From 3a5773ce07f2f2bdc4f4473b62a2ccdc15c07d92 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Matija=20=C4=8Cupi=C4=87?= <matteeyah@gmail.com>
Date: Wed, 18 Apr 2018 14:18:27 +0200
Subject: [PATCH 001/129] Accept variable params in create_params

---
 app/controllers/projects/pipelines_controller.rb | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/app/controllers/projects/pipelines_controller.rb b/app/controllers/projects/pipelines_controller.rb
index 78d109cf33e..1ee273091d4 100644
--- a/app/controllers/projects/pipelines_controller.rb
+++ b/app/controllers/projects/pipelines_controller.rb
@@ -157,7 +157,7 @@ class Projects::PipelinesController < Projects::ApplicationController
   end
 
   def create_params
-    params.require(:pipeline).permit(:ref)
+    params.require(:pipeline).permit(:ref, variables_attributes: %i[key secret_value])
   end
 
   def pipeline

From b32eabb153911b78d7ad1f6c8e3edfde482dd56a Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Matija=20=C4=8Cupi=C4=87?= <matteeyah@gmail.com>
Date: Wed, 18 Apr 2018 17:32:33 +0200
Subject: [PATCH 002/129] Alias value to secret_value in Ci::PipelineVariable

---
 app/models/ci/pipeline_variable.rb | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/app/models/ci/pipeline_variable.rb b/app/models/ci/pipeline_variable.rb
index de5aae17a15..38e14ffbc0c 100644
--- a/app/models/ci/pipeline_variable.rb
+++ b/app/models/ci/pipeline_variable.rb
@@ -5,6 +5,8 @@ module Ci
 
     belongs_to :pipeline
 
+    alias_attribute :secret_value, :value
+
     validates :key, uniqueness: { scope: :pipeline_id }
   end
 end

From 0d70dd6c48bed0f14b095521087c8b189b6b56fa Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Matija=20=C4=8Cupi=C4=87?= <matteeyah@gmail.com>
Date: Wed, 18 Apr 2018 17:35:39 +0200
Subject: [PATCH 003/129] Accept nested Variables in Ci::Pipeline

---
 app/models/ci/pipeline.rb | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/app/models/ci/pipeline.rb b/app/models/ci/pipeline.rb
index 434b9b64c65..52749c8bf7c 100644
--- a/app/models/ci/pipeline.rb
+++ b/app/models/ci/pipeline.rb
@@ -32,6 +32,8 @@ module Ci
     has_many :auto_canceled_pipelines, class_name: 'Ci::Pipeline', foreign_key: 'auto_canceled_by_id'
     has_many :auto_canceled_jobs, class_name: 'CommitStatus', foreign_key: 'auto_canceled_by_id'
 
+    accepts_nested_attributes_for :variables, reject_if: :persisted?
+
     delegate :id, to: :project, prefix: true
     delegate :full_path, to: :project, prefix: true
 

From 2a9a01b955c1f8081d669724d8592e4cac7d5f19 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Matija=20=C4=8Cupi=C4=87?= <matteeyah@gmail.com>
Date: Wed, 18 Apr 2018 18:42:58 +0200
Subject: [PATCH 004/129] Add variables option to Ci::CreatePipelineService

---
 app/services/ci/create_pipeline_service.rb    |  1 +
 .../ci/create_pipeline_service_spec.rb        | 21 +++++++++++++++++--
 2 files changed, 20 insertions(+), 2 deletions(-)

diff --git a/app/services/ci/create_pipeline_service.rb b/app/services/ci/create_pipeline_service.rb
index 6ce86983287..4bbda434c6c 100644
--- a/app/services/ci/create_pipeline_service.rb
+++ b/app/services/ci/create_pipeline_service.rb
@@ -24,6 +24,7 @@ module Ci
         ignore_skip_ci: ignore_skip_ci,
         save_incompleted: save_on_errors,
         seeds_block: block,
+        variables: params[:variables_attributes],
         project: project,
         current_user: current_user)
 
diff --git a/spec/services/ci/create_pipeline_service_spec.rb b/spec/services/ci/create_pipeline_service_spec.rb
index 267258b33a8..652603df854 100644
--- a/spec/services/ci/create_pipeline_service_spec.rb
+++ b/spec/services/ci/create_pipeline_service_spec.rb
@@ -17,11 +17,13 @@ describe Ci::CreatePipelineService do
       after: project.commit.id,
       message: 'Message',
       ref: ref_name,
-      trigger_request: nil)
+      trigger_request: nil,
+      variables: nil)
       params = { ref: ref,
                  before: '00000000',
                  after: after,
-                 commits: [{ message: message }] }
+                 commits: [{ message: message }],
+                 variables_attributes: variables }
 
       described_class.new(project, user, params).execute(
         source, trigger_request: trigger_request)
@@ -545,5 +547,20 @@ describe Ci::CreatePipelineService do
         expect(pipeline.tag?).to be true
       end
     end
+
+    context 'when pipeline variables are specified' do
+      let(:variables) do
+        [{ key: 'first', secret_value: 'world' },
+         { key: 'second', secret_value: 'second_world' }]
+      end
+
+      subject { execute_service(variables: variables) }
+
+      it 'creates a pipeline with specified variables' do
+        expect(subject.variables.count).to eq(variables.count)
+        expect(subject.variables.first.key).to eq(variables.first[:key])
+        expect(subject.variables.last.secret_value).to eq(variables.last[:secret_value])
+      end
+    end
   end
 end

From 80cc9df926b5dddfa0d8eeeeaba43bda8fdba401 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Matija=20=C4=8Cupi=C4=87?= <matteeyah@gmail.com>
Date: Wed, 18 Apr 2018 19:28:34 +0200
Subject: [PATCH 005/129] Use variables_attributes intead of variables

---
 app/services/ci/create_pipeline_service.rb       |  2 +-
 spec/services/ci/create_pipeline_service_spec.rb | 14 +++++++-------
 2 files changed, 8 insertions(+), 8 deletions(-)

diff --git a/app/services/ci/create_pipeline_service.rb b/app/services/ci/create_pipeline_service.rb
index 4bbda434c6c..17a53b6a8fd 100644
--- a/app/services/ci/create_pipeline_service.rb
+++ b/app/services/ci/create_pipeline_service.rb
@@ -24,7 +24,7 @@ module Ci
         ignore_skip_ci: ignore_skip_ci,
         save_incompleted: save_on_errors,
         seeds_block: block,
-        variables: params[:variables_attributes],
+        variables_attributes: params[:variables_attributes],
         project: project,
         current_user: current_user)
 
diff --git a/spec/services/ci/create_pipeline_service_spec.rb b/spec/services/ci/create_pipeline_service_spec.rb
index 652603df854..24717898c33 100644
--- a/spec/services/ci/create_pipeline_service_spec.rb
+++ b/spec/services/ci/create_pipeline_service_spec.rb
@@ -18,12 +18,12 @@ describe Ci::CreatePipelineService do
       message: 'Message',
       ref: ref_name,
       trigger_request: nil,
-      variables: nil)
+      variables_attributes: nil)
       params = { ref: ref,
                  before: '00000000',
                  after: after,
                  commits: [{ message: message }],
-                 variables_attributes: variables }
+                 variables_attributes: variables_attributes }
 
       described_class.new(project, user, params).execute(
         source, trigger_request: trigger_request)
@@ -549,17 +549,17 @@ describe Ci::CreatePipelineService do
     end
 
     context 'when pipeline variables are specified' do
-      let(:variables) do
+      let(:variables_attributes) do
         [{ key: 'first', secret_value: 'world' },
          { key: 'second', secret_value: 'second_world' }]
       end
 
-      subject { execute_service(variables: variables) }
+      subject { execute_service(variables_attributes: variables_attributes) }
 
       it 'creates a pipeline with specified variables' do
-        expect(subject.variables.count).to eq(variables.count)
-        expect(subject.variables.first.key).to eq(variables.first[:key])
-        expect(subject.variables.last.secret_value).to eq(variables.last[:secret_value])
+        expect(subject.variables.count).to eq(variables_attributes.count)
+        expect(subject.variables.first.key).to eq(variables_attributes.first[:key])
+        expect(subject.variables.last.secret_value).to eq(variables_attributes.last[:secret_value])
       end
     end
   end

