF*dd3H|hSL4R!mja+jnf<<$N*%H@t4$0}DzH)5+IYUct@v|!+OYb}PWYD^ zY~jgx_c+go*C<1Ke5sIHqFliRr5RTPC~WN+cLI;Pr6o!YQWN|`@{gUYGwYdxkb%fG z1zTr+5nC~d6a6&>R-eaq12KU8RL)|Vo9F%fUeKN(FC6R>aLdQ@SFkRbO9X~+Phd`U zJgDUpajeJJ@!F5A0+|o}Lo4dG2&YY(!iiFSL@=sBjS#4)S4P8m#pHe}MD4?Vj&>9A zo8`?T3)h_Z$`p{>3^_?)FWtJU9;3tHki6@sXPxzlzcEv8zwh)Z3K8h#j+(Z8d`^C5 z>W~n0^;}-_dfo4_iXJD~fU*;_;fAJdr6i+;M>aa5E`2@hkH)ZG!wPkiYhZy2V%VUC zX7~0BYr`j6{wO6MJK6q@xXXZA(UU%Fr+QjzK!wjG^r-~^0pQ&1j{vT`252@jDc*^8 zhmJDjJ44=DQL?rM@T)NDbVP;*cPsTV-=x+1p?iMrbZ#2RZ*T5|Q$oSr!Z#?cTNi(H zT*J}6Gy};qBnrjP6$SboDki6Vai3$YFYB{dbSt)ZeA6d&6(@wHZ4zBPsBzk#T*XND zr=)ggBE7nd)6@b|E&z_OeAu6llHoQNI``I>7ns3`5pd1q!3a20UGZ&xyr;+rTOlGSt0_WQ3H&WE z$7r!Qg(dYmBpQbvYk1{EIkZv9zVFgnW4H>Re!A8tu^#+!>UjTV)%eOzB}*E5>LMFfO`l z^01`fMM+f3K4RmXTvH6XWYJ#nrveVW6dKxtUS_^~(G8-$pW>X}Pw)u4<%e_Pf(IzE zDFOzZ%M~T2twdtr=%7zQ>v+BYEx{5HG7|+4k#RJ-v#X@_uy~>J+(NO_5-w?L+xOKaLs5QW+^7rq#lZZbc=UZM5;e8hbeDUmrgYtvGjRJtw+*x!t0(Y+Vy+ zxm0MLx_?Q6p_`b45Gt8UoZ4h!d{9zpvD@qr<@mS`_w?o(;`Q6>~`KDZ=!ZXWzCN3t>*+yp=(lZ7gUJo?daUZM|1CNFS>ssTK0LkYwyEHZw zf6c1G8_ktg$W=rOtKx_cLk|cDF}bhPI^Cq@{cMS1;P=2+!yJXyqyQmYbxMDwNbtO~ z=WApi`WKLIPaaR;f?lycNPlipEYXaAn>C+i$4o}n*j(!Kf^4!;Ig+#K;IYJI%t?5& ze=$Ln+D?YpfU>x$I?71SakDJ4^lY2k^f4qFihM5m^icd=Y@g0^LGVGkUr*uzz~)2r zoxrDqmYH)>|H$Xi7(OPHKMFVq>7h!-#yfB|Fra@ieQ6-P=!V1Zm9PPJYtgZ#A7)f) z^*8EdIMm4$!*vl&gpV{0^`DV@%xA5)MPadsb!edjrW)sx<;ZOUK0caZ z3}5%%uy@C1mGi|u8alnezKkhcj5@GLc(J8Q81Q&iF;Z zmKd(0@JT!C1SQ%p=%!$V>qADT-;XRSQW;cm<*e!*H35u(FwtVq-N>&GY!X*`!@qx| z`DivX+3gii%>jjHD6-*?b49%d8@neX*=jZX3_F~HSOhk4Bv@s^p}ig@kWNKcUZW> z_o;+NRpsxqt=tvd(WCz5;>FmV(y<-h<33-o*JEdp69@#7w%AsxS$h-MSHI`m^#GK5 zkg|Wn#5f3BkkKSCRF<6jkv6T98QJ8aDrr(_u`l02AB1>8k> z^r&qId`3Iq0u0%x6z`&$;^gXK~Qk*h6;NvXVEmXQu#axupvH>T==-!2ng#*7e#z{0588bV;DBvC(;`@IJy9fX_lD zib_eo%8x`nxtrl!(olIq#6pp-hI6p;r zCR(!yfASiDdB3{x^myLR>IxE9$k+F4^|d57CFHV`A5Tbvi~U`>@5`GOYOaDxJ7#_c z8Oo5Zt6oeU2hQckl;z&)t#rP}m9fx?9uG8{ArwnnL6dpzvCwCosBr>Me_E_0v!7jCY0atL@>`^Plnilzs_tvjKe=yi%vyh z=lTULw={NVTk{7IY7v^kLGR5D`X(M4rRP7=cH2P08~tL!Uw1@BYp%S*)hMTXe@u&q zJ%!K-e_6H{kS1TB8~Fi0Pvk4Z3UF;vV zhU&61`J_vE33}zwzaz{!dZxm*O6R7n!6ua51xHIun%XvJEr(x5lIt%FH5;cTk?O-~ zMRHGUvl_=zYZedM)#e|33#4S;kXMDUtQYO&9yGfK@APcq@ahZ@*Q^YhHpM3!gXcQ& z8LEh@RVbNxi*?~0#{H`LER5F?S}8`*dwpOclryC^>Bhuq^d%P=4><;dhk`9=DBKk^e>no_y{0bEOEp z9x>O;9{}2)Ryuq(k67W1BNiL@iQEW}7oI2HR_Cd4I)&EO36`FXI$&DVM)jBbOxz>E z8&*S)x26h^8w3|?S&!)6CPzPB&M|Z&~FhnB5u59I|gG%t^_&9=aFyR+xVsi z!KHDajck0%R*IN;S*Pk}3(Z_FcBR!HsmtEK%xYP#xv`n5EV$_+pX_NtOmV6F(0P9| ztEIaEH^rAvA4*<+4h1Dh<}C?9K2Cg=2FwFu)IyIl7smQn*{O~YZKoj`e6N{D5Mi#r zC5ndLHh#SpeOp4&$ONNr(FLrC^L==+WZYaM_Yf~*z-?N)@ul!%CvV5`P3VEP^3nv; za?0n@nQC*-T_WK_))5uYp&|#*JY96nmV>UKE`(|FzbVDHV|&>VJv*IrM^_oB!63YiA zq0=fP>oWQ6JS$~Cjg|;N#NgV_gr7-0=+BIPR9k3fj_5Y&bftaLt#lf2Eh%BG%dRHh zCY2pN>_WwyQU~;N=swz?j2*NaYzaGd;50>4>rzT?i*EB z+#L(QZa=VET;H%6{95^DwOT7B)9~_%jy|c^UBP#0n7j;KHp8a^)SGGp*-my3i$PYR zi!IW2XT51?RTQ1uH(x8;r&QTy(Yr~;(u3CW@B52CFhAdrm+^cabPz)PxMaD4%%ez0 zJ|o{Y$efywL>?WC_OzJnn6(|=Op3f^Wv*^>=ffvQB{){W>26XLnE)JMxV$0an7F$( ztz73r*queDB|(SjuX|>0ra@&ZyD}^cd9yCA+lC#fq}D3d1uXV&ZjK(d(8XI0=M3uZ#8=F&~bEH zncne*o?YF8kR+Y-Z5zye)ZUeeL9^PO(-4)q;@MCY1J~{r{A|b#$jM2Eurco+{yywA zL!Bg0zvHk#m&ZCi?@23d*Xm;hZqo_eNPJ5IeKPBK$l-X*^|@5t{DO}hd)Q*zi#>dg zjB_>$0muCGm)O4{a(t$J1dz9v?&&PiL!hflMvE+8jy2Uwr}FJ?WZn-Q9$oKBg}pC( z|EP2$HhAKe5OkzeigbB|?Q28zRAk=sv25YR8+7CFA(Abi9cF2h zTB)r$6sb;K5>{L*b^*ecs#jWe>|V_)*NHNJjF;Rd1Jc_%doC3{vp^tFNPm$_WEArVO*l?czKxh1aCuMpQ- zU1ukq1)=&kg`(6QdNGGxcmd?0N-{?T=?FlmRfgBa_$ixkaDxupXU&7*3$9A?p$rfA z0bIONOJxVb&6)OHa~+w}=UB&mVS1GrdDc6saipWoh}_wtjo!Eh@8vT^+|L#5b9iUX zXb4PofSB-LhO%Bc*OgW8NtO0U1YY1almb!%A#M5w=T6(Of)^SRj&EL!Nr4?|MfKn} zj-E=93OD+gG`+?IEQ4o4H?4vbznMW8_S@-vo0Y-AXW6qfSnk3bH>8M^;GnbU50$^1 z#te#C@<;Qz8Dn|J5i;(h1eqMQM{FwX5O7E+DfjzJ#*@hYD% zOTR#bgOJB|`S6v?c0)<`LkD+wol$7Erb;COf}u#KgXnmHxphdz=#`yUqRJzPM4hS%WZ6h!D!`1? zFrj8MUM$RJAcI%}R?3okcKrLGoI2oxaUk0-gsa&dQUIg5ttETtq>A*8*RY~T#zjA* z9+R`%T-o!YYe$JiR-2P=!lQ2$7|v|IHbFiQAykDU6PIpt4({xQ9hhmb?n9Vk83K3R zijWC8q?B1kVy*l{rN{_N;}Q}4ct0$%Xv#WFgJgAR;AwM|6b{>|eg-M6NOBT7%1O7D zAs&Y0>l8L~6O|s#y*9!KPGQz{N2Yu02CUH-R=2vlly^ve%V_qV_s<3xj0;;E`;FMgsNy8&7Vb)Wt`Yb+oBiPXFOIZD?G(hcQMw0_F)%o=?rBMn?*3zEJmD+MI zW9-4}F8B(zi9kV^X-YBdZNL)v-v~pjG6Ct;w^O0k#Ieoe0bkxqNt1=rMAEMU9f+54 zH25U(eGXCnc@;XmC*SV!#6^#s$0VhPMkMb0byDq{O{q%NydB=jsQGhN7O81<*PZcA zF|8&w?$JsWI`?kUb!9Je#Y$lneC?E_#fA~gO5Io<`nlGo^6r(W>WzlIQcn_7M&QIE z#xr_ zj1Dm&U(Nj>84b&!J9_UXZ*p#jL)~~)Ez0DIc$`pKz}2)w!n}VGNVJ8Lo^+s=vOs7# zuFqUjS7R1T(HZ6lt!u{~BsQq41g;1XFDienaxFi?;!_{R^15W$qFw4${4ZyA;;pIW zKR>jwh+sB>LX`^%TKX^yaq=SBjrMc}8MT~$yYe(VdljjBm>3{FEPr|=kRD-zr%Aa% z54r+FIaftGm}hmKI;K*ESH@>w$aBTIDRBNR{jEwoYl_f;9GaG0DX_}iOUpNo)LcTH z{lzK#4=#Wr2y{qXbc8l+{LE;UJ8TnOtuUgqM6*jMj+|DS9XQIUrmB5ZO3SZzOq}{C zek5g7^_s1q$= z8_ImM?z;dH9B!2kkioW=e(APNn;wUET;vGhvkeuK3vXdmc-KzPSBz0?Q4M8<1=9sq z#R9d-ke$izZqPgP{#=6_T1NVVY6@R^*o3XHKNiD`TImgR6w$*^PHvV4ALh%WBQfAf zlrK3mgLHidt8qJaI^41VGg?h}oR@74lZH%?OUQN!w856ZzE_(hovXU}lS!5U$kxnD zQF(PE{81HhtHJWt1#xK}>wFHdHQt)iU<_~td; z?k-Z&TQiMJpV2x)vGW)-h}nj7!Ue@dmKXd3>#;t*3zp&vWoIb5S!b31&_w@rGRdHH zH?hrJMvRigvyDV1_17| zGe{ogs`R)vx0A@rhPhYezH8pPDRJhvhNW1&_10yIq~m0^nMgcicZEsA-ZD3T@Tur+ zoM@;G+$gq+mmctb%1c`#-($4?dRC>+Vv7FNu$i@5^2qRMr8Q8gl5!Zm);(sjPf(qr z7cn@wZc_AsA+5(o-&LK-m`2_NmY-i~Zim!tOH?1;sY~^OkD}Cv8LfKy>|`P5LW0J& zHyhh=+sBN3Z0o!ahiCg1#pCmiS}AYut#k&bUA?E*ANnOk|(`wO5V2=>Uoqc-L z6rX=NkifzEhCA~>YYJ`DI?*n5RD_xeQ#av=X@T(W?v3?vI5Cpm1}H5v{}f1$zM(nV zD3LKd)gU(UHAV;rtQHd?8&V#7I+g9Ph5&4CW20}xyD@=bwXY?-{_)~2@cpuwi+b`& zaw{&Ms9=w18vRUk^w}E2^6pOPS#Tc_>eXvSj@H_+ za>po~mkK^LeV?rjg;+b=J6i4BeU`C<_%taSj_hM3w<${%TR~-8N2mA<4y8uRXP%vj z1@xXQg6Jdop7`=^n!*&Sarp6)?d(}2)`DKW z_Ebd5qE-4uf2+3udr1x==HvaXV=TnkvtYq1#?$`7Z&`sK1yj{DpDEr=L^`vKzN6x$ z-H$Dcj5H=7aBW_DF{xZSkVkWE)*@Z`YLr40BNsznu-9)Du?m=PMUM82)$Y(klsvp| zQ7x5jtj)_x3Obb7 zxT~6$lh#oW-rI4EOt%wb+huN6|(DMe?&q zKeXI?uzloaU7X`MA5P}caxt3wL&3@4EdF;v=(SUA7jfI(TfPR; ziTT!hmq`K`%RQsxS;kQfeIO7^q(s~&t@E+%Afo}C7S@Gj}TCD4Vn+XSY z(a)_Csk}oVk zbcSWdNL+_eVb7H#paO8lI;HNa-+Al5L-y|{tzb2cDfUayB|M_OYj=eMG>n8H)<>>9 z@iZ8J7msw2_G#+89zsr8O)vY;qPHAj@`qQdiR8cxlrXv8Rz8qbFClp)*?cnb_U+K) zey8{ltecPMGUu;zDQuD|sezy_8<5{?=h9bMEtsd-XSq8$9;^P=$jQi1H?|MCIx({sM*~~V(ippMqIVAY6pJyb&Japs4b784_?8b9vzYc&cPh7{MjP&LP!kPZ^kzi5eoeVJlU^?89`LKER4Ino4X|g zVX;nA%X&$ugqZUESPz`1WX1(H+zw?9kyr5>9nTxL)P_V0(H+lZeIzn7qDb^mJNQ`o{{} zC7sG3yDw@aXw&M=kn|T(=xO>TW?_%>ZR3**Ovh6aZlJ1JY;qH&`mdIzI?uX1`O$T> z2mmE}h{_D-L-rp5+(2ZnMdg(T*2R~C6v1YGc5ScQs<)&j^X6%R^qPz-+>2sn=iq!& z3EmEjO36H7HSDqt6E*$ij`{rs{#`8ZWtg>L+g9irw4lhJNYcaF#EQLAG|YaDLCS;* zEGi@v<xJA2=q8JfwPI`;3Te>si#`!D@N z*85NYynBj;;=A7O)N^5OrzRx=yf)*7sY2}A*EyYvwa$;07*!CyN|#VW`1-8bHTukW zk8i?b`fa3t;r;778GbSYRemzB_4TkO?cYau)v}R|(gxz?da_UZRK0~1GacjFdC=OF z*b}#5$u)Am3>~MTW5umx(-5S+f0w8z2h>Ne_@Di`&0o_p|NKXY%sW}&(R}$2oYf99 z6GlA?Y)?{G8UFCLvaE> z+E2eSa{aTeKj(%Ddr6w*P^5>vm$c#tX3ybzM&VB1b@XR-y|ikyQG86HN1{D-jJUg- z>&NQk91)4@AqDm0YBk3uPaMZUiYMS#Qm zJ9(8uWtjtk?zfY!Wc>bEmB>Ms32E<)`(N?y6`!K_7(@o1SEv^$ur8B7VMK9S8+P~B ztw!zs@Sixw!^YV@f8Jf{gfLOS8ANv$E|XxtbPE?v(G327_cNxIPM&@qYvGCpo2OfS7w__YDiMx?=bd~b$K|;d0XtiiYLi&M!;oNn#O=KVbe4J zWDkFaxqku{`XBzHip}8X0_{Jr^k2Dk@`9ZlGQg~wqW%ef|J5tM0=8Zi85^1l-~Epm zOCB6WF?x;O_%Cm1`=>Ge0Zn1eKY}l>);IrYI6pg+Auckc3Fa2-tv5Jv<=`Ec7 zzd?FBn(PV+WNO3N{x^@6?oIAxgvAYk-`(ebsR+CV*@M)NvHe4Se~P2K|ag;2+@1sw(5WAAF{EoalSQp)D4X1(csoF_&UUU@v4k$6lE019?K0XRM8_--dC9CoX%oY}?4L^L2%~ z=O!q{;#mk529@hVMKUiH3FXBTBn;|A%aRID@x3jCi|4ln{HuP(nupSd#s=(_`uuKm zdL~phV+B^S!FLb)Kf#UDpD)NCJ!$IK$zPM5)#08i&$>dTZkDJ`HOT5+^%JXi6;HJH z3p^aFJa;~BUN9;ZlJguW@!!YUDP^_`=D!~OY9=hKZNSGz{-65WHb(qz(|N8{>r*s% zA2zcbbJl%yTuQS*AdoTbGhrx$S-YrJU_gp0>&)E-W2|@k&~=ET&oJtKne@)TMZTff z#%wEemRGl#&~L_sw@!c2IpWGXbYI0&^2^j>%6n+Aq~dCF9_!v5itZWL?glzNZ_@Mh z(OY-qX`5{J?-R*|S>8OA;~Hwm!#V8E&cC%K+g*ea^?1;Sbd&yYGJeBRJoC3~kkN+UOy-MMKRu zGNW!|vTo1m+8q}jURYf@+&FAuBsMbnQ8Jox3}8Y<3s=W*kHCO%U#Gsv_QrELh~!?iDx$JQ=&VrEjLW^ zh>zz+cs|0d36K2W)rZ>|YAw`U+Z!x2D)WX$-k#32=+aKMOBmmc2CsAXqLQe`B@Is5 z{nO6CpGM>%NvSL~Tx0LB>*nN&1 z;TGCO_tyKCn$Yrsk;{``QPQXzrO{NtVL3ps?3jai@>;=s3&!H>HH$$^N)ZDTFe0WH z{0QmYK3l)4&C)-y?jGNV2yh|imyYPQJPHDM_>c*;b@?h6;N5%-vL@0XSzi5iW)k=tN7 z@QZw6kTUz=eIF}Pb-rP%y@z!spVuXl|CwL@HxJ?RmFhqR@AB26t>*UxsA?fO?NV&F zKVB%0I1T7AGjmO5x_@XChJ=D^rKxznw(`;I6nnNi^GS8~`4I7;?NOZUikM zeVZXyL>ZG#W6m~6f3jLeWn6Ok{OW$ocXjvXo()kwz5}QTkbh3I7Q|#TmKS{fvz|J4 zu4&a{D?jIvDDT#<{&wG9uNn0nUEGnI0H2;7&#+&HnL+@|+ftZjt-SDk-H7Z|{e|+X zYKf`OfYVXyyjwHn*K0h0tl#$!(Brg5=I%-K;%GnbKJS*MEz66FIT_$SKTvNZ-9yCj z^dh!dy%u=N0_4SO{^|7zVZ$td$5`GbOr|S5pV7%((5-=sdF8@7!NIO-r=s*~%=Y|L z?K5iHN=6=orkqUP_q=GB$&CkF!h(2ai>n2jIMgB(8B%)HBFRpd#sEH#K3@ zW;&0Cj>Q=)Mcv-6p%I6GrrELD}=mX4rX{iskuEBpWiL5x|nqMYT|kLINX6Ay5?2#lLuQLKO8n;uxhjA7kQfZpg{N& zkDB;y&?xm_v)~I~>5${+w>;IHBeXgzcyx2}0(f)nzi(*n(A$I@IF2sB#Y??1TlC|D zvH(Lpo|zmG!svH=;N;!IS^L9hN{8ify94po+G%Ze<@s!L+yhAMWweu8qvPUhsoCU? zu4eIRAqK6-hM!{MQ7IcAI18u!<#lz3UVc|tHuVkk>MZpp43-U!EUaPWSF2W7X|v$e zPVd(`lhVZKWkSlY7g)j$_ph}|T^no9lwV{X0Hx*N$MOM~oQS^f`Vc_fjswneWT$`4Pq&u?AP;Vty;j~mGfR9 z5dA7E)Y8J3*!_-V+$7o*mHDWz!f!a3=)I4V2_Tgs;>uDzh0(ZusmD8$Mzi$wl{Hb1 z8`z;INzOUFvsI!K5uSL$ytrA_0l|AIC%T1k<1JKu>zSE+eg{x$9nKp3CD`#8^mPZG z832`*Uniw|R%@W1RlVJ=zdb34{1?G%nD#B(mYhvk^GIpzACcC>FrD1%ZxlpLR4PiL}8!m@1p*saVXdlV{8A{B}QMh?{%E7np1YO4;xgRTT;P% zwrRf7gO9uBv90*kW*NhH0Nl-k{9Vn_3UL0W8cnps)3ermCjJCmMxJt3=-Y{cEcb9~ z=lY$dI%**F>Jj-+*zs(;cn<@~m|t-0DETmrdHqbBo@#RsWp4aKyXp{nYA<;4Sjd4wAuJQ$&fd3=*^$9qU7$dvbZd#l;ICj82h z@b@Q);h{`1Xc>_He#;?)FYTF|WLP;?4jzA&ula<*vwR(Glj&6S#xDB0X*;?k?>zz* ze%jd`HqYW{L=;FP!AB0h)z{ofMGNv><1aO(jK|hg^p}iXGG7m&9)Gq`FDuiHYUuMo zZJ?Asd~BTH>AelxA5tcA^^Q&DEJPhVaEC<6D6r~TJ%cREWGP&_SGn(p&9Xnl$ZLvC*ShbNw>(weowAv% z7S75+kMrv+hT z43+Da{NY|hDbnnsHJ98Gu5!0aqHuoK+=PyYPq{(2ihwWOOp0lQw_CcNR1IaBu!$CtL~e3LY3Eim${m_TN$%eo;!PE|pDV)U~>`e+AY z7!{U@0w9cmlPgl-)M#d8kh7ZUHS2u}E3IJB%8d97-5vQG+U<5SJ&32)fxE*#YsG6# z^s^zUJ}KbkZIyst)Q$vC(q639`D{^hu7LdasZVh}%f#Tqz9k0Zl`6D%Ph67CTEzjC zC+02vYPFo<@r!0xrt`alnCzlkOxXmWj0wM@b;wa*Df}kW!LfB19LHv>5M0ZoPny#D>Al64oXxB0tF@@yW4_wO+&g8EzQoGD%3?3b7ALErz;u{WWSbOU~ z+ptxQET1W!(WZM6fBQ{{(&ph6L{-Hy>coO#4liEPf@BK9-wf40D9Ol z!X1EAn^l3X0J!R}iyoP*?$M7W_Syd_T>Wz>u4+%->>D-R6Pbwkb*0*YvweQ9RupmL${DFv}T=)u+w!_KYaS7d6l^*9CJ zbfG&^3@G99B+rz2f3b(Qt+PlYdZ<-a=Pg9+n4YM9b>61Ek$T--BfOX)h1bXMi+hVF z*-k$k-R`}7c+~+V`5}k?scx>sc%EUuu(h!fQpus{sdsA6@SYdpb5QVpI+ThD@=))w zO2k>XQo6J3%(1I0(I)reMV{kY&EYb5kbRg?jpxaaa_=f2X~y(Y(%P_`Jp2|8esv+r zlGN|xQz|52#bVT-cao~+lI^wdP$X*W#{ICi4P_OD2lotL?67=9@C+!>n_59^`@CO< zD={gujqjqW=dWkMPvek?bQhp!Z!8nfZoeo?ujqI|9T9N*TAx52DKUF;N!51OtOZ7CWB zKXKG%RylgroYGMV-Wbuh9cIH=$Ay=&^#y#LgE3<-q|ojDAI82rtf_T*S5ZVkK(|DZ z5=2F%i%Kt1u_HwwASEEu38A;pK_Oc}P!NzVA}xW08cHCv4M;~I1PBm%=%I(2-0ZW@ z@7(*Gd-m@+|7ER|C+l0YzL|OFop)5Vh3ghREPe*2k4#!1KGDA)qXu%nj0ufy!%vea zd2dP2OMG5X7}}oc*AG7ADr!<*3D9xR0l9%`r(O3<_dkm{?wh&=qmTyu(Aa~Dg=S>S z!s0t}kgJxDIq@f_U)@_ymFr7PH+Q*u{?OO4F?P+873DAJx(VOZ>k7g*-dBq@OU6n> zX}pI^>wq617y@pGgZ+2K!7W=l^~&O(mKT4xiqCFKt=^>{%?wyKfS9e*HXyd}qv?oX z`CF%V(bzh<6mzI4_%8YJ_!~GJ>5V0!=r5yo! z3c7yCg1cL1$Xop@-MFx|iQR2qwsW#a9Q^opDZmfrM6R*l%}4fCLkd2v*WHkS)O7`R zg3rY84n4`-UZkcZvGe;uoCm7Bu%X?y`6ZJ*9;wxR6B)BJ5y6BrEQ34Sc{eD@g;QQ1 zSborB8$MLuh>5}%=&VN_)IG+0MsvYGhW^BKzXs+kd~F-l(%F7)P7K<9Vze8_;?|b9 z=)8E;UCz#?bm*5bPCJBPg4zrsmK;R)pP}_Oun2WLZGQX}>sv!Dyy@hu6{?WN-e&Fc zCjt0BL9=!REK(02{Hp+qlq?Ek0fG8^vz>rfU1G(&MMw|WeJgzvQNjTSNk;aQAZ^M7 z3C1@y&?S^y;hLW#(G`-KG7f%oV%ZutXF&hv|J!cZfSV#CK*I(n*B22fWgc5^~Ck|seQD)$-$E`Hf=b2{7ZNZ)=@ zh0}Fu=Pu{nl(URInc^qHIUvzDlRK7|vEH$w8k;%^==&arb+#wDm5s;NGH^8#*6tN7 zY-oJqSrMPpqf{{~tbV49p|y%eeDl=Y5yj!7lebl|+s`>TXZFFD#s|%EG}oB$ka3!M z|M%c5ah2)_B7ZK|X<}Y=yksN{UGLEzSK8MYv|8QYH3pzF{jCv>Gpe+Pw5|ZvW`vrsB`^J>Q8pIZYu>t|B8dHEg0*lpR}E z?l`7>%vm#@H;v+&j}OjkO@W%tQoL8qWXcLotl|T2R1A+Pdr%fXsu@JU0zcLo9PhE9 zz2vCV8G@!U0ga;lInfiL;@^}^jqFfeORqG$%R9I0beha=HU$Na6Y>39W|pzhtcHg* z&xD6ey9glxHHQz>V{e+u2#GrU!e9iwMFPYLk93&*)%g%65tp`(g#Pmk-!A1%8$7g z$6QpkHb2;ILkCC8W)T}sU?l#EU3cLno_A)e;el7Ob3|~euI|6&6Os6=GFU~~J3qb)-x-KQ(OL`;trgG*C926Nz91C}`}i%u0*xq>wFn$hCyd(_qa~A0G#Bgsb-U% zJvdFnpJGOe1yjE`839HOTx@Qmr@UV>?)yh}11#`{_x^Cf?~HEEHmHB8hNYd>s8tCt z`ieOhe0F-Sl!fr}X{QO6BEWh)eT5@5y%#|W5fuwx0! zHQn=6I^*$@gx)rpJGomxe=|QEw9(~vf9%wN%hIpQxf#Fw!Bc& z@Q4;ttgYjUVcs(VM1Q8l-rGv5y}ZP(3nB-h8e ziMkdKK@~;_n^(=68YPku{deZKv;Os#>@|j2WDbR5U4E6xqC26%7-|MNRnu#mL zB>(_X^AdCM^SqWc4weUWiUd9IR?sxv7-ims%TLg4<->$KOyt(9=T|@@_q`eaM1iGG zu-XWCC&t>@!EV&hL$x=D4Z%m7*Q;u@!{VV!zWV*{l2zy|%4}fW^ul-&c-`!eR-X)k z)?XgA((MH&lT5?SeKZDq97dOrXD=q<2jwG>!UI_~Fj z#Q2K%xXqy(*=dq;tq(D%sYSjXZ_fAi8qYxj-VQNDNp!(?w-7cJ|QW)h}6cHzLlQk_q1p1$FUhe^6GK$4DM(;%)&ve@^f|v zABYE$U^A1K{?)X;Qv?ta+;#6d6g$UF0%@~4mZ+K&EM2oRkF$$>RCa&U-DV<(I(_}D ze!ciG`qvs#5TLKDp|0jzIT*LKnH+k|+u_+nEBJx5tB;7S_~K4F(!eJi*&&!!WTPR7 z;9>?yPVma3xJD$-TFOJ~s=$}MRA%qa`oy5QoZ1&bhkPWbR+uHnaK&9+b?Cva7S_3{`XI&hJMdwXXj*UePcwMjleWwG8eCRVU zw{q{S%aTiw*!4;{Vy>a-h4QDZ*mRmsCNRRwJFGLBcR-5oBI)QXagEfi6fd4iS<@Po z(|9kU8s&wTQ*~W+%AP(Li?WDNrM}k>D>FUX(w6K|Uo{|@y52=!{0bd;i+SEgSMhMe zC*1R;Lyz3FMkMgT4iOC_((8d9+druw&`neCH!*p>ly|K(PT<@g5Ul6<_*dtZq)SCI z7;hlgRto9Bw^z*r>4B2N{O7_=iwa&w*8BY>ieYN}gnYOje(`Tbjz|N?gC3 za3v-qBJkjl2B%C`9pv|Am}~orF?Eo8K~*E-><#H?i~fLg)daqAS;dvi{Pz3|WVPws z+KOzgTt>cFls9s53W$8MXfeZhs_qVwakbytPk;>_%=m&SSb2tBm~vfyL_w1tL9BJr z=MaHp88?5UFowBM9-t~VXR4vp+2x)Juiib}T6yqclR%rE`^E$?>&$F`h&JexVj@9z z>$54%+80*&oOq?q%%?W!hegm`1WsG4PKGRgJ+TA!pF{rp-(*hz2#Ouz#r_WaXG#zf z%Wk^cI9ld#4}tnVAoz5f3o+kxn02paCQeV>aBY!{zIt{R;3_3buU8^PC<@GAm0Ecd zI}BQjBOTohRj~I16s{1m#=;{Mj>@=PBgN&LX{AT$xkcun*-TS=rYMksj_oceH|#E; zcQ-uL`dwKn)lQ*r^PUPNj{Sw{-V>t{#C{tb>V}J9x#JX8;HRRAiSmp|q&j>|YWTcc z^)Qg8Q5bpc-rmkEJLhKQ!{IPTzvY{l#IPXodDnF0OF^`-(9>JDrZc4P=`S#9^?<9A zw@=2x0!X3|x5kSrP4eMhQQ?Ez_ka=WgE1Gw*g)p7@-CkW>t-z1*OUAu;H1{{l%{Zq zi7cTiR@siHhj`P|F(G^IqfpO|AN~Ph1a&7-d_vKYvJfVh(l|DXRkLO2v2xe!Nj0p%Z zXK@*E)-E5Lu<%`#X7{RYevt8*Jxe4eMJ<1NVDcO{YcfWJ`5lT)!m)`^v4_dEx=ojQ zr2jA>h8zb+&6zICidLn~=C?<*wZ>Km0^Lis`lNhsuV;9^z%;kM$(cFIkmkgoMn+iq z)b{@n77Rr^uk(FWv6iJ;{a#tkNFXqGvgU4+LOHzF{p6}n+NSNi%69J`K>8q|6DPya&ka2-T@pAwgXka6WMyEE&ak-ax)fEO_3z@E*67THSv2L z(uoo6TxzdIzxKt2e@H{R;}Vh6Y2RAAN%@xgnLEsI$}qV$hiGHYA8iOAV{ZA+2V;9C zFNBxH1U|99MKZ6E0o7z%{EUPJ=x48Pttf@{V_`zI*b&;}TH9S5x~m7Z;pAxoGmUxS zif$&oA}lo@>We(nChHx@n?$0}HhxlM%j`;Y!uOaNC1Bw+vXlisPE{jg#xQ;gdu>K= zjD7i@nQ)cU=--j_nLR7}H%C9hmWG%^BmePC+^VX-%YL%<8}}NwZg5llk=Y?};{~DB z=4SYZqwXLI&-R0$nkk68|1%(nN*>cwpX`EE3;UP9nGL^%KwK_BHV1UJ>jv0k`6b_YlxCiu zC>H?s4!;$(#|b{~E`rlyCoA6CP8DOXju_H_hZ`0m$upZ=(lgL8-5y-1k<#sOBLP@LvIjXv65WZvEXmN z;*|mdXB||3qc~yR?-KpnS|O}`g?gyNgTDT<7o4~yQk8Kr@rUV=wV%He^0%~@1;{G> zyRMEjNo5%5E>hG1z#nasI2u1xo2BJLiCA_Pvr3Izmv7M_(?V&Y3{IjZ?bYHEL_RGg z_tu10HOqjjNJk7{rbe@MPMuwJj()%5 z>!fTLCH85#c-$QOF+6%P$(#uNS-99l&^U^7><65xF`lfGFFm>b!WFjTtM>giF3795 zc=F1Gp=ZHaJ>Ip+>4Wz|OV$1{4+SwZl+Y=w1 zHPQOhjy=)vT9j|?{AXUQyrJjtjB8xa)y*nhQ$vkkPu*&l*S~hJ`;}9v1|rrOCoWM( zL`-wnT=51>ly@(o+5JCfmcjQe|77q@sVe$*m$-DH`kM~i6OdOmn2;4RFIYFC*%3wW z9xAqF_FnF@)nw17sQqQ>dC~Pf<{3f(pO!N3)YU;LYfIjJpw8{JSm29(^);vbNv+8I ztqU0K9{p|fZs44=VSEH?rz+WWbPk#P1#!#M8jJss88S_YtAixvc#GM|!zaVlV*7Wo zpszs&%&PWX)8mLbfkBPQCY#Ai%)(Kt*fYKMx!dGVQj!nJk3^bGk7&AJamKO!JvTGK=gPnRKb%JJ;}q#arhN^46k$F#Tg2&#rgWs ziZWPUjx)G$RSttNKCO*XzO$aGUEd7>$2-&W9lZKw^_?>tJ`U$wq#fjliQAYs9lkc_ zys#jrs9|RlEdWZZyK{DBT(>D#s&5^r&*_ww0}(V!!b=P(8Xg!s?2=o-!ZPl=6EiAt zW#|j#%U#xZ?F>1Kd=@R-jspOE-B0YiK1wG+GlFN&IR_Z(F2j0cw!fQtZ7Hd37>mq0&@pVUUzfwt=-gFBRZVkoz_q5 zSD#So+>HvaJR%`Dnx27gI7+OH3MxOItc&4sp||vxmKvB8ioIWTUyf{sW)+PFSYAXJ zlx&`xjPn#wLAgtn>RLJ)E<#IV?y?m-Z*A{=GP96RTSD{gec4G-uLaApMM{%UCPPn% z$K|=TgIZf7n;_L{0A0ayBpo{KtKaS}iIz)-D(~Mg)6Tg*j+sfuE5#)KGs!$mMyjMA zjHb?)uU9xHA~KcFKJz9n$O*ywlhORJxGZRE&zuqz{C%b0I%XIXCrW($Ay)(b1s01KlA zCPA2{=#h%Ok>BZsS-H74qHF#84-^rbqrSJU;PfgE)5oawvn1LFoP&1JrwUes@+a8wDh zy*ns#J};-iDpuM>Y5x+Ye@0>_`3o$m3V2{@QAEfu4&t8AVC*xcsU2eus^_mv^dooX zuzu8tY5D3n3aHtXs+89_{Tz8%@q{$#vikc0{=_;1t|z@m+Zj)AY>zh z!cfWa9(qMw$I$(rRBm*Y%$wq$A75bH@<|jwq*xCQmJi3PN&8tl@r*j;9#yIXh@zNC z(t~QW!XXWh1eoPHU~pu4$_LOI;Ze(a*+Xtt1bZn2v zyBiTg+I>=G(HZE8I$4W~tRGyDOcVY_uq`HHzF>B0G+U~!vES?_|mpr5* zH)iHCL%9v=(L-}@#*_HwWDS)Kk3XuA*)$CEz7zh;-^%~-&)K2|Skn$NClM9ko!I?L zkM82@D7Ksc9hsRH>V#Y#gJg1VP8Vry?3q^BW~=RzbIn(a>a#8+K59q;B6&TMAKt4P zQRGAaQqTAO+Rt`V-_aRu9~p4y33flw$&{=RM|ejfR{l{4IYx^53bHm#*_pAK$v*$XK_pOGB9;!jUos6xt7y*tqoH*=y(BXwKN zuy7i+UkO=1d#stP8$z1#c$yPF6=3;f{~WH(zGRHPcyZ->Zvj!5RP;S*^AGji)zMPV zA#u-6wIp7;d^&yMdH%6)-82YTxL-0|KE0(*FxK}f;J&hVZgeI%dd=}tRgmRDgeAjS z2(X%Bn&1q=M5J+@^OYeF7X4seq_Tl2o13Z-$Se-3JNgt{Czyg``n(n63=58k~x!zl7+T0^D*x!sYPV-Nw)Ra2-lz%(QOB zZnEw_j7=6H#I3KRWU{IAGZ#iw^IbG&pG+{$;rU121|uDPt)K;&rSh9v_fnyz7I#{+ zLC{OhHHJS&&U61=Kgmb^D+jqrA3ZFgex**s&l*$=S$_NzMkcaE@|@mXF|q#TAn;Ah zx>ejN(NP=87b||X>S$#xeUe1-EZDNZyaPS88`nU1KJPYO*nzX}r4{bQbqVE=J?_(P zKP0q_I`Ni&>tkEw&iid7h0msYdvjGUj45w`tSWaNzc=b@*HcuXR%DL))+o*7MQsBZ zlsHbFF7c5p3h%PBsTBV z_22&HXEoHi1pmSE{on`7g)DY~iyi|t;7Kxjim12IQWpWUs#fC7`=vO8S*%>jQ~R}} z=)a$#zgyS~s6HgH_gH#FL8LP}&y89rp&7`{mK7PnR%hGyCP%wp23%UvIUakfkVbg` z&rx`wmQbIt0BY0K5De{HCT^yEW&fgf552e;luieysdKgYoSr`_GgAYmC!4~}sF%3+ z7Oo5kzY`NXsNHznEL(qco#gCUBh`C*446)8)w7A$MtldV;hpF6+nelUk)5|d%*Ve?#Kd@l!MTe&u;< zQCuSgeU|dV1c;P$0{O$ucHW6|5dS$ID_lyIpZx> zUtZg&6Lag)bnifA2{+}bYd$2($cQ(j>5s{ng(Rci1Ucm(^wxK*0T>W>7k zwh^G=3nv15md^ES^UNW&aI^0=TxRB09vXtTeOCrT`1)Mn15`2Ckhi|@O($ZVA@G#A zo!4Q)N|Wq?H}@s+ne7jaHtoN?UjdA-eX1F63A$zFo|x)Tsu=9GC%)MTV86Ei?trK* zcn-X=j^7NNFATVhFvZhqDl)I~^gqg2%s{)u2MO40Z1n?vD;-PVyXfAbUo>mLdEWS$ zZ1u=!OD7&Oxp9f_?QTU$(Du@aMv9VJ&O9&gK=EVV?-8-+lN5(1ApiWgd7Yhmn`1$* zGOIJ7LsQ~A3pq#~!6rkjgOC~lzujAjJ~gP_T9bk(rVlSIGz?UdHOfIi1++FV(vk!k zPDU8wE%f2L2r;cHPJ*vr-YYf)kk@=jX8IV>uhcMHRsVBuNUb*yU&?38-FDkt2@c!& z z!TBy3hPx|-g8=vhw^U8R7cc_jvZh5Et+$Qic}>Jm)_@b|s)4tD&s!RfkX`zI^jR@z zBTy6lye$w}4Wn(!MlEWx^KcHx(6m`aE}>1ub7hrw9?lmoeZpjURcjy6R(s@@dyaVc zHn$szsNIq6>=qyubu1Pk;XNx!?KkllZ!W~5yVf8$*La}$2;2YNeBnrIbDnpu}%*dC~?!! zJW!*l4U|i}&$(Co5Wh03_%|5h8%w4Phs5Wt;TUa+SK452_vOJo)OGOK3BA9{K{|ZL z5j}x9_Z#Z~1@5=!--6HX!;xa&5+}H;>h^~^UC=BKZ0+(!9@bGehXU&+=r7_%`d z6$Li?E{Qj4gU6gg_uCyA;IH=3uw&c;Lr*LkF8A|b+4x`Fp0k;zB>v|T%QgfJZPEbdAmjTjz?MXqwZ74 zAPM3nQ8#MS%ohJ9_T3p8YJdFw2AI9bE9PM$7o`e5Kk%9F&VDPqyTa{PFAp|bBfsCz zRnGyw7$N}19Oo<#w3wSoLdH{G(S`yEBUYn|d=FH&WrE zVBmh*L({r`*F`88T$n@rf!xcBpTWbWNY|>%jdrm6I@&AYQZ^8r_5d zn7zc}Kt=^`-ozE5Li?0O*A_A=;gxI3TZd#%$10__qYg{HmuTeILCOk&i_>?TdJx_* zW@G`bogO#ATUlicv_UW}Aj}Wc=NaUaU_pkk(hi!cA7yr4W`7#=t*9Jx+^G=oW%c{F z3U!?Ftr@?A&$W%OxHY*mtZU2w?l2%~DcQU!db|cUvh+Q1skv^edBY`Aj8I#!S&1(n zsRRQ2(9LpOQJ}Rw-P$MU)5H~`r8ri8X^ z)m&l0X=dxdh3Lz={%@$QOqChuPNU>O+5m?a*9oQa7k*L7{{Vcl0blO~7z|9N$2h0H z0oxPt^qs*cfLQD+mo@@f;Grv^ScJXE3JSbPi2s$YKQu29Haj(!`H&6ke7;4@;}u#* z&olWV3Z8<%BMm5G9&z_NorJrV1i>WT*F6NRO&)UOULg)NfO)>Tf3~lvDgdzPD)NBs z`G)7PA)u~?&h_Y{o=9!7RNalGRrrB@fSg{uIHt#RrN?N$t%6?5W3})r$9_JCY>l*% z)1-4CtGJ=n-LgsKrhG2&>3+bq74y>C4EzlU_;P21zL2@4{uybb=XV3z&vBmdO+gwb zEPdTeN4nR3KL^9IL(IrGdAdDaeoppT0^S#53e&X0A1GmQdB%gbv(QjPL_yb}dh0|2 z61`yEMJ#^(4D}JJE8L-}H9c(w4eRh0-* zEi0JYbK8ntK?Q6D`Zg(=yw1KbJ1l#?L7O(uCpDU_=MiYOH&U}^7VYvCQ;x1)6nht> zud|)VUN8qGRLLE9<|RhQm>Gv7R5G&GR_=wp+YIyGl*ARQ7>>D1y5pMp!sq$=&2ogq z=hLYwU8xoNG>yNSQpVE5>1LVLq>in>1Moyo_GuJ-`QEBo6cZ*cZg@80vJ|NT6aGpp z9p2Zt_2NFs%duSTkQSDnQsM&Ul_^rMQ3(92eMJYuY6@$Q|Ag#U(YG#9yr*Dkw7+Dz zvFBd_se*nFpWW2UrVuIaVUG^=o~2~6tJCwPy9fZ(-7lHqvta!W6NtH7 zrt#9`CkQ%Nt6Zu5j%!lrCu_wE|A&5u7!QSW=DV;n+wXaa*!*&%`I z>D`m<>3tb6ZBCSpH4teqlbKGSOpw`mdE&>Tm6^ zTdqU-p{;!tuB?9Zfnfi_Og%aI_Wi;ZouvE!PR}U&T<wQ??02O0@=8C~3|rRi~kDtwMCNB zoRudsuIlSFxHoQipE~c?Y88O~#Fmj-o!4h|z%`zVaI4IBqeH< z%AfsxyEd>a$pF8(jZ@Xl1%Haj{U@fcs!IC z1}sboA74pEG@Yv8U?K{ae9K@!wN#wgp;i+sQwQ)H{d7TZ??#N>YjPZR^_-JhnQil@ zalHhGuQbnwrkAvVDwRCTNEc>w+$dvG#$A{qe}?8?eM?0){@9zN;mCqB|N0;Q1I_&F z^0w8P{n4B|O%GWQrQl94IGHni3fMRc@+PLLo}jAVsHm((*N%WO*K*K$A+0U(Va+IF zm|nOSH{b-Eu&~Hewnnp&;&j$F7tk8Zd^(?ZMeKis*B7-WfUNZDGN+4pP=UJw6ruG? z8(VIKw}I>?Hip*uLm#~UK?5?itCO6c8V<+M;)cRKlS#oy>~bH*Uu7b22d@+#tFWfMvZ!MhX$hD^ZXejfA6RF;GWvC ziw^t={}es?{}zd94fVrJEv(zo6#9~M{7>XY%cr}eiq>C8ae23As_iZY&Ml~x6ryF{ z^z-L<88ZCd=!FHPRY(>EO+K$K-gr}Mx-~HfEVaGK6~AuOc1KS9u}##o#2!hBPiNqw zs#s;xrDcr$XMQ2_?CqDGn(^6>lir2SIH^)r_I(}gl%>oSgSNgY*lICVE>6|eqZhf1 zT=R^u23T%7Thq1s-!fPOEAtIji7w=>3wNz_%}NZ8G(LTKFYH!OrQTj1I@D0@1-A)` z8&J_7|U63Mb&EiHWkF?Zqux!v=&K z(u>qaE=bG&eeD0ktB1^}_iT0_cLzRTPvLUPg{Q})9@#UQmUH_(j*p+Gxsym2ck!~> zu_>{)yt^+?lF@a}sl7{DnP^pl9XN>-EZI%eV{@1d8jNqRb${B#Z)u+tb{sEwu?%+wGb67?9d!x3~-_Y*j+`c3hjDn6d_X;xBdb(sv34fsA zdl0xbzBdxs?X5NV7G0JJ!2+SN8HJLGhS38Z+;Ry}K)wE6U*D@*P0zssp=|JPhNG%_ zd?cmW)W-C}6!IW@q`6P|BVhlFh+Ms6YsK7JiRDlE|1b&LD1i6*eEa(i>0giXUmr=$ zVTw;2?EW!;_4?_~769H2%^k`;Uh9le`K@NCD(JpRJ@7O;jn&!ifGsAba|OLf+d?}q z9GtH#m7|ft+>Yo^7)kzV@|@M!&u3ca4oWP@Pk-EOTR!xt3K%@SH<97he$5X#OC49a zm7!X3zb`I4y`Z1hW7F)mocOXLsE)E#a47SNq)7VnKKw^|^?xuSEg>dQ9N;gNK6Y6x z4~(3w#}q0IwI-=kv5uzLpfK>hJA!FMmpNHST(uDvU2hrmMj5SRy~ZO>s)G_7PiX~S z6jdT}j%(PwUo5VC1?CkYtv}CHP=uv4HOA|Ca>;+??Fw9#(;R8>d1_rc1O4Rs(yIig zfTYH2uDIplAxhip(d{o|{f}Po_LVj}|7cq@QJ&3D8=LHYMmmMLOBovph35g?H;TS| zjalg?W^Ou)LHp`$LQm0SMT|@?wkkPBr^QRgCM)Q-P;%xKAIqzoP+S#t$v0*{3dW-1 zMY?2AF_^IV=${7v^=&-s^p7Q>uaf->V*Fb0q^M<{q^$UD$JetDpqtPp(#0Wu_8KRL z^isM$-FAQN9%ItmK9AY=QB=73{%|P;G4mM)D9J*1)g2Y2^6a&gT&;4~@+PP=UevC~ zU*h^nlmF5-EwBA~X}g%7Xkc=s0-ZJ<(P@iyJxar{}8 z&6tRDceEgF><8hFR`zR7pYdk&?O4~}&?6HUs>!gRaY=JCom*u5+thGr zlNmBuMM4|O`cVE^_4);OE2j{uXT{8=6zf8@7#if2L{Ra!dOvnL2^xK`ooKFj#W_*- zMHcow)`E)|)e}#JfF)RyGS%bxU!=?gjSo`Z*k;f7pTB)E=2;?tE@xbwsp*7sh+xri z@Bh}I&nZMQIn6thZ50lFJznLcm8Ml0YRRbH5w$RObunlhTd(aE#==qdHktq8;h+hk zxiNV4=qtBCE7wJRkEc$?J&8$R--DmixEaDV&e(+8kEA3zKYcIY88#Tc&R-Tg2I*P; zY`8;c?{QAOJ|?3;j%t<7A;PELJBm8T-jw~h6Ilqj^CZR<{0fU!6h_Gg+qjP&Z2{p_ zop*;l;AwS(OyxWR3uyljC-{-wySwWH1y)JfA*I(iVI^8kPTW*<0+D;LqX(UKMc(do zm$F3OPX0|=`;oF(TC>+-b68UM$_c(xrkDeU84>b2RV4Ab_px5NB6nK!Mb3^wg8NrY zYhY>FgMwso>ZtzZ&j~YR$5;c|EiMv8qlcQ9;keHFO0uZZ-=q4%4O72@U#~h~wT=j*ZVFuDQ>yv^dM(V+r`G6|6uam#bZ#+*=s1vL%gbDe~joEH( zdRlJ~`RJwRrml1DcM*@h%`(vU*UsSJD8R$>w18Ef$r6$qm#h5nxjhVPZl^fk02Kon z*AJ(z-h}#;{<%XtrVPhH{$GOAfAbXIG``v1;Yc=PRXf@mH>+6a z;Y6nlLVi(`1ji)bj$!LlWKUOUHaW^UCG`pFmwJ`d^}h%+p(c?taxV}}orSi-77O^u zj+~yXF+HGC;+cGi&L`nIdc9TB)R{^n&*~TlA8I1sGEN^w2}4cM7zV&tN6vzyo#YQ2 zuL{d3T&O&ny!3LSkUjW5ipOVt*Rjgpw;~cZR@<}8Y`u?@-KEuQ>RGLSU3E!joC>c5eY@3uW-`aA+_>r6aPRvo>P0e7vtP;!Vj z5IjURXB~!UKsyc>Zqj~EA2`gU+tPmGGSc~PGl=F=u8l$FO1byxD}AmbzLmJyBCxG# z{_#!&PPP_bt-!NR|Km)Zvidg6O?6jN zTlS&6gdJhUAYNXn;l4BBzIS@u-q=W6;NI*}x3HR0KxGsm0YAPz7or4zc*0|tZ^w6c zP?Sj=B6TZV~d_i4uPL(~u2wzcIwcU_#V|%Dwv>Czbugv{QtH0y3#AjR0|?qMVeeJ;Q#5GoBKV3>BO55@>(ls zJ8wn~J3~~GKXG;x_$2g;6h46j@`N{G}wkcNTmN*Hacu_K82iGut zfQnIyR8#f)!DG!9eqsy;8U_Dy#)OYy!DW?^C-5e?5$&{o$ez@j?D4%RUGv}9(kwMg zc7B&GqBw0%duybncxwxeUkjdhvMfZ@`QkC#%SXznKSDpQ@@6b4Q^6yRgUC_NnccA# z_WWP>Gs;JfdY60SkCy#cjb2}=;wu@=C!7`mDOTC zy1;xTPx^FNne%QEYVk0bpZGn6@}<2XEt2Hj|Jq~Rzan?s_*mf8W56>)PJqoBY?~}8h^$fGTH4t&q2A6h9zoZr?g|(KH1vpi@hIBg%H#~s}Lnmv) zvT&p=r+!74sho`R=xX=I?6i9-(r3l@DoOVDdF*jBG%Tz&`{oB$p2Q>H$U~Bd{NtzJ zju!T$-~dOCp#Vr>AjiF}IV@|Sm+i+OCwU$_4&VrQRstjq%6iIS#^7=tFS>|pORpy> zKjpWIIW;9E5GP`;)?=tBy?YLp)@p4FNh#gklwOXLuB`<5TwoksfCTt)5A0)UnE7fM zDID$1^mSM>F2DNmi|S~5oUyX0vNr!?qfGI0O5)p~owXa#>{^&-VaZd9YwKxFhH4P; zY}Gn9Db2Hj4zGCGdu;UP+)PJqcUR&s-_bbP(aqC_s=xe3zoR#Y^auf~t_ zJ&(Nwca9mpLcV!8yb8A__}>TN)hF$a3p8m=W_AJIKFAH>8(&K=2YQJgL6oFggV@Jk z1QE5@!5scAdf97Fv{@f8w2nNcZRKBnVRK5GV(c%JUr0+58uUU-FE4Q2@a6V?MEd15 zyMNvF_nf7IV8~a@FXM)8hz9U}&wZ z>`nbDb5&C=z$X20t>kS|T*_jZD!r9}us#gnpXt|L{ak|nlV3HG z-07$7aRu;biX{iDNx-5OE7p_M!5qjx1HMsNekVCg5*rp)B-9m z+zNObRA|bW*Gf8w^da3m8PrPKSrPFl{bo!NRhedU5~z41!mW}&(;F|8nsxo8#J zMHP~3Pzd;Vtwn>amq!JocJ=zHWAB7$))(Ao-WdbdVwee3hw-rUo_S|H4`(2}^_lj> zYC}rS@8x|fOA3Pnf-@ZQPwlg$%M3pe1h+agSGc;tk7S-2WlQwGSkfFfk-o+rVC*y155hu3kaW!5JX!nD{SYJ`Xo9`bZTRhno zfK=o$g=@->=Vo%1m)I6T3^=^_hsasiMiVk5psdy6ZtMlCSnNP~aVfH@b^rB6ftBpW zbTHp2sl019bv2;|Zu~(?vVqnI`cW8g?c=mk+bUY|#$0yz*Z}(kL`nE5-Qz$Xe$Z5E zRb#-ZQcwu1J8YyE9c+1q@y{vG*h2-J(CUzQ#tklxpw-Epk2ZT>Ebu!GCgRh6Qe&1M z^(*QK*m`P^6W-r7Fr;*sA(zmW!nQc7xf}hTAfo?#4#G^wv;0K|%D2p5lI{85M>_e( zOBdfUkps7#(icIBqWH#-+SFzAmN#wmeD{9WtR`J&;-enov1b8&)b6cW#No>KSKVL8 z{s+G=qgF2$r6`UXo~OpEmb(i2=7y8namdZENM5nOD1!e6Ke`a1USCOW>JHq7Y z->tc@kN+(|{@cTemrRXV-r2jR{UeuW6OKxU%_XI_w5{UlqmwWuhGTfE=!!^#`2saW z6R?`&X5pH^*ttKx+rF1&9cthP9dsEnG#?>P_hwLi9S6mBw~qoa%Qg))=4ffEOdW25 zjk+s#&e*QcxYM^)uryrRTWHisgd}cUgJN+C@+O?8&|xDZJ}=G+SF?`%Mtp)jHT)aG zD|dxx#Rt#fJ`fAWsk2 z{tOhZ=So|a&KSF?y-Wks4i2m>uPcOlN1mEO6R>R;U*qVLu#NH0_3ZANE3LB^w3icd zH5^2qH+eC<@~P{Uh#*Ik>_Z#%s)4Z6;c|BKs~`gbH#vx$5~{U$Oz~kr#vu3=Rh08- z!h3sd(;tOtj6Hwzu!g#U-Z82ia7l(hD?i$hAKyr80-5Vy-$_l4vKVfmnktUNqof6p zaoj3p5UzRXU7w*6p;|*RlxqB8=eY58jOqw)O_e*NSygt!(Qt{}Z0R4;{)xZj|52Fy z-+f+4seV0CV@D!jtypE5!sTU%EDbh8pIYAc>y-TYX=>D}3L1?`!zeSRasJ2eJDW`8 z;u41CE?qn@ZZy8-0A9d_9%uD^u4k+AdE^Hay6Zs&2DG<@R2deiGy1Ajaiof zl)o{J5fhKFUj6;vW#or4FoORO_NlJqo6czO4{uwJlk|<2=WZk>2G?Hl#ApLYvyKKr zqYYBUVRnhMXxSHO;l~gQdxy_XIQ55nSDeGb3mhionVF-XxzZK)@;eicU^1y$m=AXf z+i4M}CLPH#_8&IJP!Y9=mF=BNiP5oSXUvy(nk#oE@tkh`?@ikV;d_qN4eQ@{LLT zZRtUmELAE=EZGWXU0T{hyc84rIP1(YCEi1}|NYkfKkvpIJAR-0$&Zwacv22v7=1ZK zvS(cNT3^mlwUawM4%CS?6(6jc7S#sVGm&bg$lA<${+#sW#h}$aquu2?G_Q1IP{m^` ziWCGDsS7eSn?WZ$D+Sep9nu zt|FQCU-gsST@ci`7qu5Ak~O1#K3$!<^S8}I|6kTK;dp`fDx+#d$#q9b%OCa}LrQJq zA3fMIt8(s;5qS&FhC(^1Dy*?JNcj0?1aFk z48#id`l?QNMIWu#R5%bS(u{whjl?M*UuwsOc3yu@(?7cfoOUjQEz`=}MxW+#Cz8jl z0JHvCrYGD79lWXye(Q`VerTDSkfp3oyzz92WbNS<8`WQLd#|aR6m2p%lnIN{{yAT8 z{pRRby9KO5cv=kDL*+XqE;s&Up{&af(T;m6hTka}@u|1s5ZTXaT4SaM(jXe!{yT)S z#l7qQhrRcXXZzp&z)?ymy3pFHt=ejDT2)moZSC097PG`2wfdoGslBRdiy30iqPE(C zgc>muH4;RUUq0V^@9+D$_kQ}l_w(QHkKaEYA#cg+bzbM3*E#2T#>PSVU0#Vq-kgvE z0~#T>t@i?8)3nr#yXtfO+H2juqv80=Z#9-WmS5UqZ|mSnU-U|_;C_|a`Y$&JpPHrR zOBcSCA!^@|N(D=k8VkXI2~2fvWoKy#pmQb1phOBfRvkdu>aEuN9cU$hujahFjJ{kOw_SnFS9C* zFwg_eGTfYD2!jGwnd0@*Q_JF&YYvf0IC--ueM3m4L!Uc+5bUo+_&@)CeV5inW(qUpp}f5Y0thb>;c{I3Z8!fLLlXnKc~CM zF=?;T!54zex~xs(9?B@F($+F-fgg>>A6GabuaygYGVv49yX*dGG->7k!215(kh_>g z>RD|AslR0DV220zpA( z;-zLzb^8c687{AS;jz+i*GnEfVg5vd>)o;TrHd{1fDcO-6nPBSnZM+QCB#QZkWmz6 zb|}mgWxE!AJ^6Lm?VqspcoKfD+;$0Nrnf;!2HuDNAhEDkpY7m6*E{8rX`E~36SlRf zMEQ_{c2N=5HN>VS{Y}_j6a`*zw1bTVIX&Nr{Z+lepDiG3_YoB}_?ufjtyEnY#ios2lrZ z>$HvA=}IF{u|u5vE1tSP(xeV6{JQmE#M65Xe`WDmRKFkW zrY2!ju(#ia1Of39WsoQM=LvF zx@LM=!h^kYh6YQtsK2C;vY39~{fT4!lTcR$`0occS}XC7VN?I*At{sMjR#Nu3zhVT zM=USVULs?U&|xk5eb)Pb`9;4!N3Lpq?yo#gL38l|iF?BLG*>?U*U^XnStvKzH|Jma zo`3pA*nQFrG51T#j#=V=X-}jh@T30=G$4Jr7!3&*Wa#3H)BRQ5^}pT+e?q_#g_tt#33nZL%c6yeW9$(FbS$7OB*8*2aWHfYH9S^suu zzuLsVzWe_R)gO=M|Kmc{@&2m(`DH(^ze`n?Uf8*4EuF2ir~hS4@T;IIX$Caa+#e>C z{;6#IGt-6Xl7^D*UHjzq_@Dp&pZ@g+smtm0N^aa=lNNVck`0GAJka~KPkV4}RG@f5x0QX|K7RJ^6Z6{;-3RVF<@?=}(U9 z_ao{sCIS6><-wAc@E7)xQ0B@O4AeCbSx>_QPfU7HzOn6A1esIAe()` zhE`jXY;Q{6xuB$=CxkSh1bLP0(AoW57~yhpamDUW36+r3TO<#rd+`4Z<9BG1l&tSd zzjXG$YvUFQjX}XzM^Rw7dQlIMjyHv!KPi7LxkgWLG46Uw03eHn@4xYMRBw^^{KIRb z=)X%V{*EP2bDfC~Wtmky9R>BosIBba>&(Z3CC*8`^{A!XXW6+Q?oy@qkE>{GMqjn1{o8`xP}c9t zU4pD0wq+(Id-&&a+efRa(CqNb3E48~lS>FIfV4Y;{)^R+1W{}RS=4$Eu~X{wK^l+Z zFd(lgTx*zwN)4{I=xJ)jRL)wPIT!7eIUZ48T(sesS@|ga`Y~|ZBVAlb|CHZ(Lwoe^ zL5d&DvydR@)MV{Q0XQsA^yd zWCB-B|80(AGA6KdSp^-YP-lb)gXMH8p`}|FQDYx1G)29P=9lx2!i(yx-4fD|{)g1| zQK5B&MP1KVV@he?Pk7HS%6WCse7!ja|IUL3E-+UOCi>Oh;t31kr2ORmA5ej?3DZ!) zKo73`;B|=X16I_{$?wvs?hByyEo+8 zv!`u7x=hA?-67s{fKu9J@%A%eVe-EArG+_iY~z0>Ks%Xm=!$QA24u?|lK_sIjE{7}A|fJk=#0f3 zsNT#InVI50{`ejlj``{S2o*B2g z&Tz5KRy%F8b!$sykXb&?T>UZ@A}uW`J$M;-WNL!o_NI?Z%=&n1E`3v6NX8_FmhR9k z>-|Lbe&p^hM-6uAGSN>43eofj#N-4-U7YdavXFcd#h~QZQ?q;ASL*bor4%qASf;L> z_5O0Vr|rX>VEVxihm(^@c6z!q+-Nk6lnQu4H`2BhLJ|v4NXyGDw#>sa|_z+ z8=Ef`3!i(|h@X3>jme&__mR^Bh^+aWCrcfTY=4KV?MlftHheq5K9EGZpB-PA3)y&k z05>U9Ndkj+M@C=OkJ#SV35d&%d0}QKN}cdg4&9F7%*x8zP^@ps5=#HFjQ&badn0!& zw@$5~?`saxCRr-+6Ol0R!sg(HirvRA1%(fXz0Qt3kU?KaO3`$C=uoeJ{A5S!RlD11 z00dI6sSnK7+rB4w6kryV^lBr(utI))%UN1RVbE`vf&Ns+)?%a^j@UKA9Pb3^dXY55y|4? zB6K7Za6b7Zjq2vpUjB|#tVo}ZC#^PlFfQU?YB&qF!J-rm9Bn4B|H7e-q zIVc>oMG7CPr1JM`DoLyGTsHq?WXpRI#Mv~*i+YZqxd(b+O>&j0FN3prIX@$BfEw+_-dvlB32qJ}n&*Di4Hdyb@ zI}Q#f{f?T}+tF*uQ`@!^^@{|X^DblF_K^A{3vstX(`uIw5#kJWI>ok_oMyWNAHU$9 zX3r&e$Kq!cDUCVEt?e1p-C#&JAiVtqbw21>#T2&W)ErbxhLn>i+8Q0WmM(3zph>Td z^%wuUO8h7N^7p7$hp~V=#=Hj=&8NuQFEUiGA*I_Cb-Hr};HQ@PQQ9Y>_1HE^3gSJ0 ziLv7!&`z<+U>|zSdea-+%GE2PSLn>tsVfD8%@@=(X^Wm-{ICqzwfoA8mlnSE(=&&L`%-&oWZCBug1rW70ncw?*9{6t z*-nvc26NxuSir58vw*CYHP{Y1mSF{Fwa|XE<-RN6rK2*9oaAtg!Iq~yZYJs-OlaW8 zWM`Sd+gdE&z=mdD+SNWYevZh3B+$tK5yBz97^&*_dXn8aSdfgXciZ~2Tp^GtsN~wa z>&(LyJWxNk32DF8lbL)%dR3LBWWK}z<8Qu5T34ci^8jU0X)1`VSqXS%G*^CK4m2yb zD^!{+iN5n)>D2KbW6VoKOP9oW; zc=vA_jPH!ibR>zk-xhU{9dgA=FZ3PtHnXkSKuvckO>Hi`^+PfS2Sy(TjdK{-q74%i zuj*S4m%`>ozhw;1ubxqPt;IWwet35%2`Vja%dB-aGrnr%H(hETY@t?6osgoDRc85W zHP@qz`J@PGo~pkst$v2h3b=%8{duhAHc(bJBX@r>(yOq!>@$JTtFXPcIRp0**i&y# z+IB2tzGE)toDqmolX{dw%iuh+;Rp|hu8g>!tH zO;FeEirI6aIWZB^!x7as{=ih1WI`KuTO|s7%Dlg-NC(b<<8|6@DPXt~bwc(|8c#804;FqO76^Yb<@wH zzSH_4PI}bF3qxdj#dnTsUY5lIlA9}oPqq7p-U?H0a1K(qW0r4~^=+bB+l)Bk~MW#hw&CU?z-VSk~JXW`x$Sgif5^H;z*4c2wn zO7(zey%Iv-GAfA#n}=6qc}nPUw;KzdvU=HR*}q&x-Wh*d{{N2i_%~0YgXFz!JURS{ za{!OejL!+g0rNy7if%D{_>pzZ(Md(b7H}du?NQwJOgw4gRiJCk4%jt0UQ8I{sT=(y zc)de^vU=;L4^KdTed|6WJ$}uuKtXtIi!}pcs~3Jyhg`aB+~(Uh5j@boYaGaXe|~4~ zZG9a=^|`Tg+acuIjUwUYt~g5iyR&cW^eq}rj7UL5`?d~p@HLjU9yFHFQ>?AKWG<#x#AwHsh?kOq=*hPj>h zFq}qhE!1GPMj$MDF#d=}+IW5leYS6P0<%ZQ<4$~Xli+PC$CHEF$6}K{%*X5srK-L0 zBJZsL$=Jt!1zsrXI-s+=di{Ee!3nC8z@6KUTTe4T$5u~j)<&ouLrk%VCetwwF+0lv z^>b@^*XG9tHRe#dl5-%YUq$-N>6q0_aTX z)QzVkKt^vdc3ACe2=H#1z6G6>v=iB0w~YB^C;e}>263~caemSIqVFW*x4cd*R6?GY z|FGPvN-4LYJ*b;#ypd&)h(+~+c35SjQkXFQez{ggkZ+I$ZcE{fJ>HW5xQFr_7pftw@ zf@vfh)2U)0u80vsa~Y<%()TX$W*w)Y?8|epoAC!cL0phaU$FLlIh86-OfPXK?K@|Y z%M5E4Z74j)erQ_=6=T3?)pVO*qj6$BaC#SU4Ff1CEddF<1Ne@ckbf^1RS3DiCrOUw z3SLiszuf-Y>1nk?~!lVVN;A*AUmG0#Z!vZeABKZMuzEKUJa5xYjze-8pU2x}d zUex~UtMur)!-gs*S8cSXV3k*K#j`uB1>X)Ymw4)(3-e}`c0nsH4`pT)ceWos?4K~` zJSVk7@k33gebw|;jg2;|41jq!dl`cF?q>5LpDzU)Q6=!&Ci^c3fxS9^md1Xr^u6~y z!TwW1t;@0^pU{hPtMCacBmMWOh7}*ubz^wXlesnhcmT{ax}DU=lFd*wEJwOH97Qax zVq;2S#iO3kC>rgfDufkt(*@2>;5)%XY^J`8!hEl2U2+kXk&Dswv-&cT6u}f>4+7^; zVfwR5d~hSNpCupyQBJX_TUq|m{+$_-Ac9_| za5YhvrW1^$g`ans_3jgJKc66{+eoc5(*GZfyH zG>+AG-xld+jNS(V!o~m{aPRIlc+U$&y;rr^=ID|4D*bgp>`pAC$M-|jH=!1mVc&zr zBkL*t@IJ_el~qv{Ppt%>b(9ar>ulTv{f!rfnkw~!rM6DvY-Se_r~P=sUT$k8Jb2i% z@vtS*3Lz-O?WBKEn0tqVnc}Rr9!U69k3bC;PaxDneAlN)vNadD6l1IHFiP?1`^A8q z;L|-_rLGX>ueCAnb>9%A%_pTCb+uy8*1seDBm9WR3(n%eAF@Fe2i=@-_7MCxuhX0| znWiXxzO$WdnSpZttKER6c^Gbo6+GUi9sZTM1>!|7Q=W|*6hzP&0g*nVW?VEU%4>^b z<_Z`ID_|RV9Jz+9)Yt*h#WbUK!5vpkCPgyHpPp$pV`Gv3a}XW zTT__<6ymkC48^KM8Oya3tRjh5ylbif&)ic+loTuyl5<5SqKf26Ra-?FDGYOFQvz$O zj}+5whEsO6k4HtcMJ&WETpL`{y*$3r6X&XTDKOW;G_P?|sZO%)OqSWl`$=wa4i%qSDUHm% zdG~A>tdx=)N4LNpL#5e9m}4AFhV_p3Q$=)EJ)i4yYwW%7q>%}=@GLjrfTP-dw4dF8 zd>b1QT;0c09s@@Nt)t$OO62;3k@yLVpa*wYsLvzRBBB25Uz|I0E&R$fj(2#u8fs>q z$L%WH!)`U6QOG=5&D=|#a?Yl;Fq`N*8-{(Ac8JwRH*i12S%5OYo1SvlISX!Ap%NdK zFo0*>={kbYlU?HrAL7()hioYo3D_qvy%6#}D}YkKbS%ILCxS48*$1J&e}R~2xi3^h z)+5Yd376VVc$Ki1i-ibP*;|>@srpA#>4xBZpSuCk=lyYyPpU%){OeC+a~sU;bas`_ z?B_{)UW+!maKfS8g3#uGs$qGNB8fmzxW~V+jO0&;D_**0M&9 z2cPcQ=dkPC$WwW%R$%p&s>tzJ=Zhs;w7_=)@x*nrjE9pd_TOx#e}rJQWk}K7Am2v< zl9u+nfx>A}4YkmD!HjI$&^TbW=L4e5L!!NKNEzhjr#L%$GLnt9F!R~V2#0W@KbZrT zDbAJ{{@6ZBvnACX9~sq>dSE1-CrxZYu{*Q z)Vj3Ls7)tsVhIdyO%}R|Di>sftYztE)46sdQT9x7I~2urgS9}L^!fEFJot*1pKYD) zaBsHEG}|Yz*G5f-hrXsN0t_EDx#3yh*lVF`>CCP;FvLm=%J=lYQNXlVyTi)84Nr)? z*e1vJkkm}NYzFHaWa4m`)9ku++32E7oLu0EE|)w%7pb!@LJ0(44dlMN@UwMrH~e94 zka9=vk*%C-I zG;5f=0P;sxIYobXvp)@(Q4sP4CTrou6BDoSqUr@VjF>kDce<&QckJ)Mu+wk(UPo2B z=-d#YE(&?ZFhVHQizjqAo;XDNNNPH%y+#igt({x?@(ZR7t9{PBKNVVg=~hOxDSVX< z(>M?CZtrGoqT}?bc1){Z2TqGww&XXq>Ly0r86c-WQI{By`jnQPcxkxs9`FFwi!IO< zRi5wRaK^Fi8p(&Guqy&kdf@65|7qV12D&7L?yo=aX+PtH3^{EUd@>xdfK74O>GtHp{bU?Y{X`_o1x3gl<+vSZc0u zPd21?@;ytH`2<}*8)zqaJ4MvHi_GU|NSTCAYo&T3XHVBq*r3nXil;$lUXm$PQbbLkmXBgsiI48+UE?rzljd2-Mi(foZImlzX zC3jB~KISJRyPT5?Ov=f)skJ_OjqZ6wDa;1=O?t!GKD?g$0A-JZMXvo+k7R90TY?1D z+LBP1jSzA=+sb&}Pm@IZYxsA0uv1Rq%8O~-O2R#UDi@4=nHQ^5N=~{Dtb@O@I5|)7 zL0D7k^u7B6GNFUnGUg)816ydTylf~5u1T9Ny=oEkJu%ew`$BcQpX($yoOrgs96D?P zXuR_S@qn3uj^Vv_<|U(NVwPQ(Ks#IlL*K`4v1J@$&vHV&S%lKA zx~oiPD}u>fmW|Lhb9o_y>Jrnyxf@k;lJqYDY2$AmFz?iO7;z;;QfgrKn`)#BI;ZID zqiOh>r~}Q;c`{2L#jl;74v!4&iNtKxM@oaQe8KvOC4if;jtbKkUJPG$$~UQOoAnD; z1II#!lqaj4fJ@u+_3fA+1w2IM7|B$;qD7(pJqzD5H=bs9uhC59+v|OHM4zVR@dMkq zHW}YOdGO7-1ay;!Xc=rzjYV@Y2)KzdkdM7)yB!1=#4>}nrUl;#eB1K*}`BT zOh824Q<0@7N%HP82g+;JY`qo8VsBV6CzS19z1Z~|)v1w?%ZnFgE0A}=&qTj+$-cZp z(rdHT`zUAV;)&L4HoCoJ&a!Fg{*u$PxYq(ZMuL5J=;dLGq-w^NhoS}n(YwTjOt(Q4 zzAc8IIit#}$|^5ffIbZnTYED|c;GrZhg5A5M!06wx*UYW%faNp_*EJ_-d$XynP5Jv z>v`)3&!aU)^yM9AC)e)+wQ=OQxbYZA`vX~GmT{2(F(%+N5Gdu$;|nq>w#znPs(;dn zS2Cy!vFMHp%j2NqvD-r9+b)(#+6zmyGT|`}RF&s6o)q}Lw))0j=Hwip$0Bn5d+qS+ zZ`q_0bIDI@^f??1PLA7il0Sy0PI(yIxJTX`BGpd<0b?U7Y@TI*(eN*i#KCz>CUC} zc=jouT^8t=nj!ntnv-($v##C7;x~esE{prAdgO_?_XEpD>!~wkx!D2g6f0s57lOFw0DICID|IPy-X~ zA`Xs*xAz16N(>aBLAWa&m=U%uANRY{fXG-=CZ`DrCu6%Ke@#~mzB#XOiB>M>6FG7E z38{SLPX9CNTh*BZ-v8qsgGX{Ue{HQ6$Yg7g!~Qbg>huNo zAu)C_fm(K=Fs2|Q*DTOw!l%_y^Ct+Pt@Y%+0a)_-Zq;W2u>a1-ug3|yN_O6cm#mFk z>p>oR&;yc{P4+2ryDQGyKkqn*e(Krx(jbF^+q@5PB`kIHX_3S`&Qz_=skvO2s!U`9 znihyimaHu=1K@~A#d${O1UqsmlHIopS+F9nA?f%JAQ_++#hU|f;xg;g3sTb#>X~2j z)Yd-t9IUbf!*{@s>{)~?{I`{gV9V8;`q$nQKA_V zU=8oCHpRlSI{MFXMHXh8dM_aZ(y8Yox3cIzACL0T^R}E+pdX~@tC+UEy5AuOaPI^t zp{B@2GX3upVrW=SazhTx`X|MH3>%t%ArC`6kF2{Aypnx1;$@?M-G2K(*3$@kVBdM4 zj%d6$ilJvPHk$gRU<+QC$v?rb-LfaL=^F1-)W=G#d3GDS49;dU|RkYSP5bP3Ca0qvQ+G$;*L{SmEH| zpD7P+!4WpTBX7ddzY6g zs9v)^sEQ>)$*|~q`-)suG|l-HX>ztLEe-oh#5)+72~6wl8p~-tV$Bj8vq24W2db(x zM7N2;X@ZZ5nv!g$6%jxt*05U@=@Y$)NXd)Rmn@rM)b{Q31EkNHcL#AWFV(nbVDB00 zJD0t>UP15i#b%KdN+1tWc?6U8UCcSRxU30Uv_*=#yY-$eDht_!T#fc0jr9{>?1by! zU=`Expt@kAuWV!x+kn$!bB|Vo`FaC5NwSx(;>Hp{Lt`_p7SVX%7Cjk^TF-^B)NTw6 z#*sbUYaot_I(efQDIrvh@Ip~+Uz`BVUd1%yu;P9fn`aq8X%{b}ZLzMLjnyne@N7;w zXX(0(WE658u->G?h46Z|^n}3r<8WE?>B(gUq_Lv~5+yh_N7SP^{W9Cf0d?$XTCzJb z94RjXP;_bb4hGl&TTic&R~!M0bNGkWg(_slx%>N~(0OM0ou{;T&eUPFMt9gFZml!}U$6J^*Y;Lg6l-|-&kbYu9hmuqv@p5_4Q6^|JA#V}ZM;S1$g7kde-wiYBmRf$J ziw|mJ9;d5VWeI$@WSI*Fg&-P8!Jyy8tV|LrR}3y~#;0RiAFDl>9;m78rZ8b1$He0S z&#^;KLxC=d(f3%WCXP6TDbYx_u#>>L8 z*lXnDZ}4Xnu4o2-0&s0e_KgW@)eFK@1)8OnYzb3EH$8?5zh~A_btNw6D-}W+E51tf z#xa=Dmy3G!;%cRX#(nW@Dtoyl27b+=D+_aron=N?(o>WPnmzg9Eb2ijdShqq#_Hej z_M6)ZvY(vuzJ=hvqq787ctBe#UAA<{!`Xwz8AJ-#8S496l~g4k)~|G)0~RT7f>hA7 zyY!do)=5ElO7_-mBIJj8GsvT3HxHOhYGqV>?G(9bzL-86aNK;)5Rr6syvawNCw+>o ziI1i!*?1cVO%+zoQ8WdJHzP9TUq&fR(czmnvVfaCfVfedM8$z&MdHo?=qz(CZZ)O* zrna;7s3?x-LYr;9X?r{)efgOasX3KG+dKz>O5APER7`vD(Sb|X?I6O$4NNmA7!=l~?qwG-|5Pyj+PC5l-K!hb0>;g@%?(U6;h?+h z=}6}Zww4Fz%&3FADh#ip0Mfm&;QbkD>1v4bpXLV!L#cfwDKbsWV zC}%bLav5d1P>)5mk+O;!W$*}a&8HyafbU_Yb{i_kWQdIfOds6xYWLDxP^j)=!-x&gSlIrAZ@y~w5?*=rxH4nBRW}Ng@&}rKjM(3!{y-Z9x17?6@ za_TtfXMT7i@_3tonIQQh0jmy*(d;1VfT*5@c1ESloyN<$MMVs2~RcBUC*H46a!g&|HF=448C!LkA;D`Kx zsn;I4^UBQ!bD#hv^D<(uFD7mZ-c$1;x^&KNR@s1G4ta z*3wMA+_SIGx}I_C0tbB}=uob|ct3JA$|1KmCLIlK7Z~-1wcir`y33obE+k4YT!}7p$fiFfEwb@hOIa#cEn>g+Uw(1|b!{q~CK*kxjcv_P#PBi@IxRTFG|FhE=`DV!JnA0`@pLu$B>H0h7*;&o{?dt7)XO#c zRL3>FUe$n&4bw2#8=^OVr&)!M?-uk>zn?!~#5lJM7|RCXa4&umGjjgdmGz%SNh$0$ zUt*>73?~-&Bh&k`FD+G+ri9YTerE?%A~j$5)J#Hsp6CX+kSb*91u;I#aOUULJ>21T z@$Sj(zEAHbY^lOqB_x_kZ#n=v-rVu|DeK$7@^<3oxw5O2ZY-!^Kxw7?i-3S*ZmpE4 z8)_W$*%M&%+1Z7~2Lom-gP^jg1K5`LhzN^Q^K#qy>!1CeR%fMx=C_*skrn#ubTi^} zi*SIr3E3Fe>T5&aHflq=!*Wko0BO`fC(F~_9|28K1fiCbFG(r4Qv5 z4!B4mZhngDh#WBMf@&PRv^uJE;F^Hsb@q+@^F2^BzXza`L9f{3(@slY|6shRjZK1CwEEmueP8^2I-!T_^kmW-=uLNF%UTJE?Dx(| zNVhQHseI#B7ph8q>`(~>I9gL+^&64a`6z zP|V5zcCbcIM)H+zhCDPk4WTw@;8NVrT7d?ih9b>fWHL=m0(QnWE?lFogjDTCyS2RJ z^xd)z%H1S@K1CMFxXiBw8vCL@t9$hb^?c zTNN)B;S4_HNRH1VgUR~6+`2_?jUof`^6LT31`}n|^$l&<(gmAJXSVqRNw*^6V@4^+ zxS1B_shmL|)Lmtk>WMQ`oU?BNNRW-=(swKx@m@jQC~dYd?^_HLK{%di5p{t$_k%~_r~sc!uC z5_U;hkJ+j1bNMUH@$eKWpABM=>(RN-To(+atGJ?}b@^s{^iv}D#+OOS0a;VVtk>vB zgDDIcw%6X|na$R03F=E70j$vP+ZQXb4LF9=QlE{YTX#aX+_}c&RFKer+5Ro|o_dyI*FZ)E znWZEP$0E>atII+N1ib)y9CAr&BbvwTTrSkS)|4}Zlz?**h&r0uw}bhEFG+S*558OZ z?9kw4B}YL+No(X?>kzF!Q%kE;9r0eE)VgxV|0x0)FfTfZu6>?xTNZM4A+hE`f|LkY z4DjYYG+Tc&4ir%ech)z-NswI^2;_287sq-qlBTJ&fL{y0wc$}JyLer3=YV05Wt6eF z)OPnXVjl90d6?ef-i*R%{%HHMUY&R99J=Firwm8|4N|ZRnn75i_UT5lSK#kXaYH35 z>gF^H3j!3RF|88rd2o|CgWjgQFJ8 zkPmkGw!0A5lBZ=t>H%&gpwWzbc%U>%O8x1JvCFv!xZFrG|B5g&WuR4zT8EV0pcDF@ zb>pI_l@{K3K7Wd-m3JB&^MZGU4geeV*}GeLs4q`v4xhp8?tTz#5w&PirIivRX7=Tz z+VI4il_pmbk9VB+XX)Gq0`cihMhLHRR$#=aNu;8Fne6c|_brd;x>*U70D-u})uk$#y7We3EUm23QzdgS$bZ7_kQDXo?OF6f%o@L%-7tK1E&Twc-igJEP2+YK{o>`y2{{ok%u^fBYU&;C*rxD!dR z|6_TcY1=z|8&t`d(AbR5%sHymv%`ng)2*AD^{sBPZ-!p+F&mUxDK}fPI~w_n3J}){ zPI5kf-nn)o+xr1)9jzs}o~gniCb0UO0CnN*$dad*Hajj)8*Ax9%}n+pS81A03>&AO zJTN;0$vn~8R5BGaG5OYdf_mgfa=OPWSYr4b+2ovU4RsOR&eCp4ysQG%q43X*6N`>` zghHKvuVC4<16Ae~i`(=;p5hZPzjj&qyqJ0O8}n(EfaixtArag+huyYG0p2|Q5CKRs zu!fW{=`lNu+rAg6q$(;{UQiq706;Y*SMN}?>tEAkcoB3rhi;5n?D!Zw(_hHZY`apw zsGYfll?KkFbSu1ysTXN^Jg?O}btAyfsGJn2Q>HPZLpem({WNd2a)xB)LUt3cT($jL zmBTU$23LZNl2zxY72ZHEFex6ms?54+lm@cx+8hL@bu9KhP{Lon?un#h`o;=pB!xo_)#3WJqu)fFO&|Nh$3}}Q6?L)2PV&ObttSB$` z*nW^VE_s_m(0`3_)GL_p5sYuLiIne}O>2YcyZ~~U5PM!swgeMiOvby+lTagX(9e+E zGA@^@u@6)*mstdri4SUG`fJ!cKz)75V6e7GdvEmW)}uXVZUu>M$0RnVd83rbQnK09 zT%0d~bkkgZGB`1i@iTrhnC7?%X~~qn!qNSJQrae{vTAGc=ewnu7m8jzwdlj&diK#4 zr*y_Y;phEM>!5Wnb1P5lK_l@a+IY~I53;P-{fjB|Op(uFhq&|(v_be0FKTw1| z1K=wq_}g;(qFQ$vgzY=4E%{p zcNklf`ur651l0xvop08=(}QTrVD{ZGVvhv#(0*NZ&2&R$du`{*{)i08FfuJ=seBN5 zm=j`Cw*w1#d_~IF=L4z39-ULCesqrS&u6VwYh_JK*)mH$hQ$(=#wu_*1AX4ICXrbS zkItJ#k(LdcxZQh^3aX-miyh|0bmN`PO)M{kk68pr_;a6@Gmv~&%G$yp+d15T2L>wE z6HHz^y@HSAK14d#tfrjU!REU;ZRuS5_N>N{qc#X4IN^Me~J_HA{dS z_l3{ck)Tm3)Dm2Q>YU|RJNn?=J+Hw4G=AvPb-!RQZEOGoirKG`klX;NtHc6Ygkz7e z=~36SyV)+iu2=~!3eAtR4M~5feiB0d;GB2(J;>HVIJB}}z;3Q@X6XzYOvoCNvT!hR z6!__w`I3IEF5`*i?KLKY*j1=Z@J^{@F>Z^66V>Whp!Cd0rOvGS{EzGvR^7%j88w8# zNRG5-JqksOa-vd2kGYTKT`e+;Wyws*gXiV-Zx$xz8eFUGtH5iVkqp15J@%x2#OyF- z*~z^S`imn6TwCk`%_3u3a#z{|4)MBQqN2W^$^)pEKqrkl}b`_$ujRB6n7 z-?)vlREK_HS8hGg%$~ru5n7UQW8>%(u$#CI70ulHDSfgN1l4>&kPXPF3U*RGnt&p> zK^d00^_1rJUEg5)3S(om`Ti4QOKPBnyCwXsZffifgfPG~b0+iQbKt%849FUKEuQF; zAf-s@gEGRd3$L#6H?^UXhy+6T?j>4FDR zol0@~GIg3s7k<`(g7-f&F?%Lj7Yr*Zn@-=QF9hT&ZDsUCkh4AW6*UllO6G3h^M+~5 zSqvwW#u(^r0iI2Dpon6o7z2WmV;UX<|cy=QHl5@gM- z<;4B&;*c8(Gx&`w)rN|UF;|gyM#T6MkkqK+U>i5Z4@VAE^dTH(jpa|Xj)6F`?ePKD# z`vSxm)ZE9mG4oQmwI>Y%XsTquk|9}z1nxU#G43&|hwMEY&vY8|iAQREz1 zPt;7_AlsS6*680DgLkrtPYNVPuBf%A?i5ST>3ftm)sJ|NJsAzUVXKcC_#~fdw%8zg zfO&ypwN#vaGh9O=_Mn!^&Rdz-?)5Yc6kZm@+HLZwf&DESDVi^t6WcSw{^0g zDs&J&#}aT8*gCd)^o7|P?CRXXJ`ul>x_^RmOSQf8X=Wl1URK#Q-o$Z_xQj&4}eDn}arbU*`5E1CvxZ<{yhN&RscydCOO5ODN zyxZ#2t~p93Q(i5VFNGHBp+0&}uo`K2t}$#E5p;m-){W)JHTFAS(gODRHH+ahb+4a7 z9E}x6oR}6WtR6`u4yd32i0FV9Kr<#Q1%bO!KNX|}-T_bDwRd9v$l!nA{C5WAqeL4; zzzzT4Mb`1bEtk>lh31}*REmJ0-=??%?Pd$ED-4u-a!pKZe_{WeB2Z%M1N86zxq(IYa2&h9gm-yM=nfXS$Wci$V{s z@T!!|ytSc>HW`XXGkMt=S-igRdPwkTGXl|an&Xz-)~DdP^=`ZM2f0piryu!9r_6mM zhg+E=-a4)ga|$4D_*|P&ci`K zU6qxN{fefgPx03vF|{uetBk34a&>ZL#+!+cp>0}`wkp$35sYxZ{DpwQCv&ghvF$b# z{w!L9yHnFTVC&-*r1@3+6+??RegLqp+i6R=6uPKRz0quLUinj76aim?Ttm10RNsyT zVD^{yBub@xA1js)>&dvHX*;03kLqb(adQFBEijQS2(O)hV$L&OEo&C2nx=FhW_oyJ z3!WJ!H3I~^Dp(Ybi~3?*OMWvVtC9*X|2majC6dPj%=!4#UvX@$>VKwp|04tJkGTSt zWR(5}k6w{!J2Y@TFu|RtL(R<;0)s{kpx?r@;%boAt?WX;kLL>L+i*x{ljdx-d1{uK zi-Be8;0EX`g3$I$45z#Zpyc+XgG`}OMNg$- zr4Ou9qAqmP6F1vf&nEJck4oPJK5v?U#7;F*J3GX}vT^Z7T>A*0MbGVX@aM=Yzd1kI zEH{1KtLL~gJm&N+eUn4KQt}!rX~2@Wf}U3oJJBGt6B9eR?=fcsE;$S*O;Pyp(w37_ zo)VLW3F-E5xHK>?FY(+N(UKL9;KE2b?e!9Z>_iXhuPD0-BsiI@evllXh{*N#4}yP6 zJnic{F_hfiY#G^|czJd%l(jtJYw=!0;>*OV-GoffBc=n}sqsi29W`OeFJ1+X>9`J{ z%r{WmiS70v*^Ab@yXC?Pbrfk{2-BC;)tRE|fTIRaJWRi%L_QdA;T^C0i;JNRW}t^Pmky?H#8 z{r*2LSwd1tiO@!OBudDxB-twr#+scW`)){uM2PG=A;ye-XGSF1M;MG{tYaCBb*y84 zSEug#oXdcT(E>-jvvMaPKQ6K<;4G9K7InF;;$=m4=A z?6E)X83aXs_Rr<>)K+yx$OYt2GbwgkzJi(rIF6d~Z;_kRp-*JZ!P`Cod3G&Gllq<9 zeBmM!al#1NE}do6Cv~gNHfI-_tD~5z(7YzpP}f^yqccNA7aE-o1Ow3@0|x1(zKihs?M36R%td+Qom9`)ob5=atwGVxp%SAD_AS&;}dln9{ zh3|Y<3uxm z1ZhEk9(R+t3KC;Jv$XMC%N9JwE$xA&sj+(WwQw^Kon`%wFt!Js4k+tH*U zOQhktEvwmg=P&g|XrY)P1rvd?JoQo@I&xyntjVnK>7qdSOHJeTj*LE2&k(-}3r3|< z;>w{#36m45BHY~z0;*HUA~r0N!|LAhxrzZ#}T&!cBKYU zeHD0Ak1TY={aHx%6_@+a6bm)gScc)$sN9)0e~}!}U1J)ohWO2O3fHvEyrpXjwv#v7 zX8{V)dD$R#l`7)9@alk!sc?d5k+0NK#JNNokXzGY-mjMDY}VyBs|zv3I0#yjRQGXi~U= zq)ba@jp%=z=&#(!jm<)SENnV>M}QK(LX|X!`gZ*_1Q;(AuR5T;=af*p4FU(-IrPNS z%=-j1+T`l10Li>yyexL$l;2>hWL$!Z-*~$z7sQ8za?RC@u96$Yk0>jYc^LFJ;K{MB zHHA&J;irC`c{W{HwQrgw*gs-LU5nxlR`+)h$L`@R6z?5cHLbTp1k1vDJ}y)?lDP6O_Px zBkPRf(KV5|*{_eKm;>FxV*b!95&4K3Aj=v+^V9ri;}^ttiFM&qj- z6ZNLxQ}lbBgb|x#<86|ZTEmnBZ`(+X&D2yn?9=wDJ?_E82_s*(dZKf{cz)X=Bh}Zz z)M!1{r{%$HCk!vFqTwYAr~5Fcv^5JQeq-~ls;vyOMMQNnIabHf`ea;c9omanM6~Jn z<`hnFmnABj`UZpe?KRRYuvF>gm~ffxdc%}WTHALlXQJ!v@5kk-4>Vpt6}(Qf^?vgw zG4n+<697bSkY_3n+m$vfNX8z8FAiGjs5|gc4HbnPyITXo_El;E8Cu89J~7=98J(nJ z1#catAS$Eu*!Ol&G_upLkt?62vLYxJv?%4Z^ugVj1Jq|1z%^ZJlOqn#%AU(+qptAz z_R4c~2DX_OyI9Wgu5#Exbc9>V$bLD=3R@+JGDGBB+%>pq$WKghG!3|uB<4xFYjS$; zLU~J?%$|=r_Tg??GN`={-+T~#oB5I3=+fdFl5_2TKF|7G!s987%)WXHD$J$(^-AHh z=*#DA+e)1M8jEi&+FVSus=o*Oo-iFhO2H?-Ypj(fQO%4sVXwn3~ zd{NoV6>;VIE#v6ZV-9z=B}$L@38wXZR#hA zl@#m7mwIeypvbvN6VQP0oDJ(*>KEXJ?RQ%SGiBRj7(#Qyp}!KZ!5oc9UHn|E?+m{%Z9U2WpMapc7BKzw@)`3EV z8NaEA_@*k&UJjl0mb!z0|Fo#;40DAaKkGiuw==DCV9?>(IsC5r+DgcXFBerm)ts}|rJGN)i%;%pe&L);ZTdMgASSqc_&W!L+DUzmH^1HQdSTfzB0My@J%#gf z;W@wBxYujnqqQwwdgZ|vUjtdA=W_+Dp>5cjqkEBvD6jg5glw~-xq3#KrTt;G{qEN}S=LpzJN9{1E5V@S4BDa(wwc6Q1#>Oq z$9*J$t>GgLf3x{*tm;u}ew?n35k!ZqbLwI0Rv7A76vs@+9HO+MJ zT=zk35onc3yG3(^5$8V5NO1q8L)px2)x34-#mtv4+zs5XQm+7#C8jgSW@dM)C?Oc$( zh{s;G(y$Sz@*1`=bgJ)9{959>o&B%8cjyUy|FCfU6K*Yt2>BRsmx+epn(autjjWd#$b zHh3f0RL@p}j}mBH)%PczTEFj>86J@*pKeR$tZcvHId*2{3}Ts@R^Cx>Tu$em5&el( z)0OZx&>5}gwKB6{a0_s10dwxy375dkP0n0-{B&d zHEHnz*l0t%2zd>+H`Pqay0kAMDlyDPr6xiQ-8ZM%%hD~TJS0R;E17lsXblTtXy(cn zja-KLDA&~o8rEO#t6NG@woe>#Dm_7^~ zdbNpt$*$UX9K;CXQWNlLY#brE&!Jpbe(!5J$RNy&vsRbygX4Rund(y$ISSEaSu4HTVQlV@YtNr2QjxG03JP#tod*GEb{VW&vr?=P_FX)9d z+MIFzdxMaPEa}yj zlwFd%MxIh|G!U=jTl5p|Vf`ZI4A8z;AZg2TgUH;by`u|=<_jW6KZ15s6LrJyM8~Ls2T> z{@7sqFwt?0%`V0mPUs@OjR=4oPQnfkjC#jf#w`3JKUKNfShg*vUvRm};j*2al-v~{ z9$VcFS*M}2zeh0p?8>9OW-sjRdz#5rczSYQi{2h-{nEahZxT~mq8oM>Mo26O5X|Km z56U-*O)Akwt9O}nx9hsFkaVyg)X(k6Wv202l|FTvtlXwC? zpUrc_T^uYWkmy!%Y~?u%<{xwvn-3kr*rlx-`geSNhK@+!x}S~idiC7XrBxZ5#kNeQLfHEZk~{+@@t$LsrE zCv%7AaQfW(mJ%_h?HSU)D!}Ej|N1BaDX}Dl1&|adQ>Q*4vv|d@B4Kc=h-_2$@hWfo zSng#PcE?yngRMi{oUv$T|JnW0%cQbAl)#;g{TUIV4sNYBv;^IhXV8Y%_Xz!RgyKict7zO|L*wwu@6|;9yFOPWmt6&}HmO8aJwdo06|meJ>SA~3d4NAwA#XsRo=(!~ zg}imBw*YT_O>7U6a2Y;@g{h`rac4qt+Hu$_vs>eLlO9xHl0Ck~7dniX^{Kz;p^#$` z_L0iB;ek^8M<2RZG6EIR@q}W{82+% z=QyuySb6b39u_!y(0_5PNxyHldD+(wf*YGbSc&(PH!LscnPI7f(xkLJmZWAzbWo4i zH8l_08R-#*rRb_rUnLj|auq|L6{t?Ewwp{TKAJHOy|Sf;!;Skli>|NNaT;nN55^z% zo?JgC3sw3yI1jYuX6A(IFOgh71>R%MRdjg`9I+;Hl*5j5GiZjs#eR_=Har*Q&qBNf zZ)Qp6kHRvJa$|4rws>MXPOzr!kCGu4_tW-?K@F*7EfdX~%DXH|DnPMzC17i- zhmM)b-({zoO|oCbhhxI1(h0#9T`|W*D$C4o)0P~YI;Yp~{W6FdXNb}%-&(IfuT^Ls z#HoSdCuoun9fqyD2PAyf9dR`{({Y|FE9U|rhPe#2illA4yh(a6eR6czo}V5wNwh_6 zsaG0&ulTy{{YcU?^Pl{K|60NQS=9|h0+Q}a$?1+n3~5E+`>t5TYHH=90PwlVjj(>V zy?c57CylLS?R{3ZDoWiZ?FFQx5>5&U3c|mmhpxu+^UuD>|DNqIedm1!o76*QpJX_~T?&a-{X4Zumtej+kP zU8f|3s3#}~J#>c^d3Up`BwycSb+xEq46X*)G$W#*5tNEYI-aaz=N4z;P?GPA8= zc;LRAy>CZ5)vBf=(SUbS%4OJ<@h8I9H#>;cFW;zl31V(Fr7Be=L#QP^6VZd4%0Wjw z`&?!5wyiZ&?Yl>+mOJh%Ue+FVut? zadX6x`&xOT0s{70-e@1~54eKzQ8XdO^9~Uip#lB}o8A&GdnqZm1wU>{tVIMK7){Dl zZj{hzqYltA>pgsT!B0VxhL+vrmj_+j0eqorYteEyM{3{obbkoWJqsIi%VF4CP#5U5 z+o{S^m>V1s!K0vjNpnvrHx~p4X@&vpqniD4sdlodkGn(a1u0i!k3@O1vR&e3pt>7u zBBCRtz|5=+*-~ua<-MwhI=5^-n_zC+0U@X6wDzJXzAUN2fn8eunNP@LZWK7|KG$3K ze`$~Xdy5#&0^n1xye{BD9>=WuiOJ~Y^%7g(-5PLS5n09<8*OLqu9h|xJU_LRv3D;P zWSuA*+J5wN_z$9;W1ET-pRQT-$JfyL;G|hW8xitwXvJ*3>zQP9xGRkv?-Km&C&3F1 z8+Yf}Z*E&Bpz?Hu(u9`r>a9I$$I$-7%z^&R+)E#wf-8;48$AKJK;TLzb;zu1aviL= z1Ds!_0xz;Ze-r_TPO4bQVQ2Q#^Ln;6ezTbjLGh6BvVi z2wmvaKFZFb`TC5b$$KOEi0WLla17F;8A|THmDyTE{tN{Tb%^#}ltFKQ4OrWypT+s_ zg|pSVrv(R}W8s#v982jqIu|gb+B$MUi~&9bPsLA=&PS^6 z9Rrq~Vf>%UPG>Ykg2tt+n!TsrHAO6C%df(P*f5LeKd+SFf zUVKjpueVog@$YZ#U;6xwjX$Whqde`kU-K=t-098bZ?QQKu;;C#Q^gGiR5g<9*el$( zvINg>9i5)}NTaNxR$f3I(bL8uc-8P4;8%nvsP}wzVHV7-@6(c&2G5G5V30oW@hDSc z#J=M@(2Wg{Vt;|lm1mtP-%ou)k=kjal=&e{2A?jn_Z?QG`Af>IXKqy~`AXYS<- zX66pKf@NDCJ=X?D0XV4IcJ3Oo)yKLwWr~TV&C$eH zQ_R1t&RIoxr|%UeDgku}k77 zil0){Z-@)NB_eHuKArm0#tU#<&=~_P?5{hg%{QAHNyoY{Wwxga&A08-Cy^DEM=_lL z_*c^j+7lO~Bv$F)p-)we!8~agOT9-ZX+qbxR`7$D@1n)7WRi=FcM7j7A_?hot_26p z>FOUm)%S6NxdS$z8l&in@QIZb5RefsnCvJVQaN`(kn?Y{d%wS;BxSLGjUG<=___P~ zC0PwC&D5)~xSJ=LPm{!hxsid}7-Gz^YGn0ibHE^(@h-eP_-AbuybG7rP( zj`i=87}rDT=c@BZDdu96PQWob#`?>n5B9RjMNldShr%L9$9;RzzOz{k=fmbSSlFpj zaII7sXKeSsd>*sDB94ySswlXJ zBoqP4g~?7yfRIk51t~2uxF=39;fi>Xo?XRqY;SadkYZF7R`iE=xB*BnKCeZ7sS0Q&@#yP|C4xr`f4n)3!t+=E8FmSeL} zEbM>bUxmG>%{xQbUJcfHtRkeQln{{TF;`~QPo-DYF;rxAFD*R?4HNVH`3a|3?^+gw z-#(x%u(Pv-GiWjomh3II_-DcZ*hNjjzU=@nv)A2_;FfwF7I)4u4EJQGxuaCHzuk+c zlm?p#bw_ZlxQwVW(2}#<`*=UT_i^oWhxfo)bjdPSCpYO?Z2y2bc;I!PTE#Pm^U{|0 z?-jus2Kq4_xWfr+AdZ@@o5^Qonti5qq(uDQx41YE>k{^c5UQ$IJbk>TNqeWS-6K4W z2_PScjnjRU?|sz8%P$GQo%N!Cm-tVk^f(OaLcX^t)^t=+yw_>@x9|^R~EA$lZ$7Iz(#& zRG2iX8vV4U58H4Piu`a^7Cn+boX zj9|`|!_l`<>8Dk99OYXi*njv|AKG%Z%;3>r!lT>w!sXcpfvR%FR+guYe5V9}q7ymD zBQzzpO0+(zNl#6@1~xVJ?|6N}m?PNMZ-aZ)AMVxv)_`@9^T}1e zx#viuJT=ra zq}wsivVHv8HuQx(-_|ZBxYFYmSM_DFJ9;*Z%qo6rA3nAuS3WH#ze^Bg{YN#|O(=tn zDr5s~=Q#ev@adw_RqtHITvr+_-?a{-wVPsKltAQ8#@LL%v+;Q<| z3du!P6^=f3E>&>o(Jr=b>E_cBF)JmF`hB^B66>wAZz_}DeYxwq7LB{Jmt^_3%Q4S( zF-OcN-52qbIX{q_!LZ=dQZGrtc6wOr+Fq(g1_r6PJ8d{(>pM`8BsqB7k*(4R@2uYV z>XhKbZ->@K)^+*ExbjPYKINeHk1#dm!#w!w(Lc*;eiut&|DnmOG`P_<@UzJ(yhu}S zX7U6Xu#Z!nJq**G`)%2XnX<#ijaiflcft~$c>u&}W_%WtqEwZ`cQM^chuhtI~u z4^J?Ib{<58&2>A;;E(*>@`lR-%bQJ;@0JM>RL}G^!*g*O##uq*9b8ToJSqHTN^`}b2K7z9-cBgu% znE7U0Tt{x|{!D{9kE%j;-P;NG4n)*K4Bu;+bDTex`^r7jsTIeF*Buia|CxFI{)XOs z0(#tUTyCHLxun@j@~}z41X0E4(+5XAUS&o(+}E9q*x=3aPxcuh(P8=IJPRSHDXNVb zUw)ceV4Xgl+==Otz4)WcsdzMtgg!Y@3j}Nn2g7(=mv$Qv&2IKvC@ZT(f6cYZ&xge< zVtw-S;W2L)IfjwMHy7lf-Q#0huK1bD-t!Ry2uta|lY0s5y$+D%yU7v_MStF~%vp3} zI;gu$>4`t$%xq*8&k0!iWI2iX%nAWPF5=j_`sQvS`tEQs?H!suW>)Hh6-|GEE}kS;8L43r`;?{iCC+jm7OgO@%q!w=kJkp_LCP>6E=RB8mph??{g_**)dhn znII#m?0aiA18ChF&q`KSRTLp^z?~ek2e5Z0tXY^9BxT&Zji1LgB&BB?nl661zl(|I zem^))c?9sk@y839ti*g9J+C!`Oa^_MVc3Nxg{1zid08;HLEp-hBEn$zeiamsG1=@J zSWl=Ecx^>xrLv{^J8kU&6-)Pb+JhKnH|-B!T3eO< z3{yVxT~jvh)>Bs2xR9!6xK(`m8(?|#j;PP>-Q&gO5MGu)ztJBSclig~&eTV>pRd00 z8(X!@irVn%8aIyC?$h(0&*m7x$DBsE;8%WmIXMH`#xN$YvjAqoe^SvpM`7$b&U!FVM{8t~darIn+Sjl56bwQ59b7qK%c5e|icNEQF#Rrgf zEjQtn6PALXv)W&7rT#mw|6@t_v;bL6a(>6?&kKe>J_1jQe+HgWpBEBKPY2^=n^B4Z=fp!J`- z=Xa<0-@QOZC(Nbt-{#H5G)I`a? zFby*A-5vj7kLw?9Q{VZ81K-(jPlx8eJvV>c0Ns7S&B*`e`b$maVX?dhC^+Tj%{8NE zst}k>*u>;r>Y)AlPxrDM01b@4EI<6r!@*Z4G0uI{(j-7Qb^z_{){6v z(wfPmKsSrSV43z07j)MtY{Gs}>~DSkkGEo)L1S}7`d>cxhA{k-Jg~OA zh{v!QhoQ<=MmoE&iH~2raJ88pdFAyg8f+%3Oq2z0{9J7_v?T&kUepXQ^%{3;{!i9x z0OZ;MOd`Kz!LsEqj=Vl773pgkzOOqnn|2dvGZuX19&qF^+~lj)Flv6;Jqh=lH*5t4 zZvMON{HtZ{8N4{#NEYlo__Z}o2LcVohy;Oww?Rx+>aIqSm6U>PK=l?~$ zF7WV&CJ(Nu^QS^v<8P-PX{x{970Elk4^!7vkDCp{tJsIvJ$5N!pz=}junP7(75R5( z%a6CsE_`JB+Q?B4y%Rsxp8((g#1#AGerVXc_cHX6`#K$*CkCY|elxMsOrAM+*yrk5 zDUNC7II~%K3^V)7ZvT2g=v00fxw7kpp9}XeR2~3GwsmyHW#@Ibe>TsfpD8F4>DzZp zSt@i(wCR@8%P1I?`hRg~e-;HF6#`<0i7tuDKSPEq#_}V;gtVk` zL@K|B4z*#8MWBT>Gpe!%nD4+RM_u`=BFyhk6ZrYe8;;IbuJ*rPIQuX)Kn{&yl6E@y zAaHUXEb)K`5F=?{mO;5Q4`6kyv+&0?8k$knN82Uk-5ndSciW|K<1F`d2gix1T+X1O#%FdR)6=e}&=` z)YuhqDG?(Tfdao)L_vNGP&x>!WYEx5B?Kx! zws(F0`CE1ca5zs>j`rFn8Iu zp!!;P70BAJ(oBq3^lDtjJ2MFSf7-(SmzM{;qwpI0ukt(}eum)(Q7(I_st3 zcB7w4==ePWoD*~MhNen*JgrEcit%$&v4pk8nZI~Lzt+{%4Uqf0z||w7`wvY>v;wfO zGBku1e9mm_Q{2#RfcQ_tP#winSwk&qv;PbMLs6PO_CGA$!!SH zwKefCR5N~0`2YFr;buQ_)19`t@BfPn{$u@ve~2nh?vFa-|8u$i^CEv-E?W<9u)q1Q z*SP)tHu>jL|G(GvAJ+Q+UfUn0_`9R}|Hp0%OnBnAY$*9JFH|-V=-z#s?TF_Ejz1v7 z-4LAnQ+~HUwwAE=4?Xb#>)?(1e+0tpj{|vR$yw!9RUPd)OtYby@bhSMmf2U!axV9i z48T85sMBnsR*zB_AInxzG7daesblIu}1z64-r^QdoxzIJxJ9Ov#eWGFECKy{)}j#g&V4I z^d8zToxhn_R_LZj_cm%1Isebc|GU{x1&#v;+|oOa z{XbSCTRsDUyq9)Jmdc(`srh0`&19t+1IS5OJbjjyPbVQfK=EIjN?xC%>>RbVbzt@Y zW7a?4t%|z#MdgoM{_mHhy9XS3uU@Q3TWCS*?j($`mkHkzQ<=(Yvyg;V|1M|z>dHx0 zRzW!2p_Cl+s?;2JNnhF%Kap}wiAy{1<7=AT4k4M_rgP|Ve|;bUKZ{wT+Z%0?ye{@n zGx(1u{Bbj;FMimIa5Xn#z^~Z5vQ`ZWw{PSn>CO_az zibd!4L86uIiHm0iXxMGGD?Q$q28-oCfBxYzE47;FGkLn-cZ4vSdf~eAdcFau-O#zXO7K4Y5t!ZXOy(x}Rphpm8v6ny@ptZsDf`&H zwfLCx2!JdDsRT15tpne2)iO3V&P2x@{xO-{YV}e1bG2dUTbF>uj{r9FH6iKhrJEYS zOdoVZcc8z$q_5?vk-@cmtKCgy)~kZN!{8#Ty#vA{b&cqqyW8HwgzT;=J%EY?zPuUG zj|X}n5)Srmh^&J({GKF!(_yA2`!fpIKPv`c&=cNUw^k^I&U@Ha3>S53vg75}RG?N# z*p)MRYUi!_jng_&N{qp$sy`(%qHyz0JiL}mPU{BtHoyU)_0`fE>`I^dhV8%Z=0B|a z*n`K7T+XrTxEw#VU{wV^;cydX-zGv%fBPa<>eS{W>Lwy zhP(#b+|ko{J#8UUr1sLFGRu|l>!&2_00iN|L6G=tV{Z&duTvsFxHC>LNq`0CZ9a7G z?%d({KF5vyHllG1kfPN@BDsvo;6x3(IJwM<{>s|8o2K(s^>aMU3s2MTWfsUJ3ImVbD)uV6XZ^={fKX)cBI>g zMWX4{oNUEIyjuEFl0wh)LOd=G;8X{*U0aUD9ad2wxGgeJnK`T@BBAz1C+A1~IFqCR zDDHdUL*i0U+IB`&uBo!to^a&D=k->ht|d4!g(M_b8VB8nMYes&qSi+_#BWJsKg-XZ z0O-D>dq(|VF_;JQ9CKgk`MZ?9iA|W<`ux#LXnShtoLv(WMWSa;O=s0EuzUFr4|D9n z(~O#&u7alRn*G5?YHmu3Q|Za3@xiz~$;zaO5t9JowNm1$vp^Iu@3QXF`j+mCn@xrT z8Dq3wCAU+PA`wuc86suQf4CqGj2o3icA%7%2`*5cJ#NplR0!u%nA; zl@JQ4%o>hPasA%Gccgm1@szTLiZC19v>&WI%halNA8&9T&jo+5Q&%M$6(Dx$tC`l8 zW^*t{af)eyD4(Y+ZZCzr7wb8@kJ?G?$B4Q~l_7JD{d^k^nrQSy5Auovo7TYOCniVf zz8_}}IRqe8Rt?;>sZq?opQr!*lsGy6iYjMz@5Nw@Q4dHwta5vK!Nvh~!y1-s@$}(+ zO;1bT-;bG$L23`Qkev94wo)C)*w4CwZNg{e-S#ZYN=?q-Mw+y*ahf0AQs7Oj1r{&s zOmQeR#oq}P&Ah>deYo`sUe~oITa2APBxt6+C;AaOqSUb%WBHb025z5+g{x*LB4)cksKMWodl}$k&PUM#u!3dq)p~k zU%CH)&f+ikr7a1sde=SeKY+lbpyo8>y!PVkxXF)+C zG8@}fOU2lH5{W1h>`fOE408H2|fiHOjQ}^EiG~HEA0UV^gzH8i3 zkh4A80QHF++-uu9-533O?JKxXnu77sZF#_am0QLe1NIEFEh>aNEl(s=pbsMHj#fAj z3>qG0^{H4uY2$Y;0D`D+-skfD=lYhk)b5F%Hv5*$ z4Yu;DMaV<_L;yM@R5&=Yn$E2-a!t;y_1$`75&^og-~zwlHP9rn9&h6F#Zv?zPS^jI>1GEBofmQ&@f@?#p{Pm&maEUFt?pKeM+^4%F2EhP~UtdpKPlMjO?}BvWYNjEcm`im!Smf40IXu ztn|p_Hen}OtqZ#x_56co!n=;w5?<=}SpX`sm^}dRURJ`w8yPuMiq{k^Xby~(d4E>7t%%_T*R(ahQ5prW;XH0gljh*?_K@T+&xxXRjFcpJ0Py&aA?8R zWqxNNW8|S(3ykP^7CP=WYR)hBwY7yVmDD{j_~@ybQp>WniOJxy@0hP+J%;VjO{1{r z2y@6Hnm=Y%N2hxLV7U1cclgt!FJ}FKd$ynVDh-Z9u%M4R_L9FpdVQ=;j?v(c&?b-; zXlTS6=-wy;8Q&0$$Dzt@tp;C;!1hjztYs$9}@->6V6l)_?2t8Ebzrd3kz z&mS8MUgS+3pp>_#S5`5LB8;Sk`t2l~YlrL>3OEJRL}X?vV;DD}1R+EI?Xk$vh`8&D zTm;#nO4U0jhhs9AV=96W5y`qYoORL&ZPJ*-uONZ54_$0*v|!{Q4sqi#Hn6lm-tUw8 ze*Ma7XvB+W2!i?%%4!o}Xg=xMg8@ zgK(_bc8Fg@uwuk$Lp@f?_rnK|^7RTH&+W4EECDy2yU1)V$R{X($5Mckf*9PdFt0CE z&;x7_vc87G&y?q?0R$X~w-yLYcMpXEuHh&xL<>r9%or%8Pa@@BDZ{jDY9DFm@B@Rl z%y?cMS9$7l&*tavU?Z_0lB1=x6jjpTa75LJE9YQut$r2LmQRNo@eq)gwh~iI zTG=W58)L{2r_NM$+q8N}T4Q|_zU;ys5l7?B9%Vjl~$I_`X* z%My$ua7tn+!I0VG!ghM@_zzhx^4M1Vj(A%A?n(aG7XOwHocbZ0`wT7Lr+B&kT@g&a7TZ%i>N|gqwuy_wYa`-(%(Z{etqfN?R27buYP}VTdkebZN7`~<-}e-6 ze}|Xplo5x20MKZI2+IiJXLc?-a}!A)H|}L+-#5zGYS7P(J=J`^O_|}l;eZ)5|8mN* zZ<)HKdMiYIn|XUHF1mk9GQR*2`Syw=7Ou=0wf^a-#V=n+2L|e)RBu|77opC*<{xX~ zp?;zV=U4~o-g+E$@`g%&@n)UyJ$$z<)#RJoq*=)@Ynfmt2d>DeFTiLM^W(nat@M#L z2%NJ=^5gM6cwG*>VT^_hWVr%LV6cHYd-2nV)SGcr07wwB#n{GkE@L@8|Ee}5B9kp> zT=+BX*tp-KV?^p@b-b5H&P51$FLGwS%@wm&VL4g7q(<<6$G{Yq%rX_3A}tU!tsd4y zjncCC)dautbfOP}s4Bq3CZqa_5F=N^=DMP&`w-%l$!}XYO8ZbKod_r6-!78t5R-CT zdpR%C!tW?4%2}(9o4S@KnJ?g=5E`$M9HQpZ+BR+{>*Ljsb7tk+Ylrc!6XHC>)SNO1y!mji9-|xYF&MGXb)7Sd)ukJJ zqgBs0Gz7}4%-X26E;;2Eu{oM+mDR6(R&rS!RrI!=26-Ca~ZYXJAI<1Qqbut69QCB5Yu5iR-g4+T`h_t`!(TFHo9*8LiVpk zQbuMY+);B()&Z4&UGbAQ6{cB|b$I2x^u)dML$yttGGmco604P=OL%xc2?e&y`=U+g zD>22mq0sUl@_p`Ja!gT6iy~evS#dn@irjLYEX*$jc%)2rG|$=TId-}08azWX_T6;q z`J9cZ3_P^PO|rTW-sZRfv7rB?+?cW4o54)B!}>`%BgBB^*=`b`vDf-D$}qjk)R}xs z5r_bAwO?4R-_DM)RH@YOa$c}gOC36u)YtA0&abL-1`<&mA5eJm+itEA5z7|1;feTI zIAW9{=zr8fS~gGMq{rguu6**QcOr6dr>qD1kdF(~61G*_ z1!`sLk)Wmb)5q>$J1%c&;gqn%OFfC8f#qB?H_z#hyHg=DDHzi2KPQFx>Ewma{IJ`J zvgmjYA$^%+NAO9jxatpRo{uaO3rYu%!LhueylqL_I|~tK>n1NefUTs|4V~i9vwG

98E0mV9)b!A#_(5eYfeTjeAK!Nzoi3Y>-TwJ^yi2lsj;EKzoGJNOo z$wD{2fLU6px+Ul=Gr*l}#4vFf_FG(yKe9X+*U*rw6=1Nkv zR$tx`4(N-}oJnP=N@RHlsgvnl2MXrN;pG;<49l@vC{S*!K-_*XQk58^5W?_wy;V7S z_hKyq`NV&tUCL$ti|ru&+C7%;UwzPrf%2vKulMPx-z!{>KUN! z2g_si8>|v8>uTs_ald*4jkM)Y&CRDD>Z9i$YC!2theZw8YAI*l*rEA*BqgE zaw9P6Y3+~|ScXt{R%4~+Q0y8OAGX4B5 zMJUv;vFKI*%F2p10f?NNQQ5|qN?;WD1h<@};CIG$@WQZEibI6wirkdZSa$1R0%L4` z8<&Zg_ih7A%K(1(Rt$*#N6P$t^t+iLbUuQU3sUnph2uu_**E90dE(MNK+Sr{w=!3s zpA&oG9GcG(zxH}lPdO|yZg@D9uXB)(8NQ5soL;%74iI&G9J1;A4*Hl|)AgD@Ij07` z5n~QPo`ti?pgDutZ0c5KnUcrV-$Ewcsiog}YA%2MW)B7(+QFtHkH8@M*bi*@Q8)T%P_*f25h~d~Zp#aq|+6D@F8mE^j zIVJ~${fxtqVu!J~)b;V)2o>kVg?tx60jxGzY+^5m$*QA+FUn)QoXQ_E4a!Hr;-ws` z!Q}%8WGh;Td+GM2GHYX#YhZ67K0YuH_Lf zf`cgmwQLt*!Y0zyrif>AhuNis#%H_nsDpwpt?t@xm>0w1s0{`ETBphz;yU3>t#j4L z&d1;>xQi zO}xX-6Q4Shr0?~cW&{Uc9dsDKv}gGa$liIqbE&hF>{g!x^^o;Cak*j*Mcnw9Z{OP& zc{vWgTQxQI-=jIJi0=VP8fBm!4>4fYe5jW zfr%>KE#`M)r)MlIzf~c3iVr68=isRPo}|@Oz>tgBW|sKvC42irgVu9;Mi(HyBg->s z%y%AwXsSbI8XPgOX8vITtr5C~Q%`Ph{nELh74_9Qn_kXNorm$}LG z?;b9N_I%Sq1$6lEIALg({dYE*FmxO$eJU zH;syj>a&m9HDP|;IxTk#7pkpMaW1lDSebs_b1E*_?fDMy26d5cQBi&KO5>-($OTDu zZ`2#CSIrGLcHGp$XS+ljLP(&CC<3l8@xG&6NjY>l%>~9E<*IGjA4~8_yps}q$vai; zHSjwrO4d33oe&iqIsecK6SMflfNR5g6*)!Y9yI)AyCu=B$Wkxmkpvfj?~QA8JdaJG zCt{x79U}UWCu_FbYJra8LPBv8A}XcNOeyr7XPk7Yrpq~r_TMB#-nE{Nb*sg;)sQg6 z_eJaJr|8$*ztni2d{MwP=nHL^;S^*j$z1JdB7LyK$Nll-v^}is_R+iX%4#+hV+?0u zAtGaGd1?Y<8&-`!!yGG~;d_ildzX!mmktumH&pi3Cmk(>H`;}uU<2iU` z(*u4|w6Nz1?XM0eo#>IDseL^1?yH*cuYnOOG<&?Rwqf$d@w1ZA2}FfcuT0U;z2s$| z9N)RuE7h_gM=6U@u;?amy*%SUA{tRJdFLP2kjVUBG2OD50)C1SW!ym{((X!%^J!u3 ze3*kTwB^>r3_YM+4m{Anv^I(&%1KS~)NjdYjs>p2%s8hM3ePElz*JEaq@LGa_(0r5 z!r5`8GO3~ZrYTR&*%?syXDh7_cL^>^S#5&%M|HcJU)-z^O)(7tX;yftjF0 zfG@Q!#Qak~Tl8{OgEM$Tn`Xo_9$81d8ZF$YZxtyf1(+=)vr3}N!#a+9v{+797s(9r z?eRL(Y^Vv*L0)yY`4qnq&l^XdE3OXm$xabuAN`GiV!`QwI=ErFPy2zWAGcWE{6$q5 z(I^i(&cmMn#b0t~r!88y(u#gAAGm`g(1YvY0$yDHz))1?Hcs zY}>#H^wyb4vpd|$p?_x=3J2qV~D{1k;26GSbD-@~RFu}VQpw`yvocv&yoJf)q_#r}7Z*+ltGBwt-S~6Ku z$RiI6b^TBd$ZPR<;~NRvvU#6Za(3mMrte+*tAClAb*tugm2__uc#P4}7>l{0#^#ii zi-cY9oz~Vhe*XmdOR2@ym^i8e>HD#e_kBRC%{kHu(S>`6IC3W?Nyz!JaUi_Xh+0Q+yy`0aj)Cn;(2}kJU5&u(E@__~BdLklVKj_uNhF1$fpo}w zI-HH+Z<7eAMear}$LUOxVpE`_$yU1-FFx(Uzr^wVOB%L!%_UZwwdK+u4fsYzcQU?v zF+pNVEn;p4A6ya)i9S^y51uzHkZNC88beZ@$pn337S`P0TlD=QS7>cUk-!fLn(npF zA|)TnOoViE)%MEH+$Z;*qMf%BTvgPSzl2xc6jZ3JuC58aL^_ELSS-c}Prd6Y#uiH` zrd)=0tyuO(aB9{2Zh*NT93U_)oR60e60K-yHpY;`dgO95XSEw~O06!GSFmC~4+~Z* z0OP)%7%i632E@B}4+f1aNNm^?;kk}lqzE^4!_j)=OY`T>l{A0lH~b&Kg8x~hBPnK3 z_(i`Fau%wiF(E7O6(_V)lEoG~e29GEi(w(b;OV!;NylfY&8m0!5fn*$Uesb==tHXC z)B}^vqk`BI5&(bya#U)iOrYz2gp<0m56aRyw|CyN%91b|8Q0Oukm|k+PkBOWu`3p7 zH@Nyn7V1?M9CR&@f#Gv4^%ge4D1o0u?{p&R4n8i)uLTo~rU>q5{f~bq+1$5m_*Z_n z-~S8G@u#mmy-s1F%1{ft;FuBZ8~#pPO>=li1&)DE_Qx3|AdsfM@%@rq z1}7`8LhY+VCQO6yO9=IPlC&(TO!9D8>z1mL`ufgo*L@mI{de4s6%}8>E?WS>E#*i-~aRf zE1S+}qoT&*Bs|(SF++EK;y>}Hzqi4~OVbnnYh3;URQ`3C{@&Z3BrRR3kh9G z$dUHDK|^-iIK_K#r(@Sr@6}da@bE;|1J75$MtWdMe?7U{r3$0XBhuB$NSF$`R}#yr&s@3Apcn)|1f&{&jR_+ z0{PDZ`8R@>|7VpKJ~lY@_)Z9@t4mGH`{RKjSaHmxS6o2AI+Jvma5O% z;vU^J`P*^-o0a+h{|hek93#c7N?^`uuw6X2E7nm|=LI;Qnwvw+!ss^Vzhz_|6t5Ha zhuLK;j%Pj^g4YyZ@Xsmt|L;8iuW9k$^%A$VNCnYL2OC?>-Wux$5)0tWn)_a>rspyx zsWTVIYMvB;*1jbC5qMg(^Jgilzs>#skC!&Pe)Z`^hnH>kuzB~=M(rsHT<_|9rht!D z^db%O4YYw_3Wv0)pvVQYBBX0(uA2Q(&rkJ4!Cb{4`9i0noqww7^FK%U>F0|*WVhP+ zo0Niyl7?gRl;`^U!o2QF{i%%ne(*{Pw7q@2W%h|k^-RqA@|)T=mVqPpMxb#~QD(`z z3si>RtJ1$y*xQ0)SnG-w*9TCVh8PYuwjIGcQ?0~0^JAaYU(B{3AP&;hb@uPf@?**# zvV^aXswia=&xKy{TirBe#g7M&fo3sU72a$t4?HSr)k;U}T#LF1xfR&bl=01g-L9Kq z`~_xK5>sJ065~~5klfKk@yqqAW{9LH6G&pg5ly($&*A; zph0C}!aoK&f4heNp58qb(%w~d0PJNKe{B{1>~k_k&@^@c7b+{N1rN#PO$F?oz@xxD=7%yD|@c`!R zI(v__Z#S26TBIip$}>1B2Xf;WAM-K~XBSG~(6Jh{x1$A__<$V7&h?QaU*{@qmo)XW zI<6hV0Bq_WM1Q#OcIi~Ik+vZ}bY~|0fGOG(dgfTs4_)KY6>+Ps+mb%rT(QWym*UGw(&BAZz%I~`Xu3{M|84#ApjRm-?%llEi%*Zn5_cX>My8t zo6P!%a)aUj4XS1Wk{a_Vi*%-Z9+9c3Ta{>2pBJH89-I1{U4?gzfue+6_wlE? z?uyQ*GbyjY<$Zls55WDdd5MSWSn}lGohcH zm$rMI20pvX6C{N%-T25?_gIB1_xW5j!poHVy=}W z7Yj?Svs#m>Nblf+_XVfl8R-w~SmK6DF`B?7mE6VZK8Qyh@B1uo9D93oDC@Ua`ghIC z2@u(&y7a`<7}7Po|y=HN2Pqjwc=I89QM9Vd}%M}TLOwMj*PK> z&6_+*L!G_R+D~+>D;&pU-BcQJb1 zMzmxxUjVJ5Jpldrnh+<_5p1LOR6;z%bCD&amRDxsD5ihi^ZNPGbC3-w?QOrc*cN#5 z@L9(hr@^Gmx$-r^<9*9U{*c;KyGF`R5USq5_ZSB6^BRa0Ev|nP$d2pl#fRYoO*g-Y zN>44&fLINqs6vwk?%ot)lE9e68_XJxKW!ST+23L8T@#|x;(5ZOSU>PbN3iEEOLDd# zN9654lE7~hMW`K`Nn6db+8rIEX%Hc+L9oR({q_q^2{&BK)X^$g2blXQ`M+W6sW0)4 zR+rfnwjuS;rB5?jhbmKl;I!!Ko|@}byr_5k^rGA=F$JOO8aIdQ!rF=XoK?nO-7bPl z-le3>l&(-$i_*hPY=YKKB`+^^z-b?%3oi}m7l2leGwN)CkVXN;Y;Ikc3H(t z%zbXsZol{&5%WJb$tcYnrXu5KekLQoHnem57lP0Uzb$1H z8g>og>kh(V(bi2Z+3&{LIFXqTAT~$iS8O4QO!g4mm%=IWhN4v0uE;yF)fOt8`&Q1A zMqZZAZ3R^RdgRB3tw7tO8frH2*Vm|SxIYLp799pkp!KYu!oEn`>qUp(65+{9w`hv2 z+l}VLZi^U|otI=AzLFYH4DmHp#j%nfM*bTdArc4(W~Q_6t-+p8uO(|aHH*1e`DmA za@q@=nU+dY)4gyreAn9!W0@MoPCB?DiZ%S%>x9e5KK!TMM&6Zlhh6p9li36_O)UmZU++qV;>j(Lnos8@YmD{Pa73GtbbkTYOnZ~n_oibbQ?&4e8@sH_Y%{V{w z2kAq%;Jgc39K)E!r!<;X>em>x#6g;gL}Ge6d)wV5YIyADDA^J_4NWLg3qVmeY``GD%f>@FsLEj;4T&RbuF-HCE`)Ie31fE@MjrhcO zobJH-I{QhIgvst8Ij_glTGd;kNQropjE$%#%*<(Q!0lwy5At2%Pp-nFh@`z@!)g1# z7WdrTU*gQ1upoThVQKzQz)&Lg0k6cOQ8)QTbK(}k+f0ofpt_}I2 zaVM)|4%anXFL9irVf=(gdV}JjZ2WB*>2n4JCBW@U>~Wn$aedG6$zbX;H7hl&Z?n=K z+iY2fB&N|fw%DX`sD)Zu$Ee|nH!T~2)>nJZc1x+?4ps94ag$k~!9FFq|31Zy<2vh= z#kSodc%JJ*zr6MVyY$&77dO`{!h@4Xr#k_@QQw~+Tk#>j(oL005(Qv`n*J8mgIlA- zl=J7+Z=|_2AU+&+?B-E`w}K1J2S;HV8?G-4M7a>IB^FyB9WAo#2KFQl_721F%iWn9 z#rdHl9)IAPBNkLx9C+rh-fl!c+Bloj(_5IY)9I}qIe5jXJ-{Zg#!nX%br*WLs(N_3 zAM&q@1Hbf0 z(C}7zXhnZ;oYV7k9M;np1y}}boxL5~G5>PqR~o9mE>#H?YS=C5>x(Z=DX3pGE;A%E zt6!z5dX{rP$A0rxg)=kN6;&P0RLBFvaVYJ#e44Sg)*6j8F{n~xni$tOWM&7BPcvKz z6Y~O@6DzG$hb`pCU)?7(KQ!?UI`?rYdTu3SkBUj2Nv>tly&M(zu3ak7jn{E+&$A_t zE@EQ&!RFZ>DG+XPlWHOm+)pA-QEnR#yj)fm&kqo$%G$<0S)E_i>)awl(U_T{edDIj z=M%N3{;pF}w|xd@rR68o0acPi=bR-MmR3kgik*GHOc7Ne|GqKZRAsh`ise>#feGuc z#f#ZgPCj$GOTPml4jD4D$n$GSdon^ThIIELuodyyV(7^`_FI{*+(HLs>Vgy|`;`<1 zK`*&Gd^)Cm=b|s~$(Whb+2I1U1#D(N&ol{p-S4ct|6#iT@Z!bh=|Oy=!26UJjh?Ai z4vM!eZ6?XFoOJ-B=Y^sXQ7KR28;>|Wj~7}rJx}9a5N5rgu`hnNpkAu*^R;fIdQH5Q z?Kqx$yo{ZKYVmXAc}gCcGe-DM)>NWBDgpgnnv@|B?O!Vh&%9RI4$<;x;#}#ea&he!^B*OJl<~}!|w|R1g z06R8R+ZJVSa+q%0c)o#d8D}0$v3Aw-LvLMB*!y55JKwgF;5E1*mP-jUxZqsqv~DCf zYK@MIYAPc%xS$-Pp2f0{oAt1<++;T4v+@NR7Nv}0C*kA5itw5Ix=tP{3>{|Tu6rTS z0vXy|ZDw)YpshV4+5YT@lpK;)vI_g58CRYr$k}RZ8}W_sE;9lMW9(qc4| zoDqTgJyH@MUQGYUJH}@|MppjOB{4wiFfmXu@+lUKj;)hBA_POu;CZ(A7 zT;)lmo5$yYn_pKYI80J!q%*~ZclZ9P1#l0ydDLGdjmC=%P=xXJ9PE8kvAyj6urO@x zf(i!#0vG5oYIPIbac{<9(}&>&l(~m0S$AQpXi| z#I7*Do82hxyxcbQ1ZS9cXczG!LRZ5QoML_CJ1xG`ikV>%!Qp79zd(=Y9u@$jq_!FX zPYlJs~Y= zY3kEi-E^=I0BPjbP6pcAu*LG#v>eFXV1-o)No%^1cMw@e$R5XFV#`}bMBb0TLY_G( z!&iKdRp816k>)q}9yGzCVLaLlXVWdpf%HI$ zs`SCjTW+|a^mzzsYyqn3qPoK$v*`&LcXw47r^gk)$~#1x)=piRAz*isF44E0_ey~- zm+WY45t`*MaPlfe@}3vL?QtUM8)4uFs=o_?SI9Q8n3tKkOSNx(n#2=winr9?<$a@R z%iDMm#RIe-*O~$iC(3=*Hu)m@ARFz`yS|QnLA6yy);`s!*!4$K#dC9y3Q?D6$}4D5 za=(^eejL~xp0}EY5alFtGTYtcA0)M}jKV1J8v( zjm2?O4;h{!twQr3<&4b6+tc@hruUtg9UVB#t zY!}A^ye*^v-A)I!vt*yVl8a-u&n4We%?#XNVO^>facd~{i+k0`l~Yrq)_NXRSCg%{ zc!ClLj%1fm?%MFo+c&D6Uyi)G2CZ6R0$2-05B($bro9c+ZMvk&CTJE)gPfA%z+|(Buvk1&!TV>rMiETFS`XrWOl@ct z=|z)U2|rLfEXPo_*^;(@0}(+a4FwkMa>9%$&N(c z*NL;+elB}Y?C~A?t9oQ$ajZ0#_rYP4+ivZI+Ffn}(N6!tX3C_1oyJ)IWMZ8C2RNWn z4K@@XZ)sCx*KgpPJ_qwx;s?38St`7G@>|@glm$OoJXN+DZOHu=7E1TghpUkyIGb{_m`in?tW*1ym%LL)GM?$y4u)g2 z+Z5f+V2i)TU*6ZGW|fewIxQLE@zN3B^F~$PG%1F}vX*2Ld|@6(IHFeH;)u*4QxRAF z%+-?}Q4=w4>F2BhH4*yds3gbEO7ovr*pBL6s-x}VWJOtXWP*EYDi@SniqDR-@vt(U zua|S>0v@&`ww?zRj@N~NH8#fZx=<&1zO|uFojb#rag0rQ)_Ez+op$E)wKMJ^%trP* zWy{WAb513h#)CS-FzY%Q<|(MN9Pi}UG0ZW|Tp zXUP_R+WB=Y9I=oIcw9}i!{)esa2)q4a(NIl@pE6U_(~axZtwr)<@zYI;zNctDVM5ysjS6I5bOA78mh63I8yzLo-9F%UFA2FHgj>) z>U`wTxzdeirrf-MCsDcy<#t1@JlX2(E{x~ts^dVARmZ2!xKQr##gZuEXG#(MNfHg7 zXK0B>?@PeTd;Y>OMtK@n&?^tOn3+n|$)|j7*(bbgNNk;nm&jX&DKe2)Y3j}sGaj*e zA{OW6HAqGK2%+@#?XNmAKk9>*CKc|4*ENa`u%L>Xz}tpTUlo$I3nnG@(I9~2Px<^r z<}Q8hf9|{7T)(T)6n&bLcPE4;cU-52tl2sKiLfHq(aAWv2q5m#8SusaiaAx!E)%O2 zLTW*zSy3ZYIOQ<#+)6!lkw)wm>x6Y8baS~4#bwwXbok+QFqcMN!kV`?p*KE#3%wzd zy6?OcJ=j{_-_GRFO>=yLdZSG$Ge7)*h}-EF(9!GNOL*^p7{9li!oYfCJhFW2BX*va0b;<5=liR5wKr+s>H-IuvN-jjYVOct5>srtAokr;>R+O zqJZx5>Qe~~@ZYRT|puLtezq#D9H5&!Uq;-}?sH1PUhxSztaRZf4Wvyik8oC_uQ)J?tdXl85-#E)0=QwCrg1<3r>>U9x3WPZ+(DxZ*tGSL|m(sitOaT$vCTXv4kpf)`g0t zy4W$!5t3(h=*i#kRI5 zTNf>{CPkMP7A>5+)1rIy$!3$6gx~&v!uHR85ut!qo^fy1v#gJJrgW1S=ghX+;pvu!lo@jVxc;@vkcj^?vTYOLm8MR4x(C5Rzv^U&2} z^%zQ0`ZAk^&UV9oL`o4)EDSA|M^|@^n@ZbU_8Z+MK#|_YTk$HyloxMb;!MvvqBkd6g6zgGgpRYf8Qqn?T zoJsOPuJRfQa=+%k%ANIUCoa%4Ce9yX`93Wif%ZWtHz}+f*BKz3bO+J4I{}oZ2yDZ? zk%TL1c{0cC#2l5B6G2a}aI+_W{sZo3ZJT9oT|bvKH=m~jcoKI47#Mleho_1!TMK!& zIFD*mtz6-g@CWES>TAyPrf)gzAP1JK!@TJ0s7Wi-@k`9hioF zkJrCZwkub|NALKY*<0hFmD0DTV}SQr&qjqQrgl!p(|lflx6`rlGakq5&Kg0%QZ;ve z)JjqMt6mJU>p*JKX!>|`6mHugR{=D&4Nn+vnaS=R25N#yN9t9YOZM~9$1wo?s=8J! zJA=|I%wN@1nX~LPGc%vKXLCRLp`)K8yRGLSWB+($^SQ{kN=o!$7&`{pZ4KkvIGH{WTd*!B6b$M`&@c;aaeUrg*dPI6KloJMnstvu6562+1Z ze=@l9IF&6(8ZerjKO2zBCYkNGZO%YrT&YRp8%=;|L|us`V)MgyW$%e5^KM&-+D=9) zn`-J`ExlWR7;=?ej%&Y;-4ZY3emNR&!u_O-(<8_UE#TVp(T^WK$=-y$5DH?*G6E+33Awe9#<41lWcO&&&S)%ENLy|I3N-X!5x zrNrj~DDrlbw>)H98rCPD5l=S?{V*<>#BrQ%D1wR-xi{p@VoAV>Dhx6ZX25ZAF2RiJ zowPN;?YZ<;CNXvcY2O5*S&5%7+VTF-z9`^5TDN4j21jq6EXiZ}xM&il9eZ z4?X3AHET67)7zH@vj zec1@&Mn3-G>Qdgw?(NX>q8bdC20~f27XcuqJ$Iw2hVxwqvp0>$aS=;WNZ?IY;hzjm z@)fiZJ5xM7hKENCDp^woGhVNxj^H2xP|;PVw*01ZD!pJyU7l@zkpuYhr1dn#P8@&A z1|!?IsL5va$_-K0kS+!Zw}}?ojYn*_33Hf!?c1ioDok*jgU{Uf?C*lWb>8bfzrxeH zi|$;TC~s$^PAHzB%%?m`9SJ+Rh6U)n&2F(2>O5;$*Wph#t90$Yx$?08PJ(?4dQigU zBs}+y^!G$+a2L(D@^7d(k;9`BJASz`0P8kW6SIJ~S3XlGKN`cUpq{$x_31dif=mYH zi?>xhGBxai1}^jz;K3V>UL(eXyzHY3k6O&C%q7tn#O&7&u0an`6>LxeAf?giG}me; zOi1Q{xIn7Zk3Ms{v7T-{dA{jx*2&&JZyL1nC-@_Ta;nDB=Xlu_{q%k9Hvj|5eed-= z14WX>r20?UOY0(W{mBbC4H~s#O_Qx3-hTfBO+jS@pS9e0M(3~RKiNvgkZj#CwA|RA za--MHI#t4cBKdVEc%DCnzAxNXpUU`BlLyRDr>RK%S7hv=V0Cc*%#U@sip*C=72)!U z-$XFpECP!rKX=Df*Taq7NNj>R`(WAN<=*9*9oD7Ojl;kP{fP9C(Y6$CDY@Xc)#2Ht zn^RCdL5YWSKV4u)?9Ov@m^<*xb$&FMg#iCSo8@rJbW>=CNpsp#?}Jm!lJj1YJGxjA z?sDGj;W{Ba*NYF`=7A}1Ld@vkJwNEnWMxL5@l`Dt)4D~gO>C0Eo^DAA6SfdP+@h+1+Y>4OLnRe5a3~yA-mORp13*XVwsr%BSubt zg$sWkiIw(z6TCj!-eB1oz)*J>^y*A-;ED}7^z4RK%NgjG)Vah!(gBpceoL+Pt`GEJ z{)2uoc|=7{K??$QWi3}Bb-6y|#l0aFe=QJq6P>*H*3@>YTWfmp#FaP6)y^5*$oIP> zfxIn%`kfM*MOEFebf^s1!p$P!H%mypC`h<>9e{3U`h0|nUd7e;pKl3z2a{}K3c6?M z;lhLp3r3dVgH8wRqhwT^eTM0Uk*~=7f84vi&LW|Q21TN+t1c0R*D0+E&GQ&|lh(=} z2AcHhSZh1ysorwbC>}TCQz7;D-xha79#>##x%qCwvMib4j6KUi52_VUy4el*>4n~@ z*n6s8;6tCRzN7JNddRp)*g{FyKn(MA)#6ugB|sOZ2^IGneO!pss~gY)zksU zktulaw~42=alG$mLgnUeF0An}H9;nQL670O{HbNKLn*P@d2p^`Uo?qh;JUEBeLd36 zqA%b+*811BIXuhd*A*J-v2bb@9!+if^#VI)2GHlnq}`Om@1+%mo4-v0BtOCvtuj?YtK2@H@X z@swP^h)Ui;uv9GvC2K8${bsZ}TR~jI)<#3K!{FYw7@%^WhiXA{K+i_@nPCHx;c21` zn*q+Fa_87vj%o!~=1 zMKPKg`R-I&Te1~zvWU(&skH?bHB~O_TfHFq*pGjAn=XIf%){XsiexP_DsE;>v)7kl zH>$gLB0jDW#KZ(7(~cJ9X#ySRqiv>JJ?%@~1FjmsV;96T#8nqewuvN@KKC+GITD z$8FQ2gLr5<1RXTOEA0mJW@-}h#+30yf~kCPA0Ci7>{drt0{RpWb1ogSAqELc+9d)I z`v*m+nj;ahLWHrWhgE@h5~BN^xWE@~#@U1?*WtXVVen6XZSv+s`~3eWBuO597NJ|~3e<5xEomle+E7hJ#RDv3|y z_K~y@ygMD{TbqYn9Q2R0`$Ir~OVVC7JPcs2qbV`2ef~a<`#e$)S>c$i(3_exv@=jT zeyV?R3cIv39du`FG;`G0(`>+rSZyjv$Suh=ZTZ8EbA^IXx1gL;OFtppa&9y^u<*7y zI;?W|j!m41T^hF=1SS7;&35i6E6=HzM6wEeWwvVO5!3J?3JJu?kYp=vGL5=P>;<*e zMP!J4$v}$<=Gtkb+lud*JxcX;R!N>NEF9~XtuY~i{iYQ*r6))g_(#F&UpfGqc7Dmz z&o3%%Yr=;)+Gqz3+;`O@v`pGcL={+C#t~fcy+I6N7P|W;(mO+!2BdEEzxd^wh8)My~3e_Qgbj)^b%X2?fMT`!|>@B~^cl;@E(O~(t z`&&Rkq-d!@RtGF%i0T(3ybEpZDVM`^BI>JJ@S*|`Xs_QUfNE0nA(>x$#`St{U2p#l z_cao&=%>Gc8?`SKewNY-B^d=nlTCzZaegumT8$ftPP*I4K*g8A@uk2I04Bs&R?J9% z4^}SkoMh21ZG^g>^}tn9{C`rA@xrQ5aAlfXw5EO!CNOXtR*^47i zXf&4zeJJ+tsh)@cf1{UQKpR*R0O{Wyw=d4x840MNiB9&6fz4lL?nK2w_3k!3j<(PL zMN30gZ2@1df&J9h*8v_&T51LmdMr)#+-9lj+usw_H6Gr&bTGZ7Ok+sdJy`7tI#t%%a-n2GofO1$g{9K%0rZ93GTJxJ{MUa9y69AQP?57;qXVPayi{+1~ge>_R5R#2ldMF z?a{HhWZY&qxK9svO(Nu0uBZghLh4w2zFzHD64MB&dJ)U=RIkkTghaXh8r=x~E}B=8 zJm_S49-BuGlE33)mP(9q@GoWN%jb6^Da;(bfqX_2DDI5|pJvkl=*uR)2$2*eLzpgl z?k|@($cJ7QderI5)AatGN|;n_@6-JnKRQ-qP{41#oQRjPQ= z4+mV}p*Q0TrCFE@mCk^xsSs>1+#>x23{Z~um97cFe)Q#S=TTA;t0sL8G~cRbOJ8?V z?E4-ZMZT_D>J1jP?T%E$O@5?u8z|pxg9{h!?Fg=PgptybrzbDa^znc61d+FDGc-oK z%Lm^yYWnbYbY4`5H4WAUNF)?nd~)qyRjZIM&=>!1Ca0^R4Qo7XNpD-CWG>ckRD@%0 zU|cG(5LC6i@7Z9t7aBE3$!@sZ9GKLJ82qGbBl1IaFw+8~kV<*(Izv|F88RqlFZ~>ZV?~coH3+b>w(ak<1!*R2l^K#J$NkP1dGg1k zn)pb}j(o2@|0eSvGH3Ha=QVe$nd}JVxyyS&b+s>Z5G%5Y7fPg{L+NZqgxlilpyguP zbU?Si$E!iUrhMLnUdPd*=Mm=wHnGQy#jIr$uEh8>uLpKWc{XrA_(OfhW7eM&K^i6k zkT|P4(_1}K@>nwdOW}S@enlh`HUM=7k=If~&&+?+TJwFBk`)Q~2pFtZOtP16uQ5v(EnGT;kE zR9~xouq=KrWyt;R0*mhFdsz_S0fg4WDY1qzmTLm%_~~bOYn0|?x)XjnwdnD_q9v_( zxG7Mi7nk08zpbiRwYA3ANh_#l0)%Jr*PIZ-l?_S*Cc5aIYU;GlMEM`yrAvkY-Ph6CQWG?b*Zo?J&P$P zzKA}g>sQy=%ILR7z4BdhrTi(JQNQE3>X-A1MXO65u|a;6*<&@I_+$`z&EsKOz>XiI zig{foT-;_GVsPCyO<#%Sy^VlMYEHAj5GO zZlNXEvKGf_zGqNi+EV3R)?7sXY^QH~Ugj{htoeG{67H&zxIonS0)!l+2ac55fVwuliYtUv6TzKsrJRx)2XPLaK=~W96V5o>Et4v5!4FT=&AhV z3|Q!U$Z{p&EaJIt3nlhYMd?!ajdRCe>*W?9(uSFBCM%F}a+GLU47AqoO$(voZixM( z{e9buy7fl^dk(1CKgj9J7t&zVZbre^Kp^0LP)Y^PN4K~mmNjU+vKqBA1nq$FGU0{= zlJrw`ig%_c5{#HjUJVnb1OoK#6UDFx3=$`Gl-G}{Ji~{1@^(Tg&FT(W`c7f?Lw+rm zY)m|g6I3?|WuyDkrLm+0jpM`NWcSjTyEK6?vy6In_M7#e#Z10ZkV->tCHwU)3Fk7y zu*TUU1&j>ym|#fjRK-(_D}!!nkhJWU1c^K_)Kw_Y`xsG;EVv$yW?g|6-Y9v zvnjOD&Az>ntraq`$)-iC{Q1BzM?1cBAHG)JS9(#qtO#>%^8?xqypNJ{D^g-1l~uCZ zNC%b#k)LgEs4V8Br$ifz%A`Kp5OQ9Gin++1$p}*Tx}NDBy3=XIbS}`le^$|v-n|s{ zQe#Tz1nY`?+&d*V!h5#i3XCDOb08ws*0^RB-6eM7s@zz0d3F>^l{Kc)ybwAuMZ`|G zqrCRUr7%*xgdHn+>(2W@@!O~#wkEne!*`pQLRHW2|-@M(o6g!3qS&VaXjTEx`K@-)~d>M!m zQM8j=-!o?|u=>FQDBU)M(g?{6T&+$1UZ5O|KBzDk4f(UOgxHPk8Kddk9~yke#rp@S zl2>Aqdfu?k0+tT)QtO|ZSaF|_vd^pUC>*FSIjUYb7 z9q@G^39STVR)y>Kh6=ke*vYzPrE5V0GiR0(E^TJQ@b+9Ej^V1a|H?1jV!XNB(58oc zMHT0{+o92{I(g=~b$D|i>(r26a)U;4i>|REoIH+gjotSMR$X>s%~B4 zi_ODc->5S`YAO$-hDSHb4=3m7=fc0A`6v-yJc_bJS)ym@Nw@{n;S1F@Cl+fyqidps zrn}#_l=iGUcv+8E>8=nU9lR^>E30%mPP;AG1F7ne$iT508g#{Aqcf>X#`_|Q>&mYy^_xv`k{zL`OilJs z@bLC_+mZ3|pxnse$t1B9mSzj>c6OOCg(iv#e>+6v>L2&lJV?DY?KOFp=DeS~>!BMM z-e@Z7Vytiw`Nz(BB{6+f@DBe*{@C!Jvd8&T#>BYD_Uu-B9|<4*6LjnKYXLQa^9qd= zM?7ZO9sSJqMtPbK&idy(fhmCN)#gMzds1{W8*=@&ZbJNa9tZ!?i|L{XBIaqTw5y)) zfpr3ZAcm5L_QO0^9sqXkuKMId;^BuP1<9IIwSD>;nSLq~-)Zv8{LqamH?5zJ5b0?O z5+Jcols*bPw?9%ESS51df=W+MV4dDlZ!g@EKIzgtT(Ms1b7JG1Vu0BlvW3x(Z{emkCbvoP@W!Rp=n)(Ee7AYKpMZPpJTLDcprW< zP*&R^x9OLMyVeRmZ$*SeJn!e7%rZf|**xC045y{UwGw9 zce`zC6xjFQNF#alUQjl~ak-*FI#)bFg08P1~prlp5RP;H!6Zo@(_4 zt$24_7E*@2p|6R*t`BPe#LX^Vpqh~{pT(3N?KI+gH$Wu&(N|--=~QfFcG)i zVAJ@MLQPMLALUJbLMiDS9dFh;YEhNt0YYUQHS-RqaRH=P!cT2 z%V^_Vvr*-25R9!QzF#t5a<#R)3J`Jef02kxwew_E$K~X)#}c6lk+%*xgGiG{H_Q_g5yIz`O$jSwc2=XsA zpM-DjN{xt4H&U+XSYtBE2XZAD6yp1qDj_P%eR6;89Q@SE)v z-z;N;fUYcD=vEI7J|l&}Q9>4#G|57y!HRhtUsT&E-V^O=4Y}hQ+~su18UPgy4hgsyz- z19;=^*h>1Iz?UvV(aGvR0S#X_MLU{bQ_uk&Fi@#m*M_EYn8`}?W~ZaqhZ@dhW8^;u zQ`UNF^s_z0knqEjX6I7*JBUp`??z;mEuH%9yV+s)F(o3rwf!SJJ}c+0c-6IvjRVv3 zsQ^bjk-vXmK)w-+k$9{Ch2&6=dy|Ls{fRJXao-=f6L(C? zF2iUbtYtUXpIN<9dh2m(8s^$7as6P!W}KD4#Bv`7XJ+j+xI-$fVw+YdSwIK6Q3KzA zu2?*~6pat`q%K=@iHb@dCb)ZFKVb%65#{Lx-o;n$;77hX;@1nF9F}>P^$u=iI`hK_ z2bXas-yX9(I{2CO#;tc^-!p=QXp;&;*&nX5^Ei7LdIvMrr|0vXySPV~A&OInG0{V9 zM%UrklRnpse8kIqqgZscAeWjOXwXUqM#t4A|Ne@ zNRi${3!q4m7J3W4g#aPcgr0Bd-uLr9W#7v4=R4lxc>SY5)~w82bCq+hHa64&--nqe zPju{quF7-CR|vsojq1sEnrsK+!4jWvYJoeoxu%tR8FmBA)er3l!zHV~*f-#Y={|<> zj(Dfn^#L}k1tV|NsXoN{;~@$Ng5CBfs?{X&P8B=z16#Ek5m z%ng3O$b-=u%`3R&(IwI22F58Vl1p^Wwjk0|OhDFky&`zU-*dZSS?XgDqwi=D3mM0< z_=g4xh*GH?93wW1>q_-8ndeNz$cVWc0!gdO#YJ?Go8gLxQo`zLNWaN|T;ii)Hl&Ub z{%O!Diko+}C;i^2FqoD}%5(CWMSMA%WtF1F(up5Ue}Ho{(A4E%ANQ}NFNx2+En}n) zWS@D@D5Y4W%zcuNEAuc9hGD^@0cV#kOfv{?cK~Mv?Jb!)d?clqw!8}M;&aQXLQdJe zq9;p$<~h@OX%BE2Jou6M^1eSYAUQK0r)oPO$*U_wO;Wmd>d^0;Tk~D2 zOO)D>Wxs&A#+~)ir#DSBp2LxYEwIGYNdyGpbDLh3?K~67h3b4_ndOW9x0IwKNM7!h z7LJvy*AM90OKa{w-q?|dy+@s+bwAP)K9 z$$*gixlcg!q9R~pceT1sTbn;r1gv}Y3&~VWum3dUVaeobLRAahtH;`UP5e*>qaRMA zt@of?6!V=)Jc)z(t50WvdXAj)#H({6+sHnCt|W@d3QkrO74Ja!#@N_i4LW`wR8yg6 z*rK4^_S?(+#1P-b1Rmic*$sz%ZAe9uWQAm^k2d|ZA^7e?(H|xhezku z8X-$K>(S*h=f-m_4 zaAcHp1nZ^+Lzmf~*8#^cC=1?SJuYqxwA1P4)=2l+|MO?#!_~a7p~hZc$JuN=AIoos-Jwp-4$IPGelqQbmq19Rt&_}=t54~LFU_w8Xz+2O|PJD z>NW=fNL=tiiAjK`x)Ce)P{A!37q#N)_aw4@IcM+PQqx>EJjt0(q#aV}i%SVGf|j>s z^eb5oKOGjb-hJF5a#Lw2$prFqu>O0`KyWDVfi)hO22hQPPr8@I~*jMTVE-&GY;2CP0L8o33=UZdu@iK^4UyON&PTm668MasA(%<7; zrk!wc9Lj~XQjR}4oWJ!1xO>pZd*^WbTO`wAszHvBAeStt7G^^UJL%}>(1kr-J zVaDK!p57%7cwk1<>9&udU&r? z#J5HJ8ZXFnQmiRd)>7Yzkzkaa3_Qt6QWzDewDxp=H2)0qs=dou!d{x_EeHTsqogXv zSqA1l=OxxqE|#^OwF{|Vp#8jefG8&Zh#bkD94dB72R*Jv#L;&=F59a|2O;=b4C;l7 zD_u1pHX}EzzK2mzv5KFjq1O|Gs*W^-Ue1a0p`O(+YtK5RpN77Z|08u;PuAe7<#@a8 z)Ws^KjacewYdKO>R5q0t{R%9U?rkK*l7pjR+ z3-+r#S7Tt?5V~Q25Li+xcD$TmeV%ThK#vs`a4%FZFF#^5iyGN7c^@JrG;}7MUMPsd z`1U<7oM&sZA47ORra{s2lK~c~v1tZanb{$bX=cM+AnyWQ-Vk?kzs%bWxa+byhHfla zT5vU-4a}CKL3NoOlnvc%B8xHp{&>L|P9GJlR)45!bYr{&+&@lur>Q3biSK=25^XKCrA-g?