From eb84de01439c4ee25f59390e5be4ffa7f36e01b8 Mon Sep 17 00:00:00 2001 From: Egor Kislitsyn Date: Mon, 4 Mar 2019 19:55:11 +0700 Subject: [PATCH 001/170] allow users to disable their own account --- config/config.exs | 3 +- lib/mix/tasks/pleroma/user.ex | 20 +++++- lib/pleroma/activity.ex | 16 ++++- lib/pleroma/gopher/server.ex | 3 +- lib/pleroma/notification.ex | 32 +++++----- lib/pleroma/user.ex | 64 +++++++++++++++---- lib/pleroma/user/info.ex | 9 +++ lib/pleroma/web/activity_pub/activity_pub.ex | 1 + .../web/admin_api/admin_api_controller.ex | 10 +++ lib/pleroma/web/common_api/utils.ex | 4 +- .../mastodon_api/mastodon_api_controller.ex | 12 ++-- lib/pleroma/web/router.ex | 2 + .../controllers/util_controller.ex | 11 ++++ lib/pleroma/web/twitter_api/twitter_api.ex | 20 ++++-- .../web/twitter_api/twitter_api_controller.ex | 4 +- ...0190228121252_users_add_disabled_index.exs | 7 ++ 16 files changed, 167 insertions(+), 51 deletions(-) create mode 100644 priv/repo/migrations/20190228121252_users_add_disabled_index.exs diff --git a/config/config.exs b/config/config.exs index a620e7451..d9ed43dda 100644 --- a/config/config.exs +++ b/config/config.exs @@ -343,7 +343,8 @@ config :pleroma, Pleroma.Jobs, federator_incoming: [max_jobs: 50], federator_outgoing: [max_jobs: 50], - mailer: [max_jobs: 10] + mailer: [max_jobs: 10], + user: [max_jobs: 10] config :auto_linker, opts: [ diff --git a/lib/mix/tasks/pleroma/user.ex b/lib/mix/tasks/pleroma/user.ex index 037e44716..297332bc4 100644 --- a/lib/mix/tasks/pleroma/user.ex +++ b/lib/mix/tasks/pleroma/user.ex @@ -23,7 +23,7 @@ defmodule Mix.Tasks.Pleroma.User do - `--password PASSWORD` - the user's password - `--moderator`/`--no-moderator` - whether the user is a moderator - `--admin`/`--no-admin` - whether the user is an admin - - `-y`, `--assume-yes`/`--no-assume-yes` - whether to assume yes to all questions + - `-y`, `--assume-yes`/`--no-assume-yes` - whether to assume yes to all questions ## Generate an invite link. @@ -37,6 +37,10 @@ defmodule Mix.Tasks.Pleroma.User do mix pleroma.user toggle_activated NICKNAME + ## Disable or enable the user's account. + + mix pleroma.user toggle_disabled NICKNAME + ## Unsubscribe local users from user's account and deactivate it mix pleroma.user unsubscribe NICKNAME @@ -170,6 +174,20 @@ def run(["toggle_activated", nickname]) do end end + def run(["toggle_disabled", nickname]) do + Common.start_pleroma() + + case User.get_by_nickname(nickname) do + %User{} = user -> + {:ok, user} = User.disable(user, !user.info.disabled) + status = if(user.info.disabled, do: "ON", else: "OFF") + Mix.shell().info("Disabled status of #{nickname}: #{status}") + + _ -> + Mix.shell().error("No user #{nickname}") + end + end + def run(["reset_password", nickname]) do Common.start_pleroma() diff --git a/lib/pleroma/activity.ex b/lib/pleroma/activity.ex index 66854dc2d..c466bff7f 100644 --- a/lib/pleroma/activity.ex +++ b/lib/pleroma/activity.ex @@ -42,7 +42,10 @@ def get_by_ap_id(ap_id) do end def get_by_id(id) do - Repo.get(Activity, id) + Activity + |> where([a], a.id == ^id) + |> restrict_disabled_users() + |> Repo.one() end def by_object_ap_id(ap_id) do @@ -92,6 +95,7 @@ def get_all_create_by_object_ap_id(ap_id) do def get_create_by_object_ap_id(ap_id) when is_binary(ap_id) do create_by_object_ap_id(ap_id) + |> restrict_disabled_users() |> Repo.one() end @@ -123,4 +127,14 @@ def all_by_actor_and_id(actor, status_ids) do |> where([s], s.actor == ^actor) |> Repo.all() end + + def restrict_disabled_users(query) do + from(activity in query, + where: + fragment( + "? not in (SELECT ap_id FROM users WHERE info->'disabled' @> 'true')", + activity.actor + ) + ) + end end diff --git a/lib/pleroma/gopher/server.ex b/lib/pleroma/gopher/server.ex index ba9614029..24190574e 100644 --- a/lib/pleroma/gopher/server.ex +++ b/lib/pleroma/gopher/server.ex @@ -41,7 +41,6 @@ defmodule Pleroma.Gopher.Server.ProtocolHandler do alias Pleroma.Activity alias Pleroma.HTML alias Pleroma.User - alias Pleroma.Repo def start_link(ref, socket, transport, opts) do pid = spawn_link(__MODULE__, :init, [ref, socket, transport, opts]) @@ -110,7 +109,7 @@ def response("/main/all") do end def response("/notices/" <> id) do - with %Activity{} = activity <- Repo.get(Activity, id), + with %Activity{} = activity <- Activity.get_by_id(id), true <- Visibility.is_public?(activity) do activities = ActivityPub.fetch_activities_for_context(activity.data["context"]) diff --git a/lib/pleroma/notification.ex b/lib/pleroma/notification.ex index c88512567..0f9f74b1e 100644 --- a/lib/pleroma/notification.ex +++ b/lib/pleroma/notification.ex @@ -36,22 +36,22 @@ defp restrict_since(query, %{"since_id" => since_id}) do defp restrict_since(query, _), do: query def for_user(user, opts \\ %{}) do - query = - from( - n in Notification, - where: n.user_id == ^user.id, - order_by: [desc: n.id], - join: activity in assoc(n, :activity), - preload: [activity: activity], - limit: 20 - ) - - query = - query - |> restrict_since(opts) - |> restrict_max(opts) - - Repo.all(query) + from( + n in Notification, + where: n.user_id == ^user.id, + order_by: [desc: n.id], + join: activity in assoc(n, :activity), + preload: [activity: activity], + limit: 20, + where: + fragment( + "? not in (SELECT ap_id FROM users WHERE info->'disabled' @> 'true')", + activity.actor + ) + ) + |> restrict_since(opts) + |> restrict_max(opts) + |> Repo.all() end def set_read_up_to(%{id: user_id} = _user, id) do diff --git a/lib/pleroma/user.ex b/lib/pleroma/user.ex index 50e7e7ccd..f02051174 100644 --- a/lib/pleroma/user.ex +++ b/lib/pleroma/user.ex @@ -108,10 +108,8 @@ def ap_followers(%User{} = user) do end def user_info(%User{} = user) do - oneself = if user.local, do: 1, else: 0 - %{ - following_count: length(user.following) - oneself, + following_count: following_count(user), note_count: user.info.note_count, follower_count: user.info.follower_count, locked: user.info.locked, @@ -120,6 +118,23 @@ def user_info(%User{} = user) do } end + defp restrict_disabled(query) do + from(u in query, + where: not fragment("? \\? 'disabled' AND ?->'disabled' @> 'true'", u.info, u.info) + ) + end + + def following_count(%User{following: []}), do: 0 + + def following_count(%User{following: following, id: id}) do + from(u in User, + where: u.follower_address in ^following, + where: u.id != ^id + ) + |> restrict_disabled() + |> Repo.aggregate(:count, :id) + end + def remote_user_creation(params) do params = params @@ -545,6 +560,7 @@ def get_followers_query(%User{id: id, follower_address: follower_address}, nil) where: fragment("? <@ ?", ^[follower_address], u.following), where: u.id != ^id ) + |> restrict_disabled() end def get_followers_query(user, page) do @@ -572,6 +588,7 @@ def get_friends_query(%User{id: id, following: following}, nil) do where: u.follower_address in ^following, where: u.id != ^id ) + |> restrict_disabled() end def get_friends_query(user, page) do @@ -681,11 +698,10 @@ def update_note_count(%User{} = user) do info_cng = User.Info.set_note_count(user.info, note_count) - cng = - change(user) - |> put_embed(:info, info_cng) - - update_and_set_cache(cng) + user + |> change() + |> put_embed(:info, info_cng) + |> update_and_set_cache() end def update_follower_count(%User{} = user) do @@ -694,6 +710,7 @@ def update_follower_count(%User{} = user) do |> where([u], ^user.follower_address in u.following) |> where([u], u.id != ^user.id) |> select([u], %{count: count(u.id)}) + |> restrict_disabled() User |> where(id: ^user.id) @@ -860,6 +877,7 @@ defp fts_search_subquery(term, query \\ User) do ^processed_query ) ) + |> restrict_disabled() end defp trigram_search_subquery(term) do @@ -876,6 +894,7 @@ defp trigram_search_subquery(term) do }, where: fragment("trim(? || ' ' || coalesce(?, '')) % ?", u.nickname, u.name, ^term) ) + |> restrict_disabled() end defp boost_search_results(results, nil), do: results @@ -1062,11 +1081,10 @@ def moderator_user_query do def deactivate(%User{} = user, status \\ true) do info_cng = User.Info.set_activation_status(user.info, status) - cng = - change(user) - |> put_embed(:info, info_cng) - - update_and_set_cache(cng) + user + |> change() + |> put_embed(:info, info_cng) + |> update_and_set_cache() end def delete(%User{} = user) do @@ -1100,6 +1118,26 @@ def delete(%User{} = user) do {:ok, user} end + def disable_async(user, status \\ true) do + Pleroma.Jobs.enqueue(:user, __MODULE__, [:disable_async, user, status]) + end + + def disable(%User{} = user, status \\ true) do + with {:ok, user} <- User.deactivate(user, status), + info_cng <- User.Info.set_disabled_status(user.info, status), + {:ok, user} <- + user + |> change() + |> put_embed(:info, info_cng) + |> update_and_set_cache(), + {:ok, friends} <- User.get_friends(user) do + Enum.each(friends, &update_follower_count(&1)) + {:ok, user} + end + end + + def perform(:disable_async, user, status), do: disable(user, status) + def html_filter_policy(%User{info: %{no_rich_text: true}}) do Pleroma.HTML.Scrubber.TwitterText end diff --git a/lib/pleroma/user/info.ex b/lib/pleroma/user/info.ex index 818b64645..1ec356ba9 100644 --- a/lib/pleroma/user/info.ex +++ b/lib/pleroma/user/info.ex @@ -36,6 +36,7 @@ defmodule Pleroma.User.Info do field(:hide_follows, :boolean, default: false) field(:pinned_activities, {:array, :string}, default: []) field(:flavour, :string, default: nil) + field(:disabled, :boolean, default: false) # Found in the wild # ap_id -> Where is this used? @@ -54,6 +55,14 @@ def set_activation_status(info, deactivated) do |> validate_required([:deactivated]) end + def set_disabled_status(info, disabled) do + params = %{disabled: disabled} + + info + |> cast(params, [:disabled]) + |> validate_required([:disabled]) + end + def add_to_note_count(info, number) do set_note_count(info, info.note_count + number) end diff --git a/lib/pleroma/web/activity_pub/activity_pub.ex b/lib/pleroma/web/activity_pub/activity_pub.ex index 783491b67..aa20990f3 100644 --- a/lib/pleroma/web/activity_pub/activity_pub.ex +++ b/lib/pleroma/web/activity_pub/activity_pub.ex @@ -703,6 +703,7 @@ def fetch_activities_query(recipients, opts \\ %{}) do |> restrict_replies(opts) |> restrict_reblogs(opts) |> restrict_pinned(opts) + |> Activity.restrict_disabled_users() end def fetch_activities(recipients, opts \\ %{}) do diff --git a/lib/pleroma/web/admin_api/admin_api_controller.ex b/lib/pleroma/web/admin_api/admin_api_controller.ex index aae02cab8..1b94f0609 100644 --- a/lib/pleroma/web/admin_api/admin_api_controller.ex +++ b/lib/pleroma/web/admin_api/admin_api_controller.ex @@ -44,6 +44,16 @@ def user_create( |> json(user.nickname) end + def user_toggle_disabled(conn, %{"nickname" => nickname}) do + user = User.get_by_nickname(nickname) + + {:ok, updated_user} = User.disable(user, !user.info.disabled) + + conn + |> put_view(AccountView) + |> render("show.json", %{user: updated_user}) + end + def user_toggle_activation(conn, %{"nickname" => nickname}) do user = User.get_by_nickname(nickname) diff --git a/lib/pleroma/web/common_api/utils.ex b/lib/pleroma/web/common_api/utils.ex index e4b9102c5..60d1185d3 100644 --- a/lib/pleroma/web/common_api/utils.ex +++ b/lib/pleroma/web/common_api/utils.ex @@ -17,7 +17,7 @@ defmodule Pleroma.Web.CommonAPI.Utils do # This is a hack for twidere. def get_by_id_or_ap_id(id) do - activity = Repo.get(Activity, id) || Activity.get_create_by_object_ap_id(id) + activity = Activity.get_by_id(id) || Activity.get_create_by_object_ap_id(id) activity && if activity.data["type"] == "Create" do @@ -30,7 +30,7 @@ def get_by_id_or_ap_id(id) do def get_replied_to_activity(""), do: nil def get_replied_to_activity(id) when not is_nil(id) do - Repo.get(Activity, id) + Activity.get_by_id(id) end def get_replied_to_activity(_), do: nil diff --git a/lib/pleroma/web/mastodon_api/mastodon_api_controller.ex b/lib/pleroma/web/mastodon_api/mastodon_api_controller.ex index 056be49b0..00a0f1351 100644 --- a/lib/pleroma/web/mastodon_api/mastodon_api_controller.ex +++ b/lib/pleroma/web/mastodon_api/mastodon_api_controller.ex @@ -307,7 +307,7 @@ def dm_timeline(%{assigns: %{user: user}} = conn, params) do end def get_status(%{assigns: %{user: user}} = conn, %{"id" => id}) do - with %Activity{} = activity <- Repo.get(Activity, id), + with %Activity{} = activity <- Activity.get_by_id(id), true <- Visibility.visible_for_user?(activity, user) do conn |> put_view(StatusView) @@ -316,7 +316,7 @@ def get_status(%{assigns: %{user: user}} = conn, %{"id" => id}) do end def get_context(%{assigns: %{user: user}} = conn, %{"id" => id}) do - with %Activity{} = activity <- Repo.get(Activity, id), + with %Activity{} = activity <- Activity.get_by_id(id), activities <- ActivityPub.fetch_activities_for_context(activity.data["context"], %{ "blocking_user" => user, @@ -448,7 +448,7 @@ def unpin_status(%{assigns: %{user: user}} = conn, %{"id" => ap_id_or_id}) do end def bookmark_status(%{assigns: %{user: user}} = conn, %{"id" => id}) do - with %Activity{} = activity <- Repo.get(Activity, id), + with %Activity{} = activity <- Activity.get_by_id(id), %User{} = user <- User.get_by_nickname(user.nickname), true <- Visibility.visible_for_user?(activity, user), {:ok, user} <- User.bookmark(user, activity.data["object"]["id"]) do @@ -459,7 +459,7 @@ def bookmark_status(%{assigns: %{user: user}} = conn, %{"id" => id}) do end def unbookmark_status(%{assigns: %{user: user}} = conn, %{"id" => id}) do - with %Activity{} = activity <- Repo.get(Activity, id), + with %Activity{} = activity <- Activity.get_by_id(id), %User{} = user <- User.get_by_nickname(user.nickname), true <- Visibility.visible_for_user?(activity, user), {:ok, user} <- User.unbookmark(user, activity.data["object"]["id"]) do @@ -583,7 +583,7 @@ def upload(%{assigns: %{user: user}} = conn, %{"file" => file} = data) do end def favourited_by(conn, %{"id" => id}) do - with %Activity{data: %{"object" => %{"likes" => likes}}} <- Repo.get(Activity, id) do + with %Activity{data: %{"object" => %{"likes" => likes}}} <- Activity.get_by_id(id) do q = from(u in User, where: u.ap_id in ^likes) users = Repo.all(q) @@ -596,7 +596,7 @@ def favourited_by(conn, %{"id" => id}) do end def reblogged_by(conn, %{"id" => id}) do - with %Activity{data: %{"object" => %{"announcements" => announces}}} <- Repo.get(Activity, id) do + with %Activity{data: %{"object" => %{"announcements" => announces}}} <- Activity.get_by_id(id) do q = from(u in User, where: u.ap_id in ^announces) users = Repo.all(q) diff --git a/lib/pleroma/web/router.ex b/lib/pleroma/web/router.ex index 6fcb46878..5033b5446 100644 --- a/lib/pleroma/web/router.ex +++ b/lib/pleroma/web/router.ex @@ -143,6 +143,7 @@ defmodule Pleroma.Web.Router do get("/users/search", AdminAPIController, :search_users) delete("/user", AdminAPIController, :user_delete) patch("/users/:nickname/toggle_activation", AdminAPIController, :user_toggle_activation) + patch("/users/:nickname/toggle_disabled", AdminAPIController, :user_toggle_disabled) post("/user", AdminAPIController, :user_create) put("/users/tag", AdminAPIController, :tag_users) delete("/users/tag", AdminAPIController, :untag_users) @@ -183,6 +184,7 @@ defmodule Pleroma.Web.Router do post("/change_password", UtilController, :change_password) post("/delete_account", UtilController, :delete_account) + post("/disable_account", UtilController, :disable_account) end scope [] do diff --git a/lib/pleroma/web/twitter_api/controllers/util_controller.ex b/lib/pleroma/web/twitter_api/controllers/util_controller.ex index e2fdedb25..0006d53e8 100644 --- a/lib/pleroma/web/twitter_api/controllers/util_controller.ex +++ b/lib/pleroma/web/twitter_api/controllers/util_controller.ex @@ -311,6 +311,17 @@ def delete_account(%{assigns: %{user: user}} = conn, params) do end end + def disable_account(%{assigns: %{user: user}} = conn, params) do + case CommonAPI.Utils.confirm_current_password(user, params["password"]) do + {:ok, user} -> + User.disable_async(user) + json(conn, %{status: "success"}) + + {:error, msg} -> + json(conn, %{error: msg}) + end + end + def captcha(conn, _params) do json(conn, Pleroma.Captcha.new()) end diff --git a/lib/pleroma/web/twitter_api/twitter_api.ex b/lib/pleroma/web/twitter_api/twitter_api.ex index ab6470d78..615a34be9 100644 --- a/lib/pleroma/web/twitter_api/twitter_api.ex +++ b/lib/pleroma/web/twitter_api/twitter_api.ex @@ -21,7 +21,7 @@ def create_status(%User{} = user, %{"status" => _} = data) do end def delete(%User{} = user, id) do - with %Activity{data: %{"type" => _type}} <- Repo.get(Activity, id), + with %Activity{data: %{"type" => _type}} <- Activity.get_by_id(id), {:ok, activity} <- CommonAPI.delete(id, user) do {:ok, activity} end @@ -232,21 +232,27 @@ def password_reset(nickname_or_email) do def get_user(user \\ nil, params) do case params do %{"user_id" => user_id} -> - case target = User.get_cached_by_nickname_or_id(user_id) do + case User.get_cached_by_nickname_or_id(user_id) do nil -> {:error, "No user with such user_id"} - _ -> - {:ok, target} + %User{info: %{disabled: true}} -> + {:error, "User has been disabled"} + + user -> + {:ok, user} end %{"screen_name" => nickname} -> - case target = Repo.get_by(User, nickname: nickname) do + case User.get_by_nickname(nickname) do nil -> {:error, "No user with such screen_name"} - _ -> - {:ok, target} + %User{info: %{disabled: true}} -> + {:error, "User has been disabled"} + + user -> + {:ok, user} end _ -> diff --git a/lib/pleroma/web/twitter_api/twitter_api_controller.ex b/lib/pleroma/web/twitter_api/twitter_api_controller.ex index de7b9f24c..0769f8698 100644 --- a/lib/pleroma/web/twitter_api/twitter_api_controller.ex +++ b/lib/pleroma/web/twitter_api/twitter_api_controller.ex @@ -269,7 +269,7 @@ def unfollow(%{assigns: %{user: user}} = conn, params) do end def fetch_status(%{assigns: %{user: user}} = conn, %{"id" => id}) do - with %Activity{} = activity <- Repo.get(Activity, id), + with %Activity{} = activity <- Activity.get_by_id(id), true <- Visibility.visible_for_user?(activity, user) do conn |> put_view(ActivityView) @@ -341,7 +341,7 @@ def upload_json(%{assigns: %{user: user}} = conn, %{"media" => media}) do end def get_by_id_or_ap_id(id) do - activity = Repo.get(Activity, id) || Activity.get_create_by_object_ap_id(id) + activity = Activity.get_by_id(id) || Activity.get_create_by_object_ap_id(id) if activity.data["type"] == "Create" do activity diff --git a/priv/repo/migrations/20190228121252_users_add_disabled_index.exs b/priv/repo/migrations/20190228121252_users_add_disabled_index.exs new file mode 100644 index 000000000..7b921d3e7 --- /dev/null +++ b/priv/repo/migrations/20190228121252_users_add_disabled_index.exs @@ -0,0 +1,7 @@ +defmodule Pleroma.Repo.Migrations.UsersAddDisabledIndex do + use Ecto.Migration + + def change do + create(index(:users, ["(info->'disabled')"], name: :users_disabled_index, using: :gin)) + end +end From db4badc6aa71df4cb9372ef4aff699399516ffb2 Mon Sep 17 00:00:00 2001 From: Egor Kislitsyn Date: Thu, 11 Apr 2019 17:22:42 +0700 Subject: [PATCH 002/170] move user disable into deactivation --- lib/mix/tasks/pleroma/user.ex | 18 ------- lib/pleroma/activity.ex | 8 +-- lib/pleroma/notification.ex | 2 +- lib/pleroma/user.ex | 51 ++++++++----------- lib/pleroma/user/info.ex | 9 ---- lib/pleroma/web/activity_pub/activity_pub.ex | 2 +- .../web/admin_api/admin_api_controller.ex | 10 ---- lib/pleroma/web/router.ex | 1 - .../controllers/util_controller.ex | 2 +- lib/pleroma/web/twitter_api/twitter_api.ex | 2 +- ...0190228121252_users_add_disabled_index.exs | 7 --- ...120_add_index_on_user_info_deactivated.exs | 7 +++ 12 files changed, 36 insertions(+), 83 deletions(-) delete mode 100644 priv/repo/migrations/20190228121252_users_add_disabled_index.exs create mode 100644 priv/repo/migrations/20190411094120_add_index_on_user_info_deactivated.exs diff --git a/lib/mix/tasks/pleroma/user.ex b/lib/mix/tasks/pleroma/user.ex index 78493231c..441168df2 100644 --- a/lib/mix/tasks/pleroma/user.ex +++ b/lib/mix/tasks/pleroma/user.ex @@ -53,10 +53,6 @@ defmodule Mix.Tasks.Pleroma.User do mix pleroma.user toggle_activated NICKNAME - ## Disable or enable the user's account. - - mix pleroma.user toggle_disabled NICKNAME - ## Unsubscribe local users from user's account and deactivate it mix pleroma.user unsubscribe NICKNAME @@ -190,20 +186,6 @@ def run(["toggle_activated", nickname]) do end end - def run(["toggle_disabled", nickname]) do - Common.start_pleroma() - - case User.get_by_nickname(nickname) do - %User{} = user -> - {:ok, user} = User.disable(user, !user.info.disabled) - status = if(user.info.disabled, do: "ON", else: "OFF") - Mix.shell().info("Disabled status of #{nickname}: #{status}") - - _ -> - Mix.shell().error("No user #{nickname}") - end - end - def run(["reset_password", nickname]) do Common.start_pleroma() diff --git a/lib/pleroma/activity.ex b/lib/pleroma/activity.ex index c8c7f0d04..d06fd917d 100644 --- a/lib/pleroma/activity.ex +++ b/lib/pleroma/activity.ex @@ -100,7 +100,7 @@ def get_by_ap_id_with_object(ap_id) do def get_by_id(id) do Activity |> where([a], a.id == ^id) - |> restrict_disabled_users() + |> restrict_deactivated_users() |> Repo.one() end @@ -169,7 +169,7 @@ def get_all_create_by_object_ap_id(ap_id) do def get_create_by_object_ap_id(ap_id) when is_binary(ap_id) do create_by_object_ap_id(ap_id) - |> restrict_disabled_users() + |> restrict_deactivated_users() |> Repo.one() end @@ -296,11 +296,11 @@ def decrease_replies_count(id) do end end - def restrict_disabled_users(query) do + def restrict_deactivated_users(query) do from(activity in query, where: fragment( - "? not in (SELECT ap_id FROM users WHERE info->'disabled' @> 'true')", + "? not in (SELECT ap_id FROM users WHERE info->'deactivated' @> 'true')", activity.actor ) ) diff --git a/lib/pleroma/notification.ex b/lib/pleroma/notification.ex index 7de2d4c18..941218eea 100644 --- a/lib/pleroma/notification.ex +++ b/lib/pleroma/notification.ex @@ -36,7 +36,7 @@ def for_user_query(user) do |> where( [n, a], fragment( - "? not in (SELECT ap_id FROM users WHERE info->'disabled' @> 'true')", + "? not in (SELECT ap_id FROM users WHERE info->'deactivated' @> 'true')", a.actor ) ) diff --git a/lib/pleroma/user.ex b/lib/pleroma/user.ex index 1f2aca235..c08d3a171 100644 --- a/lib/pleroma/user.ex +++ b/lib/pleroma/user.ex @@ -117,9 +117,9 @@ def user_info(%User{} = user) do } end - defp restrict_disabled(query) do + defp restrict_deactivated(query) do from(u in query, - where: not fragment("? \\? 'disabled' AND ?->'disabled' @> 'true'", u.info, u.info) + where: not fragment("? \\? 'deactivated' AND ?->'deactivated' @> 'true'", u.info, u.info) ) end @@ -130,7 +130,7 @@ def following_count(%User{following: following, id: id}) do where: u.follower_address in ^following, where: u.id != ^id ) - |> restrict_disabled() + |> restrict_deactivated() |> Repo.aggregate(:count, :id) end @@ -584,7 +584,7 @@ def get_followers_query(%User{id: id, follower_address: follower_address}, nil) where: fragment("? <@ ?", ^[follower_address], u.following), where: u.id != ^id ) - |> restrict_disabled() + |> restrict_deactivated() end def get_followers_query(user, page) do @@ -612,7 +612,7 @@ def get_friends_query(%User{id: id, following: following}, nil) do where: u.follower_address in ^following, where: u.id != ^id ) - |> restrict_disabled() + |> restrict_deactivated() end def get_friends_query(user, page) do @@ -736,7 +736,7 @@ def update_follower_count(%User{} = user) do |> where([u], ^user.follower_address in u.following) |> where([u], u.id != ^user.id) |> select([u], %{count: count(u.id)}) - |> restrict_disabled() + |> restrict_deactivated() User |> where(id: ^user.id) @@ -887,7 +887,7 @@ defp fts_search_subquery(term, query \\ User) do ^processed_query ) ) - |> restrict_disabled() + |> restrict_deactivated() end defp trigram_search_subquery(term) do @@ -906,7 +906,7 @@ defp trigram_search_subquery(term) do }, where: fragment("trim(? || ' ' || coalesce(?, '')) % ?", u.nickname, u.name, ^term) ) - |> restrict_disabled() + |> restrict_deactivated() end def blocks_import(%User{} = blocker, blocked_identifiers) when is_list(blocked_identifiers) do @@ -1150,13 +1150,24 @@ def moderator_user_query do ) end + + def deactivate_async(user, status \\ true) do + PleromaJobQueue.enqueue(:user, __MODULE__, [:deactivate_async, user, status]) + end + + def perform(:deactivate_async, user, status), do: deactivate(user, status) + def deactivate(%User{} = user, status \\ true) do info_cng = User.Info.set_activation_status(user.info, status) - user + with {:ok, user} <- user |> change() |> put_embed(:info, info_cng) - |> update_and_set_cache() + |> update_and_set_cache(), + {:ok, friends} <- User.get_friends(user) do + Enum.each(friends, &update_follower_count(&1)) + {:ok, user} + end end def update_notification_settings(%User{} = user, settings \\ %{}) do @@ -1199,26 +1210,6 @@ def delete_user_activities(%User{ap_id: ap_id} = user) do {:ok, user} end - def disable_async(user, status \\ true) do - PleromaJobQueue.enqueue(:user, __MODULE__, [:disable_async, user, status]) - end - - def disable(%User{} = user, status \\ true) do - with {:ok, user} <- User.deactivate(user, status), - info_cng <- User.Info.set_disabled_status(user.info, status), - {:ok, user} <- - user - |> change() - |> put_embed(:info, info_cng) - |> update_and_set_cache(), - {:ok, friends} <- User.get_friends(user) do - Enum.each(friends, &update_follower_count(&1)) - {:ok, user} - end - end - - def perform(:disable_async, user, status), do: disable(user, status) - def html_filter_policy(%User{info: %{no_rich_text: true}}) do Pleroma.HTML.Scrubber.TwitterText end diff --git a/lib/pleroma/user/info.ex b/lib/pleroma/user/info.ex index 07825a1c4..5afa7988c 100644 --- a/lib/pleroma/user/info.ex +++ b/lib/pleroma/user/info.ex @@ -40,7 +40,6 @@ defmodule Pleroma.User.Info do field(:hide_follows, :boolean, default: false) field(:pinned_activities, {:array, :string}, default: []) field(:flavour, :string, default: nil) - field(:disabled, :boolean, default: false) field(:notification_settings, :map, default: %{"remote" => true, "local" => true, "followers" => true, "follows" => true} @@ -76,14 +75,6 @@ def update_notification_settings(info, settings) do |> validate_required([:notification_settings]) end - def set_disabled_status(info, disabled) do - params = %{disabled: disabled} - - info - |> cast(params, [:disabled]) - |> validate_required([:disabled]) - end - def add_to_note_count(info, number) do set_note_count(info, info.note_count + number) end diff --git a/lib/pleroma/web/activity_pub/activity_pub.ex b/lib/pleroma/web/activity_pub/activity_pub.ex index dd51d63c8..e749a80aa 100644 --- a/lib/pleroma/web/activity_pub/activity_pub.ex +++ b/lib/pleroma/web/activity_pub/activity_pub.ex @@ -804,7 +804,7 @@ def fetch_activities_query(recipients, opts \\ %{}) do |> restrict_reblogs(opts) |> restrict_pinned(opts) |> restrict_muted_reblogs(opts) - |> Activity.restrict_disabled_users() + |> Activity.restrict_deactivated_users() end def fetch_activities(recipients, opts \\ %{}) do diff --git a/lib/pleroma/web/admin_api/admin_api_controller.ex b/lib/pleroma/web/admin_api/admin_api_controller.ex index fb43d0b01..70a5b5c5d 100644 --- a/lib/pleroma/web/admin_api/admin_api_controller.ex +++ b/lib/pleroma/web/admin_api/admin_api_controller.ex @@ -75,16 +75,6 @@ def user_show(conn, %{"nickname" => nickname}) do end end - def user_toggle_disabled(conn, %{"nickname" => nickname}) do - user = User.get_by_nickname(nickname) - - {:ok, updated_user} = User.disable(user, !user.info.disabled) - - conn - |> put_view(AccountView) - |> render("show.json", %{user: updated_user}) - end - def user_toggle_activation(conn, %{"nickname" => nickname}) do user = User.get_by_nickname(nickname) diff --git a/lib/pleroma/web/router.ex b/lib/pleroma/web/router.ex index dd23d7fd5..c331098b4 100644 --- a/lib/pleroma/web/router.ex +++ b/lib/pleroma/web/router.ex @@ -153,7 +153,6 @@ defmodule Pleroma.Web.Router do delete("/user", AdminAPIController, :user_delete) patch("/users/:nickname/toggle_activation", AdminAPIController, :user_toggle_activation) - patch("/users/:nickname/toggle_disabled", AdminAPIController, :user_toggle_disabled) post("/user", AdminAPIController, :user_create) put("/users/tag", AdminAPIController, :tag_users) delete("/users/tag", AdminAPIController, :untag_users) diff --git a/lib/pleroma/web/twitter_api/controllers/util_controller.ex b/lib/pleroma/web/twitter_api/controllers/util_controller.ex index 317f2b0ff..44f4b183b 100644 --- a/lib/pleroma/web/twitter_api/controllers/util_controller.ex +++ b/lib/pleroma/web/twitter_api/controllers/util_controller.ex @@ -358,7 +358,7 @@ def delete_account(%{assigns: %{user: user}} = conn, params) do def disable_account(%{assigns: %{user: user}} = conn, params) do case CommonAPI.Utils.confirm_current_password(user, params["password"]) do {:ok, user} -> - User.disable_async(user) + User.deactivate_async(user) json(conn, %{status: "success"}) {:error, msg} -> diff --git a/lib/pleroma/web/twitter_api/twitter_api.ex b/lib/pleroma/web/twitter_api/twitter_api.ex index 156f5d40f..bf1051afd 100644 --- a/lib/pleroma/web/twitter_api/twitter_api.ex +++ b/lib/pleroma/web/twitter_api/twitter_api.ex @@ -235,7 +235,7 @@ def get_user(user \\ nil, params) do nil -> {:error, "No user with such user_id"} - %User{info: %{disabled: true}} -> + %User{info: %{deactivated: true}} -> {:error, "User has been disabled"} user -> diff --git a/priv/repo/migrations/20190228121252_users_add_disabled_index.exs b/priv/repo/migrations/20190228121252_users_add_disabled_index.exs deleted file mode 100644 index 7b921d3e7..000000000 --- a/priv/repo/migrations/20190228121252_users_add_disabled_index.exs +++ /dev/null @@ -1,7 +0,0 @@ -defmodule Pleroma.Repo.Migrations.UsersAddDisabledIndex do - use Ecto.Migration - - def change do - create(index(:users, ["(info->'disabled')"], name: :users_disabled_index, using: :gin)) - end -end diff --git a/priv/repo/migrations/20190411094120_add_index_on_user_info_deactivated.exs b/priv/repo/migrations/20190411094120_add_index_on_user_info_deactivated.exs new file mode 100644 index 000000000..d701dcecc --- /dev/null +++ b/priv/repo/migrations/20190411094120_add_index_on_user_info_deactivated.exs @@ -0,0 +1,7 @@ +defmodule Pleroma.Repo.Migrations.AddIndexOnUserInfoDeactivated do + use Ecto.Migration + + def change do + create(index(:users, ["(info->'deactivated')"], name: :users_deactivated_index, using: :gin)) + end +end From 46bd5c1d875934370621375957fa33a10e2d3507 Mon Sep 17 00:00:00 2001 From: Egor Kislitsyn Date: Thu, 11 Apr 2019 17:28:12 +0700 Subject: [PATCH 003/170] fix format --- lib/pleroma/user.ex | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/lib/pleroma/user.ex b/lib/pleroma/user.ex index c08d3a171..a8e902bf3 100644 --- a/lib/pleroma/user.ex +++ b/lib/pleroma/user.ex @@ -1150,7 +1150,6 @@ def moderator_user_query do ) end - def deactivate_async(user, status \\ true) do PleromaJobQueue.enqueue(:user, __MODULE__, [:deactivate_async, user, status]) end @@ -1160,11 +1159,12 @@ def perform(:deactivate_async, user, status), do: deactivate(user, status) def deactivate(%User{} = user, status \\ true) do info_cng = User.Info.set_activation_status(user.info, status) - with {:ok, user} <- user - |> change() - |> put_embed(:info, info_cng) - |> update_and_set_cache(), - {:ok, friends} <- User.get_friends(user) do + with {:ok, user} <- + user + |> change() + |> put_embed(:info, info_cng) + |> update_and_set_cache(), + {:ok, friends} <- User.get_friends(user) do Enum.each(friends, &update_follower_count(&1)) {:ok, user} end From dd097a406baf15e983454ab8f13635b4af2a8de4 Mon Sep 17 00:00:00 2001 From: Egor Kislitsyn Date: Fri, 12 Apr 2019 16:38:32 +0700 Subject: [PATCH 004/170] add tests --- lib/pleroma/user.ex | 9 ++++-- test/user_test.exs | 78 +++++++++++++++++++++++++++++++++++++++------ 2 files changed, 75 insertions(+), 12 deletions(-) diff --git a/lib/pleroma/user.ex b/lib/pleroma/user.ex index a8e902bf3..95f5c6d21 100644 --- a/lib/pleroma/user.ex +++ b/lib/pleroma/user.ex @@ -1159,13 +1159,16 @@ def perform(:deactivate_async, user, status), do: deactivate(user, status) def deactivate(%User{} = user, status \\ true) do info_cng = User.Info.set_activation_status(user.info, status) - with {:ok, user} <- + with {:ok, friends} <- User.get_friends(user), + {:ok, followers} <- User.get_followers(user), + {:ok, user} <- user |> change() |> put_embed(:info, info_cng) - |> update_and_set_cache(), - {:ok, friends} <- User.get_friends(user) do + |> update_and_set_cache() do + Enum.each(followers, &invalidate_cache(&1)) Enum.each(friends, &update_follower_count(&1)) + {:ok, user} end end diff --git a/test/user_test.exs b/test/user_test.exs index d2167a970..ac1675d0f 100644 --- a/test/user_test.exs +++ b/test/user_test.exs @@ -5,8 +5,10 @@ defmodule Pleroma.UserTest do alias Pleroma.Activity alias Pleroma.Builders.UserBuilder + alias Pleroma.Notification alias Pleroma.Repo alias Pleroma.User + alias Pleroma.Web.ActivityPub.ActivityPub alias Pleroma.Web.CommonAPI use Pleroma.DataCase @@ -212,8 +214,8 @@ test "test if a user is following another user" do test "fetches correct profile for nickname beginning with number" do # Use old-style integer ID to try to reproduce the problem user = insert(:user, %{id: 1080}) - userwithnumbers = insert(:user, %{nickname: "#{user.id}garbage"}) - assert userwithnumbers == User.get_cached_by_nickname_or_id(userwithnumbers.nickname) + user_with_numbers = insert(:user, %{nickname: "#{user.id}garbage"}) + assert user_with_numbers == User.get_cached_by_nickname_or_id(user_with_numbers.nickname) end describe "user registration" do @@ -815,13 +817,71 @@ test "get recipients from activity" do assert addressed in recipients end - test ".deactivate can de-activate then re-activate a user" do - user = insert(:user) - assert false == user.info.deactivated - {:ok, user} = User.deactivate(user) - assert true == user.info.deactivated - {:ok, user} = User.deactivate(user, false) - assert false == user.info.deactivated + describe ".deactivate" do + test "can de-activate then re-activate a user" do + user = insert(:user) + assert false == user.info.deactivated + {:ok, user} = User.deactivate(user) + assert true == user.info.deactivated + {:ok, user} = User.deactivate(user, false) + assert false == user.info.deactivated + end + + test "hide a user from followers " do + user = insert(:user) + user2 = insert(:user) + + {:ok, user} = User.follow(user, user2) + {:ok, _user} = User.deactivate(user) + + info = User.get_cached_user_info(user2) + + assert info.follower_count == 0 + assert {:ok, []} = User.get_followers(user2) + end + + test "hide a user from friends" do + user = insert(:user) + user2 = insert(:user) + + {:ok, user2} = User.follow(user2, user) + assert User.following_count(user2) == 1 + + {:ok, _user} = User.deactivate(user) + + info = User.get_cached_user_info(user2) + + assert info.following_count == 0 + assert User.following_count(user2) == 0 + assert {:ok, []} = User.get_friends(user2) + end + + test "hide a user's statuses from timelines and notifications" do + user = insert(:user) + user2 = insert(:user) + + {:ok, user2} = User.follow(user2, user) + + {:ok, activity} = CommonAPI.post(user, %{"status" => "hey @#{user2.nickname}"}) + + [notification] = Notification.for_user(user2) + assert notification.activity == activity + + assert [activity] == ActivityPub.fetch_public_activities(%{}) + + assert [activity] == + ActivityPub.fetch_activities([user2.ap_id | user2.following], %{"user" => user2}) + |> ActivityPub.contain_timeline(user2) + + {:ok, _user} = User.deactivate(user) + + assert [] == ActivityPub.fetch_public_activities(%{}) + assert [] == Notification.for_user(user2) + + assert [] == + ActivityPub.fetch_activities([user2.ap_id | user2.following], %{"user" => user2}) + |> ActivityPub.contain_timeline(user2) + end end test ".delete_user_activities deletes all create activities" do From d0304b4f925ac9b3b57f294ef091b96b071e97b9 Mon Sep 17 00:00:00 2001 From: Egor Kislitsyn Date: Fri, 12 Apr 2019 16:51:28 +0700 Subject: [PATCH 005/170] more tests --- test/web/twitter_api/util_controller_test.exs | 18 ++++++++++++++++++ 1 file changed, 18 insertions(+) diff --git a/test/web/twitter_api/util_controller_test.exs b/test/web/twitter_api/util_controller_test.exs index a4b3d651a..66d89eee0 100644 --- a/test/web/twitter_api/util_controller_test.exs +++ b/test/web/twitter_api/util_controller_test.exs @@ -230,4 +230,22 @@ test "show follow account page if the `acct` is a account link", %{conn: conn} d assert html_response(response, 200) =~ "Log in to follow" end end + + describe "POST /api/pleroma/disable_account" do + test "it returns HTTP 200", %{conn: conn} do + user = insert(:user) + + response = + conn + |> assign(:user, user) + |> post("/api/pleroma/disable_account", %{"password" => "test"}) + |> json_response(:ok) + + assert response == %{"status" => "success"} + + user = User.get_cached_by_id(user.id) + + assert user.info.deactivated == true + end + end end From 38926a063a39c4d4387049f5d364f72a9f8bd2de Mon Sep 17 00:00:00 2001 From: Egor Kislitsyn Date: Mon, 15 Apr 2019 16:39:42 +0700 Subject: [PATCH 006/170] add `/api/pleroma/disable_account` to `docs/api/pleroma_api.md` --- docs/api/pleroma_api.md | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/docs/api/pleroma_api.md b/docs/api/pleroma_api.md index dbe250300..b9622f586 100644 --- a/docs/api/pleroma_api.md +++ b/docs/api/pleroma_api.md @@ -61,6 +61,15 @@ Request parameters can be passed via [query strings](https://en.wikipedia.org/wi * Response: JSON. Returns `{"status": "success"}` if the deletion was successful, `{"error": "[error message]"}` otherwise * Example response: `{"error": "Invalid password."}` +## `/api/pleroma/disable_account` +### Disable an account +* Method `POST` +* Authentication: required +* Params: + * `password`: user's password +* Response: JSON. Returns `{"status": "success"}` if the account was successfully disabled, `{"error": "[error message]"}` otherwise +* Example response: `{"error": "Invalid password."}` + ## `/api/account/register` ### Register a new user * Method `POST` From fcf2f38d20eed40a53b03374467d9e52b013da07 Mon Sep 17 00:00:00 2001 From: lain Date: Wed, 8 May 2019 17:37:00 +0200 Subject: [PATCH 007/170] Conversations: Add a function to 'import' old DMs. --- lib/pleroma/conversation.ex | 14 ++++++++++++++ lib/pleroma/web/activity_pub/activity_pub.ex | 6 ++++++ test/conversation_test.exs | 18 ++++++++++++++++++ 3 files changed, 38 insertions(+) diff --git a/lib/pleroma/conversation.ex b/lib/pleroma/conversation.ex index 6e26c5fd4..aa73edd75 100644 --- a/lib/pleroma/conversation.ex +++ b/lib/pleroma/conversation.ex @@ -72,4 +72,18 @@ def create_or_bump_for(activity) do e -> {:error, e} end end + + @doc """ + This is only meant to be run by a mix task. It creates conversations/participations for all direct messages in the database. + """ + def bump_for_all_activities() do + stream = + Pleroma.Web.ActivityPub.ActivityPub.fetch_direct_messages_query() + |> Repo.stream() + + Repo.transaction(fn -> + stream + |> Enum.each(&create_or_bump_for/1) + end) + end end diff --git a/lib/pleroma/web/activity_pub/activity_pub.ex b/lib/pleroma/web/activity_pub/activity_pub.ex index 8f8c23a9b..23cf4e9c4 100644 --- a/lib/pleroma/web/activity_pub/activity_pub.ex +++ b/lib/pleroma/web/activity_pub/activity_pub.ex @@ -1061,4 +1061,10 @@ def contain_timeline(timeline, user) do contain_activity(activity, user) end) end + + def fetch_direct_messages_query() do + Activity + |> restrict_type(%{"type" => "Create"}) + |> restrict_visibility(%{visibility: "direct"}) + end end diff --git a/test/conversation_test.exs b/test/conversation_test.exs index f3300e7d1..59368b0e7 100644 --- a/test/conversation_test.exs +++ b/test/conversation_test.exs @@ -9,6 +9,24 @@ defmodule Pleroma.ConversationTest do import Pleroma.Factory + test "it goes through old direct conversations" do + user = insert(:user) + other_user = insert(:user) + + {:ok, _activity} = + CommonAPI.post(user, %{"visibility" => "direct", "status" => "hey @#{other_user.nickname}"}) + + Repo.delete_all(Conversation) + Repo.delete_all(Conversation.Participation) + + refute Repo.one(Conversation) + + Conversation.bump_for_all_activities() + + assert Repo.one(Conversation) + assert length(Repo.all(Conversation.Participation)) == 2 + end + test "it creates a conversation for given ap_id" do assert {:ok, %Conversation{} = conversation} = Conversation.create_for_ap_id("https://some_ap_id") From 920bd4705526d8dfa8ada516853bbb4e5438cbf1 Mon Sep 17 00:00:00 2001 From: lain Date: Wed, 8 May 2019 17:40:24 +0200 Subject: [PATCH 008/170] ActivityPub: Remove leftover printf debugging. --- lib/pleroma/web/activity_pub/activity_pub.ex | 42 ++++++++------------ 1 file changed, 16 insertions(+), 26 deletions(-) diff --git a/lib/pleroma/web/activity_pub/activity_pub.ex b/lib/pleroma/web/activity_pub/activity_pub.ex index 23cf4e9c4..cd8495035 100644 --- a/lib/pleroma/web/activity_pub/activity_pub.ex +++ b/lib/pleroma/web/activity_pub/activity_pub.ex @@ -533,22 +533,17 @@ def fetch_public_activities(opts \\ %{}) do defp restrict_visibility(query, %{visibility: visibility}) when is_list(visibility) do if Enum.all?(visibility, &(&1 in @valid_visibilities)) do - query = - from( - a in query, - where: - fragment( - "activity_visibility(?, ?, ?) = ANY (?)", - a.actor, - a.recipients, - a.data, - ^visibility - ) - ) - - Ecto.Adapters.SQL.to_sql(:all, Repo, query) - - query + from( + a in query, + where: + fragment( + "activity_visibility(?, ?, ?) = ANY (?)", + a.actor, + a.recipients, + a.data, + ^visibility + ) + ) else Logger.error("Could not restrict visibility to #{visibility}") end @@ -556,16 +551,11 @@ defp restrict_visibility(query, %{visibility: visibility}) defp restrict_visibility(query, %{visibility: visibility}) when visibility in @valid_visibilities do - query = - from( - a in query, - where: - fragment("activity_visibility(?, ?, ?) = ?", a.actor, a.recipients, a.data, ^visibility) - ) - - Ecto.Adapters.SQL.to_sql(:all, Repo, query) - - query + from( + a in query, + where: + fragment("activity_visibility(?, ?, ?) = ?", a.actor, a.recipients, a.data, ^visibility) + ) end defp restrict_visibility(_query, %{visibility: visibility}) From a4598b5e8bc640ffc1a052438e21f3573ff837ee Mon Sep 17 00:00:00 2001 From: lain Date: Wed, 8 May 2019 18:08:50 +0200 Subject: [PATCH 009/170] Visibility: Make it more resilient. --- lib/pleroma/web/activity_pub/visibility.ex | 9 +++++---- test/web/activity_pub/visibilty_test.exs | 10 ++++++++++ 2 files changed, 15 insertions(+), 4 deletions(-) diff --git a/lib/pleroma/web/activity_pub/visibility.ex b/lib/pleroma/web/activity_pub/visibility.ex index 6dee61dd6..e7613a5c8 100644 --- a/lib/pleroma/web/activity_pub/visibility.ex +++ b/lib/pleroma/web/activity_pub/visibility.ex @@ -13,11 +13,12 @@ def is_public?(data) do end def is_private?(activity) do - unless is_public?(activity) do - follower_address = User.get_cached_by_ap_id(activity.data["actor"]).follower_address - Enum.any?(activity.data["to"], &(&1 == follower_address)) + with false <- is_public?(activity), + %User{follower_address: follower_address} <- + User.get_cached_by_ap_id(activity.data["actor"]) do + follower_address in activity.data["to"] else - false + _ -> false end end diff --git a/test/web/activity_pub/visibilty_test.exs b/test/web/activity_pub/visibilty_test.exs index 24b96c4aa..ff0e72401 100644 --- a/test/web/activity_pub/visibilty_test.exs +++ b/test/web/activity_pub/visibilty_test.exs @@ -95,4 +95,14 @@ test "visible_for_user?", %{ refute Visibility.visible_for_user?(private, unrelated) refute Visibility.visible_for_user?(direct, unrelated) end + + test "doesn't die when the user doesn't exist", + %{ + direct: direct, + user: user + } do + Repo.delete(user) + Cachex.clear(:user_cache) + refute Visibility.is_private?(direct) + end end From 6d19bb4eae43270099a68f749519ba0f323da01a Mon Sep 17 00:00:00 2001 From: lain Date: Wed, 8 May 2019 18:09:07 +0200 Subject: [PATCH 010/170] Conversations: Add mix task to 'import' old DMs. --- lib/mix/tasks/pleroma/conversations.ex | 23 +++++++++++++++++++++++ lib/pleroma/conversation.ex | 11 +++++++---- 2 files changed, 30 insertions(+), 4 deletions(-) create mode 100644 lib/mix/tasks/pleroma/conversations.ex diff --git a/lib/mix/tasks/pleroma/conversations.ex b/lib/mix/tasks/pleroma/conversations.ex new file mode 100644 index 000000000..125d8851a --- /dev/null +++ b/lib/mix/tasks/pleroma/conversations.ex @@ -0,0 +1,23 @@ +# Pleroma: A lightweight social networking server +# Copyright © 2017-2018 Pleroma Authors +# SPDX-License-Identifier: AGPL-3.0-only + +defmodule Mix.Tasks.Pleroma.Conversations do + use Mix.Task + alias Mix.Tasks.Pleroma.Common + alias Pleroma.Conversation + + @shortdoc "Manages Pleroma users" + @moduledoc """ + Manages Pleroma conversations. + + ## Create a conversation for all existing DMs. Can be safely re-run. + + mix pleroma.conversations bump_all + + """ + def run(["bump_all"]) do + Common.start_pleroma() + Conversation.bump_for_all_activities() + end +end diff --git a/lib/pleroma/conversation.ex b/lib/pleroma/conversation.ex index aa73edd75..10c2403e8 100644 --- a/lib/pleroma/conversation.ex +++ b/lib/pleroma/conversation.ex @@ -81,9 +81,12 @@ def bump_for_all_activities() do Pleroma.Web.ActivityPub.ActivityPub.fetch_direct_messages_query() |> Repo.stream() - Repo.transaction(fn -> - stream - |> Enum.each(&create_or_bump_for/1) - end) + Repo.transaction( + fn -> + stream + |> Enum.each(&create_or_bump_for/1) + end, + timeout: :infinity + ) end end From e6d7f8d223b2604df38f8efa8baf09e2c607c487 Mon Sep 17 00:00:00 2001 From: lain Date: Wed, 8 May 2019 18:19:20 +0200 Subject: [PATCH 011/170] Credo fixes. --- lib/pleroma/conversation.ex | 2 +- lib/pleroma/web/activity_pub/activity_pub.ex | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/lib/pleroma/conversation.ex b/lib/pleroma/conversation.ex index 10c2403e8..0c6ca9f72 100644 --- a/lib/pleroma/conversation.ex +++ b/lib/pleroma/conversation.ex @@ -76,7 +76,7 @@ def create_or_bump_for(activity) do @doc """ This is only meant to be run by a mix task. It creates conversations/participations for all direct messages in the database. """ - def bump_for_all_activities() do + def bump_for_all_activities do stream = Pleroma.Web.ActivityPub.ActivityPub.fetch_direct_messages_query() |> Repo.stream() diff --git a/lib/pleroma/web/activity_pub/activity_pub.ex b/lib/pleroma/web/activity_pub/activity_pub.ex index cd8495035..8137ac83b 100644 --- a/lib/pleroma/web/activity_pub/activity_pub.ex +++ b/lib/pleroma/web/activity_pub/activity_pub.ex @@ -1052,7 +1052,7 @@ def contain_timeline(timeline, user) do end) end - def fetch_direct_messages_query() do + def fetch_direct_messages_query do Activity |> restrict_type(%{"type" => "Create"}) |> restrict_visibility(%{visibility: "direct"}) From a33bec7d58091059d578f6b7537513de11eb0679 Mon Sep 17 00:00:00 2001 From: lain Date: Thu, 9 May 2019 16:39:28 +0200 Subject: [PATCH 012/170] Conversations: Import order, import as read. --- lib/pleroma/conversation.ex | 6 +++--- lib/pleroma/conversation/participation.ex | 10 ++++++---- lib/pleroma/web/activity_pub/activity_pub.ex | 1 + test/conversation_test.exs | 4 +++- 4 files changed, 13 insertions(+), 8 deletions(-) diff --git a/lib/pleroma/conversation.ex b/lib/pleroma/conversation.ex index 0c6ca9f72..5f6ab902c 100644 --- a/lib/pleroma/conversation.ex +++ b/lib/pleroma/conversation.ex @@ -45,7 +45,7 @@ def get_for_ap_id(ap_id) do 2. Create a participation for all the people involved who don't have one already 3. Bump all relevant participations to 'unread' """ - def create_or_bump_for(activity) do + def create_or_bump_for(activity, opts \\ []) do with true <- Pleroma.Web.ActivityPub.Visibility.is_direct?(activity), object <- Pleroma.Object.normalize(activity), "Create" <- activity.data["type"], @@ -58,7 +58,7 @@ def create_or_bump_for(activity) do participations = Enum.map(users, fn user -> {:ok, participation} = - Participation.create_for_user_and_conversation(user, conversation) + Participation.create_for_user_and_conversation(user, conversation, opts) participation end) @@ -84,7 +84,7 @@ def bump_for_all_activities do Repo.transaction( fn -> stream - |> Enum.each(&create_or_bump_for/1) + |> Enum.each(fn a -> create_or_bump_for(a, read: true) end) end, timeout: :infinity ) diff --git a/lib/pleroma/conversation/participation.ex b/lib/pleroma/conversation/participation.ex index 61021fb18..2a11f9069 100644 --- a/lib/pleroma/conversation/participation.ex +++ b/lib/pleroma/conversation/participation.ex @@ -22,15 +22,17 @@ defmodule Pleroma.Conversation.Participation do def creation_cng(struct, params) do struct - |> cast(params, [:user_id, :conversation_id]) + |> cast(params, [:user_id, :conversation_id, :read]) |> validate_required([:user_id, :conversation_id]) end - def create_for_user_and_conversation(user, conversation) do + def create_for_user_and_conversation(user, conversation, opts \\ []) do + read = !!opts[:read] + %__MODULE__{} - |> creation_cng(%{user_id: user.id, conversation_id: conversation.id}) + |> creation_cng(%{user_id: user.id, conversation_id: conversation.id, read: read}) |> Repo.insert( - on_conflict: [set: [read: false, updated_at: NaiveDateTime.utc_now()]], + on_conflict: [set: [read: read, updated_at: NaiveDateTime.utc_now()]], returning: true, conflict_target: [:user_id, :conversation_id] ) diff --git a/lib/pleroma/web/activity_pub/activity_pub.ex b/lib/pleroma/web/activity_pub/activity_pub.ex index 8137ac83b..728761ebd 100644 --- a/lib/pleroma/web/activity_pub/activity_pub.ex +++ b/lib/pleroma/web/activity_pub/activity_pub.ex @@ -1056,5 +1056,6 @@ def fetch_direct_messages_query do Activity |> restrict_type(%{"type" => "Create"}) |> restrict_visibility(%{visibility: "direct"}) + |> order_by([activity], asc: activity.id) end end diff --git a/test/conversation_test.exs b/test/conversation_test.exs index 59368b0e7..cdec18f0f 100644 --- a/test/conversation_test.exs +++ b/test/conversation_test.exs @@ -24,7 +24,9 @@ test "it goes through old direct conversations" do Conversation.bump_for_all_activities() assert Repo.one(Conversation) - assert length(Repo.all(Conversation.Participation)) == 2 + [participation, _p2] = Repo.all(Conversation.Participation) + + assert participation.read end test "it creates a conversation for given ap_id" do From e4523c301023de0d4cff5ca0168094fea25955a2 Mon Sep 17 00:00:00 2001 From: rinpatch Date: Thu, 9 May 2019 22:27:00 +0300 Subject: [PATCH 013/170] Fix get_in_reply_to in OStatus' activity representer depending on embedded objects --- .../web/ostatus/activity_representer.ex | 19 +++++++----- .../web/ostatus/activity_representer_test.exs | 30 ++++++++----------- 2 files changed, 23 insertions(+), 26 deletions(-) diff --git a/lib/pleroma/web/ostatus/activity_representer.ex b/lib/pleroma/web/ostatus/activity_representer.ex index 166691a09..a7832a3d9 100644 --- a/lib/pleroma/web/ostatus/activity_representer.ex +++ b/lib/pleroma/web/ostatus/activity_representer.ex @@ -18,15 +18,18 @@ defp get_href(id) do end end - defp get_in_reply_to(%{"object" => %{"inReplyTo" => in_reply_to}}) do - [ - {:"thr:in-reply-to", - [ref: to_charlist(in_reply_to), href: to_charlist(get_href(in_reply_to))], []} - ] + defp get_in_reply_to(activity) do + with %Object{data: %{"inReplyTo" => in_reply_to}} <- Object.normalize(activity) do + [ + {:"thr:in-reply-to", + [ref: to_charlist(in_reply_to), href: to_charlist(get_href(in_reply_to))], []} + ] + else + _ -> + [] + end end - defp get_in_reply_to(_), do: [] - defp get_mentions(to) do Enum.map(to, fn id -> cond do @@ -98,7 +101,7 @@ def to_simple_form(%{data: %{"type" => "Create"}} = activity, user, with_author) []} end) - in_reply_to = get_in_reply_to(activity.data) + in_reply_to = get_in_reply_to(activity) author = if with_author, do: [{:author, UserRepresenter.to_simple_form(user)}], else: [] mentions = activity.recipients |> get_mentions diff --git a/test/web/ostatus/activity_representer_test.exs b/test/web/ostatus/activity_representer_test.exs index a4bb68c4d..16ee02abb 100644 --- a/test/web/ostatus/activity_representer_test.exs +++ b/test/web/ostatus/activity_representer_test.exs @@ -67,37 +67,31 @@ test "a note activity" do end test "a reply note" do - note = insert(:note_activity) - answer = insert(:note_activity) - object = answer.data["object"] - object = Map.put(object, "inReplyTo", note.data["object"]["id"]) - - data = %{answer.data | "object" => object} - answer = %{answer | data: data} - - note_object = Object.get_by_ap_id(note.data["object"]["id"]) + user = insert(:user) + note_object = insert(:note) + _note = insert(:note_activity, %{note: note_object}) + object = insert(:note, %{data: %{"inReplyTo" => note_object.data["id"]}}) + answer = insert(:note_activity, %{note: object}) Repo.update!( Object.change(note_object, %{data: Map.put(note_object.data, "external_url", "someurl")}) ) - user = User.get_cached_by_ap_id(answer.data["actor"]) - expected = """ http://activitystrea.ms/schema/1.0/note http://activitystrea.ms/schema/1.0/post - #{answer.data["object"]["id"]} + #{object.data["id"]} New note by #{user.nickname} - #{answer.data["object"]["content"]} - #{answer.data["object"]["published"]} - #{answer.data["object"]["published"]} + #{object.data["content"]} + #{object.data["published"]} + #{object.data["published"]} #{answer.data["context"]} 2hu - - + + - + """ From 1d78e42fd4ca73402c4101ac01b9abb44f4f8cf6 Mon Sep 17 00:00:00 2001 From: rinpatch Date: Fri, 10 May 2019 13:49:34 +0300 Subject: [PATCH 014/170] Remove get_in_reply_to calls in some functions because the result is unused and it does not have any side-effects --- lib/pleroma/web/ostatus/activity_representer.ex | 2 -- 1 file changed, 2 deletions(-) diff --git a/lib/pleroma/web/ostatus/activity_representer.ex b/lib/pleroma/web/ostatus/activity_representer.ex index a7832a3d9..95037125d 100644 --- a/lib/pleroma/web/ostatus/activity_representer.ex +++ b/lib/pleroma/web/ostatus/activity_representer.ex @@ -149,7 +149,6 @@ def to_simple_form(%{data: %{"type" => "Like"}} = activity, user, with_author) d updated_at = activity.data["published"] inserted_at = activity.data["published"] - _in_reply_to = get_in_reply_to(activity.data) author = if with_author, do: [{:author, UserRepresenter.to_simple_form(user)}], else: [] mentions = activity.recipients |> get_mentions @@ -180,7 +179,6 @@ def to_simple_form(%{data: %{"type" => "Announce"}} = activity, user, with_autho updated_at = activity.data["published"] inserted_at = activity.data["published"] - _in_reply_to = get_in_reply_to(activity.data) author = if with_author, do: [{:author, UserRepresenter.to_simple_form(user)}], else: [] retweeted_activity = Activity.get_create_by_object_ap_id(activity.data["object"]) From 03dc19e7b0561514fec3bb95bfd48f5d3598579f Mon Sep 17 00:00:00 2001 From: Francis Dinh Date: Sat, 11 May 2019 02:55:12 -0400 Subject: [PATCH 015/170] Update release info in README.md Removed mention that there is no release of Pleroma (there actually has been a few the last couple of months). --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index 987f973ea..928f75dc7 100644 --- a/README.md +++ b/README.md @@ -12,7 +12,7 @@ For clients it supports both the [GNU Social API with Qvitter extensions](https: - [Client Applications for Pleroma](https://docs-develop.pleroma.social/clients.html) -No release has been made yet, but several servers have been online for months already. If you want to run your own server, feel free to contact us at @lain@pleroma.soykaf.com or in our dev chat at #pleroma on freenode or via matrix at . +If you want to run your own server, feel free to contact us at @lain@pleroma.soykaf.com or in our dev chat at #pleroma on freenode or via matrix at . ## Installation From f01f995816d86999d5cbf261605887b3a3b313ac Mon Sep 17 00:00:00 2001 From: Sachin Joshi Date: Sat, 11 May 2019 14:17:04 +0545 Subject: [PATCH 016/170] make url uniform in admin api --- docs/api/admin_api.md | 22 +++---- lib/pleroma/web/router.ex | 40 +++++++---- .../admin_api/admin_api_controller_test.exs | 66 ++++++++++--------- 3 files changed, 74 insertions(+), 54 deletions(-) diff --git a/docs/api/admin_api.md b/docs/api/admin_api.md index 2657d1243..75fa2ee83 100644 --- a/docs/api/admin_api.md +++ b/docs/api/admin_api.md @@ -45,7 +45,7 @@ Authentication is required and the user must be an admin. } ``` -## `/api/pleroma/admin/user` +## `/api/pleroma/admin/users` ### Remove a user @@ -63,7 +63,7 @@ Authentication is required and the user must be an admin. - `password` - Response: User’s nickname -## `/api/pleroma/admin/user/follow` +## `/api/pleroma/admin/users/follow` ### Make a user follow another user - Methods: `POST` @@ -73,7 +73,7 @@ Authentication is required and the user must be an admin. - Response: - "ok" -## `/api/pleroma/admin/user/unfollow` +## `/api/pleroma/admin/users/unfollow` ### Make a user unfollow another user - Methods: `POST` @@ -116,7 +116,7 @@ Authentication is required and the user must be an admin. - `nickname` - `tags` -## `/api/pleroma/admin/permission_group/:nickname` +## `/api/pleroma/admin/users/:nickname/permission_group` ### Get user user permission groups membership @@ -131,7 +131,7 @@ Authentication is required and the user must be an admin. } ``` -## `/api/pleroma/admin/permission_group/:nickname/:permission_group` +## `/api/pleroma/admin/users/:nickname/permission_group/:permission_group` Note: Available `:permission_group` is currently moderator and admin. 404 is returned when the permission group doesn’t exist. @@ -165,7 +165,7 @@ Note: Available `:permission_group` is currently moderator and admin. 404 is ret - On success: JSON of the `user.info` - Note: An admin cannot revoke their own admin status. -## `/api/pleroma/admin/activation_status/:nickname` +## `/api/pleroma/admin/users/:nickname/activation_status` ### Active or deactivate a user @@ -203,7 +203,7 @@ Note: Available `:permission_group` is currently moderator and admin. 404 is ret - Response: - On success: URL of the unfollowed relay -## `/api/pleroma/admin/invite_token` +## `/api/pleroma/admin/users/invite_token` ### Get an account registration invite token @@ -215,7 +215,7 @@ Note: Available `:permission_group` is currently moderator and admin. 404 is ret ] - Response: invite token (base64 string) -## `/api/pleroma/admin/invites` +## `/api/pleroma/admin/users/invites` ### Get a list of generated invites @@ -241,7 +241,7 @@ Note: Available `:permission_group` is currently moderator and admin. 404 is ret } ``` -## `/api/pleroma/admin/revoke_invite` +## `/api/pleroma/admin/users/revoke_invite` ### Revoke invite by token @@ -264,7 +264,7 @@ Note: Available `:permission_group` is currently moderator and admin. 404 is ret ``` -## `/api/pleroma/admin/email_invite` +## `/api/pleroma/admin/users/email_invite` ### Sends registration invite via email @@ -273,7 +273,7 @@ Note: Available `:permission_group` is currently moderator and admin. 404 is ret - `email` - `name`, optional -## `/api/pleroma/admin/password_reset` +## `/api/pleroma/admin/users/:nickname/password_reset` ### Get a password reset token for a given nickname diff --git a/lib/pleroma/web/router.ex b/lib/pleroma/web/router.ex index 6d9c77c1a..8b84fbbad 100644 --- a/lib/pleroma/web/router.ex +++ b/lib/pleroma/web/router.ex @@ -146,34 +146,52 @@ defmodule Pleroma.Web.Router do scope "/api/pleroma/admin", Pleroma.Web.AdminAPI do pipe_through([:admin_api, :oauth_write]) - post("/user/follow", AdminAPIController, :user_follow) - post("/user/unfollow", AdminAPIController, :user_unfollow) - - get("/users", AdminAPIController, :list_users) - get("/users/:nickname", AdminAPIController, :user_show) + post("/users/follow", AdminAPIController, :user_follow) + post("/users/unfollow", AdminAPIController, :user_unfollow) + # TODO: to be removed at version 1.0 delete("/user", AdminAPIController, :user_delete) - patch("/users/:nickname/toggle_activation", AdminAPIController, :user_toggle_activation) post("/user", AdminAPIController, :user_create) + + delete("/users", AdminAPIController, :user_delete) + post("/users", AdminAPIController, :user_create) + patch("/users/:nickname/toggle_activation", AdminAPIController, :user_toggle_activation) put("/users/tag", AdminAPIController, :tag_users) delete("/users/tag", AdminAPIController, :untag_users) + # TODO: to be removed at version 1.0 get("/permission_group/:nickname", AdminAPIController, :right_get) get("/permission_group/:nickname/:permission_group", AdminAPIController, :right_get) post("/permission_group/:nickname/:permission_group", AdminAPIController, :right_add) delete("/permission_group/:nickname/:permission_group", AdminAPIController, :right_delete) - put("/activation_status/:nickname", AdminAPIController, :set_activation_status) + get("/users/:nickname/permission_group", AdminAPIController, :right_get) + get("/users/:nickname/permission_group/:permission_group", AdminAPIController, :right_get) + post("/users/:nickname/permission_group/:permission_group", AdminAPIController, :right_add) + + delete( + "/users/:nickname/permission_group/:permission_group", + AdminAPIController, + :right_delete + ) + + put("/users/:nickname/activation_status", AdminAPIController, :set_activation_status) post("/relay", AdminAPIController, :relay_follow) delete("/relay", AdminAPIController, :relay_unfollow) - get("/invite_token", AdminAPIController, :get_invite_token) - get("/invites", AdminAPIController, :invites) - post("/revoke_invite", AdminAPIController, :revoke_invite) - post("/email_invite", AdminAPIController, :email_invite) + get("/users/invite_token", AdminAPIController, :get_invite_token) + get("/users/invites", AdminAPIController, :invites) + post("/users/revoke_invite", AdminAPIController, :revoke_invite) + post("/users/email_invite", AdminAPIController, :email_invite) + # TODO: to be removed at version 1.0 get("/password_reset", AdminAPIController, :get_password_reset) + + get("/users/:nickname/password_reset", AdminAPIController, :get_password_reset) + + get("/users", AdminAPIController, :list_users) + get("/users/:nickname", AdminAPIController, :user_show) end scope "/", Pleroma.Web.TwitterAPI do diff --git a/test/web/admin_api/admin_api_controller_test.exs b/test/web/admin_api/admin_api_controller_test.exs index f433f6be2..6c1897b5a 100644 --- a/test/web/admin_api/admin_api_controller_test.exs +++ b/test/web/admin_api/admin_api_controller_test.exs @@ -9,7 +9,7 @@ defmodule Pleroma.Web.AdminAPI.AdminAPIControllerTest do alias Pleroma.UserInviteToken import Pleroma.Factory - describe "/api/pleroma/admin/user" do + describe "/api/pleroma/admin/users" do test "Delete" do admin = insert(:user, info: %{is_admin: true}) user = insert(:user) @@ -18,7 +18,7 @@ test "Delete" do build_conn() |> assign(:user, admin) |> put_req_header("accept", "application/json") - |> delete("/api/pleroma/admin/user?nickname=#{user.nickname}") + |> delete("/api/pleroma/admin/users?nickname=#{user.nickname}") assert json_response(conn, 200) == user.nickname end @@ -30,7 +30,7 @@ test "Create" do build_conn() |> assign(:user, admin) |> put_req_header("accept", "application/json") - |> post("/api/pleroma/admin/user", %{ + |> post("/api/pleroma/admin/users", %{ "nickname" => "lain", "email" => "lain@example.org", "password" => "test" @@ -75,7 +75,7 @@ test "when the user doesn't exist", %{conn: conn} do end end - describe "/api/pleroma/admin/user/follow" do + describe "/api/pleroma/admin/users/follow" do test "allows to force-follow another user" do admin = insert(:user, info: %{is_admin: true}) user = insert(:user) @@ -84,7 +84,7 @@ test "allows to force-follow another user" do build_conn() |> assign(:user, admin) |> put_req_header("accept", "application/json") - |> post("/api/pleroma/admin/user/follow", %{ + |> post("/api/pleroma/admin/users/follow", %{ "follower" => follower.nickname, "followed" => user.nickname }) @@ -96,7 +96,7 @@ test "allows to force-follow another user" do end end - describe "/api/pleroma/admin/user/unfollow" do + describe "/api/pleroma/admin/users/unfollow" do test "allows to force-unfollow another user" do admin = insert(:user, info: %{is_admin: true}) user = insert(:user) @@ -107,7 +107,7 @@ test "allows to force-unfollow another user" do build_conn() |> assign(:user, admin) |> put_req_header("accept", "application/json") - |> post("/api/pleroma/admin/user/unfollow", %{ + |> post("/api/pleroma/admin/users/unfollow", %{ "follower" => follower.nickname, "followed" => user.nickname }) @@ -191,7 +191,7 @@ test "it does not modify tags of not specified users", %{conn: conn, user3: user end end - describe "/api/pleroma/admin/permission_group" do + describe "/api/pleroma/admin/users/:nickname/permission_group" do test "GET is giving user_info" do admin = insert(:user, info: %{is_admin: true}) @@ -199,7 +199,7 @@ test "GET is giving user_info" do build_conn() |> assign(:user, admin) |> put_req_header("accept", "application/json") - |> get("/api/pleroma/admin/permission_group/#{admin.nickname}") + |> get("/api/pleroma/admin/users/#{admin.nickname}/permission_group/") assert json_response(conn, 200) == %{ "is_admin" => true, @@ -215,7 +215,7 @@ test "/:right POST, can add to a permission group" do build_conn() |> assign(:user, admin) |> put_req_header("accept", "application/json") - |> post("/api/pleroma/admin/permission_group/#{user.nickname}/admin") + |> post("/api/pleroma/admin/users/#{user.nickname}/permission_group/admin") assert json_response(conn, 200) == %{ "is_admin" => true @@ -230,7 +230,7 @@ test "/:right DELETE, can remove from a permission group" do build_conn() |> assign(:user, admin) |> put_req_header("accept", "application/json") - |> delete("/api/pleroma/admin/permission_group/#{user.nickname}/admin") + |> delete("/api/pleroma/admin/users/#{user.nickname}/permission_group/admin") assert json_response(conn, 200) == %{ "is_admin" => false @@ -238,7 +238,7 @@ test "/:right DELETE, can remove from a permission group" do end end - describe "PUT /api/pleroma/admin/activation_status" do + describe "PUT /api/pleroma/admin/users/:nickname/activation_status" do setup %{conn: conn} do admin = insert(:user, info: %{is_admin: true}) @@ -255,7 +255,7 @@ test "deactivates the user", %{conn: conn} do conn = conn - |> put("/api/pleroma/admin/activation_status/#{user.nickname}", %{status: false}) + |> put("/api/pleroma/admin/users/#{user.nickname}/activation_status", %{status: false}) user = User.get_cached_by_id(user.id) assert user.info.deactivated == true @@ -267,7 +267,7 @@ test "activates the user", %{conn: conn} do conn = conn - |> put("/api/pleroma/admin/activation_status/#{user.nickname}", %{status: true}) + |> put("/api/pleroma/admin/users/#{user.nickname}/activation_status", %{status: true}) user = User.get_cached_by_id(user.id) assert user.info.deactivated == false @@ -280,7 +280,7 @@ test "returns 403 when requested by a non-admin", %{conn: conn} do conn = conn |> assign(:user, user) - |> put("/api/pleroma/admin/activation_status/#{user.nickname}", %{status: false}) + |> put("/api/pleroma/admin/users/#{user.nickname}/activation_status", %{status: false}) assert json_response(conn, :forbidden) end @@ -309,7 +309,9 @@ test "sends invitation and returns 204", %{conn: conn, user: user} do conn = conn |> assign(:user, user) - |> post("/api/pleroma/admin/email_invite?email=#{recipient_email}&name=#{recipient_name}") + |> post( + "/api/pleroma/admin/users/email_invite?email=#{recipient_email}&name=#{recipient_name}" + ) assert json_response(conn, :no_content) @@ -341,13 +343,13 @@ test "it returns 403 if requested by a non-admin", %{conn: conn} do conn = conn |> assign(:user, non_admin_user) - |> post("/api/pleroma/admin/email_invite?email=foo@bar.com&name=JD") + |> post("/api/pleroma/admin/users/email_invite?email=foo@bar.com&name=JD") assert json_response(conn, :forbidden) end end - describe "POST /api/pleroma/admin/email_invite, with invalid config" do + describe "POST /api/pleroma/admin/users/email_invite, with invalid config" do setup do [user: insert(:user, info: %{is_admin: true})] end @@ -367,7 +369,7 @@ test "it returns 500 if `invites_enabled` is not enabled", %{conn: conn, user: u conn = conn |> assign(:user, user) - |> post("/api/pleroma/admin/email_invite?email=foo@bar.com&name=JD") + |> post("/api/pleroma/admin/users/email_invite?email=foo@bar.com&name=JD") assert json_response(conn, :internal_server_error) end @@ -387,7 +389,7 @@ test "it returns 500 if `registrations_open` is enabled", %{conn: conn, user: us conn = conn |> assign(:user, user) - |> post("/api/pleroma/admin/email_invite?email=foo@bar.com&name=JD") + |> post("/api/pleroma/admin/users/email_invite?email=foo@bar.com&name=JD") assert json_response(conn, :internal_server_error) end @@ -405,7 +407,7 @@ test "/api/pleroma/admin/invite_token" do assert conn.status == 200 end - test "/api/pleroma/admin/password_reset" do + test "/api/pleroma/admin/users/:nickname/password_reset" do admin = insert(:user, info: %{is_admin: true}) user = insert(:user) @@ -413,7 +415,7 @@ test "/api/pleroma/admin/password_reset" do build_conn() |> assign(:user, admin) |> put_req_header("accept", "application/json") - |> get("/api/pleroma/admin/password_reset?nickname=#{user.nickname}") + |> get("/api/pleroma/admin/users/#{user.nickname}/password_reset") assert conn.status == 200 end @@ -822,7 +824,7 @@ test "PATCH /api/pleroma/admin/users/:nickname/toggle_activation" do } end - describe "GET /api/pleroma/admin/invite_token" do + describe "GET /api/pleroma/admin/users/invite_token" do setup do admin = insert(:user, info: %{is_admin: true}) @@ -834,7 +836,7 @@ test "PATCH /api/pleroma/admin/users/:nickname/toggle_activation" do end test "without options", %{conn: conn} do - conn = get(conn, "/api/pleroma/admin/invite_token") + conn = get(conn, "/api/pleroma/admin/users/invite_token") token = json_response(conn, 200) invite = UserInviteToken.find_by_token!(token) @@ -846,7 +848,7 @@ test "without options", %{conn: conn} do test "with expires_at", %{conn: conn} do conn = - get(conn, "/api/pleroma/admin/invite_token", %{ + get(conn, "/api/pleroma/admin/users/invite_token", %{ "invite" => %{"expires_at" => Date.to_string(Date.utc_today())} }) @@ -861,7 +863,7 @@ test "with expires_at", %{conn: conn} do test "with max_use", %{conn: conn} do conn = - get(conn, "/api/pleroma/admin/invite_token", %{ + get(conn, "/api/pleroma/admin/users/invite_token", %{ "invite" => %{"max_use" => 150} }) @@ -875,7 +877,7 @@ test "with max_use", %{conn: conn} do test "with max use and expires_at", %{conn: conn} do conn = - get(conn, "/api/pleroma/admin/invite_token", %{ + get(conn, "/api/pleroma/admin/users/invite_token", %{ "invite" => %{"max_use" => 150, "expires_at" => Date.to_string(Date.utc_today())} }) @@ -888,7 +890,7 @@ test "with max use and expires_at", %{conn: conn} do end end - describe "GET /api/pleroma/admin/invites" do + describe "GET /api/pleroma/admin/users/invites" do setup do admin = insert(:user, info: %{is_admin: true}) @@ -900,7 +902,7 @@ test "with max use and expires_at", %{conn: conn} do end test "no invites", %{conn: conn} do - conn = get(conn, "/api/pleroma/admin/invites") + conn = get(conn, "/api/pleroma/admin/users/invites") assert json_response(conn, 200) == %{"invites" => []} end @@ -908,7 +910,7 @@ test "no invites", %{conn: conn} do test "with invite", %{conn: conn} do {:ok, invite} = UserInviteToken.create_invite() - conn = get(conn, "/api/pleroma/admin/invites") + conn = get(conn, "/api/pleroma/admin/users/invites") assert json_response(conn, 200) == %{ "invites" => [ @@ -926,7 +928,7 @@ test "with invite", %{conn: conn} do end end - describe "POST /api/pleroma/admin/revoke_invite" do + describe "POST /api/pleroma/admin/users/revoke_invite" do test "with token" do admin = insert(:user, info: %{is_admin: true}) {:ok, invite} = UserInviteToken.create_invite() @@ -934,7 +936,7 @@ test "with token" do conn = build_conn() |> assign(:user, admin) - |> post("/api/pleroma/admin/revoke_invite", %{"token" => invite.token}) + |> post("/api/pleroma/admin/users/revoke_invite", %{"token" => invite.token}) assert json_response(conn, 200) == %{ "expires_at" => nil, From 01c45ddc9ead715131b3c583caa14fcf20845354 Mon Sep 17 00:00:00 2001 From: lain Date: Sat, 11 May 2019 11:26:46 +0200 Subject: [PATCH 017/170] Search: Use RUM index. --- .../mastodon_api/mastodon_api_controller.ex | 6 ++-- ...510135645_add_fts_index_to_objects_two.exs | 33 +++++++++++++++++++ 2 files changed, 36 insertions(+), 3 deletions(-) create mode 100644 priv/repo/migrations/20190510135645_add_fts_index_to_objects_two.exs diff --git a/lib/pleroma/web/mastodon_api/mastodon_api_controller.ex b/lib/pleroma/web/mastodon_api/mastodon_api_controller.ex index 956736780..32677df95 100644 --- a/lib/pleroma/web/mastodon_api/mastodon_api_controller.ex +++ b/lib/pleroma/web/mastodon_api/mastodon_api_controller.ex @@ -1019,12 +1019,12 @@ def status_search(user, query) do where: "https://www.w3.org/ns/activitystreams#Public" in a.recipients, where: fragment( - "to_tsvector('english', ?->>'content') @@ plainto_tsquery('english', ?)", - o.data, + "? @@ plainto_tsquery('english', ?)", + o.fts_content, ^query ), limit: 20, - order_by: [desc: :id] + order_by: [fragment("? <=> now()::date", o.inserted_at)] ) Repo.all(q) ++ fetched diff --git a/priv/repo/migrations/20190510135645_add_fts_index_to_objects_two.exs b/priv/repo/migrations/20190510135645_add_fts_index_to_objects_two.exs new file mode 100644 index 000000000..14b964847 --- /dev/null +++ b/priv/repo/migrations/20190510135645_add_fts_index_to_objects_two.exs @@ -0,0 +1,33 @@ +defmodule Pleroma.Repo.Migrations.AddFtsIndexToObjectsTwo do + use Ecto.Migration + + def up do + drop_if_exists index(:objects, ["(to_tsvector('english', data->>'content'))"], using: :gin, name: :objects_fts) + alter table(:objects) do + add(:fts_content, :tsvector) + end + + execute("CREATE FUNCTION objects_fts_update() RETURNS trigger AS $$ + begin + new.fts_content := to_tsvector('english', new.data->>'content'); + return new; + end + $$ LANGUAGE plpgsql") + execute("create index objects_fts on objects using RUM (fts_content rum_tsvector_addon_ops, inserted_at) with (attach = 'inserted_at', to = 'fts_content');") + + execute("CREATE TRIGGER tsvectorupdate BEFORE INSERT OR UPDATE ON objects + FOR EACH ROW EXECUTE PROCEDURE objects_fts_update()") + + execute("UPDATE objects SET updated_at = NOW()") + end + + def down do + execute "drop index objects_fts" + execute "drop trigger tsvectorupdate on objects" + execute "drop function objects_fts_update()" + alter table(:objects) do + remove(:fts_content, :tsvector) + end + create index(:objects, ["(to_tsvector('english', data->>'content'))"], using: :gin, name: :objects_fts) + end +end From b9f84a382a0e4bbee09e21346f9293962b80917c Mon Sep 17 00:00:00 2001 From: rinpatch Date: Sun, 12 May 2019 03:01:42 +0300 Subject: [PATCH 018/170] Normalize the object only after ensuring the activity type is Create --- lib/pleroma/conversation.ex | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lib/pleroma/conversation.ex b/lib/pleroma/conversation.ex index 6e26c5fd4..0db195988 100644 --- a/lib/pleroma/conversation.ex +++ b/lib/pleroma/conversation.ex @@ -47,8 +47,8 @@ def get_for_ap_id(ap_id) do """ def create_or_bump_for(activity) do with true <- Pleroma.Web.ActivityPub.Visibility.is_direct?(activity), - object <- Pleroma.Object.normalize(activity), "Create" <- activity.data["type"], + object <- Pleroma.Object.normalize(activity), "Note" <- object.data["type"], ap_id when is_binary(ap_id) and byte_size(ap_id) > 0 <- object.data["context"] do {:ok, conversation} = create_for_ap_id(ap_id) From e7d292f80ee03d6eabf30792640a7a40e041a796 Mon Sep 17 00:00:00 2001 From: William Pitcock Date: Sun, 12 May 2019 02:41:34 +0000 Subject: [PATCH 019/170] federator: add publisher module defining a contract for publishing behaviours --- lib/pleroma/web/federator/publisher.ex | 38 ++++++++++++++++++++++++++ 1 file changed, 38 insertions(+) create mode 100644 lib/pleroma/web/federator/publisher.ex diff --git a/lib/pleroma/web/federator/publisher.ex b/lib/pleroma/web/federator/publisher.ex new file mode 100644 index 000000000..36277fd7e --- /dev/null +++ b/lib/pleroma/web/federator/publisher.ex @@ -0,0 +1,38 @@ +# Pleroma: A lightweight social networking server +# Copyright © 2017-2019 Pleroma Authors +# SPDX-License-Identifier: AGPL-3.0-only + +defmodule Pleroma.Web.Federator.Publisher do + @moduledoc """ + Defines the contract used by federation implementations to publish messages to + their peers. + """ + + @doc """ + Determine whether an activity can be relayed using the federation module. + """ + @callback is_representable?(Pleroma.Activity.t()) :: boolean() + + @doc """ + Relays an activity to a specified peer, determined by the parameters. The + parameters used are controlled by the federation module. + """ + @callback publish_one(Map.t()) :: {:ok, Map.t()} | {:error, any()} + + @doc """ + Relays an activity to all specified peers. + """ + @callback publish(Pleroma.User.t(), Pleroma.Activity.t()) :: :ok | {:error, any()} + + @doc """ + Enqueues work generated by the federation module. + """ + @spec enqueue(module(), keyword()) :: :ok + def enqueue(module, args), do: PleromaJobQueue.enqueue(:federation_outgoing, module, args) + + @doc """ + Enqueue publishing a single activity. + """ + @spec enqueue_one(module(), Map.t()) :: :ok + def enqueue_one(module, %{} = args), do: enqueue(module, [:publish_one, args]) +end From 566a968ab35562aeccd2ec3b13a4d70de37968d6 Mon Sep 17 00:00:00 2001 From: "Haelwenn (lanodan) Monnier" Date: Sun, 12 May 2019 04:35:50 +0200 Subject: [PATCH 020/170] pleroma-fox-tan-shy.png: Add another version of pleroma-tan Commissioned by https://shitposter.club/users/moonman and drawn by https://shpposter.club/users/Nightingalle Intended to be used when mastofe crashes out and allows to report a bug among other things. Should require a bit of modification on mastofe to use the image as it's more of a vanilla flavour thing. --- COPYING | 8 ++++++++ priv/static/images/pleroma-fox-tan-shy.png | Bin 0 -> 1038613 bytes 2 files changed, 8 insertions(+) create mode 100644 priv/static/images/pleroma-fox-tan-shy.png diff --git a/COPYING b/COPYING index eceb68efe..0aede0fba 100644 --- a/COPYING +++ b/COPYING @@ -15,6 +15,14 @@ priv/static/images/pleroma-tan.png --- +The following files are copyright © 2019 shitposter.club, and are distributed +under the Creative Commons Attribution 4.0 International license, you should +have received a copy of the license file as CC-BY-4.0. + +priv/static/images/pleroma-fox-tan-shy.png + +--- + The following files are copyright © 2017-2019 Pleroma Authors , and are distributed under the Creative Commons Attribution-ShareAlike 4.0 International license, you should have received diff --git a/priv/static/images/pleroma-fox-tan-shy.png b/priv/static/images/pleroma-fox-tan-shy.png new file mode 100644 index 0000000000000000000000000000000000000000..6e24be1e36e51c09fe1e5bfd6b93d204ca87b3f6 GIT binary patch literal 1038613 zcmeFY^;eW#+c!SI&;!iCNaxVfpmZ~olA?rkqjYx-HH3s9AtfN7(%qc`f}nJRv~ z7rox+xv%^C7rZ~bi<33y+B0kKWACFs$FU_gP z;zE)>G62z3t}$WGf8pm z!_AG7>%K%zle%a2cIk_v2^L6jE?d-pJ>v7G^O*lV#5Rxuz0^LFe2~$WKd=Ai8396qY=V%w@B(>EG7ZOC!pDM z-4vonXkq|A+ob(7NH}f#eh>YBzK6QTspi->Gr<}iy#~t0tiyKT6F~)H#%*VRqKb?Y*6gY*FFIG{qE&TU*v)rp_2Zthy3sL+?FC; z0EO8eL+oT5-mx#9rZ5iji`Tni*Y3`twYO|1H#y!F?6LnjjJ`{sPygPYxT@GLgSN$T zmAa@a>f{8fprBCh@)b|lcB#3~-qWE&#rpMzJ<4JFSIc6dugYJl+XTP-`#9CBhD9|M z;EI`E-OfV7hq|p!?4&$Kpe_&~b=S>lbysNlc9-b(exh{@*t2aTt$P+{K_-RM8rT|gVE%%-&=y3i}kIWzk3K7MMD1Uf+FnS z`#*wq4q*TYrPj;y9DYM-I4SfIH5}RugOyp6kvO$;u0phPEd=_W;!f45TkUz@d!ZQ+ zAo#EKzwX75@Ikmp5_HOp8_vv2IQvYCgiPGrpcAPgWu6PGm--H}g{d7kvvdYyT#Zfc zJP+?D8R@tE^j~EBY9BI(xoj`n3L1RhCDpC)qL?Us8KRwq>W+G}<$-Sy(Dkm~@oJ(C z^8gz*HY)M?Uf9I7G-dSvk1G6;eXG9oPpWXL*q4F7zFo1P%q*P9sV1pomlKw~=ciOz zSPKvGs7kwI4>R`}bK8y=eCPB2?&h-b%YQMof>!`Tmm5}Q*kG|HB|surY!vYzI)!nh zO0hb|u*q}vi+*WWmcQ=;H!ORs<;x${c=&H+BEb^ifhPQzEYWohD4gwi8x~#RJa0;F zQv-Rlr`YR1Te~tL=GZsf(qzO8Tl^_e^k)LJ|2oh^x8g`FztF-^W2~Y5l$*T^Dyrm4lS$ zO5ZBvv}nS#=dGnp-OIRFX)r{(LmLIkVKK^|lxL$c3qk3)l-lTxy9}?Fa$~6A9QIS;MV@d##*ZvJd^*1?~%arDh z(0sY0ixd_XR=M*yRt%SJ5a(c4`DxPda-}U#L8w>M^iMWZ#_?H)b8V}a?m{?()~?Fn=NsaishYxXybqh6e& zyB^M?<0)pl1Mb4d)z*2NZu=Mg){>PnBh-Hg_6APs|4Sy5Sc?;tAK@&q0_?C4x(cHO z(vh4&JpiL>)6+(E-;D}4J6!EDgD{UGf@5-dJ9^~gvK-!J$}`Id95kR?qoIM@c)o6n z-GhKjcgNm$lg1%DS*VL-RBMrS+#g>dj@T*vx0I}grEUE@9US&HSv;90idFYhhjRxG zh&970AY7ygWVE$bU4<>Kx|Jq>7QG0KngX-~LJ5@om|yz>WI;!?=q8OnI+%3~qaJfi zEO`d32_1gr2_W3KIY^I)?4S3+V*jJ|jLld@|FXp5rLoMTQ`6}a*Ap5JyZQRG=hwgN zP?v>Y${8Rvkv5|gec7$<8|P|BFHXI3XpwfYG>4-EH-sv6r&kRo$QQDV_L|dJT%7zs zW~g=ZOSJQ^-n@gpwo^&JBYflD!nPy2Hr=G2yB`8de?*M7r$+bRf>F^v`q{{v`An zVb39-=e4ZGZ^&n@O|)5 z>rtJN_qwl<>&j)Gz@X<%+{o=gU;t{}H*l$C(K~*^Hu4jJ$^5In43{6>KY_>~Oh$9v zRtxrf+9uw!2DEH)oGC$b<=HH(s93-d&aiAa`U?F=Um_JZ>Q>)rBImPL)~hZ1eym8G z?8~D`r;8dLzr6t}p1W5Pd4H_J8lOS-i+|Y&+R9aOU1k`M_(p%t&h2jk>$`={gbAlQ zr`fy76z+@p&8 zAZa)N{gaDj#9|sS95#8N3zM0bXTJ@1}es|$g zx93ET=b@;8#XJLU2qYRADHQ>*^BQKiHV~0`{Ki2KKo9z59}^p6X5)n8o!s>jBLMxV zoX+D4+-+9?=IdPP2+!jX6RzeGm;!{8PlVS)tPo)H*I4IgmSih2TEm@9i)Vsh2pmXv zzNzTEMxb+hG_i{cR2kv^%jB5JSN~=*%g`LU)APaiVb;{OE?veqC$8B-KP#m$KX3sl zvN!jx7D`ZeKeGKVR@(M>02J~EDsX;!X7}&15WP#15y`8l8-c3(fN80vJz5%QVpaW; zD+UBIH?hH?(APBwtgIvCI(ja%Lw+bLWTp`C(<==1u}m>p2$+DnC=riAw!-Vy0#dKN`lcqwfg0?n9}sJU}9;UVSI7GArKLP&1m5VkQrbBqai|A z?NCwE3_P}EHHrxc(*OX3VS}biXmUDb;ya2Tr$2eSo04&v z(NQZ==*F)Af68x_v|zsIMi%J0ur}4`NtsNp0_?&vXAB{yqVCKcWdIQndUCjGr$#zbjts9+sisnX*VwYtE%`JhTQ2CRGt zlc~2Nf7+ibAXe3pZ;#Y?7Q1icjiI1Ow&LG*{*I7$6ftCKKH(N8a04wG+hW9gaR-qZ$S|BVBhEP6`i+}ANp#d z09$6CwACR=pHM+g}i2`cYAz$3XO^<=9P7$OcD!5q9wiA?>#Rs@+80$h9or& zuee;GX#NK`+I&|hTDF#UZz3Kj{P)xYE_wQ_rEWQ35LjHG8AYEu6PcMY18)h8Ai6m} zqgaoc?hdlV(_|dt4UgB8wIbk`>*r)N59h<`q~LD7^?=Hrw|L$?JmM@$HWZDJx=trr zTH)XkSA~~O2t5DmG&Wjd|KlaaDO0_Jkt)$jhoD6w1vnP6A4VRH4`D|tQQmMSC{Ase zSrI2#Rlqr5B7oSq{FGWWPPB6J_7zmiS%&%>b=7pkt3p1$S$RESx6BY%bT!#x(-;B* zvn>Q#u`Vyd5+AF=tOJ}JM`$i=Zb1>;-QjKs&TPR5MtraZg_6sHSY5cl@%8 ze6_FP^T8?TSh`Qd4KL1toh|c&8=<9}DYmg-&IyCqY-Ia=)*!efza+5~34nlAoL-ZR zm)d=iw~OjLTaBa@iBGi`_PdS2wG&28_tFo7j_TC~y69``FNd)!>`?*ND9<~}aI6`L z!M4pWJ5CEkts(n{9>EYu85i}klvDrs)TRRL_Pb?C6Pgv zw2*VsF>N3mR|&dgg#@RWq$XI$ENjPx$#HR#Q+IbRladk=nS3>&GMB@6;ZXHBM%&^0 zFc<$IPB!B&4J~MJ=J7!(usO7ERWvmZpAy{|k6Qc*YwE7oP%^DRnA{|;)zb(yhE3V; z?lM33ptOcMxlT9;4+`M^SVVsUx=b}G15|BkSq>D5e>KSX%OW~OBZ)6^%Ae3a7Xvx{ zO>(bGxQ;F|)gIJk6*I@{Vs664P>1Es3H0teyQx1cE%91x3M4S^l9L$Z$?Vz>JScOX z9w*CQZ_)Amo1lxMefr<1|+{XtVd zCIc*=_%P3JLlKP`LP1JMVEWOXPdwh7ckq78FO%h{G5Ms?<*n0V(

oJib3w$*8O)PIpGV?_SNdv0Zo++wTGUWR(?{hUGoIq6Xk2GRHVx}$5+Tio zX7V!XKr+}>dRd$rQNG(8atx)OL5Fffktc66W|#ADAoQ9htmu#t=hs5b2b$F>K2ncp z=5KHSK3;rcgX9g5O@rEr`OQrU;wd`MtNT!;Ei`Sn$NQa8%+c$`D@Qv*t4}xlA4oN? zV874&3x%lvy!lu1D!xJp9NmIfkNe&&-RBD;L3{uaNXdhQL}S;Pg1ai${YRqtA(p+H z(y=v970R72V8!~6qTc0&l!wc}ZS)kf^ehV4Gl+4BtG|B;r8Sw~YM6Oo*rxquF)=9J zWSw4IV0@niuq2uDe%t0%u6MU>I0K>rYY59u6>Oh|h$ldJ(hiFtj}I(y_a*2h!x1=m z8)$fC9R5!Fp7P`+SBz_596k#S1%{q8|>FH;K|_vdo~7 zD4C@*bfRD|Mi!bEm;xLz!t=t)!(E!5KHdwdB+9>au7mD1Qh|mzPz6+>b$5ZKKOd}$ zn|WAKq%l+%%k%czF4Q zw(#VZenETKcAKmNjRntp%m!z%n_kdl{aorruHcG#aQ7N2fE#@Y5Bre0`S@T#&JP@( zxT%k5@9o6Taiguum#aJ2B(+4+u+ub#;j8UF`|eCjv$2$GJ}dGWzT1gr$9p4ZMWHqykE%noi(w0Yo1smV~0Coc; zk^k}metp3jfQSHYF1>7ojmN_%IAV60&kl(oz_ zb{s#PFP={U%jK6~gKs+FP6NXIgHC)Y(9W#9VrdA$g`ol<=L1v1f|PKEN$D`ETks*Y zqhqQP+4+}+)>LEaf(-m2?8xzM>QF7hQ6~0>A(W$3d=_~wwuS1%Ds#`p8qokC7?HC~ zH(@qI)DqJHw_m}S2-MO|Uo38#$s&a?Qw>^WI0WXwq@l~0$;TcT%R9)C{&+l^zbhN6 zjHJ)m9L9PA@!|tpfrX=HWh~-+v6R1)LgG;`76ftV>8b{Q1OP))5lZ_KKtgG!QhWhU z91DOMiJ9Rgf0h2bRMmcAXwXn`@YissdgWX5J=z$Eq-@M=lM4LIxFX|XL(*2%!Y9w2y6W28@QF| zx9fnWi(|6oYwX;6I=Rq7aBmlRgDlOvguQQEGHOjJ6lU!?Z8pfMd7abc#2-EG`iM5< zu3flTG!z@}Jnzs2`c;nMZ9pz(fII1aFi+^W%wP#gUibIokn5gw*xalv6`%bHEeX+h zvsq~sn>GQRTX}KVTfj(BBiFQbUK(omC01uu>)Gk37W_#R@8<~&X(a&eDBVg(;TEW%a#g5uV1f?pA=Hi~(+NA_?So%+?*c=p3|2$Tx>J! z-&EJa{sw8lh4eq*=YT-D)&eXy2NNTN(K^fR%vC`Fi{R@mPvF`0{@&zY7@4hwSD=iX z#%uC@#qzGsT$Onha?Uw^Qs^Np51@AWRUqzW#=q$-$BEE91Vi|={GG7*stYG2Ww(-8 zpGhVR9MxFwe;_n>Y=eu{<`Kfid%1{oGAFJmU}gcu`}f6W&RZ z(0IMSG~88sYk)qh?-UQmDEGsB41RE&JLhL_aAzxVxHST;OL+)0 z<)GnNKOO}JMv#gycWxv=WFNO?F3!SfBH7)o^EpqFt)% zTyXiFX$xLQk_*Q3u}o@?HkG;;cFTl;1tU?)*$E?|#@Mo1Qp55^P9 zIzCE_J&%(h`C-ChXHbDNvQUks$Zd>V)(#&H=ESMvqZ6^v!;l!Ie*^u^^iw;qFCeah zR9qP8S5HGd4wzFRbMT>TWqVy^U+tx3@2lYI4(FR=jG73SWl|z8*_jlos!sGW931bU zq3QYESZfZ=XKx(x?fJbh!un23tmhMxwU5i^bT*5t`mEP&nlGPSC(MlzS2kz5f^+B{ zuF4A>wlty4jh2yWdLL$S)pk4Ibp-Fq0+qMKtuj9x1bK4*vW|`*!5~tY#IRh}NG6om zQ(zDy4U4%_%H5d}iEz_r!O13q!tK$8@Z>3jaEIT;=i-y$OQ8oT_aO+#f#x7#OG_$* zsX{M<*~fQ$#g^4};dAJ{RtM8KR!^d-_UrNc=-fGnMOL3{hzqMq%;NKk2!t%&97}bm zdd`(k_y)GsGX0|&i+TTOMy7dk39V6;>1vT+@yqK(m6Kj<&)o`ny>{^KLajAw-@tu` zYmp(>5cW)IbD2HL1$>|B_*ddQj5C^%4THH%aHvbJ9Q(3ZnGmdoo(>+&F;1GDB1}2S2NKr!L_Y@5HHVrZWeQI;f396j zXyQ)UfrK3ysD@-Fq{TJVhTGl6I=nNZgwI5p*hK@=LJn+^c}jLZxni$Jn@O8F>VygD zjh>bj3H2m=IE*Z+Ow=TI6fIxvdKaHwi%t8EL)=o?)x2eVOsk^*6N+WE7Kec|6r9(- z{I=gf6gp2Vub0avVKvA-@Ju6#c>rc%kpgyWA`J6N%8wuk?Tn}Qs&wK@{y4jP?*uiV zW8O)!2Wm@9-SIepjl9%dn&x9?DO@tCbF-xyg{OkzMLHekB5U2r;ST#Lpwc3$UGyz5a>OdcYwntI$ywwib~ z%Jmdf>tf*4^R5ibi4HQ4Z6XWLu#x-1raq*KJL&?NF7=hw%pzS>L_c^-GRY~rlD&BJ zo5(J}WTo}4{`zb(aQ_V3!5=hO2}nktI!P?FzwYq&EijGgaJD5|#q2BY+s5o7r+VFG zHK)bI*YMUBLr_Q7T??+py?UGRdU%Fc56i6G{poow73S|O`yx`3T$xX#B}KaN2Z-BG zyE9)h4JJV>L}vK>AX9uqdy2f%QSWS6mP_JKXxWCV@#L(Yr8MKu&?F|4^rQ#0-Figr zA7KgXav8jR-w5fEr~Yxw5Q$$l81h@Pzm@db3#skN@MKBDZaP8><9;1qaX*G4xp@B-Q>Dx*%zpPX~U5 z)3VJc$P*we`2140v9kMW;claT<&rLw9hPEi`-f+2*vm#Q+{y2w&#YLk4Ly&cbmNoe zvZSA)exnC$pa_Gn{v?T0BCXgzGWDSHk>XY4Ljry~Q5?p&CioEhH{5%&sE@hgKB*U8 zkm+Ip2Iw059rs&i?~AmE65-pxw%h8(L&Vy~g42HB?Ke*czb2Fs?OqGOaAD8<{mo zgFH9CLO$;ct=E^N2eTXWxb*G99gRF5Zl+QWilBQOGwS#fN^rZqMsC?y1Q%ZKX@L2W zKUbns^J!?txrNK0?vFY%clY&muzdwsEQNk&ml){G`LSzO%c%)vf6uh;=u5O8JmxLT z;6)^i;}^*mC3eo_5{+%LB##hF=St-QGORXniXF5TN6E>)tseoS$5hnpWC2L#Q4?T( z+XPFjk|7|&tW`fhh9j0tN!WccPwhA5Vgy;1E1_VC;e%n-6WSlYg4$3WhF*6OcUVFT z9xbFH&;O(hA^G!vb5(xzRiz}Vb+Sy?qgRW%HE!%&6f^`hDgdJ=Ui-X~e8D#)TB%%C ze6zcqVnnt$$rOt%d%Yd;{J!fM-4>t(SUF7l@_>V9jw-~`)U@zHWwrHF_t6z79{Y~~c`3Hqxof2oboZw&2u>Os2@N2)dfW>&63TR+EI zK}{MezCsQ2D12Obj92s#6x3L=<%XpP@o5z2YS>PteGT(&hOCE;4;3hc#DCcjQXe)F z??8ZhaRF%WUc37EACIwK=fytAnfaUvzc}%EW#>F27>TGw$#8n)6NyX=PnPZ$q*DU1 z3Ge!3-_G+}*m{aGM>#<7M3XsJ_d+$mdS31KWflC+o2cphAHG|7} zN5XUUqq$nUtC|EKb@ciza9cJHc7COPO(lssy}NXT9ie9aD&T<3nB8BPMuc~_`LW0P zA?q75%iuS*+U9mPY#y@y=UbTQL^`CYshK?|C!7P7?RJ_budT2wx0ZSst4LE8TxJI& zHx(dhOt}>MEm3n(V;|lfvs0yT`HWMs45IFO7FxE)w3Aqy%%v>=*WFDcBA4%^eAgk4 zjOQ{u7Ht(5!Hzd;-jlcR0rc21Dhwwk*`)qWD)pDBeKA%s@?n9D22O|1nAl4Pg}2z~V48jbRUlDgp34m|zpI?4xF(bSeJsnDU+1f-h(r zzFuuFv3F2lVw4~DXz~YWpcJK(IjXwpuT0##gDofe1pK9^VJXW4eZT7_E}FSY0wj)O zgcAltYdk@8dP9vglK+54vs|O>PoRboxo(@HWOMVxQBtA+^bm(SxE`s@_p=-vOFg`d z^VD5cX)Clu3>d@Pk1@k`WCJ`%pa|_N4TRle{GcxyF2SYv8Oa);X%F(ql6o;m!W^@EzRo#W9*V!4Zwk&=r`4h$DQh&VC z{tN2U)`qCVtGAL=6&Gh-ZwUL`U{#kyW=fG2)?Oa`h{zs(m&%3bCW_e|u~l=N&9`Pg%!Rab@TxRn99PNmb!{Xxbh9|bT0$ddtZF=f|W1; zCD!UdzP&V`2cu{OM@O=6=!{i{GN-R@Wa9IdH~^N)0#*#}^w0bVx2BF@{K(kdhEDfv zPD8S^Unfe&7D#x9=mWD;zzm z1U-dhOI{YmSK;wBy-usiO&U-_DOAB^msPE3?9lUUTjzQ7rK26k-a!9T*ZPy~r!l?O ze@mt^&7OZd4Av4lhP2^E?msWPTAN>Q!Kf=<+ouMAWNe;FbYE!{vx(L*izdT?hWkNd z5$w$XD=X^?*E`AIX&JqCb@({nU$51h?_fwhh3lYAalw87SZWS_3Ea*J;G|WjAyd!G z8FHCnmE;}lA|R84IwOzEHqr(8;PAs7N8{5XfEC&hAQf0n*Ukxf2OGoG0FPE9e`9|4 zez@wK>OJq+a`H3qviH<;K5+Kz5aqpJc(Tbcka#ptMVc__cR(;Q<2Bryf2Y+>yJ9Vt z&v`zhipsv~*q=Li1!O(@-83S3xhhsr5JKWR|E$>GdlGCkfiaIFaNrA}v6kO`%%$7VzK2iwpyu5RZK3I5;ck8*VB-yw99Uk4@8=T&`h zH)`=}2eq2Z!R^<8%qZiE{;T}rf9<<>66jY+g}ETLWNV-mai8N9@_^dbZ_GY+aol!Fz?= z^VbdlPe479sdl{_xQCS}{5U4-G%wq&OBxiTPKk`-37D@a=p zeZj-BR8=fNpdhF`tfnJVHQbz`_gu8#2~Jtq27M=g;YuWXl$=>HPS5ERD9_d0*qhhU z?nZ8wS6Gbo?G1;zT1#qWZ;p78W>j;GI8;G^^o^w)290Ey4D3c4r8*2_QLp_DRcyDn zX+%qnS^D)A7p9kVwn{7C&WX1I@lA)#*6RmWcXH*#I2E=Rsd8(T`lCE(muHv|V~ofl zHCaAIx>ZGSgc6PX{?YE44XZ7!qB zyo3&h44#oHabqcLPa^zD zw5B8;M{Z4j4>q>~RnOF0_nl>9JBdJc<(-!H)F}!FeyoU_!YH8$Ip2v2Fkvpge2rWN z8c_RbALbKjpq7!HxSS+MLuShwu@Ca(bZbq(9AqHVQv^eG37XcXpLMvYDmaLi1BMK1 z1=5fe1mhz#G)3b|u2`HGv)Juu7UQtb)XYatI7Q|AH7#Mk(mFbWNhi1|djoGblkWwN zJu4&(`TIe_*S<#k5lOQ@MTB=Fmo0I|K0hutj9S*jgCtj5Cet6tiwN)j_zJ81)zo$v zwL!Fgz4%lnA~FJ}ookl$AY_)V+r-N0Bnngb^%n0;TCgzLQDL6gW8Bt`ESi~zEAel> zS#%_K^ahpScJlB|{VYQZ^Rq{PF+I`!#$bc3*`{|KjIL*u2rIbBaBLU6K&oq*r z-z5_8B*Q-uziO6jF_vedyr7VbJK`$%K|$W*)T>7}6{e@wh8qF?5HP!48EXWAEM_?J?U+ z1*@P>>(fNf`hy6iivILZ447}I^7tH9)Xlk$sIFd} zt$re)a+(@g%i-047G$FM%*Q(VY=}3+{kBu{=XR$Uj#fs^uaqT*&XHtso$n5ecpr;J zA8slC&dyM%10^s|kb`Pw>s@DS>xf6k0W5F}toDF!F5<$xRhYamm_2Mj-r|R2>q)ia zVvQ}2$8PpL_;LWQ2AO}%G#~FYE!O8pJT~vr6%mDozJ`I;Nxgep-YW9X_Sl{_uk7wxmbuWOl8nyJ3%cp%WFYB-ZMAN`TW#!r!9% zLdJ&?;hS8()_7u~@r**DV`x%Sl{AGVv|T2Hq2~mVVezXVrjN4zqZicOYvhb(xv4bs zm4YJ)dQ`c>{8;j=o`zt4;o|AkFT41qo8Q+dV8Sx}>x9_=I4wF>$P$C8;aGonfr8|t z7t9nPJ7NmCC)Gtsc>D^HS++U?=^!f`a`B&7{nCw?*WCfVm zH0S$z;7k6C$B=Dm5F-ED75&Do_v$^xTI z@gle3hZ6FS$U~0{y^SqbR9LJKk4Xgu`i~gghH$K+L1c?g60u^Jz~&=w>n?Jv3*IHu zRFg{1y^wegZsNJ=Fpfj9z}v$5>&C%hZ~{m5yMM&)pZ>_W#QmGT!rP5S|6h!O9^Xpp z7)H3%B(}+8K-Ff7tQN0W(e#%%6cah}T~3A3x|_cIP;w_DeiO)B_l+=63|BVK6%o0` z{yRIZ^Y-&AXekiLJ4F7v&Ux}|cb_TO7VsOWK`-1`177QjmIB>Zh{7Y;ND>$qZ*mhy z7Ax&}&QwNncf?b1F?vldI%Vt(8o?1<6us{&Ai7o-;k-%KO$lQ{e4G0INEB5F8yv}80_X)m-lEfM*7ni~#mc&sZS7=!Q7x*>#S0Ehd+EsSHn ze^%SOJ8i7GUByh-&P)|p3%qODsq=R{_7AM{EVz2${+eTe#Oat$*K?qe`Dky0`ZSF( zIY!(U^&A@?Tc3PDmGhkJI9%cjh2jd0H0_FihzpTHogXH>E2}; z;7c{1DR3H9Q#%Iis+-i$<0ZH_8&joE_B{v0nW&Nh#603wQFq(w6&JDTq`mK<|Kwpq zzAyjrn^K;OF<^1IthZETi!PQd?#0lbj4gc$YQ1W@{C-`@Y+aA~yp&rsIpeoUq>( zd8~nC_`5tgUKR3w5SIQKAMWrQy+N?XP)z=pO>N@pG(WkMWHt@)7E~Dy?_+(FO8s0d zpScQGp3*i)*1f4#qATkz-2t1XusogEpDph8KEQ_V(rf7 z@LQ9l=h`maw9xzos<6@~KleJd+B=$zsAloP(^2vYV@F|jN@BdjX3*@TJzCt7-#hwS z@3=4h&Q2DS!*f&Muv(-lI9L^08`&|@IRz4olV?biu`}V9?VnlS+*UxcE;GfDz;O!3 zaw!;&JK!A+36V7VN|EU9uPHvesAw@VHhHMCqDfq~uL^==zDf6@579%E^iEbj**v=ZbQr3Y^-D=BrGjP) z=gxVpmsHs6WUVQoaEc+2IjB;b>Meok0Ktl)(0piQY@ctyx^;z9hZA(DtMIWNmbnVF zvP<&d#XNMWi0m35H0LMLdX&jyJNHk!4F#(DFa9mgC+;~ z%}CAaxJ{!_QB&^{A**A6KBatJQ*Jq1Ym8MMhTMZD5CRn8KLA#Q`MLgl0u#u7Hi$hm zp$C8!cq-2tc-tyLGS%uySvB0jZ`vV^e{Z@vG&#st518|8^g@D%Og>rCX$90M{qXB^ zB98ia!KB>>%jF~lqG@f14jMpmE1K6`vTfk&z1iZ|-U_b6bs|O`^&KQXWHuLsW; z_S#QTd!1+gKLEhC+m*zF;?t+Y*cu*l#BO>KRq+4B?}kSIMQ^W7?H z#ls|Dv`Uc;)e~h)X$1?FDTf@+pC$ z2N!x_e}b?V4j?=p{+gvUTJj8M;wK~14odN=|ta33=Z$ONPtG2W+MPl6nB8?olQtWXIuI50Ve z9LuOQn9jMO{OiwR?@?jnTX#<5%JQgKe7;>Q!NC0u#rxi4^XsVv!RHZV3rox&tNrf;$`Tf?#4L8|zgqapm3N33Iigq}~bhf$gmkRce zs;boALnZ}U?U5mI5Gs|JAxaQIHE%}U+yl?K3sG1j5yKeM=Zbvf5V7W@Z=l9}4IgE9 zloDy?WE!#ZLzG?Ag;$L#wwT{*5FP6>d`aY3&qsuroqBDr4BTY-fUezG* zlPP+q$RBr_kl=~HjO1j|l)kJeAaOFVI#P=SnIjj!mdrJO$hUdRWLa>%)97X9C?hW$ z!@1lz&d)y5*HRw!rN{Zkb7$;c^j&|Z%ma*M6bm`D40{kw)v?tP++?5{s=CLcPI znJF5?&_y1y$TE=jb#*SRAxXN|XEe972+ zwGjYGpC}1?Y%njt=ZqYx06Bkk0=ra&=o^&Vju>6XwOtC#dCi_i!z~Q-|J-hq7dii1 zSU3W@?qW(^x2RuFHU!omUjB9K!vof)GoG~FCempn+d><&)lA}v!{dk))6%qeYAx?OqL!6QNXs*HvyZyu>oU` zMDWJbkkx3_cjp8n7X$FZbk%R9Q&JMqY5etr@(5nh`xeg03;JhuuEmCr5av2uy^ujt zdh<>vhlGuFT#njQypI?3W!>mGlGo})TrZwi&7_alXEE_Ly?o)4{rK73RalZyQNz%c z)A8qpj>MCX*&MAObiSit zgvt6~jlw-q{So?7N|x(NZ=0Tg%|Wb|pvjg=aw(}yaj8p?<~K@W1^~DCq)p#WkrK2f zEwA`>XP_NoXNLTjHq=wd+j0=~LX!>a(fTKb5b~ z0B?V1hT1J6>6LfcP?5{0F7*Q&1(J~ThSD=7Wro6o2Bf{+lAnfS3x?TAub(>uUG%Z2 zVf2oih9Yw4mE5bn{M)Zzn!qec<6(@6`m$4fw6m zlP%ZoUT2?KbKY4hJ+8(D4s)tlbzz^@FrbZoSi(H-$k$oHPBB831>V_G3jM8ws86)~ zbJ;~*JjMUwIxgV4t@Yq3)kH~G=Q6|fF{@N~i5PABp(1tUgXm;L0@|1F!9+y7VY;B8uAlQK z0a*PQy`kfjp`Tk0OfT;<5;N90m((Y7TzE;tIVXr`o$4F;+vf$bg*YYzIhGXmwxa_e ztXYw8*XW91Qc_SY?|1%k;1DU{4?`m24(UOY(RM&D*2{jbT&1^-h0j!9m9dPXkY%oU ze6*#E#v%auPHV>@c~&zgE0Y-!yFo-1b%rL_Si2lJ!+5;nv_|aN0D9?xQzp0H@_|k1 z?2SAN6`rzRYufjDv9M-q27(tpt>Z$43lT^Jz3h0d^vLIzJ^M=ld9|GvcvGnZ%rmok zmkiN5cDjiCE_?96_7zWs2HzLz75bt4op9mLcq|3NZ)a{Z%p}e9Gx5YLgZW5n$I;Wl ztY)BKvu2D6f>OKnm+dUuZ)g}0%e)|)FNj!>pt7ABCX8aNS*-^v<5~3k1rB$yVPN}n zT3e@qeU>jX)UR=-GD1C+9b?l;qD`Nv$DaEUZujvRjrbS0YJdCTMhhi7%WGNq==yo! zXKcfa(c4dk8`ZuWn&(jUmE~r+WjUa-UN0hkI3jm4Kh9mruSSIx-B=XK;cL});l*QG zwEbQ(%N1nHd7rXO)$%dOop(>RMXbh2;FkGcMDxwjhI&f&&H-8L>@AlKpm?Z9rGgY* zbdpPS*ZXa~m??f&)Q|>Uefqy{*5&U-x;6U4o4d;askOffRY&GrOMLy5U z&f=XQ>HP&dk~m@FaPo?u+VhZ8?kHTDeUOjI_UE(4@_ZNLk;LqIC|#mh$x($jjx!rC za>kzv*0H7_6YpT<%MZr)%3nky@pn>rLBX9$|4qA0fZ7ev)!}Z9TRz0_CA4dmf`s4J zWOZbY*oDO+*_5k`65}aL^DxkK<|Fm^l+Ie#*4n0PM}Ba~k~qlB_9R~jPf{XdNbK!_-K}ZpIu0~_>+@P{EheW*_=^jb$D9C9@F?wm%fbPh)C6x8B!R5?wx=-Ax`%i5 zg)OO>vV)8PQPkUyHaKXy^rc(Hsy#?wYfQ)|Yp2K86xc!xFU}rUyxFApTJi3JUhY>gO|`yBSEe8fpz2+=IAFV3OQ@PiG&-j2wK1c8#n?t;NC*fKG|^RU^K zkS$YAvw$2z7HW^n?U2G>msu30f+Ztnz!L?7?w+X81CgHN^r|icTC4RHH8upG4)Ty# zif&e(dOQ}YUY?d4YhH0-Fc!y`j)3s5oOUsEuH2$+=4gYD@=W(zm9KA&uh~mmFTUi% zDxd1Z{!7S?!s7fcC9*FD8t4K#^fs2d^9cLCdCo-=T^}!+nz;}c(s{zdvBD8PnbfKT zA~nQd%1(4YW5?vT^;2H{1O9L)GaZq5<(sh36@!C!O{(A1GkVu}#>P9%XRVPCn~vF0i{p*422^G2G_hzZLA+(Qq3U%1R$W%ZeHu zSFaz-;e3)LPgZ&Yb~X){gYrJ%NloQ)o;-(g&(@OpT2qq}=w2UWN${ZG*FPn4g`@`J zD2AH1?C<*`?JdL?e6F8xvWp#jyWaV!)~zS``CH;6MkYZgWnl64DF4F^4|RsF#tH&V zssxxKjvWHbBqsSOy1P{%Tw89BhqXoUm)Z951?hwEeO@J<%{GV3bF4J)OtZ9l`|zE9MB; zOtEjlzI{-m^h6Rye!6mgchj$w#n}{0PVg6136d$V zTG*chO+R^1lR(&n=u?;8maYiAAKvo;o9xwily+SuG+xp^fp5kwX07(`&Bm_ZZXK#U zWi&@6l+fJhEu~g9U(P*9czFCAPH9#`@>*Q&ZZ zeZBE5H*aj$9bD=3?aO9`2_gH9>~pfZ(}$(?;o(RdCHM^70-#HeIf6}MaebSB6ox&N zx4>(E1W}Fbuf|gh4(pP`4>cJ<-5?!9cc&mYgmkxbcXth-NJxWp zNOyO4cS@I}l;50lzP~Wn?04_=#Jx1FpsnI5fq;`1d1L7&c<~Jzl;Zd;DfflJ@%SfU z_6b64W)rOV#%i3lV8MJoVz?f-@oU{~W3F6nlrI8!kn!K2fDPUbpkWOvwcTy27$E9c zmDzjdLp~D0<#A1xPjU@DqZyWs$#f?0}c{jZ2qGg{S*6Be1QpE7rbx$PLE zdL|l6-noq1u`4_zoIh`THt*kTE;<8vmI~gK&kezA{Q7G+v7&=^=h_Ojr%F*bM?yw~ zDRJm-lLd_E3dhnW3aFP@;{I+|&&*O2mQV}}SYVqhb)yc;sAFIE<>F^M@>nW|w54)| z70#4m->`0D>)#|d-n$@NWTv?a$X+pckjXH{me?5TzZI|*dS~`8E&n+rvCiIY%Zn;A17gJ_;Te~n$ zQ7=d5%UXtYR4}gGNWDt~^<`2?I2&FKbHp@Yd$a>gNj20J8Mt>y(q&#r+h@P7goD=@wmCTxgjm#MmutQMIV@Qn_(df35R;-E5KB609HAr^(fcajtE`ED! zNkz3oM@iLFg^-h^&EpsK@V@&IcJ{SS$~H^#6fE<{RW>ZBP39Rp9M`CkKxyd^J)F;| z&w=RlTiD3wN&aG^g;4ljC10=g<839t`>LP1E3K5ElTnEN>&+&ukd0Z!Vr|?^4?zk$ z(cqt@&9^3)3uGsTAW<0}78+p~JKUtngmVl(A{4I$(j4DWtw|AkQA6L~%x7JHD4HR$ zTW#>PAl;Z{r0ZoQevcHZ;nnliB!lRQ zQg>N$MYysmS}I&i^qOeyI21de!P+rdSt{WJm`z1%h6Vu1r&lP`zo=ea-T9yiQ0yz+ zaI!RWh<#0zC8cDC{zsR{dT;erB{U}xIPQ$2`?ayLH4te#KBk55L5pT_m}ego`u^bI zzdK4n-0o}WFBW-pd%d#ZlM?APPi*+@v{~J=;VUBc(tv(FCVqo1U^%xlTvvhpOmEy* zUD*yw+Y+(ERLdWo&CWXC4t%+LcAmi(*QTafyF>dIBBQ$dTK#WXL>1HaQ-%Lbw0w?N z&(FVSQzmX+!0|YT<0~u5H=sl7AKgrkTT~)qiVJLl&!8TDp-Bu-ez7{)Z}2J8EF1)p zOg&QA!VH<;BMMjXqRr<^gAA-NTC2j}r74}?nslh(7y{JZVBVc?DHu^Ov5Ed4WQJLL zNT|$W$5(;8UqHXdsko8eIfPlrK|7r_6FoKdreIEWTLuhC3$e&*jSx?D(W7Xx>pQV; zcrhdfS~5M>L;el}x9?zwn1)Kzbe9u0l~hwalMhM0;U30p#8;NQ1qk%C1yoIrsr0G` z0%C9RSI-jgN`-E?_!ImgWgdjuk3`n?!^0aClamG$eu+O(Aq zQJV+_x(fSe!LQ%wJR!Q%c-ewBKkp&yc^H3gjCC|}eGrEA!zWSv9c5yPRE^S2gYCUp zJ|*;4@Nl`V#4SshLWGW_tKH@Xkgw2cn21UJ4(;# z@QqX1hE{(-8vK5AQRUiD&X()efj&b?_S3yo(vs6}{X+K{Q@XoM{gAjy@0~PgsSqOwVRIo+i4~fHYw#yKLo@Xlo>r-IYzJmOa<&Z(NUa{P zZX57&o|NgB_t<ziAI~iN|49?B@TmK4J)^gFEx)Ix%|EWg z$^^xqxjVggEFSj{#UYwzN;M95B%H211y2;IOm|UhvwLC|^Bo6x1K4pcnyBU54k??> zNgs(=7}qsg5=q(ZrSQzn_EGX#ggt%(-~ohnA499{3w$T3l(DDMjRDa1Cn>y{z`ps~ zM-;Bu8QK=!YH;;%nsJ&m^)Qi%=?7`+sGLd{6s4?;thWnyM)d>QC9S zlt?h`ry2QJ$GGia*$le8c3ma6;=*&R-KN{9jR~o5^K}hrv|bEWwg)(>V-BmuGgi}8 zF*>~F%;Hm2iqaw~I!oVdTRE0mjb6%Ra(*ShYOtz3ao2^`|MDMJt|VWhux_rTmpgqN z4L>Y@P?Clj^4s-G$ej12H77bhP^$56?AL5^90Hg$pC+$36xDfVX6|8&0)XuEP>s#iB)!SkLxQ`$z8JLfX=){{Z^Ev?Smj&EIa5m= zSg^_rS`r8uvJurZ^e~e1z$q6TOx94bmz3tonM(hlX|AP7#HG@OZT5Lbh^cvs^9lK| z@V&xUo|Pi`d8iyO16Zk$W=%tl^YS2ue5n5^UDFHrg$4|#VmAFVKo8ICv zmP0?H;S|z8)p;F1jJ&q<{&epFDQJSou5NW9!7V-^R9X!0XV^^|)Dq$4-wercT!~BY z`&EGO&m;xTUKfl1?~7hWC5iB|DZF{*dKtKsu|*_wQ=|UYec}HY8~CF4v4${XkusE( zo6(G+Y?2)#iKauv42v3feTB@&N*MqFQ$_umix2SD)TqIUEF|dcvnBiTP?4U&w!8Z* z#aC!jmM@1A#0!8-I!c=`H(T_d*@b?xGzL)f$HhtK$&>CWxY$aN^dH@|m+aT)KV@1^)drl6+){4oG!p1=J1~yI*$IB6iHZH2>RCM@)2HCy*`8e z!si*J)qm_Nuvj&?S%Q5z8j%Q*<13>=98?N4X{*nA4OhRO4)Ji+LrQ`4RvE?LRJ9P! zao0UQF8%Z&#y0R`6ueAJH{)|BxV#~N)4qGS^!u~KAnefNRvZ=`szn@>Lf!3qwo->q zjGc*cuk2pq-`L;iKew!vOq6rh9l9-fl!BRp@rg|*=rG%fDBE=%DbsEFeH?%UU`{{` zyXh?va@9ABSH0)Ws)nC^S2Ca=V}jo4+{|2D^HY_EqvOz3NUNMb;=BX5oLRU+!4XXu#o!KbrgPP>>*R~>g_ z!sjHT$+^68XYrf(k5tA}m1*@_;SIJ>o5O!wYsabZ{mxxRz5++(7+m|wx*!Jg2Wxhc zl*iNoZU_5$**Rp1-=?*$LtZE18RPH=PCI$8>*lw-+#gt>wF?!Lmpgm8CH=dFOcDlZ z-Eb&+FE@z%#)tI-&jH69))*MwTz3GuwYZ*l=-k~=dv}_jsW*pK#GRZdh$wTq1O496 zADcJ=Ud*vuR4$$V0bd=A$o^9(hNi!F=tqqnW|ur6D{ediyMLxii}Xm}xn*rTzTFu) zKct*G-JnZepztxO0bDqc_;Y&D+)lvl!xBRbC^2% zGI~r7Xv)-DFYTr{JjYklof2&t4r?qRz!iVMXsyorLX^4GLSJ9U`eM&bWJx4_Eef7* zEN!OK#5BU)@GojCkiX9B3VKH}*G*c;cWREKK`%hMvMlw%qL|od_YiG=_EhbiS>L>u zE$lsLZEdjhcIOC8zwAL>h;>nSj5+F{Q&~`4zb{flInu_qKqZZX?04sFDq@%EV-UN# zIi?@U^PMJj{B-nQ6ihYIoVdAuIyiahT>W7ERqe1}3vLY-G3jU((ozxy61e-Ffv90S zQ>Al!lN7b`%BtN6WKmrUyK!8Pd2WR4{rE6;ebFW6d3BszH!)5eWCBARgiqtL?i=_^ zGiRL_WJVq|t_{HYrQPTSIMrewTpj4s7P1D>(JK!H$G|1xFe)j4jSufPnoqNlslh}f zWHxz>@4alR&GJJj9kQgvM8bSMl#N}ALgy0J!U)OQ&<@EOaLlB={Z+gr{P+P<{gU6k z!)LtbIWBF{`3tD|c)M&zLNaS}_Eb*!37&YKIxds%F>IzX(qBQsyHDo4$YPj5q*6OE074lW((nTTWb%&1PU-8$tq+dQ)NY{0a$^JCI0oXNZa} z1E_A1A2dOb&YL^li&<}MhiR7YtD7I2A^6KR1NZ?a{M_wTS#b4B?aw*hXjs*v@9F)T zmYVCG%hi##rcoz2Wwsyt_ojXINlfqe*p8m}loOQNh($vpO3s64eZ2^)g7aX^MIO?2 z3>e|gIzkDtE>D6jRAGcAiKo0d#OftMhLL_m;J+vC4|^}C7k$uTMOXYx5;!eRvP!IA z1!vjZ#JG^60rOC+Vuwmh4k8fTz4!L)xoej5=IQs^W~5Vs81e5xVVc(bFQogMn3%-C z>*>1q();E#0B4A@h1#u_em{wed-8R2;PLm;Uv&9O!|+0-6w}X*aq4-*gXm!eeHAMa z>INuZ%1srhE$LJce%2N5X&lp;y8`+l4ecRjYX~(_(uxc)aI`QV7iVY_8I2R<|ex1)DN^eah*#Y8-)Fg!*E5AYi~xy$t1zPJ zRq6HO(`O==;82M^sm>ME&bWE;Kcw;?Q_R*V5|>UaX$)0d2YBCJoWV0jYd4!xLj(@B z^=mEo9XhO#A%=Ab;(r-(?8R3GkkY*sWRS3bm#O|8Sn7KGy2en{ymn{Z!1jqmX%bti>#o<%KT;FVACzb=2E6)?z-g`SF(ro8yJDu zt(i~g7CNRedd*%O)qi@}2{`n^`8zK(y^d|lXI4E}%uN}ns%*YSc)`(`8`4g|DGXgn zJY?2r>r2DN+S8P!WdlJ{nl=3W8p%L+aID4M!)j=EV%mfF;d*S>;_M~Y!ijhRm4XT`y*F;|4^pltJu}hJ z6E3n9&sui^#xJ&v28ixdqfkO!F$jJCy1t%|t^fS6hZSvxf>Hb+Vr2EvAerEGYwKtp za|VlAj!r*RD!Xw6qc)hDh!pXHD0D#CWD%1z=qqr7v!4pLTxOoIwiU&tb(&fqek9B; z5J%m@736x*>M$6?DUhvN+PuFG*D+5dna=n|KJ5WHX8g zNnEJNJBcN=)c3xmVxLg?t?9g?L3bO0%y8vt)CJe|%yKzUw!kvuKrC?r%l!_?>K)*_ z20XsT#Ko0!L74z6Vc1QEV;8c~<5SDythdp)%#Znk|F|FQ|Ai7{Id7b&1YcYD-!3@* zlBC2zx-G7QjFThf%d4`V#OZcBu$zUPY21t7HpCZYzh^fl_%nlLg_sKlruYq`zVDVmRhzx=A|~kV zik7hcf->ifBFqDt>raeg{oC!kRuKV^eqs$7SEkB2 zmUzeT@oXc(#e+Z@z(E0rg%d$+ZE}0`fs?k6YHT_1AUBXCZC%k>J1sGQuy!>%H!5HO|gVLUSjgABNxx8Xc zzw;M#q)VNawfGvt3zzZk*V~o88_Rp%&#R6XDiV3QIq3V z?1bLK_RHyIH~HGoPNovv!(SvPSZrvOM(pwx*Tw9EOyuiDhN0h~&QL}Fjgc?U=xbft zN(+{+qc_Z)@BIWVQGPLz9d}n?X9Dk`FZGST%kAo>O_hY$CHtu>uU2@BAYKHWY1$`9 z#YUOI8V$9$Fn*YM1c1=N_SfM!{a4V8ra!#+Wl$o%^grYXx`Vi%g-@7+CU<+pDA)#<}+SF=bnPts) z8@oY6CUTi1F!y!?C8CT*21rNSoJJ!stO^f-nUh=S`&(Tyr^ zCpDx_ukEVdy$!shh5;aAr<+Fb$uQ*z&5H7lA#egs4AaB5hhD3gs(`D4d&@ zI!=7|l!55ryQuY&7=cBHi@_~0YlW#4a8DYcXN17B=mrCsO$t;+Me|tVI=Jq5DQ#Ig zKR|oBoY0)*{N6(yZETfoA6^h8u9g+V4MH^XxmBXxH3)$orWiA(KH_9yMa})RPz$2P1GND*h1h(_yWS z@T&VaJ-YLgBI$JnF4mB?a3oui$-5%(#YX7lv6Ff{_JtyH?W84dB#%hbgkBYS9#feqasSuzUPsw#}7Xl?wYyh z$<*o*UBbM0w3nOqBSje|B$oX-!nMnBQJOoI0^~r27Z-=H0h@*Mn5AkEwx=pW>gY2u zX55o2uvgCfHUh9!Zm`2GuJ@)yo}-fqrC;(KK1I?$z6un7V|qC~6!ZA<@a7}h`>&^k zXU+8A>2c@e?)tOf=qz0+`O=#aSevbK2^Jg~ChI--#mJZuaP`N=h%U zbkgd&VS0nZntu+nKYYu88RgLbV7w}pr^dBhDhhv)}HRjC48 z%J31xYf&~Ozc}IOUPSD~2A6t5Krd&3u%5BcUpjs8{bKId&58pG4$p+)Ee1R3 zcy+jgBo*S$@O;@G2)eZJk2?(y+oPBIk>al>4N4skZ4|#FSQ4X$fkEMvZ&{w}&KvN1 zJPYnbWS{r;&9M52z@+YbBdV{%smxWxn-(p(wfGa)nA=UW7Z+Y zFGPYk8!P<;@0xbJwG#`Oal-Ni6cJFI<5tl$=}tltB~UIQr(8jWAD4pqWO?-Y3xYn( zq-W76ok-4GnkY<+2e95^CM)cb5d3t_WhN2tFf3!tcgxy;BGF|_*fzyBVNyaNu0|n4 z3G}{5;2co8+BAAXB;qqx($v=$r~qWFY%iy3JJq)eqT9ST)UVjvE`MYT&P`*xPNjU} z?0h-rfcRW8+@kzT&ib10pL7O_C1fWSdK<=lw{=ykwWq^Ct}c$v_Fe``bLkAc`|x3C!#TSKdo(H?kibTXA6y-?}F@jofZrx`6 zQC>!<>kDQ$GGIyr2Su4g#;91Y?j_SZlFZM_ver}H}4 z?grv-fya;@6(M7u78UU}_4952d`Y|+dE=gHkRV~FLLJgOa+;dUD+a0H#%S_1a+{_V z+APEgD&LEs+Ao@-fCNepS6R}9x#o8`i2k;S<#g_|Y*s<#qlVAI=n?J>RiAqd-0DJt z8ZnWnmX zUlc<;5`LWd?~z5pD|S*lDaDQ2bh63%btgj_v6{LII|+rOk7h<62IOre28oi8DFv#`}^d_LG{i&6n=OWX%n?o zo%^Z~8CU*VP~UYnmrb3V7mll%Y!%FfV9V_^xGivmhB*)tj)J5gJBPPh+YpT|$e;hRvphlR2|_pfR$ITHyY3BHbvV@sm%k)q zp;eo#H~DkCUGGu$eDMgjh}G(Ia!CefrIMpdx}0U=!XlO8Qp(WBTod5YWAq<)3kwK#BpuM1?4}yrXVD2_zXS_u;`to#6>fv*}SHV%SB5hXxS9Oi-X* zFlu!?FN%&)BqzoP#4yCmywk}fqN%IiSHnI#-B`j@HruX#{T1mG;uroD$&z9ThU=CX z4(!`~lwz7_cQBL0aESeIDE{S6n}I@19Pkz)@5h;~)bL1^OhrJRa3?#lHhoOquBhMf z#}szFu;kY5Pf?hqi090dYr>C5qXgJqho@)LkDj_JQAA8Eu;e8Mwvx;D7?Sx$3grtD zG`-s)*Z?*n2_2uatrkjItH!Ckjfaf!0tgx7^8*#?D$|+Cz!Sc}^#DU}3r=6G+*Q`p zUz8<%UqUgjm6Wf-g>EpcuLU^)$Kk$~MKikX0IN)YoJo-bPIF-o+O;mqgMI`k(J!aQI$%a&nh+$+727 z&vQ3C@@IeT4#6^4?Yfk4ua9ztKun^}dZWY|i9}EyB6{^xHS|)Xs0cru{t~>K{1S;% zPhB-+AexhFAbbTYP`dF9KKiW|=)lqGVmSFn>Y;z?0YBypx4}1j<8k9#OaA@((xm7X z9iK=WLy_~`;)cNGQ`^<+#Di%Oqw`}eNZ)78-;tQu&PWs_+J+e9clXyfHDkRY3u2gQ zGIC4`s{afS{@I4?&=}j%B)+WYMeyoy=AC@dDU;%zwHPmt=oQsmn7zCs2p@S2nj4)a zp@56d6&8)JRbLF}FV{amN|76$#GIi7;AXA#WZ9Pm>wjH4S}l4s#0|5dK~dL4h6OXG zrj2}sfuL7?VdNKjb&(r=fCCmga($ADj#qj2(Tf*r zGOF=Us8inKlPR2o+pCq&S3Ryj2PxYhnyRg5h`9I`Kmd0TjIBK*9|`i`xfY$kA?fR( z*>FB41MxZchfZYAotwk#*o45HJs-J$$V8*+|7|}}O+`vSIyAa&*9v&S3OE;aJ}HNq zuhBF%z?35N$iSEVuF#@JlZjc)o|Z)?b64gF#9&450uTwEBDQ3jJCKrm70+BK6sq2G zItzJZhnw1yg(I2OjnXRvy9I$FfS}AikNtO1yMu5#ad;zKp_v%VT)NmfkE$n6%fZ z;#P3VZNcN9p^l)F&3|P4j4Kr^#!)r7qcS(-|Go+H;uVNN>yOxTq8&9D=WL$dGdv4g zUN`l*#4Ea2F;!u8?_$Z|l%Eh@HuXrvJ+=5L;D^7M=_hcp$p`rY7;GYFKHfZMZ0{R9 zh;>?2ls7xSKAm9}6~eNM99P!z{<-*(Z+97j~KP-H!*xgYRiBSDgK{l{C_H*Fu@y+W^FzzzF8zSn<2~sy*_l;xMi#e}DY+Ucc_1%5*fRQ2V_jYTg zZ!MIDR^(^n(v?twwTKW{SkPA;yohJRxpHoN zv)J+Y_Urj-!q#EvZG|0LAMc4(6(lKNqp+$V>AqSm)b?04S@z%i^ym=Xp+`|-C8lBf zfGjdmsCp1!9^&z;(koJPiv>pf5|x-xZ?Xn|WkHzrs(w|d(eO$)Ntwv3C5%yDv?5cZ zK&wZj!mS^ILhjN)%s0i{BiNBJJm2fZjYUdLNDQ9Gta-Nsf)a_BzF*B&`@x0Vf?aHe z?Ctvb%F|vErpe499n;xDW3y4$rJXJQ+!#-7mB-6oSaw^&sEGrP0WYR6>ls@RvxHS` z%2Tf@HFrwfJz3Kp@Ml(59!(Rfnbexf6ek08uzmz>hxPToHUMfF=i z{=YfDxgV16xPAs)+m7AYF78}QmSwr!^dE>uF+nCjA=Zv1YyZtQ5y_h>>lb%BF zzfu5_UQu*;%8wz$zTD14$ELGDJv0qwu@RVTkNoQN^40k02Roe(VYrNwi?77?c9w>N zOO%AZm;RUKLs(U{*jwl6;3p*H?`?5Wpjs!Q^CVa|tG4AXSCJ_11PN_lu6{cz1Yb9$ zp2ld*cj%G0Q$o17S(u}>{j0L*PV1}m#z4zhxLCpj385^aBy41wU8;}-hd&yy6G}0p z(eP-R*eaz+IK3Axd5>n_V>sqrAsNB2-M)`1u&~wkPcO1R<{==v(lCRx2MZM6oyt#Li}+PVbnn^4r?t$@N0YYw5ZOX z1<%S^XDp!TthL;i=EcBW&Gc1QnrM=-QvGWRJY8)RXW*FZ^j(M^CD9O;LkpHs`)>l} zDFSU?zPP5&dyULiOT1WCv%jLk+vr<%HNWst4g;`!3VgpCH9Yy>h=ux8DH;WjY#Q~X zOWO7@E|a)1yqn3&w8ta)AWLhD-#nUMC36fNd;Y%T(?mc3A@lQQd{pltN&Ik4x32D{ zW?c5j#v!&Zha!cVQhQg*sLqbRZa(~K=S$&ou{*4RJyvqFRj22@-)%#c#fs?R} zuHW}Y-C)vBOTD29+3m^HBPO43|D@_ivsAUBFjVN^kU2z{1Io`sggQ{C&DN!Q3()&r(vq=LPo(`WdacY;3lC&4HI%wTL$B2d%mwQGl2 zsi#=E%!~`F?JH1C+fhTjam2ryN`1?U*X_HA9+x%hNBngO!2RWs?<jFXI*HtaxK=|xO*AcQ_CJ?z&a8{M3y8atYA?<*hIEi!6+O_4}b zIeKjqwBtUEMR3m6ep~ZZxmn!fQ7uo-mdO@0lXunhn(qsrWzC3ub9%Qn%GqoUFhr>H zz3+2JzfBpnXXQSy0OK|98QZ9J+VZ>Ml^2v?&_G!#ecJ-tI>OckL=O2^WXNI}D(4?r zzwFr+{u?u~}KC@yXe*)QhqZGWWgRtzk z#qM`MdY*RO_c+k>hG#c67#ywf_|X3`E?%N|FnS$~HuMt~bjBR~SD z2-q*-Au4KNulj@jeS(dE>83>JwO2#a&5;6BvY7CM=bRC&2cO%Bda<95`9m0<=`<0I z68i4xVT?bU-oKS&gL_Dur^67KAB*YIsIop3-8Nw3eBS=yQ3VL8cTJovxSeS@*U#D` zlXbeLu)xEVMVJ)+$Vzpr4)M^`=c*jiVt4kM7o46Q7Cl$WEeYY?H5-q!qe7OM&N|l! z@lVkMaOlD$8k;^Kj5=VOi3?neg_3e`ZQKzFzu`ea6a%wK)U0H7J-UNW^aVu2c5a!) zUiet>XjS)&XiCf#OeM%zWv~b^o74l1KWH+b!9I?ja05P5F26b?+JXja0KBbM{xW~~ zNZSP>@!j9eJrH=7N4+p81VZOdPmCKV0WB`$xBJhQ2t~Z zecyHxby^K*Iv)fbv4c#M&)34&I-L>O+x}qcyN&V1U1oJ-LmT1~Q{u3Z9F%>-K^V?- zQBsYb4J>v1j=4#mh7;RKXCmvz{XKU3sG?%(v1GX3W>47J^heC^t#%@f ziF{Jfh1an5GZ72nKBw}{@wC6g`Jb5b{O<=`O_j-=t|kzlD8K6XV0!eA9`DD`NFo!? zNhUH%HXam2$jEMDXU0n*UAUlO93rIcw7iL)76W{bA99QCn#y0)1Y8&|v=)-7h#KSb z6R90S(vuGC_e0MUC$g%-$FKcjuRk$cQo8-ZZvYKticXQjnrJZG8ep9b{NcA7z<(fk zJU8+q)Rh)QQEZkQSK;SOj}Nc-;GT^F%Zg`(8$OUKCR19di)#_L^u|HpI~Ovf5%6G|KEjt2R6$BxUU0iMt@xcuShTb+N!!eSU^J8W^EmL~QEK^6FD zW+X-uNt&>~A*Mc{5~q>UboFgL^2OFNJQgBKojE1>v|2Kyo7XCZ*59$AlyW?b2md8w%;F0TfhNUeOn zl2FU&`?~`71;HHN3;QgMd3w{06~L{s(Tqdu4GE3|2_=W)SrfWyk_hgw;{%o88a+X$ z9R!V`!onSdn%OPVXhWF09`sqQR|%?!^5C4MbqAA~^kS30?)-UBo9SKdQA)GtDc`tH ztnFIt)i3@IOz4s>>BH~n#(LCpC2B;`yJ(+Rbjz@D%VG)(({i4KzsZ=v5yKq_dU*jY z7h*Wu%-m4g9#WgnLdvgJrUH@o+8%b3<5{j2T~+#PW#O$svQ~wcn&vFUjXYt8RMtz7 z^JecJwG}VN*M=g&5pkF9OBPO5fMOSwegkg;kI#?1u=m^^1r!ovsjQN|3$soq#f+f> zzhDW-x?#9l?EMO3x3+#A-X}K#^}+Dw<`3+J z-qcdIUO;#yd9d=Nsn1d;XWBxJ^sKg5V7=&q-1GL}ucvq>_K>vD67sAClWhbEsKi7q zP%b#|&B=fzqz_I|pYyZH_X2fNfLVyKgK~sjZv0}mgm!V>qi$6v?8$h5OH$-$@MRZA z*=p`;mZ+%SZmf7K#-V+7x8vK3FsRjuXmJ_%0e8T*4=EGM90FF+IF|7hF^dqdeojTO zC#>k_j2=><7P9}2k*ZO&aCo(85|P6Ntw_?k<+u%rnmhy=S9?^ zTsL-Wo?vN`s?f~wu6WmPj0&3sGixvE)j^5&&>EzxPU^6sksZ9udFnZQ7{Tt; z#97H708_4zH2WYRwG?1Xa(>d@tE(X_)86e9GF#bc=x|m8^d-j9l=UH`5f#ET7Sxa@ z@pZxuZ@QE#>eDqNC_Sj;cr``P=Y1ECv?v_GLYG;Ut8*tZMJ3TD?Ey~!LQ)&QYOAN7 znuC>e(APxCEPWHOjeT?0-qY7aK-eA`vZ$2RdQYr0ab2DN$&b{Yq?~*OsYVZ-55*o# zfo-hVvmkxwWv_iIJ+w7&^WHR%HMKvumR*0z&DOV6yj{jh5L>oKq}0$v#}1&|2X8E$ zw#koM?1yelByC1(Orw06CD8=%kz(Y1d_=fVL-0ILm-OA6(dH5gBBb;b7?k7kqU7=^ zC$pwPAp?84k7$zD4TTz07L_2w3jcbR0}JCBDkl-navLYo$n^@yI$n2;dS$ZypvVm- zbE1eKwm5dWsnp}##MYnFjW_aMnljnR5{DaO9Z$r7EYx=ovPS;7hi=4NfW^aP63G7k zSHt0OFxA`%#?lR?l9n$>E~46Xh_3Usa_oA6!w-27{}H;GV9*s}7#h6JlR0s$1V)#a zNP|-o&B>Pst`_O~%QsLy??Di`ii6XPrX8BMgDHkQe*X5@KEl2YzbfN2ywZ|^*tZ>{BEE5ji=shGF``o+KqM4mE>y6 z>`!f8f8o|=2>I4cd}rWn;}r@ErY~T8X9?=Ca*XRJB^(?KVhvw`-<(=QQm<2t`$ip_ zGQ6OiuCWY?+R(5tP-1=|vX!FxWmimuozIyD7bdArB^w{MR9lL!K*Be?YG03pWTNZM zDmJnsVv0M31DU~ts?GQ!vlrH)M{+z49|UFbxPWT)N6wJx9LtfBN=ZyT#l)E#w@X$SlN` zAJu`0|BDn6hdQ2-Uli$eCyXC4*&JLVEY~ih9dhK?2E4lJ(C!V>kO^YqNYlh!L<27% zkxmM2og~1juUe*>&y90swOYBaM-kt&OFDQgxs=>Y?Yr!ngsX6$YZ&YNWzOZb{NkKL ze;^OycM3^mpFNac)<#^#a}-E)vu2%8&I*a_)#o7(x3YXlbs`-*zZr+=OQa08ko$NC zR(^vgPME`CD2uRAO`oyis8`C-CV_x+O|v;pHyEQVDs?;gF8)0EV>b{X%2iWDDTYF^ zhDmWfWl&5-H`nou;VUs9K3>8vdgOZKMA39`Is_IbY{Z|NI)|i0=3JiEDRpx%#b9oj zpDemBg`;~+MTkuLyxrsN%TILSA{6YLFgu(6p0L+6h&;VH|HkPIY!qV(3>;wsz2@`e zQp>otkUsYNA2?KCf9`b2l*4~k5Id_w8Q%oq3L9X?sN(7dlen{ zhv1^)fG@MzhbiEsK3-d36-}O&wHx)_BeEeDRA%e5{y83FRJl7Aadmfn*>7Yt9jeHBY z%ZdWJJ9KX@bu&)Mu>&hs9{KvDk8mdqzpq*|FBl$Wb;7cAN+vtoIv!wRJi^(kZZLkf zN@xluaU5S2j3Vx21$&GMBI1@758ICWC2XD2$+*mo#%qM7mB*b!1+xjd_s+C6CA7`# z>?>ab$!{J{hlq5t3wU|L7A1u7s4O8Wj#XTBk{~M`sSIq$4!88YL-wrd!_?a8BvMtI zEwb2SW!qJ6U3LPuiXbN6RN@MiH7<5V4QESu4M>TUx~Pb_Lpov?P*4qrjNI(Bacc;3 zcuF%0lj+%f*XZlCfw8nZC3YJ?e*f=MrDEWJgUe(*&kSYf!QJKKjrhxiQK&1Xg-#e? zpUd1x7}a5Me=#L($>+^tDRMNWqTw1v*@S*!f#|LrLdSG3hW7 zf};~i;VM8>QchZ=@O)w8y5`Ez_OwM$Ne)UIdx`OFHe>xg1P+sO-z70g1mCs-V=da8>(6)%04Rr&Y)&_+;=$IBk#d+*fG^}?p0(&*(P{pd z2oNU^%r(8`JFD^o*p7U@rNWQpub1uH(DRb0N$Pa_z0m8RRNk1gsex8t@MD-iHZn=R zbk$OIgrX_TR`V=Wh;WF4G(^Y z^+qhMNz5INx2IR_gZupE1Jh{<%-Z#jVI&TZ^%X=$2nuYU)S1~8;(IG3-Ks3Ty^w|% z`b57-br!hl`MKl4z*PhjlS+0vix#cf`|XTrZP#8J1rIP@r*K31R|i6=k*LtdOVka@ zk|5bu#GNS$TSeL&fYZ%!)P zc6`;wrCeuz0gIn&L%O-J4n?!Xw_=>UkD(#o%)gAb|?LH+{L@Ye6F+mC-uKI*iHWS*v7n zqonS#Cz8z0OzbTBMp?1&J?w)pisZsBI|)^?f-SgR*TsSV-`FnlP4~amS*m+--%DP5 zxpRbX?wdN$r^N2GlQ(cSQyGPN*iQ9{5&HHQA%BX@QN&mM7#ba05TH<2#CBke3Sl9O z^h?;!*!gg#wT>D%rjW39WN%~~%G%1{kMkf)gN!uk@99)(q`$7(OzOEpJuIh3dtG7j zPGJ}jY?T?2M%-)IP0J9^%TTn{oxISVre@=`j%Ip#r5EAss0LUSj)E>OnSGZFaPZ0@ zZrrBSg8qniHFs+GMq#PUTdl0oeP@yfz&YU!FrG(XVg2#pHlK*I;)9t_Pc zsMY`tv#pMVB1L`QRl6QK=-0UOJET=Vc1OOUvLKTQX$9gY>wJ_GowSoVbi(g}H^T2L zuca@=! zve#BsKe9lJ9R&=e))%Q)XVPm^TNl|rq)d15A0W?|8j*f^J(4}w?Z!ut7jsUo_Gj#6 znK@^-`N)9C6Zw<|q^VD3gKI*Te8;|sYUz0ql*1%}U|!HSOu!Lx=>~HB3x5}+xUO*c ze*Moj-P=LrlF8a86PcLl_4mC`CU(=4bsI<64feu)+q1Ha!t_O+@k>%3c6G|x)RYu5 zP*4+ydyXfNf3lR~IN*Zy`wTXmv0Q9~RouT=O5{FP=;ZYn9_Jp7q~l)JiM*q&(7 z9C|lVjp=dn#V(~>1(uQb*hyh}j!qXv3@c*PbWAA*lz^kJXN4v7au&W^aC2I@V2k>T ztL`9lJsjJ9G=*l<=Nx4gKU3Qh6MgN`h3AtT#{^kQPDkX8rf&(GF*o*E0PE)}NDniX z^h#HKF3CDw-mtEbFaK`r$(Yw|7Bc^9PnLZ9&*r}^`gXt|ewu7$bQ384$Zt(72lfCH z^i-as5!U$?a1%BJ^+!0L8(?iiPP-Ba$=k?wgH@WsPCY^tnBBo$mc=PRw0AXLK-6Vq zPku!wi%4a)ZmvGAP{C&N8%FCjR+LrcxRe?qYh}>#8vRIVHDz=7D^>G*-a=xD@v;wr$a!<}R&Fj9 zzK1(8?CnY*9@&NK2=v|0no+*^(13j0r9sl2;q1cYL}ofB)EjylDhb>D3jwvx&m<6#x8z=P8Wl( zHmtO^7L2W!Rg7lql6Y@a%e7WWZG)eT4|+lEubF!_PCv+LX{K3nm9mo9zQGF#QYg8@pkk)c?`aiPXDj?2qSppo~-8EQncXxLQ?yiHo1b26LcY+6ZcZb0t zNMLYF2(a9H&fSOImwEi3roXPPuC8MJi4fw6`00L9_#A)j_rN}`7}dm5rrcB1$|V+D zAAuKkM5e5l;e_q;Kz2aiA;QFia!e&=aM;Hs0kn_-j=UM}yL~(cxVJlw)+QQ9#w*~C zY&fEI(jxMN-4>i<+Ftk%@9fcRa~Xq-cU}4f!38sS(ppc!u~K8exV7D5<_NUS>zlr3 z?+WwJlqmD8C-fOrq!s}$i7rd@wE*`zj$ja9nZ9_}PC>gc3{tH3r~Ut6pn)q z+NZrN!+M25I`JX8 zgznF$MHF;aTHo%c$M?z)%ue%zF?k163{5d~G-Y6}{zfoFt6qK5^(=Wo7`==qHb=Gz z6BH|336)f~YHuHQ#m;uYIIBbz28W1s|7xX~Q0IeW)YOvkG(_*XWKJPMJY=KF!e2D* zU8umqkSaf z*(!w4ZgK?y?yJF{V4-(#|J>-F|8e7Z&-3d8s^<&ezj|N8D zRJx48C?gpndPIo#I7RV<#Z3EL3A#y^iQ>evG6qHVkNvZ#Y2;!{6j%^${fszoXDduw zReqkA?UdJF0(WA5&I*5y&}LjR)Ftp723Lx*mO>0lu>No4%gFR?8?-o(=U%-hzS3+T@8g zYp=6|PJtdw$U2yUEQcb^JKKLh_=P{k^!;G8()7>JU_=5P%DC@i@DW?84uGR?jK@ru zYNQ*Qq-~eyxZD*ODHh&oTq0oz&6dlHGwq(fL8YEaj8cwf4uIq^!S8eLe4Fzd#t$*| zf1WekP{a4XaS{m%FO@hm2q2}kCW~c5PNF@Q^y-yy?x`?q62*?!*oK#>Y(~4b$3`xb zZ%sEbs~}TcKXi?uz14IXNrF?+OjCZdOxiVzI}~#;P231F^dTyIdw3QV=s0MrbQnrG z=)tf~ITZYjpGz9vMCYhIj+^eiUP&z+*AzchZ|L-MX7=|L3w}2AJ9g<}>iG^9ElLs@ z5rH%xD7r+K01hz(OW3kH6#u5d^Jk@4d21c-5w&9b?FNs=K7;m7^!1+amkeZ-{qzf& zAD)WS z{C4xG94gf$-^UigBvt%DnMb^-i?lfah-+gVFGO;yAd*QGtp)2>}T5#)3CTIJh&I~w_&Z3vbh!tLzaQ`y?w%r3b4UGw|= zwCAx0V`ewD!Mq*&;nG-jcaQ(T72#9taR25H&QDc@F^ynr~^uz)7$P|0Ist4UX zGF%PAv3SFsJUkORd1hoYCrDD%X7?+Y;zlcq**O2mM16#}v9~l5Xk!YGYpl9$EY>Ss zrN5cq`^Wu$wfEj$+~%m&pRc8%#I^cOLkXs}wz?w6u4a>l0mpD&=+Dd~+S}ll16`Rq z(b}DeDI{zkh;r;ZibzKWs0E7hsO2o-PD`Gv-dDn&e^C%Y1mJUSR}%U6G?hQPfpiXt z>yVBVKma7?gg6$3snAB)$ZKP`oa|Rfaq6maOvu6bohk(jU9+iW2M8*3JfCcFW-@Qz zK+B*fEXYWB|Cfn^M}1IQ3xm-&DG1GD+;0~X+VxDbs0e0gmD#;SpkZe;!_fDTUJVdc za~tZM!%^%>Qic@@*l;08EjbLj#VvuKBzo<*zXLgdPd*F|3_ETDLH-jQOvRC+7cwUL zr6OW%(XmYdeJhIyKE98cwtOMaCPVfs2dfq<_sXd`zqa@CeL?tYEF4tY1GAOaM~L{y zxyFXLZ==HJ(Bt@}ydG;i`1`09i)n%cq=fAqh~Z2>4Q}d$n-RE#Of6o0y;{TIc||aI zwKGgcmt2OKDJ&d=TmCZg$|AbgjAJ9>O+t%Rw330?)#`jq<5?IhMj^wQrL)nj3nZ@- z+pyryU=nuUv&EJ|)eDv2-vpXiWm@4G%^ge%acK=1 zIw$1#^*4f4jRUw~U;^RF*3-FCW5U+H0HO8mekXYD3ASCJpIX`3PgM41A*bYY#oG>$ z63xWMRg2dqg(OB*RGDLwh)l#3r*A;c9-cMye!hHjGH27VaK!5~`P|4RxH*J_<}jF! z<{)Y;H0+euiL8Jny-07>H%A32SDH|=c~_LnZ);PjMFm?<^4*a_?eHf@Q$wI*RUR1) z%^-PGkajBi%te?i)lv?f54NqHkyls{^~Rw{H`;Jd*v}L>bTMi=Nwbt5_GGebXs{-7 zi{W`$uSUz)cOl8E?M8k?76mxM*{;vQwc;6$@qXsjERgm|df!^b7WDQ^&_MdrGk~b@ z&)6^Tb*Ekeh786KSxl%_d%6@VF+Byf+I2EnaSL|F@9=C#ozJ7aPl8Ukp+8rARJ+*a zv+u``-H|??;y*^T``**P*&BZQ|CfVL2!?pxZ3xF)?^CVuKSAitV_VbW_P1q#BMM1( zo2mc$vtS>=^L7A(k=rEz5bxg=EpA(-15^AM=hbgfjJydVN1B4>z(kN`hf!qzDw{%9 zOPNgZgFa=XtO=+mpcH?!RN351iSu-gYs30FJrD>E@+2Fnm{6lT1{14J8C^MGlPez; zwRvz;rXhBPh~xCqJzFMnTUrgR;}WyKKDZ-i6{iR88q&`~3q60z#(TIi&qYq75@(t&;>_jb2T^M!^&$>4idyI*Dq(6n5K8n` zqJ8-rzr2vu0qyHgW1($_L+;5|dmOPqmZ8?Hl^M|N9Jd&(+fikqNyKRKj}{uf{oSs6 z)?GAUgz!=w6xDl+JJLlnOS%qw$-iG#FFYpdvUn!$`%>Hq9)ojP=IS`oWx(AJ3&q>G z4{smHn}*8{AVxJ3D5?)Ir?MKTzX1ypu`vP*@g2G`bqcS%O8nUy+^j4Qs-9Hfb5{jl z(kUobG8v&U#PDGB1U$D6m2y)~i;h`AF(sV-vRS_Qu{+l8t+FM$rl114?YkFcgU1DF zcWZ<>-QCF0Q|^ByF*E8x_*=n_<9Xp~4B@n%a2!lxDr`_88B;U@>H`NzipJuy%#rKF z-s5ez$EoP(fUq=-;|yUsl_8(~S$jOtq0Z?BwXJa@W;B&tvW17mBcVmcpJv(9WmF`7 z(?SX}V@!R>CAO*x_L+(~yrzWyFX$@?joc>8z3tA?mYGCM0wK38H8TGK0$|0#GM@DR z-bIW;_IOW!@&3}45l1Ii;((`H_y!ZE$QpP+ymFz;cjU_}ISxhJ|4!fxY%HVOPFJ6z z@7fmsvFKDSZvI@r_HVyZWCXA8Z-*wi#s7AS&mYn5&rb2#F5aNG9xCpQ%QNeFar>VW zctqP=Y3o(7r>bP`h-+w*^gG%a5G`uS$jO~SZ;6L}kyoQm`J8}aoI5L|pKdHIN_OT} zKZ~2*4IzSHl4L_HQWbGR$f&Xv{3oe?U|ozU%ZegKQzgr4*lvSt4_P3T%jD(|5G_rj zOkoe!QEkQ>yX!c=B}-I88rWzw+3e)k5y;yotqD)o*Y|Iw3x`ZnPh18Ps_E(fS?Wuf z-=Y}->Si4a5RfVTq_c-TWjgaj-C-`e%aF4GS@bmXW3+?B?Q8GJB0S4$ z9a3JvS`c*b!{$dDedatdL%52*_*R_4>hRc%Hybz5q)xVVeC{ycFMf{We_@4aW`GK7 zGt^kna zKSgPo!1O5_j)@3g9kLf_{-uzdI)Z~|7`s!d;XSApY2xTaNHMr5b}~g^m{|?(j>o2= z?VfxtrpyLkJj1pd{wWn$7>0y^T%c*`PfartfkG!#z=Nn$i&G){QrHTL8Yr7-x6WPC z9;xYvf?D#&qwWhAJSX7*~@p}OXtEEj0r9^Ir(! z0#l^)ndGUflOD~vmEsH4CcP7=ypj9k#>^YMZ%rv zvfX$eg@l0^O*qq{ez@k07b%2NNi34_?`KI1j=`GgSX&iHgV+)|58SUKPw`&ck++6K zx9=)}J&;@fgRK6iXduAu0jKVxhDX;FgDir|gSVp5C)AG) zzrv}Jkx`K+W2PuBF(o&|O^aSpaTO?-28XwPNK%iNxlX{0!eVx z=~C0Q=p&g!ICAS5^t*X>`_dK%7&W1PMYWq`|9j>|H=l4bSUBVSauWLuVTMmAv_B9x z#TI7@z4vZF48l)8PKOJ!ka}Gh18-2msR>-u{V?Z9(Z#(mm?RZg*Elbu zQW~LM*oi34#U{+2a6U=bdJhQzSs2GidqM5=8lGMKmS(CYpH$aSpCae0z5EKLNB3DK z*n~4vU2|&8_wGnYQ^IJtbUHQ})yZ56-DvKMTbEkQ|7W zTmv&f7a>q_>SzEq%D_Hikt+?MjddhaOtw-pM|e>d3mEX9o``ps=(gGY=-sZYh-w8NKo>wjD)@0e}ZA*u|} zZHsT~R0Trz$hy6c5x<1fF+9lu>5{1tEON+!oJkec{fUGJT@X>IHIe(j*8mNL*V(AU#2CVo6thoiqO z51Hp9u;QhaAnXU-*lYiHq5_YN!OtA}KO4Pn49(xnZu7n?Qr$1~TA<)E6(r73w}fN& z9cvWjCGluOOKHRXgt15nY7anJp6a2deQwgstsB(i z5v7M3?ZS_W>wsI9_ieynJIt0|uIt1QZ(D3hkX`OE_v=FygkpzCCu+x@8{F=D9-j?W zSkF!bJug5eL|gae`2iOb9zDzgt*&JR;1IJ5uW-TnmAyRCA{E5WcJ4q2l_ra+Cf_wm zC*xZI2^1^x?U3W?sCXu_nLp(HG@vgITDUONAus_7ZJo>y)v_S(b4QyrPjaAzA!)N# z7uQcgXz81sw}eN`!OaSXUl^>rKyGEqjwKPpFLb%nbwnV%b%nL#2zS1k1ji+>RE+MvVL(M`(aVj2n@AJCpk7gxijwMp6- z+eFm;+=s&bTE}8%Yc9#G%R>VNyPQy)iGZFMQ>-MkKkUv5(is+7T={6po7V6H&s^df zK{iM_o1w$v_H}zrI9RF6WOSd$C~Sh4rG@V)Yy&w$HR6AU2TW)D#s#=_5aJUEf*FdYqn==t6G%O>&CWnMC9%}9yG z3ZRUp_6%p{)k+~9e3PP^V->t*8q9Gwge86*B1)Se%7>zaZX_YL)PovLC6;3;yG$sV zlJ;+Bx0vL$6+AwKrwPl`p&y46;!j}HW5{3ZDYqArJ(AT7ZRUu!(%{lEfx#r3vG4IG zGc@}x9qw}ZJ8YFq)}ZXd8X+hGl(n8prto!)dIpEP12|v&s(p0x>AkVM7wW6M!<>dx zTlV9$|IB4X`=5>Tjg{LAKJwW%vm%87j^(Fc$`%;1@Dx0{=tZHJm?;w52=t&8gj!K=5yj+wi8Qo$aGb$*Q z0mM#^i2(nCoqqFO<5h@LgXeDVuk_!bJ@4z(gBidU$8w1u+}1AmeCkVY43&JGElz=U zxnj=D$4-rffs6SA?9O;eaedc_Fm@(yJLBw`gu!I-^t&{w(=dS$JnEpqvj;q#gYiEd z=FpYJ@vHls;kU;8sagE!$5XETF;K5)Hq)~$)<9%?cZs!n-Fl8~__ZsL40o9jAF0H50Mtvs=n6Eri| z9cfOlYeYl{iq;%H?(2=<9+SF4$OfYhoLbzuQGt0O1h>;C33W3SNB|eR>JkLlUne_& z0!I(TSr4%wKE&GqKGn6!9rI*BQJVufnuj(`b~n~5lpmL}f|dbJ+F5c`A(Wkja({vvi!fFpj$Rn7QMPI$__`7czOL;asX^-HlPfZ?_KP zbl{~`T;=k^_R^iFiu46uRax1iI=rFE?h6InVBMl#dm7&P(5=z(Ev5VFJ!EPZhm`yL z*Vgu=Z5CE^E8mPAH}mV~Z$|qO9#(}QA>nvG?yCU=2Hb-%vFM06-Rki1C1DkQ`d@Jq zmvtNN)Z?he9oja8VnC#?a*}~vjm39po-ipc3gy?9Wb8E1n%?1u zq;Tq4I>D3`3qdth{%~u#R}qCI3oS;CNe3@Sk^D9Jiu6OPKEpWzh8zT(3JCeM-IsW%D$e24Uu>6W=UecKI)Xcy|WBkojikwcSKp z|A>zP?=VdQ&-{^my2)hGpYwMcJhJq&EpApllH132NXVMlGi0Zk<`X}THh%SH*XSyf_F1Ik zeJBd27P1S*Du*md4he_R97>`dEO)MfsNMDdA|c)(IBLYBDt~VWf$5;JJ2p*9Rt+mv z9&g!6A_#Jr{)!UzwQ+)ul9Sn1p@alL$UQl;_Vo&hZs*xvH6;WjP1#~;1DWVRFr+q( zXJTYL%d+9_TgUfga|xpdw|9jV3VzYh^AeRtDi+g%I38&C2u)1`Agp9CL-XX?fVV8$ z`49?U5==c1D(qWmi-0~2n|l+V?-;Jx>803>*SJ)KOHCd$_cg)z<3+pacPBj3UG6X- z(0ONxASzcr5mT}?t4^<4S=_51xfSoy0L zuh(GbBt60xIt#O<9$Uz4swCW~oR2y;5Cj-Mr3>^UFr-dPVZ(g(&2O@tB*0;s9^+9e z?G=%iKjLdu2V99(=ov=PRB?NJkeea%raz`?x0}YbrqJD9){+%2AWUSQ!K&3QJon3H z7!wwO7KsP{$*gfuYXNz!_1SN*bV~VHI#YOHLm2uZaO}#Zy?k`*`CDhLL#saP(`eF3 z&xw&=x|UAADO}&P@!pU~z^Q$@$bW}$JNhES|LqF1slvfn0XODf{;iyfyzKHw(1nW= znAE$)halM?wZ*oFFe85A@0xrG`_wb$JIHYQCVLA=k-kIMybkfBjZi$oePD2ss}pp1 zu)HGS2&5$8XKwLO83lr@<>B&XG`1{e2s&&=C(l*|GW$!5d6trv+Fjgwyr7||fIOAJ ztW3}>e;SM4e5LCaQf5LN=C*R^!6!;<5#Dq#+(5MnW!km^e_UbN<1+u=2)^W`Tp&~8 zKqA6;{5vWYtcJWC>B6*K@p)P9J_OW}kgr@D!SylxbH;4&_XRycXCu+8XP>H0H-OdG zw~KMYq!1Y`7A_0N3NBq<2M}f2uF>UetKYoWs`n%sW{UsJ8zlvfdQaac3?oF6#I?_}W2RxBy z@(|0g{cvE-B9)vv+SX*@;K=>D7Ph)5w+a9)cOU~R%6`E&-wEc*%}mqi<4*K2q3 zs$G)$)~VJO1N@BJuf4tB-lpGP*VX$)FB^M)APvwzsCCw+rzyDvp2}n%sl3n27|qRy z)PIMn|6d4Hk%MTX{l8=O{c*78I>Wrr=y9R(3j(7N=eUhb>(j5KhO-I3wtHf!ZqZ~s z?q1;A)=ZYe>C4j%_%`SWTh$AfonPp*fDGzgF57o*>WFt>tU7BnkEaQ z3r*t=XX>^WHA@gUfZ&3px<{YFJ@7dhrX(Tpo(am2eAiC z>E(u%E5Ke9VbFbT-oz#*?1c=G9}#HX`M&R%319|XJaD6-mJdz5@a+f-#w+PI z2X`xX#B<|gf?2r9se1*&LGPE`MvQ^))RZUY6CF4kK!ES`tJCQoos+{evEybxV@GFc zZ{SC$2jf}t`)wGL?KH6lL^gH1^%`SMNa41RYx^tCx?F~=!|A%DRNQU{2?Q{8374$- zYY2Cn5~{OC+4P;Q{lP&e`VyW5A~`_pgg5@%*DJ31FNMcO_XZ(GulLxaWxVqF-Hq46 zZZIRFDD`ljl*S@qcjDqv0~#5S>@ZuiHpxc=E0ik7OYfFFq}_^LYmm=%d%?9=dr_W1 zHe5zt=ud-5LUx7Z3FtOy6uFGz$_^r3FO+EHSWK!?ab>Sgb@u}6ga)f-M~C_;%Ms5( z9XwRK+DD#cw^mK}m{MX!?20!EEHl=Or6CmTBGnJQq?B%&IS|ngjMiIIeTr=3~}jkXYZq z0;_Kj(@dsu1GxUG*mEH*SOwB~{Ie1Yy0{q=5@lh=u_pKhkzSH_X|Tj!w!UFl5#O9b z6`>dm^cn!uwvnV!(e5OKf|y2Mwt$I86-t!eI|TDXkw(w{E9wL(8)qwYY0GV}$C;+> zTEvK~r55cB{ohb=yQb%R=|=^vQnRc-`05FcV@5AkYGw&WKI6j7=7C-k@d<->fkDuu zdmO<;Psdd(I>D!T@5IEL`azy`;jOl|Zj9)X^yFQbWXWVp#rUdJUtg#Wp(5Zz@=wHr ziu|)n$(li-09tf8q!_8m`kC7jBzRSR6PDLE#yFbo&%8#DaAW9Vc(YeY?oBG*3wXVY zBE}zPo@*A>wltkuPrSvb0K$TMt=QX%HK8of`asF|Bh_cbq?fE%G{xuA#~HJU-VksK zN|<#_35=BJ-e}G2oARq41l9scGNiq2b!7}EJE30p%8yR~#(X{#J*0_#P=k=L zz440*5^+#kkSSZ#?jxM2(jK}qeQIkYHdO%8)iz+3Ukf`8w}Z%E+Vww zat}tBeaFjDn%hyk)PdZxz%>Z{KJvi#l9*3@fiTd%m>g9^8{IF%ACQ6kD~Z;46Y`|_ zL%8B0Up05e4VZ9{02~aG#fs{KxX)qbK6Dazs(4j>HJTC-(AZL`^$eTRHg)f#4hgc# zbvfW^9K5n3k*ViHofkgPd2sh4z)_?~US+pvLpBsbS@G*imPJSoJDoYt{Kuy@o@;{)kD^fgO#5@SmgE6+T~Ug55=Zlrgl&G{|oR1amMJw{6Y4+-+B%@ zSOyTr>%z2PO>!k0=^{7*>cve3Kuzokw{QxlQX7K#b~@~DN$Q6JnMSC{jiVqH<8WWQ z-B!QAcBrK%%nN6^ei&Fu^yu3}L@!$|3`~q+7^LP&5qJ$mguA$!hwJ&QcqOAk$nt`l z_`gQMo&=U~{#DZrDkSBBTnx^p)Er^{Brfh+}+R~jnF zBZH^hNEk#vV|e)b;xpN=-MQ{v*qX4jgd3ck3Dus#5_pf4x8rP9K|r*Ne|8!!;Y#Q5Vje2nPiORz2u zDlDlpO?zYeO9MlnUxnjFGhLU&y6}uMxfR93U4=%?&lRJMFHs%)6^~vtzU=Y7Yp*BZ zZ}u6}IX?LH7rYcq60BLblwRfolZP-bQ1;w!R#WceHJpi(u~s&W${1Fz9k4Q>VW_Mr z^EGXtuh`Re&rH;FRaL+jA|>>1(KuIy(>7#5UKT`(R1RdkaXae8-g*<0gv)^!pF`%$1wBbg9^BRflQVmR0_$f9PZDa#fuLzB|#_3Q+ z%g>`8QOOf}h^C)IbX|v0KtPa(?sIt?B;xB|`^0>4dxy#`+ zF}PO$JuClLj`4j|2Hs@?6nN2lA@W)+B2G{BP0hP%R!?HoGPxaF{nu2LtZOaBq#M+* zCMxXFZ_xGNnupinY$fAZ$-Cpd6-EPc3Pq$1A015@GV5IPo@9i3$LSFEFzl1ldw75b z{Rjtm6|+jno}h|+vCo>Oa}~B3dV2=w`ZxfH*C&g5o6G;DsV8Hpx#m)jbUL08*{pB(*_m+-VP4THyWx*7%j|Ds`?(I;r=kurmEM zm>PjZ@PL_s?jIZb4*kt9f%bzCuU@EHIQE;l@nV`t6wXjSPcj$_FW53_uw2eeFccJf zKz81aYY1kiL3u(V8!DeYRP}J5%+qbI`GVsYTyh-nLFJQ{Bc%`xk|N(-b>_}SfrA}V zKbIdou7qC4o);++X^wrRP|1=wOcuZTrUl}+or1FA0xrIM^ZOfK)ErQ(G?N(JTsL0R zPWH|9wvWen2m(g>b71b=)0{ILHMl=k4|ZoRv}Ei+!ZPKK)E^U63!qh>IDn9Et@Si-cu*oQyh^a75xIZBj z6^>jwsSCW@L$~fwBuT6ty<0nhLDwo zDPorC#xz_pyQ4giDXC9TLCAG`U*SQk`ZAdS@kS6^R4;8b)1st(&wbF0Dk*$J+) z9Vp_ijH2H%Y2AJ$)+{W9`#5?yA_=!4BA8##qUt5@pL#BA{rt(q7^g|ohrJ-)twRYp z<81TAhQAvtE!|r)ZJX2y=jFKk*;HHkWvTl+*1T>DXVa3p+*gV$y@+k$5_x_bDhECi z-n3xba=})Bq8`Xz!T+H2DbZN}>_9!UX+g8)NhoI1M8v%tg^LSC^hJuWoFLF=mXh~2 zym8^}C@Lswws;%+QCNF8gR$u_AL9lto$~pu{!lN8A?dNgn3+PeEm8X$^ z_1M}WN%)?&xSQnVILtpe{jw-(iJ8&COTDOuLOX+#sczI5K&epf1O^5Po&~ z1rjjvrBL#sPf6=l<2yL57iym>n3M$Z+^64%Ut`NEImY{1Gv@sNG%7LUPhO~C{|hkEJ78?F(B-#&OJwJP zQolwHbU-B35Wg~qS49hkUqm7CLP5IzX0E@(GnKHqq`)Je!Kl=FUb(KcYx z!50a8rW^LckFEGbGj9_d;YT8S=O@qRq7>d5qU^x{VZ^=ASpY+I7>+>JU|Zr zOFKOCNlyEK8aBIH+exBzuJTXw!)G%GFd2XAzmbO5F;#f6tGXA`N6kC zAUs62kyTAN9$3`W?D#x))W|Ui#6es9E(d){U{9`1i1bPrbmMY?xsmYv^)>fyCV&`% zER(fKqa-QI)wCi<^wf%GphsQ$zh7UjX()GfWxSSYf z8p4tL(UMC+3nurhBb{WQ81xCUE5#>;O_w(Se|!}~oq;*!d)TO=c@wsXN6l>4taTm_ zi57V-t6q#~)f+n}b-LCy0!fyF{Cn`S>a%~?D;|~Z^`Htw zSBEK5S>zP$Rux+pq3Py`Ra8JP{cI7-`ce3I>6@Qsyg)@LA^lZ0EuPfaXmZ8EO5Us2 zCnpQ{@nGKhlu--Uwnn+?l=t7Y?)^;Ge<_=PU3m-9b015_Z}(_>cNLkr&`zd8TWgg- zgTZj0mJE9v?g4$e@Y`tWcBj2~CXiQAr4f(QTCrH3IlXr0d%ON^9?TK%vu-U}xgVC| zyHdGxroKRUkkVN6J|0A|yHw|Feun822U|W9tZx!2chtWFp#^gdl|N5Y2ea^)nJJqm z@g9o~#XELlzxZ02>-a~i%>U)Okvn?s`_EnSd}iqX?fA{fSm97wnrJfz$H_VH|#(qk8u zhD>`y0H}Mxt(ek0X6ide`a^cG59RkA673qBoQsEe8I~74Rh3g3q4NNbkoOrMwyy>iJFtPN%sN-h6P(%Zu=gK$s1akh6?_vHjP%uTnRW1s-AUzUENMGNnvgcAf`Ht`6wy=DxaJ~-s z+m7S?L}>*oAN&k;Av7VI-?65kzgXVaCjof=Wg#V-J?a`XnfQVSUwVEoGOmDR87ED9T=w55&>E-mOI` zA5_8^u=X447PauWay>_e!P|KtE(XDeGiv`|9{~s=Kkv+n+ZuLx|3gk{%yNVW{#QA7 zvTh!RzWJr+&9ENL{|t?dcjKs-n*sRNU(Be^aB9vichy77%FZ6`kq8`nLlZ$ZRNPXK8wsKYaE@fx!ItouK&mIF?ZWDsX?_CQ#~6XB`KVp0@`vkq zp%_mI(`9Q%BgJZjAv)`C5@5;%Kfu0aGS8m)gtDhPbfY&r`u25WPr zjC}Q{n4oFr`oe|I;va93z!Oir5GB)td%2AT`z5HWRVMR0EdKxjMtZDVv^=UkVByL9 z;Cm14uztPA_^r8V+aC7~lB(4YK#WcxuEZ{YBWrP( z&hqOms+jjIQQp>G^D1)T7Dti0yuQ9>`b+B5<7&FZ_uJaN0ldDu&2_eWubMs1|KldJ zIsU6o_`^j=J`!E{IRN&RWSVb43iaeP^Sq0PpHHa>JSEdW6nEwHMbrkfR_c%K; z^nRN9iho&4xlWk2l3aoUxxlUQ-WwVDtM!7LTS-jO(#5#9!F^F<;NInmqCmO=$leX-$qTi15; zXXVoY@D958txq6T5XhPA(~ZNU(9YsZpJin?tY}gY*|Gf5k;qS&M(^Eo?@6^-C3t!EqwD|(cChNLrJ$kkd8l(ns6^`1+*^9$)CV|?-zUut$cJUYh(QUH@WEdoi^pqzA#iFx!TP!fsg&+&bz+~nH={gzdL6BZ%#c?{6A7AU-`G> zVd|H^=8s)Gy)e@mvq*G6q&i)D>~^Z9G%`A8NAfTBjbsM~rTM3yDJ=M2djW9XzGwv< zHFyjsx#C==y}9xiNwiQ7X7yNXNr8p-N>qz)0kDpeVzQa2qNJRFwg5=GR)k*by5WFV zs>(8$4H^D!Ra_gq1u4{e{-Achf;wiXc24#*A!*Wcc)JT!#LjtaPvqoI%8tLBKj$j% zAis2Qi?BsP zY>V7z>cW_9=T(=9_D~>1Q0vmb>~p&)wP_ykoA*Oq;ta0(if%}kgwWlsTiD2?#PyOs zB(8e7^q3USw1S!&CK#?*_b!o+#><_x9J({n2L3XFyc4DHH+Md>lilwRr!1U@9Bo!y zQL0rVv5OUkG1d9@rb8lPbJ{wt0{iIsg)Z?5hT!_5@Z}Wk(Y<0Pg_z$E$bkV{zPPf$ ztg#>KLigV-woiAp0j%x5Z;uiig{Eo=*v)qA*J_hjt^P7xkJ~0iC0Wc z8b|7~pNrM?8+fvBw?j}&?l`WjT?lgf6oxG8(ov~gUD{0$)`Y1H-WI5hPRHoXbS`Cv z&TK6Xrafn(EcEp6w;J+({i8?ntv0lh8ld^&2043oD6bB%#VgVmHS%ViRYZSej@lJ= zb|VzzBdqV=piHwFJLD**v-lvcsz$h3G4kI;@AUEpeEAr^E>cDO;yZqAwrgUn1D^yb zj-EmlEK6mPLN<%({^&tjyPjNL{l`CtELnQ*kXet-&IdIgjhKZ$T|t!qLR})eF}98J z#0-lB*O&8kFR|V6%aF|bv3ci7Ms0VNPuE|jmj4L&?Fz&$OaH5(={KSb(|O7kdHYwf z_wly(gLU&yD{wPeoxHl9a>MXb*2?-(&;eQqADcLXcI>@3YNhtv&!dFV0ERiXXT`S_s-m6v_)yC27HZr$oL!=ib&0v zghN@9U~|c{y*Gd*))uxui6RFobztgPFhCSt=X~jp>DXI73W$B6j1mb=-yR{;yE_mT zEG`jE*%G`x^KEG%?D~ke>MGcdc+P8pD;bl>OT}z5k9oWOJI(t=M&!+uIqFceUc#ak zs@0IFkklmpkB)o9`M(E7A{^6e*$8d6)R*xPE-y6fZ)i_gq>TFL_N^34?}i~%FmD+w zagwyDaflS3mv;2>`>7z3ugTbmU&UO8c5y}4{Nhl{RuQYuH+o4byIPRb$`)p;o#P%2B1P*hnww#rS$bwKc#lafZ)Om8Hp+L4Rd8U=t-q^sx@!a!8lXrvti8 zq)(IQH&6+G_?2f`{d+mIcUfoBKKRo2=27##yY9cj0PD5?7jQfGJ=}^MVa@sSDGQpm z1+QM3c$N_@!X6XQG{Jy=-l^)_x7Q#+X=*mG3bO_4Uv+))^@TsJQ{CX^j3~c9H61Ov zLgl?-5JaY$J|z>f6Ryet)C@fQN(|QjqtUlB=gxh2oYj4)3p#FMo)HgIaw1kr<4Y_NC>T%k5z_vd1Mhf)al$fvx`S_d4W4_p9 zRQrcjl;~-tpxqXFwj!HlT@7n7_f074}Ci7Nsm#_#JMWXaVXOGnX57A zq^TE%ewk&TR)Pz=w%ud;DS{FXSub$qJz>m(dPt)CN=Y_pCriXtW{bj}3=!eye8Sy% zb7cn_gA)yv)l&uHr8A~+USKTo*Wv&Wnxj2LGXj3@29nrHWl=nPL#L4J-esg$sj7p- zWuu(S#S9=fb@|VPR$Ql@0 z#Mx;TFWi3#-fP?Rv+gMV+}s1R?fl(C0m)QFdQf(*C9VAwzOoL_LiFK{2rk0Adxg3H zKEHX-mu`mPm91&Be}}OGl08cTzPr5ges1nFqkb{n93vKKQcv$W`#(m~mdM1ivh0px zGj}5>GiQdg-QuSMdJKySsH>(?(Oi47KL4wqi&q-o5BAvaRCZEv8uR7r%q=-udODac zQ(NbfVXc!68n^`iwk(Rh^5$?YVWRs{FoGSAmbkU;v+m&q9^r@H%Bf)F5ay7MR-O^A z?xMH6n>AGHAvi0G?*;vVDWVVaFbEN(1h9Bgktx)dp==8kdQhC!sH|+LLTm|}nS}5c zm3aFs@AvH6&o@w=`|(bL2r>;%iAsnqMKoCA6iSf#@JBNZUh8W1oXGpiN@n`hpX7?@ z2jKDTj}aU=NVmy3)?TGAu77)n(@cPA@X0@dbDs79ioh5ce2H5sFpTPZ1c9P3VI<1c+$D&rgq3;dJx9HNzZCt*C4N4_R*& z)dtjN4dd=w+$ru>+_gA`;_kuS-Q9}27q{T9h2oyzP&8PfK#P5u|9@vLW^Qtwtd(=l ze)hBFpCCw_-&B%N_^GwQLAIA3xW*)mPV2=KXXQl1vOyT?uH*Sjhl28-SA{~z4@W#h zh3Z>{Y_Y^fwsCdw$AGV%Be-@Ft+1k>uFMYsEV#&IWl1EkSMI14tZ;P6DuW-sFC2gJ zQBFH$iAtRUD(Q9(!C-132|GOU@>$C3<`rn?xQ>>CZ*PFcLXP8bv9jepCE!pFDI`*r z=oJKg^~KfYgn_>vXr(LSWd4DYF#rT6Dc_Cj>>*LG_$i*=A25O zdU%5PLuIw|QxI%&KM&St^o&LuEN4@SIumIcdc)E#*2u^&36UvuE>VnKtFYdy(cE(0 z&y^faLz$bN`qky^-3*{fw~bp7t~Pnrb(}FpYlXxOSU2R3%GW+%^G}7cS?>ii6q*IE z1I?+9U@d7D@-3<0r}HW{hrHVbw3hr)@(Zp!EzohH)v2Dev1UN+7)9iI zkpx=nYFiOc4V2#Nr~~CX2i%dza&MxkiIjwND1U-P{HcqdLhXzvj64TEoq1)-xx{W> zXg@oB?<$cRacoGGI&C4~p=f&U(>Nj7#na&X%k_uT%SoseL+$>LH&{-*6)|;*?LaAR z?3<)b2SG=putSpY5?_QOLONSiDqLKue75u={+LwZXyZroZ<)Xlu|?deWFwFoe_03c zm@df-+v!q`u;<%N$8!;6zzv5 zEd75uVUQKXj~qTPMU%0CJ$EvdH|v$y)n zS}ep{tbHtz{qu1zpN?G#VeBnG{Ewl0_3dP~c;s6nQn2ejxaDcwwrryr@o#ieWoAu` zD=+zO8$(CAySx)>zL_gj=UT71G1-(bvYV_=9m^q-vb_nBtYpPrUb_Q$VNnPr)ra`B zZjNR7G>(2-WG?6f;J^oA-p`&%=T(--!i^B|=3#3-9O5nI$*$Rz_`HeU&*!Jmt42(W z5sDkQ$_+p`yK2p|=&b+Q(f}jC+%*rO`o2*p&tRs2=KYLS@e_1i0nKY_VPs#`qeh%q z1d6$g%ccE72kfd-Z^&U}a*<2kc(zpKD-skI5`6RyzetYgJ4#;H05JtD$(DEwEA&pX z)$>%|30wxN)XE-4($QRCChoY3q!PoRgd6$QE;m1kTyz$$^%%V=Xp)#=+?C^hw$-Jm zmtreX%Gv`4^yO_5 zJ?_c(?L&o&0t=Fc%uI}m7FKbI$tNV(6^DMp8a0@iOQ2h1n%^Su&H;p}dJ(d7j&&s5 zll|<1kt$AfED4ZMkXsx*Ze*tJ;C>&tG*N4+>w~Uu*X0#_`7*p(iLB&Gz|i+lXVu(! zUKk~upa|%HfszVVF#lNNT+wSXzi`WoSgb$w6<&jm4obMRv5tNC;NWxUArS#s|$H&HlHp}|*VrnZJlla1;M-o>nS zTpl)1v*)Gj0ZBgp)?dSb${~YApS*WdTK$he7uOS=gMXTyuI58@&gB2gd;4GJkK8Gd z|5kxH`iFm<7QahN0R}%)3?|4WAh9#?v!G!EJuWjgrwM=gF*%e9wD~x<+2k+HVXo*R zdK#Mh29g{4Tn&q1Z>8uJHsee}O&?DT)g4Ni3@x`J?ley6-V)alI3@n@nKm#eTLlQ6 z;AaO$k&?4}+iY0&07Vngd{^I%e=EW$TZ9+mr);U4qn%2YR=m0ib3~Hc0W`4fY3yrxoWu)G z6B+jWV1aSGm|6ou76So8jI0*{Ks3sD7^>`e64c&k1=oww{N|vtsElv3Qtw;N7<1QQ z7Sh_N80zYl;8Q-vYLE7;@Jy0({cr>2DFhl7l%%mYW4u;2sof!%Z}p-Ge;S2*9QYM; zpMr`%TUyjMa%O&1&WZGvz35s_Vy88$fhDruj{U=eoYJlm?(<#Qj2aj4eT!2#2V9lB z(%GvDui%ByQaBQU!@s6KM0tjM8O77$ z9O$C@BAooAGkX333qlV3R_s!aVCT;gPj*b8w(*F()kHq#h(M(Zzo#A@wo~-KM*iMJ z8tOXY^{U}tNTN{Bemmp!$_YEiTn>&)ia4OlzFfMMTGwCU$WrHSEGdS8*RO~4n)=Y^ zO?MJb>T?oo8q-j;ISPDT6YZqnpJ6+&kI4Ipn=jv_7xiRsJ`iYupq6378Bv2-yy*NXQIxUWUtAga&W(#vzQ_1O5squht*e3gsoSuv;)AOGnfXMJYiKlY) z14D_Y&J&)yj#Zb;|6U(q98vr?!}y1SW(+mtUGUxe8NBnNTx|9GJ6blHZWUj8gTGXF zq&H-Z!!xv@9@;tq?Jn?0V@*s_KlrF;6lY7Z5_6Z5ACYJG>aJfKp=vPy+Xbl#27%-E zYs|8A==nC1vm>UnY8beo+FPPnLl7^0#SGEdj;Ud2y6W(53*d;{jBc&v3v!Ta#{%IZ z+u?S1zsH0;cWc*YY!i zpPn+d)~IPVvwZwBC(YH6geJXt0$(rs_#CAUQQgxF{+t}6YI;E zeWrgJrvtYHS)u)58<#@&Z~j+eEp${8l_R(i6Bfq7=YZPt+(RvA@kjhqrbYY532tt_ z$l6+Fl*&>>8qUz+Paa&?CF6E{{xeu+$zi})@#HY?P4r7xLE+bP?!H9(kMITv^MBdm zoP643_oH)E#+GH&i;uidbD4+Scin9tY_HcI%nx|xFc{)Q%YSAr!djLOdOTSR9UNHu zes2%YJkl<5?ZLdH?EUjW@Ej+}Swj!ABZ4@r6`_DN(Zqwd>t+Sh3LV)iQ{E=PD|DBt z0b5Me7@z|0w9llegv!n8$R@_vCSljfUVgA*hiQQ%bkDVLrN(r7y|?DwD;?84TBHuk zoQR$qIX1V*{4$=>G?`9%xH`!$Q)kAf1#6wcd#0k%GCu-peGCDP1)Wd~*B2LPlA~rW zExfUyRZ~hSI?CW6Ane`Kxcx0BsH^~HT5n*+{ywR7b-m8lFXUEsB{WCbk5tFeggZB>X6+xHKl?3xCVLFqepK$cUP*BVENzy6uJD#v7|6$r!hoI5kGUa(N+w z8gIgRxIS+e_BHnv?AhrKg^o>h9DbPAnG6O|tPBTrm3+L>(G#~1(DJPHUH@4l8_Ms& z`TsNE?)=Yy` z4SgX*7{JB?9p{#7Z7TBM&Zh zuMDvUUNIRRuF^|VS;k2RER3YqY-2BcIAlPp#wwd8?Bhtr~4;@ns4E)1RYs3!%Rc? zsv7FsFuV=i!P|uz_!&0C2$fj6#f|(YI=)ONMV&k~ohLZqN@s@OIH;u!Kv`~OGOW&2 z+3HOO5}nBd1MTcKl9$a>8YY?OzZ$lN^Q9nJgjJS{lCylXlHm(bp3Oaf-b$ko)GVg_jo@PHcWM+xLpXIMd0*g3;vujxYFdJaaI%j6`f zP)ISlr%zZ+bZIrCvL51C`PYN0*+}&FzX4{nfj5`e5yTt8;Hu~fTh6rw(hy~4=bwbptes#9c?C0xl!mS)Ru zR^1dMpI5P`f9vm*5`8cK-};s9KkL{3Nx1rZO-VB*Rs4LEEzox&<|5ngj82=i7~7o8 zk8X{KDgtxb4}Q3y>jbI{5Ouo=u+~jafzbqay(F9m@4R2;(4pF*8H7l9hi8$v)o2KD zC?kAB+(S_nBb+q}HNGUFx-_%20B$4vhKOX282plZs61!{z`++UO(GYqVm0|aZ8H?; zVRvCmv{3XDz3&>ivpkjm<^GV^?6!|m62-Is=Cg*XWXk6mCrqs3k0kNtW8JV_++C=q9SmFGnGv7*qu9WiE zJ=mk=<-TUyM1Z2{#p24R{ZTMADSzO-)5-oyn@KoGYCc@CH?h^q6aT(QVOU!xH1D^6 zloncMVge|F9^IBP&nYoUkehooS_|5?A&kpr5n*j>5BW?vp$CKO}0J)Yq ze3$%8eq>kW2OxhgIb-AYWUFlCbIo=s?(KXjYgW4f&a)Swa4@V+fzpM8%IMf8u});o z!VbGlr1m5@^m6V{2d1@`*ues>XNsFoG=Arb(zD4R40LX7Cjlf$vc&3~%wY$7fpX?a zwa=6?0Vf=uCb+nFA)SN0=^_n6qRyCh7Q0cz>#4$j5@V{}!gftO>7CoPym!}e-kxpD z`xk)=KN(`g^$OrG^M$>oO-(n0fJXU`N<}+ji1Xt@_xqz;^fn6 z&9!BPX!&Vc4u%Q{Q?bn!EhXy^6MSl)Jw!3Fbzj(Imrc7bzDos3n^c?7*uN7X&{V8v zYt%E~!X4X;W26AzH_MDnP?=%Ifw6>A>TsDlT;wtVI5oXwO7GMwV?w@xE0ptmmepo3 z;Oc-|J&7*N!LCc2g6BSun|w}TG9{MTY*cf~6!s4O0SJN?UgYOg8|Ec8skJXLnMz8$ zv=v-tVCkE=<+xjGZ5?NbcXw;}banF~E49UC?3WbZ%H;T7wh_3yUhy05m-UqQLpGa% zs(U4U1Z6uXL0)d8-;SI zyvpyitFd=wq)!bE!rPbmb1Kg7&P{5e+f5yJH4YCTop_iT4&ZqWevV6)>UuW1_rj7!LL))@Xlwx8TI6uY3WNH{Lr z;10JsGjeSlj*@nK)jhqn|11F%hcqs}-Y`2g%pSI{sIg{OSsM!2;{u~qTe9cQXh_Jr zi(cOdDr=4HnMN2RfX>c~%ZOs)=E2_8{frPkcOO)XUNIVu z(G?5_PZ^B+2t%lLjk2w26OsRY$!xIt2d2@zYcl8Cv*6KIZ@{rIohBMd?HjZ z_Zx&Yc%IjA`e&e+F>w5GEeHy)>?x-5(I1vOnh&bR%yuDE#K!Ep5oTy-m0t9+hDae71BM zc4H;V?2JUD22hOx&LHU$;Fl4+*L?Yc9UH=-epXH|d#^79$LhMF?0!1JOMPGMX3C?9%JQ*P%kdb_v~a z=h7o7ofCeEg8X6ZAix(?D6nY-} zB4qPRD-uh_TB=P_Uoc!N9z>ur;S|piN1?>yx!GZ?2B1@po;=$Vf>jfDo*_y^E<_3| zW!v!HTV_$*TDN;@XZ9c|Bip+qN({Hmw__~eXq)e^Xf3}Sg@IlUJ?bK))TkY{9}Wd~ zqGnTEMz*5Rn{UQ#rRS~@)mf>tU`}#+T;Qvy^lke#!==-|=8q%vQsQTQnYfv|Tn535 zVqs73s>6k$;%NC^qKpn%l#im|xVSVr`ShN>ND&-nXdG(u&cWaQO^`e$zb-s(t1J^C z`at^ua)oY4ls`qlqbe!eWqZi+ayj04Q2(o62q48t!9M zM)g2H2J=RwooGK?b|SXKw$rIe(SC;8WN53*q$#{y0&D%dD^qcSm+v)~?7oqxJGxE2 z4mnz_CaIf%_1FFet%k^3PieuGtSyO+Q;|bmNcA=I##^HZeMnx<_~lS{cjacYI6BVGaVGd)=*Xhon6aUZdWZ9ACO z#~Y)4_SZ6m2Dk|Psv5nt!15TPrzxE8^rJKxAH@6g<6@H`xnYbiH;FT33pxM_xWjkzGJ111VH6Q zHf`_2#`YyT%$QAuZALMXjVdl}$R8QArtPDnY>Oh(o+;%#p1l)4ce-7a8{U{cI!~k{ z!aqS2b`vVA`!Ti(!c9WhyK*8|&;1c$V?{!9Q1Y-~=(`GJiR72d`Sq7oN$g_aY;M?_H}VXOuAC17UnbsoKIU3@f6VECoO z>N|&&P4_niV4HXRz42FOD*Ku+CTKtX@)9^KEH)uJ3!MI6gOgHyQqZOT# zeq_*(%f*XDTA999GS9lkYgMyub#WD(S{$EnLkabO+PLkLujhL2U3pkGSB!i=QpRBo8l z#yo)R{tP=X=(UdY@_dnmC+pai$)H;%@ z#8ahM!HXXbS3L)fVE)n(27MF$-puJ>ZRWMVN(&062wY^&;!qGo`#=lFe~zOczjlMe zSnXc#Nc1!fy&bzEz8%no{EPV-xYbrFu#3KP7yD-lkNSh`60|6VpP6l84W>fX2d?Ts z-SA_JQiwx?SbgN$eh<6r=Ls_M^7Hy z%@2D$yoHx`0OTn~+$k@#!7Pk$`u;=Ge1oO#nL9yfq}16DKr*IQyBcQ zwS3TU8wEGFy-gMdG{BW1%J#4z`~jeh>ZHu8Q9c8xtG&(rM;0K4AS3M-?zWmlCcqka zyZa7r;MjMUP_Jl5+R;Iw#{Epu} zn6uVqS2VX7N_N+mjy8W^FfShW+VsRCcZHt`0?$=BTT^EP%`aCDX-?+DDDy)pDP;yc z1n=jz_sVV_tp(P7Hgo~h&BuEvx-c?f9bw_IU+9R;c-!3i45u2(f`~zox(Y%aqmm!f z{!^$PYC=S3W}MN`p&h*DJY-dlY})gWlAN~*+2yU@$8x;3T1w0vovXhW-Uj^y<^~ZU zo~w#v0G}2ZF$Lq~?T_0k_q`Ar#9|wOL-w-XAUdfx5CTtWGzd=>_apd_UlwJ8!H)&D!^@h^v2MuP_jEaq;%EM0L{-b$3Ql zYf~~Shi7kw@0hG+u$#n!(h+m|-f2$Hfc*_Yl1|%c;tHQyRIINR|DI?E#&;C`q967& z*?WK4^XCe+e8wYhslXPiWvXu97CfH=Jix+S!iRxcmgrbiAfFx4ix+^Q2GcbtJhxG) zT0%qYlFcFhuZrE|JV+phZPc_+@l22>6MKS>t;?h(39etXW8xzvnS`V=9PQ49fr;=T ze;SJa3sa5y*$yI{6uptt+aE~rz(9k;f1|w->ee+}R-m%~gq=4IEB)yD-emuV=!$RO zdTsX6Xf=C!7{%xGODl-oZ{hz}_U7{ND z=Ofj6^}yaQq1X0uWf1z>4OM`36zfC+KV5u~IX$oF!b9yLN^tMBWnK7!u2lL7T8hg? ze8}6pi`iMYRN&FLf|)b6VW^K;lZsAVSSwQ3wyq#H zK_vv%I`>;)+%J)yfiKlO&@U{b~401IR|z}`*-GU*R;zUg>4$hsrJ>6 zYv3)WNrqPTlbk_QK0R=C-B&Rt_i-K;U?Is{zB;$)Ks<%swwJC5?^I!CIA^oRH_X`F z!6WYbMUoJ)J4Qe&=>Qv7G^AQ+xVGvtKt? z+`6UfpQ$gTJG)kUr9C$!a;LHE9)lioXahP6;YK4ws~?Ln0rN|`Q*EcbV?)%6C^fg- zD=EfF_o;F)k+)meNzzbGRMG6zc76XX-(|eO&!ZWV8j*_eK)2hET)@gyw|MJ1d%4_P zcOpyv=x~YqK5GC$||;D&?9CpJzW%U$5WK!3sspO z=+7LRl@w)ag9@4QixC#YHENuS!?g^+4CM{F@L19!CF~Inqx2b-QJ^aijs}WAklUvU z&14jhWE|^I6BanRE-JwCUOgey42KMDm~h6kbEClb3lHi4C-rjr{le|YTw!mvDVU%1 z4+b>rwl~Z2ZqC>ja3~Mh=z{Hyc`z&cgz5wZ;b8-fCif2yrA@uW+hSsh85p%*R=wi- zvx(A#ISvBcJOa^ai!_NzDPZ1gd=kWbq2ZrcmIK(jnrj#$V-?yLg?D7_V?%s9<#!6H&H@ahi9p)IC%uGncu=zIz@32$RfS*9hLgFr{q%;I~T%j=DW z=>1fXFSz^T;olhSvS`Lwtox2Q$v+$#?C_nS=fZ)idZh1OBu2{xfyz4&cx2G7j1NS9ZW^&5LxX;CX7rrM}2pcx-c8GiD{ zPO`KM#2BT^_&}9EGNprmn6dnUvRJa$xI_du$1wZrg0TWS4PPrlZDwk^1_9}-*!HOd zeJC7~`X^ZX5W$sG0?OV8M#x4F{H%9!hZy?J9uT$fO&|RRA~=Y>y%oI^*vm{zh(PO< zo=Id9GxO%8rK^!Co-EL#YUH3xv@p4s_pm>oyuF5juirTb;F6y(czTj}C(r#1RmIFn zxzNcF{7G8cTs#P$tSCH#1VP1*U+4nVZDUZHUb`t9MLZi+z|krxi$CNOLv}~aJ?Xbos4DTkjCTG7y4W!f5f$a)6iLp%wsaHp9-jjBMF z!HrmY=j3pulQa>&bxOmi1m=+D+=9cx= zvp~6sui8uW{sBm%->FuWMk-Nl#8?bp2FqZ~)yfn%yXsLodn&dCAL&Z8$Le%_nN zzn%zs+)ZheCpP()-gaA{ox;SddJwc)OxFcjFUE9;*ffcYXr3aRGwFH-#@wE%zcX|6 zzJ1TkO*roy|36Pv^WSq@@o^8`qQu?6Uw5>&t~xq)_)X+lkf@OLH%Ib~WPW-|ke!cG z)9XL!fY`bYX-y^qxv(dGIlqZ)QFzk|mf z?yWN2wQ{nP5`x1F z$LC!)s;~B+JJ9NPxg)=6)z~r;Uvl5jLSkcI;&sKzYAe|uITj4uc;Eit(`1T;K z7KA$!?)71=I?J#|S@a-Q62^Onc^6r_e~-fKoxGU>($s^+Bh$|8?PfpJTMKzMlX+-K z`!FulRGxlchk}Nd`)0x#^tk7%0V?eb{I3$FuGOcL?s*f2A&)+8Q*COJZ$p(h8Z=3l z!$4L@TU2VYq;Sa?G|Tc8z`MXpNY?_b=m7D)Y)T1Qpq9TbKiQ&J-eeVT#phoIA{6)S zk=GmaP`lUl21$CRDh^Gu*s_KnwepHow9RzYV+_um0WvA;BAlc!CCQgHGKnn7+n263 z4q~^nDrNyequk3D*v!WJb|)(-5~S{DqBlBZ;}3;)V$A}|RSJ3VNa@`kr5`7``FWxP zuAvuMQ2*EdW3GTKWvqtH%nWyKxJ=@G!%dN}K_l6iG9l z5_Nhc7E(f9Iae_0)@DI@CC-9=d{IV9G-=`3(Kfa}?Iqur%99D^w1cu4ER(Cf4izDh zC&jlnaJU=~Vt?-ElHsR^S?vAufHh06!Li(!pOY^|fGU;eGZ@eiY<0&>JT`JWojM;$ z$t6rxz>=JSV5#kHw5%@n?*2fuRC}A)6K#N$Vq?mLmP16=?{9 zQo6L&@kPa#CdGVRpQ78KBwbR=L+!4s=zt-E!!6>%1L8fAFklGtVY9kxVEsR7&HT0F zE48fMstKRqCl^lJ<6_-GhX3<^A?d^=*H#Njx&u z0Cto3Ge+OuRMZE>iL^2?R!{%%Y{85TXHR&Rm?Cnho_NrO5J-?-!5*c9jMe!F*DiK* zwvil6BSox%Nahu*3iS?dSWLmR78)87OQ{@WGJtw2_#KOZoc4rRT&1eAioK51N=zU` z9bQhia?ahG4;%qj$O8}iyA!zz>?wHJYaRvkQ@T`WehbnXd0`3U4akCK|I!p%oWVHW ziE7Y&B#dr@QKBDfHjS|WRVv)pv?gFD?jhP~VHsMvK(^&!HW4~}-do+#W97Y+ZcSkME2x$AX6s^2^x_HK0DY>qyq z8ggm8n)IW3;k^O=85)y^w=*N8mDT-}9(hz1tDUY%LfICz$=JqTvz)YjHczy8BH~3y zTP4brMcJxJWc0S@9Qccjcwel^S71)u%{oS;Hv-O^u?-V(1eQ>0PSMt}nCZ_IK;y?n z9VA?h)*4|4F4U4|*Rt_R@~CW0cW}sh6;b-DNc2=oNFI&^eYDX4!shg^DM4qM7QbHo zt@Dz?!a)&{E>MBeOV`tab&_FUL0J}DObQxu2EkUW<~Muq}K&q8;MlF$}1XJld!lP^rO z)-MkI3uW)29e6lmQYigwYK4u&(=Elt&0#*(2#wg#CNza^WanR^ zyCO$nfZr}L$hQ((f*&d{fVNed7{ag{b6aIDeZ%@~P;!|?cQlA4i?d`WUqNk%!(9Ff z8u93T&sMQ5Uzgms_wk%Xuv{;)4}8mO=z354BXpZ%yPue$HdgQ!OkXR@f*-&U(T@$d z;>?9Jq``-;s)VK#;4ue61@&>V${7>TdK;c;LS~E?B7v~r5?)cBWaHim*NyKCyeo9v zD-Zv0*Y@L?>Pl?`uq*`<`qjQvvcK%KSfaQ*T?!r^i#X?$cThG4tNgdv=6_-)KL^25 z3t!KeKCKrIJc>2t|3ymMX1IW4(PQ<6n~UaTr~-C@WGNB@hyf3fiK!_eM#hh+RV2rp zUt_I8n5zVELuzr+vGKwjv54h_em}S%wH#*o4Usn#4LbNbatE+8q~}b0>+jHEj!q(-x-cHAF1u9Fq7l@nEykU+ zMwed_tx)oj5fDFDp*JgT=W58*)vkxr%<8M75ru}1Xi%ylm1K!m1tecOH&M)=S%^`X zbo&LLa#)S+ETze10(6Jf{b?_WceAYEW9fcH`?C&L{PjxDa!2Vz8rt2Us-8C@FzFEG z%4L{8D@)7r3*Xr?k553GB(YkMd-XO*Bh8^0t}4 z6`;3C1QFh6MP7KY*}MQE_{Cl?S=-nXXFUc>&i!eG z&cl31Jf7IhdJ#I9E6S4eMC=s$6hz#{QzxvQsXJAK$rRZu5F+pM@ZPKWdT7$E=DCLp zFAFy)&H&+tpJT5FKV3se@+Ksw7;l)Fks56(c1LW`2gF`eP$DYwuIVl`I>kgZmaB)>Vx8cAl$cK?nh=j+3uA;vJaf)VIlh zlOG37Uw#WVzYUY!WVyU3d_mIx-^(NttoG%{{$CWA63;8uTp_^{;XFgq8pxmdkU4BJ zn(62cpLRlC$z1|pXVU25dKRXfq+RUhnJE3O=&lAX)I?vPq;^4`bpK-1Vag}iYKdor zpZUu%1C2qMO(3wKxh@Qj^3;dWxEGI+HoH&JK zSZ$1;<$92#+ue3b*=*wSoH!veMK@dpK}~OR;0(tRS!bS>dUfAz^CAorZDjJ2D^ zKbI#@oq(JH2GR3Q{3FkwUI+ieVo^dyCU$;%K?V zBEz(+!MliI&1^Tt&%}cTw6T7%`sr(OaF-Uch4l~JJZRNoqH`>iOiR*H{_$3UrcfgG z_TpMHz{>Nw8VN>D#OLqtCE5sN5QK<&dRH&}4goy|zam$kzUN`M;pv3cWipWEChsuY z(!}SOSYK+e;!a3-KE>QGzT#AfJ-$`J5G_>^a{>6PK$^6MT_m11ii>L}b3A?B|EX0U zJ@4{6$w8#hxVi|ACp{7M^@qHXkS*T0Kj4XGn_mv(ZRa>v9Rx`R(FP4zX?RmBOaCTi z37Dnp@r@W^$7WVS0U1j`;jA$ZHk2@WZZ+4I;`p?F)txy^$?Opc#X&n^m8qf*7lS_( zc(;#Ta(X^LVI|wPNB$1}Wi$$UtwgqO5d1Po@gIOV+k`S-^PiZt_XA?sGT!(3;*i@s ziMK-W&6{!Eh7J`_iK1n%$FUxM=84zhT`Cl z{ynXDY%2!l763SWZKu!bY6nHLGC3Ngwv-`4x`n}_C4~2$=mo?~KmdF@TJ43M`FO2% ztg3K+WRMZ5i4#7t!@2Y(eU(yk8_zkeU39CG(?+W{@)#zDSLCj=0u0sj52r5cLk@DD zPV9gx^a6JXY2ZW0B#p>}=)Gz^VksA35spj>_>{&+O&?fFKE>3I=^qm++iW|p1%vvt zjEn}-i?I}xk|^mDqrTAtBq3GR994Mxt9-M9@OJJruh9PusY0k6g{RE#Stkkla&3mO z6b}_*;uttZH5t9(a14eJD>^c*%BSRnJEW9<;*R^}@qDv&h&5TO&^Wd=;EVxnAInFs zf#}e~0`jYS0@dMB2*rZ-`e4-6zbV7?1Bd)oFcQ67$x35WY$(N5$2VI1M528lLz?r# zc+$MTr4cbRmb@jJ^~Sm~`>*!e#zGmJaBpk4y_qT#DXF2Q5-IV^&3ma9#g1Sw~|6;22a+>UijL}`Shph?^cB>KX_9LgQ;a-&Ao_Orp8_y>58&+nPUhcm zhQO=gVPwwxru?gdbMc)zZL(Xx#6I!a3zst1&m8?Px`Ag2Az>59vUwsa&5P4KmS9oK`p4?%> zojXfFh?%PHKJt4XA_w~%S)F@);Dhf^u7_}EP7tGONi54PH#(eZXE(7$m`9E>K9lP88%Al2)w z8PyiUNP|}d%F;#PbrKQtElMxgB+0B@`**EVg_X@GO#nY{ta>l?H86>T-*o}o?NCY| zNL6sK=9*tl!i>X zoy1eDCfep@-F8`~Kpu_zYurN%uG}OLKA8Z8$x%K7LEZ<`5*&>wbWk%&1KW;njlb99 znH8DLES&o)iga^Dha9o(Mq7WeTkONchVqvoS_{_(Srn*YNWb*!1)4E1cowPTWgA18 zIFT2@^?IuNdFRfI#EK3^W{AF{aHjYHx0K`KEPQ;7>It#P8#ow*wL%^=EUdXF*Z~{&N}s|gO0JEjRx;9_aQ2k(kkDR_mgT2 z&H_FAPeC$M6gUOM%n=8ieY^C z)F>glhv7<1GA;9hn>-3qc(nYKuFM#FY5=YLiqQ6`Y@W1%588?&VX`Ndh_g>m1Xo>- z>}tZn{5=7rIo*50A}d!2VEV0nTy|x-=lnI&rocaju8Wns64|+&4Z*DcXCSNlEiDP{ z#R_=|aT&ZBdE6At5LG$-Dwov6*yOb{;Sw@`4lfuPF9ESaD@mwCI)K78PL_ARfj~<8dn9YKM2b zJ+SX5mxEz~1zznz7(**71VHft)I;cg(T=#w1B~#ET|YFtuobDJh_b{af|3MvPhbZL zOPohR$;t3-3ZsDy#Y^J{!+ZnTI!sXShduI55JN|V2$&rh+QI(I^4ff@r&(h=(3wT= z=?2?n+&JH-w5ZbeB0+t`rEgD%JmjgY&3&@2`!!V0Lg!*>PfPL_WOgWsrYvcT}z1;z)O$)>fxEvU_EV`)y#~TfOamO$3p} zS)Yma_mk^yoAV2+QII1`>Q>?3lLDpv-i43m$P96;`H?=R_-B#{c;KsagVUWJ1Eo>zsaPxPi9eEpCgHr%k@G`~Q-{b^piXq+ZFN~Ln7RdA6QTwz{ zTdKG$cvWbra0feOA<0O1{(oU5l#X{iJJv)@Rw!6kr;VK293aZ{V zEE_bBpw7#fFVjzpm*{p0il1l;-Nz(%$A~!7*}oFd!qyj!W=f+`w{*%7h`xmPoq!lx zel*sos-AS+?k9EGwqwgJ#bm{h#~1Mphj#~^PCHNvki}B&bp*I&NE_&N`iU+P3E`o_ zH*1%FPScW3<*EfprRJ&>8qUV5dP`{X1gu$nfl+4O^1m2`mdWs%{99V)Uf9)U38!b7 zv41!TVsmVB)jm&aRzC)H7`hIN>?B^e^wu_ZIDZ+${ohREUqTX^$frG#o${UAfRNBp zJx=gR{wxeo)xg`%j$Clp6**btjfw3mmmQ5YOa_wTNOgx;`zj<0cRKuQ1EG90W3xS& zB5`XGv~OTA#x@D1Zr?2 z=cU@<;Y%Fwr#LAJq@NQxb0u#zgE8({3G~rIu7n#uqW|hx+#}$ha@uSrKa3GCN(~1G z4btJ4^QEk$4yC8h)oHjHBAV(ASlHr??(o@7qD%gNTzyqoo9)&#?yfEF?he5niqk@I zE$;5_uEkvf#ob+kdvOR(DPFwTpLc)z-3R|s4swv|$@R>AuQhAdjOZo{Cmsq4nu*la z!A#BtL7r1sTXpDhoZqaQ>qE)01a82rb8GOZFMCfe;uX$ zl}<$Ny^US*GgMDkfE24^1UURl*Uo3X_wUCq$^&!Ws7%^w(}R5u(>|h}4;*h_r6-cx z@fNIQO2gze3nsqbx6mddkJ06j>eDeoBV$37>)0M5N{@+KtqeRSlNajxU91BTm;MjA zO-Rh&Sw~X5VSoMjsXQS>DbID`z=-~WahRxuytmVYl@tVhUGF5C9#AADec`x23Hf3n z-N*;Bu8D8n)Dsd_QoMGeg}P!C$nMa2s6yhpM3noGvY7N!qpKgg4=r5g;Zg9Hk}ZfF zP`LHt?dv2K@_*vkl65G-pS*^_M8=yd^o zy%0;#h&5*o09(XoXsfF3AV>hK)@Z@BVwOx$as5bgxVx2}*J;X{54bb=G4XZX$-l=7 zta>Ty>P3_haAZ(HA4aOzW^%loH@0DaFxBon2}i)L6Qo@bz+;njl{4lYD5&_QhI=_<|_Ti8>pHd=5K+~j5l6uiW9F_c3 z{>*lyO(|}Rq5JH<*KyxAM%FTg)#ZB38dMw8I>R3V6(f~)$9*kxssU8hukqTV#|$K` zR%Apia5Y*O%kUo#z95H;T~e=$VjiIC@2;T3g{0{Tu!hlAN@n5!sMyUy4BN4$l{c>D z@;pta)orI{8PnJ!%z1A(KX|M_w~}_ZLQKVgI+4dfyrg3dZ*z)ZyXCLBsjKKvK$W9DXP0&k(a%TRiUsc>|K5(svyb=i&F%dK+SwXp^t? zHf~~xmqZ}MJ`c{L2@-NhsEIlDheVIE1kA^N)L?2k_x28kEPKsyXdJz~D0#*3Bn(4h z_sFm*4J?Ja2d936ubzBijLGgB!O6oiA3T91*KdvrqVD#+pz>yjcZ~dvBim2baA%8H>F*0mWz)yEs`oAN z(9ICZ!UfqtVt@%^cP&c?15KxsV+ z4rX&Y^gol>`on0*83xyk31u-Ui*5u~-`Rj9*n(eE+je)}&~nH&f|hT2c#x#*!}VI@ z_6{wDQR!=SxnPM#kk545g551Lep2)0)$9y(LoZz=&eAua;oB4IKunXgT|PrZtwStnW0zt##umEI2ROru6ne4~mbk<|-6j6XF@UvWME|PWK(d zqeNPRI`Dq`3uMN8(Eo+{8_alS=8W?=Y2u!0U^AQD?5oi2gaMT9Ap|6b^;{!0iFQF) zVT7cCa5G|uNF-c9!pde8Vy^5c8U+e?@3yXlS`REGI%ISphw}tlNVBmPl4J_f7)|UZ zWsrUgjM+oYP^jl-a7lv50+VAidgQ76rzLMBnWULO6}jgu29fh&BBepw0*jc4=~sF> zc1Gt@f)FIC$)r`DE3|xDIZi1Hn8qqX|5>q*LfRj?&U_9Ql?y}jAVwcBiV&!5kaS&e z?Cy{Oy%ZQ;X3O2CzhGi`K9_Ps+j_?B!M^|DCfQ`YdbT7(P`I506o5LhQG-Ri;!!Ef zpwzD{Q+dQU@EGZi-sl;_lqkyJN}-JXwq*787S_r|Js#vyJsr2h_4toJte){q9$B*fxKW;868nXYlA=d)#HacEl}e&$ zbK$%AC=kWIi(Bb3^vTP{g~&Hz)M*@_e{VF$LHxUg*V8AXm}8Mk>DzlZog9>>=Q9G- zy>O4>EOz~GNy^-!VjF%hxPg)9iQ6%Oe=pi9|FYKqSGFDi|55h8CYNuX30NU^l9}gV z%%@k+K)2Upu?NmE=^3x44_(Ysx*Ppt9sm%8Jmhy?;souj0ZD>&v!RiUH_Dn{A6#;m z{&9JP(z3=kNFf;@UCzwS9Nj1Ogv{pIK=}q;^)^45XmE+04_Q6U=8XxrJ!j^>x{mq5 zqQ6CMmq&2W%>GTxJ50hD?L6N}U6sMEl&KCFPM7>Kh$qE#TH*ei;9@R5&5bM*I;S8C zTZ5|J|7oCoXCK_(W#oZi=su-!w%xE{MHtq9ZMt%8-+t{q2yIyon=$jyYTZQ%%p$E2q=YKH{V>NuqR!=zQ3hHa`hH7_4MeT ze^|*==1yIC1MgAE=Va#>xkbOTO$_re`I9&@zIeF?7a02SioQp1*P9ojK9>=#*<#b= zOA7%4{QAE<2q$>HOtQ+`8hGfDF+`q)ZNUHWBLcEhZ+19v+hh%U(~|@rlX`Pt7|dP1 z4r<7oS2FgXCNgh(!cNf{ty;lt%sl1N;ZU{wMyg7cU#{+7w!Iks8%Z`g48yBLUs+%O3`bD^jzhHs_!={;iduAuwh(;g_8Ikj{yCw4g@-z!=DdEV^gLz0je znh~;SjB)tx?EIF3#5JKI{xMDTf~NFab%ej7n6Hb?9H`7SRd%*Oc^+nye+a#-0+(sgMKsZ-}(%Y zOEEba*>1fVRjlJtW78MBRl!T-b#Y?3J7QT7;qCeivHiY(ILBQ*jj2@yDu-{J?i*5Z^*?*Uz`h5P~uze3VGr5O&#Y3M_79(cr1fD&- zi5IxOojNaPfzC-Wr&E?KEO>HQ{jMF~Nq;b0)q3_|hlcj3Q+@vwaQ;;$h2NE<$)6gt zZX1gG^R55ebftgfkMzNR*piM*^-Z@)dn;8{V{o%ox~9?x)2NHn zCB`r-#)YGVPHZWWY!d+eMf2IQZpZ?|XdLb*E+B zuwH%}f;UF@U6uAeFS{Tv`Sba)gyQKOJ`N2}RGba{y@l-sq$v`=WX@9#Du0!?JVk2k z+|W9_yrvB%@mKAr#}bM-L~v6*?DynX+Wj+G3pzFmL?F2R$*IZ9MZ9#R6Lg!Z9-n4n z+NJimp6+45x{Y(WGk@1v>^$=Il2uMKbaNi;U^($Y)0igKi{DLuXzHXFjS9A~CslzKX+h zACFU4w0DJ?b3(y`#d{?yU%Qlp1P{7A)5*!&-UI5_aKpq|l|_EBe2VRu0)<0;`}j9M zkc%PxL)RWbMf7-2kjag+!>rkiKgmU@0znRj^n?6#s9P(&1e>~wR-Q@F?|9p`y?t;u z%rRt!VdyPCZRCGV^Z;wJI9Qp|PRoX-TzCF*Ly;xvix1c_2ID8}IolTb^hti(*o zo9aPbz9}OePqiA8NfhmUVx#r`N+~C0&g|kPV5t#rVZa4w+7N@AwR%n$?ma`T>g{FiV^en$_<#u>`6BjC*6Vql_`~f# zkw1``?@P?TX;*KAiC9!7M}$kKTaligclxcCR-jd1w#T{eeNTho@=b2+{og;0D81ce z&pRAHzJOl<4n225es8V?BLkBJUQxeIOw(KrkW87%=4_7D6shrX6sUS4sLQ$Vj27&{ zxyREaU63_jOR*jjy;i&7P7qoDsIsl|Z_1nNqvL|8P|WPai`w--)KyWn!s+aujgJjd zdbV{$$c*QMKjf=zXxi#?c-uM3l6v)1+)GKKCAQyS&;N!9K2{mo^_TI3L)m*Tl%}eH z33NMzrw>Yuyy*`sA03e0OWTadDO2>$af@P_+0V zt60z`=1aub`*uaP>2`kpIC!c85?75_TU^WQ7g4blgM?gw*uqZ9Hp8MT2}B?BA{7sl zR8IuXgEnNgC4GJHVjDTnKIRNggok=?(nDGl>MXLPztbjB1yf{>2m!cY z3e5+qK6Nb7qr{&<)hn^ ze}JZAG}vxbQQNy{F+iitnIjlYp_6sNID{dn+(+0zdh^{#s zGN?j~-f^1Pg?Jt`i8GpCvqBgc6pQVr%*~nEWR&3i-dkH9p9{9avE4?b8Ae-Ch{Xp|HI3RAXUG`Qct8CV?=nJLGEMv?eMI?;(e&mxw? z!d(e>+Dj4#veOYufZO6JWn>prl=AZR_11QJiaAKgG)DnQ*6!3H6egEajM2&ipQagr zO}i8w$_Afuga|nykBWIb49Q%ED6YL8Aw=F|Nb@?{6oL z*Xis5@br1+xtnz2L^vB{7CtRV>6F!)9t`4AhzZ5P~(*Z4koH^nPs)_{5* zgo6N=fl!dkkM{m-En!iMwSU9ViwQ%}O0+Xz+}PJhyen54VJJLRH{(S3^=cFb zASq*<)W)f7S_qp9CSfKurZ>>z07_$>D*3DD9HrN++&jLb;H!MM`7{p4$5rQ(&aKQo zJI?Lrqnn_ut{};h{bX4R-u~ZLp3TojIWVPt@CxvxGb&xeQM!beIGhY z$(^k|Ghnnu^Xz%(mfP%m)~4b_%y1uvXD=lKFne?~p|-d;{+ zs{DS8)Z^bz_PqcZ_1>eot%z* z{)UA!mLP=Yv&go2d&8Vmj#HH=Kr(3PEsn7|N}v8~jw-VS5pibiRJB-F#?$bczX<(9 zORP+Q?elS5KLHhP$1N)b4W;tpj3q;+e1-H!35~+%gZ-qb)1lQbZIbb-9(bR=7x;Xu zlZ+(U+DJX_n>O+xAV&FM-6Ee z1FI5bOH3Y|P5joS?^Ug9(Xdq}DU~$<4ZYSl@-!cVE-q|u@5-JN$DWiagD;Hvk+hOc zcUw2+&oC-b!cR^JJkE&*TKG4k0TWb_lrvr?~`a`VaY1Yvw;{CCWeb-XkfNrfW^IxMN z-aeau@nl00hIQ$63W+fq##Qxs`j%nj;b`Q!qW69=Ss>Aqe@>2(EhFVJ@}+HmvEUU? z^d?$$cMV8(NJ&K9p5~sbkzfq$!xB}r_iWZMvq&}lO}bZ%pV;RHILPoT9fj8Dx))_3fTmvZLGPI$fcOx?EX zgGuVLmLhTCx#*?Fx}wBs(gI&uDv8rVZ=uH&esofe5M19=w4<4!HhO{RJKp{Pe*Y}l zb}%nJd1717VHpFN4yK48^zZ)9o4d0Xh|{Y!(sNIj$y741Xz-?9V|4-x@m8s({E6Dn z=ap%H0_-jqTaoP%Av;alfxMui~AIUT3d{?)45==P@%gHv<8AZndm9nP4(9)pW>=Dgno91Kt zI?n>)95xbE3j&23c?Q@Gc)4OFvys{@UsX06J-9^!pO%5FWjz^9S>RkW#Rk+^96%nRGbaLnU{AVR7F z7Zy5)4)Qi5R}rFkAq+7WUWk}tnId5laoQ9NbXt@i61={`6l_j_r1rR~+v^-HJV5?wrbBg##7d=QNQT>P|9mEl< zD~Y7puMpNe9~2_~3HjFToAH-I11p~N`2=%?7#`)MGUVoEh_8eS%}s*zY;Gt;6P!-A zw<_-^Xi6MBt(=9et)MglN%{ppmNEJkc;xp^tA+JqxQe_>gLb%%hrUSDPn2N_7F~f& zQ2I>~6TGdLL<9a0A~BIGqA}y+$UHXaBrO*BT4c?5EuGgMP0Krj>D4ea_JU=2@})s| z$mYsK=P|5PY0*4Td2lJxf1iyn5(P()6_W3c#>t<(0U$wkfAj$7*Rt7VU9kS^z4m{# ze0`n&L(*o>!$D8q^L$;;33{EN&qHfG=;DL*?zyA)NPy&KV?-ElD4fYwXU$_MravCL z_x0q}eOqqg5?v)JoGY7|oUR+((f$3O1Gd8lTK(v&3=II%z|;q@NQ`n~HE8$>sd=Ko zWKzZN3H**t+~&|f7);jvCMdVtZAl(}7>k&{JnS*II1AGS5}r(5?FhT6*ggXvZGcJ^`BS{^Gk@|oo8kCi$B)+nyuaJaL46dUDD z=+%5PcCwGTE^N-zqT}c8{K;Y)>4`_)!3I)hkC7WICU=7Yxq%Bsg~R>n)ya~!LFt2u z7pq~25gU)A$ARQlDq)iS6-W!TJgk+mY6Y*ZeV?ftHhheJU}KO!AFE2AoI#2N+6K!C z+0El~d!Y&uOE%HF^BlDtvLTS64@~KqcougI1%RCTUW%8?Opay1&Xw?^(c^&oW8lh# zWQv8VucGgL*I)oQzBlf4H0A9zmTvgqI5XjXw;AS0Ovft%MhGQ*QB_q!ZEd!?dlD43 zuQ7u?jF5sRO$*V2EbJXM#%RQ(1O1-=a;YyTs! zCs76ZR4r@6acHsHa+wCfdghj**H+9EK_dnDB?rrb-+=%n@%+QcOar6euG|VF`XHcM zhXc`)d?B1|;2E>^9FtzJd7KKGT0#Yx&OOFC9j2N>!DM3Am6Ud~ry0q>kPExgnn6!rZ}N90zatrjQ47jHS&#$4 zWHef@dm6v!8th4zX0}NC2-d@q5a0LHT0G5t$=k19@et;?|LB_>*J9gkHp5Cmv>~l} zzfOJ+7Dcj+>^;HWcNkZ62Th=A!c_9KJBc7540p*`Qqn?#KGJX$M8fNJIkRYzvUq5d z%u_cnoTYs-62M>bZ#iH03k)OKU+*lPM$r4@o0ot5ov!!`by$4E6JD z;F@jk`#35X-1lv92KRW1xIY9Q77@x7cGaWW*3S>*0Fa>2&7}j2Xbi6s&h3o6K*_OfG ztNKrmi>zoY3e?vlPwodYN0DRUyXEJIVDcebTm>AQzY-G-c5JZ}-xUD`B_9aOxC=Q> z9-A@%A*9qd-gk&IyR??oyWaFHpbWOYb-yS%k>g6?=Ss|?fGr;@zI{-viH;;tL&Zdw z3U^()s1!l6SRNg}qfry%9BBy``c!QsJbP5#*0`@#XV}Dws~z$SU5)n1=2m2K))uGA ztqIdt@uzK9_w>~zU2UOr&L4F+BtgcQ+=#MSc^@qOmXE2A!BeWe@0=+6&t{P&%}eUm zS>jdCP)*0O@ugf9+&U8`C@4TP{dJl6Bqra_$bY*dE0WRZ@NsH*nr;aHT)scse#gUe z^jWwj*o(Eh9q)-I>cH$+JMrgPSnk2~duYsgxh!`cblA$YlV>zEdtsfRg5z45#%+=$_KyR1 z+g&UM2?GU;CHzR6konHpBHjL9=J6*Mp%imSjEn@6Xm^;6e)AeyEQa!`mh?Y;Lf3rq zPO?7Q#M2cmxDntPxO}H_{~f%i)-F(d zHWfS2pdE-a16h-YQ6Jm$)3DAOHkwMXt-|lu)ZyUTmhxRhB~|UL{K|Q|zi`3DU0tEc z$%YeUR14Tx+2^(r5A#}Zs?z^jaz$wTS8A76q-@yn9N(ZcZ#cO4+p`oIN-WJ zt0jatKY(I!hc}2<`rhxmD!ICcaDkrjY|Qt8Jvou5VOu zB(QNN9DP2M&-LBjtB$+rmcY2XX=FDHtHOJ~gvXTgk(t@>3Id5fj|-nx0YQxC)S0eQm@}7t$Gohu4<_lm2(LWA32~D zk71K$gXfL&*67@6DBwgrNAhmn@w~SyKS{`UM*jWUZGm1W&}_zkw`M(P(GLprMkRmz z1<+x!)SS!y?7??#!e;{GR>FVDCk~RBc z*#$MdjTPYrH^Ix-VNCDGK{mrbSG=rci4XiX2irqu@&#`v>3$a}_IRJR0wLM)x%*x5 zwp}riJUIeYK5yr}OYW z5GK*>!$Z?v#Ub1@1(`5bRu&drogSqrVjH6Z&xVK#z8ut69KSR-c~o$N1MXm~G4jyivJ!lmT6?@jb zU%1#K4M@>=Y*&MO0VXYtevq{|8sd<$2~#1m?1nyS&j{JEBdm`wLcRT{hXpI#dmb@ z5+86@MT03m3utIC;a>|Q;xk!Pp^pMBGV_0Matg}yY;&miL+6p=BRqF95{S5c$Xr9R z8tng$Te2^H3(*gECPWi63h;4_j5yOc48-0vlM(}P(nWw^@ILn_x%1Tfp0@U%%EZ8= zPjyeBz%-OUs=g3lO{6ogyxaeaua*E4JOk1#_O(vy8`RFp?Ive~?hsG0T?f7x^M`z? z?o04nYGozo_IvMx(~C1R>#fq^x6~PZ6&c3TMp3h&;xyK)Pv!=*Ou)i zSlJp2gI=tPB*4Y`gg0R>D8V1_;pFt_lH8L@Rn&y{wTJfN^x^m!qgjDUf{X1Si9(4= zZmN&YP&&LQ`X|!hXY0~NCw>=edN#o_9-U9r$nu2awpa-}k%)LkPxG{Xdoqa-$(+ed zmp>*@bT?V};UjQ&yN8sQJCCs$@4I>Bt;d+aoMy)s>$l9T7rT0_ZF4I#gSB7{PM+9S z%L83G`tan4aAwIfMRC2dKTYXehbdu7ys+C(i?-h2EZ_oIr~ibd-tJs?BArXu zY82zl@@S61g!`Zv@ZfT0MmA}t`c+bZ*P6>VoU=ds?96H(SY*Gd0b`AA0LUbLCmXPv z|I=m@jjIr_!pWoM8hm3?BCEl}y)I_D;>WZqiFD6mIQ}g5;yxqf%&966fE*c56iv=| zKGk=;dFC6k24$w{4hgXA+kXM%jON8W#^%x=ceYx7Wx%Mn^~?6|Ar*cZ(68t7kv&w)KD(}9(*p@Gat}1$^sRHU~*_NOBQtJMgQlpARfp(=m*_*hK6+=|wC`*E zxm`>ws^3Ag$eVeb>qIUxY!&T?P{&JymT0)2O)pe) zlyOojZ=+_dXOm8_BV2J#g2xr4Dw|&Yj3c(ehw&`LjOdDpROH+rJu6SvS4B+Vu^w#22G*upByg zy*&g(2kf~0OZ+(WC4RUI0%fm)Gae#}VrA8ceVa@nav|dn^ z-E9;`iRoAc30K^{Y@F?eg>@AcK0|XOn?0%Sv5UuVPZAxh9(j(0X{&VG>8}l;ea~l4 z!WX}2UxxNocf0QZIuCQ2UQe;)a?Y2cOT*GItl>I+rZYZ{e=GBqU;k|V@L{^CKxes3CeiHdd-OW?E(G1`K~AUhEkOP!fX2#6jemL47PU&R^YQR@Y6 zo@M5jnYh{XQ;-Tub}fK@UHT>v6}5!T-K;LPB{hlt;oW|FG!t-GLwcCV^A~e%!UWd6 z-P4J>T_}If(VDFvk&Uq}et>Xtgm z1ySDCg}Sl#eGh}+6m8)*oam4^m%0*|HM}4Xngr$~0VKJvgiVY}Zls_fBWq)igMjZU zOe>ogM#)uz6B7yAIzK)OqIc{gu|uq{v*9VYE_a>BYf07Y`25Q)e=J%2-fVHF&oJ=j z^|b5Ev*;O6XV$)%0t#p0eZUT|*aKOnKEEfaR%?k@Xu+4=N?{Ck)0#eT*oRUBpd9u~1-sQlvr9A3-MyQ9qCZn!gZvZS=v0YXrOFA$+VL z?SPxMU1VG-N#JggDtgL5z1X?PLwwv66OJ#~>I@yJTDe;07tZJ2-&AM@`E z0L85t$InJNGBOM51T`21CVst^Acy1_Rs~qTJf=-N*F^HN#)qC2b?O>5J&G>h_EGkm zk=eW~Vg3O4(~3t|lx(p(Wil1` zcAzL(mRZT~J*27n&1F0F0_?Gj@aGdF)FYL1v4W~EbcSJoNq%15|MfDj_>73_|A9%>D{&a|j^EFPvZ~RG-t$p% zL$(SLjub(R?0mmuIII{et(Mrk4rkhCbvTvf*Ql{eIKMEtOWt2WDY@}C@H{w z;phHY2lB&nazEnjN5jl~9&=7Qual@`Jl$N_CcO#D<1}&Ec`B8O7UfC*GoLt@CbNEj zqY~LhH2^MeO2Df}pC=*f5s(-YvLpMRlGt-F@0LdMAZl~aduTBkOt~pD#N*h5Yxe|% zV(Yd>U9sOD_jJr`*i;s-m?;q2W<%*y2XgilmFl z#umKD6M5R13@P)MK=vF4ezY*3oSstNhQbNQAW?qu4a>o=IRD#rGTxB7_7;umeS;5glD^Ac>Is>@k2xs~2hi&0jSoV~A3itA>wmW67w4POq_?iXtu z&)q(ok#L)u$roGIHh%(ai%>$hC-U*nO5f~X zJ;%Lo?B0Uxes8!+)|F}3;%#XzDu%6IP?mkD)*)8od0(Gf5m2* zT?+pXGZ@cwl*1fXDPaG1--3XtEK8Tt@zra>z&x0AMIE{7@ldTI$*0!#S)sTg4)Mqs zSj5rCKW%~i5!0Sm^_t|Pke4D64gGo-GY<(){lcshwi zkRu|c=Ke}jp3=h0y01=Y4NU@7_s!3UKn@bsR5zkZBB5XJPt>0nu< zt4W3^thA|n9|@=HOc8Xz%vPtlJ{*OFv^RA|5Xr}?PE+){Rl8zka54w=HrLsC8jrBp zqVop+Mr;+4jVXF*QZ3-jTBbN6&H*it7#!+^C$ZDyyD$3^F-r@1=i>-Pa}MR|$~zA4 zX;%1)9LH6FtUIlNv*Bwf&6ArrW6Obhzu1YIrGb=Q2o`eUfS&UU+a>wVTTWXrD@h<) z0pP*LL*JE}+;4u!xg=$Uy0d99nXxhw&)&E-2@fK}(`ii_ZD}hSmF0HkD_VFtU18s` zZ2ReiT81cdEANYyJ)9gCtm^(3O2h`QW*3`T&TFr;%ncs}36X>(S24NQop~*A@jNV^ zNoIB=Iiw^}=Tlh~EeybGe7mv7zNm&Ad9x znX#OYm^O^QiLrI_+QzKB_5KdRW)Wq#4E2)ZRuqQc`V@0!7uy#cO`eBq1x5UlU)WhJ zN}ch$cSbMx?17sKes{&h-p`-%RR!D@uv^Im62#?KLbR1X{Pv27)Dp@n6z5q@I@`dG zznoq^-ZqTP557(PMv^P4WM&xa9mwu=XnZ6>tHbd0X5(PLJ$wte5oI zUwJfBrrple7}Llz1#s|po}r7#vH1L9z#vBiNJ5y)MP0yTIV-VFlM8;G_q14}+lb_5 zF>xrtji0MYxS8z73C%8eA}y6(90z5(ip^@+_Ai-#DZqyVFf? zh*qEj0wFFGrgknNHZ`(Xe-XwIq0P9t?K*u???zc(x4z|j4Qi12pP>-k-OX+3lzw(< z;H*^;uTh!6GOPHs=QRm+t~LUn!4yM^jQ$cw;qgH*@yo$4J~s0_rg6A*t~CqNu7dYh z(wBoHdttXb4awcB^x59{-F%d{@8`~Ta!QQNP$uNDZXVp6zvyE4qHh|<@gzqpX4!nx z3hd{i;OEvy(N|Ayi!_{|;b%-5Y{)tfauY|DeYh|-1qZaM@?W6mSVH`6@z_4ZD8 zH<)FMD~@emJ30tEn0k&SPyUqL{T8tKB*nvL$9b4h>3?1yq-QeuQ8ROsjDTw3Y0RzF zYqChk7OwjpvG2HAj$}wXz?J&__P6Iwnvd@GW0b)q*P&V~5Q{j`Tsx9fNtvAWIv3s7 zN|A9d&K7p`o5rtS^1>@4&a}1rS%0KKMQV&14Czj#Q&XdAy7cpOrVfT4FwNhN_|&h> zg^fT8uVfjDt)7;a+GSCQm|?hwhOtZ5>@jJLo=xGYmwvPKU%Snb9Rv1b$>-#gsZVmi zZ}`W4H+@g%_!&ZqjOl^J|Mv4S0{`~&E7)L$FsI;^zTYk zV!pnqRKwLmpKQTsJ!2)A~P%3)a^mk0t7@J zgsK^Qob>Ew;TtvY)ctn(3$6>3>|peczuxu|L%33>%baXBV9X^!M<@|KG|wwR2|F9_ zszql3VS7Ca4XyO2L<%!0!swPtT8X`@p88Si=(*h=i;~L=Ath|~Ja_dFi%YNczV{1E2uz_p8QLRFXrK0iOf4U^37RH#kVhc&wXjri2dy#V(_2VA;##*y)8hiJX5@eml z1lVtj+Q30U9PgwLH)pl9<`2qy)V-QSFX=uN1Bb5nLW^*Z=s#{?SV+NiZVa47t;%dL zpLY|;jZHg1uNmi6a{)eZ(%aBLr#;Zw(A@CD>`Ot_<9eH_V9sG-0~C z-Kn=S*3aA%6%RB^mN4Q%lQ47teNec&r;F1 zTWV(|D{FN+O1q>_<6tUPtHGr(7QzEeIcyEg1Nu0Al=YFlI(BT&=(*|s}K5VZnn|&QLRc!GJUT=@&kv8O-7QsVChy{F3oz#8Mbj- z+t|Tx;3@-@$~%-wAb&jT#`=*=bO$=zJ(fZq$c-mMoPva_jyi#Od^HaKdGyE2)enGx z$2AAxc6W3}_lrn-LTbPs+Gp*1{huht+^{}0GY?2ka*@C#7*;C&#_36q+;)n2cT#=O z5NjtMGi}TvR|5RD0!{ikY81xS=O?qjjyG@g8cFN9C}B7jzA|l|()z0`@HmZ%IRhgh^E zXieamL;My!FSzq?9 zcDE{T+YpEs5S3#5{Gk-8Rq;@YxW3BtSEX5fO8XH`@#BnZ-Oj|c@5u?v&7JBCYNCKW zx>b1K1BTm&lu@aZm$R`kYq~zLY9Z-J?J9`3)&LbKwI}$jt`tR}u48_%gn=8`rDy^7 z%gO)?y(05D%w%jpYX9@8`;XcoAp4rQqbI$Q|14PjM?2DPwy+(ebM?(q3PqUHyl#W# z4V_IB?~Gm_MAmeCmj+OT)4MQtI2iK}UPJiQ61i6MF1x`i^YPN%!DC&>x4i;86SZZd zlzJl<9#R0^sxvllcnM*JTqzQYbssSV}A{_jHgHRKM{&nlCqT3q*A}MHz39 zDFR7i16Mp=NV}rO+#Br|kBO!SqKU{~-emMUCr6TJLf6Z-n95RJ%TfGoxJy{BMx96_ zLA5#)*7Pivvyj+Dt{jdIJY!cPyWU#T!?goI?!67 zz|-A^JY~(ZXgDd)+>#!k=TddIf!XNmmMyZs7^nQjd&2d7?da&;`B_b`kTvWh92On3 zo_sWM4}S++c*v)+u2dH}c#ylw^RBIdK-pavU9PXwl@iucj@?n)Ijj7)=Hox#`Fqo5X8vs2 zKhZA$#XK=G3?I#A`hLMw-mrK73y!>h8=8wP;s~rnz-iWO&!Zmr6~S=8_JOx|q{x22 z%-E!ui#C}F2{{{D5uPVU)MQJb2^I|0aokxU9(6uPv?4u}$w9n-4GK+7jZ@Y>xwtSs zS@?#A`2d?8a{TdFZ=gX&mo4F#h){oE#95i3=2mGQytz3ubR1fxrkJ)|sF!_KdbaMdxBg zOkW&5kc5orO0&4X9|t+KM?B-N4}c;m>4|pi)WILLQQojfb;b$TtQ+cjp5j=;&yId<>XrTz7WP&(PcQH* zH}7oic{9D?eC&VULo||^`EEqkjY2KbOHdHAkl}3QI=_CI^Qw(5yUKwkC8gD3HBf@^ z21C^Tw;t}h-Z&?jE@HG2vh{?TaaOJ0RU{036Xq@YWn;#|?e>aOu$i$hVd!dy`#+N& zP64SU7j&rYU1S&RdhUcz+#aY<*xrKYKR|@9y@cP$H8W|R++2jMEuHsRX7i83gHRo} zNB4pqdIO()zOxvPR3-}GGH%_Ympyn)uIsSOXD6%Yx1@P+eAy$QN!V9sAUGlVRonz5 z-lYkxw%AbtQkCldrLaOQ9q&J1o;tfVR$ZSaRUM2jmX;T6vJWo7vXGWS3cf_-$yT=c zQeaavQ*+Aide^ezy7-s)11TVAIs1t^)_V`PU@(>36XAvsV_{7_p+HKAidW)5)wNp% zg5!n7nS*s=Hlv!f_1wUaf9o`qC+YvrT~>O0hB$6wz&`iSVz1*55HjQ(I$kA)XqwO$ zm1L-5Ne%mN?|2mk3}k|9#v_@7E`2$<(>u{!21g8Svoz^m9dx zEyL?NYu0=>L?SmN^0WiOc<+0)!()P6ol1E)HdO8qE?lwGm$M7E&E4K9G0rzp@-2WM z|2fkLOg=NC4@Oytl*B|-hpv;YxZ@(G_1|8`9yDBegzW1drW$Ts7x(+xm})raZ~K5g z)0F{E!>eKL$FoQyIZHX{V2afi%q_bVXEZsC^RWS78hi;8TS44To3qO->tI}~+2_>{ zgx!p=v(4^hsAr<)E?9e;UvW88JkH9Y+8P(HOQy~lxb+4uq;Mheh6OQ5zs^`Vh?shv zermymu=kv@Xt8~aHdsYMUl6yW%>Dcl^29$U+I6uyl`u}E=|Dg0{VImD>5SSbn%du} zWa#lJ-vceQ#NBo=+ANdw8(s6@Sp^&yz$@v%0+_d2YAQzdSdnb56V*hbXqh|cSl655 zD*B)-diMjU&ej=an!He=Duee4E8+-00{X|1X4fBC^A73jCA0b3Sn;`TTfjhhmqaAO z8?rU3=$A7R*|yQdez%r!K<~9J8~A*OAZF|xmhIdv#LI(%BhFGgsIcwBo|1i;9slZ3>nE%JqH89p0 zF6p$fZ8d1j#Qa=HZl$bsH4in6X95Nh|Z#bf-sN?wv~TIk*e5!rzQrc|Rxg^IHcHH3DEi z-6jWkA0qvSX37`W7<02iCrRBJ;i*w)g;pN3g=Y$8{|Y?{5@&T}!4wiE*0I!ZteXURrsMFV00_0#7AFPW!o5XPn>4@*ccD&%2fy zx1~G1Kc+-Kj_LoQ2K(s$P=iNx<2kWydiY3g%#W(hx@|JDAXfV~?&GhN8Fvj_@q?S1P zU3aQTkw)=~mtd;zS{I#brkWZX?UOu~y$xSzj_#;svJ6H6kO}!wZ zrGwC0RWwiJw^&FxWjH*!9IJvrI84yyW4sDHKU-@E1`mHwu~&r^A+GO@Q;huz9Zkks zNzaf74Bz##Am?P5y>`%xaVis*aOV&af!D0H;Qtv8t#xR-Z{5|A{pf#gPS9b4s_}7W z(p+hcV_5+TFYveGQm#R_#I9oRltdMp!8n@F6OT~csQCsYh$L*}j>HwRtS5wFF6$yU zl*mv-SAJD#RYfnN8wPICL5w1#mMS{FXYqjSzJO|SM_uS;tu6Ev8*)0et8zrY>uZg< zbv<$T=x$~(Np36;YI24e%yr@4;B9U{*x33mFVc5%HeS8%_8_(^>5C0xs-tP!8b(;N z(&XUBO)CG=%XC4RngZ&2G}uIG?gk;B(xax&~o_v)@D z`BD`6@3AnlYZ22@fdzV~!l|9102WiX#=&u$tmS2Hmbp6FDb=*JY@vK=EZ))3uj^T6 z@F$S_%7M}nX~I2y)XjjaC0EDum^8%i4thMaqo|T3wv#QA(YURDJMLgH#ZQ6!YqoT8=a&UZKJ|u@ zd>M5K#90>_wJcPn@Rl@c8*6CnQ()Q-;ZtX*OmBeR_?^SFIJFtaLBy*1Lw5X^Yn5&T;H{^i|)642o{Au2GsKt58#3a`(lRRa&TmdmwM! zyZP!tr2U3?var^N{zJ~6iI)q}e5J=Gi^A`C+=kLM2g|TxZr_=Eztb)uBP(p9BBe-o z`H|X++|8O83b4A5mLv}s!K?q6YnqWJi!kfsbX{2aTh9%B7*`->au7f z0!uhdR<4@r@G#=q`mSJ!N*$pQXN1hZC^T|qdo>o@KFN$35_y`e0hpmEjeD#sQE@!n zKse?MO<@ET6BHs_Jp6mKmMk(4+E|M`$@2zgas?I}U(W8VR!NMg+^;Su8yRY8YkCn2 zFOoor+5#O|5?GOeidE$N`h&5qmTZmA6JJ&7fkp*NWpNjJQJ>16n`E}lKV8W6TLcvh z7{SScT^`&>2+~|ALTDzHH1eWllxcuIk(&aA5&jB;>9v*T3;lE?a&NK-4Ox4NY^da< z{Di5GfQhUOw`$i_2Cp_AE~{rBUJ{s~fNE5fkj`VWZ@6pDdW&uM(54M=ZiwcecP>q&A%n6>i?IZgu=v~cYD7!ubIuR zbXN(+GbZAtn&>KvlIneU1gK%8%hJs0xe$RbxwJsj_G>`Av`LKK2d@@+B z*=EJ|`Lf_|lv|PjYD*eaiWgKWXH?smyaYqdwd+CDfr*vDE}86}%l_J-LV~uxM~^Pv ze_aw6X;q#w@=u{*&PPU?eba*SG#ujq9XSSpo zb;Gq;-?uB;?_~sb*ES8N{M(-~+wa*F8W6Zd7c;h?LkbF*|IA|Ue zaVA_*y0F{(U5q#_pJI$RWNJY|fwFHb0ZvX{lm<0wnFuGuJ&%VN^v!e(7;LlI5$Qty&?KMQnyR# zk8om176Tp|&hh@$mg&MDC}KYoPH6UTmJB z>$0kDw^2H@^at31K;_o84OhiDNUisg+8R2u(3 z?6w;dWBL!Il^xGv`W5%4ACdotuT!;uJB)8~qSNy7<>%dkd*`kiXJtYVi&l!;+W>DA z5iCaD5Bc+HWZ5@K6tpM)z{|PR3Z<$ASUkD(&Z!A^n*(QqPc-m%@VCR|&yf{2nN(gT z@dEtnrLgwH2NNN*Xz_^L$cW!zo%2r%^&_t$#-M&pk<{s z$(6`+f`zoKz~yVR3MQVcDO>7f>A-UkE#o!LI&L@d+R33r#;sqk-mJ;{3?Xh!V(+;Q z?Rl6MV|*V^0^Ye$*{j7({1>L%c}5y^HEP1$49xC8!>9m1M35SE_y{$}aOagE{m<>P zf!+wRJyF3LR|v+75FTH=;TkJBkYTvFX%1Y_P|yOQo#e_KtY<9dA@(cq@VmQprb{itEmJv8G``@2edeSK@uKcWj9~3&~#D31u*R? z+Uc1&p-V-9b?^=h>CkbTT+S50gI#_8l1?n8~JqUDdZUM{V($Zo%SKXWqYNZ|*@Skxx?>DcXg$*CZA5#CypVl1h znP&LE8nH)_)z^K96unMA22G0|xRE=+uB2O`NxmTOqEAZ_R9M&q7+95N;p}E#jNdDC zr{_k@Q%s$}h#2-~W`ewyh%ErCO4o4XX5iN!UCAj)0Ycv_RWBM4>HbTlZI7gaECu?@ zczmUdgaHSdMHlVVTC@Sekt;Hy9sCBJ6UsZsKQGk|2Z?YEN z;0cVS^sO$g!fvA*A3WVK7`R0D=#F})^Yz3TaR$H#kgVW)h1gsiEFrj?IHd$d|opN4Df$13WF1Ddl_->43-ULjOpe#9U^ZbmMdr^14 zYSLgJ`0(~KIna#5QQCSYJ_QjLv@p>9?#J{MO(hIGfdQ0chr28nOA@KTtc2i8;6!jK zk~1nMYl+c{-A=Z_G@XAL65{X$9Vn@1 z;sMf(_Rpr8!HOh}I?L0G!vVk%+>$(oe-H3}KJnu#eMJ^u701)0Tn$L(JwLOa!uS&f zG3TvMS-IGwvAFo$d!JxKkYTuJnnZ#3T`=?udcxeA=Ma`%*S#H}*!r5EE@YT9)?_L3 zYqa+2ZA7eNU@ljcghWHaif@0W9u-%zsY?ktBqd~b!LH(vJF9^9&+*N3KbQ2PpQ`Sb ziSh{-MFRn6Fo2<^Cgf=?2E~fk_S2S_t?32Y=8xnI?>A};RtAy zzyiSQsM8fbH?1iZd*`Nf=6%V&E|hRuNMqcB-+bW~B4a&FLXkB$voK#;TEaNpiQ$J9 z%{Accb(2UPL-NM+0=sJ)vjg09yM>?_ObO)wS1w$s>;FFbk0_Z^mOgIszbm+{YP*5s z<7ehO)N!WWjmor9PG{T$n)pe;ya5uXk*Qr0akbk6Ld#RG{}R7_6}WrepYrc#$^N){ zg7>}@WbBhUn46i4JoP*%K?yW?&JA2D+>-vvCdeHxJW^m@o$^eJRd<)FMknCMCZk>j zdN5)L4CxY=!(e*8>!1m7Zf0GorQnwe)fOj%ax)a2mf|$v&7WXiPJ@Dp(y;A2zS@&5lf$aXwiMxlQ+fiz zg?=2wG9jTu!cnr&`LdXcuq0Fr`on*!mKuDKO$rh)GU{@_5`emNc>*X8q7F13Os7{F z)C8szE8DVCW5FZbxz8zG?|f&Xn~aW7{Jkl!Dbf4`f99hZGDWy2uc@Fv5V475lu)ut znBapD{KO(nM5Lx0%+3~?M7f*SQ8fb|t+_-w27jFsvXTXilaDm_l7xc?5{e~xo3&XU zTX)brz=N-0`IKaywX!Q(g~p)GQ~% z5}9vu1R}Lw`NKc&>?p`H8?8`-^|CMsH!%u7a?&G9RaOOwnf*eNCkh&h3(8XreodOs zeMnjPSv(2{s*^;EcLxTWfWm0?&XzgS@s6skHvvK=+oh6$>J}Z=EQ0DKqhmcg;{5{*QR)rgtF#NrPlQ z*IC-s8-C!qdQ;=V;6z1johE5hQ-sFs8cP$(*KO&j{jcw2?{u0ishH)-D%SJU$~##3 zxQb{bauT75NV9Crw01pxw3y>v+17TK%TJ6vEP~`@mDkSvC|2z0nZ6Ia(+Z2`U&gfqb1SDwo7h^6$#XoXNEzt z5oDjkFi@Zk1Dh_{`;ry2dYOx(CqJhReZ#Y&Re^nG$|KbxC)FUAly%^ag*n$fjh)IW_JFO zWbp82mtB4&S@mNo%Jb-1*)ngN{ytvEs(Keb{G1XDuTd|AZhtf=*uNL#Wsa;qntYgwKl$%Hzm zk?XjyyyW<-lHax882PzzB@FfI{j}qmG9dqC*avuv)`=78xV|V<5sN@gny0}PoTmAu zw=%e1wexmxr;T$$UFXppUQ$K9yZi-pA{gK5w6AKQulI}<9LPR$c1Mn00R6NYgT3Pbc3F|ah(DyG$Qx0L84n`g5igPcvLw;SA zwV_9|ZdJz~@KN7@YG2q2N85hJbXx zjS1%gsnUJsg=M^IESU*0$|JmT0f*Z*UJ#M&5xesRi2r=jIx1e~{{` z;{O+Sys|Vn{#sgvuJ?IZW77y$bmaJ^9q3P77*iQYv=#)qEyAkcb8@@f;*8Dcd!4}Y zT;T84jgfM&E`X9uuQoi&3jv zU**am8weo|qfKyK!7z50b1WICiXgQ!-3T@@SkjL)ZsE_;k1qi?DnUG8GiSc*+Jr72 ztx`3qd_`~&jZowBj0Oeu>ZqHtyi6006n*`?xj7kGJy^0FZ@U3M0k6REct!BPvyQ(V$ z635J8vU$HJa3xf-(!fZX_X389FIIjMhrwis5dDt*hETSM54vcU!S^b@Yr;91hE>*; z245<6;)I)Y-uR{VIIw&?vPKUkfJ``>6EYg=J zY(E4@>sHM*WR(#tRZ0-)kQ3tdD(VA|g(SD2K_Vj@h^Ih>Bk1cGIK*+J_vy7p+}xmP z;fnw!1X$sLqa_TE_4-hajt2wJkuigwy6k7(jrXc5qmP@=JA^w$x|Azj>_z(28?z}> zleXT54ovpJ{+haQn?zXZ6i*i~&)mV{A_F0Q0}lwq6cs*S%Bz>F4?be*0D z&ejA5`^V{2>JT?R8?g&A_^rG~gsdH>whFHsTeM=$N0Ub18M*L(5^bwpmeItqekoFUeFHg_8!y+! z!h+Flc$r2_8+r;9G==Jx!78|pk3t{rrQ(HBO1me;Oh|u>TQ@qi?n`hZCFM()7maUZ z*b6;8P@Kw+g$NI#l9}!b8ULm*0jt<`8medE=>RW!8@6?>bIn*gtLJIkKde?FJEnIE zL5_bH!I0++>uoJSDN;V25#4Q!PJC&5e&lG6xYYNd_ePe-?LOhO*ldCD`}q6$O9gxd*9XyTMHENl`s@7ZsDhSceOG)(`SS67m>kRWnKxoE3Qa+i5C?y*|5 z)(+gQG0qJhxD9JI9^7%NYMc1SdQ zEU?mj?$*vzXI%`SfFb`rB}Q$*ss^Rq1in;(!qc%LOh_?B|3e|U!5aRmFSaDBHp78VL8;Z{ zN2_7r4eh?s5`2Aa3349E%1!=Y;ghLQFPgEziO33Cmg|!0n8}^7P^?-kTRdewaRvD< z5)xF_d>@JIT5RDp^nLL^ZwH94g1WpBV|+(hJpT%GB*(>}`aKj}-Y8W00gq`)6LGXT zdxv)*?~oo)pNEyBSl0ypx1UwIN}I_U5bQOvPpSU`5HUj|$6oU0lr)%oX`h`88iRyyg!1W!`Ow zFe+hzZ>1b%6ANe7>~qVQfYIh!uHPFQo3~L4J{gp}rt|_Y?})rN+a>>S)Ha-k(2;{5 zMF@*D6*_V%l9ewXjMUJsx{F4JxhWePL^^gQ^s9)=ZjbWfLxY}&Rd&XwftDdCK9>^; zhkBcBnOP>Fg{{Y*1w+%pzAl*UD+vK>-o#2YL8;N0I1ox#7_^v7w23csun(vhd?G(J zt^N8vHMm9VW>%u}F)J2>`j)K%mgWX1fysy>;y|pM1KQfIjnO|ZFPEZb`O5M&)n9D1 z)`cGKFz5ueIpKO)#UB(CmIgy73_zGlK!-Nawp__<9+qfS9GZOIeT~W%!GQ=7!ZC-- zNcoK-SXz5A&&8+|;2few;63zTsoc|xYXZ#i4sQeMjw+Epsst;cO&%JuT5?tm10IHy%Lt$v^~Hz%;LKpBwRmBMzKyv-?Z#YD|k0AYMs zyFl+9>1&%m!Bx%HQ*3r=Wf@{R8C~!(=C(_{JLlTU11D8KyRC7zc8yy;vP{88D0Z+1 ztS2IQ@IkYBI*R$|HUa7kY+X-@aUuavm8n`i2GGE7p{bL`I3b7b2ss<4x@*8yg@<58 z4jd;8jUnnA|XOr3=%)qYbAS5Nt*>jT|>Jv(2)YwJWFpFgaf737a>Ryz6`sywd}PxBS%j+#PFqdnxxy zR91PWto`pJNIJEb_(vK0*MsnT=g$ZJ`&dfe@Hu%s_ngbmO@k+rrVSrHgO}N%&o>9^ z^hUz4u*DINw4L^YSEysxaWu75C%xY=vQ(<2Fe2dKig?kro+a$7s+7|_tyNM%Ocw(C z_(!&xfun-hMF?+VdBSoCQ(EJ~>anxXC+rt_e zwJikkQfZ{kR4c5yldxba=*qAxiq78YrUyBHH$cY2W=etSr>h_TQdw?x40X*NOsgdQ z#iIAKTqEDBt@&>WMMpn#Ljx1j!iKGg>dw7nHZnqIu79 zKg~d?nnTGQFj$_-)jrA*8l;`Mq2_R`cES= z7zcAqzN;MnoLApP(B}!EqVFr_PY8Q+jg*DpG1Q}y+TpC!1>}eCn-(O_K2)OeLU?%m@ncq@Ot;@vx6nkINY1m) zI=4QNLcZV4L^Oa8K@FjPSBtB$UQ@h=Y=M+9>(5UCuS@|70UiWl{ipcFtAyJr&$xw` z@Mp@JfA8U!&|dks|4#q!H6S1d+4rG~o00R=hmTFIW9rd=>6p@S&X&XRX$dVu;kOz> zNI{MO!=-ix?~FKl7b?hxA;j|S3S1Q~euJY(cl~<)gxr7)0RzN+mA-~VcXQV?Ot}7) zIHTSC3+RPe{EKd6}U#V~jpFylShMmGC<)6)#` zBT_)hTmyVooK-UN>|BUbzdmWTKU$N@4~L3G`FqTABhxa4PdHCB~vYzbx3Ek1@PT3Fx81olj zHMXqe7gDFx)o$d8HBHOj`7RRNp@vwOWIoVXxa@gKIJ_Na^WmC^TablOPcd*a$MnjS zwrp$ExQ_Hl!@<+wcj-DW2@okpN_$vd?!6UMN6CV0-;EJwNX==nuC^x@?i(|>VWprL ze44n=_*F3HYV2OJP^R3CM^qce5_2kU0u@ArkiH9; ze4E)Bwd;tJzX_ZzN}X}Eo=Qv{gCvkZhk(=QN#C&Za~yj3#lsB)eu9`2StiwJzxvY( zm(Idn7M>Yfx^Z1%=bhZu&Z5KeV22#v)Xqc7$);q=+gDEvNme!C&pUe=1-BN?j+b^D zQjv=y+=&njHHXKkC>S+FaF*F%iIs~xmgn=X{7yT(zi{89ZI5vT+*iDNsDy9|n4oS` z?NwQ;inCl@R&k1gds4^3FPl()JRt4|Y>%^%W_h!qh~^QgwrZEE6)GGD=g4@&fl&q< z(eWhm)Z@fNVfT-@K%hqUJ)Qpj?BUHy3SW*tNVxX)4xiHlpZ)BSeN`In(92BA6Yv` zxSxiSg+9&>{lAq0!QaR~F_Qn!yL$f5yL$R%=Hq%~8Tq{nIr}ZC>SIY9X3aax<4szf zULgIj|0$psA`t><~V^^r7|n5+FAreP`5 zhFT6cGqlyuFn9g2>z3MXwKHR?W4lGS!;xdoHRrM8{yRh)QogVNgV>y#prF{+_kCak zBaV4)4n(ea9J;d%R6;3=w&Q$eKFogc?C$Y? zrp~mdQWEYH&N_QW7U8~G-4>|5Mr82rU#@RF{5NNE-mTK}=_JxU%s<09EuV!epC>e?rBP`xgU`Jhq+OjB z66s!y;H)wN(_M`6UCv`LplsTT4QmwXl&P?&lHoAM#6Zmfc$ywa{0b)l<-J_%P0GTL z^~g*mSK5&F1%sxyTU--zWjy3c#CcpZ+|}hI0xCin{>Zho_SNh}7d6JW^kpg^i%qfpCwx|IFO8u6{wzbc^Bz+O40axS$YMyCoLs`I(GYE>!4yNNgLZ5g8! z=`CP6(h^Wy44WSh_9@|q;f`@ka*<-j9&tc=lrbj@?9}DJu`CIrWzjAI{3I<;EGo2x;9UUHyWgYU3CCQr!qv_L+t@G^6tnf*3Dl7J@E?E{f z;Ume2$1IOzVc8AkwkjZz`kc)Z)E!)!Ry}s6AKjEdCwLKCr@>(lT7AjkpU1nF0Inf5 zK(WZnu6LpqvDq+q*1*@SqOX1hk-N<>B%brr->~hLr1&H;Nv#5BNus@iK|A!c#Z%e@ z-H(B2A2hEsBZ4`&!SYiZ5r^Zo;DZ=!6pz;x|0sPaZ7}ZdSLQ z#Ez;w!$lia6BSV9LXePO^^P3E z|9oukaJS=^sO)|~-1bk}CihR;#%Bl`Z({t8$Fi{X9EiLhei1!4<{6)KLqIoP?si{v z%$JyZUJ7)D)qUOv>-w%^wm+#=?XlT^U^BGrXLh()R-x12Dkw*Yh_NL&$oiPW;wPGTlLoqczW^={yV zhQoZX(0}x~DYh#ENAn1mAXo2o(Adi^CA$kw03`pyUc{L zPD^7yNJhauGz6(T|LiWMV{b1 ziMqaATZhlZDe7Q|us)3fV;$F}&Rn?7$;=31TZxVR>p(s{N*7|?ud2mRBQC_!H z@DWqZm;|EAb7#b+YrjNRb|OFVhn)u|8q}9LlLUyo=nI&{ ztg{*ZUYhzkE8}W9MAL=Q_V5rt$*l|_m}Bl{VB{_5bz#BNJLaOw6%lI73D zC9uARc$Ti&gm7CK&%Jq9y3k?gko8*4sq!cH3Z}>pz&RDvexQTyCbsQ*Yl?N{Goiuf zHL};Og5Lkh*ETEv$=8S!2~$(k-{({Ky~hvvU(Mc%{rgw3c%)qr@1~bm>_SH5nn*^ic9p1ELl>g-ipWKitjap+H#P1`@yT2eD=w027(dh`Oiq z{XvLcwie0JcH0o64b>dWB-7K&3ylzBSedI+0iwu-24!0^$=foO+-1dcIT@H2(0j6f zwp5MJ%r-F^>bvllJ{I+g#0fjywb6T#2!tN}Yy>IUTO+H4`EN4Ax44j`gHN$6Uq~ts zYkUSI&!&Nb?7~GmO0!#KfAg|Pt+?C1!H0P*cUjUJwFtIe{h;xiPls?B>XJEVE>>$~ zy{Tr(aOsD!EikNYS+1z`S&@jYSE(nKjy$^v%MWj|AhNPa9BeqX+;D*YctK>fYx_A! zk8ioritB0t=ROe6gcGk+8k7O>eqAcb!lSfe{{wy8l}%C2L@9dh^Lq;&;a zfH#TZiI$j1L(mbO0ZuzdTG}}=v2%bJQW>KSpihHlqSDYz`VFyh?yxDJ*4C5WB^jRg z(+G5~Ud(_5=4(Bil28OO)Vwuf@gN1PFL;9pCdyzIGR=ibYFe4&I%39B%dX(V6AVVQ zcCc54JW5D2$ZIiM$_BC^=P~OPfY7kZ4`0^4Sm8XuJk|bkjB9B~71iTbPOJclE}5a8 zdtErCi-uiNzDO0OMJZ|%LxxNUhq;?<3em6K1&=5nvd+Z4-}ZuuKghc}pRlLWQp@BI za+?2j6+PH@L#N++|A|hk?8@fAA<=&bo$`Ctsq&t+2TeLZsp7tsZlLdq*gjU%biv#)@0afMtU?)cd4~W2UPTQ zwz)I0S>4EY1WB~i2^W?86t0O#1a>Ikw7u0!2S^~m&3<<*YdTL`*0R&N**WP zn#=JbRuFjS%y#LOzR3Q4Q(M>7v)K7WLex|m>@c;V%1~2%pa?G?T7N}BQ$LSYuk&c# zf}SYMhBs{S!M!l^r(g-mDD&`o{yn7oSQV;LUec7tjqFq$^F3JB8_C_EF53hP36z#q ze#+V0E$nY}GdLtZv|Q^+TQ?Ew{<-7z0P;zVr$4tJ$5~Tjz^S(KD0MH0sJy*S+3hu@ z_$7GGLBk?n$QYwX?9kkGEL~6!In&gBhY?|Dvt*$ZI3V{jw@TJ22SHGkC+YzNU#ydC zQb4JL6_e*=2LOpjDRa|u@_f;f&>K9vS+$5E)-#;1mA9W<2hs^o2;{xF(!qO~BY_i)Xd8_4dXW5j;**fs9sHxSZ zC8^Ik>7FJp?RTRpc6DnSU@bBQ>dILgAV9m%Iq~t2;rYuEfe|`j3)2Qco6%AsJ5RLu zb%;swP2sNBF}JGNF^aHU$BbY&3AX*}&`0-S1F{bGrR&Vbb_+vEwij=(NJklFIza(< z)YsXvz_7jmS=%W{M|UfqG)|kvK#H=6Xv&|lTx_O|&e|pkt`t^?$uW2J9i8hcQS)#( z8NWfQ6RK7Q0;61c>r(b~mqa+QO!s>zx3;0H<~iaZhr)?A_UY!flJLn+hRh)AZ*{wP z8uesl3wS;ttJW4Kqc?@Y`=COcveUwCj;wi6gaJ!%ss3``E${C+H2_74qF;m#!xko} zHH|IjJfYcp&(R*0Cd$zz!NGzeE|!&yitLRQ^4aKOr3xcK2}-kX7ch}7wjUs^=^|YM zXKtd5!SI5RZrr-Whv>`k6vOVCb7!~v)Mr|GBHXQl_P=JuWdF~N{gTk$1GC+EzR!4{ z^BL9TG>9wF6iOI3rv*tOWC%wT3<$X7fXxV`mYt_TAIS^U?wITeP8e6W9-mZSuC;|; zb+<7ex*$9gsE;W-mI}(1D*dWj8VBr7LIOHaVZdR?5YlCKrMkC&xZXXwsr*i)c6Xni zS(R%k2-$5}(@0%^@xx>Hc>uY0_;}o$C+OX$|Nb3WQ5(~$_aMshUFT#s*Rs}GF@qnh zwo?Ib5~rCin@>XwFZj?g)l-~PbF(^`o*j^&*9fNJEHjv-!v%G3n&qgXYP%;4ccne%{Z zPY`+g!FS%ia~%*pw?ou<_&0^Zr~rDX<>N(XiIdjjJuRjib-MH~ES}$Q6gEEM?vIU1 z73TXlVdcZ!1_8to$udxUO1AlvmsY4bLkUo(Z8JM zf_xQ-!Z(Q~*p3I0eWe|{R23-Nb2d;RMgg05&pE3X2WH4zQANI46_Mw3x|}fy@?3Zl zQR9Zfwa~{NgF;yB=8r8Fv9w;l#`QgMs`)sCI{DW4*W5N+{o{c_LkQ@ zmOxVLXwf#dz~SY?=g`n3z@yonVXa2q6f>;!n`4rgN<)&e8+TLGr@EiTmi>Q14jP5F z(Ahen!^}W@&s|-(2Q*K#r`Jfpe6s~%OO)&QwDf+Y)QxK?b}fJ#<+}v zR#2C7if4Ob8^iIGOw_t4)Pc4GAn#8sD1=?vq!vi#UL~Jb;&SxIj=p&;sD;y=T$>-> zVt+PN*L|7(5B_ofUTfMfi(6Hihj8nnWyeSPhl|ZIJ?P&)+oL>bm5@G1X_R%jC4yhV zJ~|oiolZHI!J-IdIrq2YE5fw8327a|^?6H?Y~7 zr5?3@GTGTQi)YuijkRFEDRKzX)4v)Gffk7SG&~vvmZDf@1i4G&3Of3R$U-t|S9N29 zPlc-W;f9Px=ZhDus3M>$;5A3#JfIO66HGVU=`OgMiQStk)W98`7+*rb(knw$n|hp8 z0PtPDl|g|hW!g*UgKly3iE83|Y37o5U3B)mGf^n2Q|2G9JwgR`M7QiY}ZPIpvm|0;#Xtg#$OX`J)DuzeX2<49AU*8&iy1zL!4qe~-1& z8z|};@D4wAjQ#Fc4RU(}!n2` z`%curjTxgcgq(T5?;#_TSU^en%URi=lySb+lOg--Jpp0oGf^DyOpkg|C^0 zaCiFdLXA&u%DGOXurt<4FU-#L9oVmY-^h|06>aur^*C-8=oaziWxy1sp zE~SiPe@BIwbCUrE?KXG3*Ae>57x|E^hUN7l)}jE)sndds@U>3=KWzCK-N;LwuJ#9^ zWGJ$NvA;ZK6@_Z)$${*C!q+GppT6o$U1EyZI#cJBeO^%DhEpl7VH_a1et}) zHlXJ()JJInb+%lGjQJ#cMr`KhmCSTU%^A;e)w$pyRNxALBsv+rDY2zKA&sw)Yt^_dL0DND#o7o(Th$S_LIA>mtMG)w3akI z$Cpp``Y-NN+wY7%I3LNj>_c2~PRcFIvx3G(1rqhH1Vb=tOT%E)J+4%Lw8WbIzq%d? z_G-|-MCPs-nMk;xNeI%wYk?(>+7RXprv0w9D6Jc4D3h8-8;g!R zDmJZWFn?URRhr+D+HZOV2)n0YzUy&XkbVZpb5)3`PI3(;@hvt~xW@O<@9Bm&PB#CU zyW#JNq5vZ~#;;vrV36KZ>^U{G2zp zerl{{>!><%13Z%1FihQ2xh2lvF?5+=3q18jzq!ds=4lG2C;t^laB=e?*`1yo1ok&& z?aqUW2Dj>QpetW&kEX!P{)Rf=iLEHnA}O#{m=a+&jLhnr0TUf&46^MNOXgJJvV z;JG&_VCq{3c!#YU>|?p8mU+dpzVchud_pEgT^FG=kucIsF0MG{5D zG7M_h#G{i-A!#Wbh_}l{KT&fDP$0xgff7xjzV);XtCF7uS*gpK{xS?(s5I=hm&d?Y zy)4X^m$u_0s)56Eb$D+t0=a@er`qJ+a>c_-oVAfVB{rrCr%s!P9efRhpExNGXR^_Y zoevdnPj8o%WgPEv&y>IaHI^GG&i_-}qD#YECm}9=L>auDjB**on>gpN8Y*$mHjnaR zPu)A{VK;4UW9jNHCYo|(2RnSHVPz%@$%{U!HYim29?s2XW&k$pxYX#3U)Mk(hZqch zu#Ls1t+zxodS~~)y~030K<5q5uKj^3Kg_ECA?lnTso7lme0g_>(O$S$0PpE z@QJ`1YVLE0xH2u~({C<;-9}}3^XL6%GZ0yXdp1jecyMa3fOrcnxRzj6PUwcSAx z(WgBWHGL^j6NY;F=6r@#&h_V?k|V>y2 zA!}d*cjBk#mquF#&^v9r%*kQGYlEyJHHsyG&&SMPLc6c5R<6YuycegU#Nl=tt@ zXRvn>{w4hV6&~KAv-)KeaVQajLwSFIjF4@@Ff7_a{q2Ev#R1mt1mtm8_3|ne9IIW{ z{^Pi^^ZBdCq$n2Na^peshr^Z;+1);IL)=ZX&N;huS!&`8l+VZz1HPbLk!yqDxgOqM zvE!Fzn~UY5(!(|gq1h|G$?42GaGwX0;=(UnUuO7x>0a$#ahuEr5LCjxu&}TY;N;|U zYa5&SB>rARSU_LU@m^pf=<>phZI`z#k!x5Md^Y6OrqpT`E*}ko45rnu``J{H=Cn8- zI+?d3-*z#zCbSO&AgMgi+HXahxx0a*uQn&{pz@P>KVP-6r%G7P;WJ;m-g)(NqW>hj z-}$`L?e@On&`%lo2ewY5eqOrwj~PXt8kp=q&EU`WwpH_qjL&|-OWVctO@(4WnHy~n z#2UnuO?W`qWWGg!Wmg@$1GNUJAOs^KV1TZ5DhwFlLJ6qokiLN!rmCU1X)*irMP!L7V(~3f5yf8Umaw7?OXah>|1(SO zW2?B+{y0#AN+ucd=JIaZaH-!=PP;2YX|7-|+~*)I&2iY0l4Ubp2wG_WVF4>lOM|}H z(O6t_i+g-hLGnVP)3s4f@bQ9ns*0y7iCO4Jf^vtf)LnK}PVNIkK#9w0lQBaDHp1i@ zorsQJ23V6;)9?o$v>;@*^8wa!?ERlf<1{4~f}c^{+j_@z>Gsj$;0l2mY7F_MO1(ri zU+sjO_Uok*dTjyDA2OX0Um_frCEz3|IsWhp^*N^3ZLD0Ztiq%L~gKq-(WAhoh*3L8i{5efJQ=-aPKvLH+v1IMvB?6-302J@ezKu;Sk0DsMCpqY$+4R0;D; z;MUC-itYQg)}k=C*zXq(@3C2{b+^<3_D6Ze|16JnEdP}x-!)lvD~R6u7^ZoSz=@u~ zj1QEZyIIYh)PY~{=7Vg(fHHL%N(GR;6h#_TfFCF$j+I%&?|S}lgB|y4U_$u z(Xh|d+(`E1St&ps#OCQo#X|VSc}0E$-aiW#9Q-QYb`{3s`3TKFhMwn4Ved1NRkmdQ z6z}dAP~*G5ko~ujl7)HJ_$CgewR%L>eS2zns^xATn>THG8dP>M*K5sM05>O+Kz$aG zf`Vz`k`MA}zMXc$KkbV157#I7ecZOq6xMWr2QaEgkgT?QGql*Z=frotm4jjEgiCW= znA!M5`TGq--?Uss1QtcXQP9y!N>P%rX9N|%F34_i1Oo6-guwjL`^DFAg1nt9M-rBV z^MNJ@TizNC`3zySt1HQ7$D}XX)(;o!q6_v;?{Q3xVU$D-5g+y8V#*Fuw0u^fjt^Rt zKBv%7`@|Z&t3%V5(8>-RR6CR0Ky9jw>DJnl#z|nIsG!5e{&QuIEl*(&vWkUJGkM_D zoR=d)EfQqNa!!@XuO!71{Kx%Klm@#(Tp017wX>D<4>l)TcoTKx`uPMDpDiRKU?H)K zTNAIsq<)?}q}F2#i{nIa2<|So=R4 z(lz^u0y-mWdG8Q2Uh^zJh0$4sJM_;dnWaVwG^plS7K0DGShHk7)vJHKg8zd~vdKgW z4;zz49x%C4G8a3ToF*D7j(F0c+jsSEm3SxXyJ!umKRW4_YKg%qAu=~>A6D}=EKFKhu zFcJ@qyR!2NdjXl^<3+{kj7`>rr9f3iFva&bonJ$pGMvOY_o_lU@#!8-p(D3TB)lnK$Q!0<34&(k(C{h_G;BX#cE1&imw#fM&A&O1Q_P@+USS-yo&D}q?o_+0aD;{wsM#pBMp8WmMp9Xcmlq=0Y_c4^M0hJLa4TrTo>`U6)0 zcS*dU|GRkA&vm9t=tcN^I&NP~7(In7bkLc#0@~XchYGS)DZi<9cPU#Nh{D<5+Q_ih zn3d_uWZki235m~P_YFbi;p{|kn*HYs3=_F67Nhe=JfZ!Su84Lkoz~U?m8)Aa=X0@f zo9hVw)pp}iL@%3Pj$3clDco1>7l~*Z?P58^xpNijz&Cl{QNDsco9p&Zzdrvs?_Z$I#{#Oh+pP`}x&T93%?tJ_`F!$fx z*+${1z2-MG5ZniZuvO*&vNTt`CR?fRuk>fT)Bn#fc0IYBx;K>Gs#b0yG zQOk%*abiq-^K?`-2GgLv+V`KM@WsD4e5xz1_zp@bU#w zU>9Vw!2n^)l7P*i0tyaO#&+9$<4FQHZ2V7w9Cw9=mVqE% zMc*iyL+LIu@6e?e26Oc+v%?sGN2OnAk{V$NCrHV=cvnX^U5_ z`700YL)?_Gb)BFmdy+V?25qN?Q0?Bc>mRE4r(%eg97#Z%gK4?(*F@VgrB@R)Rg&E= z4%V-Jy|U`MGsob@PcXS&!(#|j_=O--#Ol5FE7bK+>6S^8lqK^6Pdm@^sXYBjI7bZH z=~vF>sW-}03N{H0%-(q=xQz9%DiExRrGP5ZX3_li9jf}EHect2Y=$>wSOk-DonTx9 zzy?m#Sb`e{ArwFq#`+$>uw54$PK$SFDb6s3a4SK=`7zi;tIICHe$9kM z#M$skvB+cgq*j#AvRJ9e{SA++OWJVM3C! z!-cZYl)ua;amHB}CeL%N#!U`(!H^^us`Z|?wJ(LAdnjmkm z6a|?KKSX}F-cO7f#?GTk95Q$Z_nj46-;asGcP|>0`G-A(K}2C>A}eqlw30=6+H3+5 zxISuTZl|t&(-z_d64V8*CvnVZyopEvok|(gA420G0?y%E&0T>yFI(6e7%2J>n=JJ$ z*Y}T-N>Rr6$uj#7ZDXYdI*4%v{jIOrwsLJi@ioh%@?V3=mg**Gup(Gyz*be2N)6kv z$whoxoKp$*D$chDsHu;w*YupK`oFsf3w}xBwD=;1`{?c7-Wr`ol32B+V9Eu%Bq0X* zD*0<=MU9Yik~M_k(fFvhs&uG?a0>IsapE^(c&(L&bAs5f%~!&Y_c%u1z;KO>#P%`t zlv3UIPtlgNR=*2{Q>E22@~Ejy;$}52FlK>pczA0(0jF0K1o+}paz*cA^|2`y;1z=e z={YtV07tVh#PbdjB(QT6-hEUMd2$qO3m zmkUcv839MoIrpg3A#+?yH{Fb74QAV5hGY>FXu#0YIE>af@ zo|&%zOJh-^+1>Fagr9_2#n<2?M;nP@^_P)eCBM;Jnd`FAzq8Nni zz^!8LefCJL0LH~;T{!qFvMCu?W3!`}CS@}euQ)}5T4VT{^M3tBPX+dU0ow%^qgfn$ z%5S+^aD?x%%Ow4|>Y*6P+~a1)Kj%ZVP=6H@taeg{xS7RJGy-51O90ShU{-3$1Xtdl7P!?xCM76rtx8SG<2aImgJwu#88u(* zr(!cRB_^F75s$$V%VOs0{bW}9N4(eO`V>K0+^b$;^Y|W)E6s6APJONC1Wc&xX=}^d z^Pz4cc0$oIN-q*qyh?<-I#iZ>n}0Zx{ss;*B)RohASHxfkzs%w&QQ%y45JctU5n2p zy0n%ro7@luE*BxGaVAF&$mjMOkqaDPoX5AM?yh(S;;GN4f29+2O4(2fi(nE{WA-@* zOpzwzU>Zf--1g%TitrKpLG9r?^5YEJ0qxT!mRXk!T2SPLCrj*7l(2gK2Kf%xfj}N?aAN!05R49M$mDTFojLh;?EVfR3wD#MY7 zuEACe@a`2o>n6N$&{rG>6C8evf z-Bx;T#$BE$KP7H%eVUDp3dL^WwGArUd^eP^5I=+H*rYh{s;09Lh4JBd5mfRL9@3cW z(nM1!WP_4GXRn`)uJSft7BWWax)7l{Hy%Z*lpQ4>S`mal9w&BASoB{OC6gMOBE8>8 zt<8M?QUinDl2re9A^dFt{;O^GL{OMpqo3%xj3v%|uB>f3O{Bj1_>(~Dl?SLh$UYaH z@3+#+^$pQs-GI(RVf2ZoM`%#nwlhjxhF%rj@K2F|e(qzN<|a5*goi>xL6UFtuD8_R zqJZ^Z%Bq9!c|mb+&>|QY4{y&||Ba#fdVQv^PO`+zN@hwWBe%-wq@?O?cSK+hdPgAb zy~7=(xaEK{E%y+q(|O_NAgNFkE(LCAnlKEDzQlj-tJeu4h+7kS(0Z}z8$jdtiO&Bp zUTXfd!eGBDqHL)LQnw3#BWgQj^g;p~r-s#13RK?&KRq>84>C zkK?z{oFViXx7z8e-eiodNAlO;`fB@wX(Uw~b8F~=vH7?n{X*k;nHi?|8cZRUL3=2O zSYkiKmlBw&eQ+1k@Rudb#3zc@cwumJ2@Q5Sq(z|-R=`XgZ7>t z^z$ha>cgJ1OwN&sq!RKIaz<>0yJ~?MCGij|jt+d-HA=;ciX{rv^K(m)2W=oU1Uk`^ zyGcPBN7pN$^JU5&!~_0t+kP+j+-3Q^>)CX=qsy+h1IT+F4siNyS%KajXQyXCYm1*( zo&)z&_yz735#4)V#&a-vXUN78)U_NRpmzq*obk-~}h@8^=X*scb%F#fDW zObD=1q~EL3iCb8*WxziEQ1maBNK*?N8)+G>s#1oT@3)!bh;Uz|jxx^mjC+XjE~ zejM81EO;h$RIpNdZa(Yh&hZ#C4zGrMrn}5YIR6u&(BbON9YZi;_}9@|V|7E4Oo1Rf zdp|DAeuM^#N^N|U%r~kFnjH}6B~GLFQf92NF71Q#)bNX~u*mi=(4s-+I6i-^HW(oj zGq}seJ(JgqN`%*sl)MB+DYGo0{(RrSNJ54@(!^As1Mm$*m*13>PUHa2 zfonH%T`WAm-FAb>bYv;me9)UjS0S@z4HVUv_W{~YIK}#DJ;ofR0)I3PgN{I|ORMpF z7$*~D7xWC1$N50u#X$CfR-@ex8C%&3{?k-| zSdru|G=v`t(X|wQn%gRZ4VQ@^PPzmQ6*>1}2`w|DBRSmpJd$vxANmfK40rWe4vG@_ z(2&~=3pb^Spc`vMT4qy{NaU(>B;b22iH`wsCtL~uB08udnJe6CwbhX_%dR^J1X*o? z7w0tzK~Wk8~Wc*JgVW~SZ6LxD=lOpDQhBMn+Nf)9(GJpel^|{gwZ>Ld$Qd^9RO<>-# zi)-@JO~-b>JO8IA|6@Y@U4na0_+$6k-_F}3hP|_RfATx5sZwu;pC5aM?NHEXr`JG@ z@^lG=5#H|k$OBc)S;xPK?zQGNiSB%#Od0AP2dR9UUDw1loOg3&k>!I-GO0acVV9if zYS!RVY)oMCMr2xQfp(!dih)JMoUBn7WhOeSXQv6EjzbvCrFMCLd#Wa{AssDD%oJD) zcD#%2ZhQe1(6Ui4x7CcKn#|#6%w*okXb@@#g9W}SY2R=&POYg^0nnw~C7H@2s2BOx zSF{;{Sq{+rEsxaAemHvBNSIamV#n-q_< zAO@;#&S=6O1Q=YXn&mEbpHQhRZ>VOxoILXOFH?*-zRZ0pab=t~OGw?vT(UnRZ_gaIqs`6E-1e#yT7@vEh5&3*EZqGpa!42YWy}Y3!dPo|(!K*mB zs;D6*KEA>FRW2$ek;|;U2<@_A)wO_)N*I1dps7%K+Bh$v6}$0IFqSJQm#pF7;f+uZEw<|FYUX{v7Nh!Gsf0G zSlHOc;%s@=za>uwuAXU9w;!pvrUw8Qy_0uQ&#{!d&ebLRfXpn0Azy(QQ(E9zA0gMT zizVi_=ZO8Yl=t94CGkkH(%NJ&K|jR?dQTY}1^goZr18jT3>3>=iK*x#1!m z%}GInKSr!|=wl?iJDKB~l?QfY3Ae=@v_(cU0$d9dg;_+E4o_eC^Pca$J(d;-#mv_x zIv?ym?fCfkws?Qdh;p2lf14z}_uOafow(tQ8)cIa&lDIlfw?U-SHYMV^(1d=3{Yt{q!U~ncepwz_M*~*Dz!EKM zhn3;WTP8ow7Psh7?rs?q|1o-N>9OM8+zu9+0!*8hPrfL9$<4)bE*#ms{s%tZE7O^S zX>e7y%hjpFL6=__3WJadmz%4X>`4|K3kiWQTL958FPe)@e?~5jb=zXpkb?Lf3x%xm z|8RqC>WpV$V6#d>I1#3z@6Qo4UEv#iL5S$Eajak~?cOq(i-;~AND{v)Nrgw)OsGVV z+v__vC{^&lRGFkrskw5?lpVI#Jj?u`Q85UtN~XA%6>EXBL5O00-Yb|wMLuvkg7APA z>UHnAV|nk6?{?2ovLd|`UBci`1twbuCIu)5iV8u*=swtn3 z^737PQG#-)9bh2Wu`V-psLT^=7jal&dofY?GBb%$-Kz@hC|M&MdEYCT{0;GRw4iKs*!lFr4@(!?gt<9ILYHEH^CG-Tds4Nh z2aj(yxc7&IDcua3NVJ;)n`1MM--R(H5HNgo-ulFZi6_j>FKFGbvM31Az>H6a z2_Th#5-uExC&(LPmxEG2=KQ$KSLnz<6NXtPXi0_a%6XDfM8t64bOPBHbDYef=UtP0 z*}JZzK_>Qf`C=3ZH-8j)%iE>U?`6fOq8};a!(PdIMRIx>$v?8O41gZi}^uS=HivSIBllEw{ZTDU=~^S&1O{0UkIIc zeAX2?^l8A9Fw zBe@D(kL7Ml{fQ1RIW~v6jue#e_3Dbdeg%QnP#|DPzPr0Ce8)?#`U*d+8i6FEX=(vj zHB6qd)lYM@5WiMl)gZS8tSOEaN6lbo@Ln+<;l#gEv103Ze6#m>tstyv+6Jpb@1O