From 317477fc67a5d71900cf8e2ffe7f96c2017e9089 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Matija=20=C4=8Cupi=C4=87?= <matteeyah@gmail.com>
Date: Wed, 18 Apr 2018 19:28:59 +0200
Subject: [PATCH 006/129] Extend Gitlab::Ci::Pipeline::Chain::Command with
 variables_attributes

---
 lib/gitlab/ci/pipeline/chain/build.rb           | 3 ++-
 lib/gitlab/ci/pipeline/chain/command.rb         | 2 +-
 spec/lib/gitlab/ci/pipeline/chain/build_spec.rb | 8 +++++++-
 3 files changed, 10 insertions(+), 3 deletions(-)

diff --git a/lib/gitlab/ci/pipeline/chain/build.rb b/lib/gitlab/ci/pipeline/chain/build.rb
index 70732d26bbd..b5eb0cfa2f0 100644
--- a/lib/gitlab/ci/pipeline/chain/build.rb
+++ b/lib/gitlab/ci/pipeline/chain/build.rb
@@ -14,7 +14,8 @@ module Gitlab
               trigger_requests: Array(@command.trigger_request),
               user: @command.current_user,
               pipeline_schedule: @command.schedule,
-              protected: @command.protected_ref?
+              protected: @command.protected_ref?,
+              variables_attributes: Array(@command.variables_attributes)
             )
 
             @pipeline.set_config_source
diff --git a/lib/gitlab/ci/pipeline/chain/command.rb b/lib/gitlab/ci/pipeline/chain/command.rb
index a1849b01c5d..a53c80d34f7 100644
--- a/lib/gitlab/ci/pipeline/chain/command.rb
+++ b/lib/gitlab/ci/pipeline/chain/command.rb
@@ -7,7 +7,7 @@ module Gitlab # rubocop:disable Naming/FileName
           :origin_ref, :checkout_sha, :after_sha, :before_sha,
           :trigger_request, :schedule,
           :ignore_skip_ci, :save_incompleted,
-          :seeds_block
+          :seeds_block, :variables_attributes
         ) do
           include Gitlab::Utils::StrongMemoize
 
diff --git a/spec/lib/gitlab/ci/pipeline/chain/build_spec.rb b/spec/lib/gitlab/ci/pipeline/chain/build_spec.rb
index 3ae7053a995..17f15ac3b27 100644
--- a/spec/lib/gitlab/ci/pipeline/chain/build_spec.rb
+++ b/spec/lib/gitlab/ci/pipeline/chain/build_spec.rb
@@ -5,6 +5,10 @@ describe Gitlab::Ci::Pipeline::Chain::Build do
   set(:user) { create(:user) }
   let(:pipeline) { Ci::Pipeline.new }
 
+  let(:variables_attributes) do
+    [{ key: 'first', secret_value: 'world' },
+     { key: 'second', secret_value: 'second_world' }]
+  end
   let(:command) do
     Gitlab::Ci::Pipeline::Chain::Command.new(
       source: :push,
@@ -15,7 +19,8 @@ describe Gitlab::Ci::Pipeline::Chain::Build do
       trigger_request: nil,
       schedule: nil,
       project: project,
-      current_user: user)
+      current_user: user,
+      variables_attributes: variables_attributes)
   end
 
   let(:step) { described_class.new(pipeline, command) }
@@ -39,6 +44,7 @@ describe Gitlab::Ci::Pipeline::Chain::Build do
     expect(pipeline.tag).to be false
     expect(pipeline.user).to eq user
     expect(pipeline.project).to eq project
+    expect(pipeline.variables.size).to eq variables_attributes.count
   end
 
   it 'sets a valid config source' do

From 1549239849adf31a078be7503ab2288795e337cf Mon Sep 17 00:00:00 2001
From: Alexis Reigel <mail@koffeinfrei.org>
Date: Wed, 1 Mar 2017 13:06:35 +0100
Subject: [PATCH 007/129] add Ci::RunnerGroup join model

---
 app/models/ci/runner_group.rb                 |  8 ++++++
 .../20170301101006_add_ci_runner_groups.rb    | 27 +++++++++++++++++++
 db/schema.rb                                  | 13 +++++++++
 3 files changed, 48 insertions(+)
 create mode 100644 app/models/ci/runner_group.rb
 create mode 100644 db/migrate/20170301101006_add_ci_runner_groups.rb

diff --git a/app/models/ci/runner_group.rb b/app/models/ci/runner_group.rb
new file mode 100644
index 00000000000..87f3ba13bff
--- /dev/null
+++ b/app/models/ci/runner_group.rb
@@ -0,0 +1,8 @@
+module Ci
+  class RunnerGroup < ActiveRecord::Base
+    extend Gitlab::Ci::Model
+
+    belongs_to :runner
+    belongs_to :group, class_name: '::Group'
+  end
+end
diff --git a/db/migrate/20170301101006_add_ci_runner_groups.rb b/db/migrate/20170301101006_add_ci_runner_groups.rb
new file mode 100644
index 00000000000..73a135b0ee1
--- /dev/null
+++ b/db/migrate/20170301101006_add_ci_runner_groups.rb
@@ -0,0 +1,27 @@
+class AddCiRunnerGroups < ActiveRecord::Migration
+  include Gitlab::Database::MigrationHelpers
+
+  DOWNTIME = false
+
+  disable_ddl_transaction!
+
+  def up
+    create_table :ci_runner_groups do |t|
+      t.integer :runner_id
+      t.integer :group_id
+
+      t.timestamps_with_timezone null: false
+    end
+
+    add_concurrent_index :ci_runner_groups, :runner_id
+    add_concurrent_foreign_key :ci_runner_groups, :ci_runners, column: :runner_id, on_delete: :cascade
+
+    add_concurrent_index :ci_runner_groups, :group_id
+    add_concurrent_index :ci_runner_groups, [:runner_id, :group_id], unique: true
+    add_concurrent_foreign_key :ci_runner_groups, :namespaces, column: :group_id, on_delete: :cascade
+  end
+
+  def down
+    drop_table :ci_runner_groups
+  end
+end
diff --git a/db/schema.rb b/db/schema.rb
index df621956c80..9f3b27b8b6a 100644
--- a/db/schema.rb
+++ b/db/schema.rb
@@ -443,6 +443,17 @@ ActiveRecord::Schema.define(version: 20180418053107) do
   add_index "ci_pipelines", ["status"], name: "index_ci_pipelines_on_status", using: :btree
   add_index "ci_pipelines", ["user_id"], name: "index_ci_pipelines_on_user_id", using: :btree
 
+  create_table "ci_runner_groups", force: :cascade do |t|
+    t.integer "runner_id"
+    t.integer "group_id"
+    t.datetime "created_at", null: false
+    t.datetime "updated_at", null: false
+  end
+
+  add_index "ci_runner_groups", ["group_id"], name: "index_ci_runner_groups_on_group_id", using: :btree
+  add_index "ci_runner_groups", ["runner_id", "group_id"], name: "index_ci_runner_groups_on_runner_id_and_group_id", unique: true, using: :btree
+  add_index "ci_runner_groups", ["runner_id"], name: "index_ci_runner_groups_on_runner_id", using: :btree
+
   create_table "ci_runner_projects", force: :cascade do |t|
     t.integer "runner_id", null: false
     t.datetime "created_at"
@@ -2078,6 +2089,8 @@ ActiveRecord::Schema.define(version: 20180418053107) do
   add_foreign_key "ci_pipelines", "ci_pipeline_schedules", column: "pipeline_schedule_id", name: "fk_3d34ab2e06", on_delete: :nullify
   add_foreign_key "ci_pipelines", "ci_pipelines", column: "auto_canceled_by_id", name: "fk_262d4c2d19", on_delete: :nullify
   add_foreign_key "ci_pipelines", "projects", name: "fk_86635dbd80", on_delete: :cascade
+  add_foreign_key "ci_runner_groups", "ci_runners", column: "runner_id", name: "fk_d8a0baa93b", on_delete: :cascade
+  add_foreign_key "ci_runner_groups", "namespaces", column: "group_id", name: "fk_cdafb3bbba", on_delete: :cascade
   add_foreign_key "ci_runner_projects", "projects", name: "fk_4478a6f1e4", on_delete: :cascade
   add_foreign_key "ci_stages", "ci_pipelines", column: "pipeline_id", name: "fk_fb57e6cc56", on_delete: :cascade
   add_foreign_key "ci_stages", "projects", name: "fk_2360681d1d", on_delete: :cascade