{2CYjmvID{|__+9(Ia zVQY`eRPGBMG~7$~L4=ipvQA*e?WbVTp`I9`1?t52aB=J7*(UIgyHU`>z+y=$skh(P zqC6KK)}BA%xV(t%stY&FV+_@o&=R5uayTwo>SUZ&YbhFg^QSV4FR5EZFP)pfY3T|>Hm z7S~I6cgjJUr%T~`1YEcj0F=jRPTCHD>(~p7HQwPYDfxPopB$#BkJ!KAgGyOh%Kz1^ z)%VInBdyDZ19`^>UDP3GDfO4X!V5Y3P&FGX#ydaScYMxIrLln9%f%f`GJ|XC?|v<(6mAmB=oNjzTBkNe+J^dxe^ zfPBZcbD&qB#U_o{^`C)ywk|WX7olcF$yDo8#QRd{_@Z-D@x}p*`&V?+`T9s|wHjq= zR&6_ahKJ9K$LdW^HLwgk%PAyD2Py?o=0P2m0-mt7?s2)X;xknTh4s_Mdkmo^c?M@^ zid`&59oQM~@k|o;D`oXqOzh|1wLDzE&)XI68R-CW$vq(`FtA+xeK2_@`Scm@HWb~} zxGiCkiw8vE9hg$xz^LF~c>%7(J@yxd{$?Zht}h(l+#4R|v0XXA#!!xYNj|bSK~OLb zG#b1oAp<^5W90KK?tWLDe?E+(=SfwZsW?}jakDULCFAp(W&hjQP>Pja3#)pJE^JeIS*EufGj|8ft(bD+zqTOhzl1F=Ysv6^gG8|=mvron;|uE zBHrB+x^qJJ3V}5A+au~;L}qV4bf)WmyAO7B;H;N*&eG!C+@jtQ!F#@bfcNJ_Q($~N-= zx)X>ulJgWkK6DT_36z!;(SOZSGIh;CZ<~N$CWLI2!D=D4h1~*VX0gHewiz6> zRZ3aSH^3)blJWfMu7CJdf4c^kq~28Mfu+lZFSicoG^OCO$5`^a0>h4nKOTLraX!7_ zg+W&`MekT{cC0;!t3gHo##f*Yu%X{TOp?}pC}8qMT%Mcz{gx0tHaS#I2bwCZ3XxSiaC$0l&xNLVgD4#*_>P5A zun&MlFfM88Lgxc*h~1jz=fS6#Xh}R9O2n3G*?JOL@fLI&7NUmsn3gv}{(5gj?B>gO z2c1Gnt{Mce=nC{Mr}@0hwvqt6-LxX$0*dzroG@NI94PMVpmoxYm+|v$^}z1g!kh-3 zR`iSNC(7EGpD*1b+`l^Eh8c*@n_JdQ0Om z^=1mM{@L2$UQPHLEv@m@r#5e~INB&kM;2Xoh(LMyQ>oBM-+oVb&z9$ zjbIXBD2NYMlEal(_)i%*uCiPi*z3A*K37jcc<-eypXQ(@10-zmHY-FtoXBGtBP3O~r!?(Rpg zzofiSWzrgJxjdiDgX13G&509uM>Uw=@_-}?3#Smbd~1CDUX(X3&X)Rp{nugP22jy* znG84up{lKFNAiYOcx&78e7gn{?Kzm3?Ng)5z+S_?r?2-(pNOp$Q4O|<(2?((A-}9f zeDUp&wUc4ey(9P}H^i+p zA#RS#v+b5^^3_hgrq6VcS!)fqJ0u1^id60p;f7nzC z-S~3F=k75!bX0`2A~@|!9G**q1>OoRdR()g*zx&T-gJKZU2+ZTp=+e3d()c57K7H) z3Kxp-&s&$^)1J}-eV+989D2YpE-XQ=BriYF>kb?3Y2e1iyTNzcQ10LfIK3v&rGzf( zh8bJ%1&`7*1nIYVDVQ2qxztv9-qqfN$2&n>W^7o#nGBhw4C0u+;v||q;F{&CgBtSt z0jkP0#o9OdadMnV;0n#oa@WmaKP~VBJ*t}rMJKZGz0p8wk6ND|a2YXWv8=DxAZ0NL zj_zN5P+l+=p15rv$G;h}@+zLGMTv!e7G&aWAicL=p=I}^J9)9nndFIMSDU0*)!mH6 z2+gG+`{CYe)F;S;fb5!9f_sG$ZF!k&+!$5Vi>*ktOue*jNjft31}o&CvXRq^1or_o z>-edL@Hxh@=JoKnxni--J-->hC40(3m$V0nM}mAL0%FnK*^RWHZq&)PifX3PVb2@p zKAIqNUUnNxeB=$(!G5#UXF|8X=LuCyTJxRKwO>{9PVq2Rv?nQ|U@ho7D9*JQ=3^)@ z&6B&LD0HDI2OP(~R*n=Q=X1+yGf(BvyAOKNGV7p+rPa+3Wjv5e2;si!ZQe}9OyXU% zo*;sWC>ff(jf%qn&S=ckjLGY_6bpJ*lSAe~TD@0ezn_ufeh;!RSYBqYgNb{*bucJX zj`Gs|NS0^x+|xh#BdW}D+5g#7*$gs#ybI|Qi>>Njr;toT)uagW2?I}h;zQr>i-nVh zv|r2IPVhFD!C>ShBUKoG=hlJux*K{d zA4g3WY!3-oX}P1XF7{VjgCe^-U)!NY%70@rBC@x{5>6SSW1}PE$5BTZ5g%ULy0V@{ zDR`KY(2qlB=FFBDrs7D6RSoMQEi=6j=AZ#KcAdpHcHu}s3~p#3r|P!9i9ybdl`zGL z=6D(Fh9%;YDcLf8hntdxA%4Ms$^a~G1B&R9~-t$PcW9Q%QROw zgMzf9W4i2R-Jv(q52bUuKsAGoJt%Kv#alt~k~nnEu0pejIEE4>ggxK*CN$5?bavZ% zO)^q8WAOe!d7(b|GHR_+=%ayR-UT+#VN2sp$k&x_<>Xsm?1NX~i9h-fO#fAOaAOu0 zyKuke&X0l`K*0}2cMDv-M!os`2?g!&YMt1LAki}#z|Bn%id^eL3KIRvNXx$S;^yy} zwQgv!O*RZINH{2K?7mOvE17%C(n8hjpjC2$DWP2Sj&CIx8_3XFug@^(q1C-9&k$- zhUPB@*bG$UdoC+L!ACpUn4nXcCpT{}U(?+o+AIkEKvqfjL-@wp@)`-0+BUC;eUxT-WX1G^?MlRQ#6N4$WqXfW) zZua9+uz19i11S*P0GxcdkQU)=?&#rOgFL`B6~EK5KWV0_84By}bQa6?}D& zxsn)A1f1X&CV)nqc-#bo-_K5kU5Y<`Wt2>m|C_9To$>y$hbK^tSxV8Pr2EFx<3|G> zYR(H=U#()!@kxi@>C8Ls)C0RAQR!#Z)75q*91q)#5(v+gCM;>wO92waYD!F0N zzqa%U<77E#sY&oRv!;$bqW;UtlO&SoTJvuojZ1(@?CJqmEl1s^Q#|qr`j96ilV2Ws z(*27&f4h{fW-_@wZ^?hpy?YmLENFV+6d}emCpo+Pg2tfUsyHy_KdnMmi8_m9=v35~ z%SR@LERI}@WH~vm1bC@>{+iQ3O_o_tCL>aO7P-4)FWauSXXU8xCN= zpRf2meg6>Zmm>Ak{{57{KZN>2s9!7MKRW8y^!X3d`G-({2=xn`@&B%-4N7f{JsPe( zxa>@*dXCXeG*xbc7pQ@~aEqDx6?~**q1pAXZwL35KAP!ynP!#l*2FO^c7p7Q<3^S; za7pIxfaHx;@`2@{ceU{KFPlB(Wyf&yql~0vj$9|d%xr_t$S^7dZoKR5`Ieey7< z;PeVhSc-`P50+-jg7+g%kvR0jn`{0<8~ytq zjv1Nl;J1$L(~q%}l41F}=%H!Aw0G!)y?+0#vMjXAqllacYsexw^$GVN&ux|~B)7UI z?huZA)H$XhOX4gmtpk$(J&gNHoQ@d-BRE#jX9uc zHw%?xey?d|KR_uWS;a+@rB<@cPkH4-uksHUXK$N8W^!E=Gtv}PdFjW>4u?y<+ghjh zWQWhaqfCdZN(s}Q?<=~7aa@9Reu4KJI~Czanc)TZ;kiE9Z9YXarA48cGm0HNk%&@9 z$13sAjoqpU4oMyr4zc`mp0ktlY1(BLbQ4iUVKike3Rna-N;7;^!%!`42VR;7LCyZ~ zRQy)eY?_!Yzh(q-BQ(PzHA5rroBCqPODzZS=BC)Dcc~TttvQBDoc?UE$uI75Q+seQL&yWEC?C@#=KoBzBln+KEYFS#?&<@pbI%ON(|P=xACNThOaDE4z0Tr#TKsX5l)VDO4-8bqs= zB{ps%uUs$EYcD^!zn~Gl`i0FU)wtR#ldakwd0tDu2|kiq?ULPWFT<6@d=bIuS0F5; zi%%4Ca5tz7uy9%Ya67nX^i6aau0KLgVtb|Z!*1ESxcy!9@u%S>Yb%mCn1K-}_B^|& zw|6Z*q|~lCqtu>|533TDl(t=15V31nEp$o> zM@iS2VbL>NQ|i7Maq|NI?XfYNwN7PL2_BUWRd7kiI(Dgdw-r2K92GDja|`KWb9f!@ z7(*yRTkEb^R0H+A6ALh;#}U0g9^{vn-8%qyqH9u{b}A#=tyLNuHre<5bmV>O$avjn z3)yUNbm2IH^VS%I&?5BrKXEP!^ywVGJ9KR)fJ#=_Vc{(9UcErU6;NvM8~WHNVZ2CTi613O1r z|3#ej+?Q{5iBh?4B+lIfbNzB2GHR?+yv7o1&qSmJJB*yFT{+h=Ds4S#gOUkixKSPH zK4Ea?gIGYaIMcDRX{I#Yr1CTj^g=-QAO5k12Jr-c$XZpPar>Uv>kLq!JTib+6PcCeeXAN zS%RA;+xi(wM~phr)XPdT?VB7rQG93P&E$|4tL;JEo2 zn0;rs^E3;0O2W9rR=d%cqP+xX7aT_`C3jSO@0ES#nY(jM8%-SAl>?;-UR;rcQA+K3 zb$TNI_n<4hEAw)C%X@^XtRs`Fk*S3VsXhJC zYTuc*C9*Rbi}TeWCOSLUspib}CwZ^Jv`|v~*)&TXtT$78#oa=^=t-KsP``^ow&AYbB`WLPV**Ypd0I?-#{_=QZx%X*u=#-z&9Iv>iW+r35UvS`SQUlnsT^VO~CU z^yk%=!y`O~Gd<5wJ4eY{@(qqAdVYU4!*jdME=BLu9+-C?WUNvs5s6%(sEYFQoM>kJ zJ=XrAwu|f6Sxx+GX53;{O_(m7Ut>R%@9mb3KP^tl?Ys;9cR3 z&0!OL?CpyzEz#6E|H`vH%NEn3uG#ywgN+m+FP`f)wQUhLWlfj(n*BbKd4d6XyLd#* z>)X4{$q;ndSjmIbFVt+cHF;b~x=DQv3go?)a&?V`Ks?{&-$MW`?DKNsOXaCYiVMz< zEbmW@UB462JwN9>iS=tviRYb(!CvapEsz)e1{}@wS;H(H>dN=?OC4}PdFzCpFDQFl zKAdEfLj1-#rFk*C({A!jqF}MPMGuBdW_aFxF1JQt9Q!cFK)nOkUbN9;yaaO;(Yn&I z-8UcC%Wt3ZAZO!!5v!Y}_=HAdgN57kueWn3ftoS#c@q}AQH`bc?n>*76g4>&RFfHmBDsO-{@Xxb#ii2>?aq)WpWa4lq1@PmGTz<*n-Z0PjqklH0vJqlm(q zB*?SbY^50m?Q%P*YS#tld-Q=Zyertxv$|3xz3IOD8uUx@F9g5(cbiwDvXYqjvj?S8 zc&`a$JtN_*?nz>O5pL(*ZC*VJKm}@WEFnb{|6(+gi;@YMcHuC5!xKB6ywU=j^K2bz zXf<7O!i^$$sc3Mjg0tdH=Mp`gRO*cO?)qMiGIh#~!~ohjEYNH2*!5+L(f1Q7_ONRV z(IJmB*W@GwvHqJaw#l&X=#fpqG!@+eu2E6ZuxX(ZzeI$ z)0MVCMO;=t{{=`wcY_7!H(1ZOn9FQdZGG^xLb>~rk$%3G9_uy7ZyMhi2YBIVH#6bv z?HJT{!kka$O5Q6yDRfbUV1}c(kuHjTwBl25e%1{=C(RAQx_NDmr-L#wW;|xGk^$|N zwjU{PBa#ggv%A@Bn&_%%DG#M+yE`V`7i0S(=7Q4X-wVXL z1Y8&7_TOHOoP#o>%}mLwGZ;8b#UU##_c3qi62o``Vv=`c#wb>@n^^(|@DZ)h?s<9~ zHOY$pA&6%a+p5ajTa=ce+bM4Tt*^DrIxdzgvek#hjiT1qv9+u75!^H-&;-$2wVar= z_guvbn~vRz%4<<##kJmUx6>2iAw+!tf}r#Hj#?QRNlvV04U;wFE0QcI6>;Ok7&_f- zb`762L6jF;K^;j7J(Kh@Dow&I6F{@s0jFKFibg&{#3l8|Ob;Yw1T&4C7?b#@)Z3aJ z2#6=gp9Dbc?jAuw2gyC0d~Wo81@D18moYQ%>b*WU>u_y^r zS!KFx`tZ17Y#b>pF^4>|gS0VARnM_3=E44c(>1f3|jy*6nhbn=-JP3Tj667a_6_uFMTYZ02u^x^SxPQ^v4;F`>M_Tbsp=xX21iB`e<6t42sl(KX4q3V_FTSB zQBG&sg|n~L&c=TAnOpNKVM|4P_KQPD9QWalglY5LXC-auPv>!`6+=IG>8Eq3QsQd) zl}k|t>;BoUtX>sN2z=SbOn=C7A?UYfDnQs|!izFe5@p;57ic2(e(1?HG=r;@tQ4FkT5{*B+F zd!lrtw50p-q$dl>S4m|>FaPe$3DBoLmG@*2&`dVaJ%#j=$hj%FUAXM{rV&MfNqD-p zh4{oa#wotvwXBBPmknfRb+Zq4{E1&}Y#gmLWVBmc0-o7uUN&dp=SA4%discQJg3}M z91hAbOk4$F&v)b%qcPZ-a!o$1^ zT9j}Ks2|qu%F`T2m(Q)HW#(qAhOxZIoQBH~z6QN1>Xy!!fimM=#cPF<&5Ja&<(}ju zIeXJ?-2;((*Kq|-NMzfUxZn`xD4Bev3hWD3&uY&misxfX+{s3tM|IiK#;vt>{3bTt zc-t5m+ES~jJB-CKG0&~bkjKPHygrPS7{+E=rk|W#Wi{~M>nmA5h2-Lmdv$UKz{n|) zY@&$wcl1U}0&lNLiJ9M@++l$&mEu&Q)%fpxT7$95_*${&q&=`m@^9X?25;GJ&J{%{ z_0A-kEW5YHoHo@5-5thUHpMG_uxE9z3+atNirA3^o!lNyXzrcj;!giA*Stx+-V(yB zq2&^O#V4&%s026&tNV(Fu9c&YI~2WxRIZ~sS=X!JS4H#?EltUWytnH{EKQgp`r1pTAWxy&;suGe6Ez^TcQ-JD_OaNwV5&zTVi&QLa3& z@T%V6SY^lZ1j5g&>Y`u)%k6J=w8)A009%uJZ~F^UkG(U)0$e%)fQt6RQTyubjTPfR zyPMPRM6gTN6x+AIW{i==%(LQIg>0NnYT<73-*5_JXDK8s(%SNF( zbws}AHiVGBnao5$yAA59Vb}EwzM51{o4UV9H@5H@8!6AyI$wy_1GEh7X@O;{{r5;W zLtU?`yU#e{oR%b-Rk`N`;d#)jQg3nuVhx{Ni((heQ`*J>Hg#Fk2FIPleqYVeM2Ee& z*OMGwTgM|au`fyg*iSmqC`Il`nbI0y7i+UL^qka#aIqf1<-JTO!wvtsYV$w?xSLy% zpcvpH8vxF>UwS!a{dfggMn7wUOh5LR)ilp#nUa$sIiSiQspWA~Ag|_tsW0Uy{3Qz_ zWBgR*gFQXQimmbU$bU?TvGmG7xytfqZ}*o|C&Ix2zh+N54sxw#6gxHldV!|(|= zpOQ7IOaDQ;0KutyYJYy+uP4ubiE1_*tu145eGG?QTWMq3GHWy za%!UOFx&Ojs))b2g)uRED3GUz3&7Qea{XkO$&)Ab_P@f2 z$k#q@R_tV6OJ{%OW8I9Z&xGyWCmL0# zzRN+(a_IdT?eziN=vyFOXXG_JHLmQSW#R;aeP6^Ty21}%8PPpB9TNE-3c~WMs=M{jKUnn0eq74HAVUC4IMsW z_Ld1}Y+J-)xFDg{9xf$@E;QcXgrbrMR)(~8h9@fTK5<^_jM)RfIy|@rpzOeJUbaWT zihmh_F2E+3mALL6J>@j;43MO%=pT3WD4wgI&vYE8CK2P!|6&DXl>jYSK5KFF`cWC0v+GAvcTrT@(I<5U$jdieFM5CG zw@dz)a<}=BWk1xce)LJb1rp%-cl4CQe$PyQe~AbX8gy8mxpwqP-3RPLtUuq?BWG-o zUjUNq#qcgi$j$kCQl+1O4OEgo8+|1I>d!$D0CidRZXG?_+5pHrDZIiFe*fs!w+Wzb zL;&lNT#-K~#eW^xz_(G2pME7j|CJMe6g@OaM;<94{KJJ86bnEChd<)+H|P8pV*Ym_ z0945z@i?NO{}GQr*5mgw^~ZYrUuHdmQX?3^e;dKl@cIdavqhCtq3@hB!`?G7o#(cZO zj-N?|rM&M%w5h6>gI>?No9OM|L6)vXGIUgOVy*9f*^e|U!+`AXr|S8MFO*;Zd_BNd zhxSK6B?}RzUu#{rdXT zHlfgH4vE#FF(3&U7=G&+xhF2yucTUVd#`E_d-=CASatkF)j^uEm*)m#-B@k8PKt*F zpMu~${R12vMb`&q0LUpZqxa2`p8oO1%@hEg5r?aVj`I4S&)66MSj$#|?dU3%NCVVm z{#nL<+CExOb*;E3W)d&PQFQYGO=K8n!`H=b-_P@C=Q zzx-a^cJzJs7|c+r(7!*SbYX|NH$)||w`N$lXKKfKsB48dm}1GRo0$yu(yk_Ki+itr z5V2UCZS`@9*kTdWF6UNbjZ-+mVX`?<9^hwC>1(`(sE(kSY5LTirl3O)x=>(3d{1x_ z)E?;oi&vFrv3MPB-^~{U9W3IZ?vaJVDaMKXayEkg7FPA`oj0 zNip3lD1(Xlm|u`^zlZH=By6#O(&<=0y0yq8F>$&JB3ZX|#$I?qFm1d&;cdD)4w;Wr zyjOZNm9t?zt8UQIMLJfbFQ$0Tc8ykWZiik~kzI_pBSAWSWprt)U`*HkZ1c<*?3VQS z%%ieQubo2;&+m8X4Atr;x_vsTwlL3^Yc3JT={dysR63AOov%JO;_hydZOt1>=^V1k zc)DK@_SGuNkw89b2+8;yeN_uzV30_pbR63NT?;e~p~oB=zoeh5)9>GC+Y1ZtcX&tC z>0@30Rf$P`AdNdwaB@#HxAX4aphrKBWDh3G8fVhJ(?2FeuQFWVxF%1*MVSY^8#Lj)oy*lWAFlJv^RiH|$Y_)Q8 zt!~@l$F@%FY?&%S0D!II1 zkHFFk3Us%yG?i@g&Y1IDLNLsscV|i;W7_7%Vz3R?9rxmr0_=QoqPk)y&aXrn?tHu% ziu9i|#H?AL&0qt2#xiKbuo!N(6lr`AJe?Z2Dz-l%W>29DzpCHcD_T%_!`QX+yluDNof?3Y@rHO*Lgm z_4-@)#h1-myCMmYn>ORyd0wW`2f9xP%RMZssC;MrQO_ZWlb zv*V~ret#$1U98MO3T8=W+h=UmbktBws(Pz7w3?16b=dy#(mpd9i41Cw$r)^#zYU?9 z-Z?O&w-V4>zoSW5-$3D1h{y?`@!Yl`rT-31h+xOE2UAP6SEq ze-k$T3U%?->Zw@@QtSNP zQm}h$C!J9W5@=T-98{>&>gunzS2SLm9Rj{t9Z(!AA zdvx#34f;0RRC(!TDn48Vv1qeJ6PZD4>R}gmSd=C);Y($$oU8%y$_!AP5Bs3l9v^>p zZtfk|lPYnlH)#f@2v4``oaeMfm&()*4*^o7H2aHilkt|1rd5qERKZhKCpvD>dObufQhYet`_JZ%6i(>k= z_`$cC9_T@eX_l7I-Y!F6tVvvh%jxE*oD+WQYl>dy1GiTn#RSN$Ykabvy`n>atE5O? z6qNDrJEV`6-cy^n{uP>;obDUrPt9?S~~!R5MQHXT3f5r3^}(W5X=AEm8^E?==## z&YXYLV#9dvpx)5bbU2dut++xFnH+u0eot)tu%c0TcY-*=c(}J+2En~fw+Fa z(i(~~_uI)9_0gXQ<#CHx?c8%bOckn~VAF%acxk_Qt?qg`XlqIpr_Zla}G z?B0bVLB4?;{(CGvtB?H1l1yt>6m7Rgw)Xs$)VGR8R3&|#JT^W+4=2%ZZ65lj=Un%O zuDNfofNI6qr0snzBN=^b_yrF}nX%tk?GnWuT`jYi1j(Z&%PjzMdUL4ipiybs4xEB zEcsv0Ov=(ae2*EB-s}Wr(9Gbq3aeL|>y#Pqpa$_ny|m$)ro=@zUZuUW;6;ZTY_?Ju zB1*FI!;n*41T|Qp?3)cEEI|~3PFGzTLv8u^Oxmb-3-G{=o#(IH+T^>R!-gQ5c}(e7 zq4a$li9#-Se32{!K1(h^dy^?Kj`cF~ux)t6 z^$tJ4YigXdv8owBaKeq0p##FdPFf0=8d1xKV*W4w@+AHe=mOGykCQ3&j0Fn;ZyG&)t7d_45pK>lwwzk9vHjdx8Kplt{mvMg!7CLlt=B|Sd@qlZeOy!=Jk9knV&`s| z`d_~9e^#3HK_}1oa#D)^E2H59h|Ca3;MUj-3-7!yQ#l9QY>7td1b#d|7Q>vBW2b!14>Fv9Rgs&raK`xDt*hRvKP$ZEn@txA&9DqEej17 z)s1BpbGO+Yq8g8tUc(@@on~-{7!(Fdj3VX~*JbYQehZz5Ih-tzHl@jxB1{)=a;NNQ zTv6V}8{J+9razu})3-`NtvPOmE=wW3=K5*BK*h|MabkMs>sYU9%CIb2hA z&ExeM@qI!vi_>Rvju|!tK2KL0$N{aqM({&7AC|Tq4z1}zS5cT((UAqLhLu*1E~+Is zh{uzZQFrUG6kqJFAW`MYkO58)TdRw<43LTAy{ll^k?8uoqYVkwc4-ZWl2+%73DCE# zoSc5v(^Ljs{oVtQ>>$))$}l5vM5;w7|E~l-;4%=8S9~3E@h?wc0`ri1Ha&iA!rO1R zgSc0qsYSXU3O%?jfqSK^lYLC=LO@3qUE@^NEpo`=^_jP>A7*!vR0uOtsF`VokMM84JGS=ec#WxfHIH>RsA4BPU_#+sLWa z%}jAOy3*w_!$wF)n;OK{t~I2j6YA3UI1QP&c&HAc&|N=F_{6UI?y#dDS#&oMQs-~H z8;3Ja34RVKs7dMH*xME6v1n2&ElN{NrzXYsHAS%*ClyQ74I&(6>JG-w$doy5X1$5w zoEy%p{fK{9PzPymyQz!%6hJMigOqxm5;GBeI!c8>`cSJ%FqU+@=1QZKVl~F8jmUn_ z&*B$RgJr<$KY6%=`8%SrSyW#mF5C+?f!glwGC*Mi`4jJJS35X9srfIA+1?Z1f0yGP zW2klDXE*h>H9srT>)WG}*3c!VxCZq-1JS}2S;Xl1i}|T?A?}!%@EojLqO^~OuP;uh z9>~J>c!>&N_l9Cx`+{7o>&|ih!Yo&_W1F-jh*h=Fa7MXRU9oZ++|i?tg(i zd7kr}v(GNSz4z}Ftt*Uw@xzVtrQRUQFXtc8?D%b8{^Z)KpI9o^wVs@)X7hIc<-ql5 zp3wvm1-w2#%!5nEpY0+--)7hyPoUNlqY)Ydlnr*=Zzq_d+&)LteOgG{!o>GjZjFZb zT+UAU)GI9M75Mq#I6urL#vzJuSpDMxuHiKd|G}V>qjMj5RbL?jH)C}|KXa51Nn{xm z%%&Vx7cexfRvXXLx!5pE7!9-t?6=1W8=C1=wvD~1-+;IBnxzWfQDG2+3C2vNT6(-O zZt^xe2~&ufddpc(BUs8mRk1+~dyCPUKUtuEz_bz)B7BnJ((5!t?N|TZnSW{2vFN(g z=w(#Ns)NwZt(v+K2d2K$vWDgr6@k_sSz5wK5zF$L!9^Ed7|E>IUt`LRsi1i}?LptD zd*2z{ReWG?kh#nHYK#puzHputLwLWN@{y2Az5IZ?O zjXbluKwD#v%X`%4L0*<9B7gq%Oq`>zW%=0-0Xee&06*$rsqM{tAGNm-Lo;6kf1d*~ zDrDuNgbh(F>XdV9+g;jxML>@XB1q#ck~J_A+nZ|QH-udd445^j&(ZkKr$DiSy z{ikN?U6CbKUC>T-Zo~NY(ShO`8Bth&ikQnyu*wX)gM%!>zc$c)RU3hWpNZCU70$Tz z-Q4+sv1e*TFIUbm+!h=Ozr4Nm`aSeJVFK!7!uwaeD}SG~bY~_j<34(nVS_9-Tc})K z&M*GOq29asMhm-oCUrh0AYk7S$fT+i+uLNHO~Hr-@1aWzM_cssPBjNY{pT=pqpl?6 zqW{vzGMBf_twn;O@_dv99%$L3R{2x(uQRYL+xWU$+!Mr_w1*bv@b$>6*mgV^R;{D<(2|VQh|URl;;JDVy2I(6 zP9G11hS0BZ!BogmI^q$I_Y!I#oxW3h;wY@|C@L03qG(hIEFZChm+q8u>K>e|%IzoaR3;BNhJqzec_Lf#oZC1Q6qB^HUP+$bI z$%C{A9ci6uT8|BK52&%G^2T9Uzxbi`fEyG8-|`&>e|m^PDh-+e&{IE4((Uh55H31 z8_H(#g^Af7)TtkON(+=4x#KNSI;0`_p>r`H)%Lv4q8xG511pha%dFgf(Ag9>W2s!8gE2h1gk zOQG24Oo=DdNtGFoZ2Y;{&$I%H4=nwN4R@*XHo5bHI^<<3%5;Zzi&+?E`jbo}6jifT zbAj;SgE5x5OU2IF!ZcJu%GAeT(EW2xe2+6xP8Jd0-l=e#xDfdg1I3b2t7*GYn--F- z`=^&rbM7}TJa!?*=KYG>i~(mZRVx0K<`002gf7PYrYlbJ2b-t9qd{;+)^0S76Ai~& zdR@J9xpR3ORYybCIwiS4$BKnE*ss9vWN)2bxZs(2!A%iccDL3WS6+$Lh?Tu4Aa}{i z0FWY(si`tqP3)!@P}lV9p_OAl?|>U+t>V~KvL9%IR_BtnX8W-oh%T{69nM@?FXf`d zLE8FK)>A_1t%58brl$NyUxACaV{?wMF9cf3d53wlB#!=?go-mJz0Jb}I zcH@Hx!&p+&(~RMw-(1*Ym)J<#)LW1d+q0huE?In0078-mDAN0 zVwF4pV0}3EW3#8*I5n0HDV3&?0uw=QHkVNo^RtXts=br8KJww#$=td1GUSnZ$C)E{ z8tat5cw`q!-k{Y{Mupz_ub+VmGkK(`&lMqcOe&yh^VMeqm+ttJ$}4*ghp7d!CkOft zooTS-S#fC!0L{#celHrgF1%`5o&?J&hoPWY!yeB(8_FfrcU^t#QPXc8w!&uVxsK8u zF0)Um7`98foU(Z72WgX#pXlYI3GI8nYVw9(j|>*xf-lA>dA&9q%?UU@d|&|$->W58 za*KjT*nj#mP}*u9Z|XHU{v zB@B{mfvLSq=KXX;y+{S^@U})UQF*EK6UtL z>O!|GlsCnDe9B9{GdxVuR4*#Zu)6=HIeN8}7a1S6+REix0MSk%%v*=UE%%|M_X^7s zm-G28rc9WA*4lVeshh@)Y2`}IhXB3ged@N%)^Jj9OWMsFsM=*7+~=z(8FYEG#@5Lc z!(-Of6<6-u!1plRUVU`S9<9V61^e8YCm=6*9%JYm=NJc*=O)ZYf;$htuJ^HbV-PEn zC|fGk-YhLypB2oG;Tn#wZE_+9t<0dhDnz~Cbv-<6pfsfK*jHf zDHeK9LVIE^_WC;>$h-c!$^U__P$uWmafeD~!Np<>8*bSnC^@=%oj@Y^r6@5wZy58v zGH20W$xyP;d){WMR~!ZUVTb(Y8j0gy8og0lw=(OYD|4o7K|%NQrR!#%@b$jsO-q__ zRJEz!xjtCDBoSZ~F%x;q(SFWgqi)?n5RO4rGzAvQ8~b++g25OkOxEqk+%634mHCla zp5=Re{bgcv`&lW0onPye_Zp8yKb?|eU%oY4M>&0v+hBd8J=#{7-DLgtUi5MO4;c=| zC?((A3nvFo9KUx2_JB*mJJ7+LS*H2t{Ng~T^2#td=pBwYhD;VKp-Ob=>$>|)4D8;K zYBBgag(9(m!lVwfaQm$Sq*RdAtiI9x%K}0_G+k`Z70an)vZ0L?+wb*3?{O)4bV##%Pg@%yj0 z0}PE0fdYMtL#>N{;S&FfB>%@uABQops!y(%|8pLEA!bk)z3b&X_clVi-Jn1dz!Q2! z`0-Cu+kd?c5Yq4~pmsO=zvD&hN>92>e4nh4VMe@G!gFqJl9|6p```siq^JYW`k(Ey zihayw_84hlOr`Dc?WMe2)d6_ky^)``tEE?51IpNdcEX?WcMWmNi;q1tmr zQ0SSYxoyWM??+8@vx~?6*oh%$g_m%)y1kTGg*cV^Eq{Y4|CvHb`<}^*m$nQ26Jr(g zr&rFUhJGDd4qJ%Px>VwlWqEso`yWO2pUxbjT~*(5;S{EsR~AuYwi_tuDgh(qRPXtY zt@`i1wuZ73p!Fr)1ZTW_16W_8$`-gNJP|{aX09s+Uo0jb!*L@RAc+!V!{`?r!)R0^-+uRy6&J3s zbw_%!YBF(47wg%pF=QlKHTLUS1%sW*fb9s6l)(h9bl6X~zgY1;W%~nU@Q~4aa3+Vy z=RIx#UpHzxf$6vXoUl~iiAU8nV@m)};czSvH=L1v#1Jye`cNR&?_{|pD#(6m>`kA9 zFYk}~scxw&?rJbODgR9`^$ChuH%DElM9e}QcwJc-d$YB)49(n?{U@WP5*yv3ULFWB zit&G<%=W=wsAABnbnQZX>65`9I40epyYv{G8lPF)ebq{eZ<&JD@-5-a_)jiUBW_n~ zmKyi!#*3Kucnz2vlHJy;uZAD6A);@j%QI@plkRS=A)qP#>+>&u+IQ?$n(nIcbw)Y= z)$8$Q_irSgw^0Mj)9sWg_TR?<^xV?tV;oeG=XcTNXIQ$ z^M&}aR?(>BnJLd1k=r4suKuQ1mswqKeR5kP@a=sL)7!&-eP(t2>)#EH>>Cr2qCG%% zdR2KK&;8eC`_jk8KIQ86CWu@2*rq{Xo2$5I(msnLUk)Bo=R$4H=G#9y1G^56Q4$uh zAO0dG;PIx4xIvhdNUMSp7cmlPfyRC3v)d~KiwMJx2spE|igE?Bt>i1n(wp756ra%> z>VSB_!48DYy;(Ly3x`~INr2R60CGF?iUU@GJU)R!?AzTg;rO#C!g;L@9+#T=IkuucPuI$L$)zj5B{;_51X^AqP0Vv9;BmAW;fkPYr@ zIkcP$-_7e(PMS{2u3sM(6t0~wfrpnYNIKu643ipm9(*NORCSsY8d{$rT=OMks5+b{ z$d~O_n>UO!xzeSeg(73{Jz$Am?5bZDVRevMYS`JUDYNh#FF=;R|M~rDnVRFTdoyW98(Y8667u@PzuB z`I5F0ya|)?3SO-xhO2k%&4be7)kREg^W`ODcW5H#UF*5ha0u*rsw+|NLvtA#SR@=j7ZRA*3-eX|u9JdaJIPr3X z-`fnb)@MJ~5Mu8#bH0d>M%&^`>e?8Jn!6U6R(#aJ=v0$WjZXQSz!Rh{?`o3tYWLON zsd&p&NrD>D`9Vzl3`un@C{kreyf|d9LIC2t+ zH)FvWcJ!Uzp46bsZvLD~h=tx|#|@R*MhIAFkGrgX`Dk2T%^Xm_)^BRuU9_I!QoB%L zwd9x?E!q03DyyPDl{C|9?t_U7t2;e*^h$lsxvJT`{C?!MrY_dj2)B=uu?nfDFI}=} zef|jrr5!m{JjnAhKVY$%Z*L!Ef*p1J!B6}1+zXi#rrs2B>~0NwC}yzQan;^0o>`UK zv-^s1Sm_`;p!K<=TwX5bN23r+6^-n>1r(%4GkdTKG*Xvmzp*Wxd8f)0QYa9&OmS#~QU}>h1N*S_E>tKA4Ur?gfFPg`!(pL_oN?2}d=`C)xS4-4%KcQx> zNd3;?F81+)K0`~nBs8wbII!H8~SruU~GA0LS6HpQLqB~+I+nWeZj z?lGnf^7O4wZ22M++Q^HwqH?6q&v4ImHE#f=EG$=Uffo01FZ7LVFw#34g}>vgl`4BV zpiA^f+#%iu_8kp&1W0TvM4XS15_@YbGgdxPq;9G4$dwO0Yy+`|q5QnT>{uG}2bD1q zq>O0Yl9HsT0tKhl+pDFJBIgm6>78U4%ekd$>aE;l>1wfX094SIsPL;obzCDzcotbD*irb&HU{8RBFJq%l!KmHA&=+0pT z20MW5^swJdN~xP^5P=zI7D#Bq#X`5N*{mW3f?0=K(XVbi)6u&Y>HYbMYL+XMj3&LD zmtzcW;eiGkc!@Mxn%8*dy4T6`oGv)pH<*!Vq_-Y1W;A;GwpY7&%iSv(%x2~u9T#n` zy7|$n{bI$8m=;c(ZRA^094ZuznBFXlnN`oJ!fPcuFY)I0uvyx%B+%3vc z_4;e?$Y9IW$Y8_JqSFPi${glnT@dm@Wp>VOquL3xD01COXB(p<>vCi@;IDBG@@KnE zCUrqmJ6zputft@Lao*-jNQ4=Tf(oGXU1CWgd)SlOaTkxLlhTWHU7wrS8l^C^5# z3g%1k)QRY}T41y<-Q5xdnTGoIdI!e`9hvG=NBe$yn|yvD0nyI3;^^LoJ^n{(3d%`W!4nU4sn z@OE&PAiFC2m7$zV#zm)XihJWZJtX3__e(TFi`(4-vr&X-*CV2wP}^(z@5bMT+hX&X z4O~!^^`=QUr$-`!nGGZdku+AAxl8qwnwF@G>ROK-Yr%fkZxV2DzQd9E)&`<1sMXu}9w(&I`rRwix-%FW~(y9g1tq*fbaN;Oy(j$g{MMWUvUW%uq8~ zn9|R*6uMF~5g~Xlj%;w zCXtQ$NuPAJge|0|)4laS_^mz6izd`Z1e*nls=tMb_xmn7S7N*?(q`^=ee8xzHb=L? zN@7+r&fC~;h^{xCppETTc)vC25h$uao-Z9tF6^*JPRz)__Qb#p9g`PMhjCSo`a4$0 z2({{)3i-r9fKJab2=UvG@0cU?&E6aNQ^)_Q^)F}vr(*gtBJ~>=gWcT_qY6nx-BERC zSOqgiIr6p%d`v@+AreOHkiW1L%Y3})>ANWtA^v2;ce#SU=q-+H&d;GMUHcc_?B;1# zGF-cy?VW}XBG#7s993xPDgJ16V;oR2l}%kK&zWa$$4)E?L0U+^5=%NZA2TR>86T9(#eS9^8LH! zm^SXny!&w`dWP+25Nj=W%*!3rD5{=Lytp18^aWGvBOZ8MojSdM@xgZF(VAwAsFgaA z!M1wA$!QDGQlsxhc;3|13xhR?*iNBl7FBFyqEl=amD76n~+D-V3y^dXiD7upB9sU2*c54OXt zx(k?wFXU$v#J&k>h~JTi!5Vr)9CH4i{`h)giD4+w%6Ldk-B%@DP@qz|VPQp>L# z6?pF1Sq(Mqmx9B9K7SdrKd9@$Z*iLKu`N}Z4yIAL#l!w{h4GpSl-1SVH0lMqEgmXC z?A(3eCfyQ6v<6PWUI^Fwgzlcpdu=G)-vhULE0>q8ECV)JFECPu{zDvSk{^iX_!prw zDLxVC@_0=V?v4AI7ebB5gLOeMcugTrPT{m{wSj&4#~ef1vEX@XnAs7YILfSp-!ai& zt+nl6g9VTHsHUM#?!*~qxUN2$c{uaI)Y>l@3My4{GGo-VWC_w1}uJn6-P$|6JkHAo^Zcr z@Iq+wlYW?srq*HgNBwGgU3&Ow2Kp3p@_TQF~QXu+C#kwqO|v@ zcz7I_dYT}#zsJMDbq1o=6)CR`S$e82a$_dhLz6?+*DX=n%b^AYD7|0?;*rF9JRErM z73*-0DG&LWKr=7%3)G;8ur%EweDbtl=Le7tvZ-3Zd(G2;Vvnal4to>>H@HQFZWe_# zZ)=VtFLSxN-{$@UY5ofY7;^6nIN-B1QS;!pgMHfz8~C%6pHf%SXm_s^=bT#y(YjpU zfvFQg8{cSE_&_lF09*yEvaNo#)V^z^fX^v zyx`@+Gc9?3k$6+wNX|`SCJ*Htm;aZSxC*q3I`E~izaur&jTVJ0=Ck{GwD9Z+BRz&Fwb1?cBvP@HN2sj&+mLd^;qhWp-)XTIm6toLSKG+#xej-NI(|c{ zUTkK5wNOtS<%e~ppkcA4MJp>~miD{eH?Ka#_tQg|dJDg)xOti5`m$;Mv$;Y{zO%X6 z_Y|OB(Zw%YCT0W$q^A`;yi(GLF9xckPTm*V$*tf@2xPq<1rw#ocz)@=Y%o#am`n$` z(}#Bn=rbOn=C8lF7_^;8Pydq6IF=lG;+sS#)+-93Imc0U3gn@#o=W6e;Sez0LI;=M zc`x*5X(Sae8iziS9J>3gKy8#t#;2V&^6j`daJO%l`cwIupb*M{tH}wWS9{K7l@&$b-kkPS%c& zB)|^b)yx`C6@`pcx?(4CSK4@CaCzLTXFWjIrS%(GM;~dMRPkzPE_(PPoHV;4@r;NY zKv)t;Gv3xf`?hIzT!peafh7qjg~;IRRz@uP{eU{PlVmJ^8&s|!m9%^9qHw z7kcyh##bpVyBU(579<_8lyiVxodR=YZOs!DI@(56@pVgbuDF5P>_e0Y_$h3SA1r-5 z0^(c4#i#p6i6CC>^Xmj5L>iaqev_t{o>oV{ixv0T=?c6W5rYAr+3|25k;LagqBE7M2#fk25KT-vEoR?*@l?Mf zA1~2qFES}Thd>2+SA!s;t`m;n(@ITVPD78>At%obh{DcUT0J^bGUK<_XQ;c?4qYFz z)O9YwKv&0r_MI z5@1uM=^8^1!cypwzV|t$OMbyQI@oFq6aYZkMp>0+kyDy!e$y}JyFtWmlBv#wSQekU z)55`p+;W?WGlZed5s>_%8i#%afVb9Wv5z%@b<*mWYt)RD-?Y1`slf$$=}eu9mAy6F z@4(rvl>6;rnAT_EJ!Ftex5`5=nIlzv^L1(gMpAl}RVBr8M+3mWyqaA+N6+}5n7>U$!WTCvr@hjMz&Ew-ONiH?H6L9NC z^UNokbv_jrY}8e3$h(5@f5>Jc;JKj)#=V6rQeko>U>4f>oeRMK;0)ajxXjE)h&H z&G&OY(yhvnz;TtFrLta4^-PuM*3IYSNqR6^gGZ8k=suv#R==t1(W|#fkb83%4$4Sk zJbRstr>fqGx14w;j5i73pJaBG2dE3~AavuclaDk2r%K&E0fU-G$D24-I8)L9zPt)_ zdtk*1M+q-tkqtmLSV-l3F6&5yqLNT#z?YZdY&(36nYF?NBh3X&Ea{~R zH1@G+)wM{5vFe%Bq+NXu*mKCkD9VDXu3kz0C##{E;ZqIFKdC6Ut8)AOA|sskpvSR2 zzl9zyiqx<6tai%apIby&qXpm*a82 zak?Zd+#mnh`k^-fL~SP%3VY4wH=3o8Pf`FOH*=9nl@w#}H{kcLNr&$-pJLk)yWaCW zXx;DlCGzKoYIj)EAF%|mey#>sR}TPFl7!7U+9r?y8@4a)kW_!L`=BO@)ZvPhF23uC zg%CB0JspK4I8Qa+7ltiHEp^@r=Q6NOcs){GjHja~U}-IefjsMkK0obwtnFvjsT$_E zwJ#reQ-F1`5e(r9m@l>mp=(>CP5{2%$HXR1zl6$a5V?}AnUZL(AW#vPAIjd=uflv@ z;IS~6ouPVO-y<{hNQ$4)kd@k&zozg18`zXRH~4JE>sfhKUIEZkFa@}1_Cq%D9ZLH2 zcueU@ZEE-F;OWp{IG>*e6j773iLw2W1}{0E0I_vJ}Z+9jZvgLTR3zmuEg* zszmZMu7i!O2K>}k*tJm*sGQFSM*vlwH}Opg+Qb>Z#sf^Lo$;=CIIAY7LQr5ufuqn2 zM@Tt9$m9c%o1;*d%_idQ_5^X`^kslucPIr?$iyxryY`UCuUURgA6x;}YvWqH(kYV- zRKI8nWPQkZ&>296#=hct+S4Hea>S8Rqp;%D(<`$CpenOKH2uq7$ZytqHS+)-U^9ri z7NdxrQb%=OQsYDzlj`VGIi;0Mg?gIwC z{0J5&`?|JMdhV_|gH->TdHC;m;kJ3I^ctpFn&_RrH8Yj(`C+@q4SV>KA7==dgc36x z27%d1O2GnidnBZUnS8Cg&@6J+P8%l}quOm(Sl+LuE?lnHe^KBiWQ)*(>yW~>H{Pd% z)oemh!G>4SbomtlxU!Jb(H)sN!EC~e)^v@(2|!D;I@bk9)v*OF=%y}PGAD?rTH_gG zf`?fI3m((+Ka#_CnX6+D4#M^`EF#H^{HbR;BgeG4p z@WFWT!}O!!iI%?OVH1U?zZ|`i!{t5rvI^nJ+XyLUa@KQ<47Nt}cy*nQrk8 zG@Pui1mK0|co=&Yb1jn4%sC{8vSiwv@CDMmY<_X{t(*W;vtVPKUlWQMshl7tKnrt) zONw%{jzlXu3q3HMJw}WmhugFV2(@7z8(^#Vp>j?fzcaoOFd1iP!QUCMb>dx@Stw-E zwzSwZGBwPb?>aFVL1@v*Va;%SPjR&LaFJInN9ByNA6=QCYLkS8W_u@+!QC&)h%%-| z4`uvp#k42W-+~_8oDWlrW_>C+km0J=70L2UE@1s;v>fa{vB1$XitpDr?PxL3O1zLL z?LBX_{yeAA7vx2<3oA#Z_r97=nW$w|Uv4Ir0gFsp^snzKR85YD@=cPDW5br{kmj5h zRxM?sW-XUD!m!rZ! z^7WAK^b6Y_ki~)Rm&}X(QTdp#DR3EVx=`8QT>ok9la^13ANbO4mgm2WvyjfCn){9y zz+V^w)$A{7XzITo4Gy1m3dz;Y&Pt=MW*a~D1<9e*Ie~Ox(~rI1jn|*>*mq@?7$1Bl zIB6izpW|!%aeK#JCy@ETwF)9`vNCLaj177Y+{QE~d+eEbv-27N($`47Bu-D1VZZ}$ zASDAZAg@+N*}c9AE~>$bM_I1rT*{+(%@2x`Wu}3Pq2XFbP;nS2GM5Gki2S8T`~IwZ z`ZukbUQDkUGySyob(|q=XAT`@fD$4tU;UoJ04~T-{s~1Pa_vVIPB;&BDV!g{VN{ex z_hsMjvKm^tdQk2HEumg@10N;P`Tp1Diw8Egv+3WS+kF~5&Gd6wfZf+uPZ!?>##;|E z@ltSLXr-b#E(+8Gn{K>@g2PM%yg<^^3qLC7T!YKX1)LQ7klV~!WJI1Qt2Ex1BWx11g*>K+<&MAYllm5~GwK@lea;=e*X zTcr7yxcs{-^X;{7^)VLa`LF(@^`9^KK8SBsIwm;)_}iP}8~b0`+`f;u546n~VODHc zxATU-i{AH(>DP2C(bwY3y8x%{!r;GN`F(6TE&$)1O;yPJwn4VL=6jXV?@tV269D0i z65r^Lx~%?XY>Hm=EDv$(xZK~S@cS74<^J?*%5H%{u}KrSzxDF}+Xeq}fBJ&t(f4`H zOxKt1d4&HqW9eaZuH^1V#KHe|<@fcyg#lGreR5Ehf4t(tdSFmtnsqH_|Kpqf>x+cU z0vh9jMUsU7KV3e%m-JFG&j~rne>%5%l|Tx;y3#)WXJz)UGN8EkD5$-7c^F^(kLR`q zNMU{eH7fPrRMYp#{M&^5KiwMX0=tIGTvDRRynb~vT&uT(oqzE$3-zqHk931HW*QxsY zR67+$=fsbtzDK_4Lp3JJV|5O{m#ofC4U`(j?L&+GIhCLI5B1R|e9Y<4;J=IFUNr#5 z?mDv||Me?H?Q~Gp+LJ1?Poqs3!)JWD@V(U^6`1L2yC!^wH!zYxEzwx7?Y%XjbKsB^ z_UC2a3#l(MP4KArj5<8yAP4^UT{bHUkV#76>UW}{f0f?t#;>6Qw!nv*VIlwh(r+&x zvI(?BKUPg^o7wpH`Jw-(`!2n}vR&^O^L8WH_BS~wunGS6BL87G{!OU=w<7-&t$(x` z|F_xyf2y^HFT8m2UHf)hG11$;G}5Tb>vi=3p2Fl2iF@tWty{EOV}y|#8M*4&F*an4 z6iH!?t+CAc!KVx8EYSL9gT_ZEJ-*i|6rkol^K+yq3^rSKm$35g;MwflUU|`=m}p67 z6M8RLHfU-rYo^}kQR~9@)vKG_eWKjzB^c#+&);?A-Ta_cWW^2h_*uOQOI+s%9_Z82 zV=ET^(8gDv@&g9SZelHRA+;57^VxbXDgs4u+4ODAwpUC`&4rGa+a+D5nIt5Mm>lz{ zWU;0?&6Zujy)|B8^~ThC7I~QQ1g*L!F5^BGXc3E2bd&lE1=qV!QiUeMPyM~;bTR>V znJSM~Zn5Yh4;FkmM}=BsL8yL-V)pmFUC7?*cUR0OmE?bH1pyk`PO|h*`qHpJ@~bzH zV-bSgn!@9tTCz!U4O25)m)7tY>xyu{S<*+`pod87IsmR(EmO~%rVYAJLb z4-$4SBvlOE#W)3^th=tWo-W9D7W3`%+>AXSuq5JZd$F#l z%42zg3x~#QDBfiMVV9NtYCiFRzhp!iT7ODzY4H7psZ!&R+B$219QNF&kYBw8U5rh> z0_7u~W5Gz=(=;9#(@N%^reryV&9(VK_uY#r6&O#-&}Q7?LvhSn_vBE~xNXYgU7YH% z@h&`&e%D?Z>lWLhanoU{*9-)=Jm)HmiE~zEmQYF+6t46f_NW!^ofX`lT-c?KsE>=0 zrAQ4?K}Vdjv@h1&cFy`M9n639aS}5WF;lk^Cmu#W`Zo3cA*UV~oRfdsD;g!@67M2Q zZI5h<)%IH~^l4#J0DrGF3O2<)P%kna8M@Ay#-`+fKwds;?%$z-dz`j)Uio4TX=pSE zPx0L7f~JVnuTPhZqpEzO#^d8D!YP4N_)+pTR7+}*JOux)w3myhaNcx76kwTd^nTY< zRpSGr&$FQ7`O?-W9Iwl`ZeSzEQ4sG@|Cn*qZ)O25WR>!!oc3cOy_ua=fZeWdzefQ7 z%#Y$=kXrcwPCp&|ob@jFck`~e!hWn|R;?*KiUE7T)J1PA*;RJEeT8&yo%>V;wLYMK zkbS(!*3$nXdH}TRmb7)OJrX*>-iAkR zPRrmdedHd4USP4kqm=as=&RnCOX;i6RnRetqgp|f7N-x`Dmx+TfCg@K_R)BA={0`6 zQzs<6&DhFn=W9%RR6+mf!Pr2Nl$CH)R%tAkB>Gr$Oj?3w{aDE=X%#nA9Jl+x^#FX8 z{>uqVY@<%)LXTq@JeUXKueS-fA8fleE0geQTrBE)@#T~KrRMoXTu{^1wx`~d={pJ&3@XAmv$U-uibL_6VGV<4=ZaoX@f#AQ z>Yv+2`icJgaXu?h9)aIzFrIGF6u#>`@<<_0)9%eSz$SzzdCZL!eeWLMo|{Y`qA z8%(wHE!0v_$UN}V4y>BgMhGT(H*0*_R9+3d%g3OPkSajFF2T47Pab>&TN zZ&u$I;_8Z}Fi%~7pcz#PWltNG)5$&~bC(B|Ku|W&7E$Oo!uQJ4WGN(`N;Xj`Cwz)y zC@o?)3#VMI*9|h%x^|+7nH*OUZxJAYG0X{MFEmG=>3M@4EmYY+l;KUn7;FGJmcnP%W_j^ORAr^OobCo-hQF)o-q4~H&stEEksfeb86LJ zawK7yS&FJ#moLV2#2$PmzjdzZe#6Ipo;s669{t79AXl@^rA%Yu!&&G9)IK!>|5Ra? zwgqp~JYDaNwZ{8MKjn9WgpoGHQ7v@P%Kj2KBvPi;DG=zvh=4RwPeoN`y9%<-tzAQi zGq7J=A;+h$;e31&qSnfIs;=CHqQC21VA>BzTj*=1mkD6aeE0sSuV~|iogw80DM#lc zRsA-@40{Gx)H_v@E_>YLAj}sqjE%*`cfo3$Et%sXI!3d^kB#Rmi;uXD;$N`a?%HjA zc?1}5Te2gKpnT^B+DNC$Y_94qxy&wU8Fc_uRmzSLKl177gw9d#zg-yG$Y{h=a3ahX zpEg10J)gsnYFT&pnRrgtg#1sV5NIHwn)Brp$fx=xW zhtAK}gciz(PZWeHMkAy5-65S8WUw1t+O!9k10KKbGhNIlRTeu6$r1;2{IJ~71p54M7 zGGt1`eH6~u8(eEU^Q_IgJ$7L9OK+*E z^g20UU^E3{0T?Js$kw)cyPYcE{XFy(m39PH8-2!|2Eo6@O$}f*-y-U(Upo=Fh5(_3OAzY@7jG^3oj=Jkl}k67B&)2`X0u(Z`7vt?9hXuqxZb zbF&l1QUq~X=z6Bc7z($}#UMOd&h!pQnM+X?V6_sN9yB+7j-Y8mF3^w;KF&X<8Jgc2 zT5UTFP1vQL^e%YcuRl`lI~b!+0vMS2p~$z4RC`K8q9Ee2FhRy+y8XgzoK(-*xq>Ga zzH8C*RU)G1-uUW+VCe8KFor%ag*5Dyr5&AsPq|x}+NDra-0 zSXqp6Dez;+@1Gg(YQb87u8@(CskgAHBHaLN`*8^ed>-L)vtgR|Mo=v{tQ=l2hcDVv zHPF8gOh&JIm>*}^*7>#S&~Mn>f10iwmXK!4$|3=7^vSQNUr5%;Zu<}G{D?-W%{6fx zNr`zWQuJO}L%%sCpW$|t7v?F>dyGV4#8xsTV))=)>(5xfbva3qMox9}o#5k3%!j+3+qT>;7)ef}ntP3(Pi1rNJ?kM$D?!0=y{H@v#`edUfL||jITK(|c6PwAq0tnZ_SOS|4MAs39KG`=3ij-V;Fa0Q)@vCL% zKt?@KZZ)*x?Af|?6rN78G#N5|FMOYu7z zv=ovO7ol6Y`Ir6X&Qnf+c8AZ*Ic!QtXohoPF+8n(ly|Yq61P_Ie+k^fGA{#5 z`wH7wHSeoG6((>Cg?_T2-p6733{8rR#$757BS*wZnOZ#yL^+*xHxPQ43iwSO7&Xl~ zU$tQsc`sZ(MfzfXvro&;*lgx1Wz!;PTG?zw+dXtNrR68bLfB92sa|x(Ci3C4@V7zU zSBAajI(pRF*0kztd~R5eavB6u{O^o{&y2LyjQsE$}ud&x51L4&;ZG<2`E z4qvw~_1ev@fc`@exBbx22$D-?gA!xZuLdn_Z<%B5H52zCYSWUXUJ0j84ueq<$o#W1 zw4+Td4Gy*|#0SLMxOQ;{c~xJvfAA*XU>`%jev^p6XUgi*&K|4CP8McZ{f6w~))4FN zS6JHGZ=Q3IgLJe;Yha6-up!2I@-Cm2h+50Anc64sO;K%r8N{POFQh4 zITMR$?ILV~&=dV7;9XE{wy>00t*1|Y1@B#-#@CQuRt1_Do7xs8j&}2bq4B9c+iEc1 z#aB5fn`qn%cFP-w6%vvsM(#VWDH*Ls@o*(f$n%Et8WsSLY>BF7f74N-nBUD8keK)Dj!u z$;!2kCMz?$*I(QX->WGv%eBQ%^#h%dIw&#{^Rstx&RZ~3u8Ndah(TW zlRbNHjYW&&ZG0ldbaY)JWqpl?#ydtf8cWCv1uh|g{_80{PWSi0Cl0g!>b}yGaeksD zY;J81!z(|=s7XE3CLuz&*O)Lu+gZ}wxq&pZju7kYQ9*y5# z{t@o~w+|tkAfeoEsHX5k$@=SicZbsRR^4}xvHb1z|CSv6%WrZJz^FpttN-Pd|8l?o z&%TIa(x&&P*l)|!oxsS8O?ukt=XSGZs{CM&YOn2uX}I|}6cnhl2F9aCB^voR?83gEy8SvGl;B|P8lihlM*m>C zV44o6GZ7JLoy$Nfo8-8#DRrIm0n4ip}DeID4k-Fc*GWtyZ{2p4_ z0Ua<`tn}jC?rlw~!2Io{G5Q8>_w8S#@eebTqe(9!NtVjoHpBksR{TRQL)b(>^w5Z6 z;7;4-+dnS*>xVpDup^~sI&%I@o&R`CriXzbHpaLbQ_`9B8`G7DHH3OfBH9RBHx z+l|x9FShoM5&rS0r0KO09-~ozmMHu=fWN-)AM^ab<@mpHIYI>3jX>^7r|!ak6t;#D zpm#b8lUM$bh5z=UK?z8(*~1N&e_Ue5G;IKI8<(kM)$L)OKh)))AJ{Sgg|^Z=AIJYV z@V`s6SS8pd9)dHn|M(ZL5A7NjdKXZ8al0+CcIXmrQK~nGnEff!mLxLcQhU?nW!ukF z2Zz7cj{l*Vzz4-Xy7pf9bo?7T=i|Nmc;sd2rI&@EN7jDu^&OH6zC&>g6qu{in;h4F zq4(a;4j`~*a(#prp0u-|8)$vdI`#r+I;*Z}Zj{e07Gmr700sBF^wzndg@dw74Hxdd ze;ju42+^E@v5yKdXSn79fDyp?DN9)7!&OwCmD;G=3VoIx^u$%Nnn=bbCsSqbo4K2r z3iXOZ0-_h2x+J$-+Z>_Wd&XKNW4>uR{nKus%ONXL6nP2bjds>QKS7dc2ZS_m&|x6r z3>s{3ptmpA_ZeTR@98-YKsTZ{->Y}vX5t0@By<9nFxk?z_8JtmD%cG8ZQ`-BtzT{x-0OI3u{M|~k3y~qP8j)(zLLlzzFs}HxDxHjNCYchk7~}g zEh2sqP!JX1#t(m8F;Iy}C&Tds>^QbsJbfSNy$>ZnuPqp^eP(D3~1%Kq_hmf7S4dy2qLUsv*YUc{JvM}=R8Lg1}j7cIGaWBWpFHYeukc9^q?hG6D zQ7RT|@6Pt!DIVJNGH!(al)S&`z&6s=q1XT=IsWwQ%eNZP5I^<=(8?)I+gd5z>kKM% zkM0a!Tad!@I&2(W1QIa+O1NS$qx0Du8qpbf={jIvOkD0V;8nMu4XEUxxCIK3AN~@(=$ft?aJv;YuJ{A)7~6n! z&@3YFT;6A3A8+o>&mHMuZCM9646rujIkYJ1J)ky7PT`qR4gl>KJz7D_&&ud5L!Buy zws=)8FFiWVSx~EN{eaYOcdT%aD6AXzMdhdvHKHXP)pP?98M$X!0oN z0!;)a6x;CTdY8H;CrMc zmelFfL#JxV)-9bR$jOd}9_|?cGyq3Vwfp|AS*j*u)U8`$3I{FOpG}?jdi?bsWw1CKwz-ozNOztkpw9$)6z1i-#<*;l<_5O6VcYhFmB5FT-mc* z>g6wAKJT=y(75bouaj4K_pTvtR&^A!r*=L3TwYLSLE5=&5n2J)WL(e~mbzL`m1k>}z-C)HJJySh z`pWokt_eAhemsm^edF4mE@hW&L_p%Mc%C)xBW8CD16ePAYzNr2B&dB6*M@}SF8U*= zyjyJ;hRQD+l{gGXbc{wfc#eRfbCmo-6}HP_2@ng8OfEI_ax`3XjOw`Bng60O8L4z6 z_R)SFrd1-|u&|3j8Ct<{sm&7T9u`mFLTcXfU)FB9{Bo_d z@dg84(`7C9`F-VjVy_nQ)3$fbR90C@!O{#v@4F=cld0W31b++|uVkXG4Oe~2>0iw1n z0f@+%C{_U@gQoY1W<-SlYT?XkKdYFI<{U7y6&|qznw6Pe?AYW%Fs}NgGJ%2IVg{N` z?_S%)7dWoJ*&ZDs7tGSl&guvR2g7CrMF-u~PX}Ji#I=~WU?2&$;-yE<(hUZUsYtDS zxxrxIE+NkltVLB2yp*IEBkE{$nvSJXN@VicRm})U(yWVJ`3X8k9_O|eF;Qti@MwrY zZ%&F@5GpY8!4H2mkv2rO|Tni&3DZWIEO`8i+$2+3TSp{Y(G)n zd~fI845I7JJfG-@>e3n@*`wj&lp}t}FAm5lXf@ie)W76X=bj+-TOGuWRZ=iAl=2oQ zu>)F1fv|xynbB`}yWy&Ueo5Bz`;qlzh)l@x<(&VFH{2wfOY(g!?Y)wlkyR3s}rrFw0}P<`7>Xprze@X)MGn zqzr4pLyW{p9Xg&jx%VU5nYe^2&we~dB5e}#Fzsvz*sD$wTF$1CIEBOIN??;HmGA<$ z^&lBf2Vc9(7GFdi(pLMH^m_Ic3#;fC{neUvfq~(fn5I*L)ctseT$4o#!o$ndbM!%fJj-nWqw>HT#B^Q$&+(bIQ+5 z+*K&&nlMqz=POYVPPNKj&16^{2u^cg?j8hu(v}n`g~&yBpo>}C;91RDy+8_N4;OdM z#7(1UP!BiuPL8q$K^pnmtI1_321f4(#CFbL&p?RF^|qdks6oC%kflq2d>q_v@vyf4 zRN|FkKv@n}HuVJLnr>{4ghOZ2uW~D;{R|`P`Qgy4v>aAV+PV!Od7vtG{)J0k+SD=4 zfdp06c_0dBCqD5~J;=sUO_)Ciw~mRAHzM{USpp4Rnodvecl5fddNm31;aA{zn&H>r z6e9fPc1JF57Ww*OD>bP_MdOWIU4o+$3qWF}sF$!>3YQ{nAmJ*dXn)^|;d^_7nyvCr z(eYHq)=|mE%R$;z31wh&tMT5zdcyS$P-#Le5oZz$^fYXOGi<4>&Mq;xQas>f^KcWv ziltZNBuy#IRty2%km+nksBQC!7PsL5x|BkMw1k{+Ezml+7z++sF7C$q@-cFHwam<} z=@DfOfsh-pjs)64>WTf~LWs=Tdqx)QpkWL!BL9W^oQDawG#od#R6%yp3^gp;H9V`^$I%OhZ2F*2FrxfC?ht2U1-qzhHuZX3Ba=>B44S{W6d z-M*54x~0nzo0EIQk1|l-O~RXXzB*xD>%+rM$H0;2zp<2GndHscSLxNdzA$9{<>|I= zbCF}x=j_F7uJ=3j2HEGkejMIbzuLQ|ugfOYq-kH@!IU|=spB%^#x2UIg*o>{%ZH?v7470&v$YZXJ zIk3tME3OG=zOpTZg2`K*IG~7!FvE}OYj6XVn4LK#6E}5>Pnt8R_h2(>$TQk-JqQ~! zEn6mCk5+Xs-Zd}9$6!9Vzxl4%TODw)7;4dk2$G3#N+oC_1{$H5!!%}tX6%dkxS!P5 zc#Y@j&gaa`LZ&iTpV;^o^VPiYo*px!j5odDY0K#X{-7Q(T*Dw~Jjr^K1F3gS_+vqL zoG3R$#8xdpa5656%|S1FzEe>kI|L$Du*M-=DH9#4>);C*`FF; zT;}1OK4umInaUn|A?Ag&7=TpqW-!awe}L@67RZRagxjjg<>hyiYlMi>@$NmknzL)6 z)>XM?RsFta0uyId)U@C{@TE5H`wh5u{h`IkQAshS-U-Mc)OhR~g5deip+I?Pxsjx0 zdjQTUW->Icgm7q9yvxdfmw+%Ev*|NLYq^-@`2eXgyTgldwf(0*qX8vW&eDRLhV0&; z?#@gYav@7acn3#$cpG?O<|_Q-D>efvxCTjU2^A##x-qFxf(Kp()tU$}sLt(P9gE@2 zWW&_KE8*Q&SH6R%e|7|Fz>_fc&Tp$RQ~h{`(L|nJ^W{YTuE%>cEq3Mri6}6S9uAK) z%z#&J8l^r5z5xrd_gS64A$Q1xld_sKcGj5UqxL$hg$7~&Dd5G+C~al2swkJ*%u0v! zRPF!)-@cZhF(A#ClW@gw{H;mXX?qHpDCthjcXd60St+AH5_nZJ?nTQsb<=_`KYZp+)fmE743r zLpWrQV=*5#u(t*X#3rS^JW8-BO3Pp++}6-&ZP7<^+^P!0xfn&4dR>!izQdOxCm+lm zAZFE@rP!=U6d_3~Xx4Y04(zJXmtdW7SM#m<>aiwc^ht8_ld1MFy0WTYi&t+J#H+{**eliK8mKsddB-LjwT6GM6 zMocpT7yF{&O*GG_h-6qr9vSgCy>OO?Jb&K7%4e)(1%@ECZC~n&A$!{NPcFxFC3QI{ zH5yzx9SdumD;l1jgvE6$fBY`kzQKDF&Y&63==lvZd+WO6q{bn|c@f+EeU`lW$N022 zYwc5F8Ehe7VPt^2dw5w+{yPZtDmFCI)$owR?SK|~#b*49S)<=7Q zpItV-f~7ExV9hgh6m?IIM+bSvBA;{5@yqA%%QX(oF4BJ zNOr1|S@{=RKgQ^XfnzmKjvExwJNaWlJ0B+5mTpqegmExC4?g~qv>xweHiBs(OF+*Z zK3YqB3~P4PYAC6>*3K?G`DvxCMQu?ZnLaxbjal^loMk*#Lf$mAf=CQS5maD1f%+2s zJ{oRfEl$koo1Q`|{pw2^?pbcMR?Yh2&Hk-#_uueH0S%ngm?_zL;RD(t-$Q68tK zF+!DknYpJcwSo(WN?^;(!|SeTrqc_`(KyX~Ntarkcfe3XTQlT|KuD)y)aXTHpk!K4 zzRxIKW(_|TE_or=x#1{RgT%&EVz4w`Jfl+1f-3$XoClcAB66CwY0@m&lCTG}C%rUK z&CO;^&!6P!d1mhe?PhPXeYO>82d=8NU0Ab?TARa{G&RGDm1Xwy>`ooFp>a1kMa4DiuNCHU!0%<1=SVrK~4})5# zdBa090;$ky(4KI$WC3nEdH0Gn{*Q#oodRB$`-%~W3E|oKjcYU+GWx3TdbQfs{Y4W` zn(2Dy_c@yyl&odZad?@mmux`Z=ce_(iVDrv+85%>b+53xxJ>lqc^?o#Csk>91vNjw zpUV_kb@MZ-C_@cSRGosLvfNoy?B`G@N1X?OiJ)U-!&pqUz&vrx^IhNCM0J-jL0=VJ zyl61eXBbiI5@s3^bxr{71JJfw8|GfK`x`QxLsf&1rWfohDXz(H<{IiM$*ND-7}#I= zyL|DOHnwzl#$RQtQn6XHK3(y8Z|8GMt<9sy8qrJRUDKhg11}t;O$kNypEj1F#(cj) zcz;bpt>ZslvtD*);16vZ9d zsyz!QbDVhtj%Al3SWL?n1TvF__Z2szBWs))>j^axTK@4dD^dU%?xITfjxN<-$aC}? zV~cUmbO3vhFLXipbz+L1_=H^cOa21cl%nitMWJOusu z-q2i5py^}QHPw+AY>~%CK-Pq#eW*Oz*puh2>)yGm_j!GM>$bU9Bpua*6s@$sAXz`= zN@xF?MZovW;M%8qZrJ(o)WSvcjz!DN=Hs#+c1KKSLY`0#ePGY^B;@^<#`$XfQnyIVwiY_ zWcLlJ#y37T$>z(tM_aHBL$_ZrQ;rNpiGAVFuEEZ)y}G(C)@&Z##={MllY{HT31`$l zoTo~`$%jGuvV8OTXm2pxA_Dy2HGlc|^TX&TI@om}7|ff|R)4EY?L8KNTXteQjvy~Z zW`yFr9pm{X`?yBnG+gjgK#5wJs*+vlo;lc|&RnPSynNFy|D*i_OSY@|6FO8GS>SO- z9uG_Qp^9&%0*|7ae!IfyX0HLD`;ZQgQszgXqcCMTQlyfXNU03iDhoMyX_bJxQi!-U zBr!1%4b&WqUEmSW7^$chBSfr3DUxO!1gA0kP1!&KK`Xd+b?i~f%Hr#mV^CO`qmf?G z@@pZx&l~Pby3g~Btb|tGFN6H3@8xT)02ADf1|Ru#%0I``R`ZP=?M`F? zXwjR3EEZ(cQt83DV7%Tm>$W(Z2GI@q^SmGYsiJM-Q*ZCzdeE3qf3P^;Z7$q@IWfUl zBi0uvR0k!ioT~lOYu404Ps4CbXv&+8rtZRIry)r9B|7${N}eeZE}=?c)<17!%JT!!+G{L;c$dRGt4P>BGqULK2qV_ATYYv+52!#FvdPQTosv(qI_T3CQ%#tbTS$UviM3cC84| zJa^usw{{t8D5_#PB%OK5mKQ;Mj~DQ>w9(!- z{i%ufxI+lw&*}kUgMZOwyio7sFjz4dThsd3_?tJRt}T-)w;=l_AV_Po$l> z1h8Z?U0mAd-mH4}uvHN6=TMcS(A1pS*tBgI;Bz_E@D8I2fD-iu$WUU9?$p-WG9F%ta7M%T= zod%lLte}d6u<*4jn~uWHM~s|C8s5R-lqmRSvi?JWA#cAXJ9#mFU1_}pD;9Z;M1WBU zX8IZ>C=gxGtTx7^)p~+v7pXejW%+W$=eSGcB-V!Svw3Qx6^64SEbfiny+CsW^f+IW z3l6$dJfAE8wN{(vrM+iClP8%|Vq6t=S}F0^5KvWn(Jr~v+Avs81g`D{;1cKF0Qo!1 zjSs9fpNmxOLY5xN6|#(!>d=bzgANQecMRi@C5+IitMzy$j~OhHDPn-C?Vn)W2bZ+w z#fyVv!00?inovG-D}RFQ6*gf`)h}g<5kdPc{U-K`#jdWTO0T4w?e3de08hpBP|iF! z2!>~$#a13c&w5=$nFaG5V-(=ttS_@DZtiEmc_Vy-O4X(XBUv4K5}E;3VL*L$wz|7Z zXQHNzl5h;&`ubvvayJG@)t{*bvYz}yfxez2_4Ld2o)@{zq&F9W_9#rqj&KsJACRfw zBum(YCFnK))7$?rk~AikVK2Y8@D5*l*C44g3noz-3s8Y+pmb;B6QuK~LTI`LisXdv zl`=$m3^|4#P5m3F1nG-Iaz@yI19OgAbyJCHF$#iAj> zV)}#iQr85d%xjj3J$Ef)Bz>-L45H4YzTZAWN&Q&uA`HK1EdFjzOA>v-(^;HU@_IT1 zbthQ@le;F<6T&We+;E{Gw)4@|O8)B?oa;_ZLo4lXiH3>(bs2s0*^AEHq`>=&JwlAW z{%=6BiV3yn&)psY*m{c_0IXAi^s&eKo9tB{#*hga*y4-$BvAmvryDS=O{d1IP!Y@g zxhX34nnPK2q-b&6g4Te>BAwJOB@8l~3)C#Rc4?G=-u~74=QSNZ83%RTK2e@n_?`0e z05VF$np0j*P5YCw#Lmjo3KV;1ld zs>`09#my2g94Q+o1M_zd^8)=$3cILci#vqPr_mPTeAi|bjC#7Ydk4pl~&pEgNQi+3l)99aUA5iIEPS63e_Hhd=*B{9gY(3h;T2m@7kkuJ?ZB6ilf7_M26g($I?SU>QXgT9nyN&KJns~vEEkfed1J-U*f*JaO z!Oj9f2+$hVPAQl{9kqO;mc4`Zk)uynOwemN*#f~SR!q<;=m5b@?TN!3*%3x?#?n`C zfYOfogYWb0-AmW74I~a%!#tDAg0VVrYXHP{+W@a-R0V5NG`iJV-d(=hh`XYSEQuxP z7b4c0RQ)g5gJg~z^CwZDUs+!q?sR*T-*5aB=dV=ZNmHavT4|q{9l)GqD|Z-0NA*@u ze;n+3BH{Q_Bs+bVPMpAp0E+*x*7S_Ir!s2%fJxzMPPK@#c8#}-PhAOHkLGq>Vpy}{ z9@yx^m{ioF_iFEQAEoYcdG6}^mni!e?cy$G;!cH3)_%&@o$f;*-z~MBx_q2+>cv;B zI3aqa81nVg9I->4-JEGczHXaUs^vM)7Zc%n3`jZesv8U&%a?956fl#d@lRBR=A$w_ znTh6EUi(1O@%dF-!;O+o0Xpd*!NuoqBMc0)#2pweYr1?+-;fT(aHqa;xe?|1@ew31 zeYK^#v0}NYdwVcR%;bxO@%*DICA$s*f%kfqg*e*D_#CnmogIyAR~AR zv^iAFOS5UD%!aboDyF2_q&TZpy8p=ex6iNIO`Pb)fG9b!-?I57R|N2H;9l|fZ6cIK z`jRRHaD=1C{DW?C z6}%ZwRg}D8fb@a`;9lDW)F=iK#BQT5UBlPp612K5$Dv-`PpOwOXg{lc-mYINu!#GV zd`Oyq1H>tN{H^f{6aq&`6E*H2;tW0g7}T^}^75t#k)>714#rhYC(375J}HuV=EL)w z&CNH6WaT%RB@>_TxTAq? zrhx%`iVb;@ZZLyrrk`V=*VLkg z4;S?`YFaKw7oi*~lc{Y}xH1%kZPl9iGn(Y;tJ5-idiB!hkTVzF7n>us?(*?gBwjGn*dB7j2|wsHm){tK@#0kUo6OS)nz_@a z$Kahz_4Rmp&EmvpbOE37^wTkSjoraBj%rN&1{?jOl?N4{Hst4zFQSH4OJ;7>iG@U& z>0&_ABVsLK(WF&4W1zk&!N*ji(AJ>h(&T~eDKkoK!1gXs(DHtCt)YD4ynY2}#HY>> zl5$DAh$?zL#nzJFaH|6#_@zBaU(jd4g(fHM&FlMBauXi_vQ%JANPD#g7Brt6b7fk^ z5rS2Dmc2%8t0~g0o>@C7EkOsBkYK?8WsVo5J8SF7oGXg5D;(|hS_0s=cr0jm)h%ry z*8n=9A$e*P#jZt}wNpiDgO}=|UAy_PeQViIEGou0cr%YSbe1-XJ7w5_i+ zd~db^$^-2f8ZR1X5X>Fp%s4sh8I;^P<}U^m%x`Uq)caFidE0xnET`yFubvILL1!m+ zftq7F_LLI$IZEV$Hq)D`jy$*Cj~&ys*$T{>+v#%9rGm{%^)7YywHA9__I;1l)w45T z<>b3Ee!rXX&wdLBm*s{7j)t=gmL7%c8Z+omK#`S`_mvU4-gs-}QqSgwl^TDjU_|p- z!t6^f_t%Z1^})f%Z$8lQ*<sncpYUhu6EjVG^Sn7+)EMtC`O)nGiuCykEb)=Pkrd~Jy)g?`~jUq%_y~akn;%O_WIl zg62|g2nlC@?He$rzw_jQ?i=Say8S0^C*IT2@UbnHyOboj$=V2-PlR%PfJw|3sh5J5 zKCBVQ1Zu@oz3bUcOMqg^ox`uUTYPx18{zpF!4XmuPAR(>9w3( z3>y6i636h>AdgvB1zx@!1ojt zY&yQl>-Hy!i%~nDn6Mvwe7fDdX;p`TM6HvEQsrRQH(#FzlA6W6$U&Dch73jDtGxSK zc6kr<$mBad{jD5uN+>|<9+XME9Ei*Zr&B$o*j1)hst~j7!&(LD#b?V@#|NZA&424N zlD}gUNF0MC0SO2mr|8@gizJ45Q0wB5Rg=QD^_bNY-wU{?o^n7t08i#ZW=&XrpVV5t zGv~nxSwt;5tKn7aW4%YMCYxTUW5jusHyxP;t-@{?Z;rBdfxeo)24~6yFx^o!0ma5t z&$=F`?boTZsy(Y~0%}?nshu&Y{XIMPiw@l6UD4+!=yM!Zgv9$THccOjU%OV`bn)A8 z{${Fw!&s?(nTZcOzV$T-@Cj()ugvnlDg&1QC2l_K&Y({n7q_}Kccs0^Dz!fVx6eyj8I#cZ62u%s&@jTXE<4cV&zGNiF#nmi*%#*@0+iZ%0() z_&-h6e+`zbE1+*o@|XPZO#;FIm2hsV#oXmP7X1C&zAXo&5?5CJ@8NFWeI<|;0buL$ zgrL}WfY|Tf_Ok(?h?ECsfB%2~TBiDS2;L?FGKR#);w#91jmdwlq_4ATMJ28b)NB3t zLv?`KcXp_^(vNqE7Xko=9oCHJhaYOn3QS;FjpUhsUPu2q#?fGOMLhE({^>pc^Y`>_ zMPLFIj5%I>Cs+QRp`{L28yMY~%HHoaVE_JY#r41hCJKZ%eXXS0dLjcR!RWRb+I^=2 z@gE-Q@8(h4&vo8qxDdAUb+yxU|N1s4_qT}+a94S|S!urxQXUMobl=P0m=x2~)8w#t zd@X;REve->6UId&4VzfjAYYxX;2Zr@FgmM=77w&J0e@=|S7Ez|5&W+3N)IF;z_wkZ z?d9*oqocn=8b6AkE+rroQ_&)YURiwcEto%MMyGUV!iMptq4sxYq&DN=&23Jaze+Iv zzKm`%_qrC2Od}l8r>nh*`Ar9{HCg^FYU{Zfum*%p2SvzXY%t{4vd#Zke|Z@@G-wPo zJKMkZCHk`aqf7{Sa|MO8U;2$G@O{hwW;lkjJ8OIX7wu5?Q^3>&qdr{w*X#Z<9N>fO zELaWM`qN*fT>o*4{BvE2%YzkX&j0Yq5B&D`#|Y>Ft6IOba|`v5KW{U$S?mSXIezG(I zyY*;IKF{>c*0&ty&lO+_XSIC(hZ7RCOqzS8XnOLy&-}gFdFu|Q@TY-nITybf!A}GE zX&_r~**{N^pC`yapP7Gb!aq-tYu`D$zi(bYU96uj*4A#5>`xc#|Hl|4Ab|bip{>K5 z*|J*C9M~_hFwC4=UDiYErp0FQoRP6ZQ${AA?yhv!uraDSzLMmREkaKYdd@XUVG;fx zg}&(V<%wev#m9=G7|+u5?tMDAm1q5SkhW`*Ple(#^3tt4ac@7Ad+d-7&yJJF*$9e~ zCxv`h)lkX1%^#Ia6qd`NKG=LN)-ll>inkRsZ{ch^Sj(qA{m)45*Q2BV)bULuhjwBP z8!Z!Uh;N!<8>x?9cPwWw?RDvvgcz#0@G8_PDIB$pe%6I zXa+Y)o^w?aY*Z{3g;>Ch7d!Xo!=snkDMX(Y5JzfIcSp7ca{1I0R%;+Ur+k(5k=}>J| znmlNU{P&=gzr9oS9$sCe^x4G4->zA~Y*nRw443S{I9C_u5z-gfHG9J(o5@L_7Qu4N3;w5PWthWtN#5%{}~YRis*go^}6-5 z1+0Ri(x0#KhcossAAZipzYNab{_FqEqN=T3-EV*U2fP6s?L}5zWqhwk-8<{vqnyXT@Ih0a zr?l%n_g^3=bP*h0zm6OyfbvJu*}PGQS-4>6_sAaqu~%DhJ1r&d?UI09JUu96sTM_I z+FP;oIR*1>z9b`<8t~I65 z(eW7B7Q&zLh(ttl{Mu+JB+PZBCv8kBpq*(A%Y<@cBip{2&`JzUGUlkh+VA{jxWRA; z5VD^Ga$L?YZ|b&;8vtC&0iBt4>rC#NiKK*_hM}uSy+xErwj@5+<5n{Rr>Ey22dkh% zqcgP_)z}!7avyo4gI<2_F|0f2-5%Ad9ge*(qRL>S+*IlZXE+z^X)5P zODUZb=eL($?E8#9b81&|m$5Wg^*F0%H#=tkHd>yu$7#x39Kufi{G3tF-XsuPqeXUo&#Jbni(=oB^O1 zNRXO@enGgWI$!NdVO!3&>3bvB(m7bjnye6S5M9#h+DA2#xjaDI`HiNqzLv0DTXlMU zXzo$dm@k7pd7sXtt6FOO6n`A|8Tgf#MUbVo_4O2_iI5k7}IzJ8q};a@uA zNvPKkRjS*S70)t3EU7HPKiy^>=!bBW0>u%pqL|`DV9pf+Xu69m0<+ksLOG`83u|rZ z)$o?>=DMS5>oxrP%jqO2cWD%2dyl@ryqJeobXCWKkYz`wn|{q%PQ9|Cf%(^fDl>(O z=gxG`Q2Cc;iC^a+>j`bCbjkTxZ&X%AI*?TsF$99drcMkyp+t*Ao%0u2Q>bg%S?S{v z`O^Fox4AgO?RS|9BuI}Gx?YRQMBW)khR)~liCmADvdVOudY~3s8AQl!()@JttwxFN z+4+b&{5p{;8-t{2#QJ9bVduV~nz~*y2jBs5iwZ-fiIKX~irUJmgo%v6(D?}ca1~<- zzu6+xnL0Ml?rJz6jO@Z7tbXpp6FU2n%Ny-2XHy16=e!*#O~bAKJAKZw*r+AWNpb!4e_}Fi7o*$-fL_` z8I8~@avo9+c5(d&sJ|*dZt(uKdFjVo1AFAohwDiacjk4ZNU|CSYHH;bkyo| z`&pjDkrIqCI-K;{z>|6*W5Oly$z++t55|S7 z5ml}Dhh3A%`C}1Lv#|#1&v-rL@60@a91KZ@vY|8?rJt!ZYu2;y88f|>yrjJ;VTuXu zJhAQ?VgD<~_|ayb7vQSUQ(%{#Ff<&@EJwTQ(Nlcb6qh*y}fXjSzexnm)U*r8Pp1aq~; z$`5UoAPI0+G?^LLpc(!s$P+m=r*blbCamqm8>}8Li3n%RO50P0diAbH-caS67QpnP z=bXX*xmM!>UiQTou%sA_q%YQ6?D}$4)fZfcMEI=3Co>|ScTVbNSLF1dz<^L_>*aT| zmXZ-+ZOSdn?uPbw2?C!_7fhoK96Zg*R8DvymVAc0<}|b29>!B8suGvIt%<)i@Hu!t_2I zLyj6p3?6ae7GGlw5ZSxAkn(zZ(AQCqbt?3;q2zDp!%Du~bb~?DVvxbkab&9PJD45 zeUD0e3%vsBoWKY%L0KWmmP4QErIg>STDr&p8^-z#GHS741h^?{r1d7gi(OA(ue4%Y zwuxCm;G%Ud2L$`i8c9mWx)R5x-#=6gCXlb1Xzp2tq#8$DbmrgEfiuZITxRJ2O|HzA zU*Vvc+i!ON{cNf=Zt#@Ua*b4Qqp{2Rv=Tk!6mZ)l2y@3eXYB{Ji?ThFUI)(8BeBgx zCqA+|3SVF^RUlnb$8^&jGjFA|UrwW6h?sv>r8Et8%&KEr{muiQ-DaL0>groJajt{&^m_c{1>Y?WZD9Hb_;8+G}qw$ngC0Cyvs31I;_S?j=DQk zJFi1mm_-P!m#Z39Ghtr@a-r84Sb9q8&U6dx^)tFkXH9p$`=`@9v#eV4P#qbJa+y;9YFnSkxv+DyP0f-+rco2d8v5;7%kYd#F^LTC>2 z5E_>Ra9NBr9OC(8gFs~+Ci;*Y32LwNO6K3xRTL{eHugYQ6?y5NmOG!f>Wr7-p}p(8 z>0ut&!!RZspm`=QL2H6rBKgqPB^|TRYZ=%Wl*6Se%yzd=t7hpGEUk<4wvT*R!o7-h zfV!Dh_^u`_-!x)yb6{wbdzI#_i_mIcQ7s=eHb=R?u#7sySBl}i8P%gR;e^_J9aFs9 zJAD+ZXa0C0iHAc8aAB2W4>7Z7KZy33b(9Gpvy=%5W! zlm7ZSpVtWrEJ@X(uoCfMvVNG7xy#M-k=x?mT&+We8ma{>CsbmRP9wgcKLa*03{F{E zWlK?zF7R|rRYvWhS+z;J>I*X8s4*LjEzNOQEP(!tLH8q?VL8vXUpZ^s^rCxiGS98o zGJa|yiTQ)MlbMcWm{c@lz?{2>q_lvhGuzek? zeO5X?6CUPWzN>vgbnCk`Rhc3r&}DVKZj<;$3aGFxSZ zxZ|r`yHXh;=rIha22XJ72@MB~uf=E_%Cc~V7~}GGfe#$Ce0pRhca&BgU2>Glk=OO-RcDH|-t#h^7OxiaKe3 zF@+%Lfx7LbTGy{&QoMUpSiqKqY_v>@AAgIM87fpbrgvx#Wj(fW!Ox17P&?qeCa)1kiL{btn?MM9Vx(i^r^hfrs7c(!e50+|0Ph#L%J$D zM;`ob=Yc!=`!pqWOr-E5WLihy>W+G#!Tbj@X!kCLiPUu;frsO&y~QUMm;>UcHVaXl z#(+v$wQOxqvw-ajj@d=S*`#<_CL-!2a9NlQ9=$AK*M>_jIK(ihD&Qn@=4M{YD(qJJ z#7r8>pKa(CYio|U#KyA`A%SaoS7E$4hIeb_h)`PATbZV5Y_kWviV^6|fV-dG?a`G%yr#&D&mHm`yWE*Y1mBDawkj~g#U=JZCe z1rP?w`N-GZHTcobPgYFdqX0gMqLd7ZX6%}7W{1U+HP#E}5vcIC?pCa^+G*YlR*slX8_Wdl%3t>^G`D&JtgSzySEByhCvG}H{2WMmYuk#_wN_C zWcGxO2nTrVZuR!@-WYhVpK=*-S|@5kXfWPo3fsQUQxj8+i94S{CPJ4^@nANeOo_!xr^0l z+_|wQ&Ya=Liu`>N&Xln=hJNba$C&dPktlY~%UoLPR9?o;IP|@~OrMhWt;_$ip3$aO z-Hx$&dq%p}-n)F@etV4+REBQC0cvL&9Ti0gv4G0>H*KGez@TFzdtOfVJC2P^-{n*2 zfnt@HT;Rp?fuik7OtRc4)um22y4*r;=X)35$~ZLXgK}41bkH66s|%vg>F}jLc3ur?a}G1VDVI$CcC1c6N8|Yu#Oqu6B3vA@H-Mvb&TC>pfUyXgN{N zS#4(~UY4?9G*?M}#vCxL(=2fXX2B+P+r&qkBh~JdYcG~45c|r*F73H4)^T++(?BY3 z)pPvIsnT?hm`E5b$1llS)=S>VVU4xi$EvU7Q~U%RKnbBuCu$4iOz`)R4)OjmGLGxL zo=ZJ-PbMzK?OqP74briNh1}V<<^Fb8_E5lY9*HACxs%{vsMaTNPXyNe!d=19Q0Ob6tE%^F`3bAsNqK zk6pBr?axb@F%pY#G$vfH@Kzz+szgdJ-`>E?i}F?`T{IHog3i3fTkCOHB9$Md=C4c7 zD8@XyTCY7IBg0-kUw9eiEc|Z7cu=gg@trhu;{G(VH~*=?edji+r3LEQHLp81nNIBA zl^ehMsl}DC9SpeC+Q;Y1FC=2L5Azbe&V1$%U`BuRh<#u713)^jQ@@O=QYw3iyJ2!w zoJm4ZuXir`gj`x$ery>sW%~1@ApP*kJ!Y)RF~$!lMo**0Lo>`X3!s~F`s1=gWfkiD zxf&G@C}vGxIN@fux@_(!jOTSy&%gaoI;|1KI=5D;(p|fZIdd5))efDn+%|Z$<}Gc)+=kmYQYgTG~*L!CKE~6A1r9$qyZ&5n4)D$IsQ+wxm4?BRoh@aDD z2w6ba6IzumC(qj%_pcA~F8L0z^Kfqpv*E~9Z*X|{>u9q+Y(YJQA@)4?{0p9AJ&!0H zz&n!x{@Y>AeZsVvSAk}?dz!?S)g3x?J5P4520%qsMInW@K20pA)OUh0 z$l=~{QcjWlo2x2F`35*oN3UPl-QQPR;|rKu{Gu9HmN#ds4igeEkt6)X!DmrpHU2#x z7VS$BOcjF{VL40KSFv$A1yzc0db&85l@Pbua7W__W`#0p2PeizR8g;I60x0Ws`Djnl{=gLb#z}=7h?c%-rs#e8LsGAz8nZQe6xH0b)cc=X zAd-BSE~JJ_7Yo_Hu6ul_aUa&zM1Y%qC@M-eHZn?>BPQzn;GN~+BDJ<#DY1*X+DOTM zC`Bj?ULlQ%b{WcE^mI-2V^oDm356nmV3 zNzV3n$kO4(sjpbi-u}{!LjekvVx*X{$E7C zGdq9%*`G*wKszXVo!hj%{b=hQIC>ek1@ z*C+cd2Z~ttKH2}{54A+4E>MoWKJo3Yf4<{Cd^2?t_*f4=g1o{HzRBlx;Gf3ALR+71 zdF^il;zlidy<)cgA0FY`&;FdQDL*iQ?Qr=!TPEB8c<2gh`R>N;>uk_iD5-obRlvWw4O^9tDTW8q4EMuAp;xwg@T)sce)@tv-*xPYY4i?pm0D7t zbJWKN^anoCM$)Vb|M&v8eG58^9P{c>`n}!oKU>?M<48}l!SEx$`|URY!Z(5Aw7<$K z<;M#;cF;iS{=D55x2ipM4rCp7840OxS>^J_%+ubj+5X2rw)$YQpW5JMyFfJ8UvuEY zlv2-lRSzT2xL(+l{G9wL%)SFpb{x9?bjST8%xP6Tp_U$ZfO1-~M?~h_B0LXgzz^^3 zOV_Jx&dp-CzN3)Yas8Cq;d&auZND7cefPLa`!ze7(1E)M@4Kk7*t=Ny#BL}KqY*$D zI{OCm2I0NI3}2D>*9WDi@%bOdj0U_CZ+nK5W4!m%*oJJ z*81nFK2HOVV!GjkqZfYoZw}Bb{|~En8(37AXjt2xZn@EYdw{z%Z$1BBm-KH-c%Ljd zgSVAgJ^Ej)qWXVWv^1at4@0fo#UH2@`RZvLr+Mvtrs0o1@mHhx_xIl> zi~C`x=D?A=;Hcj2)Uoe>*_VErz`w0IkTLmb0{?oN{4{}oT|dWVf1U#Wx_)Hu{;#J% z!29h^t=|rTmpgWK%MV!blWf)@%Xmu9;vnl5Zs2j*w{*1YlqSMb3ayEZ@$tIfYn43@ zdgb_U#HvVajZQD$G&#O0J+fs?nRY24V1Y8elZFRd zeDMVJVbjh8P@o&O_<>Kl-9i?wTNZo}43AUbYnzmDqVFM^IULVzzu(-PVSZW}!(|!z zZA0~+thXA3&zb=catlSk|9H`5(OYcv+lA$S`;*U6v_uAWJ`Pdejh8ikb5c^XG8{gl z{{CjrEIaYT&WY=B8!rE>WAXJcOXCi>T#Pp$Eq_9h86Gsll8c#Wcz<2{J+8H&-7ZL@ zBjRVgrJE4IeIReA6EklC*N;Z4vJ;?aMr$ZKn(3R1vDN9R5debjpSRe`b=g7xbD*{| zsjp-BbD(|>)W13PKli8~jF^57)X#zXSN!JZPWyAG{khZrcXajBE`Hj@PrLX>yKr$- z!Os-iI4(tdsY3ufmo}|gx>|zk{7@46GX@~mP?e$e?Tw+wzQ$Zjbk`5z9#l@)O|oEt1)X$ua*lQen-N7On4k%(JUr5#QZ(G2gp! zsJF`1cr!B>e!%sPQnjrNVeB5>T%o?~a8j&*3ni*;#WWxenh_D*YH&z4&H9O(Hpl?o1fl zA+!(vwTC4mWi-@EXg^*<&gvicrat!8jy^F&O)rBPnak30afu z83{9HVG=_%7}>@)Gqxei7-I~>4DSC zeO;dt7EQp#YWaM9Y)4)uq+!OIC-A&4DCXKVPm(TS;XAYNW0yinabI?9gA6&>x2N|; z!+Rm2JEc`gO#I3P94_*%){taAB2CS{iW)Sj>pSvrjtm>&U{WJ74( z8v%E$Bo(W)LwqC01Ko3sLJA6x1ckp*L7=;DMO!b}%bl&)XW?2vg&ZDyq2Y}; zM}HqcdPC&(qfgpZ3Y1;Kr*0p98#!Wc^BilNA9X-DRX)ikWjfJjqAl5c_6AE>m37Fd+&KMIrku4guD-8MVWU29&78l|kT(8- zKqL&@w#GNu`ip_+jUfw$hg7VzrBKuAX>eLvQCJ;R?K+|PC?xkGe!WR|;zN-|_3h^L zfuPZ=2NJ>WT&*G};!B390oHib{D@qIZuEQvtzJfK)#BL*@`d3#&@as`~m2}Q*j$?iNf$9+$D?e9JjII*S|RIGK|ssY^*bobQSY2i6z z3)`LS^rj4(`XHZh=G2vZ$9CNWkzu5hB%F@1tOhkqTh2IFUS`gITpuGCf};&Wj9RjNW1+aloLzdZcHl0KbMyfr`Nk7=(;7Sxnj}Zc zO-t)xFY&U6Rc2s58&gpA4L+A+?{;e_8nc|^k#^PrH*C0~_^{)yI{S215A8h)58SNw z?l-t2yPCzw$b+KsjEq&##;FxWgX{bbjV!|o#$EijwwA82q!R zsVteJ7rGq!hC5j^5W{u2Hue@rVylimZ+2Z9#9I|$CrUb7?pGJO_x^!VK5H8dg+=23 z_#LAEG9494c^hQrGlIeXoTClBE}BjeTh}gTuVLhu=Su0LPR1ZNZkJsN{LZ3M49|D+ z@hvgq&Mcjx((zEec==T&tFgDeH20)w>9)>1{C@q~FmA;&Rh*7qN5mBii2lzGUPk^M zq%}r_Qd?ea3Y3}{vXZQ-rOXNYWj8xo&{X0-zWl=Q!LJsig$2(tH~QNGR2yV=Vj@V+ zy`!~~5E`K8=O9b^a%Pp(ICAa&=;r)zRq;9MVmF;2yRmE^bK*_0m2CcpvZSYLXyu#` z9b1`p)1>K+#0O7;)Zw3+KI1fkJT@l9;OCerk`=FX;t#8&%H_T(X?syKJ@N68O*NDh zd+6Dw)Kq(>*>SiU3LhBMXM|EBo^V=7x7%B6hQ3H!DzZpCXJ;WiL(IByQ!_yz z)sZbjiyV8Q?DL!iX$;V&te&4AiqUJlBFR-W@9Q5zLK-&CR|n1FH@=|2yAeY!WH27i zX_0@=Bhwktn17?cVEvM^wCUl1U|GNVP7+16{>qlmF}@@{fcCgy4AX_8YDYtgOvJT&^|wt}A{?>DT&w-07YM~j*THvt%#@uk7-Egncuhix<%$pj4AGnu?N(!!B`) z=_OB_@==s=e0@N~!Xql_&yr1|P`S}%M(Q42h zN0+9zh5kXS4%Bx#C?`tL@?G;qgPvitA#3bBX0(-nmf)deSQEu-%-!L zbFL$JlKY8kDf-J)Wsnk>e-0beKGrw_)clv0mfMF1M|(mp4J%BWCju)ihgQB-rf|7$ z2OQjc`wcn~BGyr~>?(iB_87LiQ``9zwHavskL&Aw4NdCNX`o9=6G=1%uk7@6cYnWl z?H&Q0w`4~IZgIFRW`Kl(gBj{#bVl{RyzlIPq)^y zm_1yWVfpW$xPQqh7n!PbCZevWJ7=2Mh4Fe%duAt^{~qVzfDgv6%)>H2JkbAukUA5k+7O}d_u{+CJyV^hK(>*j zv7Sd0trFm$@-KlUGIl1}Bb?NbE9x5>`0C}<=K|;-`7oYQl?7F7jd4SUP4`SMu3o-Q zZU506p_+6 z?K)%-bOEo6Lg6AZyzEV-0DK2HKB#&?zquN0|kuEN7ojK zt0ytY?r$8TR#$KPSi$n<11iUu!2)9_*yzwQzBRa2M+Ln376;+ZrO+G{dnB zLlMWbE+oV@pPu$@j4-+0#mtqs!YHMSK1NHj8(!Q@k+D&cDrj)}6!2xFUvf{#ype+w z$lr(D&#IeFCumZguHBGn2QxLIU4sw2g7Orla)T#8?y|GYL&w{_^S`^79Ww9B5%Zxn z;7eUI+n!YH_xelX@$aGK!cT{VLRE63LlG?gnj4RXi}Iz4)%ON?phjjN(2VU2?APDm zgEj`)D3py+cKHXo9fZ6VRm3BL(sK1|?+-3j7eaE)hsE>F!F$ux@UOYiEB*bIDbv1o z`Q9Pt4X$Q?xW5LWTGd0$8`!+3tw6^9_&*N*Ryy2ZOXr20Oh~1UxCQx$rani>|3o}env|j0mRavC^Om2L zl;P_ufVbERRt=z)cXhFHwI^mKKDMz3iU(+S1gZ?4jAoN~I#W`{xgFMe1=D(*~HT zLiey?nsmC6ti|<*GX-lk6Z7ajs*gE$u@-G3Lyp`VqPn&hDlQ*s96`8X`^N%1A@w&O zRX0EL5Qf*a$ZPO)X;F0|6;Ye?RAnK%;7DAOf)eW4%e+9^sM{VuyI-M1T!VvcBjD>Cx?k{D`Ryxv49}+=xVY&vDB;=-Yv! z@pOinb*{esjRJ3d{|rt25nHdSv%Fi$ay?glJTcL1WcS!Oe71#kK-HlR&TMk4=&@4~ z9!-0&j&bYdiHG1k7>y=oSnUecPo7OVG6W;fPO8{tF-0e^yf-Gata&qh+@QR`_<@+r zk8Rf4tuyaDpMwtDH_mnFgiO_Do{lm#>*Wn=T(xxG8=k%} z_Z1%4{4rA-8X$ied}mspF#tadjdwnngh49=nnfA@{o1O(N=aQ+*om@n>eHg_&?VxE z<}(aeTdg-|QY2m(-q=;&xH)3On9@4E`%&=~dFconA*cnW5y}f_%i9WkhTetTDjx{J zesG{BF286~I;jC+eZtgtogaMzr6ZA1;xcFT8hJ}_t$L)6u_IPBRUR}L@Tp#_aC~ex zTp4D_vn$^}@I?wuu7WVnJnrwl23mVM{R}L21_=d%PSatbTQgY)OXQB)|KUBnG(yTT zg2-!da%27|=O`Eizk2H(0kL*sub*;$_wws(Twi`$-PDvFMJLaYHp2xw4|FJL8b3o# zR$c}xGLsLMkZMPA)fS={Wo?Nxpa3l6LaBoN&a+{~)$}|*eWX(KL7R1+)rPjI*jHz4 zzdS&7fSt+Dl^{jN23~8-QMdB?!N(Wwg(Zz%Cl)k}1S{z|83bDA7oEHpHazBZ4DKR& zW$GMaJM(?+rP@x^Gj(V5koKyrE2-%yixd-z4>hGOthNsp+r^>@;_Zo5>Je|6)ve(5 za|sZEBY#4US^SbRJJ9GEBf6`2HlmDvj!KO)b06p`U^$A4_rI>RAr1pEU|VOD@I=>_ zgRCA1-uA{Z;*Q#bK-5`%u*5B3c3QZq;cB!6mO0UunrfdHrA*ztW6Ad=dX)o+!UxwIh}&D!}TpCdfod@;r_tkaEgi?JH{MdFV47vY|! zs!r+54qC|-`Rwvv@>21F3{cC{c=%Cab(No{ofsOZyn5s6Tfeb70Us zB6W~OEYb_DW0hu1yB+en;Ww^T!lFdc4Ja>X{#uBOT5G+3@L#u*zJ8g z+tOqd$S|igoC2$0*>}>FCg5j)e9)e=Ek6)~^yk-mAPs#1XJbAwxh?*MZi7d~rM!D) zZwZ5zXcp1Zo>y}JXrD`Zd^_5{<~&?f(wNiR0T{b}95v47@Z!Lu9>Th2j&6m>VGZ;A zqORLBLx@P@pS{C-Qw~YxLkDj<`SNIpQuMbkuK=WNfJfr+^s8|Gbhd`+W(JrlS}Stg z^2Ouw746qA`0KgO06~k^@SqtbhiEpJ!4y3w!X*pHF|C|X{-qM+*=Gz_lnVfoC!wU zS;?RYOd~O4M1Xo)NZ+(jpnr~Mdy-CV%#-s0Zl^5`5~I4womp4jl^J&rO=q}e7`;0I zz;nIGgF1>^$mYDv6Sa9LwHj65xSWrvy-m_^{?Xd_U439FoehS7^W;IQ7w)N%DI>;P z(BS=p&`OK8@Z{zak9OreuCCgfHs(;{@6E!kOI#rK?Z}T9f5Kg3QZ3z~UNUB|$gnBa zvAdL2!kD{CQery5?e=st<}@`lsZ85^=t=6ZGY@7@CKlk31@#+dsl|Sy@#7oqV2HS! z!RxPT_Gj8-K*BbUIip|1ZSHW^GBb7thj@jlF`(Ghwg=!HxbC{OhM1X|qH1pJV37&I z(?!5+tUU{DYe4p`ldPHudAo$zG?zSxOTs#4OjX3NsE^J6D|7k}!r4zH7SQNndvStI@R$K!5ohuB5+vg{ixzDnx1#{qNB8eJp3Rw>6 z;YKDO(s|Qdo~)2^WO$0<0e7fu^!;`6+#to#2D2IIn1%_2nh5Xc?B1XRb;PWr*IlE{ z3`8HKuQQ0G`2YiGe0IgjsdL_&_Ea6{uw)o^6c@C>wl*HR?(vSF6$J4~5-0myI{)di z>YKHIwK6fhX9DiHw1#skPTgNeBVN=HcSNCmHODaKh(=L}zOZ1yW0+c(jg$a;P7B>d z%$9PLVx!7F-}3$a#fGP4^0zPTxTF4Zr>l2b;@b1(pfKz}UakCXOvbq$O5Tf#E=yU^ zvTp{5$JR}03-r!0s_r<_gxIwkJD1h$t3NrI?YyX9U8$VqAW>ed(prK14HfzCY z-VtD@`Kr4C!YSjVh8WtN@L{6FO4=mnO!RzyK&f;1%7a>ZFye!rF7%6$?{cXIWkPvd zNy}q^Z~XMW_0C=E4eys#4~~x)sa4O`Xez@}oTynm0 z%^9c@T&?CX0WQsAeeP;X(zi5`fOGy*Y0qBF6GxC@egWV?y}bBx<^zFS1w))DpQ6X@ z;~Y(_4Am^U>PlT&1yWykv6H{CmX=i9nsQ#KuW~Xpu{K|sxoPB907c#2ggI$yLS)lG z^)K;zzvzA5wM7f@vy7t52d{lw0t)o4Gy_;Q!JGIez|`)J1u_t?XTyXi-an~Q7T#Iq zf|Uw7`k-W#_At}nZe)A5eq||8JBnE6KLt>_Wp*EUyqm73g(>(OnGdAQm~8)0S27Ut zVy7nmafQ;q&5n#(1I-z^B|smtt)=JC85*3~o`3EX>hGhPmG|iCt zlqQq!+XU;h%~CMMsUcjQ3dGw35sP;!cmRhlO^ac~yU0K)QaAo-pKqDRe}LM5`{mq^ zz;>2h2FErCr)?Rpi-=BL&(=ROjlX1t{%=7dS1e-jFKkp=C&bks-s~x^mF+$XWZ7c48KBqD2x~&R zGjF_L4eprBoJ}j+J(4%{7ixmxu^Da`m+v1+#mu*}zXf z)V*#0f>foM!hX#KO+&lgwU(TG{wt!%l$cW`j-Z9cbe<6EU_+{5SL#eC6fQOG= zge(}_&qdr~@y9Q>rRLAG4g&ej+4`r*#VFQHTOk^a9^UYwR%7d@0YVXZUtpelRxo)~ zD{`P~AZuqLIlL>RET2E<#hX|E)tZ+p?nI&cx& zn?~)bOqsMxW0(;Qm&WcweSjKRskLQRe>~s7ayJbzd>t~|KB(uv?gNC*`wQhvk#Z)~ zbUm0eE{MFj1ze|qoE=3wSD`+VZhk<1q;dLOj&XzrkV}&{N!a_Sy3nlkotaeI@A{_= zv2_#{utBY#|7hI;*%-|(a~vyk;0#I=rU^v*p7hV0vd`nMLw_4|zbIh%S_yk~pAGm5 zvn;=riPGsDR-j#q7i&Ay+jg|9d#o@?x^@p}Dq5BV&`M{Rk8sc76X@cP!^g<`l%$@i zB&T@hhyHXtMQQlUg#5Ogf^#pEfKJ502R?gjSdZQk9i{8szQJ3hP)xI%Ba|vB52J1h~yUuK8$Ci)a8Qh32=&v>3UIV(v$ zU7D2r{6ad}ozzswO2bF#T4__A@M5sw?KNG9#fp{+h1x4iFPm*)cuQ)7aAJXa&M?O- zbnSusas+$Bw#>`fGIEaKsVqE_m>!H|SShc3C?XP|%?bOkVKKr2g}jqgdOskW5%x3$ zEq@#rcKiIAr4`cJJ3L{L0UH3qlkcOSmUGo_{)}Ra8R)U8y50k=Xa`e;<@NrhB-Fa9Txz!*6{B5k4MIDmLX zOR_d{x$%8Y&d%hbbkv3D=?U$Nwk_JKS2H)Zm&w=_e!MFeXG6*Z%5zrFyY?V+{b$?J znYwVVD~Ak=!PX9S(Khm+zC%@Kv1b554zs_3E)A&EBU&`>xIG`kv zN_emr0gWi9uRfM|OJo39fAzKnIe zqdD+c8_&+xD%#rHL-bXbFyq+=;>@Lonh>-sENby`@|C70avr#!&NINit>wU|rl^|W zV@9V@K$OSpY!GIfRp=GNSW3KKxVu(dHi^*?GICbu& z4KVpucXPhNcItCitO4jlIH9FL-1R+L(53sn`}_$ibJs-}Zh%}O!)>6lG7Q^yK09g7 zY-F#J3uYuN2;YsyfXUQLwky$CH;?Q*<=e&Op`hpudiq3uWTU>ZAi!*r=WP?;B>#aJ zHJSK3I_*`^=^ddZ`ecgeQqYa(Fz#aZ@FCP*#2!dMP|K4q0Z>>+m1`t%Ln1uZ#hJ?QphUxA<{JzURufof(4Z6THmLh zY5){Ig1;gJZeUgwR2Y516)sw|vCa@rv`OlbYD${w@QS!eWUgbfcf1EYs5*IXUQr-I zLP#Ev&qXrI%!Xa0_Hj7sZFUHn#Fpg)5J(c9s~;3F$unmt0W`8aAi)`5Dd;XUjGpp} z%&qH2U*G?hk6H4}P-4zUh@F@^nUav22e=m{ZA(SsZGZ{`tbq?_IPy#IJP+9zU6rox zIL&|O=lppm-r4~acb~^gpZE|1D+W4k5m^oPc`0Ev#UT;x_AqEqwptHEKXf^DHKWt| zh2CZ=IYsW-1*mFEFmST0stiLXE5@C~*w2TaiEC;^F&5zy{mulI6WtG>af8V@ct6%u zwXdC!4<>Z3G1$oTOtE@6Tuyr_cz<;q5fk`z@qiS$t*5+cO+9Cw_nDCDI6G+tuZcJVy!T>AIWG8~gnf5Z?r7mynpHp}MJojGgzw<|ydXC3Obm z!L(wD1@FNXRNT)%LJ&Q3VOmnya86f=)*!fgw))mJtVO_y0CJ-Vfpz(yBdLHwaMtr% zS{@uPuP&4w0&?}2#us04euo&EN1O)GLMHA+32&nE1H|73V>FtQwUo;0W>4LCGK$F0?80y!tKY9uV z?^~gjGc0khIvxYdQQvP9BTo1GfD7H zQofNs@NI^7nO$aOsv=18=mYVT>HNsrW*#QOZ;9(qz~K$T zj&F|X!rJ(Qr`>>D(1E6N%tZoL>zb#cZj2$T2lj2*?X<+Q5aGgPJzwTA|rM~p3?(IMmtRci@^Vi!ahz=h^$=(sjqi$BC}yV z5{C+Ko;M1tJ$Ck{uA2ky?fe&q^{x-x4PJgr?9n#NNXhnull$*z{(J(uBfN0qH#3pF zKCw_@pm^tm_tZTxZ}?kbTcegS+{WmQIcN4=g~nOh|7w@e($>3#Mp{ z^e;T6;ds{$aCtQ_{L}IyR;N0rE5k@7)u|S-tyvN~aS#CAD+uzY{b>&YX)2TKzHBkt zC^B!cqkja@4+lWj$*SK*hEbQ@H-vEZ=T}!PVt;UNTb`|-?U6#R(I}4g2sBu!hz+PV z-1(Vbit<%pkMdxjLIAmIazin0b6aA+8|Cje)BqRMZR+BmFzK%>`TADn zFvww-$-j(g|K%B^NCIug5Seq^`b=9k>l|qRp%L*`R}moEGmG_iHzg2=89=V)$SO+} zv&|5{3cyvK;|N=1x%&MUZQEwOthc=gbN#}5srOL@^D=)m4S({wUSB9C$K!8?kEAj6zjV{0Nf3i@B0+CKVlCs zqVej=HfuS6FW5!gV&nFf8*cA(Y>kixM*Qc1Y-`>Bb3p!oI3U`VmX-}8MccQ%La{tm zzk-1bmU+P0D59$@I_hfyFe9iM?NBISQEd;9D2cgpGbCT3aNAu#!*F5PV# zjV&9XX0uW?6}L)F(yp*y4Iuw7%=4~=g!i-BbK|*^OtX$Bg=XW-n3WnHYj4zc+m`?b zso~V(Du}1)KR>`KEi03e0P#oy{mm8FW^sm6!S*fFxtF@TH>W_GC0uO&hWlRGGbg;v z(tNn9s^1@y)Adb0Kci|5Vqbw7TR{G{9nU>noTca7uW{nzU1QB!(R^;EPE; diff --git a/ee/dtr/images/manage-webhooks-2.png b/ee/dtr/images/manage-webhooks-2.png index 15d2157e21bf654307a013acb1762f0b7ecdf9a1..e7526bace4a90cab74b46bd4171dd030e15df3e7 100644 GIT binary patch literal 34931 zcmdqJWn5Hk+dj&zw_pJ(B_JTut#o4n4&5En(h>tQl!}0WfOMBMLr4t`D$>$1^iV?$ zAu$ZizUFyvpXb>h_NV=R*#Eu!sWZb`v#vPfIFIvKgs7>=6JMvfPC!6F40-WfgMffg zhJfHN@2iC1lW?sh@Bsm#xuX1Yf(!hg%%=Pp@X58;FZA6A2yTDH|NX0z4XXt{Byxu+ z%MvYKxqXR|eC@660Rh2%0?6|xT5l#dW<1@s+FILpY(ysZP2LT7%ZtCDxboN9)zJ6m z&IKQ@$nIBrl5>+&Yz#%s=Ca>!qRM6c`)Up@eFhh)Oi6j?>aD}?%O_$T7OtL76G`6N z(I*?f?s8Lx$%32y&q4Cz1;wA&1oBT0|N8Uh-t~E+Kd)c2e_;6Y`dij5zdx@Dg8xsw zKveTeZB$yQc*(HM7Z!++y;e*@K3m+Sef4Kf<@r>@w%Qu_m^=c?Nq*C%4W(^NM z0+&1c9v0Tm_-1T*?{iS!B&50g&)wd_A0I}QDfcW#=NJeTaj-v}tKSq6W6_468?Zsv z2dl$U(^6mE{Ilkzm)yYE<}T!Hmu|E!ZK7GScaE)|D(ajTrl#J5Xk;|h58e86u2HT% zz2DC^Hg;ZV6Tjx>>(@x?=dd|TQ7Lc?RKJED($y6j5fWEZlhFO)!wZe_0QRu9F9pLk zvC+wS-w0%`Tp>K~?;oCSluVN*E2*k-zjAoOA(btC5RH(%hfMb+Vutv_+_?^5Q=XfH zzv}j?{T8j;+Stb9X~X5Jod%Vdf=M;2Ipa3Rj$9XT$-5Y>(NcBe7S;63u9nkM2EVkt zoFz+0bP5~}n;F&SlR2r9l$=&{m{|~|q0hp}(89wF5fky++zfeC8NLc8Ch1hhA_82B zsPo@p)_rMZhaa9#?Q+I(u6N1PYeh;(m?HPIqQ6*}V@GRZs!#ic6qFS!dCG3-sF2>I zDeykQ)s;4d{j;)}RW2}0NzE*02r+tj+4jd0gOzYfTvSpaU%Tp1VZpG6)t#8=YRfjx zIAY?#8`-m3Z$9{b{+tw-3%zjA2>j|=q@7(qV{d;xoB7C8Sr8BKbYIP@)u>; z!U9>9Wm`s(X$^u?xA>(Yo8<0?Wj>RlU&Y+j&ch0%G6F_KqzvUvvxUC2Le4{a(Sm1@ zUZLW?a+DBN>C-v<>iV5JCL^{dnb_Fanl6^@cVF|Fy#C#blX*4!CAYh?Gxqz-&yh6= z6&00M<$B~^3ptd0riBgl9`Ok)6LT-m+IuJKEfT;m$mz)794$)PIyz$$2R%K*&6h81 zJGP|OM>ka(g7kMS60%J`jpKOmTN5Vqg< zX6Q06Uu_yJv)f#dsj@uK!eXEaj%OM9y^SwZX6mO)J!%j`DNLp#lPqr4UZWb07v8yY zO^1yozkYJaPoZMo z>+}64{D?y=WV9#LFb_2iJvWAmy>2M_%zSCQn9wsMjn?T+wmT@(tTJnRdd9zIKQols zJmx%Yv{Y}=;SZ;4z$rv;tsxClba)2yv=yr?$F}X%Y9g3zPjNDK{pXjFXi1@zUf2${ zhMbm)4N~v_(w`@F2QFN!R{$bFC9yqXqhILQYyIYy^gk>5Ivk(da+!r=Wfi{J=iC0mYhCkvQ{BY=>n>8l?ys|^YH{;yRW_)y@Lqd8Nv_<#BMk@pSe(bFE9BNONBs6U%%;?|)z}^ysBYKI>V!qmMIJkxkQCk-p3VVf_BYKoaBGAf|{9 z)ix;axWrgy$g$NB(#}=!8D#A33WDA@4$K(_wX;1YMNN+SK3}>9Z8?#KXtbDkuFW9j zP4@QOu_%ntMlO;W;yLS=B7HIE*nmsCO)pJ+Be@W^Qo(dE|wy@9wZ}f zT0%1#dQ-Yo&gH;3u`aB5FZA$@_Zq^ZCcd-$@aTAQdHMxJnWtj<2+9W`ULPwTz3>kv z;gVv?{)v=A9T+z_%HTF8(eJw^nR1A}pbgbGri$DTU5sAtlI zL-QO~>V)JKI=N+k`}?!dkT6X<)aJN2&x%jP??k z3%wI0mKGLV^*f>y67s7t7lZY{GCIp&voN!AN-=4QO^7L|))10XVFt)_5Dr;A_FC{F zyeXNNv#+~X6=@f`Yh(HjE&Q^csbDc)2{aSjNx8=`+nJoU(p1c@#e3Cw+(B4Ab=ou&|3EnNQhQebvaR z5_)LY*}!sT&mKKi)Ge*x5fGE$y8q2Iot|DnQB_yPX-l?desR-Rb~~3D%q^EocM8U{ zUk9JED)HuAuS)k?6KV*VlA4}DudHw}FgUldFt2JbC5cH;Nv9^Jq`)^?bc#r?BO1phPgtwyRgp|#))N76yeXko58pL7`^6w}G!UmBP%_i4lwb5X}i z;m&g)#pmA%2br$uNt1X&^;YMFH#^>BFQc_rJt`|JZy0ZF`FVUS)(s*Zc61D*7yqUAbNUe& z>G8?&q@RkSYRk*Jd=QUTOD`DAmFSDagmQx{O2aFD+97uFnSXlRmzo(i!z^;1w^B{Prj!OSH*)}*mNg1$^vK^r16L^&Wun(!dW=@}5o_k?Umz8&l> zpt<4_5^QiV6_p5`v+B|TsG+dET?&`gL1Q3Q+T0neF55z4s=xAjQUEiDm@JoWS)66s zYO`5W{q(zkMm9%N%kd*}7u^l1AbBU~wsmQ0*O%ygxRNhYLq(-ex!f5b!Xw3aNVGxC ztGt1|AF+xYWOvMIo$OEgW+pGTpFqa04J4Eqz;V)NU-YIXKwh6cfAi^qYPyD;b)K-} zOeqp|HgItKc2=sat9}KpmDR{YAO_G=)CDeGB|Q{>)&bq2sw#=UY<}qK(fsxb93Y`6 z<~BBFyH(A8`<{ce?#^Ga6An5KMybM1GkM@fPp3S$nt4}jW8{cO8@qVG(hbU+`s8Y= z=f?pA1j5H^$UGm1SR2idFHt6wl^1WB*ES=ihZDKK>YizPw&nJ0SOF}RG1whI*R6wxce&LD(CaKrju#SW(i8O~9R3^T^ zm)WKE_xHqII2BryQVKyO)0k=0Fvf!&ANW4)`|lmC`jH*T%Bo z$&C21*Mcr=cb-VmXLsGceEU6PnWU7IyL`uiuDhgj^X?abDa@yAo|;Dkl(^M+Caip9 zT?~V^xEJj973jKOd^`7$B2{9IA>3ap+_8{GV0k&#pf@z(azbaK^NOQono~|*0DB%E zSCV2UKiY&9n^I9xDbwJRO#IHNJ zw#@GS{>pI9#Vq=QDM+fYtiy+SrKgzfpGiI5p#~5FZ7nvwvEe{R9I57Hk`BCxi~ZqO zt&N6G1LM1<49-FYhAW|CLWadsOw%*dS`Bho z3}P$yL(t!*2a@b7oMd;t@G~-sDA9tPu3fB_-teb}G_sK^`saHI2t@DvApP@ZPVFk7 zF#hLw`^+Wpxs}Dc{Y@^$PG*$G?s__PYmoCgfj-DEa@> zS2CXdIfsBG@b{krnBf247l3tCGq6Id5#^@AL&X1CfP1&4{%fiKKeH}d!<`{}}ouYcID+!H>%i#;GZKE;G2RQEMx z_+({wJivP=s3;8zr61vAc2oRj*s1gPXta@3g6;VNi`@{S$>a@Ir~xfSIGfGtIAz~= zdIe!6A3>)XgV-F+)y*(>^zJB~F=#Xo{1M5}f*-7qkan1E@j$mW+;;!zY5D7rO>w)S za}sF7iFA0%;SBM~Lmq$(ACJN?`(ZV)eFs4OBq%=(HyaK#f}MQ#aWW~P)unCbgM+_6D)MG4 zE6zSsl_?wC_I00;P8mC^)K_i#-7Pys4Hn_8#p}H5eUr6b@OIzbbSGQ2mJy^Zh*MQ( zWpN0U;q0uk%qNEY`f59cXeCyaw4TvM2pMFkZ^qlQT+j01U3ZYzRnkJEnH^{AmCs<< zs`!a&!|0J>$YRfA@b{POQT(+Cnh|)mX$x)Hr%yM}ynlb4Jzo`IVas0)*Oi-o-63wj zbqOS`)$?~}jy=ssr%YFlPli8>939PVqH}ZI@(Pt+Tn$%K`s>_J+?Unhgyb|I)E5&? z!ZznmwM&e;oT!oAShwH5Z~Gn|iTYlkSMbFMNFVwaM7#x+)~?PLB0PziZhS`o}VBd%+vS9$PJd2;2;s4prR z>PN2Vkrq!dHU_Ac{!jfWDU-csP67Qop8I+{W;$N za`L;cY9gnnjl$_$e*)%Hdu@!L@%wigpY5ii7zR7Y82y9F zm0skUfDO2^z{C@ZEa5R6ceMCElxxs*z?YkoQ{am3rWv_#(k{^`?8G&DO$qm!*6Nwe zn!x6hY{;n?%23w72BNY%mNqtW?6l!Up120ydg9=QBXO~=sUF4Nl<6-k={`yfzB{?I zZ>&CmT(pnb*Qeosm1%wc$P_sDU^eM=8OR5GFq!VIu0c?wtj(VL;!g?{cawwKBLPw7 zxi%1GVer+x4qQHxrEEVlSy4ArUTn~ya^Wz+8Sp*Rqr|Xirlf=!l7etT0;Wv6@TnII zD@&nC+T{B90RWeN+4!=EX0%8ln!mC_&~yIIndjH&<6d{~Zk}_lx^pZ))uU6STXtqobly8ee9> z1V(XCgU|pd+~MS7cqDSe>jqR@T<*NN+10he<37*fFL(F4x;i{$TISZXr1D!@TDJQ> zgr;%#lqo^ILF9k0Ln^2{Qu|42G&f7TxA#@$6SJ{tsB68>3eQJ z`-MfEjE>1)MyA?v^r^Cw?doqwx7E%^fpI+c-eq#x>ckjiH5VDk`PTiW1%R0qD%RDN z0tD9gmjgSUWXG@}%QQfUp?pMSLGfybtVdtz*x$! zz_UfbpqK}2Z26VA@s=@LP@w^01JG2TnE_Ie-<+!At=`mrIo23h-(=yP78*MABbQ5X zb*tH<%*N8%&gr~`t*KFRw9r=qID_eaB?p&;;R)$!{<|~Sl%qX}bw$RN^^Hx9Re;=_ zk@@PM<(QF@kdG)aC@_fYMnF|lLx-Z#{_Evg0Y{kIz?Ex5Vw1&W@C0Q?y01F$xe*@X zbq*#b&CB#}wDPmF<6@(~q^24H2L%K$ry%ol6}fDc)KCr734?}%QKOUX_~Q=Mbgc_U zQZ8x6@{tTtmz^CvcY1VkRHV{NbG(CFquCq%dkWJZey;??Ux0?DC}{2!hiLlgyn6BR z(&<^X*A$7A$SyQ6=x#jM%=f*!rwq+bxMulyfvPn zqJu=rTr}qOrREAe8VvpTX@pNRf9)`&Q^Q+IpW7OZPGW(GiPh1F%u6(#_XST@duDLz z7P0g3^()Rs0*4e@#$2O0pQPnaO4Y9M;88xFw~@kiV_Mq%S5F1eeY#GFlnE}OEUa2Og3Qs zU0tJx+x}WGxq4>X);u1Xvn~1Lhez_G1v;|d-@SvKj}9KYZK9%!TYuerGp8;lA%Q97 z^<-y!q&{rjuYFbzwd7AykeymuUM@84-!iCj$gQZTaO^<>mLEU#SFZ=ITpY01>V(?$ z;Muug)BLqIBue9LMn-r1wWg(N{Q;AevV_Fg9B&5LQ_uoYrWJ|qvK%@%eK<2XT4Jmj z#inAnIOZ7G?6;s5OGx6Yl%zjVWC+j8>ra9sQAcXgv9Zw)L_|bDz`&dElXvd|c_mu@ z<(@I+sMR+0i~Mf{{-cH3ny8C?xHL5`+_6Q|FRAESjK9{2p<$s*D`E0Z$0Zh)`~r=( z>$&w!#mMIo%RB~OOlG#U%C?M!>}Q{zV0idcNhKdC0lU%wZ3Ohza_MSfqN1Ph(aG`p zS${jHu=IJVe+}zuld5z=S!CpoNcqX-1FqsUrU?0UFy%?Qo_#U5>Wh|(!=8V6W>;)c zd6=C}S>A;=mIb1*y=7eO)^FlCUMqVBo5^kP#tnF9_+|CgRM+@g9Kj(mqa|)^;eJO~ zAQ~w8nf=MBZTp4T48irb6-8_a8OTT5&5{yX(3fvpq=DI(_|EHt`K)de(^f+_UF#a^ z3iTJ|44Uo2jg(k{^V;E>&j4ri&avSA?2Mvn6Q29uqvQq1reU(KBJ+AW-rMp5-&3K_w5-%zHHy%OK=E>mwz( zv{7>l4#>)o#db~rRWAogW?sIa8v(rHNRB#_VbWUyf1X4^V?yc?|KBfVJAT@o^ck;D z7iPEn37CM+D4!Irc#Br_G3H{Tz{b>1)>QRa#}{^>rl3&dckWnplQ6*V>|6rBp^L0a z1F9{`qq<~lwnMe$h_l+-L~<8NjsB+nP>{OzCr-8tA=z>Y3MvR(mi zO;4{*!;?;*n-XBM&&@|$MA+5Iqm9d1(?)@WM7BS_vN`rh-`%q+-;!^tM-|e08q}aI z1=o8?r3br@1RS5y%08E~>#ZlY8*MBEJ8gHIT4%s-U-b0Zdlty1vtzDb0E12j{me+A zuc2~^ly3Msa(Jf6oBWs_Z&sgvDJiG%4+`fP)bU&G&##!;ZEed?V$Kbdx3B5Kq+@@s zn3xR-@C(j|sV=2nlwg16Fqh~x>C||>%I}>*a0!a)Mc%AajUFj@BGsGT@kcikaCi25Ih`_ zlid3-Syge6De1oS5oBgKAisdKG22Hb@@Hj%nj^VLyQEkIbusSrqRuNUo*kqqP|sIj zAWUmtGL+5G#Zqr6`3wt*2#I5vdGvSkX@m;OLeZ@o%Q*JpO)hQjGR8=$Y;``8gy7%? zd~b!vu&`!#I~Sxu0w?4iI&2ay>f9EbZ(O&FA&%MXr4-48#yy1H4p z^RLfD%8Y$P%1s1mi&4@$)tn(f8!)CT$JMH*0J3OUY!xw)u;ybZ@8t#S9v*&HZKv1K zsG_2xp`(L{xL4_yQY~Ktnz6zqh8*8es%zBL$GAC0I&s(MbzWXY>Lo>v1;y#cC8|Z9 zTa!FtZRS&vfN_=kM3V~)ir9O>1?qs*iC)4iW(Q%{A<trXinAN&3kfx$QwWhK9nGSMDabIi|Omq!|cl)tO(J5!iR>HEmRyNVsZoulHMX)BehP zeY@d`Ko3GyD=hrV zl(9u$pNfJ4r2H&BHuZrjDe0u*m{|cR7gZY$w(zaY_4pvHkp20@EQ17YLlYzw<6A!D z^1xq&{JUJIwr|99>!Q-z6vymAxnrlzX}{L3J?5X{h$?K9+`E$T{a+^PlgoMfo73`6 zn;XMeI^QFXi31|Lzrej3WXu)e+kVH|0Sx|f7j)v>&U}1VuB7`O0C!lDu z#iGWtER#hXzhu580Oh2uy>D5LiGhgy1>K3RRgdGu6w&nD=Ybk8iY<< zcibkzf9si|E)_hM*q*C2CH_(8W4MJTyvah&K@z6skYZa z4v7s{Sz-Bk(gc)AiRs^rua#JxBb+^BfekrLt*ekBxNz9RPbuu|JFzS(N8a~Nw3M6;P1&PES=45S#v z5-`$%WGJnI_SE6=;p#kNK-H^u=iS$y$iprfgKc>Z4p)~)T@zhh2PiU9;_?*aeD}HI zn%AKHMxlJr`moC)UMT@vJd3P$>Cqu>x|r2Knc#N@6JdP-f(N_&)K7IWOe0c+s5d>;)*mBlljx}iD2gyovsVl~A zrZMSwdUW%B@C`tg;{_b`&W~l9aBEb@8}Oau^%znG*)t*gq35?dn5x~|6d*RwA}B$( zd9rw7vdSu~B$ZkFW~E>D2q5s5aSitiuFBAJ#8g&-VUnNd zDeM98+(#7Cr4PWpM-N~)>hd~lT|IPKkD&kx7Uk6l4*6a_nZR;#D*O2QxEnSI116*# zq@b)v+bzZm7w5Gj)n4U$g^Kwk>qCVBlzbPOWlh+0&`GyMO27qQL!s&ohK9D7gR~=D z(ZkVF{b#sTk!v3Beyry+uNT8cIg2z3--CW=7J-aRli03oQfiu_uXk^9i<+m$dO;-0 ztJTS?%$s2VXeLH$G9^t&Z*hoz+$F9eA0R{i0A!5bx=Akiurs^-R29n2k;OB`8I{6Q~}?Q zmFKG5G0b&9jD>IhH}HqWmuczMRqW#Sw4I#N9iKWvLO)7o?eE{5VmN#E*Ezpfih}YP z#Rt0JNP2A$KpbKUg!@S)@GX!EtEUtIC^F;8ha%ku!~)qJ?8xu=jHgF zz56;yO^-*5O_Y^sgfu{Vo!-|vQTou~)9l5*CIoC3q0#TTEWb2yn9V*0bOpxtC*1Z| zlB)q*kp1Kt!x%EAd31<^%b_(p@NXj5;krItwxOY50?46$Y0^Cihu!`bj)&h&YXl4U zAlGkR9hlGV2%VNgrO#A@{t!q`EzI_!$LJ5+BQ;3lw)1!g+ZHyX5KaoN^?||cP)RR^ zXefIc%I3_a7bgLD5)gkOe$CPf%F3Ds2CzcM0KcZKA<`D*H~?lGBi=`Aq}o?L1Ud=C zwM`bFPkRg$U%3ws4?)6D`<0=pP(dP(usq7JoA`A+A^z2r&-Y@_Sv(%aq#k`P<*rwE zB$apR@+Egc$seUe+GahxNSTxxKp;UtisP?KBqt-Y$53k+OmXq?srqy48Ldt~yL`Mq zQe1a~8PZe_9n7#lA3I1Jn}6JEUAcLKI^o!X^U%kj99E)JY~nV^Sa#jshSbv&-~y5+ zAUn}6)tfK!zKW+34^f#b9kMq!rW9?ySd3WA-8wotW|w}X9zZl(;*{phH;P?YSom_g zHGO25Nv_BtNe#~dw%KG1on(YppQ#(N3O?VXv<1iT zjX(fCtX7sfJEjaxeGXL$3tQgTN#<0(3uYE_oYn*64k#yk`#3Bf-raBOU|0|6Z(l9L z(mK482YuIF8RyOz5mR4TGB#CpcO|^CVt*N4MtP*%@k3JFy`ZAfP0;t?Uhkw3z`AqOX3eFxW4pY_FeW_$N%H=6}w-4@4_dh`9wo z2V)QS_-sK()NZ&a(D4rH66igSdS{ysyD^z2fEE;xJONS7@Qvl-+QcD0)!IAQ^^u{s z(oG{a0|D2GujzoKO;7Eb!K!k!mb@wOhy#MZetZYj4N|jMU0rBM$morJNwbvVX2H5@ zSpiVQ;;RLg=FJ78l)#YiuwkZFlg}wBDbq&Aap~z{tM9h6%Ec+~bu^m(2Z(RFYFwRW;Wp2d?zuqxA*9zN@Ro%G4xgrBGlbw_l3W zko9?spGfn7RYFfcQkUplA_qC^ry31tp@MJ z`LGPTA7}3!Jz&5$eZDDozpNXdLw#ljX2!+KsQ&KU&%=!_)&sy8(B0Q~p_Vz*n#jlI zSGJmXw@Knyd#Z+NcxY&}(8m8v+Uq?Kj}!yJ5>R7w&h#2LOV3`!EcSQT9j!}({B&*S znk&>z^W|IrD73lx;?fF+DQ2y^St=tY1wLN;<_P9ZMV+2wW693Jq5tH`JCA2?$aOVb zD?puhk&ldnhn%Rtdq1lmn5GM`duVu==F7*AqZ}QDQz*!2*;G|YK?PuPF6Mc8n#@TK zq-}*43RjvD3uO$Xh zEn38$KtPcHA%|K27bRf($dB<9EzouGsjBwh2ui8c<31|$0yw*=)2a=?5nz#wHeB7+IkZ509$071Ob&?U4oP#BUtLU zw3nr1Lch1Q$yz;oR`7AJwyvJifUo1h15ma4Hpt9r4r#>2rIir)V_Iory0q*%LR)A+ zig)d2AiI60L*eg9soOr^wLdYbaJKo3w}mP(zFlTopOZPzX{Ko`Nf<|j{V z_H?YQtqQFwS#?KS@nZCE7xeQ)3OqkZ|E)BS==xt%sfP+^za1)C?|7v3l*7~2{b3xq zA^s4(5Bo1&`$D7LqKDmIxms6>GGiCd|53t=vi|ou=3n)=DU0x#=3j^C_5c3i|Ea?G ze=j+~|E9RVPwUSzW#*KK#+EpbC z8@hj%HS=dNxFBmdrr@ekHN*Cf_6kh`!`p`&f1X;%eC}H*Z5(YG^%J@6QpZh+sbhke zmZ>&;as1Cz6h@i_>Y|wgzTXdccl-_g=x*^!1T$Sk@BjTIEttwV?qKcU9ao(H7PGa< zgxK@{rN<#e5{2WGkBcHB>7BMrER$~WWjC)cW|KB}87ElKO#U)91+tI^&OF-Y^Z)2C zL;{y7l*Glv_1NTzFt`(+O%se>uPpven8_@1^NldcjghXw??nvj4u&3{mqpU<(G{2U z6HUgYjiBVgY4)$lYRnxQ?B2#4k9umuLuHAGXG;mO@a>{>=uBzPiKF^pjvv-oTWa7a zNJjU+?wdxUZ9I~j*K@IdcTC<=u_EZwmB}SsC_BbctNJn9)b27xagWG{6{9g}?lumK zc^}aX0quYGil8waHccTpsVi?x^A zCVO9>)R~%?u&ME(zP^{n3JveNcE7Ti7iGBK=Le8=W2Cm{i2LY*e`VDYio3zl`D*`I zQ~31AmoE@agyoCqNiA1(JA|wWFJU!&;R}-sbq<R#1$i}-I1XkXXq7cwNm{e`laG?Vk5^U{;j4qjI> zA~N&M>PJ;|P<@5vz-x+6_#!BeFuDhx8elMCB$izd3LULtW-zo5TtlG_E9<}twt@0; z(Y0^gWJ+5g=#XQ4_Q{q_ni$k5)VB>9qUZKl%K zeD%oceKlBwY>jHDE-K>=w#{_y`hnp3IqMkFF?`RPv#N08K|qd9oRWb{XMM3Y3zb*m zO}l&68U_g2ln7H%BWn_@^vdMS()s~Wl}FJuH1nxv{w^zx=Hzg0n=I;=Id}J z^^-;z-=dbkQn80Dy1UhK;B2Lrc45tY0Hdgh|8&;CtRz9gu6EMIf02Zbns_LsM^pP` zSdTb8nHd5riOHW%4KvMqtdlOgJ-e1GjWw#?c@vSI9K*avEWA(o?}wV^^33^Zs#y5t z_YQ2jdfGCP;$9rvjrrTqr)lT~W^_{SBPkz2tG8w1I+cC5H3Y^d;TG82n1?!!MYRPc z)HX+T)Pgpud0#Ys*=Y~vjKwMOQ|CfETtn{}z%xbU_pY700v=%i*1lZt*B zt>I0J+Tr4@^!d1iE77Hh+He7!j*^0p{MH=yH1kZj83nt zbr|`Al~!;OugDU|j}I&Vgpao=Lxq-@zvq}Hy;qMA=^kZ)D@4Rz)@wWZfjE_~FATf| z4Sm<^iVPif(_Zj%akdrnM2W3yBei+}Rv6mWC(9J;_z*=MnEEi8&V?H)&l2 zdCT;y`h+}9!5M#uXJW}c%sH;X{J<`#^dQe_GxM< z43ZvL40DT_~#zZlP5g%yA`bFlUr74xr5(j;ZKL|EG|w7VbG(g>Ef zlqremO+Nm2N~^WCT2|P;NHSQpf0oZ?JK;ZJr!ku|SmSN?MuIdDMop37=kY3ENWNG~ zFg1K=`SiC1D#^%d*&v~$zVoy0mFqC5o;!l=qh%Ub&bOeC8$Hs(kmJ)bcQI<>bOByWAF;K8<_ZzZF#v=bq*<8rCpI~9Xn=Xg0Dl{zrY6H93FL293Nc10hJ zZ!nS=YJz`=Be3Vs8mnpim<_ATis@%w5qdt^I}daCQHUZqem^_Q$N4dVa;JFef>$TPSwc9^Zd}bVy@E+x1M}{9n>6 zJ`UM+6VUU2c(>rDQPQbfhX=1Q>%SF{k3))XFL6V_6ND9d1*AswVQsLj7aG|6`COBP z{|-i(&!vXjpG8~VN|SkgbdwN|VOl5Om`n(BQ@V=$GmXbx22fGMmhE37%Zn4CiYt!< zL-|H}3fj&3Xr_M}*J$IB(|-a1LGX{Sx_{F0|39AD{O`&ACsz^tzkE=&Po(=DbAF!f zSoA0;Z0o*Y&wQGMG7aUA-gpiETO}K7P6&Efb+<_@cYg)0k1t$IG+=6r$}Zk5^3~Ip zt8M(;+EUp_oDs9=8+Ugaa~H7w<&EyTu+$+YnJy|nvLMnrGW9TPzgRCpN9fMxo!;z zqk33)XThsx27ZFeXBS)W3Kxur&)MmbUnhZ*vJ!K^hg&GZ$TxJi3aTA?4vaTmyREE-40l)DUSuuz7^YN77wc~h2o4DeF&o?+EuN{m zB6Fdef!>pqlXW>Cq5#Z5RXm>&B2>9l;?3b<$n@V&KVDGvj1}vqx7hmknbz+Pb|}4g z@pGn?%#&0#TE^l-FPmycrCE^4-# zq2(DcWb~+Qt%^75l&8|f5{6Tx$Fx}*g{u+{#a|P(GyQUIzN>|_wxmkh(|;8 z2XgI^*KS^K|1q7~S->tCL7%U9f=HV6pG@_d_Wk`?lV~Q^if#(g-rk<+GbfU7qqHIu2yX_zG7~dLTS#0e`l!^6=;_ne@kPJSm>Op?8k(SI2#4A#JCzbU zZ35-~x)Bq6*R5^(*C%NdG)ph)#|G{z9vcF80J3rrq9mQtAPz57_k#dG4gy3jDwqpdv&x#00x6Gv#{9G ztt@X!e7ZZGQS!tkLg~yrD<$*M&8bT>S=i-(VCzG?*)N41*CE zwV>M&Gfsy`EkA~SydUagSsh1EfRH1=?eE78{IeKU5e{U0S!HGNS?{mBLKa=QvL}(H z1D~jNmXTLYWi`qD@*?Z~K4y@@TSCI>Vt9r3t5=89ojZ44jTS$OkEe|8(*JzIs7esD zzulX9CCo*}{jj7x^3yCFKjn?Ko>dG+z^_}7An!~veG0ebvh~C20aNy?*;>ZR6~3qP zy1}Mw=O3e@vNZfeJ?HtgxwOB5{ri$_q1R$Xt6PTp+1dH|I=Xux+by{NPLLu#?wS(W zp58J|WjyoV>-iVDB8WG;hr!1l5oSEd4F)=aJ zxHC2GU%g_`1IcF{DvwKaES#+6+?8%}#)WQ+d)^o1{!|y15Iw_4JF&6xThi}NWOj#s z-D_UpoaPH7)Cz|sa1p00I9w64tV|&4v+?(L#;pDA(X@LcB&pK=QHS7OcK%zsbNY5_M}Ko0*yQ z)@|zCQzu)qQtY&({~G7~?b~-(F>dH%WtDWP{_k{#Un{H4VlX6r87)@{ESQ-3Qd>Tj zMvy=ZDCm+GjcQ%P6UXn~(Yj{TW2kUjw0lf;;fogUb(!LAb8>w4h*row*PuNM`W`BEjL z<;9L_!6_Mt@411By0^(_12oemjq0+z4hRXa2)MrXPxn3d{2hw!_`H{XY|DK5ee2;VMAhp8cDTer${>^V zB+WpuNSElXmA&xX=AvScb+|fw^yXc$_!JXQ_C(Y*I=Y!yTpPUDNK}_!0hsBbTxTl7 zLYQW*xmS@+(c{-I*cFk*s-7umdyzZzw;|auXziPg`{_z5tYzj}WWj5oqKRwQQ%qxhp2OZK==X{!x- zKMXR}x^LX-S?>Sq<#!a<$FN9U#0`>bR+FlWVk>nS*RtgaUN8I-t9$q17Q^PZ`D`uw zaib%MlERRIvz6_4>d2;4$*;j1BoiMaBIdiH%1T?<6yv|{O88vWRrTVx`k{B{4%x7j zs!4}Ys>DV_{*(vsrMipXw{=TV%pmDi)7F4&+IoP6*ZNEcG)vXrpX1g18uz`|Pfq_Wuaf%r++a*T@RMjZPhMchorM8T8xxHrhO`(`PJe5;=axDA7qdUa z1b&Zic7LZ!DKxAU2hqb}yn>j_!s5Weq@$fe@$O`c2yj}5sV1to%2OVnQ&W|i41~aN zFXJ3jK8EQ+SZyBV_Zi>k=L{{1<9uoEpma8wtk!x$%HXx_t^LkNrP%P8iogRQ492^X znlF*Z%Icifk!vMD03P@xd9{q)J=kGscqVM8RroWCEWdUQ8VsO-%T&cXsT8Dop^tu_ zapN!LGKpw)fHi-LJf)HONyYZ)Q54vjOgOwJuViZHU`IO$o3D_TovmHjzPh#+)%yJ% z7|W&C*yECZKjobr&U8s{lE?B1Is}O+N%M(ZYy^)Ul^fOi#DQN_VE(PM{7nw|kJcYd z(ub0f8PbJF`;^VvT zL3w9R9>NwZ!LQjE7#&4_&t?O*@CBaV6H8r5{m3bL$X=%UW|~2}BS?54moIsCE7lG5 zfn@f}k5su6z94&jZ~y4Vb&Ae}iqjW)vv7X6b|vd7X3b^y7rw<6EB9HLC;1E5gfwqb zf~zFg%$6c$9_@ByyouA$@!H+5vy26ZdMEtzSKWoMY#lg<(N_X|_<^p_Tl49Cii(OF z6INFrBrw=92-ie-Rp#%m+@d4PK1KaJ+)S6hEEj=pcjODD;7}@A*M2C>|6>Y=Cdy#r z6gN0(QBUrVKRz06@2hzzqDd3Dzc09%XgA_|8K4;h^e%cRZI3A~yt;b#VkC%I=oS@j zyFf4|R*uNn*!WX;IB-?3hTldaU%dOEUaT3TA-{T|QI&d*$3cO}YD?UM>eEv2QU z6&bgl`jk-enznUAQ@++zW_v9X0tBnY3H_^LVrr+qD3@EmjuIriiCU-x(3e}Rv|_(rmjcZa@0^bolYm z0mS4^(w#P%M+FS=l*_52ZV^P0^!6n^+p$z{8*mrCM-3-)X5ICY$te=K3yQhN`}6w< z;jzTKw3lCF`ix5wetgS(=`=m|i?8BfyXCHs<^8}LlrL7=_|dRCcV_iJ)>KseJ*U!b zbL09o#`_PizV-2<8+IsR5(&Ar5cbl-F;`G;TDdTG&mSv36GZx!C^CZ}IVfag#k(|B ztaCdjY2PAG<5{CdU~ihwG5RePMhV$M+(ND$i?4-WCTjoGC@1p zL7L#P`5Hvmc5H%7{>2YzWH{I%d}Q5A;I*kgO_H#pCv-+77^Hdj<$Rj%#3UN(TicrT zjn6+5T|fjJL+yYz{sVw+srTsOY&PHP59^6LBX$Kck)8xgo#}Lko`2UEl<3F>d@TOH z_YE+Tjihv!lyrlNbW3*$h?I1L(v5^5-Q69V z4d2|)^ZUK;dB^viZ=C&%k* zTH(>fo?N%nN^M2vV!wINKQj1DRlj_5sw-Ap!Q@Q^`=c~nAz|T?mA*Js2#kzu)|OP! zF*a)w8QHYjOkoklX?*fHj@^|Ea%6_MSG84(=J4;|nd+kW(FIz4sPB-=eh^crNl8uZ zpM|}yZ)Kd#Mpy(_fQ&JN#+Q+qJDuAC9s-GwiR&E&AUMUde(i!nmypex8GCJLu5mG! z(6Zt9Jvs)4|0f@x*-gYtN zn)OlRv*tZH#g*t^D1RriuV_v^0i-C_XQEh%F(VQd_Q3T|9GC<%<#eK-l=;F zc^S2Q;NRoN83Zh=_;&X8anD_xpzB{L|JIR%0|{3_+|_K&^#_;rHEb5$aB*{boY4u$ zoCe<&4!lipuR9Ji=G}O)*8gzH3a=0R^oELQN=>Uw@4C_D84LTc^2Wq^uXmRUwN~lP zz{^ssw&h_77vkYY!#?}M9VIM^yABvfp1tQC^XD?R(_`g1lW z-3`A-uv&^BBx^WU?=BzYs0p6EWcl0z_?Nh%?oY{O>hQv%DfZS#f(Kvqo%{EDhLc>K zjv9TT%4ae>C#ZtOe3>&7CI=&ya}JfAk;`Q^>sN(9S6s5$>MrakiI(?T)BQyjxw2>GWoC*Q zE>RM|?UcYl8`>qoV#I)=t2DV`#L{HxJ29KxL&$Tex}YJt;EQ^jgJOZ4%xGWhSOB=6 zikw>B8ucOrfBkxX^@`f|gtl;q9O(z2IhdKB z@-lypTIXOwhMsCbtcCC}a9m@#va<5sV2f^Tq@Y8(u%=tHHWKhF%+Z%mPt7OOsp;cc zg)-%f-23>uyQKuGbk*Hd4gH2fa1YmqhSXF_-Wp;Z9PaLWwj8Q!5!S1GFtY2PspsqO z@BcZ!VhweQsK_09}!%HN=+u_#1H%{3=@^612m%li#*f3B1 zr01^SBy_*9q)g2A!^x;SHqRd7fMP!OB^ zE=W;#(}RP^9coiTV#08inkK}tdmnoaOc6_6KCCb5Vjct6ZT1`_!^S4F2Y*6*>^UXg zY}SYz1JvBib;pt9FjwCz%8+!6ech2s`E>Lw<^)%sGqF=R79{SGJRnDEMY)jI6&5j+ za50#1@zoedep`rO+vvRWS;kRCQE{r^VD;yWe^aQaa{z$56^P;b z3?BRCZ34Aad*CUY^SPxXh9mT;ALQKX{aW!oARzvIJbynU6#Y1u{J%W& zsa+m;wf}kussaB?2X&S*|FF*;`Ro~rl>N^m-W^@E?LPg9So!+-)tkBV>o zGjjj=9E{5U{!{sHIllib59&<2(_2VLxMY6D`c=~tfw!J!w3yuNxq+EgRSVz#J=fva zoqb#97s-QTv{{W)e6G$U4hG3rbyLOd6{6m9?R^LUHct%vVwV~od)k=H)QEY}&C3OE zMoPxXRI9e=&$<6zG(rzbHiF0nY6M)D*)?f6pJy0e$&)&G`V&^OpVb6D-VqHQ?_LHm zKiVyBE{}t+cm87;y2Ul>N0^i}uGe9cqp26(kaL{1w?qg_HvWz6INinndc@zev{_T> zjDXGRSTiAs0oxQc>541&&A_^TePT8v#2JWYU~WYCvum+dM`$N4{$D~!B<&_0;pZz> z@jA1}7kMG=C8qW3@W#=;J{5H76h@L>iC8hsBE7$TN$G_>h-fNFS5)H%`vq6bK^N zOIdb=Nc^^p2oi{+B|aW;U{Uy;>gw$+;>gHIAu$sIsN%OL*fUr=HZIVhQr7oP;K36K zZ67k0mXV=g;3reSi?AC(_x+SEpYyKWC^R`ac^LR@bRARE4^^Y%vwA?-y!`nnHZIP{ zX`^p-!&`ELZ|1{?5By$dM~`Ko;9RA2Zg;^ob7XWXXWyg_n!B-tWS=eh_>-m~{LQ?qeXQwc+vu=p)&P!D`7q#q}U&=l$Co`?`I(O^iorTWB1akLo zl`B^&U7c)>8e6a`pjN(X#$hqL5Vya<<3wO@Q#>KIjpD)oC6dr|J$)Zd5V(U_@J5EiHs-b{9<7=FqB(HWEFN!Sou>TAlMcp z>)7C!FW`Rh_&0Hxj&A~j*mLZ}exGF_Q7ReBN>fo-aqS0)xZSxo+PDu&&^t2>mL*4i&bVgeuhKbQYEPpX%F0D|5s_s z>H|`tO(Tm~Hmh0U>7Mx^v(b<%Pud1bHSv9d2xS!y+77d(9CzONEY?LB_g&qY825dR zN1*^B%Uh*F33GE2eG25Op4R*oKBsGNf(y&0C1PSy-6uSWkaBOd_ z_AHmrc2?&;CKN+PZxWs$ae*@N96&z&)J~$rT#0yUyQjo_!9+f_W4$a)ua8k>k zw%g4=M^E_h6V#=5^W`I4U37c|0{dFsqW7P}+2e6}ZTwm#+FgIT>UVs2pp5@r4fj!CP$Q3%xvXENmDN>K$C?PWR$;Na&21p;4&Xa~aE7svkm*))h33mwZx14BamFSK>mf(qb$VBb`dfwBhWh^*|kpIN1ut;_O29yPoW^sin z8%ph9~GzQHokmFQ|a ze)i$zPpr*pbSS`}V7Pe`OK&jX*+S2}pG2nK(5H^`GP`FDQYW(+TfTjZAo2xka4Y0{@AhM;5_44(|R~`7kj^R1qGwDv7We- z8nF!u5%~Eju&g_=9^N7vsPr>xc5)W=>a$5c&DOgaENx`U(`Ch7mkA2v9U!%(PCY@g zy>epKYX^EGRhQuZMDmNY0PV1~w{EM}h14%9)BEl~s&3sF(C?z_i8-_1M6kB{pcboK zw8zh`4GALngX?R4B+=qeqt#ORx(N{Kb)C6F7BLwKqXFCupx4`nmIFgVbdk{(8g(9c zPo4+ z+a?Mq2%#=~CRsIGM7pPqj|MaEs6B=36#_5TcNz{H(_|AX>x7ML-=nSYVHNS{%q24MoL> z<-{CNZy@j~l&IaOQK8D_Rj=3{4OAc#ZES3!ew|14C@oE+)+U&q$3frNOmP0p92M84}z3WTRkyszDY%Vne;hZJA(HS+bt1!$_mt>S0=j>Qe*bi5@N9m0_V=W{_O?en6F&PfBXpJ)}Ph>-qF~P z4lX1vsg0X5B;{GvQd}g$IGCC~$_REIX~{pdyT5N@W9o0sWlmHbzyI_}2qYPUov+r3 zHBPEI<|y9>2;%7)rp8+np6>ymwZsXNTS?L854}A0dM*r8_c(#1h9#pPQM@ z02p@{54j!2ax9pPdQ2QsC10zSZv?szYW#l8Jk&aC(3_ew#6rwYOVs-}^y)OBqNH^M zk}Mgb&lC?$TXGQuu*GARWkzaULL73QpO7#KnT>ei0-gm^1C7WM3wV+APYVNlkJvv zB`Ig*R#~RcIrPOcJ!zGm19*%g)M&6#zXw*Ffx7A2GD&=WKv1bxyYSiKGb#*N&m8NY znvF_8YHU4JuTZUbxC+eYQ)Zf5?^kV?O27fNHR&k^x~nAu*Jf?vdcK(?wkW&x8Wsd& zn&U?BVqxH5^b9!$;~C=!r_ z*Cq%Qf5qN;=eehr=)9%9n_x&f?2IZU!hvWj24)rD{GL2!4!ACa^U(|;T6`|+3Ea19WE3ik@T9kwqqDgr!xwb+rN%tK47`r zUcA@7ETq*oan5e6<#Yer6n{My5nIT|)BU>NJ6E1>_+m^{y8G@KN`ybDxeCO%{LdV0RQI z`(g6#3;W{X^V@N%R(j^$ee)vvhNfv>MiXAW5+oEbBmzf8JLnqI%Zz%fYlod@U@;mf z)kQjPko)8Zvw_(G$hO+DdT}ooSjW*&CBe3Jr>=+GV`an1BSuIgl?`(X)6p-leU`-$ z&eJ44;lK)$@q2vEVRfFqfKtV7mB$Y(K5~#Z`|8|dPnSPRxqD`J$4Xz4O}5W}^2myA3>vP3A|@CX{55mpcemfl!2rI=?iHC4-Hiv8kqPM72O#n zCHXFu9U=Zg=Qha6scMS>t7I(CA9*zgX7j9<4C!G-B`CS~Dc{!^k}evFtP;1hO#t2#c5<{xkL zSA3>#`K8NBG@YP&eYzoVFjRzTRp;qhHFqr0+KdBbvhRoZ;*0tkYoXR$e@R6=f+#7I zyt4#pQIt<77}k$9m=HoX$Nkr`*) zp=g?4vhQxGYT9zDwrB$<6KLt~18$^N+%|LfP@X=RFiUmz@5cMwG*OIQ;J>L_wMS2h z@gU*J$s9Os~INa0>+tecEs^yWzthbhzpl80)R7#4e*FBqW2jx>E;u+OaJPDLV{Cc{ zlZcdPjn{Yy-FsyiEYLXZ7GmXJ?s7l84b{loFNB6qnq$PG!hRH=+L}yPKXZ4r%ap7s zC*gPa>-|}o*=M*$4HG2?