BeJ_@Y-aF}WoW|aMeQ@_n zH#_L|*Ow*m3~$q;Ks2D>7aqx${TX173Ql~!=u9SF=lCLJS>Q&K9VwX0EXR5vqZ~5+ zfp7H{zA}!n=9{li^1>f>xlVx?3|~w=^i`uza=vZ>WIS* z`6f4fO^KxIk!4Vd?|wA8x{IUei9G3MAZzh~`x0GxUS5L}3JBJEA{%_a*XCanMp zgTL-oOM)6u!g_r1Lju1@x&a1(Nz|&RCE8!B$XbALPF9HQ_Ums)7)=Kr-{Wb zDnlsolYZjd;o3x8{v8UmwJ)u%w3p{*J1*!zw)2{vNVA2~`K3Sy0v0Sr3}m3P{B9e&SEzt$uG?=9o_lznUt!7Y8TL z5yuabP=&>e>j6=)Jm7Vx65)&N@Hv8J{(DE{&_AIg9$ehu93Z?Zn}o<$^7@ z*NA~+RVxPo2)iIYyWyX6kv2Yj2Xk(>Z0MtteqT6yC}$n3j|{64p%fT66!>LDE9)-j zTmn4${bw!eY_{#LI({9?Mhyq-I~d6~U^QIa!R{-R1GErMnl#h{<%=#=C{j@ws`Jg@ zP>S1)e9_zk6KPAURV-!X#P^~<8h5!K3$pHYkIfUP!fzj+4er}t5()mU`Tc75{&U=w z?IP(u4hsv30wpue-nWVqJ~PbDKFmIBkk}XSB{)`cI6xLd2!1%ck_K8d)S{-8~nAW zk>P|nuYHd``+v1s^p$QV(w5JsI;K83Px=4x-u{g)+nk;L@6g}F$UJNTQbW3*@;?70 z^!Pqf!ffo#Gj=h7VC8Et*B$0$3nelPG1lqt?lx`L|Q=3K&8A!Mzp(D?R>9;C!mTfM1inNM9A8fP!`!9xbvGT1%H=y&axzwBRE`6I!LeM9!gqK@ELY2tMf_>$*F8Ptx4hL ztuXQKm?gWte!K=48u(47Xqr2x~juWl~4tG>xKXkI1Ju(zr2N*ssq^#KtYu>PjgBSCm!e zOVq9*bHj&>B8HlhORXus(dx_LGPQilObP@$ zs74>5#W_6Xg7gC6;o{$XJlBscyM;lFwpJEAa4pe?%woK3m&LEeKSg4(a__kjtcwLD z&XhL#GoI%6#fkyNcf66wgrUT{n+1e+8;x0B6}Cy6!U2uoTpR8eX1}(jeoCw@95~oq zdMG$#Qe}5(Oko6Kl{jm*6S+AJmDc1}s5XT`=k5;q-{TSHsKgL*j#lS*n*kcKnk39e zDr3*eFAlvf2pI^fQN_Z%iZa@KO!~Ig?#S5vB&Uh05V)geD8bh$Kz|T-$T&7doO!Dj zI(2QDMn_BgsvGz(DTLarjaydQZxQu9(a^c=_F~r7mF82YPiQC8s+d&fex({{6FbWm zX<#e#&sDD6(k7oDOx10F(6%2lW*%^j<-TJ{^?a=O-+q{1t+yV@Y7_b&PS`&ObL2ki z>-X#e)ISdYWYzRM|9Z6FZ1l7LpriWdG^F^%&t&}rwIY?Yt_ndRdfCMOJWINMdzJst zk-4<<=CC$_H%}+$TA+pDzEv~{e>V6mTfrL3zqmgS`SA-eL1~Q6FrwXZGl2ybEtt4_ zNUTUMPk@uXZ%N%ROFhpSEgH(}w7fVy2Ach9@0O0o^O9vnt3jbSRW6(<$BxYF}DbhHuSxaFxia2UypmJ zinf?4iq755QjhjWZUy6zk^*ZA88q5#=&RI1;(G6lVkC6Ld$%5WClIgckXUcZ!iFzj$NQGVJz~6L`p%f=X5BKj>6c)TzPFR z5^zhA(`ZEK^vcHKFPG687wkaTEdj;ZRQJwQwE#B%NQD8OwQJX6Dc@ufPC_A;$l2XI z7v@wY1#F2@%Uo7Ts-3GJBFREkq;ZXuE$=zuf5li%;~@yV0#ki>2p&`;7xj;DaHr zXOB`{=cO=D&;M+tF*M|VIX{ru>f1Qt|FE}z;VG+JAv!rSSI1@s7Ug1+2jfnM=~{`9 z>WDWnZZbAw2T>-T+PQ_koi2(vv>YP)rUgVZkx6A0GwSPPGfbefuisqj^TdDTGLO*b z49t7_0yZ3P`Q#PO%Wr~I@66eU_b+qU?7r(-sktv6NI%sDA%V}E5d29`%Pw)xnNg!Q zBo#f+g{~4mUu}fkaYnG48`_TDDwEN+8tCSGEt6-{?6FQhz(!KKfk&9ZH@kXkV|UEF zP1(1+5rYp&Fi0Kyd>}Z?>G^Sk?kk>z;l-b-AFftweJy#;*$m zZTt7`EASF!BKB{+!aiR1HD)4xK`C-|QQB2ZZye%@F=rlWp0I z0}Q)$${DvqsmmlTUubNaWYKFfOHPbXc!c92#(6Gh5U_2|RNrz7!)Q&hpA%__^C%@( zVE$xg!vFSwV~&dL=*2^2b6Sfn*4tk|J;V7cuS|7hGN|^6ODD#RlSp>Nm}$T=tBXLC zT4p+D&nlxR6^V&y-T|tKtrkd$s-%U!(Ih#Elm?p2XP%LYOzOx8Lwirwe(-J9J0hbi zVx&pQq;7P$GaMWwMQ{SoU%GRds%*{7tlcx_Nxk(=!FBeI!1ETmi8%j~T#chWre=;rwT&503bFzv^sI1~)RqU4$Us1}Evp3^b_)*e z5X04k$>x&gX~u?ywI5@X@W$vX)GF!U*=x7hNTa44k_@C}Vwhpct~#yxI5z#xDX)9p z0~vJQf3`?lm38+8?ps|G5R&lAQhx zBngk>pzAqr#YbP(UA|3q@P9ZN~<(q>&`<7{F6C$rdm8JLpZQ<<1}C_;zPj zR*v;veTkl9DaY-(ZrCve^3AQWFo{;}vZ&C_@yyQbn@a!8O)KGVh%w1IPGG`$QjSxOoRrsOEg`{DkZP#kQ=nJe;v{)jDjyoG?30-lRLZig#G2Nq@l< zOWMf=p8Wa?Gzc7(WGx>sWW#HHWBa!BL{4GTZW{sbv@V>tUFaF%l<|-X0M&8DJ4~pp zm>(23Ns=|#g)WbvQ=MqxKWexm{I*D|#h|y_2+VPmNL)>pxglH6S4k$dWELe-E|yv6 zZ-&hgNCxFSDge2{ng}VQ%mT#!?~&lHl!2ME#evUcw4b^3{WPi3wM5fj6BpvOS^bw z@hl%DA!E+*yRr9+P>!37Idkh4LkLs4_sZ?OfCnUUJbq>sg?y#A&&y=Mphe!==yFMs z9qqbHNxiYM!1m`7JoFilM*~1G^Pw+X+IS?5?iKIsrIbkG%?L~wrFp$^-8M#z%4qPm zB9wn$`u z2)CpW4RAI=EEJVGDv>l%N)!;>ffJ1Fk?p*EoBjBArrY@_DwI;1B)Ggh^=bN9ed+To zPv9=aKIe03fxh!_V`p4>?SJ3|_39r~9F5NZv5KrPR1$8rSG*71b*nwSfu2Ch_WmOa zG#Id&3zJMuz+MK3)U+xD!v@(^8`S0>)-LB50|uMPR_KPG#O|`LAyBlk#OP`YXy40eEvRv#N$fjCLU7f2tqHT+ZHFQG zgxo9D$Z+0q%Mnr@yA6X4pWoM^;$pdPnq?G*_k$5aKxQ=(o*syn)*MZ1Uln{4!k{T1 zD`7ROhaDz6)`Q;*gd!m`k;i0F4RfSZ7|;c>|Zze*p$K}j;)E@{O? z%e5a-5X1K7@w3&rVfxW`)w@`1v6~#fwWZ0UpH?Vtq%140C~m%-gnmz_J4!`aWBNHr zE>r+!QGy48xPSg=)FuI1t(7D;d>ZM9Zn}%S=xi!=Q=U~pRqC$J{2JHmXMAhRS_fzv zCh?)0wKAAxQy6JaTF5N!-m^`hbc?S>-S{HUJl=$eJbjh-kk~UU7J;!`*ywM7YCf_0 zB4L>3PHQU<7bVo&5a!kTJhsI;0JFzM9x3e~9~Z~M&7EkDfFfdkvQq9 zWJ!+E9P?1A!0rOSAY#yGqslAzK_yA8A=HXyV%BbhG_elV7TPF9THhRPZJbc|^5+j~ zmx!v_DPE;B8S*0K!Bjf8^2o;e_X+}H-bfgq15d(r3*X1B_}H$?nw`(fNB>jZnYP`+ zn)jjRDtW@mp7(#P=18UgHx|z_4~O*b_}|jxy$x#bJouITp3<}>ZQ*5lAnsbq;lwB>&GEzR zhPL5t{m|lz70Y!bnV$zgv8+6X^P3X{gLRVaS>mH@IO`K+ha*+@eY)I@+Y}i9Czzsyd6-7T31Xgj#YGDeN2_R}`(S__cz5_5;e zV_Q$FW%TzE5j$kLxI*Sq+B82f%H!m!9xlzFxy&AeQZ|&oNrO%+_vo@1XsBgA4&~6n@AnZr41pEf7A+#F3V-?@idX1z> z>=hvL-VUlIGmB6Mw-lgvG2v@xA!ruk|6n#o9j3o(ORw`Vd2|AxUg9F!L9i0}WvlmG zX%d{~$g|8}thT4z)H3_+|HU|GwSK^P*-kCB^KX*g1>QB9*)sgxWMMLIE|_Hai#Z#e~%!q%$mC;?V;IHIl%Syngq5+~p@ z(ZTx_AWJ5Nyy-Gf=vyyQ9Q zTWQAnaIOE2-$T5-0^HZ*`@hV*{z$$*-WND(H%y(*Y|sVL7;9{0v#O=Flq zCQa-;Y{tT1A(spKw zJo_zJ$WB)Jp(K3FKal;k)ax_}Gc)8xn8Cm3zUx^ZK}}!`@TsQK;Pu5246 zM@&wBzZKk9TFy1L(N1knX7=nlSysIFohH248>V!diy-CIN0W%WsY2DuD`TnmpF~n> zRjFRa_486E=9yT&3Ol2GU)7cGfbNX3hF-WdF(-_YA(Clbrs&!xPcNhY6FCb<=##Df zF=yQhYQ|G6_WYADV%aj_vK;yaNL%u2E-u2mLT+z&Y!|J+q*2ygiLW6KM}x`zXLka= z*(Lq>>KdQcNN^#Psg0KwSHp%u0+9hqZgERbnwCFuLKKbw7-cd@p>MYCohx(GK%&s9Q}Qp>M;I&Wep<*JlDhdCn*1DArfl#4fi7m-}DWV28v zKbKy%P$`evv_TcuZ=zgX4x}MRGBkXyv=~X1P2YTo_q9e@w?!FVj{fn}6lVR~>|x*J1Lt`kb+9Ycp}RF>&{3h{R_hV<3LE1m&Qo4`*b5#GA-o zj=f;Kx?P&@m_!#HBQUbMr*qvMYZyn^RrXGzDUpvEY0ok>+-mU@;Y&fr=UQd(T=`;* zf2r3A5gr55AogdNiFr_clCn1d1h%>hMr3TZ$$#5cjvXT2uYt83#7uM(jyI8-SL*a4 z)3<){@5^pY0t>S+37N*JfL07yR!lT#qNwW)0|4m7q7lY7GS@8?+Yu;)(q#w$B> zDz5eTGUK((f@>XyHD!R%eS#W_8qeF9dwUBTb)>Y8v>M_T1J!ez0O)*fz`l9UBFuMj zNL-;O*gb>{_Q)LpHDC6tBf2cQJw@b+>O$E-zlE=rs!YyaHq{5)2y=KW|M5(IooE!x z!onsM+$BNplqm5FXpD5;8NTX0ptj`Ilt8$dY1`)91CYi-ta5h+&n>&_CL@0H50w*ID57nTN>)mQc zqxAjh@gL$BEI2$b_C{uhK`4U0<*ozPfe5dn*ttwM9IiugpY7sw6mJ(6-sj4*T&7#= zBQWE9z_bz(DgUQVooMW^$XN_w6=H7P$mFB%OZW@bGPO*ctOJPm@*CZ?Uk!8@6n-z< zf`c`_<8lfXl>)MaZZ>DyIEtG~(NyI`+O7aqq9`R9$!|}pl`>{DJGObQJd^$3TRsnS zu0O&T!qVtp##^R8_jR=@?wXc6?(8}K9S%y1{_jo1I*(=aekNW0v`5tWJmo){gzx6U zDPV}h%r=+LwUobQQ}iPxeS=y>b6PN6-DL9N{6g zw4c4nhAHLcFhX`~YEryF>MdyJC1@F&j8=saU*(WSKkrLb~ z?oKIAA-I;}?jGFTp#sH&I|O&vAjOKi!^zrv_1|YEH<`)g>a+LJX2P*Yh%~K`#*%oa zKroMkmuZW#wNTNDvkZLN<>cg4AY_iFicDIH6%uon@J_9RH{!Ga=_xxDNiruFh^JGP zD-8>O(OU6#tv0`?8@+_>R@HKUEGqFdTc&D%nQj66;Pc$*SR3FH_25A{U=toMQg@uR z2|I3`93+PhA6R@}YjbU97cZILplo5l7^B(`@A7L`Dc+U9IS@ZD3Z z_V1^H%3$L|^v4Y5q{hr3^%MqOrUY9Ghj$gtq<4d_%8!{&zb8M8fSZw{K1Hzs3m{@K zCN3_Cj(Pq_X-~J`L?1s;dvpAD3epQ(nO&S`Bm%H%dQ4 z<9dzaX~-YSN&$DMuW^U3n5x}s7x|b7>1xU;ShI08(1bH0)L|v!9J#ebLGR3B+8RYhMvLB^Lj%`MVv*kk5yg* zeVVE?I&GLy$2=zF({^tk-x!rB)a&gu^|NoaIvPY~3n2nO7=}uD%K#Z(ZHy=)(lY6m zN8thrgra7f-llS|9%8yzaLWa{1QVh5Kl1#@Fy}We(lZ4w^p4R6(^Pv1Gry^-5k4&i+>ele8{ zart5Y_Ef~WX)*UtdV!J6_8T!jD*}zB?vUKe_}FQ9$B19In;hYOtax%StJ_hkND9v2 z+;Mk2{d}|ogTGh4kcF?3?d8ay$T5)V)SvcOMYJPyPKhIMsv1`j&jU4aDMzPnT8AV4CQ) z-(-nDDCiM6&96A489(kYs zdra-q+x4~Q8MrTFS#~@)zGP$gd9Wb|e@6X|eXV}@0~aDmwuQwY(@zTXkKb9KS1*dO zk(H|8RcDc?m(*gRwUH$@&v)rYCu*l>B18>(weN{Ker^dQuAE5!$pz#U2i2$$O8-bm zQ1awM?f;T0vF>VyU(0M997WsyRHV4juw`O&QJ%E-i^yW-gyq;fvGC;L5tP~_kvvVt zkfHKH$->6hj(C5jmv{t>B)}5jzZ@1?5_W&PR`kqDTz)C#2!tMdj z&!S$)_ktt88%;vF8f!Ig6LNq`AhYK2vA-&M;$Cho?=H0zz{)cj*;awt1J7jLEM`mU zmaE)1)5DKofh9rb=y=~YM3yvKZ!fi$Yl7e2LDxN5Xw-``jjnu?xozp%sM0uiaw>YY z$&-dHo~9S1Q|3 z*UPjpEA!PWtlOCVwL5*oRZ>^$<|b>IjTtS=5M|txLbwbp_wvy+XwUzHk2Za!0o%c7k4-8WiNGhRTE}UC3c(_wt%-%XLZJO!;8oTTKx}QAZX% zna+<9$xK?dS{tOn&<^|!305@u#Z<%KHcYmt$DABH@m^woV)Zjbrx-GL=nId4xv9+U zFU5+3yF2}xEWk~pfLgJa>%{*Z$nQP>-=z{7f=k4_&GmjZ_XQqjl6aHzb%m7rA!q(& zAC~QU%;Ik3u@QIMg;UvprfErx`gTIFMw+UO4E`qM5am?x^$F50k|%^jcH@@7E7S0$ z@e*oEA(0fKT~@-dOy0sGj;uPgPbF4-nMyIr6M)Jh3H>^iD3|7r3Uw>$e(DxoZp6-# z`PC4@AeolYWh1va@B=mT=#9S@$+(Co)>HL{NRlUkw<#%#^s8J#>%bn;)Nyu}shGp; zn!Gm4ngm;?Ufh%3^qFgZN@0E|0(nENomB*UkVAlnPRTD){#I%$AdQxABOc}Ic1hor z0h|g4Az|QlBY<>x{R1orYn*TVINsTmC)8U(C%kekIY$R zUm$(1c|u;~`r_4Hu{?1lSgJ0o8e7ya14O|#C3BT(0;4KudH-y^?Ip^-sgE|vPor0; z5Il{c%^$`5Hy=6FvN(FyO)C%WBVDZmGheEA#*tt&NqT3LO2Q|qAL6g(0r{a zTLJ`j+hztdjVaR~db*Nq@>Lju9w)1m-HmU)(GsjGBWr6wV-!8OfOTyX&X%e zFMl@DmED1i0@htLzU>S) ze7V{R%Of*)Lc{~f#v)3g^Gr7SUt=6jyLqCSQr~1I9bsDbV?$Ae(S4Dmz<|hc^?ktU zR0FH4Ds6EdVZ2h}k_7)@1RFf8<|FmfEPk3;>)^X4>BK$kkS~XwjXdgx3F2E-3P4%? zq(c5!rV7e=BO+_0{@ZqWWUEs0WoW%6pV6R;NQAM#BI+H~73Xx$za!*<@AywRj>=he z<%*IT)4F$VTPodz-WS@wg+2Z)kS0?JL2BD1Hg!rH;aC8Pd?j-R+$o0z(`5bj)#qC( zj@U|*-H9TM>X$`P-=AB06Rx^_E9Ic7D1ueN8cYX!yBOpxr2~(6MG!?|%f*sOop|_? zi4-lLH#04`yADwNjVp^b`hz-@>f%V~`XX}NC(!EeE3vk-^P0KlT>s#~e~zWr6!NA2 zbK4w{y!0px33MtJU&aa@6*~|4KbQG?Pr+KBPS$Sc{jcUoI(Aq6^+Zp|Um*KD<6>P4 zVwdpT`1c~8LgG_ZD+o=53TJJAJfiYX>-<-fXk=H&N7`8&=+pFi-xHaqp-){@Bx(ed z?ADoDa|wmB4)9-!``QIDVOA_|$`|jx3ya!~s_wHW$2}d`sSs}3m#6YP_cL<3M!VFq zRI!9z{b6^D0iXZnic`eQ@1@Nn{(Pu_XrTk0Q=LY8n5Ex0#RqX`MVR0JEYp?RWY#Jk zNmO5|;MIp578+cVW=;>UpK@#y#3Agvf-Eh$S1p@ePik2ZB3M7+J@GIRzZx85A<3`b z2z$tTb$FIKi~fB2szy)z8f$$t2L<)9$r(+%f?lURitwkKJdIVV|c7UC7uRb^~>bzMJZo{Mc`_$2WpoYMvh<-w~AWy$Ol2NU6PWKT;lxu zC_7GWkj3)X1~(=Gcjvg6DZ^5COB(?T-~QpEBc-VCltF=~XILH=VWjCoBj@$~>kpzr z45hb!M-Oh#n(c*cyA1qJ7G_zGel?5ZcrN(8e`W0DA#u9I6TPST;4hQvW=XX?(mXI? znfE%m#@d&9^rt6+Rf)AqeImV=@OSk+wwlNJIgUCnBRv3ox__CYxuTHON7o;iO?ndv zGQ$YGq+rqaB1ESerz&?^ZD!+^G{H;wD$_ z*2dV1|KujU1Z=GbjU5o~CNXR5|2!-O5SS+($b-o=pt;5s9Q1ZA`c~2G`oTiHwVL#i z+EFM}eu+4~=L7~{2R;4IQ%?M+m#ZBeV@dwoH8&oJo&^7w^)P-DLkjW(NN?~tG+zyk z!yY=}70PijdFPdR&nsC*XPL0ObtDp_2RwE1Tcx74=5H_0>fjL53W@rTu*+hQzLgdL z&Qn%sXUVj6%`6o2Kp4v+^oV5(iw20MHJI!VsSn1?;x#sfDO!dACp4W*Sz*z7_6+^d z@6;4@c94n$rV?dqIv^*H07I5Cd-EYJyd|;R!qkr1|2eVN!ajiI*e4`cA)$7j)hVoS z75A;QjZMoZ?+k@+8Ue|);$Q%Gby`}W4S!K}v|IcSZflE98mS@r!Lc%iEC}VId;Bk| zrQYgc67_@qf*K2+wQO;zrc{6k7wOy%Zo@(+v5rqrES8taE1b$D1OPGiC9X^q`LW+j zMsIAjAOJ(9BNWm!6&Wlevij#58r(0*rVx{`htwprjYmFGl$_W)LIeEOt>+1zr< z(j0@P9Z%DK@^+3q@3OIOt{Y+4o?FBcB)mJ)c7X@j*D!yyA&X;kgr@+`!C zMWVKRxVK%NJv#{nt$X9cZUp?EX@ZgDXL1pHrxD{KT&M*N?74yy#A4J+ z>1};}uL*K>sXZDqo}aHT;F&c2c0<1{z!P$L6iVaFAU}^RflA@uYozG2Z{fV~CZXLj zL4N9n|7QpEYejb)_1YIKW9HM)uazm_nEA+V)FQe%Uw()$#%S^|EJrP4ZUQDn@-4EF65Q(SMu3T z_d{#jl`J`-cAqG-zrTM@_&$LxA9|mJMG-Mjy!ObOoS=TBH`L7UDzvRE8NVz26l5ko z;1IQ1ZYE7_;~mt^BJ`#Iy&IpefvBKgJ~yM4bgh+DMTr+W*BM&~0GTGO69bFTdg4#u zs`k8x^WD4s(a$2ofD3bwlF=pbpM)01U;-Z0fBS#FKAro;qrDBqy+9W~o0(P-^u9Fo zzgZI)7xkT$?#nfL!<@m-4_z1#w`A|1uEDa#s!{S%RSh)#uV7mChV%38yWD-MnK9(J9r;&4{%W?A3^G9b6C`~ldWqa^<`xf;g z(4KbBr+0^(9!j6zDsBu(GAtltK^YE$i4^ft(7jy1R`U*Shgs`){x(0jH)dtubdpfRP!KzLWN5I1?LU*D`}-pWaxsu;YE^!M zx|XtIgg1j-llQ?bgDcsz3BY9`h^%DMy-2S^kv0^Yrs(@^TG?L~HPV>%bnmzN^VT&M zw~VarGQ}<_Mz~#p&g*c_YS5UAk3aNHh|I;nn!2bzOgnSC?@WlgecZC*??OJKb9PPG zb@{&CgTv7^;V6`_RAlJa{K$r?k<0th)B+y8vUShf_7jW11hvf~1y4m7J`Xt12S3q>8x<+^o>TlNTEO!Ncy<>&E^EcgYB_v!<;r8o*xVj#F@ZiejYc7!-P0bNQ;}$0rVCfX`pE`PWZakS%SrS{&*|gMuXF_dI`O3_AxabT zi8nQ$Abw2Yl&%?}wLiRbbu(wF6t*T(BxcLk`^6z#mS{dN@)=7P!^cxgDP=UyIC*Ks3^ zBUXj<@sr}DLj(RC5rNOWqA`PA?8UTxW!`5;rK8b~jDOtv zb4v>2Kb1*67^r94_G{7R@pi7|x9{VpO7HfJ+Hc#AMpr!;={61DuWly9gyjkV3li?U zL#gzKwA<*$p%5K2xMU3e`86veJ(S^}@PuIegT9`%S;-*Ud;--3%fSRwk3|cvD^{BP zKCiC6r_mNhe%weRA3U9kcqsfeK+J#faQ|?bdKK=c2DP5f@Qe){pD$;tBU*cQF9_F! z(oDzs#HnxzUF#>Su=S)DtQvB&vTTD@&$K+~s`r2J2)Q3_=Z?1Mwz*K%uaSLQ69yx; zSt1q@eLH>?IvrPbnLW*%G+>HG_fAIP)GX*+B`G(Tb{Ng&hu>U)s8Osi(+y^2LqXlQw%v<;;3&qN|(2tEo$e`HhZk1 z_xGecb-09hGL;)tVSPS8d1E;gA~>8Iq+OQA?@@Kj$P8nB z%P4v>=eRul@^FcBH^Eo=W%0P;aqLTHhT={^iLg{xzY>|goxF`WrbBY(FVT=eDPC_8KzoTpEDm9 zFh&=CO>h;~H_D{1H32wEUt)iKsL?CYNXoAIu0n*|IBTpI;uI|UAVco+w@}}s-`@z@ zljZKTy`}scwyA!Qr&^%%RhpyE1cd<{$Yi5_O^+hekD8+J8|3t&S}L19M)w~7kGv&q z%koIs>90r^c9SojllTh2mUe5G%i4~QhN*-;iZBU8 zpahPYcBr%BTb5F{vSbmE;l(x%VG%5^-(cih8*C9hf6Lzb_$bzP*vt~VGV*_&7x0P= z)&Iu*N-!As5TID6?cRE<`toPg(P#A6-JX~~k~-#Io{&&`gXx`T`U$-dv z&YwT$4al}%5Eywuoi4S|Ymeu7ZbZh^jALr&*pKU)4K@aEdsc=CZ4pl6=U$`=ojj7+ zxw6cD3Zk(rZu3=;vexVm*3o?VRdFWb`6tZn5z;>1yMUP2e(3gmiex!4tuL++xzv(( z-HgQz*RO6h3t6wWn57))>@U zTd6h&MT>SV5h2=Y%_WL8{}734v`M;o`#P5;0QQ&R@Vq6EdsW0 zQJ^JlnzsC1!Hx7BW`GW0h?HeK38kpV-$v+?+v2(RTj6FetFZpCtbnsCW<9G?jYnc#d6fA z;RIeAo_pl$Z71s`=u^X>T6^ePOT&fs`1XLj^qK*Nk_jMaQAbnD7G&9$zHk_WLVDCR zZEt7!04?`98mUR(EnjZV>$pERf4qWk7|Y*Y$+moG@ScJk(;pU^i?o!Nf{*6I*hASo z9`Wtp0w%*Kh1@_KOz^bw`}~PLc83PJ{z^`nYZobv=Dfa6kb`Q<8Ui0fzlv$nJg@Ev zGU8WxpG{IEPWe`S?PkSJa$I2W5GwfFP02?ODhbrgD`p1l*y(IL{7}4tUyKEG%7n~z zF@Y{JVYorTTbhqOWul|zX~qMqH!uhkaPh9fHQ68Izai%Tw|kPoF?J^tVUEU52NnHK zTm3J`LhBF6?&ok%a?f>oWQ- z^4*~+a~yIK4Zn5L8GtM?c(I@DQJ2};pMx=OpLX*Gx+0z24#hf`jr^|59|+!$zH1O0 zz)&$%oIEgvT8NI-QXDMoL8!{5@)N49v8E|fu(jmDV|#K57M}gc_B7~4y{DpuTS4N< zQQzg99`4yZkn)Hy!cLz$f7b$~>zpu{Vsf)-mLS1a2fUX9uL~)KtQ^-Q8hwQ}+C@Ty z+^5!RGQRdObjM^xULQiG*f4R+MWedUex0R#5ZAUvg~<{gdh6Vbo(KKfep65*P5Pl@ z-EXl9aS7tR_`QvE6>&a^D&wGWEld}g?l*lMd|w%GkmwCBTTc2K0+ z;}J89=i1Lc#6VcW0JiXl4cPL9L?b<9OIp!H*>1c6310+fAI&>D<`_W!M_y{Z)@_3( z+G}{vZ7ZJns9c@0wzhURN%^E~*lgLkRN_07=vwPY(3S)fp5f?22GRr&z3U@(;>SyD zU(vPV>igCB7SP{yZ6IN&fWv$=f;8S>g{~TF8o*h$jpR zml-Y-BgMcKB!YI4kUm=b1dSuG{qkh8B6hz$L4&<}W{2}f`nF@0dRq3D3!vY_7HoqK zc84bB^(92;hIpS;M^26ZocnrY%8Ge$4HejF);5;A`XGdip=40XH+@sf0NHy#BBZGt zz(2YQ(=R-{J0vB|2~$sS(0<)LsuD?XgGMGrkIZ*=B_N6v@_PK*Ru#QlJ8Q5St@N+v z_o|p!iMptjk=U^dL%EDEvh1y!UTb#+H%^m8u$Sn(H9y1ZSqHIP|BHct@R%ygKWT4e zaoyY!pqA=3$=0#?Z-wJst=OhMtRr)y1Y?hs;uR^QH5-Y(wXIfBwn+u;14_I0wG$zp z^xK3e+}IrZ#5w~zb_)!83;ZTh(8CnDqlt=YAPJRNr)>L;rqTV#*8Y#N+_CnpYDzG8 z)^m_6R@sTJ*iO@6X!8Ceehm^C*Ypw(=?(p_5wK^ZbV@HEYDO+5Iwk?Y^2PI~s&wH> z&%#>p~CjAeUKxMHaEG8uNkWO6tCGm%i zeh!f9%$Uer`dDvR%xhusYNj8l=ygkP8^o&COi2yYB{B=R&x|Q80H8Fg?&=%s!^K z&USj*)Pi4-mX4U5YwYuo>S=gl0y9X|(%VtPYNEgm6Pjr`cpk=nV(axnyDi(WypeE2 zV%IHvU3?R(ayIwDcnpqZNZfZ5pLp(&8F?OliwgasT_ldD1IeGTEeOi{d?^;$4;{4#O4(v~$C>7@aB z4I0OIYr$Kc<&)$8+$$p)GhEg@3Gr9{{BLWSu{9}351RgA?O|Pn(cu2+WnC3^E!vt(=A6d*kyzN0w+y)+ z$eZ&k`^V4Z8mOXAbTS*Xte(q&t)JWCG^%*dSe6|>prXa?;`IK(1Lm0BdEK^Ux9lCz z(Eevc(&1(HMp(wNq?c=+mBC^h9gqAcDJYBEH3L9#+(uw=U4Yv*HUlL}C*-spkaR=R z9F6}b5J1-(13;+p54c_sZ~uB_nBBg^w1cTdK}84Z?d#*K=V=G?rpuK<>vKo>N9}A| zLan(Yt`8ZOnzF3s{Vv<_^e5D<=h=DX1OFdWS^HD8d-7hv;&E?XKNN5v22PBwspTMWa0IVbJgTAD{=7U=Z+) zhUm-8W+N-y8s&=R?!abfHIlL4IQiP; z!^+jVOe*|MU9G*(M3|ADs_>4Xbn3?-8I0D_#?~A^w~Em1XZtSEsc@WKY1M4(?eRO3 z3(F5;tCydApYOu?&L5}es5o;dnMb$XD|Y+Js1@JIiPeB=>7m3rC*45()u)i)YNr7alCnW3ZhhfFJ#oa@$Xu{$L_DO*PmG@do8qg!npdh zf*7if9IFn$wNO}Jwgyk<3$5wJP|~b4#C^TcwhGfRi;^Li?z)*=;xNkFTtCJO;Q%20 zoUD5IIlXBOM-l74$$MI&M~_4V$Y~CvJ->x|@tcLjYB2`rCDFG7)s8CEex!IVq766g zG%qiT2}V+6f-qte$v&M0;^Bwvf)(bOmg-FmIM|1uah(*FkMw;;Vg`uWxofY9fRZra z&cL`NsA@N!H@u#lk?bw?%LZHPbzX;L+vE=4m?!p$0Eo1$8&D>{e#c!^N2yW(fI~1b`7Mln1QpF#_)dUM(i_Uq zAF!p)r^{m*UoyP=?dwU%_HF-&69|`#uSdKz(&rW5L$TxJS9}7MW_wdVFQ?G~`V?CX z(;z8&Ygb#F2h30JS^H1-#t@Xa^_dzE5HD^2#8LndDj zuXuY5aU|io?uCw%SIZ5@8NezA{ak1cST1Ga*&fpft&X2!{s-2g|VuMQ2)L~ay$HSU#rSd*2wK8t!D4Dp3 z?Phn`eo)?3nTn1$jURFgc12prm(~2A>=8X2+{A^8|H?;V`UIJNBn;y&C6hYBrL3P+ z0EJ{2#eeEW5DJp(ac6%*JGq^B;6FimxjWWBZmzchH+84~j<)+hTJ`_&DZK>!XV%M0 zm}_^PKEs1N_` zlZhypJ~R_jCjCukT8DAR<L!A$oBgeQLc2?Vjyjx3xaae0qG2YRdjZQOnTApPX zS9sjr&TijZ({mGGEECJGLcA>^*O_xVNlQUg=-V2WAiM^WjB7b8 zySF9e#Rr`AB7-&0WQyUok1ngJu?qRnocSX+sTOmr1rC=zJWDfKbu<6>Ep7HCR=n_~ z&9Kk}5+l!Dfr8@fHqZL`oL}g&ZXe-2k}Y|6Z(p3Q424C>zD^j+ysT^!M)l<-#Q8Rk zWA^FPDm#{dFA>L$YD1h5K^45YxNyq=T&tQx5rHW2uKD*cS8+86JPrhvA#;W@G81ATZo@TtnVMMe16>e2p>8HNE@%O2q+((# z(zot`AIzgLzgz0XrtP=K{-~si92d9A1la zk$3v%IG9z`f+*KmPT8KqM(S7c*N^vEvI?~!Qf~F-Z;f4~Hi;4i1F=siIt|Z8 zYcE-4Z|NUb`6_)+lT#GGe|l4@H(9>yxf)Eq|ASD#_9$@yMIM)qHmQb?GE(tD>}`m0 zE_H#Rf|8e!>?N;JG%KQ#66E_QbXhy9NSXkJNL$CIJVO-dUC(ZAIbb!GTpCxS_zY+qsO#l0kYG*UZ!7Mn_pvRt%vvOY_7m-YC-&rIIq}BFkTF;+lwDqn@Br6Iis#{5mo5O!wBcuqEXxPa%>&7&?+Gi}1z21d%p zR7>7E54BJn%ZYcgn4ll2qlgn$#!algR37QU$10b{0kQ?d{)**=+zLRkp;AE+FOoI?@m?tR z0T$WT=m;qj!RIM}nqE=-*a~F4fq`7AB4RD{X+P4Gv)KHzm0Gh~a%|0}{D#IMTogp8 z;}U)Poe-m(BaHEeDu2zUOxkT#DO%2&OjCJyY;Fixr}^9M*P^MZUE*qs>_W3A33=Yi zP#B|omFNA0;PrbuPBnIo z(<5+J&B?`PlD6~iv6HZIp}L)yY0{CS1jEs+Q-19{ryR;s^Vr*@Hry{>v8d*LZ+J8DB2CqyJnr7~HMk`2L~3-RpQ_ zbk=4sFgU38KV+O_M~{@SJw~-w4stYfdF$wVXWd-3S?jM+ zV+(6fT6>Oi22eVxGvC){GN-NG<94`hlG&utWRT@%8Wz%(9CZ6#^P$;nT90A!>5fT2 z3oxRTcqP1k_R*>A-VYON!dipld``&z=WixV(&;OO{4HR4+~$9yR;|OSGax^zO)y;k z3=54EUV0{#OIG=8P%IU60~(K?ucWrN_9oG6kDCx7tHRq3v4Is>g0$Of78oi}X_BPm zrp`U34bc+yf^U8AN4bBq%h2IrUfyW@)bhAHQ@p+TkgKZmi*{%>HYlFbc+a3(l36~z zeGvkzO{N56e8}7%xRLz(gKUY5&Ec!OJ(jy@Q}n#wW{c0=kkDPs_J!xJJd3W#Ox$HF zCZo5Twp(IY%GA4B-w+V8<`pxu2ZS5?ht=-_r%1%S|0A0xvE9oJqPyK?w%A0T_%9+9P=e{8HI6KNx zD_~>2w2kmyF}BG;5T#2=4_Bkv?UD=HLCD^9Jhhxlc$;hHWE}G@SY+j~*DdSTol7@a z2&bEa)=u`j9Go=D$j&x(aS8H$kX@{Oc=d2YX=djVG^Z8pCPb@+cViFhZ~4#|d-J@` z04>$yem@LgrjRaiPha01=okI-Zo<&ns9EFdQdB4+FiskEjvY`qH$4muPRhqh(%hn; zAU)#uPb`Qsd-ZLH-fgazSV>IU*ElGEOZ$WAOAiU23?6i0oOt|Zo0)n?w~!n7V7ThaUv zTPb}14_kTBwXTQ(?%ZF+txW%dLQZ!YT4S!3Z`Akq>r2y>%3Lu%$5*#l=zGC3W%Tqx zLUs*mM-kDLZMjHoiMv!CYBu!7O(qv>=Fa!ulhH3{&}+Yar(T4_je5&?Oj_G=03G>* zz2%}L(Zk;+>|a!im(+VI9GQT(QOdN|!TQIFb;;bHLM~$u4}zIefk=5Dd|&k5z;?4! zoR5+{?I(VpTHHJ2{MaCj+0d9+w7w5h;>^4(+jsNgdbFyNDUut#FIcmw`SUy}?{-Kf zsXAMM_Qzv!2}?`Ie>F4M2~UVfdMvpP@an)@kb&bzhLz^aZ%3=}Uz23^22r9WDSILF zhCj9Ujt=0x4>&!qeXjIBZ+yrGB>=eU>tDfeXnI6ddvbMq`&g~l%Q$Y|;$zqHvySb2 zU21g)!yZ;};8g!-=eaK_H`(o(nk1v*_iJx4L>YEJCelEVutZe#QfnlmQB|7@`9GC0y9BNeb}Zfb0}k z+H*Szauu7F-(*UQeW^G(yFEtWrVAzET3S6!k+X&4a7uIJN=i!Vc{UR^aD^oYbIAM9 zFYjjz+WZLo{nln54~X2)_r%piel6Ifs=dEiDt>wiNLanQ%U=-X?5YXOC1j>$&AM;M z^Tl^RBBPV~0{$`#Wn=0Wz?TQg0gvw261puc2!!sWO(-VhIZHKJM^6Hg3Pyl~T~eY}K829;RDnLZliOyk=@{ zL&D2iID6qjT1(uF&$v9na}=U6YgS%NG^sH#x3kOEtL{zc^@s`lvTb@T+!}bY@)hUg zA;xk#-DaJrl`zy4b10+r4C~dA8tLGYOY_tpOL&o4%+V4-j%Zr?!s2alfd(sZ1qM=< z1bJ93QwjOP(nG?Jc^Q<~-{-J8f>nGO^#{jPHqvN9#G_njq!fe}Vf@)qZfHk#%JSI) z7T{O*dq+ofOsO7SOVTSYqoapbAp^NQ4;E02#z z37K88UsYTj`xmsLZ~RX5o-Y;CILe7m{CCLwe6LJ{I>pKplr1>=8ESIQ{(6tqK}ySA zl=c=5AxPX?^Nqz2#;xEaX1Ee1o{w2m#LkTN*@1j;6xAy=`kUmk~xrt5q6D6V4Q zMCg73=#iYT;UQgYfo+KGaTK>yD%IwIOjGCkELVm?5#Y6cRrWYjNrc1FUdZ12sw&lRfrQvI4Go5xZ-NHDdB(P zQn&BT)&D_x24}EG=!*9$C0~l4%iW#-Q@iRj0j&MeCi(R^j)zSMQXuc?RkYv0iRcMG zvKM+C^TouRNQJ`dRLm=N=DTo%o{|Q!Uh7|}oHJR(PFcL>hWv+eVRTu<_fu%^)5;+G zIrjJ+lKwbC?kARGYF80+%)f|S)YgNITjPnG!*z7dP7$b8z1)5ZnV}Chp+IR|&|M=5 zb{O;*)ZB>|dp-hwj8XCkCe0BWGTSE!pA66NlDzTzy4BVj!=MB`<{~p81oWTr(tzQ} zxApPJ+b({PkhJcy{|{sHj{vP=PKKW?0+`WVYOF+X?66Gl)bsdnlh1jPvGi{P^meg> z>WknvO9u)+T2@mBC4q`Bc}+MYb1#_0>P}3Lat#@)v4qCWJAQt`*zs4b_8t ztSMNWEEpF#aJwto<74-`r}~~^t0JJnyTO;aTS9e~5sI%#*0bqHhl^e5#a~M)_s&2&cAZ1=O`AyvUGqusUe)~Dd!P|#?>l@W* zZqYuuor#`6ID>+EcRd%c`$uXYXVYer zjL<-Y5E>3x^^_VWns?*#7X&X)PY^n8aqTk~Ym>04pq}A6%l`MGZSo8J2fVR-meD&% z1@6G84E$l6Y+2Onl+-UwH|74A_J^`N2_f~N0a?fGc|Yw=e{yMm!Bm1M8az(hMs-|e zCv^da`WCT{MCdey>zsr>h+Rlo#+s|s6(ZcxG~@eLqoonv3n?iG$%mkyw(8>IYkUOK z*u6(@_g{G8Lk{{h?0E?ZZ`w|XX?>C|o3i2k@riX)QlO_{IvrwXv<*?PI-q;EKv*O+ z$_6r6pP0b@w424qZj))?8cVG^J&_aye|eqyAO_{FwB=S&3K+oy$E?x@AUaMPe?Py+ zC~)$?3;uc=g1Occe+)uSz%OeVBu=WsZc_BM98osequwhrsHkyM5u04_V}Ck3LS#uD zeeN4eA`Fsn2dtKk#O0rmfv_H|nJ0CXZ1K2$wjirE3&5a&-^L9ou=@t;uMbK39?L&| zd2US!U~0dqOP0M%(Q0f5kXNALEMHUv9zoujm?~25H;zjL7^8m2ywT8~P_5RMs9*lB z{l}&?^KzkiGfW;&E=Pd(%$HK^11T#?HgB2Ir#Qb{D z3Sx~}&*!B+MCq>Ez(GX5p#Ajn_^REQ;AirN96hu9w-aQxG>_N|wOQsgQ?^l;N5D&p zDJ1&@I{ff&@|vd-=k+gE=3|?xjiAd-fdE&_WyyHRgxbQ&QX8edrV9yS0$n`0uu9 z@ZSuFS`&*z#ULT#)nQMK(?m^e=a*Sy(?Zd{E?<-kiky$3kO{lT*YChN@9?chi?SLn z5Yc#--8^&{Gx*wDthwk z)c0FAbNvl)v3YrYbT*#g>SM%c?D1|0*XLTN7S>r>w7q71CDQm;QwNuZo3IDbD{Z-T zjAFQLU0&OEFKE2wc{?k+-4yQ=fyVD-H1trViopdB`I!BMtrS!(=uE8hjKt7w-=OMn zU2a#sJA0T@z4@1eg@R;AG4%qr-8~>+~TnkTXIt)#ZKKgk8usGeg?UbNp>gFQ_;7zc~ zZL$EWFHZm}g7*gEi@3lp_A8KnYya>@r+E8`r7=uYSCSUdoQ(wRWZmAdzFH552?@QB zSQboXkx0g)k?854=2T1VaZEMLCfn!-Dv)J^dIv7YyQOWP$4!0R4l${l-)1O^%%6}? zeO^eQ1F@=~iRw>rXV72k$q8p*Gim=KDt4|g_Si%xL$ssLd-GbT;h4rQe6We*g4|^- zk=2WswC~XBC|9AgHclWai~W|Ql!0+lVX-}(>LWubnSt}NVe3Pl81!?;i|g;!jdQ*= z&zBq?&Ot#L zh&*}_+E~jUQzM_hrl})G(&RYih_L4CuDN|%V$Jurgy?H;VK#j}iKVm5)?(>hwn@ z>>70W`8z*Wpp+2tmBTi#CCd;Hmh!BDh!pN6&ZimaOAm};=7a67;!hQ6Kjmd-{`~#(!VasOyJ4+lnouDuc=qz-#Qf& zM*|jJakl}hKzjO;E0>7|%A;k<{)LEf`lfmn3=Ox-cr&f;Z*>V!EVo6I56oSPi7Rlw zRNBc0H$>a!IC<@j(*6PW~_-HB^u33)S7fjMt`Bp{DNku$0Uht|tPntoa?a-B&pX zNi4+IwPq?}`X{1dT@s-Mro&^tK061nb%dAu@pA7!ua6r~=C&M~4pM`FJKoTAuje1R z|JdYD|L+MJo&YR02j7jOZZBmYofR_P6&s(8z5EEyGeeJOfWmcK)d`z#N6)j>9Nn zHyeNa#?nw{?8wq=*XZ7RIQ+#_y(0hd&B@aYAHVyksn2Yw0sB@O`u=s<%fZrz4Y2iA zd+|cQhF+K>ZxR)G=aE_qEttPZkQ|TLT0`jBFpS);>hVY#L9%s!as2iA!)F+>c-N+M zh`5z4mcllE)B9k)$^3emrXX+rL^)Z#W&R5?wPJoiky3Z_Cq389g+igXM?h{%T;ahp z3}nD6B-GaL8xGvtoyp^Igd%G6mfxTw*9jsHnXtH72nS=RFpOqH8ZPbh1UbJBwyB=) zjK4$-x@EcNI$>7ov;f9$u#HcF)ApeQ^ffu^_D&>zrVflhOqf4H(M$tBpOYH!P;baz zi&Vw5-8dAuRt2grZE|RZeg4h0ZwE3MT4bn=MB&ZGu}7iRib`*JV&|kR zKRRrhm*0w0r_~ss|G`H28A>cbgr>Ue9*o|7!Ec$LW(aZ>^*)00AT9GwTcG71D9#fI z{S#ul-(OrsuM^~K`w++>)oy+rIU=-EuR9c)B6jbo7P^Wo%Z)z1bkZDLD+RW=cVT4c_#;cgZn&h zixKJ_TtU-0UI@qk>3DwrQ;L56O_vO`=muPLF+v>D`Pv-`PVV5VaFqHfy`tr2!VZE~ z6hUqHjPSg}W2w&MVI_Pm{UqG#`ZDksNP7{6?T89%Ga=c!Lf)nD)(Q_)B*|+;Ac)uC z#@}(#dlfHPV?dNTZ1WkoYJu0T`p0umZ3Ah|q@kng+Uj@9ABOALn2W!lv{xJ)GvQKS znh}0v)YZe|%~GxC#p8R?TvVIQg#@NYwWZd*dEY8${(nrp1w&lh(zTleg1ft0<8F<+ zyF;+XJ-8EsL*ov?J%JG1Ex2od#$AHD!|ijvv-f-FPgp&>R;{Wro{^$DCX%T9)0()i zwu!pruv*)Do3ISq`(xwrQZH!R(Xeki+)!MaA(Tse^}A6pFbBt7Yj#ZjSEhsgCXrex zhzs0vnVm|hp0v_ZZ zfuAC8x&6u355+i;8%Z*Ds!UqGAw!GG8F?Le-B>U^x9|;Tib}sd64XDsIChH}mztBY z^1DE~*c}nnWRh#@zD;(!(iL0rl1z~5nlnq&*pY`K!C=^|M!cH@xd7QC*;lbAev*A| z=Y-ou*?rCLw!N~`D&p{Z=9E8HGG8Vd2e=l8w49{b^BfW2ZedohKZV6XNPE8Am0R!?6+@LokC+k@8=WdX5ND8~}0|A|TMfhJC5p_7HKO z_3iXN32;~pc(+=YqO)#b_kxV@bpxL@R@f~M9+wv}G@p%uE*S{sV4y75VzL3jdqP9b zLn+Q_oCEsxS85+93>37A7i)Zu%mAVhza4rD#+~u;_HQNy(}2!`d5J81uG={aY+bK$ zM@R!1$gv#M5A^?!2L?^d)z$yEXB3uJZZPl*a=#ki3LYdgu5}z0TzflIJ-?0j|DyV` zudByV-Dk_R|2{mNv6k<6`w{45c;7ZD`j9Yutk)#kni-r+R90=Ak<~`k9~+4hSd5Km z7KG2$w0(X|DSDuMdsm0^!lVt|+>u{Bj@047DW$RKs7c48zh3G7r&+(3(5%p5NL6q* zGVKqiskiW6flmYkE^YzN*cnOWVR>_#l-_VgsG z1c0CIj>0qO>`NPjsSYs*-O!kv?#6y&z%g{Zj+qmuSJjc1eBbz7gNyy4%;qIL`TY`!eowHN*{{%l!qB!lj-Gaz&&dLqabht}yg%^TZK?+&Xv4PQ<9+6@*A4 zR#;2&q9d;JAe=ZVBtx630~UN}r28)Tm_HH;S7H|O1|EiO;2M5hBv}Ap8x0;hS&V_@;DcT7Lsq}b)5-el(KQG+E*nkKiz~4LfeP+r> z$2aG4SSzd5EO2CbFUh(yx&Sk9#lG$FKi%FN?mxTDksEGHFeLEdq$wJ8nU{r>=wN@( z&v}b)LIe#qRN-=G&Paxy$k*Zc9X+!M=j(MzlQ0y8WvJMrIy)t=z|N5-#Y>{-KbaNJ zQ3Nr6@4f&ZI0zpklxqC=NtH{fYC|@_jR?@jjrpBoE%3sBJYO+%~yZPcf5Rl{Z7cAsR`5%ZRl1M}Z3CVYpzl5ax zvXISO)Ha{dAfvIN9h@MaErr}J*I?y2a!TXkB1xn~j4ek#uSnGNK0GQJa|GYLo0%r> z1c@s4tH0chE@jj5(Z*0e$l}CMoO54=y`>l+yM1u+Yu-}UO5&-~xIGA&oY7Hjglw?W zJUBVrkD=+ds6pbeoZ4qK*hijhnWl*Yj|b|XS;A98oiOIe3x4JFYmBGZ+U2ZPo?W8j zsa>6(|KirY+ETJw%P5^{(YyqaNQV6Wr61m)0Yo1_dNGuiLn7QX>DWfei9yJqt-zZam-B~8`VpHF`puO$F1$R5 z5r&nhalBXy1L9})?IU>v^H(CS88TglTjva|cf5xAg<>>3Cky;z#S0Suw^Y4=u_TTc z>%2y3-_G0E_^hk+EmG$9s^7M^rqf@C&qQyRnqFT2(6ini0-hp1O=1IO7TcfRbp>Aj z?c2r3q;ez>L@n&w;3b6`y%5=^maIS}^|qtOll*2(B^fz&EU@PJ5fvRz&^1kjQ;0)&KZE zWMKj<%0)Mq4`0GUUfw~e-=nnxSCD29e*7_+G){DW15cgw{Qc45GmX)YPaNGDnJhQ% zdwlYVa>*RrpsTg~lwIB!!p>jvs+?Z0?*`BjzJ6dcu1jzZe1$G0cmTpzbC5^6Fjqp# z9nHf@(s<>u#z^$2qvRW_zCqU3sJG@z72{f$$OYzuGK1^s-@P9!I7?T}z#YZ>x$lxy zBwc`O51k0&j^d)S9UBCA!uA4xd|qtfW0Y6>{3nFwi|IUX1wcL!nUaq(RS%@}HJ{X_ zbBGpe9!TBl8<;RFrk@}GhGmq?&)Lz~o;$3^#vZ{Yg0^UyC8ROcaS9s-u*1{yJh?Zu zvWF8}k7g(Q`2e>xYpTjigIipRgHcYT)N&|Gk=Gf0RzX7i$-;x2)(iy2)AcD^wX#iD zX^KwU>u0{-K3B&teZ@Y=ZcEBn>yA;U?Xr;ZT$wEL%vsY&G^p8F8pjJuLGbnaK@h6! zNWT%N`%A0)xrdSdr_q?>@<2kag}-~saLq+;qf~?$DRoB1ORZ2cVyEloyGfvJ!~GLq zr-ga{*OvZg&3~`gkDvb#&{_gz#t)Bt);JXRx^~b_yuZH-N!fZn`xG=PpiU65yOJCi zcrmJC;wE*}V%^K?Z{j*It*F`QChE7Twl8axyc)@v&{h6PLRP2P63r^rg z%;nKEZ<4}O1S|8D`;fhw-9uhSikdH<7Pufb=fAa)#TDS-o-k)>s~g;cxjMI@PS{{F z8n9LJ^KbVrWjVAzQ59@=m?tK|2uVt9r{vWzzx-{69J4n*ReK8<5O;bFD-S)maS&dy z=~oZa=u1Z@P{_p7&{?;VH(Hg*FHuPg>)CE6&?(SQ4k9|o$|v16*rghjgqkqS7&5x7 zn5Is4z9C1h8Gq&ZVdVfnc?Hl>ke!3K?i)d1zU`we<@nl`yVAcN_@YoKT=aaAC0$8& z++dZLh_-8{Y)ZQR%RBzQ#uWi2JFOIXHwjCMTQ9^2AqMYr7EwjrS;42{RySZ#_8nGJ z?eHEL)Yzhd$ALvWI`FxktKuNEs;b`cthpTIU^OUzuqZdr@wM-=u|X$I+Y#kOy!-DO zRxQsK{~-}JeFqQ=;%ksOT4-={m%P13h5W4!4OWrYNlsAea zCwDz!t1pU@s=dRIH=KyX=3}IrxwqoXpaRir@5FLEi`81OC%Fx?3@u)TpPEacBa1Qe z_Jgs~l$lY{%>Tl;q1CNxXCHQNp(Y@^=Nnt|f0SzXBjU*W-# zJ>K|sU(p`vbSrD;&3hG5UqZ^4LWiFywbBwqOoHaU*}BGKelCQHcmRDiSx1 z8rASE3JK}Gxpx9R8RYk+08GT5wI7*P{#biFuht5Nk9WT#u3%mHZ1x$%w`CaLY0zs!ssVH-H-@Gn(hSrQj z_i3YCH^Dl>$Xwn0A-tXB*(;>}+l!taaJK%U+4FG{sap!~+_RAGgoZcN*oed%40c0( zgpb#n!wgwFqD=pA?o3Ug{9; z6CA2n;vVL#kDk}Ippf&7ovXVM8t_IG6z$D4nMRtM;Oa9LhPr>m^%ztoEnE4-bl9xg zxBpchsJs}r_|mO|=CBgtDZ@6Q)o5#Bzep$3Ag>95E_LQ*Jj|rzjEg=^4-p&{Xb%ic z&^6?=RDv5l@Ei6ZF?)sDG3BcV-p)lUyp%>}>gjXy(Vn0YG!lx0(Du{%RPWBgwUZ~z znv3cazvT0-ZSkZc9mo7P?-MsrQBhY<-P;F=))vKty)-9W1H_oRv=n33p^vAq4gT#-$JUYzB*8RWV@1bb}V97M1 zdwJM)Ei40_jVn{?jV+;QCa{clB|EeEcPObSNyy~Y8?`iqbeKYX1%mwGg zW0(Cq{~PBZuQ%v~IE)_sjERK6+4T7SH;lZ}P>4-8W zA7eRAfeAEQn4Vhc;{XSyUdf1o+Q%6D&nNMxrj=_uAAjIeloSUImDXWfY7|9PLUu4Q2uqM-x1ktsM@hjNshdE?Cc5j6rljP$43mAn zH!k0#k?^a&PUvJJfaY^MP-B%pl&|LDfZ1IcK3QPTmiSNVgz6H)_di50FSzw640zE( zK@S-F0S|59GoakXH8w{72#O;GgU(2!*gA6)1gCZGem)UV#O=`Wnnb9ZDclaaW}Rwt zNw6&Yxv_{(HaI;gkd``W)Sr}$Uw6=4!Yt^7d9^TReP7-(W+I$dq+&eqolE!EBRG{= zPdG2PCBVD?g90&CRa8AwYesQfm|x{51;K$p?VAVR*8uYQ~7oIV$X#U36V zhtZIL!|Z3-Kn-TI2e4gkp*59>jxc+k0MT5o$`*GW`j)=dz%(W3u>_*!&7Fsr+WfCfQk@#uAloAwmHv zP?rAwK=o{sjkP5c=(SJ~gxk{&0;D}%&_wXmI!-I!D7umI!7asp-n&b!cnph6p1@AZ zUHdK#l;^`>XqzA(?8ih{dv4cUZ1?&~M`l3S=(M=);hwB{A6N#%Ml>iWO>weQqxd#^EbErxZAp1|f_t%z=B z^e|QfEeZeFh2b)#Z{t6!%yWN&6P{T4yr-7MsY>cEdM=2yW*cn?Wx5Vq04@F`ne|~p zL1;(3%rC3xvvE}O0oT-|s4nZbtL>Y0d7CSmaobOCH)L6NB41pdF{I(P*|Bq|S?w4; zQptl#{jc~v9F*u?X_*d}8mQGB1!G^KmNa2MbW>Q8mAdS~J5^4dE>5n z>#UiYIL|uyx;6eS5!R1jC0++>44A7&20Y|)tL%ztxSJY5&23EvM|d>mY(1(i znqT`su%}U^YU?d87wRyES3r>_GZ?N|J&i?qBt1^^+Moi5=_}LiVld(7J&$jD6C~1! zheetvcznVwIpj`DvQy9kjh+O-Mf4L8VK$hyQL;drf!$|5-2_3I6}jH#^fwoDxflqx z9QYs1VlZ2;WRMnAEQhp3@!?BD%7mRd}r-L z9%+mX^HFej09`}ds5j?f)5yX|?N=4!fZyuO#HYRKScmfdlVwd!1L{opl)~tk_+L}V zW=87+7CcVckI1*yWOH{K?DwgPH|~>F^UJFDgG^N`OS3S~p60dv9|rk4W(eGDUv2+Y zC1`8r{x3VPB{w`2W9y&$sFGI!Uo{C!T&4eg#h{N7UP~_klBwtt9(1R*ltOF<%c9E@U-xegTI?p zv?JmZHK^U@}Hwi;ifOCw9EBzGS0OP{4A%DB6o=?KB^-S~c@> z_yIw2)=nI60?|gl|0v0#r;JGZ`Y8}lR?PeA322%5uZ#S=-$KXSrGgHB&9k;or>Mm* zk3b#J3|IjiE)}v!rMIU$yTboEmT8L z{bco<0z|zW3AamGlAqn}lViy8Hr$%dHgZIb2Z_79S-Nf}MYmYqTmf&s7o?Ryei@Gk z3`JFw;gQ)iXf>t19y_Ey02KPmD-s$c7MAd^l-Lf$YfEWD%)=b3Yyi>(fTaS;xhyqX zD(n`VhFx3P5qFoOWSmAtAA1x=K&y=rk|BhquCXfy{CW7Z{a2IbhXfYn2m#827E-p#aFdp@syr@5M6ad`e3?V@Efz+Zo zy3Ma%?DuV3OEu!;lYiNl&KEm5)&l!KJwu%`my6}U$wlBeeqo6+P=*B>*d&_3aRHr5 z85}quHXPMuDJ>I=?-SNK8FPuBuR`6+G3_k|^%!y_65jRNPl|*GV6&iwV=72HKz>E# z1%)$&v1R_;tWg-=Ctth&5O~y5W~nwOGWxc)h)%-{$!}NB4n6Qc`%0Jno9x_aJ37np4Ri{N1xM|PM{Nrjl?DnDi0lKT_*~nfgwFQ!p%dXPq)z?KeRoP+yI?Llbzd3i^DE0;BlA@d z>0cB1FuA=_67qaMxKR7j7;(Obj!|jEyM2VTi!}pW(G{~_60P@OGxR(LZSQ?@(9QB% z=N))BA`%iZww!Iwhd9h;eV_gIeb#OcaT&F+{3HPzu8LY~Q9_z!kopz@FpVL6Y^UR6 zDs>+6gmymRyfSbk>QCwXc!2J`&i8YFKDOcP(TF7{BFR#7AaXJ{gohMq$Nuap9|tp-{nC)96=$}lLoU_r3r z31R0=XpjJ$fE~6^m+yLPLQ}5OkSqVPP-*v``0X1ZfKX0!R*6QxTqAjx_H04BxDZ-i zrxocoQY>4`riG3OjS2n*eWh6919d{YmZ(JDL+DqqcH_GWj>>hvgs%2yv^B5s4u?D> zhH+rrS_=~*(nlJiGu_BUVK=s>`!sxJhtDI0X8wa?ULL@UlH#te!HEnp8i4m^$)Oiu zW(l^YAsb^h@ zJm|EXIaVi_u%m+$7b`I;Hb6q~g+DLe$c%x%Kko9+**gt^wb!MBhb!%vxC)3)byey# zH3(B|!j$RtKo=VJP*pjPYCCG*r(d?^rnBWE3OxZ7{)&nwl1k*M)Sjb?&XQ7(VQ?sI zf=*JLuo{nU=f7h&(jzWwmY2uAU#cAt|1-Gf8+MfYZKrp=Eo9+k`{VPiEZYWoS0L$8 z<7p2ubKTZl5kIuc90U4_^cNUYQQ9^xa~DR+5X>M^+q*_MW)&1x;6Oby^l(i);k}EY zI;^&&T;Cf?tDr8?MwBxYdSZJ9Stuya0yErAj}Y0 z`m7?IE_;0GdcMf<-wB6@l=(7D0^^o8u>99YGZx?Y?2zoL^qSnr%h-q;X&j0iw+zHe zG^iNxNG@r)@Oz67G8{J7j!&Q+cCYuWOa8PBpnpJ?ZvvVmkn0!m>J>?qSm$z%kG60> zm2Etvs4BW?McGIAQ0Db-Z@K4u*^c->`Bqt}Zl1@8=-A=eNzmsMDgmk!BzV+Z_Vr(>w;t~%-V zhlr%%XVIGx<;F&9*(ZChD;AFaHvL7y)F0YN!4@tq?+9@SSszfmqpJh2nKGQEX;6Oa~o>?Dna_txQR z>_p5b@^mk2N~zEOM2|16oW6#GtX8@{^gca|RzIgKy!3iKgrMh5(k_TdjoPGDEtR(#dFwr-2=uw-%TWqA7+?(g`vIRm zEH8cqGitDoS0Qo@cv);wCEnuMDp%;4%A17M?cb?SDaT;S!0MZ3%8!GQ)4{40d7vWsMiCjB-l!tm$S{pV+Y*$ z{_%XzOT$LDL#(h#16ny16$6zEC~kcVzo^*`qJy=O;UBu8_Y67j^9rfPh~}m0`9F(} z>VN%-yS_+*cf~$0+v5XmYj=b&3bJow|%gLbMwWj~F*`;3qNc!`cc2CMQ7 z6j0BL^@=E!XRH!QC$yqwA$^nCht63%Mko};EJgIKV5QB%o}RBhLjLR9V{AU&uVeib zh9?OpP|(pEwxM_L@aTK_sxp}hqrca(?>CK(p)>(Y&clJq3P<^ygB=DwAK_=!F*2xPR2*#cx!=a2@N9)fVwO#llfAo*?NN&ud15rp@-^nmn{>(mblFE3v<`dT_1R_epDUymfjGz9mx4jBIe zLMa$<6Fc+dpS?OC9#5#5b7ocRIAj(xeiMXTe|XN9D$pv?J1x*VEm5n)#2N7pd=Gf( z&316w-hLlTQ|^qT&=jSGjN51v!D3*RjUaw-!*1o<9OM-f|9qfg{5Fkz-x1XQ<;>V0 zy(k$KkD1)+#Fk0Vb44N?4^{ndmDonX$9gJB>KX2$$VQF&l+r40M_eqKtj1b~L^b>0 zLl}(8%Qg~Kkzk${Nsz!&qN3{{ihXuk9O06nyxVr5s2;1EgLCF?hxCXQSRf$U6(Et# zo9i6YPgE6^wXFp+tnc;+1*_XesGFxXQAxK|MM^kgG7>r{T;{?p4P>1|O~|7S^Yzr@ z%7%BBaZG2MF?S9Y+!-N!)+{A|Nerjd7DW;I-fHZ9z{CPS{S)?o>Prb`fZ(@_Q&3QE zw){B7xl3$HC)_<=57vLO})GAA9{YFW0e9H^HTZm2`{vqC)LUr`Z-#c9M3)Y(c1ccE;_MOqDDXLT;Mk zyA-xhS8DK%nUrLN0P=y_NJhKcZT_eEnkjkHY8_fErJm5)ucH&*x;nV#9vWxdYzXOG zJY?P$g)v(2N%|7VjMa0;Z@0;ArUnc0o>1>K^4=XkZhxdRq`3qi_9y{pOAJ09`ZVTS zE}T^d*kGT%_Ph{OT_9UNOJH`XbzcQ!AKVBPpH~ilV%B8PVMzIoqaX|`{&Ag+s-qi^ zCe;-V+t6anF^Yo4$Sz6CVc-7)C2~f7eE2cwC325z;pg_9sN2V&>tV%*-{@yM1@xXA zc+%HnKWc3L2&Iv?g{IOoTlGZyT%+AkM1M3;mG zV>4FvfKHktX}^)ZwNu;g*a9SoN#54LDztwH$%a5|YEARU-uzxUo*$6ocP;5zP4%7S zrootD$rK+$U?k^!efimqRW)9gF6x#UYe~+BR{2Ko%G{04$iRtKOO zyez1Xy1)^PzrT(8vs90$I~fbWGWo*3dZuf@h$Jv&Q|q5EgNIriY*zxMjJeCy@-&3) zdqcLS7M7dUk#h%+^4yR_11;zW#5zRee@s6=oDHGSc{Zu&bL8E1U3?VUFXp+E1E@}l zj{iHf9{azcHG;=!)ZkAcb^(u5pz)PMw?mN4Qy;K39aBOJ_N(hOu+T%K(Ji#XDqA}y z-1<`~HBN@Q1Tkh#IVPZV&~e-LvPORK1P?h~?3&Rsg<-Idt-%?@D+kEc4{%l!O(%3@N`p?`r76YIwyDAM+0ics zT!VPRPg;edexSFMNQZ=L1~i}T5zK1~qCP5JdcFd#cjK?UGKyT5vF*hA5B+6TRtoaB%Dn1{R=pr%v==Hj*z~a8jzea_mjh}4 zb7i)zW03ADAe5i)P3xc0;Y;m520f@~Dgi@6OW`spJ-NL<;r-@GUQ zNdXB;^^%ON!Vm8CcN?%DdY*&Vu1R6#R4F)3;*H&wY~MX^{Ql8{jIcMJ+s;?F5Gj^&3+5d;XoF^b#<&mf|5_|j@8uzltd@J@Po$fW+AZZrGCTd?Esue<}joxM4%?)Ji z2+{I=1f<&E2OWNN>erm{V z^4~3co*xVxT7P}QH41uzTlyIPXOLy{*hDn0F4yaWy^7w*H|dv+kD&^)GgCU@Iu^{i zQp8IGi(eBzf0ikk9$2GFpNOOC&#izHC3SS&BeZYcE%dtDTL-3_`1KQh3p}k6I&97LyW^PPkwpDIiN-N>jSN zC{m}~<}gwR2g|nCyRQEaapTp6;r!L?Ns&?t9_9^67=B8!cun(x*^F$Pm3M}1#~r?O zgsW3tE2eXdUpOJ?Zg37f9aiWL(l)tSd$KY(RSdcTqUSZ5Utm_>T>|IbP7#?dI;h{|;$jgUIWJ5& ziWIY$^KiJ5SATlJ!BBn-(~i*(I_hOUs$z#K&%3In8g{n*(i(sQB8XHQhN2xI_&@bS zBMLBZ2oKIgpTo;2Z47bPx94a8j_+rhNbF`433&)XhFqMG(k>z)N6Dw|KAKeXU;|1y zdrBgQ9ey{4I1~POOUbL|=QKZCC8bT4PyE|{Bl@0Ay<-Dgt^Jj<*X**N%2XPMiY00B z5;s1QA@s=Gr>pak$q>hpeP^$=MqlthQ<%%e{F)pmJ?{%_($sU1S7W9K&BwK4ZQJMQ zbXy?HR=bfJd>8twh&-x=rG%$3EJeN$_l}>py(9(ka=@yGHWvi}33nvb_`C4@2CJ?g z!dEH{-^2Wbj1rJFk$`=Oy(4oRb+k>B1kv}Q&;yY3;wWl1ozJ9~^Ddw0v#{~yY4uf4 zwb6J-{AuBo?p|oJ?&s4Om7V&!IIBZ-w~AXWHM!A69SlGSF9zZ0ATM1`i)kh#>w;k? zuzKi+i6`8C(5vdf*$=9){2&#!5J@Nin;{K}`IA6AD7Pl71vw&W;HZ6X4EOozDJZ#( zp7_|w9w)rUmuu6;9`u>YvBb6kS93h_!Z$gw25=jza#2L@dDY^_=eoR>aIqypRMIck z6^TIyvakk^_s!uErl~Fwzgf>NLF$A8?@oip9*McOp?T}evBBl5(8#VHh3T9pCzcNi zyPPE&lqaL4&&QJPveP~>O$WHvl?6^hw|^WJ{I<7=-((Hu#%crTt1~9MUJifo?>GO^ zMW9^E2>QJbMX3B|y%z{c`CoVf)54|*bIG-k==}tF*S(TD<4{$q=g}uF7W&Y08G2%r z+w?e_j&Ys77viRi+Sz#FEypO$`P<;bVzWu}Q>4UFD_}IcCumv8vN1 zKcP3!uXcJTcGB0gOrNnwE~Y!OsrQbyn*W5`Gamf;WVeY*L3*cKjW^_YN!y|^kMMMv zmL{SJ(W8-|w9QtRlG`D|wnr@@ZYrTWL3q7L4T0b6L}9?7QDK8H2EOHR%|qy7c9~;4 z8D~<65EG~LCQ)LTbM{V|8&Ycx&R3IHgT_wbU;$|Oiwvw{q6B3ck6BIA0nm@5v)bf> zoM#M#&21lAgwCI$iiF24il~T<{ zNWHx03G<&tsV-ZM8kb>`HE4DP6-?CGN8SR~(12sbb}IbQ-adlwdzx7~9`#R{V5j-Kw@ZQs%RW z1m4VhX6C^Cc+eBw+Gr`XAADC}# zzVCxmY~Sm8v5sW}EixfgA+4D1;}rbu<}fWr*FL+DvhyN%zM@z&e|NAa@VNzrkR(oQ zCWj*4V=PI)f7h{kTY$dmAr51!x__2MF5!PF`;nWj3qId9*#Cz>St#(BxcITgKWF&q z@~fsUUjt^)@X?y6z^to8q#flsVjR0;huNffX_jN!#3A%1%8x05tT@<8>*`L}T*C0` zOe5z=@Ubjf6n<3MsDi0DV8hHK5H<43K?(jBN!bF9!xX7sBk=FX2+6W|UjjWd`)m~R z^PpohN_t# zZo?Mx8wNz}F2IY+b5f(O^_pD7=4}n2sGZyiyrE-}p9#fs+QrA5MD`X?Rqp_wYOU$% zJGZ?_%fc#5hTN84>1QuHDrjpr?4^GSz2|Lb(NYqU^7Sm9f)SxCnkY6*V@>_@S9g zGd|mSqIlwKC(#QG57Ni=()#J+Tsw|tQ#A6R$sZR&!St5lY^=%LZD+_|3uO!RD9!_X z;q6oGXqUzl0{`rtbln}TaPdl4VX;FZZJ2s@w6b4{P@(_onja$l9UvAbM+7o^Et?cP zweJ%(j!xY2;}U#CN!O$Ior)IAr^Q?Yyj)arW0bD55u7FQi)NCIzpYq?%Y{g zYU_I3mSpa<>TeIGHoluk{0vRLi^~eysg5d2S<0x7Gj@QnY94_A&N$u(S|QaH$Sk3K zCfpIRN4(SfhKem(3aB6uil5hs+28>zRNA-c!-Q|jetmbR$$%5*z5Fq!pQ6A1HZ20; z69P!FpZ&J9rn3BRux@KW#Uwv>kcC!Q2WG!?S1D za7sup>?3B8oUV`vYX1@F5@mGvSof3llHrt?@!8jOd-BxP<@fmh-Q?-JOKrQ4jM-0352<%vZAP`J91A4;EO z8V^h(+%IY|8Fur(kqA^v6|Bfstf&^uDb{Gw>N0FLlPR{6v-pJf^Ewx2>p&=s!y z58~~Y{I&dJ!>t=q zZ!rfafB~y6u^m5km~`rqWzCEZ3@lpOxH7fe-@|^*0{EMZc%^vFua}PA4Cerk_P2(^D5(@2~JkW z1AbgAHzEBuJ8bJLsVoX-(NmI3U(OJqeLa00pFNiYaixa)s;Br;vk4B8Pjr|OJ{OR) zDNmuWHNma&|y^W#%e@>1#pGoaix+fU@#-!fXLLK9kJzl8wd)YM1E?z-hVM`Nd{ zNU+M}w38?HWByf97zs!0eY6^aDG`HPJ8TqM-$c^dHEG+s>u1{A3hR9vBrnwD+XTRb`p}Ip=+Bq*IC{p7P8v zGu~nC;bLwmd^HLDAWPDyHbdGYKnIRN=aC`xi9s8lK^LCdU%o=2Q*U4t-^GZHw;gzf zEr)9SUZT0Vh0Hb8qj^^yyxdD&X7w-#^&LV9dK5v=v9kALJ(?tWKQ^DxA zYQVQ=ByUaNj71CE3DuWoM3N*ZQl$W4NBqq#BtQ4D!r@l0A%Y@(8W>xG9|YKcKTpxA zq%^sxRe`eJr;JG>q&ElAKmtXN-sD=1ZP>2?}*uD+;xa6X}N2i`1p|yEX0*GxQsH;Y4j}>YBS_4F_iyr~-rLs%2y&1b@j5 zTmRtL&z(@YZp1hKeGx_%qfE|C0`zzI*eKupy811)W?7RM8zSW&xBOQ*5cPmB`yM1nXR?^}kH5IZ!mJJ`v%P__;4Yra?F)eWIie#r= z&p56clwDw;3ogJw8)4c=mAz0XvdILQ*9_z5@(<^&czwAO^-Yls?$L_IiRpJ2wfLz3 z1foMPn??2kMX^{5(xF0e5`t`S=^$(ke+o$!7!^OXJ*;|J55PswSg;OCawFu0;DtAo8#OUaZ=Tyo#`}Xm>}Q&iP-*|-qdX$zULeI%#LG0B^BzO3toTLbW|rp9v2KDobz#)_b_z51eksq%b> z5VzseltaPRNCMR-`q+LAji1t- zRbRPIdfrpwD71PT2m5y_b?TMs9YWVGC2HjfqvMI-3(bWoTRBlkAJVoyDME6pH?`^jH3t)3r9(XV zp^_g>b&Lv${Ii<<_@559c9%hKtqtxgLfVfwNFNpY{g+yjxUXi-tmq$m(!0KNBqPrm zut+%adpyrI9cR(CiaJOq%{ZOy-*sM_zfQ)t=Q4RYz35W*RU=ahJvny&Q=pXpEl}dR zX9Onrb}xV5ZnKCb!d}HMF7up4h7B8?iT>)>U2rsL^(H3W1pKL6}wp{p&07Za#?tFzWSl_z3oQrCTGyy6M3m6N^C!!YcE4!$;f7f z&+SAgp_>56cu-n8J$r)CLaxb-r7dv4vF`ZBy_bu`sb;0!scq(D$MbGG&W&;z!+jM$ zA?q)vbTPqia0T*jZH9&ZQT+30TBH)P=w0K>elnzvqaoeFiw4uywc;pfveXx+e)#gn z0FR_a?cEDlp43*s$+CL@hL(Tee^1r)Q^YHkHT&d}EKL0{#fK z@l|if_^IX>ZyfYcPj|l1k6Il4iEjQQ<*8NPQJ3yWylb*{r(*nhTw3($x1tvxa&FUf zAk)8vCF$S7qE=({l5NPke0Zyk?6n)T*PG{G`w;Xd?A&U<@VLpt_SPeb?Lcx^W)Rr= z+gTrtgRqX(hiCgBYA16jv|oK_4e4(E;vKb5*t_<7Pk&OoQaU;T5w5|W3LmEx!Dy_c z%}sHV-QwKHIQ%tfB+C9=f|^H9NxKox&ZZYj+J{dFJ!1|zJ+80d!)va?ookY!09>S> z*{(|9Y5r6jmmUD#=a^LffHkMOHHlzDw)U?u^eR_}L2aa&Y!tqJ!<-|U{@m~Atiolh zZFS`AVi3GsehvzuP{HsXX?hU#B^t?oez9y5I0;chl0~{j!Ff1$?j+akF_+|0|662* z#LUC>0^n(|EUV~{P{>XNA1f^np{UTTbsLinx^r3L zu!_S9h%m|ou&@O(M}6<`_;VvPkf>ot0PpO4-VbV*v^8d?LY9U>lJu@LsM6IIYSzko z$D*xkgG93nR?KCgtx}D z{r=zkrLwZqverc5zwesL*6XjUh7;)$#!oP89W!^5FRRv!u!NcKerJBFhgL=Dj)}yalYR@Ch04Cjlb1 zC?uKREbnZ_V)3xRVhH%vYH?Yk+BlDJiK}6}AKNd!|6sts^xt3;RVe3K8}I-u2#E(< z5c6+d4!qDf#w+cc?S4qGKSCKGFu0*}G;Xyiva;Ycw<}LUHuC6EDK&tTmH+J#T>_0HI3x z@p81`X`S@9aC8n2vY;!_v_-aP_8kfHW_U*>q@2zkMLAunpR|K&+$wpQoIg&UfK#TZ z>{LQ^H7@s6(D%`)8zVf60tL~4(u|45;UjEdBsr{2)u9Pr-|25)f?a+a-nr8n6SjvM2Y=SB8Q*=TWr@$p|)bi!>Q%1?tZ*-ZCjq;@o+M zKLJh(6Q=hEFYf@d=d;d%ltGv4YrnPIngR}X7mTpdE+06aSbF~Ve#uPxr-X1~Ng%ML zKRxlSxMY6ESq(by8J|2g?De~ZljJz7v?UcU_c_?$aB4Lj)pyR5-)yGp59sS+;ku*h zWq*XQ_AP4Ht0K&ak;i8G7{nkWm?dDjwvZ5HWagR`%10AY`w{F(#z!&bV^*uB;t7`~T%Wxx@f?b8pDlM2^QT2vWZLbCw-GaA7J zPg4eN(09#fyK&{9oBB6L#AfsUG9?L3s${~)j3s(|eGS?;2dTPjEV>hKQ7XZcNm-3M zW(qCj{7SoUvpB`l%dBDHEPb=n6eO!tplZXOUDbZ4osf&G-e%#wop~k8yq{RP7G%z) zZNpw0>z+8$Z^O@1Gv~qe^?eYcK@1Jr4-5>rjiwJo<9Om+-Odl8f$mLW9?j_wEwo?` z@GeoPn`}ATI0mdT7%`1>c9*y_sivw8{1;abGK}`q)FoTHhFTvs@{mC)lV^M(oOn22 z^}xug2{CU~=YX@(7C*`1stz^KEpF2_v3>USTbf4c>?11Z4G@`_T1|Kks_x316m~^% z%vZ0jt8c!~YwA3P0ST(+I@Ca}C7E(*UllL59I5@cnqHB!2cIB~PWR0iTM;EGX;qH@ z`ydAo6D{fd_Yi(+v!6x2%&j|8<~y$7dp;Mo_lf7QT7K+V&L0H(M^XDt0J~~BSlxgft8RgweL)zM}XP0wi4jykzGY!#k*GN8E<*(;b(@8eMZob}{0j z@5wm_;8G?tNxjDsKhiv?kL9%5Pj&e#T zZf>(l9}+EGh~=}JVsCF-J)OyMEFF6K{QS*e~rL@t~RH_t^ire0Z$FXGC+Kh%-DB_$ksMFV(izxISKwQv`cc zu68{?Oo9=eI>vub)1-6_LFXj<|0C)vquN}zZrh@zxVw9CcZ$1HDDLj=?(W6iOM&7J zMS}--4{pI-ZqC{Jd^h7A`Ij;BW4+I_rmVS!aDz!pzT3?F=Cqpk(`L+{y8o=r_%sAJ zE%FyfD1gLkZ>mbvJ5}kAW6pBa>$nn0X*Y*dLmMW+T9zW)bEc#h-xr?dIGea>Z!JLMIc_osD)QYoh(fHrWdg40hI6cby2?+ zgi^EC)kGKCsv%34$GGT$C$sFp_fI_l{k6na|9gh~dIi*o@_^spbZV2lG+*5}PyGGe z8NtuRBz~)1s{q)A&b&5n3?<&!o3u%P3ikW>@)7+y@V+sQK@%+~MFLt)Cb2(@-~sdW_evQc<7mkL9Wo!_8idF43Z3)K>fb_37~r0HD?L zn(GZz6S4ICz^ZOQGI~iGlCF?ErY)VCC=HYW-zddWE>ANRh3xq?_|1rEd2a(RrALg7CXCi*atXyGv4w5MgpfEu4PwuO(W?_{+VSv z0hycY`rMO;UGOW5L+c*G+0(hQ|K_Bi9ofRWzX4<{}O+KaBuD{ z3WonZf3U2sr~WEH&CfKa>o@y}ez`8Ud7)V56%+PW$j987L}V=Ws) z5u%tdp^_Bq%-Ib(DSAy*!fp`!uu=S5RWRS;C|- z8A=U|sj0^JYHzkWuCK82LDonY4g;F*{?4}PeGc&?;+fVNS(3g z*4~0k@>)zPJD1E7PavXdd+Cgmw@mP@{0l|1fBD_vc?+`1g-kqLI9I@7A)|n64Dp0L z<&T7vsBfuI=Z;T(&*xbqdyi8ok3zYh(dqg^(e}>Hs zJcCL1cwI!1Dtyc{t@reC||y?n%CwyR(R3)TXxND9J=-X@|uo| zDCS%pC{|vcnU{9}Q!MrZ)YR`!=sGlBxKBO278O6ktR7+r+8jXf%Ze*q+RckmU2F0R zE(l^JtDZ&W@*SnTDUh9HM@m<<3(1L*43;tTYa+F&AP7t>QOhvApf|fzTXyo-}&Y(^b99F8b0msZl~XJ4~b$o2}NBEL*3Mf zvZE_S6}^EP#hv}L>H1G6oJUX}-kkQI4^|SZ9z-2~7Od^=<&k|;IqE)+;_RNcdm@`} z_#5GS^yatbdo<~?p>bXEEIO2 z{Ecl-Hq5wku2+&e#C^CvRzj+<8>_is%w*o?GtJj9>d2Y$r?r`J6hfY%!4r>y84fP# z!i&-Ghiv}2zVW_FB&zM1xiK5=g9{Tm+|5A&@1xv2o);X}tt3aZsMC}Z&#bCOp(1pd zbaS{=_57z=WE!ov@3B(e%MR7v#c`=xXN;F}^T}h)bsrU*G0U+Da(+wY%9X7h$>R+& z@P)FcS?cOQ9JD9vnHT5XRirkewHLnbyi-P)fMYIX~yP%g?zUYymZRBW`X1HG$9c5LI?GGVayt>^aB zD<+uhc?`tbqjMK?5_D)UI^GWq;Nu23VT}-ZD~IVu)=od&3wfssA-!L7E?#Ye{XX|R z)Q`0psiAb$#}hCV#gX6v`6%Z;iX6`VW>(S3fmB!=v>N)Asbw-&0C(GwG_uT3yz~iG3;>_d zUG)SUbG|&kdvOnTj!i0nd<@*zOSR#hE?b~h#Nbt6xjxAaWn{gUnfxPKtR?-ggAP>P z@HuL(3$kNg>UzTsCE4u~Zqz6nT>4fjUihcE(X9drg@kYN_P{~l#EyfAW!}C&h^e0` z#C4cl29ibdVON<%ir6!@6M>B<${cpgCpiDu~o?VhYCEFE4% z&T7d9zZ~|XV@j)a{b0j>N0?3cpPytV7Ly8@%uM%_@d#yXcbIa9qv!DlGZ9br!pMO< z2JVDLFc=*!tKvhUV8yg-t|xOUHU4aKpyS^L2G0*?+?7B95tq9UU5dl;)_K=sUXx$< zX{DpSZr2x$J^SC2Je&kPQTtaE?I8Cg-ySoV#Mp#p`kw=i zs$ZT-IwNk2Ur*OM&o{m@FJVJGFO;FUFB&bCsC`(XrUwwt=|fdR*7&p;jS$f^Z*ncS@EhPj&~x*R`|;W>>T z8i>qZg4x~rdGXj&Nv;xf7lh{lj>0EjA1#qTw~6LeM#(4w7kN22fw%lpBL`PE>Q!f= z$yzmzuxWLwAKC3R;H+}e5-2HM*kg9nwsiXfzHsIbdWYni^b=L@V9TL_ykSzf7S(#` zzLVdGt75U3k8Jq%DsmwsUf1To(qoiktMrG!ml}%=i>o=C8edC!5vx+dz_Obg=BOsb zC;SjoVyS92TDk&3cl-$VC7WeWrh;(eH|jpdN^;GcRHhx9uKi0#Ty6Zbj}~0NQ_73b z3#QpjbKZ3O#jiH@R;k%?&f`P9$_!1t1^5tjN3miwsnumgwPS7FbuJ-2$?SI1wt>#G-w#W9HHiXct`bQ>aL*KfG6joL`ZaxQgk z>yi5GdXjE98^tL}xwxb25_FpE!@T{z%X6OGpQzM^lNCcc`j@Dm8zv6zIm8yek7WXV z&?4es_M9`5E`uy?o@O^wEXI~l4K_Ro>0kf}geRU|9t8=;mGWB=Yd(N=4g#Bd^Yj4X zvGMP{CHYl$E`0n^4?i;QfH%8w`$@xG%KGpNad(#i0dH}>+hW4KItE^hIN-IL7Jja{ zJb!?VJ(ud}*v`PsEE8G+v@D&AXk<(%YWhc-#)XK+1^lo7{Zt)nY+f{f{_iE6caI}x zrSE^)e4EX@%*Umr`Ub9f^-~paHw`{3eznnGRBe#xb-_Jl%(-=^-WUIAfTU%^`ivvw zRM=b77nqsf=fpCB4HutN#0)Ns6Zsqj@*bC0ba{`Gp${WG`9<{v_jKW`5+oiM$v}hQ zl&=QqD~*?{dMFp@Y+PD(1Q}XCc9eu)Sk*TqN~M2hOfyKp)rcE98vD1PvDwH;-6ee_+e^WH z-H$!{6<4Sg^GHVLUsmN{SafUkFd72K!*LLZMoYE&QC>VEDJKi~JNE66qiXgls|tVN zY_H@*q*ju42**3#+FO+v6BFY6ts; zY|Mw%%HNTB$(%w94tZ<|kIg`a%w|9d=|eXx&2(LAl2rik_39lI5%4C~`Rwd zu#*dZCfK;P379Yl*mYTR+B6wo=w0+Gx!IXjW5Y{b217}z-s?zz%%iweA8=%*mC>gY zFUaH(1iapp>=JkgDb_6Sz&R}UgS$bn{>NrG&a-!9Pr3LKYErUj+b$*1u*$BH(^)K* z)7JBq%oA$06SKB+@WJLce1@Ti10k+{w2bU+9d)EOTy5JUGh0Nk9_{*kjua!;mJ=xF z3%2+S9+-d9oDRmlco!USdsToucp>+l=jQgC9tdP^~0_Zv>! zaZk$y1ri4^l-CvosLLkwS{hB7re6`itU#e$wx#1W+7w%Jyv~ygzYLu`UKzY`ki0Z` zkcDn_Du6cE+RWDbIyO9G&_s2qN(oaAv=Ixh`2;@YFo$|(vhGWWMp~JS=MH6fJ)aHz zbF}ilaCh2$`cDy89o&W~kLt3fKL_1+y*3A40qYwZLkGmo6Vy4ZIq@0u69gSIG<92( zI!|VVmq@lbOnrzVd0KF?Gc6h`HRP=F!B-laO*`9D817zWm^38Q6SXJ>d27hWsN;yqTkTi)Mq!VJKBL zdTAWN%rc4;S9jIMKMhG5(%LZ$cOBQaEQp_9NmKU01Cx~T*Q)&%=7p2pBa*4QRFVh7 zwAGu_P2`JS6KbZ%DfrKoR=Jp(@-!>_Gnc;i0wvc>AZMCY*su7jMAROzBIsQcsN1Pj zs?vyAe>j0VH~!iwaEBNQ_PF#;Amub-z+l>RK}a#>N%${YBD{iKuU1*sjZHCwx^Ejv zyCsHl8+$XN@n2(z9oC!jh^aCh9ztmw8I09YM7`=p7?MVNudhfkV~YN!#v{ZrEo8OI z?(in(R1NbccT$Y_paWGrWeq<;@G~B9H~2#Xjd|;NFw)D=eRrhrV~~y~;7fBuDWU3= z3u^OU$aFH=CXwo0^8$X)_hPNu=^xr9Dmn$<4ahAy;l+eyWwM({rGMDF*K)LIl@^$4 zBJej%jrY4-ubO(Ttf0aQO)QW%#8IDAl}@He!s`NyTWUwA9KkJvZkG2$M$V4{3AtHA zmi zLE$;{baT0@_WfnYio@k-sYAM_uR3aiLT7}iOHq^$@oW@Hc1 z+^|0iYB6CjF^E5Y^Sb+d2A9V(gv8HOS}agl>^K^B=rODHz^YdZQpVFsXSH8}D{c9) zTg|UZ`)f)HaALSnvCzv4gF$GA}OVlk$wmo)lF7f=_jjbQX!2E~BxOIKh3B#%n%v!{c zuD_<%!8EIB3?5<7p4bw}c5ouelkwvoA!N3bbsTL8`*R&U3QfOJ(R7}r!V?76y?1*PPa4pN6T2V&I=^D?#9V1A9%b?s0T9Rj4 z5k4ppp%PP{NvT^|a+J1CAII#D3o#F*Yy&M#=9t!}h5&RMZbMMw-AyGw5Fey)k=-H9 z$j&*~_Cc-#Z};D%eevD2so91&?U7!<9&6)_{BT+Z2za9~yOzd{`FFJye<&=8P_6Sx zEw@{aIdt6cZzcZ2{8&RCISBa^v?*${&Xv#qbmH926-AaOaNgXSve+*4B#)zA0%8hF zjW?b$`qt1S-q0Pn`I}vpi4+usjFE3J>O_kb^IL~I7R0lOy+}p{x9$~+MnY*GOSzyc;z<`_Lmz@rSiG+a7uK`D8Rd>F7MY-8|JOR()DUjo_ z+UevrJqzr8`(?tX`+09)aPyY!+OO89&TF;Ge#*gT9tp{0+yT$TpTsj4b%#PU^4%!* zF=N4d2!HwCvM2eMq&)WeN+w>Idfg3P+_;P;hU%H*4`^`u8MD-8X8Qr4wYoQl>$$b% zRI}Q(y~ed<`f@s7G=Vp3zvnk8;7EAxcldeeSJ;iY6CGBZc}NFxzIkW)u%lAuM$pEv zDMnNiT0doKWUQS?2kz=}lduI0H=}pse)>x5V#8broRZ^wGvgU$Gb+!c>Uh_FYyr4$ znDp0=X!On@*T(BArk)J9S25q+6ocKl-A~q@A524gKVY%OhK*C^VTmH>0%YolK1T>3 zP|%#MGHGO}+6~g1yRY@s3-xfp_Dl~ytmi_Ze0tbj_jw!#ai)UEOJ=7d#5J7;7$c?rpUtRi4p? zl~d*=x7G`K$tI^D=dsR}rF*{QiLC`Z>r=<)?H3W5yi6vnjS9cK5IkI_>kZg2ko zetNY}5tuL&IK9b7X5|w<2_(Jw91L4+o@?%x^t59;x??|wZOq;#v(-|h?lE)`Pu<0k znTzQpA0tu|PIIKK*ypjp_t$}GxDrw9sT8x+IH<7D{|WXNq}U57 zL;X+od@`z^$C)^-xOB!R$KA%cIrx^G;-N)`{X90rP@$Flw|V-him!ov1Al*J-XA}7 zeRh|DqE~dbIQft<9;ni{uCEo=*+0qH-+9xX`?9apl?8koRJthbdDIemdm{lk_=Djd ztMmN?H?OmB99QFTF0#_~`%t>h!hAPRYAjp}a14nbK3ssbPaG_({hsaqZA%_${zZI( z`L{zhcebm}y+ge;qt$sm!mHdpV4~Xg*JQ?GtMQ%Fv0&xEBr{?9{E-~lE zzI7I4^>j=2`78~&vLd(_7jONsn$DF;SWiOTBo}Q`@mIO&wxt=@6?f`t#N1=bxTJe4 zBV_x!J&`;JsgN787q^kOgU_J6%o-xi849q8&q$8l-%@BWvMdk9O9P7Q?I|P?LXSHG zdRmlsCl)t{cgH`GJgh2FbP}?0(V$Te>EJ@sr&y+{@U4BfOVL1x{a~6(s3GfyziwQ5 zc4E6o8TJdL8KM!0>_#1!SMmVkZ`tazsUrGa5+Mpx4^Rh{p`d95*u$`3t1`l)-i;kO zHT!&q_4LEpQ-f{w$T+Y(_N+P6F0|Kyk(K+B=QavZaY&`#?G&i#fM;Hk2yiLlXg=Zb zj5nQKBE@mgm*P$DPePZXBcyU73_GCL<$gM9MF+&iSD*0hIx`V)AzqUt5cPi;y&X=6 zrNyk;b(SCm#(;Ss!%VWX=L+BVwjZ&(7Z@0tzDd&ANzv)zDaaz|;$3!jJ=D=q@#2*? zmk!M7quJNP&HW+tge-59{q-<~%n0YP+tf{qOcPFS4#9mUTZ@MoQ4fiy#Ea zf00dQ%`27x92AntN}jO%z1M-D!K?`h{970ZCY-~zsAL?UibMiyKsdB{(wo;t)Y5nb z``9SN3uFx6w4Frp>!)h(#x?U07RZi`KrnaZt}fxSqQ%!zNII4}y_w`9(iO*6c0M*$ zxkBZk^KD+W@7tvbJaoB|yRlUCAbQ@3+tLd}dU*zSCM+Lmy)39*x=kPmH?+Xe@jWh^ zKXRHam$wPTD0xDDU1wjC9tZL}-4NyVIkdtw=9R-vPS0m0b zBWkiNtH3V6h z^j>hJ=ZYOvy6fwxQ+=Z4Pb9TS#BDCM2DZ<2HU(HXi6=~ieB7G_)3$@FQ$o_~)XvQ; zCLRX5yx+R&W!Aqd)US8%#1eJ8tPUK*D5ujjvqQE{05B+;=YJT!&4CzlJtJjXhrepiRgL^9CgwIn}G7^o<(JXaRBVM%9()s(qqDK6{ z_voNr`qpGAr3o~Is4IFNdm;SKvR}}n<9o@;zV8lxjZkhqt>U~4Nqp3%;A)_Xr=aN9 z<7*Y&8G-lP8Mb@@sBFOpRYBKa?wa2C*tkbUL6tB00Q~RPU!lFNqhh#ku4`6nc04wm z+228Xn$9Ob>5KJqg_;JGN5~Gmr0LK`qreNOnX|M;1~g#=NRln($`R9;PoY5xU~Ws! zpXB{MPE4|%iz`Rx8V!HC%oIG=;5jc{rD`UCS@ z-7}_TS?!ccDcgMGRqMXJe@ioFeYf*aP*uG!(08KP6!6R%B;DGLnhiA~pd(L^Bzd%XmeaB=vG;<9u2S)aB<6eLvbpr;k^hi&FDU#f#mq9aB>s z{-Us7GnjiQ^|%_lhC-`2f5Ny}rYW^t^=8tqU&46GY}Cyy!|(SuLhLblv1K)*%O&VS zFlbzx}- zM|pmLB@VVJ{f@}wKl)9L;~aK?Oc1QniXLz3qC=nbbeeiZw{d36`hzI71pFQJp z8$RCQam7&ZROz>MX8SH|8BWw8-pk+qYPlZMxHWf7ekA)z(;#tRV|5TiKsje*YMSqx zx>6ZYaVVkR<(1fSifbWO8c9Jewv_e>=tO&<2a#!jlM|rSYu?VK-|?|0!xtKLZD-P9 z6jZX(sp>pV-r9W0b#?xCO3W-BbEN5D30aT9qO#9W0=x;Ou8C~2RwTck8)J>U{gX)N z=o(g|Xex_Bdy)$x$KAssSqR9V=)(SzWo@cW1OF_PK#K7u2~SbT2|d6(390mxLz^{s z&-)X>Bbd1@)&}4l%Oe+y4K*Z-z8DqfLK6YPcFYkN9VsM4Db-B{k$n&SPUgZ;B<_Lh zw_rNEE(ysN&L_ROe5DqtiU)IF>P)~J%vhs0XFW{N#_1X46zk^$P_jauSmo>xsc#;a z2^Ls?jF%tTl0moW#v9iKreEXYAMeCOqAfFE+)9j-)9o&D>`@qq@0 zfg|K59Lw`-B_&MXLI>&q!s^}uEEwS64A+}%!ZCe z33%OB3*M_1e*4%Bf_p>hdEW+JqP)K~rTab-B;35e8Tjhrn%wD7{3Ftj9*=bA{;RN- zQ-#tZYK#d#foj_->Ea$I(qBe}^T(>k>^I!#u+}(xw%^3cA>c5z{IoQ37+U&wk)n%c zN#!~vC!K~NXJqHt1^}5wc~oNL!1GO`;BlrKqw{K~+LJdywkZc+l`i5(qk>CFq$QQH znQIGX)epSzNWF>C@OuP6tVUN9PD49z2*?H7eR(KSv*K$6_pH7DMVcEYbJ41wngCEw zgs!TLi$73(GjNv2Y7EnPJSw-u!!o+*|MG=UNGRkO3{^;;qB_b&pw&nqLaGuULXmsu zfp=+94DF##sLV&d*PelR)$7{iki4M;`=y>zw`UJP_jLDn008z44QLN=^4fWR$7)ZdguqL6g{k@_rp#I zU`n)T%`=e#sqxtCRp60srx!8pYp~8%?;};PGCM0bN%kTF);$d#4tAP!N$jdPHH;L< z-xxAs981QvK~+Q9SI&c=$;%@unT?GrZunzSZ8ul*Y&&7|MRenyNYmxo%TJeQ>yOR1 zxYb$v3;$22FrJzPCYTSSz85z%R^INY70qqI=^FwEektasFc4qnuDiu^neJh# z8Pke1=8jh^nPub5Sv4or9Z@c6Ix|h-MSM^+`x{0T-t016_RggIS25WipG!rJ9UIEf z5|F>HB9bg?V~@;Z@)27#Z0(O#Sgoz zfsE&lQ!&aHA1qoYTBF=|2{8*X7K>J1a!H--Z}af#wnUz!T{xTR)&_$1oN|0!g=o1& zb15^5U4@HfenrN07q9G=#ZlF)afH&CWlg%L7X6^72rDRW8HGf5M>>E{X6HM&SU1@q z2KVua3G|1vOAUYe}Zd;q52xcUXs~I^msbgMd`#waY0v;tdbe z(`yfbidfe7iYB2#;6BvGzkW5A!1X<*NALCgS@2X`9>c zI++nEh%fZw18Pn5z!dsIKWn+=9&T) z(e8o(N}!0WY6>V*h1r)2M+;CSlV&bcynAPVSddWX#v6R)RB5`NH(JM{!@h|@X9(Oq zk<{%?@DW$&_dCPDDAgrdnMjN(ReDp~-*Q+qZbapF$5fy9OMcK4AQ9Pu29~g$_%u&Y ziNxhM9tUBEa7#|6jHqj;9sHAV@@pD6H>h38W)g`2KvMXSz@Z&Xb^wX#(JqC$TO7A7 z-i{r=BrfBDN@NARdF-YmH0BjDe~ax_XEgyGjtftG$ceZmTBW#p%3PAP6e-BH86$fe zO^#pD{%a=wulUp(lCrTO% zbND!s0oo)>;-DYlz@yW}q!A)!P09Uw3YZ!SCqizv7Bw}U9mq^h_fKT>u+Pvj<=Bqq zKU=LpEa10E8?Vj#p2&Qk6SvNjq4mz&9j6)sH@s~Q!ELKihHdX;<~%suz?^K^wLgQfy**QKzp1sKOa z$15}hSm$Mt6tM3%u!b*Z;+^-L2oblQ2qA;{12?S)LvqO5$0(0Tv`x{$>*g)Gdl-I? zkGPf-+ZgO?k5g#=@3r0I9xqcQ&g(k8a942Sxf)$aT*pB|5x2}Y7CuLB`x)DSeiNa%!0MgQ{66llii^5Hb>BK)gwm?w8SBzF}l=>+^n*B>rxnO81&81HGjikP2I*YT_LGLU3pfD zTmh?TqnzW6!rZO~qMtZr@VNz0eU4`vfFQL7 zOlRaY-I}u``Y26059bE5lu7;Sk1)~_zy&*LpkBBSoi`KM`$*2}k*w#sH=&RyZ1`X{ zqif{6Cz3!S%d-xFPQqtCna7EMan(sLHF~DC>`NR|Wb6c{a55{qLhREN?kC~Dxc%#J z@eMAZ!)S&B2VpY=>zWJe3b97kQ0>{@KvusO5$t$jX%x4OPP0hx2J5IaSp>(KNa4V^ zd#UmI6e&(_OJ?C4JulUYq%qi$w%K>83<=m1k^tBrD|gf2~;`frw~=Jr{!9R~z8Y z=y&gR`?s;ZlU6hJIvK?&62kHXE${CbKo`27-gNhf$~AW>%y)@nI8M4WLNG|wN7bVN|%GLG@e@n zi0n<&)hv`OS?0w<)BS+fldq6i<1Q3dVfF-Ms94266qh9_`o*h$Qi&7Tqyh%Z_wP5|G5A~T4A+O;3RYooXTgZn<}MgUM54lm zT6)9t$6*p@5ui3yoG_@VtfjegLOZ43DSe#jms{mMLoX&MpuMZpPD30)KS8DT+7(>? z=lt%zMPi}9aNX~MXI!*D@w%R1R7O`aVx8;`ZO^bgKExXB*8#Nn{ApJr61i^K2$TcNFChZ7BYke=9$1?ZrS$Pc$BIT(sFU_StKqvWVefQLl&{LbdC2 zN{VecJywE)ovTdn*);;&M$j-Cz)I$m1PTE-zJuRYnWmiZxRh=8GshT zQreypg=4h#|3<+QO3Q@ro>|+{>h;W5v&ogbF_L(LN(Viv0>M_!mBU-g!r3jcp!Ugz zeQm7Jtd_T@chJ0#o7q1PoR{{ywnHM>|Zj_b!?A8?jl zHZ=7whi_C(yfT z-;n_zLE803HgL1?yd_{ij`=Nnu?zhAex{pFQTqEOU2}uw-3Hu>|UfVD^Y!PJt_QPaW^mJw@#6hHiR%ZoC(7S`l7kz_#$iPQ|uc)3zlW5bFBBmzmgv@2k{{#zYC@g9k= z55KVE8FDjtt#`Qnjz~nUyxi+FNNS0j7g%@%OBeG#=o|!A#=g~1R}qR6^~yGmN6iX!JN@t?My8S9 z^&S{}T0_JbRvxfE(rXsfTiK*GpE)lut=C8CFm(ra5U&Gi90G8)=tXnF<6udXC4My$ zk%P1)MwT&=$X2Yh$Wv5!5f)v@JH-J`Q3>C3L>0$RU9&;m+-f$GJ?-ZWSGruVFOn&h zYR@A;q2W8#5KV*5+^^iRQ<}r2=I%4hv)=jWkmMMqmAWK|E758DTO4ND^%CGrR@IS} zHOOR5&NM^v5N(^b1OtmEHW~sTzQ8;h=TRf0kYs(M zcHBa7oV>)aTf?GRBO#IIvpMAk9Gx`A5?X}b(6}uPTZ36gtFgASDt)LmPCBM*on5m2 zPeBj#w~2Zkj(UJRIxJb!AoeVcMdngKv`GSq#nF;CZ?!M0HO6dHpZ?n$CH_)T!##!=fRra!~48q_iF)=^e6&~5T3?GfV z>k|(L^CIFuyAe5jPW6yJLkVWl4HwMlXj~JXT4nGfmURVpmSt$1z=Ze-{O%p`kislT zD&)NA|9JU~y!Qs0E>2?>a(CVOnm|JEHd7oS)&1}{XqtJW#p5*QUV!Uu{+Wd2eW>_( zalPezcxgR>#oiuxywvHzW;U$6wgrRlb- zjz@+Dj~k0`$8hn2X=ZpPT<1T8T{Xa7r^8n6c7%fWZq)CYh^pjK1$l8&Ohhlilcq&KEUTJt^|{tHYSLk662~42 zmQJfUzlv2R5pv_lr@mZ_8OS=6{ssFzm@shRR~XmX{luSTx>>H14T)6XCHubi#`b1q z+!_3h4^4?*r-Gfe9^<^NATD3J=i>9j{u@a5kJXJ5yW~8rc<*3MrxD^b@7f;Gpi@+OlsJ7vCN?|i6Z=2IBp&W8FNvIFh z&GC==&K_L&5*Z-^sLSBRh)g7QK)DxnCe1C%2vo&I3FJ&{S;&!;0%sY6L`Y?n2jYF- z^(TjEAX~RGgQ#bPWOm5^@X-qpl(#g+dme}sST%FphQVH|$;szsfF9mb2>o|io=JFy zx4QsdJHwR1*IX_+_~MQJpob?>(#3wCw!h_c}b<_kw$kKmeUYoAD%j5jVkx#lzql{N`k#qy#l z0YIBLw%d~bGH4Ds|1(DLGLwb+TrS)SFY8Qd65K8Th35DCE_%9N30475lYKmaAv840 z4Nebqr%+>}iBYxQ8e>iZ*whD>k7R6|soRAZ?7zW`?7B=UOzA6w@G0W%#__Uj4_`3m zkHt)NV38>aryN*)s_hcc&58RH;CcD&MEWa>it{GHua~ z`nkN!c1DtWlQ?-WyJ%vv;dHp_L_Bj_q%f+!y*jlxR#n@cyQrPd=YSR zjn@A9go;W||2N}QZP7w~#Y+`3!XuhJZ0oVc#;3Urv8qjdvYx=kXt+kB(1S0DjOLT2 zD{5>?rp?4%mLcb-gU^()E5t;=F2LFZ;8cqst#i7lxkj*fcJ(r~*6yO>Bep%{+%k0x>f6r6CZ_S_pq_}=; z6sF15mJTY$+;a|7$R1j1wZCB z=*dQ%c*9GTSw>=FBvJ2(3=uGenHKK5*ji&RzTPR-P)pw3REF@V-Pdsn13L^{KlfZj zS1rvM$OulrlQ6a!0eG%!q~uN>c$Gz2))vLc4vOMLq>{EHZ{_Q+YU4EUB9v! z=ZZ2Bvm~+xQy%xIM&WXz7Ydfd`YVmwlEDmif69M&@;|0dnC6pp08ogM6XBr~0mww+ zTp^L#2PLYh-jWs1WGG5Z9d<+iZHKz_DY+ho-(FX9lfkkjRcG=*%y z?5Aj;yB*#U1!nYPnYr_hE5IgggTCfu%3#Ivj$ANqazjbeIHHGu(sJH zDU=PN&5=C1!ThWebm<303Ir?9%+PJUZ)yEo>ja7G$+1D}{_U?rS4%vPZ-wwQIZ-nx z>av~BX0@i?_DRCei_AuZVXnYb!U@cM3~|pdc(qc^tNMc{KV>C6ajABU16(ia)y#cP zGk^;OJn`b~8!czN*##2j)X0Tp=O$|Q@g&~cgPr$ji+{`tWINQ2!f_a3{K5oGx?qsU zxmS2_=xN};b)J^RPTx5Awd6#!AA~66Z`9C$aspM=BL3u`V5^_PQ{!UevZHgk+ z>UPBz4kn!|Q?MV-So!+OPN}cInrfHr#isb1`ed9zNm{%z)}D)8Oy|SUR)mthWx(q+ z1&?>29G8RqVwC_&t*+Nq`0)~$vaKT-idc^B$s;czg;_#oUS9TfL5|6A@oB>M(B!?h zH$`pO_oM0n)R-r*q>9Ul>@R}{?{;Pj930_duM;69I(iD$H-uQrmg>~tjyvLmKFFN* z&m&tCME|Oh@m-_2xvt+HE$~NfX)vYnEx$l{&?g!r_2?XntD;dQbyN!V?9~}WBR)l03xwWj^J(yTEm~6y| zQI6zny|J|OlJSx5mm~0J6o>1417+DBs>@6LYlSjpB!c1g5+O2l)|3j?5h|A&MXBzo zqw&Nvm8Xz!j86)vun$2>{V0_!pN_i|NT8vOzHPw?unGd-+dY^Q#+j}txb^;i;YKM; zJlw^#>i^k|o}e(PlAkkhbXKf9%-(LF`n9G#aY84b0FrHRvto1S_&!Z{%$VPn*)}ef zYUt=0XeTB}n5F#!n2hGi54ew zPPX#Gc-Jrd2=|ofg|1tATaFc|4}Q`f7^lJnD?xnv={Y@UL4~T-Lw1WyLUiH;#ouht z@k|n_``ymP58dUL0~?$vi840gK~yFw%z5Y(%^4KBx})C|pl5QHr|!fi3ZtxESV|7P zDlgAdtE2&E97p^D$Iu#i>xDGi9RvGK^t(r^UjB_Q?i9%$ME+Ovn^EA1m;DIgC~7*_ zwqOxr5Igy-a+y$js?0V3y56n`ghnC;i23q1GWik6U)=YDkRMQA=t>#18l9hu zyWF5ArJQolMo;~iXXA0Xv07saP)0G$I2s|7ZQHJ^{B1lwq+BZPzzcX=mT`sd;;ZTJHerX>Ha4F0 zodXXPM0W>XaqSoQ@Du zPZ$aGgNQV4=$wwi+gp;D@5OY#Znsfle%l^8*WGtIoG+Jcq%%S@=`NWzPYepoQ!Qo~ z2L`R#a!f)A&ZQT>8DCnlk?yf7v14*{f3tG4&t7UbwaD^TVg-u3yIXN5xND(!ad&rj z4X(kh6nA%m2Pnn0cyV_)`Q-i1nK}CplgSJ}vY%(~CHK1S}&kSa)$K+SX<3P&oQn zX|_)XU7xTeiI_+vm-M)--OML@hS*`RB%8-^+)V3YbmeTf^0Q#j#Qw_1dkG8O3@l%A zwFz-kwNIgr%ZJOz3i=2^+k8N$C>eHYjv+Y&oWJNID^AWEIB?&MO(BY;lA!L0f^#f~ zE@y!=ze6)9mne=Mr`@i!)X+e(GXb^D7i3)_!vYmd0;Arb8c~z}ao~8HOz)j|R(C>t z^0JO}D|*#H$_)`lDFTML@oMQ!{ zh94(E(PfA6DWmlc&%bKPKB4$Ty%7Q3S1%iZwUAuqlc1EjI~w$8kr{yAQ(2rk{`}== z2Z?OgUI*96Z$}`Q9ArQLOG(_TF`;ay62Ln@p;XJKKQ1za(7_bR1@gIYMgw0ILU((q zAN#L)9Pvq=x5M)H6DF7nc_4s=qrCl8QBO;R-1_d~#Gizv%I^P``>!PbiG}SAHj5_$ z9wsA!s$Pz392Ur%q$k>rQrQegNIAisSGzXrjV~JTqK;Xq;P|Fu?mvQkGb>!;N5t zxB3O(RGuRn)#5}9oaLj2i>3%v+6a`4xcVLnY8wM*ow_JaM%n`23z zW@p>#sbjT}p|GLb3Nl#AZA#m}HRru`^xe-c4*qinFaMl5xB+J?H2)^Ld9(Z-Vr@Nl z;EqGBHL4vOcuKHdxbXjDrQ>?`&2abUy5r^!RkqX<=z^Pl+3{e9>LCX(e7p(~aZi!w zLD}R_vNkju8oaLGeaAmX_4Rs(gT{UDx@ITFr$9)K!Qviv=G0ES=U4DS8R%T+8aa zPxfBaJ_)%yFM0P2{Z15264Fhh8GInwmKfv&0S>jV6R}DYDl_&L^s3e3&&ILTQ3gFW z8&2*Hcu~9%h{W5M@ciG#Mz>h&b3!Rc5nfBDanFCM(wz?P(d44BY|sfpWImxt?frNM zWk-pJ_}Q*x(m*T}5O`3+L#U~nV&h70A*}1v5EfZ}s z<`pqm;>qy_rd@vIBVVP?OUA*diY0hi17Kya$CpOTM}(l{7&z6vTg7@;Z{ansqLn>2 ztbT4QwcHd&lHu};R^le|*cEPuXS}j{UGgT)7;{DrsGm&X_QR>5@X(vzIil;-ZdZ%` z)cCFKpeo17gDj@}`>s@^>PkmFS!j*yl-WeD&MkI8-6iLBkCOLDN?`d<+s~l&4@EFt zL>W5Yo&4*rg6B5Iy-Z#dCKfC|nwNDw{s)n)Ekyc19n|`e;#kr?Z_O)EOCRDoElNl2 zzx(;^tgp;uDGxdZ8Q_%9sCaM6?`a**ToeNF9l)D30V{pcU?2;e?iGqCYxM&2r=(n8 zSLaX|BHrZCn12LLGD+Zivgd!eSi9X;v#j}T6ur(4+ z2GS}iBtg7*5$Ev4x?5P~A_>1?n|30p7B`5Ea7(y5{F2?hL_TgqOC9%MI(J*p>-z|G zVu*OV=L7NbAsWQTu95Z#^#90LEHlK#9aK;lJH9%ZL^~;Vk0q7GIM3^{U?ufyB|$Ow zW$eghhxPC6U!`ix^r2@G>YH3yxOiLhreClp=}YBU;_8*);{8Hzjphj&pPqgv;BITY z_GlzmA~@#cNCYJoYgA$*@qLD zq{CWXyGgohZNu38`woormq@>y9GQvbcV-sotX2M9K6}Gp0Yqr{xNo!-&D_=)b6Z?N z-giw2YWr@w5QUVfR5IXK*CYK2p3%5Ai5CLdfNeG3qdpi2ee zE^v}>b~v;JD~ovN97a{d3*hKM%pj#sIt5!m%rZ2HS$^w(>pEXAd3ydCdd(s#fvOSK z5Yin8c0YY4HhS8tYoC9#8olJw?XwK1aMV2GV;2H@9l?Pv+-C~*dPil$eVp;WTUSUi zBH&kJId%~ZT@u7SX4tLjBhE%Pdok39?MIr&sNl*P^M()@QF}U;vVqt_{VOS(yh{h# zzFo}>Z?-9wRu_?p2vSuQ*P?6ByQj;ari~%z1dyxoRlMKji#GHf zCp-@c%zFq4pqYc)DzEk!=WJVVYoA!)PW}d>VcwL@+N18*<3+;9mH){FgPI2#noNDr zT+)vMcD1sJn{B277j1V!S2wkzxv=Pm@oq*XKA;j6>zsNoK^3i zY~yt@nl~NWr+DpfF8mOw)?3NC()XU(@}9Y$jX?s>G!fsZ|Cdym>`t+6Q`=frrg)iU zPPHn@q5eGaEDPE4%Mjz<20oBAAuxMC z?{lt15qfV_l$DM@nu&(%YAel)m2q0@%=iA-I?^I3*PKCaqey6jJ8GGE4t5z0iu0`& zk0XVh3kgg+!#oI0CWeCMggp+h&H|1RBq6(gHQi~1EpeEXTMhU(DeIJ>y;p+Gb}NJ9 zhL;~6eHa=M|0Ly73a$E|8B8;4G+lPKRqNN;5xc|%ZvS$*_fI?&51u3h)9qs45ecHG z4F0E4HujhAA4I!Q3yZCqrvLdQtJhoA0w}^6mh|cJMezE*z(Y`f+@VqDI_IOf00LK& zcXH6|mos+GEM{|DYvi3zGUQ7FZN1-`WR%y7^q7Y}66Wbe@iCfdZAtv%!xzud#im1V z$PO!@^k!I=K>;e3A)!;J<{nhaRh@by3M=4MxBK0Z3J>kgyyr%3t~&(KUkY{UOWhLW z=+~vSHh;V6dI);|L%`iNW4U8k>K=sKl~W_snjY{t3$xi;myKJad_Zg1lvL5i$`M{R zinEu3aY$E;HNnEY-BR(k8k`8%7$1AQJS(_9$YTlWOh8E$?742%^&GmvRd>wgjLg|B zNfyNU0CB;?BiOkdhgd))R}K#=C1lX4ol>GnI#A=c3v&+ctOWjA04-T6g;;`8;Q*HLW#aQ7c~f;sk6gfSNgec7BOVcX|D|f=7fu=*ExE=Q9j*WdA#$2{-<+iuu@-gx;310l~b zY+I4y+l(hc>~nX_07ZAIAF?R?rQqa3LQ|u*^#!l?vX(A;`!yqP*3TjcE4WU#TbKfRw=8^fOv+S3tHvUI=niqi$2%P4N_B~rD(8Eci~tV2oC{Le`as?_mA1((#7K#y@6G)gdLSPj ziLopfog&1P#$zqO-f0~9wUAIT*!+v%EFMfHnRFV#duUK=oZpf}pbsZzZodk!e{b^@;f$`Jxy?D^`n}qsOqx|8WxsXF~z^C>s!IGg@k)tp%(d9!Ob1K)6 z!;0Z6#tI#-ZR(Lzq9@7B0^f&|#i~$BNynbjl~f^ao3_O#j~83*7V{RGzYZeLVjq5& zPkXjCP5BAIb)I;7UnL425}ruc=9NX|cnJ;T-U&CF`niT)-*^$x~fL>SSi zkyV*USQhOOm`PkVO9@3Jm`leVXQUFt9n|LPe1;LnyN4AEJcEa2CdOSvwru|J*I$(J zRS4k&NoLNjGKs)g)b#n)h7evRJ`vzS4e5%iM9Mk^tnRo9Ou+u~NhB~vh* zboh2(txUBBvKG?n-J~>Hyy)$%h(omlt}UKXH+KEoG`(wSd>~pdG2sHc8q4KDMP?2f z!011iQnMSPe<-#f0bDNnUFEJT>^$#7u8u^|fVgzoC|@<(upslZEqSOTk!00xohzSb zHVK6DRf|PKw%WHrDoOAVdi0?Vj5H#g97%~BKG+3ftWDGLEhYByhpdinslwJywv^rh zN;@0n(s11VQKY4`R7Ew9wqAe_ar}3iD2KNH|u~bML!K-aQNZM%VSP z?JC^Pau$FtJL?cfETI(-6(Rz0Ie3%rcZ+mq?Kc9g4sS-Un?;5n=&c6AARKPq;Y->6 zBSq56Tf0A$eKLOIiC3!bU)O=zFg+SNXgAC3+fqo|9*o_qNXx#BkQbBf%QUA5b^D(A zThr1y@l=UpyR;g_7xekFwAp@M=-#9lUiiFa3Kt+TEC{VjR zSV|$OyYC|}=xvImn1ca9U39&vgr??Z`=NTfi_u@(1A9mB3ZuJxw+^VTs%VV9moH@J z@Ulx<_D9CpDVQ5>)5lIT7$NwhNgy7Raa8C|vT-!PC_>e^Y{lrIoG)ZqJlC0(P50vw zsFyVnG+r~H$>()lgNZ5NYc;d|My^q$3UexmLCesE9apcFc)?9`wZXYbpT}NPU+MDwCh3GQ<44Q6ILi6671lo&)BeWmKNk}t z^kVv3iA9e~p?O8yb4_+9csqC|n0w@yQn*(mRB#eO9-p$)X>prm!v_7Iumis-;99qP zVLQM+qfq~%kQaQC+pJ~25S>V3J^Yd;OibNjDR0w%>**QDvy^;zp z#C|eAMMCjfB=M(s>Cg3EtqD-|*;IxHE*k z0?+4!Y?+uYD0vL~l{dWk2p`Aj4ii~-v_<$8$kWB;WJlF)nfQE9Z{ZRC3KJT53Z?6N z@M-CJy{9aKp)28M<0Q6AFX^6U;fH$I&T7h0d>ve5NsGC@))Yf4Yh-MdyExxrqM3#b zQu?*X&m4<~-${j#q!NO-{g^^iU1T}kOV zMrv=jHQdJ&JeQ){PTCyY~Rz-i#N4>EG%I<>~PW2#+nJfO0{YUtE}oa{+P4LN(Pc4gnX~ z(4b?0X~JXOv(aaOE?Hi&8C9dr>~5H}aRcE$s@|WV@&6Tyr2_7uW8sb~T>B+Thus5Z zXn^ONUroLy$Z81BWO`RVG`L65d2%`7f$-)aXjiJfspkV+xBod7>w4XL$W8g}4d^SO zM0Bim=)_*4wmB?V@+$OL!GJd0RO8vn4N%J-UOPj9Y&^j3?^H7FhZp+1jeENDmsqRW zYduiwP_o^AKUhnl%RPHhRYcB^yYy(+p3*0b%46YA@ivEJA4z8)Ih32N7qQ{Ba7R(H z)13EEQtX2LyTZ9D;gWoru%J zAM(;k|DlsD`1XCET@~qpNDaaJ6W?vDM(aMP%eKQ4_sG!YlTt}iv#K>oo|qkjG)*1z zG9Ct46>0^pI?|TUg*RZsy3scfSMFIr3TH`N)@TB97bqbv$v{CP_|qSyJ>?op6~!}K zyhcIbdHxtJ=z4Cdfq)StH@jD--TfD}DwIsStw?wj*C%Lu&xw(8)x$feVij)s~pA#9e8XJ2l667eBfp9`udJ~qzCY}wO& zB6wv4)PQYrQwRLHtB6{st$8;lZa*cZNe|ZwKp%BVwEX<%XG177@R4#DV=lCON$^5 z<#CsoC+jpw4mivrd`PoK5$?Xj3ut?THSsg^eB z=CoArCA4qY7@}4YsD{p8`odTH=)Zf(HsJ&`_F$)9Af^G*SLDH==4joX3na5w*XXNnxo&-e~jjXi-3b5i32l6WC6`~ zkLI3~>`FzHQ7HPphcd>g4ixmpfVTUll8mS9`w@QT`Sjl~38zDNA=!QI2=w&D&$e}f zR(8fA{BGM{Fqam{%u1*PlJS;oh&N^4_ro2wBkMW7Zz~wF4fu7V<#bamP|6q*Z%za^#AIuNm0jU;DC!MlGS^XZEQ4r!r=PjLG2(uhOnE1W&QgV4tX$0!C{p|gtU!;%b`2T&lbyO9drZn?D&*srMSOzC2{f76w7!Dc*BQw zzqp$*iwIHhoS_f0OU!*i6p+I>l^b`wC)gsB;o@N~j*#7^wh?6}F+l_M;dSyjTldd_ zF?0K`K1PiJyF5vP!$C_5<9{UUX_`munegLpGt(&fk(~~` zk#l+?o;T?*?q5is{q=Uw!wnx)8lySavTcinkG6$d7K`!2>F6Qen}7&{p1KjsE7i-Z z1eck1G5@PLo{Q*D&1#p%_9LJ-2vVQz~_xH-BRElTL9mkv)N5{09rAf#hdJ3!^} z?jW^e5h=H(DE|*Z$-5TLNY#(R-UploQMWbNp+vmiP}TuZv|PM@T7t>03UMGXoK($* z%kn|Es<&(x9*PsXZve+TL1v0NEg|OqZznBIefMM^R5F7YsVNLv#R@}vza|0e#F}k& zmAf;f8Sq`8)unU8?f4ty>!k5jMYT&TD1Yjq2(!GPZ~r%!!+torxebaE2z2J@|MHy_ z^OGAlsz$3lIK1WCapeDZoXpE3)cGuw8WE8j8wBRBBagJL|7s^OiPf=w#9C{j1jJ_POp{2;%t55`;r@{3H87AKsu(%BB9oaY4?wbgXTOBXO83Ry-zcBe5h) zx`|_L!iC$w^>xaH9xXr~At)tUPZ%731u^k7g{7y4VL^`g@UPS5)X;jyvI)TzucXl}Wty9q>4YkXcnu|x+Y(c%CX?;5 zq^U3Tq|v>a7L0q!7pUUZh+5Pk35w2bZU5!Bw~gB)j(C8-Hf7p1YVykk0cJRKf{BHl zT_^#yp|qQ3n*2snwDLCv0zk)KrgG^|Hf`xcX$OPQ6; z`}kNApEe>w?zk_Us}VVsd#8ahox<%W9CRpkCSl@#_QZWpkwCHzbSX%U?O z`xuVk7*_o@zrlN3ffwI_aS4v`e$7A};fP7W~`tI-c0t(+@U|C_hY0(EGji#!U$&}!Dk7a>EF*1OCe;@7Dz=xM;pu4OZ88Fr0( zb)A3=>e@=HLc}L*D*SZK*byz_-kHPIukCjebwU{ap=T*pz1D7<#)yEH-}N3g!W?Ij zjW>{xP*;uNa)6RaH*@4z9^RO$BSbr``C!?j&eue1?b88g!!PWXr`jWS*BR>8T@omz zEf-ol__FaP5Flw+fnL%$gg^g6_4v3g-R2I_oOjNTV{gntp-DI!%JvFml+yFRx#77i z;xSZGt_a;W#aoJ(;75W)#h&Es&#tH&x!MLgmxLaTjC7`;%j?sJX`Jj_H|y(aw^#|O zF@zK0*-l&r8TyF?rR+F#B5mbvf7d8grm;Gyt0RAW^qv{6EvZpZl06j=Qa*?Xm9qG@ zJcC6L!mTPNU~GkXBeW)!oIkL*h>B-?3N=kV!vtq#ykCd~h@I}qQ4-w5}=Ba`0^ z+QS(^)}upiSUND|-;tGx@{EnmgUYVbY)oQvYJSu2<#0`Xh7#U{hAf1s?s_q47r9p< zJ8HRdeMMy%Wi37X^sGETYAlzT^hP$zO;%;}6dF!MXo*gnfkYOK4Y#~-|FY^S3hygE zQ|4Q~aPDW@S*)N3pg;-Ad^{XMl2ZeW=_?L@7td4O!)?EgvlRJ+-BmTm-b%T@D%|-! z5SDCnxGwF=utHe74sWhCkvdPcghLU<6P>kx_*J!U14EvtEaE|RWX0@oJ-?03FWJI| zB9_*Uu0Cye5%-+`z-60PhbuWx8B_&k=4Sl1pBQ7o`h<*pqgIsyh0ko!SRzUz5-o@g z4iWt7kCUr&8i(VyUxQK+!u9)lXE_628A-`hqMvWH$o2Mfo=lgk)iztBiTCXWU4&xU zJNJ^9R~u?2ik2wmvZf{IPgKBB$E_+<7dC@Kq?Fz6u7Ymn6mzY75u*=Yd)7^@isGS; zQ`4%PHu#I$1g49&o!+JwyLA>O*t__=d-}5c~r<;%o}C%(dQIKo9Z^44-o?m ztA5W2`!%FH0RanDdUaNuKZwyBqQ^iz0J80?HRw$3fFCmI?UpBM{0etNNy@&hIV}Uu zCoH)W0fYIwG*8nra-BGw`m=|jnQq&CO(i9WleaawUv-&Y{ydV3+NR{_1623$-zh&K zT(kcoI4qi8A6hnC9{;WpihW|sSB#uz>skCGzu|jdBzkJ4mur3hnq`67R61{~I@tlS zB*cf2rnTS=&=)aW@(5;}|E$J>3nAc{MU9S*2iV)0#Bi5s56)L%nOae1N}A#@a7b}v zaBkTlKy5A#r4{yV0lF>dL{|-0g8ts&Th1WkXu=@C8`>;i2t8ElF7mZ%Py|O`M2o#4 zdFd+)7z!rX=0gp*Q5ONP`Fy_k9q~D6o>2qh>kPUDOj?-Ng*&feKP(MPd?dv+r^T~9 zF-hiu_!zk2Lk9~9mxLE%wt0b0C(v)hwg(|lZ9jFM%fTVDI@AlLokeYww~tvJHp-PK zB}KJRfSt=^z9}Wi?FhWo=|?#BHMW(lmUk#3;6)rZUi>xOW(r?~qTbh|aPYiT@hI^_ zGgP(4i|UaFB1Zu9t6*j!h$PiFs$cQ5h-O`jRDF>om;JQ@Ac)V)phYNh0wzMJ*yXShD z@cz_>6*`;Z$I9unq%|YFpKL;3T>Nd~3+J42L85dUy4K4fXG1b1tM10cDqxBa0~2ln zBpBxla%$wMCM>MUvDm1{Y-DUx(n#T%3nwn>dfps2I5#j+_-|tedUIs_@8;-=l;vB$ zgpu=NrI84A>f$063V%_)Vp#JwISFs(4wqug*YP)h2`veS7!Q=~vy!0?Zw{%3 z0pN~%pvXPEugEc7ApS*To+&LdC&Bx$oQM<#yQ`7pxY*;8AwKRO;y*oTyas-E+@J8Q zO?*6xC=z?OyGe(S?Ke@}5SG+hEncFRzpUFg4i${b8A=a(2(~%ZjVR~{us4KRrt@K` zv2pT`%;yR~JIUm@a5$w8F&oclL6svLjyLMY*0hS0C8k&NPSGV8a05^`=>D!NuBgdQGZ1V3eKfoOyr7y%J0^g+mfpX?-hdpiGqSA{PcY%BV@iH9CAhRIde6 zG7*rqN`K<{Ui?QMY=I`*u4hBDzsKil91JZWC@W7n@9V|!=r=^<`7ixOPLCPY{w$$z zY8f=c$4o6Fz17b08-(=R8h^pXQ7;S=7txP@5^6~)?#FxaJqII6@dexd?M@&u_0Lsw z(Ft#oF6;W3i2sd0G_-+y)+&&2Jz4s)3^@ist!^VR{wvqkgmAI;{&QWZ0uav9yWa#7 z>W)4mF}d_S>~szDF%to4tv zd#wG|NzYA-{u#QmcRup@;^?pAb+%YE2K)Mv!E0Tv+nodsBBDQg`q>XBEuE1^&GF!m zMA-I8jqX@us;vwhrNq)nX%F&*CJmp5BTUqvew1m_anMs7v_q#Uh^eV{9~rQOA{-PZ@^D4!qmPC%KEBd^uAJ6^e6_IAu)-Ir3MF2|w!wQmw1`L6u3JuS_n zmP!*ag7pN^E_T(gd@pyXI)>pMM$`32K{Kxt^Ab;4$k0YL?J;rKb}QDE!5rx&Nj2dO zE;w$&wge--T~s*ksVqf&LnYwxiTdd2;W)sTxY*mksWDYeuiK2+CqbD*2=jMLB0y!z zXHJ)VH%Gi^W)M#u4etV<$4w zPNN5&G;|?T`vYXKOT)sh4io*W6lHsV?+b=gQT<9NhVd?8C=qsRC+PH;&HR)~-D#}4 z3xRf1&R(h;*lN=qCbae?=^HPvXInr@+WV6PUwVTG;cXy$snEIO6J^Bx0BbIQA!t6! zykYcu)DM~Sw$3Pj?9Cr+x7ut$$w$iplC(9Cp;Bc2sFYLd?m|+c7UWzJc+^f;Vw@sl zYdkz2nK7zbs9UmXn~8&RY}vqabNzLx-bNtIIA|+aeB&54;DV5}Ki%HcT3|~3c_Od? zC@d8Y4+NYq$Fw+ZtYXMR9llW2!re9S)LPJ~@IQA@W)iow!}hCOZI0ptR!82YGqel5 zPrF-*H*u$-LcCyus6YRtlC#=p6yLd&6!vjOBHtVVgoIQNJO~VXE!^Nrh7hQkbx^b) z#Uqi!jsdZpS;CA#dcqO=l9uRTmkYfX6EgA0#R(kceG8G;DjO4N?@PXT5PvH8TGE$lWQ0NIpEy_gT8>0%fT}SIm-4>PjISF@Z=xu_5K$BwPi&?Z&J&-3|UdJTCrT8mXWrg22ZolyHdz+YMR0MxW27^?aB@>Uo{Vy_(8q zDcytyekNB-s)a8;IgM%Y;suFC8Vs9W204TAC^phtH0I6Q`F}nHBAQE-D^Tb*0x>Q4 zi5XHkbRjDMhk(?&BycZu`yX^kV--#aYy1fm?E0#ORvcYebiFGzE?GQsGH9UufO15D zA{uRtTQCv(D5Mtig#AJXPGaM{KrbGLzeU(qc{ht)KMfp?{NGi5oz| zIo;xwvY^))hkK?+ieepkynl2#i3a$ytA`Xu1lr$fgA&FIL;anPw}T5RsW0+au*azd zS^s{LT<9Y=y&Z&gu08W|BR)Pl+Zz7Vd~x9*2wE3xFmp|e8sdMKZilxSb0>nD_#ela zF{u8B>Ytg4BdSo9p8NQ-`=g6Kl1GNNML$IK5JXBoc0Tw-OyIy>;|N|umqu)C&d-AE zKOfsCPT1xwWGwuTt|$GZ@y{w9-|DQY*Mt>>4SAn}6RlP}o*eP*-D!esjA4GpQ5+7l z{S4hbc-E&te13;XYu0dOg_)Uf<<1cb(oNfwUoNj=YTpQo{=ei>V9jY)DltOsfY zFBsOR!sA%aWeEqNnuNO#Lb&;3wSSc=;djmD`ntcLO@EM;*-5)1v zvdb!*D=_kN1yQ!0H@0LAYP~{(_e;QFvT2E*-oOWOsMV!fG@x(bN{=WtV}YGkXj~rR zIQ!NxVH=5LfBPAwxT?jjJc8B#*=9rzaqem#Lb%}KHTj8U$0mW)xMBwO`_UtMDNYd> z8(uDqs8{o8@*h{&w*PmR%Xb7LI&s$gdw)Gg;+@W+` zulIF`_A6iiy!njBJd`Z-BwnmD*!T0KVNgrj8oa$7cX{McY57&Z<)|09-0jrzNmn(_ zGQd-bVtfdBA0!JG!j2blbZoO>vvG8EWNY%)3TF$0`rXzx*+oe%P({=#wJC}FY~pz5 zP|t1ZEa69W_30rZVdHG{)oGc#nwFc}Z@#k1ysP;q6ePao<}f>1JupqKY?1=Car`lv z4wa`Krms9>TB;BvwQD422t$ra4^9iY&iTYz)3pSjN$Ik#=NXqlC(*aB#F0Tow>LbF zanyA7=jqsNs`JD87Q3(V7CkBC?jogsfnfJ2EfT#kOXS6vaoB=!@NIU4*)SiTx!Xnl zb+6cvyLoq7s5P!aElf90a2ewP^Guh2J`dVG;y8qx;V=?#%K2VLEReAniT#>#nHjc( za)W{@0dZQ7Cb4gOuy1_VaR;WACd}_i?7QLuOO?GpkSn8G==?tMH9D`|7x(Njs`56A z5uWnjt7tzNd77I8y7&p3yz&{rf4i%vF_`YrC0S_-c+y4+3|YpXL-LhTYE$VrdT7R0- zsx``oZ$uS!#e<)@?|x4aa)6d?%J6PURjT=S;DTmKy4@0LGqI_eKr=RP2c=fCrIVR- z9VadMc>TfQkc>x#bV@PVOtvf0C%}4FF%blnz^f*aKK&0m9)fXz#n{vzWIxS==5X#_DfpI+`KJ8QA4`?HW@I^=vx`9o zd+Ht{VoO(r{*2@d>vXVGMA;Jj=!4OVIGP6&_E-V75)(4`3HXSHV0;HnOwbOc+- zmqbff{Jl5;s`0tARM*6lY@zfQ8KNRLB-i zOx_;0WdW8MZ!h63j{8MV4}(=cMIRD%cnZJk#2}l0>D!6Xs*(OkSdK*+lf@{Z*uHE07`X+{!UBvtFJzem(~@nW`rzH9^sFaX=~?g zZ3kSiV%a2i{{532z6|Ic`}%Ty?cPwxC~rtJ${ZnmArw~A5A6WJl%GVf>9$~VqU^SE z`y|AXGxKD*qED_MTbf$4)&LK}-dyWnnoelxIhU$`dv-%C&b%lVeZTc$h^bt&=h6UO z>jroU#-nlHkd54V520P{2^ltgH}hfc@#cfSr+^|E{-n^*3Q91rOGw21EUKpKuVA+; zc)+qsmWr52SBl4bLP@dKj4omR@nr9B-^jn$!2<Gv8H2(E7*_gXOw+6$)MGCkZ zXvMP38)?Qzg%PFBi;Biqvoi7(#+Zj_MGROkbuIC{Z%!0tIa-IKYKjP3hySBmMO2@@ z*miQ7Mbk#m)isIHT|bssiH)lL3ElqKGv=XeFV>p<>O?SOZEq^R&+f4O8q|?})ndC9 zx3Jp#Bb6SQbE(JKKD1@8)_}{pXCC@WW|W zLWm2yH@LPt7shdI)(5kiLGl80$oS?~N5gZm)=?Wy9Ec!Z;h26Yo8QhY02gng3OKqn zUO0}$+e2Ouf*y~U5c`M+iSWp`IxJtZ$jPtT7kC6KQe)pK2I_-vzjNt5XsR4vDGVHk zd&57~7RQO!o8|XT8unlUm75fKh2NUIYSV#-6eimZ&>929*5(600baFE=6+ZQ_iHK| zg-JEVzqSp!K%Y58SN^q|2e!Y?_1gM}gIHiOf{@mh2u|Q*M1k^)?{0p5O;NQGDo%ks zzS>LhN6GBtc$;49uie!a_txz;;0UQ*3BqpDODgvdxt%1lAS_LMDq|+%({n{O$E=*e z=Z~^trCEA4kuPo*^?I+-82IDNXvi{iJ{o4*Wg^X{^H1TYkPSqcu|S2d1PoQwA1 z;jF$NOZi)})ACHvHk4=&1?~jbulp-ojrYSkue$Q`Pb&||e- zzV0>zT%ntrGg8&GqA@*DJ#xC<>}Yp+e`G|$5C25p?YD{d<8+%*#Mz3`a63YKS+2$V zx@5Zb5Vq(Gb?7c950eCJ3$E?exUEzj`#~eIJUN*@9#yjA!@`+REUAz1hPr2ycf&i& zZ)kJ%RI_#2CzN|*0o>oYMQPH9nwdqNroIP}K7VILh&w)ft@BntK9rlymcQDmbFy72 zWlcBj)QEZox!7Hb;d;fjg|hwY2IS!I79M$L_pf`gs9|4`vG$-nGgO{?H&87f7C;|5 zi$IMgmoGHJso!1}^FcpVu60L^MJBOg$XFn_?57w1s>8)k;)W2+2C8C7;Vl&zS{XC7 zpyWplEHNAO-92t&sY2f4a!1qSt*rv9;bZRC#paV~h99X3KNk866Ok6|4Vn?CHvEs# z5EqQT8hW(;7(8KcjXaHXc;jq|o+|UdFimpLSUa5ypL(k4Wpe=k z=+8D|n3{06_3$pIQp4`DMoOtp4JNfM4~0i$ZVENw+ANA%&Ypk}5tzKkoac@hZ|hY$a5bJv>L({Bql!cJReN#|L0!~)kGhPPUrJ5L%ZrWgftdmAg}>v4BAY0aG!dFxhE zuJ6`VM4}o;282WVCs%~V=I{Ng-FlRPH-=D|@23A*uFZyT8RGx`(DiP~(2 zuBM!|qw*2zy9y5^yS4H?W&AQKk%B~STNyVumA?Ok@ZlSRAS27kQyzb~Xq}Iuh#G=g zCNga{BZ*`Lr+?ZcMdAhW$xu!?Gku?v1^ZP)x?c%^x3U82+Ndd1)%rFK3$yleZT=;2 zSji%>nOMSOu)wdZl6ajGR+epZEM7-M1`8Lb7ceBkSrpoL9uFz#gi|R;@ zkfQtdb&GX+o9Tr&2_J$qkqmw4n9HC1#~Cn(7{2Th?ElnFuz^?oY+wCp#?c8}(5&;w z<;Lq5!+LVW3U3O&lZ>8X%bsG>eVW9D3UY-ylj1rc+Y9#3R_kwJx_pA%ghaw9h+wOn z^3CaRw0fWqQ?ckbjB%hUP-X>KK*-~26;X%b6u8v+Yx8>FG_M?E6t;4{iafV=Nv*c+ za6@=tB#1pJJtx62C;sRFZ^B+7pEEiY74?RLZF>A@YGV+X1-X#J-evS99$dedgC2ab z#4~7nmMgL`6^C-31lcItoJ0B|MHmQ;IIR!l@rsidU9<^+fy`6-Xcy|gZlo*CwYCDT zN4iGl?wojn9W`R2)rp@@1<`8jXu+SmT|_AI-d}9ru$R&14QsJ+3rh#ED6;?D%EvZs zz=u6w79wnQeVHyRNvUqj`R{4RpKTV{41}&3ZF2I^X`Lg;%LPQF+df}h_=hI*c(gAZ znO_#Ddy_FvB2i`;MJ|$SIzec)XLF^Z<^yiIFHQ_V*vpoPyg(p%&`mGtaL$SsUt(%w z6FhupoLL!T`6WguVwM0q`1sJcE`}J)en7bzoFAh%J)fM5WQP+qE158{HZNFTemcyx&xp0N+6xbFZHMJ ziXU*2R!&IpUEtkXvssO#LpH0>}_cWMvwUKn9d`cJ;*x z#pXgLHycz-|2m?I0E!D)j?|N-YS1u^PgrkGZ_~lveVX&jldBpYyvG7W(s@gb?Y#<1 zXT2ZQNHS#zlWK4yo3v|Li>v)uUwH)nE5woQyx3-+0cF$nD^guFNfk_6wmzy%rCe8C*p&~eAf8+cK>;$=;%Y~PDwM<#Mg|(hChA>&Sqh+;rlqRKoS;w@%97`|~0A+hlp_rDkV3J=s5d&T(*P{P_b+Czwt)d8dp_ zzs>j4DDKywG2bc=3YI)}sYUdbI6vt(BiYL%?(^vMwcgzo)}6c88yh0L%o4SmqQ8kK z7H&tgOviY9b=zdRBRF6`EJkurNC<#obUK=xDthu`I;rnzHj($iyHk)pae@0b6psi^ zhrH%2FT;?J=BxiS;o5GVy8=yyIL5R*<)8_4N$>}t9MoZSR3S+kHJ-c}(*{!LW{L5K zPpB5@eb{=FhERg?+Re8_!c(6)p@fT3e1=q=Id=j(@|+|urIC7D=P94_Hx{G?qP;}Qo*Dx<2pL9v1FIGnP`&X;3!Bn~}cLij1TA#HQ> zv#-~9sYtJqeKnQZXrzesBv$gixYq6Uc$+mFXY;kQoYy94)^M3VuFj_(<#p{=X7LhuHYAB~#wH1r6!+iP~ znjz`4)y&0G@P!se6FKO5G1jH&2EXz8mOo}Es}XXmj+&nR0@)(jYAz>eqw*W?SZRPS zlQvgZV~nEmgBqCIiP0)tcW~+gIJ}z*JhJ>)4r+A}hSLlpZnUCti7-_M*LO9DfE}um zRv+(^+_#@&n2>HQ2dZTnUmYzdBCxEG%_l+j3#dwmOq+|?6^Vy3A=?1>CB4ULuY}cx zylip|wz)WN4JV;e4f7*)mQ1{l{D327UyEQ*SP$9hKNvho`!|5;dU zE+w`cR-K#_(3?RjCQSPBDcW*pg=Ic~rc6tzq-5yI*R&=0nuGr3d6+W6qP$wQ#Ly9Z zImb1fw-sX%**d&Imyi*opfQ9$%HecZrd&HhPXPy-0K=`)4SY}yU(1d#=9;_ z8kGJ>>#Ta+pm?0VJZu3rR)d$7Sw{zcp}or>qIU28GSLC7)+J}J)&~q5ClwVPT%M%0 zTqxi8Bx-bXgPN|W21C=9=$Smxq_NA?{qbkM2Xp9Pe>ot6?#jMF=ZF37%)NI^^-e-! zM4`nOhDY?<^@9;8NuGoOSG|I{KQsmIm!UCatxl7}@V~yR@asvVSM=-7_hLf`@`2TB z6Vg)RH`;YqGx$Dl%Y!x$mm7tNxc?o6Kq*b+-{85;NcqPnU9D~bg0YGL_bVN*vgv5G zG-dp5JbW-}k*AK!1)zN5RyTFs8#`CDMpILmQEHFetF_A^=+SnKUFW$4>pA0SH^8b~ zp;`O;V1zBfAk|Wsq{o6HjS)Os}xSE^51$MAS&`m{rH{`uBjucLXBIW2wM5qj{XW_`C` zkh-A7Iaem2n&cRp%ebv@y2$2iZ|mj_e#X-~IPXB<3DoO?lpJt(cK-5HOL@+UBg^+1 z&SK4jD;x4)!+}sGl^r{tP}IZreS#2fP~6;cGV-B|ro|_`KRG_K;m<*|&)`s@t~oss z-sQ1A_e6nKttBD-HLk{80Vs}Ub&dYUQPlt9C^kQ_6s&>LY!_8*luF6^8x*Lp-T8d; zXDqtz>wN5SGC0@9o^_)1tR+RQ@Kh?vJE=EJ%@XByMXZ?NVK^*;$YJz)hNOPLog)t& ztY(ZXu-T%*SZsJ({hDv%&+cf(HP)Sn2AwM`Roa2@$P&SujaSH>aAI2 zTr_rk_<-nt24_2qYtQV#LCGU@IziH^ysI1m)__Qgsu4O`eLs}AN1(E@U$p)T!)ezP z8{>VDWshOJE{IwlM`koO8d#;mzBbkpWoT_|`0_Q!+by7D3w#Fqwi#QIuPw%_!vTMx z1q*Hvc_q{KejX+R7zHegQ>k+3wbFMy_w+9Gu=j>h*Hk-k@iv$SBy-NPVacdho{9BE zTeIaK7CaA0S9CK+K|MAU1i}%(f zA~j^$xn49;1j+MhT-4(8*654w5Cae$%HKR%nZZb*NZi)xC6Y z2_vknwH@^^o_^zf%t}1DO_%-jFL+xk4+A3VfSybwE2Ugro~?nQ@A$frWRjSvfV6Q) zXy22Tn{)0YY9@87i;eo4loFNHbCw!WtjJ<3Bz{fdl(M-8Vxg3gDH!a6#BL(15Dq1w zj4hqbYyw>B6z3sIg7_oMWE=h>g;EQ0)-$2`2lcLyBt<=1sKC^SK|sC4j0t zw}?Y~PEsp95=vQFX09#X%Z_!5*mBu$VOa(Q54&|OMP0i9=)r)c(hYCBPlH&rl<5sN z1%fHtf%9)|&cJ15r||!cL&N`$LkD%isOZI^8{btcFhq=_7D~;)2}9ruW^lhmWBsx# zbXL4>E^kGNE~;GR8`CWj(PV;#XaiYN?R{+{m%KzKuttwrs1NeFb*Vxr`6Qx^*c10% zB!&>zq>5LTYAar$XtE<=!{1zchc={+@_~RS8tl0xbeIYwAb-K38qa|at?fKEWcqwe zqOqdZ@HR}}&?s*8^!}_K{30Y{lN!EurzQb@{e|nJPtf}c+t%xGvrRe(BdQ~u%*j}? z4oja4-*J$v{JZy*|9OY)GwjQuVk>up;q4)fo9`X=;kg92hI6P8#%dYOFHLu#F{lXr@9DS^_s5D-`pnuH@AKL z&@ZgFU7fvXi7x0*E$0wH493n8&o?D6kwc(mgmI$v$D)2(eRJBwYsXC~JrM7bNZFst z!s&~e8zDRtXNy_XMA!g^IYTgb2`^sBft^#M#8jK83r15)|FGS!m5y?UEfjvjL+mb( zA?&YbbS>Wqqc6`nG@=WsT3$V1j6QAHaEl+iV~IKVB$zn@sWzTf?O6l%cm8s#qx(onJvh?C^9#`NW_D6D zrZ!?UarS1k-P#X@@7)bSLs+ER5Ng|`=MAxd)vAa_y_N)6^HIzbm(qE>LMx7+5oiQi z4BPa$?!Y9gulnU~v0)xNy&~v@(Qm1VsIeD%kq6ctx0?aQUp=!1w}Qy03&eZJE0Uro z-fGeKXDz&DYKC2~V&NJ-VK$wuxRI#XDs2c2M*3%wvM_SHpff3$6U6GaxiH2=Pbl5I z6XQfWknUOeScXO?^+pjJD?FuSEKUA{8~lSD2thc({TDRdi6BR}L?rWPtb<#P z1s_F@M1T{ zm=g=r0ILF)y;p}Zz%%)b{#l9wog)5x$!$9+W+p8S$G<23z{#Ris;A+r-P`jaH)U%p zT1_vdyqB-*%ZB!*>zGITqDe~d8X|X7O5jdWcPiuZLi=^i+Nyo8&ZFJOCGIg&l}iu) z*=-q^IoHqOmbbgm3BAI(BgmDr5ZYW^uj(#UDbmBE3nP%+;k+KMRfn;oaRjej2L=NU z0FgF`&q4mP8)I7YrnWVL-Zy>wb#o2uFWx&{a3h*><5;4_%(&@vTaxMuW^5_m;Ucld zUm>%!o~tK=p&$mOl@vc+uSue?e$kQm(GSW2goWCbT;vRR{lYt2D0 z5a4JRm$Uam1>1D(DyZHuUs1(_FL^9+(0BF=?zG@*iEMO??DBbt?gc0pA;BqA6F**J_;I1u^&S$UU5|RB^-u+>uBcp8ao$luSVhg2276I5%h+1 zHN)lJPeu4HJYfGS@sLv-w?8<0$cybxs=}6{jS~@z<>Mw4Mw`UyeS4jWWZo<;`b@7$ zgGDbKAcZn8s;(xsqW+6*J&kX@Mo>E&YfTYO3g^cVh3@-K#h}s_pI-a9!|BkKVUI|t zp&FOovdl?xUK}+Vf#C|PBytGQR>Fyy-e<~hX!Z*(xpX4p)13lg+zp~cWUu7Qd zS;Xxj8YAjZ5aB`~_vCozFa5t6(>+Ehb()Q5BPMs_ZNdLr>_M2c(7)B5zo^h8`@Vib zfBvSo;M5Qe?UN-pc~FnJHciWmXDoyUR!!SMy=Jn)u15%Jvt-Oqr>ke*%b+2|01GGm z2oF|79_PYiLwxs+ynWbkkPqvp%LRC$`2MC5WB*oN!4kc3gDort3G@b<+WY$ro{?1>5eiRWs~&)}DPV(A$L1cUn* z>koF`Cs~qD(;X(%jcC&h&Y$mle`9dH{^pR-mW)9JYviG9bj@cm%11eD=>43DSI9GQ z3(93@p!G$BK*J|zHf;treztKvH^H!LNcWY~`R>jiy}IDZ@TA1L|w)@)Ye8+@zgFXS=3fp)vB8Lqlqp&%v9QTgp~h#6;wm zZ-$ylGeZMfg_BAP&N`yigy{eQ*_j4q->Bwk_+6z*TrJBiK5e*rao(|-ZAr2@wiZEBkL&r0Hq5Sk4O zzFMDE#G99wbg_Xh-_|m>y5>Gn$D`2&Yn5}{nxY#;gi#sxfWKKm;G;D$;R}(&2o->p zv+uQp-usBnh__Vhal;SQ=yvIq&f6D?4>(8_seIoXzCYm*Qu+fGGET(JF04n3Zktx$ z&fk4yug5@LJyu3k?OnCjG2xg(IZvwkg1c~>^!9qq{7UL~pS@w)fJrcFwf5br!81?? z!9geVG(%!p!J3Fe**R1LVGq{u#T0Au%62_&x=mCR)eY|C{$0+^4~1Uiw$?;kFtjKV zw5@b{XpaHMqlH%ak)RfJ78>o8n;ScM=>$AA%2V6xat<$9B1_WFOl|2=jY$3jD91UU za`?5lUY#w9zUA;Mt&B|7$9wk$Wvj$c?xvk*Cm&~f#CPU@C&i{O!2wi0+ z-O>FzOEUIJ4)AmCJCss3GEKSSR<;>D(_&kEPy*Xwl~eL42Yaav{Q8har9tlr)6&G& z5t+(}&Av+Szf06+roT&6s&NGzSvVvfIw5HdIHMB+nJUyu z1lPDzCw|v>3rKgD!0cw|^6q-Zdm;j}-NoMMTrBCuSp4CoZt&8i%=`?@Qu9+ z0Rm+AqU8G!^3EwxggLHuekj%&NcQW;q*-{`=H{Mh#Qc{~BZyx@s(X9^&?!SQPmdN; zf$}Gsmm~Z-kL%8HD(xe?rg5pII4dP!0JnSf6KDg?74Yctt5X$QwDo}PeV9}_^~VYF z&^&&kubu>z=aN&JN9I|s`GjHpFvYVLKwH?UBLJQeVgs^^!^*=2BEkUGETWhf-;MvX zY3^-!^wSxL)wD4&yCYue5;BEXsiAjS-C$Dtwp!k1HAz*`={~upA~X2E(!!te7k*wU zkZIlyVJX`x0QfT4Rn@{QqKeD{HzKPT8jyFN>@>5TIujj-kHbX5`kGHP--cz~Y=q## zL&WHbX+;~?$@WLP+VO;9gH7_M6Hhqo8JtU^z0Mn;YgJPyaHw-2^Ar9Y(QhttmZ+V` z3d{#4e3zjcbNp5AiCM9=t`cQu(#Vot-}iZ*l6Q-Yh^k|8Elh%FC7tns;RkSycdxtdLf4jTmcr$ z=OcgR$SMC!XB&OLB_@KE?W{NubQZ081?eBHVzeuzG*;I8A==pC zK8V<7Q?G}T0L$(Y-075jmtLPlD}lj-5ioasMs9r(uJu28;&8%DDSOlvZAz8r7YY{T z2H%;u{zY-JM*lVhf8tO@fIh?QA*1eD zE>1~wC!UU5_itdQTCNx>VTR#O0j_2k;8GPD-nV@WJ@s)*PzzIr7(W?Q2msOuHDOsq znZ~n*C<;CO4X5JWLxCa7S!N}u3@K$UGNf}vr*!N)5?XmAyYL2B^}ROOOrJ^=a=3Tl z#pC&$M$A-SkFsC+FP>KA<>WMJOfmit9&Yb6@^|&g?TI}bJz^Qt@ILF&1ERSKsL~c> za`}k&$|!|xxh3ZSwR!wAdD7D>XnFVQi=i%~?`{vSwXSz0DK_7FAwy%>*nBfWiFrT& zaDnw#lnOT!B`-Fx9vAY%>GVD$B4SYgD)6nZ5xp3uYk}@{d-5b_6r%VhUia3?bTveG z(yAcw6-XEpEUC-F$r-MBb7?Yhy07(HY5KFzwf%FS-duMkYl(A2;u(v;*Z$SMPa3{Q z4%>1f#~}|}w+u49LW;@3CalVzo*S;&J7z3QPj*ZO{S0@suSU5tG(C^ZQr_E9jm!U6 zhde7r{%+wUw5|1Syi2o)?X3+YnPdu`Z-qOg=K?dPa+5?Cll#rAUp#Ka)9o-sZW*rl zn3tRKV$SP=U>Il}2=H|xo|@+){iAiM0x%&q9!dm#;5am4pu%q^g^g1g#-3ggr|^<~L$0%(WD1ma-s-(qb`Q*|^*}SNoo^08f|u_+baR zJ#T4Z_+37gLzAG1*_?OqQ}j3ie0r4d7-u!qUQ`7xzG8e~O8^w@@CcYEhH_Ziu(J7eHL=rV zA*L&42Yc(TN1hKOh!Y=);Y6(ep&)$u|9(7a7g?A~ZFDEw2oilLb`^`dhyb=i=_b%_ z3y;c7mPvbseBGfxdIwQF29ES}4PWE!?WAH+yj?@wI*JlHIuWD@MqteTVU~a_0(YDh zla`w6ImrJQ8bb~U_u6VkE7dxdcua7xR~%1XT-}IDcgBHQ9u1)?e{nP?X}ox{z%sQ^ z9McdEvR?Xgde)x=K7}0}QRyCt3nD;iSx7J|B);2c(}P#xxr`dgGlv8FffK&ZxbFxjw^$@9`9?E@8q;&ZM}0 zb^pj80(efdo{MG76(JOT4L>l5Cg+vmL?@%WcRzzpU-EK?h(f_T?hrvlV?dj+eOK)W zO^i=ze{b0}O9$FETTMdynKAMHO@)#FFBLAdoNHlsRQ7xZGmd2tqaL?%1|Ob5xWxT@ zOrA1XT|zy0ETZyyUGGIF5_ZcsMbh_UxEbB2Ci-3-YBIi|;B-D23d3P90lol}rhIBd z(pr2^@?nSHh5OS17Ghp>h)f*gV7FfR3kZb#B8|g!l;t>G{~gj1cub`2U+FzkpL3}% zkYN1q<8IoaD!xQ@bn=}wDdA#|dE;57!)3B}^hX@wUNt?LZo|wX6shsM+%mjNN!hhgi6A`_S`ezpL=RKz#vuQvoUg%qSMQ)Bh3sG-C(pf@Y+8Xw-$Knk-;Sc}wJTi*mO2__!yGQX?K}9S zl#gW(BGzhK##e-#Xvxl|BuudpYHkBTLKr0;ctB*`$`DX*kzKA6N3`ksM4bEolK21R!9_jnDPh1;6)YFkTQQI<5lK7-UR~befK1Wp4w9 zcpOdCfrtCubB`N2yT8XMkV;N{i$H^1)Nj3%$6oOz3#X|VJeVXwy4Ld!wX*e?@0^!q zpdIDH1OULM1$hygtZ1+|7fy3mjIZcd;g{#CJt*DD%;6MPDJ^H)^+neV?s?;Tz1s7` zuE^%YT^!Ca*gnX-@9o1Ddj_!i7+YbVc_76w%W&1C>9loDYE}0s)Bq5<;*3@OqP>WG z(Y;X^9&jU{xe2SuBKZwo3`^Ck!X#d!sWRG-Vk*GOv3eob{ByKaX-JDTtSoSOYIp9a zd%_6H`J6duh*Aw$Ej~c^k_sKC5u<`jme;`l_WDDIONmdI7XMkAYaBHS-X2*K@$(UZ zl`V$)L`4W3(icv3h|m(BL2pqZuHMZtQO;$(gpBlz%TSZF@CP`{Z5hbQ9)ROu>lhwnp9Em{}b?`ENfSM*oH(WX|+IEzN z=zcl%xpDo41tXy_XA&OYQn~n2ADOkfTweTsEH%&YGrG@Kgw{r`VviEwXbKIHd(w z6T+|*+$*%(lVWrH?U5lLf{I4wtopHO`4L+ zmA-%JjFza_toAcAQA-m3L0Ah}LjZ9`M5g=xhVww*Z~D0BE=BKI@haTlFBI}!XTPWK zpI`m(PyE7jb?5^zqHoyR3=?~ttPZ`P{}SntEhe3)CCrcK!?Sad++i&uL7yv$3jO(B zyAF3Czg>&_=va05*H`VNpoH4Q69iI-P$xIe{zu)XV1$5gD)EYxxTzUOaNGs{&vE&N z-?aFB#sfWNn?CcBCU9?7EF7Dv!q3p+(58pnChGwlN%5S}d2pwYl*)ip2n@8vF9J)! zqMA&h7%l!Gu}w=EN2o=`8?S|KN~OJn9WP+;gWH-0zF$9{$9bEt;`InVr*ADnZKtZ!`Io`kyK-Bgu!3=h_@drS9%x`+lFiif500$Ao|ahUs1&s@hD8; zZ_r0+J}713bn$^#oKzXlqYA$D@ShT=@6rpl#WWj3k0M0GBIx{x)(xnGO4q!-#;I&i z8*jI?T|}>w9Ce-2-U3>)E)&I=hF{>{v|dsxENq<%!E>R^S9%> zq%f(aq)=i=&PP4KwvaufvgP#m*x6-MXJ^fxjB_RQR%E@oWj$T*fe$!Nz+Kt@T9N`@ zjDu&8kH+7iip1t}^T5;4i&sY>phHo(x#|MB+U^GxEMB% zS|LI|9aqO;Ptrl?W4Zkr@(Wm+XqZZ6rMHU++L3`U$oz;gwNG3lrBLg@hBr#3 zMrf6gMdXck7)!oqwevBm`QYjDct=5gUZVb*XvpSz1EWSI(e^m=dhaeE9OSlO8?mRI zh{MDfE)Is3a74kYaet-5+>8pWZnhPT*Q`jPDZhO4bWeemH{57QaVYkoTUsJp&fvIFl?)ztL`nr1*0pukN=7Q*WEe z?`bJ9x~MUVzyl@?rNNl|{ole*uM5^pI&Kpquf+OJ)5r-$|DimYn%-u_f-nEKE~l45 z6sw)E^Zi5$%yWq)B;>C3@h()7*$UmT7PLpyo-rS6ke3?mx#1I1y65Y7yA-xv?0}#R zWL$}k5+OysrNEHG;q3-9?%!S}SX2QSp0V<9v>tj|M5U#J>%g$Y_7iN%LY|ZF%>Fqa zH(6TXi>*c;HKIZ!t(2Ht_+yFhl8h!&fAr? zmjo_W%?hWp^Qcd*-=BK)Hntcw^(Kxx7+=>reWO5|o9l^uFj~rF8|eKVmSv$v(FyLg zxhu|`-VQ=+=Uc2hE2NE^{b?mq2!AH>17AZPn?UO{(m_T+SPb3iT3X`H^DQsmsvr>- z?!`&`%CE$^-tSLkf;lQ>TmcPrBtMCd&L?WEK?Bc))}Rja+HgfudmBJC!WyXEW|JOr zF|Slgw1>qNss6(Y^RDs!Jtw=?X21cUB8qc)IK8v#viTVgR9fVMTm;P2Q;7~=DK z^AE9b<9U-6A))}dZJ}eLKoS8XmK5U_E&au_Rq&d{ytH#EvpEwROgyq_lT z&o>{0c-bb!ycSLQ^`GN#kas zmp!~N!rlC74tR*FbJNktWGs*CdG4$*hB%g!VugCKI+Q|Y+)t%;zTsU_C9sEKN0H<)Z`X|QNW3G`9iyk zV+3TpLoXfoqI?FbWkBU9_<&3Ayk5sx)`NRCtcPjj66io@&hds^Cg0nk_f2dt+LWW; zRCwem>s#Uj1L7oi@pfb_E{$TNkUD}B_0iL0Qt0rLy)E5Dx}$k&cb8Ti-W&PQf!47{ zm@T@Zg!sbqrG$g80Ud2``_>bBAM}+S=e5KyC2naeCVwX=^}lqwg`>vzE4CFo4|_kT z{5s?{pzr38hLL`Q2A#9bi}0(|Si4@i+OJG{iLM8o7y@%AgXDE*h;j~<#inqIW?gJj ziYMnlnR0CY1C^f|7?@|r7b9QLoLrel6ze4Bk0S#!_gJ=fW^4bPj*2tQ?@2p9Hg;L_ z;^Md!Wg2Y4CoZ_x;~|Wz6-Hnx-FR~%qlisjU?T`Cv**wLHh4el%+am9>0coREpgum zqkxwNTpwXa$7oFJby;p}_TbIuCiv6E7nD0wI`-4N+M8R$LGw&iN?yI1vD< zfV$Q0smGv7Z>uD_j*CXl@~INW0sv#r=b&x8wVxy+k~X@b3YY#(ffrBi^PViqR8WwR z?W4i{;@f5=;`~Kqh8m?S8MaxGr_?kzD2Jotg52M@zc(HP)A}p{nxeagP34)n#~m@4IzJY& z_wfZi6MZD9j!qP=oVawyygDC|N_|uB+S^~>72A_wvv|fnUWd4TG0yY0gdTuPlg2iL z)R`t?t@)dxHDQkrN>-DwN|l(zD$|B&mT%1;+knLA*j?02YdBi9L8|qH%*lAKh2ZT$ zto?&!nvjo0(EM-wx-RP)6-#`5u$}Lap!r6kS-U$KU6ww>8)pd+p~e$HS-#1^^`%kV zeo%6~9(RJG*}{z2j>nDP?=tV^u@h*}Wv5>s%(KkM=sg=F$=+1$C;0hm(QaV z7macm{EjU4S!{LgES4upVOtBk-zucUWDxD>7GBbi0jTUVlhg8cq+{s#$`J{jpSyj2 zI>4IL{He!Px*0p=d~xV4G^|L9a64n)iFiAkHQwj_t&s3;A~y+t&)s zbmiIq&UuGR@qe3x{E-GsxrszFkWV?n#slbvY((;Dd^=X=Nw}lzhjGbRUms>iC925H z)FOLBFk|~SC_!};`IzI-EgvBIbgra=dY4_su|D~Pz^{6yA+B* z|BN%ukoa{Q&1=L;Z)lKq!G-D{cik$7Uy+UFJK3FglzinN>*?2f`VBcnbIQ(Jx9qJg z(ZLiBR`OsWZC9xJl}V4e-{hrhV-O2QNkapsYN$xt%FLR@$#lZPgA!vQs8aO72kaST z5V%ZN(X(LAQ7@mJS8Sg;e(RShR|3HgkLm2+7wX&0AE*RgdP5((cO-wMr}qL~OzUMF zi?h8oqn&vI%%sJ*ZQ)2o4w`~lPF6G{S`Okc)3yNdcg^gYf6n*D56TZ7^s9md-M5&0 z&#rCSd?qC-mZoATa|Ve;qXdOrPDx7#&n2VQB`6YwzOCPcT#$=#mn=3p{pczw?>$5-BD*OT= zL%$Ul)!Pa1uS)`s#Rp`|d;dHQyvP8q)%rSsJfAOmfd$7z6og`Q;X7J@Z~T2*!{{7} z%4Hfl`4v6GoBJ1PPE2Hu{z0g8_I`-nQ7IRvBRuOHzL$*~9ZR1w{z5$?k~seoOeQ!j z%jdm1?N5+4mRgyE=Y#_qVaBK!C~&xI)fr+q!Bz&5V>aj8?R75uLy@ln<%0_J@WBhd zSb}ziRSc18RPdnLRBFi;Y=S+reZ8#MX(_?cSQ45FgGqz4bJw%JMI^sU z^l_y@Cz9`Dn5=TbW0e|D6W#6Eicn0}qWo9+9BBQIsS*w*1p$XhAICztg&UhWQsuHz zsN3K~?e|bfoKv@dr+G%Pwd{SiegWmcoZQa~GQP8Gx-NX(i1E$zdpUo*A(P^1zywdW zf$f*+UBV_!_ls2QV)suY@n4D{Nng?w&T2rOxxC_!u__ESC=-8EA*m{eGFu`^8(wWO ziFdPBAAyMl^u>eGR7Pu7 zn}un&8I-uq93@mFFumBi$|UptjV6c=ro87xvnSc8I*BDKr!XmYdD~^08h7+Xv(g|uHr|;ta);;k{=pxND-O;- z3bg>k7V%JPW|%rBRvw&1KsD`PQvj{2oKD@8Gpf~vyr*FWgNKZ^5KRiOqU|a->`3|m zpFyZi4u&`S%Db!%M}vV!ngXwn!&{vCMrh)ZgH?$ zLi0C{sf2)6QwLRgo-$kWd}{3yoGB*#Bfjg7M;hiME&^})J_N++1!@`j0z48{{b23Z z3sbX6)R_vKJe&n4XAumhC+;a22>-LhNvLDX5r9BLwQdA^_gcPwRd;1xt^X12$l zldc)&9pkj?#oG0)!PiFv)}wYj0LFNNU%RrsUwI#eZ`~uw1p<5MeoB2qpkh{%yAmUu z7ePQTp}>drTzq+)h103~xi#vh&W57VXq(UWN1p}58&|Hg-jL4b9Kd=}Z_OyGSsyG% zcgUq-uPJ1wnOtY0TnePcmW{$IuAUcXprmsD?QSf`Lc5A^*XjgcvD$I3dv^Pgj{EgL zm)#&z{Nn-k-?XGM?m17lGg~-RSgsD&=t6GQhthEjhWXSnSxue~iVEN0P@Vgjsut?; z(h7>?Phg899Q2TeIo%D6y1;()SXV}EDOFz0R9FotNIlB})Wp(yN^%+O_8WbnvqM(r zW`*mKNYtoLmPqHNNpMTI={z8j3mwF(tPsvlie3GR&{{(6NVsij(@`>!E*w51NIY7? zCc6++HNNa6nW*lpbGYrr;kj!^u%8Mt;aRrmseE=V`$?;JeMUrre9_iAujf&kH%}KE z-F1F^fzxkG41SkCvdzRFJlCJr6|dhUk(sO;#I&)KO+u9k#3~NKN@>-EJcHno!^lL{ zej(;9KWC`mRq7XMRBX;4D~qNigQ%?95y`GAG_bUws|e5PY2VihaKaOz?xt;Z?>4I> zXS!}7KNLZiX)2JR+3UfYqW$9`x9T7@&4r*?X=i%CSvoG!v6)3qiU^Z9PbNjGJxK8Y zq`Yn$@@=Ktp#~y{NW_M}GPL1d0t^VRdnof{$~ZhC7hh*qT`M>lxp058QMovg-Er*b z`|*tU7=@EH*jm98I?9Q>rEYynqjq?Y97o3=!rK}%x4N@i`l8h@%ygQym4uJwq$){^ zMO~bHP^?ZrXFYFmbr!8{Q1HCFpD|8OzJ*3Ik2b zw%Gh>5nBtwh?l}91ql+Gh&Z!Ao37rKq+IwVv#bTZ@)*~zVza57m?4a@?8V^eqy41b zj+4CT-}X8+@oytln5gnD+4-=^VE{VuPejOAR3?=w?D=HF?ED7fZ|rIwJzR1Ghppz* zf2K%$P&BdPUq_h=NEV|L=S+zT;F6|G5JM2wTrSkUNylxgqA{D+X8Sd6_$^RnKAl+A zG0$k~q>UY2Z_iO1?OzzAKvyc}X3xR&{Kv+D zQiVh9#`cMr#d-!(WssN6z2`fAdq1fCssx8yvlaUC?VS^089q{CkB;5pVV` zj=m@E$Kzh*&L4t48Hyk{bjz!I9KCVo&etOMj|00MML}PTq|(OCd-6pZsALn#X3%lZ zr{D@J#4_+2%QAtb?Sc8Y+LaqVy1g$+j$gydg~?6r2Svap)0eKV+%c9OzoEBuyI__Q zf`2Q7Ts(gQ4UM)vg=MW>F1!o&;}b~U#{qAryqw*OL!X^q?u{rDFkJ!U>56Q8bCb*S zqJZ_Ph;e*P(0Us6%?H}Cnf*vDFxbXqI47(CHLt&<{TBhqZrLXBM_Oep1c3DOL^Gdf zTiA?CJZ<{BT!f1rF6YC(NB0k`wx@WT*LPXweY=fIvh|n!lgAUT_Fsa2Ylu(zK;7}l zPInX>I|8aLtu|xHfYDIH??%bvB@V8;R7>+5{o+29`b`5n)QwW>HN4|?`uttl?N*4D ze%(*r&kZjn3vU)<=r+lw4iHOonaksCttQ$7QqwggByrB5%d*Yk{J|iyY?17`T2E<1 z{z>(AmOr-Nj8{;nU`n9j>fNg)%BPnlDbT~#nd&rQCt)d3LkOgSd)tiG9+yKD`fKUL zXoW%Wl4uI|VfJ509y^|Fr+yk(nipob{x&$*UHed^1?t&IDE=+C_o@8^5dXZ%uhnu} zeOR2Gv#K8wUK$!+ptCp2_lAnlZl9QijqckF*bfb*iWRA`p}`R$9d8*w$;)#_3N@!o z5QY=hq!X@IvFpLm;=bik<2j3$ruv-8Gy%y<4c+7;{)FGS6(etgbRXxrML7gOh;yD6 zDp4U%aGe&}{DkB@CUyoFsfFjrytlp3Qhhndc9>qD+58PJKj@{Z} zqBQBXUuQ$S{QTzT;*H(wA*O#>;vmmQ1n!h2UNi#C7!l83r`{B@%-y6gRkhLrn-FlD z?pZETsMb^Fkpn4Y%j=3MIAcFNfVc&{Bv3uT&;yT0*h)-#s`!}ZSr0Nc@)j8Nuzq%5 zna8;-_aR@s+GUL<#5Ft44eh=;YB8jC9ULCS*ZZo0d{^yrgEz6#9I(dAS>BmAw78gz#oY)$0FT?BI3}ohRDiLsVeMUxE3@)*T;tatjVnGRBeA#z^@Ei8j;O(qA$rtH`pAR+Lbf*E^EA^jk6we1^qeyR8knynOd5+dj^ickI@$(ch2d zfj5Jdexx5aNt&0|%&m!y22KK%&F=WXGws32b_*`zrzBv!{U5^@LKw`oT=}uccdfi) zGV0AzR}7}%VA&GwLUuOTW9I??jL(0N)2G@fJB+_CuIFk9>(I2y{jLUnA`gLC=}u4W z734&y=NYc+tw1W{=4O>_*6mi+huiFZMh_%O(&vh-h4GQjJxF4*y*D8Zd@7c0ESG7! z=xl%2pfyXu<^Nlxga0lbtPAUz9w-<(oL|=L*8ihGif=u)Bg!F-F08`2z!T z6=~=UL=*F)eh66>cus)OnLA*Iy-TB@YVTE zuxku6OA3{s&)lJqCBPrglSF>A45);V;?lCf?yH;q4YS0?Xe2vhtzp~@zwnSfdfY)^ z(0;=T#|{-+Imn*Ondl zs6+Z(^#DL*(#)`F>uoJwKuXkNtodnF*aLMTB$vxtkp`V|nVL4i)=Z5M%rsKD4L<^r zaHQc!USK@y6d`{ngnDIuk|I@taT9gFUB@=U{iKKY&Q=h?SDv0lAFq;_$tj;{qE&Bj zG;>I4+NxlZEpF2qX&5g=fWF|^xgLJg<7;_FqY1yxLZzuiRm%A}L8>zZPq%;K-dtQxzr|%ZS4GVh@Y;F@mDt!efm0yw zV3UMVbDEck5=Y$5bJ!@JWo4{0(YZyJ7daa?L_)X;k5iv>YNo|H*PPf^Wf@BZf`3`} z{5$_+mMm=eT~ueK-wX6(D4q^hLfcEffKOE(ZQ0(-;iik~F0#48^FX%MVM)no;XaDEkJWv__d_L^7d3Z%N`^}$>8NSJqk|D{9 zILCX1|4;=>Jwp`CsgTa68IvqYVz+jaipMZ6Bx zeP!4jb%~->ySHq9nv94wmu7cnn$>ZJcJ^}8KmG~g2xMnuM_%UiNw_4?rVju1n@vrgp5a`D8lG9b+@ zMT@FopGs$pREM<cH#5eq7o8?xnE2e-aL$*9CdRF`YCZkmJ0R9VKBcM! zs`XIrPzCDRl2(O?S$-a){K~BgQ;ynzC0@e5EvE)o>0^Ml|0UO(xKJIFdW$~f9xKc0 zz2ayhNs2aB1NF%GD|W+9tQ0p$#n9%P7WVkCFm8qv8oq&%rBXY|pK~Ranw`&-P)~rg z#2uwdH688E_$nUcKmFmYW$8h?Jrl=|hs(&Nyt4Ie-9r_&r``I_g%Ml=A%4zK>U7h; zjHc=lq!C+gzQrdOsN9rz(T#1}X3SQh79jg=6fZCRN(9KAh3&IctgN#*T81)zO!K}g zBRJ$AzLNc$@_s6$|IK-2g^6jp)0z7VlJ`y@K`~AM(+ruyk)cB%TcifF!3Y};99pPhQ}mVifL3mpB@5GxfhIBfTeLrf$6J?= z&UG>wFxhaM=TOb_b5MIawlRi7fD#FT%)Svb)P}Ba{B;)kXFbCUpaoq+3OYp00HU>6 z)DX*W;ovG(sA!`CND*=XerqSJk&eYik$zbq`XdjGJ#C!x_b<~)k$@mjVV+aZqo}pQ zQs4~5#0Fk?k~RuB`bxW+M;T>lwnpKFkgAO*6 zK?b3m$*AQzDPp!eKk(H#pE<@4l-P}^wV_fkTu@~F87T!H@(`Phf#&Zg9X@=Hm!DzJ z+f(9JE~smr5SJL!$%`5+#UZtTww;4gi`VRn|6k3B%C*Q#h3ZjrBOGWv+UDNNv zM6HGpYn^}es!~CupLpq_z{*sLVP|ye)G#XYZSo(sKR==UiuN%>pg%5TE5n!l za#T~pJlG*>QcZA(5j2n3S{8)FPHkfx(x{k*Eh~n$} z$~$z^@~51?NZp|%*58rX_3ca^BNB`QjJdf!qDK;SVIu9Fi#5EmXxlgi|ckjm{{VCOcwx%a{q;gW2Jg% z#nG{8C+%Q+A?IXV_rkbdhUrX5i+%d|tovK5)wFTKO%|jA&2KSD^&27bUO5e19Mv?+j zCOLateZ{#6;U((7!4m0`y$2Y-hU<7-2EbOaSw2tj#$*w;+N-3JV2jE$Am82KGy7pY z_2I39!1Csu>R!SZ5zIX!_>ADlyUnR+b|dSc5J zsYY-kv$-GY00^lt^FEQ!<-}gLSZ8iKDIoaUH z<#1wpKB1_wQOM0LxS8AcrT3KnijS#byRJ69>nqMZ5yRO(M+?(*m#=WOtW^# z#h|!OcA0=zzb>hz`$|KIpL4Xw|Jg8>EYE%v!NFQw+!&gbeP*IV^C4cg%1AtEsBez{ zGUjKL_hgZfUZG*F=_pmt8X99@vW*dM^awUa`o=jd+{*eT%4b{OgCaky>B@TBS9!>i ztmL%n}uiSA9M-CPj71TU6Mt!Mll`Eb07;DY7-^QEWp|p!cZrgC3CX>K|0*a^S zj^htzqZWyDN$fRy&=N70t-g3Lkp^Z(m8LlC-4R?Uo{|+gJN6(twG?Zaz_KGVLBzrn zo{8w{x28r`9<2L6%R4H@*Rt_p(tTm8rzY|YtcPQ_VL`WW@OI;&1#{J=wdT~nh_8HY z;)H*Q_zR5)U~M@DOOoPmV!Ssq;pN;1R-IaIJ-i!IWoFG*gldwi1YzZw2_i$RSz|iv zcR}k~Xv_!!PpM~{NS)fyl8@rwl8^S^Z_JCDdJxE1$sIePZnb$#!Qzb{jG&C_;Pu2; zyVXTutpKIYCXSZUe*ca6h2&koyMdivqCDTtdcdsx(**K5+z1`6XZLRJpxfWxksCv!*6X^ht<#nn*7v{?xh?Ky&sgq<2zrzmtre4(eBsM8jy4y2rG(4PO5 zqDa#h@(k)Pj17)zsoH%oc02#%64N89EkE@SsV2k;; zBx~Yv;2J4JX}?3dcKqE5m?Oe!texqOFsl8uoO1*;^5JIY?SqziWF341N|cZ99spe& z-Ed`Jzppe5u-THcd}h+sU&{%sXrv3%2dv8W6Il5!LMIl`Z2{H1(uV}6tLiSNhQ$*! z(>vQCgPPz$?H9%?JgN4kf&{5-39*vPxU7Qb0e$VM@20x2IY;I(4OTc=ub6&xG=@k; z6#MYkoF4SsbXnoa)=?|SFWv#2t=uA~2F`cuyk~JNaUz=NCBNdi;}~xU)uJnoeb+t& zrgzoYx_6eNHrDFVsOwsYkS-_=eA=i-d{mD#fqL}X$=2!TM|dMrFH7*qBR!hg*|_9( zOyuMy)yxtxTOhZ!FG-6}-rp>!{wdsYVgIG9bjGWWy_I#`9ob=2;7{fLq6?nY5ldp>Af!B^(6$d zMhF_(xu_rm$!G@sB}FH1M(LnXqkM+apX=SI5%IQoBpAmIRCd^ za?3~(V#ye6QClm5Fua&0qP0lH;(E?Jg=K1KBY=MN~8w&eG^ z$d-HlbLoKEI=>3KDLaXiZeYAGxIm)wC0nC47TSU%jc<+)guD1y0P808HG3uzPT|{PR*OyTvLzc>}{BHk0mj+tOz z+;4pwc>x@GFTHP2UDRk?Aon+zBs=F zJ-mDJ(zBOpHzOwpbvn-F@aWwytIU4zr^D}6RZpn4bR&i!%~<E_V>T-dW{v$DV}sfM%L5$_j{W1AqGwO_klX~^RY4u&G~&_;ND_Gg2u z5X>%z-g3U*JK{qF-TM2qGF{rbokFZwq*v-y+#?ZZGYQl@6;~R^C+wPN>l~^G1H^IK zH;YE`+&=ygv;8cKM^UTpy8G1@p~93ATm0k9meg>42I~~U8s0UlE6xUS-S4@b&y8f_ zdh&F^O9tJ3dtZT&F!Arf#A5%PTVKlld2f0f$}w}l9w1|ZJ8#NyAUk)AE4(_TVB{eb zO5(f{)ti-H6>)YoqFO*8`iR4y7){T@Ch1iVH$6Wg-p}CO*sVMAH>W%$e!K=|sE<&4 zW@rP|i36>z=*SjObIlc)$x4TW5Ln{ktq4Q+eD)- zf^iR7K2#p8i$k!VjOiCYrMaf#QN}joJ?z?6Gg9cJ;_+onS%28E^GP1^Y-`x-*!6_? zGN-IRp=?kel4JW+&qge%{=M|(DMstEkT>sO@)AOH`LZ^B)y)Bkuid&q;Dx@f1@B_6 z9%kht3+6qT12>@F_3RRrw_ENemoS^Q=tepZlqPO+2A@=%g7v`47;r%{v^-0aXIN=- z$8hX6d%w^Q5(&5mP&^DzDy~0bpDeuoHE<=KtH+KBt}qE2q3$0^N&lfGE61KA9eype zAr~=_iZNufa_APPpBP%YtHz0oaDAX9JbiRzd<|*Do~hq+JEo;x*2q=|1YTVZ2LLVy-Nq&b>v*N z>HEO9kxfOb`B5t*Infi~erCXEe=Q*ZcwD*~i~6V_IAZD03a0)pA&?W_?*7h1F0IK{ zZ-1US5~EdU+Po|Dmk82j5Te22MV&56Oqs@KSiZL|31fF)(sK8YzualNHF`f%;qVDU z?1r-%rFhxkG6l_(XnU1f?MTjdXHDPFy7F?44$-K5yea%fkUp_+@xG9ReWf80*t0jx z0mJ`)f^)a_f6)y$s=8;Cux}`2o|pDZ76hMFw2$W_eIb&wgF$C z%cPfQLdS!vGzalQV$YoeI^?I!Aq~W~P4 zSRh_{1eRwsA#Q=T!0}8k7!k}WL79*VpiY#pzu_yajJ9X@);cdQ><_wzmbAe~K{*2# zOt2_yP+|8aj7>A&G&8y4opmD`theX((U4kG_j?|#MW|wh^tppiNX5*fIaC#G;rmA& zIy7kxn7yM(Zx3x&RNnK=8N8_uGCbk1L1xklq|kU9T5&phfWPDZT0RcOWn z2D}^`RUHmT0qb7Z$z>I$LSSyP)14WAElx~LB#xTbnOP=fpcusF=todO?z&zM7`sO| z10L+j6q>n82!4tm8CXFKfWrjcbG}!$z#G@49Obzt!hKSumaTq$G26QKb|+0Nq>mlC zQqw6{3}x`kG=bQ@CxML!&y42jSc|X;4sBQBd zw-@?vqxd(C`2ja2oE>5vg6m@TGXqDC%XOcK+-eapq=YyqAAOhF~&lV0#qvf>Y6K|Jd>uWjc3f8jpy8LsH_Fb z1mGG(pZ0>aMe;rww}1)62g%T=e7 z39e+)mKOYcfXUfwVumPu3kCepK=MlDldPu{MET5X2Y^pzUQqE4PEOdYo78`plgxB8o||0qnFIrni9NlN0% z=N4HOnW}1DY4)QPd6T&;{*yzA6wlqb8<~FLSx|rAW>cfjm{M0?HIz}hnC*0;RqZ|w zvugbcr4|B`=Q>|kHzwUp;s~Ou)=#+9%Cr-I;}hn`DyyymVJ?s#|EO`{LupcVf#8sl2b8HjhBYfKSeTMe{s!9T8xL9N4V0i`bQpqm3)3@{y)3IM$M z0sbh|ew!a&5K{Bh34NZQv2+XwHS*kI)YLk?rIlwkule%t7ki>R@GrXVH7f^O>(X#O zU_P(=1&+PzWw)*_8|AWrForHV)<)E!ntP}X_r&c(CtD9bKI?4(WE=<>=6KsEdsxhS zh0D@(1Kn32w57tWlT+XZF&SAyu1Q69FP6Z=P1TrjdJj^kBh|$4;;|vZpTCnGi_?+) zR>ui2BMY#BQzxP{(J>Z88Ar`o!DUH<&ZJNj3eVhMW|`HigE!VU6%nOk7l@mFQt=sJPrbT_EsJ>69aLS z#`!J1?c5TjYGJBPB=gGWMVtWna^1a|V*@LUJuZ6b(x~WZJmNg&PoMM(!9Gx2LU@6p zNA>1pW)O79&&mu!d(O9`Gs;h~sL_RjV9b5JGuvFk+~(*rWSur^|w}cdVgJx9ae_frsxr`D|`Z%Hqib*c}&zeY!`utcv$47Pc_f8x`=)?CA}Xe*F?opyk8#pkg+IB zz>m>W>W}xxm{(D?t>J{7drkY4KJPTjY0M^8)()?P&1L#b8F!Jxs9NRN9}NUuKQxhP5&oWlEQY*2#ru zPR|C2!Jw>kajnWeB7a}sKH-`Ahtj0Shehp!KIGhOLckw-$YGgLe~C|X-XEg;G~g+- zrVTU+0AzFNeF;ih^@ZX7pJzy5Vfx|FyZ?U=QdZ`YUzSQn7b!&%=r>FbRcvr||0Ar=P!JUC?>cQD&NSiF|M~1<6ShWN91Z%xF+`i(Wo*EZwWT zS2LE&USPo~;m70I9Qh>Kjo#6NUZK%gb`=|=TD#bK8SBFj;2OWrH0kE(fj#5h<_`X#1Jl1OFlbbMy7{f9&Ny7YU=#i2%crj+s+F48 z!dNAJT4v(8bmAa!R27<1_cuTLF|9Hv7++CM9D5 z8+Y*C-bZY*)KKO)V$u6~82tuw?yPWcZD=!IztYvoB>a_jUNJ?1FSVF4$-F{+w|-#n zoRoj+y-aM962nMI(sFa}&1Y3nKuT|7V*BN6(s-S7Yu>FN;^IBw@pOr-Htv=d9eITK zF!jObT{$<`@DKi4l6bC#Gli(l3MFW?MIh!Bc{~;hAX$dl{Ma``uh)aW2Hu#r8Mq+F zXX*#KU1p*SVB{sl1+Rq(m*l3B>m3To&poq!CPm%?AEM z*3;jHaGD&~@$^eEUD4)M^TZ|1Rkm{LlV|0^5Im-#?xLiZ6~^vyk=N5oLO(fOju)BP z6X#F#9uEEF;8G8_#8nAp$pm^VN)prO3W(JUL9?Wp>q8QkO6)BvIoB7kCndj2bPJ?M z`MLu-Ew(js!eN9=jN4$6yMv%=vBy3}qk9?3=TpYX5$pd^3*A2a+q8Xrm1Z1-dOZEF zZr+X#d|LlTMuiYXj~oypgD^Y=-%Pzj6ufQ)noWU7eI~H0*f!1TdoMM?d)|lSwgO_<2 zY3b=5Tqk4k)>6wPEje6jvpW+o1U`OgpR3Mz%&o0AeXo|}il0l8V^N{q*NnitRG?n{ zNrjb*Q^%xK6BytNcEP@L7|rByG}d_GlC+JY z^O>zw$tc;Yrm(;7e24ZxM?VFb9Xf4zZEL#TjW-azPF?);ZZaRi5f2A%^cGe(9`-^c z6cwQcsK=Mb$+#;m$JW@+k8#XrE&{q|nJ$qTXP zDm*P`*0~VO;^22h1q3)Vy)nLBFX(W&{4{f?g||+a)wiRe6kM@r z{C=QYPz`&&?93_~KJ?taat1if8&W`ekqZ?MHw`*QtMr|RS7(lT?)>g3`NwLzU%5*q z*r+w`Grazw%FAG>RWAm!+N{BSo@=gOr*qIE90dasg$=}JRlH1YN1JM|D!EU8aj7#h z{`{h(%8}L!^`n6v^nWM^Tw?k^9OuxHXC<3+aSDSfy4n4~Lr1^dr8vGY<}Xhmpa#72 z&Xvq}BVsB1tX6{7Y@eV^AFujRjaBU)4^=O*&Mdj0+8w5bbO??%T`7Kc;~1#&r2*5W znk5BIMrJsjCH2}b?j&+obabyGhjhhtAcgPMKoN3fc$zdn$q&U9EP@RC_aEqxW23iy z+#v^GzfLD;a;cFk;?ku~#QlgGih{H#spRjTP;II?tAd;Q==D>?C0o+#!|I+1va_&U zE!+5vcNwJYMUda0KHQ(1yEP1QybM@A9y@l%>W_)hCAE?+ZBOD|W0DzKeRN>P`+=}S zhf@>AidX03@;x-_gGPB=G;MJh*Lp~o$M@4$Wz~Qu7#PrS6bd!bxg5uufger2ce&|r zZ5@^&O5g2y^;5tlWMSz>alz_0`iqm5TPiYE-1Sq>gI0MmC#B@SZ8!P3e{_~d^_z20 zyPoaF$1t$3!gXUEJL&A?Q^DG=YmV&(8W&|=PX8?8)|?^{-Rx+AW|+05ch^@zregLr zB@X5?(;+J~sd<&8&!hx}wlFQ{)eNz@?Z#I!L^U%A z%PnlpPnZ%b<**@umen%TWI?_`$~*tdkI?VPaHKa^fvEM^q`k#~QCR4^BHb4v3wRU- zld_~@B;@1OhLj+5j&Bch<0qS5?2kL#RYXMlght+Mmp)6iH#Z!9}pe~wdLOc z$Y+r1Z1bQ@*I}{fGtrU&`z$ByN;eAZ4+Ak+9i0(4xTQp<5~h^1K86%&JkC~9%^?$! z{u>K964>Keo(+T_IeKyi-C6sOYfhSXdubKFbA=Qy>ivH1?L8C~sZ;pE1-PMAvXGKj z=87lQx3wKUgI-#`V_u?~Kz!8CyDH{c;-*=q0z%L>K|FW(o;JRzD=Vtw`~o@S;v5d< z0kPyP&ksh9osgD^pa0&Fb9urO)c@sUdIM~z@=n@3FM1>V4|gZ+)*A}wX`6S#d0!amZvtBvl>%wS(`TlzNdzokKgN+!h*fH0&r=a7h&yb+y3B{J=az{ZlfjER zw>oE1w|vh}vI%Y*-rGgiZW5M`aDFE*)`rwC{Y=uBA5?`Gd18`LY|7#EIZwy$NukAM z%>d{+BtQ_#wf;FS%l~y7}S|nQ00OcdT665BI&>sSsbbj-_H`1H#~}nVS&Q7jnK0O zlOdQ#MWnUngx=C@C42A8X+J1@5z6s5d4T&IHpBj1hEu2$jp%@WBPz^7w!j;emkyV9@nR=@z_2c-Ml2;Shm|!3%`3`O%i{jvj9)vOEb*ilE(d zWfLvRsmR0LkL7Rk+X6KssE$eHtY5HqtA(!%V4A}@Rj1et!tAeM2PV^c~W$Yk!e<@EuaVBE0lw40vhI+sWYwAlJ%q{RFa%>b!l;J6sic zLJ7EE_)pU)dbRr<2)#+xS+XQ#xYifzU@0M$+$>;TV3sanu&demD|^_xC@vmKEGVy1 zV&K*7z-2i$1j!|JI`H78>2hm4$EY2(Oi;#ujVBaOTh&C47=vam*q0&1T#wE!&7>)| zN;4xpTZ-ZRcWD{Ni5l)<)Dnq1_Dlsn(eESOo6*c(rN*}|f$rn!3%l}*C`$}}8(~y< z?cgB$f|9{{x*GEWQuxZ+t1^pxO$iHws%{5Ko~VgZXP@`2l|D{Lf3&U9Enm?@)t>sg z@Ou17Qz$Q_$SH06rkzhRBLo0AJ{u$@c-^Wuf$r!|;HxJ$WZ4Zlbn@{#=dSp16*WLn z(Y%l;!9_E@KLxph%bxk#(X57A`gN z$^tlowbL)=gY5%#cb;GYV7rhx*t?M^nJ)3 zy~nd2$G0BY0DoixhJ5@VTiOm^#vhlfMRvnQAcX$A(}3Y4uy^*TD)*wJiC-NCJQso+EX=gnK=7s9JDY3>P@_AQg^bfzCOdJ_VzjhM%nGViYhl>@M=e# zqu=S-gJI74;^a491tL=#7}mrSy151>GgemE16A&0(5T{HT{llHNz+bTamjfnxG)q! z|Br<~f9}~%NHcM3)`^=D zn{{7|}-xu!GAv6Jwlb+A0NbN<4yPt}7{QYy`*#GWTrCWaGbFeri)s%xF7( zSz6*LUzNK6zHgEdXUlz^ZTB})h7C-(z9x`)<$A~!a->X*9U9&N1d>i#ng8>2D*V5v z)9o-riSJ4c_p_n@rnF`)2}8;k_uj8;luZ(KT$F%D!M6K2#iE5dXZjqjHpDfpyS?Sa zgz~o3)Gl+DC#WB zGXQyJw=Rlyy^uV6)b|G@q>GnUD@&GWZA?bjC617I<$&w){TnYs&&MIVt;SWipGPs0 zFs*805Rd89YP-(As)jee9CuzXAqrr~`qD#-NC2g+mgCX=+pDeqoruWD+13qn_wBa- zq0Oy!gem0y^LFF#y>Rj$xSuhi;l_G12;t(Nqq>n^We^DW1van6sGtP`B!~jZ+gnzE zog_#d!16v4gh{byYt)^Qk>EU6sYP8JMiY&Ulj$Z9X1lhm+CY=HzZsF&Ur$e$!xSPL zF=G$`RJAH7;w$)R89}^ z%Fc-lCcNVhS&r2vebKo2Z++Bc69RSS ziM8)76QidH1fwUbfrxB~m3sO+3b59~0fK(7h^nbdCHi9Jm`ykY%Pn8(m!n?0y;xVl zxM*ow`mH~V0v5O_r!5mnCy4%Cck#UE$$tw1Ia|LNd%>6e13{e*e+`6qw+O70YD$pa zmAYG&-%HVxT}g25!k;~P6DPRp(K2$)zi!T3^D?@-^13dc zuc!A9SB#J-vkyb)937$P(`&vKdz{g^VU@-|+{m+iW5L{&o+p)#+gxvuZxkK3n2>7@ z5vW9YtoCK^sP)hN+YjLDo>uE^g2aTnP5smo@iuCSiXoeu_4v%~JDNu0aUx$l&STLE z*e=xF;Nas}<3FGV)~BZqBC=!p45wK**3W12iLWxlt+#hR{4c-7aN)aTnL_{-A-9R6 zbgHX%l;=CCK9nUaNriaB&z~&^)$4v5%LHdT;s}7;uevaM#FH!8Bw=>l^pf)6h;4jF$3@#|4-#w>oSud5ooXnaTN@K<)+&yw zSo$f{5Vtyyd<{i1RW2-hZuriH=`Xr@_RNa1XBoF^8xU!>d~+dyTd)st5R5mpNmpz` zMM7uB{4%9dtx4!trERQpeCdq*sM^3bs#n9G*J9u^3ZM?PMWX-5%Vlmfmi51&&cB^r zYDt`auTxE1kQ`E@!3qtQV8t~gJ{x#+bg_sYtA=H}Nl~I;CVMSWT5|0uX-ExBNoJtn#IAi+ zNrlF5{c_a)feTrTUnwMyZteCWUjjNFmz4dI0v?Wg;@y(;{Z`ENz56`o%8O6Fig=*u zuXn)=6clfvxxDw4HnKc?azx5MKZ1t)8LRXAsSi$N0X+c@5^) z{j4r^@w>vnV5WdX$aP{S7qYg7$QwIk5M((NoVwjO*-ozaX8M7h&7Q#QQ1qLpVum5iEirjC|bvb&Cgs>ypKDYCI zR4Lx{tS+l2%t`0L0M#U`$yNB1OXdts(TCsgy>rbk^)^uIvputm`vTw}WecwIjj7aZ-mVV#kkzHw-prt?(&RnA1W^1CzOEvIn%hn_`|Uc9_jK6zI%V>m~%F$Mc>l*8boqvb<3I!OM#zUz%pR27OC-bCem9v%u8y;kp1PcwTv_LI< z95Sm7vbinfl|771RvGe>q+i1pmgTQH`ovTBxQ0^ik$bem+jKf5K;TxqPbb^muYvBt`9Z5=v2&$iyilnqzRRz3ke5IojK9BeKA`g&j^lQz?* zmnWwMnGl4pS9;$hSGq&VGu_75qhT}(tFCQpv z;_UVUNwY%cb8_oIhIRB~_Au^cO7m@6y8KM|eAUU| zblr%6IIOQGK{ysWI1TgZg@UCoKq4O!ha=zEzfEc1Fz$EazEH8E@5mOL2W_k~;t-@R z2zV;JhJD`SI!N8noOiY24U=tCXs_Dq^=@;fVzXzq=F&SSyQ$azx{d@N?;jH_f zoAB|`&?_2D(Z52=*rxB<0`u`*T8hy0bSIKe(Vwsgl|N#L-V7H|z4v}Q##3l(+pDsY zsPX`6BY50Rag?H*#Tm&fcaQP)X*@8zy=N1mxJ#Kvvxm)MJV?Bgm?Jq!O` z-a@#g_VVZQ6_N7g7@P?0vXX?s0?&Pa5n3{TAdwru8{% z>xkp+`1M`2a0K#Q+!g8D6aIf*%)4b!;+gNcjPiAF!KX-fj!qV_BHu7<+;Oz^RnGR`@Fci_QWl^IkgGRap zO%miO4;_GpveqP{utd|(qJ@TW&EVsyNrpPpHSj+S7TB9QVVgi&8)qKKVm?K|pE3Pr zBC!5l|4>LT2VPe^O*Hr(8luQ}Wy`Hz56Agnr3TrApYQ{({cPiG$F&HJ*i+@%QLR!B zPNM+iiEu03UcZj$TUc9>!!I(P)-8%U@(he9S_j=Xw5ItwYj0rwB>XV7e8NBTb;O+c zIkL@#n7k6)7I^YPoU-TyX{VlRhIfh~Hveb#n))x^Xd1c8>R=lt&B165p%&w#_@7hY>mt~5PK6J*J->A5<=0x z<8T9cI1;j)MWWbSD(+ISmL17Hm=W{3N5q|li#~3}I|mB=5&hN73(CO~4l`A7N|M}J zQVmR|n_3BG-N#XthLftk z78;n>1E$&Z*cjScZMI;tl_vV94Eq0Dwc3|K#}njE=(k5`?KgU3`3d z6~Y%#&dte)`NfZ{ok#}@OZ&k@T;S-qGISZ9#Ai4t=_^@o4F2cM)Eg?f^_5owcWj+aXcL)YD@ajvCv^{mRm7 z2_?lBo!@7wEhZRQMTiNb>msthuykDd)50?QE+ykAawyzf#3SEtL+SqN5X(PV#L$P? z(PvWd0ZjOoLkT%V19x7E8NT+H(Z(EGsuY7529hU;j}P6CM6xRVA@DU_e{BG7Z`~91 zXUe6OrkK3Koq6|f4rqSrmdwJ9ycJCBunxDeL*UfEJAg(9DZ@tUFH3IHHstR zw!E{>g~>I_U+>W9kpr;DlJf=LX`T_#Mh_-)V`ttw%Y67jO<$5IL9OMhc=W2MztcX{ z^~vt3=8lgvZQ`h(D>m!9Zi;LIjZ`Ea^PGC5x5IybJ)yj3U?}k%SW#Z_pK`W6mIc|8 z1N-e=<_9cGL)TN8iAM=a<5t8MsJO2qAhHznfPm3I(w*_ z%^30pS+fLNhrcDz$K-ct64gTJuhC9){N13&EBA5ixNH5#$phXiaGY;CbhtDE>~X?5 z(_}p=%6k()KbqLts10ylpeALW+xjq&{O&K%6@oss3nVler1bw|+Wng0=mK8hFuQ0d zViLgIYCZKZ^qIZ%TxARx?C^Ku4rmV`#G=fWWR97E?Tz`V-B@|#e;^!F+9j+6)B@tW zDde-TdxCzj5RqiITMyuA`N2CjUwCG;o%yyf=KT-2YK z1}U0b*GA>VO8p<1S){tt(OZm{x-57cOWZeD{&q3zUvhYlq48V-0Jx@eo*Ss#(>PqO~6&WGF-<-}eyv8;3oGPEyz&p9T zmsm@lI6d2MoR2-qGJ2rvfq*xAI$u00H*!&(e&ZXK^)f z)N+|frb%AmSjr~a9=B*v7xya0a+uPO?-_y82WTUTiOUTugPLqo!->l*gx@%b2hY!> z25~9+F<_?4ZQgxu=AQc~#OO&A6b;JyQ`v;Q&DT0Gzz21DRdzQ3l2dMHOW1nts0=8gC-9jZap)f zYi7l%T>jPM$t;E7udp_Z+DQf|hRMJW@d&5o-ITCD{-y6``EwZdY|`*Qds6k`^4yA0 z61qE8ivvbT)03}Tgr18<^gUOf#*BfK(hu4i^S?tD6?Y~a;LzHcu@^often=}Lf1D~ zlokcuBvq1ma`80+b=WzSzn$eK2MrgsmpN^eFj5I|LYKdt68*R)Wc}&-2OG|}Y=rMR z6f^AH<{eW)F3`}#;Fh=;rv~*V=sjhu(6JWp`IX=)Wu7E9^Q_om{HzAU;Z@Yxr{lNxvc(BE-C8DQHvGKJj(Wid-cnimBKp- zI9X~D)n+K~ra)S(+F`cLow7B2fdl*dOs3+^` zF(nmg-Er82ys~(15(W&hbYJ^)Ux5TyIxW-1SLl=E=H?f|k{dj7_%op#lVZV~{U>{$ zHit8cchp40IfHeIwWRr7XNvgaR@HF!#iB&G#X(%0VkfhH$ym|(`pCeoZ|fmN$@k>_ zD-etQK<*D+iPsL4eZ@>(sk~ZpS4|0m|mu+lBg8nK=(N9(ZA;qCG=G$uvbF*ZMHG9X>>KYY zrG~u_0sT&N3kA&(}wxc5TULtf~qak1>y)IkU#_1+E_m_3whriP)mp z{_w$^mFg*nbhNYByBgE!^~}a`RblEa4KMX~vtugmGvT509guuogjCYIEp95DS<~bX zng&$s{XP@U4>B!GrTJ%H{{D$#CG)?tmTB_xEJoOUqXC!~Fn3yvck8e>4C$IyBbf=T z$!M+27S$5FS9fs0va0;Lj*W@iPYqO-3GUM|c)5khWd4!Rn{p(XxoBsHmR{?reE5Wq z@0NZ+e$m2jP&5q-<=cnYt9-{@P$U3yE4H+&d_M#MQO>cJ+Rr7(*LgdL9Ob#e<@p^bJif{R1`qO{umJaqK5$m56N8MY5QFLh(E4`H} z>Yb;RE?P1UHX>#og<2h=Y_-()lq%L{Y}V2NXvK>b$JS`6|> z+s3v9h`a`bqy^(oiM+$@7ObY$lC_PjaBWLcf-mZl2H%0ptJr&p{il8Iq`eil_}D9Y zoX$gQnVUcJJe#Z~pNkeh{Ck3`BQ(RyNX zD62>*TG3Q`{sEG@j0+hoc^Z&vOO%Th1k5=FE{wdQDshyI{pP4a!e{sx!M(&|wh z{PE)ak*ij0nW(9(T#YtLmCVBvB?ZONywNLlZNQdK>uYWnadt=iuP^*j(|-HHoktiP zvAa?<3scl3%qe4b8{H9E4nBd;JdT#TS06pf5%!Xj!)2Ia;?$-NoW@IR`ug75j1J+r zGV<;F#J!j7^X+#`Cfty|rTc%95SvJza2UVJ#;9yPws+iKdV@x4o*Mzi_!&h~?i7(} zS7?xjUDtt5*-;Lw{XP25$nwk#X!QCr&Nr`XMB|6?*V?x<>LoN4$8eEzv0beZ;Xg6P zQJRy2n&)~fEGZBR%iOh;i5=B5mhkGlOF6>^ofo2`*qV_RgLqs%M7YD(Aq5qEwn2-y zQLk&C{Zy^T_cJTbK)CqJupL;KiCk(+nHzm$b->fV;sw5E*a$)3fS1~mmxD*ReWk=zH?*D-3WN_w3)O8cXf z5R5Zvl1r(r6^3Cw-K1JB|^Op2n3c5@o-YtJ8a z17o^fvqQFg%MGMe0=7Pzv)+$v2n}e;O^c0;dsVq>(}afZuv)%-jWrsyaci8{-#z!-_XGCm-J|weRW)nQnh5Uw8dk0H))(wHc7@CO&;l#aVfyDO z2g=hQHI;5QE*-;{xZE}AOnFQn2c~|qaN;&p=LOKB*;4dfHqIDmwR#=#ey+lso~G^i zpsA#iThI}Qve-ATOyBv}g})SLQ5VGE(roF_TXRsQbOSwYJG(YEncHy%NAWeegyg@O zsp3^X)P(q(PIfR6 z`}Fr0f@8ez&t-m3jYd1?Sq{5@V1={WO+=7=*Xyx4c7Z@@%URmb?C_nP*i@L(y0kJn z(+Rmz6Xucr&ylNdM{gC#8w{OsgKX}>89$OTc=K{mrRVESXzFVmip?p)p(rpueKh)y(v87AZ2uCi0>ZYfv8?e6Hh0jh&oQs_a3}k5ZHE6XX z+=MOu2*?pf{3KNrrfg|bdY)SMsWf~k(AL2nD9!TSUC1JlB^iV#pyt_}TR`D05b3_q z!jPQpuSyh)wwUeM7M>L?;mu%QXB0Nr2@UokpWBFZJo#d4v%2&_ z;qZWTd_PLh!uE}1*AO}6d|NAZ=G-EmYY^8{WK3QkSY6Dh^QUG+18FiIhlKZUCs#4z zonJ+ZfizUdXEiY=l2}&1bdr}QU<-Z9WSdxD(awP&>0kGYXL7Rl4La?1JKVgd?Xt&* z=dF=%qcx>0NinRcbdAZS>=}C_whp_(WDi;*cNcjDMycL+$D=nfrhvuIm05pI`OWZ{ z$v^v|c}T-cF)w2oLj1Atf1Zl653GE}+h3j;*6-V9GOYV)h(sjwL7%=XI}V zWW%Y5;Ys>VR$bfkl`d@Kbwh`it&Q?1yJ~u~JJqGJkqsM#>gv09KcSqZ#S-l)=2o8* zljs&>W%`t?(!8k7jvYLXqSF)h@4%EO*Y83^CpEbZ259bIBjq>UL~RUr((SQ$h4)+w zlrJx$n|us8_P%3Qm$6DkX*D+8MfY*bI`5QAUp1)3^+?KEOa9XTZyXUR^Zz-7Zy#TwglGtQADFCdM&*Q1E7y1xvcC|kDHFy#}{&;7R0PUd9KQ=SvAl0xc3}H{&#~#T(>|30#5SN;(q#C>m`1qT z9!chZ7}<3)?Rc=8_ZD<$uRkf;`&VC4c*m*(9)G^xj3eVQbf~j4zU5c^j%a8~B|+Ah z%ibCK<*2QrFc#nzaMdkbP*nxymv` zmmaehQRQ2io{&1~bJB*X!f?)SF7&GxRknyYO`~z$SwDRF$%-NF`_b3`2KN}T^52^A zeGyB1W$$s9A{d^M%M0$m`X-PfK(|WX@)_H?idtPruFZZ?#A^Rt&HhRqk z@!xkn{jMkRuS(Ga!YmChk#fPAT9=h_fs!@phky5Y7Pi*Eu^JUCGr!KZ{E8SlKPt9; zlHjR<&;7dg0SQB-t%k0B>BWx3f#l8i zKOHo!<(+)t7pO^g`s8fF_R2fcv08`btNv#Vtu+g;2L4uojUZu|?LJtOlBty;7FMw}W%4c+8(+e#{zGxhnv?M|d9`gsKEWlmM!xR63>HQ^A*ddVm97AN~+eqZMk=hdT|wr%HU+*Xpb} zUDrckR@-R>)9TYDPt7Z6N#AGbqRsOL*kr!ub-sFd{e)~dda}>-IL{V1&9wCxV0atR zdh?>yozY3QG6R{%I4zQ7@q0N{37qU)FiMzsHZ9is(FlW<6Vio=s7OcIV@kiAcpH#F ze2fGy{1Gs@UUP#S+iOM?5M~K0!vT1VzrJ{BIKyy|HY4kOl=7Fy%=Qa|6q*@Jg#{Mo zOrcH~nnbF~E;*3UdS~BMGF@m#+;TSI$|F}1=`>{4K=!%lBHp1(AKo@`Br_GJ6e=_S z5j!~^T|Oclj{oSHp_y6!X1k`1Xt7XAXMZz+jpzFO-g%iJ_avy4po;d@;lHsx9%m|O zj=dNEr_2#8|H{mBQBs!YbnTn#{m1g~*6aWQa|Y`q{g;E7zzcdf21|7OafJ7e2%Uh- zNG)fGR9MJ=u&@J6gkR+DWz6Mh&`t3y+n#+>e^DRcfS+~$%VkyCh@_=siPBcViM%hV zDI!PE!)1QS^Cmbgceo}2QF9hly`C#|v^OmtR%1#P^jptqY!(ia_?~Q~U7Xu8GV%}^6vGnp-{A8Jw%S*S@;z z{Tg|X9Y?p)8Hg_EVJ~g1K$+XuV&Aa(O@CjNF^xV=w#_QBo=@%orNM6=s|nQLH_nNM zit6fR5=IlP)evy^DU~I2aKaq9&K|j%+k8~)|7>m;hLh`FImR`T8nzZv=uDd5s_jVn} zR!clf!r9qAYZFy(djQ@B69@EJ!2q2_w?+3~T^7np?bKppGFcHR41$?*j$0G1aXLSZ ziFNc&r}h2>vVLk6Q|csx>IrzXKizE4I;{HieP>t9V)hu^szls>ujIZ1_r_W#D6W6d-!j$Bqd9;2~*m@%Pc`2}3Z+T4$raP`rL?0pRrpJ}`VhN<9g~!n zH2$z^!XQ)_q@FIW*)qU zPhSN2fNpg@BTS+S_;S_{XONE7au2I2;%3|N!?I82y7As&Z?8R5+Ljl5t&k6924r}iGlGu8b%1@xQ;Yqx#|2@| z3i|0ET{0Z;WGLJt&`3B2Nl;O<^2VA}EDH^mo znQ02VMW}C(bJGiQFHl}OPeN<8FB^e05I`3E}>l{znW&tEd91V0GDGR5bItV{qI3q3xC3a`R80$S z`o-S$dTaezAAM*JLvD{953<1G5K3s6{bz@7#dN_<3vKN}rt2+Ehf7*lBTBFE5YMsN z_U&7)hY`K4p^>G^Bi)wl8I8)i_4U%QRS2Yn|N5ZH>h%o&uvC(kG`-(;UTWL+QZdQr zc0>*qb>juwZHC#e-rk|sxs2N+yLh|JQk@FdWr=e{R^p6*P1FJUPn~Cl;)Lkee`$%Q z(xO*(n>bx*42A3u-zhLyU+p+lX`qR0QRh82i(o+q&ITI2Z24Vt866P4-d;d{IP}jba8p!OXnyp>7Ik8HSeYTg4+B?DH z7FjtsVJP}i`lJP9tT?dG0HhduElkeL9J>5rUMf7+0Ghi;mK$%;`juLQ4seF2`%VpPV)wpPG;Vq>jvBp{XNf#b@OHf(k7mzrWq5a(|FD#+o`q9{ zRm2ppf*VOzg{MsaZzuk`$MnA|W^?-61plni`R`a*`+D#+=o=l8SP;C5IKnpqeS~mC zVveI3T;hpX30yZNl^9idm=31ed$;TzyI|8p@Z}`YMZsxu8MEvvXXUz4+g?ZhXH}=K z!wf`+TpIT__D{!Rp6(eGE-92*Yz>EV)V>jPgjSAwU1e3<-lNQ>b%LSs-(`a1oA0m@ zny^2d(S?kVwjYr=?!}lc&vOKRXj~?fwE2#XL?s$<#nwnNQ(l8wpG^$W|30-)J~y<3ZC0^7lAyDxm} zmMgL;b`f9fXt(^}P<*1k$mm;v|Nng;SEnCKTo3{7^AnP?!Ik>@`-S?Es`Y(iM;MUY zwI3YGQ-8Mu-wy5(Y=1!)g`DeGNs+fG@MSKz`xjflj_rm&;GoyY*Jc#M!k(;T&zTrt zzEuNbrQ>T=CTS|!|AlJ%oxu#&1Ub2auf* z;u8VtHM%1qxYCtAgR)Y-q@L&^2o7ixKBzgc-rjx2Kr6>8D^agL;O>s9Ug@I@RIPw3 zAfoCVxIpeWUvkN5mQpu@rXsZjm_@;(%NI8H7}|EjD(K{QDp)fUpDOg;hR*W8F}3>L zh5(Fi3XriZs|-$`4#2{?Ai-qSBo)x7e{ztpSi0E1K-zmbQBrb!TFzCnd*i}Lg+^ni z5+`bJl1R>y8~{ol!-ID~_m$vF>vHC}IHH!dof=&BGzFg+C^f$mb8d(wy528AE%nxU zF*Gi58ZW(q-uy_QGSgOx!3k$2;;V*!TE9Q`?rF_5{D4QJgMN#{ik1R94Y5b$2ggOu z<71hIw%(*S*7x>s91YjP9chx^eVhjSQuyQ8`VOqKmk00<<4OTDAkiB_*%HbvpXV&^ z$K$fO+s?>#N zxaF?PEFITvmVRJ2jP#4l_yAHq^o&L=XA062E&k1gYsr^|uCs}=zG711zE1$>`H*~W zgRV`aT6jgu*%7PvYpGn;8|`EntN?t8=lVFq3v-HhXggTR!{kU};pu)^zx5JcB;t3~ zy5)0~^8R8306r^;w(l2!4POA$WbY4-j&CpRMlWZFya5l-S|Vp#0akC1n`fN{EN_L) zn-$Hm4y6C7RTvhqqlmtClK&?oy&5Gh`)t-T!Tm~sIlDNvjvfzM$|$!3_(Z6X6y#^Y zQJMTmhMwder#?Mk``poS_veZxMdMcn?P{TfBco!uy2WAeJOo)l_?jLz;E;bRfKb4Y zGC3q4ZL%t9C2lI8NwT{0TzoEwG=yRz@0PL&*#1fomH=%h@jVNg3W{d>OKO$%*ht^S zF;k1=(`d@VUvxC*i)O&}h|(KTZ_f_f3+Rz;pNh>N6WHB&q}`C6dk6Y5E=F#EjP=!w3Uv~qhP=bup zhfEPs28-2MIXL)dR)*-4RuLy^LMc$IypSeisluvqx1b5~2u9rv*e1l8iaj_|LU&qC z)*zz>tYPt7zkoz>;}AavY35w&6l+tn2dGy4K*F?_2fdeVz4!6iw`boCuVJH=n@h#( zr1sG+z3^n2$r_8`+ZIaW%UF@jTlMHFHDH;fJ*Ake~ZozP239IdbJo*}oE^ccDz1)xL zxa89ztLA|#YdsO1ee(1ydBZbPjF;ree^kz;4XroN_g3M|h0PIqNZgnR$nzcm2fD7O zu8UqzLfl%O;k7oOg7Xah$9ZeJZisjtw_YzKu-j|@PM)JTEu+(y6nZ86(*++R{%_Xx z&V?m@8*r9`&q_){;(s0i+i0QDsA~W{!-YxkM11fO4F-`#;O2uC*zJmjYLz(Wn2)2f z-V2|_0Ql>pWTnpv1%x#vlb$FkY`@Xw4v5JHD%9z9w#7oq0K0JtVVF41bOTH;B*G%fG}Cq+mFGD#dJTLDhXD5a%uxXSzRC|Bjde> z62CKrTJ!0Fa5FrV|7(HE`CSuIai3l#B1azQ%6dmYTj1H#t=_!Tztmd#z6@adp6L1d z!5DLC6Z~TRq35xrSXVfy*2V;eX3{$C$&->3`&dW@ zlQ*zf9w>|KFXvsHma}mIlrhhBkV44(HVle!(tU{?6u0ya6B~%EyQW&=F&3)fT>Ad3W zA5k9h!f@&R&lT-+dwVApXuhTg9OMOOelor^L+aQ{XEkW{@caw$80f$jI(sSC@F(AN z8^51`33K5=nRsjB&vZXA6H#E;NXMb=(bR=BWv#->_MrSji2Q;+-MpSJlna4&+oge9!*-2Y*|-_lY0 z)CQr?uP3RQN}v|~@LU|lz(;NxK((Uh{Y3lA zTMN9305N;CwTZm`s3bW(&ZKr}zWRMG^bbPZ-zdSDi~An4)FZ{_aGv)3%?Q{RU*s4# z;q)L(Hkp(l14Y%y@ z?q*HJl-OK5e2#4|3M;FBc`?TtujOJ3rqE`{U^ecO(x<^iP|Q!zV3HQ|<}?rKc+$c@I6*k>FkpALT=Z&>`LoT#Lz zVGMB;sb5zAAeXn)`|$t2Zz*m*e_HD_Y<6DyatMnIA(_-RR%0xsqyECUdo?onuu_pq za?%ahSk$c0*kRCZ>j1gG&%jg}%#k5=N&qLhf`IMfAJ{Y`xN2Euta`@Y3cgw3nW~~g z7A#64jp53zq>8O-D9rFx6E!#x8S{n#!jOL>b;ePTP}>1<3oN{X50fQ*9Uve@_V?0C z)x|}clKEKil!@Qsn7l@PWN}N2L6FZ@U#6sKMXpj{ves+m=JW2)1Lk#=@+z`he z^$~ZR35|K!Cve+=f#iMPhk%Ezt-V*HCoCnM`Va^N$O+fsYh~0BQ=?H?zqTg6CrL|t zyaRY*!~5!)uUXa88k1W!ULZy!)G?y0E#az?}MpL6SAE zM0sM59v^m08_RcDTy-*6{7@}d`hv@FID|JatR(M=cJ?jKvHsRbbP|$2!eMIz*^oCM z3=g{R4OR>w@+*FyJC$s|siHVw71lhe| zo2xh9-0zc4kNVm75C#Xtwyp46^=Sn;WJLt~kH**|Jsd5)wg%m9@356psBqg@h_(e3ocDKiW5)GXBs5#sB;x`0~S5_Iy zZtmcoPr}&A8iAoOxvaLgZSy>Ua|fM1VodUJxls4LFV4?9h85I-DaI88Ti(>4YD`{o zYf=(qQhwxbsjE$bRxyl%M%Ba`T>$g`d2^g;lJ{e_=K$m8ZOq<9wC=)xQ_VO-K@s!B zKctvmW(MHC~(-EOg2C%liw>`^5{F4$qtlfDk~j7#Zv`Uzdn9z25W0gchf89jm4plI-`k z2JgM3GkU#&t=SX-O)>b|9O26goSk)8pIOXnh*eu={o5y#`c^|N{=*5s#Y#I6DD?bv zm!@#Z!0huSvU{sZ*`U?vL{q8%;F-+K%?pCJknY}SZB9-bJt(bVIX5j22?%7kpI+U? zt63+5cK^C0k4P~nC~lkG#KgqiY{vp2d|0%5Qc@E$laQ-%V%V~R8sp@dNoqRD)}{(Z^Ow3GyRF$Y95K#uWahGYXNwdGPAz zrZ`WbL!GI!6A1GSQd)nj=oM|+HZ9QJZA~+rB&+EPF%ug0atI-EY)?&yQqh0!4~5nT zlymZikFd)#3yKw_gGsm3IhX~5Nf_x zK9-caU5=@*c5AN&q&|qvp!M|cou6EUL4?c4 z_E&d(e%u8a&xPLJzpCvkTPie?2(u5cdtZ==@Mm^(i13#jTNc#T{WH(;Q8l2|k@K0D z@&JKy*3%c~DC!UG7KYjCeXL2MTF&R~05c`J;}YA$;07NeDfku!Q~urHksJ zgfr1~i!6G$?#Q3^R%7M_EQ>%iUI*1SS90U~-H#5TPJ?2NVsS!zBWWLRB;X%bpN&oi z!4`bPaJWs&8=c1=0-OPZ*=-IG7{P<^Ir8S#lQu-K1CayaE9fp8&PxftQvzVn8U%Dl zUbORfB8o&qbACP_^m~fSYI}3dD`HC$v;76!?5{Fa`tmeP1r!h7y`(R>;*ecM-0%zb zmx%Pf?GvL#rh)7yc@hwi8DUNyVe%{Owln=;#lWtBJjk8U5^k+C#JnEup&axJbmc36YX~$Kc0UNh;QllgEY0-SL&&Mb=_@+Ce`W!I? z8Rr2bbP*q-rf!v45Bh!>v#xw``HrcJ`vrGym?O;i`wHHgb3*Bmyl1>l^QX>Q_|8U{ z)!dOE-u#=o2w@>Rm5yd0%gx!FJl79ozFbMW1^)?}jgy-$#2m(7y8GeE&FiuI~BOV3HZNFKS$zkO5@@F>4#j>P%51 zn{#78`>dF0IQUA4P*BqVFii3dEk=QzJGV?DIm!yxyzsNL1cX04CtZ;N%;xULOL$=;ROw>^bg!A^eVRDYE8B-ZE*_afBf-AVD0$)q||P$cwOKd7=@jkZ!~((8wD#OirW^T zp;h|pHB!1So?O9Z`c!@fc-&agj25+P^>Z*?q*hm{8xM6+9usz9t~70em1D8Ee1$St z&6*Y#|Mj?X{!N+ykur?dLUu#5o?I-v91ju!FcN1g3AVbm)Cv zIwbA9wbFsSoUXKffwJr~Nx)fn?8h51qJ#)E93m9xOxii%9KWaD;CaCnF))MrIP9CN zg=d|<28@oA-eHx1tg9ELlINNfl&bgw=aItN#^Yt~@^*d$`fuFjg^6b_3z-pD*g&!$ z%6wQ82~7@A%EA5s%1%KPH{SkpSqD#qOEe}`9i43M;=H62{_Rn^n-AowdcT|Ou)4dO zSO|*!k5vUUtIW>lrMceQ_KtMgV`KL#kM-*#YEo>Eb=zaln?Xkgt-KfH>=W7B2KE$#!5V`pV*aPn`ZKL>Lj$u9EO>Ox?AG zhkgmMUg&Y+IBvfY>N~MDF-dgv2TA*ZdV3T$8rt?|dYx9u0wNf?{7$3BIl```J|T47 z)Kof(ydndP%LM7oM&}~JLlJXsj=is*)9+pY7@+Cx*o&ejN22|LP`*d3^s{7=tbqcd zBy>CD+f+e<&O;HG&U;Re_ih|8DRr+Y`l@{#XOB129@x>?WReQU<7{*~HNhjq-`CS= zd;2oxKHOaIcIw=8$$9iT8`)^kR^%$L>)_o#v`lEP1m*TNNruMS7F1f+nU~uxr(I`) zikyaGqAh(sbHAn=Y`nS@2yXHGQ^Q2)HuUoeS)eJOW%^7Ph8tD*%{?&hZEenY5)pQ( znyXT;|HQ9cp3?y02qO8hks_aOwgtxLO&N-LWl1WBtEDD@^Ek zOe6s?EM%l71f>CkdXrR&dkWSHX%5S|Kgv|(N55`hu%^0s> zgK#n}YqAH20ULx!es0^qkugkE?Fcg=Jt%I~5Kx6hT1Rf-${r@vMfrD6+zNS^E%-KJHFk66Nrzf<^ghDt;n54 zFqOigDc?+Ku?emS7FsY%KQcH^AOTd|>v@)5O$oK_2^Vhg=em7R&!SVYE>26!8l$nb zSoX6ZM5Qh7_fGHqe>yIDX&rg1B+HtpqF55QXg(ka%0HA z+hB5pl+%s(MxvT4qf_Ihh`aQb$8>Nv9yDR)evhZc!e3d*pW#@X7Al9H4j-&6 z;VLZaSQV-V_TVds43?_5ZFr0*Ng6>&ED@t&e`?dxjr)gBge?RxSo5iHExVM_w&YOf zbZ0O5xVLy2(ZeK`#UyC0xe~y+M~o#-8aImu1(J6=)|F@F!e7vI+T&{(&VaS%bwQ2j z)q34@nDo`k^a83p8D7NIcc({M8vmjLdx-x-2Z$DQiHv*?nby%zNxb%MVhuM8kDHbS zIwmgqm};r2Y%*pWPG)M{=YX=7y4K06OU3|QCUhHwOjXV98E+YjO0*!9>UMV!tD>$* z7W*~}G|4@CWGlj#aGP2~Yf@qM*dp#091ZDayhK=%Z}+HijqjIcP)A{?Tj*at^kV2t zCC3~fAwWD;&9wlba0afP@FbflXPBsPgCl1Mu-tL|K;RK&m0u%t2kPQidW8)vEADnx z{=X|iJSno~vL&1ocQesZ<3iX;-Y$M5-c3{(5U zrwdlbam5*qN;(D-ZTWx&z3)3T{LVz*L(_V%{WkAo!Ooy&UKcBXhi1^Px$ZamM3~0PnNy(P{dKqFd(bp^Ycv$RHB8g{#F}$v;O2Q(Zw>+` z|I`VCV)&>kV{*mam_{n8wMAZX`f=DKwn}YC=#9`#^u0OV{+kO}U;2KgH@^EFZGr}- z$Pra)7Aq_zJD?lZiY^XKe`A4NdDsMKR^QGvuM3%u9S3{BHpxnmqrgynRLztbBwySd zdD&;O0v%DL$k*3(X31-jMW?YLoyq~9mTb7F)33aie%TYk)fDk}IpSp4urijHJ$hE2 zWhNALoY(7f6~F0yao-ozPzIVbgzUvvh>%;wid)0Rf^tI{NdzFuF3++2oD(29y9+&b z>)3wuU7yd-hogg-tK;B1w*+#;brX7{+gxO(a2NGKo+uw}lHD3Ky&cWG&(J5^zJ?Go zY&GsgmXz&9ci$0d)Hb0s%Rydl;7RCwZNyFE0zA$0hT?o!sd-c8-iPW#*k^VEL@6 znu$4Q@!@ot>+~ldUQ!8gg*${dYc`YpAva(OuIDlpaCK4Z&muj0acH~s#OWA#sP}jT zFET_D*zq$#+GB?&Xr8X32{a7wH%*7Mx%GntL!`LB`{#7T_>UlrghlphA#k1QPJ+ZBAMtKQUR{2C%xs|d!xkKAG#G=Za zmqBpidV9uhu0dP5$kZwk`#Rj0Ptx~ls|=sp!<*GAIx(td42z9jwqU^W-e{Cz@C^zu z6sX0?2x=zjSc{w-C{fm#+NqKYEc2V2!`b1{pfol~P}-IS_n>_+X0%3acDi{%vx(J~ zu^BT|lg159<8h&AMNoT9`Yuks07AKCrrKGcBkdKLLOnfdoi4+#y|y9wqG4y7?wC(i z4v;dF&xU@=0LZ?jK0vF-tTZnIVsNdp%rq8G85AIicJ^w}X8EJTmVe9-v+d?ss?pq=0I&*j25hBb22ecux`bL%O%-zrtENOtl~XGUtty zUleBj*K8L{19qY&;fgf_N*hF9__QBt>)$Jy;Hitz`G^5`#O4#8Ch!KU!LfBvZW0GF z7_z+lKmD~iROn4*#C$22|76tO*6X2bfN60k=6tQ}um&-1&9MT)BJRa%wsn{euA_<0 z3y$!QE50NPz!z6+35tIiNQ^m%wxVG#?kn#Il0eerQIEB|Rp60G^4TVV>x|=@p=O@= zYAr88>F34pQG=ZgBY(KbL8a`JGlQkh_X0y}vo6Z<^$6_uWGni2`u+AB>*F4-oxhjh zGur9?fuO^IDBF{g$mKZtWw6p4GTGw>o%dm+=*Z;OlZfHnOyEuq*()>I>qa1CQ{ZbV zQ%!fMv?s~-&MqmX?k(r%HQYN|KksSo=l6+e5xfPYXLHCe#Lm`td8>pqpneH5?A@oImD=&IkOa-*4TlvJ5NqJV7TXhNvHw#CY8+yN&$k zcolA?Cm+yDW8Z%>5m)7(GEUSKa?BO~yw>BdB)Z8XlL&BMX`!+EHt%eGTu0mH_;v6N z!EO+z&j%tY&>OIz&yq%P)CIVU?|rd}^f~BT(~}Zzsu8FovSHv3vBiz?C`a2bfA^GL zlkx(1Sl%xFS1aXnP5&?7Bv4%(p}bk-{Bmc9xA*&AgQA!}o#w+IG3!<&jZ3P}ZsZPw zOP{3M=|?3yar4h`VObZZ_6GhdQCwaT6Z632%$AbB=GEd+es7z;5Eo6C)Wj zo}Wm?7Z^|GO1PEm4zZ}v?8#coFMe0_O^ot`+)e18B{Jf7QwC;1GV8Rfc8C<8OO2H4 zPcG4dRZ=#tdSSib`zMmm9Rg{MXHl(!fU2@h7{u9ARAJP5hbA>=wq>U-M{|5&yMQo| zLq}ws-+iyw(_`&kn`L*9TJAgLjPEParQ0vlZfcc z61aV*#dftZkQc&bYf$?;FD&>lSq*SnT}r#GoD7@+2VRi`JXA(M?w9oL_=>(0l09z# zyl&t{W^6ZK*}Be!$@Y=AUJwJ@j~&p635@-OqV)(%*8FRTdDE4S2^G?h5)N#LeM_68kn$YsOZj7vgeK167UVJ})sqy(BUj-Q)~p9IHMs zBf|Ri<*CMQv9698d6B1n_y0U6hnYWS`guT~rPenM?k<6jbAWr(Wes)Y+?sciHvPVR zs={d@=!P+j4^$*^MNJlNRv$BB;B}Yh{C-fyy#{sooy^Tjkl)D{iJq*lE?<#-ydVl_ zJY@U@I(eGaYpbwSUrET=*NSYf?A~pqD6)>l&<5at$=z+-Hb#X4#kytJ>myQptWo8Q z1sOq0Lsh{n-;>ul#2}RWvf07I!QVWLN{$GsXF?*Dk`#EkkXMTj;y*HpP=Db>9EPRjF3MZO zveGA`ciJ{$h(9fQ>vSUQ;6Gt6sXV5zX+SBVx`$OG+4YRnLubU5c;u5eDZ6oa{T8r_iVWLhV z)db>pJY4L%c%QGkiGt5bcCZ86qCK<0CWcpklAQI2l~;}PR;N)tH)fUs+kZmHy~^~s z%CVqPelMbY;#MSu-TIF?IR?pc=1t2h97Gac&M*)rgw&`sz2K&$VQzh}c{+WylYSXe zXfbzPv6!bNFVQmb^maC^cIx=h5dyRV#E@&ekj75GHzI`z4>N9k$c~7je|mqMMCeO^ z6#{RXbi4UQHn)70dc@QVEJOv8i(?<8nF%9!e>s*~{c=|!>TD@}$x z76nbIbx@FM!PMUszIHoO;{D+mZM;%ra@43~tigB`^j}Wvc{L_CcWEj!iq{e7ftlXX zhrZ;`u~d#&~c{+#W7E$O-zX0y1x26cIOetM`SvYS?m zQ$%ck3kUZeZ~QTyw8>V~LMH!#2m17u?<{0=uy6E)i{E|Re(OoCCpfCd)^nbVX@{+M z4x@5WgEpa(NkqCaZOwG3&|H_n+tM>Y{3iumS@z@oaX*W6CokYqnpNOJd+ukr93J}| zKEhwXiC^gZ@}Ku^pV@f;edK#@@VRuqn*0Z$NAxnr>Pj7{d#KTi69K}i53 z%;JkdNz8*Yfkw0iMm4OnAf46y41XEak{r@uVFKZO8i=9Rp z)cDDg)!JaXW!&=wV0k$SttEFLlE<4U-b;NaQF+d-$y&wui9d#qkIyZR6D66A>eF-2(Ws%%l2sro z+fzz=Y_5#258+sOM~sKjr@m%%o`#+*Sr^@*{BnSLH=saG&n*@YFaVXN#JO2cXi0IE zWydP1Fn&tcA1RWwC+l`&7=^`P+>0_)*pt;^m7>)g8T&bcp!Y)L$Ux{-)(TKmvQU-# zBf=a@&b%&(aQ7Hxyagp1?r;H^OW}Np8Owk6^$FgG<0It6ldg7!YD;H|j~gHEAl3wa zr=#*TR9f$OZa?|Cm0)el%2)pCXVZGRn@plViujkx_YC-!^W1h`Cc2j^`WBy*`}`@_ zcW3g4PRkY=94QoHX@HHoy_>C8cG7hH`v}pTY`vvhva86w%G=rJ!^@7q?)Z99!#EEO z`#0lG`%lWk8flaS&m2on%eukk0MnDvh-y#xzWytr+P4$OhZ()ul3HQRo}9vZ`%Dv2 z`45$$H*?0gKdz*RUiX6yvO8RI!B9NK8K{d1P#}gaz)!u_i^GB1m!FP#fmq`FC}=aL z_ou;xFd$9AUNl{;*(4`z;KK#G7jQRqVrN{)@%2K~Y5Ent)wX)H$Vl(s5k?Tp|JZO! z-)y`6JhaxMV|7+|=dz-FIVb|e25rc+ZNq+}v_p*GYH(oO4B*Sur8G>Wpd|(>!)fM^ zWLc%PmD(}^Iz@|1XiYV*zLZAA`X1JDD@(IXY#-b?=*3zM?;0=Ur^ovHUc9PnPw zItEbHio6eZz24RSEtw4@olIq=$(p{NYk_aS*%WL$JJ%y1A{%Be#@C@h-L0p#&+uRt zj1}Lr3de(9{AoO#h#;uAdiV3^r-*M;Kj&9B6&w$lck91?W)znlT(2E)UCJ!|l^g=W z$y{$(w5|uq0#h!GUh-bfTk&rWMc)!Td4V%6)#$FEX;0@zbHL>xljHYAe?7vP6b?aw zI!=3;Ngvg|(~ToOK_1|!QQ(cM3-(^uQ=Z7wNRrY4VC$7Ji`M{N*E9?7=76oNu?WAQ zzs|&MMo((zk~Oh1*5abjJbAfV`gXe1Z<~A=CUTtrTe6ijKHZB|JVUX5c0CMVWQ&A# zNKHF3q0pOIYW52^UXI%*WF_BEH;N)T{G+0<2W%#VzCk&WQW-Jk>GGE8Q%y;rqra)r z_r^0>=&py~@9$kEMpCNuyWtk=x>t%)MY~`l%)isw?T+)+dl3ub4YshzFH-XIjK4*m z57g~u`){@n$*%{tmA%5t23y5`=~PB`T>d2qUjfLEhg);R=DgxlMVOdC?#EMwBRc7@ z%hyaG`nCFJ5m)t(J80d_(Q53s1Ia5#N|BF1di8vpEJbl2PnMXw>5N+uNWe{09v4=X zpIYs&)}APRrK_LTxl#cl`{JRN*34%|!aHa3{tV3^cVEhgJ)2_g1o3TwSS>q#Gd*>g zE;-Zs$+dbc_vaoC)}cUsgDgY9z1GU0l7hcN>TOq!oM{W@y{TSe^gOq z2^fVWe9giZHGxazmBk(~?4Jy#Z`5@GNWZK_E1NSp&UT+vuyBLOLrC=Z&CRtMDw)D* znHIgn%TEMff9d4(7pe)O|7xtO4K21`HuvW7SRvX%7MQf@Xoy#cMa#?KxSZ7Y7yYQC3GUl@uf&1X#RhBlQ7m0Mf4+ysc9u$Y_&hv{ldilGaEGM~KWze5k5{l#E-6GVKW3T5?=LraKNou#|ih5TmF_1KN z%Rb|MNwN3b7;v5yNps!0#&dYt!}SA;iVR%7k)%hAZ-h@~^m={HkcVH5qCjDYDqH*3 z?4ER%H~RL7%rWEj$;K<@`re+e+ckqPewc8YQXVGZv~N7F*(R_K8<7*(-87vELvP2B z;roI(rP~;so5FOg-xe>g#2claoo=5{$FiF`$*7Pw5=klPz^7kp6(f+bcZ*sHfAggR>^EUI7T3qsSm? zM&_OSfgyq-zH8q3{4PJ-MW3y@3R^vg)jL;Rbnk(@(RX;?mwfUO9#??HE=1(K3P21522|WmK$f+G$3@?wal^mbm#MI;vKv z=4Jegf_8eD=h3M79ar6ut;d;R3k-mNT0z2j>pY_C3GD0{q-CHwN;#Ok_onwy=Lc96gd4GPG zN#yu9viIdfn$aB*ajQ(=7V-Zh>m8#bX}3SnSQFctSd(O8W5S6uv7Jn8TNB&1JGO04 zoQ`c9x8L(W@40ua`=z?R^;)%dJ+=4#sjijbStL6DG&T#jI5DR*Gjijh1={ZCh&pJ} z#Q2`nD^tv(Y>n#zfrw$CxsekRh6z*T5GGO!vfaZRrwlJ54>6cawxBj0OwGhKIJ^j5 z>Dnj0N!Xn@$(~G;7fdnZI~`=u>52xirlyLzpZQU2fx>FG)D?>iMx%AYFR-R$LAmNQ z0%UnE?p~Q7=uoJmAh2HdQ4>9kLh$3w_p0Z7Nr^79)_lJ<^DQ!EhO@@6ZvYOXAoS1R z4v31WAm(z!x@)=k6`OGo*b2*H1`5p`9I1NTmN}>}Q#YK&$K8kK!IH!HYkJMBt>TvAE`lMNY!L5!VuOFc>=wij8zOG z_lg4@R$tqtDB?%(TF%9wt$v0X;NvRAXJi^L9l)kGnlqMU-9i{QCJSxxlxcgEJA?PU zl&Jc67QMMYyT66RE{BXR8zVOe!F`|Mn3#|SA}GzzJOp!SfbRLRN|7CZg?bai6d=*E z1ZB1@?_%EOAgii{Gjez@LV$Fx9DKg1`07jDdTV7#l_xc&v14ooU*Up$QC4|1t}ZKV z?hWjft>79((q)mYM2KHtw3m8!fphMR#UV={QRS=_&ehqqzXiT=+n>u9=xP7k)C95o zuc_gu3>q=7(z^*TN&!A!e&aJx%&^7-xIotU{~m5cGyIhs4qHz&omGXYNgH%C)T+kw zGNvM_Bj}{@%CxVaDOsd^UcTCq=rF6f4MStqb!MmU6;Sl9qk^jVop?zUd4Y?~7ojB} zK&$D@K*d*!QFAa9at@Y21g_14=Xiud<1cUs2}K}$w?%mx~J?uFzbE?kGWV45sLjo3DT|N1RG|Hu*A^e@DDc=iKcUy@(Fj?GU*KG2pg`z zoViCx0k}dg9GUbl=r?;S%{qdbjHXE&jrp%vBL3V@_e(Y^!VoT9x3rrS?80mJ7w#pe zr4p7LB}xt{Ph@n0jW=+4xsmWTZBENB>GTpc>kL1QFh^illP1YI9#%EiIp6m0IYOgY zrN{rE6XwJ7?GuYhl#sylcA^d}$sXImh(5fi0PL>nX-Ar9Oz5;l-)`I)WV>8E?@n)7oua)o0&sU z1B@kb961Q519s)}JQp-qaTp7{XGLIgUSt+K_a?2pMk^$Xb||b9KtZ2%)^qR?pj~&` zm46f1j)m2Hxd853_aUkdFiUnV-Q4yzyghx$=t+!ex!aj~SM-(p8Sk6^{jBBhm>x{$ zbJ=||z4uo#zsA|xsJp$3dwM<}VnZ?Ic!2;-Qk zNY^5XvE1~(TR0cXRoR06hy}?JQ!a+w+WZ-m9%|R=8XnIFATT2Tz zw|dck!a@;x%x0yRk+-z&6w6c@|NP~f?=$SMgA)b+a#885+QJNfb=x`HWDe{+=i4R8 z6t>&l70tLOWH2%PT1*Z}6`9TO(ed%Y1eRlq%dMRF(2(X(CJjj)!JH^rG|Jb)E5cQ% zlgKdCt6#7^>A9}`ul{(ABG?N?Qe1Z-n#r!XR~$h-Y%*-j^jKzfTfYQ1zw?cKW9kg2 zuYUcq`Mk~9`uuP@a!A!l!ls!pE}O3nTZJ`OgIauE6-qW*$&;@B>E+Za>9S^;s0DIF zh+0_;;S~_}F~+U0kGN|yI(FZHp5VD;cM`ny;>mFrsGkyud5Dsy6mTV*lgpK+wB>e* zZ~B0CYH(F%z+UM*M5|k|=V|xQsNZ%Qvq=+ub-6j33T^o~`Pup!ogr1k%2(&jyQFQ; zxDs}T(S|ewD0V%^Kl_oHm2qL>w#j75s6C}G4*gko!I)wWZSa6fg5V62Oucb{%jin%K@<5vT9~`uRXchVG%}pn=OW$Dvb@!o_ z2~9`LwBQIS7v}`Y!9QBqM4dzo>dooDc!XI^<03N(+$9io#UTd>6{!o`JmdeAzd&SaljxNHVZ zVgVKrX{&A2ndrr?=wm~vwec^O2co_15>VrGedGSIqNyd!K(b+R^l0h74q0~;`bhs` z>M^gAVq+718X&35)-aj zie_y=fD52P{=tjS8}-5xhf{Fm*!LnrsdqU`cjTy5A|g+waWI1Y2Nfp+ms@MV?qVKwXYfeo|nX494k+L^_K! z>|?A(XPkSrJI(&Tn&leV6ezh(aBHPWjt>3XOnFDVo zg{mY!t+u5nHn>NcpOP93)8O0~Q%kg7 zzX;lI>VT#Xlh)lK-sKOF+hD{#wXv4ItE*DxMBU{E>_`-$=|x=<1K$fS;=jS zQNQsp3WhudDxkQ&on*<`eQaggs9$QD+^4@Na@~#^!&UIl6n4kyC>uz!%G*dD3mS8B zydEGscAcm9_4M5Mex@*z$Aw`uGsfFTw3x)#AjPvJ7_U>LU42Gs6dF>MrHb(w#7QkX z6&l_(3?7F`soH2qZO@DE(}f@t8ZHXC!l^^`Gc%h(G$bvV0^2PJa^ClrTJO|+sZ8*! z__ozod6XKZBNkEs5Zyd=5|GQte=$mR2Nw=Obobwa??xd~T?*nj;T!J6`Qi$|j!9oV zPG_A9R>Il>9(C>7IgU$$@!9$0O3MN>h>Cup#(ZZN=azOJLe-x_trP1yRa*TgC-#SGcEXdd z{Se(GU~9~&O9|lWxbFxN|F@;jhMFMz*URcU7PW5#cc>DYA5{JCcmzJ5z$O0Eh)0yHNzeb*(Z-MZff|&3Z{y`p< zanW~?C3;x7GNDrwnXPflEK5+Oqg2LWs2Vxj|B6SnB4Oi&NoH^~BLH~ruWo&qPPyLl zMyc@zwK!Cc@|EJk7B{abae{7t90VjjcZ%++)rHIUe&L-i_lh1l;FZJ2D9=;!2}N zYnB|go@0rSnWIXok)*a#VySo;qhOe`pH9mP(`cZyUd6yBqRj~YVpi)SMG}GuM@G|* z9Ku$^P;cS*1%q3u?APgXs`TsrqR{>7!WZ|IpV|EnuOwS*f*-U?Kqu<4YvPUBBlAUe z$*LrqXgG@|{v~gDsNb-;?8#)b$>Uq4RHcO2Ic&-b@2SAQWVs&YCKCgSM9FIWY}qEc zU+3pkbS&o0(zV{3jn&jhWWsx{Gs4<=D3FcIr~3#Oh4q2h^?%Y}JVWbc4#s`hDEo>V6%Jst&VEww~4*{j>%frr^GFSnoXFJ@gIdO4nbijJQ1wM3y*2)-+IuLqo7 zmt&cXMZd6`v*vt;>MAcYRYOoKG=~=*l`OS&XrGQ8$*Ry6Ea;0T^H7!Cx87h%1IQXfwi{#jGSLWkNG1#W8jU-T@Wl3sOPe1vMOX7sXlc#{PQ zA&{K>)L^8cMkCFw=*)`x^2*H>XEI#ys#vNy5Jtkj!-YI{zdlL?AMySb!+EBC|7DKL z%Io)$H-+3Ko1zUHMmdi3IIVbTr!%ua+MVvp~YPbF8!Wr=_#^sp;j% zcfFd&&~C%cX(ofs>Tml!woHdTwjVwI;~xXtf_lSOQO&IOmmCPMH>r*sGq2^%bGJi} zhJcL`b-pQL9Axb9$e$SOE!YeEk}Nr9M_Y0V$ll&xj&eHvuKQtAak>9!(Xp~NgbM22 z7%@E`KdyLes@^P+hkkB3UA znAU$Je%EL*g$B#gA#$414e$7*n?WFh&LXnT?6PP7=KXTK{`@X)f85;(%7A}Wae92T zlTfuguG#6|Y>nh!(vzjKNswAIR%(K6+T}QI+4nzBm7+3;tLqe8i|4SGig+kI{{&KH zg&V!JK7hfxps<+P$>|7>goiv5>#KeW;f~&|;V;3iGVMj!xnbIGfjRC{U3OgY3EcNS z+Pz2(LxmTgX#SNH^`s2IQ3E<-Rubabsl8rWl9lJKF$X=`^{QmAd6zGv=zPvp6q(|_ z&Pp#pbfzmP=!oXco2i8Q0I)nmhEo^f3RMtCc2&%47x>ASyHr=T`)wa9s*ccFDhR%y zhJv5A8R0pY&q-yZTClREiIKg*R`#Bk!Y;{xSJQ)Oakf;``(LFWcpBHdS4Uu5ym|ZC zNH4>0m~l>=Zf65u(VUZV|I6W)l>hPXi$W9@gqkl3$5Ps;Tiqz|g-iL%s>j^5=o&JJ z@8AhQb)BD0WN+w1q z)9v!;nk`=OHUI=W|88-#G$dWtU_%7Owg7&%{(8`t#WGZLuq^9yP9#y@F|*QZHo-Bg z!n4Aa*3VxKPtXV8vzR1uNub;13d>%AA3 zdQ)9FdZSlJ8L8`C7+LgNkue1bV!uYOrw0%8q!$<;^0Kv<5;kiSAiJNx8$Di7)Lvtn zzQ5v_d!EALWwZB`67|bc&j#B&l)1!*A!Y#~om{33r>8=hkuriK7Uu*#QJa5>(}#+_ zy57{=`lfAqeTEV)d*^Br-jXP;Dz-cmhFF6nZ+8F~OS{aB$wcH=SOdq^VcO*q@zLJC7;LN_4G!rTR%~_>n zbX&C46KUgQ0?IGA5F%$AZVI(NH^jzm#%g`QK{WOy7BU;7s zScU`iXRc!%sl&#yEBytCi{d8|2Gb?=(>1_=m8Nn)dQ#PrRIUGIW-mnc5wKQu2J;$g zyRYy+;TOf2IJe5+fGKRdAPdF@O=rWn(B#3TYfWG6)tc4M%aA4Jn^TbyB>EQuC0xhb>Wf15a1HAm^QH2$Wb7!mQB9e(=1sV*hsz z{+}S5%~7GKQAs+Arige}bF-+ii|{F~;`v-BhWKe#R?F4*)gKt@bC(k8^05`;YTJHO zqXb!GXt7woIL)b`dnYlNRRpO~BkWe<&6(n$jiT`78_DYZR|z`QzYFE6zv}SUj$Lg! z>3)M&+}}vnNOr2Vzj3ZXZtBKKRe7Oah^FQ5G7D%J=YCfV6pKP7g=-FccT6{MMFj)a zdJCFJ)RuBak-VPsHe3TsV2UjkTRVdN9v)n>YfWQcACYP=dr-^IRBv^$5Y(QZH>GFO zB5Mz?+>qQ}Yw4qAsht&QwjPSp@ETya(-n^9@NJsyu;$M0Hh5L{nj}!RxbU^4O;HeQ zJhsWjheB37^_yYqgPT<%Z~%MlpZ8y;cpp_-Y|^|rH^zF$ZA~9zJ_oXM-oj?JE(RwL z?HpU%mJz;fbA=}IpKKvUVjPk@%>(2m9VF^A@zKgvW3h5WuZ{B zdUSNs&&EIu^!R2ba9Y%H<$P(Z|6#Z@O7T;bXz=8odTwDwo>p*_zgc%&zU#pR(6xuM zSO1xcM$wlz0^&=Pes2Lg7A%YlDXgLwB~R*!UMZ~;<%<)NMNW`1Rrh(DSFdq#o_|Yb zA~K$>E8sHOCbe~+vUe&p!mWG2aOqQA_Z${&-2d{2+Di8=np3gm(q(Qnuboj&f=67d zk38W{S9e14d?C3(YJj3mVL-@}d_2%IyHyx(E{* z%!hwmJc+_7|TFEvCSv9tw7QKoZV3wokk#ySr4Hr|S zKTb<{9-+{OPsmxv^H+1^%TbKJs`LBd{VAc73asD~en>s{fm0!<=G$DDjP+#TEBbc? z(uw!j`+si>rdlzyaACMQ>tqo5Y})+sDi7^V66ugyBiCbybL`*(j0qqIoKm?F?Q|`Y zq38!(lY$76xk?e# z?Q7eOK1@68O1;&6K*)BP;^uqYuil9wd7_Z_{D98I;{1F@XZn~hYq>q?jwi@@3$?@v zGBI>@UEG)YLOar6lFIMO5eOotxNd+I#r0D#W?;#?<2x<_ehV}visQylgY25UcJt*E zY9@G6k(gIz2dAuK9G+%Meb4xYeJ+JK%{tG-A~!ryOvw(ptKaiu76{LSKs$SpvH@?k z%?Z&Zptwj%Y8K0poF9?;ud+R6vu!YuF&_0pGtxNVE6q607WAAiA-m-4j zuO0viJuY2Tms2lGVu-i#OG(-=S>?Q%AY`B+l8&?t z(-KoiON(H7wI(&AiNyG5i@8XIWea_&Yg9QQY$XyWT*cLp*-{NbF$d#R^fG+D9ip>8 zT%##q!(i*RR_IcEX{T?6s4ziywo4-om-j(%!nV2#LDX&V3|%#nvwOe4QoFI`r4u8X zKm9=l2g9?;NCw$)N=gD`ktrCOlH*MNWM=HpP<1HRPoaZt3VSWM}#jw z>okK4+8#EM3}c4sY9u~S?7Z!_r$LEQ;H$~GaZ9c{jju5zbX~1aB_t`Rst;W9x%v(= z@=4Kta~2N`!NVgeD5#HGkf=5|PA|%IzWDC`N-Z!78Wl;byiU^i96o{C_q#cEmnyyn zJ3R&s1s{0?&}7gdlq?L8C9x$=M~c|Ce8C$g^s`0roSLG4PDY>&aB)KlyPF}myGi(} zr15W*9Ok~u?F|WT{s483Q_5t_MY*=R-%2{RtRfxYU7Z3_gPi&zaHNJPg8K`!-_LXG z-kZCpS1CI?u7as+JQQ(2g&x&^mgt*$z2nygidZ#Oviyb*zi)_hqdo|cHHw=^NRvdG z@~FK6i!9tr-}Ps=wTAb*l&<&GG1q>b8q}QaX2b4ck29sH7Bmxa5r{+Y=DomeR7Q_o z7ATJrEKW+>&eV4F%j~}SK$&yMXM&=@gHFQPh&MkGd9nh~I6Aor-^96+A6W2<)WhVU zb)jc7Q46UGxFGW9iab&RuA(Be3r&4q+pif}^D7N+I6x+zfP^2)pS-8>2~}j*HXv=4 z=Sd-D^#e74M-Ai_)}IH)Thl?>q1p?}OZJ$yU++1iSsmjO@bBbn^>0J}u5-7ut9H)i zz7K((ye$fcGIRu%xQK*oMRwKGthZHzjQa$l5L9%^>}vWn(RSp`7a6uDr&I-^uD<## zxR*MyhpV=x$Bjaari!gL!HMVn;<*cu_U90(=MU^}BM^T43Olsy?Ut$HeZFu>iEdv= z8z-VK8D@e{YJB@PD=AuMXdu{RUGsRwB`Vr4Q1h@phGkBQnK&LUQmc)lwPS7LsP8;; ztmD5CW%rxz=)AL9E1;$<*Y)b16!(U3pLn8~VKnmsam6YwS_bB)y)!gp+@6xBCsW|_s{FbX1*vX)-RHF6 zq`O(x0dFnkT)gBsSc&9w4|e8R>}T4x1}ze}5;=3Owm2@8l4hf|B9o?PjdOC*AL{rC zod&-_%cVNASB`9l#amqMwh+Ph7tgbe+Q2|h6h)f9>$@Q)GmC4zEM}P#Up8*2vY$`X zSbQhxZZI(RkYhgjMXjqkEG?&tdDA-0*}Vy(hhx!?lUc5&g~?(=QVbYn;Wg{uFBsQ5 zEqGVEH*OICc(7`sW@ZEx9Dsum!A(%4GfD1xDVM(=(g;zW*^7L|Y4!PbLB>oE?9 z)PSY-&%+q;6#Sry=5gUR4SZc=?P2SP(3Vz&oB(_QKmsCYcnXQ#am%ozz-3GgSYbm$ z4ZQMCwgB`(6Rdz>+}Z0Ok8Q2%JjovBy+Gh-WFFtPEMaI7t@!p2mYv zh*b%QfcWS9?*7hRX#-tJk78P3bE^OA&*xudi@_a@EW&IWkVb+-APuRd+|pn*N#^|E zDYnO5`tHNuD&1c_= zQr#gEg(Z|5cu_8Gwsx7wW3u$~v$O|B<#d~)&-#+LZ+agaPE?5wn_mIYuo?E474y+8 z1|9B6Sq+h8+FPt6npxx4<2bG&uB?Vo0Ua*rL7J;N!wT2xT<|)RGt7u`3C%X%KBuxb zv#=6WC zB}_#GoExfEi>W2#v%xg<(6fV*@=j<1{g84de)e{ zyl>s9p}+Axig|qwck6Gj6L;t4^l(s0t?ih7eh6H;NekPW!B)G!%sRPHgso9kdt4}M z)OZj@EZG_l&QjOhq+*N?be}d?5I!-jN8gNbdk2` z;+sZSTW?499hX_YIdZ4T)O_qEq_Q{Xv__=Vek{)~I{``Dk1k{pNeHXP9|1NAWGqG; z=ia~xO;*YB>MsT#MxS07LN1?VRyxKT7G{Qn)-r2-iRcA1b2YZQCyKUs$x;vx1xQOAdb{@4}k2W z8n{pn-tl_5L`hrb(d^tG`Ev}^6mVL@C-6QXFMy&Ux7daKh$5HB&(s%k+S^z@dE7cq zF9z?yv_dfxD|;-#zGsnf+uAq_e!D#1o6V~|3RVBF4irl5U$^v4QCqFQOL7wHBD6Y; z5Gv)6hES8N0Z65(ih z4n?TM61znWPn^tH;Tvgy(NYdqrp6RN7hq^0pOf@C>rAJei?*lQVotpxpP!&UTOcHd z3E4}YLn1EZgBhoSnwK8B;U>J0=8z5HW>@HTkT5b$ntX-=wNSRVi=Vf)Xsc3rij)jm zx>c5XV{AWy>*Hxby=mocrKghPfJwLaTAnwk}13COsMQBw>6GiL7fv)heyQmx3kxK3ZyrF}xComlgTl$dVi}U%Jt^g<;f) z;SL#V66xlW9rfhFs{xAR=!dp@^UDi^-tc_}-Ol9soJaH_l=H)6`VYxG1;pT0c{Yn8 zT4KJD{Q7LM;;JYo9$|8{uf+9IsqyNyL5$F~KM;A*`oo7ojk=_%65n~Gk$U}aep`?8 zaa0r7CHs?u&Xdx8iaGcu;HTtIW(!ShBA~TXQB@mU!b{SfU%fw-0Zq_uKAjlxPvkcB zovmbvmb>{JgS`Elof3dq6MSTJpZa11k-av}>*lPGElQ;h_^GN0`GL;vbAHaI-WsR# z^9s^6a$fan4Q%=TYryjc_!A98+Uk~s4rUhJboQd+yE>_JZdEF6DWE}F8A}Z@i;4n< z;;2#pWdHF!sq~;m9tV03-A3M?kT{~9=gAb+i4(#S4QlZ(q$Szgs~lv*B4fnsq9BdE zwyZqWXsx41i^;Ho!!w`%n&NvYEggzN1_{Mm6<9lm>@E&{!a|IXG!t>*`!aiK8YY6| za(oy_WAcOHh4$am+WvpzWs5XioO*ZerO_qdt@*cZ{AsMJH?r5HJ_X_*Rp5|S?9sa( zI`&K5qR^!BIwH<+>l}r`W!lICL2SsJk6Yz{gXtGLf*5N42H(j2_bjXm;@$w2US}&} zC8Yb{vfr_5S~Z4szYdztJ-L3nlyvif#1#WgR=$F6apc99_?2Rt91^J%Ml5n#^?!ID zqM1RN)&qM%p-w@Zo2dpMPhJAM)Mk7R5{5opC~*~##4I(P5E#W)8a&^Qb%*Te2@CE@ zmGA?u_r@QYHCfo+A(FfPh0EidXWapfGshN2cFdOsUA?icf-9Bry1?`CI&mSwZSafS zPD?@Z49iSJt2qm=%SDlqjUa!Zo9X{ z%t54aaOmiZO2yO4{QGm7!0^)Sm8l0Cnf35>Kg4&Nl8c=ts3m)ZKN*V@2`ImKt8TviRm zuvLX3yB8=WDlQQIM zEc$I@Rb+6I2EjpXhnd{1XiUWhbH)0kSwYVzRt7t*M=r~4c`j3i4u;$JNG;p zcw#If?`AJ%QnG4FWG`?Z*HWhCcT(&Ua=a_pr@dg%x)8io3^Iobq%!&hXC>u-~=3bEne;ov_Z&dEY~>O+`zH~J|3!RVke z_$y}CNVioQgQ!AYyt>Cs+GEHQE&*1o-7bu3R3`si`>%D&7FZ{rRe} zpj$5iTaNrgFu;gL&G=YI0?FwpBy&1eB=p|KI{nu2ecA@t7NeavQU@q>y-f<~$iky>rM;?228w!vSVJGMN)Tz)HaZc3B0Sx`Dn@8F z1M4UO&5v@IZQcc^Ix))rmp>-HFW(m%Ei37Rji*#zO`$F2ad9Y38UY0EPy=+dT&_S& zIE-oEkBaBn15s^$vX(}x`R`nzwRziZk^9f%uwmR9Jo79btoEQQYZ@+wR9-o{R`)>0cROv`9Z9!lI1f#p4>;G}Vv419=7O-I?SOS>kHb=yP>`U;5 znGq4m;zGhe^w(m46G@phQUfgtLyn&ul?Lw?)cJ%ezH;xjQpX2^F?TAyLZ`9WY%+z3 zl4KxVGf^{$(l~I2YrjTix-#IL)^cjN#!+nY0?iE_VsVu~;`2p^&JKvvg?^Hs#k(xO znMo`zK~)}19_Wy0+5qKjkD7GvqHWjVWmQs$JDxJTLg--}6c_4xyF2{`+xlvAn9tcA zP;mI@$z;_WUsW|TXo$254_@D9Dg1zC?K!Z<&xGW@@}$tg4wC%!$iqHVeP)~E8thE# z(UN4pT+5p*4Wh!V+MlS&hcu9=|%;h=DTl;lQGT&Mr*q*P5LV{~j)6CC? zuvgns(Z9G`JKztev0`Kpr?O43ilE*cu;@H#PnwTVW#3r5M>kf44wQ=EPUBh7AlWOPJwky3KQOjYogT7_og&LB=#wOTzB3QCN)5jDWD^h(NwH=D`rgx4E|A9fp zJa+z{(zDNzJr-``5OO7g4jhCL;nsHGifp=Ykbh^!I3#ugb3 zaI#GbML`tZ;zBlWhH>{&prGr&QUN5YSNbw#x!(vY)SX8st)@MwnEEH)u86q5EgAb_J??smnoX^lMPNt6iT zuOWk)i!F?of=T&iYc()~hMRBMENER*ilqyQ~{Z5(Ox<*=@W zQ_R;aAloT&Dp6LeFQ3sOPU@+;MT*BDUQXRuiQ^nT;w&4O>9pa9r_M97j#P21)AR@O z6{Y^Vl%4Nz;9f>fF826{JSp5r6DGvOFpbJ(g4|Scrzy&0_z&gIGCaX}ljJk9E!p7b zdaxF3J|x~W;8NA)*Z0b7R)~JV5IW{du(MmxbN(&^InK%=iviMwVsMzQ-#mm`7+T;s zI-raGE~MqRqJu7T%8clKWarrQ0DLggo|sZZUv5?Nw>H z7%{yf8J(K(roa8VsOV8G3&;C5ozFv<@3slS($xZISHOe%1pSUWUH-V30+S}KQ|noK z2UaO7Uqe;Xo2aPWEfI6}y+k?}(o#-0QJp_}h$@j)sZ0f=uj)nxTgQj};uv%lUiyR* z6Fn%{xWZwcr(vwvrX!i4Bn?4{vyp(2P3LVmQDbp_PgT&vJV>mQD5_)(t-Zn^ohx?e z?WBe)R;b=8===~5;&h7xYDp1vC}P>^z@94POfeN1; zPwrL@eZlTr+6Jx9LDVl1WQ)owb$$vda1Ibku*@ zEE?gRl>@XXj583)4VYDj9|Ln!9@atVNQAhk_R{v_dCmJKXiuUuhS2U zL6t|rzVr_ltDgaj#&fg`{cx3~n=CkW#KdeuZ=`1e7WWWTW1s}vo~x_WN4uVw#?<+= zz1hG5=L&}0DJVJ!Op4S99;_=H=){vcl^9eHHGg%uCk{juCy2s$dk34eu-X1~&r5zd zGP`i@hEx6206-Vh!8a`-@+2WRuHWb68&_?v*GuC*(gx&elPJ30cXY%)b`s9K!G4sW zHQY@P87m0Kj+B+469<7Bo~+_j7M?=9771Zm#4~cs1B}9+RFgdc0y4)~%k@g|H>s7p zyFXxH4&%RJsW&+xodb!SCQr!bmXUse@hpH!+ZiZ&PWqoywyP@ z&*9Kko2?=UF{Gr^eqNP`d4)FOeAOv>v;fK^U#2G%+Cof83MG%%{wC|nv7Dy;PMI&F zmIKSUb?TLn?^#)RJ`cN}JH2Z*TPN~f2>s51iIpdaSPSRHO&_abt;p@eL=Q2orG_ix zolHrytq?_lUlI9vBH7u(mm5QKyx+beMxGtS$N0uNastHXYQ9NFFAZ6ob63)jtKlQZ z^hCM#L^bzgZ>CvGGZ#K?$wF0AZnMKgA-e+6Z(+Xm6+fX>%T{HoBpJ5axv~CSv6mdQ zcA8D&z&55+sQOgpWLNfG#{8V^Q{m65$47!4qDor=VzT&iZdE?m_+lbfJx~ z7I~C4i^|}ZIz$s+@z)GHU?uLiG})>&Of37bO;Me15>)Eq%kHDTUEcv4fqTrE8=u2=< zaJdm)(6%tnej8jB#2{{lL0Gx5G(E(Hh3u3wC;^l|)UilZXY>Hz&=Nwn7!^yNdcOju zb+PH4>K!_)!MlY8gQ+w#yKr&KgrX@)TO(63mgQ8i){emW`xNcFY_uLn%Gx8MGEK6b z_7c5E8T-4n6tMu8%-{;+30F$_P#Pia6?T3$APB++I8lNRK9LBR)bH^3OFeJBG;Jjg0yIWjd8ll zIyE)KpN(!ytH&5yT)gA{VPPR|8zkfV_Heo0E5CUyhyHA(v%OOO9UrGbc}<{Oy?~Af z(QMpGFxJfckvY`HJ$7^_Se*;$O(dC!@7L}4y(BwN< z_fxBHNaZ4NY0oK_=gpLP^3eHQ*iz!&$$de1gg2|cO@S%yTQUn&UQPP&7QiM+PiLiT zH86~}siI5HEbvy7)7og41zyAw7@M^L2Y_5oMfin$P*B1UR>4+G%WXMH?&JQts2L;) zgricyAyCC(L5D+}_4oXW^!No>b1f1IY2{?CGn;-_zVDRP;eQt|w($c{iuF}a9b~2F zeNNl3SYM!L@?Yr%h8o&T^nZ@_m6=sJUNKzmQ)^e`F0b|6Ao6SkQy>T>kd7MS$9#-+@f>*$C4zKU{3$i&cDdpdV#44 z*?4MkO98S6iD!;3%LDj^<(JWPCX6sCy@`bzF=+mi+Pk|@TpAuuW`4Y95vj14!xjkD zF0aEK6PAB4Px^*yq6E3|(Jh**Ks0WOkkV`(oin4% zTz%Z*%9!^aU)0%U$|9xqF?BEoX|Jc}Eb3E34vlZp~ zy}^jHTp_pWt7sd)it`ZUx_iG4q2mb)h}tJ>%u+Ns6lEFL^>r;;1LO%b;it|TZK9Q$ z9BhD3+>tc537=2q_ySiX0_Fm(sRr({|NT7h3`YGNX0w18SuMJ1ZgR>%>{LBcocx%b z&<6y-yhU1(38(jY>Qe@z1ifD-65-+n&$8HR`872`3BG)!sI#@iMr^zwx4BxGm2IQn zN_hPuYuas{$?}Q=?O^h%c$e?$^&A%tyC?1ipZS|Vo~zHi+;AdeSa31;%q&Q3H(COA z4&p8{@0|cAs#7PU z`GJf0Ypfy$_i=3%jR+#kW&X|;=Ln`6KNV3b2@3L^{><~dsYBhCLo&DI(HJxH45;X~ zr!faL6N}glm2+Ed3d#V^6h^;TMxvqlCp4=>O49tQjzG(UkK{aO>uyC8(RVcilQQhJ ziiJ4masJ8N&U0id4~F=od*WZCBf!5ln#4HpWU6=}`ogwDX7ppOzEUX6F9m_n#LL(M z+D?ja$J{MNa08l9+l{2LwPmOw;<(uvjXO-0etrkYKF~R8JeQ4HdQz6?P5vfhLd{x# z{ryZ2vur{Lk^I_u(v-CAr#Z0i3y-B&;KDH z4>RIzE$Z~s6qWb4wa2rF-$D~ERRuz}&FXAGb-XLCW3}w|Ux3`?(#_`gZjjN-+te{m z@?6JhFvvj8w{YN{qp6RR>H+r^F*`Fe0yjnl#)vrmu)XNpSP;%-UCG}v#>=SrlJq`? z4=dz$oje1wvyn5EM#pv3n2x6qLt+Og7_v4;X-fbG3on$2ch0QL)iDdh0HXydg49ko z;xH%l@urhSXDed}Kli}*4Gm6~Fzex?)AKt7l63Tb)><9d@u$zTPS*~G6_w3bt@iT% z~HQC z9c*X><)Gc3YW<$W(-}E-at)Ydt+pze}vY=lEb#Z@kN`Z`3^v;RwKPK4n&1aoVoM z*mm91dG#}T+OIu8PhiY2ZK+05QFOVhx8+sR( z+~6a2dcDN6VrgZGVzABn3$vw438oK`%=v;F&ER64(dr=S4IPEq4DpwiuTx3k{KLmm zQb*ZOrm#E2#mG=Aog_$o^gC{M7^2bjLG=>*L#Y#t>x> zd!fK48vm;9r5JPHg*JJBO+_$&M7`VFUk9!Y9pA%JG;k@|uXRP(W?%fGhPVMPA2QM4 zn>1-7Jx;4&esxR!7S7BY%cZg-iUu{-E-lJW%g7fMA9e@kbst?9=bqhxactA=(~^jQwscq9;HqX~K-kQLPdRa7Ytj+?bH< z^whVxcRRFA?TySHB=E7mt+O%IrHk~6z?L$ceI?j+3ZzYH{5CDvCpo6a>#J)=w-uGO zZJqp|KO@qGV0$9_P!Z9>>nhnlSMgcIW@Mo{UWWM9i6d+3xK&ZN6Nz?NjEsIQJQ>!r zsJBhplY?W_c>dht7qf7nq_rKPK+J(!zgWyT4)|ktzC#!uP{T^NZK?anv+i?xYjTClAdvGQr!Xmt-}Isi2+q}kixibaVKtCAVjVELj}Re9}oS`)U4L%FrYXZskB@n zQk(`MFrQ()ikUgs-WK)}zf~y}X!X}z`OhT6sds!j#z+>8SU><(@a(#Ie(Fm;B~_eq zaFo6@Iga!FaD(V7&0nTSR3A&cweryIVD&qH)I-vTWan2kPdpP_XAqLgRrT-PPLTV0 zU<$2JRcUBZ9K8QQ>dX9Z5%>PDh)<|7j9dil?)bW1nk>O;k?BHC$Kkkujn($<4Pct^ zUDUZpVobEC59shBia!k!XoZLT7?+sBvm|(f%@UAKz3AG=163=8Dwxsyf-Enn)U!k! z=L99eT^)Kqdqa`?5q2Md5g@*y9BgNr%`bZzFOH#HAnmC(QG#7_t6N5-@Cws)I02w9 z6gd+q`_u)T`Mc^;C`Q=@SU<)CmXI9=jl7hrJoETZ8riu-PV_DBvO?E?YWTuQ0h98e z4f>#+k&wp`p{j0RspH}2bw`Fx@74s~RoM63S=<3B1nySGJC7$d!K>-3JiT|UU;T8m z)&qMtO18YQkHr+(MHnSO4&e9h|Sz%uKDO-4nhwpx6Cb~0Jl z4h1_E0UgKu-xLQGJvzm6<%I_5QlF&QMehN zzbLX__YlyxCl6QICW4x6PC8&Pk#B=AfSmFd$9m)WjVU6d%;V^NnL^y$Zap zuLSQsn9q`K8Yp3aa5zOAqrKVK6GOyM0QSq6E|&^5d``beaA>0_&GeBLwzhCI1RrPN z_;I#F|1sq~0EG{frt0~<#YGDRs&Cy2MNAQ@lmhA=2C^z&=0f_!2AIyn3B(p|2lho& z>-HUgfc1~@=hz%$;$-?Ic{nm!rClV@*6>0}HQTipOLfA(u!DT?peGXxUB92pLQPCG z2t#RiF87xZe^5w+W%X?ha&86<+TghClQRj}H8PgxL{+_{5NsV*AkpKjH1;qq89jm6ce)|!8gFUIf7Avb`JYd z0+l9bsh7H{_x6;r9^_I{Kf!*d?X_vKt8@?+Zb*YGd3qlC3VOZq*#Mg>TsARkJfsse za{xn>=!=cSS&g@%JZKu9K5ax3_r_094awuwfYXFHzLkEzQXik|Lr8uG-gAhd>H|{P zox@c|hAAhzo4$iP9P8EJ{%oE6(E6dp1Moe`#=#3aUvgq}^lm_WX-ACEhGm3|&=?UI zEEwvko`=`i-;w*%KFB4TuAEbw?<`m5e!+5KlZEb9|5uAir)g?<=7;}Ri`tvl>1&rS z`2>%7^GatzfYyShkiP@$=r|R18M)tMNB#1+Bsfa{Gzf#47jW^aav=n7^r6lU7~gpR zj)ejD>&s;mvXHrRLSXkybcR2xw^4T27|IaF1NoQ+HPz05t_P1qgeaE`i7=9g;GB7fqk_=3F;~E~jK8buR`=PY-v|*$nx>oLrSmXIJUC zU#+|=ylE=YYFIjfIKlI6&7Zu0A|ySRwkzY&TDr6VBV^{7v;prpAVg7Egub!&K^8AB zZDIzHHvNf@Mdr)EwKeUllWQk~B@L7>`WjY?eBlHGX|KpKGZ(t7CD*6*0VTO12i8lz zlOM7wGgylfxG=Sf@m=xrgwOR7%D}|){Iw39AEB%`b8aOtf$tuSy$4xiy=N$+0i^r@zOc*?L zRoQj9hY}0!We-@(E=_n_%H#pH26snKB-Pc2+vOv&-v-Sc!{hJ=yJt(>!123G(g?Q5 zxSG$OKK~mjxr<2)$*dv0Af=zFhb(gqp|$kr0Ht+C5H1n8;fET1rvY4)e z4APzmIn*ua@Q6^#fjFwbJe)uy*^q8X1r!(iI_bH}R2AmL2X3a;yLn zzsYNAiFf&1_hpMh;s*bAHuv_+ZN`@_)ZDv{^#PHfKTKzXUFT|#i>K>R*eg#YSUCp$ zEiuv+*RQjvIOD6iatv&+s<8M2Tz*O6Q1u*w_lsx$li{*JakR0t$^-B z_at(5bbYxMk86TpenzDDi7Z9KPneU#N9KuTlgxEWq_XZ(k1{DM&sZ4=`iR=v%yt=U zt9U$O{99J*{hFRO z`+m$XT-g2R-jx*|Uv<|PjH!ZfWRsP`iAyv+f3hMO2`*#&QEYRopcfE+VZ(iwS9Y0 zxhN1Uz*2A7>FNFP<>XweoN~9cnzQQ`^@c6%*mssIqvVnrE8n>lWaAyw7+4YbRHt*wTN@dYnUl+l#UX*uRc*h0Br7#1f zM8Fb0dOdpRVWW#Y9|?fg_j1DW!?1oQrM*JS5)hc|#;%dI76$ee5B(C@GO!$f&n zc(W)6SjU%Fn-PZ@hw-aX+gMR@^t?+1x=zKc_*D*aQ%+9aQf!gV zlv>_X@%>Q6#8$)PLxzx?N+!5TXY?@sumJE>M;$ZY##@NAnAc*kD$C49Hg{bNYk$Bq zrfF98VKPdt3+IgCnY`8Xp;uSK5uH9`riO>8y(?0y_RBasoI8VHEE>Oh(o5Mp5cnDVn_1av>3McDMXS?;`oP8&M6m9;Hy(Pn z%|(3{SdTGDMy_oqSTU;1Gx}F^pK9*)u5>rS`LkXSlI5M9^W^0!A60TO_UKHCo3i__ zm^?et2oJW)zT52jn;$!WA>H1X-?%?s&bO1e1ddkTzH8#xbRjrQ6AC~Wr1C?+4!E}z zJ?l)^nDlu9j&(g`3*LM@9oP*#HT69^N!T>*+#0S4>WneHFx5@W+sw*QqP)UiWN40o zdNaxdFoqNro7qkNwxs?Fm~horaUl9qR~QvAp}_r-Sl`~I z<7}JYb8(xz%};CIwGH4kp0BnS-C8atVkujR9m99%iFqlB4uOKz8tF6t)vm^#H7G6n zC~T^kZcU{Ao$$F(`oIp#x{vibj_U7wnYe&2C29j?nN?_Is5ye~iL&*gh|SyDs!)4= zPfveQ(wHU?6kCKOF_LWS!S3BVQ~Z?Pb8F^^f7E^*aAcAtTOPTa?Ymce9Li9;@2X)G zu5(HBM8pUQKr~XfmpZ^NjQ|{e&D8i@qYh9EvY*!Wuk^mgjsRow4t5j?Y&rTv<-hQPH*M)>YD}n?s2YT^yc_7&MoXEf1}lvKYt-@84p{H*1BpQ<%wWLo zH!Yw?b^au7kRZn4Q9q+(AyLPiCS}MD_eY7;OQseJ`ceAfR?N+tO@C*To`jXwFsi^4 z@AiE@flc|&9o<{wYJZ^@r{(U3ap$A%?cn}|AuhX&av{%=_g^9_nAiOhVBus7|p zt%ju3{@?J8LnGYilBvwp)uv{%+ObLBlm#V(F~*DD`SO*hq^P&MVUOlvGeyjuRhQaa1sWK>Os1gQSWk$%;Ph%ycse4+VEdMYjr&xy4EwG7~VVu4S~M zwC%4rJBP0SvfUmk%~Y}Uwr}r5wnfL;oJ=XM;hpdG@a#Eu_e&T?Jh(DzEi?rjcMpE z5m($j6;`yEzoHp>Kg(2~(siEl`PW~yZ%h5X4jFspiFPe7zO1AYHA~&kn~GjWqyNXs zyFcY>`~%Kk%CFwVOK@OHg}DDnG}^Fuma}q-UAYm14n`>X+iEchWg%^Yh@QAm1_$q^ zdRN^B62Yk#x!=GbNAG6zT2RsdSWzdPGnF}}Sx}_tWiTgd&(lF!ac6tX0P5uegtli;CJs)At55GeUeSoSVY+%H#CSJMgiy3tXWgT6 zAYCo|b%Q^PlH^ZicnJ8eZoLeiVO_1&C21-EaRiTUT zPdkSvtap||Z)MiP7K?y!Ebm9qT-R?q=;JsLV)^H;mct&f0!aNENArw7<40q+B0$*n zlXC_Nr>9wb-)7@ndZ6$@TEf??GphYwzx--vi@n9?Jq|uh+nSg9h>Fq{mZ-*&4LFTM zX)6R0{U-pO(7z=KZ@*}SgZ4P8xC#_Av(y48iVCXUg4>ByDl!tIqDnm@tt*`4H8rwe zc%e(TqSM^Xeo&x#mYFK0ofgejXUU;-QDOBoa{PW5<@3DOq9Un?>2I0+Ks3?L$Vaq>lBke(CX zy(knVh*}A@2NPzuH*k)k+NPJ6M@L)2FF>>XQ!KppK)iMJR%Y30W9Kk{E(Ca=+p2!$;t2am z>!xMw)5XGWrH7L!jfFj?G_~$r+wY_^*$Jihbg=C$cgm%3*tZ>QceN#ZL2L+ zjZYKea#oQ>{zwWn1t2`lwGEa5v*rWMi)7iCy?GA`<(d zCj&_EHjM=M>dY1OU{pq*A8ORbnOKI9>V(qL5KNz1*j6o-DH8(I+qY=`xV1KpiO{f= z$O(D%WrAZ1#(>XBb~T@6=Z7E$eaX-y1vOgh^om=c(gCq@S|Xp8iF%CF?R9E;LBB7XWN<}hzCXwIn2XRDCDEfOgY<}xOi=!!n{87V~wWy0c8 zYai`2EKxV`SfbYs(odw1B10&g0KETZ`HLvWVO5iz8~=2cca!2;Li0)29;>F*s^I;J z0%HNa5LIOYGAB+AYX(NTk%ubk+3%*4UKC3449J5FO-KojBJf&o-=U!Mkig7Z>5uTM zsx44H$|`1MV#|N0#8w%b2bJ=^oIr=Pq!yZ_4nz&~xZnzjS zj#Z@F*hERR7x6wLz*+tkn@I}CB*UiH*(=Gf1%31_1`&)c?5M}zUQz+V_hBz5W47tP zQe>(O5RgJJu?28l$Ah&=^oW{{jX;n+Z==2XVZZN+Zjdh07yNw{gT08aR2k`hA|~1Z6c9Z@iXEpXLIfY zcuum8X_|l?vl^ghY73!p+^5FJ64^)M-fjj70<#aBTxwPRP<18AAe-QAM6t`Z^P7;s zqXXH?S|JGV=`9B9jeJR^2{F*cv8Uch*mx_4EkVxf)Ke)0pmKO9bRKY8F9*_raLj6$xgf+5%~h`A@nvPgm=h znzQZj!)k@zAYkQ~ckeVS)yrgw>LpL;!6>K@8!o-b*O(e; zpnqD?s;3Dh14R@vcICPc@}#O)e^O2Ti|2X4((hdVi>Z}5HVz7f>TP#4*~SJxnfCjg zgVWSd@G>ZcsZ9>{g0oaDiSs$BYlSf48-?-wIfQFav1f) z2#jtB#l+*Pa0==i>TaU23`AbwiYoTaON7dxR8#n2qn9LL$KQi33GqKUt!v;+vJ z01_wwV_ArEbHQ=qu77xI+K=)s{itjMs~Sf|Nr1BZu>AG0NjM8j@{^OmT=r)vTISR% zRgH4K(p~_g_R{`MW(M@)eE~Rtm{%Q*$q|Y7x2$SC!{h}bxgdtGr3lDz$xGa5RQ$mu|kfk z9x`I3oZJUv)aM1Jrp`N)bAgK5KUrX;^$o;Xi6yEffkBmcc1@g11|FxcX|qh-4w5o` zoXS^!rjJc+d-`|zP-|&{Wbv5S z!SjI+XqcQ>^eJ8NgB_fUWAEp%f0)M5*NDge@?`wHDmctE^PUcBb$(zoiiu$c<5ROG z44xoN6D<5qHIL7J<6n!23U+eBlO}9N*1^kDRmmmIEg%5uXPJB)L=VU(o*Re^)dVBO znh{_dOgJ^+B}U(C?UH^d72s64qHX{g!9ZTBiv6)7RKgL&r-l$q)NmR$wlQQ~MQt{x z*D+}sl>+-^5^8m#qDZTX8O9*yXgqWev7@8LT5j^~&tl5AD@i=4n8d{;$_H>uKWU{L zgw%uPqV%OTrMFvug&6|^GPuOa9kg7NWgCs0My^|ZpL1j#F$S9d_CYn0)2J#d@{A0< zRG$GBf)QDwnD37OXA6=Wmxhomk<3;ee8-8Z3Og&}O|LIMrSMQ$=PHFGIc#+k9j_%< zxeck*Q`ExHkkIgMLV{X~dCRhlW?Z>=JqdUjz^bFa+^1BMUZXr?)=SbJM48(o^w|u) z0yGR|v;UxMv~z~$AoIax5_;sMRzvMi8?QAj@;kA^*TZ@W3rgKWgISb!2h|`=n&ENl z<~l?W!v zm%m8W8kfGZhJep@*bBWfl$$p`;1f1H| zln?-UTXS@WvWFd^>;f{%IINmjD)r3XGOu>mU7A{ck6{*pTsWe>U4pjEx4tvwc4 z6R`N;K6I!e=zH$&&~D8*Z1Nwd@`W2P?9 z`mOt@v^Q(?d{r@>ex$+=^NN(le$$$e`EWR5)h-O9{a@X^sDmc|10YOquH8n*kUWWY zd2#l&Om(}k5x(+CU{6CWZBIGU)I>~TNxi=`gqwX>N*wd3fz8M&GXUk@Bnz1l7=NXw z*!dDR|7Hy>ObH}wnKjjC?mAs?PGd%pkDLwN3K26~QTJ;`!=~tp^f(LY+-0oD+go*!4AjrMUkrL+S$kq>vZ|cQ=lD%MQxj5 z{4zi63q*3)N+&pS28ZHGz zFf~nB?OV<$e+)WidxajRNAfGqEsi>NkV7x{f``2zrqh9P3gqgc3RNBI z_^9@kdP7M0J2mdejUNXfY>I?Nx~V+pTvfvv=BPzE?578NQk7aT2-j`WzY2aGs4 zaPsgpn2wVLOdP3TCjOD5Dw;2!R{E-F;j75){|aD+e&7s@C`|&ZP5)rItY8>XMUXFM zNJ&{wKNGO7Go+dQb?dc3u~9LToATxq=LXFyr|wP3omal3Z6(@o0#quKC5%7SP8sno zhqaQb@A#k@WLHlq{0TE;sj{$NUqu@(Zw%?7ZoEtwcHrBAUx)NME}(QZg}qJ+j%tXU zH6U!-!Qq84MS9ceO|0}SBgpTtl#O1A3D#2>%AZvMW&9>+Y}1+`a^)yM#iSP4ays{6 zh5L>u`c1+NwIHeU**Lja+!wPplu?qd8aQJ)jeXv#v~_reCg~W^2>oRpURpmDW|_PS z8KQ1`dyuiZ?!znAsr$!B%lxWO?Hu|CI!aZH=va+=j+rD7VeM(Wl$8SWZj04eQ@`eR zUA?Bn$~Et{V2eYBUxBW9VWXHZ3Uj)35*?;56qp|;DfTnP9&So3;YJY#ZhvV_Z-1R! z%pAO^VZ;C5Ds+lx9q|!a5DdWb76dqk&&p%xk;Y0EL3YblU84?(ezv?f7%vBRq_KM{ z@}Mo0+!#sfX=<3*SE$+G{*g59qNa$g-~9B>;v}9G*czUmp|S>c&2Ow1QvKU6mom-A z0Dqto49WBvv$QMlhIe{PCx`-~%}6)l8&^aw&zN4r zd2n_;ShRMt6aM|AV>CoQAsa!uMsPanW>rC5ecIo*y5n!I%fZi9)`Gjbx=v2fbgybm zC$_j+)@PWU3bBHE^NTc)dQ)Kus@jO0uO+MaUS z)A6ewQ@na`n(h-uj$S!|2g3uwqZ4@z(z5QuB|ju+P8;L&e2$>@gmwSL5HHM>EF`Q( zh%&#tJe@j3Z4rwzSCG}zc8T49r~*?i?z!$<$Qh}IWim<;VR&_UiAtGZz#u3`T^|s6 zPF!W?RC!8|;X6s@VQ*@pa2k?`)49kVlJNL}>{tT;9VZTP7{Mva+nV2iRBcYe4Jiwl z+pC+UydIVLmhXILNO%afVLP!b^qiO{8V=lx3U2ef4EMvt^B;ZB`rfxcmN}h(j6bEN zXG=~G9$(RI*M?Hb3gRSg#djIGih%4E4^s%&9NsT))$s9p_2!_{4gE}Deh!}M zmFrp&m!}F?B!|TU->-(OU-aTyfagclX>w!PfAp$U+P_EY-*Ti7)Pv~|mhcWmD0L`W zw@w$`Y-Bx)@yssQ%5sxomZ)46g$~e1#30X9F_fkB)k2xypn74~E1rljE05R+`wP2d ztyFoobwu7>&>23?eXCxeKN6+%LP@-&W-JKxW%u=+t=vDZ9%&OQhu*rLi2*^N3o+AIj}xP2IN(~ROJUls+{KHcS6$w?CIzLVi7$BMGvBieWP zYekR$bw9gcl>7<3X^!gKynXn5on1e2QZoH%8~aNn8}Y8bfUYhflh`9v6lq}wu&}xJ zIc*Fp<;O^ajbFwsmOR3tQssmVUKyFSfmoA%kHI1d5T5?1$o}ub`|Y=*_a8;?P>~S# zRc>!6ZtUFWNeQnWhHmhe<}LfYdbrihIv_Qy2Y{s5PU8LLH;v`b2yz{2ADXc_WDbT% zRdU^ZqiqN|8z>At)0%Cx@sY5)ZG;KvFIP0t7YfZumcn9@x<<1o-B%Ch`M7dV%KDc*TZsElX~$kb1FL;F)`=oJ_lkeJ~blH*59;#*{OZ6OtvB+!uQuD zx9u`J#_ODngU?2P9)DUinMk&_U1P3WaNNGN{%M?SV~WaKHv{(pckS-_+cg>Ap6IVc zN_6e2IqK16d*b|X1&EL%0FL?zKcQc2w&?7R=P%SE^2s6rI-6tN9~wV_g9YX^N5LiGyz2Gx__&DFWKTlFNVz->)Wij8ww$qy3n$g2l>l8MHw_)E}7G~|fEORO$C^X`k1T4mn`Kr0; z`8JYjyPdV*g;vQH2Ua%$7LvtVmJkbfQA*?ZD4naZrmK5j&OnkMUxNf8=5z?? zh$Xj|Fo5%7jhXp}t@+=a=&0DNfJHop+y^p%$CEfDP=*=EHPl5-hNE+AA_FU?!_$&Y zNS9GD&{SOa@Gvkypx1bh1vt6)Wgf4Ay(JRHfLN#SZ_FBr!IQtYVEi{*5$m(&&mU(z zlDC`@OsH1MyAgc2o=ba+Yb%%g`C@orTxq$vx~q{YPQuW|N+ z`T^fGw;Wzah0gmM9G+!bssvLk6T6LC5r3x$l~>D|{YBraXC14j2N>QM1(qzk4Jzrj zq#|~xA*ONr@*;RG@x3HkIfjH}0GBQ``GnA1KfOq5TRnwqv{!wu_(mwFqeK&YFS{XK zb-c+PP}(%c?l*j-bjZaX(yym3oyhPdn}hB7!80`11iq@;kmEl7$rQ5pcHnlV8B1ZU z4H2Z1`Q%>%stREQ_3LXrPX3#nO!%dnziMN`d^3M>#g&Hc@B$Me)Z4vtb@WSpb(Q=? z?;<`Gp-q@#zR7yIUV%+17N7bIc++mHAE5s&JiJ*k2_0U(J*f#5Db+1c^hI56V<0BD>@TSFCokY81KBF58Qf`J? z(ZspKgdMl%iA~BzQEYG-sAa(J#ZJIS#;>$O6|Tr=iswu5v@8|}zw zNkp`}1cqRd&Q-=b(x42<)h=gSZTzmBpK?DS3nM;W4}M6| z^zHLjBdzb>Q2Fzzrj51F7lh z(tDpi{{AbPe*bdTh22TIe6{EG^)bBbZ%0!fZ^_%2KcPF5ZazzW)7I-*H2OFOA14k) z8s&ROvUF}!B=x-oYF!H&&vbclAWh=Wo{_5q#Z^Y%Y(Smyhw=5w^ex3IKJh;KJhkp( zdieLxX&eL^+MsnLtFi^APh#{}I3jzp1lRnT__qw==3S=(FcFSI{JXl=`4-b95E4k-&>lKC%}tDNEiH6$}K}$O{coZ$b)20w>Z9U zBOMSF{q|Bl7Z`(t+I-Q8Qp>yC@AU8`v9*Nkm6HnZqKdCOIpWOwY7IfV1pARsh$Cv* zD{|zCUTgMx>-B4JfLom_Y%A+4O3{)2N*;2swna9=y*j0E)SK2jRwr%~^Q+BwOceD+ zkqb}0zsIRs>%tfg%4A44mW(6p@%@HKqK2%~(lrIYC}Nt$$lQ3XG!21lt*_+qEk0HU z(|g6cieqG!u&5SwafpZ^*XdTYd_kYw-1>B} z^35ZdusqJ4Hrre7a6JI#|v!WPpxj4JimKV-^1M*?0G6)~IsndB+w9gRbE zd29`$HKiPP%hW#0mWp3AL%Ha{dKn?zZ1WSI7o=n~%3K((Dk6$vG4*diN7rbsrHC$h zr7>z^OJ0>xDA+PysJ&*2$-)8Yrhe|xI|a-3)^34B)vdNDV^{KmftItXIH=amtq})X zNCfCHn|D7fKs*ux@5!s3@(fn=)&ugvGtO-f+8cKBI+9X49txR@loQ-;Zwf5@(MLVR zwsIezQ)hVJc)?21ny)7K3#z9-x!@}xGP4M$DbGx=tudSg3oz_kE1l$j_RC4eaOt@l z#^R0(%6!Nhh%c6O;z8?RnqfmjF0`FmR%y{R)#Xkq<4<9^y5!4&J(da=0jCk0i-w9a zM?Jkg=Hui@Zsq~Va;g1or>%%CzC-NHQAOk#(C^*#qvq0A!Gd3Z4=_p)$((ZWly^$Q zN3^q6J{`2>yHmQReEW6~-`9XGWy*t;O+Y}#DCj^L6abs;#(9|yYdxxrKOV!h<9wZD z6S>+p=MKQ6`H72uqq+*UgEI}qPqjg?pr72c@3VUx)N&@m9*hLzr}s~}`YDR5?9cCs zcr#uJ06IS|mHr8R+2^rxeD(b;kaJ?c{;I}(mlh?Coz>f}b)EwfQ6pYqC9M*^fb~2G z;=g;v_4nQ|%z8A@+?4Ppj%8&$u9I@$z%hb^^M@*D3dF);S?)lniB`}xkYb)~G&udc zJN_s>_>sow9nO=XxY2kVyqwdTKnkYLfw z2{jJ6Zv-yv8P~@k#B_L9zREYZ>P`89U)D# z7^}5?oopO#8eAx|;-^QPuj2MRa8*83yn`}UchA+ynNy^|Gzd2h7iJ0XE0 zG*GJF0H(IDm@tFovI^NS8J$5Ub2ohHaZ+eXY^7*|Knu|8+z4k~AwpmSs!%I${0wQg z|Jm&C4PQP0MT?+lrV+&Dc>g7paQ!11cwF_dlRZf4pDo43|86NxHTW!JywEO!ged3> zM)Q4>0?ShbS#1*u`)1s+-#FJA(Fp9VbOjOe756uIy_wi(yajA`9g$crXF)umk8hke zS}8o3hu-$Gx}B&WekuE2qAwzYMX^T>)aS@}*Kr|4kK6HjHk6{OlwbVzMIdap#=7Vr zQkisb#T{oxYT)%b_{cF#${lyaLyyehS9%rH`M&VuY5^E~Yi9BoFwoOOZr1KYCIi~l zf8Yy8vyba*uYS;~A$$4uiy7Kw6;hEE@{&;g9JNJ;J8jnsWjJ?YcFY#6iLxoCT-&x8 zn4}Fl`4gS}Xc5;#K}@8nX(+iT!wHYFEsC*vXk<|Zq0QJ^ax@v#eZIn-nleoPVYqoz7HFLeX-upSXQ$gnN)Vh|>McKU{ zCoSDm|0*A4OI-Chm;3NnUgk*IL$fT?ug8U?`{HerOjvu0h$tqOfZXb&x+4BEfsusY z4sF$P158h{;f|09z0t%$=QSmf2a+ZFCfKpOK+$G}iqaiFc}Td{iycp!T;Bmd4A+c@ zkFlP9|83$W-kEtDp)e|#01tg?kYS6{>>F3qL2lHkB1Cu-2b)-+TV$OTZpAf!*!qz? zCX+WpS^Q%_H{8kp%h^WhMRy&g*1|6`>3d9Ch2IVAzw`_U50FD)3jve>60PQOz}zW~ zH$3wd=SW#TF;4A6XGso{9{%!6eukhM5Fnl^@%2B{(m&ddiS{A3gvVZSg6RSPjL%`O zD#_(w%WQ#463t@HJy!gRqsEj@I;u=12o38z3kA7Tmp;~PUMKeV z%Q%+fRmZ;PYYZdf1ir)BJ}l^Xju7?mQ!azK#T=d~h@jY6(N0{q)#tt@icw#zbbV^?vVCS3i@tecWZMIfZiLhG}C!|^; z9CTwo>yeWiW>t$r8!HtvCWx85eb1*~UQVe|{uJPuLH(c?N6W`Z{r9uN`;20aUd9@S zLa)Zm`6mr%R0!OsvZk)|nP)23otq?kYJMfpa1~bV(&McJ&U%ab+9T1!Xrl0kEAS2R z%uxtXg~`fR`gm}uBd79zo$~W6S_9zc1`aQ2e)Ur7x*k9h^mY8b@b)12u z6=a4V&1RPx)?!9%?!K+|;b3B)^zHAy`D~n$G$nP(Vcv~wNajK!J5+E#SmRF#ms3fb z4h`tggTGWlk7UGIqJ{IV<0rYu;e*}XcQpaV*wtN@*lS+%6b6grA>feT;HT+#hpNC{ z)kcL$MrtnARidKvC>A$KWyBnQpnb{`t`lb4J{VT5&Xx&PrP0*4Q1LJ+W^v$F6G$$C zX~UeR@1f>1BY%%vl9Mu`*Ntap$V(#xZV0eg5B4wQ0! zF4!i)dC7n+$jKm<*eB|CJWfE|t8{2G8&!^86Jx9WEhOea6wD;!(m~=*8I3j*tv#>mV$_O-wWij^T z(A>fdE|9#qgWyq)yMD;^TS;`=lF!Kui%wJr@#Cq+@l`@f`8$2&G87mh0@1; zsH7z4_|Y6&@lP?PSq6sTZ_9rso*mEtK6s}r|62dd<{X~tRUK?RT9`sJr)mY}!bmcP zN`uhdHhqxpShY0Qg{5N;)MgmgsPvaEKI>f!e*d>e<3%es{ik0RYcb7#q{})?fb|Hz zMMWHF&E(OI5wdvN9>^!Qwb0cB` zhv)-e%Ozw%50f=1qPhoi zJ1Dhn-p+Xz(QK5hww+A{EKj^ff4u*A3Rd?z?!$F`YnrieYupPwwycEmYO}Sg3kSzV zeA8c=7H*ZX@{w{#3Tb0ZQiWZm0@ij;XDO8#vnS4$qlTQWU~OkCj@Vu?!Xs)aqtH$lJLRxxae4V5T{J9 zZP^Z^C&SuUk{SB-Nvae-vzLSeuVWmzKx@jTm3w>9_N^3>WFv4V2Wv=WA98wcjruwy z-FtF@qibq_H8#H76o(PJL%2VCJWSMs7{*@F#2Bv9SVa}pwUG8Jv-2RFK$Pd}PM6y0 zmt@6(34iKWuPc6ga_W+(HJsBUZGe=Pr zsF{c{qnf`N13KO)CTQ0oa96}p@s+wH&l(T;PwuUACJBTL%E}zgd$kbf^o6t_^tLU; z8E?vRR6hMk=Ub`w0FH=`P>uh?ihBRg!QmU~)O%gVGWd)85k&(uT2v-31g1F%%glR~!li*Fcu3yG@r=_|$ z!w5Ry3JQ(iAi6%8Z$9so5!}U)Y+pBDBw733HHb`bfJeqWC!AA(7JckVouCC>3b%yd1V@^TqY?p9)kK>wZ$46r zg`2lMB)u7?8vUnE1OHd2VoNOOStg4x&7hAy@BD*`aL9c%0)V(*Yao`ZNKRi}Q#yiD zJk#B2fX_IDFdZ!CGz0`hX{0a{f-Hcjw>`!Dah80ka)NAW>@8zZ#v`Kwrmc={Vcv_j zPPyZXK!sx&bB^YYm}S1)NB2(eEW^R4hs46!d7z0@g*5AHj;IX^(od;WI?FpzDR8nB zq5}Njk5jp8kBD`^g{m$3Fh751{aBMdVV{pN(vAqlN~;Iu;8-QS60G$ns7wQGND;|U zRcl5?dg}9;$Q{qQxKk$FLs)*6J? zp%-QT93w&)kE)kI2}-EEuf|_6V*SL1)3LBWKe`iS*JI4HI+*PTC~C<@q*t}G|E{>X zi|ET_pV9fPv_=8wl>w0pTi|>5ov}$Z*+^it>j^>fsC0Qnp+wzs&R8H&MI1ppqu%9t zltALWD)IDXs=!SUV$J;2yxpE9^N9;RKE{B_PJ{Dji>E#}&V+89$3JcB5yYn7$plW) zvDX{{Bng9pevbr^7_l?yfh0{deALR2w01m-l!f7-sZELf`VJE?J7P z4Bs1GDeCm(0-q^S&6j`=QBRWU7RxtzqY+O5Tq*yLt#^u#dkgo6CpIQFC)T8~ZKtu- z*luhajcwa@+6Im7G-ktwZ_YV;@Bhtv`Ma5$S)a9@=S$s0N|Cq%1iLKHk~@*v0dz-( z*jv_^dKV)kC{?Sx05y)?UTK;a>sbFgNGA(c-|KVYQAQ9>d`v|ZIjFr1fEDv6ziAx1XiBesAC005k7~PdM zK8!&=x%GUpMFWJGNCk_%dObz|eAmm0IQbtfi{z)Xv^%b31 zr!ewDtSy^#k%p?|9`B6Y!_t+S0Nbn|-P}umy`DW9P0*bphv00RsRhpNsK3>CH&gX9T}k=VoO%|qXuAK8%CAk3Uskbf*LD{dlJ+TiHH zp3nWot0ePQdV*XeX!n`6d(r=uDZtLZsI2b82B*6!&J6JMS62NjH0u~GZv$G%mQMd= zTK1F>rt^iuF3+o7Wov2jnLQFWYl6xkjbW?L-6djRWexz9$K#1LmbP>SWq1<>t=jc) zw=#Fgx=dvB5jgT>jUv9}q3WV-%5(+S;F$uYwq0nL zc&?8f{A{XUBwocJJ@~l=a#=QBX;J38XS*ynC>cQ>u(xA5xRz6UaXrlt*W&c0$ze*jGV89b(bI4nG|vHxxBMoyKgq2xJ>< zh=0M1(8nM{tlPVB=bAImzVnq0Pg4KO{wAc!#vznHw9D_@4$jl!t9fV! zD1kJL-(d;=m?)a^|1(ikT<~~4DR_|bVYzRa^0z;vZOIVqSr9|C?8CYY9)1s@U z`L5v01UK*NUEN!weLrj!U9<6%%gZdsbzBHYuPds;81oc&qp6d{&2oKR2oYF| z&PhbKeFzJpd*%v__m^O&$dEw^_tY6Dj0s+c~v$orl5{2n?Tu5;L<_mAV6|vN5+`SEMxxiV=bDs%zGR z{tDj_vpqdK`wWlc*Ns;I%Q0cr!%FP*!y205)Gcn+&GvtiYibvbL-K-q1jWa6oKf(q zWWlXCC8M1d=Df9eFwvPluA+$$K_9=Qe7PnV{h=+-aTYfm6U`11M>axq#%%7i9{*jX z|JgtclKxdUoveHvROz1;DLhVbFm?ALwjW0W5QUwfN5mX`rTKQ9tsiZ4Ao6DRFE@Jg zA2+IYifOU*#O>^kQXjy2QMlk4ZH;o3Kp>z`pUB`8u;vKm=%U4`AaN|(1P*+Nh@h6# zM?KqVB5XH)raT>!g+jA;<8YUDYMSp^h3RNsfg|CI zWa+bFk%ng5Kt(h)StXbuM=@4VsY;vw6k;+btFdg9YzE>EB9(bR^dDuulP2i~1&oN< zH88hqoVS9PPEA_bmx+*bFhX}<8&3qP1(mQ}moBn=g4@F2mM$sb@{+K)Y?8SH=Ln?L z!n9gtWI3q^d|fzYx|+3PJo$UgEj+`O{3T{WR*&~oRPZt}_nd9qpSiTL`xClkCFfkW=lA!ogB z?eP8Im12ZKLQ48mnw@QG=pMH0*<66rI!qyh?(DS&DFgepg#H-lX_X6tv$+iN*prhe z?$-M=nP+@<$G8`9GJQ3CW{?HfX4u}~sp__dFhU1xlm@&B0;Rc@Zo!vq#VW3~ zx$ml|UKj{kDd3#@YJR|z`FGo06*PrrZGBPdG;0EEG#0p#3Wt7F%xg1LR(Kr?uk9($%^nzKwr zSd{Q0Uh+`fKxycuP(k%9W=$nEie7Rp#{e3+{TfkA4cZ9|V+9ddq#jfpi#6^x&Jcxf z-9wW3AARhQF5Cxal+7|a-N3)2S$79^@UcX9*w~?33e(l%c)#CLlJ_Z-K_x)H8Q^~q zLzB?=juUvXqat|}3E+Wkk#5t$AX&{Dys9-uzfYfdX!>(5MT?}bZBmHj-S_GOwaS!5 z$hWOyaDYE%^Ve*OBzo6EY{nVRwiJ1fx3^@`&$Q2WZe@kCo3y4qLMuIx0YgEB^GJ#U zXkGj5+-jJf)KQ znanGWJ2Z9$R?*0ZcImg)#49^$my#XjTHqqxJK#H2(klB#ssak0 zK;pqiGsoNBAMqs8@B860aX_?|XjrTVhi1^qJA1dFD(hlA2@KL6lfM&91pNC;m0^-4 zcff#Sh{yU3JSx+J)1wLL8jcqbV`%F|s}Kb>!)DW})qo0%L#%c2g|oM7P zEmSvW9~vXC4^+OcM7tPESFi&1?myRz2PtsdASQwWH%Q}EV#8LY0<9-OHt5+snTX^W z=SpeChu=jX%K3(&C9@ZYM1@7Sf5cu2{zk>?$B3&#uAip^ke_MkIK~p&$;Tiu#^B{J z-eaO($Tt^h?&|d!60XYcjGBolGVOX(fxBSG!!}$@^?glWTk#aWp4yyoCI=~sC#7&Y zIg^BcULn%n9G$vkhCBknsakmCU+evjtZ!`c+0Q?quiEpwk##h2_X4A)Q2>oeJqJ8e9 z(H8yk1+fONSq=K5&KlNPmwfF<))=3P)_e#r^l8XD{ zN1b-^p68Ua4yTNpTcgA*ruQ~HUSZxg+ImqpG!g@>qr*uBBZRyjL7Zba(`#)ZidD+A z`kG$cTpZ-%-$#x`wFp_CQmF@>Y6Tk$1r~X&)5KbDL;pS=8scp6w}T-cf~91DDaC$RXhSYi zC#*6otmwty!rkL1G7~&{$APEFT7IVZbb(cN+e)={G|J=|1mWJyj>Te~D=DaWv;Cv9wNCt@Or z0ODjH4f5(cI_EfH{-+k8>LL2fUt~mO0nT*!@dVJ6u9L#Fq}Dm%XcO5;|e}g|-GZ ziPx+%K^TD_Qd`Z?cGk2Z7u-aGlzY?0;ELJ`R@NYPU4kkV(Ii5HUl`@*vYIp6tERSbPMpDoeR-nDLK8Iis!KLdXP`t$IDC~^>0KaSVbf~#PI8)nNs z4YMysR?ySWIyH>lOy1Ep1IKr*YE-5;gLOcF(*6MWAB_@@KIFcB!v6)eeNqEz3wCs0 zlWyHd(tvBb1);#B`T?-x=MgOOhW_QN3tp1thda%80%15%eEFOD+|D&y6Il(Jp#edkqt%`w*i_B=Jr~C3Jxvhp^8I$~x?v2B zXX(_Ol<;uMnr*n4)zFyQ0khXCIlzu84Kq?NGo-lK%&jmmf4<<1O&{$~+Mn;O4QO*0 zzA5tJ#WRLY5B);1 zNav3b8)vHt9Me`2853D({hq809CeXni85(tSu&5@+aAv0yAgEwbo6H>fMC&i9BcbD z(1`0o(9s#j8^>H&T$?NDf6t<`K$hVB;lBs7^r_@SM(VRW4kL_=xaUY$l{;`G(LM9? zbCJSF^A4R}F#Q%X2G*>LII5zYN_5~F5M9P<6$pC2bN~#QP6HzU#fhriX zR0G;BLVQFWv_*3(5_5E*>?d?!w!uosmrY>1{o8zCu=r|d&;(3zPw7XnQB z&|p2f+R0-n9T!@lDj0_hvpF&2@QVy>ir9}NQ38I2a+~U|Z-^EPZCd6rD<@l$8~u(h z`??W<;zq)c_nJbuZ5P_ZXnntN8+hEGeLp~OExz2@_G$TR5Dmh4LTiZ^MccO{*w%YC zniTb_lN|R=};0^->sQ#!} zU$2%9$m4B0#PT0V1#}JY>mbgLNJMi&>L@*b%f<7k^N>6FnrA~zSe43k=R?0Gc*xGA zpOca*meyy~%A3CLtlc+r;fCL{^%ed_DNpwN{>@iCrUmkNdX>D#<@s+xmD|Gn#Ho(6 zMXM0lzt{W;Tl+OdMYA-`w8%&1_tFhtS~(Vu*$7q}E;D2fRQOAt@-L%dkSU^!4sYgF zy=xR9E{>KQiHD@Npgi<|6ck~0wtR1J3xpa!{Li-r_3)LGD7M+WzjGxjQ?3loGm$!G z)*UD^asZBcg;x1+8{&!UFpn9hNY7Sn5N!%`Rk6qKc1dgV&%>bZH#r}Hs!0W(ql>QV z3$$0D-;=IE@XEIeh?8jnA9$gM9Vy4@nJ;I#r^XFSqe%AansZOXVR08dT9F>dY|@O? zEtQf{2q#$ErN{Q5OU*voz$)3aIPoQcBv^qlpQIds)5G=d_tm4n!6EE5HHV1_pB_3H z21duv4Nc+C6&Z?utso+bq3(Ozb!g^2j<+7A)C&`yM&;$WZf_MUL=eB+C+A)r>WbmT zK~rgCh5gDp50s1A*L~d!Lmr1_Q3yFh#|l;2w#n3eNT$;>L>@Ykun1`&q#DRl5YLWY z>wDNmmnm4GLgsnrLK4^9PY{}m80d%vGTS1PQ=t70Wd7%A{^mP8-9`4l9|HOk;zE8$ zySyaa4JXXp3`j8yc91@!1a)_hvONaOTxn4Ac((mE9bSl1=GhgeXVGk$$y^3q=kCdoUR zgV!r;bfdFEU+&aa3@_Eb z+W{Y~S%i+PqNeI1pZ8o$OK!&-o^W(;C5BczwufjjZQv?+x&K$c&zt1^Q7$juWApFf ze^U3Ct8#0LpPUmH4e5nFo(BK~JZyWPy& zQZC~~P@9b?ZRaXg&+A{PaL4D1uZ)uqCwrJ`X-T*2@LOe`P^u2x7!Q4xF1wGf?dg(Z z?4I>CYhS1`pryH4p$GeQ`~iFJadShmU@s=H+|L*p$KTB=~(( zBb6vLuvUS=>kplCA{Oim6u7ZV4+5{93RmB#CrcCcz5F2GTf^!y$1;Nt(@NgK^1VCL z;nr2p`iO9=>?{W$3IVsrB%M$gT5QTlFo{&RrO%8&qdBC~Wzr~n8xN#IKWjHof!fo- zy8i^QF+OYMd5HY)hu10|(oJw#8rSCC&1D}cB$O$#GL~aiA`<`!$0PW`jG#YZSglH3 zs@x6tVL0;#h4a-S0WzE^W1ZdZpkqwQiaVe-?nVurTwMn}1QDE}bHk?Us2Bri+9BSc z+cz%17Z(kdF^_&$V&3EUh|9KZJH>FiK!64B6UG5)e!eGTUj8vs({+x^L|TNcfj3Gv zkGhr|g{EN|Vv)dA=#cq^nm~=7u`+SHd_{w+HFs4LViamrwldhODb297po(u|< zFOCQ<673g@Ab6Av*)&kt7K!mBt#UvvjjtJOO*7Fv{43uTd-JnO zYwJjf7UAu_%6`;N({AkjS?(R?^%~E;KJtz-{BFdamI_=#2Py?jMY6jO^33%m(!H<^ zo#`nRfLcN{M!CeXTJsVfYGu(!o>h-aswFYUfcTe{P z-#W&aVw2UI4DD+jks4_e{}oi%XM>=s(%pStFPHeibKa6sh*~?SD(4-(K)&kvt4~2* zjA@W}ab-9#2exu-;&DGP+4EX`ZDv-cOL>>*xgPP@#_5lzfv^@&Q06p2g){U_;5oKZ z%R!O|S**?~VPsVnvZK8z^e*E0><4wTfbo2g8Op~M70;yklr0Ttg}Cj+=17$sfBPPp4zQ{S_>=+A*qkV4|7NO)=u;{hf&d|^) zqYAxI0f_2jTBmO~4Y*LEpXG9Hp~DfZ%FLa%XmYUJ2#>bg;UNZ((4^WgA0=MW(D=LA z;^F^&h3o#~3T=Qh@q$j~#7f!vu`~pqj5q`E@D|v?9av;9p{)kCO_c)j2uo@|QfTFm zh3lw$7P%H#@w(=3^{Su~5oAs1<)wchM&6k8pUj%4d6|DgoxwO&bzi*2r__$E3s{x- zE)DTJ^bL=&h}C_{otWFot7wGc_;*S5TrdXgM)3uVD}hf=?{-XAmk&ynkmBN7ND z^`7(C_3nNA>p8n49g1zv@KzYx!M0qdALO)q)fykr;mW+oVjm-a(# zH~FG7q7|S{nHQn5Qt?jc9pNS4^J zu-J$I7~3oMuI7C8U9zj3hT=-mOxXbf}+i{v^I%`IJT>+0Q_KCuj0_U8d0aVrKE#|?O_NK%-li9#uLv4*z_>F ziC~5s+L+Jrj=NL$ljG0|BQo+K8hcL41+IL=%|CJIb$24g#&RmjAlx;X?ypP@A3k-z zfA-j$7W5VJnAW)L`8KW=H*uAz)S&4{0&i_WtAMJfR+I}p$ zb`xh4>2L||qX%zq`ubi;Ff8Y$iQC5=#qfQ-=TVBKi{!&JVp95f7eMqMhC^ZwGX zLd3d<17p%JRAMz@5ng0?anYGfg&Fu6PguNAk^<(i;@f!Lk1MX361qhtOKole*s(R= za7EKgTioZ5Tr~)1TuXOfl#sF*^4RgOfU?d7$!Cm^1(1_e!1g>XR=#((@-2$T+$N$R zu>pdq8GhC)Iq&%(3ff@hI>kB7fN(|RA4F8eXqZU#k!aMM2~;AuvA$ey`Nmc0OBPU# zHrOQk+9+fe{osJ_>DCQ-iFGNbj{61WFY8v7uzW!)@F9p`kBl=qi@UWTP2>y)0!O-} zs_E8~{4Ngjc)ud)+|zF{a6$R1BA)RoP)c#9hSYy|m7o6qnwRvZr~YH}&Ob&xAD^$7 z9)hkUF`{lHILL&tD2PbNtTC32(b=*?cnVH7I=aK1mV{8Jr&%9l`?`lU3`>VQT>DiS z8|2Ut4CnLxN2m$1-P_?n%*;FiWB+K$W3}8M0%F=3HQcXIywCzbhtSI~onD(AED{?k zB(xDk&&86Nn`P@bD>IYKQzAAa>zJCSGz-$acV?9EJVzF{slW^>fZ8cwiJdxAx|+Vs zE5i!=BgPdKExSEIxHR27X07DdT}zk|PhA1KU&WU|tNU|k`DqsP+}oi65$y40VyC+p zeNvB5RPpfIiQGN({*B}R4aozvNHN4emPkl(Az{Z5rbAI|$d*E`Kr z^_@yhjq&TF%ERzbSrNlEgTr+fW?u8B;i`*R8l(t5;`5Ia*Ap(=h8nly!sBd ztPL4p7srUc_e8d34k0KC-fvQ2{|LiZwEq)^_oV+lGc9BBd-m_$6J)H5H8uv&8?C1{ zGK8*Q*z}2K*&#E6u9jQJ`QFEUuvJAE9-k_|NYeC>lA|gPAxJ}F5GdDwdXoTXQHGKyIcmbS z?ZN|9?tmX{4iCL(<)A1AE7%U5c6Jekv2?7H$X}wlda>kO*gS9Q`mjxHK4L-;gI#d* zN|iKH=9W8h?>kTT(6)*DuBNXA>UyxBTiwV3afa)|4{vp7yJc@j2J77}BxRb~fdU$MBEl=a;;SCbFV7-_$xRaeovDGK`WZc^w?1s{l(60038xh7CII9sKcm^5 zW#{DZ*>1^#)Z~im0JUDq0iXecnv5`BkcP9%0)9*)ahDb%d^7Sjc{wgN;wPzOhX5J4vfjET|1Gt-{(VmTrg& zrbsbcA6nl}!$-7dG>UYJB3dvPZzGiIazF&cK2WA=;^yg@1RiQIv;KB8Qt+J7{Q;YJadX0POLuvK6WxW$w_( z+Qhg>R*m>_13W18_D5=WI{PK)*~+vv{pzj*HDQ15!S4$S>y5ssU#gVHZ82&>!)rCt z9F$7&Lt&_Q4*`O-*9y1ceh9W zo&+L)^=LuyyMWJO2i9&OO%exRfSRq5uf}Lc(x5}&9&BduR7JfA$Qr<*e4J!6&nNjQ zgXFRh4NHVay_Jl}&^hi%O-;lR;3v}oC^*H!zD=d|tss1{N2RS7Ykub=$%Bi!Pt=-o9V@p)Z}MkKNp} z>=Y?w57%@ZTs0Xw@wwmXyfFnyP21%+27PF}41$+ZXob^XK|t$ctHo5zY*0}}qM3Ql z%cltRPO_ps+`%X`^Dph2mEwvFBYFd?h!cwMX`MSDl~7r7!NW-&jZdql$0w(0XueRO)WZKo=L3R1~G^LBjaZs8P_ zTZcAOX-^ghtbi&>olI>Ule}?xp!J-xLqZG%iuYLg0O#wA7ngXDbnr0vTCnm6{GQJE z&)!V7Ynx(PP#}1~dW5ACgxv(KQJfYCtQyYaqLmV;hqg&6mF)AX5k|$)}fM7Xq~l)4KXfN&vfd}noT+wW_o@c z&mKh?j%5^?Z|iVI3Izp}+}8yd1+ya$)dBbwi_mUk%^)&~bd^}9DmIgCn@2i9c zwIp_^BbmiRj5BinL;`F!(vKD>6Gox4MjK-{$>6Plk^&GHo=l2beiqxl+fn82mgZnlF%2%4~N@?N?#|L>aY~=&b`aAPNz{)Ib&~o3)8@anW z14rDEqFtIgy`qXlp{YOAj)1*hrRs?dyokFC+dvT@fiR*t4XboKJ|x1iEU8B|0zx{7 zRtKKSR^8aRw=5YIQW}Aix2Nif5I8y#%laX0)p&cBBGLUpDgF&T`oD8?zbU(9!+I(VfZ z4l6O^#^CuYYgAy`BL-SJwnjoI-XSVBhH#AeUp@L7uwMuNRmC1|yi{M$_y*OH<3wPV2a%b)jXwDrGb?O&gXNcehU zNZ*INuloe=(KjEdwgTR-gN34&Hrol`kCxs6;nOwSa0cF#y~nLRWKk%lui&d+e^LI& z|2g4-lvaN56q2$OH5?XG&e3ppYzG(8vFQ43Fbd;AOA=0Wt6F(}g9w(^-BBx@16ccT zN_bW1M;U3Il1UGJefs&3dHYwWU~ZEOM2@=+MGlkRlBfcFD- z5|Of9+(UY(DmcrCOb_Na5_^t5R#2m3uPsg>-sycX%!_Mfz|}YJ-2Oa4&p&J8W<2p& z|Dq~g|Dq~}THHfE2cM;;HgEYzg#ys{ojH$ak=Zk(pwl7Gh<}hAHg zV_N*e8B#fB`RvL(!ClG->Lg_Cr4COzv zW4FHH1xQ2Bf%@AU(P8b^noz<&B7dD+h|IR!j>PC{XKr)o1$~}WeJblN_OSI&E*`?) z^)=uXNZdRliWR^}Vv2^soA2jsa**m6{@Kc|4$)xABGz>LFI}M-_JpD2XIYoKA6(=0 zRfk*mUt*7)!6$RqKah{%hA(>EyP5iry?L*!w{WJmxjfMW9XG79xeQB&CM!|b1s*T- zZ%1#GAG&gh?!&jD^z+s$O8$|1(d%QrxCs~Oji_Nt05q=+)B=TytJC6c@RhhR|75$EhP?gD1U_M%0~D%1d9 zhr|MIp=CO7j9&=hP=D!LO;==>6Ci^VG!=OQ{d8@5I75eAyV-H1@nosPyIwuAyn3}& zp=DN8-D-FTBzUH_(T8T`xyZtH9^T;9=t9up3WEp*=f@I{Ay=a@EMG6jj=_Y=Xyn=A zpocI;FuaGXBhom_S%_-rVg(E-QKENmW+EqSn|Uz*nmhlF}bd9Dpa_ zhm5{zk50nf5!O-w6RpcBkDV?SqV3HwKSm704{b zFdoXi%vO*r%F2a;c>B}Ssf)`AuSsnDyovMi6))kh!mC={NkVIGl&hBdb_Na;Bb$- zvb$-z;QrLVxx$>=Wr}0*4E3_N^_NW0W8cS;9|3;zg@a`wcpDI=}=YeYMB4uPTfKlJ|+cLAy<18$ZhPU3;9eu>XW=-8J5iQIMY_>JB;gM zbJ}uA*DrF)@QEVo>XFfF&wr_`+O?J_{)$kox5Z_Irq^dmCdqL63oU*UbUtD<=(d3H z_OKNr7bY)$@2s=?Vl4dh>SYSi=T-6*>g6k~Hq4L{5jzFA7{My%4_l{dxQtrGPT`V0 zz519ZBqQ6XI!u7k4~pX291;i zb6nooq+Ct|DXnwHr8MC1x6%WfKc)E!U4tJRbQNq#07nAGU;MbRnQ4ZJJ-q;}WPNFPy z-@0nthw9@N(Gye)yCN9Q{n;3}H*QlJ zdcNdnRYyRcf|#&fi9*76&p_nXFXqt{sB#W_Z^x%$Zk|n=1?W3WfEU? zY2>{{eJkWVkfUGi{VuWz*U`2lKFedGV9t)_oW%50szJ4Dt8~$7A8<%;O-`d-?)^vJ6G$Ln4093uL(QB!z5 zSCUyu-IJGO{j3lHu0>YV(;J%9ybPd=YEO#XsQ5JDbQFc30JmcQ(#lJcoGXVYcGUc% z7y(T4#^Bp>yNq%D#9TJ0W4MJ}1uc4L1Q|g*9;S9hGwb1dfhP+$kvC2${m)&9H2zP5 z?kg1zo6yzFnBvCOy*KJMaUOSNfnl5NieYth_&S#U4-l;Bf()2V0}h9;)2`q0vkYe4 zYEPW#GJ_a5`vjz3l>C}uf$%Dsg2+ein>0)$TO!8J_08!~N{FwVJ{F>$LLuh00t%1z zB8lo;M6WtLc#Y1cHDB$)>;`pZZWFfS+fbI;q3iE9mYD$5Q+I9dZw}Hlu7wW_zDFV~VG7*Seut4wlDvBm9+y#Ctt7}K~ z_u2ybEa_ej@3>TbUnqe+KNWHIblO3h6BR7`3-Q&_wDz3~e*N~0cHmY$m6)wTzRB)s8yq9>! znIF4YPEo$6tAZF{Lqd`8V3)vF5aSvxeg{PXn_TXoHPx>H8hmoRL}5w9D2YqY; zgNq>mY5`XCRvV;QPg-?&qnzqPV}M6#wP1SQc`G}+E7)(ebY8qPTOv=z4MvSbN7tb z?*TLXK00FZ|K}k79?BNG^uAi2@Is2TQ2h|MuB$Z8Os|oVUHo=CIYut}_>W_nIHfP+gU1vb1MLqA;TUh!oRQiU)KxQO z9E5;txuVEvp3_v59W#Ke|;dXWIMA`I8*u}K=A^6yFOZC^t` zu{$&TFx|}pLHb~R%R2QZ{MLepd@z z#s&J2R%C>84)OX&MTXkl_Xky?nDf7sG>kcJ@QkvGtAW&mpbSQ9jgy;)WXG_8LA(|- zIm=32sEI*xIwlBYIp5H*J_Y=)1mV+4f<4OcsXgpx+y)mbzmpr+NyZZQ1~!PE*X5Am zRtR<1qerUmQCVP-V_vqPbfe{V$*579LH*s#W!}DKa`ia)|8W49%&MHMWZ<{NE<1{{ zj!r%{be4y5?9^a3i8?A^^HA>&eV6t|X+Ow^f6hok@jkmnwBP8%Ecwy80$8Lk4g-Wb zY@bf2T}%m#Q&Vtp>PF8*%w*9iyUHr>Ov_#{9^{JImeH-|i5h{|iFTGFzu*-eQVN%B zeUFsf+x>8tJoZcz4LEFgUs;pQIj$KNop0Vs}Si1IE6OAD!p3NYt|Q{axR?dQt3A3WN5W}< z^qivymwws)!a_Aq*bYqoQ1Bb0=G2OaNJ#(W@l2F8pbU?V9x&ZiyoL`mjecuKM3A%s zb?NiQ2PchC!p-r!eMVUVDqIS@XkcT@lx{|Ib_j5mOm(myAVbCA+qz zlnMC|yM>|M4zhB)3q;Zd>u!wx@^37KH3}symcej#3j;a4V)T|1)L` zTVBP;*d7)v+{NDRJI1IXY0B^9gn1rx)x*+*^O3*g+uin)_p&(g-uvJF3)> z%DIa5aWAhdptvFh1&Vl-!cdgiVC2;A?`Q9Kub6tE8V#3xT7?gSE?|Kg_L$%>HtceV z5RO?gVnsDL+6&cW;Y~Q7_O<^WZ!L(vKqZ~3BG^z9FV%m2NA5m(PnMd6Rp4riv$Uu! z-i6%+qXj03y&eyo!;8b?Yn=>Io8G0#8L$sckq#YL-dz%M$LsUG9MELFx#lz_k6225;ss`G5__|aPwq}piQ-L&t=06v2W}A=icN5>ftrE^lFP3g zHl*dz=7K|xO*%ztRlXtu%*%GB+fp=Af^K~7boJQL04-ZXJ#p<6GW3r;KHyCa#!&Kc>^8 zR5gE0rAc$XZ;vZ%Ri4Lgd=0g|n?~vGP#VdhySqcByJLnJxTOGtvuPAW&lvtYfc2%vqYXs~R#`~v6_=&`m{PR#&TK_9yc>bG@#T`B1 z8*sWBI@h+xEq~q^Pu=JB>#e-MspJZ`KOIL%kqBWZJ8d)+I;a&`pb7-x|aL2hd}T1eOY9;lYV>pZJx z(ShNCFC7o(R&%Fa(Xi32y?`4}=hGEx7q#V4G0SY;O7+IsS$>xrM(W=jFSEYRFFjv1 zL=R!bLH&eY0!Tv$+`=B;n>@vZggw{Q#UAzA9$Ab-)t4`g{a%Se)rE7vb6Z|_On9R` zf){;-+cjy6{oVY7z~r=kgQE}j8UjTX$RP8#E=O0|4r6tBK@O4Yi#-nTkQ-~f0bVG5 zP=(s9MuGOXd=l3K>mY|`#}6t~v79T~H8&ER4iWj{Bpc6lEdPlE9!`0lZ*3cKYFf#9 zd2t%I(7q)zgbfZQc_AhUK%PcpYlslaLH3_a-%41*yKdnhaN*$wlWZ|a=`Bs82{x<6 z9amz?asK8ElU!gn{h@K4s=CWGZ)ckHBvEaacRz?2Jee~*=s+(anJ*<-?=^8^?LWuQ zGU6Wlr!3)57Rlk%hOu-Z175p2f5uTJRdwZ;sTZR4eOGG!qwH&r7=}w##~ZkPfab>b zftBBV@Yd~iBw>Ao^YyB?YQFGXGvWfs%!wb^xXkjIto$1VDEvtx!@$GI&CpE+?}mpa)y4C!5RNdY zIU3xAB<$`KBn^atbY%r4^^DqZKufUs%4I4FuUM z0oFif{$LCw3CeDzfltw)4Rkd%mI`Dj^BYa{VQcO(xeR@8-Sf5e(1jasXNe8teX(=; z53aw58qp{w>34toYb3I3W~;4G#=~~9j`Vdb`^|~#KAx8ry^=2Ulw3y1QRnN~UN+pf zqPs$Mw}-5dz@`u4peoAv*ON_4#JiIx^%?{y9LvJ-uS)8xEl5u$RY~ z@xIs5F=gOwOW`e~(-)gcs4i~Ku>Fh4qmy{-jsLB&Mmh2>n$}JcY)9$iQ|)X0EgrBY zdfVA~`t|&8)dNG@0b?K@_X_E<*NSmU#pXhT`Y!`Ptt%hf@$tg+19Koa==5$+JTCC; zDG;>|`E}nD3pVC?*1&%Z<-N>#^DB9)0Z=sE5wO23H1vBt+G$an8o!NHn#3H4Acadg zJNA$e9jb`*-n@HBMf<}_A=oEnX9v{laPtg2e)3|Y(scQU+v7w8zL0W#e zWln*b`c{Q481pZL--Ex{cEXFBk)C@2<7E$0l$m>QbV(uK5m1mZxY5=+gD?&I5j{JY zVk#@m)QYrP7v-6LX?fpXeef7R z0}Ee=%DxOIw*Bby^yxEj=F%aV*WL%J=Ywp*|KZy5O1zPcDEY}g_* z&$s$}LV^Mp=c`sd6zqz36z>#N6#jyFQ9R5I%!dW|QS--@Y4#g8L0gHkrG?Bu=~vM7 zT5|wDRp)$vWP@2O3LboWZSR`*v)JQr^4zcdtF`EXuz9=3D^%+KjRvuRJ>s=5)Q`SS zz4=p?-m~%3KgkUKqy9NNV_x>2vpGLJedPAL!G3mVyDERx0G+9>#iJ8*tcyRE=XLo8 z?y=oItlg*XkGkc#KSZD*eu!13C;x4f=Y>;sckcxCeco=Wp0?W%6!y7=aI}$CL9E{v ze~*MlBvF(%SWyo?+$S@Bb{;;FJ<2(q&7%Ln+SnKZ$o+1@tVfwkvWnk5aYRVKpgNaNYJb@Edl-8?yks-+2e&qB zeltfA&L#vd1cFQ{V#UvhZ=m05Y6PK<5VxO9b1Qg_WE;z2ydw9viX!)CE))VSQ8yw! zC^;?0*8>OF999wjWA2dUXNwh!`|Nllip?7_u*~x%CAO%%%*iON{XedJsP*se^u5EU z5xE>H1IMu!&T(mK%OC>$j+G(A7_uE}aQ^AG&v(-8W_&c|$2eo{Fd_Kmpf^yg}}? z5^8drxwnzmcA?LD!_szh4!%uB#ok)#I3_iR$3DY_ZoHY9Zw(JzJsd-5#4rH-tm%6t>$RYld!5zL-WJ}hg{^r# zK+b#v&pIXFJzk7I>-gQb2L|6f!(MvHjbDar=m$WvuU}*Z{3SlW4t$6e@P0HiY^sPp z_3d-N73P@VYn#(H|I5&^2`k5!$o@5Cin4SYP`PIEM9$m>TitaN zQml9Rh4{UwAN4CVR?)p@qy0r67Ie8b4@) zOg|cYn6*#%CFD)JvCcTT<|GYG_26IpsyqfFFQnsf#iF-v0K5)HzWOou!s0wLt9evR$(%wkuISvLe$!z+1Nb38aGCqi!U z|Jl(CIN_jL9vg|@QR<`7q#}~X3wwq(s#Y%dS)s@X5m;t?9fvs()1Bk9%uauit}<3hk9<(ao)FI zZ!q*h1@4LluAJ!Itwm|hK(a5D4&S~2LqI&)jYeAi>voO+xA|kv+AU7Ng@Z|mj!_-v zE7t#s`=>u8BjHf3j3x<2zXecj_d7RzESpj0MBP@1xw3$E0>c{Ns$%ciNG1lVMx;QK z!?Cv}uu!Y}6};)@Yhy5rY{JMJ)>ccA_+{hf24=k9N}{o^%qPx}}_YDb#9LXm_571ip-kJ~Px5m-$OLlv~zclmw&)_PMPM-jgCoQqx=jm9P0RAiJMGp-L_uPO?H+D7*)3tLT`sDkWPMJcsF zGcshpx2+sWpJ~mCBq`+^Y zcpcq@R*nTTTU?sB(q?N%r=Rg#zA+8PF>@E_4ZKYr-*8&(Ag*iY%k};9>D>n@3wVIq zDS%3k(?GQ9c1Jv|X?pxJ zzUqsr>pHEoG+uRIGUyF9uBac<-(lsVkxy3P?1q{qMMBq!QAcdL=27r5=C`xKI0$d8 zDm>^bibh@dMvsoR{iJpL13!N9Tw5@D8_bDUX<=f`3zlB%SefBg&kFpmp@af_v}BJj>KNotTc?Njw<M<*N3vQh|bbhwYm ze9a#F9aecCI zX!y`tf-i6|&W2(8DxF=X?yB_Fq$g0~gBIwQF=Q2tobxYQ>ZC=y*BPMPyX{GRLTgb- z>Igk|O~rn+rDb&IxyV*lD{1*|E8o$Q3_`KCwu#KK(BpF8H=HqpVZVp8OK~ZF8z%l$ zw_y2eWk}Ue4tKLKJf-$jo3x&Ye9}xE$hhgLpotRm0@MoNo+SJ-HBpqICjCI^=OD`oXa&i5g5W(%TXtg9h_%V za!exjz?%=?9BQpyq3d0i{$9e{lWY}U`oV9rwc_!vMLDD5V+$lO>H4c2Nu_Pw!TSE6 zV24;hod-Yj^`?9DR+?dLxRp`t8>!-wh3ddBi5X~4&oF3TS9NEg#{b!bQvr@39>J?! zRi^>u94c;Jwi+PQoon@{bU+@$3fy8t>z^JqRAN0d{Q&}N*){ZEnO?y~%myFISXDlW z#V?W^^5N?UF^AVqj(j$cx{FX~QNc6G4l|KCHJ%e(jHy9Ch$SJeO8kwtd_#7Di+LB3 zp~N@a6Y>VzEw$NIssE#lUwAnO+3@Ty(iEi)*T&n)X)FBs_T+7+EFPhv&lMMs?ko#a z{6o3l%Zh>kY!P7ORH&6Dd0LLck#8JtFE9D=W_QvggSOg%?I*J8XnwML))^%67K{ts zEIQXd)0G9eDNd7ziF#&^u*Z(Fk_i_C@BJm2cY4XMs$M+&! z(FmijEDvQoFSvW-=5QRo7Ml1|F-z)p;G%imWkXIQK4!2 zv{5Bfb2S~Gdu0oAf9KPTTmT64{2A8=y)VrmCocewHI#9Dl|?#+awHqkm?z22yCs~3 zhR5eQuOQmyY}+#eYZpfRl5ZQ+8~B%D!gO^!q$br}@0w}pL#FGa>+twHZX*?r zPpX!Ya@{>0ZcYteQGg}w!3vUK?a(EV37R58_hiknJdPD(N=mE{V4f<((oXp(sQw`# zRWl-z(l=g$G{%6L2cTWplE9cYUTjeqeX7JD^CbH!F`R7yj{X0?K=R@>w2cSisOs9E)hD?`9Mj`z|Io6XjDgq0-tlH};oj^0`GN&PKtgA$fp zEn68TTJ@nz-f3YVu8DCQSKl|H#IC-Kkl9TAVyUu^`Gpl3hDH0fOwN6^SRL){@tL#k zOG#&*Bj;xP;n`h7vv`3uAkx#8O}gBUlCRiL!&%Mi0OE^zmhp|;3g3(jwwLpqh@6~> z1*{6Ti5d8Qmj#rCq~5$|dr{?a{b9)S9ow%X+wG@#(NvuZ136{D&(6!YTe3$2NEFHV zMrk#`_0{0F<~;F2cHbWovBT$xtR1o{9G82kI&OIpE0YzgM>M`56souy+vtdG(?WJ- z`T+|wG=sa4OWA0)zH1gtQPKb7=T>MRqO+&$C3h48lnK3SlH_=0 zBa<>zJG-&^wM~{cRF=C zYk7Ah=>c_?k#$TN3y}cWtmfb}*9!{m&#euDU}0QF1N}vAI-T^N@0}{+>t}thBe`lr z{xK>Ec-#Mas%Y)I#Mzx)^WJt;`D{ep(u|qsc>kKfbmi^*;8~dh5v&1%NM;FxiK7C1 zx>^_7MakiepWn$G3KZziBq<&Vw$`H|1yN3OTFoQ`=-?-09bsDwlNsmpDbR_4fTLvG zgEyaj4?>Yj^RIDv)$Gvgb!7)>_Pr0ZIgwmkAyX*Dyh=+2vh{ML2J5@FJVWz0-?-1( zz-i#8u>j}?LZq5xBecdyH)!p*ZH^0Xmok)?(KEG==~DleKv zr>AKA7!cEp*V@uCvLy*hda}8(Zzuqe31yPofj}}TXJ0;vk|55VQlC>CHfsRxg!-8e zgN=NpwC;MX^v%Ka~6z?+@$r=INT zKTt&@RV;-MG4okaH3hSJ6RnLjjd@o|lbFmH-j0n4@=AJMYe*_S&AUW829TT5{8Q2R za>!!uG21)M6ar-iM_&9AwjbNP{KwQK%#8KK7p(h^^rY*(LOE;^#D_{A>{|o#HF|f* z6enVf@OC+oG`P$5B>a)ovB|kgLavB4 z5ceIX5_3MDO?A45ONeldvvTSB z%zP;Kd1zN`j-Oe7Z@r)quSdIXsr__O~O4!oyluLL3Y5XIW;g`CpN-YWLGB z3`y@Gz@fg_-pEU_EeTHz`XNVoeetx&4};5Y3|zf%fJ~+05Sia?W1pkKMEbHf`)t@Z zh<(G;e?cSbTq{SO1Z?Z7HQ~{-qC~(z>_GQtE-FZE^tj(+jv=fWz2)(OyV>r^nt{QF zs)aERz{!JvDF6NC4F;AZ#o9R5y?8#xxbU)gFZ#>HsNvmo{}kkq-8irtP3$aPTX#WI z2<0O=VBsof3(-Ms;zeNZ`77hl5qZuA@?M_h7R$1w5yG#Au#AO|$&Q*d=A0k=MJI`{ zl#{rU22pS$3@NmVQbMa|`;3~TXt=vmq{5h5Tofb{=w0aHlnc~gI#-x zz2dz5bFVw=zGVTS`MsQt?u34A7=)c29iLXvHzs0Iu~ZU|kuZynYQ86xV>SRxK9!#i@^N-7k4+`RT{hfUx1Ge zfROJA(Z8bgrnICU+!m$uaAjx?Td&|}Y*UEPg<_8PqbRC1m28=JnRaMP92$h;QrB@5 z(|Rr9R7uaoFEi>E;Uk%dTTWdlno8Y|?eM^j?eM(7AEc@d?3+o1D}GNWPbm#BT_Kk! zDAi_iYyH!B3SjoV9R;W7!*m)d!(GK&I(7J_uj-~-N{g9Bx6-)dPoIZv;ImlPI+X(~e{ zS2bD&HUky7HuAI>O4?8CwF^s&9iO!l9JugZGi>q6&CL6w2Ks{q&a#CbW7$mHl7a7H z#=bG@u<&ft5P3A3#?-Pq?2!>oR=(-Z-y(BSg=D|*Jkt$^RW5Z4-9^S`(_|?0*jyvZ z)o0Pc(GG=x_{W%1qC=*zUiFm=adu=qn8FVNb*0Fu_?cN*M>1JO#jWr7;^+tIZ!EHF z^S(kl)eP5A06$;DM=vmkNRWM47whZFJ+NSTw9v&BCt;*%IbkjH<@oe5e^ zgZqB#^z3WJ;ju(ESiA?Me)ZeZhSEFQw0K}j&ATOOl0m^Dvlm-bykE2h={Xh6T&y;) z3!7Rlp-N22?`)lLuUv?S1P@YvgI$;6i9-1ZaAw*5u6Kl5ASxfyg5#1b^ENJ{6mSE#t& zC~Y~|>Ci9_ZL{=Yd4iFmR>x#yt!=#O$RtLC9eGh7WEHm+TIo!dp9uQJoRWx--f1-$ zO7>^YmY^)^XGWxK67I3utnIVjV5(RToeF?HpF1J6J{k2%XflswuKkWyGwC(pFz!no zZoNI=e~FbBJ>aTryI}3O?jcXlM$55{XI)r$Z&Wq`vEtSdIj`}9k>~BWut09JhIPPN zzO;)HgL@~`d-G)vtB8X;`=KR2w~EfNgEN|;Y+vQPclF9&f4dBBVQb1kXltZ@X<=+m z^}uv&KtvWn@`#0K7ZGuzQ+AzU$}s~D&?0<-4&Q-FhS4;AI{5gjW@>W%^z1bP9r^J^ z9h>Xya{berx|#GpKKizH_VsWX1kXtfrF2#?9YI~tFCz=1tKIBFz!(}lS@x)90o!Qy z)CX?GdS5EUL|c9j>so;n7K(67M??ctVIDmz%T^TwX8D?QMib{luX;rj>extkgsS8x zCqtyj;o;9T`JXcXsNVA-LF}2lm4XkV7^r1E+!H6+ed%2j^)f#3gB)j1!fbv*2_;+o zt#}IPTc%g*_n2NU==pwIN&Ub9QeQ9;~6iNjX$sDCYoH) zc*j>=R4fA)yC2Ov73f#rHC68@$$$y9tc7>D`~--cE?co9(1OoMCwRA9E47t-&8Hc)*zBNTxVi2Yz6IP`IXM%R6ZgGe+&xf{$}VrFkw?DlV>34!yX~n(-|b z0Xe6T+TXW+*(uQeS_M3|5Z@R)tA5XlYy*SPIG|)PB;klE+fvmg^ue*9Nd0%GxSv@y zCZQq)jP{Qe>XL=9aiPS5X;Rq&8LC`q_pXgYh5IK5BR=StVupX>>PtDA#D6_-Kk-LJ zSayM@vk>B^;|mvJ>R1|vDAqXzG|EpYc%<15le)z9iA>BI+C%w$R>C^KReQEsEUx~s zM;lrdEzZLNc0-pUJPjq`82hB+>&E)wcXAr$>2n`VYxS*u8aC+t%t*(xnWs=@ICFybH zz2ka+48Dv5LHyQ;&B)x)#_NKXh#gA~kCUJBRZ&J-=KhG?%+e_~lv(iBVFuLp+`ffx zDkf8{(5J2JBe?MPY1P+E-27>kQ%?-`d(M@12f?RM`ew@?h#f! z29>}b+QLN16}dA@c(S61d`a>`+Vzsxlsq7&%|#scHZ)>$o}Z{ zs68r>1+oI!t<{I|tt}Y)M> z*aMetvC$r;|I~eA_yCY{WVBq_v#U4yR3GRTUa9rgLWLyzpYrxO|6iZOWvsZ~A37ld zEea;EN9$-pcMea|e!=t0B+B9_u?}eBwa`Cm{?K_qthN6=1({(`%LBkfi$(LM*f35ONbiBICfMIJKB}gS?N8Le5gHTA(#msf z(Y=?T8rR?`N&S=c+c!(Q6t+~il z&aWj?Q2}xu=bjV5B~&*`lBEcL*MPJ#Wy zf-kk;+x0;I)Rp!pzJhoA*up2hnban}!sEAfI^eC?xrt9h+`LAGo^Ij8MDEV8MvIwa<$&c?O1<&l~fC3&ptaa7Pqh+VLw^LpR)X`xj-v)LL&}| z3w?IqwLI6vpbJeJtlAI78iILmH?4d95Tdf`v~npJPc`W$<@vDnw=R?<0oR%`i#x{-p)!ri-7wh_!RI0DBqh!dN^lL~ML1eX z!P7-S#w~Q&pvp>O(L+Y8dkJVw-jw z4QO4Yn|m*QZLNcFM+y(D(xZvsBEh#v`7N_bdRnW~J0bkpTFwb=$E`8xRFI4x&$SFGHR;cRq-IS37Y-Z4#O$>FAjpJOC6j~JLnqnkM1GRoc z4`BjcipxM;21BNoJgBUOyGV#xL4_&9f95q*)Y%aSYti>+XDbaq*SgR_=~(n0KajFv zMX)@0Gv9EZk2!XBrWh?0Qb<5mK}y^GT1{1cN69c2W1i$4GRVE0?HIGZvh3ng)(TQC zUAday7kqX+mcbXOac8fjqx7gMQgft6MdAQ7NP(-P`7HwBcTE))9o>l}Py8yngnra2e{wtQ|K)aNtzf^Bk;Y&b z@)ulT{yJbN-E57~htuzkp6xrX5@SB8^d2I;gpL^`05mJ4NZ_QNv~dd;JLcjn78&Z> zUbYu#-`6Mv{IV}i3Iq#BlLH}WR$A(2zk#u@Sx=WE1-Ef-cY)=WfY#q5hQUEK%B6(# zQ^S%*Hdz8-lKG&au|}eim=l-jj3r#Tm-7y8bx|jkVS}|8uvjF|xRdd&Sd#pB9hV&q z3ALpRad{I?Z@bQh`{bC8fj;=4|LYP%q-4#hYQ}xY$kl=hT2(c&XS!gecKk%rjm?kG zM|9EzZ_!(q2KH!kn`^)3h9kVV&%xXKfb8h|Q%*!pOZYM#a^JX)dsk`|>He7+AZOR@ zj#f7rFyi;mB5pfVG<^E4a~2#Q7))N-nX}OWzp2C)gVZTM^AoW4*j?qlC;lRwbpnY# z7H+C80*sfMT-y9HuFdYd+{I_M{qO;`v@9MMa1&T=@7X~IjAeB8Vw|KEQVi|fIupR( zA#-Z|%j0L4ub4%COp+|4*J~$Pv|sdVW;(S|h_P{qVDhJ1F(QanE0OZ0eoSS8uAG-H z@?e6&-F%6yuJIVjoKbHL_Mp$45`}}YRcD1F$H4gpJu@mr$y*pp$SZcmYIh|pfmxM zqGaIJ61mRt7a5DPuE!HT*OrJ*0UKudQWihYemF*qhh}k4m|+)Y=O@cZxII=|D?NwE zJ2us}ExY)Q4%I{Nz0Qt!asL(aJ4m39_}bH$I;jv>O7mza71{Ce@gDHyF|X~WhkE^f zDPZuiL?q9@r~GcoMm%;`DssU-wMQORU@9;uJ8N5Lm&6NhN48};@e2Nin%$y5J*x5K zs9a5N;3AHJi(4@AQrH7u3YMY)Qc=jle@cIkC(JZocaBz+@dwJICVrB5y zNf3%;s>P)M<;jRG>POJj_`?bE-=WGB9NiYR4KJ=3wpiBQ_ngu~5GN2^v??9CtKrQp zbURD)&h1B{U?_`1WD%~3SsIt;A3ZiFq+HhOOf6(2T0ThzK)a2FQ`Xd|FU@-(-MXcX zw&(+>B`mBUCxwfSc=S4d(yFpaey*M>Pio$(m%qoOLDS~q-w>#m zNR1LrLMKqcw7A(sZn5s)JBk$GHf$L{00J7!{4?(7mjp&uvzoZ8%<)twj<)C{uxflgfb3 zH8cz^pwi+bv9BU*;aB8LayaK^%;6-`4P@Ho3l;?x#gQj4YoAQCw)HDy!_L5nicsyF zrNgw9C+wlVQN(5Oy1?;_xuL`|v_kykw$nTHE&RZ9E_S`TB;Qj=w0gjXcH3@+(?-?n zfavya+{x6^mK6i1Gt}C8_;IPUqdVE;0+mS)h8#EbH_uzecKL@muH;! z-F_1;a4^%Ow`QZ5Y!i_Z?6}jR;&| z8{*U~;}qfx?yfFs_<}2K00!%SU^Z7q$G>Sn$jLy8cE%6y5Z8*xrd`U~PbDY+IEJlq z@-tuJf=_D@#?{;so=t6{Wz%{pcgCV=82+|U`;!M|%#`N9CTSiVp#ZT2kT)X^Dj$m zQtCm?5edWcL=(3m3O8QKB4fXeI!858g6nyR?vk~Molg@19uyf01DPaRfj&k7RlcW5 z@XVW0!;iJTTii{9aK)B|+%F!JwCw0BJ;0nGt}MlJKbYfGFheBzn%GyxVV0G&A|x#7 z27Oub!=k*o1u3w0WHeC&*h3xt1w1YZwf^%7#>iz&t%HrbZM>*o)LztVHq6I4u`u5| zOzn^Sa=yp0#j9hYDqk}&ef#d^sYU&~O{XK9zwP*?#(fxM|2}D(|8s->R{0tvE;{#- z^?8T()WX;RJuhIz;cmLz1Ue{s8Q1c1;cdi3U(f0!Jw9GnDxiFNdjz;Ce~1`$a!!8e zRGl*qX!A|j%dQKlgi0AXHpXL5x%?gbb`*vDD7cYttwmt#w;4X1$EP^kp@k(MU0bee zm>tm#O`9JSvZ77xt@x=x6F&6_#I@*`Jl3&jP9-GK5F$nNiH`xV)~ zJ8&ee{K-XX+AuwJK2V|Ja=u-5x&lm-!2&&S^}Vt~UdxukNl@0&U&7Rs>8Pc+?dJeN z^zh8MyMu2%SE?!AS3lMC4ak@XE)Q%Zd`!rNQwO0?_E-RD{iC_g;k)^CVjwl~UA9xP zhI!6PfvJaecu&tC*1xt26bBy3f4ciZ&Pd!w{QbB5?&6*v_c)r^X7#aKAoV*Hn9E-i zv?DEGSZY~;5D#S?68e9All@=c#AU&40pw{f*B?e8Q^;9y#cUzD(&k%`OBeL!%b1y? z+7RRyq!2S7niK5djqT8W^Gu!R76_Y6;(W^nSnMIECvtO$h5p7S2bhz7Q6_QGpl3@b zcsC{Xvgmvl1%hFyaq<{7uIoo5Un(l58=-)>ViN|r0+WOH625F@(!qKY;@gsq7?Gpc z8Tc1~0HVeI!K$}X>`~43J0gop-eMgAdlV7n_(Akz&upMVKS1H&M|*}`J11OT(%Fox+*=j6hag71K0#gs^b9T9^BCt=?v9+KR!HW zECqx4jh3y z$yL5=CXeMhHK4w!qV?nkp5&7VP< zyx}8@pp^J?&XcvbxG=3h!Xd%;D{H=Ls zmrfco-|5|*ZPqf~!yeq(lh_4Z@>=q|>H+V?($-E!>YFFs$w^)>gn^%6Vn}A*%7~Y( z29#aIfg2Ju=vx-r;Ji@s*oNUrkEOkvn)ph*9k@1@9)hMQ6bmLD^F|m}-H*ENRLlo< zBt_^e>klB;<1UPHHgU2KilTb#7i6~-W?w!?)rdOu=3=%*fOu&EZqH8GX4#as?q z;NtAweSV92=sz97D7)xgj;VF;Z zFW-rJ#W=7v7Fk`;kjUow5~UFLbge3rzBctcx~e%PO&q2)rr(mXXA&Sd-g$)Aan&&H zJo6_H`a1Na7I0pFvoop5fK6S*#S>EYyf(U$o56OO;q(}DSrvd%6?l`i?+Dz}cJjeD zxgAb(eICLOJsMFfEd&GDV(V0NekFUG*+g=zd8VUfM%rhW98hp*KOl9ru7ZpLO)=Fz zwOpT(IC)=@@>maJ7){5y;5$Ia-Ebf3=$MnQYsjs~ChfB87Sz>9w?O6z1G+YK-9*G> zv6`S5&W<0NQ_a{GQ$LCwK^n+?B-2CUKo;}b~fB5SA4zGuk&lV#RFi=HtL}f`5rF<+W z*C#XcMuckSN9e!m24^j}#s5}F@oxU#oh&nBALJ=Iot2A|MHa|xH43j1!wpiZr3aX_0PO@u)9tx&(MFO*nU61OOTH z2*2$}77#Z=MKPWOB+HI%_jUj%oWv!NjlUu+CYlwkO7@PmU_y@31;w&M?A<)fc`2|G z>RWys@DVCk?4=OKTs?2#A0F`5Y$U-d@5D^>J2;J>i z#(2`+*$T}6jTo@2M*>3XsJ_E-@X`0aVn+YL;&e6nUXBr6`v_;JKth1X)P^wxj|3w! zOpw`AMq^uJkWM?h^5>bR8pD<~jHA%sv?28Okha|pNn3j-brwr1nfRJt0xVo4+CV7+ zFOxiq;G$(306L<}YDQ4Tl|BNu^%X5~lz|uJN(Iu~i;@Ys6_+EM3*>aPG6?p`40s%M zW^CtT4%S;tkZHvD6ahS%yDWz{<}n*TcXHf3`5gAb~or`I0{j!2@TKV7gG8!mob z(ZOp0jPAxTevN$)3GcTSbasoO&ryZdmJ|hibm4>qx_t|LJRrJ!dAeGi^S_5uB3q2e ztXxYn>n$uuS#(3QdgZ_dr`6t?w*F6{Jm#X4H^NjwUD_aoP((t~eq~-=2M_GsZ1Qfs zYuA9x+ax&^0PTurxhn0E9Rc8^)GTYZx`PGnsrNJZ?!sVoU_p8JayRgfF&8%5xuGon z$o#blWNmwCUGjk9NHIuV7B0_l`yzHvKj!_2?|s_&!d;roA%)%-kw;k=@uBs}A~GN+EeO#o%LL4iez>GsK5E5r}V|KsL@u zbe-@sd}=C}ikWFi+d$B^r{Q!Kp&dK71|V@0ZXS5hY*^Y%a! zdTVw&MCCbAKC_)vr*S5K)Ig9@ox8pJ1}}Cy4D_RV zf+2!?xy3X!zG8br+%*=;e#P zuD~P;6zr)&S6u?h$i@RL@rOiOphwk*j$r+~Wi>>%1(sA08GN(lgq5cYd6te}HL4Q` zmNvPvOQez&xf6ZS3n~tp4M$KHD$6P{@9hVz$c_rWN#4gho%+U8`dOiMgq0_0`c*ue zs4|5pvJXpPw>bRP`U|)hcg2yuxFyO0mh*F2Sb?T`-&@dP{+%VExp}mOV7eUT=e|L2 zHL!I6ZhM!G+UPkTQm=RgO=dVQY=){$G8iZx+)PK}$+wvw*GBJj=g=Y(0;*avpys*X zv=TdgrY!EDOKT&_RQ||$4+q%Z_mI_5RPh%=7-+t0T{P=QOze}Ul_Rx?$biA~c~ACb zFXKht%cU8+_zPOV|KsVa!Gh)9=ocZr13-7va) zbZn!$MvULypWpla-GBRQ&z|Q#_jT^M=bU?Xs&TSGBA)gUVaPLikzreG2yNLv-fn-u z*fFjR8XiAn%2AO_v=Xy@g);BHQLFl;-}F08O`*RD*?IEtY@cBD+o0`;mlrjZKjn|b z2RCkU+-i+nkFV;&H<{VQ{qXHBMo2Z$qmP;s-W_w+VJjc5J8O}vN-FB zn9ryfY}Brv&HhOu+wjGyG$ec2KbMeuFoNK{fNd{GT>_x^UUn!t(s5Jn+aU-zl3d1q zXq&G&Vt|!x?u&^=Fx`4wVzltrDV4@SWWgb-X+yTZE^J%W=!}K$PQh}8A$XD6fB5A; z3N@5QP3YZ!n#oq#ZBeygv7Gx$P70dMry84Q(Hy;=76#c&Hbi&@l&N9%t)atT>xwMX zjX6WPolnoy9oGa$?3-S%hDUp*6;rbrC~g$If6uflM$m8|wts+5t6ZI(`v|`c*U3@TdLBXTe}qP2XySiKj6OKAu!H>h zcD)qAs1C6vj}UIAP!Y3L!U&ZwLCjV@O>_hKDmpAbhP!F(HFb_isfPzmj%hjWxpj&^ zxgI_Obuk^)IUm{5KsQx3RpS$~s3{;qe>Fm)ncr(sj(kd^1d0lN*U78Z?qyr;;m5$_*jR2xYi zuH|Ec7`e5s`!Ksq2Xf;?rO;g5hdyn0U!zU-sy`XwC82RMzmd_i+KM;U4C|^ee9Gry zSe_ac8?z;%_&agmdWJKe{#g;7mp_pC?EWAjXvI@5B8NeHkd!??o*}QWN+4~SK79NQ zy}hIu7$pnmG+NFs$2X{NT*~V4|ISW8ySg0@j7o}U%N8j-a{F!NPa+4MQU^9Alg-?%S znXWV-j5~wm$W)QY2HVrbGB??) zi~h2ySE;go4LzY*wC-FMf-k0%@+6Qgj3Fk$_)@y6^LNp?wG+!3_&kM&$7qYdi#oU1 z=Lw4s-B(uJTcJO_5ZIE$k9V?oDVePiTpbAPd$^s+=)?{Sm(Sy!PhSg?h9cmW*D{6@ zB->P1HcQ^oxWP$%-YU7}G9G|KA+R#GZ-TlrewOWZ3Xaq$aIm~@@R!7pm%rHst1Z_! zag}64#;fJ9`#pwZHD*{~KPv8+Iu{0FVy-A-n_Qo+ExSCQ-&I!2AfRSkTmn37QD(>Z ztWA&A_1mrFZPSHgUB;qp)l&ja6cd8Zb;0*{4AF zs<1Dflhg=NHI*~+`c3o@;){&EeR!k`50kuVRG62e!r=3)EI9tPL}H|3)mDm!y8;U# zhQg5F#+5i9jEIEu$n-Q{T~v##X;3?%s@2XH+xa}&5j}9`#c_XwYM@nf!8E8WdQQ`BkHY=`dSm2>TKca=kDc{RG;-6-05rqhxyM1cq#QAyBL(NMj+iBH9FLxQi@r$_TA0Z^m%)}9{XkA3 zs?D;k<d)B15;Au`5t&{YUV<=DScrW>)?u9J-8-DQHAx@X;ZN&*kVG#bv#w)y) zXt_Dhy7zqC!}SFTI0H)#M9{hHNck`=d4p71YQH6It|G?4t54vROhh-I$`4&agOb7} z&p|1I!N%V&g7IWjbizZ7W0)%s%uLNfj-B?)*zytyzB%M98PyODag<$aWV2ej#W*O5 zZ5m+NXKoQX`8JG0I|1f}V~FzjhfEi-^aHLB67TvR8tCuGc*A2Hvg=)r%kq9&L8ly( zYXwgC+>)#9tkeIjdfhD8Z{H=A$}Ec55r_v`0!O1ULJ(tD^r|Cs{#?wlVShc5&m>OM zCE=J(NIOFc3h%x<$xh7AcY5~s(C8V zaM=5@Lqcfe&S`DDQbolETwpWVlveNjjS z5tZF6;A{DL^iZdtbsMaVDkTn1^#KN9OeYj?;h*K37GkzXzcPDozio8kre`9l{-|+EGiKmPtY(@)X|ZF zOouP%6GNTIfwrrnIjZk&xyQ$XA*)Z7q>(E^9C1s`>6fChnia{rHZ0ZNUntDzLYRmA z?qOMecVlRN=P{rX(B>`G5Gn6j2IZQh9|Cb0YdATIqBVvCP{{^=zpR;Z+$;Ydfssr~ zpj`Gp;V4p()0R%-*v8=o2}d4is{>}@k)6HPPt7nS!=!}g0Tr-nb!<9e1=@12c~X^1 zTx!aE<7h<6z85W>-^B}(_;CdZZ+?U3<1P7vMCRp~T#XMtBICyUc_%_-e^ zgRUd(ajflCyKe)|cXX@=TA=6Tn8|Ncjb(Jr0V#B0y+=ONnICc8;=P|K(m!A34EL!2 z{TJzlW>Wu47B3^UEmVOlD-D`8f80%aa~sK7T=#1k$QbMmZknEEu670_dc@B0L2mc} zn6=`no<!GG zCkxN-aIxKbx@g<|oFp}bOEZ}N?3M;W-8@ZU`l=s98E9YkH__|X!eD3x%kHK>vWvy6 zj3-8M16;x~9uMhR*YCt_?JbkJJ_is8uKMDtkZ{1noqR+~vYUv*sj2;6QrUSPh>uvc zUjf=rd;WYd-U=r%9ysR|&Ea1W$6b_YcIc<}_c#XC@(WB=IkQE=NMcurv9FIPw_-SY zM)p};kTzNF^-xx#{p(r&d1@#L#hvE6e)l^0*~T3@!V0;*>N$M2bWC?am<<;UfoLzt zZ1R>k_FlH>7v_4f%Wx+O67{c}9D8*DewFjI(AYR6@|m{d2!4P>6C5x6ErxJPRy1*~ zmrOx9(5TkPAdg_amc}G;;njPs?`O$e0*+dN>_Ed{;+L`U1 z22)CJhdQVSu~JyV?8X8etw>hhl*Bu`m=M_YD|;P5E6T`&mmCGV)7%+jx0f;dD*Xhn zEK<1Ne5pNTOD)x1^mdL4Kn#K`KP1G@Qbo5u*uXW}iIy?)-U@h#KamfbBd>U1$Wfv? zMB-e|^N9}0#YO&|q9jk>?5DVPvDD*LfeB8}%z^nuZ+9p%_yv#1y}R2mLjLfAdpk~_ zA|cFhNy)Dlr8#ZD<2(va+_k(qoB&Gne{G!ik5{<=%2#7y`AqnL#@{8$I^A#+AJ(|S z1%*gY1|17J3{`2xgFV}0XLrqB{T;W99nyk=>2gWFG3Gg%bvCY+A4TG$V~454bWC~U zoc*(;@RtJQ1xZUW7yhe*2UJkyrg;G{$0-TAl_lb|-oJP_y`$Axm^!59FlgFF4mDN8=5Sw{w0rZo1fMG21^odwjXl_1f@=nd+lNuW&txWMM z{CblD%~e*4H=$^{w+Z@U>YW*+5Q5lVuW}DGXFm{4{Jeh+CFd`lPEeQ{fYgz#w*_G{{GD!jz+a}*R!)Ge0id@ ziV@8U-7vc(^Ew%vx7kH?iCZ;Xtv`;6ySZ1AsNdRAl>jwY46?H^Nhzf8o5BT+E!}U; z--Uz!Ha((;pE1bbgDX{C08ivaMJoUD<+#r(Xpf{v{&c?@Alii;G?uWt2P|D5SsLhM zvk}+5QTh>PIk?Fw0x^sy=n2SXLJM$#*2&jWjjtdg6(QsMU+PfAb$H@1nwJimMDYNr z7qaD)u|yL*%Lhg_O&t_2BuP6;@_<7t7s1h@w;eu%XIF4!kIr~pQltnhlf*6A(VArC z2rdP1^m1iXt~PZ)LqurH#yun86{a{}G&x?sh(XsiCml~A&Hk-j32s2{a|xK7=1SF1 z&z5*{EC_23A5xQxlKMyfhgN#;4{81tEYi#dt8H(~QK>DhArg7LhsZDqgucO_%LkU` zg)8=`0^yZo(qRKoV9(70ALyY6ORcXJnoiaFFv)xxb*{&BVn~dw+lAzrTF`63nyZpB2x%jMY*p?@Mq*@V!)kj8k_*HHb_^w@Cal{1SVub zRcO5RO2e?5l`Wl&tn9Q5TY)sA{5|h#U&HF@oFpm%%&5%u0knkZYrFnyzG(RQDj)84 z%gQzg4R~B}k*5ezU`Fg+2XxK1Ut<^dhw9gvQkTI-;Ri&+`ZeCPfKfHV{7_3H`4X#} zW4k|FF%Cz%)4(lG_4yDpH?H;=a$nEI=esZkjHOI+#f{GRZ%Nm*(hU#mJ7ZkpFoF8g#* z9Gn+53K9`AtQ6xL*gc;1?~?%vjnCwa84KJz6&x?aBaO6Q_sSx-7$H@{SlT5)!m7$OqBU42oNkZ9eracY1(pEp7=)rNo8ye@im|1)H*X#T+30Rh0{rmOvQfS8+JY{NH+f}wF zf%;LB+RwmU>fl%CDeW6-Te~6X>$|TQU8EA;)1Pf$=J@aS$toQMGq<~C1waDLm8wla zV-+8Gd>Tr1-utu$LFHL3*|*xcLzn5Zbm4YVC^Zp03@r6C!rxVZ2J`lKCy zzdfe^ntCEvNNuiA%JZ~BgT?&k71764ZsSS- zT^TUMhPQ4dtJO`^Ma3*{HV=skKmp&}0NU&&MMn3>jmB8TqnQr^2opp);UeHzRlS?8 z7&gQY+JRj z7zzR0-JF84qhd5pxBEZZ*hok)97`HnZq4CYvhk~%tbid&9R14*b~n&Nv}O0}mkHB& z9HY@uF|pH&t1^`f-KS^MWwShL(4PCA*?oP{4n}eH1RyJb$PCLyKEPA)wCS?(bdY6V zRX`-c=MY>z5*73IP1Ed4aF#DQ$|^049Q3h{e@}-|^)Q<4f{!427jJN3ws9KMu7%ts zxpwJ`C+0L*-W|gpZGCY#vTv(FTQA96SEwR;5V>Udd=f{>=$gE$k0PHcsU86NA7mNu z<660k?Yn7${-sJ{dpi(4$M665Ex=w|Sq_}aC24#39UgGjNAh#LRHUH3jtlLbhmBq4 zNA-<$&*#PHvepDORvI)e*aDZar+FE;Cx{e4=OE@1XuF<+aJZaP5L`HXOO;!{rgFx$ zrxbeEe#+_a2*Pl(vg7Vpkmz){3-un~nv2)N3#(UGaVj88f(d2(fHC;>erLn2Uunn3 z|CvKdH0U?(6vC1+YS(pw0?Qb&F}xx=8{&e8Jz*!eDtf0gb(kyr5Ux19S_X+Rce1tx zZMCPi&B@IRSt`1WEeh3dLPVqsryO`wpIf)kd8d?ereTDi0frn;f=?+mUU@ZljlymS(Q;aw{vXXW<&#n+bZ;iwieD;bAo7R8UCE zvBgqeP%i=?hK%>=_pm@afJhEz8HL!e5a~D6M>ArQ$25({b-k8s+kL~+>h=e<=3-Hi-cNTSJ^yH)O>pp;EzbxXnkO{ zGLKOxy~|&glkWGFgs7>}%N;cS(fOLgy{w>xK7%5g;xwJS^?^3lAFavJMc1?fLK#pN+cl6mHrC!Ro2ajw|noV^iFQ`XV zeVj+U%%^9({xnL5B8dSW<|B0VgEhgYR`lQ635}4^g5L-?)W`F981um0#Cz&a_x@S})_vGx*ClAV z!7WN5M=~}+ul8hRAD35bp;Pb?=D#{O%5t$d(S2re?{8V zHt;`!$9Y8rlpZ_ZOCtNC{VtbG@*j6-MT`u6#-J%~2(psu-z|}uw-3D;%S~RA9gV&O zywKNFm{+b~B@WK3P5qS?VCJP!h<@F#G&l8KR3MCmK%pV;!LsBazaY(*fPmoQWP!7x zRfT-YcWbW3sSZ)aEw11C%K<|<*)8`!?jQk|st_w~wkj84n{8C)jE(Poq@v;9otV!q zl@>BTSb%N~59XP~nw-;;F48T#q+aR~0sb8kT^jL-fR@UqPm4<|5e+5|mi?1tpIyLy z&FQZP2O+bIo!!CWW9)~4^-2-6AhGy4NHQy=iyI`l>Tm>>3-EkL7*En-+l#%AJX~-w zU}Q5tKsauxUa9>zsuv*$vZg_TdVV2KmF88l^KqfM{%F2DG-7KTHHMku+p2 z5*Y`q3cFvXMfyOC*m(bX;Y^G**KP@UFf((4!zSZgP@yCAW;eHO3XP6yFD3mCllTbf z-wQm}I=1;f)8qNJlp<$K!@6l2A);Q&&|b*Vmh;r|cl!1Hy#yy^JPwc+5KJFXW^b4{uBoV$c0znO{B{Pd z@LwqpAQD$}K-@d2$f2FxY@DXG`>^jhW_lQWt5 z{R6_4AYp5&g?g@|)#J?aLk9E@?55{0zS3D&2u}!(AiK0Ay!R!*W&EpOCzXl$iS}X! zo51IBY2<6mbNxAOw$aglpE@oJ4TOx+-y_^URTX%}R}H=^P#|$dkXfBDlbD>GNbJ(} z>6RwZEH_1uih6MebV+}{%`D;hQxh~-kFG4&B6)RqY<1k_e;bQc0~)6maD;Sr1>ODn zWU0^ZM6J=h?xzlD4lBx{!ZqN$I^`4K?cow|fF*Mn<$mFU=RgL#edJ=SkTJj>*b0HM z?-E|N_pYD1!J@Py&P8@+#A2gGs?jl7QGovRob52qQ{BoR+vMsmYe?pCT&^Ohk(-rhCUKB2@92IU;V^&AD06r^a5T_iNN6NOAY8>uu=c9^Gs@eI9Waao_s-cGU|;rBX(Z#5imHrbIlcjXJnBC2J-jHbUxjPMZ+Y4UQ6 zQXdoTZT}t17@@>_SvNO$r|LI_yytt?#P{_VQq^59)e(J+G^^FW!tyPg6Akj7$6zCC ztv%AjQS`o~Q}CN$J9Llt@sjJ0{?;-IEU%dNzNOgJE!$O9)js&N$s+6CoP(DkqaG#D z4R<=WFtY{w-Gc#gz^K;-^Z%lb4@ixhe=X$5R4#WqOilywj$>9Uj%_&-PPKq_dIfyp z6alb&jO>tH>=UpiXaB{K=y&e!3Dw|+dwUEg-(|yWRMN>E>EYWrrSn=B$0Y_8QPxOZ zoYz)nPcqxaMWWR3KgP?VnVViaHx0D}xYBTmSiMN8I8e;dOZet+f4-3Q^L|9yFf=Fz zt)83s7lY}%b!(F_WW0t zUm%XNf2Q=Bh*1sw{TNYYBE#6E3|hg#AN0Dc@&0_h|JWfIdM3jWlxJ+anXxZ;KAquI zNIV~wPl;gBuv1~fF2awKk{$Vdgu`iA_v5OVNrYUPkLY#B^Q5wM=25Kz62AgG69`Y!t-t}*1!y_N5=w*#JE05P{S~J?N^#O&fzx$@d;gh%=D;DJX;K;+ok{OW(n@2 zAyc)_Y*_{|ix!ioOdn?Fl2b^ao^_TY#Da(D*^yKI`pEwxT~HfyW&eQx!xj%_%sh{$ zB^-Ml7ln?W{We_lw}d4KQUu0|s4UKEp8^+Zj#=uIRVnQxn*Akx6|4}ec9je{df|2R zKc7OoIn)a38D)uShoO1pExD+=zP8C z6ZZ-n`;s+{(J3$`W<99*()ce&{sana27W-zJOURQC*du)Z>5Z6;>IP8{b2mC8bV6h zDSJDUo78U`VGGv#wY^O((H!4u!}>QX6zy3pI0N0@8RQ>-@O_Oooj=kXuTtt|A2~jQ z?zG@OA%4ys)=|Q6q<{QGZqMX&qVuIFZtO|krEglL?W*g>YhnSC_?2~jo!M467zJU2 z%YJ}a*~{t!4QtE15rNt$;=Vo#|s2s_LB<;sL(zzheeljsF!}p?=!)Y zk@(2n+GLb~z0mt_iRAi_#leY_Cpz>6d_->LscUjZGH7wX9_tRt($hDYDFj^}#4`p2 zsW*S0!)lyY!-2-P=tK4^qUufg!pAc>Fb|sjW=Uu7kYnWU*uXea0wUIJSC;%c4~wms z=GogfWyGGR>BDp8o9?jXar5))8eoRWb2Dv0SMa3${l&~ODHX6lcH$YHKr(%Np=pvT zdw4+KcIpseU2$;vpnitm8q4*b87Vn6++%H7>ND%Aa~F@Yj}+X#UhuCg!Y@5t`HjVp z+se@E90#iY_QI)$8K_OkQqt%`!}aBnvy+I%S{%ch<$k@4LNWb4y4;XrD+D}exgWd5 zii})>j!wJzc0`UhR?>lc+^~VctNwB%bRE*aaGnsU7hXGB6AE27#<+e6bl_zU z>6K8O6cieZi+eRx1#@y*=y7K(&IgVeE|2wRd&WdhDpogC7>Q~NsECGoIoew8Mp|+Q&~RJytP}7cd-p>c$`N zIBlqR)!)6W%X4!6krgVBm`4@qZ*c4Gy#>2N1sBe;C{K@qzybXDa{&5bg>Y10#xW%< zzeY3+*ywgniV>?mL0JLK`F!IS(Udu=%t>qmsQ>(LmQGW@#@skF>2@SIgV!28{Dfd z2wRlp%e>1?#Vy=o7~b+_Q2IppxyY{LEV`(-cTG!N^TC7tL_p!x`Sf9{dFAAHP?oGR z8OmlH+j3P31Pbwdf|>Yx(llHo+gRJeI+1|MU@+Z4d&oL* zbbopx4yfA#oE#a_cO&y`B-{@L{M(@?Y=PtCz^JfaPip=vUl5WTiuIiF`r;)>B5m!1o=a@R!n=ZtBeG8($pLb~S9xhPdxImy-q8#=GCVAia z`m06AOiO(S-)Mk3w6#L|7qu#(&fGGCP*#UNkb` z!QWgOR1Ycc-S#SYk(zDQe4|o4UrCqR?rL;1Z+WMPL7p^vEe=MFXziuCx8it8)@d%n zt3!bf@jmEETZ%BLR&$!KzmAR^o}-7zFZw(Gz+I_Nsd9~;&uK_ZqKY20GwBFO&A^R1 z8|#n|M=1LH4?l@*X$&>QzPi>pD_e@4T4_vWHjWS{1a8 zis5#Ns{9mgRkmZ8)+jc7upl&B^<~o)@xyT|v<4?C>SUC{3Aohtpm_R3FIzCS?_7ns zHK53Lq1oztTPTyk%t~iznUS?)dFXUd&qskn%8gs>9%~)CA-HD#0EwZd7T!^RQpHv( zW`;uA+UyV;r(sg}0l~dtw&i@r_KnIX0`r2%#6n?)#qY9$I1CAtW3x^L!plDRaW)D> z)fFgv@k!h>2Th2=J2Lpe*mppHt4xzIOhxc;` zRs2*<2B^a$Z`_&-#^f>{Y__2Ccq{7CiB=Vw$QY-#$^ zAJ?pEL}Wocq^1@*ReBpz-|hznHB@BAW_3aHf|oZS_k|sYq+b)NA$b!8ZApYE^W+$o}!@y zq8FPHqi%@%&^w-x2bRD-RS0y;g?*0Onj|0+C3Dai&F1pyfu z`kk!uw7oblS)+Qxy!e`<^cgjW6!-`+N!QPUD@Jr}TQ4#hpZFn;J_}r{k=Pg*#lL2;v>2?h=?SDE$bWLFS*A5PR zBge%yr)GwF6_%^b9_-DVlkANr+OH3@QWaiKSMH{At$1TTUd%f2i0}^@SgD>YGqbmu zq=MWVhyDmsTg-R8Qa70FZYpVDelHqv0I&5JMtE%!G%eA%Fp8nL8wOn^|y=NYjaWsK4@Y=wbbB*UDz-l7G zR($>zp^ag0g0wVwL;kE*l7Y_90E^VG_THG)~b4%CM&(> zNMvlEXB9Txe56Vu_uHOtxdDf?EjPNYGvL;&@UwLu{JXoz-FhG+_^){RZ7Lc-w;@!) z4FUUOCHLcMzN6Tp7-^}cOvM(yf$o&F+Qi1zMn`kgvj_UM`7Ml_TEn70r878sJtQz?U? zqr_b(G#rkng=62pJHB^T>7o60x2vAC0U&Wct1q-V36Wyx{ys;CVqF*b-jB6#ny4A` zw%(;=ka5k&KWnj9D)h3p+W5s`pz9I$0xzDhj8%J`NZ6^~i}Mc40kh`g6fXQ}-C*Mh zfwK9OJ`SEqREoTGVUE#l&Z-udL^H!V@1carY_vUl{;K3z@tl^XIJ9^!6s{NTx@z+Ze56=%&OufKgSq55?`!Dwvao|7`F$i z2i>v|wy|AQR1fiMAKD1^5$c?-jOvBT%|ZwlpunIFB(+UpN~pWO31^ zawmJ^qDZ`Trwn}(r^SGw`erVymH*nSc#s&U&*g(ti{&Y)| z2bmks^Qq`S_!UEfXuh9${Qj%A@?|dzmUY;AV4$G;Ev|;skvdGF0If2LYd>Itct3pH zuI`&SuS$uW6kXy^LUUzHGuBT`21T@K;U98zrOo%ws%zxh1`+#opRfeF2Zfr&_&&k_ zYfX{9I9Szozk|)Hy5z1F@JGu&!4T)edM(#KWfG+`NP)G%3;JFSR{~BIN)_vcMb!)8 zjqMv`t7nHTq#3_Y$_^h!4fj_zUjHxK`k(OD&i|&W$HFM?kH8TPeYBFD%Wr>}xnWg7(Zi0iBEEzm+$SEN=(;E43>p zBTLqeQK41P+!moX#dzFfth*8HeG_x~xxeV>&|(cC;JE@FzIS~~oQ7ShP2i<~uUrsP zR~$OIF`wUIlzeCz1aAzkOJCwc9rCh-6c1F$sQj++T9l_=Jt-p8Dh$(IZR6VCCd616 zc+%bsO6?VBoDcJ34_7M94|B`;+GrV_r4$vRWFhfM#JMt*Vo zthY&SgnNCOW*0Cz@7Ne;>rawmA~wvpFJj{ugYTWy_GNv?IXL4;Y^eBu@=(R7-$jOQc6|BDjYf_SOdSXUO2Z#}@-7-8RQRT2=nwm}x|DF9VC8zdB zNlrV1_#=E7hNN-C@7H*@c+Ov4#^L-}abK7!ok*vBRYoPD%d-L8a(>Q@P9&F2DjIVb zNmv&=sC;k{h1XIotxF|EjCV)AK1TM2D370Vhi0o{ttC>0xWVNz-BB<`c|~((6{1*G zwIjmPMq#vkH#KO-0IfW#(E(?T7cSn%RqN<`Qo3<^=*6=-KAT|KcV>1Cu3cq~rkgwI zX~8`!=5pE&0r4M^+cKpL7x+c}d-6nJ0LfA~OYy$8REYHeo z_){WL5j1jqxy#JEKpH=IHfeDgzpY5IrTa=@u+S40y4pIvDqAJNKOLrwDJbrSBI7RY z_sjr%%A^lVvvjYwg4|9`&v*4O<3e9ExVvX_InGaZID&}1`QmkY${(p2nydMt)r~Lh zpe6Zs?+0uwHTA!Hg|yk;r_Yi(?1eb3qUcDe{RcFkYqj#WBV^aFAY)QqIe>TcftrY zo&!eUcXOt~#5es{;r8bBIbzyB4QK;%e&H*beS81bkRIIkGYl08kuDejLX&K?lMH=# zSX=LzubUVZO()$Xro#Hi8`3PN1oJr4vRP`#jV`Wi*4jAObA0T(LWD36w{H1*ou1#} zxZJGRc>BH_gPv zSSIHx%4;m*-uZMlcMlX=YyZ+6rWE7pf*&uB$L+pO$>GcC&uaaKI?%8tpWL~(EzD;_ z8H$$+8=`gigc7U1$X}WAb3nx}{<7;Dzqug1yOj@*-eAj!bsnEoLY__$ZOgh?{~jqh z-iJd;%C~JwIHiOe8e%1X7VeCF_`|SITs!wFsNuSnbEH|H=&orIv_n|}Heib8#`#8Z zmp*7Loi6WauC7$5RDk6NbNGsJ$LNXZ0wh+#x#ZEY}7B>5nZj{}x3uA190K;}S9|4V(jwXH3!o^^fS zcU-Y#(v{gr z-y{_wOE+a2Wq@dhm$z6sSF56O=b=Q=!D7wY#Ug;>+}x_4(@r;&b2=&ReD*EQ9!^fJb!YJqF38)kfJ{w|O!SkGLb;Hi!R9t$=kDKUN9Ud}Ek z!p~g$#}qg3Z0dZ#DKSd!<})qFX5+-Z@C!HLe)6d@>THdElPh(w^jI|QYoOVFu4kof z#}q1;xD8{`lV%-1?FU2pAn%De%ZwC`>H(Mp1J;-P73sSFB&WlMnM&cy}|n4Rf^}*@9HZ0XONf5^Aoa^r0FoUj>cH!*?$l%vt5N( zNSXbA<$HW`{q?`{#bqx_#K*dLkC?1b?txmV6VT+8nV?NfI zM&kf~g8sS}DnjXnfY3BI0_D9C0f`g6seYzTQMBGJ3B96Ec}}L^M?)2EPAdxt&wV~! z*Pd)fewx^$XX{NNJLEiaY86*;iN(E5QVyqz5u0)pLVXLlOvWyBIzK|6*|HO?)ai5Vgiq8>;lXk9-z;ES~Q2`@M5n=RoGIcNG9sm@(Vu);xYcPMF_lKWL538j=?VT{8R&nM&BpEj)io3ZSs!GE&}}vT&~u$4(TZ8w+hTwsd{;XZm_= zYW5&1xwbHZwbrqvezd=WTG*BAFAqSHDt-|#eCy@!iRJ*_bW$#2h>(4t@L78dZrleM;J>XsQZJ|AvD&$HH<=!fg~^nE}NmB zTBd6Fl}+j+1@iRn+WESjzICUZF|#U{Y*NB^Nuzi1;BYQko|xkhejztLc`yOKUV$>GXR>z3E8r7Ejq4dzp*9bc<4eUW%rsS5yJ31HsyEo84C?;xku3 zKoL*R`8dnz@8M5zY>nvpr&`Q5M;+kYO`(Jo2h^&i!6^~<-klANpyq%oQ@^n82vcw1 zKXxi~=lJMfIly=7Zp<=8>YJ|J$fZBXAvUhO(w{w3sRPnB$201ke3hnCfus)cjQdP3 zz=Y?n6k10vs7vy>na@sptFRM?iEwDhfWM8Q^{aS}yA&3mFg1i7xVgl=|9T9Kf|hyD zVtyVdO#xi^iiboCT!Ozq9hy4CW&fy+zi+n_oL0d3auI~FG@bN%-o7~&yT!BWS3zWP z_MQF$AV1IDtmJk=F?uDGX;)N4g_f(_V0C1uNKJ{pnTskbeU4H>q$k8zVbLX5+CXr6 zVgfb}U-PD@i!sm@l`386^v!k^pem|uot_aNeMP6D2(-C>O7CB-@+zNq%pSMqVIzBR ze_mb_Y+*g_;eIDDZ4Y*5c*Dj}GHs0;U?QlK8@A6h>GuU_zrOZoam2$2=X^%zYon`= z!s{%?>ZLz*FLp>j{rN0gm8c;w*X z|6;TzgtDxAf=kNmX}Bhr7t)^`jHCjt*TAHkhDlaA#HZDfdXu_CqA5+H)~W|rtb?+J zF#wY9A!?!WH-Gj$->`m}){Hql#VamhmcYI*;+79BGym@empSqB`o9;vB2gQ_){>5{ z=P7u8Dk+{b5W2ynnIWw10AC-Ib~tE8GT1V(g3cZ76@gETsq0T)*o#EdO=?!o?a+_{ zZEcg$wk-ZJxL|Ql9HF~EudG=UBmQSqE)3*`@vT}NlQ$_-pf27w1VjxN)a(> zIf~WGeL%T2>)D=%3J=V!Wz@I$H)Z-<>uvSy)ny+;9LA982gA*o`m{!fl}(xI2ZnDi ztLCs&by37ADo&&taq@Br9ZZ(_*M+2_NbKB*Tz_>|)=K7S(T{qtJSS)tV|UklD5r9l^cnD%Q@p;V!I?8c|_E}Bozms6uL7JMIMTgrR3Cah1UyI&*IvY_K zQ8rnT)Sx{ut1i6D?Tp7;$MDsnnb8+(EJi^s;QvR| zTZP57Hci7xAZUQ#!QCymySux)+u$DD-Q6L$4-Ub7a2?zU9z57T-?R6A|2|r0>!h!{ zyQ;gZR<}6i8OycWOA?dQ*;VPw;+3_a{;ZhA@`snVo6l2szebfEDgfGFg8gmhS(BSJ z;;w!sr(dO~=ZdjezLOj5KYs-8PRMQS$4|xFf8chL!DGI!9{pukyip023Ll)l;B2o~ zorp%nxw~CIJLbpmp;f`IcyGUJL3+#>dTNni#SlBzPV7+hJA@c)q(99lX(&cN$`KS?f>;s$0 z!$dTBB!;_WbkecG@%7%&m^iPC6Vzz|OL+b%idIE7O83$%P@(;cmwkQ+q!Rk>|E+;o zEv)e5lrPLc3su|V^8+FP=J)Kw8Se=H|J%8x|L?f}^DALV3Xi$5?jCR?k0<~AA!R<9 zcEGzFNST}}{HcY%%YEi#MMVmw+L>{i`_@(s7?2a7Pm7PPDeJK|I6d~XD?3pA=49=5+XHL3g8yCm4&f4P1e z$rCdLS=vXRHZ0)hRm^GzW9PT#h!}9wm*UUdYj<${NOz%hol+|uo{eNdZ(_eV$2*AI zB)LbHXVH&TCUs@U=Js)hRrGoC;eLoorpAnJ268Atwkv%%2i?A)Nc)aR3f$P&zAnLf zz0ZRvqR6Ly%#b(GoFL2j!$So|0%E7vJF-W*9{Ks6X*6@L*u%o8ApPzzN?muN;T8ZY zSyeU1XQ`dm#CTz7qdD!EkgpUUrhSoWDHd7k{t>WV1nwl=* z2GEnm62E7HN9Uf9T${11sMp^uTZ%oRVza{&;L@0^4sRFjn>i%ouFK+El*utK)&++7 zJ89)o@o3U;m5T`Xb!YJjxCVEJX&wE}R`t5NSYI=aUgC1ijFtna_^DsW(_Ji=y;Gq(QhZ-X-66|!$NehX6I;nn?GI^!H8wyX89UL?ss0ln)lim65;GUd}ZAW#w1Rt2^>?lIca*>i#jB7w-%j z*T3Misa;xR!FR|8<_X00OO^9%cV-mh0htyTH#_NzLmj{?tgz63x6NG!e}uOmljR=? zaq43a)&CyN-n!`O(SsXZJcpNL#PsW7$=n=~^F0fjy{KWn1^2C6Wt3qv76)g>;TT5^doYUN96R$*a**5>NyUjE&(9^fLgxrL+YXL)p7+@YLv z&inWEcTd=#(+~1*ui(>8!S+aq4<+8?j0;myF>^fAgB&`1%#pEmX0iM1cLl*!-wemC zjfv?1ch*>>-b~e(d*0TY3MT(lAE13vcS~?N|20jH`yU&SUQ^K14VdWuXk=l5?b+iF zV03DMe0FJmv@;MRuQ;z~V+3@f;?Je%Sc__A6W<49P9Jmib|52bKHUv}q%5n<0d~Y< zMrUPg>2n=k$Pm|lyT6rpo+y*P*s!&tW>22RCc3?!o|K#Y4jvh=#d>?IIJIIpRLqFZ zz3l?sB1U+4AG9O%$7qB2%-x`(`x$}y#y>f)0MvIrBJ;+ zCUo3596!)Kl@oBMOcRgBlVC5N$MlCBJ-40_mZ(t!mQlqEwPfz8-kALZECuqbZFNW3 z4cr_eCloG>ooy>F=2@*^!8M|tSctF^7LWZkK3psULtz3|b~f!>d*-gL2>`FO)m4a% z1to^)|DhVj09)99Oj9v#eY$3%_}u($2T%;X$7J4iqZT8?Q1mdY$)SvXhOb59fko@c zwRjjpU1jfIT}qcEBdW53C5JOJG6s!SRyfDr*ZnfmRPxgGnv;(5n-+rT@`Fz~`hyxL zp8?uyk+Qr{VHTEjw}kkGdeL6<>|k!l+Dv+GcSa7{14l>}kirgqk#=C8OD7KEN6*KT z6?LmPS>NLk5!*e0pUbFPWev$l1>KcCRl^sLoJIhReT_VQ&a$vTzQ<(^<4>N@5En8+ zLX!f&b9s;J)=N+BOTWK78t&|+v-B5kb}#M3IIUgJNRxi_OFi9pSI|T+i~L<@EtdzW z(*bkAYhi(b%mUY?j?M!$oGg4igB|nJ2RTik-CZ|Jr#Ed|LXFz<$T1w`I}~O%7Em6P z-`Pq_cH*pY79uz0NPw7!W#s+gCwm6&DDjGStGFAwQ#);!k#4fH6+zHksC-UON38gb zB6K;D=^isLikvezO&j@E)KrvCMttOR4pq_;bM&4lepdA#P0iYaYg_C@?oX#TncT>u z_YS9WB1(X>CMr3ub@do9@P&O^Ty zymg|!k+Uvu?`3>hj5_RjWA5=-Cb57#nP;&y>}-pe;aS|UmCU#ls4$`dhD-uxz#@g<_^sJ?#BhwTRTD|xd|W=uBo?d=`8p(p?-^5 zWfW9u=aeS%X8gqv$B~a=!LMXr;uNk|J5d@>M#&x9oFIbom1jiR=4L<{Q2|MaKNwB< zx9p0BfR6rOW}$~+d=orbZM)8O`{Rg94QBqFH4IbDtsFWYO)Ap#qJQ%A)#|%5JI2q3Ildml_meCFNC8g-$_dC){=1 z{Kc#70ZII@l-7=n^%h>N(MRca>l4g)R;YWMQ1k0eK0ySq#-5W(^gzm~ge4rm_mM#6 zu-OJ-+^XUnh-p`^--~uL*3FpvCex?_DbownHu;4uN)1JJ==oODbh<}^?x2xtmY2QL zEFqyc-ZOt{^}=`Q!-6KE-H8Xj^<#Z6CIs@G_Ejui8>xvFDNeO6CLGK~rSJAZ)7 zc}{5dnn#i)gSxe)Oi_LzXse(74OP6PhiD>1!Fe4TJ)ci5Mg5cTbxf%hRXj^ZE5~`)?iZ_zf*+DX$ z-xh5pH;@n6NwZ4*o&dj0uT~`*NpOvQwC*8(R%?`5ebM)L^_0uj*%rZ%z}5D{nhUM7 zHu6ZA49p;oIrqxrAbmFka-D$4e4jQ2YIQcHB}MbhE%^e|E`}gFR~QIhSnhXD<53jV zI*mUnG7Z?L~&gV#(`X#<{0bu$CzC|!wW=4O*D{WT-QU=9S*{%WDRWw5Qh9Y{CBe9Y-3kvp9gGKgGsbS(3gK zAp-5~y>@bJL!vS~M4i|%)?|o@1){?qFf%yRI8F2@BP;IXRKO)S z;o7SlwQNj!7x>8u09$`pZXN{)_z@Pfnu8$v9DSEirl$F{>|EdZ23o++-*PLRe)n^{ zogX%s0+!+*T2ln`Qs`6`GrKMZ{JJMW3a?GfhZ{TN-~O9h>c06A{IdY6H1j?uuDO54 zegnP`u+`>$e`$6Zt?-PK1#hu-PHu|gTvoDWcA7Odp02MU+gTd91GZv@DJ@pI10sm* zh_**vGXqa>83<%iLuMmIyDt9xzgtLs8fw*3@?`8(i#}i|i*%<+Eq5Gsq4sxT}(ow`UV79%sH12l|9PCoqIe4?A=SYIF z59eERx%v>TZipLJXukh5S=V#LQN2ar)Rel!>Z`4tZ*bI?!F$$dakAk)PlDi|+@%F; z_PM)x17yD2mJd!lrtc{z?*qC4N2V7_TVFZXfsvg+yPY&%2MbTLh-A(De%1Uda)WCs z&G)65^#!(rL{ystYudd%IU)ihJCm$LKqiAERh#2GNtmQ0H5RT`y9q_GpJ7QUb5Tph zudZ6s(xN{u92e^agjY*cuHQM7ivxbjT^35?;<;37t%!L@2C7&y>d8%$l!m+&n{!;^ zmwN~`+4o9(ALNl_99O1JQKIeGdeE*(vt}SNF{3;@NY9&enbwgh*>C-^LiyxugXUha z)`li&z9;P4S8OZaOvm$Odt5WMWGZQwQ^>ejYF##xDfw&= zfwBr?!xS|6+>WN)CN-HfBkRk8!-r(*94HGboNDGApb{4IU9rYwRI0z77PYFpOjkWr z?sKatmeQKZ-Qi(b95M1!0PrR%a;(CN5Mc6s;dMYPe9TTo)U_ zsg!aYd@i|Cojk`F95~J4|10jhj;H?>_cv^&F4Abo1)f`dRmHFHyzaQ+Bp%^gIC9(T zSa(JP*cQKasU)aVQ|J;s*ww*h1c3)&bt&GxID3C}xpB1s=pGQqYz zMuC^yx~p5(w5uY-wEFrfk$m?+30PYb(~OV9F_eF5t$!T_$Hyx&f9D$WsoUyXv71!f zx_gL-I_9~<$K~Nw{XtVA#6t?zoVnMN=d-7^{c7~%KKRFKi_K)6!|Gsw|8^Z@QW|hG z=yGhw&>{UPHSHN5OQ)E=U6sh=3tjhDuAJ21RWyWj+=XmM_f2dK;Tc@# zgzvXyGia^=pFf;lZjQ4rzenj_v?V@mAh!LPle~^we!+>xawWL=MsT|K$x*-JyWc*X zbIbUJsARk8tG(TNPwZQvv06hSdwHIy`L2&^3$``2SToy!we3_Xkvi6}3K13Q8`t-O z77GAvSwQ_{V2|}5ZsXN{32$#1Hg>Vcc?v(f#?VO+?md3azR(uE$N5iY7VDqG%u;b- zCQ$8qC;s}YEjp>6orz#aCio8b#k=mK*x4`vD7Z#c?-(-@Ne}rSEbNV&+jjfd!bD4P zmRITR_Yg3XweUP1cbeMxOB5zZgo)>BtC^uP8W^oHgX8F9V)b2P&~`xGP%pigjwbIV zGjnsog-Ya0?3JkqsekBGZ89%RCRgk*OG7RWB^0z5`ae%}YBSfR9(EOdg-4@lMun`# zs4Naj%&Sq?7j*^>iy({r9Lx$HXgb5Mt-rI%oboe|i&_3Y68ZI-(XN!VIqtPh=jiQz ztBEMF!sqOi5u(9z5iyh-yC1mn%dEZsa6t7oRv~ekM!ZZ2BXwBl^$G`(mt$q&9E^l$67LxOzLq(M;cAT=8A5uHd$M zTjQBF{UY+aZ}jPH9LuaX(RdWOV|j|s3xUzn^#`sOWh_dI@6VpvYlQyEPdyWNEd|s3 z_rkx8+VkdeC4T)4)&6wsVr&1 zossat!n=Q|GoK+-ib)2r*2>)ANbjRdk?(B+K>$Q>#%{GG-`1fmlgW3lDFSXHy?UEH z;NB+htu5Nx-k}6*WWVV6TY-LVhS{zV)AcRAVYf5?faG&#tV3B-i;w_OqAF@A9~+w( z27>hmv0*hm*qUUu=xQ=uTZs|VzhM@~ye!dZ8C$9*Cod4k;+waGy6247J(~t&t7egR zqtNs2`SljRw3EhM4{CNc6WjS@vrt40*PAlB<+&xTZDH>EjWF|# zL7>p0yg*`Yn-Zf*uqgsMl1WPNa*24uNk0;zBP+6<*m_q2e=Rxpg+5>8(zl~g2^ybT zTw=&{x=poGXYu7!@xpi@kOUc&Le0*>9o`t)=x^vHq&td@-ewnLtSuQ=HafHU;Yo^& zRzwtj-=YJ*bA1V#^FOv~MSO{&;va_@w7?_Lz_3*E`bTp@0~)#2jx39t1Py zD>4U>p_|{MOn=v@O;qjY4e%y+Hrd*`@k$4(&^nt;Z`7XMn+F{BJ?!6dK}jO3RH^$k zF9q*Z{$HghelJ7*M-hwqIKYq&o6%5p>Dt9dhV_!y(HfSi+ld_!jJRJUcW4i!W=wY!^Sb( z8*o>w=Qig{=mFp~(r&uP*^r?BwM2|uyV|vdzxGWcoNA@s=ST0;llxmQc6Ua3t_x4Q z2pJ+{*I*Fg!)6j(q7;h|9@;pi%eFg*JGrw>6&u~72lN_xGOO<$Z0|m=p)XUc_|VhD z;muD~?8cwPv*x+c@^ZxJM+q4Ffv}PAzvT2f?hf+DKj_Si`{!)`st z*=})s!8UlQ9!Z)$B5X8uvH(s(ZuL1fn}Si^r>RzZeDFw}b~>WHCaMglxXbIxN-O$0 z0t43;Fb1+YRkQPU4|AU%Tk8UHkMwd)cV0-9Q##_0c~kC1zlazUoV`0m4No&pw5P7DQu}6UmmTrVw+gK*8;X={N(xt` z7!8G_`7`beCl0K!24BB`hV>c&0s&r6W6hlV0k%KRO^TC8ASiB}FvIP_R`U~GX3UG3 zf>_Rt7Swneh0cdO5eMh?=cLSS=AzsxFi~*{_nJ(5Np^FtO3H3rx8&3I^o6mtY9crc z5d%RS*7!8ACclz84R=)hX|UytVBY1X`ZZws)&Krz^+;gTmhdKnyWaC+`b_h=t418c z<8vO^X&1m_=U+$<==ay~%Ma5GYru9d8H@R`muj#S0#pY~I9B zkx*mhc+j*D!@QqLA(V8Ft&PN)k%?y{*PK`U93PJ5`bCjxA~nXNemUY-ffW8X{4u<> z_s0}$nD)}*Br8aFYz_#6<<5adGo~a1i-iiikj8ykx& zY(2B8R7{JwgV$ys+^$onmq)dQ$!K5`NKGEy!uVh@qx znHg195ImqaxT+T1nZ?eZc&Wv*>3+^2JU-eUr4G1GeBW<$i;~n|_ltS{8@Syf4@lc* zhFqfmGD`J(MZZN!8x!xJ`z%j?Vr^#NL0GDyMNgY8Z13od&&o}}%B*a9lSgv_W(RHd zuna@AOzaA^=tL%^I9BYT@^Dw4-=PSPix@IrN*qWR&z=7&*70TqErOwa0oyjj|eIC2ixC?dL8J3(OGXnY|7NBcKZ@ABGa!r^l76<(IY>$+rM)o zx*bV4F1#uO1V22BC6Ze2M~vGA`@NYMG*pW_FGj)C8Z1sq=ZcS09(HV6Z$35oS9TEk z5(W5BINu5?IUh6kU5<42zQ>?SjKJXF5EiH~aK65u<$C0htFMOU`&8ZR^JTjb({qz4 zD){v*Be>wmcQ#5TQ#MDuOJBZ;#84;mJd>Y)ajdQpM zRwg3ovtK2?rq$YZ5XCY;pHvShu}rvtVV<5V&(DtKS!x)^F|oVit$pxCz66GaiE zsg=d6E8s27LR~y`Bw>e>dW{HtC<=-l8{>qpuu7g%;4|F`) zISi;iCJ$C^Mf8G>CIo?vu352_*?8fCjV;Q6r!K5%O`O9%Gf&xDK7}iO%a| z3!k(<*d;qs&X4$t{CU>atLsQ2CLx-5>{5eCWH5M>LW%ci)4gV795!8tB(b15yR+uA zV%_B-r(z8yZe!b-=+^#V@k78tou-|?+ClS$a|5YdQmLCKkNzFCX-8~PG7Hr0dJh4zb)e6<}D!>iLBSp#v$V#AipBIT^X7{0)fLz9o8?x;-K5RWGM>XuxeXfpQfW(q zI@K>`_`thztu6jhU=Ie(h%vw|CE4(uql}$h1<$SNN9YV=@H{RJMLz;+WksR)oEqAc ze1sBQ^YEC3w3`QOn;YG|5z)A_*6Qrg8m5QKLJlQq+Np>{+tU_fhnf{hLrHcRDMO#o z*7sf?0RNVLSE69R)xe~Ub&11YJsV5VxMZBtM=NY>-w?gNuB6=r3@9grK#nJqz%Dtgy`+iIlaodU@@%4B?X)20;C*~(m~llZ@iIC<&eQ4+ zCV-M&LXwQsR7X$R*|pUfJ96R@;lgL=e#0Dkv?`^;QpP{P)%i3l>0?-Ctcn?y;K8#N zXF**fQ{Y;wtSqow!j)8}HNm`+{otC>W6_R0QTchwnVV2oUs!+y_Dus7{uhYeSr55I^Ojgl}?O;VIxgai$h zvuaf%Yw$MtXKY9N$gERDL_XfRDCcDWPSn?m3X08jnXU>{I$VZNoL-uZ8ptPoAHz89 zNmsWdB@Kxb1z&lQb2JqF)Zs|zv7fC+Vo9zan@cx>95btTuPN{zw+%I&_PnqGe|vmT zZS9K9FU2u_*_?>l(L&j8Me2WPE?g+gJIxo$p{;HSE(HzR*7+u8Zl(kS~2rR~$jo}=O1siXDa|CC_U9izDA4gd+lecFQw(U7~EQW*g7nqZ0a+g-;RCz(_zxiZLWweWKa;N+_s7o{DSS zJ4nn!&h5TQ9+wA}QRmv9Y69H5y?LsBstbOWc=lQfbeRl&?(>2{5R?&WzrrQaS7PV_ zlI#7bNx5Ht*>n}@;FN79swftc3EA5yK=ab7N!5**)u#eyFCmTLD1hlVR|XnuHu$=0 zlheIFySc?`v0!u!tNRimgvuJZe>KBq-3!_{_~`JCPlHXetDuVex)X3;o~)t~vR3?R zk3I<`Tr}n%-jWoS^rV3GxbiEtpEOgk+iZjZgD$F4bWD1TV`Kh_;U|ywk82YDi-X1W z1p|G3bw4e4GqczGJOYjxtavI=?i|ngz+4g=I|q6^<S&&d{Bk{5)C6lme&&c(G8JP=?HxP4my zL{;gt)D6QHy9`rewl;}{PX6t<)9P~8&QgLLP_g_uW}cQ*x||NXmngpR{FI9 zUm37-+Pf5pL!axri$8-oJ+AHzdw=1faOIpT`jG8-BAvq$h{X9%7=;00izg)Fl%Sj8 z2jfOr_WHM-qVBRit~RpkjE0sRepeOgIX&{-=c&lbt7D{`+ATsi*1%(J&_RQre*YlV z{5kIivO#e;LL|32FLvZiqX>B6hi!G&@8teb`)P=8)}e>PtE$o6_XDBH7|_6AWo{}h zj|2-pfcvQT1iDP#8mC+N`2%>WirUoz7F@_^Q|8|}lT}K`d37VWIh15ByV7P3#V}RV zyy$2KYPLC?`dL^(lH_6Oqwx9`NH44T(9pstyMO4aTjG2S*`GXqlg|%mX zxFkM@9l_ycv`1qptNc6MV6igk4zxzecyPE8SX;pkw@9!mV?k-?B)V)qCBh`K;HKwO z*S&X2=rYET{9_`?&^8VLWz{V=!i=>u=E5yz>=4$;skTzvAE&;mnZgzA2 zgQwRz&o-rom28siC03N&@L{NZa93MRIyQ%^iKTs7>FwVu(KFjEDy)~w&dU;;I$fWaon?>MR79j{|h8>kA(wc8+-dh}c4}?!#^90-c`i^NF#L zozGqy=*w(&0;5%hP5blrCm_Z6}Uszb-IIg^1#}E}I>;YR)D^kcGfDw2TWY)##xR;NbUGwtq4GL~&O zm(fon#qkYhi_y0a4~>`oei1r~%#IRBHx?S`2=E4atJ7ijWO6pK%qB!vDJRCLP}Cq#2%d(1^U)P+v$B05|$*L{BI)#ty(>4xBari^6t zV-jHFCot_7#50%sRuW8(?tWhBVDw+=>8qc2mTyp_Qhef+@%23Ke163?WEU)odwx zD|*0@)QcF?;{eE_N;1Cx@~2?m6x5dpUVCdmcDVG^0}p-ou9ix=wz6u=k0Zz)Gn+!?_6!N`!YotX>~0(PRZ*$}K+FE1?GJ_38(2 z;3wDpf%s6AoSK|$9lBVNn^D$@_ERb%^L!e&E(Zrh74IJ)fN+!8EI8Nfx{^T8;}Ssl z@&7%WY?-F6RXY(a_S7pm}U zZN&~RLcEdvQ`hd9EYuaT6gnl@j_mL`&jtKvaw+OfEsZ^w?8Rluo#XxsU}-4-F!v}| zZB3&9&P0`2urq|w2b_ubjoP=(cf;c11>CFE_(Gvktu0(sne|go-c~k9+{HF?F0X*r z!C3nfPTPp8w?bM!#B5cCUVn9@nCZ6Bw45|80u@O-p^$nME}y##va>)#9`tnH(yS@I z@tDj~YkN6T*Q(tKQzuSL#OqkJ^dw5*n_hQ+(PY(}Cbe@Q{S0)Qwq_99^kV3ODOZML z&_7})?%o;SVyvsT5*XNUaixo{Hl1fTbGeMNw>!oup~OGDaI@ZRsMJ#nzZ7AFbq*%h zg^O&ar^gw`luOZgqE3L<^YCg92vCbEqlx1pabmdBKNwe*l8rmrCG>mR`?$R+A5mm? zVI)|CDZ}mWJgVBf^pN3bLH17+JHM2%{R5ScTc~NwV<~C|4kt4L0`&FyIrVOw?>Ahq zrsUnEJ{Hzz4`geij)Lyc+k+fZg@Nzwa%T~w9~=?&+fwn@LJ>r)_+Xuw+wT8Xedq!O zs(&)#t^YyW6w2=>Q$>6k_NC-EYzi z`6oP>yf`I6`Qr0kesG#YsB@pJNkkm%BEOPgBZPICdsU@F019&H2@(EoW@=UYE$edf zl*M}SE@l;?wlV$0_>jL<>6qD^p6>#AC7H2;pcPCFyD>RQ^L=Bqy1>>-C-#R&@n=^; zUunm!#}9K%`{94^o95{7Xw%L07Gk`A4%y zdFCg7%w5mcAzoXE?2B|6tTkzw$>?m0k`WSSMyTS9_Kxl+)w`MI-F$6r$!{dWbI9lo zqz1@t5lr~3kxo)`2Iz&9xbW*xG|S_aQ!$m5bfv< z{Ty4`kOLl?s7eVZz^_|5;77HpYbh!=WzDq9+S&P7k-`#?gY$31l0Y^8uVFLDHvA!i z&u#kqEPxtXMSGsIBen?rsuH}{r?ACO7pkkL z2;YjFPpbLIVhBHnfNxl5l>f_ZRRlT0hb}c6!yRJ2B~nkdzW7S zWs-}bzerBoQJ3FE@1Hrkw%s$mVqLbJ4(6WY*8-UK|nM4t-2 z5;AhzFqWTzCHT-t&=RRf3QbQH9K4(eSnv-I5$hON+$BYIXuM&PbNo(G#@4j)QTnAx zZmw`;SZt}1G^<)9=!VSeY|V8QlTPFp&sd8i`OB6P5{&69^fv9ZYdtirL$Gm3UbwJn z_=>wPXCCl3*Wxk89wfZJ)1|kcPi;+WEb%0Wk?}pS6W#&=W+3)BAF%avf=co@PxbF_ zyR&Y&B`h2@Zp;=S-az0m&*5aQB3R(rX*yW(=GE{mCNsJGPs2lZHaBbeS77zraiUO& zRNfrS+56|2j)h$Pd;ToD@x%7TQ?J`hifXOSGHI!nz#MREZj8c*9gNuvq7LTX#QNI7m#IQxQA`at{RFB8cyr+duc%OVZ(& zo_v#PFr}8Kty;~Lo14uSDYmYS{4-yQLq9=^fsp=dj(D_oANSt4D!@RRhCkt)r|C5U z^*a9x2sx*B53lan7;gCJuogpAh0l)fR1Gwx4{v8%qt)w=Q{nnYq~@+}s0P#0Y3m9rW7)Fsg)6<({uQ4V^X@ie#U&DYKNl7zn9Xn%j;7YyrL!DQHV zw3M2*?ccUu*X_N35>@XH>$&C0ix{a-*VaZ}CxFgiR`9p4u~M=omQ5cYsn&zi(%65K zJqu{jY9=sbDDz?+V~He5Q*j^tqMXASdb#IW!`qXymzvSRECtd=-R3O!Pfsk37Z()O zYZZMcr4WH8HUHy9wn?Irhsc{yDqkQ}j2%>)s>z{*_zMOMySB|0rKZtf=Od_ScUI=e zCCW#i*?ILX%ho1iacweX7^di&>+a@ImESGPXEK?l=Vimtc`NwA>9;eL^X7@8*+tA4 zF;pUY@qy*3kuCzTmo!2jx(V?_@PyBs;fGfjE5%WwBBD0X`~TgAo0a;q(^8srQw)~^^9(y(Ws-2t+w^*7 z$H}C7n6uhv9W;SM$5GPn=9%u&JQBr=GwmCkNHH|y(>x{_ymqh-Hmy-~>d4&yb!Jrez5<4T~zV%WP0A$^c>HHF~PST&E8)z*5@g17V!rn^br^| zdxOZIx;_~ZL{L`1L4JZq6NRHpc(@=AvQvj9ioR+1*nF5LnZI}Mb7`Lc8L@32LWWgU zjURbEgY1ZGbTv@B(%StFcvNpf@inVg`@yyTOx{iehV9!zhs~P7?#HM2CbE)(mrr}L z$Cd6S2~x%ftTES7B~OX?=DVn_^#z8gITJ{#9Ut~TBi4TwZq+>l>GzoOcHPXtaJV8R zjq%7iR2mEWFif>LSCV11%)-sqi?67J)O;;W_|;Dua-Y#lJ<74PCIL4QO{3hd1s_73 zJ%!d#E#hBIlI@n@9})&o(kc4!7RaXiH@SLccH}Qem?u0L!tEWNd+{aPR;~C9W32s# zSQ$@jFsY!`R+M`6LctB0etxd63rL9f+tGzE!kI4dykVyI8`<|2=VCUMi91r(jd6@Y zD-_OT{+;S6Z9p1;JtD%IiDNus>$2kpD9j$L-QdqYv0P1>D?QJ-A}Ogzb!`>%#CnJt zDTYIcGwh6CVy>*I3p>}ZfiN;bpjggY3uV~Zeu51`X|g%`;74X%^0j$ct)adqEVQOY zt}@nGT6hpGB!u2gKiR{&Q@1GEL@LCC_9$A|W;&Lk%T35C1 zzc+C|@16yl70uP+QsLrk*LlL+{|Lc7E!RE93wBpV!o@KjYf8mImn9PekF%CMS$=v} zr;c@NTGVTq{z$qzR7V7 zwX2h;b+a^10l_2>BgDz;!|G>dvJR)*RM3!N0lO}*_ao@?T};!1DZT6I3o_Wle>0UK z%0xUU&VCDrLEnQ8*Nplyt!Jl7a98o+CDI#svp0cEg`f7t4W*&GDL*=(6S~TsHtm)* zS@vUY@mbM^0pYh)AHy%L5Pd6aZHfyAYiX3-gN+m!I+h9yM;*0^r3>T6I0*ME=U8j* zF3aAOWt*XfJ%WZtgONrNp_`<%A|fRX7n$G?*PejeeESR7iAm5+lVvkt)`Y7|!ve%Z zYG~k;)}M4Ear{kSAulPI-5D;urd`A$w${LXSfILUxx_}fxQL3NE!O4tZC#NC&23{f zxf})|4(s>jyLTSZ>)+*t#RZqioH6`*C&pw-c~TWk$r2z84nn%KP8Gt1-6ur^rEk)t zuA6=a_rp;>2r=ZU)f)@Kj_)5ds0TrBA35wGn-plJHSMTi;A)#a>?x$7+*w#OY@7eZLA7{T{&SqmlR9{Lg1u+)zr>t0pT5drp zt&AJrzC}3{5P-Gbj-oN&%G0=wFN2RG&{ ze6~wP{&H}!#;&80<6pg-)OWMF#W}PW%Rb$2+-IJ8PlwYhg7x6p)c(4BhnJp=kHceV z`^tM$^Uo9jLN|;%O8(n}y&d(Qg?NH9sdAsAiF^+vbh3VT^>lt}iY8cn8|=$SWVxom z5KoBt)a;k0`i-;bPw_LcGTr)aym;p7ald9jL**#VXG{T?x?pu0p$FJX?ChhVF1_A-#h-UXB1hbNNMhb zqgoA;dY3+c!27b>XjIVh?g;{ldWB2poDU7fCuQcIK93l1=9i=MEvbiXxZGfxFjWp< zF(BJsIup#E_En0cK7=;_{85+J3TePP+jDSgM8ja%ot%7~G?Jw6Mfwhsr8@>tWdN&@BapWb0g2!%)}m^el3)Oem{i8FS-&})ZUQkS)KK^|20vG4YoCSWK(ccrk(L{ zDMZXVREW4#D2$#5CU^Z&h9<=waNh7p8MPG_GP*@h0|W9e2^W-i#>Qn zDDv{v1ond3f1;i^boLUw-CnSTI=yUF=m+i>o9jOR>h$c5zw?+Cd$Xf;chU?3_nF@# zot5;~W&aEEO8x_R>VNUJ{w;y;Crmsfn~#U8)4dPRoB?5F!#sd}di)?IXqJkiplIRG zredG+C%WSht$Y;h^$U&6v^{`Mf$nke-q*+i+wg}Lwz2kL2-HJs8s{}}!KeKIDk08R zwmV)K+amOdt2nR8@jerlqDz5Y?qSXTFo_j5H4W{)-B<9xkqGqt#@= ztGRiN=5C?_63+&Ac6?QNMph$oNat#&xtzI=^BJ-VBYwFt^b5CPenI@ir|fz}hO($` zUQhVp>Wzi66`{7MLRBsuKXK{Z=%989%35-SMKze&RDFVAq~Y;DLj zG!;$8%}nlMpWJa`$gW#?J?2Zl`C?udOvDHtkoJZNUtMTO z{_Po~L>_Za4MBa!M7YLx!?9*(^kf5M^!j&br<^tBMrH}aVOYOyvl|GOpB#DJwYT*e z4WmgN=;@lPmJ6@rw02b3yk}gl+f{uDF_;X!LH$>vdVeMf1eA=@= zo0{urcElYcM5=ZEDOcnE$pESJ@=eAA2y>YW7&UhsH%Jcuc0Ou5ocaGU-tSF@0Fg7V z%@gb%*NJk$;gm7?eU@rbEH$6ieo?Y*wMWK;ZwO-NQ5|SdL{)FRYdp>$RUrus7{|cTSj72AJ zn@P#%9{>zX!#DpW2Q5*blITl)Z#dm0cjqAjSsdh6)W&`-4eEqfUAV#^#_>;__8-Wf z_nx;`Hj+E&n=7Fopg+lm$sCe|R&(VCr70J}>5T!prst`6efOifBZleejg7T~>M5kn zF$7;0RRjPB!XcucWNC|-qpe0sbKTl@$FZOK#j)p9^!3~9;L|WE1*}=_T#iV{60h^g zWmucd5&7v1_K9TEZi=5TOaU&eQ|v8gytb5xWeO$+KD-*F!fwxIyA1MLvl)1S$+qb> z7#_g)eB@?J+I~ByK%j02dWy!&b>UFgW!d!1{Fc0}DP2u0LrIhMTqawE94^?s{+wQc zmV}q z_Dv}-C{8D039?RCj!qr4QryzH{hgBxOiS}uOOL#9uAOyl3%T?6ccOQ;(ACFc?qNFd z^puGO#^v7imZCrCB%$Hc?|Rng!9w8az564GSv5dH0!DE`=Y7gI8t>oNK>cyU`rq#4 zy=YCh{K9!|mWttdbTPeQxjz%**Rc{Dsqv^;pR)`VBlXL-Gws^1W?$7bKdlZaIDDJW zJ(tClx4#Hu=3C^o%?WrVB`}Zw_NRt^|K(9#Rj`l8Lt(NWy|p6A{5b zh-cgp1hDaogsyo>#2B##mEDEeB0D|Y4*ESkoe?+NdQAD?$|o=j=nd)s-#cGe*j>uN zdVn{Ptn9rIGdLVHDI627)Sap=uPECspKopuelaUyK`RXp-Q~_F-RY(jd)`1bSvM^O z4JTHK-;a`A)sna$-DPQwOqz%AovOk$Z2IK_IgZZ;j)npch}>Xr&r3qXZ3M!<&l3pE zteFZSRYtQ<{+Y*yLx)A@YHW)+x`b?Ig)K;<1aDFG;>FCxH`yI8I03QX^D0WD#?JQ= zC?|B|YAOe|e`X^PUs7I?Np!sxID~lBy!-OT#>vxACWpm64vW<4c zo@%xDbKk|*s8QIg7eyB)=t{9YLOrEY2XR>hYWLQR7ELG`gYUrBS1u0TBr}y)5=zcp zGEVw{^NrwD|1PNun{8~Y8mF5h!HUSYDHUXY&7e0^22-}9XV0d#=xmAW??g5pZuS(Z z3UkY?su_-ef4F9{VuarEe%EYm|*KVR4pIq*L1@O)^6B6gmLbLe?2&Yu^Y8F6#u4{vv| zK(AHUZ>oQ_N5S$B$$@(I@OY256?kxFPD7$anzBia7tY`Y4vF1n0{=a(=Sm(GQ=(`MiF!M1zp z9bF{XY*u>{!6x9)jn{+gGkVW-V;5i z{w+rt2iv}mW=T)p-&Mp2_Ql{FquK@)SH7DsnR&VEuj^=e+W#L@Z{ZMSx4nO(h#)E5 zAfd$2-Q7rcOLw=FbO}gzH%h}00}LSyT}lpJLwDyp&pGG${@(pB-1}a8#dUpFXIe|A z(yOe`+KI}5Jj3>6C4d3;>+5{sY(y&+YZ-IgG<@onY2~rMLtz`nAXI{n;nRnQA4XX& zF5GET%|_xWo}afG{r4a(8+Bx*K^ zGDXu%-Y^i$TN5i=4f4fo9{^A1f`mqoyr0wLni#!tX-MKXG-I0RfvfR>uSi~+?Y<+t zd{|F_7D@}RbYIQxz-*NS8(=d|W zn81?>wa~0eRVe+e`_QbiXii}wGkqjy_HJl6P%(CTH~BS(`sE7Zv<4mb+1^jqVn*Y> znHK*zI?AB$J=IXv_)UD@ln>0c7iG!Q;ZV61x5aw@ld@X(gNd%O2az+R6mxier!3Yy zqjdXK?4AL3-+Zw0|*~ykdOaT|0k8 zZYZ<&HCn;3&g^g0i%9C{Vhq8aXYBqUWt3aA^=eCswjs+7sr7*=au442=?FXUW**mJf8WC9LB+c_0_*WH0-U0$^W*0 zG}ahv`S;FD(FZa9_r-ZisL->2s=-YV*h8B$dQzU7+3U;K#oJ)Vdc+4+gf82#fm*>V zVSkZO#hl0=g@P-vMTcp5@98IMk!hrb=$EH;A+XxEq`StOjrRPfkbV_WrPcizi^$03 zGhx*Xh1$?cjv@htYPrZ-$y1&2iS5wxu=BK%$ipp`uhz%Zq zY^4;pU%qr#uO6>(UG_$Fkm4bJQj_uu$L7tny@mwptP?SH?vUHeHpXA2wfCMyGHtUf`(-LKEY?P)?2a@KT=2dZbbQ6Yn*-ua?e)B0V{2ZF6TJEZTzC4N0$ z2rpeekD!G2IT2cfKI^9YB~3PtQJ zQKt#Vb7NxEd(#j)ZucUiaN5aa_mEoP!2ivF!&&qb1YC(dICMQh2(T~>H_R|1bLCiU z7(k2mmaetRk#}96JO3u&p z_D}wL3I4!P`aO(VhrI5DYW49ia_x4>CML@J*JyTC-P&wIWG+&KB|8LT^+}u{dVLGS z{ttj}&a5pugXev2BY=1^arhEPjT}Y8-H;S*uAC!g#e!{8gcq9+2`uWMjAwpJt>8cxd$@>K>gO{OabK;lT!nj<` z2MZQe9wMfLK2TBbkNz{7R8%k$=n{_*82ch?oqHlXTpK;5o|Q*Md|5QCtl#qfoL z*PaQmb)Ed00Vxf?iim+Du{BX4Q4lv8kZIF29_*q^apGO8 zI6f`T`y{rc*Mhol8pu?MtBGjw1RC)-S>NdGk5Vk}{ko7ociTCpE;y<+UN|}LK7WJ$ zNyGm!c6Dn3MghCOSQ&kGhp7s>6KExue<;C6SlA|?H@Ux_Xxj#vtP4_t;(2pjQ4{yG z-tjl<)GQAZf&*#%lyHTf9vSnX1mk^&Nm{HirS!wYED<&zT_z4{V`8?qZ$96BJ}P)< zC*nv$3@o<1PeWXL=4e{(e^_beg;0V;HLRFVN5M7OUVmmOSUMjcmM+p0aHCOak1-;* z#$Y@W2i z5NuEK--}d)Z=Cl%`6^u$Onn1z3N!u9bJRVMQ~F=+&Jf z;((9eRQ^$cs%!L#F^&9TyGsaFG)xmkxNyFkTPW!QoZGMq~)JfnV3X5 z_!^-%BRF`N*~oX?EzQM4yJTLZxz4Z;N_{HFD%s}mlthYm?(X!(yZx22;~nIik?s7% zsHiOzX&Iiu;mcF6Yc@*#t;dV4hH?Wxr>DnDBZq-CY!v@9bIYjz6yysiZPNukHpX$; z`Q)XNIuVx@rIL>8*QHe^qo0EeA{5uiYTMP+!siFG!EDla$tU~jmjB;1k;ojx{?D{v z*|?fnqpB#ns{g`@Wo#!2WLF<|JW2o{ZsLu}>O?Fo zMlRUl4XWj+ZpbEVZAiZkCx0UPvE*_-ZqG^yDr4*+6nz#aIPzrUU4BMR`(-fEeb0^V zw6fJppyrgnb(IKM86b8RioFTE`=rejm^HfA9Tukp%bhi#&54_Z_sWe7ci!i|$0_aexS_Sp z=LwZk5P!&KHyNJI6UlMN8dastT**auUj4k9h5vZa^}zqU;e9$$ zPO(ix*ck~4d^92wF+lN_a9Vz=X;;}>Y zbU*Hx(Aqhp)?3uyY z_x$o;LE-cuO&*FwQ7Za5q^_by`7}Hs;D@}1)mf?Fb9dGeIl6=X#3Ycp#@;u@-@#VC z%WD&&$7apSayPAXS#2QeY=ORmOM4ssEsH*M0wZ{2E#|58%tnMl-Lnaj6i|wbO2HV?;5=VD9`q-e!1Xl^Tps- zNkmlHIQ^u-K}`lqq5vY^V~3&R#>`Ihw8iE1^mG__hrpt>vwE%$)GF~NenAIgNqJm$ z_-#uF<=3+^k@O7CGMz;xdfPm6{Qq*Dz^NY0>R-nc+dtX7Lq7S#^oe=b3XF)0J~>uA zqO)so0!pu4^2BNp?#O`5ITSeCM1k@Gfh18`^)RV7r1;h0nok@3k1yS9#Gf>kM(_4DY)*VHPbzR%Ty4{dX#4 z`7FW>>i#Fw*$ond@Nn}q&UNfj5TA+#dxWtaX9V2Wv{_Axq~g$q9*!(+1)Ioga^ z(W%#Bc4BRE*haV2zXk=%&@v*gsqtR-DRR_VB6t{3%mdvDK$WHO1|ko(QnWo7;Cqa0 zK@hQSV^*Rg6!pAnq>>SPGrc7+xiDp{Jm`}1?QBgy1u^m5D}~?YqnXokbK|d8zAjNu zSJDa!@cdcs40Yf!dXLCaWiH4&y(@i>N)8QAq)v?yU@RR5>BhEi1U(BpOt$1G^74Ug zXvg<45W{+@!s^~r=Ya0s#|_xzFZDL01AUI<3sWVEQ6QvpP(7IjJ#S+L6%;$Dq$IkN z;e;4tf5J)7w`7%6uD=n9>Ub7ytCyW0x0p zKhw*NLsGIv3qD5$;+xUuZr!Me46{-^)15r7B($!_3*KIyoUEPlySH5{Id3#^P7K&N zN7|tGQlW%TPWMiQU}OVbFOIwuqj_B)8Oq&O7U(#=cW9f6d(?v6bzw&Hx1i7XftY#6 zxT(A+f0Tt%3O()HZg{;-p?W+Hx;@uNq{9Nhr%j=DKhS5=OT+WjZ2!H-WwV4d!Rim` zsYf8Ntos{em|$K=WIvR9)+@dRu+pW_uLa>$Y75}5?=vED=EBzc8uA-_{XK}Jh55Jn zyQ(TXRzeBQ%-a8#n}BadS=j!GD2urt4fTD_4@|sYuSXfAjHe=(9(@`2WG|`Mn!Gk` zU}WmZaQ}RuUU8Ig(8m)EHA#$I=p_{;;@*&i@3B91-<#cWuX)P(LTUBjwP04kd{IyH z-1?`i`K+1L+3Z8=jw1L4(dg+39wj8(LEfWJ!j^8FqWAl}zK8wkKD(7LBHczzI^p;% zO9l76Y!!<$Mbde{dottug#_J)Q}AssL{w20M!@52EU7c6J-uhaLg~X)XSA`y;z*kJ zFhhdRlqR5SDgLt7j#sNLu1%x9Dh$X_GC9wGbOgsUM=v zqfn~qg=$$|UlQ&JMZbG6_?|yi^-J>RJY6-uk2$D4oA@G<&qs~(nT%=A33?OQ8N*GA z+`1m{fQ^ZUmGX8&?$HLvIh(@Q4mm+&PF6@e9ABY;Oo<+^u(CcbPF_4ermjd-I+B@K zq3pK1viu@9!34suV<>ImmVGb?l=u?via_df*|xp(7%MmrTkGR{In-FN@A=%~=(lFH zpm)-`+dW44IzC9vWf%`nd--D<4D^w1QPs$aqBbSg zS7*)rZV*%W*w))JL(t#jCZHZSQ0PD{V>y@7SmVz(b8Bpgzgf;-|4n2ii2o~)X);hm zQ41IhjLi4kGk~ilqsZd%fQu?*2(jsj&gZl8QM5-55Hxt$)&XULD{)egp(`23%I_#|v`_ z?T7>|o5r@DpWmDvz@e(6s-lwFJcSLx)Shims<&U4NLP9$>q3)rd*$Z5sQWq%zpe~< zup0Ho2Ki+q7qU&ILgQ5YKLEH_Y87S1i6__ZRyMGRH+76a&IgP%d z5HoW8`&76aeE1mpYNabJgwAAl3n=PDg;ygPQG~(@;>QENe@#7w;@PZJ(#Vk2>#|pA z?Q&O|KG`}UGU&4en6wH0=#oPH6AyfUA=-KeTHVYjHiigJ2uJVzSqzayAx14Erwfvl zkLk8GL~l6D`}H2QHd&LhcMNRP`vbkbjASh|--{JGF9-djS?Rmq{$+4OE$HPyZEwwp zXs@?F$b8fFc!hbB5gr3I-0n?CUA*%#+ypIn_W&A>x0n7R!RmF08g7?v8pj}uFX1ML zsphgp^{qkV0=@o!{%!T+KUs19_sOwodBRDawsW)-<|T;bG*@uXtZj9x|BzZFb1DKz zXSB(UoDQA(%@!ZdI6PBC_jsaFr}oz~e$sXaSfqFSPTq}+uDjv>MO ziqO{e(7ChP^tAJ2u<&n}7lclLPC=+kd&tUp*=DA&H)~hm9AZg3NY3k6Ot1>Y%#Rme zh|k1Cqc21cO}EWbaM6`$sp(a!GH!HOCUr1e`LA+XBH7%ypu-LK79ZINKRBEWXC44tj4ID+{8(9r~_ey)Pw;ms{bJ-?U2C7Hq z_XeU|*g(_tSFv5dZ+B%O(wxq