From 9a07bc819f137a3077784a33e1b36bf6797d9547 Mon Sep 17 00:00:00 2001
From: Alexis Reigel <mail@koffeinfrei.org>
Date: Wed, 1 Mar 2017 13:07:24 +0100
Subject: [PATCH 008/129] add misssing scope specs

---
 spec/models/ci/runner_spec.rb | 19 +++++++++++++++++++
 1 file changed, 19 insertions(+)

diff --git a/spec/models/ci/runner_spec.rb b/spec/models/ci/runner_spec.rb
index ab170e6351c..529f200b43a 100644
--- a/spec/models/ci/runner_spec.rb
+++ b/spec/models/ci/runner_spec.rb
@@ -49,6 +49,25 @@ describe Ci::Runner do
     end
   end
 
+  describe 'scopes' do
+    describe 'owned_or_shared' do
+      it 'returns the specific project runner' do
+        specific_project = create :project
+        other_project = create :project
+        specific_runner = create :ci_runner, :specific, projects: [specific_project]
+        other_runner = create :ci_runner, :specific, projects: [other_project]
+
+        expect(described_class.owned_or_shared(specific_project.id)).to eq [specific_runner]
+      end
+
+      it 'returns the shared projects' do
+        runner = create :ci_runner, :shared
+
+        expect(described_class.owned_or_shared(0)).to eq [runner]
+      end
+    end
+  end
+
   describe '#display_name' do
     it 'returns the description if it has a value' do
       runner = FactoryBot.build(:ci_runner, description: 'Linux/Ruby-1.9.3-p448')

From 295184f6a5ff0b98340c32e0cc715dafa4d9b60c Mon Sep 17 00:00:00 2001
From: Alexis Reigel <mail@koffeinfrei.org>
Date: Wed, 1 Mar 2017 17:19:12 +0100
Subject: [PATCH 009/129] include group runners in scope

---
 app/models/ci/runner.rb       | 31 ++++++++++++++++++++--
 spec/models/ci/runner_spec.rb | 50 ++++++++++++++++++++++++++++++++---
 2 files changed, 75 insertions(+), 6 deletions(-)

diff --git a/app/models/ci/runner.rb b/app/models/ci/runner.rb
index 5a4c56ec0dc..8f8dfbda412 100644
--- a/app/models/ci/runner.rb
+++ b/app/models/ci/runner.rb
@@ -14,6 +14,8 @@ module Ci
     has_many :builds
     has_many :runner_projects, dependent: :destroy # rubocop:disable Cop/ActiveRecordDependent
     has_many :projects, through: :runner_projects
+    has_many :runner_groups
+    has_many :groups, through: :runner_groups
 
     has_one :last_build, ->() { order('id DESC') }, class_name: 'Ci::Build'
 
@@ -27,8 +29,33 @@ module Ci
     scope :ordered, ->() { order(id: :desc) }
 
     scope :owned_or_shared, ->(project_id) do
-      joins('LEFT JOIN ci_runner_projects ON ci_runner_projects.runner_id = ci_runners.id')
-        .where("ci_runner_projects.project_id = :project_id OR ci_runners.is_shared = true", project_id: project_id)
+      joins(
+        %{
+          -- project runners
+          LEFT JOIN ci_runner_projects ON ci_runner_projects.runner_id = ci_runners.id
+
+          -- group runners
+          LEFT JOIN ci_runner_groups ON ci_runner_groups.runner_id = ci_runners.id
+          LEFT JOIN namespaces ON namespaces.id = ci_runner_groups.group_id
+          LEFT JOIN projects group_projects ON group_projects.namespace_id = namespaces.id
+        }
+      ).where(
+        %{
+          -- project runners
+          ci_runner_projects.project_id = :project_id
+
+            OR
+
+          -- group runners
+          group_projects.id = :project_id
+
+            OR
+
+          -- shared runners
+          ci_runners.is_shared = true
+        },
+        project_id: project_id
+      )
     end
 
     scope :assignable_for, ->(project) do
diff --git a/spec/models/ci/runner_spec.rb b/spec/models/ci/runner_spec.rb
index 529f200b43a..477540fb3b0 100644
--- a/spec/models/ci/runner_spec.rb
+++ b/spec/models/ci/runner_spec.rb
@@ -52,19 +52,61 @@ describe Ci::Runner do
   describe 'scopes' do
     describe 'owned_or_shared' do
       it 'returns the specific project runner' do
+        # own
         specific_project = create :project
-        other_project = create :project
         specific_runner = create :ci_runner, :specific, projects: [specific_project]
-        other_runner = create :ci_runner, :specific, projects: [other_project]
+
+        # other
+        other_project = create :project
+        create :ci_runner, :specific, projects: [other_project]
 
         expect(described_class.owned_or_shared(specific_project.id)).to eq [specific_runner]
       end
 
-      it 'returns the shared projects' do
-        runner = create :ci_runner, :shared
+      it 'returns the shared project runner' do
+        project = create :project
+        runner = create :ci_runner, :shared, projects: [project]
 
         expect(described_class.owned_or_shared(0)).to eq [runner]
       end
+
+      it 'returns the specific group runner' do
+        # own
+        specific_group = create :group
+        specific_project = create :project, group: specific_group
+        specific_runner = create :ci_runner, :specific, groups: [specific_group]
+
+        # other
+        other_group = create :group
+        create :project, group: other_group
+        create :ci_runner, :specific, groups: [other_group]
+
+        expect(described_class.owned_or_shared(specific_project.id)).to eq [specific_runner]
+      end
+
+      it 'returns the shared group runner' do
+        group = create :group
+        runner = create :ci_runner, :shared, groups: [group]
+
+        expect(described_class.owned_or_shared(0)).to eq [runner]
+      end
+
+      it 'returns a globally shared, a project specific and a group specific runner' do
+        # group specific
+        group = create :group
+        project = create :project, group: group
+        group_runner = create :ci_runner, :specific, groups: [group]
+
+        # project specific
+        project_runner = create :ci_runner, :specific, projects: [project]
+
+        # globally shared
+        shared_runner = create :ci_runner, :shared
+
+        expect(described_class.owned_or_shared(project.id)).to match_array [
+          group_runner, project_runner, shared_runner
+        ]
+      end
     end
   end
 

From 40b0f5406d97d2fff5019b87a2ab22468053af20 Mon Sep 17 00:00:00 2001
From: Alexis Reigel <mail@koffeinfrei.org>
Date: Wed, 6 Sep 2017 10:53:07 +0200
Subject: [PATCH 010/129] use union instead of multiple joins

the unions performs much better than the joins, and the execution time
is constant with a growing number of records.
---
 app/models/ci/runner.rb | 29 +++++++++++++++--------------
 1 file changed, 15 insertions(+), 14 deletions(-)

diff --git a/app/models/ci/runner.rb b/app/models/ci/runner.rb
index 8f8dfbda412..cfed4a2eeea 100644
--- a/app/models/ci/runner.rb
+++ b/app/models/ci/runner.rb
@@ -29,33 +29,34 @@ module Ci
     scope :ordered, ->() { order(id: :desc) }
 
     scope :owned_or_shared, ->(project_id) do
-      joins(
+      project_runners = joins(
         %{
-          -- project runners
           LEFT JOIN ci_runner_projects ON ci_runner_projects.runner_id = ci_runners.id
+        }
+      ).where(
+        %{
+          ci_runner_projects.project_id = :project_id
+        },
+        project_id: project_id
+      )
 