(xfF}pd@|S>H9(PdR;dLJKB8arA`ZmoV%%Bp`(*R2DY2e zzXO+SFK6``H2QftJP@Y52`XkPpQ<+n#Kxn?qH<~`aR<`H1%WBfQOo%Y0F%@G+o{e4 zWCG$~%HXs=BJrob?+qDTNu&f>XG0G)&VG~MBk=F_ey(b;{jvXbSc3o#W@o>$zto~X z$W$OWThV{+yu`wHn9a_{wCC4Fo#|jL^}f+XC(<|6d9^T()&Lx&DBzmX7TlVdxkLcQ zFr85%=|!Zi6}g7vrta@_XS>arM#m(c?=Jnk%6a2rFLc6&owcrCd#^Mi zx)Wt{0i=tyG3ga8O+1((DVl|3y~w}g#6?2#Riy?(_zl#609B=DZqPjC<=a0vs1I(j z%2M;zZfy!(J-wju3&GVa$8V;#O9NG!!~qW&{J4{f_YlJkvXEOmr7pbz!}sUw^E~KH z{uv*f;2+Yf5u^^qSF3ECNX?de&Oj<*-Hp&+o%7@kv5S#I^|E{UT3uH zK>^%7ZzY#8bShV5n=~(&?M&7hr}o=Yd4Z#+R)({%ufzEr&$dvWkmK zAA-UF8+3str&>RQ8x=>xmoh_Q7Yyvo0PJkRn>27|R{GL> z{AF3^{ixdtpzJhP2{G9$cZ&{D%7>R5@5Zz5Gj9rR`}R?@vxlT15x4R1y2d=q>r14#^d_Ey?$E@fA_IG<{w%0N z6qOe@TU|dvgq3I{)ALlMF3x9SAs4)X*YgT#2eq|}qFUvyw$*^6io-&KAhlTkEM4i*t4HF{H zf|I8+CYf#9J@m2T10PugElicWZ@z!V5KXWqC@gw4y1Zl|`^;$CTulN6%>4ZQ7eVLE z)2Ij^`S9|j{y;%%;>xox5^JAoA)BIY2Pxpl0e^#qh1G6kC3?!7iLxHbrto}C6LA4SJoX3wJPdi_L zO3iG!@JlNDCE@bt&hlUd8fsvb0&@H@n2L&^u<1#PJ)Mwat;RS|IY1&T`OMC0c<&G8Ga(E|~C;bvY^lRRqW~>jcq2eYPR5!%dUr(djCTX}Q;T`0Li$tcVt`W<3i(}X{(TrWc*Evp^o_(4F zJn>bo9E*13l1HNVPrF~6Y>NEzhC%g_n{wclV#qp3mr*L{Zm_)u&|XK^QpUuDz}aSb zt~GyLihxBPu`M3_Hcum)Yni^V=3aY@EN!In6mQ5vcQ|Qb&2f&l=wSPuLV2cl3%GVB z;{gCTvJ#THxw%orcYTvce}*LbSlQd%m;12Ox-+KWRl)oNx!l(@{L@lazk*r;N@l85 z^sbWayRWk}4Y#V96$GM;O*`G=Jd?Mjt<>tA>TUX3!K&Y;ElI#{`53+Y(hF+nHkqWB z^{K0^Aq0)U1cF6I1XNFy8v!T?{{|W3wPtIOiW}@VpsL|@Ex^eAQdlSpI{)fO260oX z%on9)GB|;x)S24>4`{^PB&-m}nH`9u2HWi`ziCy5-VS|}D-UA6<0NHH$6+NArrDA)#!albGkQjV)-#(3c|xw7!&mtD zZJ-0Fo-gMeFO{XGT?t+vdB)8h?}|&##_3v zF4+#ayiQJF>&~V#Cq%tL1>y>?LzNyFZz6MJ3Mbnq2o!7P_FUgmrp z^HADQ`|a28mDmH$xvS;;Bgq83l^C&xC*El-21 z*sN|Ln^^)+qNTlE%z0L(YfM66wlL#lc^r;GRYJd48l~s(^Vlfvikn1ki^6^)OzpNE{27TU7Eb@b#{=dbK%yx-P$Um zHUcSjZ`jZ4U{EN6MtAm3Y~0&6DK-|iXS~eJhVGn3tKGuk4#e-F9F3$^3do?89jtN1 z&$kmZ8w&d{RHzi;S-zcaieNZcor-#dWIi?z^z&nu@^FGyEi00gnR zUZd3|)b$=0&;-Hk+`4V9Uh&z@c^~c97Z1%F9+y{r9jpuohe=}z5^g^rOJh|OZEL1V z8~i9JsM;{9)KMa_*rlgy*?VS)xqG-zNkbFR=zWWMzVG@%cO0_LG&-Jwa5LrXc#O$W zX4Cb#w6L3)Ni1^==8tabh*(bh8-RJ_MDj#Lgfl;J3@k*HMcoGwMFqN>G|`aZ(nNz_ zsEV$IMGJVAOM3~)$UcB#)hZ%_vb8;-lqo`_*b@*E4iuZ}E9XtN;|g4M_6FyI&zuwL zgsUin&^>yMFes=|?hTlHq2!4wW-Okv!5&f|RU>5w+hgxsy?QlMo}6{I5_Ugs?v*wh zsPhSGZf<6F8shw>QXtkqHW|6-S*Uj0i+E&lhQyZ_jf-SdkB2R!pBuKCv(stkmG!Lu zcmY1{dHdsf=4A;XgQsAp{q)JFzg$=Wh1uRXae@(SgU2qm^>7_%vBsVV$LAa@`o81* zi%uY)?JkV&vn~qInx5Rg#BhDW@7xb~^5(t%p^ z!(8)M{u^iK?)*N4ZRx5u3^zu$^Q?Ox{YILKzx6A81%)<;rP)&18^p0Tgw~RGqcqRR z+}}Qn@{S{9%T-E~@U~g#jPt5yGt)6JIO)|F5L-R{rkoq4)mvrrmZl6F8yj}O0UyYx zT4$0f+smKm+OBV@d_SHh4s1@w5*@9A@Bq+X9~Ms&rL2JZ7~E+~*U(fP#6`y~fmF9R zdB~qsx+;5%_CsU*by}$@Ywo6D!%c0nRI0U9z#`+3r4jy)U~zTGlxMLZn~*;BtdE=u z2aBqm>2x%Xg?f=olK`DY`7Nj-na$6C4GyyId>v>G=<9Z#%8ZaS15;ce@GvJ0I6uJJ zm48d+QN8jiA0e}g7NmaZUe@66eRXw%*bxz6atG&pG~n>C_IxZ4 zKJ4E3N>uc3pOeu51f%2+!#(jk`=RU60_}&ijbzg99B!2{F(ed()PX4H7~XN;RVw`qXpZ}Cdo?` zwPRg7DLP1C1Vlt~wPL#YK)zmH+?TE@+!AmTsv5{F?Ua`$8rJXVWP@Q6!PzP-vvR8q zXz5ZZG3>E1d@8%f`^IYN_Zj{8iEi_+(9ZQlu439Go~c^Y#n;Mga==LwN#6t>z0%>j zZI6>eVu1l7KD*obHAe>fN1AH;mtR7v*;rX$a6DtQ$j?93ZN3e0_j_4U)~mPy5^kGB z8HRl5(uozwLZ**$FyD1|-@Nf_;F+XcU1vjI&rmPpD>qBwJiFac$#97TnkiDdY4?C4{-0Y1$(H9@+LLH08Ik9! zY$n%wp9NUY?1cA4JAjyCx4zOi@Ozz*#q<`+ySZ1k4t-qxrMm8r$}aZLUA2k6z-FDV zEGLfU)`HdFQ``%NqwXQ*SlCutuY7k()8rZJm+5^SfkQg%R*%Dgc0k1YvGF=)*fcex z2etKS$>?}P#@l zONNr!{s`lHGK4R~-fk}CLj_0zffu^>+S*1!U8rqU!Q6ZWt|`0ip=4;k(lOJ|Q2hMS zsJVF*GbWZAUUI(=F5n^H zvwMgJi1L-Tb_%p_uJjAD6#iJlz66tP#(f*wvR5|Hj##?g9~uC?THh@#YTeyXe(#l8 zFYxNlZy|jpxK-6v^-`_gf2e=SeQF>Gsi5%cUr}M|n`&&?`h6FPyslap{wFjKUvM2K ztR``UK9OAR8Rp*l&?Gv#x>P{tX-k&DF=8wN7Yf`NX|TdK>$TBnJT~x~S*$p`b%A66C|AJfq#LOp@15*DWdgM%|*09HfTP5O&?^nG!A z6@?uQ6z?@$@W*^^37|=PG96>IJ>H<2aRckzgAQ&knE_}8goz@H<0(fi(YH*YO@3F&I^#Xy8_)Qn|sWsd+J49syc69?9L#F=_Rc$vVu` zI1UTMmOEHEX2W{OfSuTKN2gNgsgaVOi0LF>bZS9g$wpMD(?BR@Wl@}STa#o^NM(5zZgtwUMQ#g2b4z3hk(G_< zZ>$kbO9*FP;c01i8`;300$o&a^Mas)0;yA~i;93Zt2@un=S4mLc=)v9E+_tNshV5= zJoqXmOBh?#^I7yOhqFjW)`xWLaSF0Z=W=aWnxt=B_-`ze+*l~-7mWHUBCCQfIq%u! z!bN9Sb;kUGw%-5gv)r7|BQpt7k|=O}T>%ddRTfPMOO96C;vSWkpL4m>2%PgOjkY#6 zlC)`XIiDZIDPNz2lJwnptqh_2P8LKqF6$){pd3&{{d$bJL@oG%u$K|!o^zv^RzTzq zlpC@re!Dh-OWJ!-#$!-o{JYT^=x#CuU&!}q!NKq0XUzE^+#RG)?lko&>{dIHr^GOx zI!_Q#^qn9}GN)%e>R#vE{Zs3X5Aw%L6_uEO%)qgi;um#{*aK_BX{5vzmXzQ$eRX}0 z7O!x8>`lqre%`F^#HQUr<14@ow1rONs?cajOG*7H)~~S1(-XeMa@y8Us5JuZoCF-F zDyYZRaWK(uiuyhIZcXvPLdhWX`EU_6H8J7_8CXl+PUXRvhxxX7&d{L--KTuLz3{3+S^y zRn}}@SUphG+SXN{^z2+opsy#n%MhtyjL_<`&;2kgI>|-H!cbi74Z*bi+KUnqY&2=_ zwE^c66vGegmK0oE7@(;y^_;U!a=o`%YVQrA#)|{s3p(Q*2-|t%8xkpGnne|5i@qt@ zckh!1=Lcg$lNOZZuj3k?=1)}F3_w4^nBAr~xY-|Ep7Ma2%%tBbgH zbjdt{>To|q>FrBzF!%4TtSYRPzk9^RMF=MSi+Dah1q1~pdlb6# z;`>$>=W*WP{0Rr$*FS}uxY>yZ(QjPNKA-#y76`3K-dUPlZd^`sSJv3=S=ZZKQ|eDN z3n0zN*j*Ux+ep6R&}teuzeigbV&729#lX2eG5KNb3!bc>&)M0@@UbTWzUO&Hc!z=B zyLVLFnBD=SuivF6vN7U0T973@XS?W?VIpQFu$l^&7y6wMu7RBnu1 zeSJ2K6*3?4)&G8=BiRVqRPht#%cD!lNyd1AC($Wqpq2)-jGk;1p6QQIgPaJg=(GzSb2Gkm+LXPxFGb7x3SK?hJ3X&l z&v(3k>$SEvx%8+zkM-6%x!;F;^^9lJyhiFgBBB{3CA8e!W5<u@(<;}ASqbt2-e%4asCSu0zsge9`$%5)+{ZxV-! z#Spc9<7$+3 zlQvZ(n%-Nnqx~1@NMlbd_%YJW&HG&=K@EkQq3|O8sap&C<>V+K8yj2y)R@bQXs*N% z7$|)clghcJod`Bg&U;tA)G0|KlBeqZ{3fqhYTv7N)iXdGt(aIP3>UdDhcZS<^p7g} z9UYa|)%Pm&D^UsQ3(i-zUBb6tu5JWmnLAAA8|NqnymFK^C<%^mDclgv(mz8(L;oc% z^iq*qJK=Xff6k90j!b##YFF1Mor`?Q#3Uwsb?*I<78A|_#eM;!N{C`@*Vzmj!3>vpb@{wy>wqF?wF4WFv>k%3GWzWve&h%GTvz3~^Dwz$p zo~c^}PEXh^6e_-op;7NEsZWejxh`PnU?m(x+8lIxvlk};d0)+=qTQ*ZL{HA z^~Z+;Cv7gWZCYU!COyPG^!TLsfm#t9Cuk(aH$*%8Su{eT zeZHA|bMIjLzPY$U${=bcXwMqNQk20-^qPRKr8{da);d-OjeXxsP{LhPvpbH@th-^m zI+g$OtBRn3Y6NM9!Gt2-9B-Dl~-Ux1uC zymM!_A2*=rslz~6NAsN$nrTMt!$bW>-N>%jDk?l%{1zj@k=i)02~6y}1~pC1x;{kn z*w|Q|r9Mr+e$2OT-vV}uY%fQ7R|9kBky=Vhzhg(Xb;8Wv251Z(80o{bx?)cvp15pu znQ{GYQ&CZorMaAK8cZ1QeExRJw0#NJCc=KU43>xE{U~&x<9bZO#8^JFrLR) z>cr2_q?fJ5M|+xgiDYf8P@BxlOR!(y`E7doQzpc;l6EDlvis}+(>TwOePQq+hXy&U z4(MmUYhjUJb9LggFl8J3=V`b8K^jpQpuabWksim%Z7bz=(&{O-`WiopS>*%*S4@6> zfcfT$_JwKU>-)hhN9Qf6)l$t9OHHn$gI*LKrAxNEL$(R?WuiR^!}BRFmbRq}wo`X} zbDV9Ln`?S`C@t$ZL*BUcUcXPSr~<);PUBtP%enW6EnE*0Pv?{Hb_3?3If(zenD_+u z&~z?6(2|7?#^;R-9^ilEVoj>~PH$PYQh9P9E!(^_HTS6@A-AvD(3pfU8o7D|%i^~lZA?Eok zZ_s}H#QXc^j}+^nvfH(VgS)ozkEg?!9-_UtzWdL4buvTfV8ZM&+wY}>YN+qP}%DceR@m+R|ypY!hjzdsi_B4gx5ju>l2 z%(>=VnGuTe5^&Ji&_F;ya8i<@%0NK>xrKm+g!nt)*fCH39e|ybC4_-$XK~N}PN3{1 zwVZ%}(8>OD0ZS>9-T?s#0!fJqsk#GS>HYYHs`mD60}VwQ0EP@n*yBc<9}eP4?K;~O z(DOx?{W-fc$MZDXl>Mo?{CFce7psYY219ufpbS_m64f=L7lOph;Q_dm9KH9i6$Qg}99fAG4F=LWcr@^YuE)NQvHjZ9X5! zx>h)D^uV}5JS;Grf%q#|7ikcS6b5#noby-%Q8`sEcS*GS6ZB*9)q_D&;Ze2JdhBT( zzPfankx9nBx^$7%HxVL^!S}i(Iub~*KMy47_lH6lkFqyG5=HF2&%%`RyYI$QomtjB zlK>#!%x0MX-Tm_1!I0LlDwp;9y}+y|hso##uprp|j3l}H(HxuuOKtZ7(P0x zOLbmI2C-u{C7*Dy$rpkOaIcr%Pvk^i3pcZxXBH8Scno0O6d`0Ava(GrA%}Q=7=(3u z+cz6LB&_K0W)12o+BL{f$^KX-A3V!#ieMX@nRZ5Cp&;vu6EL_k?lv?Dxobg|&@!&B z{~^~fjd>}#@kEMX+6cQ45z9o42fPDckxt`+1s5~CS930H!_OqbEVG8sP8p_=rk;2v zEP`3UDClq=cyNT0!J1A9hsG2O>S3h9@_bV>kos^9s5gM|)#`$BdCyG9NeP-}Umu?y z7llYds=lzYu@N(JLU~@j7P;LgVKiTsbUs@oi-pD}2ZIC__D3ZAKMZ9^OF@j>v88|aA=kcc3` zKtzK7hXEbwOkF$Lb__38K8Jhn5?p3seCK&Hv}c8*sGtI>%gU0;eOiT9-NKLwN;T*y$ zTQt1StDxv>k+c98v4sqa{m(+-#-RQRBk+z@PnH;IFr!-357Bk zaLo^(GCK<0+|*js0A{tVe8v)K(g}oro*oeHJ@xR%a{m)LKO(_7Z~c)V5;>S!4f7=Y z0Ktbjdlme2Vsy-fbqz>GSRXWaiD;xY{vSqDQ9y3jTT#aXX+)r0HjM61TbgHSUN#Dt$*_AV{q6s;PR`_8IlElVrz>%w9$t}m8 zTQ+w*=`@c5T1twUgm958!-sGa3YY?M&nW=j3$l23De&XemIR=biX{|b4jG^-O!&Df zc3XrI)8MVgzWBVOzc`K*9-H}-NeZ3@PgvnLO!!sRQBton5{Zj!)^{)s+E z{Gg02dWD(L#c2mye6)Qzo^@18^>3Q}f)60oE~?J7Oqs)thgaUz15TPX_|dS0G-BX_ zg3V!a*)AsX1_{WKds~c&QMSY!qS7l@<{)S{^G$a+Pn5DaFtIyxia`A_m=Ls928*?EV96RCkM0I!$maToaY;g3^auPg;~ik(o?%Rw?L zT;xB7CVQP{5e0>h(}OfnCDRJUwrtU(N1Ud;A35V5HKN>7Y5nhp&5!ffY{}`xIkRHp zzhLNUX9Hn674oEZcP;&339g7u%-%(mVbmM*K239v1mE<+u@f)@J+gp*NHLm z1qzoxYt~5YWT*@^NSfh#{<#XRPNXk6QIt`$L|_&wM@(W=D|pKKx!@i}`7$%<+)BYM zd>#$ zop?b)Ft(e~?`8_YxiFpRZ|c(!jDA-=b~bh{1?rTg9N$x%S(&qPMV@}31^JNaVx?F zkF<9AZqLdf|J0LBko!$Y`Xhm)BIc`2BU>Ag3(vuO4qrlm=<~j}8?-Gke})Aup_7^Z zmI_v{U9xz}p5?fFXg7-xT~UNfzU=~vOJi?nS@A3t2ERf+>AByOtYL)-l5;ef zN#|I9hCOCjW+z_FSc7s_vpB(W=4s~{BXd!>m!v}b)%LRGdz0#B3HOeu&!fd`B^%zs zEHTKKRJQMC>X^5+Q?5oA>)c=0Yu#UO`#zrY#Pmlw^t-D!6L;FR$6`34fCY&5W_Vrg z@FK%Xl)j@EN0v@c+?fI96W_xnVPsAzvRfa?F)@o;ovDbD+aQ7yVi?#`{Ofvx!(qf0 zT#p8dBq6@i%j@*&RdchRWl|u zESajjrgrTV@mCu(t^*kXF!L4ZzVxKAV1G5R#MhgP%IjL_Htd?GeHo3HPbHx71-G~P zB#YAuF>;Mn)t1~i93?b`*h>40=paG=Pv&vRH-}+T@AP*;ti(IUc;Nr#4^X20XP;X+ z?&At!Z92lXsH3o^e73=XRW`qj+1= zB2n6I-xFzgunB45{y&i6R99Xi6N29)d&bNQd}8?-(UOpx9<$^{pI>=a5e*X-~D6Wp^bZqFu8S}Em|7AdemBjJ6Zi+o-k*ZP6t4%6}AJJ(JzD*nn zoUd>&NIZS(Ddm_6`hO!PNe{MozLTe$z+_m{4vJMkhW$?%qe*@pb+F@U5XQ=IzuE9Q zO)FwgFta=yEJ4S_j?Fs+-1`tg3lRQt7K^6{9~UNho_dX*zg)7nFm1k+DN+(9%t2)2 zUR#1fd06oRtFGH?{_-NABf-XtiTeG-Xh^+)2vP}2+6pwkerl}t!-Xg0%RNb9ej>QS zc|yD>D_gx{5Z14mwUaqe&~ksOiQ*oAf==a{M$757+$0;VD~qNuD%( zEf13P#&@D=ar56E`gc8*ns&Q zsY>tQK}j=Sw%p@a)eb8YHm#hw%AeX}A!B9b5dF?`?&=JqPF>b?5Xf*7%5CNT2VJRv z^i4M*;}{<)S5igT>wJmsXGF=XNGS!s=R%1si$FocGK)4=~*ovtseGJH^BZN2X_mna%Q=5Bf|@z|LHg3vlg8H8`NXG%s6n%SAq7cv%LtW9hA zYs4Kn6QV?7l5FN+2}mFo5&r26@|<%fCAZy9$Wj!A37A;tIiL{(TjlDvhKJuBe^)GC zgi`oerFYV;Sd_Yp^^r$liT~2@H_r*KWo)yO&y;ttBgzD&B65-RFIk1FT%f3CEI2T; z^9be7QHf3=14Ky#r(_FB;%VQmcjmKyt7sa1p;wF&6`!w{kCsU&7)|^ooi+ZvC^5#? zj(ZB~rMMuydekG;_cZ}jY0yWA5`sr~1w#M9Qvdevms6?P4iLfptnkL2jk01i-Uxo2 z<|#t0!X7EC&zhPV&0a?`YS$}4nJ9h3kxpxF^-?TDmr`qlu-rST^}9qPdXitZ=Zoy2 zC;1TUU!dfOkomcJ9TN(Zs$~NM*mr zCc5Prw20HP$BBq!V1)Q@f^+M=e~4LVWsm#P{W&POq8yC?BcyV+5~HGurXax+?3aZo zpVdPHUX-qw%r|U~ghivikOl=S-jV|SIUyG7pD|(QEF=ZnILOU{KcY?D9>RJ&cV)<% zs!}z^8=onwD*cOu?o0fz9?8njV?omsDdIq(mY<1p(oObBi}dLx-VvA-IpYb z0W00>u?o7-SG^np`sI)D~d3H zR@VsE(bm4(J{Y0A<^T%Iu}5ZRVbNO<5r+D2MMr^TZfiSQNZ{Mw7KLtbb+#}*K5j4D zEr3si=OlrgOg*P}GctCDQVmwYfIWDj8d1j}$Yv6ZbR?E63ng!1NK#(H3ZyhkhJ|gB zJ$q5RL^D{lm_e_Ks5pm2Pr=Fp*I9hS7^n2DC9xnV1X3f(%;hv^PdR`G;ckZadQZ@0%ddvFL&Wfx~(vvi~V91p|@xz%PHq;6=%olmN7q5`I~I)adgP zy=+d3YE$HjqgVv_Y;VEz;rcd?5TvKSLQN2$C!tXV`fKh4nx%#*txZeNtWkl)^lc-$ z**ZM8wHV_O?XiJ)pEo+DAEU4+-dc~qA4ti8x#t#7C2;p<>Y=#@&)gNmE1!JGr)3EG zlCyxAnmRhZOz8pW zi`YCW6#`3s9jIG+M*NiyDhSso`Lno$LG6s)aW##U;I|rZzP+4n{*q0RJx@*Akr@7c zjN!uKa`1!ACZqkZWD%|Czt!~%bbyl4sNr=eoVlf~<1)Qxt^=z4ScnG}0fP${JSr6F z|F9){B;d9iMB51$q{w2F9BDBusUN=5Sh5+(%KM~di^#yfb8L@Hpo#HTp%f0ysjDm_ zBvE8o)bu=L5@M__NFY?f{+dRpC<`PA7P%Y1+)PYOMojm}AQN9>K%PzV)upXP)n&u2 z_Q?4WK>M{&F#-_CScHF^-z$L>!8Z8ZLLj)kB7ka=O%S}i}tJdly+Vp!C*cs+z zoTM=Rs}byBf_&hw_PE(q>$lA^Wsp*CBkuLJE`P6(`PDAI7n2*lr4K)@k2jg~V)^1I zh~*)NFd3X9Js5hx?m1E)}WR1|*QB?zZ#(No;v0#C+qS8b>L+!k|+D$*H((^)=6ohyD;IJOA^R+0& z8GbYV?V#Cz`GO+|GL7gP^YnKqkfLpt`B;Mz2i0%)4)2(uMp-zIWjula^XcEUg(mmg z->qsl{q>;m;rRJ9|5C&W#JxX_(5?zjo*4b4K|)JgXJw#r%-Hex&od%Im{msN?d6BU zJw#xX0^O5fvCW|7mmm23GzuTZV|#UaAI8k<$fAV$#5{}|kQNGvh)#_9qCJeG2<-0r z6z7CsM}P4&AIGMncG)V*tjXOh&kMiTWD)!9ku$;LFG#c79nScW99G(v_?D>zG!aY8 zlGv5;UmO`U67@eWiN=Q7o?h*)-bqv@C)SC9fD!55(wblAilnZm7>4d5#l%7~8L=%u zAjOweHPVGi+R4hB71rQ5zUn5o$&LS^si@tB$EtzQI#Xy^5uc_!{&+SvmfR(S)_Oh~ z(XJy?Sg1pXZ0Xem-^UN(CCj1Gk~ZyR4+laBe8Du@cTkF&DXr0I_*tiKo|a}Oi>UOk z0K_krZ^P3HL%6x%>g3U(Ku6k?ElxOVR3YbbBi&|^P2R<$zL{3}o3`>?auOae#*9`_ z@L^9=38K}K2WE3t%*y_{)DBl2u>uZ88K4KWfBOSiZaXea|%LX0hM1+ zkR7eq!eD@QTi4N1TC;ve4qdMgPi#zB7CEF~?hks#10TGke5_OW@P6(!JYym0C|G`7S18=HeMFb&4 zdwe{vrP(~OX*VN1DqBV#mRP;aHk*W>yfB6OH39O<&_y|Q)bKzyj-{%Ar8OS42@*2` ze+I9q{4Igswpb6AWzFW~P~xM|#u2I7T+CSva+na&jeg9&*z!kS*g=vc!H|~?qY5Q^ zM060+Hu2Blbw~xvrSk18l}#hJ9+?Za{@Q!u3|69($Jq}ehxL}ZZp#Bn9I#NR4Yzr(GS@@i8 zn`D91SuCmxaDUybNbl_bnZ{`BP$WeNMGw56@!?CW zkY|c z4O}lbvfaBv*S~08C%MB+1TIVT_dSv*0jg%iDBhkv6ILri?r2W91A6VMdrOZY_9jsV~4tZ;~ihvrc zDfft-)5Nw1!bh)pTn%SNXDH3Ue|9~q7PQv#a{}l&eu&{g&$kqVeR?`eq{-uv$Tq6$ z@)$R(XKqr%ZD>^6=Aq@7y0q`Aw1lEU%AXcP95_2vIEVx&HYG{(uH)^v?u+J ziLWX}AG4?RwgyKXt0niW5Gh|%^l*PBCB3a?u@c)Ngzk=+QOIdao1t4Mxp^FMPXICk zHOb{imczqj2Q6Y`GprJ}>Cpz)Wwd#dXc8E?_5;m!I%RAq@y*c{d+|JTf@a(_bog(^ z`jf7ZjYZ?9M$=?cy%*ba=IWh#q`z4ipSA|SzW!JGpN2(d)K_Fd zt0;c48CVIH>FkGuNPCtqQA(tU-0|CZaXP+Ov*s{(!Nb?h4+ zpjC4hn(?;o^%SvcHmhx>lAJ4#?Yp~mMaO5AF`Jq__MI>iv7Poh(U}DJ9&lBy2(I}|v zCR`P!F=$6>!}2L0kl+^Jc*fNrtQ8tLq`VdzChmijnT2P{W@>to zW_eGn8b0TeO4S&}RHMovsx1p#k~$%K9-i*!F&>}UG1h{H_^pK|Vd4jP(?w(C0Q=}> z;S!9U`cm`6Gn%B);E9DNtW@LrH%-=*-g*J&_FGRV5B!`yLF?U$S4qDwpG*<~^ zF$m;vY-04v^QcLDTRn&9vtq2=++)OsY}(SF>O$(11_Jo&bU;VwW9cYMNcWdxXjS(s z-@c*-N<`ewXa3RAu+7p>g-Fb-{qldUG(eLXg6r)@%n$-*j8f3MSnz~)APWHPnPpWE zD@gotEKlQ5rs^4wGje_Hr${5qHf|q-pXT%(4RgdUJ+3d|*qp_CVSHLPtb}4G`^L+D zSsvq4e^C9;yk2pw@Yw%)Ka$vB>@_-3CcA!dK>%BSSA^d@^?DUw$8D!|DP_Wknt-O6 z_FQvmD}E1~sPM03Qaq-a=GUz#_$O>KFSdzqMm zsyXgu%xMdCRhvj7`(fQhFR?%xF()#WE>?tb#1K2fZQXl z57`4IHbm=L^;(Pt#wV`#Q`K>>Q}^J1xjG@(M<7t&7~SXokE@+7jF9WiP3EZ%o_ac# zaIGJ}_q^1()-IANu9RAjtUZS0%xor0^A2N)Y;|})2I~bUnT8a#NLA;g2Knf-Yw4e* zKlIel*VKp!!LA7Vn=~>OT#v{?HGE2Bqv?v-@DL?qJd$V=q(44fX?D(EpYmPDm~4F*vtMRCqtavK0ckT=m&(&uPIoU8r_U35a07PykX5VILc2sFimJ-Q7!o%B zVoV9*_%FY$dV_21WY?Q)W#5kL=vNAu4zcI<imT4a+!m;vaJO z*s)mqrfmAb*;q%sqEjMjrigdBss4BPP95UlUjs5F-*(g)EzydMQR#f1gPZuiq3uD0GzseZIEltl<5V#>K4_SZb5uMtK_&Cm?WhmS zpQppvuz^b4I3+CfO2|3raEC7?;J8P{@E}l=XmTx?pxpfP@mye>qxbyxq@jn&^Y%~# zPu4Dzf+U^7uI4J-CQ-S4vvFi)E3=2cBn%%L(;QCt6bx?C)Hv_Xf|UG6Uk;j4s3JKu zLsR?-R~US;+W6iediA%0iBQ5w`bwxK>FpS@fdvI?dA&|$stK^d@uJ_wHl)a-S8a|qH`8J^b0S8C=Fn=BGVwtqWn z$#4AW*y?THI7G33Z7{k&1)ZUN`lf5T-k)!#TE&?82^pWV^PPS3dR$@5*sVE2Ly zf3HHK3RL%1zvJS}z(XxzWai#P3qq#{$4A#J=>e{}v%KTH&JE2}J#%FkJ1A0Vu_03T z{!Mn`R}ba|(%m~bT#(|Z{VBabe=PY}8}hOj#Bp~bATTt0VqLOY+_gG|0NjEfqXTb+ z0i@kb9!cljU_YUZ>T-p-HK3sNfkAx(gZ3J6AYek^rjH8zpz*^=3nq;=>KAee>!MBb zh)IWKo{|Xb*;f5650@{trw2!vI?RrwUvUYEv|D-f^%WrQ`YSCVqe4a^=wGF{k);3D z<#U~{&ie7h*e&ErgYegPgd`E;2>tfZ7~cdHI*8*KIGFo$$EU-9br5lqxh+{j1;jv` zD0*N(e?3^Pk*w|BZK&)RF1e6JpubGtH%ElNIX$2)WXj>dXwf?_esgS&B9=4)E7&a& zY?6${<6~ru46SsS{3b$Juc@Cr;gK|J;!j-RVl?~$Wv z)QI$#Kvy{X5`Z>=DbD#xq~ln^hu2p_e~L&HU*;+1BO~dV3=Tu&I*Lkn8(YF zAI(~-0np}k=$KMhJA*cA*=GLNF)`x!Q zgXeyRf9`zX;Bt)&{`fM$&Q6aDc4gx_o7D-@8~7~?g=v9B^A?OuI#c^LB%*8^!NrN{ zT$g+S04S#V2e-lW6uu|Sb`r?PQpg#W{O~7S$Vm(**QD^V{*pU@l*~IKFj%5~6^Y^m zqR=Dq#5q*I_S|loT3i_#tpsrkGjRNadu(7oT1cU~5GvQx^fg58in;jPRE&fpJ-3`; zfM28NGTo2WdYNS4&;n^>;RK$+Elw^}Gfl~YCIlqKVRT6OeFBxznw0Nz<(vJ%WXfPNp>6IZ+;)x zu8-|Rva{tP3JB+G%k(k3;QuhMG5vsU10$@-HoLL$fuK**LMpFle$aIvedh1WxNsbC zn`nE*sJ|5IBh>$sZ8%y&HwytiFMS`BR5pt+zv%Zat22}#BGTbSic(S>**LGV%-?c^ z8}g2;GP{lYh>CfbuXJU?oe_%RP!pUg$y@u?Ma>ZL)`A30RRi>~4u`?!jwx&7Ol#w&i})J;_I!oS6U;9b9UMiyZQLiWCPo6AOc9$M zBJU~4=6qK>zIZ%AQ+fQx1>E0{`dOiTno}2z&#cU)SFUG(4xUa|`?A_H-#K(^KsSoq zbQwgmkilB+*=h}>O(wDH51YAPyDY1r?9vmqYw#IYUJ|cJ^H_E^=AtBzjdD0AcI2Do z*4v(;elChXmF9%b)QWq;cTbEK0~PxD#lGd=nah2ms>G8z66(&fFqd?=HjIQ#%>f|LrTWy zJVGlC zf~Hs=MUtP2eZLqH?}P>1l8>o@1)C>^l)XkvQ|3ltQmu)CKykRb@i2kz#7j^egY#!A z^TYUX(rP_i%MCwD$4o+p|E!tELH_i5A!om;y1Ga6ZPkhM^Z8V5Y%J#w#+Jh;))`Vc zeC+M}n|yQ*zVhAW*jJc*GUbX z@O{_}+g@bP43YHHQDn=P`x_z>S(A2m!#x=L4Gf}jAG}CzJ-nc0v1f!Xu7G=Vaa;$p zySG_{wY}y=Zi{G+!ZD8edqn)#t{u@`lAB+sOLx;%5{CO3X~Gf4-;V@CDr-6Zvj7aT zq@PD?v|}u7*|7pu0FQgn+r37VFv2z_P2l!EXoj139E+)ti&hKsFK0{kkCp z0G$_TYO)i0Br5)h%AveT-wBL$mxLeJ2m2= z!B!P$TY~%Q}sc-x|fKI2a z(Cp7Ati@G7^l4>f<$Q0?_o{&iJZ1RX^JSPx6na5(@$hn0Jenb_ZsnE}oIMs16G_I> z+uh&3FI#T$BwEbz!^~+W8T4*EnR--=WcB-Gg+bJ~s?D1cwVif2@(BvCMQC7czUdI2 z&%1-Uapx}fG%`^eBw&+5vPT4SbfP;ForA%ASxAAxBwKbR*+sg8*f*MzxaIJ0jq^xY zWttMCUk#`4^Dh+OXA>MHk90z_$8EI(KJR(BD&C_rTCZ@5p0Ri8*!!_fBsZ)7j0};?pT-FS@;K=u#+}~WbyboZgtYXm1?n3)x z3{lX-RO!oU7?7(ZG+ppfxtwTbd>#Cxny*pAlsM4g2+sx^Yh8nH2`T zkfOedVG6t4xY?Kl;(pgIfx(HSS_#YxNRjs6A95;p-s`lq-4FhfNWZM~&7WF!4IiwS zXyKjjt`PY{hOsIc5-C!&Xe=);loBVRtP0U!xI9Dr3-1)>#b;}*c}8XJ*B6m4vsjDQ z?xy+qNSsHJP4ZH7GS+$b?~lR#QDXVze*l|>HEtRgm894JYmc=aO;3u8Z(5t7VJ4_Q zve*i^XxEQR=Y5d!-rx9ex+xR*Fk{0J&uh0qvy{rS`CGC6a+})@7Bc!!msANEdF&lX z%@lXWVS+01YK~&x7@=vX(+s<-0vuLY*64?L$+HE%t9}>_z34ApGXXd)Hw(EB4mC~+&>h_Aq^|np=I!$ zv%4uXq#hyt)q7v?fL|kVTGdLXZuR4Rq=Nm&UXL5N#Rv^s#-1rPdHasgOV$*qb46sK zRS1Ad1is$v9?E=m$3=t%(SS3fE9+nCmp&;_VLE;VjD*c6N^wJu_g&P#1zR6A2#$e) zikO;)Ek=<_8X6QXI)jcQMsz{mY2180J=l?q_yyIC(kSQ$8{p|IG<)#h@EdT`gyM`w zhtso7O##9sYEee~RPKhy{Dy<+3j{fCwPH^h1n}bM%&dRTiFhoXQyMe0)JzH>`sDy^ z^}AKSzj=IUI&s5KMO<;GX>?(-jM%y^%?CN|^OLRxisb@#YKXlTu8=jPZJhN52*gedA4_=$$M#E$MzKR)E1H8QM zI!v>%1Rb2z0tTUhWTwMoWj4P*`VQ}D5G4Mz%9#TiFd5_pID+>lz3zs~RP5*W3-C}j zkL^Zx#U&!YSR5QdXR**0tp(`0_)h>=X8Iz~HQoU+Vb;02<*cl`U z%wy>N#Q#Zqlt*y49VdhIOKpbkN-b*OT`%gS)kG-k;_^~aNAI}Y2e{R%gt9RbeHz2@ zl?i7_0Y4y!Q)JkJnfj72O&oKT#M6Amw>mcc@(KfJp|Wxgs1&_636}+&95KyG`gOeeEiR& z&e{(n*5AvU_fBlv&ej1Lqtn+>+=b;T6n7fSI9$@)F2lWiUh|~yFnA>1zNJ*>TUa`- zSHHmDECnJe1!Bk_qnk{5#>Bm+B~pn|;~%=|f+RCVH#2zVa+ z5$#cdTe2#Z12|CBD^hBqfPWxCk~K)W{Qxhkrxd0M39{N`^BiP`Bmy=;q;xWtAFQN~ z%JrHCC#|SB*H4SyU&<*YE-syoPSa`1E;8Hp~$5&@AogQ_EU22r&Sls9jYw4 z3Y++zT~gj2dvbE>$Zt-E{1Wu4AzhW+*C5r8u`XsF*pV0o(Py}6YbdRqqb`}8I{x^M{&~XhQ;=ZV@8%rpO#NU6&KR#1` z7U;;sXzMV?>p272`Z}1_KP9U4_^ea`5>YmaE5645+-s))PVW*JV@&^ync{zk;_z*P=b)|a7s0uxFYAEfsdO!9GLG}qpaZ@?P6gV(-Yy#~mP*^Hx!}rgSB8CIlt=A2uV*GeTNJ! z#=4@u9OygQ>NzwfWAV6t9KP-TPW~O7*%AQk{_BP!{e2>>-N_rrqPwL9IOe_e@bC|R z;@eToASiiL;NblItiVZ8WKTvEfz8I%XqiIz+V@T{l#eDwmi0Q??qMz=xcwd9ngN*W zk2=w-%*>6w@Fsd_6(E7?4YI%8)zB1tv2py_VRL=mc-xj2fyB(r+5mA%mvX9i+&Vv^ zVrZD*mYzqK?+&mL7a||w#n~;Um!jZL=qsCPVRd!T)M*b=S!N`RZ_{wXwApv==rJ~m z5Qd-GVK!PFi<;$3uycC8up1nmKkt){X=R}W044_S&*s+F#!#r#tA}Df2P?gvb>As6 z$RYj*(_`(j^gI{!d(majVpvvJgSXFEkHo2!j;Hd*rzeFnZc2hEGDc+-RdPD4U>6I+ zk)Ms44WcOT&5i8L%=5`J=)))C&8GF)#&y7}+?JY5>+hRc4IlYUcm11odtWfVL9(r0 zc}WssTbdrPBSH3~GYkhB5(EJ#aqZNqE}u_S?w=3PvT(g_d>es+kG9pijj+dF!Z6~l z`b=-|Ska5TUl%r?MV;PczS=El1wM#P3oUbkuvZqo5~HQtDdp9NZ%qk5x1e4dL9X(B zqEd^pduCG!*6}tx_q*P0Bc^vtK}1ue>WpDRzGX>}T)Q>Hm)Ia2Q@M1LHg ze=cogMzDh$K)31|SKQE#^cFD{wpC#3(5$OhuUB){sr*1|kpnapA-`icDJ{2Pa#43u zPo)~Jl;T-`8X7)u|LXe+T4-W?gHY7#!1>+9{>wshs8bC`v7-x2&IMSl!}Kl&b33@v zB&xnPkx#Kco1XSOU;xyMIP5yw!pyH1J^_|j$u%9A64el4Q@O5o z?9!7(z-yc+5rOja{xV5O^74=>7!FsL1AgXINB1V zCK%{rGC2lKI(jBM$jr~I2?9oo!-vNHZ^8R zlbtWoyD1*Lj2y;d9ZX!Wbp!KOYb2<=Tx=_Gb21okG`<7r$;b@SXnB{(kTAD+zGPrd z;pyqPn4IuoP8HD-69>c%XmXZ*0RMSp_E<}KngHQbpz`%R17OR{Zr0GHMXY;(9a*3@ z;5f3@37p&Y#)uM26p6*ZY%8xmC6m+I3GQ1a!^xJlS_vWwr^U1BBh58f*7<45=xb{SsCY7a zuQ%KzQP{6mv`HEnAiHuy&H3JQWOHSz$xg&xl=w;H4cQs-q1=xrNgS-x+(zEPf51%o zwrAViT0XO5t0Q{k^vD{OTZrDKrp*lzt$lEqZ*I}u8p!%K;{|MxahA;u@4auEO>ah? zze~8HS8Kgv-E?_E=e`h&v&HruSn%GBHO)uWj0S{?rLS_3iYV54Ucf&2P&>07M#-h~ zb1T1CqyMBY>F_49?R%m`)1e>4$-_rb@+5iUaj>{%hVaY@uE~P$RL9$WJ+2u%w0uYJbN#;IaF|Q5V)7om1puU8 z3O~@IXJKrLbb6wX0YnA3QL#p7z3Cnd^4-rFm>#;LCnJ$hWxp zk^Rs_DyE1*G;|$8Q~_mbV3Z7BR%^9*oN-BG@d-ushWErG;Qk&qn?!M+A+xo5U5cuz zN5xoBNhxV#tHJCx^-h0mooQ)Vt;13XYGGj%SO!H6Esi8I&$?#=V%)MEZISr?#w}^ z?I($CGMVbqug>_@2h(1vth(#3?j=2kqq%as%GVF-qimDFZ6HD2_ufYKQc)AF%LuU|@l47cAJ5WpR zmS#={pUeRg>$BI>eQYv+JnjzZ`RVzmHV2b&A5qBiHGB5?cbbRIN#<@qsBL|@fTpXN|~1U;P)`H}5~Wiy4 z?dP34*=CzHd@MP*m)lm$ZnjGmFu<%?Qsc$_bW2)2D$KDNj(Yff=sg7HPa7$Pt^0wj z@~pntYf8+1p=%b0Re%8|bABIO)M3*z=NGi>Sd)8T(w7kvyMUu|y<+rF`dklua@{GI z%3-GH9v$xtRmMN_PZRFu=Y5Lzr%6STK%gyA_Ack5-GqRbzg6WgkM`mB&mRuB?;l?0 z^w|IvKa7FQpZW$PerX{t@Iy_H-!y37bl+gX;K=^>*h$>uR6BA}n)7lra>; zA}rpc{dLM?@z<{+QVFLYedfZC8sbl_t#`zxzReP@j1s6GbLvZq9+)Ihtl(5Z-^;Ya zB}HX>d=+Mxu>!r}Y5{&|S03LLQ}@2$^(H4;<7T(DX~vRI3F2ARlDyS>IDmUBUq185 zQ8;IEdA`K7uPz^05eFU!^%uw!BMveCNFmqU@4FGqCp|88UwgPt>5)9SmzP=;hYOM2 zNlKE}@6qkP0US4pP;4^(zuuuEEqAN{zYnl{_dQC4#dt7^lJYBlFQk0bdb;nHbu&Ex z`fKv+D)1&+ULT0E0r+z`HAz+@+uK&)Ofh>x^QTFk+0F~ZpB#73WnFNu`#*zj`YxfJwqEVx*yrKT1ZnF z7Fx-){b-3@Jppq@SABoKdvfh2*LMNinzKo=Lg5I9|HtZHgax*slfT0@m+i@>W>P?L zgh`}UTlP&$R)rsrR)Zj7svu+u&-`oA_9H3E%k7-LJ*lcpqVc#xqRGD#A90&o28v?>w!x_f#(bDt+>ilIscX3jf4ICK<#G_SM6K)v_ubg7h1fBWT9Pa)My1erI&RvI7!{d}_=Ww9 zexK!n29<$cC{UsDL|;3c%0d|U7F!dBe!k;Ub|Zvf)+v;J7HzxYMM&|=n6cy`ITrOc zhhKve!z|l7U+)vccrI;+)a_1*+1jedTgRIRRjXzorWm~aa?5OZ$DVBAnWsP33>Wh8 zGUV7?2stEyemxTNDO9MHf1)~Xhoz62I%>Sew_WD|2)(z{mfgdwm$g_aIx~y^To=Oy z)H|R+z!BV--xIV|QnBE8X&U@=k;k`$fkygO_cn7RR`%i2pOIm13hoy}8=$>$LXw2G zU|fHYy%9*f+&Up8huD?cIB?wVECN@m!2Mf%~#+_WC?-_{sB0 z^6Bt_YEI?YnwC1jsC0RSMETR(S)&i$+N?5QU;K7pxn`%+py@M)L_zT$3A<_$yHe}Q zE(7d@8> zy}5~5x>?{ZsYC)P@Gd$kU6wQwCq#bQrrygk%hj5;$F^%HZB4WGaCG`|Z)j_ye3cPu z5sNYjHj@pxE-qpNm(GnVq1)%6JKj`lF4xHEKX~7no+_gIvrg%?gNqoC%t*S9Xeovf zAV;n@8%3&5VDF9@vyAg@<1Zf?Bipl*SL=Mvz2CNjtHLX72Yu|y6ZYmmZsjczIWBC4fCFK|%wdh^;1^02S*@}1z)rxr&V@K!4Fvf9}Z z>)8;B$aiRBx+~{RH9j8kr2nHfz2E$>v@A|}C)~Dg4=d`CyD=1@TF(z|^D^=;%2yX9 zT|V@U*#13rhB0(n#d#kSJP$VR@`4%&GluZlM)R>Na0Q6O<+9eeBDUx&0*Qv0Z>SU0 z&BOZqoVr>^v`SA??03Co_qu8|YKzrO6}bdJ3d#S9sFnUPh;A06J1z&MW&w^dMU=d zO>t5a-eAqk8MWSrkE&-!C4L&_*wju-tcohGf^WuZIIJTT1rym0anR11FQi~f?@5OE z$1qfN(~;It2C|&;t2->;#7?CWnrRO;9p=f8J5Cx{{f_BU8RE!-CmOx#RL#R>&SMH{ zcXZu7$tEKzOH5t%FU;=1y)fF0@oRwQluwTif<_U%v@NuTDDynisc2`_AMeQGxB-n1xWo)xXU*QlNS?-Y%D$2MxT6g*ejdH^Dir76Qu>8-Mz|)#`bCjbm z9%m~e6^ByvmaNr~g%~3rrz1E-els`$g*c?!$1B$=jBw9beM>oUr_+CIV}M7^D3{B% zLbKo~qP@%l^doVXtMW;RhT)g3n7I*gbLj7mpegwPn870ZO;@$q8mLyQ+PGnkI#xg2 z;jAYmqxQ(jeA#Ywt;BiPvv7l@et7bS^VLCEvexH*?8lISy06+KQ*!qg3qg*^c8PP~ zf52h3anjb&;`Xw%wD+Q2^=K4Wc-q(P7F1Sg`qkDp3`lCxdT7}+efV%vTU%U09qU&E zej9puD&h`m)LsJl#+aK_LLZ2W8S&G%=&zq;FNE^2Ravg{P*plwad&*t{^l-AyR&px z!5Z>OmBCfY2CMoncZT12cXJ?+?R!F+e%2J&=xd%cSNfZncx1QRr}w!%7CG7PPeT-B z_DY3ihO4W+OVb6myxNfnt?{HaPV^IP2a+MSq0sBKL-$4rt7@lu=sNV=Pi}cA{&~17 z)yP-MSo~{43{J55r~QGm?l${tK|lC>+-*|4etf(Wd>xevyVY?T8xHi3t`~O){XX>E zy{SIlk2xaLHn{GR9Q?Ini|L)>I|n_hdKbCN`!5JsI3gg2Np=1e`{h{cKfTQdM|p@4w-s$dKAuT z;a|5i1_gSRsU@g1EX$TP0!~^i&z5VcpNfl@gKA8&ce5;l><4iS;tw-}x4CoEfhq!7 z0F28uFKDS-p;p2JY?MLvPn{vxE<_@x&uajU+4Cd<9>C{}Zny)_3D85C@Di#QlNmxB zmi1Nt@{qyjoEsVmbvL-R0|8{yFftksbCY+%mOu4bJdrDPJnSiaWsEA=I9JIlZ8*9N zDg654PZvf?h2{9EWjIjm{Mr>K0!K&=pxt2hGLy5d{RUTQww-e${k70?mayV*pj)bM zv)AH$g+ptIzLhExcmsdO_BA|T=)P93CpOwC>j@ii|IROJs>9r0rT^WlQS-AK)*N8x zX^{dbyP7eYNi2bdbXu+tR(q!WRRVtePfrZO@Xv(et_1FXg$f3c=17hlSX@~(r>H4?YIL*^B|M{sydIHknjfQ39!Xx4I$5&5(| z^RifuUv(uA@KnXDsJ3fY?WiJV-aca^T(vTQos)du#p zFesj)e%F3|DQ~*Ek#<<#pIw6HkLScSHD=4NuqAn&%dMd013XDumCT8`4sv@wN$k}$ zhL6OqWFHu*HRadK_8p!fLol@l42zWyA019W4tW4bt88r4>-TN~jLTQu$} z>s(nr?F0uYj+~(56F9LPEG6`0UT*En)93G9MS*^7?nV~l{N!Wo_dxNBZ8-}sXX#^f ztBRy~jQtG~P2oEDcD7QFAS=sfJ}v5xSH>)j3GpA^<3b2LIK(d?qY-*SzX^|vy{3-o z$`Ypo&m|;q-gp_?YLH9HCft5a2GRyR;!Ub)Dmw&_;4ChN!HR>-6 z5S8F&Pvk#A7QKw&p67N2PqCxRVfFN#NN{`?c3;gJ_kGKMQJ<@iOSOff&*^#%V$jCr zqZ7nTtv40NbsH;0W&UjLV?CK}p9s>UZsM+L41@u+W*Gsj6I{gaH!%W#wR+t)H-0Fc z*)?Bhq!8I?Ya=+U5K$o;|2(nR>H4)wl=+pk?0Jqo(n=wsVN{M(;G~D;;5ogI2>r`>q$i-4a0y!}z^l zj&46(I*fsNY;$COoyRpHhuk3U@}6Q}6T4kY&qpuf2^y_A_Dm0V4Cl^PhKU8(KYk9z zVfvwAv1Yqo^?X1-Z_aWV<)`RQNH~eXFB?ONgVIRiYj>o{JYai8@-DU4-yG)71{){h z4E{^Uq(A}h-h`&OFXt|fd1O>9(0jFSs}pc^nls&K6;^v^pjM$Qbuxh>ZrWwi)kSv4Vf3L^PD^ga0}0 zz&}~INbp>^W@&d|r;mPYre1DB62Xh|S9U07#0?u1;a@J%WQH4 zk9mCzM5UbsJV98zFdczz2Ngm@r6I#(mV)O=pWDmQv3=!+ti)}B^ZPD=syv*|0=Rzg ze$+o)fF5u!P*2*;WE-lS_q`^Dje>k(2~61$s`t5h@flw>QeLlWgttYP!er1BU40eS zMip1_i!TVienSDcqku(k{6vYel+ zwm=V5f^8gZCEp>lS{&}nNBydSnPmMBJ3W_gz$aT?{2HNVF4`ZHJMD#{7 zWz2OSfgd{rrnji<&G63vwxhI&{JL|(T*p~rBbx3TPK{lq!fW?D*GXTI{|M^E_W^Xs zq{#&AZe*qI1d1f~zj^XFKs*~0FO_D(TARarWWY8!qEThC?tskmRxbTg*eV-hk*)(3 z6^RQo6){iNxu@BhJh31B(})qkz?s@q`0SjrXcLSpAtt=X)wbAZ@Y%1|jg_&FR5RD8 zk7_GaIJW0j7>fg|(eN1uAWa47)@8i`Ds&Rk9R#vTvVVGfx9Y4`_Q%Yz_8e`D`L z$pl@Woj=?xeiD0qV&2u1q&@vc4(KKq+i6!f%eAWn4w<$ppAe~BM)!6X9R2drbzy_d#-yFjF8RRuNJ&!iwTID%J^Fa-wj`*&j#84(@ zSAQtPvOwNB3MmIlfR65FD2l)uQKzDSJTQY5mt@`Rkpy3j#J3PZn%!sMt{QT?%TQz+ z=KeORHUt-9IKZLdJZW+J0WNxn(TJY1Z2)vfi3LtJh;CGOo0_TNhaP0;T|Ti(s8_^_ znZ?*I>6Y&Zz5ApjH0i_ExI-?A`4dt{!_~SH1|DoAqrt33sHr{7121k)1{(6uwA+Yj zNB-I$ZPT6OWt@-`N?}p)EA!*(}#@>)9~gl!T$7a8U2_R!5gF8|JlN`25KuAFtI+&du+T*DvPmcUhZ>m0RdPtS%2`RAFx4AP+W#!U3-IReP z4D6SExdF@Iz6KL0^KG*iK=v`f-_U&d_R@IQUl--?W)>=O33%0CtDGpDCIEj)4`b?4 zL@ABS_+XeI8Kw)x7iK4H)e_&yO|I+bm2!m(yz)Mt#-u zxZ)B^?zlp9`WV`Z%DLHXON;As$PY6btLk3T>R@kL1=4$|TA2?5zQnfPI9)^RMccf$ z4q4UF$)onCTQ$wdpR4M&V4aTAPu!`l=?#DK#j`txCL%Tl=H&Ro?#_pSWXfOe*_2^yj=uTSf6LB_63y{Gc) z5z_LR(E+-**H;Z>9tmt*Tl59f7Jzldk#+Gr|EVb95aM*4bN~l^$!nxXPh8~zE7D)=Dzlp1SF_9Y2 zOl( zVXri_d43xSX*mAyNHPCQC0{o5#lj8rCrOsS_Sy+g6w^++Bx`{W=D(?B4BCWw$90Bb zmR4*e6r}2a?U92a2N#FQSo+SbbK}ZTn9hHYEg7?989X3cDbc_S+jP5^V?a+C56wK6 znFXtn;&YJfraYxpMWfXL@_8ugM73QVF;8c&6vFl@l$}LPhCUnYrR?1aci|!Sx$zMA@CM0kgazI$Z9Gvyt0i52Eof#E1 z*UQ_S+lkzjI|IxO%QiK}Z}A7!$(!HU>l5rgs5_e6l*Sl+m&yMcUAOvycHk1xLXETT z2bVS6_hIYe{q*Q>xwHFOet*iDsq`_a+BF+Cs(?&+&t2$`gD;a9dr#Oqb8>vpZf;h- zr`s&13Wx1?}lkN^JAw!fq8bWr)IA}$Mkn#Hm%>VQ_+4{a2SneM99 zjGr%oo8ZyxrhTaP5jb5gg{jp*6MK$r`iK@rgFQ5jHgDt|0rW=WEQZ!a15n$SFD$?i z`-0)Ry!5Jm|2r>JP~81jzQh=F)kEuhN6Z=V{tEZX(EX5E23uogK2eRlJGhOr6WURF zwV2#t$``vkbqkYsR*#^FyAaSO@Y`n#%D{~%piJwp^sf1AZq$H;qf6rryL9i~TUOZi zgnCD>tXIR%p$TBy58-gPvzEBWYg=fz^)HcsMHD@AePzIoM%2>-F>8e8pphPE{Z&IC z_(YPOp<#jFTz)bR;>fzc+<}1^_q|ShhRih4zn80eP@=$LFG`! z+)Rq21+$8FWrajMyX(de`D!|EzD&+J{7%Y1lErFHb$)~isSbhpBE#!yyiQvY_`vF` z^~8_u{jT?R-~TAwcDV^+QGfi^k3cOBD8r5W>V?-k^ZAZ?w*)@-=|S-A2G5dJeiHeC zA)of!&KvsnV~FiGpekU0>iY3-BA_e%B4q;K^Z5!Lw!}f=F$2_g?GZr!2Z+sm`O6^# zsGxo*sHJ8nYAFpCeLBLoROZ-o?DqB=^!1jdWgk|LDOC9{-OQ5R!xL2UUX}3u_eGXj zT28{CnZ-a6?CWg49g=vn)~7m=Z6t6qTRx7w^O%FV*`6}Q3@xW1Y9$n@bN6AATvzG<+Y?@BVTu>QL^Fj7MyJX1vVH9ijlZ`EZ^uI?fi4S z=e}dTdD$bcMX?M0+t4xNh40-`gKXW>2x;_QtogJ~LU+Q9ESf`*Tp9%@jcQ_aX-#HW z4{$Y5Wo$C%)ty~0oy7buwR&_(R+!28l_TbNRLgUv@Qmy@s! z-KTVw08Ky^`i^x4a^`a9b3S7?)8;2WpmG%+=o_E9N}SnxFEWUV&;q!E5J>O9_>tOd zu003b!HCgKh1t0#>4k!Cs|C&Xg^TPi))<%CF${Dc0-{BW>;_hlRuy_5mPc&W!$Fy? z`O=Eo4Nm&TM(6>`s=fMaBd#?qi3mHHHHJ;DVf_Bt*kNu@Rv;DCIY`f)=+`9u8`V-p zweCOuKH?f{Nb4Q5v)c`mzcs7@6}eWn-ik4ix3-% zz8A+E-h3xXf!cDc-j8;|LrB_Y#_a+wh~3E!A=uDTfA<7u2sCp-`S zMso15t&t-S@C&^MdYxKVB93!o7GVNR%)}gN&WDB>2Gd_piQT_UALLuFA6c_|y)bIH zMz*jhK-sDY--s5`v1tf*LcFPE_z+j=-2UruQ2DQGB2xDZtDB*FY5IRG4w#$N-R@3V zuyrHbf9Tw{`cP)_?6`++J`f>x){HOZ1#F^%^yEWH@{>vUeu*;dz1ud7Hrfa$U%Y;= zBz4WL&UaI|1mdc_5+%*MnB68}U0w_E7b}E%j4%%F&l&u3;^j~zk5c#}cMZP+%|W|t zl`}oIZ%l6VYPrVSg7ETqiX(clE{X+wRsQE5dCK<~s0S5wrj@FkCu98)jZ%G(1Q%Xk z1s{deM#RC6V$;jY|8qNed-HZ-C#4v|aIKh8F9IulxhHiVj{M=0K>3VqH=tAh<%<8P zrh>%QSTtO}@|pj(GU#ghez&K_k@EFw+!PbjP1Q%%D%vpH%~%?1#rizSk-^aUo+;`Y zxTjQ~IGc-^kFuX_WItWsX!P9rxD)3@3^&v9yey^mjY}z!sbvR=n7SKeEo z_Xxrst#JKhUR*f!gSdZNz~|QDC5r0Y;Kd%?XpVE4=p*`Ufvwafyk?>Q9k-;i4yKC| z2`nZ1-SdO;;xi@0?vgjP{ik|$-aJ$HteY=kuWdno;Cc9NgChg zz@y-T!sk3784jRX`*6)jZ)z$1)Mkx;HVbg0h~P`jA&TJ}8Vs6%@~3%oGeB33L7pYI zkywgZEWQt#OIB-Q@t+qS<{MPI3tm#GKS3h-RAfv)zkB|vfCWo{EjZ$1i3pT+tY02_ z?X#|@1IkvYYMywz{!mFyJ8O5fj}7}rv@97&Urw7A;Ap5ig((L?OuE(c#?J6_VLR$L!w>@d8&h5DM8 zS{+Qcb5k7+Ov(f-1!KI{G0R0Fh%lOtQe!ArIpQBbQfX-Lf(>qbpC{*^jeQ`|bB!AhMMWmZQWFQc!bL@TU%_6opT(H}w%)0H0-ruU(VDtSl*XbYwX zBIp6H2@sJlTao}<%o%tWzPFzrft7CJ;@qf9F@8WEXmMf>3Qz_!#3_NQsVzpODWk#7 zp=1sA8b6+!Pa7?Rrs?JgV2jDF66H}`Zrmh$dqeu~PM@$`ABNs#G~!d!yv=8C&%*eC z*KMPi=7`?>+wmB6{>u~8;B9?6V_%*0-|dpHL%I#ijF4OmYSD&eq8S>0i*9N|=w0I!gt{ys`*w!+ZrC{fjD*5va(t;nz$-}gY0iz<1~+iZh9l524v4Co zUa(Lj8=HqH@R=$A(;Vhx2Ufdm<#JR0?zZvS^)l7fS>du+bt36!>ZAPi0ttr7(K>x> z{cBReycXFyD^7Y|6leitnFDC{-yI!9BhzaW;V2Ii8-*J<&W7Bc6{t}4?KwZ4qW+^6-`I2@NJ{QNGagG>L`*r*bH{8Ecp5w~j#lRp^m zrOx*55x8Z(OnAJWgXk0;%rdgyEk!%&^z}u79(I)`aJi6G+MWaaC5dLe%#Nww|Dwt= z^alEEgb0YQ(Xjx0uj7?$l&o6c9oF;3Lk3N^o3hNd=bt(`so1fHkb>DIO zn_8KoXK3LNIh)D`{oKV)e4pxOuNPJnuvY(Ba7u>Q$Y*n+cltOoj<~Alhqi-14$1=u zntO}3x)(PFaYo&$)OB3rjGvmP8+;11KDK9lW2iSj(GpwT^1bKX5F3RZK<=uwJrQXp zcKQ=mPFFL!MO!P($m8Sp(U(?yp1qeWOfr6V!9xO|a_(~$uC>qY@y6|ak5NT6HPDHD zKnA5ZFJWk@?Im6k4+cgHFtD*xFN~j^;UVg9EA9Gqw|gIcH?wJsAZj%$13ifiMICUn z89s+>LxtF3MD8ZPutBSZ4**I{*>O|s1=ZvXD+ z?_Y#YV><7ng3DLG6_=MIVLw^4@2G#3!9CXap7;|sdB60up_h6x1f71@u_M(at1Okj z&v8?v#3e0gIczqwq!>N+q>VG-=`cO=<9WqmYKCo9kfyl<{FhU-VJo1psrkt91Vl-B zNJPLb@kSSEp2ed;FPS2wJYsTEa-5oEoy*Otb-M;RO-zI2Mb~w|y0TMqJGC@wHT6ta zAay1ct-4Mm@8&fkTMy~W#_@ZN$Uk9yeWPw|)`GixGVh2xnKN1=2)BZtYQg)=f5wJ9)g@ zY+COiC0bj3?qM=s5|Q_}qOLB=0ESANZRTWZD)&p`em!0Z!XdsSZ^zc&S4HONzAhKF zn>%d**5bm;EO$L-S96AH6!+kl88OnanLh}y#*3RS$%t9s5r^@ZkpLYng!vQ3m5lvA zGXO7CceI}bVzoULW~n|9y$|oZ2g+Bm=^L)D}AeK-0!*{)ADUn z&tBVnP*#?}fAI2+{l?^s|MBn?a?)q(w5YPHsYugkOHbjUcb}#5e14>q)afdlf$(Qy zBD=sa1PRYY76*`S1Ix$R6((RhU)-oW5UN}EqtD83o-Kk*@B?3eV)x-cVjYGo07>B) zR_8TH$aQjbsSeKT@j~?V!8%hSAn3I^Rra;ygbs5LhwCI>eNqsFZ=-?xIFZ@Q)I`fa z=cnZWgCJi(N2E%ZNN5&AYQqOz_^n0G2C{7&rb1R~n6#>zzc_}|BRL87s^HPJq>yrq z_R?8vFK*sTNXtLrhIWFeV1LFv#V0`ZPB_zHH{z>@tf9+VUN)`fax6@7ldYtHL`}`& zrj(Rcj{Q28V!|moc2skO{B?zfWQ>22Q=h1bPTl%_Pf>u3!6LeU(@?jH1U8NjbEdNt zwCj1EhZqJmE2|P`!s5aS(1XluPb=|bWU$S~%CpeaRcDqf0Y1M*+Ji`)5iLci3(h+; zt~+L9*i{0-*d$kb68P7fS(?xIij)xGOW5&l3D!`Xd7xF}q@bxCo6lpibGA`tTojo| zqguWG@lZ{4lBR)1sxhr;%JF*D)7g&O=Ze(UXaoi9yrWo*`uxalzx9tT8Toi(D)=Qt z8W4=md^eSz15OsMiz*6rW^#YI@=-7uIpuYWcW)oK5ypNFHaQ8 zTu2FuIOONeS5shW>Z9q#SewQ0y+eT8Yy@QAgjHg(k}JreWXZ=<*JcJ(YsKch=y`eD86$)@#x+${lZ!pI=_m4fW+5_?>Wq>W(8)ea1(= z8LM&<81Yz1vZt7omiv$pp#qb~L`7McYXfvsC*jx53lX<_3CZ*&z@K6HI3{v`oWwas zS}&eXAnDIz-?UUbo>6iZOMPb)j=(MQs$_8p#6ouS^EE=2(o5ah)}Rtn+=*^g-+tcA z+MQN+VsV=z$LuiQfOwqT^vC(!vg&z z@o2la*Y>jQ_+x!)3XQW}IXZRneZ^SdAuJ;nkmNogzRcBpZqBD#4Z*7SMo^LZ6H0mS zFirdF=~T}!tjX?gM!}|u*dgz(hLsd4f^rr*Pq>$1Sypl3fZi=l$Ff3X>8sbu;?y=_ z+4Buv#-e;Fo$H{Sc;xEv+){Gp^P1z)^3?igMQ?Dz3N9ooo+P;AheVNp--Ms#XAP)~ zepTe<$Xy34t?(;^X*QQv!1L6JTNp)wFIAJfp0AsYe(2M4-&bH*cYd6N6(v~Pkp22l zGBfx)A_d zVa+)?0)k~o;Sm!V=bnjb@~kDm;Y3OM7NHIDPqPrc2mi6_++)DY{TmS*Qz0J}JXT0- z++@6KHtLKWP*U~@YV<;$zX+FYSHP-SWi-HQw9;odc@DB{@D-60ufQ_3evgUO^zrkM z8@XAOM>RRYM97P{(aLQ=*e8_Hi>a_BoCpvbOo7(KU~V-ix8m$T-|)NU{(GYB=51-F zN8f6v=z5xZSGLhZC2E=Ub9B6gc~qG|^!m-IG~&skUu)mV_Oyi5s{yQwRI$9AnPpFW z1>>j1Xbq)6lTYH+6wMw&eZIsnie@#W^$~@zi%v9d#_vwUd&@gqW>j4SpUkf4ckV<1 z$357CNC|(@SCl-D(uJcb7LsyplbzBXa(B;lFv4;)?e~R6()t@SXZezz>vCm#wMp-2 zq8XBA!`D6${*uwh{5NyD8l@5i#q1Dd8>H#IH{8TODnak9qon`B$+3Pot>zV87#$Ru z*o%gR_=c70zAiQljr=+tyW4{7(>%{NTwR-ie^!tXjViM?h`qQvl%LOM2jsVvNo{BT zoc%kJ$^iU8LwhFf3*B$bH}W5fZHe>z zbIBxLAB{rnSs?1%`M-U~Y2LXvbkU5jHyC7l5Jn;agDs z=a@<=$9z}J8rTjm41)|Sk@IWp*2HQd+#gm>2;2|XvU&SE^0ghgd(F3;mO-2AL{ zM5KUVRp|W$V~Bgh&S;emvJAJ-R_2b`PdFx1pe54Rg;`zOjTDWD!I6o}={;w(ZK4b$i$QGYCcM;4hRsLI=E2Y5DIgsj_#TIbv-`G0PnRBv zL3+NE$M<1#$BAQOxw$1D zI^8duc-ZNC1}!(w6bJ2k-_H)NL{BzJxr zxBj=Bd5JbE-y>oBo$yGhx1-_YrzQ{iS~ zABcv%i<0g<@P6`fYk$2Pg|+`tn}?a~DsL^m{FI;3gzxik!HYZ9s$d;twHCaxmc{@2 zVBltg)$({`0sIc;^mw)r^QT10IaZ&|VAo4w3>6P3?tRaK`Jz14nA^ExkSJPB&&2Pe z*(Zk+WNBN!BZL#A)iFFokN=72UCcH?xamcy%6*qC zoBNf_vu)qKX-2Wy1axr7**Bv2&fsRDGWmOJt5QbQO3Bgx!MuYD%9rpBE>7?X(ia#w8p{ij z-As9(>Pc^#?he0Fv|w=FXtx_X>63eZ-Gw9iG(POmmUuD!!~FyF+1t4K*I=O0ww}7P z%o-unme(@Zlo2E5PuGAdz(8IR?Ir5`0)l7|MAW;ZYBiPb=ZD5#=fD-e5EY(r>ZcWf z5h6=FoEy4?C^DgH`yggiX@XjB-C^!=Vptom(pzhQ8VRMx9;xd=dpJsN*z)AMUl?_1 z(&v1AP8UpQpn!=PErj!ZY2!~?FtY>EfG~BJeE<(2RQ9A}FZQh`)8CpT-2b-GJcl@6 zfw)C6xABghKBazS*w=?WLP>57A8kw`cz}-TulPpUls?zo2;5&fG7?PzJY-r~7GyMg zOaDE@D%w#~_Ao?iLqjr1P9Z~KJVKXpxWXT+{~*bDa|p>3o!YX=nNi3{f2u@+#)StV zLo6km&dZRh7~vWxzn%Aw^v7bv3 z{nKaFD~V^mXaj}ln+vu>rlaqX&$ueJw!KerIp4l&)H!o<`I}_KM>64!Z%Wor4^eOm zL2x=Sy!}f;w0*mnGy}(u=7RfbE~Vck zeQ8~a+ux}3zaf+G;f|-nxSp)4))4Fu;@j&aGghmuSAV$KZi3GCOpoSr^NoI%L#B2v zYs@#qldMH0#&$use%|WZ95;cL=$|^>wcdrC{6p^8DUWHSaZn+N5)hgI{Weq6VTHv5 z=CL{Jqw^Y+Xd_L8=o^Tce(fx-DKO?G$-$Ry^zbno{4#9hMU=^ZS6W_ahHmYSHS+RE zdCpji&`U%iR~n*3znsV5QKWFo$wyf8dU~1DWY-}LnFU#nYOYb-f^)?*+A^;#_C~9S zAd%-I-t-;I2=Pn8qawO=!u^L7ShzS)AmD0@oJjF<@$r;+b@BMIe&h(Obmm>{ah^)%;Scyi*S0#pjI%ClTyZYYhbIeor>?>XeD5rvp4HPjNkmOmcq{H+d-F1}P$ zUnnesTxyn4=ErWK$KC*w?ILB-^eotvMc$u7SyIQw;)R4WGS5frC+HBSU##m5>v9jp zkHq~dJp`z9^pmMX?1)+Gp(WlrjZrkxL05t_NUFPO>bpve&~rv}COOZ^O}qF|If_R; zB%cGkt{-I}5lv_4-@8~5)ltD?uw!Ac;fV8&g9o{ZIr=vBzcESz3>vMf-WwA(5&`)^ z%*^2>o|~RhcD8fklk-*s0)>_)b8{dyOI}`=@l%a^+zw+aGtSnUAI`Prw(&N$uK6SN z4Qp+E$)#=}4_0;i6WC+B9%s=LUXMu=f4Z5ilbF7U8A4iG|It_$} zGFg!aKeV`Ju?pk9Q13s$he4%4PPo>;Ckyaxa689Xu|KBi!MgGXlOkT zpZXn!Dc3tUKLU zce7jSS@2h_%1=l{D)uRlh-rmOW>qTV@!U|ADNtjMv0XJnKUopITnl^qB5y7x6)VPW zY^*F=4fyqOjIhhE5gSRu4ug7kdg>>pJx|q{#h?}ES9MN1 zzxAM=tVakhmWa6?;kBx);@zGVLEK|!Ia`@Aw>ti~yPaK=kN061NE5>%#IZf2$*A+| zACq?Jy;HI0VMD0!G^(%xaiL>}@o2k57?;6D!x{|VM1`vk#ALas*Qcb=z46*l=4p*0w>5D!0W z(N0deXu-d$o#h$Z-lp=5BA***+9>M$l>7b>HY_2aT8%Qh>v*~ z{1s=}J+L7K{{!D&Lk>M|QtjB-?`)~s-!Q$XC||nOm1d>khyJ=q@l=h8w95R#j)t)Q zD@H$+muHDy^U~Yqns;G+7`s$`+Kau!>%9D*xLSe`|M7dWk-8n_QX1iK12@^Q&bqo| z4T4_U{t9vl!OZ>$j)crPbss;4NzhJ`kVhXD81rRLx-!6P`&WF{Q)Xs5m}MfCGe~PO(k|{ z^XrDTsA9P7HM8wHc2z0|)?U$HFoG}x0&Bmnii9XkULOd~dM--WFWSB0S92k>Ob(wS z&5-}Q6e;{*&urR{ACUy)noL7$F3RqMr|GS_`1Ny#Cd2Nw0WU&%t^0*@Yb5>G9 z4}G`{Tlad%Grpx#S)8ZU1|PKvI6XnPvf45o9yXuPOxyS#pCuJQ|LnP$a8Nf-g52F3&Cu1GWG!JT5_%{*n<(q0L(}tVfws(c}8B8X1m_ z5`1El;6xXPPV|r+UKJy3B?O`GJNu4qG(tiPkp^4t^*P(W=I>#Dr`HR9p}{I>hU91E zb0{Z#?i?J?r15OfA26n9NfL2W<)LBy$e;Ah+m&n z?T4oIDwslIW@n)UdFLSB?$&0=QdZ_Ik!T+83eH?TQM(p;^qNlFmE?szeC+~5NJ0pE@Ee{45*AySu8#_NRK@shnSxLi-hZ9B8;29^rP}{S6JMOI zpfB1G^Ahf~l}o58DqCo`sT$n_1~D}im-3R1-!JpOD>_^l{6baek4CMcVUtcjVT(GfcgG)&@rdJ%q zMZuzEh<=($rG%OB`}AGl^p6e+x8mtgk(udNHYJiF_-Danmt@U#7OgRp=)d_D87i|E z8tbSuq_)taqCk0>K&~`Whsl(@?4=nnhjF)iNRX!{0}>n!_C*Yig4x~!u?4YAMaGir z$=hB*MMj}Y`4iH8_UW)!3Elh;fjz?qf7FbAa=_Kc{y6 zCI`wyKl{H6H4QbOz;yhNS*16$_?|=oPJH;c90l}nzJQcQf)jGqN1k<9`$2udf#C@BKhbLoX~V zYh%n)|D0!7o7N1fseWOpjOS`L2&l3%{nG;Hp_BJF+s9aH+`d%4FN6-jx&Z^Sscas{R!)1@)pQv{JfhCa<5OG$CNLxJP*hczLpRV}9BReR* zyCn(IdXiNd&H%Ho&PmtqvUvZlegi`pjS`jmmNt(=iR(WZ5H4KbnIF0|O0C!BRbq^<9KT}En1gpgzvcGFQ_ii}O3OJ<;+lhsYxQj2;vZksFyVR(kSa!E? zp!NS3t>jSSCbwp49EZ#tMNlr2u>hIHsxfAZljd)1Kd~uCqT(!b6d!2{cfsQ=JFf{T zUxm-97@JaQ>_p6yI4pK_k~G8Ohn(bgb0{U9+~Wj|s8M%6sfhsY9=(H;8f=uZhMo}k zBrCFTp6(4Lb9@DT&V>AI+abb`e8g}DF_mEyVRcr0hCPPs;mwdXX~$9~aXlUu{?o9( z+Z^z_Nj+0@HhMSADlJ)>_N=48?owP+amg=yiZpZwF-@X*8aLoI3Ngw1=WGk{4G0Z5 zQ1TClI9v`U5|nxp_xku8ghJ!pjEG$FV*+N?$gL7dH1dGt$Nhd^cViOj8WR3}lO?B) zexwGVf&|}JlWZCdbCAn1AAWC^X|g(BuERitWs~N87HZWS3jDteHyCbiaelkVM7r9h z7n+dQm7%9S=CT6eCloDS+@V;DyIY_@ zachyHDeh1-xJz*-6o=yO0TSTLGc)h}nE9Ty-ex?{S4hyY~yGm1DD^}%@c`gxK1 zE4$WY=RwSdWC)STH%SEksTXM1fN3)m@+sYsL6ZUhDGG+qNpH@SOR)y(M2L?m$3Zf zf$<5TC@3hrQ&Evc7W^0SI*v)+MLn}H-q0L4%Ue?0r}L9RS;4V8_JEg>T#V@>CMz&{?UH3jPV z`T47WKyTE))UPu}kG>0IW_FhQ&h&Hq>)C($V68<^r>3U<$LaX^_+GKHvUXMcxci?v z`>(vs-)^7ad-2YccJHEx{tZ&Q(LVN4{Ix57LT6V9`fH%rKUL9puMGZDa*nCP@PGL5 z|0CK$UXF_4FC{nAKsuTKCoPqU{!7Va)9?RphbIJuAa7vzm2%Yo#Z(0M%YA@W8Yj@w zoXI1F@=TCvCgT6{95%jmW(vE#0*Yb2ciw)_FZ-- zUTbM-{jeHNv0iSj&#SR`U0z;}eK1$ilg@AVUQ;twY*-fYjpM)ehj@^-(mE zwAQg7aN33boyRI_RfL`4pK3NTF)0x|G^EIG+^n^Cvk}cDhx}Y7N4UgaU0o$SIAD=- zYVnZ^yD~7TW=13>&9|)fnLG=Y5ecf$tCkAp^}9ZlJ9xs9^|*A<$`+QE#Rb*)_s5X$F4O~E)hL00Uybm_d68F^m&V-5+SK=B|OB|TU67Gp`RsG zIH#*EDJRAOa1(Z6j@zD@p$#s@6fWG*RNtzi7)Fj?iq4rxR0kB#1%$uEf}UV0NL^Ae zeyudoikoAZ?AwZuv5oUh{@q$$QtmuhTweYA^Q^h_8Vg&W&~SAnwoAE1o}eF2SP&ts zfRIOOa(Pf7whN8f=RL{aDhv`tTWWISCyue~-*oJ5mm3gbOZBtFK^(o#&P_S?evKVYg_8gbtrNMFhzwBzg7 zm&gJw=*ZHE+6^ysVu&7pDR5=cSh2j{!!DK!&>AMZLfkhbdtWX>-xTdK_l3F`qpu%x zLqE7fy41N#O8o&Ol{dJnhk7AX3k^rX-Dj-mr$0|4LF$m3i}H8kEN& zO4{4U-)>1rHzls;vve&t&u}Y~8)0PU>sFUQN@(M?FB-bw$`E|)Y`yI5U|btMB9wwLze$Bi>c zpjIPpD+1D3ocdrv@AnhH4Qm2@m?SuR`0k1l=yu}W3#T882@y9WY)Q#1if`L)F5-#n zcSc{fk`_YpX&PCB`q%mdC^G^?&y+%7k)F(eSX zPK};NB5u`-AOE!bblwJ>bmoz&Nfv$Z&mLjq5tKrmnx+VqfAb!k7WJNVt8}QRn1sMA z{ZpL`7SO^0ViKzCVPrp<%C)v!KM=a4tlV~>dO7-LFW3B;iSK$xF`?|>Gp?QhQsQ*2 znlVMYf|Po>()5`z?P3+stF@(6BnK=wHkVDkTswHJlj*GWOha=PGq?lh=fmJ zkUw>nYi;D7$9H*m_%BoSzh6bUG9L!NGD?UKwia$b5pvyp7tayINR&p3C$HS_#IbY? zv>&8Y)D(lgti-qid6u&HFy!DrYk{~qYdjwUm~A79=G4b)#&86ee#qQwUQk3|tj2g; z5btyx)?tfzUaRQ2EoKbKi#!bedE9QpAg6xAGk`00v#UKf2Ku53)Q6$^N}QucH5z{p zR`h537RDv>PX5RiabB&!;*F596u+Qh7c8we_Q|Yvw%7j|2h~o^S_i~y_nTl5RKA&G~xa)ddL6wD@lfmOC=Pf zU8ckOawh1*xzzSxO`*GTrVzm=a6rQ;o^^r0rNMSzPfmDj#8&~8qKZZ^Y zWV39fB`sY@7y}_EG}L%H2)@pH%4yoZ)RQ>jxaeI0tCFQguPH2yxl3Jc zWjs#5~pj|E81D7azKI>Xcs<3lSA0 zW;HIH8SUh!jq7eLVHPPs+3F<@_NDSX_-15S=G3&8m$&RIf%Atq&zyN~&;hG2ak40N zt0An<&a3&#DI_~fEbIN!^Bl0P(Y?~s`uc^BMLEM3N-y7eqlBOK0ZcK94DVN7jOO1Y z5Kdmv^S!~CWNSK#yty(CV<{___toL7X$?V;rwrfS%|A%J{!w`*xwL)3Nuw28jJt`i z-WqEnw4;_sYfka*?_)`Paum1ikxA5eN~i?9H8G_Po$TS5`+68D z8`zsy9rh~f^G75Y8k+ec@yVz0>d z>5ow)rf@bmdD7b0sKZKhTej0sk)G9Y(}{W7A~)o95v7RLKJ48a#s2WjUzN07r|){3 z2g!f`8s&F+Ana!-+P$D->>F>tQs-F$SE_4tISF28dj-n!MM=3@6ZMes(hGsizhqPY zt&~2&U=aGNtT})rzo^J!tuuH?zHrN|f&ZsQCn#6-mF)_q`vWiSqIVpso{rA;dYzzI zH>w*w%BF98K+ryhZsxL-N86M(*RQ=Frb1bzA`$$@zZ3^3(ALH@(G0F9;7O+DQ%i>2 z#xrV)Y*HmlR^y_W@l(wx2T+c#?xU9X-{{z=D&9ISJ|z=&CKE}UgB{lVhuOU)pv0q< z^L0(1Qh1x1LpEDRY2dA+U0FKh^ssxnzMK1* z2LQ#N4O&7T1$FpGRUZ&-$ExIz*&@5?(U0 zQj52MgA$kHLk4n8)oI?paY*+YbnAVg%NA6Te@#gJhd0u5m7$R8>jK zWuRP+q%4(H2OPvpIYz#N=GKW&xA|s9RJV!v?ORCY*I6=>I4rSmHeCy<+WjUUfKf%Y ze>vl``3M-+vE*WV-_^0t#3jV8Na|D@kvS@r3)XwIk(%T!5-_xe|Kr)*tR?-pehSCqWX z=ptSFoJh?t{6HA~GjP(M-Kd(H|GYr4Zv04uh<+eDRCPtrFyMJZ`SKT$bs_`9j3~zt z-|zAYmbVXE~9F<+0-F^-h7d`+3u{Ojh---Bh@GpkNoD(ywwhKzGeaidpzXwdZ4C z{uYV(<(@^KQ0R`4mU<2DMVN^!+%9>mmPs5hBqb39P_W|je!S9Z4^kwiI z9KJ(*^*{0Mi0b%d-RjJNo`<9v z&CEr40dFNXId}Mp{eIevk{pr-Ky|eu2CUI9srm4aYFkBkll4Nrs@PS#z)h-4ql*** z#M7g%m;Fd{UqQ|BJVG+hzsBlyRHKH=iu&Z&jmW~XbsXZ&K?>Y#sQH_hMnrX~Uaap; zYMzDn`WRL(avSD*IsA_LddWTmrIPh^Z2#GJ*hlZZ9E&)A4&+vJgyX%KK1lqnEv5^9 zcfH*lg#xCZ=jOwF5eKej{BYp2vtkLiwn9#cTKa5kZk%Wlv)#l(H8DO%=6AjCQ!sMI zpYgLuYJ|q>j*oO4e7p-Sl1$6Uu5YV~Ge0Q=|8$K0?w9Kla;CyucCZ_Q<>r@b zj9g)FlGf?Y88~5_FT_Z1J-j@uNO0qMe$>)*OgP?PzSIYg=CRXseV=f06+@WJSi8{{ z-ly!mYG(q`WNBCggU}qpXv#naA;w!@T`&zI{0@a+;@bsZa}psvfF1`<^y;9^Lh+(G|FJ)I9kCw~A4aN`4 zE5SM9z}{&<`A&SAT%{Pd7bJ4W#g!*6YR6nP@M$l-KCt^cS2KR$|8}hYYs(K8!udv* zyi-P(qr-Zii;sPJP2cvA>8m7n50CmA-}$T9+aGU35)#+%R22$SIgK&(AAZrt|L}2x z!uqpBz2^2W4}WWhK+ANwI7VeGUqnMfB zu_wo(aMmT>+$vf5f}6{bj*avB1OMTjXE?jTAeDe8y1v4HD!?Gpes)ooAw%;y57$u+9Np(>R#vBi4$*F35lD71FUiwZG)& z&=9^#(=VPE#Dj=E>h{@8=Yem>^O*clQcS$i(OM8J&fYunLhBVaG_&c90nukw{$-o| zKSI{vXlP0EWkoU4$!iZ$(eMc~HH&Lj^t0%lhtR!xlSLoSK$?2;PanEeU?094(&o_- z!%5Z>y-s?*Suw5lkD zF3XXQSw@V_2p2sA;b*g4OHrDRpuTx!rPYgmyqm@36;Hdqz?bmTb<@D$K^Vx<7t{PM8(}{Aa*)}bULtq=|P}Se1Z@H z6IV~u?e{sb{QwJ0st25niqb|GXIAmr5v&RHFxSgzuTIR#Lx<-9LQS{tORa7 zV??p(|EWN>>d##`y6W(Tj?h>R16|S~0MPRp&!h)x2NIZZVMM-j!oD1KHQqHV>>k&r zIA*|Jt{9kbuzlR9S-r>fFzxtaGaP&0XgQK`#qAr{hN7EU`be;~JUO1xKCtKn3JF+w zzTvyV{;CC9(unw4Euk7+S6w~g#l91HB~~!)Y~*u`>OOf$9BT_%n|%Fi<)YHZmm_LBFao;maAwWHwLPAJZ0)$?)?fKXqW2G^7ZF(voWs*^=*3B5B@zfr)m zW`_XEDiD{kG%xp6rKrjZPCg$mF2CO0bq6%ppGcemnm z?}^1T;#i3ji+89s^<1@+jK@0eOqMoi0faiX9Nq35+wA1xot=-&W=9PIT;i=R#n5## zH?My1&&RuPzy=)qI}i^?_}=A;iwQ0kqJ@!D*`->qyLFQds9vidIP*w653khl zpHl(#{)f9t$ydLy&!;hL zxCvCtNy%~>6D9)&w)zg%_MjTArU{PCun3o6T2?rnv7#Rg%%;yx(Wez|8pu)d zyWQI*v~fDv=*WW`s%3~iHpxl|T?i;6lts9Fs0SK0x;jj4j}beS>7g8rxA$eIJ63+; z6h--)O;wB0H@0)~?JdO;)3qrJCPU!MJ5zCFz)P6tC!;4|P)3sYHD>CQ%k>4`oycR8 zpAr{1SpCr(^RN#$?Wit;ChSeeY9Y~?v4)`GS{_@ z{G~xuX{GB_9vrkTDyr^EG;9h-U&-JmtnG#5Rz3V7wuikua>Uh>+n%yz!Kk(7GKf8Y z-dK~Id;u=!r`AM=brQ=tiC0uV$_$X)WvZwEoOQF~c-xSJd>aW;SKOOZJCV<(-2v+F z;eA6}Z)M&&m@&D;~F8`%G8GT8bFIXl^=O$V zUnxSfb3fYIC;hcgcJ?Ep9^_}Y1N?nB-NKze8g|n#WBb+MSEWg`AMtOUF;LC2yAeMd zEu>@b06TY)##&o+-u>ZQn?E31pL!n6529yAXalB;?t^1{5291oXXT5`;-SuEF%$+&ixHe#UsJO8_xNbyknf_9oB82ewQHR`idSQS z9yk`*1ZY4N@r?17f)k+KKB8!d)%by&CcrG)IT~Z5_;;LF(yifs(d1iy_zJJLhhw5s z);aie=FbUo5QF>jr$+~B9~R8_5X|xJ2TkTfuc-sVJ+uvmKv4ozGgG#?mOV`T7z_?Q z+ilsfG(CF(i+5fkrYPm-xR9&8@|PltX?S(~MED z_k}N-@OCq=A0bjBYeS#?97dXSzxJEU0qnm8#jO2N^XXTJb&b}cZ}tWl0>U=sMNS5H z1NUD~^Qdv)5xrNwo+ZnC+~m}JygvcCz?QuLv}q|mXU=-zFP$Y@kZET$fKK^o0z*~X zg%}&EkIRBh(fZ}I8eUB@?<^j*NGN9Yy+M8)y}S%n*2mF_Qth&L9_zZ5*s~=x)FR#k zL+_Q!$9aYr1JX0Zh|q@46rfWE{+iH95?} z=mcaIqw7vze`rxJJsu1fK$=jLJ?|Zu_i&Up7-uWa^h8?ssD31 zuOZ?Vx0JQAD%$RPI|yKzUnxEKQ;JG|PmgGx6$J2eeJ)xyt3U|8HSl_It|&WL7Ge}H zRvlI~KTdokBU4C}ag~IN{dhPJp%Rs`lx6(-r_am$^ZYr)=jbiF(Yce+={-t8p?fzK zY=JKcgPGmKd&mE(H8;BaeX0xQM=RNadM}U)D8c8Lf*51VKqrg z7p&yUTM7_`Po#X4Nj-68nr@6zFQNOSg{JdE4<`vs*)+^guKsPZ4{Z$i$mRPbLJYD7?&u8i+%Tz_4};Od86AB${0jX0sq@a3 z8haY85)Mp8#gEi(Hsb`H9|&c0{c$*3_kE}k*PujtJ6e;dma*G1W!3>8so3W(+b3z~ zK8^RJzV3q;G~SeWCVotqi&nYqzFZ`&k3wTjdp5c~UR(oHOVfBkM(}_0kO670~Bb; z08KHwM~uG-s6M!*%gQq$Rh0v^n&oeY)}J5fcUSZWyr3Kh`#wb@u9G`guRhukA-Fy5 zaWYP<_&T>X9hT?PWBm;#%kkMBt$+EvLrDMT#^L7D%D-uF>*tiFOs7bPn$k=}N9 z(yYSX8>40I`q&-Lp0VEfx5i-)pFim^TO5Ha9vr|higqr9xSSoqjSSy76!`K&8dT{e?DKL=v;@y}syC%`F%UnI(O8{zxwLFT zWn72K6@DqVUrs$F#<9|h!~aKwtN~vl6i0DW$~fG^PU%f^+XIm0eT$Np^XP80qhj5m zvx6Z2(~lQbo-q5?dhd>vSM|JO&GvL?b)>kR8`NgA(CN`Uu6+*dk_jkg2)-^4ik-nP zScr4}y?Mp)8q>~XzWTESj%!2((P9(Pv&oor&+0y*s~D(%SNUN*F+ zwrGRs>={b+Z;tCqf{TyaY!wTTDi!%vbk2)N#}b|QI^iQyF&#JV)el(A(9(Oovn%vw zw`RSb4g&!+U2LZ!0Sx#pK_vfDL1x;;ssmX`r8w>gDGmzZ-_sv{VPv{bDGbfE{e^Kh zj8^gKiyRErNQS3LuWs~3pUoNGK~9nIdE@#Q%J+JDWbcfml0ZlV{=2XytX6%R)Wq9t zI`Nqxld+7-pE_%Mg9!>XdONdKu_X$3xqW0lL{W_J`O|vbE-(6<>vAkZq3; zO+uH*vo20LyB3}LU##ONBu~B+ZVGEW+lQVhbTk-zGwet!lD`#sgYM-x)pmZId5W^q zzRT`DY8y$i$1$0=v*(Q%^ExY1PDPngIK1scLq}Dyy}@XTJss}&9tX-6d@IE0E)6~o znGn>KQ^B0>Kh;Je(^e~wAI6PgYfHyjiODNe`oEW5&XP#Q`^~%JUZx&yru-Tom2HnW z73vkI-RHTO6gS-5@+1P=LmNtvr3tM4%gxBP@3&1GT_x2vUj!IfZvCm7evENQRi3nk zuz(0?Pn-k9S*6N9z>nJ$)0RHplw~}GP8VE&M+kf`cY)+pMm*Yf(QNlv#^krm07Ebo z|Lpa2TYINArGebG2H;n%O&zIjSe|HmZ=cga^2wt=x=HIjyZhkq+Z1QXJqdHRmGT>c zj^iRIcVW%>d1C4}B-hCu{p)APSoD*C3 z?w9M?>H~octnyE7*t}IHn{7MX|6U2WHXY7I$X-iKeF4u59@shT>llLqR@kTt?jt4u z$Jvpq5_LTR%d}O|XTBfK6@C%6ZY}KwEO2}`J}2)l;gDz{nT9H<&2|o`v%)d5W~DDY z|MX?_whj+UMSWOwNvK*$6%!whU(vbP!gMl;U2c!+Jgpy?$KkYUgx*kc7$F>|)> z7~2!L4c`6q17gaj;jKU$1eN#vUXSq!{m>tVaYphA2hQO+jcPV$Mz$QcQskk#6T?7H zeLaS~gwKvlpq`!D@K9*d9BqpfBJ!-QK1LcS{6hf6`ybrL8<}HmKBMQzb=Ii8~QB6L04I zFy!i*>}^?U(bu!s#ReLVi$Ye&1IBw!9MghKj%xdSlYCc~ z6|}})wMzI(j;zvoJVaF}ay^(XIghJ9qZ6Ht(e$0J&KdPS^4R3d6v2q zY&T98v&2rY#brDKmdJCtIH{C1E0q9=^PjfXY)q6paH+^?oG~3jwMkB%_RW8oc&o^6 z0_md1G}j*d=wLW=C=u}L{;|7$S<}tOivO`!?9n#ZMBL(yW9yD@3=zyaMUT0r=7QUH zh@;WbKG;*S(8@FJv8;3+(<@0G&kjA`&N^bOW!Fx5cu)f=G_r1HPWeeSJN^55XF1-xmBn zqt?MiIzDwm?XPcI;c&0#kcC-%;$Y^$>IG6h) z=w-5P@;FWGm{+*8o+CXNcmL&jy|Qb)L9lp3wb}9L$rvcNlJKGr;x1c{3v# zI%>Fdj77dY`CA64f9vd$cpc^fHpx~UvFo^jaGp%XJFhkk>_Kfyx9|~Lv7lnzr{neY zBBo_SsbVnB!l-w;4e|T5XGz;J0vJ^io{4*Hz6;Cad#Zt4ZNbFEUue?tx_~Jyc~_B# zsYMSMRsJ_`#wIr(&`ej#nrc~bGQ2uaYbhyye)M>@E$)&ye!X5ZwWc|)wLb*H)xC+U zHSk`h1ogfXFHQxtSUF{yIgi12oS5MY+Rh?@1+%}ST>-6O@f+0#*sAYr2du*>`{oMn zXAitq2Po)C`Bx8G_rDeKhYw?@wZ@c<^q2iX6?+`2Hy8$u8$7j%m7TD(*d;=j!9nDoF|1Rn z%4U!PNTkb^&-y(L&@|azI|Pim-nK=QFLb$DNuRL1u)EfhGkCT=i z6j}3aN1g5dSdB{m{ztWqjGiYfBqNJHslHp<5fxg8e-ds99e+o}5l_W(<-F!zk{yBp z5f6etzM9KLuN3t0iaACElRjjY@&tpA8pTy~b@l$(OYsNg z?7q*%_FFl$I=^>29R*6MwzF0fRIJmD4nK8%$;iCW3uAH3=WXIYK{9m38xYhY?kr4d z*@qDbJ*-5-3y~&qCw+Z#Ho%orzGdhW<}LJLB}aIf+*5W|*0aXnA<2Dr1g{eKpLi`J zFe;a;u}!Pe!@1@HqW9!4Z}YBij!T(O$4b@C9#quK{rw<RLh1NC4t8M93zi>A7e_~5{Ra17H@B0qbVzl2EcU&Ins0?M}=Us z1+qBR9Ebx~E-cOe0`UB!hZeHgb7aM3T-3=E`eyGIoMN@CASLv=8or%;!oGP&xFqZ2 zVW%TOfql?-EIM0oi|kkDC#|=!3f~1!NsNI0LcWj_mfRO;6Jl-8^U&1+#^$$phw{1oSmp^~| zVZT)_uovH&#Fmttwp7N-F{v*Ha6c$nDYG3;8F=Js_uJ&ibRDNlyke^475idpbVhoK z{f1pbwJl;!Punzhf8Q6$yxy3pK_WGM9+uq=56IIF=&6_rfh!{sAkDKc&`D&ku5+N%+T6bHgn7JL>?cENugX0nvh{TZ? zue}K}SjIiAy>0!rZFxzFF>EMafo~yGS8a3bpjBqq%ACuEpLY}@cg^dGTPVFaHp`*P!<@Fed~p>;ZBp)!stSbqZFw2Cq%kMvpKIrPuh%H=tY z`)_{yq(81QTgfs`8($B3Os0b@~Ky>ryk*2>34ghE!NdXKi?+xmjQ zV-a%(9#YW$UDt4;?JpC5S_OUUREO$^=!o)jK?->OyE8#>VTg<4mvh7mNZZVSGsEmr zA1SR^$QIhbP_1L5`sy|GJ?Z)wX&!r_!r##lk@Enp7aKT`kd%Pf)r@As!`pMc8ks;m zWYyP6S#vMI8SqgBckj>Tq&)2{(y!6iaZv7MP@emhNH5;-BqeIN)mzBke~UId9SMo6 zqn0CS+rp1Gc?ZL3{TrxcG}LYNX&0udabCX|+5-7BMl%GV&53bAOK5sM1iF!}pVu3W z0+|pb+R5;01sTy>vwM5Qe$j1uwky^O>o~HYG^iEbxKB_t99G`V4(XAr&DSTpn`f`6 zbn3neOH8WHzj^WHO5_Wpp=BKr^xVY=uv(SoZzaQ7bX^Sj6jxS-WEgqLMP(9m4tkI? z=eFFsX=+UzUD9ri3v(RsEOxW6#4kvD4y+96%qaC5DK0|Lr{qhXr(5jL0M~Lp(a0vY zY_ybR_q3E5kv>PFV+!l!jUR4=u*Yy>YukPq+18Ps6|}1*bxP}r94J9NC0pk142rC5 zG0qBX)LhmRp8d#T2{wSzxp*()-RKS9055H?Knuwp<{~NfLZ8=r#Bbx;;naw&ddHh@ zT`5Z0@TX9`>++)EitbV_(=Oiej`&;f$aL<;-qy8-r+tI#aqYBps;UD*%Pu76PcIg9 zDJ*x4A}MJ$qPFAgI+Ic@{v@vG{+(|0#}R|5sKsytQEOIWaVv=3j?BLZbs zZDhwiCR^m`1^8Af+EVX)+NhOT;{4sHO}I%|NS^^O(Xy*bE+t#N6r97|jSU93?PMuk9g5k72k6uDDpg(`{{ra<<|!rJK&P+Ebsj#dF}Ys!imnr|UcT@= z5{}9FJ@8WrLzZ<1#I|tj0RFtK(dzL^zk?t^R;iACmp=1*pw_nESu?eeNOOp@fzQB z6C5?kd$ue;Hb(1`dNd6+L0WFC`1{dk)jMGajoQ_WA3iDS7j>UXybq zI|OYVeao+yvCV4}R z)UGJ>*!UDem|o5Z!8_ht(HL#kHc$3mBvUzxFDx*SM~yC|J8nl2p=hv<_V+Tj(CXf7 z__Q&w2=0{5TDY}t%d^L!F+?!P0Yx!VLDy~jQAqdS^h?LDK!cVilO}b(-$MhJE2!2k z4I)$61Os!*SXYTjP4bLcA_?*?Jy!Da+h3@eCIr9TS&4cKT}SM^=9MDVQFXTU@_8Oi zhhNIyBji+kVL<(C@a0A2x2kUuD{Rlhy3^i@e!fna$?{MY<{aQrEMo#D$@Hn+oU|?< zry$vIeZQIFNc$tyBx^_veodIQ4kniVHUVOL3MDCv_|MF!PYngXJ8IC5i}VUNTiK+7 z4qE!p%t_WB;ucpmOoo6(lJ!q4?suRDU<4TAjZLmvkUk zl>YeTK%U;WU`^wxu%)})qvrrojzZr-*a2AR+M!zx^2`w&eC|;2><;ESdN|}^r_SbT z3v=+4l_1=!eCC@jql(q%`FiA-pjQk6;K{G=t~|xx7j^?OSj;D_Zlu@7BiX8Av&B8_ zx%}U+&g{GogHul}BHe?o#mogkVplKRwXJII1UKvCvzuR`zjU_5Q$!YmYmGyz4yZIH zFqnR|UAT8azjU2Ww;lQMV5N&R12=;d)2=6ti$p3-5P}wO zD26Q)s{0QS%*<~U6)`zmPo>1}cJq*|TPqVWD)s5liBCquMNP6E^Bbm~o?eUtb%|05 zsK$l9*8X@!1Mlh9YV0KdTh#nM@?3ye-L;_S|{sx%DnsJ>CG)5WWP zvKM_-{e}BxI~7W&W`D#=|ENdHx;vvF7gZ`}BKOSlJ25%&X}Gxj8@Wg}i{+`({G7Kk z*qC>etN@$r+x6eOtN;Vur_{%}1raT@dow#HLcSlc3R^mi)GDvsgA@mk<4y0!4I7(k zh%%y~W|RE|-|M#w{f(IN&Kl#?QXk2o{2+>x%t`st8kYvrG{F11RQ6GrZSu8e|G#Ph zh>%2E`_Q-LZvB4Gz^1J+b?HZZgF|B9j&rnMin3HzvO6=)P`da~<-91KZTslEZ}Giu zUBdlpq#tj5HD*y_l6S!5niO#|n>QiMMM<8PX1!d>QJM<;BC!K3)QwVSQ}M5M2+%US z`b=9Mt)h6@^txd!z=AuFw}zv%H)Y@5%N@1g!dIvtqu+Al~tE4EPY2S!Xb_ znH^YkK*ai;dvz&$DDbz`9_XhuV*e8fN1Cb2y(pXBtlb)tF#Hk>A z^0M!p$Znad(T?SA11-_`8QbMmoN^(5ao3#6RMyy43r}j9IsyJvN zMAxo_=`t;Un{3=u$nwWeCuaW+CrIN~gIRbZb-I(m0m&52J(f`b>=3GSh{n}0S+N>n zOuSK7@XMH)xXrHwH)(yrab_7LBCJoFBnc}n60NUaO2VJRw6n=(yvuwdWjrm_LHl*m zqgQ50*j#J~Mv`Z}h-Sa=6C)!^@yaVV-}q)TEOqj(G6S2SK2IE!U)v&4X}$YJDbPp2 zU>1sclOu`gsuD<+pw*7k5~^vMbLKH2#E#=@iX)sg*;StXx&~Zb(&7Fe0q>~$w`-5e z&!cnly_$D*Ua| z%IP6Em6erWmR`=A-WQJWPc2Cx+zojhoKDp{>mxUW^5;tM`lHoPn(>%ex?wN0s`0KlRg z!c-hyIQd|X%Q*qkw>^A+QTp_BEsvJ;hqBOmh$ zC%0x01o+<8ez5_MY(+%@j?iqw!orDjme?W~vtF@!QHdYW$_N)OpuD@>H3uh$JEEVR z9E{IF!nB749td>rkJ$ZTErhdFE)o$|w0njOtGoe#2hU(G@IL1HI|B59m|IGh;U769 z=~TT7xBEt9;Sa{jRP^EozGJbt;=XxG@sbW=s5ed4>)a;|B=9t^`DlKCmio6hb&w7Z zlZqnnw?z+mHJ1`G)^<1wFy;QG1-oMnmWh;ohk58YDhBGv3t;VHL&1q8E)2u#OlIRwuG7310`oi2o1?BZjL3`JxB2+ zSb4qpV4t}{`qMi>F7D|B_syV<=w!2XdA(}gIag}oWxsSeEakCZa&N10hIX*k>kIuw zw^jXUqoV-HUkU&^c~U}8(uLnN%PvX?SF{|(iL;4_etCO=j65~9ITu@WmvoKU19jCy zj$~b9j8%QF_@}tXR}+u9L3mX7G#)9qL00B|9>TEANi<{8riKv5Rg-c<*-F^hRhi}|rRBZR;^sujPp-8%#b!4*0t$gtwr+~^nTmkmIq|zFQOh>Hvi;Bt zJ%ZAPmYo2_*S_1O!Dl^?fcWDxzxZPgHlF15Eb<|Pb&ei{NIxv3 zP>ZK#k@Q0ZB1TAabMC`H)Nk*{Ka9tpCQQobUC5TG)lUV4#{~5$e8E80{UnN7k;9vay*Z62CpGt(CJTHrrYJ4IVa<2 zaPOyOll3=i9(BJsdt;%?vAm(rO2s}eU*9;NF_HUg2;W_52)^?CWX())WYyMk5_7z3 zzY+WOV}!x&On_64p4~y(yvQG6!~pN``4EUfWccF)mIm+D(Q!MR*u-#m$K>ATb-Upu zH3`RR>2g`=DUQ=4iC{@wOln|gh?N`nnDNd1iCVW3Aih|;Px!e_#mq3k?57wWKfunzu3!pr&=Dn zQCnGOFnZ-DFcf%qY_pJhy%IY_+7TAc*S1K%yUd&6)m5yiT{7*ms_8a^74LTS1?Idc zEh=_?X!2`UqGY2(nSfwwbwD~hb383q+p~E)pUBBIsPiB^TqTfm%CNw?piCkQoxphn zQM?p#RR#rsskcbRdl^kF%6tfLt4t&KJxZVHDAjr1nnu3S+PmW{SD@quCC}cuyolc3 zS395CKE~IO2UJ@u3fL2ZA3vQ)JjrJnM~efZqoaFKQ4LHUv&f%(cwS%;`L0&5yjo@k zUnPdXLV4tq`R&V#l1PpQndcTW#lY;~uO|qm{ZC zdIv?2B1Mr-0O>9C-U6b4f>a68dyx)-gcbs#(m`r~00HS8DM26!H|Lx=b7#&t&z<>y z|Kwql>~F8V%KN=*eJzu3_4o>I;f}am_~1xQ82%{(3}^uO$IwROmzFBo_%03(8ob?px69C!hW^mS4|h92zBSYJjvPE$-bumulhwgm z$nEgak&!~b-MPVoN9VQkihfcrOuMG*p?p0Q^&7bl()28R3@RWS=Sy#4o4v`Mr>ZBP z?Bj#?2Ze19oA>&#ABsDwCChyha*non7hk4b*bP2$UH9$8c{(k2dlb-Z(&Wg`;o~8K zOn3dKXZ@s&i%c^8(_({gE!8vJh#3YchbZyguat1&>eYx% zydX~-4S5>m#BB!qG84RLtj}XObn;AroYj;GGr4cjWV`wDyjyQk!KedVw z_6yuVgI5$;b@Pke<*j?)Ri!oY+-}p6;uLdSe%@fe9a+imKJ^PRB}D@#@y&pk(?*Mk z*E1pu2#DAXfX=bwvv{Vq023iOybO;rT0B1F4yY|JUh2NwxNP50wyXvIw6onAUjhdS z08$mWN*b8gAOiEjqAv{Bti88=2g`LBBl6-qd}OhHrQ?W%`e5$#UFK=V(47_inPmFq4-`Q? zNl1{u>jjwX6vY3fna@aNp6e0Zt^UxRq~M`fjCMV1V2m9A8^peuPX;i@yVD0OuRI7} zTrfbxb$6sc0(cwuHb6qD_CoIOCVCokviVaL#8e6wkM{9V)IE+T;fptiF<6W46F={f z16QNZ0Wj+yOw+p-O{Ph=<8e}Xp-~3z+>AZrezROKovWEQl6MtUBKw^8KMN10D0x_oB5P zm{#|M3M$c$2)pZdFUj4uIIs_`o}%nzyP8F&F?IY(CQ+$qgt>F%l(9mZ(?>$SU=ihJ~|GkUdBF;`}ltWx|c zPoHPwy86EbO2f4&vOq`8m{g%f`-?-{St9sh#lAs)RSmR3I1?F_lO2@W9G_vA5DS{% z-1+uM2Bw*MLP6Dw&&r6f|3I~ks`V%Z<==jkCA-?QdYVp-9ENQSE?BCRn@xutyWGPU zX0MV2jwjbzTzu)Z+Io`Nruul@xjxPwKCr*wHPmx`DD!7Bmw$CM+S0-Cm1feeBNs@1 zD`nR_;Mtr7J-Ow;mT&lsuj{IA4)Kjm+lgRNfzzhEJA-UL;GmF${g@G#v2jnA#q?`9 zbNM6NlTFzUCZKoeyz_3`!%xS#vLKfzd_Rh5}|%{@825<2Z*^Epbg=INJnr&Cq^ zZ{66EaJU6YwZM?`IRD7|RbaGfmEva5Nngf=7Lq=^;7}`CO6p?B`XK$eT|nF~kTy(7 z|7H!lBFrcZO+qclPPe)woXoA2v_4wW*B(xy9MifPX~(K^;}R8f0&Ff&Q{hZt4{*}M zlOxa>MU8w#pDkR*?*QVjxTG&melO+a`Ha_y_Jp|e#G|XEt^Pl(7-YOlMW57|3Qreo zS5uyC4q%am>Ni$NX(|;C-qLqF2IXO!@QOBvEA4&9mDM2rMT9E{Vom%BS%ahCkxgo` zAbM{WIrEcRPGrJ8y-=-<)RCB6mBxkPKfgP&>?2bVXqk6gv}os_w+q`_%Xopon1+g zy6O;>Juw{nd2Ru}-gI`7k>j*yG2d!@^aWw-aV|8%_da1@pueck+6Du`ZyB}SqfNLj zs%e>ZV;LEL6)Xwbud2M0ysN0Q(dGe{J7|AB(u6lpBTUk@9Shl&>idpMPDLBgBUYaW ztb)x&g10$5JyOjagR#2Ol?B4jxb2itOBOJ)m**9|qLOo5NHa`gCbQVK`;V-B4oae{ zuk_n^OX%BpB^9w{nS@oUm`V#?Hu&EA8QGmh-OU2@x3KANkd*!TwAIL$twMn-*BFx6 z{Mpv-?fdPw@1AqRWYbpgoDm?!CvY*8uTbR#?xH6pQS+hjuf#OtazgH+E)I zLTvJQ{w6;x_8Z;ZFP~8bMf&fkm-FbW!3I-Nwq2P&Jl8+i%K?};5eS8j`F@kGZU7^* zw8SmulR?1}wUtf9WWya9({$VIWEC`AcxYxX%wB3)cDYJ-FDDx$if16lLn?MRmVXfX*Z#;zUPdhY52yfVpa~BYrFfza5JgFOWm2ui-chy08bLCVe#*w3eqVSE>Xp z5VwzqvbamKd^5#LeUv5yvbgjRMz;cok~_C;{m14JN}Z0T#l6W0Q-LmOsi*s5#oj|3 z3?h!FcZUohHhb&a@sY3lTG2A{-j3ro*xpA%Wkga zPWIy68rJTjBPV-qoV=b@lq@`1n;SzGujN5vTKUX+o#vW*2}A?FJK<_o1UzR`!wH*T z#?M++4_~qkTx}a^$-oaZc)SV5bfn&geEB;4P<@Wys^R8+^lDOnkV%gPHNyyI(sv&p z6q8xCmHy)`_Jtlb!x$`T30WzW0Uk>3VGFst`Oug*L;d*MkBZ!b$3fGrXqu2+pQthb z|6)#~PO+oz&&w>H%k2~6B4_0v>ns63BTK>dnGE7ThmI^H)_3>MqyaYbJuF9%Il8p7 zDbBRzt2owDkH!V|^{i@;+WQxL+d=M*$aok(Wn7cmpv8VdtBm|!kPWT`lnhHp-|h5S zTTRLl{sHY4xk#f#bm6ZbW#IOFm2l@eD6$%X5Bxls-R5ij ztXw(*KX>8B#6K=THFplBS2Oh%f^J2#m*u)Xq9E???v`?j=!Ck?ZWJQCn?yxLV<>aI zHVqCJZBqfIq>9yCJX}qJh1}y>=eq zTn(3ykS>15Xn4p|U(PFfEwZ>CKC$XenW(zG$nW4q8P+1+_Y{J@Cr@F+@{b%Jfz zX+b#X*fyJAQ%F``Btn0nYX2LhUr%$_?qyr+pwrE$rS)n!@M5vw5}Fqw%O}F45@U`? zr1p(X992kLd0w|*<#xuNN%|G|rLGfcj`^s78O_Qt5&qOaPFm`j6iqEy}^6Wzupl!Pp z#!F-&0d*HuC9>y5DH((O*FiSG1?q>WfS)S|;@u(|O}?2}e8oy0DOxT->t4H#eFNe# zYwI-A69aa|6C`>W6K5!MMDGZ0j0&xJ;40k|p6St5zF!a&6d9=)y1v8KtC?p&aw8Rs zp)x+mIFk!^pS!ZqA3fJJ=eQfN>*uq{^{iwxI$Xpa`v|a1*|c0IIit_Pnv;F{_OP1m zKEG9CV>j0w7F7jqwortoHp{_Kd%ij-iQX6c=55n9Lm zvOtXQoV2D;^5yjHT8D{G-+?5Q&d}Ui=OViTONmdGI(LZABhRaYu`vSc=-pz%cDh4fgf^}Bj=<)j+b-@Dy(K({ zWZNBS_by?>s*yEBU%fsu8*l7_9zy@9Z$0(d!_Fce7PrFgXyCqzJQB@(U8h6lJmx6- z$d$!dGy9h0RL|CCKZX?VBfA*=a)xyrcY3FU|J}4bH8e(Crcy=Se3tA#7GX+KdsQVF9tz4bfU9@1& z6KIQE^js)#y~)rwaBggKWI?*~}->_Ya%CkF)bl+^kx+;H;4xQ%&I5P;Rxhm_D8#sj6m)gHZzpn@lEx&r2-9FB09%L$%Xq zy_1m%kl@Nwjtn z(|=6(Bs$X%ngi4Xq}(RD$NXhsd-hr;l)c?LPMW)3#jkYgTWo=YRacz*Pwl&;=To;! z0WDB7zgeHbZ}2%~s|R72{7}NQndL#*UGGr*&o0H@$y)1}i|11{h=RxQzSH~AM2%5l zKydtf&V-?ffUT|jwy^TF?PWi|*4u2Eq2R;!o%d1l0>C9dd#pNi#y5i2K-i?xx8TD5 z=?DAep24iQLSxc`o~J#FtMXiD)v`Pq207mAJ{xSdKW-`}Z`M(%0M5U=O7`}n%oA?6 z<-Hc?in-c6uaf3{%8(c?+F_tt4>zF09kNQ7yqI?;Z0e2H*EH~je8X%Q#ItpoHHTaU z7BllWsde_tXrEnjKJ^`I(Vrbs?O453SEqlkjydRS=l*URNl3PFdaYm`r^(R7bh1}b z>t4)iK{gv5vp*{Al1(aT%^py#eL!JzFhJeIhEh?i7HB+JfUu^@OIol_mnaE~E>DIp z_>7ohz~F4*#s{aQKO5R+Nb zL7K$k@3=O~i|NpSDeN^@oIZ)V&bC%{GjvM|%X;Fy?Ao;Qvppesfh&6(>BT|%N%IJn zo#}bjSJywiy_L1A?U$Ib8>CO?BEyb6?Dn*miT9CtmvGLoHps|XFocoRH9d{PmsE`8 zorltvtxizOnU@2rCy!oct}|^+f$7{ff#r#@SVc-qy3B(e#G(m9z^w2x%x~rnZ01LF z>yIC1Q{s4ub%5~c8O-)&>~Y|sD;LJwr^nYqEJ~D%qjxuNax*ZM`J?ak;PY=8`VSwd z7&ma@U2WCky-=gOddB^<>%azXF0lhfUIPh}CR zI3dpkEx+#dZGm$0;b-!@MokNblD+dgCo1&QnH6@P8!C$6jG-e+or)NzP2C~H$nl2x z_MHg5hm^MB;5mDMpxf~oSI~(;j6tZGN<=x@#ht0=X{M(EHb4xxATa1b6Me9L? zQ<`|yD-XMUm2oAS{D40{i)6s7g z?XOlF^hJ9En|A?`vz(IewirTZe2q=I5z?8_Jibvcs}icPqRKE`l0hrx z#QB=B)X2z)clPWmm~Bo@bx{6eWgHi?d_Rvz)ciypMUg3P&$-YU=CB%kV|`9Kc{ur{u&onUnd( z;qk@=q5SKhx%j23O)^^POQX&g2NyfjUWZLuN zrpmr|dh$uWnzMHoGSYepMW@lyw#oh!owL#V5owXfkUNXSat9n72_KThCuIpgxW@V` zx=B;IPfS?p5PPqN(>3A}HTb^u*GCtRjKgvUAhrfwrdXhV>U}^cu_IxRXs_xIV6?$? zhp7=xlRY$FN#>oB>_8`C=R)(F4PZj4S2Ih-r_da}mwMwPlm}dQP!O+>M3~RaJ?3+k zG!*BYApyKzW-*ac{3Pvr>-u}2mXs2>Jfl8bjjr01BS@4{BMZJMuBZ#9l>ibvWHq3T zQK+~p2-aOEsJ#|%@FcZ=>y+_BvGrAMBdD9PV8#}O*;yPs5ZF_h!!za4=0+_Zm`dHM{*3WO#2~532+alUIys#Z*vxPME$ueu&vo9c|HEM&7E=ZSvCF=0JLy`EFN3KkB z3L6q{`^WO`8CH&28^Nl&cV?4jc`fR!M{gR>rsZYL!9g(XVogfQbnVciS*tgR0`oGi zQ*dK&r5B`qJfYuARM0M~k@BmBzY+}QIqO>V@pcQf1G`h_srs%dR*)0n{WY0h2oAcZ%_AsAnrQeyZdjMU_t3!-JH?6g`vu(hqZcxDf9LG6-j+^#q);IJnY<>55 z-cjEqN-bqXo#?ZH8JR`jk4S$m^}MN5|a^>{+5Pthp~?}OWL zvV4Op46IdBIIGPI1%9wNn}XQKR~SRSPBo;bf9W3q5t2reIN6=X_Y5miKJl7@M?2rK z@1590JPU0X-JzK_sNTWhu$rU_b9mg6BvsLghA*UNTzFZ58&>)_|Th@@yQa*bNh6p&i3+|(aXW2AgJFGH2ulr&a{HMP06vaGMfpl3Rhg@ z>wGPqr-x?IY`1SY@weoWVM%jRY>}()&horl58br;kaD8R*>Sh7?~KR%7%+W58~GRAV^)}nY^Co z{)~?%^rX~zohdXD3UJ}mLdO8*eq7;Fh`fBpg*g*4j~5jYuMxX2;tzae3U<5z>LC4+ zEgwYRCwh!v=NC9wZnN_|VL{R|+?h9gtLPw%)D z^ndrK9Df}SCvM-iM-`uL{I#O+JM5R$hf$(UEfB)6h0vhGwZw$iq~s>;=z7P|Or>^G z3Odeu^ScIhlM?(py6uFGQay{__-JyDvELk6Ke$FyLl0M(G61WgIBNP_h%a2ct6_<} zVq8C3N8-4r+2xxT#s~775HMrTOyLJoXwcNGxh1TU7nUl`k}X)a*;h3gr6WTgR>>~< z_xO!auqGUNDW>qavausrcX#I58RlA=&I&aY_VG`-sDqYK>lZ<2{kFKXz`_oNwEQ~oZIXE7%ymPiRfK14`I!pj75-&p(lV-zz@2Sg#n+w1Sk_&TuASjFb?n_*GA)P^wGi=M`?pu>9PVJvDXF&y+h=Sh7?I+vftH=P}* z`g*=1B$IDf(GaosDl_{zSb2B)ai_O!@cE>lSbH6{`V~%skM*eX7Y5#7@SO7yId5>w zsw}C@;I5XJ6#RCh?@DPw;p6w6l}mLHnJ7CJd8$0X-LA`X{Mg1!#n5Zn9Df;{{qyn* zg%LO6wsIt`#eHo`3T6QylSjJ!Q|1fAM2qt^Jc)o z&85%8{GV4%tEnOo4;itik3H8zZpa0#QR8Jzvrm3LXlk}_*2yZ9GCrA86sZ%u;|0Ty zy_aFgT-9H$c(Qd2aB>*ilzAAMnJs8-ftRBFyn8r9k4+t|s?G#qK0c#i#2YR-c=GNR zdhkw za6P$fR?!N_O)`J2z)tzkvGw*u`ceQw_w-#&4hI4VjV3sEw2j)L!E7d**dGo2DpCIJ zf4%0pCR38?F@Lu7>#+EjZ*}L0FA{-a_qP9?|NP4xe{@__zuiW1SIa;syuMycI{2si z@&+yZ-&*8fqz*47rrWf>ulW8u=}1iVL&}TKOmkJ=G1d`IL-|P90orMo99}&}+|<;R z(hTyZ`j`6YFLj}IGd$!B^X3ay_boj;iRBN~F*T3yW}nU8NJ^$>!NO|_|2l=?&nWrJ zTk0!Y;!cl}va$f;zR>qU>O_`&7mVTi6tuLo-K_x!nF3)c2-qRbelH2p0oUV+0)O(yR=6HutrR5^OCr*7EuKMr1`Y$>xB_^iB+TT|= zIXSWVLyrWP_ig;?G^WJfKuS2uMnE%FD21R)b;98lT*AUSA|fK3f`Wn#ez9}^v9S|A z5z`^9!$C|EF7B!)^^YtFOM`f-csi^#h%8^~K9`lb=({y}o8PdCmNGa6cXk{D57+&r zZT=$sAD6jS7X`u%-!Y1F%F3b`Fsc2Z9+pc4%^c)Q{KuyH-Et`pb4`lYNV9(Vlz*?! z@WPAaL{Hwv^!~;C|HtKXDgt`)cX{N}{~tg63+LnHQX;Z^X7>C)wea7RX&JVKG4#q{IZhwZzV5fCg6xc+@g~3 zf9^HE*;7q}9hV%hsP061_doXKKVn_!3q>Kz#Iql>xtIR1-gBXFTYjVz%iZ7?#>*SG z{!}TKcaruMPaT|;1x{TuhHCnjH14}&Cq0Gl3#p;D&~1P zH{pE0<{^yoKa=EM<@p+Bg^CCb+*6m+` zn63daP!ywX(y;NYGSDYvEL?6xjJ&3Tv4rKHvXFM3+&s{oDC+g|D9-Kq2acw|oPM+l zQEvR3l0P2vT;?}YGkZJl@43i7;l0ra!s%J1DrMp!qYPm7GSQe=*u@K;p8x9->|si2 z6h?a%>9*&iMD2w0q%@95&X&L7akgzNjK3vMgbqHuj-H*UW=qTQ+OL>%_%n*aqRpa~ z!}Mo@w}?I%47@xSyTMNSPe0|o6y9kyb?!nwA0bneqbR_h@bYhBrkE3Wiv}oqjr|{> z>rb>-(x-KgJa4!iw#_p;K%_=wsV_%AY5xxjihHG$Zg;L(?yI&G=BmX;ZOrX?=n(U%8$0>8 z9wqZ))7<-idonK%q3OQMV7p(ECf<~=8+-K37-Vr)qvFeR4cp#-;;A%%_NHOA&T}gL z(GJkI*W-EB!nKsNm_OB_9>yP;vhMJW{vY1*e>s*Mu{K@%H!q>(*SsJ8k(`Bl(vX8z zqOk(cs50`^{}fa7f(Q|qfs68Q4ydF~N)^9;(`!6$ai#m!GRjKG{=zSm{*P+i@V@dq6OV-d^so z?SCgBInfgH|0&KtHOWp&N=Q9AB2-g6#F;4~lIhzv^%_ zXVtzURoe8pcnQx!d6tm0=gs&_#rz@3GmZI1vWDd?-=-0`da<`#CKsj1sO`ilK*V}m zD6QEuN>0|kfLShBstEID@J^W0cVfq=22S&=^gkT?Ipy!XS=Qv|r@FG*POh20E*)n+ z0F$i>AZVpI%d_)RpUr;v;L}u8zXxL`rV;-OREuw4Eu)T-N?|We~Mm zS66WlW5|;ts}9g^>=x~GRB}#MT3vYT@^ZFbLAu$Tw2p}L^VC#(w}he=Oe(VYS>3ET zrKqhD>QqEe*uAyY-AiL9!l&6;JMt~b@Vt_POkTk^?u_%R_hc@}mxO#S6k zmcOa~6Y=aJRldRiq*GK*&+#<8Qv*#moQkUBL%YGE8ht#S^!+yWbiNbMX1t0J*|aU} z^LQs}`)MEeMpE~(6UNP0c#HxSWpE@yPIUFnMQ+t22LX~Rn=(2wl4XL1+D2RDPknOe z>?RUgE{XXOY4es6M!Xzcv2~Svm-kI)sVVmBNA8tJ&M5l$XzV=J-w>-FDD$qLGW;iB z{L`cEYUk=!Ga!OpgVsMHJ7V~|BnOgos(0?f5C}8YG$^!jL*Ow{IPHyS7JP=4>_fjl zJvZEeI7`fZ>;Ay=$wv|0yyVPU#P2r7$hWmQDE$jwkuq+oP`lN(H$4}0-OD*b2leau zfXW^s;9YN!cKTA^w>W-@9XC1lJ||3ECOvP0m#3I(;l&z@t~!|nx97G{#gnrqF#eV| zzFhR4|Mnsc9tx|NZmYh27%B8ef8_3c8SCS~)U@!5d%tLId`$MM`AES{wO#w(mTMenO5$!66^oz`jp?EJL&P;fj_c5cW?5UZDDZ`#Zb;`YBc0gLQ>zKbf~d-8|Mbcw@dPgO(xKbCY7nbOSn3=O^~00}r( z#o%|kqQ(_I_|ECEH_WT^2?N5#`LkU1@AthoV^?e`&YWqD%S^}-9N3r`b2eURN3fhx z^)kbM9F^M8vf+0|w4n_`{rLWT! z2WR7vmqLTTo__E#`kmt?oD%CiG2PsHR3Ia61Gcl|IkVUR9B5nqxfcMN9)=LKcg=IP za3-F5Ltmfi!qx^PY6A@szRfdpk`~;8v)rI_SNPTp+s_J`a)pCGL-p_70XtOb_-j!- zM^D95t-!HrLA2}J);BU317iYvNiin$w;aLV#m+RHG)#m8xd;|05=R|hBU-cC`>iC+ z?*5rHvc8lbN0=CBTooQfCx=v4w5*R#vK^YJmC30>F+eCwW|vW!dH&YGt_`CE%MePD z)`uh*tCZCSVf^io3}iV&d9&zw~9XpG*s3kPoEv5zWMj&r{-fG$T7B`3ReytN7#X(RQZqQIU%FPYM?b^9G-7 ztXAPn=tDgonh6lAsxxYuzkD%84P6?cq)$JY-$_`@<>RAoZ+TA8NVv$2Tf_Gah1Syz zzhAvTa)ktRLt(Gyu5q2MPTEmS+W$oj9dHi=qb|{N<4z?P7z8(rjH_zA=YpHt?*MA?cRTAL;GXCQd z5j6JNhc&U{b0aW-;+qLX(pS|S=BlFTI}*}V?k3vwD9Sj-px>^1r)$xoG9?OOa-&kC zKcEMi6>As(WdTNQ`76j*G+Z4IQ{cBQRFYA|0}|(TP3=O?IvoX-eSq1B;OdT&V=Z&O z_@US=zI_j%_1I;tOnu?;#nFc_`wobtQ`kooHK@h6wPHKQ!Zg7>ArJO$Se{Y+g|?vM zI)!J5yHbp9gSsZ6lk@f^z~*|zDjZ~NNEx~{E`~Cub5i25bB5Ln8@Q#WnPMXCEXJU1 zhXUQcV0lq{Wrxr^H(sZSFEMVnq@?-)+*z;~4y4nf^8I!l`tws({WLw03F4-$%OQY7L0zXAe-;mHqd=X>CJ^!h8ezp<7YCNoA@#5mC*bPQGMd`j`?qVHx%-Kejs1f`Y-oa z0Tmbgm0wpv5Wf7Y5R$+ps72)2-;$?lW8EcjRLjW`@u&q+` zY1BrL63L3dy^S(!;tRo07dTlImuO}g>3NneO=Aa_Fh9Wcr)8R-m$vRq0MN@;?Tndn zo?oWE5jB+I-Q5lvoaPl4o?#|zw|}x7w(=ASEbNHFEP_poKF%CXX&gI#E(n2!1uA_rF1kS2^u<+e^Org+V*=+D1lTO7!#{7LfuhHAMQSDu(APm-(taJSp=Q-7+^+htnxOn}KJ*!sj{sCYjaB%G+I zV`|8E`g}y&d*t>9bV~&!xa^JLX>1l?#LkHN!ejP*rf0gnD(qA92t(ESlozL5Qhz4v zy@u>2s_-_!PYjf7InAp0$D-|A$wyTJL75ITS$-LGMs|u{QtmU}^Fuo>#Cm)ghb>R+ zywa5IO{n!+B-?m5%EXXA^%WIqYf}%ERge(mbL(3=Hk{2qZfrtL75hDbS1I2L(o{c_ zIR47|Wd{c2Nt{=NDIR${Y}#lV+~Y95vnf6i>*k7Sh?LnD1al2hmL3eoO8~>o=-S6M zAqxR92(8^Zhfx9@6+E!Zgsjq;`6rWUpRS@rK(+Hq6xxu`+578f(N98$i7(+cQ3nD8 zP?ky~Mb}LLjdtza*47urlu&L$Y%8C9o`MD~ z-={1fBQj~PWSTcLJFhSwdMOa_JmT_=o^+!L;F*Oe-OmkS@a=mBd)bI8xGSq1ya)@3 zP=t3Rf?wPpepX^9o@ki~J@|j;T{ShBGT$;@ELRHJJ2nPHJuK!WQ`OJ|^#!kQr*@Zad@ihuh zt)&JAL6SU_ugKYMn*@3seF^+-Sa2eevT2))sO11251nCp@7$*lFWL(A0~8a0V&igs zm4zl5Y~ao0j|fKc!{k{Co;>ny$USTX+-Vs zrEI*f|D9J7VCLC#%cE=(k(G$${k3lfT+Gc>3zV!kZrZnr zJ>D9CHClDzO;!j6uD8in(to6aZ!SL(jyPO}7WLdrXv%*>mT^LID3CGBRXrelomtYg zgZmnbhWK!7DENMLJ<#;t3`x351-h}@duaj+YW%*8!t_!yMz2zDc%1@=LoRvHx#J`$e5M6T(!@A%G00E6huK7vZ^H&Jfl2aAH~59eCqZ29W@EmGUy z-M~95))mk%s@NmS5GF_>FNHwv>J=7+vECdq=r>`b&Q5&x$wn)$Gp%CZ%jnFo2b6f@ z^0Z(9*)&_)&5sP{jO#TaZbN9=MBD10bjjr}l*djZMqGGD41GSJ8&0KkNGN0+5&+iQ z$&}PHb>{x$4>ng-vi5E4+@&lizSglZO&_{a_ImY|LnM1e)4$v^sAYddp$lmjax*UO z{G$BudWP=ZtS22RJ}E>iMlf9zBV z%91U&0AtRUr4#KGe_UPM!f;KTh^j?>KDzY5_?ub9ZGXXBBpa5la(f~WdkI=b@3CWQ zAz=EV0y^7v$|gv@gB=XdtDUtShOW1<3jCZfZ9UT)uGR{o3_A0xC6kz|R`%<~=)MkgKj5yg!Fxj)u~hmZd05omZMXz7z|#yZ>1E zPI4IzOgXNfZM?4rLXTDKMB-k<9FThgqqE;I;Aa6ydib%BK3o%NnsGvwX$2b#>zUASv-FQI9ax1*gZm6FrJ_s#LduxEi($w+FDfFn$8Aww)krp}6qZJy5_1 z?ky}^TJb&*_{hBkIfbYq)zALO@RaaIUs=bFvjyk!XyjMpD-UAkPOhD~g@X;rB8+CC z71rgg*C8& zByCfRuTNr`zfUtrNPTraK%7qRWykYu)bvS@mZ_Wu$XF{I2KAxZyk=Ws9SJ;n{xeqQ z8hM5vTLNfcB11Px04%+G;>fg=io0_Th8$P)(h?aV44N}XnzM~^(QOe?HY?4ubaywLN-?qH-_W?T?Q1ZVS`{8E)mTGf4-}Jlk;wciL6VdaXH1K3I zb^IW&t^H~rmR_)QfKW=aukeffz*3}4-*wk^3R5(D@bE$yxZ&H&#nvw(=UgLhqC$gB zEq1sT3ka17odW1h3c&&G(=NlOhy`;;e*1-_C`<9wT&wac{3FN*mA*qe6a+d1@@Z>X z*TCHpZ!aYdBmmSvbmeKp`5n5A8x%FDq6_xm9|OIL;(C^jZ*9X5$h3`3CEnMNrhVa` z(CMRFrF`3xs~HhZ$WZEmD9kaxIVj1PPO!VK@kn?q)^pD4LZBb1sBqwFP>Epfo@8=c ze0P{bIG96BHW!IRL$fjzGa6@5&l4SC+lrY6w@e6_^z9Sx4N8d9qkf#z@?f{+WOUK@ ztKzui-uI!? zTBu?AN!P~eHk#6DCzkV@5oAwz-1%Bg<&2QEf{D=C%i1u6=kQ{S z0tA4Fs9VTjI}L7Vy;r^F$8oNJh^X(W06p0ND9auI#7tM zVOpDS33hLmOQg(Mndh4F@z=Ec+F%i9oNIvce3afqG-Sbu zR^X5PC47WDb4t$BNZGlsZ8W1^%$F#((mL(l7LP%#%#Z1sqqpUHx0vq;n9CY;RT`Fd zn9quFbln?xK5kZ`Y4UYoMwgSqSRJKdC(l$ik%1E)e&I0-G$Ly?x)5eN>&rGkyav{* zN6(48=va9bd2m#9!);p8rPdTltju=m=`&;51`*TCgSA$M#9&@@ns&+Jg2a!=h^QI_ z9PUT{U@5r}@#Z33Aga1_9pR8*`e+4uWuv>U^6XBe7oku?kyg4ZpKJ(>pHif7dP_I? zJP8mjLF<$cR1^VbiS}2@GS`smXXP6wDU47z7+`^>-^}uXreQDa;qLQLKvGByG>%lz zWCdaKmeP8QB^x>I|H#7c4Q=1#@mn&-K!}71Hy^U&B_|wcngLD`Nwfl@_6Fx(1jB*! z$VkeN;I>y$M9>QVwB~BC*3fjE!Irq5nY&f}QBs=ynFS$@p)>?`UT;~Jqg3Fa38 zpF`*_oz&d~iNFhURej>4OpN42hZH}U|B->xDCJgM^mH~zMIXCyBU#W=v}{(FSF`bU zl{0ygFV5r1?56zK>^F~ZgB#|obQx`mo#!Wn(((#~ryPWa2B+38N>e&N)nS!}q|}$O z;i-TN#qfPS%Fls80b9GIeNGl{omVprr1!DXz@oUF1MlrK5FIc@l@aS3Np^JPJg4G9 zTWqwPwgAj@i9Qg|{ZYVWx*T?Ail(PzGaf)Me=^0uxYcOdhRkhm2n@*w^)-8D3k7+E z9wt&%Nmtd@kA^kJ%cD~zzJ=lrGJQQY$^!=}U%K_9IM)M#?bn}T7cL2AF_A?%Uw@l4 zE5k4c$#D)_7}9pVyXm__Pw@=G)TA>UB30!GUQEVm`_#V3g%`aJ6?Ve;K&}U-PSukN zP4B;(1|#Zw254GT52Ek`J}oEOd)eEjZRVY|SCbJelV*XELtuzE8f$!0cvPvIC$a%- z5*RY;nt49-U9dT8TBKFEYSHzLHn&528Eg_GFt+Yb$;=G$c+BHJPE0)7kbH2M{v^Ms z!90Uci*L+XrlG9F@$07%*4mN7e3ywzGsDSVyPUffDZ3L}Nw?2GaFidv+Px}NB?@zT zUxRyJFE$pvjG%Vow}-xC{`9eMyO#Ags-`qf`@!9@q^xQ2K4v;H>0Qc#;Mcph5-5?` zfIe9YsDBQfEU?2KvrrO`zqTWc6W>gRy)Oh(sBJO!f3gpM3kD3mTyNf-m7WtZh6uC1 zu}b5Pp=j(ImicYf&FOAf##em4IP}!8~84f2J!kPXgk6JdGU5RoDHA$q+TT;6K zlGP+*Ndv&yUY3h{nr+enxX4t@U0JwsQs<6s*6w81JVV?k#jDkTXpI#kL~$oPh=l03 zXo3Zt;$P5f&9G}y%-35xDo)sMYPMRof1eia*|#}Hx4erNcfj=GD3zyh0%2bUZQXnk zRe{KI$@!6&(r7_$RFNOk6ApsTZj=@vv#?);xjj=aNli+)T5HRP7eE2s8e46xp3&nK0bIUijJa(6)r$}x{{{aCkvqlP z#KFj~4M%=%T0Ilio@%=jb^W8xz8C9m8Clxaj~IifC+TH;`?uWanCcpf6ok90_#|R+ z&WvgZ>0X~FqBV%!1Cesgh-vZ6%qviM!*rajR&;|rh)tlTEyNt?_>5=IuhSgX@*Lm6X_CjN)Lw~lK<-~Y!65d{GiFsO+ENUC(#0Te_)x=Wf7!iW(A ziKz%!bb}J3J4Pdd(lwgVHOA-|Z2Qg=_nvd_xu1Le^Y?iC{y2}v&h$NB@Av!F@qBki z?c@^z1)2yqOPMRCL0vngRe@gv7rPZWiCX1q*UQ6sL*SAX(q3lN?sPm$<(*qGYTvzP3U2y|6>r zos0&OcO8Hu4Vu|kdjK50xRK0+A54B3)L<=SzqL;-Dc16F)Z6KHw9oqsW5>s1{Rk$L zcn-Vzdnz)+s9~4ddPQw{n-loIZlRopNvrlyvytL1kpH6WTJ6R?9^ut|5I7NlmV8neF_erm`4sZns zEiF6IXs~6XbcURNBxwEpl}P~g)*h{z^h5Hd2GXFm31!<~DlMad(m&b*E~+)-dv~r< zv+=0k?Tor`!@P-So7q9FeEJteWd_7~)f}!pqdZ+=QSH+XSlldjLhk_+&{O-HrnW6B z2Sa9<=Y-P})+fqmG0!ocq7BE(i#J6NKdoUUq{^!Xv>=p3$W^A-vB4!Sh3ijB(rl!} z%mlaCiVex?+czr?uSzzC2t@=_V0_(N5T%Bo)*=etYGbLz9|^wCI9?R31&! zumbcM_Sv{dLVi=*kNn`D1LRT)-cC$d`2^#6{BF^}FM<^~TMNP3LXE~#eZi5Qp$+d{ z&rXCo)>I3AwsOzIgil=Fb!Rhk6coYJG~(4b;M7UL%RDePc1OjG?4asI2KyGS?~K1j zE0JB|yEGattTxxJ)ghL!kqO)-r-|Qm|!6=ry z{j;qxjTi*~zzrE5fu6Bz-uN<@ z+Mx?KB%x8y^~r?_XVQ0G<(ZKM%QX1%&mxbvmm+qOFA!g9cD|v}Gjnl(6+SnhtR{`= zpfU0REBE4W;l)Ms zx*;~TqX$;y!#N^&k>CBtXB5x()G}at8!oITA=7*SREi{W6*D;h;9Ko}^kSCmjeGBa zqeHUs^mqC8BdT|}#lbn+hF80seK3oRJA=OH6am`l0{}BZH8yIRC++JwiK%&NBhOKu zwX6WHm%8t-8;R*Lt61TΠ5vqGTrAs$*aEydar&cE$r4){ns>_Ya01+M?PcAnTM$ zt`;Af0yF!jE%BEN(;iEAap@;oU0;tv49Z8_RV?UVk&iB&h_ZDEs6mH(e!hP{^45!U z4Io@g5CAp(vY2m**d6bors~_>;dBEoO44tpP3RweZKGS!+(}P;lU#NNf%`R6ynQCq z2FlZed^--dtP4I{=-ai9{@lg23e4xt)?c*?)5H3~@&bdOgOk8df@Tgbn?07*9j%t^ zM<>?U3|2)DA21u?cLU_N_*~H(Re_$H_}nr!5J)-JFYU60OiVd>799AhT(2B&7!oOz zpGtFLt#~tK5LQ&5nLx?gC0}7B@6%HWkOWP7ATaNGz#rZPys8+wdd8(`H@vDCBV=ia z=Oq~|!`tW-XD5(5N$^(+U+k|E4V-C-H#~(oY|L7)7JkY;OBz_9cvBWp8>X8Lt7_RcGP49$JxbZ~)}P$>z&J_p zmIbW1Y2}>V$#ESGM^v0F@ec>dpYWcv?rq(J6JMYktsFVFZpZ`Lesrn@I4!pXV8`n< z1=nm)D|VC0hF8@t+n)daq_gk+GT1bufSd#w&y2?pPaghgoq&SIo-yCaPnnTgJm}CZa~czvO|p@#pRcHs6B7JK zWL?m(9xT-cgOqgVn4fSG%yd4#aL1F z*Ir-cby`Ww36u5bglp&_8$+XsQ^pn5o*v^AXu}(m0|wnvMq6oUCu?)f&Ua%FX4(@w z`Z%==my_GlgtLyCie2CVG~d1XQ+^sDL7UhqV*Td<9T_k1VkianSny`5kwKp?kOmQ< zJ>${vfQBOQc9h^G(Hg!#Z=ftiJy;e2cPX_D=4Cd?Y-_GVja$cYi53?PMs&pF87Rwi ziCB!E@Lue9Q7G8}ckR1=XLNkm`L>}-Hug~;Yv3|Y$@tcTy&e*^Op@8UvGTT!bF))?hMnM1+^w zqTu=av$u@KGf1O<1FW9N8D=4Od~5cE$T5^J|9bvpnFQ;RoDx?Jh?p zO?Op1yFnAHZ{zaXNCDE`6Y!I7f9=R3b{LE9I~(b#-!A=nm!E=RIZ%Y2qk3Fl5drkDphh#-jwLsTimp^8! zR3sD@Aa44;OuLDf(9znHp^FPPF!gw_SJb=;NLA$Vi?VcY3Gy14FPiCDL_F$>a5{KN zjC=&TLEm}K0li=1*-B?81VgT;Oi|Fsg+_-+MicuSr59^6Zf`mN6n9@$45KlFYWO9*w(8&Hu zI%hL6=^34dV#Uu8F{a0vXhxGWChIaL))LUsAmJ;Bdetz5)RE zEfV@sEm*|TGf8Hh+dy2v^MK3|s7B0`_e0reN~0>dwnf$L{n7SUkco>@{OZDOO)(-^ z`xA$_vrim!1#I;<48B~ekc(Y?Nok||nwm^1F@(_lmZbTC*av6(H|CJK2kT0O5A05TmY_+-a+E zuU+ny7tz%e>`~$wd1L)WOIjTE>5GvVUWCqGp<<8s(B2$jpgRbEqdD4N zJ|;l8{9C72txaOaz2R3`KCOgcxOUdWc?=NJv#S68{lj~+B?qs7o7m?3%4 z^~A2_sg2etkj^QINAQD>`h|YUlX{z~vyyth9GiqZC?2-FIAxVu>=53^*Jw#Tz4T3r z=;u2t5Q_+RrVh^aIO?r{jT6!O?oo4?h=Sz2D*tzBXuhjsYNN_2J1ga^yP&yhxT4g#*3m zC>vrzoiE7s(OxL{iDW6hlsEDU$u-PGI`Ec}Tv~NcIB|BMOU%9{vh@2D4ZJ<@HBYSY zeZ5j@!olG$UiY%R3&7ofEm^?In&puDbGIA@;J#JEh{qmqYb9Weww=hPM0!^FvxfmV z7hXMgSpwU^1s11LFV|$Gd;!uG<*nb8RDbj4N$Q=uWB#aD&kf3VkGsTJ?{91d_t<=* zt(G!X$t)}IvvatZafi&$A#l;HhPeWw=R7vy*J!Zh3hPcKWI#NQeKG!a6><4UgH@BR z{Taw%kFM#`7{?m7rYB?`l<8jBTuB4D@yVODE4@bSs~y(F)YiuI-mBL2Y06}_4FsxZ zAAp^heB3&uMf<1~rJR3_=iHV(9bS++^J`|xrANKx0!ajHNb4tSrw>z)yVofy2UA`y z#xwrb97zmpqU3D)@GEQ_khhsO2zZ9^vnqz_qC@woei183oKHkR=XPwF^U1qngilgz zN7I{bG7qE!-)nTWjcC0oxpo02w&7laRRRm<$invvcNIayi9^n{^i7aRXi2q{NI}e= z%g3b@-DeZ%NoyvZ@o$0~rteSEa4s!X3Cfe!Q@7yx4sudK@x2O*c)q8Bw ziaZEvtvg>0th!>cObipIUovWKjQN${G?E+Nmu8B4q^~+um13;VrhV#XT_0sObXS9o zrC(u#$QUw4dd*rGfuRiAw%|U!CeWLV7eA_}PD5}$?}-jRpJH$Po|vA|aPgX0f^J2cV+(lv`a9qm(K#uD z6JiV-fo~Yq7L*&K;mfhVxNOn0W28|`eMO%)x47o1XnbTJ|4Yupeffb{VkMiCXOO%y)6%x|(T&C3?R$=~)tn<0veVuU{2@ zHrNuF!fA6FZK__gT+>W*e6>Nse5U^rsJ;bKReL(?&1OcP*hG5oD0c1eGN$x%e(R2NcSF4^fz92ZuW&uFP z3XfEqzfwSK-SVl zxvMG!w~~gPE<)Q8F%9qFz{_J&f5G`mIw)UYHy(+;NmDN&KZKg>b0y9egyZ%{w`C6P z==aWM*X}Q`Y5L7r$-fZ!#be#OC-+yTrvtf3W%kp|3nMmhlTC*5ib7 zZve^jk03xt+TM&G9p7HRg8FI$iaL{l;vN5Les0jq8zN`6DRfGLJwI{}`cX?)-2U|T ztunaQ1Wbp)h*p2-Mibu@L8F&c8|h43T)meQ68b()!*OWBkA6z4U_z9@d3v?)O+|ac zNADZJVSsh|wQ0dq_p!MmQ*hP!CRr;vF&)dwJrSpG>-X+#&%M~|Kuz@FtxNN_vHSgs zVBDI;rzBRB7LoCJ$KXa+H5%rokeQdA2TQMCxP0@?l-!Gkj!);f!ri{k7R~wSTC%`q zkwwxYajC{ti2h%Sn9Qcx!{%+;yUep4gGYev_`N{TDD?O*o!!A$t`ZMM<+;39Xy#-+ zw@i-McQY%U!+zHI64PviS(75>-CV;(h(#}Y_kGNDl}#2z^*r?Q0^St8`T0>qt4NA* zcmQ!E!%6ZZ-%0Ab-T6l%{tyV_J=YuW7lA664y9Rif*?ookM#4Y4vD^$(mJK=6XyU48te0g0ybAUlet6s9XENn&sP z$%iu8@htr@n8$%CXKhtcDPCq(mJMOMBRPuQzV>U80C#DN(<&S>&-qFu?4x27ZPQ4c z*Y{g#VcrbuyE$*>m)|BgDX(2kSK{fKiQmluN=>69C!R2qzx7JYHus#*_%OXPa2Oe> z0QuG^06=ga@i-(pOh35Jd6E}7sm<_Q@}BeQ=aCpxY@r#z1z;?5(Xbn|`!=KF!g}uI zQ)by|uenrd#@CLlsfh-cS$sS^G#w#C2!2i7=VJqpQG*=rZ%%0T0GLtEjl6Z6Z+NLR za^DWebEeR?_rUI{ojGaQ<@Dr`;BOfa0d29lUX5klqs6qGriBG@t)qLiAC6CGpfneX zZ4INvDpq}``Dq$jbzSY)%<8!VBz1fWT65N72=#n16m{PbpO*0;imwX{A0O+PNGW$D zkM6UF(c^rkSWYE%*p&f1rFl7BB8vqWS^EfDibGa`Y8Y}zmSWA?i4v#P6Z}O~2Y8>> zWLYA02>SIv!XM`LlDyDe(w9=Vd6-hbX=mz993$kg4o+nOUXqoSvHChV3kw$_YW#F= zGW@4wAPnz6J%{5t(|dpr?lWg&vMV#A_VF1F#D=(;H$3TKe1iI{5pJGNXLO{A4%40i=}Eb+*Tve*1oX z#ZbJs^2WDfC`e{}$vPUxT@l<@u`{c(Myb0df$Yr$`|hok zJ&t3!0H*lgP`c!R=P#tyiQR6~uB>Det~Aj{iHR~^&d;-9fSW@ev|#3^S@VM`k%oAfLKITjHVY0@%T2H7hBc4SlzD6hQuFNNTX8(0o_XZ%ia6*^&^lhJidvdn<$wu4O z6%X-mjV#&lgUYoza3sf8=V&!ebfoD;nS^pF&jBRxP`}3YZTQT-z4*5#oF9JFPJrf? za0-F{{%JRB8+{tz1;MMu=Ox$4kvXfT~sx*!{9fX9^$V3RsD%oDE!dLNNAb6dZD?^cr5lNq@>&o~~6% zDv3DgdfOCz;m#{f%lgNSS2fb-%~7vM4{axh#^E43g4lzmxgc3>hwfYZ%Yp2Wb5qX2 z<8D8k}sj7s!%xD-60fQ zRLCZY9qnS=&9=R+*PkH_#hvAlkzc!)&cmz=f=l6=c=GBDQW}B4th#>xZqp)JmuDV5 zl~FM?mL@5U`E`BoQNF>gZL|@3mAD z@aTWo!~JSIG=rJyevoGKW^)iIJ2r6#B{#~F?oQ!_X>GU%qE9FBkV;` z4Do$kBv8wU0tLb@Ui7(IN-R4J^CR)%!-t2@m3>q_3wj#pF!G^imb7Ektq6{CHY`AiTUa*jSDG7SHE|x z#XyyECb5t)8I!KMR4{D-o^pDKqp25}b3~Nl+ zs_EeRQCpsD?7D|@bCGGfpd~yv=jJin2Q{$A(ZFOtBAHlD{v!6?cyc-$L>#)+jV^;h`xkeIA z41z^LwW_8`4Z6oI>go7AaS>h0U5@!4T>HY^J)O6~%CszPZ}K4dQ~&HZ{D4c81&HUY#xOTj53a){nwQJ)<1+WJ_bmhjr7ni3_=xA@{5yhT*g8AlOH7<%}9ZZ?xXpftd5En|Ze7h4)>N zfIcsmuWfWW#pY$vR#RqG6HPHL&VfbgKUjT)(I8#clW-8ZHqc*=9DFO903*#7SkMjt zpI$PR-3w!Q#d$K{HEHYX@CG1uTk~;%HskeWo1da-{^-C zk#8q|Jt$@JKA){FF+=v@&hSy#0Q2>4y-D_#P}ga8D%Lvg=1!f@=tZHae?e8tZ483Y z6`&DiS4QXFJ^DQNt|^cOyxI`Qw-?yQ$@Ij#y>8#;Hkc=S0EE$--9E8~N{jLDIS&Xq ze`fb-(xkOBns0bneD^dq-;@{~)JMn{Je}Pt6K#Ci2(Eq66uY9pG_-#hOmSVA;V4bz zE40C{Vg&iEi;yx0#F?cy7{}V5o82{!zZ{r5=j5%EJ^&eI%R)yGp1MWM#BJ$kAFT6+ z5g3M1nLiMT`)_uSAa8N-5%Uy-0h>6_HuN4daH+v8P?G|DKe?H^qI6O`o(nJPgeJeyG1dqXY#Fv{k`$xm4pKGblBz0y;HnR znRXY4ZmK}-#`+9fu4p