IA@q>5UPiD777dCesOTnox5WbX4}L>uIDpN)?dT`KPw<#Qu!p-T_peCs~}Ikq}Lt1#=|Q4|>&U%n*QRq+(fhhl#3gZSAWJ+0)yW&y3eHL+Sr+No z{_N7(Qcs4FIK?kZOQT_EZ>Ut-n6TCoUe(8Xj_c8#t+W`8Q&I$k2@;5kw}WDzG3=-8 zJYdcNM%>Q)Ph8q3^F#Rrq7$dUqxn8bU+cE%wpRQXcY)NMr*y-f)pRE54=zda5iO3) z^SS`q%%zpzMd6(MFeTZ>?dYKTv$IIO$8xBeK9b>75w#`@!i;gSOd_Booi#_Xz_=};*WgQ=Id=f5068s1$j*?6gqA> zp<}C0aCU{;VZQ648u~9INuJyt4e%p5GMO2>v$hgNlEP58YT5z#o(rD3j`BO_yzBLJ zFqn>`W?&&%_>;cVxT+t6a~0O-T7u64It=cixX$SOMuR1qrpN+cKIC3bC@j4OTv!P< z6?vMWoSd7RxT0(g;U#ky3pe@s8aqk%EQ6QQ?P6M?IK?~ZR@DG6_((yW^#aoL{&x`- z=5mn8&GWS^JTgO!z#Ykbn0!g(f;{!6eQrFC#?m@-Jk$6az5_8m^j&xAED8{?8g5R0 zO6{Y{lfs!`>Hv0!KY^g}dr@p3L*h>-3fI7Mvc(3AfB{ahTRn}F$XB8QZF_R|)!YA< zw@UpdG2vKT=1Ng;Ow~1fOmly2Q83?i2-c1vc_(&YXc&#$?B0ml-XVPFI~RY_fQeUh zLAFGVJdBuZXB3z_{OZ`Ouc8>O5J>+W+m!ILe{WL9O^l+?!I1T7DClITCtaJP!xnd; zr{^4(KKB4qpDUeHIS@DDmu}x;HFUW*33w!3!{=1KtW)jK?sw0>H;;%t#RpgV7Z5MC zBc%?-x8+?m&&)5N19M&H{Lppa!o>S}D$4>-Tg+O_7)th=7 zjD+Wdj}cx@pE!l0k|}zIKB--^VO%9iX@wn+8+&-Yu`E|(RGP=plr=|3|G3=8{Lwr$ z{PWSFsRcy)`0Kr|*Y(Xs4H`kK%c}c#fb3a)t&p@Q^{A)LVI=-AVGth0yjRQEa+im~ zS$%fCIXy02Vug5wf+=uz5(-Kdwi-8o3BX)CZ^`Que;A!;nd-(!=RRn;=u%nv-87Wk zwzEvg;XPZz;TRu6hbu+@9X;|@bc18kvM{O@m-ES(j1zR zKcWK}>e66UWxVU~JLHQs${_idEKmQZi`9*o*cusr%v^GV-Tg&zfm|7W^FAF)Il@(s zvsjV%HhtW|R7~K7f>=APWLGb^*Qgjm7DRpOCnWs|;-;6tb24?U_fgD<-@xFzFIfzX zI43}>2;Ku90EEAv*&$v1U)PqN^?#xxFN34Q72{Mby`70Xb*>UaV=q^$NJg@<*dl3v zULZ@vLYJWSn>7!FZ?+SehUiuyi8Sr#-Ph$9UH5ED-u%cH^(Nxcb^S1rJN9^ywf9~A zkQ2S;0MdY;I>krStv_SVySQ@#drisQx(kKCj&zwluckYNDF(d?fk1K>vWSOB+e*dv zu>*Y9o{$EQO}JT!Z^(2y0MWd*81Gl$ZD7L!dVB*~WGeH3?k9;bbvmyVPb0XAAQ6Af z^rINT_f&dbC5k|ui(8FsqCLF{F_=OUB6JY*=1ck8sRddz81QTt_orGsT4Qsvv~BiI z`&XVDj|VhTd<20#F8Dh##m?5Patuna7v+nynLod+5#06;Y)fK>M&6x!M*ffs6Z1JX z0bp%2Gt@B=&IWDRPt=zxPN~j?pi3)UhnfR`&QQ64qAVIr{*Z(Y7&XBW`_Iz>v;wmJ zz692F&KCb{@6MywD?xkwTs(g@Z<|S4*|+;oY)a+5ZYDu)AD<3p*_P^4gUJnuiAlQa zx%FekG!uvfy`+xx59Jn~+uRMY6T*FOpeis<%FYn*^Zm`zT`bi1rS!!7Vu$;e(F;y) zE>zApbGKC4;U|Kz3N0PT@TDPS9E{O_8Zg~sSOrE zlt%pT-%E%|lnYII0&M$>9(N5|*aC*pyWAl8d&m1=k`-jkj)98GRT!C z*E|H^d0RO>;tU?)Pb4?^cgQ)BoZR{%38%U#potE50HBdz)wT)~*HLjkGD|-QiX@GE zlkj(io6Y$?J};ajTK>aH2BttWW_?RBYqjBk*I(4lX^d7d5Y{aX)6=bNMy#e01N`p^ z!Rt{pIEU`it7#T>#&bv@4Buo@R^Lb#r&Xu zUuPUSYcOV7K!I1EZF7Hz!wd&yYyC-+q1g(v4nDN~Sb^?@VDN)6dF|+?G>G2uUf9osavC??Su)UyJy^`xkNd1D#&7wT8LebDlp(#X;kV(Cl3gi`FDM4|E3NtkyDMk*sUa)5A$nU-Oe#|PD@Kc*M?Ublz(j$Q zivr22wAu}|G7*srzyQQ#1G>Z8C4gzEO`9{6{s}Jny{x@_>*Ax9=X732ba^;mgm$2Tke%~YB zo~!lKPit$_OahzS10T_27n8h|>X>5p_vvLR+UYufrZt|QmETU&fhC-s3GL^)2KQ%J zr=g9wP~Zr#cuGXa&be413>&Hb!##ed*7dNQ-;43PPQz~|?|gKIrviNs7@xL3Zuz)d z{f`{*-5BwISRk7gO%>~NeBr&(Bn_q7>qdfUKxt&KqKe% zQwG9NY7s2Nr{xRyiVE=b{oHagq7fZkthQ5Flq!7Fi?p=^ z6U0>80Jk}sF-H~8&j*D&Nv4#OZ-{IB6eY9J^svYD&;ln{%i-jJ&Q>t$M>u|5T$^zp z4MQ2Z8{FiOQwPIjK|UQOoJbCyAee4sczBB8bO`OPY7Jsz6%P7rgi@^B_U+o?=0%)x3B)VI+{1Y%ZZe(vq=ZPMK= zL#`+@<(bU3XUAN*D7*IH(B`W3m=@;C?q)1dKqwFGR7rW9A9ser%Zd5ydgRW(D#2S3f94~xMU*iv17|ogzIrge-{h~v-e(*a-qS5pv6l{GBD5NzP6q~M($nxFc3SlG zU`f}qu@C59YDRb~W%76C-WUa9KK-0?c{zC=CU)k_u7=LmyY;&}EH~t7a_C`OfN{bx zxCM}#N5nT@-gXNowkAgtm@@G`>Gshj6$|HCYOB-Z$+VI|*~6*+MNYg9YRNMC^3VLZ zDZ9#8KS_QJBiOiK6^b}%-k*TS*Dn15Iop3JYVs~5S>)>cTZ)$uFA%Hh&E4I*+|We+ zFL?$vjEyV;2t$S$U8b8nPS5+i@|P!Tf1JMxBda*VKmK*r-+?h_(R5tvmh-6t(eVe- zGwH)$jR$^zNA~kL0#N6`M@K^E8?l!T`YP>ULI+YZ(gsX{WO2&|n^b8_&Wg`(=~7Gl ztg!+@X$D;~4&{;#Pf@(w!W;yml@nSM#$(^>hR~&T{yyB(sKt=yQB&)E3}fw5iJJ2f!InXM-D#He_#j z^xIe*wk#n+xqiqZh8~{P*XX=O^Um%G1~&><#fC4%>Nk0NWknM zh02R&fYQS(>K`54gKpCHtSXU)E;c1JpGL8?QfC=;0DeS2tCFd*BUL~M@>ZdX&n;;# z&1E%wuwC(88TvbmCvgIoZHb)j)izv~rr+*ro$T~B#`g2d}0n z)URo;potazuChmv+O8MNS*F0W15p=5L`30VdY}|;dt);n8y5-3AZo^lS@VEr=UJcb zGq}=?j^iagx!A~-%=TT;F$S2YpvV8{-xkUCi~4^pjEm&>m6cV6ZIx*fa!2Av4K;^u zNYq1w-_Zu*90)Wff+r2q2 z0*kTw#!H5-FAE#>n&2^p(*`PI-H;~<4PWdFm2_AErml2}G#wQ*5I5!a3|UOsvZgP& zEl)o&LndHSM4AHsA)CmFZ_aAyJ`weYXkVsFL~7spxr4$jdbW|j1Z1N!^a3L z5eOr_&N~Y&H}eEwjXt1craLsju?JOt&M_`-5>sFB_XeAz0=Hti_g0JpDua!E{Ey)h zBUNW;MNw}qqxm1O7k*ISK7afD!`)h`U)#};{Roz5eeT0^TXeR_S9%Q3Db!=H8<#5# ztJZzagv|=Ru`vy|2Qidjb(YbZIIa5CJmk}D75|t<72%jFsTIeQ`5644JZC-d$|nV= zUDLk%8gt(7I4nM2I}1LXOc1(cU3sh|)dgB|)`~t`V2WPTTYb)#QZy&Oy3*2|8L00q zL>T;ZGS2ec27n}%SI6WmeC#(ZWE+o~LX*}eDH!pvfd`^(4a&CfD>L@DPYF&CSBKeZ zlYuHNMY(ud$nuIwd<;3XeRmaX0Mbu^t80bs@A%s#LH;l4`Nc*~ZP8K~o}Nl32t_;g z|JFK#4?|8~!T&T%rj9FI_}rFqGTo!4dhsm1f6)0n&lw^Z!v+}ME>-Ocv;2!W=q;JZYA5UjbE_PyBc51-OeVLIIzwcxzBs`h)o5+1< zq~N+7Nkk&)N4%fz?J?a1VuroXxtTdRov^g` zIoz{kGO7{q;7#BwfoJ&`8!y(g_N=^xGXo1Eq#wv`XVV+AFrjY1M`v1xyJ zpQgQ17N08>rS$%*;PTU-Hu!}x%mYpGn5fYC!{#{W+%=h)>*=$j(DNwIdlH5vbJ|k0 zWX|}|VJkH+;1}XPXiHtOIWjyIqYycpTKH{7Rf|$mU~Zknx^z$G9CYD-z0f#i4lX^z zM-l(@vvuPhvUlv7akwmZ3UU}I1C@s&{eii47a`v5rs}wC_4sYyq)uCK>QMx3_=-Ht z)Vi*%#QHq&m$Q3cZ@tThDRT@tzjzRy+&;qib|%g5&RV+qiOa#kS^IW3j|2^;t@5wZ zP`VuwPZB8kIWUO~;2!P^6CE$ZbYBCGVV`au0TUE$2D5rL>l}|ap$D_4TLD-XWw_&J z%k6}EATQ!di+$0r7|$wOP6^0%352^R3UB0G^x20!i-_!y)3u!1oX!@eeeE!!een1G zqKM78E0TG5_>zwFDv79tJ*RR> z!NJ&B+50GwVI#QQTbqjh1*zU4$g!_?8f!yiSrEZo+jH{vP3o849_N2nm&To+y(p`% znmeB6&H4S;JE#ZQ1%Am}HTs{=wYa}gmk%k?7*k2MRhN}5*p~d>1o?%*z&xg8v*c3`0pN7u$uejfQ zfup52LpW8eUW8#=*U{#H={-E}$1{rO`?b&{ubp>duK3Jx`alaPbYnHP=fjpRT157r)s zM8!7(c8|%|cATHS8w6b|6(tfSe;T9Bivky6(}Er&`&rs6p4^?A_UK-ZK`w5_bT>Pe zd{bg6&cttZzX?`oatuXa00tK`JHKr!FkC>g|0~s132G||Nh4QB!4!27 zJ)a~-jdpAE!3G0HYibmJM?t8Co-Y;Q|2{T^a?3~A3Tv^ww&tfEO5#Y)ICHxpCeVb4 zLr0T?ZOL60>*o4=`Q$k&nFaj)A@7lJF2|K*HQ;8OtRC{n5ii_gQ(Ds?cn<`YWfiaojr*hxPv)D_HAXg(+4#zY5N1( zGNt^!(aeiXZhIv8MFOMWiiW^5JOrQWcjzg$Mq%SvH;??hSK2P>I7f=G-I8UdAt z*h6N#UZ$d}M@(=D-Y;FK4oYLE)uJY)r4Mc2crHVUs@yB8k+H{d0Zh0N60!4GfG?&e zjsQHW&|0aJJr0 z;g>S=&Bz^_zr6NzJuO1y+q>mGg+oXfzAexzLDC%k_XpsO+=u63!Bw|c&cZia@A@37 zxo$)snIiMPzWvGjYdv`NDHv^BC{gtpRyc&&Y!I~{x>q>O(9Xnd8)&FhR=JquncxybtQDVioNK#POOI z?#*XJb6wjGJ4#u-DnYKK*ONbxCj)*QwSI$oiM17wSb`=6%r7EA$28Pj>L_q2qs<#H zp19m**9Q1}kWZnoDRefgXB|&*t_BtraE(Cx7LbBC|7=CG)cONI+xtT)E!jK5Ul+P} zGw&ZggbLT+dEqK zYv}pI$Pf90zUG~ed?|!%$gC&OTnN^GF&r45V3|8EsmS?R4X}I{$7ujsa$z6# z3GC6YmjB(G6Leqi(RE4&?zk%V@NzP}*zvSz%zT*-_bs|xd~R(s`)U4J)VM;}*!v2Q zTbxVz?B>>lW+G{d1|WNzQ3Xi+Khwxu#{WDci$}C!70r&3z}Zh&Z|~OH>8VSKBthRb z3?ykuHZuBd*5RzD(fcujw*7lnmrd`$p(+gMpamz(<4nyaH*8$H)diZbHU6slyq}63 ziyD9|m}<3f-t2!k!0I|I$hxx*q1<7Pq#S~b^T*O$>wc3ch^3a1h-S>XUQCyd?2HG7 zViq5*N!p5DqTo1cxc%1l>t3EhrTU^DAWSLnfUbW~<-5M{v4HF?TtcpkUApAy=FsFA z>a|o97B6Gz82HdFJnCpqMIqmMtSP&0;n-we+=QV3VkfuxkyM>4y!$yRVxLbR1zTW!t;8^*@!aM40Tq*1KtfKw=<>TAm0`z09r77$b8FU{V=y;d!(Py};xwwE^z@Bk| z!}yyv3vx)@=(7q>qYkH#m2UYQp(|qx zCml(mD*=M5;5}0RtK<_|eYccQeSZbQ)fsw{YqwZbh4tl8dN=EY{aFg+c}z@7G$&Y% z4x`Q}H`7Nt$~IQ=38DT@@GU;#Qvf>pSr8lk#Z)Jo zROreVVb$%e1I{;*AI-E7WNni1ZT~6T;b-fai}&9Mq^ZF~QCe9u96p3ZFlzRrI;I^} z*>T<40&U;E%6AT_{JeU?1oGYXkIzfF=mZ0y$xz(t9TICtQ+!@tU_<72w8{YZB`nAl z3U=wB$AS(FS?nz>_Betch2hpjmX(J}`{?q>yK75A*FGfYos!TS^AqAf9X4OqWlT`y zE2<*e@6c?7Z`rEKKFi2RME#J8V3vsH!|*$n9=ps$*#pHOX(MDQJ2_eDLoKF>!?jTr zH)X=+foQ)ck<>c%`O&?+8!O!f9pUa0sU=Tys9w{#TUn|MS~N=ddyeloA^nQ!Y>izc z$YQ8rAKi_{)c_yKg(XWk!0P?6apX|81xkG;fP9x~ZLHHC|_JF?=Jh*TVA|#X-`tHJ7xkv%N4}+gMTVI+r(j z#`}e`@-Ip@PmMSO_qyRhjzK$0molD60-BvphIOeers^45`$Hi}RTYHBR0b?a2 zt=G&*)2P@rRn+XZjAIWJQV&#-YMcRZWv>E1as|4<-?3bk<)yp#E)DHsNN=+ChyF~R zF^0KC$%*qMGcO_YOM*USD_ks`ynNf23%mD8(UnwOL16u;OCUhzwQ5huaPNPBzM;q&LE73Jrt%UkH$NN^!POuhX@u3cQx*st&n|d$>nX zsU%H--k-4POH#x{_P1L5%1<8^bK54UMyRo)>piWp5ESeMw12J5f=)KFZdA(K8Iz!S zf-k^e%b#EGW?}K8Fe^zGr#Gx-rS8^ABO>?jhdxK`aqdusWfSJfTkEm~ymeG^e7v+b z*}TNX9Fc|(suo)9Fw*@`C6}HCMSWKLbx!NCjD||&$9w=hHBU8;{k-5C088t6?jhKP z)#>@SCz;1!(L1ToH{%BzQHg8(HS?vdiNoLm;TEq2qNHwEZ*?gbso(c)yrs|!8LyB= zjgKQg)=})AFX3xEei`1q))N$5A0x%ENJxD#Y~@Mq@u<}BJ@ma_xHiw9FiQt|Qui^c z6r&mgsx@3@_4hge21riy^t?a@l4w(FPC15yQC5Wi&9G?R?+n3VqHuc5vizU&345EW z>VpOE^}xr&?0mqpHkv=tQJy0L7oMihW%&eQo8*Ciro3z-2}NP8I~}ye5f*Ma;%l{_ z=r9i?uI7%G!e{pMY?|erG&YenP~xs`en*1CZdb(KBz8i zt@`{B*MbGAVD46hBFpx?FriET8HD4mpzr-+c-SHo>)0ukB@WwVE;Qk6UgKpet8u)* z_L%}@gz<9#_A!t3G!N&h2Z=@*Jbg(3`T6D~QoOL-Wv(KL4aMT0nmnO=_iqTNAMVFo z(IukPJUBky!jRQ+zo5fBOUq6G=(e=ww{*coj_l3441&9Thg6hjSYaf4?uN79*K#U_u`*&u<|%Miu3ja(RZbl8R7pJ~hL zn&LKpT3N=-jlTTH*Ed3Llyu~0Uq!C!u_k9%1fCIh`Yed~N@G_aob2xQmxZPjK-~0- zK(+6QZqx(ES_qKNfIYk)lVY#*o%_g746m_IOseUnqNg)4@)dA6chyH(|#BQI@6E8~|2QeR=lLtv9_ zTjSrYy4odhE3Ps91-^KGk^D0;_(K+ zWXZVwP$LgJqwam(FT`3DWza+Lp zkDD)foGm$$(DW2-Cu4KM1l$r0+l|DdrHhf|dWmV?Q5rbL!O~|FDQJDJr7M{DkKL=* zry6c1-_|Vq34ypPLD1cyb0EYU+=blC&GH>cJ|?*G;%%k$b9*3x;;>rr`N!=8SFTs< zB@Nca?~B~gjC#U)A8KA9L80zFXQ5CP!vJ>dR|*Td>nH_!Z5Bu-;3J;28Ux5j=gthY zaeu^UAEr5FH`N8G&TECmiviE1bW>DiTz1LT?<8bi2*0c1fw z%<_}SAsz8iI&!zdJgqOJ{26gKj>>7E683O=B}_Y zEWQ5G3tQC()%^3!eC&P~Wm)g+etnv072&j-2G>60I)Z0fIC8AWLRJFL_2*LQE zB}kq|IeSZ6w5|pk$(}%e=cpO4veZ|qi6q%Pqk-H6;opa|RuX57gk33>9TllNO9_G9 zfVX-zxileCB|B>$o205$k&%u3V;U1SeFl$;3(ZseNi`E=-ZMa{1=5iZDFhaDHd$57Pmc z*}Fs~7(G#~_#QLRnql9_zhxzme8Ai&2o+E<_T39l^}i!sEo!OF_RhH@sQEhgkrm4d zIcR3*yqS2e?Q;0JiiJ>e!_iM1@7;E-c>f%SQCSPB)wSQ#)9a?-fJ423%*Dmu3%9p)61v<#0(^t z??T}}dO|#k>XLDYqu*Cm!3j+&6=fs<3dsm&!nd22p9w)&fbNz=ix?#X(C!}jo3&Cc zQd?*H?IQPy?Id>0`uedM%&&2U7_E`F)Bq%epTNiZ!>WmlNi)t~Ec|JLv!Srfw9`3(2vihDXP^#=YNKlnvNUJ5q$n?;~|)CqsphP zDyy+M(&N3AxV$cXy}6aWs1~WTT?lE}ju^|(9^2aal&9OAwr>-H8=n)h-JGj+fP4$~ zn{^+dOQ0oaIalJC6GGDOvj#si-3WI?Utce1YRwSpJINKr;MZdG3ng^U zVXaG+l1>{s=(pnfuAIUVsPE~uZhS|fxPUQ2NMh> z6G=I4Tdz6}4rAxL0uc8+stS(cw-svs#`${AWc36GORyckTy#59tn9zTkIa!v9693~ zq1zCt^)sFw8+Q=tnR7LaV7 z;wK=FMbuF~mz&bz;mQ3AwMm#V;anb*L9BX8AX>uf74eADMPT-jGxE=iPL!xeO zYbfleU0v^bZ&7?v-Ra7(5_Io)vFEBhKSJz%WtGg}dBMTFw~?}vQouVV3Z;IRR`{|G zm!&VfX~S`p{vD#absR4WdaXy!BR;uhsni713vYrtycG+;P zg@X(h3WNF>`El6BlLR1gAsJflKxzddIlR+xC4s z*VJU&)`ZEf$urrUYO2Y$Yh~M$;!k{Pe2c^*wQ5-?syKRn(I9 zP!Y$^p<|i2aHYc(+I7R5Rs8s~S?4hkOWT$F&h;{A@7w6+qkD~>lQ)CC)u|!n&+!aL z>Iz+W3K@ZBFS^edL5XX3U9RNfe9pdW8zfsQ{(S3#aqrYv=WUo11Tp^kE zG%4P91Oyq{ZYP6>PiNd+eP-Q0982EMj^lza_g2em{tk%TTn38DWPiT3gwiW|t!gVcbnEgT#e&&N-e01Vms!Cr3$?RIEBr4oL4$ zbhfDSF*>*}j%8y;mgBm#+Is{6boIk=Etn{8FrfEhF?r1|u`}84SgUQ~zzDk;N6Ol8 z;&Ww%%*_)TQk*UFC5vi+Nu~x9d57F_WwdpSo(^xYvp%xPi{k1YRzhd*9ji9!MJdd=uFrSl`pLC6*m z;rcKRkBFpA6P*x!PPz>UJSMKhNd5t zEmhlgiFwpRk6y&LO#R@7z_UnhQrI>ZGGeIXT5sPI zDN(oP3pW2AR9ZUXFTy6oKvj)-qdc&ZEG{)CoTRs5JXr%*?Av>!1X=NY{YN$UT}&DR zVhha7BW6s~Go)D3|02Eu^~`+W{;R0O$M0PH^$*C&hPtv5ON@+pERgRPyXmkn_gg@0 zJ4`*fM(%g$5<_i2)Y6V-S+Mr;N0A{FY*SXoU=ec`6VHPQioiY5A1tb}vXaV5N|J~K zaEBw57DIwUiD@jqttdIW%jUxKh>bnXYWqdxw}dQjbL0L)H)uN~jl&%=WGY9lqiBX% zS?hNU{Sm&bXX)d8$9ufbn*<9?%RbI`ObdQ14c0b<_fJ%Qga=5>&>`5LSg;B@1*>ZZEey@ zTrK=DpmtYiZl81dz8M;t@7Y`@ZJO!`?1$bD|GuwFMQExi4G@!02WfaEDHCT`#Gs8g|mK+mX1>y}0JGfkoqsvgO3I zqVR&+J@u`68JcOgZppjsP;?}%>8}P$_5D-uKGlB?sH8yiSN$**M{z1o$ab#z{)oi%k4l()PrN9zb<4+VyMWuukbVd z{khgeu#WPWo6}hhRl^S^~Qq5cKK!D2Jg?@3qIn`hqu z*ByWTGsV|IXa0@YmQ7bj2_U1GV~(`1&U_0AMQ{{y;SZU!L6(;8HoIIWWf+>u@g(?E z+B!O0VE+uq-~8sTKv%CDWAI_g`jW~5pAsIy)0NJ^^5v7erl9^7$@n4(KkFJXNm$d> zpl#>YJra@aR@AWk{>UNUTX1p&l}sVllGlUMq@XhkxQ@*b%_oJ>>y2u?ZOkncj%{H$ znwSRbS2^3Zu=Mq6K4NUT={rM~k(sS97~CmgHdocI!OzpQ+uDfD8&c~)Ug3h}4didR zckS*Er{UTCvzx}%x{uAgSW<`bgC=m)L@&2X=N$^w#0poSl>BB17o-NqqSvb-+;8Bi zptEPx`i;abVhfW&QAcMmUHAh4rUpB*oRj5}#4vn&d{X4knAlp@s)$WGMYXAFQYY9y zs=LjgTO+YO`)hvgmA?cSeU<1ox_zv^-nYS_+F4N5SbCp-`}}_n33iXlv43Od@35TI zAvJ2bgync95GIxaA!}8BO@O|f7T9P58GV^Drn%TsJ^|uMUSEgWLq9U zd8tBhCHZyV2@t}CTB7Uvuv|;syLPTOf>2#n^>c2Kyvd6AI$Bvs-7H6tU}cdlGC_?b z8;cIU3N)J_pP@arkIORNXiWZ%C44VW%GK`vKE@D0n96Rgjxw#Wx&$$cQL)jIT$~~h zql^|4gsxq0bPM)JzUmrQVnN{sF${|WvsH9{FBP8iRA{%RJMs04Mm(5Kwa#@qUhW49 zCyjh*v8P;@Gsrz{H9OY65qP&$=jgB|OuNumB~8eo8sY5hl=1?Bt{B_cruL_f7Kcrfbk7?AI3O z7;WDjpEVk?e4Q)WXGDkNWRL$TEyMK~c~xa8+>6ARQkPdB(VpWQW+42*6v5IOSxTGJ zr+=6=QQUQlTqK|N-B<-_M#&-G;8U}6>u<*1=Icm}&j}37<;v(I4!8K0?}1|p%JFJn zy$+Jiu5}toNtM*F$>Ty}<#`c4H5ELqapzDbjX2B=qxK>`lL_Xq+#bzkb)2rke;Q6t zKDrjiav5DA%z%L_LA7u z&Uv?qVQ$KHUS2?Goa~{DeQ~17bq4_nJ{dt2Hh9*}xs|BRBcq}D1557?HZ+j+P@8kr zxfm=g1*^KO$sSdu0nTyH((#hFD*vR#M~zJXCO+KMl)!UNy6dOHq;98;eWega3OC=l zmfm-8y$)?rDS`}@Uq2sAtY`2#J`!P@;Fh=4?2Ii`_3VX>w_nvu$TFr>3(mMF1sXDVp#Asbyz5H8}J6lvV;(fgJ!t)SjYudBJ3gb|CbhqQuF38n@Y|DwA($!wpz5Lcfq z(R?*)`7Cy0U0AkTHpckXRX75|j8?Pjxu8DuX#Fpw{(D`+I0-VpMEF_e=LxnOz4xCK zRTECm3!A%hs=7#6H9q#y<;|!@Ru5AgdS8VHnm;a4HeLX%H*GPxV+)%gdg0gMg17e- zTrkQouu-SE&R7Z_tP#Dd*8g!Co@4?K*QuGfF5Y^Y;2RZ>aqgCa2b=DN;&V|70eX75 z7Nbz)-XjO0%(j@=c&B({yvv#l)qU!5QL z$j?}+idkAe1pMdp&s^LNQcJvN-##37z8(r2AKX1C4KK)23Je#x6@ENC5+z(DeDLMC zVjL+9!TOj_X!y9mZ-S>l|F*H9B#Q1};{M6&>T=ZyN|!M^IzFY!A|fXWbGW_FF&o-b zFDo;mld1FwzZv>@TGBJ3dbJK${ktq?(%Zt*u5R=a#{AxUc_dXdoL{SPkL_OTj&jaW*0tZ} zJQy!yw%qgDyGCJoo)%YCQ^>C^EzAcxGC5zK?UlTv?5(Oqi+*;#y_Leb9Uq!ld+N1Z zas2qqn!N&evAJjy8AW4&=^RUOe0_g(oCBj5{5RkHJ0DUL#!OjR$oLLE)WfAny^}FF z>`5Tlu_&?#N|$YdVuLEsNZoGT!8%k-^WWAqi?d?+))*8GgzmhFX3bNb3?MPIzjG)s zmWN@@OQj-2@i#+iTP>7yI@i0x8&iiqH+tzAK)JdKJrTXCbsVXWy~k2z6h;k!smL^> z(yA&^1pi$gDk(_^1%y4aD%_~u$46rx#OQsV>Xco;>h9F195?^JH}6}D5F{yg9%%gY$!9F%k?{UC*?Zf6LfRZ-RAH;34_@Bi05(lb8wz)N>-~xE zrz?zA#)#2SG1!#nBp9v}TXqTV-S&|Th95EI0Hf$bCDqs6pqsf~OGJKGzYqaK%P$dK-DvFh}5DwFcv~Oq2^dC|+E*GK33)l9t z8k#p7qrqZid;$V9MLoUxu`h&Vyzzf(8F~Ryq$4vbmRfE0gqz-5q?w*C?j5_|Y5nZ{ z|HLLA(zx_CsfSk`<{TWN3iWYczHunLKkFAwq((L{H9({;V`2!mzU#AeAFzw5r>@jL zQsBhIO)Q(#|4wv}E|U8DN4d)pdw3FzngNT6f_9hXf2R#Nr*vdAXWn^O0JRY`Gy)ql z1pnZ5!0q3>&`09U_)l8@0qj}|yN(bJ&wNIqNpoH;mCt5J8jFXuR(+nK?d4*=RY2Zb zAAI&s`%$RXeDUpIa-H_^k0f6bjip&^E0KqPgNY5v2PVp3>yy45{$ryO*$`}#!Kac= z#{Td;mn#B|3y&(I?+jlfcX?pv=+37b9r;J%@*)}*g}J*C|1q2BN3h3H{Zm*khz7GF<22cp56-2VaDX-SVO2CMq37+vw6*@ z>cEiV`Pr8OFc*F(tc^abk(ZU!0hfaBlo0KzzZ<3T3DCFf5(K=|&46C2Dp0Fi3XuHc zM4V$287zkI*A$!db%(?2g^_iZ>$lLt*RT3igH@O1c2on4RVXB0_Vgna;yTU&5=?!V zat3zI-`dCLC*~g3y0w4Ce2)7;T^jXGR9t|lFXjLpGib%&b^E;IwEr@{sws@u@qq>> z=BF09(KX)JM(25MPPS5S0uHcgbu3y&#l2(0M8%Hqt4Nr@us6tFjpfEiL)S^KQ ziZ|Yewn+&)tZ#n*K@a~M;IQ<$5UVLG>&l%w&+%&tPqjhq>8WN9Uy?itzq*D@tId(GqgP1~RQx$ViCWM5 zk*FlOq2ZUoZ#i#x+&(4>LSF9t!`)Te*an3&Yb%PW>)IPL#HkwiEws#Gi96W#QYnsx z7l>;tYhBma_C!+xuFm>Ney&%yZn`VfQMwH`^_vw`2_ri8NWCfh-|%~oSnnN1zxf_c zcHhq~3XMfIq1WxaM5?2)mw=-q0i{5S@$mEYc~xp@GmefH3ts*3dX< z_w{=e-X^4jTeGW{hu;6VJ`)T+u&mGLQrUlTsVyu73G{HQzoLtwg-N8b|AKqH1o4?p zYKEc()C<1|`Fs?=;%T-A=T+(`rj7f)E>wMS8DM>&L*(KDrF$xn&!hBNZ!VlKz_`5) z3;)XPrcH^jZ)N8%i!l~vQCjmds-p{Nlq~4UE_p!wX%tR z2;iKf@Ah$I)XZhU;_qR$l0=(%Q^c8z+J86r+IY`%5f!kMmIL!|8|r^wKu5-sSmsx} z)BOX;6ZdSf4XFygSL%J8?p$CQSZ7SDLK~9C-WtA`j6m8}ku~?je6`WKDmF{+CkSSv z9I>@3>8DGnoa33msUASN9dT3&dNQfU-ChGFJSAgEVv$x;l?|`Ij`5WiCx-3IpXb8_ zAW}S4!z8OC&#~Q#6v=+yqflRuBJ_EsN=?Od2|6q0ipGaW#cEv|yn2NsrHq7;)%j|# z_>{n~A;_+Z?$073xU*VN6B05#DoKxf_iMJ_Pvhx_@)1`R8Lj2*;-f+DJbnFd>of_b zu2Wc502*g=L+znH{LK9PWJuRFb=7`#>J)J95kCB*V-3LGLIq#)Llcs zLcb7ubg_RO!;W)$RmfP2OvHhP2H20cLD-egMp~gdC#*;^q!BEv=&^`<3fSq%ic(>)`mg?E6r&;l zo6TDdWbwJWKmU8ZS^jIKb4|byt213s_T8oM4wq)()(I73U}{LoIfo1fOOYIpe3)CM z9(2qA;VF*8GDoCBXvpbM!ozyd*tP2Q3mMVky5qOtnsQ< z+&a?#-c_qx$*?hzUe+=RNordLE%f1bT@#@SwIL7Bm~)DW7#M^DeY)d~CqIy41lUAW z#st9i3g|eD!rS!)>o{d2%jN0yseViDx~Xxk0g9g=4@bh9%{G);sC%v4Ub@3BTxk-B z{`=Ukgd{`{Jr#Dtgdv%6KZ8Ty{+i4NiEV!(9+S=8sADSno-uK@;(1-}dAXO*>K$le zzzViz&vu()ulV3mDWseXQy)*bv5zk@guU+7T`ty0%zd$0 zx<;@0)V}CX4-!YwAPy0q^L>3$SFn21=r7b;Yid|jrLL1tQ-u|C*z2|SIu8y+w;+Um z@BB68+5KhDe5rh9krt~dR1%Y#O-fCzvC3HgRApic>i@(f1xxAwCXSU+At6&trjSV>Z}*q%l`drYFM!_qWR+ z6bZ=bH$TZbj6!ESq2+Hmwob-~ppl4R4iXEgU>dhof#iTjkWZ^>v3degsB2}G7RMKJ zZ(ACc&sSzSdtqknEhoD%j&l!8a-yu>M0yS+8|_FlElf2Y3?m&|QiHBrl6VxN z4m)(hX6yYhvm8UaUAQw7cJ8WKl+lsgMjCJ#v0!;ca4VZ**U1dpBqX@z&o}n3x;52O zW6GqL$lzpw?_gpxWjLj?ha{ytV>^xtEJvH|yn_WpASKMsK~2fY-Qm@*7Rf?Q-RTO4Qss4)2KhQay-(Sbh5utD%iTT7H-3Fx1OUw@Ki2 zCer>S<8W;n7q2W62GseG+qF|#6njNmi`y$$^1`!p)7m+@Zh3eq5o>DP3E6z6_7m8ajg{L70i_$7x!7&)ZCJ} za%o{1?_h_!`6`)X=y09|mz!PRwW+$pode=KWMO0XDl9PqO`i}WWJ$ch#?E9`3xtat zeXKIpVmo8_#ghW$g+tXuF3?fnRBiI>dArUS@lsj(vDIR zm z05~w1LiuQk)R>e$YSe`1wnp5}ig4Io|JoQoVlb847JXYW$a~X~T2P#lrmn$lQxmm`$t zB=(()EuCFaO!-8NF{u{0jDY@kDuOZp^Rg3d(C_r>Gz0j5Uk~bk-*4b?wJ&IFLN2BA z>V)-g4C&w6V39lN>00I+ly8uCs3@3G78q>hXI6v+V!A#)gl5_EcXjI3MnBjA&kY2K zJ?t&hb`@S{Gk#N5SbPEic$Y#1n@y)m5kxPwq{vYd zR%`0t^UDy&5R?2)!~9Ods_GMQv>DUWbxJEOcff<}hmb5a>hjuCHibX1GMa4*%tF>O5d477NF3JnQZo8)a{~ST7)trwnGp{^S#n zOY+`dMNyxo_8hg|34uzrPYw6G5nviR|7mU#B1wr7aF@|uC}t^7FwQa8twUn%XN>#3 z|N7Af{Vy3&74gIzpL@+80&QU*8~4=bO}fz!nx`r|56L#QbKvXSob!i(eiSux8HQRh z68YqpZj^r?561sJ9`j{UI$Rwdjv9QZ(Nq95guii?H|oZD>t4p3f0Xf=7O09_1hf)7jMz>Sxlzq%VudFscExdwEUZ{ya!LqQFJTv2vL6_p??~%iPaHI!|`1 z7*OP#vcKYzQzXb>lc^n*$dakwA@!wJen_JVAuY93l7hvBYDGt9jDIx73bSO)Qu)gX#_FK@O|Bv!07LNs zuASZrHfokw2PhV%hHX!2R|(-Kj2&aj;`H}Jb}e7s|>wadJe)rw;|~C z|2u$&3|W7QFE`^H%cZtgM6ZtRDGQJB@p8KjuBQfpV9GRWjp;jtdWmi(jIPhNn5n|T za+>un99yib2{a266T!iwhJIJ2B8f=y>aUq(cnblZN`MHxu4|=BUJ6nyEZNK|u|9&~ zHyL=0sFG#(0e<*S0BQ#{f)YZj6!3v)jV88t;wclzIy}+Icw;O+Y8!%rwW0!B3$qJY z+ef5~b`Q)gsSMM5T3X}+;By?XIiC=b=(J~_+JK-pLBRfswWb7rRX8#9bjuU1W@`=| z{x;f%sl)>F%F1FsoMD$buXjO>o1++C(L-q8f7(Gy3)%VQyu$9}^=q8sc+>>GRecf_HIRV7tKnqRu>wFY|G@ zw)%nWzZK;lA50pw;4j5xVrXYy`&Z;Ojkht4o5)3XvM{SVxg?DN^m$jKkF;_X-j@^OA18=(_#|FtfI&LEshOh{C1-=`=+|@JqRq|mTQgWMxNgt zngx>xBu|-!&opAFVTwtBlVKsvGrFV(tc97zJ~aQdY~NY`*C6^KhLD%oKV+R%y&>ih zJ!|wg7Jg0JExH|I58DqbpiGfDr*mJ%=la#TWBZN&c@H;-p*_`&VnD-|C$k^5BCp)| zYm>339KN8+ez~OJ2zlEpS`Ad_D#X9{jB(tj(z z;My;!?BDR+yQ|?(qFCtj>*dM~vDAvy=FIyjD-}W{11}qOuHGI-&&UOQp?Qf6S`^Ll zM%sZwcW2m?&kbLf!|9yY1EWGpmYx9m&S?&Bz}N;~1~Cw9)Zt2gg{iXXK39AIN(K)8h6)s4)e54!3ky<6->$1o>V8*D zkAd6?BZgLtW8Qz;=JeK|F5YaDzNd27JP9P{^_i$SLK-Gnjvj2VPvl7u4 z5C@oIcI$^uKF>djgMLi?PDhkiZkf?cr#0P#c)NZJAWu@JliKEaNIe`W|4B#c2eWc1z5(NfQNLZ2YUszLpM2Q_-LPf4u5!Y?EXK*0jh$g?IS9ox#ekVSp}|BO zc6%nA46Z5)vOJG}N_CwU<%^osglU4F{1Vw2^rNhB|55c9fT#$+{6k~z))PY@FI=;{ zxC@3yT`fQFZ?hmXj*4HB|7oU!!b7VE|;Be|5OqU zu#Bjwi#FGfidvv!7`9&VC;Tu5P#};y`VB-ejSNSto=8Rz&?B!D!T8`p+qn9+`vIM8 z4|ip}$n;lQ^%0uflX_k3)$b*SSoJP%o|i=rn_k`To&wmGw$+vim8B2H*AuijaHa*n zj1Sws;&=P(Q0$n&);;1au zE4P9#eY4EZKr8&0ZgS!5@4~juId)S~U}EwQ5>ve3OeGOCY*mS|KLkdW&STVHtit~2bXr<4yuplu7JQsb(}i#bM-^(Gokh7j7*2CYy;+KS9TQHybVJEWCx61z*j43%nzj|?c+ zljef8_+f8==Le6A76$SD&QE&mlep3BPCDTDPwAGeB&nTsTLA(kZ$i_e;&JxFkK$$B zLvCtni~9EKx8f>Ma{0%4d<9rMo{uYl8>k#*5c7xbM;axHmLB{S4F$t<`6t%@u4-Q# z_uTV+@VcM=$ipyNNmuI>7QDFf9}~J8+9kQ&WzBASn_l<@^V3f+P#krV)fkHL_A(3x zYDLV;x9!=+>qf_*FGbiDZjsc9XLJycxR9pnB`GFf^=tqr?4So6)ONXkQc2!M#RVZf z=-~Xca)Zt-ZJm%cvAWI#1>p}7K$NNuqaLYk4F|}#H{+lrixXhy zS(Qkof+abJb`&o8-Xl%oG6mZLX(F)cH@O+i%>Fxtjg|`Tf^peKgY4#GeADIU;+vh% z%Fwbr3n>*y{{EDi}_xmmkL3MxjQ zzbfA~th1HO^JIg@7h2tq4@JrB9)mxfk)-!#Z>N)Br5dLx@LGTEdMO1fxh$djDFY8O zt%<*|~cw+g0+rxPY4UefW6FQ4mIiufTtz@{__; z>NQYvbN}yp=LjV^0e!jo&wA;mCzl9I+iW%Z{rJqvdz!mnEo3IR;}NN2y8>wEp4x&o z=!Pftc^$rfxt(mwNg3zESn$W+^ZK)H_vzbo$=77_A5%MW!cX`S90mC9oKH8kZOHM45*|J>LdOqLl|N$sjqT?6+Qmm z3DXO2NlyO2mAv(m@6m=19yr`q>(QuhHx5AnD3A8nnU$62turZTl+#8&Q&SqH@~Qll z5^)6ojSZi-BaR%&QnrWf_IC^w*aL zEs%OiQ2L-7%DdbMM#l|g8tW9~$)>-bXW7WMoyIzPRR z?nCl)5y=Wk6k}&w_LKCZjo$f(6kANip@l#0S*$kN+C?Ok>Gwg`hyS^4!1ql}3jC`6 ze->&bDUG+zT|`@ZIH}tnx*TGT$6*-s7;eg!4o4{0jj!OTfoBAjyW$3$ezx8p{B9?h z3N4#6QhhS8EZZqY(o{@HAXr z2&)o<&=SSYV4P0f5u13IN+oj1Wx>4cM_ek|H-G zcn=~*NkZ#1t%Z4XhSLh~xOF_bPYuOqlVEvx)LzAkD;=HuAR3<7X5%axn)@J>DpB}h zXzGSapt8Fxz!Q0CaI5il^pb%V49kSC8Me^{E3`)FhEjdO&FiQk9lT%(t%;o&+(_AH;O~>1{4_u!nCL>r z@szyk9@lqH1)VW>D67EFp(745CW-3m`leZ92QeWjSg)`ygatz&uka)K9NQcdJwVaK z@B#W$!?O_4_5~Xcn^1U?T=~-qC_9bUxCS4!X0GcQTI1(!la|++-tey9*G|Rpk*DIi z;SQsk**NN26Wyl-&bZIL#5o3N*RS zn4}#T8%Ef-n^C=%yQzM>tdi>J`~w$X!1g~|OralHVEW-dx0r|Y8yR{Q#8$_o?Dp~L zqmCbH$94;K44)}_zC}MaeDN?E_esmIR~D~_ z*|DqU?>dTf$u&mL+IM#k@BJb!{H@P3IPzR4$nsN>#vT?>_om1U(Mn87*8#&qIJ6`V z2+{m@g2~ldfSbNSI_9H5I;=aAbZEQw9|jKmp|=7YXhsGt3qQ4v`vFPN9grdfSIA`Q zZXnPrjnGHql=1nh__P(*tWdg$9;~S7>~K*rt)i`Jt<|wln$XH*UKaeSjITGu>p`bK z&_&1fvI`pYFllVRn05+r#BZ|ZT|gx+3sA{^Htqn0O%3B#zw!z_R7q|1yn8mvWt{Vv zGtR^L0WY%$JU`yy!b9^|DRh8G)+p8uLdEc%@R(_dU1)kd3|E+ zk#p0MbVP??DrLsT#}`4|UVJaSjBL5WrP&|SZO?7f^~S2%>9F;oNA8K#?VUY~EGN+e z@!_>@{j{L~-qqU~wLW^tQ*NW8Jm%lI6JY|BaS;buLU%Ai#UQa*AO|3_Uw2Tq4^C|c z2CF^4`gomxf7-$B?t`rsLaY|Pl!k$og$S-g;SY8JiuQ+xjnG`IumdJ#LkVq3dlh^e zVfkIAa$zG(d#M6{omD5MfK7b`zMl-{uW3F21Jr_YB6c`3!8VgSItk@JP`InLIXmRKWQZH=Tyj1)_? zC_VNw%|kI~`>DSnS5X^V;-0a_@Y-Fh2bYh~B+z#Bro6ebop-{HPA|l)Er?`g5ik^$ zh}n}{j33D+Uss!z$|rL*8H@+R-)H9LUQsurUl~fNifCxR@H8M3@BetadAA*oud<0n zKuhE&ll|qyq7yLrYs}fO6DXC0=}#qJt+u!JJ>YZCq@VTaQIkCtQ=DoXY;i3mj=9`W z_ROaWfn81}-4>XnXqI(hAQ8Qb!T7j*6O=W%Q+y*N@F%%6+{9{I18MHNhi%sCcqI4* zJ#5mkUqQ_dhJLu@7_Q0Ah{UIu{)*6ap4z*c^N#tp_Z2snM5f~&~WIY05Vx{Ma z$cB|j6{*1Wg`e=JQGOUdcg${E#*qEg!SBz=OTFWo^9FsRzkXG0RzoB4A!HSz$;w!5 ztPE6xRQs=v@Nk&*0UOyu1EH9)yQX|ouo*X7GJE9rYp)v(ma{#~(`lOB$+4e4%dO|J zsPA+Jp8MwN0L84h<<_jZxvTQ^V8T4J7PWJ4w&CmbzNR~$t<}P+s2HP3xE+kpZqHb% z@A?f!)aKSh^AFKp-`MJhT3F){?<1;LXhuxRo?d_0b;hezfOj0UO2Y2b^leUvuloQS zU62Qw6b$Sgu@@a*G7|vdyKW3%C19q>qtYQiHhyU4np}n%BEZE0cw8yYKQi@2Dn5+Z z-=yQFALMWQ@dmHi<#nDZqQfft)5R2VqQt*YPW{v|0L?E9y%y!142$`B1@&7lGQ^yU zN^166(5de$k&{bM(aN|U|3M}b%y#r4IT~#XOXc< zOON0FIDdT!a-G6g!U>~`1&0tZFJa57F5UEa{BtgWnqbWMHTHE1nhm+H8j*wB+inFhL z4XG_>V~@A#_A2SM3!h?m8f|$sFq~+&n4n(3CEzdlRjjrkNLlI=V3IvN39%0xpNVnz z8Ns75^_zWcHsS%<{dYZaw_|@rIP=3m#i>4xUV=h%*6z$Yw)drW77j_GzvOe`>U=OBiQlKgk#%g~J&aim$)YKysWBdw?6|w5-HuXl$3XmZ zd(N+M5t9ABL_wFtIgazAT+5Alx=7>?uj|SIo6Q*~JN@OnI{jXgpH7-IMrn=xD;Wy! zDZOTkAp|k8URq0BhiMTl`rw4Sze^Y0A7@KpMOgAfzJrHvz$WW~YblMZPFBI*9N3H80Sqixp~sSe zv$H;jPlM4=i2E4fN$iNk*g=JeeKnCY$B2_2BhB_RA;QqS0zoHN4_Ho!$TZx@3R`cs zKKSLy&Rdo_UPOx*OU4xRPFziih-iomIEHXW)OmXDe&NV(>Yqmt!I2x)zyw~DHYWIo zvR}n~J|ol^R?IJ28D8kAP-j|EZhEf$3#34J63de$J*0@%*v5SyEbLfuS=T$4Kcma5xIU5UFX!oiGTb+UU!#68~q<}v4mMs3@RiVvO zGgS1{@3#%Mol1f6kz%!eWC#~(LJz`q%ZHogBc-3L)*Wc|U53)!UOBQ6F(6-J1aOF< z-=jHzVwUaB`S)JGie&;b;;^Dr5#^^{xuwOMlTIg1z30E&A*6vXD`mF}{*4&9k1Iwd ztu~8|^VIBgKUEAlIQ62cQ(nI&zzV9m&x7tTFf)h4cusI>moY~G+bpw*L6FP;&r=mM zqWcT4@ZhJhn8DX60nB@VoFWlnfL~vTuRT3W+x67bIciQgz`Ic1dt1J{(CO``QC(OG z$xja_g4+0(Nuu4!XyZ?*{K<**i1;!9IhM_^2%mcF1rIND^iEa!ue;S;{{~@c)LxkX ztz-z|QBa6V#K2wIuIuSdc`nZVIDR|Ii0R2Y^-#*O&gT<~D8UyUL}XvIqlWO84%AK- zQIUN+zmV|)xfZ0RXZx$3K)wN}M9^$H94Un!0JdAFxZXGlLRr@!PTJXtjxX4ex{xwCW>^F9M=kE^j&rUkJI3EarUi`ULva57-!L9besjbCb z1Ci2sPwaLgTD+6S`id;{nv|hbe#-QF5Rn2R7YbP|k+YPJLX<*x!wX;QSMCoV*WY!z7zh&JU4#})9zZ5dA{IJcU~M8^#q%c%%>EW&J3|8V#7x(CtgUZZ?ZQM0+I zy)Z5G??CXEqN0rD7I&iIDqTRTUlpvNIg2Kg$d;a&5PHnUrJ}&@nt`zepR8-vdCmy0 zd^bX9t`Xq4_P2Ct)&tCs%;lz`V&b#1MQWkf%J!>3x#oQBm`yo}soO8WvHz}9P{6-w zg5CUW-%2wbz5>EDWSxR^A>3g*>q7=zApaeaSOG}(c&Ree0L7z@L&dOm-83 z4ABrm6m7>nMhJ5Ad8v7)FXy7qQQw}I<$1xBlhTh_5eE?qrlv}c0`60u?<_X$7di6a zNIV9plX~<&k$F9IiQx$Sh%9fIa<*YXaspXs!P4vcV z5;AD*5j69~(?Epl@S}h$=FK%;eXi5< z^`$GFDfu}QfKs6|hveDj`ik)>%int}%eaJ_TK)c>90j(dJkmdKDX+`$6BPQ^+>|%X zLpf7Fl7T1wNh8m3;-_UAs&3bC{DrXJbcK(_MvKR+6&&+v6A-L;?ZE_YQ-?M~2DbR( zo#?`Wp+aSe;qTZXDgRwdpie_v89o2mFQ@)E962ak-x)Qkc=o@sy8Rf2trqw+_G*SM zg|RTw=D*BGn3(h-)d7G@(c_5Z_Wek%Wvn7?{RP}QV)Jd^Uo5P@*CMJp@PoJV26@b_ zyG^ujMBD1$UAi3-s_zPKx+0i1eKrD40CRULpp~?G&=~*nNX{#US|D4k)xb}A>`zUT ztM39YUl|w*#foCdG4qz^0s$e!{@Aoa1kfSGfze&x$V88-opxxeeF-=0hvcqGtJk8; zy5G2;`ao*|*8H?e<>fFyL?g5Ss>(E|#avl*>Eox!k`)mwDKZQMI+0G2EpFcpSO(|Z z`gYX#Uww_5#{wsQPzXrDm6U{iWXAArqW(Nc{oo|4w-o)X&Pf0m(jZcZlnUnWw;F&;6)2sBjqkVc#@WUq?N=&$0 z#f|a+7#t?eNbA7#};dgdMT<~VHQxkY*y|DImC z6bOHjyxG9Moo||6(|q%<$+@a@TiphCURKMTfg0Vrhy%6qNKWxxm;>6?zbM&v|1i8; zv-u{~+39Q-@zY#gOl^efQ95&`UvH0lg(;67N_+fMK+lQ$H;_3)jY2Dia66unB5@y; zGkALI)6svFcY<%Gu#qVF&W$EDDiNOAU4*wXt%*$fK9q%N0D4Xax}2p6dYaVvBr2as zQuK|FW8vJhayENy`mPFc2BUhNl)LT18-!4z683}J`I@-gK;J>sn68L<-Ep?qTydB$m))+rB(G(H3xfMvxpbe=_ zzq~eBP!cQ+60D9c^|Uqy1tS)IaNSop~3h^*P@8|1x=O&yTD@{>ekU11*zmi zV;Ft3p!e`_tiuP=!>+p!6fv!3V_HpZFLM1Eg_y;P(%wpIYovGl)WBWxZfEx>lt|VD zGn(9@=bf%zT%7c0d_1;$SR1EF2GjjNqR#p+>TY}c z!_eu_-5t`6bayHsJs>6BCEeiA-5@0`FmyC^*a1SNWy; zUp+PwoPEh_yPaOGT|P@nvqb_J(Rs~joCXd~`39NNcq3@iR4}fd@4re199Ok~t%|Qx z-q*Bgv3lnG|Bk(f$&6t7pBv;MiS|9>20ineze(lY_m9L}L4Q*q{h`x&nX4Bzdc*d% zvmU!m@!5$Dp~)C3Dvt-dJOOvZIbN%su3J%ZmpG+*t66)0*G{|hh&vB!d}i(@Wc6+C z0u2}HKE3GQ?%q68<487PQv1Tbv$(}O3OUO*F6Y`jVBztMi{pjo2##;$^eo1wJq;sB zqjSL%VqAZJ|9H9Q0@QttMbtMcOT$7;gHhy4hjkk$_f{W8Aw?!aGV zB)uR)TppTA-%QT*O_vH0 zmngY7cg!SgvC#rwwCvjaB40cA+^nF_P;-@<+IKhxO^rZpB|ZgV`THtZJVIQ5PN}pKyU(YV*<(fzZy`_oiom>rvJ86REg9i#lT=qO0PdfHnBEfyT=j98Pst3iPnbknzA}tKh>5Ua|ETYUE|*j?p%iH5dhlTgdr*u8rG z8`p@B-{BVc%E4j?c1kvkpYP5i5%hfIvW$yLe_Ua{R6>>4{(EfTsz!{v(-ZZlZhz~i z2b|oew3og+E>QyKPghe~Is{{skBkctX$vl5p<5z>Xy)>k!CP(@6?>7@R3&SAtMIf1>2G*}i(QmOBKTjpR z#r!?RsR97Kb_LSinRP%%KABsO$tfMY$7p-KVl6oCqJzE9{hxclyi$8Oh}u~BNg7^{dp@R2o|1)|5ivW8@aqz z+VyJKzt+(>G0#~u#|AQ=-$Yy~lD-r%Dv33<)UTX)lwlt{6whDo+a%0xDeO48_Gq#I@&O%Pk9=E)OZxEdadwW#~Fd`UE zqoTP*MZ?`H5uZ4ZnPg~WJoH3!qiOwq5Qc=$a79H5ZtUz;e}|d*t1WwH@`dH7@NhoQ zF?HTM_6(m%+&df0!{YvKl^O)hPWjRFLIn0kHmA%|DJs!JPZ1D z?lX_Cf8>QLMT6D>)dcTBl=Y5q+u4w3k9Z_5BVY}#3s_}kU)jN|-gkVE|JB%@cUb=@ zj1MMqO@0<;6YdiMTlfj$+vvk3C5>ouCDBJlQx$@^0@*mD>2R=Tz1u^q+k5GnYo*ch ze#HH|LrH0x4l*2{=`yWji9IhVc){iJJE=PFDhMRAc@uJe@QMzHZ_AoY7C48VLPNr9+H6~Q6Eeb`&>}MMf+QPlvM4spyHVYubdEWpkEtWDs!v)bqgOH>uwWL@H zguy)soln*H=LK9Mgk}LtcDH|)5_)HF&W5F*;zML8J7-#qBYZ1=p0v2mi9FI@q##tNc47;4Kmt7qSp-xX99e#vQmN?>DHf~_WKKJGI| zA2t>is$1HuEHX9Hu@a0Zf6)e(ouDA?T7j#2vwiDf4Jp0*E4~xHFV(u5ksu&kY9BXL zk*-8Dj|9<)?ABlma_eIKErMmBtFX>mm%H9u>VFtF3S~(teT}ra3mevAORukPAqHrj z9`TJGI+PS`n4ne<78CxOJT{5Pzgd4}CcgLK_U5IXDyZG-m0Y0(^fPZlsSE|**Jd>8 z$E}lF*h!cfSwUu{Pv(DFC-`{y!?WG-zwH~sWK{--q1Wir#2drB5L?1@F%NPbCOHe%YZPyK5uowQ_6x!&{pmCs$yTJV|K zU(z@CU)UskzDxTYT4q>In20r;KvtvaE8D_Ch(w9WNh|WqtZFJkkJPCK zD;^?>K$3Kd7nbn6RY0)g_O>lQJ%>rR%7lu30}?)?;XJyY4Kl3<#A_Ku=4gb=6P@ZS zT$sJbic<-QM8f^}LzDG#`pjn2>%L8<*;HN|vK3FCu}NMRB$|Jd*+04Z7KMjiF*7%k zZ~X1Wd!%rP*2bdeuk&l0{9vy97rB7b((=u)2|xHH{o{kd3~33u?mkXVq7Iaw&)?b0 zsEs>^vTy~*%7)hKJ&6v;ZKM545-6+HL6>-e=#&JDa{unQjJXoXjj5delaap!MPZn! zw*j#V#+eK2Q9LFH^@tPS#ZX`h78$$N>`_$4Y-<+&MadX&9eM-D8Q|oMw1U8ovO9M2 z=q;w=3UpTbMgo~4tx+r3jI56>OKdhMwBDm|de=iWi!Q0B3rwCL_&B260dsfSO7wO< zp)KrO$KWs)4SqiX&TaJ)kO;VU|1+Lo_8E4XJvs}v9m0?;5$Jr<6|!((LkYg&b{{Kn z{a0D+9QDj{2L5;C@u0htEF3Vh)oqi16<_|^?>9ZXL7<_Eus@EBXEvQ>-!C%UAfLs&&>Nun=ZOc*Or$n2lUga$eX)W!(VUnKy_-j!JCjcX%_x;1ti!i z>wa2W$zF@5m&&TgkGMJLU2>0!CCxJ}bXXL`Nk3?BUU z7DN~9v4wyHNasndWKSp1(HkmJcc54j#264Jl;3ErXI%VL@s31opinBzp{m!_9%I^N zDgx%`%Ts1k)*z*}U0O~R>0R(-d+9|S|De}@jAYMuLTG=4J%5HAT5n~6JX~WGd!Z?Y zM=i3)bNjoke6xQ-0%t5}O zaA*HZl#05wbT)Rj=2gB*zA_Ys(h?>G`!-z8lsNzR>q8hUggcaPdT6O9Mimy*gErb3 z4X}VXx|uAWKz}Yq)_lqgCeHI^L&7a9A08ED1H{WH?VrT*h;UfhgG#z`Sm%b5?ug(%T5+_O@pxbgI1dU6^?re&o;R9363^GbD}lTg44Z;BqB#@# z+oK(CbB_rE_@qr`o^&lXg~ae%OS%m}6N3+$F#D(GR~gTmaacy)x!;?>CyeNd+Ess? z&gc@9)Ob$~!RgS%^f=qK0WF8WWt9RwH)rR_abR?Bh&qq~z6ct?VTqj^!F{(>o$(6^ zi6~KIY)m45_635R!$JS zAAFL%T$$jZ|0jl<&nU1^B+;LFt-k$4E(G+Ht8RQvQ*Ndz(oiK$UZ5ecfHa2|5Rzg5 z=J-=v0_$@?8!lDfKdjyet7`{bDIls;G8C6KmV_@9coRrm6s4R`dFO=-b#I|j1bHx9 zm$#S?UmMk1^fxcIUlAQstw2UbTxSoPqgKxO#rYs931${3q(*0>4V))1A+_SE_y#{$ z$zG;@Nq$nE>tTiwUd4L}bojZ7=q^>&J~9oz(2&5LvyP4n>?YMWlZ?;kxzKF=eIv#r z@z!6EuP0$f8~eZD?tgy#MULWR{;N2xnu)qxeIqQH(G9u_GP@o48sz)ejwM|dfM>iO zd^lOxaI*V4+Fm^obbB?|f4h}%O1jD`>@LXnVqum+8!mj<+l;#IbFtH-&|sjnR*+S* zy_|D8Fy_4yM(*4OtRAWdpL1x4SfJ0>9QN&Ypz?h4$B>h%)RU^@(Bg<>i9oaPv6fGhh9}!z5jvf?-1$x= zNZ6=AT61#XDBq3a9oOmL^57?y^zdiSC22&&<}owOjT-!Ey;S})(x|E!NoCfw>5thK z;l}}~3cU_Xd@(QgSL-e_WhS6OjIt6uj6oUT0V3{Wf#{kDF;{X>-s@+UX_=(omubgS ztAAC#A8D@Ebb0FJsLMUwy~kN2pxH%eCJB<49UhA05fOp6f^bICOjC4G z{xpw*&F({E(GSp(u{P|tm|A;p$;o0_FfDs!NB7v8#xogni;k2-nLft0B|eGpHor%z z%Kqsge;Bbq=UM1>gGV90w3I@TjoRG<2E_Bzuc8B2i=V{xZ_$Y(F~wND9} zB|2<$EZ*h^=*-ecMNV>aLq&PPPLvONtKSf}VcsDh;UDs>C!{-{*R=HopGQ#avrXV% z-Ks3#j-GG-f+>IP`;q^h$E|7>*MyZgOFT|qZJFgi3KRT7{sNT>X*jWrw#PL9dOKwe za=m=}==N)46n2I^DtLHuysu$?J-$kRd-q{sL$c>yJm5UXtj{FpIodM8Bv`-ekJOv( zrVpTI(v{l`brRBC4WCe*YHFR*i8L=2W~ta|VM8?YU-@i-zGK|aE_-133(NN>k~ud# zEsd9k@*>yuH|zFKcB0rqnjgPsnNFQEf#!lv;b^&hruMh~>$pn=bzOuEKs`2-W$B}V z&lO6f&{A{Ue9sTePId_Ot{;pRyyinzQBIMWWCq73#+``5vxaKp1jEZ9(=3p})IK}K zn(y}?FdM)YLKw)yc|Yx--hXphJ;Tn%D)U;K@+cJ@ITLaZqJx`N{mv`hsT0h)Z|-gf zE;NP=hj9uMn7E<-h!qld_0hVmJ*iO(zgwGTisK;V*}0jxOx!u4B_n&YTgNu#1v_!6 z$ytg_!2?g-M=#^*Il_Ho%ZB=1LpzS%LF1dN9?Ju$LJlqbgnz2Gr@uOVhZ~iov zPo;u;=x+4!6q&1kxd8r7cuO$FWVI9Hbm&xQw^QdGa-CeWX_y|?AVvt_CuNAB7b-B0 z$cqLIJpvp|k7E>Fp4UJv@$@~#1x8&E1q*xu8b3;E_V;u>X#1?7Ke5DWV_~m;er@E` zm*;I9<}YZRP-Ap9v@waJrWOx&gM)$!*s*hn^L3@kXtFVIxzLlZ$<+?#KG!UCEL}Ps z0Rbaa6Ua4KVF26(cNs$#l`NoHb|1!6IK+I!?-!~EGba4-*WCNu>&tqE`vP{j*#B3f zE&uwLN_mi9zZ++luOyJzX`Ap}iv_n~Y0>(!lyZwnV6xDp$BRKVzzZ%(1E6A@ni&oi`?n&U0i+ggM6_pBlLwtp$@HAY7n} zG+p`NmdB<_n#P%weJJlb-_ml^jgB*Ct5??g_fUiU8nql!%IFyuv?`pB473u}-&uxchMuwbkZG3RW@q6M>kB!)(s3CfT+ zkG!JX6hr#sA@VCtudne)4Zyh!&65t67{E}0PvtXIyxg2Lz)HuDs$;iZI@f)AI~fYckK8!NTDMc4HY4Z0X!tew zApES-r;nvym6Q**r$7w8)F=8^Ei*m&zpAfTzw59g;l!w(J7DUf080x^%bZGH?z5qs z&I|oZe%{-aPK&=#Y_YO+&$^(d@O|Vz(GBOcoqs8vd-c0-7^|0qSi3LAUTrlN_;6}S z1Rz<$g5s<{VM&wFa73cXhHw)wp=RURmQXI$iiwR)qM+gHsvCP=2upZRF>rSHB8&@f zH{ad|J)_Qh<5_z-BC@89$j`YFAJ=lI>}asK@wKTZDf5-mgrZf8eKWBZWW@RIUj--k ziK1!bN*gf;!i6Ed90J06Kn#pgo@fH$cQhCj2Cs1e8k@uXXYYr@N&aMdo5yin;waJ3 zgy=M6zB%>}c6IOXBx)BgZjBkF3{QDQ*4xgAIcdZ?(Nh$oDmI2>i`g9Fd(ous-eOAE z+}d^(P8k7`PsuQHR#@aV?#DJ7UT&X%Ax(w9t`z2Z&yomBzhzEmi^fv>POzE;pCV#- zd*4f5KFCD-T6jN;DNA~kIeWV0c>WS=h4r3Pf6U=)V5@0hxZ^E8eW;m%>e6!1fDj_D zNsC z+6W2_2v~^1ey<3=SXiX9p;f)R*-$R88B)#nCXsmB9NzGj^u>X$-jb~Z&fVSa$k+7= zJ@2jF{$^eexiIy@(GcDwsWxZ>MbyW}#JnaUYsVDxT7lHSZ^m79A&VJtp^bcOAu#;k z5;kwt;D6&tLf(z2Yw2Ai`bj7jjCyS(5yPkXdfTyXnYtiweMa=#n@$69sn zwufGl{$s!hstX4(AU*99a)~?la6K<{K#(JX6^a1_Ue1rWUd9iYsi}Plb;}WPb&FTq zIfC($N2a4egnW{F!A}d%N3*|2vzs64`htQs`-T73ztx)JCQDf;=4r&gdQbV;p0fEp z;?)w0{T!3E4OzuodVYKLfh718O9m7h0T@h{DgqVip=onq5X2&EWxB5B>E51xumo9f zCj9!2~c2_KLCKR87;C?plos!^x4SGe~FExTeCf+E}NO-k|8+?Yk%+0a4( zDy(vFtC)?AR+T=kA}$>vvv0Q=oZutDF@5*lo$3=emG?j(8j{F~qkFjg@^co4BdP&@ zDe2fLznAoD-{qfoqk_S{k|}K`Kiph_YhIfLE^|Z5a8qGWEvCGcg`fy7J&_gj-J;b+ zL_}c0bf<+y94|Cxh^8Z9G}W*&9qR18la0l|vgbb@II8fa{B8+jDc&)!KW{B5Q9-Nx z6GK6>I%$U2#{o!w`pxus&C|ytsK3iI-^5VV`pY}3zm0q%%WXYQ4{kYXjzVTslT_v( zpbFWCiOL${@JOee(lLxg9Zh=1LJ~358}p~e@qy>6cGvkHig;bk_voOaM!bzgMB>7# zs(LOPU&PTc{w+BVgwnTCMVKH;smTvzt}QVL5Sk;)%#|l0HHfCAwIEPC9*n?3goeNa zlt#no>-CgjL5h`^0fB&gi>yGYp?K^ZCfCXPZifQ*+~v_;hzXzYCM)qKxw8)@j#&c* zpvZm1jpNO4E$rUCpJULy*RbcwlPbE1DKRH`ezAzc$&iAzX6(AhTYvvlotbBh{{KQe zzkXGn%$5AZYOI%s;k+s99YyWDPn$SW*s{bjFS;J{b{tkGw{{)N+rC|T+fmnXmmjk} zcGu4!mld6kH`SQIW%NA57>5cyZtu$2X$m**PRZ_l2qVlSkwNqDyoP@p)UHom`v=De z--BuJjm%A!cHBtg?la8IM|3!hn?QMKP9CYEQ`)C;`rgDS=^Wp`rd8E@9AI#m)+3p$ zii405z%&p`tjkm_wkWjFT(Q($G&c~OT1xh|haEebL*6(p40fIAtA+;qF*I2E;0=Ng z3QiZTVO)F?$6j?FD4({5pqzmQH_fgJ9SwBKU$7Z9j=gXke^Z^TENGz+;W0aX64SIQ zTPT3}mXA9xbmb{zT7gyFTp8>P)CDcY$YrPJ&GH;Aov0YRizb_pv;PynlUn2o47b)%>=$oC21`SrY`8Qu|EVrR{6z&56l~MrZ z4j|1f+NDn3G0ziOM5_afAOm2*O!G6C1qx;23ntk>lO{3WOujN`^diL(b6~|0w_?RH zSV)+w@@oKpc$Ln1*0=SH!|{GG5veG0X;gImWdrfy{lYY<0RvEB z=m>yTMa-#!eOCJ*j&FfvMG3PuN;{f=2a-bz#fuKEJV57m|6RxVze;uY);sfGIk887 zd)wcSoib1SXr9xkU?m-g#QweP7bK@ne+cF2$U8HpGyL*O(v+w8E6sv6fI4 zMe9-4Zn4(*9~wnWp=b6ay?Z_GbMB}d~Dn;Y5YVPRz{Qn_{Xl5s2xo0|BH zWd%x!{Hd}0l6R1MM~|=~(&~s1fTui7<*>&GH&PWtmzGaO!uY%un!=V#-B7c~P==VT z6UR)wz;e4aGFer;M>2N8Z7cBvkts*!iVu%Ym`;c)8tu-$-!W-OZ+CW#0D#pzGz7LX9%i(}F(p^9o&k{Jpn_c+MO#`^wMci87sfPV7h)uo)^;@uo|wCK zg+=lZ#K{wc@_&&}{WUb_Jg@5NCBC`B1Ex1iJwZgm1EO7CkB^UsJ{w-d{qOLdqTc<$ z{jZeWWArN>yBd-cFt*!KYrH%+^Kqk}frcn2Xh8q`g8GGm_+@{ubu+!A-f=;zv7_T- zVtA`%&)ceph1wn- z4m9bwRm-q!1D10B#Pew?6cxq^%kX6D;*)gk5Dm;_5y<_fMn6WI>^P;FRaE3|wh`L0#x`qx zWXrw#ZL>Lx4;lZkmh2^o?=h=Xh{<WQ=F3lQ;1K5)dI6_Zg%`U%AJkrGvQ+xiBrCQLsG#@Gi2N*-6#Nx<&H-~!2 z(tm7ISs7V2KY0da z4!%~^-FxozUVXgGIb@>=XzKP{8Av={_IkzHb*#DAWJlg76FkSBu~mquZ`m{Vw109C ztiuC{fyl&%E+YOI3np8T0wQx`n9G}!$`0b`3?+U;CmfF6Mswv;AW)Y3j5cN+ukfFf z9I|wPQdWMr*yKpm^8f>#E+g>2jUJY~9}(Uo)f}dW7$>adk9&j>l!)?&pLaM#*z-50 zmS9g>(@qBc*kpOfmbui1KO^Q{sGaj&sP>+Hp5j`mbN`@R3`Y@vN*Y*yw?v28q?}1% zm_(!sBW?gwT!)uiEX5KUOwPQj1al83HiV~QG|X<8Wn&p5XVEdLkK-r4W|=(r0W>dl z9$84y#+y5maY$b#b*3j}U)CzysbQo9R7j9b(Y3s_LtWB8*6 z$G$6Ecf}*(xyw4{(7vIb9dFgU_{9%Vqf>iJ?$fUy^!f9g3W|cnWU>l)B0n$MGKL1; z(#Eo+iE7p9!(FU4`mbUK!N3qlgn>_oitbh)_Fi@yzrkdV-}H`~dB^qw-aW29dl~i4 zUVkJnO@Xf;Y=x6xr=mL??eXvG9b1NxVRr$Jn9Za*L2JORrTRIq+Mu78B`~KR9LeWp z@AH9S$|DN?c!#i3<<%2N{jpS{SS8{&#@qlKzTUxHL>SSJ-9oSGdW&D2SSO1R=AI+7 z^ZfFHu$1}Qfhx{>sv+hf5K`}bGv=Sr#)a+rE6n2Iif)-R1Rv)vO-{ zMo4&*;oZ>cvS*AReIN8hxAihX%;m`hH&TI)!>|*W5Ol2TvOF@p{X_Oz(OX~9+DMOq zr|}be*=Za3=+`ud)>F|z8eH&{wjvx#N1k&4d)bokb+lM|*;7ci?<&l;6K{&wy&>kD ze@m0sVjtpVZVp9+Ix<~#x!Rn;1@)BtD-H_x%NS8!=|Q+BhLK*0w1jjHK{@(uwMj9r zg3MP#QkUA*TxoN#R(MF742i9sR(VWjaJ`mpFpDESU6LFRO+UZ za8W2^-04zJMN2I@)$11~Ene`?80v09vlhgq+_2?#R^58+8SiN-3cxHz9p6In#ZDT` zw<&EDnk05BB`Rww5}czXCF1hX9ei@PvaE47|I)(4q45TfeI_U6Mr|E$L_6}e(J5S6 zaOadbUkhs1KOKMD`M{9jpT_}XEzT5q$MQNILn8z#F7ZWev+ZcjD^B(sD+4Key-sv_ z*`H4DZp0Rc)o|7IOHnku%o?G3M-Qx?4u8bwy+cX3N~nbftTvdBV1DByK;=3>$3ec| zhw#zAK0sbbPAk~Uo;YM$rLdEL2C+$cX#jU1*dFi=W8iIlF3J{L;UPfi`wD*#eM86( zcSOe<{yGLrtLjL&i}>pm$-*jce2z1D{|Wg}!^iqqdy~!mw4?L!y*G$e_e7!LQVq_u z_w&`VMdg^R)#HTWNV(udHpHgw)|kUZ;jMFRc<~VM$6vBfpXUbrabey;qyp{ zuX6468_pAoN$9Bq;CAuVOY|>6HEHA>)V)4zDLx3d_&03gu9GE$mZpi5KES1G5y50M z{f|u7r+M7R{X?;Oi(x9z@IDJNOC%$U_K+0?okFlRK}a+_Wde!L7V{fSKE9q*7$gO( zpLudvStwSojz&}SXj^W<)~bgq}bPVV{}o z@MXcP%S86DOd>#Hta}6NN#3&6MW-|gIr-3JK4s>zONTq4Z9|+|2u#MVD?BYCkvt+o z{_C~K%}O^^!xnY)Yp$x%axoGfeE;Aps+;VK^PQg;dU}Ql+M0)*t%9%P zA>>JoqJH7@ltQ5-)pWLnjuVUr3PL$}^d+8fw=$2&+(5Gs_GWCA_x3opWoEXM466bO zkroR9ZCbDL5zasiDs}t}M3`Wek`ajpX@{2$6Lqq|3SFhE>wwcWh&>fwU~8zAyEpl} zj*MV-#hf+m4VFdw`{9S~n@^8t&OvXrRpuTEBmW`bGW2tfg8l`1pH0R82E*Bf&!=lw z&o|vw7du>^MA`CIr5+Uly6vsRh0a&{>WDNB-F8+^$O$vBdKd!dcD8OqXe_BtgO?Cn zBsjueU})TguXXcUy!HH=XQlBi*h9u*sW(vgcdz0`1G5AkGle@h5$C>B$1_`U=5i-4 zpOH{l+D}el-@{(rQmy^N?_2Z`87ScTBx{uffX z9Wr5%_Th@${8)jJMVw?yF5abYRruG10rXUe#7GYM<(~wXd;hECj5lR}w&R@10@gd$8~)_lNTMSmBCuA{8=sP#{+O(~q{SN$ zMg6FhdtafrnTih?m}bP>HFX_?hjoE3p+=yI@um_9LzV$7>xl8vss{5X1dw#1FtH)) z4?pay7*;)a;C?2>u;#ND{j zKCd9c$HGc*^jDolKDtEoOKPGkz8X-QAS5-^3SG)Jajbg#Blf5@6B+_yDe@0dRqV<6 zPLnVPd>x>4FgTPZ@-?e6N^-fxRB!J_^_O@a5rK$dig~!lAdn*c^`R7ATB6mH&Z%d+ z^NMJaMtPPyHIQy>CV!?h&)r*$^F(U@^`Zc8*xu9Lpw!LZo~qlet|V~8{V3A7-+)Tz z&H?l3#m)P;6<0jUl2jQ6(yOw8vLaVw-(kU(Z@y?9OxE1G2~%>>G#s+w@Fk}Gzov9+Y2~$2vT)ba@wALx5(3q%ADuTDRC3Jx7oU*s^+h$Y! zws%q&AM+ktOktRtS0L;?pG?hC@8m5*Br`L&PJZ8yKLpk`RTXcK%o(rRXHl!W5vR+GGmh=IgwjMiZ4dtKLq-+oxa@@nOF+MJ!lI;|qvlgy_n-?En>4QGJ z{~c@7yC6iLe{=V4VzcZ9W7B#953_9YpN|_0;&nA7$aY+qX`H#GV8Em@FMId?0f<2q zlpmneEZmeu%BB;2h#QG&<1(?U43D5WKVtXVh=kd2^S@IJS_e~j|1LS7WtKol_%xej zFu5T9a?ci7J;&YbivLws%)Qn@HNdUqyb;HAU+fRagVV%bDodr;9N5HMK1o6;?P*Uz zZ1#z=w)IIP;H%r z{@UX*2bm$BXwsw@3Us9h1!Q!V!FGv)h$WQvm|&?`snD5BTsjc>4|VR^4;oaC1=*Na+Y4eI`JceT%SKG9-ahw*ZKe;;tWM$#qnuUmeL73lV%t#e^shRe;XR1Wy) zPvVU)d<_gDiH?oUFlom~wQa>r=>bt|I#-B0u=(xj8wNQ5Es|5mlj!3mxnwUsm3wN) zqIErU&2DxC?6tX3rf#-UiA?hLfU8}OF1J#alH0hvXH(3i)^xB#CS8)>GuKn^aKmQ4 z(fR7d#N5Lxq<0Ob{in!<5Vz^G)R1mD59dI4-nx(4_>E&|NqPWPlenqe#_v)jNc$XV z+N?-u;lUuJL2K?LG>7L|DghFGaimq-^a73^(`mX#5jGBQ}Uit@hO6 zofk05lW=?N%O$e6*qDEAkopV5))YZ&^$xYm)v7TRLK=hp1EMooyoYA3U>wK8_ik|2 z`}lj>!s+)6t~GAxhrQW8h#M|yjY$-rh8VeK&~&Bnef^UWU&G#e{YvhRkIYP`ZI~MzgVMHEM%mkNlk_sZygnQWIfsaGFbvRz$r`{3 zvC!}mRW>^(OhU(+dBa&Ge1^$XIoLu7RP9Gf2a?mj-qQ?ZGW z&Voe886b>b!0{7;uG_n`EA5UXFoiN6!;i&lR-;3`9=fjr;6gtLD6OSp{QN_>d1fmq zoF-)=&v-x-kea3zYs6;ohXbG41;qh&x(RPgXrP}l#k?q*7^51p||f#gpx@(cqbY+2*?*Urr^8bv5a zEm+m5U2=z&wSO49Dh-#4^YcPd%a8=Cu^@@Zc;TO;9txoS8OL`z=raw9#^lZF30}Ed{gIT=74Tkn#@=YZv7A za@Dm_>96>rc3(PE%hRG2A#h`H;Mz4sd)i{2*v}K$A$H%;{@l`@@ImO4iB9{aFU^K6 zZb>T5icG2)UBW~VEF23c1^qJE^JIrhnWyeay$+aR(FnL`CW}exL(mWfBGE4X0Yn$Spaz4A4CKu|xZ$Ynryj$9fzZARk z!SLF`OJ4n$-Y~)Gs9;`3np3-FSa6G=x8R0Eu<^Y;`)hc7Nd`#bF?444w9Ro#{_^75 z$w5e^A9>m3@9YJjr60ccG0E_dxb9;8M+%ri`J@zSM17({ zlJJGno1yAU*ANa}ed|w2R$yJcze%E1BY#ZCgHHzr9ebfD3qxHs04I2JS>Vp(CC7L! zm*! zW8M1G0zQ*w`4H_8 z%unM8XU!HdybrpeFop&E;|Qq{-b68hZ(29>qh_Y=;oAI z{7CQW!YuG$n%uelF5SC(Z{0iKu1d1snX`v-!B{f1qvg_a;`Y6o28NotKF=H8IC#&v z#TB#)p*9U*mbh#C=z7W?B<}h*rCZYH59|8!`4{3B@PlHH-^`HY>YK;mqK0LgLv>F- zah)STfRprDpFeV=ADc+Fh$SRkg8JJE#lo}TFq&B8FHYuG=BA-m zN`Mg8dt_QsF;RG?ZGTD15a~WgpC{2Wvz*~|@pbp7x%ZUtd|CtEdIBi`kUl*L!CR$c z`13CUl>>@xnptip)JAmHKTT~*a+PuV{SHTC)>11%kX(2>6!C1(9!qebma#~jg3u@?y>O`lqoxfpA`zHe-v2w$+ zk%y5`0S>}}{X-70VGuFS`!>LYuxn7~U-YQWKW{%}rqRYmB#*>fQ%+diD{WLaQtF|P z+CU|f@ez}WxIch$NMabsqEhVOIFj09WW>_F7{&n5;gq9(ioTCXh%pJdn#odv6ogww z!uFj)^`Ig2i}_dNt>PWF6{7cy0F{Fdz0_ou47j4cpj9RCml@mURXg{>*jj_(+Vx@) zf6sEreipD|{BF!idYYPdI1}+_gxKfjWBR&40l`-Z<}PLS*1vX-;&*>=&MGQQ;^?Hf zDl&Vb3_K$GTWMl=xv0AOErd`OW}hJ>twn$`yK5<=oGhS9EnIwoi3t^SPVWBU4|R1b zP^8^j;_XN3yi9p-#i*XL{|#HR&(^uuivDY;@(hZ(iwmtaBjN~nR2}C`7tLSLCQ`j8 z=H#e;-^FIo4ED9Lk>|+Gqr~g*a>!e2_OF%@eD`s5RIuFUXzY7T<gVJhi?jd%TE|Aw@^F`3p~25K zlDCHnYEB&s1;b-#=MIFQvsn3=hFtqsbN=-AJR);R?io{f-}*iEvwN6U1=emWfNXoq z;$%@O{W~Zhe;h!tVdvHQaN8*5vl560Oe)(T$H6EJ!Tm*|qf#L(Qw^>ca3`Z#&_SE- zbwHB=k+9el7PxHTBb9QlrFx=+&=|gq|FY)QrYBQ6yo)1{;O*7Q%*^deHXX7ty&)iw zWp)>5HMPlEM367!zefJ?W})_@fZ}EJ%qs^XxA9WSVLS_xrU3}Us0IRYz?077?zIKS z`%d6c-CZzyI_|qP>+`#df_UWB9l_y()mPU76GuOpwppOTnS{%V@xLi+eWRct5hLMp ze8v(*x~#p|a7}y1Y&{g4KEB={7_9M2ip(chU1*aiH_OTpwx^|0CXno44O_UZ<@Yur zsek>0Ai9Y>pPg!?jU<`DsKW$F8Tizw;rIbUyy~xBCJ4L5)y>!WY8AxzpjP^c&0es< z_u{1W&O2xzqw67B&z5En*(t@ZP-}V1Lw%#(R4Q>k?4G`Rd6nFPx zMGFKe?of&r50>CkpcHp0?i9Bcmtdv1I}{0lLeWyJ6f02R=A8S!=iZs`%S>kSFF*F| zwbxpY^=$;59vLv+WQ&NoB7FPmpWY8-J=}fTxZSFhyY6AU8DAE-AAKs&eJ&!tCiOd~ zRvPjEbA(=XlNlslqy3>Hu^62Uw%Vi3_Qw~|G0BFtG_X_{sS#@x@HJXK^aFUH^Db=CTQw0!KY?p{_xaQii zq)VADikpTjEY7G=;zeXL-qA8;uUA%eT%L-VCNhOp*AXZkw_AseYwzL{fyT27Dxi;C zdf4xUircXHg-9Uh1D>e5`o7s}61y)iP(&v3j&(I#WUEd;Sod$P@I_VT;o#qDqkWgC zL1WW~BH{fWkTmWujutDv1xJAa!Cp%_+WF){t#vT@ey~G^9WSegOZ;F*!JZ2?>ebG< zp&E6?CJ@Fzt2U4ZCqtuUI$HM%(7vuI(AY; zibRe+-~DVv;dkrbo^2_3wdsD85unc!E5Ahh_B)JnyKX%^yK1oyq!!F<fTiEsI*FJsX!=x2`$ zD*G}=x%uqCwE1id^*u1{z8W%Zepu&9?Xll8%l0=64u0+9gOxCs=NjTH+7hqFGq_0e zvCGf)Pt;-K;kcaDMFs6F9is+dNA{5`iWw_O2CW;rMv=m**?<5xUAsJo6DlAL4uQvJDWyn>DP zLL1(MX@myOyav%`*RDse=1dWBE;Z_kltudx=+}Pp=wNatBWDwjF!e| zO}jZ*z6>B+hS3byRgYc-`)(kRagiY@``yk=F9`N_n@?noI z{0b-*K1OebR(<8swaR#VfE(64A|vU+b0Tk}V|C+&*5*&&TT>{gHHZ+aXbEx3y-+x( zv&*+QD?9yhWn)B@lLNe1SNnJPc4(Q+ah`w;7xH!g z{d;Ts;}aggBH1Qv>H5DizV{EFM}ODtSA2F)g#ykKtKJ`>P5k**&qtL}&fD-;sIvHT zyIf@87|s64OTUeMK1X&?m;#ytIa3%q8-|C7m|u0Xhf_0J($25<XoAo>Re9c_>Px=zwk9*6cNO5r24!75M_V)i*JNn!&@Wq72>}r&+f8vnrd<<-ZEz zS%25mG20==qU}{G;(GLaMH?G$e)*ucpT0}kWBG&|Woq!%gK+n`%94M<;DW9vv>`24 ztHRiccg?8UE0D1lemv9JgSFSOy#%q&{M382=j?#*3K4EiQGlVLMRD`sp$(09;4Gg& z=p}8g%EK`Fs8L?PpARrj8zd>cjz&5ZZVMz*ccLh@-$%av_1Qgtin>y|+)tJ*cwL&_ z6yxYcW5}!fi3N|lI*aU@<>nC^y3!68PP@|3yQ6su_c%fQfKLR{y3!_`ly;wvt~i;@ z%Cw#B<7}e@b&>vsFDj^;_Zg?3Xu{fpJ+XyCz&H&y1n+eKQl9^CS|=u4K1_iBL)${R zt}1!&7bM(a+hG8vWp_Q?4!H8DKtsA7=@9e{70e86KDnF5A1FeWF7xPv0(?@8QO}w_ zAb>2xrvwYV#2jqQ6@sS3BPN(4d;-1GHcjTAivK`tX3~8T)@HT%doe&ZADs^mgNxfB z%N1IpLSWo1m}nAuw0<+Gi(Uk#G-hjnh>>ScLAW^R`;xQCwCFH!apak*zrO2NTx`*oIR9^d5!-t1p6bUVb2hVC2}cKEBei0@NQ?_?|b5 zkgx{EQhQj`QgCsm5c|%CdMwgQdt9G5k@pLBX%9kt)46|F6TJ6 zxJmAdl_!fC7z?8zod{xmT*5Qd>SuM$m;{fJ49=X#Hbr96CR+*Q&WH9`YAK_W+|fDJ={QeaSCxQA1{ zc^5@=jd85o3nGg8QliMB&tU}p`{5A{>+ z=mXxPYzQVK+eG#=)_hyR?#=ZBAb_nM1W!qHtDfoqcyowp)u^)qrB4DU!}&XhCqd<; z6b$}+nFSY)z>K)0r;Ws@V4d%3%%bfl3z;3Xa7r)`O*H~!jh5kwJw8;W_P_?zs_a^7)@!_Nogkg-KulJJwz%~?n zU_a&2s)ICP{vJ(aXs}uwW)PgBm9~-6oXD8>u8o~iB>Qo6;`1$N)1}QPD^w6?)`a_n zY!a1*a=-L8)r*ALbuz{Yv|J9`FL+Nq7JlSi1{5&vwnYl6;*f_aP&~(w5{PJuq(7gA z(MyMwQCU(z@>mk4UHqs69uDB900DG`j<2CM)!7~{NQqRoun6)9oK$ldDw82+Rc$9m z@(8`7?p-`9?LXb9CXk2a}e~5G&U9`kLR%5CbN6QSQ zgB{(fs@HOwtwIWSGOk@|m3|id+1s|kk8EATH9EA8_0f`%H;HN4)i3)d(;g@{{<-}w zuK$MhG|WLulhmtQW)`{td0Hv(hWXeB)}+BW6*-Cm4J>`*z30$6Cl1%8sbn8>MBOO4 zIY9&<61_wh?B@6MXJW{)q`%#pXQBd=c6tV3dzTh(1rKwNe@W z3w^-QxKf`dDei>2q~C0%hCN1Twqb4?Av!lEI4t5TlQPiBS_44@$;-FuDo_9e2}sci zikkHmsLr!9k?Nf7#R|>$eij4)V4tjZN z5T}6uMEKmtW0|h4x&m>Vg+bEztz(g^@b1Zu$V4*pU^dOyK>^es%FGRl{6fbOe%$L> zWNFQ?Te;s3f_5s~`J*YKd@}cZWIEdln-^U>A3jN#HMH)g+`YnzM7xsSWU6`HLPhy- zY1-A;Fvoay!RE|*{ViD&+;qBtRF>F4G($IzoB8)6KcmPH#fS28Y~sJFCjIlF1dDGu zp<7pXQ`7||Okg@*RKNa4P2qzP$f+rAB_Dno<+k-&&4>-k%^- z=BJ%uCO@`9aWLk3v=^;^e*-_k45fjW9kc0{4LLds0dqfy7dzAHaMpEDGMdreHGYHk zi|bk%|-SwL0XcMqRE}~ciott@so!M#cLP5 z6)mGEn#q!%4rt!^@@u07%CNGsk}}c;ty~{Bo|3qzzKu~Hl>PS*3RFWa1kYF-bn_$= zA3ciT{G`>WlwW!HgX`vCeN3iTj&D4+e26KBTW<4+8qy~DX5!uWP~=Lqx@|xzA}y-p z<})mBk9CwDvqhR{8m;g-4@Uf1y-on>JHI>n?ATm)TX`;5n}7+52E*&$mO>qU6n=p* z1z{PmqM*GxjD5O!^j58n%o;}M^otzy6n8AifH_ zepEjHe~sOK=bq}%{?ir?yhyByJxLnRFYIEXMMu^9PNUks-ZM_Cv$>ICTPxfuP*?=J zu$PR)F3a?13;Pvrx@m{}FV@vKdfeZWTU{D`_5}tTC*KNLBB!RJzL~MLr{XOvq@iR_ zT5->Xjj?@<{W|6^BA#GyEUa3Pns8S69QIq^p{wzQuwdGQ69J*dq0Cyx%D5a}_1&}V z0%H%)NLZD`DD%mF5js-5e9y|IT4TPJw~;pObr@kJxmU;=l0_b^Sh&V0*sm{hxR0m{dWBrF4tGgU*e935X~#Ga33e!^(XKu6 z^DdkT$z8N802$=}?C^!`1>Q1jB?%`&m%LXOF$y9ZN)wvSyT&9@bp%Z9$#;B);YFBy zKB!D0>ltc2mVm!xD`x6zj5=2rPLE6VZ6#srrxQg7gCal**?&l|8rA7nu4Fv(r?9*$ zgA6Rg95!1U5Sz?gWotLeIxqRs-4E&WR@t8Ht|M-)L-|@>PWw;q*=Hv)=bwVS*Rb?> zkETZwlAE7jvtqzs6vu=oNzh?*2etporELl^5y~ZFO*-@ z&)4y7Aef^6;6(ifM{o@BUSF=6KE@kpiFwTqQw!$(h&9wkMbyg>?8riA#U#c{=435gPj~=9XHr0+iKHO%Fs2s0v`8V@)gzlAUfD)& zsskzEoMOON7oQ8?%!YTnEDm{2j8}woA$$Fwz~U9|ed(i+?S3EExS&oN7F#05!kX=q zJ`Ys*1+jBa)*N51en}}+OEhBo+*goR;0J{MGF75!3~lA6isWvcA{kaWv2X9dO6M(# z6W;5nL>k;_EA1@Aj>&A0^~?cH45uu=y{LB&Nj54AHB3fZ4^jVyO`=-Gw>I6PLnEi} zVu%t~`X*>4*g(C>rTt(77Z>T@yw#C8vAR6uf(_p6ODBGSr5cm>8N5qY@~12@f~s+f zrq^&86+vX*2T>ifYr~-Hh}WF!eKi_pI4RGUyTFX^=?hTmkgknP47h8)>cbz8Qyvfc z(GJj&os~kFyR=tYSS-W1L@|;t+!NCT(|&KR!<$;*&Ci}qO7U+o2#INhW3Krj<{YmS z-t!Nb^P?n`vorogVG?L!BTsWW@A6C zBu;}ti<`&MU5!{gT$?w`dTlw921QMLAT)}BzBZ2ToX)M(WW_coZ;QTG(^F{tI5|?N zF2$gyr$-gczWH6=hPPwR-iG5SqC)Hb^up3MF9C;g2ml(D0(~b&!i# z?CI+ui_}Ut;zblov`WJBcjq;W*R`64rm8PXGZCJb)XKUotEKKj|3g{qcT8#VGPKbf}Ck-|yH%@45+=l%k&p5Fkb97~PEa9r#IVQnRt#$++0(wb7ZRK`|2w%wi*g$!&Yr&uDFZfe@f zeMaCb#DS?Ch>4Dd>wV>I?eU0rad{c0s|5@3hgN3(T?k=rmJ4m_r}MJYLQc zCKv*uai!F-M~UHVr|DVODo*$BMNVip`R#-)1N8iZq9P zmw)fRnJ{tK-a4!sB0wdig*4!RigLBSjtsZZTAtV!2~ofGSbA2tTTt^!UCwQPQ2AtK zv?ZQQ5*=lEFPzZ@-G81Y*CCxEm!ny|c3y!BcpLd2-TLWdu;h>b7L&_lN|ESEFzDwG z5FRj0fy8ijCJl+a#T}0g&3=(!NZ1w95sU@hl*YB}rh0!iCS34b)T2gj4u& zrVP1?Tuy9G+aIOZ)3@Hf3Y^tD0wP993`CzAt(ND9IOyx@%j2MU!M_CMPx$p%UDt4$F%c%cgvhK> z4{HZJaVd~AMpKHi5F5yRC+=91DQ`9Oi0MFMAyFzG6B7#8(t6@Ft z(%Cx@S1*(`zk(}<|D^>f#MH?gNdd*~e8iofK4!aR%MnlQ&)HFcE$lTf7_2n9(E36* z5-gC=q^-y$mJSFEA`s`yioCuVv93|4- zO%jePXHnlJjQ~}N=Q^@i2z;&(+ix)6YmshO)~?aq>hukGm-?v55nte0spDy*G0M$w z@b?J-J&cROeVqHfvW^O;z~`Sd?u`Tj8BFTzf;b{we&H{l*UOu!q}pK{nA#W$@5im( z6#hQm*^4!RuhfJ^A;w!2tsZ#xiHN*T;EI$1_j`c#8xpGY^`bNa-*>RaMhM)cG5n*KqhrWatf_nnc<<1XI7?OZz+bw_+tywq%ah2Tw zt4fv;Nd1GkE73*xTy%j$atRkSBfV`frcN;k>&LNK#B`lDy-dG$Lb8{5NCLYZojvyOF52`L!2$)F4N{Z^dG5qaZBKia8U$u$&-0)qi_Y|DAuNb^{7ZhN>*j zOl5uO5m)%yXk9xG-uv>R;yV<_A?;~xKlykj_@Tw(+f=Uzc%mer_o3~3x3tM%RC1a( ztzthkl!BlP+Ed>85lcoM1Xi<$3?zGqgyxNrk~5hoaEpKdoGy|=wy9)(HvWNP988f# zSG7zSwtGBV!?Q2AkA)>VG%T6*g#sopFETZ_fVk@_=!G zUzH|_z-UUN!Vcxz{CelpWI8ZhV9Q0$3$g}STkM4~hk^Gk&61}$t_JF)8-*S}W{#3* zuY%pgNx~yzS-$&P<)x~U=mV|SRs*~ia7Zbg51*fy8^+Hjn*hcvNT*E6$P7wXnjLU1 zR|(=GiPF{WagO0Wy>(_xsZ-p2?Zemegt+KK`qW)fD(4O(V)b74a_1j<^Zjbr`mVK; z;7pZ&tOarhG1rdGSAG4pBc4V6$KvJe$H9;O>-x@NZ|UtC2W8v01Xf;^YP5BqOj?d7 z(5GYZYlXOu%RKKhS6k8&ee?o6zY|=6B{|<=bij63o`2pm4{YwzF-5*}x1qzA>iSFk zaA*kWHUygho;+`3;NZjS7)3Qo*avu@2outSeWF|yz#oi^HXWPaiOF;3X1Y=VB7e$=hMny-DK*L=sI@rAV7eqTGkbas`4h+ z|G}e#UTelsXO;&ACSWvcrOW{BIA1UwHx}tL<#;)y`IL3~0qv6HG6HMgC#H-^xqf?& zLq4%u%x^qkmzKkiKE;`X8yZ_Vd$X|GQK0Lz7Nh4rE9mP zd=Y??me5~Quu^T1M+TTCI)LA-K(Ro*Xw~00`!R!JwpV&**PcV!bD%^-6oO@>*rui5vFM3uTUSftoxyRp!`!#}bPk8y zDzP$d9DhrQ_l6-Kh-V00YClionX|C zu2HO?WolBJ?m;O#mS#mrG|Hxr9O?rW!!5X@4@rnM4~JSL%t^EfT`R6sfttI=h5~g%&zbC~WNCfLg^#c!xJfsrri?!TFhnQ)OVL_j!#vs zS`yiW*xAz_y_W<5NyW^~K=}h>fI7s=1|1M3EcCe|Cf~zZgf|3Tm7?kyTc@6v74hk^MP-#gxZc)H0m~DR9BCFNq+H_+jnaA2&tnnP97eRXk_)0 z*$g=bIxB``c#w8QG9jj>ji|F>r7~cwA02fT*4X%_BF!THgX-25tAi_=^g{~r=U{*! z6D^J=olxEiAz{;#MiJ3DSKT<$;ZZA`1~eqJB#=t8zt_XDp`g9>g(nqPbunBkobqOc zB(D-?{e^$+XM0N;7uyofR6oh%GPH}omQjy&q(#z?yr~Py&Mz5K z#ZD6zr#?6((n`SSjrspggO>l^Z@$4vv`|o#K#NCs4N{WSDJdG|COGN4*H?r8j$Ht} ze|7sc6BjZ*I0{#i&D)B`r?{{|^pctf4HQsUEQoRD@s~8G%pbwghKD)HI9v29Hf{9H zb+T)mqf+%Lzp#cCfidh2fbTQpm-?Ap&SfO(P6j<(L%W1^zq<3-mv9?PHckkFkgjE+ zNW2hXE3;sEl+$x@eOCgeMaEJK5Y8m+F6?NZx8;2OgbDe?$ZKXe6cL9T++iz?H#8sq zj{2Ed?RN4@jkJ5W>zTFp<|(?^<_4Re;gL*{&D|`j)?((-ZR>>;leAiJ7$=%MxK`%m09cJaZv9)$r=I>B4no0F5@rY!&a7UCT?9_d ze86{=wnFZ;z?G7B=sP*E#rM~=OXSM>`y;!5SgyR!JN=f-r?u}^8A(ls%_7nS<+aGx zPe?h_i--iMs~eAgvZVnSjlX>viWzFVNM@w5_Z0N zvl5A7SAh4u!vPerdD$kR=>orpb@xOv!eEXJFF%RTAx)HZq9X?(8^ZEky#?2%Wpvu8 z6rgpiXwzBMKtB(WmIawIDvi!~V&}s5+fv}7xnY_4G& z-z5!@>JpTaJgH%>6k@LB=78O3*02o^kNAM1zqW1hl993G^zlpsJi5`PltVLwzBl>! zbqT-#jni}RI=9357J(IVV)P=wq)>!#k?Cp`NjHD$%ckdIUVwPEIwO@-CF9wb3YI$2 zCUYp_kbj%Qw~Y0=Y>O_Zb5HcXbHPA{c6znQ;#lq)^V!SI*JX`LlEyJ`6viSsTN9cLn+a!Ys?lqBbH{`tb6>mLYEW2I;2?C3mfG4 z#Vz-RgR|FC`P7=2M&4wH8k3*^YzgCe*<0v&M4y4{vKLs8lCBb{}0!(ZqTa z1&fN{BNB?rfEv{^COm$=Q0`R?*mM!B3GVb^1K`Wz&y?@+EKmHDPkL+-K4KtcyhlOc z3cE7j!NCz}>| zB27l`L0IUeml6m$;wVEyMIn@<$cqV2GtcHwyPk>@=yy8KBoXPcSQ5lvsPz|C3FJO= z{wU`7-eOvw9u$p})AiIMO=Lw_f`~iLY6vGm#2oSCec6wagQvKYMq|Y&HL*}DVvlcy zDD?(X4DVJ6VbZtagU+cQ_YqB60eGW86>{MuF}>|A+}rbenS3y9tS|{lIUs}*h=@NC z8)Ei(zZ=x4^wcMPwrbgPp>z7?^J)R{%d73oQ#kh(SN@-zGRxg~@Sb+!rdX1r`t*CC zLWllv-n1ko<^92RcFp4DGzc(4Vn|1w1qY_9ugcJhZ%u#WCfGz73BqUiLuQ9twOJAm zt(U8(4*c24sON`wKS&ZEhsOxY%7$|#U7ywL{Ilx64F2B|mrqHlOr#}zZD!?L5j^h+ zvVv+&>L@cYx zom-vJuhZuz-oGRW3rTOxiN~7fIG_oOh=SfmMy-NLvwDHQHgStn9FOo6f>^aiEpRGZXeY?VR`63*rNc=3@8(Dc&9+Cd5FHd9+Cn6CJ zA6r4MKQQjDt%j#H|A)ZHS&CiTBSLiz;6<)efW!TAto-L~Y3QN5ti8Xkh zNZEM4D42&VRe+Ba9@N(vAi>Abny7HJYDtn4lS#X9)Ty*S`v@~m?k^GbV_=}ZS zf-^6C1^2CRgxY=?O#=_hW(FEUl$(jDkzS@Qg@xOEKk1(PCx7ycE>2w1b#m=g$L1T2 z9IUfN(37)`%dT~?#`KZ{D%|AG&nk<|xwZ~_IyJjC2n~}^d9cO@p}lWwRJwLK3iJAC zgst*^?+4l~%a9dpf6fw`>k4=I=)*~7FVdgp)N%Pa6X10&52m6n6xP#sy#4=>znlLd ze+rYDN)fs{ZtQ;eQt%s>^|!9ily|&BQUdw)|DY;ptY~60({!)!))AeA+Ndue-iFTO z$3wFI_oP60*tyjJBKHWtS#x_nvr$PT$r}{j-Ce*>H$TTZ-mawP=$N1Doycl#QVDP7 zD-X$*j|2CkqDexH!901weN5$|9Q%Mc3^GO=K&O>po+BwnVU31)ldpp!X<6DA5Dus1 zGDV4ofL=Rnpk+&nQZsK~eaCbWp&^EyTM#5o{FUKD4GR;Be)Cx;DC4A3cEi!Av8Xak zpIH^TF__r?p3M`O6p#E&+`IO~stxG_V|BU{bsntgc6?tUDXgJ~uXcgK4yHyJ?b zG!t}|b$K#GN2ACR`=Npjs#b6_bp4gLf5a&3S!9IlihRZ1v8h!=yH}{2ud*d*Ag7my zfd`*&T6pz;TiAH6t)$l^k6M`E1Bb~AThOJ+xb1bb^_%9t`(^o%r))nYVd!5kVD5@)Nr z1TbTsn!s|>Rf+w+hnaDCdJ=zyDS#3__V1cB^ zm1DQgh|?1CRT+Y?SjZF?#9RlxY1B(Z(wpm#&*q17rqZ=Et(MYKz#4ten@`Q+|QKKGRJIg(!uG51*adyF+em<|LLiI4IhNf}Hj}BUS z_rX`+w#Xi5Wh>cz>YJJw3KSdSNu;;NZwSA7^)1%yb&GjwTW9-=B^>CcGx-o~)ury} z=&h!{z^hew;;3ZJ`hDR<{hsfcwp~;6xgOhEg)TtVp&CDoDb%6hmMT4-{p}5Bk1)nF zdCxj|gB&^-ZqiHFE{SGKvv~Ovey<*_w`%jm`O*}rHkJ8AQ60xW!7k&2O)W^`8w<^< z#k{LFyZ--MJ1(HF0L0;Pf7k!}*Knv}`g{7uh27?0FFjU{aPh!T{sM6kFW`c&Nomn5 zBT5XE^qj7}U%e9lnYgqPcOmWcD`sGkRJVj2G^B+wPM#i`p|9R6;pa15gB}Y|;!rVT zPNXXqEzW*I>sKFos_x*7f2fXqP|rs68cQ+kh1C|lsH*msO4&F^t2+g>84aw@0|Xum zx`yg%0~IQ`%C<{f(Ke5<*do%N98V5FqZ=@2DU7&V`Z=3*DqVb3hj995KNm#W+&JP) z2Z_D%9yD(vdJ7ru4HH=Bbv!vb$)tmg2xuxHKFPR7BB=eu`Yzo3eqn0|>jXlv-t-@Q zg7j8UAAXs06b_pu*MD}%&P19_xFf_m6%?Ag-GjKW`Tj-Ff3>#t1%Df*c9ab52tOLg zx>HQ-JP($xKL1Qf;|M3V==g~*67@IhTCm&sx0FAC3dVdkcPHPEIuaLO2O1q(=9SCN zbdb6WFP-~!G2PKQ&LpOV5<9S9OvM7ZaAxOT_T|k;Qp$b#>6tJ+8KNM=O09BxLi{AJ zCdid6`uLlF+9|cGtXP{9@%6L)chX9SJ=sScEH?+E8wY85jC<=jYIlPk2~0SEf0QOD zoOSinzfin!jL%+76g;P}QOqj0ed-RDA28T~+(d@x?S|#n=ronTV+Lfe5c@gNX@pQm zGkSx3iHWVfJvl7$BeO;+BEQx_@aO4XvGJ;w7a7Ypinh{Fs}ILoB8GWD_<*J-&iLrm z*|lX@+js;+`YKV`G>PNNB489{AC)tgX$2&D#7%gg!NkmrP|DWDgXiF?HeqzaytAcv0zN}Ea(Lrk{e%v0{Q%T+TlSN<- zfv|kzfa$^b5LLEEkuzWHqI)4}H6_1e_Ie{jA0Rg=|CTH7n?m*l)qnSjZNSVf2H!RS(` z9h>%_TZgm=&$05%G$P5(Tf(__I=|32z)sPbg0x9Pdl5Qs2zYjh-rj6k0zgs>YU&ot z8T>QTBTBm`)67LOs;&zQYpPFZpADtQb2bLa_4}O{k!}x*Z^yJur9!!MFl875+@k0`hz9J&SFtYT}ctP zNa1`~W0lr3DRt5Jn~s7*K2l4dEppYp7>=&^Qmy4Y@=n6MC6Cnv4jD z0`EVel>+Q2>)d#=JcERS$Q6Go2ODL>u0NQ|#ah)E2!7I>=rYJ>RwE9|Zo-S{@SlOD z-JvjaYeavYoxLg!FjQ5d7?Ln-T{!p(wOoI{+6N_*S46O+j;&*>eU9-gQOWn6qzooc znpz26GgIail(Kjc!2&=_#p;i)#WXyAM-r&P^y>TzRED8?-To=(87l!9A$@KaYx)$u zLyX;I6v~LY6V+K{7qoPzaZvWH-F>!5f_H6H1<8$lGCvuF`bhabkU7ewy=Cacw$EzLvLU}| za&vh9SpF~Kxr+Ti(rvPjgFzJee*BwV>q|OaGFSyGCvO*Kg!_p=&~nKE*uA^NNl4ZY zBYkju7v*Un9bfHqJUg9j`yDk=Or2^`d_vhX1FZqo-oAB)kA>ZjL~U#n;#j$^!F z5Tnd7Pne_P0uhKIf*Lr=%se1Xu!^V7{sNB}{Zr z?8FqE<)`^kcV+R?!lGirp?v1^!v`;$`pf&q<<-C!`4Zx8ke4p$&+n!3d&;YbMM`4Q3!xA=le*2{R9Le}D|gvNlSd0-E3`M=@LJ%wP`ow1Ep0v@%0P)0 zfyEa#Ey(w^WINqCaT2li+RRDNDKjSv0`l0H6yWTA(zxI?6e$!a(__Bqg*jpjA!z=k7lL%vXluh8PP>l2CC4Ax21@~KZ~kX zT;ZYLx@a2IG8Z|xBJGqN03RgVB3-0KYU*k$*xn!?C(@2sKz-;vwn`KdI_7`md%wx{ zTGf0CCP~_j32auk#VMFSUFpG063g&v?VVHRCdk?QE*#>1BsZSLm^L;JY(8M#Tlmo+ zeM$AX8W6)t!6(lTnQ z)#q<~+e6Loxr|c!%j)ndy3$4^(apNM$Y$wzL1jECseF9~fY%+t@=`z$>D=hO4Q?S) z&blP(5r2Q?`!w>TO8oBQKOfsFn$?&8`Lrcaq_95tiuDh?HU&W^FBq~{5oHX|ktSK}tiNe~+!b7~}i#+tVc2(J>1YM#NE4|-K<#xl65L6(v_sjPYK zwFRxO5p~4irzsKcHNGH<)v?8hSI(51iK3MkY9H+mcn8nA(6*I4o(5;?ON3aIJ~>_hQlpV<)vs<_3S+e*S)r)aSGX25}++2zb4E1 zp~s9iUNEokPp6>}>7xOU2QK>6)>Wa4eQFub`%n`39~MX>s;1@7-g5QQ?m|u9x9}7N zij?~MC*$$U4zDBm5{|p?*@IRu&CC#bv|rC5t$bfhnHPtj$X!_d7OJ~)|0_t~zkVB` z+Cb8nKL6kne4BUH-1DH(-qf0PCYg{eV3I^dpKjhBWB<1(jX=A9WkL32L~t-%w+Fu@ zDqg3+iZI01@sz;Alzu;@HlbLNM>YD-{+{tid{>92wQvO8_8=#iw&Cm>r_9fwD48gNHT6=z<51ciR-kMjrft&a^nuP?%B5$jW)Ciz@ z+X6YmQM-WEr~nMC!X_-D8D~gKai6-`=nTsQzT%#J!y@;SkT+)oD1|lR)z^#K5mjLK z2R?rpbqEy!NVQMc9Dx{VE#O|w@cs3K8*&wovb@}nFYPYS&L64UlD{`7BJz^D3u&aLyy|Bfw&Gi|JQ zmce#t_3nY>ci-3jXseEDLO^2R?{B5N{Z>=UZBmh}U$!)4X(6wP!+WfJB8Q@uhq%N~$@4?XYBMI>iIW zzQRQVfW2{UOt?-A{2#HCesW?DX8-x>M9D_k5P`GA!Jj*82URmA-YwPDKUB00NFKC9 z3I_9;^l;p(Jn%c^dVNXI6uy3-*Hiui=pAca6b%V^^!z?XMa>HfZ_VIndy3TFYti`v z-q9^>Pl@z~?}WYWHgt!?ode|LxBzM`7dm63VfO>nbqtfUqPU6!EcWYHG6CEVOuH$C z$!8-&3mg-`r@xcX1XC0luJHo|u7untud}Y|e+mA0HLS!`Q&Y1w<}hR3sNGBID;jHS zF`-(BZ~;>diQ!fbda^|uP#>BVFFSKRKmJ@5_NxeNN@bKHsfD2%p0W7k?VWfK{<{Z@ zo&*~e@o0HT%2nTp+*4sHb9~p0{>`OE5P{$1txzgaDb?REgkppOmK{LA z{?FPk{~X=VipTW2|Ng$M*ItXDVCK_65+>tlu$G^Y1n>o7k_#8SBmU4zn1C&IIp;4j z#r4F1&2pegqxxXE`^x9f?#7$m-DD?^zyd@{*p}0D*J&s1xj(juW2b+FYBUulVf9Tl zgzlM^SnFLRi&OFkO;s`t2hI)NoL7AL1Z)KD^^U!e?dGcL*Kt)Z22;gOyv?5JeZ#ed z)xL~^o4JY=˝Ox)eXIMUEgx9rKM297Fa^-obmz9Xx?fuUKxe*#u0&o{OlN)J8E zvq{bR&iVMQkv7n-Mu)?=pk=AkQ<{cfy90`l)EeIo#@gGSx);kfSpISx{qDDK4$Y>Z zGW1xxF-VXxM~QiYmW*?M?Uja-d2kN6WzqawFlfub@qw50P7n zoVdNkeYS#c(n!)u~zFx#cOFe$Um>uhsGE^v0Ke zsBTxTXK5u?R=cqb6}$dDFXN93+PA;{7$FUrQAaeOVx!0sD@^DugP*ZpP&`&)Fe4}^_uZl}f?{PyG7iHHNJ14BiF zrSh08HilGQ0Y}UIPjVP}tg7-e)+tUl#M%jUeU9+=t7!fLty`)fwZo=j&kpi3B>}1& z=;`1*QA~e~#o(TLyc!P1^HJ4eF={n?jOj_ZsL<~lGgXK9?s{c-8G1HpF}KgS8tlgd zb+DOI!-=p7xxlk|Qyz5;LS!KJigY$}L=z#QIrBtT?<9uymCuQ%+4H++GETrt_II)gWeJ~C0Lkzl47Fytk@kXiaDR&7OV90Sm+rRbl_Uoh8 zf1kORmzL`DVpDpI+bd6QjX1z$$}E|(1*<={%*WgI*G5AO^gggX&13UFG1p9?w*2ew z1^|41w0$rA$XP5SJcjn|LQ@$Bt^Il$DfGU;Mggc)ZN;jWM&M4W%87g4yQaZ_-4x-g z$_H!Qaprc-F*=%5Ux`R6WI%anB1c%ipEn;4oObs`o;lFiALGJz82aRc-4M9 zh3WT3+6$5jIL`LqDxP+saVT+dz=di+`PuR|6#TBLFUK>K&Ur9z#?u>3=S%{BbE`Gz zh`~Gi2b1Bs{==9WIy$ROY>vz?LlcS=HioVb1V&i9p;_J}MByFKd%$+Z%njl3p3n4_ zUHOo=Z^*#F&1S@vFVVex55#Wbp7%XlEp~XYWI2EQifhS(2fd3|c%=nbdZlR<;lWsH z6eyP>_?LzpaT^S}75MFUvlF1$_S65v)>j6_*)84T?(VL^-F|Jr)*%ftWU|J{-&x``z; zAq;PNPcuyk2XQ7)bqz^q=T}Fg^+8mH_1;wl=8CqoCGO^%te4K&5(^%J9u~OyFX7XJ zhJnYqQ`$iP)Gt2a8t-O<>z@xX6k;iAbXvj0#;h+^~JYumH+755N1t>A4!z6NQ zXA3>0Rz>3QG|R-tt4bxN4F^D9tS}{ zPz!w{+sE3nCi==%6^9_{pt`a~;^R)V$dZHTIyI=!2KAwF9Es)z1lNLS2f(%R%r|)) z2q5gi?|pU#i=H9)+HWF<@sn@;XEriYdke({bMxMY8SX8YG@<*LKZ!@|=GGMT9WCK| zE2ksEDF7-}(-FT+N-L1IT?8?u<*`F<#5@&RJplt8vk6kck0@1X;gyn5ir7>913%mI z^TLXazj3e`#Gh&}Fi=VjqSvO$HxeD2rg_g4oVU(D!W*CAf}KN&tP`u&srwzOx9Kqu14;?=B+A8u7 zvw2HWwI2id=$~W9vqj!uo;R?w!x?qC;v4UVeEM%{CHik_r74;*x@>8VO&3lnf%D|> zsJ{H`Re#Y9bwl|xV)p~5m&FDl^$indZii0W)z6;aZZ3E0sBInH>B+O3T?EtNp7$}I zdd@DILH|4O-SNN%gC%pUIj*kr!bJOGAayZu14dHC9b6mr^Pa8&_)wc zg=e%gQd4V2Qne?PWMw1!U|>thgdw|tLO5*mIfTETri)PzgR||C_}e)3_>XkjWsEKL zxfG}v-9nvC6+kVL@n0$FI-q$+N39-aw2$gMpj6ftEid01=KKM0Web~@mw!$$?Yw!i zb2GucGLsGn_&gAow(20d&qGkDoDDTQQHQe>pkr169t`fg+!nADAY;lp)E-HX6-TJ0 zX{WOO&}!d4R2Uv-cyj%D$@ztriHS54O^Ra&stAe~Sr%svff~;5JUtLwt;%WJck2;# z9NAUXW5v*qt`Gwn(^CD-!%^KrYq-roH*}_s?@bJ`5PNY!_K(be>RGG_4t=1#shBbI6I{q|A zX(?q#K>Siv$({CrWRTwsSh@_AUiY)sY3>0s{3zruG@_*0h%W^%XPW{TpNXW_ftQAI zk5(hIayx&ukxIR_lU0ER;JS{U@ZM{-Kn#h8yZnKvsephaNkHwgiPTT?H?g!`3S~F9 z%x6!8&teG;J=fwG6VAeiUu_g*Y)Qz-re^3ipHu%=PjUQ){-0;5Ohco4=4>ROVddxp zMQF8D8!wua*Nr_5qEMs@FEDkw*(=D4l#$whgL=0xQLEbfTKnYgcVCEzNSQVSGL?N; z#VSA!^PO6c$bGR#DjXXkPj<1l`oo)BjiAfz9*jjYxB}g8XU7=cl3*dLkU39>DhmFA zB6?`7fFPVy0iXg9)Df&U3TfA5#(XTJ&>JabGUf)&=AV7D>IGwSCCx3TJ+e;NTg3s> z4Z?7QBx%<(G1+rw;rp3or?6Uyp}DvXXsT2UB9gahwcF+K{Y5cw01M`(wj{av2w&(? zl?{zTMD{)c(KbkH8?{ad2WdNw`@hosSlocc0=)DB$SCty8Q5z#OH6(P#{9o>G3{g+ zWMwU*ywqpfm3BI3a-p-WJ6qS78jbc&{4tXW3aZ>q7 z^lCAaQI}K7hE?@`1RB2e1`>-k>h_Q3Kk?qr=jZIK7o-=pl%q2Vd`QWHUSlsRYw9cA zz`BKK%;qF4!4u|gRI}9S|9=nBkBhe-(a-4MV5;z*k6GlZ)g~0wpxb`eRx)f}>k~07P z_xrpjGqj@!tv|R|xM+HvzOV=}fIM{~G8cbizeHehW>-R!r%s-S7Uh}S%h4zwS{uFy zG#pr6s~ov_pa^k?31#pZm0BC*Cc{vcb`^`r4&lQ|ktc5Yb31Z9_$4`2Q`CG>vjq5PFb$o9uu8 z!d51YJ{s?UfItk0=?}kfpAseNb1{crkI%N@j)xWG7%>RagxhG!r^O0mv+XkG z%yndbon+Q#_fZ2o)`ujCwrVGj5QZVWLjj8|QX}gFUxA`X)WuS9hAA$BTfhG*%IKNq zLZ$h|&)V=sa)H7u5mlB>n6PKP^MdauS4&*(3Kf z$n{c-f`bJj@RhLbFg8HK74`##2<O8pQ2a9*6|H zyYJgwk|UE%&mrOr=aSd#ix+GlHU35X!L~@=G&&SGRQXfw?%*Q=-N*0M|I?Cw?|66< z`A@1=YG}|fbDTgbCTv7u6{XClEM5le&a`o<(-B5G@FIPqjGX2ZHj-WrM)I1p7f0tX z5{!uX^!bmpFR=`>ijA^l-iqGP*>9}t2Q+G@1nv+aa}!ck>j*4K5YWw>BbmU5H+cnT z%>tfw@+P%^$%Ki(7SuvAj;4t00xA0T<-@9`od~pa=yBBm>#zuXzix&xS-R)tclQu~p`(7I=Cg9>G~;rJFH+*=AAMRi>mVZPesOF^6nx%<7=F}1D9 z@CA$g{7eRm)7Aj4X!G5W1NZ=E4J3^Y(}?rFSx))Wz=H?i_JaepWo4=+Qb{G!*@0M2 zpz+`$t#XTYtXj-*M0&FJDJTebA`=UV#d4s#&al=V;L;-ecdlfMLP_j88n?$6Hxg+g zl@S&Q9+jK|;>~&GaMlJiTk3x_3Qm6lCjNA!)wc7|mIQ5;(^OK6Srriu0>SWaN2d4r zSINEijqhb@cAhl$!8dK9bN*8HyO&4bGSdERjqb~c~>mBBY~XlP9IjgKFo53EVNugjLWnXoD(Vg#h611YS? z4EyUM+&w6i#uPr>6ezDG*1pb7BSJktK8Y7q@`%)$F{7DVl>Sz8s0oIe0L@!C4yRCn z*K~ze!dlQ*Y1JYW@#M9%R&A}Q38PeoTYxQ`fIbSX`?c2$#vXy&{^%;%zj{OtHW6wm z>N#;oedd5zV{V|VoC~c5JmzH9epn>bNC1xhEVk}*VyXtsDnR+Je9)VFIkOMxm@j+T z4#;z$^BJgGPir;@$2;DX=0L__ey~~6Rlfn(Ujm-@Mma_TsCnTD_IQ&FCitPbUZXPm z=gjw|je6!;a8RM2NDx!`(Gptc0fLS=E+xN7Ax)x-0i-TWPE6xJzuZ{ z30>jlrMa_5u^#94K#lBrXx9C@c&U$V*v{V_k`!OJ#+-9V+%zO z*k%#nAw5MzIF4nRm~a-3U_8!DQ1JB2cn1d4=OVyw>pgAaPM@>1(TTTf;?tC@!NO_4 zqEKTJXdqFcJeoj#K`_0A&;KIg*onUNAmgO?l6C)xu=E4=aorj1&YsoeGWl2+Dv4XI zG!WDIJRo*iHMSJCdZ3SE<5D@DWA8%b;=91(e|EOz_y3S5VSq5kWW_C{HsV{m;;*o< z1eF=b)0_LGzs-k;XF*`=>`6jTIFu6_xvsO#&UdR}X20Di#;5qnry|QVg(WA)n%Y8R zW0_@-UlyP0P&5;fQ<4^p(`TsnW6!WOl9m8waX}2qveB7rT3)Ll2W?3;hsFW>I++B3 zIhMWF+Fh&iPje&-l}m~VP!QG21-ayG3NNAdH@b#ofm{sL11w<$co#py zj}sEmAwZM{l6Cmm$tv&li4B6L!fnGpphuls<*lXJu%Kqe;$y$r5>KT>Mw2G0lNN?| zZoyU!p_uqp>{?BeXx!s60>l=Kc3_h1%WVc%p$cpHu9l#o@Hv5z&M2^D5b~3Vo+LO? zjbZRql+8{ghl2C(r{W|0FgcPZTxYKxBc7GX7EQd9@qTylMt~=Kz4`cAxg?l|r)H;1 ziJ6D)B%B3FAJ2E}?A7`=i{chM8;ueIn6}w)VB=p!_xg5_g?{ z+Kf|9uSG|&1z{78xOf&rz648ka|8*z_2V~>)x0bjB`FjiyvQ8tTOv(!#b3A%RyY_$ zh(tat;J(}RvGeMFUVXQ3ByUUs9h-fK?kDDWEW-N_d+{*p@ev|6qZzA$4a!ilIK-eX zDY4)lr2$CuwFC`&8J)mnQG!Q4 zEtCKUG6a*e*Z)W<+sjP}50B&t#$d3mwXkKxC05{xvf|S2IIU!^42_ogY1XqB8wDm! z`tJuL^ZA#?6DuNb>%ifZ$WpP{vH>;RRjo;rH=!8d&yx_)AK}S(Ee z@i*OKu*9VV!RT;d2?6LjTHC>rstUM#_un}ljMlv$G5nS>-*ng)lpTHPm-&Ary@38^ zs(ZR^0j-sbp8)Nr3;vp;Ql|M@r=f3qfBxe5cF3!~qNZ~|{TT8|{|`JIv$LW!wqmXn|aBYfHoj`5tCUIY7_pko}p@mZ* zCZ@y{Uii@RAU)hrp-{jyp+80q*m%5*!etcX%q{$tW&(_nr36)kZ>UZ;wL<{sSE|0 zZt8fwIGvFzLxUOwQu|5oQjb!VGk2D-3cU=tDk6u<7Hz9)$dA}e$Z<-^X%Nh9$ZGdZ zOOH@|>_}dBQ1k6al{JFm*|WUhuMTF7=E~2M-=$aI{}q437`w0PF;8@6E;bbj_aR=O zZc}879N#T{%3bCRP12+T>aQd`Sco&N1rZ)sji(bHV=pTklI>5U$OqTUDEK)*kEH%> z&*U#*0Rgq$ZD*&F0n$6|km5;)J_}q(6z=n`r>|Yk{k{# zG_BM@2D0%@=uB9;pLDN!{q_WQ)3i;R^ zX=FS2HSZNb3}jGXo@(1hY?nWYC^5?XY{S4NzSo=|Y#Mm!Ti@vWYh}6vDv?5&6ze@G z@j6z?u2*?W4MJte;R z6(>0BDLw+W(qngws949PV{=vnyRsS^&6ZevF1T>=h_XVgL!U$HbT@?>yMhEywlTTI!Xwws+%s?>K& zsKSyKRoP{q{Xj1}+v;FekdASFwN}6Y8b$5vcs_~|1_BK70Z>xOXZ1!2pc&N6bFMzQy7crYi7gIkPMM^&=ONt^6HKVr!l z(M{g^IG+6015S8f58_`_Od#A$(U~INM|_=9W3%r31gPeRFzwN%wwz3PB#*gLaxOoK zn7T9WJufrhI8i{G9lg))&w{V*c8Ii8Ot;^ZYB1oOOiEFNlZ=0n6cyhgx`SXl_# zR+_k|bQ=BYoHHKAe<);_oY^9OS zWQYWF=tG&JOL+N5&iGP!TL^+;naY|-R>_7|HNzDYM#Pnr0b=;{B^N+S)8>K3y; zwPwi?MA=cWSPY>^4d0Z=aCbe~>JR*A6LjZptH@75jF$HnymS`Kr{;w&RD^#WWGFNt z{iPb_pIFUQ<`W+!OkD~ERDf4h=FSfO#_Y(x?qH#8PpG5D zT{j;go(qQ88X~%h9P65D!``!Ip$QA=%~Af#P4sP#{yfz9iKcZ!3h|KLsE6MsSJ`W| zAvSf7Y{Q6bwi@dKSd8b5$2p_8Yjc_mO+SoDh(Q>^Db*WN^A;zLoFI;3yRG?DJi}j* zieR72=QmIJg7CcN)Ps7&VZ?HaNZ_?vVXEK(wQ}pvo_ap%xK$nzY#Sd;eU6!pSjl1s zGM`aKfDFTgAwYb6Gp4Pfob~>Hc>x()b087h=1kKEZBry1P7*?9S(dm!^Efn-BxAfu ztC|~!|JkrEDU7;)pi=x?+@Y#^PeA;>00BWB1<+BHsEX_S*dkKrac(ypr?705O#Dt) zDQh6clOx;dM$>CfDwKAeXC||h4D(yLW&4hSh0`iTa;(39OLQFeBy!Ki?lAw_z>fI`UoPw%>YVA;+$pRW3y@M)QeNYnD<)x1_10A+yio>ry8igQphDvhgy0 zIQ@w;tvVl)g#hV%3JpLB6?akGQW$_KpHruP0@SCHG$$g-)bd7CNxfxpPAJq0R**}& z!ZPWmeoUS#0k!ShrzGn;@VpxWvk21JFNqKXbuVxJ-*X_-cgatDq)p!$w~R*Kf8Bo- z%`S3Zr?7i6)FYbVPq^rL0#3eX213YK9E%=qqPsKkc z_@;j0+|F4n(6t0vE+1*0@^AP;5G({vo8#Q0#rZx`cdGs2KLGX)5SQF|0T#meA{a_H z7K7$R`BsRI$Ytn?W~g}U!N)c&aCST242KlBMm}>Yh6zui;UJ7e4jl7d#lgCc8@Dxm zaWL_HpH9tH+bs5HW>A-w6uUsdO!YmOzZqfCrYTv^rGPas1XD7}(XacgpdwJyhKSZ< zLtMGK5IGdBA=>C?4Oi`yb>)Pj?7m_7lT$nV+JZ8m+r{y1OU!yz z>q7fBsH|d+>)s*6^RLYKr35Yik{)Xa=^jzb}(iy=BJvAUysrkB800u!xC4Uw^+r}J_;-GM#u6- zX<%6Mu6 znijudKqJYU$v?+y#U4{A4T>`|u@}DikHuGD66E6s1P#73FYzxsTcI)O9J>{bN70n2 zUl+q*>ZQGcwl{goxh{nViINLP*@?%;%+!WnlXgZNFzC1uMKV`3V`%K8QYJUa95g(8Eh(+E(HmSI1P zVM5=+99>=uR^l+_Tjs-R8zH+atES*)BCacql9ImwwVB)d?aTA>(NTVn3BerF?;);` zQwwvZ?A}bY2cR?L;|~Lyv zeM_5UU`SD6nJL_&+DDy+DEUOVlhmj)#@3&I+59I9oq*R+TuCu{YroZ}Czgz9*u;@$ z5n0Cz;yjqsh6!XoCfwKy#FaE^H;Ce|obAb>gJ&I{L zAr?66k!WQQvafQZ!!q#|@E>NL&LVwEG_9@X5;cSdn0&BWyk+oWKOG)@iz9BbL}m(xHiQ~6jzc$%Lo&Vd%m zaD1mqN+RWD@i|q_K(1ceX0MAm4A6B3Zo`-$x-c`7bj*%RY}DdU%@|>ZFu;e`(X7F^ zs8n=K-l#wAnqD&&>kg7J@*i~JqTW?b)Y|5jf#r?2C!J0s&6VlYZ}23(z=FMu7_Blu zOB+mMR0m6}@rir^X==$N@b2T7YN zD>$b|i@ix0xeE${s8#PNOT5Kgy~g`NK_Hz>bl8>N1+dWkSm`mqv=m-+mg+TD>|=={ zMNj=U?6$_3KW=&$rU5zDl zIkZDUQcaGLm2QWmNn57@VUuZ$lOVYS<8jP+^G7N3^%Y<$YWgaF)YLmmfG&F zYmSht#T!J>0!>c9I1$c=Wct?0K@5;iHkTpJYJZAM*YR~2O1%z$!o;ajYdo(x+2oUq__5%5;`vLgifh z@_1IQ6qe_@MAMB{u+e=xF%edh_SzZq;Eb2efvlUKY&2e6sO=k9 zjUaI(TU5v8%~5qCxjPltpXz$*qvVJ$Q0KST$dsLZ-@n$W(l_%6xdLcYG_|r=3i+Ak z$sm$9)&yeCNCbjn_CU0xOQ0O(S4kssneLvnx<;Y=>A4C$uF=z7IioKM)4dXLYakfx zzK57k@{eNV?mt=4mgSX>CjhD@BqjBeqYS2^u6lS$H&3jRBi^h*S!VZv{?b8y>4zC- zH8Bkjd_yXQ`hM&YGHSNHcUGTwDtpg|{QuRM&g>a3K2By@% zs*1&G*Xd|7RCPi7`<1^gs#J<`Oi?^e!+@a)lgHQ|G4Ts=ZCI8}!>>Gv-7EA&@Z8zZ zFwfI(d#$_Wo3H$m*toEXGXU};7ZZN z;JKWv@?7_fV=8L_Wuwc4Xkl^pHkiFR$Nhx(>Sb2Z!Ri+>FuRE5z~KSs=9j#dmx{)na#a%B+!eTLMz6t4Q5Iacq+0=Ol?zs`;!*FcUg?<48IQO1oOWq@HN)V?ds$!3N5quwbgLW4`?Guea#W z<)*$=la$~D`9H}#OV$K<$oN&U^aD{i5+a{}Iwo){NX0z8eI+5esfqk1qWBu3&e#iv z!kWtO4fDMe*1r7xuc-Lf60pEnkkRBP`4b>>8Z*yzR#R9wLx@L-I+}@Q~ zUm9to5|#U;l{f>edTo9mb_WG!)oc|zd+58oY8K)s3nZjM2OJWNh!C460y34OcX4cy zEs5;xuX}~)AAcDv#ue=(4(#QVS61%{6p_!r$(3-Yx z=X;9i>J=NPnJM^+^svW<1ZX2+!X`r4kI!K6^z)`JcH{sqv~!o&egaKZro7efQUigl zH*CB^q4oBL&2e-7ZS99riAE_78j`M&g0eAqGyn7qWfLV~PhB%UzW&z_Xoa~m5V*NZ zjRJt+n7=RcCJUW66uYJDgc)X-K+i6P-`+b);rFKgENG$9sc0~$8HNHQ+SpX_8ImAK z)I=AA#ak*Nh{$UOI-1&ixp=&(H$;KrYYP7PiGAn5`l3?cpZ51j>aV z@#TJWzaqDtta-ob@55ztAFs&cXDGUNFY|uYgnh(cg>u=Y+U+wI$=GO0ATA-?Ek7%A zg?A^kZ3hDt>xeH+{Oy-f?wrZb1u+>Ov1;m}_~vksJG%9V_wjFK(@C=vW^r=%ijj## zxVrra5_q5b`|ZAeMoLNAvaR4MkD0$rnY8EW!TCr{{QVRh+NtJ1<(UK7kKwCNZ@y)Q z{qz}AsWa$E?$i&o2}@j?M6~EbEEwJviC3irQd4$RMsCMiSWq7ldPn+m);+HoNn}W# zw-p3)rd&9)%R@>4@RVHKE{>tXX77XRVp8_`bE3d`2}P{fnh{R4h5Es<8CUN?Jzx=g z)}dG&aNqOMbvX;ok?q9ysRG^ag4E>ev3qy~g|9(AzXCW5!QX{_>NpOWF9pHSCw|UZ zVhG%*t?<E^H2GV_l7{FT#p1$* zJ}ed2H4(m5 z=Trxo3ahb31ygLtXv0VWrrTW$i}@_)Ec?IoI_i;Hf>A}TH-D3jj(oxPD3F>~j*a9> zV??DPH2OOVr>b9Wzfrn1CaM+T;<9P+D0)t4`~B0|Baqn(L=H!swORu5RP)!i`z!_* zHPEL=tze>HJ(4q(7Asco-eO&TliZbd!f!A1a?wk@d_EZo10W(jWpwuP3VLuid6XgD z&@&KR4wYMfASYQR=6knI1u2VuGgda1}N`k?&Y^${ExGspvjN;9p5WqM5*T>8yVZ*oM^(=1>|8a`$I&l zp_+)Eu-L4jZh3v%YrhiFzz9>uUeHieOaF}n^yfD%F}Q!nL~Ha4TJx8iBH1S+sZJ}B z4jJS36SOCiw(zgQ<1fEFwp~%|KBB;E-^)yLM)JMpzZ+i!x*l)u8Q(6B=1xTTepSsB zv&=BE-lqmW?X~$G`>7={Sc=eSpcV#=jxDGOX^qJl7_{Mw@8`9vYDIsKN)fHbkLJZw zREu%-ahIT$N?=T)HlXnr;IF*@rF~TI@0Gww!QRhOWn{HyW%xnNpk7W>+>3itFXjc= zEl;9>X@@2)te$|NxgnGUU0uc5Ue*ZBI4&nXJ?QGAlMj4W+vlpgEZo}>zpYASbato9 z;{ZDnQu@+dRN&zjJQs?z!WVf`)V}XmL7dgo``U*MozcfHX?Mqbj|&iHHcw~S>h#$}!pFBfew8Z@mpR!qX{gAEfa5ofvC!{A+qKlhk8{TlTVwgUer}gSGr#cW9`*@1O7ggK6zm{-bwDGG9jD z8cOoI@gO)1j1$x?f)KMSs=BQH;YOS=+;dBwx@=`@?0kxU$wu^mlnhb6p49d~Q9eh~ za3=LB4bOriIPGOW;j&X?&K`o+1yUL!5Hm=xtSk9 z&dCV_2^wx-^qA_LPc0u&wvbUp{sUT7ZRKT3@#b0hRk>hHCfyf zyqoU+3$-ZUz8&}Qmt#C?-XNE1M0UPod&$w>Be=gmy4Z)vpUMPIksG{MrfNz}eJdQa z>>`auCgjvW<+Y0Jb2f+9M0P+uq@-9jbUe|do8*qXT<{Q8v5Dm@O3ZLT@9r$kW*0?E z`PeuL)b?&F+fZdjs2wbJ_?x0V;mzdv-1w+VlXCyY%E}UY8eS{Oje^6?9J)3#w{|ZF z2Wr_SEmHerB8zS|F$4Q*btv3}6fprWI0mw0*!3{K6&ZLnAdz_gaD4M?JMzMbh%B3- zaU8AuNy#>UI)$SW1IH5?A3L}jg7u($}hBZ6?zmP4z{~%ks z*q>K(&bp0rU<*l2zYApuybd*O&IE>$O9l)Y`Po6{B878-RbOb*ICVnTe*jgC-j!vOE>?f3%n4jS7}QfMFywou!YDH9A37kz1ih;sI5VWb zOAta2>ikZu_}xBV5y$L30Rpm&)6vwLvewtg@)s8g=)o~Ae{xxl;v0-}a}~?|bG2WU zZ*5~XkNqus42X|756nX3L!BHoSu&{B06vI)$F{9zY-3P={A8v<;L2&{k`C05?F ziY|N)XhrhGC|k+&ESTwVV-w2#;Ar6-AWLrmSbLpu2(^Pib~MMfTj>&x@D&`_k!1KW?1E*{7h* z44kh1eTuxljC}g1*2KoPtb)q-VyNQ5s5#PnT8$45V%kcUy{i=PuBck~BhGidXkWg& zNb0;gH3`7%*}d*XdV7$eT!gWWW*o(~xWJEm&f<6=8zkb&rucqkEoY@MV4!+J)M%UD zB{4SKBG3vS_XhT}i(((xP&XxY%1%>3jRNBsW#dqIJsWY?(-V&xL};q2gb(UKX|>f= zLm$YxMP!g0>RNWdDyM6bn>Ajh&{OE6%6!ixoIG1%`^hr9&k@zo0S_I!b$zHlkac#K z)F5N|B-oa?Bl`MxOeuy)#N8kv$?CURuzlPF`{Ie#B9}o{NB&96WfUovVkD-jl$%n0 zf3(a=L#egJ_lH`dul9)VUT|v&U!oYCn5 z=Q0`sb5h>uo8QjAr+Pm5HTk|8({JWH{hKYtc>c?Hr`m7}+PAfXUVrWEKhw@HnQh{q z`aK>E)Ab1Ulq`ctuGj;Je0OEJ4Mk`rbK21fy6!ebTwE=2d#`%pk9%Mvk8NQ9KzS?kpoL4j%?KSnH{Z{MT+|vR|4S8F`yW;0hjBFx zr9z(wAexvf>=)|zQ~G=PgGQJ0?VcKYZ2~{|;rjyU&%gW|z-<~x` z%79taUL3VCoCTa-UCZ3|<;!C4m&T)fRgf_diKb}cwv4htA3WSbjqggbMhwA{+y6y0 zhaqJ4M%Q^~=R9mg=PFn_O+T$JE$F>VM-gzCr0I)$srSfyoRTEVpZf(mE|Y84qwQM_be>RTea(zBDX&W4!;Nru6UvyB>lLH zIy;z*B#b>T=oy4sW+b7HQ-)4CH}gxq)DMO z(~RLef1U=mRB&&0rg2Z#`h;3%R|u)Mo)7H+RU%I_x_n6+B?`O0_*rSiR&5eS z8JhN5H&QFB=MML;H8*)BE3q&m1zyZeXe6oM>903$h;P3-dlBpBr6kU~0oe}HXTRzR z5e%%XKj&y23T3KhEnGN>9QX$R=$m^wQdq|vc$!dJTdGWNJ$IitVf#lycmE#=T{X>d zDZtw=?GKX3#%NMJaubdJb$_tG+!hxe~p@TU0lAEy2LE^1O+FvEjB z7@h7p%DyF>2z$VhNL_?hiK#xmf>{IATt%Am#+h5MooH2K(}z32QqC-rr)3p?3h!U2 zL|d0zP^xEAOj=n9|6jC=9f0G9F|ZAnmN5oBUeu1_*<&kA;Q+vMIOdxodj8xJOlc3) zenzI430y<|s9Nt&7=g|R67#(}!a=0a+blA7ppnXH!nD14rm`B|-^{h8Z~)Oe)c5O< z$EdR-Ipc}`qUzcD=8>uNb0;^!>$c3kcyUE4itJ<1XJ9H~VKp1@iGd z@!SA{@!2{EK@{ID2if$Y-RZ|cCE?ZJ{E?FR@Hdw88;yjNFrNq=0%|5o3hHM6!6sq0 zt}K?=ko9CSek|VIwV1Z@$aQ-gXsAw+PCY|?*r0Bon15jJe;g8&6#!ly4K4fH`73v7 zpG}(oT+C!fM}h`FS9)X5ZOv9% z73;t^i+fDtA0xzY7Di6Ve74;}{oJ>8YoM~b6a$`r97lBkVh;mf=-AJh#O1U)F%~F) z|00Z30rO-!F@YEAgoQlN0ieMQmDPf=?LksZyE_sRIpT@o#BktYog{aR*Jt68<`-CA za5m0^!iccOJWpFAvqFr+dD41XEIe1TFn+>9Fb3Ca3;k%J9(nE} zk#AunhRA1dM~cc|o(f4Vf9=QR)1TVm&o49aj5=tn&TM0Cj!^DC;ub!b!Yiq9E^yKc z;vM)C=#IXy$D}#_r&qqgzNR^=TWU~Hz9POWdZw^J1OH23`QNCBjPwG7`Lab`a!%?v zOO9*;QD#bXWwD45N1{^}%nrNLiu^!!nOv%%AWU5g@zM0|hk2KgisbuSMDZXZT0b1) zCdm>&@ZccD>ypGBVts38=)kegd@Feo9WHx0CG0_wPg>k$)TxPUr=KLqu~>y(rCqPa zEo0oIEY}fU;^l|skm#jexe%S_SQ_KF+&kt;c4Ri_S3)QIO?y^;Pz%5XQ_m@oqJGRW0+)cC~x2dfz+is|| z7F7^41dlce<~C`qelLk>5}^r?HL8Wm-Zhap7zu~ZWeO&(;P^bnptYQKj$4KqO(AMv z-2>Yfk%zZX^+LsOTs%7~0zNGsq{~T#^2K zVw-|TB=ckx)Pf%zwksQ(Iyslx)LJ(5)!xaPX*mbrt<_ID)J|s3A5<#p&$V>RN(@&& z&A`G!MPt<60lADH)f&`*6ShXUOZYweHb%d@vFmev2Mc*1yG?7xW0bzQ4wzk8mpm6) z!?=d09`=!E=44Lky+3+ep&ahqdU7=C=qimj0;pP-H?{Dtxh3w(g}F-SN|Q*|OOcV{ zL67uEftO)&@;5476#Z!->n{x5fv>x=Ih&&J*irw#Mk6gDa&#O>|7Ie%M#PM^%F*GK zY=73hZ#qHt2f3e9kG%a{vp78V?Ib9GP0OL>Zn= zYC9t?6^S$cI_33TP=)}9l+-(rh`FBp#;B2ajjLKEMY)U1_UiD{`j^~uHnNY?U_H9I z?3HebQR(>s<&sN&ubXxLs*-%uxRHcN4wMR{?4)%yMXg!OZQMcToe3;DU%G5 zTe0AV{-pLOH)1SkEK56N zg4h}*CdxLRjM)BD&juEBa_UFFUpwl8mV9jiT1|RZqp)P}htqF9-|Zcumv6LLRJf9K zz8#yRW$Qbc0~ppS9CsUYJRPAhe=3NER19peiQ)fbJzWlqwQhZB?LB=NUtjvl9Zxbg zx}=1F{1*jl=5S)lPA^xzF(jR!Q2Cu z@^vM2`xs9Oy;t(_JF;aY71D3Uz^zZ_o?ej~8`WWpb^Si$b1jUw^mYv&wJT-ZvKN|S zw6uQma~$aG{~5!X8LDdfiwhy?M}qPc>2F-VS&D4h=q$(jWpJ1e^e&ZqZK{B^t`UY1D> zNsRuygH%+PP}6J?N?({;rruST%3U0u>kL+eD{hN?#tXgZ6<9p$cK0*Ro$nIL(IiDu z6|TuzkIR{`O-sSEK9GsQl19q##8#DyrBjJ6ZDxL-k{hgHI_T22RR_oCEgD6#*iNol z+g1$h=_1+o6r%#tLZ$>DS4;jSGk7H^*<+Y+ytX1mz=2Hgd$C!+z=_X8+E4E-#`KyI zpvK5bt*JAFrNB8>rjyCTY9aubPaj_ab1AG6N`xfn3?=6xK z$-fT0bN|>zrXfFWk^2LvBG!Wne|e!DxcmPfw!SK=&8}M)cM0z9Ernvi-HWx*0xj+u z+=IJ&ao6${hvM$;EfU-%xckX}_U?Bs&dCt9T7 zl(SCXqsDcEm$S|RTQL<`rx3~Mrh}ycTj5qGpJEnDW3DX_OOQT0<>TI%uOXRu%DvEb zn~!04vl7X z?#Wa)6MGy>gltDDtU5zbPMRLYY>$sk_Mn%MPVu@~alhHk6~n{kJD^xErQ$CtO1`#Y(6+6 zp{zX8Qvpmpi*i=aHU6sF0;Q$ndr|ahQ4&SHMNBd&$z#C!@S0fJ4^tYmr(EQix^rP~ z3p2ql|ST^(_r-w=Gj0w>6ZHX_yAS z+DJ2Uh|pGZbI3KOsCg(kn~#4L1@bK|Y6r#^B&IqCldrF8_efoOY8VZ+8^ zpFP7A@cCxOrmioqNs61$1W+oJ6gm!EtB_Q)2a28d-nY9D4NMVl_+pUb(E(nzPhVl? z`Hhj^O7TNv;KYxZSTM${2w>U{J-HpjZ@t9lWf};UrH1n- zUj_hm1-1QwNG=29EO7v~AOf_x$1xK{Zzo}F%Az$MKb?mITYRa!j~I%FhBy)Qnqx4v zLpZ3Fj@KpIxTF?M`+i|8E5-&aIx@!0Wg0;*H@85Yv1nT%pS5v3ZaX-Aa_u~^d?V-f z`aDCt)F8VZZjsX(pEwZN0Z;&rgNKi79Y$+}Mnk-sFjtCWFwaMx>a|9GYb8yvVNmETNj@6R)XOt=seg;GJ0hejqW z-hus5NZ(Y>6MAcldCMr=M$lfeNeO8chCB0aZ~ZIrUrGDx_E8ECuXb-LJs8Csj)$`m z@6^5;LYwQ(e23tQI;wO3dknw!E0J)4>}zO_ydT}nt1?nm^A@jab~6bij0c(n#yL04 z2yZKpOC`P{P%VQ@dXJAzscKG*?=38@uqoQ2NudD{S~zx1fxHP>Pn;vWZrr_AbnV$w zOcN!45E4^%Cn8QHdmx?m=bH50-+OT;^;QBU0OO=G++xj2p$X@)VRCM!jJ(0*i^|ce zyJcr4sj+32iP;qk4AS#VivV*rMYlgU1pSfwTtbEAtbxIFcU!ry*4}?a-wKE!(ve)$<%S(YUTvdIJ_fmqUm%$4$q=CBPbUT{#q;fElA*|IbMYU};rS001tH0e z;5jI>k|-G@5%VioeR9N!sLMwAMh>zV&dZ(<9wQpuP_e~7DE@UEr)t*f^JwIU#FgkWl68|8TWIF(zUn^}~Jdo}dUmxMF`_jNp{NLu95 z6W(`J5o=*_-+pJ>Xm6r?Tavyo-%MJ4{R?Ytu>{-3|Mh_4<-OQl4eojfW@`OE@qTv-kVnN6qh2Y(iZN0_1-t8w>$gPZ&<{4a|d zQ}&l3iL~_dqq(eHC;wnHL?;hM_ma`SV#e}~>#trn8=EsGP9W#>>0}k9SNp6URuoq? z3YW<47z#dVrWlV%3V(cD5O=4>|1I)M$~O^9ak~D<{&_vl5GdMZE7rfUkzZ1s&u+2e zQq%`TudR89|9u;PUzLKbwCPCha}_Rd!`15d$r#xA{PWp%ZSCaGnZ_xYJG};@b62(g zC38b@^G8DVn6-bz)Ua-p2=nQiMA~l&;yjl!Q?h(NzY>;p8?u>`MiosJ`&MaW)e&t+ z_n^_1*S~vt(()BL5hDXw@B~l&aMaTtQkl)OTJl~V5$WHb*!zmDJ4>+Veg^$RZ5+M0 zUw3I*1~wq9W-o0sI&gi9l!k%W09Sm~^87VzszWmAU}ET3V0c#EPU1hN2xx|}O||WD z%=P_@U-YYqjCi+%D5lU1`6Xu5TvO#H1C5;^uF~*56AL$rwmdb0j-B!`(CCLLlU@9U z1JVQ~%Ov8CqD|7cv_**xbBLG@-q01CqSrrkd}hN~cEXz8rf(pkQQSS_)ETQFVM)tx zBCkFDrUTz9l*kaIJ!-yf4c!@>=y^JVF-pO~6&2pErYNniI|B5@dNY%Ar}cVT9G=zh zEnBgIUVlylOM)z_d=^)lPAkD@m!}@?Tp6gX*;*#3k*wHLpQcP(aU`m7obE);4%Pyn z8m_4Gr+h3m#NTJC9)DY{`mgQBFRjL^%`=Bpzs9{&fgl|(;jLh7abJ<@IIfxY7 z9%BjaVqbUc*A4w}QBhm>cQ3QLQdBWIG!v-JnUn4i%Lj@=X?+kNYR@vX)CXqmXKBSM-NbeG)%vE zD>WdSyy@yzo;O5*XIKn6Z|t~H@z@y-|NaNS5aCHBHMC}vQKAK{B8<_UkjZhw>%6~X zQi;qAU_%Q~|B%7dSQ?`FhRKIoiUu>uV+B5d(kc{xCp|DPOh~gXVfng0CDE+=PdDKa z!8^2c3ZxzS7&gMu{XhiePB(Ag><)7HB()4Q7aQWV{JutB>5QA_hUSU*wo`F zvBOEtZS@NYgj87MV;_e(t4IF4dwCUTT@+U&{*0Xt zmdY4zbm22WPtjWa=ka-ArUUR%4tV{dW&-~yk$<7M{&GDEOPhI)BDcuU$I8nIDWgb@ zD&;M6I>&o7gr1`Q*M|x}l(p9sn(mEmI;jKZp0?%X@EQDn!LWaX{vYn4AY#vE@R)^xdZYnX}N`Y600 z>P|e8jlMaIftA-dUz!RM9Jkb_9*3`txVDx2pj z)G3J8igQV_aL8T5^?=Cd&K7x=ihx#_VFnAP!WsfeRMuG`bLS*Mt|~Sdu*K{)7?BPN zp^;tO2&JLh@k#Yj+133#C=!hHJskfR6;}qp>EfmD@Qv7UEOD;uDMrQ=|M4Sp!}exe z-2o-IwYAA%8=i!t!~drihY>K_fmyMh;U1MZK_vH-L*UqNWmc zKA8jYel(=Nf(`UhwYN9@0NE^|fzA!j2Bh(k`rFe-_A-c)k%p>N6d;f|QN$}zglV9O zt6GUdd3h@l&7u#vKAgYy>nHw(cZK126fRSnF$JZC>P)=if9<>2tzM`G{G5Giao>J73P zGKS6!kKC|P2r*tv9pFPz(B8rI%yMQ89%!&6{Q19PzWHjPlXQO1trrwc|RCAEM9fW$DGeP#F(H!aE-M2Ky-5U)7 z*ZJqBruMLvpQ%&FG*?aIl-5a%FVV7(f~AdYK}^r|^qv0wo>4KXY~4o*D?ej%7hFh#6DN&hL-_XrS5kDDf?# zCbt91Rfk)Qj8#YVAPQvM9?EG|^76{ct+`=ghdrv>^&7~9p{pzQOJ}U70 zcVbXsgyn5qxqu;OMK=CK(XgesM6LIQuAPN?>oAt>YoC9827AC10j_@#o>15+lfc!yS0tON*(2BJuky{EWw zGs|-*O6dy32S%`)f%d4d*|FQh-#RKD1fZ`d#cM1{@k|U8ITIcQnc3dX81|KEu$*5T zJpZ~Y6@TiDU(|JE{46B?4wx}uGvk&N8|UPJDBJx}Tv}i8H7&9!$SzJO{%9-xd<@gV zaZS&Hmi~WlF|fOCi{xKYJ_UfMf-EtA{koRhv#@nWExd^-gQE^9M2Cvqwp7(fnbnA> zQxi8dcYY~Zs)`m{TgqI=_X=oTUvuUw~mazSX+$Np- zPySiz>}0L~o5gHYkt^tT(-C*8Pk0h6T=}xRWtb`-SP)xC7t!A)jw$i{Tu_6KNhM3d zp>=)Q3$RQW4wtafM?r)~OJ2pKE4GD{NdC-ODP41B5!-rcJsXJ;)b~3@K?_!_3j`_y z09}a~w%m12_2|b%iW(5(+8JY$OC-C_EsiWPA5?8pVTevR!qbJch2z5aU>CcJe8w*z zShTBr!MN%$>ow-+=pg9X|e*@au6$jdvFXvPhg&|eeB{G^H5h8GhaY6 z^ayX*HsVuN)yuukzN%cb_3NVX+U8^Ch4XAZ08Q*3+AQKB$-CdnE4ys4X80`f2bbd} zr06+U&Dug=SeI@f2cG?;ZaM8D2?6tnEc$JUNgg75${gyBB(eE4Ih+;S+Qqd&RGi2K z?Sz8CuI6Mj4z}q_%zn$4Pqn>4 zrbmtYoywPbjiPinQ6k_8VZJHresPI?t{6=_KA{W97c}9QK_XW}kvVJ5efi)$Xz*a; z@d8bfK-)J*H{!Y)XsdY_E2|&R_&nztorNjKkw=dr*Z3+L{PAMKEcgAcVJ`9p4t1qCj zg{%ZKe^)6YCj1s$g3L#Ut}BDEt_Mx(4}%1V>Re>jB`lX-a^1|j2AASGXt;I0JY7o6Fp=WXELX4GaAWQOPGV2lmV zKk(FP5ahSU+UdIMiHs!J%B+OX90xbTwvo^LdNDJcFFzj5kZC;)%}cfKE=+;dluX8I zy3syv$>ILrzw;qsGnTpAjp_AFBx1*1_z4{wT?l}#r*~pKC(dtcxzF2`54pZY#(v2s_9=WX8M4c z2{z$&JR<-_Y3eBq=`L3xc5RT&o(U$^{nQ!!6p5T zuZ!YgG*7tVAqNw{t}HHzdn?jjL`koH@NqBf?g8wq&XeNr`y5SxG z0&b-(xV%2m|4$zS`*Yp;+seFSpwIBz&krMB!=3n%Vk8AlPZ!-bHrc+d5hyeWOXrGx zegDKUo%q`lo;S~e8M2aIJ88nEYgTp0z3CFm`BKim*-gS>eCrVTTw$}1gA0oyF7Kz6 zMe0M(mCPt%LU=i8d}8xHCh2xO62`Zcquc8T9@?YT6cQ>a>Ab^dLdetjE zmlr!CM4&fTF1stSy1qNt7Ct3PSQc@_=W?UP@Yo%pez_N>k!9IWUnFED31^@0D`*o; zKb&Jj2~+sK z=YmjC1Tt+6_ZS<9-Rn!)V&B&e#?$xL>MNT`f80$}XH=&&XOtu3t7{JsO&Pg4HjJ)# zhpA`^HrSi)E{%bShfrUiUcW-ULs!Uca!Hp%2+#^nQ?WWvHAo(XxTL+c&!$0-3u2sC zNvu@HoPw&wszuuE!SH{qxSmy!F{Qdl+V5S{CQ9%6k}Lui>$S4^kq!;`dD~b%p179- zY<>NU9no)Ci?tm(cJ^;s-b%pX+~U5^9EV#sZm;`Wf>xUTf^MVxjpBDX?!I^3xN&|> zgu?V8j_vIEqSm@`#r3I1@}X$O64 z;c;n&tlx_m$?<*}??H>41*n=UO9%U%YrSH0K*w`~N^^V}{Ze`lxY>=rDzn<#)ooc? zlyJvm+ih=xKWVJYWDXQUWWzQXJ04SM`nuT*O!VB92TV6ZY&PWIy;znF>zb=aM`XE6 zVNWCvl@K>KSnS8Bp_P9q5dH#(99*J!$&c-SCH#w^+_u~p7}w-rMe#Vxw&@*v?}8E$ z4cEQ5>WBYRB}rqEzC1!*XOc9G^1kjm2D>k9X64lHg8OAj%^N`Db%W6on+p7uK>T$g zVasMPmJjq{ghXwRKi)B3kSHuVYZf-V)g$%lQBD|^a_k9n@~1vo2a#l?Oj;;<@U|ag zhM3ofzm_UmCj>IH2}Ag6hLu$)2ZvH}5=5V(DLE-5tlgJVKosHlnjf8cLx-eac}X2o9)1GsPl0d3GWu6z+^c&m+iTlJ4}nByrS=#zue_W zmw;+joUVBG-_%(oM;=2aW1ZNC!kT9}S=1`F)Sd#Wdc_~z?cs4OD%Jlf-V6&uLD_OV zo=aaRlS!Ig9Ez}OpL%EqD+Ik+xdNyVz^#AyZyVz6!DiB=NW!>4)y@JQj}BV@d#WuP zM4zCYAIUey{{Wp?oE#PGtDBGW0s@X>lr8+PbK2&Ux!9ar;qyQBy1Kd&KoX`E!|eQM zX2t_Nxt?o3nKJ)^OCSRgoJsp#Le2$qUr(HKPch!OCw0s!Gi&Q*8~VA^Om;Y+ zhlPdt%ed(E)bgr)+u@lnS;+2p$tup1ixp~kX$k>MH6)3=Ue4c~$N8Rb!A^&GWX1Dh z&zX`vS&$~wkuhb27`}z|M1;&lxBSFJDm|R|fgSJGwy#nZL9=Yq2Zz<%nWje4)4|lG z6TA!(;C(*JCEKd85J;>{8V@J@a}&QLUqBs4w%8jCEUSop$%^FW>QlH+2R{mH!Z~5_ zaNjh)u5_l{Ue9dwMBJ1;H)Q*#pFu@xO|a=&2NK z3e4~5v8+-!9g?vV_0(iz_Na;r{sKJy%{pXcN!ZZ1&BCSL`nX&58g#eMLfz9pI`1FU zD_PzOHJLPIY1BJA7N8RN*~m7X)5fOg&NGIGX88>+aBtF}FS~IC$2{jZ#Or^m%a`9V z|7z6}#cJAHL;f?ehbGQQ-jv z2x7_gCe`D2KjNhs!8%Xery{RjwY+4-%k=LvR~^uKgOHv+82T#@E|{68zEH^Qh=Ss7 zeHL;z87CIiOIpK!+!Yy1J55;jUY$9s?({o;CVDnqxAwTE49B^rw89o(j(MOGAQ6K@ z&ifY4NH*pKWsbK6i?2&MX!zj`X<(eF7jc}ZJ6`ELOVd`L5HnpKwgd$le6U3DWb-Lf z$9>ePtWw+DPzmzWhwj)rtyx}f-{&oo^ZC^a$)_`W5v~WU0DE6gQEM-!E7|9#W@RPr zLf-7cA9C-kq*m`1%Y1l|l$ZSdJ?-@z`=V8jrJQVNYKvsIhqfEo*#r)-Ehh5FMuI32 z6q(z95h?ix&86?y>a(yraSxAI$Kn&vWHR}!G026&hT2D=MNjK13D6XBC4sd+|Em9f z(UQiF!kqL4t}8@I3#{kwDwjCEn82ddj&nx}0I zfqkJq4*Cg#-9Q;Hx%A>XY+>WLzN(7y_0pHBS4{fA|7@4K#d_PdyvnZwDH4>Cy``UO ziu|*S>j|ubP*3kYM;tNl+ZS?rbbODJJf5DuP)=9?BEmDgkIUg`1n!N#4ZWu_ut3_~ zN{_aqA73Wt=cgs|!-_~%!7iO@mn&y0GNEB6sHY%Mpg21tusC0h6N?zvJUbM&?|m3S zl8otLMnb|syIEmgcketTBu`B65fv)-Nk;10c@|uKcqu(M>AXgQTc4TeZmI#Hd%t_y zC)e%ivfPTE<~JKg*D{whRlOrov8*fLMnEqA^>)97&3}DKlC(Z#M*oLJS7=B;Jhi>3 zw8T^W9cQmpQ5)*B80PKF0)0`LuV%DrPf|7Gn4-D22HP3yfafGS=G2Pr}Q!wU6Q~in6BW`Is}wGIyw2sYgfS_FJaX0yBXo3q`Ym9tp$AADTJM zFn3J(^`YPh(N}O*yco(*Cn}b;*0+MCUsi0ch)4+5tf!NWewU5wVSc;fhQ0#GB^vJD z%Pl@;N{#|}?rq3GV)|zPDhIZZ3{FN!C7eGQuHOaMQ~T*_5y`Hz1HaadBikYK7+l$gu%Sj4EP~2o$#Pyaz-fV=lGbT5`ZxQ0h?Ehe=Y!UFb+4khUe_G*>g*qT5JTc~LaTvw z&5rnMH=WPdk_et@EpAvgr+;=|-ePr(`iP+20vkGQ&rfm95m8Eb2ZSgs+;AP3sU30| z&W9{Z5=rM@cevKt&^<1X^l{+N7M%BJ!!&4XfyZ-y)bWOADnpUp2y2#g`b*srI5FOa zc)qIReW_Q;sEYD{E|yBl;Lhv(TY|>_B?F^nO#MJ0s#D+7umSN&anE^+aI%De%vvlp zZWoyLiGOom*(iRZq?>u_Ze_ms4M-oO9!(6#+KJ*eJ@5~S(!gj300H^^WH;9vL_ucd zz_(&$sOr6eA$#L89;dxD523%VRYWew3Y*-HYwhNH1cxA_i8E8ZH9?;V)rp@=0v17? zrLM^$c3eXQ7_(tO@fA_BnksB+&5U{w-f|n?gRI8 zU{Rk7fm2{cU~L?_KN5g153WAR|9bq30|iVwK|PTR>2aRa9nhH6>msMu_nV|@a(1SI z#epl%8qNSRLf>1V|4d3A!%;9VEIxz)i1C+3&*)9QnY%#TGfMj1UuIa&P6qY6CSGjY znAzaDZmI%!B{no#%IIoKo@UQ~2auHTS^^mTCLY=!VWwjaH*_-N0nXBHs!vxkzTdhk zYw4_mXJ?V+ui(iP5!hszW@}k9cTAWY1PCCo=gf|%bd(1}CfVXp!QE#^XOm&#C%hkrZ^~H<@&kEWJIU);PCB zV30-4ZsnTg5vv@rv~==p^(fzJ0|(4*OUqLmB;B+fX1tulQ})>RuteT*e)PiH@w&H) z5{b9pBAeA1wK&`3(`$`SS|GcI>3Onx9D*j1xwOzd0bgmW7ZeViYyEF~CET*1*%yJv z_pGomgifQtbHB*L*~_0Mp(Yqu9Zp_j_K*yWfgN`ea6eszae+=HxM)?`-br>*L?~q} zLXx|okeCdU&|&vR*l~&pNijMx4Ug;CKw_vw>CH?kF?p6}|JXtsrJ7%(t{FQl%Zx2NNknX2693`xeZ|25mHJGg1l@Yyu*O~Ay>wPaIwmEQk_YF>|vxxf*H?=1e zS;TLH9H*40?db-)?cz!?YgM%9_55{fWDlLW+Q#Hz4*4 z)&+AVHr(*s%c{F*1dYcn!@^?j9(@2A4?pJ_UoY<6N_auEkThl0_z0=G`(Y`iaPOjQ-@h`FlX%7C1Ekho?NrN;Glc z&#k4Q>8+ny5KZ}yz1nf@NYe8QHO4!ice$fA6Tdj;mV}Avu9iM;{^4o4$I_~_P4#6b z8Ty4;@xHQnFy1Y~lBXeT*F_McxXR=T%WC*_u)FEyQxD!~Nv-c>rP~1%`P*mQLiH9q z_%m07b6F4Q0gIy$4mHvEN3=Wh)%>l<4sRP%ir6u*ZOq`9vorbAI3BdiVa=%lnw`*5ZiCj1j>OdE9O z9T3x;tU0R;+SquK$r<8p$5@^QhOE&n^F~?L$E$p(sD;2lB5*Q}A>X*nLo2&gUDsyh zM}!&^C>1m)yt=jZ`mwYQaoKlJ6gK6pTSHAW@ZNUXolNOF2dT?@-Nvh#WlVzQx5Rbl zzErcjjH{OmL=vPrkEmpx#(QrZkP=eD8C5ljm8AUh;OS`VgWZZH>$u@7kj7-*M@28b zz;kpuVB?BEiBS7Ok###-q8?Q%He4<2dRH=k(&7cvrtxBHF8QYQI{EYuwTbb(?)9?caj zHP;hfFlrQ=C*g6tQaTNo>erqboa1i{vjXL+0||u4R(zZrCbw}Oe4J3c($#oHsQ|TK z$Hx}?fF_Vm`3c@rB5%{}f;fDWUGvf{Z1?CC1By|B#ZfG1jm^)jHSWo3(1JfaUO?gc znV~pCB!~W@Vvufp!plcFQrdxCoc(z!2gq_}0X$B`Y%iCw=rkoR8waoDV+U^O4Pb<>tkAN6x%7w$&l(r6Orm z^RWfDQNZNXN&jnXQ?L4YAQapoVd_h{3hPEhKwAbjFDmNRc&k5PCVpy z$*{fw0c;RO)c4T(1(Tr=#)!m(6?~?`Of))PODPR?2wfiNvE(&|^iS`7Tn0<9znX5= zhW+z4>e)@4NcP=gA*IQ%IKg)rxB9IU^=0FMh6$GY7Ic^><+8ywOV^;=Md%C418teg z3{PEqx2UEJcWL==4^`46Q;AGZn*ks;{xTY=qS36B5Jg7A?xvH431o`iyq2>!3JYTM zDtbaBpa;y&ZZtD@%Pl-sevp)ch1+CKz!Zxyq^)x&8N^zRZp$^U37emb0mu@tezNlY zHk`ahj#R?fPXlQ9)&c%Cq@WU*{FetIpFB zBCdZcj(`Ze8rL>{S;&S;J81_!DD6U;`6U8*m@+p|B) z#%gCnZR}uhsnCuMXzq?m8O%2-hy_XnIkp zeaRtO4UX0!4!6U6Z4Wm||2h8-UZBA129;e8)~6$hE-#2-1?WAxq{b>8k(Ug23pQus zu08&i2qD456irg7*H8pWVPP~#*cYM~b?QCH0JAfkOQ%ivaLI|=TN~VT5Jj_BG`x?? zN0uCi#v1Yk1%x6@WG(e!l#Dn6gVOcXGv%;PjFpuplP8iuZ{Lys5xlN&JdB^$z_LYp z%d6Nfl{~y~)6b^J#gLf5!fR|g$^~iUuZzpDhw_Mfn414eUsRbj?^8fi0XFT`3F6@1 z&cNZ6c38p4?^DlL`DvQyOZ0n`dn>|#8_$|6XH#TAg@7p;pvc?lN8_Cc8tex{mGd(n z9=#Z@YenBdC*h~nCjA2y(l{O*K0p8U!_+RUtb5bUeJwVLMRhY`k3(WNn|SiK&*-lZ zSq)fxjOerS{ewbIOH)gyWGkqGk}NU*`6Y~|`^exr!;9swUd0RVUnIY*vHenSRQyV= z7VDf&S|hW@(g{3K$KOsu(`umapD1rW8%+Cs&VWlt_W^%3jYS16tY=zNI?OfYw_?sISD;{ziSn;)bh0UUVd>6(*2<|59g0*u*vC!*j`%O=$KjZ-YX~@3aKiB6~@Tt$w7eoBQ zCT<;c>VsepUL&|0Uh^dse>#fWK=plweG#0~3!z!i5qajGjQkw>iDqY_ohQC1gz#_U}6ts$m@`-x8>w0yxNHRrD18I0{rUo|xgg=?g zL}E{bXLYIVjU6?y?%q$_FDGix#1p5Kd2_XwKVnTy>o&-sSwglkdG^Y?`Lv2`hu;AX zP9SV-*?w1<_-gXX{^gQ@?s3X)%I{%%?`cOTo~x<2C|FuaSBg;F2g0kBY;l!sr6aLs z7x-;V!I};Hbzyr4KMLZ-()DKc9ZG<=e^B9O4+!fP>12>D?Ls~I5%G+Cd1gmLn|0RF%b8shyIBbMFdL-VQ>%r5WeUx*<=;{s#gJ~M%?RGR9(!9)5 zuTaq!j!NwXSi3*zMMZ^+@7|{8CP|ow9-q=Wg#i#wnx5^JU3c|u?G5^! zCq)C^&U3&@I8BX`)r7B*?{=F24`?j-nBse&9W__(IP5h&&R{&at{vNFT8ylwx>5F% zin^2dZ2uQAO*7zZ>N|SQ(zo9JgEwv-*kQGy-+%MHN3$X5Su#bgi0Z3SVYbZl|J~62 z&qWOjyrm*4z7%(DMOp#bVhnSWj*1y-Z3+gMmCH51J#-|au4r3~#cI`E zpd>36mYpQpNF@vx%~*WL0JB=>V9_NiJL`#k6f?Q}w#d|Dl@Rx?SfM1ke!Bn0X87^F z7e^>EZ7Q8yXgHMtbedvChK}L^hCqj}P;$vps=~+_l^UV1N@0j(_uvEG*r!ZcNlM4B5196|Qa2XS0ZXul69W#JR6vQZGYH_TQy2-L*k=^q^0 zGyitMD{cRBLJ{G<)}Y$ZI!;}(SCOg2&3I{?n`(s&HQPrkOLIsZRO?WTnu{H*-&{h2 z>KjE?LM?3UZBF0BTcD!}2lGzgNdNbPc|J^wR}Jb5#QpwFbhh3L zGy9bO(VTzH{i(%iZUS2O5&X>+8lrz1P7JjMGCsD-F074@Cj5M&k@^Bp~-r28AioPhEWMnMTc@6cyxN3)gG0|=_HYnuQ8AN`+X+AT#kZVvgyWJC9 z8f%a&H>w%TZ$3`#k0eYN;sLw6V-ljlQjc7y<)%6g4u4Z!Q6Iy>siL?kLR%+_(NFwH zP<(!Hj<8nd?#viF7x%$jA4w@Z7jrR0Uqe{G6^Z9q4Tff*&>DhmNOXiDaMcE< z+y8>T|7H?68Se%eJdYbZM2VkccGkP(h>^l;ZyVy?En*JbXsd&>3Ni$j+GC1dOb%u4 zYwlMWE;f@^Zwig%=WcP534GB-jnVLVFpzC*YyiA~*!@jP5he3#ER4aJgN@Rh9^ut% znocmZ?yVN*Q?_Djpv^qT4hYeoAhXorbfu~b#;MurwMJi(kJrRU7N}oN z2s(JmH%P?Y$ow8z{17K~n@jqkQ0?Z+BIY6m?(#)t1zC3_KrnIwGNp!w?}}*YG>W0v z5v5z9AKBez>5E7t>zlqY3j_c;U(rV5ii0_9hHt4oJNXKF7(Vz?Cr~JJVN=;wQ0%fD zI@^@sL#S?AuKiCoFc$$ga-f>gEgIRVhh0EKKq8vT?Y5!jmn+#3MW%Lk`ObB=|w(=u2@ax%$l6wL z@ErOrk)BzIT}JIm|NoQb=OL)`hN3gJ{khN^-lAg&Ah;=h+c}!J6FsIh5v@AGBR9JU z^dlwRt|T?}?Inw&7yG!MMYz>{h=721(sqm^;&V?POt$PAu7}zeOuA2JAU{PICw7Si z_jI_g88vh>@jEGO7LjrS-xv}(6#{VB>;pADj*U7THV99RTP!TKM88d)+&cUt3q3tG z6w57$x*WU8h7n+U8p^n^=Q0)jKr>JE?;lzOt!dQ{IntbI=)$4KXK!|`xG8n2IpQwv z(Xi+8a4f%#Ft?xxOat;IlVG=^?5I3hT95-BVCNoOn)o3TU8V_ShJAStZHa*>ADNXj zjMpj8OUIX2RBe=Hqxjuc;I7O2UT%e_c!lBkFPNEln{JFHsIndLRvFobBT*tB7xhP6 z6Xgk$u5ljlnYg1Lcsj{7qIqFiE4khJ?Pl$Ua-t|oE-v(UF@Ixx#%f+rnjHLLG_FLj zc=FJE0v1*Ca9EAb1)YY)&p;`WXL}LH_IPyLz3^&|93HOp((2!OQVqwetm&keZ!+MD zCR9=wC`{)_7^x>guASXtkoosXz88ZA&hla&4;#3lp>dwxvCz@fnmy-6!kGjPO`G0BOlkK<+iMvlO*l~eRts+Z zc@)QGe%$@`)?MuM@O#vv2v+_<`moL0qo(5qVaLZ~i|QIr{I|z%S_B4HyK!!A-4pMD znSmxy211vDfb?AcFXI+U{~$f z#-JxAvbAKnd5j0&KNv%NQT=&J=K&5r+e6$uV1c;T#PIW}C$LZzWn(uC- zgVk-Gg)z8SHxHTN`J8yVg78|5>?jH4HcKet`sQITkk71*Rs|Lx;ZNPWQOeueImNdU zlbCfAb&YaU?Xh)@Wu4on51gEi2Ek+}gCa|T2GgP%1UihO8?aq$d}@fQRi)Q=_<*9C z-O}zZigV6mV?%LQ=eJeGsF4!N2d{225ki^n;*WsO1j`qpTZya7mTn+uh8huPAIr*#)GxfKhe zxY^7a>Cwz+-bblI#;j>+HIazNlQvX(?w^fk|J$klllgCckz$0xEoSEvO~;18^O+iZ z?%<0Jy7YNJZ5T3b*uc%gc2m_NzvDnS6V?yy!{kYR}XCx%&ljT4| z`UD+Py-L)uDYDH^3T=axzNJGLYf4mq%vf6fE+#uRk0)4qD}};~-AI^PU&f{UCJ}!X zo1B8N`bVX)Jo%1AV}3Uy@BJ;{S!*Lov;3rz*GLL=&^zAHh zn->RLh_BY}eB&~gUY^GZSkCsD2G$;iZ#PS+J+P>B)F~7~nJumqxDS%SIFsodxjs7< z?f93AFP4sdg$)du-7UB6UjENEeu}vtncYe*xqFvpASSa5Px9#t@}T((v2uHJiW5e6 z5}e7cy>wMvhn*2*O6c)sEaY@xU}?AKW;?indh6FOY}nE7`|({An~k1&7-`-jJ&BsP zz2do$t2{){Z=~7pn2KTTigaGoZIpS>J2gOtoGt_F(Uh;CqLnG0*xN-%v#?aY> z$~{XYgsK!pZ4kc-_C&Z zU#`zgR;KfOst|XxC#2$h5(c?{aUvuD56zzV)QqvXVeVXMUPaiye$T%@PWi25&Y~eS zspP}We!%doNjo!XF#t`UZQQt5BGLF%N2(zNo@l=N#;Lep@An>&Cn)?T&av(FE6JWf z+R61toP)acDcbQfu+Qa;ti33WaK5sD-&*EkQI^eB?64DoW0Mc?w7YF|7fgVLT|5sg zLWpZd$u9miti4!-4pK5Iq?H?+(t`Y)&ZWSxbn%R_JI$tmEvlHCL;L5O{SNBx*_%N} zsE@{M{lbRp)17^8zxdNV?)v6L$9FHJR5#KEVfwM_x48AH$7#b0Je_lCvqT^jtBeX#_MPiaD^Ht_MVLaEUY zFR?I+hwq55Q&=20Dtr@F7`NmYC_Zj$K#-OlAs_+2dwRHDd>O#p0jS$hTxw@j!>o9r>h{)_fWC$cdtyNg94W4t{p^89)Fma ze_PWYlqT7|1B+i8Jw1ixOe|pLPM90H^Z?L|O=Zkw&6{uI zOFrW7q#hjVSZ#O&Iw#loWEI4j$Wnm&RpP!1IJLoT-+8gaA`u>sj3lF}IP`>~RP? zBlnVk+lxix^3|*SUAI^tkZ$WsBHeLL9@;nMV#xR{Y{d~h<`*GSL~AAPTU7Ik7*+|U#+~d+z9-5$okVg*_BeN z%71stgO3N|++1ZZ5ZiegB@ugIxU^AyRG()ebV6szH4@+Od+gBG7+LEMFE~C5vxGoe zrdh(2LMqNWn_vy;BU)O$3dhwvaDZgxWe;;O_lO~H>Xq)KLj>gd$+1>$@r}+ z<3P7g4Ahtc-xnN#RnOevXfQyv$zemVyu4y#EIoDSbHlr}9Lwr%#NLOyfWQ)~_f}eG zSC@OE$fig1(oD_z61s=q#(0TAmyslN`~^UyWQ!yUOzk71I3cLj;4a^`N{%4F3x{Wl zbH+w#ADiQYxlv~7+FSjy!Rza)7Th>dA7VlV!0}0ZG{~Ie=Q=fGn{A|kH73&)8Xx?m zm^*b?m#~V_pc1i{M(gce3mN1^G&A*a zT@xeZU?eI<*_;niiIq8surZ)ATaqDYCpafSBXFfuwH$VqNb;@X)uYNqj*Tr%7j{Ekvzad>D(r_6U(MztpVrZ-#+%^?k-_)_d(u#a_(E}-21P8cX#cs+Ix2ur(wU_=-Guu;^$*}&_;az%$B~H1zB@w zM2$HrjB&=!<&P`q@2mbykM-!p^kSdbj*iTX1hJl@soPv9M$i4~VnnjF((fN1Sx6o> z5GGc}<=pDA-oExmYyKt>p-q7B7Qe;AV0c~E*A!{^xyt_G6(!Ovv8X0A>Oh&UzzJ1y z#mv$Vqt>gp>&3i@Y~K!rMocO}P0IzF?nENA_mB`4o51ajnS&2mA}A=LRsC%Be?w|v z-{_i)`1z^CIo#{Z#@)=M>h{ZuWngNFilyCg?vBMiGCDdHM~VEEpYIx1$KX1UKI>?+ zyvA6JJe(ttiDZ z51kDt!p!!L1q9--^mBr082%pFAI{dI zm8AR0KvCwt4szBN5-)}jm?(t7ao|@VE@ZCoX_uZ+T!`6AB<-M+G24%_AzKs$XX&@c z>Hm(rOQ@&q#$}) z4vKu${NDx@-xs&P(IN0`$DWBxzlBaUpwGv z=;YrY3q7kIr=BN|k8|7a*tCczjWIRA^^^o$E1n+FgHmFdi_AO?h?hDkTmHCppb@EG zEE)&=^dNX!&yErFtE&yFW6#)5NbT9b2M5U+3P{FsP)D^$d@DK^;?!dbd~?1+^@6;9 zAEh@>2K+b7=04>72P`iw_6|h+PnEepAiCB=1LT~e1u;?{_5S9VM}l*yi^ zEnDuPq6fLea}cAOU}j!4RHLbmj(B|JgEmCNyoLS_& zsNIUOHakRrGUQc>9;@fe5DUPehmXuS!cpHplW{5jg+GEHn)Yp8{Jyh?sw=+ZiXxz5 zz4|{ifXROt=o=9^7r)z3+lwc(6nP0FMLUO|&BeLZCybH%B-`Q{Cn-8lF;dD^uT2CP zJOFx2xlPI;D&cK)xX>sR6X_&-;V`RCj&pO^^G;u%%WZ4Nvh2W!QRi#3=m_j7!{$Zv zS2K^hg2xh1mE^Od@rfmwlX~Vly-TY=^322j}TH zJo_(w)$5omo}%bVXwNu&Y!1;QbGeh3pnC*-)F>FA@&@+ObbIlp0Z@enM@OdE_tEKP z=@{F`XT>Z|u-c1^pIY*Vo0zvjQk(uOq!n z|DMGP1w!wO|7eqE$dQ9De??Tlg-H9|21hp1AcG9^H$g;DVc*btyd+R<(J?j%`eT)q z@?jJ*_wJp988%pyfUeQyyGl!w|BrfC5=l1fWGk!qs#Q$M%qu;O1_p zn>H&z;*_t$?Wr`PneLy``AIaa$`&<`RS<#d`2G26VhFU49s)kCX&)o@k)S3f43TCXnro@!0~ z$Xx=?*(?MUh(uNc2An*vM$S6FcrQ8(ScV-(v-dZSl8eRBv>%rQTCXr{-~AC@DUt`q zP}tPUKnYzaAl=;Hr7G+CsIe9()dXdxm`~DgwL3VU#Qqvs!&*ixXR@+~#EKJO&+uz# zCx2nCPz-KQP~m{ihZm%?vJ{!aJy$H!^yPN)fHjClHgN>t^L_U@d%&CSKsI_kdL+qH zX8oAau*&*#a&z>gVW-5_gelOOf(;&y-13!_ZefV*@GFe$<~CqL2KEEAwT=6K-lpjP zkYN4;5ove+7nu@w>EwX2Ju`6#^hHO)_qPbHca0vTpw6tlGxSt-)cY9YVe{JvuK%@OjOR>?81 zO9DE0fM<{y`?O;RfA8v`_{rOoS#$Y?-1y9=)SmHA3^xB$3DkWub{`L4yDwa@ku=sfI=!cE?gqs=yt`$i8Ct7ym1%<1&k#G=3NveK43(MN3XE4-sg5&dCA;{OK_^_eeBkV&ijzR~I*MdILlt3z z${g;9|H?z;+fz15EHU01r_Isnm8MF7jo^*^wR0t=bp~SJmygOh59`BI>+nB0#I0 zY=u$V`QCGgaj&2U1m7Ey5_4MZcgkK$yk?-tNnqZ>z4}#wAAJtQy0|PNn}Zlc%A16{ zM4a|{di8!eS6N1tpV{{7n;X?M0r3z}f?j451-|WTy@|xav*WR-_lyseK~Ouc*vTh? z@3`E&x)1UYi&C1|9{z#0xUnI1?CIM6m>3WsxUmQsSm9(%-6z@qvgT*9ej2~*%rhmz zr2q{msOSdDWTTdJM(m;)U25e=M+tqi!>I0}KIAHZ;#C{0kmV^%C)7I(-9;qxmDLS(3>vJo=-K0eSOB{p=2qu?%UC~#EhmZdXq*^ zobYfSNkKaKryL}-;x|=cWI>KWF+9K`t03;CF1{M8R(wfdyhyEmU<6%vA~-^9?j zwz(Z@4bSp?s5DyXUu)Pvz(ow9o~2I)75{GBxmZ^a5AtY*oNOR$ZuU_EXuS*U44{_I z7>089EQHp<#j{)#gks#mTpjs^7Av3bniE-M*p?X%#>Ef0GSjfZ{?e=ZOZi!MixPK! zJnax>mu^3g44A7YEpLj{DX)Cyll-{S*JDAuQ)styz!m&Fzv_1H(BIkw*HKa9mjgBq z)26_lkPs={_OCJFit*e$5StjM77mOajrGL0S5!_Wcg;zIW-7tq*mc;JEtBKn5>!_O zF6j_WO7owm)=qF_a&~B=JW2@um*e@iD@bZ>Xikx>^jaUPE>erX$SgG0b?VN?^#y-@G4uc z_(#Dr>F?4jTjDvV-o*oaD{XxtcF_1?RL$yMvppRUyK5(B6i~Ai&)(YZ13+mbHVz|C zSZF7V{XIAHO|vJXrkq2H9TSwLo*wW6bwLy zqh^XAV;x4?n~%_OL|+l1vV>p;a||(^>KTnB!R#h#eNef-!SW^M zD!@>vl0{DP8ZR+pxEp7;?jC+{Sa3BzLWL3i=rZ#;Do!CqME<%n5;);>(TyE$xJwQE=f4F~Hxm(AWg z%kMr1-!G42nz(QHeOr9175cbx;4YYMZu^Q2Lm5yKCxp|cAj_4lmQqxg;xABOb$kC= zVWHk?z3SUIWlXhR07jd zV@}r!d)_KipSP6Kt#R<^^AV_!pcPeM+D_D6N7=K(X%Ym%pw^u8wC~Y+s=~zf**N>c z-uFB=oI8CSo8V6RdljusXDwkjK7FevWgl*rWwtM-F_DyP%HdkmzwE?ep~kle z#R3tear{t3X^s8p1wE=WuIMm94LICEhPqsNRA7OGE4Q)@=QsOr$}WRUNwN}0#a~_S zJ*m1-JY3V$`{U5#m)yWD8hGT2p~5S`U_3@ODBlWkeSOY`+JXY!p0-2$%gUY1_|vx! z>!bh1Kq$G62F~vJ!wRl$^CJjHf~1ZWMHnlKTJp8Ub~q>23v9G&Y7CND0?eKPb@UBFI50GgT@z}Yv8(i?tXi1XNFAjYvPF9Act21H-k!`?t#0k?STinAM) z5gO|EIXfi@6zF=eZ0*~>R!qZ&tf(}qG*blMpukeKDHAUqbp|P+y2rIiPPtEgo$cBZ z->Y5vrP0RLWzfD6U|bV7br;71FJy#-X1QLSXBv}2@lLl_b74K{w)YrYGq(-Dn~iyC za*-8PWYHg}g*ScMPAnrr&bS4^EvP%Wr)0E~$OyQ#aW#vTscGVuUpv(ocI=|7Koj4``RRPv z3dKZi+b8X3ih$yo<2=o#m(+$zfr)2FiXWepn=t8^`I*y(#P?QL&cCmR+1j=^Un7nl zPbU*Oh{xRyfB@%ANn2Xnvpq@F1=saVCM?ob?c!Yrc*U+S(*&+DX3!d%8bDFE**yU| zGsq0Z5`V&3^;ofs750V>zpAc~C^0L82;rSPd$sE6T?Qt*eabxu}EcW};bM^0qEAt~#(j~&<<^)P6Sl3V6 z7yhXG&JPwOV*sa*A3XX81ZeBI>$u;bc${XYtv$D&9gT_=%eenO_1T-re(|k#f?ztX zfhY_?&OOQHE7etYc!c~;-A~;NqZ6EF&i<5utE>HqYi=HqkQ%+5V*)1BSlWn=0|OVE zTg)@XPE7JGJDkC)_;*^99y$(G3IcBrBhm*mGkaHI<_}KqwA792ncV$q`{Is%_=)=L z%6@?xvVN7(pfhVZ()BaeiaP54HqL#@0UAOXJyuzX9Um>fN?*7D{%jGKZUTlV;!u}u zM|}Dd{KHB|R#j+!bn6!621iqIE zNEd00+4pZBO4*QusgZ-L{3CMMp{rIinmlXTW^hUXn5g|o!2gUQb4Jc<8NPG2LLA(j zFQ2TT#9!uNjfbRaa+Eu7pkRk@B!atUc~!0ePEcGQml_ok>IZl4s#%G6BOV7Es-3jnq4QVMzfOm)TFJ34P8Y!tb-|>g|NOO}(QVgi0 z6=?X%?sU4#QIRP)Cn{7#%d?@I8Z4oo=2e}r7&lPO&zEkvWSyB8Ewp?BcX`XkH~I<1 zYWd7Q8RNXoUtMkDmnV??!l}18)20TI;qYk_npnOd)KFHUHdC8%VT>F^Ata>`0Z)$q zQCHX&vM{z(@z*&Hb|M$tWKZM zLZYrPG8-*=waVkUdyWHhU+^SH2rq>VFQqRbJNehj1ikenttZ^=N*ENx5@-8nt4v8pBY)1<~xP zcEkirt^-MjkSXal-R;U&BINa)?Db?sz+Qp1kkY~i9kJ9uwR9!fC)UoPp!1+6xTPin za8+8MU&MKy%6uI`ZQuJ~A*5ZjMf)B&A40oD#Jyd+IHO$`L$xo2F9BBj|QXKb~p&Mi0ISH4HuCx3F-8 z)Q^&A2hB{z@ka2vPn9USB=b$#6Ul$=_c>SXL-s3pp~7>eWg}WLfE4Lr?-(%9UI>o4W5_rv}sC8&`E!1)bH^+1Z(H2qIo$= zw@rLFFWjUOYwl>N``h~<7`F0??bT`AB+Ukw*>;A!KYe|*62QaVDM_m@>4o#!yj&6{ z3y{nrKudR&PVso<>=dd{VVgK2>C2zX%9A|e`dizzMT)Zoza;??{xNfR>zlkxI5HZ0 zaNL}C)andK;GnK)Kgo^cIKS61iz`ZeK@FgKzRGQn`k{uXre`}|P9u*AEkJaTR{$~M z7h!w(H;IlalF|@@GjYtrMgEmuDS8lV*01U9XsH-vR@clF3Q*xu@b9tNrp)w}4KE}h zX%L0Vj!f4MnzfdqW*_Y8DeZCH{U$#lt49Tq88$!XD2y2!N9FR9kBp?TFMh8Xc(o#X z-<-CLBeM@rA+B-fuHfnIf9*Iv8+&%ZZNPI^<#XG{)3Zd+L*I|_1MS>4bp*aT}iUCXU(SJXaX7!7lH}oKTH%f`HB0q9c4N;u%xyy5ZJt!T@Ct*cebn*yPP* zW0MQvQI|u(z|bOMg>+JQY^%6Dytao$gpoB>{?H5n`d_dq%Oz}*5Dt>*^j74L#XVg2 zItfPAgcqx2Ikfbx`EVKuoH}BJO55Sri-2Ux$J@85M6Q?HR=A1FjAj95`LZXj8^zT` zM@zTz5i9x5VZEmZH!GBkS>dOLx*fM|Z-EXii}*ftjBei+%tx!@$hoO)0+AgZl?iyv51M*BZ)fe; zMn_>fX&zYr3&~R(Pi8y<5YIXu61jB76NX+Y^DB0k1W8W5WcS1TI%2aSK$cdqits@D z{Rqc5;`XsogM)oh0r8jB!)Pq=UQ~T~S%n$mS9XAICx@+##`t*N{$1|Ko8Oa@2IgGk z+Z76wh=K7g*Qz#q;HbRL!^6+c8EZ~>y|VYlt27qj70Y(L<9WwhOb%ZY0ZzxA}WUdE@>++o@*G z7>(kKUgg1nnyiwmwf-1h3(sazR;vaygXKn?P-!A@5IoFymZ`JxV=$V^?82HBtGEU| zdGhEw^2JFJ<4U|;wo|x-o2INlZQ@Ro&V9j$#Pl(B*WYcIGhCe@Gl#^aZqGjVg{>JZ zadcw1cj)NK>=t_b!M()9wAwwWyk%9sdxGMSS(?>G7YS%TYA9a+1=#}sLN+hg)kV7a zW4nv*)yjG>-GG{P(XYN($&KmvZ!t|+zqH)NcH`~E!{3k}b(;@1AslTS*BA+5*J}_F zMO)<>M0^Q7h`1Qc4?q7M0#VWaU;TBF-FnP$0?%Pd5PWbTa1z5s*pVyh(T829J5_S|YMw)6{vSRiP z+}}C0lx!zUaBvLRHY3f1_OU;oEoYY1ixqbtq#6eqKzL@-`m+5?UW!=M;>?uKi@CCW z3vu;kpAM)K8^kR$IT;x4XzB<<8XPNC-wIEu+jx{#eBR}A_Tq85p!fH#oBQEN8A4Z{ z8r=!jC6VI$a6ERz&G+fgIKVfK`EcZtGNODIdL8j z>DuLa`ZT&e`-djgM~bo>(w|>E+sGRER#9Bns_BHiJ9LBUOvg7%c8c@U2@-k?U`dyM z_{z@E{EX~*=&Z*y>Ckf*_-{YQdu5QQO_>ty<8X^-m zcLY-u33F8UMCp<8bJ`2rsn>m^XVa8CqO@zOA%#_6!#Er-f*B{eb49~ad;06B``1K6 z=08|QGaWmYeJ=%nmXl7#!_`Y{t;5%<0yr_n?$|~rXP1@`t-`1)B+Oili}`q*D@3%|o^D9$5cFZ~)zX^#1Bnz068_{tme@ zWYU|u1b#+vfI6fs0+%2eeMb>HTDAgZPuM~vl_Q3Ji`t=umMv2(`q_|(tG0^Znca}9 z)(-Cxz%yA0a^7jah+p-S*mI0Kii~bdkH7WyW8=)8ICPykCF>Gi5L60A9Njs0 zoeG5tiHC{_hWS16UJq+zNC5C{C$hRPhu@)-U?;{mEe$Rv;D9q<+bFkhc{QjV+-wDA z_BP<$=da<9&QJwG2-m)0KyR&JL5}0a`T&`5P{1(kNihY#({fY*#B>9jz*PH2j>B)0 zz7?i_igwJMo5$`&U)BliOkS`>dvhV9<&g6cWY5XiYEIY}$BRJcN3PwR*W6zI%icVF zH5)NSp~BVQodldr)Me$E+*krbi%k-U(fGU5CStA+;CX$|O?66}KxOG->4Mp5Oh<6GPHn#%8&YwU)Xh8gBtaY~Bdr_`p;sRV6)|^X`5I>zU6V zVjSR0cjcW7B5R317)`_5__Do=Bf-WITx|GpF?VqB&!_qs6|xg-HPd9j3}Yii?v+-D z*>NpTDqs;;F+oLJSgibh%~7c@r2v59W6saJgAc4ubaRpOt?^^7ft=n${!i&H4;D{P zcfRcY2N08Zs+Sehua&-kqE)>ps64gXwY_t4u z2jVFD(`t*WTWcHC#H$b6kpB8dU}xfWO`_B1rAMOw?B#r;tK&7ivS;J< zJK4o0+zMA|xW0*KXd)vPv@1nxO-!xrgqfWkijGcDgjozMj!OMTn%8fyW{Xe!6{f1E ztyt6n}7)3K>zMj~}PPFV*N7Fx~Wr zW~Jvn5zl>7vMg!8{BhsTB$K);uik*#tn{UR!WK>`Z=rSoPxrlpZum$}m(hOZr8$}d z39U7{bKbDLA$ybhlt^e5W~P;EV1f|hdN(t%`I|zdYc%?j=)az$sqWE+R!E4;Yg)iF zRRE>-$F9aJPRspNU^P|MxFZ1}FBQV$N2vCmAN{UgWFcou6W z2TscY_rXWE+b!+aZ|?(MU%)%BPm>GVeiAq3_ajuVx=-UBo?`yHN6wuB9k(zh%^t9| z`dtr+;coX!0~go13KzS0Slf{URNY!?;=w)P+5IJn1J$1XI3J=vKn+-3(2uRUddbyF zSk-~nP;d|9VT?1YYJN9&`-R{Q1>Z9~*mKsjSv6!fGc%fb3AwFJB)A}Qxmu0_twZ%a zGndu?VM!9j96-cpnyDm3#@=LhPsQ$H@fi zcUx7r)v=egIQZpXwm|{*w5#7eOO2)@HGjGAHlJ7oI&vE#suLoBMkjWzo8EHi@LTj^ zfBIy+tgO3QfyfGjck21%=6iWD;BWFW{V$kG{0pY`Nt&-G)iP?ECuh$Q&!y0(%{&;n z0qul&(L26E(TYx)&R;DEc|@gEZl||MSQkDP`4s+Y`OmO2^=~veZ|KnJ!m`qDVv_9j&Loz;exLwMspA}b-Zpgmq{=_}k$ALa<9 zF5RHDNS|EJF3StNTRg#PzO4RdrU7XFH%Kr1>*vO% z(XWv74&sfALV@iME{l<+{A6sC%&CA0vxiwNeX%QiRVp7`u$ox3lQ$0MhH)No*2d%u z-%xC9T}MpR)4p?l%OVY)T5DFU!_UJBUJFY5`l%m6r|sjDF^HkY@8E7Epig~^{;VG=|mPtv>Ef}eF^;u#8Hx~ z{tQ&H=Vh&n7RFyo@am2(9@Q<~PMx%^(4H{D%`7GRVfuv;GSkyp;QneY8{P4>VdH7t z#cJ=)w1$)P{mDoD#m~EsN2Wn}Od^>JiT$bt2ndY&{tn)>-IiE>glG2$0l|7kO)FGd zg-IPVmD)v~=A~oa&n4x+Fbz7E*n*OWB7rAZ)hm9-^;T;Y$n7rRZpZd@YGISr)ZID> zEEd&2bXcIkxWKC3Pmtd1`h1Hm>7Ie9@r?{C=UvPX^H8dn9>eOgd63f#zAw3enjza* zbYEiqTwH>Z+=-Eo@lg`s)4<22u^F^nV$(%On+>(htL3OUu?<^3-Y*(&MknPoqSru~ zYU>v?Pm>-mfT!7x$Ku5%CxC9FT90)136{%!!E;*^{rp1fX2X$-hB&ALvg2W2tNp_W zKXJlD)V5QCL&p6@?F$Y@<-!nO`l2lYvkj*@9E_e!>K3+*7eUAEya&u2%^3i{Pd^C$DX>g?bN}Wd_o0dR`dx}Z z+ZEErxr9HNd91h#Z47EmXwyP0*S2yX$JI{>x;q~<@Gr-p^I)h3nkb3cBl;&``3!R`%4Mj1FTl~)V% zmb>RznG|ZXzAM0CgFRXXp_+)Q7*JOlQ(qp6tyDKRx9&L|5g>%g#^#7FT~zJOJ!-(} zfb*+rX!FBvnU6u|*4wug#ai!k*?5OF^EWt;9g2EKl_NtRDETLDxb^nY4g`pdo@$To z!FvvCR`vwn9V<}EALg_Q>VD zr|qwlqSuQvOHLRT6^3c&=H)9!vx+P>D{2|L$@g)oY)pPxQhj!BU)lh6#jFMrgc>fg zUnprGzjfHazXl&KFDTIqR@n+<3Hg(YmP!7oPFw1sQC~XZ!qDxsIzKMKV~T$Bz69wH z=f6?(NEZzHE1vY%TU%R$?*bOZX-*NydAC*Qt9MaT5xS!;x#`o;j}7j1$)lF$34R%w zEAj^OMdU_E6%kfN(&Cgbm&^NazIxw@xLp-HLvUyfnvz87<0u{=1Mw09pPOTSE!Y^p z+zyLp33{XQx3qq2mlxNhQF+BMZag;5Bahrj;EDjI3sA0NOdkGhD6Qn<4U{gGefbd3 zY^j(5(CtE5TZJlT3Ca}Uuf@SRs_**IoYu}AtTXUBSd)t&Jm%k-9#-Ee*c~amfgsn? zt&~FJk*nqCPUQxW;WqTN$7St}x?gDS!sDD-UCIH3R2^49-`&J)I}ZA^6JTW>RWZkj zd?(_iS~;(thEEZ%z}+`|S9IH&ftVG}B2bSA_5cCgB&l-j)e2QWfCkq1vFp?NG$Z0|6B z{ldp*<09*Bd-S2N-z`>hOj~72uJ{ux=9P(ziimHS*yzk2a2^!RQ*zaqNoGhhIL%P; z`Uybyy|k*4J|vdHDZ+Ju4hzb4f=0|YSPGp@KN^Q|&v}y<+ofbunB3Z)?*kZfx+|r{ z5%ba(`e?suer)7W(SFY^PMakTv>Q09T(8CG=~_M$7`;Z*R!$54rf4EHHN07?NxFQ) zQnADQ^kT;8TWry!TWwVFqb6-T_r4q-+Mg=#Q=1&s?!FZ`N`HjuW>F z#)JFSW}yZ5=CM)TQA|rW$MN=yyn595g!z|LE}jVVI0}(bMm37(_};J3&OXSjA?7t@ zpa`nw+S;b2$kY?(%U%oqdgH|mk+@vXwamh`V}-lan9FVc@Scwk0IASYy!9V6yre$Q zUxLKwQQ=t~&sLf+iYKz+e#LqHMju4iz(C?EozE;!y(m$j>S|M?cyxalVfpKY2(IG( zN9#c50~1Y9JZDP0l)L!NxO5aUzd0E5S=}`j=_(@3DZf9-SW^7z$f{kM(>6FZX8z)e zNAt#&J=K-Hrpg_z8%6irt1@bd$i&iS^~=E8Vw0B$40#**Eh`Td`v@gs1+rzBh8w-z zQ!g*(B8R!goz3|s&p`h;8S1>9uS8g)oM7t74UvBn0m#}i!`eO%u3+T}gzQT`w85|m(su?N;f zt&G{PR|5N^8RWfx6>ZI6iQOgvc=M#U#*yTxD_+G!pH{lq7 zsYWSg-GR&m6~Yj?C=bTU)E&Cwu=1rpn2GoYJT4ge%jC68f19nf5e- z^x!43wnhhEZu)BiuN(as*qc;Ws#kGy7C3HJC`qs-ooF?S-^amOS6Sesf+zMJU>9%C zY6uU~Df?an30dmLg1ShW4y0p4MDDk!oxi3*uO6{39E{-2fzR3fS!rqM{it6&yjc3m zvlyFeG;^;bIA(7XAXa|aq=YYlgq`Igszjw!jP<#GsF&6F^-h5%mK#=bi-IZYwn>-t zH(O3LF1#6684N8~`lGj4)mhs4Ibfhlm|U9qrtV4TpC@yX_#aO4D~yf!ZI|IXWV+$` z55(2qt7-m|per`5EBkMQQF+TPcdzE%j3sAsK91vN9ERV~$<+i3=siEH$Qo$zR=SL|MBB3cA8QVg%AhJsL+e2P4UT%jqCQY z7jd3q?>u`$wR=yPvxB_Hlj8oNZvFSM)vr~oYon%22wYvnwMBm3KsN%gZrCq$1r569 zeSi020eCn1`pxpTR*DF3cN`@ueoEo}BM^&>zv*|BuTp1?ZLZf1Q5?5LwU$?7b5}VD7o%S-dhsh0@A{ z2_}_DFvRFiCj4Y@c{CBa1QK+j?gcsw-%iKq_aHLYj%$JL@aWIb38=P}aEoC3|sB3`wn%@S- zI4sG`EK}|r0$%uicWWD7nRqx&RUt`fYM%-cGD>|u0HRqmDa0$ zEA?OA|&vwugGCDRM5&><|No#pNh!?+k-1N4fOZX#>1f2~eFHbR>e9J)4 z=ImL4DI?z9vLP!}l0##e2C%d)xj%L@#rhr{QHBeL zmkj$DLy1eOx_eDcBE)aSBREZM&{XRmS|nELZ@N)xFemBp%7?O%tm6XdEZ9$!Qk-A* zL1DkgY?tAEF9AS%Y6l|K4noaSV8ZS>BE~sd#iT_N#O}^qG$#70eQeYh!-$#PJB7!X zljIHg1CmJd^1Pg#Ix{d5B|F{G9aVg%RzdL!k^cO>o`b85B}23$$=IX`8geDBm!|I7^({a==;sTCM|G~_F+xBh(RYkhU%U_T(GpsH6dHYLMkm^(H zOp>p+0h?qXCCRjD6rO1d_4oZjg22iP$Os;4UXCKj|ZQ19#t zk_bsNp&CW(FI%+u9VY3%Wx}^Sv9Uvyatwz99Q|?& z0$g958r1TYj(twhl%<)8d3v{}y{a~M?^Z(Wr)PizI8AZKtx63oP`P2ee*t%Eam5Zw+`d*qyS^wcq7<=!LXK{vecI9 z)j_{q__HW5&wC?xV9vQ8SpUsL-2Tl(D7da_1H5KTeNV{(9`qg-hh|I)N(yC6@!tVI zi3nJ|YXus^xnIcFU^+uxe{hLVM^#vEb85PW!)Lkz9*8zB;#P>qYV40KnD-?OM*Wbh zx@l4!oduJ8YB>O5y-bBWw;+T(u6~gtfHQ6EC~NXyw*~#qmf6~cKU@qS zGqX?T9y-;PVpbs7pW5Q1-?tpI@7)F(G1bKRYbv4PA0r_Sn_!{Uq5+e*k&VGjyp-ZV zR2}P_B;mg+N^E%Zo`0{ieCKGk-<`_YW5O#$;#E{PT!$`?A#FKUzx>G)Giy!{Ree;Q z9Bj@yX123BAGAXn(;c~D#)OTJhtI<_7^u_xi={t%{YmQSz_bG*fj0%0a?xIfN#%cd zGcr%Jd|*Mrs2#q2NiS_*y3c{S_TieZFfGnv*?ib2;?|St~Fd3KQltNFc zPhuj=+@xl?(E`j8~vBd$UG_xeYKFN?TrRiVFZc}9c7N*l(Mp_^Cv<| z%vNawS1_r>f_DZc;CXVJ#$hy~npu;NinVScXK-s*Ldnu^Mo^ZT$R8Io$Lvml?Dhj3 zP6V%*2I}Ti$ZDPhBGdUdr2_<^{f-^+xad9TS{ttLa0Uc|pKnDUpGml`;QodTDQtf9 zf3iJu^!Ftlp4$hE7h$H)YyBU`baOz`$(M5EB<^lp1Yp}0#e^zFtCP{9{=O5jZ}r%! z$}rWO?}z%^_3F*`lJ6F>@7YwdMUV<-ImNJm-~nC45w4=cLBXt191*8vp!3hPB_YwL zQ8(Uh9Xe4>+Ml5oM)Y40oizyV(vs6xG2<;2DmEJ6LbeWn0s+}Wi(<=ulswD?%GT%@t9H9i|B%=(g3UG5? zZtR(+Vo=NRsT76S|wv%&AE}SMIy>Id}-A(EQp5T zsxy?1u~uDHS5&i_>-_~E>=R%^7)9{K_)1b{RYppe-;LuVWpvHwXx1YF z@*JbdHUGl1=!a7i4NpJ4r+?YgYG{v%7&kqIXfnIEPrgMg4N3minCuyDS5s$rb!&5R zFpyRI#+8`88@+t`&+ghXay*~(jCjL5&%g())9x~Uht(9)kl`GrFZ{LzI6u?7#ug+n zT(2~p^=bWC%by20!hy}%NpF(%Skc35E;Fv&UF|&j00j`oRo=uC$SK=N-I`KOow1{0 zBUXg+F2fzB)3yOu1II~!*Ga~5b0kSnn+fsnPFX>pJ^Hw8&r>9x((~gns*VHGwv)B9 z-zjMoF86g2mm!Np{soUFVE{vL-*MgGTL|wd^PR-^?r*2fBBwb`4XdLIxTAOgU?V+3 zXy_6Nld-M)0v~=VNi)+$qylAkdG>R!+K{QrzZu9sf~Qm}jLl2*o!@So-cwihE6J(% z`OtC`k!%!o1dX{WTgEZPD(Y}^Mdnc@VV_@@qWvfPkz1`kBpOFb@m6-Ddq8@*h_%q@yCQo5N#mOohTa_leUP66Ow*f##R&kgObBQIB#Pr}*aE!yDSH~ZK-t&pD%Zjpzrj`AntMMa)z0R81X z`vn(v{~kgQOHcwGc${-9ld3)Q^)&u@k`D$Gw(;npj_QXd7RK*6PYGjvAIsj6)`{6%UGeD1I5 z{yxkGlz1{kDjN-P&bN8|ICBD|juIr=Z~~C2(RM2stm|Q1H8DSUcJ~yV{-*_jU0m*! zmd5n5!%rmcWr|<)7$0ND0nEqDCuHd4vYr4gl{@#YIcD{WK^JxN@1>9S6-V_&_o7(` zKPH=-E|6j1`|)gv%+ci@cK_lvpoDin^*^+oGAz#8ZAJR}O{M>#N(Zc##z`4)I~Smj zWC79&GWr6t?a~l#4*Y*yePvXX?e{ebND9&&0!qmM z(hS{#v~+`X*GMDXASxvdl1ld=ozh)HHw;5a=ltgp{Jm?vYw-cr;=_I2_c{C2KKmLk zxj_~^{^A|6{R~e->V1Y~V+AHvB1yaMpQ@N56%EOgs~3isV_Mana!GtYtL$rzs~b40 zLcbYp2?qZdXT=;y%!_kLmbsY#i>VTG0D6Rd%vWX8Jg8y<3BIg(N;>PlXg@Ekf6BLi znBvOh)l?L_;YAoakN#)XMb?Pk&{dRb+CLo`(iOWcQG=-*8tcI~1g?T&?^gz^?RxZp z7F!(8{ca`)>#pd>!sl3=bb+$|uPj{CDye>o@>H-6&6iAgi29Y%+RmGhH>Gzl5#p3q zc}~|l8s zqyzUju6ZXWHTiPp*n>o~wY$N*N0snJUnN=|p;9TL8U8^e+W$I?ri=Zii^^lVfVzjP zXV}!;JbY3dbq&YN?IySRlN3ud0EevI4s|sp;|bp6u@YeS>!N$DC?hZ?viUAusLLNKnyCD^br!%wKi%wyLl`HOX|L> zw585sNSl_HHnMdF)RTO*4vla_pT&N|g$DoowotJ9&El)Zzl5s%pzzqmo8Pzw$9tn4 zH%WZ{#l$5NJ&A6x*aC1CA_apXdzdlXdHx zGvE@MMSIKDWoCxSX5QB2U9JQP=}(;Lyrz7nMK{1q4%6ttxwBW{(elxAk&|AXn=3`! z75LpP#boydtsR={$G>oRbta*!|9(E_`adjb(rblUP?TJnhZl0|`5pFPN09{8J zO)(6JoHBe?^{OAtHu>J%l1}{3V|QL2iro1{`VhxSsU)BEMaFC|SLl@GOXiDuy#C~~ z`tJ_#(wUUe9t}o&m9c4kRk^bvZ!;EAdsUQ_-P0r1K73u@)f=!*#&>eL)uij<-(;LmaA!NQ5~=vGx|tP~-EYM^eUHOtUUISbH;9K~uqgEd@uUtV5FYnm&>dLgdZNFJe_$Ub>q^FYEpH}Oj zz6~+N7&ynGoNpj1YXZ?Y2$lC+nAnDdq~IUB`dUpI$_y0=b3F0ivRr)3)q-oTs#G(G zpsT*h5DLbHC;3Mzy59Ek446zEY1bdG={CQ3jcjzCd58O?%9{hol~M?!(*k2kD$(&O z)5}?6u~|4oN3(D8n^GQ0L5a-GSYh;nW2EGaIE~tP2Ha?M%-BVCgo>(J6T;g$Vmfo% zNnLqW9%l^&hXdnrMR;4i`HnY{j)LdIE!UaLdd-_r_A7eZVi!+;yyOL0?0eK^ZG2PS zbn9szdX6FJFmjpG7n|#4kzZ`4f>bHcJds98s9jAYDX@}WSc<8)6*$dD^^|P>W>k6Y zYJ+~n?na$oHc9I+z2(@O-|b{}_(jfepONf+IDC2s|BgQQw?z%Ao@%_ioAx`d@CBYN zTl!yQnp{r}f}{$6oG7sFVYBLyjtLOiT9%P$hqp=bSJj7$-Y%D1oCKX8!~M2s;F5V0 zjS*HCk0FlJdyo&OYu9H~`kCz90ncV%sKt>l5@CH_m2#j9TFH_SXC?g!$SKwof0u1U zJoB0_jP-+k*N@VLuxY~@G_C!`(1p}Zl|*t~=4}Z{+mMVYj<*+Ae7{h=#zhF-=R3du z{0Ugwi(qty4&NdnhVA+vvxHruWc>yz>R)$~z&jny`uA-)`G9;IV~Fd^WJ#`5-;*i| z`3nw3r0z63D7MImQBdPhVtO&OSdB}-W~q8AK;aS)X4Idyxi;-kl(#VNU7~bZKLk1E}Kn`f_T*e zx@yIs4));#M)R_w5x}xYq2O;o575c2F_}pNYYs_e_A&)Mk|>m;{1U(t9Pco z6=`4C1yl5j(XoRdEOW7IfN`BY_rZ1O?t`oTHe#N8hJ3N>cnx;E?4Y?pTPkh7i!!pM zX;w~a&=)N|$ji9G^E2&6kRqss-3Z~==?C5FVVPYd&3`m5hT%|uyXQHs?47>(HH)>b zJ z#g1-w>Eh?3oxeOJn5p&^y=qD+N^B9-Zkx?jUQW!seq^^KMDR08uO-Tz+w6KTXgIB% z51u62PNdahXA^%XfdaFZasZ~~SW7V8y1^z|Y#%`|22BEbouLO)FBq*Fn~BfVEo4-A zV_}th;;c_mp(9h$k4ku|0l%_*_vfvJuIJUipwIF7+(HfEhneuHGUM7MtSbS=F;3Hn z29VQ_=(*wFIJS`zFIQb;3LIi%V3ucGx&*K35qcD2DcsvyOqXexb40CRKbMcB^2kxF z$Z3K;k55LZmTjy^#G_k$mQ{a27txNgfg<^TUwt60-3`1=`tPPhu=`bR@x&?of}#Z$ zpRQNCRsg>|H$E7$KP6=q;tce_L)uD8bXvdA`31{QJqmz0NM{p?oD@NtWtmR_bb|25 zOIldK+5-Xqt~RJj;)Yj^fXh7p=#|9l6vlMEK9bOw#3P*^^~(DCaCKRlt}r+h*W}== z!I;b;9dPGN_3jCL+R+c`oXW6$ih1ol>Dt1mL8fa*W96hlcKbx0Fd(XFK`HGsUQDjw zmY}nBoGzpHfE%<*&uH4wEgSmFh0#jy2s|Ntu&G(oYu{tLEwOg8L%{E|z7ro$fBO2$ zf6KPn{4@r>DSI@RWDxZRY_Y2wH$T&cr`a6saO*f^MdiC$t3pK-h~3>V^BEwX%1phV zxTZ{wN@}CoIZ?q57RgZIZ>obYNy+OC;Y^%dQ$ve$L(!e(oL?I<*<&4~&lw&Ag-LF~RWV2=~Z zRiohD6p0Vs+qRa5wK);>TgI;HH6P0OT*h1{I%YN9L7O9Lls!9J*r61(PS#*z>wQdI~ypk=kbuIsS zBiKNJ#U@ViI~^Sr+6M{&+&)G3?udwqA=W7hWzs_9cexJZ)Yl39OSw3>SbzszXL{|r zCSNLDvNHXhC_3TYi89}V!%tCNDBHk|@PGDs$_KKa4Y0+bZtXKBQegct)8tNZH<;?T ziS>x`F$YTdz(7BHt#7sW^rN|E-@0!`+Hz+L+sTmtRc~Qa=_xujqr&ngP4Uz=QXDjG z1D&qLLDbFawg4)ui&%DFR739t!+}$*?Wim}E@Z}`S8F}~aOC>ii1C@0gT9&?t{jea zT~yeSG?ld-#oAno)JVqr1qnPLi9in4bu$yWB`?=CBc+-+WWxq3A;}s;z!5saE#LK*LevPTcCP>S#=uf&wPM>9{Cu|MVx{G#*j28-e9JHsHL{TZyhZ)wIr zz(G6p)<}kN3iS1$*8nmtzSA^|-L)@rDCd(Z8&t01_6#;xk3k;qqpNBCAXboFAb?xG zM8yjFM}uq{R-LA&+ZDF&iQjS<8@GB=9=G6qW-xMP6rLrlDBe4PA?%Rh=0OVmth87k zI1R8WxSj6~ML~U@fG{0hYb%Y9DJsF7^bS6>Rx~0v+!?-SM-ez9!#6V&p2MXJ7cFD6~(pQBmH>A zXiWX}>iY1Gx`jZSF3h=1!4qu1)5N&7Gqin{@bL9Mz&|Tvf3Pz2q{k(vwsnq>+gW6^ z(h@T~QxpEJ32Gu)m+XD00v^yMn+`;Rt@qu<+!K{s2sinW7b*t?YGP8`x!FLrH(N`l zwKo%t46I#lof3F8a9VEeKn&TmP~CpH)i8n?N@`v-%F08W#46-`!+p0oBzxFAEEKKY zFF9Z@@=-CBw*&&Ni@Tl+i=kFBE1=0N5jNEmM1fuSHYzv1+AGf_$}2UP1qrh1PM6wi z$Xw127WI zTX(635~R!u0zpi^K=IU3N_JqX&8lqR;%8ErSa z&$7kM5E~zykPH5yq4+;mbRexh<$WQCvNGm_p=vXn$OeqncV5>0+GHsFia0{Ot-e1U zmTzDide)WE%p(er;6~@iSBv2+EXJI43Rm>adWGJHEv|uzii}vOK-TCYeMdx$Ci$ua zyPSg$xA5_IuWfd_p1r+2a0xtQ(@Ht1B>jV>vKr~@LHGSDK`P9-9k2Dol`GYmIQx0I zwLVZsyH@sYVSEk}-Yi}GP>F#RA-MI3Ak2Baw~7FfjvRK=c+>mOZu#Rh|A{i9I(2?& zHZ7@l?c%n`$p}g84iB!^hjKGOBKrHVCbF{@geE@$#NE;7u=5#?ftr2LrJ5N<(89Z> z0huPWa&WL@ogX@aSZiZ-sO)!sepJ*$<4uIOz^di`fc`;=2KQM_o)~kN)Dx*E@6q2* z@%#>;;zf!g6VU*zY{}mBz`Wi~5Jt=aO^!F&RJinv`|JxX zKtaT39j_=mjrWlfudXWu>u9QXXg5LnQ445Bv5JjlU7H44X3!zz*ok^ zX>DuPb*^g?u1Ue_Kd)>4h-SMDo>I`X8Y~f!zVLHh`%XPOobIj1BTi2V2NBG{Tm~E8 z9<=^0d6%9JtNr+>KJhpJrvuo~7t=*rMdCObj*Z z6kL;YHH#VJr*J$cp$j&eGQv-AKTDL3Fr1Yv+shv5dVyCi+mOO2AObu4qq9fiW!7$P zS&+#H)60f>5q7^D6wDP+mXYR9GN09L!SGN)Ofq&{HMeV6G3o;&YtTz<9xd!nI1|bp zo0hL`c0YBdJYF%A`L@z*#SlWaXm#Sm5aiku_rA4d}II*Hro7E@z&2O{p9*o((2KpQUiFV+k1J!zdZa*4|uoHe~kc**gA zL$uadvkuho37Kb-gi3k`jzrvL_(u=}K>MWoD1+jtJYREjMP5B#jYgACi80~|mE@xo zS?U0_-5{6Ed&aQ7{y%v6+&Z97_yU{ENDeSGJT$bnRQ6$AZhU`^j%O;Z1%@@xyhBJ* z-_jVWsIKoe_6jz!LQx|sUM)LRBRnVsV4Q0%n3CUky?Oc-$Nodc-9XvRz**g|<8+Vp z2+LhYvcjDb)%SAr#;kc+)sZ=sD^jL)rNLKS5oW+w*eSotdbn!plu9QEWhg%< zo+kU~B25cTwJrvvkz2z~MIDw>6U>oXck*5^I?yClss5eStgJp1Gw4Z#TY?+9+KQV8j7yd2hf6k+$*NQJ7n0^iHOYN*>@wD0zG^goZ?L;_ zM?Q|L9(KOI#gu+mb^Z&+>i?&uDPlNH?*y>fZJe%KGRj{|#OGj5BhZfIZTn%p7N^FU zXx*MGp6F-FBdxU8gvD(&>W$1Q7+p0NLpAk-#wxI7&;c|jVIFZ$wR~iHPXz2ONchLG zg7Hfs&pnjVnFazWH_g)3`*tS@$$bJVUcX*Wl3lMc4Z@f?h&_tPPWZb=rHQ`I98 zP}ci_P(3teV^b1oQnSslXu_1-oS$tbWpFOg1G?*378Gq6^xuAVf`nu6mifW9p5pml zEFjj)82#5{;8Z^}%+u$bJZFb^1_RzSf`E*pw15u5S9jrZkW&Bfw(f>fnABUv`3SW> ztOeuZHN|<$tvd&YPeoUuDK66lE(g#;`mHT-I&BU^v*ko>ggUE=4|@a9K`2s1J;^ThYNlk*C0c{R=XSIEY_W!c_}^iisUr!S{Q z&W$71JHLgNm|O9Tf)&97P6i3z^l!A}vzg@IS=9T8`>Gci(b3&p8(m~h%^LM&FwyYF zFhq7n^ql1pW~H?okR$}V%t9u@`{r-hLoiNV($v4*43;tN1dq?)+sw~@jC*r5%5cgf z<9z(*(R}D5Nn>@a4XKaMRl2gesZBE55$XtX1p-cRkHb7L3kO$>TIu94v%ihc=yDB>c%Jq8EPCywB!#i@Hp+!l2P|sf*`zVi zR$?Nj`q`u9>a>&xQ=<82O7C9PKlX{qBDAzd4o{m~lY+fTmYUa(+V*XT+!*Eq>-RLQ z@hWBytB%rtc{N-!I;q6(F;;*Dkn%a_BqOLb`ijcyI0r@(bAH|v7CyA}Cn6R1*ILs- zJKU?^=t;v2S)JEARyFfbXCeCq#ILV=i{2lvgXX3f^DCQ`m`% zy4hSKJ>-f~1pde5zW>K_H&?n^i*NvYCz+U{~S{IW%mW7ohL+9Qq* z_^%L-4%9x_5^;qW7+tp9ZNocKmyQDF#ec2=KL?no$~k?fnr4k0As=L^@}=K58Lj_q zQ&3~{mcc_^od_TMQ-vqvTO_TK0n!X3lw!TH(Z!gb z zt`I_x`QG*~?8N!Z*eMYB7s0xo1@x5f>4$3}+snFWIp877AU-wZ>MNv2f9MPR-Ja9%ECh>ab=l{Z!finEJK)fEZexAToOtO8~ zRu+Qlndhq$pxYR<)_u9bGfoh1Bvd1`;2w=Z5Kh|nEYxy%d6d4#`F63%cvC|_{r~?8 zM=c+%ni|M)MxduTDCytLwR$%2heb1q#2FHVyVCOOcDO8oOZfp}?)=q20e|z?q>og^Oe))BxahgEX|y}9 zg92VQw_5Aij&9`lYZ;~{vxPior{s}l=|;6ovUI8Lp@O6-=oO9P*l#6L*EE;T-$6~sy z@_0W7Yt|F}oU=FPG5>(hRG-kb7h)qeNo^AuV&|_~&iTBpbr~m!ptOX40o&Fd{U=u{ z5}g$XHpMg2j;>>EL&MIU<1M6R9RY=h??Uy@JDgj5teVnOjG8=6SR-?KJDG!5Nq%vl z1?Pa8Io>mcZY9?yFIMXpCYR8f@;j{{j>j$Qy$&{~Q_L6G%XO)8z5R?W3;jl1@=j%> z7%4trj9i|X)XWhjg!84;yCvGW-#TWV z;rxV@RL8Zh#&9U1oC>9R@-+4Mg2-mbt-UY;_y^YV1^FPDv%G<+Cdpaot)I%ht{6mo z;6e2^TYzVyVnb^8xtzj`L_k5oxnB}$r=yTxn`dZH&X zEcoIKHbXbIIgS;FDLtJy%I=Dz(mC+PPNk0IZz-7H{r->*|^Vy@-ya+97UjjFJSE z{?J5}9WJXiHiO8mJu$)KjX9s*t`oVJU~v#c7yTU3i-P=WOaGeU=>KPj(ZOdIF?`@z zx>i2C$j)`97O7Cga%OLQWTg)=!TT*!&X{VjDoUc_PF?FrR_xc6^I>ftCra#U=F1$9 z5+z~4Pb_iW!Bk^S&BI0I#el&oE+i+lA;E_a@xP>c;()rNjinlZq^(*e$_14M^Lqui zN*Q8Dp$K(EP;h}}K-Qqu0lzz^>?2l#kmtv@rfz$^{6`HbfIHzGFHlJm;M+>R3o13U zO9X*B!A{%W!mLv7P_-h3?_Tm{c37s5$C5Dak}Cx2zkKa9-gEHyhpt`e!c22_Zq)M# zHAx%J)DEJ}mlhP+$&TsUgqV|3i$qG@NN-09T|0{^37A8l2bv&DqSyz5!XK%VguU zBq9|-hV+D?3^|yVE5V za6MR<@IQy=%uc(|KEouGPI2!Qki><~MrS!{!! z<&~1$&5t4mq8Y=7H1k*SWiNB&haPAf3UU7`wYR+(6DBz2Q{+v4G`b&TMT1A_-=7 z|E7YQ%g+VTZCDUO3b${QtwWbYY-0u=%rz+z1(_TgE#6qnyDSMis>v?^EFT7-8v*}& z__s`ge4ew|B}9FdM!=eJA(*a{{HpvsL}r`fcG5yE>@1`^RBo^LYGh-?5O?lzrK^ZK zR67>Gjgc8Ag&6c!^h3#)4vX%NGMe~^{HJR=U)2;J$yExR$m`U3vpE@k#=~P>tL!e-I*Sl*ZW?kU#$sud zs2Z#n=XC>2h!A~4bHHysV#{e-@*KHUFTzS^=%HZlNB)agQ*0U?TB1K=XzIF6uUUwN?q#L!>!MBxH50A!0$iLUH z+ZOP6hSd_K@z?~_4bPTt70~)gb@-LKmP;~%#zQNfl9_e66mOY7rdaOrztuV_3fuQa z{&>A^ch9q^_xaa-iMrm9Bx!a^kC6;V-O72DHv>BGu{J_hR{v zQ!q6&y0#`?1cqxO-E@wA>1n=eW2A1^x*b30$b=8d+SY+wCnN*(WI5^XkX}0Md3_Va zrFaJ{|6=+X4D$N&{A1uxhYn+n#%hdL3ndcuo6~LQxIw#I|e*@cqW-f4iOC0}{PES#!LMhyTeu6c)Xdp%m~WMk!q@ zN8YOO9bY%)`o`dd84Tly2~HzujAh~EwM?B?d~ESik&4}vUhbXnLF>DV6!@*)#a_qx zZI;?DvjElu{;>b+Uab0Es*nfSOahe*p3Bh=u>$(3tH%~Mi?ej;GT3ltrPyYc7Ai15 z+uzR;;g>4hT|L@_|)aa(zS<{aj1X|Kuc zyP&b8X)S*X5u9c3xJ;2d*oXOZYoE(=Kis?J1-_0?MetlxA`805`~$tE^wRoY(cAg) z{;(S@k2-ycSA0U-n)vx05_(@2fZUqouz+s~lLN5^piW2LOZG5!Nx9AZUo80Yr6Be$ zb#lX;hG#XnL1ktN%>1Vis-?^Dny{`%K$)+-jZI&Omk#uunW0$l>MbzNSD(g~J=aXv zW`26-kV#aJHM3T-v#kN4nN1zFfd;+$I4_l5$O1{mmglO*~Peqrm_ zJ?pA)T01FCk-j}VWmJ-!ot)Krwh;=k6x^$q7bgpKxlVm#?)v8A+;0big;w^v-&F0KSxLc}o;N}i3)5q#Ko(~BuGmZaEGj48iv0Sf%g{j_r#bXYJ ztYU*{qDLK9O*p1+mOG&@hk~K{`;4)a9kL?V)^}fUo4rZm`T+R%Y;gedztF6zDlaUn zfojHr9ri<&*C{rqx*aqN6=#MSR1MhClZQ8=cF^X$X9K{Z*zBT`7Zj6Rg%2V(BSK>Y zy9I<@_5DdV#;A!zU&~L_!gzgW?rQlw!@s$6=NB6hO2u=>(>LX8E$;uCkK@5hx7_4I zc=ic63|IK*fBxBIlvJPq6rH!O;Udwr9VqO(o zqNjIlqNt~sdd4T6X#gR~Wm?yjcEYRTJ0p!21T2`=4H1V?PA+om%!vVI^{gp)@Vn#d zXW~oS3lvY3{z$j@RR)BM(GCo;e@tmvxpbk7*mg!*^4mK(DkH~!a*OD#vc z&?T>{JsqD(5?`{r@pE6AQqlSz%n3}z=KkXPgXs&0}X}m)LU~InrXzG-fO=j=ElRPbMt8$=9#5nqY~%g=I?Eu z?dIINi64Ird=f9t!>zc;TanpAq|JuuT~%1jB6Kohpsg!d7Zje6)Lt^>m66f{pS#t% z>mKWSeRl?Jej<9guoUs*eE+eS=6t9x=OdL`eg-WR4UXi!kRURTvvua1IpAVU2V>lt zvZLRUA)O$LW%B)*j+fzI|G81ch_2%|1ZB+Oc+);P6S5xq2+6`?b2M}3dftdp4w&@H z*flUfd!$zS{M~})iowE>OH{<4xbXvNIx8bXH-T#V%;bS4VH>b2AOBQG-U4=+zvZ8* z^g>u@qqV*$?zJEi;=aEt_vw(c@g(yddarl4lC(lMhr;~6R~OKfOXT5W+us%zcWt(3 zR5x7-ZAfMC&+I+QK3gA_!N}e=!l|u8MJ0PWPdJn^_1b;IGP)d_kJI^E+^7%W>$3hx ztu(KX#fCWUy=e>W-lM7!q5(|+;<1* z11p1>rM}3y(5Ffn{GnZWuKZpnJAv)RpNE%h`w-{INYeKlgbR7!2{m6Gw~&fnrY}V# zQO;nQkt(qE^S6K_hlNh~?^ey~R^ug=O^)+DeGb3STsI%s^m_q-p+QrX;+cuJTK?~`eR2`|w-HoJC2*xGJD^YJ*`((TK<4{SKZ|aUjaBR0 zyWhc;)5l%v2L98!xf8-b165P!omUwmC!|X0B4@v1sCM`dF!Lr9QZ7@QVXQ{*d>j7G z0O3Yw(2-E0){}ah1Cg7)%-c3Cq}*~H@$Vpr{=m?nJ^B7z4KCMh zgIqF*P^L4Z)2OgaV$eSZEWDY5M5U}yTGLKwv@cTzzFb5+r)61*v)OBkNhiWc_#cnTlioeCbriG0zxR5hJt%)K9AtzT#CJ^pJw0Q~FU?+{x-NQLy0Kl!&` zm&O#8gTdq*R*+=8KX~-Dy#_jU;t@^;3`Y!vgd?`WHc4!I=xYk|)y%dr&r=BTs-{h7 zO2;d76o3ZDoqP&1z$&WutG##zg}T^v9d9S44y5=zc0D6=qBG=1z~#Pa=v7><+S)UL zzSpH!^d;`_kQv-?tKNaA0Uv#4_pd2h8+(7-Y2qF$543S~5>yL6Uw;b#{_NMW#TZyF zVYo4i%kjizYY0i*qtpgiCsgGGXUo~1056=$xzB~cA*{o7oDs6J6c_mlkGGtCrQOWf z1#ok6u?Yc}mkm3_7wG}Nxnza^65y`FYoqW*Q6fHO9TE$5DnI{gyd`o z^ky+Ba2(qjE>Bawq%*ac(q(?o2N6OQvSRC$Dvl@a8s@(9jbNo2l1O9+A(s;y(#efb|h zG^GcNx<;IR02*(4sr=~yjP&N3RRcB!zZe2gl+hlw4AjE$!8DXfGJ z4aD_|2)D)&H@s_)!=^K0Ns|Prc_+;?5sR1y9IK1j*JU*xw59?n7Pg_k7sj} z*Tezz2o2W|UOuI}U;K9}L5n_2@laTpNUF-)L(eVlZl_9sKJVn1NWoSp*JF3)Z$l;% zG~i@bQG?l}=@f|odZJSGQ7~(%soFFMbf;SmDxIUGvni`^R9tbuy*Ajt*bI$BEEY}- z6>fx?f&_o){c<%(?VIt-`Fg;f?J+puJ|9lq0B~rmby$eaCPPprQ9lNarQYLQ@D|ns zVwaElJVF{cu{2XHixqSFo>MV}8jg*)zkvRY>9ie-X;??QRs0MFwQMYZ`=vy-Am5-a z-5VrU-LQ6drf&JY-nrkfM%7h!hdH}O==RuthUE?Sd(!v2IRyiQSk8oTzH#8fBI~Or zs4LmlMWP~5-?K4}EOaHS;dLwIpI zYh#&kOL!2%;z|(IkA?j29Y~E`s}1(#bhkO9>77k$DUxDoUijqqBXoYkOK(vT%f!HO z!f^fJ70~<@VYr(E%#DzsBe{=Q=;;ta9*^7Y2_oZ`XRTlVl*5#o$}TS{?#WmO_{NV< z*Zw7pI<$y|Quyj5LF%OXb}!OJiBhyh8gTk6*NywumYF`7nYe2?`0 zVZ`gD{)H!*KZ79v4j>TsW#Av3$%)RFVmy(CbPl=1X+LaKhNlsN?Jw-&`sYBf$6~64 zY|h^Ap1%o;0vVTo=mJGR)}A?g-)_4Mepob4HobZ|o&M6$udcr(m;G5#uZ5+n_WVTD zgyPGl^hCW7b>F3R8PX5RM1;}-A(w1S*S>oTu7^+Mi=f}9A1pfw_|KG{Gv#esTvfIF zvcGmX7Z_4MJi-c~-A3UvAPIDfb;v6RSCV6R3^jbioRFp}TJHYu`8vjV3*7Bx$6u_1 z|0MyD~iH=uon+~$Ju0{b^*QC5C!F@tSai(E-H4sCi^TIc5TYt+)^gySGPwYSc{%(gZU&Q|UeYv$s zlzY-ttZgPLHg`vW%r6zrA&O^|N z!E{&qu(bsrT}4I*lHzcBI*#=ECcMYz^}H_)TAuExr)-qg6)wGyD7f5*9SH)JFTBTU zlY>_C#c41d7q`<0fIGu?AD#)AQq3jAaX8<)Ej6<)Z21=&$kpBZEUkX%KNGz2ZyUKP zuH3uLg}Kkmtuuw#NI{pI(%%Lo?}np5H>c#Mb1Eih-bx$SD#6|r4hfVnB4jE;S^;?T zG0OC^5-tvVsv*yBMS6W+q{__W6tt)S6107@p+J_>_vA@uOnjhor^pPZ&tg z2tK&lAp2c3@j^!`&>0e=Kp}rAQ6g{4frl7>ha&cKkuDtazSjTMenH5__T%#?QfJ-A zO#bRAF0R|zgc7|Erdva|hU@C`9V#1C)1YLc3U?}jRsCsQk~f?(e@tuRE||V%)*6<^ zS)(tETVr=@7os_INnLECoo`roI)%t&4YTz}oPI^m1b58-$P&vMHQJnFc3E?AwCviQm+ zUepOyqaQ!N*a;q#+1B7%(A-Jt+NeMJ5J~#?;c1mvfB(={PQE;5QAhCL>;w4ix^^X! z43nq8utDiEW`isq?z}Mkjsyy>2 z3{$7i5=nysIjMyi9Em83suONhW9_;7Y0uRg$e_bd%*(zK59s0k+06C(p+OZwB|5o0_eX+{6s0&y$^{&FcQe}pM|4(@ zIgY3MHvZZ3{HI>Lzt27OwB)q8a!ms6%#F*}2*TgeGQr~w=14GYyad8dlvVBMcOOrW8CB`ONI6D- z+q~4=bN*bPpn9EU>)o@VQ;<2W#xNF}Ta?&=o!loC2m(Ld@0Pn@2s$_q2~|6E2Ff!N zx*zqFCtJ_SVjA#D>&;q#lFTEHqb!d)*Kk)ScFeF44Ph<5hqqmM>0j`W@K0e`-07BZ zZ*K7+i!l@nY!wr%xtM0TriNz9Hd)HRls0;aC@`0^xdhp+w98y==j$atvrY2`wtsr_ zQ%<{;-HiyS<+96-voP?5zb^N-rCScKxmT3nG_P}1xF`z3o+oLS(H$dfz33&B)}2m2 zd)dy2bMvQT-jpZp(nA@eJ1 z>OI;y2|UNSH0dK1cx8RLW>(>mK0Hu^HV^Mq|Y&a2n3q(YBVBOf27$kf6z#L&}c2l-LyWK_95 zA%6Z1cIT~au(LYNBLc#K=*nqiyp_dkkr2eK3S|g({CU5I(gPg6x;ywE9DYo3A>2r*&}%)CvozT06@sX5 zV+R34Me^P;YYF`GRk44*8gh9#cn)}F7cdnP_Y}imY%Ov{K*EGVj8J?P5P6{i%2KX+jLiZ{H`+Fxuh~8gbo}=0XLgl@uZo^;Aj}GIHNrWFtD0 z=rq4893s^4#;eH$7dqC`&T2|~<4Qeco(`XuoN?P1fU1=`+q`!6{(MUn0Z+#I{>jFx zNq3?uHTs&Jo)(A6n<4e19o!O>DvE?y&=Ar3etNyma!=u>)yI)r5C3aVBzGYaMYf0x zDUL?SL)fc{?BvRqqhhe`~5-z z6ZXcH5SI?DRTH~#r@y7d!SaVhLtkn>`bYvp?7~jPaFA^v{}3xzKjL=a|H!1wPn6Nv z2~!!Me(@dwpW~+fDCEqD;yFXhh&RZ6AHT52ewxYId*YYkcbPgd;hitYYoS}+d8Q!U zXl}wP$+pyF9~tlZSb!*SujQ`FAw#p*Uhm>-z!Yk95rV#>r!&{byE>eJu<)90v$&D-9doE{TgJMOb6z1jQ?ZNa*Cjcy* zNw9|`1=HhvMsG$FT{I8o#e14^5%DH{uCpRYkg%>XR5e{aE$YSZuDJC-m9pjrWv8-= zhpx{#=?x(Gh+Euk8Dos!^thiX)-B1L#FVrDoZQAEcEdJ8qMLRXQf?fcE5N8GsY<8} ztaR73blD1`0KP{b;Qf*se(QZ692iC641GtKXXI#FOz(^y%0kM8l5A4^vUzLH)-ZHq zLmCk#dNuADK;re^;b=r*eZKZ8X>g;As5VccV`@F@$r~PwF)vt5JML%*S+pRt! z*7w1cz?SlfaaMD)H)-{-Irs74aXzTF)c%AMxn8xJ?Bg>pff~dOvP^BjG*FrXf^u(F z0IeowJS}8OnD;S=g*jh`y%w0Vjlv`287^#(6=WJA-7@6kWFU-~-r1^OEPDUvl$^=k-GSx`=_v~^Tj z{z6iOIASpB6VTsW%SOa^RPBRUzxCmc2-h|U?i9X<%+W+Fo z*$auHJ46RS>%;y`l%GE_k`G>YQWbq`rIIq7fH{D{aH#+Lyd3q5$OlezAKBD^4bJwZOnuOmaMFe?!xA<_a<$I zWOa&~Nb&PoWBKrAGizM``jELbF#5R>6OWyO?ZPg!;oP8MNxJA(9ecJnW0^VZa8o@E zSauWhIFI}5lo)KHcFQdwVZ(ghcNm6HwD#(9;;%O<4Zbg}+Ph>PisPRN{v)i{HS`d{ zw+XQZh1t1;Vhl40=Ck;xltsx&7Iu7e2FE}mdaCT>Nj6rtw4})NBI6l+L9X_b?=2mk zjhJup9qf>F>Oj>)(2MbnKI$!`5Bt0N6n;ja`U(Wu?#tV?Ir*@-zB8pAmosI-veZR$ zivpdwA)=D6{Xua?4Ro<9m)Tg?QWB~*K>tG<(+?wr->^HOo1tp>xROt#P|S*H)eW!b z?cblZ4Gg>j9SDA8ORZZf_{y^W`hI3gt8e$OJ!6CTW)MEd#j`|v2xulQeNn)0cVaE^_B zy3;=?aHa=eLRG2*W~hQ->7vhk#xO3jDQw<*3%Vp~e1 zsi7V2E@hnzdFOjqTLhV`-z}z4nI-+~nDit2A(5$wf5;#6EtZ;pkPggLn6ZByD=ZF( zWBjPb6h-ZpoxAEP*4RoFf3y}6{lObz-LRqmw55*UxfI$MJr&}(wBcn-C7ZU6DH-Za z*RcIbh5u=;c(?DFQM2Hx+}AN$-qCU=uv`67Sc>`ElNU~ys($m;2*Olj+Int&%KIB` zJjNZjHJ4hwj-L5LQXV1S*R9fP9C{|;sCVm1RjcExar;#Sl?&yi?L~mvf>#Qn^BCJm zdr!l!UJ?eTN^@0J-RTQB|6!u`yKqPo^|wId%KZEz=ik|$JwV>Lujk0sw-sX|NZmnE zdck|Fp-EL#s|KZ-IEIQ$3g=QLdG@rtlrCx2t0j|n5o`|AN`mMH#kFjI#_?2t+-m-k zTqe)BiTXMu7;-C!x_VX*Dj=$o{NNhvTtWAxzLqiK1;+FXcm23;ylF4_{Jxq2-TljI zKAN9YJvpys^_%N-FZ@o^jo68+G_544y7dwFk(&u~&-PvEIm~lcmz%8lK}fgq&DIj6 zx@$qocX`a~y_k^%@M5?|LFU=tUol=DPC!_kDae8v=`Kp2=$?-d92LQTUoIw-BDTb; zt}(gz>M*dd^o-voxGR$&7H?VxHXny|kvC$Af0KK~$Gg}HtY6@twwO`ce&RUQco?h0 z`hR47bzGBO+&2=6fGCZmgn%H8)Ci?JL_$)!8%Bdjw+IRd0|7~8G;9n3X#_^+MoTlg z^S$m{@8@~n&->T*?{#+VoZtCowBycXVz^Yn4^@!2R@4pxjmrHd>Sc#GG5;xPAvg?~ zS)L@0QZ(C8fTecDtmm)LuVM`VWe?sqnw!%M^~j~dhp!)zo;}4V$I5~!!o04YHS)I+ zG18JEcj%^&=9ohD&F2mB1@Or|9U|{fb#>VFWc4#%8gxD+tVd!lt{NqIVm?76%0|0m zwIbBt7pr|{BY(bG_Ka%#X}e7DP$*&jNQ$w^bRUp&m zOo~)PB*)9A)?KtZKdJYL9YNfA93%i;?rw!6%)?3!$^X99AX*wHz_d7i4#!UAiEUrD z7a4h`DG{zMy)D5kp#3|V>(M%TsoK+X60!OSxcDDGEc1S%|3{vLyI}DjtB?|8Kj?1* zAQ$yp)3tM*EV$T}adhrGL80*JcsZA*%rlW)PW1RGh zt%`f{dwd}v3bqWfO-crKrOm{0J(YE*%2u9BaQuU6ASw1`!($5{ili(BSoW*NZPF4% zXA)VxVn1!{h{La(igNYy{h&uAjctnwD&FnQqV8}8Oe_dnZ*)8&mTuBKJUZz~Zee+0 zug3_2`8|_7_lJ~)ZlF7=+MR{X-{PGp4E_RFpfiU>`!Z=5cD|AJ#^7E{-;DwE!{2j3 z{;av=?`4lIG^4qGV$-sB+!^cpLG{)Vb0y7lW~EII5GuyJPRsJCDB{GW>HT2FhDW{g zHSZmHM)lN82wBf9xd^5hkooVCqp1NUb zdAnL$KS^t;IHzzG{MmRahW>-X3~X#yz^*e52R_G`=3zoBH6j7M?rIr>r{p-fmWH*l zl7;ezTQKI4$k=JSMTXeoviDkOjgDizM*Mmfu|QBQOXg2u9nq8vI#LBlc&oQ4-E-9n zhR1J;EW9=P*o22pwVs|Nu2@}i)Pu!mI4VIR7>-wI#D)f$JR5usRi@?Wx4V9qa5d0<1_G5M^o8EBrSBJXYZQqON&eAL)c%AJ4{y65E+ zci!GS)mQy9pP1+W2R~MBO~QB9K5?Ulb_V3y5a{nuN)XSuaUY7S>+B84hy6C5H`j1a zgE_0=F)wxOS0oq*`{?V{EtDefx>nWd)O&Lb7czUhobOh@i$zbvB{05MC>ftg7Z+oV zwQbS@&yh0yzHU(}u%i+0bKmW)6h}AvqANaDj9J2gnNM905qW`2NBCD}@FroS9t+-~ z*F*R3nmS6u9oeu0)@kJVBy5rqmtRH>;2<4p`qF+Jdh!9B^W5QuAa63)-*AMA?`vTIY-Q69{){TI}?C0Q-Z&h%;l5n2bA!>V~92 z716HTOdL8-bGHIbNve|z5^0JP7X*l0#Q`72^W&I&j@P@G*Ki} zAzQtvOcu}9t_uuD?91{cj$@K49b(0&l}N_KoN0cJ^yN_Xj!=_Yau|^V<)(`Qt}a@np5@~j z#SbT|D6;zf%DZPzx7=p6=8<=2a{~}hdzGS*9iM9QX}n$)3p`G+j-DpynE!oMe45;C zPp_5}$Lh{(L3Z}ueU{BaV34vJk*D0cQ1Tqpsmb-mM_r_>8=_GSkUDj)6CzwyX74{T ztPg8k1W(tGc(P8+9RxjN58N!~bBN|zNjK8d2=rM^x!Mwd!*#u$d4=d($vYO-aY)e- zz1g_#?ekq%HBA7xdaPYtkE1{O#s|U#e{YS{9dkUf*r>Ygx8_S7Fw^oKL0=OlxX}0` zt1N^#`Jqg`W9m&N>{VQzT}SFyzYh3XWLD-g(%PY#1%Vnx8)H!AI7KrZi#ODQflo*xj3?_EVQrmg3zC?t6L?QVCfCRS89 z5G03=%Y$dx%uwu+a`O6^swK~_@She*n!dB{4?v{Zw(YpG6e}w$?r(0!CL6q0)eScv z!UO;K9Pw%YlgwHHg%?$RCs3T7hK&u{=T2X6_{WwpAI!%kPLI`>+Kl>$ED z*xwh+oPQEnA35Rv<#gU#?_`JB0^@Mx%ag{6g4`c#g{l36Y_g9=U^U*ko2{M+(NrI} z+o@p+S83#9(S2~D1wI#6iYgN)nKcH@2_|m23~16j?6FpNj>yi<2l&0A^P3Uq_(u;( zZ78EK16TC$@EsCR|@Ba)cu zPA#w5XF*VSvK4Hf*cn-Z93}%Yb#6YOMZuj`Y5{+2CN0`S;}F zm8u!wr4I+bx|2ovUWn)$3j$3T2X*f5;BL5oip6FEM9*D#evUK^|s1&cQ& z*bg09!&$8uR|!kM+(93{rJ#aT%(RPX{eJ6xP}=TH&{Dq>X=%G7sxZaUS~dTFzB zNHkM_Boq?{ySC7tWcEDvNlC#lOH>h0u?ooDc~?%AEhuBLgsnGakfQWpKvd7uuM_!^ z9-2>9ed|k}xrxv)Pq0l!S8t$*iT|5nXworMO*y`W{mj)R97BphPX<3qvD9XpJu`sOehn}2H`im}N$o|>?q z>j@fIt7p=6GGM+5mN-C;x81DDL11#bn`QK2gL@ zEup9KI}!G5?hZ*FRz-<(dUOf`uHyZyiI`Mn!5R^Qve>O-Ta(G3d_F1dN0K5^-gZ7> z`E5lM9^05YOTc2A>y-^<$7#SHAXL;&eIczIgEeo~udwBGKz#q;*dh=MZw)(@p482=T zeA%oN6?cEjOR%>%==z3E#7xb?i4((z-Ao#qJeTwIEJCZfT|`DU_&abEyAtC`t2~*H z4GY~zyn`S92zO`IZpN1Nk!VbxeG@Z{FEH(Sw#{P(5;4=S9NG1OHvjG{>Kd*yt65Yu z&T);LA}5*H$!fu@cz0DjRkagZefEJ?cl!i@D^gzqf90BS*wRS-yZE1#O9PanwSs>z zSX^@gRu8#L~mzsNL7h0eI!z@Yu)~7wU{28K{pTd2I^N#;wkQpYRUBH!HlK zzWu4^c~`+Rchm82NfQ3M@rK5Y(lp`|3>^C^Zg|c#!jw(@&MfL6TQ`L4=cA8b-&H=?} zSrH3%AdKt!Jr?&&_#eAW!F^MVUn%Po#hQ$-O(q*R%4Rc zf<9pn+ys~*c?4B^tc>EKH}yg?*-mTx7N1^wf@fZyXGdWri^fy#SL=fHBYPTNI8I3S zwQ+E37TJ^uk+Nt|jq4yxSC$_oW)>tQ%l!r+;ap$-+0TTj+i**WiY}U=?#9Qxjo$d{<&|R7*4l!nQ zf4#Row%nPBj3C*@RFp@ynV2j2sI^{h9!?fw3a{9lGp9Q5Jk+T@w}5S{*za7s6f)g- zwYrHOu2KswMbetaERQ`7++J48znYmPtIdoZLoFss}?+M^oJFCPhacj;n?C zK|NW|E1FWzrl!0J&W%>DH7)EHgIZZEtv$NNAdKrUK4SJP9w&BvI)Sa6b$5cOA{Wdn zxf4yk(N*`gQ5&1ohC38!x+)U6{xh9ayz?IqrLRNpY`6F5DDDlXHTth&a!xZ-JeL34 z=>F%C<6o+n_${j@?#%vRl-E{h{S-%0IW;*Bp^NovU|7MeVLO+(A-uS;exKrH^eu$-}jbu~S%pM~I7_a3a)F1ij6p=!B~62RvzH)euKo zm9ZQYKZ}_AD7>OA-dQmn4)Bx2QBf`?B8|OeGtbn;ozrkcz15P)su9LBn@7Jw__x94 ztLH|iWQdPT`Wx-UN!%pzBN5nj7Z{|ni252o|4kPky-m*jTTv5kUnqDWg$PBrw0 zTi|JC7?HCjXR{L)-^UWdu4!k)aRV(-I^O!;?>V&bFT4=(7eZ--`8~sOGMtypCr_j{n+5=P!3{_sAr*w3 zw2HAKIDd4Tt_h^GBiA*mlQG9!yx77bIIx}uXonLPw>tn^w;f;A-QGR}S2lx#!8A<6 zkFB~YANv7!!u~aU!VU5k#B@eog(a*Jnu#^?6g3l$-xGtjXB_>R5NRB)#zDFYq)An! zJF;YT#-J7|HS3>jsjlyNH3wBHI(W>=*4JhtW5>c5+~(6T*~RnE-@77jSlN`G0D(eF zu{aZp3sE~$SDz;W*TL|^zi+(b-}G(YVO0s(-nJGs`A=JyyFx!8lpI3 zjx(f6##)IK%eypj<7yN2lIP-(ZW^>6FT>EyR&p5y@Jp<2XaETHqYMHRQRKoe|1Mpf zdF@T+*dF{Pnqho=#)~iH^K$FYC&43yi*<9KSY1Kvrsu+wHO4aw9-oi$J{bVBtqJon ztA*zpjizAZ3^>7o9TKt;?<8>jY+YhOpe-m*JXof+2(OivZ~Zvl!?H+3=H-yMGZzFI zGqj!653EM;!`hvUhq}6Wev@<^X?!||;=_MX@P7@<+~^wn#sB&To;)XAxN7Mh-Ok^Rxi3Ng?RzTIjw z4~XXww74Y|Grvr1$i(7D;$54~1U9o6x}bZ(uVdaouJXiM?IAplWf-+y*p};rD>_*1 z;x~-QXQJq{<%a=1FoK)l^Y6gWwnEi12Jw*d0WXzk0sv&xfM`|-UJf-b* zMOQV36jIF~b_c{dB9@>F6+Yw{TL!g_**yl&<^vb8#s-Q%TC^pr};_X>J~ zLHKc34C*>k?jNa^>bb1mDe-D=%)khKe?IW?mnC!_)u-;VDSX~zIIj0%L?~sVVTbAA zLG1dt0u*08nc)brk1jeB!2=YDee(6N1965zZOWjKFh~0{Iz2tTH>J0tIf=LeJUie2 z!&N%X)X@XE74~$KA^khjhr5tDc74mg&%JRo5c@~j&RZpYtx`g3b`CfpHi`ROr-|4i z`6;lhIvjxByO!rVzxlcSC*)|_hwz);n_vdPGGGoG@u6vCk&`V14vlUmy?)^2=5zId6Lkz^K7n<9?LcR8g%C@JNS1=^J z3PCsJ5~!Wp16L=*a9MUgUU}}goJJ-Uv@kOb#1g#aA&|J(N-;2zjGAb4;Dt7W*}*QR zKYQ|ln8|^xw%j(=$p&Zk8XmXPZl)~B0FTIwJ07}!qH-P-o}2Rip-WATISNei3iw2t z@2aWSJg1>p#6NIL0e@JGz?4&nG1WdvFV64V%<|ogL>bRc=VICw+>GA{P%{KgxmVs* zuEDQ-k*mV>Qno%;Iug?`NyhF%Tl&uT)1ypr4&)^1hYZEoDfo9x#nrAsxEKnMJ;;kZ zY+VvmQB(J<&Lna~u5cH@2jTiW6aF8zwuC|uTo-3DrVAtZ3%wYlv~M%f^*s%25dfTB zh`SHH=@Xj}S1{ij6Ut`K8mAudBbxD7kXK^)3AaN+id{P|Sa|j~_N#RvW#wUk&JNCT zppck*>G-zDtmoRqySio<%csj`H%~5$7;nS_XIA@{6q}s6ppuhaXC2j(Ro=9v4$=CJ zmxKT=-Tn9AsQC*C@-hP)AfIR3QF)Uipt99!c)~dm9r)WUm!nWOROZ>kh7@urVKrEm z|6VbksF@nnJ-A_@BzhBFrH;NW-z=N^>Kij@ElZI*_w#d$6trk+8_}ZBIV(jSJ6sd6aYNyJ`Nwj43vC2P8DKMPfA)Klx2N)`*ZO>2PAM^Q`bRa zCro4x{RK4+!571l8S_BaVwpaN7pk?0d`2RMFkQHLMoN$^@ghck6Wpkz0b>Yii+Q8A z9I;cwQJBdS_%h#bx~0yD9Gsa@vUqfFfBjbG!|Pbu`-@yni?wS<7i;}}iw(5LSXidP z5i;7;S>k?lfWo?MWI*EF*>E%4IO8uwVE@;6Y$`|BxIg_7e&&~IeZNpZiUG%Nb%~Uu z)B%ebr;UQM^m3Pn2}DP!u@qeu14yx%=f$*ZdP^{J&g`5;i*yg-rcHQ^*hL$PNegOx zY8tMF9y@`C1iiX9@@g&y35PgI3Te$zUDBgs%SSTIxgd6@3rvB*u8%w`AO&%Q=SJIa zSblEP`bbg2Zk-y2aKER?7O1&+d&ggWk<;~L&L1L^I~{ZGbjihTfVwWqpCplG%k04v zY07Ovk5uEt3NJXkazxxkrca#92&u^!Cxld36Jp#&ids1!yW;amCdJpOqV5}X#Ps5~ z-`;u!+lVybsBInhOK?7*QSFTrt=Mq@8o+&*xti8^fB$;=2Z2=!`{Ul+wK&T!KN{~i zSgrg9wvB?WYvFowe8g`y)O>_1&L3|`ybLSD*5d5pUXe2%nX*XMP$I@#9yF)t8K|Qr zTnc8`DSQ_EkUP17@|LH@?w~W&TbuBZNatSJ1%M@WvJO4v%yFDya*EPsUGP8{qr}`n z@n79GfA&e;m++B*C}ntplUm`E_jIp6db$<;KG&nU_d&e9DCS|z(lZZCU56`G2U(fz zVy6v|r$U|R*(7@lM3GlJJah4b2fCK1<8lLI=V~o_g069al)0%NrQAE4q-I{i+dho^ zwE1lz;r*-2@oCC{?{;hSGY5p3d%sh<_A)f*2nPk;eBuY8%3Z(kop(G?;Uc$=p$DDJ z4~`@S=D#d`&sFn>4dL6nasHDH(i%5^ziE7g#>^#e@tSN|8xe&=Rp|*T znrgAHk*9HAz;(mY=I_+j7<={m-jd?*<(hk59hJ~eNH6|D&CFr0EGh<~FCC*i9&-l&*NyGR65*c)4J)ZwX^H`ZPQ3uA@#XlVa z^#)ptjYKN2Xq7*Jc4~oqbR(2|?+U#EJr<+yT>oi`NHgC2^#zPisnLJX! z(M$d2kXz}(OS)7uo{UBLbfV5kF@e0nDNhE7k*MTq%t-p6W;^o>Y2)^7-h{(JP-k8y z5wJhG0zq*UmoLpTGl1HI-oj&&M{=fp$2psRBcdM$uQuvHlYaSvbw*;S{0>ZaKLl3q z>Gx}$pSa$qj2BA^ntxOv#PYW2YAG*RSr3mu_q=Jv4ewD~ULm}jggChMfFn!zX*YF~ zhdc|!4U+BS!YCG1+gnfU+W1wI0w&>q;&7CsmMun78>@C6Oms2j7I7Bg_w=dL&m~Pr zhwC-6-}eH+_%kdit7C-yw(rL21KUsd)zt@YYz}`tbed_vi2~f>iZ$aZ(9yp;Gi&kq z67=8ijTP6ET)M^q{k`9~ps?FNf~7rdqZSLeY4j1#!@3`=7`70aj00hoJDwd6AZxnC z0>4)8ndBwBEzDakY#ZKd;9xOFm&wx5FHS3`k##2jMvo+jni95|gMGVfd0WKy#2(bm zc&U`=kt;U@EgXl-fJedmVq)7vKz3hB$vgYj?lj-v`WqSHjesSgyxQKYajN$(lPOQ= zK$01?+;=c*?`0^0eO;OhFVZu#$>oJpr07;Wpq`kumN7<6*`Z2e!J{^OG9RgqA<*8L zb5hK0{sr`ups43DD-r^VR6ls!wB1|Y39L+On`YLFa^n{0jQ$(23+2@;Q4Octgk=3v z%k{UL*|sD!x8EP*34ZJ8jr4y9*RJ%jN>E1v?^Tu&v8kUk>)T`|-qF`DP&IP=I#b;d zuhIc568_Y=?3qx_K);?!o7-|e^~;}A{S%MvqL^zSbtLu^oDK-*?z^S%9iljXZ=#0NpMcrT~t|JLpbJ*fxpB{cT|~dS_>xeg^I?SsU}a_PT_jWZ84c5zqNLr zSLWj4Tk6a!Y+5&i9}RuV3vwhic=> zzb8}W+}PikbE;iN{{kE6kCkOEz+n|<+Pu@jsgv>P&GI7gAZZybKUe?H?Q@2qj}#cs z2r~C6^^}HuohYzNgVvS?Ft1K82-k+6wtGu*Zi-V>d26@Jcu-Tk49QlQ+@6kVat2k+ zT+?(o*Yo7#Zo7$N4b{;8RES$;S~8vlfcSVSV{*djHbXu6@5_44G&D+*r8v=UzdS6mI_m&3C4en`igr)uPVsF|a zJXstB(!;m!OGQEu#BVN+O?=lD5S3MpzRyS`AM3mP9d>`;c>dqd-E=^~d(&D^C+b$v zUukoj>;gM9QA@~ECY?+sM%{L_o8twje?(79itXK`RUBR-S&gjw3|v{(wua1$ouW3> zFkQ7{HQc>b7`w=yGgg!3pM%Dvx9={h#1ZlAse#M3K}3*wRyX}Xfc>w^@48y|SsV&O zC*_hsPa=4N$W`iYzHqBVLAMSI)%99c7O4;()ivNvu+I9FhSN)4WyXU z5qahXG~Rf9Zcm*TL4fJ!Uk-%k`8e zyW^w2Ns{@qQ^3%S`7c28fdbQ?`1Qu;a6qMzjjnT6d}Og=JUB|)O4k>jN4cMMs^BdY zhu*RsW(rYq-$ynM!hjvIQP52p6}RybqQX5 zA?iF?-j<_<22)Sme8{mw%55EM>avPxqt8A8kesg%&x+m3P+992b@F6~8M!C1q=r<0 z0NMI=UTI|TL-P=3wj3rYAz41^oRev;O2+}4w^3RKtw@v13Rgu&ln4dTz*2+R%){C> z`TrLHOIrnFW+)zIf;gU%ahCHYQIgR%6e-}>)qC1YdH;LJ%QSlqD^Jc3w-*h8_V_-R zlo(;VRfnkNk&_khc&%8trJQTA(qY269DT`>sTg}b z*M|)}N3Fw*jB0G33(?|kIDMk(h0OV(tc2v*V&XPML&Zk|`biqyXMNkMmYlDkZ=XI} zl&*a7I+dfQb3H||!uMRX;*$0Gx3&IMEF6?DV3^mdY-ot(A~uf8;|O`>D9NJl{%14E zCHzCXFW^N2m|@5aSI!LLgn)yCQDhO%QkD-043}{w;J-S zJo5S;i79k`knt%U(|+`c7R0{Ta6;}Pt1t@9=S&^v?(*Q+O=RI-Tmu*n=w{Zzv}+qK zKWi?aj;Qm@Nud|iLvNG9x?<4l*P3Q&-v~kVP?mwBNAKjQmJOonsRBnB)57SZXG&y^ zxMn^_WndD%4*rCYlzMhC#oyeGdbaAIJvZqf=fB!|d$3{s)h9^~3Q(KLw(y&!xI8KC zoP&n7g=!zkIN6gqqNg*2SfW7|m5E|iL9?%9o#yHYf6Vqh>$_a`cue(&FlqSjit~n} zz=e)TztVYAk~U0q=j1m)Kno{gur4!CQN$V4Br6Dvf}fM!O;IXNcC-JRm5 zG>knDtm{N>q&VJ9JOKTaYYj^_j`DiQwI$A?aK*M%`E6+-wyEL72|JgHkmrgE}Xj$8wi}A1vPb6yscZ^2`nKlTe zV8eLotio*4&`eV5lnJ+QU1xK+5U?3Nnb#2USLE?VILBt&6{|%Ai;*SVAK*Qil^%NU zZk8loxB!1m9^s=Mwd$`;t_@ljTgJDH8fNE2tLL&gBHRnptOv|&Ti<>BCwU+_KgwSK1$lrUzm+!e{%4{N))nCC*y3u|m?KUDCca{JFsl zo9<1|JEv>S-9O?hUcz zeu2OmN4{^lUA=q(@(5&q=c#eod$&3Htw?S$eI4z0V=hO8d}k2GRx^C-Qw8LyBX=vf zVKzU~ww`yAeJbdEhVb;|-H16tlD48V2GH;`spXS}is$wtb8%Y$J{V~eZ8{Vux4BD4 zIFO(P^i`ltQkAM*`bF6-L`ay(AvrGDFgu6F?OZ$hSaiue23ZDJO|7}JrIS440M~{W zWv0lJt*K|gcHnj++r?Kbv|=NYyLF_M`uKdA2xvbIpSq^Ib*fmT!Fa(TD9x_#^JlyG z8L~tEr_9^*QOM{=PH5wPmpxz4y=+)V~BVt9~4L}&Zxs@V^MNzA7S~0ywN_z(1klhPf z=g>w|_;|yzR8gW^wp)|3{MOeUxg~|W=pk{7gm*y9Sp)Ab!g(9vu1YjOmj(t^&Px{G zUiU6$nDKs z@beO&;3Y=!nuP@N;alUMR|V_8c|1#cLnUYmm`!{)dtCy#Bge4bdRucj6TT4FFS$Uu zmU7afZnearN-}GnY)xJwtvy$9g&ysUBbP03)UBd3+1R@^IPDbQodP+gHP>SG$E-XU zn}{|XihH!1<4Anel(#ybyDo zrPowG0u4>UzGFXWE3A8ksdaw7-;)s@Y-c?!CILNoOYx0*OR%iXE>y@tj_cm9-y4O@ zU}&_}=OV~dqMgZ%c(^;Um^pZ~0`M$p=YbtR`-`WEY!~*&yoJQ~OqeAgW5{7Qj@elYPFtw)-k+O@DcbH&fa~tNdDo8(QD9ozVTPC)f{WvN&T~y8 zcF|;ANf!2dbWLl7Crjnm^SyiL<+C$SY;amWVGd3kT!SB*UJpZj$GkHuJg?DdfisS# zSNVpHXE$;G{x@0y5%a(4AFT&;W!~_cmS=5Ycc4ED`;D|IB_BN8BzPP-Oi<_$Zb1-k zK(&4gtAXQ1VJyL@SmnJnw~vL|)b!dcF4xI9BU@X1O{@>zdtz4Q^fY4m#&O#4z$?~@ z2e4yOk!NtHMOM&d9;`M6IB63xUPf$FNqg?v8M=(k363#TuX|61kD~csZ=Nh@cV%W= zo>hq(yl9ptgXq)ve^sS@?npzBH59?K=uR$Pf`V?ciGRg(5|`iA;1vc~Oh}jSEd-b0 zW5CpCSs~s62rd>0O#|qIZ@6zLL0}i0K4!ObGT6@RZ8-XIZsF`%S3?#c%`QJUyeWD;G70rc_@+QGYcgVXzOE`0c^NZ(~W)|ZLQ zy@x-rzR!0M>0|^t-4XQC_OG|*aKWifp{ZP&7LzwIR|Y}o%WD&7zAOa;wX%xtc*zGS zcw7;=`4T3YzI+H4j{{1R#}wX6Tb~&Xz3^d~nH~~nwK(PI0&hqpMY0pmE2F32>#gf; zK|&bEgsYo(W=rSl6LH<~UJg;KNeZ4)5i;Iu!{a^o-^e?icx-R&O8B^J>|UzQ94`c` zTv!;;4acBL5TL*h%u=q-D0%JMBrl+RR@Dr)$n3Y{c)@E?%{0K`-1+j>f=udYm-2D} z#n^dA>X4kl_ctp;&_2<2;{~ou^O9KLInvU=v~-Y5)!2PZ*f^xahEB4!*fe+sx|8;; z>F*mv`*&3Ji+@>)Mx6XII>tywXG~2gQM0k}%8_VeVDa>QYPgG?KQJrxi{32nqO|dk zJTjMIzHw?lyPnh+n3g}MRtw*<@7PKn373D!PF|ZF-I>hgujVfQ>$iCnGnnHg!ZO9v zq)7XTwv;!slTT-|RlD;Xdnf(`e7*DTOn&%IoL9Em6-_Oq|5$ic)jy0akffGH0qe`4 zwNZ;kupvK7EzG&QW>I+0&d;UOr=UH&W&o8aKmx}>=q4y<2X`!gtkgEaHun<5I)D`3-nUFNM&vAXSGnb$l zbWAOE*mU7`0~yHE$D-hR<*XA%%* z$DF5*zwp`9)$MJMO$5gKAd&~8wMAS~%5*zS7f>$RH~~#eZz-x7eRstI*FI^^=LAoD z+bs{-_4e)P1gK!2Crp<@8!;ke8uf%&I0IBwZ zu!Bi^d7fBeJ6mw5RHy@y<|$Yu10_SNN_THKprcz@R&E`UY*HV!P{+1(MNqwbCKLAo869bbRs*W zbZA$OQD=-G4!Pk%3smaUr#pCWarUYHZJNdXe^%&746A~#884!a*ol@bPx~Gh$4q+| zN5PxY(#JCJMx(MgrLW+BnnZXm>M46TX%Yt>5%0hAd^l~`vFJ^c@j$@gb-smCr+Bqu z!T>&c$U`s>tg*Fi7!|{;B;bO9E+&~U2f*$jYw7DKco4lmAc>6Z9z|UaS@S_p%uFnf zSW(O9a{$4;g%Im3l+veRqJ92*nCI10yBDj5vk&xZ2XmVz|G9|~_($5;JjN0?S2#flkuu&oxIL7|6 zqkrH{;j2j@oI@Lb*s>ry78Xk6qbQIahqd*-8SC#ZZTgpDUtMB!D?0*iQ_{6Qb1(Xk z{k5G`*0&BdiX9~qLd znNjrO$y+Wvye#S3Xb_`#+=~vF#}1v1io$C!smJDXDHh%=Rp=c6N@Idz-<^q?2M_JD)8)t&;R{$tlTZe+Wjtgg*?&Q4PCYBU*l z;T$$+;ssZtU67*G`8d9*AMKW^iU{!GNE~%Ebp>@5y`$ zTOUc|iQSSy81S>Ce7EF^WSd+q(_d7$Z`PU4w!xA>Yi>F4%&Y4#JmWYynqDsT>tY=- zfq27WyapOPfel$lw*0FrXjtrY3@)BD$Lpr9ved;6l;6s)^Hk-@@jM z%(rKDDLseV?eNq-OFWpSuVugGi^#+s^5;Z!lVWja*{waE-}oZ6>>{d)Ds4|fU6cQ3 zVgBc(d8qQFHst2neIR#_@gP%Jekr!9#f?wy8J)ru+`LhKNtn%yT!6eiYj6eEl^u3V zPgKww(9BPRv3<@3gN?kjwB9qn5TBe)&Z{9CH#~U!j`iV)i>!K8BIiYuJaaHOW?Bc4 ztaEGnUT^#R_;_ab1D_bw(Ww>?1H{N~P&5LLnOSIpr7`IFVd=xj`p;=2%6Ov71){+kN)7^JR>$P zA^GCxp}Y_zj*kGfc4F%mY#(h)%sVw8NW+UTr!~DOoe}l0dU#*LgCI!)e7ipQQtWaF z#L(IcHEbz-onTt>4_3!f#y`Sa!KZIAQ74t!nsxd3k6`(KPq6_l6-;>~4iNp&hN!0J z5u9i$_w;j&D)g~+(C5>xZ(n;gDQql1LRktn&U>P@y24c0M|BU?j#tH|Xk;sx zh_FK!V#);@IP%V_Esn#(`8l>dy(DU~YjO$2*4%NG6^VL8%>%x|AVzb5`VfdpSnyZd zpT=i10XJO6;O(7@{$^Ih0tA=3B-SH}LBeE5WG{!Qg2hM>*b~X;?~)%;Nvvun2<}^ zowk9-b+GXdpW9|feuxTho%;=1zGL6+&&P7ry>R?eNTo&gMINL!A?>BUdaPOGOV^ndj~?Pgb+%)NOk5)j%-$VM2hqcitl8G`a6iCOJXZ%S z4hp%4y!v@Y%go&al{^!vp?RJolFwdzQTwWeXep)2cck)}xVc3$)No~`xG_s?snm*3 zN+q&rAQ3`5Aa#NZ{o%pra?xAfQK))1~!bjQH7Y>nwoQnOAZKd^K{eJyR6c~dJ z*?26{NRV0YbkGL*qTbozGiiWjsm2NxbN|#$naAZlu%bD^g%wG(AcEwSJI14zgW9Pnu* zZ9cCqPZ;oNdxS$SN#VWRHo(33V<&|AzN9-tb=zZ!-S*dwJ7h&#shQ1tr!j3iY0ZC4 zWV{-GrQ+FUfjg~*-06^<6C7i0;S*+o*<8#c%kMfFa7z14I@7cSTKqwRUxfB`yOtzk zvXEV8>`L`J(pXh8zC1>tr??Nh=!E!Lm+a(?a7pM=qNn;F)iT|A`fIojXL_l~7;H#a z#TD6(i83bdfw{xM{5-M}@f;yX2VNw|qRs2< znAH+XiPT}KE-4zb)v2gtmcFe1X^jb47PEPQc$TWo!E7Fi>JpxJCEm&SbL4UU(YIT(=f@X&EAZN4ipDZT@U?M_*MXT2q*4soo2XRm_^D#7sf9x86(- zT1$@SLSA<^bS2hMO1&mhhFvdZjatgD*rQQo3}LFr5u%cXHzCK@LP}|mrFYu0`~2r- zk-^(iJ~liyIX{KNao^(JeQqqTHEO|Sl|tO}VY#9>VSGiNIHroS_mh)q6>CTZJ=nlp zZ0r91or|z#AQ_d{OX~v#`Q2DnzRBAyL^eOs%Ud&7dN${>W73;BuQPOycxG17O#|im z8acs^y}za#fY#o#ozn~VYq!PAeLR_6Q895^h|d{+=~BoCyX0&12Tx_Bm}BStBnS5w z)3x*j_g^_AKZdtpj8T$Av>nN(?Pc8eOFr9BOq{Ld-{1XtXRfPbS!^5K6eoRoVAgr_ z+w7V~Llc34HKON1%~$vX49zVk%?H$T*O0E$4tOWfm!sP!p7v)tt;fYC5%!dKkz|$Z0d$A@D8(oj%TGC1hf`!( zS=n!_CzgUSmLL^7cLQni4=_ftRTT@c`sk)!RSYt|C))rMf; zcJ;~bIj!r$+|^0&!%n(|wKd%4t1`2WYTKlp@CVuZ$mhUvJlMZ`iAsMb{LeRjm^tl8 z<5?#HgUGq2oAtedoWk)H7l*g$rls6%RKLn;Vb_B#9QA7nx!>~SJ&!}ai_+Y$c8p-E zEoSqZx&n8HSX}ln?LskBnJad-kn~H@CpKKRb=hE*S2<+g(qJ_{JtI6KD;2HB!Xvu% zJ8YLoc!zMrgWaM0`))hiSKCag;~}+^BpD(D6$5jr-E&{w4;11$zplH6&WytajS?wV zjW6k1zJrW{g*#i0R&DTaVLBJi4%lH%yt}7EcPcs;PA=DsPKQ^wTd`oivy1C~VK=|a zudtFBax8yH$yA%>|3J?lV*+44H%#AaPdi0|Ni=h$&hPGAnJvzQ{_~dnCObXh$8-MY z+gO+3MeT%Hz-oCA#xVp(Lqp>hQ6(M{(S((!X?o&=lqb<8R5u*`RGf^?<-SRim@^g{ z(a`4pvdrTunH2iMQa?-X`ExAI&v~RNsYqU$zR{f0AXLqVLuIj+ z2W{Z_m8#yhYu)Cg?b~^Poqe;@kY11a&07A6J0RoWnUEk09XSY~ll+k5xbGRPk?|PrJ2Y3r)y4mj&O#k!Q_10(B zj~Cs1B0hU{7+~kL>YLa>J_N5UtDQ71hZ9AZwy~$ zdPH@4lgoLazL%n)5t~+ig;}{Kr*4Ns!|1J{!wI0_xvzkpmXhtlig5y5q6tQ}L1QlT zj}RLa-+6cH@5>MJK&7}IWdK=7uCi+fzwRV;0t>tK3-&pkdu~(yku!f4Yg5OU&Yl{R zmE&DXrIGIzm)#v_Vp)!sOv=2m10gwf&%!d1h|WwT2{-~HeD z0Zidtjk14sgsO@y?0++ND@;Nmh4x=gprm(ZvE^hs29 zq!pbbPVBiRT$2+Z`5?0k$#38#Uk}^tDrgpuev7$SO!d!*QG(LX{%kuILkZySd<)Cg zxc{2*W5hgt*3<+2x($TvBj`+^Nyj?zI-2Jw?iZfOcw(XQ`P{T9c|F&hnZx;G_-elJ zvaERkm;wBH?$v}1iZf^)qKd2@mf$NKXz*dtuj2Ozd8@#TmLQ8BLj~ zkB}#gd~gil@U_oRpW(Ko7(k3UB%pk@7q@@hF(^;U5Bp)SCn_b?*0cUFQB%V`&?A1V zAppzABQO%-!}zAwbm8>3+^3Va|JDWjMxjtP6Idg^4%hL{%aolTCm%zWs&md{;%RTa zx3ax62d@Ej&KFj(sM%8^kDS*{Pg%vi<5T4sniGWK6h>zaSPY-l(*DZH+2>R~0gFOO- zT%QEXQ8|wNAF|#%oDKI2A4UhIwP&r0y`nm-7_~=>>aauY8nGn^+S;pTYmb(yw)RR8 z)E>2}Mo5S))re7hlsB!<`@Yxr_xs0{KU_G@^PF>^``qU|`TcU-q_h7b6{RSSF;{5$ z{VCah$f-w7Iq^Y$Pg1EdnBf7M&G}kiNA>)x*U>m#UMF<&V(M*nyGpByMfIB9UsSUv zgVt@MPKldkv!{2v6V83#{_fnuw;p2?xWI$C!551}*;&%Hh|w4sj|a+PQL4T_C>~pV ze~7v#DWP~GcT{*b-WmZFP_P*FRg2_mIFH;_+T}X~Ik+0gV^-((;3$g$;RK%Eb-p4++^_f~YIQSs9 z@txQq|A?{1Z(iHtpsxAN`?8+5oo?C7gRasjXvi|YBtc|ku{MKvj1&*b-^w>MaoPA* zK61x3hbw=6XGtc(aOivK_0oxw5k%AO3d;ZY0YAH)`?i7Vd5Av-WrF`k`=%c!2QGEp zM?cvK;|wniuDZ;8WNNrhgS`qs3=Oa{IE%Pvbo)ggNL*Sfjg`K6Q`*ITr$5a3va013 zY(qV3?zA*O@bxqL_oa6vR1Hy2m~$;#7(4b^r-d)B3Rdw`I(Kv)l@vht8bswh7nd^S zP`CvE$VP)2qU7SsDZJI;SE98~G89m96HJ|h0FdK(|M&%+UI0k8b&&*1MReSn5lcl7L6Yq5aC zaSMGF!F4tStnVYB*dUsUI1_D+@w4# zgrwo~a_Uz+45QBGK5q24R}Rk0R|;CUGe#`=!8e{kMrp=ms1J|G(@K%j;_R*?cU}h; z+Wq|MINnJldpUblX5DevMH950{k3zF;oNX~-{(xEPZdB951Dj1P;=OLBU6mprs-XR z(KOY~r3D52j|Ud`SQ^6uts{Uh4kaL@VQAv#wr_0}Y&P0Sk!C)yj>%+&jYVwzrUM+EzE`#@tBZzD=3ZGBNaD_D#L;U+!HtoJH+lH!kt>6`;sv;v|db zj#E+a7Km9AiEd2kDC@e*Fcjq3<3jljz zz)9McU~hP>tCYDZQ;cwDyZTL07Zc1~7Ii={jAa2@7emSVC4I+CzcXzYGA)?p$UTD= z*b~1*m%1Zw1~E)?P!XFDE2#5!GQ85$Cl8)7!Q_@D8hSZNftJ*7bq*gP@8=MP zeC)2p-`#?|DJOH^*Xld^sl&Rj;K4>Zm{ffETq5V5TDXS6U`YvPtK#cnH;7E({U>Jy z>47MN&8ms^$@i7n(f1j-Nx|M$#JBcU!s%v<_*D+>Hz{Q^plTl^)apRGSX#VvO~GJP zljoq!yZSx=rtJG?EPjCo!T7QUkkXw|K!5CIYrz0BF@hURrXk*7w#C@Oa$E>+I4yj< zLS7Xv`gzBH1Yb|FPEdgeJH|K=}O>`@~O9a(_K^?lL=n&oj|;vnkpIy;)VgX zbx@c=A<2*uo~65pwq|$*U-+i5Kl;XBs}3*zX&wOn{b;2dV*eLenJ<2V@hRY+xJBvO zl4;ybkUeOrzfSfJc1xS>`KGRKv|OEb*UvYV;8?y9O~JSXV#{3aUHyUY4RznO5rJDRLT;`|1asO>TiYQ*Opf$UJ>vZn=4t_NPOp3q(9)lrm^Y1Q<>oq) z)P{XJ(&r=4XWm`zz%px?y`YM#K2MZ%sM6*&a8ddneOqQs;Vqj-#j z$$o>qTlpr@lSIbSgRr;Au6hXmZJ{O6qXW;Boouz4EZKJH85ahr-dQt|#s(#p2UU5BEuI`LLWOacA6%sL- zSFrblZSRxU(+8c^=mRK8%R`DP>&iUHxTCVBSgvnx*6 zEyXSx%6~)py5fUtO6r^YPq7Zcr06E6qSCX~=k-Gc6Jg0%T9M%8>suPmjctzQrHH>9^PPVogGzlNXbezBWy~tWP-V%d0#7iHgi^J56iTi5 zZ2;U8(U51^S3aMkN&1rAxy{ru@) zJ1c075^x;m;q>|wB0~t#o8&2D5;EZBedxfTh(-9hOedv#97jD45pcPmAoHE2{jFV( zj0|hU*meZHr#DoH*wSV3zkfOP77lKGIF7b{L0K|>9Wfj$)2$&5g59QgN#NJX`Y3gE z3O^jFoTYxN=9QJsFHMOHOf*$bUl@rf=+*=gLo!=$Bqd3 zw8*Uxip1Si4YUz9NKg*{1SXt?HSDnQh~Kw$4&8r_y>`9EJV?1H>U+?d&gv^8u6+5b zZAw${z{89jCsAw;XrU6=RXUbH6VRct;sue4+%G^Ve>5JX))p3~;tP5UI|l;Ubms|^ zrH$QZpOj0t=1yHrdCLkX7n|>UmlxVqC2}xqncu2?T^IA6-6sMrJ!Y3yH@_#%n@iT#ej6WuP%Xew>craSMOQYTm*vFt>-!%B4CQ4rPInt`Qt%JsAd;`?$}cS<2<3 zb+m0TkI&)s&&nbQaSJ$QRGid{Rl*rBPWPW1+?APYuaLl;$wj*XlZ1($=f}1Zfifeit!_M=77`She$5 zNpqfWxZbjs&NQRKZNR2;Et4uLo$sRcxPl680TgII96O~1lq)qR{NCFu*q`>Q7U;0d z=k04es`wRzX)aqyKlCo%19tJ=AN8dh_5E0Hvc>P{Ye{;m)KlN$8k#nnHH~>4hf2ib z4LR)wvS5E9Sa?$Qwf}t3%5H}XB-}n5!EX3=-5?hchF;(e8Y!B2jWjyg!gbU^atvbC z6p*Xd^SthVfVH_67V>qk0*oG{f;3!d$HAQtrTiWB>T>Qv;n4lfp=;$BZfae3e)|n^ z$5{=lr$!(tTX}Jy6LxFikcKNiN2oup-_(C#APy&^b;R7WZ_Vn^h7x(?!2v3mW&C`a z{GJ-~O}^qQA<8o#QiiM^TKI8$>-u;1$YDEG%ZoXA(`u-xR`!neq`wKBPnPSv(S#Wjr{VM*)c)XS`nH_eI4M|=BXL9JexBv8%h%Y|3%qOjD3S@@&mlFB z)M}!(Nn0eJ)&p;}76RSy&#QDbh%u1IqXu!<>OuZjSWH*@dg;%y@XCT`%|-rT^L^Xm z{efy__smi3&Zs!_6arHB;uvZuxUG;W^?=RhZX9pc7>)Y+7$qa9`d-r>Q;(mdHVQPX zU;Thv7SMxYF2BmB^uj)*VWuK2HE~#!&`SyPpQSH$^fswU38~b{;hs{q= zOZF-E0RTD+oVwXb3%Xxmp|`(HUVijSheoa8@e`|KL;P%cf+Lx^TPMT}(k>V^h`-5zB-$YT*7AuPMP5St9raI(p8n>a8 zFlfu!{&f{Tm;Sw@HNGd3&<{eMcywM6HzQ?%S2=esR(;EYx8m+==Y?I;3=0lq>T1J@ zwWfJ{gEp*iktt}4M&(EaIq}--X&$lgJ{{EMC%!s)F%u-AqRHb~K0q$SW};Kt1W zyq$FKBUSZ^Si#r}X484NI#2i1rWHCeWx0c!RM;vdy{5c4J~M!=p&QKY>`lE=c5bf2 z7Eik~xM1bLYN>mjwNefS=XF9%srO^`23k1qxVALEDXZ?2>U;Ia@)idhHMi?|83E^ey9x{O!N0AQ-BPRIDyr zfNEgAPA^I?ZN~&}pB&!K$;<7cyr0@H!o8@l9b&_CvJ{Zc0tYw6yq!!wxm_`v)%$V0 zioe0E5oI+sBJ&gZU{?3n+-EMsg@z)>p-ahAS zchdl8Rb9zn8uP{eMD~Vlot0n3s09rkqY=+)N%(%J#Ohh~=WG-Cyyde7l-chZNjHEM zdK$y1oFFMU{pXbUvFQ!O2gl>3p5&gKVOayvM z1RN8?CzXyj7fvoEBpR%w7Yz-64!#LfTswkloO(LdPRCMNfu#C9OnnQW#Q8VC(=P-v zGVpYYYW^1Q4-)5Vg)_b4(zGpUOsFeeQNn@G{joVaa!%0|{f_jJB>mu#$)VTmG#_>k zrvM9+A5jn_QK+%PPx`LDL>jBw#tP4L77oStNMN|6yuNO+Y17N>mU8U0nBnnv0W9)n zSfdzpzr%oH`%UCZ}kQ_MSmZfiq+TVx%0Ku73CDZQ!omm5MNoQS*mf9#%9eE3=rwRBj^>hT8ZEL^ylhOzS?B`W0O`HooTA6=P&<ro~1hcZcPo|aXIs|jxTR!CnknKSGxz~phO z(6)|EuSh4S`0+gOZ0N5QR1FQAY)XGUvCOcjWjrXx`syM*O>WJcUu$W~CWRxZ0u@QemWiE3tmM_6RCIiU=xM7^up#Q2@kfJQw zyCN%^8;dNuhLeAMMl}dqI#2mD2}%m(@bN%hte%EGx8iMgm|9f z3bx0@5p;<;e0vxBvmWsWaqywlKK@!;eRK(P=OudnjCkTgCIyAsW<4n)wVV`HoEfT9 z!2;sWEy?_^2I5hH5@!G&)d0R-zMO%3eNR!23$M$ zy?gJg`BF{Rrkn0^97M_S>|;Kr@N?EJ#E*9Ibr}(bd7fNdU#ir#DTddWx5Zj?@TAlJ!p9{ zX(i_FK^Ve)skh5}|L2P8MZ7wyS|w%+Ab&)>7<`rYOFpT~RP0^rnyjKAjAi4w*|*CF z)F$E|fj(+_Sg_P>Z{y%}6$OuiJhyW6e^E}V>ad|@$x0_&EfH)~d|cZG>i>f0?f-)3 z#dzro2#H`*Rv;FtDi~>XX0g*1bk3-1th>)bu!dL=J7jbR`0IOII_v9I%R=RPjW-ij z6b+t&0@4Bq4w_k9SI&A?WpihpB=%z$q{ePQv#7>FaCJDJtd{>cseCP4z2xYal-DX-up1+l82A%`tw>w4k)S4R!eL-S=;D!Qz+Yg_qrThSKStEv-ZB2B`l*xh1XtLeG_O`jCZ*TokDRK%&CubK=}PfHa7QKdacn zcJV{I>%OipEm5Fr>Ml)YWXkVrsYPnB(Z9^JLzpNhJKT}hqVg!(> zbg0!qZ`A|~0QU5K?Kk*cRNzO2P3X;aOb$D+9r`&e~!1Kp9O~?qI+kWW{9{f z1G(RuUP{-A6Tt4I2hkI)-ZpT9X@f$}wfX82WIU&tfSbX<@vYk066WeVOD z_P7Hw!Y&7%RYKffU5u&tO3Asl63&m#g|m<691QwC)%^T&mwbY8kDNJ7x&j9` z#da#1GX#dxRmpvT-iyt)xTws4e4mpv)A(p>lC%f^>`OykU8N*YpP2E+Pl5$eY>8E_ zx8-Zln}y(UIDU6~-uW@p?C3y~Kt)~X5qZQ~iLV{6+PfC9_aLSHlN6r@IK1snYQLp# z{K~O!+u_aH4z^)U`LA|7ewt$jw(5aKC}wSe0tD++e`s9{y3FY77fQ%bU8V�b`?o z0S%=iM#?_D>;$X%75noSVR&klo9w`i>is--)Oku%{g=`j9OI?)RTPxl`lhBl)e&Jj zi|Xc0hEDh6=JER|hl|K<@KS?=GKb(&tB*%ktYm#=V z9zbzzi$d=cv5RPMbwguG;D@?=S@RFr$~5M(P~ReuHDOw9vb+ItpMk%D9rrpr5hW5c z-FBSV{E0haT%5itb=mIBG?~C$nU1h4K4hz}%U2E##Uj@wK`nX(JE4DUkD|ca#Ja9+ zL+c9*@}Gxb#C8MT4}O`)MJJG8;%_Ek$l<`SqCj$Ja`xbI66#u5_noRrqNmc9Gbc^v zA_?uyo&4@nCzITe`*-PO|7+RawT*8$ULb)=p4s-1BmXz@uKI^>PYvd{3$!jW$U{au ze_jxs{uvfWk$zX-*CB4v>%iferz_=$tt$a*I-isHlVT_C+JN$D@5NuM9CQ(IbM*?; zn=X$D?!zyH6Qktu#C`#`isY{E5^}u=;BS8&hU2%28+*)%#fG%4lS8JQ83oRxU?@H^ zHz7(8Lf2*j#sv6A=WHAvDk*q8ghk2f-wqT>?}=RMA0djzU>>o1kGd~7Z7JA5s?Ita za_yg2peHRYNo8s8IlaM2bzWKr24KzO7E?z>TIFP;75T#XYB0qS^oy>07=|gl6ABvk zUHfe~?kNYoLJyKLwu>lIzBbQBkxhjIxb%BR${d6!IoP0FNqqvt7_8Uv(d3(~&5SrK zX@{4Dge)JFQ=4L(hjR$bDIHO=|@Z0@_viR-QOO2ho5?zdmFW!@d$DS*AbAe z5Y4uBLB1s=fOTi|Q95+BX@Ea$LEbcm>sw-+<=BJ@!4eV-5zEh)fxmOmmR9GxXzDs2 z8b%{&{&f|nwpzhZGOi$6V9{iJu-R;0f3KES%T5>X*)k;^uGOXamnKKW#YwAZ zW3|%g`fm0+uQhz*w`)+tk~tgOj&F6A!w4Gh{kIKo*N$3WJz`IpE3iNb_(S;JF6_#s zxXX)O|KMaWoySzq7iuYW)bDhkL%vnKeZRb;CE=$=tCi{WRuW)OMuOop(#!yoiLR2w zlr?*$Kkt;c#HifvpE4h_N-9(ude4htovk(%aY-D;dpSaz+)X(nAOZJe(}Pu(97`I> zreyTm^zbqy$wvh|r2gX_)(Kw%!o>o@WM@9nL^!`_ivL}-aOstU!o-l5QFODNU(AXF zCjY>~=63_^^nJl`RQ7Of84deODJO0*bd@raOV8t1!^H(}IvZKgU>VIA>F3n2!zOVI zllqhE1zO#s=@-ArZ%MP&t5cDF^@J!z<~L3$+KRnbHBaH&%F|Cfaa|G372liaP~|WS z8;hggQ=`SCE}2sEtYccL+zuVIesbv~KD3Il)MpE`i%yU)Cbd6-r#9~aZ$4JnEuX;3 z^$Q-^pB~KJ=-Wq(T*4u;3)E34geezqZf~`5)As*m801-R-Z-rt9%J=po%>UB>-e1# z<*W{2`MSXChhK+=p)LA8UT~vNyV)*dI$4FTBN;3bk&5dtJxQ;8dpbg=rZ7fX52udZvN(zq|J6Zq{IKN{R9@jo{4uQ5F*B|M33&FtAlv2q1%Aw zos@KF1-Xs6AR2rl@<~F1A=%vR|I;iDs(E4e*_NpBFK`+wfQCS9#~~|%&H3dWbu64$ zbCdn?k247`!5M|16gW41!ArmbsalOV+ZGF8hCXu8f~)L9+J6EXdZ5s#58@7YJyF=0jpe$Q#JWh z?TQs#K0j=Ja)9XCu4WYnctmuPNEHq!HL8ta0NmRM z->ZBb0kc|Ghu<00OJl+_7-8XP77M1ThBHPRy=iPUEkm7vf&D>It5DYs?Sg&Ub|`wK zs*)RA$QRc$X=M5OkDKJPt8Swj3|{3omvX-UsV= zekAFG`l{{_Ch}a;zrD>fpCsf4gSPKjLuOFS0Y8}C~c4f)wzaq8N1{J)2iMC9#}BrVzmroZ~Oj43x@ z)bv!#JzLc3bPQng&LH(rUEwDNhT+ENuiKuA79g6cJ>ofH(B@;mH+9>(yGt4819$p6 zNCpnpn&~74;Y2C-Qykt}4i~j2J?^4~akv!hDg%TrtvU1zrYMh*G)K%xgAL|H zZZr4gxi8dM1@W&K9I31<+1|IlTMP{;Jv>N@EOU2-mFd;g-6t~JfD(DWRa|I%Sk4@@ z)7B-c;7tz3yA$Tuc4&dvIAp;7dHEA?UjCH7qHhNcx59RTf89qy0mDg~Y{BU3)s>0d&(P2O1OAO@|*shsxH@ixVb2VTNk0w(1)3YZwlnzoH9 z`?#|KE}X7~pColc5OP&0MK|>9CIsN9e+6gmHl#^_ghL+t`t3>c>$T=H`4)E)Eo-@N zbww@X`$b~n1*QFYtB%E{igGK|PIsU14qroe{Wx`&L zhP@UqUEFlxU!tCtIFIor@uULp(x+#J8_}9I?C+O@7)+QJNNOUtKREe zx4W4mh(RqwRgjT8C8j$vq9HV+U=xJMJC}H(3yUun8VBS1iv^RiFP-CzSn2NR-?$E$ zYsMwY-5sD>cP8uRL<+?AO(;FI3=(@d#aJXwRWBoYA~IV@^|Wtz=(b;1ALQ9w5QwpS zpVU*`hFc1FlQi8-9m!P4-%0P-j$sUnFiEP0#AAQ9SI}E=$6|@gCf~b4#vy&jyHhnz z^?p#0@)L|udhmLiZg5C;4(~Q0+mzKY{O6+<=zI|K{FEaxFBTx$fY3ZxFNcBGqC0Qt zPRFzi2}JN6yDoo8bkeI(H%{~FMA4tex6t!rwHtKwbLk=pY{V)|$Qa$3u=S%NC$0V0 zhsBY!oHC^QGskbBxzR|GVl>CVP@IxnqEewrx3v8>oB$4o;IX>0&)xcY77)M*cH}Zy zD1M6cE zV2hsihF=^qYVKj?v`O=|D8`2UHh9!vm!>a0dg3-VFUtZBcx;iM&gUbUILxWyg3S9W zXUM9ZLNi+wnzX7AZW17bIBlYEz1d1w7Uu1n;e;D3@;?tVY$tH%`|YUHbDt39qZR zxI_~3SrNsyIw=nNoe5(YnNs0+<^JNq8B!|Cj?rOZK!RSuqgkDUY1kSG4?cUOQU(Wq z?ZZm+^f(>tIJInA|6lgBoGj07zXl=K?V1&SRa;^8ncaea#%9HUEH1i9ev77B$_axt zn?CIwzMQn=gbcYrH@iG!Y&j)#ob@kwX+Ec;dRk?meTj@+lm0NH6fE*$rsseIO-0c=Q+*4rat}7J{Gy_O-Gw z=)_G|fk`xa*IJ5a*_82Q+Qx*;^R|ov!VvyKfVry;O3oeN@+m|t!gfig*Zb@J#Yj^Y zmB!0IKfO<0Sn?rOSkoCwb(+6nzl0Z_|Fvr?NPn>vr>C zPCSuoWb}|!HvW+2Z>{~LgzwJF{)lCj{kAt4@k?&z!GIc1-5eOiJc`v!vI2NohkgH} zS5qd^JRF!-y3sf^`yf1IhlCqYXPy;JJEZ+!O4;UDux(F!*zl5;7hFbHH_WN>zYPHS z(Di`=x)_`#d-^2(EF0=>ceh>ZCs&(Iy_dsj&Ll=Ww`$_i*k8pERfFn(xG{lOUa29X zTQ8?~6Vptk2$){7O$c%?yQCI)jGiLL!$!Y`)VZL+Wd%nN8=RMX@D_5jLfA=& zp|D!tEqjGb=uUrJ^!%V0Lwz9%G0d(K-5NX^v92CHR;P@0NLnWTSP=*KCnB0VNr=1T z0o%;eY2X!XpBJd%P$qAi)DF?DooL_7`P6*&zD~jeE^={7gA#Uy*Ybs=+i_G_%L}R% zyK58;LQpzN)Uf6L=0*mR{~VV5Cx?tZc)#Cr^n%o`1WphN*-`K9G~(~-hTjujySl|u zC1QT|t9i*0X7)oS)+`_d!GeSes(>2rJgw>uYWy(_2wz_CduYw$>|PQ5>-S9S)rN*Y z&}&o361ktwQPIgsv>_rNoFS>vvAVuJYVSQ$z~SpAs%yBXr8whoW#*#xy!&Wa#Glzl zR{hZ{<;R^-@iHdd#pbU9XW);3y_31rbbM|*i5*;5t zS17`y77d6e^=U^nwj_48&9E8_@TKx00HwyWiBWT3_vdUF5-nk?cB`sHAh16OarQ+k zGlOr#0y&IAT)+J&mMu9%FSa*ku9)ZIbKxK^+IbvMTDWOFRWvx-1}kG7p%eTZ;k^Ay zV_i6rcYY}M*!eaqbIP)oyi9T0A77zkO+szCBwq zoG+30#Y@ya&l?kvk&d^84Scoww~t=_3%&z?-0HTQz=7>rLfZCJ)F0{;JymUalWiZQ zP;5zbk{3!)om0n!{sF>n@-*`Qu*v1Xx5k{L!@f*bOZKb6r8yvhfCCvFU--fSP4!8IQ_VxFOvoCw39{o*)4HuM92R3548jYzdNe^W1M z3tni+qi=|>i)mHzj*aWhrI|M2=2YW5Iy#n>zqzvSN0226rm`HZn98{0u=R*SdPP3B ze)Y;?`KP(THGy~TEgepaw!`jDSeRm^Og?1 zci4XrjGP2$CQ1qo{GpPh(t5`64X=2+3>irqWaQN=pn}C@@>U7TNezo5w?7F@hJY*#?^$fbs*61ji*KTGv+%J4?6`?@7 z)v(rE$M))%A1zr5dG5Q(q??vam`?3NOB(dhP+sKYK=^xK_rAl-{J0_?DI#sEqJ8Qx zf{(4M4sKCV-1z4xuxhzcFhwA|H8t%Yc)5HIUgUQM$IZ9@^4Vv*OG|G4uUitC$OEOZ z&<4zBajf9FCPOv3hVZSM%&(ZM>V2dlRsCt5dE7-8&8KII{2AFW1!3lAIm3kv$<5fv zq201LH6g+s8IB#_&}dQ>RzNRQV3n6$rnxHbLV=`OiD?DLioNgsv*n;Q9kMeLRS(;! zn_+uFhK9D3POke8a?oIlkm5UG#g7;!`4IMN;lLQ|HW&o;O~1H4uOJ5vPrp@Lq~ygh z=*xROFaP}h6Fl6ZBnQxYo2pT*kcI}=ryFQy*>1Y6%|)}S7MtC5;Zf0u{e=FreX^F} zHFL(LNu;0q@X+4)og~chmnEb)ws+aUJr@P;A047mUopCD{!YxnDIK6wTc1lauglOE z`p&X{dI*g6k>+V=Ez@+D%y6x$7V&<;6;W$a7QMWi*Hk#aI;#B_lBr_kh27~;tpmW~ zClBkOC+R~kL@%0s>nDwvWi_TMBB*thsX(4mIcKik-nT2~PB?h&An}Le@WH}uve*NWu-$`r?u57jyUK~f0fNkK9@`m)-H3+!x z(?xuFLA6uh2Xrs?Fv|Glr)QXoCNqU*d_n3}@3Eyu3PphJh7YP(etf4{iOjioG{%Vp|eGs5z*%e)W4ZcQc{giyk{GQ%q3Aniiah{Dl zn+jc2kn~tupt1J@bM9Dsy`z{4>JFIE=MjC!F1~z5W8ZItA?wPtt|Nl+Vl&Kw#ctrz zdI~!)RzZ04OK_3qrl76A@?Z;K+wVOZSr0~&ma*sO+Xef^cb6l+&EODpT68KmrQFkF z)r`9!w^@4qkD2K== zsBdl^F(eu>AZ_A2Onwp~EVb=LG?R1`qg%?~%1V~8CB>~5?Ivn$w_i}r-tE^J@VHJ^ z-+^U3$D6OtOMid&vh2bGg|E@K5LKBLD5mII8l#IJM6Pm#eKZqJ<|sN@oA5|6y~vPh zFMkUtipW@Y>i6$MPpI@P8;27uTUovQ#povz?tY5jhp+FQ`u zd^5^oFTcLS&o|5p542rwc{6cV9Thx@8EGcl;LcMC4z)mfNIh?z?;`#{tYNGf@rA?O zb`sZXVm+KcL_y@e?R|s4t&FS_gE)$|pHi#pT_ZOuZxQ-+oy=xENW9X#f_#qE{A6lb^T^*h2W~aOT&V%&?$d%4YRn%rnG-LG=%+Rv z(UFz2`CfR0tl#*mMd2gm5|{BNZUn=ZH{f)1kis6Y5O+AmcPzH-bRXnh`wU2T>Cu*( z)$|_jnwlNZlT?&D?I9i)8Q?pc{Hq}(wL*U8gItUC0Cqm-;5^ov1pP; zO*<6-VIPv_lIk1;kxO^q!Lvzu;`e4U{D@8WtE)gpC?;)?(U`W8ML57!@TsGy{L*OmuIPwG__E?e zp-(*2)>_)b6otG$a+&27iuv)aoh`LjAhsuLT3JC0!xc&q>s?-gWO+)#v7;8q65Fk6 z7S;mY^45lH@5J2Ghic{(7E&lpR(Y==P>7w5N?pE&kmpVa)&|YFA>ML94>9(_p`t)g zF+vq7u5yMdND@C6x~uiR{*Q_>onRvw=N%{${Y|;Ez@g}>IhoOo-$QM65aG+aW;LN3 z5x?Gog_8lg?~zsye*hXwwNZ6tRs2Ts!@~*NVm21j(|2F#4(HRfkVdLWSfM|*{|PN| zL{ZnM`_5Oz?yMaO*aD)w0U344u=~wYgwUe*?N_KQAAK*l)E+~lE5*KcBCe-{(t`&v zw?y7Wqz`JQ`Vfu%_~PB;fKk=_IIG}>IjwaPA8ZllsI@ci> zZP8_C1Z+I*Oznbi1TXW>&-`zQyuo+THNMNGIksXNE5wpZCQwB-k~@Q{)|{ip^-MC5 z1-nDzNV5@c1gonsE1F*Qi)7zH)i#TAlJ3WICGG^#5%cc*Pht`-CU5w(Bl1FGT(Pap z+x5HENEW06jxjK^p;bxT`vOUFD^ucK^t059UlvGyy*gdD^uppNy5Kbd@xQ z-sLs&&Y$)k~zV=w3KAj)$mKdgFv$3EnRFNpv9K93M%k4_>WT=14 zPic(F6DVm8%DLdY6ypQ=?f9*7`u$mHmB;4#IS1!+4gk5*c3tZ90IGLVvL*B3%e|K_ zzt<0UV|X;`kYOsKPi-JHBG~L>@$pilB}56xR_9=8F!;Lc1+bxb*B9V+Y})B1qu=w;!=1CthUboGL}93_I#l2BK#7W?(O zJKzM(g*ix(%^^%^nOu+lPNR+}egQ@6%q)xX`AwyR70Bf%n7|`(#$@Z`7ya<25{|-bu%CdulYb{4~QAH2-O)R&0B`M8Yib zqcfv+9gG&&AcEnr)25JmY1FB+p|&<*(L2l2mO2Td? zU~KSOtW|~Q(*>wA$Nfv|8cV=sTQ-e{lI}h4=Y$Nxw;b<+{`9k#ruxbJtaDWsdKZyYXXLnZ# zqN2yJ1IX8{;OlJ1B?8_s@oX04(~gxmjh0YNLF-8NkZ5)$ybP)N=vAwnH=S1mnS442 zl>e{|h`T==hdGq+&^TyMS9}=Tb>sMbmA*GP)3v4+l*e?b3NEMOxMyU89d&5zlm`MK z3V&xBNLY&XKP=_l&`??2gPb#`w1cZoz)59Bry#qXx|&Y4Ez0Y6U`Vu?Bhf}|?`DI*!fN8WunRdjU?96|i>@`G5U8Dn;Z-t-VYH*VKd%=1EKZ&|Ez zAX+QR?EK0a9U;yR?>pbg|S>RxGHHnQVBTLiIe98y=PckTJ4+_HPuzV_N% z*;`B3zc>3C4Gp+cC%AZl(ZfuswaxXo>8Tk|snStmJ_NH@S19V?)E^~rQhlEy*CPMQ8^gC zkM_}`I{5w>%zaxOGSV2eXToswgl1dgnR!Z0?u!tXg*_Px7|-}aSNxb$;i;RfC-E|_ zE{y7n<>v-0Tp%(%^2*3KI}@78&Z{~fIS6S<^C7;pg#qQho}KP{Zs0n?YMuLz^eFbr zDcnNhzdfV2_R7ne1W)1%+mrPCC$^W=U{)fJhN8-jOtiWCc12mI>Z*dXJ|>C;j3-$C zE!pX-dH?eiX+Z0B6+mA~4`ltC_WLZk{nV6mn`YvZPg`vr0kTvHHwzv5y?w``HFDy+ zFPX3){I2#r@ojtmyJp+cn)Jy0mCmSvAuBP@IQp+o=BzM?&oTys;QdpWZ=| zqdd3#MYUo+gu+fP*uQx@)0yLD=FZ$^vxpS~hXkb#Q2J`}LF^XQL4CvSGapsbIOPAC zWVX9%xsk`B;h9#DgvnKEdZc3S*srKS+EuQ>mz%G&I$^xNW*#E* z{R%dKub$L@s`FnW|6SvQCS`jUz$dHj_cZEO5v{pWDDjJC)`p_ywqNwIT1CB;`UBs9 z(Q@TyD#9;$Q{5EkETZowTvX9UJmq~!0vSYRC<-zV1+Z8v7ja7kDT%DF2>>fWfpzm;A4(2j_Z)MDk* zm^40|QvP5hiRN?XHJ{64jJ|&iur`F`N_&8>HS&J5^`9aSnxWX|dK|j{o(pIGtfi@` zbE{AEdQDc26FM~YF`@j*bilv^ssOHm)2~BO-%LWvSKHPZHy+Wq?|KzgBv!k#ahZRO zL6bA%ZjzIs8%?Q9FdolRkhK4*s@}nKVB{^w!^O?rA;U`i__~V!p70WhMPWl6H<@e{ z_M20a|8kprNxw+esFTQtG+v?nL6NEkbRoEzWmC1-IN4w$${%8%*td}snt3(3RN#*> z+i{iY$kp!)hyfpwSE$;ilvKEjby_+H_2H^MbK`yDXph5PI12D45jp#S)}-rA2ORD9 z^{j1wbF<9?)%BL^-V$k!!tw4DKBhM}SN71$w7=KtmQ`%WO2=4>RIn8&4djIr!oD>G zHJSZjd9SI-oE{Yo<{OxAbk2PLcbg8q_u_wtESkRE$qeA<<{N4Ry&4b+<|5XZ3l$ZXF$$WI2o~H70=#2tgCsOl4}Ejj$J- zB%at&-m3xZ%aAyf7iAgwbhJarzP&-NF#dTjgJ|1C8tW(T)pVC8=pwY}qMkKUszq%3=t7~87jO1Z`ynIJpLjE#7awkt zb;tj@(2IYFR>525r$ZQm?ro9}A#>>y=d)0*$@>3p(QlV?J*_;w_301vnIUQ1=;nk5 zzHX`hoA?ocOeGG-BG$_ zPHJ;FrX%jh?k53gahP(;IR4KCr9&=0fj@{T%RPKcRF#kwIuc25N}uwtGXD4kBgn&w0!L~pqxagt6j<-ue(K=fnj7|DUOJe7i zL`Q%KE*<4Vh`8!^W*C=+YUrfn^H(|gsh%^_GFs=ASnviLJ010Hk<|votA)4PV-8$ltI2AoM!$U75tN1VWA!CFWW?3m{?@)OY;v69s2*jzDiGLlQYlPh;lKx`a@e9 z<($Rm{$aICeFJ6kvw0(;l`qjeC#ID|HX#uqZ(n?o%Vw?H^|n8RcO~s?yNr|yxDkjV zMofrhr@rBd(9iC}Zyq)e{y$uOcQn=U|36BJ%E}1YD{@7Vt!xR=utz9#-D_W)3K`eP zh%!S+R>r+9*NDu>jEj5iadBPO-sAT!eZJ@S`TW!AbUMy?d%xbV=Xfjy-+Jf){u;*p zhS*n`CuD8~lNJoqUXIv!&tw|i(b=pfX_c*E&wBI^KcmKjQ=;3rR_w1g2?sU6apX}U z9%h_8Z;%gj+LltHJ#u(=cvM}qB@o~y>{Tam&d}d0{Mi!qxO8D2+|3Z9-Io1Nn0NVf zNaTTj8R87BZ_fb@p-hXPD~!UzxyXC#ZR|G0$iJA^>CEu`;UU=?sVq-`PX*Xf)RtwIaA(-*EtC}7N03>%JBvGF zkysRQyKBpnxVtdqxhuoSVrmWr0pb+}`IE;yKZ}t*8nfL8IkSm9G?CC9%~$)9iw|)t zN+(v?s+&D>dTPfF0kD0Siwg@Wjbci64){LlvViU%2+(muToknPKhLy8az5Su(di{< z#VIM9m0PG%Ii%!uER2Plz&FgrjTbqbTCH z3N$P9!|?S19rkf#Pk38b$Z%cAuX%>T7tx;XmG1u9zkb#Ia&vo)etK4NV!Qv_;97io zEYQS4e1tRY1uZi-do5_^?2WFeUGXYG!{kVlj|FSJAhj{)GF#=ZVlPEQ0Fr$U8fV(c z{g1%#uV~%maCFrSF(fGh4rl6Y^j}r1E;7_5^rf8ZhRB7viQ^VO&~qs`39hi&P712w zQq1JJoA)+-?QrH7BVaL|JF);BSC0l;{UHydOoe>`&hkz6@tEk2h|BekSG|B!4LT5| z58H^^%-u*_A55SKy}yvb*hyPT_m;UaVnaO1r&%CtJcK*5?V{PoUxP?6P&7Ca9 zCN$U%4y)KxayIy{1r0eB53B9PAx+IXc0Z=j56H2F#TwGMR|~gaBPFX^^^mi*^`9Fh z(Vge&-6-w?fa6Y<9GmJ6)~Cjf?Dk70QDbu{;&YZ)6+@SDH)dNd9-C1k3m|g@(6r|%HVoB(R-n!CMV2Z-R zzcYq%>%8%@WG#2UOFJ^Muh8%YJoofqgq4vmc9#6Uqa}9O_#Fn#6WHt%Mhe`iIc}#n*Y*X&byt6z^=m9j_%U>Bs-UQzhvIfT)p)2aR$}15M6@Lyr zrHDiQ(3x%8>|{pH;9H-zR6;_RAoG2I$%8XV)CE7lsWLmB9RH>6F)OBweujv%Br8#W zyUa#oxCF+_^;L+D%2|ZC2JVGh7oyJ8DTj6aY8m3CZ0 z#CyI`+P}k#8X$Lu%`La3E~v1`m%jvjf9R`weBl4RivE#Gn3*vi?z5A)Mi#&9ME`|9 zP|Z9^&T2GN&!M8VX^S`OO8RC!OKk-egP0|_QNCxa`(q?e+?wD)f71sl?4wW~d4_Q340{JKsf;vm8!7UgD*=U~kv!pZR{5wp?6Z|8#)#D7vWP zb3^8%{ozg-|N6<`%dwV^w=Ie~T*k)8z6<=%X?wQ&du^XTQrPq?TsS`$=Ad~mpT$+t ze?78Jrrg#*!__X#wM#3lO|63OzZMs1Ak`05#V?Pppa^Z22in|Foc zbpV)4Wr?SSSREb}fWzj($c)os6$M~c2r^5!!3gZwwOM;u=Qd}Oa*WDH#zf`a)dO#r zlW4JRUE#}UR1H34WyIDpWJSfGeN!xEaqhPpDnC-?XK;D$)zL)-UC(!@JUdIA_{ZraL8L z$2xd>Fb~!=6;+P7<#r?FW92KrN$`^O)8UxTpXzIGz`haREKHL!Ks~?onm2{}#TXrR zR6M&AQN=qLh8@^-KY6RxG%SK&jVqgV7D=&-% zbq+NlsfGdEx+o_xGd%~cJr5;bPnrj#Cx44G9{||Wq78?(xRckL6WBED;mFLRZesj_ zFBZ2fu*R>$E0lM3uKEF?5U659nI>5CkL`7xs;?HlT)tckmVfp;isn+%TYs~p?VYTU zl~HLte!w9kVr|Tfh4|&Bo#Yi8)hLM^@Z;-PWumhD;s;C|A4BF9_u61h0C2pMoc?g4 zEoGrf&qHF|n7f>PC(-Nr={WKamL~&5V=}Ue_T%3ej_(YqwACq_JaTvMsZ!a|yb14PD z)0@)MFtH4Nt8S$F*(y&1lKk>dy7vjxIBe_ZWf8aJ5U4CPLm@E4tcs-JwN)N?M_a9R zvVWpJ^QFp8H@)Ed(*C`qs%K`OKjdwIUc8XU_aY(jITl=_eV-0cH36;Jjzb;nHvr}E z`{5~$_!~rIXK!E=8lZLo+N=Kz_GAEA#nb(Y#dp;t*wV!(%4$tnbHS#NCqrjRkPdMgD2=EO2wlJBCY0hw9@poJUSTiV%kSdhW9NJn@FdbuqU;jvaj!H|-&r%Lc)+;`HMC{p3!eumjc@We+!2WrQn9^Xu+4ZYNc4%6-DcsrUZaRdsp^_oz*k+Jed`+zRzp8 z?}{d9qP-Nf9c88B&{tH;ej6N=4{MNNK#Kv>dM^)5cYeHZk9bniS|gjHDE$&raAC}+ zLBG0=aBxG64gF|hhw{Z7P9$=iHG#@;K~M3ZZxWlHuiW+K0H4r@RFJSpz==d~Pjz>NiX3&TevbkIW7BY`gZ`;*zJHCvD? zEw6rWeQdB1pV^X0y@F?#FHb-|XnxlYbGWb9qe_LXo_qm$Wd1@Mmvm#s4qb8=mmwk| zyJ@eO!Ozm}MPHpCvQphO2jLU2d@EDW|482RE|6hNuYxy~zPY>lgKM%e_>P7;7e3M$ z6#b+_efe<_?fFHPj`2(pD%pnR{aO&JBaKweL!zPoS_QGfDZd!L(>gl!`dRT2Xd8it zoW75Lz~M*&T@y8H+8bUQ_%K5)iB~f*{5jy<_Bohapt{~wN#JGYI{C$`BS>y@KUxe; zKAV_%GHw*WLH8>JTKG16;&-oXNgYb|2S~kO!n@Z;58x9+hy=PSbp6CwU3yQ0u3E=$ zx8%q%Z1}_m#M_4g#T=a5{u$Igtotb9j)8%!ex^bbQQoVtk0-Y&7Gaaxx$m^BmdO}g zH7az=3gMVH^yKGK<|tQZZ01^Z+;+v)mK%dZVieU9g3QTX?!D0xFsh zPEL#g27yKnh(+^{>!9uLRxu$}~ z^BtLi_^yLIj#;e2yM<9pmgb%7wI*^aLOYk1Lb+%cm#u0_H*9Lk+Dp<3c`iDmHfOM~ z1PdXtTDa$h)BSb`j{Ed4e({>j;k`Gy8x@q);Gm(~-@cW-N|jQDd4hg-*jInCa0kni zvd#S1HDTJroJSNqM00MZ9_Dw;xBLg@?zjqzxku2*_h82dtLq@QJ9sEpOdoXAm*8`o zcH*htsYXtO(W!!IU(L$gy6L@kD66N}{jHp!663`x>kl3o&h_kp=+x8NU}5dlnWEGt z2O{Z(n0up{1vizMmw$LGMF>(WDRKV}z}_xg7^Q8rovFbQb6UR%^Z&h@E}bG`<;u}A zD(GoDX;))-__fCwu$6P~jZP4E(`c-vrc7Jk<3`II>`3iHU32#0u1@0g$lOgUG=tbK}75)Obk+!c{GR>`Yk{3hKJ{rQdOxdOQW zU4axjU{6k`izzA%?03ED;Oova5R?=jTg+7>maef6-g8aTh;84yj(4sv-C9QzTz5uV zXXu?D{a1^BTszbfy=$Wuo*ZQaMrQ?Gv$Wq|GCH2~JUBdAuVC(Y&hgL-+}Q)nnk{Rr zt@2|-iXlY9Ze;kN!EA}lQ=Jls7!=SRx!V^g1NTkVk?N- z#7AV0whK4JKp@M><)M+M0T1CP1x)c#)nha?_wu0Y-%veCS3+w+=V9YkkB-dXp?$KW za=y)`sZL?d5$ztj6_EjX2Mx|YY{&EdtN&2Ez*CEqlZ)g{bO(to57YdV+mLd#EW8L& z)HBB*4xKudLD7KsGn+hfGs~5?zh`m^2Zy0PM=ama-!5IeY+y3f8&fWfYDN?%qaWkW z-CV?#{Hg-q)=sm!P{CUxM*opk?5x$3bL%BeGrQw24yBWD z7{0aIZ?Wq>FI%{Ct(TFqBM5OCc?-#YbG&sG3@wBmmM_)0>|2M+Gg&+i{3*}$|JUMj zW!l)MZ3gdNrkpE*%mAz;vxwhA(h)AWh#W!JCug+Q{iIBbxqrsQg)EDR|oB+$zsBjrdi8jAvD&6XZ z9CczE;9nD!e9?^StxZCXkI;IBeU6qdPaxMbGvtI#_ysMj0rOituQuS7TM~gq`0R9y z54E+LKWm2!BYS5ao57fxO3evGP*}d_l5-yJ<|Rga}PPh`?6+nZdC-W7x6n%hTIgXIE0%>tb1Jb+XzD zAR}$$fm%~$BzqQ)G%rB2j~o@GN3uY|P<3I^1sW;**mu=GbPhCP_JIGHRY#DJN~dk8 z{gQ9Kljch%9LFa}xHUrS7K2RHNh@I=|9tupu%2QXiW05mwaK$J91yS*16OvAM*ML6jlj=|nGox*dm~6M&-sm>)^}aaQ4Y`i;=t@Q(^@44 zILnmGI{uW;(&8?xuhCcxR5a^A1b%mgFVG4>FzXf|lL>N-$=Q-%s~CNWojrKW^CJZ- z9}YL>)Ee9l_T7~-7rk%5zlUY+9NPvA@2=T>7(Ln7eJ{}F?6_B61pg(wa;?-S;dG33 z3<}=3qySVbJ7uM z;13m4|8lMsq$LJRZgvissA^?SPnB5z%u>JMxY;8i^0_kYhMwKan(FqD+2rI%Ya=oK zJ52fXf|A)nqmSHcrIC#H@irnaH^7YnEJ7JhD=3_<-Ed7y?u%%9c%PSpGD+X!tr7?vTu`dJi_%t_VZK&fw37wdY4{G<0<|Mr-oVPy{4qZ;M^(%Sx`St5i-K0C39f&c+ zflD{UddDFiGKSSzucDo+u~-UGN<4r8mu&zG{GM+t60)|uXq%QkCQ@XNCU(-ugR*Aj zk{qH&w`Vi+DVfo{$)L(3Sk2O;3VY9wX(QvC-kEA#x|bdu-4U?CJLfdt8$VvCl0B=e zcIP=E!JU%~B;M_6UpK9L+AqC5T_=wuAjkMAd9rvl`8DoxVADU%l({C4^{}da5bT^9 zQs=?jXuN$c+K9`eys9I?E2+eSOjrXx9-4BU5J-B3m`#0$`SkSs5U=-9GAkO$@ad^| zjI(6ZrT9F84WmPqs?37Q^m*Eoc>?t#aOEKUsCULS$qD(uq~~@R;R`ieO>u$!EfC!V z1v-&yI`I0E#Vqw{RLPAyq##m&*DT!S(j&#=0SD$_UB3u<&A*=sfY!48`(FAkF9{DB zv%^*PEwye9ZLb)?TW@R6YSk;?&$&JfvSdI~64QPYBWDi$oy5M(HNgs8?9zg0?!a^b zukR#~C&Yd_k=S5Yx6#n+Bn~C`X!KnM5L?O>^UvJ{5d*nCz;X+HbX&~LDz{g$?McLh ze0uUoz0dLT^=|0cV#QLGmtPMww)=a=h_t86WuK9+F0;FAw>DffH3uj6r)_|%?|jvc zj53xLo@a7NovQ+D;Z+;UC9HKRc*T!~bZzvPz)HI0Uw3Ps*?+tJ5rE7$Na2cJv{6+t zeAm}H?E=&hnOt=s2oIX_;tC`0%s`ZKCIPJutJ6%3-Ikbue@ij(Q)EqCe3grZOrBXB%5GA=NmHlL_Kv7;LlMfgVs9R za}67TMX$(UpmqUKKi9JG(avhi8&YPtzMji_s@1NaBe{t3>6wsTb*W1MSao?>eD7^Q zdiUOK*6Y9;vWGu4113q=lhn;yTdf*uY@+yHYBYQy%S*j)7V&$9Vzh4C{KI-S04Q{v+`H! zzeO&5!>Yx%ZyH^P;wg5d`}hTRwo3pY=GB~G*1?l2wF$)G{;l*CydDm4u5J@*YYAgG zxH*{II&7c;b48o8bNRMpi95*t{ILy5VO+s}$QL^p{vlL78rIzldhSRfRQ9yp(M?ct z*id@mkgUbEZnA6HJI^J5+Fa2d$7llg^s?qm9bhlEroLWY=l<~#R&8x)^Rfe%f7g4@ z@kUvrD?u-tJXeN?T=~9FwhwJAUBntc=pVMLeZWWIkW=m}pZuAa!~WJ0aCn9nNv1RV zvR5qSEr+(qKu+G*488Yz6tHLx6-&`?5#vw+SObK8sLAb)CjiL&9Kz>;f3uUga3lhs z@R87xRR)QJ`iAp@HX5zKS)GTk`^_^2SHN>MAmXFym}b(FdH=v1ey;xND0;KgBdZ-G zsD>UDP*Up=#T3knu?XaOIe+({ywxL~xr2%P{%@&p=~QoB&L#Ruyl5eytNX2p%QuI2YV->;psv!#NMIDqU2sUUq3+Nvn$Dz1k9WWxXPdgVg9r z{kf^k($bdg_K|&m$;}Oc&P>Lts*bU4EDEv>8`pQI*kOo6S9V>`GJC{Wr!&1%2zsUL zyRNh{<_EM4qBlHbSpp=5&f@W3ITGd^1J>&*C+2XqB1xN}3dUMtZfm*$3OXJ-<6OZ6 z#Q?rs$ep!l){po~cVG7Lum9Ch9vMf>Fb3el%b2?%@e%$m1|fZwCDH2LuUwt9EU)}B zmB0Sr%m)rGm3EGd7m1n0Z5SI3yOemDRL!`B#m!BI;D>ICZQG9Y3JwwzdK&TJsNyl4 zz&)c@a29fFu^vsm11r{liB*2zSO;&nFx@U`s#0pTq9j+a=E&Mu?yv<&0^%LER<#yp z;S)M;4X+hq9BgWCh|0%`$K7E`TE-vp{N|CY>{LPMQ{SGqsZ=WM54@ZM9(jq-qfy>& zs!Pjh^cz-6u`~CU{LThHXalp_c6%58*W!5Fmhv-iIrvUG92GmWI^LM_!o^SIwZmYM zjUEituC?u~TiG2-xb6nHN!gmU5)O&|x8-c*t&+p__dIG)X49h}JDcR@al;|lQ8I^o zYPAK!3fq8MT+LQ$9G~C)2NQ#J>CPm>*M0@r<^Z{@8NX;^0+1pu0%qP+MtiOplyl zz+T~caHYhrJkx?;O@@=Vn6WzHvkLfW_TTOF`PL5_(<=L!&r+FQ={*3ac%Gc_u-y%L zLc@NmGBvO9h5H3k00WE7fdUjinoVQC5`81uYoMm^2<>P&tL3~ zxQ@QrExeX5l~r>^BKuZVvc}EZFUL6RVhTK<(vaiw246n_0+S0x#2ziirVLgbs z=iw83d)|S8F#`iwtpizx%DyM0L3 z#ebBt0s{?k{!SrwAJ>N>QH|;s8*2Su5Bf$Uq*gCST|4b0{)wHo0aNZLcd>0$XXng4 zpb02`0ozd@49({s-~(OK(6|$b{4+)375M@6{!L%RT>)Oy%b70@cE{B+JURoYNuU*{ zeEmc-j!J2F+M{?P>g-(nDo)HcEi)aSJsO&h@(~Id_+Vx!EG#R)2|ptbwH0>(#2TAE z&#pdN;|CtPHWNvYN~RtYD3fQYrRDMMLAY~~o1cZaZu*ke`obFE2RoL8Ze>I%-h2Y{ z@no!pc|^SlHXeqU`8m&o)qYEW2tjwtnz=B8gy=|rzC`B&BvkU*d{~(63iOO83{HFxzDALV#(S? z(-Og&6G||jbj0c!e8^zP)yW3VFZ%W`X#@UpV(wzm)w2t=;dZhK=xEi^H6|7$!$5S| zpiMkkHeA8kulR%AzRvH-p`mGH(Jf~%WZYs}`#uDhD>KVbIa&93Q>k*-0vrVKoAvf6 zX#ui}^z`&KJ5${QNNhpnh1{UFCLT4Se~l?LFfc=0Y}MG8Rhmgt5+lCo*|gmjtBb<` z3`AE|S9#xL>3sk;Nv}9qpXN~B9#_QG1iY*M#|SGc!$LvS2f8^;5Q+i?wNRwh_U|v)_xX#TFLtXPbH009FiH zh(v@%N}%IBk~w{2d08VMk8)*LoGDJ8<%@-bCWRO8_JWTnJ^*j|vIoTu~T14L2 z#pfzpiMtRuCdnfZ82f=N_nWi!I%)ATrQ{x%N4E0GUfX$*5`xIJmOXd>rKzjqyUT=c z(Ji?&|2fq>r@D&mA0Brev#WE^M&6$sT3L?|M$aB+L;}Ms&Y>C6=_@y-%kQut z2A1~_;-+M=E!;Yk9D~U;kac&K!gyx)-v)PcAW!joKn#LxmYnR<1HyegQjZHKgK52I z<*arwS^B4xM)xIKh*2T;S?;rg$I$v0gOls)6q&w9oY02A^Mn~hS5TK3;NK2xP20Hs zy=+!8?e5Ci9~7!ZZ>4mFmbOPqRiWG5?ds&i2f{aLfaQlPZ}sYpmVx!T_LGfeqTy8g z_57`P$0QWe!e!Be$raIwgu+!;dKYam$QV`=5h&pXDFtg5vTX2lC**@k${m(32$Z6L zOEPYv#cGL}3YWVr=IJgz!eS)0uXka}lIiM|WYT~T*VJ(^ri7p3d1m17eBo?uiQ+<> zO%XP{fA0*U`1svJ8$=A%;yJE~yM5W7fyHd+#J&M8Go%B;iy#o?*~%4$tOicDExJ+@ zsc)?|?mibtrZ`!P99h#Tgcs-ZN<>S;epvnfo2nas_mr{9r@i)MjVKc2X9ac7?x4cC56vNC8nl75SPo zKYH$A6l+IcCY;XF9h!Xho)}bLwqDa@EFd-KLw)FX3&27B?8;{H9eH*GiW^?8G&;O0 z+jC!WJwQ@Z7;I)*wz8Dw@T*&6vW2zETAIi;t6X=LOte&=oOrkJ$hxoa^EEFUPr1Y- z#bnWv($|I@EDMso(FSqX_iOrCrUspJy)o%FTMGOtsMx0NoXkD6-Lf1LY>2uh-?e!PLfbiJ<|IZJ^mm z%3Fi7m0_;YCXG#k_}b&3K#&d;u`!c{vSPM#U=dF_3RY%^&s@$%h7U_dQ!R_4Igx$R zV-HxB7if4Ur>8l{$-VSr$;jHO^j&w3#bgct-Pr3Ar?&Cs=UZ8GZk2n^hK5J-##6kK zlBWJ`8ZtEP$w^KJxcNZiGZAD@*n~hNB*fEf<^=J>uvOrVhq&)^tf_}n@_NOLTY1wv zcfI9m$7JUCF1*R~_j87KieS$A2!XwppTpVT6@|XX;3k-MkXOh#wj+uU-`KOjaTaJV z#u}Yv-fd2bYwq+a-*egksNm?1<$X@%O`({cOThgS#sRvhOt8rZq3qi65p9QRQ^o-? zgfBS(w<^ISBV;xgwY};jsdyB-Q(s8cmNEEuF=8;KdSqT5o)u^q48NGV(>+O6#5TFr zQ~w&{d~K@Xz}@QE^50gnz3rddHmBM%le5W6u+Qj@%TOy<=KY&8W$r?^U#WfS+e6ln z*?|N*WW<0}+xtL3y(L=4)-S@LxGE`nX(}hw*qPMGu8cpG0_5{$CpJZNE4Pls-iPoIXOSXT88#)!G`G4ZLR}zkbz*1wU zu3^yETZW`@8Q|Mh(kVuPXDZiP6#+r#p|201Th~Q(;|HOdzv4f{nV%g{F{R>(m}T9v z72GCHkB$QtSt-uY@v<|p8t&)IG;`yyMkZ|HW;L_xEdx_HVf0Auz0r-%2gM8yf9eVxkm7Nd*h({>lV*But55`YH|XEFd2^S(Zb$um)lw;^ar?}Lic zPK7FO%-=qGZ}*gfHbQ&mV$(Y+`{D^TO=pkCrtB3C0yb(i*lDeZZWLg3tQMRHYPQ!ZKJX+tV|D27`geWp z)Z3{1d_kcvsyLESK7@=bQLEsr6Pb2a8;>Sdpp3`RT(>Q}eN(a_e9DwAGm^beg4{Rl z*r#OGwjrmrzRH@+oSF4PDe|c{AMS`6BYMjMwV80IlhLz_M4$=bK<#s-}2| zJ$3+53eEvvv#j-wEX|Ph-yNf+H|L_Ev<`3!={f05^{#b%W<{B*^tT-!A(GDgWw@2g z^PFYOx!tttTT9ESTbdkB=sTZDHTjCc>G6vqR4L-sXNz6|BbbwFOPS)_&mnq>(T?<3 z3}IB-UY@05V;Ww)>raK*{;hy*g+G{siqoT>D~YYYG(hg^mEkURKo9QfOnh*YrMY zw5`O0WSz(N57|)xwHj1Ym&O}Uzw?ZL%^J|CTKl=S`mluNzIr!na3*~>iRL%izREj2 zW~xt&0sNX~O0nv~b+IjcbN0l_-?F1?d8Hx5>r-fv`=V23v6(;TqW4BvaTB~McwQ%M zf2GI#+Dbjh7M`jIK@$dj-f1Ki3YazeVei$J|@PKG& zfL)VFQ1)i$5^}Zjy(2e1o5J4~R%wy<9;s!QK+8Gq0~pYa%`i#h*%kK3`P3evq-5me zTQLpW*AEkvkM>Bb+y72~$X^|1`T4%;VH&Y$NI#0+)moHZlcrAsTw|q&h0?vzce8DI ze=T(Vfy53B-hdO%^fVPo&O`zE)H2MjJ)q- z;-Kl))jPDt)hKje89Tu1w&j~2iP5{1OHegpyt^+SRH4e7cqn{Mo2#LN>z2vIpL=lo z)y5gS!K1^*svt5M+L?emUf*_`jFf{r$&A6V-YkCyk-go2q+zmgT8cQ@Kz?dO$+Z?A z2l4`UH-KrOwi&m$5gs3JoXGO}_jDr47;GTWUEM5u`E!$}HY*1Eu2g=a^)t5xk2GHo zbqrB7yhdjoiBJ123skecT6A+l*K_COA^HO=7NO;hik5WIX(SD_A3)(A9X~HyNndG*qKZy;BwtY#CmP-&JC~Jc+2H4bN3jgur2Cr_Lf)>Xo-q2dbRip>((L&xH<~x9{xTnj6|dSAe6oXN6l~3Ih|!}q_BPf4 zwUuzpj*6Az)tVlDc{4!Jbe-9lu`@q}xGo;Qh%r~%E|DGiAt4ox-RFs*%3i0$%uW!vyH;ZacSTe^6P6shx`#}C0j3&dQt0KNZ_3v_AJWk|b*-J9jDYgml1r+@*iqYjvBe?aW`l+*!uUL9hS3 z`R(tljIYX8bJ9Ca@AgwfGpCTNB|Ea+v0+TM<-Ej8f$-16B-3Dh>rJuq<|C%440niT zSsBY5U=;}P(QGy5*OB>>m4H{>sKTEA0dtaqmV&mp1{`IHtv76-&?--|<#c`Khh#$H zgQm;{{gazX@l+sM-&(I#sLarxyBA2cG-@GOq)&;1g|De%1IdM7yd-Q$q4OGL@5~w+ zsS)x_nDAWUK}uk(EC6&2BJ(kc?=4!=e8BA7jAL~>RP}!H^M{95pAz^u?zjn(#VUEf zVG#$B$>tR|2K()}oJ?7;+8T45GUIJeO~`-@GE45_*~sqnxZLGo!y+vaHEi?8bp1z+ zNQCfvdl$SqZ-N!W3-b}g8sD0qhVePMk&c3F7Xf;cJghoS4>la4l^#3MT36?+pj`|> zJl6`E?PJI#O1A@Cx+ zQ$1L$XhZq=z9IYmgZuk;h-vMKnKGIAtJg&H(bk#R9;%_rqjhf@TZ(~F4g^l_BLYUL&eHXEB&4?Z$aLY`2IboyL z@#)ei=KBt91>mW2yHKqQ8ITx7TSB0%Ub%WErzG0#$a`)2YT#jvQJa^S-N~dp*QDD3 zuXh+7+3-11-2vUy(Dfojer@XM$L#-~)lqwk6A<7w2-5th7nvLJZaK%@jpI&serW{I zD`)&l*SG5IAG(UG2BV*vU^-=FFEY`$(Fgu>#lz=$U zK(PYdD!W=Wo<$tt+4u@uUg_%}ZijYeb8Itd!K6}nOO=?-w%5R~0Xg$D<+jwSSR2zI zuS1H|4ITeoBCU1roWqDYmSRwoL_A2Sb@+{b^O)@P-E^%?kpE4{I|b*~hnZDOIb zc1h;T$g#~#Z1ddkg<;buq&81G&NH1Q;zqP+1jgND)MwsnWyvxTQJk%oCs__;1URNt zf1y{bV@?MHZZ z!jvlV&gEM8A#VVybsXW2O#HE!T3on`*v!l^QkwZySNdo*YX&~pOKS;>{yt3gj!CLD1zD428>6v_&tx ziMlHb<&V5wCzDV42^2iUls@8HSN-m6)Qr|PoQfUBce?+Fot{!qIo zvaOwzP*;pn#E)k%R^>OZ8pgHft`JB4(X+q`-@3f=qN2s|37ecDf2>Fx$IO&>xxsK! z=GHghz08TrCjG9?Kb}z3GAVxA5@@`?^|k-GmeDz7PK|@xeq;i{R86_Y?`mUpMzHIz z^cu2wFm=EobiMzBn|5&%p^-M4{%%b1ZlC9wS-HObXkV1gt3cU(^6?iHuU|L*V1yu_ zPW!Fyc9#a653E>BnnL$AtR`gsP~N9eUV|ft=uh`5@82|3{`toJtfSTpw4S(L8}|bo zcnoAHZnEFu9hhxG!rYS0N4|4g;wkwzzQmjIYuDGN6r!JMm0!`eDUQx&znPv;2fm^G ztIi^&M4I^IxpSw#dpBwH@L<+izZ&)2G(FvdpeiOPbfCtxIM5C4z;nhJ$jdtgH%BjQ zoF(fPx11azq9a^RBySbc9@C)9wi;u?Y$l$V5ALa!_HU`f2XnKL)t{8it(Fi^@fdfz(EHc*x;1)i{y2v#1P&XRK5TKnO^{kiE19O}vkzOHUUc_gP1pRYOfin~ zdYgc)0#dLpl3xCO=+b{_YKl}@6@@R09fZFPs|mSVau}+;v^d*8sxkLFriE~CxCB06 z*yXCX3&`%=UFEo}eoha~JRf^{w&;zE7=;(8du1ADDe^|#)t2D%vX3L|3Tne~8&G7p zx}tkwdM@wN)2ps~)e(-x#3q_Fo|(zlY~6f0L(zv7PHq4nX{7~hZ%V9;1w^xa-uD!# z)|*ugyw=e&gM`fNm6kH*UOfJgnW^Z}dthchBH7R!GkbYswk9Gg<1Q8XxGV}u92$XR z^)nS)(`Oi2Jq%%9UG4g3CiW1{jhQ>NOpxUKBO2u+%0tGWHqt@f^@4-{yzA4hn~R-( zbX^5(%F6uAjL(2~T~6tb2~y>^bo8eU-Z--OLxQXkk~5RmJ&vy$EPtIpLMi!h0s)gCHQaJP3bqKT_G3v>&xHxWJZM<%P0D8Iwsy$gFW9%e=RjB?31~5`rs~rGG5+ zWWw#mSA$9Zz1JF#7E1m1$)y{~zNgj}|1Dv)qyKla4?K4`m>Tr!*cfcNvVkF@T?@eS zzdATIkvag+kpoKnIh6SeU?ah?KIickeedg{QDQ)2j{21k$CiDstJBrn z0mN*bQNklFEn+7aKmmQPRr&=h0TsV{H@{zFEDW(7i<_!m7-I>ktwnJ>mvok9`9oQf zu_w0K8-F{wpXi2kFRR&nsMDQ$*l4^c_gLg6O0JjCuX4Pc%uq73hEOfif?0?vO^Q5!>4l+W2?e`awH-O9&ieB7 zY0JU1OFsG@)m$q>6_wo_g0*D=L4fL0et(wbiYpv<;4T!Tv#o%G2-8TH?RGFWGM zh$N#3T zTzjv)?)>d$jaW|66V4F2G>LO1L|lZN)lU=N%-Bo>c5{7>=!{Wn?LiA z35B1xn4Zpfxse7(&o2yRR}mZ5o8o~?;^E}F1;tHIMOcm~1*=9|y@Cti{01n-Q$_b{ zVgMbAQ%6C18_@e$bdDy2!*2N1(&|QW#$`dU$8wIEEqwBQSZ1u@QV|0Uf$bEm$#1n|i7f*42civUP~LRYv_VG|yT3@vZxGu`B$v}d@Go=e$mLb@ zOOMiDKv0_8c?8&xuH?P&SL$37a1Iq{#;(?mMgIb(oRj|5=It@Lr4k~9S2J&#O3k`R z_faI72`@A`Tl@Z+fNzb!3WN;4UJ35B;C+fG^xAAB!cBXsKKI)FYEcx(07Z)wFlF3$ zZl`}?DuR0iJ~8?$opwwn?ALs`Hx3FCcYzV~yv+Ga=Jx!TV%Z;MdmnQ@^N3;rJQJSj zt!6lx-K$OFv0$Fwy0}2CDSiI~4C?J5WT5Ul(dx}U!1U&}Na;ZfkZHofHRCasS(wGX zX%c?CAiZFtN%4ww-0B4s#EOzC3YSXg>Mi9%lf#Xm39h4eRsT)_1MhPeN*r!p!HqbA6Qu2S8z44^!l~>a{pDnzEYDBY2gk_HV-@bs~xfjnFWv< zp}1BuV(ZkM7ZrdH$A&d{;5<-)03c< zXet4ts_qh|HSNfUASProHOBX9u48k-ieKZ`qzN;|5=I`#vz6_~d4TUB;4mkfzw@|c zJBxCqUjZ>3lS|1brK9F((wf$8VU}^@QCmdw@z0?InnB)IIulFTUxD1Jr-f1}c?GRD zAK3R1TjGbUO>AaN#kuV>fY4XTYSz4WVgvjh2EFr3#N@3~=5sbYZXqj;dB}oG6$lEn z%eS(${4{1hJ=Gzyw;{NB;=RZ7DORzJN+X7z+dFn*U$o(MG$A{Jj^g-M!-?qb7AcSl zOhngqo;C=k{~Cn4kEU2(lI=O9T5S7?z)4LivU7x)TvHzLyq0R>`{bJ|l`e`*CXz72 zB=yAtl{mmOxj=zvnAKM8h>Q^IXmP;69e~xVMPBg*IHD;o;bZFv2B(l~lYkA!xf}2S ze?F?lA*2_3JetE{?)a72S4ul0(KHOE;I-uzMnHk=(*H3a!9*l5?54u*M}}g=J9A%F z!8YHZUpgi94A-(JG_EGuCitKi(K7`A@tK}XLgg&0vNfXtCmGv-#mp$|3`w!OC-V#$ zKotHh`*xE)>fW}@g^sxO!@fuUJM0r0t7BJ$2z^vjZ z(8~eLSmQPvlk8q%sCA&CE?x(a<*t$oIk~(Ed;2@rIZRUQwVAyj8P$9DC4_X;R;taR zz(2xS`#M>k0aQxEZa&%bo0I174FEmyg$=2jgj*Mm+D1iBl)n5h-FtP^hhK+5MKUfk zJ=0#GuO=zDw3NrK?%giEVtNdFA1&!^8nMxF;`wuIpi)9}qC-}lM?h~|L78;TM!GXl z7={)Nc-vl<#l zD1j=`4h)d>^mGhWo+4B}l|(^$=>A@Ip&18uto8@dBrV2~L)&Ed+{0-0j?n9h(cL9u znz$jXz=Ted)T?Y%y1r4QU_o`24!xkoi5Lq?$AI^d&8~DAA2xCj+ijF;?}(#%rOxXG zxmrC;RFNl%uryZp20FsQM>6sJ)cF>(YSW-@w~D!gCzqa06TV7T0x6t=s_5q5)rtZ) zFdR5J8#SwentN7-wIa)`@me22DW4+_9#@Gf$t2k3#oh-dBRJqISEon=uw&DCqi}GGI~BV_n9;poTHTKC^) z0^RS$nh+WDbN~{u?s1UB9FxZQ16;-j6ov2GWqgRey!nD^6yjlBak~WoHFw7MY_59% zv<#!YhZp;sv%fUW{h5r8haQQ8|wEw(DpCxI-de?LzWW$q9InrkA>_TF%FIc6RdXD}6aS+8hB0i$~VOm zXG7Qa{%UFbC^Y5C`gTP39_>*z-W;A+2BaDSz*wr8RokpNb~6;F?xA1$`rNo|CGi{! zUVL?>n2(H{s-AZ*Ov$#nUH@h;6j~ia-msk<#FPy5No2Q&rhAUrio5GkoXQh@sp$0Gr5PuL2tg z`ow8}47@*iZt0D;F4_3gE6JWtqHf9aCT#K)*7jLwei*?Ad=(2pYsVCR7UTJ3QXGG{ ztPzoSpawI4J`PiA-%r|{0%7C1I(^oLaIWb9Q__HMx;E)Nbh>^BamLPkv4;P^&}v{^ z+MASfX3U3$5{fMq4S5B~(<#VSxJtLku{*Dip|fO5v6}qt7LZ+q#~3&op>hyHkdi)K{vw`EF};?7QE%fm;(5yfuvB>sdwqG&kYJs1{62h zN0P#&k^sKWQXRG4Q_&0HB71Ax6+4pqt$)UTPHs`j(1$8*zt;Z_*P$R1^D8vjJ z?kPP47@tB(A#Nr1I}-14i;D!20-l>&-*z~~MM4bYhJ+^C54OB}Px5&J) zL}P|0x$in^!FL~prW=)URGUVV#Rgfk{P_TW29X7hRQ zljyN{^14{7&CkB7n(g?U*_jyGR)3$y1F@5AM;|HkZvFy}UlDx@ML(!mG6e zWITn3eK9(Cfb3bGRo5?$&4lcHuyBc>E%2#VeBFTqTVShlHvI{OO{7<1cGFVGt5%pg zW7)d<9UV4k6_bsuF=$ArZw;9vSf60^0&t*f7d-DWl{};DWW(Y;*$;_Pi2k+~cR2zv z9x=N(;=iC~47ie~wR*RCKpU{?bkT5vx@wNO61M6M_mKTt+>-xk6j%pn?0)>hTLq4Q zgMH9&Ch?z#2VSEpGMZU=rW8RoS?tkUCf|^qHN4x}+#3aj2?P0l5(vaS9Tpz)+-qCB z?*`gaRg70nrUByruyX!-p~7a`8$T}2RZ#*0YHS`h9__B_ zI@?XIeBJ$gfbi>`pZ0H-uf-luR?+#M_3OZ{SNa2xNO#&h#uulJuG_faRSCqV17F74|ST^h5?OwkL!e=W8? zsWf=Y0{L>Xqz>MP+MRR(2|X080#m@b#^*?(oMUJ@Zy2j`CiR%4dznl9S|j{A!fCOmO}U!=zW|1w~8VEHrVEX%D=(6@j^ zOps8`-LaeUu-s@U8wBM1t!mn&s-L7B^9X_-0aJ?WrfF&GQM4Xog@G^53v zCKpf=SYh+g=`_YosCI;;Uo~(wi4@rewVUZJr!Bg%$u020i~*TZSkfv zfIGH|uz1*K4NJhgm(3o$e##y_&{v4gbg|MFud_kHuA7f2>Q*(x+K&*ivz)~IVt*0E zT)ts2Z@_M3Z9s%L&|arC+klTx?Z8&nuobwbmhXVK_g~QUH&?JHgnCjL|Ss-L1cU~jq z7dk8GBt2d@4AlZL(Sm)k2g?ic$#r5}O;MB5;E`?CMKuaH^lmIG3Ds zA5}-yz9DJEthIRm!v6kK@mXwj9MGc!7H5UD#(Bwi-Xw}&R9LFOsR~@F)mKy< z;#cn1efGRh1pJ*2bQ}Y*ocy~{SM#O7mr|J^d>Pzy6|+coenNAVJ&rW4zeDjS9h&?n z?g_BL9UY&S^|K1O979!uG)++)JxF*004Y*D-LJFPW3CmNky(VkvNqu|MB{rDfonWv zMg5|t#~KvMN?>-$UIiI*dRp5xp$XPk_Y}6lGk-vaX?Z?;D8PEv2OZ(e>T+H$7VxRk z*dyMG58iNB*s|R8wyOQ~4_zMJxsNfLoTcM3&0nvzo2ZrfryJNEJpb0?EjSWty z(=D0v3fh^8M zR1!>x(ru|^lh@M<-n;VEe43=?U9zguu+rbNnCmdj1@k-G&AfRX>JGj0d5fI2oq6ef zJpHwTcf}{G=4Vt=rf#Ta>J^2Buh`G|gikOevL(kML(g?aRAN3uoFf(o{P5Z`h93cZzSok z>#=z7mRPH{b-&G~e)>Z_jvaPdRq37VyUiU}{|Fiq*k@~UTQ}NgM>+#FzqTe8p3ger z%$qD3!90XwyfRO*V`BEUhaAcDgV#6LkXc-K;_ezrv(T=&=4?u;F3GtTGs=BN(r`I?R-br6Ep|y4LlJEtfVOXIG$|Q z+y}=4S*mMFTUK-Snp#Z0Y-$SaQ4jG!MDGopCtq^;??0A3Ko`RhUZQM&0;9(JUvUVj z&Oxps8n9tsct>x{8$qF>F;OgWj0Tj5AKQz;i$^A-p;=}TgD?!r9qD&tGk-)|F)b09 zi!x6yWRuzfDkHm#xuSJgG%xqfapY%U>;-LRq%#3lmfhF0rt>e(+w}k+xAZNdh70FY zHN!dKPYMNLILxgj1*p5rgr!13G};Ib?anuquyYeoso}E^fqH0GH1yPkeLQaUb_s#s z3mYYiv#vijtEswf@~(ld!T8eF^_tb~SsBw~oIR~j&TgtQa7glM8H9MFA|^y)_yj&q zUI4})@ET8KEdV%a_k2Vv1JZM!bEMrcY7>6G4wipef3A;06($6}?hM^WW*G^axm!iKiv< zULyjE4DZapVL5J$W6vjIRG*#(E-m)6+&Mmw%k4?$ca2eC2G2@6f z!}#;8h)jgb^|wbPwt>;e@060}2AX9hnoU(NmR|~WXV8{JG~XI&Cpe3Vj)^ZI?ip{}f(>kprj*YxaTYZ)-5ui-G0$HxEvmZVfa-vPjzYxI z^-PRPleWQj{8{reOM#WFI_cL^4u%4$t0`NIU)Ly?Y~#_UsyBM!ZFpspwVs$?#aumN z^ux(d*ZBnn03QW#KzqD%F}E`(Q#WAD@|Sxv_CI`MN6MTdN;7*;!ndTImE1Y7+%P?W z@eeh@``SR!o_&8AHEczY`z|+jEXe3S=LZ+w{^zVC4%fU@0d<*N4L6^vhXHF{ak@;) z{bTX13}W?$(!z5xI-Kk+UaHh5y5-)Fjubj$-8$p>QXG_qXp)lwuLNJ@#UirvC7T?k zmnN`Hb6eivp6)IARfy|-12+(nEJa3PBWY%fG~rBWUP5aE~T+4UAwbWany&a2y7uBY!-NJ`;ZhI6?5^~rm%-ecB6ti zaY-Tt;>|h4LbzrHV@@_ouc;CRnus%!rcj!g>?IoieeB5)zu&EZ^W%%%kb(oDzxcQy z`v2Hy7AIVdk9K+>j-~VsH4!=yp83B#jHDjffHr$EQgb4+2bG5L(_TM=d8PfhKjkG> zrpG+C*@sZtRImj|(o};+&`8~)yJoYWYEJi$R}st^Ly)^QS@YKP_xKUAmf`Bj)7DyV9aPHbinIyICmUIxgL?rNR~H6lHI92um#j^J z=2zonc=J1p;JCjf#^JvbL&*9e3%v2++l$A9_h|~u)&~k-Q>*KS3*K*Ap0+Sav(xhJ zM|0PdD?a1DxmZJMMp=DW1!x(c!pG?s)lH^R*3M|zWQAYsmhMI7h$zOQK3PtE?P3qU zTHs(QNmEyM@f2zsqX>yP9C{SS5{Bst*BU=_S3OYW{={}~RN5;4&x7Z-j3;^QCo<57qj?^v+B*t#E`Q^A zDVpKN<1oiv5>_Pzt_PM%Rk#YFn5@Qonz;xV8)TrST;0;88&iy)(x2Zx^OmGJ=3_xb zD|5H!YV;W+J=BA@P4kqKZq2|>LG4`VeYlO$gv6M+R*knGKh(^!LFR#C)H3c7lc;cF zxLi`W(uRG(Ev4}r>tK_~@)-0q@^p_DKtbDTRhKY;PES*^?Cga!5WP~{Ty2}L5!z|h z{42<>o$7T}^2Q~?fY68zyNpu0q36!-K{t`-<}9~8o>c?9O=X^LwvefosC@`0Y#srKDf8MP)Ln@e#+0Nq3nDpNRS+0ggIPurOYXSvtO14s%rAWBKjm~md@gUu?srJj($W_@9@9kKryp%? zeBh!&p(FV<;6`e_ob_79gvE(7n*$xMZBK4PtLW7t|AI%rlH^J9)qB}Ubow2<^9fI% zzuk#A&%ar%b$4`9E7G|{Q>izsHQ(NyS%pDbmu}w#)8CyEJ~~rTAXtUy8yZ)f2DFw+ zUX%ZDK_FiAd@E@WS;j|1bFH6MY%gYo-+oOY9zUQ*@g2LhU*nZbT|6xcx1KnOGg3O% zFM;d~K|ZZzoP%$ymjbdNO9=@){Qk4=rMVycpm%TuS=O(@iqtP@FVj=X7*!4Eu%)fk_d!EO=BVN=SxqaSF-F_G7ZJ99*&6+{Fx08B@jF;CWy* z2%-1K$ewFE@3pv|^IxtvQOcgxcwD`*>eb$(R{e9;aS{8kiCZwKaD=^O4N?mP_1PB< z<(g{}m$pX$jeU9>;hNWP>?cDhz8H?~!fw-<{OUMv9h0P26j_@nYFlhMB8s~^_|()D zrtX(6YskfG1-V4}s#~ci-5SGD=VegVxs$i-Uw;7Om0>F}_uIlxiCq0AK+`Rds%Of@ zks3qxEn`zXTz1v```zUXJ)cK3b^5(k`Zsj5flEZb*Chq{QbR;PC{;;0(sKv!r6B(h zL(X#M8yjMrPo%4L!|m1G{qu8r#^#TetQnJpQBe#g>&FXqujbN!x$QUSfLPB=F#bNc zri^&`$CN{UfDpj^xnhL*88(32iK%p#>?%_>BKu_6?lP|qp~bi_^6yn>|Gf%Pv(HX? z!8(1$@0?moywB3{>EcC>=sX?oE`MYTicO1#ZD;uFZjAvn^UPBu0d(clJ~4eO1#=wP3NdSk zre;}7%O`I4JOm8fDiYBRZd`qZ1S`J2d_tUl4d4uwg&%CW*HhdaCMq`7$@=zB_t!^U zpLz_5IuA~8X2LQ7yr$KR5nVviRnMWE0vNAM*Z9lM92Twp?s%EFn5;VB(S79i03|KV z%S|mtu^@{NFET_-lLT5%Vt=-A$Qs{}3OJ{4IzV4Ny`0Uyy483vCAv#=^@+d92~_Iv zr#=P67SHp)0@}Q;_lCloofzAM>IaB+S`^8cjexfl=3$KnRmaGpUiW7ySR}->ASJIs z^9asI{W_eks76Koesezkt_crcm=E%P$%J0dVhNRNuPmygyBPQKpje91TZ>CJXi%E- zrFrlVV?@op*Ez?BSZtvf!0I_%%vFcGu0N?8@QxFwNdvINjuRTpT}U@%zUgDa*Wtve zuBH)hO;8B}&bkK35nOF9~@)SILaalvRj@tH-Hu-%h=^ew$G{%QuwCYm?M} z_W-|iPD1C}IM=tn4dsy)OFCNiH|ZL9qQnJPChZQLx52PzW(bOFuc7JkAzsU3H%@!+ z$JGM=;@lb0l~^OTE(X9)mhNl)4Va4mXvf$07L=QCrPXl7P0_K%7}xC=ycG7L)?W8z zoI&b8LvQCFe(nk`(XCert9cu%3w6^3Y+}?vm~kvGRrQKpL!;5S$85ipzm3}MQSeW3 zJM0R&-%Z+o{V6<5x+v_RZrN>sH&3XEzOYr~?BuTU5&IyOfoU<_;j@ltM%`Xp)tys< zHwUJdO;vBKyNjg_?&?ay!R?t@rGf#wdakAuZJS1H-S4Els4f;0QsSOBlXknS$R>i) zUYT1pYs$PFL3@~ajBqY>odbJkQ_d_;erUC{#Z){e_S;j&`^`O<9g;)& zO`dk3RQp;U)7NXnyLdc2_&icF!1?gxlHdRO)l$HgQ>($O4{ok%{4%QE`0p}h>%TR^ zJ73okvtO{1NA;S_AGW96Sa$o$*?f$X3?4MKy)Q;jpmGT2hwJls04)q-{($;otM_$m zvnvqm;NIw;Y}o4ONnye1rI z?$_M;`2EI{ZMu^wCfqMvM+%iw>fcGS?!QUuZb!;-{+j6(cC;#i1x=sN6%VNyS%eEf zmmkdO&+~1V-bZ4qud6tEZJ-iwm`nOSPC6!kH85_JvezS>|6Hnn8+y-1~z{n zU7@gL_9!Lf?jYb%G|7-ObTbJKASUN6U89#0M$D$GBHE^>U;A}gIHcCTv98bz{t$<3 zzq7T9%yIz@Ub8^dGvvwnr9ehPQJm8@jsR(ebiMRcaPDNfkza zvt_A$BxZM=$gYfVvWk(TZE(Xm33|k$j10N>N?7(tw}X%}cz0bkUL#F1eqro)dp6UX z-3upwnyaYn3l{&~Aw9ek*Lu*u59c47X!%*t-MfizDizqKlelT1_C~yb4Tvelm%z7N=!aF6a(iC1{KS3FpansN{pjRFL7GV9)=EtS>$>V?og$u_*Eq{g?A!hdw!8Gr+ zS-zL^_!sS{xlk>awX7BhCC{uZ4$(D$-<-`V=;9~_CalVH&1`VOm+Hgh|6l|{+LB^eYIUnT`qaUf@hUSS&{XlXp>RR-~>oWItA#nUf;uU?ov+j-Il!Z#M*>7Hbqeh?TF?>+#P|ll- z)z}l(^Xsx$D&JEa_v`|m5b_7m-uSN*y#X3 z2n4`pY1Oz20toNRiB&jdVBm!*Izi5IA2K+1T&1TiOtOZs3*Xh|0@=@ z83R>EW9^4((#OBIwCyl|-BXkBSI7=Ht2Qkj4~vk>oQuBUwa|`5zm06M+s<9_odpUq|AS((4qVoCoEhx7wc!o|moElvsGA0&%YQ#l=p4`n!0_@m^x zYh;sou-}0fq2G>wkvSmC-j)QfT>kXgedR;-tSBG@Vf0dSmMPyC!`}0HgLD7|AB{4N zklUNhn{hk~xu$v4@hmN2rpC=cHRpMQY;s3>{T4CB8!p=WG1v1myxAAgTHp)e!@+N> zwPtC>#dB{5M>g>@YX&iAxrj_U6bBi@r=>ZL5w&z{zcZ=05W(@=&aC5;DVZ~q+lIt6 zF?(ki%6fks@tofgzK52+&Px#qc}ZFGk6RH7ow4RLnwVPg+6PfIwrWEHft%OWf9iI* zMqOwJ>g&W-)9?pzr|MecQVt4|<>(s@yrjR+^-^c`P?g0#Mv~y})XCl2g zjscx7$zO&23AzRFEbX1g-Q7pC7BC}Dh$9HhbGHbg6RsHkq+}q^!mCyOYk~bI$9J@b z39Ihc1HJZS{Le9UPw*Nq*2HHU-6Ovf7}JEd?OwHA$&A;BG(HK`3E+6e-)GyB{hCm~ z^j^= zEye8V4xDsb+}Wqw<=EYMB1va6WcZvySeK$3l1FePtYkysw zy0N)@QU}pz#@$f`r&BNA#@ht1018$3+Mt9BN-aw8Ds)sFmSW&jJG4YtDPqHTwJyG=Xgp~9kg=I*_-a0ce9fw?Y7 zH1Q>7AYmCtQkS;B%ZqXO`fKiDpZp@p??=o-5>t75+#&Cl&`uIJf@nK)3z^`E_dD3G zY-vBjoj{MBtZP6>EYmBelLQTd+C@ep-Jf^H`WJBC-jH=QXp66`d+;i^jvkfkI-406W?@d|}(oASneB&r}SZ%6uG==#5KyXnZn*Uc9XgPN%${+oIy0U@l6Kuh#BIu2&IQnA}TEWtQFCXW~OVdrLLt zv9Ti`iq<@b)c z`>p8^H|Ndl!-@izGIWqK`5qgEHQlvFc!RJ`ZBl82TWVeCTD}$M0iTH};03O7AfJf^ z7%b8a1Rzb_yDr~}m-$Gy>Pt&3Q-F-H2!oEG(P`25yKzzj()^i%dSuEDxXQ=7DYyD1 zBsl!uy~&d|-eCfP_oU*S$0xazjNKMtp;wHJJ^lK+PMe}9My%Cuji_Gbz7^dA$-#n6Zx&WfW6 zkKOZM*rOXshf-&5_Fn@uq|ypJbUdPW08N%w=C<>#C@k>vJB}$xOWZE7o1tsZ#t&4w zInyfQzT}%foL60!K#){{AaUmcKVLm+VN>_GSo?hKaxeSzDPva2-e=LB%Vr~=->84T z`z7wL*dysDfz_LVuMLhUEc7cuqg^@JN-Tzp*TIC zdBE7Xgpd9;Xi2wRl7Cusg>Tk;3;I?RlGw@P%sO)}Qj4HNHBZ(%ZLt6^BWad@66at{ z(#`_9ko^4E%*6~nl9U91=-V$?=3uciLYnoAfJl0}Su}qpbCz9SgbEYu>nh_qk3D0- zpIAV2U^~<8bP8{G;glfSfci1XGSaohZ6-iQWvJt5d+QR*Cc=itLAzWFyKF6rSb;aR zO3E@>*A5GdzN!V!aiB^Ku5{oPgaO-5XAgXdIf8a~3_%n1b$@4zuT9B+U~hkBi>&^d zZwRUsgu6`)dTuV?l)?(s(@#)iIu478z};m*@OY?6mDX4t4j_kkdnlc~?RmNqXHAkq%gTbGQ)X}h4?|F&_~o2+kJgpb ztzaf>-l+DyaE<7NCqIwfZ1(ssTbNo5W~+}2<%qA~nZNJ+Q(p>dF^~MS;JR)Zxo7&m zu4mB`V`2iAGCsee#)zMYKv=t)B2y^d;CQx&B~}$6r)E8#d^g8kqi4>=QYj)pU_KlF ziJ$=^RN}Os}cy&3utnsbq(DKKm zb7#Bajh974&f-m{LxS`*)O@!;xU*Q&WRA$&DCb?`ZJfRFExzrSp<@0+fcKgBY+WXs z(-Z6L#LLMIngvkL(qOQBbef`1p@?t`(H%#7wKWiMNA_U%sOe4QDbDMV^G{LyuVK75LJpAd69!y$Tu=8MVc%vc zNLOMT!|AuLALG<%Y7Q@XZzj1CFsheq#?#ga@q4Eqf#QS)w#-;=p*y`qW0)ipEOK!M zE-C!{1LYMUPnz0azNwWLvF(f=0ME@mrAH|{Vy`8&YdJ_zv%et-3%}&r5Z(*Hty|wIr|DZtf_-@`Or9qt4G;1{IznZwj4NjkC|-qOB80*sO^ zB81}(g^0%zT?lvMrdz$Rfd`UEEwm}m7sH4Y@@rljo^gBm(_2Q%p^Zmh$!tvA`ZlLM zempI;@iH1c%6Uv^Z$Zh7YF4m=-}{(I@6#Rluz!3pzG4Z;KWqyU zVXC&r-?YUs4F8Jz*kW``4~p+98pUu+$w)dgd~98&_p^(E9AEYlb>-cC=l%`rt~>4)T%QNH5i zyDZ1_u(zT4n;{e+Sd}Y91$}Y(0`46r zlqh#Kc{8ZLq*U;<3&B0@Ip)l2OqF)qf4Ife1&ijp1O!OY6$4bnV?ArrSpS!76+Ocu z?L;zB;CN6bH7sgdwW-ME}(EBm5@pnt0>U>WtXTQUr-7Ucma4zyna8 zt3*(X;tWwb+aA-*b!r77k2U3#pIp}WD#t(nL9 zPE%s99~{p1OpXoJMJ4$3OQ!><-c6%YbxEtjGutANm)ec~m^r^&%=npN--01%BPw~8 z{#n}}7cN{wUU9qiFP_Z7dG%227aV)6^8M~cPXzg?UmJJ6gu=ftJqhK?WTLEHvnIaQ zUuQ_KTRQN7&UCWIYL1o!^>f}g;;vMNlhyOChzJtAW=X`r;sKiP&DhncOVtCDzHv8- zqZbbWSCqS~l?el2Sr#RK+J`B8`y5o2aXdrM8iEJ4V`;n&8cLC^&1rW#BSOJGR5JyV zk{4zYjAy4;Cjc*E?sCjyZ$)(b0>DbscuxEa5b}R5G_~Zg-Hr{)HTCi1=|nh`W5mqPZFbZOCT#Z#yLCsacY}3cy_Z%{BaWF8S20V$RK4 zWkl$08b|kB|D4>=2)fhs*;=?Pq3p7Cp3htKGzay^NJVD(<`K@A-Bn=A00l7=UiIhE zRJ&Gua3y`ree#V^rA>wZkukeSy4g?o^P6)Q_!`6d_XW;*vQOhCdCMPqi9pw5_%hMO zNe-Xb?P*R1sl`1$onG}b`4a_fMK~?=l+NKk!H%S7p?~Vfei$w<-SinyLg-1Y&M4k$ zQey2qxbai30(wN~HG2K2_AAZfE@~?iBnRG)Ly#FJk-ZTt{(ly6~ zV>LJo}}b`t6{bH zcEJ}4?o>7uGbzf+5ls8x3lpi>EbutvHy$_&VJVK?^~$;vu$#DCP&;s`|)st zIK8jEUw}1}cH0Bo`nmeMti2XS{K$FJ!DB0<(wi?{j${tD-fk+r!eWlR)E!c3sWaJv zmOuQWee3qw+AoMc^|-^{EM#U!-DI?`EsWk_vS3CJoqiA}yxtmI|L~iCR~*S?{)N=? zySldbV6eegfuO*G*E#n3?Qbc?quEGI!exIS2aXn%W+I0&!E}=a?_tzH>X-{~iRN$c zSN6V+x0}u+-6_gQR|OGllu3n1GoNVrZikqt!fnf-##WXu!+t8-S^FHwK}9rGKf~8P z)biq+aJ5ApU_VPwbDaL*;U*PF4qAlEUMyv|FkLJfAAy`^uE18eGm(D^>uK9Rc^&bG z1p)l$%P05v`LcG(>FW%(h?kVike736%j0o(*zMdKdyD+?T%!==s)f^iuHwB#o0CzN z`fUr}1;2#g$McT&k=K*#%CHgKboT*mZ}=VexRcdYm9K6=d?wu1@7&^jgT|ReOnYZX zJcPWm=tPzm9*6Lqq)1IZLy(!i+q*hF>`Su^%_$f8-o<2?uZ>~cOJY2*SxS!0Q z5{xT%X3jGb+KUA}_k=%kQTQ}jVOG8!u0VQ!dgfdI0yu#l^Spymd(KIn&!}^N$OC>S z{~@LQM}}}smKeI5#CcfJVwKZE|AUbeN^^fA+5MxBPDY@nt{+eSX3(4eWzdLgfe9mm z8L|QJi(Vy#Z!^>CvI8M4r zlY>grh-HM(1Z!VjZC!ZOTTi{3jgkdn^j?V`VCXpx4wmVK)L8BBy^y zYW-@O--0S$bNPxp-m_A4xWf22iwTE%UGn=}A?vq@iicm>?@tjVPm_WYs|i^i-QLH) z882-S_kuO2M^2&+9A0OYPs_$%Gu7`rFfyg#pUGN95t8MF(@b7OnRyCB8r+WUQcpjh zL4E>%|D(?vH9W#qf1d>@7w2J}a_0dmQn*CPymN1^rl7LYZ!+FWhZ2_xx`ICMs@JZ) z-F<#KU4Q2{i9DnryHFqr6?*UCij}KB)bg#QzX)aP%W3-!?GYIod|ccQu$1=GT!e#p z;n}X1&4xGq_kzbm*)cy<2|%tUs{JdFJf#os`+CbCezmx+bkeZz2R2IJy`;s5+`#kV zI4Lu0T}0jufe)!!1Q47en&jlZ@hOL2RCz zK}Yt_XCc&T1+J5gRr{kFm^zB{%N2F<&LDS4SIDmvpVJ zeOO`2^f0${>__?Ec=(R~K02uX=Up5~*jXeq?X4f`4~{~APfVTcn2byf+|z$9{FG1v zw`wvj*nL8uyuld4ysoyf+5>67p(LbfY$X<7b>UAM0-`;zQ$Cr(T%@$^$z)&DrA$uI zVXW#(e<=X|vSgU?EMogoer-LEB5CH~!`e5Vf&!7wgzz?(5F3kuK-!y%obnPVB%vkm zLyA5}JVP_14)}929Q;oBh4=ZvEod)k^H%(vJSZV&Q)H{pVc@G4Jq04;N|1-~F020U zt%J99Y-=j%>6wM!3Ak=O55Ho9!6V9Io}PK%B4BE**5=>ksK?o}r%b&}nZ|F)Ox|fW z54d3P9Ln))(o&e~={+m>@-H;RIsX?LMi@&GKCj6|)Bp|@H`_&j~#dC?ldn2@!0?sok=uCo|xXk#PNQ;JO|A3C2&SjAlYC4zlca@x( zdUUB{rYZ5xPdo1U$&@(NRU;SnrmIO&mQH*KPTEL;CmaH$sqtYmDhaoqp4DmGk`c*x z&me|WxFPaN!w!vWC_8v)2CP^#-WcLW4_Y~s0a{m%y~7iMajc>1bY!37A-$+vqly&- zkFtxdpRFa9l*7|7!kPy>Fn_d;DSME>4x>}02UC3MhQ{HgWCRQcKiC`Ed(%Pml4Rcv zF2*Pt^xMfL{?ZiYLoIu_D!CW_gX}yb^xU0gAVB9&aH!>bN2}Zc|H&mqaDAT-HE$=s zlpnSQV_9O+3H{K`+9!lrxyrkdi1nI^vbqk%^d>2YAKm?Kx>WR1410N_>GQ7XNHkU{ zD1%JY2e}xZZey>lci^0d^`1Tweel@yZOT*f>=#cg?%O8ULmk0-DbpRCUkNCNSfT}Z z%gV}z+gReRJ;t9yI1hj9%CCGMM8C(q8=}p(z)s|0*SX`1RMzIV8q9t^Qw?&kdT-b+ zkk*iqU!JdFr+2#2xth8jdZ|L98`gOg5yesIY6eYDpNaSu*K2}a=0#^oUB|o0!;VHC zR^}xHxxts6v5wjMR^-=?`i^&xXV2v7*9$%dU^lnxzsr>QLG(-O|7O&ptjD_Y#(y&E z_u?_e+OR;m9t1O5CC@L`_Ri$c1(LNKDDY$1kA+5GVPz$(+^^ zeea{AQ_lrP25N-*VsL1+FN_h45nkfIfwYPjdBo?%$AfXc@Gj{T=6lZ+xgg~=qZAs{ zNOYH+vEwCc(SqSE$VuoyyBNp>Sb+zn4B~a7+U63z;u6{ zrFp~Xqu`ItZ{B{ReS^}BDGXp@Vaus@N2bM(kOp09C|h@wW4D^xr(~Q}t_Vk4i+*5a z`b;@L_r0tatX;nruL-lzI@zLeW+mp~M|V|u5^5S-<~&C-*94Xbl6Q^!MFb4EF!LXX)XL8DsbVN(xN|2X4 zWsh%4+4oM_j!rZ1-r$}+fE$_`KW~z~zFI7t$1ijpXE_f-ggD5=y$GN~|J^ zPMbR+Q6VQrVtVQGosm~4zw-I5+9b=K_n&#ksUz?I-sS9|&5-iCJ+YnD37`5M!-|+* zSP>qDHNPa(G{sHmTD~OGlf37xK#k;>1JF|vso1Hf?G8UhbBheuiLq((6k`GxnHW5y zn@(ytl$<%|XlTHzCzaxYl~#afM??Jn9dfF*&w($P@u)~%@*m8dy zhJXK;N2d7xmq+AoF2@Q`Z7ke%6-1R))Q$ow7uHTx4hq0y@V^F0;_AV2+Jbx>ydyRn z1$zPx@g&y2#B2;v%_+ZWKK9nkKv^!AQilc0FI3+qK-GM8%{{2Xdpkn}3ING+B%e=$ zM9Ng4pf9iEx!<(^T~~z|l^^(UG&)>360m%2tj5ocJA zcaIW0DM6@Jh*&0NJbS&H>bE#Og^cH=8P6;%v3g3k9`+&PjsjMwA_+*F|omcH`CHC=6<#}OrMb=%bxrPXK6*A)(^yb1mb1;?cS3xy4D!*YSQ zX%AkFDbI|udVUZQ#reX<3M$hk2N!(CSQ$~`zA{JeY6VjL zKF)g+Xp9$WU|z`-ur7>PgiV;ADJvYHYc@s5{$|LR-|gNX$VdKbxVS*P8m|=VKNvpO zLw7L6+zXV-c7qNE|BCvS#ef8SgigfyT2R7-B63lo#BI?`9zpbWme1P0ZMxq+6J$N# zDi+&;R}e2(1v3vI#FkI9eu$IQHSAzyHs#`$Gr%Eg6%5?x@!2yrwrGzGYkoI#k;rQT z@;{?O$!!@^-@G=G`e<6|x0SYedMJ4xpHZef)DJ}{(Ct*LNbo@*8k(t}c%h~;4Ptph zo`P+26VaOC7Xa>u^ij_Eu-njBADOw5zQqaqn%=}!I8&xzZT^@?(V%s5Y9=E~AU8EE zQX8JI@oTTEWL7XH+ZUVZ*~wsVx#`h#aAv#nYr5X-`G4If>g)fyPv9|br&~V|i27=T zxFw8l;yE4q05!lDwOOg^h$*RpCcj3)8sXe^Lv6py7<1>cZ!XOAyB!7d9Eq*hgX#K4 z?tPm6z8E`_F}H-YF;NQ;1Sh9YX^z~x3AW`snPR;nZ&jn@+*tHv`2eQhL5gU$^gx)b zr0Fd^Txm;d9Lx`_unhsbqqnjQiwA-Kd6Lj?sq>CrOEROXV+fmYTaHxhHYwgUxozkE zef0WDO>hiPv1TJ4Yq&K$e>#+JM>n=4Elx()G-YaWf|)l#;_`t7=Us|K7#FvCn7UEP zSOLieMc#dEe$KDS5JK& zlQW0Yc^!e$s-P2COrsM`F8%ZOLd>TP;(Cb8el4_;$J28;Dua5JlKW^slcjJEIOmh_ zU(pPHPLc90v{shh-mL!cX7&QtWtG`v$L}nuQCpDrQg<4w-KaT}K2>8YOfL^*JT;mJ zZ;@u3wttcR*fG9$DEK)-s?bl-;=Cg0p4Z86Lhma1F!8AX-#cYmZk9{Z>xqi27YRe` zw!}er2@>t6zgrv&#zj8bGfYjX*oqX6CHthNPAQb^TV+jiY&>a{rVsuN!+X{qwBxxh z?AddN2)H#dc?X4>6&h&&`zi*gi*kzpB*-!9uuxl9y&`*uUSJgQvKf-ij-N8FYTy+< zxF@7!#f{vb0>?uEl06U4bl*Z^G`>@Uw*DCo%NwkgV{Uo-usi_L~ z0lJ42*`xzpSUCc7)H}xy=gQ$pxMGE>7|~rUTebDK#Pc2B5Hsf$v-7o0r&dXGHw-Rx zjh{lt{C`2f2mRjzjNA98hH}q{rKGn1-q#f>ZyksTOP7YsI5^7U#`qqHLC!Tmj*_lb z?^WyrKXrCSsk8igR~_B*hIHiik0`NO8l!Z9oa`d(SJU0{$N4kcbv&9Nd~jz&;Q5MRk%gjHGKpmlt#K+I;EB_ zK}rSb?(S}+yHpyaOG;qrjs;nkl313I7M7(uKR$hY|AD=(d-lwk`NhofHhetSQb?K~ zp2AQmRl-V1yQ6(lOitcNE%2D|y+v=jgs$=k%k{0hGNVW?z{va=GZs-vzF4U}4j(^m zmF<0N<>t+*lcF<*-|omEj6Vix0)prF0xguLw7!QdPwNpN+@|8 z33wP0db|^wuB3yzjl}=n35MYR-zG2m5Eoo%c<1V$&3qu3E zgke4S{VB(zWP&Vaa&L)4Pq*ryM>g-0^ZY1GqmH1@OhIVP^X0Ag*=AD`v*R&9H?Wmj zgWtcGTfC=05-jbJeWFCSLUTkr{rvUS3iO_izh}-q;DX($C)=qD*}3y>!j#^x`hOq) z?SCInfS>6VJFOQtBv=k#;GVvl&3;x1?Q5idd^ppSCp*S!t~i+L#^_d4{GyQz=%uX( zcpyprz7DdDp{NIjn(`A#wzHE_=lOFbPA4Q<@~1spf4{Ikb&fy{1|%#Gjzh-w&Ux#2 zca$TA`cY&78PMLh)>Za`iqo zS1sinTn|&{v*t*`Vv$L`+n@WQV)aqp$)f!;#Sh;TUAkchXGUTfgrZB-T@0No+jAKL zOID}!32NT)6AZ6&YsNfpHIL#IPK+sm7Wj`&pK-Vo$a^Vpl;(a@s9TW>+UltFzqAni zmlniIa`Ty}oct4_C_L6S%?a>K5QB&6Q(%D&7RWuzut!`?G7;*VF?(1_Gd`KD-5IY=5SJp{yd#7hkO&aJm> z;|0o%-!L)Tj$k%FdV_xHHF6>&Xf+XbvBGt!sN0UT$HNmeE~huh*f573Rm1HKIX~*J z?WVc`j;+qj8Mmp(HUIvs@&6EmZDx@1UqdO1DAuxDAVsk{UtD!M@oQN4QRrs41O6I< zmhov%OB~?I<$w^z`Q{*8+9!+~Jm;BUG;@JDjbRm{sudO8KQ=Ye$GNn_am|&fHrvHjD5s7iev8jK-Lq{c?1e$+XzvO$Ue` z_(Y5^=4$u!Zkg8XO<&tA{M#B`M?Hlg#U8BVt;LrqoEV!U6+1Q`XpoAVEupfN!1j0s zmOH@$3rn!YM#{SyFG%|rLH2C1DgggiR=T$XB8MX{#@VFat9*5zEftBk^f3Oo+eC*X zBi{pa7LWGszC`OloL5Px%Nr5boBKz7drO) zk~SW4M7Xw3Yn9hk1{W811q5d{g0$@U9S{Os?&d$$I;pgCocWwA^i=!O%HJ}6eG*UF zi#Q)`-7-aHzs-GQX<{5rHO%xKM0iurEPImTv&D1`_0f5S&q&AEM||JYPyUz&iI?@5fWSWOUiwp&z~20HiyZ z#xi*T`pL$N@XtMSTPEVxPGV8WUuJ0tnIJwv5}vtldJV<{j}kq+-kLw1Dh76$J|N%E z!VdbpyLW-zC$aWix)oT#MBB7p{~ArHYg4(uFm(F!hZ%}i%ixLp-l=0KghXW&f+ISo z>AhftjtgCw6|@NpB;DMr?7iEYVH^P46!eU=q|_*-49%8TE`Ql~_x~tA6L=4to;3{o zeBr7i5%}&GUkc)(;rB}y_O4h4F(*ctR?86M2F5ygN2A4Y>xEI^rcu6}7fv-1g~qTt z7ndwj1{+a07VCj&S^?mAecOVV5MM<_KtrI_-OB6y$9JlfFDc1w=P~<-76ZkKQg(#l z%2*i6t!Yn#C`70kzrO2pb1g}Mk1b<3XHWgaq%!Tf&lodunl zeM##r3lvB7WmoCI52deQ(J8iInO80OcUhV|-$@CzO7*mzJaFdbCJx3;7R5%czPc}% zt9=d}wpLhA*c6M%rI^1u>#_I-_c06!8DXk+XN)RfGa5H5>F-eQaCHoL16V}#?%}EQ zuZr&aMGv0QokK2)$W%HG8hLP;zCF`R;R{(61VJOf*y39ZIsY`yG0UwlB-R9nHqgdNWV~K{Wn0BWp@oV zf}wwbNl~e-R~D8C!HPo+FD1@oIK7oonhIPg3yuAIO7EOt0c-@E02ES6!*ZG#tUkg> z{Z48zX8{)WNN6H2vNu3_oYlI7v7r*9Qt3A8l&^gj)DktqZi-3%)dtz zoP$;;m`vqAl@zOTpzcgfGro8(_a*FE%4@3eFpd;M%Rw6RNl-Wrx)g+(Id+pvK42)< z9pZ^TC(1uIQp=J7OH7ohsg5Q%0ZT~_btNQgaluJfC`cAG)f-uprc z((8Ou4lZ7*cKGTwZU)^=HIYc6b;~+Q<1R=qM$S_Mdtd*U9Sk)`Tv6>MO&^J&67aC? z8RgT%Vu)lE9p~{vSsPhmEt83yUgQ&%z11WTL6%$C!<(Z~RA_?n$N0<0)iM6ke8OM- z3CUUdCZ95Gmnknop^L!n-RCJze#)A#k2l;o3vwZ&-r&`PptI4VrP>ZM?)I&ze6&M$ zxl=3pUHAvhztM{LALrUNr@xLF*TS{~lmpK2UrX-|b!#%VAp z0I|2Il1|~mGiNRwPK?1zT8U3p?aeoC?I@tD^^`1WB%xTCjzfwJxmSy z^C`&_P9$FpX=>I=09tkKK_Njaj7dMUcMhp*9XW9Fjs73ml-9(p)6suh7$Onfuz7gD zA@Q6PlUpW4s8geU@X}yWNX^z72^^k+|LJL^h)`yjNFEvV%KaXLfgoa-4F1VvvEIjG zHkvE+G54T!ylQfF_w{ZRpSqTPC%iTsK>&`S`rtM$WT^%tl(mMXYRh?~+U`}p+iB+( ziUZ&2xRrp5rt~|UkbH}+Fb_Iw$NvEEK?#k(pSra`j=+l-`sm+D{Y9I2+#Y57$4H)4 zr=#i{H}!^U+tm43MqjU&Dg!Eg3Gwii(h5_R52qI`yy?#C0cQbu0wZHvi<(Xi4NpL0 zPR$`QtN18)b`LizF=5H&#uJ1kheNh(eQ4 z6_g36)PYZh1+UZe61U2yByrXw?EMZ;390wqx(s(k8Y&OY%{lilauL{`tS`?lCkm0h zxunlDHIS;~`Mut59K^7EG6XnM>};z3KQK*C=?f9P z@xS?etB317|0)x5VaMI+(SlP9TV4ektp`R`ayN))C%tfTbO}n zrWAQWzr8iCv)%P`h9`y12n@`Ah!s~b-7JYOW!;`Wr22AA3X>cw6B4QHh2zoXUzbLc zD~)@g)>hoI=@cqhSdbwX7*WU!G}+cQ#0;>kiFjZ>DpM@WH(yAm{a4OYn>&xM+3#mO z(YYVqcF(mN))xOI4uE?9LiB2v5F@e*!h+t=prdP;C%TkX<*4HLc>(RTxG&l8=Kl$@ zMY!Ms%PU~MuLxs=vNdeTD{(~0&LN?4jwX%*vtqT3p;~-w-k}9PX9!v^6UTKM;2FBH|C67Lka? zw4Pg>R~b&=Q$>J{(^;+7@Q{+=xG!-EzoD7SCDWQIW#m4m2HVj0yjRqZ>ec({sOr^tC~2O%ilz(JW$P1C?|8Kcz&~Qwq8_VKLSERu~<7Qp3z7|xfonoZ> zy(+i#Aq-G`TfFd3tcd(j2DEZK3Ks(gQ#C63NDSylO`u2oj2 z{^K7*<%*v%8>VAv*Uc7EJ0%tc*4Xa4i$&INoi^4k4bSiD1r@D7A__8!Y2MsiYUTN; zNeOmPkhsC?+TA1$Njr}pr9&I7*@um9Q(?7wjOOMy+aVvx5J2gg z3G>MJ_(@M< zYkyz7w$dik%M?u@|Lqc#r6WV}TV4$Z4J5@S_ z8q~6E*Wi>REslT-nmc(bB_OO7YB~|a!jwW1ut4HqYjWR!sp6RLP2&gi3op|J)dBe) zu$Q?@iU`%E~*SZ&t+fyBY9TMb9C(KFuS$GAny~!$NIAZ%H-<(7`wUmM44ejl9oij_L_d#K3d7MQ;|-sMh> zed1M^XBp&VRQA`fFmwOngJYb7g-o+t&FwR{m#`H=TtLZ55bxk(@D4w<)Iu*U`MII> z^LHGIJI@V1zCWfw3OE0($cEec8RC?=U2WM0qxGqZnp;aQew zNv%5y;MP6ZxCM2mC45VO^&nvu;P_nAkmR5 zZDt7KfNh!s`{Rq)?IlFU%zY3}#|!KsZhL!b7n-?Gt@>CEI5NQZ<|({+Di z!qEygRcrS;W%YiBX>&ZpWeF=Oe9Q2?F!jEN?~#*L4|S(k%Cp=4X6Pnx@lq(8w(e8# zla0c$wc502^0CsL%PoPQdZrYiurE@%zpjOChR7LCH%Y z?(Y3xMd^s;b3^dr9Q%Ln1*LyP+DRb4rQn!Lbfu6;!O{V4orFQZOUqXGuMX1;0!aTx5VQd53t!tUKHlESZbKY11{Y-Cm3u*Fn;mV zUQr{L&6=g=1d|3Gs95_me9AO+567?x&s8135#rktoiPgL`SGMDLsPv+FD~%>rPtVL zy>-n2P+kH%FSAMxl7%>97xObCYu~nJF>ueV=xWTP2@`U98p4>zPl`E--~9R3!pizv z)X%0d-I-;bt+y?FWnR{-PRw!_Vzh!7;mJaecU2P^6?GuN`^|mf?s}Bwr)+%PL(mK0g3Y2WA&HJ9=#P1&n#6syiPr0bgAReBN?Xd3V{>?!0*r zxP(aWx-P8>+Fw9vmw2=>mXERVuNs`|`3|_2=N_L%+NiM&P#B&5jT! z0Vl}o@gY}%n53m3$Td7x*~}fTEZwK2sGtvNHm_u>nI8{<#M;s}E)+T#Xr||Q?Q+jNZ$U^7i`;Cf+sm5c zeRCg^hsM36d5DAn4=F;j8bUpau3*8M2)zUGOa5E;;=Ty zS4_8RA_)ME4{}IqyZcwgJF40n&mT>kdHZvec5S4Xg{o?hU@j#?sGD zXAb1ATc6~!G=b_HL|p3bg0Z3~Olg>K6a>>^MhDM$k~-ZP8;SUDJc4B0_6+>+{H@Vj z>@Eb2NqAGr2AxAYCzlSiZR8GzN90eL7moQml9 z#GV75NbNkRF%CHi6*Q5EzWt!FYOHAm!%G=dyZOgiyb`mV=o{n2Bkx zi%rVqChZAUW_-KgBrKwe&>9=njYx7g&MjkFgejn!Z5B2h+A#Y!P=JmO} z?hc@kf+XvU1zVs{;uyS<9~FDpX5y%!Jf ztrwrSspBqO7R;kE;aHhYfFPMq&bdy6e==fIgb2?aUW zsoh_#?L_}yF!Kmfbdh^42B#JrcE4u!QqF2=y`6*SV(z(A-AAZcdzXl^P{MwqU9@Jw zC^{dXF97UZ)vRl(!f2*R!uGOUD&VH?1bB>{6U#{Ff~Se&1KQ>nNKS;w(;@q!&BE(B z+fQjx*t4a$bg|i%p5s>&T}DCs30nLAK$w#bvm3U#5El^pyBTFC=-$% zIVq>gVxW=fjO|tNx%{acO_YI+?bx^G$G7I#6VWn8TLt>P5Z0HAh73OeWvvL`%6o^jK-jz zfk2Cg+PlJpRw%R|p&|7vj?!5Z!|inOV8K~PP^8PtX`)|c29%ijr2C?poB9@X;IsZK z6>*o|aUCgZ-F^4D`8mE}jrQNenV0{+nltxmXob2PAMVWqh?{A$)Uh{z(sUVkk6hZ& z{3iQVvrq%X6)|g6YJWFf-1K4k9N{rYdm@OlWjp<|T&32BD}LKnWPY0XXeGQ1G9NIb@L|t$8{M8-NnG7@gWJSo}H%U|-^w zCc&Ry zZ#(q~PcoTabm%EQ$H09b`3k>hc5L4Bh0Uk$gp+4-$dkqA2!Ep+pfpYJ{fFjN>+Um8 zA81qhs%o?GfgO{ixmMr}g_G&evt6V^ z?}NVezJw4SUioU)HSzP$5`D+6^|ZlfMzPPH>cPJIqS~{Gb#}-v^fd+plqen{J?Jx2 z&>57CYy}z>#CU;YO{+a*ZZGFDUO(O9cL7Yec@kby8rdXBBwPIP@dRH8b$!1i{$!m~ z@_~t$`Y!xFrQaJnAwtD zVLGS-tk^JkH#T0Mh*_spMP+NrcEL)1GJApD4vOyvp869ld%%e$Kdq@|j_InbEcm^?rfMihiKj}Ox&{keeFz@D_4 zsO)VP1U$A9#f#+-Rg~{@)BMb@Hb)V6lbAbbom8XdDXy#6Y*T#t`H5S{?@Rfp_xOW7 z!w~7|qXW$sgu3&hVpg&#V6bqKJOhefI4g{vNNN48aO%R`OSRtwcqNA5t{SEjQ7TIX z0b8R~(T>CP(P2i$E0nRiUY(zc_U-G7`+bZwCzP4tj0f68%K>n@ z+XiP}&Sf|FjL(v)cF;K|cS{XjVY=NDr9Zk!9_)WPtf_%(eH{i(0kuyJfU)|~5~?Q! zJikOYsgHI!mBcKSj1>dR4CfjH9;|WL_%s4;pVzYF zu4J#CRhJJ?O$L#V7au~|+F|=*Ag^UAJ$P=O|G57W^OF~paDKOz9H!n${zAI>i zIjVm9U}%~Sg`f}O1G*XCq9aAhCRie3G;&f1tNvqunYOE!Bh`l)SRHmW#zmf@P3v6x4iRihqU*v=vkgNLsPlqi_-*&(-Hl z{HjgXarA}#kh|+KmAB(+`{B-AyG70|o4Z-jMj)_wXWySQdA6ALAKj8WPQiNO#ZFwx z$DlNIIoNLb3-aiR1hyd~)oDEoJA7Q@m5-xp?x5bDr!<=Htf!xV_@2AqaG~@A+Ypwr zn_F7@syfi=?!|%_W86~*qz#=d&hFZnZo?@OkAv;s!Vs%#8 z%j5zW)TTu+C{WLI1mP^;Lqj&P;iMMzoaF`#YQHf1CP-{An?2Q@8UPP@<;q0$PU>sK zyG9fY&e7Jr*UZxMvC#u-u@S8+3c?zSM%zhG=U_?Gi_;|;4C*n*HSXmY>FF^p7i<*I z4HX1^LNCriy!FHunUKWl-qq$BdsJzMpqA|v2+%yQXn!su+;4{e@u;C6HLM(=1>96Q z^;0-??FQC%to{7iVAc7n|tN=kj zBe=*jolj)QVcC|}{PpUbu#}Ioj6#;;-hQ8oN}~YB&A2rJ{Mk7zR|i{c z=Z*M&NU*G$Z z2pkc@1%x&0w)Xp%C$;LIl0IS&bP_%xoFt+Pb6ZbkvMHl0He}$KopyO^f+mok7;h8QMp6S1= zyVtRO#C z>Q>s>t5f$C1#qK{IM9=$xO{Us-|`er6e~dxEMeJm##bmX3sC#s22n1&iW>C-e;m$? zs}C|$#Jn-&{~Vh9wVs%^uk$rzEj4%gscq)cEB8)(9p`lPAx}{!sep*yPmx?KqT%0p zH)&}IYn4z#KbSx6$Umm5C2uN+cF>4KN(&$202}VSqKFQ~RiV6mf_S zFB0K&lI=>EBI&P>pvR<589=pdPAFc>p5j&FQ%zAc3&}_}7F@{lhTzjkhcv4R^~aMK z)Z;!J>l-I^-+0#c&UI}J1t0gZbBmni8vCa6oRnN2{TIX9e=!teq<2@rGJoSvr>>e9 z;CrDUB?So2Ct=H7THcqRu%ciFmg$0u&EEsht*-k?h#DzWg;g><@Q>zmCx70x#<#nx z+BfGP=siBjZSTC9@uQZ)v@>lADiuRIG7UBKX2#=>ZXHxl=fKQMot8sge=ZVPkAeiO z&(IZ5tZln;!)rJ2piN=yh~iJlBqbuuT0ne$vN{Ta{3_5G(=`7A&D@hsftY>dYEnjW zu=Q~B*JVrQAXwlNj33yZ@1ECF%1EX(o=W*i%sxEAK#P^R6*2OR*%kAbRi(Rmf z9*v=mFz%7OFRktAzD^Vho11e56`-gG%osLf@UM9B5+_@1#d4iS{Y~S%!6~7?Wd))> z=lWPNLsLNDeXl@U6UVSpAjzlPz4Ez)hy*PsG0WhyE4YP!d>2MFY#_uzK zE%y2d3r#QN>e(DZH(HGqg~ykG+$q>!90UQF5*_v^C+kcv_HMl zYhtDJ?n3Km7}!AJ!W7Cc!-$lrD8c%c;YyS-^T3H|{Vl_e^AYZR8+C(F&!sq(#$}42 z50z(g@Z8A_iPhm;*Vg7G_sWT2$FC{zmb=)y{J_C6?HRe#8L-$%d?2f}6@8ZZmMl1+ zB3kpatw#U0;Bo8gQcOPL~PRuLngjQ8h@1QngjF23cfxMOEg7Eu3CK)LN(+szNdCOrD2oaWup){(P&i(*=HT2gX(MS-hv!?~j;>Scm_z%t*? z(k3C;@*@a$Cj^QKi3VbBAVm_2o;N@j4aU9AMy1LI5c16Ydb&dj{TZUujalhvNnOS}JqvzR#B8r(c zhor05)6WGuCT`PK*wnV&s8|DEEB?>Og`nQu7Im6EX} zqMlboK@}%uwMkTTgnbTq_0AMSW7GiGc=Juau$T4oKt8)G!W+wC*BD3V8WK?d+FORc zr87a4+2Sg?r**3QlVGRq`je~gM>`JWO4iDthP0`r)^jfKFZ7j5LKNFq3>EHB!QKEd+O^3;5UgG z^}sLt5moSj)xPJU_?d#BxZ$&@;&;(c@|2y8L3j5pEC%!ddiB1HXr~V0SS4ZZa`xO@ zifiBZ;t2FmsmR+U)RJBmb6Qxa6@p-2irO9*d{iGPs4CdlnlT~;&&VO3i@IDi2OV(- zKcrpm6}_fK%`w!wqYpuU5`f=Rgp`OZjBP?x;2%PU1Vh?Gty_73p_^Q&)Ml+n2xY)t z3B|QLw*-t=ISK#NH=?;88Sgwuqv?34FY5kohA6s@`I~C0K`d|o8yRvBAY^K5oP$fc z{*Hye`_QQsJC&HB)+)k4FC4JJySL&k5?^7W5|Ihbe6B@$47IXpzGzpb2#kc=S*a0(^EKt}K&9j+XinomVVQw+uw4Td&eEOr6SDN|Nvk1E*f4eaIRpyr zL5qun%m z$%j`~(yAnvKEa>3AoN|iS&@hb5px2aR}%bMB#suyfc{%xOoQgmzUCD#R$?nZ9LqIq zL}q1_^oN4-nT*Us$^;v055B=4u}4QCub+_05hU!I*zn_5{%BmE#-PBKOVhmM&8Xg^ zx!C?Nibt#z*+%Ds0&{J|{#Y<(qG-!zopQhvBSpuFgOplQH~A^R^`KFCXq|dfbNd5x z$;;EsyJ!RvGn%l81#@x3-RLbTgluc|>%fB+&@(*~yD`?Wv~yu%0`g!)j&l@c9Dwz( z6P6DenRz94_&eo6Rqle1XD-?Sg$LaP2`O>}a&a>+A=Cgg532J4_1-mj8+t>DnvJ_2 zA|o=F6Emr^gT{x&lkyF&%erqSC9l)`Y3`cNhVHfTb!XKz{@$Pc-cSBha72Z8PvWX7 zFOI5e+sMGo#Cpm@X;iE|UnuxMNi;)!=edu=lG1V+x!KAwBh^9u&P+}DA8527(?9bX z7auYCIFW|FoPqSzkc>lOeH|gohlO#WF}x2m7YZzebh|Eiw~g@$O6DdE=Kfi7_l