-          -- group runners
+      group_runners = joins(
+        %{
           LEFT JOIN ci_runner_groups ON ci_runner_groups.runner_id = ci_runners.id
           LEFT JOIN namespaces ON namespaces.id = ci_runner_groups.group_id
           LEFT JOIN projects group_projects ON group_projects.namespace_id = namespaces.id
         }
       ).where(
         %{
-          -- project runners
-          ci_runner_projects.project_id = :project_id
-
-            OR
-
-          -- group runners
           group_projects.id = :project_id
-
-            OR
-
-          -- shared runners
-          ci_runners.is_shared = true
         },
         project_id: project_id
       )
+
+      shared_runners = where(is_shared: true)
+
+      union = Gitlab::SQL::Union.new([project_runners, group_runners, shared_runners])
+      from("(#{union.to_sql}) ci_runners")
     end
 
     scope :assignable_for, ->(project) do

From 14c8dbc66537e59d9a01fe5e8ad64ba559254f14 Mon Sep 17 00:00:00 2001
From: Alexis Reigel <mail@koffeinfrei.org>
Date: Wed, 6 Sep 2017 11:26:55 +0200
Subject: [PATCH 011/129] drop 'scopes' context from specs

---
 spec/models/ci/runner_spec.rb | 88 +++++++++++++++++------------------
 1 file changed, 43 insertions(+), 45 deletions(-)

diff --git a/spec/models/ci/runner_spec.rb b/spec/models/ci/runner_spec.rb
index 477540fb3b0..5a851a3d559 100644
--- a/spec/models/ci/runner_spec.rb
+++ b/spec/models/ci/runner_spec.rb
@@ -49,64 +49,62 @@ describe Ci::Runner do
     end
   end
 
-  describe 'scopes' do
-    describe 'owned_or_shared' do
-      it 'returns the specific project runner' do
-        # own
-        specific_project = create :project
-        specific_runner = create :ci_runner, :specific, projects: [specific_project]
+  describe '.owned_or_shared' do
+    it 'returns the specific project runner' do
+      # own
+      specific_project = create :project
+      specific_runner = create :ci_runner, :specific, projects: [specific_project]
 
-        # other
-        other_project = create :project
-        create :ci_runner, :specific, projects: [other_project]
+      # other
+      other_project = create :project
+      create :ci_runner, :specific, projects: [other_project]
 
-        expect(described_class.owned_or_shared(specific_project.id)).to eq [specific_runner]
-      end
+      expect(described_class.owned_or_shared(specific_project.id)).to eq [specific_runner]
+    end
 
-      it 'returns the shared project runner' do
-        project = create :project
-        runner = create :ci_runner, :shared, projects: [project]
+    it 'returns the shared project runner' do
+      project = create :project
+      runner = create :ci_runner, :shared, projects: [project]
 
-        expect(described_class.owned_or_shared(0)).to eq [runner]
-      end
+      expect(described_class.owned_or_shared(0)).to eq [runner]
+    end
 
-      it 'returns the specific group runner' do
-        # own
-        specific_group = create :group
-        specific_project = create :project, group: specific_group
-        specific_runner = create :ci_runner, :specific, groups: [specific_group]
+    it 'returns the specific group runner' do
+      # own
+      specific_group = create :group
+      specific_project = create :project, group: specific_group
+      specific_runner = create :ci_runner, :specific, groups: [specific_group]
 
-        # other
-        other_group = create :group
-        create :project, group: other_group
-        create :ci_runner, :specific, groups: [other_group]
+      # other
+      other_group = create :group
+      create :project, group: other_group
+      create :ci_runner, :specific, groups: [other_group]
 
-        expect(described_class.owned_or_shared(specific_project.id)).to eq [specific_runner]
-      end
+      expect(described_class.owned_or_shared(specific_project.id)).to eq [specific_runner]
+    end
 
-      it 'returns the shared group runner' do
-        group = create :group
-        runner = create :ci_runner, :shared, groups: [group]
+    it 'returns the shared group runner' do
+      group = create :group
+      runner = create :ci_runner, :shared, groups: [group]
 
-        expect(described_class.owned_or_shared(0)).to eq [runner]
-      end
+      expect(described_class.owned_or_shared(0)).to eq [runner]
+    end
 
-      it 'returns a globally shared, a project specific and a group specific runner' do
-        # group specific
-        group = create :group
-        project = create :project, group: group
-        group_runner = create :ci_runner, :specific, groups: [group]
+    it 'returns a globally shared, a project specific and a group specific runner' do
+      # group specific
+      group = create :group
+      project = create :project, group: group
+      group_runner = create :ci_runner, :specific, groups: [group]
 
-        # project specific
-        project_runner = create :ci_runner, :specific, projects: [project]
+      # project specific
+      project_runner = create :ci_runner, :specific, projects: [project]
 
-        # globally shared
-        shared_runner = create :ci_runner, :shared
+      # globally shared
+      shared_runner = create :ci_runner, :shared
 
-        expect(described_class.owned_or_shared(project.id)).to match_array [
-          group_runner, project_runner, shared_runner
-        ]
-      end
+      expect(described_class.owned_or_shared(project.id)).to match_array [
+        group_runner, project_runner, shared_runner
+      ]
     end
   end
 

From 9507f39459316719088722510a6ae11b79a4b442 Mon Sep 17 00:00:00 2001
From: Alexis Reigel <mail@koffeinfrei.org>
Date: Wed, 6 Sep 2017 15:46:57 +0200
Subject: [PATCH 012/129] add runners_token column to namespaces

---
 app/models/group.rb                             |  4 ++++
 ...0170906133745_add_runners_token_to_groups.rb | 17 +++++++++++++++++
 db/schema.rb                                    |  2 ++
 3 files changed, 23 insertions(+)
 create mode 100644 db/migrate/20170906133745_add_runners_token_to_groups.rb

diff --git a/app/models/group.rb b/app/models/group.rb
index 8ff781059cc..ec27f757f46 100644
--- a/app/models/group.rb
+++ b/app/models/group.rb
@@ -9,6 +9,7 @@ class Group < Namespace
   include SelectForProjectAuthorization
   include LoadedInGroupList
   include GroupDescendant
+  include TokenAuthenticatable
 
   has_many :group_members, -> { where(requested_at: nil) }, dependent: :destroy, as: :source # rubocop:disable Cop/ActiveRecordDependent
   alias_method :members, :group_members
@@ -43,6 +44,9 @@ class Group < Namespace
 
   validates :two_factor_grace_period, presence: true, numericality: { greater_than_or_equal_to: 0 }
 
+  add_authentication_token_field :runners_token
+  before_save :ensure_runners_token
+
   after_create :post_create_hook
   after_destroy :post_destroy_hook
   after_save :update_two_factor_requirement
diff --git a/db/migrate/20170906133745_add_runners_token_to_groups.rb b/db/migrate/20170906133745_add_runners_token_to_groups.rb
new file mode 100644
index 00000000000..54d0fddd5e3
--- /dev/null
+++ b/db/migrate/20170906133745_add_runners_token_to_groups.rb
@@ -0,0 +1,17 @@
+class AddRunnersTokenToGroups < ActiveRecord::Migration
+  include Gitlab::Database::MigrationHelpers
+
+  DOWNTIME = false
+
+  disable_ddl_transaction!
+
+  def up
+    add_column :namespaces, :runners_token, :string
+
+    add_concurrent_index :namespaces, :runners_token, unique: true
+  end
+
+  def down
+    remove_column :namespaces, :runners_token
+  end
+end
diff --git a/db/schema.rb b/db/schema.rb
index 9f3b27b8b6a..b2c37a65ccf 100644
--- a/db/schema.rb
+++ b/db/schema.rb
@@ -1270,6 +1270,7 @@ ActiveRecord::Schema.define(version: 20180418053107) do
     t.boolean "require_two_factor_authentication", default: false, null: false
     t.integer "two_factor_grace_period", default: 48, null: false
     t.integer "cached_markdown_version"
+    t.string "runners_token"
   end
 
   add_index "namespaces", ["created_at"], name: "index_namespaces_on_created_at", using: :btree
@@ -1280,6 +1281,7 @@ ActiveRecord::Schema.define(version: 20180418053107) do
   add_index "namespaces", ["path"], name: "index_namespaces_on_path", using: :btree
   add_index "namespaces", ["path"], name: "index_namespaces_on_path_trigram", using: :gin, opclasses: {"path"=>"gin_trgm_ops"}
   add_index "namespaces", ["require_two_factor_authentication"], name: "index_namespaces_on_require_two_factor_authentication", using: :btree
+  add_index "namespaces", ["runners_token"], name: "index_namespaces_on_runners_token", unique: true, using: :btree
   add_index "namespaces", ["type"], name: "index_namespaces_on_type", using: :btree
 
   create_table "notes", force: :cascade do |t|

From 7fbdd17cbcd19086694f575884191a6d137838dc Mon Sep 17 00:00:00 2001
From: Alexis Reigel <mail@koffeinfrei.org>
Date: Thu, 7 Sep 2017 15:49:29 +0200
Subject: [PATCH 013/129] authorize group runners on user