zMq~hOz58h1#7_5cW(W&!X?@NE#iQS$f%0tz4I%=b5zE zpgH`7^0{KlQElu{M4g{7#IB+cA8(tFf9p|m4i}T>xKHzPm^gCDt-)^%pi`D=EeI34M z7K~61T``|iG2SQysV0gWi0G!-7q}qTsCP@XOGwIDiXK8EFIX{LlkhgHD#aL^EJoa8}~*2tHd@20v@0UCZmQ6Ho$)u$&!_^ukH zz%=X|i`hfWM*;T!QY(}7tejjmDO00K>r;DWu9CJ3yLHj`DZTT{@W(EkL+n9vJ?E3h zYy#}3>XqyVb=o$CfJ{uHML1EC_r@quaxcthOA}ArM*a$ra>7Um$gsQ~4Ht|nIA6Zk zaX=^hxJOJH^0gVsUf!nTENm`yG8kW=S zUMid=0k5^2l>z z37i&)*2ycbY=t_t-m>N@M^Jqu z`K=4o>j(@xNG+mLKHc_=7ix;z-)CkvaZRev3^1|<=af#B6pFLcf2>D$Mio+`vKQR+ zl}i8e&3sBp-Zt*bB;7$zH{dK}QYtYdyAG3g+Z}3EtkT$YE07J)N73#!I(7R=n~SFHi<9j z4uL0m&mRh-fZ zbp#Ku%`05is7k8=uJqTAd=1uSvER)>v*MldHToSMdhY#!1<;{;$Z{THY2{G+J>c8^ z0VN&nBur69x9{+T9>c?M+Z*6+oVSG>g1wfO)rz?h=v)H3w3+4T?`~XpBZC|YOcZ{F zzb0#<_~1}`>v=jp%HR!2dR#d)HO_m~P1@a3UZ8Ih1&mJOSpko)MUq(5os<0scHzEu z5QznD%C!L0c6ke9(FGCu1#lz3fn>ATEQzfM?5EuJ!p5nL2zl78s_n{_+mNr+zz)N| z4peC)CEz-PeL+G`6pvUxt15kCm)%Kx_v*LmTW)qx$n&OvEX(@0-ba|#vqs0oiSUH+ zAEzwAxiu~A7tUH&`8u3=?_R&IL(%iN3k2U8nBL2R?>p;V6-BnImen87-(Kk$sDj;? zNzXXyThuDJH3bHMkDOb+Q}H~{DT!Eq6?KZF1ZQYxk`C%I)~>l0CppVXV!*_;G6iaJT6S1Q-D@Y zyN&WV5}>bguqVL7C9b!76&{fOx?02W$h;U%9#O=94N8#O!0e_8e7}b0IRN(qew#h| zy+^A=ocidnv|9IkqsZh|1@~@cEk7@ja_+0?WEM-xN=fqoK+k|%v-Zw;e4cL} zlkpl->zc+TcFp^q)z_yoG2Cxlou}_6*E$`>-(h-x0xfH~CUm-{8799z_-C=Tj9QcQ9-Jon zM#)_YsS8_^b{GbuRqqw`=}l%~f#mJsPwEW@vHB5YIwS>3r#Jb)L*{p1SIqC1CV60@;OSP4=PAT zJB(9~A?fHr8k~1~2kUN-Eq6Ip?`FKJ%21Q^w2u2tYPr;7o%UAoE(8MuUJ(0$f*?h> zth<-5dL)qQU9>#?kzK0T`qe?l3-xOf1%i~EJjB_!KQ-zNmo=-vq#&s?f@;= z^+G1t`C;|ihq1bpXOy|p_MY(RrxcK1*atHvB2bmZP#(zUrgUbd3^8KZcS9TgT386~ zk)K_2h-kyiBwy!eo`9PHH;1U+`l~dZ^X0N;`aMfp?w-scfy5^mKbW9f~X zsRzdCWq9PzfAv3=FMmX>A9kKvFO*Wbhwe~=YkX>4viYet)_1W zd!d7i(Z9Nu>z{%a0s%cRW?jPi?TbABGJaSxPSvfcdk|rsc@t^tM^Z9(Zt-sO#b#dx zM!yG85<;Sl*eq~Tl#U?dt7$(II<4*OjaB^7YS3vu>qhfg61=%{YL^>!S9%fCFR4tA z&!_Oa@`}hC4B8eI;d=FZVRb>H?EjQ`%2M;tQ9^wfj*Ood!mhr#-P?9+PQdn z*0%c3PHmC5Y%fI>WOJ6^(wrpY^fCl6iMn1&6aum-3}t7yTg!AAPo9J>{lo5^yV2iI zfhZp3qIMb$2RZ3O_w)6`I<9W{Jyb-lIRC2L<#0r#Lj%GgyYa7WxSHfd)EJ)3&Cv$+ zBb2*wcuHM$(UAoWav>uSaIG?E)|^IiNctbDKyLanadGtlrBld1^+WUW4LK4wkFhT2 zU%Rv96zREmvike0UZej&`^cpB$(>HYTx0y<%!>uMRo|;Hhi3}h8qZLKXh5p&O$k1i zX*=bxtcm>Rul~nRa;iZjH=ty{)1>ogwn}UFMU%;;t)vjRV|>e#49Lk9-St~TUuaJw ziE8gnBK+p5xBvN!rpFJb{w0zAmqz42)Sa9H(RUyV`2*wfZBq~rS>yhE*+sKtCUBKK z6YUyO=ECMUho}93*v3?rdT&&?hVf--vpOr_wYY+EOqrY6yrJvVhND-_EavY0zW4`4e_rx$-)W}HEs(8Pi~Jvq{dXLnt3*l`RQa+m z^DkAp{~#Iv`~fZ<;^AaG|JRDdf7z)VAJNq+Q1ZX>zufOXcPp1c~_D6EJv8xSY(>Kl-m>Mkqxrr#an+!ku zjywp;6UqXe5XD2xu63nV@5&%lWU=ie zqzZr98tIwW{Ii|NIM|sQvnJ?KSJQ|7Kj_}1CUWV?$xGqiL1F)Lh+`Khs!)@{Z<4ew zBMMCEUvQIze~tWu_& zAR8M4y5E?7{q?T~O82@?-*8=-Y60axRQNx|>u)}3K1p}~H}?5kGXHX->tRH02A3uo z{DI5*-M3RaDmed*Vod=e5(FY*`itt{OV8ij*{_;KlZY{F;Y%0zS5E(L zJ54t`N96dc@K-T^$MJu68ozy)UQfL59k$ay*zdpX>Nn*l*Km<|0Rmq1JU<-B|9HLs z_6Ksl#QR>7K05ywdHm1R{l=QXV0PjKm~C+A{RIN%za0rl@DB05yZpB3e}+U7vi%=k zL&KPQ!R?=0w?uRSVh?9If6i9@{{r{#yuc;UUvV1!51xD!%$8Ee30eFf-)qsdJCjRd zVCO~gFOl!RapS+Rt{k4oF1yuMsy}&wZ-^2kQO;v<>F3t%5Or956QlM|Y6rU?S|!1> z<@JBt&R=);wuwmPX<__NN|3}YqU7~%Q0bld_gnfu#5VYpC=1K3?H_+aHxTI^zW&1{ zu+=ZQ`E%~+!T5V{^FMC!282lEvGM&oKc^l*L?A_rlySy_ zb3eE4m}ptMk+1LmoXsL8l8CmhyU0T6zpBZLebU z))l4G%w$-X_vZkI?h%W`Ti;%cQ0!~z+rF;0>D{TceD*D|uFU8^diwq86uBg0>D~g& zeDcJo^vlLnrdG|$Sn9xNvzI#6+Y1@j z0vIYRY+K~&Eaf8#>B?h? z|HT#3q{S3adA~7Yk;zikqsS?o5T${LXZm>(7<4Z)%lPSrIjqmK62DPdEu{JdXe>l4 z>R(dAUvv|t6GDarOtG6(X{>DJ!8BO$oo|>-E}P!cWC>pM80qy^r>53p)C(vSb5a!e zTLOP4S`K~Ad1lGfu_O8OZ}+RYLcx^hoT4mWxHY1xI0YQfa2V5Q%S!#M>R#-hWnQz^ zT(l4SKAqicUb)$|W#cH{m@<<{J!+Yc7Fsknb#(W#1(7PwAU>llOsVL_9N=C9;)KmXAN!x!aQzJl~_zRPmHL0D11IFvNA_=`zg-OD+m_B1uOPcU~=SxLn)gJMA zs;?JRM|FJat2V_@35J%{E_`kD+OZ=D?vg2^%VXMYvUEfg;Q~{FjgRL|(q^Lx8r~~^ zBNKm$6@$5n1(lNT&$@rpN6pK3N`5)6xC1-4QasLsfNBUyt&-EnhFh~GT{lapy4hOe z*%y^j2qPa9p{f^gvhlGcLd1CAc43t$0nO*sd3e;nNG3czavGm_txJvSH41n0Bd!}ijbk&+zkG_il z6(M2V^AFoIby006<@(|I;eB);;%tk+%c2>5)1?7N2fb)T%onVmqJDuXz)Y9%3*@fQ zelmAXdr!=ovcHGi-hvjL23?ja;urZS^NoC<=I2V0ysh~js280mD^nk1YXlScuzO|2 zrT!KO1*vkT=O53~9;>q+>gSEQZIH(uu%N03MK)?*HUZw#mNeX*_BS|m>&uB~U2={6 z#qwj?#`s;9;UO)-w!lx zjiOShdKgBDzUPnq?l#W6+t$65zzVg;MpV*8T^q|*xHd1ys?z5KKw`gTYLj_;vX|m(`Hr4u$lU{oE>xsC!a8rhB zPD#&=bGd!n>>pJv8 zSKohS*-2eHbLT{TCbf8B%}=10=IZ9mU6wppj>;;Ef^U~V9C!lcz2C^T-@aegA+6n( zxF6ZNPw9DH(FVOR4aC0&S%#*P2cBZT?jF5wVQoDRE*g_xu}zLPt8g?uYCHKnhmm-4 zIz?<&PktU0wXI$4dX*MYOON5ySXo0Rm)<;89$j~yoHjdIIe~*NAZPMU8+S4X!@0%a4%Zq zbYVcvepdV36Vo*PXLVe6?0Vh(v`wR_q(|p<5BJ;V`jG4UU5ygGb=CZSJqs(HTDyAC z{Jp7l?(elmEH_VQ_*vV|8&{v7L>+ek%G`GM=Qi)FwW3hKn^D_U0B5(l zGeQMege3LmTIj1>m|5zcTL^HqR)5$;J{=hggt%3g`1M_xQ=z)@netA(OwrC>T$^ry zDk)F(co*U+lBofz@doK3RK9@n6a!GLmX3Dkhf1dK z=|$`J3bN7_5DuzR7{^V^FB4=m&v67&ze?gMexD-6&X>^ z3u&e@=hhwd2!r6N;R7-92Txi)=S7Tiu?*anpgo(nuG4V^*tQS&XlvqvO<{||W^1Un znX3p;*>TxF4_0_$$8&DAd6j(O3RE_*g3IaR{f6T2fiuPW`EKYE{)`yJ^oi4#WZehO zSI(}FNt)^I9%#OuV*z@wWEK=OEiNEOB+MH%ayo}jo_!*_sm8E1mZ2udn$(lI#MWP| zdxYoNZ6!mW?0GGanzrRp)fbKg6Sj`-ymOLF`9M45+c4$-I5H9b;IV!)C^dYmcet?% zIKI7qw9?fI8-BEx{X&+OATA}T(~`aC(S~Em+HLKKNFp~&APbTShuWJ;O>h135V6ZL zkz-S{_I5KPDT-X+z=QR}P+UP|uNq}Q-=JpZOf0o|JbjqGv_@HbhZ7y^B(h)p`BGy_ z7L=83uM~ryUq;s)Hy6!)8m?XRIHvcNytcA{q3VGbl9}_Ah0;uG+%J0M4v?eqmw;I zc|6zqW$RNBuTKa}yms(yh`DPX*>oFB=i^L0EiIu(YYU^GOYg5nT2xc}w2u$!8KDpa zkt#60hQsJuTHQ=`H%Qad68kcjESQ?eI-_sFHBRiRDuvm56OJ}qmpg_8hMA95WJLtA z?x%)0U3S=`8m)|m$0(LQk5^xQM}a?js^!Msb!+&(Z| zsFhXAwFqjB^#)9AwQbGHZ)Vc#e>x(@t1>}B}nz_VgTwiWufb8b$ zr$wFn8mw2%^*?{2&Z081k(bjy!>fF8i%vpDnXCV3I&L{M?-lnuHif;YEU+?ZJ~Q1W z8?9DJM{th+WUz!cOSb239bSi#Nne6B!I6_&(>tq|j#8&sPYmrxmCG@iAtAzw-{s|$ zmdW>L6bo|=%n1NxlO@sCrQ`|Uk;D_Rjvmf_JaH#0u;7ISj&)5!im%HA`q zskPf0R@_)nzyhdLu^}C$cM%l|%E9=L)vevxsIp&ySj{8}82lj$|ro8&#!R0&W=4Ka%mpYsG zA109>062a2dj;D()s;&gI6P%%ZYW`DN9c3czOW_DsLhfL46OJMe7`U`?17(;0uiSJ zV&A?NaHhFcQ0iL&va_E`H!Ik%vMbTKkcV%^2>8VkL!ZG7A?6P@U%P%-%14-c4s3ro zfgvuMqck}IgQ8LTRyF#^YaiLYT3X)7)b8xGnN@j8#YC@g0-73)hP`@6whb%jPuen? zL!~*cD9;d*S!f>T27zU}0VW#y>Jf?ufz`0n1+@>#xqu zL}>5GN=E1+MRM$uw~hE?fp%Y=sXedXWC5Hs?EY#;yO~Hsn!D_-rC|Lz zkH4yeSOHCs?l}LG_qZR=Tw^p%ByuB%x;6jMH=RekRDP(zZbo_~n@3WSM_KRp4l3^Z zMT9H(Zl^B5tzp8N;A_MLc8)7g-XEzXi^eN*?CQAwHe&ypI@RpWVi0&m4fE!Zv4JO^ zJ*sDCm#68mURZt}Rx)l=ZD4V&Gp2rRAXjX9Kl-ii5p^hinl`V%iGEoiJ9l&Kw zrx57GbGHIcPmn}j);!I=Yv!P072h(mKqtCJdH6e&zxus!i#4D2`KLyh9N9ZF{LR!6 zelYiSuBZy~6Bbvvdlp-aj2Ax(LNxg-4_0=D9Zg`(!z>ISuBIGA8|R~h3SbWxDtSry znfX2GZJevr>~I0S@S};gS(eA?N5Nwo)k1Db_{l2v*tNdn4%v;wDs^er;}EFG^n%D& zHc>~nqe@>?5%+um^N+`QVdYbOA>KFxyXKvmSf-#U>?H?!X*j}9*)_64=WV-7M8N{x zYkk=;g{6$LDX`vum*uGb-sF+W-I52+y_%evS+m0clC{e=FW_S52pX}0*Mz;^2Qio2 zV`PQ|Q~;T+f0f-8`EtM4pK48ozcpRIk!hOlW;B5*>FFNXogHoK2%jDiF>%HNKJ*eW z-(ekogwAa_#)r&~p}5JYRA{D5p)=Qw{lue{uTH>Anda=dU#O~V zmLL-{N~Lx;VYUl`8SKWVH;QAa?;(IQ-Z4YI*Qdf?gpk!bO|-X|0nU({vhN#8t_R)O z0tzSbMI13Q2F#||t^D06+da}0d^J!IN)IWf@V+z%Rr8V>B;2p9y9jzUrO8nNrbWJu zXy3>rZC4zX+O1E{9CO>zoXKRYLX@94kLAd5f1r9SZgrgx3EpK)gonwgx7n7xCVrt6 zL;yurt8D>~_{^cip^zV(hJ1*w+Tpp~A|;|Fl?p7iD~tUz?A-86LGZg4ZEr{*f?ej8n89o<6dFQ1vdbKm|&hM1#O0qx!0 z&3=xqY{$_>9dA8OIhzyf6q}@=+GB_6M#C4~DguE@(*gT8q<_kD-rG8#;Us)|KjH0b zvm(nEf@^ks82(oZ4AiolKO~olgzmkzq&74&rU5w9a_mXDtIhn%SC;J5`93QE?aE)` z9ydFq^b8FpjJLo1*p`he#AOXtB^N|S96@C?_t&Z=JN61oHg-L14zc0(HDbymQ|Z;$ z8;X}xJ+v0NzfR3;O!Kf4cojHq@)}L%~4vgD|k3&R%GD>NY3W_A|rpibMWA)Aw#f1Xn)g;(yAV8{xte z3rcw#?}1QQKr_xm+X^Dy-%aLLq8Wzy2^h~CnPvN&-%w-!m`0>7RO)TYumu*H6@C_= zDLmucW3w@kuC7O-0~epyqKoZ?2YtrYc`CC?x7>Scy5Ghe)ln8qi(jw*0buVMx}7IN z^aFUoB1PJ6TlpfoV~ugMu2q_{yuNyJ5!Y?HJ<4c>5uzsD*dLEi9mfw>Q{JD$Mm=3I zGREdEXSlWd`kMRKiKIBXhDbCh?`EGelb8zNh|3(;7{oXzvZ>BPigjR!)l~PEIs{j4 z%$!n7E&X7#X|pjGD~zB95=6H}-}A`NyM+Zb?*CJ^^v?|OPYzAy=9?|joNS)Bz12TL zJnIgVyvryOBQSP@N}aWvY>wxS-YMbE>4~rRFp2*jd&tP~!`CGPQca5NewB84hC{ed zotR~jxAGGM61rkg-G;wKEEG#ur=pI~1;uiS&c~nl)SEV>oR)L!CE6~oOFT>5xmCjuAhIJpHA1D)qFDeL^ir?Zz@&Q}0EngK-l53-#a*ZUs66Zuxp_kLE(<4u}e{o9G>hmUMcqD`;`?z6M zz@LASYlhEfc&LR-SKF8XydY4@PT-yDm~VqoNwp$%N=dl#sd;+zc+RR*rWJqB0JJV> z@E9QQQ)J3d<$xckyxAk0Kt_JvVNooLS_F1Vqn*ptiJZ#91i+OScn7wASX= zM402kYx7|7_K`$VS&yvnI+oC7W~7m^kDl{aRywx2*OOLZFGdLnhK$ctWC3}`cJxh< z!A7(}+AqLQer2@Nl?1J(5;=r_tPhlYcg`&`wRg}IP{eXs*BoRH>%d`gZl6+?L-`#_x!tF3_J#Jupgpu+82#w%Zt_#fpvQm+_cibz-@UaqA@ zuW^PH2@;hZEFzw+0DeP5Bp_OvvuMQ18#z^lp*pj&Pn?gXcWwR|tbDTSv=u%B^5JR) z_PSat#6dCIanbi#(5>Hd_YN8eBR0*oLRNp{b#K(`qfge~+iYyx8Ca<-u&YB16JZZt z1XZ^OWQ+&E&r7C~{(GGMvv~u(Ttx8)uAt7Z#QZIUn;a#kj}4?eJO;w9cWe4H&pa-2 z9bhf)2wZx|rm*8~wRdmUjOKp^bHy~od2((i%7~JGXz{?#yH8lrfVyVEVz}Quk1lqg zdSjMWcYRWmS#%$%zua$2mAA6{pq3IE`4Esk#)5*{G{;W)yZ0`Bx8iu+pfjkN_bJ#v z+Logr|1Hl|Wa*xbx3i05!t%#<<}OQ1uG6CrG%Fa3wvxVW(sX-pHh%K58TWFb;lO?+ z)hWFpFt+0UgHYy%Z)-}dW#hIQ)s?byxe;!vkAR*cr@d;!{|GVS+_@NG_NwNs2MO*P z<^)4dc(b_4VZ9f#hV=yE!j;v#%aB&o2gKVyHI`y1L`5b332H}cM1`h!eD#}RFLyN> zV}o}F3Egm&4oH#_HYwlmq}_iE8`P>$XA$zDTN z%vz~&@y|du(l1ctL-T=VXQHe0MdG@g5?cKUPr>N6{!_q{&JhFr(3Z-aheJ1~{H*Jn zu>$d(l(^MiO(CMIc5WhiL}(>XZ{}=K!IdKVMUs|T%)t*`a5L*E|45j>TJQ_fv|R?t zSQcQ$p~wC$@c5s5HQ_#{I=Ac;NYe>m=DV>4ggNfB1Dv}!_j_2LwVwbdI)vMfclfz=loA<)f%=TdIshd4!N4)Z<;=$GX zlzViAr?%28jepy_k&;+&vpDi3h4OQSZqG_fRhxjmqUuo?px^qhLBB@Uf$~RIyU5X# z|7d>Pfi<;A_KKQCEj$6lAy<+z2vUv7p`XJOgM%zvSZtxVxUlSo>pizxJk6af??$|v z7X!SAcfdIgOO#(pXfSv_Wcp)h7d(8GJaV4wIDPZV9nY6adg@u@NXLe%&I+R@x?b}=Vqmt9S(NG!bRv9 zvTidyF#P^KxF=7(uKqX-w7;OgmYeOX8Wr)P0XjFcu|d=YpJcnYo7fl8j4%2A4W5*s+-k)Kq1=k{w3qC zGeIVw!QxZV9T}2bc_JD?)b(*pvZb}J?4W)9y68WE`KCFa86W4yZU~tYLT3=O*vyRd z?G)44GR|)+t)Rb9;bdi>i3^QDWrO%||D0`kbU8r(O;+OW$wNUFueu7n=#lNSZ0cy* zFRAaB8>MQqV#r_`JFKxAG`Sw)9N zdm!u;#MU)5B!}P?0||BnIEu@!K^UD3vX6=a$Ch~5gPzfB8xznPdqj~=GOUF@T}_!U zC|ixtV6hJ|2K=&aN4)##&!*E@^yw|)`krev0U){}PpNA@TW^^-G>dp{`b}%U7aCts z5J~Kw3?1wAjrcHAo?a;V%!^pp=J;MYW|@`M&w@W(XbdB~v?=QusCI)eAD5hhYbuzxHGPcf{dUy4Qb4=2w~L7E z={Dx{Qr0}aT=#9>nOTw4_nq?L!KeCgh2AQ?u!+lN6w#Mc9SdW+0Ij2Jks$sGiY(ts z=z*7AfH9$d?%7&L-Wbzs&tgV5c8B*Bit4p%6nYDHF6=mi@F%68(`a~Mo!XcYBiyxK zmhS7WaC#rWC#uPDGI-~gEkOt=fiL{>0+14sre-{R7(HT0VB;z4yXzMNGnhg^)jXc9 zv-sC17+=EXzDReoB{AX{c`JOa+tfxbaAL0FNoeU6?C^`7uhxkZ; z<)i#r7gsV(~V~1x_N) z@(%s2YTpL;Yw$^-wt(IPS(D=t82)}uLi24xBF&$*P4tOz*Mby2OTYU8>EW$rcRE=I zgpX?(!>ZyMC===~c4Ox&to+4#blWUgI1crXzg7=5;zmrCffYcsJ%S1A*@O46W9T$3 zFHb8#Bg)Si>-C!H>C_P$s@`>kk6VAM()FBgT6>Pxt>azm#jbwRGA5qrA5n_McIl8p z5m84=k6@rD>!l^RTbj;}2;Md^b56hIaqH$niIGiy6IPGL0-H;=ncr1L6|HENuKRc) zfZ$!|{`8zmY&9abYE|3;4JqXk)1C9ZbEKf;7z;Z&wh7B1WXg{qO7OI_k+m0 z72yhcH7~#P4nF`hzop)US#l|T-n|^z$@E%Pv_2t#4HSM4 z>4TcnN?rSD;dOMHP~=Z9z-{+CYYjj6ayIZ!nA0$n)wIvUrlM!FX}q)-?Z`V~6Q&$!Ew^YS7*C4R#Tx+wNkB7O(L@7v05&D!O+v8`^Svv-qOXI zLEonC=0Ut{kanFGwlEl$YdR9DXC3n?5YaOHxDupA`nBCY^lK&Feb8+F@P&0%Tl)Mz zy#UN2`?X%B<4xk*wr$gRROJuX8wWN9p-N##!%~Ac9O0+S<~FT?lUSB^U&3EWwi&aH za?!EazFMD4ApE?f{_uIfTXu}IaUZcB1@2A~=RJcjc<|hXTmrF1{#~4Vt+FW~jC1`8 zfa?|JezPv}qE%3;xuxkm@jjrVM1KW-%#g(UgU@WvZQ+m1agMO^nT3r{_+UR}!(kS1 zwI;QSMb8NOwClpLr+WkzgW6z2?#b#@n6j)vcV^mc+*%!XeDlY#aj!77iM{^561IVt zZU{uRTkS%BbEaEedy4ZVoldH+Y^ER!D`!dlz^DOU?2PyP&&G?*T?>}2d+Ap1PjJd4 z7awaWll^0xANIwsUgRaG@&VEJN+~q8gmndXFDSrrX0%hbQ2?ya3r}ULK>4(-Otusj(0uv502+Pmo>%!6{!-$?xg+1f5ET>60FE( z_a)meWS}$7T@&t!6D9{9mdyr*|3F5E?y5^S50l~^61T)zo*bF|K)DmtB`XUUb>>cB z%gT1nv?wxWjVe@CC zt__KkDKe!7WAzOWdZCpGX8c8;YZWs|{~$t;5{A0~Ab8@iXm&c@Mf5GOXX2GJx#*(T z*p2ujt3|i44u~VmUqJ{0LmMtOgXUEOY4>Y}CYzFCNSBUv&HaS_tt3q~oqimKSMkZv zbjPx-SlSVe4C965**SxYnEb-zPHp!LNR^F^2eMp4M%k1rHDt;?oUy;u@jycBoI9VN ziEN|$8Vcq6nSU#FaMsAK)_w3c=_p_dw%8UQB(2W2a+6_~1o2yrI-*lwvY%B^b8+EF zTPpaZQ7HN_7M@;0;8u-;MJPf8UX1NIrq=Y)@J6z=1{~wBP(jX#Ma#C?(EMJaSLdjS zZ)JXn#9fs$s13&*ni5j)F4XDJ#)-u#cLTYl- zyzsIJ-)NeGgkNNta0`;3bK4rczxkXwUs{$uESSm$%8fXLpZECg@b^|ta?K<;5P~6h zG)#-U3$dAHiM5cRUq#)StA5ZLU3cj(bd(HRjbwbcdlrw?V5%?fHp@c&#cO{b;e0dB zWnOx}i8Lkt(RB72Kv?;iAnGN=a`=n&h4wX)mLEf7l?@G(hwvRJ>TKJp58Nfzs-Tg#}k_tCv?#j&LR& z9z3)7u;mH}VgTZ)0UW#E+7*fZ^IabD=vt|O%%O+i@L3pPI~U~BQmz$E;;iX1)b1wR zloF&O@_zztFXN7En_sWTI|`H$`&mA$C$c>K{2OfEcVXKs;^>Zh!GuGUycq^bUd*t& zKOXXGpTyAYJi-w-mO_mQwZUeK9r7J2F@tyga)Spny|fnV4pV!0YK44wF^OCryL4mY zW~c1#e`ylS);xH$-_g^t4R^;CCB=z5cI645`2OJ4%iMsq#K-iZ^Ekv)KEB zC;te~4?!)AS;?Iy`XoK~26dyDf+Cjj@NtiG4|qxmNb=%&Wl z{D4L`8f}!~5U%C%?5?xNN+|!>4WE9)&9QNJ<|V%C{*U?~GHdLGM&Z&le#Ty!9E0az;dh91<}OEbG^ zOB?>>7UsV4gZ@{1ohC<-f-O*UqC>A-&p^-o3M(CThKnn* zFT9g3=S>#@zh`xw@dRs^PR;6;HLbF4_E1v=7lFopnp;>JVw@poE@IJQ4=eVn>-dp zZ`5Y#@7;4^eu**PS!M7>r|NAq9-=6I%Fq34l+AB7glmGFBMyunf)bct!AV=$*SJ{&@`$=W|QJOq$wX;-KkJ z(3`nJG~>JICXNsDl8des!a>(Gzvh}(1iT?$RRgfxJiB;cmca}qSH)zR@P zdW%xr*_@2Ly<@h~u8}BT`Cf^**q}(RuO|qwD6&0!zB4&Ui#P*Qkkdn3`Sf|)0r`{% zeb6ChZ@yYLXE~0q@6gsw!XBT3#+VHMDv9u8ySzT4_SxuGYXZx0&%xqi#3`2R%Rx1- z)~L>*dA*qj^-2uYrF#5i4UL)m@h%thC+bQPE%EKQNK<(1pd}wfaA(N(H};vbY8D+r za^fKqkF!Kkf(R>s;5Dj|eGJ+3Si5EdYAb=f1X3c+Fcu)H?kJo}4<}!Ktcj=AujU(5 zA2-|56kBQT5fa@Tek_DkgKpFFXf5Z&pdKB|eZ}oiV8&$+z?Df&a9cB2sBm-b8Ota& z<*v$Fn#j)hgf^j{A!WUCXa)?i-Py)j+iWW>9@-$QKV%St(>IU~JmU&bKKYhjS#MQX zPkq9~g02r78BEeAXxJpGiXHsHcZ$zSE*jAb_knN9Zn88=qzDpIoc|7ctZ{PIy#n%R zAa}@hA;tsDn%gl&*!#N_MzOgzfA=r&&U52447~GgN6|oE#K<7tAAC?#Uvd*Lb;9`X z6{#Wb@rd3K#QmS49Hn5XMI*pD>LZv)R^qgLJ%;+L)GLEY!^yR1{5T8qt#>+XTaEB* zCJ3FEJ(ogk2p>!K)_KttzNxI7M-8jOEaDTT)6*v|iJ0El-kNM+6H-%?W>j!8nK0Lo z6V+^oufPfm!;+@qnZ?M-hr97pwuVVAR$<53*YP@bKOFnbRHE>|F~IB`E6#;Z8BZ0P z0un#d-bH2z;_ApPAAm#A3CuT?4R~jPuenzhlOVPo z=b7R8$uFXYEXzEA062pT!hQsa1kaV#DNd7D z##!3}nQ_bSIL63!3{o}__v8I30Mzrvk}I=0>T$Mi#P)=W&$1WmRr;kcMc$-4d31-J znLB+;Uy36x`uRSRPo<2atzwk3=IvD**RrPP;%Pq7(EFma{u*@J@_RKBvcRC`K%DpS87v`Q!RA)Arf13=H6WC zMr5{4E>S+>9liR&sgBcY7&p#o`V+#`SL8Z-x6~@CWcu*=lfpZ3ipGS+7|xnK*(P}Y z+kteB9Y1G(r?6m>3Q|j9;p$7UNm`rWEVg50n;AGBE(^8NZmfsSw4 zk_y5NejA|`mf`k2>clKN6#caKt0<#|;B$uNa%bmFamQ~&7WLy^iMrUvn~Ykw3dL)d zlPj)wslThEjta4Q{Q6Uz4xWltRtg8%SNq+nsZ>irY|Yl+JpcbM{7iZAAKYPhbmgW^ zCa*4iYpW5g(xDlJfXLtY>7W@DHhYqjf0Wi9Y21thC&sTp#=}tIA$*o`s2G92wOBui zO8K^~7Bx3!PRRU#%^;wYYw&oHo1nt!ZzUMT_cJ0dbUB~552=X3L~~W)<^5wUoh{v( zVSAo9vCqbfIVRZ!Fd1>vZ8_FP0K5mVc-t*$GB^dR46Dg6&nN+Pn*gepEd4RXz;uSy zVU`^jB04my^Oo(~+;T;&NJt=^?*n(4PSCJTi0{bc_Fg~LJzK=gHZyQMvvN1yjSji< zdjJlY?R$jRHEDN89$Yr{7BKZsFOkMX7*A>oJ~jJX6}r0@LXll6?Rd^sK;7pq(FthR zNtrJ^*Z(EUzX;|~9Gy%mQNpgU^gF`(=69hw1nW}~yb`Lm8l%YZ@x_-{vg}c@FbAk9 zQZAtAcZ&O@&pF1iq$#!|Oni})s+79h^OX~GGHUuYfVwUsy0_i}$p-K69`NzgSkm<7mVD|kBW0jk)6 zTB}mKFNnJ!2PI1lvNh3#+R#F+{~NFOYVVC|i$zln^LM>|OIY16)ZueTs(YyM`q>9$+mVJH&PzI z@WqEC&h)t~{?GgvoCwS;1lPUV`*g5pV8wa{@94f;FHSqZ zma_C^&NwWUvA?WEb_2pU@Wz+8!pB?)KQEp1ohmQ=3QmlmlLT@J#02-c7@mKFQ&y|z zX94lAXu;3+nheGICbTuG+XKU&&QksqNXUvxW!c2`nYb98YO(%UQL(Tb>JjUvXkt1R zw59NWAA0;-j&u)tgS26JISApX`UTPI?o_~Qu`KdIjz&Mn%!7%8gIs1w?nlRYO6aPx zX!pfJnpRIP%X4Po^?ywRau+oH!Fr*=zwEXhehU7|^w^Hq7;$Yt@IgT6NJsd`AEtta z2F%tJ-zb=mobhR|qbYH4MrU(S&1o%mNvLn2x(5lPzue5=Tzkgqkk>yJZN=rx% zEX(y)W~9zNbHT{9{v2%uzf^r5N9a>drpbal)=Ld`OdkKHqGc4`oN5z)cC6f?&bgK? zJKnZiojPX3YS1WAYFVr1<2J@W$gTpNL0`K@wL=220XqLje~)l$Eu#yd3McgbjdKR z0GuQ%ZvXqU{r9UOR>sKk@F;sE#|CP(rFeKT+qIH^08{!llE|IE{C0Dr=^do1*i!4M zO$n31XUQ{+VO{pZ^�f);T~)Ni6oKdRnzugS@@A0*L65-T1cXPrvs+Cmf4Z-_SVr zSB5II_kVneCak6_KLjR^IJS)M67Vc%5C80;f47A&%!U{)u?LI0%-Qt=A#I+MatH4C zo_@0e*)&uzsBU*QpFkE!fF2VYl=&as%2LZ1dT!TMny76O*Hj8h%$~i_V^Gn$%BlBn zkrQYT!rv-k3-B12Jq0Q~^vD0E@bK%hooyiWa3ePtF6;h0PL3(=gU|}1nw$K(H8FnT zKlf~`BF={IoVN0DeP)O3rbi3si#DH$(fe?vW_9%5>LB@O48^`*)3dTZt2Hx~cT!u= zmE>U2S@E(HqMYIF?j)q=TBsN6DC08K<8u>~lGp9Ex1%$|Nm9M3o8SOyACFDRt0Tuv zfh7WdFlN+`zs-5LM4r>UR5x3H8Tk5IJgrSJnf`XpR+Y#{4Jvh06b9O=Gyv12g&3{^ zbl`J;htyJqi95IsE85XJ!i8&nolNQz*5d50b)*sRtM}9-ElLh=J<<7jOtF9TcD|*? zs-a$qihq^{Y{y?d*Z+?IgJnJ~$0ZKuey*la3iS+SFNLMvB{<=8m(CX^_;jFAVxmk{ z=SQmFm~H=c$raL1Ih)phEwX>eoBm^t_4pqT7^~u3{=nHzG<4qiYWyXwV-gQt>Q;p2 zslD!xyraN49M}Gv>b6_*x1OzMDE`9Oc;XfEvFQ(NAg}@0Js#1Nv@$0))6Sz(bqR7W zx5yD>ax}zv9#IQ_(4F{As&BKr(_eVJRWzVVWZhsVu)*&^##7!n?gr}T$=dsGq6~?_ zt@@u%+<4ujD7g^}AASKm_s99u;?D_apxfy${qjr=Lc3Ahlz=$8@7h*qs`DUJO^vML z_!mH)@yCKR85Rz_pH9I}i0;%I+r(vFFx&4Pr+Kia;1;_2y)vUTkv(vgMbO!Xndfko z3e}!LQ0Rq`cUqJHLQ^7f#O~PE z6OaDOJO96ZhkyJwEyl2K8*LUUK-TNoD$JGqysXj^!nz2B%=b^X^w8gpGwnS$tdk7T z#Hj}azch6MV4VETsAiB87M?yP%)!pO$-$uZ(?@cJD~}()dOMoPN>jV3s_i&e*qJ^U z@%z+Kl`cQdN;tIk;7jn{PbO^x?f|5IF1{PGSyWn1JeZlPtlVm2>=I`MRs=bw4Nf#|0$W)%FX<{5S+!qazJLkqlBkO7@ z9KY}8f?9i++r=|gJ)Tas7Ujmx-3L@Y?W?IB6Gj_m`$J`FL2PHu^am6tp1+Wx)#GHG zd1lk+qrR1Cv|bo%U!N&LC(2iK5XMbiux-j>(%M_QqIUPOT$r!7OF$lpPJX`O$~Qnf z4LxaO=d%lMg1XMUGkT#`qYO;#sjSb_IFWjWdtW!#*p?POeWZX!tHo`PPrmd78&6T5k-RggBg4Ks%xGwB%P#|8NANkj>(maeSjb9d+ zj#S#kpMrOnv3goP_q?+at{vDzm8N70zZ*P=z{9hVhR2%{_Kdg6I@vqzah)%n^dduP zONzo-(7I{3mb4!%2go+KzGo53hC4!?~x)ax!{d1OZ$1o0thBk@<1% z(N;bKQo?Zq|J%g%j3glp29#6TL(5br6@Br9t6WbN;m&_X{Qfon2Z}-sqF_58>(;rx zGgu1oKM0HocJas#rosBT(eB?ufgukwhFRWweDN6+a_lH&!moG`Bx`;vLHPyhU{4NT zc)THV9Mod@;fZA!Kf@{E;=~}(8BjAXf+toKk1BY=a!)ftM4sRC%Tb_K<~y7D90RQ; zbE%s)9vLc64qY|gV3_@yPEP!9?}YHMHC24SN9`$8TSMnPgI!E*q%wm% z#WAT*USJXH`{d$bzG3AlaN+C;B-vigi&xp)u%EBq#RlkTy0mt~U_AjFGoo$z^O%KY zlHiR>qnD7tckV+veq@zeGg}-`TpbhG;L|!CES)iwWJ@bHuBfik$QZeXldOqvKdss- zd!y2~Ti61ATqbpP%8A?oiCCEnMO?j9!7?cb=i2Wt-20u{ww(4+$l+F}4{I79-0kZw zw;#mEAip87$TY-{ZeFjg={#kpQEi~wXuv;Vu`X6KD|x5O$3tL9YWn2l5gF;>@+`qx zF#Y&_TvN}aa*B*tt$wdvG(Uv0sr217L>g@D@Wk?4XyvBmaG$b!rX)Jxen`de<%iWx zGZlm-{Uoo+k3ns_-4V6z7%^@^e4WqB%bLo}$}#p-^UkUuLU+u1oH#dASKr1o^SgmO z^TZf()d6S_1fn%blT>mu%Ot;I`ZqGe&bPVsc}AZ+zfzqu1EE@*Klh~&xC2-B+AEy% zdVf!Dt3nUU0s>G&%d_7>h7F z)EDLSKzZtWX6T!M8^OOX!zx{arDcXVRn*86YC?H_-WuTt)DxFp<_JwY4lk*}2#rA3 za?&e!#%07O{E=0ld4+8G9&V+zU8{N^L%B3(3Xk@=ACd<+4mX<4x38E_5Kfm^_am#< z;?ErE^-be7YoEq3-%x6H;d*}1>9nUP*o4ZMx`8`BEaP^rCA-;=W=ceQX}9kd#@A!^QZdv-8W$KENKv!P5t*& zh_grJ&{T%}M6kRw&CFk=IQt&YR85m71a<*wr%~cj3#*zsb26ypByu~ghcu$Ur(4GF z#kScm{LUe+W@k5g{*>FCFl(QK+vrL^PUz(OBX{MqD^Q0iDW}BHfbB1rj%}}#rfNij zk9;yCVSt3CvS`hO)EP;3;`04r4KT z^{{f5b)e$|rcWgLUF@Ya*k{bR;fy*fr<iW(ft(HDdG(g z<#y1w3rg%3Q%T5Q12;!S`i7i6GvapE;w-6~XKJj#AJyYB`^kHZ;OCzp$rC$k(&9FJ zX)IggVJ+*%J&>r1lB%{?R^1%dY924ab4%WU|E6j6x=+mHJQ`fP{LXYuYNC94a)4m5 z)%C+w)gP~xUDF6%o;HlkwXCVMpRx!nz9(}-cva2br!mSV{teN)HvGOkT;V1#WaSHQ zk$ZxqIRAn?oAOoB|G;|1Z zI6#OTO?cet<6;2ypB5p{LLMh_H5~HIG}wvz#j3uk^^X~Dw`Kh$&iC~e5c%6oQF8x0 z1Gzbv=|xuVgC*AzCDFmx0xliVjrpJuc2imnxoolSt`ds&d^P~of~v33{>0ccQI^Wq z$_6|)Dj%3#^D$ixT_x!C=|FI9DGp^lv(bXwhmg&T;#b=OehModN89{YOODqWbaf>f z*d$3d@75K%)e$csf^x`pHi;7y~!=XeE*JlVu`J5b>>b;}`FL3d}6O39`cBcW*{2JC}_ewL zblbH)!TV>Yuh_E0xC>u8tF$}35l$}MEw@@CZS^Z28gH0VQQkRameb%25k~J^;Tnj2W5k0)eooS0XC2D4&W{7m(v zgr9!J?0AW)oZ?McDA6%9!Yu=XN)g+8&sn#8eGCnoj6os(pQqvIwC z(O!-(l8Aj!kIJfxxvGhjVjJnUqriD*3-b4?Tbsh~((f-BpMuS|w)wZ0X1d3zH{i#n z##Nor{{sQ^-(K2lgDf}hQ^{YLMqJ6Mo&s$3>ptQ;;p7H*L?h@8ezAyUk@c)vZDl2$ z#9Daw*p-92vMY%<1cqR*Lno|+fdd^Oos3+Z=e*IW93I5v&yK(MtTf)kpzULL&oyA3 zVlY28--~h)B(V{QGU_i@(`;>`;2lYVA)F@D#y;S^b+wSJkE34#& zI*g7j(kbPsKnmCTPEb{FdH7=KTRRI)t6Ey-;%Vh*1wGC)ldlQi?2@;(A_{#WY6Q6? zWiibVXy+dk$?C)1)=OKlyKVDO*2a*<dSGmn?q} zu=18?hG~wj?ndJdyPF&S$!wl}MWKDPcVMxdd^J-*Vodi}^+`qTDawY=)m*@d7-u(} zWTVfuRW(%`LO6vDGR_^5y5glZkMVx@GZRt=&9zYT{!#|rsM*@j&?TE|4zHDrbM4bH zX*YmL#?xYl7`}l-R780di>#fy6i6tOn%i50hWfqfvlqF;Z&ZePTj9%Jpv0)Dc%0j9fuu= z<0zMRP|i(ToE0B7+ux-QUX`l^Ec#e_9cYg#BY1tSS@ewv+x6g`b;~_iM*k*mB%JKE z6lX57e-I~#47(vcPm<&(tZpy#TOJ+uyj?%E7b?uHr{|F#e>k$08@ap}On+Wo^>7rS z1FRH{8CH~j`e|!IlUHIUhmp|o!}u5#(uX>bm?*qrrnZb*{F0K$Wi)t{tnecF9q2E( z=6}73e=!&eSVnF8m~zfcwpOd&f#kl2JXCmWX?UUb=k|_kOMg>$SK@QNN)K zyCI?8M@c(H@?MG4_?81+$8OBN%OENTpfVAn@t+d>3b_eI#(= zEBC`U^cp^eW0rE7fi+H*3l>_)sFMwG+58lW>?OG`@W>e5FsG-nnJ0B}| z^5e~JP3eTyY@}?~zbZVr>^^b$OM(&~zOVFYRk3qbUEH$17q$(B`rs zE;6|fwjVB2=vza_fxZ|F13kXI5m4)LZ9NE->i(vhM_^Kd#K&4Hh3yM6QrjHj53H%P z{3hd0_DrPl$3XUlY7#p=#K3FE0JY5V@U?b2p>k>!o+n z-me?g)!XWldw?qkqO6m2kHL=;#!w(mGISP%S3KChb)zLCcJQtkZa=-GO(AA8zgc$c zjh5eU4Jha&yVYJUIl9x;;Ffx2Em!+W^zbRq^@-3x&v+GlKh^)oX<*j9xp1-nwX5Z{ z3S%VVo2r38uoycnOfx-xSu88D{fJU4a? zYCE^N%@2ljY4c~x_~OR6Ln^bz`;lB@C2P5ATy)EMShCev zprL^Ce`uK#OisB@vO_h}!yYxyk(E2<4K+(XL!akP+>avMIW# zmmoc!uzyvRq&<%GH?mDJaiuM5QmwgGX1{M1rV1^FLhaDTDaQ`h!!Huu(oEIT@(v$y zdsGpj5Q}%EqMkl`6zW^Md!Y=z@6@}azg|H9&DV9BfejabeDE3k>5r?vj`Pi}n5RGr zACFg=VL`&6jfk-Xmlh>|mDysJ0D7La(|37}fWbUzV|uTu`q@l67GVGK2dSom&6nm0 zpCiX~K1P=08=e66PDuko(CCN!<`C-|6S+4Pn=j-FIa>K8@YyPqxL_;Ji1RfyT zx4LWDIyFg&6w$-6?@lgBt2~wz(!0SE&2dxoHC|iFh72Xcw39|@y*Oq)HWxf5XR5IY z^RBm?L_BGAX0Wr?(t>7FSmHuEG=6LS<4I!YVwB-^X)4cRcf?y8y^21l=4%oUuqiT%Gui4 z>VtNCz*knA01ehhiw)XC*M?sNt{B2s2l_Ih_03EnwXXRcVHr9hrm7owNq*s&WpHgi zOnc8|V^EpP^~(14*@*Ut>nagbYxV!@b4;2jx25hMf~$RJR{heb<3BxW6%*y_j>e!{ zO(U0#lD^$hUeAONPf>3xyS#yUmZ>iEsX=Hr3*nyCrhrcRl#)}j{FeZ_Cawi;V!qpQ zmbS_ZnGN(Dfq9~;a%^%pUaoUHq`iX1#*A+a99_byOQ~hV4v)ku%z6Qhyv=u9(__5n#z~NG2Y*w#R z&bjU<(E*3^mV)I~*?J;Xuk37Hb3S+J`-up&Likr>?yE4JisAM51MZiWaXYAhzyI?{ zkN-z(dnx@vz1`xc)YA|{JfIF-&_A|O7fzC(4x3UA4jv>I14i_T0nXcJ0-txDA)YsV zvl0Fg4GZZdZ2`h6IsZTQ-ZQGnZCx9t2o^vr3y^LDlxm}Q5D=6q1PEPvZxTv?Py`f| zrWB=#f+!^Pgc2YW0jZ&v1PDkkN$4#E-njQ!=i6t0d!4n`pKrWBzCVufWIPO?Iqx#> za?Sga)ZP`T(EG@FT*2BJ!lJhZYtQ*)wB@i+(EcC`gk-vMz^?hsN}e6yU3yEP^&r+B zB1_b-%?a6ADBUXSjLa=$j+W602aHveRM?yNsgYtqj3a#oA$R|Ju68wu(rwfSnl`S^ zaJF^Hqwy(tAO$XO%&cDHNQnS&#w-T{K=0Bv2&wHtZev3CIo$3D>c)RjU;RlQ_Wn3i%* zE8)&k`0vzR8K@l!_6Bq9z1>gz1cXG^yC zq7GV)WaVMX4>_mwK0@ZD17<7OSY!W=-cf~bnf}_&oRFdh|H-dzfisC>@AgWg*Vl@~ z+SCr%eQ-xKi+W~SoOWQp3SW{0OzX#A)V6=>zLerA`fOh2t!=qZ4MO_T3o2doTCSs? zO3a?lMORg~S$EjErFc&M#Tv}95?L;boOPTu!r@WwE$ z!N7#*@Zk=e??#Z#2%(^K7geOSn#DvM*+qF6H4^sh82*+jAO9NNo|fH&eGs-s@$;MO zgmdHTjp_$u&?Cza(%TP=-negOhzJ}Bd470EvQnh~JN6#Fr9=^|n0&`c;ILDmN(%%) z=S7iWFr{^9`Jsm7EZT{_P^9uVr3s-(Q;~URTfx8;Me3{{%)81rv(0nMX?IoKzKdZ` z=Pa<(;&1JMuSM9ou=;&QbhmC=)*d=((ch>;8AelmWUVdM%Of?+r#4=0R~ceYS3Lc< z98zQ8FIJbd9EYM)ONd!ACi!B$ob2FVZZG~LTAIH6k?u~(-<-yOm`lN1gzo2gcm8Yo z@^8`Ce|Wq=H7EWbe*TZj|Ihc76e%QMW6U`ZbSSgc|AH?6_bW7Eb@c!J@R$B_DTY$6 zCe6HUyZyJEDTVGYarED+LVxy1)}v^xV(@^}KbS!O`ohjoZF2lA&!qH`mqIqT7Ng5i z@cPd_>VJxoTFH|3fBy1kj(uB|;zr2pnzQfzauMJkYq?7G!}a&m`>#nXJoFYt?|BuR zGw=P`NBvLLIz<)8^gn<3vnBR1|7yXv2)udvZ@l$?A_fX8W658a>pzzL{~Oi6i01!x zqhgfG|IC{$`CnGm=*%J&Ft_iVmDBOpbU!?R!as4Pad8{x$`${f+i_G1qnc({T1@;i zZ}TtvLGjk#g(#d%mdd+-9gpx!1k;R^&{~dmiR*9jR0U8RU7OI4x>_LAN@T={z*Z@{aY}~?=xBV>)G^snSSprt3*F<3M$Ew;_max z=Ql^d8MOSh!82U!GE!pJ?Ee3oGEkrDRrsZQINxUWe}=qXIt=fO3_G%a-Wb4)u&jtQlY{--(xi;zd%==b-ssjP|X_Za>+v-bl2+5>&w7x0I)msN>ITW8lUUy|`$$PD#p`{u6~?2~~K7+Vu1q zF;k?VIWSZCmsk}dH5U8+z}Oqd1@5e`$@2A{`7d$ys)fs+X7+a`fh81l7^ppPzSC}U z;=O0XE!n<)ElhGp?mY&RG*3pG$De{J)42YWrK>=L;t`jwd^14(0>QhUc2XRX4e;tKzh4r0%Kgw^2*C5d5<{nDBTpW|M>ccPEuZYPyt&s z-EpidFs~v1{=VbWMaP?3$`0k*z4}2j58waOroyj=UN#JLs2Yg!`&C0#67c3K$|!_xjN_G9gpi z=G3!`PVTO6_axkz$Lwd;mXi}36`5)Ds(&9;^#>AbG!<=RX^_hPSepte>kOWJ^9AwL zpnnWA>0mROHc}M}I>Cc7otzS`sIP%&B>w4@Kc>;`a>)&J-QVqb-a^qVrUx3*wltho z_|)hxU&3asf@fZbk^aI4ScS1Rddq1r0sX`<`Xy%@n)*GsDlLTDo!#8i=1x(-nks~U zoS)mY;Wh`6_RUKd3&>9-i4&Y8^^Nw{`9v{=Y%J1RHQeH}pZAn1J z({5k=pN&fdSP}jimiA$3q)pik0H%}pO4UstyZ+4ONsm!Z&apCzQncuZXHr=|%9zXR zgGh`FOLpqJ@0eSd35fgcBxk<6IsSh6-YrQpbyn6ToYb`f*;xiNGprph_w(_Vhnq{% zcI9vKdyMSRMFoesJM2>H+bms(*_^LmlLun8Zi|%sCheyc&Dfc8E$~qMmd3!-r@9&X zM%r0*D6m!IQQTrSWcWm@Q}CBN9U75bGX6aFSX@@fqWs=KzSG0pIXip$D_I2D9ub(& ze!#bPD}gD-!!jirU}pH}+>1|1y(qR%(lKuZbUVUZG_v-lT*&X;JUskD`78WH8G6s$$0w&bc5sriPZ`AAV!?`8j@Uh=YKf~r@PO+ zXh;S-pugd`dsjPdAw(7>obP8R|5Za=ZYbyE-&S#O~!N5RJ3Pj{q5@crEF z{yOC7#LNGD@=(16ot&G-!VP!6=%xGXFl>ixX`pt*fHIzl;C)(S5)u0*x{W{32)&$Qaiy@q|F;(8Ta z^a=%dzQd4nF8zyzVx4^nd2z}d|KfxO0Gc>}>_H6M;yHL+j2g>BS~ce2!<=?oyYk1j z^lp9Lj@5{_R#M;(=5V`)7x&J?b-&v0W+Ope=L5Z4Iiv&T0={a~q}F7!t*nlk<3lT3 zfRSQW75Y|hSGPk75!gxL#=xdZ&BKa&`uqvpA;8GN$!tc>KMq#Bvd?9rjLX0?XVH(! z87g4ul-ZoLgFRm<2 z_r-xgv;4Ypb+JRn#3msAQ%PY!=C^k2;OvNV%KI!5vvi6M)I}Y_4&ZAQl+(_*BT>wd zPM+WJ$^I2OhD8;9`gZK7!SUtVtA;Cp{9eH;QJjGB9}!klHZz%c4(sy0#{4bEoT_V$ zbMfo8Wq|d=VOw-pt}UPCm&7XA_379>iH=S`v$=9L-}zlv(SF>u{?qy@I+&KI4F9zx zMY)q`lShIdY|x|++StsJ@u&PhEF{fE=~U^}DqMfKPhsmUc)%MyUm^U$!dH5n5;j$@ zPt`Vk-VE475^`*+Q zWj%0rbW>Q(8nIV%R^1QG2rHliSdKVz%G`@cJCXa zVJ`l{Eejh8yRj>cO2Y)&n7Pv^h|0>&QS+OKYk?PqoDs{e)62%V)U*d&4pm4_!fcRh z5C6fK`=|`{s0q!pse?#foJ~m1^BALX5@l1=SWGGkLA&?ML0uqIIseoNKeBytQucxl z%do#M2-a0ZBZLMHQ_$LHcKXT&Uiz{yzB#(@F?{`GyE&uWg}m_cB-@wy8A>uc*uJK& zA*lZHP?n@`EK+cV=vj|c&JLO7E}*fhljaIyJWGbqsIsQBFX`(zJcBW=njRQ-b) z@VdvUh3U7FxXx5&sWB4&^faD(zLi-gjXF5<)0dFd^F%K_b#5+m#hQ8D! zIlWDT%k$MyCo9dyA2zaMSq5$wdw2trn0g-h#P?f(am}y4i{c~eeY4}StwA==$t2{1 zePev3&K9q#Sp0(X%V$f|ay3g4?9WoJT~P>6S*`j3st*X6UcXyI#@Lgi=f_8lWzc1C zVe^kEPp(i-VkLi?b~)w5M_6Fo_l82KqjJNe8-_@A1}03YOEh+mE76pLUY1uQ8E~!Q z&KPs(Nwo=~~m{06o&X{U8MePq(9QS=#Or(~)L8mKHx$`+D z`!|N_HW?_#Pyf)3ufYq&8Frtd<-xYq)Yy99HKHsk;306E*k%%4ZwYYm(=YPbOVP!N zyk{?qqMEcdrRr74v>U#R-|;}B;H7UKKvUfFMzE}cN5mY(OJzQG)d%>%la3p@9a%(3aj!fZ!Y;6K)K0D?0(x*rR8+qi{xliruaumjm8aks zT`8az>T$j2yUZWg4a_MDRQ!+`#XKq)qK)q{z+F023DEjUb-PnDDSG6s!KajyXWW$d z{^osY?Y6luKN>n6oEZk6iAnl>oO9f@P~$EVea2QU>5LUR>Fcxd0Mrf|6n`mJHd7y# zwgNMAr`R(rNZ|{Pu-WaBmnwU*-#D3(cIZ;z3y*alC-q}4iB3G~3yXMTVzv{NkuXo` zs1g{shP1r<8H+ACHI)abhEclmg*TvVE7h#lgknDL{+GqXNI+8uHzh;JuA**i0d5fe zb?dn<96x@noiu~N_y-(YyKl%oRD5|y@4QQtNYSN$yt#*I)^FiGN4;XaDJ3DhQ`I@1 zd(z7UQVY6n5>zYO3sF=p!tG-q_C7%_Wt1yu!R$1NMBg zEMDqOB8bi?GLS96%hziH2#jT^gMilFXu4FW+Kw*}@0tbZVc@hlS< zOtU^K{ZU2&?qUTJyvD(F2|EU}Y0e?fEQ_{N?y03GMFErUKJ6@W*;bV>GLU*+iUc?M zGq_WdR>}=e8LVwNsCHJJ=`#347OE`8&@ztxvg)lRP&PeUK&-oKO~{`5Hk6n}0kGk4 z3al57E3W3iTi`AwE%454BZCRZe)Z*ZqPK;JmxAFV%_lJGW)zBeL%vwfow&ElV^5Tx zn$DM(Aid|*Pb^uyKW6I4>%ak3G@em^ufU8uUT(2ac_D#Lzu01z2TTyYP)CA4xK*9zcmc zv(9~H&E5tmJy;cDMKfjdPal6q*R$R`lGL$M1mxd0RvfbznS}jxs^QjXNpwK$O(%u1 z{@9%nD@yM?BbI1c@i>}rQd6M}IKcYYZKkz&c60o(?R=v2=&tY?R`*=mj_7=${LSZ+ zB^D=v(Dco)9Pdxc{Ag1>bn5nyUbe@lnffoHY>4KbWeX2F(D~8IA7gdDy}x(UDBk&M zsd~$=>?AYr>1FZ#wCr1f7{Th2XbYv_xpCvnxF?|Qjn6S%N2X7+5Gap;7Ex<6I7`vA zcV(WrSY3&)sFbCz<~EDi;mXGLj(2Kz2L1(K>;pG13C5yxn=760d+yKlzf(<%7>f)e zUa{P>>HbkMQz?D=)CH+7I$<|`fIjz*DWU&D(|ev>*=`ldrW@67yx$*(R>Zn5V)yeA zo0U{?Obn4Y@1A_0;pC`Z+>M6(@Dn&rj9G!~leV5=^bx!OPw~khKx*5OoH%C6of^F% zt0^+IfD#*lOPK3qP$OsebiSJ`_=zH^<^Co*=OmAQuQ?`aLRv(47b{@-oG62fS#e!t z;6>fH``XoPrN+^QvQmv^jU}US@;rUT5}J{!yZ#S#V?x4OFdX1^8ZxKoM9if%&#`YD z#~TD&BQ97iuu{ZUvJQm>SBGH%Nj=S4xe-;=oS=!abD2%H3*YZH#U1V856TN&J;r)0 zY^b3~&pH)Ri-7RU4}H_XC^LqknC#Hu1G5oiFcNUJlC^Yi;(5Nm_fQqyT=>bMZwPlF zZS=@>(k1u13I?intW$9g!d4Z^P#OF6bU9Gv(XfWc>Ok+rWN&D^RUpYC@Cn89i|dlg zM}s^WGe~BNfqlHk6??<7C1(6-Ru9D1z)^G$VX?V%FX~$;tY{;M9^Ro{tUSB;A$W-y zUC(pj_ir(#tv3# z@lv9~54QTUhTXLtN7R|jhEx5-j?_O)#Y4m{Ob+KaD3(+lz67ziQ5KL?f~c81K(%ba zwTYB#4)=<#S~#%gbyVg8=dTNyLO(wC#cDdQoT1;H3m;y(3thMRq$8nKbXI4y#&K@7 zY;(|lbJ|eg$Z^qdc!(b?_#xl03???W*Q1crKcz_C5wKIyw_cYw z3@GYSmSH_QfL9@3pcOX5i;zsiV}$zx328!NpwAB*&RUt(_kLR+z8lhwgKE2FA(pn| z<60_D{Hoqx{H?SC)Qg03`&8P(0C#<3$oMN<)|C>C{qgRY&@owP&`f$#OMM)ThvM;1 z${<78i=}RQI*6y?KJV!X(0jn@q~uKDoVwYdgE81B=0!cky~o7>+|i2Fga{=!T)np=R5ayV=mRpn*cu^V6)5|W zybV80M?u}AL{43C-$$R{8i*CQXny4jr@^6)dIXR!PU;Hm!{r&afK&sr!s&-tfyf|N zuw)-rX-gr3;utVBBtFg|GMYwnD>MhG}1d75eODPRs9*-|BcFoGTESD8$!Dc8QH8- z5u(934N+OkwKRul%f!G>U_*&HlZehpd=Os)Ai>mN^g34OL1%a&>$gFYhO1eYZ`@+~ z%q~2xjl%fa)~#u4-&?6UBjJ~djT(*<%bc&gT0u7=F=p0r{bz4&xsF+{>2S@oL@*%~ zkkld?21LqXB~okL&tq|dW$#jrWrp1*0&U42Y%+K`SdTGu@xp3ZEmk45-EOhg)@r(S zo3M}os$b>MuD&ynxjT^oqZ56`j;NO}8EHmaRyiI9zM7vHXAM6VwPx9jg}-rta02*l z2LxbGYFB+8Kz$m{7iI3|>rV37YD6(x&|yuAx@1d`!q#O`KP)XTns^IZM_N{I9hnh9 z2b12Dd~tJ@?$Vs@vS6z_%REd6ug^){V5lx0WPbQu5_&Gpzk6ULeNbHZGJe02g)J`X z<%CUBuD>KbVBL3AZ7XEH7Dk<6+URI5iJq^#AOebv44{4+L@@cW_2O6*6k~LV^g4XF zSG*Mx3Ai2SU_#}$*bqsbfjKQ0(UMP~PZ5W2uE?%VAba;J-~A?#$lA5KmrUn7x5Zl{ zZ_OjiRwV3*1K)!_`@rN{a&$sCG5Il_QK3xHzlI>yw9%?4bs};xRW!WSYcRbfO<^Z@ zaC7E7!_lPwo=ETMh-Pjaazf$J_Isp9YT*44UM?RBZz`O%akaxM3vUknxtKL-#k#w5 z$s@Gr=Uyd!VEqjZ>`drpFXyM?h`^o!HJ$1~*%%|)*T2218mXPKX>u(x$GlB?_wI^! z)ueKJxssIwv%*(9#kl^4Ds{?8_+We2PHX80^R7NlZIb!H`=@(5HDpU+$_A^Sz@7?1 zyi@{Fzn4P)t$L9eLz7fOpBZztUv6%I-l`NmIZ{aC?(ef$FOAcVtQ7bB98EpT{RW0l zesD+syvq-<5Bi1Ft!wXII7z&5&JfR-N(0sJyRrF0@t&2ol)9+TlF7HH@HXIzsjM_{ zpZr!#E6@+->)k6j=ZyyeMyT#_&%x`a1EE|JV#cq0HYIHqJ5I@e+jFR7STGw*8)D_tyf zNq}F&el5v*gNf)y=HOk~Qrlk(4^6k46yP&NY$?eyk-_8^*pG`ke@gN5k|X2r$exLF zVB@J}=i9v`&Bo@frFi(09^Op0ts9nwFzuWH7xNLoFgMYC{F*;5IN#(}QB_P7Xv!4D zXALaU3C8m=(59;SwjVFlm_`PiY;|eSNQatifAFswGX!irX8`6^LJ<@>-le1(v(Ko)+g8(9E-5^n4tWO8y((? zKXSIwVmN17+SPV3M2__m7p7;m6Z4MVSS<76^~@!nb#0~}rhP-QsmrU9viDn%w+gYW zm`bh0sl_Ha1b(~(Z_=(VuJQGa2Wr<~@qh^~I&hDq*HY*gUgC*8K77m;bws)~V7|K* z90h0%UdCrftu^<^gFC;c^Jb8-%U`+w54weqrM7tKKwE%+X#Ep~CkQG6g% zXt*X{d>t3)ZvhE>LNwd0_NaIHc0}~#Wsn+jB|?b?HbaxskNSw&UhcJ%_}PQdCstik z-ZBaE^1TP4q`AiI`fO6ONQFzqF;-%oTp?-O0p_>Qogb&4fonQmDE*5;U7QFi0p z&BtP!@f@i{+^7e1K&g?HX=A+f00wtYM%)%21cZyjnSl9T6_l_@8sC}uM((8STmpd5 zTG(kSI}1bZ%3ed+sBUh9%MFKyqEml5%x0OS?w|BPgooBgfYI_Q9?Na7bZj|h7X0Anwdi?f!lgA=C$|B?iXCba(_pOg;+9Ep z(>9NMFiF1N#H!Q zY+9Y}pEY<;cW3S$%kZ#8Ap;xZGR8q>t~Wc1j-zjr9vy!QUb*AOv9aJnz7QjM!BP1z z?o+UWh|?ky6|3tNbf^N9&NHt}^lL5dCX*8IWs%eOJL8bATaG@F(R(G96+$3p=IECtPKk$ZuJV?7Y!|+*>L-=VuDEu5- z4gb)W#i8=9J`7gCzcMw*f;c}U*3F7_hP^!`T5@Z%&*onfSZ@i`)Nbed?2vI&A}8^Cs+N2^ zt9-j0nd2rra4Sz7es%6>SsZzD@jK_SpR=E=-E@EN$i|fKuIG^Vje3Uyg@tFDE;52= zVd4X+AH+m%M;-1vu6p}MN-iq=5vV~)?A(iENEvv8Y7t{tX1G-mmmq>EmK3>ttkdPJ zd3FGrLjRc?V3=>3kd=Jpq^!Ojx^_l|v9o7aG=2qSse`yoRq16>U1llv8>%F?_7xD0 zF08bB;iR}zj-aks$DM+G^e30MQd1)X?|=Cb2?_1^rr!=!Rj(qhZA7Pw zoAoN#kqj`c2t;1KkolR!JYuc&wG1GHxp|)JR+@0S2%8h9ou{}A()yqiOOzfyU$r)I zxojoNpTJoEGIaEfaS+>qr&((rPH`vM7joR)VNrN_ckZr5k^2RAIntq4LGmXfM2*}n z!$r3Xt&sDsS164fT$FH8XtmqSM3`^obObzTqJTPcK1lhv@C@65m3f2uJ@MB8tHWtd zN+0hV+Q44mg8U=5CQMk`*bn8-a}OOHnR@j#Ls*Y0LLyaJ0pd<2*&1H~(fV=^C6uYc zZ=Hf3TB+J@<7+82m?BTx6J9-A*q6Lr1SMQr*y?pr{yuF(y)b=of`2TO*EFhs%ZAd- zlxc!xD~t%S_As5H!pM=%bFb=uEkIHRxDxdm`Du6jcf}tso)(VV>16_H?`tqCTrABn zx_q9EN{+{{sSCuFiQVyIy<_uIHc%PjoAq^x@j}#?+}fwG3uooLsu=Fxe)RMFpLpok9Jk%S~j6n66_ms2}uYh%c?zV z$AAF~|JI*1gr0O1HpYI<^QRs$@UHF`*)fu{E_N8RQ9R5X7eE_^aPwrw33&{;U`INU z0xc8@JKn>M_-}_8{BkKuyPjH!6c*dVdn8%ZRt43bKg9MJ)KNsZ{YVw$xG(nY+rwy9#p{}HV#uqLoSGcH z6-h>iUxt_(9(8I=Efo7Sun|a6c|(LVCJyw)krmhPw)ploXrD$%b|$Jqk}Fqw!bvWP z0}A)j%{F5V&m;9|lL1kZ>yd8MvRENeU0R@YNq1Ot2$#R$e{5o$FQ4Dn{yZqm6n?S)-@cbKD)-s#%@+xQb*PKYxFk z+hRIRPO#k1mUNA!{5vt8fT`ZJJvM$yb;ra7Z{9WEORK`S#wfGA}FP_G`=RjmHj)g#9)kxFND#@5l2 z1ci}8c7mZ2Fe5e;Wmp7q%I(|Y`#KA!G>k&{F1S|nn|l>jp+{AMno^D;5-xJBRqPOm zoRnJ7$r+E!ZYc|hQ*a}{D#g);grUSlc=_6LX=7?sW&LazU{Idh*3;X1y@_U4{wyvK z?XLdP#TO}C*c(*k>sfG09$@BiZQMj-{j@;z`EynxQWF!qviJA*7B0aKS@G#|9+g|* zF(i4{14CujDnYy=>+(Xe`hjXo%#;n<*vlG?Y^W#atzmettYk`iXZpVl!-6BSA!gDd z@zbfY2T$DT*0^`6nLMxdAw>t=8S+{$C(3%wnWQb_BZW3z_qV7T)2?=8ZX83k*%j4K z+L(_V3yr1-9o1gyj_ZOWWXfAjw!!`D(`x!SW|jwv1_rD?C(DP2=g%(zZ*Ag2w`B`D z1Ab%$ReN>Ry|>s6p6T(YG!MaYKhgGSS%(`DnFGf8)+cCL6)^4hh`=cu7U~${u_CN` zbj5-hER(R|TOhhzt z`ft4n?{!?(Z>8#w5AlEYHF(e{sr2F5*Xc!hb&ytsQ~z(@++txc&)24E#A~Wk#k+=t zF2b3usEIq>&1>cmgpgQnhjq)Q_zzu79qd#_(wp&x^NR z@yPaCg|XN;*NF8=LKcR+GMxF|(y&WBPo&`BuB{>n7piD%*3U<&ZUwssMH(-K+%NUY zu}EY(zh$yN*ml=FY2+&`0@iw!0%udmA-yeSw^&R51O;$u)9-} z{wBv)_r9DUjaVziT*WZP!;Iw9#97Yz{^K!~Pue|MEO22tdkC=gvM{4VX`{K9lc;%q z^>oOM$tuJyD}PmNIbjU^sO6GPbd?qi`3l|-FRU+nom{>d)&ssY1cV=x!=#~n6(KLL zVQdmYA^?sEl;%X4t<|Et|NA|X3~XhQyFzY8nq;k{<&%ukt}yDaKzyD7))5qg4XfNY zbQTTy7)_>YDo*r9OVdevxsDa-p65I9hgFLT?sVL%z6Mtug*JYE&PrjyE05vwP1zez zkNiSLe~3! zeHP_G8rBD8aqUel^-7tk941*;1CU;Og9ahPuYhJPr%lTrbYEE+BV>B)G#|G0vKkO- zO&ZL^GbI5f{vgvrJcT6N`sKpiRv*hLcOh4oEF|E)n0c3-KiIXyjamtkIA}3*z+?Wt zzoN6o8J6sR%IXe0j=0QmSh2ov16_BW4V}SvIZoa0+ok2TZU_Y|UwP*Hr67chSBQ9R zQ5#30;M1>t)?OdGIDf;HRgF2*VU2U!8p^kL1jJ+;!jgLIQ_vH!Fc1m`n>-7mGp4Wf zljnx->{x)ff3q*biptW9lwNo*No7)iDrkX+_4IZ>S1D%7M$sWwSLZ(DXW7JkTt-g7 zSGr=vorv6@WBhqla^sD=f zqAPMW9t5K?kyz1zeKG##?j1rjsu7qPl0dLIPwAW_@whnUBfqRU`+QomguP=U#U#0G zEs$u#Mw%tReKVvD4ksRb;{b5=jcnvfxw1g7p{DiapKGpPUkrVWxfAkwi?8Ifd@0=? zeWqJ~<7Xlcb0u-+vCRy9lg1rOGWHEF&J^ZB`+!Sm;lWA7Ia+%)niQD`~578?aN{_z5K;Ni{ zW%oP@OAbmvo+Oq4mA^`q58N>!9Fove9f)<|18#5>8Pc%i=8@xY*QMvKYE9DqYoUEX+`oh1O;p z1;p~bFa%r#+mBv8RKQJ!=7#1(1qnChW=*HQvk!vyJ4f|j+D77`TAp<`40kMxFqjPL zM!gwQfKYNx0=V=z>!*9Zt1=hEvZ;OJv`vn`3Bp=O$wk0V?$4B{ys+8ifdPyl!2M2u8`k%#b${O7&ng~^9&=0%iZigSSgaKgndyyaQ56*R^YR=mVr)?m!Y z$zjzu5Q>P@aIPsCFkRowp7L~mV?Gly{;9^`Yxn_9ZsSwt8Sk}O;K5-68g)&#uF`yA z2|bj5m~A`kbR&35aPAwhwMiGUu3iT5l{@H+4cp`PkI5p%wl?sLDE(Ap>rQ+u&gf)> zM!!l*pE3Nxuw&vvFP4%^$v~(%(kuEh;Nwivm6IOhKbUuK9XW2n^Ad&t^-;hOV)gwH zhaL5APwHi+_1+t0!NM~t__fS@G%_Z`V9hw^AK8MG$+p{`i9_bax$;GZS4fXa#&b_j zM-jz?@7>nL9!DSVxv1_wx1!QxPMX*ld#1<%{XS%`SQ`!0yoAdpy0{SNK~2= z*ttr^R+2ex_{`NlT58uOZhWc4RFR}d9B6A0Ve#uO3j5H`&l<|Hah`(h!3JrpOXNm4 zPT@%;{G$}l&mnG8%$KW4CSMCAX;cZpxiqGc;A>ayw_?s+0@9V}QD*EO`?zNu3}9U| znXin6a8eKm<(C6q51kuRIAsl4tb>2KzhpxKX7qlV30Iae<8g+X^P2PvLAQ0K`%({>4H$XtpSP>h zI4Xa-=m!_^%5T?8*;m0)Mg{SXr%>@f-wS1j6ucHnhMfGg`a!{6c2;=SeNH(H9_m*!qP&->eHwTzKO@>VGx^Q@oqKx6-+n zDF)_6E^oHpQ-~k=aZ#rL4S>6>V!VvVAMVo>y-`0$CE>J#+RfV!M01jJDz)T*9pIDbvPjiWp%oRjboyx}<~)gq(o3h@%&$w{QtF z>dz=u7DXNYyhot%!bGruc-nrNnUU&0c-Q_@lZn#cIAz&EARnM>*q>fH-RZ=%z+LE^ zq=yf?yrZ&^K4I6<_tDzkHp6g54c~@%nw%}AWJWCz7e!U^^zyv5QQQN#AHru-#q@{Q zbDi>=uJb6$Om81(u^Mm({Gr!oRhTh7X@Wnduq7*UNjmRQM26h94$mS!6Us<|&&Q56 zi%(pGy5umqp0J_QWhX~Loxs_K1A_Wumn_Z;mh4?)S$B?Q0K5SkE+;kGXbw$}^I;4| zMZeM+a|f-=&j;Cb8T&QKdN$(Y^&A_^E$e(gebNH>nU|tgejeyBGHy5 zNbX%!`Unoc7lLzfTEk40lH}2AtSy^Jz|ZoLhNc9*YWuSK9MhNmvJtcqQ+^YK3+t6- zau)owr$J<@7j!GV-%AU9DZP%Gr+2&L8|W5MCmD(z&&f(H2C(mr?ph-6M!%#qY6%Hu zv37`|>Lor7e8ju*22{@%<`W+1hg5-DSzqqOw*qU51X_-vnKCx7q2ojB6Yz6kO)bsJ zvU_Z&g|mx9R3l@e_yt_}6pL;x#J|CU{LfMmMq<$;$HTJF5U;%c9dR#*?2|`}V}pLV zmYww*Q??MrosrTzz`D;c<|(0C+4kvCi-^$X&QJi@_qnmrgnTMDwvgKL6U*_jB6yFQ zXEbo~;N(KRB+XU*GrN|p*9|UdY8vL(3Xi)a33q|qx^C+{1Miu7mOGzFb;ukz;-z#d z3CZr7h}dDF+hwoR*6J?{Q=R>^*BgSSBTV;ZMNr>a!tDjNrPs{Y?}a*?c`b*M*1(<= zOP(-2A2aOP-V5qO%$)2Tx$+0ssVYED@CJ#pz1jSEIUIWAHEzjH3;wYJk?_%sJLQO@ zUCGMkuTu{m?5}4@YWf%uu@^`gkdLWwwSrS}hGy?-_}ve{`Ln3W&)O`FN>(hccZW%b zGA{R7A7ff2p|ffaEK<`Cw*dA^S(3SjUmuw{hM^5Pp^vv<3x(I3@?zza-GF%Y(VW%Q zbXePcz)mF?pOsVR6cq)1 z;pBWjAt6OvEArcjV?wRNU7JSr%TsZw4=z(>rm#Ck9ddLZGcC|sO&SaBwq}IoMxXKP z95`gXUFf`Vib?yto@hoV1jj_;YVRwudxR6^LWbte|3ysX5p&Yi6Rh$}J)#B1wbh6T-dzB4v5 zn^Cl=0_|*ur3fCuNt=>Z5RpMHSyAQz zXIMk9PLF4kGugUXyuR~V^4Yv9&GMknI*d3G0; zj-!nx++&d8hqXc}BMUP}X{Y?fhS%kS#Lka0X%>^!Vq3d*IH{-X82KZk7rvf@le6lI zCk^e}o389O2NpAnIJatu@pH$Yp&p;Ff1V?1^EEVa9m+Nye~LRM4er4?{Rvyx^1beZ zX9p*t+m8cR!e#Ah&Mxgd|GM|VHPxhQb^%3J7%Lxi!A=qcGHd+M%B#4|9EAhZ_ZOm1 zMpl<=b^}Qt*=@Gsd|w}+w2Pk~F>wt}?ci{PS%k(mY$dOElr`n%n=i@M=0+MjBYB;Z z1|C4#)kn|?d-Bl9H*G6n{CeKAO3#xglxd^v`G*RW6(PP$APzY>qyC%spHSUF z8`5(9@ZM=2_gUI^F4D%vhs4aQKYexmT^X#RXIARzyu*SWQ9>(sjX0rRG+wtpA~RSk zsl(H->hNlJP<^DPJ_I#ZNk4MYSwSk}U5>5T?%_9o z_pD;Z6Vh%&yp|$NsD*n)^KSV4y{~5maUck_Qb@>iNgm`P>-$VaOUq!_`Z1e*!fyW# zM>geZrBS)hvPy}b`7P3lM20yY;+Vc?jp?nevW?H_1Zz;7nJcTmQLazbNxe%i<7%Af zaeQEk^ByTfQehi9uouwIfDWuTmRl>lCxu2!2k$6=^qnxM%4|#l7#c$0{$3p(iqDy=mGVX7(*|n+*2O>=DoH9TD0I zfFA9ho=>R9^oJo(Qr%iR@XdNI(j%GVVZmqC4c^$(Rw5cW*VJPUzZo$?jpfO0-mktn5Fe4-qY3Mm!Bc}m{5qR{xjzB4i$~O(2aXk0uLsbb73L0bbD*AgNTO3 zBD1;mdG&GsZkkq)8UIG#c@B zGGx7a=h_K=w4_vFnh7L2Q~f2cw^MELNlM!kBdjew8>7FYrJ5Tajkr;vDsJ4f;ZAqO z3FRfin7 zH1q6fpdt2pLZ1GDz|qj)s_*HPAw`L{s!yi6i+&zC$#a}kL)IZu>QO@PC>SQ*P24-z z;tyg)X(Eh494@)nviQE(6BNXAl7F8C5Lt!0g(EK*L&azxZhxw*K&%a&v+gY$sN^Da z^`*8ET+(B7v$md$4^3P@-NUAqsanFM#8}iw=3NS2DB2<5&oN9+0ErQnX|r zdhUC?i*xTzYnp6>-kiC_*xt@w+nX;2INZs2+MMqfzY>yvAz+QvDnv{_w{_@O(ZB@T zJ(zYMHA7_p-s2qq4}0$!*3`DO4J&pKQ4mq8ih$CQ-jO2Gkt(4{uK}b=ji`W#fYLi6 z3Q|I73DOb-0qLF45hbnIj_Jf+`$(Z{304|6SV>BFh3 z{zo^>=e^~@;n_S4)^4Dq0cW6B@8$SJneOVDsv#mVxV+vG`bpzh@wVzij{k~4|LxQ1 zoI{LS(Zsym7UwjWWPWL0j}d)?EiZMQLf}e|z5JN^q^=9g`>sV}lgT2V z*3^a7V?Nh71=Q9@U4f3#f<@1F?nGbMdCS$^*X|!nixQY#%X`wD5h^OUnG?ql!L-mK zklT6BXKH!b*)9F}*Y7R6V)(=G>5Ng34VlNy9UUcJe}-LrgeLXQTbJ}w6~(iYo>cti z{_N$CA2ZXlF6SAm%}jpiky)o6D$si3Hy!I`VOY00bl1|*^Vl&eWA)Sif^KDIyh4rm zSFEz3x?gSc7m158^5I(3uzn+Q@MN|4sEC_p_=~<(@7Uq% zpmcd~0!jEwU+L*t-l(~Uw7WFtc9ud7n;7UGsO7kXuOHOB#RhL*V4B<)21_YF-B}@Q z2SgyCKskBu00)XM3%_5lc*8Sm&+`&aoOvUMq1mlJ7#1G**4nEUJmQVVg`^y`#OEaQ zs&{Px{G8)uk_G)fSH*h4knOFQ!t{79Mad+sgG zv<9&bjWMQq#C758bu6aMP+i$HFsX^}w-Lw6;>O$`Kihfc&im@agyCSCSgX}1y}yLy z5C3SoxV;W2^5T@v(9*fqf5}>yfsCOu@v+aJCq?0qt*+v5{1*}F2TPCrhV;IPYD@JM zmzxf4A69#D3InZmtmw{=sgR7qkMqoiEC-HEt(d%%gDPKi*3L|GdhBc(ZP}<&(%qdd zaraF2^`s;1x?Sh+d0VOsa?WmUse_%oYb}Hu$7)R+GIeq{XvDxM0klL1d^>jZpsD6WZz@;w+XN6xr!QRy@*B0w%d*Bo=1XtsQZE=TE0*4EN<&b8K^iAxef!?U_^QD6!X>l<^M^4IM=bi5!DoQaJ?NqeF*z&ke zi(P7uPqIS}pOfFMX{DCxoqd_UGhrM2)p7fArq?xQ_s5sQ{7<>O+7~~|z$SkE@NCD@ zY|lr#8C39gv&Ma=NkxzZ@1yvaG=LKgf0UBW>4T9rGj7bY;t!@=G3@bU9f% zw2IJE^v?|;DCXj2GHFr;qXZ5)>&ZcujD`wA;0*^e?K@Wo4q?=Wo{s?{VSTq%zUkiH zH1~GdG8|;Tgp-z~t>#MhB*>MCeyrd5e6Mew++dhEz zL_acm&L|!xeU(wVCJ@XtVsT}KX?6#+gbR;k&0mu(uIDzvrdBot_c(HgW0^rk<J}fTkx%O}$T@@2Knc%czZpal;ioz7ZF3W^mP{ zD?&aH@p(eLwc6AC!H9)nhZn-4!D2>wwu$U42Hse|Ye9d&THTr>PYlwTxV<-%Y1(mO zspTNyChZ;HsrA)oI}hsii#WEN()GXYghpw%qO`m}KHVs_Nx15ABf8RS)R$o@YhYTe z(F$gqCg%Qd=|ByCU}`QId=q+H9I|x2By{`E$+3)Q4Q(&DKb|C-%)kf?;%oQFXRt_iTpl^@6%=4}dbCz^2M za3;O{O_g$%hd&mm+(T@P+cr9q>Wi;%1TVXVqzBS1dQj?zjhfaymQzoD*P`uR&73ef zC~!;d957_V5!R)b`c6VClOm78ua=X-?h0KRq+s z;h3)5stoe;o5|(EM^lm~#xwa>JDugs< zDsURvMOI_1vQ}lPZD}bj;=g(DE%XBhSJXsN8i)GhrDOhAlg3Ym#c<>gI>?gy81l9N z`0KL%g#xqs+=7bj=hYcU)YW#wI8pnJ`$#pU%SwqP8}U}TiOtZLdqJAdi+1UW((*Q- zI}taldrHF|zQaD>~oEIcS{D$ zu>tPYNLel;J|ou2+Jjtn@mk6=^t;vBnUW=6j^?<@G3&15D#l01rYgmvJbI_QY~Ynu zMD_1tf zA8t_}T1~w(GycJny>Wj@zwp~cul1qtZHy$tk+HR=F!t_jk#TC_wP3d3b#Z7SwljLC zQXhhJvZ%i5FQx7YF?BvWK=OntLQId=J3{@7M?THob5b_URw;2KFU8U=np+2bvJ$h0 zaPx2n9Xn*$9sHGik&IksTt*EL=XdAQs%DIKVkACFLxWQ9AzA}84gFwpxWk6yy@bXm zxVAZSgG{9Mpw6NGGnAF?@CnLl-Sf>F4cp{X8*sk^k7tr2``?#XlWPfP=!|#qsG zg07q$hzT8QjaO39dZ;Ld_j&dxX7$A8Sa0H>t1$Dmp(azkW=OB}<7q{6-vMfh%SZu> zDgT*^P1q;gLbQuN<%%E(=<_3Sqsy5fi`-({i0ohtYj?+S(9P%4Hv>H z_3iAkoR~Jbj`NVcX8_($YrXy!M5ZKaC9;Qf5cJ;DT`V~+J}^5mY%{M0n%T&`8Y0}s z_(?W2Z>$hB``BzqIgGB{dBYdhk|lOn3A$Wj!v~mMHI>M`GtkxbGgrVsIAeO5cepk# zR~p0kaF}#+&_MeUoYIm-?!9ZC=oSIS^rKgTGwUa;WYNd!VaZjB6G)yh?nV$gbC!{f zG8)oiO4_S`Qy)`5e!za$6Vufk-Al%tkMqLMC%IN-QrPA$?8u zS;oyqlZI!e1GBtlJUJKyS`Bkk>MGFBq)OJ(iy;C9%rmV;)`=MvrcwBpS9**yJ(Sx( zP?(QJv~CJWDs~*+ismYscJlI|vg z{`NUrGGe&Sn6FeG-@N9%{OJ;GXs90}&TYihndSgm+87HMt6G_4L1erPisa9bmtT04 z<%BuA5mJYHW_nC>dai@^5n3$Jl~>XI+G>V48PSZl>iIC1@l^9x(kmqyy6OJ0QIYmfJr0>QRmn_C^&wTtu2_h4``!bTf z+iCf_*Iql#7KxhaNQWZtRCdo^3Ai(&K;9I^=p?t_8_>*eyo7U~nqz!DBF(+$!UpXM z;E-_)%f)OL%M>HYGqaV3g`20L&nKVg?sM+ph%-36w6Zz*fn2( z^ia#r(5Ig+rFtti>{%(tXBRH1-;yXwyT^JjSW;8o9uc;4yxl&_fXO?6?+ARxI&*k> z7TS~-XUOd5Z4XUrjsb1daTxIq;b46eGcL-mbzjGk8cU&?G7ENL=eHvbVcWzLl`~Hh zrtGk*jE!dyA28J4?>$k`lYdxvFii)sc`R(1oUt9!%VeDZlMjOQH^m%30ok4E`g*3$ zHDU@T=N+#nCDtFvpCzx86AI@OD8$)_B^8W#Z);J5LL~={V19J8{V&9gm#Qnb#;WZ* zSaJpS=IiN>fW6_Ak>bywWXY`j%T5i97L_F|t|K4yw1b_4KdGvBG+Zj9HrmltR208c z131b+PCnNOd&0b-WV}Zd>=`VRk|EI)gXvAOJP{w{KO&TLFfWR#Yz{9;5&X^{FgvjN zLRk%ttosoBi(OMiDYb=i0Ry?|_ea(1Ftr zI`>)ZQ&07U&V|EoUTNRQMKorU46XIrySK4ol-M_vY=gU&oRGckz7wYpu}k@PQnR^o z$bI|Mmc`R z#_lgM1|%TszMh%u1W^BP@C^n^oWW-!ydWT^B|HtOE!B3=PdnOrAnY@Qn4P_f%ipVtO$8NIPaSSbP=B(QI3=L@J~MFNOP>?jIIu3h%f*x-b#o)gKphHVFQX(4NT}kzR*VyvR(WD2gVDbjkg@8sAD@#n z#NDvS3VL90#GaX$k(Fx4i;AtW3TD#mTzC^0>&7)ilUgSy#=l>vCwHAfp5n79I{uz= zJ8ZiSIRm@%dX|w$J{TUil@8l^d_LpCATjGhyArv~i(_){-jQPKz+J079tKu{8zo+4 zH!)#%$;5rd#NDxb9c-yC(``-#S}KMyBOY~wM@ioc7#+nACWrFyYuID>Sp|k3pCU-= z_Z0Bs_4E}NZiK&Dv5s(K9YR+(hc88*`{kHBx&E_s_4B!*f>np|yelqHimPS1zH1nBbjs#2|f{tY5e$uK>n{zL<#{aMR1Gc@Kr zQM<5@z@ZRQV|=&Q$w88)%sMQ2q<9-$aMjj2(qv+A@+w2hKG80B)8$rut1(HBZ&Sch zxI`%G^atE;SyxP?ybHw*CmBGrkB*MpVNvS3$#{BuG&66mkg^GHUrfhXr^-jg2kYe7 zaED?eiNtI><#;{HN0P}{m)o0LL9cPKl&?im3)T?gW5znaoXAL~_$>ZvkKRS{hT>j2 z+~k9=g=6G4?&GY4ycwdux+YEn);PBVKuF>R@2+(O5 z%eWFlM~}vB`(+$dG4S9p-xt=^Fy<)*@6HDQZYYlmC6@e3It3|s=|3loeq+29E(eae zmIXGpa|O{sB06u2G(|wS4QwCFg`fpYwi84Pm~VqE8=bXolbWPNuISQ#ore}bnyV)Ll6_ zY+Yj?{`MMIrwA zoACE={28M8vkjQErW{n>$ijs*M7um2^TnaFUpx#ycFX$)THkipesPLB^tKi0eqsa4 zrQW!sln1}!wzD(R<$&Gh)2?5-6*7dwyoJ;6Sch!d1d@B`9EJ+_LyAp^S9O6tt! zP`cKkl+y4qWSk6M()I(n?4&An8FcpA#D+_xec}(1Q(Z8+=}&L&0pY zIr#uCZCGqwps-t~YAr4$`R2RJLdz)=on!zO%DErVA4@77hA{AH$9xU;u)5*;=`a0f zfT%T`2|%N{@nhFX!sYVXRom_vQfp)KlTIHzq1Z>;ZNL5L#fRZ7JbkARZngNTf(fha zS&cUuw{X(o{_B@u>++pIaoSA(wbfw?b zaxr9bt{!jPQ#Z#W$*bf*ib33^mjfCq0OD~+BWtc^3zgfW(Cgx23NK0@$^l42A7SWS7_$ecP@T$GvrvYtE)ryDLqwZ~hMHe2CZSNb zJ5^o#*r%DJSIj{mopQI5hMhU?zK|dcui=~?-=s*8;A_e;BaqdVcT0OhqJ0oEhgj8& zZ$_0xohk0c767pL>ih8AC0AFlIK|T7VK4PllaXO_o2K(a)MiHtnJ0#Y-9NO|ex=`A z!%>Fa>J%lw_u)G5;L~UzkGkfiSO)bh2jNZ9QwHIF%u`@taBsd0Z&IejxA6k;4Jkv* z3ZW~~q|kRLy=t%@d{5rouK2ZS=B()E1CfMR8Mam>HkP&d41kU_cc zS!j#8b#@tsZoO(qJ{wmCd55AxF`Te(xyK)ozZUgHo2ah$^zVEiWb9-x2_}P*X|U3djjgL|<_aN) zX$2k9F>0QiU{y6W&*4ROO ztgz;lLg&^7L*rjl7M#6!ifW=JoV2^`{8YViZaJlJq3Ff1S@5c+fh=>g7LVa@BFpUT2@biH2a!6Ub}671~VLz0HY;2J9C^=W4; zY*?82#UhS#N$@Hg*y@@^?q(uLA#X6>b>PIbs&TvV>b>16(LJ6!xSBInzz=_Fo zmYcl*@)Vfm;|*D$&XV%6s%|Wmx3zoY;Cc&5D%VpaMcm^napSt8P^O2k6#c98$?x9P zX={KCk@Rh#0}UnhFm}qd(8nci zR5S$+6`-YoO1Wr6CT+VEWTmoCjF{o@Z)y7f^((NvF29oq$_*}K{cVcE*-u%NyL zQE{0cH{>B^#i2%#$7<&r5JNk~#^QcfT~o$mfYETHVt?U$SbbA*O=eO@ZP_bUg@?Ma z;CXy(@~5W{VGeTt<-GcNp8+nQN5EHp)WI2tAhr%*LWH&dgZuIT z_x&!9u@L!r-$r^b)8@62YeyOkeT|Yz?}?#tcl$0_ZhCM>1YWVYhC{W^v!^M zYY6@!w&}?^0b%&%zBS^+B!bM+qz52L^CA2CN<5w=M;QF)lYQgkzT^_s@Bczk-*J2-rD6j_(JpCKx0 z(6~hXPOTh$M(*M!)wtb|8lRF3pEk15ro?YLVAePLQ=4j(yH`=Q1!7&{I)}%e5i@gR z$w@2J0dKm3i}GimiXRC)Vfv%o8>FQ>A5NDY{$pqS0m=P(cj4tgzTz|=PvTGY1L2^f z)yy-G%?z(y>6N@Md67Du+m~_my5NoN@!@F%0KV3a+coa+ZHelYl_$=9NQ-fo}{NjFo2A1YR;&8to!MH3P zd#a(6&{%yiDNDLmi5=+^i@wSJzt-;WTjtjnP0K)5UP>l6pp5y~Ql@eKqQ{3B&%Z2b zPVL=3Nf$NJrw`gE(h&U6WYgFndR0~v=PdWnRLoSQ$Ww>Ia6EllK3ZthC0Zi*z!&C6 z6L=FH3CPA))O)`A{P`rBnf>pCR+^lD41qbENJglT>Z=8Fz4HO2Hy z{quky8F%BGM%)2zv&9*pAtby*tNe067TT`SpWsz<&L4)^T&7R6Z4QDQ>>e>m`<@T2 zcj($U@&*Rgzipu0p#Aw0PmH5pazs@j4e(FHW5*94y`7;n*Nls;*7_Rs*M|6HJs?0+ zo_OgJW3TMvh!c2FCK zQc&P2{D=6K`GFfR({p&~${Ih`!4U`z2c1|WqY+I9zgQ#msD{1j(@$+}cL4YP8V~m! z-O+m*nlCuA?^$e@)8En3NQm0_FtC<2ZQ}w<{u`6=?}IhH-!YY5xj7V?Lo=*DjpXEk zW}+nOa%fNN>1t_}6g8M&2>jIERiVu>y_!*VhRPwOKu8pbwYD(W*uJM?)qCNi6<^>Z zr9vemqqp`2g=UiaXD@D0G2d(S8`+u*yOi}`<&A_(fg34otA`T@3ENsuV&h*r3z4AXe{H#hn1sgx9dNS&TAD)=cibzkhH^YsnHh)X4q9m-9q zRoNzrcT4)&mN_%3G~ztZ*Hb-8zf@$E=@Rn=;2?rIq_50OK7=kD{xu2z)c}#MeW4`c z!elNE{W20wpXvM0W}Bc&ii_|TX_0eNdD4BIR#O9Z&hU@OxMgQ~^cVd3)FdJ+w`6cB zy7H>xq;@w84o>^G9?TCreeopVB^=4?{^fRE{77YX$;BJ-{*zCH02KO0;BnOaH>M4r z8j8HRZ^zo8jPlEmPa>>jzx}(7|HEAT>5FjTQ>ss0*nhcYhr;jjemV2mMZBpvW5TBB zF6i!}-wbHFf1LMTOKh)eRNVu>ZlM+aW*7ZDQtrP7N<_{iiM9Wn$D%NFgSf8`7O z`7IF50lgBEK=;8f*N;B@SXDt>8sEtC2pUHnd>uQOQj&KY^Vtus;9oZXmjpt8-qfUj z8}HSZ8ClnWApg>iX(n(41LQWz%hz$r9ctW%me~Q|a6?V*p9n7AZ#vqbIL=<);(hto zgI$cK8sc8k()LYSm-X%}1kHGTm?=6|doy_ATJE>pocgN93Wd?vuj|#y1)cuuX8HwH z3F`x})CtXu`Jew;So0`wjB5ejSk`qpA$8pxwwEP<%m;Sp!A(&Ehd0tVrEny0kQI44 zZ^_&~gM~E8{SzZ0{O!k0X0kYc?pxun$Erg&){7Ds>}_6|ay1!iG2L-&`{tIp1|xZv zos#}X^1c_f!=HVWlWPApjp45ZUM6PG`GrU6F$Nu@YBV`Ba01w--iYM{^f=e2_KXWn z8dhEZWU!B#lmIpWR_6zCKjGM>>-7DIy576Ml4c25PyU)HM&lei(~;qhQTZs<$)kk@*Md^$ zT4kB@SreTUA-Z;~R=M%h<-26t%z`{Vny;l(^7Q4`$#Vb9Y-m;V>efOU{ zG$1?d9HVd{naFTd^bX(~Ww$|f!1#$P*f{|fRhHd39-Ck)p9fb{=#l>FJS{iiP?e@GF| z?N2>e`Z-bmWT3$M$p_qwFW1AiYJLANw+o*GG#$Nm6#}xP|9(yU%YHUpzX163&vQcr z+5YZv{``pdcY)}M71_t;^na2a7k&{A)(_v<}FZY+?-yq2l6V(>1 zkc(GvEs-kbU%bsCFh{jIdF2WFc-kJ)%Z z6<$X?9=Jik#Xsg-q(5?sKTTf8QTN76jXmiC=7lCB%8!Pq&$*Nqy0`D(;{7gWT_@(J z9_O6p``3{F{6v2|<;A1Gkw-^WhkvO9#SY&0unOd!06@wfU-X`G#_@(TL}1<_^Bx#kiZaFg>*)GVpOmbBlwc;tjZ<4dL3jt=vn&y)S_&is<*P+~ zGnaOTerQ3)q;@SFw06;7I(G%YiLV8_*S%PY5>j^78ppSCdCv_xbZF}(MhDJwDF`Ca z=wVr`GhrdFD=BSx`Q=ir zEm9lML3G&z3X?U9$06>Z=L@l2DbG&ggc64(B{IA$6F;?nx&tIvoydUuFCB=u14txZ z8|TkeaCrM%R-}ov z`N(>Gb6-LVg3r71jRtpN`yE$)y+n?y7k(F^Rit)aM46jd2}}|=k^z|X^OEJh!(Q|F z&49L~a#nalF({0@CF{NW=@K9RQkId5V;56Tvie5djfKluJ`h4EZ3<~2z_Sy8t{UUs zU22(H=ieK|Y*apu3bLU68eO7X6^txcatz!7I0c7D>Z&Tvy?M8)+i~^A0P3@7vF=9! znqeDi$qeHN!b|5vgYvd-^6fXi->3xgj5nPot`S_zR8s=S5ZL3qJJ;Rrf zZ-_OA#leUiKb+^x4OnRT-3z@rf{?9GN8ZeRWSRx>tZ6Uz2C~nRTh!$bE72lIcu^E$ zX?K;A&{=t`N*=$$793i7ijmwtdr&(fK}>};aLVp*NQ`hcf^TXIZ_?zN@%a?!?PRF* z&DWx55(Q)l=8Qbpwm#cg)`;GiRbQjbA~x?6t1P06uj$hP-oC0Zl5%FbI0!pkOW zb#trg(H4A?mi5E6V;C}IAH!kRg~Y?#9W-y{xQ|t|2eD)CzxIg&r0hB{0CxCPM1}6D z4B@W{e1C1dJnFQ_su$sBoh8DNG~#&?lq`%-8Lt;y3FANYhlAIAqkn49(RgmZ`G^}A zZ)N_~%|4xStrpKvwn?3DSQr`0$=5rUUJ~&$r5ux>RbEx<4@AQ#_vN9%u^q%Q)$VQnQ3~heRPNMNR)HzL2L91Hk^%ZhkthBm@&RhoR%1%*Mga(pTPVa-VhVWWLZkNeX-`(m=onEsIz25orT zr(TSCZk08P93DbpLM2YrMS3`mqKEl#;Fs2Ehe{$T-^E`lT9qiSx-}_fG! z9455E!aURLOO=A+xi+?7 z2jVBWT8|DY`D&+wL8CLnDHY5T2c0d1&+9IU(Ei-UaKy10yJiT`>zvr?<1`T?uecq! zSCdN_%}`+~Lk7K?vgJj`_H~w1#X_NA?}>{X!gHO0hl|BcGE8qoz7EU*f(M!Cx~`@E=q37P0XP6+6TI7$%N}Ay;+x z8ud~AuQ8smRJQ#yT{E0KrRXJ~6imOLleCi^U#j_Ph-Wd=HNM8o_?oN_#N^R8v}efW z$sN{esw^UIvFHTuqzuR3c?!!hO5gOP_iu{s2OR}9AhFYOEWSR4l@*rV=T&Th z5}09P{~kuD@zU0w`)t7H35=Pc__N=k_7;`b9Ro-|prWXh+9_y>13c*fH^gF%8}5U8 zT^S{4`$;1lp);<@Zc!9pU1+C2P;b2u&jD$Yd1~Sm>|?3^sHCucst)tWLa?OVe@K5q zrQn@ch=u7(eZCy}}A=d{V+fJDKgXR=zgGnoibe-@ROmH)#F4v@Cze-5X zzWJdY)Wr%Q%rgy&v-A%yX;r##7V^Q&bbGB|cx8>lqarSk@d5=ilv`6QE@KH_ zeT$$QMMuRwY1iu_=kq}K!^!F}LvtHSjbe!QR+~ehe3VA?=GMEu83*O?^wA9>^Drj+ z_xb&k`~K(1ObPO%hE~X|y@6KXqoTIIJM%Y>{Gz3sVv&1?hC*Cn98*zpzUFSZIqT=Q z*885vAN`#R!2Nd-b<*X2$BCf{l_%byR_!N-MD{OELXBW!zbbST(I>a4+<*PMv>Tqq z)Pl>*Zs^EH-ThIqbWv~uK+7rs5O+U0EP1B<>$V@;oDg`Rm~n-QmUexw1c8}CA}j9B z5I=A}116`I+g|cx?SzkY?8eQ*x7k4F^v!7|^GVP54Ah-I>$kW76>E_pXrqmxypL5Z zDMA}7=X0=jZ|q7j!{grQs>;*=F}a7NtrDsYC^R9pH`f6u0^E7bD(@%p1u=JTvrXMx zEmx9_kkJ`mAu@2du+gmto^W>d?t}f-n$duLD*`gJ3{MS_;Tc6gid6A)PVU$$=Eb=F z5~2P}#PF;M036sXepfV8(L$eCCf6*7xd1KT(;N{3f4JHdDh7O87nm>AoKGk@r3*JZ zy8vmqtQDWV@jk3Dv$WP<u{J0=|;>zTS z=$P17BL!P;;@%_}6qOcLnC=~PYwL;j+2!E%mu&3~A~VfMT024vNyg1a;?rKa1kZB6S;svdEXzm(c3)9l5J(A3k|@JCx1F7~o> zy<>xhVB4oj{Lp1;%f)z{b33zp?u+W-`z7)=%F}nAgal#3JwQc$>`XfM2BkMp4#~#R zWfetcNJ`gi2LZAvEA9JLyM__td&cRdd-JY4rdl4U=%B0{PgwCd0WO@JE;pZF^?#R4 zGQZS!=FyTbVjjCQ)#g|2F^YZMI5TKi55aOvfpjFr{hmtH%POq>O&qlxtMrYYtug&o zXvop8`TIFlFXC7CSrvFBK3#B*sh%JPmDK5$o;nURqr@QAX&kCElN^9fmpvtg=3+-t z$L=(JfBbkscgR_&j|+_~1pJkmIa5_}7-dW3;LgBni9x>x1@q@VsrngFgN$dbc1yS-W4$>4nyG*s;ER#vMCq#!Sr zgXR`1%k=HuM~3U_PqIe^ztF)V-@HbQj}QWS1OyCB1{|0-d<9e0&Uvdzp2epFUtO zv!WoOdpJ6<(td^?72fb8+?vPMFM69LS0ntYL8D&Ew>%JgXG5bI2Ysyb!!90l)4;S+ zTzYoK8f(n@~moI@?T?aZcs{Kdqf6ZxWcj(Kr<32!t5zl6KGax@q zm$j?Z?xcZmvB92f{yy24Umr#QRwo5u3hDqjx3)&rb3ac@S~_K$89ik?`rW$jLuK9Q zgsuuX?=9<= zNkW=P;NuWNru8cw*`3ZhaQ(YwgCghFW*{06LQ(D~PT9}2OaNm?2iZ1d(JqlCdg3GB`HH59HFerF*RyIw#9RVb$=O%-7ag3r_YL zT5ct$j+k_IRH+#l8Snlb^cwh*ZDnpXC1VdNNaw)Kii8wu7~=?7Tg6 z_FFViO!iR*iQs2VP4}3FiP(Jf#@{*sTCTVt4K8=nFh0-uf8|wGsYCp+v?e2U-uM7w z?6$f6X2Ycfr-|*`0frU#RQ!pAn$B~*G{@gU(BcP$DyZ}QiLbuCU&gq1usFw=`0$hJ zJ!us^>%Wtt<;fc?)(LMv^((*FQP{{Oay@3z>DTjY*Ue3&Lxk|w_oUKhWSB2N<7+y} zc7+R*)?r3jhm}KfZRr{dh8K_#hp@HH+f@?-M5+EP%~D*Rudk_}NIz>He?TO;nAN7~ z{=SJUqU+9D5b_DO<-aHb|8|HRHwR$;L-I$C6^VGiX((z}7flztaVL6ZGpxlSind@i z)?~w6*zLJXV9n>FC+e&cCY}?T-_g5(!HFmJ)bir^_$20#z`8ZhYfRQ+N}~=Jm4`lL z$;<%!N5xmoG^qkz{Pg@eEiX%O-&XJ>BgqsXf+5P5K_5}tO*sfe z*^NG>BW|ghT~MI?Wwbt3dJ^Lpk3IRNzUI_-DN*^6s^ZFtdRmxM#Jp~V4~ycl)9nFa zhm`^bgoL&Ax&zjyYw7`iz|$4KUV`hGOLSVWco2QCF&)1cz3+k7&dDC|(_t*QI;T%_ z=y*wnleMZJ*s`5TvHNjF9OknXM_DfD%0Sujd+V{24pKE;>}#YPp(N5cP^R<88T}tV zg?~I-zF$q-R-ry3l4yICi|g1 zga)(wl;Rsqx@;9?vg-qQzO^Q)W>S-cDL*!VRUa5)_$z*4&$jcm9-AR+^m@5`33L*k zsrT@bQe$Z{6`W!KgI~3QXF&e9X0<+Upb}1wpi(O;0p;Tl$a`BlX_+MuMgq$zl<=K3 zd6+jg%N=S}fD zDR^V|#LAI}L>t8<69)}l&GIFAKSX}3$Mq8f#j;F-eov35WPSmf6s|PgIL7wzqjGyx z?FJa%=F|y9Wm7To@rE+yYbzow%)wS42Sm^PYR$eFPDM9ed)pvEW}+XtMZP_->hZCy za!*vgWOn*Pi;rS|c7TLOjY(^pYFGCSh9lsmfLg>dTdw#hs3sJ5MUT%0#gZ9e9>76e z-3d~-A=FMyUV8%YPE>)mk5A{N@^NxOJbLwfOlDO2hl|VBZdvJbI=Sb zRaIZ*q;R&CW~Q9utL+e3dSYo9(VLTxRAUC!!K}VQM)PWYM~CC+@HOi)mjTqtMnS9$ zyQA90R{{kO8qfpisotMCz;Qqa?uONLemgpYI=Lg7%~~Q5+tTxOWNBO^(d0zP zCU$#pYS307bhkH?)vfk#P~)cl3(uG*3MJ+G0Kj?-00_-^SteMS`nesJHlGeVYedH; z0c{A}-DqxFC^knw7eS1TfBy36@|~eUleY!6Jx@<$zN>}e6YboP7fPPr&nY^6ab;I& z?7?drzkt>^wFQrLtJW1BT2!;aX2g7JymrLWZ9#yoQ6jv*$x*lVz6_d5IoK}Q7|CfD zSWgRO}RJO>HE8jUDxHugToo@syIM1F%nJ;PQ^3yo!B);vXOMar; ztohT<-7arR2ozQG1RCh!bD~WP#n&q)InX$DQ5&{OK|)f{sh0p=T^+xVSfJWZV~zDf zU;3PnU=2%5d<_o4i){p$gS^Ru4z)IWS8oX0$jIv&gQ4dw8~E$blqDmi7pe0=GM)!>jX=lKbKKfyV-uBU=<;nVe0AM0iSA$^+lBU`q@1fq%N_R5< zkKRLY$y~?hXD1n+pT^2+YjD3Nj>*@2hLD#C1_mZqAp1{p&BI47wW&P`7vQcAnyEfP z#>#SZ3>Z2=?f7$KRea@t8uhAIR!Iv-c32`m7N;a~r+8#Y7t*N%12W3r1UrAmWm<=* z<^<09`RJsoPO_{)=jHFJd-cxn2-W8wt0a9uK@>>Kp<4)-$p*r+z&?8qP^11V=ZF;Y zMc&SjCiB@pKy@lRe!rgvz zX70?~duGmef81a5kFb-yck-_NuC<=^tY^^|N`xQ#tUvG7b-puZ;=UzY82()MV(x0AQ zx>CyMRCIW~evF{wQC?4NZ2upCodnwNq9O&tp z(<8sTx@0eNhbBk*Be3?hmmPF*B#$JZG$E4Sq+PsWq?MJoCk6SMXDHUsU2~I`S}I$lG-Ac=qv5PXoT|VW3?LQnT(XzCWNQ}9cgs|C0$9Az^wX`1|A~=LtA#?&=JTYRbpx?tr+l1JDLHEK%&E+a=w-pu^)ieHO{hFn?32{zcs3^R=F9q4Vx@2i>_XrZM zQp67ae9_cAD_b{)(py5q9x3Z}RCw~c>gDEpRC=r`xu}e zY)c1HUIh0ezuS#a4G#&YG48HU5>Bx8kHZx3ctgeu$u+4}{~bZ`CXAv%HsKabM?`tS zKp!voU1@01JVAW^AS0jHz*j>nr z7IUTq(A2+_AH~e=(8JQFN^!|`=ZHH)1|l^tyIvO%)Y`i*g8TijIcV&$x1v5#kNeu5 zo8?vEZmorWP(={(WtW)zlYiA{_D3=dbemZb{&2Jjs)tIL7}N#1-f?~cC=UQewC+TG*330Tt|`7PX<%L&65zrk>ry}$akp0c zv>)jx;iS6Q&8ly;&`hUN7_85@k?k(?bvaSOyL=&+Z`^g`$KZT-SxK-vq6iD%=!zgh zrINEsfi2dzUOzcnTHsCS#6talt2*(&_v63*1u**zz=O|<<#k~-uqH_|hS=u{$yvBt zlJ`Ufe-$0q>bUonenG!VP@-$Jqc9*l(oQ(x6R;Hd%%{RteJ`eXWvXFkluhz#8VHsi?T!tfW~LloPxK#Tb- zC+))t08F8~ezLTV`*zp)#6>7LXxEy+ROp{!2R+`!+|#L|_^@{?{bXQ!1i29DWA>1G zc>;**ubaY3YtuEmk~WM%Hc50rZ=KbY*dKip|91)SU%&Yu=5!$#U?@7=PZUoaKgUlt zV#eYh))FM+24UK$mUpwvQ&1u*#o)e&b+Qq(qY&fNjeyDYJnNDsJ>RF%fHC3x4``r-jj(4y7HyPtU zETP%`9(PR}#x+Z*k&lP5VcP2S#{1fFw=}es=$C(Z<3BI>KNg@aJCRe6mF=8=nL+NK z`PsQ!+)g+3GH)xu0a;RoFIjdahYxV9fMy zEaD$7Q%}aw$~L*qpKH%=-+D&SRI79V<@UnBCRo`069SJ;8uY#2&U{BvVtT!G+J~_> zxRJ(US51@g&s;*T82~}dRb#zAUJvUjW4rWcK1)U+e^KD9!%O(UpIIz`RqhX5^V}yD zV2si~F2KKjc@}8tefOV>{cVN*^E3XFz5K^O{$?A0?0Ww(kpCFSKU%~;Im7=L$bSsv zKL+xj807aa@c-F)MzU!&{a4snFL(8RnxG?l4K?n6&`k;4>SZ}{K{A?pqlfkv|3r2w z_ihs4!aUx9w$v#6OQ`st&KW>{Uk>02oMdms{$I<8f1f}7{YTH$l9BtLId$)l{EIrk z-_qp&?gM{0`_13M@qfPDKdjJyR__0_y#IHzlq1zcLy7w=IIFeDF7N#eH-X>DWmUY9 z%8g6>|L2AN-lqTQXw}85RzqQT#c1tB$}w|Qdlk&wtddWI=p&OK@zK!!3EYAFtQ2`h z$I;@I^irbTPhOPE-PAaTd;k47sDE5Xj!ooVdE<&|I!XDUPU~v1`&h#nAMj zt~GLh{g?ryi*m=O2GXF%pX-?YboM62}TGQ)va){;PzEr zLm5si28R(7G5sh|4Vet)l1FB#!Pl^@@g6sgHQ``5anN$8?zI6y-+&sD!lXNLCxv*I z?wyKF(%ZT>ygGIhU&oHlEiHaZ+w9px*U^oy1Jq{~8<012Tx9PrLKgpGW&duWl^@8R ztN->if%j_rNiMn9qs)V`$U6G7mS;|LK4S?z>yw{Ki+dKLoSVOy&l$o1VnwJey1Dif;Us-w$%=}Gwr7u`BenJwQ+TC}5?rU0x zK)JV8&4nIe>`K}G1U4Y24{Vt^P2X@&+(qEs6x$|&rxRmL!*QC=wIbe_$ot0;^wH@b zh4K+`R4A*Gi3mfej@|Hpr^p;N;~kEmE4vien3+Jo-k-789`=%rZjQiskxkCoh@n*j z0kl~4NWD*wkDs4^hjmN&L&A;dg#Y=S_3#62cpcNlO%x|Q-bS#`;ljz=aNh-1{sVra zzy(%A)Dxbo{M`(4I>SBp7x)aKFgo_FJ8iV^T4?o^TT%0|+V<6L4>c?*8QAbV!*<%3 zWX9LgZ7`ZsofXP$h_OGEyN$o;N#ceUevbg)u4GEP%&X=VgD~v^XbRo|*Z& z>+O#%YkZAc0uM-_dOY@p(&achss%4utofeP6TqOfuob+fFO=>UJ;2UAi;4Y2eEE0w z@vq$(K(jj5^e@#YI{`7jN#+MP21XPlKY}Y?+GcIt!f_R^nY)I4qH(qb&kwYs#D((%IyY>yGjy>!p3H^zF`g7rO8&TG0S{|;t3sz>mTn4SbP*D;v-HD~f zM1RewLF{vZsOWDzMUD>i-O0Y!=&j|tfUVwYBQ-i5o!q0&vY{E))E8701?pF!F1p6h z%B;qV>tm;t=Wy6fPMzT)jFHbi7fEq;I1T!iXWK{u6BEWbS9Gi)>#bsEV-QhjbQ>dL zlV0aj;$7$Cx18)_OgIOyWfK9h{#W5TTFVna_DHo#?@h=dM3^$g@$*>Sw5f zzc1;E=N5L(pd=5%oWTZ)EiAqK)oqKtX*k=wDhXfMa5UI|;gMuFKcbl}Sncz<&=Af( zg~Y<8{)SoqTU)NL2PDS?KH&?RJzXs$LHQ;DKG}(n94tv!`AZGU&RxdYEk}+Gb!8QZ zy5CJ<8Bt~CbN{`Z0k#$o`P+WMOBwAka6FpSz-35}uDPvXb~2**O3)`>Yj~h7rRtog z#e!j_!(5^i`rh>m?qx^eQr}Mj>x-@m;w-JNhCkxSL>fe;1MzJa_bG5WP3Zb8Oe1|ZbWeiygWfwo6qv%Q&lz-u}IBON%9IS&<4JfWT1gNFU z`1gFKgd`|HvoR;P?UDN>VP$0#P0dXoJUn&rf4;9@=KGB*pB%6COjcNj^{B+201yA7 zdHBO`Qy-(gcp;f7nMSnp6Nt7%6<3HI0&C|z(lhixZ8b%(BQC0V{0X^gNqse-35!Xm zrAxfFj+mux>tAsX71`h=MrHBVcL(*9*UM6EF-ybm*5t-s+el&Yo*k%Ec_jn>3g{Cz zCZVi1eM-|5xVl<{(^v;O0vl(!yJhGNyQQDIi=%ubB93=_=LyH&9#|*6O3T#dX+^<( z7D;DAB;mNyHCH=4Ie#%$u?H7QdD_{l>I)dx4LbIUXF~hF>w_rQ$9NihG~;V7#nrBs zG?tzBr?I^8_mYNTk?&7hl?EvU3Sjui@bIoLE19D8RR8mBt74t9FJhu<9d9jQU;oS% z{dV|au05(XidoHR=ULg?JbR5Qz|U5nKRwjBDI{#fc{$>&&*4Jl0`R8xDT12Q3lvDN zKO^Bxw0(ck@OVpDL9FF`U9X{tH^5X{uia7^h0bP;MAqlEXBQ05O~(+v=8hhvj_lf(?DW2!`H+{1a(Xc6`NzC4c1oapBvZ{W<<3 z$g0y^GsM0x=Z#9{`%~Kt>NHyds5Jc}u}P2?S79)trjLAQ2b@?9!Skh`Q!O%~pYvE} z=1)k3TowfE$NP}Ven`~^mB_<^H&{}YUM~LfkaZe-s8T+9k>gUf0RLAAA8w1@XQXhv z$f~k{@ys}_`Q20nJaCaY>o}`f|yO1-RUR z_uBL}=CaItVupHB?y+K(rFl)v^pA0ZmC5Goy@IFr9!7J0*)|_s-e@A3C@^^|3Y{D4 zL2tG%MrGq>mlMZ+jM7``W;C*Z#NA6DTC@JCC=w9N{2skHmDxNA)_P$QL{vk-Kayf@ znC}tVT#T+mBnMrnK95)VWuNTDrNxvdve;WXrk|6=#n93*%$~0s;j{Ncj5CjkB3T)3 zhjOhApu4&KJTFUsl(0{U247)b?zFKD@A7|a;$c~(2p$ut z-+TeoB*i=}9UW1lROWHs{W9VXTFCV=?(*GU@*u4CJBmN?s7nOQ&UDa7giqof9Q}^u zebd2`f%rUDJL7{M6HkX-!O;q*kmNyC*Vw7`qasPC<%xUzw39k%-cK%FdIB{`Nn|ap zEgc>2JFdP0Jgh9LHE*aB%U+H5?91EV=mPR48AOKd7Je8~5f=E^>y zc>W}t8;7|#(|o|?-7QwA%R|rZu`$9Z?sinOFXX#*R(F4szMCMH=88_^@2{)6++DpdeX&-x5iy-QX+({f>Fj^M0*zO zr7f#xFLsViyzm!B+}|eo;VWMOV;vPJjtpJLZ{CmaJ!I+F1b;uF+mt!?UamT|PD=~5 zcwcE%&|bB4r1k0Oefh!hBww3;=cM1kX<4a3dk{nGx35nawXb%R>)P){yPgl01856k zm$cK7++TWoGk7+iLHSuyQu@B{A2KB+HtmhCrO`3a?S^94ARx6m589QdX%~gd5sT&S znU{OdiVSI64A&u=7WRgXTNqR>n>}~sA=QtmY;SM%;V#1X`*KX=0U5nX3dF?x0mDSE zs{(sUr#akKVwbY~i%4Nt%A?NX(Y!`-5c_1x*tt>Xg9-+A%W;UM^(A|pdScbrlaINF zX}Ztkx#h7JcI~+botd{Pa=~pidRv>R-E$n&Znnco@@1IZ_Lu0J`Mu1K0jhK)x0szb zgL16mBg0X+T{chr8$Mu^!~pwGZl}$5*Y#Y4Sv-SFrNiDAkAg?kKI6TzP?xt5k&r+z>^bI&Q)2;oKv>JN9 z)zr(L?>>o6-moHT6DS6lO{vVCDUYyJ-yAUqY%_yG8r|Y)qg8Enx<40wM;y#-e%D2y z+skusFRPtO9f_7J1+#8yMJqB6PrD4N^5tcEQ(Qh@3PnUW-%XHoPW+~kI#4u)gM-(oByJF4n5k5AZPpN|(oL|YB z7vNMc?`es&&d5sLre<+Rvz$aE<+Pt7JzorT*~x-9ptWT$WU9v4quiPF&8AxK98RA+ z+M0g<2yVXh=`5C*nLpFSe(jSq%F$jj8cBx=_dYrK#VBsz*;{RhBCB`kWj4=LQBod_ z?=@Kvq`w+pm?eQ%M#4^S-PdH!hx*#2N%^j2+!FWIhGA<~)8?d6T?}PAW53qGYH5Wn zUtodHRyd>BD;iB*e1L|`c z?V6N*HlhwLlkPd?EIKo{z}4OQF~1;PRMm!m*Wk(+JoAN$+1}0rL*`#uXEUjse5Z8g zeg{JAPsrYdpI%Dbc_NGkUAYssS{j!rjvHmQT}v0i2p<%y3sD$u!YTBFnvwB9wt7p@z80npfran$_E(sP0ATZ&9;AUAa0TEMQ?kyyuLPbm+m%$n$@a@i}J*U7y1SXee1h_O{WOwy-mbgMJ^<{JE z#9X;aro6bJ}^hq&R?|vPWKu^Uk$VRPPk&U%3YKP=OjEqP($fA zywKwno`gpaJ;_Y2?pE#3>~Z5}nyR!9x43f~*XIaS&Fyue7fEH4t#vZjFNJ^6X$jFs z$BsL{@yjCro=bZ7arPeO?bTw69BSQw5ohN8XF^sWN5aT1!uQIUbV`L{1Y7K3yI&!8 zMjqXbbn30C2p#){=o0%{$Wl9`vB_e;s#IK8CuHoM4fzQREF{ilrFIkd;!o6LgxFS*QTmM;^V|bc(zQ`P@^ z3q;aM8y$kk3^QPr<9}DFu9A(6*9AOL!$2~R+*}1z^suWr>JOORG=`tE>J5#+@(|-0 zLZNpHYS`BUzIe^tD=0v1^Hg+Gkl7IKFe9!x1Ia^+v-(=psJ-^37(DRdsMTT(&y2v50qRjClAYVywNZFih}3Tj6jtG4n2Dk`L{a;?E^5j;~39*^eF-^5Uy51YM|1*Mk>2_S_;iK#}A& zU$)NE>6w=}tt#3ooF5huZRdroIO&n|2D)hc&XWM`8+#k2sMbRin1)5nJnKvUwmPBG zwn1&Ee(C+UaO-tqs7`Un?o)O5)>I-eHes)H{ZX`U*GDDJ<3{)yqsedP1SvM0v4f_0DnmK;N%huxy%k9Js3lx3kWIobELUgfi zMG1wv&orxJRkduDS)ir3efqbHpH~~R;Ep))=Yg!%HakICEJ}quLz9j{Pn}*#ab7PW zn{XL}s_$%UyYDvhmL@&XURfW6E02hmfd^7E63T>lM-NglE=jTJ{QPY_+HFB-rv=>* zBqQ@IK6-u9WEG(=YOaM+6Sfk7Q+n!`I){5Kd?qa*K^(}1K%I%AiuS&=Nn~7mUzCJw)sBwASf&a zHcE=MqL=1oIYLA9F7Xeb+INRude?!ai2KzAX0NQ$PeNm6uxn>Y2h7FEQEbT<6ULf( zMj(SDCVHZN6*NQ;JC~g(rhz%^Ri47E{-|H2p*D$l?Ql+qzO^|o>fLkuob|fz%e#<_ z@qVxJlfks)*iZ?V(io+k{arDp!o@nmR!ZP7fLdJI**{vGy{;!}9RC(#87DN@xi#AP zGH4I~R{Pn8krKhwcGbqNx@`jxg)JxqW zB4i}Lvpj%dw#P-Q-#C#h12l^3P?&Kxlq2DbUd{raTbM~eBz=iTbxyP7`LfHtnhj99 zY+*Jbi1#v(W+hfPnVfm~T}{c>dlj7m9CL%bg)#E5^{ii9uR3-M^AiQ3w`89pzeOdQQP5FI-Pc`S_>QNg`A>VVfMt!V^gI({uDYVo~!gSZeQt#3# zTHia5#b}}&cZsF#F4DpG8uw2d0F+|C8!6#>?$vY3OClR~Z3o7EI8P1zaxtTVXB0z7 zTuc=#^l&5wqKn6jwZ4R*=T8_iNppqdlO~WKO5dSXr-!W>QjFSQJSadt@?I5h-JH5WubC=c_m-AS7M1T&XQ=WhPq56do*_}_{6@V z=48e6IlLgNPO;jv)|L3M)Ht1K0KR<0OF`DZVEP=m&F@M6*cBrwckQ9@Y(gw=tfI4p z+qinhMYsMAS+fMnbJDQU9@~nNkyoCF`8B(ncBS>4+&~#2#@&zD&3sFOXY8P$<|kz9#Z#($efn%TPM&Ml(OGtem_F7b?bnZ+N)XkM+jpl=;D=`bHUI84oDdDvZ;h z%=y+Pqaz>e#{@~b&6l_nScP~5PBU=HWhM&KV~#^I{ceq2?~{q-0=OrSPRkKUFFk() z2UsU^vbKnz(?Y#b=6qhVIi`itP%_6_FS8{ndwb!Ry86Lb&|PP6EKS+=?EEfPaA@2c zZrVDrWo4(ydhOHo665?;A@D*W9Yg-CW@r4hq`bbmC*?HN5Iu(?v!g@Fc`99lT8C8K z7A9``*0E@^dYoUkCv*2koduik{W-@wnlYuoE)!d}Bu%7AO>bd34&epl$o2)r$9GCI zRpy2f3i9xuoA(lEwy$5b?M-(wAe(H7TfWZAX`gb1G8feI9UNBn#amJsgO4t&K3@zV z%W^vOi;+Ktlv=tUKK8V%wLKlXgR*Rnh_HH>&a6LDWV=s^lX6z7O=n!nua+P|7wUJD zDamT}G->HhP+IF6KBqeK?XS?NDgGDtp_@x@4pD3dTS0GNz3euTl#4jVXNL@H@9+w+xe0+Y|2y~ubvH-9%H?aSAl3$a(Z zz&6e^_d287eYJ`-9b+?Qj1pgStu*4pI&VECM?(*<$kJFSK(zpg1l5$4VwsZ~6d{;< zxgpxtfJ={F3%ZeJz-6ajsk(BL*;^HXMa-m!RS4wPcsHBD_`Nnl%>c>pn>Q$Wb)E)J z^Pb=4lV?qZ(p7>2TQKRPE%4H<&HZOD&4kXJIhp751No73d~%b zm-!>3nhtRvA<#Be`vi?HEyEqR2{`@`li!s7ZEk_zV30PqwFw1HFzYsOqrkwY;aR^x zGT6E4qNGkMh8<2j3#DAun_?2&z>bMu`C$20XPw{@ROd|C{6kFY>h+uH(nlwwUAR*- zqsJ9o!_P!d@@&o`W{!)ck3A*;*qXn3b8m1V_3{;8Yw7n8-%At;7cTb(6*Vzs9c@(6 zO$`?IVwh~5-|z_32hDGv&we{RnQYeN6%XR%;T|Hh2NcV`mGaUM}k zNQRMVQf(C%R(;)}PLmE44O7^wO5LuFlm;7!&3<9s5?x0%_d&V3U(Eha} zz!H9F)@*09kH0JH{irYG9m<^Y#4p*{B`{xX5Jc>E=Wpkh_y&&=RQtBkUfdNYh}N0r zkEL`vU45DJDv89EllSO;4qVV#VQP{PZnh~av7NJt~;TLBLzs{9o&TBJN=^jEB-C+ z@;G3k-`>~W8^;#w2(Qtz(M6I~kNJ)F>dgqdZaAQ`O=R~#zSGQs!|wZs>z%E|DIS(^zXGveD%<%y#i^HRhSU9-SNuII9Zol)| zC*(XN@L%{Pk-Favn1@ji{TXUna}_=9QnXSym*MU2;<2lDrOdwDnf4~@873Z^C6y(u zsxUldn&K^~-@UAkWZk~{i7tML>Sd{?=w%2@<#1LRDM^?xZp7Vv=tc`A6}~iA#po{z zjx>RA@G*nl+iry&DKP1$t2EmDpQ)**KZAwavk-^4en9#`#e?GtOb-IZ`{DPb**p_rzcQ%X~lF%_&ALZn`qVifn7 zc2)i)(F}I0!8Gu}Lyn);OXM8{x514oqUpp=kl^z0RpmrmX-o~Fi^Y6#0UPuybu=cg zOVCk`J-iF7vO^vIFx!ME4`mQa^=ibnORIqnPqaZ&IL{52L)=u-R^>U(sx7W7 z%P&)y9>*2xmP~8o1zMpwjO4tN-A3>8hwH*d7NEI$w5RLD;hHwlto18K$=p;T-yb1` z%iX;gZ)10U^xqPTQabDPATl2U9u81$F<`Fk@7j;1VB|a7uv0T z+iYA9*=6bgTUlCv4Q%Q5kVRtCn?9Q8eOs9xr5K%v{6HUadZ1tft}(X`;f=7WZ%ShG z&2O+5YkEH+gL77H{_=2Ba8|GRV^A}_8aFPF(eT+*gGF6ww*WKp53%wN>r>IVu4a|TV|Z^7(NYo+sx8}_JY@n;5&|`dXN|-m=P@+k8 zr@qwYB%$N$*dKg85nOOf=JV zEIs#<&a)9dj*M6gYlb8>&w7cC;K;5n_Q=KN(P9wNra$&aC3915LM|M6;8S#9_?@73 zBnpBbO*!&Svnx%Xf9oiQ=hel!UVm)ps7~N<554Q#F|_}-FKlPCqxOVm{-Cd=?&R2K zTlAYmWllU76B`71 z4f7$@*-U&r8w|}D8j4l=LbF5iKK~MOLI8W1C-5^7O`r>eT&U~e&%1! z%w83*gI~FWXYzqNtn*q?11fl494o3_KsB-@<{^Zu#K!Bi5}wqO>A}GO&Xn%qfec9L ztl*Gg@A~?G?kZ}`>0Ti}doHj(vSEYM`H;0}7RHPoJ29>OkN1<;(~01w=>4T1NXTmSUq)<={AG z7{e#t)G&1S=k|yE2lf+-uRKk*B}Qx9Jdy56M*xHsAb;CoAGSv^yxvF69rxi3c;)5^ zY0X#M_f*t2m)otE$zE4e41a2g&*l(T_{>fJ7C@?AlVc`U_`#-C?h_l`SEdgsS=xu` z2q#f#agWb@q$JaiwLqo4VG?*3wzT{f19N&4L!n^<}Ga60=@mz+c9td7+fl&rGk zb`Is4N`Ln8A%KOjOA*0Ka25T`g0W`4Beu;M({x4fGm7`L3x@#JtgN%EQEjy)EA9-=|w^u@?NAB-@S9TA5z@;gC&-A*|A?Vo3?s(TDR6y zLu=slLMJXNH3)itVj$J-kDKa-9*SiD3T<_h_b@%o+1ak;DAOWy{g zgOzyQx^yBsFXZEXgt?(hdcPSCy?a`HYBJX?sv2uwcoQ!oMrs_USAs>528r{^$m`>VanA*VL%>n&Sf);jc+7NN7eC*_uKNnkeEVeplv_EWfgC(N z%aaNAGX$R6F$%w}d2f?|;%{pd0H~4=qfRLs)t+Bm|Bm`d2*q831A`1MYX$7Q(z!g~ z&Q^b1rQ07HjUfIeg1#_FQhm^ApwM)KoFh;%~{BD&xxTBZ$pKx0gcZRJ6GO59|#Uqiz#dW743}-#(nmZky zeGX&#W+EGlEy>GPWE(g8aim`#Ol_m^$E>);6o2qx$;{Fab%DqQ?_ix#MRbT|19|L4 z0fwfaO@}77o`sxy-iUQN=J|oovXKI#5*-Tl7f0}?N@*+({NVU=?RpM6872Wlcq{;HF}jDc z)4eAPT`-kiU)^{g!Rw48@0_+;_=yotddIoYQ@Wnn_5QTV&VRJ#=|XZTVU#d3qps%b zt5uQ#P1%EenZq!2#LQSc+?^;NOCplEj%SCBJYEHBX%rjj^{|qB=fx@L2dvW!;s(1U zw4|#xVY(%ebrn-k$c5FzMCrmjar9IXFHps=d^s;y(9O1E(UOlnAK{TCp4n(I>d0;w zS%%@WrZRWBwfj(grVbsf@rjbq%qE&oCMhSE7uw+3pi*Oh-o~^#-ICR%?ey-*Fm~evA>P*(5=~Tl>qjK+eVK*y zz5B<>oe82%lDVjLC6FB!uK1wfx0h?D273mG$&6$xq_nKdJyI+aurn;XQ`1yS0vz9U z(wmLD3IV~sOQmb5XE4EMcUDyOU*WQTA47$}K-)@sQd|Y?y%5>$DnZskY&XvE?uFB*Xr`2Mo)g z>{n%rdZhurBp0mNVXXaW4WlE;`!J^e)i(xT()DUxu))@L+$E#=#s`Vy0$3CIugGG9 zGgp=GlL?qXT+hC-Um@xB;KYn1xy3*V^7BTi()uJ@o8`%X)4BAvE&V1I@zJ^M;Y78q z<6Jw;I?sb>`=XQ^F}DTXl4_o@$H?U)WAxF@K;6c$c%cg0{qn!$dWe|a!Ow^G+_?RaARFlV0r@FR|`M7^b8r)n6s&<|OFUlJ7Os>37Tt|?|L z6}DzKbl_2rQ3R^ow%-i*tGtnq`yP6U8)n~r*I?-iNe}H2reEK^Mua~4wi@yCr z>;#!&IweJzJaqC>9^av^0;1R#%U~86o<&~G((qetpTWZjQflX~^kg6W5W_Uui`>M#bAGfS1;32DeLwGn9{oNJH zOUF9PUUtLnrA>lYYfn~Yww9~eyaDyl)tk@*vyZoizW6&2bOn)>-EO;o;Vx~-IyFYv zh7nfO9||Uvsb`VatJ*O-KhtjSr$AWL`ybFJFTYr^ut~+0I5W!fs#r*n`;VTaIv>ZZ z&A1zR8Zd;hjR(GeCFs`oWi@#Bd#s0W5ih>FcA5kNdFdHFJenK(gl~s-Q0#nTtaV&My0wrjQ<# zm@hryXY5q+rum>0Uq;g+>eK=|6YSc$Mro4rE?D=5&*!g8;+~(Ej|Nu&AoQ^8bd>qa zFv*yu${-`i<3hLWUI|Wv?OJNnu44RquHWFyH@Oq~oF9rFQLy@}=-Z+qfmDkwgfLWc ziqp4^ z^Ig3{D&uj9-F&E5+6;RF`JuiOy==b$@G%S{S3S|a_6-7j2i@;ASoO=^rVcTW=P?aT zL?#a%NO_(-ws$Y$gP!?HNv#`nn>$wV{;e<3o989j&U1eB0%flhBB%8SK5s)utB8#SN_ZbKY8xzc01!F6VP+P>$n z7u_9Q?`4ZLCXc`{Jf#qom2{CxjvA=rZ%aKt7iF8&!R!N+EvBx}ILXVa&+HtAPBr_9 zeHf4qA=y@dP1%U#4J1g#+zBH&vEhYXEs6ynEZXb1p$-XjFD#oeSkWlJT~^iJ5(d4@ zFhxo3hZx`mf0D+WH9T6Rs&l9rusWD`r$in6MGIG|?wN}ek0|(#Vc_l(lZ7U}@idUI z)Jd^lT%~iAiwtxRO@LdB;Wv3$_J)nxb3X_|$AoRtDigD413~=bcxM>Sg>~IJQgfdW z1S4F)Ke}URut%cxZJq(MluP^t@T|e#>F>MdF%VZ|AIu+$A74E&JU zhGcO=fX2z}H(Sza_={|Qp)~v5AGyf7JiiR>PoBnvBYx&rxAaYh!e2aITMY)W|L`&( zl9T}CUQITgkw}`w_LQeVD?PfoEXihq@wz;xCo8sk`HfGjP4uYi+^h7pNf8`d!^g17 zHmN&Tb-r^!xJ!o#j@;_rCR?WJV}n_x-=THH?ta~JozR`E)jSkL1U+V~UAs2hPd07swbC1SV_Yv zUTTb>irP6TP?O8rQ0Ix7(8Sn|I{-;TD`MFC>Rz(}jIIQ22F zme+rf5}f$okt@ccZCYv-aLv4pof+an=)!wfq$2fyHGoB3*j;FmC)FzwEy5GX>l5hat59 z_WaeQ%;q?P19>IkmWpVR{yZgx9;X8H*g>GiK87kn)^>1FtzjoTN#4UlvL1Tj*M$)Q ztmr@`|>ED{y;>(63ye|lqZd;*N(f-KOxtb6gl&qjw)Hwhs$N{wCC54<7Q>0#dtw@lD>qPAf zPl!}y#ON&jU^>6*jAx{oa11UI5gTPUzOUXIg$MC9?ik8tIBg|iz-#f!llnDtey6+6 zCXM6G+#kKZBUXxpk|o`6)d1{F`Fv@tSAAGiK7D>6}wJ z%z)IGo4y`#>NXqXV~o4+X>NCysthEv_ei4~VrVF+Zm2J;Z78kBd+OT#X4H|_Weq&a zdOC@v64X0GX{39#osY3vrudrj-N-@+IE#NO5KLolv%W#GPdhl5wg$Uqn^-P%BzgTP zj%vCx#i)|zhAY#Bn1a5f|MH5&-(K+@bX`LVVW>2(%X1zP2s4n>O$wmHtXL?VfgUD6 zzW#6y;~nmIb^`7DaZ97sKSP`mQI|3#Zaw_qs@*zFqdt}KC~#;#KHtGN>cyu+0Hqx{ z>!Z}yus0OwT}O)usOK9ksCrLUBsMY7_k=MMO)C5{d>C9T_FT2TTCAJIZ20)DkET5V z;95izsMGnyk13L238&9;Ewe7@G)E^>>9XT>J0+Y!!8^n@etcXxhN1mN=aC76^{Q8t zg_sBAK)PC9%TtfJcqi^?cHUJS{Rty}iTQV%`B7zkd(-yZ!RWTraX3wH=Ko^v&Euio z`-fpfDG3#ltx`%1BKulGMI`$&DA}@%eP>KgscdbwY#~ebeK$k0j(r=9nX!bdV;_t$ z&sUvuUB7eP=Q_Fnd0x+R-{&8%G4owM@Av1uZy$*jT;D@K1ken16w-9bM~3D0cc7%E zBoI=i;M9yOm@&RMu1#JoWbHnx|ETHX>6m0gCxKJgLq0d3z<60c8A(67rBZKN`;0ik zniO>ntYmDonF;t*Q@WLe<)fVG6L#jmad|F0uRBsrn0Kl- zK9xJ-P({Bj^Z0gRv{Z}LP6R!MB|Mg~+TOmwxP3xPXi-kK#xX5=qua{BqggaEy2kwD ztsBR+n72$H_ciE)G?{4W3@i$0vW9``-(or6!Zu?3VE;gHutZXJgFUZZH-rA*##b5a zR`1M^wUlj-r9;BdM{D8<&!onx=UWZO1J?M3Zt0S`@@rFJ_Xf23p87mAloX)t4iFgI z3DRVEUfcpNo)nGERiZK;q(4UWk~$~o6JXPO43x%=P!_e)ah2kavmZvkV&9X{;@q2! z8t$Vy3NDOu5m(nQdK7!4JjX1y$67WH=i0j2F)c?Pvcm5Q47l8A$0PS6M>lp=jyNVn z<#vsrazXwPCrD3}x|ZOlx3PYYtk&;WMRbH7*Cnqsb{8O$wxXbJDvtvM2XYd~sHpIF zy3*<^6L^lnPAbB;_%b3CzkF{SGw@l)YQxHG#%8+u-3PI*wyEP(6pQfR$XrbeJw31& zHwM^=re@yGd9o6al4zarMOU#RqRJI7yfGv(`jEEDEtk{RKre2SvoJ2>oiY zVr_4VY^+3?B**TIxOFVWsmL!e=c##Z@x_LzA&-AMAtP+eeRNOlB1$109hNF2zfxco zes+^{+N2{5(;ncyC@ZJ-=YoEI8~I zOPxiS^I&Vr%^;r~gDwc2N4qkcf=8$yP-F9Tvy~a8jjh#KkIA?p8m9+}3_B~i(6(Wm ztbS?9Jxf&-G;mH)KM#8wO0t8WX9B&`Pj8lC&nxu1``yzPO}-r@0!qCR5RiyY2<0js zf75f=(ChwDfo=+MeSy~4;&XYKmlMS9JLu3FL*c0m>jBwOc@8?tm% zevas%@eU)s-;4*HpFUMQMoC0FHx^A9IVUL~mxZl&bR=Y^CcQ~{4Tx;#kpn&Vvx&hhULnoF#gK%)Sy|BIE+6+{+37V-O96qdcnej%RZrds9 zmMWq-jt0=(5TF%IN-dn)AK;%YENw@EN@(2kC3w>5hDS#+)~ zg1>nK67p107M56&`_*H}JvH!awt~k8z~4%`BkWOm&NQN5BQ?*<;WfdK@#CT|WaP=H z?~Jq4v7zsjUGh8kb(}^@kB^KT4l>frdzV9U`IJxUl@6vctbo%#h^}H%{D`2t7=Cje z?;F6qkhC#Z95OK>Ss&22{nGa>b2Bx?h;gan7pV`Aa8D`tNM?18Df>S4PVqhQ91{Vx z>5lh?eZ02mFK3HTJMa_;DpE!-`ljbS25i4T|8DsZj|$MmT*7lRCcZ)3cYu9+w- zD7#%^rF=Id7)~GQx2taHB?lZ<`fj!5x!76BGi@%84RJsYT2i*;iRN6fyU%=2-(nHA zj->#9ci!1?>gIquDF8AM>X)pjSnUy)1#6gPLGI349$zx5e_jW`sXUsr0kqv_=MElU z*<<$>w^-e3@yI>0TPSMXfFv|u_Q+Xg7%)m0U&&K|U*6>NqO890?G??KkqWzKgLSyo z8-Xjgp-yitm}kJcJC&T=1lJk)2yy8k{uL@GOwHqn8-87v(57Zx^FJi8KM9Q|qj7V{ z5kln&OqE&CP|kbXxNW13OjhH>51ehsyfm#Ba-X~gOONJ7CXXz^ou9lU)F5_I-B`A* zyqqMKYtmZis|s>&OvT5^tFw{I@D3DHczRgq35w%c*kzSTSwkIh9XQbOEW1bQ8(3{f zEuRpG^?6GIwGV!y%ZsmK_7hG=vqT&+tLuzYQ@e>ex9LdWluK?UFJ`{4iLchV0cxDvv3%(rVs`boXNfe%{Gl^bs9Ar(Tkw>F`U-Y%+OCzWL-nq1yS3u%6L zPbN#Uer2E9xj?HscMIstzY$1LC%*$~q+4~Zeqd6U-)K0Bj~E=QxdGXc-5fK57({23 z*)N~X)EA1)XQN6L`m{tKwC(LTOB}jkzV=}X`+9NHRQme6fjm;uk)}y*9GOU0xe63cKccjaeGkO=8kF3U z2JLS)cl}01Wxr*}J|~JwGYooZ((2~Lg`}8!Mboz(WH-A0I6|Ddi0(`A!owsRM$@dg zV@X`HbC%{MKH$Nm$7oVcTFkWtq+6(`-D%Ea zYSDb$c&Uq<2~Qe}4jDn#-9i++2A^)DKxUs3YFNIK3cF^8wBF?0x_tF&s<=hN$LO$^ z$Bnl>pSWbN6tsbQ)O?0c$K%qw#Kg<*AhDXdf^rzXNo( z&R47^-k*GNXQ6V|aU4kEJz}#L0Rd!YS;bIk0vAFANx{FZO87$^?XrdJZ~+~63EuAC zMM<}|Zx=oUTOcipFW~YO6h5;xR5ul3L@IAR-*iS3BX`85++;v01!|m9^N0++I)%5owa{Dd`O~>BoQvV=Q%Ph{+>pA|VzBUbn`nq=&Bf+xOhe|m?82mQS>)nN9j1)u?ViH3Ki z#;+r)NGq5j?VOXsu^eN#q^x>A{S=`mvt7AND z95pX%x4NjDvAZ_q@d!8N;OQFn@^m0wKlLTDd(#1Sbn-%i?EYEpz8e{N@-CC@W-sYu zt6j}5c30RhWQJ0`$q{5<@|v2c9Df4J9`3?!-`)+2bWEpNs@cS9Nck0gx%ZYiWcm)| zsn?(Y_)029IDI70v&WhVdmHu6#Otf$I~1)XC3N~eRJ=gF==q4}Myo3;I8wyy(AEQH z^75CA>uT24*53>s!Gam`jhXYlP`%&p6AYmdpQ#%1ZUW+Y9>@pZHyfxzJeOonca}Xd z3`I7DdlY-$I`=t{yf#Di(7`Krwe?N%w|9CUMHe}S9VZOf^h|PwJ>TWaAZ0FJS&k}a zR~MYOwz;`OwqBKs4#=%EEBZ;AdjvVg@(SlUTE6ec)``QhPi&Wtb25~5yrLc<;s`$A z0DIJJX$2Y1qbA;8qwjPh{PGgH`va?@&7?rN;ATcmn4Cp+6UlgSFg^TJJl-?O`Cm5UoxaLTzR&!vY*dKIw>))INj3P%7?j#a$UNco zE{|sop;dmkkZ^x1z6tT{$)Y*|Fy?ts5M>cJBP$E?_w##GL4J;gotPH-LD*a~q$c{h zSC6#*l*sJ@AmnpnM9Y)R>gC&<;R2k#xi~t=;%SZVA3y?qpI_E^L&Hkeo?TwOB?8!| zJ*;{{VQ#btuc;5%d9P~K<`a2BTZi`Du#n6w9Jl#6;Z*B<_r^IJ7@fXjO9a+SV%*A}_6T$g$TRwj9$Q@#`)-+5vr;bznd77P zFw8Uzv{I+1+1O^ex7GiAQZieKyo3C5{i*XVGQ-Cac39jbnRJ?&rFEz$P2@o^Q|U(; zy7X!-f7Lwfi{lcO^|Zja0$P2$;bnpDhp4><)3Q#jOP8?1pJ-^jv5YT(iq$@!n`{)h zT2O6>Zxo?21?YSwV%GKMIJOaX3XaxEaNgc%C*g{(i)n*2c7r~F~>j08sQ`>MA zgQ$E{@u`_|_+Yv1%JvL2HvD{j)%t3JxNS`|(~#w%LW?g#3cFvcuh|f-*dzs(3*gCj zBG|*;wk|6H^;M^lLvJz-C<@pUOAQH&AFiZq=t;QWLV=AdSvqVqJ6kd_7F3tAWOWrI>YSg;<=zx^w*)-)<)`+gxW>C57 zcfSbr@8UPjqH$o(Dz0ot$7tZBb6vc(>78T&4jG*`RTecMPFaZ^666NwyyJN?)&}*l z$%-zhubpOs*&nqBBkl(5Y^sjik%2~_C&CzSHi>kdrZBEcxjtNu4s-(_&UZue9vg01 zX{cdT9vHe~=u+;KA%tY%mr})Vu~!X^9P{9oozO-144=m@jqGGd6YaM}Ppv+4wcH&VX!YQktx+FI1WcfJZmKa-V>AmRgClcT)TS5FS8%{Xo*0M7 za0nE0r+;8*nGmRi0*T*kcBysL&;#9hs}|f?(VZWehs;)KzA6>?1U*g17;_B~61D>FcV6&nGq@^!o+ z4b)1!7d}^iwsaS!>L}-1GKK(splRop{hpLG=l$>o%x`1+^3*B%>u$C0LC7JXn;)xL zvjJ2h2r=ZDMnzI^p&@iGZ5OK_yyjZL3iUAx!?s0{4HAV5r3x}hwHmq_HWY98r+jvc zj#~kJWyduWBuxd)s>eZ3Zrt9ZP>kCe3bM1zI!qN%KvdjnGOx8dSDMs@d~;q?+kxK$ zZaLwk#M#_gj4C9KM-_&iO-_EnGkgyt>sw;)IIq7h=rv@<-E{;Wh>?sFFH{%Zd@g@v zGhB3g7t=diH4%8$R(7^ScMnP;_c^gg`yjzpb|u@e@_Ea0Y-Mu;G(h{vzIZwWBAMC1 zht{lFP5D4Zn8jRrCl)AZcr*+97+vCR1{To>_{_$IfJ(o=wutj{(&Fk-Y_7CO>FUw2 zTTUar=x@qhH4`{{nQWy!reAD9n<}bJSFP`l=*Rv{)=_KSf^lyTFzwjJ4X#S|e32Lm3csy?{ zouA>LS?iG9>ZV{AFh*;jDub+;?W&rEdJZyeRjP8|Ws^k%K}~Ym5^5&a^s?bhS~M_v zL|(>AXOp8R{N&&bb*R9hEYkWXC;y&PVuLp*U@(E#SWGEQpw9PSN9jGH7EtP*yR=rD zEMs9sv)cRo&~_MWVpNyB0PG=tpkc{ zrhKJG(`e8}ACW)~veBnGLp!I(Cj2mE)x+YMC%l3Zx9&;LXB4*=JZxNjv1HNsOwHvE z`wXderFKK?(9jStY^H#fg@QG%6*$J#`$3G^IpzBdijWo%Xph*O|K+(GgVuPLK+Ss6sai3VpxD7AN*PAlB&qrrfivLu9dQ` z>(m0SnaD@U+y-|fUbK9(H&|SY&VR;4Qu^@xGOyR8<|C{WUdeM=*Js0uhsJK8qixS# z*_utZFn#@&=DUH_*w7=Gj`rpEt&im{$B6nrSySvM#tyMnwq|B&9~-F+%&$P9Oq)YaKIF99pBG1c^_--4Mmsvc2@g2o_u zhkH7%fCjZ-&)X0tqJ>>5M|Q$2EmxOAA8c=i^RHG~5oK~3C{dojJ+ChjaWNdGt&hS6AOdbTH6KRE8S zQh+Hubny77rG;wi;f@lA85vTt0r3l}Ng+3u9RB2Wzr$j`flw5Ew^@#8It^t<=S1mC z#GY4|FIw+ZzD7Dd7YsDAkZsy^2}<_WrT_tC z2F8H@YDv-au%MZ zsytmF5Xkz(Xe#PNtX=Gy3bS=a!^8UYz7;Afx3kIyfze`mU&dBvgN;8m&HlXV;E*eJRHo~n%LuvYUbZP;$(Uhv$sA4CzR!;=LeAO%keY| z_{z$Gk=b=sZinAa*=46r`Y%BxqSDp@mMtqOnZ2fkRw!9)2p5_yv2gK!L&UKf1962t z5O7Wdd5=`!`9nSWUj+W;t}iw`(EP94#^-9?m~Hi&pZ;679_Z6+I$%teYjV5zPaFGJ zQwjI05dbC5*ir;c=`}o@_N&8!|Kq7Hz-e;kg71faKd6@_*2VC6mK)klxpXPV`uKPiO`gz^An*c^kt`yTBhzb6+w?)7S+~!d?KA-px znE(D?mq5 z96mX$Q(&W8FgTbCO&BZ-*CTlncV$AO1xi1}rroOZbbPh@hX`wExZcm