+eHQ9HThvzL0(4!#bj$BV?Vqb z5;PNM8wzKe3xDc}u*C_lNbmV^8z%-vpa|U?jB>pQJlRl%NZAU_z;xth`U*zNcSXFJ z)BD207ajeC%fmQbjmq(5A#QwAs(BzB0P7B|EM9iQK#RR-8rh7<-azSm3%ANnVs~72 z!YuG4a^(HmRaY<3kcA*cX~T0_fb3v+o-@V5luWS-Un3|Ry2%@VkC+vG(M!mVt#-k7 zN;luxaopbCJofDjixbI%75_Ze1Pu>OT5%XdDR>@(2G9_@a<>?E9Lg;T46?F4>j#Z< z-TexDtrnyvDgTGa_oQAKY{LBG(-E~Mv`duYDJ5SWZ_D3HU?6AxsxXj|yAnC`dGone zhzmjDFWp(lHdtCBzwqPu*~gRuQVW<0mG&(@=_YF&#(ZNO;qkQKmSC2NaC%`1VjVD7 z@5{Bl`*L4CcBQ(>914|+)IYr4dlY}g=3coH=LtQIg&H zO-noHlmht+6bmmA87`?i~f5YyM6)E!{@x{49lcpL(jfsyWCRENzxJzVFj}! zwFE4Rvka0Hm&WnZ{F;@qv4h8Jy|HIMXMktU=X3T0M1h7<4y9AkIKgf`If}YEQ`t~o zQ^j=TC~M1R+{im^nMBjy$nty;@Hvc~ys56SK^sH;C8}-~v_LX7GZ$08wTXd@)w5`4gco=hr(p+Ax82YYk(_Ak_7@bWeiC+%DXTX1H!rOl{>)SQ#^XoDT z@`r6$K%lh1?=cg{z*k(xxY_jzg?8pAu0?ZdeBwg-nuky$9zJf`44T(~L6|4_soO^~ zv&}-`ys=Z~xq-o!ASZPN)rJK3cQCnem|#X6XM_nrsRnS zun94=K7g*bEf^q=8>m3B$f=TPq4qgYTzOUY+1%X)^|b zaF9Hu1LfMwQ=n5mLyhZin~nrK>X<(0Z&eR9DP4-cmI2&x9Y&-#A%RgBs&JTUN> z+_q18m^n%3djwN81NZK4xQGJ(Tp!(=mtrX=CFX3RVmV;D*c)0-W-o`|U<7*Xv-B(c zCgZex^wn*}Dd;tPfb{2Z#)lun%r<-M0DG+=?hb)!XK^pAP28W>>Gik2O>-myp0TIX zT>i*)_MOx=y7J`qAML*ER2RD~>b~t-I=FKV7JC?_x%vp@g-ITdd9NI!0JgVq?pL@a zPG^np2GS+$`$tOudLTOfc_6lHU{+REOB8G;(G`dwb&N<8yvUUV-V|vSxko+>c--y; zSQ5e3zBHS=Ds5un^yVr(7hqkEYry90b83b{xyInoQNpQ(gz9&h)Q`VlFV5ioRAst* znh{vG1Ap%55G8QlQV-3G#!wIpv2kdghOSym)Dz>=i;2>`9$<*E)wntp6xmP||Mrek zJkdFzcZL@Eo9C@H=H}DP4pt=|hqtgH(^sVB!bI;o4i0Vi3^Sf)PX@xR+5m#Ddn$7b zYhUMp`oIcvq6%Yg3KoA*zmhKb>_UtoN4du26t7p|(D;@TX+ZCSV>{v{e%~ys4=42i z6&Vv62lCrpM_N#DxP0rTl76&xX!|xQEzB*n0S(_y{IwyC3yt!|)SOYQk$Cr1jvfr;>q1(fKC7=U#2)3C9lN2H?YuMPs{< z0*z0W0N#j}+gOU)y|ME#!1BciuHgyF!)kNzK5m!G3g%tQ-%fG%pKk~9?)h`T!?6hu zVAey)DuoricgYMcHE~8ce0t3l5CU(FrGv&cp0{|aE^IYmN)r%{2-YvZen;Xpz5bG0 z^HPOorI=Tux?X(WCm-iUOg3#%%1GoPznD6{`y`~3Spz_Ga@B;!82}Lu68aUt({spN zIQ(0}clYJi4O+S*&E=gNrXzdL*X;|2b&dqQkDG`_0+9Zc(zwh0v$4O;+Yd&^G^k19|?Ep13ACS|1)u zZ!S9GQdss+vEYPT0&XfJa@N{{Qzvz!5>11oN|J_Ucrw>Pi&ql+*%pOvEE-vHcZ8;& z$_9RCjJ;!~(!g7b%&dvEX z@Sk)|=(I(2I}W4PxE!0l4+UoSa?D0n9kuohFMYgY50cRKl(0o?^M4#j>heF9esjXQd%f6!S`NDP<2mZz3&6A}6*i$8q%v>@U& z0i0l61xKAg#WAM^{h(#jgzwv+dsCF^$ey5-dH=l3yM@EkAEJplhSIfjD~DNHjUxQ< zye3vTdit+N&Ap6Vbp%rz`&aI3ZFKq>il5@gOIO#b0OIT$ zB!hbV7+_^hVccqvFXy}$6RZ`vcUdJm)iIy&wZBgh&*P&Z6%0J!WTbI93A&y5VcCWM z0IH!9#eh@7sg+77UqjG`hOeK~`&n4KSM5}6x_ak_X$7#q>uT80SgGh--;BbI5aCe|M`z$Hn_a_J$T+M5D-+lO! zX)G%TI3@h_SNGulUyp@wb|8FS-g+S-spXSBXwsTgdpjXV^jG8OEn}9BDE%`cO*j0!f)LRBvQ4~d_Pj(H?k?H0;zt#3 zaqlocVk};5k4SS&0PM8NIfJ*f3y6CU zck#=R51<4x0#B%SvuolnIxBRLl=Xj~fiXO_p30!zx7%P7a9G|iT4HIHQIS)Lf%1Uig z{Tw3G(MPnGY-EL@`5~gMVqM59)Msz_Dzh-{5;{Kk6G*QpxS}RvXZEwF$vjR58Pcd? z1s@Effc_4cAD+(>@H)0QRT%Yhv~DmjOhCpQPSWYAKci`SVBo@Ikf*Td*8Y%{Q3s4c z6SjUT35#)IMx(jHGV-$qSmrGO%NBviy?j z@g8;&7{^ayp`>7F*zauToTPA~*deUJr;4C(zxUxOQhswqN~*-ups`0q8*?7K`@#)D zY_iGQnOiLmnoqWWU05kF0$n#6E@_Tfl#>tK!#Wr9L=N5uvLE?BY>8i91)os|%;n$g z(zG8%vP(Yn0i1Q13J=V;szhop|C&+kWOpda{-z8qzAi0ZW#!6|cpGeQmrqTW-p$~N z@J#7V$%(6ca(JL;beLMe@TV3$>xD`A1PZ84fWyx@3MSy=9*-M?l|53&1MT!o2-svR znwib9`4a@EJVh+mkP;pLThj>Tg>Y)m4fp&)j?w5IcyeZjh*ICEpQ2_3cT0>D>u1wf z<9eZwm!u7mvI=S*_nsc__O!;zTymq0lvT8zXu z;1q^ls%@9O&oKWjhYHB#R=hq$;T;a%0bk)Am&S2*QEOgVL#}HM)AZ!KN8uW?<@+&`RMSC@{`(Ef!4@Y=ZQ8>cRd!<6Q;4bF@4 z8i|wMdZx6@rO{SpVv$`h=15`eV7?LXjxp^zXv$ZZt2(!AJFYOky8cBClh!x(2@I}h z(rEntixTMWq8aN$nn!+V6N&cKsnEirykV5qsLBVA=VNH^D*fN zu&iibxSx8@nF#Pw0%@dPy7nQxwBrd!2<16C-mNpSXY)D4g<^>C>nGzefb)LkX109t zQoy4IDt<$V6{}+6rcz;Dg{7?pqE)DV9HpA;TSiSsewC_zeNC5o1Uw0nKF>NuO+apb zZ8R!kH6T01x@{Ym^ab?O&&f);EsgHDiTyzjGSoz&4<5#2>M9tP6N`!dTCpSo{f1K? zaG+5xaq-fq$^S|BwR12=_g!`{;mY-X?ZBv!AKZD-Wr;|=3!Ym`Vim-MkNBCS_Xomz zD*wC9RJk*9GvO+lTMn=_3duIYj0X3UN7MZ?s{XA@jW~);I((#G8;;8_{mI>5NAsUTYt1Kls27sqID=L7{CF)@;*Ug@z!B>>V zdh*>u89sNr0-JYTA3osD>Tw8p=7G-UR>MhHXD9qv-2v z4D|650(B}1;~bCb7yopVYLv@~2>y9lfk~XSAM*7m=2mk8pVm%l(T4#xXGLpm6}J)M zAQuJ`C#SYhG;(;?C(*dDGLD2AugEia0#toU%tS3>`I=|}>MZEr-LFGAq9_WWfJE|5 zcRspFJw*C5p&YCgR2f`fvC8OK>p69wC}EDistI1tP^s7#9>ee12%>)-z3wGPKJG^{ ze@4!pMA@H-yOboZo-@?kb%k^LxTH@1vdQ>HzvblV+0}^UF@X zz0xW1uI%Z&4*nMs03(gMQPPn?Gzhr8Ok39X?r&9_guwLPN3kQ7{C9P6kIN-sYp zeSUSyja09@Gn6d0wO02Hbz0mZE~j3FQgOa~E$G?f4hEKLCVTq)A6}08*S)S?B|Hrb zI%1cLy3!*ZtdoS0l92*F zw#8Thn;r+cqnq#pH@s^|S4vWx0OL=Nci?_HC}lK#LLI-7$HSxg{O>a!y)s8L(Ch@2 zoMZyB!nK&`QBqAbW_Fd#gLQ%R_~=L8mF0^TeKURWSLL4yv&N+IR^cO=$*kP-kFC;N zD`5W_<}*rMv5cC1K8Q`eE`iT{&<#P~>_*Je#(Bq+(3Di@KHmE^oo^P-ENF*>WJOkj z{`ns|YO_kdxNmpalz*Bf9-(Go)0p?|C&KZ}kg9XVkFn$cA=P5qG#Hg%>MIzD9zPZ2 z>9F)Ts&G>E+cU6Do4%qFwo}e9c6yd$xA|rQT zx@8|zj{esZle9AOAN#e?xZ^nyn-Do|(>GNLYgFDYxfz=$)t(0n>I0L;AMG^Z5`Z$V zHar7F^_vyv^UL;gPlNBGuitKfX66@&&^C^|DaF!p#5(bRM7@PW)BFGa zJ-WNQOF(*bNFyyuNQWZ_0y=thH;6Qd2q+>U-CfclHM(Jp?!0$C-*bNV->~;y&$_P1 zrSCB<>K#_VK-yjW5T>~j(-0E>DPWM4@tr=^wxoR}^@>iOCgTehIXn8KxjkpIjgf;e z8lGVnBxWd9;ZOHxD~VU_Pe&U^PY*}E(kmxT`HgG0 zyhqLOqWUtj2`{0uG-bQuoRQZ+bo}fC#6a9w z{$8c!Vq3HNT;h*&4ttMsB@_o=b2>Wy`gB4?#=A5c#^A*dQ*X5(f`5!pTPUVncV+Y( zD!(wSJbMN<4ng5W>45+mgkITA{Hw=G_kQhT_^%^CXX$R~#ZQzMMA$o|7VEIou=9jL~bNn8ZyMEtMCY*e)Z3f;?0D zmKr-UClWr0r}KUttW>f>43bG)Okla+>N0lhqj6RFjrY@8`pH7Kp03i5BLk1Uj%Sze z5Z*A;qem}sv%uW~q~TFbTRAWyiqPGN!s-A1SW1)PQvcTmx_Ka2iEl%pS5#-uADv;- zt|u<`Sf0kFCOj5Q#3ZIQV+-zdHNBqm({(d_RiZpB7L*}1y{9PRlR(B2$L5_s8S`aT zvX1mFpJsHyqrJabQ6p>}Osjfpi|}ZK_q-P~w!5s{Y#kM){64;;>0Ve*i@Xd8$Zb*3 z_-%66@VddC-wz!J@Vc|?oN;|kYp&4ihRVEve9IV`RXZ1P&)-r$V2QZLNwDNOKorm#2xj&ABhv*XQ<~CFI0! zD|)zG_Lp1xuvH=m$RQ%F>({)oWk(rFWk9J)$n#z?^DCzvj;mrq(dbGuw@CF_i4v;Z zvaB9?((v{4ueN8mP45Pf3qQ*B$@yb&H$o_tDCBjH`#IfvH7Qu99r4uc@-^Y!2P1mY zJa@)Q)`Hn3sl^{;)XSTxX9Q7ky32Q0iU~ThYNgzy~LAvQo?@Ku~&v=m%%B-C#wH zvdu7dG}+S%73N6!&~(dMs@6Y6hJNIv#TzF6JKL{Ej#=&goZ(LJh zQ3IGn$OZ^$YB<54em9aGcm<6s40uy|Mf2heyYx?8_ESkQd(@IlutxEncU%;oDkM{^ z$03##osvIsySzL=NQg5-mvXr3e_R{B95`WH`>H|*b+3iWavo@kE^@%7c}SQsTeWGfy64uYL zj{4^lurr zkhLl9ygTThSvQaEKV7G`)6QtCyqI`1cwJaBrhrU#(jrfmu_J+#Pu$tNZoZ+^)f~J0 zvKQo(j=|ht^brw}$YJ|hs{i`zy~WOb(%DWcfSv`jh?#ADb~x=y{JY zX5W|niwCjyQU=+Xoqcg;^3m9l=`%}=JEAyAy82iKKvPR~O8Z5JKMNTS7+*}4}A0=vr7DO4D z6z1DIqSV$1Q~Kj^YEHjVYfzLq7~dG)A0b|i1EBq;m`%z>wGIqrA%yqm#1F+@%dz6Y zM2!RYMRfw#t#cj+9*ljCsSh$)tT56ok-N>SQK}8Erz_p{tH-gGK4kE{^hqDm+~F*~ z@_uWhq8Sd+RJQCMP8Y0(s_XsJB32uIt7rZ{54hyWsB7xOoj`YeM9Q^!*vjs5%Dn{UR+J(q!W zrBa+MsHAM#Wh%>oGxo{Vh`V~;!G|J0xp)|*;Yq013c2_dzt+jgEMzRYBjM4KG_sk&(>_;*%-US4j2$ zs+k|z95I1MZB$wbc0Tc&7)wdCzY*Ozt4i{$W^?)mW~G8F?q>`D2b1YG8<$?m#rNP5 zfy(`~Y3a*$W|{#lx!jS48EjM~?dpaNxB8lsOBP?YDljTg|e4*R*Ta z0tIF5I~%V_cMMPI6(VOkY6F$-K8z3Me~kJ~=JTf#!u=PuUY>c?3Xt_XWA}cl+BiI(U{kLjg&ntM=Z|YeogjWN z;!^wxO4$&%U;mJPWvhWXS67KgwW(iC2|T};7x-LIPdN;sAS z9a^K`RJQ$7MWmu%xrtQS0}W*4M)la9=Z?_yFK~o;@@c(qDlB2>XJd_FlUgDX;Kz7m zquml5XqbA6qEO@t|xe=fx2-zZSYW z_xFV$tFKifES(GsY#yykP$9D6OG$jfL*>9R8SiDlcfe)7ic^?HsR?m=!SJF=%-FDNrj z9MRB@5 zTV&5Frq=G=VeY+Zzm9Y@Fze=`C~HRDg!qOiKmjW}iZnkN?*ctNu5{Y}Z6aA?0qusT?B2_lRu{pw-*g zQ38Dt6R*F5zomYZ85K0>K3P0BdqzofL|Zx8I3k#LdXmXlXd|C7g1ym@yKb0%H$oP?&TuPT%=zjoc~cH1#n4PZa54knC%MEWrF*`zCey&v8muh;aB zcPj#>n4r$gmGnR8^esA5P7@HPRHDZ8QvBfF-yJJcpQS{JD*9`1coKDdY<7}#s)Iql zHV+e?oOOQ+05&7~Ul~$}*bVdC<-^V+<#yE(=CFm{K^=xH(omMWih( z`X~xjM(0(1j_2$67eEj{4mq5|Tm&#uI%DAz|B(bkU3HU6^y>C{Y_;96b0i>nj#82< zyxLAq?_Jr^{YhD%45Y{VIPRh_d4Qoc8U$JHgaUE;9twNj)T4?HIUD<2bL#|bq9CWx zLgRn~(SuW`@8h__VQA@yj_me*mFuJSTifg0l}Ffhbo(j)bzOa6ZyLSl?{ z7JJ8?2%~h$blpNr0zvBGTZFr4fmUyJSHkzvpZU^EE4!Xkh8t>}h#}RiFgnNVd2j^8 z&r-=|R(poq)vkKO;T3Iu<^(e4O1z2pOF#)$YH%7SWjOwjF)T>?Z#11d4w#PS!MfQ+ zco~SDDE}z9dk}iPSKlVcS$!7pMTUOgomA)oUonlt;g{DPby)u0xa@VugBtVMof@Y( zC$cpT(x$i)SxK)=qsWm8z+dqnLZ(LEY6{6u=?)}2I2dR(7=VVc_;9JnlGi62%qY$5 zIE^)mE4|s?b}-lFg&!gYcFi zOk=I;v*qKUG2iGJy^NwrWW`D4u;HMn!ml91QbftgM0m+?7Eh%8CPYkHgA#3>ODqkl zMtZn(15&jR2Y-Xta&xJUv1wRP@IvDPmz#j(?$M6oGh`v?Rm{aA@x2v8%5pE&4K#s1 z+Q|Z=eN*!9J7ZL8iQ zKL0U%<(3xU37Co6g_1N9b!54S!pr~n9T-AK4gXa=YSX-yZ};12J8Ib9rz?~s(V}(+ z-wV^=XFdOXDG`eIo^x~ZkI8}Y9HKsbn99I?b4f?Id3t>LciW-={k)Y^Y!osHtH`Qp z=Z+G8L<0mdHWJ*aq26pvEP@EBTan970&BQ9Zqd}FLt@{0g>2rt^dpn4?YD+qne+1;)AGnTD)fwij@dxd_Sr!cwsllnz`x0e(7#a9r z+i-PF3prZOPgp5-H_4%sj0vYHE|tQwM@YJ)`FdSUt#a+$M)3OE(4rAQSnK>={5#Izv`V)q zOo0NAp{kSRnjkAHjjvVo)N?({!{@!|w$?*3xeN;(+1qxDjfg{Z#qamjQ;4;ruVBGH z?Sv7H3jPyH0F@A#FW}#AK9i?}OflfTc>C><&cx`^OQHLEJ)^UXl2x$Tvp1$a7G;x@ zSrM-9Qf`lT+J<8K!5{~;QR)Hh(sLD0TZ6mJABA(Zp84W+DFq`D*7#nm zTGIn<3QV6y3yn8L;VpW_b+t1z3-NK4naxPj4z=@59otI<0>l}kCgPjFE3=nSP4nnc z#|Wlg#(c5>Lu#gukonQ92FQA*yDi!6aWW}QiKh|>_WdL_22`Gr^a3PF}ZXZF}l}x+HZlw z1itS1-9%_1%7v4W_AjgwO9c7JK3iF5teqaw8>P{$u<-LkeNG480?U~)@H5Ez7t(TT zFk&r|VhFPIzUu)Bf~vmf2x)LCn%^fV^Gaei@u->T*@2R;>mGeCR=w(KV?n#L=o`S*$qRgY%s$q&5qdIi6r!D`o*} zNQPwR$bF>$`E%&H$ZI*eF?hpM?P!$CA5SS;X69A^*^rE^Up|;Sz@^;#UUe+Hs-)EKQenw3$v9M%xeR2tQ!W6g@ zx`MLGj1=D|l1$twZ{i?D*IxhgUV#U9oc`4VW$6sx+t`*STKbLr%E(`t5hejY>%vl? z9emHeVX$ES)=VlM>K4>#RW3+?3bCVCGc{PCx>lN+iek>J`Q?cFy3U<#>cD=Mnv^8t z&-G3c1t~j&y{X{mvRa(I$zGa6YWw8OgOLLVhq@}EDs{`QgiRRkQ1%~k88>HsN-Eur zYo+|Iu@?9ib!9&F$&WXz?l=|&)ZQHK*Qn~;F6x!*Hd*d`K7}XZa(CR1Q)-7QfolM* zHy=4`)cTyQ0i14)`&~4*DAljXSw<$iHD~sB3 z^`z}V)aBSY?9^LOtJZ=kA0F^_kFqhwyxBDx=tfW>wSBjH@5kB|bthh!`Zp zpKdzG)=${DssyDw0v}t60;qz9+8)FNZhtVGRU?bcLuWH!5pOllqy8VX(#O&KlK=O7 zknMw8EuI2b{HJ2|-W2k|^{9o#YeG?&`9ndIUJXbt_B${RtRBHA1m<+F`8y7M+o!Oz zp(}3W_lgN?QN3BhvF#C}KcKO}MS=Tzao{E)*WaU)8qFE3Ww%r8;dcXB5fp|(BIrn* z877&}8N9CCjF=)&y;wtvu;fFWuiX0c1NLee)s!4)vs3CHg-~%Js@jb9sB35b^ zyL)5q7D8lEsA$=)UtV>Jb|F)%SFpL>`u#lNInsLT>zcpR$eVP5**&FH#v~oOR;4mm z%knur())DU@qV*PxYn@e9&fCz(h66$E@ zb?+poVQzG-hkM+V^P(5nu682dlaKup=x}s-TsQCgw3ppFdk6zQZKy6318ZX`Y(xtX zpOMo8vXnf4Sw&^490r7!%=7)^{X zBN3V&`U21YO5h16&+PYHqq7@rKJ+dZ2Vp4H9D9=Y^sq@rwAO6lA-3#3Rm5nz?iJr^ zj+me&#Rso{vQXt7$e?(mtdNTJI{HFA(F!}Z-=kqNzPz}QhrligZm?}Ut^ajGfFzi7 zoXf{b@?6lJ0#o5$L($#l1*$5CT>ku!91i_VZy(LV!PG8=KA-pCFHb*-vH;^uRpW(2 z3~tF~oOuG}&p_PGmy3kqYcDc0bANrSMY@(mCcSZa;B!#!*q2Q^vI*f`xv2PFO2M`% zu_!%KaS7L`xxjONcNyI6*Vv*q8eQHjWBr6X;Y>=dr#>HYshpk?yv_p_tT_Y zz$H3_?|_kKS{z6EE9b_P6lGsru>H(5CCT)KU~%=?7AL|KCc&REN*|~9EQzgjBtHE) z1kx<;*S}`R-i~?{<}{f5BeP(s@W{wCp4*Vi`}r- z2a@98A9hE?bbeo1jZG>T#%xY7(+e~K*&7ODwa13Y&T8KId!Z1&CeS@sQn8cX|P!qq-o z8_h5q>WPQ+7IFArw)LN^jmd|l)ruWt=66@R9+wcw2VXRG#-|_ljy)`^9TF$2sce2~ zi~R?M=Cld^FY~N;3d!VYwm(9VsyzCAc;qjsW;#iA>OP0XTX(i?!P>Vz$%704(|hyq z8AruRiEWNV+fg2k>FaYv13!9KyR3ly1^M21mnCCIx&@?`t(M=5GL-&B$A?wb^~M$9 z?z3sHIZPx(G#;*Lz}Y!#XmqkG%ha_3-5GM<^Cz;QQ<#MFG`|%hBTo4XC{21r5ut)c znhyY>`Y9ct5z+UqJca7o3bqrqb~4xXD=V3zyFAPIqxCUf8hS5y@ILD4_AtHBE!%K4 zlMEEvGDu%of!>YL&UU86R>4l08aLEQ)5^Cjh@@odUd5b%fUKpg8C86Y=!no(63K}^ z&m;}Z#{OJvA6sLYrz`_p8YqKLO5Sh9WM%x)#U;7a;e+G-CXLiu>m3YKQE+?;O zE*+L^>N^_FLg-dj0v)@H$CXfReweD5uz=WRN#)G(5m>Um#UJooB}?J?Ht=BntZl%4 zA3GsjdTEK|(buI#@-TkCfvB&lf^8!kMTzorX@kXV(M)w6T0&288%aXG*elSoJAx)h zXfQUk&p6fZRZR1p(@g7g)(j{UXcphMc}IVQz-rrX^~DN7Ii|yBqsr4=$LW&KdifR+ zVA?1SzFhOpfJB+-#DG1L9CPz-|8^o!SL9&;ddX+Q_w(h5YbK`01LSH;1Synl{NEYa z<0$%HC6ib@OKr(4oJsma@5Nk|r_s(;V{}BFIB4BSd(ib4(>!Hi`D|5NTLco%LlPQ8 zaMR^llvxyUDI)y5NjAj3V;WNrnf)d&K62@?1p6USLJtIO^lZ zRY>TJ|JEkLRt#x-NZK7GTd1pQI0_!yh9?zw2cq@IR6MgA1Td zlx6|cVmxE}-r+F7)r4^!o+uk+`E<~|i)g6vG=s3HHOhG8>t> z7kXRn{%+0+ar{rYcoASjb1{jlCvI$F)@Kl@yRktemyn9&p}=YIeJLJy@rc$3H|#5s zP3N6l;EET(n<=RK&l1wCR=RU?CHUVQvQCh?`|i!(yW`r~<(QiraIWRLhmv%r*yB)9 zT8I*BkfuDub(luUK3%7`D=A#Emt1ne$^2r#x}HOFb%C|befm_c?37`{w~`HceHqD*iBUK}wy4bFA14D;@=;8IFg*9}wZvz-*p1(S~*3OExn( z`9}w`6Wb2(O1^Od&xXVTl&`lL^|Xpo=DnLk|2N6ST**qYGU9>!Lf7e-Yz1m(MXz(O z6P}`07pgqvKbC`3ednf_LV7}_H#D#DJO!IUdf=ZOt&HA!!M>Q^`Ll{XmdQbBk=GGw zM%i#*M~d#WH#ufzz4nZfF&nYGR;b&z6ws$?qV*wNMx}Ne|MNDrz_=(VLkHQvU(CF{ z%YR?YpHIGi6|+wx*=|sh($akkb$@I1oj$vWPvSLdj6@MS@Iw<1&Odv-WX2gQCK-ln z_SuEMI5$M(eg{c4>kxLP*`ZYMtT6!dar= zjtq;5MC)9i;6dZvR0+y^d<+^UpIwV#@&4n)_Cwbs>@3i3^tjGUQ{@k&?U{m%mUncR zGeR_8+_m+^0A^g01Lt)7s_EkyleGq@GN8Y_YkV}B?M6($EWRPxQOwM;KbkD^Bv+u3 zb_Fu~##p8nmG@nfm2zAi&7sD#M#@tp)i%bXF+h12%-f65mfTSY-a*Uw8 zSyTznU4#2lHj?n8Z`P7_0Tus9$c%2Xj(v(x9bQb3&POo$8GOzhr`vQnwKK+T(%x)x zoU}>4Fn_+W($|r)@Z0;_%bb+~BKu}k9YQeG|klx%{4wRwrfK#`0b z3;|`R%iE}va5-xmYkgtsls`QIQ8I3q>ZBdIPS-Yx?(2WDTYKC+LYRZx*-#&K0Am@^ zv(_QOl{=I6U;<(nHe#4UnaT#Q^(nOgj1tUklK+Lxf9Z|PZ*YiaBWUfD2T{1RtU%xJ zl@%pOZv@{8GTJfxIsx7WUcEoI4y`4#ue#jjDU$u5*>olWH$(+F;0T zrh48!V&TflffqTj^efwKo0^i_yC8k!4C+5z0J#k$xEYBqlXxbRexC}!>!*zc=CevN zkg@z#EDJ9z3l9f@ePn)m?bzu{(c)9Mkvc9Nt0=1=s{`|HCceEQfjWK|_7$T^k011* zdw1lpZ+LNWE)3F;5V2EgA;3GMuHvVTb%`YAlJ)0x!OQ1Enfx!}cQrzNcc+%y0#bPB zaZR>=?C{lUlCZ98|5<&)K$|yufv>d{)N+jRnuqgTb8=UAuC2RyEgxYyn}7%0W1dKahBrLH2gkw zbwoo*e96Qx0;?vLc&D7oMmqyO7fT(N-!X$uIvT3!=65p z$>&et>!L4S+x;QR9s?`ycP&Q$oVRCfUC1BL6f6p>U!Dl9mOK(DTvK<|^6`X9u=)W| zYT?FSz%YDqFXdF~v{@eHsD()7O8ELC^7?A!_?20eALWq!EWI-|PB+O^gZiNPC}0ld zE{RI+12!@41%QNEFxe8Zq(b-w)IpPX3=|T=Z|*7A+(jk6G;>@jt_pnx@AS;fe6^oe zsGo~#7*R~>=3s!m3_7e4dD-g7JBo|~3V-}UQmQ5zotzNeQTfrlrV-3hB54_YH?wya z`?i)j^#$$xtg^#IBgv~Cl|X}^?XQsjb@|(lX3G-(OTGgG1v`LppHJndS2Msk0}p1R z^l{+wstz|vztPUXBuJRKp(~L@gKYGTTTr#YLbTuu#dTH1hN-XWx7i^ldE+;ncQV!w z?zjWlu)3;uo3eGYyOBu_7FdaL%vv7azIRHRKvDpTCsE6qkd*Kt>~qcR5xbydaCAW0**RSoEh7pS(A{b0U5J!h}Imac9%7lb#a}WFL%m zGZ>sGd(IBsD75U^+j?VG<%RXQT74Bj5u{5pVE}w1@lV3*-|8FBx_=)cu*1ufVXM0N zz*UcfCBMO*cWTJbm}0CcM&(~tV`=|T@aYg*v+ z(K^S|Z)jq_lWCTK)hNC3IY$x$Q}e?z6t3Tv#tJH}%qqlJ=vQWGKsV00jfPnZIPx}9 z{eL&E`~iX6TjHx1v*wt{AIlFlLgcAuN8bEa{JTB1Hh4louS!IUAad5baP;Wn>FQBn zwVQ}BGIzy@enVmto1{M^%@*bzSJ3KxDf;>I=xRy(J_a(MZprxV+elHCwO9wvVnM+h z*7W%-o{aInS^&ndl6S61wWls}#oZlYmX%dlfQWmAC)`KzGVTp6TIvE5S@v$Enr)^g z#7j75J~1@t_296>OG?=_wIi)3&yC$s;e;}doGY1rznNFk=G3d z!vzX1{O-sH8%Qna8WOdx6)GV04E6n%zKC2sV;^nvmIP%EesSFi%qlDzH_}yOtoMv{ zQH+>u!K6CnLPd$6_!VsCc8rI*7i9mSpY?Zr)K9*+d*iSsZRR&HLEuoRl;P|+b=Jeegk{{uyIwM zu9B27$P$=TOw3{SkCxl`fU!ZU=BECaCv4Xhfu|<)($!(Ic%Ike=}b`ZAR<(6EoIt( z`hQ*~`#pQ`f9((-NbdEUzuo_czF=MlSq%rG5kMiETX&>;t!PUmBOfN0mGI8K13mO* zYBkk7R$0l!G-PAstD}oGzN?HiYp&xm5_qrc@DnJG$yro=ww@$O%ietWO|Brx3(*(f z0LS%8pt{7YSIT=$j3d9)MlX5FK9jf-8F<5Q8T>*esFoT?i4xT5&|Ftb(jC)Pbc8zau{{u*D3{*mD(~S}m9&$CDJ*FI!wj!F21S2KjZu2K`|Ys% zeYlZXq+7!oZWPAn^qH2UZAeV@2}6uB=63aiI=O}Tvp4;INC=cBYE zt?RS4?O_4^RwB+HKXjozfuC$x(gqtpL0_OICx@%)&;MF;tZp91Rcq$P&AjYAe|G+S zKDzVKM*;n(Zf@`KE{&)&0du^_Et^HL`v7SQ{v{&i#7wAxH6s@`Zko}%x(YegVtOTR z?6WHInMpG4f~|yE36D3V`X}7@C*3)|t^2zuzdWggr&FYw(zbuhs(%r{6u4S-gmNqg zNQ@cKTWLhDZ1zpgO-%pY>H^huBIm`x-aG zVc!r?#+ToFa8O68(b4(+luuWTR$#_m1Qh4;>jy%Q4OpOSI*{x*HGgttD5Ne{GxqDK zpJMairM(w2oD3rYl0fG^#JQLh#hW*mckPtDBZ(*bel~IOiNt>k5qV7DWwD|4+}&}s z&$4VlDhz;HZ<130o;zyx5}#)`;N^A3Qh4vwyDkk~d+NHRtOQ%DiGJb8o*t?Qo&hH3 z%HrnD&5bi6*Ok+Qh2B%zcgMCB%@j5mKY8KvV&W8r>^9V-#yT9#se%0}Z!-<~p|hzIxj(G&c!0A@E2+Tke4G~1g?@4QBfDT#L8qk=Xa za2X|MU!dD!w?Zi_soaU>G7(xQdgul*3gyPqUA|a@o9;fc)!?6-`dg?j>`M%dDOz6kW07jDJj{#grGh1ow{n`It_H+U~+r_W9OkD#e z2KevHf7hLWv>ic>>^8!be?-9z9L?8qiO3ELFb*e>*+^q``z)Cmf9nc8q0Kg5cxC|e zMHB9i*Q$b`#qQG{vcLh7<90Jym}uCV&PR)ZjV6CMfK}uuuDAw z*qL7^S1Q6l*PlfG4pGtTKgOYe&;$IKh!X#>gkUdsD4?Joo!T7z?jaMXERx)lb}Yh7 zEOtGv#C1{+y)vL4KI*jsL3+krMQTvU8k`}#!UXpSo?S7fp4C-WuY@G55eT{D}G3}c0qDEe60;>khJ*~T~IQ`Sx)LWt3-4$HBH zaDMDJP9fv;oX%v~0drBG4g@om_Y#EUUr^Fj!5?gg3lGmnVijLbEC)4!!#R)0eEsTe zFZY*Lp+qC|6lF5r_;4;G=8qdhy{I#~+wXd9&RDhy2fGL(SLbm%AD|gGj4rlS z=Z*bUx4S~q_MbQ4w2tFZ*=AC0H4%P!62X@D9VI7QT#43@@osx2=xHR%JuoOztnnW} zKh@sOf0b`xJm)qN33Pcpy_j8*`+J&N$#yto+mSF3u|oa}Tv=BaGT#{P0Ftie%1lOK z0%(t0)NF&UBqRe3q`$fRV$g2Xd5N89nvR_Ri`zr>VLH=^yqNRAy0h8M1`<3tc!;kk zmu`jOI>qXX^trl;^5rg4%@9k7=)P*%=S;VV2nVAhG1D~Kw$}KCuC&x&GiLbuQ~MKp z*uR&Mld+<&rOTZVKf<|=`mJ_~Ch+m$yDuG@aikeFY??JUzeg|WIL2a+=1GQcZB--1 z4edyccSbOFMhEEB|-d7nNhc)6`?mEHpS8>U3nZo&omCSK? zvOt#_iS-(@K%NQ%p7E>F{Pdz3^I5KJ3C^GZx~}%wZ?<^nYDb27 z^v$?>HWdagT%T9y-bqctDDOV^Swt6d>oTtx{&;K8n32HguTIG|tpZt|6Hd0+JUmlO z!H;^+XXS(jWp57+k8cJx(5OG?o zA=4?|A6%zi_gmhPwp@=hDxf22@9*cx!*P^K=e-SufAeb|L|zLjq6}KWg{Wt!;_xMs zka-8|Tz@__N>`wpU99_>pwH-{ykEPj+vh?DN~P^MC(m)jKr8hY(m&us2aT;>eRW^> ziQiC)Tl3NdmXUJ_O9_+0#GU~%yK9_X(!G+xe8$O^#<4;NVNX9T3+nArJZBN8W0w-sdIt};|NSD2s{PK1#B6G;g_Ao*d1=WyICb-CtNu~N#$%DX-^!v>NT)DFW zlKUl?tk=&IQ#wgT7_Z8)ZqB65P$eTaJ?NK){ta=0>4LMl;RFKQ`bUkEO z|6^&IfRG7_zH)X-cg!!)_J^)DoMr^o!r^2yP9I^u6{dz^Y7YBm0d4ryn44G0Zg&7N^ zOny*;8odxMCZQR7-s#HnUExuO3o|&bV_}-pIyY>*juClt9xrLegz+^VN+~lZ%<`{K z{v8nFjKZb`9^`yXtk95gYj2gvlW48JlV&pup6f#c-9LI{>Fu}ZY~6dfy)U_n`yfse zc}BigE|R}kJUpN?;lIMPr;~qq`73PH`8N&KbygPXkukvJwKPb`b4w1NkPl!}bvw;! zcqAR->&|g0$;#QQ%^D?77}8J!VN3eU@~!+~6A)TIVg(zC6r5{E>+XG*^Dxb3EblXO z^|X7T688T3T=?;PjqAj6`H4pcdXIm3l+mwtqsJ5lL=AIWLNV`lx>FhsfM;haIPOxn5<&3wMmZ2=6rL&s#-a{WEAUC~QAB8e< zmux|2#dT2~3!LlVg|;c?yT|A9(Tt(w?wri|P8SffS7YW{oXQ{1AEWFPl$MKQbW>W)2Eh|wNQ@+s zdTSZJ#Uz`3Eo)!Xnh$cu-m|&teeNty_z6FPB08h=*k93BPx$RxixDucbcIese+P>K zSDCWx(%byEdkOlCz?3RO5o)|p6+^6muLzI}q9^w&$#{7!02#s?;1X>>EZN6N9xuv~ z%eyLd-^Y4IoAaU}w|bPbs)Hm}n)PS(U{dkPj(Xo1VT4;2|M`Q1!m+9-PMi?(&~_5U zgu_K{^t{GA?1F~09A*_n3t&|162-(1Iao}I`X0SwU`y6as~$zFbMGAO<)D5m7!udY zkaGBFjNu6Cdg)NUAX48AW+Gh^gsNHf<|cxQBRh+v1^q@C_1YB!d})TR7`ksKM3St@ zW_20eHy}SR?*k#+Db{Ev=4z=7LRWVgjUNO+6-!u-e4h_}=;4vNMb4yeyI15d2PQ&qc8)V1yNn-_YS&e~z%WndL7Alb7Rh6AqWH|4C+rwkb;xM&&6Bv3}bSktwx zvp=3~zkII1Hy~wO>WI!xki)N9X=sMhq(}cM<=vtP#Q^a)O2PTv+e!@NL*vRDw(^Md zq)zeY2h>d1Uka%W(iK@LY(VaizibM$Z9KiC`i>ff5!2n+%2 zqv(WWSOrgHYSLenxHFec^tERt`_>>q4o+MUtvQwrH8NZ~?DdnP{!Vn^zBTQE)|r!L zv;=mEZq7A3Kv0>zr!9Md_OG+zcQ^L=r0A31Y9KFRp4Je}RBxEvIs)INAOX(ycISsk z8N&>Bt$0ZnEXc|iou-!9U0(Li3>=8h%80Sy z&aU)Aq>SZ4urA_S8m*L}dJZy0!K`EqJ*J+?`~R4F2lhI^ZfQ7b8rwD++ewqgHX3Kg zwr$&1qlS%kvSV9KW7{^r{hafh_xkSNFxOh^o>^;#KRmw2eKvmqfrQ_gp!@SV;>xDr ziAYl`!gH1@V^>S~rVS*%he+|K^fLB8JBHh()TjTGM7(2~u$4fq&4>x)NbM$kO%E0|PrBa&T-n>A4Il|gJA>g3DFG#^5>MZVkJ=7hp?B2o@34=S`B(Lj^n>p|>r-$1-=vm82q#&>!Zow^afU!Y>?_ z*#xL0x_5@YYt4=9qns#}TBCZ(H^Y`ez*g}rbW)7U8X>r--793dfj%*#(Op(&j(I{4 z6ZoOQcKsqzsA`c7nkG%wXTe|5p&i$_c*|HP@M3hCy?Rt<SM)&ljnXMY}&UO~kbR#JU~PMw_=dc**+zi4@ob?$`!2 zt|JekCq+z#h}y8{!dtA_Mq6F8B8;$LlAxn!^x+_i?a~-W8dr67|0TnIaQy>6FP}O* z{q8ybfdhF0%TCm;&A~_}Y{-ZoLtQWw#Q}|c6CrtfU9yX7p;K0hcj>anvWm2gjJAu@^_r~dE3YF1rxP!g)QXV!yux! zi`Yq@eNHUUxQ{F2tfwHLAMwiO@|otX5o|4Hn{&Rq0_`L04R-LyjXLU_@P$U#ctNQI z_e)(Ch5yaS<`Mt+7VNn#C9akvm!7uspo)YO=;X41#yGVXKJ7u8(e z;T}iS-%5jx!V%ZtX7o*)I%^wfTEQPf@m|4v93J*sI#YRCpS4K9-ocr*nsZx-mmSkm zX5Wk=CZ0X9Vb>uz0V`q)tRFGxjcpzp8w<(yAXuYM5G}=@Ymq{nz*=;@!DuQm@trEc zy!(?90ei(z_)PeA62)eDg0}<$p8Gxb?$CT5h$4rvRI|OrR*7+O;i6@B>sUK(O+2!~ zPfvNh@0@%;85{;c7lM0i<= zM1SE>m=5$|Vu@Gf?ucuGJGLAHk|_ZEtXDIX&W`@h4*#)rqvJgx9YZt^ulZnUbBPCFbh(Z6M(|vCI8^FsWp6ng8AT-Jg|>5gkcPRcA)~$z}0Z z57^*dd4Jf%gPEF?9A+9@e;F9D7psabP383#Aqaw z?UagXM#^r^*e1+5uARFv0^!FawzuKWSDCfj0Tr-2?l3Kh=hfyW_>GeUsT?Sx78P9DL3;NZ4+6mPEZtrJD{4U!4cLoJk%QugT zMba%P08Ky&Y+gRY>BiS`c4Rs#X^D8aABPj7{^NBm6%YoV*UAUun*I*U4`Hv2lQ19* zp^JhY{y9Zi|4Jo44QT7@_fbCj6N%g_)b+%HaM89QQTi^BXyowpS}=VK{F%Ht{LliM zQ!K9MFa1c|?IOqUB1QwB_8g7u%daZK!h*J*=J>nLyE{ma9ERUo&Oh4c^|3G@x#4VrENA{PczDynjcl!aPyl+6JmACIUFvHHo+; z8>6;io%l=3b(uS34<1cGADpo=ufOaP7Rn%5<2@S{&Gz33(VYa$oTY_u=S+U+h2oYS z`JX(P>?Y>Jrw}>wv}kDf1yrbNGz&#i-=NhYW_yH&pm3pZhG7m7%#Bev1t78sCXdaG zECpzJK^xXkqWlaZI{6x!bD@wBK|FFXBrwuQFD; zdzxD%ptYgvnV#330`y)rZiVhp&IZ;rK#&;Kg04{Gs6^L8+-u%p`i7A{aW#Y%A3m4{ zGk>14W>-5Qpa7mXoTUwviw&HiQZbIg{wC<8z(xJ2D0J> ztqZkBpfd1hGjG_#?Z3y~LnlT6LU4~dwEB6l85gXB_tZrFn4X2GF3Jk>eg`vd0*l98 zsVh%|Duw0`;Ljg1F$dwc)LHoHA;zTQf;3B!tlAen(o{X>Buw-8E$XCn*lZyF$hm8^^rExSB+we_k>l*ti?B;EU z0?tKc&E=qevhG$Ky(g&JPG}7>>oXS0F6oyHJ!$#*BTX5U4EZzS0RHFbDhnjev*%=7 zPY00H?9z+8h^bO%oFbx-oxH#j^Sk1*QT((-$!5+pjMEba;5)Ve=CTrJ=`l(-(HElD z0l%coo~bFrWKKS`S280``G>(3+Ti6$S(sEA4Sc-XF&oG92^_;2jW^-8as_!r5Ik;_ zWIHF9X=ganqF?qhuIQbWT|@A}9mPpMtugMR^7&@e$G=yj2U}lPw+uN-1hZf)>{tN#*n0axLpws{VpHEu4glzU9F8Xwkiwd^ZDs^c2&kU#df95gQWn0Y@!Tt_tI`N$MBKGfj^8N1L*m(Zrj#5)52nai< z`J>wB6cW?LEP;wk9SeEj8YT4BpM>Nb*hkW3QE$(kkaT#>ZYwj%O| zQ7>!OwcT;r4O}iHK_UN5d%a!=&smA=uotwfyADghXO2Z;*dw8;m z-j%_`(<72NB~wEXY+)$(&M>a#kZi&C+S;CqaP-HImY`g>Q>lFnd1h&70np7H>4wa? zLR#n+8@UfR%)O|dPu@CG3`Bi{uoYwwvX4}SL}rI{O%igzoDb{2&awTB1^q6rCAZ<4 zNt8p4n1;{ybI@8)7V(Gbmr4lv>W5SdLVCA(2s!+^v1a#WItro7gR^0E5zjos|B=R9 zwg+?=xm;j{L;-CM{a^{Ug)(-p>AkvE18YQ?Z66TkwE_?vfGyd%?9@ zPaD_`&0mNuyD~MBw+zU#9V9Cm3p(gX&2zplaHrB@haiof3r^;hx5)X1V1=y)d-ao} zuk@uZmEq&F^jfyI^in2lCgk1vt@%5)@;uolN#i)YOcJl{GBK*@0e~h61WvDgLk&g5 z-AmNcgD$_8bNmXtc3@D>H*m7HcE#nxRI=s$SDh4XFHYsUc_7fYlTze9v;{Fl!O9_> zy39td;_zt!1Z6|{sK7GRGz@xyvzeF^di=4S)(j6`xtOEOs`kT-5Dio*p(7l3<~|#} zU8AKtT_hbdF`*E)eUVim{+cf zN`A_vyhxS0vgTt35Q9ksqwDGrU&wl`Y_PpLNx|qxX^q z7jM)L^^44p9g$xfjlD;-q_*ou&mSecw+#{X5A#kF2A#MrT9;oReY)P`L{MPyfx`@c z{W>2%m)r5_f9d$s$kF98pJx(px$zhVeZIY4_5{2jUiQV*wqfxYbbY?_=yf?HMf!(k z)y>SefZMAbcu?6eUJBm(T)yA-C~}R{CLnWl*0ylcRvq(Z z*)HBaf!LbKqFmPUuyRuonoX%#rmd!y;#bw|hjpvkt3{XXD$xG(RMt}0;S`;%no}n^ zmBX=qI5%@Hv|(ZB{ddF}L0 zMk~C<-V1RHNeH=E(ljyBBSlPh)-qN~!|3nUej1vl5U0G$P!0nQHBP0oa6k4mh5>v8 z&0v5DvG6U6a2wGEU>DNe*DdY<j-;i>I=DXh)r>%d=ZQXH+hUL&@J%RQ zfhVZHH+b59n8G0$#3?9n0uCMUz2QJ4^8IOEK+|dk6|CU?7!rpq46nK+x|MPoUydr> z39Iv)Tmd?GGI5=~*hPhzwW!qr%{hi6ho)+=Fhv6cOMe3+dLj^3U7Lj=_61L7-w;9@&8Tm z`&R?Lgt#my*la1X!izbIGm-)REuB(06Qpn1&S}}cqn5#3o|dsQwNBuuSp7l{G7zwO ze!#N@II5?-nr6FCgEJ)Gm(pg;19bi9G9~#yBb0LOnQIV69lcB@*WfU5quR}Wxw@50 zyt&!=yTP?Y!pz=M3@xhUz$|~#{*v)g2r5X-!=lBJwtFMQH6K&--~9yd8(X<6Zg$`Lz>sc)^Woz0QeHaG86Iyd+bwn*+i z5%F{W%8ZQ1SJYmLtKL{qX-&-BG}Kj%_kT=P&T_HQGY5sY8M2H?=X!Ror!J&JAmcdM zFc>>*ZDG~cx#RkapG+NvNdVEAvi!0q1)-KkyKF3L*;`Diy*f+WWK%-?R6NXxE+V%| zX)mFK!A|As5iSP!%?+W zD2+3bN7vtY3v{+4jmWh}#=dD@3dR0o5r*XK*;)w6 zY&$3OB=@Yq$tpRQx0IduaP2BB^*JN82RQdNk3OM0_y%Nxk0%HsIq`(u5n@RFU~Cd{ z`__eEQF`m7&m$%`eeM|Uy zGpvcPyy?>WCC@W&_Eg~+A2lW2rp9!&FhXm?5l!Ut-7p4h2Cxy7gL*L>mvQ-d#H2-} zOrQ*(8DhGjgSzNt?@sQ2n@G<_dF-yX`jaN?+vsM#P;$Fu z(3b5xWdi>wf^lU&k8`-0%f^8bt^kM=*=q0J+8R(w+^)K`8!dV;eOO1Vg~ZOIBwqc) zw_fHnW)X@WLG@r2IpJSF`NEW7n8@SGs`CC&hO|kytS3^1Rs6DK@>I z3PTRA=yr@`w5gfh@}Xe&bXdqQA_5nr?KW_!01pfipFS6+^2jJksn^-Raw83xC`mg= zEa(~YND}yYcIi1eZOf-@BvfqFjQQ0%a)#v;k+o>1vgU{;yi47+f&prqFAYi5 zU4yvUSP1mCqA0~Q-H_J_N${SxL=j2&Lo2jsD zO%Eb@qsrU}$gZz_*CphXHF?vVF_YLscmmdXJSlZL;0dN-F$z#fJ7cN_@;H~dfqupk z*<@RecddxV*-U5<(Kj0NPiV|F+`MTFx^hf8E`rc z0`A6FG6U@JxmodRL$mntm!|gYsoN`FV-oX56k4o>g}-tt$olNHDfo8VmH$U_nzVg< zE`vgzGp0&7?QaR{RAG}IF5;F@8A&Cgj%@y7FJ65v?+e|tt0Wxhud)4)M~?u%o??M8 z@7RMAhBLSsGp3fc#=>-F4vkj$xe!#QGSNiw^1W8pv_coR^);-Yw!veS@taz6Er6It zyVv=GyLx#2Lu7Km02sd+aA%81yYqADPJRgfArm>dPaNA2k9~`mXo?@$Ae_P^JSkHY zSjYV z9|C#mgtBLhy$thPJEqKP?ju&Yo@!GErko$|w21W=p#E#=k0HHy4{oo1&dwYhnI{VP zyxqDOOOG3O>e9I=WqkKR{16wrK6eEtc`L@%xt7@78hXN>wt>NxN;kXsnsdxU2t5JE z@9JR%=!=2{8$D)FU@rDcDrHRBNHKl-QQnaPmp<5ilpra!%!=v{ zbsXnfUOH@cv{CzWU>vX0o8%qzVDvPPes{Tn_|02Zn9MED`iAQG?<~CH77Rx* zJ(W?oGGy@>w=HuL#CDi*?Rrm~647wl=NlBal3w3V$ZNxm#G{GlrvH^=#o32<@C;0s zckW)|5S7YGZ#3&iq@1T5lA}(rx0zjamZ4fcjrk(aMuW>2!$<0b?a%vhk-&gAz$OCR zRSW2``;HoQ-6rx#E~+A|sRddS6uyrGw{ z-*|@W;%+DWQ*RpyDIZbTE<)KWXjjLJ%-aKQR!v1UEjC%`f9Cny zv>%imgOm!|1A91eBoI787*w+H$wx7d^rx;aELGG`fq9ENND!1Nj@U(XnhXO{#r;sm z?4oO4?6?SrJE!CAWytemq_gj8eP)?tu4PkZ^`WOlp@KWCbYcyGbaS9dAVP{sO$yRP zOCAPo?qScIW<_!_V~AD82*U3c-#C{%DIBk!P&$pA)69dFPX7Hkxln`D3nJ*YlF0b0 zY&sGF_+|=ebz1p^^PDiJD3Z3<=fD^YJyl*@m~>$N8vPnfZ2z!l(86M{L-ha|cWoD^ zR(DgM@b7XA4%n)sJbKz52eNRLJW%+(g+bpz3@w;@?Y|<9nC-rVs4!d@YtLU>Asy(6 z9+Q28ZFB$5wq0V3_9~M+2fsZ9sq`h1y1w6xv+uy>(CL0UerJVa7y>OlA4nLJuo<-x zZ^nvizaKhOSb+^M3`wi9b(Dhn&u{MhDla%y`9c#XRfuPHi93CgHGJ|Kj~);*n|6w4 zxGLT@Gfb&O(kt@zdowQJV;sy@dcXM#x;;&82E1;AxTB7wA}y&!xb{bqcHNQ2So-z{Cy`63PgUiabGG^Q6*gwQU@erHI1?mYZ`2{i<<= z2cRl6shV_qAks}F`*_;T4lK}Lyq0qN3AC`BkJW-2PlH=Frf4myY1ig^Ayvp^RQU^# zl1Kjl1~cibPXj>j1OTvh&rsJ988<$Bt>pg_f`~?Hk&XH0x_LM4kT6Vbsr*PZ*Mmp1B+A@g=PvwS^Z~XYQ7Z zPK@_{t$c@ZczW%gD1?MOSC=Ah{%NN@(fVhJsQ)~%h!!B%w?EMsV&LVRCB-z||MfNH zEI1BF{;|foEB-#d(To(q3lTJ~O;e3wzM^ks;5J~cea*C?Slq9bk&h|rha)eB_E=pn zmH&Nbg_=)A&ncRi-GudQQMW--;D^enMqW~x7z|1a{;K=&HvZUQ?gmM-BSGd~5k{X^ z=sxt-C@G}PAWl8za~1*~o4XtIQp@QIkT8WmxjcY3qYYcKlVCdX!sr|}+7~= z&q%Br7ZMxk=Mi`h>1)L>US4`pVa@r0%pbe0pdaE3>xD;(L*B)oJ)a*L8mEQv*>RYQ@n49fy}w zUt7fp-5y*BQ4esVum6w&gg^y5X?)3O4T2;L8LR*Mi*Z2=Y5Or>AgKG5G{3iRMfA?Q z^T0DRScJf&WvFg`+yqAyWEb1%e$URVCm6E%JjF5?@-;p0VpQ>}DR>LWE?OZg;pQZ7 zr?IIB0?_7`1-l0&o+yb9GbL#MVdk`1cgzs% zOsjjy-`JkuJrJfnkr1ThdqVWr)S*e^OCh_Wk=Bk#Wy@jBS?pFaY+8H{2_|*&YkuTw zYk!VsLq>4PatZ$c!eZ5g@i)BY+L#|A9(d@ik$ zbCdmpsmKJx3|Z+G(v>%S&^V8J_1dE+GZg#uNFgi8_^qr%qyRGqMqh_67VS+2)ycH? zz77~~gfQ}MAG${P)YAbWa23LcfT`$O-J^Q=8UVPHBc7^j6kebj2v!IwJQ z%?^B!KHUuiH3U3V2F)Wv9A)%t!_81a#>apztO0lU=Uh&}Chf&I47{p{D_ctf<| z{-pSJ@%d670ntIBb2OSnIjk$l?o9Q+kgM1v%EIMdaKPdw-&5#FYl>ucgRE||u#Q~T zf#1oe643f?0`27)hSHWHK*8hA$VW;D~(v4F9J(gp}^dO*E zkunDw9FQaBcZ&T!=FJ%I#>FQ#RF?rzD^Mx4*C(GONVt#?1-xEUQNLFjZHXJrbi&gR zcC?lDh#KhK7H^x@X-ogoIird7!Z^_(Y-i@O5!A>WIyU9n@Ir-pc7(I|C?>1_+zT(o zv!Ko{Q?!6TL`&3^$%!X%hCs1^VhW>KvWBRrvc7@IRy2=2;-yuMdcumxLZscZVRoOx zDb73>DK!0Y=#Q&nLHL^7jYAW>?WwT`Tv1=@yKZBSq^6*QDjqJiB&bYH){zs}0jxzZ z5h%1xH8&7hbw+0R|C>o9SMk(0Dq^x(Bb;jqHMa|*=#;% zk{6c)&ta3n;}?-bn#Y44%zwKkB?%VZT?91MX7X#Hst6e>?8PTo`MkRTo@82eb;^|Jq1; zaFOhuJOiE{Sp4z&4ek!b)(`^HQk7u>oq%7_Q#(m;aKlv!RSriTQz51g;yPjyZP8$S z-Qd^EFhA`X>aKDz{A}QLI zwq?XARKL%=;TL$OXsA#_ICyZ?W@T!)oUxrvs2Q!wra0ewkGS`$>JD#zm+y~vy_1{SeG-%iuUDU(Xt`*HHYz* z8PtDJ-i%5-FeQsIawwjTR8nITyE*GqVwM&&A+Um^c3;Jwgp7#0?VUrFceBb%tS2(i zPuSV(&Wq$6Rd~@CDW%_F5DuVQuHVUCfYRKn*)FO z2+c+Pk}>8U0$!i!=)JEw+2(gfZ`7I*c~8GT33T5HJ!N#?kaxUZi3&Ph>XZ5{{&jd|>j$ahr&jF+S1MM+C2U_L_(BK+pU2nu=l26P8tN=+N~I@YtgnTh^9pwSDM8!C%!tCY*3ZQ1X2gbeUL zBdSfP>Ty8nuX8cNk-)z>m0^cWa?YWSG`(&f%i;AC8z%chZ{c1@9I51QIoJVV>Ns4X z=Ox`4;FQ2t;^Xs07WafW=rLBx714A6ZV5uQom%vRC{fm zwHzGv^Z1j|U~l{)D*DRXXOS7s<43i#GFS^-&ue5dVM5n5VLS#S3e{4}5kigf%Sxsc`-KpuG)L|dH22X+l-cAoQH_#Q-QG8rcj2&o&(zK>c|wze}?$s9N|BOdH*R=e9oM^ z*MAnZ#`nLB>fYfPXs_f(sAAHd7VisEJP7uw#PcXwMqEtTO-3z=M%rSwTmAIu?36gq z>7)T$BuDDwws!VVpLB=fE2zw)z)!00H(vug8QyM|OPs|MO(p+ykE<3UlN;YUIW`|PlDGlUq_iQF#n#t8VhXSlak z2oW(BR}DSgjm9v;8#ienrv7bLq`mS)k6y))aYXScVyt(~(_f|hp$f%i4UZp(*^ON# z8raue_AKaw;->7m=qRl?s!4Q@VsH}*GaSQgl0_XwOs|+9$%_>s#^LF~{TdoF*AWzj zr@s3w@^M>>YV19x;xz(b?cQPHE?}ID7!Syl^{+hTL}SDVsIexursxIe$p=43vkc)x zxkx-B=)z7-+65rcM!%*O*ee8k8f$`zg|fvcx^p{x)2)^B<{yty^R5h%OTp*?Uo&T$k}1${pcC}!Sc@sH z_WP+q3K+>Hx5s8VnnWA)QpnRZNS#JS-cKTwHL1{Wltl}Ze>iW}m`Jv?3yB&n@HBjk zS?N9BvDtRGqX-@W7FRENA3v`aw+!EF3VNmk#ozGY(#JO!i(*?9UH4I?Iiby!yqa zU{q;u|E21ykoG;U73uTBZNaHq9k8WS>5HM#?=xO?G0_55(eC>+raw~+M1JV6=jr42 zf-t1KahoGyAjJWaz5zIF=>_NK9nBhq`T-(NJ9x~w{^;GWE}MbB{6SMxqQ-zO&RMUAZT}MIVfQ7`1!S0dxrY=VIgPSc6@`E(s1LI?~ zz?TG3;L^4!%)8BcRye+CMU-&7;=`{pE?-zQ|HA_;MN~ST>@hrbd8|cT1}ysFr4kLO zP9NUSZFmX>JC*58iz}9@?awPd4{~ca zYKLXT*{zv@x8hfD*Kui8mB$*j4iGM)T>T8&iz})ng6j9*d>FD8L_sm9?DAzID22l$ zI?J6^&#^5Iguk&1g^CVIJ+ek8f>ETYF$tED&DOMCI2-#{?&S7L=eq0}8^uDtO9M|d z+-_LB)(A`Rpse2>bke8s`wg7COZ}@Rg7P2n+0yaaB6U#*0C!B_0g4r`+Z&~1acbG= z3(Z!-+X=eU8Hv~zhAEe|DKnEhp!2KDzNS17$9PRPqMoXEU@zgr0RKZJ><_2p4x8AV zEc__N7Z^Mz!y2-oxOo(6YRT^u?#O`+zYT5eLwKX8#nfiqblog|+^4-XS~n~WZ}l)E zp`1Z6VO7-HZmlp_T)iQdUwM2y2MkokWL(cqcfWxkJ^~>8wZxeZ%WMDBLYFBJSN?Yd zi|}VNBDwPkxexh@YCOH+7l#{lhi%%oDig6}@y32**Y!Ttmp^%ZfB>i>7!!*rS+|qk zm7s}QR-xOK)NNarI0rL2@H{&KmtG6%06p4WB(~U0vY+rUNcNE{FCYpG7yq$SU1{1BK z^DNo#?2^=>P$rM$wMelFJ&#(S_XWFiFEmremm$g!V zf3{jEk`AYQ)w+_q3?Kq&!J=Dj>t|m)rQw6T_X}r!LbLmFW`?m+} zRAOxs#Os-DQT$p>!xP^pZfkYg)c*M~#D3j=%B4||ccg;+v3;jXp^k=iv9vL&7m7$p zZKTGY=&91RcpBs*QG-&_{}UGp+W1c)_C9r>6Mt=9EPB&ce*ZalWUF{oea#oUm|W#Y zXA$mX7|~Ui6m$#>gxE_&RbEXlqTv3<-*PcGgE3XphO!&*S^ryebH%(kTY^AIypf#2^r&%54w0`q9UATRKa$a>i-Ta4t z#1CJJYaN%FTC^U%={P#=8Z60V|GJwe{Qhkyt@qLYc-1IYRvYfLEM2x*+N?TuM#sJ6cjWj_`Y^AyPq#DKc-SoiRau6B@{ww z(n=eW9!23aG?qs>i-z8n9j3Q|M^kdW24^%_wruFV`v#!VaDEGfsk6{H$V+Rbpq)Kd z%CmvJg@?ZQ$|<2zuTMe1FIQdyMXlLT#3lx^ol>Mhf7&VsSf_vRy~K4#VrecLk3_lx z;EdHi9-b@iY(GPXoS-Hl_9a1g9Kz{*2-%@6JC70%OBNs_)~CoYu!j9)wn63&L#_|Rv2L>(48v+7KK}sL~ zpavHD?GE`3I3ToPpwF}p^wF0vE-_a};Y>#n5_%>M%faB<+0=5I(QUGyp%xg1JZ!-{iRn+VeF-IJoUH;|IPoP*)@A7I7xi--2sE6k*?{2pK&(|XB&^gi+R!d}SX;IuYP&Rk48nnh$& zGYr>tMAbh(bVqBZ&2zvFFU?0%MO@C#Ar7?-OJFl$jL>Rpf;S~DQXVyGCf>a4=R?dI7E9FW7SE`|fE@+aq{0y6t|@ zNSDBX$IvPO6I5&5 z^-bpb?tcx1vWZf&{n}I7v`8iqvNhCFq*&;QB+`iEwVKY7-*6{?}zfn>rZ ziN|rx7i82I9cZc%tjr`)Vh*s$sLh)py9fdz$RKRLvPK_$AVaZmDMsC?NMcK}6!ab( z8hi;Cx+4_{y~$rM6r&bNgHMJMZAL^mCNTrVPEL14$0>Ed*lHeio--pAbdWZ+!(o6B zAS+7vd{N-OYbQrV!6pQ-HvB>f?!AQ{OG8`zjQhL#J|1RK)`2 zj?rtUG(ct;ApTut;Jp&PWqIw;!(!S-3(v44`gega7+Ze$B{7Q)9Uj+1%{oJ;&7|{GGw0NwUAR!$roQfYH=M z-Gn%UCfPqPvXX|=I>6eaMfmY=c>+Kk-}i`tq?sZCqWHlk!FW)iZaqzW3FK3b;RKnt z6d&1x_f=2QRDrO5=`OJp7IZkJCng%YVZ_?JR+%+a*GR1JQoTK4AGvdUsf zpIe|e-q#^GFZRNZ4S!+{Ed134h`8*qOQ|~!@?LKgi3f*hZT9Vke#MO~HVUht&jT&J zE4wa9oi_1n8MZQ`o7A9(8dRm&MDEYI3JM$nupqhSQbYg7=FfY+FJ|J=iaTiH3HcD^ z6bPUg5Ep+wyv~AbaDhhzqzX0~3u+44Hm6HZ^N4tU2iS$CNCmvXy}OS~1F6a1UDrtG zoV%2Pc%43)ik7>;ow2wY3|Vh1`Jd@T$#O$Z3!ss8wn~J|@=)A52{%b?`d-GuKgig{ zHs&~NppqQPd*@&t6^?&Gfiw<<~ch>ggwpw2zR7Nb+r`z+c{E982H z+p)XvP2#u(sV|loEC?eqfR;&eNqW}M!przl0k3|itj%s1Bem?A15*o|w*_uajU_mM z=Vkfa`o^qiR_>$G@SdrMtR?=X|E?Q#zDb)QmzaEug#5M| zSnuKn|J!E#0k6#YysB@hCrg8&Cssv6aexcJ0Iw0)P_K=*TTf(imGil2akZ?L(ZIH} z$iEPngH%{@FwuxY92_-BGc>1SwOXPpzkB+T{!>ltp5?zV9=%@+OHTv0|`B z%|&&NXG$wqGnaH+l2sVRCKU8O-F-pii^#h1O%df2!qJUT;Qu5Pz3qat*ze zi5j|aRB&xZ=ri?IFzXKw4IB16{rgLIxe~FhCZ&9#lNIA5djCP+bF{~|_B4W6p{V!W zYnTLS^PY9AQ$YPjAqp;eMgAot@z}g?xVC#?PmY*9_qg$?q=A1*#xQg3z1)Y)i z8Pi5UALK{hEtR$F3rgT;t>04-ix0-t8ynvf*kBJ8I|IR@ zJnI6E52OZw?1LRx}UeVqXcea z@;80WB%ht0j0;>foejN?mpT)@ezwGGXAh^eG_l4r8gbMctv40*#2B+h0tskls&@dRKEHy|YXmP@dn>miXy0$h)Ye6R^4F9 zhW@BCz8TfzGqUQ?K3{+G_c57P#RadxUg~|Z=8zFxiif8WxKJZ5kf|Al%XX2w6?eOb zt@VAuV}4)0#mj3CZU(t;kMM{@2`P~d#qWQ4o8$4r{{R&{G5cPvE3FG1-RFZ>8p(_G zpDUTbWytVo#G&VZXLYIA9}vbsU?yEusFef4ym+iU_Pjlcz>dT~q=>%%@) zR0RtSJ(vF;VQ3eD^rPqRmE3WS-x5sRLfycl*y_|jGbC6c^&JVnhDdE*+!{FEBbHfg zTa~I`>&T6AymYKEz7O*faMjvt+(Q!SS9ejFIZhVklrEqO{ReM4AHTO4C8DoeL}z8geYrnrd5(An5Ze&a~acUBKo!6*!`D`r<=E)>@) z1Z@(AvQOX8$kfsU8?pO!j8|fZEh$=U`VKV*Y#(85*qCfr z5u}D%rCL4XojUUpaVh+sVgG6R$~kI?1>&KWSn?q|1v|kr=Q=6~s{rJM;l7y^pl}e8 z+#A1kk(tPxf=_j&~AojwIUC#<3M0{Qf2MLLX+HleSE-!;&>WtN|#ntyDp z;}&Xp$tx1`Te;d`Hh>1tTRy5RvIA$^#({T-EL&q7Qf%#x&;l2mag>`koDahOaF_m9 zByT4k9i-jQ(3|r(J<slr5HJ8$Q#J@18UNPj| zD{LBIb6f*iNSHAxgN>Yh2ZkrTKCMkt?9a_3ByryM2)33(0MfVNr7wZgc^#quwhP(( z7gqDh+*%j)&u%H4%9@9{RdS+cFOgXZ9CrTQ^5llBcM(LnNc*($vuEHNEIe%37SzY9 z&q)WU!&_@)!*I-deNS|J(p$3_YO9Y+T7sdNr)v2E!K%2llejq5%#s7g$=aN!dHHDo zCTb-CWH-$V$gg+e@rKL#bH@mPl915F> z@bfXuJMEcy7s2E_-1XPT8LTg73|nE4uu4LK8|yxKi6R0}zYR$K?GrA6&mh_Suc@Mi z1RAdLBUCOn%`8}B$tDoP%wV93#}-l}bI{nEiO_2||L8vURIh*r*eL>uEdi2V7Qeq*TMqu8Jaxj(k3kL;TN)HE$p7K`o&Gb) zcT)a8J~bvSjkvpO=XqHlMMq{+Vpl+DvUAOa;L{sKK^yM7JIvWyU)yJOl+<3KzqyfV zebP4Z*Zcsz`Tb!o>UR0VIWPUr>9^aU9u-CFr%#UK^wgxDhlNjr1Z{|XJ>_>SjTx*U zrCi={C$p=JkG{Xn?KC`H+Vhbx=qU{r{~uG|98h=s{hh6wZQNxnbGc=#TDEPwWh}R> zg=O4qx7@PrZmz}W?)!Vbzvub)^Y{6@&p9t0FfocHEUT}%Y`u(<0-k9IAF#=sL7WD{ z){%Qs;q$^EiTJ#rP1-jqXTW`br>FZNcl2EjDf7uW6BP{+wXA|e#Pgt#WHKjgLd6b4 zj#d_2f6HpmhWdqZrqI(8$NOsOt*`9**1=wS+k=_$Yu@MO!~4;E%31`;*u}xGGam*} z|9qck-B~*v`#M(X`~e#=lhUnq7nwVe`U#w3#Gw`x5}Z$*uR{Q?<{EfaUBpok+`WFn~r?@g4e@hRBMq(P9RxKW<+}8E)WCjNQ~0o@PbhK+W#xP%09B5y@=G5H z>hrqk+$iy3$OA?IlLdhdNen9Tue^>W#ULsSAxAcsRpcaUsVnvpB`@m5O}RP{fF2#G z4pye?-fZf=W4G+%+M0Toa>&ULq!FF~S>I-Ev;*(3GlKLn$$HkoA|bw*XONp9uas{O zqL&lTfv>*ZT`iVV7nm_44U)IQDHMDVz3P>K^nZ1$7|$W~Ep-7!+B$mHO+bq@=Z;NfonJWG(T8`)mXgOR z;>oP-5ceB3tx1~7*2|94OgXqJD*FD;vF$*(cL17i3CWLTy!uk~DNMXj{Cim+d!_d2tn|)WD&+J?_qS~$V;6nMy|6Ye-?aN> z&;;|H9zn2AD0Bwu%km7@$pforh>2-({%^*s;9OFWl{FCKA!3OvdVPJa5hNJe8kW?-p_nUK~CRjq2y)Ir3( zfxHzYy3pLze%XRquU0DM>(M@cup;s66+4T6jo9SUYN+W7`xui1vG1)Qj5m=0AF2wM znqf6$V-hz>O9wOvJ6$kHD4vDJc%inu;v*I;Po@G91>4K%hm|l{ z{jY!U(3uho+9eLAcroxYA#@Qm3AVvCa`{)c8|i3$q(e5he<+GccRrpHNsy=DM`_^b zyS&I*dU&Kd)6wf&y;zF_dp#5hzV#*qJm*5LXw?v6`gXo!^nh_@g#V7RLdL5anZ4$t z|3Mx4yTU|l2J%G-Kc@CPJsTp@Jl}Et^aA*4dU{I7cU%=!v04I})P>CjlznsMQkp}` z{JAFWtO3cV?rN5%r<~JgcCTb$a=gQnTPAL|&Lh*T3LDx?TtK#vHyYGsL5&}25Ol1w zg01^3Jv|>O8ltwoL43&0iixZagE-GItwv6RZWmYuNptmsmshlu?b!0;db1y(E9(QRR8gW}MZzr5-A4ZC0 zrm%>W~NJ{LQ0?F==<#U^wRkAlh9n%;+%7mwbcw+8FJ$nHfT-Vi5Af``_ix+RJ4`48~4K> zuPmpfnY2WA{+|4-;;3+5QeguydcB1f}-M-1IUXk6N;9)N%}p7VGMMyy@{be>?qD`YQ@qLFfumO ziyf*sk@}ceflykD6N4u%NY@qMEMQ`WGZOLM`UfI&v?&+j(x6htn&K#JWIUU}8l>1h zL!*Pp{-)It!!4M{k5T7x^9pp3Bv^cc_s5%-w-;;Xjdp^Vhl|15#r~5%tc1;mgn)ZC zzvb<~m*maP%buL)2bf1w>Zj9jJ<5L&f`hTyf5oV^COuUDr1okR_zUR_Oa>s!X@`hJ z{seVjri>(Jo9+)QTZ)S$1RmbLS*E`DO3tfSn|6hup=LV@i(>!2PcdsE&}L<*!;=^n z#)ISZChUBG`g0HZv;xBggZ_-iT|K@V&VcJsu;kZz6I|a24rcM7s_8FS#^7A;tnBHi z_|7IOc49=y5c9Vm>`QX{ztwu!C*6fSSZ5fmn7#!aPU-cE*GL*7uQ=~0g8n#wXow3v z70bR7vKIVPRz%4ctQ8M=Dh-Oty^&$jvi8%o!evhGkb+6f$TpeJ;4Fi$NZn1Ih28l8 zQ+xEKzPh*}@aDR`QJLAl`J-F(5_jxZ2f_*&FoB&vLsAYdng&>7%CH;C6-|mhQk7Jn zUbTdH)bd_y30n?e_$EZo!-EZmto)=`A(d-vw5>UVsb`CTg3PyU2SAzo){4O)-s zPZYW#t-!HVU8}p3eP$?At_y>J>Xyk!VuQC|W@Jw4- zb+B4J9bSOdxONO0abrK1kdM}BAWwr|hoS`^w@ZJ29?LB{7r?(U&P zLg($_y`4hvdd~1+UjzSzhWa{U{6)!Pk}wJKIISg(gm^&82?9_V?~=W~VVN(VdRgDI z=C&B9>kMRihZBJ_{Drkw_&2>I_-ldP)Et_r|DMb7Wy^fk z^ked;CtIM6(g4Eq%By8DO4M-QTjZ>y*%zY1ThjL*G%=dSR~T>0Qej-qRLd zAZyab?X>VsRhi?*$Y`MI-q>Qb75-q|`%dR1o|R{Z^$a7E#$42-_8ln81r1Lyt%fbH zXCfJerLg@FOp|NDC&_5RbjajZ(SPKYUMxzau{&a`M2`>Q=SLk6uo_-VF9bUHve~2i z&7Bm?kK^j(>g7dUcZX~^{Y(r)-PI^T50gA$*E7fEHH_>~K?8QfM8a>g^=;}c zxUWUpE2DgIAB|~W210Y^Ic?NJdYFw^RUTP)v}9XAgBq=%GQCAy5*^%{uTg99DLIXK z-oZ5XIO=nWAMK+)*v9F=6``g(U(v7?u2k0Uc4CI4BLZ8+x|!Lr)geejH+U=Wr8BSl zIY$PAC2HhdU-GSH+>iFA2{K^St^Y4|1KTq@JI2PsR#Uvoz)=k$D$k3c{m|++J9M;k zU)V%gRQZC(nj;w9{gz{BmsxE>sxx54Wr7usk04Q5#R@HnUquySlK%Yg z^ivQKrVOgM-oYq>G8h7E*(%^4K853n#5LR*kPvmaU3_K`)vXbzslhID9c|`RvOg9y z=-G#P-GF)rCr}LDp%3qVSvzT@EocxySS%wb>co)3)(25_=Me-5OH;AS$M#vY@8xW_ zVL{Sd7E7H&xTO@LR+kD@fP9^CQ@Y1X-Dn;#6+>An)G<$C(FKYpDH%~2Rnuq!o5r<1 z@)gbEMvTtlc4`3ow4*&m_unQU=@DRWUdk3ZSP-z$LD5Hzg0s? zqQajhPEBr-v6{mLXIWVUdfZV}8;khhKI0Y%(-u}ZqdfGYK z{QFI*?5|X!^of0ODx|=^JS3ruNI@#aKg(n4TWQ0i3-Cxqfa-29m~@eQY<%!$#QrcC zVGKt8RYa`Eqv`eC!Ko{x{3`W>xj)8YX3FESgX4X)yS{lA#{UyG3r z+s4-3-!V+b{ek`;oMk7Q?&xmM#Wxq$mT!zdbGq!s;jiQfSH)WZn&gmqT%$G}0jjz& zx4aFQaaaJ3j4=3DOTp`h zsCYU7^MolOM2Pob&@<1QUeMblUhJX_VFIJZHx(kmuZQU!s9*89zN|4 z5X)IILEYCcRWEji--w&lYEI8H?6S-$^jFac(%6X;oUc#r!tBYkXR3ZA!Y$JB+jA+Q zQKC#huaYouBjNS{zGuc#sz7e3O3KaD`{d*wua*f48xK~||6a2&VfuzzkdOTd>=sD8 zB!^8O!9oSIw4)NDT`@)}73J3Ik9_s{L_EWNRCBkYgxRqwWBuNHnyFVYlKq%AsR}m7 z)kf<|zSsO$t+4&!Ant%dR&0aHsIelS<*H%y^nx14>Qp$;67-m+=AN=>w`=TcJ(LQ) zJ4aCacQid{LJ^I;9kbK-AvoIQTNWa_h${fH4U!*>!>2r43`3C7Px7z|2QKYw>U;VT zUHc~vFDu@5LO0&iW7yxo-Y|_Fa6}2g718dj7=!!IcAS5bIOm4pYPuYs0xU}}{bpsk zsT2UFFxU|UR}%DpGe11YAhUQyWHq(a8Em3}6kVk}S%-;s9zHxgYrQ zPfi4?{ay$clnn+}2!w;eC477Jj9Nu|q|J|B6G#o7M>e0sJpot~(CrO6LGZhvnsT*r@~qNw`nj760TekXwE_vbvRBrHv5H3wBKlJZXwis&uh) zW6+e5l~TB{Y8=`n+*90;%nn1*Dc9!63QgAG`r}^y6M1`tX;BHSS=tIYBI>+l z8z@l9uQGYAmpqutj??0_<0*#h%t^7QN~1uEwlL*dKW78E~J2xz-B)7z9SV z1VtWT_MGClRTkW|F;r09q^r#vy zF45BZ_x+GV#0O6x-pkSEN<{cF7bk2pYezy-IS&jB!vyc4H= z^PT554Z#RH7U^QW+jr{y-tcvt_eHt;DLLYyn$-~T5)=BRA(rZ&Crp#38~X5nd>K9I z%*?EYR3*U)_SPyv}muS0RmbrkN~KVKi#H`DF;5Ho$Vs;aFrz7%g@IDqgQ z`a`e7%o58VtFZYNCc|OG#f*w!LQ|R2b(s<)?M%3uYHWn0TfNCeZ{omecT=hiu483* z(vV(v4o$*P@nrraEFL&Ttnj6vt!q0;^s|B=60ADWpo;}VWt;2OnxP3H6iMpV@?84m z8vNW>PaWFw_K9XxF7@|HZX&Y?ETw@XO#I7dw(Q=k7+x5c{srEWAvp%M4+JfSHB0J!hpjDL&5N<~`cA z?;Gui?2Im8pG1^5Koob-8im;prOY9h+e6cdL)I%(oRNkpYXsVx_JE1&-SEcb={T*jM90png0#Cd!Pah3*Q zdhNj*5}u})NB$UeoF&R6Lyt|U5L`2c{WR-H*avC90JdW4Pq*R6lPQ-CeQIgG0`HG~ zM_j{3tOi3{<?(s;18ZvBIhBN?GgvL+9CP%Mv!kQdz(6Zo-+tq4<|UJ8Ae`@%M(tsmc00)iZi5 zgjXuKki#j1dTp48ACk2ih&a_tZH-hW@aE1-P>}E@gVtCPxhGP!V?`a_GY@aYN~PqW4OAFp49upTp|-)oeh@`Q z#`2$3VA?t{iya~)Or_+c9r_riOK+jfWj_^bkv}BESxqTDpXL*v7*2vW&R1NqY;Yu{tv(M-vz7Ki9>_IBXu_DPMA=J3yJrUoc#Li zB*vF{B-DPo!C%F# zVI${a33gJ&8!Mg%1h4fqzR#v=>rL(Qr>hF9?|Yy}X+TqH&T!@En}g#Qncz0Q zMc3F}*TCw)MG`bf9E7E^p_>;X3VUcGi7G*ivI~*dDpH3%6uV@+1ncMff_y4DmJd02 zO?1J0sI-)>@JMJclv0AtrErx<*{%jE@Tyrxl616m;xkNtyd$w^ca7LS=Uq#NwI$*m z$^lhpG%n-@%X!$JE*NW(sRw}*f%JpkeGu~z;l$0E&p~?u_cgKXezly?aGO&1Lh+T4 zF7Hjw?}33-CqKts`ff&dj5$a0`P5%q+faimvuCkP&=pL)5O*p8d%!WA*Ay`V*b8bu zI4AzQa1;`28LMIc!LVUas~3Ey3`S9htEVNrs?i_F+~_9qJY=`9$nkW>5rp(AbAial ztounD&4{sGd@#L}Fl&pOHqI?sGhjHr1}sSS9qwmSErm=KDhUceTzs;VWh(@hHS(*( zQA`i)0~51YSYMICi{w`$TXk814=b(cHvR?~YlVkmscuora<)n&2ajU{5VZno%S+U* zHlGWYZ};(sOYzP4EVxQmjEMK^n%B$z_gexH4Q7ld%%~9th$Ruo_Tk@HrMQ6tna}^} zr&h(ZQzD>@*tHdMrx;qQg2_hNf-BX-SJGUjx_=?;9>|cTZC7lZo&JExk-cWMu{;+Y^wXbWNch}QVl&4XM<@8Eg@ddxPw*EMzG~hHT zet|zE!-6-W?wdRTlDAt@+=KO^%MesQC*jmYA$gK6q3`sudOrwc0-S1kj24w5%WJ*g zbgUS14;^kqqwnCkj0PkTY5^Jpl!uQ^{Fg`+f&0uDU<3Qe_W;ruaU4Z^UEb9+3%sVL z+Ka$NrsscM(RV6$NdB;zo)4f*hw)Q4id9;5C!Wukg*NFH2ibTu3@*J{8T-(aAdIaT zIZ}~N*&`~HOlKe`1CXk%^5=I>vp~)tqJF+$D$aE!Be^%gYeyk2uG|lVNzR}uz3WG z20;xB)L3YHDPL8&^Z3fiY?Cf(C z(%6Z9DWb2bXz4nF8Jyw8|GdU5u#L9#-4Q77?ofzEOw4K3o&KWepG|)FG&JOL6m|3~ zkFWk&J@CB-9I#o084vwJ1NBZptuyKP0fK;L;Qkj(X!aFSa|-Ttf+{OnbZ<6VUv9&@ zm2KYY+qMhMhVlK-=DLHqq_>KseV(j9?Bof})k zN3~;e^8Ugs#vqc}IvDOM-6j$+HNNl+7c_GqkSppAEqWi!P}D~ZN4c1l-O~YKmZR(4 z^bCVyp;GOc2IJvVY$Y@n9eXMr5yoY;ec0mHPlH#7mf#XiW@yh;5D;o%Jn0^nei2;u z(YemqTjSe}S30~}k5aD=)ATvj290TWU5pP>T5?skY9O(T2YZn^QK)6Dh4m-N;i!L@n}%v_PFaG@QB-J7Jl%agDuq4r|of_fm5%%A-7 z5{o8jCSC)Kx`3c#asqAM0mBGcQ)I(O z$!yT6pTINyN1|@LWm*KozYa1tmwFB?x|mJtVC`1}Q++7cD`M$k zrJ}WNoWWq>d;{wUfvYItSK4fus{xS{3XE`CO7}HHBxH(Fj)!IBX~x!yZUQWhmP>6) zmq67`b^oj%~LAiyO~rRXobaMN~6855_k@l{4106wj)kNcY zL+galmyVqC?K|wIRctngL;gi)8fpaUkV2rb!aP<^lkO@Q!gG!mXJ7+j%Zc$;!^ysu z8}znQ@I~tXmN>oL)tIY$1oS$w53H<2J_9natW3Y1yumT{R=}R>aJ4(`akIhZ{*&8ZkSK@|f-zU*lVSTEgh%b|mXCm7+$D zKh~+2d!%)(W zBiG{S?NSrwwFF(=)C4VRLMl_sxWPNRa(m&6ms@1b-3(HZDMPPbVaG1Ur4c|QQKywY zn0ZIH#!IA2`RM2#{B>zSi7#E?TfZXlrw}Lf_zqtSrEvRbQipFpE@=@Oq>{wyKm}o^ zwVY*?UcWuDx(@>mvJWOT9sWv=|3rR{yly27jVrQrzDf{Hn1H~APaBAJF9X}tCPd(0*z0G7(lmZ9HFf&xnaLixIMcEQ73e4KH>fJW;YI2=)?^HKz|wO_vt9=<=KD};CC{9FdzhP`cgK3BxY3&ZLfGrb;oumnjSn3WY6Ku(`Rk=TRXJP7Dp6 z6d94gTd~X?5-emIiBtw;Y0&yni-7piD!y&3XWr{N_A71ogxDrW1Bu(uA9sKKRk%2- zc0x+3E3+%+x^1rLJ6a+dc_QqLxNv*K`f-ZDBjS(zPtQ=nb*M_d0%oWEeL2VGtV?S@ zX&1}xa|LJS54)f992B6alAcKYCGOBB57!m#u{&-`U(9`33vYQij zPeS4V2y=FswoAaErpIDBZ1S{wCPm)zdWTsa$P&CaeysUX&lh9CC20DKN}wr8+HaWK`dWdx!&;mljdiBn?*p6>R?SR zG0L@0Uwg3Y`;iv-=@PN~MP1=h9xB)LK=39@9zq-vHxK-0h5Q%OMeS3``Q=x?N;lMa zD0wSU?mhETViuk>0}2!`>O_F>DTX7f#wabqt(`qLUX`s*?>I8

Vg{d6T?Z_934x zps5L~Gj){c^%Z26nEYgsCD`8k2Lav#M1aw;+U)8=#UF8GbYbWVFudC{X2$fL;b&2N zwFGyO0ev+yZhy)+_r*d1Jz0wM^n#X2js3R2xuW=Tj|fbcT*sT77B-k1Ez#rOBExhF z$b}_Ph{m*guoP_7Ys#z{g_rKzYw$a%fo>X&JN>nuEf1o+fUo}aLw!!jMOXA9t|w}Q zR%j;J0u^{2eDJFcwZcl0a(@A;FwSRsn-+yj#MWbzGw5uQG**@5hP&_{&gVl}fkZ?6 zl?7+hxJjRV%tG#vP$NH|VzW>WQA$Os9QLe=#quSWV=);s^Jvt#t{TdZyB+sw41r)T zum^Ye_>Ldmv_RzA$jjVR35|Yi$C&f1b|D(PyY;}|^E{^M>}sAym=dL}2EQ#mEj{f& zi0zZEa{A5=UzMZ&BMEmd{Eyb#H|w8D1v=+HgX(&Z2Gy4y2T;YhrNJ{2N5Wo+D)>0n zgYl~Knev2rd=VzY*j@#BXCi8>Zk<0?=0e`cV0j%Nq&0F!J(2-oh%eoMsYIk*pKLQH zY)a3!Y~3vVoa0esk6&c8CSu|y8iLCyl~!9vWgv;r)bZukp@M5*;*VG=TpQM*s1>P` zrEjaAgbAl!l={5tH{uJe%PJ2I$0its`jkjlf zgAI^jwjKQ*5I3$M+a+5K1j^Xfr@j^fyt*k7X41%D49p1q6G6D_wFpZ{UYMIeV6e%% z&htI%W|Rik7CcLAkS(I@KulGQSFTSsTiD~Pg{zbD&g;UR(z`^Hr)1tzO_M)hv;OAn zNZl3n^d>r^QhUzz{vorgh-_fx%bAoqThc;J(-&Y>2`((P1FbW*xY7nGaMRwlFP$DexFQqP^3u7JOx#!ynfT>UO> z{EXj1-eiCuw%;=(9nH5`?PoDjz)Ct+1e3wsr*&K&?&{aq&`#E#oqCZ;n}jNJ{o)Xf zVa0a%J?VC!n&k3)9a}u)T|;gLd%$YpY&~rcOJk{hG`b}%X08C7xPQvs zM%ZudElAwC?`8N*hK!KxtKpjEz~P%l8#Cn6L{<-EuETnj7U}2nQolF@eX4`0001cy zy-qInSI}ccd~qqo-|HkM%~{k@@)sN-ag##~3I8DyPdNV(i6)CWo|#W@KWIWvZsC1f zB;iVn6M@z;Qb`^21Rd<37-3zH8H<6RUg4b_v9$ll(hC;l|H5HS9?tagQ`i3d3FA=Dz_J0ySocoK1cXckOJYcuSDX=~<_fm_^{W_rCsNGb z^JUwH8Gu;Z=a?SU0~0l0?% zMVKKi+I(SssK7%{gc&mJzfb44+fLCZ-i`LTI1-qU?XE>GR4W=yil-OC6*eB;p;6dv z3y;-1lzCGYTNl5SFR95s)Y_;TYzLA+B8t@h#wDwQEM^CwXVY&9mgnV}26H>pNS=jl zET8s6bPRvk)Twq3=tr6rv2JrWcHK9Xkq)b9j z@*L~iv*TGG&mp(B(?5lSFcUB^U<~~gP(wNZf^sxRr0*7hgw;X2^DYGJEnYcTQEaGH zr6u~zPmNhFCU9cXrbZo^)GQ(Wo*n2kVEjC?SXaCLpl`3oyA6O?1EJunnFb(OFz7Ax zA!y8HD67>_+(ad(H7G7YBmz=fDKZ!kaVb?kaK1_9iA*cW!XJlF3;hF)b*q_*r-gcG z!@17z(8&FR0R<2xADHw-)l9vrqJ%J)P8lO}kD*B+q=9Og?q=urc-m>PB`;|Di3m z)R^C*-Lt(@4mc9@1v2ze4%RR-nbZ~I&bHN^f|HD4j)Ut@PnsAY#k~NU(`Q{sAm_Wj zr}bv6;B(ygTrTg`$;+Yx@q4`Xcib3`s7;07;I()X00-s4(H{?Skh$9`oYCPF!~{ID z^=l(wX*3+$nPy0gF&GIFMv-%Lw~XR2L}?aw3&R(*@wUEILO%XPFI~ziLlum)2VkuI zy%y&rYa!QH(CbY#AH&Dye%bJPeSc|a`}fHFHYMe?!+m*vs9m(QeD`^F2Ss{UQONTI z+Yd&@kUluEnlx#MvMnu&)I&nhcO4GaJFV?iVL&^r=}PUp{1#E~x?)r$6d_YdgX9nB z6v4Ijn>d0+D8xsPV=B261#=kJyx(fuHNvL!6_YbJCmDw#0FLkbPE4X+W+8&OaIS%;MPvoB&lIuNL{IR!{e&r1_LOR z{P#yHT-)EyBr}tN>g`0IS5&NK*Sie_0+xeUmCeu4u<>}V%vHs;1smzkqDNsv#N|Pz zHWS5^BE05=rzR9sKZEY6K8M?T)vX{epFNpim4q5qCy5~(euTb6HYD2WD>T-qj-WU6 z+sWa0%WE6b`cbfc>`tN5;sf?+#*u}H^joe+ihErOHAa;Trt%LY9}Atgc_}uOCEax7 zfjaW6$QN z&k2*)_v0y8U|7f4@wKT|qw#jHklbDgyB?S*hEK!+*^RvnhbcYVeUN*&EV@OY<`d1y zS4B;z(xh6aVOCtJ;H!D`*cy92El0P==ilsOWVY#HB$2zlNj1u*@REo1phAy7Uj81AS~J#y7=cCzp)xj2pp&rX#g~Co8%Wi$K40 zGx`;WH)dq>wG)@Ls6wc}T#`yK()HxhqcHA|_Pm>wJUYB;oZ=shL)?a4D*DLf^~?{` zL-X``%!yX_S%``+3@St;2lU0n%b!2~c&=Qn^v*%J_p(g+b-Gn(i6a`_e$V5qONbQ` z%VZaD4;-q=756@(d~y^-BTivKEEo9PuXto1%l@q)l?NTkIa=rpk9HsHl&Mx-E4Nd!jbBY(>8ULZqr2Ren3-#zi1k#DapSjj$mhL1cEjes$aX(D? z2g`-wmisl^ma84>pdg3>=M(rM)EL20g){IyU8Lz|^Zme(XsyZeP!QTLB@;Ya!wq4N z0{(aHY#%D34(T48kjs9xbKw<#$Q!MpGM@CZX;2$DU-*pobxC^#oTVMRx z2@i7H+ziB;hV%1Ey3vZa@P-(qnJ3JysB7fudTVlzA&93 zSC8B43&=;=z27@+6TC0uJ1O~~S7}&LcJ(|pFOSZ(#T^$pC4=JT2#gpzU%Em7upDrl zP*KnY^{iSPN+hYWeV04sNFpw0%u0HP(wWwlZQZ$zkw93YIR)X@(i(6z4%wj1qg>uG7CpWf@|;A`hO>*fBa`I$LBknc4ggXRJzCZ^t#BGX z=xP7xn9=Kso|qzsWehdh#OVBJ{FEHIqz9#F0rK4WC5P&;ii!BvXn%^vIJUJHe?->a z7XH#>MN3Rb8@*h-zG&=cL`UDQ?rag6IKbmnlS8r=^=EI;ieBZ|Yjvecu}O}OEr4c6 zb}8ysqqZ;O=u=@y`34&A>N@YoL?mO{eKXqNi;C2(p*l!Z+?jL63?b^nMeo*zU{Ims zuq*=kQg`V4+~!-R{^sLFsRu+gs35tSjU#;kX^v9=*OD=OPMnY;6}8>x$AlLJbk<&6 zUe?cR>XNjD4*KFkaZu&jXzAmf0|_%-^t9oWa*16Orr6_&T3sc&sc&Ear7!Y>c7-gQ z*CwfRm0f)u!%Ky$x*A=*$UQw=M51X}O!TfhTW(h!e}|jP{tHj)d9r=nuJMNP)lAoT zzSW~*62I7JfbBG}-iK!EAq*x2wI$3YAb6fjtERDk36EQxjHny_j3TuKN5U{3Y3v2! z655f3k~kYs>-|N*<8(iUj`q~ABkXkk!@Po|&A>r7=V<0`|F>?;Mnk26Tpi7C!Z;bP z{WWd|{Ab%})^UwXK#etj0X_x;_G;4MA$7KGrS9%u_Pxh_4qvmin#EtSF5H4}4Rqfl z`#&*RxGu##cBH9D9`}6Zwae^~46A2WaRM}+Qhxn)gBJzMD#cOhhCxo63 z|1FC=0-JbCfJP~s_z*&;gzq{f`zv8R$Iy^vyvfU$T#6@nc&n~Ie>;B{gXyXxRP5r- zeh9Ku#+;m)&+};8pAOp3@ddJ+{fzf*$|=u5z;h^(z+>RkU??esLQ%pZ3rT5Ls({8B zPN^u?Tf-&%bbJpDmPn~qxSTv`)6F6s`)n-NQ8rOIO=lpaMaY@uRqu4D21G$=tKfog`o^UK$z1NVw>lUH@~lV3z_w|w*@IX3p!<>waIU<5(2MR zAKsfq@B9-|#=D`n7Bjr5x_AB!Vv_%@HG3k+3HQHMB_;E4II~`e7fZB4Rt6hZwv_VcvaX0So$i>^52zuDE%@k~2oVulVSBnNili^g5GQ(HFT>zYg z;d4O3k(OF*S&)=-d(k9<$}9Wv5Z0KcH`{SEu!hoWOx>=&J?9XRz$cFBr{hGH(U(O@ z?gY77iv%8ELw$T)etJ5+u#w4G7P#m`J?<@@s1fP5n0*5pmRc z>?2y|J*F{gX0W9NA!mhsb8K?3Q$E~gb+gjpno^QBqh4ra7HOH;HRbv>BS|3L+~C=z zFUz|86JF8^rUv$C8t<`n+4uXI;iwfzmHj0uAG-)fr*CgS2f6&2JWNlV&``-~gK|Aa zc*0yqC%z53`iZ^H6vXIWeIdgbt84(-Ee)Z<*uAa;QamqI!^e)jzaf-)^POFr`M|~e zsZO_9wAt}~_Ln=M$6v>4B`Xq#?(M}=hu0J;t3^sGwDU_yI^9{4h@?(7sM3>57WEO~ zVTzR<7v1_Uh8&S)x&eQGs0*dx1RK0F72e6N1XqC6%-|vC{R)Avj?Fku z(|$N@F3D0emNeijKQA^-b%&hHB0M2NfQv5w9wR6xiXo&7IERgpD4Hys8&E*@xjYD{E1huU%04vizLCsMcb->T zhQel(ypwq1?@1Sy5)_2wLfry94>;AcKB(=!vI;Y~LF+n%OloB9XFsGVy2lbj2)s(!uHs))7%MX_1{I|7n2XK^7<-WTO)H>@nDPTp z2Bgk(^%WkM$$4kzFWRzK+Q=QgC2ZW~SmS)wA3nzOzx9EANlxg9RoCJvw6jn#RS>+W zRms@>*tK3B_Tz^JRpf|So)c$lfU21TLs^veH-`~|4?N$05c(P#gLm9aTzN7gD2tvjXEo_Sq60Kh2>&;Q7sPBSUf;uCwW|ASpSxhg^LnyvR{b&#?hgIZq zl$AbgcLXc8DzL6SQ#+6Qo1f1_p+^;%8zr`PvW{(N9g$g!L@JX~KyubnZ2i74l8oWg z2n}C`IHzP&38%k|nVel#wW5zDk1sI(wGv1gJJgMo=@iTE|jzvVoBpjSdaUul31 z4aNx{$aNHh)<7tuJ(748^bC&1{=z*pbQMz;tGzw%712st2#C@~i;9JY8TzJz#hkp* zN){gU4oP=W+9>0y|aatI3a}@ks5>_OkPr*2I;x6r)3I*B?DA9?um6I|`DODpeL3oxsDv zTFS##Ne_hYDcc~p9#xG+cZsl&m<+3UHC6UP*|Ksy?*hi7!3hrlBz_Eu_S+9Z{h`@> zsm9K(`Zs^FgPgMlRttH~p7xK~#~fvuK(+LIdqOqAs1Ll!)#niAAi=JFq|VcZs|@FZ zOY()CTT4TKm%eX@8(z^AnS}G9!R>{hm9A40bnI}&%%8twAirUTDbwA|!{9NWa|qI#-zwQ%=i!{0>GmvokzzCpc|Y=0Kd@~tGo!3$=kuy%u5zFD6>QtY zCG*|y!ZiSf3iy6W1?ZWaFKNEYA9pKiJpryg6{YUzGjqu8XK=3VVjK`|rOBjQxKVD7gnsKeV&6qu8oKas;@GWzCqx zR3cxny^y@W$k(MT+d%o`vhu4w4GL7B$HP1hidyA`oC!bw{c7Dsx&P)fBy{xMdes45 zdDdOz=H6C#bn7`+Y3JxWrTcc{1tpz|kz8rKd3B!EQgdYQ!4Nm|>=(a5oCxQsjV}=q zLE=(SuLe;$?Vdei*;b}g5aHWZ2z-kk%c|$e^c?4UEU+yGXTr!t zjuJdTr}1lmN*PW%dW$&Vd{#h7zing7QrQM`9mZ29?T*7S?R5@6QL$Wh&Of`?2>{n; zsjTNl%|4GsW1t;|JepT*r2YiHFk%P3ZxsX+UJBj z*oi#PRb6E^9K;6~%+tik+!#r40i@4%8wqKHVv+kB5n6_pqSL6>Ut@|Gv-JA8h#a0? z4r_GX)H!J_o*r{er??21S@N77mPwjm_qKr347XF_qzaGa}&bi#I`P9_T?*u;9P$2kv z%K(kMli=uX2Pe1;lw^V9R(i0fGgIwVtc*+R@WSQ6j#g1OoFJ>y++|wpB7>-r!idcX z#Yoz)TqS87!D9S-9z)h0e2u@JC#U#A*;XUPV5X2<`fabxrl%lL0h_x(;4N!8{_+#) zVI=X@Qj(r8~CORxvCN<;S%i5pNco!Fb#kHU}Oz`qQEFZu~WFCI{VF_{ks&3TYKIiLSs zUEb94r;EIGCW=L7U8V`*l3nkLW_Dt z?!s=(O>j+QP4=~;`B})(VpZ-incl=#i;GL`_Z3;Zetr$R zw0_TB=<3*2S#)lAA8;kQjX1*m_IQ}*g?CuvxKjV6&&Ax2bK*$j9ve*~HG};x6k&SL zbVEzlK0**5(ry8Zgz+y0MJ{!mvY=OoKgff&l1f3ImZxFNs+HDMUo0b+pc!K*Dck-g zZS6>gaFwA)7SPE>SVYqim3V9+HFU~7_3(d~daI~7qb*n$4<4X#3D(fKJHg#GxVyW%1{!yFcXx;2 z4#8am!3jZv-ri@Nz0ZB?_x{IRYt^i(&%yQqU`4kNWQ7h0iRwMi7J(1gXD;e@1R=b5cJD_*Ux^^d(fA1T zd<=#@&3yKs`uv{$G4kl&9r=oYDUfOy2r0L){ojk%9!Grm$Nr*Hece@z=%@xf{~|L1 z+wF);Q?qifI*52#8-6U?$!3A^{dWR^g}+i)=G1!HpS4lbxe)kutbkwc5QE?+AG0*1 zJnPrq2MBLC$lp63HqWbm3_885(5z48!gKBoLF{$PdrU!QkAf z`5jJ|p~*TDTYM%4K7}b`!ko1fLY+&?AF$m6=D{{S;Cs!vk#pxQJ7yoYuXF32i!z6* zK%U_VEtUJ9ASRQ?KcYi()CZ%ST(=C{==a(it33d6{X_dZR|mg2M>TBt@1YVgQrS;i zm2$DJjJ(Kf8YPKleK6uS?*mlM#i!C#oU_qGns88Hu`Fz2XC{^)gk0%_d89Ck$Y7XY za-?@>tlcUG?6EI~SZXzn?go$dISw$&f03yY5{EL}G(=;67K}O2&`liNS)SM{E`yu4*@%wvNy7;l?Lp_pZ9>N}k}kEwai6~c}5M~YdMV;MDlIpS{a zv%AF3SQt&(D)lSesiR+V@s0j2%EaUg#r=8bXYqP!P)M^vWc#8^zJp(mD0le8R>$(Z zMUOA=K^W!xQ24cFuB$+WT%|Z18ySexHKM>Yn4s%kwC-^6w1KI@W=*_eO^KB9H9+Dh zrOuguUkV%artD;8D8r5<>h6O+3`dtjsa-^to1=}<)=3>8W-Ky}YbZd#EMd$~4HoC= z8%0zZNN&ikrqe5ukxjRkm)+6&Q1HK(kI2aV8WQ~lCHqZM{$fm(05UQVirLeZukH>4o}DS4HM*9yn<3`P+b)T#>HlLWIrNDB z@r`rnU`X~)1LMz~k1{j;3#?WUr1!9xSwS0ECL2_noY%`q=|LT=(f=r7Nxk_iKkjh# z&T<S^w|8X73t21%Np7Q7&uDH}eKu180f)gQtR%{R zQJO;jeQ>JW$)`6j#<9zFBT$f;!i*mL<$O1HWPO|SJ320|FxgkvS9yCq&2L~DC^;wR zmt9{K-K6U^xI*c)Ef5l$|35WM;++j~;t{7~IO>QZl?f1Z0U{E~NN07c>0-4s=A+1b zg(nzH+G$0W1lW&LCpj1CHD3Gs;PQQ?H_10xwHghoa`=JVEmOq$na4p6Rt9EVV>&WW z!U8Dj;gTlO>S4lAUR32e5<-jfc+ztZg?MGjs<_5wFO8FRt5_kFM#!!ky)OO!g^ZZm zfnPB2KVducmWH4~ep0x4Cdfi|&9yGZ@}@)bx`X?QU{J3oYDTFSHKE{Z2TFh{qaCbi z_|8Dx?F8vIN8Ioo4#vRFi2cF6bPc;qU47p6Qf#Hn&`z3Qo$O?N0uq2DfZ2u^5y>Dq zEI9?}L{)c5Y%>CTkdgbBdD{Zzg#b^FU3>TwQ&}Wc;n0_PzBbzRmF~XF6Rrh2;p}nj zrO1lz;45a?@i;}7z}#D(ds#GcFu=1*4_S6nT)g3Z!#al9KH@&CIwGJb&$GG-(Pwt~$#HoO0{Xf6(~ zR~i=bbqtA1h~ei=D6`49U1Q|cn%?0?)~LZb+Q_{B#Aa{%t=@nZ@=t;0(72UhVM%|Q zUR-Mbenn`}-ZEs|n(2~Bex&5CGO(V>MhQ#mKA#YcogEVVQPa&2wLFN%8eDf)n9Jpl zy>|}pe!LjoIfg%x6IHUP)Y=bLDw#gB4Zi+W*tr=X2;tJrD(7-P#L|N+{k_$=2c7#26z^E zW6yVUS-ib~Ls*To58S1H{?GBoH_yXn0c!~;ZQy{7TJS=hF+ZK#C1C361+nUO*syD zM-`dE6DP~nYpi8_HbPi7kLk19u5DtqR(HU7g8@LH&6~`8CpfV@}!N| zv;~nbNNrN8!DuYMr;47XYS6pC6=nh8NBN+ULO^f);f3|Air!|3+UjUBe0f-7M{&kS zP7IfAW;Mga8i>}|NP8H-`8kxj&o0=l{xDM+97(XFa5bO-n>Vrh-{Lh7HBPBQ%jp>v z5d!%jQE7%IDY?B8YU;CH=eXBcNSA}Yj#S{smz3xqz~9Hetinc8alSguLHo_{e;N6> zIq!ec40z`6J0@lOS&y}#6F@bYcsN7yKLfGuSM7&qeAG|&bYn9}>9vl_DLov^@VPW` zoVzx)(e+e~IRPrFNJ$~WY!j@#XeLKobS1SW!UNEUzrs&-4w%<=j8pe{%1PBDm*xXd(z7?< ze2gIqCK}~GLiW?qEs8@$DX=qZ2{<>uI~aTD6H&P&7!9T@_QBOjAp%Jt21Kq(#i3u) zxWRABmf1h;p|=?@4*wCRASL>~nGX*NZ5w7wD5OfqbouSQiMim|@B?@R1NflG=tR>&eVtSm!Sd$)cd z@l|LOX)~&K#(?2dH^g}F42Y)ut0Z(QteVa3GIqp6a6z)}5i-;f)>;*_Z4NIkGo!$q zYV>wQkP)l!_wyCZy>FsDGYmU!N-x$U@fx_^e|7UFnAw{@;L5lETr={NJL6y7t4<08 zx5NG4%20=DEdzs>nbgu&4NA3X)xhSWye09eb@9tzeaPXYB2KqfRO0f_i($HvEghvM zG^%Ol6i(cNA}>>?DVJSwo#rauqs&vN{hO1#(^I%RaUIJ@6s`0=E0_0=7MS7!HYIO4 zi)IOg0*hUN39g*Q!9)uum!RyHjJFM2=3+x!uf4c!Ey9$AiC^N~MHdj`0SU%q60_*6 zy<8#{-9-yE_b+UCA72k>RpYlKUiDROy)1U;NB~lq$^b~*)y|wehz{hC^fOkTWz_%I z5fwyw6xaSsXyTC@Uk8HyTAstVwP;`WtewEBZy#deWInf;_xA83Tp|)5Vx|Ihk9}DV zhL`nPtVmRr!cOvhzV4*Oj%-N2LX^O`l*btAK{QX%-7>MESulfN(Z2);$rf=*K*6fG zIRJdc8tp$u!TShU)1AY@>p!oQj;%nkJWdqEtHdRo1T3eI#zh0^@bE~j%Db&H^3^Mt zYN^r+IEu;Qs++b>AwZF62$>F7(;|`iQi3-gB}xbz%Mjr{5mT>syFC@jv!n_0eU`qE@K zgB%V2x$EG?W0JF+uiwQ5;-4#X2eLGVxLU|^qagDy2ZnCAT_Q@+{^P5)W@E?o%WL_2 zj-HD&b^D(Rnh<5XaF=`tTiUy{nr%<^;`2*b+8&u1z;3tUaUd&0Un|{53#VwzC3e0V zbww!$0#_kk18f~*gb>7&j}EAZv>uc9UEF@Ut-bce3po5i`b>cNkCVdZYd^_<&iMbQ z4N*s0o%|Z*V`i>bz-D!jY>Bo)`mG9Q%gnB#Rmc^QVPNyciA36oO21}}+nmH*7N-?Y zZ;3du!<+kICUO%UfBvb7!@wYWY-tlS%PPwnWnx$QU#!DQX>D%bX6z6WszK`0LUh@N zzGL|Ar2kk;)aHAtA=yMfU|-dktA~Fx&>(hbR=phVZQT<$rr*=YN)vrJ{-d4f_f8?dr0*uA}Zi*LU0V`zx&{hocS zs9OJC`>>wg%>*z8f{x5(SHsXN{eosUOlit7rLVVXf+(vSK;j?#LjVSeNLM_^u$3AM zD+iV>kCa{@ZjBd+3D1V0oy}48WS%p-3J1hmJlts%ZWU@sr>;Yc@%r zbYEQvb9q~5>(|2yp86Wg@7YPwWE&mLRsKf>C3< zdFTOOAu$W`k_s+M$n9$BokpYtTjd(b#4HJZGUFH;WzQcwJqDa^2Yy0`-~L4RB2B!L zY8j%5K~UTXq~Euv1hT-7D_$+%QWc#ys9IPvt7`I%FdYEHy1%D6Q?eWtjwwKyCBOS1 z1b7Le%$X9$<6IpURcR1DzPF%tOi(BSBvmoS1s25ln=q555QbCFyNAhgQByC%2)lO& z?=Rf~v6D1>zH@b6|1%vkOZ@%x+Z7=p+bt51gFQ_m%Gr`*P?X5<#p$pFllu`fd1EvU zZ^VltBnFiW^1*BSpEeNeG!JMtvzfQIr0`J&`ut zHEzbqt+D5|ukBdg+pzhpYxcQ~1xD{KYGNO%XLmEGbyXWneB;e!!1d|cyD_!1A;2w|ir}FHu1wnQ;P6tEosArv@EQEbex%eIPGrXJ13Tsr$2Lvk7+>v&srfl(Jxo;-` zC$&8Ko9Qi!^u)>#8G!nzJrqhksHDL`h8ucPP^M5U2A|TXQW>nZ-yQjgZE-xUe!vkv zkutuR7A8jQ)@%gi9Oa|b_6O;OL46lQ#)iwQ*XWQp z{p$WGxogm!^HMUb@SCR(7ngs5O5cQQ2&Y`3^oq>`K8AuI74{`#{T&#QZ`vg_+}Ofx zr;Q)14x^s>(}$izf3pNjv#q;`s-vk8&NeUvQgr^J@BVs5Q1kK6Rk%L_@`ysHujQI* z$1xa?f&ql4sIMNaA8^9*9(Ym~M}@cKg3&>wBQV3L!GyPq zuBOg@DQrNZd^;oT9|}Q^CI;8pZF>9&0C0OUVwU1%?RS23DXWCuoTtXbk<^V6#nU2b zF>wIuu%MTJ;b()GL-3wyG}E>N80WT&?P9X0dmm@@pH`TCKlQ!X_M`6JE*svGMu+rA zWbVGsCP3_9#s9N|!5_6dn_Nkc$F>orB0nufX!kaV10Y8xP0q~pa z!yJYJ0Ye(4dr)va|>a|-VD z^@L%F+SSp5md?3Tz=qGfI2j%=8ly8pb?EWZq>C$98}fiWm{0tuYT+z6O@@&Op>Q7v{(`86-->@`f_&2%)}7d zIq>oPZxu?qwpIr&G8iWijF?JaxF^Z9wL4;hIh4VK0Hk&&>Gl{qf^%lo;Hl2RP)v+v z3<)9)=3z|=0dZKFkZS|M?iPG0F`goXPbI#2_t9Au7OXUqv04{Sa7S1YlJ?eYuNXo~Xni)&ShF{V?Pg|IKG`YZ5`?~vCfF{ou^iw>=aHe0mDecJhKHgxBv>?E zHZ2nPCZN5&KZ?@a8FzNzj$J)P^Zd3}XAJlX>oCn3l3R`9^`Z9p(6aC4{1&kLQ2U{T z`On(o>UgyjGFgfLf0I>{iLn-e)h6qmHL;#A-z_~r4TQeP9E_#!HdDHlazJlmvd(Z| zEw+T632o0x^nQS{kL4g_Am)o{M_y3@RQq{ZQq+^ zr5!wlEZOn3K&Q_gMkgx>WH@j*sQ=Rc(DCeih25;G6HBp`V>zd^>+>Ku&|euH_9)vV z#1W}50c8<6K60*PGd65MTD}D$dLb^y4%F3|s@HNw(H8Km+L_NHoOo}oxa{AsL$}Bc z9qH@QG8SCiv>QjE08~w`+BFOHPjnf|7=>h#$Lhplv!E%(agQf-OgKD`q<69)9HRwf zv;EKT&NW<>A^6AU-4!PdKjA3xM=EYZv~r*v1}1qg2-7$o!p-;l4SYRUEmX zmI&%}e>$M8VGDcI;^1K~Ib>n`^jH;O5*IlJqewCG#BdeiiEs(I{Mh8aAs5;{f z%G4%_(@A;`1cwRA8MD#3T$vt>1wj?jY>in?A|Bsf*;$GjX-Ab&#Lmt19Ap@wkm$wO8i!v`RiKS{SglFEx~fuF8`RlQT}20= z1`ABeiO*lBdj09+zrEXiynkxVf7%bcsTO({Bl`4sv7T#~2}u(Cw_x#hv}2$3@q1|a zwXXgqYy12P^@GgRx&Er)MQB?II@^Mr#lnP>9iUZ=VjOqDqN$@M-Fo&p^!H}LL(#(5 z13Uz9pzdavSC}d;SXkYC!aN#eEAW&zsnHHg4&hmHK9iE9Y zuWIG${Kww08jo}BX-#?;&lVl75&`2m0L^)Ki$}v>HEABZou5y+x?=l2^U73Ct{OjH z3ex>~S3yI5``x&VjogwD8AA&gDbBS|>6axD{untya`+F$C>bMt{S#NEq^OIKm?CauO~6VWLM_>)t>eH!;@T#ReaI zp1KE~0`?lC2)>)%!w8+Q3+)lRET5vLMsRGr0E+7s8$$eUw8`V_#yb!4<{_qXYz+pf z*ZQ|pJecB)HRE1kjHVxEhB<$b(Ct}a*bZ2PsjsMNzE|wVBkfp|Y&IB{E4#&;7v|#D zwRQ_Csmi&dwJrwXpwJvt(=7PVc6=0rC=P@oZ4|G9h()v{jwBArZ0P+Gmy2jG*n7E0 zFW+u6dgZbK8h*lQ6@9|3z#4ZwoXAUJdblGD&;h(dZVX^&d{7$eQ`qhBHl=VyogO@@ zG6VC-!)YQjlT4H0vJuo)v*V|LgX}(J&x>^hq5JJ!ACI+bp@iMM|Nplt85u#xKI+uK zvm2}0zfgSDXHCiEL7UGR+zKlsy2NA?jqA{|rUBqx-V}}C@kfzO<4c+6+VB4L7O*XT z)pc&0{h4R($|?^HtYet6Dc+$Qp0F-UGULjmKOW&da>jMrl?T-%_w_!+orH5SoaDB4 zmA~b@&d9WCm_S~iz-X_gXN<|y3?kIMKuc-!GyU!z>He?OX{ZZswf zA9;xy^e5jHveCWK+h&$gDj!ss3N}6sC*nn9(F=`7{>%~D!lRA}xS>v42<-Vc0>Y1Q z##P?dSkG3MWeRtvKgL5P;*12A*rDa~ktbU47<1tb9St!C>tp#}1j6qd71(|)#^}tp z061c?I?)DM=PG|Ed=e!YeF2LbAxLPjc-NrQW6s6C7+^Fbk^Gdy9$81LhEva$TV(8F z&3YTI|?eDRTUH<+9q_!3`althMNSO`^&k2 z98y))(zp_bzAZ^=$Qs6jRWA_Sfzk5bTf`&hij`_Mo^IKCNyt&nv%PpyDi1~-V+Y$6_l$2#zIv4Z zxFT?*B>ff}ZqdN4%C6-5N(F!QpbwQKb{inw10y>T82HzeIK_&Dc%M*z$R@Ba5Eqqc zd_MxY!!CKIZDZeR{xGQ*AzkaIsSMAbsnBi%kVyJQa~VJWi!EMorw@Vp!@!Ti>|q5? zr)cIT$;3&h?iJkIT*H43U*G2apJMah7fzmgcYN>8)gWm5t^bbH4n|S&IH<7wA-fQd zABl|H_2nG)pKOr4PNJ6t*eQWe`w<(FwGDxzYi0s3%POeYU% z9_EBFYO748xh(9_d^rrvZOgCWzF~4(zc)9fEZ?^o4%#hkZPV>1732EZ%WQz5z&|}R zZbJjnrC&G?J}yaihwU=AXN|QwO4rMkNFy)@DI*?CJ~o;TkJXHNzI^TYY#y&hzKB@T z)Fp=@BVEIzrk#lJU4`MVN)1z?j^Wtp);A1-DWetoM+xCkUVQx`5#~Q(C6-qxqh7{p zP8UO*K|u!f`H`ddY|F_|ItkyCu8JyX*dOaNH3X(9%vN92FJI4RuYHKOFGT_Eg&G^q(>@oQXg>=?=6|5yNiwk6ou`zi=C) zQ|fi1E5WEW1iOl_Seew1vN>cKK;(An=pzVipw)k~x1CD6 zIc7Aj`Vxb{U^?yjUpv+Jzd|@!-n1>g*(}=AWq;RngnOLPvh%$$SweR9A?|STbFp~K zk_;7T4_ZkWQavLb9i-|?Nu;_98Z(=RuHZH*EtSpsA=cLBhvevQiyfDh$Uzi1GRB~Q zH3c)UY=iCfAyy(^ilE$@&9Ahr(%|@mJXqvax37p5P%4;GqTIX~c|?Bw_vm&SMIIQP z?nBZp4)%;Ou53tBxI=6>$)Z4uNt zoYnDs9i>ze5vMuld04`zI+#psdT%Idt9VAi&VVk!77Z(F9zMh$NQS_rWDvAoqnF2-PNta4K2EaAvmhOVqq&AG znTkGt+La|SUB}*9j<)6+x zTRqY`w0Vt^lvAbPlW0s-^IxY>Ns-gZbv!w8IYbcHH_#SK;!tCARhxDI+RXc1;&LFJ z$xyl{eH{aqG48CuYHm_UOGi%)`s)d$KgTocy3Crzk{8lG_C5fVqQ{J0Cuw7p428X& z@G3MV6En}OC@p_-QWg+y%5e8vqcIeP+s(j%IKLf$Oii)m4>5o~$mMOgN<0(JCPL=) zgs>tt5A@dK+R=wm=^YfJLN05CloYjOtoJq>xCg_Zs4gL)63(u8gUA9vRg%vNa>eJS z*YluhRZ({Syf)8BK=&Mq#*0gl&;ICQ16yboKt`Mu#Mpi2@#?55>dpo=*nRrV(M&i; z>smKxMon8TO2!Q2Ety>~81f^(+gG+pOPc>raFfwj?;}OOZ9D;R;9vUwC&%|e=8xCZ zTzdM)Bh5-;-v6!+Tzak=J39WzRaf&{;5KglP3KbKH*@$rcbQzpOzg|?~U(JHESsYoke^iF6KEa674s!UiUDsT(#9;|hyF%5@Z%~k#c5N1>rtO_q zF3%vz;%i?_o$k)f;ft;WT|5=tM*PV}zl$f7wO+R2;)n-h??Sv!Xwc8SFusr1A?i>B zNZ`|+oAGaY&!jgrsYG5{P`G~|YD7^R0?tg5h+}`8`8UcO3JX(B{+=XH&%sbm02UQN z?|(Mr3s0|CF77)s*YUI(`z4+HqF4KV{(326!Zj}s$6Fn_oyy>%s!PPgP{{D|v~=6N zM!e}m7vg0`a6H=CdR|oC5Qf9$ytGmj@6k_0wJ`dPY|uIjm_VOHSCWJr;fQ>e=R=O3 z%&uUq*<5?*h#VMDqe&y4R`2YXdXY2&jp_*Xhz%o2xl2^SWwbnEcTExhsCDvn`JUt- zI>4beE8n(^x}WT=YAcE`QHS4VszGHesbtr>jW3sBk@qfhsn&cJdJB<-P?vn|^zL@3 zO{JNbM2M@F_ChrwEqi?U#b7yw5JqYn9JN|!;&;HnaF0UC#WJ8 zbW8v3mB%uW#wY-TI@}}=rC$~p7ak;G6?XP_4VU>Kc`Vm!KB3>U1BsFq6BbUUMNcR= zg-gm>I}s#f08ieccp`UDrtw0(D$_fEnHC&|!wv@}Azb4H;`ujGzPI*(ZbR?IF2Ti_ zGeD9*!SgE&?W<6SPAeQwh`)P z7_E@>mC@)gs_Xy4I-`-t?vCQ~8*}jc;kz40LLdEiHSq7Jc=VT0&>y02kXt~`e{TU^ z=erjfkMWX3S_V4yRsnY?QTC`7nc7P+6f(I}3go;hJoui^1N;VqrQa~~${ZINpE{`$ zi3>8lT(WUiZiY5JjIr!>T)}PkmnV$v*@_6A+o>F-Ge6rjz|$#S>|LR10c|v8Ex7c> z2{T9*CGNXO_xNYNw=ZBTiLm?F>Vnw2r!G&yNKfK*$8db`#QOv3T67ZwBWxzI#t`UT zZI-qA2k+-19tZ@87ze3dAfh+8~iqa5Iw5|{Om)8>4OncqB&o?rg6^@$_HWe|`o{--&oI!`v z#Bv0VQA`@+Hz9hc2G=m;#N@FY9>QPq6d}Un!Zhv+$aD>^XUQ;0P~m_L^;Y=wLcF}n zMx${Gy9*>-S;COnb+W`teVKW@;;otnilamVGyQ7uL=WPq;xyS{8`BP;Htl$=kyE;~ z{f}6g22>asFa^i&tNA9?s5TZGmE2lYyyjBxWU@RL&4(=~`Xd!q!-Ku&Cp%0ak%MTo ztPKUSUGw7V8+OH-vZoFrfEp4n}`Rdp22 zuDRI81=m#yAkjbQ^VFNu=(T1WKQiCyb$S6tQ)J!9(dvlxr$iSp)E+i;ykdP3X!)$P z+fQn4Jc9Wh=c`9eosqLWQjqS$)d((NGdFnoTV%|g{H801A}XzBx(Jo=+h3}TNosly ziVAUJIvAs-#p+vBd&;=$GihXOJo!vrB`vRil3!(Bu>nPTJ4T z({igv^K7be-ZVRYXCO}Eh*iY$$0)PF6f0@exD!lBerQmdXMA%%!|a$}9a9M=uBcu4 zGBpW`jsU(?{Gx7R{IsGZ$SCM11Lm;I9O5rvy`xLC-CiT87WL*)>t|#08eZ4v-(LkQ z)E2AZU(YQ3xHDGj6r*5hqB=j#n}ztLD&};o5@~FoEb4H_a4eKq zU+CDRGMH%QVr*$Kk5VapJEoy!*LxjS?R^*c4!Wter%*s{rVa2Jb?v6NYHw3$vTb#z z?~uKuqpG#orrow7&XrczTZChl9UBwjRK((xmh zCtRhFT7kRJQLu>v-0Qc)vM@3)jIZ}ODSj#%BOTp+swDjopm=_GwMnHM!xQ}PiM{iO zoZ>T%1bEQN$#p2-XChV(OV`l7{2H>tFF|4sCn;*PGeaL8ra)zZ61MR4yDcTG+7mqeE+o^!EoQY zS+K016;_dy zvvP-u02RI3tAh)geA01Rh2xIvuJ{r&j9+96vA*E)k(=-hJf+f$q|>=b&pkFp^h3BN9?DJ5S}dC`{MYM=Va38Nv^@lC~a9QsQ-F*yh;# z8KIiF{-o0S%XC5T$mR~OlbtbR{hNatzq->=u2zX@XWuTyRa5Ox4tD=<;@>6*jRM~% zKuI-pAP*vp^g01wahcL9B5aVG=*wf>HBVZYZ@6-jFZdD1qj#bF(D${}}0|;+XZ!{x7ho=h$>CPT=EYIW_k#+FZt< zz-^|DONHBjtIMF!7Cc|1yqHUqlmq*1N_XtjTz9pQntl`PNj%7ZEo8L2pZjkkVQ-JbSLN>-GQkBPpSLU&EFF~~9|OmL zpzbZmAS{5ue9zM7f@9%NiOe&}tC+`6|Amo4rNeDjGgtvZTVfrWlKgdl3Ut#c=ibMj zbiQJ$-MhsfZgCk`*S!gPi1>#|eSf_w;pH!=e^StXdH<}1&vc+5qGX`y!Q}SOZk>{qqFV8{MkXYg2JUZ;s6QMhwbR6sbDLs2F9D9$-y zG#r;3zwHU?yL&SXTP_XXF?`>-?&@K|-^t!>aXES#`d=JamoL)lcJ#iwr>o1=7G?+A zQZ>DT#DL9)qD>y#y6BF{8Pnqj_9pKfQd}{Uk7F^PceKQ{{d%eo`Ps(ftBExV%%J}- zePcdw=2qBe12Y#k>5cE_>#E_?x}P{R!`fQo?@*7e_=M!PmKDd*kE_F!(5Fg^pKx*w zAIuG76i_W<1}Bp13##A@pVtJm3{LsKhU3I|UT%R)Q{m}p)CIvAu8#yC2=>_Qn^Dwd ze{$@*Wy3V_pqLs0o?+-rJKH5YpI;y0sD={&yb5O)oTicZPEKDoZ22M3+F1i_srBnI zyiW%jiJpWGWqyh>Zk9PN^}q z{EDPKNfdAXObCd4+gQzovlrDB$2j#X)ksC6&=iqy!;ezYus(tNqzuoS3v-fAbtWQ7 z1&JxUC-DboVz}}?ZEH$Pv>ti<-eD5M`sxA0K!3%xq-PhqiV}4~7fI}gE_{j0hgjN_ zXQYUx;m2kHpvLd&2XPwzG`z1d;o=j&02gbDCwapm{UpX)>!}>C2#Jx>fOPTNzFFpd zqAHll6xf|HU%6B#y#qHb^Cqi%5T{MPEm0$P)bNhVI5)c!Veo4YJIQD=euq;ZzD|N` z#8%C31Wys02*QOcIzLrO(n}jXcoeCpbn~+fE#q;3x;>hyK|1H}SUDRxe4Rf8nB^HN zcRQ&lv7ff$?i5!N(FA0)&XaeR6$We3Mnn$8Zyrp1_B^9K!gYxO_#*i2S9aeVphd*la~vv2%2c>T`;UQajrPt`)Nu*?s>y`Br_O=16m z2=cjV_TVaf*7a`!GMG9B-scBE_d?OX|KweCJbR(I zIAm1EdcsF9?6JEXug=v0?Ui?}eoZVJv03E3vC^(D+3Go!V)8i}N9{m|KTvF;ksbEs zRg>PR)Fb32lZ3&2c>VC0V`^q13djMDSkqbnNci?2DU z@55DCgm4(QSw-o^7uxe#+6uRDq*6<$zZ&V}#mI-Qt4ToL03<d1sXp23^CR@a_zl z$wZP{I*&k{waRN;|GljOGtqS~5mojyq($dqiO@z8YLpVeB&k4#YvuO8Y5-k;&B>h;u!O`I&lsx7Nte)w)nK53ZHIO3yk-4UC zDxbtq@)4U5v`C%c_SRV%)!SgN@K?6R^CQlLi{F8Z5FcQ;!?kZ}uP4UH+pYNg8x-ab zqrZwCa#bsTDTgBFcdpq3Fnk>rdpZ|-E)-&n{$mTaBJcNrNSV+7%PQ###9`|hbu_SK zvw+x00X#ewfB(ocW^w#Ybns{I36>WQ=U_J+nX%Ek%#tdnO+#t>r8CThxXVrJvYTTi z_d9xyScYnIYd!0gBIE&Ci5h4jE1- zqe6f^|Hgp_)V5^eYZOpVHb5rU`QQ+qoX>9JpJaTXz%(5#!0!qQ5*@Az+5qZSd*Cd#Rm30h)Q+iKMiLVb%>a}t5~XGUUy=kHtoeff z&y3?86S`~$)oIkSi#C3lWpetK(#f*4>lTvYESI~zabHPn=fk&j(JN?OyDyuG2j7O< z*Mo>F$&8NA%7WmKDp0)?+g)va%j><+dtG~?kxV>J>C^DA@VC@$tD|_-t6i=S;(D%^ z6hs)4Io`oaoz2OOiK%%CboYqWceF5NKxcVhKP0ttx-tqf(E~5LM{SyiHjk3(MzWZ> zs~#<-#jf3DBU?$s?BTGa4R4a!_M6L;13D~!p}h@!k}ILBuvn6o*y7NCuzvTxUq)8_ z7B+8fh5ng-)ET{7P;8_c_Cg|b{uKY04}Dnsg%qL&!LuuAB%fe6g;tcNNpZ!nbAIBc zqzaN=wQZ6LcjEt<9MZEOns9k!bDnMnJXdP>O)Y8Zd7lMV1q{MDv~;ywZX2F0rK2;* z*XF`Mc)SFkb+6U&`RH$L0+6lK;2-M8I<=2NRVK(fzn#`RvK&5DK!@+~Z0X$S8TN;; zpUfVX_uX!_+geb zB*wZv-ZW@_m2kL%1UE$!LUGo#6N4Y|axM`@8IwUI{N1XL@JgbHsKy5g9cjQW)lehs zj-ALltFhU8ODfsfG_JA)S1lB%6oZr+lw}RGlYygq24leXPsj@2g{KF=>ssbgwz8=% zc5{yJ<%jTXS4g1WyH3+0i_Aia=y%BjXfWxnCQAAh0~JjIZY>GT=7eH@L@$<1^rNEKe2gD(PEnLUXH;j)RI1C zDVUe1bN~vHO780ze@y}Ko7F+ADlpmh(!DHH$D*7(1&Ko@t`;XUMW+ zG>!XV>NinV%oY#7f%l#UE)3m4`L>UziOv8Dr8wP=;dHcK^+;$BWGCCv1sb)tC*}nXN#GR zk`fc~;;h_R3YOWvDTkhlunQC+=<@oS!^v1opQ!w84MjALsT})ngcR~>(&$Lsml=YF zFB(O1Bod1gM-H~$jPyXCUcvuZo0tXvxcJrD^p1%ai6zjJ2oAFszs+MNbJBq)_Yq<& zo!CQB;mfV&jWI`XMcu4kx+5dQhRZbc?k){6KwRHMjgtmqxST>#e-y1LOcNvF@AKTD z4zR|kQ2nUELGJCKp=-1jCs^y((hGLCY^JA|SwOC^T?+%7wC${%9{Isx=2cP^d-Qm{ zGO>2Q`wN|}j+}F)w^f1S$vP)qLSx3#sxMik!A{#$Che&T;Y(Ngct5;Fc~5s=BIq3Y z?ay2Q$Y6?}{MpQ&rhrVsIk|Sl8=iK(wN%LJ9CM_khoZQFFc|rATGB~Z&PP*O(V2?3 zx};8{qcj6mBS~W~D?t{cGJ(bf`-PvF8t1yyLsEoBikO|E|BLewm?kmu)wR4LvuN1- zGJIRSrOa%1Fkn#7xeYi$jYR92{o2Uuj~o4ubbASwGp{Mxk_UOqyF&&^k>H*47njXJ zpJd7t+^&b<0=c!gUI1J>#iy|LZC_B|J><#raR}M)T))obzu!cM27ENWQm0XlF$S#8 zNhJK|rpdcA+3oLt>q&q}w|6#OKt6T9VC;ToPqUygAV-%z$U2-PjPd{a+CDaczNA zT&6zez(GREO09kF`e4^_IuI8&#_G#bXl3AE!`hQpasBIy25v}^5jcOvdQ}g__ z?4)>aFAhgf&(BKecrXWX>G`-A7=ycj5|3?o5jD~#iEJJ&gM8?{3AS%@l2ly938;!| zUH!EULn?5{vZS;k(_iKyizJB*(+pao>l_E*(j4U_$1&(GN{~Bi5*yY1u(K@XyPkbcMq>x`BRyuDDZp+gELRYqdfad-0C`nR#&H%fdE82fO3 zZPnPB;`k;P5p8RCR+%eo$x#eZQ^hH`Rm?ksze^xa574WSB@onc9dW(3sotwzr@NZ z{egB*^1&YuTir9yY?RNvnme~2+6}RNyct~V_BKBqlm43r`I=ux-&JeH5w|n_PuXlD zr-;bp{nN~OX6&GlY~doz%K5KwgLZ{lNC_LWQf{dXmppL;S;U`V|45aj?mfv5^oe9W1#I^6|(%V;GU3*Wlt$RO{ot*KZZa9bWR@a*~0CYT6r|eSDb4=H6%$ zDhH2(?x?1e21TvDPIjL)0LkIHF4wWKJB*Vx8B1oz<;aNA@dY!T`UC*LhBr57XIQY& z$zQx|x0w!E%ab7>Oa>Kj^p26?#zt(YXARdBMqmmRoe%>r_G@%yLN2<_(FQHOn{bx2 z(sn&f5m^llK4epu(^7*0&!nv{T6Duno3W|j@B%J5{6M|Tq>i&90W2;J?tixsZ`qeJ zxk7g`&fPF~b}eqlk02xHE@?@oMt!?(P1sI@YEtm1xYVp#FGaG+#%4jr6hjLQ_QZ>P zT6PRj-Hkt)tR-RLQ^ZK8vy&?9vr%$3S#p;e)HS*|`~R5w2KG9@ZrNbRX>40<)TFV| z*tQ$nwj0~FwPUlfZQIF?b926X?m72A%(LEEGxN^E7hx2P)!dMT;kH`RIdJY50^pHS zRQ+v1&5B=acouDaI}7<^!SmH<>?kQAwEt)6G$r$zFkZ$Xpu0}Oiq|zGW5Z9`VMw1K zmr28by1h|;LjTb+W8M*Jfy>UV`T@iQ4X;f6`gpJ#CT~7 zLGy-u-b>~HSC^Z7ul9Rd;#TWPGK46-DORg<5&h4)zd$loU=s6$ChA(<)c!52MPFNW zEQh;_!(?ks^@@vlq*cQ5S~C;yii!CI?avR(G;?m20^v0d{|0#pl8ioco#px6KTk^G zJ71pOY_%R&bkZQvSHBlgXqdA*0-%2fg&TD4kbp6iQCy(2WJy|`qm{zuPe8o<)$uZ1 zbcXWPQp~(rDX+67U;-GzQ6AbA9bm^cvQiWjCJ~NCK1<9xAdFcU9d^T7Q=G=2M8RHX7YJk=S}u(YHS z_gkSH4H7z!Borc-<_!VR7u|5Cak9BUEBUvGhAE>50?SYPr+gfTn&pqPB?O&d2b2hA z6eZ4^aS_tY2dIPx9P3)h{*qeZ1Nnms42MpT9D$e%6E zw^R7BZQ!mN>Y88ovWQ*cO4bTj=$Cwj{<^X6qKRH%dII@%H%u->YiRmDR2=WMpf3s1 z+N4oU3_pr=VI=%Tvt^N=wTy&0BlQA}nd;yuSj&c&9rimj#;**=)Cpm;I0|N42x&7+ z#o=Z*gLR#ZCy{DHFeTbMTioA_V{2?Pf&|i?Gnf~10`St(KT~T5IbhHKl}hW}Mg>vy zq^A)s9hX+XzbB&2y7=)jFRXSs+6!}+oq6|fezr{WSiw(P=d>jJ1BoeY1nf5W_3TLQ z4v;f1ph?CH-L#;|SCY**%Oy&WKZ{HV*&F^a|7j5%Xw!D1Fc#Bq(pV8mO;#YJ6d^UZCiVL?sU)Ua!_|Z^)IkG$#3WvK+frciT$U!BYn4BSApz zr6s6s1OJ)eF;#JwbU|=I!QEPPhPo_!S%=hPFemMUCm#kT{nr4b?fru@^{qB#=cvkpnB~t zI5JUec2}}uWn4GhzM@j}DKc5Sz@xfs3YAcDIr)=*H?*HRb;op9;3kWMI7=De#D6ag z+jEHIaQV7~(@pJ8-2x|V(G$t#r%5;*?IwR%*cO#$0(0^iDCZzkQdD}Ur36ACTsjx2@kW;S<@{ZX z=@eeq+l;3?uAqiGM*pUFdummqcg!1bk>d!PvV=LQ|? zcu!&uTUR*haA;BZ@Trqkg*pL4!4mQIlrB%O6#EbjEKO!ARlp~|r!SF-mdlcBz}D8) zIzB4n?gXRWWT2vig=8!WUTo|j%|8+fl)y9!XoIhssaly8hV$Y!5BGc>ov{OlBv0p+ z3iFzSYKK;swMgIwuvY*d9+C|fC0<;HllDki_Nvnh)qd*Zf!Ooq{c-bX-EmJ8J~1=v z?9h{O7wIUwVTy?FwY_@_!x`587+o>}u{;RP4%0aI>{+6xG?9HJQmLYdR60@QD+5t0 z9&a5_5hO3EsHIqo5MFMDt+G9IDAecJiI%!E>u6|3(nZt zbWsYu@^N3nJ>rW7W0v0030Yr=HH~L6zSw9cnD^b>bMT&vd-+aD%74Pz4L`5R;;gK` z7zN+1#JeeGbrIbw!^sVYuNjm?$w#)G%=gB?ldijlge6 zed-Vn-mya$uh|hnwe~Mt2CT9VqVUurp-4fJLg0W@mJRmjN;s`~U>85dI@nA%7sL}{ zbJnfrW4mMF6udp$QK6!l)T_Z1Ib~$b{9;5KwzJOey41@n)7$rD&VxoZSuBdp*Hz#Q zptH8f`xP9?IVc=${14_=C!>rTi5sQ%SAafnU`kQG6K|t2pf?ZOsy~{Bnlv=PAv;3x zud7aIbJwGd*V2+Vl+W&K_m!#0z8v%2vwH+vN-Kd}n*XEr;m?%T@q;2w-AO_tPg7Hf zOnf8{9{7=lIu=$Fi;A8k72_sIw9tS8Jos7x2yxnm&s+nSv#{1gYk_T)q05vPp$uaRIksc%)R z$W!f3&zv20&+cyn%^jG4KDuS2%;nAA*0V`ylq#W@fM9>XmNHtvJ!**4CbTNWD_EqO zj#vuHrmleQawq`-fOrA6VQ?)b%#EAiAE#qnj+;S?-!yfoLP=trEbQmyCXD@-V>DUBiBo8DX{U4WW9^14b=ZWk)mA{HCAf zM7ufy0R4YEW~$Gr3yHh9hHcJd>oU_~fc=gn@hggzJJ<-(s{6TPy)j%X|4tq71dZh| zgZ$oJ)n1dI7Td6!lx`tP;AS!$#uYPROqI8FQ}H&a*3>9o+ns0apk+#u^H(`QmPFz% zKcH37)Y`cMGGkc)-mgndcQ~<+qXgvChRnE?dG`2|t|rnYtJLhOB6y-t%@f07?q!Yy z$-xcGo_9Q74A3oq9j`^wu598MvOOf5AGGog3mhpoQ`9|qaiqkx8<-Onl#wl-80E}m zXjwWMO+U>8tWi-DtqzM4=mLVPF|qbhPPWSku~|hKMPl)apMA(Qi(h3=EXfX z%|_}(N2vUU;YRzlwggDQmdE0M_9^UR$>cINlPRB=N3)!yvt{11!~{qbCN5@TV-8eI z5IP7ngsf~{YLys!sjrgOk7fnxdgwd9rkmdZny zI^M9}rklI)eGlY5x3^vyyFLSRctz@~C>EK%o}b#}hjh4O_oZ#cqSwmtu-u2fytbs;facN&vO+r z29YO5%&WV1CS+&qg?06#uFY$q;%~2n&(YDGZe65qhnj=F1P0$)aMisrlO`awr+0M6 zD26X`BcWs*^aI;YvfCcLlp}w<7@VVe!DEoIlC0zQGWqbR2`f{RWX%VL=-u00`vuhQ z`Qi0GDJ%zu!ZE9LY&4Av#e`mkKoRk%RCPC;sMdaTPTnFl{wcKnZHgMGmct34<6G?fgqjp`0k_nzl)N1h&_%Yax z`R<1BNSGA``|QLz46oL?cS?6b|3*-ADpT77hHEZ|n!aMQL_g1U!*3d6Wn=6q%6R)T zRKvAp^gt{GN9$;9B(>NDc;WWp_}hijJp5zQ>dB~=KcK;flh7L6g`=g2TxUJO6IXx& zxA$&zkb|$klDD~43g9XA`_dAbCnbItzJ#r%#ea@6%fzMpwDEt7?BM?@2WvMg5jzhG&?(wei_Vl_H z$wDoc{XTQ`(L>$b47^M$vG@XHQxdM(l*xafsp}9N=HlY==<{^Gau?+;C#z4KF$R3A z9v0l>+7=6j_jD_lf~*m1;w2_Iy>+qWMM056#9&nVJK-db?Yp@1^! zhd2Ef&ZpMaQZo=1Vtg=B*i@aUQGSgD$)r;kM$qdIT10|bG85fcEN(;|;r{9QF4X%l zU-q+8HZEeZO=%oB7|-)OxjNHz|CKkn2RIh^%ZA)$Ly;pJ0;l6+m*UVV3ORqkc$H^dF- z>yZeMwft&t>5sw}1n8Ti)?bS*r0f6g5GZ090Ffy0q1SmXd=#AxOg*vJxZ9t6-;Q9e z=aancU=j9eb!P@&HNlXW7&U_nrv)zx#+dCGJo#Uxu-^6hU0g}U5i7o1ON)3yNlmi< zB~Izvq@fRUle;KInRtg17TE18X-_2HHo&DsfHH*Ok`=W2C&m6X0J6o#!bk2GFcPPQ z7;2V^+bB*z=G;PV@*WN?umht305QwAK5t1`G(a#S6(eE?46^hvb&u7d@r2>pQXY&$ z>{0&R67)9}I_vBAEHz8h$f#o-B5;?jC!cRBZ01`h&P-ZsF?Kh&cuwq-oUKm$B*4(T z%~YuLZAjZSRs~7@Lara`g6r@Ci1@mGEeP%Qxjc?!{Wef0hl4^9?JKK+qxZLK@gid`c9Ym(v_J+zMhH*!4=WbJu@ zt}Y1Ezh!7Rk@i>T3QvC20#P(T=d1?Pl4;QDY&GI+h#uehap!_ajTuhTSa&=dry!zu zqTzpkrx0L8Oo|5Y1I7hOe~=A>H?zza7Z&p`D&m^%iYi#AOeWwHHQj z6p2=}5T1{=Km>iIR2UX ziTb%SlJ|EeknJTq0`%Jj%`QqRxrxFap$UZGqNZl&or6b3jWh|hfCu}7N$D2WP@H3j zx+F0{n#h71h3|2>q2=M6fnzz$Okg8m>2RiTe;Xd9=8m^U2xre3&;N*iEcVz|v(HM; zdtf>C7-UYUS46U85Z^m{I1tWDKy}12=U4(V6rV4EN)hbk&%}d1w5Dec|Y(F(Sc1@ahLc8y{eXVEcyW+!=@8+!;99KI2 zKN|4E)ish5*bGEOA}WYF6QHmj_#8@FW))&B0}q#)?yqWT14K9878jjk-KAj}jRo1# z;OBH&`mYxdtuaDuvyHy}M05!J_Zhbhy!|T6L0pL^kfK$}(*-mE2?AYRnjRamLjK4d zp|t=7X(%h=X0ye&w5o2O3P3wUj-F4&jP3YSopyc*C9bu(NbH*~r~~J?ve$EkU}FU_ zbPw@V{b=thka~8VEY4GK^bR2Y_>b*@`qkEXotNu=Hwo!hRgQk(_do)1eVn$<}&OQ=T#bO~R^Q%|Ku zI5G(5TU1L1e{E_I85G_Zv!32ZZlod)M6&_aVQm2sP8!_GD7<6Y}D}C#qDnHizqbH;3nC zz*ccf2sF_kvDR;ctHf}J6Xh0MIb|w9U`z0C6$3bD#GX9oErVlE*-xwtA)9mur(psY zT!Y+iP(r-SE43e$Fg}GR=cPxFb%~_h@s@nPV#=m^cT4t7D$;udXGe)s2c>vWzcAZh zVHmeZ@8rJZj=QxU5x1AtisLZ*xeIoK*7MnC411EJ=6Z5~lLR1;s|*!smm;hM&W=D| zL!Old%zisK=;A{Vdo>hA9D8$20!SN9guc5CI411ngzt6t9=W*9EyV6CdM85uYQff8 z<37nm%=N@sfep zIxB4H%zKCDxsvVR_NoRhf3KFovF8}Yv7>vQ3QG%*TlsnF1%_Z9$5Tyff6egA--@Jq z!xI2m#R2wa#))3-u9#%;d2&Lyps$sj3&huxFH-$f_LOhdcWKWEmsk4za^zs3Blup8 z(6u@|E%69ZS*h6`MZhY(5X+?+kD5y8?+l+y(1TNyw<5UO3ps08O zrHcR%p($xW^KTEX4=oq7b+4m~>6s-wqF9M4T{l?J8@TF+jC{NClsuNp^!AP`L3MrD zFBig{eN=22MwyM!#$H`z*uuBR2BZbM|0Kb0j-M&rx3T ztCuw39%n`&l0=MOlM+%jTf;#s+Whl9_NE=3Mnj}kce+NKdDSMytNTvJwx8Iu|LmIl z>a%CcW&DaXKjH3&%@-}z{gcc4U*KeLbeF&+<8po;z2opaeJiXTrX{I=z%!R6TI$xS z1HTnVsZoqj5jL@)TRN}sa!TbZ2bzrFBojcciDlr+?UbEiV?{^ajc(tl$e-cuuwgcq zsP^Q){51+)8!lZ1asw8@$I8@ZWm-OYSx@>3TY>*-7cq2}ROHt-DQ6LXdY!X?cAFTx ziS(R?AD#yKr*?s7vODX+EX&-^LeE4nb|V^PVx&8gD9xe6Th4xGj>kBy`*kuTxu9Ya zhuYhekyebBC53BCD)?TvHrZCh@BI%>(P&{5U|FzSXkL$_;BC?IzAoRN6e<=+{l=fJ zZY+77=-qD5tdg7qB~P7nvZPPgsR&DKq$b{pH;u0L%`0CpeV)-{N>Et7p@)xHmS+i! z2#)m9!uW*&XaR&TIS(ifL6R!R`P897L_$0m4h|TO@UV$~ zD~aqCg`3I%nD0_xs(F@#VeN=WWvGkhc+9GuNTzEW_bQr9++*yJ0b=)%vQ_dO*n6M_ z>yx19KNo$O{;Tk@$+6CMczowg8_+A-zP}v_`XIZJG{XF|prG|GIBHTlD)vHr05W80qDr*ezNLeQP9R4q z!{yCeiQnSF_r_W=8q|M-i{!P~lD$p}g__y9GWVy|WGE_>c<9QvfNe?9O6UG27S|nm-chTPdvjW097{9)u{WXYH@`0B3QwJ+YX2>8zeFb!2F5ZW5m$(Si>!+%KQicI&HlS}=A=f^k@>$)nH(B61a~M;P3Z9* zP^;x*We{t>=&B9&n69BqBUV~}tU9hfXms(hNejbT5 zb)IN7UdAcjApKIv`e~)(NFZC*kdSgK@;$xy0Z`e8DB^axQsU=B?E8_i89|-X{Wpug zFC3k_<)b(fuGW}?!D7iB_B_CkVwp#TWL8T4{&#i0vTtneG-ZoQZ3xNZoj15gXzr}b z^ZKI(I1Nc{tm3Rm>TKXNjK~u{GLQe#x|^SVfu0R5kHxIl=Y zy=`A4H&@*v)mc=C=T3O$ zjL!1LJaP%#?V4G*v3 z^%9+j5~48+#P_HU5`NBGL$AC?+Ka)RSW2#11Vt$1)z8nV-WaQn^j-C39FxZ2aTm%@ z>4)a?NZ=V!NgfG_OcPg6*La|(Yh1QP9_ZM%!ff3~GY-f2fIx4Es9lk1jN>eAU#OfN z*Z;qI)6bL?S=2ao>#K8vR&5)^w?+Qp-CZ{64Q*c;Xo8r)^<=F>4p^!{tg^n|gF-hB zBKxdnmsW!%i`kk^#4KzJuSmFi2PH1Btkraacfr7mdR`GY||CmStp9xypx_vY(9H#|07d&SqS zD_WRjo8cVG)uVY7TCi{~NVskwBK^pE$1q7DYGyqq+J-E*ia6cA?yO;VZwOp(2S^ly zu>8zbgOr`=-cX^BzAOH}dhRX6K{Kj##bAt8pvKMIcbl%zzW|}+Pd4A9f~{}D@V8Xs z2;TuZ%{?bdrZ;&oM8ifYy0DqSif2Tw<({OLIbaTzd%ZXV{S5!|q8R2e;Z;QQJARh) z7F-}6+|fv=(7iKHAjppwZHrIJ5FOZw+cV_yG`$Me$NZwq0jPEs@>A(z*vXki zZ6wo_u9rQMK`?Jzwu4o-?e`L1Xzjj>B&xzGUJ+u4AddgSB5!opDiabvBN^_EF1p#k zG?r0v2?ai5*)kPTOM&G_^&6)3UjDgKPU#B0_x|X%srGP)K$!Kc%*SzdSVP(z3NAMe{ za-QL=l?$B~vVkLBHpjF*a-5wyQ`?BXoXe)$GjP!5eXtgP%NwCjA2sp zl(u@CEgR)*vd#3a*@K`y!mi&4FBEjCgh1n+7j`RJ;S}TC*3jCz59NJP(VI_s+_SFf z#NT?ptQm^&o&vqch&=KA>Ef6={SxMH{y$z>qGVLeQZn`V6)Dl<53?B-IC&~mf~I!* z>1XqcLzAB~GsN4(iG!zbS=UxkQLcKplJpq%C?a|voA01)riY!go>Jl#32O{vi0T;b z_$>G5FUYK?qF?KqZ^p|ef3XLnjVHeCQMW3&Fed&o-?($9SFr!5D_qtv$9W)ljhi#Y zWz%%y1?F}e9%^?x0CDwsy0o(ynmsgT%Mp0Sklp_{sp^Ns9QGX`!*#nm#uqOkIjR|d zt)_M+H}~j9ZNAp#h-!v#8X+M#PQAJXF6|w{%MAGD-IV~j=k_?tm)+GCbKsysyCxM& zm^5>;m0L_dHbdgj%B#1?SMtEaX(&+n9(^Y0?OcMkGhfy~V)!<;^`ZP|9g-VUnhr+@ z?j5hCs3;DfPZ>fXjg4y6cHWyluy)f{+XBvU(iz+q=5j@&Q|L4h7pOlDxEDj%bO zGOulP8y<;Pqw9l5sT&&>MxwVQ(ZvZxAD?%U6Ea%Q2HMQx z27D)N78*Q0%4}y%O-()Q%p$jls%G3-Bof58E!HlvE5&Wf@PJ8=cPLIRG7YQy$5as= z^zW?2AT@l=qWMz{3FpxyuaJt4P}iFF5i=kF9H8YC-ECU>W&=CUDVzA z7qeV3bNSEK^Iuc)$P_j139g9c`UKufY~>;sv*| zg$OG4x4ke~?IIv#T0LIT zTG>FL!ZQg=KX~5WlDc4zy=|1NZhb?ULJsZzXvgd;9!KUNmJ*?VEU#V;_vr}+ZL*g6~8gTnAYjCD5 z)&e=r{$W0~bwrVNU7v`xab8O}BL$jU#{Du=aPU5~P`e06i7-KU=JW|*;-PnrwxOE|>W3P?77utBfhb-&;&=H|N$ z4@hiGUZZPi4E25Srp*SOEg4ne8Wei0*u=zptAz_&OhvmJZYij_En@956P52W>yf{z zehDzJ8ElooK@#6CR;-U)4dtsQqgAC|l1nFR+him**peOyzr}Qu^~gyYjJ`rBY2gm> z0!BgVDa4Pdg&b2>3`&Tte?d%8>iE{;UZsZ1Ga{OzGLjqPJG53V+)6wMm>t0SbbIvUuR1;A~2A!)nGJXi02)ncM=-7k|`*TP#L4^MSh&t2VA zWc;J!>=P^$lt6&75w#@rNw= z$id5}rzQ0*oA7VS8>&;3T}*NH%u1&Z;#lwYzVb(N+wuf9Z#jM^^4jHGci*F3w_A%k zzRxzMCQXgo&IFDA#!hVhYH`X`v#l4I+Tn|QBU^W|mzadg0NBFCEv$e8IeLY_j^^It z>8lXHo#S<6NzArj$$A*Q-%!0yIn6zy&m1v#plGk=3Yr#p7NgZbkP1AubDRBM3*T}d zi+5t%^dqE5a~Qx0tmEi~Bw|jh zOj+3z2@L;it3F9%SBZ0c;tFb=8$*moYh6%!yr2d5a4jHH4WVOe!+YXEm!8Ep1uI94 z<*9PfO(uEp&ag@7-izSfiK>@iQ8hh?xBAio)C27At9Vz@wP^${z--DIhj27$Xk7)9 zz+=UNS7zNbX4r=ZD+d<=uc+zw};XWT4q9Fe*h zB-Xd8k7*WpOg`Cme#^Y#^m3F>V;%z%1_mQgAe`UL>V>bAzKJwuT$Piuy3?>-FNh*4 zTuJ0Qg5H<0a`ziK)i&i5}ySr0EuT&E;Orpz@WE%A(FIec8w%jbkwo zc3X2KA|Y<@PCiP=9kXX|#Fcf1{e`TC8wlm=W8sdz!-Nhk{q;LvBngYdTpB^BAPe$Y zD7aD+d?50fDzv(6P<)-#vh9)cy4Jcr;(vPgeSrBGa9wvbJQ}#T`(exAST^>*D@__1 z*%i0dJSA!I*f6;)=9~1UWm0oWedor@(w^oN)1ow zd&SfaqtBU^J&s?`!_kzXtu1xg)*HEJg9AluCxxvc_DUu!!5fwxw7*EOW1O)wkfiKS z+_`i|lSEKX#SfXN^_p-Gc!Ib@^G@=&q4yXg(08^=X#^Ah-Hk*X9s3jYqKZb*dUhAWk0fhw=0}Fr%1bo?+3@TLOX^fPEGdlE8?}h zjGhK*EV>GH-)`6mQKGXSG`m74>^~A_aJ#2qT(_S6RKa|=fj_h}Ee z#QB)4wl0aPHLl)DypGaSL=qhiDHSD?Kaln41jz!Ce@p6bcPV8n_y!2Jmr+-j>s2t_ zQqR_35JUDU$H{p|Q4L%wb2|R)3*iFi3{U!bVvH&wjS$ zk|LodGxf=wRq<7s+LlrPstv(dlxl7!3{6rcl5@wI@wkh2=J5=4uC+l%8(yu&scp_xwN^ZacDlH7h?j zb5%5N(7cEDk30FJ?`gZDBOHGQkx-TL!pGRrlvY+ZN6nv-e-N)4i5OtDkjzQ~1Yd+d zZ{N&I(SIG>BVWg7$Q+dW*mgB^1r031bnSS9a+Wt+J+n`~R%qb=isA7zB8^SWo~Jcm zvSVGk3+jFtNyei7`8O&LG13O59PYu@7vxXO%zLP4bi0NZ7MLaOy;A0r`7snTojcyJ z`DBeMzP{f_26swth5^>;i0n%nDhcx|0`LKQ)$*q38G}^}rOkO%S4Kn=s6B!J(3UG> z*NZdbFd_ETUfq=LkTtg4Uf(zDw`7w&5PH%o>86~6F_8xhSxRE#zSngQdd+q|nEn7M zxRru+YFH1{=dROV6h>U+UG!f&xc%7=rQaWJ!2@teya zi(FTv+L~Cxhkm0vTqwDoEcKtCviz$!;m&^KN?(?%d;z$xVP`25e$Qq7yX&jE=uFMiJU>0*VS=?|$d(NH|TWI-6dK-iPgpdnsz*)0VFc?eXRU^8KePjtc2 zFrt~(wtX8QgVG`UI;Jz$AeN*?i5DVu0QG*_F_<1tP^*(&&F>tOK>iVU^Q=~sJT^v- zied>Xp~BKDEHw+-SIf2U8gJh>$4(m@yI8R0xwiVrs+TEO6x%I-J%SA^hG&r4{fssh z0bJT0U}G*KUWWNOmdI__d@h4_$4?TzlF43sooiZJpmCP2uar=_$KZbi#V-%>Lq1u{ zqq*-foRHgICz5MBe$6zAo35Vgzdw`ZSn4=wQu!tJPKDygF?xdpPAZY zXK<2SAW9(mA&il8HS(l8*o7^SJ2?FyX4dkhq~fV&jKyIGhuS$Z@Ezm+%e!=4gT< zo5KeK_Ehznb8Dy8(CYNruB<1LKjA;7I=%xX4F*R}W)H|+qz%jXi7CEK>r`!YV>5MfL;iTu3lbwR z`ECd2D>qeT@N?vQ6C7P_>MFGo@)6*xyIu-pgyxoVu6Y{l#Qdn3_$mvl-Cb|!93EK+ zk3O7*-`PBMi=|mBMgx?6UCVT6mrS%03j1|UHJuMhZ`4xJraNG<6BA*9pUWMm={1TF zOwWz$y&;MRve)jZ)_2`Al^)Db30XGo^yvG0Ll@MP1vZ-Iw2%7p}c_^O7#$!Woie zZ)%>-Hppr>FO*ETX7S|8dh3Yi=KE%FbL3N}r=pwUfc6U!b9_JvKJU^4@2k>(7orp7ylI@n@ zqjS6!+`3Qy`1LV%Ga6w6XMnTO?Ntz(69MSRc)|mw7w6}Op05C(!xa8#F$Nt;vy~#h zL2dkBLumiFtl;ya(Y$6TpL?NAFYaIMdI`a!1!nz&dXM`8d41!qvu~c|eJEz=NNHan z$I)bmajZqPA#ULa5&La5+5MJ$8!h!wvLbj;SYIqk`UeDf*0i8JOL~5 zQ2YNNyM#MmXiC)r14R+%nC5j$Mr|H2I%(W!hVDGmvENa>8h{2cuv z*%WYa&089uXeShu5&j^n$5BilE7MS5@^%ygQvwRr!VpU_o6ZbqcGDF{^q-J++R)HhZ|B=5DR@1*(+<}9x zP#2c2&z8ZXd|^6~3C_@y8*BqXHtz||S25c{CH+M5+F=vtjM*S|0o)elq2 z23O~#&MuF`#&=MSTp7!&Mof6{#t*MkJYK}QE;p>3cSGEDr)ug>L0K1snS73;a`{;` z<>qT30Y*G#m$V7Aw!F#1c*6`xSa9vt- zl><94U3EC0&l}UarUs+QKviIWqeSLcn^_jM9A69cY(L+^M=PPL-TSCl_Je2EA`vbh z=>u;I7C4=#2Q&@ObT!)JqwLziyJ2<_?BA`Z2vfb3UzZ6LAhPh4p@M0wW>S= zL#`D(rkN+7U1Y(P6|*}&6DyH7csmEHAv>nB-rEK{30#nAyxQ&nOSoKGmZ)`&rT+HL z5yau(a}6;-7$mXsTgrKBu1DqHB6)tmF2+c7gjGRLa+|dz7C@9nG+^~$GOggz1>&B! z&=r`3>5lp$-8z)k72G#)PA?waAm{qwH2@}>OUD~cSua0BJg zR9Q6CbiTFrcV4M_Z|24dq4q~5lDKe$F|^|*$!eL`B}!HxRpmb-Oi%B`4WNj%#wZ4! z()>hWwGvXqF;z8P>oHQ8__?sI9wRp1W1U6k32Tgun27(bs7-K!toqFJjaF$M`4gG{ z1$^DBU-WB1>AK*zrf=RHAJ19(6Zi$hrsV%gsquYsvm7?4J=SdBm$3|rtKgxtwpTri zN1X34TcYQ(*5CaYp}MUtkd)1VC^#`gPP<(VFLe8M?Q^sJc(a<|_9;SpC^9(ERc9P8 z|L1=C2k}g|iZWp#L_F%Rrhpu!1(zL|_P7o1830rLKa<0z1^(b$(O;>GCYHz(q_KE; zTq&`vZy%>0nCE&PXubz)o6v_yQ{AgMTYX{{?qW#wZyw^@n&i7u$=oy zYIoCcnlTbM(!?82moTE0p;@Yz&5$d`eTR&cHav-3LUS<@q^LrhI6(!2C8lpJL$uZ! zzU>gk!r;yuTYnxnMtwL|Vy01*S1$I7yFhkI+8NbpSK?x}!Z9Yv#II~u?%M7adUq!% zxvu8Tl4~v@zXe<>*{kbuaaC=_5YS`=Q>pAlDK1(fREhy-Rqx(qF)b@KSKj8+Bwk5_ex+>pVt-U84x*#n zek$}1Rc}uV>Od$s*Q{pa6AsWuVNMB8BRAXTLXorFi!>&MrFZAb-;?ow?7H?vbe@DG zHjrN)j?|wuX8oqEnw2vBv$xL=vCSBKM%_^UXX~vSOF~z@UsDiA|Epqa^TkAltqXwx zfyskCHBFRBP(x&gA)pKn8xVV zYC>~bkp|{}cn1pYagX=j?WqqLyL<@k1le%TW^=bEub6I-n@vQRWSH5q^=CICMJJnnB9j_HdsM}^!eNm z7HmQ=hrAaF(kx{#F3}wb#BMM{SRye-&=Xfk0bgh()Raw0aeV%!*0ehg14O%BCg!P# z2AQ0QKyzb7cfNmN7l~o6y16$>r)!1ig=DbKecTJG9yWJ%p=`0yN!c5j8Y03xoA59j znI=pBRw27QN_^X>((7`Bg&)K4Q#W;dR-|MXBkVCeMEv&?tq)S6r zD&G{8_4DyKqH<;E`7UqR{zg(-E5nflzMak*6Z+QLreugTD)u)W9}7Pt zlVcj-_*|g*zo7`)L{K)DGZhVe6PK!-MZbuq936XX%WN@8y9vIcRp^h<15ETE)Tg!B+#HJxoa?uWGJ)^H!^>>Y4md#465 zofp>U+3SObb<$cDbIlG08NWQcEzxYjcgb)NdZQHRFRZl-Ru`dO<6yyQ?pQBpdDDGr zw#lJl)WiVxy54v=p7lj2&QylRs)&N`gE79)-S>8Sy;f( ziH*COLaEdyzq&X?)E?YSJpE%5D0=dcf#iu+sQD>Pu>vDdSC5tJKN?WUF%nP|X$5C4 zJ|_h{Yy}^iA0Ie9QIF25dUJ6i(R?q>W_qdq%&t}sI%dm0)M+=f58wnX$MKzpR>O{Z z_+xFLdgbGV5`NB#g%#;*rA;^ABznV-Z(g?;5sD(Q0a&W(tqK(aYFzMKQ-gi0>Rlj7 zxVxGy?_GieGQ^7xfF8R*!|Z!E$=IpDFYk6pDbFV2o|I?B*RWX~@Ja<0OKFPrG#87F zDN>bbk}3n|a^y;ieykqTJ)*g8&j(X|rSwS#n@qk_J7D4rgiBqp;{d8mRudH$2VdYW zfX9iyGncp|w$+v{D@(1NB?*yIo{yBzuPky^Ao(f#9_8;bIT1jTwEr@ghIj5%?xjj= z;Xe_6YXHa@Ox8<2kjBu+BW)P z1!kb)LL~J+nlSpr39Sq%6%N`a6=gGOfeV6ckMo45E>|z+$;{=D1fs}l$giZ~a|7la z*`v=28PYz10K}JVYCGN&Ya6751Z4rT)P%Q7; zi^(PiQL$n?da&#by`7sQ-JX1{!mAqk-yMvc8IEgQ-Bmz4NzYbuUMmJoc|XE9|6>@9 zsk6npZ!k(&Q!H#0Bk)EzR0^5spOIM?I_H_o{hx2d{87S3(@^?*L7m^=S}PO(I&*sD zChXev4Uwt;b&iG^B7hL_7B7ULfvbh8Ks!OZUi729YjJ|;*OX4lO%q2P_-kDZ?cn0i zMqegUb7stmcIN3ag2`lt8m;jH_z~RrqG{d*cl~ox)vP9Y0V}c_&oIWt3S6D4X90>E z!0Can)3?GG)Q5Y$QXXjIeIz~1RF%?I3c6t|XQa3_$Q~cI{k%|ur^l(rItdLBh7ls0 zsV7G@Vlwc z)RF8d7Z{$;RCK*NA-^-`GB*o2p;Aeak6ISv{b^QSd8GL@G7z`L z?C$(M)!`|5Rpmz~Li;%_g5bk$@)@QbNde+tI!^u@tT3i!ny0>BaUC4Oy@Q;q`23Cs zDAdVPP93HC_P4k(kua;Dc-E94F0D8>*^r(`E}Tp7N*d;^>m$*H{1GM$;@2N!m7(i_ z7yKEZ<2ESSY_6!lz>24d*Bn@Q3v3e70yRY0dA9d`J^Ilr-rg~k#~}j)@^TbWuv1|f z*U?2arwNE@m~Fy0V1Z7Qu{srA=N7zp9vr94?8I^zqw4#@Z)#(_W?%1~3v27PxE@f znS6u_U?1uovXY5Ua_@tt_>T{vn) z02?He;ODZf#UEoeyrU3t5E7JzFGZI|_{KUF`=!GmR8-$CpDfy^!)wSx;7@2-gv$bU3Xs%#-x@=Npe&zJ}5v-GiuE2N}NP}9}Fr6&*NbCGui=(4@TqA{9FLHvy79h@(3&vM7_e z{fg-_zP{=T1!=n%V>}XeVTd93rNnQrsn+XW*X#1mPNKJCH(!X&havWDf~{*8U!tCD z@;ne#-p^Zl2S%p*|CxS{Tw3ivUVMSqefJQy`2R9;a95B_ur6yD20X(u6U!L;(!fEm5=p=)(gOPSJUo!M$l@4odqF01iUR>aKiP+1aSnR zQ0$G`3afA}#cI4Z!gAIN7_qIa7A*clOEMblf=`#488ED8REA>l9ancbc%~ATqC<}w zsE-2@K5Teu_*{9tDr&bI+F;L)owH~D*#@<MB3O^Jr03{F+jat2;C6WJ8-P=9WAInF)(&YAbG6<*tQJRQ)*>7)~f}j^(p3?)TygK$Xebpwq zmVzc*`ELYHE8)bZtC0@3RBD?eUgD|}Bqz!SCfcEx{jzYCcJI!YHtMkFvfTFifNIQ{ zL{eW%@Vj_wk)6OLQh(BMVh^4aXcDQvI@U&~GCLo#GGh>{$N^~7pFe%fyyuc&GC#HfwM82V5AYNuE}|@1qB*gxA}vv%WK!p+EagXWagygxpErto= zi7EUTChYi}M=N7oy77O6#pku~AK9Ir_fQ!;E@CU(GDx0@A&#;+yw5{DSGYaIkV{56 zV!}DQtd0Y`oxVBG%me|p_^Ha3g|)$h`kBAFcgUoF$mia}Wc$!5$)idpwyDX3p$W;v zN-VK;AS%lp4Ctx*+3A>n`y*tzuah6jsfdJ*sH3b9zq{X6eF}thr^%@DGnh5~wxK7| za?^Lqp{+9*+jSHTr|(XH5;|8bZ!qf+APafHDYe;4=4lG!!WJ}91sZwk5U0s%seF?Fjrmc!B< zcq-ufl@ZAqlZJKllN>)jr}UJ}Lg042poOjV+*c}jgN^4`D$WZ>VCQK5T9q$FP=h{M zwpUBag+Ix_-Impv2`t~NanNaw5Q9Dh_}2zS%jQ#@%=0-pXyRWI{`^^E#59(ud_b;R?pW^%p=NC5=YW1j zs7T`$Mgs~XcF{Scu-V~PC2PEMYUq0C-a2(8*1P2Q`}(wd_7aW6p)&PS;mR)DWoeaB zOkUD2CCPKN3ZOD7{^{<~ZPcKb8Mv0en^j11s!gl!1;->Exk(1cE`uIALsuuUU2sj$ zmPovIe{wwC34gU&Z0im0NdA;Sz0tDzT(9tY@-*@3Mqf!cSx!_Jpq>wt8Mj3)bdT-5 zuAC~|7(#Rn)*mjh2RB^|Oz9P$0_YW$-}Z?pB{|{_f~{Y#8niZBu*)`PwQc`4X|YTs z3xOrWu(Q%0OKmR@(sG6LRC=y&t$oI)M zf;b>3Z!zI@ONDKw1eY5Kw}q3b(_>S&o9WZLw_|2LT8(3BX1a6mzleSUM*>(9;HC*2 zX}UBueCj$BG*EF0L$yeqOi{EGgmIMDC#5}`WqV?d$6Q~suLl<#Bb>H&cIsGP(4!5y zBnIf{Kx6L;^np181W0lkMBo~^ppd=&rr5ZC`2mgsN?70cd=9qBHX@rD9caHPqWhwQ zl%vco;@?A!;<5oxg+P*_&xbTsCBw)YJ4Sy;3x>V{$>2)i*#d{zl5q?ld$|3rcAFa#>_^bbrR zg*%S5{tp&3%XB{p=!t#Z^jQ z9-4ZPOD~B-EH|N3N)f++J3X#U8m@56>U#_eY1KmlEAkz3aDJ!U_Ej9lNPn`D_ijH1 zM+cuN@X!q@ZCz=?&-xdcLx31M9#gDHBr<&0I2pWAlQkAXqWK&d<6#7I6#;j;c|T0q z)F+-=Mink-Gm+S=^OFmfkV`i;677us=iZe)$>ZiL*&B-QX{P%EgBcx%$Js^m?*0je z|Fy&r0i(NNC|pC!u^>9O(!&p>J};_3 zP`+K@*5{Mmo{pX~_s4p>Zm1j?yBwG~?+n8qOYX%bMs0*##xEy|D1xC>42sbC4~ANp zlk)}7fw54w)xe;ch7zv3?D&O9pW8rn@t18em?AkElKwN!8r8h3*YompYePd{>%>Rx zJF=@&yU`|y5BzGMH zLU@fK_QyqrCL!uVNcp;-d3v425f29=!LdrHS_smemG+pWHI@xupAdNM{g50taorf( z>vTe65;-ll*=pCz^-|uY(mn|Q;(2?Qj~#_9*!$rcu+_VQ$d!}J#E($;*qU|vKJdM8OQ_erO7F#Z@3_z(luR0V&fHT8c^fDP$?nAceK9m zqD&q3HSm$3UL=5B;)-y0V6FU*c6N=6H@ZHP`bzfS6|(!~3HGZu!ZOF$kzT(4?t1MS zSZ+$kvdmqM6^S$tY?D;;-X1_oC*1H}2ORD^exxq|la=lMKJ~DmocB1e+ zB|2T+{Pn;cMa1~8M#jc8@ix}ksZ7#-v`~Gk1!Dcp9Dtn$%l<{*r#@nO+jyIwbU zzmET$furrYxL{a!Sh68Tg%?8AMGP)*mf@0+Mwj_w06`+4;^dft)QHtmP=N>k&bE0* zl1plk1UmF2KiK<#K}!@t5@M{)>Il#|M3^b^+I$0BAI&6v!`0_$nPm9-;u@u^TJ@^! zY8#R2>}_llS?~>#yzE^m9KMoS?z?F8Dbg9dK%IbfTsS>$_?bnU)Y|T_dz2B~e`sXa?f@Zn@&>;BpL?lp)ux1(}oB zM8{y*`)m~81(W)PKcP|s#N9eGw`heWd#z~nU32%VR&xys+2c!F4hbZ-fT_R=1>nvF zvpZZE1Oqp{o(K2Sz9iu~kbnJW3XgTxOp0>z)%_5hu}kXd8TG`X%L?iQ_6%}9Dw^iHS z{25~-17TSlXTTDtg&#>dnWEP8Khf9w+Qr z5l~)Z&L{lkH2nX;Pb?{;M7Xor?axJPA5%olorJVY@V|tP|0)QNRZfc|ZUN()R+{El zE34A+Uq4Lxt~+rRUQr;O$6xfCF+u1}R0IGMp;>&8vR6q1qsj@BEdHX4toJqvR}C+K zLZr9T1@sMSUJItdBoNeZ`D&|Tan>W-?UFGGQq(ZlZhIrl^0~u!66b#)&e+t!UXroz zN5XOV=xg03I~PPHgU3c#(B+{b+n>E>q^^e`bU>c+U~Mv6C-$VumO09eRI}#B5o~H^ zJ<&no&|i4`P#IVXI`S}Sl0LOgd1wPlPy&1ol;yW6Q23*LT|Ucp(sWAfB1t8HQxNM4 zIb1AV?rlrpHaM8UQiD1H=Nef)hmsY@C=Ty~={aZ|a|IuUw@qUsb(ElUW`4#~yIeLL z9XnwckDcK0mQR1+*XH!iumg1OCgkZq7excWJOv+l5aF(gK^8$4AxiCM3}oyxmMXI; znksJsgT-juznxg@&Tf?ArtZ!6OvfV?6elV`=*du+kJXQas-Cz^&G8O=Upm2TAebs0 zp}jy{{lnA-31~m%Jx3W%-ejh&n|ofIX+!jZgf46|r*3lz)2(+59>YHywZu9Pt1|Ga z*Vwlofo;S=u)`A~)@1^9;6-ZLiF}S=a6Ikz&wX9p7PQLI&^HIOVVqwT7SMvRcnM~^ zv;CRVSxS-&y#^5K@q5o2VH-FBihZffDL_?G>hm~C;}e~odfu?q$ofCX1QN7&al8?q$0r4s-U`AWDiIrAImcN$^}9`qVKpWaZTk$*(d_ejYUjI8!Nl`2kgv|D*Lt)3vD5nw z;Dg*w5V;Eq;{n^QC$IZ!R^;@5(S2WmYW;`ZyOa7*w@nB3FX}=c;ue8^iWoF7eWH;M z2axW^73@8^-i|*%Ha|)}MDvX1cSZs~(ur)V{4w<#X@AvDL8e0LE!*dkFjZ?irOX4> zsrf;Pm~NTx2DoIey9jQs^;@(6`pb)E=ZVk~Vwtz?s@)PHx2afJxv&!d*F`6^Jk}dm z@3DxfhrR2>HqqZ{+%`OA!-b$tG=*NQ4tGsHpc9-n1nNby3Bg!-Ae5yoXFv{{zUooR z=ETV_86)h@zVll-dc5xYlwe+VQDhBISr61d814jp&OdzIWrJV}01e;Qt#@Rf>m6cl zEvg$2Rs^U-|01rfS=(;`76^5bH638%@uub_;L8kgM3qiVIzHGbjJ%Nqc5ONfHDJ}& zTwF7@s)}c5R%@ zTmd%O{V9g>cmmd1VKc#=OfveHJl5Zhw;l@qO<}Vne(dX;p`S~00W^Y)!T=F63R=Z) zL#z``y2l5sbk%yL|I|A3?(ndGddTa%55U$U&1AvXBg8SV%q&G-gH4GkopR`a82r{} zlU5rVg9njtYCO*+M|x@3Q0SY$zan@uk&!qxUJK)->W{UbYb0N|!wRUC-IuXlji8(N z&487M(IO%n2pg%>8N^0C>l|6y1(ioZO1E!?5iZbTFTnLJtzAz6HL_pI4Ey-)%#sL9 zd7bG7U=~CsV_1lVu+4D9y3krE0Q+*{@<3It=^tj4P(P~_%~E!V3&()Cx<(3>41S?A zI_dx$JP#WP^Wtobl08g7MR{6R5wxXrzpobEapR<9jafh)HO8omdf92wv@B<{xv(!p zeRx?@NX{VEi_FSdQlEg4x#JZ(D35nM2$;XH_7P6+7g=7%tkpgYT)LPMzsuYt+1_f|g9%Lyz3I2x*hJDSS$R||y&D*H z;ZMJ&_gFVbvL*Y8^tmnLKr%+Uf`9a5(Osdx;=-J!o{)|tV{oCcDr*Uz1EJP_y>;QA zv*)@Zg&P|abVq?*z$ebL!{Q|4V)Dx8xBco+Pw|nn;C2kMm*>03otiVd-g+-}%cYQ3 z5QW5<%I-&E*E^!h>cnkL?Fr=_YOR;nntz|pCxQ+56D2WI-BImIV&GZ>6W+DD;`41e z=9^#Uj(c_D^7ZqkR{M0*_a9eu02}lp2r{S^=b63g_wlWPVaDt){XA7cLhbY%67c75 zijaWKoovzfR9i3`4hz054bPHH7EPBD1{q!V9Vnjb{r;BsruNes#yL6cWHPI@mw(k# z(0;C3Njj#mDyr>wi{Ja^rg{9Sh<$PSpONea)H`-fZ3;4b)VQV-Kc{*L*gVyNc2Ha-2+?vKN--mBO3)`shi_|NIBK)DmE`hH}>Xrx|z80BpYd7;%eh>Jm8%joVB9a9b)I`P$dI?JDav42~ zI?X#*xx?F8-i-6HjOB)Veg7`uth+Cha$;&fcjS9`Z?!RusWdA2154fI3|N)Q>KlEV zTEKELfuo5CtL^vXe))ap0T}AoxC@l(y|FcZYoBzR6rFk;&V!^f3|T@v=tqDCnis5c z)G-%V3fGP}2L3RJ`51$pP~`U=gH?N@kd8s@h9WK?s%f*|1Mc?XkzxmoYfV1~`UKd-Et+4qtG-Gho7vj+DLdDhkztLOu1d>bV!CXV11~?AWes1IquxJgAwl>$4r` zP&J9!t0g-rrbU*m2XD~K<66l%oO&Ftj6WrO9&GhYf2?2IHF(( z{Wdw-h5K5)e3<>8G5-&&jSpp9{oEQzDy&+PKn+r4Z9%H{tB^_GW|vfv8Ci-2jUbke zdS&?>Ge4;{&8jHyKCHUv#SitFNc2INRCr}!ej~De?u><3ZnV6@4dj49nF=1&ZwkWo z@_$iWPn}fmsZ-!nmK5diDq`b}9d?+~0x7+Vct4I6ku$)_P+-@|W$LKi?QTtEVBORF zl7B`FJ>enK`XTV!JPcNQ%gEy%?QO-ao0D34fh8Cgdwpl(d5&}Y$H}F38!u1!oux&x z0?DpSdjB08U-dLCbBOduPMeLA2tSb=c&z@NzKK=dbb6}7ocl$FCE8x)+d4uhhlgQ! zOgrM25nWC}9tv%B$k1z5pklzD!sVw8oqYYRPn*Ig^!QQ;cKFpZxVPIpUVv*_Bg}ap?B;~4rmAW>t;%V zNInM>6diQA^E5_+sw{HJ9AL6g6vN_W>QI+f*VA`{$O8j9Wp${<`T%|Z+HQD7JS)y? z4Fk4}Z>hYAGAP?W;}oI4R$1i)W;byg38LeQ*2GsidR{DzKvKpeu=Q#+|U_p_8vFdQv#|~cEnWgfk{9l*y;Z5Ge?=L+n?e_EWth!qgDM-{|$#J}9d1Xv< zq@1iNYKrgITiCXyupSq=&3q0t7X9c)qU0=%6cN52h5`KP*2&RwxI2QG6v0x_EhmyQ z2~tDEjWw@nOJ&zzT*(ql)S_!7_?C^27?nx1@D^P6+2g=fw1i=ZCX<&}e0vxzlzUzw zRU%z}|4QWI#%T>56d|?NrfqnrV=Ekr#1u=72KVis*#qUatzqixUX1eESlXK_D}4`! z<69JrJy~}jc>DDM!@D;OWTT+@@_Js5OE3p}!BUby3f6CwEd@7`UIXEQJ^uMemAWF- z6Jmv6%fIM8sQ%WZtEMm)L@!z~wo zu)u-85GrEuM`+EE&jnu#O4Llz5F`v-n%kn3(x+HCf|_xmwReH7NXDjMz|rzWR1px$ z?~|=Qi%Ve%wZx^voyr-!fhE$nUE2>XU;fODHS#!;UG_W}4_v4WBqZJk(ev)>le~6& zFujOp58Na*8=WE8!aX`6z2~29ZFYM<_&yAsHGaV&)2&<{wsBO-e_aoG%tn?Fp_Rcz zdwXB$d`H44_hAddE8iee;X*1EmB>$*m>Mal`(3nJw9LnHNG?D$YzR!ld~tPXHR)72 zC;TxUVq|e3EOpuoR*sJmRa!sVq}s+y*wC31 z3wDk2dCX+r?SAS-**)t%js0X7xr3PKV4bG_?~;elP2jb!cLz)^YrQ_ulR+{(-xvo= zcOH`N@7{cbe%be4XnkemtTY)6RvB9!O-r`l>_>5|D)p&mzj})R{gyvn)|IKv5u8cz z9O;f#dM>QM);U#5TYRKmqzbBWR>g@`!$+G}vX+f~(TLXpt;$oqHP}9|0doz?-0_xX z2bvX+O4gvl?*NkhV-eDWP=By>Oh z7M(Hgw=+>egEAbMf?r-RQQ&H%PgfN3I|G-anzA^;;6^Q`PgNa;L!+g=U$R9Q54%dW2DJw})kn=Qk%X*#nI4J^faJz+!;I z({#4iuht^2I(h|>85q4g*wJqbEr8>^%D@}O?@#s;;(ii1*!kKm{JW2rq%@?=>@KxP z4wj$FW2RB#XThh8joLmvmwe%O;J zx*(#?JaRlO7uUWF2p`*ahFt(J@2>P7DP__E+n0SFuvg)M2>Erqx(GEJu(tZ`!A869 z&LRaD-RT%Vd!*U;Dr*I}J{*fhuPnu_z>>~)GdQ6)Tpchv6A@gWsXWjmGIIE}X&N2< zR(p5z74swcN2I2Qw^^h065wa(vR%;qE50$Yv1jA7TU{Jf^FCf=9=~ih;T7-w)>v_V}_z;g2#-wJ=Ht`>|C`=uo7kDzisCA*wuX>U2Dkf$|e$e`gZl^6Z@_T z;$1Jj`t_?Y=G9Tz#;`%I|CvVA zg0p%?3qkjj;$!R?q6Oh&@1@FE|8aoW)lGiq^FEuTXHNaWyB&>Cih7~luL{m0x4+vd z8w|I1&1v8e?{{a4tvWK3b7CC?DPyC52pk;(u2Kv|UXPlPT`uxVw^JS8k73lW^#pmG zK+iWxR*MuyToE0>C}$iiZ)9Nfpdq()tVSsl*RPGFyll+sbL$tkld&-j(g%&m3vL}v zM&?lw&utn<_ptKrhxYA+c8=>sCTJU*=UaF85=LUM7<>0misjErpkVRimm{Iw?*QD> z%}<=-ro~Xuq>rvf`O(14oX&``&in(} z3{4WQQW}C_rdD40o4ABD!*vkxRbXAzOz6_lLXxg2AkJ}LB-l(bTT92^oe^Q>+EYYU zz=;jMeF2<&AiB=Hx5BDD*3{oKtImAPvvj8ZCl1)^g*LH;WwX^(!-QB)%LS(v1MFvikUjv+8M%iG$Y9 zkj<8nO=#D#?+(dlXYMU}K8~9iOm|E8vwz~sKrq15m>F*9#jx3BBQ`arydKk)2)anK zk|QnWAg)^p>qVndjj+Tp&4UsQC3Up&8>H=j^+Qv6mmMp19%S^-$@7QzZ|)Fmy5rPM zS9@o0`+gttIM}lXcN{bnS1}YupP%vBm5ffF-~Hh5sxbo8JK#8TB@>gv*s=Trl3#qg z89Tq0npG6=+NP+hZszCj#Yx8{1nl%r>kd{H%Rh(LF2i{c6%?y{I;4Qbc@<6;N|B~x z-YLeB(?7sg95q(idbmB=r}q--$2MtbF7;qX%D)s*lzAIyZN7^{XQCnz1T5Z$ic~`S zwIdhHXZN1klYCy!#TG%ud+AayPJp%Ej^(k0 zS|ZkEb>c!fzZd!cy*eN}6-*kqa(TnRw7is)fOGXtrF0@U)L-DdsL`R^CunMIXLSX= z>wPlYZ`Zu9w)b$aVH*#F`N6|u8o<8H+a8Fb{T7ZN--Xt^ze<}ZkD9MR_|#wN_% zuRy$M$ND!-dzSwO-Db5dT2mCCXS&Q|kOZaZ)5?KwU*=;GrhUFF-R{r<6^WN(NZt2&Mo zX*g5P;9T}NMXD_lYZbu6o=}TE+P{!k6UV}J_bg4yQ#Nz|I^YJE27jVV^v^9~XZ%{t z0hQy=!}hQ9_0qL?m)JM#t?SL^y|u0#-lxCK-V2`|wZ~oFSqA^D^p4a_?Aw)bChgv| zpGSA}^e9}<)Ek=P5J1>vE`n{-Fsep8DY$B?KFJm5EOnOBS`<|3IJO0+2Uw9tsJ0~^ z7-{06*kTo%=A9-m6>`^qvW2wLLp!dR;rh zCGW)sy;9=r4vxUr#AiIw&MiHvc`|yxG$ggaV{eZo06C!dt=g234f`w&VZz@gk4eZo*G|?`}sfjDXZTOP=iEgeG?Pd%{}O1bPUOrPR|_$nF7x+ z`wAE3$EI=Bdxr+e*T};F32OVs`{K%9mQsO|2VnFAa$*WBe$Cs!6me6N+tugmNFZu) z^TH7pBFWqFd~3sdTEHk(2Lcg%~`@$BKXJ}?~7jZ-LQMDCFNy1cVl%&f3 zY9}_|_X>{Qww<`6S>4~*0nuSrxI?{3cg%IXOJGjSWorF<|eSJ$CJ0PNO@it2mi`j4jJk-}Rg?;{xQu zz1si2m?%YB&ql5lD7lx&W}cAjvE}jH+>E)?u0AZ2Jf|F-k&e0y_uH#=t;{RJ4`A8& z7M-UpS7aS>Q5)L0ge>6o$AVsy-L}2;UK^kOGQIxwt<$FO_R6yOe=6Mlz$CJ&f6*~q zDWU=klXadjz>5M^i_Q&_m7&V()EE;U#bzXlb^UoHO7wfc1>EjNZ>XA}tZU1%$e@nI zQZ3_lG;;%Q#ss!%7NnmA`~b=#+U^U0lUt>Ul6IiP1J4*ghByG?7kH;Mz$cNs4qAXp zjdXH66tZ{MD2Nq1YngK5VJ25?M_H3aAEG~(^nxOGGd7(mV+d!%Q|E)e7=+WCrd&MZ zLdb(%AXgC)q1GJ%Muqm#I*(jfE#Prh_gHtIwLE1)VsG=wGyv9QoK!LWfZ?3@&KXT9 z%2D`D_geP!ml>1UP#Fxd$017-ww4bIy-oG08pI&fJo|&JrC5BbBHC^#y;!beD}EJ} z160^rTq+*XPwlxIz~03O>^@(_yZo7UVzwmIRSdk9l9ofVmKF!_0sMcvg6Fcmu{(_c zwjCS(fIywD;$2_F1GwD)a8}#|2^jxd87=aPJ>ytZJ&NPbKis7?jgx<(=MhHupUsb?aJvIr){TK7r$Qj2fOTxG?HIwT$M)~Wr{Kh8 zHEoKinLhk3FBLtmFN!dl8ZMVbnO-WE_Q?V)#cSmqa7Exx<;9B=!9 zadasd4tKKHfiuN^v)b~F3qewHRhQhFw;SR-jp6f6QC8G-ANDe0%;H)o2AeS z61JT`wcWUr@?f{AXg9 zj^qC322=!-u#0BzSHvuIl?Y?NY6jAn=>HY8>>5yZMaORPmtEw+#`iFOjXWonfY>{Y zCVkw7kyW&tgI!oMYoC#syJ{qWSj&6Mlk6Ly^YCKd4pp+5gFIxzvbM7ot^=djI8sx3 zBP~y8EPQ8%&5O5`=;i(wsGkxLzY7Y3Wqh*cY6)?3s$o1vv4@}D`?^DW_>#~cRYTF2 z=2UDDAZRcdOraLTxA>z*60;^U8D2tnHL)Wit?p&IwZmk2s~CBH&;%yMg95DcWs{Lu z^6xUV3C^yqKP(aTaXnlLvL}7oyQ`%+mcBvstobxc;!?s>4tl~r$GpN0U6>ez!ut{U zX~Wv!{=j#U(gvF_-JV}ybr4RTrX(+^*zJkzR?pkZ#TE4xGfCanbJ2}(g$!p@k5k~J zZ)aOwC^C6b6!5A(cUG|g4z(;@e)d2HGVtMrXk8_wm`GM|U;gJU`gz{5qAJRC3^Ij= zZnSR*e`;s|upk`YqlzC1zn@2FZHhH5JHLHbeO1c#Od+LY2pq0;;-pbtcP|&MEIe>w zehr(mL27IdMsXdO^{=Y%)P9d82>^b0oO_*E@ytW}Z3?P|8th0w$rj&&hgAr1Ck2wo z5=Gi*wE22T7&l&}P8Aa1PDZ)V=jQ4Ut^VqZH|SrMt|(?hm-&7%svT{};h_tJJ)yOM zaMOV$u3~5_oQ+t0nEl%Nc^)fA(?~D;f_xXWbL(&>N^aL`<+aO5aoJp{WAx4#>AQdn z@0bVMRl{CSw;yn^Q=#tnZmT1oc^;R9-G)BUH==c$5ZTTONvP1C9z9k|g*%4bFwAvj zWOaR0MD~k1qOmB=XZXWr8CgTbypxETW!K_d6D?&mj}*(rkL=Ko5fJ|PZ*+smYug*t zm(uaj_;l0kH3-t!DL6Kbo$fo#j zsGwu<)atLmTLF?7LD!15MnZ$nqR%keQ%Ug1uc=_V+~=^fv0vI;Mf+K>ZN()m<^Hd@ z>$WtCIuPGcLVZ<1L~m%oC7AN`zO~SjH)DvQ8D(2vtf%I?JIWNt2XbpB~U?6rEU*g(pWPz z|9LcZ{D!7vrDgg0D}dcf#T4)10t1gT#Dr5r)ZSW>dI>=gW=Z-%J|EcEN_?O*9;y8zn=13#QCp2>ebekCaJ^FZ|m^Dy9$ii^NeKPMcc9 z5f8YW3!7$&`vH4l4SRI8C_H8N(Dr$5u^%s_sjZXcsesmaN0`crCZ@&MWOAGyWa@@H zlcxJwyr`QEXo*|OOX5{tGPLg;*s>5Xb9IpL-F6{{89a35^Ois)Cx5)m}5ZKMkKu^8-F<#5dcF{yA6ZNMY|~u- zT^z>LhK<+&>>WYIKlgvUE}hgeQ#IygPUJurdTMJ1VJtQjhODZ%yP}8R=N0U;wllBK#8307Iwd&r0tuF*CvjqOFUFL*)K>OjX zt6%wp>$FD@%9vCZ;;Ti|d0yxPSJ&OBpOIbtB^*n%f#mDXXehnG@QY=>^)Ib(frvZl zj6p0)HB@0!iKgv5KXh9>;bOfX(7PTls)_6i(c+k=biP0f&2XNO0C5INg78lE{_Avs z>Kax42-nP(tDoMNLJDaWEJ5G=@AmsCzD}t%Aw7J1Wo3_0zO@Vu4P(c8y6TtT`@GSb zHg>oD%UA3rX)!ZLqNr0P;97oR>4B3_i-s4vSQuNatG~9oIkfX3DC-#-=UnUeoA%ro z-_xqAscgq#4Y*5COB^~JHrV%kyYz*4d}@v5gB?bUyIqMrrDg>rH*oCtCZEM)`Uruu zjnE8^iI{wauSkxiX-uZHscR_!T#{Vt5nh7by89r@w2(|cX8 zuoQ$|VTe%Fj;uj1Bw>7&m>hE2R)aF;%T^&4gJF7R8mFyb>6%{1k8&6J+WqQK!FSK> z+V!Nmoj~>O;mRk%48!#uud~i4TtI!k3VF1hasZF65LS8VOGrSU$eFJ^G3pZvwqATi z>b174+QpHwfQS9rFi6e_!jBswu11YWUsa#-c}yTc8{6a@vTB{cllP@+uL7a)@Cd$I zD2J?SX)QQ>ZN5!xwyL*EAa`s8Y;)Wyz`X6$+C)X3H&LSMB5F4Gi7vG34kNI?6<}^V z&}W?wg^|mu4Nsh8%|wpFa#!tMW^y23a|`TV5{xOd+nLJ6D zf%qBAc(UW2Z5de0{(5*Z96WSr7=VP_$fzd|Kw&!@)?d4KC)$rm8u?7x;^|&DRH6H= z?Js+CH5qGIUtAl|eRbvQoVco^y#LzS{2J6pbu_@T-T|q};0lL z`a^%MkH=FHb1h-Vk8@B761f+h$>js9+ot7desiT@I|nn425JlINK@Z?#wku&R{wuJP3OAD%m5sMD3Og%Cc@gEd~e9U=?3rq-m>AO@=(#WlfdfKu^Le%W(}L4 z>Zn={v^E%agRT!^$!K)BC5~B2>dn||930C`o6Rog_^HT&)~nlmc<;m`+&h%YM`gad z`g%&VOKx9@U$;lhkB@0z%A2xwQq#i^vi0M94TD z$B`C|__I`jwTh!dwP7`A5>50u6%qNzma(KIfea-Jvn&R1ED1~1IkZiySp6SZ@=(n# z()zVmE^}~VQNhE-y~D`$1Vl6m>Xv#|0_0$!C|=O7Bp)2fOzm)9FU|#Fy0avGrlNKC z{)>Beq^?|RJur;3g zzG~SSkAt1O3dQ>lxYSY^89tt66Do7`)nRX|3dLC^Y7OT!8RJ>q{SiWrq#qSK|}9?R$;8#3SzAvfzoL9 zFTOiIg>^jGUxm+QA)B+&^d7@&AN-u*xPpm(6@>y%#vh0|;YUk)Oum=dJ};7h0Jp9O zlZaB~cOwIsyxJSlA!UbuhkEL%)ou^h!XN3r}o{K0}; z<=g5W`UbV|G`bOUe{gPuvP2eKk-@y5R_K=3eg|-dsyK3pyoXdW?B>ST)EB`-S+&INIyotr2Z}{8KO^;hs3$*-Re| z715=ehbEoo3k}?Qg?u^68b2C?dcxst=)c4&c@Qj+x3q?5D9zc4jz48J;YPNImiXeX zO-!H331vSDxpY_YQX|(MSgHh^W7?Nt3sXQ`K(`I`HU)HMvxOnz*b+0e!^4^lGXGY{ z&@b*Jkx~p4;F%E*09P_0XY(+^bXh4fjDEvc2FYbH!^$|fAZDUYhxXb+4U>hu=|a8!tiPF!=_^1%40{(SchTYkY3AD9^T z_|Eko<;KxD$2$_%{?M7CScDw2#+kvcaWc?=951*+^^$bqI1So)gcEZXKX9Ka{9c>B z#Q_06rQ7P7faVCF0p((GTAUE@w@0hbD4`~;F%I~%$D6^Po0hPiv%k&G#?1YB{b;K- z(Q1Lrw)7DLS6!Q;Ho{E6|Ke@sUri4u{<0Xv3>}sk1c6PN3M*-@DisC*8w46xqe8LU6+~#W8k*AvawwO~({>9OS)`--*P>=Z=@Z@G@l$x*!uWGN<(~=;!C~ z=ARgAPiEE5fuCDjK-kaoy_CP>#0%XjT4jQ81)V+WLYt=`4DI-$2Ea)@hczb?js`v{ zFjJn5sFVNyljWhQ`=rv?Meap7oE`{WUFEj7-Y+3qJX>zGrYM_#{tXZj7&V~dh4YhR z`6lO|-{n~MznD75?n=9E3GdjpZQHhO+w9n8$4STLj%_>X*k&i`*hZgxIAgreZ`gCM zd###Pb?q_&DF0E}JbG4V18ZU)r!CI&N)|MwCExxuz(UFNDg0I+S%6OAnt#!%td zdgcl6tF)=GMbV$cE38d^bWL zaeWb8Mo%$)WAa90EGj~j#NV6t;lQQ9}EzK(wP@n@BkNGPUwz@`YQ5DxL~ z-9%Fn4P^G9c?~(NTD2#8;D^mILC@p~fLT^VH$-qi4FZ_LN0w*|_76M+_1vm~6|mk$?}1Y<8pe(BCx%Y!8o8^JfT zKkGGEiI>#hCQ1_Y&pUiXqQc{Ye@?!7FjO4MG$JPelY)sGJ#w9jEtQAnK`o8sczlmR zzdoe|L*Mg!2y=I2`f&u|UZ1wu=$-iXN}eBAM+D9c z)E1AOJ&Ky7hll>~f4g#V0dDFBVa3*;%Uwe@fSmHEw|z|M<|-VyGiae!fH=ptrJ2sF z5Gm^WJo_gJPy$=&C11A7AF)_Xl9sUh(#kb-+?{7c=D?P$-_q?cLa_`~t<Gwz6f1Lge5~)!E)ugFQIjLeqdEE= zD-c>jIk7KO@0EVtiJE z6C+@8yet$&*U{SH5fJiM!=tmfvCtRM#g~(}e981&V0&#fHcbMf@P4J=<~nsjZK)7s zp@*XLjb{F!YKlv03U1PAi-CU|HwuK+BoSM|K~aBCKBOW9fd|&pnBvx`;RdlG{lT^0ImR2W zJz39TMR|k$)r`J=s;?N0TwpWy3sZfBlEfLM0tgmc{_DpHV@T9Z{h+%7dTfSjt&_(hkYcE}b!KFH4SNO2nS1%xosvs&R=m*GLFY(qA{RS<-dccw*@mrX~N%ptsnQP&^#*`ZpGcg%6G-j#qCpu3F6j$s!qE-*%}$ZRp|y&5o_; z2w^_ho4Sa3$iDJ|SsZ+cA%bANJ*-n5oHOguzIjo)!g54bkdY261S>5UD#)<|y1xf5 zF+D9SU0x7!#Cf1tv%40eNiQ%WU`pmtk95GkD8jaPALPX8yw@d%R&GeU(7Z35y%lM@ z?1#jCB4)0}FQ^Yw-&J>;U}90r`A~R=aO^7=N>*Y#mvTatizI&{Df|n`acXYzox0H< z%D{V?)_LqU+{|YC^WV<_zxi%z>wKVgKHl2C?sj%2xMrFb{;M@lPbvVM&z5Y!+&&XvO8%#*fjhAC4gBR^oKaaVs7QT2C$ zqEqe7v5N}Pt`Q=UaQM7}r;iFv_+H0!FijDf3fM5U;@a(LZE$-f*w5@`cMEX>+$Ny1 zhF-N2ZcGw{zL*^a199tmPyI-0+`k$l+XPzLVvklxiGEREQ9!s7-^KuuacNMXWjK|h zChsdQBA9dZyl-l&a(WZ+#mv)cq>AnZG0?o+1G)z}rJ8VpE$-+kKL)7?N9%-K=PINS z(LIo*guG;V*+-gG4UR$0BUdXDho%d%YyaUiFDl34)I!}4zURprE|HhHz?B2rpqLek z2(b3GK>{)IR(a2Mb`z9@KKb`R&Ei(b!n%hBV3Ii+8%yS&^D7A8 z8EGphHc$WH2LTEe-H-j4sw4=~yJbEU;b7hQE1PpG@j8m6TjLY*X)OB7tih5e(Pgd& zGxP^|AsIr`>(4)7Dl}Vljo+yk4^hpZzklv;d@-eR*v%@SNh%QCBf32RBa408ISi6k z)IPm*+_c(!DY>r%U0tJGIsZ_^{Yl#R1ibiNwPh1FqI#dR;5nRSX_eYYE38PDk!~Vp zf+>DO*&4S(t)<8hU^@0x|B$2kb)pP6?s!yfD)^Cxm8)W@1}OWoQaL&w(u!Vxdd;qA zTGf?mh9{ zra6618c`Mb9^0J$H+}GM_jUPQ-UyMPS99_69#F<>R^dP)su1LW0nhwiV^@|@M+c24_KA&m2J zw|14-930eca(rZ0u4pA2=%Wtt`g@LsLm34ya^BCmY*V22$5iTWt=1EKF6&SQPnT^g z=B(_+!*Q!9Y?31uvsp#YqIk?BZ^>5=0%0hwH?`69;|@;C`TdHd_p_$%i7=Jy z9;Wta!ujcA*-98Eo4m#A;{|)%9E*IM=tmKvB5*PE5wyrQ`#iD5`0-M--C#?0wlJna zbwqYRhq%Ae^JVQ@nER$>WAlnv2a(de6Vq&<;_ACC+FtyEdh_v;gH4j&yp);MEYkQ( zI(XlEy4_2ooX=h3)Q^qRM zm?x|<<%0WyIwpVCl3pYZv%a?;*R<+dy_trTH%ya>otI!c5fs521yj01_MKxkbW(!Z zp}hd~==itir4zTl#>CYh>T2GoyZqq+)2e#62LG^KhBOcD%mI~%>E8TvSYPakHfAe~ zFrwLL*gxjGWum!k%$Tv^v*N+!eN!XP)sXg><|l7QBJF7Cue9F#T18oTGMBc$Cocv( z+)>-h&I;-N?Y?IR!fbACg71xGz8>8#x&23~urQz+nOe>5yXxE7*?0oupXjHE>#6y> z7_SB#E~nU}Ok<3{7|9}R3^>3}TY!g_Gm#Trfg_>L(M@zo*6n(EaCH0!g#H;>9kE>s%OUE-EO4~73WJHl3( zmrbTObw-GFdsV`=WDTAaNUPMgsLE97siNMdxB(5s9lf?P56dpx1Qm_xFqg$rAl*c2+o+ zW`yKc_{bc7onkG)(nHkO`1dL03&x>QJ>BR%3q;UCRjE7Vs1(R{el3jMNZvh)SS648 z$R`7mf1r$>uW-@-Ocg2E?{%IZ6<;0!U(yHUChH+r7{Dp>!BB_qDk|H^d0a`J>lA_P zj&tbI2hC*vkt5Q|#ph(L&f|}}s@wnU6i>Hqs1Us@TUL56Zuqc7bs8b9O(l_=#4d0? zYIcVrVT|I5GW!?B6pHSjMz^%y8GxXjoEln1v)kEtGyYsr0dXnf&>Os_zI7$rV(9(z zq?M4=uv7uoxJ~m+@}mz3e!pam_j{YPli`elLG{lyo(DGr?;PpY^%RV8%55*=egUbi z`lv~y%$ED;G=xp&R=|pXBzHRh@VyxNoWbgb+WfWVFy2PYSVWd;Jzn%>>g-=>>TFl0 z8~|$yY>Cy4X;KJ2fqG)g8~rh_8hNliY;a-}-+W_M4!4&J8pUr3n<-*9a(_DJHi&A5 zcEaoSZ}arPzuUlPG_P5{-FGn3JAZLE%e>P6-j#o*!+{U(T;&A=YIyX=&i};kdVKq|}`RN$e>Dud1!c7Ym+vog8SmKR39rN&nQWrqS4{*^4fN zYx%k*1QT*RICf?rDXfhxZ5Exz$a7;sI(9u+#Bq`0zoiYazF4m0Pvd}MGBZHDsvAkH zfVR&Qtl4U-fbZa9 zLYE>;@1va2m@UPW&(EjzWP8O4TxYvF0B0og@;|O-Uicw!uZf z)$`Rt`x?6GhOu^ikoh(bkMAt1tpr;g#YKa|IGEYccd$cxz=9-0Jsu$S`-@ut#Id3O zbkXVt@7W)dsPmu8VkI}q!$yr{Gm*n}%YsX=JPl0obbNu<3h|#yxx`gH|FmVHd&3QK zb61RaXoS#fdKqgnF!$%V?1FVJHIOLV^iltYplisz zV`*)3#kZ>Wtio=1h}{wVPvJmyl`GTkIefrzZvdlVlJ|I#nf7WtLlx{r?rGaNOm#UNB6cFvMk?UJlA#rUTKEa}^AntZx#5Ag~j z2y&bGK4qCIYFQLOEItM!LKO-#O|Y~{!q^SS{?v{jxgQMW(=UC4yeMZclpk2tONme` z^PS`y_E5e_7Yun=5lxj+*Ypg&^%dQOk;{iqY-kzIT(sK2F-!&X6t70A%48O|>s}x&E^(f~EdekV6Q^d02?0%^7y?@7 z$i-+74F_Q?lWQWgtP;lHo)zXP~2>Tu1Ik6L%JnD+OwT~mCc-x zTBo>ei&tE{HtBn^qMoDF@-%kK3j~6joa;dBDucK)p($jUUF&pV1wAoN?Ro1Tv|*!e87viWFaB!QPTfm#k#ep#1kYU5!6Jj+#nN{&%Xm*U zw8}r%Wn1IN9a0OhB8|R=t#07*dDtg!{dyxrmDiy`_4G${rJI)~z~oexC)El8S}_i` z6$6Jxo~@qFH-j4H1{*$q%ZKQ=BI8S%oiHy@6^P&P1|0qgej7DRJM{Oo1ix^YLsVCe zsua(ZE^!AA`uzdZx7`tyhuWzv96AT37@Y@8CyD#yiU*ES1(xO@4Ms~K{1@n89QW_M zw}cN92UbPtoEdc@r3BwTo;lX7YyW~9RvY&wz`EJz@a@c8G})4%r~$5VRH(qAEO0et zBuPjKy*u8l3>1gL0ef&V~|CKF$nr8lir|V?07;#U=wy*}T2!Ai*ns!+KI5|bZ z1(kvYD?p(xD!H03rYiZ(W0Frf2R&bdpXrjA1nvv(hX0C~`6i1Q-X0=RBkGyc8@jMp z%BZfywk`G@xWOFUiT|KoW2jy=K?^T6U?UTp`pOS&dQ%ery!Y@a9qjZuZ}XFtn{|tx z{LaAW71D30s}IrWsjTha_DIqDH(cPqL%eWS@bT5X>S1t_hU6o!{nAbPdO=&CWv$%W zkDXI|Hv9tXR<|pyLn6Z3#g$fP`xTr>dN+*0Qg+;{+EY_62>Gwq+qVcNjSdEdLv+rh zW>{)~6Jd&{May#nfJ^L`jO2Omw@3|5*h;bP_BW-0v=A;uuU`hKj4>#!-k)oUz!H&` z0llAbMge-OMhMZ?frW9V^rzQ?eazbMTCDM2cXHPF;y6K(pBu(fkulzI9PI?Gz6t~% z$g!gL-}lot5BA=VkNfs-w%w(ZH%CRW+dnFZbXUA~=PUhI9~I%Xs0Z}FWbt|Xgo#q! z6Yz%?(a4ZE8nxsz5y~<|-B_tU9P;KAin=l%Vt4-5uA3pbT}aEK82XaP`s>%Xf9~Jc z46ood3%dc|GG#^hVB?joqj2f9%~pXTLzIA9-^z6j7KPrUv#&4II~0?>W}n625W8uM z))V&BEeedeUn5t-;bgnR$uOs4K2N04+gfq^zf(CvN;OSr-jRPW2O48DRX|@rJPNUy zz9B-yg*XjNzeut}Ji0L?qgatk=VMQIMbz_ zrVSLcVypxpVCFp`of8``^a9B2o1&ZO>t#A~<5JHCDd~83plQz}E_rw4lP+o@vyMgn z+ze>A_nM@+r)>eJ@=hapYfCrF)TiusNCsivIvYCBNe%A$9WUY9Qf5wqinsNa+PXox zaEfZuX54xtP5J}ADo&47c(ko$WZpb zJ#=EKH7lB~Wa|yce*Wyc+~l^Aj}~DniYH_*lRw%_WU0Fvh16 z&3Gv7g7S$JN}4?<_3CHe9Gub#33Uj_IfS6`Wx}IMgZIbxyy5j81|-dbkm5OOxD^qm zBFUZ-c-@j96osf7C!bB)(fi4fD_oq4l<&3(ja}btghE>^>H7gQq)N{tWMG664OQv5 zBXxpOcxJ2PcJMDuhJ>p{s##D#z&;t$(fF8Gg(|o!?A{w8X^-dQ^{4M6>V=5t_K(4W z=0-J50TuU!bu)E1e#Sp?&dLUIFFP~(Tp@{wY|{>*YJ?qQzy-?cTi0?#ZTqooZea({ zIO6wqW6q�IdvFa3`WMVc=|>mM1JT{&~|qCi%>W-C=jG3M}X^K*MkFbLd8i0ed8^ zk;hRaZ)QIebjK!}Sk851lA|_FlMUpC{hyNVmw1R>Ae2n+lzK!qk&3=)oHe)CPRNe9 zo36@1`_1uZxVza4hzR}$tX<{&jGEUn1W;=PZhuk?yxD=9t!6SdA*<1YK?BO zNRB<8V^;r{ofaOHnLmyUWR$_7wL=nJh1qUc?ez=5ncbc-Dp zWlk3gx|c3gVp`RM1_fp1P_!~-8@0l)yLQM~X}_G&hKVfy3zWJU>HPYXmxlN~Gl$y+ z)JidbOz5*kX<*>!`~5)}lBPD`W)-+{ zafoy8V!*Gah^=+VtOr7PnSs;^1|t5^hy9}v>mv>^j+mB&pN!O?0@G?uJYpM!cA!)?#f)w-%#b>LTyo5XI^E4l`gn7J!d?p z9&mbshe#B_+jwB)UoGn+U%Klm1#6!&3%NqJ5`X8)SqMvQ&lI8h*=0Hw?+*#|Vg1M& z2=-GE%Q-J>c}jy9jpfBBu9EaD@MN-i^tkJo38V@GD8lkRYd?b_AYIc!Q$9D@xTuFb zd+eZ=&FCAlCpBdD?+N?IxON5P@H9mdedIZfIB@O8c=jEh2c~Cw9^3r)fQC!n9#2Px zjvdj&)py|tR_j-5$SPZHBK$~!Xb2kwGZ7wi*bl8%*-B%k2t{VUkao+!!(gj;;ls_* ziA#_xy_vQ5UZf1XjKGM_MZii{e*E({uW>@tH}^8-E*;X4pTKdm6eNk`#MU`#cCv*# z#3AC`_lC5>GXyp+8d42YA}BsB)~9i9d_QTP%Lh6LWgZ-qRHAWTy@j*pk;E}VqBdAs zb*2+)FC{NVVi}k}Cv&&^a6(JV>I=r`(>9pC1MfF5ed2Qa$I+0&Cdk2b^t7qGGMgFH zmIhr;#h>X0#78FU1fN?}iPAzMSz{;w&RO>G{u%+xFKmLX(;BakUg=;4{ul1qo56fC z=zD=jp}2Iwt8w@&|2?RO=hH%V49?Rzr@{im)D)q$@_upF(N97n>J+E*U+j*9M4JkZ zQI!a?sw7Rtm|Ka1JquNG&nxVq7Yy@WaxM5aER0S z&xeY&HjuJ#@=KNyyr#ejdCDf?VTMUJ$%+^%;cD7wxzjWks?(2P*t;ToLJmT^!Ogjz z8qIYX$JeE2zH<=2dl^6d2}t%Ill@&&Tz_{er9n?Ap6>$l#px0(rtiJIWNOwuN0W*K zGv!^%iQAvW$?s|IkzWI`qh8Up%tSgK@2niAO#08YMlGx|e_buZ^G2nSkmUCnR9{va zy&8;2s>uZrVc>N|#XE!k!1qaDo z%qFSNrNN>?I=WzlICF4!ZxfwV&L`^z&h=aqjd;Z^kzw9v9f$ue{Ftbj0T;IkfSfVM0>+Zv&e>Y1LYTDw+*ll|_%e80IQ~isIhVb3-p`MJAb_=+RNg#wA`?_5OK3K#)Rfse(mLPgsZQcwQh?eY<)G_F@>e4>oXs9ZOF zzAeZ84V2Q>Tu}>m5AZF3^BR$9M~i&^VNb><_-JtwImNY4KkotN_3OU4LBt7X9q&o!Q&LwO>91033{SAu?rD^7mEgN@&NwowYO z)DawgO)&6_zVnC`SkI9bRj+9qf^wz<;M*bRXoFp_+DsE(!H4LxzilZqySo}q#v;6< z@Q}&GXW;kc=7#Q6e!uuM0-#6hN*O@~o)nhXw_SASTRp~9)JMRkGMwr8gNUg~QHIS5 z&p$1<@Nt_42GwI6eHJ1T1tp zZx`*eV+m?i|22k&42Ls|%YaKfkK=Y&5(HghQLH|#&__T zpTDmLos59E6PA_&d9Z|7%Q)&I}vag^XkQndN}TzBx%aW6ZPv`^7O?7;)Scy=Bk zg)f5#+BW8*-hZwN6evNqKR3jSe*z<@>G3;O$MDZ>eE zmPc)~(mWLARAsLf{TM>W-62v4_w3|Vph_l@EwRh!QTv8;NP51Wp`Y4n0EyU8N7hZj zxXZt%)Z1Vx%-z~uR0-M+YPC|9BbQ|&05OfeOIa@q0ZoL1K_o3JbuIN$>fn_;YT7q^ zXy6Rs)V;G0=hPSVqiZwHx$nb<0K{r07qldDIQD7~Ob4hiB?Dv_Pf>*|XO=p7gBJ;f zrH`P4?S9}DL40b@L}#8vl;pgq1~2u8z7h)xLPQ<5EZWwd>bYSGybkcYI2F{RDot?d zs72COXu|8PE>~Z~#ruQNrjLc(RSl~OFx5o%op!^$k#)WDa!wkfrJequp4wMF$Ccv#)k5LQs6TMfBjT^_1?d0^RZ&VtASROgL0i5;%1DDbDi~ znK)kc#qb*ZZ|<%o(}9EcK}c|{`!vMt^50+v=RugWXj?Av2=$GDQO?$`OjWV1Nv~(p zOKO1ILe}D{ldGAerQ59x4)MB+HI|s* zf2JX%Gz^5uF57q%`2$HJAK3exJZK|g0?*smAF3aF&tEcI{wH+*W?VZyvb-_*{^!p7 zlEy;u217C7qo(;>IfmB^w`HyZ!=npgXi4_Ar(cC!^04E@&Cch_@TUk*WH%s=GgR}> zQtw-w<#L^F5KG!;xlBaOUIFsL{toj=5>|mOIzCaz>rGw`%Cbs$0agy-y1NBBlVOg1fW)87=`x~74wrkQa$oO>7Yz&dAQ=&% zTX!R4z^iS6AtU4H4OHQ|AqbED}W0 z4$5Y0CLPI#|K{6tx-Af1VW!koPD2MFwYl4VA=ZK<0E`inRFPVbF$0*!+76+4;oHQF ztvG$h8rOFFvKVF`OKnFFZMD^?7PF>0LpIg@Bbx1@W5)VxCWa^Yau#_Gjb9H6vD|Zl zU|9C2GJmY;I_?{Nu9Slfd+hLn{~>6VzH?W}`$7hJT<_XQgTf}P?Z%4 z%@@O@;kM7-q`C~E<^oYRn@#GagLcM8-(?i>@Rb=X3cIf#ff`xx5}F=gAp;$^#dt#) zm?xi;0$Jz(fVE{}K=p*tG~`=y3{3b&wV@Z#*vgk;f~HKe*MX`u&#|oXECCHup%4n6 z4xO!$2Qi;pKq4yyUP=K^sfO}tv|ZnSm$@wIWwRJttUE{B(xdL9he>tP>TdJ3?P*y0zw&iJ= zNIH>5;`m%rC7@C*xYSIziw$ROO;|S=As%}&dP!#m$VHBbOA4x&I4jQqZPOp64GhwW zp0ck6(z1^nTvX<)VwEndlzTp2*Gb;?PE5Dc*RQaCi>rZbhR<0{uN`?zs6q?l`JgVb#49ahRX3hzvTdD}^=dRDy)IwHy7z1KoNax9f;p&b zm{7`8d*OQ*;cSGKbm5Mi4Nw=+6O-(hA~^#H6h}4W&Qh7L!ylBc>(K%gR-ZftepcCX z#4w#Dzf&x$QKBRFXcF%to=%Q>%Nd8FjqN%JjFTht0}d{6xll_x390Js9ld zLkTQEhZ&Dg?5>|N=^=wIa|!eXx_Lv8@K#6%hH}&?gLiRvX1=z`FItx+mlLyb{YA8? z5qcqjiV#Ad&@D`cfoNaLPP+-;02e`>1a9azbY0mUF@ZOoI{o_YXyXK z5>HsCu%A`UNr6eCjz2)j$6>H}*qK3SF~n&~ll9yTV);FI^tC-OAs~sUx3KHmuQ5yw@84HFz zy4K5h@AGClBD7c)z`HM#RbLH;j!s<89&BKg{%u9-#if=?! zS0;_lws886kBgs8w-h6L;mfxcc$yt^A2;+^avBNM325hmwn;5NE!W{wcg(FgnKH<% zRkS1)$S2euUg%7$2d2;r;-}N;fj~!y;g#zo$wO|&{Yb)+st};TuV6hlNZza?-0l-* zF`j}DzJUMvV5{L^AtJLZyU$;zNyq>4r^#ytH6^*ug5s6WpW*aM%VF#A~uHRTYd>3Me$ z5a3&JVSjzFch(EK*kF`+L!6Q=ToSUI=m0hKS)|DStzxk6vtZ_7Sjqqs{P@0f>aFpFU+3 z&0su;ntU_i8?pnC6y}D?^@waaY7t9qs&oyxy-c*=$N#QZTI_v{g?Hq#hZJ)(t~be7 z6Pgnak$rhbY!rt0;Iqc;>ghqxI_>TkR+LlEGsYW;eFD=YH67S(DYV<+AzsaxV0W_VVDL9}@N9Db6l- z`QN#&iW<*uZEKrWPFc**b8=etzIe>2R!42K*#b0U>I@Z}&tV{Bohwh=2{C@vtSPx% ztPJWd3FoA!s*zp2WS_Cw3~!lA%UAhJP2Mj8Hqq8yKf7U}3AVGy#aM8*Y-$Idn3J4A ze!7A9xb6`MVCv;&4XS1&I`g32R<6gZB5UwNTRNh3f!doPtmOr$t#iPl9qSkX-V+N? z$Mr3-=<`o|sRTprDuJj|B#sML)OnRcm=NN<lZ(&Zqq(DEMJ7icOMxDa6kH6WJX?epe+>XQmYWj13+`Fi6MEH0 zOz55jNe19^*~bSwM~+GUz(|_==5Xly+=KQ|1v09*lky*>Y8DfdVv`=q2?FBPF>93_ zV*q}HpBBxg_!50$lf7|Erq26t5G|9)5=>1*st0zXNb-_N1oa4S=d#7Wd4sxnU9o^F`>ZgtiAH-gMfGa9Ilt!ze3QJpDk6BaV!r4ng;l)rjSB2u`P6}h

@XLAs=cndH%56ih@9rk{qxWlP!dQXV#{pbGf} zy%x56P%Iw$LBAe1+Icp5?`*ls>*4g|c4u{G`6GE4+|qa+WRp*hzU`L{sNGpd@_J@z zDRIj$!K&6KI5A~;sWeQKWcB$0y|n^3y^P|J&WLhT#3E=x@VVf*@DZRQx4e^Ce~Ew@ z{2p3@P-N9R-S-(Dk}N(;p~D>~!tFR<3FMANSE&339us@8mL|%k@hcK92N z22CVhem2wjL05R*2X>*~hMzPmWPbpLL72Zk6#etBPsyIFvIj0yGZhwhs}AjIDlGk& zw_Mg((0H7Bh-pp4aWEn92xK>v{Q6LSy(BlUGqtuGE=erppKn0Xf(@bDp1zq}kzucC z@#Q4~ugw=t0B1=o%k^TvQw+Yl0DN;UmilNVH&|+;+eY^Po#0EFjrL<@-6nJvAYRDR}bU%`1KHiQllfyXWn=@qOzh;QHMag#JA|33fsw7QA?Mm}q)QNXqKl+j zs)opBU7R8NofFonN@b(R1>02np6whpSvyt-tE9#!g3=63(78v0A7V80v?bMC6<1_b zs`BHm6|27$`4j412h+`btE#BVK@@+qiMRc&_jE;)X(bRniYi%)kQ-@J%S&O@Uwqkm zD2Jo1735D!zJweea)_^pX+-kGe5E0-_-tM-3f?`g6*HFLuyT#Y7z}5ES^-Cr=9#HZ; zdA{?Cwi!DOSBxBRR%9UUQj?4j&20um{&$(SElq33(o+-~wW}j?mZ47>uvZXv3_fbH z*Dd!nqBUn^Ok&w63#^t}p)XfWSCWU1zQ6+sTxGvxH1Y70LU4Saw#8$sZ-2`D1Xs0B z$vUb1DT(Z2Sc7mY(wUfJl&A?l~X|&}4PY)RqJ|@ag#V?cPp)@v$+4(O7}|3=r=pgv4ksL|*{8(At$|LgY3o2)Ij?-Tr0E`l%`+l7 zbZiY&B{bUaso6MF-Ojl(w(;lT;B+Zj!FpgMsC>KmKxh1QT7hG0I-_%~i|XEVgWM!| z&_Pnh@u=$mtU`2Kt=~qh$E9QL*QKTaPwRtpKO)5RW{K2ldEVW~b@~o1bklP^klyop z>2-(|cp7Ma%y)uw^}i+lYq4^#SHsrb=C+DnH1ZL{ohhZh_a>_rak<4{b1}?dV|E&{CQjvcVt)cv#mB8|*>%%P`AM^vlFRhI+H-0R_buf#oD( zDpxCvvy@`GsD1nyz$$*RJX<4F^<+l*oqi_jyPr#G|Hq?6y~C4>X10uuu`KSL{;w04 zWCUV$no0%D)NH(GVrzCmTe4wOvt&)VKNpJX;0+d^3oJOvsdPzG?X$<*HCyN^VAHXs z#;6qrjEt3JjPrs!y~&DckBjhy{`-tRJk#gpe)tkhM%FG{!7RNF-pNeVx1tx*rhr?@ zMA4QK)*)X7x~WMw5>1GtF+1}C8;h^~nq3m_^t(dRCcFX&Pr`w%2fS;9 zEWT+T4^0>#npGvXLcKJe2|hxjiM-hid$k_-Ud*yv2ENiI--d7y!^%~n$3cj2kMVoE zbiNg3qVrr~+&_HnJ4_WN1=5RArl2v5uQUh%3E!`W(MEeag-7rB*wogtbE8TZYcu3@ zzJaY3H-kG7PB`e4LE^|DF7I+I0!SJLzA~RV%Hzu8d*XsYL7A2oe2w+2#zq4D?>#V& z@OUlu%JW7m)7dM&@zowT*~8&-L0&|w^NKpXC3yAQ)2o@Pnc7j@&emp16JAtk2wyx5 z%%K3BRU(5AGkxi!7K)NALy!P#QwOBiwhs#0;q}LKAHD>k(8v_mwA$8xF5Srt;%?iQ zZ97kFZChT&Fp?&fxn96ETmw_HL)D&9#99nY9vgivU^bAPQm4ff^!Mn}uDV0hi7A)q zP~*&6qB(L1Epk0Xk4k_OPQ63nK8!OcGebQC1&XiBek=MDLIZOmHUH zF^ZdkatAYoH94uVrQ4JV>(H@(S3E{@>i)G1wl)g&vxpsp16d-Y=G;k9UpGvguTJpAO8g-z z@`5`@UM*1fiRr4<7pi|+41mB$Dkb?vGqISNh{ISzfj z{b2(&!*KW?_NTqEy`OOq@vb>bQ`v>a#n<4qp5e3H^!-e6|H5&Z^}G$nID6<)+4Zw} zX()J435+Y2QEUK2Qxn>8dLU*9O*s8|jj5XfGntFNFV}%@b%$|AAEiX(MM%u|r{1mq z(Z3BVkLZ|;I)A44md7wlS0EUkKfsnpv3g(w9# z5Y^Mi%4XJ}ZQP(8HaFuJXj`mK8d8j(BYyCCgz~jS`&Zg+kILQ(=X82SJN0^~<)$pd z4`m14ok@owOVs>VAXnW??mk&?%6c)ugS=7S1gyI&>fJE{|184KK;9jG<9hoJF)JsW z+yb}Ys1@d9_+8TG_<*(KIueM@lD`rR0VX0PZu!a0#m3IYtl_tRtQI zQ;)cx#AkM4lqK0BA~WWTBB8x|kI%IJz*y(;ipi_r9vLgGY_Cge&p*3nqkfkXZbD}>v2w9hQ*hSAVVLrW0JZ)oZ6dRL|qBQ+cBVtqy$&`ifJ zZ-7cHV;zrnlz#Y!)N#A`4I^OlSa-MlVD)zVaaAoajM-OTVt14TctY=w^9d&Y$z}9! zgQ-8^3rIAew{!EmV9%ra2fv`F0gZz+WQ{a5*c_hn4&x9qPWa76 zzeB~ahdX-BiDq!FRM@6vylUk@cO7$F_$-TW7m6iBVUzCl-r4tXc=Q*6-m62aje+pU zzE{pk8>^8Q(<4Xpo@9|H?me?NBUtNmV75GJqFD zJfdj>A7W3-xR8PCn}w>k8Vet!t9H~(Sf;%{6OGpX%{2E#n8^7flJI|2eN$r|3>Rc< z+qTgrY3#h3%1IQ+Ld@kq-b4S+&0O;9BzJ3`uthjXo%3wujZmM6 zsaSTuK(r7AE`0nNQb-etja{}8n(*45!+@MN=k#4X2qh+DKGA6NN{xnz-gsjGe}ymg z;=2~N-^R=u&>X3>6f7{!)JtHS%&FAkA=aB5@?{>O1)HgsYtHBOd@W}Xu`Rj%b^T%@ zi3N${0|WX1J$autom z=8V$Ik#T5#M2eiy)2`nESyd&ao_GE29qi!A+OqTjR;^qAtbU+cu3%>$G9Y_*pXPzcPaf2+*2%`c-#pv5GF`9mx)HTr0IsiX z;fEIY<^Ps*1rgybhe79+Z&}w34_b@E8t~P_wpivJ=xPyoEzq-m_kc>zaTq$o^}q$( zj*GSRBxlT=ax}=w4KH4yKBU5z##kt7tpM;}JK=Q5X7KR3?PCwvV{zhpw&kCa_c0S7 zwy71DDR7RUZQ5`8NBbuGwRr+v@{eU`%mxS;q`U&sU>qDAKkiB;=H{sssM>OUXZs5P zu1qP~slv9LL=>yKxFGtWc?5R+AY9UWgN$G14Cmm8_AeHDs}C?MfY{JHp*95iH1F4W za=ZuHuFD$DspE5XuN7w^6DRG^VFO@}rwVz&;401BO9g^7BT0OKihDDgeaB#-H^`q} zDvW;3xRy-&X4z4o-kQ%*g*C|yky*-XS{0g zG%KYgtT6&Vb73RmCyhtdwI22>^UW5!xt!2<4^z_>Q0oR*O8fr2jc`RzBgsu)DIYtH zgL*|88<|Ep(b+RQ?=Pn6*!8uw;dV#N8(2bbwA^klzp^Tf-Js^|gHOqDM!}s8fv0+m z)S-C>lG~GRLn2o>H(Xf)Bgyyx???rYXPL!<(gQuE_^GCN=NS-Y45WhOp3_25sue=K z3x=YlUT`eq*%K=CN2Cl4Nl$c@ZdHp?%xBVA6-zb2Yv#0n&?col{Om4!5Ofi1@87On z#PHVNT0$cwTwYdn6VsyUUx@*29<|xpc2sBaKsBz*oI-hmwCpb$@HO9(J5VI73?yiSMy0EyGRi)f8sAakz{7Ifz=mkizy{% z-tMnX*K?1c8>_HZOfM5hgFY^iorZ0Bi21h{>7xOpuRNXve2LotbkYe|kE3OF+(7Md~#&g5+NBU8F_m1;#~rWXXSHQ$4O zP4xYe-MdI{1iBFteyDIi`fse`;3Kml@8%2+3SH!I$O~A}j3_fBZTZ0kKo!2iQ z9k-HiFa)xTYacqKa6q*hug7%_d)=%iccWrrWo`TVybt%Kt~@x8 zxU{!yw=MAr=iA}fmh*JzGAAh5ET3b2nnC6g2y*B*PzDx7^FlDaiaX30=b{_*elz>W z>#h9Q-oRB>Tb3>0yvsIFs#E;T=aEDJ2W*X{0H!!Rl0-UeQ>|&CZd$z117vk;Yovcy zfRj&ZE~8ipIfn7dir2ZJ;=;;&=uGxk1O9rR6~2bW@A^{N?BE|X=xYmf>zQ*ScgsU~ zQ^-J7tO%3C^<;(f4a@259hmZ!Vdm>u;$O99C{!3Z089AkGQhkClswr*#p3OT?^KA3 z);*ZaeNgdf#pVsg(5*BwxW=V4>7j@t$p)`|)0ai_92sQxd8Db zi#k7jc|$>o)7Y)-pSDIA56%?B8)d-=NTx@36R17;8cn#yi5&5kL3P^HRyI&`wj-#I zC~BGu+>26#(PoZ3^kjTBbrA=FzfRS3b-8-hO0-Qq6Sa}Yq!XJ0?v(a~yg3Ai;-*k5 z-A=*MSl)Su1{N|kKW#IOfLG0`i}S2oCsyE31=6vKVk0|WS`&Ws7X1-$G$gk`DA@bq z;Xw>QKv+7%q35la=bgKib}Z@ZAe+}{n90eoA$g9Gf+vl{tkcGiAykwva1GIol`ve4 zpcv&^@l4O(&GwQhF_}-5CU|qYfuzLgbxia04yF+mQKh}y4%wdXZ z*9Yv^*CQsQLBBSEoB|J<^k5qU-1H)M{Tf)iyTNJm5Af`3}Vv?y14`r5=GrQneJ$BRwexJ5DyU6zKyB*=doSQ&RtdaXJ@~*bg&{B6y^hbA7-LnLmBUMcRwjHEF&z zn=(NJM>oMtT~w(#&X0KJ%A_0Z{R6BS7KNXDr0^|UayVAS1QnS<+lK&TN7{8`)#zgp zxlPlLYs6sAzkPByWH)aT(4H(`A#~s19E-(|+DZ{=M0n{$vljrJbf;W9&Y_g2Z25%p zLW`^e6fA?U@3q95itxXgy;4(@C4utuOiERmy2ZY~m$g4Pnx9P?WYw8VX30Y75Q+aX zMN$a<*rRRh2bR5?W~1+c7bcpovp*{Y0~}trxo_JS{_epj-QPr|wENm{ei`lcVw^Yt zSKY`33zAd1g&pXI4DP;5ju=7a581E}jfMSQ7KoL}T2o=Pm}3SxcH4fI@zpK8*zc|m zvO!fJ0=hepWvo-7Tn`phj}?Bf(H!V$CoOIvpdKRvI_tn$tp=N~Z4h@;?&Jb*Ujp6Em{EBm5`aPC;F#RoUBOdHF>w0*P$XX|5acR@;OZIQezQcq18VAc54YVt&5@;QZW7f0mjIS~n24qU0-Uj&a#911^F7V8Bdd>I%aO zWhlYGOo#DEPA`Lt!&B6Bw9pNIXeiQKtRPtfKDikRyIgN-leSqh>Twf#y^{rX;ee>R(JIPXGyKiW9vtvFlm?08fE*8Lu3|ttZD+tmI!-t}R(CiSUZ_SIzqg7bk2e}l zC^TOu%tIyU6$XTJB3h`sw6v+L9jp1g)wnW6Xj$EUq-A;OD5LBQN>-0KBBHw4@yz|S z=6TudbDy~#O86a5I9ST}8u-n5f5UqJ_$78G29r1qMX-4oNh|*sc#L$GI&s3yIMF>B5i7O>-Y6;WEv4262>#ngg+Bp-)H7?6gcRB5{S`; zA#SIND-eL<;;y^rPIKyLf_jDipvKeg{CBnY<&xq8XPo5@TeYIi^Oi2-OQHr;oNi79 ze<-*av+y~jgdQg~MCv{YC?Xb>2fYdUF4j<4#AHk;OB!(-kaz}^QUOk#gmc%bCgZ9h zKZcKN#^kDW(*`k0Ty#pb!X-WZnvGKYpQ4F^nllcQ^LYCof8~{%P~I;eIMAhg$S|l# zeIUdreZ31STYYA^TgqY(mUHz1>(NM00mJjFD&8p*4LYS#kZmPp(GeVhf6@EUl+*M1 zy}w%|);@5GK{i#N5$l_=nBau0WW|ft)7j(&fY!~Kfz;46fmueI5F5q;q}6n}i=G=F zAi^_-XKvF9;JAPQ?N>0!80*dbw5D8aFgZHzLo&IHRinuw+gnX`i{DR5WgFQbHY6j# zj?cShT6?NJPJaaY40seEg=sFP^JDgr)j*geENU5nef~Hxdz!djt&Ot`g>Z}%QjfeD z|I%4!K>;&NjD$f}Budzr&5Nt{`Qj|AYcGYa_*k0zEW;WjR4y&_pIRzS+1(2Oq}%)% zd9FR%^?THhKj(LO)5h+6rVVx^PGiVoVh*Kr8xLAWd!3$U1AhE0vz8aI5VNFrRvFgA zWjf{MXC6inP>WgJ;OX>8HPL3Shq$as8PjfUKN-|m1WwjM+D11XfM_)BY_f2-m&Bm% zOIa=N9&b7|L!L7xz(RMRkz>O~J`>WtBg1(QM?bqLpOF$Gp(LaQT}LUSQy8dt%rS?7 zjpodh@GMa}mb4@mCEsbxurHnt6F3`ynpZY`#*{skATX3Gk_vXIRWNnccX`661fM2R zxG-D|5gF-)6$e=x2eGW69Y@bGf1_!Txab64#YMT|dr8b4X!U*}eHn7~y7p~rZvOnd zXK?#(%;O6;f$oH*)px7?Vk5!Odu~ymQg_$J2--wX=>~wi0WXnxUA^0EpJQ4Ibtv6b zs360tw0k^snX;Z7O9OfFWzW$gUr;Ea;|JB~x}|0tf{aKI+B^^6S?;)u5U_x^MOTB; zwHHBEJsK~zzdridK%k)L$7sScbUyu6m$)_3htBS+(xB<)3$Y}Mj1SS1Ak49lPv>%gRbOQOuDP-vm@ zZHpVs2HY}^!JPFiS1(y{=|84Xp69VPoUB86qOax`9x2%1OUvUISQd*FWWH!)p)Ifyh}UOJcy3;05n}kQX54~BrG2Et zoERQ-U|E|DQ5e#+UJ0lO>)wQ-JfU0qXLz$rD$$&R%q!^vglO4g_UNKD0@8TtRd(MA z?c)UORrQaubD@f*>GyM$0zvG^soY`nMKq2v zuXNYSoAapWS03*r{Mbs}?xU_Xe2MdciOkldV#wy>zX`|7qZoRF&L3}GxZlUaPO0#m z+J8ipw{i@(l7ndVXkb3jMLUzLA%~Ru9ZJqNPW#R7@{v4r7qV``1J6-LG}UI1q9&0~ z$^q9fCV=M*o$I*kozpL5Vf6JP?P#l{`(%&Yiw^@=1Z%MoQHhIW_LASO42@&ko0}ty z-*dSmiq~#9d~bodufDAJhW9rAjd&aIbwaO;_`hFo#i0a(S6?*(4zFwLpzBmP0}zo+ z?=SO+NZVi}8@mh^caddObQjMCSY%m7sT9ww-nb}ab=g8^9gO|d1I0}`4(xB@LWtpz z{Aa($He@oCHUw0xqG-QQat1u-3p+tu>N09$dhg9m&9 zAXm56m%U@wBM#uHcDleXMgRfU1Z}tk&_pdy0Pn@2p1jWEs)HtM?j^PZ#V2G`4ObB* zu{3d~S1M_Sgi|=S%s<~_&4lG#7)l>*LQoyIJb{)kuh(CCO|Jf`NQj_;kPwbR%K%LP zI0*_<-li8TW^yK0pXqTB$hQTj5-+A@ePvGtiM+P5RSN;O z6x>x8(+V2h!^g{ui=C63zEx0lHSHSk_hy}wwKpTr1*Bz5{fa2jXk6RRWu6_KQ{%3^ zuZP*dRJ;9=%$E;Z+q3p!|NIgpRH4+1`leY$BaV9@VPB*G>arI!(_TVz%*${z@pyQ1@wAx;kCdjyI{5*RK=9>wS z`BOeg&W-?fppDKk;Bo&GR=2qPqeJ(*1Q-VV%Zy{Sv^BAS$ojsn97)&9}+%W9Go z;pQ!eTWATn3e`2TjGb8ty9jw~`HVOzF3t<}I}H;TC%t$RKi#YjVt(=r4uw9cGf41p z#1hE2I^bH#VE-L&M`=p=DW7k29O8FNu3>%jT9>VG6OTAe?%_o3#>Ne~|54TAvS;@F z$rEIqvau?q?v;Z6wxsg1z9MmCHD_ixo+-j&XAPJ>o+3N6^0`!%a@$YQClG4CK4l;R zPd?5QFQ1rfhL3K0PkGtba2DF)>bn{|N6>}@;=Y>&|JacI1`~urisxg#4moB9y>y>4 zB)Cr-y`CT@x%R$)bI#)OE>Z7Xu@4hLU#>dd4~a zru_R>6qF-xTdh`JYIURc&zK^$2qN~`O8QP8Hoxh*BHkUmZ7oO!B7KWUvn?8ar^S1Y zjYCQGasGq12$M=2f?DJpWZXYiVPFCaF3iupZ?0{~z!KN*M_bfHP$!O542adT)6(P% zyl0}wpc4XMwrw#3;uZ`q-f|zeJgAQY0K)YT@FIan)$8_(12g~9-gy*cd#Qg~z(DT$ zdPB$C*4gPs%(<7_;@)Fo3K<4E0>{tv#yO;a-HMLc%S;a5Tp7`>7hFl8eX~9q7Jd zK$(au%{OyPP~KTt9rH!e|)dN@VdCJQTSsE|vovrYxT5A0H0~8;x^h8YjgRQlt@! zkbQI@z}GtzbRlS^NH8@4=ZI~Kjbv0jJ*}-O zn9U^4v0(PR1wL|QHC!CWvtPQnb~_O{%G7~CKM6gp1|Nn$mD5&=(r%bXE(;%0;*z`Y zXZb*nEqP|-!}jo>@!_XAc%RN;sZ9^>7yk9&_4gNH-(TL3dcIyYtIzo^(wtGarsJPU z|0f%IJ8k%u;OX4OC@_L5~e%C;iyjOr!1W7G~w{CY?I6OP7u$V1x_e~?i}#d%|9WZfYvwJb$&|=UOjstmXp_*U#UaAjj!lB z;~z9bONXGmUAF5q=89vVH-WJ`y>E}0H^sEJQfjez&|!-aK6S9>Sor(>0F;XsQH=Sl)t00Ym4N5 zGi8P?4U7#Kct(lvQNljKAGoZjg;+mBHQzhWY@kI?&=?2QtA?x_R26D?(wBG82v&?I zUuE03Yiavtr}d<*3R&tVJ3Uh$k8WgcNKrLpPfl`^3_ReI;P(A2zFGaa=p0ebfr)Nh38C&9o)2f-Jpi zmN&K^v&#luiIP?0BI$8&od?R$>bV@7b|7UdgwU9$Ss4Bm>T&zad3?~FG$i;U9J74%{Do>apI!o-u@2|LFt&TX(mA3kmmJ?!DfB zj~gQLB;+|q_Nt=D%Whw}Tjer?`ZSyP)i>;@cnD?FP3hn^ zB&j$*YKV6CUuEOYUoBM@8|bSiFDK2m6tt$M1+Gb59&v$2c9na5M$>XQdtqL8xJ`H0 z#a$qq>D|=H4c{7A=Hs46`K$?I7Qj?^cIi0fD7dfV&I&AM1@7f_pV;Fdp;xq!ulj>N zqj2-;m5O3a%Al-ArjUGZ`+g}$?PJXhQ(P=5VmJVU8w<(sY&%=+H0N}3lzHwswKf__ zKduED+s5jy1xaOf0=P8Q2=L24gCFCc@##cvH5jV73!_IGhzHMsDyLhBJd>r-ohLaL zw$B4!obv#D_iGEs_02!jhabtZ6Y|P0pz-Ahkxiq9g4y&(JW3+T2%9!KtvQSkHlw|!NH*&aMFG8Mk?62|I@y;t zU2khCk1Cez6nW$6Y1P^he`J8I<^9W(CIX;FkdPXpr#aK$r7jF8l=yn*nM{1eGXK^nzmhjh9m!{|9b?Q z+IPJoDgZ}@=i=hx@VQt$SPv_&JT>zTS+0y-@@$7KtyeGD$G-+<2R(c|{{=PatGjD` zyR{rGSm1-%Z&ILvCOcrAX9>KZe_0;A<|fo&e9~Qr zw;tUi)`Z8rD-AlD@=$mS#03CU;O!S3m4pmi8RP zqarSVxrd@}`-Ff;@Oo2Wg{^>@U#oK-Q*s!NlQIG;D)0Z;4losW2#)|Q1zQl4sq->5 zAL}D6q$YfXMP@LcC>ss(e~+uy0s&zR7QmW?oq2$l?{!i$Io14rHgyBWdpu2Sb!#a3 zOyYy)sCF+ucFVQQpsIg)C8m87Qn&zEno5ALL*rXkiCpAfdvyvgxa~2Fc#L`P4v2i1 zem{V7zpwwk-)ig@Ya+m=PfLX3^s`5c+7Dya&RaXrz)>_*av>9E&LqxCe8*Hbj#FUC z(<%}JWB-~^8&DPTvzN+MSBe_7^eYq*Q!x&);uAzAEFBMlN|>4?nGy|ikr&SQw~Nn@ zHA$Vq()9-Y+xtit@|VHjc8D~ux>}8FO{2-r&b^7VD)0T)p(9jX*(GZbYR*@9ikso= zZw@TXmMBT;fEi79ysA>=@<0vC=o5_YVm(g$M8(K4(b(eBW^hX!h=MU3lwlhyjcjFY z!_jdu#CARyU5P;;>R`d;R36T%DWjX_5}LgWwu-&hvZI|bA5KC?E;LrxKUiev?03t4 z;4)6_&a(@h6T{b=%?+CN!8}Bp`)+kEgmBL6&?Ant<0lu!YEI3H*8lf@oqK*hA z9<_%tzJ%{}wv5)qz{t6>JMZ=xu~jh4WO3q4y=tTR~VTf_3ENG(o1oT5Y#Su5LHawCLEt zl=l)mgy+#x=ez6EE_j$@LL1g~Gga=xYEnDzw@Mu7rC%I9>r}HvnP}E`#8c(WeNxf+ zXF?d(fyUq#Yr39jrgJ$$MyIpo6Y_6{&!bq7(b}1t+4ZLmuRH(4uf?-TBWB_ z4*SSq*ewE2bNT*$l#Fzd{BneFt{JpOb}~%EF+($_=Q4;2q-J-&3$$2OU!w^Dj$xtM zj8LX;7!PdXkJTY{*lJF0(-E`qv8MTZZV~_W`hxT zEti(k6_oba#-A4A&CJolS@BUe-;-eenwzt$?AFU_g^kb6;Hg^UWgaGJ)F(zuq9-0K zcAq^%!oC^bC(N6J{p+_}d;rhW<~@e{e{P*JgtA>emoze$*}s@PK*oN<1*1^its4%& zsA-dCa8lI)aD7d6hXwPSxNYy0*Dr@(@CVClt4TUjr5MId15h5e${aTtgcB!5D_2!* ze@VXcI%7^>snw}EIk$pkgExizs}2Cb5!$Wn0xs>JJFH7Y{JpWCD0E#R_Lr+QSJj7R zc}!xa0)h1_mr*vWG$-RUeqQbeina(B`{UU-WXpQ_g0~6JeHv7on0vX~u~WQ~gTG8A zoEK_19(rtIweRsjs23?Be0fFKZzXfz@_^S~+ZRknKtufdguDtPhe^s~;IU>P;{ZHr zArPSGB3#Oz;-lr!f>Udm>kpi_6Z=56W`c(|r?1$He7)UDqi3FlFR};GpF$hl97E&X z3qa(F_z6l6g*5(t^M5oDAk-UpkaJdPCl*1fG=?`N6Cb6ChhZ~~hEEM@SH1`crGoV9 zgONlz_y87#w#w@;5YhK`A70CWR&V(3T;y=vJB#HDFS5RmxxSQ! zM6;y_gO=3Q$Imxpwq!(1Eoj~HRN}2wH-+K0N#lm;6p|i9vp2z~|J@QjM2~;wu7$|P zI6yMt;`UqV+7UStJ`?OduDkGz>2yO}e_5#pch8BizczO^2Iszk<_?te(naGpc~vRS>m0UUBGJZWDD1WA6f)WToS1g* zmK*I<-xm>~_&uZFic@6atWfD^B@&>lPLB|yk}2G$il~RSnV5b;5i(NNTbguZkv&-% zUaF=GuMXd;d>XMAAL&s||M{63YCK2T`66NQ9V1!#j0Z(bLI*LxB%GGb-lBO%C|wd*Xmz7D<`4QPDSMpSJYDvgv1#8p zDyiS4q-p08X=U0@`h}GAaW;O7^yexTp183|3d$YVj577#u_XwnkN8;hC=ghSYpu>1110bjcdzP zU}_R}O}_0DkA3|Jdv5r?i@1Cz5Kj34S4T z^!YiO;VAsE`6bIM=bZXOa@6vwTbWG4WN*)de9&i@ZDj>M!*XTitFOmoh72yFpI{0M z0Xfp|1aamiR)r-}>~GC22jBdyRHBpYY3ST?(lHF;bJvQ(j9uua{ibNz$Izb?F>`aT@nJ+3Qvn@i=6G<*Qv{u2fBa=habtXzlBMFkmqF3Ua7^*^wc?+WO}{}|1IeAu@;?QTs{2U`I1^BKTpI$v)pk(xEn1(u;B258j;&oH16DHDCSb= zUk`80eq9hFeQs2M&=ilp9@iy%mX9$b9j7HPn`4)#(@=T^Y;R|GqM0-&s^?Kbq_?rDcxin2ni7rX?cLlz8qme!sUS(VP)_z29=^IvLJzx z385W4Xv;G8S|qo|u2|eWa9`0d_@$atV)cuGbLbsg?kSG53y?}hV|oQl373LWhggv- z+)Cet^9}X_co~<9aV^+dO-JL}RXAtlb+oJY?eW(0)#xqe_l9oYAR_OZDQ0AKE?L2L zy0rX%q8`@~X$}E38mWI719XH*n7I62qD*;(=h_Of-WdH?e^4(I=QqT5(gi(4gDh~z zV!`#(+&jCyKgVw%MxT{xl8pdM*se>8IbIjUhn4&Uo?VE9-U@gGClzv;{>{G{2sVm@ zHmnOchc4@Ni*}kUPU%o7NfRkWpstM`;!t`1iU2FGzoDUjf3*L}fprzK>xrTyks4b# z+0WfP!G`7+E-Y*oHK`)j)mDaq-VS zi=}>vYhn>wQ17uFQEi_rJg?AtE|5z;Bip8Z1Rem--igBUSj?gQ64 znw7EOEUcgSlM?OSrvw=p%9qtMVX6biC6RZs_@%6WE9#1Pdta|(8??E(&%x1l$uMAk zpEOGiW$)>8Ajz+58qMlIJMGeB~*1Mo5kadPzd(X&Dc{lyXG;h zc^+T2HO-^}OG_;5iJVaMAk(5cVn7z;<_j$vpS>UozKl=8VN6v?uL7~CzLcT-aq6Y2 z2|Z^O=x2pU#!QsJ!K>?oyv7bd>wjP^Wd?qKxL&E*KWWV!yx9S_;(0Y=J{21c#e(vO zpUkh2OS|xPyP-Mma6=~3NaO&NDi@_hc_+&oo5oS*2Zzsl3}9aCpDvSRCdOX_8M*d3 zH2D;W_hei*UUHLYl&$E1-lgczQ%+y~K01y&oIl{S5){-Zqij}&4X2)OpypPSAEbG) z>1!f_$gFr9$U#+VF7l_-L$;sa{Hnzk zs6lGD*9LQF1<0iKW0MPbEpua(4S4n3Sad3i@Vj1iuhe(1@n!bC_tF++&hUQv|62e+ z)?>Lphq%7J_EQncdUh$m5gQ3o1DKTs*P22B+N>Tx^7k-4%7bfePC@{$KeIs_lu zKx3v8{#P;R43L}6GyYv`i(o_-AHxcBY3M`<%rVU-Ao>>ODV zo?76H1u{C%m`Y@VAK9j~Zf}H^t2{q2>6~*=)i)lvFla(I2dNn_JWp9B>k3^+_qBHV z&c&5CJV2{%t&poJo3>Awf^4vjtU^_Bcd!=(0bjh`A()jo=4fB{}HomHApR@Tz^}f&bz*sQ9Otu!?Uf$a-me zP)EJkQ*4Jpd#I+87JC+3CtF{9U;5-FkzsI$RPHmSoU6+l%%JOz9hwTIvRz?9hG*pV+1IaTLh2I;#{MOpN>l6q7S*E1REGa z(+kO=OZ*prg||-t%I$L*m|+_y{$DU4Z@SE7a<(ultA%SsudewiQxUjp0ZCKE%G!J{ z>vq2^ zd(*^0s>JjbPEc_6(GQK*Mscx7c`)|4A#kcnleMKy zI(-6OrksX!)lDYW+|Ba+*0>GQ9@`JROu|hiRQx7qB?;#J!;>1Fa}f8FT92>k7f6`% z<&Jqgsv6j#il(Z(3sM_yrnPY9XtmQvPE6sNj5gZjWVofgZ9S@K(ztzAzk-7pE_zVo zx{-%^Qr`)0c0P}9`Mz^MjJaJ-$91tnhGmiFrn@5l0|M(_+oSZQ-+x4(*eG^dY_{Mw zrq8T(cj8*&c443o@2l7sg+dC}3v&Np6GxG{G4qS@!-BwzWYhGoa;qJBm~Cg5)ru&D zD56WH_lD9CC6_$?%C?ib4QmLZt|lblPqpiH_EY>R>&guoS{2cEPNf1Wrr&e2UPQDIhP=;!|OLz2yi6iTs_K$yW2QVT=_|!o}L`;cW7VL-z&Ch1<2T|nhDs}{6+jog48i$P*|}eP_4meGLXUK(PPewCS_pw2TF0Pb5L4x#zQ8j~{ar9jqe=H^R-z-w`?$6NS6uLLpb|T@>9i(N ze%w@X(|!aAeebxodpC|VezN$Z)1f&K9NCiMkJx0Ooq8}Fa=~38@+>rZ>gkce$ohX= ziZ+JdHS@c+Dmh^!p)Z}GD-Hf~e>JoBPA@gz*0#qx9&gifNH2jabx1k**R!T7ZGtIK zhjlUmLJlV&#$==L7qOTK=v6!Xg>SN!{|f(0hCDXSp|eMW2?cAc#3bgGoujEax4ZYc zigcp!dxW3(^7Q%fXmR*8Tvj1hKKg6B7Cd>N%T;T6`?a)(QcyZx`_>y`HcCc35ls$t zY>~qNB733;CXhw(pQ-y_ng4g%jB0kcuIdWve z1TH`sh$mFQWNmlY-0JwBPN>60>R8kn0dc`a6}J;vTg47Dk_#0l`En#Pd&`1 z)Gg_gvw7*ZEcwZJ4O+Ek_c8|m0vUAJs%m^8A1}z2rB5#Pbg>4fu)iNmxR4w$=3nKt zW;7GuFJ4x%jI}PAtC(C|P>@cEI4vMUO%}G@2Dp1BWb1HxD~AmHb)B7&0LW0wGJCJf zAUU6@0CRdHmFG0*IB(bIfpW$Hr7v{sv%ljN784-gU_Y1Do*%aK$iH(p!*3U0O9ijS zpGAYI0ER1!+Ge$Cz<#m7@@RLl#lNi=a{P%yd=n=CRvfpHolU|t7R;Zn(6)(+2mkYq zf6uVKC{7H-43D|T1O8(c9IElnS`un5SCf;U1F|wAywQ6f2jTmaH4k;P{{G7~&rRGo zMC#~E2%*uK{gZM!+6GPfOxZXZ&)3{IH;TDk6^Tc(+-pii*BL|?6n z?;uQEiqbRw-)5Qnt=6ZkOH z?-mO4(k(g ztNfiPRi4S!LL#F<1wkVR$*)K$Jl032yzKzfH_n-O_S-n9SniiR%i1r!4PcwJoocyi z!g7mD%qA1k1+j2S-+}->p0>^K^E>%WR6ATXYiWayTQ1;-;oQV13Fok$YI!*d`A2*S zT2^2+hS<7QoQKBPo@0~RK|D>4D}_GT+>rH2Ce2^Pz!Phb=#jLGbEM3G^rZXC=gVWh7+}i!SlySGcN7j8{wUxhVh>}) zBnL6rm&toUvuOiQpHX%K6n+fgsv!-bqmHyijRrAAxxnB-T(y=2a)Q&0IP~5#A`54F zoz33pot<`h?hFRdZi;rbKjx}`o7d<^m(c>USlaJiHtixcTkzUH;=Z|;bJvGbS{YbY z5s>Ef#sICh02EZW^JaH!MqrzI{xdND$(U!Y`abDqGtrvvba0b3L%w$r1*S2 zp^2W9x9q-$*ors;cXQM1DP^-Vst_-`?|zAtzq0DlK4S8|xR*glofW{sJuaBP7odXV ziC9QDdM_f9GU~?6?vbOckqWAzg{vh6J9=YL`b6WS0FZI#?`m2dy{qu;hPYAlTx7FJ zor3``u0fV7cJG8=6m^}Em(RQiczh-`-Fe^&kG+_lR}^9YtZPK>#UTZ-Vi#%3HgG4U z8A9O|u2jmE)|`o@fmuf;Qhn*RMo-jX-8CEFkj%~WTe{PY(7miRi!2VZq=_p_MO7mj zlf~X6=V2qPKvxje{mEEb)7orhO`~8>Je($PW@Hs9 zaNr(x)jh#=SU2DU?yo}ptrb6iD*wo?pdlNU%Qs#nO&*r6+C}4!6YP6zBg$VJO^2B} z4#ppeOkd!xe;FO zgrx+IoLwn5_}z+QVhBG~Q}KtEajFw|&2r~AF5~@{>Tj8BZvWng+Anagd&r*8Sd=+J zq5{Kv7mxo3&3Red{+bdNHqG_9xMk$NT_v3}jmOm6sz?&S){3|tk%~!E z#30bA)$p(m!Y(V*DeM;Z;u-9lDeS1$0-R9d*`WO)*SUP zg7G+ap|TFc-MOUGj;QD?J*ufoUr=$ehBVjMnLAr40&Qik#-=p%G|*AoN7Cz$TT4Im zYx3WR7Ltm#$b=lJ{?z2KzYvBYHcG~0HUPLn6#_U;zti5#ns^x#OUcyp%$Rwl2hHW2 z!Gx65M+Cz;qBFnXq+2aW1u|8Y<{%o16qic~4~u{Cn|E6=!NC_ zO?*5$#EyGU?aH~86QyM0V0;x7OoLCW72i$#DVs>{77k$0mU7NDP1(DLaOVB^P{P6O zx20pd&!_qKr;=|7$IV!fs8$<;+nr#uT>WiTpnltA-_-9iP&udWeC{)6qPQsmJVMTs66^hRf^F>R~)P7uEF_7NDVbbEcgWfJfMgG zUnU)4gdNQ&OZ0~X{o4#{wkuiDBJD-+P80bB+~`TA^}#)qbn*AiF#|RXtxXV@sQNPO zVIq2@W2lE0lM^m#l6=HI+(s#=xuGPS40a_QQ%)+K$5OfX`K)-ELE!M%k)skCrHaUb zTF*W`^#W_sd3WZIL-4;6NBU}>^KTiIi?V%2o2uVvdbsBpL5t?Y#s7z?cZ$v=+S*2A z+v(W0ZQHhO+qR94%{R84j%^zqC!Ldjk8$?5Z|kORYSo(a;VZ2>{OK%W*AA&mg2NE$ z)E{#fgZdRcTOjLJe0QP5ldtfd)4FeU{fL)YauvSBx;?E#@)@QrmgzD%L-yMLZ1bzY zHrn4`zw~!UUY9%qpadR71cDU&Pj5e7BF{)3>;Ct^$VEiL5fj&UyMtrSZ!FCIe}GZQP_81u_kGLJw{;SLMUHjh5&Nl#o>j?vRDeu2Ix&^}UO#mv{40 zdj}Ct*nVVq%j*O_1@>!U#TE=KX>&2q#-A4vrUJ=f#j+ieLsdu4>Lo`51>kR0?SHcy zPe5pd)WD}Jm7A1hsCmT4w4txbyU-J{!SiEYsmI_!uC8zyFy!fN3VA76sxNk{SB;hy zbl+F#tY@lh8-)yQyWf0Js`0yT?D$IF{dtC#fO0P1a|F96jN1!kb={smQGg~#at!l{ zDM34U5^S~JmZ_hHw=rp_R}cuubeEb+(ZOd>$6gwmn`6Fj+6)xCl5$b^-hVL{`h1DQ zS@L)c9vT3f!j1f*Du{XBNlK^!qb1{)K>CA%t;%Uvlq)#;X-U+x`?s4JquC&}xB;Vx zlrVO*Py$S1t`CIY3+}U@t4G3A!Om%Ivg{IF292-6r2kK|ftcrc(}IQCNwy91W?YLN zN@!(Q4h}GtBXh|Z^jTYq8ORM!-LPqb;MW-4JUqI!IJDxGIiul|^>5JT>+E3NKx0}E z%zmoHZo2w%*|Unatp+R5g|IUknP6fp#Ee9z(4JJ$tJvHdUE7u4;(9R%B(8n8w7exc zV1?57wAa@_bZ!)M6;C(Vf3mCnost#3uJ7gEg<@XW+0}4ff{7{A)l+0R5A*QsgbP

yrvV)I3XyROFy$gnsyvBn61{+A6-H@g~h-M6szW9a(^or)$3EE(jL! zwM#XyTix%hKZ{Q}6T!=!!?X#s=h=Km3Z->OTiY99ppDX!Dm_)|A)WIz-?eNU_u0~0 z-Wq}6+3k!tVMuB_<=w01*NOj+r*mMBGu+ztOl&o_o5pEuqp@vkV%u!c#*Nk3&BV6R z*l5rs6EwyoU-t2Sd;f^%SogEmd7alTyFoyb`+J#VAlQEpXvRCWu?87QLAu%Rb{npcIEXndSQKGN%6Rl^v4)=XOvolNyN*8p}o!Kx)#%z zMIJ%rJvl{-2udjh^r{*je*B|tDyL!&m46rUtuOVee6ws~+I>&i8|(XTykxS~%AZ(9%v zRgg^BjyUQkT1`QoUsYuxc9lj6sr`o9NwQ<5Bn>^^&FsUyqfz=4WKhopC>cwOv1p>* z)naIC;LR(gH^2pSuqU^O%`;O-7vB`ArWZ8XgcYGtb*Lsj_`dt0$-EDT#!@F-u~TJN z@}$>k{O4V#LioOzfb;))M>_>Z@*gXoXLf2iM^fb$BGW^nDu328efhqjj(AwF8~^9G z7Mm|aGT%i5BCq@xKO1Y4(L+N`GHiPd0y)XWI5;|8q)JWlC>M0R9YEN3)HYx?b?Cho z@ot=p&L6aR;M@6cmHn&!a_p46G)+alYZa!9SNs=JYQi!`24o>2wtTA=VFy0fp=*QcRjwVrizoWBQ~c2*~2q~&$o<+r>QMGc?OvA z9*XQu!iyK1_`^VJn2ruVcZ&2yT*?%ez}B!^Ruu*UWaY0Orx=wxQ8DP_1&mg_b@a@4 z8`HgKfvRyr=OAJLd7J#N$Db8zq>;0{!rJ^1QL#Q^e(Xg5z+U0zo6npKPoW6h99p&z%OZp@ zEBF`lB_3TylfM>Y5SdxYb3-!^l&)io*VWZNj~pA^#^37Z_F2n=fnD(8cB}w3CvxpL zpt2gxM~&(H;$GD;C1ba52uMCBC-{d=L`%yy2yQkx%!F7djm6R`0Fc_ZP2D)kNeVKl z#atOW|m2wAkrN6w`ne}2^I(qnfX_{W`C<73GaC&kO z@8+yA)LXnVHuG@Q+`DzOocMDTu)$RN!ad~^thJjLOQ>X*C>VZ>f95@XHbYQXmt$S} zGEa2I)zK65c8%A++yixbd53S}x};l!M%(Ljm@;L$3~JR-3@6FyGXtG={PL*cj>u5l zVThAA1mP3jjoZS(E$lkY2dtI+I2;UmU{rA8~hE_I4+EWTPQgTN_$6HMts^ zsQ>011p9ZEz;u7&7N#kYH8$9hyzpUJoglma4q3OZE{QsK^9-(9f=)6n%U&~r!%SY! zEC>;@OF{Wd;maMbjYjJYKKCRWiY35a?c-FJ$*5Y60*}DItL-bff9${EojG}&bH|tY z9b|9HjJAK17|B%m3ttc0K$3J;LA!FoWdyJA{Lu(;QOI15_QE?q`@jeaGq?Qmxo9+i zGv8U=MrGgkDLvNZLip&m?&JSfnT=QN{xf;cKbALd34)IOx71jDG&)Xj<>~OrPpXVG zyK@B18EU>yi&tvWxxvpY`p?%w{;5J4;y-#(YaW!WNN^~i7pVm*saD{-7zkIw6GpWj zYldVNFDzFV48HiFAH0?Er4N~1l0+Q`r+M-4Cz9xWo}w7 z8g7x943yaSg_g9}M^2iX__Q9Q%>jsKeo0R7n{AI6ZpB#cJx=;zo8{y6P|AO|{pUwT z=iTJe-iA_{kthkRKm|C>*Td(TQdDnzimjM06~aV9+bN+1u3o zsH4F%-u6TGx<4RfwHlxy&l>-+2%&vS2PZ1W^=eI9gHqSa@3J3X?bofG(St>&DLSo0 z{MYZYy&ePzpWqXIF`dfA$%;uCON^L>gQ+sKtCNvRH}hyew-d51vA;;N&Xbk5q@iH% zyk{MD6E#T0Zx!S!wAR);*S(unkL8YeLJ=f~T}Dg^HXh7r9?W??47CQDb(#77cN}y4 zcMCYDg_Tx|5LZsFm2=yaEk4{bd@@TMhb-uiv=`{>dW9w9JKeh4|1YLi=!#X z3N{n>|D^Xsy-Q8l;gJa_n;$uS{nIvax!CZ7-3;Tza~*VS;p>3)PppdKTv zdclwCi#7eR_N*MgTNx$>g3Xr*rR-`hX_Vf`C#95HmxFqrDOaE`6&?3F9;hO&kxF??nU?q4ksGT%Lqhr+I*QwmD;oP;ZhSP7hJb1R=B6OtK)+11L^HA0nOGWRI z4HB}XNAq_(BVE#+$U2#63){P2GJIZlYGUfkQlHnaRJ8|*tNrL;#E?SN&8DzV%~F@w zDkgoUL#CncM3Db9r( zn#=q&_z^MFN1C4^_I=z}wWdkEA#nb21m&xlx6UmnOWCk(%9WzLV6{<X7YIfP-v1Z`6n&aY!ehdwMkQtq#vmj2>=~V(Hx^HU zv*Y0jGyO|<5(yzF(}yJryU(iX8j8D}W0R{n?Hy94W$bmY_iGfB7xrofPy+RrPpe88 z-Cg}@QI_R+`|&EW295c=zWA7#T#PRK^{p@YsYCXVW*7R#NZiCV0BXsF4e|fqTq|;Y z`ZJtM@wUNvQ`QXyNe6XlokW7Vu{m5Z@as`yskk9B%&g^?Qzb1_J53hbuF zVViTq5tPNf{*RmyZ$4-~-s4TMA@@@un_nyQzRreEDD7e*6%i!LzT<{@0-4k5B6S z2+ec-c%WMjQab{~G^4vDWG}6j2x_3e3ppP%7G3{~={gPomNS3@qgH7lG^NqB8=-n~ zYGx?4S)FQWvBn5Za(GStMECqbLdL9_umdl;Tx*oR@}sb9Bc%lH{U6aH&&Y0)h_)G$QRyY z#l-Y1mzyIC8m=(9nR zIY&gnG&4f&buwfP21hiB0Anx?;Yy?t?uKMV$S>jYWfQ}E`wB;bb_sKFn=YV^beh{5 zv;WR0OFg@bB>J7)d$Jp$l+(6yzudliT(0||0o~FFfmC=Isxjc}m64V(v}K??LbRq& zQ1)pq+EFQdk2W7hD4^Ugb3J!Gdlm6IEV{VVrb+**e^;R*(3Y3Lzkd?qkTX;L9k3c~ zNySI`W~F%tp6xoJ1MS9EqfxAl(w(H19?2G!F4~#Gat4r?GiR39xMPIF?!bHchmiI` zeVRSs%Ur{llO-`*QbXhC0kWfWn2_iHGGBE?S2Y*D#|@aB5b_N-w`OK8G+lZf&O_ji zWpzY3g1CI`nBpJ1(@3|hr*c4(WxMfMTYt6XxXM^~RUXreHrpxliMQSw{bGu`m9D*p zc}*67b{vOJ>t5K%j_Ybk(hzu>bV0|e;VEmR&eX>FU0598Z5OY^dP`@GxIyfLc*1%- z(T~nem`s`J8GI4i0>t_xrnjhU2%;>BGE)y()QiVDBOicw(eeDz|7|C>4X*9Bjg}#R9YVmQ0?0DqPM%JBYZ~P% zZ>r?YQ?@;1wZlIvI; zFYcKlE>Ai@xWQbb4J=kIkzEK=jvi_0romA=o1(Ev@av)4{rw$rNvOC4`Vsm(o!k4@ z!r|dDDbROyT8_JphN{MxYYMV~sOL6a`0dAc4_>W$3Xk~b1+#lA)S;S?j6^Ta1aVGu zwT;{UW(8)Udc7ZZWmqFcEFIopd<`i zJ7Xmc`PYuQ?TI7$up3Q@_0rID=Y84KbIl*4T8{aYq4M({Gc-X@kqi5yP**oM$ppwZI0~IqUp3p=&ATw@0P&{WC6V3Q-sjuiymc*`ve>`2EnWNu zv^|S6BI+m^QN);W_ZEZSry%{q|{XY4>nWsk!iax z)|rUFCAp3d1wMcup&fPHp@yg=9Hrs$7iOg75vpTdUwv3a^R~7<-JwAIu;h=~wRXn~ zw3P|irNat_C9$2ssqQW`@UEE-jcJD?qmxA2_-p#qQ`xPMXPrhe*gs{po;@S*GadRK zj?VGwxwM?Vf7k**@N=s=3eVh+{+2@WVtZd0>}n9wQX*YWmqvY~b`3>XWj5dp!XhTc z*VM4YtSWfbu!^gPLi5{K6I zwsqE`VjFjp&@l`}bnEyFsW!dpIT1z$SB6AWa}47xxjB1UfE&@j(Z=mBF;UNVg`s-kMa-w*HH5hy|IT`&bRBA)OA$s8tGT3FicxYnG}rPw`k^?1l& z@Lh`R%YxZ%Y)FmeM#pNQg2H2Hj<}XF>cfK$IrgF{TeRGO_(&-Ph&^+T{ zHxiUDHKLyffS(qrQ>FhdO8oR=D$`xCY6a=*kj(qW0Ry0d=ff5=hC}-VJX5Ewt7WwQ z1s&5a3hILN;>}|Lr@NbK`_p;!l4W8!NV6<^bX}!w zQhJF`0A;_Uur(nxOEu!9t$Ces@#1se9aEYf6I}k^``Vc~yl^g|^nT-!La*{9{_gIu z3+N8i=Q_OXO6Rq&XVBy^S~PO1tIJO)&ImJ|Nfo({4jnhKFWyUuK{y1T>5u)Wa|(f8 z_~gE4s0R`HVV`hscy5O=y?eCzHjMNJIo;fYaVFhJE`OAw1l zNS6`Q6WE8)llxijA-B$QOmkTaYOq^v^3rG&(^7>Ry(Ycc}#{YZA7p;QP-y#*Q)%(guW!R=`}TZuP~uBOh~(_xP! zHvumjhQgYw52Zskn@uSPj{7CTwksL;L0LHAAEtWN!)F$T2c6lNFV73_)y@>}G(7J^ z1Yf(bn`OMCqKsnWUnEI_pI=@>!yO_nwl@$^+ZoyRPnO7)t0!IUE#RxJvtVsuqZ(Bx zE#cND;y}$Ms`a4I(h4tmm-@HaK*F`#oe{H}rKl?;d(AS^Ei4j3rg76)z4#Me6$nQ; zn7+KPRw}|KpY|oCry)B3Nfx%&aIXH#y$C*1lsJ1nhtsC+J-et~kEX^P?+9Y_Gg@ey zZ2`$74Ocerr{u{0R7%Hc01d}PGb&+8Op#3Krd)RaX-Vx`cg)-f7WQLG-xEO*N84!L z84dBnq?5`qhD{KrI>&DpnzjRjDIBTUu1djW8ck~`9Zbip&@;RU{m(+#PKGt%7o z6-T8;U;L3;Z|t3kjJi-lz6S8g9llsIdGg^t?+|4{Y}hZTu&x1@7vUOg;Wd{<1z>)K zG4iOsHY8Jnl>S2#0g6jg{y>CzuN_YaM4H#@;*8HGvhJIp2`CQyNgX4`#d7Hf3S8;`7$=SSY~gN z=CnVt;%bgf$HfG&WnVjtKU73(vFa`Nb@ZHqy_fBE)Sm+OH2<+o&k+3-KvM# z^`cj|{su`fw(Wf+&o!6^2>OIhL}56RwPZmbX!OjKk zIkIYn+;o_M%tH%qEa@@5{j<7i>45m~@2i1Vo59%@1k?d<5NblhkiM_?U9Y6wr%=qD z4ADosmmQNwl7|}$mF$|XKW@p^)Pli>)kccqyeyLJZ)$>At`5wpiMYtkvbS?fi87J< z-#67Uxfyt(9da28@I98Hdqbl*XrH*V2NdE-QJ%xj9x+9Jgo z{6!eKO070nW|5=X54blc*ll(+OuEqk4?EfC4Dse#(?!ih4F@R*_*z)y*%*j|jo&~RJBp1qvU&rAbFWaZ5`$nck@g4k9C zRepd*nmfYTBgz4>1x(csEnWnfGu8>gF25=$uNBHsAh+CxtE(Je1+C+0sHjvHq(V!I z+vh7Qr_yO##vN7Rx6~Gy7wzG41q3xsZi42V;C^kS)Wiul8A%}7r2cea7;R=xu94dp zX*5SMa_}~(WNj|cEEn46;|Jz-wx-Avs!<1zWT31>w#+f<#!dMu5>&cL zqINHJRdjJkd42(Sf;u0{8HM;Io&jtAA?R1^O3u6NWyaZ(VN_}#z8+I9&+yLO^!D@s zqC*R&t*>>#^>(f^?(~rx^~rMdEpSEP+C;)^z^5gemR!RTw%6$ljz5lZ8`bW``15Wo z0Jw=J>J@LKHci_Ed~~;n-+$G1ZxR;rib3PpfHrc4gwKMG3Jn_o(Z&fP7*nc_M0xwP z1FQHaXG43c+ilHT#Z4j(1Sx$!=Amh%``trRl8BX|IdRZovMWg(1{M z0b4@4Yt2L&`ta}DrO1OQTuY!kPK)sS<*B+2OJwv47h zdx$Wp-vMU2qqC7@#7+JY(`S0&#brMBLXl<*P;1yc?RlvI~ zG-TWV1*Q8b&!BHoSIM#FrCp_DP+Uzuw`=tC%F>W;)!EWTkN!?c7-FNPjw5y$amPf2 zG<5#@v)yiisRdH2gd^-3?bLGy7D}wGIJOv2L(5ZL?Tj1Qt2opF=kG;vF%G=qyeFMGzc*k`i?$k_V>P-MyZ)FqT|n8 zXdJEb&+C^`T-k`U5&L9tOK0rG0If=DZL>8S@?eA`WsvExakVLRiB!7IvaWP!FA<-o zJ<0YZS@y%vi?%q#?k9DdzchylpgIMocyaV^sa|pEwkDcXUX%e!Wk~v&Yn5Z+7U7j9 zuqy9|GZGDV|Lc@z=~D!a=j4*0qg(ps7YX7&3>X(alM+%lKBer@V0X@>1sSOWWS?sU`m5Q}oYCIF z`o7{P9Hr~S%dIX*fYh)M)1^N9?;S-~Q1x>>V^=(dJYWSae;I^vfxB)mio<9hTO9jg z-4_|4t%LKr<9|LBz2!#!cAE4afPH!Ur*d`H?BL})wgxS;hcY^}tTG>ehBLm5OGs|R z|J1Z*lZDtJ>KrAru@Lg*AN4L}%^P>*kJcP}!Sqdeo#FtsP3W8c2vi=si1HLRxH;*k^3(Yar9d`(*8LF!O92L;;q5o9nCH6dG@M6Ou zFf~(#BVsIziLgW^kqn3x&9P=)O?}j%i~;Fb|7?>fu~vrqm0fJfGC72bzzhII&WwXRI5w=l9qyr!SF&+-J@U0ik&8*%U2Y=01&W%=#8> z+{g(l@112{pL95LD5MrAQ0kfn)(|wGc@LL9;D%lOV)q5~CgzvbJ-VXNV+?Ae${BWX z{NJ|fqGgb)XWscX<-M07 z`bx`cviswwK}hR3@oCQW>Ombl7ti@L*FP@gjZb!V3@ zSE?zZ=p{Mt!28c`K>xSofSP%d&ghh;c!mnL6?qPaG~C6_$Gwa!OV&Dx}w zZn1FV{+T;B)0Gcm!Q8MAP8+A1?zdLY|Hcc(b1#2KZ(sG+z3p5Ca~@tVFc*0UFn3z2 zv6gGhBf^-Ltdb{gVqVG*k0Bze5~s6LBenfvs=Uz%43XZTX_rHuQpnDtYzu?rK*KWo zKXcd^h@rwq+R<57(BEg4)&0m_U|^?_ZzrdQ*rtV9CT|F>$o7D0_rY#6_&~is8$V<3tk|s-1#AdN zEpA&4+0FV}4y{EPAcVZj-K_=uR`%5jc|92~plMsO5u2|0m=`T#lRoY~1LY+KCMLo^ zIm7ZD2=G@QNo1{zF=NT3)CxV|9G%#b=`1Wfolsqy|79+EZATQz--)S{R<7`rSAqFf z3&Ef6#whAS)`9N)u*#Z_yTdnu}yc(gd4>k7CY``8phmhe+(K)RHfmlJb3B@~+kO+OSx5E|I3-VD1A zH2uPWn|YGlI5n{*LXjm5uRuXWg`tQ;sa^y3=Thx-hRR0BZ}+pZ6Wp64jP;mcB;k2% z(k0ZW0~{9okN2Wi<@Fe}vQ@-jj={sP#<;#H?T+SwM(I^O5t&XEC%7QbrEF_lmaC#~ z@UF@7d#xRJnDSTkG4hW|7s{Y{K19%sTaUKXnS7rpUS~HNbvLiuB4rcDsgSK@l*Bd- zlV|%WSn&#dUv7LQaqLO)Z;;=mQL-|0&itZfxCz|+FL{1eioCeGAx(=gUZ#UlEZX6^9BJcrgc+wT3L4hK z2g4k1+Ie-IfzzZOFCu*g+ENeItlwkELTk_NM*8CTSX*b6F-6~8HL45gw7L*vy05x5 z9#Dg!7rSrQn87$5@m*_e2jdRhzkjoq9RuoSYVy|kQSsY6&d?W`{L7zzA_!|V^Uo<7 z`?KW6b33-8NXhS(vXofehG9w{uTXIgUh160*Fx=f1wL_f)w8>ev*f%#FvSCCIHvPO ztFGtQ{x{MDw2zwZzu*TPv)pG!#u&{Iu`g9!7j5C~6;;y@*9#6rn&6!o!Lh#Jn_Zkt zYTu%h7Z&-ImIG*O#b~1MOnH(d6XP*#j}7i334p%33u#+e_|OO;v_se*h>?>^cqVvs z=N~fZOxYNX=lJ2S-Y;2o0e5-WnRO4CxDOnxO1lSL3s;yaw%lr8)dr3NX!sK+HY=R>HDqPo_9$)c#-*lS@x8p z`y4)O#}AeQ6Mh^0@+T}vX*kdEi=rlh^{4J_kqKOsiZBXqII+1ST*e$oKjIKDPn{Q; zJqM}vS95$qGrw~6)cej)Pq0IOy0s_;L(}oY8lEQ_@Iby?le^VYvfq$dE;BvNQ@p0D zgqT)`Q(ez)pZ~v1MA10?sB{~WWRmIZ zQh1Izw|5ncEemC)gDT^0Mb$cCBmTgsa4_sm$=ZAosa2l#I~;MER{{37Y}v7OG2KSS z(p*CK#}L%ibUrPyu|ESeWiO9Cm(LSEm-_R&q^wx(qnrW)%z*7q&V@k-IJsq-Q%vvu z+}A&=N~H%AQ(E(b4)*YCA?Icmf#i1z{aYVn23jd-o+8n|lM{Ow6{ zP+ynV%+#m3$#>+`coGR!kx_%bUUCtN>QRA##?2qXEtDmxs{-WUH;z%fYBIb@uE%iH(Ef-YAltRmN?HVPve#lKjjHLvMwX9ZAM zzWvfIrx9Ij_PXc2-0nu*h6TxBz-~hxO}~60=ljS)6coKL2b}F;bCIa?EorXCqT{#ZOkW)zlUK^KhhPn0A_j;{cio=C(XJ zVbjJJR$e`#15*6D1Oo~PnB5zT`)9Gmk)7cPxQJvkA^=)u;2Z5;k$G*i5y#dPWqW=AeE+)%eGx+b3VC%?r ze%M$_C6#*C?h3G6rTV&=R>az1$e%)>>NmPU1qU49(Xj5CK}#_%mtlYblZ#dpuHYIl zNyrm##&~_0xBJ>y;{$%(`JeN8*Es^*?{qJX%+%I7aqS(IAkT7W^s7_(i3j}NQ>Pw6 zbsp)DMTAnr-TT=WW|ZH3_%01;{0{z2e-Qd*8D?R^V7frTF~UdDbV{4Fmw~i9n-v`+ zV)tWBVVszM?41lzNj3F7OOff_={)L+!edz4bLj?{;?Bs zd3K#V>GvJ}Dzj!AZ|_WJGgdj^;e+LfmA(_$O2OHoFBk&Z)1W92$Bg{7nF$k8eZfN1 zs%uQhM5`^$hb3HA5y`JF#VKAxND1q1N3u-WwdU&rvLQH9A>&;vGi}?UY>u~ROUPTl zh;56@;1@%2OJwd%%Y`S@l%Rse_2|Gx?qR#M;!z-M+!;^XEM*(sRk<;BO@fz%L-~nr z566@|%}RnJ?&D+z_RwY)7M*ECTOiTu6!}PmTajXOYYdK)kL+FD<%u#^z+vGEgGrW2 z7MXk4%aJ*Z+V=m46UD4+l7;x@V9HYrD5rZds0Gs~P%LW=TEo&Dq8g&;ZZS&aE;~C1 zvFw?}pu;-D9IwrczPFz4_e8cWJ8G0z%F97(H!}pi^DE%bpB{-rYHl%`Fe|9)Nvn0* zF#tMkV6&DQ#9-7@4_YnLGTU#ZWH7{p3P3*aNW!BP3GD&?hQW!WDyl+#m+C2nBIqGfQk7cuwfRHR4+)F+wjjo>W z?LtBO59FEd_wXn#NH2$hAuXgX|B@nAIQW>7kpibZx51n zeOVu>9#mfcy~PAS&22Z5$)%_WCC@qI!i-P#eHCp+mFz3SKLn4U~mLG!}I zmPx^9Dg`dg{TN3%^Xr5w4f&d*!tvuc%=ODn0#+u;UiwYtUfxa41^44SZF#`Ew5-$6 z*p2|O`5%=s7@K%Gby~&QdF^>*_^ndsWG&1D$f@Q=sGhdbU#qy)fg|p@{7TMhPHQte z%MCv2qxAfB!a(p3qea{?FPuL_w}NHAP2czU8VRN3rgvmx&ROr@?xJ*2d!oPx;W+huRxua}9{@EzVb7yv1B|zw&7F2!HRq=JxJ5OfXUq{yNx%W^;q$bw zRVLU02Q8I%ev`x{tV?(BLx19narm;bZ*9|Q;3Uj9daiAeHDnRDmti|GVK(hpEWp}} zhU!jVS`UU7UOo8qwIM}SF8eVh08b$vhb?1p4zM@L6jB+ zeC^FCj9}?F3V*ou$=nMzZdJub$|F~2kk%`&*xZiPor?hUg`uyE7Nd4@AT=P@0nDoW z8;02)Z*BZbY#2doDd!R2Uf#%$8d3yl!TK)P%0`$ll8$aG#+L!{h+s9mks3g=PVwr zsU1b*AV^MC|GjYf!Iq4=7@Zs9kqse?^lV7Z{n)F%<9X9ldo(t@XB5s$f?5QgJ=9j@ z`V9a5(S%8iHFBrE?mMFIk7nex6;vjeOS!&U>m~VH&%C;JME>}?yM=5$XntFsf?kq= zR|maqRDB-mi4rE!xA|t5^K|r$;Af7Pr?R}^#VI3H+0?bt6uM<9T?+h~aQRn}w};%%}?AgJbkXn?R49qL35+{ASh)W_rH&SeQ?Z(dER54MGH zHSP@WG@(OE#L?p3^?ON+JaXzg?yw(RUNnb0M5%qQpW$0_4Y-n$+UV!(ZeOl8UD0H~(Qh8&PyE!# zbeI@#)iGKI18(s`cv(7P-OJwgr8wloU^|Flk94V!ib&Jixe5Q;RQHioP^Yt#7STWH zTRe+32El{pw;V(?FDBHlsQH!wC;2e>FR~FcukNPTU!r%dy>Y^5=^{iAPt=qZYGObI zrOy@)SbP5=Kf{fnTSE>GB|K{+XwWRxU9B*&S|aSjxn;ZG5#ec*NTROn2# zd}}i$RWkHz%_Yitr2c7`A(W7C?mJv*phQU$S;0+xNDj4idMU<(N z|Hem_W>Jg#H_n7-q@p$i4No*4#*agF|846$Vi~N!e(q?6ABJ$+Fbd4E4I#o-mnU=^ z*3jY2zVId*`|=!$eOv=~Nx30$ia{=LnV7c902G(;Ne)1hHywU!&pzr39 zyk;z0qISZ{G(J>N+30w~==gJoh9XX)u$Ky<{?svR=+Fj^kbI>bQ9%N)q}fH5l$i)n zaoPS?0@>@+)To(=LqBuZL|91!?tQWfGywm6`N_mV7B^+x{I<_e8t=RT#R>1j9nn(G z?;lFv0<+@)A64FKXkqT}%fR6>uy9!puQFP$Bj=?H^}e4o+%fT^AlVl$mF_D>%$H+q zLg8kFl%vL6wdvR=(aiJS5|&H_gT1r(EL(g?8=Z|&+piS{S7#|B7;xK&#YNa!-T{&d zC%zF5LZ3x1Ux9O{oo&jhcpesH^8RD)+`x5?nhIww7S*-jR?sBk7^txrT z+1vB9&g649mS&Yi(M105T4$-BB|#EmdY>45ArMRPa2fuvks%s=0quEfd008>wtP$9 zk01&FOV|IYX2FNkV`OTRa2!hzP54yR1W%b_)Knfa*bdXUo*y%)I#Sc{M*ohi(@U)jzI zi@2S6_h2o9`<1y zqS2YW;7X$=Pk6pF>ObjU@#>kJWL@ptF$XB$kC}RE)QpdPEGs;8Icv*s^|_fw4Mt|) zNAA@$l4EzuJ@{3dE=ijxua=LBLaLDy4Mj;(Bq=!YYm$}9(O+l`b~QM$zpXEOWKODOKkP~uIgJ$SOuywtRO42}v`5`ySf8x{|H1n7$gJM53bvp**6CymiQW z2C&5OP?#BWS0$ZE(}c(7IP5Ap!xs5tL~bV12JjSU8KX9<3a&*buZWE< z%cRkvM*n1p(fwGc*5jf^5?6Akpzq88Pix*nw#wIL3t&RTbA`LI7yUM=9ic>bzV!!Q z-+oR_HS7_INNVW2S$YU&_oI-=^})nLzYZ(n1HoJYMQW{iTJ7v2ydq+-jkSRKjz#c# z=jV~)9&a4~j=!cZfn){iJ^5C2-klp3ZXE=|yzuV12#z15N0qcw&RDQpIJyw?>h{?s3(4LFE*c$mB(9XY?N*3VY`{jIOBW29CizN(q*-Q|KbRBiNL zym+~J(Sv#6GX;8Ze;e2ye7ms_4L3tVRNq(IoY#TKV1x8347zf9;%;Liw*R_wFzL>C zwzKAD63&tiAZ=TAvL=WLtho47DQ}=KdpZ0nY+<|eLEb%mK`H&irayit1t|j>7;L*u z*a7%B{~LaVN2gwUxLgjL+J3bNzEmn8N}3K(%S|9=)Jk3D#{CT75@UBnuAlX?zq;GC zXVlgFeQv}eRZKv+G;I*8)$lS3NcnVK(%(DtO47fGdeAL7?X|0aMrLC| zbBO(kW1MzvsvwH)qd18ElE%Dv80x?vvzR2mb%f)xA^KcEVv_GL>e+X}0SLmnA=mM} zxF7y3=dqeq_0j3pTn3H0I$BKPOM)imG-;RgPNBL|W^U_9LvKK>UYcDcO4Z3oRkr`T zY5hGyG7td5P<#>-&3euhTMpyM=hb<)|*6W9t>l3or+IRk5U0iurY*j+1^~DL! zXt(Yr^Oh@|lci7`Kg;2Z0VIx%HH?_nMr>)wfIMoy_<{KGZaF#n2A{TW6HcSJKr>bX z;|xY`VefmYM)8IwDRE(f^^BtVKWo6HPrS{)yo(C_4U5NG+I9B|@zU^GrFW^>ih_E)>`;Hv@1B+pec_o~ zMx8hcb_r8@oyutbShcizl=pTf?_U$Pu!jCO1?d!&%ozm|!=Fa%TAFAYFTTBWEG+Z6 zPV`@M0y+@v!a>*to}Zg*`%huS2Og2tVWlmuhJ+iOh1=rlx-alwo@Mj;eiO8Gp1t=6 zvWzCu4e#B_)O^+n+iuU(8B9Ax+}v~jx>}sDorutWZ={$);orsP{r(Ph!q;nLu`f29Z}GV#5OLl&idD7%mR(j~%B``DHRtAREkHTf+D8tYeE0H})} z7mVk^XIH~J$67)yCa!f_@9(_}+JwVBY5lhc9Lv6Pn~6;7NnZH7cqIHeL5FjezJF}L z?6Uddb@(FZzc16qVN8*iA01tu1|@2UB!OeK)2z!!V}LB91cywsJSxl$u{EC|Wwq}# z`{EYV^QsfAw#ihm;%vNsfE~*romhjUY+A-BaBb0~C#6dBHK$~LHsbqskCSOEFI)RM zmyip8Q;%JIN&g$LF2Lkzh@U54PNDMDc=!E>13@bdREy$ys7dwCN75V>N?_EQU{gu< zDiT&++)@s~>QOE&v52F5>~ku4n+b~+piHb(ozUy=|Bhiuu%WBEhz)!I_WBE@H0pQ_ zKs&*Jf-=9}ye2hD5hVDc|TV`yKMDEiRT2DP1 zNX#@~e$T)1944*5t%|wTBbdsm6%=dzl=;hW`l`E4fT)W3)yDxg*Gkes9A|xUXe*wX z%@*&te5RsHT?Q?Yt6Zh#HUxjx`qS>f3z2L*&iMvNSdfrCk>mpccW0tK#JHqIb0!Qvn5h;8wXCW{rj5xj$duj zHg%xgh1fKDJ-1;?cLz?oWB#HaOsKb133xcX&uzMpA=pFHcUjx!{j%dY&soZke2n`I z&bH|xs`@$TlLMeJ5*}fQyPt!m5+P}chM4E8{>_54YUm4$UE@dE45vI>GKop6j>y2I zup{qZ(E1`h-uscnPbk^Z4$IN2Vtw~SPMS-F42gglJg1MtPgl}yzbewPNJD;VZaY?{ zoFxpE^H_J2Sac0Np5%T@)O&aAv-pTS^_ct2+p448k}r)2xx<7V@;4 zD{3};{7F1a=E%d>`&SpsUUSPTN&d{2)^DCefw!5k;u_9dwPT9HStWfQZ{LX@{LXhi zJ-gojMSmH2o9T%QzGZsrHdHz7X5;Wut8fYET>fGJXy1XA`Hsb5j>mIXSbF$`Nn9 z1^;dhIGC^c4pII;&V|VhYi`W>c{Doc&)ZX3H@Zn@JzjroL@ckhlmP!`asN&f^z)Jm7&j7Zpn(V=9uFw zGlfoS_hW2E;^zI&TRuU5^*RtX4d;gv<|Ed|FXi?U*P0O|R|v-&=9yBG@p!lNg6 zhW*>4VIW2JZ}a(7%ctBYCVkCAP;TQv>keod{T8j3zjcbZ`@V_-4+^kck`=POyZy~6(o%0M;0yG~&?o0Y}3>;tO1 zZFU&g)?x{x6g?R3ukH(T3W1PauwC7U?aD}6>k_x@@l8OY&)t6G#q-*OHBCuLBfy%1 zF^q&-8#<+S*z}1R$LA|cPShSa=St#ex1pc29EZuQQ{uLkE)swQxV*iGFI?L3?XIfw z5He?=zTRhTB_T0mXLqr@v~4^k^dRIe;1R(t#N?(83~PP1bsMtHNlo`ad@U_zNW0yk z7C2NvNRvz^E!hyYRR~9jdC%vjrJaDb@W??47~z?C2MJ3%$B(i9Pd{-Pdy9GQ_6fldo!R89C-OR1w8WBo@*@y+uY)8Arg?SRTnT)Kx%Rzgt2C&&9)p*x@%d z#o4&+Te}K{*r;l5J8rZyf&@bZ*ENW=D6cud>k$4d5`vVegNrTXRp>0?yuxwcC{8Kv zJsi)^5>(ghMLKD``$Gt96FjTiG-GW;ssfy=1q3ynPh>lV7ca_O5CR2N3Cyq%!X{Ti zFmmQ&eC-?Wz>^oZ@ae}cU@_#{JypNI+EF1n8&oX&|4`4*gKL}nv|N&Ao;@6%9dsK9 z-G@W&!vQySwKqQ}1mAXvg$W7Z*j4n!It!t|nCi7r8nrR$fwwBP{rnfecVj=}(7JrT z9E!wUCseq9*{?!4D`h)}alBRy3h^FlGZQ}W#@q32@4gp5{15*z{>cC9zrnTb9q%p@ zH*=w-BB(2(i=|m9_)%4G7hi3iblv_&{m--UOZWGe@VuhozpTHDvrmQRvF-`!qe8}Q zN2nz*^fG0?FY245=k(7v9|XT>b|cf6hL72dapv?HT)TGp)d}>cU0@p1n8qt{eE5U! z{o!}N^G&$@>^VGjRj{|09bzMd_9&?4S$mmg>g)lHe2%)6eFMi8EGGxOD2iWGZc}VC zt#CV6yAf4yQ}i5WQxvzp(NvYzRbi~&t!P&bhCx^~*+W@#}s$IRJJWq>vFhp2KsGkYQ@><^gK4UpxjPQMif_ z0_76Q=3q|@D5bhjFLK6LE?mRCXHR0D7&B%Il+@3a5;yQb8YQeM{;MB&0*;+obXFu~ zyAC;*;#3~0XMJ|>?4Zb^21?cMgsHVXfQM^2^b6a!Q_oUJ%2P`M3+#%DSesfr6p|~H zZk%KS`&cXntjrj*83iZi0O%^*&poV#)akE44K1)i+!L6qk2(XUSj`!@w6%-bY}P1i zEnJn{awOSjWz6R*$XRfCb886#8NrM3f_Wr}Q92K7IRIdpWr3hoWp~&==cPsYvd1?C z5aP;gA`h8_LMM&zr92**7?pcgob(QWMrBL^pma)U|7S6%_~^4&Kn$EZv2NBmM8ImA zyYF)iKa9Bo(Z(hg!_*Jk&ri}qaozW|V2a?itA&8*fgK6}(JL9^g~d{|aSwSK2_?08 zhdS5@-Jfks8vPOp36g`rLrg2gi{Xt5B6Ds*lmxgJ>@p~P9_mp>bWEU9AWGCQA_ZQ|xdFr>1kauHt(?_yFci_};(pU*mT^`z0^5g!EgTJM5}f#Ij~o z%RgurK%~o}YVI1e+f2|o%*`>=qCR0(m9~ttTxml~`+e4qJz%5@2avH7+Kb9W`j|XK&=9i-4ub8z38k)GAO;g-0F+nE|v563Mx= zLDuWRVHlQ#h4%ZgC7QHq>bP9;u1Kk#-E2zB$1YsOlNYz}k@wuce3BqGHMX~OO9hm< zw1B5ne2^m?si0uULkXIz3k+#ICPS!_3>N&Cs%*4)LslQ<+D>Z={Q7rRiRlqwbFNk- z5po}Ri7q!$g>oPSr$ZIt{c|0x><;!JQo_-giakUObu$4{gYe2~UKj!TMhG_4=Y@Hr z+9I6*;j&*#F3Krkw+tW1OO`-J~d2oO2u$cEB*}sjbkkrk|goL)vrC`;cO9BL^}H+i9p`AGsFN8uekZoN-qvvg5=aEB!o!r9vf0&~TaP;~L)XmoHtz@s$;vTwk#+ z0wQ3x$_9qH_Gv_wwIJB#1hy7K9b;ESSM{k7*cI63K`VWSNC2=BtZBGaaQo@40`XuU zV}-#+3+%_Xo{yzd(sL!VRD*~O0-C?PEOjUJ77(%MgsuocF`I%syfLMqzRvD{P2APQ zYZ0ljoIq<|)Ys8tF|tu#*ST%BnlWF=ICt+R?tS22wzynJ-C*H?@-1k#%vL4h{g-Mo@Vsi(zXLI12-+3oK@P>2vFMs5(~D(%qd1MIKT4&7}x91i(X zQE0zRJ*X$^>}kAOf%eME9K&J(0Jlv*dm7W2#x!2$5aF)- z?i+sN_nsPAQPiJ2Llf1e>g*^d@E%V{9!khwSmlTm2t>(OQiQ<(RXpkFg}1`(1{6S$ zWvFm3H7gqq7wl41UPYneE#gh9r?jx7%|;ul4GG~lK6?SjHfH#mhtD1gcDXKWn$Hy0 z7uMpcAzEGNVg%#vmtFi`OL*O2+esDIQJozvM~0xn_TaT_?-5nqE!AFt01qL9wuXm) zLvG*iNao^EJ+W^#06z$LkHXRT8Di^hqcB`na+}|34&1R@VM_oJ8lu?R*;J~<0iq0r z3|*{n^X#cLq*OgS1JGhpm1zNBz~NRTJJ$x>dUtN@E{FuH>w@{3Th*}nhI@!qqf~DY zvUsQ@`-f8>VY?T(;;IkX{{%ft6V*-vb5PnovhDOOw!9!dMPvjPmUQtgF9w z@VNK=8I20t0JcpG!CwQ*A78@x1;P8C#5rH(igD8&){9{0mLypF{z={cdl$I<-fdiXV!gg*m{V99dkR<)0p;7BCM~jA?E=^ zbb12X)0oCIrt$Kg)bCqgTYcyEfA{-sMe&~ZygmKg$DXQyu3o%1?e>cr4!LO6+3L+F z5-dpSYPBJ4b%8eIs(zMMrA=+9qAkZbTx4elPNax13#6Q!Fl6a`34JL}(lVIFvk}XI zG*RfXvzPIUpL`16@{aqkI-hq-x&TouR7(y7-ecDsEe`Y`6{4}i$%2| zL0FI}{El`c@kHPFYL9$|gKS6W=-m0Hg+yKt@Qw;bvjLFS;I;B)j~fjzK|>S`L{lzp z^79PmETMgv90Wxm#TdYlu(+%Hw7$3yp1!n$_0<_}JF$*g;<&nVbzX&3qM=z5oT*1P z+SW63oH$1y9xz)GoOwWS&)WrSCk1;uP7f?3i;5+UfinO?j82qYwp9v>+^{WO`5o$F z;osGcB?3aBS}364l}!$q3Ble35<*?6QI7891x{|PdFwhNFrjJ@Eu(vwRDdmw`n9}n zN@Y$;+yed!S9UNAxpZZyk8p(c&Ib%gs$y+ro^avHCYBF5xAa(=mCQu7J4&JgyN6Gs z0h2Tetw-6_XxWd#{2k{phkiur@+_u^HZ`GIe&jGOHwr(r&Q<-UpibEx8F((Q@rlPT z;Mrl%&I<~YXNelyaRW($#!HzIeU)M7NVo1OzO-caS)u1ZEm4*LcKCOlHMsp=w8+Mt z`nuu!bzA0IASnL$WPaC?v`VRvF6UA&aarJd% zy?R-}y~RsY>@9yQMJEd9$hN4OJ2mmjTp*e8oTXiD&NJQh z{Qju)RCmwrN(d~$6t6+r)$Hs{cXf5u`}x%8^WZJ>vG##h+5B$4s$%P(p2cPik#dc=^fu z;IO@C;$z?ZKECwhZ^z>x%4(n1QcQE9J}4*0EMPLHI-V61Lc!Fjv^7TsZPrCEe;v(D zSXdz;+NBfCmk3QM@vek>n>4K1o&>E@sUS0~Vs;Z~H(RqcTeI!HFq=+%`cdEh;J?0U z|Ms>3XBW(yiPc>r7#OWtz@Y=!Rw`C!=K-u;@h~Z?B+4nwwDw!gDN*5deE?DhK%>$j z7dpXmMEVlC$+Fp+n|Z%rzu;k*z{q?OyPq2i<%+cZ1_ggzcK+Gs`O7yCV6>Lv^yBv} zsGk(Mt=c5E2irxPN(u`z2dm3qu>;9YmF^cD_Bbh0zIY(j)rs@$)CQ<&9UyD|YqbMF zSvAym(PM_y(}C7I6?{{{>BfFS6@YhSd~J_ePHjX4?0N;kegpEI1VCdRSq& zJBd}&B52KpH7a|pDzWui_RpZ848GoR3}9?Q;tp!?0+w*!f_1h^NvU*JG1UxSwOr^Y zwOWc9trc;NlL*dp#}3iwP!_x@1ti2stVyi0mLX0Z>j|iMJ3S-gU@(%TV#WmvC5(r( z+X_zwUvVPB?2dMf)obODs6?5~5xLRxMk>`0tioC{8d4S;= zTfzA!^c4}l0MaCY1?8?SiU4&ZrlH+f?Vt}8S$qFz4Lw6+m@}(GC}=I{N|XiBv4R@X z3Lyuvovnbf0Gq&3k%xqG*zjtJ3!VA4MPC%|NZvAq;{s18!bvdB;yz{jrwwX#Ue|1G zbJ)^RY5U{vVNoEYjzU|*rhxEV-ocg&yDjsy0bi4EN&*w{5>t|fo(kOgyTLsl3Ff(=XV-mDq~GEV0n zn>UZ&ez=VYZchfbIY-_L(a|}mtrFnr&+WsE`L%fbmmby#VULM`+)jn%fmno~LGgVyI%C4eA0!H0@Z}+h@iy*)R#;NzpFtC*VMhqm;kw7t*t>oc?pWKUy|JCWeo!f2ewhQ{iVNs54L|7`Rg<2YsvQL0IW??U)B87H7@G)b5P11!HQNm{~ z5l;AM6S3HW5A4~|iCJwe0?s?7TTr{nd_~PL3P~#))*O^}E>bHBo1=Iv=@}gd18Aux z5v)lwt*@I)c}%7q?ATLogG8~Tv63n?Yq5}k4pWP8Oo>}!$m+ZMEp zbFW(nCzKw|*1m{ccxEW>umfCjHwbAD@I1<4L`91-U={)R8~|UoWe~MgV@69gg4K!h z%_cJE2LWm;4@+Y&1oEJfbJwBFPPV%xJSbza8wgQ3H27b$2!A9$?zqpUrANLE6(%3l zC__CzT> z_t~e?pO&oi3QXglmlbxP#|mh(NSJqGhB-$wxSmC`QT9;P1W&OHhxFdA8ubCfmL&|G zawNrZ3kKFM=*!s;WEKo&7C^Dc!HGR*r7G5|TXKG{`P?8Uq1ungPEpA!51#7krVYHTtu*>3tFR0I1 zSd35vv!#EwT!4k`tYM+*0wHC9WTH&qpAw)zhDUn;Y|lw_{CCJjFqeC2@1)0L0pOE8 zHwdO!a0VS?zX<3^aBBeAq9Yh8A&mEH^sSRSZaIKJj+KJSm3X{YuvL9>cy|+Nih<#A z>@|M|DpgxNvUVhi%7JZ^gKZCr6JYU?z`@UFY+0J(u3r&0-Os3vHaS7Px;WYwWkUNzvd?u@wlV0~A3&$vTj-)p%1^W~E`3dZ82xR))M4F#oMlwn!|a%)B6tV)amRw(A-Ov!0b@kznbzQjek*)a4 zy_@*rCF^VF-?(<$mG^AX53Cu$fs1G2goEc{$?9$R$saE@0tLizvhE&8T2Bj)lC0tj zkq76bAuKFX3St3{Hwcx*Imr7c40C`rOnQ#T4z?RodHl#Z5p}`=u}xSn?WP73*k&aTMHsAbprF$X>{Z5uRHq;iQo9XaYj$#2gDi!uh!!B5ebPISWsJ=J zuAg4L97`VU#(5t<9ed6+arwJC}E%e|Q|M4diTZtD>#71xdBS z1W;N}p*5qewTiY%g2fAF@R9q@r{fP@fP)v$Mn_A6j<%}bZX6Z_+AfR&%$CY(<^aG+ z6bYQ_I{#evr}Nh?`!gTT>0U?vy|7?;To)eGn4oXRE!r*PSlY|jV;wk807kA)NUIyw zqVe?CFgh10Y*>{NY}F z^mWJK1;_7))|RS;J_-@5V!;yyU^Z80g3d)5_BtM@jWX6RQAo!WG%~c#&MphrP1S%7Q*m*wOP2521)?hZcYEzbwyLpp6SM6=&JgyPE#OFp|cDc8qBGc*_(c-?R)#`)eqp}yH?=z z(+)Ps+x+?OP@`C0c2tr=Nr-OF_`d^OV! z7-wb-@S>UbAoMPA&o=K^kf;|9QMKR2cdSL0$ z!l5o!viP6u{>o)v@pSITBD6Z^m+bwcx#avK-dRT_#V*eE*|^|k6~`RHul>DQ*j~6f zl7p;%e!xL<>|amA7g|_^)Q0<*_H)jWi4^r(ioW3*whWA*XK(_k)|fG)g2fBlapIBl zvr~?rpDdW&3TBO3Eknf>3$*Dknt?P^sHF+&S^?CCjoo!TxS|gaF6+`0HLd2%?!>m9 zQ7oLh2R`(sS7F}FP9#c2o=QXt)fTHlSLAm)k_%dg?N>@cB`)WNe4q3}3;#TTY#(*v z71#gF&znB0ogJ65(b{>#d{GGS1yNX=zWe|u$CCVjRPZn_1D^Q-xZsxsDm<^z&rh<= zp;Tfq#d}gyTt8ERVru-2=`rTAfqg1qyekAkHi34tP2TRkcLh#A>qY44>-r~V{!J5T zH(RqcTeIy>0~t}}*dq_W?EIg9?j=tTEV*hLwix1D_n33rWS;iO{Pw~;8-HwwFUx@#H>!}!?NU>(? z5dLt(3Oul;7a+p1N9@V}`1<4NloR$xduuCZ&uK?{%M1VtDFazX7#q(pHkzTXfw8d^ z4=mk`+wWSz_ujjLy0#5~b%up=+xYp%>`gCu#(tR9R`oDj{waZVBbe zX99FU+n;s6S0l}Wv}YpFt(7QHL$&Tfd5-6qTyX4-yZkBzoaOG85K3~6dW zuV%?CB_IfjF%4~wnPaLfK#~Aa{1>yoKP;fKKG~=3^SK*XH_r|M^KO};p zY{vtzRbpE>MdYAhtkMHB+S*zyjJ5#D0$Wba)_*YLr#C->^KM;=!w)~)`h6Q~h=dHx zPAUnMN>EW`fOe9=Wo+KJbS3(F`|!w5K8b3gN)~9+SQ$~s7;@paA%T(_AShvmtf>qI zp}1XzY#+5_B`L5U3s`umOeX@M3V*6s(DsD;4#LlXcbHiwp_AHD2S zDypRj;l1$aEt_j7-*Z$6Gh*TKTm0DoE2%`uD`934xH>BZj+jvF`Kz(`fMIM|JHz@C z3o{#*wqzU^>-_y7+&^^YtUp+c@3MGi#=kX3G1Srw?QIq8zt0T) z{8RT*Cm%Z>vu9S&-c~_t#oFs-L6NWB*O~UY>t@_fK&lF*TA-?JP?dI6k~Wa4qLvxZ zJv5TxFE^~fUH7fSYo7N!JoA{R*?WufFgZ!cWIibC{cg7#7@*De_ZX1ub~r!)>k!Bq zf-aRx?50gy5VJo|Hj78W6rPnzEJTMGun<`K0`(IP zv>SYuT^?vRVRo}k-BzsJh-W?Tx#-%q=`GCs>n6}{wq|R#X4}1h_8ISZ%j>@W({Fv? zD6gJFF-+_|AN;1CuX@#oUUQs>&fa&=YK$Tq|P>rM;CMm zuc`|W)q!q8rZWS-SR>U|oy}(ZdR=S(F*IwiW@JoeAz(oY%Y}znkc4m=`1hLG*SPSO zHMsol4fxO39gk{zD=xfw1%@Y5yyC2<;luAf8T01OFjN3xo3U9iRHLtf#4hsf*QCHq z$m)#2;TqO#=*Nal{kZDdyLj2MwNxd>DM#+fFFI;I&1|a}WlM=tdMfa|z3Oa;V9S;c zAgd9wv=Pu2zfn&TX5-;wfOOeUx)?sI*sDV`sRkiBsP>grIhu#ue4`i4P@hT zK_7lrLu1AsDTo+@Taw6b$EmS1`whi}Eb_Dzb_W!hDfog>nr7y@Lr`REp>}jo$o-6l z+#Nw;2Z-=lwm+}!ZjV%3AAOJ=6T-37nvgN$uQx2m3y(e!XC8B4JO*g1(6&lF%{qWD zW~(p@Yg7Wz(cWU9v{FbC`yRChXBwFWT3@~LUR=LyBlbJ!zz`g$jBjg_C{!v|VVRgk zeE7oD-=B>E@dmqEh87*bAP&~q4OBZ3!MKkgALl=4P+C&lNbhe?Rz2dDpLWV&Y-xN&nAzb()C<53lz2$|DJ7@HQ zd`O#9Udz)Uec7YvPEowz99!@n@SafDNlO4`s&?CA_>5zNS#P z$V2VYbH$AT_hfK;anX@N?r*w$aePk*-rd(B>i zS3LU^v{Wh~A0r_oq@a>SD5jN#)DZ9+<~by@0TREB$wO@-sEP_X5oDF$O1zdEYox+k zDUr(&xu#nX4zPAg?_CvWPcqx3CeUsI?Pl9m+J=qYIQ|*Wz_#A4?_lPiH-UDuHCwYa z+iud7Qmw}x@w7|+dePZ0S-7ARAw8-Pk%)WmUyrx{>;K@7|8pkV+NyREZLk)nDWDQ? zmVzmIcaSbGPsQ5iFA z0HpnGsRlS@4=Z)FJ+!E(@movnVxpEZKKaW#F>`Jk_MY3JQ_cL551f*m`TPSdAWZDy zqT)d{sl z(R-n_QdCh(&|GFeGAYnTY&VivKiLIG0yFncvGU4F;rA7Q_TOn9$vXhS9Uui_?{wd% zY>1K;i{N~J(bE6X?>4ZY&B1JEx1ocw%fVM~IU?S^gK6hp^C&jN>hN25 z^T@!v(F(;qc^ahxy%fhMbKqA2^AFPKel&RUW}+zM&TGcTTR+ocTe|S=%{c@kV}`C9 z;LOmTlw=T@b+%9d9ey@~+A^!qyH~K!Fm#@>8D}0~vpj$H*Is`8qj<$hhv5Z>?Q7nH z*24Q)+Zvn&vqEL;0i_2*jE?qJuh3S`uipY~mnZP)OK!)i?m^65ypMg2#8{MA7?o7b z-;+vW>_?KsuS*|Yy#Z_2ZNv>{e*pU}nqBCxAsADd8!I377hi-0C)1LzF$KuhIjqW2 zL4%@khGUq`EC4lmFby(xAX5Drd0;!B?QCRNn~vlEO+qpaPHXmh%K*-xv&^4M2dp;t zkKoL&Uy75C+6MIHi9BP7&KS3s|ng8B~bDtNSKJV}wvfbDsN9q*{jyP^D6mVeU0-f)DfWE%Jpf zf!ah3*iOMRg-YSJJN*^$yETXUjk%vial8#}ZfDOQ!@#ySaSsV&5epw*)*@FyLQwGr zGOdxOSy1=t@TUX9tYHdYI<~xs&YAF>9~wz<=khL86NTp=w>MOh*pNzFC`-&3LW&C3 zBgz)jAibn>1(!zmY-4Rv1l(n|B-2xD2fLQ(LTzTlNkc7-OMj0nX2`F7y)~{pMdvYJ zz=Z?U%msl13#$@2f1F5D43E{ZVtqfBZ|uWJt&WcN3Qm0bLVo=#4xxkhn~7O7E9mH` zSXgZVb*7=y%-H66HMWLM+0KUr(3U^vRsYU1#6s&z8-c zxcI6E@yNs7{N~f2PYdVGvH}Z2QZ*6g#uHwJ`w9i?k;J5&7J;?}-=u=|hysBsLX}OS z=ne<2?d}u*eK(RgQ+f`5`kSrUnr(M(%>1f=`~VG4+ei01mQz@Js|mv;>dqXFo&wNx-~ZaWS?XaU~w=4aw-UwS*fanAej zfsgzP2C9qrKhL`l|MR>1v3%1YQq2XJ9od1vs^VQxpM`ibAkt}fwbmZ1Yi1-ZK&1m1 z>vMjqC9lsCjD?5d$Nrc+;xV4WHVl+(_@i9lcrNVHuSr~pSAM<248^uAApj^@i+LF$ z$-;NmUu`b5sx08os)aZ9jbWd8?Wk0Pij$Cc;I-#97Y0dUEoTJODmo566ifrPA)vL> zF5)vCJ6hPkBoq{V#1sceia+-9+hM`%bv%N)tTcdKVByPMCj3D6< zRw;d`^Zj1@$Hq9vmvs^g75%^4_ejor+xJ363e3ue;VJLk?}`_SWKobsB|wBi%4?1g1xd<&?UbM-JmKYi+nw`- z49Hfwj-u@E){rn;{!)1Hra3o2LX32xnmgdi_e~Sv>XiVo6|cQ+31P>AbyDyzr^qR2 z6*Mam*6Bbqc{><)S;c|Xz^oY+9K3ioCh8jZuk11Q8@5oR?VlNk@3HjeCiVe+kxx5? zexRuQ?&|uR`%K7{2ob!mWH^8umys3Za%i7`a#{e zUp+R(#N+U~Ps-K=%FVWWv}#MTYkOoifp)VsTeCG=$uxtg;|0$?^&=nuz-taIT8(HJ z8Jx2f(deAff|s53eEj4u%e^FwRTBAM`~Cl9ZVYUd988H(LVFdmTQ-MP2>aj{_Uc9! zD-om0FxxO8EH>P{H`A$C2y*5Y;fPl=Ce_lsYoN|jLAc4lnM2eqZy#h%!!6iR` z8D4(IepYR3Kzx=N1x?0WSg?3Q;D$3~78tCkkavGpl)|i;Em*v0CZ2Kp-uTQXUr)a| z_mge?(4lsRt7`TR=!={*U#tbYU;ZO>VKoUr8%g-uH; zP#oZlgw7sjQUImOZGV4^4@LP0#g9n=cn-5mV1#(V>$mY!tbKMXfu}t6+JPv7_fW3bHx6be_)?R=N^w!>LJ?S>+L%gUZn- zWQ=qZ+GpF(kSMPfrQ8DA6+57ED$7W)L}69wylu%@8wk%{2)hyo>+HJ=pCp_oMWK*D z>?#MbEd*I8>|m7JX0J7)wNfoEMJ>Q3f4zJBF4VLXtT2SXZ3N9N6nAH$cXR^PYSs8> zg8(vxCMBsTtjb#%^5}fKs}&O-IWRKOc(F)PoM53SQ=mM|#Yf?XCNK6#)w;8oDLJ6I zMJBW_WXhyaeDw=!=tDs3Fgjf@m|9qLgN2!e!q%} zR~#TVg1<3EI%#w685#+UPkN{mxceD$*MfMP#F4#-FB~8MML%9yfXx)Zp#OC`2d^oA z{c<$!h3m>$zzAUH)!Ev=H*GCrKpNGyIu=y}=o@0N8qx1)4DRLf8Z4?rr1?<@E{W-;E*?_elRualBM0CLk_YyYWV;1mrz| z!{}rJ9L*z1toOB|NY(C7mz_6|g`WHGIRo=&w_yFYVXWIS1h4*fc1OvUH`^}Q5|wzi-2~dr z)@;qzY`X`{t~~pcXMFL^uRrVLnKN4vE3#7|1LFX;k>agyd=Bn@WFxlpjsfK$cnMb*$0`OHWh@R_tO-K+&+hlf?pte5f8o2qaNrf+}JCP3^)`OUneWcG6;T z!qGfks@lkimBfNF@y^Mr>=LDN@7abndF8$7fDUYv_vlT+R$dKc z6B$$`0B~cqV8K$}^wukwC76@El|Uw9FE}Z?ofS%Kfk!y5ip)=FucTxVlI9fd;o7lI z8wIapd4;*LBhyCtTv%IK(4aXFD6Q>@4#kL|+Ez#`%$Bf2*7ycTYiMn)dcvrb03-ks z1Z8GWaGTFrO)AJVqiYU@Ux0&@R+IKY(>i35s-zae$3)>P-qysBX1moYAbfuEDA{E>%aDRS|v2G2iu^yUrO(7 z1C9}aWv@$Bw$IzX#ZjSKBeF=(fTNz(kNJxxB1N(XV1(%UBY7Q*+rNCevH&~UqT%dy z$hZusNo;8y+;g~mA5kWyUs)b0--<<;GLVh=uosGbAFYx_E1vIOa5MxSj!rv zNGQ`o!8q*9h{sSSdG|Mc`tY@GF@E3r4DxNtN1mxWB zipKD%L22jAR($*eFULVg?1``a<|5wQHz3ZTRe8JdPlSkiKX#vzfX2HKrN>K&jgZQp zLm+og3$NvJbapN?e!PHkQ@!0J=gqduLtRCvRI32c)&$zk)@;qzY`X{0KA>7nUiFW! zIn7RdCCrW?c2H|;9D2|^%%49Sm)^D-OiC>Fjh2$L0I&TfZAzdy6Upyl3FSbmQ)kPE zpoV!BG38`9+6DON4A2&MN7G4d>_##!dL{}u;&6rZ&}O^+S~FwW#(uQ6CbbXz%h4g+ z$!_L?a!nf!cy+KZB@CdQoG63UGBmI@9%Z~?yd#kboVoa~UoOFSE`1P# zW2v9ynfil@Ef8$*omsfpV=BS5Jtdj2GjM;Gh*>h_DFO6jp04fy_$~q7iGmNPBNn=5 zQs#3I7wiRcJ9tZ297kD3u27;7!|otR;*jCS@!GFzU;?Ze3+K*&QVG}sGzs$@*j9;( zY(~P42m{a~D-yTG-G-^URpfYo1+5+Cxxpd>4b|Gdn~-NtIU4~6F(H9fRr}8!`!=iG zT0~g|9SgD;`w)xgTZT$G;Gu--&RLaIgxRlDV7gP`c3W$yUblX{+HQwdi3(OK;)Jr; z@}V_jq*g;~wQ7BBou!HM23E!<#U5t}Xr%~fZ>=IxgyFGz`DoxRKd2!UibU6WuV#F11>2N+ zxDFOUams~7va=!y1v}}PEO*bavj_3VnImJsf<7`TZ7~b!NP`(2ow+JHz>~r7<_BnK@;4S5{2E3hyvj!2{mCWh0&vWNm zye9xY^T6CUoehRPzC<$K)7)O{j*BF52P;5R-={?JQzZ&2p^}!H z+bX#6flWv=ZSoA9K*0HO`%p^Lr}Kc25Eqj;2NUD_2pX%lb3>2JaA*Xzv4c=s_93Yj z&jW4wXBpIHc?86~OBP<-wXIoW&6XiteDkBY=;mdZv#`ov`0vwj<@v9`f4uKF9DU?G zR9fQrQ5X6g)$!bYT{rrKj}?3}m^1q@5SpPIylnm)nQr>Jmz{vO|H~Ql{XhH}w?DWt zyfe*S;Sb->37m!dGW-}p!mk|27nh^)CD)g!fn_VZ2?3Z0A96=Iwjo zU4(N}6a6+@vza-dQE9g}fp)VsTeCIWZqUB^`A>Z2=%WtXZ^n#PL^dN4%+BBxS?=E} z3E{*4?{&EFhE*6JPlGz!L2+v_68l(pGe`g zs)fIK3i)v{<|d$b)KSx{yh%aZ`LrI%&- zES9G^<883DpYw2=(b7`E9`k47OP_xOE;;|BXq!I|AOG2{`2OV&V`wamL*pr@lqD+o zQ+lsgm;gJcLR9wa21S$Hq?sT0$Bu$;x5^~}I6TPJs@%Uj@5wEopVqlklLxRlUts5f z3kDJnH3Y!0oq>@$5~Xm!qM2rkI)qNtUMIniGAOo-U|TA?gDr+R1lqD26Y!?fu%(_P z)V6Bvq@QCjjIkU%u&NJ9uH(Kk+!pQx2@5lsFtx>5Y;xH(y)MUSNzkY*1vGMUokNIKpxy^9rJ^`_A85dfl@BFW;Z?%H{C85Wy(GgvA*z zZBQExlXX=_);gn4_9qos{YQx?Lmj$9T3q|!bV zr)B?6VBmEKStMJ)x8@~Qp{x`cPy8^_@d-}z+DT|yM^_VDwV5L`WP zW-InvG!x8>J09smf_M(1HAjJlE~rw%Q9fvko{QXNfszV9eoSW^{j|OCfB*9qTz$`d zIRCG=g!zmP#YOL1F9R~%?j|jE;2?};MF1T2MibyVUGYc$Sn3@i#*cw0?=)!6kI(zt zWl;HJ`S)gPwkNi=R9gUZ+iwExW^1-)YqnjzedN<$`pU|cYqtb-wgVduWV3+TG2DLH z8Aqa)F>ZWlvjxV=PN0QK(Jh=90H+qD1URkJOh|21SRj&Hwjx$%`-PbFd?pXK88GT_ zv3LRzGMx$QSdMq*vz+G3?VrLsTWsZBy>$@%BNO_6K6)~$iL$l>*1J+JB!ukoE zv)}1_U2ad}!X&?S&YN)2Z{H8y-hq$)_-6dhvERxbXoN=WZ7Bn}oF{Dn5AOVF+cOjU zy{>^#%7QEeN%?qVkE6 z+{!QEm{I`(YOu4-4hlgMke?`0LYnvIf+neGp()rz4CN@OR*7<=D(P4s?1NwdII}xf z7W8X|)<($@{Nf3*F@Sk1+eRk9T7+mq080h001Q?GDkxzAw6(UF(6L%=itCPI!%=SR z0a|9EJ^djn20w8SfzUoONAH8YZ$cIqyqF6W5BY!Q;zpDr5D|UHUTTYtdtU&=WGseYu5R7K)q-TgM*SKv_6s4F96Bg#-7G05VLygI^_X+^wB!vN74# zWP7r0Yj&D!+itRL?QBkVJG&;^I{nV`InVq44>!MSt!s_^M)~2LN&`C`a@5qc@=XJ* z-#0jLNYh|31BFRk!Ka4i28FALj~i~g=SFO1wt#gzr*Ye> zyB*`mguObgB<|gy=h{W86~gp;SscGMBo;)2Jrly9%O}j7u2-WiWN^A>&4=+LzK1`@ ztcyI~4N&$)yuQW0mT|Il+ou0~oyMIpecB}c4D_sczh_WnkI+{O?lcqh>zZdjOyps6 zUP*H753p9GcPW(1IES8mE9#%@pxFD8bzk{7`G~D_V%h&E$bszyUyu^VV93MDD`;10 z{>2``FqHLM$~(;DDTHSBJ7&8c7$@Q!LxKUNYmDdNDAj%cCactVuSZD=muPAZM2Si` zv5~MCFVw;<*0umoeh_g4KO|knzBCY|G3PeviLG>KLR&n4;Y4^uu-A?vN6}^Rp8M^E zY3Gluw>*z{uU1BxpJ4Hw+?3YyWu)Hxl!nvp`+x46e`nW!khu&<8FjcJgj z`J20Du1lKRt#^xyI%p%o-`)?7y!6B%oVEA~9AyPVm&vUNgO5E`a4LOg%P7=h^m?(?5jv8OnZKHt_jNs13|6?~f&Lk2 zKKs@b7{iX5JIeG}VJm9lcaB{jN08TQ;n2_<$@{mpt+2Un5d7DL61?k z8&PhhPiA~b#5X`dIwSDP(F5!#K!VhXsjD4sT3 zR9!I4rA|YmU-I8(z_+S3-ayGE#NBR5ue$vJrgiUSY`u?`l&5hd`ro(umA|*{)M!gx<7r& z={KhaqP|G4`Joak65IM_8Mvht8+Fj-+a=ywtbGs_CVR@b5}DX79cBEdg0w)bHeCuv z)wb^_Zh6jvzfQxnh6eKTm2M~WI?t#2@;{n?2GxG{SneIePK0j#%jWS@GsjjY!u86H zN4Ex+rFnLg!iZG_=}-tiJNZOPTaP@UkVGG2}lKH3gIr!kErdU27? zBNqEds#sNO%*^UEe{2TJERHs^`+wPZC#H}I+|Iz=57Mc32lpNZ&eG5S2-#Cf@z`e2 zX+Na3Av*>O7gzXpat18X2^UH9kwM4r?u2z*{hij2{n%7~o4-XFDi346qvLPE+H&s? zWs!dLX#FEg{6v~PIYE%T9t)Wjw2Ou^G_McVrzdc78 z<=!l(bx=**CW7&R7{rk(Ee*GgM)lD({_265=S%)z`*lC@%Ibw%jzlm9;+7pCR_(ZZ z^u4RgqyHfCio*O^A%?3{GB9Si2G}6*+P*nW+skI=M^@BjSHzsuo24HIXDJ+Yp=`RO^J?>=NbvXkYOvxs}5gv_9N7Z-PqKB4N#m>0;oS5Lh5m-ex_cT3cw znh|c+q|gI9@c8WybKqCkZ|{Zzq1)yt*2d_=UKMioFI@`xNziEyAf>XW%LjU@%Y`m~^tfH{4q0&{4OCumKn2;Nfi!wk zOS3RqeseVz!r|0#fxzJ+vY=IND&*rDh8JU2oEY*Zf+C+Yb5nD3pc;e<{PM;fO-ZUKl= z3+{?V;@1)wWku20ZfBIElV!m$R{ER=XQW7~+Pbk4!9w|)C4QI1&SUCZW`@~aA#ENL zR*%TMNnaDBuvf*_r+W=jhH%FUuoej=W+zxRH|T(#_yvN^ui{(Ne}ZlGiYrRl`{t+n zr>>Ce!)N!ikptnTMsNsS$HG`Y|K?o|alYk%#oH74G?%O#Y=;zh7TG)|xEO2=A%k-z z_9S?f1Oi0<{w!}5-$o#dOOzPyKSVHX3r3>wy!i=#JKSFL-iU`8zFw&Z1i43F!mNcX z(sA5nfmXb@ySUwoTf+c``PRc>`KL3Umi!J&%vXk-2wVL^sXxDO`fgbYs{>ObMH$T( zPQEj$i%J5ptV`;xT~K3XldaG9_w&M47eDbhf20-q;e?%TVh>l+*)LfCUY z;@d;FKr+7CbI4WUP|xbnqJsS7pGAX5m^!7c$H3;Nejcv8Y8m&-V@abeXtqvs1cW-q zARc`s6~rcWrdB7|(m(9q{`Hm&eD!iukN~lXBnq#MIlhV% z=DFAqXnstRRz(<-07I~~OY)5ug3=-RCUDcGuCEQ(Ls~kwmELaCCBGLNCBikgMhcc8 z6pVN3i)y`(Z(t~VmUhX<9t-WqNcCH~Zr(-LxovnG)N9Sh`j0|TBk2X(Bic}-|6kN0$TWAaS0liAy_Y3SxMM- z?5AE0Wcj|^Mj0KZowptFe_4khgwwOBbTYXHb@m!ymv+v2)%iLVIJ0t_Zg zqy!Aa6vr2|8U0Hx$k3!@vn_AmmOoxhnPn00v_eBX^QvR~7`WMvMEP`S=5GbPKjhur z*T7==oJp~#a*bt$zl0GMz|Wyxz@^7oAgR7p#)^7!d>3_F&^8!nTCYWN<)b;8l5zrE z$7}9BVG^zKKna31?O?*LmhwvZAy~Pr2oIJGwH%s!1=|5eB({2RfqbyH{-Y12ubs-Y z`Kt*XY%K0IQ~XbPo~M(6{W4)w9$1=NC459H<#Z!m2I@ghD$*GRv7iKVMDvk#IYj4G z4|jn3>krj8OgblRma7oxLSKU|fk?@v$HK0RZD{I?y%8JulvxpU7>o!Yk3iq-NQCi#Gi4TwAXUiW7UlTTBv{l@T4eogo6PQZ@m z=Rb#bb7wOBb{m&Z0WcsK2!_Pef~+8T5_~eeEG7L2Rk@?>JY8AQkMYpBE-U!ttJ5bol-hQYL_9E_x|JI#>0E<$bi@1|eU%*YwAt9?iagO9N2Am8tM%ha$3IYe!(Z z1gUAqu#~_`5js#7rbner0D8ub-675QGXi>bes6*g|NpvD&vk6AtT3nDmk{dDW?w(z z(uMv%sY*mu=G^UHz^j4V^j5crk|dw@C@p_;0@rhr-!BIJZfIto0iLH7NrQ06$1FTx zKvJj$Jkgwj%lR9ztqQW3b|qS6q=ttJr*1J4^biG42bvg2rLxya12-ePA>zxS^kUUm z|5(RDAi8mkrA#o<9CSqCb#Qj{;Xv$r7c>7G)W>!`g<=>4OLRUYtDqmfoKw%dWS`!v z$n1`3FKF(khH*TLE9^i7?{(j(BE=R{ocY4af~=-n*=nkd)BZ9d5?MDA=rM5lk;cY1 z?b*i)^18NZYEr{T-5eIimx@UvV-G*s*;?tdjd>Y_VrsoZdpmi1{S7Kuai4EQ5tZbK z*t8ec#I^!Vd62>wRaoI;07xFt79bZ%@*J-^h#}e75`zI zMFZ$n+WcT~S1*_RLttE?=6CddS(xEDoL2*`Pb>*y_a0Wry?r|bwqOU2L63R~G-hVB zU`DlFhlLpwR8}#QUNZ{kIp+QrZzr(_PtP&3zt3jFR&HS^q#BS1RmwDy zQC2DPce~Cnib3{qZBOr|n?J0TL$i>A49{=&EgG8ymf=Ud9;CA_t)Qa@suQm zrz~QA8l*uBlTozqd(xr^#$es$!{L5LUycmIxd;-zXEj>Pth#?@LX7fM};?1GQ%7`D+~ynX7~x5w!QbDbN;+SQ(8!d-^ked$3vNOhL8wF zs(oN0Q74Jms+&*z;R)!=0pk8zyKZfkFXU91SGDH4yGNn3EuTph(+9V5(leS})rwkg z^M=$}#pt{w9N8`#I5N5D)Zo_ug#Y#D1jOj*7uNbgpzzN{;iuZ@^jObdrP_Awo&LH% z0|M+f+zHug$qS4vmc-STpW~B8AQ&e^-1o{y2<|hJ;&>tjpF-0Ligj2=e$qxOEYv#= zXjHAN$HeISxEnn?GUzv>zXyqxsa0@4fXJ`L(z?M01jt_|nLUBOY^_C#i%op|XtXXt z@o<+Nxu{b3L7oTO&2X+U{y;BA%g@5Vu%6Q=ak>VAd?;5(lRgjHnbfUOb@0AMd0L1Y5D2kXMaa7y~v>+2{y( zxs<5d0FYhD?MNfCHo{Zu=EP)fn-3B3J%9e5GDq1JOjI+JQDv_U!tU|r+J{!c;%W;&K;8U{(|-N@h^K{ zUGX%V8eli=$n3QxcGDnQ&BA&msODgALqb2>>EEbq*(vqYk9FE~`mVrhqX_t7jB+Fx zZdri`3B&7HF5zpfOqW2flTD*`xwSKMCp`8!YmlS|MWxHm?bb2s1#-OpEYev6x3zrT zAuWD?Pq)Y)o6@e;BFd27J|6pp=$FlFZdwweuT)fES%l|sn~m@AG7G!A5BYFcx3~f> zF1!}_`^dJsI={|q>-DS=^;`NaY-OD#J&q;k1Kn2ZA^3WeBijR?gAk2O^j7;1|8kRR zu!YcUt(@7N2)$!!TewDYI*F#U+y$!1HV|FB~4rAV0(HXiz$^k4k2?s|5EDXg>3FI?bVI`|yHO6n7dd}TWf0MeWz zh!%5h<7vcIGvF}q@PJ^!^{7weoWYb~i#yy)^I_M#^ejx^5U8sT6fO8p+ZABR&Iia=F46fyw?h;v=Y;nq>}{FzUMf8m71V5~RxZc1aDEQ-Gh} zaio*6+5#gOO!Lw}9A7I*2K2Um)ZygoNu|LR|J&N>bpM++TOhiQwxOG)&`59Sg+bLy zC(g$9}Fq3)yRJ&L#@E0*mAR}<%ec&Ea$j}sO1!F>3W1p^cZq*(_T#Yd+-@wyf z22JoVO!PVK9)`8#HInzO33_upXe$k^Tna&WO<1#Tt_qmq5=qy82I9>Ib71U5#uxz^ z>5QB%aT}sJ&;)+rOreX$Ayzg)9Y6t!PAo9aNwUI$9<$HBQ)vpL-Fr?_Ua zgxjk`z5EeOf;QFCmi4RraPpmU?A#G;-?E=k5b(N9cnrcx$J6lbxIjuH|J!0J#&C+H zZ@P^U=1{{kR*^CV4%@pc7P7WX?26xJD%U-jLQJkmP5T@uw6uov6Q)jeAy>7yo=Pdr zpqnZ9fA1MdoAwD0abzL`b}B~9 zXboP6Ad~QQ;2%l+04Pk}$s?1d$_#~ND|6<-L}4cyS6IX)A<1Bp$0V}g$E#?nJh<^% zQ5a(kU2fnolP`?-$Cee1+9K@sY5YCYQ7Rg!FSvS5mUm(26A9*sR9}>g7uwYxuFWn4 z6SGEPzlWsD8kd^W@BF?SrdEmYRC#_?WD{N&DeOStD`$2n6>+Y3=3S-CiTwSlDp|d; zf$~r1R&FToee!DxA!Q9y;ZU-f;de}?I_r2ZCXa5D?_pww`==wZ&(`o&ZS>Jc* z*-z)g9Be~;p|E-LPQ2H~s}nZ;8KCRswdJuq5VyTPUNZvhOMn}eiSsIkgJm%AKgxE1 z5_~)K>kT=2 zswMZbgf>Qco=yvwH1g0;3ax_xWWN2xNd}NMIfdZ~@mCKa(BmF`C}9Hd2K*<2^_ce{ z+e4cui2ycu+^9S=Dhmou0%cvD0Vo?nTro>8EH*x!Lg<`nNpyd?k6eC%FZe=qoSK8~ zmV5v_I!rlORf>NzxE5cY-0stU4mk;)>K~2-aeo3aOIVGGHDi?84KK@vx`k}RX>Ii; zII4Pz6A9OY zdQM$gX$a$0H-bOT=%=Mu;QQfZZ;sQd!*eyD`aI=f3CDo+!VMwhw|{fiC+kFTWjGxxD9c`7wT|`7wU*`1!9Bw%crP5Qm_3EQgg!*-`8((a(I~eJI3Jp`lgt?kS56K zgP`-|d0H6I{Jq~Z-6=!>8UCw#MD~Dd8vW`+%ZQx|Y-S$KgFk06SpU|IpET?F+qWPa z^jixro34@7B1*;P>COLn`~!8ls$Fns8Qxdy?J^*&(uBg<-CiQ}sq-*!! z_JzZ-hq9JwN75KBMK8B;RVJUFgb1U>wQ{W{Tkk)J_-$)fiV;|C!M*#!bfD;eu)&O+ zkQ7wUXH@=(W4lEsYsc-K)~sH8i|x47{U||T>i*cU|Lk?E_3EqaZrxeGwI3R_vPG{G z=)$vCA?-Zo2-^+J?Mfy(zZ{{S?!pS%Yqk>M#p=x=($k2$g-i;xYuR+v7uCj<+jUPU zlB1*fmz?5~nH$%VVnL_znW)K%M>7bsQx-om_wCyml#v+!T9~3nW^^uMA=`86#xdEW^d)! zP61?M!RqMPAC!$L}{`~`wkNX(QZm8S&xz^Lk6l=n!fx9C%))I6*Kd64*)~% z`e}8Ur(^n?T%q4%u2ADt==Q;E!*4v*+|HLPWs4kk-F{K^CO0B2Or1-?7-W{?W=w@F zn#MwQ$~1;49i2~=Ow|}mLhBKGhU-DIeRP~mnfi5OJ0oDZ4Ov32z6@?6$(5YQ+h3}R zX^$B1bJ~^=My=OSzLmAS5>ZXp9%D6Ys^DB0SI^@ZQfb#23cb)Ed+aMP z%X4xP@F@n^n4}stOS7I>mlYTCwOXwB{J1~x>s#q*g%f}zmq1AmgyPA1iv?nTc1=WR z@2_A1f7l@eomvcHULvDPAnU{Dwds+bce7=;``bZvjvKgAmzTR~-)#J6OMliVr}*!$ z{+~%5$Onwc1o~WcZs{+waS8?ukDU$2?ZvHNND_48_}%t<4blmIGX`KoK->Rn%!A*S z#>4%Wyd+pOy312;7hB?q<{Ms3h$<$-C1Ftyt)kP|{?`GnU3K)w@O$Mei}LbQTG~ZS z`Z=b5mqn3vX!i&2;Z#|wf&}40D#_Zb!rF9`tplRXgSGwol;|K7o4wJYF_{k1HuG0d z((PqZmdJO9XX|60W7^{x2blA|0bpTgp9M2hB(`HV;D^Ndcw->&nag>ad9**|&<%qJ z%XF&Padh9nu75=}SkWpk|jQKFQZNXi#*B*RuV9u!dxF#e~cF*?VxxQ}&^r63s(=)6ln*Q!w$p z>IZP|Og5i+N~hmzl-V<@vE-aqY6)O}x6#*1aAUo&TADkrQKU}8o|>hg+CojuU1M8& z<7`Comjb2)EM|ANS$mVlh?w~xYDWi^cLd7T>pFNqse2LxA2}b6XuEn)9{mz6h%j< z%?q^TJHQ@-a-OI#{@BEDzj|r=)AESBYVmLGRgDIo-_@VGHYtCWx2DS;i4z57r_#_} zQ1CrMwam!^3kgHRtquu!;X28XdFY$vTg|D2ee1t~E&aFA(zNOmkHbg~pIXzyu;wMx zj+=EufB^XRnTsya_uoZv+}Gr{d&u4T7PDn!-44pj6zWt?#RlJo&?Yx;1yfcJmFXbJ zk?^r3w6uIdQy<~9VuWw4D&Sm7ddTR-Kf?`s&=&&hUk3p=prSGJyuL+TJtxt-<$uJ& z^S?8xNXT)v-T!X9fcO^pDXyXRZ(D$W`AF}eI@<-hTDG8}uV)eva(ES1vhBRq0O=4r zMQ6>Q<4GbFhI}&mX7$zD=}>@zP<)hu=5fdCqYVzGh64L|({~WW?;b-BK$I^6f%rn( zvKieESsM#I=-3K#(pmb%l?N76RQuXznmP|ggHB-_t_e@4XLL}`X6{lv5PNaaC?~4Y zJ)VQ&ss!G1U^TKGFYG^D&)KG593NMWWtIH68Tu&sB1Q*TC>8aHV^X~&_*b1Zu2BGPe~eGZb2nFR*~^)&)YIQ z4;WA2bAzK-Z_@a^9Q9&jJ(Odd zH)x9ki&5?7!qQoSkFla>==GHu@074IRyd}JC2(E&xk$p zn2ltPnt`3Ip9+sIT5v|B8wI+*z@?3Psx<2Sd0ya>=zjU&WnRPM*{1z z@Zv16G+LjE3QPlf)l4qOLeP>TNUA)vK_f@j_t!Sag^sEeeyk}r=$Qd&hk#;M$4(kix4mm90-EWoCMlY@-w%27 z&tsZJboUNx=Sdra@^9TQqm4%aJGw*}Ma8!9SfFnkbUC&WKG-i>(@7v2nAQ#MG%=uB z6+JY2qVpl&{M7Jnrs1CY?XDBwp8tT-aLe`L`LV!2*6G&-OZsv~LNWg_|C?>C5P{I! zFv9VxpTQW;7Vu~9DSy9*x6!?`L8%L8-4U(oTDJHbJq}ed4UE8`S};8WI1X&Cu7w$t zgGqi3@=i$Kz{bDGKAXGkhb*%PN(=~e79djem#g3_)%WdF8Jy1g7x(tUDtgA>+!Z#IHZOET+td@m17pmiG)cM-E$x{46C$HiUI?x9nTd7i5zI|RhKqu% z{xp_C#y+d+RC*sq_tS17Dl`8tB@FI2x7u zt!73aXat19_MacKc~{~lTq-nB31R0RO8761XMl5851Q*;@m(1UCm}Tkp(rJ7SfAP! zg~)zB9s)Nq4??GWFP1@o*xF4V4Pf<@MnuiN!CqA>RO+A+wo>BNf~&io@JEe*A_{$x zwH_bo6{}Sd8;E zOkRz3W)bETH*Ay97SvRQ5th3iRMbDa>*2VDmNER;??r%DxfjW&VO&u0%xCEF&ERot zK)IZX(j0AdD#!RT32$$S@~dRoueI)|DJ{F_eC%}DpwV-qSNfC-Ijg9-J3SrHasAzh zp3M*FW^`4^wf-B$*W-9=hL8KZjbk#+?F*rq4Z_23p;??A>?iIHp4-zUytB;|gjAoT|`uq3K6-J;KX2kWqtVVt{kw5Uv0R8QW7^ z!a!`N@(0)cDjr9T`y3FFaid=HknosDT7)N|c<*g&Zd&GB`d+++uxz4{8AA+(8Tv0L zyD13>8#korjz`u8RjLxoSJ!lp0djgyfyaDve1*5S70q?ex#O*i_Uol)ATDYUr36%p z63+tm7ViOGltUl$RKa*^)xlR~=Il0M7vYSDr|JS~3-?N4>lM^0j)l~!d*ovQLQY$j z?yVHc;@iiaf9{Q(g4l1Eh7fEGplWMi6p{+t8i1B}5FXFyeTM^bE%et+RsGT1)Rk{= zfVJ_f8*Lt~!ZUt(v$S6A+=S$d5Nw(LZsobZ^Vfk@N5!(@^&^YP^RH1lYCtteP`u6d zTA}_VfL}6K`CHi};+Hqwq!)$*J8;TTKc}qq-#nu6y>M}O2-sb0Ob}ez7lvN2BuF2U zz*!9(y#m)PNqt%~3Cg-;mWy|C<8&@wUrgB67y%t!pw##2=mb4nzJ4STC8!C)Uisaa zv8Eh-OLq(Q%>A5^IoO2#Q;%nf4$#tzd1kYJ|K2-npq2!Ma5PbO6cYr&SI?3VUE8J$ zl43S(;Ug=HSh?JESYxMYQ5RIvuLP^Er|3HMKPO+$AK zh3ZL)(CtK6N8nA3y*OzOr72y?el;C>Kmt>hhVnlBMK=&HVMZx|j&n;$DqXNVD={ZJ z&97)8RJ9_MZ*Rgi1QOfTEv#Nex>Pc&^jo3QRV^`+tsx5h=y2eJQ zLuBhd0Eit~!C4Rb);NuA7hiebq)k*2m|(CAr&vWiP#+Mg26_1_vjmo-~w2ESXj%zMH5zILr2ulN^ zZ4dd=D0=0aFyj)xAqFFhDmVVENUdEWCn=;VH;(U>#gL5H_O%2V8vCY%RW&vf*9ak`G*k(x$ zzl`#9SV`MXJ78N(+vqF6(SJ22r>L;|a`^_MihZl6B?BUU@n3^H(>tdtg0SQmFzbeP z5uyTywWaIVcH&?0>|?emuUB7YJ2p{!gBwj-9}--&xEmp>t0Ok#g})*KDNm!;UWA5i0HC6@tE$bd6Ep zM3RUM6vsWqU%K$`%hA)p=41i}U)g-ummb$AZ81reT}vZCXuA+(f1yuQxkN8HLLBd@^QWJ#4dg3HMN&8Ih%FvjF6Si^GBqI<%s|a(k32QLY2<2bORQ zANc8qk>}o4ZZ3D;&gDpI*mRhfHTlx9_2>h-9{#o>&*<1w7S!^0dM;}EK8!?N9~kNd z=X}im)1n*`K0~z`Q%;ydisT(HD1ce<=yi^I~p21Bb%d`oY0@l;`TdmHX7&s04fU zl_t6Kmj@Iom?AW4H~Lc`+WH70r5SZ7kz1YGW@t+&XP7UIiN8wZVzly77lTeBFL-t(HCcGcy|fMT@`6=ke1=bJB<0cWqm;VU z;d-Wo@qNV5V`DBZ%W(;X%XjCL%hbCwHWV97FW41XXEJvqRCdY>ulg8om)X!E4yiXw zursG!Na08%WUCw?Yzt*fhX>fqRPR1~QFKQoP zDoi+7yF4+YWOP(NDf}sgWV`rvDY&=~GKff5EtNY@mIB)+}jQ7nS>o zXdp6_>cd>1n$f&ZdCGXCVGn4&(b&hb4h8(yLnLSOS6&ewB`83pRn5A6P(a5`Axo=u%+H{(vQ{UVqXIGFBCe5$0=NpyM)MlLHL1=TR#hZQIF=p} zZAM`c;ug;f8h@9@n6ZmJ${BbH;X|H%(^8C9@$eP%AGSQFdA3m7R=?@7(9vW=2xVeyA`am1oSqZ><`-LwpWSx-aq(0{)UuyoP* z{qj5N`rn}le_aE$*`I$Cl}-9q6v6M|r>4>9+x(OsvAIiK^^oN6jDLETLCDN`Y_FU@ zhgI|(HVU=8w{u=Jg)kjnNy@Rfj;zJDvd#JCDE`WKBv`Bw=5g+>di^i)*8*cD!q!JD z_hkZy`IMN5$R4Z~pY{cjBx^Qd+fUFHhN;ICiAa0P9tatSa$Q2;wE%I$2mnJnr{$u;3j!&464N9#U9)GqKh1akxwz~FOmSB zcfJu8f#L*4BR~;>b)*)6K6H<-!5@T~EX(S%B;P^R+J!vp-Wo4UBu_SDnT~o6Bz|z# zi=uOTCv{WUNfOl0iUt>vB8}3~z@mg&S3$VBi(-@xW}4P{2p(baJ|+>*7}cpC6dA#2 zkX2;0dtiNmKe7fd9pIPP_oR1(5Qb_E|Ey8dNEqdKr*E+R2$));LpPU)u(@YY*4Us* z{zGJzgb=%6;Ip!+0^a)%|GP*_~SL$s$z08nYon=w)nZfE17k!9q> z8wl1Qr>zSVsqCpFG#!9vJ6s&JF?n5GWrTcszmL1&+q@>rdT-M#2Ld?H1WSq;{iS*;Ni|!%JIL$T!6UwNtxsM=xtO8d|n@cGF_dieU_D84Z;<%gp zJzsJ{%&>)H#+qBd3o#a@rByUp-h|*>&W+xuils62J*RYMkStZp54eML1Cx? z$<6q)zV$~oB6@H|P8?HB&pAuqGqSVcv_V$BX}T1AJxh5v2%VI~OIm;Czg0q(+RQDr z7d5MhNOFi&Z{m^>x=2x1Z*pn{1}JM~jRPIWzj)bet8QqsTehbaOP*F6q1|j3UhcQ2 z2KNs_HXkitS!92986Saq2_?zjnSDe(wkg>Zu;&SbSlKS2?_nDz%P z4(lQ5?S5+UQJnKf?J(4J4i*5VkVCNO%;19{)UJ1!)6m`}euw??hr|^(oen?hfRL7LnP1dj+-vT z7eWW_#7ErEQ)Bh}g~%(zJqL$vZDy`v>Cv1SI8o2wpxgc~{>nJmTOi~(E#y26#8k4d z>)fW2XIYzBTeuFa@MOa7{dm(5Jx8Zmhs%@3x*Qdz|5d22rrTm~*+A25sT-R|*>|R> zEI!l}KYPRMwH$GLU9T5GOG22F0eWb>#QSGQlHW(Ggh_(8Lc4d}x=^3xqFb3$v;*aK zoftd!$=RO%QMyM8wcs#ZQj{4y@VKS_^h+bQ1zLFZ_tnVcBz6J+pDMr^QSEk**!3FL z(`oGhSe~I^(S`Mk&5G2e9Y*PX`{DeRJnF1WgWZlV9t9(KTWG(RbxJ9=ezjPZAOo7Z~@h%R%wJ3T}nI0p1Juw@p~%^*biD3m~~bD@N%$v ze8#^AxZ^h&hc`pKQTiwp2ok(s)w@6X$-JPS2zf-ZYRDbD-XmlFY|KVJ#76QQl2FL3 zkgUhQluD6Ga|b_yFI8p)^>FYEaY#nmKIe|bnD>(jaa|}w)#&FHo8{5D*||Yt4R^1<%^kwZ&Wf8 zRQ3kO6Gcw(;3Fea>!T!^7cBZ^+-=d322((@DQW$K;pe=i2|_Z8P`!su=_WWGB|`o5 z!NM_1dD@UR5%h0FBK`95>XwE5l#J>ZiQ;qkm&10Q3DC&PDb{c{B1(r|SzYUE*U7)y#oFSFIr ze8ku?+sV(j#(MjmIDq~#ariryKCs5>)Vew&Vf1^V(&Li=o#=;9e z+NDg5-n>xkf8T|nO0WNir?U!Z16ZRp?(Xizo#O7&Qrz8LQ#81{6)kRs0>KIH5GYP@ zcPZ{J%iXIFXZF!)z()0E_-UnR2Lo@t-?Cy9( zdVR4BO-rEUXf=~aRyD8fRl2H9ux2y2Vac~)g&rtNEt*$@7$}cT*uoO=Xvpx=2}Jb*q|m4S-`Dz#qH{#8|7}qi zZvb@ZG3{_F$E;AU%jhxp60n0n4(>Ue1?(W1oSZT}h8F;IIUscx|hY_?{;!z6S)(2P~T1eK)09^82EP6CRMKy%D75eRjG zo4r2`W0yf-*w!Qw(Bq76^~IN100bIY$|FKM~e*%H|3gyWm9u!9V5#4&3W5hNk`PZg2#W@oFOnmBfQ zK?Nh)z4X!$JRu;NyYay;-U4%u&PZh>VDsm;c<7N}O%X;qIZ3iE3Ch-bAqiKm-+Gy! z$#w~25zP6mCuh+-wo70zln%izKqMliDeG40stkTA0+z zN+bR#0JjAyPU#ply==0wd?7yzv$y;KPVFs0QaOm z{(sh-8%1|8=<%23UV*NS5wR{yJ@WZ}%mEj-fm+uGlQ61H62fIu2{C`I?r3`+bjfW3 z57^1xi%c+I|BYy2dfg{EgujQyCzo=;88G*kk= z=S8Qo8K#so$EYnoBaU2(FJ9_uR8K{!Ha=wWktZm(d3~4b;IUay5u*T6)DZq(21ck+ zX)bC`%B6 zW5tRsxmUan#_b0;T_Xyo-K{KvEL+6#6Od3+UsMq=o+B=&fKc!NXT@IoW@~p*rOoaX zOO1)g@yDCK_3l$PpYod@xyq98a>c`~mrB`(Vb~_nO&%$RRbuWB)h$Ms7rHA-jcO&j z^5t@BXyAPRblB>rUXBz&dSSsAInUln9~Y&FK zxQRP^Xfe5Y6aqAsv>?_+XG=*O4o#kSL#tPgR9UwP0;Ji)q(Rhinpq6n*efmvrNz|B z&C#PnB3X%fXS)e#rI8wZiyua)zET?+XH6#pJe9@pxOPHwO`E95)Q8hSHUym6B&-Jf zw}}M+IRn!^f}~dSoJKMx*rl@rW<~fCq+(nqgds??3$mih)X$%NL`Q+8jWLVtwW??N zr>DG@Q8iEntWuxibJHH5H)Ud)L}3NCgW!$P&qMDwPbgRO3S1L#j?>s-zc7`7CyMKb zndQYO2Z0#E9Jb8*VRWtSOd5|d(tS4j5PMzB1cflc7?X+)-7HiIq3x~eU#BncObgRj z>7(F7`mzoHh6oO7Sln9&D526WJExDK?Z=RC_Nem{ic#}KIGzDPYp zYTV0CUcgni14Gp;g==%|c0l9QjDPVSK~F0o0WRYGtKKJB2o$P6UY?&mV4=Rx+8qZb z8*-GdfgJMkK-7>lg{9&U-BPw*X4kcNQnyvqiR0I+W@m#=yW>rR4{;75QTQw|#NLNLoqda%00$Me1&AUQDGGDEa@ko0T6PrY6%f;xENsfxCUZ zmvwl10n1nCXB0_~=UN8%0Wa|lfk?ryVE2IMT>Y|Gq7Q-xf+tinA)-z<0sp`E1M zAI@IPG~LXl@>527)9KM%iJ%Xr{=`j1!Ve79#z|s$icg6LcmH) z+ljbOMl{w`&=E^jer}z`Gw#D zS!!_P(6(kgoo4U-^>%GO!OC~ax1wP9pNL`hA*|+?tiFz3VBu7L6gR4;yMcXY zHwQ5{>Tif8rbZ)94Qm0-Zz|2dWFNOZBDzr3roeLwVniN`tsG)C)xr|^)Y#dPJ?VYG z4M{ch6#-pxbymz|DN!1K#PWctHdR=o;0H^6*oTWHumjpgcpEAwR2*sLR!=`Q)&FeM zO{&!b+M4y}T=d!2wA99MO*Rvv0}g)3zs#VL;IwaS9~w(zX?X|KoW2dj?%+@c-!t#u zNIz2|OF(JN5C(f9lKjOtD@xvr*?_P2h|^^Nc#(KhVkyCC&r9BI8o7_T5>v20R}>(7 zpUAjr&9Fa_ z%bSj26vJp`)fa^ere*5DIZAv~ z+q-19TLU8@(v8=I{|YI`sh0~5-g}f(Jmi2iN@|PEQB)CcunJ4zCzczlXM7gO;( zMw(5TF9S>ke&2DPKh&AQS|p?9FQ> zcq`qiSm5~!W&h|mae_H}_&SgR_aEAbWrKD(xA|=L#iyfYlUlQ-3a9sl8F5cMo_9ru z+`^?_JRDWn)8YIZ{tH8s@7MX4e_USB415uksn^cAk*eQJ1)-#Lw_1Rd&$&v@5t|2R z8V{&y)#{_d=9u+ss+rB#8$WN8|6>LPDaR$k_B?2u0{&~x5Y1Y7cUoLs@SnJMW(p4S zNiwQl6np4ddKiez55IQNjffYe)ed%=U3OkNpl{_SOM$jrKICh}7|{VWFeXg~{~Ke^ zZh9u>7bRGkU7LIe#~-5m%0p`v5ph*hndNpxje2>I-JZ;wnLly%)pbgY+;3rI{Yns| zn){!crSl5Xnc>oPq0#Fu&vlwVEH3c%@h5LH*?r%}{6Y<7o_V$N+;TIr_;LtkK)ekFmMGsGj%r{yR%nwK~Tdc z{}GJ*7A#RICX@S3c03!#XL|b2AD#02a2{AF)rwRp`CxlPjHXw}`f!<6c#`&|n*MT- zAR;$o*7C=pOmH@VO(DfFirg=NFuEQpBghR*?PCQd#IQdAEG*`m;>WOskhzeZ%P;iU zVzkJdV`xIX;oXxXa7()Hou85ZHltBaW;}qehLyOzqnYR@7Ryl$al|yiH``j(`=Bco zwg*}w)!)jKT1wxl zs_mKc^S^(h_&CXO0j(<~3eS9LP|Hs}oF`G4fC(?%s6ZTO*3hWT>#xfOCJ+5ua)tOx zY{58~2NvP%O2)AxJ-mDUYNg0YKD`6@XeUH}sIrkI-r7E;yH&bf_Imu{jxUZ_WWx_0 zfAAoqVv|{SpGMaqNZ*~@#m{|vv3+(mVFcf(Fk72PeAG zckn0gIiCCeG%x3YUrw~v7^TE^>BOaA>xS5b(D9TAKL7BrHa@R-B~-trH2~%&1juK4 zYDyaLvNpM0UUo{$o|$6;*0Iu2wdN_}y=d52P24elC}z_!zCXl=4c%ejzFx@msS+IA za4ui#A3Jb7T7KF`%&6&U4)Ea8b~%z$=L#Oeux~H0py7GETc{u~US_p6V)axL%zs>c zrEzSt?I7(TRP}fZXrLYY=@qAV{Vi~NXZfel!N+Ri9LmfjLJTTf?JWG?U_qn>6BAwK zrMu>R)1@=9`j82FNuo8<6Aip^xlikM#B?pueYUyLI08bxyW60|n)y+tLWl|)1Qv^n=hj)y9MtJd3DI6{v5=7tx{=zX09 z{QDFvNkLJ`o72u6w7w-2fwtNS;MeQ<>bNfSP-Ru=EB1XmHc;4YaPIhvPCl#1D0$pr zj@n>N7f@*a4)eO1-3Llkx+!96nd!}QBoOSIoB)%f2JOkRC!z@WLWh}a^kATB+W-eP z=aLd5O6l8~5%)TB0QP)iC%exjrNm>j&75RD>ScafViai?v z#X?`p%Zk)+xw$KhKg+IRKU$fj=RrOb=VZ=S!=1UGgkzx)`W=gcKTtB;(dfEIkZ? zB#@!WCrFV`181J~BHzPeIBh8_kh$_nF)!VO2*`2NcjwG(H1%bexHC^f1ohp~283HdLl zQFehYtWmYlafn|{MJCcWc!tm}uCydv-{`>n5CW(=n}Bs;rxzOV*BFZY5K>C3ne(p< zuS$5G;SBIunHxiW>M&#UN=a%^!yYn@Sn(})0_pX!qhAA-J@bZt%KqV0yOJd$F36?x zJV=zYtduJm7oc=jP(WG)7?T>ij^zowe_&sUK*SCLpm_Ba>llGiB&W`nMuFO&02mlI zzvhKuX$MGJGYDo}EGh6QSH*0)FDpu3*^Wisnjhz_%kG+S!f%J;N$j#au+`?{^1}kv zfhgeu@O;l)+4B-{-4I`Y+?0M;cVX`xwnbM|mrSASqC(34gRO_c1Y_fjsJv)|O%G*O zmj68^@hOSG3w3>6n9?)lbokEPK7dvHMWD}d`CrY$z|<9egbR46O!;dZv;^pX@uWP% z(~9-CX_k$LvyJ-&hWgbMF6q`p&lgpchb_S}iyWSp8xG9=a_h0Ld^-vouug<+#5QVu zSU&}KX^ChNn99i#WV}RQhuK_7V z$%JRPj%Xleo7obCa4Mn&56$S=i?wOwlZ=P6J}F*5!No=(FmeL2uKGcRnmNu{hWnr8un!) zR#Hwed|EJeYQ1;+)lD=C7~en|tw%Ger_hWgw>tzEBH9pJ@z!}V>x_fw~0Pt0&tu6|5<7V z?=Q{AmwE4Eq|KtWBXOmQFr_#0E|(JU`;Tk^WL(18rLKmL>;Kfsm&W3ep$TyKU2cC8rP>Vmf*-niGG ze;mA4%dtAe&*`=-xY6G5O#2S3yoIEzOqm^YV<>?h0R|VbE}cQzj>H3A?>AU-L-p!Y zU>?dhHY?^n8}3;aUy24jZ)hqy?WiGw8Y&dCo22-V7+vSYPhp_>{oni7ZR}Oy=%E(o zSr5b!YRew?DyDB^1jXP{1}qqQw69EfZ`93Fu?3!VtJ@G}B#Jd#s`Q21t{>yj!=FHaU;%QVzg}SEUZ*GIw~>Sj#~R z2P!-tg`J*c9XkUD+E2YKFai}ezp%7H^o8e&M2hOU#36#{!zffME%beU|!Ci$z zUAXnrO&{%7X#|=l==p3Dz&GWUMR5aPEO~7vBtayxQ+`U4k!8vi4~ZYUio$B&5%;+)roEQY~tZpF`mY1cuf zebwPPt{Cv0f)wENl%nNA;pF!Bhc5`l{8L8-=xKp65J$;(WNC4+hKEJ?Af%U{Fs>Wl z?S%N7zJ$vNQ`>dSdya?VacBluv)BR>=)h~c_-NRr=W*KJ*pZg2R0!T8O4zu`hW|7EB|U2z*) zur0>@$Pooh`x=Vt{m#JAN7#LtAxs(Yedih4aA54XX?~?~9@iF}%S$~xS_>N1jMNc?c z(v%@`ZgFBW-qWI*ImdB=<`0V-RK$M>b^ifpo+{2a&aV|0-(u#xc9K4y15H_emHlIJ zRuaEEgn!rse(TGa>_#od^?(|2(BN@O^`J24OlqZ4fU-+}GRqhw(6^;hMox=C^>?qK z4tYMgUkjBL(9Dzv)QZ-jdLFEelPD-`J<6ZOqt^V(yV31D5xo9geY7h4nWBztp$&l^ zssPA;hI;=oofJFwB4jgqO-MA1jrQFaFPl(?thres-09B-QwHAp=z{H_Ho8tEE$7!m zD9T#xq=$2H&t!s)onxzb->E9yZ}Q`s#0$rg>WuTsxZ+~QT^?c>+`!JBVA$nCUQwXb+11fwhN)4V(afk}i9G&FIo)Qaq z{f)8LQVzKyUZJ6P`zRUY|6w?I;^e2KFYlXVL3KvVn84ri=hJ6G^BT;F>v|^t%sOM77I`BNbbU!sOKK2mAFicF0MtY14s3wRE zmKFjnl_g1hj8CAOJ0DSP5@8PSYVl={lb2;eggG`)?@gMg5;etiEK;(Qo2}esq44?z zEm*$CRLKgscu{HIb0euQ^Wd?67LKabus=YhQ8g|-eFLR1GU9X{BMtgHB{oH1Pqax* zv#6{P;@+ZtI5;SnU~}v~T7$C)UN!{g4*WJnN%+`jCR>}p_JWkcd9I=8HVDW8SM0-u zefj3qMN~0;^mC-6L0Vzg=-vg=-SOU$EN)dg* zPioxkxQ7z3P}UvRo>9%Wp)%&L{Rxbc7GyB)D5(EQY3@H~#P;r!PoqzG<|;Q1d~Usx|tnnW=|GtuUbT5E56 z*eV+9qDrki!@J%w2PM?Hq#Yv*bbFAF1_c()zCc= zYpt}lpbXFZggl?exytmey;mIz#}0~oJ971-&L#v{#FK^SnzwTvw~Zr;mxmau`N)T8 zL+{?uATs1jdu1E(9SR|CSuHgh{aTq?-N<79#y)Q?A5@&$JJ)Y3pF}f)Ev?ZK=4*$> z_%u^+@*V9vs*ozo*(FA4{J>$-djwgoF=me)MD`qF)csv$5a5eNIeAcbeUcJ#f*q>@ zUI7ddDi)hz{?{#!BB_uI4jq(CqEBd^SpDg@DI%<0I@S}*4v8};P<{f$I9OET( z!A{XAwFW#%^?Zd%pJK=H4W2k{uR^oH~h;$&C`}`VNty-GFe}<+Et4>h6mO3Nqow+zRxs zrpkv^y?6gAecHTxQrw36ZBJ@`?)<;$B4A00y~eA%$)3j9<%1f z#@y_X7A5>ES#}bwZkp=qc#)5M)@@XCDK=;O*V0@{om|8~rWfrWTluE6+n(lF8Sy)G zevNzHSTS7HxEhwhba-pbmj@$yi9zl>4P^fo_&9MKS-008I$-O%fN=b)?a;&ymin|` zG;n9f9lcCjJCd=ca>e~{44;#RR{{37X#AkRev4*^Q|;?lA}jX|4c7#A(Ca~HmoXX*F%rr|`)9|mTW0>~{P5vlah^ZA#k;M-5P=5} z{CCI6!-*ePIuAYOzju1Pu&KtDG+rs2rH2W)Jms-HzCfz(u*l8o(f0=N+!@3*h0atZ z*Xg+miYuT?K_;ALrVx~noEm}!fm|tkD8?&aVT4lNi5sj|kcYT&MHEjMdPy8pTH{co zUCPMY7~Z_s<`um-DQa8LpIN_o|N9j%T+1`xGo_0z(|Dp-8|Bj&==wrg-QsyGTH}9^ zCQVy>YbYv>Alv5jC(a@vGj`H%7tYY@oxbZ~{`PWLr?0|J3z`xH{o za-JF5yn4-@$GK7OlRFE%I$9|a{&AoILcNjgR@DSwNtWE?6ua%IJbQZcz#H}QH;q0D z0fY$n3uY_G_D>idZp?=;m{ciOSJ6?|jR@zll}b^V+3I)3a4e*MPt^jL)U4dlQB})x zZ|%1~zIAvKt=DwM)r6T$_RZviM8h=WH5|o5Y04)8)2}2avP>AekD1gFpIyJ=PZY8S zMZW{ZuN6F4{LZMWeh47k=-uX0DW2;PZcsiLzK ziML7*YBtAhE`n+bo=4e=pA^ONVmlx7XYq|&i<%!k`h7VM27Dd~fiVDnp)!a{>5kf_ z?(IL(+^KH|)@}pI zYW(kK+t0v2k6!h!PCO|aHuhb4qGj;n56h@-TjQfXJ7DT;ZwjET0~~(F_gICdJBnf` zRXd9lU3$(5t4{ZlMVk&QyF2*ug33c@!)s`0}jC+n!6{qloOnk&tm+sv1k<;EFa zTXdL+1c@Oi>{aRlMq8J6HdMK@{|D<7fEqCG-go}N@Uqrj~bfG9L3j0 zfRd)yihKI!5Zg#8Rwm4zt)AwFKW?6Sc%GlKjKrc3^Ce9;`{Kqwd{<5rN9CJMlgpGJ z)=OG#7m~0EBE4V9^E|bo%Xnv(rhGwUhMMgFR(q(R&sHyQZCZ=xL9hQ&Z{S9wNbZbf z1ufemH9bEK{iie=wehx95$W8y)2qXC9j<>|Mi#e-|C8_Z8_mJTYf%7<;@lU z2sdjjt)Gu9r6WEmA|j-|Uq-K}l9heMf!~EPvfjay#CV~DT-9e;Y`Gn#W1qp!+7j2A ze`ROoqal$*44l#bUxr7tweZfUpSFqP^||bw`{v@W@z*oag~gCvVg}X$gZE3Mr)Amu zg7ms(lFJqK)08hZa>Q`jzuYT8NRt&HdkYkYbLg}8hQ2G(&rf`e#rr7}w149VSis}w zT=UR!P6L9fKe%Y6$t>mI$UX=1Id?Tv{Vt1 z9&W*qBasC>*6Q5 zqEVE#ab3aC!}bU*Pu^Y4Rwc%I zWGL=RlnFuhq@PI=_IRorN9|5rQZwwotiS`3nak=M$E^F9yD!L{kVgK^VjswcX1tl zm9}B3XNBdK`;{wXFvJWKwx*ZWjjqn<>ae+>BNjLDh3KF*athCJOrIx6&s+Q_=Z+WhUx&J1(gL3kx|am8A5Wp2 zMbzdE7530WiNwfKevLa(7M~7(yPV$d7N5+ce=cP}!{V3x-f&6*3N#&7mVxBi=Xd`1 z73cS2*ZhpQ@3_Nyz?N;`2GK8VyW*BpvL5-jTY-~?z_Pcu{IlCFAAQ8hS=Ld<+H`K} zcJDCMMim zM)=bHqC>|$TjWmI4&l^6pg;eICxY=4?qz1x(!uADwNefHW+Ovqpa)}0?8Q7{UoYbW zesmB|4Oti{ZvcxULxTV+f$zxFlMj8&_&Z(APyLFI-xa~+XpZbn;sR)ijry~cNJ5CpEZapofVO9_Jq8=1=g3Q@O zG{fT4P&zX}Hf^xga*~sM0RwN@jhFZ_&iK9F7K$kn#tzepw|Df|i>XSdI4L`?d6LPp zNL* zt57fg00nw}2MIy3w1r$9kkDwdM>fk$b2CSHA7isaQRqlyq229*<#_Uxl`e<-PjCur*(`jJQqk1U#?5JuVj^-E5me{j zSOgQlHz)A@iO7CiRHei8_^Uv~3Y#ckFG}SXZq~hTVgmyIOu34B+qJR%fwAU^`+2EB zDL^o%H?YyMYvzJq+nH!S6a(EH=IRK|oJ`kBz*);4N$7e(b5EMfJ%K>{ScG^WncF~$ z%)&4aQ8D;(41IZI(S#O*bZw(0I-7jX5HW(@QgA?`Xd$$+iTDcM#L4XHS8|GpE^l_H z#`wYHZkE0alFEq=A)wg9D>Z~+f^G7Rsrx)A!`8p(9Z~(pRdq}PSqAkl&hmtuy>Z=O z#9MfGB=}ZHmVA(5@QZI*Lt=j@dp8BD#C;w=dBDmKt<#VAJY(yi$m)tGF%lqVVPcNg zXFO&=0B0jCp8_RqVKK~o+Hd{-rYVfE1DF`68`6cL*RjnK5KIvkxDp2D+`=QqQjRG1 zX(cF?WI>E7!REb13FYsyx?{^!SX`Rh9pmHqCr*^ZAyP8>_AQfkW`&qq9tCR9#Fw7Y zGenRdMy&yTXZ&{0t}Ay<&?9H-3_YKL5>6-@0K$Y~{kpE}`R8_l2n7~A^7u5zW6x!M zCcER%^BASyr1vk^AIE`BboNT$$2AT)V#jgFiGaj51$8?ns%q(Ji&+S7Xhvo;3rNMRe)s<3#86-^F>_xp7`QUlB>J?&hA zg+=VQrI?jV5sk8w+}^Z%tmp`@#exYbm&ci3s!19$3V#;ot@Yz)LaHrki{HC;i~Enes@N90YUspH`7 zv7_C_wQl8-6BjB@CKg73WTJ$SB=yfY9L~zxRJs9#KaQKc4tMK$&MVc|WNbQ1KZnd> z_swtHxJ2qbzyIC2Df+Q*W_3^17D1mxTsM8ha0z3b6ZHl(*f>O23A{Y#ASMREACHYO zZ7N@+f-6SSEBXkjNUo+I~PgV}d=%^ySx!H61S##4sIQP-ERwD)Fb+ z{&d#wL&?L50>C_PUJXH{pQt(mTOzVfwHm>isP?+JhPJ&w)HNbx2&#?D(j@V~Qy;8N zd=O<3{DG&`so$Hm6y0XBs4=s#B}qHXC*uXbK{&L;xv4qvh&|G0w?QL^iy0P*0m1I} z(C(LZ;fu75wS@QQThPPb5Ay>idnajk$C2^Nnaln4AirqbsIxyF;rat3d)uYj%U0W7 z%V{2{e1XT2gedQ=WHMZXIb?z?C|dm1TND=77DQ)EPOJ&izRgb3(MW+`*i!LM0`(|F zC1Vwqs!M|M3bldTY~~DJ+DHd^#eL`>bD0_2!SQ$qZg4#u8hl6s?!YwfY4uEeCoK_4 zc28HV&@1oPZ{epMQ}{`Y0E*Nm0!3DJ?UIuO3X9W%!k!YpOq#SHU$!SiBI80f|6fL& z`Ss$GcvXTW`0^69LI`x<&?l;=qy;C>uxwFb9}UX8>Ack*gAZ$IMdX z$l%>)lDbPMd~G)$s&NhG4^}A~B@4hJ1jj{YIp59!+2Xz0PfKEzQlU#817Eb=sb__I z5jRhhcqoT2sQ4Rs7)^pS!>I{N8guGcG8B9ztHBj7fJMXhuOsVLp2sZBNpk`0fl(6~ zu6AMWFONgb?1RMvA+wN%IOq_2pli!Vz*>LsBdJ!?ZwwrVO8SXtgQQJM=80}fwz)WQ z6WHx8)^+)szyA5N$P2wSh3y2y>rrqE^UT=yeZ@uJ9WmeQat;DUaMp?C9JJm7!I zHB3~0D$OpXLx>ROpW~-tjyIw(JZM{a2S`e7L(~$k>&siL>#dV05s@=m=G}TRKCWHF ztthRnlbQ!qcK(>ZltV7|G=Cd#$T{HcnB#e6*mis+PGK%X)0rc4A>!Tdo$F!8iRCf* z7B-XSn{!NHKAbbl@do3GoNjs0(jB%-A`O9@40Xph_XLre8JHeL1JZ`$9{5tdQJ7@4 zU+z;iHsuj|JQWJenniec=O)L)!r6GdjTFg~&>>Gc6sTHAtl4MvrChU~DBqBoap5?C zl&ZgE)^TBrn@ITX5;l9AIv;k%M=$rT&o>iaFI*lbDL29<->+QHyJq&g zzOLz0oD_q(uQ~7A?@B&B+W9>{wTy4|{U#6EboOMRHaI{s868pOPr2M5rXa1V32hk5 z6?F={p!9UOtO?aGx9psE8D3l|Pz`F@geuhu#V?-l_rBY}k?^VL<2V7hFY8@xq$NR1 zJO&nf!g1zvIfxE9TOjY$CHR8A=cN3hSHEq|6@o({h1^B^42|!wC!sW3{$0nNPDBU#iEswBk`acxMy1A13*QZ?%~(FqaRmMcXT2-Vx`O=a1nl57HsJp zI^i3$%MFgLId^V3b8^vGbWvlOzmMA-0rGW5WZ}P1sS$D- z=%Oy-4x*6(9t>Zu9WV=PO#H-M7Wok7KZ%jS8ydxYV+dXWC#tI2e331r$*dJf8^{~Q z8u^m%faelvmGH*J7+-X{O6F*9MEU7z#pTmEDM^jRTO5HVOGU44&yPURc7AL@^8mX( zVc#L6?;9O;@(OfQZh=-bvjz=8Lw_-E)$->chx3)N57GnX`g>>hmj6a8#k>F6_`@HQ z^P#q`fPi%X!F0y^HQdXQ!z5%++@JdG>IdN_rb!@Qz*Fmwe}HpwlJ_S_=w%{G-EXb~eVmyo^Ja1}77C2WH056+t}rdsP%TI6jv(_+lPn(+s;$vRIUy zUS7IzgMo7E0hO#ohKNO635D>3-=wn!00TD84;o|&K|9I{kBDV(G% z63wCgLh@K+L@k|sbthdr$YCc^?RU;o;9F7_vgd_eE#$>lFND(P94Ox4DgV}D3v~G# z#aitbKm0YOXUzMN>A9c?DX_x~Up=?bcrxi%R<25`;Lp2jPN#Dq|5`J4#d3&>|Amig zDoh*3Azl^wA|Dzxppf2G7%$V|@c0!Dix6>|eG9%9U;12Te0?5`HNS>-$zZvVC zgAab$<#zj=xzsuCS?@Z-h!J%ml>v^C@{Z11c_Sy*dfuJke1X5F0=p?)t`4j}O2ked zqEJt^yQOD|0Oo+V|0R4-tQicgui70tnrrTE6W@=N-+h-3X%p`t#tY~+x`RMSWqpRrfu4aJD+YpXkQkV?y$}CZ|znO9RD#Apu*ovju z58v_{Cw*Ws{>#nRRjYM`N3F*#a;SC77VxhEO>`uL5k*$Syi#eTg@_<_n z!VQGnv-fx|qm=4n1S#s$kq}5z z$EvP~D()3{?v{!EiHT4m(1Y9)eDFT;ysA%ny*PZZT*MEAI!-Hfc6P)&;k!FLnV5N^ z#GhP-wzny}i5A|@tXlqsWNf{hcLa&OaL8}!F|hV+Ax`wYEP-qtlvSOuDe8kRlJPaw z7Sp|*4{ggShQ<;ID1O^`f<`q$7-$OeNYXr+L#a<=YnJ#d13DWpC6T5>xv30%pyUYj zdqW-5V3*{2m2F+Pwjy4OciN{mDc{q|cYUL3*r^cPM5Ct)T7MWkS!7c(cP8gEhJzffpej4XXkv*TRbj?(P;WsO zJQ25C1XIFLuJuaiEm4I*eOy;id7l@VTKW$oHZPnLR~sW+5Yy26~HR9rS2nw{M)x=)5jc31i9PAKmM~#S+N!$Xrq35x_ zg{XREvGGDLP88I*bs4#XsdrTZDdlq5x!>cQ?QeV12U|)`Q_?n!{kGs0<2onbaW*fJ zkQ%?&p~JIN|I&G1qmR|K0v2ZPI*Q?GzP-CF>wfcRHE9^cyi)7V0JzqDf&P0C&~AH% zq3?HswfyrdW>C}-5aSz_S&i$)L+4-0VEanEWm+ONfV`EguSk9 z8~T)HX;o%jaG|p1dQrIt$cuxqI|>?1xb(R-yl2c_8-!RV7Wj*v-2*@PM2_ zQLXFp0F;+Co^j{Ci-D04r+|?XN)=)XBQp>N4M$595EDa$r4|B*{Rc)VHHQar$W8E| zV~g*6;@e^M{k?p6^;uS@@MgkJfr(iE_{7c4ji!#4m;dqa0}ouOh-j*KbsYo4!wfk2 z^FBQWwUc3j>8bhn%i^aMaCIg{<#l1O?_p&18@+no@{viHHU9a=kM(xjGicn+=TD%GTZ9gfQ);52V`n&8g~O*jj|(v^g=z>3s11oE>ZCU&>LN z`~FQXQ7&=2m>z1c`YBxNIh4u+sU?uN%m{E*jVZ)7ORBq_-NPkKwxDO$k-29+a2b!oKVr0+J`1e`MSURt+h-Ojpm zwq@qK)JJY!8e;A*Pciw`D7;8hRT!y6$ok(m8BPjcJFdI;Mcs9)A!sNVD}ESCH1t~Z z;qrDp(YHQsx8i#OdcuQ+G0qlN%m+pwzfvZDVZ5zACFF&bk}mU zT!o6A~9gWrqNVsxse_lq^qN!h5 zIBP3#5Z<;L7xm1PmK$-S>!poW#3#>^@GGa(JbG}-^2 z+l@G`-$3Cq<{~9+z+N%3e}Ub4dK(nbu7oDMDnDqNx|o`z3VS?^;?00e!$a$Qh+C2R zyJSAaG;-3G6+2bRDdI|xZ?p})CkAaK=dv4$RwtG50cVaF({6I*fvp>9&i^T#+kNQ} z6A&!$g`m$>JnuK!IXhnP^jE(JmuLgWaO^eYJx($rP=kQdP-DBcYG6w0|eG ziBJs}jh>oLx062Sn`8t#)z&$jEY4Y)rew^U>%VFOsfT7gcpOf7v$(pfy>f0Ym}j#S zQK{k8?yewcX%t=2Zp!8C3P~BpebL>vzvag|nppY*U;#)-AJb&H_mZOL%8(+?1XmKm zTJnz*x`6Na!%>EMvZQ!6&PbX76?>I>^YUKY1xIjn0znf52 zsN|(&R}>gK6bilINpEAUOZ0h9#jY{d!`-zXk@_0NN~tZGkrss04%rSXnzDFp);jn> zfLyU??ck)Igz4xips}+TzyH;d#4=EmsrF&4NAx2ofVlt;ieOnpV`D4M{>~NHb3%Vi z94he1eTKg^ptf>kGBVia?+X_^@zOJ+pLz9#U;O8>r}&k(7DOk++`ho7vt=Lm9uyT7 zY~(s#_F}%li`~W&7;nJ@kx3+x#QPHYd=V{e%^;#BA4%4fRDmRtNMZ{|KW6UQ77mn| zyK?#9__+($uQ>IbN099)zN`Jz)TZ#KKOQ7TY*))~E?$R4YdgTgwW%n5NTbG!BZGE#VSz_2Y;Fxng9D2HkBhOA@#00%;+$POa$&A<}fpe6DuCjao?T2CNoX$vs zNW%j=dWs-HVCKe;Vg+XA!m?EzM>RC}uKvNLZvp^{#Xt$MG{{zoBNgbVt4ZPeU)vc^ z&s@nb&0dGzd=S0r>W2%tjrcg#A4pZll(|ro6jtr$E@Rbz#SDrfYGVxsq@y-wXOJaC zdC0+$1>4RbjZiuZL#Do(?_hNG79k}glNJz;7dA6*dX`22EQ1m+?GW-Pl{RS=l!5K$ zUm_~E7^3X=GXrfs1uR(Ijz8S}HctD^6ZqO+p2DB*nTm8juj3zoIR=v-`y$rO{5oEH z?6dgx*}LF?eTHFRzY2sV5@p7B!8;xLQ3=?NLwXnDtA_-UTB#ApsJ||4M3G)7Dn%kY z6D7UAkKTe0j|dg%lw%X1tWkugq{T)JEGPuoA_lTe1vT}&wzdM5=`Ux@lx7SE2~wxe`5s%K9qWwfUOv3)Km>dWpbr1j@b zxm8s8$oG0^Tv3feKDwHuy|EIR+F~SYZDg_m(f&y~aMQIAv6H=AMk(o3gYXz*wk5g_ zNGVJE84fLiSd(nY97(jRb|tlsI!9o+QF6L|+SGRrVQW1yalaPqd{{gB56#Uv|Kw)?d~K$!f%NVKf0j_$)vM(renv|?=*5Ui7knzm?@X{s`FmEnXi zaj6Tzbw19}#~cLD6XE1TEa7%ov`(%F4wK@hQ^0A5jKlm@?RaZ`GlHUzV!nugr3Kx(i3WHKU>V%=4Z?As@V}o3pyQG=6l!UbN34!!UDovz)$Uy-p4pRpmw0 z+K!q{L2l#CNs+{5k|hFW2#+v+PeT789zX(>HH7MZ0sBS$4kFYbnB| zpJCaz(upW4H;vo&8|7)liMi7b;Az= z)h(? znaY%GR4vOT%4#a-+ElI%xFpR5m~7~wRx~@w98Ej&rNq*v4on!_AC>7;#D7>s7T1LN z7KCn)p0#`lzfXXzn%Q`tlK_OLV7M?=9OixfFy7}v!)FVwJu0o7PG3PzVp+3|bgpgo z$enxy=DKL!%wq?KkZGtdz$^i2)umfNVKl4E2-VC zs=VC94G@BCV;kbG+;HoBP$UOpJKovm>P85UUt5S6s}X75v)cg>WD|=ri3k&iu_@8p z6OmGB3!N`pf3KHHMe2S@-9hNguI78By{=Vc2qzyn4%3&c$Be}-$QOJR@&N*7^yUMs zZ0x{yzPzX2kxu@|ZZgOK0T&U-0;J5r4|-87W^uvK?nY-@JC4|WkiDJ_s?8vsCNT52 zlM%wUAI!X(nSZ!&`I0lAe)(0t;->r2*wTT>>>8C;$c_6`Z|cg>%{;XF(2K1TVx7c? zGn$&)v;`@5d=!6w0<@DzB8e?|vnQmKg>4XCF6rpXAM^5St2)oQ@HzMe`L6Ev`t?ua z%u^@g=;OwS#Vu|8%ItM0%i?4R2_uRz>!;}~FE&Yw0tpTn9Zf(`P~dLeVjpXlI`#{$ zAhyJ-(*cxvB)H#BgRyi~FS>f7P_(nhMw(_Y02j(wl2|YiO*B-3<+RVJ zh~_m@0Dwb?%|^RT;dTVq8X(-i)Jxn$SRq3QLmHedAKmyWF1qD)ytT3kXPmhUJ#y!#G3S*tao??< z#0kfY#l-FVBb9ld20tZAa#8lTtFjUnP)RL6Wl0!&&~CK0qi3Ufs`vzg9|Xwu<|D6l z_ZHv@fmBK*9uz>Ryw>V$p*?Yh5H@!uDfzB`9X3guc{;FP6;eW=q4k3yASuZx;P_|9 z(E@GCkT?PW%bvhectECIDLC5Fk;Ag}9q2bG<0KK&N^TC5@p(d6&`g4m7DhoYkV*-7 z9zl2jc{(ww2ygqtYXU_rgJRboa>ydb6t^W7*(mc|mU+#wlL(Vi3PUSP6INPFi|~=l zrqu*3h3@B;fLh6~+Yq8japPx{&2k3!;U;r*&nv0C6T%CvQ|!MHXwQyQ3x`P~o&MXv zZx2zcCke+-+iB5+Xx+3{SNazPKG5A!fnqUwt+&?)(n+fO=pc-BiLxFERpuq<*<1%4 zGqW&ZrYWYdFv7V6p_Tn`l8x&76p$U1nu#-V6#eAPCXwD(WFmtA&r5;1v?|)`Cc}Er zs}*ZuqR8q>4<{cq4pSDc$K2(u$QSY`76Ytl?#9?L{dw5XY5;-ufe$p)E<$oqtFnDa zSx^r@hr1q_f|p;Pi<9;n4jB|8=WXAKgD`P)|G!nFy@Qic!iNNt5&RvUPUH)-<^et~Z6ZQ8mA@V@OMi6l0OwIG}AMRjF00Id5cmO%ov zlSm?oEp>yJCZgOn3@>N2cI1wI=Edc`-}&i_2z>dj_ETG%#;1?l4riP(iCScqA9-U5 zfB5=g5 zYq7x)!%c|hB>w{9f^qnPgb;*&)fF4}f&}1IO4N;&@G4|fQLX)dNeHXTw*Ru!zo*R2 zodckJ3Cv#Ait8Vni;Hf44S#uPI(ob!&iU$Yc=Fzp@aWwq;ry@fhFy0agiM9^&ic45 zIiS%$AqW_q*&^Dzi)iaCV0BXuW-MsN3vVpP15eM#)wjR0@(;iMFP{1Di+E}NDssPh zQ`W@)tfD{M;1I$8MH%QmdIZPr-`h>C52Svd$S;Z?^nRW;lEnPITSni4l za&3O76c9(`?P2M1^nw%t=Owlk`r#4a=RA0kPK>pEM+jh*Jxl08?k4XfjwO_gHx@@l zOdxC7WkEFSB!?VcLrM2Nkz{Z>>81-|+yu2{mDBoIH^rT)WRo%pBF(;~U3IWw=EXXr zqP-7saxjDdn};LEs^7 z74QB=lPHqOtP;>rn;Eqg9!}bSG~SrkjQPvkk_h(5YkwkbO-`LcGA%jPNne!jT zGDv`S5=kVn1@G}BZ{t7Ujpo+u@ee<_)W6^tuOjf@-Os72PT{ZvM&P`2cc+S>X?fQx z^U>>v&ck+yNE}I)6)-_cQpIXReihs>q{@mmScv{U?@MY+IszFCprH3DU zb!Ter?Zr(`EP%hMbx1@9!RovN4_7zX6_~4 z%rWm;1Lp-1`c;*;38hHpGoXGK!pKkfs2Nqp@0FZ{YEqVZY8$LUr2K55Z5!5g zde-Sh<5CLWH;T-fiZoigI?&Pm!I|d_HNK9uPMPylV$)DM;}f3aGLV8OR9d^fs?tCX zR&8x*a|al};Qm$7uD}S7WeAU%6~tpFxgP5RC+oW%&TCp+XjmkL2__>NXfhLRh^S-* z!bvvQ=Q!$cY=Ck2T(Gjy5TyDMVfqL}9YDg#y}lntCNnKa&I_{*EL5IQ44pTBl5RnQ(`95EHtM`!bo9! zjLbPTlQNzFd!fY%P{vJ0mm`z9rm~cf0pK&Et}2BS_8pDMa~m;xc`NeL$DTXaYh|`l zXR9R18g5J9CV-Sd0l921zW(C}u-mw546cdhG_WZo7#KUG3Zv^QF?>+<+Qd)$Lvvr~ z1NhIIGv5Bnc|ZTzFJ!Epyf;;Gx$6>dad7-@4{fVm%-^36C6UAjDhdT3GiS}hZoBUB zku8G+XeW_G5}W_Nf{55;xZ1`;O8HV_bJubAJ-X2U-p^lo*HAl^A?&f+U|f9uUSj9H z>T%1{vt>s%Z<90{VHHC;<4Q{>C8YH{RzM(->Ne!oFVmwelL(p zOEkBI%A&Tepqq%+CN(=!FP7%B{&z0A{H--hR&~LHN=)d>FySV263&sss_?~=w!@-^ zR{r-(OR#~gJ$TA(k8Z)v4m(52x6A5%P7`}*C)w9 zE*~J17O2R0C3Ya?qH~47`WXVB^!D@y&HHXY6kk7fH(c`hL-5pgQY%8Q>$Uveh zlSW%_4ufi{;QK+CfKV8_5e;UoYS(dSFt9XY6A;Qw1sLfxA)OZJ&V2xYb_{rhmOU|$ zxS^3dJN>fD7`V)5VhI6FK2|p`YrY`Smd&F&lSci3Ds@z(l+r8&m^^qXm0S_p*2MsH zK?DK7bJfhkQ5kCzNM7iD4o6V!s%>MG*&*T-+a_9$@z<2!F_-R7PjbkJkBhrq>4Wuy ztm@hTa=qronNaY+k%!QVU^2;)nPOR%VMW8zv0RG4Z9S()D76KHEuwIO&?c#kd1^=N ziDNUu&h@#3s8giVrAP`-*LuY9ERpdVsB>pXyYQv7|8_s;mPJW%8SowgekyHN(a$;) zTSUUH24Fo?A|v%f?ID1f0tx{&!%W(k?^Er=)8|hRkP@lrbq-OeEp>U5{(XAAoVo@E zjN0lHj^BGE-d?;ONC{L{2s=ToJW2yF0!SI?YmW~Z6d?TquDSJ16mvO@7$mU1v!Ktb zb1s6g>o{!pVJP_0W9Hu`cT^vaVCGH$lY8^IuGimQV6P|cDhHIkwv@ZZlu1b}H<2jI z_UaMgn>IN>?{ue|`3572B;KFM7mJuVYZ`9&=M|@aRLdX%+DRml#Fn_J z;}6;Id9I)8MPZ$a+c7rpqdp*9gPdUP#*{GGjU(ka`E+n%4xYg@Bwxj0agjH*|Qq>!z%`&%BxU5=l$%76GO#cXmiXW7Iz4SSkt{`BC{#hkAy^FCdJ6c!blFin&WwB^o8~W8% zAT5Mrz@Q!};WR^C=~AQ~25OT>w!DoWaon;a^hb_AD6|ja5RzN_7>YP?^ue;JWS^=n zs0*6036TawQ~3Kt33_y|e9CLul!}a)WOD>u#&HQ*|7mg(;<|p%u?da7u8{_6>$c5~ z-#R1g5F=`Sio%!plrj^S^z+QoB$<*N4{$1ngUa9?Q66yFYl6FY&H>r3lAPS6rG$vz zy4gDZ%^{Q4{gU+16J-Dne5J}Z{@H<#RcqRC-=p*K zgU^q`F$WC7vZhWvGi@DKHf7P)Q$$ZbKp~JQ6eO~R0Nr^X`|mUe18OoCWzyp7$sN^) zX1uTfK>If?{>2Gv*0rr8qB3hVV)<=0*=6Lt4z0NSgzHw3S=0OSk$3*#1V$&ZZAE8C z7OU4R0};*qsFneJ$hcDyNhFcP77HQ7!2|nOJa*g>6Z+lyx1*4*c=vOHGGILQ!fO2K zuT%N(UB=L^V+R5Z1dgAkQg*137c(PZhA$=jVi7DAXq1u>NCvUgOJNy-jDpR`N_uCl zGilkcNy5~f^YPf!75MHK#^AZBE%?k~!