---
 app/models/group.rb      |  2 ++
 app/models/user.rb       | 16 ++++++++--
 spec/models/user_spec.rb | 64 ++++++++++++++++++++++++++++++++--------
 3 files changed, 68 insertions(+), 14 deletions(-)

diff --git a/app/models/group.rb b/app/models/group.rb
index ec27f757f46..c34c913a16b 100644
--- a/app/models/group.rb
+++ b/app/models/group.rb
@@ -29,6 +29,8 @@ class Group < Namespace
   has_many :labels, class_name: 'GroupLabel'
   has_many :variables, class_name: 'Ci::GroupVariable'
   has_many :custom_attributes, class_name: 'GroupCustomAttribute'
+  has_many :runner_groups, class_name: 'Ci::RunnerGroup'
+  has_many :runners, through: :runner_groups, source: :runner, class_name: 'Ci::Runner'
 
   has_many :uploads, as: :model, dependent: :destroy # rubocop:disable Cop/ActiveRecordDependent
 
diff --git a/app/models/user.rb b/app/models/user.rb
index b0668148972..0c5c0fef9d4 100644
--- a/app/models/user.rb
+++ b/app/models/user.rb
@@ -995,10 +995,17 @@ class User < ActiveRecord::Base
 
   def ci_authorized_runners
     @ci_authorized_runners ||= begin
-      runner_ids = Ci::RunnerProject
+      project_runner_ids = Ci::RunnerProject
         .where(project: authorized_projects(Gitlab::Access::MASTER))
         .select(:runner_id)
-      Ci::Runner.specific.where(id: runner_ids)
+
+      group_runner_ids = Ci::RunnerGroup
+        .where(group_id: owned_or_masters_groups.select(:id))
+        .select(:runner_id)
+
+      union = Gitlab::SQL::Union.new([project_runner_ids, group_runner_ids])
+
+      Ci::Runner.specific.where("ci_runners.id IN (#{union.to_sql})") # rubocop:disable GitlabSecurity/SqlInjection
     end
   end
 
@@ -1187,6 +1194,11 @@ class User < ActiveRecord::Base
     max_member_access_for_group_ids([group_id])[group_id]
   end
 
+  def owned_or_masters_groups
+    union = Gitlab::SQL::Union.new([owned_groups, masters_groups])
+    Group.from("(#{union.to_sql}) namespaces")
+  end
+
   protected
 
   # override, from Devise::Validatable
diff --git a/spec/models/user_spec.rb b/spec/models/user_spec.rb
index 35db7616efb..f384b688889 100644
--- a/spec/models/user_spec.rb
+++ b/spec/models/user_spec.rb
@@ -1785,14 +1785,12 @@ describe User do
 
   describe '#ci_authorized_runners' do
     let(:user) { create(:user) }
-    let(:runner) { create(:ci_runner) }
+    let(:runner_1) { create(:ci_runner) }
+    let(:runner_2) { create(:ci_runner) }
 
-    before do
-      project.runners << runner
-    end
-
-    context 'without any projects' do
-      let(:project) { create(:project) }
+    context 'without any projects nor groups' do
+      let!(:project) { create(:project, runners: [runner_1]) }
+      let!(:group) { create(:group) }
 
       it 'does not load' do
         expect(user.ci_authorized_runners).to be_empty
@@ -1801,10 +1799,38 @@ describe User do
 
     context 'with personal projects runners' do
       let(:namespace) { create(:namespace, owner: user) }
-      let(:project) { create(:project, namespace: namespace) }
+      let!(:project) { create(:project, namespace: namespace, runners: [runner_1]) }
 
       it 'loads' do
-        expect(user.ci_authorized_runners).to contain_exactly(runner)
+        expect(user.ci_authorized_runners).to contain_exactly(runner_1)
+      end
+    end
+
+    context 'with personal group runner' do
+      let!(:project) { create(:project, runners: [runner_1]) }
+      let!(:group) do
+        create(:group, runners: [runner_2]).tap do |group|
+          group.add_owner(user)
+        end
+      end
+
+      it 'loads' do
+        expect(user.ci_authorized_runners).to contain_exactly(runner_2)
+      end
+    end
+
+    context 'with personal project and group runner' do
+      let(:namespace) { create(:namespace, owner: user) }
+      let!(:project) { create(:project, namespace: namespace, runners: [runner_1]) }
+
+      let!(:group) do
+        create(:group, runners: [runner_2]).tap do |group|
+          group.add_owner(user)
+        end
+      end
+
+      it 'loads' do
+        expect(user.ci_authorized_runners).to contain_exactly(runner_1, runner_2)
       end
     end
 
@@ -1815,7 +1841,7 @@ describe User do
         end
 
         it 'loads' do
-          expect(user.ci_authorized_runners).to contain_exactly(runner)
+          expect(user.ci_authorized_runners).to contain_exactly(runner_1)
         end
       end
 
@@ -1832,7 +1858,21 @@ describe User do
 
     context 'with groups projects runners' do
       let(:group) { create(:group) }
-      let(:project) { create(:project, group: group) }
+      let!(:project) { create(:project, group: group, runners: [runner_1]) }
+
+      def add_user(access)
+        group.add_user(user, access)
+      end
+
+      it_behaves_like :member
+    end
+
+    context 'with groups runners' do
+      let!(:group) do
+        create(:group, runners: [runner_1]).tap do |group|
+          group.add_owner(user)
+        end
+      end
 
       def add_user(access)
         group.add_user(user, access)
@@ -1842,7 +1882,7 @@ describe User do
     end
 
     context 'with other projects runners' do
-      let(:project) { create(:project) }
+      let!(:project) { create(:project, runners: [runner_1]) }
 
       def add_user(access)
         project.add_role(user, access)

From b55c3a7bc4c23618860916738702b5d62820c351 Mon Sep 17 00:00:00 2001
From: Alexis Reigel <mail@koffeinfrei.org>
Date: Tue, 12 Sep 2017 11:34:34 +0200
Subject: [PATCH 014/129] support group runners in existing API endpoints

---
 lib/api/entities.rb                  |  18 ++-
 lib/api/runner.rb                    |   5 +-
 lib/api/runners.rb                   |   1 +
 lib/api/v3/runners.rb                |   1 +
 spec/requests/api/runner_spec.rb     |  15 +-
 spec/requests/api/runners_spec.rb    | 219 +++++++++++++++++++--------
 spec/requests/api/v3/runners_spec.rb |  57 +++++--
 7 files changed, 239 insertions(+), 77 deletions(-)

diff --git a/lib/api/entities.rb b/lib/api/entities.rb
index 8aad320e376..f28c4bcc784 100644
--- a/lib/api/entities.rb
+++ b/lib/api/entities.rb
@@ -242,13 +242,18 @@ module API
       expose :requested_at
     end
 
-    class Group < Grape::Entity
-      expose :id, :name, :path, :description, :visibility
+    class BasicGroupDetails < Grape::Entity
+      expose :id
+      expose :web_url
+      expose :name
+    end
+
+    class Group < BasicGroupDetails
+      expose :path, :description, :visibility
       expose :lfs_enabled?, as: :lfs_enabled
       expose :avatar_url do |group, options|
         group.avatar_url(only_path: false)
       end
-      expose :web_url
       expose :request_access_enabled
       expose :full_name, :full_path
 