o@jt`&U$0jTtdpdprQoo>Kg@Jc*kP@V zz}$1TwlW~zdq7Z{3<1z3gWAFmdIPQcbAZ5G@0ZaZ9P~~A^kz04kAGwQ7f3J{p{AzL zcwXf2CtCQsCBmFpVnjQ)TmLH@XM*Z-Jk3O(m*(CL1P%nJfBCtQ;oSv zf7k@X?_b^WKUViU5m9MsAO zr6)=%9%f*Dw;KgC_X$e$?$|TdM1|B%ROiWGJ|c+cBTZesl-^wc-3J8i13)Hmrw{+H zF#nft>c#-sz!7he_UW%t@jt}KA4~YicaEaq&cg#QiS~FnK<)p4aey8CXE**JvR_iy zKScFs$@Jf;>mQ=}hp7HSjQ^R#{?Qx%MM3^AwDXVp`!nVI4c`7=Au8bvsmBLeQQhgI zH4yaF>?DIp9K6ui`0fz~buB*oC<+)Gzp$N0mDk?t`p7Av+YrOO3E0CJ_kz2Jw2f#k z{a~GU7Yi)W;Z0E*#&EZ{Wj3OJXDnHz*CqIJ-_FOaOU$xII3&bUY<{4C!B16q)qkF~ zn8(FyB>6tVMdk{;77SEln*6&*{ejzeyyvzcy_pU#C}3PP7tTp_-V1sSoO|>|>w(Iz zE#A88r(ZZiOLryc8FIiEgz2d#Mo-UV1^~fQB8ird`@buWKS@axZZ!sTj_dZ zk^7&CRV5pO%!8cbb2sQO~<`c`pV@!r;wP+Av$bd)1W{!nr6Owx+l z?024U`=wqygk)0Xg5vC0NrnwtBG$fxXA_L&MX$@S`yhK~GLj@$YNp@g<*P2$S|Bsx zCMU%TR=-d7iOvW?tUPz)y*tL=oOtgIiWl|#WVpV#It34F{0#AQ2|UJ2;S_ixD&-(- zq@G(>lp207TEG-1@U^N^t#=rO;9nd?WJu+5NV;O*M!C!T;3SaB>8)G!CFYx>>$}Q! zABe6Ug`Oq!6g4*WuhuP^9c%=xguii4l}WsrlKHq;Q<#H2WE z)p~Gqe3x6xSkVPZ{8O3?y=t-f0x;5eJ==P(rBDgPKiJoqRDKo}_W3l$|6~QyhQ|X+w3#z!?Z>aOr%R8!2(oq9dzvFDuKv-kS3XGk!--rgzbo zJ8PN~tGv|5-+s5)ntQ;6peW#JZsuCU6(dLd?jy`8X#iT&sZ@t-Ul-*&d_fX|+N-tg ziO&ey3{Maha*&+<<~BJ=pa)6KzgVxyi5v52qKg2>?Kz>RHf$ydm2~<*X<&1$MD)rf%B<-$~bT#6saDG6A5Ia{-x@u^mG zF@Mhkf6qA4>(kl{3Bn4tXPsv<} z?}&7s>kS46@q>(zC{h9*ziD2usdwoGc-s!&ZNx zMyhtJ31Jh?AakE)23%|B>eIL~bDh=Sbb#K8i(;#RPOq$FPG4xN=9yhq6IJ$!d&Lw8 zI@UzJF2`L{-4fv;k>a!7lP|mOA`o+zd)rbY>|!?_Gw%{AgW*X5dz(;o20bFiHLGoH zug~nAscGqIMar?3&=SN|+(rZ@Az-Bp!ERV*?H(#$IPE^$Ytd!z=4}!^ULE0hkBrad zz9%6IPfhIKB#dT>eMLx4TK7H+(a?1L!ly>if%%eckqQ|II2k?MzZpcAJ=Q`u1$em#57zgn@PLvH-_*XtQo2N`5VOc6Uw^HJij$BVIcl#ehl;Xx93; zA@q<#G>Z8^+#7q*X>-?7w_qq+wH7&_1x$LDnbGf)(W_Z67(=wU1q}G$Wb}6ps>Vk> zKMkmIG~KeZ=bBO?>2mL6FJ>l~hyv#y^7slkQm zD0W*I_AX&6h*)6Uu8=8?LqnHw($J7`q%144y5>@SGL5zm;T88i1^0>KxOXXyi2Q}o z_&wAi+&#}l{{kt}Z&$ys9J0f`wz34Dm#}6zgm9lj_Red-Gp~uQ@@rEIz!B0`wcj?5 zWbY-d7fmJ_S^*3iwT0C#H5n2leV-_u1!tQkgtt}o%iS-%S@C&pMAGP4dml18ij{0X zz`u5;}W0o0zUPh$skV5@w31eZ@WRW?uz*eT`bYv(G8KTKY88s;f4 z3026Zov!xMvZD(uTwW`3XxgGNqzhzn^Xjl5eEr6hM%x==UMnrf^K>iA9IldOG~v7S zMRd+^7Ri7!p<#2h4@WEyB@a@X6^->@mzkg2A2%0UF)(-hLqx@@bt3db_)c_rMjCFXV;$=d zT`CZ;3up~U((2PF+eMWNAD8+V{Dl%cG0;23ds7axQYeIs|9nri5sSZ}TU`7i#KKB! z4=ZYlE*c$(82zA;S>-6dR;6&8F3;O~rxujt7)z#8OH2}sN2FL9h3?K~>6ezsdl61C zWLSgAd2S<~PzliXCL~QCvdays&tcC}>?3zKzz5iOrrrVS+q9I+AY+StYbA^V7p zl553N?q_L8GkJa{B@b2;F1Q4DE#UC>0@RooRE1hWA( zVv)-_7H*>LwzxYo*_jvK+B@wM!8H^oSUV-u*O}$sqLS6NQ9S@Btp%YZqL1Rs1reX5 zxDKsNbG*Y=e4B`}Re;Xp((Q@|S;<`u?0rzdr$@=8A~oZ|+3Txsvo5tN7_W(T3|DXB z?eNqrksQb|Wskuf@XWdCO;5d&!yE1%v5|uv zGL=%qy{p{|bk&Y_)DFsHdL%p@1McmnCAcR~%Eu<5sZCdSNZ%7P(r(>QW2t+5Vxeg( zO;@7G{fS#Oai}l%sG!2mP)XjCS;5|rEWOF;$DnR7_WW30X9gM{8F6cQ?7q*^myBvk z_{I4>!W?)&WMI$l{Je@(Ri%Gpis)H>`O9`;!n}TYN_2tN9mXOh$xps>FOePla>}Z+ zMM$QDAI9&f3aYDiB%+H_4YvM+l?Ru{i`wl6WBd!sHWZ;RQ$le``=T8q?G(8*GVlrft(9gXd;6392 zn*ZA3neF zZ{d>eyhB`eo?{ZYv@<$GDD*tVawv&mAwnR91!v=|;tIVYg)K6U7jM`360SwYs`Z$fXe4M`~+7P9i zyCr8Bx!s~f31QkQE1Fx~UhWUUoNRU|C@Uo z(pWPax;8auTf3Wg#R$!hs)XQDr#>l79_dpuB(z_1R%WIc0u6u#qmi;=^X5{YE&Ya* z9pmO-GUzqugR4@Xj0qEKSjZA4`r}_3yNT(fnwZ|< zl-qdhDtQ>LPlLf2Pn9p+?;fO~(@(#|AgFG4qLgK;R0U~&q%Xr0o4BbD>Q;_MxC01V z3pS#tc`}ncxNYRZJ$(Bc6Q)7M=mAX&sTZ)>Rk@uXTgX-s{X$2$y&MN- zPbK8tn+eFA(mXb1(1e^9CDM=F;WXPXT{$Raft-X%^TrDCc`|s3-a^;ujf>7iZ14j+ zih+go3^Zb-uWFIy)sh=@^AjC=@r6wMC0$m8d)3Z;R8EiO%7$)vUe6+aRyS}$s#)Nk z-3-0Egs)+AV6}AqctCz;)e4EM;jQIbNcNiJ|IiSP=XgRA;#IK=Dpv@AzH$t+)~9@o zs9m+}uuQGSkZaeDbCCXtk$zvc{Cg6;cRzzmB1IH*OEjbhQ)C+F@#&p zzj;HN2dR*ys^V}dy0@WXT>@3BxvprZE8Rt0h}@#~K2QWhY15fLRENK`u&5dD^N1{? z6S9}=K+ERRF>vtvWRn@YYDYElbQx6LOopJZT_StNR(Igpab_zUn(W5GR2aZO^72oiAPb=fToU~#y-K6MpMpu?^W5nDk@8%%*$aC2OQZ^ zd=}>EE?s==xbMKxnf}z-RVB*6YvcUY;u0C;owjJelgMfEa?>Zqsy?3Q32Hk`&47qREtPvd408?~?r8}Ktd_2_8(Q6^G#Fd;Vi`1g$&V0Ig!7E?ACk1!8$N{y67~;JmJPkH1wHX4D z%6;=S-dHE3Y}AQVEHXFeX`Mih_vdEmrf8P zd|Iy`P{6F`=|nd+4c+kU&Yj4T)%&bnOkcN}GipU@cej$y zbEB z84gKLGFz=tiLSZk->^G1O9VVlo->fH`pbRWYx?Q?v5~x@{9|6e_*#9j<~0})$GHm- z%bU)tRnJIsdB$svz1AL>*b7OiMJ%{SFn$kgZ_%iMN?y)tl}*nq$k5Lh1?GEt2)T~P zW;wK$_j-Q2!ClqQVxS6RHtMVEgIvupo~Fy_iYGz(?p5ROp*Q8;b|#j~=1T4iNmn=F ziDxNYFvg43rE@zTi`On^Xv$6M8x3}-mf_K{SXUfs?ari(3C&vVMtDR960kU~3arnv zoNaKOcisCq=iy~7J=;P90&O-nkzI)Tz3zq|t-&A5A=~OZ`j<^!Yvc^REcuqHJll5l z<9hOC&x}+cI(4B!SQDiSzC|`1sKVXuWp^Y8yY+k#{Sk`EDa(A4yKDgn*MRR$1l_QU zCrTA1-^zl}U_d=#{M&z~-+qz15tfE!&G$>#?>Ow$Y0;E7Z~rGlZ5ETecC!gInWg&Lyk zEIf-DA)-8H=Em`A#)olX2;QyRQ7 zqgf(+C~d(^aN6Giyj81k*9>bI2|3y8>**(!0L4_ZqcN@@ z#TbR#Ds8*`b)9f#X(-2?+s8sQW{be(8KQZ_hV}ZZ2wHOi?UJioL}P__o%wqwB=o{l z?>t=1KnvO#ZlLt`3xY=>y?`lTB zv%(C`$eyGJ@8JT?U!>N0pRH-!S<8x|z-JmcRL{N)&K{gjTtF6Wf|IWnhhz!9j^?hs z;*eWK34e$WvNdC_kce^vCOIti&c%$bZ;^Dxwb@+6_;X`@Z~8P{yPU>JVr2D*@XB3Rj1?n{V*_ zSp)njUX@-BsE%2GzeP^i?740{WndLW;t8nbChSjF{mlcc;(-USdA2MHA3*v1c&Pdj zz*g!TzcO;YJn~nmZ3FqL^ z69>sq?B^Bg-1ZBDIm1)@50KLMk%)k?T?P`WO`I+=>c7nI{+_w$y8+~$-6UWAvmw7G zmj5d^r0(3Y_78F|()6r;6jM;_S7LO&S2$QPg(xg!MhIVglJ5k-yw9l*k8@n2aQg1W zc90T*m|HMZqF4Pz$BuM>k%UEHH-6M&3|}j~egH{OCwa8Sayz82kxqj%WAyQUHOI=S z7p~gzsXKBo8k^<-!dJ3$~>Tp6;jnY%*V--1x~{sdP{;R%m;3K-wX7%>^J zEY$mzBlJk}6vF5Zg*j+E`p2^#1L8^ac+f8wtY~)ZJ5_}cL&(j)(YWEb(~B7w%d>-Q;?H+sXs9VX2-kiBbC8tjdKw_~;j#k9ln=bDDj)&8uw)^4 z0NVJuKi|~=HR11VaQfBX?AM=va$^M)9;Vsk*P`P0`?{k6>=IWCuADyjvIK!*_v(ns zUvBmvOZzAUV0Uxsq1KgyFAEH8p(nTNK?)vzC^3Mr0PG?gQtlsoS=GQ6F3C?HBohBq zdBOLSF44it$$!$De@6g{p1>9!)Mo#oyZ!fD3I1V_gYY2ZKMe8@gB(Dl{G&ns(ICGj zlYcbGKPJ{ew9fyRO|0Q}CvN{S3*aAf>mZikKjzjy{>a}M@PD{T|M(;SzjxT{;^6|3 zf5aUQU0NQph)4_O4%jLXN%C85o&BB~A#d*^H(m!jG>i4c=c@L-QRRw_5(JNM;I9`z z$$O{Kqt%`epWT&ac0}RAwPucY)13+Et#YUFFV}rH7s?D}x4*r!Z4T#jnAs3n`R$a( z?X~F+I{~95B9kh|nttX-I!=FS3+f3Y!>0@#Ps8hTWbjo454YUfc-y99<&-guZ|&0Gc0bgl5-|%bbku zkrgUKLQ#2OzP(0Q6BAsj{f3;9tmhO#bt<3)nU5~n^)5!cI3t*d(HYGAdY>G-UMp!Bf?FYNKCNMYWV`V0I@= zL1l)xLp}ky1G_(h0I+eIrOKJasH!mop1CV2^3dyib6-;f6o7@BjmmuWzquRYo0^%F zmp_m&7vY0(%*V@3z%RAwWK;;fBBqW%=4d(D&mS|4$nfn~IF_E_AL>ahZ?oGgWX3$azXmg!oVMb>p z`aD73-83i%dn0$H!@80b5Nrnbmwc(OmC#Xy9zlCpI+lldd37D4;IYXUfXI$Exg(*JW z+meRM9ngcB&==8@&iM~A-eA?fuDNni80>NOZNRjeI^a zzOjjhXnJD3tu$ zk(+ZLqxXnG4Mvw`P)>7N2abt*)p{=T82&bt9dsUf#!cQ+zpl%1@kTf z&ytzS0|h2`p*RVMBl~Xj410sK(7@*Ikv5?Q152r???^_g^j? z07NdEyB=u#H1ibMVO~;LHAcNSU1MH{;i9R6BVT=BTW96=O4XPs7(14_-k)Y5mScV9 zA7YMw-D^e#_N?9?esDw9#?v?U{^9K@&~@dsCNB=$inP2|>`5WsRhCn8H5S~dk1jwq zJ|?mf8A1H-iAG)cO?ESPpQF9^T4brHc^{Zx?YyB?$&tH0>W%_Wmf1OTg~_7RBr`mB zD9+{Gadzy=zvs@i(M)m5JzTK5=5zV{&k%F_Mc69aRRk|#wPq-fre-G5Wgk~f3av{s%){Jt%t!uyeK?2WhKho6Sc znPf%Ter1AZ&%G`i?UF0^wiwgA5So5ObT9W^dF_Yw zp5fGsHxPm{MmUlN^T57CE*qOC;;ubC+H(<_!8?bfsAYPLrfs@neE(HC!NS*lN>PXF ztMg0$FlY}+G2=9HdUNH%1**gI={u>GO*T{4@UJpE`BxpvBg#iz)Q}AUZn*cJ-X{4; z2+6DrdIEdyR-~D1lUiz@rb2DcJqri+sqiS`94T`x>|EV$a= z;Vsfx-?L*MFSF+AVbYN5TfOyGR@2#EP`idY!p<0OPrajj{}Hysck621@V?YLVU& zDq}(dI%Je*fZOd}`%8?V&1qD7MaE0%h!`%uCF_YD)5ALw zR$M!p?Gf|#u@e}T(aZgW8_sg!5ho{WRr_K6gk$fvu{?7@DeyE6XUHjTr$M~=-0TKq zFZ_JEvLPUj^IZoGt=&zmDtzOl8TMZkbBD@^BL0pl8vc`Q@0`p$)G^ngj0#v;mLAc8 zZ$$)GXWEC470KS`e?Dnf?mj=rIoJkHRL$XzL{A}P^RL)tOf^l8i>!WMhm>e&y=1I^ z>-{R2yxbCT$6kUfkEd=j-nDafi;;7?pZSz~qL#Ck{+0f|RU!6y+ZA>+UzkOW`ZyNp zGUYSnrIUF}&A|H=Dg4z_+NYtb{d`xA^zuxGg)=i6A=R?0+Z#?xY<($IJUJHu;kkab zd-m+>q-^OaF}9hHRent7tU~W6Bzb@jj6n~&|~woV-VK&`ekEhg=&#@ z#yTRZfdO2*tmx2{is?wy=N2A@V+%TP({xqgn*pIJXnNOt6x=j=K5Zdtzs`V?Y7!(I zHPd)S%|vz5EOBD80NCyHW_O7t<%!fhU0n+QghxI?U2jNUpxi^0bN(+$FG!t9(UXb% za}pDY8E92scdiv3~IYoDZH9m>$k0p z!P>ndmR6XxX!j%B?oQQYqGvA+5H3$agyxN&0|1EL`?z7R(6@=*`#l|U>H?!#>J&pH z)0x*$dhxemDvd5|#~CBLdoX4hrx_BbkYrk}7DU~A$Xs^ls><5*cN z6SZua>fN?OUeX32jZNaOHrTw(5>TzV#TTTzy4r|(=RI|&eSS(=W!FCv8pQPYEVI-} zKs50hnP+w0aNdhx*;zde>+9*o+dMGIUz@-4P0KVJSubJcbjw>7Qc)*x98b)!g*lz_}^d|Yn`+A zKKGvQtn<$uGIk7BIUL}~HM|llAfI1m1Ha%eBm+EtSvb3~V6?&41+msHAV7)U z^$jSeo(E@;0GMP_(?SYh7#8M;IO4uQ_5MZdSdaRh6(zK9AU4+R3Owh_d*E0|Ep`iT zhY||ATwf{agrvqjv9>ChbhFQC`>Ico2U&d2SeME8bw=+y^yrRRQU9uUpc|)VYOeiM zt?_((`3Ql_zP{}cco$@;jK+HJeo+zc48FhiM8*1ar$i5?G3dKXPSPu;`1Ka}q&cfW z5@*j=qdt00^$$AizjK+#f^GI0_+-`>?t0Mi057vHQ%aB-E`q~A6#Qh*FeP5yr zp}Ph*J{&)=F$1R|U!&J<$880$MrknaLA<-dVBpyw)Y27m$7}q>dVsB=)4(j>eEfOS zOnL2~(Af2k1GQ0iJH9!bH15eb@wk(9;E9(T8v(Wj_@`~I$F9TX16Q3wmL4c(B_p>6wSUpTcufp0>5@Xm(MofhP-*Fm-QB} zg1<6|I6%s#PO|Ml3m{bcLPv=cia@_n_^5Qs@n#&6)Y9p)+BfGR_*(#FmRNjn#)r4& z)x&*G^aRJg%C7Ur?$wpxyrBm~`SSYSmlPGqYs7j8eTF8IC4|}93o9Jgu9{XzBwxZG zY%$UiBElGD_8e3NPk{bZ0{t4=Epnj0G%%yD>2EDMa zGI{m(I$9qi!*j(J11wH`jSOVnningtf0+z8&1zZT&n>vs_+QBU1k3WytJRGupa1F6lQKL^qpeMRu|;-97?Go}8!h1Gdrh19Aa5lpMT_ zAi#8>Sje#BA~8=Vxz2R5j)Tb)+S3C!;e^}3fMHwfO|+ry%8*g+kaX%Szwn$4QUVfa9|WftJU8vUYrrZ!fj?5rM4CbsV0@ajwkQt^as~hzz^ulir!U zGV9|#$VtsV{+p9HNV4?3_CBa|m^%v**^QoG3%i1z)W)hKh4-rLt`2=47SQ3l_5>^Y z5%BC_J@getC=mEyBtcnQ@6qm@9%EHgt}s%>L&!*(X*%S14E4CrEA5}kUQ#9ry123F97icigkrKdn zn!cW3(Ky$SnfAxjZgdS}ye>Ih<&1h27ziD1+Rs=F6cAys>c=c5p(n);!Df}@C**E1 z_&cW|%!cey6CzMXoht%n5_?8>6}BED=f~zP062m-SSWD^CU4*IJNI$RTsk=&G4ZNn%KM$;jI?1k}ia zX%p+w$j14m^&R+l@5iAYF>9wKxwf^};F6garWrYTB>`eQ_G)np0YkexR~Z=0{x#6C zHR^;H6#QA;$;9WRxJ~dY--UY^AUVXA^YSYBGs8C|8Sg(_XV*)de`17sRj<+(ebT5B zc;s+%b{pH{2eYX{=x$>xSKi;Lg9_q<^-s-M~jN@FtbZm$6eI@zD`PalZa}5o^2HnfQ z*;}OaDT;Vth0Th=KuQ8*kp(p;bQmyF3Zh^XV)hQSkQYu`o3BK^D?Ajxx2mA|!@lwC zYwE|UOaZn+*>OQZ+n6&`*0;9wuqT=nqN zu-6M9>&Cno3t@c<5n`uuK9P5A=ApPTAJYiQI~&+ACMExqq5qy-w=*P8HX$2c?Fht| zD|XC+bZ(d&Vm+$M5ph&YpqG8(yULNo;Yd3>T05;BvloP$RT4-XU#mj&2g-{3&IZ}z zRKK7 znSj-nBLX5B>m}q$g>E6jrazEd%YgY84P;mw-&syCB@K5(YqGK?sYm1)4R~oNKcN}j zMeZ%tllgo1a;whI%3V+o?YpdhP^rdxsQvMQjrX-}_;J6|#ae1C^^5ul-5(?$%UF4n zi$BH;#!M5MZ~d7{6yXLq#pw=$hZ(&RQg?1;TdxgXjeSj?Hb(Ls8=IH2Rf)WboW=ee8=^Aue{ydoBW54^PP!-w_=3{mPm;4m`_REZ+?mB zah4B|ldl2r+5OZ4I~Jx~&8Yw@p%%K)P(YCocIG%VPI4oT8jbkl4&biJc>oq8?c5o% zKHs5mo^pE^a=DY28`nx4w}g9y{;8n2S)2kF1imAT;!jadfaHVbqmQ2TGE{MC-|pl* z(J7m-;bb4AciI#V#v)qn;taOKlILTGj%{!;M-x5QLC60hF4Bf!g))rhaO9XVphd@f z`n^usA<(SdHS*!x&o0ek4JO4MJnvG_PKk9YjMe|wBsCd*mbDyo$jjK|+1A?jv-U3% z)t~kKw1y|s*BCbv=fv!~3@GLO3}^9M@{`MIxgp=cR@trhtag7mR@Qx(&HHNF^zr4; zb|)8e0M?kbGC`}4f6&!vrIHa~#e{yu4xKAj@F>DiX-bSHkf13HeOz z9Hnd8gu2$yql~KhiHno6S!E_+VHSEOaR!#?zgte#r!_3X7*3fmr}~fr_ps4g?}3A!WFqS8|Gx$5EX zK-aq3)*dThWA|8NUX$T0AeoV8<+aqwKerH?;AEVD%KpSnmYdKk0 zi*n+$a5C=N*Dbk8uK_Vw+b@sd02zu`kS7_<2;MK)h1i`v5TI!J#G4$E)4~Q%8mcvB zeG4}DxU~K)>lcYOVx*JnD&eLpf!k6>>a?(N zm>XYzu%6HHOQ))jt1Lr8F{g!PZm?du9e_!a5`^Aj8DEE)C`em&oh$b>wB?xDJGJ<8 zCpMgDo$+eJ-4-e$+qUI0S_P7_n}#lCKyQ&w%fb+m0RbBsR2p+;d?rvb(`I(;LN8@)BDKJE zE1=3mX*Lls>y6r7Xs>=!|MlQOg8cSny6eSGJ_>}WV*7>(9bg{2<&^ah?bJ{>{L*Ex z;(PyNs$g$DmIRm$6Mv(aw@(({zDT0aM7HdYBJ3!P02blggdt$|Pl}@pjc8O++O9=q zLdVGUCp(n&ZS4tMfpg4HPiyc(q;?MsCIr5QYD@A$gx4yA=ZtU?ZIEDw$Is*f!*74x zsC{pCzdjzra1h_#*d<26y>Ve9p{7l?mb#lAnOk+gLOTwIzY4!~zBAVU6Iu0GXRd}Q zRn(PekZNMqwkC=SGRIuYq&U@HMvt$nBfBnNP;$biywAz|9PsW`;ueIR@X@?Z*s!-Z zT&FjHxnF7rFckaxRY+6e)0Yok7nXip;R5K*v}y4@wK!7YCt=VS@CwqAihnxTDC<%h zXr0BN16NNi&bzMVo4nrWb7f(=%&?x0K-fQHFan8)wRNbhvEOyx;R?i=hDm2zkM##@ zK|wSD?k=B<)HhtiO(S+;dg*V7V}I6>KNr*dm~!hhh)nOir$Ei=bAYb0TyGStPlB&NeNJRTd@M|8!m7vre1r6hiL?Z zQ)fM|fzb%e{sX!Gi@GpQMLtpuNY5a<03e)e7ejCQ85R^0UJCCw(v&B&G;|_%gWv9C ztCAF>kd(rWjAESYz3futtE#Wm47-rdC(z)m)4L3U-uC9KuuMN&+{b06?OzA)mtwb# z2yl~0JyKoh5GS&!ZQOUBGorHRv3;ijtobWgN_?(YflzA1r`@a_a_3_~VZu4-w(GB= zca-!%APrV^m^~V`C@q$|(wB3${sqp`#B@YMGggB^wu(-DWP~akzr_JCjHsbvk$rNx zRdxR9A2>pwf(p~^gUx;cy2!@uuR3duGhwoDFPlH@luK;+dx6)jyIuvqwIj2&k6&Wh zoymP}XA*Mm6h+5L%6smHl@QQx3?ASd7nIHjcfBcweKJA)Wt!44lcCM`jXsB-2OMW* zOO)i}GBo}A{B%otb9(Q2Qiz_5f^Uz@Q2&jN8;hl^>TF!spD~|)D||=iy~9)}t;t45 z&)Z-GYc&#Kzh>o}-@h3WoR35hmJ8U;gqO#l(!+hT>W|siV~%tcN!|70AALqI$;nW$ zZ_H356z%Ee3!E;VadFIG^r?vWgG>03!$q*%5Z~{f4iPN8h82nW?`MHq&QwdpR5`~I zq67#HUzXktNRnd{5tVpKdOM6Ow&V)PE{#^09uj=<tWw>?H;j0>{XS`6FP0#gK}^Td-qwK7Ft*R)kHVFlq~E$I=lEQppa_ zcJ{dg%P8Ahs`SF%&%Q3~f3>#YI`);IiQxH!_SEb!1tK}iL9SMaxU)P!8&@2vDeab* z^}xv-f>3ADc^-RvL!kQB>taJwd*iC70fw{1WBMlCb;k&d9wjA7YI2H2(xK)}?tH6m zr`3M-h7r9g1D;86wJdQaB=dJXExwxl0hGa1vUDY_RPp<`wmv(n>7W7gY4=Bc$99WN z2X5z*Uvs+lX`cB#G&M(#B`v0d<(Yb#=wD4Z4C`6kM~1Shrgxlz%~ZVmgYeFZ8QugX zn{ZH*$R}Svdc)R4IOz-ab?L8uM86uRm_|KC*OeinVBRH@Mu~*`iH^;(zsDx~tLMpR zbmi}_l@v0%w3IAGEjs<`&HLBG{@ZtkYAhw(KM+;L|I-)$%P$y8sxb-Mv;FTHn6Mi% zysaz~uBEd7@N&VAi z{(Gl>L514C#qT#@{rU3mGxaA*{u?O%{{s{bu`ISO=6|vtsmoOY8-~2`{0J;75 z5B;Y{oML~=EHg0mADrQzKKXAS$@qZn661@qCMVDEB9g`@0n4D1$&8mkWsdpDEOT z&Wpj5BN)BbEQJML5B}=={kJ;L{r;XX7o*qRzc=ka*ZSX^_Fu*4-zV)~(f8jc?f-!< z|AxnZRd)X$>$GNmwyMlhk$)A_|3tKZQWC%a*ZhR%+)c+!fgOwzrF)JI{I&E2_{;uP z@ZNjX+*()5P{?qjKZKE%CItt5s0Ah`K_*Ui6C@Yq=7_)4u9;2tn6X63E#|BXzr`Tp zC(Epe{;R`v?sZ|y?~begSM>N-S#h|^bM8iPWw86wP09-AjfuiQozBhs<3mNHxY3#j z#ZM-ehx5U)vfY@kzx6tZmvM=G#kuQu|Ii9{hK8$W_k5&s>Hj)Ywb#uxY-ps-VSPVn z*bO;QK%jj(8sr4^Np^(NPj~%pd;69V+isRrd!zMh$d+;prE4n(SIpx7*Af5g zd@Rk_GHLz@WH$M>e5j8R1-1Lc)zS$9?I4v+_@v2q4PUZ4`D<`$!WGu5=>>n6oRoZQ zW@~Ck%;E$xC{wD}#j_1DL&1i>mH0ZKLW{=x{mkE`5bGB!ZVGXHuXy8RC%Bv`bVs6< zYnLw%{Nh?K9jgp=Mea+!{gW1IFv!We=HKKb<`vB=S9P#oam5X8F-Zukn34vza7l;` zt#~3a$n(cN`GB7*ouMBbmW{GMv7JA|dM2zVzw zk7uXg>P|>Ft+G+4TLo8wdjo{Egonj)v5tI296~vfhr&+9|6W{fMyuWmmVmC;|E;+H z%LfVC4ihYksPtvYar^lr)V5*o)sM@t;U%}V77Vc#acDB<`xvRdTR<94nT!1;?ulj& zwTWAiYYl&oQAHGsu8zLRgHf(PwvhXg^abgCY||zdAdx=*3^hB!kjwJbEeEz=zx>B9 z+5Q0+CdB{C2>%sG{vkkYmseZn@<_;02{43uJZov;fVTMBCSnGfiP|xMVwzt`geY77 z65Z?{zx+>|Qs4Ie7F$(QKf0M#H4vMEo-v2CH)=}M5O6!!EG(LxoB?s13v$1unUB%y zS@ICihfDtzOa9-7K7V@0eZiQr(YW4~f(}#>P*e`*!1TY*BF{$QaF-G{T zxB64PJEF%?ZnN-Y12`^Kyd$+Ev)&BNjMD80L$=kArM0(q z11f^&M&Y)^F^`50a$^Xa&iXdSM%W&`Jl{0gDD)S+m7Zq_-`_2ujxSqi3N7T^h=+{( z;VYhm$f&TflvFgo6+g8vAGD_=51D>14(HbDwwXDs_i@qR)vlnkOhDo}V{f>gsZHDZ zNU`b-o&Jq#5oWqmNFnWp_#-F8CY?dcLhQ_6>);pdAK_~OYIX0K+4Z)YJ>|m2YX4HVh zaxdk66?k0##sWas!{pxOB+1>Tf$NQiL-sfmub3Axyu6*_)tP}@--f*v;!D2foGLVp zV00sZP*k>!O|!tJXqX~lu2o_)Of^1j33Xn!>pQcK^Tc1$TeO)<^(q;Z3 z`(8PB!(KV>v2V4mW4F&|Z0|O=+@0XP8;!hgl8;<=w(WQ}K`4jAJbu=r#=}bVauK8M zCESd=8ZW%iE%ux`$WqIa;m)BO3+C6MZIBf z%lvris0FS85KWuozhyZr7}%T%N|jgfK@gq}7T+l;C?{Co@?NpN<*|}_3%q1*pKi;luGW-rmkhtJkvSfYW6s`%w5rCYeK=xxWDI4MU+g&pBTCOL`xjIVb1* zEO=D*dm{XN=xXL2;7c*`dJ1QRAB%ezeWMqh)91dD%~jX@{C>ZQN;9j+w+9v@+slv6 z#Wk;=HOyTw0iX%RRyxxcsSwOgdlQv24$n`p$z4pjCYb7Dt@RfaskO1%1y#of6Px05 zUevgw!d~zUc~2#i+JiIwI_>5$AMHgNCjB?`Gse6d#$mTH5LaA#y!ck38=!t$)kr2s zsOaez11aIha+t25NjGieq3yBJc z0btbnuzh%gc2@9som=_0nkLZqa#tn?*f8_(FP;XWN|n;WK6*H`q;avnXB9_e4WnjI z9rixujmXmIvrWB6Ij)4YZu5E(6~j9QT@;BiKNE{9PA(6{PD>OtkFbqFuL&(CEnd4o z@!)>>hwerMI>i<;EY&T}yE%oS9?V4PQOhQrf5eggqZUBc^iY#E(tqpTx)E5-Swpy& zvE>VV32hhuQ!ki$Md0W=t%8AL++fmvPRubO^tRfdo#T*nNwXc&lQ6mKkZn`%>XQJP znhHgT^t9F)JaTl1IF|0)mI2d>#gm34dOPbE8uXKWE+*bwKj1u~sY4oZY%S%}og`DN zZW1T4b@42RCEOA%C0XWqcE%7{=&7+_Y^XeN>Q=4iWv*Wu(2$Mme7?g)wos|Mt}<>h z^47rs)}MYupN|cWeRvj*iL(02?ZI52q z_?S3e38#k4XjutQjV9xkNe#5due$4I zj)LZ|V!NYtPk(HD+;)WS_9DOACZWpCY`N{Fm4vpzQM2zi`w<~t%*o0fz1=tOxBFN~ z+WA)-v>&r*{>F^%f*72zN)mNQ9wO8`$$Qtc3_Y3;!Kf0QKiDt!#K^u{TtDVQQ@F<7 zY2S3aKR|jzMsM^NOG5Jb{)2CERWxSxRl#Yb3(@~+F1G#ruCaoPz;NYa~7 zs2x7pE*;!iXYbrn{e|nJqPO~h3=)!BDorz)SIEc;3sez5MTum#*YIvID0NgoU2uPE zq;)v42|6mRk~)0U^cXWJXU}8V-mRM3>{a5UtG`fFl0_$sjs=DfpVjYJ{t&l9$_!Y; zO8R~lDti;oseGWtwLhGKaA#z%qR9`yqB{OKb zNpz>&ZT2uJlfanpPq#~;;}c#5Ubdka(d`uv`g$wPK=mKm@1ZTOH#C4Ytp8 zD%t>9)bFC%@{XYZf7XKgYUcV?*1jkj31_fSX}+zyJhnrKN47f}TlYY-8+p}ikMV$_ z#yygDQmbpxIHaIVA|ZAycSh}cQ%6I%>QBK&vh;oL#W4Coyyy>~ZaE8-vlIxZw3u*t zqW+l4gwYY=G9H$eT3MRG2Err52fa9v@kc^uGXti9P*)1}Z1CVt*iJ7AKQ0ve?5@o% z8{ES9nDVaiZg~HF0jI4&bLcg}!OL!@H%loUk=O$R6rSs40Oc}33-~n47yr(!z~yW4 zHN(Dx#%I+1SWtmbc!lD6GYD%Vad!y}R6zCv8sx@Yl)O{)5@TiUioYm)9ey<|fo@)D zGn>89V`&OOa%IV&8D*jeM}kTy6nJjaRDz8;9bV16u_C|UH zco4UwQtL@b(mCv-gc{QfAry7G0Q?4ogf;m~LBCC6ZJQv&_fr!b15a5>abg@!|3z;r zUbAmjaP*S*$#KTvQmMD}Pv2R8s{BANcNag(*5la*?N9YmXt&VKJ|&$!T$pLI{nYbJ zCy%<-F6)r3Q><6nOWzKIdm)_l*a;`GgVlcDlhz_{RAsZO++WHs&sJfQh+#0rkIk(-74pve zSKz_PUg<2c;>Ieq2RX9pqCZw%Z|F-OqitXY8W!bv)6akonaIbYJWN#WnD0iS_N0RX zrC^O9<_Kv1QF=XW2l(O*ae z?mKE)Q4-{Q21eGV3zr)3R~KyqEx7jK*rYVX5$}d?u%^7jXOmKk&KzDD^irgBg$~!l z#=TBU9mG;p>jbu6*ZE#;#EMtn10ihq9;j?@khiw1=Ew6{>48~W0)z1^ueYp+pK+<3 zPhx1v>AlsE!PAzOn(yc3y%VCv%=dL(Jjg@zX0_+vA z-pC>XaTXDVh4f47@NrBo-}rIj+ZdVKwrCGeeQxYek6SYutiW13PDl zoJs=NMDmgC5#MXWUeRUynD-qPlgos|;mW0RkdBiAR~VO}-0;UKsn|f(&5n2AD9HE* zA$=E&g?QLN?+_Ypb*I&Xhp_Jvzz1XIVbitl11~d+gFkZag_ELU&k;m)Q+QI`_`($f z%D+k;3JaqbDt1#h>0c1Sspmjm#&8XMRZ;DM;3FWa1}@2(@)`jMqHU>=qTe}9eDpaB ztlknpbeCd2k(@t!o_2p@ICU?u(?03_K7=5y9dX_97`!A(Xw1n1eqf&V;)6!-;L9z% z;=#m{&xeVTV;`^yZq*Y({uW`rHXT^#WIL@+uaSxxcy{LSbHd|v;13IVOGGwZpUh0^ zo;)PQ(L7gJk{i7;6Z)}DJ;r!8u8tm`+pYmr)k{(6FT+*X&7o2tA0Qt?GyTR@LU6A` z3R>fDK3;uW=pm9Z5L>I7_sn}D8%A&?nJl4?i%7jyh{gbi&rtmNs-kC zcN*umUQcXKBjoCc>j00hrhKYC#Z(-I+yIa=i4Lm{_9w1vV?&QnCOn#ShHMPGP@l`;E*?J;tc>~G`Cin}jYhrWGtya}e|RnXL9zxsKW4?#rze?f z*jQLnE95BW=9A`DX1BZ>FPr~!jEPpd0qPt+zjsHj zQ>2=tPzyZdYe;#qcd|qRvCegX8qoU~7K67l%yOEolgbVCK7^5(uQqQ>E>pmi3~hai zvk^aZn6q~GT7qtV(4v3a*0F;H9BB||1}DFewJ%!Q!D0}SRG+!q1;i5E7(-2($%exW z1_Fw_N|^XTq3(U9@7T0!?v+w^ag9k$1#(^GW)i#dg?pRSZ5yC_$0`GJuZArS3eH;i zAMb}geBDI0mh(V}#1a(Qvadi66;U=%B8r@{u>L=U8c~%YFp-^6a=vXRFk#d|04b>8Pw8FwUmD?zHUTGQjOhf>thAL{KLjT9^2;?hY9D);$>$;6+IJ()nWd=3q4SQ@rLev^JrHmEDpB7 zIkrtx&~gpmz*b~oFA?(VHT$FbXu`murYpJY$4vz9QoTU!{M_e1)Rca&L!0+CJT#L) z_~-sCoURHDw;Eb=DM=3To}5NWWA{@C3jbGudJ6h-&!@aJkTy$);T%?$J$n1{zn zz^&le_z8cvb_E+vJZ|re5zuV-!-}O+AL261Yxt5t+NinUxHfv&4`Mf18NL^oK1l5t zzg~t2m4A&_Mby28mA*WPL`8~^bsVp59-a0Nlfl9AidA5xSqc{4^AhrCOUVTuHIb)+h^p%dUBS6%=;AvfoWUr^;<_(x)No) z`-{r7Q|LUBx{S=&o-qZkB{-b~d?3q=SBQ#ov$ecgp5*h>5i5vgj+WgG%nadHQpGrn z{fB2!t%v2HjN=1=9Cpc_DYo}>v&6xHYwV);<_cN*HgV~_R_kMHIW7Aq{Rd(#5dQMl z3!laMbJ353lzXqr^!0A+z6G@eAOc{DsQ|<@+UW7qtOa?FE9X=LQwj2`I#5)Z3zS3Y zC9m9*9YwpF;52=Kj%%;%2+u$}ne3-tCBsXv@4}+(MH5fEGrV9Kw1IOI7?$%1iAGTS z0*MDr2N7)66PsBDIqf{E8P5_nvqeM=77 z*)3Gec?{gNjosc0UOc3DtfuP|e(#!?Xk{aA@zpldTN0cC9TYF3}=A*!bb&8h$Nu(9(-SkF6Hm{uBa?2Gx|u0q&MVBjad3tASEZ@EEv*6t9i{BWj4-gKL zDFjG#{BBSY$yNjm*}# z-sJ7_?(qJ#d6F~s)EOS)hft=eEOXvLZ*#NAlkrgUj_Cwn?-V2#^p^0IU?0d%!MQ<2&^ih@RQP_0n#VYH%XFP)t zp8)+GFwP)%aBLiQ!q&OtI5(s=Z2;?D>+aof$TJ)Q69lw6w7BLg(S|#F4r*gVnzQU{ zz{LX%wP0GId*1!roHPY3tJTD~t>tGmKg;0wL5lL)1Fo<5L&SbPY9SG4TA(odm0?;j z?U7@_PfZUjsoSec{Q#4314!bAzGCs`i2nGJl@6JT8)A3sWM@O zhm`fYbzGPOR|_~oay96^s8@(L+p`Bwngm=bJrJ2fTH~G6FUs1TC#<<+l#0O#tvLek z=w8%j8qbOVV2qybH%B9Vyi3vF?}jl{Qyd)e=|Lu9hz}49!QN6ZFjBq+6!SRf18B?V z7ps({32-qL;;?Q0Ck*7Pc5<4(+dj~wY|O4iiH3VUjy^uD?k8v_U%h;O*B9BMFhOJZ zlb%#QOieV%PP%GV!fwSxu>A5o5S=_3Z_2h7RoUfh=9pm_UB%J0PlQ74%6&+QM%6?` zq4bUMoH1)ATp6_@shLns??p~3+ z`~}LMC}nM@0o)=~M5cbD^kYjdzlN0&-BUQT6bfhL4~djfI+b*X6%yM3MbFir@@H}F zFD~}W)|BoM@(i|T3g#<48Gh8H?wF##g1p)9S?fkhZ~J1Z2wJbmpE-1(N}C}G_rZsd zm`Pr_llHzHxneEh9;K)tKcfe{_Y(82NFuUJJ+&1rbJYW1lOCvS*~=rpw^`ZGV1B%) zw;_j%bSAtj^HEjtW|W*eeUT-ch$1qk+YeE4{yUZBjcR{krH@$w! z$UP}M{aH!Vs%|FY)_shT6H28u9DG}~)AqwnJ?U1ikd38kZ-%YCyF2i5C5A=B06jO9 z@KjG#I>a<`*Qnn~MP0(V$@S22ZSc>mvd;;pR4jg^mV!|$ZyrA$s7NX& z`_@kt*ATY^4BKB7*e_c>sT?aOAb5^{W=d5q9hU>CujSFFymPWs17-`V)}L!aYb9qK$aV^)%@7$6LNhY>we>Db4K&3mjFZGY3-7rb~U&Y^SK5 z0t>Rr*8zPrb{=dEURluAj_;I7A^3^i7~=qi4?^94Ch+yi-f|th*(p-kr4lMBQOc6R zogMm$?c0v7br@ggkJ&?C{EmO;y15zwdO5gO`3}Tp)@qdhb0fE0TUFs-1K3+xq#fKVc)Af?IzK{Jupm7xj0FR!QeT8-06W8wW3!M3Un@>DS=eV6@~sk{9NSSY$tJ zHVct^nddq8IW4-=dVNh`D0pEHYa*PaTkEaF@HXbG zbjL~xtoTuzn&{Imq!;qR+L)gw1cNP`?yBbz*tYts!c_9@*I1w<*EKrclZLjIdfI>x z+PgfR+Zk!QRks6RjtcgaMZaz$G^41-)4B$i2I}alSkk(c=&V=WCG=?Fr^~%Dviaw@ zv#@?-()5EABt*r3Y7&@>L#h*%6wxF+Z-GZ}DO)K9$CIDgn)2ZfzI}8S2^DDtbMHmSY5J6`YIxDsZ?3 z^8%APEo@<-LZj?avg>g5mz>aUKJ(t86Rn684XiBiT4$UyFHS76f$M_B8w}Uqn#EJA8;4u+okV;R|Mp|Un$OY zzaxFk!Xu+OM}CyKwS=s#w{E_GjrXh8r??@W+j%laaMES4O^QKv1n5dWEc6uXZD^km zxRFh`J%)uP)G#~$Qvy(pIT*2hTIBYz!PVYtndt!XI-!E!0&ZX`dqUC72E=(4JTXkZ8G5bCAu+zzw* zT-fHe4g-l2GnUjnghSWLIQLyWrbfO?PYIf=Ba{pVo|bG)mJs}t#6IZ{Kt>CaDn%uG zQA5`}{IeeKRVmR|O322t`GvuiIZ9t6=4!F4X7PIr3Ws!~^|vB(IxY?c>{YVeU@#7hNgQd~pYU_ktoj2yUJ8k6<@u3+ z++Q3~fu=~0=S_Ig_oxRt{IB<)aCQA`m zVtPxP(S%Azr<^4R?RlxAwwUKuPDJPP#SW51EO9#)VQ zTxL-;r3xw=|H(hcD@9Xwe`GA21K7(bEFsA_8K|IpX`!2zgLO^(gC9B(gi`JkN%zk& z6_TfhaVG$SwPV^X-ugGhS1%`%G(JqGIbsYPp0kmPeU>K$0HTSbYi~)&1_>!q?G)_` z@UH7eMz8lBNru#drOl#jhMm|&jAYtrJY44h4f?!U22^&zyBBJ}?X6K?v67Z6s|Qfu zWXn36GNkMuL@;$*CbA$?2)cwK$q^nlm4FPr+_5WH1WU^o+2&`?W_4qpxuW+BGZ(G$GXf$DSXfMNxqDzSHV!F( z&IdVKa-+Dw?mJ?@EYd^fd)81kC5e({51!)za}nQTQBIONsn1wR$YuK?V3y6$yIju6 zabW29Wh1qWXB`NuQ;E2tFy;MR*;VkP2#UPjUU(itLHQ9HOxg*z58Pc2~&qc;|?fz zevql@>`Hi6fLss&eLhz8#}H6mwDUr)bV8`P;b3iytP_o!Ev6k_oAe31Nvgm_J(K$q z^r~IVDeIZQ;MGYEa|;7rrb0IyoD?5_=aCSF5hA{~8+ySZLaxB>vB{50Pbp42 z--wf@NmZ$6MZ8J!F>MLQ5AAnu80cTW^J9A!ZWVPG%te)t2})YzVIx8)a%)w4p!Qr<83kdLy+>G z=qMYtG}-m2tH(PHhtpCXWGHCPa&vv2jZnSND}HjN(8&sagBw&iyasGhWykA@a~I7% z$MoOH0 z@yR^!JF~Gi@Py*zGki^VZST)m!GiOlPl+3dyz|gpK8xn?PIhFUKv@ofGhT&m?iZpm z?@e`Sj3|?}FljO<>(*SPwFa40Y;fD3tot|$ zBtk!D0ycqxy?B))*4S&3+(oKUm=vW@XTJ|c;Fk^4IsKA9?i}pe-?rar%%KLNdoAkl zJKgW6sY?y2bzN@+ulocN40zL8S)(qOVsUr*lIZtyshr#-+|@UdpV zT4n=Bm-SAx;zH~@@RL&x@MVOY?P7i{)>B}3Ty{fhzj{f2b#65UoaS7MP029vemOAG zYDW{hy5n84S35x}leB4IqlMlE$5H*ab6oR8#$mOt?FFP zF$s_l;wYc+9t9r=-)^kP1%;KFGLFZJae>Km?UzXla=Y);V!?fu~FT{)%w4_N>_i$Ti~ z)IeRS4h0wDIG{IiY-j{h%XWOi?>l|BuP>K$fx;{*cDZxsj}s@^mrRnag&G6OgO{fT zbds`TP-|d?@(M}gPJH&$vuwh)kjd{?`w6f3DSj>TCStu%>lV)5rb$ImCA(yOFH5?< z@#YhRj%Arv59@g z#&w(za8Qohm3c%3W92;$-EN&_VvJCe<2pvD6E8u#Qw8>fNac3SGD#EpnlQ`)ydgoI=T0 zf;#`UIhke@r2>K@H&@OwLg8-wY+JSt%{SaTZ9!9FcYjNNU7vx*#Jf!Z-`h__jVv`Iht-#h z*7Nz6xSj|9clmu|B8Xg2(M`(F9;nRpd){NSkJ8sUwM}=kcM(;*EIISr?F_uf=hY^l z?4?b%aN&&A*v>q(V;L^#a+T$l0Ni*qtB$XP%gZX|O9IjF05*<-^tl#D-Eip!y|HHw`Lj@-+jMJ7I!m=Ev;bLot8g{~$j`b!0G+)GHom+1?~O(YP!i23!4o z(komGnl?*;#sPyGo(R@fHq(Zd&YmxKYZPqwFI@+OoUBlnoS>Ho?aho-Ha{|IyMH8f zCu^~=-|m;}ZWi*FPtfL`2#cXG!%nweGAR^a!)38ODJtWTo(j^CaH#W!X4&^P|LW%D zA&r>-t>3S{@Y9m}FI)NKvNIOdllA%}&P2nTwZ(C#!&W9}MJMmm$G5A`dsqNxS3nGw z4*9?e@S|v{AR})z<15N&>ng{|$kw`a3-3c6dlho)Z3oVx(v9ycxeP(hAuO0A2AcyTrVYa3BYSGYHU|B3girk0~Z<6s8nVN!*#a>u|27c#%5^EZA? zu>UW4@ThWm&I>V^g+(L0*LsczKD%u5ITmrafX9}JXV2q)WKF7SaO)WvzxWT*# z8Z`0jkY606OP<5DPc$dfc%Rs&$NAF|cb9?CJKTM7QZBSGbH^hWbVW&(QrYSM^JWh- zBmXOBD*b+SBirk%i!z&D>*NiPFAuk(R20wb*vu7I(Q}0Zd(AaW#o_m*Jl@AyI*{Tj zW_P(lDk?O8xo|m^mzbA3~#aDXUzN|fKkn5wO=#C z3KA6L2E~+}J*e8P?T_IS_c%V;FyOIK3Mb^94RsN{Ao~nPTQd@mvBceRIbn;D7b_uW zRuw^7^z+q;?ku^>xh=9DQ>t4yw{L3y0?w?U z!jPM@xJ++iT2VUYoh<8Wb0VBiLn7yChcQZwRKRyL%;b@?DNiy?J;7X0yF+C8S?L01 zU-nwz_jSz3Kw{<8JtwSyUOr;s*0QC@GTyn z%w=voDUi}V^`!4v{)@9TRD+bybwTCeSH;VtER}r?wn1XN6w*&Qle6aRfAI1wg_2o~ zf0X(1U!?!yWmcqMsxGqpq7uDD%&eDdze}E|<;~;X-VDB_Zs=e@Ui&3C%KGnrq-VL{L z_b+_Sido3fUiKRP_I2UF9o zU+v>Jl1z~1cQqx|7x-QYq^1``s0-aAE>zTV+YgdgSXNl-%0yI`ulz?New0OOwnSg{ zTCG?lY0s{6(gxot!4RQ82nEn&h0(K{Z8cDeh^?+ZaCGdosYwb5Skp{h4lWC2o=6b$ zY<~MKnM+3eXK|}1jXZUDx3;I{rZlg~@trB`K|p}Zt-W+Qe(=jF;}{ce?PTDh6omLn zdlRU+qP&6&>zpILu3B0uj^~2GC&y~aR+^HZABQxrY?--zCu)fd@Lw`Zox0#)8oBqa zQ&*QzDXDh+tyTU zgFrQ*y*lSwWQqm1>zM6c+fdxS7Ax1yn&|`MY|u}NI@z{CIk~tR`G5h7oloK=4>b;v zuVly-)AGAekI{A?<(k#(~UP?mSm+iWB9f! zmAFi7c<@fuoV!^MQ_|vN&Rzbo?9bP3coQU2swLanbI)V_W5vJ}-vb_WrlJi-aNNf_ zb7Hg`j%Tk)4!c9sjBIk0Tpk2(?cS%GQzl9zmO&9*Hd4=GIS)QfUO z`yG%+6S6*qeWV6gfeO8EN4n3Rf6VNmCgpkgMhASJB7^zrndIVBp!0vJHwjzq4o~7G zeiyI_HkK~|UcU|x#FuPLccAIQ-GpC9ctJI<%Pz`0m1stQz=b|OfR3$kIb_q|E9&{M zCuL@%(-&Euk&m1IWlHLePg%R`zNV$%BwO2_%B8#~l*JDe z9JrGH#_3+q{pym+7WYzw?*W)n@;}kS@_m zeW*M(u?e@q7#fUrKY6RDJuR?9@`N_ZUd}uK3X}0PapeFFFT=c!#t z`re2K{F_Yhm_`HW`7-MhLi`G)B^u;jqJJ^NkiGYG8Na>Dwf$}|y%eb(6@+2Vhkk0| z8{@XIU;`nNpO4lz%aTNm4En>qwTmc$| z?}WkiEUEvhrF1%~`bu(F%@m~Wb*E}6y!`1kb&s}j`yyZ8uG%*H%+b1=ghAP4hyLAF z5wi#0j!H}VI|dmxe{ImyNZ!WIiEiG$9;0V8sEbWQ&pZhrfO^ufkLS5soL*MHoP1hsBh^i2_j`;$zQI6O@zOCVWRe)X(GW)4zr13f;kiE>A z>L0b{Y|RA*GpPNwHAZP3fGw6+OMIo_M3Btzs$zarW-{!oOOT?>vf<>uidxB>)i1U2 zwWONbfVV6u(%z^ssAvnr%y4;3kV_r1PD}`daJxbD8neyao3JQuj(e4_Xp^ijJkUcG z2K%a&fUOgc44`9JOzW_e-Zy@STZ<=Fxs<(*35EtcNB%`N*L%UH78@t|(b?WnIP6^{ z$j+H6ZD60)hN@S$tntoT@rhbE!z5$06NbY7OphTTO4>P7-zgQ5ODatU#P8jcB23~z z2^VdHPEQnBwF4)u0Kc*EY4ZyjT2q3xA*UOmF{%~$ESuuzjNwUKqB))(7ns9ZHndaq z8qqILY&9oKjxF_4u}51n|LX#(`gl(4+MnCl)@4-H>TQoODbHxuN~q>vR)F8;5z+Z{s9!5klQHr}XPwe|XNC7i9Y4DtCtC zK1QZ8!0MZ_a+hoqEFIJ6foxeCz>?NhBs|>fafEe)+i4a&G(xo zmk0MRK+9ysy#3io46R+Vs-)$~7asJ#(_}J!Kych#y+i(Dq{I8!u)zoST6|QCfWxapgitFXXB;~0a8U?uJ+{aTJfk6ax;>r!lVreIgSA5&ip1z&(N|bWSbeO z%)ghWD{XOyB+Lj|JOyf{6K*@MY1t;w;8Is5K=&LfGl@47Fg)7)=bcp%9^i3E%Kk6V+E=3vB~`b6i{tySlY?CbBK>W}+Q=UAJqT-)*tVfc zDK`9iM*X?BcKon+SX!+CY%g`%v4NBU_Z4h3Qm=_pJNdBg^P7i=e1d?hF(_4gwi+{$ z-b@({f)R2`*xYRu^(1x4h&V0^48ud6$Om~Y2rbg^=7;fQVADF`B#~jExu*QYoc6kBp+k22G7O< z;M)62qvA_}+aZ9L8Feqe$}1e{XWu=&_KTsOjbdsNO#DjT#=&bd(|-h9q=(c`bCqj( z@IJl7m#z1!7dEZdUr*9+kO#v|+Cjlzi!P8qdAISRU$fmWu^#X?_bsL(mjaz4pnukE zM!~*uKc{T_w;h_Dl?DWsT3hi^6v@nXY^|B^>k!yqDax_^IC@D7YnQaGyGF(bKJl`` zx9#rKc=GzjWs-Iahh5hc34_u&f2!?`S(GVTrMb|(cnhW-QhPI{umg`Sl#Ji8Cjh*!izDSQ4AVX@qaVd*xw8lfL31Gb1x>hhEsfmHUHijkF(bP zCBuA`LV?|%ecHlYg;;*R0$w>gn4j6p0jGC97#fk8^vSNaHIZ(#q<0L}QP*p-5N)G* z$m-p2*GKT{ye!mGy~1zZgoce)TFQ|61=T-I_T-{!EA%(CU@Q1OBe`2tJRE{C$bCXb za2Q+US@#O?n~k`L?l{24pC)L&`%h%VE+w(fE9BrPisO@h#vn(jcX+SF1>Em2&ER(M z{E|Z2;c}voqLH+kAzgEW1K{iM+Ii|KCjL9W<|v^OSG^$$M3$?0b1H6%N{?`uV;lwk>1oEziu8l(j$_hV}^crv=1>;N{NU` zX>xN|OOLO8*|ac_U*-e2{Jie3sql!e0a_>P(O=V#$j_1`y<(46LakSPY+M`onSM|P z@V?4+t}?{7yh{@!?DbxiG|j`lfoh_Ef<{oC%n2?=UVVR=9>M>L*BlfdG(Il+K4u{# z{M^!l2#bm2o4r=J02l3Kr)|aYhJM4&xL>Q!E`ue0e}U;MP@rx$s#h2k*Y1{)K>Rdc zIAAIGBz&nkY3y~8*?i4c{gJ7lZtI}|v-ARSjPly;WH~=ivg*l%ns5LDc4*J(Rah~b z`1TM}vl^yfn#s!*doZfEp$j;@)Uw4$G)xuu3RqQiM=hEza~pTYpEs`-d$Y_?b%L(R zAnzhicG3s}{&>a3=iTN8)}rau%qO;8%uJFt^b?TbkU<1WZ8Hflxas7&6^2~6&hbni zV2eaz7{KxOwNK98sA61|VIrgSKkT)2LSQ_f1H;Iyg@x?5_l^ zI1oK(pb_IUlKYgA4=j87Nb6~{up1BXUaV|8@Xc;#r;PG()#jE_shDW;xJnSHRK|X< z@S+|TJ>3hX(HOkXhz^=u_HA)XP1cB42xTQ5)kE?NrMHHR^qjcw7OCyg|3&|lKgla^ zMQ{|v5bZ0^8fB?>z3Z;~lpfSe-Ih3c>vRBHmZx^3*%*Jdq%;#bI}4rcQniQhZ*~}! zF6IZ6!OK!4qU5r|p?_#B{F0W;2v`-xXoKJ;L@zF~3y`TooF8E1WVeXCzGHQ-mwJF5Da=x_ zsl`YjhAm3+`cu$tmYoRun#hs&SlYh12=Bn69wX`W#3*^|j;%?LykMt!Mj24c|Ft5M zBxY(LHEUfcbb+0M0;&BADmKS?|A{PDa6_BtQO>92FEw@U#~~pWn?#NVZ!XTF-YB28 zrti~f2MZnAK+3s<{Enrh!kwBkIp6hL1svWJ`m?B%+rzGX{VwK722WuZPK@#W7mg+z zGviIFT!xR0ta8FRPSn=^oF+V=uA54nPOR}>xXP4PcihLPB&kO;*&9^p25}Edltz6y8=Lc^q9dW6hOn+hjqg9Dk@0?pd=GDHu2K@!n>Lu z7N3{31P)xD;x>7_giFxh=X{k+T`QciNRf=k)~Jo@omMZM2RAkITpOHc%jR~@vXn#- zka*caKSjxb!v8&>d3J^=6gYP3?1aB( z7o$ewW`obXbinJ@LDT7Z%l$Bz9vu_}-R?AJ#1-R9hOr~|wOf+3e@S}aVt;}|Bq$>cCrpEw|E*?d zjtFlHz^CQoM*yCD$rGzz_qQjg>b? zLRNAb)`24#NI)d^HS`JAA7NlS!%a8;YMvXse`P17>9&LLY~)vDv!_SLo22>M#wjye zXx%fXLZkbjQZ&z!DT?#*{~u%!51+l=n}1O)5N)pq0_RqouH{l(hsxE7l_v1Xt9efh zO4sNsuuI>LmI?B1*g9)y9sc?k^Ov=@`>@pm@q7_8?zhp^>(-?4<~hQb{-gR`YZTwL zCkdHW9*5~?y;|lAOnAO^mR&iv=_X_?C5=l-O{6R%tJn%L_yAD(cYWy#4qG||j$%i32i^GW zPxAj+^Gen(UE1?~r<-ud#;x0NjSGt14lB%5e7ctLfZ^-QAt~4%g80;6rlZo|;pIz)s`5cZgvyK?Uf_r$YsUP(Zp6bvXk9Spa(5a{aOa66^q@DV`hrF$j@s~;H4-* z_*hHVkzGa0OnN(pyZYMbPRR}VZ)VQjIOJ}iN5i>=M=Nsfu@GEsS?NMg6PnWo#V(b^ zRz4Zt?o-u&uq$tw^0n9&i=aC>>DCn^FI>wm2vNsYUi5lMjv!&O#nj0xwJ zyuXHq;oqY?k4{UI_lcLrMNu9@`nz`|;O&#Ns%_W4UC~95UnD7pZ$-i*Z9aZp{N?ANt%X%GXu4I|= z&H3{)RD$B6Ra959>x_hG)ssYz^;%v%0;3l~)xP2^#Am7>stPN}q)=-@=U&@~&jCFD zb%Ob){_WqBbbdmg3pjJytz_T)=xG} zt5d@R&K3h%%3yRlQ3ijGuM6AeH<-`YgcXRlXotL|AGcgSvvgNtqk4|^>iIOX`sM!` z53E?ujQ&xAx_VfoBgtGYndh}oSRu|!FNJzzU7>1PJ zDE(gZl&Z9TmfG(aEzdOnsZI2&XzJpMg9(p+=ND;m%=&*8&MmTJfQPZfBvEo>cPCFz zXsk+j&{974qR|)R0|C!)*5zl7R`14I8ZK?EI~ES6ae+Q_$~>~~Fn4vI6j9V0eu99l ziRcf8H5SOkx=PL;8g6)XD55%aFqW5BAv8_tJ&VdV%TfCr;cqfZv~C!C>FP$nO&_WT z(kJ!mf8*fxRPj^AYC-F1TZUlY0aD-X8HEk${^4^7a^ScA-*ehXzchG-F5O6~Gy56F zYQa*=0NI;O(~QwwbGL?)PHoPrUufb#=>Glcw`PkEPy92+KE*MYhBi&O-;{@p8Du?E z|DBW1qA&SErI**){Os0YJzdbt`n~y_bxdQU%K`Mb_nmxZ*zq!8NS?FlyMF!h#|;sKj`#Ru z@~Bvm@hOo;BHasVJ$y;aiLUWX{xfYiz@%ri?i%au3@&0(PH2(5k*mb*j|$Zy2G@d& zY*S{^zPrq;>H|a%DrBe}67pD(gI3l`1c1I+EOxrFW*|E-kb_aQU{A2X(ehSQ08@Lx z#j2^yR8HfPTq*zMk8gELYJ0HH z5Mv0i>p=0?K`KjK>Femjhm8p?e44KiK11yH&d~GCB)`s16cS-$a!(4)?tPItUudNZZC6oe1WDwn z>T(yO{k^)9qx9^Me77WbBQiL}<&(LFh!j^jJSrVsJ7(TV@g~$PU9VtjXEd~&e`3D8 zIKFZpVUwZ{{Gn=~xsm{DJ`65nSZ%3ca8jxk_nmV5&mq#9?x)-`GGzYHDlq}{pN$(s z*sq}JJL@R z?NcEJ&V;VLqk{lI^T9(jU%qh2z5#_nO1jwP@(n}JG8r7?6HXoJViOq6Hs}Pt%bo{euyY@v%Zzn0>OdnzP1^R{4);80nHJ zgoM1QL|K%xH9DKa?P(Znq|K-*%G4wkUb7j|6bt+U?1TynFf{V@~$NI z2-!D?`?J;3-DgmNbX%v|67?;H-jqo=W~6=dcvq&=&(B#5@p*^SygnY*1R_^?*U^{6rB&|F)Ylf zW_0xMvzt~Kug&$}pS}MSYis*^UZqfoH*UrAfmKOMa(>Z}ErGjqG=`v^JEO@GY538_ z6<3F}ei-g6A?tduUb>!3f+A}wK&QzHZZNsOy@83zo=wO-GlF8V0Q>+oG^5#IKVp!0 zA0fOyJSl92TNTb)iL%UwIE{j8q+~V72Vx&|(TRl)p;#j!jmQqgPTg1o-bLUm^zJb~ z^cW+tBbFEVKp5#iJ2scei42^c5+AXzm`{7O-w-hpEx<}13I>yhRglp- z>5d?0ThkC4Eg_c?bNki;HW+wSPTE??tc!Dn?2lzXt+jO}Ru94SZ-ac2ieIVmDJbJ3PI%{Ve5V?L z-&0LK)j)iPthU78qOtcKm3R3LG78^58JVS+A263oX&(Jf2{Lmgc~qEqT&;gb_nWMD zzYb!tTlP&_U?1JvU^JfUE2MNp+%c}i@vYYlqxullvEV14`FCgv+LU z_`f>JI~M|1f8%OW4PE9&A^Y0oV2ZBE?M7_Fy(9o@3hhNT0StEnH)T(vIz|!Su_DK&z#3R zy=z(E z*{OAMFcLv9xGTL~^lslzLmHAR^ZPK@XCcfo0G5VgoxKkWu1J`eM*b|-HU^Ha#hiqh z@QgAR@%fKhaE9X%4(Iql$>*0;F|mmiVmIW8_R_sXJ@$Q`uO|TTx;Z#C*3@s#g$}!S zR9^xNOnx|fm5Z(BVs8W%vy+ATM=ObbRVcaRnUDN>h+yer)HyB5&^q@MSe{yJ zQ<{w%p$Qr-Nk@V|pHrWJ67{X?&)5KD`<{R6$+9HUej{h5)Gka#Oa4{0S7u0G+9o1| zfD_our@y228z&HSN;E$A>DZ@H&6}OeTGIE9M9I0Kf@J2Cy)7gw zDLSH!`lhzFWaljG)q^w4kC#t9H25TP<-sSB8{XokES#GxSKOcIYkBL!^*nZ|YH=sM|K-B;Vm4J{ zae8rT@la#23%1y*>Iq!zW|#Bq8y9YBjn@+LO)=2i-h(Jj@~>#g#ea}{9D7&O^wHs! zK~Ji6?Dp&q6?6e)9E>xsd zwZX3onD@S_CLa5@z51(>8dmc4^$-3`Z97Qjxhgao*?mxgPW-XenC2q?BlOD36a??R zh+*N8gJ72TzK0}Tn-0`g2}amYcqkGn1aB(RH_c|f#Q94iwxzD?&+Q4N9#-#Ywo|a@ zZb7YwQH`kz)B6Sc_yK4|(+YBd-YbOi&Dz@1-wh|$Zpl!1&9w-z)*7|r= zfzs2>iY`^S)awbUMCwENuYN>Fb?6`t8ndglkA3bZj}WO_uW@SeCE>Vejj@kx&kdp2 zCy*a9Pl9+GDN{`t4l*u1)uFL>e?EikTf!q{Z&{!vU)y@fPTkMQ0ywyVaZGa*pXRpJ z>XFh67to|ZcLYzR)_%Y1*W;C=lcVX81W)>C7y?*1>%cGgSBqSxBKlZxEu`;|-dF}C z?xYHSJLA8?Sk0&lhGYc)Qn4VLn3qo)s|;`w)VE(SycY6J(E<%w77^?)H^7 zPI(P39;!-)ydNgrDifY;>c zq9fd6;oOg-p{sKA1C*;iXRS)lDkJVVJJQf4my@=2l88VA`0K_#aKcRtUUeoWTb3bq z$Zm59VcVDi>hncS2^rHvzqX&-qI=Ap;rryQNr822^+oU4n7NSdh}X8GGn2-B^?SEI zWWocVjOU+qYAmlz9h`wqX~h>m&e=}{9#py(Pg?CCeRxN?-dFJCuhO0=)`17pUqWhk z=P>Y%Un4+?@AeLG(i)Dfe<&#O`%Y?kZ)-d{L2LWXb_%!+Jq0D6p8p>Dc{Lr>Gd#%l z0ulT=D8S#(PJ49l`t{xt!!puItqihNMQAs^R?}|!5ZBpfL$X{p$0}=X6Kr9osl39L zLB$)EdEWy0N4f&kH|8YuVzcrXPx>(j{&%t&Zbj^qO$C{y=&j9`ljYkWfjwL{TiBeU zFv5SL$_vh87Z<4-`@YR)7**So!`e~i&Y9~ zHJq&b&KFQmjA18#5GN;iQ(Q&u6Q35>4fB$@ghYp$=UDH#C^T+s{1kprC3PQp9+O-t zQ1havrA^}Vu~s$TA9+1lbJ>N^6&37vc6xp9gsxp4mn&U{) z{}yQ#EMz|&IuU_Azq1EMD7Q~JloLZTl`q3=vW8slVA6f*S_U)n%vZ8pa^}IRzC5A` z(iuwciWHn+Skt>IQHZ;?Q~h|h5v{f9^(kv|jT#W}11%E(Fn(3L0gW#f?L}m0wAiU> z6Jw}dPbqoi2Is?N78506u#<{&-)94>TPdENdSCljs5TySr9YI}{pB>4dnv4HrP)hM zI94@b0JFeG#ooI5?C2q7fANrjsBM70H=cYqQEm`M^!{+Oc#wLaf^Jt*yisGAH7jGd z+Vu-vIklNpp&DKu4sp#fP zxAA566_n>Q_OpA^Tbe|f&wLv?{&Uj%0aro~b+d*5eM0a0Pk5-5v|plqK98(U8k-$y zqA921nO^X(tjjW8ugp7ls&T`J-^ix0t4x>h>`cy})_j`C0oNq0m+wt9g_3r2E}gG6 z?E4^YY!Ic~jN+hJUV;)T=8eV*M((d{lKD#9djYic{lkfm5Gsy$1J-+H&Q&($W>d^|x*k3nV5EsW%R{eEciBNy9-C&hEnvnL^9_uBL)QxZZ)s*jR_PN= zFX|{E!bdLy9t=n-5vtCLg<=n`bMV#fJZ8Gd97lit?lanO zC#bb!k;~UQJr)4I`cm8t!<|xbx4sNa)T;Wx?)hm^E zo|(G1oRF zTFem&e^QR-EnVpKY{I|0w2gR$6|c{dEw8<~*Y;n*PKEyigEL0p>Gk9+^!^Up;}>F3 z%E8g0hHF&Z_$;J{mUIVUq`CozYH~#pu{Zd1hlT@&Oy`u)x+I0S~3licM z9iv_-05Yyc$6IfbZpGJo&_7V-SPQjmC?*N_oktq+)=`DH{5&;Trq!vzYQf$p zn5wx!J?%}e1g%aTqWDE0ldJ}Z_x>)$B7yLx!6IIsfXC5`@Q#*g`7$}YHYhC<-R)oB z7Ox!A-qLll`5w8tVOR+ZvY`5a)9_p1*e$2l{m(}BgxHvAzaJ_C=jYSzs_u6u41OIG zu#9o$_GY@bQcc5U0;n|yc3i!z32Cn#6k~bx7o1nR0Rw+s0%T@NAsbiVroCn82P&&8 zz*H=L6Zcl^$_cgcG!A%~V_uFsM_Xz>Y)q4!?2I~^d`(OY=%I~dAL*qBVFTPClYY&2 zG3-&^Rz0KGzgaG?vj#S+}D+uiUtoqy6m$+4i~XYGvcQwl%QbBj;>rJ9op^uKQ>(^p?7->BP%9XDVVMO zT!H;bN*lR1^(Ltf(N1mx9@`G-a zC4&;?E#C0I96+}8GOZ}Xyd;`-ey;Afa3jq5=LvV6qG*75gWb!T)>?O$)2f&III^eT zJNX{$b7ZtX^-_2y@IGF0lM+0jG`~k(pW1sl{B{XzJqg=T#h4O#4ZxMP=fq{z!*q62W_Gil#%Ut2nqxGCrW-V{vLf@(|gRkrhdNssW5_daY1Fn(v&HRT$it+<= zla>9Ii?Of$)`EVBGBbI9f?)Ur1d6=O-8>I>^W9R@9;~Mb)9cP}c6nKOM{CcdWTMMf z_b4uf6GSj9Asw6t>y%rY8f-lgcu+^l_P1+ph}5a9pjIi1Psi8idOMx1%_E;5IM>Pk z{MPfMXf~sAg|o2o^rv#J;W3qB)re^5-}AnzRq3bva@KY!jprgC|J*Dubog_o*Qw{n z4mo;ljEo}Xv;}#*&Gu)eaDX+2YRdw>B#$sR8QQtSq)WEi1{okB(I-3if@(+O8eiF-H!;G^5DIL(@lsuF&M+o+baK=737>q9)> zjV9^|YbFJytWC%rQ?| za^@c$|B@@K6K!2C1UXKa=RukEWAe z8$rE~w*eF-nz*KdH}EvDnj9%5kIu zX54hJg%)u$0jox&w{NVVH+$mb;=K}d9z(jXuQO&SX-40<4j$`yd;Us-AkVNt+g{-w zZ9coe$7poZJgoliL>M~M&Ka%YFw%c!`~d;H1;$j{+I8dIX+8uVgs^gb=g8aWq z%Q!6CUMj7P@u}?=8R-A4RZ5eU*^Q=THgqj!t~G>(T(j_mH&&r~S6k$!SHSw$c)Zx< z3wQ?^!wh1BG0gOCHR%mPp0r(F(3{7p!G{E{#r*bbT^Gg4^`C;Q|Je(8xER344q7Tp zK%AHI3P1O^{Adr-7v%#9eq4GLbCPlB`#73sr3Y*eK72hXmzgqx3h`}T2Pj}V;Ta12 zFKmkyfvt~KX1Pj}07eeQT{RtqK3fqyHjk7dAxwjFB$twvvNiY>7IDt0MLgTy7P2oU zJ(6oCY7A@|CSCiYz`#;{2k+(W<;lWS;^2{4x)N1(U@fJ%=2AN(dro0XBgxvr@fcYnam29J!f`XMAs`)ZYTg^uKmdx&#d`7h7;`ht5tOWHXm+Fj>g)7u2@h1e6T>+$9Et7tK5t3 zUNST&6*VE{1f7{#Xn4$6=6-yVw#K;IdHmq3E>~`Dxu^H_Aa;?9^{r*m=_4zo_`|G6 z;&P`uHav>t4WIAYAGwNAg!{amt{?x5wH}Do@OOcRvFCS1e^9We-z)vK=APi&6K6q;{f{5 zNSIt_2NzG)^bTCB^&X4Ue&)FVooJfN*RLxUXORRhMfEUq_Q1V0vudN3LKzC50#c{S zr|N1W{TKbDrt4}M8-%D}WgoRe`6EiObQ8BLJNtvwrYK`~edVMK+S;t>y#dfd_dDezcQ&hxRq51_I+@8$BICg8IfXFm#r1;{!i>7l^~Ua?+dOQTBL&- zkVdocT?bYQe$yj%@s_qK`ZTB9*^lW3bM@Q|D0Irf|JQ$?uXfbS#H~tTbx#@X(8>Nd z74Gzlc&>ZZ>NNio;Rf(XRLfM^`6mLQQ{w}kay}4;EJgE>+4KDdME0z6V_mW6PFfhx zMihAL9$v3k8Xs$P_8J1{{Ix?!ltgsa;v;qTk}X%&oZv_&8sExd{pYYjxt=uh1kcB` zxj(wGEl%TGgLlKDwh!diL#x&koh{m|Cc=Dry&r|dp7>njk+Y+(6%P!L@{Bp_c8Z(O zuTvg>knZ6z;2-lpG>%VTU)<6qK^I((1*sTi*K5wx%DOx-e>*3!yRND6F#-;DvX|pd zct}4&c(LsBa#4`XL%9O$-=yB~Z1NNe3!b#FIK?8Scn- zw~gTMUysWnkQDzcAjr!9mulwnpl5O?K=4@M=r~k=()xgzL;WQ1a6Wc?UMB|6#@7=s zUW#j1zbVfJtjiv^l zZ9X{bmbTx))5X1vQ@2wpCMq3%Ra{Q94B!77ECo4|1^qIQVBiLpCw!3UMZb+Qp!S{y z@Z!QkNLPQ3XjX{-HKrphHq7rgZ>CJ8f&*+lqf)UJ2wxZuSXlTrmD0|9x1 zrMpn=o&0|*VBi@i?u3ResXMd?`ka!2n?}o&&oP|D9)(u7odVv}e$)Qn`L2uCg^{Z} zZ9m|0?>c-ctB*JSOP`eaA8ID}=7p~9G83nL%r`0gAH$TYi9Xl$;G6qA*mS1wb!NHK z&)(B5V9QO}>258=Vc&n3_f7i}&xafbsS(IrN~sd25Vl^JkkYbp(JR0VS6W-w=9rh7 zavNYC))|`*Z(Jz!W}ow`wq>bnGr($XkL7^VvRhKGj3p zwX|ma{nmh~O|_J+6d-V9)D~lo4{IyjuD;kW34mB*>9l{xMo4cCY@8HL1ue?zN$IHU z!Pli~$)@pH^HumYrCdGLAk7rS|9noSaGuEajMDNc^&u;qO3HLB+odDP>hE)SpCiYe zMT5wu#~}FRHiY@iId#OD|KWB$wtHNn$^pXlm>x|;s|F9_rOQ_Ln6FH!fqNA*Dut)$ z!Oe%LUW_+~rU`71TG&T}hauIscY&E7%amQKn)@w6#|-SauZfo&1&EnAdxI043m+P214o{ES2^?D1N<12&+# zn_GGjwX;;yvl3t!w0D$8XB_zA=J_eW+U)k2uff{Uk}UDnyMJ|pL9|TZ)qfY3@ta0U z-gBp&ABZ*QU=a7Ox0~s9@fuEO`H;kDjZ-OZ*&zjwH#a7Ubj0g{J)*dRtEPpLo$teO zU#wsx_0#$j#`RsyYClV^u$EEZdA~^5*?#{&Kbf}V<#5e!D2q-o;|s)Uo;uY&gctGn zUxKeczx|S}k&GFGx(HikXarjH|F6CG3~M57--i(kEGk$)RGJ;>AkraVWfcLXDqUDb zKx%-{l8C4%5h5Z*x*{MTAT>ZFK`BvbBE1F(5LyyK3n790M|bzx$9;B@-gIw*QN5MM2S%n(aH$sL!*5DM6|ZpWBpr8A=9h=8Mb4_wt=V1 z=61>WA;dG+(ymvDu&yansmy?Hbv3l)<9_tSk2a=7X5 zUH7KYd%@C$DLI&L_11z%`v(0yLbKkN&ydiafie1!+GNy zKg{Hxhx&)fIdFjEHQzsN|K06=H{k!wMesdN&O5&d=|}&LME}|T?_ch4q=NqOQ2)5g zE*@@2IA^l4CWhZI3Uvf)x<5EYP3x`!rfxH7XUg z`df3&as;|A9;rPN$zPjTw0Fa;;3BzgRZHZz*EptGcT^4_^}6b4TIXjG0*#V zc=|{6^X(YHJp4O2-c*I&{PeGX`TL1=IKF87Z=UAgwn$#q;dsj_7Jqd28bki^rwuxk zpG@I@84UXd{A8}!H{jn)^LHy^d%%Br(~pk$yUb%l&`;zp8-myn^mq1WlkiV$f~|tq zrlk#R6|}a9Wy{c?&=MPh*bwwzCi4GP9031()Yir6k%PD)?m2in{PT^nMd+?FPr`X> zkYO??FeT5<;=e|=gv^c?FY5U)L+3wmrPV zF?dHFPd|iS6bplZ2EL4*O4DtxD^pldaQOVnkNKkZO4MD`^E6J~2>3p10Hd1BH*Vid zsNYkIFx2X(6-@{@^o7Jo_yA8k&x=%3%%}?s6_XwyBsV~`Bh=!v&GH83{Vl3rFVVDD z$tz{|)YdnuvTvh`g23NX9i|+{+CJ58D7U{>eLq7L?{|<_RO=eEw=@v`ZgF~d*4^$l zvN%1Sl9eN}j}IiD8TEmDMmO!KsfCriK-H?1rEKt7iW-8E@*(~GRNbwm=L51Koh=`VZII!rsS zpFfaK1YwI=I0dXS>UbZiF45m7@5Jm{T0|H^dIG0Y1|B}(=V*vtJ&(+uDu&Cub(K28 zFX_p+NZlBjnRIE+yM^lOGxA%=$SrW{&GVb8HXMdCKhf-$-o7A3?0YCya`=1=YlcAS zn@is>r(BDv#xaim>eq}=SkF7rsyb~_Ctc(&Z{S$)DWQgRCL?3bW#!D!lTrGf3q2+1 zJZ4?Ekmt&BI9jx`eS=z=5B9uGtDTj(IV}(?Y+-yK7t=uwH%xJPShqE{!ompEyF45( zr9Va+frZD%Px=jg(nWNj8)Ne`!tM~s0a+a#QxL5T=AG#-TiTNpTGCh#Wa%nBJ&>t| zZ%rB_QP1)o`HA@W?xB~DrE=QstFvP*cZFY0)| zf|mV-L9i1|%2vmH_4jJ1muyeoB^9g9uhiZ?8j51T#=9PMEzz4)qdqta%2`KDW@qnJ ztdNb7Nfb2HEPmBrV7*cnH0sP;tV9kQ%|+Y0f^YV@nI={n`jfS|kTnxU+iNGvM?I4n zE#9^wxNH;Z%u;M7As@DsTjovodV_zbwI~X*xHk+OPzWEiniY}R*GeG;^43(y*uI(! zYpz`yDY-rsVV^5*n1X0oD4}Yvbkh)YFryQkB{PS_u6T{u-NZ$1^nufI@VJLV)x&Za zTDUJ7tU+9G8rUdtw&U63*^fB=WO-%LI7LO#YfPPy)UJ3#R2>n$2rS7V2HL5;GD-=f z(6Pj1zau3InErrLR9^a{*%eX`{J7Rs-CiSW0pr&Fq89Ty(upcLs;{&U2cLPc?a?O! zuD1LE!gDd`OhdeHQKOHO3|*0H3Z!q!39cWMlIT;Ht%QIbFG-PALb){}tOURdb-A9$ zD~b9O*0~ocldmgw)@oS7rm>7w6+~EwqtJeW3I)b*d@KUlX=`;2_Up1G{eUCbD z&VTf52V3F?ozI*xLFwGTSvzC;CYB&f=Pm^-~4YoGb~jhH!V6BRK12x-dHf4gw=fuUwd2y5o`Hp zK3{(uM6%8N(w|jCbQmsEPzZ2#-I*+@U8;?-HF%#de7Ro6MupNPV(B|Awaw8mCGqYJ zR0wRl6C5PVwNkNPO*NK=6jpfCPZr+K#NjbQYDb=jAOTjA$yOEBJBT}jGg6gqq>Vq_ zTw7X)h&>dljD-3hyWi>j6^e9CkmA~+mnN4-SI0srgszmHt}(NB;F|{FkxosD5^*#J zALvmlu?eqm#G=C2U0Y8;DwGdhx%yRD%)M{d6l(f-M^trib!&jZt3cK~qW>H>xfwI( z%rg>xT*O8*4a;g5P~5`X0}Is6;!1vgPCLo%fM)+c87747U&l8x8f6WXyoh5obm z)KY16*-BTEPCtpNLtf}m91bGXs=}6UPxrx9>oTzS%M~*PIvcLnD`Y|E%ZstH_gCuL zkj|FIy!B&ODw?|I!VAFo7k+aqCADaI=;xY4R!ceoG`u0)MS~_1K@^1_S<&)#(}m`y zr*q#Kb5siKc~|>AjDdh`#MCaEf)+C;T@s8IO0M`ECIsed3bh{7ztx*$`Lfi8 zf-!Xk$)oHV4^|4VT9yZ0+xgKs;Q;hnisaPj41SniG;GH-5Y7uueR>bP!d4?8#4F_} zN_Yp;>{>03uLEv&kEL#bVa^k%tkq6i+~~ZGR)zQV>_c5@;}$Ryb0w;|R3M?S_HkBJ zk1x^pv)VQ__06lZanX1E==jhn6+yTz^3~h1Gl(%@*$ry_>S3Jy+@cnh8K!GrTTRMw zl(kkxagVt57HL=V@%d;fEsARHSKAb~@!etFZIojCmURidqrtrs1z-21gjgKls(G+I z_refX=v;c?S9?f?Z=Twn*o|gtCMGsyjH;8ri=GWW54L_NYP z(sO#e7x+e|OhRm}<}`}j<^*fK^Ithy+jPsjH{{+2j{<8^;0%)<;a?qaaLZ+kKjl)_ z!U>b>36E|d5ZM9gE=0&8y^XADZp5^w1%DJcs7LV2=8eM*^SU&eGQDoergITIvL(Bt zJYQs$`|*MAV`i_IM)&N=RIVHq5Ui)+NsR6}K_izbE_L9F{ma|EMAaTY4~Y=LEmm@c z>6dGjp89(V>YsACg9e++QBLxx$&Z$`agGo+%QkFhjp2LDUgmmCM!>tBnc8Tpc!ZLbh_c7 z%aLcE&fQGkaZMX3EMFhZi?=LNz%XVNtu5xqo2b1t1iiM9R zI#63}G5h9>Kgx#+)mPhAmb=+n3CSr7#2&BYvbL5(1(T<4>9?v zill~92CPg?_BG@}Vm0M6xm$dL_z)KYsratt3XKQ9%oR0nsB%TqN&>ljNg5_5@(oiT zO}V$P3nL)Ac5u9lYC6!@=|Qz`Sye$bH4N4SD z@7Jg0l``fo5@X@Xn$S}2qET0IjAlX)Uy8oW16-__QIPw)_KK3B4~>)HB;H?zvW?^9 zS@ooQ8WCUPHQcbaSW0=19Wf%W)+om)x|)Jrwi+>OOaS5c1sZipvxKxWK*<5Oot!H* zGR;wKf}KVl#mveHzm`BMOul5KF}UJu*IOUmpyKO#Exu(rVIhKUm7%fuR(hsK(C*y{ zmX~9T#yqU@dQdl8iJqgM+h4}tfMI=)_O=rD8wpKOB}_U2uXeH?O-Xast+Qp#SW>$e z`wMR1lDpomjA5+`X3N{|`Z>qv$PwHk$~hhLW@9(Lh;7w+X0biChb7y-ijtdd0^S(^ zGXWMv0xHl_(~)9Yo<+5jW&FZYVrsv}oVna+o>$XVX1(t%Gj6P2#d1q*Xw-RLF&p8h zXMU~RCukhlDZnT9=v_pg*;2T6p24YXcU|6NF-T#r&km!r>C~DtdY>T+Gl4fuPoa%E zV#*2I$1aAdjmNS^t41JBrG@7AzpGrKU4e zd<&yMI1H%jx*ea1C##$+IRKlDd zZ^6*$_@JC+o2*6`bP@{oY%yGBD_@Mome@rf9~<*tuUZx+62wHtA-w)I}RPgN`(B(z`mtzbqoO`3w(K!JEA-w_vpa2N|2WT zcEb4BSsce;o8^Wo5}MB&-6OX+Ew`wjqFF$SQ;^_~=|v`M!C$;S-C0VIwe>2?IceiR z_GqtmDdv`Ag;Q_S*Rf%6&#PZ{N?a`=Rz<#ScS0u#ETv)cO0O=waIi+b(ej%=n@@Ij zp1lU>e9tC&UGKq9Ky++xX*@S7OPoSXjW1X1RrbD>sNTDS_&LuM7Hmb&)5g8K*6Kih zoYnG7@_ZhBe$Lmp6PYbzVMzQO9g2jIy2%IZYU-J5fA~<&mau8L}lHeyf!JI_}(w*3!9(7#q0^qw?He%`s`Glx>}w~=sV-$ zJRB&eEd)gARA2#eAhLg6dZrF3BEkp6(dDFR%dFFO<}zOSw%7sJ1G%m*Pt6|18;YuZ z>GDi;z4bU^!^f`*naxUP^Nx3Vjs$As{R+CQ;x$;uO{X*hX1%X>Qr}_9#)w5h-5>0; z`8uF`WO8#!8Lnj>1-%O>jkmGdHbLsBk=%tF+b~txN zb2KNq-_j6=mwV*g9m-N9ehu0lxiLUSCby+0pt9dni%z`}pOzEJ;*B@1ZCvK(Y>>ID zcQ|x$whPE~IJIg)W3oBMN~_B+jxqV;8iK9XYqW0SmH}SH4&B&V{Gx*YV?6NVj=Xpm&RJ{&8;1k-D zpFU$}>YQW&616Touqdp#OV=w6tmn2>}m_D_wJ?UOeLcKq8LaN$TK9=G98ScNQQEPM~e=N8`LK5Gd5y$ zIBGO%bSX<43J^=Dy999<&E42vJHU)%V{bsK!IW7*t<^+Lsk82rM4M9x0qYiJ<|p&Q}E4LXiid7(n7B0a;m}_#$Q_CGx)s%-5cwc<|r7m zH`*-J5mU6rlXt$;TKw92wC6dS4fbjr%fpw6mWxnZ=G{i@@T}QbZD$R~o>z}*J=La{ zY1n`q*TB`McUBv+^zW1cVuSCn~^;1L4pUq9NW7d2Yd>I zofqtP1linnj$q0m`*@1EkLf4HWiPg8rgl7TTc-I=4dlgWc-71-0a05RtrNOG(74J4 z&a*NaxlwPVs=Ez0MV3neSByQH{1W04bI<+QuI@mjw{oY=W4&`bJ3Y5Nvi? zkBT!?7C2ZXys6bFyRTT~%ijOu zNA!RQV3dLW2Pm7=1Y0e z+rHp+Jm29s`3rTogs@+hpEh`EYN-0b9`I<`13HEHD^H=Q8udC)E=X|BxQc9W81;3a zoO1a#MxaVcBmvKeO|}r#6OA+OF$o$YvMOWEGJN}ldbC(-5@lVn9CoX{^|aWOGuEVs z{P&W2$N{jm>xF+1d0AA|6CtO*2@Zy&@u0IaB0gtodv2DS`L#T8NK_8rm~xJqU!2s| zMcPN#JK(C@S9y+gLctiK1=gDFnLz$OktuedGWjvK-@AIHF54tuG zt;+l)WHTXZTr6_BE9F6MFQTJcO(#A_eSe7Vpk4Nf=b?6EgZ{_Nex6z>7QDRSZ6(fp z%$&D#)VBb-Pp!dQE;s{it!VxtLGyZ7Kd;a{!+k%J)UM93PdIZ|>ldEI4yDk3ua98) zaADP?lbFC(t5YY^=Z7bBV|^JBW7#k@j<_>#wDxts;C9H+xoM~ia`etNP*tA{2)KyC zK`}1y0(YnEO}Ex{ug1f5Ox<~XrGXB_)n}ZJ&9=V^2!;+6*bf0&y0D`L$?{~w@-|WH zK(KRpQjUC+o=gP}xvxJBEd1xv)oTj6)FVI^^6AWlJ5{NIaSA^6Cv7qNT|g_EUM?fE zEdeV5(;yGkfvY9z*+yH3`i}X%jR4Z>1+*_MFBd3{VGruJOc~`O)}e*$c5K~N9$9z5 zCM6wM$R<@kb;1bDM5&kyn9j}CEmuUIlNzX(;E%IhwW;iQ+H;f-C=Gx_w-TG2HQe6@ zb;q8DQ-a2cN#OX%-Q;jNiR+a?OM zs=l9-eshl_Sd`le3p;Gutg$N;3E!u-!!I}esIzXwukW#u3a+#F;5Qobq^|{0le7V#B8^Yo7MoovunT(BYUdbfkR# z_E-6bKu;?dwYuQsPcb-k$Lryrhcy2&CX-|Uut&8NrPjZ&%0Z6tqidSU4*`Gxu&mA1 zV7|tu>xulo=emL3cgPQiSaY&WQh^KD3_7W|{tMu|Gw}Bg-G4vd<=}70h@~&m|Ce=n z0=T|k$vSNPj?QLaWgD}>GetixakSP1AK(}lIWQxzQx!IONm#?b0#6>Z(9=`EPk^_t zC}%!e->Jv70oz_JI@t>4zf}p-GDy-A0}8PbX@EpZua9LcIIB(jGV5DC58WSMR?oAl z+!Gp+^bi^vaei)83YwJBOkA1d6RVMf(QHzhDSpF1UAZ1n z9=IBEbjP^a;OW-%C65)y0^(pnS@P*St_~lcTrIUT&_oSKz7|n<=?b>RzOg_{V7j0O zoF8=5uom&GGV@j|bjL1trl${(d3)LK-+By*6nnQAgng6WU$Z`D16D->{4rqrmfWgf zK)i;Vx*RemCTM`28{$q#)P?6E5si)C(+M%0f!~Tn%~*!THb609BD8>P&JcDodqA+J z!ITA~cZd;2Ccp{~lQma?fN)!G)*~R{Tthxd(Oz*gWsWSwrsetmW*bY?T;JSqdrKVP z=sJoB4>@HQz{6~eSC$a9tdPHHn9}2Rflm&00JfSB|J60Hxemx>0yW`s(jskMw>5pt z&vD^FoT9_Ulhzf&L^QWWIwK_K4J4i?z$KW_Sn1<=-m`7b zLAF#rv0Ow>)_n?4vEP%Mn_HRe*h_}is>x|rzLQ~^$B&eYi$(y=2DK6Vmv2v0_oe&K zI-(bGqZ;I)Ko^&5dZRWCU_xEEjWCq)h2hDEa-@Z?XM|OqhB}+8^6`qS&wbR7{CV|h z^v~^}{#HlZ>5I7mhUa-FfvRgp=fTP%q7Y%eybcJMK|oz*viLz?j4DcYpn!IHTFd+7 zp5}!9i8!*dRe3-OH!ryduG*wz^H8tR+`j9}3kA1^*H@`CPp_&%%pjS*Js4+FhKU5# zo7v8Xjm{QG4p&Nn*#s%umd98~cBV@rq6l;Wfjb4Tl*SJ&Wf)hJFs|HmTzYC#ZG``FBYu25;+V~O1e9cvI~A%G$|JbK4c z6sYzb2cehqiz!ys_w#%qXjeiW=@-iB;D2A?W=MWZ zum}8iwt?PN=wQekZZvI)>k)2FRzA9?A=&2M?6(L@o7LD`yU3flM;rWvilRV;rZ$|5uL8m*^Eu-0llQJ~XByyo5W zR=0dP5sW{Bd}wc(vMJTF)We3h+q-~Rsgy9B-Ztq+FFfZO2xbuQxfUW^MmMnSLa4ea zx!l{m=F48=U9k$VOHgJz67w9S8>_6#tF$_A3lr<52|pgy6ZFX*rwvCT1)?`(zT$9j z8Zr9_2pY`murknQo+9kJsup*2@S6gnAd|fUiRT7E+_(G7#ha3`JHEwNj|g>(lRPfU zuHnXxLc`IHF}U$7K9%Yy=Ad3nr-NYOh(dM=kL}<)@AVP#HY~}*i zL-uEt@$)2t=r_wKZO_3XhL4;k0!D|hK{}YGr*v?b1CY2F_m0@UCe8mxu*_QlPsb3= zB7~1{iW?+70@VMbp2%u~P_uS-j;V;6r=)TaMru!E!nd9rlsVB?b7``~r8eV*Qo9JG zWJNTd)7Sr-L%a4?2JHhno3XK?&$IbK@{R#DKyL}NZNdQ8_9`$g zL2{?B(pcjqVtUJy9v+%^!zEJ4+^q_M)aeQTh{NmBTB((H_EeFynEOWnO|DXxkEg%A zI!d$kmvz>CJWdVE2k6xu`d0aT`rshYS2Ira?-#l1ypqs6?yHiQ;WBnbT^WuC5B|D( zOXYlqQe)hStp3tIS=yI^sFo+$vr5WJ=fKWtiKyu8`Sgg|%Khcpb`S@k@^5cWxZiXN z(^7I6ts&#(CyxZ=xV30hXCmc=!sbnKC#@y#KIs?f9o@7}XZn&0NG;S!-)+jl!a)oo zYIQGA8>->MQiCp~oG38Yvnug*;CZ2h`<5qtfOl@}&G|)L*h*#g=F-e;G&zS6z1TjW zzIZ;nkk)IOqtU>xAZ1$1_%tPlaW3(# zx2E*u)MQU-?m)3phwFgo?z#wBvQI~`L}as6cnWKbr0TzHRYTHGw}vnq+LtPXfC|k4 zJG$p+r!0P;pC){{!E`?|Syg1~Si{5Uda*FTeTzk4K=83ThhI67i;Y$Jq8uW(KHvH6 zTZ{DjRKepP;O-eSwsX--t5VH1%x=Yi$}tyI&-~bDZw4~4j6hFcF&5V^BX|;U8J8`2 z3IMmt?j=MBvkJRntAoCmE-u=lnSF&0?gd)rYQo0a*{uqKa!UBVj(VOu`i-cjsgn+8 z&p5Xv0N8>Gd1x)%k*4q1qyk7Lpr1&hYU#F#X$jwQzYSc@Jyq8nvSU4RJUAZ-^yYOE zubGb|Dcjr%gMS{vn$Rg+`C5WN;%=%H3giY@Q?{&LjbsLEWlqR5cOih;3||cyE{mVE z%ymYqNufBBwZYEQ8bO*~_um6FTB1>yp0323!C~iCso~x+@5`uQv^@I&b#;ZKxe24n zAN6A^@>RR~-}y5zXLJeF8wd@Nr)MGq`9x((4U@Z8Mb$<6Lbf|LDech>7qZ4nFk>OY z=reYOT&)`S)+1Cnf-N~sk8p1@3$8PXCSxnWjSI%J2Z4jj@l91k5>zK?+LUxw)b|i@D8tD!6bMc}yj^@v; z7=rX&+%Fugb;>fObonwEvku-XjgoiEPuTM+#vtdy1&7nZEkCQ!4gNi3`qRCD7)D2I zvkAxa;lx%lwkm;=|7fdzqr?*xX;9CTGYpRGmZgGnfrje`m5|a z4!t6HUwai>ugjj@FZ~PD8fhJ&Q$}dQgu+qlqJyTV`^qVHExY{QC+;gCn$=?5GA6v{ zUivE<%X{f-$}{XNOFrE88E)&|t7d;ylU8%sI=Qnq-1yjIIWnVOkw_q7{WbP9Jl_YD z8jm683LNk+KEC)Q>~`D9X@b-iA^u<2{O@-@^%B5c+p0U?AAOSZb<`8+F>A9&L64S4 zNV#Hy&@$w*mNYlA!SxD-1r!FN`9csobw1+p^)oJElKu|3Hi-J%Xf#sSmGrQy)CGRK zyCAtK)LYURKC__bo22iP(%hsmfsxA@kAeKp6XZwKDHLU@2Q>7yq)+CrZFd6PS zIR2<~<~P#Eq3`W1^sncr3|c2paug5L%-p!Xuzp-x{zwT&Ws852%qB_81Lg_!(Hj|3 zZ5`fOYVq-MDAT4X1935kObJEAlINf=#E!2NRb0A9CN$Kn^K4eG8=t|H_eb}EmDk+N zm2Qa5h4vld0t~Rr0KzGkV4PYYd7p#Q`K>JK$(J^H{ygd7PTJIov7;Wgn*iT-5e478 zR4F%?@a*4j%%8UGk^imPBPVr^E4`}5(}Ce*?UQxibrphYiEpH>peS9tfvBUga zvUYtDru_8vRR|V0bNviufBZYVi@f&wfGoReMQUZiQ~+$dKHLVxkKK-M3yR+jwfkk= zyQHFk%tfUD`1?}K|Itrtec8K-Qz^u5dkm0%g7WXx_Vqq#TfPfu2(Lt%D=4k!(l&5z zlsUkm`eisz*Y3{dF)A7I4wB%?iISMHNqd#BEhgdJ2<8tFSoAm z1b~YM2k+RyA%hv#0NI9hs ztVX`(SpK^8TTbh6cpP|Uy{;t=afaK{8V2_P2ruY9feLswkp?=Zdt)%;1aHJ@5R%+J-LcpFN#H7|-p2 zLZ$4EJR7if{&lx?1CtJbGiI67w(VS$O2Mhl+$mz#|A7Ly`}l%=rc~-Qat4su1n~%* zHgnpMM%X{Lt|wJ~*Q?9d2E|~DwuF&S##c-M$p?I2)nk(IOnq(J59>$2J34S6NzGbF zAy8n8NQK`%K6x#wn7yi@lMN diff --git a/ee/dtr/user/audit-repository-events.md b/ee/dtr/user/audit-repository-events.md index 7d10d1bc9b..b664b48eff 100644 --- a/ee/dtr/user/audit-repository-events.md +++ b/ee/dtr/user/audit-repository-events.md @@ -13,9 +13,9 @@ In the following section, we will show you how to view and audit the list of eve ## View List of Events As of DTR 2.3, admins were able to view a list of DTR events [using the API](/datacenter/dtr/2.3/reference/api/#!/events/GetEvents). DTR 2.6 enhances that feature by showing a permission-based events list for each repository page on the web interface. To view the list of events within a repository, do the following: -1. Navigate to `https://` and log in with your UCP credentials. +1. Navigate to `https://` and log in with your DTR credentials. -2. Select **Repositories** on the left navigation pane, and then click on the name of the repository that you want to view. Note that you will have to click on the repository name following the `/` after the specific namespace for your repository. +2. Select **Repositories** from the left navigation pane, and then click on the name of the repository that you want to view. Note that you will have to click on the repository name following the `/` after the specific namespace for your repository. 3. Select the **Activity** tab. You should see a paginated list of the latest events based on your repository permission level. By default, **Activity** shows the latest `10` events and excludes pull events, which are only visible to repository and DTR admins. * If you're a repository or a DTR admin, uncheck "Exclude pull" to view pull events. This should give you a better understanding of who is consuming your images. diff --git a/ee/dtr/user/create-and-manage-webhooks.md b/ee/dtr/user/create-and-manage-webhooks.md deleted file mode 100644 index 71ff486509..0000000000 --- a/ee/dtr/user/create-and-manage-webhooks.md +++ /dev/null @@ -1,50 +0,0 @@ ---- -title: Manage webhooks -description: Learn how to create, configure, and test webhooks in Docker Trusted Registry. -keywords: registry, webhooks -redirect_from: - - /datacenter/dtr/2.5/guides/user/create-and-manage-webhooks/ ---- - -DTR has webhooks so that you can run custom logic when an event happens. This -lets you build complex CI and CD pipelines with your Docker images. - -## Create a webhook - -To create a webhook, navigate to the **repository details** page, choose -the **Webhooks** tab, and click **New Webhook**. - -![](../images/manage-webhooks-1.png){: .with-border} - -Select the event that will trigger the webhook, and set the URL to send -information about the event. Once everything is set up, click **Test** for -DTR to send a JSON payload to the URL you set up, so that you can validate -that the integration is working. You'll get an event that looks like this: - -```json -{ - "contents": { - "architecture": "amd64", - "author": "", - "digest": "sha256:b5bb9d8014a0f9b1d61e21e796d78dccdf1352f23cd32812f4850b878ae4944c", - "imageName": "example.com/foo/bar:latest", - "namespace": "foo", - "os": "linux", - "pushedAt": "2015-01-02T15:04:05Z", - "repository": "bar", - "tag": "latest" - }, - "createdAt": "2017-06-20T01:29:53.046620425Z", - "location": "/repositories/foo/bar/tags/latest", - "type": "TAG_PUSH" -} -``` - -Once you save, your webhook is active and starts sending notifications when -the event is triggered. - -![](../images/manage-webhooks-2.png){: .with-border} - -## Where to go next - -* [Create promotion policies](promotion-policies/index.md) diff --git a/ee/ucp/admin/configure/enable-saml-authentication.md b/ee/ucp/admin/configure/enable-saml-authentication.md index 905e03d551..314fd5acbc 100644 --- a/ee/ucp/admin/configure/enable-saml-authentication.md +++ b/ee/ucp/admin/configure/enable-saml-authentication.md @@ -36,17 +36,41 @@ Name: `is-admin`, Filter: (user defined) for identifying if the user is an admin ### ADFS integration values -ADFS integration requires these values: +ADFS integration requires the following steps: -- Service provider metadata URI. This value is the URL for UCP, qualified with `/enzi/v0/saml/metadata`. For example, `https://111.111.111.111/enzi/v0/saml/metadata`. -- Attribute Store: Active Directory. - - Add LDAP Attribute = Email Address; Outgoing Claim Type: Email Address - - Add LDAP Attribute = Display-Name; Outgoing Claim Type: Common Name -- Claim using Custom Rule. For example, `c:[Type == "http://schemas.xmlsoap.org/claims/CommonName"] - => issue(Type = "fullname", Issuer = c.Issuer, OriginalIssuer = c.OriginalIssuer, Value = c.Value, ValueType = c.ValueType);` -- Outgoing claim type: Name ID -- Outgoing name ID format: Transient Identifier -- Pass through all claim values +1. Add a relying party trust. For example: https://docs.microsoft.com/en-us/windows-server/identity/ad-fs/operations/create-a-relying-party-trust) + +2. Obtain the service provider metadata URI. This value is the URL for UCP, qualified with `/enzi/v0/saml/metadata`. For example, `https://111.111.111.111/enzi/v0/saml/metadata`. + +3. Add claim rules: + + * Convert values from AD to SAML + - Display-name : Common Name + - E-Mail-Addresses : E-Mail Address + - SAM-Account-Name : Name ID + * Create full name for UCP (custom rule): + ``` + c:[Type == "http://schemas.xmlsoap.org/claims/CommonName"] + => issue(Type = "fullname", Issuer = c.Issuer, OriginalIssuer = c.OriginalIssuer, Value = c.Value, + ValueType = c.ValueType); + ``` + * Transform account name to Name ID: + - Incoming type: Name ID + - Incoming format: Unspecified + - Outgoing claim type: Name ID + - Outgoing format: Transient ID + * Pass admin value to allow admin access based on AD group (send group membership as claim): + - Users group : Your admin group + - Outgoing claim type: is-admin + - Outgoing claim value: 1 + * Configure group membership (for more complex organizations with multiple groups to manage access) + - Send LDAP attributes as claims + - Attribute store: Active Directory + - Add two rows with the following information: + - LDAP attribute = email address; outgoing claim type: email address + - LDAP attribute = Display-Name; outgoing claim type: common name + - Mapping: + - Token-Groups - Unqualified Names : member-of ## Configure the SAML integration diff --git a/ee/ucp/interlock/deploy/index.md b/ee/ucp/interlock/deploy/index.md index dc70724dd1..33acd7aec3 100644 --- a/ee/ucp/interlock/deploy/index.md +++ b/ee/ucp/interlock/deploy/index.md @@ -8,14 +8,6 @@ redirect_from: This topic covers deploying a layer 7 routing solution into a Docker Swarm to route traffic to Swarm services. Layer 7 routing is also referred to as an HTTP routing mesh. -- [Prerequisites](#prerequisites) -- [Enable layer 7 routing via UCP](#enable-layer-7-routing-via-ucp) -- [Enable layer 7 routing manually](#enable-layer-7-routing-manually) - - [Work with the core service configuration file](#work-with-the-core-service-configuration-file) - - [Create a dedicated network for Interlock and extensions](#create-a-dedicated-network-for-interlock-and-extensions) - - [Create the Interlock service](#create-the-interlock-service) -- [Next steps](#next-steps) - ## Prerequisites - [Docker](https://www.docker.com) version 17.06 or later @@ -49,8 +41,7 @@ and attaches it to the `ucp-interlock` network. This allows both services to communicate. 4. The `ucp-interlock-extension` generates a configuration to be used by the proxy service. By default the proxy service is NGINX, so this service -generates a standard NGINX configuration. -( Is this valid here????) UCP creates the `com.docker.ucp.interlock.conf-1` configuration file and uses it to configure all +generates a standard NGINX configuration. UCP creates the `com.docker.ucp.interlock.conf-1` configuration file and uses it to configure all the internal components of this service. 5. The `ucp-interlock` service takes the proxy configuration and uses it to start the `ucp-interlock-proxy` service. From 0cfcf4149425db13e4f3b6587168a8e46440c537 Mon Sep 17 00:00:00 2001 From: Ally Smith Date: Fri, 31 May 2019 10:56:04 +0100 Subject: [PATCH 02/35] refactor Jenkinsfile - use DTR images for all but `docker.github.io:published` - use environment variables instead of credentials - build and push all images inside VPN container - combine build + image and update swarm stages - remove repetitive steps / stages --- Jenkinsfile | 156 +++++++++++++++++----------------------------------- 1 file changed, 51 insertions(+), 105 deletions(-) diff --git a/Jenkinsfile b/Jenkinsfile index 3b54bd3e61..06000a75f2 100644 --- a/Jenkinsfile +++ b/Jenkinsfile @@ -1,79 +1,57 @@ def reg = [credentialsId: 'csebuildbot', url: 'https://index.docker.io/v1/'] pipeline { - agent none + agent { + label 'ubuntu-1604-aufs-stable' + } + environment { + DTR_VPN_ADDRESS = credentials('dtr-vpn-address') + DTR_URL = credentials('dtr-url') + DOCKER_HOST_STRING = credentials('docker-host') + UCP_BUNDLE = credentials('ucp-bundle') + SUCCESS_BOT_TOKEN = credentials('success-bot-token') + SLACK = credentials('slack-docs-webhook') + } options { timeout(time: 1, unit: 'HOURS') } stages { stage( 'docker.github.io' ) { - agent { - label 'ubuntu-1604-aufs-stable' - } - environment { - DTR_VPN_ADDRESS = credentials('dtr-vpn-address') - DOCKER_HOST_STRING = credentials('docker-host') - UCP_BUNDLE = credentials('ucp-bundle') - SLACK = credentials('slack-docs-webhook') - } when { expression { env.GIT_URL == 'https://github.com/Docker/docker.github.io.git' } } stages { - stage( 'build and push stage image' ) { - when { - branch 'master' - } - steps { - withDockerRegistry(reg) { - sh """ - docker image build --tag docs/docker.github.io:stage-${env.BUILD_NUMBER} . && \ - docker image push docs/docker.github.io:stage-${env.BUILD_NUMBER} - """ - } - } - } - stage( 'build and push prod image' ) { - when { - branch 'published' - } - steps { - withDockerRegistry(reg) { - sh """ - docker image build --tag docs/docker.github.io:prod-${env.BUILD_NUMBER} . && \ - docker image push docs/docker.github.io:prod-${env.BUILD_NUMBER} - """ - } - } - } - stage( 'update docs stage' ) { + stage( 'build + push stage image, update stage swarm' ) { when { branch 'master' } steps { withVpn("$DTR_VPN_ADDRESS") { - sh "unzip -o $UCP_BUNDLE" - withDockerRegistry(reg) { - sh """ - export DOCKER_TLS_VERIFY=1 - export COMPOSE_TLS_VERSION=TLSv1_2 - export DOCKER_CERT_PATH=${WORKSPACE}/ucp-bundle-success_bot - export DOCKER_HOST=$DOCKER_HOST_STRING - docker service update --detach=false --force --image docs/docker.github.io:stage-${env.BUILD_NUMBER} docs-stage-docker-com_docs --with-registry-auth - """ - } + sh """ + cat $SUCCESS_BOT_TOKEN | docker login $DTR_URL --username 'success_bot' --password-stdin + docker build -t $DTR_URL/docker/docker.github.io:stage-${env.BUILD_NUMBER} . + docker push $DTR_URL/docker/docker.github.io:stage-${env.BUILD_NUMBER} + unzip -o $UCP_BUNDLE + export DOCKER_TLS_VERIFY=1 + export COMPOSE_TLS_VERSION=TLSv1_2 + export DOCKER_CERT_PATH=${WORKSPACE}/ucp-bundle-success_bot + export DOCKER_HOST=$DOCKER_HOST_STRING + docker service update --detach=false --force --image $DTR_URL/docker/docker.github.io:stage-${env.BUILD_NUMBER} docs-stage-docker-com_docs --with-registry-auth + """ } } } - stage( 'update docs prod' ) { + stage( 'build + push prod image, update prod swarm' ) { when { branch 'published' } steps { withVpn("$DTR_VPN_ADDRESS") { - sh "unzip -o $UCP_BUNDLE" withDockerRegistry(reg) { sh """ + docker build -t docs/docker.github.io:prod-${env.BUILD_NUMBER} . + docker push docs/docker.github.io:prod-${env.BUILD_NUMBER} + unzip -o $UCP_BUNDLE cd ucp-bundle-success_bot export DOCKER_TLS_VERIFY=1 export COMPOSE_TLS_VERSION=TLSv1_2 @@ -89,79 +67,47 @@ pipeline { } } stage( 'docs-private' ) { - agent { - label 'ubuntu-1604-aufs-stable' - } - environment { - DTR_VPN_ADDRESS = credentials('dtr-vpn-address') - DOCKER_HOST_STRING = credentials('docker-host') - UCP_BUNDLE = credentials('ucp-bundle') - } when { expression { env.GIT_URL == "https://github.com/docker/docs-private.git" } } stages { - stage( 'build and push new beta stage image' ) { - when { - branch 'amberjack' - } - steps { - withDockerRegistry(reg) { - sh """ - docker image build --tag docs/docs-private:beta-stage-${env.BUILD_NUMBER} . && \ - docker image push docs/docs-private:beta-stage-${env.BUILD_NUMBER} - """ - } - } - } - stage( 'build and push new beta image' ) { - when { - branch 'published' - } - steps { - withDockerRegistry(reg) { - sh """ - docker image build --tag docs/docs-private:beta-${env.BUILD_NUMBER} . && \ - docker image push docs/docs-private:beta-${env.BUILD_NUMBER} - """ - } - } - } - stage( 'update beta stage service' ) { + stage( 'build + push beta-stage image, update beta-stage swarm' ) { when { branch 'amberjack' } steps { withVpn("$DTR_VPN_ADDRESS") { - sh "unzip -o $UCP_BUNDLE" - withDockerRegistry(reg) { - sh """ - export DOCKER_TLS_VERIFY=1 - export COMPOSE_TLS_VERSION=TLSv1_2 - export DOCKER_CERT_PATH=${WORKSPACE}/ucp-bundle-success_bot - export DOCKER_HOST=$DOCKER_HOST_STRING - docker service update --detach=false --force --image docs/docs-private:beta-stage-${env.BUILD_NUMBER} docs-beta-stage-docker-com_docs --with-registry-auth - """ - } + sh """ + cat $SUCCESS_BOT_TOKEN | docker login $DTR_URL --username 'success_bot' --password-stdin + docker build -t $DTR_URL/docker/docs-private:beta-stage-${env.BUILD_NUMBER} . + docker push $DTR_URL/docker/docs-private:beta-stage-${env.BUILD_NUMBER} + unzip -o $UCP_BUNDLE + export DOCKER_TLS_VERIFY=1 + export COMPOSE_TLS_VERSION=TLSv1_2 + export DOCKER_CERT_PATH=${WORKSPACE}/ucp-bundle-success_bot + export DOCKER_HOST=$DOCKER_HOST_STRING + docker service update --detach=false --force --image $DTR_URL/docker/docs-private:beta-stage-${env.BUILD_NUMBER} docs-beta-stage-docker-com_docs --with-registry-auth + """ } } } - stage( 'update beta service' ) { + stage( 'build + push beta image, update beta swarm' ) { when { branch 'published' } steps { withVpn("$DTR_VPN_ADDRESS") { - sh "unzip -o $UCP_BUNDLE" - withDockerRegistry(reg) { - sh """ - export DOCKER_TLS_VERIFY=1 - export COMPOSE_TLS_VERSION=TLSv1_2 - export DOCKER_CERT_PATH=${WORKSPACE}/ucp-bundle-success_bot - export DOCKER_HOST=$DOCKER_HOST_STRING - docker service update --detach=false --force --image docs/docs-private:beta-${env.BUILD_NUMBER} docs-beta-docker-com_docs --with-registry-auth - """ - } + sh """ + cat $SUCCESS_BOT_TOKEN | docker login $DTR_URL --username 'success_bot' --password-stdin + docker build -t $DTR_URL/docker/docs-private:beta-${env.BUILD_NUMBER} . + docker push $DTR_URL/docker/docs-private:beta-${env.BUILD_NUMBER} + unzip -o $UCP_BUNDLE + export DOCKER_TLS_VERIFY=1 + export COMPOSE_TLS_VERSION=TLSv1_2 + export DOCKER_CERT_PATH=${WORKSPACE}/ucp-bundle-success_bot + export DOCKER_HOST=$DOCKER_HOST_STRING + docker service update --detach=false --force --image $DTR_URL/docker/docs-private:beta-${env.BUILD_NUMBER} docs-beta-docker-com_docs --with-registry-auth + """ } } } From 168c7b5410b6788936f5f6491a09c3b6ca608916 Mon Sep 17 00:00:00 2001 From: Maria Bermudez Date: Tue, 4 Jun 2019 21:42:26 -0700 Subject: [PATCH 03/35] Sync published with master (#8898) * Fix broken links * Update link to webhook types * Rewritten Custom CNI to become Unmanaged CNI in UCP Docs (#8799) Here I have rewritten the Unmanaged CNI page with Docker UCP. The changes are: - Clarifying the support position - Providing clear instructions on how to bring up UCP and then install a custom CNI plugin - Removes unneccesary items like disabling IPIP which is not related to this page. Signed-off-by: Olly Pomeroy * Updated following Uday's feedback * Add editorial review * Fix link preview * Update link to UCP installation * Fix typo * Standardize headings * removed the reference to index.md Though the sections referenced belong to `index.md`, there is no requirement to call it out in the URL. For example: https://docs.docker.com/docker-for-mac/#add-tls-certificates https://docs.docker.com/docker-for-mac/#reset * Update faqs.md * Update ubuntu version and common driver on storagedriver docs (#8746) Signed-off-by: Takuya Noguchi * refactor Jenkinsfile - use DTR images for all but `docker.github.io:published` - use environment variables instead of credentials - build and push all images inside VPN container - combine build + image and update swarm stages - remove repetitive steps / stages * 7724 (#8876) * Fix 7724 * Fix broken link * Change to Docker Enterprise (#8877) * Change to Docker Enterprise * Update the new default addr pool for swarm (#8705) The default address pool for swarm is now a `/8` CIDR * Update part2.md (#8535) typo * Update system-requirements.md * Clean up syntax (#8881) * Removed 2018 references. (#8880) * Remove pay thru Docker section (#8879) * Update index.md * Edit signing images (#8882) * Edit signing images * Incorporate feedback * Final edits - Change example Security member name --- _data/toc.yaml | 2 +- .../1.1/installation/system-requirements.md | 4 +- .../ucp/2.0/guides/configuration/index.md | 4 +- .../configuration/integrate-with-dtr.md | 2 +- docker-for-mac/faqs.md | 6 +- docker-hub/publish/index.md | 8 - docker-hub/publish/publisher_faq.md | 9 +- .../storage-backend-migration.md | 27 ++- ee/dtr/admin/manage-webhooks/use-the-api.md | 2 +- .../admin/manage-webhooks/use-the-web-ui.md | 2 +- .../user/manage-images/sign-images/index.md | 141 +++++++-------- ee/ucp/admin/install/index.md | 10 +- ee/ucp/admin/install/plan-installation.md | 2 +- ee/ucp/kubernetes/install-cni-plugin.md | 167 ++++++++++-------- index.md | 18 +- storage/storagedriver/index.md | 56 +++--- 16 files changed, 233 insertions(+), 227 deletions(-) diff --git a/_data/toc.yaml b/_data/toc.yaml index 130bf78530..1371623a34 100644 --- a/_data/toc.yaml +++ b/_data/toc.yaml @@ -1371,7 +1371,7 @@ manuals: path: /ee/ucp/kubernetes/layer-7-routing/ - title: Create a service account for a Kubernetes app path: /ee/ucp/kubernetes/create-service-account/ - - title: Install a CNI plugin + - title: Install an unmanaged CNI plugin path: /ee/ucp/kubernetes/install-cni-plugin/ - title: Kubernetes network encryption path: /ee/ucp/kubernetes/kubernetes-network-encryption/ diff --git a/datacenter/ucp/1.1/installation/system-requirements.md b/datacenter/ucp/1.1/installation/system-requirements.md index b011b3b6c1..a68e71c053 100644 --- a/datacenter/ucp/1.1/installation/system-requirements.md +++ b/datacenter/ucp/1.1/installation/system-requirements.md @@ -17,7 +17,7 @@ all nodes must have: * Linux kernel version 3.10 or higher * CS Docker Engine version 1.10 or higher. Learn about the -[operating systems supported by CS Docker Engine](/cs-engine/install/). +[operating systems supported by CS Docker Engine](/install/). * 2.00 GB of RAM * 3.00 GB of available disk space * A static IP address @@ -59,4 +59,4 @@ Docker Datacenter is a software subscription that includes 3 products: ## Where to go next * [UCP architecture](../architecture.md) -* [Plan a production installation](plan-production-install.md) \ No newline at end of file +* [Plan a production installation](plan-production-install.md) diff --git a/datacenter/ucp/2.0/guides/configuration/index.md b/datacenter/ucp/2.0/guides/configuration/index.md index d8ee7ff2b7..a1f22a22c4 100644 --- a/datacenter/ucp/2.0/guides/configuration/index.md +++ b/datacenter/ucp/2.0/guides/configuration/index.md @@ -1,8 +1,8 @@ - --- +--- +title: Use externally-signed certificates description: Learn how to configure Docker Universal Control Plane to use your own certificates. keywords: Universal Control Plane, UCP, certificate, authentication, tls -title: Use externally-signed certificates --- All UCP services are exposed using HTTPS, to ensure all communications between diff --git a/datacenter/ucp/2.0/guides/configuration/integrate-with-dtr.md b/datacenter/ucp/2.0/guides/configuration/integrate-with-dtr.md index 8a6f2623fb..2404bed0e1 100644 --- a/datacenter/ucp/2.0/guides/configuration/integrate-with-dtr.md +++ b/datacenter/ucp/2.0/guides/configuration/integrate-with-dtr.md @@ -139,4 +139,4 @@ steps as you used to configure your local computer. ## Where to go next -* [use your own externally-signed TLS certificates](index.md#customize-the-ucp-tls-certificates) +* [Use your own externally-signed TLS certificates](/datacenter/ucp/2.0/guides/configuration/index.md#customize-the-ucp-tls-certificates) diff --git a/docker-for-mac/faqs.md b/docker-for-mac/faqs.md index da08cdee6c..31b4cfc1e8 100644 --- a/docker-for-mac/faqs.md +++ b/docker-for-mac/faqs.md @@ -106,7 +106,7 @@ is about older releases of Docker for Mac. If, after installing Docker for Mac, you [change the name of your macOS user account and home folder](https://support.apple.com/en-us/HT201548), Docker for -Mac fails to start. [Reset to Factory Defaults](index.md#reset) is the simplest +Mac fails to start. [Reset to Factory Defaults](/docker-for-mac/index/#reset) is the simplest fix, but you'll lose all your settings, containers, images, etc. To preserve them, open the `~/Library/Group @@ -246,7 +246,7 @@ Starting with Docker for Mac Beta 27 and Stable 1.12.3, all trusted certificate authorities (CAs) (root or intermediate) are supported. For full information on adding server and client side certs, see -[Add TLS certificates](index.md#add-tls-certificates) in the Getting Started topic. +[Add TLS certificates](/docker-for-mac/index/#add-tls-certificates) in the Getting Started topic. ### How do I add client certificates? @@ -256,7 +256,7 @@ in `~/.docker/certs.d/:/client.cert` and `~/.docker/certs.d/:/client.key`. For full information on adding server and client side certs, see -[Add TLS certificates](index.md#add-tls-certificates) in the Getting Started topic. +[Add TLS certificates](/docker-for-mac/index/#add-tls-certificates) in the Getting Started topic. ### Can I pass through a USB device to a container? diff --git a/docker-hub/publish/index.md b/docker-hub/publish/index.md index 868d9965ba..6b5511c88d 100644 --- a/docker-hub/publish/index.md +++ b/docker-hub/publish/index.md @@ -38,14 +38,6 @@ experience the following benefits: Docker Hub welcomes free and open-source content, as well as software sold directly by publishers. We support the following commercial models: -### Paid through Docker - -This commercial model allows customers to pay for ISV content through Docker, as -described in the Store Vendor Partner agreement. Paid-through-Docker content -includes both software that can be deployed on a host, as well as software that -runs in the cloud and can be accessed by the customer through an agent -(containerized cloud services, for example). - ### Licensed content through Docker Hub BYOL program ISVs can use Docker Hub as an entitlement and distribution platform. Using diff --git a/docker-hub/publish/publisher_faq.md b/docker-hub/publish/publisher_faq.md index 5f3003c395..5500002e51 100644 --- a/docker-hub/publish/publisher_faq.md +++ b/docker-hub/publish/publisher_faq.md @@ -71,7 +71,7 @@ We don't support the abiltiy to view available tags for published products becau Official images and community images have available tags visible because anyone can access any tag at any time anonymously. -We aim to have product listings published with the concept of versions, allowing publishers to manage which versions of their products they expose to customers for access. (Expected Q3 2018) +We aim to have product listings published with the concept of versions, allowing publishers to manage which versions of their products they expose to customers for access. ### On the page for another vendor’s product on Docker Hub, I see the following chunks of data: How do these fields map to the following that are required in the publish process? @@ -169,11 +169,6 @@ As a publisher you can charge a subscription fee every month in USD. The amount is determined by you. We are working on other pricing options. If you have feedback about pricing, send us an email at publisher-support@docker.com -### As a publisher, I have not setup any payment account. How does money get to me if my commercial content gets purchased by customers? - -We (Docker) cut you a check post a revenue share. Your Docker Hub Vendor -Agreement should cover specifics. - ### How does Docker handle Export control? Can individual countries be specified if differing from Docker's list of embargoed countries? We provide export control through blacklisting several countries, IPs and users @@ -212,4 +207,4 @@ Yes ### Can I have a publish by date for my content? -Not yet. Potential ETA Q2 2018. +Not yet. This is a planned enhancement, but we have no specific availability date at this time. diff --git a/ee/dtr/admin/configure/external-storage/storage-backend-migration.md b/ee/dtr/admin/configure/external-storage/storage-backend-migration.md index 6d883cc109..b8eca97dde 100644 --- a/ee/dtr/admin/configure/external-storage/storage-backend-migration.md +++ b/ee/dtr/admin/configure/external-storage/storage-backend-migration.md @@ -26,27 +26,26 @@ Docker recommends the following steps for your storage backend and metadata migr 5. With DTR restored from your backup and your storage data migrated to your new backend, garbage collect any dangling blobs using the following API request: - ```bash - curl -u :$TOKEN -X POST "https:///api/v0/jobs" -H "accept: application/json" -H "content-type: application/json" -d "{ \"action": \"onlinegc_blobs\" }" - ``` - On success, you should get a `202 Accepted` response with a job `id` and other related details. - -This ensures any blobs which are not referenced in your previously created backup get destroyed. + ```bash + curl -u :$TOKEN -X POST "https:///api/v0/jobs" -H "accept: application/json" -H "content-type: application/json" -d "{ \"action": \"onlinegc_blobs\" }" + ``` + + On success, you should get a `202 Accepted` response with a job `id` and other related details. This ensures any blobs which are not referenced in your previously created backup get destroyed. ### Alternative option for data migration -- If you have a long maintenance window, you can skip some steps from above and do the following: +If you have a long maintenance window, you can skip some steps from above and do the following: - 1. Put DTR in "read-only" mode using the following API request: +1. Put DTR in "read-only" mode using the following API request: - ```bash - curl -u :$TOKEN -X POST "https:///api/v0/meta/settings" -H "accept: application/json" -H "content-type: application/json" -d "{ \"readOnlyRegistry\": true }" - ``` - On success, you should get a `202 Accepted` response. + ```bash + curl -u :$TOKEN -X POST "https:///api/v0/meta/settings" -H "accept: application/json" -H "content-type: application/json" -d "{ \"readOnlyRegistry\": true }" + ``` + On success, you should get a `202 Accepted` response. - 2. Migrate the contents of your current storage backend to the new one you are switching to. For example, upload your current storage data to your new NFS server. +2. Migrate the contents of your current storage backend to the new one you are switching to. For example, upload your current storage data to your new NFS server. - 3. [Reconfigure DTR](/reference/dtr/2.6/cli/reconfigure) while specifying the `--storage-migrated` flag to preserve your existing tags. +3. [Reconfigure DTR](/reference/dtr/2.6/cli/reconfigure) while specifying the `--storage-migrated` flag to preserve your existing tags. ## DTR 2.6.0-2.6.4 and DTR 2.5 (with experimental garbage collection) diff --git a/ee/dtr/admin/manage-webhooks/use-the-api.md b/ee/dtr/admin/manage-webhooks/use-the-api.md index 275491b55d..f710fc1c07 100644 --- a/ee/dtr/admin/manage-webhooks/use-the-api.md +++ b/ee/dtr/admin/manage-webhooks/use-the-api.md @@ -6,7 +6,7 @@ keywords: dtr, webhooks, api, registry ## Prerequisite -See [Event types for webhooks](/ee/dtr/admin/manage-webhooks/index.md/#event-types-for-webhooks) for a complete list of event types you can trigger notifications for via the API. +See [Webhook types](/ee/dtr/admin/manage-webhooks/index.md/#webhook-types) for a list of events you can trigger notifications for via the API. ## API Base URL diff --git a/ee/dtr/admin/manage-webhooks/use-the-web-ui.md b/ee/dtr/admin/manage-webhooks/use-the-web-ui.md index dc62f21b9b..b3c8dfe26f 100644 --- a/ee/dtr/admin/manage-webhooks/use-the-web-ui.md +++ b/ee/dtr/admin/manage-webhooks/use-the-web-ui.md @@ -7,7 +7,7 @@ keywords: dtr, webhooks, ui, web interface, registry ## Prerequisites - You must have admin privileges to the repository in order to create a webhook. -- See [Event types](/ee/dtr/admin/manage-webhooks/index.md/#event-types-for-webhooks) for a complete list of event types you can trigger notifications for using the web interface. +- See [Webhook types](/ee/dtr/admin/manage-webhooks/index.md/#webhook-types) for a list of events you can trigger notifications for using the web interface. ## Create a webhook for your repository diff --git a/ee/dtr/user/manage-images/sign-images/index.md b/ee/dtr/user/manage-images/sign-images/index.md index 9bac5a1991..f2409bfc34 100644 --- a/ee/dtr/user/manage-images/sign-images/index.md +++ b/ee/dtr/user/manage-images/sign-images/index.md @@ -7,21 +7,21 @@ redirect_from: - /ee/dtr/user/manage-images/sign-images/manage-trusted-repositories/ --- -2 Key components of the Docker Trusted Registry are the Notary Server and Notary -Signer. These 2 containers give us the required components to use Docker Content -Trust right out of the box. [Docker Content -Trust](/engine/security/trust/content_trust/) allows us to sign image tags, -therefore whoever pulls the image can validate that they are getting the image -you create, or a forged one. +Two key components of the Docker Trusted Registry are the Notary Server and the Notary +Signer. These two containers provide the required components for using Docker Content +Trust (DCT) out of the box. [Docker Content +Trust](/engine/security/trust/content_trust/) allows you to sign image tags, +therefore giving consumers a way to verify the integrity of your image. -As part of Docker Trusted Registry both the Notary server and the Registry -server are accessed through a front end Proxy, with both components sharing the -UCP's RBAC Engine. Therefore no additional configuration of the Docker Client -is required to use trust. +As part of DTR, both the Notary and the Registry +servers are accessed through a front-end proxy, with both components sharing the +UCP's RBAC (Role-based Access Control) Engine. Therefore, you do not need additional Docker client +configuration in order to use DCT. -Docker Content Trust is integrated into the Docker CLI, allowing you to -configure repositories, add signers and sign images all through the `$ docker -trust` command. +DCT is integrated with the Docker CLI, and allows you to: +- Configure repositories +- Add signers, and +- Sign images using the `docker trust` command ![image without signature](../../../images/sign-an-image-1.svg) @@ -29,31 +29,29 @@ trust` command. UCP has a feature which will prevent [untrusted images](/ee/ucp/admin/configure/run-only-the-images-you-trust/) from being -deployed on the cluster. To use this feature, we first need to upload and sign -images into DTR. To tie the signed images back to UCP, we will actually sign the -images with private keys of UCP users. Inside of a UCP Client bundle the -`key.pem` can be used a User's private key, with the `cert.pem` being a public -key within a x509 certificate. +deployed on the cluster. To use the feature, you need to sign and push images to your DTR. +To tie the signed images back to UCP, you need to sign the +images with the private keys of the UCP users. From a UCP client bundle, use +`key.pem` as your private key, and `cert.pem` as your public key +on an `x509` certificate. -To sign images in a way that UCP trusts them, you need to: +To sign images in a way that UCP can trust, you need to: -1. Download a Client Bundle for a User you want to use to sign the images. -2. Load the private key of the User into your workstations trust store. +1. Download a client bundle for the user account you want to use for signing the images. +2. Add the user's private key to your machine's trust store. 