%$l-aM3jjr%zeXafp<%C#eOoiztz(u1wu} z&|X77|MyGw%Ru|8ddhV(GEVS|5`VgR9#*f);hJwBgsKVw?(61RhVV)OAXN_n=_CoY z;KO*Ub0j&Xbe5)THx#Snmr~&$DJ25Q2z&`YFbXuaT_7cj#Q;GdA*D_Zsg-PQa!TKr z=IHwNz?*BZwzU^O`|KXral%lYsFK_=ix?9#a|qc;p{p=4q)^KSv?80OL{HAgyftmO z?U{L4+1Q0~qx<2!Z|;Tt_a1`b!)mtp0F60plPtqWASLpJBG#?zMORk=YZ|&Sd0I2x zn%s%Ct)1x26+lGz*mfiEg@bm%i2ik`Od0=T=a>U3`y1FX9JYz(j5?E9gMQXYJf*cJ zQnm<$pjc40IAF*ifRw7gAYxQz(ikyx5dQh{T+CY2j8_({!NGfu$M$0eK?s#(FqIPU zgojL8Af57%P6?zv4=ImA|7m6?@t=lmCSfE2|9x&A<}7N)+#4@KWkqT$&<1C`%Iy5< zSdK84^q++2$_vwu$T=6V$y25M8#YgYsw2?-w1DcjA*F6d0cI|5#ksdVjol^=#wYe3 zZLM1rpjHzJUW(um!Se{70MedNe+vQO32T8N$Vpl#L)vSBJhY0K;Xq!e9BkVRCtJB> z8z-@_wc!XUXt*1be3q;wQ2mg5GD|jI0tPL1ZNfRWkjSeBTt{cW@-kCHO2H*;ccz4^+8w)2gaLaQhJDh&f_=6KUzuR0Q zqCVfYy*V4%^Y8ppM%drFAiK|d6^RfevkSVTl-=Sw$1){?&6uP0OiC1`+kb_tBkZIl z%P=t~hm-ki`#IAlrM*U)N!TEe2xL&E4-Jpn{0w7v!eBj#=Ya{BvA6{dSsxc&us@DE zWVE_I25cv9rPRNpAn~=IJcFUN5@#JV1OQN!j5p_Y;lAe@czs8Kibbh^8{q5vHdDTZ zqR+*Eck=@|H@U0&P>dC7nE8@9&pbJ1+~~olR-{uYl{Q<1Uh;%k`!S8#NrX$K>4-@X zBK~rbPQ!UFocE%$?lERtZXZrxLM0tj>1T<`FyX#ZDaXD~l)bSo|5=J0*+w|D^MdFL zR8yI!?-gh#Ks<@}H(q;vF23}YGq8N+!qHO7H3`s8B8eoDNMd6*svqlLSMk&#`;Q)c z&ke_+y5_w>nfVLa@xx!e!sF`t(cycH22nUbGr%g)$}OKI0zW{}_W=p(Z|nkXNaZ0+ z27)q0A%*kY5yL`&@XV~W7&t)iS5F>J4?N$5qxP*wCQbO&KNdgx=DfC}le6C^)UF!X zui}-nPTqd+^S`u{O&%sF3VQ&ctGkFF|7jX_88rky{_JjLLAC-Nr64nqjkuPNxQz`KIg48JH5a0s*&=vMX3_t_>Qg_LU2MOUK09GeA#z+JB_ z2LOEUQ@djP*dY)x-)jT3SxW5%%wgg>?Q0rtCp7c}+Ix$*>)8c(VdffC*Q9XHS-a!J zBgbLPm|7>X=KG*HVuqAJZ*LJz&An)A&*SAc*5Qdq)?r0c2YPcpJOT#RR$__ynIbBezf2i-2v4%klc*ljrk+N^<` zl!0x$Y-RO~Lg3@&`D^gq+n&YAN9=&z#t*i>!X5#_6G&;GEkG(cq#y;f1;HavEArI@ z2H90Q9MLkv@$Cki%S;q#!-d$^vNUHKa^y(G?hh;~gwzcy@I1fx92SO`yZdKcw6G;w_&m5yLT6bc{ zYdrL)77z&R>W&bYgGqk|j(v~$J!FA;Dfo9_wul043%di3lwrJ`lq)ayc|_sd$LE2l zx41bjI{_;tq;5NGCxpV)KH(&7I6*6IyF%EmSlaJ0`;iRDz=xEfcfE}Fxq7lqa(E7{ zw+sY)DY33Ki}}qxIQQ&5aq_X-DKUYb#FR3C^choTG~pMQPsZ=QF&35SQh)Kbt^gg~ zMHGtaxC6=XJVI@yhk^Z4xZ{bncx7gL>#C;gcx_ve#I}E5c*@w(WAm3fwjrP$f4>w)CqO#^+DUx)gPHNvGgI)xpZoxG=1om& zFaM7on@Ord5=kVH#HNRoa#}}M{-76MU%B#xGyaFR*7xQIJ87o@xbwPWsZiz1hu&O* zq916VN42avFtz~wust_G*anQxj~)=tl`rCaDWy9t#CWWvc_)w{Ps6-;dL*elO*o`=cnC$f156*2&t*XOWkNe6DdXCXfMsmJm0!~Tn-Pk97iKKFS%`{;V?KVdX} zdFr9~>p4f`U*G*SZusU2`0=L?z=OCT%RNFzItzbg6tWiX^w0A-fp|?;(T}5VDHkU_hPtFbo zBmUTev~2()wj#nfuLEFq$n4e{iE(f4@+!+aT4N;?TL!(_-nIWv@ax<*$SPfRwEGB`}E zXpYO|k%*jgyDJ&x7}ifl?T0wZfH-Ee!4&n`j-epcziDXfPIz!+lG#iK$gqERuH2D4 z2Ku)I&I%cJCSlAmN*883Nh}$x6vld%yaZ-D_XOp-DPtjG%afyUs$7+emrdx7r6w#% zkYgcYl;wHP6&6)E;VR?|6ZVl|v3 zV7+o7B^aXyS7V1k)wuG;skq^e*?MJ*4=H`HAE4+L@#h=g#uttqSpu_7$qcIVFn&ZO zb{boSN#m-p>-cI+8e4@?Lo=wZ6!_YwM`PlcszJjCRX!zzNF{ew9}1xT_{!C*Ml`MO zUIwE2s>)Oc30n5ZbFa%MUz(2Yo?IVEzEOHD>1(S^6(xR9wTt4N-@6gElz-d@b)QKj z(RUOJMJ!sp9OJi}h>t4F?z1aNB8eoDNMZwUOUgyvJ;nXsoW6GICr)`FziL(Yd)nWC zff-zP`Qc)pgNNdQDNDJdrw}gn)=DTzfUniskvmj9ke6%*V&uN8IVpjo_$o30oxY?U ztJ}Kx{4b8B%CvGb9X+H99X&p>c^^VxadOr-9Bpm>^6swuS1-F^cD}7Wuci`YIB8(h zPf3Z1<7)AR6UX54d#9s2>syG;WxTCr;3NW~&^we|m~Cj6@c`AZ#0r3NaGy{8A}l8Tv6g)#Vi405drM+?Tlx)z2L=ZyrX!R zdK-2!dRnj@Sr6cNqK9)6IvHT}yWO@)8%&NIncV&qWN% zJ9W`adc@Xc*q=}3(jbs~ZO}E-SZ_F@Y>vQWvc=3?%Esb7sniwMPrft( zg9l`GVCKt&5D6LE_Qwf%0B@ZC%RkKkGZ9f$QOdzTzVw&hxc$C|_`i?8Qo@>vXfx91 zEk&_6<9_7_wWus9`$*{E*bdwUuU47SA$E=`dDx751xxaF)WgRN77aYr_50mSc~x zgWr1S?IqtHSXVja^keoybxj&6PkCmiQ`&CCQ#Kc#=P*|%DJJXWloq5BFlR|KZhLG7 zZu#+9IC`%MTc?r68k+UGcP&M9r7(F6LjQRugO|2Ku&)In$TqeIu(mJC7K(L;9ydc%cYfUl_!*aZ&lSKHC}wP0uRmYj(ifT^F91x&|j5 zJs!XR$vzMQ_~E6KvB&mx*l+ukU3v6w(O`3%kMCVMcU41c?$^xx&ocL%6&jQ#u`NIr zqWVlaeQo2k*FIBQl}R%r7_`?X_U`WPsQK&(pLu=ssL}Z1Nyp;jyHALDYZFSXLc-^z zKHB9hN1Xk*edT+$94YsicWF7&mqNSj@u4KiF8buqiQPyNAB|YOrWq%m@;S_$^~UbZ zJo_WdW0I)}^s|y-YQ3w3+>1h=vw1QJ0}oRVkE_HTN+HduNgB z4ba`~Af3`} zQIs1esqYqoti4Dkod)1-0OK3Qv_LwQ!k__l7&>$ys;erIPNz^;TLmEmBr^tP(#ZP( zDm|}@nP;SghXpH}6(rR^(Ew9rhf!)PVgp$yfJh*lD|{f@D9u_pTW4qz~v?5+X%M>|P&DoEqZC^~CBjLc> zm}7@IUuwr3NjgYw)fLXiD4d`$=U%w4+aJOuT)EHT208f&-JEC6m)cx~6n(_=oQ1FJ z>!VXZ?E1)%BRdx1Q*D18_KRFbaZhf_NT=_msP%}O43VAoSyI;=YY>Lxf$x^5$Jqbm z^%yw3C)$=Hs`99}uC+er(ALD%TWNLMh#ae3GbGDE>qzd0ST91h`bTX3B@6(L!g68j zxjKnbhT94dJW@#*)lXulPLMthV{;^QJr+7qs@7tYu~Z@m;ep80E0`Pwwmulo^P-~v z@Js-1(pQ8c0<*NiH18co)Z&DFM&W@c7vs(c7o)8sk9AF1d~9OPJAm1u&%S!_fD}G= z#E3Bi>(bv4LL3nJln^5l5!yBvt%YK7&Af%H))Ns0lD)c$>fr$1xbN`?KlayuTz%oA z&%G+A&RQ0#v-?suZ1hSNAE3OO{owtzC)sF|q1ay^WMG`Y>?Gd*Shubfz1eO6_()rW zCO|uhB$7ztz1)vUStOzh8=JfS?+f32r1AP&=i(2Ukb-`MmG^qv`erW_mTka5{JQ`ejEJ#%@GvI3b;Zfb~#! zR%J_PFk}^a9J8V!iRyakEU^!Cc1NA8ksV6n`nH;5Vzt~m4m}8fA25nOLy%I8hDW17 zwha8}Yarx`0d9L{5q^5x+dO>7QMltDU&h&A*bB9_6)3e7@$g=4Mv8ffb?bWY$E)9- zf7me(;nSaa9PQaWe)yRKapgCT$M;V@03RDa3_}OhAmxP?4aUYnMDi_BOx>gCq9B3l z>S~M{GXgv9yaOigygkN_8-+oG2cWXL5~)n8B%c!-`vMER2xS=wBLZC&?4Sr(q>YSG zGwC!24(x~O>I#tXFlb;uh*Sy#t16H$`VhpO%v@}0@Ba3TMGcTr!t;bqP{;_aZ55cZ zzks69(>Pmbo{5?&^}Dl$t!VWZ^A2{O6Gap4u{#s!7G%sX+4{h{P&smX9V-cno(;*s zs^)HV=kn;^F9V|t6&6UVhpCG8b(p`&!b9P-45MUr>x4yprtOPZQxef+!4cnZ&4;a> zNxU40N~WDQrKP%%LhAAmKuO0bC|r|a2QciYx^4eRF+Xm{e#AX5WTu^@nhZ7xRqZ)u zofwi!S+}k?#EuF&?vMiBASAM7>Q<|O(9`B2RUz%?Y_IPq<;x{A$mbM>uvH|aJ=nX1%q zy@F{55&iGCfBnPHF1zMN{?~t>iL9F00!Q*#I#69x2WD>k zD3?V7w3A38i6q`*NGX|_uWjqdeeU8*Us`hh&t5?xAH1i1R#tiV+F3h`Z+&MMEX}s_ z)Kx85(cFz*pHU37FE(5Br6saKWSMO^>{Vc_w-{jR;%2-_cFRn&!6N@Bie_)0=vFi+$zf1OV)_+d%9(sUKZ_-;A;e zwIVuDcVJCAwWA%B%ZNpSdXFGwG+7r2U@6cri_o)PqGcgr^>k-D8P1y+*dPJ0Rvr7U zPbx}Rn)-pVJ~7F>{J<;&mv&<}Y3b|p8gSmVuVQT>g}ZP07G3<=TN-!3!ZwCp&u=*Nf zZ5^(Rpy+CGnB<$LT;Vnsig+g51qFg4_Sr5>jkhW@QQ-nl^FbC4d9x~U=X)rs9;O&K zun9P=`ju^&llDFqPGVaR3=eGEnSc_RyK6r@gmVN6`fK&H-7ncbkz@UqfwO8=MYPN; z8IH-%qad22pCd=*AL)3V79F!>iP+cxc7NEo1k!$S;$C9O84{wOc*`58b|Ct439jq0&h-l!fP{H z(A@5CGV9yWc2yOGb50mDX1_@TjsmbfGw;XDQcBsB++A&xvEcQ$-(1tvn}?K)lt>TL z?U0#yIe_aPe(K@lr_G$h|G4`JEMDFivkH6%wTQRSh4Ld2w3R-aL=x{Va=iu2p1Tmc zP1@@tUls|_P9ljUlGsckrF^-gGk?gf_so3psM8+mXlQ(I9GD2$b>~62{5J>Cx4*M1 zhEJ-I%d%aVys`nWEnbIt>pFO4Qx7_Nis;S<=*b7@$raI)3((P1z_NxeENJZDw^y&n z%ZnTE#)@VPA6F?aJZC4`fA@Nj5IV6KfxJ+)r_>{ani>zQ8gkDtb0Imq@ATZ!gG*L* z-hc65X0*qb3CER-=YMG;mNs=@^4#@mNw)Ja&@z&UOFyL4i@c>Qu^e&z)1_-W!wLj6 z&t=TI8<_VPkZp;52b3qNbeFMfZ)lC2BnPZ`#CBmkV!zwQG9tr>m#EamKfwy6LMIJayi~Pb~V> zjCoC8W#$(F%$&2T34sILBfgOK(TBuR!*9>?FnGv7Y`6V53>`ffUOH`;%tujjMA8~s zuS5u#O&#cnzp3=sQk1|+)^l2sgo4~>Ie8!mAy8Re0U-#5AV7WpIsia-Z=pq>&(^lC z-Wy+?u?j@Wui2OznZCk6RpF?6T>$BV)auGK1QGn;{U0SWm$pGhsXCM0^MkM~0fC9w$N4!3iy#tWJfxQog}Aiu=3y_4djGw zFQlz&EJ!979J(b@IwT;+nnXD2Yo!Kf2ZV=`e0FRjXaf>$qSD3Wk)t6f%PjK^to|nB zXzNLE$(q(>UyV?>1N{q5kB{?qi>(<|Te zy(f8uNfQU)+_QHPzy9gRarGY##V>!lFAh0+ByqjRGn-oQ;(~Q}YUUa|Icp7GS=@+u zt?ft;PVwIR4Wci7ZUTP$qdjr?#UI0W&)7kX8d?p{gQJAf4-rB`BA~US@Yr<^F25r= ztM5FdT08o~H)gl2eE5YmeP4kEP+jHW{Ie$F?~l(yPcDe6v`wNco%AuPw{{eyjw6i( zAz%kGnWg9)f>mY@g{(k68{*c$0uBkO;S__cYTF$P^<`;ceQ6=ko0lQTc9wQ8THA&5 z{{9-Ohm6LvkNgJ59X<&J0U(7EWp;V9>W!9v;4_vj@5D7X&3f$@mrwr7#lL&`D~~+A z|&_^*pXZsP^)rBbLLG6)lP+zvyB4?(6PqtC4)dlc^7 zmP7hjmiax-$&9_Vv2>Rq8>a}sk_^XFwlvaS3h7iDe!$3SLe<_|T}M!Xld<& zv9fX1*g&YpCIF=6v%&?lP*60JR*59LdV9BG9~~=Lhj2#H=y9q4Fgu{lz9mW<0y|a= z&~3`VY_}nqD);vCb(lD8AOwU0b0C1#b2n!tIrBWm?!uk>A;-dkh#b2i()%JOQK|MK z*2-2A(fnf3X_#;VBVGrMk9uGHnvGFNd;<~Mm$-9QCbeK-%Uu6QKww}zlp@!#d_dbt z=rUmK7j7r^NGZa}nwPVqDvvjLN0DpW6eDV`frt{mq#3j0lWr0nIv~kStZCHCahsCT zsVHgFXh!NJbEw3QC1ea0;8w^Sev%M{=I$4Bd5CTM6jSwy!$i~wS1wSP4Ku8}wmS@K z2y06hI4g^Ep92z(ZCWJv969rQ>bt^;GXlti)Jkq55$*#7)_;=_;l!`4l5TBN)xeZX z;H zX)56H$?H*BA$CmerndPpfy@s-B`MG5s2v3k9t{9l3*fIjwW)V=Gpq(yV6DE?$sm~#$N(HD*ctc|e$hvuvo5ie2m%S| zOGrOJ5J>pGgbV`6Ktcve*((EvZ(oxLiUFjQ$mRmvaR2fP?t8J}YECW`@1+jxF?3Mn z6L(*J(1;O3tJSTwh*K~Xm)|%aqL{{yKfAjF-W(|7+R4~|rBzg`fj2=wBG4`$((zPP zs&1V`O#(p>pcqKylP;yQ7h!+{M$z|GeK9ab8la-~8L$Fb##c1Z!-no&A3wiqI?g?A zB97d5BE}43vL?awadA6$3_efjhI>2zCxe)s^2&hsGpVE1+NuXYz_iCngb zwT)Rk{``u$uTNRGrm?YS=5w#DyqB3*5>cC!GGFHWr1#!_RN<1dj>PEtx~MU1$pDTZ ziQ$3ZrBWC$Z~*$(*COSmG_43>v;|Aj*_VuY4H$?LX4+J5OQ|g%I8;?SRtAyea(bde z^$8N}2awE4DKBNXt$tt10FV+v;H!W2wg@B^H?$+~2RP@SPa^G!GnzVk{;lB>jUP2A z7*Jb5pF4V2q&4Z*4n)9j|2Y{a?!P-OJNwx8e_$T5RCeq| z48V>(kJ^v0(+*|iJr11nZrZKMlnMq*g=b~J_B{mwB?3RdA(!5ZT_y~~(ff_F2|)!3 z2v5N};StiFP_{RMknsda2zWvz@D&2^go1!(0)a?fGeW=_g_riXAOxFE$D=_s+r)ux z-vbAfx~oClrSdjeA!Mi)cIvV*ZE;t8xGtNBVsaGHj&+MQLLtY`+4;?gs^VRh zI`wrh2tCfF1BRpNEu#?M1=%uk=@<&R&+J_OC zw#B5bMUiWtN|qh*xpwQK?E_tV7Im#N_edpPD~MX=8$2&Hz|R#V*0%Lx&gy2cWSnyN z2pqoG0OSe*I=TX^Z0g0_WnGxNtQ+0E5}7n%=zt6c)TJ??HjTO(50x2}x5ONKM^_O| z?FFoA$YNzvLAG@C_6R{Mdh_y=0Gg6ja@+iU;NY)+@$7ql{H?POKjZu#-ZN#!)YJO} zGengDK7ZjizIV&6lXj%T58M;u#|(?MHP`E`WM!H2JhGh&cjLJ~V&Ioz2^iy9iOa2K zD`CoIl6S{n6MX<_!p4uO%qE)#w9ENtCw3!AYb|CJNJ3?nZ^G;{M7p!-kAChEfBek`KB2ZYIUc95k!FJ38aWh?k(MW zQ0pn`s8Iz)m!k)gap#k(@4f$}#=8@k{hsT<%*K}9t1kG%v{v5_C7rhToyYlK-X8PU zw(zvYZ4pZXDII{sp{0lwJ~O~bsl1Lbia7^{7z-0kE0ixbhw46yDa^iPn19q%J2HTY zty)tWA7`Ci%_z`3Phfp}9`*ezB31eJXBXkWudl`JH(g9;e_?<9jqaepsIvgUHO z9BQBKZFxNZ(i;5Wm#;28`+{el{mxIG`_uP+_S{+jeqi3GpL=cPkEN7vGIK*Yn61xG zaZvv%p0{d!tdVdeyP;8JSEeg5c*GEl+hHu~hu0&ON;|64FtH|?;}_cB6^K|r7*FF+ z9?FjQfxxD!p&|(wIlQrRtuI_Lu>o;$-)#f*vc&=zjOMOvM|kd-m#t|%V)@#3WP6M7 zoTPx(tfGt>TUk|T_i)F~s49~|NB7pb_vSdvjuEU zz*2uVhu-L33aF?lT2(%?YoQU=itw5u`n)EYOuYkhrERpe8{4*Rb!?+!+qP{RE4FRh z9ot5yW82BeyZ8R8&QDlXPpx^+Ij%8=RPdM=Tv>-Vk;l{STxSrTAdC~86k8nzGp8N5 z42I1+w>Ij-tu_)pNW0G#&8hB&_RPVGB73+gjtnoB=IJ0Z5y6Jkp9&V9-aX`MaD+jA z-ppdaPztkL#zX|pHn;6&3Lf$bsQ8OglA1|KJ;~ zOOGOYsubs$x6?*e1M0p*2~g-yHFZj&rtNS6JX%$*5){p?ieVW+)-r=xjbblRLv;hH zJ)I6Dh{MkD$U#IrJQ#5Kga?*d-as$l?O-wwFLpP#i`4J_G4f@`e8lMQ2~M*+`t4l| z`_|(>Zk_Lb>5tD|^!Bf>l=iDH^e<3GcBB0X0=TNW;kW}D=Ojlld%dgasVda;o=Zqp z_ZmwZjSeqe!0(cU*I1h@(n84ZxA-bKPwS1}y|;0Y4L+{-rLm}md@n~|=-2Xw8evW#9{5r$nv2rAH3*9-%>3z{8C*>Z8IUr+jl#Y(0? zFenH&P_5~-NCC(4Tv^)9dy@7y2?vm+d_E;15&am*YgVpS!0EXU@56PTalCFAmm99& zl5@Y{CE8mfKJ`D4?prm`-n;Elb>FvY$lbT0W#zAzRoork8v(>wf&GfKRDHS1m8d?@CZYQdr$YGq|Fa%+mpBWvLN`o6g?+PL|jP~2q z!YL9)#pVWMx}QF-Hlr;S&7?+1I=l!EG>U>3*aVh6!xpcwTP;!Q;8C**-GVKWF!UhJ z#>bj|*sMnuDjW>!vyyfmun7|rChcmp|4+}8ANv;fC|!=zj1XBCYz*VBW0z78+20w2 zsjUEAiRJ9PGFdtH7edm?*`OR;fGvvXfK^MtW2zan(WU*2%|LBdHXysp|4w-CQuykH zX`q@Y0WN}VXcCO-Xwd+ktm+Ltu@(-ATaB7~3ip0&eXIjUnLy$@x)fiu8QG#7U*AAz zc*9?3K=wd}fSs%5_9Ta=VRwAG{7hYNSiVbi@b{q*O3M4V&Rf?6-9g!!#FU#ANE2IP zfeChnOCrC(Q%f}^^T9a&zQ)Fy?s#ml4M#!EJ+m&amn*1t6ZUx-KC1P(Nkx<#t0XxK zJD_+2bo74giM601s(BV|Zq+x2pMJ1aIqLUOXqsLRJzhM{ClkTreoxw)|Gas3j|<<9 z&Qgrj40quWCxm$vU^7H{9=M`5R9;be4b%P2ls+L+8Cns{MYo>)=Y}c{rzU z2h{!34DsW*u}8`M%gg=av>RVhnR;&N?|0S7eaV#0@2gyX-j9l!Cfn(|7WmiH)Kt?f zCc6`pqj3A~dqN&`UqXTRPu2G8dG+~)c|fv>aC?#@$bb9W-I+=E%fvySq%^7J)qlP^ z6m8z(eHFP*NPm(AC%OW^@(k=hdfQnV5DU88Cq4OTs)30 zzBvd%^yGx*@5E2NS^HO@sX($)Z(?@GwA)v74gTxmm9LT5(1lnIGT|H(V^&b$k2x(K zf8=opK7Km%Itxrg{IDYJ8`MCpf6?MurH~#z!4^c^314VgP?r+m0w_o3xrr!gtgjy* zhXRIvIvYkye zmXILu?|qWRdtC2Q%X=>xCFr~CV-@(ENLJ1BxC{M*$?A;Cin%i#1wxX^Zf}bE(a0eM zA`%WivKD#3o8<@KdhoI(@dE+h|z|aW$1r>R@Y~N5xU5K)w7sk~?6cauqETOz$Z( zN$EGeM72u@vW4r8T9F&=5(36`@M}zCZr;TA@4B!wg4n`h5E;mb?(p@l`&pf}Z}84N zv^fuCl*lwG6~D}!G&T;=PGL3-q@IoSuL1$|o(~L$U_kl{~ zsbcI1e#;~DcNR%2X%e|!#!A%nx9L;Nd!F{as+k`fmv+|YR-KLA`RD2E7fVqQ2PWs_ zZ3-a?7XvP)kE_I#y~RPsBsU3Dcm^J!%~~Jm6WW?t6x>+JKc)&DxFjMdKFM{4ISNT? zB*_K-Dd}koH180q`UtYs#cz+G1S!w*x~c$1Y{qHZ{zcZ6yFPpVJP7z|!KHU@gcjYZ zL?jCij_1A6G~Q6uJ_lI49$y%}oW{Rn*v`0eCP$}A6VpQCUH@GXPA9}aFuPS?j49&& z?Cl39N|#l;f+WJ?@Quc&k}ORwzphuClDFyNY(4B_YqFR*MOE?QnM6dO#~Nn|`c^oo znk*2&{ORw`qdygjxB?BJc3vF>rH(f*0M`8-OV1|UxU()?)hSe7{kx!uwrzQ&tybNB z$yhXxnMSonoB~x!w3}B}nBNIXKZ7j~XD5`F;rEp8VvJ+(nZkaB6v+NR6!5`5^gaZD zqgM0r??R1;pS$#;+=>V*mzl~o3Ck!7g^$W7iXe3WZ=j0S-}*W>gJaUBbPojrZ@kSg zl@zdag^Nc#u@-J8_D=wxAF@`w4G8FowO*7lEqh^8E$_Vv6)7O>R*on#f0fY*B(j`0+#VX{0GpZ7VEbC2 z=)&&5LAnl0qmYC5HfhM7f87pLu@Q^H)e3u91=$(jtIxMJBm1^`nxCgVF9q`Y8jnG! zO+lIjOa`X50GC>Q9_x2Drmo9p?l0>IK(n8RVYKmn2Q`+Q$M1c^_jNNH*%HqPqbS-h zAi7UnZ@;a!pN~22zRYfCe=z(S)blK!xs`bspvk0#|21JJ4zC1cO=8m9e_oKz(!EZU z^?mfE^*ZgaI%{h=m2dzWm+Z(`Uc{!-nx<-SI~rNwmt)>)v6xDyEdQ)BW^}$GerG=a z%PzsEWWIME$KEh<)b>{Qd&~RclHU}e$|R!$Qu%6cS*G@RpSnCKfi z#3Ks8fUk230y){XZJzmt@~o} zV&}75qO&)(c~>Q)$l7XJ@Hm)MR@QIF87r#lqBo%thik*aa*`r$zJV2j#WxhBT2UkN zti!fcHvd~qm6|x}6jYA%OC&A4;#4<*sAMIG>SYT)$z}Oedwz?%nAOi{g%LXiO+b#o zS2PZGb)<^dUPi1~tzyA;IdszQVIG-<>w>X$0xs5rG~|e*ZVo*+jg^#BbQcDWJ4vPr zDR5qGB~d=+I##4r7-zM5o#WwQA14Nz2oiTHFw8)eHw9_~A~~~NZ5^yikW>x3R$Z3j zaV+#h6!RGv8dUU+iP0^K*=?I^-qEcQR;f)oYekYdk({AHBY^>kJb|}}NTSiy;Fr^r z6L021$TUik$WX+Q*d`mXO3Z^8l+lN|VMpNViEx73QRd?DH@1wP#|C}jl8Y&>xb-3%3Z3H_ieFIN_F7*FmYy{5R&Hr?A z7ThD3zcEUlqzK6Ius*Ko#*6O1kuS;(HpVx@`0B!MHo&&vZg}19oliRc;}3S2j(0=- z;mAbkHm1(-);>q@cA&7hnZU;dwkz*Go4{$Qv%jxB;h@ zcAB%s;xU?!asrc6JyRcBvhJTvcY&i<-*4N9{39GYkDRI17F%nSZBwDn);iS!RHJtT zFLz}8g9B3rnM3{pZg!_`0Yi0dmefV_`8Zr zco(>=H^u~&EqE`(qg+OG%KvA=C;0Yq0Ox-mTFvx-Yx@ZUpRxbc5|OzQr9Q0uH)S)Q zg|xo5@!nysr{8t;cuJ391gKhC0W;m*hBW?*@c9yVj4>p6hE~r`W9hcdPtrfAsvx1d zR*lLDGX}J;B7w&ZF_E+m zWQ%FT!y*RX)YOCG-|$wGjT$p%Jw&EfWH#{cV_;#ZGULodl#2Y)>H3;VC^> zK_^S-#rs9Uw9W#(xXS9jbwM^q=2kq3L0z`+rWR-esQDvgF$3Z0jT*!c-7aA)!4U>u ziSXDvQZwRM6G<0_G-9k#wGXa|Wu83&pUB$#RyvU(B^OtN)G*4pe!Gpp11WHA_-9i! zfq#e*XtH#rFdfsBQi5bI2l9XXk*ZP?|Gb2HNxONglrK(&jmJKJL=B$ZR@-Z3t)zU zA}QlR#Sq6`_V2FM?6;BPSid9>AH@W}xs4P6fdqo=zc97+Ftr2qd!5d?Ndb%u%6J;? zniaGH;=xW9jmuk=hycVXxFY`FABR2d|Bl31^RhO)M49)zlX!{|-CqKCvl!7jy@F?2 zpB)f0ART69-M1e?HJgraFTXwUs#aTUJn-t52k30W_{eU4Htydp?$3XxsTUpkzrra( z_hShDOMW6tT9YO&p<}wIk4|kN@P3rF*KK-k`1bq!*F>oOarO_Qx#c+V@{zbChQV|9 z-@BSHyZUhFqvn+6Qlv~>R?}06v%UrAV^Esf*3(?lJ4Ve3XK_P`JE55$jpostU*Io0 zJDbzb8T;Ct_2un@aL`weAUUCznKa6Ug;I9Coh8^)GB36>7HGt&gHvL;zT9;&5(p6UuY?uREssT>F^vF%O~X&WQ$1*CVN}l+U^TwpgRS@&Cm^o zIf$6d>%dWSxJ^56xV-fyg1lXGs<%}tOAGT>Afb?CqMa$*IYQOlcymU3K~vpd z;<1F0E~eatBN!XI%Lzh4XrbDv7Eo1{abAFko7%~KR%GTEvB;!Nig3EctBUxBLV(1g zDeXV1Kj^HOalh3sH&8+Rh^Ehbe3O^oR%Ui+^D?{PrclVxs@bh-O;GSf~zT)da=h1uUcqj4T8`1)i6?gc`RC*`~UqtoK>tIr9=kAQ_C({-&D` z>)Y421dUl4-_F~%tC!tg(^lE8J7PbmIbuPTH|do%A=jmVZK>@K&K8XRBj0$ureNNz zTKhGbE8!fa#sQXP|7WizOqbLA(~eIG$K7=T8Lp;k2JuuSvy4ztSG!@@1^mlcVi^vH zxg7`Ha@IibB~WSQ5SG8Q^Il^!{m;~EjjfED8^#7VOsI`Lu|CyA>6OhbGY}%E#-FK6 zDNFktB;mOT;$?Zf_SFRAy7rR;jHh*68;N;NS2x%zPXlxYZr5w5d=oX9p$tใl z9;$6J+yf?|?7DF&BrvGrq89|9yyf#hMgfJ%THp-C>n~q8>G&XouvAoFnr-}jV8QRI z`I|DgtcZRoA(A5GJ1o6xSETSnvEVXVx6{|3_*E-xd*wNhhIyBe*0iwjt0Cbn^n4!P zr(S**6BEu6CyLaEZ_{g6e*XP4o4OxM@R%eyQkrk1I>KViR%C{g6vdL<=$W8>{Yu^$ zlStR0D8FUA={^z_TU^U0-~bZ?T$Ff{HMJ>E#M8Tp&)8GICP+k3AcE3hO2QB*etRMT z4zpRXj*qO1a|_$rJzzeT?NW$A-?+FTtZkMWf zr?kJvinTuss5^cgKM(hBz<^KZCso1}@RltS44{G_g)~zNib{HdR3v*{SuU4nY7m`Q z;19a6K9d=fi=1+h^pCt4WQs;xw>u=2-ix(Q@81hV>x! zxd{ej)TtI3nxcc0KT9^YUK>5?oJr|pSMGLs|3qxf;PC%D5ILEoj8$Z(gDd-HQ=^sp z#_1Rlf46blzz1@9lH7V++IT9lZbFpJ*mbN;X35(^_GL3V$u|tQ>DzV-@A-Pd?c0ob zrndx=$n{?7h`(;wWO%43LL50sd^E)U1&tzYrdb{n?&5O?Fv?Omb$&?vOn+OmmkPQ_ zB2>X(SJq!osffoE?cm@j^LGOo1gv>6KVFKxJiQ(pPAsL-JXXerNTUAC! zSj3MZWLpBhj)w{GpgF?5RSJodEm{v_(OVa|iDKRq3ibi#-3^Yz9>kSP(aW zm-Ri{pi;@ocY=VGAOwWX^dYE~fX>t(C_4YF_^|w*WXhS|wilIsZ3=5EOisOD zKuud;N*{l%@4+;~<;$4*Zp~by-Q;pEWm&RUEOZ&w1xF?T1H)+-H{NL&Jli+!vGyVe!C# zvD2xFLjQA#(|B9N0<-zCpL_iAl7@ z>J`u}5l^KpX-4J@-|3xNI0@ zyT1|8SW*aSH}z9&KZFFNkrao5Y@WgegUDBiFGqpbBi)RZE31OY!TNHkfJmSYJ1vQm zgTM|s1z$l%gkgCGI#4JFvlv7m))(2e$%uREb);jm-nZl(d=v! z8qZev>2LH(uU)qu{`HVvzb;X@zBpY5GO=|XB&!XiQ$H#p;@OcM_KsEHt5ZE~IE1yE z0CKzIbkJZ%W(pAGUL}6i{6&rXheV zmDR=UtqRM)>rL{My|(KYzXa%72;5L&;heM890cB!bCPjG^_HH}*^1>M(0_kR2EP|zXm4>_4J57HMyIx2b~tEmBFm_?=CyPdyvGCW zm>e;XSb@(`m0YAMVf@HGuCtV^tFXkp)TZ7;Zx!Q;*B3P-#cB7Bxh&1_I^~?@F4{7Kpavf9d%od<>oNZds>SbsvLp}|%^60BN53JyKWCdb5Bldh4^TIYI!QnS zkiepRq~MP}1DK2be~qlH8mP+HXJ+(F`*^J!-+|NVuiDXz7Y1{3eyus6)FeG#!tdTc zwB{1zV-G>EN((7xqiiOokA?uS8ZSI1_+}I`v2X8V|K&x$1C5eoJ@0#h;GR=PoVeHE z_h{5t>JBKgOc<>B%Z$Y0w3jLqkg;lUw2FE)#l6XdFFW?xFuX#EMO7A$VKcA(n=2(L zWLq}Z%RF#EFu6K2Q&}y2cS&GImCSVpQ+4$`52OzeK`5Ndq*~btbj^Fsy zYjh(MowpLBc+WTX29`L*)%w$Q8A^f*ef2Ds%|GFY!XR6_x=KWGrGpy2UOk!k2u<|7 zwN_jevqq8;0mIW=ojB7WO?jUq*K>O-N@cs@>GWbODT zt|eYsCovm-VXZpCfqyO=S;$byRFG)*oOlx)&8dHZDJ756}CW1!@o#DHjMDn3xx8Hkfj0R}@5;3Kqq+N4&x`-PT-Co}vHObB&hUvcLM) z*UDfV>W?};4@+|A)S+{pjBU@j4)UDxv+Ykkw(08oUyHbZpSY{*O{(uW5T@4JG*=AlMrK+`Ga4gS^B1VjU20$qV~LOL+QbjW@DZ5(yD%iu85Aiv2mcJFT|{sm=%#O;qNoeLV1 zTlnLAs{%6UoA%LL0ar3Q-N3kvmt{^m^)S+2G%$pV%t=flW)K##b!NZlg&U)wT+dg0 z#Fl|VSYG-4#7EshC)$`IghZ92^xdg|LIuoowHHUNBKU|AHSyPg^yepUZLGid_sq_; z^e^)7X{=iPX^<*Cf(|^ZWQz!R%H641gn0Kj0$F$RJotNfgwQJU>YuTyYgDm0@pr^6 zrn1hhyK;!ebYgMQV5&Yc^Gm7YdAOSUw`SEZBs-^34_$YEhf`50pSO?@DD>vcaujN@ z2Jn4^WH-ZhM;s^rENu>wdnQvS(TA48Zqb-FXa!uT{b~oafrw50c1^w<&_;tiQ#R(J z$14U~4wM4>t^k0pV$X$?Dm(kskGpRSQ(j08 zWtNGHCU9;?Db)K*E#6;$p76f($@xuV0f^5Az}EpZxzb|n=M4L_YtF>*zCUU)7XXv; zFc14)J;$hh(uW^lo6oMOdHv9a>9!B4KAq*edw=fNV&Xc>r8Lp{kKu&Wb5|YIpfg!J zj)~QoHlXkGx*|MIr`ra4_p^Udqut~Z63S|^%R8@i$(>S^H`11Ig~Q!otb(1f-1LK7zJ=;nnj&foe)Z=1PJ*m$n-< z#K^h}YYVZVRhwHn$(hU@f>dCFgQP0zUIq}{joJfmvs~z=>i9e$#>!PisE`OQ&K_l- zml#jfraj&(e@i+`e}&iT5QspiJ$b6j#qo(o1tdc*#ZMXDjM0fsKvsu_tYgf;IJcgi zMo9DUUZB{kIPs>4T|5g>eubQx_fHV~xz$!pSeXVDd}<=6T_YVwDT1cqh(h!@s7ndn zIO=9;vYk<^vtcb5(9*p4u=Q_qh>JBE$6EFe3>%{Gtd3FA2eb2bjN@^5Q*wHPlOVYw z8w@!QL8V!)!QrWld2&5;*kUIkII+vC6Kp#>FX2aWqqiclE&Qz{VO9oCT+KS7yv^r_ zV5YL-xX$XIFTxatqTlHLVeRk-% zua%bH{e#nFAy>)3TlhJAo@~05ko8(9d6GG1?HN}}hCRpX zCmFw20VOAf0uGhBWJtjlHyuUj*f%lQDi7)}IIbzGuIL8Zd6k+x?i4 zBQ+#wn;AS|!m$6-7Jk0i?mlEr(1f@aS-#zmKl;0Nv&W#*68Ko4s!z{rzY;dm6z7PBe(l5|GHUBzq0|@m*nuN=dPTvU zC4wamSJ_t&^p0*pOkg^GIifPVIkbeC5@(o?JHR0~lM8WjVyo)Mf?Ib2+0>$v zluRMi5%%Aw*3zn)rvll8IBW`O5|g+AB`nu=?cvm;C>BJ<{%R~i$wCl`qhe8TL1rQ5 z^Wmf!K@3&bkDib!Qf&AbLra^>=G6F$90#m#`?CZno2cT z5}Y?}G8C|{>GKf+0f(h1s4fHEo(>|VwurCBSHpiubEI5+Rv&{7h8<7?3}k=OcJ3t; zC*SreRQq=WrqB3S{4_)N9FJ*I19buxu9w*!!{b|?7hTd!BGndT zzaB#L2rf&JuJROpz|ZAqw2d>qyNP&|wAr zSE7t^dH3M!u)svCZz8Oqpcn_9QL3~YWg-NwCgDjU97u)-Ts;E|!KtfgA(({MHT~jo zathfvpg^uYVb(iaplK?qGOEr=Ri^l7l4jy=8ku2HU=hkXN^HAH^nd}<&E!kJaqsDK zm#+BIcYPUmYi#u>$}+$T7#9|OXWdN0{?*z9Gh%6t(jUFJc{9B`tMm3RYg(P7^;j-h zi9y=VlYe7i%iU{v8efa;_CptOYyP@m^!j^W;Ho{^zVpCeqpKC&?{jQ?YP zIpxoT=6(I>6`>3a>Ho8p{G38-INON}M|rxU0d+6OI+vSLE2YFbSHC%3`U*}GJ?&1% zs=(sOWRet9f*>zD;2V*otiahE(HgO@ZC0eJi^C|Rxcezm+1zUWIp{d`i&2mwfyJz> zAZfI=9XkHly!v-gA^uiL$cs{3YQh+xtzQk5H^H-U1n?YqVln4~h_2xaULNr>E@IO4 zxgG_jAP2gTbrE+EkRfzaa4;u1_NQ}k%K|`K;4_RzYfVIq*^N9NTLL75 zMPZVq3ydBF6Yd5XDsYbyLcz2435+6`4AbvLY_MTU0Hf zNd85Atyp+dnIjA$=h&SJb_{2e+Hs+LqiObPIyKqek<{9qi%+0pY3jqOA4(&s;oE-U zcgaw?ZS}#*>|TXmt*~iSLNkKG!_VF;Oekdl#RJdIV<>0%Xi^juR3MJPaw>g})i9zp zz&XxxYF?X&&znCSMQil*LjJfx_DZ;7JxtD|c{xqVue^=HzwSq1ws<_jud*7WuKlf5 zZ}ys(2mH&bVXnM_3WEfDkuN$Z?sj)b_ z5Yv_?(Cr`r(c~V-XgXT?ZshX=F(NoCpuvrk-jusof2G$n6J{))6#qqUi*NABDCUHq zQD@!-6&^5v0rmZ<^?!U6ytR`Y>#dO$5ch0P9 zcfQ4~%4*CrI}%`a=I=O=GO`XyZj6qwd));f<~I5~()6CrgfqDhNZYW*&Ul*+U55ik zy}#my?a2OnKKyFl?>NpI*{%J&EG}mIJCsi*pz*&i2q~NGXy*BVhN3swzDM~ythUKG zP`qd;$Oz>9Lk^qHz(YJ5d!0Zov{ZTeIzY?36;<{#g zA=o8w*fN16Y=H|D)lE@elfGN|aOAKolQ!k}p)J2EDDC?Z9{Nu=7}x)luN!h!+v^dVU2^qix> z>=?qpLFi`-k^rv zbvDD7QGsAoPMn{|a<4XSt`1oSYzm1E84S+om+piAb6*tZaqWn^Kwp;{KPoQ@%m-}H zoYnk9O#e?i{E1C%Xh8oAWSi0HCa4fg4f>kbUsyqDPKC@uxyhBQAbfv&$o#MsM4MgK zI?#Pl%yYP=l`~T*wXY0h z5$m}=hTux+zzJ!@6kOYLF~^!pFJ4d4&Y~)f6$sI9nC7 z3H@PVo)nrj4b{-^!uNo&e@|eRv>6fC?aBirKG{f5`s}wsYRpYp(Zm;+>4CpZk%Plc z8{EYD=H$e1{Oyl%i#t|M)oT`X!rZi!9<6^G1@tmoP=Fy{-mn15lF%+O!o!m zzE8CBtN#g6bw0o%;c&zGfv#gFN>mxl@v_4o!9*Vv^ZX31w)~V-6612P5ZZe zTikkX5c!t{SAy*qf+v~r;Tv78w+};OsDV6C6T5mLImz4B9oG^o}(3h_8fg(9g! z&$VbjDiCI({!UDsx>Z7{=y8ZWmepIBb0po8>~U)Gkt(YBN;4^1QYdy z7fuRSUyml?_BsiOzR{mdyY9QUjgP7Ib5>nla1?_W0*&Cyuq6WnS?~o*U_&oP_>Ar0 z#F3*hAe9AzY0;yP@ZLkizoM-yAA*CGK_X+e)ql`0)M#v@>uZwue?wr)q?d572~Yhx1-t^&2FaA(HmV+`Uy(4 zl2;~4FGOKTg}E92E)&psT_;nEawQ^&JE)&ll?fG+;h*UB8G&wu2HMFziBzvsJP;eE zpG_Q?b8=WlDB6r(o!*YCeDX$bF{kZMVFF|+%sYMLV*iu+@*njo5OFdd_SjRm{kBW) zRne!#E_;+nqGF=Nc{P^E=BnBhijPw3&MuwSB$GpiqSVF3nx2w0OGk@XJhv4)V1iVs zGFx+8IjOle7~+&*IouD!d-tN$+~#(06^^-&OBp`^4GBL`7-l!6zla^k5TL{@QPBEE ztOSAKQ$dyif=-QyD)9u_4{67cUK3w3fJjCmuOE_IYgbH5lVcKplsXRnLw6B{(`k_$ z*I8ijBE*J+r>rxkb?6?TB$+2IgP(5_bvX+n1$ak~G3w*izQ%`ug=VZY$HHkBSnwx! z_>OOk?ihCTEbruazs*n{h36il#c6{FB-gS^N75;1s|MEUTzy)qx3&-7)k~e~l$Sy- z>*&Q0(t2Gv`{4d6pDUTMswMu&YB2Jp6i293V?Pt##DX%d(lhek7ku?;1(_1=`l~P& zfFB0K#49RAa&9H+3wL&DS@g5SLu_#0r?+*(e|uRme_gM%-Hv*j@9($a2J1d&MOfFq z(0w_dr`^2t9PjmR_7eGhPY$t`;@9WrQ-4mzx;ts zqzq3IXkxGwgF&CL!w7S}8-7g8oMBg;r<^+e%Zi+D#n2j>57CTtcEbSHRfDrAHMVB6 zMEdd+>O|*SK&{d`_rDK%HZlP#z%B24ulHjKhQudLn5LgpYjNj>y18?kvC7;{L zWUPOouh{2Yte$$MLkF^vSXufu*2qRlO+?Hof%$qEH+l1-eexJ_4cf6tBA}+9jdux3 zFD)H18@7RrT&%@L(FoW`HVh}1(&K(V&tZsuZZ72x_2p%R|H{c}e_If_dC$8FHx#MN zc9ufsLAI_lMkyR@*=)eZr@OGX7(dwB?d|z0tTL<7Tc2}Q)HdHw0Q*Tp7DAvlg+=~6 z9T@#`eq&|q83dF~4J;hO|6oX}rIdbsp4hgpvkONrwLb?-?)kZ;xZ^y30{_0-cyEdl z#s9~!{x>*A0)o}6uRa!RpXs%h){;O=p#CMkafq!1d$i@83!zU{WqOlH9odl3t4;39 zdNE}6#)KXKYMQLDO>vWVD}h&qs1D(XGfd7)tUeX-mkh-wfQ{b^T0E@PKzIDS@hfSe zQAbq@TDA7FDC0+zo74{UXX%H7e&w88j1R4zbp>GegaYCJ^!9j1SzJ*WD2gB+RojR- zdn5FOk`(_`u=2mDm)u6?gzNWZ$PauZQ_d}9i0FQEgE!f>*J}bB?o&j82_eyPYO(~O zB=(K}vLwdtHBS=eRzqgOAkdjPSeLp}8!KAdLRbe#_{qY4l(M(S?V7TFX{zft){m)+ zcko>|?|{6VZluahY0qN>u9^6!N)?v&(q5L-_x8MlGFvcI9XkmzJ%2jxjQK=0L?W3G z6?j!!PZsi|N%($CC$qK@Q`OV+dV3`+r3c!Wrz0g7psaV$Et8#?jI!bi7V~?!2}6@d z(g_JRP&L$&M@#5w2j+b`!}z(rvu)jP&~zO4qB_n_AMb^J`$Eq0J-}a&?(#u-U$LVZ zk3LDr%2xgs60_RJ0KxH+e)sz_-UFFp{8nZ|Y} zVqZ5XqO5LoSNN#WSqpplLqa@ZD7pX?M!K6pF->^*p95pO8iNNZ2sR9O{1zKsq!aMc zP)`-k`~5af6RRoRTm~T!UQ%lH*mEQW;bMm<@9H+ORw)Sn{(cX&B zus1Rj=m?fF!fhY5AuW`!Z-3li{Jfv>zt?8P$Zzcgp|{mNxf%~71_=LL;1La~b=Ct` zo*sdiXsKga+!G=XCI4?P@d;p<5~a*`+IqpY@BO$@L@qxIC|h~rt?hB-C+s`Nl7=mU zfJ@V%wYO=F>|Ro`614g@(bv{bFIf&GBvOA^ZnU-)0nS4EeaSJmLK@}=7WWG(Kh4Yf zWo0dQNS`nxxJiB;I`(|y=94k5Wz*CdrEd1B-?~YQlbmcNC%jQJ$_p#PHX)yu3b7U`7^)a>wF}qR7AFcmbro z*DFe7O%Z!k!Nwe@h&igXElI%CLJ8Nx^cO}0T*DJ-oIYdI(_AW^R`Som=i4nQ@XU6h zNP>vZ2dJ?rt#EC}lFua8on3=^Cs>eg3FRFqVS`^xI@|H{AicADUw`Uj*I+C_S&)I}qQg=_L-?oc2wFk1nNNP6x(f zT5BM2{pL*3zm8)(8n+xyI8q7KQ)pZs*Tdv!x_j>Y*h6DPcWu$#gWl}d`O)2L`k#y? zo4WW%Tdv;V`AA0Ii~bQ)m7Oa{OB%`#0 zxR0faZHh~2{qH+VtY3u$q9K))QAyA{7&g&yeAJ1h< z=pBx}hjEqTRlcVlBHGOLZ$GpM{5x2&689#VW?&G|2q;?u&1q54Hjaf%KjYiapSuYW zvW2}8bQ~Em9A5~$M8uB3OOnX99>kT0BiEgc=_rNTDHXO5&`WP)iDcRG zNGM5Bf;n3YW_>qtw1mE;P-q!1p*5}2K(zDfC0U71W5>kT8t8Mf>N5I6o`667QJcJwIXC`u6oFktJ(whaYya|0Q+9N2j6>Xw+Bg#UW=@0H8 zj`UNL9(Fg65XgS8WKB4btt$I%aAe@z%NdDCb)*@f_CM4hnOvw^DiGWuq@n0gCTHZXWKE*)Mo$V3R zd>)q$w96srlukE+{fzy7XF7M!`-xd%Yo(42uQ=vcwap9+Sm@BGd zIs7qew`F`R$YrnIrq4bmmhQILzi9rIwtq~eW6I2w%{>nq{3E+%7}7IstZ&FatPGq&dArKm;bQOtr>lAf`E;h-z&3AJf&@5!%H}EuK!8Rn+fPH;cVs~%$d*SexOS6*4a)V+URtK6$>Qm=wHWvK`B%qAF^ZV>d zI%hC}{+Qeax~+&|zzuvQ z-2CKs1QIjS>_(ivKZ|dR7;+tVXP2SI$H)&rSuled6>Y=&wY0*HXl}4uWCtym7ug{cFk(l#sfvSNwsz1$rs9hH%N6NmRkT9yP zJEAfeJ<<-{zvF%YpQEU2Utw80PK7Ca<*%<+YKv}d{h#)n7zAhY=b872;28X)QRVD+}{%rx|weYd;rNi%^;kmI9bH~$W zuo1d?n7rn;E_Cth-h)yQmrB(>jVn=`_~%&`A77gb@=-XPIYMVPr5kU_ni(CP*6N9$ z1FlFX4F$BUN+6Ce%ev>u+j73+T4-9NFag7YmK5@RR2v-zZO(hlp2%_L*4=Sw|jvEi5FVVA;t z4_ZT(E0*^b`&HCg8UWqpa!`W_DM67*qFcj1IFd@h%VEpxbq&RmijlhU11$|qeIiuq~t zIJ=KTf9zmE--l2H@>!$+Nf2qTgx9u54M9&C&Y|doJ;IiBqM~-!R#?)#&os`o3Fz`? zm1uB1c*QK;Z%fk+JJ$QqSHga`D*68%me&4cQ27o67cugDF5&yTyp>U|Wu2X91lHFU zK>GK%A^2N8UyjLy-vqQIVFrRATg?#=K{d0;Y6HN$kn(>1&HcGsjlBeI;2?f61gD#@Na^VEuneMBnTOP6^ zX0X}Izo!?k-_ao+>x9|<=uatkRZHWlIntB*i@YjJKResx$Ou<>rR&lc-luC8%BG-K0U*7gt=y|D=3%(e>d&uBb9_J}2|t zM)rt{jU?Kg>fYyJYc!Wa+UvR!55EgFFd9DHhW?3R`bgv5+&W@$)=!-3YrMC2?QN)9q%|QX z%25bvnq@iVdn*U9v)_CKqw{SOU+C>-4poEGdw844IF2W^s#r_JeFy^)L$#c;{g@sG z6FPBXuykTGrRCShJ%n4pgAz?g)iBqV8Y>BKoy}KsMOOo(;11?yt4H$Zfpa@e!8WvM zj2*<2W%;y|VpKMxJO~Q1qXq2ym4@;4Q-jw!OHcg}B~_(V)G+7j{E@5DR=Df4Nyph& z-4AarmcT8}r}iI|-G>opwo#W=sh3B=XU<3=EwmGC2U@J67ib!PEg>vWm`?(V}7i@JXMf%^B{$8~+36vFn#%MVOW zxVuAecXz+p`<(B7_x^$;PnNy2X3Y#O|G2*B3jX1|{SzvJxB$w_&+mss>Au{p(Ir(^ zeouor`B#aXHvV1=lPj3aabV%e=H&>0JU?5Qub{zTKP#zR(J{hQ&S&&n~H$b6-~l#j%Kg(W-UzA0=ZzHmHfB1OF=%1%8O9A6OLRO z5=gE15&*Rdq1J9@Y2zt*tqDYf*=pDl<*jT^nCM5BL{+!@)sz(;HCK3?7tw;*7I<@} z;?s&%sx9cFZ;AO14Q*!g{8Wbz2az!)e1Y_YWlrea9qxGpDnk^vEiIguCZ9wc_YqJqYN8B8 z;=YyuRV&pC5fGS)GcScul!Z{~rLfVVn;_IQ!MKPBQ;aKFi8WIP;YPpm zu|4l@5Q-L(Q%h5B(00|zQyW(aT-q9dXf958LL^8QzWd$=Q_quVE@X}(YSy%(UE!Cp zv*^zy9UhECh$;M8&*j?5_4$JIDfQ!{h6Z&ey@$;gBPp|B%J7uE6tG67EbO2dupA2q zXYmxBwtpiMCJsGmoY+orPUMc#Dt}Za6*vyFD3smj2+kn(P^09*m8~GV>Au`Qz!@-` zrWEER-uD7In_Mi{^;(<_ZA|ya^!M(0k-j_@bR~U&&3Mm*WFf0jqFD^|tm7}4u(3Yu zq|;FDSG47+13B&5Qs*faBg#D0SVWCUW!Op(M1+C-5?p|5Z=VPfP)O=4Nl@ z!MtDJqutNhh&R56htzSe0!nFkAQ5^V&`U^h6IZ47iu|2G{qJGSKd_5FhvW2gW!dw? zr-l(NIbuu3^*>aJUjqUXqREge%(5Dq$yj`$2D=}LRZEnQtcP0qJgH4Jjy^%^b;rN- zwZrFzT+w4z{<&BHVS?z|xw!~GjeFAlI`fL@y)U({2rXLGHFektB31PPzCqq0#H%pc zcug8>r7M|Zf1bqCYG$T;GPJw=QDP|chXEbQfS99 z8#VgoCCK4hazjh#^VMV%-%(A`#pbb@?)?ew#qD%^&ziU62l~jrA?HJ|z8I_oMdfx} zBBXigLm#l9n22FdD6zFDm?B!(2=AXJnp*ni8hYP9E4%r~9Mhq$;R*Nq)!8TGW>$XT zD2GbAoxUSHnvF$sJ{qx9U}7R(+8pF7)_lbrS&Zn(=Qy)+l3U6hB}RMz6^+nHlZHRd z!x1ZXw>T-7$snb@zVXGDPx(-gKLH90ThzzuvP!MVGm@`9`tpm7{kO4+2R94~4uS#K z+((!7Rr8{)4UN6^#{9nZn|_gqVQ+63sN=mLu0KgJvvYEA*WB@6u+}~o(<7`6*aZ;% z2AS5YY@NNA@z5~zF#|LDEy{Z)`iGLcp2vBNyYI}-KXl6KOPgy{4y~ML(Ptj$>H6|^ zdp9hsh(p;hK9h5+L0MTgv>YBZte;f=b#eWdoXZ`Et={itbX-6Gwo&C6j9DJOVj1!- z5p)aZ{qpqJbLJ1{H;q&W-+DMag>rmKl#hYF-cdx-Kwi~r_$O^fMz+0dRz;g@8vT-u zbw=n4&ySxOQUz*5ezBUuhO;;t%m4cA&}aizUx5ZG9$TVw{f0~=hDcSs{u2}WL3ZZ_ zGP;axL(G{zXHh|Zkt>@oLrRl5H^%-HO~@Pp_$G+P{(@hY>T~IyggN}j`axFz;DV~c2ywaLS=YCH>G%^0)`9XATER~)tgI61M%a%Xw}$)@I4J&kw_!=&3xJ-+ zqV|iz&_#U{^eDkSX2GP4OaoFL}MbT{ko?z)JG8uAu9Y zC-Fm_q|WaJE4z3n?RMZ^YxPz0QNt+d7t+D059^&cwrn;%TD;F#MPyCzx65F1vziY( zfAPOaFutkcV3SkrFdYG?5Ly#`Wur$?^4TrSm8s ztE5lVaPGGip;yx5%p37J`tb3$yy7-mAmtAh{YC%35#PlnHqo*d0S1CzI7pZ!znrnP zd4jwssow$Tm>Er2To9~000s)5y-QI=8?7A_6+LV{bYx#WVU%sy&`O~&GW`bj^kf%$*Lu=!rY#sVx4z@`*$pgJicNK3Gjk8gw}0tWaNM#yi-29)i?vxoPVj@N3w1ObVqM!=$#6$k0K~Lewgp*8AJ;jx{WUJhH#w zxmp}^AeXdSGS}h82n$(h{P`zil1=UCYec9?+d#+sp+cA#l5@JzWdDZGGgg{l?V8!{ z(VB54*~edEPQ#o}(VdG7$EsZ3Ue~ipja!3=_iMJ`u$4ZHm4S74Zl1y~un?qgvSl(0 zu(MPX-@*Hg)$|9r7K&j{g=}5pXI`jK5l@XsGHv+a8tm$?5M1|9NK{*YY5o0CvSiPN z#zh!_>JliTEf(qwuda7X`==KdnU!QwXkcf?4W+UA6SHjcTqf)vqEwuA8DGoFkH=1sc>7M<}0oYoVKS5&l}?! z8=#ho%z+VkiA{_f4SB#nsy6>tMBYD%XnP}84_h-tN0XCU-?rf35Kz%-!+hJE$s)U> z390n8roI~OU;~hAr$~_z(n+U2{G}?B4^o*$JYEo0)CeS%D0Z+=U{xW2II6Sr&;J;` z63SeU{u(ErTOknj*!(V%P%}y;poFs!Oq_pI%JIhlu@B=f;zD<0ocjG?QQvxEcgR+W zhel3qQ6ox6KQF@wl5fK(TvC(*eADyz!*N~ zJ|pwk$ZDX42i1s#`|9-ufnXu+ZexV_j}A3^?wQ58K2R1~wx=T%U5Bw=fBmoR6$r7>OYuikjzyEb7?3+oa-w+n5d=RTa}r%MT_CoKOi zi1+-@T2QL(-oNB;pdvc0>D~@F7_Zt`~6~0vB zvFV_Bn1hcKMje_hV6;0CZZuvIKE%=`ZTn7_yPoO0tjIGjW0y#BJslB)Zb3tp=o2{* zZwEz1x*yHB>z{*OUJX&mV&+;%>RTezk03r&xBEBvvhT{n<1e0p_bhA5C-aBGhK4&B z|DW78Nm4jV4j&up^2_tzqmHb){`X!CO7<67zt~Kib$PowZ4xzT&coFc_C_#CH{FpM zQf~2fMQm^TgSsf8B58fnZIx)7=PnHwGIe_M$4~;ZFzFM zC;63|unqBN&e?8PIPZ5e)y4-ON5frxIhZUMOJ+5w?dqv@#klbb=_JGUDZIPv&=5am zp@mzV3ZGRF5r3*u(pvq4aKRX&V)_ziamBlXM7#K#pnjcG!T~@Hr{J0VkD+J!437u2 zl(yE)x7(I!`@6OAz7FrCN6jepcX?r)D`#=(xTMyWvx}--?Z=LR_SaudnQ0+BlYuFs)Km*m-7k_s(r z;oS20g8idbRc3s>I>CTSHzluvSv5WrZ-q7#LuT@~h2>cM%ce*f%w zKton20r@>T_%cX-UzD=;VwMPp?(kwNt*|idkBQLbhytktq`RDV<&(Lkqt)5uh$kjD zFKshFm>)`0J`D7PbE zy`2ViYTjincuV=rsGF313evI}9f4}N8Ytj}OPk&Rs?@jSt<*N?De^gbe+-tx3o4F1 zk>hhPrz700253p3D7VSL#8sW`UBZ&PS}|q2b;$|X{eH!7-j2Z8(-kOnIeA-Y%q-*V-ILYqoivl z|BBZ-%C=^e-TY3o+hj#m!<0-@Gh!79g$qAnkXcxc_QhpgV1ear z7Mj^WpzRsZ*5=^E26zUAFU$AW+Ch2F=Q%^o8{H*OSjPrI&|N;K*)LWZtjg|*$9GT# zq>>UL^kaiC@0TglcmwZW)aOKGWNzCIu=s2z9aoiQ7kg~h@;g^Jbf|QOYZao z)IfKODv;1^D9k`}8Upe6S@XmQ#v*I%eXjktpTd}p>qm_r>Ol27a0Ru^@H%5611f8HV_&iDvR zo(}TAgEUcOdLN^-z?;eFG{iW*@p*U|Tb&wFKQ<(CwJh31hGLeT8Qei;-|kE^oM%pV ze!fHL5uhV>L>+MU()b)d%D9k>xlW(dH2qjd8E?k{S66Tmg+aw)kw`BJ=5c~3s!JZL0`oDuTAs$ zFMZ?VLa=Lm&S$K1`U|iSyHm4huY3nNCopiT#PlRNtbr4+3vfSy!!!s~JAZp(C9vnp$2Y@03Ul*Y zIz)xv5CmSfg<};^(aORC5tk_MoNltrK^Jumpd7n;SuLy+3|L?SORdlZ+jfLza~{T* zquP{)M#O}ovc4H2tCzwX;SBc2<0n-dDwuVTtbMAS1R_>MQHxQth*6kkBjh-wuj+c4 z#IZ_lH>rslpP&{})fEQ8%*?7uOyZv;z9wOR(^5+qLnqTsTJ>J`4L@l(GH6>_5QrpH z#So*LC@UY$DWpeaznSzS7!gxe2KbF@)`Ljc!JrC0TW_7_mKK=g4&O9O^s)*mps5T4 zojUm`dhQquQ4)`|cybdGCrxam?xZZwp7BQbjb>d9YG#wr2WD01O{(GZXsruW3F^9^ zl6P=R@Dbnz59Cw0=-XuhUriItxA8dXf$D`_FaRr*1)s~Lp$ZI{2E)v-y6(#=3@_`O zXzYKwF&AmTeowLo?dj{;U+A8~PUv5|@Zlk-BT7a`eF@6#VLmTM&dXkFqVYqGOsqWr z_nlJx1%t);X~`C|-C<2QguLynKe(g$F73&+Jn&$DWGlJ_-_b?KuaO{yqYiV#x6-iC zMCR+Yy2Jof5_{s4op_nN49Y^mHb9JQ+F0;@TzJ)@rW+@TM=KPlpMWmJ>+vauLPLBn zgHI+v{APfFX#DffK446FYFh=}9lP1H$pCs~)?aRfyQqSGky;Ndeqa-^I$MhE@ zd6jW3V{I!O#O4mjms=FZS_h3>j6kt;Nef&Jvw(sx{z#Y!5)umKQ*+=3t_cvkbUNM? zZ;1^De%a6dMP89`koD;=Gq8taQW5s%7W~nN)yIp}r%hkIUQpwlfRTx+Rp-5&C_fdI`Y-DraqY>w+PCY})g~45!AIiw8n}BWx&z{O5vqi#Vm~ zL>&4|ba7q1gpNgn6QHCns7TBNrNxQ4kgG$WD{;8E?#5Psej>=U6mqdy%6z`|Haf(r zzsm9s5tZYKS~}C;Ld8YdkjoblMmwxHE_EJyxDOMb+MQe#2LGNK2jb0$(P6xc2bkr) z(uB@a7!`|>D4eJrcGQOq2$oz#aU}zPrl9wi?zjyku@KX#oWrmsjE?*2dTjr%Y6+d| zeo6cDqP1=b3Emz4L<4(pb#=F!Q9nmr4{n^qjn!g)k3RlD{Z=?tjLj5DIECdj`yN|@ zj{SX~Lpae&oAk%BGbu%7d|;+A(rq3G>XsxaEs>9$Em7z3e`X>;AzQOB`DW6ZUs zrkrFIQ(F{^->~a58VpOnMH}{yo?@ZcH)zqq!lHMyVKpZE?eN)__>?-ziYaVnC%s(W#ujMOcZ*d(zk>35vwKyECGv_kf54()1V zBDj-0_KUezOlbGt)DZLtZ$~~y=icKrCsHOB4aZuu)zH0}o;GUlr24~>WEoe0v`DIE z)y+x8dt1$QD-dEwKfyq6hj)(j?P!nXQ?U$+Z6XfI&}tX1uUz-IvyLf9B?MYH%O!Lm zKJbGn^(BaF_j|Y&!@DBGBX_{QM}-m3y?X$>Qu_u&NIn@k~M+b+J}aEAiCz>aikJu?5l6RKPSVYl0YKd$vl2}H$Sh4|8z72 z*2CJs_Wcn#Q4T9*qPma}RqVw_PkcC4h3BJ5x0ISHq9W232JeS98WojP*f@6sF<;eh z-wVEM2aS*35w4%~`tnq7y|qy#fgomjk_5Z#mR$kLBb{DY<0B1q&Jn(*=WoZEF21C* zNjKwOvnvU*S`rezDD(n9(2>x2`uMkcAo>~3Wb?0chMA5?$dQ~W8JzqK363B6-(kmp z72}Wk6Skt~bavN|c2i=GfDV*4*6ORbG**Q8bp39;+qtRk0G$4$(JA>e@fF zEY=R$JRyt=NsJp%A0bC1CLxs|Wzt}uud{}}e#3M{ivqz=Y0_n)qk%Bjy(Gq&jSKgI zj={r>*1Ugl%ga&eqinms>(qm(jlUeK%e;vNgZ%`|Mi2TQtb-`kT6}EqKK2gJU&|SUHKpIZ5%WFzPX(z z&k(e|`JL+K7fp<38t@{L%}D)rCVBR9uk8Jja5k-P>pJTG4njg@L+e>;PcxL<-*zV) zmH+C^!q#$GretID9Ua>ISjbXm?JMVq}m;gR_Ig@1i;Fi_sc-ZoU#(0rr!W+AhJ+ z9hcvd1&xVbX9{kqA)on1B8I%|@_0fuuY0oJj=V_Dq)`1qUlc-(?KaU*u$kbP1h(@l z;@s2($F>v*Ignym@H@A3f4NMH5e^U%h+dO=+h1hfAIcg;l=p-DLv{6?Psfxzvv|-I z=+b|;<+Vh&>s>RtKXN~xBA@j>tv(W`(Bk~nD+{H9qoa2*C(wmRbG9&Aq!)LVjbqzJ zVpr$!IEMcnXX%8hmXH@^IVqoAYefwIOtzOWTNGmzCh1U@`WTV=+qzTK0GFB=@dvsu z4}b`M-6>z@O4}*&^U;Ny>&x)l+-pj~_W{o8eaG8|?j}&5cD3JjRd5@84Ld#}DMhRd|NR z`vEYoRd*zJZ@XFyukbA=HLP>2qB>hLc&3aZcef7dt>J#7b zq*W4Gv5Y^bhaO*^R33X>n2Um^F+JM6b$^w|3L2q^X(OABX<-<4q85oFp29k(FQC#y zx(nAfmkv{!4qhVZRAH*8k7fvJ`4wMiu(0*GOJ2ZPd_4|j7$t1e`XUplQ0yor?+mF( zrH=w4wU`BU8Lezt*M^$2@Ao&n-p;>|$jkwd z5vDvy6ce;AWf4&m)qHf4D8)lK5zNkvc@undE;}T-uL{+z1z0}5gc%FGI$XwJ%9tyn z8a!MHyAIn3ZZ_JI*IX#!5FHOC_hC`)X+aRF1o^}Y)|Z1h2;Fd%!yG^X5n!sNWi&|t z+9RJ*fUOpFk>Ih_*tk|~mGx|88`1Do6Ql5ww#C!pQ` zheBK_Q82D&%BO6BR{eKB^sEYMUCqrPNgJaoW0*^tnd6Z7c?! z?|lalW*2CAcf;{c-~@&qFv$owK&X0JP$@?a9UzzbSTpslB$9YCqt)=Pdaz{`{ACZ; zLs`mPmMHV&eH|$2`u98%e*>bI7gI&6H_xm4W!4_FecxEQi^=@?q@3EJ;kyaz zxc2+H_tGkOrV(w$7F2n>q_@>8O81wB9>)*6ZGE{-fAKKx9rq$oCT2hRD$sRGYmE2Q z&yU61@0daCjTjXAnj?Do!=NxN+&M%Hzo#Y7wXIO4C!#MJW}l=uU*nKaxRClxzz+RW z67I*}WfWyU`+^&aV;*S-ov+#zkQ=sHr1(RrT7ryk|laD4O^87A&nj z>O?E7vepC*5zwkoG%wGha2xn>DI055Lg@g`aBgL5<&Qel#M>7QH`4Oi*C1Ah1@PR0j=EA;|WG0=ceUBGR z<8z;EZ(;DmJaY9`Pc`42Z1$q-=@=CP5Qd6NYEuASMd&l9WD8#u&Aca@e#nkM5l=Oc zGS#%gFptCAvy-gR9OCJDrB;an=dj5(Vk}M~#YhyeM4lPLe3};40CtmoK0rQ`(os~y z&JE~>(8g5(Ypa>UjAV&-x%GQ^kmSWD3McTU-a#V$`~)i6c8D@A#|7=r;K#q0!v8GS zR;EC*1NbV2S^NzT2@u&MqvnDW!}S#gt(IK1(dW)^2@%7PvW*KYy1=*Y}E#)>FIe5hMmDOkE{f1}CP2>{|Z@2KY z>NcRV_IxKR**#UyLg;jt6rFBkqcBIK_FsZ zJ+!cM%eGRn2ke)YtmnYk$~s!Cke*a}!=? z`nz!&l~ypzP9C!$e!Z665tM^8=ETkdwdg9D4%_dE0(`=my$;Bitut`ErD%`7J8no= zB4Ia4_YBE5^9|yQqtvIdtvaYFyPD@C00qJ92Ft`(M2`e5#A$xMF#^RjFn%EoF)=}Y z%=X6oIm^QyNh8}TxuiV2(0oDVpPrQwk*()I@ckB}^^4RgM9#_UE-((r`?`~kyiW0Z zOiV`+x8ik{fY(yj505w%6Ti+8AP`O+mI*mFaO`rjh(9#aT{d5efV|QN0-U2?gesp! z-|Ro(-`s3kg&gZ+*8me_U`&1tq+PQ&IU$j|I&*@rDW2ASL|$YP6$9V_SkkcmlaHB>}xz_s?N(&dKn~g-r(_U2b<%I@M>4wDN!I6rjwmraP5=_<>_HjiS zMjs*E1ZECmhaA9d#R^36GB=r@){xEt2F^Gq$VM(Z#&8IRk*)N*& za<_;PkTK1!F`<9d2mm7ewSHjHUk*}JZbuM(8*T7rr1qH%FY8YI?;O-h&Bk);an`B! zdbVWXy_M^6#*ewx_c8yzC{uEJMXw(^1@)7;j3)SHCAy0JnbXS$6>_C9qaygTIBhab zQ0jYZ*q%EaIm!5>JWLf8)iKBBR3R8CnIEVPJNV2Hd`OzEgV4v z8g?FL35>P6k42K4>C{-iPJy{$G8m|ZNote(QsyJcCNGw4+ppxG@2G5}^#R*+t3NI< zQs>Vrj^)ZgMz!f*8W}ZZ*{orBvI32f8^&FtduABP`}*VVcLS1u3{*sm(XR}JRHcPM zq(J9Qm*j%jk#}XO+l$-tq9Vxc;A5L#HyFpv)L7Pkn$yZ<8rB+a7C^iV!D3VXBr*5l z!?F5L5%SD(Y8zJFO<(y;qLer3W4|Xx+jR6qpD?QF#8N26v5>Nhdnfqk^AY(RQ)*$? ztvxPXao9_si9FnrNzR1YM;`~ma3TFn+o-e3>MfHlJwJk8bFBJI+%{2?q0NVB8DGo6 z!6hLn^Y-;axz4gnQvSD7row!OJv#Pt4-GdJho_|&->l~0_}+DF;W%qA`ij;nN__*w z;Zs9SeZ4^5O9Nwt^UlsZKyI^NN8bf)miV39+ZaAWociM|EEOhZGSGd#-_T1S6l0pW zx<9_t^|;d2b)3FJBVa#C=Y0xF>c^REPjL(K_Qx}wHjX4>qV`#^&2I4CDocp&wsKB6 z_US6uTOLU3`%BE5*Bah{3+F3ukoiVpsKU&;s zCP+)8J#jU`J%D71Vo%6|-AHWy6I;_!Jl%dY-|@VK`Lwg-^^hd>p*l))3CIv_lg(XN zi#TGs{M7I!ZA1+JlV=^#%rGUrr8Hpw#D+0&iTeTr>1@UzK~@yJz9_(U&FYAX4DzDhXa8F?C`tGe=}WE4<`<98b#Na&d*lLq^(?M6 z@mjC;Q}8NY?QU5gjoR^q6Qm0{3l)4i_yldF{mQVqR%|mW^-242McCsw;ICt0Eky|I*pLKXaM)1RX9#losy>A0+KU?F@V6}S52?zZ!9 z6rsFYpW1YbU4MWgg}3wA;nAt5>j9$F$MjT>kXn$(2?*Y{;l{Q3eBezcD<=~T0<%<% z-7|LFcMtf8GBc1b)Aeg`EA6EYoyv%ouMUxN?FTm8AbLuzP&-NFuAZ|PS03UDmJsa@)(y%2JDC&O~~zgtkE8T#v4iLV`&Tb6*oyOD2!8-aB}W)kCR65{G4+Q zh+W6aVP$8rmrw?i`L^iz>v=uT$aBoiJLi~FzW4U4R95u~jc(v#Q!}^8h^yJDs^{~< z@Wlpv;g7SGzNIT(2a7v(?hLz!gyK0OhUZ7&g`eqwoIl_2%4v!~MB6h;y5B)eQZXs< z1ogPg?j#Im45-admV77APxjaHZ-@HzCA=iXa~0HiYbCL5Zm$^xahNb3XLT#Z%D;yO zPfvh5)qHkUOq|J&xqTI4o2ARVW$?-2dg zMZftbyUz>qSlfP2fb_O=`G7!H+y4ZN7r;=eCsZ!YfMP-l#>4Y9!Nc=xBBpiM>*-7w zmPU3#cMd~b8+YcAhzp;Pniln|fIj*WXmHzMsO=y%&|5OIGSI-NaYw*KJnI=ZEDNf>*xKw;h7CY zeu36Uy*)5q>V2YYUT{0%o%W(0$n;+<#<#?SEgmg4e~M4gW7COG@X$N|WMJcMK}aB+ zQCsh_BJT$Hw3oOH#wQ(!m3u=^Nxw^FVYhKCsCu6^2>5w~kby`ZnzVgs6;c|oSNxJ}Z&ro&Gc$BxYQ+hH**?w6^i^{;-`V|jEdK2&)= z@S25-3*j}rFS-zUDe%MJ7_SRK(YK3+>V6xw@b*rcNw)x=0Q9vIL7m0R#^-QByUAW? z^-)xs!`d9?_i$P+fuc5yI?vL9KdonEq*!4%KKdOgyX(kHnHCzit9Ba5Z>2RDusUPdzWwRfW6>ujlCSlpGX+win` z6w0K$hoR<`4`kXOP}dWZCBGpCA^BDNj*d+p^(rOoNHmPL@~BA4jX9?J31#*42lk9o zc}4RGnl}>E8S2eT_$Tuo`>V=wH&dhp|GKfPazxX)fCy~$_C|%`)^QW)I1IvbU(6qo zcZ9F{0aM&oIcDw}RgJ(G=bWM)N;)yCuFUQ#As{hg(zzzz%=s1B6; z<9vDRU=YXFh+sCfe5{4odL3dAE=~sa>;&JS|)>3&h1P_XcQUt%78wESrw z&u+n0-IvYXFkOgg3rolPTFh9tZ44MGMmckOeqO^1yMrBOnT8s&Z?6c>q2Yp&f!~KY zFGMw75*cNwth2%S(0}@k1@eF!;(5Cmh$HaOD4J87Kia;&H}KZ3 z)e}`5Tx=~+sFWEcN_xSY;WIe+rYsdb9o`zrt%(SPK7ys)qz!ZlsRhojLQY>N=T8Nk z-(GGZmhHj@yhtY}I~cY81h{o-dvi9}bw~A30J*Hsly}7KJ~dS@X2o-@iyKCWhMJit zznP53*`%L;KKoL*)ussbG>-wlu6qm~Y)F}h4y3QLB}|cD#hW@Pyzu1df^(A`z}BJ4 zg{3n;p6eDb#&jDUfg!3pejuhLW8HVNBev9ImRv^ZX{zDIyh77)X&sLQ@4p`0FWq1n zxhcOP0JON!Z(eL1n>=TH+H8GD9}2K+THm(?=8!oB{MvMWR)5#eFO?7)fqOyRIKSSi zBQnfg*W0x5=6UnNcL)A^zp=L(+S62CdV}7t_lod=t_xLE7$#q~zLPc#w=RGAxCeCs zRoV?Qm?H!1IWs1x44;alnNDX4zYHgFv2p4EBeRq88{t)ew?Cq< zpyT{AGL`@Uy6%fWzCHgdyPerRo(MVh(o3$fAO8V2c9LQ^&4he`;QIsNSI5$7psmlF zAZW>|6t#T8UZKd*9lQ)!R78Vl^=X3hD7ekayWBL!GOk7O?SZi#;B-8&C+X@%`{(8I2aYpF|xF{$9B4U&n2x^PiBn0y@rIU?@)^Stv1 z-QPX##)>>a`0IkWnJvz4h!Y_?(DCjgl!Yn96DXNZSBq)HVDU5%kM{OL8r^hZ$Z~W_ z!bDvfoC`J}S()_Se7apEEAl+TCAkPUJWmk!2N6`gj6^y(9$i@PK7~uu+phj z1TArhcFYLU#8d~{Y`%{BUR8LK`UoEs`l+wHyui;wE?}bZ;*uWKF4P}9a^QaCg+?Nr zKVBF^L{!FW=5aY{{{Gd4*f@mzgFIMyoQW?PrI#;p)YLL9KkKTQB%ypI8{pvh@pfp| zcU5XP8&$ivc5_Bhaz$|W9rtgEbYaEWyL*cF>;*r= z?z(bvM)#uqg_p+V_OVr2WiF=4@%Q?;Y-Z?|lF())^`%$&z_3uje<4tfL3Xb^1n34K z>gBw}<@v1ISo=1Mqrz#=>n^Qv`gW<#aH(97)8U)x3jT-9DQ*YxmMpXVg9_uxDG?T} zxsVWYoyTiQWwxvalb>(6E+UQVAE@1vp(ky-^~Ah3-}d4uJRiF6Z+*ZRlBf_KNB&w3 z9WcLfKD^F=bm;cONPsScnoXu>E*4u_i*GWWE}F_-=_oQoGZVHi$Fwq2a$64gpukY0 zJ(-pY{1|41nfjiqk%(Ybl&pXGoFn<}x`E5_4O*Y8>}dqX9!>~E{Kwn3ZjNr_x*<_| zsCcFpiW@bvg2iZ+@|-$LEmgfuAk;|=|EeEIeh%U!aP~ItM}Z9(Uq#)oP4^Q7!1sPD zl+^co7}HhO>e-}kTf9?^lR!Cz_q6gv^zs=?0%Kz~k?+Gcr9P`>^b-=+7~Nkl>fQIM z%y0Sio88=C&74AeQ|Q3A(ZTP;fkjeMAnLqH>Y9~5sALpMYTn#L+|5mkiQ4JI#fb^K zz=nh4EIx33yDHOf!O>oF=qFt>543{rAu2MRQ&A}{JtY!YKE1X zc{Zq=v2rMzRS^8}1$oT1e`zfu`{kV30{GLpJ-s^1AJkl%#G1`q*^I`J?fjvlZ6hyJ z+NAmWwyD1Ie#&=fomSDWCm>0XHi?-(<$9G&ps%yh_?rmIu2~u2q;MNg3_B^OizHd{ z&vf4JDM|YD>sO*74s`jg>L<_marEerxTB^5b|iZ(;?)nYR72yUhkLkiJf+s*_E}n3 zdF^VwODA+6RntZPE%_@6bzUZDC48-E?Z|FKSp>CG0vBD(?Y73rVwxBMh(|5u5J!yo z8|3Pjc#?gPu&@L0{ODp<+vMdL>gc10#83gD4=%S|elPFA?M|K+3<*ziqYcxHQ|CjB zi1IaLdI#BCyCZ$IpQh2AThWLniL~i?^!EHE`&7W-^Q7jwwpzL9${e4Y9U2O}l^-Bm z5VJtn8kpQ&UIg}!>JIQU@G>tvjM28ob9QROu@#ALmBJI!i(x`87$+61$ z{zm6pdo!+;(Uq z2bTHs2!4m>-DlGvpEQgw*@zx<8+2&2+o234T{ibdrR3^=a{<+uPS4Ip;VOZ#$3>pd z$3)KfUMMTZ#|gguTlnFhkOFBf+`20mop^Ge{LEDh7RgMl&F2a-O;6qOC3Wmp+otWhSYwPXO2~-| z$Cm~BqV^ki1}eQsv!Uw<5?g6@Y6~m@?^8GpO;5Cm;Q1?Epm>%jIkkeOKjo?3^^eYy zESuxIQpXDruaZQ8wcQa7`}xLOZTg~H3uek6goMQMVj#{_>%{e>U=`EQ(3teGkg}j3 zCz2z9)0VmHYUC3|_6qOU@->w8Hz||k*F-gFas-nYM*`xMkK4z^3B1mh*18!m`Q_5Z zKUBI`w7jnIo%Y~fR35QE$A&&DGS`sLlDj_yvA7o?TT#e5&)#bgz0#Atzr|rCkTA;$Z z@BM@LaAk$9Z)p!$r1T7;=HsL>h80A<({d3G;68Q7L4*3Fu!(!Dab}*py^ijQ2C{># z#xcB!4&8rNKtE4e_H@FTmwJFV@_Lff#yi^-^K9D;bk$sT$&hW}tNgt6j`X~_{QUfy zZt=~_OyLshv#^8|t2A*d;T%sZo&)mdc~2}xY#ihOP6 z^uatDnk$U?Cq@fN73pBWHT@N~LK_*=O1)Xo4Y1;~(Y#sg5c6+8KjJZ=J>q50t1thB z$-(ob+Hn8OmMX-CyNJ}6t)Z=y)C3U&tT53&&bu|4`0OXEX`z@|+_tmM>>~#C<)P0M z+-rj);}HWAX8JGh20v$3mlRE}`NvSj(l~L5=j?A3Bm@1l1sXrHUugaw zRuBJB)o0q%MwL&@(L+8T+x|sTUsTP)VMp=QR%*dmsL1LQ7rqdeG3Q&qAU*BVF%Px& zUj#qho(g5!@Nj?!u0-I~@vp(mTWbHTEMo7+hNX+?{E8!kR_hzRS$F50(2NqJf7aeL ze*sI@+lhb2MINu-?w9vCZc-Nme6+BF+~Nr41#P5McrapwxX2oo9k|)rHb-o&KFv}5 zXKs_$T8hBAAYd5LH8*n$+ACmFm_{ELYH!@=8XU^gKMv&hoNqNCieCQU9)S?BHlz8A zGB7D*0j(y_xs{(tTs7FPZ67;CtOK#OhREnWi+?=PoZ-d?7{X#(lTjxOx|@)oISw5Q zJbC?N=S!b0!|+pC>^$Qy2(W%cnvj(cKX(j|&p)|CT7eQX#W-;mCv#nHGVU9EGFS5S z;_F$r&s?6TAsXx9P`Bijc@06F4yq9$Ngr({XpE#!-gCmA?;VVbdUa`lFIZDQd2~YF zru0ka=Ny0JFn0GWyP>I+WBP_F%~+O+{x|*d(47V)KL((r)c*)d$MLU(HR%=q*7+)! zXhOPUj%+`LTF}K-1NXhhL@cmFA};K=znlUkiM#~5AF2^!jX*38r54yM`-l`sj%AOP zmu5z&6u<*0$A@ixLPAn6x#;A&zIO70323`|_4b=Dh;k{%ZA#nG%7jDe9~D5RFcNH} z_eTJx+uu1}!NP)X{xVrLM&9y%sA2RGbT({3O6bf5l6dI5Z=ri$$ZE`HdwCzA!OuSC zN?kJp4yL&^pz*!9j2$Nc)q?^f+lrorh>F5-&of#Y(=^wrk9_ALQx^V2;s`_gd9M4bHI$<+ag&TaH*dPP40NX@h~;t}%Fa+`IT~9r%kSA zpf^cxrhCgoG4O{I$MFRRBEHPx`3RhdKcC(UmJENtUC}NtvIWGEq-v3D{nND4Sx1DB zJ2*?fyKJOvjY-Ux*sz9Q4!td#qmL1ek7tFrT^YdmZqbqC&#BI~PlsQLi=B4xe#T?qxjDahRz*ji5yz+k_}Y8VlE z>Z@yOb!goJAxLferQ5U}O1iAM2#!7PeHu9HZ8pd-+h5zfAaK%V*1@6YOlh|xBKN+x zw{AGW3muRsA3`cAPZs;9>_LautPGL6%~W<4qRYoHNrlk&G^2``O$$3_Sh?;A3qSUH zLIl;S4QQ=xcyMqN7qAW3#Ngnj1pXvL3S;B<#5`D&iSe9C^o-h-)nrUv$skj6%Ym&<}io!7zs z)@vk*jk_HNjW0%2`1;U!LIISN&|SBu-;u8@6uG7JxRs@ygc0(eU1%Po)o#;6ga&28 zvwx^wy9m5}(=fZki3x|vADOJEs95M8K)h9LK_(d`MK75r!RfMjC%%CYw_|`?X@Fh4 zY=P~VtY77u0_PS25%-7g1w2)$30*dM7aynczgT&jy*;D}Z;arWxoC(TuE-wVVL5T0Y(%V=2fpvC=R^nvko@`hD=Q#p_E=_Nn3 zIERL2Fm-|||3$a(sU04d3CzeZ^0VKhveE?hq<6njX)ij+E1b0f2Tw!Fkr&^TB~^Tu!!>+A_Z5Y|D(kk9|e~XJ&Z?& zYl&q-_DAUU64CV(A9tEVSSC?-W-cq12=7y27Why*V#ca%{gV)18dd1hYAWk35=>Jl zflD<;o)Pmzl`vayPX~G~c**l*-c}H)K;e-iPBnS?lG2%ovug zhPPiXZ~g@<%5!RNyxeQ~MFr3nbop+bKw0Ev{Xq0-bVIZCj};A1z_-MW{x`av1ZClv zr_&Z>hK$QScxaa5|4)|AjYt4~97fV{G!@~yeXVhk6YQMfFE@a^KZa-9WU47F<#o+n z!qx&LJ3ujar%1(QIH%h}AaBapZ<8O0w-QHU4fafE3WMhuXnOQFhuYfgyB@a35oj%! z;u1}{;!I1sL(EWMlmhbDf{TX5IpSK2Bo zB&GJxN;eP8&3+uGRAU1^(OUn23Pb#plG0jNKYj@SIBeyAw?9i*z@a)5LF&c=O8mFx z%{e{PbzuOwq%BnNEtLLflt@y256!R~en(D$B0-(jEQZ433(luMj=s`Yp`4^cRS#q?J+LB&AKxIr#Z_O>ZcABfe8WXu5@|CLcj1Nk@k{n+ zs4|R03onwn<=fFI;{6UPR{1fB+!lOj6mY(x36P z+1_f9%u#LxsyT3d4ohvk8WXhdV)F5B_-@>t{~v}O<4{_v+TU+g7K@gefb<_aFxr2o z8$X+J2M)VdSw!VtaX;551D+@yMrls0I;+vd0y7c_*o+s)l3`%XW8KN@{QnPAZy6Wm z_jL~s4FbZ@9YaeuNW&0Hi_#(8T>{cIFtntkprF#-T|;+=ba$sbqrd;x`+3WU7jv$& z&)#dVv-UbaA+y>ELLwr%-w;9{wxURr`cGtIAn&SD3f!MB@WRG8oQH2lV|#c?TxAqk z#A_2OLNM~n#Ka?!zwG9ViQ}=$*clj~4`^La#nYqW%kejN^*~&$7k1)V9nxceW#7%7 z*<_ZYIWhBk?*I4>KYdNo_4^S&a6X?X)>8Qh8v$= z4I-!d7nK0s8OEr+#9db+VTqbLi#Q&Iu3_HK_AS|s;c?4!p3TR!XB%=fZK^g&;uV@2-+!y9eY}4*!BScqQh-d`iWSLI3B^34WdPUc6nHlJsEZ(&y89DG z&_+?st&Ao=)Xh3Jzvighg74|MM7DmsxeI#$XQV=FR>a?6B?R^XGJX$M^{U+6I{F0) zyAl!mdl9$lpuHu~5}=F~eTn3`$0c@hiqUU-mTuTb_$w?fgLQVk$~V7qN*|>Mz>Hv~Pu{20R_*N; zm^!fDa{9&7))L#L6n%6-i~L9dN(hpy{!AERO?|6A_ynP5UL*jNX_hmf#EaNqVVs!= zgfd1aT1L%Y-xj>35N#wla1s>;r)qECcO;4JSpCd-le?CVTM!Lt&FQtr;p{g0E$sd- zx$hEuVGjJUNBVbz$AR$(00~Ur6}* z1ZY~WfBCmS-h$H7$nF8ndek`0XZ#$x9SZbS4f?j}u9@|17ZLEz7fJmwL&o6d8&Z`_ zSe9VgCYoJnm1JoxKALoNfir6p(Zh`fM0h&M0w-Y&DwOMn+6kiMLB zjzb`L5sA4+6M$X{WJWJV4&-KZp$*T$<67Wze8sDX4S+Qq|1$kLJaHwT>F>W zq}JoKjX_g5+8l8tG%<7SY9QL3uM`XUIo;gd*TVOa{m2Yo4 z#!KF*bX~pb=TO$M3-icQU0suWc2>5rX4kT@w%^W3;VF+rzPi;P>J($whbo|@m%9mp z_P}Z*!>p|8UhSG%kPAz52ZZ+@3nxJ|)rB}{+0ioB72X?f%qTXt6t%EkkIKJ%W z)f#KGw;zT&BuIsu?TlcN3}{}`4)Ih~Cx>Me3`a?1^HNrBU9*)=ZQ@!O=2)ixQIrEf zXN$o&zb=35J2v4F>wlPNh*_)(=r4;;OgMS;ee!#zDt=n`a1<*sE5}-SsxGDX7m;tu zzTdj*;?CQ+tsem5{Xl^;9s*Z+amK)9ow}+Q`iA^h!e&o7G&SCqWzk(Vym%O}Uh7U8 z*Pr!q8|tLDQ}1V=IhUBqh;uM3Q}v52fIB@16~G1&uhbNIB|joZ)*;8;WaD^!c__4v zBE4cXv%$|@PKSKm?+B#Hb#e>@q!Z&u>^S?6NPkj}v=IawsroBQrIzOuQtR|s*|N}P zElJd`mjU`!`@r75|5YYgK5oH_P@S`YJ{O!lU$Fa zRgzpUU(*cVY;*r2iucm}5*_;=Am?oF91-=Oj;e>gUzA`qaitOlb>luebE(2_$Ri54 zz0`c*8bewxW>cB=&>{XUdnI7(F;Rr8I9xmkGyOs?HoMlLT2v;sQ^859B1JCA3Ba1v zC>@nYiKnHKJcz2Tl#TH)5_U;CtM&x4v0)Q8$liPVX|D;T#u;bL@Gg_-c80n#Mtu`& z1_TTzw|5@O!ylpa5*#MqDLq>SyH#fy!-F&OO-NcH;P=}fZ%-QOewU!A3$U*F2?0)y z(Xu)!HWdLYZ;OXd{uK$u^T7;R#dz*U7%&z}dHU;4bU(<+0QOvpV|MKuuS9N>J*)Po zPXmW!c!*e7l8j{U^Q7D;5423sg=}8$Ug`r$hs#%O0NZhdI#aN}Mz9!G8R0iA6v>PwnBy-uue6hQZ{H-X{!OnsD;h`om59Zr$dz zp3}Is|051?cP0`G=Rf+RiLcVz`=@sK&k+OTxmjSTn@iqQO6LGrm#4S#vR<+Xt3dMP1@8O zJG)oy2-KU_onUi9V%CI$Hnrdn$JB$euFY+`>*%`-lJs`+uRS_}@jJ}GwxHj-VO=Cq zWa`8F>}}K|SrPA=t7QSdp=lao)qjAq`49x=>uQvGyWse7e}Cslvsi7eX=k6Z?GZ;T zW_sEK0_)a|U;S4JQY^gsN#TxvTLfw^U{k?}Nhkp%*KyxTzk)}soh+qHQ&ua#lH>E( zeGN--!!D}VIxAke;^$+>`=w(4dDRp11?-FGJd$x5Ti^>_YUe*|p@ zU8T)0>nr13O}(6Rt*sszy1M^dI|RO=4nQw6qfrKnT82)xyeB^YFRXm zSdgNU+@%CuMd}h{X)-n!h}aVlw)cj`x_fZN%eG^TD27?3LH+%k$VgL@4z02Hr{(Ow zqq2H-ASI-@bVS} z2cPT1jYr)mDOqRuKrba$o~G|P#ee=k@@#yNHAQhpS1ceW?Dzy|Q+@%vonem})$;DkbTMC-R+Qzc>RA^jARY4<9D|CuV}1 z(+$rW5%JbcyV82eV?t~Z8>&13_;NLfaFu7wOMihqQdKmkkSvuyzqZ1`6cyCqc!bHT zDsuF7z1-%Vqo~k0B1>lsWaUbPx+j4Fim>vb7&&V&n0(M;AGi5>+@o+MMVi7&YldmC=%dD9WoI~*M zoB5qIaNF#MJv$p<9;t~+Aj~GQBSo#N+(l!~y5o;_4EfEYjSU5y_aSgKLDZW+=)|20 z>W(DzaX5oiX#Jotw>>BqOX7M_givtN2?*n-$Rh{_MACwM7FSXJ@(u!NL##t2Y{#pBergDv6~& zZz=rF?ydioCTo5U9l{N_<(5^vbA$f`P@s#TJ&a z!7Zxr7!kA8{Fm_D*kHz)ow%;1#8~$LS^eTHSYrrsZngH=x@%o(1IOg|JuJO{Dy;&8Q!{kl(?7Np}!d+nwpP)3x!(}!(k$eMf z9d*0yn_>f6?{Lg5n)m+BTwR8wr7XD(5K=d;mykPei>ZQ&3*gQB?1!EBZKtKn8Mw=& z%6$Vww3Kkp?O$+u6#blf12-N#1lxIlYRZj(m`ls*?6j{$97ktobJaQ^N=-D-FrtKb zE?X?g#M!OTo@OTWS&pzy!9ceK$&z;ZxYBXV8q|<3dIc;g@O*fEeqrGyL47}mEVL#Z zFueA2BdD3M-qo{F1ORDGTA9zs-H>+v^ooGa_~W3$BACaBT0U(PopgSTth}P}nMJ!n ztOqT(TOLI8M?vhLD751$N$0nmM+tvAjn!_j;}k@9 z8)n7h`Lh2)(KHnD{*_j&FA?})2lOK58>(aiG`D_TTbdxu{!YPbQo;0GhI9Px!HP2x zT5F-WDi-b|igyheGKk&v%Er-(JQ_bGU(3GM{_#YF$ytyf9Jr!T{d=hhc==1ju*0h@V zmm=q}?TD*t_;d=m!dZXr1jg-45eRZ#RDS4A3(~g9g7PwQ~CKy5_v z5)`V3MRje)6H%r=cb8W1pZb-1Tn`QwBgaEe_It>+O+~#xME1lG_ME?T3wA(U2c6U!v}@Xu4^Q zh~9^VR$da=*sxNap1=71xGWG#fGZS|@ZrfhCbkoI0e!q1 z8h`~s4?~amu)3%%E9A}O6{wxznud-g6@kSJ&P9K19^7>#v(J@My&xAeOM^?sC+e<& zMaYOj`@92nc1o~+{7S}vL#VF!y?w5*%c}mF6<*&=r?k~W;l${?hRcXgYG~kQGm@Xm zqwCv0wB(%7IuEK7BJcVGltVt*0)CqE%52_oI@GN`cZ=Bxfjr2tR(SnG!nzgbSNI?1 zGhiqL*FJ7G9u)X%vNJ-r_1qebr>nnKOu1JU=-(u6Gja3^9oimy9z86nESHW2dmvgmJoMF&H;fSGeMzk(-58r0xjv(r(-{VRQs&2M#k zpU+!*234(P1*rc;mm*{*LKri79?F~?G%;^8r5VqNuFvHmg>VTfB>aKVVU`D8bQ20M zHBceIri^GR*GR22k&HN0X71)A*nrluvoV;-lH(!=xtOR4pw1!(d3?5bZw5e?HtDwN zcWr^*&N_cppgPCfjM(^OpVBwF6OSH;*uK1f`=|WJE$QKxq zUduG&at^q0ABr?y2`u6o-em)HRHcSJs~6Kp%IXWm2N?l*k%ULm|M+9!udn-wW# zIY(}%lyq#2(Q)Nh%Bqt5jX7A^VSw+|-Vq0!&ajnAl)AXq8k?zg@aIeUM#|B8r>T^E zn?d38KwUHT!olxfHA=<>7FdTZ+Y~duzdtq&ovbf{($3+rOfDzc`%bifIqbG2#-}V^ z;@~i(@iwSezjNNwN>=uPasn+04`i2d@Zo zm<76~*cX{0JUVA3(X`$SY@KS8C)_bOaPs-oj1R^%n@2X zqVd{F-djNaf7|sontNy8IU0++^QZ8g&98vb4PbeyvL^Hrb9JTA<5NZ|E8dTJfzMs! zpM3M=F}57fB4#~aany7UbfB7T8X;8Relez2W(ZE;R={$9evV?5sS{@|uC*8rStwmb zI3%~0GoXL|f4j{?|Si;1zH z@t>>H)X!$h`$M!XtA?2Sx-I&7b@dr*S?O}~#Y#D+GwZO$ zVD?lA8iQT&HLs@;-lt`8{5fDecA|4jdGU0wRg8`Snnl{RBVGMTVs!_R`|2-J04pQ9 z-9vEGfg<6{Os^+M$mvwP@)WYg zj!a<@$YwAq%o+NLmKBiVN8dh-75eEi?Bkl@r9*XZtglYNZJeFLE5iP@2!v~+p`^v% zkm)5ot5E@kmu`RapK+egTGuOu{U4gr2mqyQZt6nKYm@%O;%OT{U^_#~QqVnhlNMaX zR@V$RlPs*e&Haz))&+rhY{2A1oX0F12EFX0_C#(n)75P~k!9}g__w&008$i&sm6R6 zUKlfg&J#-yO%Ux=FKmAF1_L)@=JxG2h&U&MgpUDrYPA(zDVp}{paXTc@HczqSGfE} z^w*FVYas0)A?n42HPB!t`VsrQ;jG7I0gcLiPu3NXv^u^vEb*Zw7+@0VPVB+L^M_YO z$k7`4n<+>I>YA(n9HioqAe~C0wa{BAw{ge!4x<$~@o(_tsQ;nw*5y$-#V;+5dg_J4 z^1od194@-+4kE0-)ttR{cQfJ7@F9Va;k~BsM+DiCV|XJ_05Tw$+eeJqw(S5*yQP8n zFdJsFp$LLpfg=1gOi)eTHA%&h2|$XWR+$#t8!fCh_6uaP{~LWQ#dQ*%7SoyVT;j}> zdE~t|@jZ-q#Z(?WD2lX0z%LYrmO4usai)*}W1=RL*;?44xB)QRpzk{B-q@eNt_AEA zP9fx|ju8EcC{h94C~guGHL3flVR+PiI5^!NoqXG_BBG*OcrAK4X{YZr#!z=V&H6+G zDzGIK^#517&|c1`mlqXsdRmIeJ9FI-O~|v^=?TCsXM?;rs@!ot;g`sQxMw!O_wb90 zQEV5xooT9XE{!u}<)z+ZsR&L4wZ@e5A+Lp{{OxDyQ#L=gg$3scK7%CZoM6`h2^J+IeRY7gr*k9EpF@(;J3ymsmVoG=xyB?tbO z1@|QtHCXg&e)gK{`T*zagPJuyXY#$!{E_^fKd-H^GE;;6XjN8!d)Q;kjHb)ZY58SB zlZ;-6M99q9`veMUY1)IitCXnU4;2aYR|jWWU1cruOkEF%F4^0yB}+GjhPj znRsrUGmur~)2T8oLo72b4GZbl17yqECxV!094H1mUvL>^4JW6~&fzY(Jz46`2L#f4 zcW9}7VHW$}R3ZBDw?ymhW%+tdRBL z$LtKBv50$!Lae6qz(3)T`${d7(dAQe@s6`}Az_(p9c~~(n>%sU5@lbVs8up76B{={ zzwFYRH$#bi`P&eOUsvG|P2B4k+q2B)GJb9rDYiyYAYNwbyU;j?#<({oYOnAvX2M$I z-}J+;;qIj!1ZXsiJ%2X48z|0(KNz(cWgd`g3jXL>-^X1yXV#FmTu0Woy7?W2opeT{iNWL-!{PcvQ=<+;)GzZE=3038$s_96 z&1HwCGG_#b=mkLww{!Ly9KPX;L^HqyVY8G%nZMTwVF;#CI`tK{54MJt(Uf{v{-12k z@y}s-6V4;eIPeM5W~%!Zui9$wk;iL^;L71grlXeQ9wR7hPPd!=plJs0&o_$9Ey5pU z8zy9npAg0i&a7j>4Uj=cJv$0l5p_?SGbT0Z))$hms5`J^9qhpd8sNO{>L~KG!j$Y$ zE?{OvdS8a$d2Ww~-p>#m5}@19)idfuRGIaSmjVLs~v!%6&=QQOl@_w*F2f<|8_7G5_NER zOq-pZNgqM9`K~J}?cDj^0O$Qorf0|fa^taXv*pnu1AO{Kk;`H51MV1gRiqx(zlu$M zIk?HAXIayjYEq$MM+9;HLTEThbx}|n4^ph>ofTxZvqQB`!9f?fuIdLnPsj_nB)AAGO1qti(zq>0BT79JmH9=c6Q3esgY8I%wYV=gQdL^!|s=Za=MSQsNglzCLzlMs${jmsFrJq`jf#FY9c(;zH5AHbdA5XRoKCbwI)e8Z+<~i&3`*?%MB_-o z0;3ZtvK2|~iH~zEOD(NU#BD&^`))}JNDM2C1DX81eEIqtJ>EC$v$YVlI2ZQ`ppK@a{2UeqPV;=)(}SO>=yC3wlpJ4&*xrs z&KN?Y?b9qM)S#Sos#KP?FnGdo0BcsZ;z%lMXbqd^!kh;uPL5*@ZN4ej$n(rpq_^|w z7W$d3@s!t~f!_ZdimAT3mcLCp_r)QeT)f1b%MerFRpmxJTYX&t16%k|93d(4e+iyP zpW~67I4Er=nuvPmy3#-|tA-KDHD-x#PfXJNWAF zTgY2kKr^-swf}B7b>vgmEdopqTSy7PYCHgjF*Vi@k!?`1@;H}@i=2})6u-ru!;OMD zXt8gQU|cxJCp|$SijZ{~k2W}*M>Ogio0hG6RW+ZU zL8`S=J*d{3!vxJ%R61E<`4w;1r*KmsJKqb{NrG`oxs4M02pjuF6PdS|+kuRl5-BJ7 z$f!v!h%%EUmVZ-%oj%0s;(SE4x8=U2hRZ;EbZH{|7BeM~cUrnRNV~oQ?Wx88g`fh?PJRaL}skKkBU9;+3vZ<3KST zC0m;Z)v1F$nBy0{i?e);Nx|1UCUpu7LgYo`Ae!7& zHzL6T(!9!Q6N7QaR`lwHrPY5kE8h4JoApO&5Lq$iC1cr(u9U&mz!jf1Hoh1VPVGyk zlMn1GCD3FuiteS#4lFm7UtOtfbuRuTXgO?>;eLfe!f(O{*}2y3WB*Sttv((7EMC#z z3dFB?vj1kZ*!NR!F00VfvS3VA$@*d&JHT~0fa_=veZv>ucdHL~jGor!C0+n&iTtfC{ z*{8BzqKy?HuIV#CZ%pZXwz-Di&){jR=oGLZgdf;O5?r$t8SD55NfVgUNrCyS*AnSk z&c2miCii!DRdp+B2BFujhLM-Sy-SE}G4pE+sF#*}clP#rTzR*Q3o%T~MwT0kF7LHU zk2)nr8u2&>(^)Ma&QlN5>VLjlI{WW7%6!S{1*uChCQ3($c5L-2HR9Ra9IXWT@DF9L z1&5_*1I#?|^QX+feLd2A1t)8A9_^-|IABzU z;8JW;cKJ#!thB{bDy0LJE{}T|dKGRh+z+_P2bH13{n1t8H}d`5>bFd%MjHbNVM;+4WJt&bXNO>i);S;a3PF`pjM*9{5CSXhXx zM>a)qX1chO3-cOwBQw|_J6^wQOeZ4C?ld$$a4Ns&{*Mbk>UNVCxN`F-HEPlW;ARm;6E5%pf#(^n!)bN<%jDur zAWtiEBjNw+P!bg_z>4)|l@-3{vWU_(5LXkZzZu?Qm*$0qw%8oTFB4wynMH`%w!1Uq zbQ%_`U*isD+(3|rFsau5u-_5x(Q6$#!@MlO59U%UnFSaGDQKA)*( z21M=KxvN;S&O^EDgBQD@AsM#LB_EELG)v9F&~2zXl+G=%48)OBa;GE zxyq$$xEXEm(xAtrB&eu)3+enW;6Fz~00gdr^M(sqOcdAQnd`f%5@Kjf+1?Egn~tri z$nU*u72!0kyLEdF4P0sDG)Gvwe!)8;`|Zst(ys~$j|F>?sv7>%373-ARlf|Uac7s~ zM?rrh@bFZBONHA1(|MRv-uP3C-F&~QVchQ@cDd$?KgQf4m=aokX=X+fOAKVv?(Ek4 zFvGc^59C446&2B?M~Z`PJ9BtC^jJWKK;;e&f}emQJEmRA1jT6j0IaW3x?(8EFfb&b zGwesk5V);Q{m?=2qk~YRl1qw`ig;{>40e&v=cWuhnRiY1OO&Yob_Xq6P8%07Pz5Re zYaI|WiJpJ(!*qaqod#s@N)QK+Sc9jbnzZ`u|I+jv35jXHsa&kYE>5e6cLywcfi8$EV)bxPcN;TO$iYL`g=Kj3~=&UrlIDD3|9EUWU^iL)~`E{a-EUKz8ii?Y%7c zrHI~)wea#5ulvnlyr08(61u*#XHxy@t~2dAvAzCPW2B3J#=r>#e0)=Q-~WHO=Y3!Q zlog8>&5r@Q=cL5Hr8IL;(R`=V1A>Q_AUIvmLAAs(#TpAec4Y$}YYy=vR*)2=gB4nt zuVPGdcE%a^ZHCW9*sObC+HpK(OI>{$SPbim3`$gCE)I^6(RqEFCViB(RA5)wHLU%R zr=mMzPIJ(+m*!{v2oI;wPje@Vh#@vlo#jMo!C%bd>C2t2=&9tPt~BdPl>f6FL*VLx z3!2GI<(i*-vzPDupSBD9Z@ZYpA1^!ouh)|cveTg14-bwvlg38HVh=mPwTn*Yn|Z0X zU$~m^+P#Rg-P~qg5LO9V5^)}Nq*)r#F=c+7Z(3J*xwZsy5#{wnnys&`jlEiMyskE! z?g(Xd>bKthQd+ADc!)}?R=j4tv<&`lxZzM|d@2~ot}L0X7l;Ys-!^fhf~#?;S?bDZ z5n0@vF5pUGzseg9h_OA}!BL9bLm%HuoB!ZD4s=}_-i-+!G*F2 zDObIAG}|v+&K#MpscB&t!q-8y;J=2WO`=iUW>MAxJ#G*fLz}Tr`Dx!^+zJ?H&2?&eMdE|J8K5L%qpEYf0+CZ8xt+Dvj z#(Ohhq)J+M(62b$x-zbDjTgUgI2)D!aC0A?UADCG%C@=bU7@#g&s>V}{DtL4$AHR` zA(&6}G3mioS~2Hur&r;DtL~~={mk?`EbK|}9U2wSv; z7ZRA!Z$k#HWaa{P!O<)Qi`v0NTYD+W!>X?dG`r`^Ead_y< zKUqWl3HX^WhS$EQnSMy_WH@zNjKt&SMv`TQ`<_mUk^7aN>_)=}D$~KM z?7N$k*2V#j#>5xc{(XWQmJFu)Zhh=QlHcaP>sVcBFx~zo0p0v( zy93!|XwJ0#VW5AF49xnPPFEH-qT$PVZpFADwZ#eM zH$FnvbstnTM1u>Pp=J?A&%Q8RWrtY9;rwIBO}&x8?8~*Zvqs#+86vKDh=WmKKGsy_ zUnk9pHOGyVeslI7i?;D^g-*+%f|~x93%?{zw)6a)cZxk9_FL1uR&jd|l}&r27xpKf zPLHZ}j|jDvA}UA3G#u&=f6B;i5EWk(BK;pv9s=RAc1yo}w7@d6Gi3?dOo8{B#%9l1 z9gtuQR;;?v0haQT_r%;C;sa?iL;@?xX|I+Y$7Qq8fi(FfBZqcfsAgKq(X>kQc^*!Be`CET4L|hOPaP0vNiWYK!&iA00dn=JUg#IdJT$ z+J`aBGh2;akf*p|Q=lL-qGx{>mW?O8l!uxGb0jj$!1n0;qqB{yV6n2bwVrrkCv7uD z1~*6BJqVY$eZ-gleW)t`d;bn9P6HCe;V0NWMMOAZ$Y_dgTqk|uprsoZ!q zqWPh^LnuV5r*$hGXG=yv0MPVnmb`VYls@9KTEi`7Gz|&{IwM{PM%&pDLgE17+s|-l zI>YVNp=tFZMKQqZy5}bYFdCN1?Wg3kSTO#wDp28K#KrO@5N1(+^Ax7*;?@+Y5d=BZ zUjP|~)DUj1T*+mr#)#T{EfY`CT3edKTcRQPZY!_w2U^Tc#x=8wyDZ)mSCOOxhDpx1 z*yGn#Tgj3|3mv?iofa}%@P%RBBl`&n&eG0^k_Leh5ZR!KQBcIpmt#{f;7u6 zJ8TqY%78>20jC0X4m;etmNdtbaz_p^ur^$$xc3O}UwLwVW-b1n_yYDu>RUZ2-Ag%5 zfFCQ+zNmEqp07vse*hq0J8HtCv(~;kEm{5K>H+KmAqSKrivT`D()N^mptFD-zHB^6 zWQaXFjQ?UV)cM$%X+>6A_NTRg+2P;I9a3>{h`0xA+plcmxri-ySX$PRxW51TqoTO` zYzoKy5l+iR<+g?Bsj@}Oard$e`2OHF?6LKs{kqk0QZYJ@%Fpa&jKt~N`h&_pX(WCgk3gy4VaWDvv};t*-EOcGUSA^^$-hVe zP(--py&L?E4oG8WIJ~H82QCbk4P-U+$P?%h0^?G7YRDuwXj6g8U=h2o&_NbN8g4Ib zc{>iK>{papaUcwl2J4j=Wxi`&D%B4&HPv;zdOv=}MdKQ`3MGpk(O;A%@|P55eNz+u z%Y_OETZ{#H%{nw5R^fGmbyZI{K2>Ty9eeuwP8l1CUhLdc)oq4@T&Q@pj7*}ISU~p_ zWyeybk0;^JKaLqsPX4HLUh69us3*?6AqNWU7yf=BR$q<$mkeRH4TmJ^ki1F&zbN!P zZApyN{b(>-4ZHxcAT1xUOD%fj7Q4QnBjiGYote+WFp23vSY^LJtg{x;`R3&_=#0p6 z_?j0pqi-GDC+zV1xas7`c~H4{oavG(gK@h*-jD$$!#ai#U9`O5dZgj%7@pct z^D(OUdseI?E%j2=5uiPLw}3bxnk z@JHe_MnvyCL1*N}4~74CNr(q}@hvSUu?`kd=S716N+VPUZbAvDrspXWr0Dxuxt*NJ z^_~2o+Cbe9+AsiJz!y;$}wHf6*s($95A3R;9oy_IIcD-KNE9y2!77TT{hRnTVi#(DOrdfaFOsnL$bD^f%<;G-^wh71 z_a>CL=SKeb9VPDu{5V0LMV-#`&KnSJ>fbl=64e7#rI{6So>!G4Edlr{VtOh1BT>{SuR(@^>@;>oJ#nA#P0NPr zfDW~Eua=|Lf=`al`}43z$Q|c{y2EMfYIGuVUDSI$)><~qudi9afZ<#PJj4jkPYdr| zXL@+~9tKlh@03o(ms`dB&*5GgY^JZFftjx~mLEqRT$N=JEB5lSLGbA5>X_Pl7R^z+ z>L#>uqRLO4_qybeXVIvV@??JL*F}Ez!--%L*VXtGr@L2m?pPooL7vAHju#ttks9Yusc82J1MX1?R9$M6B@1Q@{pv!FrNX(tQ@ znp(;qt`VL5DphM9((QTCN*_(CVqXBivVFJ2%0*7&;vwR~j6!(1Ao3beBiQ5S5aM#A z{(@=NMrmP1OZqM3-Cdu#J`RJ!LV?P#U{6wPkR+V@iHK2UbG!FJ7k^|B^k|%y_u2q^ zJ+DUyB?p`al7BBSe9)BrUot@GIqRYHoJGl#tFe|6pwan!dN7CSD7Iq|{&80s?ZE4? z$~sme&U_B;0eEiCcEnC6A0>Qo|LgHLM^b)&9IsO5OY+`KxBNf44L^EN>jYg6;9ni! zmw23PEM2lt3U`JtPQP5nLyIv_mBc8Z@^-dXGTO(g|atX4k6uAlP*0L8^a3JGuCa95m%71065Le%N5Y+j_Oy^i$7hyIvQ zfscnD>n|qjFUBlW%9jA7e#s}s*wdMIoDS?0F!d@p1!2bB43&|0fVjp^UnEjViec8+ z+duo?Ktx#iKr&}LxnXOeTtG2X26uy|hs1-C(e2omPoDEf84E`ZHT{E@k+309Ld#%z z4#G)|vuW-8Id$)Y1I&4gE>@+tui#MwPGvw!BVgR#^ob<@u%X4MnNr33Zks53N12lM z7Px(92M5*qnpyL9NpDY&9Mr6ySxY0yr+3?7FNx#N_d;;rqa&N9gP%##qcD{dk0Km1 z*2aSlwsxr$R>cC|0wcQA?%ah~T_`xhL(1W>% zbV*>xTgB?V^|ygI(Rh(m0Pj$Y)BDz|NI3C_wKYo){BHD~t{Y{T>??>*@Wwe&y`DDOH?b#v8DhtsdfI{}s{QPjBD8#c=_5k84r!u#ZS!I3P2M@rcwSLZU=Pnmw1m9=_5&s4RS!uef~^h_x?D|l zPW2l(GZ$3tXW#N@_XRh2FlDc?8O|4NvDoeIA;jg?3BCCQbF+!jv*vm(Z+zrw|QL`LFww|e%RML1<_^F{yp zYpzO#~VS`gSzY^RSks3%`)TMr+Tp6=GdJ?tn(mRyhDX1Fdh%sDeXo+5!<0;z!J zu#x!xh>Bt>WnL-8xqJmK^Rj1Ej^Lfo+;?{NfkW*?&)4>7WRpn}yuv-#$OJ5o_-(mW z?1Th(Fr?;c(&(G&hU%&H>gsM#X%}#QH_4E)?G%0kq$zA9)BGk|_fR$4#$H@0>yB&p z!0!d$P6x|cN^r;GklNszVNcN8Bt(oVj8miH7YD=YtLIR1^%}kDe=c}pU}}>n30P9J zurNi|FOlj2Gaz_k_J3$O^AEuI;c)5}>ZjWuGVk${nx~W5hU#q1uk-wG7t)M=UAp`H ze%veM)LB~i<$Br?>RMv4b%b619P|PTlPWGgT+sJe-F1wXFZ?T(xI$NvI6tU=5;{Hc zmEG_bd(r=Sl=p9PCNMu_W(XUdeuEf?poGh<3C@2goKmU8r8J?Y5Q`IxCqM!r5d{dN zz$wvQXaH%#90V6pC;nZLY^o%#nFqNLk2c-Y9{VDUfcQRoG11||g+p`W` zjpH414kduku}wFIJq7Oo{;a^_)R9XcOJA)pQQf0q@v9bxoxvSWD|OgBmGo?k>p)-k zr>^>03gScn(t5_R!$KD|R1~c_i-)gR<1bf?{p!t2rw!QHtY1Gedyj71w1#1mRrfl4 zUAfuEPt%^%?%h+wszw!d?Xn}H*R$?`yJ&7@@T5(Y&T*?KUG8HPH~dkB#X=8zTSttm z+vO}jeV-*?m%SgB5BC?9v0mvA(IR;{FYbT$x+098HT-${FN7~Y8HCkDqX!b#h6c}d zb*pUPY_}5`bMb61TcB4GYWOZ!3KejnPv_bfNj~S?C2PajqE}JHQQ63iP0PE)w-XSA z0@!Gbzp`{Dt}TaZu51my?3VY82>|55YYhDB1fUzXu77<%>=la7G*GEqFyxv3afEXB z1*9;|Ocf3}6pHD>SU9Rbu6(t&Z5rn}WhvgxFtUf*WnslD+2u7{zkr7jH_h8>Luvch z+?mTHiu8QA*8irz)c>;3%GPl#sK^>ZALLz})y(DDhwm?X7M0z4OqYGr>Dlu1D@7&! z_l?)J#E0HPz-urcQJaEb%z^3Foi|nbVZ@H9(anfsjsMBx{qbQzsdfulih-BB_nCEp z!G~4zf@W3l)(-HE;o13D2DQI@vX^y##GGw7hH23U><@~ZD|FIvb3(X2NorW{u5i?{ z(y_NsuAHe&ieMCtacOO&F7X)vyvRWqBOB&>H3DC$lCdxLaSCO?Sv;jdL!MIesIFNv zELIOapr~um6)a}>8O*IF+3F0H&C-^Ah|317IP1Nd+x|Jj{Uu)qK{;Xtel#s-R%!EA z(;=#{UgQ`(vg9K7>5)D87yE8UqI>?PEu-*|!`;FH8gg0QHzO2(+Eh|12n4)Qd`Ox3 zVW!>3Rw|4}k@w;n`{ZKxJo}+DTjgG}OZEd1a(W}nXDKeZ6FeFWemC=tao0$5Y) z6~RCE8x2jB!XZuT?Ds9UGZU(h6KIbYx92IVi?(56K;vC0u7jLn7VO=afD z4GJ1i3K8OYbknOYdUg!In#Q2SSl`l*@sW%y>rxvPz9KUKfwUf?H}ZXD5NOJxF)AWaQ8r9 zem*UJtxt6qLA<|q$w&X_3!g-<`%C<@eC}qB8sH)syYH7QrO*GJO3Zvt?Z`}~=<*I5 zR8|sR;iS33jInFbm@NUt^i@Bi7eyF;m%%)5TaXe-Pn{Jearo+2Err!b0ubjjld@*- za>QbqNRe_xPf>vW@&qx(d<2xPuU7s&vy@2`!eAEo?Hq13eeMhBd$aJy*$WTniIt+5 z5EE*Alk*max>^jC1CQSqU&xG0cGreEC*pXQp^l$-KZ`d+eky-0*!bZ5Z{k_@fB*|LOFxkidLvaX9|o(+G}UlGh`^-Hekk-V$sk&O0N}k>6xI2`kUO>-`nuJ8*-M_d@6M zYI!gGiHAz~V?&d?Pp7}ps2bMU#B}=`{s}P^u~VaVclHkDeOwvPo4@GgXsf3i__!68z*LCH8vXCHX5U`(xVDnk4a(IVZgu`Q5!iIaM4&Gms*@Vb3=YtIb6*`fsz88N!Qul z%8%fU0-HCyY_YhQ6q!$zViV2bR`eyMhmd!;*0;gKaglpw-+IIz zAb1yg?|1ZU*nV{$t(eYYdZ-Gb$BYCD3{K9ly3Bke6#pqAK_d9#5fCr{2GiNxRqFxp z*nFkTbAD>me0_Zw*yb}mWWPV7(el#HV`L2aJGUOkhuPU@LT;}3uFCNRoxTbm62*l$ zYDyzN^<#^B)p(MPxMh~84jF$Gy;Ce~hVkaM#Mj6oSP&ifjhN3BbVBTQz5v;P;fgkM z%Rb(kfjyFQ`z9xYu3#V~?STWgdmh{Lz0*s2y`7k)BKoR7gudxfas4A8p@Yn{6$>Jb~EK!-I+jDXD$vGmI-6d+!qN^Bmm{W=fS1T4 zlJ=k5ssUHgh9uqZ9m0;YO5HE9O80vHLnnLIx2FPVZK@K)7>QT|EOErl)5Z>SHDZTB{czbIw&MDPie-k$Rm-R1&Q;)E&$rxi!gCV${ zsJd-$^+Dc-xtlMV)vJ#ky?HEhsV$o@d)0`!q+JW$6vh(K{c%l&xCM3vCKwe4Y~#@0 z$B9sM)c$u=bn-$-3_Xa;8*ICmMcxz_)oFHzCWbgfo~1^@JPk>0t??5b*_7|C-ee?3 z;f*vF^1=AU5mF8P)$~oLpm}{_5#sdfM^@8ygxA=|mA8Wuw_Q)hS=;@!A~I5V9UFcL6T zK((=Eq3#-dSd;8=K=)G`ZmZWX0@fzOolP>sy4-l=Rx25Ie8OmJz(G0Xw6a!*0>b`G|z z@3z&F=lSw@9-2HOc)z~=TpL2{_d8ejHo4L^VJ73>eE)z7T3*6o&00-rv^j39^X@dv zj_fSc9<^B#V8+C+JK9!p;gZ#P-oc5U9?iQd0nWOwx4LA?$UvGL`gx?BV)E;V$!H>? z0;;$P429`OLrTli44%CfHy%0jWy#?{Ao_G2xQLbCnT!O40@ku2o7ONpseK%6Tb|DD zZ^x@m<{`<>{fRHFGKKrd-dSB2FIUv)!)O7_Mm8QZ3OoCG+DL+tsStySRBtZei|ijW z!(y!=W~(d`{_ctNI%TkO*iUNIKAxs^Kc9mLHX(%GSMPfY?zutv$=z?$lX>;7hC_z- zixORurvVz_o9%7hUqmp5Z-$1?KP5E{T(+u)qL1>H4GDNgB3J0Scj{>&Joj3H}E+b-gyaNb_Hd)}W&;$KdVB+csmy}uycX)pY{jM~Zbe9``j;=W;B<%iDuZ3w^U zLbVn&bx6Rfg%S-!hNtV8Je%})NDsCmkoT&U0Ym?WL>A`T+Dz0LsT%=V`i%#L=ZJR! z6UKHQ?E578uA;{6a^lBe$0iK~CNuDa&s;qnDY&?7N#GC!$4U~FUp|@K`u7gkut4<* z+QXipf774ik-bll&Su`S1nRHdwPE5*KecIJ`=@}1U*&M*&=cEI*HkbRRV zYrT8pa8sa$lPJjm^8H5qYrselXiZ$4P2G=mGrqTN5GX76SoG%0Hg3ON?~PBAzR;H{ z=C}+b2Jr74L!kIC8*W`Uw`{#UQ}}m0YV8NzR?@!xheGapYWPO7_c1YBV> zGbEO-k@PinjJ?jGsURDvDOdtnIM{%OKi703(Yg=VLtMB-C<8}=Ye7vkxM;Qs2zV@X zs688AmCS=3<_953&JT`BUUgm>WXloWn3O2iYqYq42_5QOP6_zvkdKh0<5CFOIp;YJSHlH*K#o2a%;Bbh`vuI;ZvF3zg7Z;5?gbdzm zHN$5Agksk394Jiw`kldH4K78pNMVNjPkyW&04!^0YqP6m_Pf%3-}1gT>wM1f=`p!u z1nJ=|a(<;v(`06oQQsrZw)1O%|65k+&$gd$G~M?UKRXV%BLd!cK@$$Q#rXq-cn~PK zBkuFzQHECoT4XFMT%i8jUE0Fi!_Z8?OKi{cE9>^-_D}yE`gmdg?Y*Zlb*^y>#sB&k z1u@5$B)$7rIl!A7$s!~FJ4L%g)T?X?$Y~JuoILd5Bz&dWO=I;ZJEA%0jMyGWd@s*c znI&}XPy(XyZrTE*Irl_d#ZD@6f~;MQRY7HOlWRycV;s(Y#k$YTEEsfO&>?Vp$l&S7 z=hc`(VlYY-a@m*?zvocSKu0K}*19-l_TO~2ifoi77Nt9bA`0*RZbLI~Ytz^Ybyl~% z5o82cU)!w~>~tASqYuj~~3gW*tsoHPi4>GUCd&rji8d|{9)atTc zz>X3QL-uO}h>+@=o zTTVLt{^kU_SV33d1pz_0^r_JVHg19qI<3*p57EooQqtr=UYCwUG7K<;Y=jIlhEYm! zs&dM@j9G%eBpAouRE z)mp#z>v6`9(C3`>vmCx$J8YsqgZ4M{8HK!fIi?=J@Av+$4-0vG=antpM|N?jMdEx(DbmJ0*? z*H%Zi!us=OXvaT3tR{HaYyK^BRl-{n_!_Iro#)(oUYO5?ybu8v-|W+wVRKbc9Hq0DHX^eLq8${UX9W4}N0xSk@7_Jw)g=vX*dRel6JV&WpYK*D6XuTiZA7 zpW>iQzSg2_>Gb%l(xk8d!1LD*%>qrXr|)C1sEK=a6Bgw8itUvWd83?+1U}8i!p`LB2p!jbp>5lBi(ICb$uhegAuDFdL{-M2Ih#aT zriRY(1w%fE)$}n2$Kat0NZ8elQ*n^=IE^Fh*{c%pwD!ECu$IKz;n^0*^C3^q7D6_!*p9|&(d?6m?N9)-j>T>XtFEztDJ*ZF;LQ{r zR6pLOr#V=+>)I_Yr#+j7JLB2q+1Xn-FuU*{stiP8j8=yU2{o`;L?g;T*1ci*mvaq_ zmdALz=3KV70TMpQyw~5)vrAjwRxdy|0Lx18teY@FN5QJJ=3+}r6w}I;lqRs5GJ6UF zjEuZ=DusQwhG;-c9Jvs)Gn2QPz4d351-?erIWYkW2<*eNL#o5^ zulpB0Zvr|xnPO2u56jxCpCZM^-N$|z05}y#wxz-k2t^wAJg>*Y_fZ zfYrRe`S`>@UBAtFwN_$Z$(#D`UOI^`9=I}EB0O4C)Tn(ATKNW^nsLn30~ z<0Cq2;G&xgeb3U_up%io5WVD;4K3peTJP-Eu@pJcTiM?guTotZwyAqaM|8g;aQ8lh zv||olkHBg~5xj8ktSf*~ZC=NkjPdRwDW(*qVzsoY$xp&nOG3{ahclnbiaueUe3h#< zc;9(i`dxQ_NuTF6ljS&j*4%V?jOm5TnN7cW$w&$va#J6>kXx;~`7xoD2OTVw5~cYr zk)o!I%WcryG}(}YJfhj9XB~*W{()^`g)vIMRsq?GGW&C2M@Fx9xJ_Pq$ouONBW}-k z%-{F7CXZ2)rJuF$J_{!QajrwLUt?$kenGsq-L51S-aFXXtXEcd`E5+su6niDQ7hp# zT`XbHICNa3%gX7>ku%S||0@1n^>9n77#(_*<#=_gBPa>Nf7D$OOjGVH)n=mo?DU2>S!{CeIwQ6~)RTc_TN!4ShCFo*9RZ(6fu4^0)){90pfByW5Sm+iJk+)W#(dcr$msMK*fA z@c3h;-=7k3^V{@3suqVjw}qw-=BvrFSZoPQ>ae^wzMb}ZM>qW3u+ZdvS|=HD-;>fp z%PdFD0l!NmLqyx#nC}*8tFt>Qa1@o@XHp!K{46duAQeFP@^#|Yh5l0n0rC?acUkE|$$Dr{h)IRa;tFiMps_j32PkePJ6vKu0$< ziV2d5A!z`sLnA%+1}>h_p59_=r+&@V$yr4W0vg4LCQ*K%f*VDxfcS3frZlsAFp)Z= z-)=j0eK3*6tle!g_RYF!Nr6%h1eGg^0Gp&Kzyh$DD;hG6j7knPqRv^OX)}^n{wesb zXNv#Be2SaKWUQ#sF+NPg+zoMWwQy(Zp67KwogbvP;_WN5@Xuu$nX-0Pz|&NH+E|$# z2JVYh>V`YGA8$xP(wBL2H?(RcqOSG@>wr$Wdpcr9=NnA?+QP7x45*H~XkN#&>Wbs2 z9>C2vLFeFHElWHsGK0E+V*U{(8O?NZ@srMR-R+7ZJ(Gn=vZz+} ziftC}w}$fM9^)S-V%MEEp`&Qev7*Gi7nC+++=iD=)G~mv-jr?WUn-1!NS8xy0PWNu zk)^LhZQEh0KH1s%jQy>riP{fak1eK^GW_IIr|H7)k5<~L7Zn!Cf2ze!o*FVUZHaM- z6rePe2uvUsV2a72gMobbbw2*B8$n(o1IQ8>1N;QY0Gdgpv{zYBkW&GuK)fteb?sX4 z`6wdXf$9>A7hCk#bT}Y#x7H^DK&7Ol#AlZ_#s8|os>EejNQ(7LBU!4@hj`e?d6siX zK&-f*6=pltaa{(6QeP5(A{0}wMDRU71~NEPU*sy2Mq&O*yB-F%D0K6aeWL;#qBP{I zRTPIQB{is~@`<2`}Tb_}fn%OsVk z{?smBP7)I7ZPesllbt#esga`$XkM}s#3qM68IQy%eoT#TmTQWIX?g~ zBM}LW z^7Lw3#s95n93oV{!u5v6X{5->T=vK9W+Onnzxb&bxKRfCsB`i(3=uTDsNi!EQ!ah= zOMtUTvRSG#vA$$+pP(3r(%4R)=Ml|u$>5p7wMzY}M#p{LVAFbBz|RK6YONk<^Mgof zD$FeYfCo+mK6af$iTM*IlsfG)V|!WPV-b%>BhCkGyt<5gU7 z#q}^Ffo>KQQ5(SKxEvRrhm4#LXGFV@(Bdo(pP5gsh^S?p=ay>WgH!DMIT`}lmr)bT z?EDbu$gv>Aq~xf2$c(<<8CAvQ98L>^C};AtbJASP!j-(V$&Is=wP4!t(ZJBxkM!S~ z-P#%iKZ@CBB4XG2F~npkD>NkRS-s2RPyuqh>Hfi#we6W`qXXQ~%B>_*rm+5Ntc4TL zVgxR`H*y%Ck7{thF9XOeTvL4OOCk*Ii#(pq6GKhd#Z5nS&UDm81`YzWv2RI}`qv7- zM-uHz)>s^B0jLG)9XWaAKx7U%$s4>4W5p@Jz>J*AtS;rPb}-rX6iPT9U0Fqy@QLY? zPTcIU@N}~G0d*2cRGG_EZfGHRYKJ%J*cOt4ueGi39c!4AH_fTqbrY&UA-G{XGh;;( zVUvObhO-kCqzXj5JVEU_cG*8}IAsdYG=>OYJEDVc?aS2jO~t<>H#|f%w>W!;O+Q}? z`tbvS)Iyb3>^u*_L2(KAa$NLlTCq?mE$j0ob2L{om33`j2N@}A^CVOBE6kda&`wjGm3uGcj1s1a?&aese2od>4b~5lG zJKtPyq9{6*^wwC4L;+$*C*w|@3k_5g=|N79#sV*sy{?O+-j0qTDHo~l*u5N!exD7o z!qEeaj~!wXa#j9rt=LYtt~g?S`@#tRKcR?7@IBeM$rEn|9m=+?ges%%N|uQZO}~SM zVOmD!EMnrbuDKnY#SU48Z1A3kojE7v=Q?o+V;P{}P@&>lXq&gNV1q@*qHE9F?4d?Z z=BH!2cTw`1nt|7?P$vU2ms)Cy2hWB4)jHI3W2?b3Og18KHTh{cR9Mm1OOko+y)IK} z%%F_5_4K4o{ccXR?l~o!n#;+TzUBZ}3@AOgVLA&1_AR5gF@ta>o-3O^2xl3MCIBt> zfq%yYAY>QmexL~;J zONYCx&O2+nL)K%3l7ymhUqq`Za~61UjQZN-vdDK9rII-K8lhqaQBNmLLDV=-Wx~<^5$wyGeuTcnSzO-O-?AvsI zHG>$^ulAdUS=BqwCv@qS^6wY}=yAA2w>TrLzf$aRSQ_eA5B01wSG zW1sqgJF93#kc|T$Gt!&v=|@y2Tv01;h>Vu4L^zpP4uNyQ>viyH!T1^HFOHJNRvRq$OddYwkJMiH2uB2@KQ`uww;55LZ*QmY zkVu)XGI`FsTX#pMh{?Q)BJGk+QYX6c%r8^8FAt&c*0Ym<*W$+n>fT?os0aswQqXk! zCyHe;&@OCa=A2soQ!jw4(LcnT^8mD1=sI;1SpGPYFj2p)93H)FOb>rs#0`5bAym#V zS0{2sGH%%R)@Z!3&DDKV4$?A8=yC~cN70a9SshKZgN1O)(XCa>31I`TajYg)Q5-`2V4k0S_C$OHB4GMx3bY(KSP#dWpX27aL7=V|hz zlomgcfn+$(w3Z$Cpmn{13Leu-?aZIJi3=`;>`ro~(C@Ar!>_?`d{K*Y$4mP~L}Fc> zK>RN<9i(Q^|5Gz)prwh0%|ekgZC}b2MHJqo7b(~7XkxGqUPmL9cb*GOgymsf_Hdaw zoQX4;`(TM_px(fU_pk=$N0k+7)Ni9u#C8IssJU9Ru~i0A#q;}HN&E>nUe!Q)axRZd zc36uO?^Ji^alEz6q*fM#;+E$ewCfG5IOlI*_537T^k&Xv{Nv;(ZrqqAh9FNUyyjOt zD$V$zy(!~5#+e$dp}GZ9)7PIJ9K=g%rmEy!aVy3+aR3jHpZ&iDgZn?h1Onx$Q9rhD z7FIU}e+@n3(I|4#v7J9Gc(Y5JBV`--%;{6Dk!`acy#-DSVwt0#P91G8MIfT3^{|%e zKL7PTh?=XrhGPDamUbW=k}c&n6Hx*&)XqhM3<6EtP}D~NES;lbfwnirLkp9ZqYJV# zJ!hK-5Urk-$X|4EZ!b-MWd{~{J({T5HxvpBnFN-!+U|l{m&gq|s$3Y1=e6G)P2g0C zxl{KFVO1}|G+#_4lAH_LZ2hx{7WM7zzx;(Q-Gl23x;)_=G6Z{(s%C%C4&pGtj#&HRo8z)t&-&ojf>+b(Cj(1=UKPJ91ai_su;RN{|y3&9|xn5gy{6 zoUx-h3NI87yl6Q6HgbBU_!FJ!d6`Cw%p(yXvQWGgH%AP8%{F+Hvkvj#25(KRj255H zAcicF1-&Gc6p<1#3xi3ePzklS`LM6)f?TC2KZzg^_7+i^U|09NT|rV}?RVp!M*pAS zcq{cE${qHb7n*|wnmq1m6eaEIi6v@Hmy2gzs2&TP>a5_6m!GL<9t9COeP`K)i8v*Q zoR4W2RUAELitU329na-xd|TL`N%4d_@Purt3a+|d@iN_EYl#Y{YM+s07$oV%g{ zOF<^dAw{_if{lQhsfNtdu{H#3x(auyJMi3KTBOFxV&$inbJ~aS&?+r^AE`B1v@ysS z0gO#jSaJ}5=3qEyP!{zRdQt6GZ5Yxd! zJoaY?$}%B~k8+3qc4m~)-q`ga;+xZjmdr;q$cwIoCNuq5Z6MyJW>9G|xLXBl;2z!# zY^>G#9(_R_9I(5@wXPo&S2-4`(6BRezxyDpBW_F*|C3 zS2=dT&$D{1(@-|>)i|_+3c&qX#4dUs;DVRMNdCdo<4V_M&I)F2#5Jh{fjGJjSwCum z40h-igRPyG^-6@~ChdI8+(xH89IpMgH71wYCTYRaRuH~>w!qS`zx3C$Vttsld}}9@ z`goimtk|*Wb&)bo? zKxe0CB=KSXziY;SXEjRyg*)2o+>*m34K$-?RthlEL4*DNCafx2>>7l&u}26%Iu%cO z*Rg`Zi~9|b2k$$T{ooX75b1WiG`a|)=;*Lf3VMk5soqu?EOKy=6L}k0P+gG+fE*8W z#F8(v%6h2PP>_z%Bt7{1Goj zQpeWCPJvM%j&Ytw5{iHE!}o_}%DfLXx#E{~4w!iGlpnsxk`{=%aSkT{U60HEl2wEB z=0~6zmqRv{Ll$k0QjjEo83$0 zAcmum&HUJc^h8TRAmK(zM<;EIvv_ZQlD=%F2CFhrUBMY&d$?q4JMqD5Aeor1>MAp0 zSbvy#JcvFFon5=0#H=7L;Z6|Uo{i(9A7-ImFF0;+T@Jqs)VM?Lk$ehOq?>C?lgXoc*xiu`#! zWOAEAN1{wDat`@MCp>XMQkC3h-9Vp@i4-eQYg{@Mz~w~Ub^aK?ec(1Ox#$=wTM$Ob z4fg}pIy5lGDq4fwNpZKJ>}9tu_U_mq{`%68i3(S^9V_WE9TgdgP_*q#X9ZGJ*sMu; z%a^rX4pjkE0HRMn5ba9JW8Q<~ddSCWk>LaSsb!c9FdmQ5JO%;@Bs^P7GHc>0pFhFE z%6y_b_cWntJi{yb8yo(gvWTnM>b_uyo^Ompt7ZfpRw~FX(Moo_AnL$utN#p)z$&Wl zSh*!byu93)x{!2mUx;yo=0D?#bo0`MX&y{!jmG@yYjgzpV|FqL%B-sKc{ID&(&0ky zNZtZF9LNx$4WVet2Npw**RMgu)WL6EW#uuBaNd1YXahNB&$sZS6-_Ixtq!xHiT&td zx~d3CI$aRKYtt(S^?Hh`N96}f(+s%<&IO~>G%yy3cAt1$`?;)`Hi?qVU@MlmD-!@H!k@k|dgC8!um77-5@{ zi|WQ^aX<&PCy4c--W!?Udovjw)m)g!LmzA(;!R6%6|T0mAss~GKshw2eji$EgyCi} z3ydMUE@n8caB^6Ms|jw3CmiFcgwVQkj-n%9kAfZcXxs;JB;au3vya|*;$-npe|6lY zP`}P7d_qV7n0=7mKL6IXiqlWh=L>!GHjP6Tw%50`c_}vWYC~w(aK%k20U`zY2!i!~ z65j`Q)Qfm~|5tZB{ReY}2bjtupxNo#TZ02)e%dyReVdSBikiK0nZC)5=#8#pOPN1U zQ3JyXy)cq>uSJJN=cJh=P(OV4XlQ3fPf~etB{xzxjH*aki@|7};^S%LRlw^FPSf7H zr;$i!`G)j`QglU?B&Q#ba!OAj$N8tJgx+9;o7wuZc0r&coCn~Xd<_1%Mk}m+rd=ER0@7$s2T<>T#=O!6|F#vi{LbOF|5016n zZJr+%iuPAdc)8P4m68yk<{HdHsan(8|I|rxf(G5ZYN|227=!uTzv8Y(L#Lq7XFdIa zt8Q|0Rp`@TtM7TMnp3#@qU*v)tXX}OLk~Xps#FfHd)%32-`mRL?K6H-Er!eD>_Wv4 zbbHwqjU4)pGimMc3NXO$6Yc-6p{Ei7EqzU7rGX$)>5kZR7LG>8i=LU!mI)4Q(&(8& z=)B8y`#-TFiFz?p_p(qw(!(c`O9YPj2(&X;MoAbvXH#(Iu(c(15 z%7~aP$*y2mvh@67JLMzpEef(G!r)(5rdy}9hULHFrRUH_tg)45(&<=U@i1}?W^>u^ z=X!f}PdvZmH@k#}XzfRAk_mFd7HMiD}DULRz3Du*94R!;OoOR#m9K z2lxaKGgzhOM)=M6bTg-QEE#l7{tiCDn>2!kWLc4b{Xq^bql_&ni%AuZr@=E>_hBK4 zQ4S3`jB()`RwHAQC>iOeB1~{eD62~VtdR)DAX|DL7r^`?_ayhE+PkvLUVXFO#@v6~ z%kbSP^{21b%~r)}`RPf8w|{K5kIRgJ7d!dc7|skBK&>X%u!A;m!Z#Z2&*OK4Yl#7R zLkSBI#@VRH7mJ3CEF)j;XhJXZro@T&b9sEw;p|7PCq#^$Vo*XtXeZ>>j0f)1n#A5S zOJ`w(6U@XCSm|_(j!`YSEr#I3_aPiPnDF2qJtGS{Y=?fur_+$wud!j5*be~=8(>ZB z!K)Ju7$C(93b0-*M-=67EVxXb70q(&*}H7B6}csO77nd$Qm2H&cgYi$H&WT%S=Lu} z1P?NkGt{Pit)xD2b`_ffEh*L~&)o7Gi1b2eLDAHjokV2c&{55&4;w9Xb) z?46Rw)ksY7{gtxB;RBgF{oz1=R4;zn)5+%VFMkvaZEokUrp-|(N#r_D3ku;geYGp` ze0f0cy!S$H#nDTvcW(pHW2ndd_WxOv7aukBidc=KGr%AZPvA{JUNRAi;+S+Fg_tE} zoxO(KLVnDY#V6MNuyjkBh-n&8(#d!Z#a4_N7(aC19dCn1batrIBwHTWcpxKFiV zemXjxyqxs$tEmA|@WD%%DB_o$_AaoEkG=0^p}IimWSW+-W|w%d|@Nl1Mp84vaY z8$$mtzgp+_Zlkzs9E=+q1zOyp)pM@&KT3ceR|l3^YLK*~ax-3YMFp#*3aJ|HLTKWu z!xXKLOdKN(THL%ktI%Yq@Q;yf*U9c9waSAGlML(~5mBJ> z2sYiJbYZor-Z3h7kVN$s-8FN2L+_1p3m2`5GH%{yrv60X3BRg(E93pTI{^`dWk?EO zAvrZ7b^5UNYiXFtorZl;z3a!^I_B4_&_DJA?3O`nj0C*{f9mTP5CJiIF=;fV$YwEv zl85@-(z;}it(ZERebgyWzAd?ZmU_Hz^diG#TXxv(zl?*uPpP5klG$@Kcbc3JPZH7R zm)DKgtg$U5M)X$F$tLt=K$xV)0FH8YBok30nBS4ne2VrG@bkqQn1dw)TdMJZg2svs za^=QCB2}~)p)uRx%`8&WUNCY;vn_R-y$oHPA#zwxss}-lyo^W@dYL z@S`_8!3k`hj}YH_CX;sZytqSuy`rLLT^%Bw%k%D>@8du_0SWW7Hs+?8yOVd^IpcJp zE@J({$$WKJ@sA$8T4#qb&jntoG>$O4O&kC|SIMLo|0f3GU>nQK#k);AU_V%^qYKV7 z@1ongT*$BDa7D?`Ag;g0BiQ@byAiv^M~}LM%t^0tsS%MF68D3Z(FctN|7bTX-rNqY zmlsnFgS{S(@`C95cE;;wQ>wf!zDLRCymC4VHElI9AV6zS)JPZ3;dw#I0@LXTQa862 zG7$Uit)-Gha(RZ|n>~)ZGRoWJ_%+>{dpJrCZ%{k22xokuc+=T2+5%(V_R}?wQ{-rW}ZwFmXa59j+(zFau?|@|)9=#SaT`M<}i5rWd zQf5BJDHl6#VaI6ocfFmITRZAsA%RY!g~*A3J};h){aH&LC0uTzl1v(_uYL{|UR+(hYnIPINd8%; zhnru|oC%ewLhRaYLRmNJMkgzs<2H-9s)9;bdX&wN0LYIk4y7g)V9N1cjiGm51`)Qq0N{R9r1%qz+PVMn*@c&FeMYSUgvdKxFcK^k1CXxj9S{r4BALZPJdQp;77cEP zUdmbyVrhKpJrMh-!W)Fb*MjZE2RHH<=kvhhz3i#LX~2<1tCvDLr-oZ(vV?TAn? zhagMfRK-es?a*G_G5VcD{wV_wT0JazLQbFOf-!uFmMHG5(kgA_0Zn~FFD&9tQ+pz` zUCZ{j#}a1p77h&cXqHcf4)Tro1Q2Vv**TwINN7J_&^OY^^YN5g#{m~v3Z@%(wr+JF zt9$CNhr2|AUIPi|_b7Uzshi-#+m2Bq9l2#w->D@aT?~xJk3ISgU zDYv}OeWf&m1EuzPh~*|`>!8e$Uh!NOGKz6CM&EEXtr|2;uH4Em=SyA&%OTjDg>=RusHy<`5aTm38&@1DZHiAd+Il{6 zIi%z)q0F?D+xq9+PPBaShM4AMp0Gx1@$F&3vS1xqpx$v80RDXZxLul zuj%%zedIKRh25=2;djPB_7g6q6cZtBN_$MWPRBQBJ;752$0MGol^)z>{Za@f8c?qyg9hs@_p7dj~TFgNMKLC3gMeX9WweA?Bfek()F) z4S9>`q6HJ-X1qmAMM}j_5hx?PhDs<@cCgx==1f#SpkLM|a8ytRwiB?i=m7a!N?i`j zSJnTo4_iRJUwJx(0|Y){TP%MBASxm&TBdzt7i*b<<^;l@R&nGj>?bhyF*e?wc6;_T0?5V1Y;k-T3E^xZ?6~54=CEfIzkCf^SDOqfH-cpc(@iXEkql}xC zUsKO?B}_g?;|-c%$-i`q?QM&}c2VW#2A{uCzD1|m8wD(xu;4T54V2iKlRJkvaQ^WV z1wJ8vcP5hj&N9IIAz8PLeSYt3HpwP8!Olh_o`dzh29v9Si4*bTebq%7mAP%X0bM7Mq*o zT4cgQjgP(n|B7Q74S85*7L;b44iFUm%I-#Eiz z#gBCsoO;2pDCcg_@80}B^stPNnw&&iUvSBf1>ML?YhY4Y(+QhT>7f9&_StVq!~Rf9 zdUI0xb^*QLF|B{kgpFS_I%UK(z3aoGqNv@IV5}8?B5pf)&vh(EF}8U zCB~{8tvNaSdM`?-ZD47s%qd4AafN)lmGwl6!((M250%4`uI6th`^RYLhBt}VB2M3( zYNW-1@7IqwHnuE31-GsL2vFi4`JenkEr+wAq0&Y_A4zqQb+NjFFJkQRoUN0|nnpP^ z@AF7A=5i!=0?5soNaSR3S9t_jfp_q4p-e)d2VV&&5ORmcBu`q0Zwq-K?G<13(`>I} zqJOKir&P4y25hx0NMa?9OrB4U&##Sg`*`}=#k9kd@ay~fvLGa{&^ls^EAFU%2I5Y7 zbS;%Yv&O2fm2*)E2R#gdnV>|Y5LlGh+XBE94pw%Y2H~E6OM-op@^)xKN@Baa7TU9U z=;!CIYY-lC?DUMCLaeBWUP}Edu`Qy1LYOpLgM-Izc%ccqu(~88v}oCgbe|h?S@nd$ zf`nUcBNI)~#EHS65ubub7Q)vCtL3=Fh?EXg!ebD{x68q1CUuodPlK5JkKO&NyEjD5 zW&%R&l2oF#=#mMrUT!47272O|M|}+mdZMvD=)OyQ^4SC~kLZD(Z<3@V5<;S1n*o#E z9WKqt0xCDh!JP4Rmvn=w0$kLMad3@EXHU?fFXL#?r8B!UhR~+0 z=EHLXP8AfO5x`UYPm&)0Z<7AqqqSl>FRVY*l|dGo1()z8y~qin4>M18!?(VL!qh22 zKvZAeaHN+%bR((&n-9k-4bAn`SHlv=eI%BeQ_(wO-KERuF3h7w{FLm{j86-B^~9NN z6DCko{rjbfejf3ncsUG2Oa=T*wpIwxh=)+5D*`KLwTl^IH<>dQ%x!xM`xc>$>qx4({pfUxq2aKgYFi-8dx|U>Mj&%ueZ_j)4 zTbrDu_U-tS0-|ja{H>yn=bizW;{|yHvBM#*Itv_Ske-+Oe5ALiF|BnGI~Tl!Z--p8a?fU_ zi8h;g@|a4S!HoD;vno!HE}gvsT>V~)$}|O=^>*6WM*z5|d>RFVoI&oJi^iv`5i*u% zbZY&;#y$pj6FD8MG);=z&=g6=tAZ2lFlM@I^Q0XU6Dzvy{(UzA1!E`Fb)((>J^8be z)Q&~&d-I3WM;no@`F8@^ZV@1Xog$e0W6eK_q11cs9y%!NoujZUuQ*l87P@_K<}>C3 zIj?zG8qL$$Vtw^4BR&ptBO_5ev6J2XWYvyt+#i!W z-ukDYj3;FG!S3Cwv^jfhY|h!4JcR|%cg6~L^UIf{)O-9TzLLUfE3*>TL@S}rbJU)| zS5j#{x^uc=iipuYKSc~G#Ef?C^$de&r(#*4UZKm2#juc}*%CY5~XFoJAY(6ciWA&i^Vu>_FwtTR02OTKh=I8ESGfnZ2l_NRQ&36DtFb*$&%VKT-T6F6XWnitZTghe#u@xYo^$3+^B zUKmVIU)?yt41wkz?@gk}H>=;PhiQU{_BI9cpl-bDK=jxWiG8aFP%axr8|I zCzqE54{`s`2R5F_@U~L+aEdggq#J}nxO&_{xeJdf6P+lcfB`D)dYrh*6yGsBB!VzVUZxf2PUL%a9j`( zhxpTla~WW4?t}7gb2-FERS5c2!tcumpm` z<+d(Ydlh#$xWMm}i~th;R&gWZ_tNz-R(CguK>BV$Y35i`jV#MD`p7A2)TWw-^+tpy zFyGgHu9}Utq3i3@Ihz$O=Om!*u5E|j5B zU_X|0??WA-bJ?y|{T*~w^@($rnQgu};>+U##DKVOv~US|OZgJP4M_xH9%>f}EvBYqAJ8^{t_*gb&DGI)uGHJKgZCd*?k5dfRW`N-|d^)VFu}|FuEmzfGNZLbS&_jFFlBJ%}Sm z8w;4TLNdr+N38(}Cx{VyQz-{`wJ`UeKPF}g0F;pB=sq=2JD#UQ?oKgU^3J3kJRdH^ zE?jdGk|VbB0&F14!f_FimtqOAJ7qN|6BX_}Xeyp;JnE}xaw>(sb#_Ak)MY>-RAh>P zyJ&ZIN|qahM~j@H5PDGloyd$~E##Y9#f3{+vyO^RyPs;GH~pIstZbP00<%E3!nR>MH2?Os8Y%8U9nl z+3lQXXi0{NpTOXnC4k*XS#!tA5;4ui!A-VR{2n+oW*1#JTQYj_!`$w}cIx6T`Rj-S ze#w++taO>}82kAZm$Rv?z7e=i=A$`iZjG9n7a@WSqWIFE&st!dZe&{th`b{CO zH52#7{N($m^ojVV^s)ALwY$~&$)1p>U}Ua^ueNFCQY$XuJu=0h5oNSPmID>(hHd=| zwy&Wif3a%a_7lf;O-U3w=_GoV8$a%0`6-V~&Zl3v4+h)0Mmp)rltILJBDsy?;m~_OHTAOff9o`-Ev~ z1K~($hi;XrCL0uURY>>z!$e&V8N+X=7HPXwSrI#>0Kl>K?U=_ z_!5n~2oW5zhTfpm1!b@i*U&Ybc3-O3BJDOrK zf;egD2qDUdFJ3ml(zC+(yOhTA600Nf!WeNbZx^=r|Hai?_%+>s@8bg`q>+>^ z;TEJMrBgskMFizrrj*mFZ~!D0z}$+!$$|D67ZHp@}%(Hpwgo{~pg(zOsxp*o|8YXANo$yr9GlvLz^v_qbyFOiGuM+-5g-=uN_O>B>y#Tgz^ z5U7x5Sb`t7_gK=n8qRT#eo8T(IDCxdLqIici+Oub^6#!&>m&pxFZknQc*bm?JNr(S z%K(`LafI4ItYay|3kK~)#FyQ%4~~*|Z{V&L2;|Hie*Vofl5n)PylM(jeIR< z1jN6}PvD8BcfEJtSgXpAPL6I0v%XXuI!eF}vm%PtzIp%>YFT~- zcKOs+rThP0?97IyE?_sg0U}@?R==8m!=%GUqOu+SB$~Z;$RGanc&pUf5#xp|v8Dj{0GixhWu-mwB= zd|b_XAxSUM(B=&A=UWkw#rpOpA0W(v1cAiX3_V_Pru60coS*Um5I;Z_*0_<|cO3{$ z_kCa$&nYqxE(N(I6o?$?8+xzKS$>+M`?k*y_CTbRWJg?TD1OQUhZ*~Od(i9UaY0Kl zbLrjmiw1O|_0q1mqpc{wUUi8H{5#L~xHCD)u+zX`erba!xoozLnm1{&S;&fO_2YVj;qRIMEsr%jzLzk$>NufdKPMJ z4}A#(j>lp`JdMm`Bu*~9=V=1aeU`SfbMRZV!g>RbyOjZOsR|U7ED5{bp#Eoa? z*0HNO@lDOzfdny!e%s*Q7j{%_j2@JwdykSGAAg3js*+bzNroQo!Q7C*5PP-hr=->T z<5m6rl6cMA#Vs8JG>d!lSCfQ1l_ey9dLM4vO5le$0ZOM@zQbUwmxS>dS3jbN1~QFW zs+q868@us+8)mZ2%UT@)UE^deR3I1ov>}dff0ZN?o1lSg%&F8Ps8gpm1^(m{RqTw} zHCe;na&&=I^krtGEO2>8524yXdb5ort)(dC||UVCuy}$ z))iNRG$k=~t&p0DDdbU3Nf$T{fPz=2#2M~*%Nd=v(d$q~l9Az4D!n<7P2Ju}om|EC z@|HSm^a-7vT3QU_bUr)l$xQvZ5hZ&le z6tCc7R-;#BjhNf}PvG{;ERd38jva@l%{ER2sQfLHIS2{ga}%@d(12!!jR#PP)3!-jnB*`i#WauHR;Uc zN|G>k8H0~)&q$(I^A9ZD8KojnzBKodIuD9)SLV1sOg!AhSN`YX42zV2M-!pE^#!&$ zVA&Jh$h(Vqz#kj<&70ugKf+pe6#}=m2;*^@&xh~1Ox52tKy0vUw~)}#nz}klyX2;@ zDfyXN&7CzvKR4*GkwJH#tXRs7J0?GPz)?kBBDj7XP(VY~ow1_96i5u)b|(6cT-3Ml z#p^BNeQt1cnIUv}Pstz~g2@PI`B#KfRsCOh_aegn?061jxVvmG#-A8@&=LrKNSUrH zZ1KJR?4h5<>mxuoJ%2KKXPV3nY`{R5AO1qurc)khpFS~wXjiiVrTa)!8(lHC&S!Mf zn8;8+5)hjGBkg4cW0i81NNeqTrRu_DFSDwPbK13mk_OC;Ry>$Oq17KW+c?cvL`l^? zJ0E0wXQw4wMg+Bbd1r^?&W`eCJC3`&8EkRA>hNRkUCih&UA)@bQuEhHkQHh*3X&QkQI;3!7fg+4!0z`WxPy+{6YlRF^{G!>F2kJRC1W|L2yKha^M+6OxrGlA>QNS(-Z`j^$zur1RWf39c>}Yq0`1$9G=^)AM^mU#&-o&y@{4KR|dl^v3QMn`L?PV?QTUn>{GZx30lD{@6nJ6D(A3{)k|Wve1_(18>CzDKB;I{ZNSjVF-I*t!e&0l7^zD3$w#Tj< zn;V!Gef3;M!g)28+h+YKX+4~bTs-2}!_g$pJ9Ie?i*DCtL07;3t@_Z?;WIu7USl#6a18y3y+vXTngtIgyZcXv-h zUfuLm_|BO)605eBNC4b44ZgX`-8MZjw@nXmBf>I%+`Y2(rRZdfaF(;Z_?=PVb`H4m z&sktBgNqhbpQB`**$31+yy$lR!AR6Y2k$jlb#-lL)f*1L6e??B<@iom%Um3NYZb|R zgbGn=5u`QJ@*-TOHZ}jwZ)s*S9KdET9?=~Ww29CDgokcG(X-ZM+=s>L#6_4POBsdk z`ad=s1(|Fyx|?j++p8n}b#Y~Q22aeu{{GP>H1^epSecQc7ww%F>xKge1KO8*K8@J^ za`JPnQvRXBOUaRkaS$NKe-VM>|3-ww_i%0uQekg)reIVtH&7{(AJtW~o^T|g;BeD< z;rV@AARmS}1F?_BW!Fsej1mAUPOSu9f3Z*T(+#>BD{@0TV4hgJC-pqEV$J7`dMG)zgzXJGz_ss%)h?(KS_C;}5&pg1<8Q0oYC0 z3khtj8AXI)^I7tq=h2G*c55Sx`-|r*f_BwQQ>K|6_xReow_VAy7$7_)0@`> z!cKYmRKDS^GPk++_oPNu-v$aZ1bI|dRc)9yd9)dXkR?^f9aueP2ywN^aTs>Ge>aWr zSvqGDbJa?-jIQ@8U|h_$l4JBKdG&)x7*Ij@t;LLk~Q6URAL8k%6gLL}4_lw~4 zIB1=vjJI=gvKGsfgCCrm_&o@VH34PIHy5h$PS z^QipY$HLCElTgMC34pcn_+S&O<2ZQ@}kDpLN)>2A_6)cj%3%gj6Ag&&UX zquv4L9PIj86jCcgVz z9+Wl49wq8oH|DL(p(2DBhnHW`LQuGK5!knEuzx2wx6<5%98anA3kq`G$Ak6O?6i6E zqp=L6I_QqMs^FoSo#~Z$#o(Xt^qGNgTtp2hE3r3}iNLwf&tCb>{|)mbu;yvGQqvgDO=L|vgm0Z$}e+ovcFUOaO&HHrQvRPmBWZ)#PQ z`I}Mt_3MI%SdS6GaT*;KC`x&;^xVZ@$x)JErjn?>Q{?}1a&-{M>vZPJ2`)|sa(=1R zg^2gKz(8^tea(oYrxlA1@8(z#!035U0a=B40h!l)Ra@#}csA7gB*mqd)XGaLq98G^ zT`Sq;Cu9R|Of+IX?{!`6U{~(8QunJ=h_eWCP2GvqTNyznCj)RKz+iXV!28*6q+O)e zxySRCE~*e=z^^S5FNZJ{|6q$NMLbDJ*ru)q^%|jc|00HjU2rPySplzRzKr)NVbj%P zq#;rmYth=2Jjo5w@X_fhJgJ>rkq=>MJi3Lya<}le{9?&X*tnE1EZj~o_NiNGkN$W` z$Fq-9=qYcho}{jTDIhwm_oHw@+KYlz0#dq5UZw3 zljM8Eb|Ru7PwCv*IXU*}D-L+-XXV-y`Q}PY_hzYiuGGD}ip9NpZrj~Lu4xiM*PR9M zEbRRlwH`Ap(_O%?N$Z9rkp*xOu=#(=Yk-%SxiK3#y=$fvGdX){kJ%uE zxU4ZMm%iWb1hIX+op4o%QOkyYR}$B@jAVb!u@Fv|J;O9VIq<;~W%2C~r!#>;TN5wEl32VS- zU67SO*r4^H#loJZUri#RhsfW1q5!EfNC%kx-vIvvo`PAEL$IgE`r7swhj+VT-mS{b zQ-Mm!EFNdoI#S|?qkUl0OYW}7Gc~sP zG&XuTa(*`-dqtF4)JOku3s{Q?zYTKFGecm{xJ{S-}czoK+c0pWp%2_f1xe4 z`mqKZ8Q+#3laWk2^`@2;i%KS0VjYUcYXpU@BDHx~>s=(;x*nMn=|2@N$GmVZ>jC6u+GJl-%Io8K%FteqOkumQ7s6^W4)) zheoQVB8=YzE`@#87kou1>68bbsj*lwxrM;jx9TEAr5(htTr88sN-H*^aJd7_aa5Ih z#PfUPYsC^73)!->7x9Z;H~1FHT&gfb1+xope-7Uo)15E%v@)(eV!b&9V>x$WMYGvA z!60AM&jZ_j8pzDN1e5aj$(=HYvHD`}b!2xa;;4j$)TsqkJ8(jk*YgLzU$Mfp4Fd2RffIAnxcXaDlNi1#gmc^ z<1T+aOWZpc*#-!w>Ev_n^UeC*mUqJ2@-C&YB*hEJWG0R1{k69?)N5c6-eMnuypVm@ zpy0HK3{!fe@WsEfgv}*6x!trp@Kphegbrz%>c(Wt}#^lWW?xD%QT`8sa; z#dMb})e}m`8ep2lhszFN>2<#0Yh)U%)Ss6;9kDXN8b{_dT3WR4=8b>osATguO95MeGgoy~;$_JAdv zEEy%7REg#MBd5F)Bp-eKN&L&HK}vR%fX4QVj7aNYdCLM(g_6~VNCAOJ6v6dyzI^reSjpC!tvcWYRZ^xrqbdyi}RkpWvnbcMuo{L?vNQQn&v;Ho5Y9!7H zkiY7Au%(?Z<$oMD+c(SHS6qQG2mBiv=Xu^Oa}zm6m|pA3^y#U(xxHhAKJR$4p!3e^ z2JzTXMLL%BTcGq98$vky#?>lNO_9{BDq}{|fIM|Sxj!_T;cKE^yfnpMy@NZ4yrvPV zuMAzzHDIP48tmnO<`GFn3@orO2xnkaR5K+jkIT`N33^eri(0?F&Ajz_fU7v4?~gS` zJR>cjwdEMvJ_da{*l-VBg;&QDLr2!lnps{?7b%Im$fm+74_?(br?sRh>15kJrYJqV#dvXuN=L(uMCQe-z67FNW zn`#R`97GFIr(U}BLS5femYFMHey}<8c#=uZw%RKSqb&k$Vkq zb9cdOJG%^TEe7r#_12UJY;9#*&@m%*X2xQdeD^bau&y+$FYO}awp;nyxAn=>#kamH z;DSQ+rIn3!o*Lmnv4aYJ)Hl(NB;ItbFP&9z<1eS|( z|9)1sCbS{7GnzV|!Ys^#Q6}II`*JF!dqqckY3k&s9mU(2{(1<#RNn&T?i-FF{&0Nb z^6fDWNyQzv8zYefr7;)l+M401*Ku%Lk5}ixD3^F*Wvf~CC!{JG*hdF$5+zdmt_I8| z_=T|q8lc(Y=37}y+k6|<$YkUbsp@GRT1gBkz!6g*w9}OjUMH|5#t}{(@X#>hTdf><8kdqbwf!C=IJ*4>&Cm>LM?c@>Nq+F! zNy9+tPKp>=&<5C|9ffkoDse-+rY@%w{*86_e%&zi(=<8&EKO9+Wvm4hxH*foel6o= z{0U=lOTz(D4=+A0*JTnk-Xf(xOkAh25F&-bi7`W!K(ku2_TD_QCuVP6+{?-rl1Qkk zqRPcxL7PXO%)Ht=lawqE+L#6sIH-kdiKcD)%m$^pD%_scU*ZsZR^3ld0(*;`iq6Dx zE@93sXP zENrCLfc9LTk$S5}o?vFVBjsbMF)YO^lCCM)O5U#pbpL7cJXC#(^0BT(4IRJQLZHTJ z9tRz)&6^Iedv@e;kF^s^NJU{Ya=&NeMX+A`&i0(|-sKz741iDg|FZFKgr5eYYCA_F zJ`dlp0SY}hnL#H^#igZ|5j~|l;sAg_d)1yNPPG?@duDlDO|okZ2~?j}a}BABQ@s3K zTt_Frd5RL()X-qp_H^HAb+6LG7ZJy%5NHoRwo0Qtj&qt~_i$?b8HycPG18Eb|o5SPdwG0%uL4E?V7!|E|(7cIASX$n%%|Mx`;v_1JzO|prh z!UE;f(vf6*#}Iq>2kV9{DXvz?vATkY=a+1O^UP0+c;mNtEUG#d?r^>w%>?L-_)tCR ztYP~PCte|Ltq0P!$4aZFa^}YJl(zZoXxd*$R$@s8o2sA2|bBQqtkEn{Kg`z zp{>*I_9L?m_Iu06G^Ts$x1kLF+%$LX39GBcMDt+q;$xRBsK>_Wq)gyU!$q3H;Hv{) zAiBB8km^a*!5dX11aiIRBH_iWhOMRr{cw{E;22MI08a^)RGQTy+8*e&}*uM_5 zU_OmtQojB0EdG9Yhh|5X_J|gC!%xgazvrLRMb-N*6Ubk-P{n<-1O>T;8SDMuyjLq~Qv$<0kt z)=8V6$XxcY6`OiHV|R|8GSo8?gfWiU8_b}lcI4uqNB_KBV^;l@f+WXjS_zrtkUcS{ z)vQ>zc~S?orldYKWgGTRAp$s|uk)u*Q6GfpS~1tdSV#OA0*>_%mlYl-Ya3YE3IGQG zpVNBEX3Q!;VM;5%k@DtrXoTcTFdoNze~j3QaLjO6j|U}F%Oe`C@juP)0u_fCNex7>;m;XTL4G$pPa z3#Dn3-?)%_C&;k*VK*^zpOx*ZaL@Omym5=MOc#_yrl#n;Ju79{8kBtVm*)uT-Gu8u zO=RU0_lIxxe-v@QcoD@|pGU^2Kja*O_sS%tqj%L%cB&<}U+!`=d8YY%J%49|g8$BL zq*oFGq}KMo8$0+fyg!=ncw%U9RQYT9n~lR`nea)%u&w7zoRodWVLgD^BMe*MO1=d= zQ^m9 z1q2nP@81R)Us#f98i{QNrVfRp9V@=Hg*#I9hdu$ss0^=IOZtlBx)99rHF{i2A2Y>| zja9?VO{hX^!^OF40Ad03w`tiKeBgc;+nB9!cw+qy=jE*ZI<~#<+2P~rp@V^oIsu31 z%+~%?#5c_I@OrpHd-0Q$7Xy*#br9^yLa7VaY*_9^$5a)F-Z>c4DiClyC17G^-f8dU zL;JKz$Ule=&J;|}q-;DxIovnb(0P45po^BcnJY)rCpbzm1ilq!&VX#TWXIch+ELiW z3D^w#O?|J@c*j{;IG84J%%}cQ{9%6eg*bN?4k*Rk6@K*T8@HfrDzk^y#-FD|V+fao z<&`v!(+C_H(f0V@6}94YpL^;%k-oL&%TYwO7#dp;6+q^{A;PF_u3OIFxk#m*nL)hz zFL$B7xK%nO=rW}k%{!^7iSNy6h)O-Vu&kgnNZ$1(|2X&@=kYm?htPyB%YaCxxL3o# z{GK;0_j*FE~_0L`QX{MNTJ0rI!#QcnQMh z6Ha_>>^>$sIfcARsdiU+ipMys97yzC#fWX32n$x9lmOMpG>M^b#w1AERFXAIXgy92 zj{7q>aT%n2#w*%_y^TF!gLbyoi#qK>6zg?anZAzwws{9&pGIJNOduJ4+Y>bXP1BW0 zSZU|4mI8X){5eLoC^91Ud&+tuQGlkig|yQ+3c1)K%-qqeTreJBs7j!8W@MN|G_{R5VYjx8)cT|8)fdSRq&O1RI+{{i zR=bKKb-=nWIcpsf6v@cfCW^G2#G2!wEejsV($?UsULngWk9*j`v?6hNx6J#tBi*GZ z81crdTh>SDFYEKfd_3%%pI8@gGTWIue3GL}7Y9_3P1GWxDh!k}udj_(IK@-gO_-H# zaQnB%e0J@uvF#M#oVvCTcckvt^Wb#fP40>Nal2OTxcQ2P!{X*ab>ES>9+kG z4cWhxVqoCSQkGhIWXOIGUkUR zWVqYVbi8>7$dr(;M~~X8po&&}?w8VLk98XOwP`n~cwpIQTDS(`XA+U8j>8SIXSt8- zLEh9mQxmN=@qu%tH|24}&@_+)jxZI~vdQOv!(F?+wHQ*Q`AIR9e5{=?V9EE@pVlD# z?TLL?dhN1&dw1Ylnmtay67}o@g_E9$p!1`miHxcV)J*3X6WYGMBX!Z`SBu&=ZnFZG zB^|DkG{NhhGo8yYp@!&SUzhjT5<6{>e_(~8MGc$>uS=y3$%kK~a$9kLefJmRl_&kk`6 zAo)MIG@FByAFIoTE#~GP)#7vR+kWP}VwVY@SlD0k@ICFR>-AaKT0C6?2bEnMo&{bW zcry8{BIThVo?5RXIuP%OTb5Pc=~^LBYu z*kG^U_1H3_N!yeS(EK*I24`0&zBZnEpe}zCEB+v_`km5@-k68i5!d7aw>!Q3sYHi5_-1X@$<>D0Gvh zk2z>{ndG!fRBti{q+BkiJNC*W*#INc< zmI3M~buz$mnY8(>XzJ6FnjT{p#P$sLc;KNj@KAF6QGT^PEr|!Mrg5rNHQ9%CPjN+Y z+oioTP08#yYh^R5Q|xn7!DL07`Ljn}ph>+MIfUDVc>}IbxU16t4Yi{bqDw}|CH0E( z!`!*zXCR8AT&I=iy=P>%^T)wPAM#BttTaB8cLniB#yslxul~XiJeHcu!xbKDOzyS7_eO9QMAY=gkxUwa+DGvR|!6fHNPfzGoRTmZclNF>6{34?Y;ykv-X}#76FFjdc7T z(^-6b+%0w1 zad)vHwD4Ia2%6ud-=mPfk-mD)lam^o7K9PnEyQbL+nF@DA5gA z0}?oz_u*hQ^4eMMxeZnY1nj;OO=I=I4rm0tOh?#zttR#vN`QA;cv(AD@huv?xa66X zMzD$hhBPA-9gb4RM=yJ~RTY7{4fyv+a1yuQieC1S?962atb5BI^>r>L6M}_KzMxyi zvyTM&oCz$kl;MAfKJXemi@CP?my0`W4k)KOTU*!HyNu<{3^=DK6BOv|b{@x{%nK=M z4e#GKys%auR5M9GWf>!9yKZ(UCJ#ACE?ZdXPlHNMQUh%nT5Y;<5YOf}h)t;5`=dKc zG;Ky+=e__OF?7afwN@N0&VxeDYl}1zN0YA0ZlwC?bnPN%tLb5o@p|{{?<<-MMdO0b z&Mq$4&gvpp1-Yx<@hdk=-hID9lOejU5hQBF=$50&ni zOzd1>$$5DA^O@?fbZz~EoHhriP5k}6?*xjiG_@Tkmb~bEc@p>${y^pbx`ricyQQK^~|EA0z#9Id` zRto-Aj}*)TVWw=f0P@IjHH^hC1UovKVu`{PYV@YHkgf?`9ve9g)e9=S96GrI$X_PJ zTVb|DQ;GuthMjuz0&+14CIKn4mbmN2bakTH~36t zS%HRD$3LsJtw31ud3qKvM2ocYHfn|2`+SHpp<2m|g=tjWl7NtcicB9hf63rtGV{;A zWvzf3t!BOUeZRCHM-hfXu5*<_^`Z1LjiH6)5qO{zo?15>`c+Anh4T_Qu^E_S;wvX>I{%7yRs|W7 z;#-;OmpU&aJ208xy^9407phPQRt}fq9wI1TYLi5Cn zmEbeU>;i59(SJ9oFQfE$wv9<*aD=O<0I^!|m&dz7{{%{2WPW8*TCtoU#k!GmAVEq7 z^fM``av}_INmj(X?tX#WZZgDkQ_D=JrSXBJB}|JuL3^g;S!KZOi0|ag#jGzhghq91 zY}X>u4@V{Ji7Iv2i8g2Wc5hD4gyxzq#>(bLZDu3kQEs$i6Ls|AEN= zCEe+q{_L?oAMfT%-FGLgt29PhTN82BoG}|uJt%5uaKPVJGD)BUxkG}H-JIAr-!ex9 zRe;G{CJ&V{?c^O@V0}r>_M`m7hTg=h=`8uJOl%=h@LXtHPaGI)I9e|o!-Qe3pe^B> zCZ`kN0E$LG;NbP216PFQ1Uk*qF4&KqxduNQgkt`k*ovWalwla<)~oX`JM|1c8Q(n+ zO79e%JEab{Erd(>pKujQg>2#S$Dek^jshL zux%i5l8!>8UcOje#)2n&Qcy=RG8%JONm5-x?|8DQ4(pUq$jAsv(nkS2+S{#GHlLEG zTWC{DVzz#!0$JTnnp}My$Pj;g<}s`4zJx8u{S9|*OXd#=6?n4zHzTet#|4$yYa8og z-;5mQRl!%;lre5iSlU@}JR2y|MNZNC128Z<(Rs7Y7R*}a3O!xxY+~atDmvM6-6)^g zKfG|32=^SzH}FpTe}jNP&Z#u#tGt!GGa+%=`=QO!-exi3VJbqqg8a{f6>>Aqt0_L9 z3WK;oj(EP(vIcRFAgm9U0p2YR(QV~^*M3QSdJ9(_l*i(L#Bes^3?^J3ZG(#6RbR7$ zjp#O6TCcoYjyY{3O0Mp9{1QQCUZz|wY#MG^1YB_jY*tj%;f)D)LGf;wc*^_l*nZ*H z+E)dod(C3~KsV=wt9$f8`!N$k-T~-Hd4kpLt4+z~b5VjWp+K`{)uo}&! zmU!z1zBp5N_cqS~eMDFGCZ`TsQ8lQW{QikVrM`h2!`%=+;eS3>nz<9@KT#5zkaspl z_YFZh?WJ0KCgXeb8oauLj*IBa6;kIrN(6i`df!YcG;`>%-&wVYC5q7;J<$<-sizPh zyyJQ!-RR{TQ7t-X?G40SU+T~v3D}}Gxg|x#D%Z7D&6nV}LSRG7EfdEG6urVgQ^TL% z7aaX$6ih6m=ZZJ23L-9`U~cubQt1l9k3RIP7{T<1qY4&QK6?hD%(68^N~QxJX;ouq zW1NJ}^MxQ?!rI5+rpAVbGkx``rKY;y_0nDjENlkSM%Z|kjlVKDuR37xB_S2B-#Yl- zAnzwGNZ+_P!gBM_XOXkS6<>Q=25sXxXUC1pZWUv3?^&IccX<--(iPJ*dtYaOJH zmTDHUwA)VaD^Rcw{OD2EyOBQ2avf3h;{U?oQ1^cPZ>J%r!5Vy7*kn|9-sHDE8L!AZ z*Q3Mc-{MKdm!&Z>7m*tmIVfL0r_(q7T&F!ks>pvLcGFKM9~am{~kO;x9-8%2r4>vt3Oro;KRCbxs~p zMHqxXyHkRDp%d2MK+tr#kAJx^K3lOVqko??slw~h9owU07mrQ24j4Vk7zxZ%F4ILt5Mbe&fl zxGFmuF0#PoDizVz2$!dH;w8UZEpSbaZ%Ir|p9g8j*;wTHw)gu<*ETM&KzZaUO@Oqj z_pbBN^hyGx(LW$>x3RrCR_kVRWu+sY<(LNR!%EHy+Ca>DZj3re6}rNa>lG2Ra7#3| zw)gBdSKbM0e{rae#2*PbLzLCKxpGsPEiqP;O1hB_VP=6}#?sN)nJ^e@eSWZ>ZA4zG zQiFFW$P_G!=;+9eO-mcU_7uIy`YXcw#a~a~PIENqE5fd&`s-;T#k1w8xQdcun{LMU~92u_U1ff$)7w?l6+xlR^&2N6r^g zSi#O|B$6|g;n$B|4+PxFS2z_Z&hll%7Qh|f6tmKI<_EQz-PhN;{G3e#VAlWevHxFQ zUrhC_A-kbxFx1mC3uH=OsUnq;S7PRh=-g(fq<1Nzch29`d||U-Dzy}Ebak=q?Qp_+ z*lH0YJVt(}=pgx_WZ0IsQ(DWbKaQT{%{nrdH{v^ZrHrFtE$k6U!M4$N@3dyvMRgi` zL*1A}cE3qw3q&3|3SBBOzhhFc(bng(f9t3} zocYT}Bu?i6U2znXS>Oz9#*eL|5j^R6RE#r|x{HL2t3|o%@|3ODp)g6w%81ng8;R$B> zjc9kiCe{ARjI(Hzr$|>R41mtvYzyR4!2ydDn%+Tw>up+nE`vXPz*f!Ndi9l#Tx&Db z5*GX|Y-I9abrq8EQx6XOZm9P5CMx%0&AwcWIga4T*GSK4ZKX35*|S7M2mhb5d^LKgRReWlIj`XTfD-&r#S>!RWjDW%bB~;J+JPf~ zn-ETiS8z7d?oKIww} z+xa^v@O%=DK5J)^EHzg+#I-eJiPlP-C`BLcD!Q3un%_YqDXI}|HILF&b*s5Jx=P7| z?Tv&pfLGmHyEI#hV;ZQcA#E#>E;_2d@9Xp~)3ED>7f!DYj-nx@^pI? zQm33#x@IE>Eg+GSSV9})i`|F5VJ8B{vo0UI9yBig+vr5i{52wHTiY6fKwvsOuA&?g z4tkkRVVO(S?N&jV@`K=Ed~~6qan6M0V|wHUKym-p~U-7 zgZyTo-%TfEqB6m24If9tAgl%tyW-LeBX;HS(b(&0haES8k(_8A8e`?Xyf5nU1)5?i zTq3Zu+QcPS&ha(~SdZ-lX8NF~asLVPet#!MB0r{@IiPLJ9BgYEoC_GEt)LFh1K9P` zR^m+S`6QvvQ;$SGELRw!>)eFv7WK>=q|rlJ94lA%(k=^*L20H@`_~st zd`J}RD3)hLPI1Z(803}t-><)-1>M`8~b*@d|ok^CV@X4QM z_WTv}=x~+B2CoBa@KJPcAAqbT~5m#Jqsz`_*w z)cvsuoKlA1V!jTQZH6LumuABLWEx$EfAG-TBM zPj(Js{~Po^oU!?Dc8VgyK@{uI7R+iQ#(%_{OI+)*__TS5Y$7jnQ@8}^tJ1ms`5cOG zEjabMc!kKJSW9x$|4~h^16fGk_Lg~&V}$}doo0K$kjx4^Q!JcW=&lS0GHqdYWQ91# zT@EObs!J2Y!yZJH0@}%ucfC!9cv<&d44H=yK|~d1r28sS(-csrsKhXF?$5#kH}a`S zT_>ib>Zbeo5cLr;CQgsc9kJWn@9!GRwWuz7C>UCwO1MA}o#+1hK8GX}86vj+$t`u~ ze0T9QK~Fa3Pc1Qy(;FFUvw}2bU`4sr+dRTWBbfzvMi}h#A%p6cVwCi3TFLs8)FW6% zZ?9RC`*QB|bP1dO*e_PxKIgmdZM1$-S(cKN(j!Z}s=1aAVXq3`=aN*L$v12eqSwVg zigVA`vQCKYn}}CT1Ao6M4IY0XpP^&9(Ub?d2+05UTA*t9Yq?cXH*obmVuB~i8NF!1 zp-v&}!*fg8EF-g8IRB-W-bxXCsCn7dnRPcbudUmmdiNq!hYe#UC%*|~beMNvW*6^| zbt==lD2F6WWthFP*0#Gy(LEN7>gomWy2yc1LMz~J}w;M{lM z4l32RnlJM|dNw@V3e!iK1^YCqGr8@-9PXJw4&l94J_Qa5L*p6SY+Y$jR~YY6MK#ng zsV7hic~+Huy(On>0qzT9}Mo&k^t5d)FA92}Zo9CP01RTC`HAVU%dk^XK57H&??&V@!`m?y!-0NKomVMbGv8O#HLO#AONv!ygkQg-$65aI7MwN1~lo#G@Q1-oDHh-m&2YF;S=mM&0j|9SvAR4B$XHSLU)oIVnAYcsrSO z!f5RZ_oIcUSSjz1nYNwlYXk9ZiPo=m!ZPv&G+S`2ZGY@arD(Ht;(lpc$v|%)rtxr1ETzLIV!@fUZF6seE(-L<3q{VM|k5HjE>Jy+5A9$C646= z1oa&G>8llJV;F=4lCFQWgiF;DUyblH7Yk@6$KH5%stmEH*Dt;s3C{lV4lBHxZ|Zcd zipR&UK(GhPLUqPC`{wpjkp8Rl9}hyoE_G0#)yBNdKk5FZ1_y6TA<8N+QYRYXxsDRK z^w|j|2Jd6{w5QE!%GkvRn~be`WvnY`%7~R~XA*yf*2ufgIl|IY9;IxW-*_6E?$3vI zJ5w2b=ZRab2F7ekmYUk5SM<=K=3fx0lfPZlqCapEBAj`#YKh@zc5rBNWc{Q~xOw?> z5qoq^GEX%k@aUojF;X>Jz+x!i6{oSqd}I3!C@3WyHL^!3!46Tvm;B5K@DQ5a_ z0_B|U?=+NvD4N>cqRs=uHyR0}sAiCMT5FYv^=4Nr=6LZ>Ya3`$?)q#efF;ZKT0G$V ztY){e>Fl1l--Yqo9Gzk>tFyrIXPWNN>g?J;B5k=*{{jkcE;`AaJEZ1t7ht~?Jf4;t zr30qdZ{s9~uqKz)do}>mnyhW?syCa$Zhaep&DX?3<2$;imdPmu5?6-6#{T)Kvr zSJ+JBqg{d$yC)K2&xr3~3_la?3nXVl+ch!ZGqC%dkE`e4&q3Le9V9X~7Moi_XQh90 z>u*@q>(2YZuz;gW@u-#yO3Qpp6N7mH=amT^hsbE)j!L<&r$2quHC8t5FKdc66f{LR zZ&y>3qolD(Kz zBa(ojxM%g0L7nTEsdh83cZ1%N^m^Rmp8!$%edOb17A4(nobKb$@#|QMjBa;L zUkNau%3YBLQxoi`C>ytj5M_P0Y?tI-@2}Qr=v+BzHbiU7q%W;xN`YiYeI>YPNVuR%C>2KZ7v>*|8g$ z!Z4J6c%|ftvkrLuQ{5QrW&t|MpQF3*B0!|IvdnL|{}=Vh$!kS0NZJ*t{YPvhI_i>n zR`d4L_xpPb+SxWWG}T

X*i&{mExG|@1r8vFEEoKgA$lE$cWWE9K+s*C>7uEVBM zt&!dpv9iAPoYvaxb4iyR>iMBW;T`MnyF)T$irZd|P_q3$VAA(> zXNhRAWxE%&J%ib7X6(hIv3RdEmAvka(vNpMy}9;|=ai!|B$B;KCqf=aOu6mJ^8pM* za?O&ev5P#-Z}6Jf3cNK(COxlE0)1%cHB%TNmd&)g>X|RIT6MW$pps zBiVh=8gJrKac7hiy~nENR&C+i$r@muyPwSH>kq>4qJKmHbe+jMaN~r}{pUlAz(x}I zAN-9g;nyPspKCxMmn&3pYEVAJB{)&bv%l|qM~!gB?w&A~9@};jiE^N~g)_WOPLn-W z2DZTx#NMzBs>3qF(Qa0ZOi@?UmOeKT}gZwBCUUPGn3o9Q(p~-lca=ON{4r4dvd?V{z@Ww0{6uuvlwmk zNRGHxY{H{gG&g0xWo&5GN4lDvR{i-w2)KKKfk)5362jdiEGi^G_{Wpb517qNPoGE5 z)C9Nn9XCySi&TR9yvl&6Qb`zbwkRpb2k1~JSsObFP)qr8HIqtd3-*+>b=h()_WJ4P zhf;bcF+QT})Q&UE_p(8E95UdYalgJ`s;;p!g00SBewY&QssCPWoi7<+Ai8TafbbUo zDg0f66#;2nY`BrM@WtfToY-B2XcFbvl$W^UqSBf#YBjk5;uI=GUl9axjQNlU%tEbB zZ2w<-*Z$9R|NdvmA*V@EgskEwisnqM96H=N-DRnq<}Qomlnl*GP9q(3yOlDh$}mh? z&0#V*Bxl9685R{eljCgc`!;<)|HS9>{%P;W`|*A}-mmL=?Ygelb$C8aFwQ%=2S9tb zS5X*NMoG%iU74Bnzxq>ECr;iyjy7jES&Vwp44+O5DiZmpNai&B*^tn{FfIHk?8r;=Lg!4oEzNp(CX;bChKb zGTM-cG9>Ahsdtw7`<-IlT?jHr7eQIMl~xf!ymS#pahv(OEa0V|q1-pl^|E>M0H#@B z)Daqx!INpff&O|6R-e}z=!L^ACl8jxeZ1k4!v6?%LZJG)8s!a)D1c{+t~tUD%(3GJ zJ%{36Yl;PfbF7|S5UVS_5ZC!C;B!?5>cI)4bDorB1hk9=&C&w@JEbv*nRG;#Ma(Os z+Hajl2y~*=X-XMzHSQg!mq0~=9~Q+=eVA>D29vi}=vbc8Lfk7n@CILTs7rBl?{%-F zuK+`VNDkGsYbiL^KJK{d(N)#&UcPtrEu3p=rNzt)yF7YoZ(dB#w0ND-m6=7P=nZ}t zyeh7AxVkKlMCY_+jamq??tfyJ0!=sJaax=gLqHAzgH`LUGj8EqfD&0GVf#|a`*MH& zZaI__r!GHMr-xVVb(OSlu5cKv?aVOE?XSy7keu1|eA;pO6@?bx>cV-Sc5ud!f?B;x zTGy863i@aCRfgswM*Bw(dse1cd-{j;Nh`E#pk)gWz}wi_kHQF#Xs zw%TC3kcbX(aM)w9mcOKh!Ck?wt$dsCYtr9yPnIis;5d1EQe~+K^zjj7Vyn?7uejqP ziSZ8paVeqK!cNPJp^RZxbDh4+-A{Ot&0Tj~pY02B!jt3; zPX8G8NC6kty+Jb<4E7K-9DRV%6iM8$IQ%Xn&pVRaZ_6Kd>1CjLRmnGF~N2z&En8QCsw1n+d7`IvbW5hfbkB_gr=)v z2a5vwnf-|;ZbtHt#no#5WARGQa?a@hR3eq(p%Db&v|VwQT2Fgu84u@T=nApsq4%Wh zhM$0*>!-akMj50(D1QOcCHvY{KiosFuumVrO@TP8huWwCR{cE1FM)0>1cTn7zoDeW zpKHkq8_44}A%qYx(icF;z?nat6mau?q^+*Zop+S&-|JyDm?5!g~J50Ter!CTD&+_auVAts| z72iKxL*AWv)^@??qN`+@ejzo_t>T3yg>lgNsG$S)$rF0eoQ$0&=5Pcj>T??^Qb~w+ z{|+vk9)g;W*Z=czS8aAERNxoPAc6cKyAd5pMdC;H+#COdtkCT!p^?DSK)r;QI*{3X zRh={lvJClN5=^~auo@;s-P~&8tuK%>r}Z73LZ@y8}7yCYO3nx z9H9H;FBwn}@|TWK4uG^kmRLTsQ2nwed~R*H!Gtp6=~l(>g&RL1- za@tWuQsHyZKlv0)DoZ(ba%(C}Bj)kNA*lY0wSCg=H!en>vs+~8czrgH>S6?LXt%&7 zmvbUQ>A<1Q2Zg(j`?2};^SCFQU;n(pY*`%Wu}|X6C(ZC?Tf(J-Wz#AEkf>PGr0zbk zN8142?ZtEZ7d(?i#QrFj%6}_WYM-nFsW2^^`quMiA-_l?_eR5N=)N)jECrsHS?U_c z8t`3f&7ud%rZ!LKBNk7!7ys}CZTN#vJU&O)4ZPv({%o5J@n`c}4wlx0H#T)wbGzXF z+Ys@_YJ+uS9(sg;Xp>kMxzcTc$}xWGOK9hMePNIWecslFg8m8vV)W_WUd2AD z%+TvNr#?)qa!v`Js_bWBS-l(_dong6o~meqTyXE|m&)2Y0*c2M; zKEoG^c)5Nw{ZSIafCfWpE4X8JUewFsZjk0DnRd$?ja@V{AGY7VQ&-G~NsWXh2Jn&cR+Wz4AGmTfP@U2ep900XV{zTS=C1OxP6g#oh`+^V zj6^?6V83{cn=@h?CelA}C%RGx;zxi}m}BVv>l^)@EHmVCuz9rvMZRw460GrUk8w1e|N0D&Z^ls=#&MsIOWeZ}K2x10h8QpG#nlf@wCDJf zASVdVmLkk)Y|xROJAXi8ry&VpDyKhix^JPYJz?LoCJi5D#!S9?dX)}@^uWMq@Z2zv zV;x)Ph|Y565Sz-K{jJ=3e%)1LZjzMJU_?DeuGGKW;Ob=AbbP1p_CD92jbc_1wZrOG z*QSV-dVxHN^Ky&F9B$(0jU2)=BGOM6>yD9ZtL*n;%ZIMq?dragSl8HX zGHQdW<%;3=)&%Yt#3>_gK(oE>WJ={pQH?hz`|oWB<(QEV>7054;A60Wnp^6a8rl6F zfJpf+hXk;6U~67)?jB8H)0zCI+%~&>${6k@w}tDO-TutU0vylniWu11x&|@hlMO0* znU7Qtp4D9!MHb@OmTki$4-2(aqTia;b)kQF&~9Px=dNCrAv@DuS-T?%FRl@{V`^&MIIo0|0o9;9fiUK`71vp%r;R z*iWW5i_7?}F^eGrZw-hAx$qL*(qm!#hUSZU+sCa)q!z%C%zIz5{^yXA)r~0uL5h+a zeIkT$divhvQ<=hp8u4I3*W(g(bW4; z(3tl28~o<#%I=D)m_jR?x*l{^%Srgx2O?Bc@x^VyxgIuqbB{DU0id0qv*Tqnk{=dT zUbfjE=AF;ehqXP^4j8On>KGhcQesoNDyXG{k(*o$YR_@0zn4K<1!@1nH@%qi+$DXI zKGUp~WezLA=b~-umUIz_#IODQlSDR6YZX_|uP?MEGo=$6fH6dV8`Eb`2g~ zMZUv5<_G#)HX2{CZG0z0JQ1yQUxRw4K-C~_aB?ue=QW15GKNhCa;P@~In|R4T#YYE zAQR0oq$HFICHBdBB~X6TLM;TCjyAMqsYxdYD4=Z1DE>m3f|kRJn+O6^wwqO`q*557 z0<*StK9QO!e`Yyo)I zh6xHFdOm5KzV)j$0Bi8NCTh4WEzigq@srV!ZK?-whyd_QAOeUemYfECrJtz>ED)4Yf5V*RvUncGYXYsS$VVVrr8bcPt&@bw5cz=&xySD*s3lxb$J$?`q#y5t z_P==V<864^9Jc4aet|e77_!Aq6j~W93PO@1LYjLqZGGCB7#h%131o(+ddsg9fx#jA z)>&5Bf_4#)}1ImFO(*_!#M~MrSz8JYx3&q;ZxFr;{jH~UZjf>h$PVF379s)5 zFRr(5CRKzY2ZS!V2_z`AAT~B~;LZ0oZx@bl9+m(9q3Hh}+Q|Kv3SmXC<&-pe#QbM- QBnY_9*gDvdt&lPQ2eFp$iU0rr literal 0 HcmV?d00001 From ef1f9e8d4e4bd2bae0483523c7d31a20c086207e Mon Sep 17 00:00:00 2001 From: William Pitcock Date: Sun, 12 May 2019 03:09:05 +0000 Subject: [PATCH 021/170] activitypub: split out outgoing federation into a federation module --- lib/pleroma/web/activity_pub/activity_pub.ex | 87 ------------ lib/pleroma/web/activity_pub/publisher.ex | 131 +++++++++++++++++++ 2 files changed, 131 insertions(+), 87 deletions(-) create mode 100644 lib/pleroma/web/activity_pub/publisher.ex diff --git a/lib/pleroma/web/activity_pub/activity_pub.ex b/lib/pleroma/web/activity_pub/activity_pub.ex index 8f8c23a9b..11777c220 100644 --- a/lib/pleroma/web/activity_pub/activity_pub.ex +++ b/lib/pleroma/web/activity_pub/activity_pub.ex @@ -5,7 +5,6 @@ defmodule Pleroma.Web.ActivityPub.ActivityPub do alias Pleroma.Activity alias Pleroma.Conversation - alias Pleroma.Instances alias Pleroma.Notification alias Pleroma.Object alias Pleroma.Object.Fetcher @@ -15,7 +14,6 @@ defmodule Pleroma.Web.ActivityPub.ActivityPub do alias Pleroma.User alias Pleroma.Web.ActivityPub.MRF alias Pleroma.Web.ActivityPub.Transmogrifier - alias Pleroma.Web.Federator alias Pleroma.Web.WebFinger import Ecto.Query @@ -24,8 +22,6 @@ defmodule Pleroma.Web.ActivityPub.ActivityPub do require Logger - @httpoison Application.get_env(:pleroma, :httpoison) - # For Announce activities, we filter the recipients based on following status for any actors # that match actual users. See issue #164 for more information about why this is necessary. defp get_recipients(%{"type" => "Announce"} = data) do @@ -961,89 +957,6 @@ def make_user_from_nickname(nickname) do end end - def should_federate?(inbox, public) do - if public do - true - else - inbox_info = URI.parse(inbox) - !Enum.member?(Pleroma.Config.get([:instance, :quarantined_instances], []), inbox_info.host) - end - end - - def publish(actor, activity) do - remote_followers = - if actor.follower_address in activity.recipients do - {:ok, followers} = User.get_followers(actor) - followers |> Enum.filter(&(!&1.local)) - else - [] - end - - public = is_public?(activity) - - {:ok, data} = Transmogrifier.prepare_outgoing(activity.data) - json = Jason.encode!(data) - - (Pleroma.Web.Salmon.remote_users(activity) ++ remote_followers) - |> Enum.filter(fn user -> User.ap_enabled?(user) end) - |> Enum.map(fn %{info: %{source_data: data}} -> - (is_map(data["endpoints"]) && Map.get(data["endpoints"], "sharedInbox")) || data["inbox"] - end) - |> Enum.uniq() - |> Enum.filter(fn inbox -> should_federate?(inbox, public) end) - |> Instances.filter_reachable() - |> Enum.each(fn {inbox, unreachable_since} -> - Federator.publish_single_ap(%{ - inbox: inbox, - json: json, - actor: actor, - id: activity.data["id"], - unreachable_since: unreachable_since - }) - end) - end - - def publish_one(%{inbox: inbox, json: json, actor: actor, id: id} = params) do - Logger.info("Federating #{id} to #{inbox}") - host = URI.parse(inbox).host - - digest = "SHA-256=" <> (:crypto.hash(:sha256, json) |> Base.encode64()) - - date = - NaiveDateTime.utc_now() - |> Timex.format!("{WDshort}, {0D} {Mshort} {YYYY} {h24}:{m}:{s} GMT") - - signature = - Pleroma.Web.HTTPSignatures.sign(actor, %{ - host: host, - "content-length": byte_size(json), - digest: digest, - date: date - }) - - with {:ok, %{status: code}} when code in 200..299 <- - result = - @httpoison.post( - inbox, - json, - [ - {"Content-Type", "application/activity+json"}, - {"Date", date}, - {"signature", signature}, - {"digest", digest} - ] - ) do - if !Map.has_key?(params, :unreachable_since) || params[:unreachable_since], - do: Instances.set_reachable(inbox) - - result - else - {_post_result, response} -> - unless params[:unreachable_since], do: Instances.set_unreachable(inbox) - {:error, response} - end - end - # filter out broken threads def contain_broken_threads(%Activity{} = activity, %User{} = user) do entire_thread_visible_for_user?(activity, user) diff --git a/lib/pleroma/web/activity_pub/publisher.ex b/lib/pleroma/web/activity_pub/publisher.ex new file mode 100644 index 000000000..ee9f0fdd3 --- /dev/null +++ b/lib/pleroma/web/activity_pub/publisher.ex @@ -0,0 +1,131 @@ +# Pleroma: A lightweight social networking server +# Copyright © 2017-2019 Pleroma Authors +# SPDX-License-Identifier: AGPL-3.0-only + +defmodule Pleroma.Web.ActivityPub.Publisher do + alias Pleroma.Activity + alias Pleroma.Instances + alias Pleroma.User + alias Pleroma.Web.ActivityPub.Transmogrifier + + import Pleroma.Web.ActivityPub.Visibility + + @behaviour Pleroma.Web.Federator.Publisher + + require Logger + + @httpoison Application.get_env(:pleroma, :httpoison) + + @moduledoc """ + ActivityPub outgoing federation module. + """ + + @doc """ + Determine if an activity can be represented by running it through Transmogrifier. + """ + def is_representable?(%Activity{} = activity) do + with %{} = _data <- Transmogrifier.prepare_outgoing(activity.data) do + true + else + _e -> false + end + end + + @doc """ + Publish a single message to a peer. Takes a struct with the following + parameters set: + + * `inbox`: the inbox to publish to + * `json`: the JSON message body representing the ActivityPub message + * `actor`: the actor which is signing the message + * `id`: the ActivityStreams URI of the message + """ + def publish_one(%{inbox: inbox, json: json, actor: %User{} = actor, id: id} = params) do + Logger.info("Federating #{id} to #{inbox}") + host = URI.parse(inbox).host + + digest = "SHA-256=" <> (:crypto.hash(:sha256, json) |> Base.encode64()) + + date = + NaiveDateTime.utc_now() + |> Timex.format!("{WDshort}, {0D} {Mshort} {YYYY} {h24}:{m}:{s} GMT") + + signature = + Pleroma.Web.HTTPSignatures.sign(actor, %{ + host: host, + "content-length": byte_size(json), + digest: digest, + date: date + }) + + with {:ok, %{status: code}} when code in 200..299 <- + result = + @httpoison.post( + inbox, + json, + [ + {"Content-Type", "application/activity+json"}, + {"Date", date}, + {"signature", signature}, + {"digest", digest} + ] + ) do + if !Map.has_key?(params, :unreachable_since) || params[:unreachable_since], + do: Instances.set_reachable(inbox) + + result + else + {_post_result, response} -> + unless params[:unreachable_since], do: Instances.set_unreachable(inbox) + {:error, response} + end + end + + defp should_federate?(inbox, public) do + if public do + true + else + inbox_info = URI.parse(inbox) + !Enum.member?(Pleroma.Config.get([:instance, :quarantined_instances], []), inbox_info.host) + end + end + + @doc """ + Publishes an activity to all relevant peers. + """ + def publish(%User{} = actor, %Activity{} = activity) do + remote_followers = + if actor.follower_address in activity.recipients do + {:ok, followers} = User.get_followers(actor) + followers |> Enum.filter(&(!&1.local)) + else + [] + end + + public = is_public?(activity) + + {:ok, data} = Transmogrifier.prepare_outgoing(activity.data) + json = Jason.encode!(data) + + (Pleroma.Web.Salmon.remote_users(activity) ++ remote_followers) + |> Enum.filter(fn user -> User.ap_enabled?(user) end) + |> Enum.map(fn %{info: %{source_data: data}} -> + (is_map(data["endpoints"]) && Map.get(data["endpoints"], "sharedInbox")) || data["inbox"] + end) + |> Enum.uniq() + |> Enum.filter(fn inbox -> should_federate?(inbox, public) end) + |> Instances.filter_reachable() + |> Enum.each(fn {inbox, unreachable_since} -> + Pleroma.Web.Federator.Publisher.enqueue_one( + __MODULE__, + %{ + inbox: inbox, + json: json, + actor: actor, + id: activity.data["id"], + unreachable_since: unreachable_since + } + ) + end) + end +end From 0afc8d7856c9fe37de338d1e9365563d986c9319 Mon Sep 17 00:00:00 2001 From: William Pitcock Date: Sun, 12 May 2019 03:43:53 +0000 Subject: [PATCH 022/170] federator: publisher: integrate job queue, simplify publish_one logic --- lib/pleroma/web/federator/publisher.ex | 29 +++++++++++++++++++------- 1 file changed, 22 insertions(+), 7 deletions(-) diff --git a/lib/pleroma/web/federator/publisher.ex b/lib/pleroma/web/federator/publisher.ex index 36277fd7e..2e533ae94 100644 --- a/lib/pleroma/web/federator/publisher.ex +++ b/lib/pleroma/web/federator/publisher.ex @@ -3,6 +3,10 @@ # SPDX-License-Identifier: AGPL-3.0-only defmodule Pleroma.Web.Federator.Publisher do + alias Pleroma.Web.Federator.RetryQueue + + require Logger + @moduledoc """ Defines the contract used by federation implementations to publish messages to their peers. @@ -24,15 +28,26 @@ defmodule Pleroma.Web.Federator.Publisher do """ @callback publish(Pleroma.User.t(), Pleroma.Activity.t()) :: :ok | {:error, any()} - @doc """ - Enqueues work generated by the federation module. - """ - @spec enqueue(module(), keyword()) :: :ok - def enqueue(module, args), do: PleromaJobQueue.enqueue(:federation_outgoing, module, args) - @doc """ Enqueue publishing a single activity. """ @spec enqueue_one(module(), Map.t()) :: :ok - def enqueue_one(module, %{} = args), do: enqueue(module, [:publish_one, args]) + def enqueue_one(module, %{} = params), + do: PleromaJobQueue.enqueue(:federation_outgoing, __MODULE__, [:publish_one, module, params]) + + @spec perform(atom(), module(), any()) :: {:ok, any()} | {:error, any()} + def perform(:publish_one, module, params) do + case apply(module, :publish_one, [params]) do + {:ok, _} -> + :ok + + {:error, _} -> + RetryQueue.enqueue(params, module) + end + end + + def perform(type, _, _) do + Logger.debug("Unknown task: #{type}") + {:error, "Don't know what to do with this"} + end end From 10695a28d28d74f4b6b9bba20af66b506b662c07 Mon Sep 17 00:00:00 2001 From: William Pitcock Date: Sun, 12 May 2019 03:55:17 +0000 Subject: [PATCH 023/170] federator: publisher: add publish() wrapper --- config/config.exs | 3 +++ lib/pleroma/web/federator/publisher.ex | 24 +++++++++++++++++++----- 2 files changed, 22 insertions(+), 5 deletions(-) diff --git a/config/config.exs b/config/config.exs index 1e64b79a7..37803383a 100644 --- a/config/config.exs +++ b/config/config.exs @@ -212,6 +212,9 @@ registrations_open: true, federating: true, federation_reachability_timeout_days: 7, + federation_publisher_modules: [ + Pleroma.Web.ActivityPub.Publisher + ], allow_relay: true, rewrite_policy: Pleroma.Web.ActivityPub.MRF.NoOpPolicy, public: true, diff --git a/lib/pleroma/web/federator/publisher.ex b/lib/pleroma/web/federator/publisher.ex index 2e533ae94..8777a3deb 100644 --- a/lib/pleroma/web/federator/publisher.ex +++ b/lib/pleroma/web/federator/publisher.ex @@ -3,6 +3,9 @@ # SPDX-License-Identifier: AGPL-3.0-only defmodule Pleroma.Web.Federator.Publisher do + alias Pleroma.Activity + alias Pleroma.Config + alias Pleroma.User alias Pleroma.Web.Federator.RetryQueue require Logger @@ -23,11 +26,6 @@ defmodule Pleroma.Web.Federator.Publisher do """ @callback publish_one(Map.t()) :: {:ok, Map.t()} | {:error, any()} - @doc """ - Relays an activity to all specified peers. - """ - @callback publish(Pleroma.User.t(), Pleroma.Activity.t()) :: :ok | {:error, any()} - @doc """ Enqueue publishing a single activity. """ @@ -50,4 +48,20 @@ def perform(type, _, _) do Logger.debug("Unknown task: #{type}") {:error, "Don't know what to do with this"} end + + @doc """ + Relays an activity to all specified peers. + """ + @callback publish(Pleroma.User.t(), Pleroma.Activity.t()) :: :ok | {:error, any()} + + @spec publish(Pleroma.User.t(), Pleroma.Activity.t()) :: :ok + def publish(%User{} = user, %Activity{} = activity) do + Config.get([:instance, :federation_publisher_modules]) + |> Enum.each(fn module -> + Logger.info("Publishing #{activity.data["id"]} using #{inspect(module)}") + module.publish(user, activity) + end) + + :ok + end end From f7a6a37c4eb98e354fbcd98ea19c9207d891e993 Mon Sep 17 00:00:00 2001 From: William Pitcock Date: Sun, 12 May 2019 03:56:49 +0000 Subject: [PATCH 024/170] federator: remove no longer used :publish_single_ap --- lib/pleroma/web/federator/federator.ex | 14 -------------- 1 file changed, 14 deletions(-) diff --git a/lib/pleroma/web/federator/federator.ex b/lib/pleroma/web/federator/federator.ex index 29e178ba9..d8534b365 100644 --- a/lib/pleroma/web/federator/federator.ex +++ b/lib/pleroma/web/federator/federator.ex @@ -42,10 +42,6 @@ def publish(activity, priority \\ 1) do PleromaJobQueue.enqueue(:federator_outgoing, __MODULE__, [:publish, activity], priority) end - def publish_single_ap(params) do - PleromaJobQueue.enqueue(:federator_outgoing, __MODULE__, [:publish_single_ap, params]) - end - def publish_single_websub(websub) do PleromaJobQueue.enqueue(:federator_outgoing, __MODULE__, [:publish_single_websub, websub]) end @@ -157,16 +153,6 @@ def perform(:publish_single_salmon, params) do Salmon.send_to_user(params) end - def perform(:publish_single_ap, params) do - case ActivityPub.publish_one(params) do - {:ok, _} -> - :ok - - {:error, _} -> - RetryQueue.enqueue(params, ActivityPub) - end - end - def perform( :publish_single_websub, %{xml: _xml, topic: _topic, callback: _callback, secret: _secret} = params From 676752bb8367ec6b5831c7dbd2aad993b1fe45aa Mon Sep 17 00:00:00 2001 From: William Pitcock Date: Sun, 12 May 2019 03:57:10 +0000 Subject: [PATCH 025/170] federator: hook up Publisher.publish() --- lib/pleroma/web/federator/federator.ex | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/lib/pleroma/web/federator/federator.ex b/lib/pleroma/web/federator/federator.ex index d8534b365..ef2708c07 100644 --- a/lib/pleroma/web/federator/federator.ex +++ b/lib/pleroma/web/federator/federator.ex @@ -11,6 +11,7 @@ defmodule Pleroma.Web.Federator do alias Pleroma.Web.ActivityPub.Transmogrifier alias Pleroma.Web.ActivityPub.Utils alias Pleroma.Web.ActivityPub.Visibility + alias Pleroma.Web.Federator.Publisher alias Pleroma.Web.Federator.RetryQueue alias Pleroma.Web.OStatus alias Pleroma.Web.Salmon @@ -106,8 +107,7 @@ def perform(:publish, activity) do end end - Logger.info(fn -> "Sending #{activity.data["id"]} out via AP" end) - Pleroma.Web.ActivityPub.ActivityPub.publish(actor, activity) + Publisher.publish(actor, activity) end end From 85377c0b67cf82fdf7e49608b94aec80ace74c4d Mon Sep 17 00:00:00 2001 From: William Pitcock Date: Sun, 12 May 2019 04:00:55 +0000 Subject: [PATCH 026/170] federator: move activitypub relaying to the AP publisher module --- lib/pleroma/web/activity_pub/publisher.ex | 7 +++++++ lib/pleroma/web/federator/federator.ex | 6 ------ 2 files changed, 7 insertions(+), 6 deletions(-) diff --git a/lib/pleroma/web/activity_pub/publisher.ex b/lib/pleroma/web/activity_pub/publisher.ex index ee9f0fdd3..11e54b77d 100644 --- a/lib/pleroma/web/activity_pub/publisher.ex +++ b/lib/pleroma/web/activity_pub/publisher.ex @@ -4,8 +4,10 @@ defmodule Pleroma.Web.ActivityPub.Publisher do alias Pleroma.Activity + alias Pleroma.Config alias Pleroma.Instances alias Pleroma.User + alias Pleroma.Web.ActivityPub.Relay alias Pleroma.Web.ActivityPub.Transmogrifier import Pleroma.Web.ActivityPub.Visibility @@ -104,6 +106,11 @@ def publish(%User{} = actor, %Activity{} = activity) do public = is_public?(activity) + if public && Config.get([:instance, :allow_relay]) do + Logger.info(fn -> "Relaying #{activity.data["id"]} out" end) + Relay.publish(activity) + end + {:ok, data} = Transmogrifier.prepare_outgoing(activity.data) json = Jason.encode!(data) diff --git a/lib/pleroma/web/federator/federator.ex b/lib/pleroma/web/federator/federator.ex index ef2708c07..252d3b009 100644 --- a/lib/pleroma/web/federator/federator.ex +++ b/lib/pleroma/web/federator/federator.ex @@ -7,7 +7,6 @@ defmodule Pleroma.Web.Federator do alias Pleroma.Object.Containment alias Pleroma.User alias Pleroma.Web.ActivityPub.ActivityPub - alias Pleroma.Web.ActivityPub.Relay alias Pleroma.Web.ActivityPub.Transmogrifier alias Pleroma.Web.ActivityPub.Utils alias Pleroma.Web.ActivityPub.Visibility @@ -100,11 +99,6 @@ def perform(:publish, activity) do Logger.info(fn -> "Sending #{activity.data["id"]} out via Salmon" end) Pleroma.Web.Salmon.publish(actor, activity) end - - if Keyword.get(Application.get_env(:pleroma, :instance), :allow_relay) do - Logger.info(fn -> "Relaying #{activity.data["id"]} out" end) - Relay.publish(activity) - end end Publisher.publish(actor, activity) From 69158f10652e735e3300335dba3856a0233da89f Mon Sep 17 00:00:00 2001 From: William Pitcock Date: Sun, 12 May 2019 04:04:50 +0000 Subject: [PATCH 027/170] ostatus: only as:Public activities are representable --- lib/pleroma/web/ostatus/ostatus.ex | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/lib/pleroma/web/ostatus/ostatus.ex b/lib/pleroma/web/ostatus/ostatus.ex index 4744c6d83..61515b31e 100644 --- a/lib/pleroma/web/ostatus/ostatus.ex +++ b/lib/pleroma/web/ostatus/ostatus.ex @@ -16,6 +16,7 @@ defmodule Pleroma.Web.OStatus do alias Pleroma.Web alias Pleroma.Web.ActivityPub.ActivityPub alias Pleroma.Web.ActivityPub.Transmogrifier + alias Pleroma.Web.ActivityPub.Visibility alias Pleroma.Web.OStatus.DeleteHandler alias Pleroma.Web.OStatus.FollowHandler alias Pleroma.Web.OStatus.NoteHandler @@ -30,7 +31,7 @@ def is_representable?(%Activity{} = activity) do is_nil(object) -> false - object.data["type"] == "Note" -> + Visibility.is_public?(activity) && object.data["type"] == "Note" -> true true -> From 2aee62a4565d36983484ead9dda187e9e8188971 Mon Sep 17 00:00:00 2001 From: William Pitcock Date: Sun, 12 May 2019 04:17:17 +0000 Subject: [PATCH 028/170] federator: publisher: only attempt publishing if we know the activity is representable --- lib/pleroma/web/federator/publisher.ex | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) diff --git a/lib/pleroma/web/federator/publisher.ex b/lib/pleroma/web/federator/publisher.ex index 8777a3deb..67f4b7ba7 100644 --- a/lib/pleroma/web/federator/publisher.ex +++ b/lib/pleroma/web/federator/publisher.ex @@ -39,7 +39,7 @@ def perform(:publish_one, module, params) do {:ok, _} -> :ok - {:error, _} -> + {:error, _e} -> RetryQueue.enqueue(params, module) end end @@ -58,8 +58,10 @@ def perform(type, _, _) do def publish(%User{} = user, %Activity{} = activity) do Config.get([:instance, :federation_publisher_modules]) |> Enum.each(fn module -> - Logger.info("Publishing #{activity.data["id"]} using #{inspect(module)}") - module.publish(user, activity) + if module.is_representable?(activity) do + Logger.info("Publishing #{activity.data["id"]} using #{inspect(module)}") + module.publish(user, activity) + end end) :ok From 179293e51c2e381fdc15c0a291b735750f9cd656 Mon Sep 17 00:00:00 2001 From: William Pitcock Date: Sun, 12 May 2019 04:27:01 +0000 Subject: [PATCH 029/170] salmon: refactor to work as a federator publishing module --- config/config.exs | 3 ++- lib/pleroma/web/federator/federator.ex | 12 --------- lib/pleroma/web/salmon/salmon.ex | 34 +++++++++++++++++--------- 3 files changed, 24 insertions(+), 25 deletions(-) diff --git a/config/config.exs b/config/config.exs index 37803383a..3dcff3c46 100644 --- a/config/config.exs +++ b/config/config.exs @@ -213,7 +213,8 @@ federating: true, federation_reachability_timeout_days: 7, federation_publisher_modules: [ - Pleroma.Web.ActivityPub.Publisher + Pleroma.Web.ActivityPub.Publisher, + Pleroma.Web.Salmon ], allow_relay: true, rewrite_policy: Pleroma.Web.ActivityPub.MRF.NoOpPolicy, diff --git a/lib/pleroma/web/federator/federator.ex b/lib/pleroma/web/federator/federator.ex index 252d3b009..c9b245933 100644 --- a/lib/pleroma/web/federator/federator.ex +++ b/lib/pleroma/web/federator/federator.ex @@ -13,7 +13,6 @@ defmodule Pleroma.Web.Federator do alias Pleroma.Web.Federator.Publisher alias Pleroma.Web.Federator.RetryQueue alias Pleroma.Web.OStatus - alias Pleroma.Web.Salmon alias Pleroma.Web.WebFinger alias Pleroma.Web.Websub @@ -58,10 +57,6 @@ def refresh_subscriptions do PleromaJobQueue.enqueue(:federator_outgoing, __MODULE__, [:refresh_subscriptions]) end - def publish_single_salmon(params) do - PleromaJobQueue.enqueue(:federator_outgoing, __MODULE__, [:publish_single_salmon, params]) - end - # Job Worker Callbacks def perform(:refresh_subscriptions) do @@ -95,9 +90,6 @@ def perform(:publish, activity) do if OStatus.is_representable?(activity) do Logger.info(fn -> "Sending #{activity.data["id"]} out via WebSub" end) Websub.publish(Pleroma.Web.OStatus.feed_path(actor), actor, activity) - - Logger.info(fn -> "Sending #{activity.data["id"]} out via Salmon" end) - Pleroma.Web.Salmon.publish(actor, activity) end end @@ -143,10 +135,6 @@ def perform(:incoming_ap_doc, params) do end end - def perform(:publish_single_salmon, params) do - Salmon.send_to_user(params) - end - def perform( :publish_single_websub, %{xml: _xml, topic: _topic, callback: _callback, secret: _secret} = params diff --git a/lib/pleroma/web/salmon/salmon.ex b/lib/pleroma/web/salmon/salmon.ex index 0a9e51656..7b59609c0 100644 --- a/lib/pleroma/web/salmon/salmon.ex +++ b/lib/pleroma/web/salmon/salmon.ex @@ -3,12 +3,17 @@ # SPDX-License-Identifier: AGPL-3.0-only defmodule Pleroma.Web.Salmon do + @behaviour Pleroma.Web.Federator.Publisher + @httpoison Application.get_env(:pleroma, :httpoison) use Bitwise + alias Pleroma.Activity alias Pleroma.Instances alias Pleroma.User + alias Pleroma.Web.ActivityPub.Visibility + alias Pleroma.Web.Federator.Publisher alias Pleroma.Web.OStatus.ActivityRepresenter alias Pleroma.Web.XML @@ -165,12 +170,12 @@ def remote_users(%{data: %{"to" => to} = data}) do end @doc "Pushes an activity to remote account." - def send_to_user(%{recipient: %{info: %{salmon: salmon}}} = params), - do: send_to_user(Map.put(params, :recipient, salmon)) + def publish_one(%{recipient: %{info: %{salmon: salmon}}} = params), + do: publish_one(Map.put(params, :recipient, salmon)) - def send_to_user(%{recipient: url, feed: feed, poster: poster} = params) when is_binary(url) do + def publish_one(%{recipient: url, feed: feed} = params) when is_binary(url) do with {:ok, %{status: code}} when code in 200..299 <- - poster.( + @httpoison.post( url, feed, [{"Content-Type", "application/magic-envelope+xml"}] @@ -184,11 +189,11 @@ def send_to_user(%{recipient: url, feed: feed, poster: poster} = params) when is e -> unless params[:unreachable_since], do: Instances.set_reachable(url) Logger.debug(fn -> "Pushing Salmon to #{url} failed, #{inspect(e)}" end) - :error + {:error, "Unreachable instance"} end end - def send_to_user(_), do: :noop + def publish_one(_), do: :noop @supported_activities [ "Create", @@ -199,13 +204,19 @@ def send_to_user(_), do: :noop "Delete" ] + def is_representable?(%Activity{data: %{"type" => type}} = activity) + when type in @supported_activities, + do: Visibility.is_public?(activity) + + def is_representable?(_), do: false + @doc """ Publishes an activity to remote accounts """ - @spec publish(User.t(), Pleroma.Activity.t(), Pleroma.HTTP.t()) :: none - def publish(user, activity, poster \\ &@httpoison.post/3) + @spec publish(User.t(), Pleroma.Activity.t()) :: none + def publish(user, activity) - def publish(%{info: %{keys: keys}} = user, %{data: %{"type" => type}} = activity, poster) + def publish(%{info: %{keys: keys}} = user, %{data: %{"type" => type}} = activity) when type in @supported_activities do feed = ActivityRepresenter.to_simple_form(activity, user, true) @@ -229,15 +240,14 @@ def publish(%{info: %{keys: keys}} = user, %{data: %{"type" => type}} = activity |> Enum.each(fn remote_user -> Logger.debug(fn -> "Sending Salmon to #{remote_user.ap_id}" end) - Pleroma.Web.Federator.publish_single_salmon(%{ + Publisher.enqueue_one(__MODULE__, %{ recipient: remote_user, feed: feed, - poster: poster, unreachable_since: reachable_urls_metadata[remote_user.info.salmon] }) end) end end - def publish(%{id: id}, _, _), do: Logger.debug(fn -> "Keys missing for user #{id}" end) + def publish(%{id: id}, _), do: Logger.debug(fn -> "Keys missing for user #{id}" end) end From fedaca15a3932897d86f73d836b6b6c2f7860f59 Mon Sep 17 00:00:00 2001 From: William Pitcock Date: Sun, 12 May 2019 04:34:55 +0000 Subject: [PATCH 030/170] websub: adapt to work as a federator publishing module --- config/config.exs | 1 + lib/pleroma/web/federator/federator.ex | 4 ---- lib/pleroma/web/websub/websub.ex | 16 +++++++++++++++- 3 files changed, 16 insertions(+), 5 deletions(-) diff --git a/config/config.exs b/config/config.exs index 3dcff3c46..6f2aaf297 100644 --- a/config/config.exs +++ b/config/config.exs @@ -214,6 +214,7 @@ federation_reachability_timeout_days: 7, federation_publisher_modules: [ Pleroma.Web.ActivityPub.Publisher, + Pleroma.Web.Websub, Pleroma.Web.Salmon ], allow_relay: true, diff --git a/lib/pleroma/web/federator/federator.ex b/lib/pleroma/web/federator/federator.ex index c9b245933..9a377da68 100644 --- a/lib/pleroma/web/federator/federator.ex +++ b/lib/pleroma/web/federator/federator.ex @@ -41,10 +41,6 @@ def publish(activity, priority \\ 1) do PleromaJobQueue.enqueue(:federator_outgoing, __MODULE__, [:publish, activity], priority) end - def publish_single_websub(websub) do - PleromaJobQueue.enqueue(:federator_outgoing, __MODULE__, [:publish_single_websub, websub]) - end - def verify_websub(websub) do PleromaJobQueue.enqueue(:federator_outgoing, __MODULE__, [:verify_websub, websub]) end diff --git a/lib/pleroma/web/websub/websub.ex b/lib/pleroma/web/websub/websub.ex index 3ffa6b416..1fb993282 100644 --- a/lib/pleroma/web/websub/websub.ex +++ b/lib/pleroma/web/websub/websub.ex @@ -4,10 +4,13 @@ defmodule Pleroma.Web.Websub do alias Ecto.Changeset + alias Pleroma.Activity alias Pleroma.Instances alias Pleroma.Repo + alias Pleroma.Web.ActivityPub.Visibility alias Pleroma.Web.Endpoint alias Pleroma.Web.Federator + alias Pleroma.Web.Federator.Publisher alias Pleroma.Web.OStatus alias Pleroma.Web.OStatus.FeedRepresenter alias Pleroma.Web.Router.Helpers @@ -18,6 +21,8 @@ defmodule Pleroma.Web.Websub do import Ecto.Query + @behaviour Pleroma.Web.Federator.Publisher + @httpoison Application.get_env(:pleroma, :httpoison) def verify(subscription, getter \\ &@httpoison.get/3) do @@ -56,6 +61,13 @@ def verify(subscription, getter \\ &@httpoison.get/3) do "Undo", "Delete" ] + + def is_representable?(%Activity{data: %{"type" => type}} = activity) + when type in @supported_activities, + do: Visibility.is_public?(activity) + + def is_representable?(_), do: false + def publish(topic, user, %{data: %{"type" => type}} = activity) when type in @supported_activities do response = @@ -88,12 +100,14 @@ def publish(topic, user, %{data: %{"type" => type}} = activity) unreachable_since: reachable_callbacks_metadata[sub.callback] } - Federator.publish_single_websub(data) + Publisher.enqueue_one(__MODULE__, data) end) end def publish(_, _, _), do: "" + def publish(actor, activity), do: publish(Pleroma.Web.OStatus.feed_path(actor), actor, activity) + def sign(secret, doc) do :crypto.hmac(:sha, secret, to_string(doc)) |> Base.encode16() |> String.downcase() end From c23276a59aa57a89e27c2e2f46d701392917b9a0 Mon Sep 17 00:00:00 2001 From: William Pitcock Date: Sun, 12 May 2019 05:01:00 +0000 Subject: [PATCH 031/170] activitypub: publisher: fixups --- lib/pleroma/web/activity_pub/publisher.ex | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/lib/pleroma/web/activity_pub/publisher.ex b/lib/pleroma/web/activity_pub/publisher.ex index 11e54b77d..5d72299a5 100644 --- a/lib/pleroma/web/activity_pub/publisher.ex +++ b/lib/pleroma/web/activity_pub/publisher.ex @@ -26,10 +26,11 @@ defmodule Pleroma.Web.ActivityPub.Publisher do Determine if an activity can be represented by running it through Transmogrifier. """ def is_representable?(%Activity{} = activity) do - with %{} = _data <- Transmogrifier.prepare_outgoing(activity.data) do + with {:ok, _data} <- Transmogrifier.prepare_outgoing(activity.data) do true else - _e -> false + _e -> + false end end From 55fa4b812a30feddc0c60d7ade03d50193871d22 Mon Sep 17 00:00:00 2001 From: William Pitcock Date: Sun, 12 May 2019 05:01:15 +0000 Subject: [PATCH 032/170] federator: websub removal --- lib/pleroma/web/federator/federator.ex | 9 --------- 1 file changed, 9 deletions(-) diff --git a/lib/pleroma/web/federator/federator.ex b/lib/pleroma/web/federator/federator.ex index 9a377da68..8621eda95 100644 --- a/lib/pleroma/web/federator/federator.ex +++ b/lib/pleroma/web/federator/federator.ex @@ -9,10 +9,8 @@ defmodule Pleroma.Web.Federator do alias Pleroma.Web.ActivityPub.ActivityPub alias Pleroma.Web.ActivityPub.Transmogrifier alias Pleroma.Web.ActivityPub.Utils - alias Pleroma.Web.ActivityPub.Visibility alias Pleroma.Web.Federator.Publisher alias Pleroma.Web.Federator.RetryQueue - alias Pleroma.Web.OStatus alias Pleroma.Web.WebFinger alias Pleroma.Web.Websub @@ -82,13 +80,6 @@ def perform(:publish, activity) do with actor when not is_nil(actor) <- User.get_cached_by_ap_id(activity.data["actor"]) do {:ok, actor} = WebFinger.ensure_keys_present(actor) - if Visibility.is_public?(activity) do - if OStatus.is_representable?(activity) do - Logger.info(fn -> "Sending #{activity.data["id"]} out via WebSub" end) - Websub.publish(Pleroma.Web.OStatus.feed_path(actor), actor, activity) - end - end - Publisher.publish(actor, activity) end end From 2b847d4addc5d018fdb23c38e5b5afa66c8ac772 Mon Sep 17 00:00:00 2001 From: William Pitcock Date: Sun, 12 May 2019 04:08:41 +0000 Subject: [PATCH 033/170] tests: chase federator publish_single_foo removals --- test/web/federator_test.exs | 23 ++++++++++++++--------- 1 file changed, 14 insertions(+), 9 deletions(-) diff --git a/test/web/federator_test.exs b/test/web/federator_test.exs index 52729eb50..0f43bc8f2 100644 --- a/test/web/federator_test.exs +++ b/test/web/federator_test.exs @@ -58,7 +58,7 @@ test "with relays deactivated, it does not publish to the relay", %{ describe "Targets reachability filtering in `publish`" do test_with_mock "it federates only to reachable instances via AP", - Federator, + Pleroma.Web.ActivityPub.Publisher, [:passthrough], [] do user = insert(:user) @@ -88,13 +88,18 @@ test "with relays deactivated, it does not publish to the relay", %{ {:ok, _activity} = CommonAPI.post(user, %{"status" => "HI @nick1@domain.com, @nick2@domain2.com!"}) - assert called(Federator.publish_single_ap(%{inbox: inbox1, unreachable_since: dt})) + assert called( + Pleroma.Web.ActivityPub.Publisher.publish_one(%{ + inbox: inbox1, + unreachable_since: dt + }) + ) - refute called(Federator.publish_single_ap(%{inbox: inbox2})) + refute called(Pleroma.Web.ActivityPub.Publisher.publish_one(%{inbox: inbox2})) end test_with_mock "it federates only to reachable instances via Websub", - Federator, + Pleroma.Web.Websub, [:passthrough], [] do user = insert(:user) @@ -122,17 +127,17 @@ test "with relays deactivated, it does not publish to the relay", %{ {:ok, _activity} = CommonAPI.post(user, %{"status" => "HI"}) assert called( - Federator.publish_single_websub(%{ + Pleroma.Web.Websub.publish_one(%{ callback: sub2.callback, unreachable_since: dt }) ) - refute called(Federator.publish_single_websub(%{callback: sub1.callback})) + refute called(Pleroma.Web.Websub.publish_one(%{callback: sub1.callback})) end test_with_mock "it federates only to reachable instances via Salmon", - Federator, + Pleroma.Web.Salmon, [:passthrough], [] do user = insert(:user) @@ -162,13 +167,13 @@ test "with relays deactivated, it does not publish to the relay", %{ CommonAPI.post(user, %{"status" => "HI @nick1@domain.com, @nick2@domain2.com!"}) assert called( - Federator.publish_single_salmon(%{ + Pleroma.Web.Salmon.publish_one(%{ recipient: remote_user2, unreachable_since: dt }) ) - refute called(Federator.publish_single_websub(%{recipient: remote_user1})) + refute called(Pleroma.Web.Salmon.publish_one(%{recipient: remote_user1})) end end From 2a4e41acb4383f6a9dd60a65d8251b27130fe7cc Mon Sep 17 00:00:00 2001 From: Sachin Joshi Date: Sun, 12 May 2019 12:50:23 +0545 Subject: [PATCH 034/170] update changelog --- CHANGELOG.md | 1 + 1 file changed, 1 insertion(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index b0a761c4a..b9c9538b0 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -61,6 +61,7 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/). - Deps: Updated Ecto to 3.0.7 - Don't ship finmoji by default, they can be installed as an emoji pack - Mastodon API: Added support max_id & since_id for bookmark timeline endpoints. +- Admin API: Move the user related API to `api/pleroma/admin/users` ### Fixed - Added an FTS index on objects. Running `vacuum analyze` and setting a larger `work_mem` is recommended. From d823eb921b6710affe5e30a683155b645a5bd1d2 Mon Sep 17 00:00:00 2001 From: William Pitcock Date: Sun, 12 May 2019 14:35:38 +0000 Subject: [PATCH 035/170] tests: fix salmon tests --- test/web/salmon/salmon_test.exs | 13 ++++++++----- 1 file changed, 8 insertions(+), 5 deletions(-) diff --git a/test/web/salmon/salmon_test.exs b/test/web/salmon/salmon_test.exs index 7532578ca..232082779 100644 --- a/test/web/salmon/salmon_test.exs +++ b/test/web/salmon/salmon_test.exs @@ -7,7 +7,9 @@ defmodule Pleroma.Web.Salmon.SalmonTest do alias Pleroma.Activity alias Pleroma.Repo alias Pleroma.User + alias Pleroma.Web.Federator.Publisher alias Pleroma.Web.Salmon + import Mock import Pleroma.Factory @magickey "RSA.pu0s-halox4tu7wmES1FVSx6u-4wc0YrUFXcqWXZG4-27UmbCOpMQftRCldNRfyA-qLbz-eqiwQhh-1EwUvjsD4cYbAHNGHwTvDOyx5AKthQUP44ykPv7kjKGh3DWKySJvcs9tlUG87hlo7AvnMo9pwRS_Zz2CacQ-MKaXyDepk=.AQAB" @@ -77,7 +79,10 @@ test "it gets a magic key" do "RSA.uzg6r1peZU0vXGADWxGJ0PE34WvmhjUmydbX5YYdOiXfODVLwCMi1umGoqUDm-mRu4vNEdFBVJU1CpFA7dKzWgIsqsa501i2XqElmEveXRLvNRWFB6nG03Q5OUY2as8eE54BJm0p20GkMfIJGwP6TSFb-ICp3QjzbatuSPJ6xCE=.AQAB" end - test "it pushes an activity to remote accounts it's addressed to" do + test_with_mock "it pushes an activity to remote accounts it's addressed to", + Publisher, + [:passthrough], + [] do user_data = %{ info: %{ salmon: "http://test-example.org/salmon" @@ -102,10 +107,8 @@ test "it pushes an activity to remote accounts it's addressed to" do user = User.get_cached_by_ap_id(activity.data["actor"]) {:ok, user} = Pleroma.Web.WebFinger.ensure_keys_present(user) - poster = fn url, _data, _headers -> - assert url == "http://test-example.org/salmon" - end + Salmon.publish(user, activity) - Salmon.publish(user, activity, poster) + assert called(Publisher.enqueue_one(Salmon, %{recipient: mentioned_user})) end end From 582bd9d170446d3ef5312f3266d960b1e22a9d18 Mon Sep 17 00:00:00 2001 From: William Pitcock Date: Sun, 12 May 2019 14:38:40 +0000 Subject: [PATCH 036/170] tests: fix AP test failures --- test/web/activity_pub/activity_pub_test.exs | 20 +++++++++----------- 1 file changed, 9 insertions(+), 11 deletions(-) diff --git a/test/web/activity_pub/activity_pub_test.exs b/test/web/activity_pub/activity_pub_test.exs index 1e056b7ee..0f90aa1ac 100644 --- a/test/web/activity_pub/activity_pub_test.exs +++ b/test/web/activity_pub/activity_pub_test.exs @@ -10,6 +10,7 @@ defmodule Pleroma.Web.ActivityPub.ActivityPubTest do alias Pleroma.Object alias Pleroma.User alias Pleroma.Web.ActivityPub.ActivityPub + alias Pleroma.Web.ActivityPub.Publisher alias Pleroma.Web.ActivityPub.Utils alias Pleroma.Web.CommonAPI @@ -963,8 +964,7 @@ test "it filters broken threads" do private_activity_1 = Activity.get_by_ap_id_with_object(private_activity_1.data["id"]) - assert [public_activity, private_activity_1, private_activity_3] == - activities + assert [public_activity, private_activity_1, private_activity_3] == activities assert length(activities) == 3 @@ -1057,7 +1057,7 @@ test "it can create a Flag activity" do actor = insert(:user) inbox = "http://200.site/users/nick1/inbox" - assert {:ok, _} = ActivityPub.publish_one(%{inbox: inbox, json: "{}", actor: actor, id: 1}) + assert {:ok, _} = Publisher.publish_one(%{inbox: inbox, json: "{}", actor: actor, id: 1}) assert called(Instances.set_reachable(inbox)) end @@ -1070,7 +1070,7 @@ test "it can create a Flag activity" do inbox = "http://200.site/users/nick1/inbox" assert {:ok, _} = - ActivityPub.publish_one(%{ + Publisher.publish_one(%{ inbox: inbox, json: "{}", actor: actor, @@ -1089,7 +1089,7 @@ test "it can create a Flag activity" do inbox = "http://200.site/users/nick1/inbox" assert {:ok, _} = - ActivityPub.publish_one(%{ + Publisher.publish_one(%{ inbox: inbox, json: "{}", actor: actor, @@ -1107,8 +1107,7 @@ test "it can create a Flag activity" do actor = insert(:user) inbox = "http://404.site/users/nick1/inbox" - assert {:error, _} = - ActivityPub.publish_one(%{inbox: inbox, json: "{}", actor: actor, id: 1}) + assert {:error, _} = Publisher.publish_one(%{inbox: inbox, json: "{}", actor: actor, id: 1}) assert called(Instances.set_unreachable(inbox)) end @@ -1120,8 +1119,7 @@ test "it can create a Flag activity" do actor = insert(:user) inbox = "http://connrefused.site/users/nick1/inbox" - assert {:error, _} = - ActivityPub.publish_one(%{inbox: inbox, json: "{}", actor: actor, id: 1}) + assert {:error, _} = Publisher.publish_one(%{inbox: inbox, json: "{}", actor: actor, id: 1}) assert called(Instances.set_unreachable(inbox)) end @@ -1133,7 +1131,7 @@ test "it can create a Flag activity" do actor = insert(:user) inbox = "http://200.site/users/nick1/inbox" - assert {:ok, _} = ActivityPub.publish_one(%{inbox: inbox, json: "{}", actor: actor, id: 1}) + assert {:ok, _} = Publisher.publish_one(%{inbox: inbox, json: "{}", actor: actor, id: 1}) refute called(Instances.set_unreachable(inbox)) end @@ -1146,7 +1144,7 @@ test "it can create a Flag activity" do inbox = "http://connrefused.site/users/nick1/inbox" assert {:error, _} = - ActivityPub.publish_one(%{ + Publisher.publish_one(%{ inbox: inbox, json: "{}", actor: actor, From 80759f012eb2183bc24f84c4a1f2a5dbe94762ce Mon Sep 17 00:00:00 2001 From: William Pitcock Date: Sun, 12 May 2019 19:04:37 +0000 Subject: [PATCH 037/170] xml builder: properly escape quotes --- lib/xml_builder.ex | 1 + 1 file changed, 1 insertion(+) diff --git a/lib/xml_builder.ex b/lib/xml_builder.ex index 88f8ce2a3..b58602c7b 100644 --- a/lib/xml_builder.ex +++ b/lib/xml_builder.ex @@ -35,6 +35,7 @@ def to_doc(content), do: ~s() <> to_xml(co defp make_open_tag(tag, attributes) do attributes_string = for {attribute, value} <- attributes do + value = String.replace(value, "\"", """) "#{attribute}=\"#{value}\"" end |> Enum.join(" ") From 28f7f4c6dec681ae292767623cbad553b2a0f5b5 Mon Sep 17 00:00:00 2001 From: William Pitcock Date: Sun, 12 May 2019 19:05:03 +0000 Subject: [PATCH 038/170] webfinger: build the response based on enabled federation modules --- lib/pleroma/web/activity_pub/publisher.ex | 11 ++++ lib/pleroma/web/federator/publisher.ex | 13 +++++ lib/pleroma/web/salmon/salmon.ex | 14 +++++ lib/pleroma/web/web_finger/web_finger.ex | 66 +++++++---------------- lib/pleroma/web/websub/websub.ex | 15 ++++++ 5 files changed, 71 insertions(+), 48 deletions(-) diff --git a/lib/pleroma/web/activity_pub/publisher.ex b/lib/pleroma/web/activity_pub/publisher.ex index 5d72299a5..5c97485c8 100644 --- a/lib/pleroma/web/activity_pub/publisher.ex +++ b/lib/pleroma/web/activity_pub/publisher.ex @@ -136,4 +136,15 @@ def publish(%User{} = actor, %Activity{} = activity) do ) end) end + + def gather_webfinger_links(%User{} = user) do + [ + %{"rel" => "self", "type" => "application/activity+json", "href" => user.ap_id}, + %{ + "rel" => "self", + "type" => "application/ld+json; profile=\"https://www.w3.org/ns/activitystreams\"", + "href" => user.ap_id + } + ] + end end diff --git a/lib/pleroma/web/federator/publisher.ex b/lib/pleroma/web/federator/publisher.ex index 67f4b7ba7..112a0574f 100644 --- a/lib/pleroma/web/federator/publisher.ex +++ b/lib/pleroma/web/federator/publisher.ex @@ -66,4 +66,17 @@ def publish(%User{} = user, %Activity{} = activity) do :ok end + + @doc """ + Gathers links used by an outgoing federation module for WebFinger output. + """ + @callback gather_webfinger_links(Pleroma.User.t()) :: list() + + @spec gather_webfinger_links(Pleroma.User.t()) :: list() + def gather_webfinger_links(%User{} = user) do + Config.get([:instance, :federation_publisher_modules]) + |> Enum.reduce([], fn module, links -> + links ++ module.gather_webfinger_links(user) + end) + end end diff --git a/lib/pleroma/web/salmon/salmon.ex b/lib/pleroma/web/salmon/salmon.ex index 7b59609c0..92e85b5e9 100644 --- a/lib/pleroma/web/salmon/salmon.ex +++ b/lib/pleroma/web/salmon/salmon.ex @@ -14,6 +14,7 @@ defmodule Pleroma.Web.Salmon do alias Pleroma.User alias Pleroma.Web.ActivityPub.Visibility alias Pleroma.Web.Federator.Publisher + alias Pleroma.Web.OStatus alias Pleroma.Web.OStatus.ActivityRepresenter alias Pleroma.Web.XML @@ -250,4 +251,17 @@ def publish(%{info: %{keys: keys}} = user, %{data: %{"type" => type}} = activity end def publish(%{id: id}, _), do: Logger.debug(fn -> "Keys missing for user #{id}" end) + + def gather_webfinger_links(%User{} = user) do + {:ok, _private, public} = keys_from_pem(user.info.keys) + magic_key = encode_key(public) + + [ + %{"rel" => "salmon", "href" => OStatus.salmon_path(user)}, + %{ + "rel" => "magic-public-key", + "href" => "data:application/magic-public-key,#{magic_key}" + } + ] + end end diff --git a/lib/pleroma/web/web_finger/web_finger.ex b/lib/pleroma/web/web_finger/web_finger.ex index a3b0bf999..3a3b98a10 100644 --- a/lib/pleroma/web/web_finger/web_finger.ex +++ b/lib/pleroma/web/web_finger/web_finger.ex @@ -7,7 +7,7 @@ defmodule Pleroma.Web.WebFinger do alias Pleroma.User alias Pleroma.Web - alias Pleroma.Web.OStatus + alias Pleroma.Web.Federator.Publisher alias Pleroma.Web.Salmon alias Pleroma.Web.XML alias Pleroma.XmlBuilder @@ -50,70 +50,40 @@ def webfinger(resource, fmt) when fmt in ["XML", "JSON"] do end end + defp gather_links(%User{} = user) do + [ + %{ + "rel" => "http://webfinger.net/rel/profile-page", + "type" => "text/html", + "href" => user.ap_id + } + ] ++ Publisher.gather_webfinger_links(user) + end + def represent_user(user, "JSON") do {:ok, user} = ensure_keys_present(user) - {:ok, _private, public} = Salmon.keys_from_pem(user.info.keys) - magic_key = Salmon.encode_key(public) %{ "subject" => "acct:#{user.nickname}@#{Pleroma.Web.Endpoint.host()}", "aliases" => [user.ap_id], - "links" => [ - %{ - "rel" => "http://schemas.google.com/g/2010#updates-from", - "type" => "application/atom+xml", - "href" => OStatus.feed_path(user) - }, - %{ - "rel" => "http://webfinger.net/rel/profile-page", - "type" => "text/html", - "href" => user.ap_id - }, - %{"rel" => "salmon", "href" => OStatus.salmon_path(user)}, - %{ - "rel" => "magic-public-key", - "href" => "data:application/magic-public-key,#{magic_key}" - }, - %{"rel" => "self", "type" => "application/activity+json", "href" => user.ap_id}, - %{ - "rel" => "self", - "type" => "application/ld+json; profile=\"https://www.w3.org/ns/activitystreams\"", - "href" => user.ap_id - }, - %{ - "rel" => "http://ostatus.org/schema/1.0/subscribe", - "template" => OStatus.remote_follow_path() - } - ] + "links" => gather_links(user) } end def represent_user(user, "XML") do {:ok, user} = ensure_keys_present(user) - {:ok, _private, public} = Salmon.keys_from_pem(user.info.keys) - magic_key = Salmon.encode_key(public) + + links = + gather_links(user) + |> Enum.map(fn link -> {:Link, link} end) { :XRD, %{xmlns: "http://docs.oasis-open.org/ns/xri/xrd-1.0"}, [ {:Subject, "acct:#{user.nickname}@#{Pleroma.Web.Endpoint.host()}"}, - {:Alias, user.ap_id}, - {:Link, - %{ - rel: "http://schemas.google.com/g/2010#updates-from", - type: "application/atom+xml", - href: OStatus.feed_path(user) - }}, - {:Link, - %{rel: "http://webfinger.net/rel/profile-page", type: "text/html", href: user.ap_id}}, - {:Link, %{rel: "salmon", href: OStatus.salmon_path(user)}}, - {:Link, - %{rel: "magic-public-key", href: "data:application/magic-public-key,#{magic_key}"}}, - {:Link, %{rel: "self", type: "application/activity+json", href: user.ap_id}}, - {:Link, - %{rel: "http://ostatus.org/schema/1.0/subscribe", template: OStatus.remote_follow_path()}} - ] + {:Alias, user.ap_id} + ] ++ links } |> XmlBuilder.to_doc() end diff --git a/lib/pleroma/web/websub/websub.ex b/lib/pleroma/web/websub/websub.ex index 1fb993282..2ce6dcc19 100644 --- a/lib/pleroma/web/websub/websub.ex +++ b/lib/pleroma/web/websub/websub.ex @@ -7,6 +7,7 @@ defmodule Pleroma.Web.Websub do alias Pleroma.Activity alias Pleroma.Instances alias Pleroma.Repo + alias Pleroma.User alias Pleroma.Web.ActivityPub.Visibility alias Pleroma.Web.Endpoint alias Pleroma.Web.Federator @@ -313,4 +314,18 @@ def publish_one(%{xml: xml, topic: topic, callback: callback, secret: secret} = {:error, response} end end + + def gather_webfinger_links(%User{} = user) do + [ + %{ + "rel" => "http://schemas.google.com/g/2010#updates-from", + "type" => "application/atom+xml", + "href" => OStatus.feed_path(user) + }, + %{ + "rel" => "http://ostatus.org/schema/1.0/subscribe", + "template" => OStatus.remote_follow_path() + } + ] + end end From 44b182732efe2d8571aa54e6062637e7e42021ce Mon Sep 17 00:00:00 2001 From: William Pitcock Date: Sun, 12 May 2019 19:15:29 +0000 Subject: [PATCH 039/170] nodeinfo: gather supported protocol names from federation modules --- lib/pleroma/web/activity_pub/publisher.ex | 2 ++ lib/pleroma/web/federator/publisher.ex | 13 +++++++++++++ lib/pleroma/web/nodeinfo/nodeinfo_controller.ex | 3 ++- lib/pleroma/web/salmon/salmon.ex | 2 ++ lib/pleroma/web/websub/websub.ex | 2 ++ 5 files changed, 21 insertions(+), 1 deletion(-) diff --git a/lib/pleroma/web/activity_pub/publisher.ex b/lib/pleroma/web/activity_pub/publisher.ex index 5c97485c8..8e3af0a81 100644 --- a/lib/pleroma/web/activity_pub/publisher.ex +++ b/lib/pleroma/web/activity_pub/publisher.ex @@ -147,4 +147,6 @@ def gather_webfinger_links(%User{} = user) do } ] end + + def gather_nodeinfo_protocol_names, do: ["activitypub"] end diff --git a/lib/pleroma/web/federator/publisher.ex b/lib/pleroma/web/federator/publisher.ex index 112a0574f..916bcdcba 100644 --- a/lib/pleroma/web/federator/publisher.ex +++ b/lib/pleroma/web/federator/publisher.ex @@ -79,4 +79,17 @@ def gather_webfinger_links(%User{} = user) do links ++ module.gather_webfinger_links(user) end) end + + @doc """ + Gathers nodeinfo protocol names supported by the federation module. + """ + @callback gather_nodeinfo_protocol_names() :: list() + + @spec gather_nodeinfo_protocol_names() :: list() + def gather_nodeinfo_protocol_names do + Config.get([:instance, :federation_publisher_modules]) + |> Enum.reduce([], fn module, links -> + links ++ module.gather_nodeinfo_protocol_names() + end) + end end diff --git a/lib/pleroma/web/nodeinfo/nodeinfo_controller.ex b/lib/pleroma/web/nodeinfo/nodeinfo_controller.ex index 216a962bd..3bf2a0fbc 100644 --- a/lib/pleroma/web/nodeinfo/nodeinfo_controller.ex +++ b/lib/pleroma/web/nodeinfo/nodeinfo_controller.ex @@ -10,6 +10,7 @@ defmodule Pleroma.Web.Nodeinfo.NodeinfoController do alias Pleroma.User alias Pleroma.Web alias Pleroma.Web.ActivityPub.MRF + alias Pleroma.Web.Federator.Publisher plug(Pleroma.Web.FederatingPlug) @@ -137,7 +138,7 @@ def raw_nodeinfo do name: Pleroma.Application.name() |> String.downcase(), version: Pleroma.Application.version() }, - protocols: ["ostatus", "activitypub"], + protocols: Publisher.gather_nodeinfo_protocol_names(), services: %{ inbound: [], outbound: [] diff --git a/lib/pleroma/web/salmon/salmon.ex b/lib/pleroma/web/salmon/salmon.ex index 92e85b5e9..42709ab47 100644 --- a/lib/pleroma/web/salmon/salmon.ex +++ b/lib/pleroma/web/salmon/salmon.ex @@ -264,4 +264,6 @@ def gather_webfinger_links(%User{} = user) do } ] end + + def gather_nodeinfo_protocol_names, do: [] end diff --git a/lib/pleroma/web/websub/websub.ex b/lib/pleroma/web/websub/websub.ex index 2ce6dcc19..7ad0414ab 100644 --- a/lib/pleroma/web/websub/websub.ex +++ b/lib/pleroma/web/websub/websub.ex @@ -328,4 +328,6 @@ def gather_webfinger_links(%User{} = user) do } ] end + + def gather_nodeinfo_protocol_names, do: ["ostatus"] end From 15cda998f3bdc03f58c30e34e35ebc026a90cf29 Mon Sep 17 00:00:00 2001 From: rinpatch Date: Mon, 13 May 2019 10:32:04 +0300 Subject: [PATCH 040/170] Add a test to ensure create_or_bump_for does not normalize objects before checking the activity type --- test/conversation_test.exs | 38 ++++++++++++++++++++++++++++++++++++++ 1 file changed, 38 insertions(+) diff --git a/test/conversation_test.exs b/test/conversation_test.exs index f3300e7d1..864b2eb03 100644 --- a/test/conversation_test.exs +++ b/test/conversation_test.exs @@ -4,7 +4,9 @@ defmodule Pleroma.ConversationTest do use Pleroma.DataCase + alias Pleroma.Activity alias Pleroma.Conversation + alias Pleroma.Object alias Pleroma.Web.CommonAPI import Pleroma.Factory @@ -134,4 +136,40 @@ test "create_or_bump_for returns the conversation with participations" do assert {:error, _} = Conversation.create_or_bump_for(activity) end + + test "create_or_bump_for does not normalize objects before checking the activity type" do + note = insert(:note) + note_id = note.data["id"] + Repo.delete(note) + refute Object.get_by_ap_id(note_id) + + Tesla.Mock.mock(fn env -> + case env.url do + ^note_id -> + # TODO: add attributedTo and tag to the note factory + body = + note.data + |> Map.put("attributedTo", note.data["actor"]) + |> Map.put("tag", []) + |> Jason.encode!() + + %Tesla.Env{status: 200, body: body} + end + end) + + undo = %Activity{ + id: "fake", + data: %{ + "id" => Pleroma.Web.ActivityPub.Utils.generate_activity_id(), + "actor" => note.data["actor"], + "to" => [note.data["actor"]], + "object" => note_id, + "type" => "Undo" + } + } + + Conversation.create_or_bump_for(undo) + + refute Object.get_by_ap_id(note_id) + end end From 786f2c7a849bc4fa2bd4aac18de59ef6b2ed18c5 Mon Sep 17 00:00:00 2001 From: Mark Felder Date: Mon, 13 May 2019 11:16:54 -0500 Subject: [PATCH 041/170] Update shortdoc description --- lib/mix/tasks/pleroma/conversations.ex | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lib/mix/tasks/pleroma/conversations.ex b/lib/mix/tasks/pleroma/conversations.ex index 125d8851a..b52b9921a 100644 --- a/lib/mix/tasks/pleroma/conversations.ex +++ b/lib/mix/tasks/pleroma/conversations.ex @@ -7,7 +7,7 @@ defmodule Mix.Tasks.Pleroma.Conversations do alias Mix.Tasks.Pleroma.Common alias Pleroma.Conversation - @shortdoc "Manages Pleroma users" + @shortdoc "Manages Pleroma conversations." @moduledoc """ Manages Pleroma conversations. From 7701a4c84191a445e0b62e8a241e8af86f86e16a Mon Sep 17 00:00:00 2001 From: Sachin Joshi Date: Mon, 13 May 2019 23:50:33 +0545 Subject: [PATCH 042/170] Make irreversible field default to false in filters --- CHANGELOG.md | 1 + lib/pleroma/web/mastodon_api/mastodon_api_controller.ex | 2 +- ...20190513175809_change_hide_column_in_filter_table.exs | 9 +++++++++ test/web/mastodon_api/mastodon_api_controller_test.exs | 1 + 4 files changed, 12 insertions(+), 1 deletion(-) create mode 100644 priv/repo/migrations/20190513175809_change_hide_column_in_filter_table.exs diff --git a/CHANGELOG.md b/CHANGELOG.md index b9c9538b0..76e6f6b39 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -92,6 +92,7 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/). - Mastodon API: Handling of `reblogs` in `/api/v1/accounts/:id/follow` - Mastodon API: Correct `reblogged`, `favourited`, and `bookmarked` values in the reblog status JSON - Mastodon API: Exposing default scope of the user to anyone +- Mastodon API: Make `irreversible` field default to `false` [`POST /api/v1/filters`] ## [0.9.9999] - 2019-04-05 ### Security diff --git a/lib/pleroma/web/mastodon_api/mastodon_api_controller.ex b/lib/pleroma/web/mastodon_api/mastodon_api_controller.ex index 956736780..fd595031d 100644 --- a/lib/pleroma/web/mastodon_api/mastodon_api_controller.ex +++ b/lib/pleroma/web/mastodon_api/mastodon_api_controller.ex @@ -1536,7 +1536,7 @@ def create_filter( user_id: user.id, phrase: phrase, context: context, - hide: Map.get(params, "irreversible", nil), + hide: Map.get(params, "irreversible", false), whole_word: Map.get(params, "boolean", true) # expires_at } diff --git a/priv/repo/migrations/20190513175809_change_hide_column_in_filter_table.exs b/priv/repo/migrations/20190513175809_change_hide_column_in_filter_table.exs new file mode 100644 index 000000000..2ffb88cc9 --- /dev/null +++ b/priv/repo/migrations/20190513175809_change_hide_column_in_filter_table.exs @@ -0,0 +1,9 @@ +defmodule Pleroma.Repo.Migrations.ChangeHideColumnInFilterTable do + use Ecto.Migration + + def change do + alter table(:filters) do + modify :hide, :boolean, default: false + end + end +end diff --git a/test/web/mastodon_api/mastodon_api_controller_test.exs b/test/web/mastodon_api/mastodon_api_controller_test.exs index 505e45010..537cd98d5 100644 --- a/test/web/mastodon_api/mastodon_api_controller_test.exs +++ b/test/web/mastodon_api/mastodon_api_controller_test.exs @@ -572,6 +572,7 @@ test "creating a filter", %{conn: conn} do assert response = json_response(conn, 200) assert response["phrase"] == filter.phrase assert response["context"] == filter.context + assert response["irreversible"] == false assert response["id"] != nil assert response["id"] != "" end From a2be420f940fb8f181feeb9b0fb9759d433dcae1 Mon Sep 17 00:00:00 2001 From: Alexander Strizhakov Date: Mon, 13 May 2019 18:35:45 +0000 Subject: [PATCH 043/170] differences_in_mastoapi_responses.md: fullname & bio are optionnal [ci skip] --- CHANGELOG.md | 3 +- config/config.exs | 2 + docs/api/differences_in_mastoapi_responses.md | 10 ++ docs/config.md | 6 + lib/mix/tasks/pleroma/user.ex | 2 +- lib/pleroma/plugs/oauth_plug.ex | 48 +++++-- lib/pleroma/plugs/rate_limit_plug.ex | 36 +++++ lib/pleroma/user.ex | 11 +- lib/pleroma/user/info.ex | 30 +++-- .../web/admin_api/admin_api_controller.ex | 2 +- lib/pleroma/web/auth/pleroma_authenticator.ex | 2 +- .../mastodon_api/mastodon_api_controller.ex | 57 ++++++++ lib/pleroma/web/oauth/app.ex | 1 + lib/pleroma/web/oauth/authorization.ex | 41 ++++-- lib/pleroma/web/oauth/oauth_controller.ex | 22 +++ lib/pleroma/web/oauth/token.ex | 11 +- lib/pleroma/web/router.ex | 2 + lib/pleroma/web/twitter_api/twitter_api.ex | 29 ++-- .../web/twitter_api/twitter_api_controller.ex | 2 +- mix.exs | 1 + mix.lock | 2 + test/plugs/rate_limit_plug_test.exs | 50 +++++++ test/user_test.exs | 2 +- .../mastodon_api_controller_test.exs | 126 ++++++++++++++++++ test/web/oauth/oauth_controller_test.exs | 23 +++- .../twitter_api_controller_test.exs | 4 +- test/web/views/error_view_test.exs | 19 ++- 27 files changed, 477 insertions(+), 67 deletions(-) create mode 100644 lib/pleroma/plugs/rate_limit_plug.ex create mode 100644 test/plugs/rate_limit_plug_test.exs diff --git a/CHANGELOG.md b/CHANGELOG.md index 76e6f6b39..cb934dab4 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -26,6 +26,7 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/). - Mastodon API: `/api/v1/notifications/destroy_multiple` (glitch-soc extension) - Mastodon API: `/api/v1/pleroma/accounts/:id/favourites` (API extension) - Mastodon API: [Reports](https://docs.joinmastodon.org/api/rest/reports/) +- Mastodon API: REST API for creating an account - ActivityPub C2S: OAuth endpoints - Metadata RelMe provider - OAuth: added support for refresh tokens @@ -57,10 +58,10 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/). - Mastodon API: Add `with_muted` parameter to timeline endpoints - Mastodon API: Actual reblog hiding instead of a dummy - Mastodon API: Remove attachment limit in the Status entity +- Mastodon API: Added support max_id & since_id for bookmark timeline endpoints. - Deps: Updated Cowboy to 2.6 - Deps: Updated Ecto to 3.0.7 - Don't ship finmoji by default, they can be installed as an emoji pack -- Mastodon API: Added support max_id & since_id for bookmark timeline endpoints. - Admin API: Move the user related API to `api/pleroma/admin/users` ### Fixed diff --git a/config/config.exs b/config/config.exs index 1e64b79a7..e8aad855c 100644 --- a/config/config.exs +++ b/config/config.exs @@ -234,6 +234,8 @@ safe_dm_mentions: false, healthcheck: false +config :pleroma, :app_account_creation, enabled: false, max_requests: 5, interval: 1800 + config :pleroma, :markup, # XXX - unfortunately, inline images must be enabled by default right now, because # of custom emoji. Issue #275 discusses defanging that somehow. diff --git a/docs/api/differences_in_mastoapi_responses.md b/docs/api/differences_in_mastoapi_responses.md index d3ba41b6a..36b47608e 100644 --- a/docs/api/differences_in_mastoapi_responses.md +++ b/docs/api/differences_in_mastoapi_responses.md @@ -87,3 +87,13 @@ Additional parameters can be added to the JSON body/Form data: `POST /oauth/token` Post here request with grant_type=refresh_token to obtain new access token. Returns an access token. + +## Account Registration +`POST /api/v1/accounts` + +Has theses additionnal parameters (which are the same as in Pleroma-API): + * `fullname`: optional + * `bio`: optional + * `captcha_solution`: optional, contains provider-specific captcha solution, + * `captcha_token`: optional, contains provider-specific captcha token + * `token`: invite token required when the registerations aren't public. diff --git a/docs/config.md b/docs/config.md index 43ea24d80..470f71b7c 100644 --- a/docs/config.md +++ b/docs/config.md @@ -105,6 +105,12 @@ config :pleroma, Pleroma.Emails.Mailer, * `safe_dm_mentions`: If set to true, only mentions at the beginning of a post will be used to address people in direct messages. This is to prevent accidental mentioning of people when talking about them (e.g. "@friend hey i really don't like @enemy"). (Default: `false`) * `healthcheck`: if set to true, system data will be shown on ``/api/pleroma/healthcheck``. +## :app_account_creation +REST API for creating an account settings +* `enabled`: Enable/disable registration +* `max_requests`: Number of requests allowed for creating accounts +* `interval`: Interval for restricting requests for one ip (seconds) + ## :logger * `backends`: `:console` is used to send logs to stdout, `{ExSyslogger, :ex_syslogger}` to log to syslog, and `Quack.Logger` to log to Slack diff --git a/lib/mix/tasks/pleroma/user.ex b/lib/mix/tasks/pleroma/user.ex index 6a83a8c0d..d130ff8c9 100644 --- a/lib/mix/tasks/pleroma/user.ex +++ b/lib/mix/tasks/pleroma/user.ex @@ -138,7 +138,7 @@ def run(["new", nickname, email | rest]) do bio: bio } - changeset = User.register_changeset(%User{}, params, confirmed: true) + changeset = User.register_changeset(%User{}, params, need_confirmation: false) {:ok, _user} = User.register(changeset) Mix.shell().info("User #{nickname} created") diff --git a/lib/pleroma/plugs/oauth_plug.ex b/lib/pleroma/plugs/oauth_plug.ex index 9d43732eb..86bc4aa3a 100644 --- a/lib/pleroma/plugs/oauth_plug.ex +++ b/lib/pleroma/plugs/oauth_plug.ex @@ -8,6 +8,7 @@ defmodule Pleroma.Plugs.OAuthPlug do alias Pleroma.Repo alias Pleroma.User + alias Pleroma.Web.OAuth.App alias Pleroma.Web.OAuth.Token @realm_reg Regex.compile!("Bearer\:?\s+(.*)$", "i") @@ -22,18 +23,39 @@ def call(%{params: %{"access_token" => access_token}} = conn, _) do |> assign(:token, token_record) |> assign(:user, user) else - _ -> conn + _ -> + # token found, but maybe only with app + with {:ok, app, token_record} <- fetch_app_and_token(access_token) do + conn + |> assign(:token, token_record) + |> assign(:app, app) + else + _ -> conn + end end end def call(conn, _) do - with {:ok, token_str} <- fetch_token_str(conn), - {:ok, user, token_record} <- fetch_user_and_token(token_str) do - conn - |> assign(:token, token_record) - |> assign(:user, user) - else - _ -> conn + case fetch_token_str(conn) do + {:ok, token} -> + with {:ok, user, token_record} <- fetch_user_and_token(token) do + conn + |> assign(:token, token_record) + |> assign(:user, user) + else + _ -> + # token found, but maybe only with app + with {:ok, app, token_record} <- fetch_app_and_token(token) do + conn + |> assign(:token, token_record) + |> assign(:app, app) + else + _ -> conn + end + end + + _ -> + conn end end @@ -54,6 +76,16 @@ defp fetch_user_and_token(token) do end end + @spec fetch_app_and_token(String.t()) :: {:ok, App.t(), Token.t()} | nil + defp fetch_app_and_token(token) do + query = + from(t in Token, where: t.token == ^token, join: app in assoc(t, :app), preload: [app: app]) + + with %Token{app: app} = token_record <- Repo.one(query) do + {:ok, app, token_record} + end + end + # Gets token from session by :oauth_token key # @spec fetch_token_from_session(Plug.Conn.t()) :: :no_token_found | {:ok, String.t()} diff --git a/lib/pleroma/plugs/rate_limit_plug.ex b/lib/pleroma/plugs/rate_limit_plug.ex new file mode 100644 index 000000000..466f64a79 --- /dev/null +++ b/lib/pleroma/plugs/rate_limit_plug.ex @@ -0,0 +1,36 @@ +# Pleroma: A lightweight social networking server +# Copyright © 2017-2019 Pleroma Authors +# SPDX-License-Identifier: AGPL-3.0-only + +defmodule Pleroma.Plugs.RateLimitPlug do + import Phoenix.Controller, only: [json: 2] + import Plug.Conn + + def init(opts), do: opts + + def call(conn, opts) do + enabled? = Pleroma.Config.get([:app_account_creation, :enabled]) + + case check_rate(conn, Map.put(opts, :enabled, enabled?)) do + {:ok, _count} -> conn + {:error, _count} -> render_error(conn) + %Plug.Conn{} = conn -> conn + end + end + + defp check_rate(conn, %{enabled: true} = opts) do + max_requests = opts[:max_requests] + bucket_name = conn.remote_ip |> Tuple.to_list() |> Enum.join(".") + + ExRated.check_rate(bucket_name, opts[:interval] * 1000, max_requests) + end + + defp check_rate(conn, _), do: conn + + defp render_error(conn) do + conn + |> put_status(:forbidden) + |> json(%{error: "Rate limit exceeded."}) + |> halt() + end +end diff --git a/lib/pleroma/user.ex b/lib/pleroma/user.ex index 427400aa1..474de9ba5 100644 --- a/lib/pleroma/user.ex +++ b/lib/pleroma/user.ex @@ -204,14 +204,15 @@ def reset_password(user, data) do end def register_changeset(struct, params \\ %{}, opts \\ []) do - confirmation_status = - if opts[:confirmed] || !Pleroma.Config.get([:instance, :account_activation_required]) do - :confirmed + need_confirmation? = + if is_nil(opts[:need_confirmation]) do + Pleroma.Config.get([:instance, :account_activation_required]) else - :unconfirmed + opts[:need_confirmation] end - info_change = User.Info.confirmation_changeset(%User.Info{}, confirmation_status) + info_change = + User.Info.confirmation_changeset(%User.Info{}, need_confirmation: need_confirmation?) changeset = struct diff --git a/lib/pleroma/user/info.ex b/lib/pleroma/user/info.ex index 1b81619ce..5a50ee639 100644 --- a/lib/pleroma/user/info.ex +++ b/lib/pleroma/user/info.ex @@ -8,6 +8,8 @@ defmodule Pleroma.User.Info do alias Pleroma.User.Info + @type t :: %__MODULE__{} + embedded_schema do field(:banner, :map, default: %{}) field(:background, :map, default: %{}) @@ -210,21 +212,23 @@ def profile_update(info, params) do ]) end - def confirmation_changeset(info, :confirmed) do - confirmation_changeset(info, %{ - confirmation_pending: false, - confirmation_token: nil - }) - end + @spec confirmation_changeset(Info.t(), keyword()) :: Ecto.Changerset.t() + def confirmation_changeset(info, opts) do + need_confirmation? = Keyword.get(opts, :need_confirmation) - def confirmation_changeset(info, :unconfirmed) do - confirmation_changeset(info, %{ - confirmation_pending: true, - confirmation_token: :crypto.strong_rand_bytes(32) |> Base.url_encode64() - }) - end + params = + if need_confirmation? do + %{ + confirmation_pending: true, + confirmation_token: :crypto.strong_rand_bytes(32) |> Base.url_encode64() + } + else + %{ + confirmation_pending: false, + confirmation_token: nil + } + end - def confirmation_changeset(info, params) do cast(info, params, [:confirmation_pending, :confirmation_token]) end diff --git a/lib/pleroma/web/admin_api/admin_api_controller.ex b/lib/pleroma/web/admin_api/admin_api_controller.ex index b553d96a8..e00b33aba 100644 --- a/lib/pleroma/web/admin_api/admin_api_controller.ex +++ b/lib/pleroma/web/admin_api/admin_api_controller.ex @@ -59,7 +59,7 @@ def user_create( bio: "." } - changeset = User.register_changeset(%User{}, user_data, confirmed: true) + changeset = User.register_changeset(%User{}, user_data, need_confirmation: false) {:ok, user} = User.register(changeset) conn diff --git a/lib/pleroma/web/auth/pleroma_authenticator.ex b/lib/pleroma/web/auth/pleroma_authenticator.ex index dd79cdcf7..c4a6fce08 100644 --- a/lib/pleroma/web/auth/pleroma_authenticator.ex +++ b/lib/pleroma/web/auth/pleroma_authenticator.ex @@ -74,7 +74,7 @@ def create_from_registration( password_confirmation: random_password }, external: true, - confirmed: true + need_confirmation: false ) |> Repo.insert(), {:ok, _} <- diff --git a/lib/pleroma/web/mastodon_api/mastodon_api_controller.ex b/lib/pleroma/web/mastodon_api/mastodon_api_controller.ex index fd595031d..defd88a44 100644 --- a/lib/pleroma/web/mastodon_api/mastodon_api_controller.ex +++ b/lib/pleroma/web/mastodon_api/mastodon_api_controller.ex @@ -39,12 +39,22 @@ defmodule Pleroma.Web.MastodonAPI.MastodonAPIController do alias Pleroma.Web.OAuth.Authorization alias Pleroma.Web.OAuth.Scopes alias Pleroma.Web.OAuth.Token + alias Pleroma.Web.TwitterAPI.TwitterAPI alias Pleroma.Web.ControllerHelper import Ecto.Query require Logger + plug( + Pleroma.Plugs.RateLimitPlug, + %{ + max_requests: Config.get([:app_account_creation, :max_requests]), + interval: Config.get([:app_account_creation, :interval]) + } + when action in [:account_register] + ) + @httpoison Application.get_env(:pleroma, :httpoison) @local_mastodon_name "Mastodon-Local" @@ -1693,6 +1703,53 @@ def reports(%{assigns: %{user: user}} = conn, params) do end end + def account_register( + %{assigns: %{app: app}} = conn, + %{"username" => nickname, "email" => _, "password" => _, "agreement" => true} = params + ) do + params = + params + |> Map.take([ + "email", + "captcha_solution", + "captcha_token", + "captcha_answer_data", + "token", + "password" + ]) + |> Map.put("nickname", nickname) + |> Map.put("fullname", params["fullname"] || nickname) + |> Map.put("bio", params["bio"] || "") + |> Map.put("confirm", params["password"]) + + with {:ok, user} <- TwitterAPI.register_user(params, need_confirmation: true), + {:ok, token} <- Token.create_token(app, user, %{scopes: app.scopes}) do + json(conn, %{ + token_type: "Bearer", + access_token: token.token, + scope: app.scopes, + created_at: Token.Utils.format_created_at(token) + }) + else + {:error, errors} -> + conn + |> put_status(400) + |> json(Jason.encode!(errors)) + end + end + + def account_register(%{assigns: %{app: _app}} = conn, _params) do + conn + |> put_status(400) + |> json(%{error: "Missing parameters"}) + end + + def account_register(conn, _) do + conn + |> put_status(403) + |> json(%{error: "Invalid credentials"}) + end + def conversations(%{assigns: %{user: user}} = conn, params) do participations = Participation.for_user_with_last_activity_id(user, params) diff --git a/lib/pleroma/web/oauth/app.ex b/lib/pleroma/web/oauth/app.ex index bccc2ac96..ddcdb1871 100644 --- a/lib/pleroma/web/oauth/app.ex +++ b/lib/pleroma/web/oauth/app.ex @@ -7,6 +7,7 @@ defmodule Pleroma.Web.OAuth.App do import Ecto.Changeset @type t :: %__MODULE__{} + schema "apps" do field(:client_name, :string) field(:redirect_uris, :string) diff --git a/lib/pleroma/web/oauth/authorization.ex b/lib/pleroma/web/oauth/authorization.ex index ca3901cc4..b47688de1 100644 --- a/lib/pleroma/web/oauth/authorization.ex +++ b/lib/pleroma/web/oauth/authorization.ex @@ -14,6 +14,7 @@ defmodule Pleroma.Web.OAuth.Authorization do import Ecto.Query @type t :: %__MODULE__{} + schema "oauth_authorizations" do field(:token, :string) field(:scopes, {:array, :string}, default: []) @@ -25,28 +26,45 @@ defmodule Pleroma.Web.OAuth.Authorization do timestamps() end + @spec create_authorization(App.t(), User.t() | %{}, [String.t()] | nil) :: + {:ok, Authorization.t()} | {:error, Changeset.t()} def create_authorization(%App{} = app, %User{} = user, scopes \\ nil) do - scopes = scopes || app.scopes - token = :crypto.strong_rand_bytes(32) |> Base.url_encode64(padding: false) - - authorization = %Authorization{ - token: token, - used: false, + %{ + scopes: scopes || app.scopes, user_id: user.id, - app_id: app.id, - scopes: scopes, - valid_until: NaiveDateTime.add(NaiveDateTime.utc_now(), 60 * 10) + app_id: app.id } - - Repo.insert(authorization) + |> create_changeset() + |> Repo.insert() end + @spec create_changeset(map()) :: Changeset.t() + def create_changeset(attrs \\ %{}) do + %Authorization{} + |> cast(attrs, [:user_id, :app_id, :scopes, :valid_until]) + |> validate_required([:app_id, :scopes]) + |> add_token() + |> add_lifetime() + end + + defp add_token(changeset) do + token = :crypto.strong_rand_bytes(32) |> Base.url_encode64(padding: false) + put_change(changeset, :token, token) + end + + defp add_lifetime(changeset) do + put_change(changeset, :valid_until, NaiveDateTime.add(NaiveDateTime.utc_now(), 60 * 10)) + end + + @spec use_changeset(Authtorizatiton.t(), map()) :: Changeset.t() def use_changeset(%Authorization{} = auth, params) do auth |> cast(params, [:used]) |> validate_required([:used]) end + @spec use_token(Authorization.t()) :: + {:ok, Authorization.t()} | {:error, Changeset.t()} | {:error, String.t()} def use_token(%Authorization{used: false, valid_until: valid_until} = auth) do if NaiveDateTime.diff(NaiveDateTime.utc_now(), valid_until) < 0 do Repo.update(use_changeset(auth, %{used: true})) @@ -57,6 +75,7 @@ def use_token(%Authorization{used: false, valid_until: valid_until} = auth) do def use_token(%Authorization{used: true}), do: {:error, "already used"} + @spec delete_user_authorizations(User.t()) :: {integer(), any()} def delete_user_authorizations(%User{id: user_id}) do from( a in Pleroma.Web.OAuth.Authorization, diff --git a/lib/pleroma/web/oauth/oauth_controller.ex b/lib/pleroma/web/oauth/oauth_controller.ex index 8ee0da667..862b8f8c9 100644 --- a/lib/pleroma/web/oauth/oauth_controller.ex +++ b/lib/pleroma/web/oauth/oauth_controller.ex @@ -218,6 +218,28 @@ def token_exchange( token_exchange(conn, params) end + def token_exchange(conn, %{"grant_type" => "client_credentials"} = params) do + with %App{} = app <- get_app_from_request(conn, params), + {:ok, auth} <- Authorization.create_authorization(app, %User{}), + {:ok, token} <- Token.exchange_token(app, auth), + {:ok, inserted_at} <- DateTime.from_naive(token.inserted_at, "Etc/UTC") do + response = %{ + token_type: "Bearer", + access_token: token.token, + refresh_token: token.refresh_token, + created_at: DateTime.to_unix(inserted_at), + expires_in: 60 * 10, + scope: Enum.join(token.scopes, " ") + } + + json(conn, response) + else + _error -> + put_status(conn, 400) + |> json(%{error: "Invalid credentials"}) + end + end + # Bad request def token_exchange(conn, params), do: bad_request(conn, params) diff --git a/lib/pleroma/web/oauth/token.ex b/lib/pleroma/web/oauth/token.ex index 4e5d1d118..ef047d565 100644 --- a/lib/pleroma/web/oauth/token.ex +++ b/lib/pleroma/web/oauth/token.ex @@ -45,12 +45,16 @@ def get_by_refresh_token(%App{id: app_id} = _app, token) do |> Repo.find_resource() end + @spec exchange_token(App.t(), Authorization.t()) :: + {:ok, Token.t()} | {:error, Changeset.t()} def exchange_token(app, auth) do with {:ok, auth} <- Authorization.use_token(auth), true <- auth.app_id == app.id do + user = if auth.user_id, do: User.get_cached_by_id(auth.user_id), else: %User{} + create_token( app, - User.get_cached_by_id(auth.user_id), + user, %{scopes: auth.scopes} ) end @@ -81,12 +85,13 @@ defp put_valid_until(changeset, attrs) do |> validate_required([:valid_until]) end + @spec create_token(App.t(), User.t(), map()) :: {:ok, Token} | {:error, Changeset.t()} def create_token(%App{} = app, %User{} = user, attrs \\ %{}) do %__MODULE__{user_id: user.id, app_id: app.id} |> cast(%{scopes: attrs[:scopes] || app.scopes}, [:scopes]) - |> validate_required([:scopes, :user_id, :app_id]) + |> validate_required([:scopes, :app_id]) |> put_valid_until(attrs) - |> put_token + |> put_token() |> put_refresh_token(attrs) |> Repo.insert() end diff --git a/lib/pleroma/web/router.ex b/lib/pleroma/web/router.ex index 8b84fbbad..51146d010 100644 --- a/lib/pleroma/web/router.ex +++ b/lib/pleroma/web/router.ex @@ -385,6 +385,8 @@ defmodule Pleroma.Web.Router do scope "/api/v1", Pleroma.Web.MastodonAPI do pipe_through(:api) + post("/accounts", MastodonAPIController, :account_register) + get("/instance", MastodonAPIController, :masto_instance) get("/instance/peers", MastodonAPIController, :peers) post("/apps", MastodonAPIController, :create_app) diff --git a/lib/pleroma/web/twitter_api/twitter_api.ex b/lib/pleroma/web/twitter_api/twitter_api.ex index 3a7774647..1362ef57c 100644 --- a/lib/pleroma/web/twitter_api/twitter_api.ex +++ b/lib/pleroma/web/twitter_api/twitter_api.ex @@ -128,7 +128,7 @@ def upload(%Plug.Upload{} = file, %User{} = user, format \\ "xml") do end end - def register_user(params) do + def register_user(params, opts \\ []) do token = params["token"] params = %{ @@ -162,13 +162,22 @@ def register_user(params) do # I have no idea how this error handling works {:error, %{error: Jason.encode!(%{captcha: [error]})}} else - registrations_open = Pleroma.Config.get([:instance, :registrations_open]) - registration_process(registrations_open, params, token) + registration_process( + params, + %{ + registrations_open: Pleroma.Config.get([:instance, :registrations_open]), + token: token + }, + opts + ) end end - defp registration_process(registration_open, params, token) - when registration_open == false or is_nil(registration_open) do + defp registration_process(params, %{registrations_open: true}, opts) do + create_user(params, opts) + end + + defp registration_process(params, %{token: token}, opts) do invite = unless is_nil(token) do Repo.get_by(UserInviteToken, %{token: token}) @@ -182,19 +191,15 @@ defp registration_process(registration_open, params, token) invite when valid_invite? -> UserInviteToken.update_usage!(invite) - create_user(params) + create_user(params, opts) _ -> {:error, "Expired token"} end end - defp registration_process(true, params, _token) do - create_user(params) - end - - defp create_user(params) do - changeset = User.register_changeset(%User{}, params) + defp create_user(params, opts) do + changeset = User.register_changeset(%User{}, params, opts) case User.register(changeset) do {:ok, user} -> diff --git a/lib/pleroma/web/twitter_api/twitter_api_controller.ex b/lib/pleroma/web/twitter_api/twitter_api_controller.ex index 21e6c555a..3c5a70be9 100644 --- a/lib/pleroma/web/twitter_api/twitter_api_controller.ex +++ b/lib/pleroma/web/twitter_api/twitter_api_controller.ex @@ -440,7 +440,7 @@ def confirm_email(conn, %{"user_id" => uid, "token" => token}) do true <- user.local, true <- user.info.confirmation_pending, true <- user.info.confirmation_token == token, - info_change <- User.Info.confirmation_changeset(user.info, :confirmed), + info_change <- User.Info.confirmation_changeset(user.info, need_confirmation: false), changeset <- Changeset.change(user) |> Changeset.put_embed(:info, info_change), {:ok, _} <- User.update_and_set_cache(changeset) do conn diff --git a/mix.exs b/mix.exs index 5600aaa42..b7b9d534d 100644 --- a/mix.exs +++ b/mix.exs @@ -114,6 +114,7 @@ defp deps do {:quack, "~> 0.1.1"}, {:benchee, "~> 1.0"}, {:esshd, "~> 0.1.0"}, + {:ex_rated, "~> 1.2"}, {:plug_static_index_html, "~> 1.0.0"} ] ++ oauth_deps end diff --git a/mix.lock b/mix.lock index 981cc1747..0b24818c5 100644 --- a/mix.lock +++ b/mix.lock @@ -24,10 +24,12 @@ "ecto_sql": {:hex, :ecto_sql, "3.0.5", "7e44172b4f7aca4469f38d7f6a3da394dbf43a1bcf0ca975e958cb957becd74e", [:mix], [{:db_connection, "~> 2.0", [hex: :db_connection, repo: "hexpm", optional: false]}, {:ecto, "~> 3.0.6", [hex: :ecto, repo: "hexpm", optional: false]}, {:mariaex, "~> 0.9.1", [hex: :mariaex, repo: "hexpm", optional: true]}, {:postgrex, "~> 0.14.0", [hex: :postgrex, repo: "hexpm", optional: true]}, {:telemetry, "~> 0.3.0", [hex: :telemetry, repo: "hexpm", optional: false]}], "hexpm"}, "esshd": {:hex, :esshd, "0.1.0", "6f93a2062adb43637edad0ea7357db2702a4b80dd9683482fe00f5134e97f4c1", [:mix], [], "hexpm"}, "eternal": {:hex, :eternal, "1.2.0", "e2a6b6ce3b8c248f7dc31451aefca57e3bdf0e48d73ae5043229380a67614c41", [:mix], [], "hexpm"}, + "ex2ms": {:hex, :ex2ms, "1.5.0", "19e27f9212be9a96093fed8cdfbef0a2b56c21237196d26760f11dfcfae58e97", [:mix], [], "hexpm"}, "ex_aws": {:hex, :ex_aws, "2.1.0", "b92651527d6c09c479f9013caa9c7331f19cba38a650590d82ebf2c6c16a1d8a", [:mix], [{:configparser_ex, "~> 2.0", [hex: :configparser_ex, repo: "hexpm", optional: true]}, {:hackney, "1.6.3 or 1.6.5 or 1.7.1 or 1.8.6 or ~> 1.9", [hex: :hackney, repo: "hexpm", optional: true]}, {:jsx, "~> 2.8", [hex: :jsx, repo: "hexpm", optional: true]}, {:poison, ">= 1.2.0", [hex: :poison, repo: "hexpm", optional: true]}, {:sweet_xml, "~> 0.6", [hex: :sweet_xml, repo: "hexpm", optional: true]}, {:xml_builder, "~> 0.1.0", [hex: :xml_builder, repo: "hexpm", optional: true]}], "hexpm"}, "ex_aws_s3": {:hex, :ex_aws_s3, "2.0.1", "9e09366e77f25d3d88c5393824e613344631be8db0d1839faca49686e99b6704", [:mix], [{:ex_aws, "~> 2.0", [hex: :ex_aws, repo: "hexpm", optional: false]}, {:sweet_xml, ">= 0.0.0", [hex: :sweet_xml, repo: "hexpm", optional: true]}], "hexpm"}, "ex_doc": {:hex, :ex_doc, "0.20.2", "1bd0dfb0304bade58beb77f20f21ee3558cc3c753743ae0ddbb0fd7ba2912331", [:mix], [{:earmark, "~> 1.3", [hex: :earmark, repo: "hexpm", optional: false]}, {:makeup_elixir, "~> 0.10", [hex: :makeup_elixir, repo: "hexpm", optional: false]}], "hexpm"}, "ex_machina": {:hex, :ex_machina, "2.3.0", "92a5ad0a8b10ea6314b876a99c8c9e3f25f4dde71a2a835845b136b9adaf199a", [:mix], [{:ecto, "~> 2.2 or ~> 3.0", [hex: :ecto, repo: "hexpm", optional: true]}, {:ecto_sql, "~> 3.0", [hex: :ecto_sql, repo: "hexpm", optional: true]}], "hexpm"}, + "ex_rated": {:hex, :ex_rated, "1.3.2", "6aeb32abb46ea6076f417a9ce8cb1cf08abf35fb2d42375beaad4dd72b550bf1", [:mix], [{:ex2ms, "~> 1.5", [hex: :ex2ms, repo: "hexpm", optional: false]}], "hexpm"}, "ex_syslogger": {:git, "https://github.com/slashmili/ex_syslogger.git", "f3963399047af17e038897c69e20d552e6899e1d", [tag: "1.4.0"]}, "floki": {:hex, :floki, "0.20.4", "be42ac911fece24b4c72f3b5846774b6e61b83fe685c2fc9d62093277fb3bc86", [:mix], [{:html_entities, "~> 0.4.0", [hex: :html_entities, repo: "hexpm", optional: false]}, {:mochiweb, "~> 2.15", [hex: :mochiweb, repo: "hexpm", optional: false]}], "hexpm"}, "gen_smtp": {:hex, :gen_smtp, "0.13.0", "11f08504c4bdd831dc520b8f84a1dce5ce624474a797394e7aafd3c29f5dcd25", [:rebar3], [], "hexpm"}, diff --git a/test/plugs/rate_limit_plug_test.exs b/test/plugs/rate_limit_plug_test.exs new file mode 100644 index 000000000..2ec9a8fb7 --- /dev/null +++ b/test/plugs/rate_limit_plug_test.exs @@ -0,0 +1,50 @@ +defmodule Pleroma.Plugs.RateLimitPlugTest do + use ExUnit.Case, async: true + use Plug.Test + + alias Pleroma.Plugs.RateLimitPlug + + @opts RateLimitPlug.init(%{max_requests: 5, interval: 1}) + + setup do + enabled = Pleroma.Config.get([:app_account_creation, :enabled]) + + Pleroma.Config.put([:app_account_creation, :enabled], true) + + on_exit(fn -> + Pleroma.Config.put([:app_account_creation, :enabled], enabled) + end) + + :ok + end + + test "it restricts by opts" do + conn = conn(:get, "/") + bucket_name = conn.remote_ip |> Tuple.to_list() |> Enum.join(".") + ms = 1000 + + conn = RateLimitPlug.call(conn, @opts) + {1, 4, _, _, _} = ExRated.inspect_bucket(bucket_name, ms, 5) + conn = RateLimitPlug.call(conn, @opts) + {2, 3, _, _, _} = ExRated.inspect_bucket(bucket_name, ms, 5) + conn = RateLimitPlug.call(conn, @opts) + {3, 2, _, _, _} = ExRated.inspect_bucket(bucket_name, ms, 5) + conn = RateLimitPlug.call(conn, @opts) + {4, 1, _, _, _} = ExRated.inspect_bucket(bucket_name, ms, 5) + conn = RateLimitPlug.call(conn, @opts) + {5, 0, to_reset, _, _} = ExRated.inspect_bucket(bucket_name, ms, 5) + conn = RateLimitPlug.call(conn, @opts) + assert conn.status == 403 + assert conn.halted + assert conn.resp_body == "{\"error\":\"Rate limit exceeded.\"}" + + Process.sleep(to_reset) + + conn = conn(:get, "/") + conn = RateLimitPlug.call(conn, @opts) + {1, 4, _, _, _} = ExRated.inspect_bucket(bucket_name, ms, 5) + refute conn.status == 403 + refute conn.halted + refute conn.resp_body + end +end diff --git a/test/user_test.exs b/test/user_test.exs index adc77a264..60de0206e 100644 --- a/test/user_test.exs +++ b/test/user_test.exs @@ -349,7 +349,7 @@ test "it creates unconfirmed user" do end test "it creates confirmed user if :confirmed option is given" do - changeset = User.register_changeset(%User{}, @full_user_data, confirmed: true) + changeset = User.register_changeset(%User{}, @full_user_data, need_confirmation: false) assert changeset.valid? {:ok, user} = Repo.insert(changeset) diff --git a/test/web/mastodon_api/mastodon_api_controller_test.exs b/test/web/mastodon_api/mastodon_api_controller_test.exs index 537cd98d5..5c79ee633 100644 --- a/test/web/mastodon_api/mastodon_api_controller_test.exs +++ b/test/web/mastodon_api/mastodon_api_controller_test.exs @@ -16,6 +16,7 @@ defmodule Pleroma.Web.MastodonAPI.MastodonAPIControllerTest do alias Pleroma.Web.CommonAPI alias Pleroma.Web.MastodonAPI.FilterView alias Pleroma.Web.OAuth.App + alias Pleroma.Web.OAuth.Token alias Pleroma.Web.OStatus alias Pleroma.Web.Push alias Pleroma.Web.TwitterAPI.TwitterAPI @@ -3216,4 +3217,129 @@ test "Repeated posts that are replies incorrectly have in_reply_to_id null", %{c replied_to_user = User.get_by_ap_id(replied_to.data["actor"]) assert reblogged_activity["reblog"]["in_reply_to_account_id"] == replied_to_user.id end + + describe "create account by app" do + setup do + enabled = Pleroma.Config.get([:app_account_creation, :enabled]) + max_requests = Pleroma.Config.get([:app_account_creation, :max_requests]) + interval = Pleroma.Config.get([:app_account_creation, :interval]) + + Pleroma.Config.put([:app_account_creation, :enabled], true) + Pleroma.Config.put([:app_account_creation, :max_requests], 5) + Pleroma.Config.put([:app_account_creation, :interval], 1) + + on_exit(fn -> + Pleroma.Config.put([:app_account_creation, :enabled], enabled) + Pleroma.Config.put([:app_account_creation, :max_requests], max_requests) + Pleroma.Config.put([:app_account_creation, :interval], interval) + end) + + :ok + end + + test "Account registration via Application", %{conn: conn} do + conn = + conn + |> post("/api/v1/apps", %{ + client_name: "client_name", + redirect_uris: "urn:ietf:wg:oauth:2.0:oob", + scopes: "read, write, follow" + }) + + %{ + "client_id" => client_id, + "client_secret" => client_secret, + "id" => _, + "name" => "client_name", + "redirect_uri" => "urn:ietf:wg:oauth:2.0:oob", + "vapid_key" => _, + "website" => nil + } = json_response(conn, 200) + + conn = + conn + |> post("/oauth/token", %{ + grant_type: "client_credentials", + client_id: client_id, + client_secret: client_secret + }) + + assert %{"access_token" => token, "refresh_token" => refresh, "scope" => scope} = + json_response(conn, 200) + + assert token + token_from_db = Repo.get_by(Token, token: token) + assert token_from_db + assert refresh + assert scope == "read write follow" + + conn = + build_conn() + |> put_req_header("authorization", "Bearer " <> token) + |> post("/api/v1/accounts", %{ + username: "lain", + email: "lain@example.org", + password: "PlzDontHackLain", + agreement: true + }) + + %{ + "access_token" => token, + "created_at" => _created_at, + "scope" => _scope, + "token_type" => "Bearer" + } = json_response(conn, 200) + + token_from_db = Repo.get_by(Token, token: token) + assert token_from_db + token_from_db = Repo.preload(token_from_db, :user) + assert token_from_db.user + + assert token_from_db.user.info.confirmation_pending + end + + test "rate limit", %{conn: conn} do + app_token = insert(:oauth_token, user: nil) + + conn = + put_req_header(conn, "authorization", "Bearer " <> app_token.token) + |> Map.put(:remote_ip, {15, 15, 15, 15}) + + for i <- 1..5 do + conn = + conn + |> post("/api/v1/accounts", %{ + username: "#{i}lain", + email: "#{i}lain@example.org", + password: "PlzDontHackLain", + agreement: true + }) + + %{ + "access_token" => token, + "created_at" => _created_at, + "scope" => _scope, + "token_type" => "Bearer" + } = json_response(conn, 200) + + token_from_db = Repo.get_by(Token, token: token) + assert token_from_db + token_from_db = Repo.preload(token_from_db, :user) + assert token_from_db.user + + assert token_from_db.user.info.confirmation_pending + end + + conn = + conn + |> post("/api/v1/accounts", %{ + username: "6lain", + email: "6lain@example.org", + password: "PlzDontHackLain", + agreement: true + }) + + assert json_response(conn, 403) == %{"error" => "Rate limit exceeded."} + end + end end diff --git a/test/web/oauth/oauth_controller_test.exs b/test/web/oauth/oauth_controller_test.exs index cb6836983..1c04ac9ad 100644 --- a/test/web/oauth/oauth_controller_test.exs +++ b/test/web/oauth/oauth_controller_test.exs @@ -614,6 +614,27 @@ test "issues a token for request with HTTP basic auth client credentials" do assert token.scopes == ["scope1", "scope2"] end + test "issue a token for client_credentials grant type" do + app = insert(:oauth_app, scopes: ["read", "write"]) + + conn = + build_conn() + |> post("/oauth/token", %{ + "grant_type" => "client_credentials", + "client_id" => app.client_id, + "client_secret" => app.client_secret + }) + + assert %{"access_token" => token, "refresh_token" => refresh, "scope" => scope} = + json_response(conn, 200) + + assert token + token_from_db = Repo.get_by(Token, token: token) + assert token_from_db + assert refresh + assert scope == "read write" + end + test "rejects token exchange with invalid client credentials" do user = insert(:user) app = insert(:oauth_app) @@ -644,7 +665,7 @@ test "rejects token exchange for valid credentials belonging to unconfirmed user password = "testpassword" user = insert(:user, password_hash: Comeonin.Pbkdf2.hashpwsalt(password)) - info_change = Pleroma.User.Info.confirmation_changeset(user.info, :unconfirmed) + info_change = Pleroma.User.Info.confirmation_changeset(user.info, need_confirmation: true) {:ok, user} = user diff --git a/test/web/twitter_api/twitter_api_controller_test.exs b/test/web/twitter_api/twitter_api_controller_test.exs index 90718cfb4..e194f14fb 100644 --- a/test/web/twitter_api/twitter_api_controller_test.exs +++ b/test/web/twitter_api/twitter_api_controller_test.exs @@ -1094,7 +1094,7 @@ test "it returns 500 when user is not local", %{conn: conn, user: user} do describe "GET /api/account/confirm_email/:id/:token" do setup do user = insert(:user) - info_change = User.Info.confirmation_changeset(user.info, :unconfirmed) + info_change = User.Info.confirmation_changeset(user.info, need_confirmation: true) {:ok, user} = user @@ -1145,7 +1145,7 @@ test "it returns 500 if token is invalid", %{conn: conn, user: user} do end user = insert(:user) - info_change = User.Info.confirmation_changeset(user.info, :unconfirmed) + info_change = User.Info.confirmation_changeset(user.info, need_confirmation: true) {:ok, user} = user diff --git a/test/web/views/error_view_test.exs b/test/web/views/error_view_test.exs index d529fd2c3..3857d585f 100644 --- a/test/web/views/error_view_test.exs +++ b/test/web/views/error_view_test.exs @@ -4,6 +4,7 @@ defmodule Pleroma.Web.ErrorViewTest do use Pleroma.Web.ConnCase, async: true + import ExUnit.CaptureLog # Bring render/3 and render_to_string/3 for testing custom views import Phoenix.View @@ -13,17 +14,23 @@ test "renders 404.json" do end test "render 500.json" do - assert render(Pleroma.Web.ErrorView, "500.json", []) == - %{errors: %{detail: "Internal server error", reason: "nil"}} + assert capture_log(fn -> + assert render(Pleroma.Web.ErrorView, "500.json", []) == + %{errors: %{detail: "Internal server error", reason: "nil"}} + end) =~ "[error] Internal server error: nil" end test "render any other" do - assert render(Pleroma.Web.ErrorView, "505.json", []) == - %{errors: %{detail: "Internal server error", reason: "nil"}} + assert capture_log(fn -> + assert render(Pleroma.Web.ErrorView, "505.json", []) == + %{errors: %{detail: "Internal server error", reason: "nil"}} + end) =~ "[error] Internal server error: nil" end test "render 500.json with reason" do - assert render(Pleroma.Web.ErrorView, "500.json", reason: "test reason") == - %{errors: %{detail: "Internal server error", reason: "\"test reason\""}} + assert capture_log(fn -> + assert render(Pleroma.Web.ErrorView, "500.json", reason: "test reason") == + %{errors: %{detail: "Internal server error", reason: "\"test reason\""}} + end) =~ "[error] Internal server error: \"test reason\"" end end From 32d4630c9ca1c89e655b37b3b939d728f569dc9f Mon Sep 17 00:00:00 2001 From: William Pitcock Date: Mon, 13 May 2019 01:58:30 +0000 Subject: [PATCH 044/170] user: move initial post fetching to job queue --- lib/pleroma/user.ex | 31 ++++++++++++++++++------------- 1 file changed, 18 insertions(+), 13 deletions(-) diff --git a/lib/pleroma/user.ex b/lib/pleroma/user.ex index 474de9ba5..a79da4dd8 100644 --- a/lib/pleroma/user.ex +++ b/lib/pleroma/user.ex @@ -552,8 +552,7 @@ def get_or_fetch_by_nickname(nickname) do with [_nick, _domain] <- String.split(nickname, "@"), {:ok, user} <- fetch_by_nickname(nickname) do if Pleroma.Config.get([:fetch_initial_posts, :enabled]) do - # TODO turn into job - {:ok, _} = Task.start(__MODULE__, :fetch_initial_posts, [user]) + fetch_initial_posts(user) end {:ok, user} @@ -564,15 +563,8 @@ def get_or_fetch_by_nickname(nickname) do end @doc "Fetch some posts when the user has just been federated with" - def fetch_initial_posts(user) do - pages = Pleroma.Config.get!