@@ -965,6 +970,13 @@ module API
           options[:current_user].authorized_projects.where(id: runner.projects)
         end
       end
+      expose :groups, with: Entities::BasicGroupDetails do |runner, options|
+        if options[:current_user].admin?
+          runner.groups
+        else
+          options[:current_user].authorized_groups.where(id: runner.groups)
+        end
+      end
     end
 
     class RunnerRegistrationDetails < Grape::Entity
diff --git a/lib/api/runner.rb b/lib/api/runner.rb
index 4d4fbe50f9f..49d9b0b1b4f 100644
--- a/lib/api/runner.rb
+++ b/lib/api/runner.rb
@@ -25,8 +25,11 @@ module API
             # Create shared runner. Requires admin access
             Ci::Runner.create(attributes.merge(is_shared: true))
           elsif project = Project.find_by(runners_token: params[:token])
-            # Create a specific runner for project.
+            # Create a specific runner for the project
             project.runners.create(attributes)
+          elsif group = Group.find_by(runners_token: params[:token])
+            # Create a specific runner for the group
+            group.runners.create(attributes)
           end
 
         break forbidden! unless runner
diff --git a/lib/api/runners.rb b/lib/api/runners.rb
index 5f2a9567605..ef4ec3f4800 100644
--- a/lib/api/runners.rb
+++ b/lib/api/runners.rb
@@ -199,6 +199,7 @@ module API
 
         forbidden!("Runner is shared") if runner.is_shared?
         forbidden!("Runner associated with more than one project") if runner.projects.count > 1
+        forbidden!("Runner associated with more that one group") if runner.groups.count > 1
         forbidden!("No access granted") unless user_can_access_runner?(runner)
       end
 
diff --git a/lib/api/v3/runners.rb b/lib/api/v3/runners.rb
index c6d9957d452..24e10128b79 100644
--- a/lib/api/v3/runners.rb
+++ b/lib/api/v3/runners.rb
@@ -54,6 +54,7 @@ module API
 
           forbidden!("Runner is shared") if runner.is_shared?
           forbidden!("Runner associated with more than one project") if runner.projects.count > 1
+          forbidden!("Runner associated with more that one group") if runner.groups.count > 1
           forbidden!("No access granted") unless user_can_access_runner?(runner)
         end
 
diff --git a/spec/requests/api/runner_spec.rb b/spec/requests/api/runner_spec.rb
index 17c7a511857..5ea110b4d82 100644
--- a/spec/requests/api/runner_spec.rb
+++ b/spec/requests/api/runner_spec.rb
@@ -45,7 +45,7 @@ describe API::Runner do
         context 'when project token is used' do
           let(:project) { create(:project) }
 
-          it 'creates runner' do
+          it 'creates project runner' do
             post api('/runners'), token: project.runners_token
 
             expect(response).to have_gitlab_http_status 201
@@ -54,6 +54,19 @@ describe API::Runner do
             expect(Ci::Runner.first.token).not_to eq(project.runners_token)
           end
         end
+
+        context 'when group token is used' do
+          let(:group) { create(:group) }
+
+          it 'creates a group runner' do
+            post api('/runners'), token: group.runners_token
+
+            expect(response).to have_http_status 201
+            expect(group.runners.size).to eq(1)
+            expect(Ci::Runner.first.token).not_to eq(registration_token)
+            expect(Ci::Runner.first.token).not_to eq(group.runners_token)
+          end
+        end
       end
 
       context 'when runner description is provided' do
diff --git a/spec/requests/api/runners_spec.rb b/spec/requests/api/runners_spec.rb
index d30f0cf36e2..5a2d607960e 100644
--- a/spec/requests/api/runners_spec.rb
+++ b/spec/requests/api/runners_spec.rb
@@ -8,22 +8,29 @@ describe API::Runners do
   let(:project) { create(:project, creator_id: user.id) }
   let(:project2) { create(:project, creator_id: user.id) }
 
-  let!(:shared_runner) { create(:ci_runner, :shared) }
-  let!(:unused_specific_runner) { create(:ci_runner) }
+  let(:group) { create(:group).tap { |group| group.add_owner(user) } }
+  let(:group2) { create(:group).tap { |group| group.add_owner(user) } }
 
-  let!(:specific_runner) do
-    create(:ci_runner).tap do |runner|
+  let!(:shared_runner) { create(:ci_runner, :shared, description: 'Shared runner') }
+  let!(:unused_project_runner) { create(:ci_runner) }
+
+  let!(:project_runner) do
+    create(:ci_runner, description: 'Project runner').tap do |runner|
       create(:ci_runner_project, runner: runner, project: project)
     end
   end
 
   let!(:two_projects_runner) do
-    create(:ci_runner).tap do |runner|
+    create(:ci_runner, description: 'Two projects runner').tap do |runner|
       create(:ci_runner_project, runner: runner, project: project)
       create(:ci_runner_project, runner: runner, project: project2)
     end
   end
 
+  let!(:group_runner) { create(:ci_runner, description: 'Group runner', groups: [group]) }
+
+  let!(:two_groups_runner) { create(:ci_runner, description: 'Two groups runner', groups: [group, group2]) }
+
   before do
     # Set project access for users
     create(:project_member, :master, user: user, project: project)
@@ -37,9 +44,13 @@ describe API::Runners do
         get api('/runners', user)
 
         shared = json_response.any? { |r| r['is_shared'] }
+        descriptions = json_response.map { |runner| runner['description'] }
         expect(response).to have_gitlab_http_status(200)
         expect(response).to include_pagination_headers
         expect(json_response).to be_an Array
+        expect(descriptions).to contain_exactly(
+          'Project runner', 'Group runner', 'Two projects runner', 'Two groups runner'
+        )
         expect(shared).to be_falsey
       end
 
@@ -129,10 +140,26 @@ describe API::Runners do
 
       context 'when runner is not shared' do
         it "returns runner's details" do
-          get api("/runners/#{specific_runner.id}", admin)
+          get api("/runners/#{project_runner.id}", admin)
 
           expect(response).to have_gitlab_http_status(200)
-          expect(json_response['description']).to eq(specific_runner.description)
+          expect(json_response['description']).to eq(project_runner.description)
+        end
+
+        it "returns the project's details for a project runner" do
+          get api("/runners/#{project_runner.id}", admin)
+
+          expect(json_response['projects'].first['id']).to eq(project.id)
+        end
+
+        it "returns the group's details for a group runner" do
+          get api("/runners/#{group_runner.id}", admin)
+
+          expect(json_response['groups'].first).to eq(
+            'id' => group.id,
+            'web_url' => group.web_url,
+            'name' => group.name
+          )
         end
       end
 
@@ -146,10 +173,10 @@ describe API::Runners do
     context "runner project's administrative user" do
       context 'when runner is not shared' do
         it "returns runner's details" do
-          get api("/runners/#{specific_runner.id}", user)
+          get api("/runners/#{project_runner.id}", user)
 
           expect(response).to have_gitlab_http_status(200)
-          expect(json_response['description']).to eq(specific_runner.description)
+          expect(json_response['description']).to eq(project_runner.description)
         end
       end
 
@@ -163,17 +190,40 @@ describe API::Runners do
       end
     end
 
+    context "runner group's administrative user" do
+      context 'when runner is not shared' do
+        it "returns runner's details" do
+          get api("/runners/#{group_runner.id}", user)
+
+          expect(response).to have_http_status(200)
+          expect(json_response['id']).to eq(group_runner.id)
+        end
+      end
+    end
+
     context 'other authorized user' do
-      it "does not return runner's details" do
-        get api("/runners/#{specific_runner.id}", user2)
+      it "does not return project runner's details" do
+        get api("/runners/#{project_runner.id}", user2)
+
+        expect(response).to have_http_status(403)
+      end
+
+      it "does not return group runner's details" do
+        get api("/runners/#{group_runner.id}", user2)
 
         expect(response).to have_gitlab_http_status(403)
       end
     end
 
     context 'unauthorized user' do
-      it "does not return runner's details" do
-        get api("/runners/#{specific_runner.id}")
+      it "does not return project runner's details" do
+        get api("/runners/#{project_runner.id}")
+
+        expect(response).to have_http_status(401)
+      end
+
+      it "does not return group runner's details" do
+        get api("/runners/#{group_runner.id}")
 
         expect(response).to have_gitlab_http_status(401)
       end
@@ -212,16 +262,16 @@ describe API::Runners do
 
       context 'when runner is not shared' do
         it 'updates runner' do
-          description = specific_runner.description
-          runner_queue_value = specific_runner.ensure_runner_queue_value
+          description = project_runner.description
+          runner_queue_value = project_runner.ensure_runner_queue_value
 