3. Initialize trust metadata for the repository. -4. Delegate signing for that repository to the UCP User. -5. Sign the Image. +4. Delegate signing for that repository to the UCP user. +5. Sign the image. -In this example we're going to pull a nginx image from the Docker Hub, re-tag it -as `dtr.example.com/dev/nginx:1`, push the image to DTR and sign it in a way -that is trusted by UCP. If you manage multiple repositories, you'll have to do -the same procedure for each repository. +The following example shows the `nginx` image getting pulled from Docker Hub, tagged +as `dtr.example.com/dev/nginx:1`, pushed to DTR, and signed in a way +that is trusted by UCP. -### Import a UCP User's Private Key +### Import a UCP user's private key -Once you have download and extracted a UCP User's client bundle into your local -directory, you need to load the Private key into the local Docker trust store -`(~/.docker/trust)`. The name used here is purely metadata to help keep track of -which keys you have imported. +After downloading and extracting a UCP client bundle into your local +directory, you need to load the private key into the local Docker trust store +`(~/.docker/trust)`. To illustrate the process, we will use `jeff` as an example user. ```bash $ docker trust key load --name jeff key.pem @@ -63,16 +61,16 @@ Repeat passphrase for new jeff key with ID a453196: Successfully imported key from key.pem ``` -### Initialize the trust metadata and add the Public Key +### Initialize the trust metadata and add the user's public certificate -Next, we need to initiate trust metadata for a DTR repository. If you have not -done so already, navigate to the **DTR web UI**, and create a repository for -your image. In this example we've created the `prod/nginx` repository. +Next,initiate trust metadata for a DTR repository. If you have not +already done so, navigate to the **DTR web UI**, and create a repository for +your image. This example uses the `nginx` repository in the `prod` namespace. -As part of initiating the repository, we will add the public key of the UCP User -as a signer. You will be asked for a number of passphrases to protect the keys. -Make a note of these passphrases, and see [Managing Delegations in a Notary Server](/engine/security/trust/trust_delegation/#managing-delegations-in-a-notary-server) -to learn more about managing keys. +As part of initiating the repository, the public key of the UCP user needs to be added +to the Notary server as a signer for the repository. You will be asked for a number of +passphrases to protect the keys.Make a note of these passphrases, and +see [Managing Delegations in a Notary Server](/engine/security/trust/trust_delegation/#managing-delegations-in-a-notary-server) to learn more about managing keys. ```bash @@ -86,7 +84,7 @@ Successfully initialized "dtr.example.com/prod/nginx" Successfully added signer: jeff to dtr.example.com/prod/nginx ``` -We can inspect the trust metadata of the repository to make sure the User has +Inspect the trust metadata of the repository to make sure the user has been added correctly. ```bash @@ -105,11 +103,10 @@ Administrative keys for dtr.example.com/prod/nginx Root Key: b74854cb27cc25220ede4b08028967d1c6e297a759a6939dfef1ea72fbdd7b9a ``` -### Sign the Image +### Sign the image -Finally, we will sign an image tag. These steps download the Image from the -Docker Hub, retag the Image to the DTR repository, push the image up to DTR, as -well as signing the tag with the UCP User's keys. +Finally, user `jeff` can sign an image tag. The following steps include downloading the image from Hub, tagging the image for Jeff's DTR repository, pushing the image to Jeff's DTR, as +well as signing the tag with Jeff's keys. ```bash $ docker pull nginx:latest @@ -128,7 +125,7 @@ Enter passphrase for jeff key with ID 927f303: Successfully signed dtr.example.com/prod/nginx:1 ``` -We can inspect the trust metadata again to make sure the image tag has been +Inspect the trust metadata again to make sure the image tag has been signed successfully. ```bash @@ -150,49 +147,48 @@ Administrative keys for dtr.example.com/prod/nginx:1 Root Key: b74854cb27cc25220ede4b08028967d1c6e297a759a6939dfef1ea72fbdd7b9a ``` -Or we can have a look at the signed image from within the **DTR UI**. +Alternatively, you can review the signed image from the DTR web UI. ![DTR](../../../images/sign-an-image-3.png){: .with-border} -### Adding Additional Delegations +### Add delegations -If you wanted to sign this image with multiple UCP Users, maybe if you had a use -case where an image needed to be signed by a member of the `Security` team and a -member of the `Developers` team. Then you can add multiple signers to a -repository. +You have the option to sign an image using multiple UCP users' keys. For example, an image +needs to be signed by a member of the `Security` team and a +member of the `Developers` team. Let's assume `jeff` is a member of the Developers team. +In this case, we only need to add a member of the Security team. -To do so, first load a private key from a UCP User of the Security Team's in to -the local Docker Trust Store. +To do so, first add the private key of the Security team member to +the local Docker trust store. ```bash -$ docker trust key load --name security key.pem +$ docker trust key load --name ian key.pem Loading key from "key.pem"... -Enter passphrase for new security key with ID 5ac7d9a: -Repeat passphrase for new security key with ID 5ac7d9a: +Enter passphrase for new ian key with ID 5ac7d9a: +Repeat passphrase for new ian key with ID 5ac7d9a: Successfully imported key from key.pem ``` -Upload the Public Key to the Notary Server and Sign the Image. You will be asked -for both the Developers passphrase, as well as the Security Users passphrase to +Upload the user's public key to the Notary Server and sign the image. You will be asked +for `jeff`, the developer's passphrase, as well as the `ian` user's passphrase to sign the tag. ```bash -$ docker trust signer add --key cert.pem security dtr.example.com/prod/nginx -Adding signer "security" to dtr.example.com/prod/nginx... +$ docker trust signer add --key cert.pem ian dtr.example.com/prod/nginx +Adding signer "ian" to dtr.example.com/prod/nginx... Enter passphrase for repository key with ID e0d15a2: -Successfully added signer: security to dtr.example.com/prod/nginx +Successfully added signer: ian to dtr.example.com/prod/nginx $ docker trust sign dtr.example.com/prod/nginx:1 Signing and pushing trust metadata for dtr.example.com/prod/nginx:1 Existing signatures for tag 1 digest 5b49c8e2c890fbb0a35f6050ed3c5109c5bb47b9e774264f4f3aa85bb69e2033 from: jeff Enter passphrase for jeff key with ID 927f303: -Enter passphrase for security key with ID 5ac7d9a: +Enter passphrase for ian key with ID 5ac7d9a: Successfully signed dtr.example.com/prod/nginx:1 ``` -Finally, we can check the tag again to make sure it is now signed by 2 -signatures. +Finally, check the tag again to make sure it includes two signers. ```bash $ docker trust inspect --pretty dtr.example.com/prod/nginx:1 @@ -200,13 +196,13 @@ $ docker trust inspect --pretty dtr.example.com/prod/nginx:1 Signatures for dtr.example.com/prod/nginx:1 SIGNED TAG DIGEST SIGNERS -1 5b49c8e2c890fbb0a35f6050ed3c5109c5bb47b9e774264f4f3aa85bb69e2033 jeff, security +1 5b49c8e2c890fbb0a35f6050ed3c5109c5bb47b9e774264f4f3aa85bb69e2033 jeff, ian List of signers and their keys for dtr.example.com/prod/nginx:1 SIGNER KEYS jeff 927f30366699 -security 5ac7d9af7222 +ian 5ac7d9af7222 Administrative keys for dtr.example.com/prod/nginx:1 @@ -218,13 +214,12 @@ For more advanced use cases like this, see [Delegations for content trust](/engi ## Delete trust data -If an Administrator wants to delete a DTR repository that contains Trust -metadata, they will be prompted to delete the trust metadata first before the -repository can be removed. +If an administrator wants to delete a DTR repository that contains trust +metadata, they will be prompted to delete the trust metadata first before removing the repository. -To delete trust metadata we need to use the Notary CLI. For information on how -to download and configure the Notary CLI head -[here](/engine/security/trust/trust_delegation/#configuring-the-notary-client) +To delete trust metadata, you need to use the Notary CLI. For information on how +to download and configure the Notary CLI see +[Configuring the Notary client](/engine/security/trust/trust_delegation/#configuring-the-notary-client) ```bash diff --git a/ee/ucp/admin/install/index.md b/ee/ucp/admin/install/index.md index 3070c1bf58..5fece24ed2 100644 --- a/ee/ucp/admin/install/index.md +++ b/ee/ucp/admin/install/index.md @@ -75,12 +75,12 @@ To install UCP: To find what other options are available in the install command, check the [reference documentation](/reference/ucp/3.1/cli/install.md). -> Custom CNI plugins +> Custom Container Networking Interface (CNI) plugins > -> If you want to use a third-party Container Networking Interface (CNI) plugin, -> like Flannel or Weave, modify the previous command line to include the -> `--cni-installer-url` option. Learn how to -> [install a CNI plugin](../../kubernetes/install-cni-plugin.md). +> UCP will install [Project Calico](https://docs.projectcalico.org/v3.7/introduction/) +> for container-to-container communication for Kubernetes. A platform operator may +> choose to install an alternative CNI plugin, such as Weave or Flannel. Please see +>[Install an unmanaged CNI plugin](/ee/ucp/kubernetes/install-cni-plugin/). {: important} ## Step 5: License your installation diff --git a/ee/ucp/admin/install/plan-installation.md b/ee/ucp/admin/install/plan-installation.md index d3b7e0bfba..b4e7a80739 100644 --- a/ee/ucp/admin/install/plan-installation.md +++ b/ee/ucp/admin/install/plan-installation.md @@ -44,7 +44,7 @@ this. The `service-cluster-ip-range` Kubernetes API Server flag is currently set to `10.96.0.0/16` and cannot be changed. -Swarm uses a default address pool of `10.0.0.0/16` for its overlay networks. If this conflicts with your current network implementation, please use a custom IP address pool. To specify a custom IP address pool, use the `--default-address-pool` command line option during [Swarm initialization](../../../../engine/swarm/swarm-mode.md). +Swarm uses a default address pool of `10.0.0.0/8` for its overlay networks. If this conflicts with your current network implementation, please use a custom IP address pool. To specify a custom IP address pool, use the `--default-address-pool` command line option during [Swarm initialization](../../../../engine/swarm/swarm-mode.md). > **Note**: Currently, the UCP installation process does not support this flag. To deploy with a custom IP pool, Swarm must first be installed using this flag and UCP must be installed on top of it. diff --git a/ee/ucp/kubernetes/install-cni-plugin.md b/ee/ucp/kubernetes/install-cni-plugin.md index b3b7e024ac..66bd5ee4e4 100644 --- a/ee/ucp/kubernetes/install-cni-plugin.md +++ b/ee/ucp/kubernetes/install-cni-plugin.md @@ -1,98 +1,119 @@ --- -title: Install a CNI plugin -description: Learn how to install a Container Networking Interface plugin on Docker Universal Control Plane. -keywords: ucp, cli, administration, kubectl, Kubernetes, cni, Container Networking Interface, flannel, weave, ipip, calico +title: Install an unmanaged CNI plugin +description: Learn how to install a Container Networking Interface (CNI) plugin on Docker Universal Control Plane. +keywords: ucp, kubernetes, cni, container networking interface, flannel, weave, calico --- -For Docker Universal Control Plane, [Project Calico](https://docs.projectcalico.org/v3.0/introduction/) -provides the secure networking functionality for the container communication with Kubernetes. +For Docker Universal Control Plane (UCP), [Calico](https://docs.projectcalico.org/v3.7/introduction/) +provides the secure networking functionality for container-to-container communication within +Kubernetes. UCP handles the lifecycle of Calico and packages it with UCP +installation and upgrade. Additionally, the Calico deployment included with +UCP is fully supported with Docker providing guidance on the +[CNI components](https://github.com/projectcalico/cni-plugin). -Docker EE supports Calico and installs the -built-in [Calico](https://github.com/projectcalico/cni-plugin) plugin, but you can override that and -install a Docker certified plugin. +At install time, UCP can be configured to install an alternative CNI plugin +to support alternative use cases. The alternative CNI plugin is certified by +Docker and its partners, and published on Docker Hub. UCP components are still +fully supported by Docker and respective partners. Docker will provide +pointers to basic configuration, however for additional guidance on managing third party +CNI components, the platform operator will need to refer to the partner documentation +or contact that third party. -> **Note**: The `--cni-installer-url` option is deprecated as of UCP 3.1. It is replaced by the `--unmanaged-cni` option. +## Install an unmanaged CNI plugin on Docker UCP -# Install UCP with a custom CNI plugin +Once a platform operator has complied with [UCP system +requirements](/ee/ucp/admin/install/system-requirements/) and +taken into consideration any requirements for the custom CNI plugin, you can +[run the UCP install command](/reference/ucp/3.1/cli/install/) with the `--unmanaged-cni` flag +to bring up the platform. -Modify the [UCP install command-line](../admin/install/index.md#step-4-install-ucp) -to add the `--cni-installer-url` [option](/reference/ucp/3.0/cli/install.md), -providing a URL for the location of the CNI plugin's YAML file: +This command will install UCP, and bring up components +like the user interface and the RBAC engine. UCP components that +require Kubernetes Networking, such as Metrics, will not start and will stay in +a `Container Creating` state in Kubernetes, until a CNI is installed. + +### Install UCP without a CNI plugin + +Once connected to a manager node with the Docker Enterprise Engine installed, +you are ready to install UCP with the `--unmanaged-cni` flag. ```bash docker container run --rm -it --name ucp \ -v /var/run/docker.sock:/var/run/docker.sock \ {{ page.ucp_org }}/{{ page.ucp_repo }}:{{ page.ucp_version }} install \ --host-address \ - --unmanaged-cni \ + --unmanaged-cni \ --interactive ``` -> **Note**: Setting `--unmanaged-cni` to `true` value installs UCP without a managed CNI plugin. UCP and the -> Kubernetes components will be running but pod-to-pod networking will not function until a CNI plugin is manually -> installed. This will impact some functionality of UCP until a CNI plugin is running. +Once the installation is complete, you will be able to access UCP in the browser. +Note that the manager node will be unhealthy as the kubelet will +report `NetworkPluginNotReady`. Additionally, the metrics in the UCP dashboard +will also be unavailable, as this runs in a Kubernetes pod. -You must provide a correct YAML installation file for the CNI plugin, but most -of the default files work on Docker EE with no modification. +### Configure CLI access to UCP -## YAML files for CNI plugins - -Use the following commands to get the YAML files for popular CNI plugins. - -- [Flannel](https://github.com/coreos/flannel) - ```bash - # Get the URL for the Flannel CNI plugin. - CNI_URL="https://raw.githubusercontent.com/coreos/flannel/master/Documentation/kube-flannel.yml" - ``` -- [Weave](https://www.weave.works/) - ```bash - # Get the URL for the Weave CNI plugin. - CNI_URL="https://cloud.weave.works/k8s/net?k8s-version=Q2xpZW50IFZlcnNpb246IHZlcnNpb24uSW5mb3tNYWpvcjoiMSIsIE1pbm9yOiI5IiwgR2l0VmVyc2lvbjoidjEuOS4zIiwgR2l0Q29tbWl0OiJkMjgzNTQxNjU0NGYyOThjOTE5ZTJlYWQzYmUzZDA4NjRiNTIzMjNiIiwgR2l0VHJlZVN0YXRlOiJjbGVhbiIsIEJ1aWxkRGF0ZToiMjAxOC0wMi0wN1QxMjoyMjoyMVoiLCBHb1ZlcnNpb246ImdvMS45LjIiLCBDb21waWxlcjoiZ2MiLCBQbGF0Zm9ybToibGludXgvYW1kNjQifQpTZXJ2ZXIgVmVyc2lvbjogdmVyc2lvbi5JbmZve01ham9yOiIxIiwgTWlub3I6IjgrIiwgR2l0VmVyc2lvbjoidjEuOC4yLWRvY2tlci4xNDMrYWYwODAwNzk1OWUyY2UiLCBHaXRDb21taXQ6ImFmMDgwMDc5NTllMmNlYWUxMTZiMDk4ZWNhYTYyNGI0YjI0MjBkODgiLCBHaXRUcmVlU3RhdGU6ImNsZWFuIiwgQnVpbGREYXRlOiIyMDE4LTAyLTAxVDIzOjI2OjE3WiIsIEdvVmVyc2lvbjoiZ28xLjguMyIsIENvbXBpbGVyOiJnYyIsIFBsYXRmb3JtOiJsaW51eC9hbWQ2NCJ9Cg==" - ``` - If you have kubectl available, for example by using - [Docker Desktop for Mac](/docker-for-mac/kubernetes.md), you can use the following - command to get the URL for the [Weave](https://www.weave.works/) CNI plugin: - ```bash - # Get the URL for the Weave CNI plugin. - CNI_URL="https://cloud.weave.works/k8s/net?k8s-version=$(kubectl version | base64 | tr -d '\n')" - ``` -- [Romana](http://docs.romana.io/) - ```bash - # Get the URL for the Romana CNI plugin. - CNI_URL="https://raw.githubusercontent.com/romana/romana/master/docs/kubernetes/romana-kubeadm.yml" - ``` - -## Disable IP in IP overlay tunneling - -The Calico CNI plugin supports both overlay (IPIP) and underlay forwarding -technologies. By default, Docker UCP uses IPIP overlay tunneling. - -If you're used to managing applications at the network level through the -underlay visibility, or you want to reuse existing networking tools in the -underlay, you may want to disable the IPIP functionality. Run the following -commands on the Kubernetes master node to disable IPIP overlay tunneling. +Next, a platform operator should log into UCP, download a UCP client bundle, and +configure the Kubernetes CLI tool, `kubectl`. See [CLI Based +Access](ee/ucp/user-access/cli/#download-client-certificates) for more details. + +With `kubectl`, you can see that the UCP components running on +Kubernetes are still pending, waiting for a CNI driver before becoming +available. ```bash -# Exec into the Calico Kubernetes controller container. -docker exec -it $(docker ps --filter name=k8s_calico-kube-controllers_calico-kube-controllers -q) sh - -# Download calicoctl -wget https://github.com/projectcalico/calicoctl/releases/download/v3.1.1/calicoctl && chmod +x calicoctl - -# Get the IP pool configuration. -./calicoctl get ippool -o yaml > ippool.yaml - -# Edit the file: Disable IPIP in ippool.yaml by setting "ipipMode: Never". - -# Apply the edited file to the Calico plugin. -./calicoctl apply -f ippool.yaml - +$ kubectl get nodes +NAME STATUS ROLES AGE VERSION +manager-01 NotReady master 10m v1.11.9-docker-1 + +$ kubectl get pods -n kube-system -o wide +NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE +compose-565f7cf9ff-gq2gv 0/1 Pending 0 10m +compose-api-574d64f46f-r4c5g 0/1 Pending 0 10m +kube-dns-6d96c4d9c6-8jzv7 0/3 Pending 0 10m +ucp-metrics-nwt2z 0/3 ContainerCreating 0 10m manager-01 ``` -These steps disable overlay tunneling, and Calico uses the underlay networking, -in environments where it's supported. +### Install an unmanaged CNI plugin + +You can use`kubectl` to install a custom CNI plugin on UCP. +Alternative CNI plugins are Weave, Flannel, Canal, Romana and many more. +Platform operators have complete flexibility on what to install, but Docker +will not support the CNI plugin. + +The steps for installing a CNI plugin typically include: +- Downloading the relevant upstream CNI binaries from +https://github.com/containernetworking/cni/releases/tag/ +- Placing them in `/opt/cni/bin` +- Downloading the relevant CNI plugin's Kubernetes Manifest YAML, and +- Running `$ kubectl apply -f .yaml` + +Follow the CNI plugin documentation for specific installation +instructions. + +> While troubleshooting a custom CNI plugin, you may wish to access logs +> within the kubelet. Connect to a UCP manager node and run +> `$ docker logs ucp-kubelet`. + +### Verify the UCP installation + +Upon successful installation of the CNI plugin, the related UCP components should have +a `Running` status as pods start to become available. + +``` +$ kubectl get pods -n kube-system -o wide +NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE +compose-565f7cf9ff-gq2gv 1/1 Running 0 21m 10.32.0.2 manager-01 +compose-api-574d64f46f-r4c5g 1/1 Running 0 21m 10.32.0.3 manager-01 +kube-dns-6d96c4d9c6-8jzv7 3/3 Running 0 22m 10.32.0.5 manager-01 +ucp-metrics-nwt2z 3/3 Running 0 22m 10.32.0.4 manager-01 +weave-net-wgvcd 2/2 Running 0 8m 172.31.6.95 manager-01 +``` + +> **Note**: The above example deployment uses Weave. If you are using an alternative +> CNI plugin, look for the relevant name and review its status. ## Where to go next -- [Install UCP for production](../admin/install.md) -- [Deploy a workload to a Kubernetes cluster](../kubernetes.md) +- [Make your Cluster Highly Available](https://docs.docker.com/ee/ucp/admin/install/#step-6-join-manager-nodes) +- [Install an Ingress Controller on Kubernetes](ee/ucp/kubernetes/layer-7-routing/) diff --git a/index.md b/index.md index 7959711d85..8ec4ccc76a 100644 --- a/index.md +++ b/index.md @@ -22,14 +22,14 @@ production servers in the cloud. Total reading time is less than an hour.
-## Try Docker Enterprise Edition +## Try Docker Enterprise -Run your solution in production with Docker Enterprise Edition to get a +Run your solution in production with Docker Enterprise to get a management dashboard, security scanning, LDAP integration, content signing, multi-cloud support, and more. Click below to test-drive a running instance of -Docker EE without installing anything. +Docker Enterprise without installing anything. -[Try Docker Enterprise Edition](https://trial.docker.com){: class="button outline-btn" onclick="ga('send', 'event', 'EE Trial Referral', 'Front Page', 'Click');"} +[Try Docker Enterprise](https://trial.docker.com){: class="button outline-btn" onclick="ga('send', 'event', 'EE Trial Referral', 'Front Page', 'Click');"}
@@ -52,15 +52,17 @@ channel for more predictability.
-### Docker Enterprise Edition +### Docker Enterprise Platform Designed for enterprise development and IT teams who build, ship, and run business critical applications in production at scale. Integrated, certified, and supported to provide enterprises with the most secure container platform in -the industry to modernize all applications. Docker EE Advanced comes with enterprise -[add-ons](#docker-ee-add-ons) like UCP and DTR. +the industry to modernize all applications. Docker Enterprise Advanced comes with enterprise +[add-ons](#docker-ee-add-ons) like Universal Control Plane (UCP) for managing and +orchestrating the container runtime, and Docker Trusted Registry (DTR) for storing and +securing images in an enterprise grade registry. -[Learn more about Docker EE](/ee/supported-platforms/){: class="button outline-btn"} +[Learn more about Docker Enterprise](/ee/supported-platforms/){: class="button outline-btn"}
diff --git a/storage/storagedriver/index.md b/storage/storagedriver/index.md index 9b3cbd51ea..7144701b1d 100644 --- a/storage/storagedriver/index.md +++ b/storage/storagedriver/index.md @@ -16,7 +16,10 @@ your applications and avoid performance problems along the way. Storage drivers allow you to create data in the writable layer of your container. The files won't be persisted after the container is deleted, and both read and -write speeds are low. +write speeds are lower than native file system performance. + + > **Note**: Operations that are known to be problematic include write-intensive database storage, +particularly when pre-existing data exists in the write-only layer. More details are provided in this document. [Learn how to use volumes](../volumes.md) to persist data and improve performance. @@ -27,14 +30,14 @@ instruction in the image's Dockerfile. Each layer except the very last one is read-only. Consider the following Dockerfile: ```conf -FROM ubuntu:15.04 +FROM ubuntu:18.04 COPY . /app RUN make /app CMD python /app/app.py ``` This Dockerfile contains four commands, each of which creates a layer. The -`FROM` statement starts out by creating a layer from the `ubuntu:15.04` image. +`FROM` statement starts out by creating a layer from the `ubuntu:18.04` image. The `COPY` command adds some files from your Docker client's current directory. The `RUN` command builds your application using the `make` command. Finally, the last layer specifies what command to run within the container. @@ -45,7 +48,7 @@ writable layer on top of the underlying layers. This layer is often called the "container layer". All changes made to the running container, such as writing new files, modifying existing files, and deleting files, are written to this thin writable container layer. The diagram below shows a container based on the Ubuntu -15.04 image. +18.04 image. ![Layers of a container based on the Ubuntu image](images/container-layers.jpg) @@ -63,7 +66,7 @@ deleted. The underlying image remains unchanged. Because each container has its own writable container layer, and all changes are stored in this container layer, multiple containers can share access to the same underlying image and yet have their own data state. The diagram below shows -multiple containers sharing the same Ubuntu 15.04 image. +multiple containers sharing the same Ubuntu 18.04 image. ![Containers sharing same image](images/sharing-layers.jpg) @@ -130,28 +133,28 @@ usually `/var/lib/docker/` on Linux hosts. You can see these layers being pulled in this example: ```bash -$ docker pull ubuntu:15.04 - -15.04: Pulling from library/ubuntu -1ba8ac955b97: Pull complete -f157c4e5ede7: Pull complete -0b7e98f84c4c: Pull complete -a3ed95caeb02: Pull complete -Digest: sha256:5e279a9df07990286cce22e1b0f5b0490629ca6d187698746ae5e28e604a640e -Status: Downloaded newer image for ubuntu:15.04 +$ docker pull ubuntu:18.04 +18.04: Pulling from library/ubuntu +f476d66f5408: Pull complete +8882c27f669e: Pull complete +d9af21273955: Pull complete +f5029279ec12: Pull complete +Digest: sha256:ab6cb8de3ad7bb33e2534677f865008535427390b117d7939193f8d1a6613e34 +Status: Downloaded newer image for ubuntu:18.04 ``` Each of these layers is stored in its own directory inside the Docker host's local storage area. To examine the layers on the filesystem, list the contents -of `/var/lib/docker//layers/`. This example uses the `aufs` +of `/var/lib/docker/`. This example uses the `overlay2` storage driver: ```bash -$ ls /var/lib/docker/aufs/layers -1d6674ff835b10f76e354806e16b950f91a191d3b471236609ab13a930275e24 -5dbb0cbe0148cf447b9464a358c1587be586058d9a4c9ce079320265e2bb94e7 -bef7199f2ed8e86fa4ada1309cfad3089e0542fec8894690529e4c04a7ca2d73 -ebf814eccfe98f2704660ca1d844e4348db3b5ccc637eb905d4818fbfb00a06a +$ ls /var/lib/docker/overlay2 +16802227a96c24dcbeab5b37821e2b67a9f921749cd9a2e386d5a6d5bc6fc6d3 +377d73dbb466e0bc7c9ee23166771b35ebdbe02ef17753d79fd3571d4ce659d7 +3f02d96212b03e3383160d31d7c6aeca750d2d8a1879965b89fe8146594c453d +ec1ec45792908e90484f7e629330666e7eee599f08729c93890a7205a6ba35f5 +l ``` The directory names do not correspond to the layer IDs (this has been true since @@ -161,7 +164,7 @@ Now imagine that you have two different Dockerfiles. You use the first one to create an image called `acme/my-base-image:1.0`. ```conf -FROM ubuntu:16.10 +FROM ubuntu:18.04 COPY . /app ``` @@ -209,10 +212,9 @@ layers are the same. ```bash $ docker build -t acme/my-base-image:1.0 -f Dockerfile.base . - - Sending build context to Docker daemon 4.096kB - Step 1/2 : FROM ubuntu:16.10 - ---> 31005225a745 + Sending build context to Docker daemon 812.4MB + Step 1/2 : FROM ubuntu:18.04 + ---> d131e0fa2585 Step 2/2 : COPY . /app ---> Using cache ---> bd09118bcef6 @@ -252,7 +254,7 @@ layers are the same. $ docker history bd09118bcef6 IMAGE CREATED CREATED BY SIZE COMMENT bd09118bcef6 4 minutes ago /bin/sh -c #(nop) COPY dir:35a7eb158c1504e... 100B - 31005225a745 3 months ago /bin/sh -c #(nop) CMD ["/bin/bash"] 0B + d131e0fa2585 3 months ago /bin/sh -c #(nop) CMD ["/bin/bash"] 0B 3 months ago /bin/sh -c mkdir -p /run/systemd && echo '... 7B 3 months ago /bin/sh -c sed -i 's/^#\s*\(deb.*universe\... 2.78kB 3 months ago /bin/sh -c rm -rf /var/lib/apt/lists/* 0B @@ -266,7 +268,7 @@ layers are the same. IMAGE CREATED CREATED BY SIZE COMMENT dbf995fc07ff 3 minutes ago /bin/sh -c #(nop) CMD ["/bin/sh" "-c" "/a... 0B bd09118bcef6 5 minutes ago /bin/sh -c #(nop) COPY dir:35a7eb158c1504e... 100B - 31005225a745 3 months ago /bin/sh -c #(nop) CMD ["/bin/bash"] 0B + d131e0fa2585 3 months ago /bin/sh -c #(nop) CMD ["/bin/bash"] 0B 3 months ago /bin/sh -c mkdir -p /run/systemd && echo '... 7B 3 months ago /bin/sh -c sed -i 's/^#\s*\(deb.*universe\... 2.78kB 3 months ago /bin/sh -c rm -rf /var/lib/apt/lists/* 0B From 7e4cee1113a6ffd50851de5ac825e2f60cae643d Mon Sep 17 00:00:00 2001 From: Maria Bermudez Date: Fri, 7 Jun 2019 17:17:52 -0700 Subject: [PATCH 04/35] Sync published with master (#8909) * Updates per Anusha's feedback (#8905) * Removed Build from Compose on Docker Desktop Example (#8750) * Removed Build from Compose.yaml on Compose to Kubernetes * Removed build from UCP example too * Publish Hub updates and add TOC entry for Publish page (#8908) --- _data/toc.yaml | 2 + _includes/kubernetes-mac-win.md | 15 +-- config/containers/logging/local.md | 9 +- docker-hub/publish/index.md | 4 +- docker-hub/publish/publish.md | 115 ++++++----------------- docker-hub/publish/publisher_faq.md | 78 +++++++-------- docker-hub/upgrade.md | 59 +++++++++++- ee/ucp/kubernetes/deploy-with-compose.md | 3 - 8 files changed, 128 insertions(+), 157 deletions(-) diff --git a/_data/toc.yaml b/_data/toc.yaml index 8ce374ede1..1cd7d6b806 100644 --- a/_data/toc.yaml +++ b/_data/toc.yaml @@ -3370,6 +3370,8 @@ manuals: section: - path: /docker-hub/publish/ title: Overview + - path: /docker-hub/publish/publish/ + title: Submit a product for Docker Hub - path: /docker-hub/publish/customer_faq/ title: User FAQs - path: /docker-hub/publish/publisher_faq/ diff --git a/_includes/kubernetes-mac-win.md b/_includes/kubernetes-mac-win.md index 093a7c81a6..3246e30ceb 100644 --- a/_includes/kubernetes-mac-win.md +++ b/_includes/kubernetes-mac-win.md @@ -145,28 +145,23 @@ version: '3.3' services: web: - build: web - image: dockerdemos/lab-web - volumes: - - "./web/static:/static" + image: dockersamples/k8s-wordsmith-web ports: - "80:80" words: - build: words - image: dockerdemos/lab-words + image: dockersamples/k8s-wordsmith-api deploy: replicas: 5 endpoint_mode: dnsrr resources: limits: - memory: 16M + memory: 50M reservations: - memory: 16M + memory: 50M db: - build: db - image: dockerdemos/lab-db + image: dockersamples/k8s-wordsmith-db ``` If you already have a Kubernetes YAML file, you can deploy it using the diff --git a/config/containers/logging/local.md b/config/containers/logging/local.md index dbd9d9974d..bb6b1a550d 100644 --- a/config/containers/logging/local.md +++ b/config/containers/logging/local.md @@ -11,8 +11,9 @@ The `local` logging driver captures output from container's stdout/stderr and writes them to an internal storage that is optimized for performance and disk use. -By default the `local` driver preserves 100MB of log messages per container and -uses automatic compression to reduce the size on disk. +By default, the `local` driver preserves 100MB of log messages per container and +uses automatic compression to reduce the size on disk. The 100MB default value is based on a 20M default size +for each file and a default count of 5 for the number of such files (to account for log rotation). > *Note*: the `local` logging driver currently uses file-based storage. The > file-format and storage mechanism are designed to be exclusively accessed by @@ -58,7 +59,7 @@ The `local` logging driver supports the following logging options: | Option | Description | Example value | |:------------|:--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|:-----------------------------------------| | `max-size` | The maximum size of the log before it is rolled. A positive integer plus a modifier representing the unit of measure (`k`, `m`, or `g`). Defaults to 20m. | `--log-opt max-size=10m` | -| `max-file` | The maximum number of log files that can be present. If rolling the logs creates excess files, the oldest file is removed. **Only effective when `max-size` is also set.** A positive integer. Defaults to 5. | `--log-opt max-file=3` | +| `max-file` | The maximum number of log files that can be present. If rolling the logs creates excess files, the oldest file is removed. A positive integer. Defaults to 5. | `--log-opt max-file=3` | | `compress` | Toggle compression of rotated log files. Enabled by default. | `--log-opt compress=false` | ### Examples @@ -67,5 +68,5 @@ This example starts an `alpine` container which can have a maximum of 3 log files no larger than 10 megabytes each. ```bash -$ docker run -it --log-opt max-size=10m --log-opt max-file=3 alpine ash +$ docker run -it --log-driver local --log-opt max-size=10m --log-opt max-file=3 alpine ash ``` diff --git a/docker-hub/publish/index.md b/docker-hub/publish/index.md index 6b5511c88d..fa7d3b8e1d 100644 --- a/docker-hub/publish/index.md +++ b/docker-hub/publish/index.md @@ -53,9 +53,9 @@ information, see [Bring Your Own License (BYOL) products on Store](byol.md). ### Plugins and agents -ISVs have the ability to create and distribute [plugin images](https://hub.docker.com/search?certification_status=certified&q=&type=plugin) for their customers to integrate with the ISV's proprietary hardware or cloud infrastructure and Docker Enterprise Edition deployments. +ISVs have the ability to create and distribute [plugin images](https://hub.docker.com/search?certification_status=certified&q=&type=plugin) for their customers to integrate with the ISV's proprietary hardware or cloud infrastructure and Docker Enterprise deployments. -You can [apply to be a publisher](https://goto.docker.com/partners) and learn more about our [Technology Partner Program](https://www.docker.com/partners/partner-program#/technology_partner). +You can [apply to be a publisher](https://goto.docker.com/2019-Partner-Program-Technology.html) and learn more about our [Technology Partner Program](https://www.docker.com/partners/partner-program#/technology_partner). ## What's next? diff --git a/docker-hub/publish/publish.md b/docker-hub/publish/publish.md index eb1003fa24..bcdd07f60d 100644 --- a/docker-hub/publish/publish.md +++ b/docker-hub/publish/publish.md @@ -8,32 +8,28 @@ redirect_from: ## Permitted content and support options -* Content that runs on a Docker Enterprise Edition (Docker Certified - Infrastructure) may be published in the Store. This content may also qualify - to become a Docker Certified Container or Plugin image and be backed by - collaborative Docker/Publisher support +* Content that runs on Docker Enterprise may be published on Docker Hub under a Verified Publisher profile. This content may also qualify + to become a Docker Certified Container or Plugin image, and thus backed by + collaborative Docker/Publisher support. -* Content that runs on the Docker Community Edition may be published in the - Store, but is not supported by Docker nor is it eligible for certification. +* Content that runs on the Docker Community may be published in Docker Hub, but is not supported by Docker nor is it eligible to become Certified. * Content that requires a non Certified Infrastructure environment may not be - published in the Store. + published. -| If your content: | Can publish on Store | Can be certified and supported by Docker | Supported by publisher | +| If your content: | Can publish | Can be Certified | Supported by publisher | |:-----|:--------|:------|:-----| -| Works on Docker Enterprise Edition | YES | YES | Required | -| Works on Docker Community Edition | YES | NO | Optional | +| Works on Docker Enterprise | YES | YES | Required | +| Works on Docker Community | YES | NO | Optional | | Does not work on Docker Certified Infrastructure | NO | N/A | N/A | ## Onboarding The Docker Hub publishing process begins from the landing page: sign in with -your Docker ID and specify a product name and image source from a private -repository. Your product images must be stored in private repositories of Docker -Cloud and/or Hub as they serve as an internal staging area from which you can -revise and submit content for review. +your Docker ID and specify a product name and image source from a private or public +repository. After specifying a source, provide the content-manifest items to populate your product details page. These items include logos, descriptions, and licensing and @@ -127,7 +123,7 @@ of your product, keep your images up-to-date: `apt-get install ...` pull the latest versions of dependencies, which may include security fixes. -## Create and maintain your publisher profile in the Store +## Create and maintain your Verified Publisher profile Let the Docker community know who you are. Add your details, your company story, and what you do. At the very minimum, we require: @@ -136,12 +132,12 @@ story, and what you do. At the very minimum, we require: * Company website * Phone number * Valid company email -* Company icon/logo (square; at least 512x512px +* Company icon/logo (square; at least 512x512px) ## Prepare your image-manifest materials -You must provide the namespace (including repository and tags) of a private +You must provide the namespace (including repository and tags) of a private or public repository on Docker Hub that contains the source for your product. This repository path is not shown to users, but the repositories you choose determine the Product Tiers available for customers to download. @@ -160,18 +156,17 @@ discoverable: 9. Product tier description 10. Product tier price 11. Installation instructions -12. Link to license agreements +12. Link to, or text of, license agreements ### How the manifest information is displayed in the UI -This is an approximate representation. We frequently make enhancements to the -look and some elements might shift around. +This is an approximate representation, and some elements might shift around as we make enhancements. ![manifest information displayed on store UI](images/subscribed.png) ## Support your users -Docker users who download your content from the Store might need your help +Docker users who download your content might need help later, so be prepared for questions! The information you provide with your submission saves support time in the future. @@ -183,14 +178,13 @@ there self-help or troubleshooting resources available? ### Support SLA -Include a Service Level Agreement (SLA) for each image you're offering for the -Store. An SLA is your commitment to your users about the nature and level of +Include a Service Level Agreement (SLA) for each image you're offering. An SLA is your commitment to your users about the nature and level of support you provide to them. Make sure your SLA includes support hours and response-time expectations, where applicable. ## Security and audit policies -Docker Hub [scans](#docker-security-scanning) your official images for +Docker Hub [scans](#docker-security-scanning) your content for vulnerabilities with the Docker Security Scanning tool, and [audits](#usage-audit-and-reporting) consumer activity of your images to provide you intelligence about the use of your product. @@ -285,15 +279,6 @@ To interpret the results of a scanned image: National Vulnerability Database (NVD) provides CVSS scores for almost all known vulnerabilities. -* Docker classifies the severity of issues per CVSS range, Docker classification, - and service level agreement (SLA) as follows. - -| CVSS range | Docker classification | SLA for fixing issues | -|:-----|:--------|:------| -| 7.0 to 10.0 | Critical | Within 72 hours of notification | -| 4.0 to 6.9 | Major | Within 7 days of notification | -| 0.1 to 3.9 | Minor | No SLA. Best-effort to fix or address in documentation. | - * In addition to CVSS, the Docker Security team can identify or classify vulnerabilities that need to be fixed, and categorize them in the minor-to-critical range. @@ -304,14 +289,6 @@ To interpret the results of a scanned image: * If you use Docker’s Scanning Service, you can subscribe to a notification service for new vulnerabilities. -* Failure to meet above SLAs may cause the listing to be put on “hold”. - -* A warning label shows up on the marketplace listing. An email is sent to the - users who have downloaded and subscribed for notifications. - -* A Repo’s listing can stay in the "hold" state for a maximum of 1 month, after - which the listing is revoked. - ### Usage audit and reporting Unless otherwise negotiated, an audit of activity on publisher content is @@ -330,7 +307,7 @@ There are three types of certification that appear in Docker Hub. ![certified container badge](images/certified_container.png) Certifies that a container image on Docker Hub has been tested; complies best -practices guidelines; runs on a Docker Certified Infrastructure; has proven +practices guidelines; runs on Docker Certified Infrastructure; has proven provenance; been scanned for vulnerabilities; and is supported by Docker and the content publisher @@ -341,12 +318,6 @@ access system level Docker APIs. Docker Certified Plugins provide the same level of assurance as a Docker Certified Container, but go further by having passed an additional suite of API compliance testing. -![certified plugins badge](images/certified_infrastructure.png) - -Indicates that the release of the Docker Edition and the underlying platform -have been tested together and are supported in combination by both Docker and -the partner. - ### Docker Certified Publisher FAQ #### What is the Docker Certified program? @@ -354,16 +325,12 @@ the partner. Docker Certified Container images and plugins are meant to differentiate high quality content on Docker Hub. Customers can consume Certified Containers with confidence knowing that both Docker and the publisher stands behind the -solution. Further details can be found in the -[Docker Partner Program Guide](https://www.docker.com/partnerprogramguide){: target="_blank" class="_"}. +solution. Further details and an application can be [found here.](https://goto.docker.com/2019-Partner-Program-Technology.html){: target="_blank" class="_"}. #### What are the benefits of Docker Certified? Docker Hub promotes Docker Certified Containers and Plugins running on Docker -Certified Infrastructure trusted and high quality content. With over 8B image -pulls and access to Docker’s large customer base, a publisher can differentiate -their content by certifying their images and plugins. With a revenue share -agreement, Docker can be a channel for your content. The Docker Certified badge +Certified Infrastructure trusted and high quality content. The Docker Certified badge can also be listed alongside external references to your product. #### How is the Docker Certified Container image listed on Docker Hub? @@ -376,7 +343,7 @@ search parameters to show only certified content. #### Is certification optional or required? -Certification is recommended for most commercial and supported container images. +Certification is recommended for all commercial and supported container images. Free, community, and other commercial (non-certified) content may also be listed on Docker Hub. @@ -384,10 +351,9 @@ on Docker Hub. #### How is support handled? -All Docker Certified Container images and plugins running on Docker Certified -Infrastructure come with SLA based support provided by the publisher and Docker. +All Docker Certified Container images and plugins running on Docker Enterprise come with support provided directly by the publisher, under your existing SLA. Normally, a customer contacts the publisher for container and application level -issues. Likewise, a customer contacts Docker for Docker Edition support. In the +issues. Likewise, a customer contacts Docker for Docker Enterprise support. In the case where a customer calls Docker (or vice versa) about an issue on the application, Docker advises the customer about the publisher support process and performs a handover directly to the publisher if required. TSAnet is required @@ -396,42 +362,15 @@ for exchange of support tickets between the publisher and Docker. #### How does a publisher apply to the Docker Certified program? Start by applying to be a [Docker Technology -Partner](https://goto.docker.com/partners){: target="_blank" class="_"} - -* Requires acceptance of partnership agreement for completion - -* Identify commercial content that can be listed on Store and includes a support - offering - -* Test your image against the Docker CS Engine 1.12+ or on a Docker Certified - Infrastructure version 17.03 and above (Plugins must run on 17.03 and above) - -* Submit your image for Certification through the publisher portal. Docker - scans the image and works with you to address vulnerabilities. Docker also - conducts a best practices review of the image. - -* Be a [TSAnet](https://www.tsanet.org/){: target="_blank" class="_"} member or - join the Docker Limited Group. - -* Upon completion of Certification criteria, and acceptance by - Docker, the Publisher’s product page is updated to reflect Certified status. - -#### Is there a fee to join the program? - -In the future, Docker may charge a small annual listing fee. This is waived for -the initial period. +Partner](https://goto.docker.com/2019-Partner-Program-Technology.html){: target="_blank" class="_"} #### What is the difference between Official Images and Docker Certified? -Many Official images transition to the Docker Certified program and are -maintained and updated by the original owner of the software. Docker -continues to maintain some of the base OS images and language frameworks. +Official Images is a program sponsored by Docker for the curation and packaging of Open Source Software. While upstream vendors are sometimes involved, this is not always the case. Docker Certified content is explicitly provided, maintained, and supported directly by the ISV. #### How is certification of plugins handled? Docker Certification program recognizes the need to apply special scrutiny and testing to containers that access system level interfaces like storage volumes and networking. Docker identifies these special containers as “Plugins” which -require additional testing by the publisher or Docker. These plugins employ the -V2 Plugin Architecture that was first made available in 1.12 (experimental) and -now available in Docker Enterprise Edition 17.03 +require additional testing by the publisher or Docker. diff --git a/docker-hub/publish/publisher_faq.md b/docker-hub/publish/publisher_faq.md index 5500002e51..8ebc639fdc 100644 --- a/docker-hub/publish/publisher_faq.md +++ b/docker-hub/publish/publisher_faq.md @@ -9,38 +9,21 @@ redirect_from: ## Certification program -### What is the certification program for images and plugins, and what are some benefits? +### What is the certification program for containers and plugins, and what are some benefits? -The Docker Certification program for Infrastructure, Images, and Plugins is +The Docker Certification program for Containers and Plugins is designed for both technology partners and enterprise customers to recognize high-quality Containers and Plugins, provide collaborative support, and ensure -compatibility with Docker EE. Docker Certification is aligned to the available -Docker EE infrastructure and gives enterprises a trusted way to run more +compatibility with the Docker Enterprise platform. Docker Certified products give enterprises a trusted way to run more technology in containers with support from both Docker and the publisher. The -[Docker Technology Partner guide](https://www.docker.com/partners/partner-program#/technology_partner) -explains the Technology Partner program and the Docker Certification Program for -Infrastructure, Images, and Plugins in more detail. +[Docker Technology Partner guide](https://www.docker.com/sites/default/files/d8/2018-12/Docker-Technology-Partner-Program-Guide-120418.pdf) +explains the Technology Partner program, inclusive of process and requirements to Certify Containers and Plugins. ## Publisher signup and approval ### How do I get started with the publisher signup and approval process? -Start by applying to be a Docker Technology Partner at https://goto.docker.com/partner and click on "Publisher". - -* Requires acceptance of partnership agreement for completion -* Identify content that can be listed on Hub and includes a support offering -* Test your image against Docker Certified Infrastructure version 17.03 and -above (Plugins must run on 17.03 and above). -* Submit your image for Certification through the publisher portal. Docker -scans the image and work with you to address vulnerabilities. Docker also -conducts a best practices review of the image. -* Be a TSAnet member or join the Docker Limited Group. -* Upon completion of Certification criteria, and acceptance by Docker, -Publisher’s product page is updated to reflect Certified status. - -### What is the Docker Hub Publisher Program application timeline? - -1-2 weeks. +Start by completing our [Technology Partner application](https://goto.docker.com/2019-Partner-Program-Technology.html). Docker's partner team will review your application, and follow up directly with further steps. If you have any questions or concerns, please reach out directly to us at partners@docker.com! ### Can we have a group of people work on the same product and publish to Docker Hub? (This replicates our internal workflow where more than one person is working on Dockerizing our product.) @@ -52,14 +35,15 @@ Yes. You can submit your content as a team. The customer will be given the permissions to docker pull any tag associated with the source repo specified. We recommend that you create a distinct repo per plan and only use tags for different versions of that specific plan. For example, if you have a community, pro, and enterprise plan of a single product, you should create three separate repos, `namespace/community, namespace/pro, and namespace/enterprise`. Once a customer is entitled to your enterprise plan, they will be able to pull `store/namespace/enterprise:anytag`. -### How long does it typically take to have an image approved? - -2 Weeks. +### What is the typical publishing time for new products and updates? +Products are typically published within 24hrs of submission. ### Once a product is published, what is the process for pushing a new build (1.2, 1.3)? Will we simply edit the same product, adding the newly tagged repos? Edit the same product and update with the newly tagged repos. +Additionally, for product updates, you may include a set of *Release Notes*. These notes will not be published with the product listing itself. Instead, they will be emailed directly to the current subscriber of the product. This ensures that consumers will have timely, valuable alerts about the availability of new images and significant changes. + ### On the Information page, organization details are required. Do we need to fill those in again for every product we publish, or are they carried over? And if we change them for a later image publish, are they updated for all images published by our organization? Organization details need to be filled in only once. Updating organization info @@ -71,7 +55,7 @@ We don't support the abiltiy to view available tags for published products becau Official images and community images have available tags visible because anyone can access any tag at any time anonymously. -We aim to have product listings published with the concept of versions, allowing publishers to manage which versions of their products they expose to customers for access. +In the future, we may enable product listings published with the concept of versions, allowing publishers to manage which versions of their products they expose to customers for access. ### On the page for another vendor’s product on Docker Hub, I see the following chunks of data: How do these fields map to the following that are required in the publish process? @@ -99,7 +83,7 @@ We aim to have product listings published with the concept of versions, allowing *Tier Description* is what you see once users get entitled to a plan. For instance, in https://hub.docker.com/images/openmaptiles-openstreetmap-maps/plans/f1fc533a-76f0-493a-80a1-4e0a2b38a563?tab=instructions `A detailed street map of any place on a planet. Evaluation and non-production use. Production use license available separately` is what this publisher entered in the Tier description *Installation instructions* is documentation on installing your software. In this case the documentation is just `Just launch the container and the map is going to be available on port 80 - ready-to-use - with instructions and list of available styles.` (We recommend more details for any content that's a certification candidate). -### How can I remove a submission? I don’t want to currently have this image published as it is missing several information. +### How can I remove a published product? If you would like your submission removed, let us know by contacting us at publisher-support@docker.com. @@ -133,9 +117,9 @@ For instance, if you have a `Developer` Plan, that is mapped to repositories sto ### What options are presented to users to pull an image? We provide users the following options to access your software -* logged-in users. -* users who have accepted ToS -* all users (including users without Docker Identity) +* Logged-in users +* Subscribed users only (requires ToS acceptance) +* All users (including users without Docker Identity) Here is a [screenshot](https://user-images.githubusercontent.com/2453622/32067299-00cf1210-ba83-11e7-89f8-15deed6fef62.png) to describe how publishers can update the options provided to customers. ### If something is published as a free tier, for subscribed users only, does a user need to explicitly click Accept on the license terms for which we provide the link before they can download the image? @@ -158,16 +142,8 @@ from Docker Hub. The container may continue running. If you have a licensing scheme built into the container, the licensing scheme can be a forcing function and stop the container. (_We do not build anything into the container, it is up to the publisher_). -### How does a customer transition from a Trial to a Paid subscription? Question assumes these are two separate pulls from Docker Hub, or can they just drop in a license through Docker Hub? - -Publisher can provide two different tokens or let customers use the same token -and internally map the customer to a paid plan vs a free trial. - -### What are Docker Hub pricing plans like? Can I have metered pricing? - -As a publisher you can charge a subscription fee every month in USD. The amount -is determined by you. We are working on other pricing options. If you have -feedback about pricing, send us an email at publisher-support@docker.com +### Does Docker Hub offer a Subscription service, handle our invoicing, payments, etc? What happened to Pay-via-Docker? +Docker has deprecated the Pay-via-Docker subscription service. At this time, Docker Hub only supports distribution of content, under the BYOL Ungated model. In the future, we intend to release BYOL Gated functionality as well. If neither of these options will work for your product and licensing structure, please do inform your partner manager to help guide our feature prioritization. ### How does Docker handle Export control? Can individual countries be specified if differing from Docker's list of embargoed countries? @@ -180,16 +156,15 @@ specific groups. Send us an email at publisher-support if you have questions ### Where can I view customer insights? -Analytics reports are only available to Publishers with Certified or Commercial -Content. Go to https://hub.docker.com/publisher/center and click on "Actions" +Analytics reports are only available to Publishers with Certified. Go to https://hub.docker.com/publisher/center and click on "Actions" for the product you'd like to view analytics for. Here is a [screenshot](https://user-images.githubusercontent.com/2453622/32352202-6e87ce6e-bfdd-11e7-8fb0-08fe5a3e8930.png). -### How do metrics differentiate between Free and Paid subscribers? +### How do metrics differentiate between the different Pull Requirement options? The Analytics reports contain information about the Subscriber and the relevant product plan. You can identify subscribers for each plan -for each product. +for each product. Only anonymous information is available to our publishers. If you'd like the opportunity to receive Lead information, Subscribed Users Only will need to be selected as the pull requirement. Please review the Technology Partner Program guide, and consult with your partner manager, for more information on Lead Generation plans. ### Can I preview my submission before publishing? @@ -208,3 +183,16 @@ Yes ### Can I have a publish by date for my content? Not yet. This is a planned enhancement, but we have no specific availability date at this time. +In lieu of an automated approach, you may coordinate publication timeline directly with your partner manager. + +### Can I convert my Hub Community profile to a Verified Publisher profile? + +No, at this time you will need to separately sign up to become a Verified Publisher. Following that, you may migrate or re-publish your public repo's under the new Verified Publisher profile. + +### Once I've completed the process to become a Verified Publisher with my partner manager, how do I get access to the Publisher Portal? + +You will need to apply for access. Please either follow [this direct link](https://hub.docker.com/publisher/center) or click the "Publisher Center" link at the bottom of any Docker Hub page. Please note, that you will need to be logged in with a DockerID in order to see this link. + +### What kind of DockerID should I use to publish my content? + +Publishing should be done with an [Organization level DockerID](https://docs.docker.com/docker-hub/orgs/). We recommend that this account utilize a shared alias with your corporate email account and only individual DockerIDs with company email are added to that organization. diff --git a/docker-hub/upgrade.md b/docker-hub/upgrade.md index 6a0de8db5e..d94e2ef75b 100644 --- a/docker-hub/upgrade.md +++ b/docker-hub/upgrade.md @@ -1,12 +1,12 @@ --- description: Upgrading your Docker Hub Plan keywords: Docker, docker, trusted, registry, accounts, plans, Dockerfile, Docker Hub, webhooks, docs, documentation -title: Upgrade your Plan +title: Upgrade your plan --- User and organization accounts maintain separate Docker Hub billing profiles. -### Upgrade your personal plan +## Upgrade your personal plan Docker Hub includes one private Docker Hub repository for free. If you need more private repositories, you can upgrade from your free account to a paid @@ -14,14 +14,63 @@ plan. To upgrade: 1. Visit the [Plans Page](https://hub.docker.com/account/billing-plans/) -2. Click **Change Plan** +2. Click Change Plan 3. Select your plan and provide your payment information to upgrade ![Upgrade Plan](images/index-upgrade-plan.png) -### Upgrade your organization's plan +## Upgrade your organization's plan To upgrade an Organization's plan: 1. Visit the [Plans Page](https://hub.docker.com/account/billing-plans/) 2. Change the selected account to your Organization whose plan you'd like to upgrade ![Change Account](images/upgrade-change-account.png) -3. Click **Change Plan** ![Change Plan](images/upgrade-change-plan.png) +3. Click Change Plan ![Change Plan](images/upgrade-change-plan.png) + + +## Docker Hub repo plan billing FAQ + +### What forms of payment do you accept? + +The Docker Hub accepts Visa, MasterCard, American Express, and Discover credit +cards. We do not accept ACH, EFT, or PIN-based debit card transactions at this +time. + +### What currencies do you accept? + +Docker is a US-based company, and bills in US Dollars (USD). This keeps our +pricing stable and consistent, rather than fluctuating with exchange rates. + +### When do you charge my credit card? + +We automatically charge your credit card on the first day of your billing cycle +each month, and the charge comes from Docker, Inc. Your billing cycle is a +30-day period starting on the day you subscribe. + +### What do I do if my payment fails? + +If your payment failed because the card expired or was canceled, you need to +update your credit card information or add an additional card. + +Click the user icon menu in the upper right corner, and click +**Billing**. Click the **Payment methods** tab to update your credit card and +contact information. + +If you are updating the card details for an organization, be sure to select the +organization name from the **Account** menu before updating the information. + +### How does cancellation work? Do you offer refunds? + +You can cancel a subscription at any time, however you are still billed +for the full month, and have access to the subscription content until the end of +that billing period. + +We do not offer refunds. If you believe that you've been billed in error, +contact our [Billing Support team](mailto:billing@docker.com). + +### How do I download the licenses my organization has purchased? + +You can view and download all you active licenses for an organization from the +**Subscriptions** page. + +Click the user icon menu at the top right, choose **My Content** and then +select the organization from the **Accounts** drop down menu. diff --git a/ee/ucp/kubernetes/deploy-with-compose.md b/ee/ucp/kubernetes/deploy-with-compose.md index e75aa8e656..cefade7df4 100644 --- a/ee/ucp/kubernetes/deploy-with-compose.md +++ b/ee/ucp/kubernetes/deploy-with-compose.md @@ -29,19 +29,16 @@ version: '3.3' services: web: - build: web image: dockersamples/k8s-wordsmith-web ports: - "8080:80" words: - build: words image: dockersamples/k8s-wordsmith-api deploy: replicas: 5 db: - build: db image: dockersamples/k8s-wordsmith-db ``` From 2778995f156948aeae82cbf9a433b32351b507cb Mon Sep 17 00:00:00 2001 From: Akihiro Suda Date: Wed, 12 Jun 2019 19:13:34 +0900 Subject: [PATCH 05/35] Fix dockremap calculation --- engine/security/userns-remap.