([:fetch_initial_posts, :pages]) - - Enum.each( - # Insert all the posts in reverse order, so they're in the right order on the timeline - Enum.reverse(Utils.fetch_ordered_collection(user.info.source_data["outbox"], pages)), - &Pleroma.Web.Federator.incoming_ap_doc/1 - ) - end + def fetch_initial_posts(user), + do: PleromaJobQueue.enqueue(:background, __MODULE__, [:fetch_initial_posts, user]) @spec get_followers_query(User.t(), pos_integer() | nil) :: Ecto.Query.t() def get_followers_query(%User{} = user, nil) do @@ -1077,6 +1069,19 @@ def perform(:delete, %User{} = user) do delete_user_activities(user) end + @spec perform(atom(), User.t()) :: {:ok, User.t()} + def perform(:fetch_initial_posts, %User{} = user) do + pages = Pleroma.Config.get!([:fetch_initial_posts, :pages]) + + Enum.each( + # Insert all the posts in reverse order, so they're in the right order on the timeline + Enum.reverse(Utils.fetch_ordered_collection(user.info.source_data["outbox"], pages)), + &Pleroma.Web.Federator.incoming_ap_doc/1 + ) + + {:ok, user} + end + def delete_user_activities(%User{ap_id: ap_id} = user) do stream = ap_id @@ -1130,8 +1135,8 @@ def get_or_fetch_by_ap_id(ap_id) do resp = fetch_by_ap_id(ap_id) if should_fetch_initial do - with {:ok, %User{} = user} = resp do - {:ok, _} = Task.start(__MODULE__, :fetch_initial_posts, [user]) + with {:ok, %User{} = user} <- resp do + fetch_initial_posts(user) end end From 57d11ac9dbe4f3befd288cb0f59f368968474f93 Mon Sep 17 00:00:00 2001 From: William Pitcock Date: Mon, 13 May 2019 02:02:00 +0000 Subject: [PATCH 045/170] activitypub: move post rich media fetching to job queue --- lib/pleroma/web/activity_pub/activity_pub.ex | 4 +--- lib/pleroma/web/rich_media/helpers.ex | 2 ++ 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/lib/pleroma/web/activity_pub/activity_pub.ex b/lib/pleroma/web/activity_pub/activity_pub.ex index 11777c220..d7c0ab4d3 100644 --- a/lib/pleroma/web/activity_pub/activity_pub.ex +++ b/lib/pleroma/web/activity_pub/activity_pub.ex @@ -133,9 +133,7 @@ def insert(map, local \\ true, fake \\ false) when is_map(map) do activity end - Task.start(fn -> - Pleroma.Web.RichMedia.Helpers.fetch_data_for_activity(activity) - end) + PleromaJobQueue.enqueue(:background, Pleroma.Web.RichMedia.Helpers, [:fetch, activity]) Notification.create_notifications(activity) diff --git a/lib/pleroma/web/rich_media/helpers.ex b/lib/pleroma/web/rich_media/helpers.ex index f67aaf58b..0162a5be9 100644 --- a/lib/pleroma/web/rich_media/helpers.ex +++ b/lib/pleroma/web/rich_media/helpers.ex @@ -34,4 +34,6 @@ def fetch_data_for_activity(%Activity{data: %{"type" => "Create"}} = activity) d end def fetch_data_for_activity(_), do: %{} + + def perform(:fetch, %Activity{} = activity), do: fetch_data_for_activity(activity) end From 69a9e0563cc441a772c4884d747bb755ddf58c45 Mon Sep 17 00:00:00 2001 From: William Pitcock Date: Mon, 13 May 2019 02:09:28 +0000 Subject: [PATCH 046/170] user: migrate follow/blocks import to job queue --- lib/pleroma/user.ex | 73 ++++++++++--------- .../controllers/util_controller.ex | 14 +++- 2 files changed, 50 insertions(+), 37 deletions(-) diff --git a/lib/pleroma/user.ex b/lib/pleroma/user.ex index a79da4dd8..c94660de4 100644 --- a/lib/pleroma/user.ex +++ b/lib/pleroma/user.ex @@ -413,24 +413,6 @@ def following?(%User{} = follower, %User{} = followed) do Enum.member?(follower.following, followed.follower_address) end - def follow_import(%User{} = follower, followed_identifiers) - when is_list(followed_identifiers) do - Enum.map( - followed_identifiers, - fn followed_identifier -> - with {:ok, %User{} = followed} <- get_or_fetch(followed_identifier), - {:ok, follower} <- maybe_direct_follow(follower, followed), - {:ok, _} <- ActivityPub.follow(follower, followed) do - followed - else - err -> - Logger.debug("follow_import failed for #{followed_identifier} with: #{inspect(err)}") - err - end - end - ) - end - def locked?(%User{} = user) do user.info.locked || false end @@ -844,23 +826,6 @@ defp trigram_search_subquery(term) do ) end - def blocks_import(%User{} = blocker, blocked_identifiers) when is_list(blocked_identifiers) do - Enum.map( - blocked_identifiers, - fn blocked_identifier -> - with {:ok, %User{} = blocked} <- get_or_fetch(blocked_identifier), - {:ok, blocker} <- block(blocker, blocked), - {:ok, _} <- ActivityPub.block(blocker, blocked) do - blocked - else - err -> - Logger.debug("blocks_import failed for #{blocked_identifier} with: #{inspect(err)}") - err - end - end - ) - end - def mute(muter, %User{ap_id: ap_id}) do info_cng = muter.info @@ -1082,6 +1047,44 @@ def perform(:fetch_initial_posts, %User{} = user) do {:ok, user} end + @spec perform(atom(), User.t(), list()) :: list() | {:error, any()} + def perform(:blocks_import, %User{} = blocker, blocked_identifiers) + when is_list(blocked_identifiers) do + Enum.map( + blocked_identifiers, + fn blocked_identifier -> + with {:ok, %User{} = blocked} <- get_or_fetch(blocked_identifier), + {:ok, blocker} <- block(blocker, blocked), + {:ok, _} <- ActivityPub.block(blocker, blocked) do + blocked + else + err -> + Logger.debug("blocks_import failed for #{blocked_identifier} with: #{inspect(err)}") + err + end + end + ) + end + + @spec perform(atom(), User.t(), list()) :: list() | {:error, any()} + def perform(:follow_import, %User{} = follower, followed_identifiers) + when is_list(followed_identifiers) do + Enum.map( + followed_identifiers, + fn followed_identifier -> + with {:ok, %User{} = followed} <- get_or_fetch(followed_identifier), + {:ok, follower} <- maybe_direct_follow(follower, followed), + {:ok, _} <- ActivityPub.follow(follower, followed) do + followed + else + err -> + Logger.debug("follow_import failed for #{followed_identifier} with: #{inspect(err)}") + err + end + end + ) + end + def delete_user_activities(%User{ap_id: ap_id} = user) do stream = ap_id diff --git a/lib/pleroma/web/twitter_api/controllers/util_controller.ex b/lib/pleroma/web/twitter_api/controllers/util_controller.ex index c03f8ab3a..143960206 100644 --- a/lib/pleroma/web/twitter_api/controllers/util_controller.ex +++ b/lib/pleroma/web/twitter_api/controllers/util_controller.ex @@ -310,7 +310,12 @@ def follow_import(%{assigns: %{user: follower}} = conn, %{"list" => list}) do String.split(line, ",") |> List.first() end) |> List.delete("Account address"), - {:ok, _} = Task.start(fn -> User.follow_import(follower, followed_identifiers) end) do + :ok <- + PleromaJobQueue.enqueue(:background, User, [ + :follow_import, + follower, + followed_identifiers + ]) do json(conn, "job started") end end @@ -321,7 +326,12 @@ def blocks_import(conn, %{"list" => %Plug.Upload{} = listfile}) do def blocks_import(%{assigns: %{user: blocker}} = conn, %{"list" => list}) do with blocked_identifiers <- String.split(list), - {:ok, _} = Task.start(fn -> User.blocks_import(blocker, blocked_identifiers) end) do + :ok <- + PleromaJobQueue.enqueue(:background, User, [ + :blocks_import, + blocker, + blocked_identifiers + ]) do json(conn, "job started") end end From 498bfdf403b6d20f92363a4b650dd0b926351e17 Mon Sep 17 00:00:00 2001 From: Mark Felder Date: Mon, 13 May 2019 15:37:38 -0500 Subject: [PATCH 047/170] Switch to Jason over Poison --- lib/mix/tasks/pleroma/emoji.ex | 12 ++++++------ lib/pleroma/captcha/kocaptcha.ex | 2 +- lib/pleroma/uploaders/swift/keystone.ex | 4 ++-- lib/pleroma/web/activity_pub/utils.ex | 2 +- lib/pleroma/web/federator/federator.ex | 2 +- lib/pleroma/web/oauth/oauth_controller.ex | 4 ++-- 6 files changed, 13 insertions(+), 13 deletions(-) diff --git a/lib/mix/tasks/pleroma/emoji.ex b/lib/mix/tasks/pleroma/emoji.ex index 5cb54c3ca..d2ddf450a 100644 --- a/lib/mix/tasks/pleroma/emoji.ex +++ b/lib/mix/tasks/pleroma/emoji.ex @@ -137,7 +137,7 @@ def run(["get-packs" | args]) do ]) ) - files = Tesla.get!(client(), files_url).body |> Poison.decode!() + files = Tesla.get!(client(), files_url).body |> Jason.decode!() IO.puts(IO.ANSI.format(["Unpacking ", :bright, pack_name])) @@ -239,7 +239,7 @@ def run(["gen-pack", src]) do emoji_map = Pleroma.Emoji.make_shortcode_to_file_map(tmp_pack_dir, exts) - File.write!(files_name, Poison.encode!(emoji_map, pretty: true)) + File.write!(files_name, Jason.encode!(emoji_map, pretty: true)) IO.puts(""" @@ -248,11 +248,11 @@ def run(["gen-pack", src]) do """) if File.exists?("index.json") do - existing_data = File.read!("index.json") |> Poison.decode!() + existing_data = File.read!("index.json") |> Jason.decode!() File.write!( "index.json", - Poison.encode!( + Jason.encode!( Map.merge( existing_data, pack_json @@ -263,14 +263,14 @@ def run(["gen-pack", src]) do IO.puts("index.json file has been update with the #{name} pack") else - File.write!("index.json", Poison.encode!(pack_json, pretty: true)) + File.write!("index.json", Jason.encode!(pack_json, pretty: true)) IO.puts("index.json has been created with the #{name} pack") end end defp fetch_manifest(from) do - Poison.decode!( + Jason.decode!( if String.starts_with?(from, "http") do Tesla.get!(client(), from).body else diff --git a/lib/pleroma/captcha/kocaptcha.ex b/lib/pleroma/captcha/kocaptcha.ex index 61688e778..18931d5a0 100644 --- a/lib/pleroma/captcha/kocaptcha.ex +++ b/lib/pleroma/captcha/kocaptcha.ex @@ -15,7 +15,7 @@ def new do %{error: "Kocaptcha service unavailable"} {:ok, res} -> - json_resp = Poison.decode!(res.body) + json_resp = Jason.decode!(res.body) %{ type: :kocaptcha, diff --git a/lib/pleroma/uploaders/swift/keystone.ex b/lib/pleroma/uploaders/swift/keystone.ex index 3046cdbd2..dd44c7561 100644 --- a/lib/pleroma/uploaders/swift/keystone.ex +++ b/lib/pleroma/uploaders/swift/keystone.ex @@ -14,7 +14,7 @@ def process_url(url) do def process_response_body(body) do body - |> Poison.decode!() + |> Jason.decode!() end def get_token do @@ -38,7 +38,7 @@ def get_token do end def make_auth_body(username, password, tenant) do - Poison.encode!(%{ + Jason.encode!(%{ :auth => %{ :passwordCredentials => %{ :username => username, diff --git a/lib/pleroma/web/activity_pub/utils.ex b/lib/pleroma/web/activity_pub/utils.ex index 581b9d1ab..236d1b4ac 100644 --- a/lib/pleroma/web/activity_pub/utils.ex +++ b/lib/pleroma/web/activity_pub/utils.ex @@ -682,7 +682,7 @@ def make_flag_data(params, additional) do """ def fetch_ordered_collection(from, pages_left, acc \\ []) do with {:ok, response} <- Tesla.get(from), - {:ok, collection} <- Poison.decode(response.body) do + {:ok, collection} <- Jason.decode(response.body) do case collection["type"] do "OrderedCollection" -> # If we've encountered the OrderedCollection and not the page, diff --git a/lib/pleroma/web/federator/federator.ex b/lib/pleroma/web/federator/federator.ex index 8621eda95..169fdf4dc 100644 --- a/lib/pleroma/web/federator/federator.ex +++ b/lib/pleroma/web/federator/federator.ex @@ -117,7 +117,7 @@ def perform(:incoming_ap_doc, params) do _e -> # Just drop those for now Logger.info("Unhandled activity") - Logger.info(Poison.encode!(params, pretty: 2)) + Logger.info(Jason.encode!(params, pretty: true)) :error end end diff --git a/lib/pleroma/web/oauth/oauth_controller.ex b/lib/pleroma/web/oauth/oauth_controller.ex index 862b8f8c9..4ee8339e2 100644 --- a/lib/pleroma/web/oauth/oauth_controller.ex +++ b/lib/pleroma/web/oauth/oauth_controller.ex @@ -274,7 +274,7 @@ def prepare_request(conn, %{"provider" => provider, "authorization" => auth_attr auth_attrs |> Map.delete("scopes") |> Map.put("scope", scope) - |> Poison.encode!() + |> Jason.encode!() params = auth_attrs @@ -338,7 +338,7 @@ def callback(conn, params) do end defp callback_params(%{"state" => state} = params) do - Map.merge(params, Poison.decode!(state)) + Map.merge(params, Jason.decode!(state)) end def registration_details(conn, %{"authorization" => auth_attrs}) do From bbacdf235299e0c26c61f9b4784d4638093be343 Mon Sep 17 00:00:00 2001 From: Mark Felder Date: Mon, 13 May 2019 15:52:16 -0500 Subject: [PATCH 048/170] Bump Mastodon API level --- lib/pleroma/web/mastodon_api/mastodon_api_controller.ex | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lib/pleroma/web/mastodon_api/mastodon_api_controller.ex b/lib/pleroma/web/mastodon_api/mastodon_api_controller.ex index defd88a44..87e597074 100644 --- a/lib/pleroma/web/mastodon_api/mastodon_api_controller.ex +++ b/lib/pleroma/web/mastodon_api/mastodon_api_controller.ex @@ -178,7 +178,7 @@ def user(%{assigns: %{user: for_user}} = conn, %{"id" => nickname_or_id}) do end end - @mastodon_api_level "2.6.5" + @mastodon_api_level "2.7.2" def masto_instance(conn, _params) do instance = Config.get(:instance) From 6e1538cb76f7338e8bcb535e0d4989dc7aed84e8 Mon Sep 17 00:00:00 2001 From: Mark Felder Date: Mon, 13 May 2019 16:11:06 -0500 Subject: [PATCH 049/170] Document AdminFE in changelog --- CHANGELOG.md | 1 + 1 file changed, 1 insertion(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index cb934dab4..5c0baa317 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -31,6 +31,7 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/). - Metadata RelMe provider - OAuth: added support for refresh tokens - Emoji packs and emoji pack manager +- AdminFE: initial release with basic user management accessible at /pleroma/admin/ ### Changed - **Breaking:** Configuration: move from Pleroma.Mailer to Pleroma.Emails.Mailer From a18b2c0b12b413c9a8d0aa0d4fd3b15e0e843cdf Mon Sep 17 00:00:00 2001 From: Aaron Tinio Date: Tue, 14 May 2019 06:40:59 +0800 Subject: [PATCH 050/170] Fix Pleroma.Config.get!/1 raising an error when value is false --- lib/pleroma/config.ex | 8 ++++++-- test/config_test.exs | 18 ++++++++++++++++++ 2 files changed, 24 insertions(+), 2 deletions(-) diff --git a/lib/pleroma/config.ex b/lib/pleroma/config.ex index 189faa15f..71a47b9fb 100644 --- a/lib/pleroma/config.ex +++ b/lib/pleroma/config.ex @@ -12,8 +12,12 @@ def get(key), do: get(key, nil) def get([key], default), do: get(key, default) def get([parent_key | keys], default) do - Application.get_env(:pleroma, parent_key) - |> get_in(keys) || default + case :pleroma + |> Application.get_env(parent_key) + |> get_in(keys) do + nil -> default + any -> any + end end def get(key, default) do diff --git a/test/config_test.exs b/test/config_test.exs index 0a6f0395a..73f3fcb0a 100644 --- a/test/config_test.exs +++ b/test/config_test.exs @@ -28,6 +28,15 @@ test "get/1 with a list of keys" do assert Pleroma.Config.get([:azerty, :uiop], true) == true end + test "get/1 when value is false" do + Pleroma.Config.put([:instance, :false_test], false) + Pleroma.Config.put([:instance, :nested], []) + Pleroma.Config.put([:instance, :nested, :false_test], false) + + assert Pleroma.Config.get([:instance, :false_test]) == false + assert Pleroma.Config.get([:instance, :nested, :false_test]) == false + end + test "get!/1" do assert Pleroma.Config.get!(:instance) == Application.get_env(:pleroma, :instance) @@ -43,6 +52,15 @@ test "get!/1" do end) end + test "get!/1 when value is false" do + Pleroma.Config.put([:instance, :false_test], false) + Pleroma.Config.put([:instance, :nested], []) + Pleroma.Config.put([:instance, :nested, :false_test], false) + + assert Pleroma.Config.get!([:instance, :false_test]) == false + assert Pleroma.Config.get!([:instance, :nested, :false_test]) == false + end + test "put/2 with a key" do Pleroma.Config.put(:config_test, true) From b92c004ea8a9ecd066b8eddf755a07a175338416 Mon Sep 17 00:00:00 2001 From: Egor Kislitsyn Date: Tue, 14 May 2019 18:29:10 +0700 Subject: [PATCH 051/170] Reuse query from User.restrict_deactivated/1 --- lib/pleroma/user.ex | 2 +- lib/pleroma/user/query.ex | 4 +--- 2 files changed, 2 insertions(+), 4 deletions(-) diff --git a/lib/pleroma/user.ex b/lib/pleroma/user.ex index cf378d467..3eb684c3a 100644 --- a/lib/pleroma/user.ex +++ b/lib/pleroma/user.ex @@ -115,7 +115,7 @@ def user_info(%User{} = user) do } end - defp restrict_deactivated(query) do + def restrict_deactivated(query) do from(u in query, where: not fragment("? \\? 'deactivated' AND ?->'deactivated' @> 'true'", u.info, u.info) ) diff --git a/lib/pleroma/user/query.ex b/lib/pleroma/user/query.ex index 3873ef80c..ace9c05f2 100644 --- a/lib/pleroma/user/query.ex +++ b/lib/pleroma/user/query.ex @@ -119,9 +119,7 @@ defp compose_query({:active, _}, query) do end defp compose_query({:deactivated, false}, query) do - from(u in query, - where: not fragment("? \\? 'deactivated' AND ?->'deactivated' @> 'true'", u.info, u.info) - ) + User.restrict_deactivated(query) end defp compose_query({:deactivated, true}, query) do From c1665fd94de456768ddd59b8873d1bd26878970d Mon Sep 17 00:00:00 2001 From: Egor Kislitsyn Date: Tue, 14 May 2019 18:40:21 +0700 Subject: [PATCH 052/170] Update CHANGELOG --- CHANGELOG.md | 1 + 1 file changed, 1 insertion(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index 5c0baa317..17e913648 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -64,6 +64,7 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/). - Deps: Updated Ecto to 3.0.7 - Don't ship finmoji by default, they can be installed as an emoji pack - Admin API: Move the user related API to `api/pleroma/admin/users` +- Hide deactivated users and their statuses ### Fixed - Added an FTS index on objects. Running `vacuum analyze` and setting a larger `work_mem` is recommended. From 52297920e74ad7f51bcd3b118522e5e3a8e1c794 Mon Sep 17 00:00:00 2001 From: Maksim Date: Tue, 14 May 2019 14:49:45 +0000 Subject: [PATCH 053/170] Refactoring oauth response. --- lib/pleroma/web/oauth/oauth_controller.ex | 77 ++++------------------- lib/pleroma/web/oauth/token/response.ex | 32 ++++++++++ lib/pleroma/web/oauth/token/utils.ex | 38 +++++++++++ test/web/oauth/token/utils_test.exs | 53 ++++++++++++++++ 4 files changed, 136 insertions(+), 64 deletions(-) create mode 100644 lib/pleroma/web/oauth/token/response.ex create mode 100644 test/web/oauth/token/utils_test.exs diff --git a/lib/pleroma/web/oauth/oauth_controller.ex b/lib/pleroma/web/oauth/oauth_controller.ex index 4ee8339e2..ae2b80d95 100644 --- a/lib/pleroma/web/oauth/oauth_controller.ex +++ b/lib/pleroma/web/oauth/oauth_controller.ex @@ -19,8 +19,6 @@ defmodule Pleroma.Web.OAuth.OAuthController do if Pleroma.Config.oauth_consumer_enabled?(), do: plug(Ueberauth) - @expires_in Pleroma.Config.get([:oauth2, :token_expires_in], 600) - plug(:fetch_session) plug(:fetch_flash) @@ -144,14 +142,14 @@ defp handle_create_authorization_error(conn, error, %{"authorization" => _}) do @doc "Renew access_token with refresh_token" def token_exchange( conn, - %{"grant_type" => "refresh_token", "refresh_token" => token} = params + %{"grant_type" => "refresh_token", "refresh_token" => token} = _params ) do - with %App{} = app <- get_app_from_request(conn, params), + with {:ok, app} <- Token.Utils.fetch_app(conn), {:ok, %{user: user} = token} <- Token.get_by_refresh_token(app, token), {:ok, token} <- RefreshToken.grant(token) do response_attrs = %{created_at: Token.Utils.format_created_at(token)} - json(conn, response_token(user, token, response_attrs)) + json(conn, Token.Response.build(user, token, response_attrs)) else _error -> put_status(conn, 400) @@ -160,14 +158,14 @@ def token_exchange( end def token_exchange(conn, %{"grant_type" => "authorization_code"} = params) do - with %App{} = app <- get_app_from_request(conn, params), + with {:ok, app} <- Token.Utils.fetch_app(conn), fixed_token = Token.Utils.fix_padding(params["code"]), {:ok, auth} <- Authorization.get_by_token(app, fixed_token), %User{} = user <- User.get_cached_by_id(auth.user_id), {:ok, token} <- Token.exchange_token(app, auth) do response_attrs = %{created_at: Token.Utils.format_created_at(token)} - json(conn, response_token(user, token, response_attrs)) + json(conn, Token.Response.build(user, token, response_attrs)) else _error -> put_status(conn, 400) @@ -179,14 +177,14 @@ def token_exchange( conn, %{"grant_type" => "password"} = params ) do - with {_, {:ok, %User{} = user}} <- {:get_user, Authenticator.get_user(conn)}, - %App{} = app <- get_app_from_request(conn, params), + with {:ok, %User{} = user} <- Authenticator.get_user(conn), + {:ok, app} <- Token.Utils.fetch_app(conn), {:auth_active, true} <- {:auth_active, User.auth_active?(user)}, {:user_active, true} <- {:user_active, !user.info.deactivated}, {:ok, scopes} <- validate_scopes(app, params), {:ok, auth} <- Authorization.create_authorization(app, user, scopes), {:ok, token} <- Token.exchange_token(app, auth) do - json(conn, response_token(user, token)) + json(conn, Token.Response.build(user, token)) else {:auth_active, false} -> # Per https://github.com/tootsuite/mastodon/blob/ @@ -218,21 +216,11 @@ def token_exchange( token_exchange(conn, params) end - def token_exchange(conn, %{"grant_type" => "client_credentials"} = params) do - with %App{} = app <- get_app_from_request(conn, params), + def token_exchange(conn, %{"grant_type" => "client_credentials"} = _params) do + with {:ok, app} <- Token.Utils.fetch_app(conn), {:ok, auth} <- Authorization.create_authorization(app, %User{}), - {:ok, token} <- Token.exchange_token(app, auth), - {:ok, inserted_at} <- DateTime.from_naive(token.inserted_at, "Etc/UTC") do - response = %{ - token_type: "Bearer", - access_token: token.token, - refresh_token: token.refresh_token, - created_at: DateTime.to_unix(inserted_at), - expires_in: 60 * 10, - scope: Enum.join(token.scopes, " ") - } - - json(conn, response) + {:ok, token} <- Token.exchange_token(app, auth) do + json(conn, Token.Response.build_for_client_credentials(token)) else _error -> put_status(conn, 400) @@ -244,7 +232,7 @@ def token_exchange(conn, %{"grant_type" => "client_credentials"} = params) do def token_exchange(conn, params), do: bad_request(conn, params) def token_revoke(conn, %{"token" => _token} = params) do - with %App{} = app <- get_app_from_request(conn, params), + with {:ok, app} <- Token.Utils.fetch_app(conn), {:ok, _token} <- RevokeToken.revoke(app, params) do json(conn, %{}) else @@ -427,33 +415,6 @@ defp do_create_authorization( end end - defp get_app_from_request(conn, params) do - conn - |> fetch_client_credentials(params) - |> fetch_client - end - - defp fetch_client({id, secret}) when is_binary(id) and is_binary(secret) do - Repo.get_by(App, client_id: id, client_secret: secret) - end - - defp fetch_client({_id, _secret}), do: nil - - defp fetch_client_credentials(conn, params) do - # Per RFC 6749, HTTP Basic is preferred to body params - with ["Basic " <> encoded] <- get_req_header(conn, "authorization"), - {:ok, decoded} <- Base.decode64(encoded), - [id, secret] <- - Enum.map( - String.split(decoded, ":"), - fn s -> URI.decode_www_form(s) end - ) do - {id, secret} - else - _ -> {params["client_id"], params["client_secret"]} - end - end - # Special case: Local MastodonFE defp redirect_uri(conn, "."), do: mastodon_api_url(conn, :login) @@ -464,18 +425,6 @@ defp get_session_registration_id(conn), do: get_session(conn, :registration_id) defp put_session_registration_id(conn, registration_id), do: put_session(conn, :registration_id, registration_id) - defp response_token(%User{} = user, token, opts \\ %{}) do - %{ - token_type: "Bearer", - access_token: token.token, - refresh_token: token.refresh_token, - expires_in: @expires_in, - scope: Enum.join(token.scopes, " "), - me: user.ap_id - } - |> Map.merge(opts) - end - @spec validate_scopes(App.t(), map()) :: {:ok, list()} | {:error, :missing_scopes | :unsupported_scopes} defp validate_scopes(app, params) do diff --git a/lib/pleroma/web/oauth/token/response.ex b/lib/pleroma/web/oauth/token/response.ex new file mode 100644 index 000000000..64e78b183 --- /dev/null +++ b/lib/pleroma/web/oauth/token/response.ex @@ -0,0 +1,32 @@ +defmodule Pleroma.Web.OAuth.Token.Response do + @moduledoc false + + alias Pleroma.User + alias Pleroma.Web.OAuth.Token.Utils + + @expires_in Pleroma.Config.get([:oauth2, :token_expires_in], 600) + + @doc false + def build(%User{} = user, token, opts \\ %{}) do + %{ + token_type: "Bearer", + access_token: token.token, + refresh_token: token.refresh_token, + expires_in: @expires_in, + scope: Enum.join(token.scopes, " "), + me: user.ap_id + } + |> Map.merge(opts) + end + + def build_for_client_credentials(token) do + %{ + token_type: "Bearer", + access_token: token.token, + refresh_token: token.refresh_token, + created_at: Utils.format_created_at(token), + expires_in: @expires_in, + scope: Enum.join(token.scopes, " ") + } + end +end diff --git a/lib/pleroma/web/oauth/token/utils.ex b/lib/pleroma/web/oauth/token/utils.ex index a81560a1c..7a4fddafd 100644 --- a/lib/pleroma/web/oauth/token/utils.ex +++ b/lib/pleroma/web/oauth/token/utils.ex @@ -3,6 +3,44 @@ defmodule Pleroma.Web.OAuth.Token.Utils do Auxiliary functions for dealing with tokens. """ + alias Pleroma.Repo + alias Pleroma.Web.OAuth.App + + @doc "Fetch app by client credentials from request" + @spec fetch_app(Plug.Conn.t()) :: {:ok, App.t()} | {:error, :not_found} + def fetch_app(conn) do + res = + conn + |> fetch_client_credentials() + |> fetch_client + + case res do + %App{} = app -> {:ok, app} + _ -> {:error, :not_found} + end + end + + defp fetch_client({id, secret}) when is_binary(id) and is_binary(secret) do + Repo.get_by(App, client_id: id, client_secret: secret) + end + + defp fetch_client({_id, _secret}), do: nil + + defp fetch_client_credentials(conn) do + # Per RFC 6749, HTTP Basic is preferred to body params + with ["Basic " <> encoded] <- Plug.Conn.get_req_header(conn, "authorization"), + {:ok, decoded} <- Base.decode64(encoded), + [id, secret] <- + Enum.map( + String.split(decoded, ":"), + fn s -> URI.decode_www_form(s) end + ) do + {id, secret} + else + _ -> {conn.params["client_id"], conn.params["client_secret"]} + end + end + @doc "convert token inserted_at to unix timestamp" def format_created_at(%{inserted_at: inserted_at} = _token) do inserted_at diff --git a/test/web/oauth/token/utils_test.exs b/test/web/oauth/token/utils_test.exs new file mode 100644 index 000000000..20e338cab --- /dev/null +++ b/test/web/oauth/token/utils_test.exs @@ -0,0 +1,53 @@ +# Pleroma: A lightweight social networking server +# Copyright © 2017-2018 Pleroma Authors +# SPDX-License-Identifier: AGPL-3.0-only + +defmodule Pleroma.Web.OAuth.Token.UtilsTest do + use Pleroma.DataCase + alias Pleroma.Web.OAuth.Token.Utils + import Pleroma.Factory + + describe "fetch_app/1" do + test "returns error when credentials is invalid" do + assert {:error, :not_found} = + Utils.fetch_app(%Plug.Conn{params: %{"client_id" => 1, "client_secret" => "x"}}) + end + + test "returns App by params credentails" do + app = insert(:oauth_app) + + assert {:ok, load_app} = + Utils.fetch_app(%Plug.Conn{ + params: %{"client_id" => app.client_id, "client_secret" => app.client_secret} + }) + + assert load_app == app + end + + test "returns App by header credentails" do + app = insert(:oauth_app) + header = "Basic " <> Base.encode64("#{app.client_id}:#{app.client_secret}") + + conn = + %Plug.Conn{} + |> Plug.Conn.put_req_header("authorization", header) + + assert {:ok, load_app} = Utils.fetch_app(conn) + assert load_app == app + end + end + + describe "format_created_at/1" do + test "returns formatted created at" do + token = insert(:oauth_token) + date = Utils.format_created_at(token) + + token_date = + token.inserted_at + |> DateTime.from_naive!("Etc/UTC") + |> DateTime.to_unix() + + assert token_date == date + end + end +end From ac3a3abf6bfae5a6217e0a212abd6be0b4a17309 Mon Sep 17 00:00:00 2001 From: William Pitcock Date: Tue, 14 May 2019 15:07:38 +0000 Subject: [PATCH 054/170] clean up follow/block imports a little --- lib/pleroma/user.ex | 16 +++++++++++ .../controllers/util_controller.ex | 28 +++++++++---------- 2 files changed, 30 insertions(+), 14 deletions(-) diff --git a/lib/pleroma/user.ex b/lib/pleroma/user.ex index c94660de4..417d57d72 100644 --- a/lib/pleroma/user.ex +++ b/lib/pleroma/user.ex @@ -1085,6 +1085,22 @@ def perform(:follow_import, %User{} = follower, followed_identifiers) ) end + def blocks_import(%User{} = blocker, blocked_identifiers) when is_list(blocked_identifiers), + do: + PleromaJobQueue.enqueue(:background, __MODULE__, [ + :blocks_import, + blocker, + blocked_identifiers + ]) + + def follow_import(%User{} = follower, followed_identifiers) when is_list(followed_identifiers), + do: + PleromaJobQueue.enqueue(:background, __MODULE__, [ + :follow_import, + follower, + followed_identifiers + ]) + def delete_user_activities(%User{ap_id: ap_id} = user) do stream = ap_id diff --git a/lib/pleroma/web/twitter_api/controllers/util_controller.ex b/lib/pleroma/web/twitter_api/controllers/util_controller.ex index 143960206..deaacd946 100644 --- a/lib/pleroma/web/twitter_api/controllers/util_controller.ex +++ b/lib/pleroma/web/twitter_api/controllers/util_controller.ex @@ -309,13 +309,13 @@ def follow_import(%{assigns: %{user: follower}} = conn, %{"list" => list}) do Enum.map(lines, fn line -> String.split(line, ",") |> List.first() end) - |> List.delete("Account address"), - :ok <- - PleromaJobQueue.enqueue(:background, User, [ - :follow_import, - follower, - followed_identifiers - ]) do + |> List.delete("Account address") do + PleromaJobQueue.enqueue(:background, User, [ + :follow_import, + follower, + followed_identifiers + ]) + json(conn, "job started") end end @@ -325,13 +325,13 @@ def blocks_import(conn, %{"list" => %Plug.Upload{} = listfile}) do end def blocks_import(%{assigns: %{user: blocker}} = conn, %{"list" => list}) do - with blocked_identifiers <- String.split(list), - :ok <- - PleromaJobQueue.enqueue(:background, User, [ - :blocks_import, - blocker, - blocked_identifiers - ]) do + with blocked_identifiers <- String.split(list) do + PleromaJobQueue.enqueue(:background, User, [ + :blocks_import, + blocker, + blocked_identifiers + ]) + json(conn, "job started") end end From 51325fd60cf96e2ae99e09f53264f2ca1e69781b Mon Sep 17 00:00:00 2001 From: William Pitcock Date: Tue, 14 May 2019 15:35:06 +0000 Subject: [PATCH 055/170] gopher: fix rendering of post content (closes #895) --- lib/pleroma/gopher/server.ex | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/lib/pleroma/gopher/server.ex b/lib/pleroma/gopher/server.ex index 1d2e0785c..b3319e137 100644 --- a/lib/pleroma/gopher/server.ex +++ b/lib/pleroma/gopher/server.ex @@ -77,13 +77,13 @@ def render_activities(activities) do user = User.get_cached_by_ap_id(activity.data["actor"]) object = Object.normalize(activity) - like_count = object["like_count"] || 0 - announcement_count = object["announcement_count"] || 0 + like_count = object.data["like_count"] || 0 + announcement_count = object.data["announcement_count"] || 0 link("Post ##{activity.id} by #{user.nickname}", "/notices/#{activity.id}") <> info("#{like_count} likes, #{announcement_count} repeats") <> "i\tfake\t(NULL)\t0\r\n" <> - info(HTML.strip_tags(String.replace(object["content"], "
", "\r"))) + info(HTML.strip_tags(String.replace(object.data["content"], "
", "\r"))) end) |> Enum.join("i\tfake\t(NULL)\t0\r\n") end From 1caa6331eaba71db5a04b2097ef06fd6e4a54739 Mon Sep 17 00:00:00 2001 From: Mark Felder Date: Tue, 14 May 2019 12:33:03 -0500 Subject: [PATCH 056/170] Group def perform() together to fix the build --- lib/pleroma/user.ex | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/lib/pleroma/user.ex b/lib/pleroma/user.ex index 19f91d63c..c6a562a61 100644 --- a/lib/pleroma/user.ex +++ b/lib/pleroma/user.ex @@ -1014,8 +1014,6 @@ def deactivate_async(user, status \\ true) do PleromaJobQueue.enqueue(:background, __MODULE__, [:deactivate_async, user, status]) end - def perform(:deactivate_async, user, status), do: deactivate(user, status) - def deactivate(%User{} = user, status \\ true) do info_cng = User.Info.set_activation_status(user.info, status) @@ -1074,6 +1072,8 @@ def perform(:fetch_initial_posts, %User{} = user) do {:ok, user} end + def perform(:deactivate_async, user, status), do: deactivate(user, status) + @spec perform(atom(), User.t(), list()) :: list() | {:error, any()} def perform(:blocks_import, %User{} = blocker, blocked_identifiers) when is_list(blocked_identifiers) do From 38f3393e934330454fb942048c19ee5640563a08 Mon Sep 17 00:00:00 2001 From: rinpatch Date: Tue, 14 May 2019 22:47:23 +0300 Subject: [PATCH 057/170] Make rate limiting for Mastodon Registration API less agressive and enable it by default. As discussed on irc. Unlike Mastodon our web interface for registrations is using the same APIs regular apps would be using, so 5 requests per 30 minutes per IP could hurt valid use-cases when Pleroma-FE switches to it. Also enable the endpoint by default, it makes no sense to have it disabled when 1. TwitterAPI endpoint is there and always enabled 2. Unlike Mastodon, there is no way to get an account without using the APIs (makes me wonder why the setting is even there) Also in this commit: minor changelog improvements. --- CHANGELOG.md | 12 ++++++------ config/config.exs | 2 +- 2 files changed, 7 insertions(+), 7 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 17e913648..c563c39da 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -22,16 +22,16 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/). - Admin API: Endpoints for listing/revoking invite tokens - Admin API: Endpoints for making users follow/unfollow each other - Admin API: added filters (role, tags, email, name) for users endpoint +- AdminFE: initial release with basic user management accessible at /pleroma/admin/ - Mastodon API: [Scheduled statuses](https://docs.joinmastodon.org/api/rest/scheduled-statuses/) - Mastodon API: `/api/v1/notifications/destroy_multiple` (glitch-soc extension) - Mastodon API: `/api/v1/pleroma/accounts/:id/favourites` (API extension) - Mastodon API: [Reports](https://docs.joinmastodon.org/api/rest/reports/) -- Mastodon API: REST API for creating an account +- Mastodon API: `POST /api/v1/accounts` (account creation API) - ActivityPub C2S: OAuth endpoints -- Metadata RelMe provider +- Metadata: RelMe provider - OAuth: added support for refresh tokens - Emoji packs and emoji pack manager -- AdminFE: initial release with basic user management accessible at /pleroma/admin/ ### Changed - **Breaking:** Configuration: move from Pleroma.Mailer to Pleroma.Emails.Mailer @@ -44,8 +44,9 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/). - Federation: Removed `inReplyToStatusId` from objects - Configuration: Dedupe enabled by default - Configuration: Added `extra_cookie_attrs` for setting non-standard cookie attributes. Defaults to ["SameSite=Lax"] so that remote follows work. -- Pleroma API: Support for emoji tags in `/api/pleroma/emoji` resulting in a breaking API change - Timelines: Messages involving people you have blocked will be excluded from the timeline in all cases instead of just repeats. +- Admin API: Move the user related API to `api/pleroma/admin/users` +- Pleroma API: Support for emoji tags in `/api/pleroma/emoji` resulting in a breaking API change - Mastodon API: Support for `exclude_types`, `limit` and `min_id` in `/api/v1/notifications` - Mastodon API: Add `languages` and `registrations` to `/api/v1/instance` - Mastodon API: Provide plaintext versions of cw/content in the Status entity @@ -63,7 +64,6 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/). - Deps: Updated Cowboy to 2.6 - Deps: Updated Ecto to 3.0.7 - Don't ship finmoji by default, they can be installed as an emoji pack -- Admin API: Move the user related API to `api/pleroma/admin/users` - Hide deactivated users and their statuses ### Fixed @@ -71,7 +71,7 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/). - Followers counter not being updated when a follower is blocked - Deactivated users being able to request an access token - Limit on request body in rich media/relme parsers being ignored resulting in a possible memory leak -- proper Twitter Card generation instead of a dummy +- Proper Twitter Card generation instead of a dummy - Deletions failing for users with a large number of posts - NodeInfo: Include admins in `staffAccounts` - ActivityPub: Crashing when requesting empty local user's outbox diff --git a/config/config.exs b/config/config.exs index 8d44c96de..32c7fecb8 100644 --- a/config/config.exs +++ b/config/config.exs @@ -239,7 +239,7 @@ safe_dm_mentions: false, healthcheck: false -config :pleroma, :app_account_creation, enabled: false, max_requests: 5, interval: 1800 +config :pleroma, :app_account_creation, enabled: true, max_requests: 25, interval: 1800 config :pleroma, :markup, # XXX - unfortunately, inline images must be enabled by default right now, because From 071f78733aaa8a6546c9267d14381be9c0af0333 Mon Sep 17 00:00:00 2001 From: William Pitcock Date: Tue, 14 May 2019 20:03:13 +0000 Subject: [PATCH 058/170] switch to pleroma/http_signatures library --- config/config.exs | 3 + lib/pleroma/plugs/http_signature.ex | 1 - lib/pleroma/signature.ex | 41 ++++ lib/pleroma/web/activity_pub/publisher.ex | 2 +- .../web/http_signatures/http_signatures.ex | 91 -------- mix.exs | 3 + mix.lock | 1 + test/web/http_sigs/http_sig_test.exs | 194 ------------------ test/web/http_sigs/priv.key | 15 -- test/web/http_sigs/pub.key | 6 - 10 files changed, 49 insertions(+), 308 deletions(-) create mode 100644 lib/pleroma/signature.ex delete mode 100644 lib/pleroma/web/http_signatures/http_signatures.ex delete mode 100644 test/web/http_sigs/http_sig_test.exs delete mode 100644 test/web/http_sigs/priv.key delete mode 100644 test/web/http_sigs/pub.key diff --git a/config/config.exs b/config/config.exs index 8d44c96de..b75a370f1 100644 --- a/config/config.exs +++ b/config/config.exs @@ -484,6 +484,9 @@ token_expires_in: 600, issue_new_refresh_token: true +config :http_signatures, + adapter: Pleroma.Signature + # Import environment specific config. This must remain at the bottom # of this file so it overrides the configuration defined above. import_config "#{Mix.env()}.exs" diff --git a/lib/pleroma/plugs/http_signature.ex b/lib/pleroma/plugs/http_signature.ex index 21c195713..e2874c469 100644 --- a/lib/pleroma/plugs/http_signature.ex +++ b/lib/pleroma/plugs/http_signature.ex @@ -4,7 +4,6 @@ defmodule Pleroma.Web.Plugs.HTTPSignaturePlug do alias Pleroma.Web.ActivityPub.Utils - alias Pleroma.Web.HTTPSignatures import Plug.Conn require Logger diff --git a/lib/pleroma/signature.ex b/lib/pleroma/signature.ex new file mode 100644 index 000000000..b7ecf00a0 --- /dev/null +++ b/lib/pleroma/signature.ex @@ -0,0 +1,41 @@ +# Pleroma: A lightweight social networking server +# Copyright © 2017-2019 Pleroma Authors +# SPDX-License-Identifier: AGPL-3.0-only + +defmodule Pleroma.Signature do + @behaviour HTTPSignatures.Adapter + + alias Pleroma.User + alias Pleroma.Web.ActivityPub.ActivityPub + alias Pleroma.Web.ActivityPub.Utils + alias Pleroma.Web.Salmon + alias Pleroma.Web.WebFinger + + def fetch_public_key(conn) do + with actor_id <- Utils.get_ap_id(conn.params["actor"]), + {:ok, public_key} <- User.get_public_key_for_ap_id(actor_id) do + {:ok, public_key} + else + e -> + {:error, e} + end + end + + def refetch_public_key(conn) do + with actor_id <- Utils.get_ap_id(conn.params["actor"]), + {:ok, _user} <- ActivityPub.make_user_from_ap_id(actor_id), + {:ok, public_key} <- User.get_public_key_for_ap_id(actor_id) do + {:ok, public_key} + else + e -> + {:error, e} + end + end + + def sign(%User{} = user, headers) do + with {:ok, %{info: %{keys: keys}}} <- WebFinger.ensure_keys_present(user), + {:ok, private_key, _} <- Salmon.keys_from_pem(keys) do + HTTPSignatures.sign(private_key, user.ap_id <> "#main-key", headers) + end + end +end diff --git a/lib/pleroma/web/activity_pub/publisher.ex b/lib/pleroma/web/activity_pub/publisher.ex index 8e3af0a81..11dba87de 100644 --- a/lib/pleroma/web/activity_pub/publisher.ex +++ b/lib/pleroma/web/activity_pub/publisher.ex @@ -54,7 +54,7 @@ def publish_one(%{inbox: inbox, json: json, actor: %User{} = actor, id: id} = pa |> Timex.format!("{WDshort}, {0D} {Mshort} {YYYY} {h24}:{m}:{s} GMT") signature = - Pleroma.Web.HTTPSignatures.sign(actor, %{ + Pleroma.Signature.sign(actor, %{ host: host, "content-length": byte_size(json), digest: digest, diff --git a/lib/pleroma/web/http_signatures/http_signatures.ex b/lib/pleroma/web/http_signatures/http_signatures.ex deleted file mode 100644 index 8e2e2a44b..000000000 --- a/lib/pleroma/web/http_signatures/http_signatures.ex +++ /dev/null @@ -1,91 +0,0 @@ -# Pleroma: A lightweight social networking server -# Copyright © 2017-2019 Pleroma Authors -# SPDX-License-Identifier: AGPL-3.0-only - -# https://tools.ietf.org/html/draft-cavage-http-signatures-08 -defmodule Pleroma.Web.HTTPSignatures do - alias Pleroma.User - alias Pleroma.Web.ActivityPub.ActivityPub - alias Pleroma.Web.ActivityPub.Utils - - require Logger - - def split_signature(sig) do - default = %{"headers" => "date"} - - sig = - sig - |> String.trim() - |> String.split(",") - |> Enum.reduce(default, fn part, acc -> - [key | rest] = String.split(part, "=") - value = Enum.join(rest, "=") - Map.put(acc, key, String.trim(value, "\"")) - end) - - Map.put(sig, "headers", String.split(sig["headers"], ~r/\s/)) - end - - def validate(headers, signature, public_key) do - sigstring = build_signing_string(headers, signature["headers"]) - Logger.debug("Signature: #{signature["signature"]}") - Logger.debug("Sigstring: #{sigstring}") - {:ok, sig} = Base.decode64(signature["signature"]) - :public_key.verify(sigstring, :sha256, sig, public_key) - end - - def validate_conn(conn) do - # TODO: How to get the right key and see if it is actually valid for that request. - # For now, fetch the key for the actor. - with actor_id <- Utils.get_ap_id(conn.params["actor"]), - {:ok, public_key} <- User.get_public_key_for_ap_id(actor_id) do - if validate_conn(conn, public_key) do - true - else - Logger.debug("Could not validate, re-fetching user and trying one more time") - # Fetch user anew and try one more time - with actor_id <- Utils.get_ap_id(conn.params["actor"]), - {:ok, _user} <- ActivityPub.make_user_from_ap_id(actor_id), - {:ok, public_key} <- User.get_public_key_for_ap_id(actor_id) do - validate_conn(conn, public_key) - end - end - else - _e -> - Logger.debug("Could not public key!") - false - end - end - - def validate_conn(conn, public_key) do - headers = Enum.into(conn.req_headers, %{}) - signature = split_signature(headers["signature"]) - validate(headers, signature, public_key) - end - - def build_signing_string(headers, used_headers) do - used_headers - |> Enum.map(fn header -> "#{header}: #{headers[header]}" end) - |> Enum.join("\n") - end - - def sign(user, headers) do - with {:ok, %{info: %{keys: keys}}} <- Pleroma.Web.WebFinger.ensure_keys_present(user), - {:ok, private_key, _} = Pleroma.Web.Salmon.keys_from_pem(keys) do - sigstring = build_signing_string(headers, Map.keys(headers)) - - signature = - :public_key.sign(sigstring, :sha256, private_key) - |> Base.encode64() - - [ - keyId: user.ap_id <> "#main-key", - algorithm: "rsa-sha256", - headers: Map.keys(headers) |> Enum.join(" "), - signature: signature - ] - |> Enum.map(fn {k, v} -> "#{k}=\"#{v}\"" end) - |> Enum.join(",") - end - end -end diff --git a/mix.exs b/mix.exs index b7b9d534d..033d86bb3 100644 --- a/mix.exs +++ b/mix.exs @@ -103,6 +103,9 @@ defp deps do {:auto_linker, git: "https://git.pleroma.social/pleroma/auto_linker.git", ref: "c00c4e75b35367fa42c95ffd9b8c455bf9995829"}, + {:http_signatures, + git: "https://git.pleroma.social/pleroma/http_signatures.git", + ref: "9789401987096ead65646b52b5a2ca6bf52fc531"}, {:pleroma_job_queue, "~> 0.2.0"}, {:telemetry, "~> 0.3"}, {:prometheus_ex, "~> 3.0"}, diff --git a/mix.lock b/mix.lock index 0b24818c5..a28d9f353 100644 --- a/mix.lock +++ b/mix.lock @@ -37,6 +37,7 @@ "hackney": {:hex, :hackney, "1.15.1", "9f8f471c844b8ce395f7b6d8398139e26ddca9ebc171a8b91342ee15a19963f4", [:rebar3], [{:certifi, "2.5.1", [hex: :certifi, repo: "hexpm", optional: false]}, {:idna, "6.0.0", [hex: :idna, repo: "hexpm", optional: false]}, {:metrics, "1.0.1", [hex: :metrics, repo: "hexpm", optional: false]}, {:mimerl, "~>1.1", [hex: :mimerl, repo: "hexpm", optional: false]}, {:ssl_verify_fun, "1.1.4", [hex: :ssl_verify_fun, repo: "hexpm", optional: false]}], "hexpm"}, "html_entities": {:hex, :html_entities, "0.4.0", "f2fee876858cf6aaa9db608820a3209e45a087c5177332799592142b50e89a6b", [:mix], [], "hexpm"}, "html_sanitize_ex": {:hex, :html_sanitize_ex, "1.3.0", "f005ad692b717691203f940c686208aa3d8ffd9dd4bb3699240096a51fa9564e", [:mix], [{:mochiweb, "~> 2.15", [hex: :mochiweb, repo: "hexpm", optional: false]}], "hexpm"}, + "http_signatures": {:git, "https://git.pleroma.social/pleroma/http_signatures.git", "9789401987096ead65646b52b5a2ca6bf52fc531", [ref: "9789401987096ead65646b52b5a2ca6bf52fc531"]}, "httpoison": {:hex, :httpoison, "1.2.0", "2702ed3da5fd7a8130fc34b11965c8cfa21ade2f232c00b42d96d4967c39a3a3", [:mix], [{:hackney, "~> 1.8", [hex: :hackney, repo: "hexpm", optional: false]}], "hexpm"}, "idna": {:hex, :idna, "6.0.0", "689c46cbcdf3524c44d5f3dde8001f364cd7608a99556d8fbd8239a5798d4c10", [:rebar3], [{:unicode_util_compat, "0.4.1", [hex: :unicode_util_compat, repo: "hexpm", optional: false]}], "hexpm"}, "jason": {:hex, :jason, "1.1.2", "b03dedea67a99223a2eaf9f1264ce37154564de899fd3d8b9a21b1a6fd64afe7", [:mix], [{:decimal, "~> 1.0", [hex: :decimal, repo: "hexpm", optional: true]}], "hexpm"}, diff --git a/test/web/http_sigs/http_sig_test.exs b/test/web/http_sigs/http_sig_test.exs deleted file mode 100644 index c4d2eaf78..000000000 --- a/test/web/http_sigs/http_sig_test.exs +++ /dev/null @@ -1,194 +0,0 @@ -# Pleroma: A lightweight social networking server -# Copyright © 2017-2018 Pleroma Authors -# SPDX-License-Identifier: AGPL-3.0-only - -# http signatures -# Test data from https://tools.ietf.org/html/draft-cavage-http-signatures-08#appendix-C -defmodule Pleroma.Web.HTTPSignaturesTest do - use Pleroma.DataCase - alias Pleroma.Web.HTTPSignatures - import Pleroma.Factory - import Tesla.Mock - - setup do - mock(fn env -> apply(HttpRequestMock, :request, [env]) end) - :ok - end - - @public_key hd(:public_key.pem_decode(File.read!("test/web/http_sigs/pub.key"))) - |> :public_key.pem_entry_decode() - - @headers %{ - "(request-target)" => "post /foo?param=value&pet=dog", - "host" => "example.com", - "date" => "Thu, 05 Jan 2014 21:31:40 GMT", - "content-type" => "application/json", - "digest" => "SHA-256=X48E9qOokqqrvdts8nOJRJN3OWDUoyWxBf7kbu9DBPE=", - "content-length" => "18" - } - - @default_signature """ - keyId="Test",algorithm="rsa-sha256",signature="jKyvPcxB4JbmYY4mByyBY7cZfNl4OW9HpFQlG7N4YcJPteKTu4MWCLyk+gIr0wDgqtLWf9NLpMAMimdfsH7FSWGfbMFSrsVTHNTk0rK3usrfFnti1dxsM4jl0kYJCKTGI/UWkqiaxwNiKqGcdlEDrTcUhhsFsOIo8VhddmZTZ8w=" - """ - - @basic_signature """ - keyId="Test",algorithm="rsa-sha256",headers="(request-target) host date",signature="HUxc9BS3P/kPhSmJo+0pQ4IsCo007vkv6bUm4Qehrx+B1Eo4Mq5/6KylET72ZpMUS80XvjlOPjKzxfeTQj4DiKbAzwJAb4HX3qX6obQTa00/qPDXlMepD2JtTw33yNnm/0xV7fQuvILN/ys+378Ysi082+4xBQFwvhNvSoVsGv4=" - """ - - @all_headers_signature """ - keyId="Test",algorithm="rsa-sha256",headers="(request-target) host date content-type digest content-length",signature="Ef7MlxLXoBovhil3AlyjtBwAL9g4TN3tibLj7uuNB3CROat/9KaeQ4hW2NiJ+pZ6HQEOx9vYZAyi+7cmIkmJszJCut5kQLAwuX+Ms/mUFvpKlSo9StS2bMXDBNjOh4Auj774GFj4gwjS+3NhFeoqyr/MuN6HsEnkvn6zdgfE2i0=" - """ - - test "split up a signature" do - expected = %{ - "keyId" => "Test", - "algorithm" => "rsa-sha256", - "signature" => - "jKyvPcxB4JbmYY4mByyBY7cZfNl4OW9HpFQlG7N4YcJPteKTu4MWCLyk+gIr0wDgqtLWf9NLpMAMimdfsH7FSWGfbMFSrsVTHNTk0rK3usrfFnti1dxsM4jl0kYJCKTGI/UWkqiaxwNiKqGcdlEDrTcUhhsFsOIo8VhddmZTZ8w=", - "headers" => ["date"] - } - - assert HTTPSignatures.split_signature(@default_signature) == expected - end - - test "validates the default case" do - signature = HTTPSignatures.split_signature(@default_signature) - assert HTTPSignatures.validate(@headers, signature, @public_key) - end - - test "validates the basic case" do - signature = HTTPSignatures.split_signature(@basic_signature) - assert HTTPSignatures.validate(@headers, signature, @public_key) - end - - test "validates the all-headers case" do - signature = HTTPSignatures.split_signature(@all_headers_signature) - assert HTTPSignatures.validate(@headers, signature, @public_key) - end - - test "it contructs a signing string" do - expected = "date: Thu, 05 Jan 2014 21:31:40 GMT\ncontent-length: 18" - assert expected == HTTPSignatures.build_signing_string(@headers, ["date", "content-length"]) - end - - test "it validates a conn" do - public_key_pem = - "-----BEGIN PUBLIC KEY-----\nMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnGb42rPZIapY4Hfhxrgn\nxKVJczBkfDviCrrYaYjfGxawSw93dWTUlenCVTymJo8meBlFgIQ70ar4rUbzl6GX\nMYvRdku072d1WpglNHXkjKPkXQgngFDrh2sGKtNB/cEtJcAPRO8OiCgPFqRtMiNM\nc8VdPfPdZuHEIZsJ/aUM38EnqHi9YnVDQik2xxDe3wPghOhqjxUM6eLC9jrjI+7i\naIaEygUdyst9qVg8e2FGQlwAeS2Eh8ygCxn+bBlT5OyV59jSzbYfbhtF2qnWHtZy\nkL7KOOwhIfGs7O9SoR2ZVpTEQ4HthNzainIe/6iCR5HGrao/T8dygweXFYRv+k5A\nPQIDAQAB\n-----END PUBLIC KEY-----\n" - - [public_key] = :public_key.pem_decode(public_key_pem) - - public_key = - public_key - |> :public_key.pem_entry_decode() - - conn = %{ - req_headers: [ - {"host", "localtesting.pleroma.lol"}, - {"connection", "close"}, - {"content-length", "2316"}, - {"user-agent", "http.rb/2.2.2 (Mastodon/2.1.0.rc3; +http://mastodon.example.org/)"}, - {"date", "Sun, 10 Dec 2017 14:23:49 GMT"}, - {"digest", "SHA-256=x/bHADMW8qRrq2NdPb5P9fl0lYpKXXpe5h5maCIL0nM="}, - {"content-type", "application/activity+json"}, - {"(request-target)", "post /users/demiurge/inbox"}, - {"signature", - "keyId=\"http://mastodon.example.org/users/admin#main-key\",algorithm=\"rsa-sha256\",headers=\"(request-target) user-agent host date digest content-type\",signature=\"i0FQvr51sj9BoWAKydySUAO1RDxZmNY6g7M62IA7VesbRSdFZZj9/fZapLp6YSuvxUF0h80ZcBEq9GzUDY3Chi9lx6yjpUAS2eKb+Am/hY3aswhnAfYd6FmIdEHzsMrpdKIRqO+rpQ2tR05LwiGEHJPGS0p528NvyVxrxMT5H5yZS5RnxY5X2HmTKEgKYYcvujdv7JWvsfH88xeRS7Jlq5aDZkmXvqoR4wFyfgnwJMPLel8P/BUbn8BcXglH/cunR0LUP7sflTxEz+Rv5qg+9yB8zgBsB4C0233WpcJxjeD6Dkq0EcoJObBR56F8dcb7NQtUDu7x6xxzcgSd7dHm5w==\""} - ] - } - - assert HTTPSignatures.validate_conn(conn, public_key) - end - - test "it validates a conn and fetches the key" do - conn = %{ - params: %{"actor" => "http://mastodon.example.org/users/admin"}, - req_headers: [ - {"host", "localtesting.pleroma.lol"}, - {"x-forwarded-for", "127.0.0.1"}, - {"connection", "close"}, - {"content-length", "2307"}, - {"user-agent", "http.rb/2.2.2 (Mastodon/2.1.0.rc3; +http://mastodon.example.org/)"}, - {"date", "Sun, 11 Feb 2018 17:12:01 GMT"}, - {"digest", "SHA-256=UXsAnMtR9c7mi1FOf6HRMtPgGI1yi2e9nqB/j4rZ99I="}, - {"content-type", "application/activity+json"}, - {"signature", - "keyId=\"http://mastodon.example.org/users/admin#main-key\",algorithm=\"rsa-sha256\",headers=\"(request-target) user-agent host date digest content-type\",signature=\"qXKqpQXUpC3d9bZi2ioEeAqP8nRMD021CzH1h6/w+LRk4Hj31ARJHDwQM+QwHltwaLDUepshMfz2WHSXAoLmzWtvv7xRwY+mRqe+NGk1GhxVZ/LSrO/Vp7rYfDpfdVtkn36LU7/Bzwxvvaa4ZWYltbFsRBL0oUrqsfmJFswNCQIG01BB52BAhGSCORHKtQyzo1IZHdxl8y80pzp/+FOK2SmHkqWkP9QbaU1qTZzckL01+7M5btMW48xs9zurEqC2sM5gdWMQSZyL6isTV5tmkTZrY8gUFPBJQZgihK44v3qgfWojYaOwM8ATpiv7NG8wKN/IX7clDLRMA8xqKRCOKw==\""}, - {"(request-target)", "post /users/demiurge/inbox"} - ] - } - - assert HTTPSignatures.validate_conn(conn) - end - - test "validate this" do - conn = %{ - params: %{"actor" => "https://niu.moe/users/rye"}, - req_headers: [ - {"x-forwarded-for", "149.202.73.191"}, - {"host", "testing.pleroma.lol"}, - {"x-cluster-client-ip", "149.202.73.191"}, - {"connection", "upgrade"}, - {"content-length", "2396"}, - {"user-agent", "http.rb/3.0.0 (Mastodon/2.2.0; +https://niu.moe/)"}, - {"date", "Sun, 18 Feb 2018 20:31:51 GMT"}, - {"digest", "SHA-256=dzH+vLyhxxALoe9RJdMl4hbEV9bGAZnSfddHQzeidTU="}, - {"content-type", "application/activity+json"}, - {"signature", - "keyId=\"https://niu.moe/users/rye#main-key\",algorithm=\"rsa-sha256\",headers=\"(request-target) user-agent host date digest content-type\",signature=\"wtxDg4kIpW7nsnUcVJhBk6SgJeDZOocr8yjsnpDRqE52lR47SH6X7G16r7L1AUJdlnbfx7oqcvomoIJoHB3ghP6kRnZW6MyTMZ2jPoi3g0iC5RDqv6oAmDSO14iw6U+cqZbb3P/odS5LkbThF0UNXcfenVNfsKosIJycFjhNQc54IPCDXYq/7SArEKJp8XwEgzmiC2MdxlkVIUSTQYfjM4EG533cwlZocw1mw72e5mm/owTa80BUZAr0OOuhoWARJV9btMb02ZyAF6SCSoGPTA37wHyfM1Dk88NHf7Z0Aov/Fl65dpRM+XyoxdkpkrhDfH9qAx4iuV2VEWddQDiXHA==\""}, - {"(request-target)", "post /inbox"} - ] - } - - assert HTTPSignatures.validate_conn(conn) - end - - test "validate this too" do - conn = %{ - params: %{"actor" => "https://niu.moe/users/rye"}, - req_headers: [ - {"x-forwarded-for", "149.202.73.191"}, - {"host", "testing.pleroma.lol"}, - {"x-cluster-client-ip", "149.202.73.191"}, - {"connection", "upgrade"}, - {"content-length", "2342"}, - {"user-agent", "http.rb/3.0.0 (Mastodon/2.2.0; +https://niu.moe/)"}, - {"date", "Sun, 18 Feb 2018 21:44:46 GMT"}, - {"digest", "SHA-256=vS8uDOJlyAu78cF3k5EzrvaU9iilHCX3chP37gs5sS8="}, - {"content-type", "application/activity+json"}, - {"signature", - "keyId=\"https://niu.moe/users/rye#main-key\",algorithm=\"rsa-sha256\",headers=\"(request-target) user-agent host date digest content-type\",signature=\"IN6fHD8pLiDEf35dOaRHzJKc1wBYh3/Yq0ItaNGxUSbJTd2xMjigZbcsVKzvgYYjglDDN+disGNeD+OBKwMqkXWaWe/lyMc9wHvCH5NMhpn/A7qGLY8yToSt4vh8ytSkZKO6B97yC+Nvy6Fz/yMbvKtFycIvSXCq417cMmY6f/aG+rtMUlTbKO5gXzC7SUgGJCtBPCh1xZzu5/w0pdqdjO46ePNeR6JyJSLLV4hfo3+p2n7SRraxM4ePVCUZqhwS9LPt3Zdhy3ut+IXCZgMVIZggQFM+zXLtcXY5HgFCsFQr5WQDu+YkhWciNWtKFnWfAsnsg5sC330lZ/0Z8Z91yA==\""}, - {"(request-target)", "post /inbox"} - ] - } - - assert HTTPSignatures.validate_conn(conn) - end - - test "it generates a signature" do - user = insert(:user) - assert HTTPSignatures.sign(user, %{host: "mastodon.example.org"}) =~ "keyId=\"" - end - - test "this too" do - conn = %{ - params: %{"actor" => "https://mst3k.interlinked.me/users/luciferMysticus"}, - req_headers: [ - {"host", "soc.canned-death.us"}, - {"user-agent", "http.rb/3.0.0 (Mastodon/2.2.0; +https://mst3k.interlinked.me/)"}, - {"date", "Sun, 11 Mar 2018 12:19:36 GMT"}, - {"digest", "SHA-256=V7Hl6qDK2m8WzNsjzNYSBISi9VoIXLFlyjF/a5o1SOc="}, - {"content-type", "application/activity+json"}, - {"signature", - "keyId=\"https://mst3k.interlinked.me/users/luciferMysticus#main-key\",algorithm=\"rsa-sha256\",headers=\"(request-target) user-agent host date digest content-type\",signature=\"CTYdK5a6lYMxzmqjLOpvRRASoxo2Rqib2VrAvbR5HaTn80kiImj15pCpAyx8IZp53s0Fn/y8MjCTzp+absw8kxx0k2sQAXYs2iy6xhdDUe7iGzz+XLAEqLyZIZfecynaU2nb3Z2XnFDjhGjR1vj/JP7wiXpwp6o1dpDZj+KT2vxHtXuB9585V+sOHLwSB1cGDbAgTy0jx/2az2EGIKK2zkw1KJuAZm0DDMSZalp/30P8dl3qz7DV2EHdDNfaVtrs5BfbDOZ7t1hCcASllzAzgVGFl0BsrkzBfRMeUMRucr111ZG+c0BNOEtJYOHSyZsSSdNknElggCJekONYMYk5ZA==\""}, - {"x-forwarded-for", "2607:5300:203:2899::31:1337"}, - {"x-forwarded-host", "soc.canned-death.us"}, - {"x-forwarded-server", "soc.canned-death.us"}, - {"connection", "Keep-Alive"}, - {"content-length", "2006"}, - {"(request-target)", "post /inbox"} - ] - } - - assert HTTPSignatures.validate_conn(conn) - end -end diff --git a/test/web/http_sigs/priv.key b/test/web/http_sigs/priv.key deleted file mode 100644 index 425518a06..000000000 --- a/test/web/http_sigs/priv.key +++ /dev/null @@ -1,15 +0,0 @@ ------BEGIN RSA PRIVATE KEY----- -MIICXgIBAAKBgQDCFENGw33yGihy92pDjZQhl0C36rPJj+CvfSC8+q28hxA161QF -NUd13wuCTUcq0Qd2qsBe/2hFyc2DCJJg0h1L78+6Z4UMR7EOcpfdUE9Hf3m/hs+F -UR45uBJeDK1HSFHD8bHKD6kv8FPGfJTotc+2xjJwoYi+1hqp1fIekaxsyQIDAQAB -AoGBAJR8ZkCUvx5kzv+utdl7T5MnordT1TvoXXJGXK7ZZ+UuvMNUCdN2QPc4sBiA -QWvLw1cSKt5DsKZ8UETpYPy8pPYnnDEz2dDYiaew9+xEpubyeW2oH4Zx71wqBtOK -kqwrXa/pzdpiucRRjk6vE6YY7EBBs/g7uanVpGibOVAEsqH1AkEA7DkjVH28WDUg -f1nqvfn2Kj6CT7nIcE3jGJsZZ7zlZmBmHFDONMLUrXR/Zm3pR5m0tCmBqa5RK95u -412jt1dPIwJBANJT3v8pnkth48bQo/fKel6uEYyboRtA5/uHuHkZ6FQF7OUkGogc -mSJluOdc5t6hI1VsLn0QZEjQZMEOWr+wKSMCQQCC4kXJEsHAve77oP6HtG/IiEn7 -kpyUXRNvFsDE0czpJJBvL/aRFUJxuRK91jhjC68sA7NsKMGg5OXb5I5Jj36xAkEA -gIT7aFOYBFwGgQAQkWNKLvySgKbAZRTeLBacpHMuQdl1DfdntvAyqpAZ0lY0RKmW -G6aFKaqQfOXKCyWoUiVknQJAXrlgySFci/2ueKlIE1QqIiLSZ8V8OlpFLRnb1pzI -7U1yQXnTAEFYM560yJlzUpOb1V4cScGd365tiSMvxLOvTA== ------END RSA PRIVATE KEY----- diff --git a/test/web/http_sigs/pub.key b/test/web/http_sigs/pub.key deleted file mode 100644 index b3bbf6cb9..000000000 --- a/test/web/http_sigs/pub.key +++ /dev/null @@ -1,6 +0,0 @@ ------BEGIN PUBLIC KEY----- -MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDCFENGw33yGihy92pDjZQhl0C3 -6rPJj+CvfSC8+q28hxA161QFNUd13wuCTUcq0Qd2qsBe/2hFyc2DCJJg0h1L78+6 -Z4UMR7EOcpfdUE9Hf3m/hs+FUR45uBJeDK1HSFHD8bHKD6kv8FPGfJTotc+2xjJw -oYi+1hqp1fIekaxsyQIDAQAB ------END PUBLIC KEY----- From 2ca8d20053ef2abda070b8aba0e6937cf2f07991 Mon Sep 17 00:00:00 2001 From: rinpatch Date: Tue, 14 May 2019 23:16:34 +0300 Subject: [PATCH 059/170] Fix rate-limiting tests --- config/test.exs | 2 ++ 1 file changed, 2 insertions(+) diff --git a/config/test.exs b/config/test.exs index f93bc5994..a0c90c371 100644 --- a/config/test.exs +++ b/config/test.exs @@ -59,6 +59,8 @@ total_user_limit: 3, enabled: false +config :pleroma, :app_account_creation, max_requests: 5 + try do import_config "test.secret.exs" rescue From 7b8dc99ef106314f1418ff1c314b47cf58a3c2d2 Mon Sep 17 00:00:00 2001 From: Aaron Tinio Date: Tue, 14 May 2019 08:21:44 +0800 Subject: [PATCH 060/170] Implement Pleroma.Plugs.EnsurePublicOrAuthenticated --- .../ensure_public_or_authenticated_plug.ex | 31 +++++++++++ ...sure_public_or_authenticated_plug_test.exs | 55 +++++++++++++++++++ 2 files changed, 86 insertions(+) create mode 100644 lib/pleroma/plugs/ensure_public_or_authenticated_plug.ex create mode 100644 test/plugs/ensure_public_or_authenticated_plug_test.exs diff --git a/lib/pleroma/plugs/ensure_public_or_authenticated_plug.ex b/lib/pleroma/plugs/ensure_public_or_authenticated_plug.ex new file mode 100644 index 000000000..317fd5445 --- /dev/null +++ b/lib/pleroma/plugs/ensure_public_or_authenticated_plug.ex @@ -0,0 +1,31 @@ +# Pleroma: A lightweight social networking server +# Copyright © 2017-2019 Pleroma Authors +# SPDX-License-Identifier: AGPL-3.0-only + +defmodule Pleroma.Plugs.EnsurePublicOrAuthenticatedPlug do + import Plug.Conn + alias Pleroma.Config + alias Pleroma.User + + def init(options) do + options + end + + def call(conn, _) do + public? = Config.get!([:instance, :public]) + + case {public?, conn} do + {true, _} -> + conn + + {false, %{assigns: %{user: %User{}}}} -> + conn + + {false, _} -> + conn + |> put_resp_content_type("application/json") + |> send_resp(403, Jason.encode!(%{error: "This resource requires authentication."})) + |> halt + end + end +end diff --git a/test/plugs/ensure_public_or_authenticated_plug_test.exs b/test/plugs/ensure_public_or_authenticated_plug_test.exs new file mode 100644 index 000000000..ce5d77ff7 --- /dev/null +++ b/test/plugs/ensure_public_or_authenticated_plug_test.exs @@ -0,0 +1,55 @@ +# Pleroma: A lightweight social networking server +# Copyright © 2017-2018 Pleroma Authors +# SPDX-License-Identifier: AGPL-3.0-only + +defmodule Pleroma.Plugs.EnsurePublicOrAuthenticatedPlugTest do + use Pleroma.Web.ConnCase, async: true + + alias Pleroma.Config + alias Pleroma.Plugs.EnsurePublicOrAuthenticatedPlug + alias Pleroma.User + + test "it halts if not public and no user is assigned", %{conn: conn} do + set_public_to(false) + + conn = + conn + |> EnsurePublicOrAuthenticatedPlug.call(%{}) + + assert conn.status == 403 + assert conn.halted == true + end + + test "it continues if public", %{conn: conn} do + set_public_to(true) + + ret_conn = + conn + |> EnsurePublicOrAuthenticatedPlug.call(%{}) + + assert ret_conn == conn + end + + test "it continues if a user is assigned, even if not public", %{conn: conn} do + set_public_to(false) + + conn = + conn + |> assign(:user, %User{}) + + ret_conn = + conn + |> EnsurePublicOrAuthenticatedPlug.call(%{}) + + assert ret_conn == conn + end + + defp set_public_to(value) do + orig = Config.get!([:instance, :public]) + Config.put([:instance, :public], value) + + on_exit(fn -> + Config.put([:instance, :public], orig) + end) + end +end From 70c81b95d095a7148085201cfa3a07283ef296d9 Mon Sep 17 00:00:00 2001 From: Aaron Tinio Date: Mon, 13 May 2019 23:07:11 +0800 Subject: [PATCH 061/170] Pipe requests to public endpoints through EnsurePublicOrAuthenticatedPlug --- lib/pleroma/web/router.ex | 16 +++++++++------- .../mastodon_api_controller_test.exs | 13 +++++++++++++ 2 files changed, 22 insertions(+), 7 deletions(-) diff --git a/lib/pleroma/web/router.ex b/lib/pleroma/web/router.ex index 80af0afe1..7fef82f82 100644 --- a/lib/pleroma/web/router.ex +++ b/lib/pleroma/web/router.ex @@ -84,11 +84,13 @@ defmodule Pleroma.Web.Router do plug(Pleroma.Plugs.EnsureUserKeyPlug) end - pipeline :oauth_read_or_unauthenticated do + pipeline :oauth_read_or_public do plug(Pleroma.Plugs.OAuthScopesPlug, %{ scopes: ["read"], fallback: :proceed_unauthenticated }) + + plug(Pleroma.Plugs.EnsurePublicOrAuthenticatedPlug) end pipeline :oauth_read do @@ -404,7 +406,7 @@ defmodule Pleroma.Web.Router do get("/accounts/search", MastodonAPIController, :account_search) scope [] do - pipe_through(:oauth_read_or_unauthenticated) + pipe_through(:oauth_read_or_public) get("/timelines/public", MastodonAPIController, :public_timeline) get("/timelines/tag/:tag", MastodonAPIController, :hashtag_timeline) @@ -425,7 +427,7 @@ defmodule Pleroma.Web.Router do end scope "/api/v2", Pleroma.Web.MastodonAPI do - pipe_through([:api, :oauth_read_or_unauthenticated]) + pipe_through([:api, :oauth_read_or_public]) get("/search", MastodonAPIController, :search2) end @@ -455,7 +457,7 @@ defmodule Pleroma.Web.Router do ) scope [] do - pipe_through(:oauth_read_or_unauthenticated) + pipe_through(:oauth_read_or_public) get("/statuses/user_timeline", TwitterAPI.Controller, :user_timeline) get("/qvitter/statuses/user_timeline", TwitterAPI.Controller, :user_timeline) @@ -473,7 +475,7 @@ defmodule Pleroma.Web.Router do end scope "/api", Pleroma.Web do - pipe_through([:api, :oauth_read_or_unauthenticated]) + pipe_through([:api, :oauth_read_or_public]) get("/statuses/public_timeline", TwitterAPI.Controller, :public_timeline) @@ -487,7 +489,7 @@ defmodule Pleroma.Web.Router do end scope "/api", Pleroma.Web, as: :twitter_api_search do - pipe_through([:api, :oauth_read_or_unauthenticated]) + pipe_through([:api, :oauth_read_or_public]) get("/pleroma/search_user", TwitterAPI.Controller, :search_user) end @@ -671,7 +673,7 @@ defmodule Pleroma.Web.Router do delete("/auth/sign_out", MastodonAPIController, :logout) scope [] do - pipe_through(:oauth_read_or_unauthenticated) + pipe_through(:oauth_read_or_public) get("/web/*path", MastodonAPIController, :index) end end diff --git a/test/web/mastodon_api/mastodon_api_controller_test.exs b/test/web/mastodon_api/mastodon_api_controller_test.exs index 5c79ee633..40e7739e7 100644 --- a/test/web/mastodon_api/mastodon_api_controller_test.exs +++ b/test/web/mastodon_api/mastodon_api_controller_test.exs @@ -81,6 +81,19 @@ test "the public timeline", %{conn: conn} do end) end + test "the public timeline when public is set to false", %{conn: conn} do + public = Pleroma.Config.get([:instance, :public]) + Pleroma.Config.put([:instance, :public], false) + + on_exit(fn -> + Pleroma.Config.put([:instance, :public], public) + end) + + assert conn + |> get("/api/v1/timelines/public", %{"local" => "False"}) + |> json_response(403) == %{"error" => "This resource requires authentication."} + end + test "posting a status", %{conn: conn} do user = insert(:user) From 6c9f45f4ddde48d2239ab68916e65d0ee5c2be76 Mon Sep 17 00:00:00 2001 From: Egor Kislitsyn Date: Wed, 15 May 2019 14:40:20 +0700 Subject: [PATCH 062/170] Remove unused queue from the config --- config/config.exs | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/config/config.exs b/config/config.exs index 32c7fecb8..3452eb1bb 100644 --- a/config/config.exs +++ b/config/config.exs @@ -424,8 +424,7 @@ mailer: 10, transmogrifier: 20, scheduled_activities: 10, - background: 5, - user: 10 + background: 5 config :pleroma, :fetch_initial_posts, enabled: false, From ee22fff5ac4631edc6035e349c787d29a13adeaf Mon Sep 17 00:00:00 2001 From: Sachin Joshi Date: Tue, 14 May 2019 23:37:08 +0545 Subject: [PATCH 063/170] remove deprecated PleromaFE configuration --- CHANGELOG.md | 3 ++ config/config.exs | 19 ------------- lib/pleroma/config/deprecation_warnings.ex | 10 ------- .../controllers/util_controller.ex | 28 +------------------ test/web/twitter_api/util_controller_test.exs | 26 ++--------------- 5 files changed, 6 insertions(+), 80 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 17e913648..e8b7323fd 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -97,6 +97,9 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/). - Mastodon API: Exposing default scope of the user to anyone - Mastodon API: Make `irreversible` field default to `false` [`POST /api/v1/filters`] +## Removed +- Configuration: `config :pleroma, :fe` in favor of the more flexible `config :pleroma, :frontend_configurations` + ## [0.9.9999] - 2019-04-05 ### Security - Mastodon API: Fix content warnings skipping HTML sanitization diff --git a/config/config.exs b/config/config.exs index 8d44c96de..35ddbad8a 100644 --- a/config/config.exs +++ b/config/config.exs @@ -253,25 +253,6 @@ Pleroma.HTML.Scrubber.Default ] -# Deprecated, will be gone in 1.0 -config :pleroma, :fe, - theme: "pleroma-dark", - logo: "/static/logo.png", - logo_mask: true, - logo_margin: "0.1em", - background: "/static/aurora_borealis.jpg", - redirect_root_no_login: "/main/all", - redirect_root_login: "/main/friends", - show_instance_panel: true, - scope_options_enabled: false, - formatting_options_enabled: false, - collapse_message_with_subject: false, - hide_post_stats: false, - hide_user_stats: false, - scope_copy: true, - subject_line_behavior: "email", - always_show_subject_input: true - config :pleroma, :frontend_configurations, pleroma_fe: %{ theme: "pleroma-dark", diff --git a/lib/pleroma/config/deprecation_warnings.ex b/lib/pleroma/config/deprecation_warnings.ex index 0345ac19c..240fb1c37 100644 --- a/lib/pleroma/config/deprecation_warnings.ex +++ b/lib/pleroma/config/deprecation_warnings.ex @@ -5,15 +5,6 @@ defmodule Pleroma.Config.DeprecationWarnings do require Logger - def check_frontend_config_mechanism do - if Pleroma.Config.get(:fe) do - Logger.warn(""" - !!!DEPRECATION WARNING!!! - You are using the old configuration mechanism for the frontend. Please check config.md. - """) - end - end - def check_hellthread_threshold do if Pleroma.Config.get([:mrf_hellthread, :threshold]) do Logger.warn(""" @@ -24,7 +15,6 @@ def check_hellthread_threshold do end def warn do - check_frontend_config_mechanism() check_hellthread_threshold() end end diff --git a/lib/pleroma/web/twitter_api/controllers/util_controller.ex b/lib/pleroma/web/twitter_api/controllers/util_controller.ex index 89c55ef0e..489170d80 100644 --- a/lib/pleroma/web/twitter_api/controllers/util_controller.ex +++ b/lib/pleroma/web/twitter_api/controllers/util_controller.ex @@ -173,8 +173,6 @@ def notifications_read(%{assigns: %{user: user}} = conn, %{"id" => notification_ def config(conn, _params) do instance = Pleroma.Config.get(:instance) - instance_fe = Pleroma.Config.get(:fe) - instance_chat = Pleroma.Config.get(:chat) case get_format(conn) do "xml" -> @@ -219,31 +217,7 @@ def config(conn, _params) do if(Pleroma.Config.get([:instance, :safe_dm_mentions]), do: "1", else: "0") } - pleroma_fe = - if instance_fe do - %{ - theme: Keyword.get(instance_fe, :theme), - background: Keyword.get(instance_fe, :background), - logo: Keyword.get(instance_fe, :logo), - logoMask: Keyword.get(instance_fe, :logo_mask), - logoMargin: Keyword.get(instance_fe, :logo_margin), - redirectRootNoLogin: Keyword.get(instance_fe, :redirect_root_no_login), - redirectRootLogin: Keyword.get(instance_fe, :redirect_root_login), - chatDisabled: !Keyword.get(instance_chat, :enabled), - showInstanceSpecificPanel: Keyword.get(instance_fe, :show_instance_panel), - scopeOptionsEnabled: Keyword.get(instance_fe, :scope_options_enabled), - formattingOptionsEnabled: Keyword.get(instance_fe, :formatting_options_enabled), - collapseMessageWithSubject: - Keyword.get(instance_fe, :collapse_message_with_subject), - hidePostStats: Keyword.get(instance_fe, :hide_post_stats), - hideUserStats: Keyword.get(instance_fe, :hide_user_stats), - scopeCopy: Keyword.get(instance_fe, :scope_copy), - subjectLineBehavior: Keyword.get(instance_fe, :subject_line_behavior), - alwaysShowSubjectInput: Keyword.get(instance_fe, :always_show_subject_input) - } - else - Pleroma.Config.get([:frontend_configurations, :pleroma_fe]) - end + pleroma_fe = Pleroma.Config.get([:frontend_configurations, :pleroma_fe]) managed_config = Keyword.get(instance, :managed_config) diff --git a/test/web/twitter_api/util_controller_test.exs b/test/web/twitter_api/util_controller_test.exs index 14a8225f0..2cd82b3e7 100644 --- a/test/web/twitter_api/util_controller_test.exs +++ b/test/web/twitter_api/util_controller_test.exs @@ -141,7 +141,7 @@ test "returns the state of safe_dm_mentions flag", %{conn: conn} do test "it returns the managed config", %{conn: conn} do Pleroma.Config.put([:instance, :managed_config], false) - Pleroma.Config.put([:fe], theme: "rei-ayanami-towel") + Pleroma.Config.put([:frontend_configurations, :pleroma_fe], %{theme: "asuka-hospital"}) response = conn @@ -157,29 +157,7 @@ test "it returns the managed config", %{conn: conn} do |> get("/api/statusnet/config.json") |> json_response(:ok) - assert response["site"]["pleromafe"] - end - - test "if :pleroma, :fe is false, it returns the new style config settings", %{conn: conn} do - Pleroma.Config.put([:instance, :managed_config], true) - Pleroma.Config.put([:fe, :theme], "rei-ayanami-towel") - Pleroma.Config.put([:frontend_configurations, :pleroma_fe], %{theme: "asuka-hospital"}) - - response = - conn - |> get("/api/statusnet/config.json") - |> json_response(:ok) - - assert response["site"]["pleromafe"]["theme"] == "rei-ayanami-towel" - - Pleroma.Config.put([:fe], false) - - response = - conn - |> get("/api/statusnet/config.json") - |> json_response(:ok) - - assert response["site"]["pleromafe"]["theme"] == "asuka-hospital" + assert response["site"]["pleromafe"] == %{"theme" => "asuka-hospital"} end end From f1e67bdc312ba16a37916024244d6cb9d4417c9e Mon Sep 17 00:00:00 2001 From: lain Date: Wed, 15 May 2019 15:28:01 +0200 Subject: [PATCH 064/170] Search: Add optional rum indexing / searching. --- config/config.exs | 2 + docs/config.md | 15 +++++++ .../mastodon_api/mastodon_api_controller.ex | 43 ++++++++++++++----- mix.exs | 5 ++- mix.lock | 10 ++--- ...510135645_add_fts_index_to_objects_two.exs | 3 ++ 6 files changed, 62 insertions(+), 16 deletions(-) rename priv/repo/{migrations => optional_migrations/rum_indexing}/20190510135645_add_fts_index_to_objects_two.exs (91%) diff --git a/config/config.exs b/config/config.exs index 1e64b79a7..42e4cb4ce 100644 --- a/config/config.exs +++ b/config/config.exs @@ -476,6 +476,8 @@ token_expires_in: 600, issue_new_refresh_token: true +config :pleroma, :database, rum_enabled: false + # Import environment specific config. This must remain at the bottom # of this file so it overrides the configuration defined above. import_config "#{Mix.env()}.exs" diff --git a/docs/config.md b/docs/config.md index 43ea24d80..99cee25cd 100644 --- a/docs/config.md +++ b/docs/config.md @@ -537,3 +537,18 @@ Configure OAuth 2 provider capabilities: * `shortcode_globs`: Location of custom emoji files. `*` can be used as a wildcard. Example `["/emoji/custom/**/*.png"]` * `groups`: Emojis are ordered in groups (tags). This is an array of key-value pairs where the key is the groupname and the value the location or array of locations. `*` can be used as a wildcard. Example `[Custom: ["/emoji/*.png", "/emoji/custom/*.png"]]` * `default_manifest`: Location of the JSON-manifest. This manifest contains information about the emoji-packs you can download. Currently only one manifest can be added (no arrays). + +## Database options + +### RUM indexing for full text search +* `rum_enabled`: If RUM indexes should be used. Defaults to `false`. + +RUM indexes are an alternative indexing scheme that is not included in PostgreSQL by default. While they may eventually be mainlined, for now they have to be installed as a PostgreSQL extension from https://github.com/postgrespro/rum. + +Their advantage over the standard GIN indexes is that they allow efficient ordering of search results by timestamp, which makes search queries a lot faster on larger servers, by one or two orders of magnitude. They take up around 3 times as much space as GIN indexes. + +To enable them, both the `rum_enabled` flag has to be set and the following special migration has to be run: + +`mix ecto.migrate --migrations-path priv/repo/optional_migrations/rum_indexing/` + +This will probably take a long time. diff --git a/lib/pleroma/web/mastodon_api/mastodon_api_controller.ex b/lib/pleroma/web/mastodon_api/mastodon_api_controller.ex index 32677df95..fc0100b1e 100644 --- a/lib/pleroma/web/mastodon_api/mastodon_api_controller.ex +++ b/lib/pleroma/web/mastodon_api/mastodon_api_controller.ex @@ -1000,6 +1000,30 @@ def unsubscribe(%{assigns: %{user: user}} = conn, %{"id" => id}) do end end + def status_search_query_with_gin(q, query) do + from([a, o] in q, + where: + fragment( + "to_tsvector('english', ?->>'content') @@ plainto_tsquery('english', ?)", + o.data, + ^query + ), + order_by: [desc: :id] + ) + end + + def status_search_query_with_rum(q, query) do + from([a, o] in q, + where: + fragment( + "? @@ plainto_tsquery('english', ?)", + o.fts_content, + ^query + ), + order_by: [fragment("? <=> now()::date", o.inserted_at)] + ) + end + def status_search(user, query) do fetched = if Regex.match?(~r/https?:/, query) do @@ -1013,20 +1037,19 @@ def status_search(user, query) do end || [] q = - from( - [a, o] in Activity.with_preloaded_object(Activity), + from([a, o] in Activity.with_preloaded_object(Activity), where: fragment("?->>'type' = 'Create'", a.data), where: "https://www.w3.org/ns/activitystreams#Public" in a.recipients, - where: - fragment( - "? @@ plainto_tsquery('english', ?)", - o.fts_content, - ^query - ), - limit: 20, - order_by: [fragment("? <=> now()::date", o.inserted_at)] + limit: 20 ) + q = + if Pleroma.Config.get([:database, :rum_enabled]) do + status_search_query_with_rum(q, query) + else + status_search_query_with_gin(q, query) + end + Repo.all(q) ++ fetched end diff --git a/mix.exs b/mix.exs index fae21f18d..f7955c6ca 100644 --- a/mix.exs +++ b/mix.exs @@ -65,7 +65,10 @@ defp deps do {:plug_cowboy, "~> 2.0"}, {:phoenix_pubsub, "~> 1.1"}, {:phoenix_ecto, "~> 4.0"}, - {:ecto_sql, "~>3.0.5"}, + {:ecto_sql, + git: "https://github.com/elixir-ecto/ecto_sql", + ref: "e839a9a327b632d73533ac8105ba360bc831cf83", + override: true}, {:postgrex, ">= 0.13.5"}, {:gettext, "~> 0.15"}, {:comeonin, "~> 4.1.1"}, diff --git a/mix.lock b/mix.lock index 624c0fb35..d223803ab 100644 --- a/mix.lock +++ b/mix.lock @@ -16,12 +16,12 @@ "cowlib": {:hex, :cowlib, "2.7.0", "3ef16e77562f9855a2605900cedb15c1462d76fb1be6a32fc3ae91973ee543d2", [:rebar3], [], "hexpm"}, "credo": {:hex, :credo, "0.9.3", "76fa3e9e497ab282e0cf64b98a624aa11da702854c52c82db1bf24e54ab7c97a", [:mix], [{:bunt, "~> 0.2.0", [hex: :bunt, repo: "hexpm", optional: false]}, {:poison, ">= 0.0.0", [hex: :poison, repo: "hexpm", optional: false]}], "hexpm"}, "crypt": {:git, "https://github.com/msantos/crypt", "1f2b58927ab57e72910191a7ebaeff984382a1d3", [ref: "1f2b58927ab57e72910191a7ebaeff984382a1d3"]}, - "db_connection": {:hex, :db_connection, "2.0.5", "ddb2ba6761a08b2bb9ca0e7d260e8f4dd39067426d835c24491a321b7f92a4da", [:mix], [{:connection, "~> 1.0.2", [hex: :connection, repo: "hexpm", optional: false]}], "hexpm"}, + "db_connection": {:hex, :db_connection, "2.0.6", "bde2f85d047969c5b5800cb8f4b3ed6316c8cb11487afedac4aa5f93fd39abfa", [:mix], [{:connection, "~> 1.0.2", [hex: :connection, repo: "hexpm", optional: false]}], "hexpm"}, "decimal": {:hex, :decimal, "1.7.0", "30d6b52c88541f9a66637359ddf85016df9eb266170d53105f02e4a67e00c5aa", [:mix], [], "hexpm"}, "deep_merge": {:hex, :deep_merge, "1.0.0", "b4aa1a0d1acac393bdf38b2291af38cb1d4a52806cf7a4906f718e1feb5ee961", [:mix], [], "hexpm"}, "earmark": {:hex, :earmark, "1.3.2", "b840562ea3d67795ffbb5bd88940b1bed0ed9fa32834915125ea7d02e35888a5", [:mix], [], "hexpm"}, - "ecto": {:hex, :ecto, "3.0.7", "44dda84ac6b17bbbdeb8ac5dfef08b7da253b37a453c34ab1a98de7f7e5fec7f", [:mix], [{:decimal, "~> 1.6", [hex: :decimal, repo: "hexpm", optional: false]}, {:jason, "~> 1.0", [hex: :jason, repo: "hexpm", optional: true]}, {:poison, "~> 2.2 or ~> 3.0", [hex: :poison, repo: "hexpm", optional: true]}], "hexpm"}, - "ecto_sql": {:hex, :ecto_sql, "3.0.5", "7e44172b4f7aca4469f38d7f6a3da394dbf43a1bcf0ca975e958cb957becd74e", [:mix], [{:db_connection, "~> 2.0", [hex: :db_connection, repo: "hexpm", optional: false]}, {:ecto, "~> 3.0.6", [hex: :ecto, repo: "hexpm", optional: false]}, {:mariaex, "~> 0.9.1", [hex: :mariaex, repo: "hexpm", optional: true]}, {:postgrex, "~> 0.14.0", [hex: :postgrex, repo: "hexpm", optional: true]}, {:telemetry, "~> 0.3.0", [hex: :telemetry, repo: "hexpm", optional: false]}], "hexpm"}, + "ecto": {:hex, :ecto, "3.1.4", "69d852da7a9f04ede725855a35ede48d158ca11a404fe94f8b2fb3b2162cd3c9", [:mix], [{:decimal, "~> 1.6", [hex: :decimal, repo: "hexpm", optional: false]}, {:jason, "~> 1.0", [hex: :jason, repo: "hexpm", optional: true]}], "hexpm"}, + "ecto_sql": {:git, "https://github.com/elixir-ecto/ecto_sql", "e839a9a327b632d73533ac8105ba360bc831cf83", [ref: "e839a9a327b632d73533ac8105ba360bc831cf83"]}, "esshd": {:hex, :esshd, "0.1.0", "6f93a2062adb43637edad0ea7357db2702a4b80dd9683482fe00f5134e97f4c1", [:mix], [], "hexpm"}, "eternal": {:hex, :eternal, "1.2.0", "e2a6b6ce3b8c248f7dc31451aefca57e3bdf0e48d73ae5043229380a67614c41", [:mix], [], "hexpm"}, "ex_aws": {:hex, :ex_aws, "2.1.0", "b92651527d6c09c479f9013caa9c7331f19cba38a650590d82ebf2c6c16a1d8a", [:mix], [{:configparser_ex, "~> 2.0", [hex: :configparser_ex, repo: "hexpm", optional: true]}, {:hackney, "1.6.3 or 1.6.5 or 1.7.1 or 1.8.6 or ~> 1.9", [hex: :hackney, repo: "hexpm", optional: true]}, {:jsx, "~> 2.8", [hex: :jsx, repo: "hexpm", optional: true]}, {:poison, ">= 1.2.0", [hex: :poison, repo: "hexpm", optional: true]}, {:sweet_xml, "~> 0.6", [hex: :sweet_xml, repo: "hexpm", optional: true]}, {:xml_builder, "~> 0.1.0", [hex: :xml_builder, repo: "hexpm", optional: true]}], "hexpm"}, @@ -61,7 +61,7 @@ "plug_crypto": {:hex, :plug_crypto, "1.0.0", "18e49317d3fa343f24620ed22795ec29d4a5e602d52d1513ccea0b07d8ea7d4d", [:mix], [], "hexpm"}, "poison": {:hex, :poison, "3.1.0", "d9eb636610e096f86f25d9a46f35a9facac35609a7591b3be3326e99a0484665", [:mix], [], "hexpm"}, "poolboy": {:hex, :poolboy, "1.5.2", "392b007a1693a64540cead79830443abf5762f5d30cf50bc95cb2c1aaafa006b", [:rebar3], [], "hexpm"}, - "postgrex": {:hex, :postgrex, "0.14.1", "63247d4a5ad6b9de57a0bac5d807e1c32d41e39c04b8a4156a26c63bcd8a2e49", [:mix], [{:connection, "~> 1.0", [hex: :connection, repo: "hexpm", optional: false]}, {:db_connection, "~> 2.0", [hex: :db_connection, repo: "hexpm", optional: false]}, {:decimal, "~> 1.5", [hex: :decimal, repo: "hexpm", optional: false]}, {:jason, "~> 1.0", [hex: :jason, repo: "hexpm", optional: true]}], "hexpm"}, + "postgrex": {:hex, :postgrex, "0.14.3", "5754dee2fdf6e9e508cbf49ab138df964278700b764177e8f3871e658b345a1e", [:mix], [{:connection, "~> 1.0", [hex: :connection, repo: "hexpm", optional: false]}, {:db_connection, "~> 2.0", [hex: :db_connection, repo: "hexpm", optional: false]}, {:decimal, "~> 1.5", [hex: :decimal, repo: "hexpm", optional: false]}, {:jason, "~> 1.0", [hex: :jason, repo: "hexpm", optional: true]}], "hexpm"}, "prometheus": {:hex, :prometheus, "4.2.2", "a830e77b79dc6d28183f4db050a7cac926a6c58f1872f9ef94a35cd989aceef8", [:mix, :rebar3], [], "hexpm"}, "prometheus_ecto": {:hex, :prometheus_ecto, "1.4.1", "6c768ea9654de871e5b32fab2eac348467b3021604ebebbcbd8bcbe806a65ed5", [:mix], [{:ecto, "~> 2.0 or ~> 3.0", [hex: :ecto, repo: "hexpm", optional: false]}, {:prometheus_ex, "~> 1.1 or ~> 2.0 or ~> 3.0", [hex: :prometheus_ex, repo: "hexpm", optional: false]}], "hexpm"}, "prometheus_ex": {:hex, :prometheus_ex, "3.0.5", "fa58cfd983487fc5ead331e9a3e0aa622c67232b3ec71710ced122c4c453a02f", [:mix], [{:prometheus, "~> 4.0", [hex: :prometheus, repo: "hexpm", optional: false]}], "hexpm"}, @@ -74,7 +74,7 @@ "ssl_verify_fun": {:hex, :ssl_verify_fun, "1.1.4", "f0eafff810d2041e93f915ef59899c923f4568f4585904d010387ed74988e77b", [:make, :mix, :rebar3], [], "hexpm"}, "swoosh": {:hex, :swoosh, "0.20.0", "9a6c13822c9815993c03b6f8fccc370fcffb3c158d9754f67b1fdee6b3a5d928", [:mix], [{:cowboy, "~> 1.0.1 or ~> 1.1 or ~> 2.4", [hex: :cowboy, repo: "hexpm", optional: true]}, {:gen_smtp, "~> 0.12", [hex: :gen_smtp, repo: "hexpm", optional: true]}, {:hackney, "~> 1.9", [hex: :hackney, repo: "hexpm", optional: false]}, {:jason, "~> 1.0", [hex: :jason, repo: "hexpm", optional: false]}, {:mime, "~> 1.1", [hex: :mime, repo: "hexpm", optional: false]}, {:plug, "~> 1.4", [hex: :plug, repo: "hexpm", optional: true]}], "hexpm"}, "syslog": {:git, "https://github.com/Vagabond/erlang-syslog.git", "4a6c6f2c996483e86c1320e9553f91d337bcb6aa", [tag: "1.0.5"]}, - "telemetry": {:hex, :telemetry, "0.3.0", "099a7f3ce31e4780f971b4630a3c22ec66d22208bc090fe33a2a3a6a67754a73", [:rebar3], [], "hexpm"}, + "telemetry": {:hex, :telemetry, "0.4.0", "8339bee3fa8b91cb84d14c2935f8ecf399ccd87301ad6da6b71c09553834b2ab", [:rebar3], [], "hexpm"}, "tesla": {:hex, :tesla, "1.2.1", "864783cc27f71dd8c8969163704752476cec0f3a51eb3b06393b3971dc9733ff", [:mix], [{:exjsx, ">= 3.0.0", [hex: :exjsx, repo: "hexpm", optional: true]}, {:fuse, "~> 2.4", [hex: :fuse, repo: "hexpm", optional: true]}, {:hackney, "~> 1.6", [hex: :hackney, repo: "hexpm", optional: true]}, {:ibrowse, "~> 4.4.0", [hex: :ibrowse, repo: "hexpm", optional: true]}, {:jason, ">= 1.0.0", [hex: :jason, repo: "hexpm", optional: true]}, {:mime, "~> 1.0", [hex: :mime, repo: "hexpm", optional: false]}, {:poison, ">= 1.0.0", [hex: :poison, repo: "hexpm", optional: true]}], "hexpm"}, "timex": {:hex, :timex, "3.5.0", "b0a23167da02d0fe4f1a4e104d1f929a00d348502b52432c05de875d0b9cffa5", [:mix], [{:combine, "~> 0.10", [hex: :combine, repo: "hexpm", optional: false]}, {:gettext, "~> 0.10", [hex: :gettext, repo: "hexpm", optional: false]}, {:tzdata, "~> 0.1.8 or ~> 0.5", [hex: :tzdata, repo: "hexpm", optional: false]}], "hexpm"}, "trailing_format_plug": {:hex, :trailing_format_plug, "0.0.7", "64b877f912cf7273bed03379936df39894149e35137ac9509117e59866e10e45", [:mix], [{:plug, "> 0.12.0", [hex: :plug, repo: "hexpm", optional: false]}], "hexpm"}, diff --git a/priv/repo/migrations/20190510135645_add_fts_index_to_objects_two.exs b/priv/repo/optional_migrations/rum_indexing/20190510135645_add_fts_index_to_objects_two.exs similarity index 91% rename from priv/repo/migrations/20190510135645_add_fts_index_to_objects_two.exs rename to priv/repo/optional_migrations/rum_indexing/20190510135645_add_fts_index_to_objects_two.exs index 14b964847..09e6cbfb1 100644 --- a/priv/repo/migrations/20190510135645_add_fts_index_to_objects_two.exs +++ b/priv/repo/optional_migrations/rum_indexing/20190510135645_add_fts_index_to_objects_two.exs @@ -2,6 +2,7 @@ defmodule Pleroma.Repo.Migrations.AddFtsIndexToObjectsTwo do use Ecto.Migration def up do + execute("create extension if not exists rum") drop_if_exists index(:objects, ["(to_tsvector('english', data->>'content'))"], using: :gin, name: :objects_fts) alter table(:objects) do add(:fts_content, :tsvector) @@ -19,6 +20,7 @@ def up do FOR EACH ROW EXECUTE PROCEDURE objects_fts_update()") execute("UPDATE objects SET updated_at = NOW()") + execute("vacuum analyze") end def down do @@ -29,5 +31,6 @@ def down do remove(:fts_content, :tsvector) end create index(:objects, ["(to_tsvector('english', data->>'content'))"], using: :gin, name: :objects_fts) + execute("vacuum analyze") end end From cbb3451023f557ece773bab20f79ac130f786d01 Mon Sep 17 00:00:00 2001 From: lain Date: Wed, 15 May 2019 16:30:08 +0200 Subject: [PATCH 065/170] CommonAPI: Refactor visibility, forbid public to private replies. --- lib/pleroma/web/activity_pub/visibility.ex | 24 +++++++++++++++++ lib/pleroma/web/common_api/common_api.ex | 20 ++++++++++---- .../web/mastodon_api/views/status_view.ex | 26 ++----------------- .../web/twitter_api/views/activity_view.ex | 2 +- test/web/activity_pub/visibilty_test.exs | 12 +++++++++ test/web/common_api/common_api_test.exs | 22 ++++++++++++++++ 6 files changed, 76 insertions(+), 30 deletions(-) diff --git a/lib/pleroma/web/activity_pub/visibility.ex b/lib/pleroma/web/activity_pub/visibility.ex index 6dee61dd6..b38ee0442 100644 --- a/lib/pleroma/web/activity_pub/visibility.ex +++ b/lib/pleroma/web/activity_pub/visibility.ex @@ -58,4 +58,28 @@ def entire_thread_visible_for_user?( visible_for_user?(tail, user) end end + + def get_visibility(object) do + public = "https://www.w3.org/ns/activitystreams#Public" + to = object.data["to"] || [] + cc = object.data["cc"] || [] + + cond do + public in to -> + "public" + + public in cc -> + "unlisted" + + # this should use the sql for the object's activity + Enum.any?(to, &String.contains?(&1, "/followers")) -> + "private" + + length(cc) > 0 -> + "private" + + true -> + "direct" + end + end end diff --git a/lib/pleroma/web/common_api/common_api.ex b/lib/pleroma/web/common_api/common_api.ex index b53869c75..c31e56d4c 100644 --- a/lib/pleroma/web/common_api/common_api.ex +++ b/lib/pleroma/web/common_api/common_api.ex @@ -126,22 +126,30 @@ def get_visibility(%{"in_reply_to_status_id" => status_id}) when not is_nil(stat "public" in_reply_to -> - # XXX: these heuristics should be moved out of MastodonAPI. - with %Object{} = object <- Object.normalize(in_reply_to) do - Pleroma.Web.MastodonAPI.StatusView.get_visibility(object) - end + get_replied_to_visibility(in_reply_to) end end def get_visibility(_), do: "public" + def get_replied_to_visibility(nil), do: nil + + def get_replied_to_visibility(activity) do + with %Object{} = object <- Object.normalize(activity) do + Pleroma.Web.ActivityPub.Visibility.get_visibility(object) + end + end + def post(user, %{"status" => status} = data) do - visibility = get_visibility(data) limit = Pleroma.Config.get([:instance, :limit]) with status <- String.trim(status), attachments <- attachments_from_ids(data), + visibility <- get_visibility(data), in_reply_to <- get_replied_to_activity(data["in_reply_to_status_id"]), + in_reply_to_visibility <- get_replied_to_visibility(in_reply_to), + {_, false} <- + {:private_to_public, in_reply_to_visibility == "direct" && visibility != "direct"}, {content_html, mentions, tags} <- make_content_html( status, @@ -185,6 +193,8 @@ def post(user, %{"status" => status} = data) do ) res + else + e -> {:error, e} end end diff --git a/lib/pleroma/web/mastodon_api/views/status_view.ex b/lib/pleroma/web/mastodon_api/views/status_view.ex index bd2372944..c93d915e5 100644 --- a/lib/pleroma/web/mastodon_api/views/status_view.ex +++ b/lib/pleroma/web/mastodon_api/views/status_view.ex @@ -16,6 +16,8 @@ defmodule Pleroma.Web.MastodonAPI.StatusView do alias Pleroma.Web.MastodonAPI.StatusView alias Pleroma.Web.MediaProxy + import Pleroma.Web.ActivityPub.Visibility, only: [get_visibility: 1] + # TODO: Add cached version. defp get_replied_to_activities(activities) do activities @@ -340,30 +342,6 @@ def get_reply_to(%{data: %{"object" => _object}} = activity, _) do end end - def get_visibility(object) do - public = "https://www.w3.org/ns/activitystreams#Public" - to = object.data["to"] || [] - cc = object.data["cc"] || [] - - cond do - public in to -> - "public" - - public in cc -> - "unlisted" - - # this should use the sql for the object's activity - Enum.any?(to, &String.contains?(&1, "/followers")) -> - "private" - - length(cc) > 0 -> - "private" - - true -> - "direct" - end - end - def render_content(%{data: %{"type" => "Video"}} = object) do with name when not is_nil(name) and name != "" <- object.data["name"] do "

#{name}

#{object.data["content"]}" diff --git a/lib/pleroma/web/twitter_api/views/activity_view.ex b/lib/pleroma/web/twitter_api/views/activity_view.ex index d084ad734..44bcafe0e 100644 --- a/lib/pleroma/web/twitter_api/views/activity_view.ex +++ b/lib/pleroma/web/twitter_api/views/activity_view.ex @@ -310,7 +310,7 @@ def render( "tags" => tags, "activity_type" => "post", "possibly_sensitive" => possibly_sensitive, - "visibility" => StatusView.get_visibility(object), + "visibility" => Pleroma.Web.ActivityPub.Visibility.get_visibility(object), "summary" => summary, "summary_html" => summary |> Formatter.emojify(object.data["emoji"]), "card" => card, diff --git a/test/web/activity_pub/visibilty_test.exs b/test/web/activity_pub/visibilty_test.exs index 24b96c4aa..9c03c8be2 100644 --- a/test/web/activity_pub/visibilty_test.exs +++ b/test/web/activity_pub/visibilty_test.exs @@ -95,4 +95,16 @@ test "visible_for_user?", %{ refute Visibility.visible_for_user?(private, unrelated) refute Visibility.visible_for_user?(direct, unrelated) end + + test "get_visibility", %{ + public: public, + private: private, + direct: direct, + unlisted: unlisted + } do + assert Visibility.get_visibility(public) == "public" + assert Visibility.get_visibility(private) == "private" + assert Visibility.get_visibility(direct) == "direct" + assert Visibility.get_visibility(unlisted) == "unlisted" + end end diff --git a/test/web/common_api/common_api_test.exs b/test/web/common_api/common_api_test.exs index a5b07c446..8d4f401ee 100644 --- a/test/web/common_api/common_api_test.exs +++ b/test/web/common_api/common_api_test.exs @@ -87,6 +87,28 @@ test "it filters out obviously bad tags when accepting a post as Markdown" do assert object.data["content"] == "

2hu

alert('xss')" end + + test "it does not allow replies to direct messages that are not direct messages themselves" do + user = insert(:user) + + {:ok, activity} = CommonAPI.post(user, %{"status" => "suya..", "visibility" => "direct"}) + + assert {:ok, _} = + CommonAPI.post(user, %{ + "status" => "suya..", + "visibility" => "direct", + "in_reply_to_status_id" => activity.id + }) + + Enum.each(["public", "private", "unlisted"], fn visibility -> + assert {:error, {:private_to_public, _}} = + CommonAPI.post(user, %{ + "status" => "suya..", + "visibility" => visibility, + "in_reply_to_status_id" => activity.id + }) + end) + end end describe "reactions" do From 7a92e701b974aa5ee70d617be323292c953d08de Mon Sep 17 00:00:00 2001 From: lain Date: Wed, 15 May 2019 16:35:33 +0200 Subject: [PATCH 066/170] CommonAPI: Visibility refactor. --- lib/pleroma/web/common_api/common_api.ex | 20 +++++++------------- 1 file changed, 7 insertions(+), 13 deletions(-) diff --git a/lib/pleroma/web/common_api/common_api.ex b/lib/pleroma/web/common_api/common_api.ex index c31e56d4c..29c4c1014 100644 --- a/lib/pleroma/web/common_api/common_api.ex +++ b/lib/pleroma/web/common_api/common_api.ex @@ -116,21 +116,16 @@ def unfavorite(id_or_ap_id, user) do end end - def get_visibility(%{"visibility" => visibility}) + def get_visibility(%{"visibility" => visibility}, in_reply_to) when visibility in ~w{public unlisted private direct}, - do: visibility + do: {visibility, get_replied_to_visibility(in_reply_to)} - def get_visibility(%{"in_reply_to_status_id" => status_id}) when not is_nil(status_id) do - case get_replied_to_activity(status_id) do - nil -> - "public" - - in_reply_to -> - get_replied_to_visibility(in_reply_to) - end + def get_visibility(_, in_reply_to) when not is_nil(in_reply_to) do + visibility = get_replied_to_visibility(in_reply_to) + {visibility, visibility} end - def get_visibility(_), do: "public" + def get_visibility(_, in_reply_to), do: {"public", get_replied_to_visibility(in_reply_to)} def get_replied_to_visibility(nil), do: nil @@ -145,9 +140,8 @@ def post(user, %{"status" => status} = data) do with status <- String.trim(status), attachments <- attachments_from_ids(data), - visibility <- get_visibility(data), in_reply_to <- get_replied_to_activity(data["in_reply_to_status_id"]), - in_reply_to_visibility <- get_replied_to_visibility(in_reply_to), + {visibility, in_reply_to_visibility} <- get_visibility(data, in_reply_to), {_, false} <- {:private_to_public, in_reply_to_visibility == "direct" && visibility != "direct"}, {content_html, mentions, tags} <- From 88cc423fa3c4baa698e99e1e62d251b6f81cc93d Mon Sep 17 00:00:00 2001 From: lain Date: Wed, 15 May 2019 16:45:26 +0200 Subject: [PATCH 067/170] Dependencies: Update Ecto SQL. --- mix.exs | 5 ++++- mix.lock | 10 +++++----- 2 files changed, 9 insertions(+), 6 deletions(-) diff --git a/mix.exs b/mix.exs index b7b9d534d..2535fcf98 100644 --- a/mix.exs +++ b/mix.exs @@ -65,7 +65,10 @@ defp deps do {:plug_cowboy, "~> 2.0"}, {:phoenix_pubsub, "~> 1.1"}, {:phoenix_ecto, "~> 4.0"}, - {:ecto_sql, "~>3.0.5"}, + {:ecto_sql, + git: "https://github.com/elixir-ecto/ecto_sql", + ref: "e839a9a327b632d73533ac8105ba360bc831cf83", + override: true}, {:postgrex, ">= 0.13.5"}, {:gettext, "~> 0.15"}, {:comeonin, "~> 4.1.1"}, diff --git a/mix.lock b/mix.lock index 0b24818c5..5ee5634d3 100644 --- a/mix.lock +++ b/mix.lock @@ -16,12 +16,12 @@ "cowlib": {:hex, :cowlib, "2.7.0", "3ef16e77562f9855a2605900cedb15c1462d76fb1be6a32fc3ae91973ee543d2", [:rebar3], [], "hexpm"}, "credo": {:hex, :credo, "0.9.3", "76fa3e9e497ab282e0cf64b98a624aa11da702854c52c82db1bf24e54ab7c97a", [:mix], [{:bunt, "~> 0.2.0", [hex: :bunt, repo: "hexpm", optional: false]}, {:poison, ">= 0.0.0", [hex: :poison, repo: "hexpm", optional: false]}], "hexpm"}, "crypt": {:git, "https://github.com/msantos/crypt", "1f2b58927ab57e72910191a7ebaeff984382a1d3", [ref: "1f2b58927ab57e72910191a7ebaeff984382a1d3"]}, - "db_connection": {:hex, :db_connection, "2.0.5", "ddb2ba6761a08b2bb9ca0e7d260e8f4dd39067426d835c24491a321b7f92a4da", [:mix], [{:connection, "~> 1.0.2", [hex: :connection, repo: "hexpm", optional: false]}], "hexpm"}, + "db_connection": {:hex, :db_connection, "2.0.6", "bde2f85d047969c5b5800cb8f4b3ed6316c8cb11487afedac4aa5f93fd39abfa", [:mix], [{:connection, "~> 1.0.2", [hex: :connection, repo: "hexpm", optional: false]}], "hexpm"}, "decimal": {:hex, :decimal, "1.7.0", "30d6b52c88541f9a66637359ddf85016df9eb266170d53105f02e4a67e00c5aa", [:mix], [], "hexpm"}, "deep_merge": {:hex, :deep_merge, "1.0.0", "b4aa1a0d1acac393bdf38b2291af38cb1d4a52806cf7a4906f718e1feb5ee961", [:mix], [], "hexpm"}, "earmark": {:hex, :earmark, "1.3.2", "b840562ea3d67795ffbb5bd88940b1bed0ed9fa32834915125ea7d02e35888a5", [:mix], [], "hexpm"}, - "ecto": {:hex, :ecto, "3.0.7", "44dda84ac6b17bbbdeb8ac5dfef08b7da253b37a453c34ab1a98de7f7e5fec7f", [:mix], [{:decimal, "~> 1.6", [hex: :decimal, repo: "hexpm", optional: false]}, {:jason, "~> 1.0", [hex: :jason, repo: "hexpm", optional: true]}, {:poison, "~> 2.2 or ~> 3.0", [hex: :poison, repo: "hexpm", optional: true]}], "hexpm"}, - "ecto_sql": {:hex, :ecto_sql, "3.0.5", "7e44172b4f7aca4469f38d7f6a3da394dbf43a1bcf0ca975e958cb957becd74e", [:mix], [{:db_connection, "~> 2.0", [hex: :db_connection, repo: "hexpm", optional: false]}, {:ecto, "~> 3.0.6", [hex: :ecto, repo: "hexpm", optional: false]}, {:mariaex, "~> 0.9.1", [hex: :mariaex, repo: "hexpm", optional: true]}, {:postgrex, "~> 0.14.0", [hex: :postgrex, repo: "hexpm", optional: true]}, {:telemetry, "~> 0.3.0", [hex: :telemetry, repo: "hexpm", optional: false]}], "hexpm"}, + "ecto": {:hex, :ecto, "3.1.4", "69d852da7a9f04ede725855a35ede48d158ca11a404fe94f8b2fb3b2162cd3c9", [:mix], [{:decimal, "~> 1.6", [hex: :decimal, repo: "hexpm", optional: false]}, {:jason, "~> 1.0", [hex: :jason, repo: "hexpm", optional: true]}], "hexpm"}, + "ecto_sql": {:git, "https://github.com/elixir-ecto/ecto_sql", "e839a9a327b632d73533ac8105ba360bc831cf83", [ref: "e839a9a327b632d73533ac8105ba360bc831cf83"]}, "esshd": {:hex, :esshd, "0.1.0", "6f93a2062adb43637edad0ea7357db2702a4b80dd9683482fe00f5134e97f4c1", [:mix], [], "hexpm"}, "eternal": {:hex, :eternal, "1.2.0", "e2a6b6ce3b8c248f7dc31451aefca57e3bdf0e48d73ae5043229380a67614c41", [:mix], [], "hexpm"}, "ex2ms": {:hex, :ex2ms, "1.5.0", "19e27f9212be9a96093fed8cdfbef0a2b56c21237196d26760f11dfcfae58e97", [:mix], [], "hexpm"}, @@ -64,7 +64,7 @@ "plug_static_index_html": {:hex, :plug_static_index_html, "1.0.0", "840123d4d3975585133485ea86af73cb2600afd7f2a976f9f5fd8b3808e636a0", [:mix], [{:plug, "~> 1.0", [hex: :plug, repo: "hexpm", optional: false]}], "hexpm"}, "poison": {:hex, :poison, "3.1.0", "d9eb636610e096f86f25d9a46f35a9facac35609a7591b3be3326e99a0484665", [:mix], [], "hexpm"}, "poolboy": {:hex, :poolboy, "1.5.2", "392b007a1693a64540cead79830443abf5762f5d30cf50bc95cb2c1aaafa006b", [:rebar3], [], "hexpm"}, - "postgrex": {:hex, :postgrex, "0.14.1", "63247d4a5ad6b9de57a0bac5d807e1c32d41e39c04b8a4156a26c63bcd8a2e49", [:mix], [{:connection, "~> 1.0", [hex: :connection, repo: "hexpm", optional: false]}, {:db_connection, "~> 2.0", [hex: :db_connection, repo: "hexpm", optional: false]}, {:decimal, "~> 1.5", [hex: :decimal, repo: "hexpm", optional: false]}, {:jason, "~> 1.0", [hex: :jason, repo: "hexpm", optional: true]}], "hexpm"}, + "postgrex": {:hex, :postgrex, "0.14.3", "5754dee2fdf6e9e508cbf49ab138df964278700b764177e8f3871e658b345a1e", [:mix], [{:connection, "~> 1.0", [hex: :connection, repo: "hexpm", optional: false]}, {:db_connection, "~> 2.0", [hex: :db_connection, repo: "hexpm", optional: false]}, {:decimal, "~> 1.5", [hex: :decimal, repo: "hexpm", optional: false]}, {:jason, "~> 1.0", [hex: :jason, repo: "hexpm", optional: true]}], "hexpm"}, "prometheus": {:hex, :prometheus, "4.2.2", "a830e77b79dc6d28183f4db050a7cac926a6c58f1872f9ef94a35cd989aceef8", [:mix, :rebar3], [], "hexpm"}, "prometheus_ecto": {:hex, :prometheus_ecto, "1.4.1", "6c768ea9654de871e5b32fab2eac348467b3021604ebebbcbd8bcbe806a65ed5", [:mix], [{:ecto, "~> 2.0 or ~> 3.0", [hex: :ecto, repo: "hexpm", optional: false]}, {:prometheus_ex, "~> 1.1 or ~> 2.0 or ~> 3.0", [hex: :prometheus_ex, repo: "hexpm", optional: false]}], "hexpm"}, "prometheus_ex": {:hex, :prometheus_ex, "3.0.5", "fa58cfd983487fc5ead331e9a3e0aa622c67232b3ec71710ced122c4c453a02f", [:mix], [{:prometheus, "~> 4.0", [hex: :prometheus, repo: "hexpm", optional: false]}], "hexpm"}, @@ -77,7 +77,7 @@ "ssl_verify_fun": {:hex, :ssl_verify_fun, "1.1.4", "f0eafff810d2041e93f915ef59899c923f4568f4585904d010387ed74988e77b", [:make, :mix, :rebar3], [], "hexpm"}, "swoosh": {:hex, :swoosh, "0.20.0", "9a6c13822c9815993c03b6f8fccc370fcffb3c158d9754f67b1fdee6b3a5d928", [:mix], [{:cowboy, "~> 1.0.1 or ~> 1.1 or ~> 2.4", [hex: :cowboy, repo: "hexpm", optional: true]}, {:gen_smtp, "~> 0.12", [hex: :gen_smtp, repo: "hexpm", optional: true]}, {:hackney, "~> 1.9", [hex: :hackney, repo: "hexpm", optional: false]}, {:jason, "~> 1.0", [hex: :jason, repo: "hexpm", optional: false]}, {:mime, "~> 1.1", [hex: :mime, repo: "hexpm", optional: false]}, {:plug, "~> 1.4", [hex: :plug, repo: "hexpm", optional: true]}], "hexpm"}, "syslog": {:git, "https://github.com/Vagabond/erlang-syslog.git", "4a6c6f2c996483e86c1320e9553f91d337bcb6aa", [tag: "1.0.5"]}, - "telemetry": {:hex, :telemetry, "0.3.0", "099a7f3ce31e4780f971b4630a3c22ec66d22208bc090fe33a2a3a6a67754a73", [:rebar3], [], "hexpm"}, + "telemetry": {:hex, :telemetry, "0.4.0", "8339bee3fa8b91cb84d14c2935f8ecf399ccd87301ad6da6b71c09553834b2ab", [:rebar3], [], "hexpm"}, "tesla": {:hex, :tesla, "1.2.1", "864783cc27f71dd8c8969163704752476cec0f3a51eb3b06393b3971dc9733ff", [:mix], [{:exjsx, ">= 3.0.0", [hex: :exjsx, repo: "hexpm", optional: true]}, {:fuse, "~> 2.4", [hex: :fuse, repo: "hexpm", optional: true]}, {:hackney, "~> 1.6", [hex: :hackney, repo: "hexpm", optional: true]}, {:ibrowse, "~> 4.4.0", [hex: :ibrowse, repo: "hexpm", optional: true]}, {:jason, ">= 1.0.0", [hex: :jason, repo: "hexpm", optional: true]}, {:mime, "~> 1.0", [hex: :mime, repo: "hexpm", optional: false]}, {:poison, ">= 1.0.0", [hex: :poison, repo: "hexpm", optional: true]}], "hexpm"}, "timex": {:hex, :timex, "3.5.0", "b0a23167da02d0fe4f1a4e104d1f929a00d348502b52432c05de875d0b9cffa5", [:mix], [{:combine, "~> 0.10", [hex: :combine, repo: "hexpm", optional: false]}, {:gettext, "~> 0.10", [hex: :gettext, repo: "hexpm", optional: false]}, {:tzdata, "~> 0.1.8 or ~> 0.5", [hex: :tzdata, repo: "hexpm", optional: false]}], "hexpm"}, "trailing_format_plug": {:hex, :trailing_format_plug, "0.0.7", "64b877f912cf7273bed03379936df39894149e35137ac9509117e59866e10e45", [:mix], [{:plug, "> 0.12.0", [hex: :plug, repo: "hexpm", optional: false]}], "hexpm"}, From f831acf91243bb9f4e6a9c1ca1bf77ea4762842e Mon Sep 17 00:00:00 2001 From: feld Date: Wed, 15 May 2019 15:19:20 +0000 Subject: [PATCH 068/170] Excoveralls for code coverage --- .gitlab-ci.yml | 1 + mix.exs | 4 +++- mix.lock | 1 + 3 files changed, 5 insertions(+), 1 deletion(-) diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index dc99b81ee..f9745122a 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -52,6 +52,7 @@ unit-testing: - mix ecto.create - mix ecto.migrate - mix test --trace --preload-modules + - mix coveralls lint: stage: test diff --git a/mix.exs b/mix.exs index b7b9d534d..7cc20b274 100644 --- a/mix.exs +++ b/mix.exs @@ -13,6 +13,7 @@ def project do start_permanent: Mix.env() == :prod, aliases: aliases(), deps: deps(), + test_coverage: [tool: ExCoveralls], # Docs name: "Pleroma", @@ -115,7 +116,8 @@ defp deps do {:benchee, "~> 1.0"}, {:esshd, "~> 0.1.0"}, {:ex_rated, "~> 1.2"}, - {:plug_static_index_html, "~> 1.0.0"} + {:plug_static_index_html, "~> 1.0.0"}, + {:excoveralls, "~> 0.11.1", only: :test} ] ++ oauth_deps end diff --git a/mix.lock b/mix.lock index 0b24818c5..7d80eb0b8 100644 --- a/mix.lock +++ b/mix.lock @@ -31,6 +31,7 @@ "ex_machina": {:hex, :ex_machina, "2.3.0", "92a5ad0a8b10ea6314b876a99c8c9e3f25f4dde71a2a835845b136b9adaf199a", [:mix], [{:ecto, "~> 2.2 or ~> 3.0", [hex: :ecto, repo: "hexpm", optional: true]}, {:ecto_sql, "~> 3.0", [hex: :ecto_sql, repo: "hexpm", optional: true]}], "hexpm"}, "ex_rated": {:hex, :ex_rated, "1.3.2", "6aeb32abb46ea6076f417a9ce8cb1cf08abf35fb2d42375beaad4dd72b550bf1", [:mix], [{:ex2ms, "~> 1.5", [hex: :ex2ms, repo: "hexpm", optional: false]}], "hexpm"}, "ex_syslogger": {:git, "https://github.com/slashmili/ex_syslogger.git", "f3963399047af17e038897c69e20d552e6899e1d", [tag: "1.4.0"]}, + "excoveralls": {:hex, :excoveralls, "0.11.1", "dd677fbdd49114fdbdbf445540ec735808250d56b011077798316505064edb2c", [:mix], [{:hackney, "~> 1.0", [hex: :hackney, repo: "hexpm", optional: false]}, {:jason, "~> 1.0", [hex: :jason, repo: "hexpm", optional: false]}], "hexpm"}, "floki": {:hex, :floki, "0.20.4", "be42ac911fece24b4c72f3b5846774b6e61b83fe685c2fc9d62093277fb3bc86", [:mix], [{:html_entities, "~> 0.4.0", [hex: :html_entities, repo: "hexpm", optional: false]}, {:mochiweb, "~> 2.15", [hex: :mochiweb, repo: "hexpm", optional: false]}], "hexpm"}, "gen_smtp": {:hex, :gen_smtp, "0.13.0", "11f08504c4bdd831dc520b8f84a1dce5ce624474a797394e7aafd3c29f5dcd25", [:rebar3], [], "hexpm"}, "gettext": {:hex, :gettext, "0.15.0", "40a2b8ce33a80ced7727e36768499fc9286881c43ebafccae6bab731e2b2b8ce", [:mix], [], "hexpm"}, From 4429c1b7dae9007299c46eab8bd60573b9ff1bdb Mon Sep 17 00:00:00 2001 From: William Pitcock Date: Wed, 15 May 2019 15:29:42 +0000 Subject: [PATCH 069/170] tests: fixup --- test/plugs/http_signature_plug_test.exs | 1 - 1 file changed, 1 deletion(-) diff --git a/test/plugs/http_signature_plug_test.exs b/test/plugs/http_signature_plug_test.exs index 6a00dd4fd..efd811df7 100644 --- a/test/plugs/http_signature_plug_test.exs +++ b/test/plugs/http_signature_plug_test.exs @@ -4,7 +4,6 @@ defmodule Pleroma.Web.Plugs.HTTPSignaturePlugTest do use Pleroma.Web.ConnCase - alias Pleroma.Web.HTTPSignatures alias Pleroma.Web.Plugs.HTTPSignaturePlug import Plug.Conn From 958b4cfde916c9be71d7412fe1c90750ec578fdc Mon Sep 17 00:00:00 2001 From: William Pitcock Date: Sun, 24 Mar 2019 23:45:57 +0000 Subject: [PATCH 070/170] migrations: add function to see if a thread can be satisfied --- ...4222404_add_thread_visibility_function.exs | 76 +++++++++++++++++++ 1 file changed, 76 insertions(+) create mode 100644 priv/repo/migrations/20190324222404_add_thread_visibility_function.exs diff --git a/priv/repo/migrations/20190324222404_add_thread_visibility_function.exs b/priv/repo/migrations/20190324222404_add_thread_visibility_function.exs new file mode 100644 index 000000000..cea0322e7 --- /dev/null +++ b/priv/repo/migrations/20190324222404_add_thread_visibility_function.exs @@ -0,0 +1,76 @@ +defmodule Pleroma.Repo.Migrations.AddThreadVisibilityFunction do + use Ecto.Migration + @disable_ddl_transaction true + + def up do + statement = """ + CREATE OR REPLACE FUNCTION thread_visibility(actor varchar, activity_id varchar) RETURNS boolean AS $$ + DECLARE + public varchar := 'https://www.w3.org/ns/activitystreams#Public'; + child objects%ROWTYPE; + activity activities%ROWTYPE; + actor_user users%ROWTYPE; + author users%ROWTYPE; + author_fa varchar; + BEGIN + --- Fetch our actor. + SELECT * INTO actor_user FROM users WHERE users.ap_id = actor; + + --- Fetch our initial activity. + SELECT * INTO activity FROM activities WHERE activities.data->>'id' = activity_id; + + LOOP + --- Ensure that we have an activity before continuing. + IF activity IS NULL THEN + RETURN true; + END IF; + + --- Normalize the child object into child. + SELECT * INTO child FROM objects + INNER JOIN activities ON COALESCE(activities.data->'object'->>'id', activities.data->>'object') = objects.data->>'id' + WHERE COALESCE(activity.data->'object'->>'id', activity.data->>'object') = objects.data->>'id'; + + --- Fetch the author. + SELECT * INTO author FROM users WHERE users.ap_id = activity.actor; + + --- Prepare author's AS2 followers collection. + SELECT COALESCE(author.follower_address, '') INTO author_fa; + + --- Check visibility. + IF activity.actor = actor THEN + --- activity visible + NULL; + ELSIF ARRAY[public] && activity.recipients THEN + --- activity visible + NULL; + ELSIF ARRAY[author_fa] && activity.recipients AND ARRAY[author_fa] && actor_user.following THEN + --- activity visible + NULL; + ELSIF ARRAY[actor] && activity.recipients THEN + --- activity visible + NULL; + ELSE + --- activity not visible, break out of the loop + RETURN false; + END IF; + + --- If there's a parent, load it and do this all over again. + IF (child.data->'inReplyTo' IS NOT NULL) AND (child.data->'inReplyTo' != 'null'::jsonb) THEN + SELECT * INTO activity FROM activities + INNER JOIN objects ON COALESCE(activities.data->'object'->>'id', activities.data->>'object') = objects.data->>'id' + WHERE child.data->>'inReplyTo' = objects.data->>'id'; + ELSE + RETURN true; + END IF; + END LOOP; + END; + $$ LANGUAGE plpgsql IMMUTABLE; + """ + + execute(statement) + end + + def down do + execute("drop function thread_visibility(actor varchar, activity_id varchar)") + end +end From 0387f5213805cdc4e0bf86f98797cefcd03ba61d Mon Sep 17 00:00:00 2001 From: William Pitcock Date: Mon, 25 Mar 2019 00:06:02 +0000 Subject: [PATCH 071/170] activitypub: add restrict_thread_visibility() --- lib/pleroma/web/activity_pub/activity_pub.ex | 15 +++++++++++++++ 1 file changed, 15 insertions(+) diff --git a/lib/pleroma/web/activity_pub/activity_pub.ex b/lib/pleroma/web/activity_pub/activity_pub.ex index 233fee4fa..fec1bcd3e 100644 --- a/lib/pleroma/web/activity_pub/activity_pub.ex +++ b/lib/pleroma/web/activity_pub/activity_pub.ex @@ -569,6 +569,20 @@ defp restrict_visibility(_query, %{visibility: visibility}) defp restrict_visibility(query, _visibility), do: query + defp restrict_thread_visibility(query, %{"user" => %User{ap_id: ap_id}}) do + query = + from( + a in query, + where: fragment("thread_visibility(?, (?)->>'id') = true", ^ap_id, a.data) + ) + + Ecto.Adapters.SQL.to_sql(:all, Repo, query) + + query + end + + defp restrict_thread_visibility(query, _), do: query + def fetch_user_activities(user, reading_user, params \\ %{}) do params = params @@ -848,6 +862,7 @@ def fetch_activities_query(recipients, opts \\ %{}) do |> restrict_muted(opts) |> restrict_media(opts) |> restrict_visibility(opts) + |> restrict_thread_visibility(opts) |> restrict_replies(opts) |> restrict_reblogs(opts) |> restrict_pinned(opts) From de114ffbb0f92d24fd370adaaf43ff301ab04b4b Mon Sep 17 00:00:00 2001 From: William Pitcock Date: Mon, 25 Mar 2019 00:10:20 +0000 Subject: [PATCH 072/170] activitypub: remove contain_timeline() --- lib/pleroma/web/activity_pub/activity_pub.ex | 8 -------- lib/pleroma/web/mastodon_api/mastodon_api_controller.ex | 1 - lib/pleroma/web/twitter_api/twitter_api_controller.ex | 4 +--- 3 files changed, 1 insertion(+), 12 deletions(-) diff --git a/lib/pleroma/web/activity_pub/activity_pub.ex b/lib/pleroma/web/activity_pub/activity_pub.ex index fec1bcd3e..e544d0c50 100644 --- a/lib/pleroma/web/activity_pub/activity_pub.ex +++ b/lib/pleroma/web/activity_pub/activity_pub.ex @@ -980,12 +980,4 @@ def contain_broken_threads(%Activity{} = activity, %User{} = user) do def contain_activity(%Activity{} = activity, %User{} = user) do contain_broken_threads(activity, user) end - - # do post-processing on a timeline - def contain_timeline(timeline, user) do - timeline - |> Enum.filter(fn activity -> - contain_activity(activity, user) - end) - end end diff --git a/lib/pleroma/web/mastodon_api/mastodon_api_controller.ex b/lib/pleroma/web/mastodon_api/mastodon_api_controller.ex index 87e597074..66056a846 100644 --- a/lib/pleroma/web/mastodon_api/mastodon_api_controller.ex +++ b/lib/pleroma/web/mastodon_api/mastodon_api_controller.ex @@ -303,7 +303,6 @@ def home_timeline(%{assigns: %{user: user}} = conn, params) do activities = [user.ap_id | user.following] |> ActivityPub.fetch_activities(params) - |> ActivityPub.contain_timeline(user) |> Enum.reverse() conn diff --git a/lib/pleroma/web/twitter_api/twitter_api_controller.ex b/lib/pleroma/web/twitter_api/twitter_api_controller.ex index 3c5a70be9..31e86685a 100644 --- a/lib/pleroma/web/twitter_api/twitter_api_controller.ex +++ b/lib/pleroma/web/twitter_api/twitter_api_controller.ex @@ -101,9 +101,7 @@ def friends_timeline(%{assigns: %{user: user}} = conn, params) do |> Map.put("blocking_user", user) |> Map.put("user", user) - activities = - ActivityPub.fetch_activities([user.ap_id | user.following], params) - |> ActivityPub.contain_timeline(user) + activities = ActivityPub.fetch_activities([user.ap_id | user.following], params) conn |> put_view(ActivityView) From 31db31c5879a2dedcc8dd4c671c4c9a79656355a Mon Sep 17 00:00:00 2001 From: William Pitcock Date: Mon, 25 Mar 2019 00:38:28 +0000 Subject: [PATCH 073/170] activitypub: visibility: use SQL thread_visibility() function instead of manually walking the thread --- lib/pleroma/web/activity_pub/visibility.ex | 26 +++++++--------------- 1 file changed, 8 insertions(+), 18 deletions(-) diff --git a/lib/pleroma/web/activity_pub/visibility.ex b/lib/pleroma/web/activity_pub/visibility.ex index b38ee0442..46dd46575 100644 --- a/lib/pleroma/web/activity_pub/visibility.ex +++ b/lib/pleroma/web/activity_pub/visibility.ex @@ -1,6 +1,7 @@ defmodule Pleroma.Web.ActivityPub.Visibility do alias Pleroma.Activity alias Pleroma.Object + alias Pleroma.Repo alias Pleroma.User def is_public?(%Object{data: %{"type" => "Tombstone"}}), do: false @@ -38,25 +39,14 @@ def visible_for_user?(activity, user) do visible_for_user?(activity, nil) || Enum.any?(x, &(&1 in y)) end - # guard - def entire_thread_visible_for_user?(nil, _user), do: false + def entire_thread_visible_for_user?(%Activity{} = activity, %User{} = user) do + {:ok, %{rows: [[result]]}} = + Ecto.Adapters.SQL.query(Repo, "SELECT thread_visibility($1, $2)", [ + user.ap_id, + activity.data["id"] + ]) - # XXX: Probably even more inefficient than the previous implementation intended to be a placeholder untill https://git.pleroma.social/pleroma/pleroma/merge_requests/971 is in develop - # credo:disable-for-previous-line Credo.Check.Readability.MaxLineLength - - def entire_thread_visible_for_user?( - %Activity{} = tail, - # %Activity{data: %{"object" => %{"inReplyTo" => parent_id}}} = tail, - user - ) do - case Object.normalize(tail) do - %{data: %{"inReplyTo" => parent_id}} when is_binary(parent_id) -> - parent = Activity.get_in_reply_to_activity(tail) - visible_for_user?(tail, user) && entire_thread_visible_for_user?(parent, user) - - _ -> - visible_for_user?(tail, user) - end + result end def get_visibility(object) do From c7644313e72520a371e4bd417b1ff852365849b6 Mon Sep 17 00:00:00 2001 From: William Pitcock Date: Mon, 25 Mar 2019 01:23:15 +0000 Subject: [PATCH 074/170] test: update obsolete test --- test/web/activity_pub/activity_pub_test.exs | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/test/web/activity_pub/activity_pub_test.exs b/test/web/activity_pub/activity_pub_test.exs index 0f90aa1ac..b41f6ab81 100644 --- a/test/web/activity_pub/activity_pub_test.exs +++ b/test/web/activity_pub/activity_pub_test.exs @@ -968,7 +968,8 @@ test "it filters broken threads" do assert length(activities) == 3 - activities = ActivityPub.contain_timeline(activities, user1) + activities = + ActivityPub.fetch_activities([user1.ap_id | user1.following], %{"user" => user1}) assert [public_activity, private_activity_1] == activities assert length(activities) == 2 From 75ce6adcffd2dbbc2ca2f83d7fe2d7fd659cd2f4 Mon Sep 17 00:00:00 2001 From: William Pitcock Date: Mon, 25 Mar 2019 02:56:13 +0000 Subject: [PATCH 075/170] migration: only care about Create activities --- .../20190324222404_add_thread_visibility_function.exs | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/priv/repo/migrations/20190324222404_add_thread_visibility_function.exs b/priv/repo/migrations/20190324222404_add_thread_visibility_function.exs index cea0322e7..11aa47e83 100644 --- a/priv/repo/migrations/20190324222404_add_thread_visibility_function.exs +++ b/priv/repo/migrations/20190324222404_add_thread_visibility_function.exs @@ -25,6 +25,11 @@ def up do RETURN true; END IF; + --- We only care about Create activities. + IF activity.data->>'type' != 'Create' THEN + RETURN true; + END IF; + --- Normalize the child object into child. SELECT * INTO child FROM objects INNER JOIN activities ON COALESCE(activities.data->'object'->>'id', activities.data->>'object') = objects.data->>'id' From 0aada88b5594b6714b8d65f8bee9c325d77d6e7b Mon Sep 17 00:00:00 2001 From: William Pitcock Date: Wed, 8 May 2019 23:17:51 +0000 Subject: [PATCH 076/170] bbs: chase timeline containment patch --- lib/pleroma/bbs/handler.ex | 1 - 1 file changed, 1 deletion(-) diff --git a/lib/pleroma/bbs/handler.ex b/lib/pleroma/bbs/handler.ex index 106fe5d18..f34be961f 100644 --- a/lib/pleroma/bbs/handler.ex +++ b/lib/pleroma/bbs/handler.ex @@ -95,7 +95,6 @@ def handle_command(state, "home") do activities = [user.ap_id | user.following] |> ActivityPub.fetch_activities(params) - |> ActivityPub.contain_timeline(user) Enum.each(activities, fn activity -> puts_activity(activity) From 12f45e2a8907c74c6b65d866bc3bab547b31edfa Mon Sep 17 00:00:00 2001 From: William Pitcock Date: Wed, 15 May 2019 16:22:52 +0000 Subject: [PATCH 077/170] update migration --- ...n.exs => 20190515222404_add_thread_visibility_function.exs} | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) rename priv/repo/migrations/{20190324222404_add_thread_visibility_function.exs => 20190515222404_add_thread_visibility_function.exs} (97%) diff --git a/priv/repo/migrations/20190324222404_add_thread_visibility_function.exs b/priv/repo/migrations/20190515222404_add_thread_visibility_function.exs similarity index 97% rename from priv/repo/migrations/20190324222404_add_thread_visibility_function.exs rename to priv/repo/migrations/20190515222404_add_thread_visibility_function.exs index 11aa47e83..a3f717b89 100644 --- a/priv/repo/migrations/20190324222404_add_thread_visibility_function.exs +++ b/priv/repo/migrations/20190515222404_add_thread_visibility_function.exs @@ -21,8 +21,9 @@ def up do LOOP --- Ensure that we have an activity before continuing. + --- If we don't, the thread is not satisfiable. IF activity IS NULL THEN - RETURN true; + RETURN false; END IF; --- We only care about Create activities. From f09c3afdf51eea17103d1445b31b7a269c474538 Mon Sep 17 00:00:00 2001 From: William Pitcock Date: Wed, 15 May 2019 16:23:01 +0000 Subject: [PATCH 078/170] chase test failures --- lib/pleroma/filter.ex | 3 ++- test/user_test.exs | 2 -- test/web/activity_pub/activity_pub_test.exs | 9 ++++++--- 3 files changed, 8 insertions(+), 6 deletions(-) diff --git a/lib/pleroma/filter.ex b/lib/pleroma/filter.ex index 79efc29f0..90457dadf 100644 --- a/lib/pleroma/filter.ex +++ b/lib/pleroma/filter.ex @@ -38,7 +38,8 @@ def get_filters(%User{id: user_id} = _user) do query = from( f in Pleroma.Filter, - where: f.user_id == ^user_id + where: f.user_id == ^user_id, + order_by: [desc: :id] ) Repo.all(query) diff --git a/test/user_test.exs b/test/user_test.exs index 0b65e89e9..bb47b4958 100644 --- a/test/user_test.exs +++ b/test/user_test.exs @@ -873,7 +873,6 @@ test "hide a user's statuses from timelines and notifications" do assert [activity] == ActivityPub.fetch_activities([user2.ap_id | user2.following], %{"user" => user2}) - |> ActivityPub.contain_timeline(user2) {:ok, _user} = User.deactivate(user) @@ -882,7 +881,6 @@ test "hide a user's statuses from timelines and notifications" do assert [] == ActivityPub.fetch_activities([user2.ap_id | user2.following], %{"user" => user2}) - |> ActivityPub.contain_timeline(user2) end end diff --git a/test/web/activity_pub/activity_pub_test.exs b/test/web/activity_pub/activity_pub_test.exs index b41f6ab81..34e23b852 100644 --- a/test/web/activity_pub/activity_pub_test.exs +++ b/test/web/activity_pub/activity_pub_test.exs @@ -960,18 +960,21 @@ test "it filters broken threads" do "in_reply_to_status_id" => private_activity_2.id }) - activities = ActivityPub.fetch_activities([user1.ap_id | user1.following]) + activities = + ActivityPub.fetch_activities([user1.ap_id | user1.following]) + |> Enum.map(fn a -> a.id end) private_activity_1 = Activity.get_by_ap_id_with_object(private_activity_1.data["id"]) - assert [public_activity, private_activity_1, private_activity_3] == activities + assert [public_activity.id, private_activity_1.id, private_activity_3.id] == activities assert length(activities) == 3 activities = ActivityPub.fetch_activities([user1.ap_id | user1.following], %{"user" => user1}) + |> Enum.map(fn a -> a.id end) - assert [public_activity, private_activity_1] == activities + assert [public_activity.id, private_activity_1.id] == activities assert length(activities) == 2 end end From 71fa7eeb6fdc7cf2087a32fb515ad11b7bf90c01 Mon Sep 17 00:00:00 2001 From: William Pitcock Date: Wed, 15 May 2019 16:54:14 +0000 Subject: [PATCH 079/170] thread visibility function: significantly improve efficiency --- ...5222404_add_thread_visibility_function.exs | 27 +++++++------------ 1 file changed, 9 insertions(+), 18 deletions(-) diff --git a/priv/repo/migrations/20190515222404_add_thread_visibility_function.exs b/priv/repo/migrations/20190515222404_add_thread_visibility_function.exs index a3f717b89..a4daf680b 100644 --- a/priv/repo/migrations/20190515222404_add_thread_visibility_function.exs +++ b/priv/repo/migrations/20190515222404_add_thread_visibility_function.exs @@ -10,8 +10,8 @@ def up do child objects%ROWTYPE; activity activities%ROWTYPE; actor_user users%ROWTYPE; - author users%ROWTYPE; author_fa varchar; + valid_recipients varchar[]; BEGIN --- Fetch our actor. SELECT * INTO actor_user FROM users WHERE users.ap_id = actor; @@ -36,26 +36,17 @@ def up do INNER JOIN activities ON COALESCE(activities.data->'object'->>'id', activities.data->>'object') = objects.data->>'id' WHERE COALESCE(activity.data->'object'->>'id', activity.data->>'object') = objects.data->>'id'; - --- Fetch the author. - SELECT * INTO author FROM users WHERE users.ap_id = activity.actor; + --- Fetch the author's AS2 following collection. + SELECT COALESCE(author.follower_address, '') INTO author_fa FROM users WHERE users.ap_id = activity.actor; - --- Prepare author's AS2 followers collection. - SELECT COALESCE(author.follower_address, '') INTO author_fa; + --- Prepare valid recipients array. + valid_recipients := ARRAY[actor, public]; + IF ARRAY[author_fa] && actor_user.following THEN + valid_recipients := valid_recipients || author_fa; + END IF; --- Check visibility. - IF activity.actor = actor THEN - --- activity visible - NULL; - ELSIF ARRAY[public] && activity.recipients THEN - --- activity visible - NULL; - ELSIF ARRAY[author_fa] && activity.recipients AND ARRAY[author_fa] && actor_user.following THEN - --- activity visible - NULL; - ELSIF ARRAY[actor] && activity.recipients THEN - --- activity visible - NULL; - ELSE + IF NOT valid_recipients && activity.recipients THEN --- activity not visible, break out of the loop RETURN false; END IF; From a591ab6112abdf162f4d6fdfbbcdd85bbaf75058 Mon Sep 17 00:00:00 2001 From: William Pitcock Date: Wed, 15 May 2019 16:56:46 +0000 Subject: [PATCH 080/170] activity pub: remove Ecto SQL query dumps --- lib/pleroma/web/activity_pub/activity_pub.ex | 6 ------ 1 file changed, 6 deletions(-) diff --git a/lib/pleroma/web/activity_pub/activity_pub.ex b/lib/pleroma/web/activity_pub/activity_pub.ex index e544d0c50..7cd5b889b 100644 --- a/lib/pleroma/web/activity_pub/activity_pub.ex +++ b/lib/pleroma/web/activity_pub/activity_pub.ex @@ -540,8 +540,6 @@ defp restrict_visibility(query, %{visibility: visibility}) ) ) - Ecto.Adapters.SQL.to_sql(:all, Repo, query) - query else Logger.error("Could not restrict visibility to #{visibility}") @@ -557,8 +555,6 @@ defp restrict_visibility(query, %{visibility: visibility}) fragment("activity_visibility(?, ?, ?) = ?", a.actor, a.recipients, a.data, ^visibility) ) - Ecto.Adapters.SQL.to_sql(:all, Repo, query) - query end @@ -576,8 +572,6 @@ defp restrict_thread_visibility(query, %{"user" => %User{ap_id: ap_id}}) do where: fragment("thread_visibility(?, (?)->>'id') = true", ^ap_id, a.data) ) - Ecto.Adapters.SQL.to_sql(:all, Repo, query) - query end From f3971cbde3d69faec973717e1421f4a643ef947e Mon Sep 17 00:00:00 2001 From: William Pitcock Date: Wed, 15 May 2019 17:02:40 +0000 Subject: [PATCH 081/170] thread visibility function: fix use of no longer used author variable --- .../20190515222404_add_thread_visibility_function.exs | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/priv/repo/migrations/20190515222404_add_thread_visibility_function.exs b/priv/repo/migrations/20190515222404_add_thread_visibility_function.exs index a4daf680b..dc9abc998 100644 --- a/priv/repo/migrations/20190515222404_add_thread_visibility_function.exs +++ b/priv/repo/migrations/20190515222404_add_thread_visibility_function.exs @@ -37,7 +37,7 @@ def up do WHERE COALESCE(activity.data->'object'->>'id', activity.data->>'object') = objects.data->>'id'; --- Fetch the author's AS2 following collection. - SELECT COALESCE(author.follower_address, '') INTO author_fa FROM users WHERE users.ap_id = activity.actor; + SELECT COALESCE(users.follower_address, '') INTO author_fa FROM users WHERE users.ap_id = activity.actor; --- Prepare valid recipients array. valid_recipients := ARRAY[actor, public]; From 64495b96e9159b88ef0b4a6486e60b54722664fb Mon Sep 17 00:00:00 2001 From: Aaron Tinio Date: Wed, 15 May 2019 06:13:47 +0800 Subject: [PATCH 082/170] Add test for blocked domains --- test/web/activity_pub/activity_pub_test.exs | 14 ++++++++++++++ 1 file changed, 14 insertions(+) diff --git a/test/web/activity_pub/activity_pub_test.exs b/test/web/activity_pub/activity_pub_test.exs index 0f90aa1ac..442120ffd 100644 --- a/test/web/activity_pub/activity_pub_test.exs +++ b/test/web/activity_pub/activity_pub_test.exs @@ -462,6 +462,20 @@ test "doesn't return announce activities concerning blocked users" do refute Enum.member?(activities, activity_three.id) end + test "doesn't return activities from blocked domains" do + domain = "dogwhistle.zone" + domain_user = insert(:user, %{ap_id: "https://#{domain}/@pundit"}) + note = insert(:note, %{data: %{"actor" => domain_user.ap_id}}) + activity = insert(:note_activity, %{note: note}) + user = insert(:user) + {:ok, user} = User.block_domain(user, domain) + + activities = + ActivityPub.fetch_activities([], %{"blocking_user" => user, "skip_preload" => true}) + + refute activity in activities + end + test "doesn't return muted activities" do activity_one = insert(:note_activity) activity_two = insert(:note_activity) From 2b6119dfbf47f118dfb102fc09f6450e59ccf15e Mon Sep 17 00:00:00 2001 From: Aaron Tinio Date: Wed, 15 May 2019 07:59:24 +0800 Subject: [PATCH 083/170] Restrict reblogs of activities from blocked domains --- lib/pleroma/web/activity_pub/activity_pub.ex | 11 ++++++++++- test/web/activity_pub/activity_pub_test.exs | 9 +++++++++ 2 files changed, 19 insertions(+), 1 deletion(-) diff --git a/lib/pleroma/web/activity_pub/activity_pub.ex b/lib/pleroma/web/activity_pub/activity_pub.ex index 233fee4fa..6087a1cdc 100644 --- a/lib/pleroma/web/activity_pub/activity_pub.ex +++ b/lib/pleroma/web/activity_pub/activity_pub.ex @@ -752,6 +752,14 @@ defp restrict_blocked(query, %{"blocking_user" => %User{info: info}}) do from( activity in query, + inner_join: o in Object, + on: + fragment( + "(?->>'id') = COALESCE(?->'object'->>'id', ?->>'object')", + o.data, + activity.data, + activity.data + ), where: fragment("not (? = ANY(?))", activity.actor, ^blocks), where: fragment("not (? && ?)", activity.recipients, ^blocks), where: @@ -761,7 +769,8 @@ defp restrict_blocked(query, %{"blocking_user" => %User{info: info}}) do activity.data, ^blocks ), - where: fragment("not (split_part(?, '/', 3) = ANY(?))", activity.actor, ^domain_blocks) + where: fragment("not (split_part(?, '/', 3) = ANY(?))", activity.actor, ^domain_blocks), + where: fragment("not (split_part(?->>'actor', '/', 3) = ANY(?))", o.data, ^domain_blocks) ) end diff --git a/test/web/activity_pub/activity_pub_test.exs b/test/web/activity_pub/activity_pub_test.exs index 442120ffd..dfee93f67 100644 --- a/test/web/activity_pub/activity_pub_test.exs +++ b/test/web/activity_pub/activity_pub_test.exs @@ -474,6 +474,15 @@ test "doesn't return activities from blocked domains" do ActivityPub.fetch_activities([], %{"blocking_user" => user, "skip_preload" => true}) refute activity in activities + + followed_user = insert(:user) + ActivityPub.follow(user, followed_user) + {:ok, repeat_activity, _} = CommonAPI.repeat(activity.id, followed_user) + + activities = + ActivityPub.fetch_activities([], %{"blocking_user" => user, "skip_preload" => true}) + + refute repeat_activity in activities end test "doesn't return muted activities" do From 793f1834d2bc37ba3d4ba11fb669078950994adb Mon Sep 17 00:00:00 2001 From: Aaron Tinio Date: Thu, 16 May 2019 06:25:14 +0800 Subject: [PATCH 084/170] Use named binding to conditionally join object --- lib/pleroma/activity.ex | 19 +++++++++++-------- lib/pleroma/web/activity_pub/activity_pub.ex | 13 ++++--------- 2 files changed, 15 insertions(+), 17 deletions(-) diff --git a/lib/pleroma/activity.ex b/lib/pleroma/activity.ex index 4a0919478..3fd4003f8 100644 --- a/lib/pleroma/activity.ex +++ b/lib/pleroma/activity.ex @@ -60,21 +60,24 @@ defmodule Pleroma.Activity do timestamps() end - def with_preloaded_object(query) do - query - |> join( - :inner, - [activity], - o in Object, + def with_joined_object(query) do + join(query, :inner, [activity], o in Object, on: fragment( "(?->>'id') = COALESCE(?->'object'->>'id', ?->>'object')", o.data, activity.data, activity.data - ) + ), + as: :object ) - |> preload([activity, object], object: object) + end + + def with_preloaded_object(query) do + query + |> has_named_binding?(:object) + |> if(do: query, else: with_joined_object(query)) + |> preload([activity, object: object], object: object) end def with_preloaded_bookmark(query, %User{} = user) do diff --git a/lib/pleroma/web/activity_pub/activity_pub.ex b/lib/pleroma/web/activity_pub/activity_pub.ex index 6087a1cdc..2fd073d3a 100644 --- a/lib/pleroma/web/activity_pub/activity_pub.ex +++ b/lib/pleroma/web/activity_pub/activity_pub.ex @@ -750,16 +750,11 @@ defp restrict_blocked(query, %{"blocking_user" => %User{info: info}}) do blocks = info.blocks || [] domain_blocks = info.domain_blocks || [] + query = + if has_named_binding?(query, :object), do: query, else: Activity.with_joined_object(query) + from( - activity in query, - inner_join: o in Object, - on: - fragment( - "(?->>'id') = COALESCE(?->'object'->>'id', ?->>'object')", - o.data, - activity.data, - activity.data - ), + [activity, object: o] in query, where: fragment("not (? = ANY(?))", activity.actor, ^blocks), where: fragment("not (? && ?)", activity.recipients, ^blocks), where: From 0ae15c23061413cb2b67d2be462742dccae01fb4 Mon Sep 17 00:00:00 2001 From: PolymerWitch Date: Wed, 15 May 2019 15:36:20 -0700 Subject: [PATCH 085/170] Added package to dependency list Added the erlang-ssh package to the dependency list and the installation command instructions. The project wouldn't build otherwise. --- docs/installation/debian_based_en.md | 3 ++- docs/installation/debian_based_jp.md | 3 ++- 2 files changed, 4 insertions(+), 2 deletions(-) diff --git a/docs/installation/debian_based_en.md b/docs/installation/debian_based_en.md index 9613a329b..9c0ef92d4 100644 --- a/docs/installation/debian_based_en.md +++ b/docs/installation/debian_based_en.md @@ -12,6 +12,7 @@ This guide will assume you are on Debian Stretch. This guide should also work wi * `erlang-tools` * `erlang-parsetools` * `erlang-eldap`, if you want to enable ldap authenticator +* `erlang-ssh` * `erlang-xmerl` * `git` * `build-essential` @@ -49,7 +50,7 @@ sudo dpkg -i /tmp/erlang-solutions_1.0_all.deb ```shell sudo apt update -sudo apt install elixir erlang-dev erlang-parsetools erlang-xmerl erlang-tools +sudo apt install elixir erlang-dev erlang-parsetools erlang-xmerl erlang-tools erlang-ssh ``` ### Install PleromaBE diff --git a/docs/installation/debian_based_jp.md b/docs/installation/debian_based_jp.md index ac5dcaaee..41cce6792 100644 --- a/docs/installation/debian_based_jp.md +++ b/docs/installation/debian_based_jp.md @@ -14,6 +14,7 @@ - erlang-dev - erlang-tools - erlang-parsetools +- erlang-ssh - erlang-xmerl (Jessieではバックポートからインストールすること!) - git - build-essential @@ -44,7 +45,7 @@ wget -P /tmp/ https://packages.erlang-solutions.com/erlang-solutions_1.0_all.deb * ElixirとErlangをインストールします、 ``` -apt update && apt install elixir erlang-dev erlang-parsetools erlang-xmerl erlang-tools +apt update && apt install elixir erlang-dev erlang-parsetools erlang-xmerl erlang-tools erlang-ssh ``` ### Pleroma BE (バックエンド) をインストールします From 1d2923e5d0893b39f41ded77d24652029f6f12ec Mon Sep 17 00:00:00 2001 From: Angelina Filippova Date: Thu, 16 May 2019 01:36:26 +0300 Subject: [PATCH 086/170] Update tag/untag docs --- docs/api/admin_api.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/docs/api/admin_api.md b/docs/api/admin_api.md index 75fa2ee83..8f79d7f24 100644 --- a/docs/api/admin_api.md +++ b/docs/api/admin_api.md @@ -106,14 +106,14 @@ Authentication is required and the user must be an admin. - Method: `PUT` - Params: - - `nickname` + - `nicknames` - `tags` ### Untag a list of users - Method: `DELETE` - Params: - - `nickname` + - `nicknames` - `tags` ## `/api/pleroma/admin/users/:nickname/permission_group` From 0641e685c166859fe2d5994bfcd069e0a8e62acf Mon Sep 17 00:00:00 2001 From: Angelina Filippova Date: Thu, 16 May 2019 01:46:43 +0300 Subject: [PATCH 087/170] Note that nicknames is an array --- docs/api/admin_api.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/docs/api/admin_api.md b/docs/api/admin_api.md index 8f79d7f24..94fce9c6f 100644 --- a/docs/api/admin_api.md +++ b/docs/api/admin_api.md @@ -106,14 +106,14 @@ Authentication is required and the user must be an admin. - Method: `PUT` - Params: - - `nicknames` + - `nicknames` (array) - `tags` ### Untag a list of users - Method: `DELETE` - Params: - - `nicknames` + - `nicknames` (array) - `tags` ## `/api/pleroma/admin/users/:nickname/permission_group` From 107c83ab2b186c951dc27140908d414a202119d8 Mon Sep 17 00:00:00 2001 From: Angelina Filippova Date: Thu, 16 May 2019 01:48:53 +0300 Subject: [PATCH 088/170] Note that nicknames is an array --- docs/api/admin_api.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/docs/api/admin_api.md b/docs/api/admin_api.md index 94fce9c6f..59578f8d1 100644 --- a/docs/api/admin_api.md +++ b/docs/api/admin_api.md @@ -107,14 +107,14 @@ Authentication is required and the user must be an admin. - Method: `PUT` - Params: - `nicknames` (array) - - `tags` + - `tags` (array) ### Untag a list of users - Method: `DELETE` - Params: - `nicknames` (array) - - `tags` + - `tags` (array) ## `/api/pleroma/admin/users/:nickname/permission_group` From c31026423c8c73ab33dc0d38b9d187a0d2b68309 Mon Sep 17 00:00:00 2001 From: William Pitcock Date: Thu, 16 May 2019 04:41:27 +0000 Subject: [PATCH 089/170] publisher: use the correct queue name for outgoing federation --- lib/pleroma/web/federator/publisher.ex | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lib/pleroma/web/federator/publisher.ex b/lib/pleroma/web/federator/publisher.ex index 916bcdcba..fb4e8548d 100644 --- a/lib/pleroma/web/federator/publisher.ex +++ b/lib/pleroma/web/federator/publisher.ex @@ -31,7 +31,7 @@ defmodule Pleroma.Web.Federator.Publisher do """ @spec enqueue_one(module(), Map.t()) :: :ok def enqueue_one(module, %{} = params), - do: PleromaJobQueue.enqueue(:federation_outgoing, __MODULE__, [:publish_one, module, params]) + do: PleromaJobQueue.enqueue(:federator_outgoing, __MODULE__, [:publish_one, module, params]) @spec perform(atom(), module(), any()) :: {:ok, any()} | {:error, any()} def perform(:publish_one, module, params) do From aa11fa4864bf6ebdd4acfdba837675abbdcffc83 Mon Sep 17 00:00:00 2001 From: Alex S Date: Thu, 16 May 2019 12:49:40 +0700 Subject: [PATCH 090/170] add report uri and report to --- CHANGELOG.md | 3 +- config/test.exs | 2 + docs/config.md | 3 +- lib/pleroma/plugs/http_security_plug.ex | 31 ++++-- test/plugs/http_security_plug_test.exs | 133 ++++++++++++++---------- 5 files changed, 107 insertions(+), 65 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index b0e849285..ea1f29304 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -17,6 +17,7 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/). - Configuration: `fetch_initial_posts` option - Configuration: `notify_email` option - Configuration: Media proxy `whitelist` option +- Configuration: `report_uri` option - Pleroma API: User subscriptions - Pleroma API: Healthcheck endpoint - Admin API: Endpoints for listing/revoking invite tokens @@ -98,7 +99,7 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/). - Mastodon API: Make `irreversible` field default to `false` [`POST /api/v1/filters`] ## Removed -- Configuration: `config :pleroma, :fe` in favor of the more flexible `config :pleroma, :frontend_configurations` +- Configuration: `config :pleroma, :fe` in favor of the more flexible `config :pleroma, :frontend_configurations` ## [0.9.9999] - 2019-04-05 ### Security diff --git a/config/test.exs b/config/test.exs index a0c90c371..40db66170 100644 --- a/config/test.exs +++ b/config/test.exs @@ -61,6 +61,8 @@ config :pleroma, :app_account_creation, max_requests: 5 +config :pleroma, :http_security, report_uri: "https://endpoint.com" + try do import_config "test.secret.exs" rescue diff --git a/docs/config.md b/docs/config.md index 470f71b7c..c2af5c012 100644 --- a/docs/config.md +++ b/docs/config.md @@ -286,7 +286,8 @@ This will make Pleroma listen on `127.0.0.1` port `8080` and generate urls start * ``sts``: Whether to additionally send a `Strict-Transport-Security` header * ``sts_max_age``: The maximum age for the `Strict-Transport-Security` header if sent * ``ct_max_age``: The maximum age for the `Expect-CT` header if sent -* ``referrer_policy``: The referrer policy to use, either `"same-origin"` or `"no-referrer"`. +* ``referrer_policy``: The referrer policy to use, either `"same-origin"` or `"no-referrer"` +* ``report_uri``: Adds the specified url to `report-uri` and `report-to` group in CSP header. ## :mrf_user_allowlist diff --git a/lib/pleroma/plugs/http_security_plug.ex b/lib/pleroma/plugs/http_security_plug.ex index a476f1d49..485ddfbc7 100644 --- a/lib/pleroma/plugs/http_security_plug.ex +++ b/lib/pleroma/plugs/http_security_plug.ex @@ -20,8 +20,9 @@ def call(conn, _options) do defp headers do referrer_policy = Config.get([:http_security, :referrer_policy]) + report_uri = Config.get([:http_security, :report_uri]) - [ + headers = [ {"x-xss-protection", "1; mode=block"}, {"x-permitted-cross-domain-policies", "none"}, {"x-frame-options", "DENY"}, @@ -30,12 +31,27 @@ defp headers do {"x-download-options", "noopen"}, {"content-security-policy", csp_string() <> ";"} ] + + if report_uri do + report_group = %{ + "group" => "csp-endpoint", + "max-age" => 10_886_400, + "endpoints" => [ + %{"url" => report_uri} + ] + } + + headers ++ [{"reply-to", Jason.encode!(report_group)}] + else + headers + end end defp csp_string do scheme = Config.get([Pleroma.Web.Endpoint, :url])[:scheme] static_url = Pleroma.Web.Endpoint.static_url() websocket_url = Pleroma.Web.Endpoint.websocket_url() + report_uri = Config.get([:http_security, :report_uri]) connect_src = "connect-src 'self' #{static_url} #{websocket_url}" @@ -53,7 +69,7 @@ defp csp_string do "script-src 'self'" end - [ + main_part = [ "default-src 'none'", "base-uri 'self'", "frame-ancestors 'none'", @@ -63,11 +79,14 @@ defp csp_string do "font-src 'self'", "manifest-src 'self'", connect_src, - script_src, - if scheme == "https" do - "upgrade-insecure-requests" - end + script_src ] + + report = if report_uri, do: ["report-uri #{report_uri}; report-to csp-endpoint"], else: [] + + insecure = if scheme == "https", do: ["upgrade-insecure-requests"], else: [] + + (main_part ++ report ++ insecure) |> Enum.join("; ") end diff --git a/test/plugs/http_security_plug_test.exs b/test/plugs/http_security_plug_test.exs index 0cbb7e4b1..7dfd50c1f 100644 --- a/test/plugs/http_security_plug_test.exs +++ b/test/plugs/http_security_plug_test.exs @@ -7,28 +7,89 @@ defmodule Pleroma.Web.Plugs.HTTPSecurityPlugTest do alias Pleroma.Config alias Plug.Conn - test "it sends CSP headers when enabled", %{conn: conn} do - Config.put([:http_security, :enabled], true) + describe "http security enabled" do + setup do + enabled = Config.get([:http_securiy, :enabled]) - conn = - conn - |> get("/api/v1/instance") + Config.put([:http_security, :enabled], true) - refute Conn.get_resp_header(conn, "x-xss-protection") == [] - refute Conn.get_resp_header(conn, "x-permitted-cross-domain-policies") == [] - refute Conn.get_resp_header(conn, "x-frame-options") == [] - refute Conn.get_resp_header(conn, "x-content-type-options") == [] - refute Conn.get_resp_header(conn, "x-download-options") == [] - refute Conn.get_resp_header(conn, "referrer-policy") == [] - refute Conn.get_resp_header(conn, "content-security-policy") == [] + on_exit(fn -> + Config.put([:http_security, :enabled], enabled) + end) + + :ok + end + + test "it sends CSP headers when enabled", %{conn: conn} do + conn = get(conn, "/api/v1/instance") + + refute Conn.get_resp_header(conn, "x-xss-protection") == [] + refute Conn.get_resp_header(conn, "x-permitted-cross-domain-policies") == [] + refute Conn.get_resp_header(conn, "x-frame-options") == [] + refute Conn.get_resp_header(conn, "x-content-type-options") == [] + refute Conn.get_resp_header(conn, "x-download-options") == [] + refute Conn.get_resp_header(conn, "referrer-policy") == [] + refute Conn.get_resp_header(conn, "content-security-policy") == [] + end + + test "it sends STS headers when enabled", %{conn: conn} do + Config.put([:http_security, :sts], true) + + conn = get(conn, "/api/v1/instance") + + refute Conn.get_resp_header(conn, "strict-transport-security") == [] + refute Conn.get_resp_header(conn, "expect-ct") == [] + end + + test "it does not send STS headers when disabled", %{conn: conn} do + Config.put([:http_security, :sts], false) + + conn = get(conn, "/api/v1/instance") + + assert Conn.get_resp_header(conn, "strict-transport-security") == [] + assert Conn.get_resp_header(conn, "expect-ct") == [] + end + + test "referrer-policy header reflects configured value", %{conn: conn} do + conn = get(conn, "/api/v1/instance") + + assert Conn.get_resp_header(conn, "referrer-policy") == ["same-origin"] + + Config.put([:http_security, :referrer_policy], "no-referrer") + + conn = + build_conn() + |> get("/api/v1/instance") + + assert Conn.get_resp_header(conn, "referrer-policy") == ["no-referrer"] + end + + test "it sends `report-to` & `report-uri` CSP response headers" do + conn = + build_conn() + |> get("/api/v1/instance") + + [csp] = Conn.get_resp_header(conn, "content-security-policy") + + assert csp =~ ~r|report-uri https://endpoint.com; report-to csp-endpoint;| + + [reply_to] = Conn.get_resp_header(conn, "reply-to") + + assert reply_to == + "{\"endpoints\":[{\"url\":\"https://endpoint.com\"}],\"group\":\"csp-endpoint\",\"max-age\":10886400}" + end end test "it does not send CSP headers when disabled", %{conn: conn} do + enabled = Config.get([:http_securiy, :enabled]) + Config.put([:http_security, :enabled], false) - conn = - conn - |> get("/api/v1/instance") + on_exit(fn -> + Config.put([:http_security, :enabled], enabled) + end) + + conn = get(conn, "/api/v1/instance") assert Conn.get_resp_header(conn, "x-xss-protection") == [] assert Conn.get_resp_header(conn, "x-permitted-cross-domain-policies") == [] @@ -38,46 +99,4 @@ test "it does not send CSP headers when disabled", %{conn: conn} do assert Conn.get_resp_header(conn, "referrer-policy") == [] assert Conn.get_resp_header(conn, "content-security-policy") == [] end - - test "it sends STS headers when enabled", %{conn: conn} do - Config.put([:http_security, :enabled], true) - Config.put([:http_security, :sts], true) - - conn = - conn - |> get("/api/v1/instance") - - refute Conn.get_resp_header(conn, "strict-transport-security") == [] - refute Conn.get_resp_header(conn, "expect-ct") == [] - end - - test "it does not send STS headers when disabled", %{conn: conn} do - Config.put([:http_security, :enabled], true) - Config.put([:http_security, :sts], false) - - conn = - conn - |> get("/api/v1/instance") - - assert Conn.get_resp_header(conn, "strict-transport-security") == [] - assert Conn.get_resp_header(conn, "expect-ct") == [] - end - - test "referrer-policy header reflects configured value", %{conn: conn} do - Config.put([:http_security, :enabled], true) - - conn = - conn - |> get("/api/v1/instance") - - assert Conn.get_resp_header(conn, "referrer-policy") == ["same-origin"] - - Config.put([:http_security, :referrer_policy], "no-referrer") - - conn = - build_conn() - |> get("/api/v1/instance") - - assert Conn.get_resp_header(conn, "referrer-policy") == ["no-referrer"] - end end From 8355d0607e986f5a2cc5addfb2bcb35f799f10cb Mon Sep 17 00:00:00 2001 From: Alex S Date: Thu, 16 May 2019 17:03:12 +0700 Subject: [PATCH 091/170] trailing spaces --- docs/introduction.md | 36 ++++++++++++++++++------------------ 1 file changed, 18 insertions(+), 18 deletions(-) diff --git a/docs/introduction.md b/docs/introduction.md index 4af0747fe..045dc7c05 100644 --- a/docs/introduction.md +++ b/docs/introduction.md @@ -1,30 +1,30 @@ # Introduction to Pleroma ## What is Pleroma? -Pleroma is a federated social networking platform, compatible with GNU social, Mastodon and other OStatus and ActivityPub implementations. It is free software licensed under the AGPLv3. -It actually consists of two components: a backend, named simply Pleroma, and a user-facing frontend, named Pleroma-FE. It also includes the Mastodon frontend, if that's your thing. -It's part of what we call the fediverse, a federated network of instances which speak common protocols and can communicate with each other. +Pleroma is a federated social networking platform, compatible with GNU social, Mastodon and other OStatus and ActivityPub implementations. It is free software licensed under the AGPLv3. +It actually consists of two components: a backend, named simply Pleroma, and a user-facing frontend, named Pleroma-FE. It also includes the Mastodon frontend, if that's your thing. +It's part of what we call the fediverse, a federated network of instances which speak common protocols and can communicate with each other. One account on a instance is enough to talk to the entire fediverse! - + ## How can I use it? -Pleroma instances are already widely deployed, a list can be found here: +Pleroma instances are already widely deployed, a list can be found here: http://distsn.org/pleroma-instances.html -If you don't feel like joining an existing instance, but instead prefer to deploy your own instance, that's easy too! -Installation instructions can be found here: +If you don't feel like joining an existing instance, but instead prefer to deploy your own instance, that's easy too! +Installation instructions can be found here: [main Pleroma wiki](/) - + ## I got an account, now what? -Great! Now you can explore the fediverse! -- Open the login page for your Pleroma instance (for ex. https://pleroma.soykaf.com) and login with your username and password. -(If you don't have one yet, click on Register) :slightly_smiling_face: +Great! Now you can explore the fediverse! +- Open the login page for your Pleroma instance (for ex. https://pleroma.soykaf.com) and login with your username and password. +(If you don't have one yet, click on Register) :slightly_smiling_face: At this point you will have two columns in front of you. ### Left column -- first block: here you can see your avatar, your nickname a bio, and statistics (Statuses, Following, Followers). -Under that you have a text form which allows you to post new statuses. The icon on the left is for uploading media files and attach them to your post. The number under the text form is a character counter, every instance can have a different character limit (the default is 5000). -If you want to mention someone, type @ + name of the person. A drop-down menu will help you in finding the right person. :slight_smile: +- first block: here you can see your avatar, your nickname a bio, and statistics (Statuses, Following, Followers). +Under that you have a text form which allows you to post new statuses. The icon on the left is for uploading media files and attach them to your post. The number under the text form is a character counter, every instance can have a different character limit (the default is 5000). +If you want to mention someone, type @ + name of the person. A drop-down menu will help you in finding the right person. :slight_smile: To post your status, simply press Submit. - second block: Here you can switch between the different timelines: @@ -38,7 +38,7 @@ To post your status, simply press Submit. - fourth block: This is the Notifications block, here you will get notified whenever somebody mentions you, follows you, repeats or favorites one of your statuses. ### Right column -This is where the interesting stuff happens! :slight_smile: +This is where the interesting stuff happens! :slight_smile: Depending on the timeline you will see different statuses, but each status has a standard structure: - Icon + name + link to profile. An optional left-arrow if it's a reply to another status (hovering will reveal the replied-to status). - A + button on the right allows you to Expand/Collapse an entire discussion thread. It also updates in realtime! @@ -47,9 +47,9 @@ Depending on the timeline you will see different statuses, but each status has a - Four buttons (left to right): Reply, Repeat, Favorite, Delete. ## Mastodon interface -If the Pleroma interface isn't your thing, or you're just trying something new but you want to keep using the familiar Mastodon interface, we got that too! :smile: -Just add a "/web" after your instance url (for ex. https://pleroma.soycaf.com/web) and you'll end on the Mastodon web interface, but with a Pleroma backend! MAGIC! :fireworks: -For more information on the Mastodon interface, please look here: +If the Pleroma interface isn't your thing, or you're just trying something new but you want to keep using the familiar Mastodon interface, we got that too! :smile: +Just add a "/web" after your instance url (for ex. https://pleroma.soycaf.com/web) and you'll end on the Mastodon web interface, but with a Pleroma backend! MAGIC! :fireworks: +For more information on the Mastodon interface, please look here: https://github.com/tootsuite/documentation/blob/master/Using-Mastodon/User-guide.md Remember, what you see is only the frontend part of Mastodon, the backend is still Pleroma. From 4711d8151c8cb7ce2024f378e17b3a113a3aac1c Mon Sep 17 00:00:00 2001 From: Alex S Date: Thu, 16 May 2019 17:35:07 +0700 Subject: [PATCH 092/170] try this --- test/web/common_api/common_api_test.exs | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/test/web/common_api/common_api_test.exs b/test/web/common_api/common_api_test.exs index 8d4f401ee..b0c441a37 100644 --- a/test/web/common_api/common_api_test.exs +++ b/test/web/common_api/common_api_test.exs @@ -279,14 +279,14 @@ test "creates a report" do test "add a reblog mute", %{muter: muter, muted: muted} do {:ok, muter} = CommonAPI.hide_reblogs(muter, muted) - assert Pleroma.User.showing_reblogs?(muter, muted) == false + assert User.showing_reblogs?(muter, muted) == false end test "remove a reblog mute", %{muter: muter, muted: muted} do {:ok, muter} = CommonAPI.hide_reblogs(muter, muted) {:ok, muter} = CommonAPI.show_reblogs(muter, muted) - assert Pleroma.User.showing_reblogs?(muter, muted) == true + assert User.showing_reblogs?(muter, muted) == true end end end From 73ae58fdfaf0b9dc9630929b0b84ae3b6083684a Mon Sep 17 00:00:00 2001 From: Alexander Strizhakov Date: Thu, 16 May 2019 13:23:41 +0000 Subject: [PATCH 093/170] Feature/896 toggling confirmation --- CHANGELOG.md | 3 ++- lib/mix/tasks/pleroma/user.ex | 19 +++++++++++++++++++ lib/pleroma/user.ex | 13 +++++++++++++ lib/pleroma/user/info.ex | 2 +- test/tasks/user_test.exs | 27 +++++++++++++++++++++++++++ test/user_test.exs | 18 ++++++++++++++++++ 6 files changed, 80 insertions(+), 2 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index b0e849285..b3d8e1e0c 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -11,6 +11,7 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/). - [Prometheus](https://prometheus.io/) metrics - Support for Mastodon's remote interaction - Mix Tasks: `mix pleroma.database remove_embedded_objects` +- Mix Tasks: `mix pleroma.user toggle_confirmed` - Federation: Support for reports - Configuration: `safe_dm_mentions` option - Configuration: `link_name` option @@ -98,7 +99,7 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/). - Mastodon API: Make `irreversible` field default to `false` [`POST /api/v1/filters`] ## Removed -- Configuration: `config :pleroma, :fe` in favor of the more flexible `config :pleroma, :frontend_configurations` +- Configuration: `config :pleroma, :fe` in favor of the more flexible `config :pleroma, :frontend_configurations` ## [0.9.9999] - 2019-04-05 ### Security diff --git a/lib/mix/tasks/pleroma/user.ex b/lib/mix/tasks/pleroma/user.ex index d130ff8c9..25fc40ea7 100644 --- a/lib/mix/tasks/pleroma/user.ex +++ b/lib/mix/tasks/pleroma/user.ex @@ -77,6 +77,10 @@ defmodule Mix.Tasks.Pleroma.User do ## Delete tags from a user. mix pleroma.user untag NICKNAME TAGS + + ## Toggle confirmation of the user's account. + + mix pleroma.user toggle_confirmed NICKNAME """ def run(["new", nickname, email | rest]) do {options, [], []} = @@ -388,6 +392,21 @@ def run(["delete_activities", nickname]) do end end + def run(["toggle_confirmed", nickname]) do + Common.start_pleroma() + + with %User{} = user <- User.get_cached_by_nickname(nickname) do + {:ok, user} = User.toggle_confirmation(user) + + message = if user.info.confirmation_pending, do: "needs", else: "doesn't need" + + Mix.shell().info("#{nickname} #{message} confirmation.") + else + _ -> + Mix.shell().error("No local user #{nickname}") + end + end + defp set_moderator(user, value) do info_cng = User.Info.admin_api_update(user.info, %{is_moderator: value}) diff --git a/lib/pleroma/user.ex b/lib/pleroma/user.ex index c6a562a61..1aa966dfc 100644 --- a/lib/pleroma/user.ex +++ b/lib/pleroma/user.ex @@ -1378,4 +1378,17 @@ def all_superusers do def showing_reblogs?(%User{} = user, %User{} = target) do target.ap_id not in user.info.muted_reblogs end + + @spec toggle_confirmation(User.t()) :: {:ok, User.t()} | {:error, Changeset.t()} + def toggle_confirmation(%User{} = user) do + need_confirmation? = !user.info.confirmation_pending + + info_changeset = + User.Info.confirmation_changeset(user.info, need_confirmation: need_confirmation?) + + user + |> change() + |> put_embed(:info, info_changeset) + |> update_and_set_cache() + end end diff --git a/lib/pleroma/user/info.ex b/lib/pleroma/user/info.ex index 5a50ee639..5f0cefc00 100644 --- a/lib/pleroma/user/info.ex +++ b/lib/pleroma/user/info.ex @@ -212,7 +212,7 @@ def profile_update(info, params) do ]) end - @spec confirmation_changeset(Info.t(), keyword()) :: Ecto.Changerset.t() + @spec confirmation_changeset(Info.t(), keyword()) :: Changeset.t() def confirmation_changeset(info, opts) do need_confirmation? = Keyword.get(opts, :need_confirmation) diff --git a/test/tasks/user_test.exs b/test/tasks/user_test.exs index eaf4ecf84..1f97740be 100644 --- a/test/tasks/user_test.exs +++ b/test/tasks/user_test.exs @@ -338,4 +338,31 @@ test "activities are deleted" do assert message == "User #{nickname} statuses deleted." end end + + describe "running toggle_confirmed" do + test "user is confirmed" do + %{id: id, nickname: nickname} = insert(:user, info: %{confirmation_pending: false}) + + assert :ok = Mix.Tasks.Pleroma.User.run(["toggle_confirmed", nickname]) + assert_received {:mix_shell, :info, [message]} + assert message == "#{nickname} needs confirmation." + + user = Repo.get(User, id) + assert user.info.confirmation_pending + assert user.info.confirmation_token + end + + test "user is not confirmed" do + %{id: id, nickname: nickname} = + insert(:user, info: %{confirmation_pending: true, confirmation_token: "some token"}) + + assert :ok = Mix.Tasks.Pleroma.User.run(["toggle_confirmed", nickname]) + assert_received {:mix_shell, :info, [message]} + assert message == "#{nickname} doesn't need confirmation." + + user = Repo.get(User, id) + refute user.info.confirmation_pending + refute user.info.confirmation_token + end + end end diff --git a/test/user_test.exs b/test/user_test.exs index 0b65e89e9..f256396c0 100644 --- a/test/user_test.exs +++ b/test/user_test.exs @@ -1204,4 +1204,22 @@ test "follower count is updated when a follower is blocked" do assert Map.get(user_show, "followers_count") == 2 end + + describe "toggle_confirmation/1" do + test "if user is confirmed" do + user = insert(:user, info: %{confirmation_pending: false}) + {:ok, user} = User.toggle_confirmation(user) + + assert user.info.confirmation_pending + assert user.info.confirmation_token + end + + test "if user is unconfirmed" do + user = insert(:user, info: %{confirmation_pending: true, confirmation_token: "some token"}) + {:ok, user} = User.toggle_confirmation(user) + + refute user.info.confirmation_pending + refute user.info.confirmation_token + end + end end From efa61c161085fd24f7e85ccf7f32ef823e335d7b Mon Sep 17 00:00:00 2001 From: Mark Felder Date: Thu, 16 May 2019 13:14:48 -0500 Subject: [PATCH 094/170] Move to pleroma.database mix task --- lib/mix/tasks/pleroma/conversations.ex | 23 ----------------------- lib/mix/tasks/pleroma/database.ex | 11 +++++++++++ 2 files changed, 11 insertions(+), 23 deletions(-) delete mode 100644 lib/mix/tasks/pleroma/conversations.ex diff --git a/lib/mix/tasks/pleroma/conversations.ex b/lib/mix/tasks/pleroma/conversations.ex deleted file mode 100644 index b52b9921a..000000000 --- a/lib/mix/tasks/pleroma/conversations.ex +++ /dev/null @@ -1,23 +0,0 @@ -# Pleroma: A lightweight social networking server -# Copyright © 2017-2018 Pleroma Authors -# SPDX-License-Identifier: AGPL-3.0-only - -defmodule Mix.Tasks.Pleroma.Conversations do - use Mix.Task - alias Mix.Tasks.Pleroma.Common - alias Pleroma.Conversation - - @shortdoc "Manages Pleroma conversations." - @moduledoc """ - Manages Pleroma conversations. - - ## Create a conversation for all existing DMs. Can be safely re-run. - - mix pleroma.conversations bump_all - - """ - def run(["bump_all"]) do - Common.start_pleroma() - Conversation.bump_for_all_activities() - end -end diff --git a/lib/mix/tasks/pleroma/database.ex b/lib/mix/tasks/pleroma/database.ex index ab9a3a7ff..42753a1a4 100644 --- a/lib/mix/tasks/pleroma/database.ex +++ b/lib/mix/tasks/pleroma/database.ex @@ -4,6 +4,7 @@ defmodule Mix.Tasks.Pleroma.Database do alias Mix.Tasks.Pleroma.Common + alias Pleroma.Conversation require Logger use Mix.Task @@ -19,6 +20,11 @@ defmodule Mix.Tasks.Pleroma.Database do Options: - `--vacuum` - run `VACUUM FULL` after the embedded objects are replaced with their references + + ## Create a conversation for all existing DMs. Can be safely re-run. + + mix pleroma.database bump_all_conversations + """ def run(["remove_embedded_objects" | args]) do {options, [], []} = @@ -48,4 +54,9 @@ def run(["remove_embedded_objects" | args]) do ) end end + + def run(["bump_all_conversations"]) do + Common.start_pleroma() + Conversation.bump_for_all_activities() + end end From cd127d2fa43e6b1ecd7fadfc1d6293b2a432be18 Mon Sep 17 00:00:00 2001 From: Mark Felder Date: Thu, 16 May 2019 13:17:09 -0500 Subject: [PATCH 095/170] Update CHANGELOG --- CHANGELOG.md | 1 + 1 file changed, 1 insertion(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index b3d8e1e0c..fe6ab002c 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -10,6 +10,7 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/). - A [job queue](https://git.pleroma.social/pleroma/pleroma_job_queue) for federation, emails, web push, etc. - [Prometheus](https://prometheus.io/) metrics - Support for Mastodon's remote interaction +- Mix Tasks: `mix pleroma.database bump_all_conversations` - Mix Tasks: `mix pleroma.database remove_embedded_objects` - Mix Tasks: `mix pleroma.user toggle_confirmed` - Federation: Support for reports From e2b3a27204ca511a2e455a1151fdea36fdc0e53d Mon Sep 17 00:00:00 2001 From: Sergey Suprunenko Date: Thu, 16 May 2019 19:09:18 +0000 Subject: [PATCH 096/170] Add Reports to Admin API --- CHANGELOG.md | 2 + docs/api/admin_api.md | 289 +++++++++++++++- lib/pleroma/activity.ex | 2 +- lib/pleroma/emails/admin_email.ex | 2 +- lib/pleroma/web/activity_pub/activity_pub.ex | 7 + lib/pleroma/web/activity_pub/utils.ex | 78 ++++- .../web/admin_api/admin_api_controller.ex | 81 +++++ .../web/admin_api/views/report_view.ex | 41 +++ lib/pleroma/web/common_api/common_api.ex | 57 +++ lib/pleroma/web/common_api/utils.ex | 10 +- lib/pleroma/web/router.ex | 8 + ...511191044_set_default_state_to_reports.exs | 19 + test/support/factory.ex | 5 +- .../admin_api/admin_api_controller_test.exs | 327 ++++++++++++++++++ test/web/common_api/common_api_test.exs | 33 +- .../mastodon_api_controller_test.exs | 4 +- 16 files changed, 945 insertions(+), 20 deletions(-) create mode 100644 lib/pleroma/web/admin_api/views/report_view.ex create mode 100644 priv/repo/migrations/20190511191044_set_default_state_to_reports.exs diff --git a/CHANGELOG.md b/CHANGELOG.md index fe6ab002c..dc09d4f6b 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -24,6 +24,8 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/). - Admin API: Endpoints for listing/revoking invite tokens - Admin API: Endpoints for making users follow/unfollow each other - Admin API: added filters (role, tags, email, name) for users endpoint +- Admin API: Endpoints for managing reports +- Admin API: Endpoints for deleting and changing the scope of individual reported statuses - AdminFE: initial release with basic user management accessible at /pleroma/admin/ - Mastodon API: [Scheduled statuses](https://docs.joinmastodon.org/api/rest/scheduled-statuses/) - Mastodon API: `/api/v1/notifications/destroy_multiple` (glitch-soc extension) diff --git a/docs/api/admin_api.md b/docs/api/admin_api.md index 59578f8d1..b45c5e285 100644 --- a/docs/api/admin_api.md +++ b/docs/api/admin_api.md @@ -24,7 +24,7 @@ Authentication is required and the user must be an admin. - Example: `https://mypleroma.org/api/pleroma/admin/users?query=john&filters=local,active&page=1&page_size=10&tags[]=some_tag&tags[]=another_tag&name=display_name&email=email@example.com` - Response: -```JSON +```json { "page_size": integer, "count": integer, @@ -92,7 +92,7 @@ Authentication is required and the user must be an admin. - `nickname` - Response: User’s object -```JSON +```json { "deactivated": bool, "id": integer, @@ -124,7 +124,7 @@ Authentication is required and the user must be an admin. - Params: none - Response: -```JSON +```json { "is_moderator": bool, "is_admin": bool @@ -141,7 +141,7 @@ Note: Available `:permission_group` is currently moderator and admin. 404 is ret - Params: none - Response: -```JSON +```json { "is_moderator": bool, "is_admin": bool @@ -223,7 +223,7 @@ Note: Available `:permission_group` is currently moderator and admin. 404 is ret - Params: none - Response: -```JSON +```json { "invites": [ @@ -250,7 +250,7 @@ Note: Available `:permission_group` is currently moderator and admin. 404 is ret - `token` - Response: -```JSON +```json { "id": integer, "token": string, @@ -280,3 +280,280 @@ Note: Available `:permission_group` is currently moderator and admin. 404 is ret - Methods: `GET` - Params: none - Response: password reset token (base64 string) + +## `/api/pleroma/admin/reports` +### Get a list of reports +- Method `GET` +- Params: + - `state`: optional, the state of reports. Valid values are `open`, `closed` and `resolved` + - `limit`: optional, the number of records to retrieve + - `since_id`: optional, returns results that are more recent than the specified id + - `max_id`: optional, returns results that are older than the specified id +- Response: + - On failure: 403 Forbidden error `{"error": "error_msg"}` when requested by anonymous or non-admin + - On success: JSON, returns a list of reports, where: + - `account`: the user who has been reported + - `actor`: the user who has sent the report + - `statuses`: list of statuses that have been included to the report + +```json +{ + "reports": [ + { + "account": { + "acct": "user", + "avatar": "https://pleroma.example.org/images/avi.png", + "avatar_static": "https://pleroma.example.org/images/avi.png", + "bot": false, + "created_at": "2019-04-23T17:32:04.000Z", + "display_name": "User", + "emojis": [], + "fields": [], + "followers_count": 1, + "following_count": 1, + "header": "https://pleroma.example.org/images/banner.png", + "header_static": "https://pleroma.example.org/images/banner.png", + "id": "9i6dAJqSGSKMzLG2Lo", + "locked": false, + "note": "", + "pleroma": { + "confirmation_pending": false, + "hide_favorites": true, + "hide_followers": false, + "hide_follows": false, + "is_admin": false, + "is_moderator": false, + "relationship": {}, + "tags": [] + }, + "source": { + "note": "", + "pleroma": {}, + "sensitive": false + }, + "statuses_count": 3, + "url": "https://pleroma.example.org/users/user", + "username": "user" + }, + "actor": { + "acct": "lain", + "avatar": "https://pleroma.example.org/images/avi.png", + "avatar_static": "https://pleroma.example.org/images/avi.png", + "bot": false, + "created_at": "2019-03-28T17:36:03.000Z", + "display_name": "Roger Braun", + "emojis": [], + "fields": [], + "followers_count": 1, + "following_count": 1, + "header": "https://pleroma.example.org/images/banner.png", + "header_static": "https://pleroma.example.org/images/banner.png", + "id": "9hEkA5JsvAdlSrocam", + "locked": false, + "note": "", + "pleroma": { + "confirmation_pending": false, + "hide_favorites": false, + "hide_followers": false, + "hide_follows": false, + "is_admin": false, + "is_moderator": false, + "relationship": {}, + "tags": [] + }, + "source": { + "note": "", + "pleroma": {}, + "sensitive": false + }, + "statuses_count": 1, + "url": "https://pleroma.example.org/users/lain", + "username": "lain" + }, + "content": "Please delete it", + "created_at": "2019-04-29T19:48:15.000Z", + "id": "9iJGOv1j8hxuw19bcm", + "state": "open", + "statuses": [ + { + "account": { ... }, + "application": { + "name": "Web", + "website": null + }, + "bookmarked": false, + "card": null, + "content": "@lain click on my link https://www.google.com/", + "created_at": "2019-04-23T19:15:47.000Z", + "emojis": [], + "favourited": false, + "favourites_count": 0, + "id": "9i6mQ9uVrrOmOime8m", + "in_reply_to_account_id": null, + "in_reply_to_id": null, + "language": null, + "media_attachments": [], + "mentions": [ + { + "acct": "lain", + "id": "9hEkA5JsvAdlSrocam", + "url": "https://pleroma.example.org/users/lain", + "username": "lain" + }, + { + "acct": "user", + "id": "9i6dAJqSGSKMzLG2Lo", + "url": "https://pleroma.example.org/users/user", + "username": "user" + } + ], + "muted": false, + "pinned": false, + "pleroma": { + "content": { + "text/plain": "@lain click on my link https://www.google.com/" + }, + "conversation_id": 28, + "in_reply_to_account_acct": null, + "local": true, + "spoiler_text": { + "text/plain": "" + } + }, + "reblog": null, + "reblogged": false, + "reblogs_count": 0, + "replies_count": 0, + "sensitive": false, + "spoiler_text": "", + "tags": [], + "uri": "https://pleroma.example.org/objects/8717b90f-8e09-4b58-97b0-e3305472b396", + "url": "https://pleroma.example.org/notice/9i6mQ9uVrrOmOime8m", + "visibility": "direct" + } + ] + } + ] +} +``` + +## `/api/pleroma/admin/reports/:id` +### Get an individual report +- Method `GET` +- Params: + - `id` +- Response: + - On failure: + - 403 Forbidden `{"error": "error_msg"}` + - 404 Not Found `"Not found"` + - On success: JSON, Report object (see above) + +## `/api/pleroma/admin/reports/:id` +### Change the state of the report +- Method `PUT` +- Params: + - `id` + - `state`: required, the new state. Valid values are `open`, `closed` and `resolved` +- Response: + - On failure: + - 400 Bad Request `"Unsupported state"` + - 403 Forbidden `{"error": "error_msg"}` + - 404 Not Found `"Not found"` + - On success: JSON, Report object (see above) + +## `/api/pleroma/admin/reports/:id/respond` +### Respond to a report +- Method `POST` +- Params: + - `id` + - `status`: required, the message +- Response: + - On failure: + - 400 Bad Request `"Invalid parameters"` when `status` is missing + - 403 Forbidden `{"error": "error_msg"}` + - 404 Not Found `"Not found"` + - On success: JSON, created Mastodon Status entity + +```json +{ + "account": { ... }, + "application": { + "name": "Web", + "website": null + }, + "bookmarked": false, + "card": null, + "content": "Your claim is going to be closed", + "created_at": "2019-05-11T17:13:03.000Z", + "emojis": [], + "favourited": false, + "favourites_count": 0, + "id": "9ihuiSL1405I65TmEq", + "in_reply_to_account_id": null, + "in_reply_to_id": null, + "language": null, + "media_attachments": [], + "mentions": [ + { + "acct": "user", + "id": "9i6dAJqSGSKMzLG2Lo", + "url": "https://pleroma.example.org/users/user", + "username": "user" + }, + { + "acct": "admin", + "id": "9hEkA5JsvAdlSrocam", + "url": "https://pleroma.example.org/users/admin", + "username": "admin" + } + ], + "muted": false, + "pinned": false, + "pleroma": { + "content": { + "text/plain": "Your claim is going to be closed" + }, + "conversation_id": 35, + "in_reply_to_account_acct": null, + "local": true, + "spoiler_text": { + "text/plain": "" + } + }, + "reblog": null, + "reblogged": false, + "reblogs_count": 0, + "replies_count": 0, + "sensitive": false, + "spoiler_text": "", + "tags": [], + "uri": "https://pleroma.example.org/objects/cab0836d-9814-46cd-a0ea-529da9db5fcb", + "url": "https://pleroma.example.org/notice/9ihuiSL1405I65TmEq", + "visibility": "direct" +} +``` + +## `/api/pleroma/admin/statuses/:id` +### Change the scope of an individual reported status +- Method `PUT` +- Params: + - `id` + - `sensitive`: optional, valid values are `true` or `false` + - `visibility`: optional, valid values are `public`, `private` and `unlisted` +- Response: + - On failure: + - 400 Bad Request `"Unsupported visibility"` + - 403 Forbidden `{"error": "error_msg"}` + - 404 Not Found `"Not found"` + - On success: JSON, Mastodon Status entity + +## `/api/pleroma/admin/statuses/:id` +### Delete an individual reported status +- Method `DELETE` +- Params: + - `id` +- Response: + - On failure: + - 403 Forbidden `{"error": "error_msg"}` + - 404 Not Found `"Not found"` + - On success: 200 OK `{}` diff --git a/lib/pleroma/activity.ex b/lib/pleroma/activity.ex index 3fd4003f8..4e54b15ba 100644 --- a/lib/pleroma/activity.ex +++ b/lib/pleroma/activity.ex @@ -111,7 +111,7 @@ def get_bookmark(_, _), do: nil def change(struct, params \\ %{}) do struct - |> cast(params, [:data]) + |> cast(params, [:data, :recipients]) |> validate_required([:data]) |> unique_constraint(:ap_id, name: :activities_unique_apid_index) end diff --git a/lib/pleroma/emails/admin_email.ex b/lib/pleroma/emails/admin_email.ex index df0f72f96..d0e254362 100644 --- a/lib/pleroma/emails/admin_email.ex +++ b/lib/pleroma/emails/admin_email.ex @@ -29,7 +29,7 @@ def report(to, reporter, account, statuses, comment) do end statuses_html = - if length(statuses) > 0 do + if is_list(statuses) && length(statuses) > 0 do statuses_list_html = statuses |> Enum.map(fn diff --git a/lib/pleroma/web/activity_pub/activity_pub.ex b/lib/pleroma/web/activity_pub/activity_pub.ex index 6a186efbf..5c3156978 100644 --- a/lib/pleroma/web/activity_pub/activity_pub.ex +++ b/lib/pleroma/web/activity_pub/activity_pub.ex @@ -703,6 +703,12 @@ defp restrict_type(query, %{"type" => type}) do defp restrict_type(query, _), do: query + defp restrict_state(query, %{"state" => state}) do + from(activity in query, where: fragment("?