-          update_runner(specific_runner.id, admin, description: 'test')
-          specific_runner.reload
+          update_runner(project_runner.id, admin, description: 'test')
+          project_runner.reload
 
           expect(response).to have_gitlab_http_status(200)
-          expect(specific_runner.description).to eq('test')
-          expect(specific_runner.description).not_to eq(description)
-          expect(specific_runner.ensure_runner_queue_value)
+          expect(project_runner.description).to eq('test')
+          expect(project_runner.description).not_to eq(description)
+          expect(project_runner.ensure_runner_queue_value)
             .not_to eq(runner_queue_value)
         end
       end
@@ -247,27 +297,49 @@ describe API::Runners do
       end
 
       context 'when runner is not shared' do
-        it 'does not update runner without access to it' do
-          put api("/runners/#{specific_runner.id}", user2), description: 'test'
+        it 'does not update project runner without access to it' do
+          put api("/runners/#{project_runner.id}", user2), description: 'test'
+
+          expect(response).to have_http_status(403)
+        end
+
+        it 'does not update group runner without access to it' do
+          put api("/runners/#{group_runner.id}", user2), description: 'test'
 
           expect(response).to have_gitlab_http_status(403)
         end
 
-        it 'updates runner with access to it' do
-          description = specific_runner.description
-          put api("/runners/#{specific_runner.id}", admin), description: 'test'
-          specific_runner.reload
+        it 'updates project runner with access to it' do
+          description = project_runner.description
+          put api("/runners/#{project_runner.id}", admin), description: 'test'
+          project_runner.reload
 
           expect(response).to have_gitlab_http_status(200)
-          expect(specific_runner.description).to eq('test')
-          expect(specific_runner.description).not_to eq(description)
+          expect(project_runner.description).to eq('test')
+          expect(project_runner.description).not_to eq(description)
+        end
+
+        it 'updates group runner with access to it' do
+          description = group_runner.description
+          put api("/runners/#{group_runner.id}", admin), description: 'test'
+          group_runner.reload
+
+          expect(response).to have_gitlab_http_status(200)
+          expect(group_runner.description).to eq('test')
+          expect(group_runner.description).not_to eq(description)
         end
       end
     end
 
     context 'unauthorized user' do
-      it 'does not delete runner' do
-        put api("/runners/#{specific_runner.id}")
+      it 'does not delete project runner' do
+        put api("/runners/#{project_runner.id}")
+
+        expect(response).to have_http_status(401)
+      end
+
+      it 'does not delete group runner' do
+        put api("/runners/#{group_runner.id}")
 
         expect(response).to have_gitlab_http_status(401)
       end
@@ -293,15 +365,23 @@ describe API::Runners do
       context 'when runner is not shared' do
         it 'deletes unused runner' do
           expect do
-            delete api("/runners/#{unused_specific_runner.id}", admin)
+            delete api("/runners/#{unused_project_runner.id}", admin)
 
             expect(response).to have_gitlab_http_status(204)
           end.to change { Ci::Runner.specific.count }.by(-1)
         end
 
-        it 'deletes used runner' do
+        it 'deletes used project runner' do
           expect do
-            delete api("/runners/#{specific_runner.id}", admin)
+            delete api("/runners/#{project_runner.id}", admin)
+
+            expect(response).to have_http_status(204)
+          end.to change { Ci::Runner.specific.count }.by(-1)
+        end
+
+        it 'deletes used group runner' do
+          expect do
+            delete api("/runners/#{group_runner.id}", admin)
 
             expect(response).to have_gitlab_http_status(204)
           end.to change { Ci::Runner.specific.count }.by(-1)
@@ -325,32 +405,51 @@ describe API::Runners do
 
       context 'when runner is not shared' do
         it 'does not delete runner without access to it' do
-          delete api("/runners/#{specific_runner.id}", user2)
+          delete api("/runners/#{project_runner.id}", user2)
           expect(response).to have_gitlab_http_status(403)
         end
 
-        it 'does not delete runner with more than one associated project' do
+        it 'does not delete project runner with more than one associated project' do
           delete api("/runners/#{two_projects_runner.id}", user)
           expect(response).to have_gitlab_http_status(403)
         end
 
-        it 'deletes runner for one owned project' do
+        it 'deletes project runner for one owned project' do
           expect do
-            delete api("/runners/#{specific_runner.id}", user)
+            delete api("/runners/#{project_runner.id}", user)
+
+            expect(response).to have_http_status(204)
+          end.to change { Ci::Runner.specific.count }.by(-1)
+        end
+
+        it 'does not delete group runner with more than one associated group' do
+          delete api("/runners/#{two_groups_runner.id}", user)
+          expect(response).to have_http_status(403)
+        end
+
+        it 'deletes group runner for one owned group' do
+          expect do
+            delete api("/runners/#{group_runner.id}", user)
 
             expect(response).to have_gitlab_http_status(204)
           end.to change { Ci::Runner.specific.count }.by(-1)
         end
 
         it_behaves_like '412 response' do
-          let(:request) { api("/runners/#{specific_runner.id}", user) }
+          let(:request) { api("/runners/#{project_runner.id}", user) }
         end
       end
     end
 
     context 'unauthorized user' do
-      it 'does not delete runner' do
-        delete api("/runners/#{specific_runner.id}")
+      it 'does not delete project runner' do
+        delete api("/runners/#{project_runner.id}")
+
+        expect(response).to have_http_status(401)
+      end
+
+      it 'does not delete group runner' do
+        delete api("/runners/#{group_runner.id}")
 
         expect(response).to have_gitlab_http_status(401)
       end
@@ -361,8 +460,8 @@ describe API::Runners do
     set(:job_1) { create(:ci_build) }
     let!(:job_2) { create(:ci_build, :running, runner: shared_runner, project: project) }
     let!(:job_3) { create(:ci_build, :failed, runner: shared_runner, project: project) }
-    let!(:job_4) { create(:ci_build, :running, runner: specific_runner, project: project) }
-    let!(:job_5) { create(:ci_build, :failed, runner: specific_runner, project: project) }
+    let!(:job_4) { create(:ci_build, :running, runner: project_runner, project: project) }
+    let!(:job_5) { create(:ci_build, :failed, runner: project_runner, project: project) }
 
     context 'admin user' do
       context 'when runner exists' do
@@ -380,7 +479,7 @@ describe API::Runners do
 
         context 'when runner is specific' do
           it 'return jobs' do
-            get api("/runners/#{specific_runner.id}/jobs", admin)
+            get api("/runners/#{project_runner.id}/jobs", admin)
 
             expect(response).to have_gitlab_http_status(200)
             expect(response).to include_pagination_headers
@@ -392,7 +491,7 @@ describe API::Runners do
 
         context 'when valid status is provided' do
           it 'return filtered jobs' do
-            get api("/runners/#{specific_runner.id}/jobs?status=failed", admin)
+            get api("/runners/#{project_runner.id}/jobs?status=failed", admin)
 
             expect(response).to have_gitlab_http_status(200)
             expect(response).to include_pagination_headers
@@ -405,7 +504,7 @@ describe API::Runners do
 
         context 'when invalid status is provided' do
           it 'return 400' do
-            get api("/runners/#{specific_runner.id}/jobs?status=non-existing", admin)
+            get api("/runners/#{project_runner.id}/jobs?status=non-existing", admin)
 
             expect(response).to have_gitlab_http_status(400)
           end
@@ -433,7 +532,7 @@ describe API::Runners do
 