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/engine/security/userns-remap.md b/engine/security/userns-remap.md index 333e897156..fa1e0ec5a1 100644 --- a/engine/security/userns-remap.md +++ b/engine/security/userns-remap.md @@ -99,7 +99,7 @@ avoid these situations. This means that user-namespaced processes started by `testuser` are owned by host UID `231072` (which looks like UID `0` inside the - namespace) through 296608 (231072 + 65536). These ranges should not overlap, + namespace) through 296607 (231072 + 65536 - 1). These ranges should not overlap, to ensure that namespaced processes cannot access each other's namespaces. After adding your user, check `/etc/subuid` and `/etc/subgid` to see if your From 289133f5a66e05130fa0987338eda3abb72b8b7d Mon Sep 17 00:00:00 2001 From: Maria Bermudez Date: Wed, 19 Jun 2019 17:29:32 +0200 Subject: [PATCH 06/35] Sync published with master (#8964) * Update toc.yaml * add description for exclude_server_identity_headers * Updated Secure Kubernetes Defaults to include local storage class (#8942) Signed-off-by: Olly Pomeroy * Added logging driver section (#8945) * Added logging driver section * Point to additional resource for container logs - Minor edits * update engine deprecation policy To allow for an explicit removal period. Signed-off-by: Andrew Hsu * Fixed broken hyperlink reference (#8963) * Fixed broken hyperlink reference Fixes #8962 * Added syntax highlighting * Added additional minor syntax highlighting --- _data/toc.yaml | 10 ++++----- .../admin/configure/ucp-configuration-file.md | 1 + ee/ucp/admin/install/install-on-azure.md | 17 ++++++++------- ee/ucp/authorization/index.md | 21 +++++++++++++++---- ee/ucp/release-notes.md | 8 +++++-- engine/index.md | 4 ++-- install/linux/linux-postinstall.md | 4 ++++ 7 files changed, 45 insertions(+), 20 deletions(-) diff --git a/_data/toc.yaml b/_data/toc.yaml index 1cd7d6b806..ed75c8f663 100644 --- a/_data/toc.yaml +++ b/_data/toc.yaml @@ -3389,13 +3389,13 @@ manuals: - sectiontitle: Docker Notary section: - path: /notary/getting_started/ - title: Getting started with Notary + title: Get started with Notary - path: /notary/advanced_usage/ title: Use the Notary client - path: /notary/service_architecture/ title: Understand the service architecture - path: /notary/running_a_service/ - title: Running a Notary service + title: Run a Notary service - path: /notary/changelog/ title: Notary changelog - sectiontitle: Configuration files @@ -3413,13 +3413,13 @@ manuals: - path: /registry/ title: Registry overview - path: /registry/introduction/ - title: Understanding the Registry + title: Understand the Registry - path: /registry/deploying/ title: Deploy a registry server - path: /registry/configuration/ - title: Configuring a registry + title: Configure a registry - path: /registry/notifications/ - title: Working with notifications + title: Work with notifications - sectiontitle: Recipes section: - path: /registry/recipes/ diff --git a/ee/ucp/admin/configure/ucp-configuration-file.md b/ee/ucp/admin/configure/ucp-configuration-file.md index 61e97e5e21..1952de9284 100644 --- a/ee/ucp/admin/configure/ucp-configuration-file.md +++ b/ee/ucp/admin/configure/ucp-configuration-file.md @@ -192,6 +192,7 @@ components. Assigning these values overrides the settings in a container's | `metrics_scrape_interval` | no | Sets the interval for how frequently managers gather metrics from nodes in the cluster. | | `metrics_disk_usage_interval` | no | Sets the interval for how frequently storage metrics are gathered. This operation can be expensive when large volumes are present. | | `rethinkdb_cache_size` | no | Sets the size of the cache used by UCP's RethinkDB servers. The default is 1GB, but leaving this field empty or specifying `auto` instructs RethinkDB to determine a cache size automatically. | +| `exclude_server_identity_headers` | no | Set to `true` to disable the `X-Server-Ip` and `X-Server-Name` headers. | | `cloud_provider` | no | Set the cloud provider for the kubernetes cluster. | | `pod_cidr` | yes | Sets the subnet pool from which the IP for the Pod should be allocated from the CNI ipam plugin. Default is `192.168.0.0/16`. | | `calico_mtu` | no | Set the MTU (maximum transmission unit) size for the Calico plugin. | diff --git a/ee/ucp/admin/install/install-on-azure.md b/ee/ucp/admin/install/install-on-azure.md index 4c1d4f122c..c2f36e836c 100644 --- a/ee/ucp/admin/install/install-on-azure.md +++ b/ee/ucp/admin/install/install-on-azure.md @@ -72,7 +72,7 @@ to `0644` to ensure the container user has read access. The following is an example template for `azure.json`. Replace `***` with real values, and leave the other parameters as is. -``` +```json { "cloud":"AzurePublicCloud", "tenantId": "***", @@ -105,7 +105,7 @@ seperate resource group. - `routeTableName` - If you have defined multiple Route tables within an Azure subnet. -See [Kubernetes' azure.go](https://github.com/kubernetes/kubernetes/blob/master/pkg/cloudprovider/providers/azure/azure.go) for more details on this configuration file. +See the [Kubernetes Azure Cloud Provider Config](https://github.com/kubernetes/cloud-provider-azure/blob/master/docs/cloud-provider-config.md) for more details on this configuration file. ## Considerations for IPAM Configuration @@ -230,7 +230,7 @@ If you have manually provisioned additional IP addresses for each Virtual Machine, and want to disallow UCP from dynamically provisioning IP addresses for you, then your UCP configuration file would be: -``` +```bash $ vi example-config-1 [cluster_config] azure_ip_count = "0" @@ -239,11 +239,12 @@ $ vi example-config-1 If you want to reduce the IP addresses dynamically allocated from 128 to a custom value, then your UCP configuration file would be: -``` +```bash $ vi example-config-2 [cluster_config] azure_ip_count = "20" # This value may be different for your environment ``` + See [Considerations for IPAM Configuration](#considerations-for-ipam-configuration) to calculate an appropriate value. @@ -254,18 +255,20 @@ To preload this configuration file prior to installing UCP: 2. Initiate a Swarm on that Virtual Machine. - ``` + ```bash $ docker swarm init ``` 3. Upload the configuration file to the Swarm, by using a [Docker Swarm Config](/engine/swarm/configs/). This Swarm Config will need to be named `com.docker.ucp.config`. - ``` + + ```bash $ docker config create com.docker.ucp.config ``` 4. Check that the configuration has been loaded succesfully. - ``` + + ```bash $ docker config list ID NAME CREATED UPDATED igca3q30jz9u3e6ecq1ckyofz com.docker.ucp.config 1 days ago 1 days ago diff --git a/ee/ucp/authorization/index.md b/ee/ucp/authorization/index.md index 35e193ade2..d42356b40c 100644 --- a/ee/ucp/authorization/index.md +++ b/ee/ucp/authorization/index.md @@ -99,11 +99,13 @@ resources. ## Secure Kubernetes defaults -For cluster security, only users and service accounts granted the `cluster-admin` ClusterRole for -all Kubernetes namespaces via a ClusterRoleBinding can deploy pods with privileged options. This prevents a -platform user from being able to bypass the Universal Control Plane Security Model. +For cluster security, only users and service accounts granted the +`cluster-admin` ClusterRole for all Kubernetes namespaces via a +ClusterRoleBinding can deploy pods with privileged options. This prevents a +platform user from being able to bypass the Universal Control Plane Security +Model. These privileged options include: -These privileged options include: +Pods with any of the following defined in the Pod Specification: - `PodSpec.hostIPC` - Prevents a user from deploying a pod in the host's IPC Namespace. @@ -121,6 +123,17 @@ These privileged options include: - `Volume.hostPath` - Prevents a user from mounting a path from the host into the container. This could be a file, a directory, or even the Docker Socket. +Persistent Volumes using the following storage classes: + + - `Local` - Prevents a user from creating a persistent volume with the + [Local Storage + Class](https://kubernetes.io/docs/concepts/storage/volumes/#local). The + Local storage class allows a user to mount directorys from the host into a + pod. This could be a file, a directory, or even the Docker Socket. + + > Note: If an Admin has created a persistent volume with the local storage + > class, a non-admin could consume this via a persitent volume claim. + If a user without a cluster admin role tries to deploy a pod with any of these privileged options, an error similar to the following example is displayed: diff --git a/ee/ucp/release-notes.md b/ee/ucp/release-notes.md index d8b66cd54f..22109ecace 100644 --- a/ee/ucp/release-notes.md +++ b/ee/ucp/release-notes.md @@ -197,7 +197,9 @@ upgrade your installation to the latest release. ### Bug Fixes * Fixed system hang following UCP backup and docker daemon shutdown. (docker/escalation#841) - * Non-admin users can no longer create `PersistentVolumes` that mount host directories. (docker/orca#15936) + * Non-admin users can no longer create `PersistentVolumes` using the `Local` + Storage Class, as this allowed non-admins to by pass security controls and + mount host directories. (docker/orca#15936) * Added support for the limit arg in `docker ps`. (docker/orca#15812) * Fixed an issue with ucp-proxy health check. (docker/orca#15814, docker/orca#15813, docker/orca#16021, docker/orca#15811) * Fixed an issue with manual creation of a **ClusterRoleBinding** or **RoleBinding** for `User` or `Group` subjects requiring the ID of the user, organization, or team. (docker/orca#14935) @@ -409,7 +411,9 @@ The following features are deprecated in UCP 3.1. ### Bug fixes * Upgrading Interlock now also upgrades interlock proxy and interlock extension. (docker/escalation/871) - * Non-admin users can no longer create `PersistentVolumes` that mount host directories. (#15936) + * Non-admin users can no longer create `PersistentVolumes` using the `Local` + Storage Class, as this allowed non-admins to by pass security controls and + mount host directories. (docker/orca#15936) * Added support for the limit arg in `docker ps`. (#15812) ### Known issue diff --git a/engine/index.md b/engine/index.md index cd9a0f2bf3..ee2195297f 100644 --- a/engine/index.md +++ b/engine/index.md @@ -98,8 +98,8 @@ on the separate [Release Notes page](/release-notes) As changes are made to Docker there may be times when existing features need to be removed or replaced with newer features. Before an existing feature is removed it is labeled as "deprecated" within the documentation -and remains in Docker for at least 3 stable releases. After that time it may be -removed. +and remains in Docker for at least 3 stable releases unless specified +explicitly otherwise. After that time it may be removed. Users are expected to take note of the list of deprecated features each release and plan their migration away from those features, and (if applicable) diff --git a/install/linux/linux-postinstall.md b/install/linux/linux-postinstall.md index 452db11716..b4c1e08363 100644 --- a/install/linux/linux-postinstall.md +++ b/install/linux/linux-postinstall.md @@ -120,6 +120,10 @@ For information about the different storage engines, see The default storage engine and the list of supported storage engines depend on your host's Linux distribution and available kernel drivers. +## Configure default logging driver + +Docker provides the [capability](/config/containers/logging/) to collect and view log data from all containers running on a host via a series of logging drivers. The default logging driver, `json-file`, writes log data to JSON-formatted files on the host filesystem. Over time, these log files expand in size, leading to potential exhaustion of disk resources. To alleviate such issues, either configure an alternative logging driver such as Splunk or Syslog, or [set up log rotation](/config/containers/logging/configure/#configure-the-default-logging-driver) for the default driver. If you configure an alternative logging driver, see [Use `docker logs` to read container logs for remote logging drivers](/config/containers/logging/dual-logging/). + ## Configure where the Docker daemon listens for connections By default, the Docker daemon listens for connections on a UNIX socket to accept requests from local clients. It is possible to allow Docker to accept requests from remote hosts by configuring it to listen on an IP address and port as well as the UNIX socket. For more detailed information on this configuration option take a look at "Bind Docker to another host/port or a unix socket" section of the [Docker CLI Reference](https://docs.docker.com/engine/reference/commandline/dockerd/) article. From 9c4bc2d48dd0f4ba6e926758f86eeb5e72697737 Mon Sep 17 00:00:00 2001 From: ollypom Date: Fri, 21 Jun 2019 13:31:00 +0000 Subject: [PATCH 07/35] Added a link to the Toolbox Releases page Added a link to the Toolbox Releases page as part of the installation process. --- toolbox/overview.md | 21 +-------------------- toolbox/toolbox_install_mac.md | 20 ++++++++++++-------- toolbox/toolbox_install_windows.md | 18 ++++++++++-------- 3 files changed, 23 insertions(+), 36 deletions(-) diff --git a/toolbox/overview.md b/toolbox/overview.md index 011594904d..c234aceaad 100644 --- a/toolbox/overview.md +++ b/toolbox/overview.md @@ -30,26 +30,7 @@ You can find various versions of the tools on [Toolbox Releases](https://github. ## Ready to get started? -1. Get the latest Toolbox installer for your platform: - - - - - - - - - - -
- Toolbox for Mac - Toolbox for Windows
- Get Docker Toolbox for Mac - - Get Docker Toolbox for Windows -
- -2. Choose the install instructions for your platform, and follow the steps: +Choose the install instructions for your platform, and follow the steps: * [Install Docker Toolbox on macOS](toolbox_install_mac.md) diff --git a/toolbox/toolbox_install_mac.md b/toolbox/toolbox_install_mac.md index 98e55287a5..fbe63aaa74 100644 --- a/toolbox/toolbox_install_mac.md +++ b/toolbox/toolbox_install_mac.md @@ -9,10 +9,6 @@ Docker Toolbox provides a way to use Docker on older Macs that do not meet minimal system requirements for [Docker Desktop for Mac](/docker-for-mac/index.md). -If you have not done so already, download the installer here: - -[Get Docker Toolbox for Mac](https://download.docker.com/mac/stable/DockerToolbox.pkg){: class="button outline-btn" } - ## What you get and how it works Docker Toolbox includes the following Docker tools: @@ -60,14 +56,22 @@ software. To find out what version of the OS you have: ## Step 2: Install Docker Toolbox -1. Install Docker Toolbox by double-clicking the package or by right-clicking +> **Note**: Docker are no longer maintaining the download.docker.com url for +> Docker Toolbox, therefore an unsigned warning (verified publisher dialog) is +> displayed during the installation process. + +1. To download the latest version of Docker Toolbox head to [Toolbox + Releases](https://github.com/docker/toolbox/releases) and download the + latest `.pkg` file. + +2. Install Docker Toolbox by double-clicking the package or by right-clicking and choosing "Open" from the pop-up menu. The installer launches an introductory dialog, followed by an overview of what's installed. ![Install Docker Toolbox](images/mac-welcome-page.png) -2. Press **Continue** to install the toolbox. +3. Press **Continue** to install the toolbox. The installer presents you with options to customize the standard installation. @@ -82,13 +86,13 @@ and choosing "Open" from the pop-up menu. For now, don't change any of the defaults. -3. Press **Install** to perform the standard installation. +4. Press **Install** to perform the standard installation. The system prompts you for your password. ![Password prompt](images/mac-password-prompt.png) -4. Provide your password to continue with the installation. +5. Provide your password to continue with the installation. When it completes, the installer provides you with some shortcuts. You can ignore this for now and click **Continue**. diff --git a/toolbox/toolbox_install_windows.md b/toolbox/toolbox_install_windows.md index c0491b09b5..b6d05fb666 100644 --- a/toolbox/toolbox_install_windows.md +++ b/toolbox/toolbox_install_windows.md @@ -97,13 +97,15 @@ If you have a previous version of VirtualBox installed, do not reinstall it with If you have Virtual Box running, you must shut it down before running the installer. -1. Go to the [Docker Toolbox](https://www.docker.com/toolbox){: target="_blank" class="_" } page. +> **Note**: Docker are no longer maintaining the download.docker.com url for +> Docker Toolbox, therefore an unsigned warning (verified publisher dialog) is +> displayed during the installation process. -> **Note**: To continue with the latest version of Docker Toolbox, see https://github.com/docker/toolbox/releases for information about downloading the latest version and related components. If you choose to download from this location, an unsigned warning (verified publisher dialog) is displayed. +1. To download the latest version of Docker Toolbox head to [Toolbox + Releases](https://github.com/docker/toolbox/releases) and download the + latest `.exe` file. -2. Click the installer link to download. - -3. Install Docker Toolbox by double-clicking the installer. +2. Install Docker Toolbox by double-clicking the installer. The installer launches the "Setup - Docker Toolbox" dialog. @@ -113,17 +115,17 @@ installer. ![Release page](images/installer_open.png) -4. Press **Next** to accept all the defaults and then **Install**. +3. Press **Next** to accept all the defaults and then **Install**. Accept all the installer defaults. The installer takes a few minutes to install all the components: -5. When notified by Windows Security the installer will make changes, make sure you allow the installer to make the necessary changes. +4. When notified by Windows Security the installer will make changes, make sure you allow the installer to make the necessary changes. When it completes, the installer reports it was successful: ![Success](images/finish.png) -6. Uncheck "View Shortcuts in File Explorer" and press **Finish**. +5. Uncheck "View Shortcuts in File Explorer" and press **Finish**. ## Step 3: Verify your installation From 20dc4849331fef309fa56537edf2ee7de61733c4 Mon Sep 17 00:00:00 2001 From: Usha Mandya <47779042+usha-mandya@users.noreply.github.com> Date: Fri, 21 Jun 2019 15:52:45 +0100 Subject: [PATCH 08/35] minor updates --- toolbox/toolbox_install_mac.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/toolbox/toolbox_install_mac.md b/toolbox/toolbox_install_mac.md index fbe63aaa74..aac67ad4c0 100644 --- a/toolbox/toolbox_install_mac.md +++ b/toolbox/toolbox_install_mac.md @@ -60,7 +60,7 @@ software. To find out what version of the OS you have: > Docker Toolbox, therefore an unsigned warning (verified publisher dialog) is > displayed during the installation process. -1. To download the latest version of Docker Toolbox head to [Toolbox +1. To download the latest version of Docker Toolbox, go to [Toolbox Releases](https://github.com/docker/toolbox/releases) and download the latest `.pkg` file. From 7f3224d086585e710a822b32be069697bec60db7 Mon Sep 17 00:00:00 2001 From: Usha Mandya <47779042+usha-mandya@users.noreply.github.com> Date: Fri, 21 Jun 2019 15:54:34 +0100 Subject: [PATCH 09/35] minor edits --- toolbox/toolbox_install_windows.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/toolbox/toolbox_install_windows.md b/toolbox/toolbox_install_windows.md index b6d05fb666..2d47f8605f 100644 --- a/toolbox/toolbox_install_windows.md +++ b/toolbox/toolbox_install_windows.md @@ -97,11 +97,11 @@ If you have a previous version of VirtualBox installed, do not reinstall it with If you have Virtual Box running, you must shut it down before running the installer. -> **Note**: Docker are no longer maintaining the download.docker.com url for +> **Note**: Docker no longer maintains the download.docker.com url for > Docker Toolbox, therefore an unsigned warning (verified publisher dialog) is > displayed during the installation process. -1. To download the latest version of Docker Toolbox head to [Toolbox +1. To download the latest version of Docker Toolbox, go to [Toolbox Releases](https://github.com/docker/toolbox/releases) and download the latest `.exe` file. From 4e2c52fbebc49201d96d9637db08545a980dad3d Mon Sep 17 00:00:00 2001 From: usha-mandya Date: Mon, 24 Jun 2019 10:43:11 +0100 Subject: [PATCH 10/35] ENGPGM-157- Adding DTR release notes --- ee/dtr/release-notes.md | 121 ++++++++++++++++++++++++++++++---------- 1 file changed, 93 insertions(+), 28 deletions(-) diff --git a/ee/dtr/release-notes.md b/ee/dtr/release-notes.md index 362bad8d26..797349283a 100644 --- a/ee/dtr/release-notes.md +++ b/ee/dtr/release-notes.md @@ -21,6 +21,37 @@ to upgrade your installation to the latest release. # Version 2.6 +## 2.6.7 +(2019-6-25) + +### Enhancements + +* Added UI support to retain metadata when switching between storage drivers.(docker/dhe-deploy#10340). For more information, see (docker/dhe-deploy #10199) and (docker/dhe-deploy #10181). +* Added UI support to disable persistent cookies. (docker/dhe-deploy #10353) + +### Bug fixes + +* Fixed a UI bug where non-admin namespace owners could not create a repository. (docker/dhe-deploy #10371) +* Fixed a bug where duplicate scan jobs were causing scans to never exit. (docker/dhe-deploy #10316) +* Fixed a bug where logged in users were unable to pull from public repositories. (docker/dhe-deploy #10343) +* Fixed a bug where attempts to switch pages to navigate through the list of repositories did not result in an updated list of repositories. (docker/dhe-deploy #10377) +* Fixed a pagination issue where the number of repositories listed when switching pages was not accurate. (docker/dhe-deploy #10376) + +### Known issues + +* Docker Engine Enterprise Edition (Docker EE) Upgrade + * There are [important changes to the upgrade process](/ee/upgrade) that, if not correctly followed, can have impact on the availability of applications running on the Swarm during upgrades. These constraints impact any upgrades coming from any version before `18.09` to version `18.09` or greater. For DTR-specific changes, see [2.5 to 2.6 upgrade](/ee/dtr/admin/upgrade/#25-to-26-upgrade). +* Web Interface + * Poll mirroring for Docker plugins such as `docker/imagefs` is currently broken. (docker/dhe-deploy #9490) + * When viewing the details of a scanned image tag, the header may display a different vulnerability count from the layer details. (docker/dhe-deploy #9474) + * In order to set a tag limit for pruning purposes, immutability must be turned off for a repository. This limitation is not clear in the **Repository Settings** view. (docker/dhe-deploy #9554) +* Webhooks + * When configured for "Image promoted from repository" events, a webhook notification is triggered twice during an image promotion when scanning is enabled on a repository. (docker/dhe-deploy #9685) + * HTTPS webhooks do not go through HTTPS proxy when configured. (docker/dhe-deploy #9492) +* System + * When upgrading from `2.5` to `2.6`, the system will run a `metadatastoremigration` job after a successful upgrade. This is necessary for online garbage collection. If the three system attempts fail, you will have to retrigger the `metadatastoremigration` job manually. [Learn about manual metadata store migration](/ee/dtr/admin/upgrade/#25-to-26-upgrade). + + ## 2.6.6 (2019-5-6) @@ -35,7 +66,7 @@ to upgrade your installation to the latest release. - Next, add `keep_metadata: true` as a top-level key in the JSON you just created and modify it to contain your new storage settings. - Finally, update your Registry settings with your modified JSON file via `curl -X PUT .../api/v0/admin/settings/registry -d @storage.json`. -### Bug Fixes +### Bug fixes * Fixed an issue where replica version was inferred from DTR volume labels. (docker/dhe-deploy#10266) @@ -60,7 +91,7 @@ to upgrade your installation to the latest release. ## 2.6.5 (2019-4-11) -### Bug Fixes +### Bug fixes * Fixed a bug where the web interface was not rendering for non-admin users. * Removed `Users` tab from the side navigation [#10222](https://github.com/docker/dhe-deploy/pull/10222) @@ -86,7 +117,7 @@ to upgrade your installation to the latest release. * Added `--storage-migrated` option to reconfigure with migrated content when moving content to a new NFS URL. (ENGDTR-794) * Added a job log status filter which allows users to exclude jobs that are not currently ***running***. (docker/dhe-deploy #10077) -### Bug Fixes +### Bug fixes * If you have a repository in DTR 2.4 with manifest lists enabled, `docker pull` would fail on images that have been pushed to the repository after you upgrade to 2.5 and opt into garbage collection. This also applied when upgrading from 2.5 to 2.6. The issue has been fixed in DTR 2.6.4. (ENGDTR-330 and docker/dhe-deploy #10105) @@ -113,7 +144,7 @@ to upgrade your installation to the latest release. * Bump the Golang version that is used to build DTR to version 1.11.5. (docker/dhe-deploy#10060) -### Bug Fixes +### Bug fixes * Users with read-only permissions can no longer see the README edit button for a repository. (docker/dhe-deploy#10056) @@ -142,7 +173,7 @@ to upgrade your installation to the latest release. (2019-1-29) -### Bug Fixes +### Bug fixes * Fixed a bug where scanning Windows images were stuck in Pending state. (docker/dhe-deploy #9969) @@ -172,7 +203,7 @@ to upgrade your installation to the latest release. (2019-01-09) -### Bug Fixes +### Bug fixes * Fixed a bug where notary signing data was not being backed up properly (docker/dhe-deploy #9862) * Allow a cluster to go from 2 replicas to 1 without forcing removal (docker/dhe-deploy #9840) @@ -207,7 +238,7 @@ to upgrade your installation to the latest release. (2018-11-08) -### New Features +### New features * Web Interface * Online garbage collection is no longer an experimental feature. Users can now write to DTR and push images during garbage collection. [Learn about garbage collection](/ee/dtr/admin/configure/garbage-collection/). @@ -266,7 +297,6 @@ to upgrade your installation to the latest release. * `DELETE /api/v0/repositories/{namespace}/{reponame}/manifests/{reference}` * The `enableManifestLists` field on the `POST /api/v0/repositories/{namespace}` endpoint will be removed in DTR 2.7. See [Deprecation Notice](deprecation-notice) for more details. - # Version 2.5 @@ -275,6 +305,41 @@ to upgrade your installation to the latest release. > > Upgrade path from 2.5.x to 2.6: Upgrade directly to 2.6.4. +## 2.5.12 +(2019-06-25) + +### Bug fixes + +* Fixed a bug where duplicate scan jobs were causing scans to never exit.(docker/dhe-deploy #10322) +* Fixed a pagination issue where the number of repositories listed when switching pages was not accurate. (docker/dhe-deploy #10383) + +### Known issues + +* Web Interface + * The web interface shows "This repository has no tags" in repositories where tags + have long names. As a workaround, reduce the length of the name for the + repository and tag. + * When deleting a repository with signed images, the DTR web interface no longer + shows instructions on how to delete trust data. + * There's no web interface support to update mirroring policies when rotating the TLS + certificates used by DTR. Use the API instead. + * The web interface for promotion policies is currently broken if you have a large number + of repositories. + * Clicking "Save & Apply" on a promotion policy doesn't work. +* Webhooks + * There is no webhook event for when an image is pulled. + * HTTPS webhooks do not go through HTTPS proxy when configured. (docker/dhe-deploy #9492) + * When configured for "Image promoted from repository" events, a webhook notification will be triggered twice during an image promotion when scanning is enabled on a repository. (docker/dhe-deploy #9685) +* Online garbage collection + * The events API won't report events when tags and manifests are deleted. + * The events API won't report blobs deleted by the garbage collection job. +* Docker EE Advanced features + * Scanning any new push after metadatastore migration will not yet work. + * Pushes to repos with promotion policies (repo as source) are broken when an + image has a layer over 100MB. + * On upgrade the scanningstore container may restart with this error message: + FATAL: database files are incompatible with server + ## 2.5.11 (2019-05-06) @@ -285,12 +350,12 @@ to upgrade your installation to the latest release. * Bumped the Alpine version of the base image to 3.9. (docker/dhe-deploy #10301) * Bumped Python dependencies to address vulnerabilities. (docker/dhe-deploy #10308 and #10311) -### Bug Fixes +### Bug fixes * Fixed an issue where read / write permissions were used when copying files into containers. (docker/dhe-deploy #10207) * Fixed an issue where non-admin users could not access their repositories from the Repositories page on the web interface. (docker/dhe-deploy #10294) -### Known Issues +### Known issues * Web Interface * The web interface shows "This repository has no tags" in repositories where tags @@ -321,11 +386,11 @@ to upgrade your installation to the latest release. (2019-3-28) -### Bug Fixes +### Bug fixes * If you have a repository in DTR 2.4 with manifest lists enabled, `docker pull` used to fail on images that were pushed to the repository after you upgraded to 2.5 and opted into garbage collection. This has been fixed in 2.5.10. (docker/dhe-deploy#10106) -### Known Issues +### Known issues * Web Interface * The web interface shows "This repository has no tags" in repositories where tags have long names. As a workaround, reduce the length of the name for the @@ -359,7 +424,7 @@ to upgrade your installation to the latest release. * Bump the Golang version that is used to build DTR to version 1.10.8. (docker/dhe-deploy#10071) -### Known Issues +### Known issues * Web Interface * The web interface shows "This repository has no tags" in repositories where tags have long names. As a workaround, reduce the length of the name for the @@ -392,11 +457,11 @@ to upgrade your installation to the latest release. (2019-1-29) -### Bug Fixes +### Bug fixes * Fixed an issue that prevented vulnerability updates from running if they were previously interrupted. (docker/dhe-deploy #9958) -### Known Issues +### Known issues * Web Interface * The web interface shows "This repository has no tags" in repositories where tags have long names. As a workaround, reduce the length of the name for the @@ -429,7 +494,7 @@ to upgrade your installation to the latest release. (2019-01-09) -### Bug Fixes +### Bug fixes * Fixed a bug where manifest lists were being appended to existing manifests lists when pushed. (docker/dhe-deploy #9811) * Updated GoRethink library to avoid potential lock contention. (docker/dhe-deploy #9812) @@ -438,7 +503,7 @@ to upgrade your installation to the latest release. ### Changelog * GoLang version bump to 1.10.7. -### Known Issues +### Known issues * Web Interface * The web interface shows "This repository has no tags" in repositories where tags have long names. As a workaround, reduce the length of the name for the @@ -471,7 +536,7 @@ to upgrade your installation to the latest release. (2018-10-25) -### Bug Fixes +### Bug fixes * Fixed a bug where Windows images could not be promoted. (docker/dhe-deploy#9215) * Removed Python3 from base image. (docker/dhe-deploy#9219) * Added CSP (docker/dhe-deploy#9366) @@ -480,7 +545,7 @@ to upgrade your installation to the latest release. * Backported ManifestList fixes. (docker/dhe-deploy#9547) * Removed support sidebar link and associated content. (docker/dhe-deploy#9411) -### Known Issues +### Known issues * Web Interface * The web interface shows "This repository has no tags" in repositories where tags have long names. As a workaround, reduce the length of the name for the @@ -513,13 +578,13 @@ to upgrade your installation to the latest release. (2018-8-30) -### Bug Fixes +### Bug fixes * Fixed bug where repository tag list UI was not loading after a tag migration. * Fixed bug to enable poll mirroring with Windows images. * The RethinkDB image has been patched to remove unused components with known vulnerabilities including the RethinkCLI. To get an equivalent interface, run RethinkCLI from a separate image using `docker run -it --rm --net dtr-ol -v dtr-ca-$REPLICA_ID:/ca dockerhubenterprise/rethinkcli:v2.3.0 $REPLICA_ID`. -### Known Issues +### Known issues * Web Interface * The web interface shows "This repository has no tags" in repositories where tags have long names. As a workaround, reduce the length of the name for the @@ -552,17 +617,17 @@ to upgrade your installation to the latest release. (2018-6-21) -### New Features +### New features * Allow users to adjust DTR log levels for alternative logging solutions. -### Bug Fixes +### Bug fixes * Fixed URL redirect to release notes. * Prevent OOM during garbage collection by reading less data into memory at a time. * Fixed issue where worker capacities wouldn't update on minor version upgrades. -### Known Issues +### Known issues * Web Interface * The web interface shows "This repository has no tags" in repositories where tags have long names. As a workaround, reduce the length of the name for the @@ -837,7 +902,7 @@ of testing the server to find which version works. (2018-10-25) -### Bug Fixes +### Bug fixes * Added CSP (Content Security Policy). (docker/dhe-deploy#9367 and docker/dhe-deploy#9584) * Fixed critical vulnerability in RethinkDB. (docker/dhe-deploy#9574) @@ -855,7 +920,7 @@ of testing the server to find which version works. (2018-07-26) -### Bug Fixes +### Bug fixes * Fixed bug where repository tag list UI was not loading after a tag migration. * The RethinkDB image has been patched to remove unused components with known vulnerabilities including the rethinkcli. To get an equivalent interface please run the rethinkcli from a separate image using `docker run -it --rm --net dtr-ol -v dtr-ca-$REPLICA_ID:/ca dockerhubenterprise/rethinkcli $REPLICA_ID`. @@ -869,11 +934,11 @@ of testing the server to find which version works. (2018-06-21) -**New Features** +**New features** * Allow users to adjust DTR log levels for alternative logging solutions. -**Bug Fixes** +**Bug fixes** * Prevent OOM during garbage collection by reading less data into memory at a time. From bad60c22da01671bfdb805b5c878ece86b2981b6 Mon Sep 17 00:00:00 2001 From: Olly Pomeroy Date: Mon, 24 Jun 2019 11:58:18 +0100 Subject: [PATCH 11/35] Added Offline Bundles for June Patch Signed-off-by: Olly Pomeroy --- _config.yml | 16 +++++++------- _data/ddc_offline_files_2.yaml | 40 +++++++++++++++++++++++++++++----- 2 files changed, 43 insertions(+), 13 deletions(-) diff --git a/_config.yml b/_config.yml index 9c695ca185..3201c78b5d 100644 --- a/_config.yml +++ b/_config.yml @@ -96,7 +96,7 @@ defaults: - scope: path: "install" values: - win_latest_build: "docker-18.09.6" + win_latest_build: "docker-18.09.7" - scope: path: "datacenter" values: @@ -106,14 +106,14 @@ defaults: values: dtr_org: "docker" dtr_repo: "dtr" - dtr_version: "2.6.6" + dtr_version: "2.6.7" - scope: path: "datacenter/dtr/2.5" values: hide_from_sitemap: true dtr_org: "docker" dtr_repo: "dtr" - dtr_version: "2.5.11" + dtr_version: "2.5.12" - scope: path: "datacenter/dtr/2.4" values: @@ -149,29 +149,29 @@ defaults: values: ucp_org: "docker" ucp_repo: "ucp" - ucp_version: "3.1.7" + ucp_version: "3.1.8" - scope: # This is a bit of a hack for the get-support.md topic. path: "ee" values: ucp_org: "docker" ucp_repo: "ucp" dtr_repo: "dtr" - ucp_version: "3.1.7" - dtr_version: "2.6.6" + ucp_version: "3.1.8" + dtr_version: "2.6.7" - scope: path: "datacenter/ucp/3.0" values: hide_from_sitemap: true ucp_org: "docker" ucp_repo: "ucp" - ucp_version: "3.0.11" + ucp_version: "3.0.12" - scope: path: "datacenter/ucp/2.2" values: hide_from_sitemap: true ucp_org: "docker" ucp_repo: "ucp" - ucp_version: "2.2.18" + ucp_version: "2.2.19" - scope: path: "datacenter/ucp/2.1" values: diff --git a/_data/ddc_offline_files_2.yaml b/_data/ddc_offline_files_2.yaml index 2003244abc..3c55139df3 100644 --- a/_data/ddc_offline_files_2.yaml +++ b/_data/ddc_offline_files_2.yaml @@ -5,7 +5,17 @@ # Used by _includes/components/ddc_url_list_2.html - product: "ucp" version: "3.1" - tar-files: + tar-files: + - description: "3.1.8 Linux" + url: https://packages.docker.com/caas/ucp_images_3.1.8.tar.gz + - description: "3.1.8 Windows Server 2016 LTSC" + url: https://packages.docker.com/caas/ucp_images_win_2016_3.1.8.tar.gz + - description: "3.1.8 Windows Server 1709" + url: https://packages.docker.com/caas/ucp_images_win_1709_3.1.8.tar.gz + - description: "3.1.8 Windows Server 1803" + url: https://packages.docker.com/caas/ucp_images_win_1803_3.1.8.tar.gz + - description: "3.1.8 Windows Server 2019 LTSC" + url: https://packages.docker.com/caas/ucp_images_win_2019_3.1.8.tar.gz - description: "3.1.7 Linux" url: https://packages.docker.com/caas/ucp_images_3.1.7.tar.gz - description: "3.1.7 Windows Server 2016 LTSC" @@ -83,6 +93,16 @@ - product: "ucp" version: "3.0" tar-files: + - description: "3.0.12 Linux" + url: https://packages.docker.com/caas/ucp_images_3.0.12.tar.gz + - description: "3.0.12 IBM Z" + url: https://packages.docker.com/caas/ucp_images_s390x_3.0.12.tar.gz + - description: "3.0.12 Windows Server 2016 LTSC" + url: https://packages.docker.com/caas/ucp_images_win_2016_3.0.12.tar.gz + - description: "3.0.12 Windows Server 1709" + url: https://packages.docker.com/caas/ucp_images_win_1709_3.0.12.tar.gz + - description: "3.0.12 Windows Server 1803" + url: https://packages.docker.com/caas/ucp_images_win_1803_3.0.12.tar.gz - description: "3.0.11 Linux" url: https://packages.docker.com/caas/ucp_images_3.0.11.tar.gz - description: "3.0.11 IBM Z" @@ -186,6 +206,12 @@ - product: "ucp" version: "2.2" tar-files: + - description: "2.2.19 Linux" + url: https://packages.docker.com/caas/ucp_images_2.2.19.tar.gz + - description: "2.2.19 IBM Z" + url: https://packages.docker.com/caas/ucp_images_s390x_2.2.19.tar.gz + - description: "2.2.19 Windows" + url: https://packages.docker.com/caas/ucp_images_win_2.2.19.tar.gz - description: "2.2.18 Linux" url: https://packages.docker.com/caas/ucp_images_2.2.18.tar.gz - description: "2.2.18 IBM Z" @@ -291,14 +317,16 @@ - product: "dtr" version: "2.6" tar-files: + - description: "DTR 2.6.7 Linux x86" + url: https://packages.docker.com/caas/dtr_images_2.6.7.tar.gz - description: "DTR 2.6.6 Linux x86" - url: https://packages.docker.com/caas/dtr_images_2.6.6.tar.gz + url: https://packages.docker.com/caas/dtr_images_2.6.6.tar.gz - description: "DTR 2.6.5 Linux x86" - url: https://packages.docker.com/caas/dtr_images_2.6.5.tar.gz + url: https://packages.docker.com/caas/dtr_images_2.6.5.tar.gz - description: "DTR 2.6.4 Linux x86" - url: https://packages.docker.com/caas/dtr_images_2.6.4.tar.gz + url: https://packages.docker.com/caas/dtr_images_2.6.4.tar.gz - description: "DTR 2.6.3 Linux x86" - url: https://packages.docker.com/caas/dtr_images_2.6.3.tar.gz + url: https://packages.docker.com/caas/dtr_images_2.6.3.tar.gz - description: "DTR 2.6.2 Linux x86" url: https://packages.docker.com/caas/dtr_images_2.6.2.tar.gz - description: "DTR 2.6.1 Linux x86" @@ -308,6 +336,8 @@ - product: "dtr" version: "2.5" tar-files: + - description: "DTR 2.5.12 Linux x86" + url: https://packages.docker.com/caas/dtr_images_2.5.12.tar.gz - description: "DTR 2.5.11 Linux x86" url: https://packages.docker.com/caas/dtr_images_2.5.11.tar.gz - description: "DTR 2.5.10 Linux x86" From a8bdc59b7a27b50f9a0ceb547a173c970915b4e1 Mon Sep 17 00:00:00 2001 From: usha-mandya Date: Mon, 24 Jun 2019 16:51:33 +0100 Subject: [PATCH 12/35] Adding UCP release notes for June patch --- ee/ucp/release-notes.md | 131 +++++++++++++++++++++++++++++++++------- 1 file changed, 110 insertions(+), 21 deletions(-) diff --git a/ee/ucp/release-notes.md b/ee/ucp/release-notes.md index 22109ecace..a69c4e55f1 100644 --- a/ee/ucp/release-notes.md +++ b/ee/ucp/release-notes.md @@ -21,19 +21,65 @@ upgrade your installation to the latest release. # Version 3.1 +## 3.1.8 +(2019-06-25) + +### Kubernetes + +* Kubernetes has been updated to version 1.11.10. + +### Enhancements + +* Users can now set default values for `restart-delay` and `restart-max-attempts` on Swarm Services. (ENGORC-2437) +* Users can now set the `kubeletMaxPods` option to configure more than 100 pods per node by using the `ClusterConfig` option. (ENGORC-2334) +* Added configuration support for `service-cluster-iprange`. (ENGCORE-683) + +### Bug fixes + +* Added a migration logic to remove all actions on `pods/exec` and `pods/attach` Kubernetes subresource from the migrated UCP View-Only role. (ENGORC-2434) +* Fixed an issue that allows unauthenticated user to list directories. (ENGORC-2175) + +### Deprecated platforms + +* Removed support for Windows Server 1709. + +### Known issues +* Upgrading from UCP `3.1.4` to `3.1.5` causes missing Swarm placement constraints banner for some Swarm services (ENGORC-2191). This can cause Swarm services to run unexpectedly on Kubernetes nodes. See https://www.docker.com/ddc-41 for more information. + - Workaround: Delete any `ucp-*-s390x` Swarm services. For example, `ucp-auth-api-s390x`. +* There are important changes to the upgrade process that, if not correctly followed, can impact the availability of applications running on the Swarm during upgrades. These constraints impact any upgrades coming from any Docker Engine version before 18.09 to version 18.09 or greater. For more information about upgrading Docker Enterprise to version 2.1, see [Upgrade Docker](../upgrade). +* To deploy Pods with containers using Restricted Parameters, the user must be an admin and a service account must explicitly have a **ClusterRoleBinding** with `cluster-admin` as the **ClusterRole**. Restricted Parameters on Containers include: + * Host Bind Mounts + * Privileged Mode + * Extra Capabilities + * Host Networking + * Host IPC + * Host PID +* If you delete the built-in **ClusterRole** or **ClusterRoleBinding** for `cluster-admin`, restart the `ucp-kube-apiserver` container on any manager node to recreate them. (#14483) +* Pod Security Policies are not supported in this release. (#15105) +* The default Kubelet configuration for UCP Manager nodes is expecting 4GB of free disk space in the `/var` partition. See [System Requirements](/ee/ucp/admin/install/system-requirements) for details. + +### Components + +| Component | Version | +| ----------- | ----------- | +| UCP | 3.1.8 | +| Kubernetes | 1.11.10 | +| Calico | 3.5.3 | +| Interlock (nginx) | 1.14.0 | + ## 3.1.7 (2019-05-06) ### Security * Refer to [UCP image vulnerabilities](https://success.docker.com/article/ucp-image-vulnerabilities) for details regarding actions to be taken, timeline, and any status updates/issues/recommendations. -### Bug Fixes +### Bug fixes * Updated the UCP base image layers to fix a number of old libraries and components that had security vulnerabilities. -### Known Issues +### Known issues * Upgrading from UCP `3.1.4` to `3.1.5` causes missing Swarm placement constraints banner for some Swarm services (ENGORC-2191). This can cause Swarm services to run unexpectedly on Kubernetes nodes. See https://www.docker.com/ddc-41 for more information. - Workaround: Delete any `ucp-*-s390x` Swarm services. For example, `ucp-auth-api-s390x`. -* There are important changes to the upgrade process that, if not correctly followed, can impact the availability of applications running on the Swarm during uprades. These constraints impact any upgrades coming from any Docker Engine version before 18.09 to version 18.09 or greater. For more information about about upgrading Docker Enterprise to version 2.1, see [Upgrade Docker](../upgrade). +* There are important changes to the upgrade process that, if not correctly followed, can impact the availability of applications running on the Swarm during upgrades. These constraints impact any upgrades coming from any Docker Engine version before 18.09 to version 18.09 or greater. For more information about upgrading Docker Enterprise to version 2.1, see [Upgrade Docker](../upgrade). * To deploy Pods with containers using Restricted Parameters, the user must be an admin and a service account must explicitly have a **ClusterRoleBinding** with `cluster-admin` as the **ClusterRole**. Restricted Parameters on Containers include: * Host Bind Mounts * Privileged Mode @@ -66,7 +112,7 @@ upgrade your installation to the latest release. ### Authentication and Authorization * Accessing the `ListAccount` API endpoint now requires an admin user. Accessing the `GetAccount` API endpoint now requires an admin user, the actual user, or a member of the organization being inspected. [ENGORC-100](https://docker.atlassian.net/browse/ENGORC-100) -### Known Issues +### Known issues * Upgrading from UCP `3.1.4` to `3.1.5` causes missing Swarm placement constraints banner for some Swarm services (ENGORC-2191). This can cause Swarm services to run unexpectedly on Kubernetes nodes. See https://www.docker.com/ddc-41 for more information. - Workaround: Delete any `ucp-*-s390x` Swarm services. For example, `ucp-auth-api-s390x`. * There are important changes to the upgrade process that, if not correctly followed, can impact the availability of applications running on the Swarm during uprades. These constraints impact any upgrades coming from any Docker Engine version before 18.09 to version 18.09 or greater. For more information about about upgrading Docker Enterprise to version 2.1, see [Upgrade Docker](../upgrade). @@ -105,12 +151,12 @@ upgrade your installation to the latest release. * Hid most of the UCP banners for non-admin users. (docker/orca#14631) * When LDAP or SAML is enabled, provided admin users an option to disable managed password authentication, which includes login and creation of new users. (ENGORC-1999) -### Bug Fixes +### Bug fixes * Changed Interlock proxy service default `update-action-failure` to rollback. (ENGCORE-117) * Added validation for service configuration label values. (ENGCORE-114) * Fixed an issue with continuous interlock reconciliation if `ucp-interlock` service image does not match expected version. (ENGORC-2081) -### Known Issues +### Known issues * Upgrading from UCP 3.1.4 to 3.1.5 causes missing Swarm placement constraints banner for some Swarm services (ENGORC-2191). This can cause Swarm services to run unexpectedly on Kubernetes nodes. See https://www.docker.com/ddc-41 for more information. - Workaround: Delete any `ucp-*-s390x` Swarm services. For example, `ucp-auth-api-s390x`. @@ -146,7 +192,7 @@ upgrade your installation to the latest release. ### Kubernetes * Kubernetes has been updated to version 1.11.7. (docker/orca#16157) -### Bug Fixes +### Bug fixes * Bump the Golang version that is used to build UCP to version 1.10.8. (docker/orca#16068) * Fixed an issue that caused UCP upgrade failure to upgrade with Interlock deployment. (docker/orca#16009) * Fixed an issue that caused Windows node ucp-agent(s) to constantly reboot when audit logging is enabled. (docker/orca#16122) @@ -158,7 +204,7 @@ upgrade your installation to the latest release. ### Enhancements * Changed packaging and builds for UCP to build bootstrapper last. This avoids the "upgrade available" banner on all UCPs until the entirety of UCP is available. -### Known Issues +### Known issues * Newly added Windows node reports "Awaiting healthy status in classic node inventory". [Learn more](https://success.docker.com/article/newly-added-windows-node-reports-awaiting-healthy-status-in-classic-node-inventory). * There are important changes to the upgrade process that, if not correctly followed, can impact the availability of applications running on the Swarm during uprades. These constraints impact any upgrades coming from any Docker Engine version before 18.09 to version 18.09 or greater. For more information about about upgrading Docker Enterprise to version 2.1, see [Upgrade Docker](../upgrade) @@ -195,7 +241,7 @@ upgrade your installation to the latest release. ### Networking * Upgraded Calico to version 3.5. (#15884) -### Bug Fixes +### Bug fixes * Fixed system hang following UCP backup and docker daemon shutdown. (docker/escalation#841) * Non-admin users can no longer create `PersistentVolumes` using the `Local` Storage Class, as this allowed non-admins to by pass security controls and @@ -230,7 +276,7 @@ upgrade your installation to the latest release. * UCP Audit logging is now controlled through the UCP Configuration file; it is also now configurable within the UCP web interface. (#15466) -### Bug Fixes +### Bug fixes * Core * Significantly reduced database load in environments with a lot of concurrent and repeated API requests by the same user. (docker/escalation#911) * UCP backend will now complain when a service is created/updated if the @@ -241,7 +287,7 @@ now configurable within the UCP web interface. (#15466) * Now upgrading Interlock will also upgrade interlock proxy and interlock extension as well (escalation/871) * Added support for 'VIP' backend mode, in which the Interlock proxy connects to the backend service's Virtual IP instead of load-balancing directly to each task IP. (docker/interlock#206) (escalation/920) -### Known Issues +### Known issues * In the UCP web interface, LDAP settings disappear after submitting them. However, the settings are properly saved. (docker/orca#15503) * By default, Kubelet begins deleting images, starting with the oldest unused images, after exceeding 85% disk space utilization. This causes an issue in an air-gapped environment. (docker/orca#16082) @@ -273,7 +319,7 @@ now configurable within the UCP web interface. (#15466) 2018-11-08 -### Bug Fixes +### Bug fixes * Swarm placement constraint warning banner no longer shows up for `ucp-auth` services (#14539) * "update out of sequence" error messages no longer appear when changing admin settings (#7093) @@ -282,7 +328,7 @@ now configurable within the UCP web interface. (#15466) * `docker network ls --filter id=` now works with a UCP client bundle (#14840) * Collection deletes are correctly blocked if there is a node in the collection (#13704) -### New Features +### New features ### Kubernetes @@ -367,11 +413,31 @@ The following features are deprecated in UCP 3.1. # Version 3.0 +## 3.0.12 + +### Bug fixes + +* Added migration logic to remove all actions on `pods/exec` and `pods/attach` Kubernetes subresource from the migrated UCP View-Only role. (ENGORC-2434) +* Fixed an issue that allows unauthenticated user to list directories. (ENGORC-2175) + +### Deprecated platforms + +* Removed support for Windows Server 1709. + +### Components + +| Component | Version | +| ----------- | ----------- | +| UCP | 3.0.12 | +| Kubernetes | 1.8.15 | +| Calico | 3.0.8 | +| Interlock (nginx) | 1.13.12 | + ## 3.0.11 2019-05-06 -### Bug Fixes +### Bug fixes * Updated the UCP base image layers to fix a number of old libraries and components that had security vulnerabilities. ### Components @@ -387,7 +453,7 @@ The following features are deprecated in UCP 3.1. 2019-02-28 -### Bug Fixes +### Bug fixes * Bump the Golang version that is used to build UCP to version 1.10.8. * Prevent UCP users from updating services with a port that conflicts with the UCP controller port. (escalation#855) * Fixed an issue that causes UCP fail to upgrade with Interlock deployment. (docker/orca/#16009) @@ -567,7 +633,7 @@ The following features are deprecated in UCP 3.1. * Offline bundles `ucp_images_win_1803_3.0.3.tar.gz` have been added. * UCP 3.0.3 now supports IBM Z (s390x) as worker nodes on 3.0.x for SLES 12 SP 3. Interlock is currently not supported for 3.0.x on Z. -### Bug Fixes +### Bug fixes * Core * Optimize swarm service read api calls through UCP @@ -592,7 +658,7 @@ The following features are deprecated in UCP 3.1. 2018-06-21 -### New Features +### New features * UCP now supports running Windows Server 1709 workers * Server 1709 provides smaller Windows base image sizes, as detailed [here](https://docs.microsoft.com/en-us/windows-server/get-started/whats-new-in-windows-server-1709) @@ -603,7 +669,7 @@ The following features are deprecated in UCP 3.1. * Added support for dynamic volume provisioning in Kubernetes for AWS EBS and Azure Disk when installing UCP with the `--cloud-provider` option. -### Bug Fixes +### Bug fixes * Core * Fixed an issue for anonymous volumes in Compose for Kubernetes. * Fixed an issue where a fresh install would have an initial per-user session @@ -636,7 +702,7 @@ Azure Disk when installing UCP with the `--cloud-provider` option. 2018-05-17 -### Bug Fixes +### Bug fixes * Core * Bumped Kubernetes version to 1.8.11. * Compose for Kubernetes now respects the specified port services are exposed on. @@ -843,11 +909,34 @@ deprecated. Deploy your applications as Swarm services or Kubernetes workloads. # Version 2.2 +## Version 2.2.19 + +### Bug fixes + +* Fixed an issue that allows unauthenticated user to list directories. (ENGORC-2175) + +### Known issues + +* Docker currently has limitations related to overlay networking and services using VIP-based endpoints. These limitations apply to use of the HTTP Routing Mesh (HRM). HRM users should familiarize themselves with these limitations. In particular, HRM may encounter virtual IP exhaustion (as evidenced by `failed to allocate network IP for task` Docker log messages). If this happens, and if the HRM service is restarted or rescheduled for any reason, HRM may fail to resume operation automatically. See the Docker EE 17.06-ee5 release notes for details. +* The Swarm admin web interface for UCP versions 2.2.0 and later contain a bug. If used with Docker Engine version 17.06.2-ee5 or earlier, attempting to update "Task History Limit", "Heartbeat Period" and "Node Certificate Expiry" settings using the UI will cause the cluster to crash on next restart. Using UCP 2.2.X and Docker Engine 17.06-ee6 and later, updating these settings will fail (but not cause the cluster to crash). Users are encouraged to update to Docker Engine version 17.06.2-ee6 and later, and to use the Docker CLI (instead of the UCP UI) to update these settings. Rotating join tokens works with any combination of Docker Engine and UCP versions. Docker Engine versions 17.03 and earlier (which use UCP version 2.1 and earlier) are not affected by this problem. +* Upgrading heterogeneous swarms from CLI may fail because x86 images are used +instead of the correct image for the worker architecture. +* Agent container log is empty even though it's running correctly. +* Rapid UI settings updates may cause unintended settings changes for logging + settings and other admin settings. +* Attempting to load an (unsupported) `tar.gz` image results in a poor error + message. +* Searching for images in the UCP images UI doesn't work. +* Removing a stack may leave orphaned volumes. +* Storage metrics are not available for Windows. +* You can't create a bridge network from the web interface. As a workaround use + `/`. + ## Version 2.2.18 2019-05-06 -### Bug Fixes +### Bug fixes * Updated the UCP base image layers to fix a number of old libraries and components that had security vulnerabilities. ### Known issues @@ -871,7 +960,7 @@ instead of the correct image for the worker architecture. 2019-02-28 -### Bug Fixes +### Bug fixes * Bump the Golang version that is used to build UCP to version 1.10.8. * Prevent UCP users from updating services with a port that conflicts with the UCP controller port. (escalation#855) From 50c0596101b1c2b837791075ce5ced57fd24e708 Mon Sep 17 00:00:00 2001 From: ollypom Date: Mon, 24 Jun 2019 16:54:56 +0000 Subject: [PATCH 13/35] UCP 3.18 new Configuration file and Cli reference Signed-off-by: Olly Pomeroy --- .../admin/configure/ucp-configuration-file.md | 51 ++++++----- reference/ucp/3.1/cli/install.md | 85 ++++++++++--------- 2 files changed, 75 insertions(+), 61 deletions(-) diff --git a/ee/ucp/admin/configure/ucp-configuration-file.md b/ee/ucp/admin/configure/ucp-configuration-file.md index 1952de9284..902ddcd868 100644 --- a/ee/ucp/admin/configure/ucp-configuration-file.md +++ b/ee/ucp/admin/configure/ucp-configuration-file.md @@ -93,17 +93,6 @@ An array of tables that specifies the DTR instances that the current UCP instanc | `service_id` | yes | The DTR instance's OpenID Connect Client ID, as registered with the Docker authentication provider. | | `ca_bundle` | no | If you're using a custom certificate authority (CA), `ca_bundle` specifies the root CA bundle for the DTR instance. The value is a string with the contents of a `ca.pem` file. | -### custom headers (optional) - -Included when you need to set custom API headers. You can repeat this section multiple times to specify multiple separate headers. If you include custom headers, you must specify both `name` and `value`. - -[[custom_api_server_headers]] - -| Item | Description | -| ----------- | ----------- | -| `name` | Set to specify the name of the custom header with `name` = "*X-Custom-Header-Name*". | -| `value` | Set to specify the value of the custom header with `value` = "*Custom Header Value*". | - ### audit_log_configuration table (optional) Configures audit logging options for UCP components. @@ -165,6 +154,29 @@ Specifies whether the your UCP license is automatically renewed. |:---------------|:---------|:----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------| | `auto_refresh` | no | Set to `true` to enable attempted automatic license renewal when the license nears expiration. If disabled, you must manually upload renewed license after expiration. The default is `true`. | +### custom headers (optional) + +Included when you need to set custom API headers. You can repeat this section multiple times to specify multiple separate headers. If you include custom headers, you must specify both `name` and `value`. + +[[custom_api_server_headers]] + +| Item | Description | +|:--------|:--------------------------------------------------------------------------------------| +| `name` | Set to specify the name of the custom header with `name` = "*X-Custom-Header-Name*". | +| `value` | Set to specify the value of the custom header with `value` = "*Custom Header Value*". | + +### user_workload_defaults (optional) + +`user_workload_defaults.swarm_defaults` + +A map describing default values to set on Swarm services at creation time if +those fields are not explicitly set in the service spec. + +| Parameter | Required | Description | +|:-----------------------------------------|:---------|:---------------------------------------------------------------------| +| `tasktemplate.restartpolicy.delay` | no | Delay between restart attempts (ns|us|ms|s|m|h).The default is `5s`. | +| `tasktemplate.restartpolicy.maxattempts` | no | Maximum number of restarts before giving up. The default is `3`. | + ### cluster_config table (required) Configures the cluster that the current UCP instance manages. @@ -191,22 +203,23 @@ components. Assigning these values overrides the settings in a container's | `metrics_retention_time` | no | Adjusts the metrics retention time. | | `metrics_scrape_interval` | no | Sets the interval for how frequently managers gather metrics from nodes in the cluster. | | `metrics_disk_usage_interval` | no | Sets the interval for how frequently storage metrics are gathered. This operation can be expensive when large volumes are present. | -| `rethinkdb_cache_size` | no | Sets the size of the cache used by UCP's RethinkDB servers. The default is 1GB, but leaving this field empty or specifying `auto` instructs RethinkDB to determine a cache size automatically. | -| `exclude_server_identity_headers` | no | Set to `true` to disable the `X-Server-Ip` and `X-Server-Name` headers. | +| `rethinkdb_cache_size` | no | Sets the size of the cache used by UCP's RethinkDB servers. The default is 1GB, but leaving this field empty or specifying `auto` instructs RethinkDB to determine a cache size automatically. | +| `exclude_server_identity_headers` | no | Set to `true` to disable the `X-Server-Ip` and `X-Server-Name` headers. | | `cloud_provider` | no | Set the cloud provider for the kubernetes cluster. | | `pod_cidr` | yes | Sets the subnet pool from which the IP for the Pod should be allocated from the CNI ipam plugin. Default is `192.168.0.0/16`. | | `calico_mtu` | no | Set the MTU (maximum transmission unit) size for the Calico plugin. | | `ipip_mtu` | no | Set the IPIP MTU size for the calico IPIP tunnel interface. | -| `azure_ip_count` | no | Set the IP count for azure allocator to allocate IPs per Azure virtual machine. | -| `service-cluster-ip-range` | yes | Sets the subnet pool from which the IP for Services should be allocated. Default is `10.96.0.0/16`. +| `azure_ip_count` | no | Set the IP count for azure allocator to allocate IPs per Azure virtual machine. | +| `service_cluster_ip_range` | yes | Sets the subnet pool from which the IP for Services should be allocated. Default is `10.96.0.0/16`. | | `nodeport_range` | yes | Set the port range that for Kubernetes services of type NodePort can be exposed in. Default is `32768-35535`. | -| `custom_kube_api_server_flags` | no | Set the configuration options for the Kubernetes API server. (dev) | -| `custom_kube_controller_manager_flags` | no | Set the configuration options for the Kubernetes controller manager. (dev) | -| `custom_kubelet_flags` | no | Set the configuration options for Kubelets. (dev) | -| `custom_kube_scheduler_flags` | no | Set the configuration options for the Kubernetes scheduler. (dev) | +| `custom_kube_api_server_flags` | no | Set the configuration options for the Kubernetes API server. (dev) | +| `custom_kube_controller_manager_flags` | no | Set the configuration options for the Kubernetes controller manager. (dev) | +| `custom_kubelet_flags` | no | Set the configuration options for Kubelets. (dev) | +| `custom_kube_scheduler_flags` | no | Set the configuration options for the Kubernetes scheduler. (dev) | | `local_volume_collection_mapping` | no | Store data about collections for volumes in UCP's local KV store instead of on the volume labels. This is used for enforcing access control on volumes. | | `manager_kube_reserved_resources` | no | Reserve resources for Docker UCP and Kubernetes components which are running on manager nodes. | | `worker_kube_reserved_resources` | no | Reserve resources for Docker UCP and Kubernetes components which are running on worker nodes. | +| `kubelet_max_pods` | yes | Set Number of Pods that can run on a node. Default is `110`. *dev indicates that the functionality is only for development and testing. Arbitrary Kubernetes configuration parameters are not tested and supported under the Docker Enterprise Software Support Agreement. diff --git a/reference/ucp/3.1/cli/install.md b/reference/ucp/3.1/cli/install.md index 63437e26ce..cd1afe86c3 100644 --- a/reference/ucp/3.1/cli/install.md +++ b/reference/ucp/3.1/cli/install.md @@ -42,46 +42,47 @@ If you are installing on Azure, see [Install UCP on Azure](/ee/ucp/admin/install ## Options -| Option | Description | -|:--------------------------------|:-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------| -| `--debug, -D` | Enable debug mode | -| `--jsonlog` | Produce json formatted output for easier parsing | -| `--interactive, -i` | Run in interactive mode and prompt for configuration values | -| `--admin-password` *value* | The UCP administrator password [$UCP_ADMIN_PASSWORD] | -| `--admin-username` *value* | The UCP administrator username [$UCP_ADMIN_USER] | -| `--binpack` | Set the Docker Swarm scheduler to binpack mode. Used for backwards compatibility | -| `--cloud-provider` *value* | The cloud provider for the cluster | -| `--cni-installer-url` *value* | A URL pointing to a kubernetes YAML file to be used as an installer for the CNI plugin of the cluster. If specified, the default CNI plugin will not be installed. If the URL is using the HTTPS scheme, no certificate verification will be performed | -| `--controller-port` *value* | Port for the web UI and API (default: 443) | -| `--data-path-addr` *value* | Address or interface to use for data path traffic. Format: IP address or network interface name [$UCP_DATA_PATH_ADDR] | -| `--disable-tracking` | Disable anonymous tracking and analytics | -| `--disable-usage` | Disable anonymous usage reporting | -| `--dns-opt` *value* | Set DNS options for the UCP containers [$DNS_OPT] | -| `--dns-search` *value* | Set custom DNS search domains for the UCP containers [$DNS_SEARCH] | -| `--dns` *value* | Set custom DNS servers for the UCP containers [$DNS] | -| `--enable-profiling` | Enable performance profiling | -| `--existing-config` | Use the latest existing UCP config during this installation. The install will fail if a config is not found | -| `--external-server-cert` | Customize the certificates used by the UCP web server | -| `--external-service-lb` *value* | Set the IP address of the load balancer that published services are expected to be reachable on | -| `--force-insecure-tcp` | Force install to continue even with unauthenticated Docker Engine ports. | -| `--force-minimums` | Force the install/upgrade even if the system does not meet the minimum requirements | -| `--host-address` *value* | The network address to advertise to other nodes. Format: IP address or network interface name [$UCP_HOST_ADDRESS] | -| `--kube-apiserver-port` *value* | Port for the Kubernetes API server (default: 6443) | -| `--kv-snapshot-count` *value* | Number of changes between key-value store snapshots (default: 20000) [$KV_SNAPSHOT_COUNT] | -| `--kv-timeout` *value* | Timeout in milliseconds for the key-value store (default: 5000) [$KV_TIMEOUT] | -| `--license` *value* | Add a license: e.g. --license "$(cat license.lic)" [$UCP_LICENSE] | -| `--nodeport-range` *value* | Allowed port range for Kubernetes services of type NodePort (Default: 32768-35535) (default: "32768-35535") | -| `--pod-cidr` *value* | Kubernetes cluster IP pool for the pods to allocated IP from (Default: 192.168.0.0/16) (default: "192.168.0.0/16") | -| `--preserve-certs` | Don't generate certificates if they