->>'state' = ?", activity.data, ^state)) + end + + defp restrict_state(query, _), do: query + defp restrict_favorited_by(query, %{"favorited_by" => ap_id}) do from( activity in query, @@ -855,6 +861,7 @@ def fetch_activities_query(recipients, opts \\ %{}) do |> restrict_local(opts) |> restrict_actor(opts) |> restrict_type(opts) + |> restrict_state(opts) |> restrict_favorited_by(opts) |> restrict_blocked(opts) |> restrict_muted(opts) diff --git a/lib/pleroma/web/activity_pub/utils.ex b/lib/pleroma/web/activity_pub/utils.ex index 236d1b4ac..ca8a0844b 100644 --- a/lib/pleroma/web/activity_pub/utils.ex +++ b/lib/pleroma/web/activity_pub/utils.ex @@ -20,6 +20,8 @@ defmodule Pleroma.Web.ActivityPub.Utils do require Logger @supported_object_types ["Article", "Note", "Video", "Page"] + @supported_report_states ~w(open closed resolved) + @valid_visibilities ~w(public unlisted private direct) # Some implementations send the actor URI as the actor field, others send the entire actor object, # so figure out what the actor's URI is based on what we have. @@ -670,7 +672,8 @@ def make_flag_data(params, additional) do "actor" => params.actor.ap_id, "content" => params.content, "object" => object, - "context" => params.context + "context" => params.context, + "state" => "open" } |> Map.merge(additional) end @@ -713,4 +716,77 @@ def fetch_ordered_collection(from, pages_left, acc \\ []) do end end end + + #### Report-related helpers + + def update_report_state(%Activity{} = activity, state) when state in @supported_report_states do + with new_data <- Map.put(activity.data, "state", state), + changeset <- Changeset.change(activity, data: new_data), + {:ok, activity} <- Repo.update(changeset) do + {:ok, activity} + end + end + + def update_report_state(_, _), do: {:error, "Unsupported state"} + + def update_activity_visibility(activity, visibility) when visibility in @valid_visibilities do + [to, cc, recipients] = + activity + |> get_updated_targets(visibility) + |> Enum.map(&Enum.uniq/1) + + object_data = + activity.object.data + |> Map.put("to", to) + |> Map.put("cc", cc) + + {:ok, object} = + activity.object + |> Object.change(%{data: object_data}) + |> Object.update_and_set_cache() + + activity_data = + activity.data + |> Map.put("to", to) + |> Map.put("cc", cc) + + activity + |> Map.put(:object, object) + |> Activity.change(%{data: activity_data, recipients: recipients}) + |> Repo.update() + end + + def update_activity_visibility(_, _), do: {:error, "Unsupported visibility"} + + defp get_updated_targets( + %Activity{data: %{"to" => to} = data, recipients: recipients}, + visibility + ) do + cc = Map.get(data, "cc", []) + follower_address = User.get_cached_by_ap_id(data["actor"]).follower_address + public = "https://www.w3.org/ns/activitystreams#Public" + + case visibility do + "public" -> + to = [public | List.delete(to, follower_address)] + cc = [follower_address | List.delete(cc, public)] + recipients = [public | recipients] + [to, cc, recipients] + + "private" -> + to = [follower_address | List.delete(to, public)] + cc = List.delete(cc, public) + recipients = List.delete(recipients, public) + [to, cc, recipients] + + "unlisted" -> + to = [follower_address | List.delete(to, public)] + cc = [public | List.delete(cc, follower_address)] + recipients = recipients ++ [follower_address, public] + [to, cc, recipients] + + _ -> + [to, cc, recipients] + end + end end diff --git a/lib/pleroma/web/admin_api/admin_api_controller.ex b/lib/pleroma/web/admin_api/admin_api_controller.ex index e00b33aba..de2a13c01 100644 --- a/lib/pleroma/web/admin_api/admin_api_controller.ex +++ b/lib/pleroma/web/admin_api/admin_api_controller.ex @@ -4,11 +4,16 @@ defmodule Pleroma.Web.AdminAPI.AdminAPIController do use Pleroma.Web, :controller + alias Pleroma.Activity alias Pleroma.User alias Pleroma.UserInviteToken + alias Pleroma.Web.ActivityPub.ActivityPub alias Pleroma.Web.ActivityPub.Relay alias Pleroma.Web.AdminAPI.AccountView + alias Pleroma.Web.AdminAPI.ReportView alias Pleroma.Web.AdminAPI.Search + alias Pleroma.Web.CommonAPI + alias Pleroma.Web.MastodonAPI.StatusView import Pleroma.Web.ControllerHelper, only: [json_response: 3] @@ -287,12 +292,88 @@ def get_password_reset(conn, %{"nickname" => nickname}) do |> json(token.token) end + def list_reports(conn, params) do + params = + params + |> Map.put("type", "Flag") + |> Map.put("skip_preload", true) + + reports = + [] + |> ActivityPub.fetch_activities(params) + |> Enum.reverse() + + conn + |> put_view(ReportView) + |> render("index.json", %{reports: reports}) + end + + def report_show(conn, %{"id" => id}) do + with %Activity{} = report <- Activity.get_by_id(id) do + conn + |> put_view(ReportView) + |> render("show.json", %{report: report}) + else + _ -> {:error, :not_found} + end + end + + def report_update_state(conn, %{"id" => id, "state" => state}) do + with {:ok, report} <- CommonAPI.update_report_state(id, state) do + conn + |> put_view(ReportView) + |> render("show.json", %{report: report}) + end + end + + def report_respond(%{assigns: %{user: user}} = conn, %{"id" => id} = params) do + with false <- is_nil(params["status"]), + %Activity{} <- Activity.get_by_id(id) do + params = + params + |> Map.put("in_reply_to_status_id", id) + |> Map.put("visibility", "direct") + + {:ok, activity} = CommonAPI.post(user, params) + + conn + |> put_view(StatusView) + |> render("status.json", %{activity: activity}) + else + true -> + {:param_cast, nil} + + nil -> + {:error, :not_found} + end + end + + def status_update(conn, %{"id" => id} = params) do + with {:ok, activity} <- CommonAPI.update_activity_scope(id, params) do + conn + |> put_view(StatusView) + |> render("status.json", %{activity: activity}) + end + end + + def status_delete(%{assigns: %{user: user}} = conn, %{"id" => id}) do + with {:ok, %Activity{}} <- CommonAPI.delete(id, user) do + json(conn, %{}) + end + end + def errors(conn, {:error, :not_found}) do conn |> put_status(404) |> json("Not found") end + def errors(conn, {:error, reason}) do + conn + |> put_status(400) + |> json(reason) + end + def errors(conn, {:param_cast, _}) do conn |> put_status(400) diff --git a/lib/pleroma/web/admin_api/views/report_view.ex b/lib/pleroma/web/admin_api/views/report_view.ex new file mode 100644 index 000000000..47a73dc7e --- /dev/null +++ b/lib/pleroma/web/admin_api/views/report_view.ex @@ -0,0 +1,41 @@ +# Pleroma: A lightweight social networking server +# Copyright © 2017-2019 Pleroma Authors +# SPDX-License-Identifier: AGPL-3.0-only + +defmodule Pleroma.Web.AdminAPI.ReportView do + use Pleroma.Web, :view + alias Pleroma.Activity + alias Pleroma.User + alias Pleroma.Web.CommonAPI.Utils + alias Pleroma.Web.MastodonAPI.AccountView + alias Pleroma.Web.MastodonAPI.StatusView + + def render("index.json", %{reports: reports}) do + %{ + reports: render_many(reports, __MODULE__, "show.json", as: :report) + } + end + + def render("show.json", %{report: report}) do + user = User.get_cached_by_ap_id(report.data["actor"]) + created_at = Utils.to_masto_date(report.data["published"]) + + [account_ap_id | status_ap_ids] = report.data["object"] + account = User.get_cached_by_ap_id(account_ap_id) + + statuses = + Enum.map(status_ap_ids, fn ap_id -> + Activity.get_by_ap_id_with_object(ap_id) + end) + + %{ + id: report.id, + account: AccountView.render("account.json", %{user: account}), + actor: AccountView.render("account.json", %{user: user}), + content: report.data["content"], + created_at: created_at, + statuses: StatusView.render("index.json", %{activities: statuses, as: :activity}), + state: report.data["state"] + } + end +end diff --git a/lib/pleroma/web/common_api/common_api.ex b/lib/pleroma/web/common_api/common_api.ex index 29c4c1014..208c12c7b 100644 --- a/lib/pleroma/web/common_api/common_api.ex +++ b/lib/pleroma/web/common_api/common_api.ex @@ -71,6 +71,9 @@ def delete(activity_id, user) do {:ok, _} <- unpin(activity_id, user), {:ok, delete} <- ActivityPub.delete(object) do {:ok, delete} + else + _ -> + {:error, "Could not delete"} end end @@ -315,6 +318,60 @@ def report(user, data) do end end + def update_report_state(activity_id, state) do + with %Activity{} = activity <- Activity.get_by_id(activity_id), + {:ok, activity} <- Utils.update_report_state(activity, state) do + {:ok, activity} + else + nil -> + {:error, :not_found} + + {:error, reason} -> + {:error, reason} + + _ -> + {:error, "Could not update state"} + end + end + + def update_activity_scope(activity_id, opts \\ %{}) do + with %Activity{} = activity <- Activity.get_by_id_with_object(activity_id), + {:ok, activity} <- toggle_sensitive(activity, opts), + {:ok, activity} <- set_visibility(activity, opts) do + {:ok, activity} + else + nil -> + {:error, :not_found} + + {:error, reason} -> + {:error, reason} + end + end + + defp toggle_sensitive(activity, %{"sensitive" => sensitive}) when sensitive in ~w(true false) do + toggle_sensitive(activity, %{"sensitive" => String.to_existing_atom(sensitive)}) + end + + defp toggle_sensitive(%Activity{object: object} = activity, %{"sensitive" => sensitive}) + when is_boolean(sensitive) do + new_data = Map.put(object.data, "sensitive", sensitive) + + {:ok, object} = + object + |> Object.change(%{data: new_data}) + |> Object.update_and_set_cache() + + {:ok, Map.put(activity, :object, object)} + end + + defp toggle_sensitive(activity, _), do: {:ok, activity} + + defp set_visibility(activity, %{"visibility" => visibility}) do + Utils.update_activity_visibility(activity, visibility) + end + + defp set_visibility(activity, _), do: {:ok, activity} + def hide_reblogs(user, muted) do ap_id = muted.ap_id diff --git a/lib/pleroma/web/common_api/utils.ex b/lib/pleroma/web/common_api/utils.ex index 1dfe50b40..bee2fd159 100644 --- a/lib/pleroma/web/common_api/utils.ex +++ b/lib/pleroma/web/common_api/utils.ex @@ -237,13 +237,11 @@ def make_note_data( "tag" => tags |> Enum.map(fn {_, tag} -> tag end) |> Enum.uniq() } - if in_reply_to do - in_reply_to_object = Object.normalize(in_reply_to) - - object - |> Map.put("inReplyTo", in_reply_to_object.data["id"]) + with false <- is_nil(in_reply_to), + %Object{} = in_reply_to_object <- Object.normalize(in_reply_to) do + Map.put(object, "inReplyTo", in_reply_to_object.data["id"]) else - object + _ -> object end end diff --git a/lib/pleroma/web/router.ex b/lib/pleroma/web/router.ex index 7fef82f82..6a4e4a1d4 100644 --- a/lib/pleroma/web/router.ex +++ b/lib/pleroma/web/router.ex @@ -194,6 +194,14 @@ defmodule Pleroma.Web.Router do get("/users", AdminAPIController, :list_users) get("/users/:nickname", AdminAPIController, :user_show) + + get("/reports", AdminAPIController, :list_reports) + get("/reports/:id", AdminAPIController, :report_show) + put("/reports/:id", AdminAPIController, :report_update_state) + post("/reports/:id/respond", AdminAPIController, :report_respond) + + put("/statuses/:id", AdminAPIController, :status_update) + delete("/statuses/:id", AdminAPIController, :status_delete) end scope "/", Pleroma.Web.TwitterAPI do diff --git a/priv/repo/migrations/20190511191044_set_default_state_to_reports.exs b/priv/repo/migrations/20190511191044_set_default_state_to_reports.exs new file mode 100644 index 000000000..0d3d253b6 --- /dev/null +++ b/priv/repo/migrations/20190511191044_set_default_state_to_reports.exs @@ -0,0 +1,19 @@ +defmodule Pleroma.Repo.Migrations.SetDefaultStateToReports do + use Ecto.Migration + + def up do + execute """ + UPDATE activities AS a + SET data = jsonb_set(data, '{state}', '"open"', true) + WHERE data->>'type' = 'Flag' + """ + end + + def down do + execute """ + UPDATE activities AS a + SET data = data #- '{state}' + WHERE data->>'type' = 'Flag' + """ + end +end diff --git a/test/support/factory.ex b/test/support/factory.ex index 2a2954ad6..90c7d80f2 100644 --- a/test/support/factory.ex +++ b/test/support/factory.ex @@ -43,7 +43,7 @@ def user_factory do def note_factory(attrs \\ %{}) do text = sequence(:text, &"This is :moominmamma: note #{&1}") - user = insert(:user) + user = attrs[:user] || insert(:user) data = %{ "type" => "Note", @@ -113,7 +113,8 @@ def direct_note_activity_factory do end def note_activity_factory(attrs \\ %{}) do - note = attrs[:note] || insert(:note) + user = attrs[:user] || insert(:user) + note = attrs[:note] || insert(:note, user: user) data = %{ "id" => Pleroma.Web.ActivityPub.Utils.generate_activity_id(), diff --git a/test/web/admin_api/admin_api_controller_test.exs b/test/web/admin_api/admin_api_controller_test.exs index 6c1897b5a..ca12c7215 100644 --- a/test/web/admin_api/admin_api_controller_test.exs +++ b/test/web/admin_api/admin_api_controller_test.exs @@ -5,8 +5,10 @@ defmodule Pleroma.Web.AdminAPI.AdminAPIControllerTest do use Pleroma.Web.ConnCase + alias Pleroma.Activity alias Pleroma.User alias Pleroma.UserInviteToken + alias Pleroma.Web.CommonAPI import Pleroma.Factory describe "/api/pleroma/admin/users" do @@ -949,4 +951,329 @@ test "with token" do } end end + + describe "GET /api/pleroma/admin/reports/:id" do + setup %{conn: conn} do + admin = insert(:user, info: %{is_admin: true}) + + %{conn: assign(conn, :user, admin)} + end + + test "returns report by its id", %{conn: conn} do + [reporter, target_user] = insert_pair(:user) + activity = insert(:note_activity, user: target_user) + + {:ok, %{id: report_id}} = + CommonAPI.report(reporter, %{ + "account_id" => target_user.id, + "comment" => "I feel offended", + "status_ids" => [activity.id] + }) + + response = + conn + |> get("/api/pleroma/admin/reports/#{report_id}") + |> json_response(:ok) + + assert response["id"] == report_id + end + + test "returns 404 when report id is invalid", %{conn: conn} do + conn = get(conn, "/api/pleroma/admin/reports/test") + + assert json_response(conn, :not_found) == "Not found" + end + end + + describe "PUT /api/pleroma/admin/reports/:id" do + setup %{conn: conn} do + admin = insert(:user, info: %{is_admin: true}) + [reporter, target_user] = insert_pair(:user) + activity = insert(:note_activity, user: target_user) + + {:ok, %{id: report_id}} = + CommonAPI.report(reporter, %{ + "account_id" => target_user.id, + "comment" => "I feel offended", + "status_ids" => [activity.id] + }) + + %{conn: assign(conn, :user, admin), id: report_id} + end + + test "mark report as resolved", %{conn: conn, id: id} do + response = + conn + |> put("/api/pleroma/admin/reports/#{id}", %{"state" => "resolved"}) + |> json_response(:ok) + + assert response["state"] == "resolved" + end + + test "closes report", %{conn: conn, id: id} do + response = + conn + |> put("/api/pleroma/admin/reports/#{id}", %{"state" => "closed"}) + |> json_response(:ok) + + assert response["state"] == "closed" + end + + test "returns 400 when state is unknown", %{conn: conn, id: id} do + conn = + conn + |> put("/api/pleroma/admin/reports/#{id}", %{"state" => "test"}) + + assert json_response(conn, :bad_request) == "Unsupported state" + end + + test "returns 404 when report is not exist", %{conn: conn} do + conn = + conn + |> put("/api/pleroma/admin/reports/test", %{"state" => "closed"}) + + assert json_response(conn, :not_found) == "Not found" + end + end + + describe "GET /api/pleroma/admin/reports" do + setup %{conn: conn} do + admin = insert(:user, info: %{is_admin: true}) + + %{conn: assign(conn, :user, admin)} + end + + test "returns empty response when no reports created", %{conn: conn} do + response = + conn + |> get("/api/pleroma/admin/reports") + |> json_response(:ok) + + assert Enum.empty?(response["reports"]) + end + + test "returns reports", %{conn: conn} do + [reporter, target_user] = insert_pair(:user) + activity = insert(:note_activity, user: target_user) + + {:ok, %{id: report_id}} = + CommonAPI.report(reporter, %{ + "account_id" => target_user.id, + "comment" => "I feel offended", + "status_ids" => [activity.id] + }) + + response = + conn + |> get("/api/pleroma/admin/reports") + |> json_response(:ok) + + [report] = response["reports"] + + assert length(response["reports"]) == 1 + assert report["id"] == report_id + end + + test "returns reports with specified state", %{conn: conn} do + [reporter, target_user] = insert_pair(:user) + activity = insert(:note_activity, user: target_user) + + {:ok, %{id: first_report_id}} = + CommonAPI.report(reporter, %{ + "account_id" => target_user.id, + "comment" => "I feel offended", + "status_ids" => [activity.id] + }) + + {:ok, %{id: second_report_id}} = + CommonAPI.report(reporter, %{ + "account_id" => target_user.id, + "comment" => "I don't like this user" + }) + + CommonAPI.update_report_state(second_report_id, "closed") + + response = + conn + |> get("/api/pleroma/admin/reports", %{ + "state" => "open" + }) + |> json_response(:ok) + + [open_report] = response["reports"] + + assert length(response["reports"]) == 1 + assert open_report["id"] == first_report_id + + response = + conn + |> get("/api/pleroma/admin/reports", %{ + "state" => "closed" + }) + |> json_response(:ok) + + [closed_report] = response["reports"] + + assert length(response["reports"]) == 1 + assert closed_report["id"] == second_report_id + + response = + conn + |> get("/api/pleroma/admin/reports", %{ + "state" => "resolved" + }) + |> json_response(:ok) + + assert Enum.empty?(response["reports"]) + end + + test "returns 403 when requested by a non-admin" do + user = insert(:user) + + conn = + build_conn() + |> assign(:user, user) + |> get("/api/pleroma/admin/reports") + + assert json_response(conn, :forbidden) == %{"error" => "User is not admin."} + end + + test "returns 403 when requested by anonymous" do + conn = + build_conn() + |> get("/api/pleroma/admin/reports") + + assert json_response(conn, :forbidden) == %{"error" => "Invalid credentials."} + end + end + + describe "POST /api/pleroma/admin/reports/:id/respond" do + setup %{conn: conn} do + admin = insert(:user, info: %{is_admin: true}) + + %{conn: assign(conn, :user, admin)} + end + + test "returns created dm", %{conn: conn} do + [reporter, target_user] = insert_pair(:user) + activity = insert(:note_activity, user: target_user) + + {:ok, %{id: report_id}} = + CommonAPI.report(reporter, %{ + "account_id" => target_user.id, + "comment" => "I feel offended", + "status_ids" => [activity.id] + }) + + response = + conn + |> post("/api/pleroma/admin/reports/#{report_id}/respond", %{ + "status" => "I will check it out" + }) + |> json_response(:ok) + + recipients = Enum.map(response["mentions"], & &1["username"]) + + assert conn.assigns[:user].nickname in recipients + assert reporter.nickname in recipients + assert response["content"] == "I will check it out" + assert response["visibility"] == "direct" + end + + test "returns 400 when status is missing", %{conn: conn} do + conn = post(conn, "/api/pleroma/admin/reports/test/respond") + + assert json_response(conn, :bad_request) == "Invalid parameters" + end + + test "returns 404 when report id is invalid", %{conn: conn} do + conn = + post(conn, "/api/pleroma/admin/reports/test/respond", %{ + "status" => "foo" + }) + + assert json_response(conn, :not_found) == "Not found" + end + end + + describe "PUT /api/pleroma/admin/statuses/:id" do + setup %{conn: conn} do + admin = insert(:user, info: %{is_admin: true}) + activity = insert(:note_activity) + + %{conn: assign(conn, :user, admin), id: activity.id} + end + + test "toggle sensitive flag", %{conn: conn, id: id} do + response = + conn + |> put("/api/pleroma/admin/statuses/#{id}", %{"sensitive" => "true"}) + |> json_response(:ok) + + assert response["sensitive"] + + response = + conn + |> put("/api/pleroma/admin/statuses/#{id}", %{"sensitive" => "false"}) + |> json_response(:ok) + + refute response["sensitive"] + end + + test "change visibility flag", %{conn: conn, id: id} do + response = + conn + |> put("/api/pleroma/admin/statuses/#{id}", %{"visibility" => "public"}) + |> json_response(:ok) + + assert response["visibility"] == "public" + + response = + conn + |> put("/api/pleroma/admin/statuses/#{id}", %{"visibility" => "private"}) + |> json_response(:ok) + + assert response["visibility"] == "private" + + response = + conn + |> put("/api/pleroma/admin/statuses/#{id}", %{"visibility" => "unlisted"}) + |> json_response(:ok) + + assert response["visibility"] == "unlisted" + end + + test "returns 400 when visibility is unknown", %{conn: conn, id: id} do + conn = + conn + |> put("/api/pleroma/admin/statuses/#{id}", %{"visibility" => "test"}) + + assert json_response(conn, :bad_request) == "Unsupported visibility" + end + end + + describe "DELETE /api/pleroma/admin/statuses/:id" do + setup %{conn: conn} do + admin = insert(:user, info: %{is_admin: true}) + activity = insert(:note_activity) + + %{conn: assign(conn, :user, admin), id: activity.id} + end + + test "deletes status", %{conn: conn, id: id} do + conn + |> delete("/api/pleroma/admin/statuses/#{id}") + |> json_response(:ok) + + refute Activity.get_by_id(id) + end + + test "returns error when status is not exist", %{conn: conn} do + conn = + conn + |> delete("/api/pleroma/admin/statuses/test") + + assert json_response(conn, :bad_request) == "Could not delete" + end + end end diff --git a/test/web/common_api/common_api_test.exs b/test/web/common_api/common_api_test.exs index 8d4f401ee..38b5aa65f 100644 --- a/test/web/common_api/common_api_test.exs +++ b/test/web/common_api/common_api_test.exs @@ -261,10 +261,41 @@ test "creates a report" do data: %{ "type" => "Flag", "content" => ^comment, - "object" => [^target_ap_id, ^activity_ap_id] + "object" => [^target_ap_id, ^activity_ap_id], + "state" => "open" } } = flag_activity end + + test "updates report state" do + [reporter, target_user] = insert_pair(:user) + activity = insert(:note_activity, user: target_user) + + {:ok, %Activity{id: report_id}} = + CommonAPI.report(reporter, %{ + "account_id" => target_user.id, + "comment" => "I feel offended", + "status_ids" => [activity.id] + }) + + {:ok, report} = CommonAPI.update_report_state(report_id, "resolved") + + assert report.data["state"] == "resolved" + end + + test "does not update report state when state is unsupported" do + [reporter, target_user] = insert_pair(:user) + activity = insert(:note_activity, user: target_user) + + {:ok, %Activity{id: report_id}} = + CommonAPI.report(reporter, %{ + "account_id" => target_user.id, + "comment" => "I feel offended", + "status_ids" => [activity.id] + }) + + assert CommonAPI.update_report_state(report_id, "test") == {:error, "Unsupported state"} + end end describe "reblog muting" do diff --git a/test/web/mastodon_api/mastodon_api_controller_test.exs b/test/web/mastodon_api/mastodon_api_controller_test.exs index 40e7739e7..90d67a55f 100644 --- a/test/web/mastodon_api/mastodon_api_controller_test.exs +++ b/test/web/mastodon_api/mastodon_api_controller_test.exs @@ -2129,7 +2129,7 @@ test "returns favorited DM only when user is logged in and he is one of recipien |> get("/api/v1/pleroma/accounts/#{user.id}/favourites") |> json_response(:ok) - assert length(anonymous_response) == 0 + assert Enum.empty?(anonymous_response) end test "does not return others' favorited DM when user is not one of recipients", %{ @@ -2153,7 +2153,7 @@ test "does not return others' favorited DM when user is not one of recipients", |> get("/api/v1/pleroma/accounts/#{user.id}/favourites") |> json_response(:ok) - assert length(response) == 0 + assert Enum.empty?(response) end test "paginates favorites using since_id and max_id", %{ From 2c303afc8b25ca92eaa229df3e9e4737856e890c Mon Sep 17 00:00:00 2001 From: Sergey Suprunenko Date: Thu, 16 May 2019 20:04:08 +0000 Subject: [PATCH 097/170] Remove duplicated entries in users' following lists --- CHANGELOG.md | 1 + lib/mix/tasks/pleroma/database.ex | 17 +++++++++-- lib/pleroma/user.ex | 14 ++++++++- test/tasks/database_test.exs | 49 +++++++++++++++++++++++++++++++ test/tasks/user_test.exs | 1 + test/user_test.exs | 31 +++++++++++++++++++ 6 files changed, 110 insertions(+), 3 deletions(-) create mode 100644 test/tasks/database_test.exs diff --git a/CHANGELOG.md b/CHANGELOG.md index dc09d4f6b..4d314817b 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -12,6 +12,7 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/). - Support for Mastodon's remote interaction - Mix Tasks: `mix pleroma.database bump_all_conversations` - Mix Tasks: `mix pleroma.database remove_embedded_objects` +- Mix Tasks: `mix pleroma.database update_users_following_followers_counts` - Mix Tasks: `mix pleroma.user toggle_confirmed` - Federation: Support for reports - Configuration: `safe_dm_mentions` option diff --git a/lib/mix/tasks/pleroma/database.ex b/lib/mix/tasks/pleroma/database.ex index 42753a1a4..f650b447d 100644 --- a/lib/mix/tasks/pleroma/database.ex +++ b/lib/mix/tasks/pleroma/database.ex @@ -5,6 +5,8 @@ defmodule Mix.Tasks.Pleroma.Database do alias Mix.Tasks.Pleroma.Common alias Pleroma.Conversation + alias Pleroma.Repo + alias Pleroma.User require Logger use Mix.Task @@ -25,6 +27,9 @@ defmodule Mix.Tasks.Pleroma.Database do mix pleroma.database bump_all_conversations + ## Remove duplicated items from following and update followers count for all users + + mix pleroma.database update_users_following_followers_counts """ def run(["remove_embedded_objects" | args]) do {options, [], []} = @@ -38,7 +43,7 @@ def run(["remove_embedded_objects" | args]) do Common.start_pleroma() Logger.info("Removing embedded objects") - Pleroma.Repo.query!( + Repo.query!( "update activities set data = jsonb_set(data, '{object}'::text[], data->'object'->'id') where data->'object'->>'id' is not null;", [], timeout: :infinity @@ -47,7 +52,7 @@ def run(["remove_embedded_objects" | args]) do if Keyword.get(options, :vacuum) do Logger.info("Runnning VACUUM FULL") - Pleroma.Repo.query!( + Repo.query!( "vacuum full;", [], timeout: :infinity @@ -59,4 +64,12 @@ def run(["bump_all_conversations"]) do Common.start_pleroma() Conversation.bump_for_all_activities() end + + def run(["update_users_following_followers_counts"]) do + Common.start_pleroma() + + users = Repo.all(User) + Enum.each(users, &User.remove_duplicated_following/1) + Enum.each(users, &User.update_follower_count/1) + end end diff --git a/lib/pleroma/user.ex b/lib/pleroma/user.ex index 1aa966dfc..9ffb61300 100644 --- a/lib/pleroma/user.ex +++ b/lib/pleroma/user.ex @@ -166,7 +166,7 @@ def remote_user_creation(params) do def update_changeset(struct, params \\ %{}) do struct - |> cast(params, [:bio, :name, :avatar]) + |> cast(params, [:bio, :name, :avatar, :following]) |> unique_constraint(:nickname) |> validate_format(:nickname, local_nickname_regex()) |> validate_length(:bio, max: 5000) @@ -709,6 +709,18 @@ def update_follower_count(%User{} = user) do end end + def remove_duplicated_following(%User{following: following} = user) do + uniq_following = Enum.uniq(following) + + if length(following) == length(uniq_following) do + {:ok, user} + else + user + |> update_changeset(%{following: uniq_following}) + |> update_and_set_cache() + end + end + @spec get_users_from_set([String.t()], boolean()) :: [User.t()] def get_users_from_set(ap_ids, local_only \\ true) do criteria = %{ap_id: ap_ids, deactivated: false} diff --git a/test/tasks/database_test.exs b/test/tasks/database_test.exs new file mode 100644 index 000000000..579130b05 --- /dev/null +++ b/test/tasks/database_test.exs @@ -0,0 +1,49 @@ +# Pleroma: A lightweight social networking server +# Copyright © 2017-2019 Pleroma Authors +# SPDX-License-Identifier: AGPL-3.0-only + +defmodule Mix.Tasks.Pleroma.DatabaseTest do + alias Pleroma.Repo + alias Pleroma.User + use Pleroma.DataCase + + import Pleroma.Factory + + setup_all do + Mix.shell(Mix.Shell.Process) + + on_exit(fn -> + Mix.shell(Mix.Shell.IO) + end) + + :ok + end + + describe "running update_users_following_followers_counts" do + test "following and followers count are updated" do + [user, user2] = insert_pair(:user) + {:ok, %User{following: following, info: info} = user} = User.follow(user, user2) + + assert length(following) == 2 + assert info.follower_count == 0 + + info_cng = Ecto.Changeset.change(info, %{follower_count: 3}) + + {:ok, user} = + user + |> Ecto.Changeset.change(%{following: following ++ following}) + |> Ecto.Changeset.put_embed(:info, info_cng) + |> Repo.update() + + assert length(user.following) == 4 + assert user.info.follower_count == 3 + + assert :ok == Mix.Tasks.Pleroma.Database.run(["update_users_following_followers_counts"]) + + user = User.get_by_id(user.id) + + assert length(user.following) == 2 + assert user.info.follower_count == 0 + end + end +end diff --git a/test/tasks/user_test.exs b/test/tasks/user_test.exs index 1f97740be..260ce0d95 100644 --- a/test/tasks/user_test.exs +++ b/test/tasks/user_test.exs @@ -3,6 +3,7 @@ # SPDX-License-Identifier: AGPL-3.0-only defmodule Mix.Tasks.Pleroma.UserTest do + alias Pleroma.Repo alias Pleroma.User use Pleroma.DataCase diff --git a/test/user_test.exs b/test/user_test.exs index 16a014f2f..721b65693 100644 --- a/test/user_test.exs +++ b/test/user_test.exs @@ -626,6 +626,37 @@ test "it sets the info->follower_count property" do end end + describe "remove duplicates from following list" do + test "it removes duplicates" do + user = insert(:user) + follower = insert(:user) + + {:ok, %User{following: following} = follower} = User.follow(follower, user) + assert length(following) == 2 + + {:ok, follower} = + follower + |> User.update_changeset(%{following: following ++ following}) + |> Repo.update() + + assert length(follower.following) == 4 + + {:ok, follower} = User.remove_duplicated_following(follower) + assert length(follower.following) == 2 + end + + test "it does nothing when following is uniq" do + user = insert(:user) + follower = insert(:user) + + {:ok, follower} = User.follow(follower, user) + assert length(follower.following) == 2 + + {:ok, follower} = User.remove_duplicated_following(follower) + assert length(follower.following) == 2 + end + end + describe "follow_import" do test "it imports user followings from list" do [user1, user2, user3] = insert_list(3, :user) From 70235ce840a4ed834080ab6afc3000185590c6cb Mon Sep 17 00:00:00 2001 From: Aaron Tinio Date: Fri, 17 May 2019 09:02:04 +0800 Subject: [PATCH 098/170] Fix typo: s/"tags"/"tag"/g --- lib/pleroma/web/activity_pub/mrf/simple_policy.ex | 2 +- lib/pleroma/web/activity_pub/mrf/tag_policy.ex | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/lib/pleroma/web/activity_pub/mrf/simple_policy.ex b/lib/pleroma/web/activity_pub/mrf/simple_policy.ex index 2f105700b..50426e920 100644 --- a/lib/pleroma/web/activity_pub/mrf/simple_policy.ex +++ b/lib/pleroma/web/activity_pub/mrf/simple_policy.ex @@ -55,7 +55,7 @@ defp check_media_nsfw( object = if Enum.member?(Pleroma.Config.get([:mrf_simple, :media_nsfw]), actor_host) do tags = (child_object["tag"] || []) ++ ["nsfw"] - child_object = Map.put(child_object, "tags", tags) + child_object = Map.put(child_object, "tag", tags) child_object = Map.put(child_object, "sensitive", true) Map.put(object, "object", child_object) else diff --git a/lib/pleroma/web/activity_pub/mrf/tag_policy.ex b/lib/pleroma/web/activity_pub/mrf/tag_policy.ex index b52be30e7..6683b8d8e 100644 --- a/lib/pleroma/web/activity_pub/mrf/tag_policy.ex +++ b/lib/pleroma/web/activity_pub/mrf/tag_policy.ex @@ -31,7 +31,7 @@ defp process_tag( object = object - |> Map.put("tags", tags) + |> Map.put("tag", tags) |> Map.put("sensitive", true) message = Map.put(message, "object", object) From 443cd68a4c37cc8e3a3260feff25791bd5ebabf4 Mon Sep 17 00:00:00 2001 From: Aaron Tinio Date: Fri, 17 May 2019 08:11:17 +0800 Subject: [PATCH 099/170] Add tests for MRF.SimplePolicy --- .../activity_pub/mrf/simple_policy_test.exs | 192 ++++++++++++++++++ 1 file changed, 192 insertions(+) create mode 100644 test/web/activity_pub/mrf/simple_policy_test.exs diff --git a/test/web/activity_pub/mrf/simple_policy_test.exs b/test/web/activity_pub/mrf/simple_policy_test.exs new file mode 100644 index 000000000..1e0511975 --- /dev/null +++ b/test/web/activity_pub/mrf/simple_policy_test.exs @@ -0,0 +1,192 @@ +# Pleroma: A lightweight social networking server +# Copyright © 2019 Pleroma Authors +# SPDX-License-Identifier: AGPL-3.0-only + +defmodule Pleroma.Web.ActivityPub.MRF.SimplePolicyTest do + use Pleroma.DataCase + import Pleroma.Factory + alias Pleroma.Config + alias Pleroma.Web.ActivityPub.MRF.SimplePolicy + + setup do + orig = Config.get!(:mrf_simple) + + Config.put(:mrf_simple, + media_removal: [], + media_nsfw: [], + federated_timeline_removal: [], + reject: [], + accept: [] + ) + + on_exit(fn -> + Config.put(:mrf_simple, orig) + end) + end + + describe "when :media_removal" do + test "is empty" do + Config.put([:mrf_simple, :media_removal], []) + media_message = build_media_message() + local_message = build_local_message() + + assert SimplePolicy.filter(media_message) == {:ok, media_message} + assert SimplePolicy.filter(local_message) == {:ok, local_message} + end + + test "has a matching host" do + Config.put([:mrf_simple, :media_removal], ["remote.instance"]) + media_message = build_media_message() + local_message = build_local_message() + + assert SimplePolicy.filter(media_message) == + {:ok, + media_message + |> Map.put("object", Map.delete(media_message["object"], "attachment"))} + + assert SimplePolicy.filter(local_message) == {:ok, local_message} + end + end + + describe "when :media_nsfw" do + test "is empty" do + Config.put([:mrf_simple, :media_nsfw], []) + media_message = build_media_message() + local_message = build_local_message() + + assert SimplePolicy.filter(media_message) == {:ok, media_message} + assert SimplePolicy.filter(local_message) == {:ok, local_message} + end + + test "has a matching host" do + Config.put([:mrf_simple, :media_nsfw], ["remote.instance"]) + media_message = build_media_message() + local_message = build_local_message() + + assert SimplePolicy.filter(media_message) == + {:ok, + media_message + |> put_in(["object", "tag"], ["foo", "nsfw"]) + |> put_in(["object", "sensitive"], true)} + + assert SimplePolicy.filter(local_message) == {:ok, local_message} + end + end + + defp build_media_message do + %{ + "actor" => "https://remote.instance/users/bob", + "type" => "Create", + "object" => %{ + "attachment" => [%{}], + "tag" => ["foo"], + "sensitive" => false + } + } + end + + describe "when :federated_timeline_removal" do + test "is empty" do + Config.put([:mrf_simple, :federated_timeline_removal], []) + {_, ftl_message} = build_ftl_actor_and_message() + local_message = build_local_message() + + assert SimplePolicy.filter(ftl_message) == {:ok, ftl_message} + assert SimplePolicy.filter(local_message) == {:ok, local_message} + end + + test "has a matching host" do + {actor, ftl_message} = build_ftl_actor_and_message() + + ftl_message_actor_host = + ftl_message + |> Map.fetch!("actor") + |> URI.parse() + |> Map.fetch!(:host) + + Config.put([:mrf_simple, :federated_timeline_removal], [ftl_message_actor_host]) + local_message = build_local_message() + + assert {:ok, ftl_message} = SimplePolicy.filter(ftl_message) + assert actor.follower_address in ftl_message["to"] + refute actor.follower_address in ftl_message["cc"] + refute "https://www.w3.org/ns/activitystreams#Public" in ftl_message["to"] + assert "https://www.w3.org/ns/activitystreams#Public" in ftl_message["cc"] + + assert SimplePolicy.filter(local_message) == {:ok, local_message} + end + end + + defp build_ftl_actor_and_message do + actor = insert(:user) + + {actor, + %{ + "actor" => actor.ap_id, + "to" => ["https://www.w3.org/ns/activitystreams#Public", "http://foo.bar/baz"], + "cc" => [actor.follower_address, "http://foo.bar/qux"] + }} + end + + describe "when :reject" do + test "is empty" do + Config.put([:mrf_simple, :reject], []) + + remote_message = build_remote_message() + + assert SimplePolicy.filter(remote_message) == {:ok, remote_message} + end + + test "has a matching host" do + Config.put([:mrf_simple, :reject], ["remote.instance"]) + + remote_message = build_remote_message() + + assert SimplePolicy.filter(remote_message) == {:reject, nil} + end + end + + describe "when :accept" do + test "is empty" do + Config.put([:mrf_simple, :accept], []) + + local_message = build_local_message() + remote_message = build_remote_message() + + assert SimplePolicy.filter(local_message) == {:ok, local_message} + assert SimplePolicy.filter(remote_message) == {:ok, remote_message} + end + + test "is not empty but it doesn't have a matching host" do + Config.put([:mrf_simple, :accept], ["non.matching.remote"]) + + local_message = build_local_message() + remote_message = build_remote_message() + + assert SimplePolicy.filter(local_message) == {:ok, local_message} + assert SimplePolicy.filter(remote_message) == {:reject, nil} + end + + test "has a matching host" do + Config.put([:mrf_simple, :accept], ["remote.instance"]) + + local_message = build_local_message() + remote_message = build_remote_message() + + assert SimplePolicy.filter(local_message) == {:ok, local_message} + assert SimplePolicy.filter(remote_message) == {:ok, remote_message} + end + end + + defp build_local_message do + %{ + "actor" => "#{Pleroma.Web.base_url()}/users/alice", + "to" => [], + "cc" => [] + } + end + + defp build_remote_message do + %{"actor" => "https://remote.instance/users/bob"} + end +end From 68c75a08e8593d41f496a362ab1be43d054c09d5 Mon Sep 17 00:00:00 2001 From: "Haelwenn (lanodan) Monnier" Date: Fri, 17 May 2019 07:34:52 +0200 Subject: [PATCH 100/170] MastoAPI account_view.ex: requested is false when following is true Closes: https://git.pleroma.social/pleroma/pleroma/issues/903 --- lib/pleroma/web/mastodon_api/views/account_view.ex | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lib/pleroma/web/mastodon_api/views/account_view.ex b/lib/pleroma/web/mastodon_api/views/account_view.ex index 779b9a382..606a0f2ed 100644 --- a/lib/pleroma/web/mastodon_api/views/account_view.ex +++ b/lib/pleroma/web/mastodon_api/views/account_view.ex @@ -40,7 +40,7 @@ def render("relationship.json", %{user: %User{} = user, target: %User{} = target follow_activity = Pleroma.Web.ActivityPub.Utils.fetch_latest_follow(user, target) requested = - if follow_activity do + if follow_activity and !User.following?(target, user) do follow_activity.data["state"] == "pending" else false From 7ed682213faf88edc67b4c2a24b277ab1d992813 Mon Sep 17 00:00:00 2001 From: Alexander Strizhakov Date: Fri, 17 May 2019 07:25:20 +0000 Subject: [PATCH 101/170] Fix/902 random compile failing --- lib/pleroma/user.ex | 6 +++--- lib/pleroma/web/activity_pub/transmogrifier.ex | 1 - lib/pleroma/web/common_api/common_api.ex | 6 +++--- lib/pleroma/web/federator/publisher.ex | 8 ++++---- .../web/mastodon_api/mastodon_api_controller.ex | 2 +- lib/pleroma/web/oauth/authorization.ex | 2 +- lib/pleroma/web/oauth/token.ex | 2 +- lib/pleroma/web/web_finger/web_finger.ex | 2 +- test/formatter_test.exs | 2 +- test/plugs/legacy_authentication_plug_test.exs | 2 +- test/repo_test.exs | 7 ++++--- test/support/factory.ex | 9 +++++---- test/user_test.exs | 10 +++++----- test/web/mastodon_api/mastodon_api_controller_test.exs | 8 ++++---- test/web/ostatus/ostatus_test.exs | 4 ++-- 15 files changed, 36 insertions(+), 35 deletions(-) diff --git a/lib/pleroma/user.ex b/lib/pleroma/user.ex index 9ffb61300..9607c1f03 100644 --- a/lib/pleroma/user.ex +++ b/lib/pleroma/user.ex @@ -55,7 +55,7 @@ defmodule Pleroma.User do field(:last_refreshed_at, :naive_datetime_usec) has_many(:notifications, Notification) has_many(:registrations, Registration) - embeds_one(:info, Pleroma.User.Info) + embeds_one(:info, User.Info) timestamps() end @@ -233,7 +233,7 @@ def register_changeset(struct, params \\ %{}, opts \\ []) do |> validate_confirmation(:password) |> unique_constraint(:email) |> unique_constraint(:nickname) - |> validate_exclusion(:nickname, Pleroma.Config.get([Pleroma.User, :restricted_nicknames])) + |> validate_exclusion(:nickname, Pleroma.Config.get([User, :restricted_nicknames])) |> validate_format(:nickname, local_nickname_regex()) |> validate_format(:email, @email_regex) |> validate_length(:bio, max: 1000) @@ -278,7 +278,7 @@ def register(%Ecto.Changeset{} = changeset) do with {:ok, user} <- Repo.insert(changeset), {:ok, user} <- autofollow_users(user), {:ok, user} <- set_cache(user), - {:ok, _} <- Pleroma.User.WelcomeMessage.post_welcome_message_to_user(user), + {:ok, _} <- User.WelcomeMessage.post_welcome_message_to_user(user), {:ok, _} <- try_send_confirmation_email(user) do {:ok, user} end diff --git a/lib/pleroma/web/activity_pub/transmogrifier.ex b/lib/pleroma/web/activity_pub/transmogrifier.ex index 508f3532f..5edd8ccc7 100644 --- a/lib/pleroma/web/activity_pub/transmogrifier.ex +++ b/lib/pleroma/web/activity_pub/transmogrifier.ex @@ -11,7 +11,6 @@ defmodule Pleroma.Web.ActivityPub.Transmogrifier do alias Pleroma.Object.Containment alias Pleroma.Repo alias Pleroma.User - alias Pleroma.User alias Pleroma.Web.ActivityPub.ActivityPub alias Pleroma.Web.ActivityPub.Utils alias Pleroma.Web.ActivityPub.Visibility diff --git a/lib/pleroma/web/common_api/common_api.ex b/lib/pleroma/web/common_api/common_api.ex index 208c12c7b..a599ffee5 100644 --- a/lib/pleroma/web/common_api/common_api.ex +++ b/lib/pleroma/web/common_api/common_api.ex @@ -200,7 +200,7 @@ def update(user) do user = with emoji <- emoji_from_profile(user), source_data <- (user.info.source_data || %{}) |> Map.put("tag", emoji), - info_cng <- Pleroma.User.Info.set_source_data(user.info, source_data), + info_cng <- User.Info.set_source_data(user.info, source_data), change <- Ecto.Changeset.change(user) |> Ecto.Changeset.put_embed(:info, info_cng), {:ok, user} <- User.update_and_set_cache(change) do user @@ -233,7 +233,7 @@ def pin(id_or_ap_id, %{ap_id: user_ap_id} = user) do } = activity <- get_by_id_or_ap_id(id_or_ap_id), true <- Enum.member?(object_to, "https://www.w3.org/ns/activitystreams#Public"), %{valid?: true} = info_changeset <- - Pleroma.User.Info.add_pinnned_activity(user.info, activity), + User.Info.add_pinnned_activity(user.info, activity), changeset <- Ecto.Changeset.change(user) |> Ecto.Changeset.put_embed(:info, info_changeset), {:ok, _user} <- User.update_and_set_cache(changeset) do @@ -250,7 +250,7 @@ def pin(id_or_ap_id, %{ap_id: user_ap_id} = user) do def unpin(id_or_ap_id, user) do with %Activity{} = activity <- get_by_id_or_ap_id(id_or_ap_id), %{valid?: true} = info_changeset <- - Pleroma.User.Info.remove_pinnned_activity(user.info, activity), + User.Info.remove_pinnned_activity(user.info, activity), changeset <- Ecto.Changeset.change(user) |> Ecto.Changeset.put_embed(:info, info_changeset), {:ok, _user} <- User.update_and_set_cache(changeset) do diff --git a/lib/pleroma/web/federator/publisher.ex b/lib/pleroma/web/federator/publisher.ex index fb4e8548d..70f870244 100644 --- a/lib/pleroma/web/federator/publisher.ex +++ b/lib/pleroma/web/federator/publisher.ex @@ -52,9 +52,9 @@ def perform(type, _, _) do @doc """ Relays an activity to all specified peers. """ - @callback publish(Pleroma.User.t(), Pleroma.Activity.t()) :: :ok | {:error, any()} + @callback publish(User.t(), Activity.t()) :: :ok | {:error, any()} - @spec publish(Pleroma.User.t(), Pleroma.Activity.t()) :: :ok + @spec publish(User.t(), Activity.t()) :: :ok def publish(%User{} = user, %Activity{} = activity) do Config.get([:instance, :federation_publisher_modules]) |> Enum.each(fn module -> @@ -70,9 +70,9 @@ def publish(%User{} = user, %Activity{} = activity) do @doc """ Gathers links used by an outgoing federation module for WebFinger output. """ - @callback gather_webfinger_links(Pleroma.User.t()) :: list() + @callback gather_webfinger_links(User.t()) :: list() - @spec gather_webfinger_links(Pleroma.User.t()) :: list() + @spec gather_webfinger_links(User.t()) :: list() def gather_webfinger_links(%User{} = user) do Config.get([:instance, :federation_publisher_modules]) |> Enum.reduce([], fn module, links -> diff --git a/lib/pleroma/web/mastodon_api/mastodon_api_controller.ex b/lib/pleroma/web/mastodon_api/mastodon_api_controller.ex index 66056a846..1b776fbca 100644 --- a/lib/pleroma/web/mastodon_api/mastodon_api_controller.ex +++ b/lib/pleroma/web/mastodon_api/mastodon_api_controller.ex @@ -1222,7 +1222,7 @@ def remove_from_list(%{assigns: %{user: user}} = conn, %{"id" => id, "account_id accounts |> Enum.each(fn account_id -> with %Pleroma.List{} = list <- Pleroma.List.get(id, user), - %User{} = followed <- Pleroma.User.get_cached_by_id(account_id) do + %User{} = followed <- User.get_cached_by_id(account_id) do Pleroma.List.unfollow(list, followed) end end) diff --git a/lib/pleroma/web/oauth/authorization.ex b/lib/pleroma/web/oauth/authorization.ex index b47688de1..18973413e 100644 --- a/lib/pleroma/web/oauth/authorization.ex +++ b/lib/pleroma/web/oauth/authorization.ex @@ -20,7 +20,7 @@ defmodule Pleroma.Web.OAuth.Authorization do field(:scopes, {:array, :string}, default: []) field(:valid_until, :naive_datetime_usec) field(:used, :boolean, default: false) - belongs_to(:user, Pleroma.User, type: Pleroma.FlakeId) + belongs_to(:user, User, type: Pleroma.FlakeId) belongs_to(:app, App) timestamps() diff --git a/lib/pleroma/web/oauth/token.ex b/lib/pleroma/web/oauth/token.ex index ef047d565..66c95c2e9 100644 --- a/lib/pleroma/web/oauth/token.ex +++ b/lib/pleroma/web/oauth/token.ex @@ -22,7 +22,7 @@ defmodule Pleroma.Web.OAuth.Token do field(:refresh_token, :string) field(:scopes, {:array, :string}, default: []) field(:valid_until, :naive_datetime_usec) - belongs_to(:user, Pleroma.User, type: Pleroma.FlakeId) + belongs_to(:user, User, type: Pleroma.FlakeId) belongs_to(:app, App) timestamps() diff --git a/lib/pleroma/web/web_finger/web_finger.ex b/lib/pleroma/web/web_finger/web_finger.ex index 3a3b98a10..1239b962a 100644 --- a/lib/pleroma/web/web_finger/web_finger.ex +++ b/lib/pleroma/web/web_finger/web_finger.ex @@ -99,7 +99,7 @@ def ensure_keys_present(user) do info_cng = info - |> Pleroma.User.Info.set_keys(pem) + |> User.Info.set_keys(pem) cng = Ecto.Changeset.change(user) diff --git a/test/formatter_test.exs b/test/formatter_test.exs index 06f4f6e50..5e7011160 100644 --- a/test/formatter_test.exs +++ b/test/formatter_test.exs @@ -125,7 +125,7 @@ test "gives a replacement for user links, using local nicknames in user links te archaeme = insert(:user, %{ nickname: "archa_eme_", - info: %Pleroma.User.Info{source_data: %{"url" => "https://archeme/@archa_eme_"}} + info: %User.Info{source_data: %{"url" => "https://archeme/@archa_eme_"}} }) archaeme_remote = insert(:user, %{nickname: "archaeme@archae.me"}) diff --git a/test/plugs/legacy_authentication_plug_test.exs b/test/plugs/legacy_authentication_plug_test.exs index 8b0b06772..02f530058 100644 --- a/test/plugs/legacy_authentication_plug_test.exs +++ b/test/plugs/legacy_authentication_plug_test.exs @@ -3,7 +3,7 @@ # SPDX-License-Identifier: AGPL-3.0-only defmodule Pleroma.Plugs.LegacyAuthenticationPlugTest do - use Pleroma.Web.ConnCase, async: true + use Pleroma.Web.ConnCase alias Pleroma.Plugs.LegacyAuthenticationPlug alias Pleroma.User diff --git a/test/repo_test.exs b/test/repo_test.exs index 5382289c7..85085a1fa 100644 --- a/test/repo_test.exs +++ b/test/repo_test.exs @@ -1,23 +1,24 @@ defmodule Pleroma.RepoTest do use Pleroma.DataCase import Pleroma.Factory + alias Pleroma.User describe "find_resource/1" do test "returns user" do user = insert(:user) - query = from(t in Pleroma.User, where: t.id == ^user.id) + query = from(t in User, where: t.id == ^user.id) assert Repo.find_resource(query) == {:ok, user} end test "returns not_found" do - query = from(t in Pleroma.User, where: t.id == ^"9gBuXNpD2NyDmmxxdw") + query = from(t in User, where: t.id == ^"9gBuXNpD2NyDmmxxdw") assert Repo.find_resource(query) == {:error, :not_found} end end describe "get_assoc/2" do test "get assoc from preloaded data" do - user = %Pleroma.User{name: "Agent Smith"} + user = %User{name: "Agent Smith"} token = %Pleroma.Web.OAuth.Token{insert(:oauth_token) | user: user} assert Repo.get_assoc(token, :user) == {:ok, user} end diff --git a/test/support/factory.ex b/test/support/factory.ex index 90c7d80f2..be6247ca4 100644 --- a/test/support/factory.ex +++ b/test/support/factory.ex @@ -4,6 +4,7 @@ defmodule Pleroma.Factory do use ExMachina.Ecto, repo: Pleroma.Repo + alias Pleroma.User def participation_factory do conversation = insert(:conversation) @@ -23,7 +24,7 @@ def conversation_factory do end def user_factory do - user = %Pleroma.User{ + user = %User{ name: sequence(:name, &"Test テスト User #{&1}"), email: sequence(:email, &"user#{&1}@example.com"), nickname: sequence(:nickname, &"nick#{&1}"), @@ -34,9 +35,9 @@ def user_factory do %{ user - | ap_id: Pleroma.User.ap_id(user), - follower_address: Pleroma.User.ap_followers(user), - following: [Pleroma.User.ap_id(user)] + | ap_id: User.ap_id(user), + follower_address: User.ap_followers(user), + following: [User.ap_id(user)] } end diff --git a/test/user_test.exs b/test/user_test.exs index 721b65693..10e463ff8 100644 --- a/test/user_test.exs +++ b/test/user_test.exs @@ -277,7 +277,7 @@ test "it requires an email, name, nickname and password, bio is optional" do end test "it restricts certain nicknames" do - [restricted_name | _] = Pleroma.Config.get([Pleroma.User, :restricted_nicknames]) + [restricted_name | _] = Pleroma.Config.get([User, :restricted_nicknames]) assert is_bitstring(restricted_name) @@ -1223,11 +1223,11 @@ test "follower count is updated when a follower is blocked" do follower2 = insert(:user) follower3 = insert(:user) - {:ok, follower} = Pleroma.User.follow(follower, user) - {:ok, _follower2} = Pleroma.User.follow(follower2, user) - {:ok, _follower3} = Pleroma.User.follow(follower3, user) + {:ok, follower} = User.follow(follower, user) + {:ok, _follower2} = User.follow(follower2, user) + {:ok, _follower3} = User.follow(follower3, user) - {:ok, _} = Pleroma.User.block(user, follower) + {:ok, _} = User.block(user, follower) user_show = Pleroma.Web.TwitterAPI.UserView.render("show.json", %{user: user}) diff --git a/test/web/mastodon_api/mastodon_api_controller_test.exs b/test/web/mastodon_api/mastodon_api_controller_test.exs index 90d67a55f..cbff141c8 100644 --- a/test/web/mastodon_api/mastodon_api_controller_test.exs +++ b/test/web/mastodon_api/mastodon_api_controller_test.exs @@ -446,7 +446,7 @@ test "verify_credentials", %{conn: conn} do end test "verify_credentials default scope unlisted", %{conn: conn} do - user = insert(:user, %{info: %Pleroma.User.Info{default_scope: "unlisted"}}) + user = insert(:user, %{info: %User.Info{default_scope: "unlisted"}}) conn = conn @@ -1322,7 +1322,7 @@ test "returns the relationships for the current user", %{conn: conn} do describe "locked accounts" do test "/api/v1/follow_requests works" do - user = insert(:user, %{info: %Pleroma.User.Info{locked: true}}) + user = insert(:user, %{info: %User.Info{locked: true}}) other_user = insert(:user) {:ok, _activity} = ActivityPub.follow(other_user, user) @@ -1367,7 +1367,7 @@ test "/api/v1/follow_requests/:id/authorize works" do end test "verify_credentials", %{conn: conn} do - user = insert(:user, %{info: %Pleroma.User.Info{default_scope: "private"}}) + user = insert(:user, %{info: %User.Info{default_scope: "private"}}) conn = conn @@ -1379,7 +1379,7 @@ test "verify_credentials", %{conn: conn} do end test "/api/v1/follow_requests/:id/reject works" do - user = insert(:user, %{info: %Pleroma.User.Info{locked: true}}) + user = insert(:user, %{info: %User.Info{locked: true}}) other_user = insert(:user) {:ok, _activity} = ActivityPub.follow(other_user, user) diff --git a/test/web/ostatus/ostatus_test.exs b/test/web/ostatus/ostatus_test.exs index 2916caf8d..3516a13fa 100644 --- a/test/web/ostatus/ostatus_test.exs +++ b/test/web/ostatus/ostatus_test.exs @@ -355,7 +355,7 @@ test "tries to use the information in poco fields" do {:ok, user} = OStatus.find_or_make_user(uri) - user = Pleroma.User.get_cached_by_id(user.id) + user = User.get_cached_by_id(user.id) assert user.name == "Constance Variable" assert user.nickname == "lambadalambda@social.heldscal.la" assert user.local == false @@ -374,7 +374,7 @@ test "find_or_make_user sets all the nessary input fields" do {:ok, user} = OStatus.find_or_make_user(uri) assert user.info == - %Pleroma.User.Info{ + %User.Info{ id: user.info.id, ap_enabled: false, background: %{}, From 718b59a2631af6245570a073e3c5b2464b810a27 Mon Sep 17 00:00:00 2001 From: lain Date: Fri, 17 May 2019 11:19:30 +0200 Subject: [PATCH 102/170] Dependencies: Update ecto sql once more. --- mix.exs | 2 +- mix.lock | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/mix.exs b/mix.exs index 2535fcf98..2888b69e2 100644 --- a/mix.exs +++ b/mix.exs @@ -67,7 +67,7 @@ defp deps do {:phoenix_ecto, "~> 4.0"}, {:ecto_sql, git: "https://github.com/elixir-ecto/ecto_sql", - ref: "e839a9a327b632d73533ac8105ba360bc831cf83", + ref: "14cb065a74c488d737d973f7a91bc036c6245f78", override: true}, {:postgrex, ">= 0.13.5"}, {:gettext, "~> 0.15"}, diff --git a/mix.lock b/mix.lock index 5ee5634d3..714a8a2b1 100644 --- a/mix.lock +++ b/mix.lock @@ -21,7 +21,7 @@ "deep_merge": {:hex, :deep_merge, "1.0.0", "b4aa1a0d1acac393bdf38b2291af38cb1d4a52806cf7a4906f718e1feb5ee961", [:mix], [], "hexpm"}, "earmark": {:hex, :earmark, "1.3.2", "b840562ea3d67795ffbb5bd88940b1bed0ed9fa32834915125ea7d02e35888a5", [:mix], [], "hexpm"}, "ecto": {:hex, :ecto, "3.1.4", "69d852da7a9f04ede725855a35ede48d158ca11a404fe94f8b2fb3b2162cd3c9", [:mix], [{:decimal, "~> 1.6", [hex: :decimal, repo: "hexpm", optional: false]}, {:jason, "~> 1.0", [hex: :jason, repo: "hexpm", optional: true]}], "hexpm"}, - "ecto_sql": {:git, "https://github.com/elixir-ecto/ecto_sql", "e839a9a327b632d73533ac8105ba360bc831cf83", [ref: "e839a9a327b632d73533ac8105ba360bc831cf83"]}, + "ecto_sql": {:git, "https://github.com/elixir-ecto/ecto_sql", "14cb065a74c488d737d973f7a91bc036c6245f78", [ref: "14cb065a74c488d737d973f7a91bc036c6245f78"]}, "esshd": {:hex, :esshd, "0.1.0", "6f93a2062adb43637edad0ea7357db2702a4b80dd9683482fe00f5134e97f4c1", [:mix], [], "hexpm"}, "eternal": {:hex, :eternal, "1.2.0", "e2a6b6ce3b8c248f7dc31451aefca57e3bdf0e48d73ae5043229380a67614c41", [:mix], [], "hexpm"}, "ex2ms": {:hex, :ex2ms, "1.5.0", "19e27f9212be9a96093fed8cdfbef0a2b56c21237196d26760f11dfcfae58e97", [:mix], [], "hexpm"}, From e39c190f046bb345e80a2195278bb59ac81b8002 Mon Sep 17 00:00:00 2001 From: lain Date: Fri, 17 May 2019 11:30:35 +0200 Subject: [PATCH 103/170] Configuration: disable migration lock. --- config/config.exs | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/config/config.exs b/config/config.exs index 3d11c3a87..92d3e0dcd 100644 --- a/config/config.exs +++ b/config/config.exs @@ -48,7 +48,8 @@ config :pleroma, Pleroma.Repo, types: Pleroma.PostgresTypes, - telemetry_event: [Pleroma.Repo.Instrumenter] + telemetry_event: [Pleroma.Repo.Instrumenter], + migration_lock: nil config :pleroma, Pleroma.Captcha, enabled: false, From 249b31ffe53115ad187235890c405138ba190e14 Mon Sep 17 00:00:00 2001 From: lain Date: Fri, 17 May 2019 11:49:13 +0200 Subject: [PATCH 104/170] Fix specs. --- lib/pleroma/user.ex | 1 - test/web/ostatus/ostatus_test.exs | 2 +- 2 files changed, 1 insertion(+), 2 deletions(-) diff --git a/lib/pleroma/user.ex b/lib/pleroma/user.ex index 9607c1f03..28da310ee 100644 --- a/lib/pleroma/user.ex +++ b/lib/pleroma/user.ex @@ -1144,7 +1144,6 @@ def delete_user_activities(%User{ap_id: ap_id} = user) do stream = ap_id |> Activity.query_by_actor() - |> Activity.with_preloaded_object() |> Repo.stream() Repo.transaction(fn -> Enum.each(stream, &delete_activity(&1)) end, timeout: :infinity) diff --git a/test/web/ostatus/ostatus_test.exs b/test/web/ostatus/ostatus_test.exs index 3516a13fa..f6be16862 100644 --- a/test/web/ostatus/ostatus_test.exs +++ b/test/web/ostatus/ostatus_test.exs @@ -407,7 +407,7 @@ test "find_make_or_update_user takes an author element and returns an updated us {:ok, user} = OStatus.find_or_make_user(uri) old_name = user.name old_bio = user.bio - change = Ecto.Changeset.change(user, %{avatar: nil, bio: nil, old_name: nil}) + change = Ecto.Changeset.change(user, %{avatar: nil, bio: nil, name: nil}) {:ok, user} = Repo.update(change) refute user.avatar From 5743124c7727af3fbcd8243f1f8e71de91c9b470 Mon Sep 17 00:00:00 2001 From: lain Date: Fri, 17 May 2019 11:51:50 +0200 Subject: [PATCH 105/170] Dependencies: Update tzdata. This fixes the bug that tz data could not be loaded. Closes #910. --- mix.lock | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/mix.lock b/mix.lock index cd2d2370a..1dc19532d 100644 --- a/mix.lock +++ b/mix.lock @@ -83,7 +83,7 @@ "tesla": {:hex, :tesla, "1.2.1", "864783cc27f71dd8c8969163704752476cec0f3a51eb3b06393b3971dc9733ff", [:mix], [{:exjsx, ">= 3.0.0", [hex: :exjsx, repo: "hexpm", optional: true]}, {:fuse, "~> 2.4", [hex: :fuse, repo: "hexpm", optional: true]}, {:hackney, "~> 1.6", [hex: :hackney, repo: "hexpm", optional: true]}, {:ibrowse, "~> 4.4.0", [hex: :ibrowse, repo: "hexpm", optional: true]}, {:jason, ">= 1.0.0", [hex: :jason, repo: "hexpm", optional: true]}, {:mime, "~> 1.0", [hex: :mime, repo: "hexpm", optional: false]}, {:poison, ">= 1.0.0", [hex: :poison, repo: "hexpm", optional: true]}], "hexpm"}, "timex": {:hex, :timex, "3.5.0", "b0a23167da02d0fe4f1a4e104d1f929a00d348502b52432c05de875d0b9cffa5", [:mix], [{:combine, "~> 0.10", [hex: :combine, repo: "hexpm", optional: false]}, {:gettext, "~> 0.10", [hex: :gettext, repo: "hexpm", optional: false]}, {:tzdata, "~> 0.1.8 or ~> 0.5", [hex: :tzdata, repo: "hexpm", optional: false]}], "hexpm"}, "trailing_format_plug": {:hex, :trailing_format_plug, "0.0.7", "64b877f912cf7273bed03379936df39894149e35137ac9509117e59866e10e45", [:mix], [{:plug, "> 0.12.0", [hex: :plug, repo: "hexpm", optional: false]}], "hexpm"}, - "tzdata": {:hex, :tzdata, "0.5.17", "50793e3d85af49736701da1a040c415c97dc1caf6464112fd9bd18f425d3053b", [:mix], [{:hackney, "~> 1.0", [hex: :hackney, repo: "hexpm", optional: false]}], "hexpm"}, + "tzdata": {:hex, :tzdata, "0.5.20", "304b9e98a02840fb32a43ec111ffbe517863c8566eb04a061f1c4dbb90b4d84c", [:mix], [{:hackney, "~> 1.0", [hex: :hackney, repo: "hexpm", optional: false]}], "hexpm"}, "ueberauth": {:hex, :ueberauth, "0.6.1", "9e90d3337dddf38b1ca2753aca9b1e53d8a52b890191cdc55240247c89230412", [:mix], [{:plug, "~> 1.5", [hex: :plug, repo: "hexpm", optional: false]}], "hexpm"}, "unicode_util_compat": {:hex, :unicode_util_compat, "0.4.1", "d869e4c68901dd9531385bb0c8c40444ebf624e60b6962d95952775cac5e90cd", [:rebar3], [], "hexpm"}, "unsafe": {:hex, :unsafe, "1.0.0", "7c21742cd05380c7875546b023481d3a26f52df8e5dfedcb9f958f322baae305", [:mix], [], "hexpm"}, From 46684db84d0583cb5d88f8fcbd6b970ef95c84de Mon Sep 17 00:00:00 2001 From: lambda Date: Fri, 17 May 2019 09:53:44 +0000 Subject: [PATCH 106/170] Update account_view.ex --- lib/pleroma/web/mastodon_api/views/account_view.ex | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lib/pleroma/web/mastodon_api/views/account_view.ex b/lib/pleroma/web/mastodon_api/views/account_view.ex index 606a0f2ed..134c07b7e 100644 --- a/lib/pleroma/web/mastodon_api/views/account_view.ex +++ b/lib/pleroma/web/mastodon_api/views/account_view.ex @@ -40,7 +40,7 @@ def render("relationship.json", %{user: %User{} = user, target: %User{} = target follow_activity = Pleroma.Web.ActivityPub.Utils.fetch_latest_follow(user, target) requested = - if follow_activity and !User.following?(target, user) do + if follow_activity && !User.following?(target, user) do follow_activity.data["state"] == "pending" else false From a3fc7294da43a7e2d17626200e8d3bf5c05808d3 Mon Sep 17 00:00:00 2001 From: lain Date: Fri, 17 May 2019 12:47:38 +0200 Subject: [PATCH 107/170] CI: Add rum variant testing. --- .gitlab-ci.yml | 18 ++++++++++++++++-- 1 file changed, 16 insertions(+), 2 deletions(-) diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index f9745122a..3ea275127 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -15,6 +15,7 @@ cache: stages: - build - test + - test-rum - deploy before_script: @@ -45,7 +46,7 @@ docs-build: unit-testing: stage: test services: - - name: postgres:9.6.2 + - name: lainsoykaf/postgres-with-rum command: ["postgres", "-c", "fsync=off", "-c", "synchronous_commit=off", "-c", "full_page_writes=off"] script: - mix deps.get @@ -54,6 +55,20 @@ unit-testing: - mix test --trace --preload-modules - mix coveralls +unit-testing-rum: + stage: test-rum + services: + - name: lainsoykaf/postgres-with-rum + command: ["postgres", "-c", "fsync=off", "-c", "synchronous_commit=off", "-c", "full_page_writes=off"] + script: + - "echo 'config :pleroma, :database, rum_enabled: true' >> config/test.exs" + - mix deps.get + - mix ecto.create + - mix ecto.migrate + - "mix ecto.migrate --migrations-path priv/repo/optional_migrations/rum_indexing/" + - mix test --trace --preload-modules + - mix coveralls + lint: stage: test script: @@ -65,7 +80,6 @@ analysis: - mix deps.get - mix credo --strict --only=warnings,todo,fixme,consistency,readability - docs-deploy: stage: deploy image: alpine:3.9 From 022e6e4b44229be70f0ec6720a66610a0e2a403a Mon Sep 17 00:00:00 2001 From: lain Date: Fri, 17 May 2019 14:59:01 +0200 Subject: [PATCH 108/170] RUM: Remove vacuum analyze from migration Can't be run in a trnasaction. --- .../20190510135645_add_fts_index_to_objects_two.exs | 2 -- 1 file changed, 2 deletions(-) diff --git a/priv/repo/optional_migrations/rum_indexing/20190510135645_add_fts_index_to_objects_two.exs b/priv/repo/optional_migrations/rum_indexing/20190510135645_add_fts_index_to_objects_two.exs index 09e6cbfb1..b6a24441a 100644 --- a/priv/repo/optional_migrations/rum_indexing/20190510135645_add_fts_index_to_objects_two.exs +++ b/priv/repo/optional_migrations/rum_indexing/20190510135645_add_fts_index_to_objects_two.exs @@ -20,7 +20,6 @@ def up do FOR EACH ROW EXECUTE PROCEDURE objects_fts_update()") execute("UPDATE objects SET updated_at = NOW()") - execute("vacuum analyze") end def down do @@ -31,6 +30,5 @@ def down do remove(:fts_content, :tsvector) end create index(:objects, ["(to_tsvector('english', data->>'content'))"], using: :gin, name: :objects_fts) - execute("vacuum analyze") end end From 8784a7d1b40394cb1b4d5ce2d04b8cd057a57ceb Mon Sep 17 00:00:00 2001 From: lain Date: Fri, 17 May 2019 15:06:51 +0200 Subject: [PATCH 109/170] RUM: Set rum status by the environment. --- config/test.exs | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/config/test.exs b/config/test.exs index 40db66170..e1785d10f 100644 --- a/config/test.exs +++ b/config/test.exs @@ -63,6 +63,10 @@ config :pleroma, :http_security, report_uri: "https://endpoint.com" +rum_enabled = System.get_env("RUM_ENABLED") == "true" +config :pleroma, :database, rum_enabled: rum_enabled +IO.puts("RUM enabled: #{rum_enabled}") + try do import_config "test.secret.exs" rescue From ef63cf70883f4c7e3814ebac907f000da835ea10 Mon Sep 17 00:00:00 2001 From: lain Date: Fri, 17 May 2019 15:21:29 +0200 Subject: [PATCH 110/170] CI: Use the correct image with the correct hostname. --- .gitlab-ci.yml | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index 3ea275127..8b5131dc3 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -15,7 +15,6 @@ cache: stages: - build - test - - test-rum - deploy before_script: @@ -47,6 +46,7 @@ unit-testing: stage: test services: - name: lainsoykaf/postgres-with-rum + alias: postgres command: ["postgres", "-c", "fsync=off", "-c", "synchronous_commit=off", "-c", "full_page_writes=off"] script: - mix deps.get @@ -56,18 +56,19 @@ unit-testing: - mix coveralls unit-testing-rum: - stage: test-rum + stage: test services: - name: lainsoykaf/postgres-with-rum + alias: postgres command: ["postgres", "-c", "fsync=off", "-c", "synchronous_commit=off", "-c", "full_page_writes=off"] + variables: + RUM_ENABLED: "true" script: - - "echo 'config :pleroma, :database, rum_enabled: true' >> config/test.exs" - mix deps.get - mix ecto.create - mix ecto.migrate - "mix ecto.migrate --migrations-path priv/repo/optional_migrations/rum_indexing/" - mix test --trace --preload-modules - - mix coveralls lint: stage: test From f959bf7aa6b878ee5b669c4caabd5cdc4cc2dc9e Mon Sep 17 00:00:00 2001 From: lain Date: Fri, 17 May 2019 18:21:11 +0200 Subject: [PATCH 111/170] MongooseIM: Add basic integration endpoints. --- .../web/mongooseim/mongoose_im_controller.ex | 41 +++++++++++++ lib/pleroma/web/router.ex | 5 ++ .../mongoose_im_controller_test.exs | 59 +++++++++++++++++++ 3 files changed, 105 insertions(+) create mode 100644 lib/pleroma/web/mongooseim/mongoose_im_controller.ex create mode 100644 test/web/mongooseim/mongoose_im_controller_test.exs diff --git a/lib/pleroma/web/mongooseim/mongoose_im_controller.ex b/lib/pleroma/web/mongooseim/mongoose_im_controller.ex new file mode 100644 index 000000000..f8c634653 --- /dev/null +++ b/lib/pleroma/web/mongooseim/mongoose_im_controller.ex @@ -0,0 +1,41 @@ +# Pleroma: A lightweight social networking server +# Copyright © 2017-2019 Pleroma Authors +# SPDX-License-Identifier: AGPL-3.0-only + +defmodule Pleroma.Web.MongooseIM.MongooseIMController do + use Pleroma.Web, :controller + alias Comeonin.Pbkdf2 + alias Pleroma.User + alias Pleroma.Repo + + def user_exists(conn, %{"user" => username}) do + with %User{} <- Repo.get_by(User, nickname: username, local: true) do + conn + |> json(true) + else + _ -> + conn + |> put_status(:not_found) + |> json(false) + end + end + + def check_password(conn, %{"user" => username, "pass" => password}) do + with %User{password_hash: password_hash} <- + Repo.get_by(User, nickname: username, local: true), + true <- Pbkdf2.checkpw(password, password_hash) do + conn + |> json(true) + else + false -> + conn + |> put_status(403) + |> json(false) + + _ -> + conn + |> put_status(:not_found) + |> json(false) + end + end +end diff --git a/lib/pleroma/web/router.ex b/lib/pleroma/web/router.ex index 6a4e4a1d4..552778c92 100644 --- a/lib/pleroma/web/router.ex +++ b/lib/pleroma/web/router.ex @@ -704,6 +704,11 @@ defmodule Pleroma.Web.Router do end end + scope "/", Pleroma.Web.MongooseIM do + get("/user_exists", MongooseIMController, :user_exists) + get("/check_password", MongooseIMController, :check_password) + end + scope "/", Fallback do get("/registration/:token", RedirectController, :registration_page) get("/:maybe_nickname_or_id", RedirectController, :redirector_with_meta) diff --git a/test/web/mongooseim/mongoose_im_controller_test.exs b/test/web/mongooseim/mongoose_im_controller_test.exs new file mode 100644 index 000000000..eb83999bb --- /dev/null +++ b/test/web/mongooseim/mongoose_im_controller_test.exs @@ -0,0 +1,59 @@ +# Pleroma: A lightweight social networking server +# Copyright © 2017-2019 Pleroma Authors +# SPDX-License-Identifier: AGPL-3.0-only + +defmodule Pleroma.Web.MongooseIMController do + use Pleroma.Web.ConnCase + import Pleroma.Factory + + test "/user_exists", %{conn: conn} do + _user = insert(:user, nickname: "lain") + _remote_user = insert(:user, nickname: "alice", local: false) + + res = + conn + |> get(mongoose_im_path(conn, :user_exists), user: "lain") + |> json_response(200) + + assert res == true + + res = + conn + |> get(mongoose_im_path(conn, :user_exists), user: "alice") + |> json_response(404) + + assert res == false + + res = + conn + |> get(mongoose_im_path(conn, :user_exists), user: "bob") + |> json_response(404) + + assert res == false + end + + test "/check_password", %{conn: conn} do + user = insert(:user, password_hash: Comeonin.Pbkdf2.hashpwsalt("cool")) + + res = + conn + |> get(mongoose_im_path(conn, :check_password), user: user.nickname, pass: "cool") + |> json_response(200) + + assert res == true + + res = + conn + |> get(mongoose_im_path(conn, :check_password), user: user.nickname, pass: "uncool") + |> json_response(403) + + assert res == false + + res = + conn + |> get(mongoose_im_path(conn, :check_password), user: "nobody", pass: "cool") + |> json_response(404) + + assert res == false + end +end From 075eecec907b0a623a90eed44a0378a6812d8037 Mon Sep 17 00:00:00 2001 From: lain Date: Fri, 17 May 2019 18:32:30 +0200 Subject: [PATCH 112/170] Linting. --- lib/pleroma/web/mongooseim/mongoose_im_controller.ex | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lib/pleroma/web/mongooseim/mongoose_im_controller.ex b/lib/pleroma/web/mongooseim/mongoose_im_controller.ex index f8c634653..489d5d3a5 100644 --- a/lib/pleroma/web/mongooseim/mongoose_im_controller.ex +++ b/lib/pleroma/web/mongooseim/mongoose_im_controller.ex @@ -5,8 +5,8 @@ defmodule Pleroma.Web.MongooseIM.MongooseIMController do use Pleroma.Web, :controller alias Comeonin.Pbkdf2 - alias Pleroma.User alias Pleroma.Repo + alias Pleroma.User def user_exists(conn, %{"user" => username}) do with %User{} <- Repo.get_by(User, nickname: username, local: true) do From 78588dbd80580fbef53819dd87ee8fcc26cb09e9 Mon Sep 17 00:00:00 2001 From: William Pitcock Date: Fri, 17 May 2019 18:49:10 +0000 Subject: [PATCH 113/170] mrf: simple policy: mark all posts instead of posts with media as sensitive if they match media_nsfw --- lib/pleroma/web/activity_pub/mrf/simple_policy.ex | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/lib/pleroma/web/activity_pub/mrf/simple_policy.ex b/lib/pleroma/web/activity_pub/mrf/simple_policy.ex index 50426e920..9627c3400 100644 --- a/lib/pleroma/web/activity_pub/mrf/simple_policy.ex +++ b/lib/pleroma/web/activity_pub/mrf/simple_policy.ex @@ -48,10 +48,9 @@ defp check_media_nsfw( %{host: actor_host} = _actor_info, %{ "type" => "Create", - "object" => %{"attachment" => child_attachment} = child_object + "object" => child_object } = object - ) - when length(child_attachment) > 0 do + ) do object = if Enum.member?(Pleroma.Config.get([:mrf_simple, :media_nsfw]), actor_host) do tags = (child_object["tag"] || []) ++ ["nsfw"] From 0da1233e8e093ff7c69994f9e81d58611be60507 Mon Sep 17 00:00:00 2001 From: William Pitcock Date: Fri, 17 May 2019 18:49:43 +0000 Subject: [PATCH 114/170] rich media: suppress link previews if post is marked as sensitive --- lib/pleroma/web/rich_media/helpers.ex | 1 + test/web/rich_media/helpers_test.exs | 21 +++++++++++++++++++++ 2 files changed, 22 insertions(+) diff --git a/lib/pleroma/web/rich_media/helpers.ex b/lib/pleroma/web/rich_media/helpers.ex index 0162a5be9..9bc8f2559 100644 --- a/lib/pleroma/web/rich_media/helpers.ex +++ b/lib/pleroma/web/rich_media/helpers.ex @@ -24,6 +24,7 @@ defp validate_page_url(_), do: :error def fetch_data_for_activity(%Activity{data: %{"type" => "Create"}} = activity) do with true <- Pleroma.Config.get([:rich_media, :enabled]), %Object{} = object <- Object.normalize(activity), + false <- object.data["sensitive"] || false, {:ok, page_url} <- HTML.extract_first_external_url(object, object.data["content"]), :ok <- validate_page_url(page_url), {:ok, rich_media} <- Parser.parse(page_url) do diff --git a/test/web/rich_media/helpers_test.exs b/test/web/rich_media/helpers_test.exs index 60d93768f..6e23392ca 100644 --- a/test/web/rich_media/helpers_test.exs +++ b/test/web/rich_media/helpers_test.exs @@ -1,6 +1,7 @@ defmodule Pleroma.Web.RichMedia.HelpersTest do use Pleroma.DataCase + alias Pleroma.Object alias Pleroma.Web.CommonAPI import Pleroma.Factory @@ -59,4 +60,24 @@ test "crawls valid, complete URLs" do Pleroma.Config.put([:rich_media, :enabled], false) end + + test "refuses to crawl URLs from posts marked sensitive" do + user = insert(:user) + + {:ok, activity} = + CommonAPI.post(user, %{ + "status" => "http://example.com/ogp", + "spoiler_text" => "." + }) + + %Object{} = object = Object.normalize(activity) + + assert object.data["sensitive"] + + Pleroma.Config.put([:rich_media, :enabled], true) + + assert %{} = Pleroma.Web.RichMedia.Helpers.fetch_data_for_activity(activity) + + Pleroma.Config.put([:rich_media, :enabled], false) + end end From d3b8cd342ff6d1fe87bcfe6305424faf49666252 Mon Sep 17 00:00:00 2001 From: William Pitcock Date: Fri, 17 May 2019 19:03:19 +0000 Subject: [PATCH 115/170] http: request builder: send user-agent when making requests --- lib/pleroma/http/request_builder.ex | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/lib/pleroma/http/request_builder.ex b/lib/pleroma/http/request_builder.ex index 5f2cff2c0..522728da1 100644 --- a/lib/pleroma/http/request_builder.ex +++ b/lib/pleroma/http/request_builder.ex @@ -45,8 +45,9 @@ def url(request, u) do Add headers to the request """ @spec headers(map(), list(tuple)) :: map() - def headers(request, h) do - Map.put_new(request, :headers, h) + def headers(request, header_list) do + header_list = header_list ++ [{"User-Agent", Pleroma.Application.user_agent()}] + Map.put_new(request, :headers, header_list) end @doc """ From 290f5b2cfe91dd2acba56f79ef137f15c68a0db0 Mon Sep 17 00:00:00 2001 From: William Pitcock Date: Fri, 17 May 2019 20:28:58 +0000 Subject: [PATCH 116/170] config: make sending the user agent configurable, disable sending the user agent in tests --- config/config.exs | 1 + config/test.exs | 2 ++ lib/pleroma/http/request_builder.ex | 8 +++++++- 3 files changed, 10 insertions(+), 1 deletion(-) diff --git a/config/config.exs b/config/config.exs index e82f08e07..9a10b0ff7 100644 --- a/config/config.exs +++ b/config/config.exs @@ -192,6 +192,7 @@ # Configures http settings, upstream proxy etc. config :pleroma, :http, proxy_url: nil, + send_user_agent: true, adapter: [ ssl_options: [ # We don't support TLS v1.3 yet diff --git a/config/test.exs b/config/test.exs index e1785d10f..6100989c4 100644 --- a/config/test.exs +++ b/config/test.exs @@ -63,6 +63,8 @@ config :pleroma, :http_security, report_uri: "https://endpoint.com" +config :pleroma, :http, send_user_agent: false + rum_enabled = System.get_env("RUM_ENABLED") == "true" config :pleroma, :database, rum_enabled: rum_enabled IO.puts("RUM enabled: #{rum_enabled}") diff --git a/lib/pleroma/http/request_builder.ex b/lib/pleroma/http/request_builder.ex index 522728da1..e23457999 100644 --- a/lib/pleroma/http/request_builder.ex +++ b/lib/pleroma/http/request_builder.ex @@ -46,7 +46,13 @@ def url(request, u) do """ @spec headers(map(), list(tuple)) :: map() def headers(request, header_list) do - header_list = header_list ++ [{"User-Agent", Pleroma.Application.user_agent()}] + header_list = + if Pleroma.Config.get([:http, :send_user_agent]) do + header_list ++ [{"User-Agent", Pleroma.Application.user_agent()}] + else + header_list + end + Map.put_new(request, :headers, header_list) end From c234ce546a769747f436c19fee99bed2a7a58f3b Mon Sep 17 00:00:00 2001 From: William Pitcock Date: Fri, 17 May 2019 20:31:39 +0000 Subject: [PATCH 117/170] add CHANGELOG entry --- CHANGELOG.md | 1 + 1 file changed, 1 insertion(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index 12c439135..5de9ae292 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -102,6 +102,7 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/). - Mastodon API: Correct `reblogged`, `favourited`, and `bookmarked` values in the reblog status JSON - Mastodon API: Exposing default scope of the user to anyone - Mastodon API: Make `irreversible` field default to `false` [`POST /api/v1/filters`] +- User-Agent is now sent correctly for all HTTP requests. ## Removed - Configuration: `config :pleroma, :fe` in favor of the more flexible `config :pleroma, :frontend_configurations` From dc081595385084fe6b382e4b38c17cb51cf0a611 Mon Sep 17 00:00:00 2001 From: William Pitcock Date: Fri, 17 May 2019 20:42:51 +0000 Subject: [PATCH 118/170] also suppress link previews from posts marked #nsfw --- lib/pleroma/web/common_api/common_api.ex | 4 +++- lib/pleroma/web/common_api/utils.ex | 4 +++- test/web/rich_media/helpers_test.exs | 21 ++++++++++++++++++++- 3 files changed, 26 insertions(+), 3 deletions(-) diff --git a/lib/pleroma/web/common_api/common_api.ex b/lib/pleroma/web/common_api/common_api.ex index a599ffee5..5a312d673 100644 --- a/lib/pleroma/web/common_api/common_api.ex +++ b/lib/pleroma/web/common_api/common_api.ex @@ -157,6 +157,7 @@ def post(user, %{"status" => status} = data) do {to, cc} <- to_for_user_and_mentions(user, mentions, in_reply_to, visibility), context <- make_context(in_reply_to), cw <- data["spoiler_text"] || "", + sensitive <- data["sensitive"] || Enum.member?(tags, {"#nsfw", "nsfw"}), full_payload <- String.trim(status <> cw), length when length in 1..limit <- String.length(full_payload), object <- @@ -169,7 +170,8 @@ def post(user, %{"status" => status} = data) do in_reply_to, tags, cw, - cc + cc, + sensitive ), object <- Map.put( diff --git a/lib/pleroma/web/common_api/utils.ex b/lib/pleroma/web/common_api/utils.ex index bee2fd159..8d6160976 100644 --- a/lib/pleroma/web/common_api/utils.ex +++ b/lib/pleroma/web/common_api/utils.ex @@ -223,7 +223,8 @@ def make_note_data( in_reply_to, tags, cw \\ nil, - cc \\ [] + cc \\ [], + sensitive \\ false ) do object = %{ "type" => "Note", @@ -231,6 +232,7 @@ def make_note_data( "cc" => cc, "content" => content_html, "summary" => cw, + "sensitive" => sensitive, "context" => context, "attachment" => attachments, "actor" => actor, diff --git a/test/web/rich_media/helpers_test.exs b/test/web/rich_media/helpers_test.exs index 6e23392ca..53b0596f5 100644 --- a/test/web/rich_media/helpers_test.exs +++ b/test/web/rich_media/helpers_test.exs @@ -67,7 +67,26 @@ test "refuses to crawl URLs from posts marked sensitive" do {:ok, activity} = CommonAPI.post(user, %{ "status" => "http://example.com/ogp", - "spoiler_text" => "." + "sensitive" => true + }) + + %Object{} = object = Object.normalize(activity) + + assert object.data["sensitive"] + + Pleroma.Config.put([:rich_media, :enabled], true) + + assert %{} = Pleroma.Web.RichMedia.Helpers.fetch_data_for_activity(activity) + + Pleroma.Config.put([:rich_media, :enabled], false) + end + + test "refuses to crawl URLs from posts tagged NSFW" do + user = insert(:user) + + {:ok, activity} = + CommonAPI.post(user, %{ + "status" => "http://example.com/ogp #nsfw" }) %Object{} = object = Object.normalize(activity) From c4a55e167afcfd25cf4c1efb46886f2defe72c22 Mon Sep 17 00:00:00 2001 From: William Pitcock Date: Fri, 17 May 2019 20:43:31 +0000 Subject: [PATCH 119/170] add Changelog entry --- CHANGELOG.md | 1 + lib/pleroma/web/common_api/utils.ex | 2 +- 2 files changed, 2 insertions(+), 1 deletion(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 12c439135..a73bf47d2 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -71,6 +71,7 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/). - Deps: Updated Ecto to 3.0.7 - Don't ship finmoji by default, they can be installed as an emoji pack - Hide deactivated users and their statuses +- Posts which are marked sensitive or tagged nsfw no longer have link previews. ### Fixed - Added an FTS index on objects. Running `vacuum analyze` and setting a larger `work_mem` is recommended. diff --git a/lib/pleroma/web/common_api/utils.ex b/lib/pleroma/web/common_api/utils.ex index 8d6160976..d93c0d46e 100644 --- a/lib/pleroma/web/common_api/utils.ex +++ b/lib/pleroma/web/common_api/utils.ex @@ -232,7 +232,7 @@ def make_note_data( "cc" => cc, "content" => content_html, "summary" => cw, - "sensitive" => sensitive, + "sensitive" => !Enum.member?(["false", "False", "0", false], sensitive), "context" => context, "attachment" => attachments, "actor" => actor, From 2375e9a95ba9042958ff7e8f75830df4ab53fed2 Mon Sep 17 00:00:00 2001 From: Aaron Tinio Date: Mon, 20 May 2019 06:02:50 +0800 Subject: [PATCH 120/170] Add report filtering to MRF.SimplePolicy --- config/config.exs | 1 + .../web/activity_pub/mrf/simple_policy.ex | 13 ++++++++- .../activity_pub/mrf/simple_policy_test.exs | 28 +++++++++++++++++++ 3 files changed, 41 insertions(+), 1 deletion(-) diff --git a/config/config.exs b/config/config.exs index 9a10b0ff7..bab47a8a2 100644 --- a/config/config.exs +++ b/config/config.exs @@ -298,6 +298,7 @@ media_removal: [], media_nsfw: [], federated_timeline_removal: [], + report_removal: [], reject: [], accept: [] diff --git a/lib/pleroma/web/activity_pub/mrf/simple_policy.ex b/lib/pleroma/web/activity_pub/mrf/simple_policy.ex index 9627c3400..7190652d2 100644 --- a/lib/pleroma/web/activity_pub/mrf/simple_policy.ex +++ b/lib/pleroma/web/activity_pub/mrf/simple_policy.ex @@ -94,6 +94,16 @@ defp check_ftl_removal(%{host: actor_host} = _actor_info, object) do {:ok, object} end + defp check_report_removal(%{host: actor_host} = _actor_info, %{"type" => "Flag"} = object) do + if actor_host in Pleroma.Config.get([:mrf_simple, :report_removal]) do + {:reject, nil} + else + {:ok, object} + end + end + + defp check_report_removal(_actor_info, object), do: {:ok, object} + @impl true def filter(object) do actor_info = URI.parse(object["actor"]) @@ -102,7 +112,8 @@ def filter(object) do {:ok, object} <- check_reject(actor_info, object), {:ok, object} <- check_media_removal(actor_info, object), {:ok, object} <- check_media_nsfw(actor_info, object), - {:ok, object} <- check_ftl_removal(actor_info, object) do + {:ok, object} <- check_ftl_removal(actor_info, object), + {:ok, object} <- check_report_removal(actor_info, object) do {:ok, object} else _e -> {:reject, nil} diff --git a/test/web/activity_pub/mrf/simple_policy_test.exs b/test/web/activity_pub/mrf/simple_policy_test.exs index 1e0511975..74af7dcde 100644 --- a/test/web/activity_pub/mrf/simple_policy_test.exs +++ b/test/web/activity_pub/mrf/simple_policy_test.exs @@ -15,6 +15,7 @@ defmodule Pleroma.Web.ActivityPub.MRF.SimplePolicyTest do media_removal: [], media_nsfw: [], federated_timeline_removal: [], + report_removal: [], reject: [], accept: [] ) @@ -85,6 +86,33 @@ defp build_media_message do } end + describe "when :report_removal" do + test "is empty" do + Config.put([:mrf_simple, :report_removal], []) + report_message = build_report_message() + local_message = build_local_message() + + assert SimplePolicy.filter(report_message) == {:ok, report_message} + assert SimplePolicy.filter(local_message) == {:ok, local_message} + end + + test "has a matching host" do + Config.put([:mrf_simple, :report_removal], ["remote.instance"]) + report_message = build_report_message() + local_message = build_local_message() + + assert SimplePolicy.filter(report_message) == {:reject, nil} + assert SimplePolicy.filter(local_message) == {:ok, local_message} + end + end + + defp build_report_message do + %{ + "actor" => "https://remote.instance/users/bob", + "type" => "Flag" + } + end + describe "when :federated_timeline_removal" do test "is empty" do Config.put([:mrf_simple, :federated_timeline_removal], []) From 54e9cb5c2db580bc12441f3651fa87a7b976137d Mon Sep 17 00:00:00 2001 From: Sadposter Date: Mon, 20 May 2019 12:39:23 +0100 Subject: [PATCH 121/170] Add API endpoints for a custom user mascot --- docs/api/pleroma_api.md | 39 +++++++++++++++++++ lib/pleroma/user/info.ex | 21 ++++++++++ .../mastodon_api/mastodon_api_controller.ex | 36 ++++++++++++++++- lib/pleroma/web/router.ex | 3 ++ 4 files changed, 98 insertions(+), 1 deletion(-) diff --git a/docs/api/pleroma_api.md b/docs/api/pleroma_api.md index dd0b6ca73..4d99a2d2b 100644 --- a/docs/api/pleroma_api.md +++ b/docs/api/pleroma_api.md @@ -252,6 +252,45 @@ See [Admin-API](Admin-API.md) ] ``` +## `/api/v1/pleroma/mascot` +### Gets user mascot image +* Method `GET` +* Authentication: required + +* Response: JSON. Returns a mastodon media attachment entity. +* Example response: +```json +{ + "id": "abcdefg", + "url": "https://pleroma.example.org/media/abcdefg.png", + "type": "image", + "pleroma": { + "mime_type": "image/png" + } +} +``` + +### Updates user mascot image +* Method `PUT` +* Authentication: required +* Params: + * `image`: Multipart image +* Response: JSON. Returns a mastodon media attachment entity + when successful, otherwise returns HTTP 415 `{"error": "error_msg"}` +* Example response: +```json +{ + "id": "abcdefg", + "url": "https://pleroma.example.org/media/abcdefg.png", + "type": "image", + "pleroma": { + "mime_type": "image/png" + } +} +``` +* Note: Behaves exactly the same as `POST /api/v1/upload`. + Can only accept images - any attempt to upload non-image files will be met with `HTTP 415 Unsupported Media Type`. + ## `/api/pleroma/notification_settings` ### Updates user notification settings * Method `PUT` diff --git a/lib/pleroma/user/info.ex b/lib/pleroma/user/info.ex index 5f0cefc00..ffcd06e3e 100644 --- a/lib/pleroma/user/info.ex +++ b/lib/pleroma/user/info.ex @@ -43,6 +43,19 @@ defmodule Pleroma.User.Info do field(:hide_favorites, :boolean, default: true) field(:pinned_activities, {:array, :string}, default: []) field(:flavour, :string, default: nil) + + field(:mascot, :map, + default: %{ + id: "pleromatan", + url: "/images/pleroma-fox-tan-smol.png", + type: "image", + preview_url: "/images/pleroma-fox-tan-smol.png", + pleroma: %{ + mime_type: "image/png" + } + } + ) + field(:emoji, {:array, :map}, default: []) field(:notification_settings, :map, @@ -248,6 +261,14 @@ def mastodon_flavour_update(info, flavour) do |> validate_required([:flavour]) end + def mascot_update(info, url) do + params = %{mascot: url} + + info + |> cast(params, [:mascot]) + |> validate_required([:mascot]) + end + def set_source_data(info, source_data) do params = %{source_data: source_data} diff --git a/lib/pleroma/web/mastodon_api/mastodon_api_controller.ex b/lib/pleroma/web/mastodon_api/mastodon_api_controller.ex index 1051861ff..67f363859 100644 --- a/lib/pleroma/web/mastodon_api/mastodon_api_controller.ex +++ b/lib/pleroma/web/mastodon_api/mastodon_api_controller.ex @@ -707,6 +707,40 @@ def upload(%{assigns: %{user: user}} = conn, %{"file" => file} = data) do end end + def set_mascot(%{assigns: %{user: user}} = conn, %{"file" => file}) do + with {:ok, object} <- ActivityPub.upload(file, actor: User.ap_id(user)), + %{} = attachment_data <- Map.put(object.data, "id", object.id), + %{type: type} = rendered <- + StatusView.render("attachment.json", %{attachment: attachment_data}) do + # Reject if not an image + if type == "image" do + # Sure! + # Save to the user's info + info_changeset = User.Info.mascot_update(user.info, rendered) + + user_changeset = + user + |> Ecto.Changeset.change() + |> Ecto.Changeset.put_embed(:info, info_changeset) + + {:ok, _user} = User.update_and_set_cache(user_changeset) + + conn + |> json(rendered) + else + conn + |> send_resp(415, Jason.encode!(%{"error" => "mascots can only be images"})) + end + end + end + + def get_mascot(%{assigns: %{user: user}} = conn, _params) do + %{info: %{mascot: mascot}} = user + + conn + |> json(mascot) + end + def favourited_by(%{assigns: %{user: user}} = conn, %{"id" => id}) do with %Activity{data: %{"object" => object}} <- Repo.get(Activity, id), %Object{data: %{"likes" => likes}} <- Object.normalize(object) do @@ -1329,7 +1363,7 @@ def index(%{assigns: %{user: user}} = conn, _params) do display_sensitive_media: false, reduce_motion: false, max_toot_chars: limit, - mascot: "/images/pleroma-fox-tan-smol.png" + mascot: Map.get(user.info.mascot, "url", "/images/pleroma-fox-tan-smol.png") }, rights: %{ delete_others_notice: present?(user.info.is_moderator), diff --git a/lib/pleroma/web/router.ex b/lib/pleroma/web/router.ex index 6a4e4a1d4..4c29b24eb 100644 --- a/lib/pleroma/web/router.ex +++ b/lib/pleroma/web/router.ex @@ -352,6 +352,9 @@ defmodule Pleroma.Web.Router do post("/pleroma/flavour/:flavour", MastodonAPIController, :set_flavour) + get("/pleroma/mascot", MastodonAPIController, :get_mascot) + put("/pleroma/mascot", MastodonAPIController, :set_mascot) + post("/reports", MastodonAPIController, :reports) end From e81f0fc6d45249dd70656c58af926c21c70c482f Mon Sep 17 00:00:00 2001 From: Sadposter Date: Mon, 20 May 2019 12:58:06 +0100 Subject: [PATCH 122/170] Add mascot get/set tests --- .../mastodon_api/mastodon_api_controller.ex | 1 + test/fixtures/sound.mp3 | Bin 0 -> 521 bytes .../mastodon_api_controller_test.exs | 65 ++++++++++++++++++ 3 files changed, 66 insertions(+) create mode 100644 test/fixtures/sound.mp3 diff --git a/lib/pleroma/web/mastodon_api/mastodon_api_controller.ex b/lib/pleroma/web/mastodon_api/mastodon_api_controller.ex index 67f363859..d7f095a1f 100644 --- a/lib/pleroma/web/mastodon_api/mastodon_api_controller.ex +++ b/lib/pleroma/web/mastodon_api/mastodon_api_controller.ex @@ -729,6 +729,7 @@ def set_mascot(%{assigns: %{user: user}} = conn, %{"file" => file}) do |> json(rendered) else conn + |> put_resp_content_type("application/json") |> send_resp(415, Jason.encode!(%{"error" => "mascots can only be images"})) end end diff --git a/test/fixtures/sound.mp3 b/test/fixtures/sound.mp3 new file mode 100644 index 0000000000000000000000000000000000000000..9f0f661a3bc34b6366304e9fd1d4fe8513411083 GIT binary patch literal 521 zcmezWd%_V0bP$o5mkt!;2VzDB1}091|Fj1{y8?V1eO-<93=IrecEX$_s-VK;;K;!E q0OXGES_-dW5+jBF|6AY)1M>j}#w9=>D=;vaG%zr*zym6jY5)LcXO3V1 literal 0 HcmV?d00001 diff --git a/test/web/mastodon_api/mastodon_api_controller_test.exs b/test/web/mastodon_api/mastodon_api_controller_test.exs index cbff141c8..87e1c105d 100644 --- a/test/web/mastodon_api/mastodon_api_controller_test.exs +++ b/test/web/mastodon_api/mastodon_api_controller_test.exs @@ -1455,6 +1455,71 @@ test "media upload", %{conn: conn} do assert object.data["actor"] == User.ap_id(user) end + test "mascot upload", %{conn: conn} do + user = insert(:user) + + non_image_file = %Plug.Upload{ + content_type: "audio/mpeg", + path: Path.absname("test/fixtures/sound.mp3"), + filename: "sound.mp3" + } + + conn = + conn + |> assign(:user, user) + |> put("/api/v1/pleroma/mascot", %{"file" => non_image_file}) + + assert json_response(conn, 415) + + file = %Plug.Upload{ + content_type: "image/jpg", + path: Path.absname("test/fixtures/image.jpg"), + filename: "an_image.jpg" + } + + conn = + build_conn() + |> assign(:user, user) + |> put("/api/v1/pleroma/mascot", %{"file" => file}) + + assert %{"id" => _, "type" => image} = json_response(conn, 200) + end + + test "mascot retrieving", %{conn: conn} do + user = insert(:user) + # When user hasn't set a mascot, we should just get pleroma tan back + conn = + conn + |> assign(:user, user) + |> get("/api/v1/pleroma/mascot") + + assert %{"url" => url} = json_response(conn, 200) + assert url =~ "pleroma-fox-tan-smol" + + # When a user sets their mascot, we should get that back + file = %Plug.Upload{ + content_type: "image/jpg", + path: Path.absname("test/fixtures/image.jpg"), + filename: "an_image.jpg" + } + + conn = + build_conn() + |> assign(:user, user) + |> put("/api/v1/pleroma/mascot", %{"file" => file}) + assert json_response(conn, 200) + + user = User.get_cached_by_id(user.id) + + conn = + build_conn() + |> assign(:user, user) + |> get("/api/v1/pleroma/mascot") + + assert %{"url" => url, "type" => "image"} = json_response(conn, 200) + assert url =~ "an_image" + end + test "hashtag timeline", %{conn: conn} do following = insert(:user) From dc916ba15f0fd77afa015084849f082065ed6f74 Mon Sep 17 00:00:00 2001 From: Sadposter Date: Mon, 20 May 2019 12:58:17 +0100 Subject: [PATCH 123/170] Format mascot tests --- test/web/mastodon_api/mastodon_api_controller_test.exs | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/test/web/mastodon_api/mastodon_api_controller_test.exs b/test/web/mastodon_api/mastodon_api_controller_test.exs index 87e1c105d..1d9f5a816 100644 --- a/test/web/mastodon_api/mastodon_api_controller_test.exs +++ b/test/web/mastodon_api/mastodon_api_controller_test.exs @@ -1503,10 +1503,11 @@ test "mascot retrieving", %{conn: conn} do filename: "an_image.jpg" } - conn = + conn = build_conn() |> assign(:user, user) |> put("/api/v1/pleroma/mascot", %{"file" => file}) + assert json_response(conn, 200) user = User.get_cached_by_id(user.id) From 3d0d9e7a5680bcb1b79e5f4aab0e8c514fc9e5ff Mon Sep 17 00:00:00 2001 From: Sadposter Date: Mon, 20 May 2019 13:10:04 +0100 Subject: [PATCH 124/170] Use string map for default mascot --- lib/pleroma/user/info.ex | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/lib/pleroma/user/info.ex b/lib/pleroma/user/info.ex index ffcd06e3e..e76d04d7f 100644 --- a/lib/pleroma/user/info.ex +++ b/lib/pleroma/user/info.ex @@ -46,12 +46,12 @@ defmodule Pleroma.User.Info do field(:mascot, :map, default: %{ - id: "pleromatan", - url: "/images/pleroma-fox-tan-smol.png", - type: "image", - preview_url: "/images/pleroma-fox-tan-smol.png", - pleroma: %{ - mime_type: "image/png" + "id" => "pleromatan", + "url" => "/images/pleroma-fox-tan-smol.png", + "type" => "image", + "preview_url" => "/images/pleroma-fox-tan-smol.png", + "pleroma" => %{ + "mime_type" => "image/png" } } ) From d835810610e5e7660a56d305bc8509e38c642942 Mon Sep 17 00:00:00 2001 From: Sadposter Date: Mon, 20 May 2019 14:19:42 +0100 Subject: [PATCH 125/170] Add changelog entry for mascot config --- CHANGELOG.md | 1 + 1 file changed, 1 insertion(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index 87101db30..07e6bce31 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -23,6 +23,7 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/). - Configuration: `report_uri` option - Pleroma API: User subscriptions - Pleroma API: Healthcheck endpoint +- Pleroma API: `/api/v1/pleroma/mascot` per-user frontend mascot configuration endpoints - Admin API: Endpoints for listing/revoking invite tokens - Admin API: Endpoints for making users follow/unfollow each other - Admin API: added filters (role, tags, email, name) for users endpoint From daeae8e2e7c506b72c66dea6ac790408f948ec16 Mon Sep 17 00:00:00 2001 From: Sadposter Date: Mon, 20 May 2019 16:12:55 +0100 Subject: [PATCH 126/170] Move default mascot configuration to `config/` --- config/config.exs | 13 ++++++++++++ docs/config.md | 10 ++++++++++ lib/pleroma/user.ex | 20 +++++++++++++++++++ lib/pleroma/user/info.ex | 14 +------------ .../mastodon_api/mastodon_api_controller.ex | 4 ++-- 5 files changed, 46 insertions(+), 15 deletions(-) diff --git a/config/config.exs b/config/config.exs index bab47a8a2..72908266d 100644 --- a/config/config.exs +++ b/config/config.exs @@ -276,6 +276,19 @@ showInstanceSpecificPanel: true } +config :pleroma, :assets, + mascots: [ + pleroma_fox_tan: %{ + url: "/images/pleroma-fox-tan-smol.png", + mime_type: "image/png" + }, + pleroma_fox_tan_shy: %{ + url: "/images/pleroma-fox-tan-shy.png", + mime_type: "image/png" + } + ], + default_mascot: :pleroma_fox_tan + config :pleroma, :activitypub, accept_blocks: true, unfollow_blocked: true, diff --git a/docs/config.md b/docs/config.md index 450d73fda..197326bbd 100644 --- a/docs/config.md +++ b/docs/config.md @@ -203,6 +203,16 @@ This section is used to configure Pleroma-FE, unless ``:managed_config`` in ``:i * `hide_post_stats`: Hide notices statistics(repeats, favorites, …) * `hide_user_stats`: Hide profile statistics(posts, posts per day, followers, followings, …) +## :assets + +This section configures assets to be used with various frontends. Currently the only option +relates to mascots on the mastodon frontend + +* `mascots`: KeywordList of mascots, each element __MUST__ contain both a `url` and a + `mime_type` key. +* `default_mascot`: An element from `mascots` - This will be used as the default mascot + on MastoFE (default: `:pleroma_fox_tan`) + ## :mrf_simple * `media_removal`: List of instances to remove medias from * `media_nsfw`: List of instances to put medias as NSFW(sensitive) from diff --git a/lib/pleroma/user.ex b/lib/pleroma/user.ex index 28da310ee..05fe58f7c 100644 --- a/lib/pleroma/user.ex +++ b/lib/pleroma/user.ex @@ -1402,4 +1402,24 @@ def toggle_confirmation(%User{} = user) do |> put_embed(:info, info_changeset) |> update_and_set_cache() end + + def get_mascot(%{info: %{mascot: %{} = mascot}}) when not is_nil(mascot) do + mascot + end + + def get_mascot(%{info: %{mascot: mascot}}) when is_nil(mascot) do + # use instance-default + config = Pleroma.Config.get([:assets, :mascots]) + default_mascot = Pleroma.Config.get([:assets, :default_mascot]) + mascot = Keyword.get(config, default_mascot) + + %{ + "id" => "default-mascot", + "url" => mascot[:url], + "preview_url" => mascot[:url], + "pleroma" => %{ + "mime_type" => mascot[:mime_type] + } + } + end end diff --git a/lib/pleroma/user/info.ex b/lib/pleroma/user/info.ex index e76d04d7f..6397e2737 100644 --- a/lib/pleroma/user/info.ex +++ b/lib/pleroma/user/info.ex @@ -43,19 +43,7 @@ defmodule Pleroma.User.Info do field(:hide_favorites, :boolean, default: true) field(:pinned_activities, {:array, :string}, default: []) field(:flavour, :string, default: nil) - - field(:mascot, :map, - default: %{ - "id" => "pleromatan", - "url" => "/images/pleroma-fox-tan-smol.png", - "type" => "image", - "preview_url" => "/images/pleroma-fox-tan-smol.png", - "pleroma" => %{ - "mime_type" => "image/png" - } - } - ) - + field(:mascot, :map, default: nil) field(:emoji, {:array, :map}, default: []) field(:notification_settings, :map, diff --git a/lib/pleroma/web/mastodon_api/mastodon_api_controller.ex b/lib/pleroma/web/mastodon_api/mastodon_api_controller.ex index d7f095a1f..1ec0f30a1 100644 --- a/lib/pleroma/web/mastodon_api/mastodon_api_controller.ex +++ b/lib/pleroma/web/mastodon_api/mastodon_api_controller.ex @@ -736,7 +736,7 @@ def set_mascot(%{assigns: %{user: user}} = conn, %{"file" => file}) do end def get_mascot(%{assigns: %{user: user}} = conn, _params) do - %{info: %{mascot: mascot}} = user + mascot = User.get_mascot(user) conn |> json(mascot) @@ -1364,7 +1364,7 @@ def index(%{assigns: %{user: user}} = conn, _params) do display_sensitive_media: false, reduce_motion: false, max_toot_chars: limit, - mascot: Map.get(user.info.mascot, "url", "/images/pleroma-fox-tan-smol.png") + mascot: User.get_mascot(user)["url"] }, rights: %{ delete_others_notice: present?(user.info.is_moderator), From eb02edcad9cb0d65fc216408960aec63713e5d2b Mon Sep 17 00:00:00 2001 From: Aaron Tinio Date: Tue, 21 May 2019 00:35:46 +0800 Subject: [PATCH 127/170] Add virtual :thread_muted? field that may be set when fetching activities --- lib/pleroma/activity.ex | 12 +++++++++ lib/pleroma/web/activity_pub/activity_pub.ex | 8 ++++++ .../web/mastodon_api/views/status_view.ex | 8 +++++- .../web/twitter_api/views/activity_view.ex | 8 +++++- test/activity_test.exs | 26 +++++++++++++++++++ test/user_test.exs | 2 +- 6 files changed, 61 insertions(+), 3 deletions(-) diff --git a/lib/pleroma/activity.ex b/lib/pleroma/activity.ex index 4e54b15ba..99589590c 100644 --- a/lib/pleroma/activity.ex +++ b/lib/pleroma/activity.ex @@ -10,6 +10,7 @@ defmodule Pleroma.Activity do alias Pleroma.Notification alias Pleroma.Object alias Pleroma.Repo + alias Pleroma.ThreadMute alias Pleroma.User import Ecto.Changeset @@ -37,6 +38,7 @@ defmodule Pleroma.Activity do field(:local, :boolean, default: true) field(:actor, :string) field(:recipients, {:array, :string}, default: []) + field(:thread_muted?, :boolean, virtual: true) # This is a fake relation, do not use outside of with_preloaded_bookmark/get_bookmark has_one(:bookmark, Bookmark) has_many(:notifications, Notification, on_delete: :delete_all) @@ -90,6 +92,16 @@ def with_preloaded_bookmark(query, %User{} = user) do def with_preloaded_bookmark(query, _), do: query + def with_set_thread_muted_field(query, %User{} = user) do + from([a] in query, + left_join: tm in ThreadMute, + on: tm.user_id == ^user.id and tm.context == fragment("?->>'context'", a.data), + select: %Activity{a | thread_muted?: not is_nil(tm.id)} + ) + end + + def with_set_thread_muted_field(query, _), do: query + def get_by_ap_id(ap_id) do Repo.one( from( diff --git a/lib/pleroma/web/activity_pub/activity_pub.ex b/lib/pleroma/web/activity_pub/activity_pub.ex index 5c3156978..3d9679ec0 100644 --- a/lib/pleroma/web/activity_pub/activity_pub.ex +++ b/lib/pleroma/web/activity_pub/activity_pub.ex @@ -834,6 +834,13 @@ defp maybe_preload_bookmarks(query, opts) do |> Activity.with_preloaded_bookmark(opts["user"]) end + defp maybe_set_thread_muted_field(query, %{"skip_preload" => true}), do: query + + defp maybe_set_thread_muted_field(query, opts) do + query + |> Activity.with_set_thread_muted_field(opts["user"]) + end + defp maybe_order(query, %{order: :desc}) do query |> order_by(desc: :id) @@ -852,6 +859,7 @@ def fetch_activities_query(recipients, opts \\ %{}) do base_query |> maybe_preload_objects(opts) |> maybe_preload_bookmarks(opts) + |> maybe_set_thread_muted_field(opts) |> maybe_order(opts) |> restrict_recipients(recipients, opts["user"]) |> restrict_tag(opts) diff --git a/lib/pleroma/web/mastodon_api/views/status_view.ex b/lib/pleroma/web/mastodon_api/views/status_view.ex index c93d915e5..e55f9b96e 100644 --- a/lib/pleroma/web/mastodon_api/views/status_view.ex +++ b/lib/pleroma/web/mastodon_api/views/status_view.ex @@ -157,6 +157,12 @@ def render("status.json", %{activity: %{data: %{"object" => _object}} = activity bookmarked = Activity.get_bookmark(activity, opts[:for]) != nil + thread_muted? = + case activity.thread_muted? do + thread_muted? when is_boolean(thread_muted?) -> thread_muted? + nil -> CommonAPI.thread_muted?(user, activity) + end + attachment_data = object.data["attachment"] || [] attachments = render_many(attachment_data, StatusView, "attachment.json", as: :attachment) @@ -228,7 +234,7 @@ def render("status.json", %{activity: %{data: %{"object" => _object}} = activity reblogged: reblogged?(activity, opts[:for]), favourited: present?(favorited), bookmarked: present?(bookmarked), - muted: CommonAPI.thread_muted?(user, activity) || User.mutes?(opts[:for], user), + muted: thread_muted? || User.mutes?(opts[:for], user), pinned: pinned?(activity, user), sensitive: sensitive, spoiler_text: summary_html, diff --git a/lib/pleroma/web/twitter_api/views/activity_view.ex b/lib/pleroma/web/twitter_api/views/activity_view.ex index 44bcafe0e..e84af84dc 100644 --- a/lib/pleroma/web/twitter_api/views/activity_view.ex +++ b/lib/pleroma/web/twitter_api/views/activity_view.ex @@ -284,6 +284,12 @@ def render( Pleroma.Web.RichMedia.Helpers.fetch_data_for_activity(activity) ) + thread_muted? = + case activity.thread_muted? do + thread_muted? when is_boolean(thread_muted?) -> thread_muted? + nil -> CommonAPI.thread_muted?(user, activity) + end + %{ "id" => activity.id, "uri" => object.data["id"], @@ -314,7 +320,7 @@ def render( "summary" => summary, "summary_html" => summary |> Formatter.emojify(object.data["emoji"]), "card" => card, - "muted" => CommonAPI.thread_muted?(user, activity) || User.mutes?(opts[:for], user) + "muted" => thread_muted? || User.mutes?(opts[:for], user) } end diff --git a/test/activity_test.exs b/test/activity_test.exs index 7e91d534b..15c95502a 100644 --- a/test/activity_test.exs +++ b/test/activity_test.exs @@ -6,6 +6,7 @@ defmodule Pleroma.ActivityTest do use Pleroma.DataCase alias Pleroma.Activity alias Pleroma.Bookmark + alias Pleroma.ThreadMute import Pleroma.Factory test "returns an activity by it's AP id" do @@ -47,6 +48,31 @@ test "preloading a bookmark" do assert queried_activity.bookmark == bookmark3 end + test "setting thread_muted?" do + activity = insert(:note_activity) + user = insert(:user) + annoyed_user = insert(:user) + {:ok, _} = ThreadMute.add_mute(annoyed_user.id, activity.data["context"]) + + activity_with_unset_thread_muted_field = + Ecto.Query.from(Activity) + |> Repo.one() + + activity_for_user = + Ecto.Query.from(Activity) + |> Activity.with_set_thread_muted_field(user) + |> Repo.one() + + activity_for_annoyed_user = + Ecto.Query.from(Activity) + |> Activity.with_set_thread_muted_field(annoyed_user) + |> Repo.one() + + assert activity_with_unset_thread_muted_field.thread_muted? == nil + assert activity_for_user.thread_muted? == false + assert activity_for_annoyed_user.thread_muted? == true + end + describe "getting a bookmark" do test "when association is loaded" do user = insert(:user) diff --git a/test/user_test.exs b/test/user_test.exs index 10e463ff8..cb6afbe07 100644 --- a/test/user_test.exs +++ b/test/user_test.exs @@ -902,7 +902,7 @@ test "hide a user's statuses from timelines and notifications" do assert [activity] == ActivityPub.fetch_public_activities(%{}) |> Repo.preload(:bookmark) - assert [activity] == + assert [%{activity | thread_muted?: CommonAPI.thread_muted?(user2, activity)}] == ActivityPub.fetch_activities([user2.ap_id | user2.following], %{"user" => user2}) {:ok, _user} = User.deactivate(user) From 5aa107d9126c484f0ae06eddec6995b535623b32 Mon Sep 17 00:00:00 2001 From: Aaron Tinio Date: Tue, 21 May 2019 00:59:12 +0800 Subject: [PATCH 128/170] Document MRF.Simple :report_removal --- docs/config/mrf.md | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) diff --git a/docs/config/mrf.md b/docs/config/mrf.md index 2cc16cef0..45be18fc5 100644 --- a/docs/config/mrf.md +++ b/docs/config/mrf.md @@ -5,11 +5,12 @@ Possible uses include: * marking incoming messages with media from a given account or instance as sensitive * rejecting messages from a specific instance +* rejecting reports (flags) from a specific instance * removing/unlisting messages from the public timelines * removing media from messages * sending only public messages to a specific instance -The MRF provides user-configurable policies. The default policy is `NoOpPolicy`, which disables the MRF functionality. Pleroma also includes an easy to use policy called `SimplePolicy` which maps messages matching certain pre-defined criterion to actions built into the policy module. +The MRF provides user-configurable policies. The default policy is `NoOpPolicy`, which disables the MRF functionality. Pleroma also includes an easy to use policy called `SimplePolicy` which maps messages matching certain pre-defined criterion to actions built into the policy module. It is possible to use multiple, active MRF policies at the same time. ## Quarantine Instances @@ -41,12 +42,13 @@ Once `SimplePolicy` is enabled, you can configure various groups in the `:mrf_si * `media_nsfw`: Servers in this group will have the #nsfw tag and sensitive setting injected into incoming messages which contain media. * `reject`: Servers in this group will have their messages rejected. * `federated_timeline_removal`: Servers in this group will have their messages unlisted from the public timelines by flipping the `to` and `cc` fields. +* `report_removal`: Servers in this group will have their reports (flags) rejected. Servers should be configured as lists. ### Example -This example will enable `SimplePolicy`, block media from `illegalporn.biz`, mark media as NSFW from `porn.biz` and `porn.business`, reject messages from `spam.com` and remove messages from `spam.university` from the federated timeline: +This example will enable `SimplePolicy`, block media from `illegalporn.biz`, mark media as NSFW from `porn.biz` and `porn.business`, reject messages from `spam.com`, remove messages from `spam.university` from the federated timeline and block reports (flags) from `whiny.whiner`: ``` config :pleroma, :instance, @@ -56,7 +58,8 @@ config :pleroma, :mrf_simple, media_removal: ["illegalporn.biz"], media_nsfw: ["porn.biz", "porn.business"], reject: ["spam.com"], - federated_timeline_removal: ["spam.university"] + federated_timeline_removal: ["spam.university"], + report_removal: ["whiny.whiner"] ``` From 75c7bb9289066bfaebe7d96aaa474d34ec4d5a5f Mon Sep 17 00:00:00 2001 From: Mark Felder Date: Mon, 20 May 2019 17:18:59 -0500 Subject: [PATCH 129/170] Additional reserved usernames --- config/config.exs | 2 ++ 1 file changed, 2 insertions(+) diff --git a/config/config.exs b/config/config.exs index 61e2648a9..387c1a5a7 100644 --- a/config/config.exs +++ b/config/config.exs @@ -369,6 +369,7 @@ "activities", "api", "auth", + "check_password", "dev", "friend-requests", "inbox", @@ -389,6 +390,7 @@ "status", "tag", "user-search", + "user_exists", "users", "web" ] From f96e9b28bb5ee241a3f0ca6a622b925ca560c141 Mon Sep 17 00:00:00 2001 From: Aaron Tinio Date: Tue, 21 May 2019 07:30:18 +0800 Subject: [PATCH 130/170] Fix prometheus-ecto error when not configured --- lib/pleroma/application.ex | 19 +++++++++++-------- 1 file changed, 11 insertions(+), 8 deletions(-) diff --git a/lib/pleroma/application.ex b/lib/pleroma/application.ex index eeb415084..dab45a0b2 100644 --- a/lib/pleroma/application.ex +++ b/lib/pleroma/application.ex @@ -131,19 +131,22 @@ def start(_type, _args) do defp setup_instrumenters do require Prometheus.Registry - :ok = - :telemetry.attach( - "prometheus-ecto", - [:pleroma, :repo, :query], - &Pleroma.Repo.Instrumenter.handle_event/4, - %{} - ) + if Application.get_env(:prometheus, Pleroma.Repo.Instrumenter) do + :ok = + :telemetry.attach( + "prometheus-ecto", + [:pleroma, :repo, :query], + &Pleroma.Repo.Instrumenter.handle_event/4, + %{} + ) + + Pleroma.Repo.Instrumenter.setup() + end Prometheus.Registry.register_collector(:prometheus_process_collector) Pleroma.Web.Endpoint.MetricsExporter.setup() Pleroma.Web.Endpoint.PipelineInstrumenter.setup() Pleroma.Web.Endpoint.Instrumenter.setup() - Pleroma.Repo.Instrumenter.setup() end def enabled_hackney_pools do From c972d0bb14ee5a65f053b8c9629d93fc9b94ca78 Mon Sep 17 00:00:00 2001 From: William Pitcock Date: Tue, 21 May 2019 04:58:26 +0000 Subject: [PATCH 131/170] http: bump connection timeout to 10 seconds --- CHANGELOG.md | 1 + lib/pleroma/http/connection.ex | 2 +- 2 files changed, 2 insertions(+), 1 deletion(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 07e6bce31..256df91b7 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -73,6 +73,7 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/). - Don't ship finmoji by default, they can be installed as an emoji pack - Hide deactivated users and their statuses - Posts which are marked sensitive or tagged nsfw no longer have link previews. +- HTTP connection timeout is now set to 10 seconds. ### Fixed - Added an FTS index on objects. Running `vacuum analyze` and setting a larger `work_mem` is recommended. diff --git a/lib/pleroma/http/connection.ex b/lib/pleroma/http/connection.ex index c0173465a..558005c19 100644 --- a/lib/pleroma/http/connection.ex +++ b/lib/pleroma/http/connection.ex @@ -8,7 +8,7 @@ defmodule Pleroma.HTTP.Connection do """ @hackney_options [ - connect_timeout: 2_000, + connect_timeout: 10_000, recv_timeout: 20_000, follow_redirect: true, pool: :federation From d378b342ba0d7f54be3b47f031c602a578191dfd Mon Sep 17 00:00:00 2001 From: lain Date: Tue, 21 May 2019 18:57:36 +0200 Subject: [PATCH 132/170] MongooseIM: Add documentation. --- CHANGELOG.md | 1 + docs/config/howto_mongooseim.md | 10 ++++++++++ 2 files changed, 11 insertions(+) create mode 100644 docs/config/howto_mongooseim.md diff --git a/CHANGELOG.md b/CHANGELOG.md index 12c439135..b50ca895c 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -5,6 +5,7 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/). ## [unreleased] ### Added +- [MongooseIM](https://github.com/esl/MongooseIM) http authentication support. - LDAP authentication - External OAuth provider authentication - A [job queue](https://git.pleroma.social/pleroma/pleroma_job_queue) for federation, emails, web push, etc. diff --git a/docs/config/howto_mongooseim.md b/docs/config/howto_mongooseim.md new file mode 100644 index 000000000..a33e590a1 --- /dev/null +++ b/docs/config/howto_mongooseim.md @@ -0,0 +1,10 @@ +# Configuring MongooseIM (XMPP Server) to use Pleroma for authentication + +If you want to give your Pleroma users an XMPP (chat) account, you can configure [MongooseIM](https://github.com/esl/MongooseIM) to use your Pleroma server for user authentication, automatically giving every local user an XMPP account. + +In general, you just have to follow the configuration described at [https://mongooseim.readthedocs.io/en/latest/authentication-backends/HTTP-authentication-module/](https://mongooseim.readthedocs.io/en/latest/authentication-backends/HTTP-authentication-module/) and do these changes to your mongooseim.cfg. + +1. Set the auth_method to `{auth_method, http}`. +2. Add the http auth pool like this: `{http, global, auth, [{workers, 50}], [{server, "https://yourpleromainstance.com"}]}` + +Restart your MongooseIM server, your users should now be able to connect with their Pleroma credentials. From c2b0b82e6a6d40f945feacc001ad984a17e23336 Mon Sep 17 00:00:00 2001 From: William Pitcock Date: Tue, 21 May 2019 00:41:40 +0000 Subject: [PATCH 133/170] object: add Object.prune() --- lib/pleroma/object.ex | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/lib/pleroma/object.ex b/lib/pleroma/object.ex index 740d687a3..cc6fc9c5d 100644 --- a/lib/pleroma/object.ex +++ b/lib/pleroma/object.ex @@ -130,6 +130,13 @@ def delete(%Object{data: %{"id" => id}} = object) do end end + def prune(%Object{data: %{"id" => id}} = object) do + with {:ok, object} <- Repo.delete(object), + {:ok, true} <- Cachex.del(:object_cache, "object:#{id}") do + {:ok, object} + end + end + def set_cache(%Object{data: %{"id" => ap_id}} = object) do Cachex.put(:object_cache, "object:#{ap_id}", object) {:ok, object} From 73df9d690d5c1a9c11f0f04b8d877c0677022591 Mon Sep 17 00:00:00 2001 From: William Pitcock Date: Tue, 21 May 2019 00:41:58 +0000 Subject: [PATCH 134/170] object: fetcher: add support for reinjecting pruned objects --- lib/pleroma/object/fetcher.ex | 22 ++++++++++++++++++++-- test/object/fetcher_test.exs | 19 +++++++++++++++++++ 2 files changed, 39 insertions(+), 2 deletions(-) diff --git a/lib/pleroma/object/fetcher.ex b/lib/pleroma/object/fetcher.ex index 8d4bcc95e..bb9388d4f 100644 --- a/lib/pleroma/object/fetcher.ex +++ b/lib/pleroma/object/fetcher.ex @@ -8,6 +8,19 @@ defmodule Pleroma.Object.Fetcher do @httpoison Application.get_env(:pleroma, :httpoison) + defp reinject_object(data) do + Logger.debug("Reinjecting object #{data["id"]}") + + with data <- Transmogrifier.fix_object(data), + {:ok, object} <- Object.create(data) do + {:ok, object} + else + e -> + Logger.error("Error while processing object: #{inspect(e)}") + {:error, e} + end + end + # TODO: # This will create a Create activity, which we need internally at the moment. def fetch_object_from_id(id) do @@ -26,12 +39,17 @@ def fetch_object_from_id(id) do "object" => data }, :ok <- Containment.contain_origin(id, params), - {:ok, activity} <- Transmogrifier.handle_incoming(params) do - {:ok, Object.normalize(activity, false)} + {:ok, activity} <- Transmogrifier.handle_incoming(params), + {:object, _data, %Object{} = object} <- + {:object, data, Object.normalize(activity, false)} do + {:ok, object} else {:error, {:reject, nil}} -> {:reject, nil} + {:object, data, nil} -> + reinject_object(data) + object = %Object{} -> {:ok, object} diff --git a/test/object/fetcher_test.exs b/test/object/fetcher_test.exs index 72f616782..d604fd5f5 100644 --- a/test/object/fetcher_test.exs +++ b/test/object/fetcher_test.exs @@ -87,4 +87,23 @@ test "all objects with fake directions are rejected by the object fetcher" do ) end end + + describe "pruning" do + test "it can refetch pruned objects" do + object_id = "http://mastodon.example.org/@admin/99541947525187367" + + {:ok, object} = Fetcher.fetch_object_from_id(object_id) + + assert object + + {:ok, _object} = Object.prune(object) + + refute Object.get_by_ap_id(object_id) + + {:ok, %Object{} = object_two} = Fetcher.fetch_object_from_id(object_id) + + assert object.data["id"] == object_two.data["id"] + assert object.id != object_two.id + end + end end From 16b260fb19cca02463766c2e36a41bfcc823af9b Mon Sep 17 00:00:00 2001 From: William Pitcock Date: Tue, 21 May 2019 01:21:28 +0000 Subject: [PATCH 135/170] add mix task to prune the object database using a configured retention period --- config/config.exs | 3 ++- docs/config.md | 1 + lib/mix/tasks/pleroma/database.ex | 40 +++++++++++++++++++++++++++++++ 3 files changed, 43 insertions(+), 1 deletion(-) diff --git a/config/config.exs b/config/config.exs index 72908266d..466a6e9b7 100644 --- a/config/config.exs +++ b/config/config.exs @@ -239,7 +239,8 @@ welcome_message: nil, max_report_comment_size: 1000, safe_dm_mentions: false, - healthcheck: false + healthcheck: false, + remote_post_retention_days: 90 config :pleroma, :app_account_creation, enabled: true, max_requests: 25, interval: 1800 diff --git a/docs/config.md b/docs/config.md index 197326bbd..a050068f4 100644 --- a/docs/config.md +++ b/docs/config.md @@ -104,6 +104,7 @@ config :pleroma, Pleroma.Emails.Mailer, * `max_report_comment_size`: The maximum size of the report comment (Default: `1000`) * `safe_dm_mentions`: If set to true, only mentions at the beginning of a post will be used to address people in direct messages. This is to prevent accidental mentioning of people when talking about them (e.g. "@friend hey i really don't like @enemy"). (Default: `false`) * `healthcheck`: if set to true, system data will be shown on ``/api/pleroma/healthcheck``. +* `remote_post_retention_days`: the default amount of days to retain remote posts when pruning the database ## :app_account_creation REST API for creating an account settings diff --git a/lib/mix/tasks/pleroma/database.ex b/lib/mix/tasks/pleroma/database.ex index f650b447d..fdb216037 100644 --- a/lib/mix/tasks/pleroma/database.ex +++ b/lib/mix/tasks/pleroma/database.ex @@ -23,6 +23,10 @@ defmodule Mix.Tasks.Pleroma.Database do Options: - `--vacuum` - run `VACUUM FULL` after the embedded objects are replaced with their references + ## Prune old objects from the database + + mix pleroma.database prune_objects + ## Create a conversation for all existing DMs. Can be safely re-run. mix pleroma.database bump_all_conversations @@ -72,4 +76,40 @@ def run(["update_users_following_followers_counts"]) do Enum.each(users, &User.remove_duplicated_following/1) Enum.each(users, &User.update_follower_count/1) end + + def run(["prune_objects" | args]) do + {options, [], []} = + OptionParser.parse( + args, + strict: [ + vacuum: :boolean + ] + ) + + Common.start_pleroma() + + deadline = Pleroma.Config.get([:instance, :remote_post_retention_days]) + + Logger.info("Pruning objects older than #{deadline} days") + + time_deadline = + NaiveDateTime.utc_now() + |> NaiveDateTime.add(-(deadline * 86_400)) + + Repo.query!( + "DELETE FROM objects WHERE inserted_at < $1 AND split_part(data->>'actor', '/', 3) != $2", + [time_deadline, Pleroma.Web.Endpoint.host()], + timeout: :infinity + ) + + if Keyword.get(options, :vacuum) do + Logger.info("Runnning VACUUM FULL") + + Repo.query!( + "vacuum full;", + [], + timeout: :infinity + ) + end + end end From f446f94290a6cdae531859c2efa55f55dbaeb7e8 Mon Sep 17 00:00:00 2001 From: William Pitcock Date: Tue, 21 May 2019 01:22:27 +0000 Subject: [PATCH 136/170] add changelog entry for object pruning --- CHANGELOG.md | 1 + 1 file changed, 1 insertion(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index 256df91b7..a21c4bff2 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -39,6 +39,7 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/). - Metadata: RelMe provider - OAuth: added support for refresh tokens - Emoji packs and emoji pack manager +- Object pruning (`mix pleroma.database prune_objects`) ### Changed - **Breaking:** Configuration: move from Pleroma.Mailer to Pleroma.Emails.Mailer From a13d449b241b6e5fa14fb741694e63cd21569b2c Mon Sep 17 00:00:00 2001 From: Aaron Tinio Date: Tue, 21 May 2019 09:39:32 +0800 Subject: [PATCH 137/170] Add tests for fallback routes --- test/web/fallback_test.exs | 46 ++++++++++++++++++++++++++++++++++++++ 1 file changed, 46 insertions(+) create mode 100644 test/web/fallback_test.exs diff --git a/test/web/fallback_test.exs b/test/web/fallback_test.exs new file mode 100644 index 000000000..514923a20 --- /dev/null +++ b/test/web/fallback_test.exs @@ -0,0 +1,46 @@ +# Pleroma: A lightweight social networking server +# Copyright © 2017-2019 Pleroma Authors +# SPDX-License-Identifier: AGPL-3.0-only + +defmodule Pleroma.Web.FallbackTest do + use Pleroma.Web.ConnCase + import Pleroma.Factory + + test "GET /registration/:token", %{conn: conn} do + assert conn + |> get("/registration/foo") + |> html_response(200) =~ "" + end + + test "GET /:maybe_nickname_or_id", %{conn: conn} do + user = insert(:user) + + assert conn + |> get("/foo") + |> html_response(200) =~ "" + + refute conn + |> get("/" <> user.nickname) + |> html_response(200) =~ "" + end + + test "GET /*path", %{conn: conn} do + assert conn + |> get("/foo") + |> html_response(200) =~ "" + + assert conn + |> get("/foo/bar") + |> html_response(200) =~ "" + end + + test "OPTIONS /*path", %{conn: conn} do + assert conn + |> options("/foo") + |> response(204) == "" + + assert conn + |> options("/foo/bar") + |> response(204) == "" + end +end From 3ab9255eda21a5f8a25047375af9608e0c0c7592 Mon Sep 17 00:00:00 2001 From: Aaron Tinio Date: Tue, 21 May 2019 09:40:29 +0800 Subject: [PATCH 138/170] Respond with a 404 Not implemented JSON error message when requested API is not implemented --- CHANGELOG.md | 1 + lib/pleroma/web/router.ex | 7 +++++++ test/web/fallback_test.exs | 6 ++++++ 3 files changed, 14 insertions(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index 256df91b7..2ed380102 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -74,6 +74,7 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/). - Hide deactivated users and their statuses - Posts which are marked sensitive or tagged nsfw no longer have link previews. - HTTP connection timeout is now set to 10 seconds. +- Respond with a 404 Not implemented JSON error message when requested API is not implemented ### Fixed - Added an FTS index on objects. Running `vacuum analyze` and setting a larger `work_mem` is recommended. diff --git a/lib/pleroma/web/router.ex b/lib/pleroma/web/router.ex index 4c29b24eb..49e28cc2d 100644 --- a/lib/pleroma/web/router.ex +++ b/lib/pleroma/web/router.ex @@ -710,6 +710,7 @@ defmodule Pleroma.Web.Router do scope "/", Fallback do get("/registration/:token", RedirectController, :registration_page) get("/:maybe_nickname_or_id", RedirectController, :redirector_with_meta) + get("/api*path", RedirectController, :api_not_implemented) get("/*path", RedirectController, :redirector) options("/*path", RedirectController, :empty) @@ -721,6 +722,12 @@ defmodule Fallback.RedirectController do alias Pleroma.User alias Pleroma.Web.Metadata + def api_not_implemented(conn, _params) do + conn + |> put_status(404) + |> json(%{error: "Not implemented"}) + end + def redirector(conn, _params, code \\ 200) do conn |> put_resp_content_type("text/html") diff --git a/test/web/fallback_test.exs b/test/web/fallback_test.exs index 514923a20..cc78b3ae1 100644 --- a/test/web/fallback_test.exs +++ b/test/web/fallback_test.exs @@ -24,6 +24,12 @@ test "GET /:maybe_nickname_or_id", %{conn: conn} do |> html_response(200) =~ "" end + test "GET /api*path", %{conn: conn} do + assert conn + |> get("/api/foo") + |> json_response(404) == %{"error" => "Not implemented"} + end + test "GET /*path", %{conn: conn} do assert conn |> get("/foo") From f76268135c014c20a482d30a7c9596ec2e7d6a69 Mon Sep 17 00:00:00 2001 From: Aaron Tinio Date: Wed, 22 May 2019 07:11:09 +0800 Subject: [PATCH 139/170] Fix failing test --- test/web/admin_api/admin_api_controller_test.exs | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/test/web/admin_api/admin_api_controller_test.exs b/test/web/admin_api/admin_api_controller_test.exs index ca12c7215..c15c67e31 100644 --- a/test/web/admin_api/admin_api_controller_test.exs +++ b/test/web/admin_api/admin_api_controller_test.exs @@ -397,14 +397,14 @@ test "it returns 500 if `registrations_open` is enabled", %{conn: conn, user: us end end - test "/api/pleroma/admin/invite_token" do + test "/api/pleroma/admin/users/invite_token" do admin = insert(:user, info: %{is_admin: true}) conn = build_conn() |> assign(:user, admin) |> put_req_header("accept", "application/json") - |> get("/api/pleroma/admin/invite_token") + |> get("/api/pleroma/admin/users/invite_token") assert conn.status == 200 end From a023ca004cbd90e330cab35e4dfda16346d08668 Mon Sep 17 00:00:00 2001 From: William Pitcock Date: Wed, 22 May 2019 03:12:48 +0000 Subject: [PATCH 140/170] prune objects task: use Repo.delete_all() --- lib/mix/tasks/pleroma/database.ex | 15 +++++++++++---- 1 file changed, 11 insertions(+), 4 deletions(-) diff --git a/lib/mix/tasks/pleroma/database.ex b/lib/mix/tasks/pleroma/database.ex index fdb216037..f9bafb277 100644 --- a/lib/mix/tasks/pleroma/database.ex +++ b/lib/mix/tasks/pleroma/database.ex @@ -5,6 +5,7 @@ defmodule Mix.Tasks.Pleroma.Database do alias Mix.Tasks.Pleroma.Common alias Pleroma.Conversation + alias Pleroma.Object alias Pleroma.Repo alias Pleroma.User require Logger @@ -78,6 +79,8 @@ def run(["update_users_following_followers_counts"]) do end def run(["prune_objects" | args]) do + import Ecto.Query + {options, [], []} = OptionParser.parse( args, @@ -96,11 +99,15 @@ def run(["prune_objects" | args]) do NaiveDateTime.utc_now() |> NaiveDateTime.add(-(deadline * 86_400)) - Repo.query!( - "DELETE FROM objects WHERE inserted_at < $1 AND split_part(data->>'actor', '/', 3) != $2", - [time_deadline, Pleroma.Web.Endpoint.host()], - timeout: :infinity + public = "https://www.w3.org/ns/activitystreams#Public" + + from(o in Object, + where: fragment("?->'to' \\? ? OR ?->'cc' \\? ?", o.data, ^public, o.data, ^public), + where: o.inserted_at < ^time_deadline, + where: + fragment("split_part(?->>'actor', '/', 3) != ?", o.data, ^Pleroma.Web.Endpoint.host()) ) + |> Repo.delete_all() if Keyword.get(options, :vacuum) do Logger.info("Runnning VACUUM FULL") From 045803346d70c1f9c6ea770485904fd7cc52969a Mon Sep 17 00:00:00 2001 From: William Pitcock Date: Wed, 22 May 2019 03:58:15 +0000 Subject: [PATCH 141/170] move key generation functions into Pleroma.Keys module --- lib/pleroma/keys.ex | 44 +++++++++++++++++++ lib/pleroma/signature.ex | 7 ++- lib/pleroma/user.ex | 21 +++++++++ .../activity_pub/activity_pub_controller.ex | 14 +++--- .../web/activity_pub/views/user_view.ex | 11 +++-- lib/pleroma/web/federator/federator.ex | 6 +-- lib/pleroma/web/salmon/salmon.ex | 44 ++----------------- lib/pleroma/web/web_finger/web_finger.ex | 26 +---------- test/keys_test.exs | 20 +++++++++ test/user_test.exs | 15 +++++++ test/web/activity_pub/activity_pub_test.exs | 2 +- .../web/activity_pub/views/user_view_test.exs | 13 +++--- test/web/salmon/salmon_test.exs | 19 ++------ test/web/web_finger/web_finger_test.exs | 15 ------- 14 files changed, 133 insertions(+), 124 deletions(-) create mode 100644 lib/pleroma/keys.ex create mode 100644 test/keys_test.exs diff --git a/lib/pleroma/keys.ex b/lib/pleroma/keys.ex new file mode 100644 index 000000000..b7bc7a4da --- /dev/null +++ b/lib/pleroma/keys.ex @@ -0,0 +1,44 @@ +# Pleroma: A lightweight social networking server +# Copyright © 2017-2019 Pleroma Authors +# SPDX-License-Identifier: AGPL-3.0-only + +defmodule Pleroma.Keys do + # Native generation of RSA keys is only available since OTP 20+ and in default build conditions + # We try at compile time to generate natively an RSA key otherwise we fallback on the old way. + try do + _ = :public_key.generate_key({:rsa, 2048, 65_537}) + + def generate_rsa_pem do + key = :public_key.generate_key({:rsa, 2048, 65_537}) + entry = :public_key.pem_entry_encode(:RSAPrivateKey, key) + pem = :public_key.pem_encode([entry]) |> String.trim_trailing() + {:ok, pem} + end + rescue + _ -> + def generate_rsa_pem do + port = Port.open({:spawn, "openssl genrsa"}, [:binary]) + + {:ok, pem} = + receive do + {^port, {:data, pem}} -> {:ok, pem} + end + + Port.close(port) + + if Regex.match?(~r/RSA PRIVATE KEY/, pem) do + {:ok, pem} + else + :error + end + end + end + + def keys_from_pem(pem) do + [private_key_code] = :public_key.pem_decode(pem) + private_key = :public_key.pem_entry_decode(private_key_code) + {:RSAPrivateKey, _, modulus, exponent, _, _, _, _, _, _, _} = private_key + public_key = {:RSAPublicKey, modulus, exponent} + {:ok, private_key, public_key} + end +end diff --git a/lib/pleroma/signature.ex b/lib/pleroma/signature.ex index b7ecf00a0..1a4d54c62 100644 --- a/lib/pleroma/signature.ex +++ b/lib/pleroma/signature.ex @@ -5,11 +5,10 @@ defmodule Pleroma.Signature do @behaviour HTTPSignatures.Adapter + alias Pleroma.Keys alias Pleroma.User alias Pleroma.Web.ActivityPub.ActivityPub alias Pleroma.Web.ActivityPub.Utils - alias Pleroma.Web.Salmon - alias Pleroma.Web.WebFinger def fetch_public_key(conn) do with actor_id <- Utils.get_ap_id(conn.params["actor"]), @@ -33,8 +32,8 @@ def refetch_public_key(conn) do end def sign(%User{} = user, headers) do - with {:ok, %{info: %{keys: keys}}} <- WebFinger.ensure_keys_present(user), - {:ok, private_key, _} <- Salmon.keys_from_pem(keys) do + with {:ok, %{info: %{keys: keys}}} <- User.ensure_keys_present(user), + {:ok, private_key, _} <- Keys.keys_from_pem(keys) do HTTPSignatures.sign(private_key, user.ap_id <> "#main-key", headers) end end diff --git a/lib/pleroma/user.ex b/lib/pleroma/user.ex index 05fe58f7c..653dec95f 100644 --- a/lib/pleroma/user.ex +++ b/lib/pleroma/user.ex @@ -10,6 +10,7 @@ defmodule Pleroma.User do alias Comeonin.Pbkdf2 alias Pleroma.Activity + alias Pleroma.Keys alias Pleroma.Notification alias Pleroma.Object alias Pleroma.Registration @@ -1422,4 +1423,24 @@ def get_mascot(%{info: %{mascot: mascot}}) when is_nil(mascot) do } } end + + def ensure_keys_present(user) do + info = user.info + + if info.keys do + {:ok, user} + else + {:ok, pem} = Keys.generate_rsa_pem() + + info_cng = + info + |> User.Info.set_keys(pem) + + cng = + Ecto.Changeset.change(user) + |> Ecto.Changeset.put_embed(:info, info_cng) + + update_and_set_cache(cng) + end + end end diff --git a/lib/pleroma/web/activity_pub/activity_pub_controller.ex b/lib/pleroma/web/activity_pub/activity_pub_controller.ex index c967ab7a9..ad2ca1e54 100644 --- a/lib/pleroma/web/activity_pub/activity_pub_controller.ex +++ b/lib/pleroma/web/activity_pub/activity_pub_controller.ex @@ -39,7 +39,7 @@ def relay_active?(conn, _) do def user(conn, %{"nickname" => nickname}) do with %User{} = user <- User.get_cached_by_nickname(nickname), - {:ok, user} <- Pleroma.Web.WebFinger.ensure_keys_present(user) do + {:ok, user} <- User.ensure_keys_present(user) do conn |> put_resp_header("content-type", "application/activity+json") |> json(UserView.render("user.json", %{user: user})) @@ -106,7 +106,7 @@ def activity(conn, %{"uuid" => uuid}) do def following(conn, %{"nickname" => nickname, "page" => page}) do with %User{} = user <- User.get_cached_by_nickname(nickname), - {:ok, user} <- Pleroma.Web.WebFinger.ensure_keys_present(user) do + {:ok, user} <- User.ensure_keys_present(user) do {page, _} = Integer.parse(page) conn @@ -117,7 +117,7 @@ def following(conn, %{"nickname" => nickname, "page" => page}) do def following(conn, %{"nickname" => nickname}) do with %User{} = user <- User.get_cached_by_nickname(nickname), - {:ok, user} <- Pleroma.Web.WebFinger.ensure_keys_present(user) do + {:ok, user} <- User.ensure_keys_present(user) do conn |> put_resp_header("content-type", "application/activity+json") |> json(UserView.render("following.json", %{user: user})) @@ -126,7 +126,7 @@ def following(conn, %{"nickname" => nickname}) do def followers(conn, %{"nickname" => nickname, "page" => page}) do with %User{} = user <- User.get_cached_by_nickname(nickname), - {:ok, user} <- Pleroma.Web.WebFinger.ensure_keys_present(user) do + {:ok, user} <- User.ensure_keys_present(user) do {page, _} = Integer.parse(page) conn @@ -137,7 +137,7 @@ def followers(conn, %{"nickname" => nickname, "page" => page}) do def followers(conn, %{"nickname" => nickname}) do with %User{} = user <- User.get_cached_by_nickname(nickname), - {:ok, user} <- Pleroma.Web.WebFinger.ensure_keys_present(user) do + {:ok, user} <- User.ensure_keys_present(user) do conn |> put_resp_header("content-type", "application/activity+json") |> json(UserView.render("followers.json", %{user: user})) @@ -146,7 +146,7 @@ def followers(conn, %{"nickname" => nickname}) do def outbox(conn, %{"nickname" => nickname} = params) do with %User{} = user <- User.get_cached_by_nickname(nickname), - {:ok, user} <- Pleroma.Web.WebFinger.ensure_keys_present(user) do + {:ok, user} <- User.ensure_keys_present(user) do conn |> put_resp_header("content-type", "application/activity+json") |> json(UserView.render("outbox.json", %{user: user, max_id: params["max_id"]})) @@ -195,7 +195,7 @@ def inbox(conn, params) do def relay(conn, _params) do with %User{} = user <- Relay.get_actor(), - {:ok, user} <- Pleroma.Web.WebFinger.ensure_keys_present(user) do + {:ok, user} <- User.ensure_keys_present(user) do conn |> put_resp_header("content-type", "application/activity+json") |> json(UserView.render("user.json", %{user: user})) diff --git a/lib/pleroma/web/activity_pub/views/user_view.ex b/lib/pleroma/web/activity_pub/views/user_view.ex index 1254fdf6c..327e0e05b 100644 --- a/lib/pleroma/web/activity_pub/views/user_view.ex +++ b/lib/pleroma/web/activity_pub/views/user_view.ex @@ -5,6 +5,7 @@ defmodule Pleroma.Web.ActivityPub.UserView do use Pleroma.Web, :view + alias Pleroma.Keys alias Pleroma.Repo alias Pleroma.User alias Pleroma.Web.ActivityPub.ActivityPub @@ -12,8 +13,6 @@ defmodule Pleroma.Web.ActivityPub.UserView do alias Pleroma.Web.ActivityPub.Utils alias Pleroma.Web.Endpoint alias Pleroma.Web.Router.Helpers - alias Pleroma.Web.Salmon - alias Pleroma.Web.WebFinger import Ecto.Query @@ -34,8 +33,8 @@ def render("endpoints.json", _), do: %{} # the instance itself is not a Person, but instead an Application def render("user.json", %{user: %{nickname: nil} = user}) do - {:ok, user} = WebFinger.ensure_keys_present(user) - {:ok, _, public_key} = Salmon.keys_from_pem(user.info.keys) + {:ok, user} = User.ensure_keys_present(user) + {:ok, _, public_key} = Keys.keys_from_pem(user.info.keys) public_key = :public_key.pem_entry_encode(:SubjectPublicKeyInfo, public_key) public_key = :public_key.pem_encode([public_key]) @@ -62,8 +61,8 @@ def render("user.json", %{user: %{nickname: nil} = user}) do end def render("user.json", %{user: user}) do - {:ok, user} = WebFinger.ensure_keys_present(user) - {:ok, _, public_key} = Salmon.keys_from_pem(user.info.keys) + {:ok, user} = User.ensure_keys_present(user) + {:ok, _, public_key} = Keys.keys_from_pem(user.info.keys) public_key = :public_key.pem_entry_encode(:SubjectPublicKeyInfo, public_key) public_key = :public_key.pem_encode([public_key]) diff --git a/lib/pleroma/web/federator/federator.ex b/lib/pleroma/web/federator/federator.ex index 169fdf4dc..6b0b75284 100644 --- a/lib/pleroma/web/federator/federator.ex +++ b/lib/pleroma/web/federator/federator.ex @@ -11,7 +11,6 @@ defmodule Pleroma.Web.Federator do alias Pleroma.Web.ActivityPub.Utils alias Pleroma.Web.Federator.Publisher alias Pleroma.Web.Federator.RetryQueue - alias Pleroma.Web.WebFinger alias Pleroma.Web.Websub require Logger @@ -77,9 +76,8 @@ def perform(:request_subscription, websub) do def perform(:publish, activity) do Logger.debug(fn -> "Running publish for #{activity.data["id"]}" end) - with actor when not is_nil(actor) <- User.get_cached_by_ap_id(activity.data["actor"]) do - {:ok, actor} = WebFinger.ensure_keys_present(actor) - + with %User{} = actor <- User.get_cached_by_ap_id(activity.data["actor"]), + {:ok, actor} <- User.ensure_keys_present(actor) do Publisher.publish(actor, activity) end end diff --git a/lib/pleroma/web/salmon/salmon.ex b/lib/pleroma/web/salmon/salmon.ex index 42709ab47..fa30f73cd 100644 --- a/lib/pleroma/web/salmon/salmon.ex +++ b/lib/pleroma/web/salmon/salmon.ex @@ -10,6 +10,7 @@ defmodule Pleroma.Web.Salmon do use Bitwise alias Pleroma.Activity + alias Pleroma.Keys alias Pleroma.Instances alias Pleroma.User alias Pleroma.Web.ActivityPub.Visibility @@ -89,45 +90,6 @@ def encode_key({:RSAPublicKey, modulus, exponent}) do "RSA.#{modulus_enc}.#{exponent_enc}" end - # Native generation of RSA keys is only available since OTP 20+ and in default build conditions - # We try at compile time to generate natively an RSA key otherwise we fallback on the old way. - try do - _ = :public_key.generate_key({:rsa, 2048, 65_537}) - - def generate_rsa_pem do - key = :public_key.generate_key({:rsa, 2048, 65_537}) - entry = :public_key.pem_entry_encode(:RSAPrivateKey, key) - pem = :public_key.pem_encode([entry]) |> String.trim_trailing() - {:ok, pem} - end - rescue - _ -> - def generate_rsa_pem do - port = Port.open({:spawn, "openssl genrsa"}, [:binary]) - - {:ok, pem} = - receive do - {^port, {:data, pem}} -> {:ok, pem} - end - - Port.close(port) - - if Regex.match?(~r/RSA PRIVATE KEY/, pem) do - {:ok, pem} - else - :error - end - end - end - - def keys_from_pem(pem) do - [private_key_code] = :public_key.pem_decode(pem) - private_key = :public_key.pem_entry_decode(private_key_code) - {:RSAPrivateKey, _, modulus, exponent, _, _, _, _, _, _, _} = private_key - public_key = {:RSAPublicKey, modulus, exponent} - {:ok, private_key, public_key} - end - def encode(private_key, doc) do type = "application/atom+xml" encoding = "base64url" @@ -227,7 +189,7 @@ def publish(%{info: %{keys: keys}} = user, %{data: %{"type" => type}} = activity |> :xmerl.export_simple(:xmerl_xml) |> to_string - {:ok, private, _} = keys_from_pem(keys) + {:ok, private, _} = Keys.keys_from_pem(keys) {:ok, feed} = encode(private, feed) remote_users = remote_users(activity) @@ -253,7 +215,7 @@ def publish(%{info: %{keys: keys}} = user, %{data: %{"type" => type}} = activity def publish(%{id: id}, _), do: Logger.debug(fn -> "Keys missing for user #{id}" end) def gather_webfinger_links(%User{} = user) do - {:ok, _private, public} = keys_from_pem(user.info.keys) + {:ok, _private, public} = Keys.keys_from_pem(user.info.keys) magic_key = encode_key(public) [ diff --git a/lib/pleroma/web/web_finger/web_finger.ex b/lib/pleroma/web/web_finger/web_finger.ex index 1239b962a..c5b7d4acb 100644 --- a/lib/pleroma/web/web_finger/web_finger.ex +++ b/lib/pleroma/web/web_finger/web_finger.ex @@ -8,7 +8,6 @@ defmodule Pleroma.Web.WebFinger do alias Pleroma.User alias Pleroma.Web alias Pleroma.Web.Federator.Publisher - alias Pleroma.Web.Salmon alias Pleroma.Web.XML alias Pleroma.XmlBuilder require Jason @@ -61,7 +60,7 @@ defp gather_links(%User{} = user) do end def represent_user(user, "JSON") do - {:ok, user} = ensure_keys_present(user) + {:ok, user} = User.ensure_keys_present(user) %{ "subject" => "acct:#{user.nickname}@#{Pleroma.Web.Endpoint.host()}", @@ -71,7 +70,7 @@ def represent_user(user, "JSON") do end def represent_user(user, "XML") do - {:ok, user} = ensure_keys_present(user) + {:ok, user} = User.ensure_keys_present(user) links = gather_links(user) @@ -88,27 +87,6 @@ def represent_user(user, "XML") do |> XmlBuilder.to_doc() end - # This seems a better fit in Salmon - def ensure_keys_present(user) do - info = user.info - - if info.keys do - {:ok, user} - else - {:ok, pem} = Salmon.generate_rsa_pem() - - info_cng = - info - |> User.Info.set_keys(pem) - - cng = - Ecto.Changeset.change(user) - |> Ecto.Changeset.put_embed(:info, info_cng) - - User.update_and_set_cache(cng) - end - end - defp get_magic_key(magic_key) do "data:application/magic-public-key," <> magic_key = magic_key {:ok, magic_key} diff --git a/test/keys_test.exs b/test/keys_test.exs new file mode 100644 index 000000000..776fdea6f --- /dev/null +++ b/test/keys_test.exs @@ -0,0 +1,20 @@ +defmodule Pleroma.KeysTest do + use Pleroma.DataCase + + alias Pleroma.Keys + + test "generates an RSA private key pem" do + {:ok, key} = Keys.generate_rsa_pem() + + assert is_binary(key) + assert Regex.match?(~r/RSA/, key) + end + + test "returns a public and private key from a pem" do + pem = File.read!("test/fixtures/private_key.pem") + {:ok, private, public} = Keys.keys_from_pem(pem) + + assert elem(private, 0) == :RSAPrivateKey + assert elem(public, 0) == :RSAPublicKey + end +end diff --git a/test/user_test.exs b/test/user_test.exs index cb6afbe07..019f2b56d 100644 --- a/test/user_test.exs +++ b/test/user_test.exs @@ -1251,4 +1251,19 @@ test "if user is unconfirmed" do refute user.info.confirmation_token end end + + describe "ensure_keys_present" do + test "it creates keys for a user and stores them in info" do + user = insert(:user) + refute is_binary(user.info.keys) + {:ok, user} = User.ensure_keys_present(user) + assert is_binary(user.info.keys) + end + + test "it doesn't create keys if there already are some" do + user = insert(:user, %{info: %{keys: "xxx"}}) + {:ok, user} = User.ensure_keys_present(user) + assert user.info.keys == "xxx" + end + end end diff --git a/test/web/activity_pub/activity_pub_test.exs b/test/web/activity_pub/activity_pub_test.exs index c18e0ab5f..f743f380b 100644 --- a/test/web/activity_pub/activity_pub_test.exs +++ b/test/web/activity_pub/activity_pub_test.exs @@ -1005,7 +1005,7 @@ test "it filters broken threads" do describe "update" do test "it creates an update activity with the new user data" do user = insert(:user) - {:ok, user} = Pleroma.Web.WebFinger.ensure_keys_present(user) + {:ok, user} = User.ensure_keys_present(user) user_data = Pleroma.Web.ActivityPub.UserView.render("user.json", %{user: user}) {:ok, update} = diff --git a/test/web/activity_pub/views/user_view_test.exs b/test/web/activity_pub/views/user_view_test.exs index 9fb9455d2..e6483db8b 100644 --- a/test/web/activity_pub/views/user_view_test.exs +++ b/test/web/activity_pub/views/user_view_test.exs @@ -2,11 +2,12 @@ defmodule Pleroma.Web.ActivityPub.UserViewTest do use Pleroma.DataCase import Pleroma.Factory + alias Pleroma.User alias Pleroma.Web.ActivityPub.UserView test "Renders a user, including the public key" do user = insert(:user) - {:ok, user} = Pleroma.Web.WebFinger.ensure_keys_present(user) + {:ok, user} = User.ensure_keys_present(user) result = UserView.render("user.json", %{user: user}) @@ -18,7 +19,7 @@ test "Renders a user, including the public key" do test "Does not add an avatar image if the user hasn't set one" do user = insert(:user) - {:ok, user} = Pleroma.Web.WebFinger.ensure_keys_present(user) + {:ok, user} = User.ensure_keys_present(user) result = UserView.render("user.json", %{user: user}) refute result["icon"] @@ -32,7 +33,7 @@ test "Does not add an avatar image if the user hasn't set one" do } ) - {:ok, user} = Pleroma.Web.WebFinger.ensure_keys_present(user) + {:ok, user} = User.ensure_keys_present(user) result = UserView.render("user.json", %{user: user}) assert result["icon"]["url"] == "https://someurl" @@ -42,7 +43,7 @@ test "Does not add an avatar image if the user hasn't set one" do describe "endpoints" do test "local users have a usable endpoints structure" do user = insert(:user) - {:ok, user} = Pleroma.Web.WebFinger.ensure_keys_present(user) + {:ok, user} = User.ensure_keys_present(user) result = UserView.render("user.json", %{user: user}) @@ -58,7 +59,7 @@ test "local users have a usable endpoints structure" do test "remote users have an empty endpoints structure" do user = insert(:user, local: false) - {:ok, user} = Pleroma.Web.WebFinger.ensure_keys_present(user) + {:ok, user} = User.ensure_keys_present(user) result = UserView.render("user.json", %{user: user}) @@ -68,7 +69,7 @@ test "remote users have an empty endpoints structure" do test "instance users do not expose oAuth endpoints" do user = insert(:user, nickname: nil, local: true) - {:ok, user} = Pleroma.Web.WebFinger.ensure_keys_present(user) + {:ok, user} = User.ensure_keys_present(user) result = UserView.render("user.json", %{user: user}) diff --git a/test/web/salmon/salmon_test.exs b/test/web/salmon/salmon_test.exs index 232082779..e86e76fe9 100644 --- a/test/web/salmon/salmon_test.exs +++ b/test/web/salmon/salmon_test.exs @@ -5,6 +5,7 @@ defmodule Pleroma.Web.Salmon.SalmonTest do use Pleroma.DataCase alias Pleroma.Activity + alias Pleroma.Keys alias Pleroma.Repo alias Pleroma.User alias Pleroma.Web.Federator.Publisher @@ -34,12 +35,6 @@ test "errors on wrong magic key" do assert Salmon.decode_and_validate(@wrong_magickey, salmon) == :error end - test "generates an RSA private key pem" do - {:ok, key} = Salmon.generate_rsa_pem() - assert is_binary(key) - assert Regex.match?(~r/RSA/, key) - end - test "it encodes a magic key from a public key" do key = Salmon.decode_key(@magickey) magic_key = Salmon.encode_key(key) @@ -51,18 +46,10 @@ test "it decodes a friendica public key" do _key = Salmon.decode_key(@magickey_friendica) end - test "returns a public and private key from a pem" do - pem = File.read!("test/fixtures/private_key.pem") - {:ok, private, public} = Salmon.keys_from_pem(pem) - - assert elem(private, 0) == :RSAPrivateKey - assert elem(public, 0) == :RSAPublicKey - end - test "encodes an xml payload with a private key" do doc = File.read!("test/fixtures/incoming_note_activity.xml") pem = File.read!("test/fixtures/private_key.pem") - {:ok, private, public} = Salmon.keys_from_pem(pem) + {:ok, private, public} = Keys.keys_from_pem(pem) # Let's try a roundtrip. {:ok, salmon} = Salmon.encode(private, doc) @@ -105,7 +92,7 @@ test "it gets a magic key" do {:ok, activity} = Repo.insert(%Activity{data: activity_data, recipients: activity_data["to"]}) user = User.get_cached_by_ap_id(activity.data["actor"]) - {:ok, user} = Pleroma.Web.WebFinger.ensure_keys_present(user) + {:ok, user} = User.ensure_keys_present(user) Salmon.publish(user, activity) diff --git a/test/web/web_finger/web_finger_test.exs b/test/web/web_finger/web_finger_test.exs index 6b20d8d56..335c95b18 100644 --- a/test/web/web_finger/web_finger_test.exs +++ b/test/web/web_finger/web_finger_test.exs @@ -105,19 +105,4 @@ test "it gets the xrd endpoint for statusnet" do assert template == "http://status.alpicola.com/main/xrd?uri={uri}" end end - - describe "ensure_keys_present" do - test "it creates keys for a user and stores them in info" do - user = insert(:user) - refute is_binary(user.info.keys) - {:ok, user} = WebFinger.ensure_keys_present(user) - assert is_binary(user.info.keys) - end - - test "it doesn't create keys if there already are some" do - user = insert(:user, %{info: %{keys: "xxx"}}) - {:ok, user} = WebFinger.ensure_keys_present(user) - assert user.info.keys == "xxx" - end - end end From 913484817076bf5ca4bdbe7c3c1ff34f7debd3e5 Mon Sep 17 00:00:00 2001 From: Sergey Suprunenko Date: Wed, 22 May 2019 04:04:20 +0000 Subject: [PATCH 142/170] Do not truncate DM when it contains newlines and safe_dm_mentions is set to true --- lib/pleroma/formatter.ex | 2 +- test/formatter_test.exs | 9 +++++++++ 2 files changed, 10 insertions(+), 1 deletion(-) diff --git a/lib/pleroma/formatter.ex b/lib/pleroma/formatter.ex index 3d7c36d21..3e3b9fe97 100644 --- a/lib/pleroma/formatter.ex +++ b/lib/pleroma/formatter.ex @@ -8,7 +8,7 @@ defmodule Pleroma.Formatter do alias Pleroma.User alias Pleroma.Web.MediaProxy - @safe_mention_regex ~r/^(\s*(?@.+?\s+)+)(?.*)/ + @safe_mention_regex ~r/^(\s*(?@.+?\s+)+)(?.*)/s @link_regex ~r"((?:http(s)?:\/\/)?[\w.-]+(?:\.[\w\.-]+)+[\w\-\._~%:/?#[\]@!\$&'\(\)\*\+,;=.]+)|[0-9a-z+\-\.]+:[0-9a-z$-_.+!*'(),]+"ui @markdown_characters_regex ~r/(`|\*|_|{|}|[|]|\(|\)|#|\+|-|\.|!)/ diff --git a/test/formatter_test.exs b/test/formatter_test.exs index 5e7011160..47b91b121 100644 --- a/test/formatter_test.exs +++ b/test/formatter_test.exs @@ -206,6 +206,15 @@ test "given the 'safe_mention' option, it will still work without any mention" d assert mentions == [] assert expected_text == text end + + test "given the 'safe_mention' option, it will keep text after newlines" do + user = insert(:user) + text = " @#{user.nickname}\n hey dude\n\nhow are you doing?" + + {expected_text, _, _} = Formatter.linkify(text, safe_mention: true) + + assert expected_text =~ "how are you doing?" + end end describe ".parse_tags" do From 0e2c215a006c7ca5756e80a357ff6395a4325946 Mon Sep 17 00:00:00 2001 From: "Haelwenn (lanodan) Monnier" Date: Wed, 22 May 2019 07:22:19 +0200 Subject: [PATCH 143/170] MastoAPI AccountView: fill source.note with plaintext version of note Closes: https://git.pleroma.social/pleroma/pleroma/issues/926 --- lib/pleroma/web/mastodon_api/views/account_view.ex | 2 +- test/web/mastodon_api/account_view_test.exs | 6 +++--- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/lib/pleroma/web/mastodon_api/views/account_view.ex b/lib/pleroma/web/mastodon_api/views/account_view.ex index 134c07b7e..b82d3319b 100644 --- a/lib/pleroma/web/mastodon_api/views/account_view.ex +++ b/lib/pleroma/web/mastodon_api/views/account_view.ex @@ -112,7 +112,7 @@ defp do_render("account.json", %{user: user} = opts) do fields: fields, bot: bot, source: %{ - note: "", + note: HTML.strip_tags((user.bio || "") |> String.replace("
", "\n")), sensitive: false, pleroma: %{} }, diff --git a/test/web/mastodon_api/account_view_test.exs b/test/web/mastodon_api/account_view_test.exs index a24f2a050..aaf2261bb 100644 --- a/test/web/mastodon_api/account_view_test.exs +++ b/test/web/mastodon_api/account_view_test.exs @@ -55,7 +55,7 @@ test "Represent a user account" do fields: [], bot: false, source: %{ - note: "", + note: "valid html", sensitive: false, pleroma: %{} }, @@ -120,7 +120,7 @@ test "Represent a Service(bot) account" do fields: [], bot: true, source: %{ - note: "", + note: user.bio, sensitive: false, pleroma: %{} }, @@ -209,7 +209,7 @@ test "represent an embedded relationship" do fields: [], bot: true, source: %{ - note: "", + note: user.bio, sensitive: false, pleroma: %{} }, From 1344c85e2fe636fd6b9d033eb7add1c3a9701c7f Mon Sep 17 00:00:00 2001 From: William Pitcock Date: Wed, 22 May 2019 05:58:51 +0000 Subject: [PATCH 144/170] salmon: fix credo --- lib/pleroma/web/salmon/salmon.ex | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lib/pleroma/web/salmon/salmon.ex b/lib/pleroma/web/salmon/salmon.ex index fa30f73cd..f25d92fad 100644 --- a/lib/pleroma/web/salmon/salmon.ex +++ b/lib/pleroma/web/salmon/salmon.ex @@ -10,8 +10,8 @@ defmodule Pleroma.Web.Salmon do use Bitwise alias Pleroma.Activity - alias Pleroma.Keys alias Pleroma.Instances + alias Pleroma.Keys alias Pleroma.User alias Pleroma.Web.ActivityPub.Visibility alias Pleroma.Web.Federator.Publisher From f9e0d09ec0082a096dcd4980bc5ffebe8e3139ae Mon Sep 17 00:00:00 2001 From: lain Date: Wed, 22 May 2019 10:17:32 +0200 Subject: [PATCH 145/170] Changelog: Add SSH mode. --- CHANGELOG.md | 1 + 1 file changed, 1 insertion(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index 3ff70e6e5..3d1e7640d 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -5,6 +5,7 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/). ## [unreleased] ### Added +- Optional SSH access mode. - [MongooseIM](https://github.com/esl/MongooseIM) http authentication support. - LDAP authentication - External OAuth provider authentication From b6cf62ddeab04db6bd2695c5537c81e0fb1aecaf Mon Sep 17 00:00:00 2001 From: lain Date: Wed, 22 May 2019 10:28:50 +0200 Subject: [PATCH 146/170] Mix: Don't start esshd application if we don't need it. --- mix.exs | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) diff --git a/mix.exs b/mix.exs index 95c052c34..bc5b6204f 100644 --- a/mix.exs +++ b/mix.exs @@ -40,9 +40,16 @@ def project do # # Type `mix help compile.app` for more information. def application do + extra_applications = [:logger, :runtime_tools, :comeonin, :quack] + extra_applications = if Application.get_env(:esshd, :enabled, false) do + [:esshd | extra_applications] + else + extra_applications + end + [ mod: {Pleroma.Application, []}, - extra_applications: [:logger, :runtime_tools, :comeonin, :esshd, :quack], + extra_applications: extra_applications, included_applications: [:ex_syslogger] ] end From db9a82d168cfc452611a44d92df2b81a5e6d1e69 Mon Sep 17 00:00:00 2001 From: lain Date: Wed, 22 May 2019 10:40:15 +0200 Subject: [PATCH 147/170] Linting. --- mix.exs | 12 +++++++----- 1 file changed, 7 insertions(+), 5 deletions(-) diff --git a/mix.exs b/mix.exs index bc5b6204f..25ec46a46 100644 --- a/mix.exs +++ b/mix.exs @@ -41,11 +41,13 @@ def project do # Type `mix help compile.app` for more information. def application do extra_applications = [:logger, :runtime_tools, :comeonin, :quack] - extra_applications = if Application.get_env(:esshd, :enabled, false) do - [:esshd | extra_applications] - else - extra_applications - end + + extra_applications = + if Application.get_env(:esshd, :enabled, false) do + [:esshd | extra_applications] + else + extra_applications + end [ mod: {Pleroma.Application, []}, From b22145cbc40b57cf83f6389f063a76a03625ff16 Mon Sep 17 00:00:00 2001 From: lain Date: Wed, 22 May 2019 10:44:26 +0200 Subject: [PATCH 148/170] Documentation: Specify PEM format for SSH keys. Otherwise openssh-client 7.9 will generate a different format that can't be used by esshd. --- docs/config.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/config.md b/docs/config.md index 197326bbd..63ca61d1e 100644 --- a/docs/config.md +++ b/docs/config.md @@ -477,7 +477,7 @@ config :esshd, password_authenticator: "Pleroma.BBS.Authenticator" ``` -Feel free to adjust the priv_dir and port number. Then you will have to create the key for the keys (in the example `priv/ssh_keys`) and create the host keys with `ssh-keygen -N "" -b 2048 -t rsa -f ssh_host_rsa_key`. After restarting, you should be able to connect to your Pleroma instance with `ssh username@server -p $PORT` +Feel free to adjust the priv_dir and port number. Then you will have to create the key for the keys (in the example `priv/ssh_keys`) and create the host keys with `ssh-keygen -m PEM -N "" -b 2048 -t rsa -f ssh_host_rsa_key`. After restarting, you should be able to connect to your Pleroma instance with `ssh username@server -p $PORT` ## :auth From 3b12e1ba7c99382c678ce17629352135f44dcb9f Mon Sep 17 00:00:00 2001 From: lain Date: Wed, 22 May 2019 11:01:10 +0200 Subject: [PATCH 149/170] Changelog: Add tip for debian users. --- CHANGELOG.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 3d1e7640d..b88edd072 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -5,7 +5,7 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/). ## [unreleased] ### Added -- Optional SSH access mode. +- Optional SSH access mode. (Needs `erlang-ssh` package on Debian). - [MongooseIM](https://github.com/esl/MongooseIM) http authentication support. - LDAP authentication - External OAuth provider authentication From f4cfcead8868481c19ebd93b0fcd2b942dc0e477 Mon Sep 17 00:00:00 2001 From: lain Date: Wed, 22 May 2019 11:44:17 +0200 Subject: [PATCH 150/170] Mix: Bring ecto-sql back to mainline. --- mix.exs | 5 +---- mix.lock | 2 +- 2 files changed, 2 insertions(+), 5 deletions(-) diff --git a/mix.exs b/mix.exs index 95c052c34..9149b241f 100644 --- a/mix.exs +++ b/mix.exs @@ -66,10 +66,7 @@ defp deps do {:plug_cowboy, "~> 2.0"}, {:phoenix_pubsub, "~> 1.1"}, {:phoenix_ecto, "~> 4.0"}, - {:ecto_sql, - git: "https://github.com/elixir-ecto/ecto_sql", - ref: "14cb065a74c488d737d973f7a91bc036c6245f78", - override: true}, + {:ecto_sql, "~> 3.1"}, {:postgrex, ">= 0.13.5"}, {:gettext, "~> 0.15"}, {:comeonin, "~> 4.1.1"}, diff --git a/mix.lock b/mix.lock index bacc09787..857bfca79 100644 --- a/mix.lock +++ b/mix.lock @@ -21,7 +21,7 @@ "deep_merge": {:hex, :deep_merge, "1.0.0", "b4aa1a0d1acac393bdf38b2291af38cb1d4a52806cf7a4906f718e1feb5ee961", [:mix], [], "hexpm"}, "earmark": {:hex, :earmark, "1.3.2", "b840562ea3d67795ffbb5bd88940b1bed0ed9fa32834915125ea7d02e35888a5", [:mix], [], "hexpm"}, "ecto": {:hex, :ecto, "3.1.4", "69d852da7a9f04ede725855a35ede48d158ca11a404fe94f8b2fb3b2162cd3c9", [:mix], [{:decimal, "~> 1.6", [hex: :decimal, repo: "hexpm", optional: false]}, {:jason, "~> 1.0", [hex: :jason, repo: "hexpm", optional: true]}], "hexpm"}, - "ecto_sql": {:git, "https://github.com/elixir-ecto/ecto_sql", "14cb065a74c488d737d973f7a91bc036c6245f78", [ref: "14cb065a74c488d737d973f7a91bc036c6245f78"]}, + "ecto_sql": {:hex, :ecto_sql, "3.1.3", "2c536139190492d9de33c5fefac7323c5eaaa82e1b9bf93482a14649042f7cd9", [:mix], [{:db_connection, "~> 2.0", [hex: :db_connection, repo: "hexpm", optional: false]}, {:ecto, "~> 3.1.0", [hex: :ecto, repo: "hexpm", optional: false]}, {:mariaex, "~> 0.9.1", [hex: :mariaex, repo: "hexpm", optional: true]}, {:myxql, "~> 0.2.0", [hex: :myxql, repo: "hexpm", optional: true]}, {:postgrex, "~> 0.14.0", [hex: :postgrex, repo: "hexpm", optional: true]}, {:telemetry, "~> 0.4.0", [hex: :telemetry, repo: "hexpm", optional: false]}], "hexpm"}, "esshd": {:hex, :esshd, "0.1.0", "6f93a2062adb43637edad0ea7357db2702a4b80dd9683482fe00f5134e97f4c1", [:mix], [], "hexpm"}, "eternal": {:hex, :eternal, "1.2.0", "e2a6b6ce3b8c248f7dc31451aefca57e3bdf0e48d73ae5043229380a67614c41", [:mix], [], "hexpm"}, "ex2ms": {:hex, :ex2ms, "1.5.0", "19e27f9212be9a96093fed8cdfbef0a2b56c21237196d26760f11dfcfae58e97", [:mix], [], "hexpm"}, From f323031927ecaf155e661b17cc9b96333fb9e4ad Mon Sep 17 00:00:00 2001 From: lain Date: Wed, 22 May 2019 12:57:20 +0200 Subject: [PATCH 151/170] Mix: Only start sshd when needed, second try. --- mix.exs | 13 ++----------- 1 file changed, 2 insertions(+), 11 deletions(-) diff --git a/mix.exs b/mix.exs index 25ec46a46..b2c075c85 100644 --- a/mix.exs +++ b/mix.exs @@ -40,18 +40,9 @@ def project do # # Type `mix help compile.app` for more information. def application do - extra_applications = [:logger, :runtime_tools, :comeonin, :quack] - - extra_applications = - if Application.get_env(:esshd, :enabled, false) do - [:esshd | extra_applications] - else - extra_applications - end - [ mod: {Pleroma.Application, []}, - extra_applications: extra_applications, + extra_applications: [:logger, :runtime_tools, :comeonin, :quack], included_applications: [:ex_syslogger] ] end @@ -129,7 +120,7 @@ defp deps do {:recon, github: "ferd/recon", tag: "2.4.0"}, {:quack, "~> 0.1.1"}, {:benchee, "~> 1.0"}, - {:esshd, "~> 0.1.0"}, + {:esshd, "~> 0.1.0", runtime: Application.get_env(:esshd, :enabled, false)}, {:ex_rated, "~> 1.2"}, {:plug_static_index_html, "~> 1.0.0"}, {:excoveralls, "~> 0.11.1", only: :test} From 78ac8ee56139ed98625c54ce627eb37047a361f0 Mon Sep 17 00:00:00 2001 From: lambda Date: Wed, 22 May 2019 11:07:51 +0000 Subject: [PATCH 152/170] Update CHANGELOG.md --- CHANGELOG.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index b88edd072..bb2306fc4 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -5,7 +5,7 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/). ## [unreleased] ### Added -- Optional SSH access mode. (Needs `erlang-ssh` package on Debian). +- Optional SSH access mode. (Needs `erlang-ssh` package on some distributions). - [MongooseIM](https://github.com/esl/MongooseIM) http authentication support. - LDAP authentication - External OAuth provider authentication From 620908a2db86942a00bc0ba9c71c037061e26967 Mon Sep 17 00:00:00 2001 From: Maksim Date: Wed, 22 May 2019 15:44:50 +0000 Subject: [PATCH 153/170] [#699] add worker to clean expired oauth tokens --- CHANGELOG.md | 1 + config/config.exs | 4 +- docs/config.md | 2 + lib/pleroma/application.ex | 1 + lib/pleroma/web/oauth/token.ex | 36 ++++++-------- lib/pleroma/web/oauth/token/clean_worker.ex | 41 +++++++++++++++ lib/pleroma/web/oauth/token/query.ex | 55 +++++++++++++++++++++ test/web/oauth/token_test.exs | 13 +++++ 8 files changed, 132 insertions(+), 21 deletions(-) create mode 100644 lib/pleroma/web/oauth/token/clean_worker.ex create mode 100644 lib/pleroma/web/oauth/token/query.ex diff --git a/CHANGELOG.md b/CHANGELOG.md index b5c42d1fd..02d64a850 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -41,6 +41,7 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/). - OAuth: added support for refresh tokens - Emoji packs and emoji pack manager - Object pruning (`mix pleroma.database prune_objects`) +- OAuth: added job to clean expired access tokens ### Changed - **Breaking:** Configuration: move from Pleroma.Mailer to Pleroma.Emails.Mailer diff --git a/config/config.exs b/config/config.exs index a05f8b1d2..33b7e713d 100644 --- a/config/config.exs +++ b/config/config.exs @@ -481,7 +481,9 @@ config :pleroma, :oauth2, token_expires_in: 600, - issue_new_refresh_token: true + issue_new_refresh_token: true, + clean_expired_tokens: false, + clean_expired_tokens_interval: 86_400_000 config :pleroma, :database, rum_enabled: false diff --git a/docs/config.md b/docs/config.md index a050068f4..264b65499 100644 --- a/docs/config.md +++ b/docs/config.md @@ -550,6 +550,8 @@ Configure OAuth 2 provider capabilities: * `token_expires_in` - The lifetime in seconds of the access token. * `issue_new_refresh_token` - Keeps old refresh token or generate new refresh token when to obtain an access token. +* `clean_expired_tokens` - Enable a background job to clean expired oauth tokens. Defaults to `false`. +* `clean_expired_tokens_interval` - Interval to run the job to clean expired tokens. Defaults to `86_400_000` (24 hours). ## :emoji * `shortcode_globs`: Location of custom emoji files. `*` can be used as a wildcard. Example `["/emoji/custom/**/*.png"]` diff --git a/lib/pleroma/application.ex b/lib/pleroma/application.ex index dab45a0b2..76df3945e 100644 --- a/lib/pleroma/application.ex +++ b/lib/pleroma/application.ex @@ -110,6 +110,7 @@ def start(_type, _args) do hackney_pool_children() ++ [ worker(Pleroma.Web.Federator.RetryQueue, []), + worker(Pleroma.Web.OAuth.Token.CleanWorker, []), worker(Pleroma.Stats, []), worker(Task, [&Pleroma.Web.Push.init/0], restart: :temporary, id: :web_push_init), worker(Task, [&Pleroma.Web.Federator.init/0], restart: :temporary, id: :federator_init) diff --git a/lib/pleroma/web/oauth/token.ex b/lib/pleroma/web/oauth/token.ex index 66c95c2e9..f412f7eb2 100644 --- a/lib/pleroma/web/oauth/token.ex +++ b/lib/pleroma/web/oauth/token.ex @@ -5,7 +5,6 @@ defmodule Pleroma.Web.OAuth.Token do use Ecto.Schema - import Ecto.Query import Ecto.Changeset alias Pleroma.Repo @@ -13,6 +12,7 @@ defmodule Pleroma.Web.OAuth.Token do alias Pleroma.Web.OAuth.App alias Pleroma.Web.OAuth.Authorization alias Pleroma.Web.OAuth.Token + alias Pleroma.Web.OAuth.Token.Query @expires_in Pleroma.Config.get([:oauth2, :token_expires_in], 600) @type t :: %__MODULE__{} @@ -31,17 +31,17 @@ defmodule Pleroma.Web.OAuth.Token do @doc "Gets token for app by access token" @spec get_by_token(App.t(), String.t()) :: {:ok, t()} | {:error, :not_found} def get_by_token(%App{id: app_id} = _app, token) do - from(t in __MODULE__, where: t.app_id == ^app_id and t.token == ^token) + Query.get_by_app(app_id) + |> Query.get_by_token(token) |> Repo.find_resource() end @doc "Gets token for app by refresh token" @spec get_by_refresh_token(App.t(), String.t()) :: {:ok, t()} | {:error, :not_found} def get_by_refresh_token(%App{id: app_id} = _app, token) do - from(t in __MODULE__, - where: t.app_id == ^app_id and t.refresh_token == ^token, - preload: [:user] - ) + Query.get_by_app(app_id) + |> Query.get_by_refresh_token(token) + |> Query.preload([:user]) |> Repo.find_resource() end @@ -97,29 +97,25 @@ def create_token(%App{} = app, %User{} = user, attrs \\ %{}) do end def delete_user_tokens(%User{id: user_id}) do - from( - t in Token, - where: t.user_id == ^user_id - ) + Query.get_by_user(user_id) |> Repo.delete_all() end def delete_user_token(%User{id: user_id}, token_id) do - from( - t in Token, - where: t.user_id == ^user_id, - where: t.id == ^token_id - ) + Query.get_by_user(user_id) + |> Query.get_by_id(token_id) + |> Repo.delete_all() + end + + def delete_expired_tokens do + Query.get_expired_tokens() |> Repo.delete_all() end def get_user_tokens(%User{id: user_id}) do - from( - t in Token, - where: t.user_id == ^user_id - ) + Query.get_by_user(user_id) + |> Query.preload([:app]) |> Repo.all() - |> Repo.preload(:app) end def is_expired?(%__MODULE__{valid_until: valid_until}) do diff --git a/lib/pleroma/web/oauth/token/clean_worker.ex b/lib/pleroma/web/oauth/token/clean_worker.ex new file mode 100644 index 000000000..dca852449 --- /dev/null +++ b/lib/pleroma/web/oauth/token/clean_worker.ex @@ -0,0 +1,41 @@ +# Pleroma: A lightweight social networking server +# Copyright © 2017-2018 Pleroma Authors +# SPDX-License-Identifier: AGPL-3.0-only + +defmodule Pleroma.Web.OAuth.Token.CleanWorker do + @moduledoc """ + The module represents functions to clean an expired oauth tokens. + """ + + # 10 seconds + @start_interval 10_000 + @interval Pleroma.Config.get( + # 24 hours + [:oauth2, :clean_expired_tokens_interval], + 86_400_000 + ) + @queue :background + + alias Pleroma.Web.OAuth.Token + + def start_link, do: GenServer.start_link(__MODULE__, nil) + + def init(_) do + if Pleroma.Config.get([:oauth2, :clean_expired_tokens], false) do + Process.send_after(self(), :perform, @start_interval) + {:ok, nil} + else + :ignore + end + end + + @doc false + def handle_info(:perform, state) do + Process.send_after(self(), :perform, @interval) + PleromaJobQueue.enqueue(@queue, __MODULE__, [:clean]) + {:noreply, state} + end + + # Job Worker Callbacks + def perform(:clean), do: Token.delete_expired_tokens() +end diff --git a/lib/pleroma/web/oauth/token/query.ex b/lib/pleroma/web/oauth/token/query.ex new file mode 100644 index 000000000..d92e1f071 --- /dev/null +++ b/lib/pleroma/web/oauth/token/query.ex @@ -0,0 +1,55 @@ +# Pleroma: A lightweight social networking server +# Copyright © 2017-2018 Pleroma Authors +# SPDX-License-Identifier: AGPL-3.0-only + +defmodule Pleroma.Web.OAuth.Token.Query do + @moduledoc """ + Contains queries for OAuth Token. + """ + + import Ecto.Query, only: [from: 2] + + @type query :: Ecto.Queryable.t() | Token.t() + + alias Pleroma.Web.OAuth.Token + + @spec get_by_refresh_token(query, String.t()) :: query + def get_by_refresh_token(query \\ Token, refresh_token) do + from(q in query, where: q.refresh_token == ^refresh_token) + end + + @spec get_by_token(query, String.t()) :: query + def get_by_token(query \\ Token, token) do + from(q in query, where: q.token == ^token) + end + + @spec get_by_app(query, String.t()) :: query + def get_by_app(query \\ Token, app_id) do + from(q in query, where: q.app_id == ^app_id) + end + + @spec get_by_id(query, String.t()) :: query + def get_by_id(query \\ Token, id) do + from(q in query, where: q.id == ^id) + end + + @spec get_expired_tokens(query, DateTime.t() | nil) :: query + def get_expired_tokens(query \\ Token, date \\ nil) do + expired_date = date || Timex.now() + from(q in query, where: fragment("?", q.valid_until) < ^expired_date) + end + + @spec get_by_user(query, String.t()) :: query + def get_by_user(query \\ Token, user_id) do + from(q in query, where: q.user_id == ^user_id) + end + + @spec preload(query, any) :: query + def preload(query \\ Token, assoc_preload \\ []) + + def preload(query, assoc_preload) when is_list(assoc_preload) do + from(q in query, preload: ^assoc_preload) + end + + def preload(query, _assoc_preload), do: query +end diff --git a/test/web/oauth/token_test.exs b/test/web/oauth/token_test.exs index ad2a49f09..3c07309b7 100644 --- a/test/web/oauth/token_test.exs +++ b/test/web/oauth/token_test.exs @@ -69,4 +69,17 @@ test "deletes all tokens of a user" do assert tokens == 2 end + + test "deletes expired tokens" do + insert(:oauth_token, valid_until: Timex.shift(Timex.now(), days: -3)) + insert(:oauth_token, valid_until: Timex.shift(Timex.now(), days: -3)) + t3 = insert(:oauth_token) + t4 = insert(:oauth_token, valid_until: Timex.shift(Timex.now(), minutes: 10)) + {tokens, _} = Token.delete_expired_tokens() + assert tokens == 2 + available_tokens = Pleroma.Repo.all(Token) + + token_ids = available_tokens |> Enum.map(& &1.id) + assert token_ids == [t3.id, t4.id] + end end From 54e10a3e55fe46b71ef7f330605baf8bcccd5a44 Mon Sep 17 00:00:00 2001 From: rinpatch Date: Wed, 22 May 2019 20:10:52 +0300 Subject: [PATCH 154/170] Disable timeouts for object pruning query --- lib/mix/tasks/pleroma/database.ex | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lib/mix/tasks/pleroma/database.ex b/lib/mix/tasks/pleroma/database.ex index f9bafb277..4d480ac3f 100644 --- a/lib/mix/tasks/pleroma/database.ex +++ b/lib/mix/tasks/pleroma/database.ex @@ -107,7 +107,7 @@ def run(["prune_objects" | args]) do where: fragment("split_part(?->>'actor', '/', 3) != ?", o.data, ^Pleroma.Web.Endpoint.host()) ) - |> Repo.delete_all() + |> Repo.delete_all(timeout: :infinity) if Keyword.get(options, :vacuum) do Logger.info("Runnning VACUUM FULL") From 75b6c4b00433560fb5ee502f13e8261b4b8a246a Mon Sep 17 00:00:00 2001 From: William Pitcock Date: Wed, 22 May 2019 04:15:59 +0000 Subject: [PATCH 155/170] mrf: defang policy modules for filtering user profile objects --- lib/pleroma/web/activity_pub/mrf/simple_policy.ex | 6 ++++-- lib/pleroma/web/activity_pub/mrf/user_allowlist.ex | 6 ++++-- 2 files changed, 8 insertions(+), 4 deletions(-) diff --git a/lib/pleroma/web/activity_pub/mrf/simple_policy.ex b/lib/pleroma/web/activity_pub/mrf/simple_policy.ex index 7190652d2..ffaa4b7db 100644 --- a/lib/pleroma/web/activity_pub/mrf/simple_policy.ex +++ b/lib/pleroma/web/activity_pub/mrf/simple_policy.ex @@ -105,8 +105,8 @@ defp check_report_removal(%{host: actor_host} = _actor_info, %{"type" => "Flag"} defp check_report_removal(_actor_info, object), do: {:ok, object} @impl true - def filter(object) do - actor_info = URI.parse(object["actor"]) + def filter(%{"actor" => actor} = object) do + actor_info = URI.parse(actor) with {:ok, object} <- check_accept(actor_info, object), {:ok, object} <- check_reject(actor_info, object), @@ -119,4 +119,6 @@ def filter(object) do _e -> {:reject, nil} end end + + def filter(object), do: {:ok, object} end diff --git a/lib/pleroma/web/activity_pub/mrf/user_allowlist.ex b/lib/pleroma/web/activity_pub/mrf/user_allowlist.ex index f5078d818..47663414a 100644 --- a/lib/pleroma/web/activity_pub/mrf/user_allowlist.ex +++ b/lib/pleroma/web/activity_pub/mrf/user_allowlist.ex @@ -19,10 +19,12 @@ defp filter_by_list(%{"actor" => actor} = object, allow_list) do end @impl true - def filter(object) do - actor_info = URI.parse(object["actor"]) + def filter(%{"actor" => actor} = object) do + actor_info = URI.parse(actor) allow_list = Config.get([:mrf_user_allowlist, String.to_atom(actor_info.host)], []) filter_by_list(object, allow_list) end + + def filter(object), do: {:ok, object} end From 60f882b09f5f837546d59f8eef56b905e065ec60 Mon Sep 17 00:00:00 2001 From: William Pitcock Date: Wed, 22 May 2019 04:33:10 +0000 Subject: [PATCH 156/170] activitypub: run user objects through MRF filters --- lib/pleroma/web/activity_pub/activity_pub.ex | 16 +++++++++++++--- 1 file changed, 13 insertions(+), 3 deletions(-) diff --git a/lib/pleroma/web/activity_pub/activity_pub.ex b/lib/pleroma/web/activity_pub/activity_pub.ex index 3d9679ec0..aa0229db7 100644 --- a/lib/pleroma/web/activity_pub/activity_pub.ex +++ b/lib/pleroma/web/activity_pub/activity_pub.ex @@ -909,7 +909,7 @@ def upload(file, opts \\ []) do end end - def user_data_from_user_object(data) do + defp object_to_user_data(data) do avatar = data["icon"]["url"] && %{ @@ -956,9 +956,19 @@ def user_data_from_user_object(data) do {:ok, user_data} end + def user_data_from_user_object(data) do + with {:ok, data} <- MRF.filter(data), + {:ok, data} <- object_to_user_data(data) do + {:ok, data} + else + e -> {:error, e} + end + end + def fetch_and_prepare_user_from_ap_id(ap_id) do - with {:ok, data} <- Fetcher.fetch_and_contain_remote_object_from_id(ap_id) do - user_data_from_user_object(data) + with {:ok, data} <- Fetcher.fetch_and_contain_remote_object_from_id(ap_id), + {:ok, data} <- user_data_from_user_object(data) do + {:ok, data} else e -> Logger.error("Could not decode user at fetch #{ap_id}, #{inspect(e)}") end From baf72d6c580e5c05ef5fea8a57c57150a5d38589 Mon Sep 17 00:00:00 2001 From: William Pitcock Date: Wed, 22 May 2019 04:55:16 +0000 Subject: [PATCH 157/170] mrf: simple policy: add the ability to strip avatars and banners from user profiles --- config/config.exs | 4 ++- .../web/activity_pub/mrf/simple_policy.ex | 32 +++++++++++++++++++ 2 files changed, 35 insertions(+), 1 deletion(-) diff --git a/config/config.exs b/config/config.exs index 33b7e713d..e90821d66 100644 --- a/config/config.exs +++ b/config/config.exs @@ -314,7 +314,9 @@ federated_timeline_removal: [], report_removal: [], reject: [], - accept: [] + accept: [], + avatar_removal: [], + banner_removal: [] config :pleroma, :mrf_keyword, reject: [], diff --git a/lib/pleroma/web/activity_pub/mrf/simple_policy.ex b/lib/pleroma/web/activity_pub/mrf/simple_policy.ex index ffaa4b7db..890d70a7a 100644 --- a/lib/pleroma/web/activity_pub/mrf/simple_policy.ex +++ b/lib/pleroma/web/activity_pub/mrf/simple_policy.ex @@ -104,6 +104,26 @@ defp check_report_removal(%{host: actor_host} = _actor_info, %{"type" => "Flag"} defp check_report_removal(_actor_info, object), do: {:ok, object} + defp check_avatar_removal(%{host: actor_host} = _actor_info, %{"icon" => _icon} = object) do + if actor_host in Pleroma.Config.get([:mrf_simple, :avatar_removal]) do + {:ok, Map.delete(object, "icon")} + else + {:ok, object} + end + end + + defp check_avatar_removal(_actor_info, object), do: {:ok, object} + + defp check_banner_removal(%{host: actor_host} = _actor_info, %{"image" => _image} = object) do + if actor_host in Pleroma.Config.get([:mrf_simple, :banner_removal]) do + {:ok, Map.delete(object, "image")} + else + {:ok, object} + end + end + + defp check_banner_removal(_actor_info, object), do: {:ok, object} + @impl true def filter(%{"actor" => actor} = object) do actor_info = URI.parse(actor) @@ -120,5 +140,17 @@ def filter(%{"actor" => actor} = object) do end end + def filter(%{"id" => actor, "type" => obj_type} = object) + when obj_type in ["Application", "Group", "Organization", "Person", "Service"] do + actor_info = URI.parse(actor) + + with {:ok, object} <- check_avatar_removal(actor_info, object), + {:ok, object} <- check_banner_removal(actor_info, object) do + {:ok, object} + else + _e -> {:reject, nil} + end + end + def filter(object), do: {:ok, object} end From 8086c7aed6cdc3b2ac1c09c6c40344e47be08ed9 Mon Sep 17 00:00:00 2001 From: William Pitcock Date: Wed, 22 May 2019 05:08:37 +0000 Subject: [PATCH 158/170] tests: add tests for banner and avatar removal --- .../activity_pub/mrf/simple_policy_test.exs | 73 ++++++++++++++++++- 1 file changed, 72 insertions(+), 1 deletion(-) diff --git a/test/web/activity_pub/mrf/simple_policy_test.exs b/test/web/activity_pub/mrf/simple_policy_test.exs index 74af7dcde..3d1f26e60 100644 --- a/test/web/activity_pub/mrf/simple_policy_test.exs +++ b/test/web/activity_pub/mrf/simple_policy_test.exs @@ -17,7 +17,9 @@ defmodule Pleroma.Web.ActivityPub.MRF.SimplePolicyTest do federated_timeline_removal: [], report_removal: [], reject: [], - accept: [] + accept: [], + avatar_removal: [], + banner_removal: [] ) on_exit(fn -> @@ -206,6 +208,60 @@ test "has a matching host" do end end + describe "when :avatar_removal" do + test "is empty" do + Config.put([:mrf_simple, :avatar_removal], []) + + remote_user = build_remote_user() + + assert SimplePolicy.filter(remote_user) == {:ok, remote_user} + end + + test "is not empty but it doesn't have a matching host" do + Config.put([:mrf_simple, :avatar_removal], ["non.matching.remote"]) + + remote_user = build_remote_user() + + assert SimplePolicy.filter(remote_user) == {:ok, remote_user} + end + + test "has a matching host" do + Config.put([:mrf_simple, :avatar_removal], ["remote.instance"]) + + remote_user = build_remote_user() + {:ok, filtered} = SimplePolicy.filter(remote_user) + + refute filtered["icon"] + end + end + + describe "when :banner_removal" do + test "is empty" do + Config.put([:mrf_simple, :banner_removal], []) + + remote_user = build_remote_user() + + assert SimplePolicy.filter(remote_user) == {:ok, remote_user} + end + + test "is not empty but it doesn't have a matching host" do + Config.put([:mrf_simple, :banner_removal], ["non.matching.remote"]) + + remote_user = build_remote_user() + + assert SimplePolicy.filter(remote_user) == {:ok, remote_user} + end + + test "has a matching host" do + Config.put([:mrf_simple, :banner_removal], ["remote.instance"]) + + remote_user = build_remote_user() + {:ok, filtered} = SimplePolicy.filter(remote_user) + + refute filtered["image"] + end + end + defp build_local_message do %{ "actor" => "#{Pleroma.Web.base_url()}/users/alice", @@ -217,4 +273,19 @@ defp build_local_message do defp build_remote_message do %{"actor" => "https://remote.instance/users/bob"} end + + defp build_remote_user do + %{ + "id" => "https://remote.instance/users/bob", + "icon" => %{ + "url" => "http://example.com/image.jpg", + "type" => "Image" + }, + "image" => %{ + "url" => "http://example.com/image.jpg", + "type" => "Image" + }, + "type" => "Person" + } + end end From 7d9b33b3cebeed451210f754a8c34cc14a9e969b Mon Sep 17 00:00:00 2001 From: William Pitcock Date: Wed, 22 May 2019 05:55:09 +0000 Subject: [PATCH 159/170] update documentation for the new MRF features [no-ci] --- CHANGELOG.md | 2 ++ docs/config.md | 3 +++ 2 files changed, 5 insertions(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index 02d64a850..2a2b11ddf 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -42,6 +42,8 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/). - Emoji packs and emoji pack manager - Object pruning (`mix pleroma.database prune_objects`) - OAuth: added job to clean expired access tokens +- MRF: Support for rejecting reports from specific instances (`mrf_simple`) +- MRF: Support for stripping avatars and banner images from specific instances (`mrf_simple`) ### Changed - **Breaking:** Configuration: move from Pleroma.Mailer to Pleroma.Emails.Mailer diff --git a/docs/config.md b/docs/config.md index 264b65499..1d1d24c32 100644 --- a/docs/config.md +++ b/docs/config.md @@ -220,6 +220,9 @@ relates to mascots on the mastodon frontend * `federated_timeline_removal`: List of instances to remove from Federated (aka The Whole Known Network) Timeline * `reject`: List of instances to reject any activities from * `accept`: List of instances to accept any activities from +* `report_removal`: List of instances to reject reports from +* `avatar_removal`: List of instances to strip avatars from +* `banner_removal`: List of instances to strip banners from ## :mrf_rejectnonpublic * `allow_followersonly`: whether to allow followers-only posts From 356c047759735bcd984ebd44059a21a3cf22af0e Mon Sep 17 00:00:00 2001 From: Alfie Pates Date: Thu, 23 May 2019 22:33:27 +0100 Subject: [PATCH 160/170] explicitly set reverse proxy upstream to IPv4 since Pleroma.Web.Endpoint binds on IPv4 only and `localhost.` resolves to [::0] on some systems fixes #930. --- installation/caddyfile-pleroma.example | 4 +++- installation/pleroma-apache.conf | 6 ++++-- installation/pleroma.nginx | 4 +++- 3 files changed, 10 insertions(+), 4 deletions(-) diff --git a/installation/caddyfile-pleroma.example b/installation/caddyfile-pleroma.example index fcf76718e..7985d9c67 100644 --- a/installation/caddyfile-pleroma.example +++ b/installation/caddyfile-pleroma.example @@ -10,7 +10,9 @@ example.tld { gzip - proxy / localhost:4000 { + # this is explicitly IPv4 since Pleroma.Web.Endpoint binds on IPv4 only + # and `localhost.` resolves to [::0] on some systems: see issue #930 + proxy / 127.0.0.1:4000 { websocket transparent } diff --git a/installation/pleroma-apache.conf b/installation/pleroma-apache.conf index 2beb7c4cc..b5640ac3d 100644 --- a/installation/pleroma-apache.conf +++ b/installation/pleroma-apache.conf @@ -58,8 +58,10 @@ CustomLog ${APACHE_LOG_DIR}/access.log combined RewriteRule /(.*) ws://localhost:4000/$1 [P,L] ProxyRequests off - ProxyPass / http://localhost:4000/ - ProxyPassReverse / http://localhost:4000/ + # this is explicitly IPv4 since Pleroma.Web.Endpoint binds on IPv4 only + # and `localhost.` resolves to [::0] on some systems: see issue #930 + ProxyPass / http://127.0.0.1:4000/ + ProxyPassReverse / http://127.0.0.1:4000/ RequestHeader set Host ${servername} ProxyPreserveHost On diff --git a/installation/pleroma.nginx b/installation/pleroma.nginx index cc75d78b2..7425da33f 100644 --- a/installation/pleroma.nginx +++ b/installation/pleroma.nginx @@ -69,7 +69,9 @@ server { proxy_set_header Connection "upgrade"; proxy_set_header Host $http_host; - proxy_pass http://localhost:4000; + # this is explicitly IPv4 since Pleroma.Web.Endpoint binds on IPv4 only + # and `localhost.` resolves to [::0] on some systems: see issue #930 + proxy_pass http://127.0.0.1:4000; client_max_body_size 16m; } From f916e4cdd9a502b83c615146c598be135f47e57a Mon Sep 17 00:00:00 2001 From: feld Date: Fri, 24 May 2019 20:33:55 +0000 Subject: [PATCH 161/170] Move the Cache Control header test to its own file We can consolidate our cache control header tests here --- lib/pleroma/web/endpoint.ex | 19 +++++++++++++++++-- test/plugs/cache_control_test.exs | 20 ++++++++++++++++++++ 2 files changed, 37 insertions(+), 2 deletions(-) create mode 100644 test/plugs/cache_control_test.exs diff --git a/lib/pleroma/web/endpoint.ex b/lib/pleroma/web/endpoint.ex index 9ef30e885..8cd7a2270 100644 --- a/lib/pleroma/web/endpoint.ex +++ b/lib/pleroma/web/endpoint.ex @@ -16,17 +16,32 @@ defmodule Pleroma.Web.Endpoint do plug(Pleroma.Plugs.UploadedMedia) + @static_cache_control "public, no-cache" + # InstanceStatic needs to be before Plug.Static to be able to override shipped-static files # If you're adding new paths to `only:` you'll need to configure them in InstanceStatic as well - plug(Pleroma.Plugs.InstanceStatic, at: "/") + # Cache-control headers are duplicated in case we turn off etags in the future + plug(Pleroma.Plugs.InstanceStatic, + at: "/", + gzip: true, + cache_control_for_etags: @static_cache_control, + headers: %{ + "cache-control" => @static_cache_control + } + ) plug( Plug.Static, at: "/", from: :pleroma, only: - ~w(index.html robots.txt static finmoji emoji packs sounds images instance sw.js sw-pleroma.js favicon.png schemas doc) + ~w(index.html robots.txt static finmoji emoji packs sounds images instance sw.js sw-pleroma.js favicon.png schemas doc), # credo:disable-for-previous-line Credo.Check.Readability.MaxLineLength + gzip: true, + cache_control_for_etags: @static_cache_control, + headers: %{ + "cache-control" => @static_cache_control + } ) plug(Plug.Static.IndexHtml, at: "/pleroma/admin/") diff --git a/test/plugs/cache_control_test.exs b/test/plugs/cache_control_test.exs new file mode 100644 index 000000000..45151b289 --- /dev/null +++ b/test/plugs/cache_control_test.exs @@ -0,0 +1,20 @@ +# Pleroma: A lightweight social networking server +# Copyright © 2017-2018 Pleroma Authors +# SPDX-License-Identifier: AGPL-3.0-only + +defmodule Pleroma.Web.CacheControlTest do + use Pleroma.Web.ConnCase + alias Plug.Conn + + test "Verify Cache-Control header on static assets", %{conn: conn} do + conn = get(conn, "/index.html") + + assert Conn.get_resp_header(conn, "cache-control") == ["public, no-cache"] + end + + test "Verify Cache-Control header on the API", %{conn: conn} do + conn = get(conn, "/api/v1/instance") + + assert Conn.get_resp_header(conn, "cache-control") == ["max-age=0, private, must-revalidate"] + end +end From bbea5691da67916151a883f09e24da7c2e27d9ba Mon Sep 17 00:00:00 2001 From: Sergey Suprunenko Date: Fri, 24 May 2019 20:34:23 +0000 Subject: [PATCH 162/170] Mention all people in the beginning of DM --- lib/pleroma/formatter.ex | 2 +- test/formatter_test.exs | 10 ++++++---- 2 files changed, 7 insertions(+), 5 deletions(-) diff --git a/lib/pleroma/formatter.ex b/lib/pleroma/formatter.ex index 3e3b9fe97..607843a5b 100644 --- a/lib/pleroma/formatter.ex +++ b/lib/pleroma/formatter.ex @@ -8,7 +8,7 @@ defmodule Pleroma.Formatter do alias Pleroma.User alias Pleroma.Web.MediaProxy - @safe_mention_regex ~r/^(\s*(?@.+?\s+)+)(?.*)/s + @safe_mention_regex ~r/^(\s*(?(@.+?\s+){1,})+)(?.*)/s @link_regex ~r"((?:http(s)?:\/\/)?[\w.-]+(?:\.[\w\.-]+)+[\w\-\._~%:/?#[\]@!\$&'\(\)\*\+,;=.]+)|[0-9a-z+\-\.]+:[0-9a-z$-_.+!*'(),]+"ui @markdown_characters_regex ~r/(`|\*|_|{|}|[|]|\(|\)|#|\+|-|\.|!)/ diff --git a/test/formatter_test.exs b/test/formatter_test.exs index 47b91b121..bfa673049 100644 --- a/test/formatter_test.exs +++ b/test/formatter_test.exs @@ -184,17 +184,19 @@ test "does not give a replacement for single-character local nicknames who don't test "given the 'safe_mention' option, it will only mention people in the beginning" do user = insert(:user) - _other_user = insert(:user) + other_user = insert(:user) third_user = insert(:user) - text = " @#{user.nickname} hey dude i hate @#{third_user.nickname}" + text = " @#{user.nickname} @#{other_user.nickname} hey dudes i hate @#{third_user.nickname}" {expected_text, mentions, [] = _tags} = Formatter.linkify(text, safe_mention: true) - assert mentions == [{"@#{user.nickname}", user}] + assert mentions == [{"@#{user.nickname}", user}, {"@#{other_user.nickname}", other_user}] assert expected_text == "@#{user.nickname} hey dude i hate @#{user.nickname} @#{other_user.nickname} hey dudes i hate @#{third_user.nickname}" end From 9415932af5829f2aa19e362076e0653dd1ce9c5a Mon Sep 17 00:00:00 2001 From: Aaron Tinio Date: Sat, 25 May 2019 08:15:12 +0800 Subject: [PATCH 163/170] Keep nodeinfo available when not federating --- .../web/nodeinfo/nodeinfo_controller.ex | 2 - test/web/node_info_test.exs | 80 ++++--------------- 2 files changed, 16 insertions(+), 66 deletions(-) diff --git a/lib/pleroma/web/nodeinfo/nodeinfo_controller.ex b/lib/pleroma/web/nodeinfo/nodeinfo_controller.ex index 3bf2a0fbc..45f90c579 100644 --- a/lib/pleroma/web/nodeinfo/nodeinfo_controller.ex +++ b/lib/pleroma/web/nodeinfo/nodeinfo_controller.ex @@ -12,8 +12,6 @@ defmodule Pleroma.Web.Nodeinfo.NodeinfoController do alias Pleroma.Web.ActivityPub.MRF alias Pleroma.Web.Federator.Publisher - plug(Pleroma.Web.FederatingPlug) - def schemas(conn, _params) do response = %{ links: [ diff --git a/test/web/node_info_test.exs b/test/web/node_info_test.exs index 2fc42b7cc..be1173513 100644 --- a/test/web/node_info_test.exs +++ b/test/web/node_info_test.exs @@ -7,6 +7,22 @@ defmodule Pleroma.Web.NodeInfoTest do import Pleroma.Factory + test "GET /.well-known/nodeinfo", %{conn: conn} do + links = + conn + |> get("/.well-known/nodeinfo") + |> json_response(200) + |> Map.fetch!("links") + + Enum.each(links, fn link -> + href = Map.fetch!(link, "href") + + conn + |> get(href) + |> json_response(200) + end) + end + test "nodeinfo shows staff accounts", %{conn: conn} do moderator = insert(:user, %{local: true, info: %{is_moderator: true}}) admin = insert(:user, %{local: true, info: %{is_admin: true}}) @@ -32,70 +48,6 @@ test "nodeinfo shows restricted nicknames", %{conn: conn} do result["metadata"]["restrictedNicknames"] end - test "returns 404 when federation is disabled", %{conn: conn} do - instance = - Application.get_env(:pleroma, :instance) - |> Keyword.put(:federating, false) - - Application.put_env(:pleroma, :instance, instance) - - conn - |> get("/.well-known/nodeinfo") - |> json_response(404) - - conn - |> get("/nodeinfo/2.1.json") - |> json_response(404) - - instance = - Application.get_env(:pleroma, :instance) - |> Keyword.put(:federating, true) - - Application.put_env(:pleroma, :instance, instance) - end - - test "returns 200 when federation is enabled", %{conn: conn} do - conn - |> get("/.well-known/nodeinfo") - |> json_response(200) - - conn - |> get("/nodeinfo/2.1.json") - |> json_response(200) - end - - test "returns 404 when federation is disabled (nodeinfo 2.0)", %{conn: conn} do - instance = - Application.get_env(:pleroma, :instance) - |> Keyword.put(:federating, false) - - Application.put_env(:pleroma, :instance, instance) - - conn - |> get("/.well-known/nodeinfo") - |> json_response(404) - - conn - |> get("/nodeinfo/2.0.json") - |> json_response(404) - - instance = - Application.get_env(:pleroma, :instance) - |> Keyword.put(:federating, true) - - Application.put_env(:pleroma, :instance, instance) - end - - test "returns 200 when federation is enabled (nodeinfo 2.0)", %{conn: conn} do - conn - |> get("/.well-known/nodeinfo") - |> json_response(200) - - conn - |> get("/nodeinfo/2.0.json") - |> json_response(200) - end - test "returns software.repository field in nodeinfo 2.1", %{conn: conn} do conn |> get("/.well-known/nodeinfo") From 9bec891eb4d5d06e6bd84dd2c95259d2c1a4f563 Mon Sep 17 00:00:00 2001 From: William Pitcock Date: Sat, 25 May 2019 04:24:21 +0000 Subject: [PATCH 164/170] kill @httpoison --- config/config.exs | 1 - lib/pleroma/object/fetcher.ex | 5 ++--- lib/pleroma/reverse_proxy.ex | 5 +++-- lib/pleroma/uploaders/mdii.ex | 5 ++--- lib/pleroma/web/activity_pub/publisher.ex | 5 ++--- .../web/mastodon_api/mastodon_api_controller.ex | 4 ++-- lib/pleroma/web/ostatus/ostatus.ex | 7 +++---- lib/pleroma/web/salmon/salmon.ex | 5 ++--- lib/pleroma/web/web_finger/web_finger.ex | 9 ++++----- lib/pleroma/web/websub/websub.ex | 11 +++++------ 10 files changed, 25 insertions(+), 32 deletions(-) diff --git a/config/config.exs b/config/config.exs index e90821d66..01827fb5f 100644 --- a/config/config.exs +++ b/config/config.exs @@ -186,7 +186,6 @@ config :pleroma, :websub, Pleroma.Web.Websub config :pleroma, :ostatus, Pleroma.Web.OStatus -config :pleroma, :httpoison, Pleroma.HTTP config :tesla, adapter: Tesla.Adapter.Hackney # Configures http settings, upstream proxy etc. diff --git a/lib/pleroma/object/fetcher.ex b/lib/pleroma/object/fetcher.ex index bb9388d4f..ca980c629 100644 --- a/lib/pleroma/object/fetcher.ex +++ b/lib/pleroma/object/fetcher.ex @@ -1,4 +1,5 @@ defmodule Pleroma.Object.Fetcher do + alias Pleroma.HTTP alias Pleroma.Object alias Pleroma.Object.Containment alias Pleroma.Web.ActivityPub.Transmogrifier @@ -6,8 +7,6 @@ defmodule Pleroma.Object.Fetcher do require Logger - @httpoison Application.get_env(:pleroma, :httpoison) - defp reinject_object(data) do Logger.debug("Reinjecting object #{data["id"]}") @@ -78,7 +77,7 @@ def fetch_and_contain_remote_object_from_id(id) do with true <- String.starts_with?(id, "http"), {:ok, %{body: body, status: code}} when code in 200..299 <- - @httpoison.get( + HTTP.get( id, [{:Accept, "application/activity+json"}] ), diff --git a/lib/pleroma/reverse_proxy.ex b/lib/pleroma/reverse_proxy.ex index a3f177fec..6e5feb4c3 100644 --- a/lib/pleroma/reverse_proxy.ex +++ b/lib/pleroma/reverse_proxy.ex @@ -3,6 +3,8 @@ # SPDX-License-Identifier: AGPL-3.0-only defmodule Pleroma.ReverseProxy do + alias Pleroma.HTTP + @keep_req_headers ~w(accept user-agent accept-encoding cache-control if-modified-since) ++ ~w(if-unmodified-since if-none-match if-range range) @resp_cache_headers ~w(etag date last-modified cache-control) @@ -60,7 +62,6 @@ defmodule Pleroma.ReverseProxy do """ @hackney Application.get_env(:pleroma, :hackney, :hackney) - @httpoison Application.get_env(:pleroma, :httpoison, HTTPoison) @default_hackney_options [] @@ -97,7 +98,7 @@ def call(conn = %{method: method}, url, opts) when method in @methods do hackney_opts = @default_hackney_options |> Keyword.merge(Keyword.get(opts, :http, [])) - |> @httpoison.process_request_options() + |> HTTP.process_request_options() req_headers = build_req_headers(conn.req_headers, opts) diff --git a/lib/pleroma/uploaders/mdii.ex b/lib/pleroma/uploaders/mdii.ex index 190ed9f3a..237544337 100644 --- a/lib/pleroma/uploaders/mdii.ex +++ b/lib/pleroma/uploaders/mdii.ex @@ -4,11 +4,10 @@ defmodule Pleroma.Uploaders.MDII do alias Pleroma.Config + alias Pleroma.HTTP @behaviour Pleroma.Uploaders.Uploader - @httpoison Application.get_env(:pleroma, :httpoison) - # MDII-hosted images are never passed through the MediaPlug; only local media. # Delegate to Pleroma.Uploaders.Local def get_file(file) do @@ -25,7 +24,7 @@ def put_file(upload) do query = "#{cgi}?#{extension}" with {:ok, %{status: 200, body: body}} <- - @httpoison.post(query, file_data, [], adapter: [pool: :default]) do + HTTP.post(query, file_data, [], adapter: [pool: :default]) do remote_file_name = String.split(body) |> List.first() public_url = "#{files}/#{remote_file_name}.#{extension}" {:ok, {:url, public_url}} diff --git a/lib/pleroma/web/activity_pub/publisher.ex b/lib/pleroma/web/activity_pub/publisher.ex index 11dba87de..8f1399ce6 100644 --- a/lib/pleroma/web/activity_pub/publisher.ex +++ b/lib/pleroma/web/activity_pub/publisher.ex @@ -5,6 +5,7 @@ defmodule Pleroma.Web.ActivityPub.Publisher do alias Pleroma.Activity alias Pleroma.Config + alias Pleroma.HTTP alias Pleroma.Instances alias Pleroma.User alias Pleroma.Web.ActivityPub.Relay @@ -16,8 +17,6 @@ defmodule Pleroma.Web.ActivityPub.Publisher do require Logger - @httpoison Application.get_env(:pleroma, :httpoison) - @moduledoc """ ActivityPub outgoing federation module. """ @@ -63,7 +62,7 @@ def publish_one(%{inbox: inbox, json: json, actor: %User{} = actor, id: id} = pa with {:ok, %{status: code}} when code in 200..299 <- result = - @httpoison.post( + HTTP.post( inbox, json, [ diff --git a/lib/pleroma/web/mastodon_api/mastodon_api_controller.ex b/lib/pleroma/web/mastodon_api/mastodon_api_controller.ex index 1ec0f30a1..0fe09c285 100644 --- a/lib/pleroma/web/mastodon_api/mastodon_api_controller.ex +++ b/lib/pleroma/web/mastodon_api/mastodon_api_controller.ex @@ -11,6 +11,7 @@ defmodule Pleroma.Web.MastodonAPI.MastodonAPIController do alias Pleroma.Conversation.Participation alias Pleroma.Filter alias Pleroma.Formatter + alias Pleroma.HTTP alias Pleroma.Notification alias Pleroma.Object alias Pleroma.Object.Fetcher @@ -55,7 +56,6 @@ defmodule Pleroma.Web.MastodonAPI.MastodonAPIController do when action in [:account_register] ) - @httpoison Application.get_env(:pleroma, :httpoison) @local_mastodon_name "Mastodon-Local" action_fallback(:errors) @@ -1691,7 +1691,7 @@ def suggestions(%{assigns: %{user: user}} = conn, _) do |> String.replace("{{user}}", user) with {:ok, %{status: 200, body: body}} <- - @httpoison.get( + HTTP.get( url, [], adapter: [ diff --git a/lib/pleroma/web/ostatus/ostatus.ex b/lib/pleroma/web/ostatus/ostatus.ex index 61515b31e..6ed089d84 100644 --- a/lib/pleroma/web/ostatus/ostatus.ex +++ b/lib/pleroma/web/ostatus/ostatus.ex @@ -3,13 +3,12 @@ # SPDX-License-Identifier: AGPL-3.0-only defmodule Pleroma.Web.OStatus do - @httpoison Application.get_env(:pleroma, :httpoison) - import Ecto.Query import Pleroma.Web.XML require Logger alias Pleroma.Activity + alias Pleroma.HTTP alias Pleroma.Object alias Pleroma.Repo alias Pleroma.User @@ -363,7 +362,7 @@ def get_atom_url(body) do def fetch_activity_from_atom_url(url) do with true <- String.starts_with?(url, "http"), {:ok, %{body: body, status: code}} when code in 200..299 <- - @httpoison.get( + HTTP.get( url, [{:Accept, "application/atom+xml"}] ) do @@ -380,7 +379,7 @@ def fetch_activity_from_html_url(url) do Logger.debug("Trying to fetch #{url}") with true <- String.starts_with?(url, "http"), - {:ok, %{body: body}} <- @httpoison.get(url, []), + {:ok, %{body: body}} <- HTTP.get(url, []), {:ok, atom_url} <- get_atom_url(body) do fetch_activity_from_atom_url(atom_url) else diff --git a/lib/pleroma/web/salmon/salmon.ex b/lib/pleroma/web/salmon/salmon.ex index f25d92fad..9e91a5a40 100644 --- a/lib/pleroma/web/salmon/salmon.ex +++ b/lib/pleroma/web/salmon/salmon.ex @@ -5,11 +5,10 @@ defmodule Pleroma.Web.Salmon do @behaviour Pleroma.Web.Federator.Publisher - @httpoison Application.get_env(:pleroma, :httpoison) - use Bitwise alias Pleroma.Activity + alias Pleroma.HTTP alias Pleroma.Instances alias Pleroma.Keys alias Pleroma.User @@ -138,7 +137,7 @@ def publish_one(%{recipient: %{info: %{salmon: salmon}}} = params), def publish_one(%{recipient: url, feed: feed} = params) when is_binary(url) do with {:ok, %{status: code}} when code in 200..299 <- - @httpoison.post( + HTTP.post( url, feed, [{"Content-Type", "application/magic-envelope+xml"}] diff --git a/lib/pleroma/web/web_finger/web_finger.ex b/lib/pleroma/web/web_finger/web_finger.ex index c5b7d4acb..3fca72de8 100644 --- a/lib/pleroma/web/web_finger/web_finger.ex +++ b/lib/pleroma/web/web_finger/web_finger.ex @@ -3,8 +3,7 @@ # SPDX-License-Identifier: AGPL-3.0-only defmodule Pleroma.Web.WebFinger do - @httpoison Application.get_env(:pleroma, :httpoison) - + alias Pleroma.HTTP alias Pleroma.User alias Pleroma.Web alias Pleroma.Web.Federator.Publisher @@ -176,11 +175,11 @@ def get_template_from_xml(body) do def find_lrdd_template(domain) do with {:ok, %{status: status, body: body}} when status in 200..299 <- - @httpoison.get("http://#{domain}/.well-known/host-meta", []) do + HTTP.get("http://#{domain}/.well-known/host-meta", []) do get_template_from_xml(body) else _ -> - with {:ok, %{body: body}} <- @httpoison.get("https://#{domain}/.well-known/host-meta", []) do + with {:ok, %{body: body}} <- HTTP.get("https://#{domain}/.well-known/host-meta", []) do get_template_from_xml(body) else e -> {:error, "Can't find LRDD template: #{inspect(e)}"} @@ -209,7 +208,7 @@ def finger(account) do end with response <- - @httpoison.get( + HTTP.get( address, Accept: "application/xrd+xml,application/jrd+json" ), diff --git a/lib/pleroma/web/websub/websub.ex b/lib/pleroma/web/websub/websub.ex index 7ad0414ab..b61f388b8 100644 --- a/lib/pleroma/web/websub/websub.ex +++ b/lib/pleroma/web/websub/websub.ex @@ -5,6 +5,7 @@ defmodule Pleroma.Web.Websub do alias Ecto.Changeset alias Pleroma.Activity + alias Pleroma.HTTP alias Pleroma.Instances alias Pleroma.Repo alias Pleroma.User @@ -24,9 +25,7 @@ defmodule Pleroma.Web.Websub do @behaviour Pleroma.Web.Federator.Publisher - @httpoison Application.get_env(:pleroma, :httpoison) - - def verify(subscription, getter \\ &@httpoison.get/3) do + def verify(subscription, getter \\ &HTTP.get/3) do challenge = Base.encode16(:crypto.strong_rand_bytes(8)) lease_seconds = NaiveDateTime.diff(subscription.valid_until, subscription.updated_at) lease_seconds = lease_seconds |> to_string @@ -207,7 +206,7 @@ def subscribe(subscriber, subscribed, requester \\ &request_subscription/1) do requester.(subscription) end - def gather_feed_data(topic, getter \\ &@httpoison.get/1) do + def gather_feed_data(topic, getter \\ &HTTP.get/1) do with {:ok, response} <- getter.(topic), status when status in 200..299 <- response.status, body <- response.body, @@ -236,7 +235,7 @@ def gather_feed_data(topic, getter \\ &@httpoison.get/1) do end end - def request_subscription(websub, poster \\ &@httpoison.post/3, timeout \\ 10_000) do + def request_subscription(websub, poster \\ &HTTP.post/3, timeout \\ 10_000) do data = [ "hub.mode": "subscribe", "hub.topic": websub.topic, @@ -294,7 +293,7 @@ def publish_one(%{xml: xml, topic: topic, callback: callback, secret: secret} = Logger.info(fn -> "Pushing #{topic} to #{callback}" end) with {:ok, %{status: code}} when code in 200..299 <- - @httpoison.post( + HTTP.post( callback, xml, [ From 80d55d428fedfe4ebc44569c6134908d269db698 Mon Sep 17 00:00:00 2001 From: William Pitcock Date: Sat, 25 May 2019 04:34:16 +0000 Subject: [PATCH 165/170] tests: websub: check only that signature validation succeeds or fails --- config/test.exs | 4 ++-- test/web/websub/websub_controller_test.exs | 6 +----- 2 files changed, 3 insertions(+), 7 deletions(-) diff --git a/config/test.exs b/config/test.exs index 6100989c4..3bc407840 100644 --- a/config/test.exs +++ b/config/test.exs @@ -39,8 +39,8 @@ # Reduce hash rounds for testing config :pbkdf2_elixir, rounds: 1 -config :pleroma, :websub, Pleroma.Web.WebsubMock -config :pleroma, :ostatus, Pleroma.Web.OStatusMock +#config :pleroma, :websub, Pleroma.Web.WebsubMock +#config :pleroma, :ostatus, Pleroma.Web.OStatusMock config :tesla, adapter: Tesla.Mock config :pleroma, :rich_media, enabled: false diff --git a/test/web/websub/websub_controller_test.exs b/test/web/websub/websub_controller_test.exs index 1e69ed01a..bf2ee31ee 100644 --- a/test/web/websub/websub_controller_test.exs +++ b/test/web/websub/websub_controller_test.exs @@ -52,7 +52,7 @@ test "websub subscription confirmation", %{conn: conn} do end describe "websub_incoming" do - test "handles incoming feed updates", %{conn: conn} do + test "accepts incoming feed updates", %{conn: conn} do websub = insert(:websub_client_subscription) doc = "some stuff" signature = Websub.sign(websub.secret, doc) @@ -64,8 +64,6 @@ test "handles incoming feed updates", %{conn: conn} do |> post("/push/subscriptions/#{websub.id}", doc) assert response(conn, 200) == "OK" - - assert length(Repo.all(Activity)) == 1 end test "rejects incoming feed updates with the wrong signature", %{conn: conn} do @@ -80,8 +78,6 @@ test "rejects incoming feed updates with the wrong signature", %{conn: conn} do |> post("/push/subscriptions/#{websub.id}", doc) assert response(conn, 500) == "Error" - - assert Enum.empty?(Repo.all(Activity)) end end end From 56fd7dbdd7e3f1a0bb05430ed4805d8715e54935 Mon Sep 17 00:00:00 2001 From: William Pitcock Date: Sat, 25 May 2019 04:39:32 +0000 Subject: [PATCH 166/170] remove @websub and @ostatus module-level constants --- config/config.exs | 2 -- config/test.exs | 2 -- lib/pleroma/web/federator/federator.ex | 8 +++----- test/support/ostatus_mock.ex | 11 ----------- test/support/websub_mock.ex | 9 --------- test/web/websub/websub_controller_test.exs | 1 - 6 files changed, 3 insertions(+), 30 deletions(-) delete mode 100644 test/support/ostatus_mock.ex delete mode 100644 test/support/websub_mock.ex diff --git a/config/config.exs b/config/config.exs index 01827fb5f..68168b279 100644 --- a/config/config.exs +++ b/config/config.exs @@ -184,8 +184,6 @@ "application/ld+json" => ["activity+json"] } -config :pleroma, :websub, Pleroma.Web.Websub -config :pleroma, :ostatus, Pleroma.Web.OStatus config :tesla, adapter: Tesla.Adapter.Hackney # Configures http settings, upstream proxy etc. diff --git a/config/test.exs b/config/test.exs index 3bc407840..41cddb9bd 100644 --- a/config/test.exs +++ b/config/test.exs @@ -39,8 +39,6 @@ # Reduce hash rounds for testing config :pbkdf2_elixir, rounds: 1 -#config :pleroma, :websub, Pleroma.Web.WebsubMock -#config :pleroma, :ostatus, Pleroma.Web.OStatusMock config :tesla, adapter: Tesla.Mock config :pleroma, :rich_media, enabled: false diff --git a/lib/pleroma/web/federator/federator.ex b/lib/pleroma/web/federator/federator.ex index 6b0b75284..f4c9fe284 100644 --- a/lib/pleroma/web/federator/federator.ex +++ b/lib/pleroma/web/federator/federator.ex @@ -11,13 +11,11 @@ defmodule Pleroma.Web.Federator do alias Pleroma.Web.ActivityPub.Utils alias Pleroma.Web.Federator.Publisher alias Pleroma.Web.Federator.RetryQueue + alias Pleroma.Web.OStatus alias Pleroma.Web.Websub require Logger - @websub Application.get_env(:pleroma, :websub) - @ostatus Application.get_env(:pleroma, :ostatus) - def init do # 1 minute Process.sleep(1000 * 60) @@ -87,12 +85,12 @@ def perform(:verify_websub, websub) do "Running WebSub verification for #{websub.id} (#{websub.topic}, #{websub.callback})" end) - @websub.verify(websub) + Websub.verify(websub) end def perform(:incoming_doc, doc) do Logger.info("Got document, trying to parse") - @ostatus.handle_incoming(doc) + OStatus.handle_incoming(doc) end def perform(:incoming_ap_doc, params) do diff --git a/test/support/ostatus_mock.ex b/test/support/ostatus_mock.ex deleted file mode 100644 index 9c0f2f323..000000000 --- a/test/support/ostatus_mock.ex +++ /dev/null @@ -1,11 +0,0 @@ -# Pleroma: A lightweight social networking server -# Copyright © 2017-2018 Pleroma Authors -# SPDX-License-Identifier: AGPL-3.0-only - -defmodule Pleroma.Web.OStatusMock do - import Pleroma.Factory - - def handle_incoming(_doc) do - insert(:note_activity) - end -end diff --git a/test/support/websub_mock.ex b/test/support/websub_mock.ex deleted file mode 100644 index e3d5a5b16..000000000 --- a/test/support/websub_mock.ex +++ /dev/null @@ -1,9 +0,0 @@ -# Pleroma: A lightweight social networking server -# Copyright © 2017-2018 Pleroma Authors -# SPDX-License-Identifier: AGPL-3.0-only - -defmodule Pleroma.Web.WebsubMock do - def verify(sub) do - {:ok, sub} - end -end diff --git a/test/web/websub/websub_controller_test.exs b/test/web/websub/websub_controller_test.exs index bf2ee31ee..f79745d58 100644 --- a/test/web/websub/websub_controller_test.exs +++ b/test/web/websub/websub_controller_test.exs @@ -5,7 +5,6 @@ defmodule Pleroma.Web.Websub.WebsubControllerTest do use Pleroma.Web.ConnCase import Pleroma.Factory - alias Pleroma.Activity alias Pleroma.Repo alias Pleroma.Web.Websub alias Pleroma.Web.Websub.WebsubClientSubscription From 79503ce90f6d85f00ee9e2dbc6358df2237d5036 Mon Sep 17 00:00:00 2001 From: William Pitcock Date: Sun, 26 May 2019 01:57:22 +0000 Subject: [PATCH 167/170] mrf: simple policy: fix matching imported activitypub and ostatus statuses --- CHANGELOG.md | 1 + .../web/activity_pub/mrf/simple_policy.ex | 3 +-- .../activity_pub/mrf/simple_policy_test.exs | 18 ++++++++++++++++++ 3 files changed, 20 insertions(+), 2 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 7869e299b..f689160e9 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -113,6 +113,7 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/). - Mastodon API: Exposing default scope of the user to anyone - Mastodon API: Make `irreversible` field default to `false` [`POST /api/v1/filters`] - User-Agent is now sent correctly for all HTTP requests. +- MRF: Simple policy now properly delists imported or relayed statuses ## Removed - Configuration: `config :pleroma, :fe` in favor of the more flexible `config :pleroma, :frontend_configurations` diff --git a/lib/pleroma/web/activity_pub/mrf/simple_policy.ex b/lib/pleroma/web/activity_pub/mrf/simple_policy.ex index 890d70a7a..433d23c5f 100644 --- a/lib/pleroma/web/activity_pub/mrf/simple_policy.ex +++ b/lib/pleroma/web/activity_pub/mrf/simple_policy.ex @@ -74,8 +74,7 @@ defp check_ftl_removal(%{host: actor_host} = _actor_info, object) do actor_host ), user <- User.get_cached_by_ap_id(object["actor"]), - true <- "https://www.w3.org/ns/activitystreams#Public" in object["to"], - true <- user.follower_address in object["cc"] do + true <- "https://www.w3.org/ns/activitystreams#Public" in object["to"] do to = List.delete(object["to"], "https://www.w3.org/ns/activitystreams#Public") ++ [user.follower_address] diff --git a/test/web/activity_pub/mrf/simple_policy_test.exs b/test/web/activity_pub/mrf/simple_policy_test.exs index 3d1f26e60..0fd68e103 100644 --- a/test/web/activity_pub/mrf/simple_policy_test.exs +++ b/test/web/activity_pub/mrf/simple_policy_test.exs @@ -145,6 +145,24 @@ test "has a matching host" do assert SimplePolicy.filter(local_message) == {:ok, local_message} end + + test "has a matching host but only as:Public in to" do + {_actor, ftl_message} = build_ftl_actor_and_message() + + ftl_message_actor_host = + ftl_message + |> Map.fetch!("actor") + |> URI.parse() + |> Map.fetch!(:host) + + ftl_message = Map.put(ftl_message, "cc", []) + + Config.put([:mrf_simple, :federated_timeline_removal], [ftl_message_actor_host]) + + assert {:ok, ftl_message} = SimplePolicy.filter(ftl_message) + refute "https://www.w3.org/ns/activitystreams#Public" in ftl_message["to"] + assert "https://www.w3.org/ns/activitystreams#Public" in ftl_message["cc"] + end end defp build_ftl_actor_and_message do From 9f3bcf0efe7fa06e2b8970386c099c1ea2974d0a Mon Sep 17 00:00:00 2001 From: jeff Date: Tue, 28 May 2019 06:49:53 +0000 Subject: [PATCH 168/170] Respect proxy settings federation --- lib/pleroma/http/connection.ex | 2 ++ 1 file changed, 2 insertions(+) diff --git a/lib/pleroma/http/connection.ex b/lib/pleroma/http/connection.ex index 558005c19..c216cdcb1 100644 --- a/lib/pleroma/http/connection.ex +++ b/lib/pleroma/http/connection.ex @@ -32,9 +32,11 @@ def new(opts \\ []) do defp hackney_options(opts) do options = Keyword.get(opts, :adapter, []) adapter_options = Pleroma.Config.get([:http, :adapter], []) + proxy_url = Pleroma.Config.get([:http, :proxy_url], nil) @hackney_options |> Keyword.merge(adapter_options) |> Keyword.merge(options) + |> Keyword.merge(proxy: proxy_url) end end From abc15b6dcca39f62f043fcaf0292443a3dcb3d76 Mon Sep 17 00:00:00 2001 From: feld Date: Tue, 28 May 2019 21:20:24 +0000 Subject: [PATCH 169/170] Improve Varnish config. We set sane headers from the backend now. --- installation/pleroma.vcl | 70 ++++++++++++++++++++-------------------- 1 file changed, 35 insertions(+), 35 deletions(-) diff --git a/installation/pleroma.vcl b/installation/pleroma.vcl index 92153d8ef..154747aa6 100644 --- a/installation/pleroma.vcl +++ b/installation/pleroma.vcl @@ -1,4 +1,4 @@ -vcl 4.0; +vcl 4.1; import std; backend default { @@ -35,24 +35,6 @@ sub vcl_recv { } return(purge); } - - # Pleroma MediaProxy - strip headers that will affect caching - if (req.url ~ "^/proxy/") { - unset req.http.Cookie; - unset req.http.Authorization; - unset req.http.Accept; - return (hash); - } - - # Strip headers that will affect caching from all other static content - # This also permits caching of individual toots and AP Activities - if ((req.url ~ "^/(media|static)/") || - (req.url ~ "(?i)\.(html|js|css|jpg|jpeg|png|gif|gz|tgz|bz2|tbz|mp3|mp4|ogg|webm|svg|swf|ttf|pdf|woff|woff2)$")) - { - unset req.http.Cookie; - unset req.http.Authorization; - return (hash); - } } sub vcl_backend_response { @@ -61,6 +43,12 @@ sub vcl_backend_response { set beresp.do_gzip = true; } + # Retry broken backend responses. + if (beresp.status == 503) { + set bereq.http.X-Varnish-Backend-503 = "1"; + return (retry); + } + # CHUNKED SUPPORT if (bereq.http.x-range ~ "bytes=" && beresp.status == 206) { set beresp.ttl = 10m; @@ -73,8 +61,6 @@ sub vcl_backend_response { return (deliver); } - # Default object caching of 86400s; - set beresp.ttl = 86400s; # Allow serving cached content for 6h in case backend goes down set beresp.grace = 6h; @@ -90,20 +76,6 @@ sub vcl_backend_response { set beresp.ttl = 30s; return (deliver); } - - # Pleroma MediaProxy internally sets headers properly - if (bereq.url ~ "^/proxy/") { - return (deliver); - } - - # Strip cache-restricting headers from Pleroma on static content that we want to cache - if (bereq.url ~ "(?i)\.(js|css|jpg|jpeg|png|gif|gz|tgz|bz2|tbz|mp3|mp4|ogg|webm|svg|swf|ttf|pdf|woff|woff2)$") - { - unset beresp.http.set-cookie; - unset beresp.http.Cache-Control; - unset beresp.http.x-request-id; - set beresp.http.Cache-Control = "public, max-age=86400"; - } } # The synthetic response for 301 redirects @@ -132,10 +104,32 @@ sub vcl_hash { } sub vcl_backend_fetch { + # Be more lenient for slow servers on the fediverse + if bereq.url ~ "^/proxy/" { + set bereq.first_byte_timeout = 300s; + } + # CHUNKED SUPPORT if (bereq.http.x-range) { set bereq.http.Range = bereq.http.x-range; } + + if (bereq.retries == 0) { + # Clean up the X-Varnish-Backend-503 flag that is used internally + # to mark broken backend responses that should be retried. + unset bereq.http.X-Varnish-Backend-503; + } else { + if (bereq.http.X-Varnish-Backend-503) { + if (bereq.method != "POST" && + std.healthy(bereq.backend) && + bereq.retries <= 4) { + # Flush broken backend response flag & try again. + unset bereq.http.X-Varnish-Backend-503; + } else { + return (abandon); + } + } + } } sub vcl_deliver { @@ -145,3 +139,9 @@ sub vcl_deliver { unset resp.http.CR; } } + +sub vcl_backend_error { + # Retry broken backend responses. + set bereq.http.X-Varnish-Backend-503 = "1"; + return (retry); +} From 0159a6dbe97330150d2913c7d7a060151f83f7eb Mon Sep 17 00:00:00 2001 From: William Pitcock Date: Wed, 29 May 2019 10:58:45 +0000 Subject: [PATCH 170/170] router: require oauth_read for searching Search calls are generally expensive and allow unauthenticated users to crawl the instance for user profiles or posts which contain specified keywords. An adversary can build a distributed search engine which not only will consume significant instance resources, but also can be used for undesirable purposes such as datamining. Accordingly, require authenticated access to use the search API endpoints. This acts as a nice balance as it allows guest users to make use of most functionality available in Pleroma FE while ensuring that Pleroma instances are reasonably protected from resource exhaustion. It also removes Pleroma as a potential vector in distributed search engines. --- lib/pleroma/web/router.ex | 20 ++++++++++++++------ 1 file changed, 14 insertions(+), 6 deletions(-) diff --git a/lib/pleroma/web/router.ex b/lib/pleroma/web/router.ex index 352268b96..08c74a742 100644 --- a/lib/pleroma/web/router.ex +++ b/lib/pleroma/web/router.ex @@ -414,7 +414,12 @@ defmodule Pleroma.Web.Router do get("/trends", MastodonAPIController, :empty_array) - get("/accounts/search", MastodonAPIController, :account_search) + scope [] do + pipe_through(:oauth_read) + + get("/search", MastodonAPIController, :search) + get("/accounts/search", MastodonAPIController, :account_search) + end scope [] do pipe_through(:oauth_read_or_public) @@ -431,14 +436,12 @@ defmodule Pleroma.Web.Router do get("/accounts/:id/following", MastodonAPIController, :following) get("/accounts/:id", MastodonAPIController, :user) - get("/search", MastodonAPIController, :search) - get("/pleroma/accounts/:id/favourites", MastodonAPIController, :user_favourites) end end scope "/api/v2", Pleroma.Web.MastodonAPI do - pipe_through([:api, :oauth_read_or_public]) + pipe_through([:api, :oauth_read]) get("/search", MastodonAPIController, :search2) end @@ -480,9 +483,14 @@ defmodule Pleroma.Web.Router do get("/statuses/show/:id", TwitterAPI.Controller, :fetch_status) get("/statusnet/conversation/:id", TwitterAPI.Controller, :fetch_conversation) - get("/search", TwitterAPI.Controller, :search) get("/statusnet/tags/timeline/:tag", TwitterAPI.Controller, :public_and_external_timeline) end + + scope [] do + pipe_through(:oauth_read) + + get("/search", TwitterAPI.Controller, :search) + end end scope "/api", Pleroma.Web do @@ -500,7 +508,7 @@ defmodule Pleroma.Web.Router do end scope "/api", Pleroma.Web, as: :twitter_api_search do - pipe_through([:api, :oauth_read_or_public]) + pipe_through([:api, :oauth_read]) get("/pleroma/search_user", TwitterAPI.Controller, :search_user) end

q$QZdu{IbV>SKTKimMSE!6h-`5 zx!TGnX}M2hbLpV_gjiY1^<6W_24n;`;y$2RFkFBQM|fvQ^1*_MUZL8s#gMoT@+`*> z3M!F=-c7o!ow2m498#rhRMbdq1=!@@tA{P3GiB(ov)KpK^jAH3SQ7rebHL=iAj{be z;0F*R&(UE}5mNiFO#LRYb)fsp5;J*&WhpHsM(`zE{W9TxsI_N|6~fhf2Ogh>b?h4ME8J*DGI15{VMR&{IUi8&cD~97IdoOsi#k4V`SsUE|cADJd==(B4Vz zJA}N2whza1|C1PfFd2wd0>KbDcFL!WsygYngTS?QqWHVpg;uXV(ZJ&at!T=^Nr29q$c{#(^%?!AuQjG_dMNUXvMhJ;p;e7=oet=lpzUoIruPc z>U#4s%>@Ta;QPY`Jl*;NYuMl5RKz`4z{kL0fja(uK&QoT2ZE~s7w~Im0y0t3&nN_( z#o(2k$-B*_0wsGEBt%~tHz!`pv$_!G9Pqjlm@;L)Un~raz#)<>$zz%lj$=9g4LfDx z^#pdk0GrQ+6v6~|x``BHJ}_=2sT!Qcv=^M$_C7bfGYVRoji)McE-gngE)w+Xiwn=O zb%=|s19!HN=p{IQRFgIi#VD4J%U1Ml@gthe&(ObN@UGDqxWZ_9=a>TJxYKk1?!ckl zb{N?ykR^(ag=y=k8`g|=%VeDH;Kauxiv2-tO+UOU){;BMs(P|TsK~S2#FTh=R2VpO zY;hp0AF#G^I4-U>I{5r^)8thC(T>Ug3rRgJ=hwe;Ck9;p?mx{(Y;OE1jkf=5+}-?J zSm2}awAI4Q#&{*4%(nUA3Ze^Xf*Ct&j%xdK5}rFOx==sn*e5^0pr~ud`qatXWrQV- zCHcxiKQ9Epk7GQ4vpsMXH}1X(Gv9w}=o8rmBB}M-24TM#>dfOn?96Gro`ojY3%e%Nq2;v$HX4 zzl3C6bta+|IdQZjTBc=hA(O(-S?SvZpLpN9{x&v65`P%k;|Lq@_we@5?O2?h@{-E~ zgGQ;fq9e9iO6ONx2GKDix07247QNN1f?Acz0}YvnononNwU`Tx5iRrO)BY~g&6S-~ zDG+s{e99OAB37tBM$7~AdYfySO|G|H1Jd2OGjSY{a!NQ-)<0m=-;CqIw`|ghhE{x`k4XhM0RqpW8X}nCc5=A(>L)XW zkl6R;Z8b@)o1YZr-7j2Fzbn204GvL{(wCCdoHp1=7li1I6%|dnIkqt|U9fpP5=lH3 zD#;LZ;tXFi~-fb79V`D+viiGdS1+C1{Jk|4)Yg@IhWe z5CG5wsp4CoY{yDU-EX#}$eW}qdbVzm_CbbBR!wC+q;iR!GxKY(tXI8_6?-go8%dWV z29bpn3F7xNIwZH0tYfVj+E|NlT#ACyUiNEQN4JWcV1kR)oEVqeDDnLMs#RZgSBy`N{4UAT`o`HKVCs!eeWm!Rls~z%5tcbC16$YtSV$=Ct@4KS;%VefuVqh2x{Qpjc7Y@j<5()7epxR zB(49!Nwdl&=V2)xJHnQwi`@=F=Ju8q$J1;tW@3-krixd#Lcndr{rT+|u6KaejLpr1Drw;1f{Av{C7ah|$irUPklWO?~ko-hA?1;RTvbei0t3NmpN zChWpd`T`xL#H&`7iK`gh5U`#w^8J&hKIQrP7kaDDgVrnA;)%?Nu^{dV59-qwzQ zCPg%zPzvAfSCqi+hlUG;JDvEIg*7bI)$^+|P+OJV2mcP(UN0=>eZc2!!N~FD$FVPC zfs!P_NG2$L-#hc`6;;M=+U8;qVB1 zgvdVaLe^>UU+6&B@f3UB94->R4+!3sa{2rafc)ble?lz&_tt@ruI|hmBk;eAQQ*7R zeCU5Nk^qCCKsQ%4ay%!Paohy5Rr6MC<-f31nkpz2f)*d%!lcNYfuXEoZrTna3}aW8 z%C<13%`jOG&l2QwdfS#aoHy*J2CkYkht-*QKP)pawYEj@1Sym35vnBQK&>7LV#Qw} zx7(>$$rF~L?&kt-t6Z4jAP~Z9;3(R`*fiI*Yzd! z2UfRogBnIo3hRf)(|W6e*m@l%5y}KKHkR}Hme8{))TMbf;XvljcBfbaM40SL8zQhv z^%ky9WUTEd8DJu;(IEhC@}NV3hIOTvRocZd#T41o)K6}*vD*h31d#RN(AicEAa@C+|CJsLN4Xzk0;KJ4n&G|k#1qJ!B=KX?-gfClRL~SVv{AO}Nh!X4FLtEej{lkF*1nyM-p1D;A zHH{`Bp{E2}CJ0qx(b)%2*r20t@lf`M zH_Y;2m}aOD7a$1{HT>zxE|fy`{KZF;?bBCr%HVM_jlns!WZ--PY@D?Hc2u%zXxFgh zUF*+FO^6ey;_~sf5rb6YcF!5l+39x%fj`Mx03v&N$v9`w(XirIo3^~2iWd#r z-$Iqbg)02{;gC$e-P6-6b=t8K4wdnyQPSgu8apEU$a791i&T>DL!<-Yoz@PbM_u*I zdw+qRJm@e1UYOj*%XIN#oR&-{p3I%gH=Te-94xqiWg=JEjBQKXJ`t+wL*|chjI=%o zoU5(FD%zAA+oZd%w(~*TXV2L681qv-&I7)-xK8`#gUIJe!2i)K5TXz;_mlshCBSm~ zV}t##D|{2W1(NtzUAGhZi$Ob3G4N1BsfwyEvTHUdkXk|UyM6W`M zU|#X`BL!Rkjyg3+W{R#HK3r`v3JL)cu~8H5m#*4gsAq#7)j6qF%o@BdbP83>1|j~m zV*uXT;QR9Q4qbFqa&qaSvo-p*7;?d91x@?5ZGS9o?`K+$MicVZ%{&zjx7L|I!e3f3 zUkJ`e&BMH~j;SMfVVgLic?w75vGCH=kYdfgTJUwR1b$XaPw5o(E?78@wTsas^R0 z090no0hN6^S1>ag6kd!-2T=NF{Ga>D)pTd)JTzvf$TFhtO`{9(>iDm2)IUkC@z#V{ zM;N_5{QS4hxQ%RZGr{?i*;<47BG#L%TqzKS%y&)~)rfN%ct4->>4V8X-)e&Tthz<; z&gP!Dqbx}}; zxh1jtm}i7+`z7%2)9P|d&@M@KTysM4Lw~IfXuMu7&dH0ucwP~xe$bN#IE9B6Z_Ub9 zqNLZsk?T&C!S!)b$tjuQ@{z9y zu6RY4x0*xSfF#pSb^Yh~Jnj8j_O`B4nT#j+>~$FP@c$UQ*CY7)`)%B~_Fm-G#+QI? zIrpDj1>T>Z3>k7!Tx zZ7ouS0cwUUUB<@>q1eR#A_&UKXN=&BZ8^`-iu^~c@9ZSZOA>!oF?tI?Yi>ge>J+iUNogc82swj8h^^ zvs7-De}#AWHUo%eU|_%wcXOK_|AJKfuEo)=bg2l{G$g6YLnA^NhSYn+y@t=*2RDGT zxGHfQTfaul7CLCymVGh{HzcElFF)wwqFVOYD6YR%H?a^6x)tV*T8$|*@NkObK8E0% zTo7awO&1*uE8JJF?2)sTv6?JwFguaG@XD8Vc`*m5!BVGn8)#M0XQR5~HP)Q);CTlC z*BBH5h^#5wsz#wo;bse|*_GTLz&7u+FUy${vwE@CCQqCJt=IvjZ2M_x#sxVCFo>Y>&}p zVB&idF-2M-o{Srnq-u;g+|8?|LH)c+_nq++hYyxf_m-7=y&ZE4ND1ZCrEwn27lcX= zkL_!T8a@Hkg=!&uGj;~PXJItwT6eX1sAZNTB3=H$vu^+(^<9Q&JN0i=F*Vl4F}`gL z2vitpwO?JS#@0%HE~q29u(iq2>x$4a<=G0e8jO{tQ}0z^{5UxM(2_WKr;=S&AjM=- zZ`+*p$Aotv&vxEcv%Hd*(oE5Ri`HnenYAuUcsZ1F#VJ?x6gyUcRSy%}*dt^V86SkC|c3UkcB)qqhWkg zB4UjTu;}?MjliQFyJf->jP6gmCq>Cs({F8NtE)Hb5XR-|B*Y6Vvv&)=fu!j5YS*S&r0uMNm#~538W4Pxyiqqrkv5HFR`&T@Vg; zI&8FHtm0=?gg`AedR{+iIGwDq<8!rU@Yg|UuDP-b!b+&}PNEj#v8pxyNEWeFf|^Z_ zW?Ka{)ccj~5Z#O1P{9k~`G>3;eWJB(Ro^1-x;|-q_|uCzL&uoTT$yphy(*U3ez~e^xfkHImpG5rF`&w`eo?> z>ujr&*LJp1WD~wn)bGgW{Bv4%KS99ypCR+*SHCh-w?`An z^)@fw@(7Mr>~R0BWH9kM0uPa3F4#;&-i_%vMQZoc#+RN#t zj?DON)Zt8fVG1k9$#kYmfxZqy=n|9OX$t}%1lUhub7t|W1xQRf%GC;cz_X6HM@`YE z)#GynxtpOuLZ?U@I>@hibyL^1(&R!%VM;#bmp6(}0r#_*1D>v-_h%Jr`fGc}#7L!# zn+QBhPnCsX>qxC^E`phRw*6b)E1ml#k1^`9W@-E#+SiRau@ge>uAe)bCi=TNnRa&- zh)!szdpFhTC;q7k;5k0ntsW@KGHf{^#zmFr_CDxb*kK-lq_?&%;1-^8rI3~3Yn|Sb zDb`3SZRg!xBNQ$c^=>MmXpcu1GdI)}MRPyyEXFREA4^i=_T0QyqtkF1yTPsRDcR>= z3x5=i`d(nq)*KL}+qPhRG~VbO_Hsi4ucrYPOXk6^JBWz7uPARs$OlESO%zwaZzVsVbN4F0JYY z{a2u8Hh-A0xw2oft;6DD6=Y!3g+w($$tZeqhm@wN!ou9ZCr}3LgGWN+UZVF(C%9ZWdqtosiM?aEAjR1bVr}5x2X_@zlL)X$4gI!fF&{2CTM09 zkWG@qSMsIaFs9CNa-S+MUzGTRR%RWhY>G~-Dm**N*Hdi)_t)8I{;P(Md$NPF6c%Zw z=JFv_5ITR#G06Ums;vbdbz0{SuklVX%64_2o?u@skVE+qY?4QD1_W#Xf_T!EuHTkm z(+VM+LHn~*EEwZuK0_D`#N{ENjGIwKL5YD4z0m$2*bRp{`=cj-{hHjb0LEhI3)&Bg zK~9wpG8Yp53y?45(dLCm(nibA;O!9c-UpoaXTLwr8x*)cnFCS;UXtJ26xNsn|SWqUmG^Ujs zgKnD*Q{ph3n7V3|c|A8)iYq@gPe~}BPJW!GNw29m=;M9uH{vfr=*^|cLDe9NA?@O2 zaG^zX6)-61ScKf@3>B4XK6dN_nTzD=iwua_XeKHT@a)mB-F%kN<9*~oXDfOm`n#ND zZUgl#2&l9f$@@b4)EVVyWczC}vww-xhd5#n!v$PElB+5qPv6Gv_DI#^uj*sPp2`u``8Yj`r=i_lGsXj-NneHGL4g z;H)5QiP*<*6PBbuEa-@{h+xb6{YWyp>dc!Jx4xvV3QwAnK!*^MsAEtMJi#6>pZWM?I?RWp=a zk5N4B-wbF80dLN5doFlv20Plw9q>_IpPqqPjT6PG`8b1Yf*+?!KnCWt*&E%yMkTWy zp$+2tE!k+3n}beFGz>|Lag}W@?$HU<8uM#MG-$6Y9@1$FQfXX6n5Jo+d~C$igYB>Q zhgR4zjZweA<*bHI1}?u3Sum0xNe<#Tbcgrkf$uo|Q&noPL7w=C(*|~bo;FWmm+t5% zq0}!?PH(fdX26bht<_y|yu=Somm|UFNf$HKu9RtvUee(!0JgPF41U$X0po1MN>)zx zRn!PxuMm-tD)W3i@@XR|XdSkkg%sD&RYUU=JC|?5mc*Qj)EO$g;o$^y#rzH#ngx}H zEm}HdyZ9@ry@{;jt7FF?9H*23>mSPYP_!~%)GN`LMKMkpBDS&|_o>7h_;ECmvc}UJ z5%7KM&qZDCGH&c0H=y}FjF5&rrBN@8kif|69uO>c)SW(d$w4Rqxd&@OGgUGuF7l8F zk2R1%FBne5wGa*#C#>u!(V55WjVdWSc6SF9QSiZQ=@Ycir%(!_Njr<4=FoTwjY7x6 zY)H`efRbL{9X-Oq2h8myOvgzo(^GwjQ7bbF5)BRUSsow(VNm4CES1^7&qBU&6TDGq z$sFI9G7zZd^Nqw3kzSgriI|{FEfbVskD-eA`0G_2OH)})4vfYM@F;-c0>JT!9Vy0v zqIt3~stX9>{6KFMBTa#zwdst%`p6Ka%Ycl4I&3-!_xj>`ebT(aZ^6*L={1CHRQ!#x z{OqiULvBE;snX)Y5Pq$Y!cZe8G_`>;yi8Z}!NXmE%}6btri-tkYGhX{j%J>s#F?Vz z=yK{d7zzLRajoE1I{wR9DnoiwijWZMd?y6m)upML8i|L{+`GZ6XN0FqP4x_yNIx$x zs7qnAVs1>ac8?=${W9>0um7qQgTw=(>F0KH7+B+Rf-88tza1k%6o3Kh8=j8wg5>`% z62W_OT{b97+(cL$(}rk&_$PvZwb$#-$>OeI~qE~VqxL?Nu18lE4C^|g{`a2A=_c$5XtYD{TV>+;NBx1nwYy2p>;OY z#s-7u5Y|rEbjY%_(|+Z^xg(XQnP9Z*1zmp%B>O|X!#uI0ku)HtlU_3E)b5l0JRWJ( zL=Kyxf?M=l)$j7hqj-^L$JtEWXbRCjUK$hS4Ko%TZERjcff`z0?8il|49<%_wY$fT z7fbtm91zDUU8UV_kfb`PSE{VFd#Q{OUde~stPfdNVu~f(&j1+8e`OEEpv$?5EBS6ZfP-5t(E- zIFP*#UTwMjJd1!3kMQ}CGGPUW=H`9BWp|bxus!osaXV{}am@HsLpq)Zsufl17BmPv zRlsDFCUzMw{t(tVx17f)!2-0mc2?I29Ue zYk0b$FtMy@q@Ji3$iD;|$D)%&X~!4%<{ezN`LQ>sB-YZk-j1)vk}BpIvE3`yRWArA zzvGH7tr)}}aLn0YC`v)BrPgFtX44EC*!;^z*`sVP9QWOp0jxBrD?^yZ{M7b78AL#X zmpS7$9mgCgjubv`YD-z(i>d#~N z+^L3K+xyr~8{LLvyn6U`>j&xofcVMT`xZj*B{Drkkma%e-?Z!L!+c2OIN~3Ii@O7o zd?gMS2P=(^z_UTf&op&vz=q4Ke#z&Dq(Xqf|$_b>lwE|;x1v`LDuzo8= zp{+^2x!vrJ?$`SvcejOIdkA0)DMQS9MT1Ivngw5qHj13wt@cGaevtzN{>t?yMxv(d zfWl=gBH1uObb}~;B*FQzO*8C%3zd;#w>aK9^x8Q|{*45{%Mb?9j%WtEa$_{r?6wFd z-LqlpBuY0&ah~a&;AXd*4{H{yvJpTIcQ0tfy0xSlYL{tVdAzu-4*QQWI<9;|`qslFq~3a@k#wM^q}U!xHijKQY~u=N_wl(xl+a5G#S7 z#;r&|v0{TmKM!1Q+}ulLd@<-D&HqNK`xX|1&pw$~|s-?U>1)vPs)<5!nehpoY# zDAe#TM`cGGE%Q`ug_rj#BVwCH9Y_B42Sqcky?i6d0=^6eVA13asf-Af z(O>+Q^HsB<8-e4#a&`o|0~Y*$<696B#g!OFqa$Ord3;Qrl`S>I;No)@eAmH%#mn6R zw*!HCzZFy5PB~i}e8>Rl#JDa$&GbIK7#-2;((rv6e7jhrtwS*znVeaTYw>6gF#Y&< zr5hI^?>?(hHRMc;fa)Z)Thm1J*x?ZENmjA6*^;G@Eqwo^wxJ+3<&SSKLOS$V@uyDp z%ut12e65LPFC*kKborMntDT=(^U$E_`FR{_M&J_>`Op@#xugHC{kpvzGixMD-aC{} zu*vkx4>jroBO5$ljYCDHO7T!aa1452ph?1GFk9BZqVNHve-zkb1)+ea82r&&d~kiw ziJ6NgCoi_Zhm21rE9CJ}$6?x@o$fj;1k2qUJYP~qHP%A`WiR+BKkV-a9teWK3;6gy ze!$K*YXg>GR~P<;wP;}`u`z&X;+Yn>bWnV@O)Irs3H>VCIBKbt{vvIamLsKta3ygZ z*FMWY=7C1Rf6v&mrZX`UB>sz|N?#7F@;5Xx+7l{6^xBHt=MhIF&1T@*|I2`!rVQZj|TKqR4|;%tzi?g01ga^ZBOW8aJ_pZJLXYsjd38*Rsq&^F|D9-7D_UjgQ2W z3|E@pC*=50nnz|ZVu|%Jh=}fac(|uP_8!co0ecS)+|Watr)F+|M28gC%X8;B3YBn) z>e(`9`6@^*4Hv;?wIZI+$4&U=aw;FtrapFB9H6`YFN^#2f-foDO)dnW0Q;Trx&Pmz z%9PO6RV3PlOjJyuLkn>HT&ugsYT->`1?JzRY}q66ERt-xql~f74&6{4Xn{S2nl|EY zsUru?{p?vLQ4$pK<(H=$N1jG(ck{&I+0>cEQ?^>IfL zRVy5>`-7u%@yok1yVRs{2+$@*M|y}P+T=*PdU-fyRvVD~fw^~t_HwJF0RfT^I+ z{EuJ^d8i*N^AJLR4o4ZhN2hJ|!T~hnF`Twn9)gL;^!A3D(|I!6^P%VQFaD@Q%nbPg zo?a@U;#VbZ8P?B#q&H4?)239{V_|)6tJ?|B1na&iVpeQi%;^%_`Sn*8;I!lbr~Sz| zp})&>8O1m;=bvc>x?jn~Z9aI5VXcf+2!)Shmk`+b5_F1Xvx{mM%C+}CejkToi^e$q zMsY(n4Zb*~P|gzVcWp%1$iJnKpKNZsX!y7kb;25B9{S#5w}vh0)ipK@oM$=~7qIxW zmDX~M0)KP&LU|A}jRokuyD}_S{+lt3E2gVYmVh8-bpnTCy*M0 z$r)JlWJi%QkJY0K&`F*xvnPM2WGr1ux&}cHu-Bd^`W+p9|Byl6ClUj3H&W&e)8we> z>443PehIY;g7W@@7kc<=X#&)$bIq()0s(Z6l0Fjtj#IipKs zHzrN{zQCHJOzup+w#@wY>P4MK(&U5*cMpKZyF%Bug@;!?yKngt4x0n+5D)Li^8aN3 z0DwM=ouvOcO+5HXW~g}re(&`?mlI6@D9KVt|*F}=9m^3<9|?hMDlr)c8Q{_A@aU3%r_BS++pI>0Zf zx9sRPC=PridhK#&R`YwQy)}Y-|CVY)zRsc$9){&b1R`$S1FJxyNXG%6wys9UOVTK|tc9nJ9g%74(1W!)ByO1!o(+ z?{4;d!T6u?WeB3xiU*S>=!0Z}nT*dj3SwVo)pOFAdJckT7A_~ta9f(C*z8Fk&oP?y zG*=~t!jwR${7KA?VE0+rSX~jpXV>vd=ot@s8*+**C}M+0{4MZ7am8Qu-1F4hR%eq* zUL(fcp{1r1}^FSNHdS-8GP^2=@19b3D$adwP%r)&^-LfnEkHK#rl3;lEeG8UT69N;-N^Qey z6qk%>jb=4yGh(gtFOo2XF(dKn=7(mlFL;auK``k<2{@)2oCJD}ZdcH64gIl$N(rIO zE+sF#LI74$3Vj}5i?=?>tkU7rCFkptMI&dxuNV*BVx%73uD9mdZ8ei7q^LVz-)C^# zuh9&qUe9%cqB8{)5u%V10}gd@Qt)o%gG00XS}^!K)elA-;Y@*3UK8l2E)G*RgJdN_ zBkb!r(u!r2We#}QX(QM)T|Kr|1<|`_l;tCBTfHVSS%^(#bj2B6ay7^1%2|2Tiz>Pg5}%L;|D0Cj=#+)E`31eB8W;O-`Gg>G=(I! zxu@i`T!PTnyFuO_D8cW0;#Io^uP#EmYZk{ubnG5Y&j*0Xi|1AtwKfTWP-3YK{q9-^ z@XC+*ZX0LjqdETajjc%wHDmR3^V%BrMz^ixDo+92oFr0vHZ1@xM@O%-SXX|mZ2sNe z@Oc>YetW?7G{vtz zzdTZ0nE{Qf^qZ*U=N73Pj78kUV2*CHj2DmHyzDMpyh(~rSp(+|F{kvUccZD|;_Eyu zYjK*}`9}q}gQ8Z205Ut}kI?cU~;BaygB6RKswe-#24D-_-&5b;>|Z)lRPV;jaaN zxhX>0jN<43^&`H1?a{h+Unrq94eX*I$6KtSb_&g2%jq7I@0SAQ+dHsr!Qotf|3OmYoRf#{*?H{6aInm(Hl) z6CSer$&7)RJ9Kv^_T%Ki?hKAeX8qQQbf>i5M<#ZhD@v?7sf*?q2TqUve3+AdfJ#5O zl|70<^OjS_S+kkDn%}u?@@@vwR1(-9PZVjAlmd>v*u~SGP{19YZB|Wk8bdLpbkvB| zOX$~nIT;4CQoUy|*0gHs zymfBE_u9|(`9Sb3=6k=s8y@)?^BC{@f0UN3KZ}t$GBo0Dz&!!K>pef*5R#um#2U<$ zHAAv5uU)&Ez662@rnW+zm#t!n5>!*T+ep~IYfvU&eF!*h!5kpb7A`|X22SBCTQ(3d zT)GTG5R4e2;433V*q9pWIl3oN{8Wjv>$G(dP6 ztq2rtLOv^@hWmFHm3H|0EsPDM!Wf4hg}G9(gnSJsuvLeh!Kj~oEXl5@Ep|sH2n()$ z4dJbMX0qoO;YJ!J4!WJPjlzJ_#nm4x7!>8*Ceb8;fgp=M3F!i{ww&P30%sCkw`{Gw z;o6M5`?1?G3<;eOSznk-%xgtLD9^p4+L=8x@678M(ddQLVS$3MHT6abbxZOu7d7;N zQF;o8{x7b1^O@)D_4PucOZg_9(l9-AQKrv<<8Tf}JZVT{8@zV5iq#j$91QK_oBf}6v^vR#lI zE>QO2O1}PJW<5;YSbcuXk7IDu(5Z6d)MRDotl=5)vgRVa8vv2#PWu6%oeetwLj6Mw zIDKsQcTBD8-fOUc=rmQ`SQ8NSJa&V_WFWk<8KCxF!BjcY(#a})(0 z0sKP>c)lwLfLzF zb)P^Hoy}!FE*C5~A)r$--)V<5 zZF6bq3y}74FrQiiTiW@g-@gKgd@4PO;y;&H1G7>>Rh4McFMe$~5EO^4D`w{L%zHK< zX2#G$K&5zmI_>n_u$07aV7*@!=SIapNqncSewY<`Z4B%Y*l`hFjsFE z=51xDN&Za6bkjRa+DG<=>^FGkeQH2H#=e&keb51S6yH$!{y*hSFQTqiJ9+;zF~*5M z%=(|b&**r*M~&&qSV(y@)Sg#Ki`xt^-8HcLP7f`eS5%HEIsKdCof8$L`Y648V~poL%oZShqIj@br`TB|wbPgrUeo z#iW0_?xZ(IC`TN)HxgaZHgkplSkt*R9Zry{#MZO}Pps@}TFX;@kr00I)!3hwwuElp z@lHsWQQtc+WVAfKt*j74L_oGXKLYjLZX>d752?#x)~75WD=jp~wgQ6mizXHRE0q%QFTV3GGQ7whX9Jf^6 zAlB^t`)hPagf`!ku+oJkQ|`|58)>S(H}+cM1`=;KYPI=^PyxnP5Xt`93CZd=+Ua#p zdfVz(teu^nAyDpZ0yXc7N7{|uA8x*?^nGgK@&F)#zDdk?vOUiJ4^lUI;tq=>tK0aV zuKY>OXzl^W85{wn5IFIi!iJ#VnH@6h#w!J_p0J&zYmhe>7SEb#RNHRRae4PBGJO=f z3jC3R{ILa1Ry*j%az$i=3!!cm3MK^p8FbdR*W)p$NeSVTWdns{mAUD{voOI29t(rC zjtu22L;AU42jYY{%5br#E}Jpvl*4Gx|J3Wte6Xmp1ET^vJ7YTXd{A=Wua}7}0iU|f zC8hfRIb|gkxWw9#62?j>rkghY>2-wNrW`=i{mg;sRDx#i1Q?bVNJlR?$pTxLG)?U_ zL8Br4)SBze#SRfR;qsfNmSsV8Qnty{bVY2Kr7)mr`|OLis|Td8Z?z3;_}@Iocz%nN zJK5Su;^j6hxBqMk!=CW8|g&#@ZR(H7OK)=^n-{aBW*_yy4y)Q3Dvj8tD3fV8`oDmC)MmeHd<|^^~i~186kK-`-fg>0&Zn~`k;2Pb|mjFZYx_t z2z`&u?q(6fKjd+Al5~O4LZ?<8UBAe~J#>{zU49&wNWxH1QC}m( z{oH6%S*nq#VC}F+a7tX!xU|@C<8bFd%IKYv+D91>xb*~8fe0vkX`mhPq4theEF|I1 zGAVu6vb4MtSfcIC4e{b`1BXY5s7Qw^<@F62^v9JT&CZQH{-#9GbH<C z_YxTA-hgTaCe;gt-RK6N@{CPj@)j%WIx}sAhckBw3)NKpmK8L$ez%bkn{U(-SG*lRmp| zq~SqKj-QiV6I)5ucj@rzWS1zpn4?#A!Ye}hc2cuGCx84H?2CU}N9jUkmK4kcAif)z z#}g?ZVzv1a{d-xasXv_F(Fc<<*}NDBtv-fwu`-yGzCIYR-l?{C#HMeU@TO6~i%=`{ zA)yvVAjJ$l?`fB@8W8B)Cg`GUsgrog8?XZ>g{hm+bisluioSMBpfG2_tNg7fD0zag z>Yz6^fl6U)M1lvZ=1xrW_4q+kCErwOR#>veo|6uz8jf&vNLnEVKwxJlB~Hl!y;Oy^ z9{NOML_^Si-gO6+vF%)oJM}A{Z-AbLm=u3Lvy8GZ=nE_Gyfv|6p|v8A{Uf6Tva=;H z{O=DG`KV${S~8|B|35C-g+ZP={mcFlIc~GoCyuzBBwfT#v0wc*J*lmzptwc8&DbTA z6fM>nb9wlb`}Jf$TwN}aAyhmapfR9D7Uzs}>@KlCwb>|YXa1#lQXjU-N+dDvpKjui zoC_24hn!EKoZ9^MQWo|%K$AAt3ec{cuc0D=X#Je9o@lOhnX(=BOsiZQJI}`7$&2N7UX`wN^bVfDYrdOX(^Ph~gC^3h~9PgD={{(=Svq#bMShKkSU=+pgJIL@-1={KCp3Xv`5RoE=ydL2|%iQrM~+ zB?kRU-vWQ@UxciZr6n<#TPppf)vbs%@}S6jsqKbn;PKCYEOAI~!T2$&(%<)g-w<>( zx@whkHnl6`bwD4kZO*^5Ker$Ke(*J_CHh(K88$*r0?Or3K?S+)FqSS@o&M}uh-6UKdZDmmrasqk$FQ_QC4?8ld;D|sTf-4lbtNGXZ>(!}|$ zqbWct<$ZU0VS;`+Mo(Rr3{I4XdVn+kCkuZd!q;Yn9RUAr@V5Za@o~=Ee_glfL40V! zNI(KzO<0a^3sRdGTA`avSSdlC+uThIRcgJ7s+-WV90p7Vad2^l#d+a8 zKOb#40Z*>0NmkBTWK8Gr?b8v6ZzEn;^c>Yy;AGC6}z!CB=m;9fSOYQzo; zX>uze>695AR!>?j2cmk|!E$;vR3j^XopF`-LGPfIrBbmVT7&-)$`_M$xPT+W z=$zv%0KC8rCrt}upy+BW-2 z!45U4g%^_c2;lc}?Cit{ z^*Gb!pJ>eWfcrynK24tpb4k6ku+oE0?hd@l{(_876DvbcsIQUyezHEAg<7pSt+bA- z+;>6o;LaT2Inz{7!SO(0tm$xRd|x!bElTw_13t;Kn-GCyG}e}vQ+65QUs~#@kN~0l z>E+gjUL|I19SpC6b{LxfZPQG{vJ}Y@1qI`V-S3cFnB#{xz>Z!yP$pdRC?;G^SNK*g z6}rp%@>nuIAz%xd+yi;e9_?B~U(7D4jx(VdB;#6y|D%3O08NLsH5$*FF|^PWNp)*~ z6sKq-qE&nUh$P{*bWPOFzlI5bpXH}x^pqoX?)DR@(a_uTRP&+bbG7`9p~Z?$p| z1%kP5ITuN*D_!090%aa>Ar>r$ALR%z97i2*C_>*FbhO!oA*9pIMV-9o9~}6+=aSy8 zzgM`mZD(Qz+rCWQwoDCTw8IX!lUvW9&;n#%!}km~fJ>D%Qwxz50bD;j-c`DFkHF#g zboy@68>7SFyg(6cYZjEksDSQuoZol&EW`RDwq2pSC~)Au9~x6-`7R~5vzgA6Nrj8 z)C2K}mQM5NX6nuJu5_b?cR>EziuaGdKuS=PuJ{y=m25)=ewO3ms0MZR;uJkyqh z<7_$V-s%mzySQBY`4ZearQSIl8t}nFk{xR>PP^>*a)-Op?TYNWrq#Tb0FXR@S5=M z=Z&Vq+bGuen=$J(Lza_PjcjA8!ptwm9|t42&hB2Y^;D8YoeARxllDfrypCyROJb$# zYK@(gAnb4!W!I98Nd+#qxESp$7Cz#d^3Rm%#7VHlxe&i>u!HqnA%}*wN{W6NKEN~* zOxG(d;Z3w?sYo<7Aj?;}%ClmeEyqMe@dnyRx;&f=_Y3nTqg zol^8|`0XjK6ZX4b;S=P?(6oJfjXKM7g#Z3OAC|VTj|5bZ3?eVk9xx~~1dTKWGYctu zAOD*H=}4{grJSlwsDtBkl$GN3#fL|69~gFVo{*9`6i7NGBqfzl5N%CQ;QKYtxh<6; zFFJYnYCOg#hQ(m53`|64k>R;j}S2~E${8v`CrTE9g0v#zv5JLOWzbDA=O6q$@~BP=auz7kq7{VbS%`CLzLTF^H;bJhbf^mM zT(uUi+vbd2636%hc(HSQnw%)-Emy^b znrT`}GKPWkP#plxK3Ubj9K6pN@2T_8btcoXw*@{ZH3~0=U;B89Zx;%O+V@oL)C|!4 zDD@^R#qyNTx>qQz*U7s;Cj!8G@D;>~y=J+q_YuB(B125f9x{1jw=Le6G~!5Myf}t7RNx4XAeGUXOrJ%f&J zk{;?pm)%Eh6rygcbmEausu7dT$Tic7Z`ji838hNH)34pt*ymru2=sebYrqd_$MeYm0=|rJ1q#siPCdT%|u^v7B z2=UW%qH_9#Z5N)1Roz4t+tPy!y*#nvKwYToSKm9zv(I1aA+;(1WwOB*AXZ2RG@Mm5 z=LDL0H?NG)5k;Lu#-AffZg1(!14FK{<@plj*L9C1)aa!R98XAjlw?I5B_GP6t7yu< z#pn~*HJ@46PYT~EG@&c6`OJK-3-loq#nt(R6-2+Ru#L_jM32(E3 zIfFLcOIIZDRQ7kf33yH$zB7Kl8Vv3B0gE0O5EZcA$NK(v)vl_TaPkFv{M{jgxD_`T z6eFVhz?Dk(uYP7}&1M0kaP4wrilE@VD0WJvr9M72x6+?sTxoOZT{eqA*669BcN7KU2ul~&O|14rr9?3QeOQ`I9HcI{moIF&_Yj;Z%;Je;^7rJ7 zb(gbCUEu)LHZ;W;t+0THKNakM2tVvU7;2h&|6Ogs)Pk)4WTVU^7F-m-aH44g2&rSI zE%~^k603c(6R>1G`O}V|8kjoE(;an5nhh=hSxV7p?^g*a?$*KfReW!~3qOxzR;5z{ zajMJ3Uu<(IH;XnO2-o$31l%7_5s#pJfBuk)${X)_l~mXMYD2~tctHahIh}s->*z5! zJ-i+Z>a6d`AR6MSK&B4J$0DVA1O0OzxVxVYZo$AJ0L+y2lhYQG3z~{TNm1t_)LQm& zteVkD;PJnMyi8Do&e_dUV1d^@<~2Xz%~}_@DoEX>7e|UIQ6q8Uf->j*c!sAGbhtyw zkS$2(Kv(8&-%%kk1?&P=@hRRw3#am)n~%8wNH#ZIZlD=Zrj! z(OaMkQAAkj@16^}CeNA7&o*`k+^!tKYd`}8>kM%?KRF~867y8Z!RVf!n-mNG1lR9D zu#ViUyNguRG|gIR|Lzos^{EyH|%79PP0B%bmX6_%N|!z(3f zZO0lblD77ot3J2Gl~wN~EuHk)aV0Ru;x@7tY>OHChJFKFsx6|hdXrpnIudUDulS@e ztVnZhY4F}A++`>0Ytyxbkb|_WwOPHJ#7(5vWo&u`>GOs+ZIy?`W}#BuK8NyfbaYZP zwLG(w!bhS<0Q9ZmV&|4PayGiZb`I23VOXRsMoNrFsH}AmtZs)pdQ{-eLK~mjl9cy1 z%7BhjVZq`ms?N*d^%u|=ZQl1;1Nd)6rTb%e_NZ$Fs+*y1#kyZ{#=arwK_yfA zO@T4!nzu`v2WWPD{+>c@5Eag1Cgl4IQLhCG^dE4_Sh2#-DLz*6{n&6>NKVYdf+1d@EQ{Tgm_#se@PmK!WWr4ada#0@XS?akv zXmsR3uA~69vD)j}B}m6j($2#w=RNxIj!l}4i<_oyzgCV9l3|fcJTwQzp$7HAMV>YD?WGAs*IFRb-;@DiLWt zykRqp%;7qV!$CM`=jDo>vtm8^E;yr$CNkQBlZKr8k2OAp;GB3;6b;`xv?c%*a>O*W ze7&?R$6KZ|??Sp)kGVLu%H!R~-b4rBD*w+;8@NU9{A@s(AE3J~ufrS)E{#j91iJ9k zuMWWaMlb94M7mfgluWyX6Rq0T>tW?kHtzeGFgY1+czMo%S&8%js z;8vPFFR3;`Cuv^rv9ssq<0v-DZ+taLIlO}kGHv*P3w&IK?YaFq>sMSz5S?WKZ5G4# zJh_1W7$kg!`fBjM6Z-&sKMKT1%d0UeuYpjcJ-9M7Sn)m8#Bk%jD}QMIaO%!MhV;V* zSg5T!aJd~((FYPDju%Rrdb!l_M>;8p`=`{i9fpx6p2_W!#aO{aX*v||q=gHXw1XGI zit*qcQ-0@RSx5afMmO>0@`2Kz-h&EXF9#+re=6HLJOTh~getN9QWOjb+~+Otsa_5Z zY%CR^|Jg97`$S=FFaUAt|EG5%x!@$cnFIo$3H94vwi9PAH){0)+%?~fX$q5p45B`yF1 zl&TO&530YFZtxEf-H*0Bp4C$4c}xz)80o#HD@#0ZZ_v-epPKL~t^5i36OWDj6EL}f zBqe+Z*EHX?t?9E6Dxl_I^NYBUX%8sTkdBMxh7raUeD84Y_cOKpa}SZ5S*w93>O464 zr&mR1s5AU=ueDm3jFMW^6l$TgU02#~#n=e=CNY1825{A5UPj}{!b5%fHD*H~?c*54 zD0&M}p#^jCR+V;oQWCbEf4wRo?MtMmJ%e!6Q^UZ$oD9qa_>YY8YrWPXYsQYSO(k^Q zmOCm0wZ75twTqm~_ z@Ii3lHg`m~+kf3dWSK1Z8!tu~+ZGd^UzU1ZoS!Rx{smAG@qolfJowUIa91lB@sqdO zN2OCw_{65_!xsWIZ}&w0;0pIU9gmY+VCFsO)@Sf)tGIoq@I;;#aQ^}fzD)c1yj@Agx_hqj4x^P=Z=sHkj>T2gT#!LL|*zecZ z2d;zwOc9tJyoY;}SllAq7W=)0ThybEVs=GVLROkhu-Q6*q&As#(7^zid|3}=Vmniq zM!|Yy;Yp9I}p8tJ@j38~c!B|DGj%XN65{2w>3 zu2aeICMemIj5_MLm}=7^Hz%v8F9x3rl(%s`uGs!x4j+0O8-%EeQGMygKpeJI+Un0q zVky0*!*p`_W>%j~RU|5SF2t@E<$S8l#Cc1rja2AXIOU**Mp*7J@`|?uOC;8c|4Pr8 zAQkIZW^MZiwX`JBHBZ!5SN+PGFw1~F_}7Gl@+fVVg894)EUrBZ7Ih5n_?5zUI~S+j z!nH#X3ywQPy^72`Pw_|5VT2#KMFlLnJeb%fSi|Pd=ywrB2sN(1%^Kcu1|}QWPmoR{ zp}ie&BIzNOUbE-U;Yn6DxndhA74`*Q0MnV+6XlH!&y6QNF{^Rf0XK(fdlHW)pZbdF z{Law85(eJbt-c{uB?O@%rR4}hOp#q_AXwmGJ&$;vhIF|;Op|%#9qIx9F1XW}Gq>>4e)~zf&sMGXV!xpIQ0+9v}D0r}mVa^SQ&aN!TI zj>ZAr_0~4|O<0r7zW(0S7_do(#7*ft(oJ?!*3X7VrEn{91mSGg!)c;`+)XFDFyo|D zV&j_h{9&Ti4m*cF4vB;s6m^=rS{N`6rjA21{#|Nfrw2C}+gCNea3vsNS& zLWtY7s%m+w9+y|%>|goGD^KYKdLlYGQkMQz|NFi?C8E0gFW@pB2OI<}&_qNOYV{$S zZ=@KmpG(*g1cKsG;yTCVQZ9G`CxE*z=jq0bS?X=ckYQFa2iuhXNEyQ;mOXelW@{?^MXY9aY7|gwYY_;NNbC_cxYa;ZE4KnsCsa-U73_8}W@5#0e*I+V7C_@$4aejs4|OE$*}@ z>XP|?+-0{yLhdcF$EN>j3dSqp|H_>{h-+5+NYHr$Z>6xE|BSCD%&2Ij*tlh;*Q&&ka(V3%v6Wht+K1>kSdUd-f|;&G z(n}Y~M3G?Zj2_HT*>Ne6u`bR}SoA}VMiU2u^+2N_5m6x=0X3 zW4$sxqdq&Lz5wG%p>~Cv(n#|#Smb5i1h7>fe;zkBD`w(0K=sl`Vm8!n5A1sKiFf56 zEtEh^xv?d}D4HY_KPdw$4aMu4k$A3BPq{QI`0glBLZ(ARTp;bTUp)m~aMR$!j;cff zldAR++oXf8`6?-AIoY;>X0}gRJp7>50~_!QEaqaN_Q{zaR8^-sby5S7 zdj!@6J1`YDScWTl?0$YLr|MgoT|HWW!Pqt{CRCMbfY&p&p9s9_SNs>OC4!sZ^Ht~c z)|si(+v4AwVv>frN>6}%&WvPV`{1a~an|P&b;EVC;8x7=6WGQT?-%1|KjF}Lnn6JL z2NUb{B;e&gy=QlV1Hr`bbT0R+gYQm`!r9S?wn;o%6FjzC{3muOARD7;R3@d~nCg)z zQ5IZuuFLmFE_&|@#4MBJsV2w+?6MGaUgKdjmaE!)wY58|8Ih}AC zNSa>CRCb3lS?&?b$lcaPJ_}WvMwKNrJ=S!T_+zJf=y63=vit| zEkdn(ta4Rw(<|a;>lo`s0Y?B2LN77gfSWtKJ^H-z`Ih|7co_KR0J6zP;`}{Ke6WAU zxEAtx{RUs_JywyteHzq6(4MiQLBwA3kwm&)sN)q5#-0zrGeJ><65Ul&0UO-CeVF>a zH#1&4FAV)yRXoNJLXzaomh^1hp5PK1H74hJam6G?bp%SiSzq0{L&G;;bIR??ce;Q2 z5*7XJJ!A)5JIJyS>WuP>L4|xL6X?4Q`Tv;8q@b290=+?nJ&}IO`yi`TFhwbyrNR9gE)0Q@CS@ zyXT0yQWAU5BV}pyUbK6o2O0A6o_Wfyf-el5XDC}B78)*AXIe^E$*7#2tErQo@~5nk zUuF^$`i~xaLe#6OeadPGzs9eOt~CW)DjBbxUj%1A_qOGyObM`qU##I2ZaB+Xh~oR_ z`2K8xO&d4vhGQ!6F{Ljf&!)%8SF%hDFZ2rdpfiZZsC&<8udTtwZ<5#Dc4UF~Tc$Vw zCh5K{W42dnnOo(xBi_in-;X@}Z}vWK9Y31&`$@^S9P;aw7p1^|*Z~|*FT@l>pwBt9 zS&2KqP`HojYQ^4zk){1@u-TM9&Ml{d>TYKnI|Q#vwVAMeWc!Vc;m_wB7g&Wn5<+yE z&E@MY2YA~=VNCX3CfZV1%a*fArdaV=DT;*&K?^p99C@WxHMMatB`su@RTT%0UQ7H9 z{XZMcxFDqc7XdD)Na-90*k#D%4jwGI?FC{9#DV9_+dilz3b_NuL~N!lTPDYHmE*UO zlnHDAjk7D_QZGU^8Lvx=lMAv!lP;@;HDxdTtYfD$JEM}3V2pgSK5Yfuq6WrlM_T>v z4-^6(03M}#3tFLBI4KEMdciXjG8V82jc`b1>{xCKODX*1j8 z>z)kMY38J3TJ#-$b~`r^WF9CTW7+n)xrnST#S9_=sR|d8i#lrr%~~O(Pq|BmoKg7= zi~rs=zD@uZPUUir#l|E0T30#O9~S`IBEMuxS2&p%&0^u?TBvkJY&8F1T>R+gM0FC1Q^u zDB#_gb1VaI_>Ld9qCQeT7AxIQe5DN;#>o&7=g09hFfdlGXDyS$s5#YN3>vW^&p15# z6MA--TUDb$ALI6)Ut{zAq)b1*1%4?pOy5i=zKoWd%DcH*Iw@toil6>b6U3h&Uv!^zM?%Ay$MR zgSwZ!3!b4j2;1=NhTRINRdv+J<1Fh;_IfpFi+ui z`SM}NChvUDDmO8IB6ba1B5Or$y=0$x6dza@s|8jNMQ_ze*AgZUh6;xk0)ZeXFZjJP zW>d44*c60MbaMHmtM zUO&LW|IY6NSKy2JL%{Fw{zbyTM=P{9q6l5%M(`J+b8TtB!BdwZNkEKc`@BY1N!e%H z91>$Wrya-oXByFsOQ9Ho7A?RB01JBrazp!k@RqRIcEC+TQ}owUdJ}>_^M=vHL-E~Y znKjpE{SF@B>!Dd(m>>%ci3w8lidP^v9i5!Z#o4_gm-e#nc zucJO7tKm?I>Fm)*x6otgeR^s`5rb`KW7XwF<9o>gq;03r!s(O{iW@lQc4Gp(>@fV$ zg%ODIIe?WC4(YLG{|5sY|4+o0?=4^mGz5w0uiJ0v_`k?4{+}`{?T!%tZuiB0l@s=t z9@`;F8Pz}W!I(}6a*Ezun$Gr#ToOUdM27Vz+Gf_3}-&C zBj6tTN##oK3Tn!^#f(;~mgzw|Yv;c26cY6Vjv1p}Hl+w08OlTW4#4 zsAVT5_Ydsi{)#a&!ac8(eLfEBOl`d@6oU2CQE zwQ(IvkPzo+eE`jQg1NuBcD&8a#6ibbbSujC8}bgNKtt#yedbdI`8^r_qq~jV9IzE` zubne4RdAKcsozbVx90>UicpOsMMZmEkfKfMG)n5fTy@?9=Si0%(Wr zmIaIvsmLe}y4x`pClo_l6~8_advbhh@I&bfu*_YPo3xz>5zG!kfD56-zMNGQF|zB- zLGJEdMOxh;C;@+0R3)8pB1rM$he^X}3?_X^e5rG8y~-*JG(q<@*w;s#59HSsW_RQ? zp9eVIU_r=aL|z;r_DT>ma<1!#-sW~hGz<&mT!e7mnoLHyT+XlU+N}kZX%4G8rHE>l z;SD{yT3#6XZS?WdBAswY3?)l!DZY8GJlo@hNs8<$2l_o)oo)bmh0Z0}VZUxpc=D{H z(?SlEa@RCX`ifss#LO!Bg1bEQTFVlN9n|@1^G#WuH zisNm+mu}Y+MD-|lDO08wuNEsg7CS>4_w=!_DAHW5L|wUA znJiALr{uAhFp+$bU9c*)2z2;C@;@L0ys_sbxHdAyQ;Y=OnuVKuiqE1AsAiBrQ$|aQ57EJ+UYdf+# zi$QcKgrnmX8e;aF$*T>YDD-4WxQJ|$9Xp#8e-S}t3ymF~ZPa^i$x`na{10 zy57>s9OI3woQH)~Z98Lw$k`6b+Ek{}_L#)h5?n#yDFV4`p0WVL28Qw#4MBFGl}>8g z>NmLXH?ip!Jahjl3D_q8qY^(LM1c<~pbtM1Z=bEj{|IZh@Zb#@1l`}={x>6_m~{=B zmQ?XHDYJoV7bF+G%07215S~SOG5XbgsIaQ#VQSVkfBUoEXqFHNf|wZRggpl|^u56; zpJR;xfN?F6@DMaIDXck)V%RN8!Gz$B&9q?xVb(_Yg*S&~X%xt4TDO9Qy;B6bcIfbE7*DEe)uAE?Y42LTx~}}P=Y0;&Nqxl9g#fTWC^O|h zkH|6vX}1Jw0d|p6AN3PRdHi7HP6CjGL|E(V5xUPq1nlg7a+Gr{7eu=-y0S8z;9MK= zAI%#{5|!jY79i+b3;Aoi{WO6`p^t`R{lQ~{ZtYmUaxW0as)sW|8{a<~2^VKN_WRTe zrA6mAbKJ>n>BD3en7g~byF?eE)91O?T{BQ)uWgO+;yz$85RJ>mMPr1(o0iy`V(68w zdn+3-%0}*KezBVwGNfQKxe>JNml?QF-P2Pz_l2o?hTMb29+%w`WBv;&<074dOtPc+ z!0Z|{uf0LS`}nkADCt?I&@NynW5=7*_rCj} z?R5qdaA!6vmgdfbPW~)Hl-Te)5~E|#18asH!P-l61X(1;@D+3XKSqv$KdMgJ6(qa} z-4<7!58Q7!qX=fOk=Z#+kHLZm@&UL^3l-{T)}%j;NG1t;B|nV|9kb(crZn9r7U## zA9*H2KJ|_6ySWGOpVJ!_>$B{AB6uIhopnt`N=aS02V+BfZ(E$X#mz>k%z+`ch+3{G z5$haMN87eBbdkyY+MMtlDD$*An`>70T}up)?nX^FsRU}tl&wmityB)mA&c_g^S9Zu zeCAe}GC?VUA2#L7Rh#+BjFw0)7x&p(y#0VpU5BK_5k435%;IPRjr7g1HAFr~1cA3; zfyg+&bxQx(41e3L)&D6oHqnEKa}N96u4^A%otpc0)x|okkYw%M464`8$Z~5@VI_-Y zFfm>R-DST`_?a`ox#CsUvbs^~#Cm(z-l!VgzN9!lII>?E&v~iR$d9VHn2Q8)DQCz*veLjh{{2;1qK`* z%O}KcM9B!?5n@?C?l$mx(+hVzqtdCUEtqNuUni3^_L4uPTcw^Zo>4fXz`m+BK{Stm z^*~@CjT-&In01MlDGA2nytt~tWLt3{hIcWwc8Cs(g>Qy<)ofK^K0By`sV5MDNBrx4 z*0k;3afdA${5Rt324Bn67KGxMW_1?mW*J(a9D$RM#Yry#_7^H(2J6|Yvlv3`tcaJK zBpw|o6H9%-MbN3$Vs%R-2~-51ldf99 z1Z|M}lL@zjaozbhRKVHz`l; zUgGj83KJdS$m4PaK?Z-99(M5gqP?cBU+iD(N@yxJge| zx33KL4(Ltl3BU93R~>nN|BGS%Sj6scog3fn`@i2hB;MPd9eIIIyhqGGXsLZ%iw~Qh zEz`hgj)|CHP8UB5olyk^@v)tj2|NX8E4M*5W}$2s!-R299f-BYdK`>r(XoZ{BLVWw z-68D{n|UbWC$i?qr-Ms0`X*l*@?20~SuBFca23%UjL689o&0e+dAXmyQ^-D}ke@TP z8wd5UNUrgwCSbi0cq3QYKC9u+({l>7OzfC?zTnT~XjdggX15~x*$@R24LM}QRuox$pu{ERBv%d^n)grz(uX&P1MtI`g-!& zS1A4hMF|YM5koJim8@!vsA_LyoVnEKa#4D;+yuVIk#dm~J>zM6h7`zFiOAc{()J7+ zPOB|Dsi*=-RERpdvbif-P`OXplP@4YW(qBYi*rjt80)wS#$Je{_TQdFzNU#A%NvRyhp*<4G z-n$eVP5ln5sb@oBJXYB_%z;)oWa|wc=BBwC)W5^GjiQT>MJlHuT(t1tHLy|hPOair{4N6#B6@iN1 zUG>WlBRDaHPR$)OYY$1ODP1fhW`aw^9ixN<9?9aDa^$pnPSqzRgmdtymTL+X^zAsH zcqkP{?RS)=vG^$=-SaPhTk0y{J8J#@nV%5z314foS%67Jg1hg13~`qzM@;r+#Q3=)Rv<3 z$vL$$bt3B3cI_~ISt-uhO5?<}FeCL9rg@eQ>LwS2;3GJ>=+`RA_|@Z&FN z3g_R~ZRkE(*xPq2pRLYzgzsT8gjr^R#esAxH|_jxpTiX8;tcHh2QW@rc85R~PnVba z+{%<11;&+FiF&YtgR_5FE>?J&dl%QkM!I`Ww9CVF?obQ49LCrf#^_X$Fj3Huu1CuU zVKO0BF9v}Iy~^)OoKDH4KF1jR-6gsp=t|42i?-9)p5Fj7=LkRy?QrSsA!_R(q}UwPuR7ZI%H}VQx8BnR(=A~(dou&loYu3DMMZ_7tRz4^BGuK z$w(n7H0_--U!0zqk=!GpQgjNW4vEqMB=Ov{sy085Is3COzMoAA@*!4KrXs9vO=}Cj z3NENS?fRZX5%g*IN^+e~c!{Z2i7kN~x2#$pR2x05&(^rs_$qFBAIxvR+r117cjIn9 z&R)OEOnhA4Gx+~Ub>4m#eD|;I=!$ut%2guI17EJSThVGk4+6=Dt3$U=P%8$5SKh1M zTlmxs-l}aHwV%8zn5b|me1idS`u8KD+%ZB(_O`969K=Q zNl>=tarx~%nw9YztX*!M!wGDYt~`=DYjs9LWjU3+^vME!r`p8O8qpq$NueG`*AA>@ zQ+px!lDhTM4rwN6!`xSA3Y9RO{O$8YMPi)vVtZ{kVt?4UfU4*)Q|M2QuHG${|bQSF`}9@dI-iS2QpVW+K{OED;fP}vg*2zW@Fb*AFHY= z7^u~6pBsaW)5V7)aBGgdSGJCC%@x73V$9Z!#IV->mZb*~YSxPgh*&h#QWd-S)dDED z^_$HepRNv1q^}8{_jCsB?4NB<#)ICy**-P@c2p$JxT(I_AmdD@#e45SCGS7|8l(Q} z^;~)jcXvnMZzkd6ofw(O`r1vPHQ!d)f9GH_&VCBf6lnD?Ef@^{@H>t@Wjl>0g`60q zTaUI!1gaIG-x_Y}HIr6ARO{f8|H_-2+|K(vq1e#|MTdsdR9+o(RwBRl;6LwKZ;>HE zrw^9CN1{uHwD~bKt_*9Xa`uAa{ji*WICe$j4rg8tinfy+{XO`Gc zx>-}YWT@^(m3r?M&sVw~aRjsdMG&0uV*0t)jlkAFlYrVopcax)eSh!mJIj78QCKji z8;ZK{%VgSIxa}Cx(imK*`ZYkzd+8w$Eb0g6aIEwisK{18u?5g1E5)^X#ybRd=>IM3 zUNf$+j2UibTclLWz#;GMdKxcNw>7xHML`XbLBF{AXO|v?+@?6@&TgS$KXvSQI`rp2 zPL~$Xc$eEWTk`D4eue0CZ8%8PO`0-T(Wh6G+On|0->a359QZWg7`=P7i03a4wBcIj zz(Z|wd52yLT%lO1GTHOJDX@(jL=fWPL^Bh{ z!Z-v|$A_;<1#-JbMMB5XtONK6MJ4-vyF}|`@6{DX_xF1@WYi!C$(_spS7+lKut#02 zl+Ry}4qnsqO1`5@6a~sANv#-n#=G&mWIPqn9Rqktd1f|FNHZbfZF&i+&?29Q3Bed# z+0^t~_XT(N25&T5uLJ+y@Zo(cD{(7vrtNvF4k4ejO(OOvx==v4zyXWu)$f#>Y*;<^ zsz%9kEo9kG=~X&^br9{JIh6;Lg!O$IG3?iu2hHyp=N$p_Oi~qV6cypqHA2E(HC7Gv zxG+uVrR`99I0p4tYY~7bGc$N)vWmokBH+saO<=Y#cLO zxFQx$h+WdAdRK_L@1q3m>;m|eQsjfY$_b?npxsBu1UER;KdhBFExBYzQvCrNDzfT;w#5@?fUq%>wzA{K{X&-WI?h4%Lh@oFYC~uEmzvR8INNh(DzH}4zOLRZ( z`)6kK*lb+|MvqbYTg0#_9xSWC;m(!!-YMDG4q z_9yhVDKJa!yiJ$RVU($YuWq^>UZ5sePG1wJCxRO?*p$|Dd%iF2rJ273#MO(B4TVTt z(GP8tX_jQx`S{_tqW%f`?ehB+!;pD=8pQ-N-{@9>@Rs&OXf#HkpvN^`|I}-R zzZ0_9jhVALaIlhCgM&0s+mi+i_#ga18bi6Eit$Fx7S7xlWoK`OL@-wAsRZ+g4oqYG zxeMAQ9zt^bF53hNpR@PCg82OS9oW|iRDw@;O2JXy>~d=%1kGM}9+E+XCm?dVSM>t-SS z9J-e9r`+`yyDXn`^)SBor&{VzS^SxdoEt^0iQ|X6-(fJ(nYLQ1UUPT7*n!`Q*60)2 zaTWuTB8zcN-({Q2v7@JFh{5~Wxz}9=T$t&Bttd?Zl}F8U}<3SdQa+PN_181cV<(c1$Q40H=Sqxe@vYNcV%7FW@FoS#ZD@= zZB=aBww+XL+qUhb;u|Lw->_nJzV05~?-=J7oHO>>d$0AZIT6d*DD1A)mqE8$#iLg~ zvEflZR)V&=#FGSc%y_c{W!dnNQmT;>-d_QL_n|w;H-uhRw@T_SZ|EiheH)bTwMPJzLOu^X>Wj&}#($28At8}%OgRD%#JwkH zR1I3pP1<9@iI=!Jr1a?A4pt=Xx#eM1uj+X98mtSMd;6revM-@PNnpF)OR6?nYb8= zw0hl(6J|5bMwMt~*){|;d3irnm! z4&V=r78>N$!%73X-#0HhzP7lZUin-}AdmEU^+3COe!!Z*rN->dZjv|xudEV$ZZt?9 zaU=QU%A%9ax&GFWD{%*AZ>MQ_TZxWJy?d$nxM|jthyJM3OW=SghEce_#G3{Ky$ys! z#_hPK{tXR)0*zf?t(=a_2BrEN21}0U_7MdRYFHn`EE^^Agp<` z6}Gu^!9m=ew!eG=yC(BpbZteZldG7^1s+5j1Op+-OF(*Y5Hjnr?PE|Mx6r=$MY$hx zt}#C^P1revO8rAocnXtpKdkMj4rtSI?d+9%Mkf|7pQcW+Sw^c8D`&_>fK+y=&YxzX zV8QZXO4fiR#J2ONvZ=b@t@Uq8Wuqs5MBAvY&lgK6>r;aMEa6EM5XkTzXW#<~J)I~* z`nI1~d~^kNyPtU0g=^pi?tFowldye#T)m`@mha)^VgNrvV#rRkeoHQIXgzZacIy^S z^4T?SluQa@G~&!nMxSmiScJ5!LSmnzRZ6p}RqGUFW!8o$EJXjQi24hoEu_^%BwgibsQ?|TFHg+E17$qZ}jnWR<{Rg7YA$^|=AF)%JwsGfx41Yg)}4iqc|jf2AEN7v;Ub&_91`N3lhT>F*UY zh~G;Xou4*MTUd(qH68(97+pcYWpR@Ca6249q55TWK zCWuLk6z97?|6jJlzkZuKQlJxoJg@IxqDW*%z?@@84L8GS{DL-yzD(jWEnyHA+nJ`u zo^2g{LoY_{FAO71nIqly7*^_z5Z~NFf+w~ z^YMs6_mswi|As>btmYIPni+z2iU0yBR+*C2mMuODs+%a68wu5E) zoet{MI+B%IN+_*zAMw!xD{I2&1g16+5ED4!VuFS!XN6QMI7reY z*SwspiwN%%D~B&Rh8}yk=ttK}FUQ|soXf!@uD=Z_i6vkadqzEJIp+<0Qi_`3D)kkI z(@RJUtwEf=0-oZVJ8AQs9!@6@vF!Fe8ZrOnF{tDGcnI_;hM7BY8t81caC+MV`Fh@% zK1*TRPlUCh;!OrItQjJWTY+XvGw{M~>IKo`GYjn?1v|G4Bs^&~dmNp^p(!EDdj>2rIKx@1z>WQ+%RP#> zr1=sn5INUl)%5vi;n0Hf8SZ5mVlUh?n}l{W?EP~QcI-0jGK~PDelv|m@eXeQ_sgC& zXj%Z7Jm@O?ELqQ*yPC0A(7AfYo%0t9q+Bl)RDdQXR{^X|f&|dSVh>MZagGcD%e-D| zfFt!vAExAs$nB$Lwuqs2{KGUigdhe8BTwI8hr-&33dX!VyyeD>N>IZX?M1WA$U%X| z%*|B6SK0Zj+x<`h`D7YR_z;WyFel;H$r8K0s%DPV>C&sNmTu7SqnEOEeJ!cit#A`; zo9?Ex{YG;&OlW5oy?2HAO<~7F*$Nr_@NoCVi0^%Y9OP#FMDOeWfdu*^pipnYvFAPl zc5Wv^)_3q)^l~CvU@<7D?e@iQX;%G${T&?P!Y(7G*-tgL?H7}JxF;=3CslN5NHtgt z>t5N;LB!sA_c(I;KT7Kl3S&+N!Rf^AW3-j)<@NTon~H=pCpnc4OvLaZ&^aomCVG0! z>dB@UVp$c&ix$L8We5?@K4-=OP+q*ePbbSM_r8^n&&T3Tbe7?!0 zlE%uV7!YK-W+X82NC}Rfu8}|>aES=+aFJdmh!43<{lg3-EV08rOq*uIo{K-*5d{sC z@7j&m1=MyB1WY+_#ak5K>^`Qj|0+EkRYRXu`NPBJ3+mCmjV0U?+wu0OPX8VpJ={p@ zh9wvFSKMewIK!ZjW#v(D@SgVLLnjS}gBBW)H8D|3LBkeIo~yD0v9jRASe8)H(?jmu zQ0mNKxyOaU>#g9jyKCq%fAMud<{>Zs8UY4{K3x)4&a8_l>!RW$YDX*95X{_UvuHxt zS`GuxF3vg(nv;`+Plr$01Q)YB*!HLLyJ8MXz4J)Li5N>@x#ncG3n)QJ8m8Tn$3V5! zXu3$|m=2vDliPu%-#8xkj!P|K0)Kp`QqGB{{V#t3{PuRN^&RcKuYU=Bo1vm(LK1QL zc0;82B$UC$7WzX6TUHB`Ca-L2Zpszk_>Ak=jcg7S6fm(gxRV1OVT_#di^46Rm^g8v zL=>Rpm?0Qh2)s1An;LklnM$QCze{s^eZJ337pWeAbk<3D^G`*a9M)ObmNy_Bp)O?T z!%!wuIH(_TD@d8IwU)IzXpI@p9$nUo!FuA^2V7yJ7E85azrTZfE$fR&z$|H3ko6i@+ROk9cZK1G5;zx#0y5IayN6Pb+Ak_()z*0k%)a_<87TUl1 zFs4C|D^B}&J|o9{>@8tz=L{g#=*g7kFijkiVq+S`EhCXZbEVG4@yNrNi+(M(%HG`) zVCuh4?x{bvkAH6-PLv30b`f57fj9ETdapW|MgvEOb&wP2IHYM{xV{SSELvF#t&@uC zLzE_4oGi{SeNF(`$|K#kJ^lcXdXIm9uDza2o;T*-g?lb4pZv_f)yRWhPyaubd!3pM z@dw&|TVUXA=Y`92;*23ltU;L@C3%UbR-v{vJhb356fM}EU#!Hcv`(iO`kpIIRc z;Gp%bE`E7r7g?8yu}fY6{D3gK0UM)co!23VubGzhxAw);U~WgA@sVQ(5X zq&6j!u8bN<2+-`#OR%jun+C!X2V)B5VNwHFJz*M6E3$1O0C{U8i;Q_235_YC2xQmn zi!@r?NrW*-KW>b>}!BRM}@NX_0kOM4|-h6h;du|fidPZuy zwLUo1@=H}dtRtz!B+Pbl@AufL?;wqp&%bRoZsU~UOB{|G8`(j^&?%m#Vv*CSZER%s zIO(11{^<<{P*AMB!9R548d^!*>~)8PYRpEc)`zH7S@cs9aebVA<@X9AH!)1ly)`)0 zy101W^DXPH=`69edK;??|bljNTz-oYDUgYR9*OIzEZIMvlXnZ4GFxo&E1MBO)HAxyvwD7 zTpr46YUdR~m&*sq$K&xfd%nMmg`i0!^X#8W>a6vo_{Go1@3Cr)H72m?TJ3O}(m@L+ z&(iT)*yz%2!Q}#F`S@67okO2eB|>l+8269_*o%kAhe6PyCGA3vpX>DEV9W7|w#ntV z%k`sGieT*`ks7dl5u;bxFn&S|W+{}(v;{BkY|SYH132c?J5G&7bSeZTnBDD(bpw$o zNWA&d1xCMby{U2uqrM2>j6NV)5p~f-uv?!6zQx*kBUeV)L5CyoWY7J}K0hNiEff3o zPdXt{WT9(ILpJ!|bES#D?JrAHpv7B|=Fm#HSFH`W<`Hj6Fs_rfeN|7boJeB@B1nLd zxE#11Sz~WeEokD9c~S(nFsh}NiQ-+Zb+-|_95|sy*TF?=iVX2l5wr~gbJk6j^jzVQ z@8Eij#_OAzV>_~O5>-!!d+{iRX%^ib={C+c*9}W29>VI{_$Mn{89^@SAMnr(hht~4 zeuuj8$tT~VUe61iogm`Z&w#UQrsgk5OQz{2`u};_C-0WYkw0Q=(i!*uMQuZ&tPfu7QwFz(#bZM9%Nyal4tDA}yEO#9$*_-`R0Clp% z)%Kis@c*Ri@V!E4gKi7t$z^x?6Z16t7f-*qjb>?Sdsa2Y2sp>m6N9f?11h%E^Ci(t zt-Py*cwM=QY4(Y>Gkmhc<_pf3De?)^zSzd10tg^xkFxFCEaS!KV_vs<=9JA=)5>!5I8Zuwr zWQ(okoK&daA5a^TlwVf?TgEz5>&<}|HfwP^DMAeET=UY>Z}((~n|_?t)jCWU7Sa?OU^$6d#uXydPO z?ya9HIpD3uGi>1OY{Z+2my8@|zdaX~gv--3J^I{DTQ?^x$y#qB4T1&!RB~DRAmRt| zs+OYYx*sgV+Fsl5*MHlE5%M4R6ERcb83t_7jbHfI zuVa%LQ|UH%)URc3#D~EYgv?H$IG}B`6{E}|rNR{GJ7}AIS{rJRSIw0P+@QZ`-2^Ae z(fAU?gdpy;EDStqCy(8}JJ)R7qf}tf2bf(-=JiUcfOkDUEAs)O{6RQ`1T`11C_5o(jDo{hOl2#eoE&96$kh~^$WUU2%3zKOZSm!ri*j;7W=;S1`x()pFrB1$?Nc&6=F_q zc(z)Prhu~zozMUgSm%6RH>h@p-7y=VH*@H+{X~|L*6?PP2-6?nzbGfFIa&H%dBUqt zK+O{|y6ZG|UzSp~&rfvu8_;d6Q7qZ%f|qItqw`P7(vWEFaX~>>-!9ydqK3`ER|ngQ zO}ZO#(pH8MkK2bF)gojaGvm)qwga2J!hmf5PD(6=Ln7E6BSmaH&Fl_*YV%$GDJpeL zwUml!Uj}6+jmYjgkk!rP2HIuiY)kh7e}*&ek|3K}^{fPng>5J&T>?7z%};rjj00q3 zek5Q~=ngvHthm!54lU2baOm<5`N;I(cw7`cd4Zbm&W2Nj5tiG{)Ut(uV= z0gxX2VxAFkpGGW=YY*IsSPn^Pj?m%DNWu#zA%~autq`smAh>_UEF+0Z3l}z%fy2Jw zqfw%nc`Fw$m{V^Da9BEH%XI~TqPsMZ6uN@*!VjGo-r(axc+CgC#(7?5cgFuJ{YbLd z3Gv|jAbP(k4>%~thHC%;n*B=qpXUY3KJ@|T z=l;sxUOa~58orFVd%cNG?GYnP_*T2u@cc(QYIZ@}&(?+^XRyAT6>P`j5k>`j2OUq1 zCKOu|W^cnZ*0%a&5}4oK!O(%UxL2EqUJazTiH`2qXCvm(lumO{-eI^#oY@DkQaeW- zc!TQUJWga8vzF*vlmwG$VqIR~ZpR%omcPxHEBT#7+6+ji3hgX`FBq6DrF(xh4Te`_ zv2Aw|5Tk3R*9{SB283o*N2GnsEog!FP}7qe zlLlLeDXCtQ4tyJ91Me}iAfJ=28Mh9tG8^^^IF4_~b7b8vm)5{< ztqY?}oaQJ#Qud#92iaySo5;fa6NSMp8%|lD1alwb39~e=0_6{&G%-eklIyACdTDz? zB-seSG7M}zCBBvw^gi=17fi>{INcfDchY_OYCwbcsLsURgjA*+@If2uEF_TudON?) z&|KO&9A1AdVHfB>{gTy1z+;iX_lphF+LgRyVN zi&mGlTIGicU*0I`NkO3}pvPD}FYgtoQ1TfQ)d`;IbS2uv3$^Ru!J49Y1wDC0+`Uxx zBPhISdH$W!20Ip}QksIu>FSj`J2vW!3PJ<`|MhN$(ewnl{QbfPZFpC{FBe841g6iw zOI%!+d`bp%sfBL+34@>B<(N$zG8Y(f8$ z-3ea@iAROLYJ=>AZZ~D-rJeqvf8BYHp03NjS4Le&7;2hEXbc%4pGI{9ths5k(Lw1r z_f6xJNadf8=seZOMiUI!lm}z^OXu0sP)Z^tJ($LilSk)TT}k3bd%i)&fK-jN3m@5w zT#d?etg{V79&f|zL{@+7eRJDplM8rntbTS0c%45;5BPf`EVkR982FzJ>wGlmJ|6aPMzV5n-%mp)`J?&2nV7^xyCpTB^g0T5bCu@7`jo8qqx&}S$$n!ij^pT*N5Bwu)TeL`= zEADUIVG|_whgb+3_KBHQ-m@eZM*DFbI*fm&Kj~ZgWCtkBI{1ZcLXUvC{t>f5$!MgH z2wU+W@iaV}?!*KFnZc2*wax`-GqEd5AL+=CNDYjTI>WRW=2h6Y1DB6K8hi0f-#BST zGl8DQ>PyfGY7U+Az%qKE(kC$YQ#1ehNLpi1&eBFYA56S| zv_tMZ*n_#fyj-sEhItv#Ahzc(EEDmp;INIgGcm`P;KTSZ4MnfubG-tOY zJFb3jn$s67ZGKnodZmvrH=gO2 z4@_P5i^3+{q4YKPfIsxknX#+B699+2>$@Ys@XDaoVIAr4NCdW#@zv(x<;<47sNU2a z?uM3YQG&~lS59(eGN6CY0yB_N{&l6Rfw97l)bfz{5_fHR@#JWn;-Kuc;E<2b@!xSK z_~!D*RuRX8(bsq2Zl&zZ=wXHa`YhnJH!dIlAGF+l|LfoSz12@)3p)X9q{={V|9oo} z5&dtY%n69^6@`#+Dq&vra8rsl1bQpEav}rwv(l3)Zj6so`|gTp_xfDD|E5i>$*qzh zARV&wC{QY7gK!}iWH)Lh0bEmr{-3oLQ|31IY}mEim%C59F2?l-(5#LO3Q;`_a|M1u z4Im$*{d!`?WSa>`nv5A$9i=WzSE;oZ76Z~u1xUIR9PO=El_FM67eotW6Aw74jDxPk z?F;uW=r$(@S3kGqG-XZXQJP;%%!%4}Af-8Vyt^TyY(ybWf*nDLnkK+dnd> z^>01xiYR=0mchq%CQwr`dKM6Fad|3qPr?;S8GH!26h_bJZB($UxP5^dQ6$wJ5HkuF z6oXzCmNq+OQ#4$+=mEOqx^6;LGCSU$;lM$7$Pf?No{*Tfp|(laONGrHK{A5=DvtKN4pjgb421 z{;}F!oOOD&@zdj$7-g(g8K&7As#0z$lHJnNB|MW!474tv8|{XvCAAS)>Jd6MnR-Gp zq|hq1Y_LxM)*?+`LNR6}MU zW-|@YmaCG8?RQeQe0fieG0|=>- z?Ca*m8u9082hbhokxS}(6h((=jP7`~><-7H9;pO$QRf~lDAbN+hR=Zh4vAy^Vn(2= z$xxapc875h(9}m1BdN6ZBEqvhP$2}yi6hjW1c7O|!0A1m@FnH}1YHC+|71ped0Zht5#8JycouHN5%3eB zVIk2BLRD?R_WHyBJr?lv7`L7JN8k2yI5D9iH(*=_m@gT3k?FVXjoE+A4nMF-JsColcI)Xmqxm z&vbXjrA`1zBV=3~N2>dz?9aa`5NR^mh`&QJpLed0^2<#BV+r1fe=udT1MgT@G-ZH*n9X^7|MerOmfa2M(aY_7R7H~+ldiSKw)2wtZT zF)Sw~jSgGCFd=bok(iu&?8YNK+vO`)!BYd3o$2ltX_7`-A>;CyQ*bO*5l2+j3|EXLw`Bv-UWGEVZ6Vd}7_MiCe26)0!GZW*Jqou%6 zX4!NM9MpTgqye8rOodfC!ap%&3h~d5gu$d{WPs}oXTPIyVQ7N{!|@G-2kQeq;XSVb z`BKcKnsd@1LIgER3nFb9!A-?MQk1R4%Ja8iL>=1!@G`#urin0IPIw)kmO8T>xaAmR zlB-p4HhxD{WGy#2R^87dcw!t7XiyE#^c``cw$kyS?LP++ii0JY5d$xlRlEWq@xg@= zgKdKnU-3!@6Hg3$QBUS`?MO1HhVqE2ZgYxqq3F~~Nb+H}7T$TepIPRF7~mvsYtT87 zrf8k79n_V`*V9_yWZ9a=C@i9JkIU z93gUAHQ$E8qf)bwMmiUvR0CSk`?ym=?rLhkHJ;0C=y5G+WP&D zi^`bFA1YggX^T0T-~T?H^oQYlJkBOxQ12(A=|+Z>`m}PO2t7V2+wV5ARA&rj<0ZPU z>uTRL(dd@C%bj`Zs;{8xlk1hcB2XU)tbE@}y}w9ud5?3qhiKe#MO@Um6i+_tOpMG} zH9|>b?h3mSLbnDSM8-opAhTSfpDRw=8CGrAT_sbX+JFrT(RS=~$#89@g9k_T-}dII zJ3F{h;iFjw)me>Zd;Sj`Jr~ZShGcGX^kw`0$>M|ykRMtOD7vLDAOpH zsq`hW&Xtlypn-f>IHP~w#mer%3=gXptga`k<}LTJKu8{ zO+mlu{$Q^vDh_y@F{$jI+%)~f^zFBDb_uJKW%4X;)@yVT=E+kb01JX$y=Czc@74*v zlj!o+UGlD<&yCnXmdpK+7`pUnLghYkyRyn{l6m{R`{w^`oh1ef42a3}z-Il=HEUJ- z6D8#4`C*#ylv1{74PV3F&RbNqEsdqc4}EhNmajuZQHJGjO!FScqUr#D0r?Dj(pebJ z===SMBET;ulb`$Io4lqJy*Ks3=Eb@q4algFPo~Q$!OD<258Ke*=BDVZR(xI%VIhC4 z70wiG4y_P+-7_3fd`|+UnumgHlTu&F939ma?FF-^s7~G(X!(5lC;|Mv&mLrpH9f@TZ z(JWp?q~~3?cKAN537xaGGjzs)yy<(o1&e}ef1QBCr6rRX4(NRK*Q(7TL^awg3=;vP zL$Ie2RiBkFGGxSPq^Pjhk%d`F`8ASu39E$(x$O_eO#N~{w|7jVAk%5d3QInH!_ASd zT7QD#Tp^EXmk!5$0tj+}rvpU6v2I7Hf^bo1S_BIR zPtB-yH+#4#R+)wpl!BCjlucZ&RTR;75UW=;$Zln2Vv;(M6K!2AQv<|;Sn{!u5L12? zVuNIL30OFXR?f!89zRTc0}8KTRqQy+CqzBc#)&Ny3M`mkSy1VVdc+nYw`B`$A;++` z!@-KCff z>UqnAH1J;Q$HQV|p92Mlp0+RG% zC#5XyFWWkZ`QBBQf`_D)jpo0B(BRDp^6+PfUZ>eFS>M0%F@x91FH}aoj@M$cyC_I_ zdLf_xQ?mHgr_KmB!>c)$|1rPw72j_76G0lZY#`;A`nrjRJX_{cCSqEO;a}1fMa_Np zn;(CJNX%^agufWEtXDE$<%P~K=TAe{sKY`(?kofnJorAP5W!2hLBprXan<#-S53lL z>7c@^F2SXNT4tJtPL^>Dr3GEuk=5pr1H*>3*CXI{dgwj({7Y@OAS}Psf+q0PDO0I< z?*~HVy~OY_n$?x2q&e1rmiX!3uNJEOEe&G0)i&7c;QCGQ6+%H9;cQm%=i!zpW zx~nEA%TDP1o_s6Y8|Mz%EOTiE-yrO5WB;w8N5XH=0(Jb41|nP1HX+=QAQ4X&?`~MC?NR1{Fl3~82owPAog2T@BM_6zNTxEoY=;-EB%43bF2{DpU!B&9)iS{YQnnptqXSmYGXi}2L% z3QcP_6mn>}Kc(oY!waMtS|l>If9!R2!>`>AMC)#eh>8xH!C*cz`*-?9VyQPD08(&5 z5t#wJp4RE0ZiaaxePG&}>V4I$sXlNFC09h`Y1UiVJpS|9+2F)TdRCw)`Qzf>+ji zCCsu5-r%o~0Fvj@07~h_WWFX$sX|vG)MHQXATqZ$40;(P(5>4YUyjo_q<$*?E`})l z!g8ev#Ke!66PW%Rc+v$`Q7l=e1I>xd;U^W)z`$N!AL>#=o1e>bV3hDm)dHQyN|E3y zhYEuev-o(fk(-37)za-M6L{?1M?W`S^{rPV zcGgAcYW3v(j4)Q*v4IHx)FWf3n!os`a#qZVM6{PWhh0|nA2rMbLte*;btASULs{ZE zu6*6QnGTFOC&(IaekHS72s{paZ+z%{q(W$4^_XZEHtM;m=beKr77J7|y%FMBl3Q}x zW~*N3BP4&^orzFZ{~iNp_^{_{%p z+2-SzaNuNl#05px7a}y46Rfl)r5hC~NS@tHY!7EqWR)nrJGudlTYpiS zY{Jx|j`5N=Sj+}pu9=v!o(vBy8B=GR3Zni>aXoRKy#wDPO*X=55yqhrGl}Hjx4ncW z-4AxW8YUZsM@X4RUD(5=$jw(Y8W@tl$+&k#G_9FX;He{eI27YPj7>i=;DTYULMTG+ zxCd>YhJKr7vVc2sR=SNQ_`^adtC~MomxAi)fV%(gO_yN>cu7myA4))yz1)+t2n`|rSSkogo!PgsE(cldjL>Ii;o&cDXM`(^ z^#kqM#u^RziPoLQX?j>c)zIXAOy$2QsdI2tHoch~Uq#!FkeP;-%YkCSdtcG|2{nY_ zSUVPrx^6NfNdq{^8cnEt5XuwKHAuYAiYNFC6(yD4m;ZDuNTWJaG8rFYEAFP9?Cl{~ z$PDC`#p{o-3-+n1S+RxJVtz-r!*)F%F?()a^+N)<37VuV2!k!*i=)pAZtRGTUVVfL zU16UP4uT@QP1Cgsrit#pX^tLka=on&yQKmewR~eA;IYsbC?(%PT_z*KI2ve02QHB1 zL0wUI{)R>MIq`N><*G9_?*}WoB5ZYKj~}RAynjfu8Yvo?mq8}7?V>ANV=4%Gc#2aM zY8gJb_u#J7B53^+WxR#t_~M@;2g`LRhA*`;ZT90t7V$!o5#x1im8iYlIC*mvebuMP zA?J=kgGCx-)i$~jrzj(FYYK-N4>+`u5(y8yvuZc2l%}<#uxJS0`->kWaJDdS#)06l zphYN5Fi+sKl+!3%iI%G*WWSjA$BESYj65e%CjqD_)C5evjei9ym%6n`v1E_^()QcSe9?U z*yHi(M$f^=8LXrj)+(%8;EiEWRfjK}O3}WArUM`^&>d#+P{GI=vV-<2s-S;3DVHOX z&4pZNYm9}$X@&`pv})7y?;Nq`K1%WqLa+iP)2a#!X)vscXl0TPk?;~JKMup#1rlJ1 zzF!ip29K?d6K}&rbo%(W&|e%`iU!f1{9QjCp`FFb>>7;HA{bcYnPhGU<=F9hSLetZ zDDeQlAWsbvCrrcVGCrh6ScnMLYFFsaXhuL+pyWw8u$Jcon$DOvZoOxoTkL33QxIHr zT|Gc`y4;1_r0AoYuvrTdz2SqHBP^oBR2EEO{rl~-RwkJ^|6Rto#(;V!7EBvkl|c26 z#N*p?PA$E3%-U;>R`M@-^`+BBcF$LIwe^+^lKJLSt{doZ6& zHMsa&?Kr%#6Sg7rw$)1Z$0fP?P}wkS&LgU*qqz@0*q~=a+ZqE3AUuQjc)@p382{vN zL{*c;r8oy9{}RE(n7M&1QBymwHcT$4nY*w*WQ>`%n$TrM;j%`(yx7*@J2zdmE($%a z^!#iA1Uf$I+QD4*7&TAsIv2qmq?AUX&dDD&>uL8M)rlY>5QF=1ue(1;K`po32z#%o z)6bOwpW;2P_j9&fCH>~oc}r-976jSv+UcYXL~Ak*qcyTy)mOFmfkW<=fR6CV@xRT6Y=->!u^v@nt%DM?sP|mZr+`qF1HNuH%pumWlC0&c zmT!v~ih=CbGMh=~h?OC)s_p@HwSU|y#Nb5{+Ts8w)It0`<0!0?MFC-v%HdIu*o?yl zDq_KbiTPSI-ffti+4MrWCk!FHBVOr8A>x6I@ZlTc zin}ni#|08Djg$HuXWhhb23~E-;ThXCK;BO3s1t1Pv6b%hvi0lovMyPLr?RXuDck3w zd`aN>L_Fzyw&Hhmkd6{&`<_%AzTHPB=fs0_NC+I6W-;#ovT&jmzGD+@<`A$kTiXNl zx63MpGj@j`#L8o#V>Z}U@_TsIP}!3FkX!Q5ZDW;hbz)=(RAD7P-*-u36#I4}wHmk$ z#f%8ls(mxF1X&G{^J_9F=@2Y~jK8CYXjzyrRYK5w5UpbURkVcn_{#*^HkdefB`mx` zrkO+-HRK88@F)s*5uH0VRe$mK+?w@p6Wv=!FXzE)W-gZb`S?H;|7R+%PY{X?wn!~~ zWpARwOef~3XUrClnc;+xA;NL$!0;3YEhi-JFF+VJVhu>?c;D+r^V=c3cunmT=h>yt zv3eJ5G&G6bI3>nH1Pg=xG$Ixe+9|cTK6;O^mjbx$<3*@!xyOK*R)P&(+gaDkE%tjE ztaPe(#i&#O()^35r1)dm%Y{TDKZ7&qPn3mRXYHUSGc42Vzc)Rmh=1+wJ_ zzIiz2<5Pw;4X#yN>|C53wdWp(JA;(tZ5lQo6K~|A8o;AQ#tx9G9|#b5ZFq>6{Qp$> zGeuF(w-D)=gZ8Da={gO0pvw+%hW&+@z(KyPhD4K><)myh%yl-OCv!$KWI(B2)+-b0{Vd6LQ1oCu&vSerLHM!KxfA>O-e$y5yd{igFpu_Zd}LO zCi1Y}?P5XPes#IOT#1e-wr1i)Z>B=hI6q;uxtlUsHkUr4es2T8D#if9;?xsGmNH`u zNxG*f5~+0!jrOx(xl&trU{&aO?Q;aHPX7v#o*G3R7M)bu(7|wTZx7_89S5KTu5qlV zM>~Tuc%|_`-RtDTKEE&pUlEqs=0S+V&d&5lTa1nA&Zr{Md#})oQZnI;2iEN8lKJ(- zjRM^5P%4__y^WC$@kglGY=k~u%N~M~s~Sxs$)dbA`Bx$bFULw=hf7`6%Ryfp|ug%I5;W@g==t3((Xr+SZPjiLnUy!|q2ePOAp^7uI8BYJ)iGCvzHjm53Jm0mxv-KsCm?x; zt0L9}#JLJ*tzfF`)xp|6Y_k;O@|w_4H{k)VU~RE3gRP?8TWNcoT#T$H4nX7O+ifP( z5=kr6`bP3q1N+)*+8JU=uRMVu&MbXhe?h1Z{fpFiig!ET_~GzAQf@B;5@`2f;X` z^5*AD&N^)7HG0SeAMwFHf9Ou)po4zN6FwZcBLjtU6Id)2w+rL340K&-il`7fC1B6; zk<1llAZ|amc3Ppi}xcCt`JmY^>9Xcb~U3$GfSHia`D7=#;JGp7-^wog_ z0N=Y$C|4?Tv@-^UfvKjdMx|FQTfpU7V-@Vz{JF8vG_HsL);uhvin( zXoN=@lKFpahnNjB9O95XfrkUQ1h(R@$*aUHZkYuk`W@6iWLtmT987^&|HiZL%kqK7 z?6|x{8r&R&r(Ft+q5CMktvNVXv{O`^a?YEZM~TK>QhYUKRW2$hlbM@eJk&BjRuKE$ z&4cJnK>9qj7O3OnP5;v`^Ys_i5Utf49m3wn+U?GG-9aUMxsuGF)|P!JNY2g%6q}Jl z?--X%1G?pSd$>-VTlXq?%~^b>w^2xE9@8<)d;v$DCAF#9pXw5nA3s4kU^_wz&#eqV z>sk|3HQr&)Iz`eDtlWtQq5S3~d8>)6$dqCdHCB4Ob2^8#zcj$q&UzB9=5jY;bTsF$ zf;-%iQ?%ZU=Yniegd{*h-U#NSj!z@2Y$x=DIkq89sfKoi+-q&SoZZ2iLeR3AOOR6K z-KAW%`CyLkDF-nPLx{34VCUjP8!^-cYKS*D$VO+%+prw6a%3fUI91dD->l4AN! z&^I(52RVMbU-tW2R@rGW%QHwcSKSQE(k&^AJIJ|D%~FhLX^$_{T*kfq2`X?Za>2C2 z=!r;c56f|=7=xt0h1nfKc~cqrCY&SRI;Ap3JPvhFe?&VfIxi?lpSM=befv%j*x#)HCK^ z6mpX>yTbw^q3m7;v5>M7f7=%WNT4N6i7D_6hBAu$FRr3yjkYK`$J&+j6i!^WcB&Yu zt_o{3YnG#_;!8JR6U(h%hv}utG-GBRpHSwV;Krd@T7$jX@S?13`S~t;t_0A+=gDv(g*L80Ndp*pt~e+I@nb%lXgBd=Ezeki7)7MN#;l|6N@S zV*j4M15KY3xH zDw|Jx?IuS`%myczs~3#7NpTYUMZC8r@MY$Ex~(V=XysgwMwuP9w-21TA_%jPdpu>*B}qR9+{M|C6piBTg4CU@?W;)YgEYp*V0wP1R`F9Dy)$GBBS zK43=xY2Plrt}8q!o`eP>d!ytKf7CCn8D!7M zZ=s_y!MAB?y=gn|(8kz&_t6Pl3cFqD6geXig%$%>%QI22`Vwcduoq~pc)xS_`atEh zKhhDXPEbN7>2b^Iq;<6nAO=Uz>+$4)R%^rN>28Lk90EFxcwfH9T3PyUfO}Rzcv}KD zhw6@@THEZFVBLAgTj(e}zfgXILLs72W! zW?jlf9#e^LF6oT~xEpA??mWR(@>qh&ONfK+kE{lw>*#QCX=Q7*Q&5WxGHdgS_Y7dA zhO1J~ctCD&L6{ygCvJmk9U!KW-TFqp5vu;JCF-lx>I`C0syUWYJ-{-kjL$dQn?_i? zS)}lq18m1al}NUaM{MxxEX+TE=X>M!pBQ)x&{&s`iZFG{^UYFWgK2tQgj~KXJ6sy) ze|&cYZ}UHAENni_~DTW`wdZ}LmlKg_ouI96Ph0ndBB7Ad8>rci@wg^QRF2o9>nI|OiCfcN`}oG zUNrjAx#8o;qdV-xdYI2|QcbZ9`a{Hsmju)R^-;u(S5Zc_ADgt9@HS4t3V%eIUdLRT znx0HIr3)<;;*=@RQik6U@ld0MbdgF48e1<=Sfh+IYyj_S!d4ul_sX-NMqkxc4)Luc zWJ9AQGFMcT!>^eo-I-Ks(}xnB_G-){k2Zp4@Df*vektq6tALdxR8B!IyazFsvKg?j|X%^sOu#&Y~vqDFi8SfL-%~^t;3VaPiKTpdKOQ0 z$AD?h8N00b+Y9m zj;SqKJWX>r#Xs~C--q^8yN_EDcxG@BT76omI7NA*30M_-1|^)TgS-kb*zqp?jAfv)%2`F@5B&uP$O7!qH?Eu_9hz$|2Yjfma zPRs4!(b@_L1=^kFYwQ99jOh_k6c7C=HX4@F0v~=I-5k8U`w#&e9?btcZ+t}(a8`a%!UfB$GPm9+uF!?|+ZLfcy0$}nIfNfLVI}`JX9)#d0i0C^ zM2oNEnbS$~og;URSU-1s%Ts%tC~I}4-{Y${2JY@TmS&>`4T7TKhWfD!J!^11={xxtzaF_59m7*+=zX9x+XwOc<_n6z07 z$}|?DZmGzY@Ls>XL{zQB@cF2uR};st`3Ji<4{eGrCX?umlh=4jq8nT^gSmc|vqXRc z8=j}aAW6%dWc5JY_bF7QNfFlOruxw(MK`Fnme^qf1qHR-<6No{Tb7)mzHA0#*qU}A z-=KN*Ubk^6lA#iz5!V~&H9~nF8?vw1f5Q7+gJAaLd&uslNJEmAb@UEWJMO+4{g>qz zD(xkzq0${mWT0mZ)I*k;VMWN|p3?I6mj1n0BZHTu;Nk}Ypw7wqvJmFcs>eH(-8JH7 z&<$`hv^Mq)zv6*}yDX>2QX7G0H{9v_h0#`T2KXL33Bp~@lIu$KALQ!D#MFP^0!_f8 zih&#c-IWGt6TA@%qxt~00G9?@g07`JH@(AxmsgfD85zhskICWzyJdy>m8PAmdq130zB*O@)Q_1=V+w*b_C_KqQufV+iA zQ@O8TIj?K{=B^%p{twx{7!XEQ@t-GLP?7PQHiOkt4I9uIBc(~Z*Mgjs#Au!~y``f` zdt*L>noF5`Cw(0)m_pZ5xgVgLAN!=pREwf31G~`sEd0~~HrdY>b%enqG)<+feauNq zCao3h5YUV;asLE_q18^4*Nr3>`ZU7jL)Mrfq?~i|AmDQA9_?_^+H}b6 zJQq`f+*I?|*G%@;24^=?!YV;b>5%&^Vbk?W#D6<$E4uXWmFc>@{M7DoC@(J_Ob(sM zc2TtIxUlXq8p0}=YRJ!EWBoUGyg6FnGmO7)OSea6g*?&yw4*cMN8pxcxL)GHyIOH< zq|ydyQPB*rPouY(F$;8nJUVshdRVP=I}EpE@9A7ChtipA?ix}@h~j!XJEg0#V5Xu= zlgTKEu58eyDCAbE>I13@&qn+#*v`$29`?g&S*;2!qS_}~aMcixlma)TCLtfu>Mp_H(t7i=WT>_BU|l8q(8#UIUq*ASkwCs&^gxbv`D#j+tx z;Lx5g)rvDp+K?0c{nM!osHuzqfJ4U0(9EF2M|~8>9Ux?*YIJ_-KXSbpqQ97ObPy&N z-P}g4Ew69XAMRev2`r~m#y?yhP7x#Q2>H4<NIs6sKW?Q`hkHDpW;EMZ5l7PB2?a4t@@?6K(DJj_@PZ`Fhq?ccMMa zy4N3Fk1>QuhNdPSHA=@Qm6zZk=O2m?RMO-p3YOqQa)-tu!o?>Yw-$N!JU5f;y_=M~ zpG5pPA$`h^SuHmR7Wtx8F{WkOPE`y=>9ZDS5|^lND|;$kY(A(qhBe`lZ-Ls+rc>O(+1qTa~@=~wiPr!#|i_MJF9|Mva3ZhBgxRf5CQjcs> zFkrUx-S#d`CI#?mOV6bUIx*lXw!A<(zf&s^##FMwc%Vb=A5g=8yzNtUkNz)8+$2>RM$SC~;vXEc9tcq;{1vfSiroQP_PSO^>)^nmDV;%i0 z!Sw%_xTN!nL9Xi2uRRED+npfgbh$VDP!js89Hx}GwAisnDu|Mfg=CSHAzU2eA0^l% z?nX?m>m0t+3F>evM8XM{q$@q75f*HUaza&_HN2Tt(6xlulMXdL%#LIO@nKWLLhFjh z1i6(mc_&}~D9PWrsG=oJD_YcLQ9(sYxLxo=|IXqJznlJppUU^bo7Lu`zi2`(+LX=L z9347sGs(sDLmXzr6d=J2qYX#UIJ*LS5=$Ez%41L=Zk(|iA>CEa6qZqyX|nN1Sl^@& z3Pw)NNEd+O4p^N4N`h96B!JJIBr;XxGO%^#InkZwImyk`uOv7j4r?h`%{C{|l{;*L z8%K#bVI3AMA-K%oPh*_=pp1ClZ9B`oXJ=Q;evb5fXoF38QzVB{#n81W#B0Jhqdn0f zjqjQ8kf3fP>-%MnR;SE+2z9zoAQpiiIL3#Yy4piwfF&10$Vrxwraa<6LA|lJHEu0d z8l9p1{gJmlhZh4Kuu|o=PG;}hSrZr3 znScz?sAgkF2VdzpaX_sWGC(SXCk~Nl&*rlXh?3aY3T4~(?Ap(q^sz=2tiyDOy*d>Y zLz8pjis>i-Ef9S3SC5`CF`MA&p6os}gRl{Ryj2ZYvLtX`Gj0JgqJf9oZV`#An94;{-5i?pU!ubzqQ4PPU z5t_GCea~pz-t(oFS640QUUc4A4{@9q-a0oBL+@YUF$RHP+Yv5b1UBg_bmAc@o%IA6 z6{@4OAlzdFcX6JGcA;_Qn_4R%Y@u;uCr8=+7uR^(X?B_aXj*?mwNedOr|)LN&mn&x z>r-nX1Tgz5QlDTvJ|Xf;vp08IR+vMetoP?iw+jofRP<#Y%4wfA=_aQt_qDtTm2oCI z^ZtdjtV~dLu%z`$prlM!Pf!;Kd#xM2KCwc@T8+#6^^Z6R6h(#DFm0K`4`4xLC$-q- zVgls}MLKn9LxH0vcuW~)?_e4nsKAh70o7~w*W`h$mMwcX8`+E%)Ee+ZmF7ARq)|p@ zl1Bb+rvw9DbItvS-ym~-k`Py$+;ZT3TYYt&q-(nOTG(v)E2t7|-Y?mD3Ryz?E$lKF zrIR96vKh>scd@M)CPFuO)6F;JU*4}g%bd+<8&3ZUXaAPE+^klAT$1JQS8B)BLK=&c zk9_MINhR9F+sQ&3kKaj}LXfi`TJfFb^=Os(S;ldS=v58M1E7&85@ekf=MQrWRb;Nw zNhEaObx@n2NvMm3MqETE7#Rk3)>G7EA3l(pQiL56xXMkA*I^D%C}Lp)IEy$-`9(kU z?|+&Y@i}l+lVjv`R1S>krF!0~>G@_xB>qV?9?ECujf)Q4n3HbL;l&aBt2u8pO%z&>=(rNx z&|kkRWhJlJWH{>F%80QN7}>Zfy$co*^E4Ih>Gy{QXU3OzlF>>x7WmZDHSmM737h)ZMaGd!QT2{+a~>sE`B*UstLHlrn!my{(`-Z2eAmQZy%;w2$|ZL|s@ z7sW*W)1YjD#^893eD59kG$pz13nu%Ir?LKTu68vf z_rr2AY%+$?+Mv(d=%XH0F63nqowYp<-v_(S3=w7&8`$b$tZea7-5}?bdFT|a8l;Q#1^#&y zrv-ftUA!(TP(B9g*xw_YkSknh|=o6`~1^9-dBL@ndB z5F0Ix-SsHkr*xdv^9QEdPto_bKGMwex>eNoUJBje%SX<=D{OxDy=a+Gh~bV}Nw_i^ zrlA(?n?jiVoaN(Hu$ETU4J02%O-4NyKV%rd3dX1cNDde@73FW8c*2i@g;tK- z)ud0lovV+nS9&E!N#zOCMzp^IK*qMIdNk1;U@JX)l;QgD|7D=8Y;E_x9xC+^#X4+) zW@SrVvXOy0O>JZ+@n#VRCVD!qj)AMF-U$j524ux;5i~g$cc~UqESRCph}{s1qG3_d zJ55yph#5Oy8*rp+5{NfX&*d#HyWUNg!(NYt#Cu+9p_Br5@Jl|UaXW>{7Oe`5$D@{n zqLpazvZ5CS$sGa;^hj&GPTawK<*bSp-D_`Sf%u0_G12+}f1Sqj4^O39ulU60>;OMiGTJwsFuc^Y{=Cm<>REP9t9D^DwWGX)(nW; z`!^ukgsAGo=?6Iq;!VjTN@~+JTu|OP^y{2VNOJ$jp`k4B_r_E`*SswT2Zli!b zK@A^C=8`q+xTA!+39(a8h1mTlZ_W3d=-ateO7QxGAP`4_2}FsU{dn=ZVtC7p(A|35 z!+vJ^`rwPGuEqd(WrfMoQ|kY34-?(?2QB-L*X4xoef(25#sEXnFG*HDbBHvdM!X$l zA=N7)4r#~=IaW2Tkjoy}xRu_VX3mVQ8c%%+@lpJnC|Kz`k!qqu23DE4?}VHDbviw7 z=v}ES(A2cjdEB%T&Dz@d(4BD3>=d6;Kvh60&=mnN^mxALGd>~lBMNdn-OrzALUv0c zd7aycYj6+5=GHGC(T3u|rL;e%*P4ca(hQH4y4Cw6dCkeF&HMPmc)RsS%4ii!An1B6 z_m?xb*M$QFeKV@zTOO1aI-TpN?JYtlYWqWj9p@C))L>*@mDm?;e|Ejaeptf4oVJlx zUvdloboVbbXxi*HExt|xL+kQi`g;~2{IkC`B7o~X(XQG&q1n|c5A6u2OQ+En5eNSM zfzIZjcA>Kay*qA?s&<)gOlr=aZv!cqS!tF_&`WjVKr`Nzh1gsuAW+RDGMYxHAhm?y z@Vs0b&gL859&k9PWn(vnQ60dc;>fP2)D<(^o%mUj87J7b%PvIY*CKcZ&7@lDI`=Yg zBC7kHGROROc6Ipz1zam0ktSb;DJY+-$ZO5xg|iaXSPQ0fv>!12BiTDqP^=J0c|Ys5 z+8m7W1*bfG*L);b2saV{K6U%nI`r1G^_V0%3g**JHkqV;SS)4X3}Qbn?kJ<~SRXcJ z%Ux+~@_X}R(9B9ai=k{CE+Ym{+<>Rgtyb@A>xKz3Ff_feIUg;L3zl1<6i>sDN4r`< z8}Sdv^wtNC2@os+@hT{@ZS`$O27AKW%#g`(~uIzh4o;2L-6i;=FeRfjBDVv>^@=x(HH4 zoJfK_@~9E$0z}WVqsvJ_a3Lj#z@B;o1jDQx4)p>@f7UZ?wFud&(q~wSt<-2(ErnQ!VDQS}+!fyq zTq)zF9P}o7ZmxXa&9I3Q3~R(cy4Lsf*hBCA6TTA&i_iR!XfWMoAN+w{Cwq&>N|hOF zz!KouiX*`)uE|YlzaCwUa}2(cbSZPFal7%}5G!S8n)4=F-Wc0B7!v?YtLeu>X@5KV zD7l&B9e&#~Cfj$mD>RZV^a z^(%2v2u;sMVagiP#2(=pr5zRDgZ*;qe!6VlA=qF2gdtSFV{jVj3$oE(XY-3!oX=y) zS~o6A67?~hRF_se1IysMPOc9xzOHU;Aj(xo%Ibxdh?A8-d~usCHwr@&nmM4ZOGTgA z@nOAY&8#f;K$ROeV^odlSRVC9L^ zU(${Q*nQ^J+m{rS82I898<8@0d0sm=S8%V@J_kat4{Fb)twdOpj~Q@%%ZaNAY|K~S z@T2M+YfI7c)mKxOl*8$iKN?%rw3gSlGL=~%&WQ~LCo_I7qAhfb9zxX}iy|*dOm`ZQ z8bB0g&I0DK0P%#q<35c^-{HFe=%FF48YJt<*4Ju!6~__t+BUvM)o{7_FxQC z!ECqNbb>7G4xxAVNvwL0GR1-xVUDNuv-3fyiqt~rY{2Ssb;h>nLOH2Osd7VYpKmUH zazh-t+HCk&Ey3(|nl{JQdT1tps$ZeE7F(;E_(>Io4_%1D8z{v>v0*wUaDIRPEk?*$ z4)JpNxISQM1O^Zu=M0sEyEwY@UzcDCngmLb1=f6oMX+nwqdmSbMv)h$K@ZC4=TvsC%O45-E8-I_0kh%G%z+jM zhD!`&8-_MJn!0AYXObT#)1R~g2b)y86o5An&FK9R_dWpFWc?Z02ft$NQ}JoL<1S?n z7rYzch(%Bg(WVcBK-}zFO_`2Vhdc6gyRSUMOD3iT;iSht(%0u!WY-55;98*obFh*2 ze+yE!lLXl&$AkWruQ%7OJqat@YH~C}Dnk_|S2RPX*pr34^=&37 zPa2JbL2x6XDl{ndY;g(C73vsK!a}7$<0a~oPrLVvYRMP{5fv$=Lx&OT>NO#+x?-=HiW?h8dsofZ?1bZzygAoj+qf z%#nwh3T7`kE(d#?om4@Xa+gdvHe>8OBHGIGLpFoK@pw$?v2s~wdqYyHYu6+r3h z^VleV7=&beYQBnHS-wS; zMjB~$2Z}_&Chwoq5hUUF?EFRrdlwgBzenK&9F^ohjG)HgX7}SH?UA8QP~grGf6POX z9pY*a@U5_2*zB`Or4OC8emCgRuMr&9#X!eZH>T##+>p9!mM^W05PC!VUa55lq}pyE z%CCZbVlU{eq905p2vjd@_$!;M5*heeH{;wocO2l(UodO74Dbgj6jQWmz7^z@k z(ZicrH@k-=4(^&^mg1zrKK>5);rxh~Cp)4Kv$%NUcLg~RfXqvkZLqc_73uVQM!^an zXWoWTRM4$0x^@?+`3kB-=~5;W7VEEX6giU~*uzE~gv$k8YQ&#wJ!L#N=rIIF8F0qA0{BfK5a*QjojB09z7d5Gm{Q=c zzZ<(iEO-C&=8{wo6yn@JjC^LppYW*zd@5}{@p^4{ZABA)#q-^(g&ljtY5Y&N|C0{J z_b;|)B;d;9Xpd=}{lh~4`?m-^rx{}{muym1zN?_v-CE6#b6j0Z*BG2B0AchU>mc1e zU==2&h3g}L-5+;A#>d}}0rq<9KcOjE-4cOfCk|@NkpDT^ndOM#sj*xa@NMmpQYq(%PL%&l9 z*0=;*(NVQ)>)uS^r+rMzDfowE z2$r`9lapjjtgYV=38jgjm4@WHs5se#PEE5uaP+p6sNHhWUoRWrcxC`p7RQTkUFigW zmdSnyXO?%qd&qp=9>A*KI#*1q0QCU;xX$0U_qH$%X6jt~b&UXl4`b9Cu}fXG+~8O3 z(VGD1SBa)1l5boSXv8PJ6Q{dqtFT~)1#-SVpc(rrmE)GJMB7oP{n#WvEt<5FR0)1& zdgt2~lmIx%T2}Ecde;%KT*HFed=979Kb==%+v06M=y_tEad|e@7BilPPUnC#>C^6= zD@PT|vZ4#38_AT|<2|(12|^Sj9qwq&)rm<2G`&C8c+PxKz6R=2+(AUynV!SfWFtge(Agm%dAq*lI=tPW}@cW)V$b2Oro{85gNF6t|j(UTHGEZ{O>o zZTNMF9|dLUDFdLD9JX`t_}!xlq7Ze;`;z<~Ck&fweD;P-DNIQ~;M=A` z8X#TgFL0ref{&((Z-K=q=GfD+(gD4joU^-JiO&d+8~ShCs+kU@m8m{Y5GELvu@ZIf zEDOmaT{&Vo!jI*uPu~o@zGOD`1-(3BMI#U;_%43Vd&@9&;m=Hc`9?66Vr_pXndBKC{dkqDagm>9vV7wJE6W6cr#{c?eR50;Msa) z19}e)yjK20FkQFO3+Esnh3SQMMb`~$^yY;j~GwlOIayu4G z`@j9pW|b7jzth))yRU<_TrcR(POTH4)j)Wfpnb^bHV}yiKbN>AcLY+f%`xAKkm75{ z=j_R}!0I3r#+yf%Z1{#vp4Jps@xC@2G~=i?_cO%DN2Kfh!qiF~C}&Pb2rLvFvSpd< zFUnweA{E=1%@gRnD8|ae7(gaQ)QN?-z~8nra_}FFfejT?+zmUx%#P`Xu^b};8&g0s z@KRyh#f>L;t!2{$!5(}4GE)FztTL5kJ3`+h!7E@-rZhx__v@C1-SrS%bt0dX-yscC z<+`traBV)Sq--BjclbSL$Q3U*uLXUxWTq{O{LOKJD&bVQuW$tjZh@RF$IitGm9T1Z zwGIZAGeNvSAduUoTWfza=;ugL;mV4}5Hqwoy3na9FvQ=xh-pZ>tKleb?7SxTv!b}t zcyu`i#XQkK7vX`4nSGMx|NJxL^Q;Coub-e%SZ+?fvg$m9j z1==_KL=|Sf$r|pvt(Q1HOHk~>*Y2m9LhsN2*!1?UrYXYM-BoX0(G>288(LOCxkDZuXT;Mw zQVIYozKKigKps(Nz(rx&F6x9_ZYTNSmAkqzbmnT~!b&S}LYEm}IWR_0ExV1+<)~4^ z!#@m;yiv*6DMXx9j~Nf;EegT?d!b-CXxh22C2l{o<_HdL=bsose>GR@%}}bI6md&o zS+1vwITLhYN_v2;JJnAzIAt?!d1;nv9bA+g6SGT6hmDb9IC0v^MN`_}$Xp>3i}khW zTds<6+>3vqkzCP%bfk|qo1z-6eq#k7aX&!O7S8;&SdwkFpdwRM5f>_xXc^OuT#t6w>6-@c$MLOwcY`kGg1m~{UjoMNeKk}%@zHjC}^Zt3mzZxL?0P{Wk z;unsk5BksiNKQM@yXEO=OGxPXHOFCjV{=+l)&@^){Sc%2wdxPU#T68Zwc<-y&6d_s z+p>yM^wLn7OBWa0KUry<+SGEzIzU@E$t=LUjm7t7%v{7ta$- zyKP(bWaZ&X6rgo&{C;!cw+x-ej$eXtPxAPF<7+H|!HA z(VdiNH@H(8VNq1dt1}z2J~j<&pFn;j2g2xLG2zW+pJq4PRU+v{UgA*l+kJ2o=)4^2Z8Es4t-;tavl z%bCoVm67N9W=ABwxuvwD-~UF`YSrLRt(xM1Y`@9#i?s&ZTuwkgFTO^mmjv^IcC*l* z>_fDol-pJs7|^>lmknihEq(WvPuRqS^1kxLb zp&bf_r>=)*C0Bv*9f%AFZpt)BaKA7F!?AfO3zX*s0Yq5fUJ^SqSY)i zXu>P~bAz1ZseKXFE*O`;<*d~37R@0wb*zpCt#2rS3%LB%OG^%vr7HUc2a3?{4bZ)Eb?I>oJgt1^_1VTPihMV#_?}SopT2<%PePJNZ~@$) z6D5X!7V>@LUIfk8qqvo7=mKnG5Bk&xvN*c}V}0&DuUEESSOCxd!3_WDb;lsN>4aSl zH-y~}JC^K@78II*mhi=nn_bWX(0J#-$^}O723DY@q;bxwqt`AJjPLa{^e?@TmFOha z@;zuuO1b+vHTn7afLP8uX$u;Z+_L#G-4Fh=8-SkggR|Gt8bJ++8yf|g_Z^N3rfvCa0Dy7BogAx)>tC5`9DN`WIqC?@TDAD( z89rH+5t*X$-mm^>i#H=!u6yWiA9BoZ zT>}*AEU;W1{xY*>G&R71Z@>zQLjr-in|`nZaugQgn0N|YY_e@jYO9zZ7d=xF z?NgqgYdO>q00s_L#;lIb?^*@>Z{iseKp~ekXj!{8nk}8CsXsY?`+ePg2*}9kd(JTf zA9pCl%KsxG{pq84=wFH zWI&L?zYcVGPE5-dzqZsC{1CD+TrD`ifjWmrGZ2#n*$U;CCJ;LWGFrQ#7VsYM;Car& zAMd{myIP2z{k6i12iz_u;=i@Vu2?QMTSGjlWr!g_`zE9Kzv=S)MH}Q+ptqcRx-YFy(7&a;bhRI*hRO%Vj=0OH8O26#U~#9(i- z*OTlz7Rx@Q8(8P2;G27C9v#YwH`i zaQ5~4dUi>_$JBa`Rxvr9AQFpP#+18qh{A>HDLbMv1w`q^9?UoQV;1hasIe&IvX57b z)|BOq9JH{i@tg{DCCy!^YdV~rDU5kYUdVdq+jPoOR+HSGjq1wdc+smGg+H{uM$&y5nD2Kig0!LnjuG0UT1 zYL||<|6aj^_?blrhq*|BZ+@kBX4R!aS1U)L} zuhDJWY^86N@ydXwg8rMDF8-Nopo1el$r?tc@-wVmz#O5`LCH;VlxO}%sA}Qbi!!Ce#_#9%p&hx9SDYrTQVj89Cwe52riQ)7&0+GNJ(AcXUa4Z-FwK!! zp^SA5#Gcn=>t9A*?n=PH8bU2)lNt^EBryj&6oxW~SRC74p2|n#T3g=ITOv^d2Nd_X z$n(YwOfB393u|I2fd5SkT@X=por*Vc6nha2xplcf_4~Q(W**P)s&x~`Lh}bA+11wI zK+UV4KWL;zZ|Ljw>Vsq$g%Y(hoSO`FHoz1EzV%n>?lY!xMuW!8EypS+V)GiQ#&RSU zO~lB7AjV%4CK84C4Zj9mM>5K`3+Koc%JhOiVU?rt0?)78fU`Bv1x+$PD->{J4i>It zcm8S!#DBYi_o6TvFajHQUD!YVIbLOYW7ox79fDlc{hKa$>qVc1d>f1I>g-3i{H-L2 z<#(Aa3#ihOL{<8I9+!{U3B{G*LJB-!g`qw~w}Pg5c6a865&$pEhpmUg18wZAC+a)5 z`f&vNV5fs|`e$q}P0;_&71Nk*c{y^!9{%A&8y%cYrDfBoAyikn41a+fnoafJtF>$} z9sYhX!Xve7Jx>0BpKHJh)7DkVRF2=nr_X_IAko!;#lFwUgF-GU?JL=&%;A(b571$8 zywzxGk4NZYfbTrmj z0_zQUJHkmB(Q^A z!;`QSRWGqLYBhxp0U~P zT&T(I?Jv%7vQRRzB3;AMEr~#z%GK0uy&HJXDrq0opqUWh43@}?TjolrEDKae=&NA7 zPqGxeZZ4WTQ!Romt1adbwe>h>`CM&@p-L*Fpw#Ot?s+&RcVN#)0`=z^owNx`r$ z*=r$Ni^O#(vQ9F+)sHck%(n`QNd+AL-H27_V&ij&+m{B3gI-?Q=#S29eZSKHE{5Qj z8rH@v7whB-m$Y?5O|2#uF2Qb2ym0ZA6nYQAK^;9Ick(K2e%kd>mwG{|d8~2tT1Qze z@^kL%b=VOQZGXMc=nh{j@Y?m^eZIBgDAnXLO=8$c|8I$j z=vTXA2}VKQBbj~|{Coj(WjO<+hMz5bM-sdg8+9X0+Pbsb4rN6w#D=9r)DMcQ>wh%y z^9CmWE|aebybZvM#RCzwccdtzp6KJFx#Qy<4$v-%Xhj&DipVuw0y^)p0U& zxQ3zh=#s(-PxCFLu&-Bb*@mPqzvf=x-`2Q3JFb{}WnjKHzMyACxBxbu!Wu5^;d1uIDH*sG3d< z)8RhBnrP~MNC>CMx&2Yn*^r>i;rBI6#-&`3Lh`;=41!&!?`8cr{BL8&WqnvC+DO^D zfk)+S1$~{;W(Sql(!fv0I$5mocRA6=3YKpFLF7@r1#dP6^P9|{%hp+djj;2)On*>Z zlL50M9-0b7W;Rw|q(wYgk@Yfw-K*9xcWWp8ZKlk<+wR`UNGCvX5o zon;NBN+0dzzJ&M3);CN|$>5pnt<=?Hv``Lid7c@O82)CWR56gpE1U@?rSDU({OrE3 z%(^}9jZ_qCL7TVa5Z<$dmcN7n^FI&eP!kM18h+Tp8$WtWFH=xoOf2NKtaXp@QGm$fqjIZjIK=J!GKsbcs-^CyT%Spk!a>>+Sm#P|2^X zSQ9gbi!DOTGd$1Bc@AxC3b&)*cIN0QS#&;&b!Jp~(3W9V;WtnrMTERL3BL;QMd!;U z6CbJ6Pu(|&#AFbxSMR!#(UAF&F(7a%uvi0h$Kc}kw4MQR967B0v-+j+*G+{ZQIx=g z_%}Fwq`t36MaKkelenwHq*o^_c#d8?k|bduLcuB|{AonE&sgYBQBsJ6*QS@-82U}! zz2IYsXc;kqA%1LT=eGDg3_jccsf&flq#*jR>ERkT<=oxcY$6grJqo^~wsy9J!v|L| zy1jsCyxNj`BPH~q_?GUUwxM_*48I_me3u0A{?qV!Nl3mn7vN0oUv|p@U_Z<2lfJGvmhLTG z=tM-p;F6GYdnVNM++bpLIzb7bAxMQ!Z}NcE%xh>&vP2euRPve1itIpGZ3dVi(%{wK z%+zgi@GQ~g_^^QlyEUseGvox=tT)iQ10`gUW)WtLO9=@Y;wl!Y+$^*KfsCMgAOt+F zIK@$$0eW7yg=*IeSKwAffHW3eH5E*rN@9&l|VWKFJ9X!6Xr%|5Mj zrkUj-;br>h5&YcLRdItMn^CA>D5c^juNlZWG$T1XAtch4rI>zF_3f$Qh`V5?=p#Ki z{an5j=hO?_rQhg!i^%0`4tAzezpDK=!jVtY@zQPYRzUrp|2vjLh1I!EAJZsN`rQAR z;VdqRFz%$LvL1{-QP(&-c?%sjtfW^p%=&1uXghOZmB_N0yrSjD_r(rYe#=~EWTidL z=<@7J90p350Vl~D%GXo`_~SG^*Upv>M=+V?OzPIRnO!&Uy2sxZ zon6siXVdSl^;R>m)HSnnq|Anum{$LK&1%$@WLf{T2{B>#N6}_S zom9?GaV&JI1R+v|2!C#v8;Fjpvun-VR##8Ly}pi>WMvGuAH_Oqrw^5&wzb7)FJ#2@ zLe(;5)<|lhq1xc6U|++miSUk06FEv%6;G|=h(ZVpx!0T5(UUu$RexbA8IOXcRprBL zO(X17JRN=WBXeo~V8vsRccMx6e}wo6_GMI8PVv*Av1&#-^%O3@u-Lw{GDWzEM5bvI zTxJV9`H4bfBdtI|Hm)FgK<3wFfGijUY|>-mBC^voa#hA}(pq3XmglY*ITCJI7~MXP z?OhI71eJW1bP7Cq?ly@b1aNOkZRB#|=HoJ~t&R#8XMa=lSI=6d81{8q7JfgzEl$A_ zz8y2QIlf^E?~7sX{*N>3K9g!uKtZ3y@es=QG0{0`pnvNe)ZV~+rLRI|pLtA5{S3OT zT2~DlcidjiiU=mtSurX0`-MAlU;x>K%&?w;3()3X7mLewwVf@eTZ?v5aNgeGaobDh zhjh`>t%gq8r<wzi&=|O94J3;L-x*E`*GYpv$lMX0T0{iIp3mVb-PG4{^>!uBzv(vF@>zTii@I# z-Iw)#3-PIc{FjKB7ZFPFmDU7BV_$&Pnb=C}8XrnDk@hOgmUs152 z!!?nb2pc~6dBh_w>Uj`e7I|?(ki_obQHB?7BW6rHS~XJeeR<`5^}eH~H%Zp!=CC^W z+nKXgwLNUP!RSx0Kd?Gr)n$qqxt_E!`b_=MJ;;sJ=>b+&ct(O(k{=QdYGM#EQ8kdL zQn8Jsn9j!{{Vj~nzm-lE!!|jK&OrNz;Et|mEo*VEQI%sK%hsDiNKRV)dpIW5!^C@d z+8W>350^Fw{-yV`7m3bivl4pk)=dsh3r+1fqrV4Gxx@s?tC4S?loIq!dp%k{Utrk) zX*C{}Jk5nhho7-GIb8DNRGlm_iRJ@*{eKlHz*Q>BYi=8P>mgY=RmQxI8{RmszfUW0 zsl8VWm|!U8YE@yI!CqjNky9?OtqripwCK)*(nwKF77P-5Qz6(v5o#%FxUk#Zvg9>c zmqi$j19)Ffr?FxSlf^d|k9)C@!2qOeEp*BNoPZ&JfiGQW*~B;Tf1ct3fC)TZ8gxEN zfQnOqeV0kFIGA^j+xHLG7l^KzF)VRdW*&vit>SC0;Z4icRJh^nd?%M%K%l(kw!vGr zQl9CbzxUY+L<6TystipeBQ-AXTCzx z>FM_WqbmSYzh1rr@z*oSOswt=b+nE4{EuTcY`3qrYC11hi42U-7E*7zJe)cj+)dA--gf$ zw7WTiqq>E1h$lQKn&5 zUdo#Jg+Gko3j1Q?#*Xz+l$y6l;v4TE- z$O~2R=F2cWD{6ubBa7B%jpTNAww)h;x@N2T6D3>|$5`nUtpQ&oh_NqWXyD&#&iy8R z`q~LQJNJ&X^xSoDo@P>eIf}DolC{bD7E3QVjf*-PFLdvNBZUA_)e;l|1J2a&>@7rr zZwocs!V`N%!_Zi2dGoW%bsRLmi7TI5()YR%_+(_iAPBC!)@;7V0jMoL7^j0^SJKS zzcsL2ZT4;R2+s%ajH%r1V#J2oS>f2*z!M8=I(w++O^HwI3S~w})t_;{ekDr)$coP@ z8b)?)wXHrBM`NREuIpr0hE*ILC||b3DXVA(eCACtpk4%bjf7Oiat^8skcH7t_y?wq z!_U{&7|MwGy#Y&7B=)}3OkJHi)NP(@5Z1J>Cvs(xxISZpaBV9YzT@n-f}x)!rS5C; zLH}C=tyW~jX8?O@XW+2pnx9SH68#<>M2Y1#qhVo&U522o%P;VEPW(axwVDH%BgwjM z*%w&k@~&?0H&IbZ_yXNE%gt|o_|2heXpX@A*>_q2HpVF{b>5*Ug}BRaN4AwTd|7y% z08ulXgRpB1_2I!J-Uk`vsnUaKWr%FLl;}*hjJs*bB>#W<9rQ=Al?S0ScbYfejAsy% z-Sp|XP*|=r!ht7#I6hOHxqnGm=%4Y{LdmzXPCK7My-pVp!q=J5oBqgY0bw7zKE(em zHKABWnfSbJ&QJL6gb2Om>NI+p#bMF7jKZQYwCh2&o)%eat%AL?H^Q9!8lsF_SU7`) z9U2!YXSo|U5*u+$9jue#t@|*<=fk)Cqn58y3)a9zrl0Fw6or?l;ANa4xP;eq#b-v1Pxb&pw$%HhZj8Omsa2Y7PLHl zI}uJ|_Y_AsCK^SCixO7|UWzG7gm~zn;qA>lu{<*Fu;$CI4)s~8Q@`W*9^ARsgNZXNv&yM92 zXL(pR`R3+OD+I8gEIf`IofV(SB_#yXU99|O*PyZ86l|#mV3kCdnRKc}Y$obE9bcEI+h^ustC1 zR-UxHnq*EK4H+uLCpw?pvm7+mRBqoLeYbLKHt}86AB5GGq^gXRBv|RV?P6K!lMLtm zS}1nIC)ppjcT<9z|Gf6cYOEo9F?vsY#O*RQ>lf&)V=J@ml<90;77X};rB7+xVgK*wt zlZ-{^p~V+0*fvOvm}-%+B;Re1shLIMM&6*DRlS6Ot>i+|I{uPiYLRM7%#5h;)oi5T z|1tFrY?c1+_jlg4vzu%;lWk14&B^V|oo&0xc1^Z5lWkAtWZ(Ud`#8Rz--9@>_j#Rb zt=HO&Mq^7Rp~laJ3q#FS5HK&JQh62wXnPPK?a#)XJYuqlKZbWI~v5 zG#G4BCS@>X`Z)>cR`3DSx-ESny}zLZiIaos_}uHz9Rnv33Ql;atD_i~ZI0b6fFas< zdnoj-sP7aVBM|}1Nox($B3RhVn?8f*-jr)g&iV1990r67*1?Q?^Ewn8@Ij9VU$DvPFh~TWQ?eGTY_AolP7>uOj2^|9S5G zanPS+OBFA+>%%6$NM+`7t3uQf#xR`7+tLxwXu`;eWiOMLbuq^1b1F=>LDQ6Lt6)gj zVq(`DLKc^Ix@jGtAy}tSz)r9xUKsP>BXKFfc zr)0O8d`7pc{DF}_x+LeHMe)notB@3{`2mxoDGJ1Zl@1{0gX93(+~MEs7;O87|X8`jN>3$^7AV5g`-U>=t9} zr#%VZ0rdy2O{Di}uG9fsOK&5;Rgro&lccG4J-Q#F+)Q3mG;m@tKw`nMMmF#$g>Qcx zNSb6f+erFZdLvIJiymx2z$PFX(Wz=_vD|OERJ$wmWbgZ>_VV(jS^RcZL!c>!9xltZ zSZ1bId}BcnO}b%RyIP|wNvM_q6*T?FCGscGN6#Fgf#cagi1aXCW>T;d|F=D{JKnXs5W=4iqcorQ+ zP}JfFMjX0&X$Xqi-T z-6YZY#Z>#UbPMEQg*CV!sFeA;gcK;-_Y787)iexD(RGP!2>AB1J#n?`kc!eTI7!!X z7I`0s#>CnidL7uXwpHbiZjV(Yghw2_AobDmQiq=rG$<|^l(pqgD#gocCIDBZ?)Q-x zCo3I7pMmnqX`g5>mhPihCh+!`Z|j;{@IE1KZ(!@K%kO8nU^`m)e<#Z~l&kTyZ#jH# z_V3$lm;J(??I1|)c}Qhjx6OUHQhq|#%H2q~W7t-_{M10W3(_AdK$^+~oU%|1^BBuW zUexHKe1+%tCwp&%&lk=SNe)lPD4TjQD@X()+WLkW$xH*7j~4$XG7Xsu-=?mOBArS_ zjKlNxv!Kt#II+L4f|3)%-hp7Ot_-lQEHAB(=!lfgZgGO_K!6S+(Qn%TsAx!lz1d$v zQyii0eExmG`YVF{w@(b%tjp#JUEnqFw!UOIScqyE04KT1R0d~1q~R7!E{>!J4F9a#4F?jmctWm^YGVzd~QN)H0zGZt(K2NFh$y3O@6b40_ocl0;IpyMt zU~()|vGj9Fof?8mA~Oc=Nt>M!V%MBsj=4z&Qw1rKZggWq?QPe|rKa>j%#HqH=KbZE zG}m`&h9S{r#Em&(O8$%Gef;VL9kZzzr4f(`BLOqVI*NhDz4>j3VXBTYFZ3Y~p->}? z@LUAJ-e;M`5i723PIs#*vUs7`?)eId&o11AQHK^~A3frzHWdy!0xyNR zY-|A`L7U(e=TL#_fs>$x2jHCeC-gdTCl zp9F38t>@kD)hj<-y6IMAqQOdXLb$exXG$!VjU_%^#qj+~@luNPKA4}iOE6{wMc#oK zKB}GWk>;IDg#|TU3Ld27-wswzv5WW-3e5R10ttr@qlUB9+R!!H(#SOnu5vhdvo-)3C)FIpo)_-=`k{dcu|XbT_xxEj32*?eA3 z8CcM>3pC3~FR7_%Xs9^R=twY6AvMhwLYmjHA!x)rQ8R)0G9)4%L?d?iVP#OC2t7?- z6wPqPP2;7%xwe814tqL^>Oy#k|O}})4>1IQZK5nAe=8S^++pCY3QB5&cq-2cN_Ssgyeqc)5 zg8tgfCgBvR_g4I4R%J`kW3)5dxOxbv|Giu!*8Tpzu1B!<7_$R~2S57ie0Mu!z5Z&|jz zP=z=!^n0T6em)K}KSy_^|8rLTd#H`sap2uMzxTg$EHjqISy5< z(@J~RFfOk$hbw(}GMKy)>xZJ0L1P@nn_zkXasr3z$Z}RTzVRn3rJnY~yAG1c*d(Il zUCF?(lj5q^VyP`Lkv3I7EHuzuFW&H3y%ynsWOgX(L=6)szkz{;rcxlrcO}c>{EN=x zfSSAp1)!BPfrwk}a0&d-Tc;h?bSz>}mAGeBL)>ES5mTc=5E^=Q64WT9!{1rY&(LxV z4$kReZVE?u>2L212r585#)MV^@t5y3n!EU;yubG!B;Uv*H%+f~s8BX(DpW|c(qGUN zj^lNVw8XWLp>uq9m0yDl-++QQuYbOu%!4yB1;MuW6oqt2rxq#OX{tLc+Kx3?-#8Kc zjTZuqnuLklDNUA5)PiLhMf-f})~HAdp-#xPaO?YXr9}Fc|9$oiRdoHTD6S?|)44Jg z(N2RK)&DX{pU)n2p%rZBC+0D^-0NAvg(*BlR$a)C7R2{^szvR3u*>r6I!9h)%bDSkOI#2R*`k#8R_c z70~deL*A#>Ltoi-vcCkYaAJlTc;vf7h$G!cq8n@;i6{~}YxpYN&nZriM-G!zxd0!e z&u7F8)*%fy`u%R#wN5ba`|+|F80T}F^mxR!^(T$4qRkdixF;zkGZe0@=V%q$-JiId3_;MVg>@6pVE%*~<6bEUO(_*DM^n@a$ zm%m$HIEn^6;i?^LD2NnRJ8DsCo2rI{j^q4ZyOBDUvQMKNTMGCk;lP>mjD0BRo+=iMH?kN0C}?9908Y34(L2UM>&3mD@Hd zTMkp!67!mavKK{dgw3pzOt|KEalYoQ-&d_&O!nc6Lr?x(w~O@9$}>us5%9Rf!}`{K zbgj(ZIt#iL(239qw@h$_UblIe2L+gmQUsqk-}2>+L~^5;Ixb|4)7^f4g?|jSH{U#L zVC$=oUOa~1#G=Fh7D4U+@2_X*F$y<2XD|zA9g;-D7PI>=U>!nhZrL`#8XJ)!q_S2v z+tbPY;%G%AHOBe}!GiDIQHQSjKyqIvgc^#Kyj@77^II3OMM(`<0zISKGNU}!QPx<< z$OkRRDja;FMQ!Hi7xVyS#9{REN(VoHn!e$$L zD(rJ!Pc|{%t2&5UtTFB|s_R5c4qv&TapHxp?x}k%Z`cFJA%hel*STCAmjFLSeu z16Yxef!$bzoi|Wj`WmWUGs0n3wcSeJAloECSFNSGzQ?!vA*Hh3>}T_!%z$SNSsCo4 zkPvOWZX&@+tGrUHn~qAlj8KOH5oEz*4)IU|b_eDKnf4mh`Nlk0j0CQY zTFYb}Zh7iRd2Xavd^nL%mP1C4^-ZJ{Q6z|_zcGQv^*C;k z0ZDK2&Ex0fnp$*&B!BP^6+k;@7r&`TZTlQ5rd^^6W=V@HFdmjv21vo!^$MB6{B^%4 z_X3Zu%T;VmpiKW()J&(w7R|b%ouX0F{J=m?KSH%CkjTl%9~^AT7?FZlRxW0;lS8Of zp{&d+fcYoGhEjcQxIUN#7P+U)2maT4-BkbZ#O-7!fdRVj@kedvEfj_ ztx?~LCJS3kHNCd&!WKF3C>as1WgiN=xiiVqkE)dtTH}>PYDG|9UN_Tqy$q7ita93< ziYzMc-2pG(uk__$TYdkM=YZcO{&>eQ;aSIRuj%Q~C~|$zV)e-!CCvW^!%wo;1J3Gh z&_;5gEitcTRk%m}Jzy!Eg01RDlqj8`Zg}%4C=9&6L%v^p^PB9dWSa>D9UUoF6V~<1 z_n>?q>L{-$?jJU8vi=c-LH{kWUsv|F6?Ev;^W7YQ+Q5v#nqxMSQDUCj4(W6S2r(4V z$bO0e$^1K<)$589AmL_(Lpi@GyDj5_&@6pWI&qO9k9^HGI)5JR9Zh0DuyZj-a*!)a zU>`iH+Pd)!tNmvS>^)*6<&w9!NP;z7$y`$xq>f5?9~*@yUN-bubFsTH&qZ+L?fS1> zW>T88D-Is*^E7Nq3*`z)IcVFg=O!fTsH@biP*e$q8^B1J%x={VJXviPX`hN()C$%X zI)fKUz&<5Fgzkhyn`05a6wry8HXe%H>)oXY*q1*XnK6jG*Z}WKof?$7>4T);!_MrZ zXxHlyix9(J6|&6i;nqkzw$`pD-MdkR{sr}X)P7|*`5$G%$)5S;HpSWE{dZ~ii=BGF zI>>55Q%68mf;Z*<;PS*uo93l(3mk=~cYaO}w`*Q63EhOXM#h!u>~6PIjuStgh=vl#^FuQOq03;oW;pI0l=o^ftw zl)8~h-cH{8>#qzvk8LXLZoc*mDs@F`!wJzr^`E0ET~69ongP^id8Ag=h*Nk{? zTtq7ZVnqn7*M4U*;C;r>5d*d--wn7XQ#n(kC-5nLZkcm4k=>^15yigRkFw;sENwUo z8QQ)SU`J;*sWtL4YvFc;kFvp}3t$Ga5=Y-d?J9?JZ_({Ul%^^m#%kXx_Z|$ z+uI;_$R|=ou@?%pdMVJYl`O6u_3)`u4`RMScnoc0FYUnQH&1W+o0J(93P1r46H?Ql zZpLfeWLMS2#?A|$)p6tLd!TPQiye^>AwG+7{RudgIO5P^q&cHIawW+qXC?Umz@V}uWzUxDv4)NICXY!t=3a! zJZlh$6~o^-TT70~$!6B~b>z%F)L>cJj1CdS&jU^^cO5(BsAR_T|py#-Dg7k(j zv!O1x+La|RP^XlSaW88*x zBkXsZU#V3M_bMs$3G7c_ta%$#=!T_8O^hPPfF>8arU=Z~%@M^5RTtov(`LHhBXW-j z5yXLByQ?44y{3ZEE^sYRDceMeOTxQ5%THncI7h?L&UBToKhFr zcdnk}g&$P^qtQuev`RC4!w4Ggr)i3#jc0_EO9U5XmAVpo2e;cIOJDxbARvs?kEVQ#hIGd^O*ghuXZ~1==Fik8qgXq%A&_j?T{2{XI#Co6v(!?(FbWL}^e$Xj>8|E^ z`nh&3Ll%vdq^sXD@)GO6>du$*@6%<|ay9PWgIlVY8yfza5F+#6-&-u#7Xin+*Nl&S z(@Q^wW{)~)=z!TN=MNUgch>lGd}L14afogXB@8K`gL?aShLGj&L<_7%B8Hp*v-4X} z5|eawTt$DIqYX*R1M1b|0B+*0o*h*MRY+87Vf!Kz!~7w~BRZh(5RH`ZN042QV_dHG zdTKD>S3g8V`Z!IH&t~TT^^ip zp5DQ?u2B7?^r*-9BdQ%ikAzlQpP+-TS=y@<0S&U{eo?CyQ6XoUrA)ZFcpWpVAQ989 zhty-p-Kc{-PEFop$+RPR22`0?YP(uP1u<=M&()m;J1_r350=8*q@R#_bp3Oi*`bg= zT>IlSzSJN+P7J}V6}N1%ov%uB#;+EI%j9zGIV4<1Dy;4z8?r26J$h_CO zgX+k@czl?Eb3~_tR3VwaKSj^)nnj^F>&xU+oz&2{qUG91L&B?%?19W!4&bf&^wSytY2 z?3D8=LU_qn5ZkX5W?~ny2%=56oKdVQ9}8In$P-~tTs5npR&f+OQGlr?I!(O&n#dF# z&NOK`+re(er}3yR?(NOBs(&HJ_P3szsnssCY@sZo*1KA zB3<i{d_R%9-0GebzDf>z^>Our>E-q?b`Y z-?cU3zRTx6l97(h>ps7za0Mop|FbX7i)0_6MnOz=tg^tS>qori zgVZuMVu=e1@tw12XTP%s_*FdXuHL~0E(E>jcBOW=I!=E$V&lAo z_KLaGQkAu8xfhR(%kTnj-=mJ*o&2Lq;s7Qp$N(8R3)h3Rs3NpX?xtgUtxX&>PuK2K z@OOMr)N8(EupgZ&L_%jw5& z$B1&%pxnot`*fvOX+*1bblly+$vDVY|M&%=M-z;pax23ZTkJDseUASwm9N`p82`)* z;fO};*ictCH`=?YryhBbR_%{y&?$9~E#Q@Y&HSLm_3$$lYQ3{7?9{@|(aRm1H1owY z?Z8SlMsXQDVx;CawQtR%GFwlMcPhAREvdpN-UQijU||m#i>IqjKQBBU&kg49VK&e-yEUkl*Sjlx(6v_@trEGd5FCZ8O_`HZDl(bFJM(yY~!whWeH$PmcF z_1_;SZ3iS(Oo%EEINgm)LoCGM7Thx@>MYPryG06TP--sF)+SWsfzjljisW`BTWZn+ z&tM8fWpY*`El+)$b0)*Q;geFfJM2edlvFb3zU$#OAnHI`{DsxJ07t>~56xLz6 z2e{u^9^&Mrzt)32awl?VG*;!z7Kt#I*9ST-WOcaneW@DuDSR_{*+MBYf8dRuu2o64 z21T8H{X0+eIU**2-NUJz{-GO->z+682Vu+ocZZ;57$c;B8QNa%$hFYMb6iy8o4!zA zUm-x`yvak|Dk}q~G$#?Lo3zhVx6!CPXP&959!tng9Ojf9FG_g${sjXHT~^IT7JkL~ zNIzQzE3q~!My5Wf=a!SIy>`F`_xRLIx$Pon+xjN?VvKx$k$hhdA^ITSn6W?s`WSvJ z)zDeqy7QNa=j=l&U9aH!A6^5#L-hr^sz%gbwr=7$d6r7xcb^E9fSU8ii)vXlNJSB( zfV}V+8SQgxHTA|dYL=2zBK?%A5@ztB#<2!BxaetfN6Y0b`GznS^7kTd%_Pn?vxB$Z zr|eB6a4}Rh{>;Vz^s z&=HnT2gpoxgfIU`#h{4=LJbmQK+IFKr8Ys!FpXlQ4uo|V3fEln=&63n!oXTT|DFgv zc)*;YuvsGPwp`2~#&YL&*f#+m5Zjf;;RVKU@dp!wE^QGNe&&Hxcu-rA9SU2wxH4;x zLSMuY49cE8W!08dQCHRm`IqbYA9nw=x?IR*O?!@`4bUC`CI<=71`(RL~<0l`j zF-?L0jiAn`X1A-G1$)gdt;(=a+2^FUyvbnAYeM?MGLSJKjhDGqvr%|VovvjsgRyfx z{xo6jmtPK_9|o|&Q&}&5wfijY=pia*bpg)zMatuh(+^=e^j{D$n%}RhJz>$zK-Hm|rKXpTJ&Q1Y`KI7i6WLt*dn;fN!no+6)k89p%-XzE>m~X@vfcv{t?mid1G) z-J$VZvj^9LpeXc&CxiZK@$tCC4A)eTF+EGl!N#oPP*`+B@A)28#E?P%c_Z+$s@2H| zq$;aMP?3SxJ3B>{S0@7I-D?j4!pQ?2ZLiwU4={?BoA?kGXmmSGN1!EtszmFRzt zu!&TiPfJ~OnIes{oO>%>_Ik8iY2{k3Be>vl?B4ZDCv(cuse)0SJ+ua+p2!%DyAS4* z%nCACqDr7OAx_+i?xB-wzLCKGR7CVUKFMuYSf_}_%L}-%`3~mpGIu!QDu0*Gwpurv zJ`(m}D6yPU2Y0a|Xp|k|+2BZYzM0;N@QzvV;9gop0hij<9*~kQ>JEcFivhzl2x4h?i@3am8RvveDP)%$9avu0Y9(oQ39^Vz;FM8_H zBL5q;nXmOdheiUsg(M!ojh4P&o@IPPWVP*!o53j*g@?oRq&3U>soaUG&b_b_kCy3` z^y~NHfnb4DnU|yt1miph;>qoe&9@$d0n(}L+YX0Vr5aBQuIcJNr2{@9svcV8JZU&E zTwb9oP(H9LFmJ4d0>GgX0D%5AXJdW-XRL=Kl#X22ig{>k3&|1z2)f%&MLSBLA9p^n zTi5UMIVbBMk~IskA;cnpR{|2@7G1p)e(Zq+0w;olw+D&0rGH^#XNe;-KAs?c+o`un zV`(%^)g>jIgP^rE+WMvwfAug$I@{-QKN1`H4gF!NnWB?ue|%*#pseCuu2Ax(d$l}I ztO)9!*^vq}MYG4&ag>ogLvo0xQ}}AVlIv<`KY${?f=eOkpxJbSGodNPOv z^~?=M(Bc7ER*#~WxvJuqr@yPDn#5|}b6>L^B6Ikht|~8|8u>*9yF4o;Q<;L)Y>_VQ zb2!)1bl?6z<_t$*Q=}7EKAWnA^mr1}igFB!hNZY7yQ!_kJ_?*gpZ6DY%@s--1p>J} zG~3(U0`araZ&<}PkiP2!Y;ipI0yZsy{s9Wi4n)SB$QHeV=VMG)=U6zA8kl3TSD}pR zo-dC?2MRl5Dl&x2glx%savpIO=c}T-e=}Z^AaVcf1W?H44zS4ebL8aLP@-o%$DWrE zX@dFN22+U)!z_zdm|dZk7nd@QY79>T5;0-+RJ% zJE3wpJ9@%yacvxu%~cg8>!7nP*I%>bJYx%bp6?plNGC#sI)7VWSZ9*yOu8A>;0V)E znG@(8v=3f@-yj)(|L$p_7;f}J2<;ggMvARsW=?|cLjz^EO?!;JRBJd$^629S(eqBw zgGBCiC`$L={XY!(U|bhfU+|+v=r(r5(b{4p51)fXLcK`&)&L}8`<~r9@!(|C6gPbs zd+!{gqy8kDxN(CAk}$ez5+N!94pEk^oSecuB1|TIpq&&sYk@GUazB$idwZ8Y7z`#z z>~gfFVw=1i_*m~N51c(Ez6RT*)<*r4&9apf^4^S)qN?}*QjpqQ75d4hk$E5ln~uI? zyJ!2&u@5#t3t~E;e^6g&_8;-La(JA7y{D{Ke4K9!OtL6Z#fiP5=sSlHg!EU#Uim}; z-EFCjrD0Ev_7!AHb&4YO_vu{ytK@S0yQ`hdn&~8eD8=76I|#4&vn(S_3K=IR=bwLN z>s`Yy@KpiPfFLT?TJ}kl%~!!9WB2t5*LL#_%O1>g_;9`Z6~$LM1gbunq>}E-bE_AC zO|*oAo5df|Wi3jWPK?g1d=V`&K4J>fuc={JVuRk~6D-V%WGzSabj&n+P-rnb^@M`d zSrG`k`)w`IRw+P}kQL^*S+AOCvUC7P}JcSD#JI2YBmpDH+cfco5oe!MIJfYqrCj}~}$;47CxtFYN;!j6Z<-<)c zvA(yI6%|0&xT0dq`h`lYhKTYVNIcKeiaoTuwE|Fy#QBmv;%A6;)^!szkowu038^UP zggn)A>lBn*T_~BE>)cSx+-9q)x8}J54t7`5>wf|ha{CnVJdWeuMLGiWLG@B{Z;rot z!t%cLqW~8~hYHFSP9Hg!J)PcWVSnq_8>xekIL@5uX(S?Nl#0vb2jGP93ypl2+TxQ3TZfTsG+Gk}aCU z1AA1#N*Lp;u=!WD5?Jb`HU=W}y~R=xu@pOG4qw4EYYzG)!YUn?jKLk+Fw%8I5j*Yk z?#bd1bXcOC3B&)&45;rbVW~Qb4P52tt~xw^xOuIGsM%8{y4gjZ>q0@8mTOQFMVE34 zqgw>!>~l>zd^;tcg%fkZZ$yl>)~a)Psd?dwIB*|lC{xv9SEW%&4_e8-TNO@k!ar`I zA}JW|)@|wi4u}WXar}emy>=A2B`BB_lo9baXO%Hoes!lG6+A1*OshV}7W}vKusfdN z3~?2fX4eF9{{L5?{NQ;_e5L>cY`p)8DFPt2H!UcGMbs@Z1j>iH4cl3FUtxck=oKsV z8zC8yB`a6hH^9zSK@j)yr}yM4;KKz5sNg_W2GTnq{WCa&6FcqUDJ#H^^qlqTD(!K! zL2UtD?nQ)6iCGypN#d$HA)Zc|pQB zQ2Tak%Ga{tH((jNoG-$^o_|l4wI*SYMaxV3^-z(SB@WRfqJu12*+SL^KX>OafUFaY za-W!PpgzcItzi|GeVZ}hURJ4CvjxFyKv3FWJAbLVOCXt?yS@XPI;_T$L1i4OBpSBB zutF>9gv%}o#B^a0U3M4~a9;8c#{8TvXv9`kr%>*|dR~DKD2&IVHZ2G!KI2_8E)Yzw z4i`(;G;ez7^gR6}v{=8d7?(!5$o#{})VbB0-R(j^B7)#Z1smzxf6D*wi-b5gPa z<7xTZibMR4#%aBAj?=1ux70G`t|t)pOs)d$-qil&33$8ny&_D@OLTdqWa~9bqUZCP zJ?YK`qqq}|;sk1lPE&*h8kD|{uRtaHgMM1v{6zf<%k(8IkLN_dm8~~6h8NT3xz(WF zdSTcOONk;eSNoLj)OYk6z@@f&tDMD=Wik!Nozts8-(xs zTi~c8J)PMBaP)4dfhFlg>Ah<~u&5*4pTUnmo9&BhxqyyDseU2_oBF172`Pd|m>PfE zx|Md`;7nMlH+Q12M25Yhx4x+?OJj?LnE)k{ zG#!LAsK>?vTJ_Pb$YPDB^VshN8P_Y#xyu$=(R^N}Soal1z;$eES-|nRk0qS>T&PAH z&z-&hu7v2Y_?d(C68@=&Y(NbrKB-w_$(hhZRep2J669>_P9ioA!5H^h% zO7M9gnxOWUE|f~kMJe0mxMxAAq3RSY&9cyJwH++yGwV{0t+)1kOeylbP1yQ1>$KR#y-p69U-*}(buJnR+s4~7oQIQd@sM1lUZ~aOnx7^wqU+?`QuvFo! zq{-Nc6l78tkci3^67fqXM#?`t5Z{enE$G3k_Oko0MuC@J^*3fpKf{O{a~6HW$z%$c z0fM))p}@E407Laq26Yx;oV<~tYdFFCMVoSQW+HMzlfxQ-pI*TB`j`$sUb-`|3epTT zT?(V<0ENo*l#mIl%M^ABRb&f(?iAG zlL&0;-)Ey6m}Q%`ECmL8z)!+?znO_xWhn#K@)v<$ZNzZWg!JjOeMGPKOa5)gCh+~p z6(%U=MCi;j!Mlm&wWlnZPmzY-+s%G6GYdV9ig6IK7WrzVbi3n}Pw^qB(2+&Fi=jKH zDDlI{+0)Zc+O>==p_8_{t$R#DyEe-uC*K~k=!^887q1f|jl1QF7=3o|4q?XW4Jf|7 zUT(V^cs0c`1B;_RJuM$s2V`Tk)iD!8q>c?+v>3HeTF4A&sPRhsi4N=PAue|dUqu(_ zWvp2mlhIYaH~e5F;86D}gp){hAk;S2TqmaN6GxA(7^D{RHF?N5V9s*|iwoHzHd8h+ zMi8(164CB<-vp;R#@7img6;$S*sf$D87Z`5;3d-KQ@^68%#o?Vw9!|+q^R@-mwl^{ z;GlbXksXyHn@Bvil?X-iz=fttsvagBA7&hZoe*c3>ftH~zQ_8E*ZJWY`d#yckCvv{HT*Y;+8WS)9}|4w$J?+iWuN>6 z0aVXzu@pUW*xDYb*TNpeXwyb-OQY|@oR|}rHkkDnB?eIBm{GEbI8-5-z%1bqQe-I^ z`0k*<>uJP_lkGdN!AtMIRNiMkaa>yl&2_S{zoFE$;L6Do?7olFpEC&h7?UFn8kr;U zr!yg7?ie9=K4*%86zrC|GWjB4`PQQGi!>8|XAZ{H)A+7CRAQVsc_&J`Dup-fD@jlP zT&)R{L}|8j#osPLJ~@9A=>L1#OXCOsn6QP|dD#)Lp)cptV!Eu`m??Z?j15b&%Lxq$ zvaw->;c^-WGYwrmJXk8L2UgR=HaHw%!XM?q)|I zY;q1SAd6(U1^nhpXbRav6^B~7fI$nEu|S{kR?84(cyO*RVx#?yw7rD$5jcA$rADQ3 zw%&AXqXeRW+&bc^Knr(zOhW-CN&nogF-MtT>+!>h#KYTL7T~otK8e*qkS#FuJ^ox_kBzwUJ^IyaLH4VT5(U87x zm<>XGa;KcXIKaGthsJkUGIPT=9XJSFzC?e8x>}D;n{ep!-Q-xu_qKTZ+ilXS3)K;6 zJ%YiSfXwQZJyiXnF-*Qk_xJlLaqx*nr7zmmq@_^9flNFNt5ag&t?}o5!CNzd{ zluz6(>WC4M${=tDLv7g_)ufrt+z#hVU|g(Y`FX{$bn#(GNS1A)VkcgO9u4~q_`a<6 zMQG$ovY`g3LC=^|r zPS<4+y0XJjrP{xwnzB;A`2~Px9pW#Ij_KSpz(0N=t0-~iCE5O-RH2JH=?V9m7*mg6 z-r&9<4|)`Cc+o^mgWp`P*Olp@U~I(wX{!(8qh(%GpwN{HcD+~rav$wvN-;jnHTfw$ zh{Q_*MqJ=$z?h6mseiTB;=-@{F1`42y#Ad-T$QHU{rcbN9RnN>cIr>le4n%J+hQAN z+#%pY^F#Gl1Dt)5A7W zy9$prvVeD^673SDnG&j!&^^>F_UWsZnFc#fHKvZ#yhY&BuQyYH+%=cU&e=||G93H= zFzGqDr(LI(!up*}LHg}aVQfBs?a$5%^t+wwt$imq^%DyGCSyRKX!4`vMnF@Q_sT7y zb{vg4>r|6u0fqq1`>)Nny)nreIVcXXj~@Adl_7FS0yatg=1b7`Uq3rZ3o0ZUrmQxA zGbnw@jVBv2kt%om|K4Pk35%8V0)6CzqjuVA$b)kEX4ZLs0_r86wkPpV$+76m(5=N8eaJeq-@u;Oj!P{=n-t0??p zG;mZKtxfi=Q9Z*-PDuA(Y`|8Ml)H)roEBtT<+wvPl#64aU zY#!Hfdr~96H_OW&Pxy*i8eRR-gdq5Z6AM!&Am{?(^?CT9^tOBKz;Omt9KJ790v-ox z3`YQh4u9G~i6(r(b(xu}0I%)C*QRxVmzAs6w&K4woFNc1AI(*LfKMl7S z-g&2Y!c2aVVT{y4Co0ztH|(`57`==4Zs)(yGHwa9^TnOCC_@TTbqmE^Tf&TD@!KnV zeX1Dru@_8lp6*Q|iKhBWir}pil>UC+z-5o1ltP+=UOs(7)^q0abY&xK_J`-8) zd*9nUijCO5lyRMNh0zP4nUh8bDLlxIO-Z*_93oqdxYEA6AvbtY$GIXMB5rVVGSUDkdX)@#M-`62+ zlV|5kS@#f6{ZaRUx+;EK`$Fa3vh6Q!EM+pH!ep;!wSKT9;4R&{;=Yu4>j=i7`7-6E z33UFx6!igN6n9?UfuFk9JX$%l`^`rD=t1k!SyVkQ(8D!6=5@mdC+`G=KuhoBozo0FEiO_inxmg4WwZoGla-E|=QuiQMWoNZ{NU zIP28xUqBZd z!+%xzxVt*+Fl|uQobkA6X`CIl{YzNl+|VQzT8S@;4@Z0F&)HZVEaWoYe%3*yRWLL` zVKNf^>zl;+MW>dW$?=#yzE{b+vVFX6)^6uIj5Lo@vEBIfn)cQ~YRUWof;O6MzG+j| za>QP!+Wt~(kwPwXh3H1Wt;gF7*YvmwiFOpf$*2X=oWX4JUcSo-3}+@;vCjE|`nql7 zu^aIQV@&891Pc+`hd)A@(~0{=Xl^tjAZ` z+GZB!VNU2^^mu$UX)@ZG&LpaSkd+334sAJYXJdU*dfh5<6>Z^A5>$m7g~UklF%K>B zSJkp+8T!sptbwCDWa$m|;`2L<u zDS)(E!&#jvWo%Ti%*q95u)@r{tkJf*vaL8!QSo>4lPAwioek$WEf8>q9}0(PpwhSC zUXvd(G2yDSngkA!o>?AZh-2iK&bT@|<{%=-g7U~jQDkQ z98eKv959JLXSuFyZuF!2J!7siz3z$2799M~IVM39^SXa0D|FLLQ?oOhp^E)8qtq;@ z{e0`XnY%*nDSk^`@yy&p8S^$eV}alr#5!(9+L_y^+L&7hez0s(LKJ~NrYJ9d-s5;!bY)QKEpgXTl8?#2cqg6Npgh2_lO5yTUX|wvFSM@`ac*lu6=$G;cxwEZ9pn8-TK_W-!Fn-|kFaIx zdDlrgNRLAv=bTF!CF?K#Vq;qG9BQ`t z4Q&0ui|l*GNA&68RPG+}oO|t`%I?+7-N*#2u!mHIpAG@Djdv;uqa07hkboN^I}dX5 z=a)qMO>_R4**Nk>qBZWy-~7)OdEBhfh`W4Yd!9mSDRm2gRz?<- zwH_PsO#AUXwUD#@Pl=j1yF-A7>Jp~Bn34n`0vQrS|kaJn5+3cX93vB0aHjF z>>cCQWqIhPTH9SD_NN5 z1qS31)j*u{()c35fk_aE7aU3HCC*;I{mOrCLT8ov{ig|v$dt9&se^^CuS$W^0tXG8 zFm)ca4quJ4H5M5jZhef*+@a$FQNAVVj4B$i)FEPqW1hv@5wwC)>5(3^aF;E6^Ay#0 zazbNodiGPaGuwr;1_jbw_G?ZmPPlEh!p6JYPN`4*FjUvr<+2BGuz16^mBiEjd5(x} zq#6JC!xvS9;?}?FJBq5s*7#K)aGc_mdE-++~So6fVXEx-xy(2<`!3X&@`8O83cctiPBqj0^rv*U^uX5`K?W7XkBGossV7{VP=-{n^WSx09E1t zG@3*{+u`=SoyQyx;K-Sh525~l2fC_}mrbi}G0%BH7lhh2t3 zHJU7!2vRGWu6yn!fCB|?r#{wO1_N`p8#cs*3wD?Mjq5rU#2hck*BfqUp z*ou}iG%7%@u#Wv*d&Ge$=cM+fHCt9ypl{K>#JIn~9iouQRf>c-uO4Rh{D{5+EGZUv z5OIHZ@}7|LPuq|q7gy?Iin*eR@ZvvZEMGEKp8-$-*cb9~Iih;XO~UwlEb_8#g$+9> zX4V|bo2x4E-2B2o`sx^V70QZv1reK#V2AcROV@nj8_^!?=uR-j0bGuhnh9XpwRjri zi__*S3@a^|F}pO4IJIr62V+}!Xm#3@LjqN_5dWU z`TuSrbrWX(umo!8CJ3JW3G8dZ6@5=I^z>}MrTO?H68Zf-AqX4{WY|9W|7ze+Ue5o} zYy+l8vRrOwr^hA(0E%64PCA?I z0$=$S?#hOtU8n}TbITlv7}mQAJn0ScNq;*b$bm7w6_eticZy4hT12z}k6%Zdi2wv9 z; zM76bA2_tiL)Ce!R$y+?DcCJ>Y`1%A})PA=8cD2AgVoxApLkju2dEDR)y((bZGZ%Ao9BXT+lGE z#<*l#ywm&3Aepjs1;V%($5|FR6qisuUJ22rss>!Jg9hKTT?v~p*?gijDdqV?-=Dq6 zDXFn_ooV)3HrB^CX^5Z{tl&@b=j<@es)DgtKbD4V(v8bNpNW>9-EBV@pFU-PG%!21enLr(P>v}18RoGx+zH!xwBNB;7&aHDlb!BDFOXAUiekY&EpBD-s- zieiGZ>~}(24u2sz6_vgneau=H;bKA9Xf`+WMpYv~#F%k6_l&a;5yq9=@Q! z{mnwNepUMs&#*$NNjx<}axqk=yq)aPA0Csj(6~*DS28~YRc_RSsTSjoUZVU!9{tc0 zY=_a&LJ?}m-=cD%S%=|;h!08uf{I{6r&mqacRTmz&l3c?=yKaJ1deKl2(RF^fX7u_ zK%xG$SwU!@w0uPqq77px2zq9L%L%mwW{xmDo>)WKQhqbv6veMiv z-s|)S#X!I+3f(&d#fn`#^MQb%L*Nu~{^l-%^LR(yrWb2RGAC@4;)k1BBcZ72NCIdv~-8IhKr83VPVB9 z{ktGWC`?@~#{Xpkzek{7<23-1vy#ZE)C@5o^kMVsPS?S;GXPL-;6;V~ zy%lQ#iNW<|P~{&4$;d>#?wB+f9=7v$O;8n=nIp>PYl-w302TQIwK1JUFMI;uhR1khrJ zxe#~U6w9!591Qe&r1Bf~eFbat^2IB}%=-$h9dM$tvPLTZu_viqLIE!LGQ$mMh`^=$ zHil32$|~BdK9ST~liBPFTqadM=LvO9s$hLZ=;B~eqwtvrhSFm7YQyI|dbug^ng7k% z*_n=Zbq3QT4Od%^3s@5JTAiDI4-13eK2O57Nj?6h8&BmulU=Gl&bnH=BLZdag`=2a zrAB`%IseEzXAmqQ#Jm{gI9`vHd-UysF?)wgIBAi1kov+|S3parcX-Ur>UNXG-=cZo zGF!j)jA&jkygS|flb3V!mQ_@Ut2}ojo9LyDPP2Q{kFD2v4rh?=(T}aGA3T%DcSV_}L|kGH~= zv0c!;)#NE~A^k4jr3BC|=FhVoa44(nm%~rKZRKG7VBBod1&ddjb>I)97`hnh8+p&R z2}y)t_=riowM8&;50E$Dd6>~jP6R6vveO-Xum6VJx?I%tl#;2cOEn<3s9Z5+_w6f1 zjeuyjv+Y+LV=t>uJ364`1`Q&Lh7#jj8`s?qAQv@c2bjl{S5yP7uNW89DBfYt|BHqY zv++V+=Ssh}NJ8jBVS8Vy;o>SlXc{stvt|V!4}*d@bbc&s{4zbt32k?l=he7Q`ua5Q z9Y#N42lRJ#G97pBy`1IqFX>0vmqZ*0N%6P;80ta|ma zEjg1!4~M=|4?@Lq>)=zs?aOyeMXVRfeQ{IGd(a}<t5CRqHZ&3_> z>q>-Dd&Qmy&H`YL(iq33a^1sMePPw5Nf%fB-$)8B7DjCxJn)h2c`O9E@JiBD3W8%z znh#obXSLwM1zul&Q0MbEAv#!k))o{?Hbh?!c^1rMar&5RCAxVNmsE?J$F8Lmc+hlk z`vnY`7S~`g;iq!Nj7o50@%Qd-`!maRqd2h78{z$^W}2j+4E!_Aawwrixb;pR1tUVO#XWq$`YT#_`wfpwUOd~O(&bQ!e{zO->d53gHV}(43k}i<7>pTMRi6U0Qyfi*4M%> zWhAU+qKSYnl)w+-7}e*k=_@5Do&PoA=Nh6}0A-d+APCm^{o)tcO%Hhfe@$%tcQ6i? zz7v@1f#)d<0GIb8IwXlZT4`{(J2+*5~he~>RwQ9KLS}{%WU}NN0 zOg%z0t9s)^QSBO~(9J6$Dn&tgRbTa7B0nO|X`% z2`6x;)o^mq(BOmncjN^5`JjRgBqj@SzSFc+gqH3LHQn&Z>CmqyHhk_SZ77t6O*gsL)^>GQ`vyA_RKn!qz_sZ^Lqvf^K#>zs3}-S~i{g>P z$j}OgQvl(jhNV5jE1Y!`8wVHQLY!H{Y|gGrdTM%VYHIA}eplz;AwTW5*d4cm2>#==d7}_ z%+Yct5WUNP!&{Q*W_JBtkWd6oZC!m zb;^qIT{|Me4-h3gubS%ZsdPN4dXNW1uq>{{Cfg;Z!~B+ro(c#BVm91hp3qLS8wA!X zN*O*l&F8`J*%_xGrVB9&rzfIv{0tfgI=*a4fE&B-Z(C$<M{b^+^)h=3jgPF zd+gr{X9Ji#L4GGL&D01~6-#3xV*&JHYU_2v*d1rzis2lfO?oK#-ebLesCxM~M=D@pEsW;peSl72Fg#&QQT+nDmP>n7?+{6E)iEiUqO(d(AafrlnoYgy!X5qGc zdc@N_PXxW0rFIpMf59Mx5SUccjT_ludIYw?{r^Mt+z5Mm5=+B)Qz;?QKnvB1220&} z{AGO+_hwswwA58L<6}`$ix@pQl#HCR*cx7yWhmoU9pxHBDk{*yNSoSoQ_e_Tnmj<( za&&!&{-_Q8RItCk=I$EUhCOm0y5s^$@K<+5M%x{nIMk%+5BKdQRB zm`*F2@)}QGEBnZaxsI=^4Db?mce^MEf-MV(!-Y7Kr%j|@ikx$C`ajOOt8nG8HL5KI zu%I4DhNBApqb&@&#kMb}D@K>(ps4PNX_0lf0C}TcN%@W8>Ouadlf3X3U$hxeuCU<& zYNCXjdndDB4&?A%v)Lbu5$T*3H%1252bZq1qYJCvz0Hx3tv`6%sbC_5dL&FL$+PQ#XCzFG-q zxA=4vD6#|aUwl|M^sW0tG&&iVVv-O5fs)F^X^-PKLCztP1X!@KNHea z)w8~{BzD&d?`eK3E_9U%PT;Ls8aFKe@URm9v!Govp@1=dqRU1QgV?79xBFLUx(@xq zMk{PO&;GNFZIusNlKml6fCk{DG=Uv^NB-NiedZK*34ZwTb&;I>SMoqO{NX(&zqH|A zEWr?=bi#pySVAv&84$U%Ma67G_z~6#TEMTuC}_J~kx#PG?3&n)|9)TE5Uug)(`9!gZ{_ zM!@uv9%jSZo=E7YFNoFnFwX-@={i-^EhlfdY7_8sX|3`;d9g6Bw>Efn)`#g3(J5<7 zkfHD8H1<@;wg1$n@v@F6DNdEz4UOGzRQ9``6;{CXmZz^@!Qr1GFs7RM;3#)Cuu#jP z!!JY&NfHGec$$plcd|Dc+sx@Br$q9TTvcMs#%mftIpTJ(3Cn1oq-L8-L4!%**VdU+ zOkav({6MJZwG}Xqc|@-)$i#?g7`Ue=3A*VYg{YXb*iDRq-zLZ20O+?Gt?gJV;H9#0 zvhxm6B19Y!$T6EPW!id{1%2>ZTj!eTC=zx2T#8go&ZuzlW`u0jm@Bf?~{ti4l1~se@#*) zm%!A*F39?IeOOrm6CwWia<~nNh6WkC%~%#x_WQ6Dn2m>Vn6XP~&MWtq&C1zd zI0r4WH0b>NrAdcE*-Z{JSFk+-Tj+}v1j-tS40`DTKn#S4Notd?kLTnfDqyrk(!CQ> z%q>4QXYm{9SgrBzQ5nLRzO}7KdO<_&l|+cGaoev}!7niTR+!R3wXMOKatia5M-EWK z10!Q@Q+M`OymvgOwA~!G_tYPlGcS&jJf4z73pH0XZ$d{qbr@Rv>=}pkyl^WNegRB* zT#OWI)A^@Nxmh(|rWU>U^2Wk~Y21x0{vDCc@nH*URvm(uZ;x4b>XoAM0kciRUUMu< z8e%pT=B{&+Yl?o!j=6K%M4vWqOw$n#is#0;&0$^^bQD1P|G(l@AP88UR&JQ-y9*y6dpAJK7fbXwimBnY-?(DR0dD8Bg} z5j;F5m86aUSEb~o$}RY;3{`r~z%HXOvn`P2Vw}E_%VefQ)%6%%`A>gU$q1@xp=16V z{Ei^P&dx6Zeq5djHX!S__Cd^CM80~u`=RuL9)ew8hwB4n3^954a$HJGBN9Nf@YugX>-7L~g=-fff-85{*i=IV{b`E;NKJPh$_MA~eZ9 z*3?lO8a9p?2~CK_2J5E?}pLvnUc&MMb5 zTGfU~Zv?6TshEdr4qjSe0Ux+?)ul0bJvQQOvsHOE3omc8&S~kMK+|;2SKp~`r#~5N!-cMJuFzkU@dB=rG`$G z>AgYT3z`4%C&Gy{WR=F#YkVQdek>ImbFNk=n>(%LbBYy~6GV+#_wiNcq_LE-lq^jj zgLQJ@H!sRhnM1VIWhV2fSpWXH67o_8@N$A_0shg$(zx8L6iRE{$QyfhBS5u_HI)Ukz~Ae^~i zS|uT@+ze>Qb?K`WjRmdUVzJjQOJHnV)%0xlJxs_`+SZKE)=G-uI~GS%o~Ps{9V_CG zLToQpZS;G(mcH%uQtaN3FMKOCbHyIZmhHji8O=iY;M%XKI#%BX*2$;e*23x4m@u%r znh^!Dxs6G~AgZ52^4UtNFV0G7>okDNa;rdLgk}ee$LtHk?oK?!*JIjYRW_CVY#W^| zjN9xxQRUP#v~j zM9USgz)EvLaD0Rpzoav~Hz)$#w_E4O6Y!Oh_1@&VUhH}kZf*)(y=?ctZ-AbKo^N0W zK51gkwyv##P*?v`@*H35H>1y3j0ZpzBz>M!5kg+7)NrTmWi^`Mm=i}D62!YH4v0S3 z^>zh@qjNjJ99~B;XUQhCiJdNhZZPAadE`CoG6lNga`?Q+6GlJiJ*o4|5tK#ua8Ru- zTIOCtn>UGUMvq%7FGg1uvxmH}!}Ded$g3lsL7r(kTYk`Bq@Z=vm2jLzXkGsE^nDFo!r`WFx|bx-4)!c_d4->S0(%$FJxQa%;3Q6K+)I5 zz`t&q;^i3*IU+n;B9|9`Nb9PUj^UV22My9Ii5kl^U!-Hda}i$eYm;bOH+E`imun3= zX%mkT>W?8_o~hey*uC1F4qZqe-N;4YwQb4>lTWaKT+*7;Tftvs|$WVMsiUIk%_3 z{Xn2ap@A2&Cs)@ng6B*T$v3sG=SO5#JLygz8Uo*puo}1NscQG)gUhTiBGHnpf$3&& zdO3OW+nfMmIe$PI+=2Y(o{)X$`tY#(iUCx(n;*l9=IGsJLe!-`#)V}}hR{e{cwPWH zi@4A$sV;(F=?3bQ)Od>CfDmme?OdPnf(%Ww27RLi)w1D@@{y;l2K-`&^q>nyeUD>i z2#w3_8y^r{eXv6{Ab|{_b_-kC8+4iiAFB2fu^iM>**1}FSs79|h)80t; zLx!yu?CMmFfjO~eJ|Yi{zjoU( zTfP2M>3XgNv}Xb@J`@0-uthH?GL7_OkQsmft`?YY7g4?!q^OaXC{8BB>c=&%11^^<@LbUibJ98EI}t^sAes#rES? zeOL)7Q#Wcl(|s7vX0I5wjzNoEWC`JYqvA;P8_l0&Os+LhPk9zE0Q*Ku8S}4dm6+YR zsfvY6wz1Xdq+B?Q4hrK!Ja*?nIn1d+{VY-e>00dI8cFwTU90_!`n(AWNgN&X(*n&} z=>Ro@#eJIU#d(AY5%Sg}wK@kBt@{I6PFk$EC@9xtBUN#Y*-dKJt+vs&4E z4uG{sv&=GnH@kU7V<6E#a)2|s@nJ({QH*&Q?SpmPM?jT9mpZGO794Nq7hU>mjN835 zR?$=|CWm$+2%}$p{Db6utp>gqK7VLy!LY)r`tX8b;qlit0hm2EhAr}`+W>2;>?Ux# zU6`@rn4E*hiCHk>lP^B<_xSBV+r3vyXy5Q>dEpqpG3s3ql^6Ha(H5JTX-9&y#YaGX76v($@n@{B%S z1dvHL1+6Jf!cVR8>Zz#GOOD+&QH)eGOUh0@8x0AM+MKd(!JfwcQ{-ml*YlCv{-87@ zzZ-Vx+7|ZmPh!Ho;*|YAWM~yzu*wC;om7fN>1aN`8_viOwp>|<>ky|;;kMM$U9nsb z9HLxG`lC}2F=`$VNIwrWp2q;j!{6Vtik#Nv#FI27Vv@;9%{_2CzKdpLvQRjxXqjva zz~~k!7|lb~&H;;^uXSX(SlXJ@ukqn#JIN#S&ldR)L(g{+?y(0;d3hEW>=9+Li3=GG z#M*4e@}V_%nd>aiP7i;pY$Dm9U>ecVmnH%_Vou;!|HvkhL+M2RlUXI{s-{MoBM(1l zC3OkGaQXc~*5DQStUxT_Ck%^1!^1W|dY~L{#IDH-i|a4;oW{vA2=P5va}cB;xKDe;B=B(yQt&5A-a3x-VqHwrHW>c={1#e-P?1aipL126nNmE$9!XaZyG zrW1$l$t;YRqf2;^GHg%_#GUfbzzQdkXF`!^yLA$nU{VNYA1_JI(8vG$GKY=;9=NTb z^AHByn`a3fO9m}`!?Axg@&)gC-hLNpqN)}bfikKEdAs_~n?^Bhzh_W!<_4S<|FO%Y z=575LTyewJ#cfv{9C-WFaEJ-=!>hsWA#*^)b(3OCV=k=e7OUx&*Gf&>+SzCyRIX=7 zh^?W(K*-kl@Y5qJq@x)T$>~JJx?iEfcRj6il(MJhVF02VX3opFEDx>ZYDmZUQRyfH!ri1>0!iQ`l?Wb*`=FP5m%Olo+(wqHYYQ`=91e#cl?xsw9c%EP%Q0g+_l^f|A` zbed6rl1fBYx(smt`yI;>MT&9!P~H2E)T=_hI}1GIIYg%NtYegMswd>MLv0Er(!*#W=AFQ%Q8SAirfaeA45crllBX(OLYB9OkZ-}%sOKBz>il4=z zqnBcbZ=$%RZf6rf_9`mW9!Hhv63k~+0H{4|Nd>Ap|pI^?)>#Al7ACy!rxe|Y*y*Sf7q-w1@iZkRr^ZAcI<*ne+`rzkF+4x#*Ge>ZI0(X<3FVTLg`BWqb9rh zPhu5?>)@j7?hE{X`8@F1GJn*v@6D&o*7u}oV=}k}>~Z@#Il-_U+_7YyNXc z<$W>=6Nd^upg%IXE^b!%ps8DT{g*TZAB6`(3Qj_v5T-$w3S}C&@s0~>-kVUK_*nRE zzVRwO(8;h4^t1`)Ch3$D6d zIcm@-9X5UxSdK;2S@(ynr|YB zVMdHI55V1~aS{ofW}-=5P$VD+Ql5sW+>11=utN2O#( zVxql;b&p%sk2muK;uXS2@geiF#h}R!uSYpi7_?gNG-#U+^&~cHkDAQ$+F}zJnK!y? zM7&y(@8hoHg$@htwnwBbSZ5;emfg;wsfez&E=GwW6ZAS-VIfF}6Yeq6sr1mK6u*VJ ze9RE!k+YEb!De(FTz}>>v07P}A<`IR@@?*tmlcWx8ZMaOIJh-&UwH&3?mvSIm}29w@i%Uj9|3;dz_wh}$=ePyXv;f z0%_77M{bUS)P*jv=;wi@Ocvhd?VlX&eOxetWh0z1;9@}nkL(k#*n#oeo{cJH1)AHx z@ONK{%9Q1}J*UEgzUBITrtL4xOVM!Fz@yX`M7ZZy)Bm=U0k0~c0e=!u05F8A+~LqL zb_O}*+>cqmg`Hp)xh~Y}Z4-iKf_X@fEZr@M;l;mUbb9X1{9YWa?5C`JXam^umO{gE z$n;mX^IL!SK>W56v%Vj1X?F{uMiIxZ-~P!zX!yV;t7u0n`}6k>v*jDbwBtj zTmO0Q9D2YtRk}0Az@3Z9j7@TASKKzVBY^EMk_H5ViQo7^dB~6u!cK4;U^9ZRy%CTs zx(5-0jN$-iTIl!Dy(^#(0X6L{6oE0y1g?bzx3mF(RTk?e7W3eZC_bu+=HJ7QJt#r% z2!QtIR=#AbCjxL-N8q~`yOl59SdsXYrgew~fa&u{QM*}Np_`#`;!ILEJti^m$F;N{ zSe1mNFvfYXSLr2B9{s-AJb#)4U72W<_3Tk0s#8aMm}-H3mjnNT_73QHH~Fo93n6Y! zwZ(`re#dC)2xKX>yBOy|_6@S2e(Xa3j?i#gMkd6*J^kOKmb`!i#A(&>MaK;#*2&1hr&VCinJ&vN!` z`N->5{z)AT=)o(777f~uDjZ)dKMK0*_{@mpAQYy8sEkkt-xaArbE`=jYJ;XG(8;BT zaCcab{~FHB+L-%V^k9St5AmMJevj_WMKB=Naq4t%C2IQ&~lEvFPX-Iii`I0t; zHsCDT<&I0G!E$ZD7avwt9_oyaF;hc8K0^RzHrNBzbVyQR+T-|9@lOj0Q-vwD+#AHwXgNQmeC8vVLj8+vR ze;eW+SicTHm{)&%EM{c9yt?)mLHULoo#5;zF_xz_#BS~*tW5UB zjyOgBdY4wCbSleKbXo)f+r5S#!$h9Z4g21}z}{dey1NA^1jPKl_G({JNIwUx&FRxl z(7(5V&nlHbD22qznMH2g<)r~PvXf_;6`z$e(xFvH#GiE8QL2KW%q3$5Wo|OMmK7zx zFh)z}lgUYN=uW;v4OfV~3if{nB$*aS%G%8`jX`BqA;y{iF_Fl6v|$vyEPm?Y)7{at%LSK{;mqE-0tp_z)4oh{ggf$_y_Mz^miNso}tUNyI5f zM8O4UfEF7?|8{MP^5g|LbKCPekoFaXAFh+)b34xm`eawCDWKK$ho~~KzAnE-uM~*iu zh&w04Gm?} z>N_XRvJ?ZeQn$R@qgQ7t(8_QTpq;1$m-zKM8J_1Rl*`!`(%7Yn2SiX_$482+=C2RU zNWCFG-`0yJ_Fu+Wcz~%$NKZIeM|Z?kI4GO>ciM*0meBA2q(?}w6)4WHoA&l4^xBTh zGl*VnWs@$LUrglFV?W8OqtMCn-*CDWAo@;!HC{B)T+C5#qdWLFeUOp=P=^e24@oIG zOueB%=(^hvKg}-U`xMwe!xH+lflz`{tQo*;_wC$RU~Ng_tXMH|crwiHgyC!+!Nb%A z)O)H4WFoPjsahV!+o5pjh5iTX;_a3iG)9xF!aQwB&QqhzOc`pqW%i@^YfYP{4PK+M zEukFm>>km!!!@B6K2;B_HJbO{Tj^Rler&N=Vs$U~m^hJKnLLNuH0#>jE(C3d5N!Va zxeWTfJvp}*A=ZD~9)~-BWJdZ=_$_n)zTv$BjAZM-W&f(}q5;s6Pw&$rth%RGXXDSlH;6xO2WVJPx1= z%y_^pI_wv6z0ucv&rOD1!&G3DDzF1J1|NRf&m4)b#wkW;F)r|@+10y(5g0BID<_&g z+*FB|x!8xBf1+#1mW6MItqW(}B9${^1FtyIy2+v>mxeKyiuR4#+0MCGpmP;U$jn*8 zl9eXJK>Ps5jr6r26)t6NZ{yCphbyT-fIXIo4hzY810A!(ed;0O>yRew$w-{8bSUkL zPsflT$dLF=PZFL=1{96#b+_>17jLkQ24>XLjAu*9U*X*34>w|SBp?5^zK z4p8gPR39%w+=JQ?5`@4!+=_4`$<|(mHL*9(5X8xztMUj9HB%(p;m@Uzl;7QKnoBf= zi7!&pD#*d-8CLqv?2D8`S*orgPfzc^vG+2TinpPM!FuX_D%+{Bkf=ZPxJW7en4@ zz5UEB#lL_wkN0eEF9=G%>q!!RQJfP>eY7SH<#4${Aa*mp_$U>B31j8(2;SZEZc|lH z(=Xim#R9X#;WGC^!vPS6yovuU!#`^k}X`<~bRS_h zaxnAn+}q^^&nGPNBkfN^KDyXXPp8{$3>);-kCSJf2eW|FzWKPxoZVgFG#S#)&5ZA;Trh-Ow_>S9h5At#RI7%gb4FQ5lzo4%eT*FwkK_i%`Tzt?^em&LqDSW8ZKj&h* zn^^E((D}Zn@($Jib#M(asPX?bi%!9of%hTPfX_3~>lGg`VU}Ji+BBjR7V8dPjiQDC;lT4l*3G@y`uk2ZGsJ!c0v0{N zu&!Sg8AoR$Y;CdSp}^LzUEM@?TZ{R4jKH2;U|TtvGLmTme?ys!khdMT#boe3xK1iG z`(FykRE_&KgO1ySGPh1=%RgBrQC;S)a_EwkB_`SFco$|%l?XT;C`oTE*+j>~hokc$ zp^3Z}QW%XzUr@_a0HRe_PFgVS2t2bIXLf){%v>sz{uIMMBBZJT4IA1%=%X?NSpY&h zf?n5hF{U6NQBI6yKy9#4ma^%^TtPKKkNY`LII*1nQgV_)ZiQe2G3g2T`_U~0GUvDi zn3_ynfL}mq;7jgDG|URO$wBRjg7fIhq*qArLZ0E9lWCn|v>lLxuqQhxYZ$@p89xSh zZ^p%O2&p0xIv@1lqbO5#X5y8uFXLl>8V>)i&CL&HRZ=tmm5aB@-z@NHFy@awL=}2QEZ<-yBZILt z0_DeIE&u&xNx}?zYt3*ZF})@kZ+_}VYbU87CWQ$SdUS!@cxbXr)++SUKh6f{REf`e zanziGi`aQRhnH&k5%)e+S6&MAn!3RKk*ovm#h+7zxE`}@3$E3M z8huYDYb%yKvy;7gIyiz=!bATXq0`+$KCXix&BF?!VoaQ!+Y;6cWoTP5bUxspl>f>3 zB{D;?qx~GyY&U!L7Q{?h6IYH>qnS}9Z6O&f7v(YgEQ`-OGp0+@k7buY#AhJPUwJEG-u%AoaCz^Kqdmo?47k!^omZsJ+RT`sd1BEdia6zYVt`G{ew4|@r|YS8;g?H z%`Hs>CG5MFk+~ZU!3KbCQP?rg?9XhZ>Ke{+2Wt7t!27)tz#?xu9rhONqcAQJ9l``t zMz-xN9cWcj7Q5dSv4xr*f$6#6Ag7ie<|?|RWt7XiSr&$ZxHA+}ut;W*Zxg7z$!ByK zdYi=0^4uO#;pMxqu$&rBDt)@pk=5t!Nh+fy;3I7lY>PW%YXt6}%HS85>`)Ip7(g*I zqmhpCTMS>heZq+V<`8a=Z)uYKhB+TiK2_^i@`3v|>E0QaxSO`K7Q>M^1g{k7Us7mq zXR&bk^nI+Fwg09Kpuy@au2|Z{*Dqi$z!-mdi!g2aa2kC3C6-ypmO-};HPZ_1{gOs` zLJDZFq??U1>B1b3ZIuELqRSH(PbIVz5Z}Fct?hvIP3U@IHQxxj>iW?(Am3|)Sqy0N_wv?> zx%sV^Y!we6elnOJsUB0aBT6CQ(UtJcRu##7=;ftxIqbAE%8ho4FcSM|07R;xFlw}@ zgD1DEUXnu8P9*GZT2fJS>1 zNk1wm00evE^g$SO!vfLS^xuEajGMyu{pmp))P?c4RK zrZr+U%Y3kGGURNGaZqdi#;WdH$8uX?R@fa*i*GP(^_DerpnP>AE_YB)dR_9@mRLggobGO8zW0{^1Gn+ z%b!@pb?lvL%cFufY^X$L7X^)AR%SGd;#I{fvR>)|(v{ zlxW$`Ynw#U3#mIXMit#0v^hFSGzwr{?q$c?Rx#70Vaj>0Ayp@HSM##61^IT7Q?Die z7r}gTyd*i`+Ask^0jJr@5$IlpLeUrE+^@-NWHzECWd z;udV1QB_7JImT+n`HM0M%H*_^a*1+21Pb?q!c-1OKeyIzJB07X?)hQ`(kx;P!))iQ z(PayA+cqN1m`;0~YZx!9hnsRCz<%@@oAfa=rra_@Irs)~ZDv*PTA{7vFk&j>i1LUXBEO(QdCiJ&U^B8=J6~!w(cDdgjk+N21EA%6!qGyCm zlPICqK918l(moa8L@?u^O{k|#J+as;^Ta*L6ZGn*BJ7xE@qYCoi{&HXrd#IIG0=46 z;~@!YjZ3rn5yey@6=%vqW9R=gDboHS#AIt;qwrD?{I&DmdQmR(LxlRQBOCX+fBZFY z>~*9Q^pF)y?D=2ofb5^|RxIBI<4^@}gUy(D$(fOKhFTe+dH;0U)hp%c*RY@DTC z+>m_)1bMuQW2tUwx_bVcHJav*5}P}-iSnzl>)Y7b8DwCMEHiR3ufHDw24YY}JdiK7 z;BVV5Tr<>{I}a(FG{i~b#{yR$ng7r?>lFI6&;HFtGl3Y)l_pq4E07GFqR zqxHUsi(x_eE{3eG3j8EubFQW{5r#4d9rY!TX;HH-rK~&EH;q1(LIP*aOn7gK<)SVC88W!AiX4QK>!&y8cPwR3v zfnC~ZBOb^|`#(&*gLj?r(!U+s+G%W?JGR-_Hg_7kvDvgq8r!zb#>S4*n2r6*S?hhD zbN+>Ut$WRPWRbe1{B6YpPUEle=5xAbFWKG{th zB3a%|)>!VudVD>sDoajjE0KZJdY`z1hB~VB^KajM-uAf)~g}Cu$u{2}=&9|ocT68qmOtQKr z|5)3~FEwkk-H|(kSXsxdJny!X58XbPCF!2+_!`q}A3GA(uU|7kZwUq+(bgm#K_7b} zkJNq_8LYg&ItSaB7r>L65)`JpwHS6;s`iT*LkJFBR8g?%1}R0qGPQ@Xln><*`K zj-X2sgD}OA5(n`yDqQQ<1oFk0sp`cuVU|6tq1cCff0FGXM8&`C#&7dWl0)TZUX-J_ zJhCJEg&7$uzLQkRo|-0L?ee6nR%c;p?yh0=6eMl7P`Zk}c2gNyoQIGVtc#;Cr=Lxx{5w<1TJ;BmK<>H$&XyNKCkE#`9uro8KT(-BD+C6YS67(I0bZ z&Vw#W{6X`aFm>saKmN9tU&QL#dT7Q|S3h@(PZD+U*hO86c_MSQT9@O0X@s-qD;38i zbfyF&)@{1;s?^@F#ZvvyV%WQ>_1={#uq0sq!Yp!&Sh-{m@rb~gvq4Yx-#I7t;8{eC zVfWRD$eq4O=uad7{o(jwo_C#~(#{3L1j}Gu^S||+QmFLukK-LB#R~_I+03#R4w#4) z3N~bV$p#EIHN-J+v8pM%K)&OqDe|w54AktvW14KgD~4z|6OI?!m!JWU>&VOA)v<=d6C_2`^7;&2{)-b=9z9;=t*?HB~5H+yNdZnknwv4 zXcfpT$O^O9qomp*l~{oe)1e9^QX22waV>xNt_w90A0+cPMsoH$vO76R$hV@Pnd(cf z4yfMKE3w1}T(_lOjmEvyn%xf=XsmAcC-K>YWyHrOgBUqYeOId{6|?j^{DpVGG24R( z(@3Ec+Xf!=`pNi~6oE#qF*&TNkg{0T8T74pc%iAX=|Dlj{%B;9PPa{|u?c5hPSe9) zSXKGjLCs+4U;gJV@EIrKeN_A6@_5+x{7HJPsr(m=?zx%TrnNu5mhrv z;H)o&0uN1vBg@!$-fdtqL(eFYX{L#!_I#!Hq&=BLmY`Wnh4tk#5(@d<&i7%OaGgybQ@^PyR8!YY+GT9R9(loN_*zd4G6eKzq1%}T)bvCOr-@f&}9d@)A2 zTMmyqwhl^ci6()JR7^96bnsBru^*wvaBSQs+0*scs1-YeeE=i zPaWdnYXYz)YI3M6kuv$BkJSIb)Sw%L7x-TDrU2##ON!OXUp4vzuO3HQ{iuWSr3Ty9 zj51|RB1$yYX>=Gm|L!@_^pGLKC$CquofEk(Yetxww_eRC6(MQY^& zc<~=rEPxy`X26CfG}S-!`ji%?1ws8#A#$gF1O(}`>d)TG3`bdO<{yg5oZK;e)k1ER z&{6=Ll3J+)STXh+u=fEJjq-4~riEnd z?7k&LG}!aXzMC=Z+WE5Yxfgybc22b5_ux+8(f_ zy2MXQQh&^aoX-J3s$X}D3C$dGEN<*M%Gw6=!8J_^wK$pwZDfLH_(bC1Tx=La2-DV4 zmC|Y^yEe3HP^?@Ekr{IYL&HH_hcjYw_O>FIlHLp8slq!uREE%cwFo+BZYZ(G`ucm@Ve~H@nvoqd;jtI3AE2p&50Z%I!b`ZO5_h2 z8?wU&qQ&!U_s7H881AM-LnH_9lwSxGouIY}&PS-EpQ|K4W=bB%H<@$fqR`Uc<;9sZ z4lFr>K(4I!x8nT#jWhX?EOKVt%T`5UmN<^fkm0E{i5D+Vj@3vlb^h{D{3F%3V#QsI z9jB_8uFq>L?XawKSrs_(4w+0A*2}lEn4W$P1Q5LqySu?3t;n-Vm+a<-91r{rJ`J3$ zJDqGIJkS2pq;@hP9kqwo5e?77(Au>|RaX_p&ug#mEV}g)0JJnp0c$>#J)twMixXzE zyUy(~{T?k}s7(pdS~kD0vo(VuE)T7nt#q*LoUX1TSoR>Qj_;FTq+gYW3e>pt^kIHj z2t_!r2MIzU47eXdTkm`hC!ul!WcH5A2MnUrUrqI}@FW+G!3JxZ0)J2@X*B%|w6EL- zm_I!yRS(+RYK`V-EV7j50vK5wYSesv%tTo1TCtVxTr^&2F_jQB>298iy~PM!TyP$f z%2yco)X0?qLmGhLkbE;btS&lxmX$I(*6)eCD&R6^`6)8Rset$i7zz&fJ9} ze8~usVWvsKZtMryh=8Bs7&3lvL1Gn}BITo*Ys3ir@%ei6MuRL^wxszEamWv^StCqXtHh;1)My>qF2Z6vPaT*r6szQ2LKd&ryo;`Kg`ZUA_eCi9Mwr(#Wy{t+;Rc-%Y#@V+eW)^>ej{Z*Ohw`VHCjDuBDN^cu7ZXjkm3p4hEqZ-D&9B;9CI-%|N3s8`%Zh`fU* zM?fr%Q7?sH4&ukWN@oqgCJlTRLnm?T2Ay_E(MvsThGV7Qx+f>5 zx1m8*w&sGw@{Ihp=UQT+MQ5dKfZbkfQ5G+39oW1bLu(h|z8!nr|Bg)bRipe#l~$?| zz~Wouabk4nN#-o?2tKnEr{N=ft$-457{ME{zJ#|=Lm@iml$O$V{Jkl%ryDH?CAB2Y zz9cPJj-OTCxA7Y(Y;b{X$g=b1kiYg6!wZl2R|Wdd&z~4!(ZnWq0z=ID%GBO8u&Q~= z#i*w9-41`;BB1ltyh@1EaL(m|pS9F{vE!=GECT(J)9<1Wtqnn-)cw-y2^MX z!!-R4k$>WgBHt{tT`Mg#OiwOZ+pi{382#+*J+(h1p(1W4?4|H?jjtG$i+bSS?BVrhBjfL z_b)F+I*p>Q$^lMt%V*o;&AxEn_0~v|g?oIfZ%?fl7p+pG_sXF`2^*$T&zR8um3!Y! z{=q9GTgnJ(i2t5>eEh4&ftnK_qIKex1tNP&HL#)XkJx;{?|y7@{yYt&5vIhZIbA@$ zh&_LD8!J*ONDE--^I=hI!R8EHEi>+@xqFBEWE-$5Tk%nD*QJ^yRe&22g@<*LbQY!{^ z`2WVkWgsI_L-P0Bd32Vr56&V@;AYLBDGvo6!`Fk*Vx~LND5jId#@I=$CAS5hk-v(H zj@`6SQG|rQXrDwA$XPFOr)G|a1LSz`JdBNN%pByat;)z>WAtXAhf>)%2IXFhH1M%& zSg`Ic1rE(HXldR1gD_`f{ZaoW41E2>3NM>`jcB@O=$D!v&CJ?!}463(bqVq-7^Z!p_c2&TBR=(^0 zFMhXW@CD3z!RhPbF?t#Ht_)J^)jOhRTT*Rd)QIa%3>9n8WUitXF61F?jTll4Bun#n z>teaMyt9!J0p!Ou>4%ERP<bTY?QLDM|eU67Ts;^Y5=Vyk|zQpH(2S9(mGTRK<_v&PcLy0su`)KON)6+5)2;h(_}d zxv~_3GW_V%`51Rik9PDUl(1ezMnR_&560}U?}bPt3&htMfnQ2wqy0i(m#35uqKjY_ zNZp;eFOzoKjndU$#FNc`ti0d<$Rik5YPfEdJrTonnpE4adeT? z74%(9*pqT3RikHi9bDP|AQ~Qk?_S`$983JW*T(DfBJ5$U?eB}tOOnokdtGSSg{>la z;qz+}a!TC4`_g;Lo^=t|A_cYuG-$FV11#Zpx0E`CN`X&e3OGVH!?H>@$`&S>1? zBZ$jeJPV^43)RP{f@5VHt6ODfXPz{t&vDdpnNBY=@FXKm@JJtB#f$kE3 zw>W_RPp2pHF=L8=i<###}tO! zDzjwS0kg(JL=EWilsHD-)k27OW}I_o-g4W`d+bm~>V%)g*=d@*p=K3|stXdGG1&kg z!}!Sj&*z;Fad9YIm=7i+2NL+$Q}LUKAld8OG&>JA+(S+q6Q4mr$~DyzG1-(BueE<@ zI&3yo0Z>N;j%N5j=mf8Kl&SMe8DFOFYCspqF+MP!-$`V=TyN(|0}?7ULuLFq&Nxlf z)-jY!c?^C+Bh7^?w>5TO6I^{Q`&vDkVx_Yjhe1CNuTk3$`Y>4==whqQ6#y?oXdv8k zSvp0N(&*X)Vx@j;tB!Ak)C}A)H*=94zQw4{aWo+zbw*P~EGVw^P=gX9<~O;HYT2 z@x>W_n1lS@^61EBIBvSo2OegIbc*b_#ONL7uv(?Yv~PTVSgWeVgRa%4__jtYTuXc$ zUqidQwBP>f!#1OFASAqJ!t;Yph<&ns*^a1wFZ8se4Mw^~12qSQT8*{arUL$spx&&352BZy;O^5mBqG zUG@HN44Z>N9x6HHQ%S6>b$5H6N+xL)I|k9Jw3E>O(8c!v^S|oXPYH$J$I9hxEW}QT zl*Mx|K%~jRRE{EUY)M?kcEoN-Xl09slt2IZ7A#!^c9**>l;fn8F6rnKdno84=|nb$$Na2Wkm@L!+OvmCzvtt@6xP%OhM{@=kxte zLyajAu`2&Z#`Jg8Dv5z2&(>n#G;pm17j7h?OZ_Y5rG@Oh=dSeD&&$L9p@z@%I+5tD zd;O0%5gLli)hzh`>j5{b)^pn3c2I<$Z$r9DOUXU&OJHF&-B)6ZjQ|`Pl}^Znx!-%A zOW>u-BORF>Rq^WKJ*#ypO26S7dS$9B%GGZ(k1fJjpvNOlHbLdQ{fl`#nqL;9K*i3_ zRAk?wWF0pQG{fzvs^VV29FenV$q0vQFNkdH;x!8l{wODpE$qwWhz8^9U#a)vs?!$F zn-mce&$E=bx5mZuWq-vb=eqw(ri4AYUQW95v z;mWM=R|q>5kB2LS!Pp3vOlPq6G4zdH1f@Kbwb`$=wn3W}Y~{3!40xFpZC*A3LIZvc z^qNYA(6{Fl1~P^&V^-bmjn_>~ucIr$Be za7`|t1$X6&&3Z=eE(yM%qAt267s1px$LCAr7t3r+p4xhsN=AJbe%%~E|JJ*6&2C%G zS?`p_q;-GPYG;(>!_vbv6h{#$0`Moe#(K*q~u7##z-tV?&xY_NvekSS{6Utt8? zNMDBszN2^Jj!USii_1OEp8Li9wB;5pYTOwP;h;=k1>M&v;jifs>0GZ*x50O1TA?vC zjn{I`oGto?fDow=asjdI`4Xev1*qH`|1@mhjB}R;L=33w{xU`?bQVMws?jEDH@oHn!RDQEk*@a-FM<;Q!X@# z0Zb_vrPS=QXO}!J%@~U)*{ZWlT!t~zDZHkfw1q~6Lpomc`xCI z5aMpYVv^fM1ef6O&C7!gPyG5`7g^#ZL@W+Qbb6Z5CM!yWgaQAn>@eN|#w73%tDj*b zwLWcwbL20~`Go)^_dgo$WzSdv-y$#c^8Jkr5GHQf*pm+Qn0|93=w*}YCY8+WSB z@~R?oH-_G3KbIckej*MjH59RJ-;(F|yEs1eJg^)=SWaqDL^rSbK((%xH=Rb`2db%A zL~|_NVvo&04=aI6oyoGAmv5OrEsDl~n8dL*oq;9$GpL8F8U?G8mmjlrZ=5&RmcM>o z{%j3Hg6SfmfP-f3BcJZ9gNJ4ifn3Zj$px6VVfj{&0_Q^?2`$Ez8cFh$?O;n zBAf20+HEeKlhO1W!tZByN8bBnun}Jdp7Ar;qfkv|O^&-QK(C5Zoo2GzPY=-mT|d68 zy<`opt{IAjl*TxZ&ud)-XQPPqyGnONUk~oQaL6Hi-;-)j6awtqzl6$3wA1mSx;qkBiWeD)^z~`DB=enyKEWUoX9piYooqC)*B0IkC;6Th@g$=5iVXCP7#ocU!AGzq4C#(ZBtXdw1bS zUlHDzBOE@KBwb^3x!ed!w$Qcz1#B^HM5c|K)yoyrj>MiuvJv+W6}IXdySFdTT-!LF zL|$!F8YRiT1oGaKnH?UQpCJ3cGc?i8%QH~SR+a)HW9XnBU?BlId9lwfe&@p)12=5l zhpQvkP0pR6>+mvJk{aYIRD;R;57n=hW$pnvUyLrZVNM;z-SLVnkL{24)ALmA9;Bqm zhzt#a#3RKq8{D-uaTwF|ydvW7`faAo6Y6}6@MO(<^vDBiDzEfKu8lr(X3N)s?bL2G1XTz+qCn~;c!=5e@gs82+D(FEPCC@jz5?TW; zOeBh_EO?j*J#~Iy?Au$@U`!N)47Uq72aC+gZ`4b-w2`e-NZL|}{^mwblewdrvm0zK-MCIQ34caZYn~DxkSSR9a<Z<4MT%(%rlNk|a7N&My& z(?HpgIDCdvgpg?V7s_`%cL9x6Jeruj*yCqf?IDQ$-!f;n8EQ**Q(gH$2ERol)nUzT zJRh%$RY|Af8PN`2Y$0Bx?Al)?9fANifm959mKTDFlJ zBU)Y4;K?m;q9*z#8_51p4VURq+-KWo3Om**Jgx>(J=T191}_`ICayHSZ{G3I(feEU z{We3ZFW(q}^+e}s^#?`X9Nz!F;jfxVk3se~(3!rb5_Jg`eA?N$^>!g0K7bNL2p(Hq z%gwGLzIbJ-9)Kl?<;SdtX2@o3iL?Fyabt?he)(IKxW{CI*wS+TjH~!KO8L;C^R-BX zmR={y)B86dys@^` zJ;^7^x-0aRZ<0pU_@?<j>sBZSMg6kkn!VHT=N-(GH#M7b!WSI9MiO8XFQGH5I!b zzWfki708On%>lf_3K-P8#}(s5_MhN~o-B&yWwt=)xUUoEfeZ3NaVHvaftt$9xq6&$ z**HIws^hw{^jmIa6(kU{)e=4fK6q??V-Q5J*$y9hX}=uz&J^*4>$zHG4Lh<9zT+xu z{YeqxTj235Sk$9f$)>J?SJ@J?=>IDiaSnKFzwI(@^ot^ZLtxD}-a9kqlW|0Hs3u@p zr;dDafO3)I(bvXl|9WugjTHEh+8rGD+E&vj2noqR<4M|L`|DQu+@RcZshO^?h+O`+ zfPR?a`Ez}K2n5}!nS?d%uO)&D9rHcUFgmVE1H45kjx_;;1KeO+y9d}8*bzs>%pqcn zBm%HgU|Tb*W?_eMW3ZMc3V@G7q7efR_Pb@2nC#`AUT76Xd_7bt`gG&V7rk{vm(VnQ z45~Y3blb>W(|B=1_DmoyVXwi z%)?C-P|v@*{7cJ~D!DpGwvd;{_j_DnZ9hp<-vXYT@$;~f;LDLenOUXQDGi#d7(HVa z5@=edc$kN)C63#IXD6%EF@p+&IYk_P#LDADZy_}-OP7o)VswMAjXnxokMW*%{YA&7 z#Q2+wxrzM?j$AJWTNCRSNjGP9>I=L8mO?c_4{)k7%w{-5uZdrg%`&_uKK*bavtrOr z?VU-W0rlgrW-vV?1}|@yP2GWso!?x;i|=_s?vmz=urDe~QL@H1#%dyW)o+m7Ne=w_}q0K>b!)f?edxVx9n;3I_^*riqb-{uJq1Pn6-g07n)e*6` zGgsE#fdr!)>m8kf5*GV`yR@tCJ(Z+#q6sS~Fkn8_1$ zFD`&{Sw~pYjx_(=ZDFUBs-i8&@hKVYip(fynMiXh8c;_-9f@)2iAp6H^?*~Km5X7L z5jrLuL^%Y~w@2pJ3ze>7Clg5%79TEIw(X<|zcS}AweJ=ec2E?4c;IMz8Z+Br=y@Hf zXft@stEdN|phIIn+?p+Z*^!>}!O*d3E>`hEcF%)}sgd3a`w`@&RXP7m*)FB_-&@Yg z*P42OxV^R%>j_&2$01Lx0FMJZTCsR`*S_`IUgRNjv+ef^!1b&(=}_R)Lm;BD*R`f% zDLa)7L0w^g8?3N6tm#(^wU?!R(L|~y=9ixUF7;A#Bnz&*l|dH~PaSBA z`ODs8I>Z>5#)ri=`}q|HkRlRw-~7ixdNP(+e|aatZ>qs5kJyP$lLD(MbvIvN1W_4+ z0?WZc;>ZOPW2i8)kDD8PXG;DZ8X1od{YKkO%AcVOfA!omRN~-e*W=nF zL*NC-PIzgyFsk2oJoWOhaimtf@v@K;c0Hp(6vNDavfrPQ%aGdMW>KUC5Tk30Y$%X+ z`(kP4$xYsd1r@|Bcja_(+98AM8|LyUbvj){It`7q@%lOE@)mA>$l_{lj*OK&6x`u< zZM0xZ!oqtEs^8y%1iQpprrz-+`J!Y_)Hus1;|=<+v7p^Dpm!h%;=$+sh3Bv~khVyp z>y-l+v+oGUtpBMxOAe(Lc%W)&LAS@4-M}>$(MG%pG!peZO)WoyMm{fBQg`VSzj{9J zXmxu>xxd$H7?G*9K2K1x4OZ_6h^~gxL}-~F!s~c$FapjExfQXnVIg1&!WRy^Fx!6M ztETeO!BbJt2Lus~X{^#*-F7;a7^36=5L#UyAZkd7cHb4O4O6%(SxRmuK}bBpwYoE9 zy-o@lCGe{1|7Y>+&J^4ROkxZra>w6JUeP=JI(IraKDtJRh+SH>?) zb&YRnSj0V7h8RtT@of9?g$2yPV(x>nw*1AM|AJ+^$Z(w2l^`>{o%&JvSV|2GUy8Pm zYzhvA-4D5`8V<@l--_*xIPe3-dN1x5^*4QGnls5P=IJs^#B43how4guv$e@SZ6n^0 zA1xmP(8TD1F~ho}#fbqCR$mhQ6_zPzwOmCm1eT=K(wNnaXXGyT{uMQ}`dteK+^6=W z&A=l3@{qPuManFwbx1Dl;Ea&af@sPQq5~DSyk7D-ZQu zOQayy*6(N`OQRY_7`Sg7;WG8}_lQ%{G#ACIP`_iecIZ&(P;NKAe{Ld7_;zKVRSy&b zR!z3%T+<}F9m{n(zXWE8*!9*Yx`put#$L$cp1zlMrT4kNoS2u|@3)YL;-iZ~( zREFH4aY7H_JoPO*k_c|-q+I;Rkgv1-P|e?3Fkd%0<*tYEa|_>YAK&HDFy`}IsFb&I zx?9fl!SHx$6SC)q=>R@(+xI+!6il4@-_|Z(EbZy}t^)9}fBBM>V4@k_-ieg9ds&s$ zK;tK)ueUsgfpXTfKCv{pXomf0^!lsWs}%b?Qc_&_^B0j8^bm(>l?K^L9W=69K)Bcy z&pk*+1{5FKpt}sw^WKzty)dAyIwN_UuZ8(lY_53u$shFFX1yN(fs}fne8~nuE@|ly z1#gZ-O%8!sTLPByU@vkooO#LTLj=s3icZ){$vw`(b}~gmD&$WdAxx=$0#mF4FS%ir ztl&Ji;G8jjbas#KHg|jqm6VUY?7+srjGODEFg`-se=TXEOo+xm4qNr`XN|4Q5U{(i zzzSZ^N${#jc{qDyF|4v}pl=4z?U8&?sj(Xja+M@2s}@yjQB_%6GH9`bAQE85f{_9P z67S1TFnb}1c8g{~< zB+J|Ds!cf&vVq;@+v2(mUB&K;`^`26oS^Ob#zKuI>Of!Jw)Dr|)0ziPtrR1*EfS%4 zGvadWUI;lgEyr7V*@75b094U8aCkWlw*4L6 zf=MjIsok6vC^u>}m=L>Fa+{qX6~pA|O%#FqWp%|B(vQU~2G=MGyNn`u73{ z7dyv;sc)lIhMla7X1f*iqgFb-B*(%qnjD$b_rv!yaL#+ZThX#>R5aa{Ufe39>6__A z=Zsx3|HjR@%j9FpBv7fssKtu3!1bXgpJCwV)aV@pKo{KW&s_13P-MCMoH(4)$-kjY z?Hl2YBlx~B3cfs|8g#qi1>S$$u-2`nr5S22;dzRz<6GLGB@Zq(=Xmpm!^uaEuWJ%K zi;2U?z}`PBOB<@y5k-?AT6-kW)IF#P{7VXp2uH}Ex{?dDuJ4te6&>#_#wc{@EOG~r zLe!9xCKh2&`v(-^W9AJH{2Hs;Af^awcYra$iq<%m941fPf{rZRF>W^leX}khR$8UZsUghDerGAqM=^DE_^0f$TH8!SBgOI+lyM!_1s_e*`Jlr4|X zdPgwRpF!q1wSEDQE>GjhSVYBPoK zGCqGA+;({?R^~V@8d`<;!Gj?vNiat&2JsMBXkWi(C3*8^RVTq5rc*X5f32LIE@%V8 zq`?>m9^++uJ=(ftNB4Rb#i5n6>t_4Zufu1YM z_&~s2$A6d@KgC&epPTpdM0X9o8lK7D1AVQb1S8AQ#3JEkJU?lKaS<%p(|>7e;Y9RG zf6@KQ=PR@4k|^T*T`Gx1~iMLS-+A-3Cdi+NH6PbAu}DiQ0_8NzY7Zhnf}jA)6<*4gE6N-uM}M*V^y1)>!BS+3V!9Gc%1x{GmK+>@~?y6od@nna+;J znxr+9CqAsGKItV{BfN;$dU_G4nZ8+dRL7XaA^Mij8o)~2O`T-a>D9OM(H|B_rF|!| zHFCDRO}S@Zpck`7F_Fq{7|d;BZiD)sJ=aGBGpE3-n{SET18<#Dx0`f0Um*Ksu~AV% za3{g5;ajJrTqr4BR)Rr>%RUm=x28XZPv*XBjNNGXqwdlLbF&NZmCT3z9Y(voaF8=J z`XV%EI;qpfj-k5a(S`Z&$Z%+JIw&sXjPu*FbmGH>!w%;1bAgA5PL;WorQ|#k@8JC? zV950DjZfdNMS;cvc=C*=K=9X zm$sZ4*G$y~J6 z2tEN+^fQg}F6}O7o&9iD3DuLL81Q~OMi1>Lu4FH-u^;MX+lLyN=s#+R4f^MdW1wVG}pLGXeITnArI=|dlbkf#NoN&>% zcvlRxV^=0%mdkwgIZZ7q)bFNt$b5DB0EcB!4Z#0pjQQ`JAvi0cI zWZ18vLY6&VDxU|S{cXiWIcGu)F$4UwvJ2A{0XCVZhk8|sby48Umn^V%yGkfYE%qJ= zcVfs+xs;LYrVU+Z=P{MlP&2esFk>Xgpt5>E(8H=ovmjVnuFnuq1$662$Xhuo0DQiT zW}Hn;Z3G>_J=A&Cd~YLrt`N_hGT`4O$0Z_qB5~MLJ)wZXNnJ*_stnNqbTCB9X{NS8 zFpK>m+m;!%BGq6Tv&QrWdZ4=rj_)d+7^za~zWS%;N^fGF-+i*fx;I`Ps_O^X zp{Udft(V`4ZD+7HD*IsoE*k>lX(&OU2l-0H=KEQ*fHUhy`z$6WGiVoPqr1T;tOHP+ z?Aa58V|Q;Wa5O3Kl~&607MzGt@mH9{cH*`S3DH3Cn;Rg&A# z1xsM={))z6q1A$+ZS?=mkUYFw?ThN#V1MXw)PFKeyA9&+FUOcN1|s9Q(pQO=(jf|~ z-Wm_zqckcas7(xISyKjwMgcIXE^7B2vh(+Qez7>P%S5NDY{V65MnCU*by)$YKA(Ih3U>l6UrbI}z zi0FyNd)>KNP28!m-zl44J^3Xqy~etT-w!+$?ze0vwsuReDOer9htsSg zwu}Q;Yu|@WyWQsmWx+ zt~JYM9L3uc=Zn|=n*U>)@l!sYG&6SIhJJ-R#I;~4X9Rjdu`ldgS6qSnE^zjls?Uc; zUI5wW-JK((BTS?rpYTj&S6FP79bSWs&Sim)Uu4@fAj)eh<%)X2-wI`WH_ZP#!hiO4 z*Xli2maiY(SAyS^mKuAD&y`RolVEIs@qZ+5c#NDf%TOK4fp%j$^O^%RZEQ;ft+Z2z zztY(KnkARGmLipvu?^KzE|?^j9xg9BvP^Gj9-!qs}MZdlqoSkpyk&V$XR)Y%#-mq zBY^)r)PE+U_en@RpzK07gEzcB{dsR$9W zGR6S=1X9dYe8+@MYv^kv7rYPszGMFZl=M%Krb4U!8ER_(<~^8Pu=f+D1EV8Z%wBtBsl3yPOGgvbw#VE6y);yNALzCort^J<+BR~3WFqnjwvja zdBZQK2mJLUibj)F8vg6|U|ja>E+3m4Rd*($6DtGwB7N|j{% zzd9ID!v8j9K%X0bW1si1g+Wnyy!36z#4nclrn$l<`qoRpV%9`AWk#JGCbbL>Yhq&k zZY%J4EJ>YN6Vf!by`xJt4({R214<6=BYygZf_0dcP*jZ}U&KIx?ag?VK+j9hb3{+D zvF{Fd&o@T3F3hC3nJH^xdnp3>!LvUEeoT@2&4qznJz_9SYPPOf{07KDz~c@<1J#-) zKu-~%I;5s*?|HPRdJcJF9KL2X>>}R-Sm&$62frte#7JwF-!F zs}iIO5U-+Of+AsOagAC5r&hb*tP)GKByxdJ>md!A)7yODkUdE#Y!S{(`>kPMFBFU9 z^Cx}=eVR77(XB^~y~EYox)75Y*MlC4*P1smoBX^uf`dqPCI~EH0fhr3i}#eDv(=SKjaUz! z=6xz(#}~`5pKrxORJX{Fs4!SzX%-`_c6tM!=0!btVY_ddtoib6`maoFO;LDImcCOB9wj2R`m@+D zIUo=me&sAo!#56i*A#r3S@a+&L=TSU$Yq3JA^QtI&-6h1TKWWBkB|q)7?4~H>#pNC z8{g+x#+YN3B^t@F!J>tY!8SQidAP7et&v~lVJ9Bi_u*xF-z*stInjI)lrC0BeI{k~ z_MZhTdk0(ny%wUSJPHkyl365YE%9lG7RarW@H!Xk zTd)46`<`;C>mLW^ocw~dIM2zDC_{kGH=#dwnWAeJm)yHB$BU$Q4KhX9E9x{-IV4Rl zHF|Z|J`G+*M-$4gAE{M)cvXO{O8Su%c81_I@CqghI}^M>^>bi~ZHjR?`;kbYFX`Zn zUG^OI-ad5=y?_g&?nMCgrN24QLr7mcnw;hJ2@8VOH9HHS6w*Aud7b_yBzUue`ub|! z6RcGA)vdAkr{3&WH5i03m1oybut9~fX3QRN$<$xP?2b&4^%EQa$KSmZfZC#R?k5k` zg16pB&Y{L|F?=cA7oQ}hm>#uu-zrmWZ18q9lKpy0>T?oVWsl3a=TX}e8OH+sZGh!|Q-W1S||P0|lhLrb3V zyaDB~cHIgc`Ot5@vk?l?O-o74Kg@OYjw}V1-7-th;da^>gRB31whvVhqG^>1{TN^P zr+?r`u0*XhO&M+(;z_~$u$B-9PVV$`Fh^D6KnG+IBg$9X-3P1f(AW(~jIX-#AS?yx zwjXX!cuQ!z+=}?eSCE&J1e~q1?eh@?d3?Df2E$fv{ovrzOWgXlfI$4w%G)0<9GCWn z_jz?^8DWzMecJqY#L{|L@SGFwOt``6qJV$-_r;f=O3B zXqf0X@7>1t8PU=FKEd#whUT%khCIh>b^G(d^Vbr@EuM{lEp(07QBn%OqX}iSFzyME>G9A zj$R=csWlhUXCr z0H4OL;hMPr8KR6EaWuxD#!Qcpeah@!r|MYH${`QB(r8C{XTh95r)C+s|nb70wtXu+hnP;|BAo32O+L| z;jMF|4cOiLZ3ujvxJ@NyKntorJ1ut-cZ_9l=)Vo zvua(3ORKi8Qdx^xfq4m4b_-*GoYJ1Nhg=Dp40fk|=Jy|YO1YWNq4=zl{zR4mta-}z zbj_yBgP1hjSusg1CKpcMXj_vM?XY$$Buye4TB!SS3v&*oQ`IglY4)5CpH_Og3;Z}G zq)G409S*0Aj(L*>*7>8)j5M_vQ`~3qn7%>kV+E^V^d+zivASft!I#6KbB-pkqW^5I zHc63S=%|axL}^tO+xkYkLZP=6Q_Wc5p=UXp+QW-3MYGRZ8P_l` zKYJaU_~W$eVFdAL(eBg>^SUcS^*aBt96J4m+&_Cx2@zVh#KM(~CHfnV!~xA51+ECF zu2#weSM=WU`IKtf?QatT(bEl*;o#_*4%xF+^)`N+orcwJIs;*~$NeB?B*W!jj4!rF z2E?p9buSSlPKG^r=gC7DQP6ZWGbK8#P~VIXQPguInp2a0b+AS zL>G^~jdwBe?cFy3{|fR%0T4%D7U1DEekV`SGoTJ7a;5q*4vp~OA%KTMa}1rEt4vk) znMnae$Pk|8=sw+WKr*tR{{1RHu>M%xtU;f@=5ICWYmcIFVvx!ePD61;mMK2pK0VWu z8Y+lAEDQIQg_7GsCmjS@#(cFH|7y5Ew@*_mcal$bp4jSr$iwo<^!a)7BIY|9bEWu= zWJ*OI#aYeQMu|xmdzmL>z{^<^^m0*b_%ObCwo<8JPw=bK-=jZRgWu{4)qq9wj$Rrb zVbj}-UuLTkEi3qKqL4X;`+`+`@A3B)u{mmpmJWtSgyAk^ol7vCXxW^*)nu!`=R7%c zD6BcBFP>rQ6$K^jixT20CuY}3bmq};wtG>UrDsQEmJ7e3Pz-WzroTJ_`Ef-MghJ$2 z+bMnA$N@#TLjR01?tMNjH7-zy1GCJfn|EC50V|Qu zv%x}|95fHwvojy}n0?j={#>IHn6taTFNXL;IFTO+D>{EhXaG01tp;n@l@Arh3f@FN z!zgyVEH5u>uDAVDdlg$mxzsKGQLvUkdq@`G^~v;3bu8{*bTU9Ha~;# zm=ta*e`w%1jr{1KxK*4uz?2dnK`1TpwDx?c8X_BYME4{7d}_LL^=zD-wMYf|mLQG@ zkiWz^k-pDx0zEGTAmmcgT`Ic4mc z+l)g>;{>*jm#aW-|2@Tm1r&=7U`$K2p-CG%?Sl=YX2_Y% z!Fps7mBw|NU%{Du4_-|*66o~@Oq*&V{6DJR@vqYVjry)8H`%r(+cjyjZM$|m+qNg$ zuF1A$vaxfMcbu%d@Acrie)penJ~&^W<2cq@?{&u2M&)A@^KdwA6XQxFS3%2){Z@3C zLw&P+k~~Q9lGAbDc{a!_e3WmMl)Wia1K!h5nf+Wy>?uSh!*X)&`kjxd7H;(U*GicF zB~>vR%UaL1@ZJEFzGljcJ#hyK#BAI@$&@UI?aQXi=WK?zf{GCOp~*4ZF+~I-2A=Y< z?NPvp{jAKbkAFV}t_H(Tyk@|UdYF0c%XNAx`#NzKW;x8XXm#9kxw0&^8yeL}g+qT! zz_fy3u^;g#Vq2G#wiGI`M)H*-OIJzaLe-DJ@phItFiHK2#)7dc^8Mi`X52_+{{jjPV z7e$12t~a>5VHStr;CT^-j5coam&IFJ5~am`2Hg+DAE`h3{L4l>W%&V9D>e`yK6Heh z?=zd@ORaB9h#oxIi(3Vo1jkC-jh}o^a~5b}cMKa3rcZ?&HMo6;WOEe{w0bxt@?-d7 zOb3<*_FMILi=%P~Nx|7w*ax8g!rg^k_6pX{dUjAJtTob9@M%&iWcx!2SY0j zy0usJ!Y>vFCEYZ}O6aXQB3-gFtHprWf9Q9*ot`iv`(a`ws$$zZ} z4%k}Tkr_Q^R+p_jtwPVoT!NnaCjZ9;mT!J2^}hgi0h^Z;+?mV$m%JV}W9HNk`@trA z2>EE}ir1jx%)EcMuu${okT|LlGh3NIifbuLq<^;Gv~1rf08K z{$0QDU9O-&Wt$zNO?iY$W8OKE5}UR}+Z^QnZg)G9&R2_32>B(=2hYB5lNdt|H7OBX z{P4rly4NI8+ zRbbE?`6m&yO#hlo@W*?-LH`*`z1jm-DF}%G+MY3beT5}|Y{|vS=^aD@F&Oa1BD^9S zbGk@Ft}d_ZQ^PUc?5B;5wVEDz4Pg8yI`fBEn4;g-5u1v+Z_@i*ny`}ww-!MtS%TlP zwX>PSO78)E{}Pe<$Tc=;$r+c3aV6CE;)iN3sdU4LSw&ff+-XpvNlmRP7sqJNCwu&x z@N`{QEIA>}&3LRb`ub<_+5@2RXyPGY&>7Ec={fVSA!B;5(Z3MEUFt;1;0$iB#i;My_xXB*7TuCf0XP&DEtUcZPfK&8CQMF|&Rp5mw zHGLcL4oo~Xy=C%a>)ie0E&XbEUuo}ex?yPKXS)3Vji8Bof^&C-S}gAeq>m1y1GWaw zY3=tK+~{dTIu6~(!~aqhkQ*C@wJ-^3fsLB`2lAB)o{h6qmhOew?G<(rn=l&XRhU=I zXTmmkTsUa07cv8?3Xu+SJSWgfV!7)t{9S#cTi$6njcZZZmz$si4H{&Ys*CR5fD5$w z>>aS8@Jb=U&%nfyCBp;mbTbtxx5KYIJjyUZg!x2Y2SR1Id!O6i=+TC!(I4eu{{TI zBpeOmx8$MRe@}8MJQmcxf5TR;hljKXO-pKwm8D(0e^F_bepD7(P4_UzgO8WJbtF>r z7P8Q(bV3`9g*~#OcjjS6GyO16>=?VG0+95fM35 zbX6m%nCj8Ja>ie-Z3FnSzMZNY5M7t6vBv)e~p>(wQ(=gkfFmk*jfFTNuAW;5wvno-Bhz| z26I+x%C+lSn8-`)k`2F8Zw)H=?L8jG+hB9QH4!erq)DbJk!U33--IB2}<< z9PFaQ%*kv;+^m7eF*Se=UC$~D6?}=#hk5aGb#4lW!l6K}(bq1)Ec8l>L6YG-n?M2E zA2u60J9&Wjf(YR8ZpiS+I!+V&q%I=$&4FeYvFB+FComU_s-PH{37E^E2u^v9!3pii ztnAG^j*e6W6~;<5`4-bE4cravZQsA#B%SNQC~GRTv1z}W^gN*KQjP9ha$9E6B!duv zkc5b|2sOzGnNj>u<^2Q%lGRp5STKBV4~O6s+{| zPZHFD57-s!nKd6vZz9ZmPPl;+e&sdvyyNP=x;c~Sv>glJ;ELz~;}_auL_%JB}}r43;a6LKg8kuu;%{r9#Foa;`>_o@*f=V zKVOu{^Nrl&hyOi;!fV=ksICi-8fKH40yAiqzJM)et|aV9=H@a~8bEQs^^SO9KW%?5 z7}0ceer5c&s!E-g&&#`>621N|xNOX0)?_ED7LK0$6C(){$5}fCPE|J4jNo*5G{q9F zpn3aXjOO&nt^JTgO7AEb2ZtVkZ|}iGvgDd9lrp}Lw4Ry>PHhmDsiTSBExQz|9jq6n z2$|MEyfhm2>Xzvx+`0iX@OCBvtnWoFyb%0n#?Q*`-5HZ3%VL;8M#2Dego~V`2TVO& zy*Ms0ePE&b9{v6!u=^t58&Ht-3#5T)SBz6uk_2|!G)&nNYVY{RfBCUcMS8x84J^SKjWqy zt68F}&F`&fCx-ie4J1>UkcuI*wt8Uil;Ey zbBJ7Q22wJ&_kPc)Vqg=|ni@@|joVZ)zmG)wKth(zE{8n`(j~*ff#HechK96(P6<#R zh%lu|+(c(?;@{$Ry=hn5wVS8_lx-p@q+OcrWR5}9oGScV9A3)in6orOsAVQoi$q#T2c6L5tz2Q4Q*q+bezqRVWDfL$|Xh8L%gg{-itQOlV5S>jOC(+ zq!tTJd7~8XT|5S9rFg5g=lSXJv>eq(3amRqC@nj*@ka+L=H4` zH@%ps0^|a^Usxfs{A#Sd7ZwfF5}9K5$!E{h<+=cK`iTZz`-6Vy)k3$!Bz?o@P1t-0 zT_LQwIv4%C(T_*tYpJc~MU;SZqoT}2{C0}#3ka(`%0z4OfdmWoePFJ=usg7A+k5dL?IAsysdd_& zBnUXt${$k-xF+Ps;Wp$tu^Svhp!`0MNVNREhpcel0WalMC^==i&!C^$LXPNd|c~q>wtaVQd9E`stnsmnd&v_6Fm-$vExxgLHX&lL>~nF)$L;BMjb zeWU-*QuqVsX?^?KX9~~Fst+AGQ&D+qt3=?1xZ3DanbPs^{cPL|a69eg8dKyw;++b8 zv+sXVx0@UJy}r9&dq3V#nV2DhP6vX+Q4l6a4#ad#6y4a{Xtbv5kUbMMDn=0-472eP3(_5pH(x1Zzyz-%9%rL&)DVY;KE=^j-su{pT#+azkXxt*QtLL#}vmm$x}`aE7h?%lJQ&{ zqfja!9vd~ zQ1*aIY89-nkf19LXVkU3jYgWjs9hQ`T6m8Nklhk305s8Pn{;GrYK0?PZ3VbcHcgW3nrlqiBJ2xJv1ZaLUjXQP~IofFCX*jm(LEXs^>;G{YD#ZBLa1a zc`!!1&>)egNGn2&i(j<=Dz@}~=qu{mN^$05udoGr}iJBtU)j`Eayd8>ZQqsTe*+&dJ9&G`_T|76uc_Z~C z;<+T*i81owL)7lPU1&bJY?e{Z#Wl1LzTYJgBTqo@P-0N`iJOm}lQZfln7nU{+z!ZW z@%%lo(&{ltt^Ie`yZk~J_AB!fsPN!{-Wl#4j-)Rf3HRQ~(lIRmxwL){H{WNC1Es2? zkSTxt<%cP#1_R%BZiEI+GBqP3lX!ipePe!_c)2E6_X~h@r-BA2n~W&En@Y-UveDT9 zpe8O@x4v{_+8Vzk|J?M=Te!_kH|ZW-XkV|npOOHDekmFv=s3DVlo@Iu>3)+}&jRgZ zzx8m8JVA}yu2xio(xDM=jv4ymsKHxI-7Ry4b2V=?H%{f?zJC>4vt|?8V3v~45;$!n zD=w5EGn6`5=CY*IDb|3?TDgD!cnPm6lzxo2`>&mBd>`QJ>MeSo*R1Rv()TpK8HZu{{Wg$2srhtlY|JvAsq0bf5;Yguy?~?mc0&(XPR~*_p|1RcfuvuIHfNE5f!#UQUNB%Pg|@rf&vx?Uj_FVSL-r57BdH(PyH@X11y^0?aV~!p^ z(VO%=)vV3*X9Ojwh zFlSoK*331n-(-=12iZx=6SKG4S}ST#!WOKiBy`+9+9ov1$|fR#6*d@jIeu~K8_OE{ zmX%Ie0=wu_NmKLYBrxacif!S{`cX@9BH6#=XJ zjTWKn;r-8^DME^ypv}3}|2t%YLGO!ykzO9R9z=K<1*@Xl4x=-hM_g3d;$MB_5023= zb9F+Hq#!pk7C1u@v&c{^)Y?`wha=d(R;#B^$g`T3NVH?YtG~6`UI|ooj%Va@#<|Jx zuBwAPu8BTt><73d7{haQ&PDaj@ANif?cpLh(4}`?xDz9;?U}eOduC zaPIX;DNpb^Aj%D(mYW$gU1e4g%zBWr1`Vrulc@xHBcY9+534<2pEYU_JqA=mD+^5m zM~7*QHF($OTna2PN)%XI?Hd2SSE@7iC~KC6&xRUz%FahdK~pJYZ){uXcS^Ur=Q{11 z>`WRG4=c%#ryWovFv5zvm!eD6w2xaARSNTwI$TYPYi%?(?_aEZk5?^$e;V8Y6r=Tl zOd|Um-~-byKzC=#C51`Q{XC9aCvKaN*vT;{Hs7zUa8c=F9_4iO{pGae^?vpo6~V%) z@N)Hdh<$iYNY`G2I2qS1u5?ia%M`CH@rOCGoMJaRjw?<(>`j|D z;@(KmHu2esdcOYAu*txz+e1cLLn2S$&5P@yGVOA_kwEte`UB!?;9}LhmgXZQSE<9M zPYtyxGVDG?D^&3=!Q5z%BO1-@Gy?t2ok|hXJoU-*!&9q${5vCZWENorlWjBFdl4pk zlB7NHMm)km#Gu)yQusW~Dh)NAU$33kNe0+>t3Kvc!$KaQ#|<7t>+h)8m=2<2gv&}f`@%Y zg~L}cfE6teQCu~`aLa3kQ8Ww6!WRy@6s?S)Zv&_vG-Xo6ncT`&>ux}YDCaaJdTDP3 z64CQ}4|!ENf|KK44`wZ{HaS*>v7(#EfF9cH)gN(SK# z@}R0vnRLE;GuNS_94~~dgF|twf=GXDN~z84d!&tjfI?L#ZX*F#0d z{0a2MQ^Izn(2K&S?YZIefN5#fhaFAW!>|b6yvG5|^gbZycYDG>2zUO^!K9ao5M9Xg z?RVJ60PEz?ICC6x05Q`k(6u07qW)>QjmGxy zOr6~Sdr(J<-R8zbPk^S&VCWBq;Hk?QstV0cm9w#`?5vKm6`zh|Q{R|lnc$jexo(ju z+k&hZD{yMl`6w|qQybS?MprI)sVn;Z)YK0r%-DWSGKl)Iig+~rg+*A2SMb|}iEb9} zLK=H&vtAMPmI#!E!AoYXC(iFWBZFBI2X4>nLkB_sZEUPEAe1aiRaP+y#oH16>GDtG z2zF#&73@Vv5~83#RoHE|ZsdLYlk0x zA(;PpXba$|!<3Pv@S{vctX@Vg(sUOJH zb*>mcT0e#Kts4wd!g3e0KV+sXh=&^z=L2tcP_0p`@h~dk(u7^~P?QM+4y#W`%$G&f z<@~JMO^;xh{@#*78LV>ql$E|bo%*XnE0O^#|2MwRumrV=ej}<{Zr2d?oZF(!*$BC9 zsqnTJH@ba{wI7Svo#rU_RPRM!K*+}qZC^ZUz_}%}h{p)aw4%MN4yCyy0TpzLD;|$X zJ9YFb*m$Fdow&r+kyvi^-iOq8kAS4p9kTCckm`xh@MqVUV-zl+h*`+zWkq*S}_lk0t zAV-s-(;2%n8VqJjW|BkE@s+7v3duGu_(hH9OlxCEY?%7gE#{Ki+qC?Wcqm{k%j6YF zB%Sk9oXs@^i%CQw9CQF@l!~V-sbT^P`;4m$FxZ{#=P0IwbFjQw-|p{Y!podp-1S(~ zI}@2@5PN3}kD2kfL!I+=Q&d8GpJEq~SD_u~UK{@yN<+-7ygzpc zWNb%KXM5txU#(vZ9w_7A1#+~UO~vE4P)sA$Z!ZUoX{4*Hh~5=2w)VAj(LJ z%WjhSg^RBv8RH=#@GZvgg+a%NxubXwlbMsoV0X}#jMGcl7r2;=xs)XS07mR+W7t_> zX(+%=!+d{9N%?-T@~w0-glbY1#hbFPEc1}@3{}vd*yoJP|1iB5RGb7|k&Vzo!MhyU zw@|duIf_fu;GeIAQQHFix7PbC#T*^UPMOOq9_+$OMZvIyJYgNPpDR%1o96pKo$nHB*7Ii5u>V@lW`(u1Z9l8Td3BeW{@3ynIXyYED-q zZc7hE4>~j!SgI9g?e%>RTy~S#sp-S>OLnMHWz#IAm5E&9fvLBtuBb_ng2bzj|8@yy z!s!ty680YR!7mr<7c>@wBz6+n4fT@+gnHNDc|XwY=BJ9z^jT!SQsr=o73Ndk+?Ts? zXQy>_MVYX3X7uq5La^n3Pbe*47;nY@GqWVTUnTg-qhs4Z)}km?wuGU{IvgiZcf*!$ zr!TTA4j@}Pe5w89W7Z^^%6+RihMMM!_`Yece{J?6bfXbA{Q{E)B{m<$`}3K3G3-`C zJE5J`whwqcNl?8kMNpK0_-%BNyNp$b7gNnS6%{2jnP_Ne(8o^`_%5t_K}sTVfzzFd z(>c6;V~YX`8|jWB=E~{4*8MN~s$(+fUN~PU``ik~)CUzOHe_6t9z~K^VeIr024BA9 z#{N1b?K=>Yw^VS`AF~VFq3R7SV$>fEI)PrQ!Qk#KE1B&-gl3@D{{g~~9atQ!zF&cP zscs4P*GyH-8c&*zvPCkOnDcqMgTqY;-5JP*w-YsAM6%VMcIfoMeLSDRe7`V)dtckm zzWO7=v-|wHWK&Fpb-UZsB)U-@?5kD!y<6y8(Mpk*yd=`KMrH0kY&|M&eMyeFw3yWpOwkLes{#30D4naVT@KIZ_k-3^?^V_-0j6 z;*t3gdJl<|&TKgGV<W^a6G3 z#7m}B$l{V`A%ccG;??xnUXlb(Qwo9qIV=Mma`nR@p-ggm6Y_PT@F zcnm>LZCSc;67EEYv;`K_sfn+>boE453Rw}R5{Pa}{TX=7aU!LU z#>NLqI&7pLx-;tg7EPZX0NtA*6{y#_GdIjZcrgQKl#BGb-Q~LE#3Myfd5oivCB0U< zhr5AmDr+p>&uPL4g@C|~2ux-p{*X_aP-i~%aH_6QWO9#%p?abtg`p05J4ES0;`s6w zAszBQAcaMF>(<}qd_~tPz73ce#u_4O91geNGSWCiU((tz$b4RnfED%&lMzX+XMA%w zhFv`ElSL+LB#7IQ4g-)Q#0cmq?g|dLZiD&kMWyM$WxO%XWAh!(RU_(!fGYxL->rHS zrC>UawwhiCE_j6+y9GUstb9%eS}evbmNlBu_)aF$-!qgEY5zrGd;f65g20Xp_aL}b zZ#l@oS8;yZc=?$H?dWtp7%FBohPfM7&%ta62*b~ePu|cC=TFZ7%rer;1! zUK`!GnouC#tG#hMF%oP_cSt@E>va@%lh~ygRhaT4Id(|L_lW8W#kg?m6lA#3y_c#h zX)iy`hXyrh##6U*)8X=1p8ww6xjCYuR*~(_qIC4d0}n$cm%5lR+b=+8n{2_|>W-V% z4fX68DKF*;eauo}UU}6~(Bap&AcWxDK!<^~feFhYT_@9@XH%JU@6GueX22S0)b5AI zm#aA|l0lJ=`IyH`;alo%U*L*3l8&k|J54is59~K8q&Xe+<)7FxMef)qP!zQoUAk>% z=;VnCkJObF7^}&rqS4V*l|Vst7n31@f2yg}?2nz8{U(>9uTUx?Ei=Vch^u(oTf`<* zEnr|LEC)@oBDv&e9PY`5R$BHOuGv9!O8bB^MU411QH>SdN1r%KB|bs#eDhf@HeaZ zb3&(uj<}zCI<)QJ&F1seH-~@sefhZ=Z^RuvM?$D(0heDPe0~2XvFCRNxRXE?^1R#o zINp9UAa$^gRgs8mE*kz*%M6s;Y#&OS0BKD*?8SqroHzD{=crqaRYeOCHusRYlO}R^ zp^TFW&ZXVl_|n%>*$he;k7?%&2_~d2sIVYBE&x~kOD+nrRLd}OkhfJ%p2(SlSi#~; z%NsH|CXDbwtu^XbhLLf0rnx&e$fH|2Vr!H&GYAExFpAP8AVDpgQm3Lv&Dt{&Bm#U40@wtb)e<) zy63n?L%tu7$E)o(m4EMNtdZtVkO+}X8QWf)sfp=3GVBbIa@1E<845K~!D&G_;~E5m zT3~ToU6Kmh2}S;u7WHL+O*16=Hcw;~I||qKK%W|j*Qr~t+E^JngLtw5ACb{ZGN&dwDbw15_a_ceFsV~@smwY?Xuzz)X~9w%nq!i{0Po-INyV6SVO z=w#ExdC%Dcty-urcHWA1(=GL>8lBlDSPqOPn)^sLkFc%rZMk}$pCpl;_pLh#t=J8k zILxcdoqDra%$Ud`hQ_?@&lNPe58HuL7a<{YYdrJSLd>e!gCY;0j4hFGyLie89|Kcw zR(~+wJSp42TX9Bo@t@Xm&Dc>xV>lmaiMF%SiNBDaXiLuMcI?pG%}HO!93XN31LaZe zO5t1hutAdGgHFjGCve~C%?c(D^S+PBBi;LTeP3YT_3h^i?14f|DJByNfS@JLhbHJH z7HdQRarb5h8oWJlWQl`3`*d4?4(Qi=ze@C)gp`I7wHu20YFpqFwg0#)?Oj7DjYhe1 z1C!M@{EC5y(`f{8Uh{+`&RWTF3@!IJwVoFtCS%SWC7tIe>TW}F!PHN#ol$$4iBzfa zs4usN%8-X01EO?kKl#hu`M2RbTJ3v;q-_)6%lxn!&$-k@?dSuOD0nj$pyTN_OXMdl z2|BNNH|b&UlIX^^<`uukbz=sT^-)ti>AmfEqR_@ux*MKx$8{s^FWOEzu8T)6aS+HTl`i2?OoS z_GN#ag(B5lUHJ*(jL>>cQe2n0stS~(QI@(PQ);Iq$Q|jmfl{oT?QL-rl3_SAbLR)_ z0h_5x2gr;tyfAgNO7OPRE$B8iS(&tr?{_nFDL?`+f;;m3Q}Dl$RWxgYmh8O-lI8Sz7bbcS`Z1vwuIYtKCf3OE<{J|J_Sg4RQ1)KsQFP{OZTi3k_|b zIb1STP_|$Sl6g=DUkQ6m=^O=^T*b!XxBk_sod8Sh{j( z7CY*ordXnSrI5HE{IQwj4r`K&P)x^9>R+Sqp*Bz#AX#!BEP6kK404+YXk>s93g+^8Evw z#hwB7VVv$u3D&@7TFBY7AV76fYK<@j8m;V~H%CxN$ocS*g*|wlgmFd3J;EdKKuBf< z(>X;xIYIC|PF1giI3?DL{QMGoiUMBiL)n$9^DJ;(#e;Gp_6@{UAy7maYA==>5L!MQ zZI15aYQ_R1FzOeogw>c1eSY41&rHxr8Q7uc3vcjM%_c$D6pXc3^Fh~F{8QON=npbB zqehHjk%92ye%AauDB$EPNsl}B$G@Y#z_>+#eTC|VAD;zjBBGazHY8cbYm>Fu?g88} zP`qQ>SxM~f+Vn1X-|M8KE$YzQei-x??zeNEoDNUl+NVZvsr~wpsDBrqP@u0&a0rFt zUGw38(2MkVKua_AVX4IgS1z!U!ic0)5*m@2YIQpuvB}T#1We*;g85KO9h5}6 z9WJ4q&TYGagZa1|60BId=>vP*E^;|j3q9J5NY@b|PsrSy-*fb9Z;`p9iuj|8Kr17Y{(yy zW6fFdS`?WXM+Eieq4=mACf4N;OF713nTDl{YVn~LEBAJQA#k5Z$Sp&pzYO~7sc5Ld zU&}0ce@E$D*Fm=yOkxF|z`3e=B)`jG0`D<)%|y6&e~V)-TS50dJ|JvALUDn9933jc zV>*7E)1Hn_zy?+-mK!^3v1+7e3{GsufWEV&V#&5An|Xr3T#6C&nMfe=ZmS7sb-@4=80lAAk@L=%Nz@oh!Lbwu{;3>soIbcN%iez|~gEi2tKeq~0j zXP`N@OigJ$YJh+V9!w_M1$A}PtI1eD>U4?u4@HoUZ4Obs-r)AJg>JU^0GP>i6YGt? z6L!ec7*tRrk3kRddVL;6i?rj+K%0I)c1@MdK`XYrwr+JPV{BzuRY%>X$T>9bi{jaK zWd8ZcCclWn`Ff4efZL@mk8`A+1R}RfT2~*BCo_9#RJLP1jD}5`EGp?W`i0`HDznP67px`xkCdP3YT>HOB5}ib@1@W1zO@8>`(UAHG!l=qBoif zE%CmTb4F(tyu@Ix z13n3wn30DUrf6c!_6rJpuy66Xy)an#T;g=I)vxR0{S$Tfsj;t5X^~MRT>ej5y)D3) z`gx|#KsY8r#AOqvA~x3;w^TY;8!MO!`v?(TX0(&zNH~=H0*0zX}y#TtHP3=S^Z}S-gFQeT3^-{oNA4I zp}P_E%M=@>-Rj*ks&)9Amz(C*q$7mztISSXJ%;~%JvyM5til7~SEUS*wEiii&fsv| zSdI#Uj(sh;dW^iDPo2*|Ss4oz3ROg6q96LZtyb6*X3H1<siOT|wYsU%=AESOOpPfG^u&rOlh zO$-owuji-W%TCt`&%^$?a09&v1amMMtXI?O6iWD%?dbZShcbT4@{@KUsmAZxleT40 zogy-B;1qFUj#!A&rFYm0^EL}OvA?yWT$;(=$m5WoKcL2Q|MyL4dl!HY&d$bM^pggvlHSbZnXoXODU^spLivNH6@whmY5H0#g5H^w(;m zr*9}_$n1n>RhVVAk^oWtDfWFb^D#c^0^ZUun4&RA+IalA%0i1{ZP80TK;+q)K6}Iqi?$8d3TnPQPc@_NIiLxYnbjYknBT_QQ zvAWsSeKS&QXQ^LxvG^ttejrM96B2 zgl>0h5Ty@w`9!M=WaH~c?~9$sXr$7($X3oyO{^K7h3eY16)={%GNoH20Cy>_mS%8X zC%3U)pZlN;y>$A|FoI)Y{1v!9_fz-DaC0=F`(1CV`Muz9RSmr$as&?P*qQkBUI$$~ zs5UDb8eAS!K>&#-h_b9iHdJBHkO(wnIyJ=FWz1^e?TjIKk&M-k11x+p6>^a$aD`eF9wublM?}_BY`+m zy0fBM6W~X;-Ld7{1-t(@NIVy`Mp7^@FH(WMtK&}_VF|`^cgFmpHIf%kc@Zy_v`5Nyckj-)4Q1OAL_@nJGp7uQ<%6|xuzL~s$h40N zynD>4!pT7A8mUL6H~@kW0 zSH0dZi8G{!-i`^e6wE?J@q_(hIt}+?i?0`H3H0d5O%Sf(PG8}xpTJEYhL%g)3vc%l z9`}SQHCrSe_Y>OJZELx2@eA=DpFOj7J~PFrdjo_C5dCBBQf9Q)m#zP2P~8xyz<3KI ze8?S>%J=WrGwS+?1pZYisL`_aicmX(z6g#{Pi)Qf!S$6G*l%JTpUkjFqQ&mOG{SJR zb-C_Tnd^Ms6L)BSi(SgHgo|)j`(v90KXzJloG+D)Af*Ak+rv+t*R|36Q(dHl7=dS$ zlB)NKpQBmD>@S5ttI@0;RaB(lnZHhqy86w7;NchzYtZt*u?gcT8B^`NckjKQwc%Ak zw8uh=-p2GU7g@Nq-rfB;V`8=eq;^PJ>S`Ca);@G%K>#7+&oyrFN-L&iMXzmyUY1diRG6q8i(0ZUpC`X=NsM z7Rz$2qs0KkK*m{K*|Ob4`~fmdSj@`7NnkwYMM}l$?270)m8M6I;bLv-*@V}$mo~WG zU#wNjL}vy!x6j_aZ+1n{$$LKDcrm>vMx*UwAl0@0JIckGU+3*#?;x+hqOcKmH0tn* zY&z5EJH{PY>k;a9KdZ~rS2Nnw7=+O0Y zqv@dI>lNnXtIPJV91p7HNV-k3jz1Jec6JwA0Sdq_Gq*M<*waPq&Sv;DZ^TbfX(PHk zC;pSS_LX)I#xDLGZD^nYr&;eJ@>l8~!Iz?!*hE0@iPhO1V&5%X-eBe%*ZZr|o1E__ zVc5x`x*`|GoHSr=R*e~ZWptpGQ2Z_xOtYw%<)Hk@{WNY_?i34CSo$ez|Kx^@jxnSI zUfW{T|~@^C){&ZvXgXvMoY%@Soj zn_wD~@NxxwB*I%>*dy$SHb84*@R{YK(cNL9iH@bq&$Yl$6V2&*{O9I4?+#wa7JQu@ zdIXEy?0<+`3OD_abhwoVnf7%3UkWfu&>Mh&ob^N6$_hBLV| z49X>*cTpI@-EIn=*ud#mS_hK=oUJwCs?%xL`H_6toZG-ZFb}J$SLTM+;V%{ZDFV)7 zabten{lu4Gb65{r03}YL#K|t+Y8_2@(xeIlyl1V;rVpG&O`#Nb&>c7W< zjm-cD$%4}rVq`;Fj7$#hYUXw7PP&^A04d4dq<7rQ^o83X-Pw!nSf+mW{dOUQCRz(r zMhRD!d8RfJ0n0XDe^`^<=G!Ul1rLB^?@qwOTS7@Uc4GY4${nuA%{`IfNf5KF+Vk94 zApL~b$aN;G;&=$vEc?RCK}K&GOnkU_A7-wie0tx3SaDXIh|ldB$tTU5T$9%v(C2&v z0kL~tC1DbpY<&WLrvWAlG}Gf&je`p3W4xtDe%f{~Pb63zIsXiGBnUlEiu?35vHkqI z_mCVZgf$nB98NS#?uF(iDyxFbY^Vl~PL2gOezpVH8H6wFEqWD*{>mAt8CE;Iw~4pv zjVlK+ZLPZqzwh|9U+#Im?&rVUp`Z>!k8{$?QcPnLBAx#;l}fINPVa=`{KYC^A4@Fc zs8}JaQghL3e)x-L%TuNui(E{@&c|GEHqfddw4~@DvK)U@G~+u=!7t@Vl5y0h3(bt{ zi3E|TG1AUhkq;h!*uMK$JE2x-Z%co3l8j@AzLM{8qKlSqj6#z-bH<~cWp}zWR44lX z1_q}o%G*5(-R`Byg#JIK&au6+aOu`rv8|4ij%`~Vb!X0Xe}5sy8Bql$|4jQN}S{$&|pJ zbKrw748LbpYIfsU0>&0n8TE=ZBBo9U;$Nav`g$~5nr)7G-4j#+XP5OE?WWVj6@y*d zN#T-A(K^mj@b5B`Uew8~=-f(UU^5<#E+J6h{Xd|k?{X~J3;`xcbfL|EFYdk679Be7`P_k;+8dDDM6#*lor;<&{FkwXzWzl@mMFogKS`xlQXVNW z(NBacMGC=GJk-Plg)pR$lro~Nygx-MtH9(YiGZpnAJ2L>P z_N3bCutU38fl621K4UgQO)27meEk!D)3u*14CcJrVhS;@bB4_z9~IFCB0VT=y~<{N zOYF>v!a;7VR@Y4SQeWsSC49!M&v>`_h7T)io%N_|3hktBba$AKvo!{zl?>BH#*e~Y zMIcP_CbLUPveds7QsCRmlD&+~O-^3%GlIG{ZT0h_3N{tGVqtaqqJM}7dE)&7ppTC_ zG8ILhJjU9VYGsf!YW;aCOMW_();XG&nM-b+2OpPBMc3QcHw-~JFw8o;jJLtY-!XA5 zn`wiVy6YUk7QG+s@zAv9di>Yz!W<+r(^3qBz@I^c(>K^OuH!bU3s%F9Bw>3YKty|8 zYZ~*eqQ3v4BV%5-nll&ARWc0f;(9)igsHCm>I3mtMOM>>`a*+r7hQHeo?ZegzXK}s zT>$|D+k9SuAg1rn6$E;?@xCe?5NANiWEXa{^O<*A%*t-fIMI5$M_@sFUt1Sj?>yIC z{c*b24nB+SsNXB8<4rX}WN~)-SG@lj;&z~6h{2>U2D z--tf3e2)Houkk%uxa!X`tLRX$|Kv9x(|bOnQw576=n|;7a4kxL%ylwBeCQ- zAKFUj-JFQaArv%s6i$;ZyaVi)+7G&%Ze9FFLl}Y2^{2GYzQB8nHwYO6xO3L%@NvNQ^#jI~ z4#eYP*+;#sJ~_HgRf9ICzn_Ijcxu3em;rmKy4%4UQ%Br@fWw_|>t!mOuCANx%neB#QotId24GY20P?O}v z-mZ^_sV<{}M>Q9y`wj7N!_-bX+FW#)w9+<}-AOp_AE$KcsMR@Yjo&wT=g=hGDHli(%?Y_m6c}y(7yc{A`x`Fi83jIyhff)ZfqV?EvJ@baz~cm| z5t0k*Htt1|X{&K5S;Go%?;X+as3w@dgL`-V%VWB}HZsogNBs}X^h@1s7}g+eZvav5rirFjU9AtWrb z$*d`{AJc!n#CN!egEvbXzR77u9kUMbS9lOk*ivLioUuI=sw3=2`GVPI^3co1{+tY< zYvi6OeFoJ&KF6~nnLHdX{3}i;UNHi`a^AZz?@2!QRZ`vTOLD+k(}qxM9E#TaCQ;w%0YE* zP1jePWXAhjL<_w<)>kM5Ca3*EPhz9~jbc7W%n>39*lOIc%J0V^79L zOl{FPpYamgkWqMtM+`A3$r+Rv+{vUrCFXZZGPY6h6B&Rtbzx-NB~ArV`up4vu8*4f z))^p|iK&58oCezL|Aiy$%DKF1KMKesx7q5_;N7n$CM%DqpIRb4jU{76Tc#tG1S5{K zC&Pm*Bpsw>YHJvsoN8+>!4b2WcunJ(4Nd{05ZSKQg0NY85(djBbsNsF=oOV)6pL?% z(@<`e&JPMiUUcnbMO&*ETtqAjWWn*`+?TG|>T9Yn+ZeO<$rMlOy8FNY5O=a~IA zgoR>o1z+3J6Q<8f|H=XbB|z2}0$R6gy(JUIlj~7bu~+c371_VBlvLo0vu+jbYatwx zGF84bhM;NDVo>oc*W==Ob|w96mz7R|lE3VoT6<84b7li5xeV1S}( zmLo36qK60Px>Y}*n1_>tDT5~wj{~h{AS**oZA%~NynGblprF=QA(5Xw)BX=N@89Rt zwxI%4m-MDwCy$jIn-muz^&bK{4&-HVmy1=)i8sheh zH82L+s^A7lhHsr5L?n$CX^G3?l*v*l;lxV|xAKE3KC8F{rS4Z^s1tS^8uO2c+O{24M4f; zdj8TZ0Vuftb};(P7VJm}MyvA)rR0+HFU+4U+EEqho1s?cK0(yif0n9_0M|YV@ZJ;? zhf`B|TsY&LJP(o=X*5acR13x4_@?)(X}8zU+7O>q=lmjQ4c)pMxEj*?8e-V_ru63Y zDKzPCubSW}ha>(di7xC(sB38AY?8DswWu4d-r-h(rcR9r`T06s$gN8!o`9oc5J>qe z)YZJ<2i~s2{*&aK{pMk*ea!62XrXZD-jM&zdX^|`?coj!Z4u0o<`lvau$vTb-PVnP z3Oi1-B({(wS_n88tL!FNJQ{7M&~XGZ^pJ3g>l6w1yt%RR;c2q@j}gfCY?W;!K3`ml zN2YW-bpEfs;Y69_w&icu@2BD>Z<_TL9wxVzuBf#Dj?0nnbh)stH?*%!z0LpO6WU$~ z{(YYpdD43Yel5#+3TM@zN62HKelPXpz7}DwK2U}~$Y>u-0|3xnn` z5Ue%HS||&e<`q#tWuTiMrL+otQQ=Z?BGS`*xzmOhjL=Do2l}Q>kjO|J%{|V#odD*u zb=0nxLp-ftyFawKdbYBw*gs2^G4?IbIV$9b@XRqr99l!Ay=Y2g?uPFA3)ct#4RrW} z=h_&S2g@7A+fm+XW8awiV6;gqEG6G?QK>fVoDTDP-eSjPxMd_{n31%Q#xX$2y5uE1 z5!r#Ik!5NA%PLr3%NZr0paxBS9zqo|b)la}$Kih5aNvpIwL`Gu=Ze?=>OX^Wy*?$Y zRJE*Br9oiFFf++0;OV%b)ZqDO{TZe)e1_4-(IfNxiZ#=YaQ_Uo8Iq4IObpw>ne`bn z2Z~o{8{_u}&1IF+MzRHwEt#jmDTvWAl5IFR&_in`C|m`A7#(eQcB%87e^R4&DP{Dy zYAC?aodyHrb8*ReNlGXN`a?>{=l(UT1K}mVR(5uG$)am`$FzTP4fyXNoPSiR1{X!L zKO-RP0pQ|I`Wb!m(ZaQ_2yYIorvhfg=wQi~sB=fx(5xW)yqfH;p<_v$q0Z zX8V@J0*58Lc|C?NfW8`+SfnYT;JmNBo6il;c9F;06|; z%E^O=)Y*@Pv^JIDrONAk|l@ecL^IhIL!S_z!IKvAB zVdW$DM)&G&{1y3^3VGB;16j`4_#eA}UBl&gAhsYyn>Hnv$?7(Sdw3gT&e&aQF575- zH31@N@!XIrgJdx)aWHk~G_eT$_T{kfXR^-V7Nh;GaHHVRf z0R`Bova8drr&y~wtbkuF*lL$+gIB(*UJAC)YExHxN<9x6@4I*3Y4495pIkPCvVHYH ze)f1|nopJ^Q8j?{f+g#!CP{#Q2Szu3j3Tx(9uxip8MY*`Vn)Z-ynfu`tXkIM#-S*F z_}`UvDw+6X*vMH3MX180-i4#YC@Xc;y}5)fTL*r?iMLBXO`r5e;xIa~b0tMd^K#JH z`?-rxgQ9AZQg{Tb&v^Xh-N=^KacW8}HTRpnprOf8T6(PIt(V491am!+Y0mi+!8&)z zl5UR)G=jS&!AG;@=so>h4bcCU$E3sk0F=P}*ue9`QV;Yy&h~$fdu><9Nqk<$LKyZw zVm5O`5l_?y9%8Rwd`6#(zFYzrzG(N(df?AicT!-3A>?|aD}aNg_fi^?@l9te~TuA2jgaSEj>1P zzjTPwu2=I=L3C*Qo;tXiGN5%;i}c{lX7h&o%bLuej*+nnC~|GmjmFk@luM;INdU%5 zJb}Y_Hz@uwFmZ{2bR+Tl@2eyZ4B&Fvfiz>FEdoBUphoEpt#V{`aMRkpdjkVExDW_% zOBTG&UN$y*{lrreB@rcJh4&)^>P0R#U7xQy+Fee?Fo;E*KXK=AzJBlH+v8s%1M_4d z(ydM<5i2mWG4oQp;-oUwwqz+=wUVGI*`|o6=ucq{h?#T9u{mi5gJG>ou1=Q0vy%TqEH;B7FH?5m!LX zh&Mcd$&a}w_j))EG8%#x3M@vY20)ybCq;t<2yK62LaSo}rt2Mw>b>(#g3sBKo|z_) zRIQ~T3nB=T{sE^Ajp`@D;$xhbuZE{1g%p!-C-!saRrgbd;or!}(a}-2(#m*?Y~=up zSY|dE`-_;T{fOiA%F+4OTjz8_8C#P@*YcBs z`rdJ`JGv?msCj#`7>#+Oqb*RdoKvI=2YvRCsIIWE7SE(jklCw5M+xC0r)ic=EXX`9B^~UV$DQ35BJOi=`SI(L&kxSiC zS>OnsfkdhaHEeTzb;pz_Q!4teRkDSuFs1(7Evb=TWB-AP$d1C6^b{Sm^?8c$vN719 zMx{O;1G(2`C9Lh7r9wSk*ezaLpvq!ESVa{aEfo2nAR_2rAuobzK30O>#;x-uxF)w6 zZ4&8b7}C7wMkLe#r82h#PN+4mI+y^wfWBXK6Xpwl>6}bFsvd9S%ex|Bl{qOpP3A@3 zdY^8z=U1GTy>z)ZSEhel--7$*ggiVnqMWuK%tKywTzPAE-qV8c@><8in9CXA{7W7F z{oRbzcrECd$$D+&JU;?i%W1n7BOjsNVn7N}|2Cx5cEC)iVVFW0O<0HtE(|D?lQ@qS zd1)oBRT7jg+||0;DHYiK+ZOi&Ti;&vP34zZe9fuY$_+gH?ET$quYoro*n4;gO4AUi z6SngoD+4zifBU1X5*s(DSwp9EH_7WweXsU~YAHq)&;n29J4XzJ z4o&C;&u~QWQMSG0_e8~heAw3w#^*(B_vo#HyZE`BBr0GdQL(#7)cny;{sgsd*c}HO zl9qyT7WEKpKHgQ{f+o-Qn}Cw4iY%nnDy;O?-4se<0v=T#`|n-#6q=%;8WVGfjvB1? z;*+unGD4{n6q(=Z1zIzV67?1v&{DRMI6=2@4#L&H)+$P2k-@tcR#(0t>)sB0iMcZ`UQj*@$P#A0v1JJLiio*H<=r_|8xWXn!HbZF zbn$)4nteH)PISJP>owuO4Yqnw!9Wf9FGcCU<_$sM#rK(P;2HP;*g+cwvacb6mz#tg z@{A`S!+s?E4hU_~7ai(wi}ixn5fmphOu9OeMGcb|0E(E&x&{vYVLaNv8FVOx4*bSa zA=5kM=-Eog3jh(1zb3>VMD%Wr3ofoWoB=!V|e}SclA{)L!c_jTScvw@5ZX( zJz6!Z?rJS!)VA|9e+i3Y0X(pXTSL$~U$yDt&JX;{{?8$2(>IEpovcOv$J!7o8vpYn z)b+9w*3Ev9zbQZy$*cmtBC)-UZO~TSzeh_t!V;$dxxefU~ zr&f(xvZf_S%y!B3vMnlfuQ6uWR!HTP>(N^>#ia2HeE1OgKZ73ymjgU&EbA^dy-?i; zB%5E8DfXw$5ZP{~L%eAVKdsoMpS|?%aMppB=%2eWAI#o&(sFEl6^kF3f-Rc5rN6^O zF3zu8y?s`qMd$>>F`~Kbd5ow-F>glF7QCy2bSw7K4K=}Z{Is_+vRUdOK%b(Rm1`L9 zv;HW*B7>R(T41PhI;MPJqWF>mYyVc>C1d343+=j3#WTJrKtqkHJkXB;KdrhfS6c#P zIq`3`aA;6qx)(V>wU89d3d;I9#7<26r4MyXv#+el5jEfPQCz*AJ-QK{AMcoLx`B_5 zs%Cd^4_tcZ7raqemX(#&+dCnbOP1|##dOSoi$5~ob?JIp;!fheHURW|XM0)?51HCp zE$sVcHTOEpZPRvdvb}5#Iu<||nC3Q?A@_lY=4ky^gB%df2cq)eQvC@iqrXq9xFY(S zV?uc?SI+%Y&9}6?mbQw+%zs%12xqbwK<|C35(!l<{@%MD4QbPz$ZUR9t?DePE;Y8uJZvU9y3>$^ruE zDSBW%?cYDPdloi#!~BEQq@Xq%x}Ta>i*$qQhMiy_91GSpc0-^Gt}Avz0tsh#j)GyQ zJh-UgPE_N&L?vLqhDy64hhpoP$O=f3GQ3QD1J^A<}A$1j80F7AZ4 zx?j$?Vr=5}p$01KSx(jXk1dWauC3qNGJrV>| zYmL9;qYgztjH#$J&%8ir-Dwd6^v$sCJe|pW4@?-Gon7YqAx&EFNa9*?`}pd$rvETm z#@$Lkl-owz2CbeJ;Sc(2a$24SfuCPGfZV(Zp8xz$U0NRzk9HqKLFbIu#rI}vjwAEX zM>wk*3SiBl=EM(c1*w+@VXwGY20)_px~v!Hr6Ol5f@BJK;Q=>YUo_|jCPtUr@G$f8^b4?AhJDvA^)9na*h>DbZAGUwrmCNq`*#pFj=kkzPt$7;TEQ&$hWhUqFYI^62ii^>#$%b8A@utb82Yoor8L zdxi$p*}$fEO6tzH!F>2?Je0Z`Y=gPqxZxlOO&31(%8Sj@yi9vgMDt5I^e zS|P9jGf_yenE9;%O$kj;Z8_FPxn+?-N(QQkAXf>ON|Nq44fW3!ygK;4 zX9z^QvptB%hA;R>1p{M%5;bRf8G=5#eNl={3rJj=60nK_Go8Y%HV8@qRKX%~H6BVS zA4~pZ5fzea-lGlj5~C#H+|N_6Ay*T09rnP)N2N(Ll@C%D(RcmR49{F`PQ6gscByoi zyp^G?V#ouUbQrx2EVxjL;x@=uxy0UfPY85IpKh)Ti5mijarM{>mcOedG4U3SFR>cPIU#i(e{S8_jLq>^ZDj2X6!TT$d7xFj9$vZL&RFbFS3ELSP8w?hG<+Y@2VN&}7{{pniUASHtM#5rpS1SY9-sh}mIQ1t~P z9`i#TI6NH=r~s>_6k{7e+~|Ywd4S6D8{nK@+iqo(gnG8f3tqFwU5Pd0BCI^PNP&$7 zZSy(W^7-@Y9Hz2H5({<(3%ow-iFPrHH#KDxE>JiSsq?{Gdu_9CgwV|aM&_WCvM9}* zZGN9ZUP+sU z=rmXx-v8k%p#LkIzA)XHeTN;GSI|)h7h9bnJm=hRZBa%0*Z^}fzf#n{h?$7kwCTF} zU6_cf-j}h@2ZGTQ&dr3^X!DEqYt|)ppYI#b%>vh6KK83PXfxTvti?=GN9=CQ|9HAj z-+O#Mz|3y8U$jmGHP7i&Ux%E|R5 z{)1Mr>_=8oS~}_t#zb(OYHR+r=4|Rqw6cGLJ_IkTvdB0#tD9SEdOQyQV#-$5Y$xxX zU1sUzafBpNo7!|@&aRJOeZE!MIU=qFY*zL4uq*MA)ENL-bo8dU700$UqEUclK&IAF`gt-EM9+`5Cz2Ojm}Oo)3dS z7qkRGZ1n%p@pc-Hn=JkmS)>U7!>aziMbnZ?G!&)Q8?JmsleqH=$x`L;b;nMXbFCp) zrrf!PYdVgn6O7`H`NJx|w(WT)hDNkO(o5WO0iy8al|ts;WLOow3L$GRKZF8JrIM=P zN1}4=aB_-y$?Kf|l36NN#hyz2+{MzeMW$dRCxinn5eWDp@=h_XqhS( zB1C?^{-Z?EL27^tBoc=;^^>Gx23d*@-mkzig$#V+R6#pqb*dz z?tqT2tbA?8z^QtTzo%YuZDW0tCx|!4S7dXjgx>}9>y$8a_>y4daLH{Z9NywujEuDz zy?In1&ecG*W%4Epqw{6w?zu^hH~3;>ha89 z9e!tj1a#@;CR!_cr=$DR`FW#8dobs1gm5UxQj6H7gF4%h^RW=UrF6K%Vu>vh*CPAsgF7d#K2ee1ye=jsXcN9_vv zBaZZhWbmjVkQ8%%wQGmEtzvei0sIfgVx6CUEb3`wQ2$Um!N1N+=NB1e%2D}3)-PPfR=^k^j$$L)C2~4? z-*34hk|I($T7+%X{zzZD1-l8{$7YlTjVjEpJy%_>HAI^S@l;pxgF9&DE_7$F@At3PBrD zW0D)w^kR{>q6=i)n=jR-de`7GRD5VCYh0($HNN(e(HtsS2@(x8q;_EfHQSE%=L3`j zJIdJBKKui&SkqRz(HdQS@^;IteWvIC>M0~HNitvZIOf-Zj-Eo<2xWe@DpH^|WSOJ8 zD*x4o(IL{`ps2pQOtKztaDfpGT=9%f#9s68z>oqT{d1)bu&h4C-S8Q|k`9q}xblIy zu3kw5eS#yL9TW439Y_}MAAd^Nj%#<)m!@-?y}b)Zi5(XHN$`tA-Ngu|X7;Cth2pa> z@$Ww~p9|HzV z#XuAON^Njjm47_mgzAt$37(&UE;q_C*@q1sb17Q*3H2-F-7`a27MRR8_wTrT*`;x1DX9poW7k>npiit=S*60s&(IMDmtCd3n}Q_xpqH zS^UHj=C-u9@yNJvjx<+WW7w^QNJSq1Iijj|twZREzo>fneD`%+@O-b9%{Ek*q*pa6 zZ_P7dl%c&4Sx#S!`0BFN;4+|)uCXXl&8lWC>Xh9)BEfkSWT9K_*t`HocTEiX$IqBL zwv(TAr4to)N3mT_bhSTLP;ezc21QY{v`%l1OO-c4sB#R%JUa`JKjZri#gw|E<8A#__X~PLfz9Xr(XDfGx_|})BNe%~EDnG|})hSi*xy39e z>sv6#=w9qC4^v-u-pOjWd!mrs&NPaV=ki7UXL#gr@h8g%@_HWG_8jD`-E6lh`R*I~ z$uo#3J}lGzxd1eWX$FvjL3r?})X}!x6dsT}jf;epf|{xrl(ci+J-)A^a__ez7wa<# zeZPGUI804Q92XB5R`bnHdc>g&%J*IeI1-Y*mxg}hYaOj;j|tmJX>|GNnEQyv9DfqBBCA<1 zE#P6_=cq}MzpNo%4Mfv|IwIs{r|_Xz9TK}X#O)lt;~ zXta^R-PCT)WBKM$siZ;1wWPL$(^I&#C9>9fe(>u~o`7U4>zW4N)cRMZWWW z#ljb+gDSLI-|i)q*0A*DyCZ@fMu@0_AW)Om5a}QRrYe3^eKl^DOv+8Ju;U-M!)6UX zQlZs2fL4?A7F6?v3X;B~yVtGMpbG@ULKar`j8=1ivtxj?{ja`0x(#@J?3WZ5;kw=5 zHhs-MW~HDdF>IGoHpfI636M{}&S`bpV|1R}#^nPNYh^gC$T6)L9A3QVU&)2P++_w0 zA;fN{=7o(fsza;Z=7DsP6FTN11Q++SzPsrBCA7|=uEf=^G9z>SaYT=wARYp1$l*?O z{mOiYVSSl)Z}>dqePl{{1p!UiOE^j=R?Mzd$Xvo6usS4oo_Pr2%|v*8?#9`^Pdx_! z&(9k;*W0w;O4(8mCIrC%{1Zs&rs==s%~KePW=fhB__Er(#b-f_Zve{^-v>Z$`Xd#{ zQwt?D5zVqgo#C8i^y@#~rm}F*(4{a@VQ^?<@&x~xFNpdSae{?t zaT5l&7?gyl)sgTXy8MQjk$*0=d}!fwLbQG~4dDx1(~ASaFL?{G2=mS`J=1a-+@ zySv0FmI*ARB<(tewdhDAJkgv{_3vRd+rO0=ak^Pmbz)s=o{nKrpt#^JS2Kp5<+Jp^ zEEh8fiHWwiR$}pb>peY9t}<8nTsB)b;?mY2Ay0=3Cz=s^GK&~15CN@#C2XKfnY37QUWbohxy>;4nE@<^3RjLuQGqYj6*--Xr}@sWucuR<27-AnYx{GMc)z%k=Wx)sWIyg>R3mfF&Tdl`h&4;$&g?8D zX*yx3Vt>OhPbuU03cL)CiV$(ny)$Z)WD&EKuAm7iWUah zZ|eEA5>TI?4E93=?6nhHgFS^6;6oBfv(};hd+b~^zdnuz+)`IM2JP_)>!P$WcO=iZ z;A*yqU5WLPf2od$jO&>x6caW0u*=*)nvQ>wyRHcgHt<17-w8QF@U;I#W!(GnkWxa-fVPamL6{7+&N3T%Rd>uFpXKlxZEjS}%7^$&#e&Gha&xc7)++QhJqX?he=^3u}DvQ*mbCZzkG5@rbVx~?z# zG>S)O+Wyp*fAS~9A8cfP&JNES{5Ec@4+%IIuLi?*0NMkUYu|*+8f-(ux&?dh4|cPD zGXy+6=c8Q&(C+AZ?X9=5sB5i(_;Sc-8G){T?=V=4?LU?XMBkI4raxAB^ng&8-3P99 ze9)4I<%#SW5yxkhwQSlAj76&gx>%6R%Z3GwkY-B8mbIi%NSlMo3mdgVz!wdz-LyES z`G=U{_pleRc5kV4I42ZevXmi_hd(Ms5rXicXNG%5F}wl5u1|Vsdx#yeoy79`G2TFt z=K^I$bOXQCh0$gIWj}!t-(O91WgO=n*yNT_F}WTu4s&`+!GO^=_snV7a~I! zOwAy#7FRug+Bcnj0)PW<$NEV1K2a}SJ$%cBY9556f(?bvunR=mGj|-v-_W5D8rl`# zwo(QU3dMF$YrlUK(FW{VeYAB=FDU}Q1XU9q6v3(*VbSOW4eg9qY{!IurlA&=J1ziM z6B|^@O6U%x7)PxH2cIm%%T?@iRI1m4EX9?mYs2US%SVN6^(H8Xfe`YI(P94q#ZkPSR#DP1x<7Z4nw$<5i2!Je4(- z+hq|;?GFy;Z|u~I)FBy{ckADNLpKAX^C#>$tucP6Wc3$_yt+<0c1bnoJo{VtROiX# zje2X7oH5eCrZMjZ5H>=+1z#>JVQ_PBhyhT~mz4@mXR8H%89yiGk0q^zIMTj9tT&xCRWg@IQdHt;t(S(8RgDd;;7~PhEnb<$}H_ zBM=W(Zt2}(y z1{_*AlWZEGTkbu)qHL>+G?OzTmD8{BJR(a>Vas>!gyeosF`duFvmwpN5gK#&7la7y z*3L-Yo^BoA=^)`WKdEO;Z@xS?sD1wk_b%k=;FSR5WJG0+RpMGOC{TrEcdBII z5y9>Hb3SSqu?)*1?d~9JGJ(WAxyWM#uOcjsE=L1>&S8KVzNBQ^A8}+Mco2-qft#7vy z!0vU&tW5%;TT~`>_|`&4Xr-C8!IVdhBZSL;u}K@H2<=T#PN}!Q=^*VN_O?DMwMPML zkUq=#GZAPpl_*ib!dMgo4f3M&8l^!L$PT0!>guQETlB1CZTpOpBWc!nI333|RYvTg zX(u6lJ;~1CWDo)iuPa((_Hn9DEv*002ZaNhzX|&R0t#p{A=_A&?hLmel3EEBz-kKq z`q#O|rIJiy=Q!Eo+xy?bab>Ed7a0+C9W5c?{aGc^DNhV^5>z{7f%+Q=hjWUu#Mcr2 zK%c<)HtOAn3Lh6sTnbgSWK1E804Gl`jFjf)T(?9LriU0DEexilCe2!KMguW^aNorV zSb}$o)l2-HW@VKYygDtFhzp||)#pN_AY*mDGq7#5 zzGF&Kc5U`a-&Vo`?+CdMoRI2bU~2)9y-EUG!`q^u2K;E5ttN~WRV6zzO2YjT|OK@eYF^TlF_B^(b(S%wTv~9GvB#DO)5W~7jopa)Uf8A4ztNp$=+4nJ&56Kf7uW+)WD6CK z`e1p-Dr?W0liIy>CTl)-Jm4PRL&-gzE4x)AP+rS2=%KeK#+={tkh%~vp}&S=K0)~( z=7-t^#LqaGXZ<9Q@(n`+EWgrc}NI zQq}bNh2`FSNZ8HD%K_~A`B?r2(u%|UoWZFvg$G)@2Rk>(W}k&{r z>Nt~aB^m@oHj6vh4l!KL*OeDOSGE?s9RKHgAJv+Q9&zov?f3Q-}fkR>icGd3#yun|@T zt8qRQ8>%}a3;)x>xa+rlwYDxj{5G03G5&AVcobOYl)ML&cs}@;;nNm_hQ(+AO(coy z6_K;@A+s0_G88CLd0(cEJ#k2?$6drp^%qU4-4HJ~nOl9voBTh1i_6U(w$iYtIyx?B z2ehRYp4~Ao(4obCp&tpcYMhIToWOL}Zu3Tw1l0oPt$V7Cd*iQ&HuJ?a)h$_uDPM4Q{Gk zKrwSw6^qx&#q$Vez%5VhB^LN4QgM;DTpL1y)BySf=`9VT>S@z#=z|8ruT)&hE$>D=*gdTn}-omB&$<1mcf#^1VAP zf)b1BehT}hVybISn9OuH$o4fiCQ!YX6m7-mB3Aqb{t2nNGcOBerCvPL$5%O!1lh`i z8=jRhV%%tHs_<9!VTxt7^vHw8^aB05ZBVmwH|in}Q0>_QDZP0)zXJ{HiUpq+8 z1WkRA01r`oaw{YHhRJz6u;)MdJPZ{Xpc`gC%J|wHBJjP7 zUb#<^(G*E7U5AL36Nk@3F&A1?fg~?}f6kGLE|wJN>FnM9p{fCO{E5KK=5e*na*hs+7*S>+i_xE9_J@S4c!k zHU!HS_y4!w#EqEqSI8Oz*<-&%DHG(g&7T(NQ)l7EsH7$*-4^D zImv+#wkhnD{e@KQiYf9PRuS0UDoDPHoO-n zGc`*@ZH>r-k~k7@bKNf=EY<5stq2UyuPgeM(yZ=1t%zXbp*TR{9*}jQ&fKnsobn3+ zI(cs-9yTzyHc_{!O}ct~$8Xy&)z;|;2Zih$V@th+s%IqEcUYMW*lAqYs4%2aWM?6g zX!fV7hTzLatjn!8%&jGG#7aPaw$#lctJLcY!@TjbefB=S;jA7r%29he6mbIUPe4~U zPW=_m#S&+Ru2fhV<%nZk+?0LY9!@cB`08}G`5gW=ph}ZVtHA^FT4p+2MtwU zyd8q@QrLkvX=W}s{t|ga?9wdS8=EYIhy4`Tv(IYt)#mc4rSX&C_-l8ewZ1p)~5SuQrjmeFd!|qrbo)=5fbaJp|BM zx5enK4vus?lnLj7iW(L8Ui7So)r4zhz1|3&_b z46mQKw{ggU=t8n#zv)eeQ5(nV{SF1NqLZT62w!%~pO}>CC5pV5S^2O4Vcp#^L}q@2vlhA6_sBYAL1`muv?lDK}kg9zlmnMXpLC%H@r{>mt9ya z2&OU(TFw)+$!l!XHVlN2d%b&W6P|w1Tr@hU$qB zBJd@|v05sqg9?%NCw3;7{Cx~2j^G)g0~gdW3NSx#-+6QfvEsK_-bN^IsL{IgZ1^*O z2OpIKbY{oDSxVr3t9_yr$rc3nje5XXcb?W+Ufl%ueJlBY{u|EKvP8xD20O&E`Ago#pOjc7_<5f~2Bu8{vuF3~<)xBOE?piO+1@Xn=_C#x89mNBjZr*PMFeyy%8 z!vK{%rwVdAJ5CwoyOjomP>*ajf$e3%sBr#Jq{+4WufLVbob?{tqyDc zg1E0zt(ILa{*duwI=EVy3N-1XS6hFw{{u{JZ!B#kn{@5n*nFix5{%u|hD>jfwA1#}R1XgJIJ&n|$O)=~I%QG*gM(BakfouJKdB6x- znAyCj83q4&Hinl4&60^xVfrNoN~okp`P7I3k62pQ@9izS>d~Q+?M};j+%~OWa}eRr z4LnG1^Y2idv`}M4X}?A3jw~X{3d7Od?~BZe7OzG#7)K2~*M&X8K4}kd!x(^7G4h{f zsHeCT3TN$h){(2vN4n=CA4lA5H^bm>UOUV4+)>P$+lrRUC>{F5YFdU!j?y|ad{0)d7ZdG_h z%`hY1n!U|Wv5Rcp1z(x+J-hn4fAt;|t%o0W5Zo;ya+sd!&X5E`@-jE!n<^8#{>#jp zQqOBm5?Mlah60{j2>%0+<~35N@_JwBwCoDJw=eB-5PISG9RBiwl+*53-KneyZg5R) z(TJLVgJ-Mp-(AOsKy2&1At@!lmdUyp6SjEhj&H!v3D{@;rugB)Ce@f)kflzBy}DPF z^JrCzKddKfA8FKal}sS&nvdDp|DtNA%e$~MrPN)%fq#M+>flv3q$ix`}iO-I~ z;Y73BYgORCJ?t+W%e$5D^zZf{fmb?PSU8f~A#Th3HjfYC`j_t0G0vqg<+dzKIFEns zc>bigjIso>Mtx#Ce0J7QY_4;(FJ$#nExngK(2nY<#(&;zJme`sJIsJMc%g$8NHnBZZ)8Y(sM@VUISI{v6qrTDn&6RTP}$zCgKW6o#4TC2is zz*M6N#?HY0m+n6>p(my=PGwsefUO!v^7(H*nUfLGdy*=zE9>w?jov421RirLl z+gLT%#TQl$AvXV;w_e4CT_H$C5+fSt5ggHXtS?>T5oCFNb093r4PtLUduGQGy{UQm zOn5!GP^B}hDYyf6T?mkY0lhTSq1o%JzZY0Ov~HVC*&LSu$b?jo56m?FEVqKSd19lF zZO6;P>nLdRrci%$y(bY?D4mY8U$Um~=L2UOXuQ5Qi`>pEN2+UA&8}M2>u1e6fDa4j&Eyu6LdBx^ zIak6dNZ?^kSMyD(X_)RNulM}yso zdW$X~TreYU@l|k`Xxff3#$BE|8t!DHAyPnrLDIj}^^I#gzt{l^+!f}G(4bGWIVt`i zT_VxBSH5!9ESN!>h4sXrasQ!yg;bsadSTGLx>Nj5ECFlnxq4*J{{v_*pwBtVK8g=3 z_TU|c((XKHmNE>Nh3kQd3hScl^^`0JI@p_*VEMfHJwwvm1rol#2?T7t&Y^KTw)=N$ z`V6kt#UIXr#UX%Z)F=!}jg(Y-@5&wrw|I zvTfUTO|~a{XY6b@)nwaEw(<6?^*sOg+x>N~b>I8EuJiaE$MIk!LD)Cgu-AHi$DnEO zwNtIlZ61bfD*M{p$nC)%Da$x`U#(Al1U>S{V4SiEv!bh%O{b7-Ay$$A*wlV1U9*Bf z>dtw}Nhg!v7|<|n2kh7}?Gb+5yB7De0H+MWTsa_rf+;B`iI1M!bf3XWt8B^lJ31Tv;g=qUHGC&K`s0+a#yDZSLu;z@lUG2vL!NCVbt>iN55 zKPHIoFtOucWLj$=oLdw)E+%9BFip^0HSqWRwq$KWfYIH?as`{~Qeo>RfqcNZe!S_W zjosW4_J`#wK{oj52HzhWLN3?Es#`{dG2(4tdIVMcn7{4L=^e)-IVO%=);{&j5K)Te zwz(1L%<}7=r$TxobqJc6&l?est8nj@)xwIjYmV;{=-Jtp z0;^W>?5+3Ul_T*>=z;}eh&f}*7#()rs;R2aFhgpJl~SKS2yOVxb_}*XMG?s{5fo)r z=fe?9Z7&#m`A-i=SG^f~ZM%biL+S7#Kt_5#=QfS@>ZT3@r4c!qzwc~+>(HE>RN8e> zarj2c@O&O1ga6ci))$)=g)96`OKm7r9)Yx|q$ZseTIKY`UyLE|7fRyO!MO6b;=YO( zt)80+O6=$u_R8F@Ln(a2=58iQMG8h3WnNdCOEIOwYSN&t!tCw6MM$W|p|995q-Jb4>pSEdOq+n<-;YB!B|8||#8{ddRUL8zB2Q~Jj z`GQEP%$&y#py8obd@}!-?iBCT+*7CF$l6%bN=R2_NCe^sY=#x zQsL>xsFN5wnDj)q`JG7~djrTAgg)vb2uoE3|C}1Ygaqgt(Frh3d7Dg)bKN4z?MY`x zcO~$zSf)GO>_cC4zxo3__x}IlCL%87I3&Hr{R(314jRGvyK*+XQ{b@OH&nKELkT!A z*WEzv_hzxDI8}wgst4GF{NPBUnFZvKsHBt-%t+e&akXb#|L9$H3T2%wHHwhd-bpto z9H!L}?W6uw!U+qu-vS_|Z5*6SiTetAPI%fAvx%_4nvM7XBYy^G_)JMSSMAh*6jWH>_6`F zV?W5Zk`0KC*Q=8n*4lmdxAt2wYIq)2fM>6ujBvv93jPJMG>}O*9-`uy>asVUIdu#=K4T_3xi=BRuI{NvgR5-Yi@fJE@~s)$-Gn1 zQ-?cz9V+73jwr`kCpJzinxRKs7B6_X-$kw6xvW|>QLqp7z9w^te9nxF&ZSD3<_4I= z*4(yBg)1)fxJ~l|V4hhT3RpT#-mj9K4G2t4&2%G`R`rRR`&Zr`_wf>2@)OA&lpvim z=d8gUJg}l^Ow9=p+lVOS&B9mMxjB)V;PTVP(h) zt8rzA(V#bTCev}AE)DdF!>7eE$AlV%2g*XmU!i?FRa|ZnU^(fOS9ewRX`n=H+Yt#~ z+6aKATGY5^>$(2bC#G1a3Ou_wZ0WWk#_U)$U zbqk0S_j8JIJfr(rr)oE#FKk1F*mQG|S12zw9YgZ_j&yy(_!UPbSk zqiQqi;A8cnv=4q(TDk{>CyYaGQlq;Y{s$%v(UOu~O||LJ#NY!c6x>{Nh&OeQ&BSs& zxl<4PXd7h9vD3GYqFhh7U*qt;b1LLUQeS>=@Y;>vaVx}g%cuKa{LlZdGhSJxSUxO9 zTs*aGy(86*4C9e4)Dh$(5C9!RQ5Rz8%NM?X$jZqY;-?_>D%r^|8WM!8IVnk%sA(Fo zA|$MQ9WAZIqq>=ses<9`Bmc6-qxDNKl|+*cG!Hd+zDxFeJiQ#`UoLsVNY92A!ed6> ziS;Iv0Z_p@fvq%4ONA|*t-*fe;s#>|L;(gG>>{BR8$?bUZi<10w9OQn$}ZV@a6HRI z9TU8AZvv%pU_1M<`@;;9f)&f;9c&SU#_aK=)Hpjr=mF|JIox)>SHQ#fp zWzHY}!u~`n9K!PJ%-}%zmNA8EmBwr#nw1Duh=q_1UxA1O%Z-JFD~&S>W-EJCE02uY zJ};pmnRJRGKPF!?imsN2`uN8Kl^R)!R`*w5kgi9QX-2wU8xwl06$7HOWa{bxs8)Av z_`8K|)!)Rx{OgBz(@}j(>RSnYXnM?gjbh+@XsZ75I-LaVp?w!axR=H6gp4mDv{4XB zjqm%z5g7AZ8XGwuQ$U8H@Ip}g>n zkm~_QG`^P+1`$m9oiRf19s%%qUN0-WIWi_zrcsAL?oxmEdBx4Yk}|^3SqI$Ori~1{&Kt`%w7qN`=iA){&0E3YAk^{lQWy}BPsK{d605nEj)R{m3J$#zry~YjR$!GIHbe}??;6Rxm+udS@ z_!UN!v5UA3ePTjypa%bj#ZAH~E#$tDdx6~c zM@Rzl)aDi(O4&I(G+|h?a~X>$(F<}49lw(-4N%jH9Up$vdE6D~LZj|lH__i|`~GF- z4`Tc~Bw9$V$w3{Yss_D_8 z#rCNk@=zbEN3hQw#`*bYrHg`%NWT6mmTwI2CTO}$L~ljc1_BYRTtXq@j^UX--S zlPX%;e8ha>+6fGOc;pZn^@e*H%b~lODJy3SnWC^Y&-spf2C>k>NzYR*0yqdm?}oZ& zeyF|bo_2i!_bx7Ws04ZoEW{zcGUdh_19|1uXrpib=^R-dx0P2z~R5>@3u3W z-@QHf_|JW-(fXm zwJ%Ys;$eX(JXpl=AQMmfTL(Pou{06DgWojfs*;}_A6;YvK=j|2LDo$AsbSWW8jw>WM6yKh@HV z%>)IqwXL3Ez3T8l_v%0DLBSawO(7;ZHkhR&UOEYO+LR%)2mAvZ1iB>hEz!_7z=K~n zr6w7|^pw~X?#O~$P4gcG;Xc}uw{}HSIh8N`P;=xMF@rW12xTRH^pbJ#nDNG3&Y=;6 zsZLDq@635;_;4YW6HJ!r?Q~39^_Akurrn?VK2RuMn3W|6%D!}ocF_n~cdzNOADN~J(aq*-U8 zZ6k}23~Vn;26le?BPxtTsJg-BQh$)pJ{qaNjczM7kr+CdDu~MO@AL&wA94GPLz4vK z;)E$1GX{3_3+mi0xZ8&5G&9%w@2}If@%EkvvT#%?D;wCip8xu=#hz2d`VE8mRS$&X zpd8>DhG@zx5=*X)wL1y3VLL6@i$w&pk(C@tWPkf~U|6J+Vmcik_;)sZ!aeXiw^0nN z*4RVKtT!>HF6v{dJ$6B&`n;b3Y_!Di%L(GGSAXXVJyT{GblrJiXj(9Rq*@}p2CF*g zu?pI^M7$K7!YbtQkAi-K5p#eoT=jh6$$0yvsX@X>AXA7U2`UmvMeZuzTPZ+q=l7<8 zX@wdg;Nbz=kn%U5l5IetcbImCosu`iC}@8`7eQ*5#~rukoS5X>pkFFn=(vs#D&|^x zczopuBczo+Jo?wcUzSRO!Pu#8A|Lex>fX;z8^qHKEzxb#KDT&NB=HR9E?o}J&N{PB zM9M?Cu4F(XmMteDNVt3eQIYp5Vu0aeb-LCYDe5GvC`Tp$Z%B5?r%B} zV8irM0j;4G5uiuy^OP6U(XR}f7V1O)vECB^Zt%G1BSzQB4i-Mcr6VpJ8AZF0B9Dj* zts{45mtED&FtKd08rxlTR^!5UB~ zSO7!!9D*%2{NfufuFIs~_-6>7K(=CsP26^o02a*d_1Q)?yyZFB$A%3oc-L)w_C=A( zTw_LK*ER=S-ctJ^pI7~ZW^wpTxRJ=Ne_GI@tJeGOd!>b7rlXcfi+&dxSayfcvZhww z^+MYkU8qT9$cPgd38EQ8mw+5xm7L~ry=q893KScxhR4I7_t`2P$qr-JG<0Wd-PLut z6GvuCA5pzL;t7><8MA&WT@a+_51EP=O&d2B1)HZr0KP>Ik&g@;|C zZzG3%R&KlV%iJ-HY-6E2uyDSAJBHrv?@`}p8`GU0tEtY`i*j%0Q{anvBwzm7sczcH*+7oXTH{mqLTd!7tnrG7%%5D_P-S^SD!nd)|5$moK}3`^_NyE(a#rQq?I5p|qR8-$LH3LV~zVf@hbg4@w_}#?)Yu#K##sREo z-w$%v>rn3scF}8mIh9WPj>G|d^ZgI5KPK@L=njP&qqk7T2KVk{Of54NIsd`lZr`-3 zYN{c61^(xLvZ7aro1k;>KaL}QHQ9Plud1Fp9qJ^ZfUX}P_#SAXrZ(wMVoV&@Q~9&vX+R6qwolN^|z@$l4e; zTH=b0%1*2-^QhgA6BZdjra*z3J_viwa=)Z-TGNl4eh`FibAWVpsrzcf1&}3lT*pmr z?6rcBtl&A&Q>@X{h8FBgw z)(L(r@Uc*Ryk;;~a!cDXsz76PN0I9@wQ{ZXd{Fxs(MpUSDwJp^3forHnjc1jg(ku* zil&YPycruJ1GX^*FQfXq7I=a=ogt;|#o2OmW4oj}htK@dP=aI_QW(9X=TWC_BAhV) zN6cMA*anZcJCh!CeBb>UOw5awRI(Eb*;D>#{B$#4R@F%|5($tnwm-xC*h9taPU)aB zC=1(I=kq+VjB&3Kr*`FoPi2Aa1^MfK%u!B@x$r>ww;l{UJGd31+bkD7B(&NCvK@Olwb98({PHZ+d2U)#Jh1EXEy{Af_yFHl59vXD z(ti;v*@Pu%nNQSu30A_bCLD$KmpT9_1+SrC0^j$o{Nn?p^8@SM9SL1Xw(fh|(fW^d zrx$Mjn&5mWD(-vGZ?y)7;wb)1KSY z9i!1r5*0KOK(ELiHeXkS2AdMpNVRwsA@s)ko11e4<=sIjDDU&GXp~3n7xS?jIZ#bH zO&f+-cQ%i1^swE|^ojr}(cFBYs9-t0&Ojqdle;M=zF0pXAv+Os9R0EEF9#cizHE8n zZ)piayUnb55>%xSeq&cj7x}SnvyuPZ^erzQF z1pi#)7uIvVPj<0`UCC=$^!##sI{4FsLFo9q>t*G%mru3e{PI6h^OQ7MBum<+UimD0OsMc3-d8q!o{$*jTOMoITtbfJa0+LCU zI|yS6rqDo<)#5FX9IB-Wa0BxXEX@9Axa>FG-vh&f6uKkH^o^&vHjJjcvPjuLdtJI9 zR$ujb?TJI<0K0`xF1d&Td79!Wit_d^IXU#tKnLY6-zc^1<`FO z9EJ!Hq?fP?h%`ksTD4r!uF(%p7&iJI2u=paTrFy)BfPXL3(#HAEWV{aGA>AfXi}Uu zO2gQTRi+o3j++16WD0oE1oxZuW;##K;ZxEL<))JM;h0vQF9%RFJaFhsC8gQ z91S@|tamzU*W}aa)l^@Xx~ou!(a|SSwfm*WXk5s4-*j6xlG9rpeeD+FG16wHM@m~=xnu0J$Q7ptV$as7Kbd)kd zE`Kxr^wds3q6oT92Kt09cV2cz4r|JMy>|lIMti+1B^ z;MOOE!Y+Q#E1Y8zg&B`!X5KkWm5*W85_tn_fD)2gadF}8z zj+)*>dgWgGYP5NKbhD5S2sCMnYX>MpZ1-J+b{X!hpsuz`IiXi~IDq!2UsV-#-wW&7 zldcFa{Q#GqPwsD53UBcKPi6ju9noQK>%UAZ7upp0$Qq}plHdjur=ECx%p(W$FBfTO zBT%=xrHzkN#z2nSeQ_aPZ%c*MPeWm=S76ug?HC>58l_(~Qkbc2tDZmZMzQ4$EC<9w z3B6I=dW=Ou1aLsWAiMroV1kt$w6N z|DwUn4Z4|ILCe3P0R(HB0|Jlh@eUtX9&b4RH#=RIlA2yhVg9}!6Mv#?20hE12usotBKZYjH5taDmapQP`I2+axX5ul~|FcpK?lBZowOH=yAHrw&kq zKZ>=kX-UN1*ymSun*x-s1oa=p z6nLsgPR*Q5cI}JER!8ZGc=+~{9#M?uNOWePswxubocVBWe(lp>jsMUXUQ%dRj@b)KA|s#lY$7l|}laJc<#%ZDcH zUV9j>7Cyg;R4^b3+tXvXW^SB$gx2b=44zXhB4wnwp8+rjeiq8u`Z0Z>rO*YqMl>HQ zgvDWiDcy~J-!yIEqBW6J8}W=O^e>9y-}&iJuvMrI7U#sOp2@__2^DR!ZW)5~aF{LgWjM zX{Ns$7d-L9Y8ChE5#Bvg#I`9ve-&?Trd$s{>VExo|D4LrzKg`xS79rQfK>3w2P|*= z7=OS`mEk>hSUAC?r$2j#9EUHM?)##5vP~Anf4A_2qTj&sFCychHwH}`@7Le+Y~C+; z>{ActIf+i`BwX%;?`|J{ahxo<2 zOU+-I!!-tn`74_cQ_{-{3z7!9LvP-%u3evBb`ba6Wisswz3Y5}8+5xaz>gRw2SkcZ z1mg+oG*X>(3x(cBeq{eL(9kN2G}UO)8Bdv~3Ge+8RIhf~IVao+n{Bfc6>2#CjXTo~ zCDC>TNly8+b2V2{HXLi(!qWgzBpHT(UA4Mo!d$iqA>Q`n$k9(fN3-4LZ_#obLGON? zoGCJ3nW=qaR2FA=7U4#Va{I;Ce(gujM%;ZY*1E?Ogy)@XeCJ8a(0}ifMfj2bIyB7T zh&}h7fx$AbftQ?B{o8sqW7h@uGXkvRg+?rhvDGZ3VmJM2sckQoWEx>I2+gFyzhPRP z=cGmJ4^zRLT}rcv{JkZkRL0^lhiUSAKucy+VemY5g1`z_37l$|s!w|VXdfMlX z=%uw4BMaOo&fRU_OhaTav4Cp0UdWsRJlPgeFn0C47lpl$K{Si&BkbWWkzHJmv5XG; zE0t@d(~Osy;Gy<7D<;lk!_itT8h&Cio3*KqRz5gX>PKMa5yrXUJ?M_UCP?XAE%JK0 z+J9Xdsgz+2ivQwtT-!P@sts5qTz#_wLfyy9EASH7NYj}a%uY0iF|GxbkZoMwy4oF^ z9`o1c;)dPgk~t~aiJ_lYpYT(lSnT4%~lHMg+ZlmOD07Ogl z$A5;b)q~n*U%I3&ZE`Fgf|j~ILH;lUL|pEaW}hD8r5PQ_P|nTjE&^AW#88VnG; zS?ZVp{u>_PsBV_4ulBDNaXGXvU0pi`jmw$}PaZwDud!687Rv37{sGzwh1%FK^_Mq1d0vZ^Tw^pdCDTP_z_7`ZpZs;l`+b z&|}JUew6LD>B-q+I@=h1#}4LBY#&NJ&7^J7K+WZ~oU}X-`6W63*p9;Lxb$!D>EjE@ zsk{vpx^4NS@c&4TZ#Rn&ScVV;{WBe9F)4oXgu_u%(&OE-Mo8W*S`?kq$%lM zv1Cvu*@e=MgxcWEqhJ{8NKgH_M?pN~0&V=u6gkJpmN1lKL^yRtF3fIeE&ph!U5UJ7 zL20gQS=D|98o~hPxEO-;elpmLDP?1n?w8>8!+Yz)Q4-gyN!V9r}svBsI7+7w1B9LpG`4L8x z+KW{{XId!(JG<+}_q^huAr29Ei8hHoGCp^9*Qz*gsBS|Wiy)8|Fn7`Pgj2W|ZX5Cz zZVB5CS{QDJJJuaqvw@UFk#K(XkjEyUBR&M{=1NRM*9M{STdQh9nc-@c2BzB&wdw^~ z=0jU}C!KX!M95o3I?7t=FT~5pp}uzvl)CsQkf6L$TW7)3SdeZWa#rM#hE^)zazmfv zp|t@Nk!(XpWKWaR!k<0`NAk77B$In`&ZP&HiS7!nu076V`+xWGvb6Rj)4(hBHW06Mqe z^PlbN*^~CL`+}?Wf@1}Nf81BEW2g4>)Xpz(ZE20Rh}VFyZV?D9B!aicjjfJW zbfH3I%b68DO(V@wSU0evxT6c;R7b<;#Vy2b^}?fyu=qhUUDYcEy*~8JS`IY1t~NWW z0qO9r>NY4c;8{w~nJ15fb@@LJy)TRdcyHfJYhLNXF(ckJ+L6rN8sJSTH{2TKwfIU; zF5_yat~Q800S=v?>>sP~0hmH>7(L-R63u7W6^hvjERe*B^s5wP?mz44A!R-3M~rHK zcDRrTIrF>w3 zcsM6{9Q5!9(IZzVzS>3uY&+YrQsB;EOR@|Ir`$)yNa*c#hY> zz#Je4SNa8&|7nMigRGaJkN8S)j_z;l-z=O}4>;?y6D^d{!f*$ALS+iD*EQRc3D1;!drE;`{Cs9p5+}kj?AttA1lcC5D%K!tnyo@GX5M&@1W-)sK{#Lwmp4b$q}Op5QP*b5N&ggGcue9G>Krl(fq-(gBh~>5)*{*QH&65 z?|KK6=L@~*#T^dH_YZ)!D2@stP2?{cd_D&+`Zf0F#))i;Kn7(p-kN=}eil{UhPG!y zaOgvLH?{gKmwF~?F_1l_#45c9K(Ts(c_N^cv)ckxO(6tCnTgP|LOf7Vpr z*jaDR7UXuxZ+>k2CJP^4(+$vH+Z_1AZ{%lU|2iEbK%)998Vh!edh}3H+Y&(>Im0Az zK-m2*>mtP0YQ0-Olgi z32*bM7x(R{*1x7)*~X6wX6kD92U=W*b)|{AoGR}m^)f0$*9U2@cYrkEh0Rsl8BA8C zBb&Xg|K$vw;AR=N(zb9`NNux^!P0GAmxp@?Gm!u@|H$%B)b&ub3er-3H7*b|ppEsdI7Vk4wP>wpWWwQyQ2 zZ6Pqv(B%9lCmG3NUW<8V3nsd2Be8^fSeaOd8x)!YZH9Xr& z59>&~j#OP%a4Q@7{r7!ns?8mRO?F01ZvHUOF4C*ToXc`#-l<#>Inor$ z8^PA=E%XOfh5*ubGh10*vlAlVBKv>pKZM+!)ZgFQBiZ^cK3c!Xd$bRLMA(Q%EMf~P zQ#cnNb0JQ^0THeFgWc2(XiQ`ZUmBE)sY;?%o+Wifkgua!6J1WUvnlMhT7fBD99*;_ z;|`y@NN&XeH<(fstSP|%fNg5K@3zeGVP3mSbi&=lnnAKWWNj5*Z_@)lVU09nH8?{a zp8rm6rVLn;3CD^`^r_dEoVSg4=jv!FeGyFZDoimJq5(!r`crP)znF|@qo{Y!yw_g0 zOyd!D|EF%XmNF^+#2LKMf;Kc=wB}xZXdOOw|TH*_DaSU=C zBNuiv;1+m|aBx@soWh7ALyClmrCZsOfee`_YvCmhuBg9?<-f@#Il&!$z7 zHJx2xiko`JW`o_quZ9rP9WVbSLwi+tr&g-Thb)V-QgAGyG9ZHXG8%APLh-J;*cIHG z4<|d(;3@5?MBV*OZU_I~b2Lf?Lx1~wFR`Au`KOj_=;W$>Bh>Dw@}gI>;ZMTBQNs3? zk)+_+ngFo9-u35|-;ae!rFxk`=^u_a^MOA4EnywRt1Ld%#d@0in=6Z%;K=%`=vA`5 z=rhRQka4T!g0~)XU$0N|Uf?-f9;Q7fm*(CRI{t=m!z2r{-z!j0T$=)PT~LrA7vH@s zg?O<#NB>ceQbs`_cf}4`gxaF^3>zWLQy>LbJ^tWePx@LVL|0x^#8Q41ApsU*ppkQe z`kX1Bnnp-u=a{E&9_RvpJK75D_y~FmZMuG1y*+-u;9MU7Q0tSOOypUlit z9is<>wzLx>m$i!w!8g}jVc)P#qxM+Nkhs8iWVAs`7;-LS`6 ztvA&-^Nu{bctG^p{O`V3dm|z~viUaM_PI0l-s@AT%xbMNAe#f?qqNpwmX0>3K5`b;|0Hbt9uaiSG(*g@43_Mb=~`ySE(?l&g@% zvY+_$Mqq{?30GxS9pkJ@@T+KqVrAN@IFN*B^qXP-tPV0Gg0X&ENg(U5N^dP^EfS0E z*#*L?YRabP%Gv3f}f za@rrFd_rMRPM+_^U3=Xv&;)J5_8bb93jwf*FlQ8)Rh87G%8V?*8@x+ zqx@c;6-QPAw^`Hez?s_mP*%}tqT_cp9k;zjXo;dV?;(<;g!>cuCtf+eGdP}tS1F}f zFN4o_xg_j6gwBN?K3JjGK{NjLHaq`)0v84vTKSq?)=!F(`hN(8+NZ{+E@#r?3DgXyW%VHnkN3-~0|kbw#kWZAjpd zY$Frv=#pJo9YPLITM*3OyncnZlcNDOF=}k-hscd)rKZ@inx;~1`uaHHOCtP`>i4Fe zvqt%;b53+QZ)SZ08g8j4%f4cQ8sdIXj8?2?i*}pA%~r_d5kGbkHFb-h!JeVTY}!iJ zFq$jSPhd*%8hlBM0&VC0i?Q7L*nGW`&GU!+EbIA*zdjBd2LZH?4DT16O%B zvJIl|B&J`SPW?~a`DQ39PP#MCed$f0CK=Z?#F4>?%kUfXr6s--9+MK%yt3)8IxX47t4 z(;LnQDrAI|tELDx(gb*E24|K2fy0?WdpSJIZwUI4$YV=73Zi~&>a>%1{jlgro|e3bj*}=82ab~rUVr zv6L}W3s`$we=S1MMi2O(WPE+Q-bMhBns2`0op5m1P~ew?bn+;p3|DhuMQLNBT(tyZ z*oe=Wd;g?4om4}T91I(iB-iYUS$!X#mK#u|{Tp5#8nsWL7R~o45A%1IEKobmL|{0j z>D7M=_95Q_p-8^$9h{q z9taDr(aH3|RE!S0`!6ys{?r>Vp`Hnnm&T7#C5C3j)-o*-u=NPBZY{KlYyTqC=q1Rh z>)}-4ZKuDFC?2ISiYsnxR6cSUS#nyw{b^%zlmJz4My4IDXVA&)hS3!4&Iuf5ZVuSo zO^qpaDjbf{2i-Fsn8#qzt%!6~UJyDelU$pFkrQ>}9+8_I@G@CH%CA!aIzJgac5Xm~ zz7MifFTZo&r)iGd>y2}s`%b&baLL8ixatiSPuzM>%+~pDh&O)YXIuBY>Z|4uvU2?D zax8-KKP+E;utf-e{Y~|i4InZ!NxCK+PZ2qk;Hg$fTGJlS#$1^?r+H`D9}Z$3qVRm~ zUW?y@5qx7_Ttfd~3b-A)N+y1#7Y}!C`k^MW)I|}kGb8LQAo%^sqDO&R(`%4E(@(0D zGsP_-MwLMfn#PYzdwTvat;-A%|1$SUQS=k3D*!F%<;OT>&j!9U^Gk5{5W zGK06X%IqDvj{g5dLTS8`6k<5|O%i^d=Y4j2qz>hoLL@gsk4tp-ot?y~w(a=&8tuiAa&4^}Wrk27fGt%_7jlH&}yhj@>hxe`G??pNWgMDu5;NvV=Xf_Z9m zT3HgKrqaWoHuNB~h6aj2zr9iA^=A|DhpffbVgphJg4?~x(Ua+rdCCh_+f2{fD!LyT z6Czik?AyW>?9T)7!m+WNwzp>p#Rx=-P&HyPiuNvUM$W+wjrkMMYtT9&q_}t zHl(07s%IOjW`F-%xTYr<9R*15<)pIqw*s;tM`yz~ues%Yqo4JYFK8|#H}6Z8 z4UW}8-+V{ww=FR=glZaiYXYdaiVGUEc-@SyQmr45Ebj zi7%2z>(>Zv2M0P~S+fLXi;Bioi3n`3ROhgIOe%}1(ercA=bBqVoA-aEntrt5;UjXV zfXJwaJq{@4raW4~B{LrALc;W4+gY4VxW1E(I1n?!-G+rVgIcIPaMQ?qBa{uJj@O5Q z+?SmnZn^6)(t{=vyKB?^vQh}dJ*|=FT>@2Alr7%hfg`~Y0=%R4cJPJXX<7NZ`n9yk z6(P$k+zRu40!>!sNm_P{<jxu?*+P{#-kU#D{34(e==Uur#eQC3yBylSd`_s+) zQG3_Hq|-F*R=ByIs8u~=aj5K&6`Xxhssl&Hv4P6<9u15bH}qlNf6*Xo&2AMQzbl8X z)IX8m>yB~QIh&D^vuD zA!-S9_F zXVe3*)yfO|{HNoIUB4QGbmsH<!K+nZXA~H+f`;0G;_-LIR%{u-r19Auj1=6l|F;Hjc8L4q7GmbnZ1WsK%RuTK)|K8GnG z`eE!?_85tk4Ks{?kWvHF&DUNGnvDo1pK88GTJ_oc)zA};n z@Jc!zAzkvcB`ExUZe^L;oG6q0+SAky5hT`(3SJe*%LuR(a%6{Z z3dXlCZ0U<--us!A-x>_f%npe_SKEE>^S#C*@kT@!r0x?2fUsAP|C%YbR?~iTwY9zo zLj4Q@24p_~n29cM?o$3c{o0~VM|ge7jtC3IHjMp&RGl@-TFY85{iRL)rGisC5fX~? zn;y*2&GoXc)WhL;n||vHW95ssp#&w9Ege11qa|f?e=)Z0k5R1MdlXeV&3@yf6`#Mk zy*XcUQdz)xG?Zd^%5hbiffo3-*kC!fWjVg=35y(A!WZNs0A1cC7NvdpPg|~Mg$q=% ztId2=K3xNUbdzjjF9uEpT?Uz(=vG_N!$|=&hHlvPH%5-93R$2@y^P1yU3(4ku^w5+ zhPV`wko(BUctrKPblZ}Syxy$kjkxsw4EeGb3PlM$3qq4dZB&9Fjty@RN z-*=flaRk-9m@hf-jEHIq;8=D;IfDk1n72Acnh~`P&{Pa9d^T=8IWzPs;n7v#fw4KE zd+Hsu*t5%PYaFp|)zAKTVK}onF3xF1AtwH4Z;b|yy>d*mCL=OaT(8dtgZ+c5Bwv|_ zF-|YdbIU86!N1mp{#WIMh5Wt!zz${W`t!qO>(yRoL#kHgk67j6-xZDg6*Z4iMKjC= zx<-bWTERb0XF^oEugbIuaR`bu55y}eGSd%ArH96uzYXBa9|?X5lS@uBB>BiGk=VQ!%!j@KDUmH_Y^4sP|%} zj7AQl(RiUe%c5mpaTHy1-xCa$^V$%+z|$CHGg>KURa{ieIF~5bXJt+SZAx)r5sX3m z`0bE z<9%fN;|c}?=PlJ59cbFCGRpBkHaxTs%zP~V;H8z2C)f)7ZiHJHFTk5$9rVrDUc