already exist | -| `--pull` *value* | Pull UCP images: 'always', when 'missing', or 'never' (default: "missing") | -| `--random` | Set the Docker Swarm scheduler to random mode. Used for backwards compatibility | -| `--registry-password` *value* | Password to use when pulling images [$REGISTRY_PASSWORD] | -| `--registry-username` *value* | Username to use when pulling images [$REGISTRY_USERNAME] | -| `--san` *value* | Add subject alternative names to certificates (e.g. --san www1.acme.com --san www2.acme.com) [$UCP_HOSTNAMES] | -| `--skip-cloud-provider-check` | Disables checks which rely on detecting which (if any) cloud provider the cluster is currently running on | -| `--swarm-experimental` | Enable Docker Swarm experimental features. Used for backwards compatibility | -| `--swarm-grpc-port` *value* | Port for communication between nodes (default: 2377) | -| `--swarm-port` *value* | Port for the Docker Swarm manager. Used for backwards compatibility (default: 2376) | -| `--unlock-key` *value* | The unlock key for this swarm-mode cluster, if one exists. [$UNLOCK_KEY] | -| `--unmanaged-cni` | Flag to indicate if cni provider is calico and managed by UCP (calico is the default CNI provider) | | +| Option | Description | +|:-------------------------------------|:-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------| +| `--debug, -D` | Enable debug mode | +| `--jsonlog` | Produce json formatted output for easier parsing | +| `--interactive, -i` | Run in interactive mode and prompt for configuration values | +| `--admin-password` *value* | The UCP administrator password [$UCP_ADMIN_PASSWORD] | +| `--admin-username` *value* | The UCP administrator username [$UCP_ADMIN_USER] | +| `--binpack` | Set the Docker Swarm scheduler to binpack mode. Used for backwards compatibility | +| `--cloud-provider` *value* | The cloud provider for the cluster | +| `--cni-installer-url` *value* | A URL pointing to a kubernetes YAML file to be used as an installer for the CNI plugin of the cluster. If specified, the default CNI plugin will not be installed. If the URL is using the HTTPS scheme, no certificate verification will be performed | +| `--controller-port` *value* | Port for the web UI and API (default: 443) | +| `--data-path-addr` *value* | Address or interface to use for data path traffic. Format: IP address or network interface name [$UCP_DATA_PATH_ADDR] | +| `--disable-tracking` | Disable anonymous tracking and analytics | +| `--disable-usage` | Disable anonymous usage reporting | +| `--dns-opt` *value* | Set DNS options for the UCP containers [$DNS_OPT] | +| `--dns-search` *value* | Set custom DNS search domains for the UCP containers [$DNS_SEARCH] | +| `--dns` *value* | Set custom DNS servers for the UCP containers [$DNS] | +| `--enable-profiling` | Enable performance profiling | +| `--existing-config` | Use the latest existing UCP config during this installation. The install will fail if a config is not found | +| `--external-server-cert` | Customize the certificates used by the UCP web server | +| `--external-service-lb` *value* | Set the IP address of the load balancer that published services are expected to be reachable on | +| `--force-insecure-tcp` | Force install to continue even with unauthenticated Docker Engine ports. | +| `--force-minimums` | Force the install/upgrade even if the system does not meet the minimum requirements | +| `--host-address` *value* | The network address to advertise to other nodes. Format: IP address or network interface name [$UCP_HOST_ADDRESS] | +| `--kube-apiserver-port` *value* | Port for the Kubernetes API server (default: 6443) | +| `--kv-snapshot-count` *value* | Number of changes between key-value store snapshots (default: 20000) [$KV_SNAPSHOT_COUNT] | +| `--kv-timeout` *value* | Timeout in milliseconds for the key-value store (default: 5000) [$KV_TIMEOUT] | +| `--license` *value* | Add a license: e.g. --license "$(cat license.lic)" [$UCP_LICENSE] | +| `--nodeport-range` *value* | Allowed port range for Kubernetes services of type NodePort (Default: 32768-35535) (default: "32768-35535") | +| `--pod-cidr` *value* | Kubernetes cluster IP pool for the pods to allocated IP from (Default: 192.168.0.0/16) (default: "192.168.0.0/16") | +| `--preserve-certs` | Don't generate certificates if they already exist | +| `--pull` *value* | Pull UCP images: 'always', when 'missing', or 'never' (default: "missing") | +| `--random` | Set the Docker Swarm scheduler to random mode. Used for backwards compatibility | +| `--registry-password` *value* | Password to use when pulling images [$REGISTRY_PASSWORD] | +| `--registry-username` *value* | Username to use when pulling images [$REGISTRY_USERNAME] | +| `--san` *value* | Add subject alternative names to certificates (e.g. --san www1.acme.com --san www2.acme.com) [$UCP_HOSTNAMES] | +| `--service-cluster-ip-range` *value* | Kubernetes Cluster IP Range for Services (Default: 10.96.0.0/16) (default: "10.96.0.0/16") | +| `--skip-cloud-provider-check` | Disables checks which rely on detecting which (if any) cloud provider the cluster is currently running on | +| `--swarm-experimental` | Enable Docker Swarm experimental features. Used for backwards compatibility | +| `--swarm-grpc-port` *value* | Port for communication between nodes (default: 2377) | +| `--swarm-port` *value* | Port for the Docker Swarm manager. Used for backwards compatibility (default: 2376) | +| `--unlock-key` *value* | The unlock key for this swarm-mode cluster, if one exists. [$UNLOCK_KEY] | +| `--unmanaged-cni` | Flag to indicate if cni provider is calico and managed by UCP (calico is the default CNI provider) | From 1617eebc6352372b4c6acee25af9d6d71f926bfc Mon Sep 17 00:00:00 2001 From: ollypom Date: Mon, 24 Jun 2019 17:17:05 +0000 Subject: [PATCH 14/35] Updated Kubernetes networking defaults --- ee/ucp/admin/install/plan-installation.md | 17 ++++++++++++++--- 1 file changed, 14 insertions(+), 3 deletions(-) diff --git a/ee/ucp/admin/install/plan-installation.md b/ee/ucp/admin/install/plan-installation.md index b4e7a80739..23e4a15402 100644 --- a/ee/ucp/admin/install/plan-installation.md +++ b/ee/ucp/admin/install/plan-installation.md @@ -42,13 +42,24 @@ this. ## Avoid IP range conflicts -The `service-cluster-ip-range` Kubernetes API Server flag is currently set to `10.96.0.0/16` and cannot be changed. - Swarm uses a default address pool of `10.0.0.0/8` for its overlay networks. If this conflicts with your current network implementation, please use a custom IP address pool. To specify a custom IP address pool, use the `--default-address-pool` command line option during [Swarm initialization](../../../../engine/swarm/swarm-mode.md). > **Note**: Currently, the UCP installation process does not support this flag. To deploy with a custom IP pool, Swarm must first be installed using this flag and UCP must be installed on top of it. -Kubernetes uses a default cluster IP pool for pods that is `192.168.0.0/16`. If it conflicts with your current networks, please use a custom IP pool by specifying `--pod-cidr` during UCP installation. +### Kubernetes IP Range Conflicts + +There are 2 internal IP ranges used within Kubernetes that may overlap and +conflict with the underlying infrastructure: + +- The Pod Network. Each Pod in Kubernetes is given an IP address from either + the Calico or Azure IPAM services. In a default installation Pods are given + IP addresses on the `192.168.0.0/16` range. This can be customised at install + time using the `--pod-cidr` flag. + +- The Services Network. When a user exposes a Service in Kubernetes it is + accesible on a VIP, this VIP comes from a Cluster IP Range. By default on UCP + this range is `10.96.0.0/16`. From UCP 3.1.8 and onwards this value can be + changed at install time with the `--service-cluster-ip-range` flag. ## Avoid firewall conflicts From d141261f2fd91299ee421ff1ccb0e0ab2b1b47ba Mon Sep 17 00:00:00 2001 From: Olly P Date: Mon, 24 Jun 2019 19:08:14 +0100 Subject: [PATCH 15/35] Incorporating Arko's Feedback Co-Authored-By: Arko Dasgupta --- ee/ucp/admin/install/plan-installation.md | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/ee/ucp/admin/install/plan-installation.md b/ee/ucp/admin/install/plan-installation.md index 23e4a15402..c579e06b9c 100644 --- a/ee/ucp/admin/install/plan-installation.md +++ b/ee/ucp/admin/install/plan-installation.md @@ -51,13 +51,13 @@ Swarm uses a default address pool of `10.0.0.0/8` for its overlay networks. If t There are 2 internal IP ranges used within Kubernetes that may overlap and conflict with the underlying infrastructure: -- The Pod Network. Each Pod in Kubernetes is given an IP address from either +- The Pod Network - Each Pod in Kubernetes is given an IP address from either the Calico or Azure IPAM services. In a default installation Pods are given IP addresses on the `192.168.0.0/16` range. This can be customised at install time using the `--pod-cidr` flag. -- The Services Network. When a user exposes a Service in Kubernetes it is - accesible on a VIP, this VIP comes from a Cluster IP Range. By default on UCP +- The Services Network - When a user exposes a Service in Kubernetes it is + accesible via a VIP, this VIP comes from a Cluster IP Range. By default on UCP this range is `10.96.0.0/16`. From UCP 3.1.8 and onwards this value can be changed at install time with the `--service-cluster-ip-range` flag. From b5659dd1debdf9285c4c43fc94ef4728766034bb Mon Sep 17 00:00:00 2001 From: Olly Pomeroy Date: Mon, 24 Jun 2019 21:11:17 +0100 Subject: [PATCH 16/35] Added additional SUSE redirect Signed-off-by: Olly Pomeroy --- install/linux/docker-ee/suse.md | 1 + 1 file changed, 1 insertion(+) diff --git a/install/linux/docker-ee/suse.md b/install/linux/docker-ee/suse.md index be83f8218f..826622fe2f 100644 --- a/install/linux/docker-ee/suse.md +++ b/install/linux/docker-ee/suse.md @@ -3,6 +3,7 @@ description: Instructions for installing Docker EE on SLES keywords: requirements, apt, installation, suse, opensuse, sles, rpm, install, uninstall, upgrade, update redirect_from: - /engine/installation/SUSE/ +- /engine/installation/linux/SUSE/ - /engine/installation/linux/suse/ - /engine/installation/linux/docker-ee/suse/ title: Get Docker EE for SLES From 70e0f34b9937ed1538cefcf8c3dbce8b6e7af36b Mon Sep 17 00:00:00 2001 From: ollypom Date: Tue, 25 Jun 2019 11:13:49 +0000 Subject: [PATCH 17/35] Fixed overview links --- toolbox/overview.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/toolbox/overview.md b/toolbox/overview.md index c234aceaad..ac14b948ac 100644 --- a/toolbox/overview.md +++ b/toolbox/overview.md @@ -32,9 +32,9 @@ You can find various versions of the tools on [Toolbox Releases](https://github. Choose the install instructions for your platform, and follow the steps: - * [Install Docker Toolbox on macOS](toolbox_install_mac.md) + - [Install Docker Toolbox for macOS](toolbox_install_mac.md) - * [Install Docker Toolbox for Windows](toolbox_install_windows.md) + - [Install Docker Toolbox for Windows](toolbox_install_windows.md) ## Next steps From e7a5cf071432363b1bdf0adcd06c1d4d1bdcec75 Mon Sep 17 00:00:00 2001 From: Olly Pomeroy Date: Tue, 25 Jun 2019 12:55:22 +0100 Subject: [PATCH 18/35] Removed 1709 and added more context to UCP relnote Signed-off-by: Olly Pomeroy --- _data/ddc_offline_files_2.yaml | 4 ---- ee/ucp/release-notes.md | 25 +++++++++++++++++++------ 2 files changed, 19 insertions(+), 10 deletions(-) diff --git a/_data/ddc_offline_files_2.yaml b/_data/ddc_offline_files_2.yaml index 3c55139df3..ddce1ac484 100644 --- a/_data/ddc_offline_files_2.yaml +++ b/_data/ddc_offline_files_2.yaml @@ -10,8 +10,6 @@ url: https://packages.docker.com/caas/ucp_images_3.1.8.tar.gz - description: "3.1.8 Windows Server 2016 LTSC" url: https://packages.docker.com/caas/ucp_images_win_2016_3.1.8.tar.gz - - description: "3.1.8 Windows Server 1709" - url: https://packages.docker.com/caas/ucp_images_win_1709_3.1.8.tar.gz - description: "3.1.8 Windows Server 1803" url: https://packages.docker.com/caas/ucp_images_win_1803_3.1.8.tar.gz - description: "3.1.8 Windows Server 2019 LTSC" @@ -99,8 +97,6 @@ url: https://packages.docker.com/caas/ucp_images_s390x_3.0.12.tar.gz - description: "3.0.12 Windows Server 2016 LTSC" url: https://packages.docker.com/caas/ucp_images_win_2016_3.0.12.tar.gz - - description: "3.0.12 Windows Server 1709" - url: https://packages.docker.com/caas/ucp_images_win_1709_3.0.12.tar.gz - description: "3.0.12 Windows Server 1803" url: https://packages.docker.com/caas/ucp_images_win_1803_3.0.12.tar.gz - description: "3.0.11 Linux" diff --git a/ee/ucp/release-notes.md b/ee/ucp/release-notes.md index a69c4e55f1..cb630c1ce3 100644 --- a/ee/ucp/release-notes.md +++ b/ee/ucp/release-notes.md @@ -30,9 +30,20 @@ upgrade your installation to the latest release. ### Enhancements -* Users can now set default values for `restart-delay` and `restart-max-attempts` on Swarm Services. (ENGORC-2437) -* Users can now set the `kubeletMaxPods` option to configure more than 100 pods per node by using the `ClusterConfig` option. (ENGORC-2334) -* Added configuration support for `service-cluster-iprange`. (ENGCORE-683) +* A `user_workload_defaults` section has been added to the UCP configuration + file that allows admins to set default field values that will be applied to + Swarm services if those fields are not explicitly set when the service is + created. Only a subset of Swarm service fields may be set; see [UCP + Configuration file](/ee/ucp/admin/configure/ucp-configuration-file/) for more + details. (ENGORC-2437) +* Users can now set the `kubeletMaxPods` option for all nodes in the cluster, + see the [UCP Configuration + file](/ee/ucp/admin/configure/ucp-configuration-file/) for more details. + (ENGORC-2334) +* Users can now adjust the internal Kubernetes Service IP Range from the default + `10.96.0.0/16` at install time. See [Plan + Installation](ee/ucp/admin/install/plan-installation.md#avoid-ip-range-conflicts) + for more details. (ENGCORE-683) ### Bug fixes @@ -41,7 +52,8 @@ upgrade your installation to the latest release. ### Deprecated platforms -* Removed support for Windows Server 1709. +* Removed support for Windows Server 1709 as it is now [end of + life](https://docs.microsoft.com/en-us/windows-server/get-started/windows-server-release-info). ### Known issues * Upgrading from UCP `3.1.4` to `3.1.5` causes missing Swarm placement constraints banner for some Swarm services (ENGORC-2191). This can cause Swarm services to run unexpectedly on Kubernetes nodes. See https://www.docker.com/ddc-41 for more information. @@ -422,8 +434,9 @@ The following features are deprecated in UCP 3.1. ### Deprecated platforms -* Removed support for Windows Server 1709. - +* Removed support for Windows Server 1709 as it is now [end of + life](https://docs.microsoft.com/en-us/windows-server/get-started/windows-server-release-info). + ### Components | Component | Version | From 29cf527249f5b8047aaf4d03793b1a20d7bd7da1 Mon Sep 17 00:00:00 2001 From: Olly Pomeroy Date: Wed, 26 Jun 2019 16:14:38 +0100 Subject: [PATCH 19/35] Fixed bad link in Unmanaged CNI Signed-off-by: Olly Pomeroy --- ee/ucp/kubernetes/install-cni-plugin.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ee/ucp/kubernetes/install-cni-plugin.md b/ee/ucp/kubernetes/install-cni-plugin.md index 66bd5ee4e4..58a0d2503a 100644 --- a/ee/ucp/kubernetes/install-cni-plugin.md +++ b/ee/ucp/kubernetes/install-cni-plugin.md @@ -55,7 +55,7 @@ will also be unavailable, as this runs in a Kubernetes pod. Next, a platform operator should log into UCP, download a UCP client bundle, and configure the Kubernetes CLI tool, `kubectl`. See [CLI Based -Access](ee/ucp/user-access/cli/#download-client-certificates) for more details. +Access](/ee/ucp/user-access/cli/#download-client-certificates) for more details. With `kubectl`, you can see that the UCP components running on Kubernetes are still pending, waiting for a CNI driver before becoming From 4b1e19eba0abf759b18e07a6132c03d03fb8b903 Mon Sep 17 00:00:00 2001 From: Xinfeng Liu Date: Thu, 27 Jun 2019 15:58:27 +0800 Subject: [PATCH 20/35] Refine release notes on docker/orca#16122 --- ee/ucp/release-notes.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ee/ucp/release-notes.md b/ee/ucp/release-notes.md index 22109ecace..d12c23de71 100644 --- a/ee/ucp/release-notes.md +++ b/ee/ucp/release-notes.md @@ -149,7 +149,7 @@ upgrade your installation to the latest release. ### Bug Fixes * Bump the Golang version that is used to build UCP to version 1.10.8. (docker/orca#16068) * Fixed an issue that caused UCP upgrade failure to upgrade with Interlock deployment. (docker/orca#16009) -* Fixed an issue that caused Windows node ucp-agent(s) to constantly reboot when audit logging is enabled. (docker/orca#16122) +* Fixed an issue that caused ucp-agent(s) on worker nodes to constantly reboot when audit logging is enabled. (docker/orca#16122) * Fixed an issue to ensure that non-admin user actions (with the RestrictedControl role) against RBAC resources are read-only. (docker/orca#16121) * Fixed an issue to prevent UCP users from updating services with a port that conflicts with the UCP controller port. (escalation#855) * Fixed an issue to validate Calico certs expiration dates and update accordingly. (escalation#981) From 01374c86063d9228a4a0a66c158282591733c031 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Romain=20B=C3=A9lorgey?= Date: Thu, 27 Jun 2019 11:46:40 +0200 Subject: [PATCH 21/35] Add changes for 18.09 version The configuration of telemetry changes since 18.09 ee version. For full information, internal escalation: https://docker.atlassian.net/browse/FIELD-1702 --- ee/telemetry.md | 30 ++++++++++++++++++++++++++++++ 1 file changed, 30 insertions(+) diff --git a/ee/telemetry.md b/ee/telemetry.md index 81fe6a3cf0..f6e6e00ec7 100644 --- a/ee/telemetry.md +++ b/ee/telemetry.md @@ -53,6 +53,8 @@ You can find out more about an individual option by clicking the **?** icon. ## Use the CLI to control telemetry +### For versions prior to 18.09 + To disable the telemetry plugin, use the `docker plugin disable` with either the plugin NAME or ID: ```bash @@ -74,3 +76,31 @@ ID NAME [..] $ docker plugin enable docker/telemetry:1.0.0.linux-x86_64-stable ``` + +### Since version 18.09 + +The telemetry module is activated by default with Docker EE 18.09. No plugin are used since this version. + +To disable it, you need to modify your configuration file on `/etc/docker/config.json` and add this param: +``` +{"features":{"telemetry": false}} +``` + +Example: +``` +{ + "debug": true, + "log-driver": "json-file", + "log-opts": { + "max-size": "10m" + }, + "features":{"telemetry": false} +} +``` + +You will need to restart the docker daemon to take into account the change. + +To enable back the telemetry module, you will need to put `true` instead of `false`: +``` +{"features":{"telemetry": true}} +``` From ead1e1d8d5a855cbb4c8510a9241cccd9076ae71 Mon Sep 17 00:00:00 2001 From: usha-mandya Date: Thu, 27 Jun 2019 12:25:12 +0100 Subject: [PATCH 22/35] Added Engine release notes and update release date --- ee/dtr/release-notes.md | 4 +-- ee/ucp/release-notes.md | 9 ++++- engine/release-notes.md | 75 +++++++++++++++++++++++++++++++++++++++++ 3 files changed, 85 insertions(+), 3 deletions(-) diff --git a/ee/dtr/release-notes.md b/ee/dtr/release-notes.md index 797349283a..50e3e97954 100644 --- a/ee/dtr/release-notes.md +++ b/ee/dtr/release-notes.md @@ -22,7 +22,7 @@ to upgrade your installation to the latest release. # Version 2.6 ## 2.6.7 -(2019-6-25) +(2019-6-27) ### Enhancements @@ -306,7 +306,7 @@ to upgrade your installation to the latest release. > Upgrade path from 2.5.x to 2.6: Upgrade directly to 2.6.4. ## 2.5.12 -(2019-06-25) +(2019-06-27) ### Bug fixes diff --git a/ee/ucp/release-notes.md b/ee/ucp/release-notes.md index cb630c1ce3..2f80b88cfb 100644 --- a/ee/ucp/release-notes.md +++ b/ee/ucp/release-notes.md @@ -22,7 +22,12 @@ upgrade your installation to the latest release. # Version 3.1 ## 3.1.8 -(2019-06-25) +(2019-06-27) + +> Upgrading UCP 3.1.8 +> +> UCP 3.1.8 introduces new features such as setting the `kubeletMaxPods` option for all nodes in the cluster, and an updated UCP configuration file that allows admins to set default values for Swarm services. These features not available in UCP 3.2.0. Customers using either of those features in UCP 3.1.8 or future versions of 3.1.x must upgrade to UCP 3.2.1 or later to avoid any upgrade issues. For information, see [Upgrading your UCP environment](/ee/ucp/admin/install/upgrade/). +{: .important} ### Kubernetes @@ -426,6 +431,7 @@ The following features are deprecated in UCP 3.1. # Version 3.0 ## 3.0.12 +2019-06-27 ### Bug fixes @@ -923,6 +929,7 @@ deprecated. Deploy your applications as Swarm services or Kubernetes workloads. # Version 2.2 ## Version 2.2.19 +2019-06-27 ### Bug fixes diff --git a/engine/release-notes.md b/engine/release-notes.md index 04b2188cfb..6b60951672 100644 --- a/engine/release-notes.md +++ b/engine/release-notes.md @@ -29,6 +29,31 @@ consistency and compatibility reasons. > `sudo apt install docker-ce docker-ce-cli containerd.io`. See the install instructions > for the corresponding linux distro for details. +## 18.09.07 +2019-06-27 + +### Builder + +* Fixed a panic error when building dockerfiles that contain only comments. [moby/moby#38487](https://github.com/moby/moby/pull/38487) +* Added a workaround for GCR authentication issue. [moby/moby#38246](https://github.com/moby/moby/pull/38246) +* Builder-next: Fixed a bug in the GCR token cache implementation workaround. [moby/moby#39183](https://github.com/moby/moby/pull/39183) + +### Runtime + +* Added performance optimizations in aufs and layer store that helps in the creation and removal of massively parallel containers. [moby/moby#39107](https://github.com/moby/moby/pull/39107) +* Updated containerd to version 1.2.6. [moby/moby#39016](https://github.com/moby/moby/pull/39016) +* Fixed [CVE-2018-15664](https://nvd.nist.gov/vuln/detail/CVE-2018-15664) symlink-exchange attack with directory traversal. [moby/moby#39357](https://github.com/moby/moby/pull/39357) +* Windows: fixed support for `docker service create --limit-cpu`. [moby/moby#39190](https://github.com/moby/moby/pull/39190) +* daemon: fixed a mirrors validation issue. [moby/moby#38991](https://github.com/moby/moby/pull/38991) +* Docker no longer supports sorting UID and GID ranges in ID maps. [moby/moby#39288](https://github.com/moby/moby/pull/39288) + +### Logging + +* Added a fix that now allows large log lines for logger plugins. [moby/moby#39038](https://github.com/moby/moby/pull/39038) + +### Known Issue +* There are [important changes](/ee/upgrade) to the upgrade process that, if not correctly followed, can have an impact on the availability of applications running on the Swarm during upgrades. These constraints impact any upgrades coming from any version before 18.09 to version 18.09 or later. + ## 18.09.6 2019-05-06 @@ -333,6 +358,21 @@ Ubuntu 14.04 "Trusty Tahr" [docker-ce-packaging#255](https://github.com/docker/d ## Older Docker Engine EE Release notes +## 18.03.1-ee-9 + +2019-06-27 + +### Client + +* Fixed annotation issues in `docker config create` and `docker secret create` commands that displayed the `--template-driver` option when connecting to an older daemon that didn't support the option. [docker/cli#1769](https://github.com/docker/cli/pull/1769) [docker/cli#1785](https://github.com/docker/cli/pull/1785) + +### Runtime + +* Added performance optimizations in aufs and layer store that helps in the creation and removal of massively parallel containers. [moby/moby#39107](https://github.com/moby/moby/pull/39107) +* Windows: Fixed support for `docker service create --limit-cpu`. [moby/moby#39190](https://github.com/moby/moby/pull/39190) +* Fixed a bug where the original process spec was not used for exec processes.[moby/moby#38871](https://github.com/moby/moby/pull/38871) +* Fixed [CVE-2018-15664](https://nvd.nist.gov/vuln/detail/CVE-2018-15664) symlink-exchange attack with directory traversal. [moby/moby#39357](https://github.com/moby/moby/pull/39357) + ## 18.03.1-ee-8 2019-03-28 @@ -478,6 +518,41 @@ Ubuntu 14.04 "Trusty Tahr" [docker-ce-packaging#255](https://github.com/docker/d + Support for `--chown` with `COPY` and `ADD` in `Dockerfile`. + Added functionality for the `docker logs` command to include the output of multiple logging drivers. +## 17.06.2-ee-22 +2019-06-27 + +### Networking + +* Fixed a bug where if a service has the same number of host-mode published ports with PublishedPort 0, changes to the spec is not reflected in the service object. [docker/swarmkit#2376](https://github.com/docker/swarmkit/pull/2376) + +### Runtime + +* Added performance optimizations in aufs and layer store that helps in the creation and removal of massively parallel containers. [moby/moby#39107](https://github.com/moby/moby/pull/39107) +* Fixed [CVE-2018-15664](https://nvd.nist.gov/vuln/detail/CVE-2018-15664) symlink-exchange attack with directory traversal. [moby/moby#39357](https://github.com/moby/moby/pull/39357) +* Windows: fixed support for docker service `create --limit-cpu`. [moby/moby#39190](https://github.com/moby/moby/pull/39190) + +### Known issues + +* When all Swarm managers are stopped at the same time, the swarm might end up in a +split-brain scenario. [Learn more](https://success.docker.com/article/KB000759). +* Under certain conditions, swarm leader re-election may timeout + prematurely. During this period, docker commands may fail. Also during + this time, creation of globally-scoped networks may be unstable. As a + workaround, wait for leader election to complete before issuing commands + to the cluster. +* It's recommended that users create overlay networks with `/24` blocks (the default) of 256 IP addresses when networks are used by services created using VIP-based endpoint-mode (the default). This is because of limitations with Docker Swarm [moby/moby#30820](moby/moby/issues/30820). Users should _not_ work around this by increasing the IP block size. To work around this limitation, either use `dnsrr` endpoint-mode or use multiple smaller overlay networks. +* Docker may experience IP exhaustion if many tasks are assigned to a single overlay network, for example if many services are attached to that network or because services on the network are scaled to many replicas. The problem may also manifest when tasks are rescheduled because of node failures. In case of node failure, Docker currently waits 24h to release overlay IP addresses. The problem can be diagnosed by looking for `failed to allocate network IP for task` messages in the Docker logs. +* SELinux enablement is not supported for containers on IBM Z on RHEL because of missing Red Hat package. +* If a container is spawned on node A, using the same IP of a container destroyed +on nodeB within 5 min from the time that it exit, the container on node A is +not reachable until one of these 2 conditions happens: + +1. Container on A sends a packet out, +2. The timer that cleans the arp entry in the overlay namespace is triggered (around 5 minutes). + +As a workaround, send at least a packet out from each container like +(ping, GARP, etc). + ## 17.06.2-ee-21 2019-04-11 From b842889234120dae7c290b264f200e55233cb140 Mon Sep 17 00:00:00 2001 From: Steven Follis Date: Thu, 27 Jun 2019 09:34:49 -0400 Subject: [PATCH 23/35] Added pre-req for Static IPs --- ee/ucp/admin/install/install-on-azure.md | 1 + 1 file changed, 1 insertion(+) diff --git a/ee/ucp/admin/install/install-on-azure.md b/ee/ucp/admin/install/install-on-azure.md index c2f36e836c..516bdb8ce2 100644 --- a/ee/ucp/admin/install/install-on-azure.md +++ b/ee/ucp/admin/install/install-on-azure.md @@ -43,6 +43,7 @@ to successfully deploy Docker UCP on Azure: Configuration](#considerations-for-ipam-configuration). - All UCP worker and manager nodes need to be attached to the same Azure Subnet. +- Internal IP addresses for all nodes should be [set to Static](https://docs.microsoft.com/en-us/azure/virtual-network/virtual-networks-static-private-ip-arm-pportal), rather than the default of Dynamic - The Azure Virtual Machine Object Name needs to match the Azure Virtual Machine Computer Name and the Node Operating System's Hostname which is the FQDN of the host, including domain names. Note that this requires all characters to be in lowercase. From 459200b75396bb0d90c6202e21b34e70e9f62f57 Mon Sep 17 00:00:00 2001 From: Olly Pomeroy Date: Thu, 27 Jun 2019 15:20:48 +0100 Subject: [PATCH 24/35] Formatting Nits Signed-off-by: Olly Pomeroy --- ee/ucp/admin/install/install-on-azure.md | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/ee/ucp/admin/install/install-on-azure.md b/ee/ucp/admin/install/install-on-azure.md index 516bdb8ce2..3bd53ee017 100644 --- a/ee/ucp/admin/install/install-on-azure.md +++ b/ee/ucp/admin/install/install-on-azure.md @@ -43,7 +43,9 @@ to successfully deploy Docker UCP on Azure: Configuration](#considerations-for-ipam-configuration). - All UCP worker and manager nodes need to be attached to the same Azure Subnet. -- Internal IP addresses for all nodes should be [set to Static](https://docs.microsoft.com/en-us/azure/virtual-network/virtual-networks-static-private-ip-arm-pportal), rather than the default of Dynamic +- Internal IP addresses for all nodes should be [set to + Static](https://docs.microsoft.com/en-us/azure/virtual-network/virtual-networks-static-private-ip-arm-pportal), + rather than the default of Dynamic. - The Azure Virtual Machine Object Name needs to match the Azure Virtual Machine Computer Name and the Node Operating System's Hostname which is the FQDN of the host, including domain names. Note that this requires all characters to be in lowercase. From 44c5ca316a5ecd49bfbcf0778e20313c5b3643b1 Mon Sep 17 00:00:00 2001 From: Usha Mandya <47779042+usha-mandya@users.noreply.github.com> Date: Thu, 27 Jun 2019 18:50:16 +0100 Subject: [PATCH 25/35] Update engine/release-notes.md Co-Authored-By: Kirill Kolyshkin --- engine/release-notes.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/engine/release-notes.md b/engine/release-notes.md index 6b60951672..6a86c204fa 100644 --- a/engine/release-notes.md +++ b/engine/release-notes.md @@ -40,7 +40,7 @@ consistency and compatibility reasons. ### Runtime -* Added performance optimizations in aufs and layer store that helps in the creation and removal of massively parallel containers. [moby/moby#39107](https://github.com/moby/moby/pull/39107) +* Added performance optimizations in aufs and layer store that helps in massively parallel container creation and removal. [moby/moby#39107](https://github.com/moby/moby/pull/39107), [moby/moby#39135](https://github.com/moby/moby/pull/39135) * Updated containerd to version 1.2.6. [moby/moby#39016](https://github.com/moby/moby/pull/39016) * Fixed [CVE-2018-15664](https://nvd.nist.gov/vuln/detail/CVE-2018-15664) symlink-exchange attack with directory traversal. [moby/moby#39357](https://github.com/moby/moby/pull/39357) * Windows: fixed support for `docker service create --limit-cpu`. [moby/moby#39190](https://github.com/moby/moby/pull/39190) From cdc8b16d69a3ee97b4df7e29ae6864aafa3798cb Mon Sep 17 00:00:00 2001 From: gprossliner Date: Fri, 28 Jun 2019 12:31:18 +0200 Subject: [PATCH 26/35] Update index.md See issue #9001 for details. --- ee/ucp/interlock/usage/index.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ee/ucp/interlock/usage/index.md b/ee/ucp/interlock/usage/index.md index ccdf7bcb33..1e64529afc 100644 --- a/ee/ucp/interlock/usage/index.md +++ b/ee/ucp/interlock/usage/index.md @@ -101,7 +101,7 @@ the host header, that request is forwarded to the demo service. should attach to in order to be able to communicate with the demo service. To use layer 7 routing, your services need to be attached to at least one network. If your service is only attached to a single network, you don't need to add -a label to specify which network to use for routing. When using a common stack file for multiple deployments leveraging UCP Interlock / Layer 7 Routing, prefix `com.docker.lb.network` with the stack name to ensure traffic will be directed to the correct overlay network. +a label to specify which network to use for routing. When using a common stack file for multiple deployments leveraging UCP Interlock / Layer 7 Routing, prefix `com.docker.lb.network` with the stack name to ensure traffic will be directed to the correct overlay network. When using in combination with `com.docker.lb.ssl_passthrough` the label in mandatory, even if your service is only attached to a single network. * The `com.docker.lb.port` label specifies which port the `ucp-interlock-proxy` service should use to communicate with this demo service. * Your service doesn't need to expose a port in the swarm routing mesh. All From 1d6bc9332cba8503312cccf76a0e18ab12b0b97d Mon Sep 17 00:00:00 2001 From: ollypom Date: Sat, 29 Jun 2019 12:06:42 +0000 Subject: [PATCH 27/35] Patch for June Release Notes * Fixed broken link in UCP Rel Notes * Fixed x.y.z naming in Engine Rel Notes --- ee/ucp/release-notes.md | 2 +- engine/release-notes.md | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/ee/ucp/release-notes.md b/ee/ucp/release-notes.md index bd57e73417..7c10ceb019 100644 --- a/ee/ucp/release-notes.md +++ b/ee/ucp/release-notes.md @@ -47,7 +47,7 @@ upgrade your installation to the latest release. (ENGORC-2334) * Users can now adjust the internal Kubernetes Service IP Range from the default `10.96.0.0/16` at install time. See [Plan - Installation](ee/ucp/admin/install/plan-installation.md#avoid-ip-range-conflicts) + Installation](/ee/ucp/admin/install/plan-installation.md#avoid-ip-range-conflicts) for more details. (ENGCORE-683) ### Bug fixes diff --git a/engine/release-notes.md b/engine/release-notes.md index 6a86c204fa..a8fa10c43f 100644 --- a/engine/release-notes.md +++ b/engine/release-notes.md @@ -29,7 +29,7 @@ consistency and compatibility reasons. > `sudo apt install docker-ce docker-ce-cli containerd.io`. See the install instructions > for the corresponding linux distro for details. -## 18.09.07 +## 18.09.7 2019-06-27 ### Builder From fb98aae9712247df3b5498d30a40d53c08885931 Mon Sep 17 00:00:00 2001 From: Sajad Torkamani Date: Mon, 1 Jul 2019 11:25:31 +0100 Subject: [PATCH 28/35] Fix typo --- get-started/part4.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/get-started/part4.md b/get-started/part4.md index fb03928f9d..a265960b6d 100644 --- a/get-started/part4.md +++ b/get-started/part4.md @@ -145,7 +145,7 @@ You now have two VMs created, named `myvm1` and `myvm2`. Use this command to list the machines and get their IP addresses. -> **Note**: you need to run the following as administrator or else you don't get any resonable output (only "UNKNOWN"). +> **Note**: you need to run the following as administrator or else you don't get any reasonable output (only "UNKNOWN"). ```shell docker-machine ls From a6d08a96315f30629b05863b70c3249c27721687 Mon Sep 17 00:00:00 2001 From: ollypom Date: Mon, 1 Jul 2019 14:05:37 +0000 Subject: [PATCH 29/35] Fixed formatting error on user workload defaults --- .../admin/configure/ucp-configuration-file.md | 18 ++++++++++-------- 1 file changed, 10 insertions(+), 8 deletions(-) diff --git a/ee/ucp/admin/configure/ucp-configuration-file.md b/ee/ucp/admin/configure/ucp-configuration-file.md index 902ddcd868..fae03afcd6 100644 --- a/ee/ucp/admin/configure/ucp-configuration-file.md +++ b/ee/ucp/admin/configure/ucp-configuration-file.md @@ -158,7 +158,7 @@ Specifies whether the your UCP license is automatically renewed. Included when you need to set custom API headers. You can repeat this section multiple times to specify multiple separate headers. If you include custom headers, you must specify both `name` and `value`. -[[custom_api_server_headers]] +`[[custom_api_server_headers]]` | Item | Description | |:--------|:--------------------------------------------------------------------------------------| @@ -167,15 +167,17 @@ Included when you need to set custom API headers. You can repeat this section mu ### user_workload_defaults (optional) -`user_workload_defaults.swarm_defaults` - -A map describing default values to set on Swarm services at creation time if +A map describing default values to set on Swarm services at creation time if those fields are not explicitly set in the service spec. -| Parameter | Required | Description | -|:-----------------------------------------|:---------|:---------------------------------------------------------------------| -| `tasktemplate.restartpolicy.delay` | no | Delay between restart attempts (ns|us|ms|s|m|h).The default is `5s`. | -| `tasktemplate.restartpolicy.maxattempts` | no | Maximum number of restarts before giving up. The default is `3`. | +`[user_workload_defaults]` + + `[user_workload_defaults.swarm_defaults]` + +| Parameter | Required | Description | +|:-------------------------------------------|:---------|:---------------------------------------------------------------------------------------------------------| +| `[tasktemplate.restartpolicy.delay]` | no | Delay between restart attempts (ns|us|ms|s|m|h). The default is `value = "5s"`. | +| `[tasktemplate.restartpolicy.maxattempts]` | no | Maximum number of restarts before giving up. The default is `value = "3"`. | ### cluster_config table (required) From db7d8d4b3f9df06cf6387a8f6e148dcf89dc8052 Mon Sep 17 00:00:00 2001 From: nirajrules Date: Mon, 1 Jul 2019 18:23:21 -0400 Subject: [PATCH 30/35] The notary config file had a comma missing Docker SA from South East --- engine/security/trust/trust_delegation.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/engine/security/trust/trust_delegation.md b/engine/security/trust/trust_delegation.md index 12533b020d..b2926702df 100644 --- a/engine/security/trust/trust_delegation.md +++ b/engine/security/trust/trust_delegation.md @@ -92,7 +92,7 @@ and ensure that it is available on your path. { "trust_dir" : "~/.docker/trust", "remote_server": { - "url": "https://dtr.example.com" + "url": "https://dtr.example.com", "root_ca": "../.docker/ca.pem" } } From 9878f22b17e3affdef0476b0d212bdff80dcdc6e Mon Sep 17 00:00:00 2001 From: Olly P Date: Tue, 2 Jul 2019 10:00:19 +0100 Subject: [PATCH 31/35] Formatting nit --- engine/security/trust/trust_delegation.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/engine/security/trust/trust_delegation.md b/engine/security/trust/trust_delegation.md index b2926702df..b2f03e0d0e 100644 --- a/engine/security/trust/trust_delegation.md +++ b/engine/security/trust/trust_delegation.md @@ -93,7 +93,7 @@ and ensure that it is available on your path. "trust_dir" : "~/.docker/trust", "remote_server": { "url": "https://dtr.example.com", - "root_ca": "../.docker/ca.pem" + "root_ca": "../.docker/ca.pem" } } ``` From 6f34bb896b5b6ae14577d724fe118c078f76aaa6 Mon Sep 17 00:00:00 2001 From: Olly Pomeroy Date: Tue, 2 Jul 2019 13:28:04 +0100 Subject: [PATCH 32/35] Reorded the text, putting 18.09 instructions first Signed-off-by: Olly Pomeroy --- ee/telemetry.md | 64 ++++++++++++++++++++++++------------------------- 1 file changed, 32 insertions(+), 32 deletions(-) diff --git a/ee/telemetry.md b/ee/telemetry.md index f6e6e00ec7..a95599244e 100644 --- a/ee/telemetry.md +++ b/ee/telemetry.md @@ -53,9 +53,36 @@ You can find out more about an individual option by clicking the **?** icon. ## Use the CLI to control telemetry -### For versions prior to 18.09 +At the engine level, there is a telemetry module built into the Docker +Enterprise Engine 18.09 or newer. It can be disabled by modifing the [daemon +configuration +file](https://docs.docker.com/engine/reference/commandline/dockerd/#daemon-configuration-file). +By default this is stored at `/etc/docker/daemon.json`. -To disable the telemetry plugin, use the `docker plugin disable` with either the plugin NAME or ID: +```bash +{ + "features": { + "telemetry": false + } +} +``` + +For the Docker daemon to pick up the changes in the configuration file, the +Docker daemon will need to be restarted. + +```bash +$ sudo systemctl reboot docker +``` + +To reenable the telemetry module, swap the value to `"telemetry": true` or +completely remove the `"telemetry": false` line, as the default value is `true`. + + +### Docker Enterprise Engine 18.03 or older + +For Docker Enterprise Engine 18.03 or older, the telemetry module ran as a +Docker Plugin. To disable the telemetry plugin, use the `docker plugin disable` +with either the plugin NAME or ID: ```bash $ docker plugin ls @@ -67,7 +94,8 @@ $ docker plugin disable docker/telemetry:1.0.0.linux-x86_64-stable This command must be run on each Docker host. -To re-enable the telemetry plugin, you can use `docker plugin enable` with either the plugin NAME or ID: +To re-enable the telemetry plugin, you can use `docker plugin enable` with +either the plugin NAME or ID: ```bash $ docker plugin ls @@ -75,32 +103,4 @@ ID NAME [..] 114dbeaa400c docker/telemetry:1.0.0.linux-x86_64-stable [..] $ docker plugin enable docker/telemetry:1.0.0.linux-x86_64-stable -``` - -### Since version 18.09 - -The telemetry module is activated by default with Docker EE 18.09. No plugin are used since this version. - -To disable it, you need to modify your configuration file on `/etc/docker/config.json` and add this param: -``` -{"features":{"telemetry": false}} -``` - -Example: -``` -{ - "debug": true, - "log-driver": "json-file", - "log-opts": { - "max-size": "10m" - }, - "features":{"telemetry": false} -} -``` - -You will need to restart the docker daemon to take into account the change. - -To enable back the telemetry module, you will need to put `true` instead of `false`: -``` -{"features":{"telemetry": true}} -``` +``` \ No newline at end of file From 6c64d5d4c5666c70427a2c8b938cb250388beaf3 Mon Sep 17 00:00:00 2001 From: Guillaume Tardif Date: Tue, 2 Jul 2019 14:42:32 +0200 Subject: [PATCH 33/35] Release notes for 2.0.5.0 (Edge) cc @gbarr01 (#8926) Docker for win edge rel notes 2.0.5.0 --- docker-for-windows/edge-release-notes.md | 33 ++++++++++++++++++++++++ 1 file changed, 33 insertions(+) diff --git a/docker-for-windows/edge-release-notes.md b/docker-for-windows/edge-release-notes.md index 7c8e71cae4..2eb972df91 100644 --- a/docker-for-windows/edge-release-notes.md +++ b/docker-for-windows/edge-release-notes.md @@ -18,6 +18,39 @@ for Windows](install.md#download-docker-for-windows). ## Edge Releases of 2019 +### Docker Community Edition 2.0.5.0 2019-06-12 + +[Download](https://download.docker.com/win/edge/35318/Docker%20Desktop%20Installer.exe) + +This is the Edge channel, which gives you early access to our newest features. Be aware that some of them may be experimental, and some of them may not ever reach the Stable release. + +This release contains a Kubernetes upgrade. Note that your local Kubernetes cluster will be reset after installation. + +* Upgrades + - [Docker 19.03.0-rc2](https://github.com/docker/docker-ce/releases/tag/v19.03.0-rc2) + - [Kubernetes 1.14.3](https://github.com/kubernetes/kubernetes/releases/tag/v1.14.3) + - [Compose on Kubernetes 0.4.23](https://github.com/docker/compose-on-kubernetes/releases/tag/v0.4.23) + - [linuxkit v0.7](https://github.com/linuxkit/linuxkit/releases/tag/v0.7) + - [Qemu 4.0.0](https://github.com/docker/binfmt) for cross compiling for ARM + +* New + - Docker Desktop includes the `buildx` plugin (currently experimental). + - Selecting the `Experimental features` checkbox on the Docker Desktop settings Daemon page enables experimental features in the Docker daemon and the Docker CLI. + - Docker Desktop now checks for stored credentials at startup before attempting to mount any shared drives. This prompts users to reenter the credentials if they are invalid. + +* Bug fixes and minor changes + - Fixed race condition where Kubernetes sometimes fails to start after the app is restarted. + - The system tray icon now opens the Docker Desktop menu with left or right mouse button. + - When displaying the crash report window, Docker Desktop does not send a bugsnag crash report unless the user needs the report to upload diagnostics. + - Docker Desktop has removed the ability to log in using email address as a username as the Docker command line does not support this. + - For Linux containers on Windows (LCOW), at least one physical computer running Windows 10 Professional or Windows 10 Enterprise version 1809 or later is required. + - The `Send usage statistics` checkbox is selected by default in Docker Desktop for Windows (Community). This option cannot be modified. + - Docker Desktop has added a new dialog box during startup which allows users to retry mounting a shared drive or remove it from the shared drives list after a failed attempt. + + +* Known issues + - Windows containers networking does not work properly on Windows 1903. + ### Docker Community Edition 2.0.4.1 2019-05-07 [Download](https://download.docker.com/win/edge/34207/Docker%20Desktop%20Installer.exe) From 3b9275c19122bf32db95b2cf3ff187ea43af7619 Mon Sep 17 00:00:00 2001 From: Ulrich VACHON Date: Tue, 2 Jul 2019 13:43:07 +0100 Subject: [PATCH 34/35] Release notes for 2.0.5.0 (Edge/Mac) (#8937) Docker Desktop for Mac Edge 2.0.5.0 rel notes --- docker-for-mac/edge-release-notes.md | 28 ++++++++++++++++++++++++++++ 1 file changed, 28 insertions(+) diff --git a/docker-for-mac/edge-release-notes.md b/docker-for-mac/edge-release-notes.md index ccaa7d6e87..f87a6fd641 100644 --- a/docker-for-mac/edge-release-notes.md +++ b/docker-for-mac/edge-release-notes.md @@ -18,6 +18,34 @@ for Mac](install.md#download-docker-for-mac). ## Edge Releases of 2019 +### Docker Community Edition 2.0.5.0 2019-06-12 + +[Download](https://download.docker.com/mac/edge/35318/Docker.dmg) + +This is the Edge channel, which gives you early access to our newest features. Be aware that some of them may be experimental, and some of them may not ever reach the Stable release. + +This release contains a Kubernetes upgrade. Note that your local Kubernetes cluster will be reset after install. + +* Upgrades + - [Docker 19.03.0-rc2](https://github.com/docker/docker-ce/releases/tag/v19.03.0-rc2) + - [Kubernetes 1.14.3](https://github.com/kubernetes/kubernetes/releases/tag/v1.14.3) + - [Compose on Kubernetes 0.4.23](https://github.com/docker/compose-on-kubernetes/releases/tag/v0.4.23) + - [linuxkit v0.7](https://github.com/linuxkit/linuxkit/releases/tag/v0.7) + - [Qemu 4.0.0](https://github.com/docker/binfmt) for cross compiling for ARM + +* New + - Docker Desktop includes the `buildx` plugin (currently experimental). + - Selecting the `Experimental features` checkbox on the Docker Desktop Preferences Daemon page enables experimental features in the Docker daemon and the Docker CLI. + - Docker Desktop has improved the reliability of `com.docker.osxfs trace` performance profiling command. + - Users can now run the `com.docker.osxfs trace --summary` option to get a high-level summary of operations, instead of receiving a trace of all operations. + - Docker Desktop now supports large lists of DNS resource records on Mac. Fixes [docker/for-mac#2160](https://github.com/docker/for-mac/issues/2160#issuecomment-431571031) + +* Bug fixes and minor changes + - Docker Desktop does not send DNS queries for `docker-desktop.` every 10s. It now relies on the host's DNS domain search order rather than trying to replicate it inside the VM. + - Docker Desktop has removed the ability to log in using email address as a username as the Docker command line does not support this. + - Docker Desktop now allows running a Docker registry inside a container. Fixes [docker/for-mac#3611](https://github.com/docker/for-mac/issues/3611) + - Fixed a stability issue with the DNS resolver. + ### Docker Community Edition 2.0.4.1 2019-05-07 [Download](https://download.docker.com/mac/edge/34207/Docker.dmg) From 25cab040261fb74aaf89d0b2084e30f793f084e3 Mon Sep 17 00:00:00 2001 From: Sebastiaan van Stijn Date: Mon, 8 Jul 2019 12:40:00 +0200 Subject: [PATCH 35/35] docker-compose: change overview from /compose/overview to /compose/ (#8939) Move compose/overview to compose/ --- _data/toc.yaml | 2 +- compose/index.md | 183 +++++++++++++++++++++++++++++++++-- compose/overview.md | 185 ------------------------------------ docker-for-mac/install.md | 2 +- notary/running_a_service.md | 4 +- 5 files changed, 177 insertions(+), 199 deletions(-) delete mode 100644 compose/overview.md diff --git a/_data/toc.yaml b/_data/toc.yaml index ed75c8f663..d5d5939122 100644 --- a/_data/toc.yaml +++ b/_data/toc.yaml @@ -3084,7 +3084,7 @@ manuals: path: /ee/get-support/ - sectiontitle: Docker Compose section: - - path: /compose/overview/ + - path: /compose/ title: Overview of Docker Compose - path: /compose/install/ title: Install Compose diff --git a/compose/index.md b/compose/index.md index 7667e909fd..d29065d4cf 100644 --- a/compose/index.md +++ b/compose/index.md @@ -1,24 +1,187 @@ --- description: Introduction and Overview of Compose -keywords: documentation, docs, docker, compose, orchestration, containers -title: Docker Compose -notoc: true +keywords: documentation, docs, docker, compose, orchestration, containers +title: Overview of Docker Compose +redirect_from: + - /compose/overview/ --- -Compose is a tool for defining and running multi-container Docker applications. To learn more about Compose refer to the following documentation: +>**Looking for Compose file reference?** [Find the latest version here](/compose/compose-file/index.md). -- [Compose Overview](overview.md) -- [Install Compose](install.md) +Compose is a tool for defining and running multi-container Docker applications. +With Compose, you use a YAML file to configure your application's services. +Then, with a single command, you create and start all the services +from your configuration. To learn more about all the features of Compose, +see [the list of features](overview.md#features). + +Compose works in all environments: production, staging, development, testing, as +well as CI workflows. You can learn more about each case in [Common Use +Cases](overview.md#common-use-cases). + +Using Compose is basically a three-step process: + +1. Define your app's environment with a `Dockerfile` so it can be reproduced +anywhere. + +2. Define the services that make up your app in `docker-compose.yml` +so they can be run together in an isolated environment. + +3. Run `docker-compose up` and Compose starts and runs your entire app. + +A `docker-compose.yml` looks like this: + + version: '3' + services: + web: + build: . + ports: + - "5000:5000" + volumes: + - .:/code + - logvolume01:/var/log + links: + - redis + redis: + image: redis + volumes: + logvolume01: {} + +For more information about the Compose file, see the +[Compose file reference](compose-file/index.md). + +Compose has commands for managing the whole lifecycle of your application: + + * Start, stop, and rebuild services + * View the status of running services + * Stream the log output of running services + * Run a one-off command on a service + +## Compose documentation + +- [Installing Compose](install.md) - [Getting Started](gettingstarted.md) - [Get started with Django](django.md) - [Get started with Rails](rails.md) - [Get started with WordPress](wordpress.md) -- [Get started with Drupal](/samples/drupal/) - [Frequently asked questions](faq.md) -- [Command-line reference](./reference/index.md) -- [Compose file reference](/compose/compose-file/index.md) -- [Environment file](env-file.md) +- [Command line reference](./reference/index.md) +- [Compose file reference](compose-file/index.md) + +## Features + +The features of Compose that make it effective are: + +* [Multiple isolated environments on a single host](overview.md#Multiple-isolated-environments-on-a-single-host) +* [Preserve volume data when containers are created](overview.md#preserve-volume-data-when-containers-are-created) +* [Only recreate containers that have changed](overview.md#only-recreate-containers-that-have-changed) +* [Variables and moving a composition between environments](overview.md#variables-and-moving-a-composition-between-environments) + +### Multiple isolated environments on a single host + +Compose uses a project name to isolate environments from each other. You can make use of this project name in several different contexts: + +* on a dev host, to create multiple copies of a single environment, such as when you want to run a stable copy for each feature branch of a project +* on a CI server, to keep builds from interfering with each other, you can set + the project name to a unique build number +* on a shared host or dev host, to prevent different projects, which may use the + same service names, from interfering with each other + +The default project name is the basename of the project directory. You can set +a custom project name by using the +[`-p` command line option](./reference/overview.md) or the +[`COMPOSE_PROJECT_NAME` environment variable](./reference/envvars.md#compose-project-name). + +### Preserve volume data when containers are created + +Compose preserves all volumes used by your services. When `docker-compose up` +runs, if it finds any containers from previous runs, it copies the volumes from +the old container to the new container. This process ensures that any data +you've created in volumes isn't lost. + +If you use `docker-compose` on a Windows machine, see +[Environment variables](reference/envvars.md) and adjust the necessary environment +variables for your specific needs. + + +### Only recreate containers that have changed + +Compose caches the configuration used to create a container. When you +restart a service that has not changed, Compose re-uses the existing +containers. Re-using containers means that you can make changes to your +environment very quickly. + + +### Variables and moving a composition between environments + +Compose supports variables in the Compose file. You can use these variables +to customize your composition for different environments, or different users. +See [Variable substitution](compose-file.md#variable-substitution) for more +details. + +You can extend a Compose file using the `extends` field or by creating multiple +Compose files. See [extends](extends.md) for more details. + + +## Common use cases + +Compose can be used in many different ways. Some common use cases are outlined +below. + +### Development environments + +When you're developing software, the ability to run an application in an +isolated environment and interact with it is crucial. The Compose command +line tool can be used to create the environment and interact with it. + +The [Compose file](compose-file.md) provides a way to document and configure +all of the application's service dependencies (databases, queues, caches, +web service APIs, etc). Using the Compose command line tool you can create +and start one or more containers for each dependency with a single command +(`docker-compose up`). + +Together, these features provide a convenient way for developers to get +started on a project. Compose can reduce a multi-page "developer getting +started guide" to a single machine readable Compose file and a few commands. + +### Automated testing environments + +An important part of any Continuous Deployment or Continuous Integration process +is the automated test suite. Automated end-to-end testing requires an +environment in which to run tests. Compose provides a convenient way to create +and destroy isolated testing environments for your test suite. By defining the full environment in a [Compose file](compose-file.md), you can create and destroy these environments in just a few commands: + + $ docker-compose up -d + $ ./run_tests + $ docker-compose down + +### Single host deployments + +Compose has traditionally been focused on development and testing workflows, +but with each release we're making progress on more production-oriented features. You can use Compose to deploy to a remote Docker Engine. The Docker Engine may be a single instance provisioned with +[Docker Machine](/machine/overview.md) or an entire +[Docker Swarm](/engine/swarm/index.md) cluster. + +For details on using production-oriented features, see +[compose in production](production.md) in this documentation. + + +## Release notes To see a detailed list of changes for past and current releases of Docker Compose, refer to the [CHANGELOG](https://github.com/docker/compose/blob/master/CHANGELOG.md). + +## Getting help + +Docker Compose is under active development. If you need help, would like to +contribute, or simply want to talk about the project with like-minded +individuals, we have a number of open channels for communication. + +* To report bugs or file feature requests: use the [issue tracker on Github](https://github.com/docker/compose/issues). + +* To talk about the project with people in real time: join the + `#docker-compose` channel on freenode IRC. + +* To contribute code or documentation changes: submit a [pull request on Github](https://github.com/docker/compose/pulls). + +For more information and resources, visit the [Getting Help project page](/opensource/get-help/). diff --git a/compose/overview.md b/compose/overview.md deleted file mode 100644 index 57858cf85a..0000000000 --- a/compose/overview.md +++ /dev/null @@ -1,185 +0,0 @@ ---- -description: Introduction and Overview of Compose -keywords: documentation, docs, docker, compose, orchestration, containers -title: Overview of Docker Compose ---- - ->**Looking for Compose file reference?** [Find the latest version here](/compose/compose-file/index.md). - -Compose is a tool for defining and running multi-container Docker applications. -With Compose, you use a YAML file to configure your application's services. -Then, with a single command, you create and start all the services -from your configuration. To learn more about all the features of Compose, -see [the list of features](overview.md#features). - -Compose works in all environments: production, staging, development, testing, as -well as CI workflows. You can learn more about each case in [Common Use -Cases](overview.md#common-use-cases). - -Using Compose is basically a three-step process: - -1. Define your app's environment with a `Dockerfile` so it can be reproduced -anywhere. - -2. Define the services that make up your app in `docker-compose.yml` -so they can be run together in an isolated environment. - -3. Run `docker-compose up` and Compose starts and runs your entire app. - -A `docker-compose.yml` looks like this: - - version: '3' - services: - web: - build: . - ports: - - "5000:5000" - volumes: - - .:/code - - logvolume01:/var/log - links: - - redis - redis: - image: redis - volumes: - logvolume01: {} - -For more information about the Compose file, see the -[Compose file reference](compose-file/index.md). - -Compose has commands for managing the whole lifecycle of your application: - - * Start, stop, and rebuild services - * View the status of running services - * Stream the log output of running services - * Run a one-off command on a service - -## Compose documentation - -- [Installing Compose](install.md) -- [Getting Started](gettingstarted.md) -- [Get started with Django](django.md) -- [Get started with Rails](rails.md) -- [Get started with WordPress](wordpress.md) -- [Frequently asked questions](faq.md) -- [Command line reference](./reference/index.md) -- [Compose file reference](compose-file/index.md) - -## Features - -The features of Compose that make it effective are: - -* [Multiple isolated environments on a single host](overview.md#Multiple-isolated-environments-on-a-single-host) -* [Preserve volume data when containers are created](overview.md#preserve-volume-data-when-containers-are-created) -* [Only recreate containers that have changed](overview.md#only-recreate-containers-that-have-changed) -* [Variables and moving a composition between environments](overview.md#variables-and-moving-a-composition-between-environments) - -### Multiple isolated environments on a single host - -Compose uses a project name to isolate environments from each other. You can make use of this project name in several different contexts: - -* on a dev host, to create multiple copies of a single environment, such as when you want to run a stable copy for each feature branch of a project -* on a CI server, to keep builds from interfering with each other, you can set - the project name to a unique build number -* on a shared host or dev host, to prevent different projects, which may use the - same service names, from interfering with each other - -The default project name is the basename of the project directory. You can set -a custom project name by using the -[`-p` command line option](./reference/overview.md) or the -[`COMPOSE_PROJECT_NAME` environment variable](./reference/envvars.md#compose-project-name). - -### Preserve volume data when containers are created - -Compose preserves all volumes used by your services. When `docker-compose up` -runs, if it finds any containers from previous runs, it copies the volumes from -the old container to the new container. This process ensures that any data -you've created in volumes isn't lost. - -If you use `docker-compose` on a Windows machine, see -[Environment variables](reference/envvars.md) and adjust the necessary environment -variables for your specific needs. - - -### Only recreate containers that have changed - -Compose caches the configuration used to create a container. When you -restart a service that has not changed, Compose re-uses the existing -containers. Re-using containers means that you can make changes to your -environment very quickly. - - -### Variables and moving a composition between environments - -Compose supports variables in the Compose file. You can use these variables -to customize your composition for different environments, or different users. -See [Variable substitution](compose-file.md#variable-substitution) for more -details. - -You can extend a Compose file using the `extends` field or by creating multiple -Compose files. See [extends](extends.md) for more details. - - -## Common use cases - -Compose can be used in many different ways. Some common use cases are outlined -below. - -### Development environments - -When you're developing software, the ability to run an application in an -isolated environment and interact with it is crucial. The Compose command -line tool can be used to create the environment and interact with it. - -The [Compose file](compose-file.md) provides a way to document and configure -all of the application's service dependencies (databases, queues, caches, -web service APIs, etc). Using the Compose command line tool you can create -and start one or more containers for each dependency with a single command -(`docker-compose up`). - -Together, these features provide a convenient way for developers to get -started on a project. Compose can reduce a multi-page "developer getting -started guide" to a single machine readable Compose file and a few commands. - -### Automated testing environments - -An important part of any Continuous Deployment or Continuous Integration process -is the automated test suite. Automated end-to-end testing requires an -environment in which to run tests. Compose provides a convenient way to create -and destroy isolated testing environments for your test suite. By defining the full environment in a [Compose file](compose-file.md), you can create and destroy these environments in just a few commands: - - $ docker-compose up -d - $ ./run_tests - $ docker-compose down - -### Single host deployments - -Compose has traditionally been focused on development and testing workflows, -but with each release we're making progress on more production-oriented features. You can use Compose to deploy to a remote Docker Engine. The Docker Engine may be a single instance provisioned with -[Docker Machine](/machine/overview.md) or an entire -[Docker Swarm](/engine/swarm/index.md) cluster. - -For details on using production-oriented features, see -[compose in production](production.md) in this documentation. - - -## Release notes - -To see a detailed list of changes for past and current releases of Docker -Compose, refer to the -[CHANGELOG](https://github.com/docker/compose/blob/master/CHANGELOG.md). - -## Getting help - -Docker Compose is under active development. If you need help, would like to -contribute, or simply want to talk about the project with like-minded -individuals, we have a number of open channels for communication. - -* To report bugs or file feature requests: use the [issue tracker on Github](https://github.com/docker/compose/issues). - -* To talk about the project with people in real time: join the - `#docker-compose` channel on freenode IRC. - -* To contribute code or documentation changes: submit a [pull request on Github](https://github.com/docker/compose/pulls). - -For more information and resources, visit the [Getting Help project page](/opensource/get-help/). diff --git a/docker-for-mac/install.md b/docker-for-mac/install.md index 995e3ff99a..287a1a80bc 100644 --- a/docker-for-mac/install.md +++ b/docker-for-mac/install.md @@ -49,7 +49,7 @@ for Docker Desktop for Mac, and how the two products can coexist. * **What the install includes**: The installation provides [Docker Engine](/engine/userguide/), Docker CLI client, - [Docker Compose](/compose/overview/), [Docker Machine](/machine/overview/), and [Kitematic](/kitematic/userguide.md). + [Docker Compose](/compose/), [Docker Machine](/machine/overview/), and [Kitematic](/kitematic/userguide.md). ## Install and run Docker Desktop for Mac diff --git a/notary/running_a_service.md b/notary/running_a_service.md index d4ab19ee3d..ec79ca04f0 100644 --- a/notary/running_a_service.md +++ b/notary/running_a_service.md @@ -8,7 +8,7 @@ This document is for anyone who wants to run their own Notary service (such as those who want to use Notary with a private Docker registry). Running a Notary service requires that you are already familiar with using [Docker Engine](/engine/userguide/) -and [Docker Compose](/compose/overview/). +and [Docker Compose](/compose/). ## Run a service for testing or development @@ -178,7 +178,7 @@ One way to do this would be: {"level":"info","msg":"Starting on :4443","time":"2016-02-25T00:53:59Z"} You can do the same using -[Docker Compose](/compose/overview/) by setting volumes, +[Docker Compose](/compose/) by setting volumes, environment variables, and overriding the default command for the Notary server containers in the Compose file.