         context 'when runner is specific' do
           it 'return jobs' do
-            get api("/runners/#{specific_runner.id}/jobs", user)
+            get api("/runners/#{project_runner.id}/jobs", user)
 
             expect(response).to have_gitlab_http_status(200)
             expect(response).to include_pagination_headers
@@ -445,7 +544,7 @@ describe API::Runners do
 
         context 'when valid status is provided' do
           it 'return filtered jobs' do
-            get api("/runners/#{specific_runner.id}/jobs?status=failed", user)
+            get api("/runners/#{project_runner.id}/jobs?status=failed", user)
 
             expect(response).to have_gitlab_http_status(200)
             expect(response).to include_pagination_headers
@@ -458,7 +557,7 @@ describe API::Runners do
 
         context 'when invalid status is provided' do
           it 'return 400' do
-            get api("/runners/#{specific_runner.id}/jobs?status=non-existing", user)
+            get api("/runners/#{project_runner.id}/jobs?status=non-existing", user)
 
             expect(response).to have_gitlab_http_status(400)
           end
@@ -476,7 +575,7 @@ describe API::Runners do
 
     context 'other authorized user' do
       it 'does not return jobs' do
-        get api("/runners/#{specific_runner.id}/jobs", user2)
+        get api("/runners/#{project_runner.id}/jobs", user2)
 
         expect(response).to have_gitlab_http_status(403)
       end
@@ -484,7 +583,7 @@ describe API::Runners do
 
     context 'unauthorized user' do
       it 'does not return jobs' do
-        get api("/runners/#{specific_runner.id}/jobs")
+        get api("/runners/#{project_runner.id}/jobs")
 
         expect(response).to have_gitlab_http_status(401)
       end
@@ -523,7 +622,7 @@ describe API::Runners do
 
   describe 'POST /projects/:id/runners' do
     context 'authorized user' do
-      let(:specific_runner2) do
+      let(:project_runner2) do
         create(:ci_runner).tap do |runner|
           create(:ci_runner_project, runner: runner, project: project2)
         end
@@ -531,23 +630,23 @@ describe API::Runners do
 
       it 'enables specific runner' do
         expect do
-          post api("/projects/#{project.id}/runners", user), runner_id: specific_runner2.id
+          post api("/projects/#{project.id}/runners", user), runner_id: project_runner2.id
         end.to change { project.runners.count }.by(+1)
         expect(response).to have_gitlab_http_status(201)
       end
 
       it 'avoids changes when enabling already enabled runner' do
         expect do
-          post api("/projects/#{project.id}/runners", user), runner_id: specific_runner.id
+          post api("/projects/#{project.id}/runners", user), runner_id: project_runner.id
         end.to change { project.runners.count }.by(0)
         expect(response).to have_gitlab_http_status(409)
       end
 
       it 'does not enable locked runner' do
-        specific_runner2.update(locked: true)
+        project_runner2.update(locked: true)
 
         expect do
-          post api("/projects/#{project.id}/runners", user), runner_id: specific_runner2.id
+          post api("/projects/#{project.id}/runners", user), runner_id: project_runner2.id
         end.to change { project.runners.count }.by(0)
 
         expect(response).to have_gitlab_http_status(403)
@@ -562,7 +661,7 @@ describe API::Runners do
       context 'user is admin' do
         it 'enables any specific runner' do
           expect do
-            post api("/projects/#{project.id}/runners", admin), runner_id: unused_specific_runner.id
+            post api("/projects/#{project.id}/runners", admin), runner_id: unused_project_runner.id
           end.to change { project.runners.count }.by(+1)
           expect(response).to have_gitlab_http_status(201)
         end
@@ -570,7 +669,7 @@ describe API::Runners do
 
       context 'user is not admin' do
         it 'does not enable runner without access to' do
-          post api("/projects/#{project.id}/runners", user), runner_id: unused_specific_runner.id
+          post api("/projects/#{project.id}/runners", user), runner_id: unused_project_runner.id
 
           expect(response).to have_gitlab_http_status(403)
         end
@@ -619,7 +718,7 @@ describe API::Runners do
       context 'when runner have one associated projects' do
         it "does not disable project's runner" do
           expect do
-            delete api("/projects/#{project.id}/runners/#{specific_runner.id}", user)
+            delete api("/projects/#{project.id}/runners/#{project_runner.id}", user)
           end.to change { project.runners.count }.by(0)
           expect(response).to have_gitlab_http_status(403)
         end
@@ -634,7 +733,7 @@ describe API::Runners do
 
     context 'authorized user without permissions' do
       it "does not disable project's runner" do
-        delete api("/projects/#{project.id}/runners/#{specific_runner.id}", user2)
+        delete api("/projects/#{project.id}/runners/#{project_runner.id}", user2)
 
         expect(response).to have_gitlab_http_status(403)
       end
@@ -642,7 +741,7 @@ describe API::Runners do
 
     context 'unauthorized user' do
       it "does not disable project's runner" do
-        delete api("/projects/#{project.id}/runners/#{specific_runner.id}")
+        delete api("/projects/#{project.id}/runners/#{project_runner.id}")
 
         expect(response).to have_gitlab_http_status(401)
       end
diff --git a/spec/requests/api/v3/runners_spec.rb b/spec/requests/api/v3/runners_spec.rb
index c91b097a3c7..c9a05407857 100644
--- a/spec/requests/api/v3/runners_spec.rb
+++ b/spec/requests/api/v3/runners_spec.rb
@@ -8,10 +8,16 @@ describe API::V3::Runners do
   let(:project) { create(:project, creator_id: user.id) }
   let(:project2) { create(:project, creator_id: user.id) }
 
+  let(:group) { create(:group).tap { |group| group.add_owner(user) } }
+  let(:group2) { create(:group).tap { |group| group.add_owner(user) } }
+
+  let!(:group_runner) { create(:ci_runner, description: 'Group runner', groups: [group]) }
+  let!(:two_groups_runner) { create(:ci_runner, description: 'Two groups runner', groups: [group, group2]) }
+
   let!(:shared_runner) { create(:ci_runner, :shared) }
   let!(:unused_specific_runner) { create(:ci_runner) }
 
-  let!(:specific_runner) do
+  let!(:project_runner) do
     create(:ci_runner).tap do |runner|
       create(:ci_runner_project, runner: runner, project: project)
     end
@@ -51,9 +57,17 @@ describe API::V3::Runners do
           end.to change { Ci::Runner.specific.count }.by(-1)
         end
 
-        it 'deletes used runner' do
+        it 'deletes used project runner' do
           expect do
-            delete v3_api("/runners/#{specific_runner.id}", admin)
+            delete v3_api("/runners/#{project_runner.id}", admin)
+
+            expect(response).to have_http_status(200)
+          end.to change { Ci::Runner.specific.count }.by(-1)
+        end
+
+        it 'deletes used group runner' do
+          expect do
+            delete v3_api("/runners/#{group_runner.id}", admin)
 
             expect(response).to have_gitlab_http_status(200)
           end.to change { Ci::Runner.specific.count }.by(-1)
@@ -77,18 +91,31 @@ describe API::V3::Runners do
 
       context 'when runner is not shared' do
         it 'does not delete runner without access to it' do
-          delete v3_api("/runners/#{specific_runner.id}", user2)
+          delete v3_api("/runners/#{project_runner.id}", user2)
           expect(response).to have_gitlab_http_status(403)
         end
 
-        it 'does not delete runner with more than one associated project' do
+        it 'does not delete project runner with more than one associated project' do
           delete v3_api("/runners/#{two_projects_runner.id}", user)
           expect(response).to have_gitlab_http_status(403)
         end
 
-        it 'deletes runner for one owned project' do
+        it 'deletes project runner for one owned project' do
           expect do
-            delete v3_api("/runners/#{specific_runner.id}", user)
+            delete v3_api("/runners/#{group_runner.id}", user)
+
+            expect(response).to have_http_status(200)
+          end.to change { Ci::Runner.specific.count }.by(-1)
+        end
+
+        it 'does not delete group runner with more than one associated project' do
+          delete v3_api("/runners/#{two_groups_runner.id}", user)
+          expect(response).to have_http_status(403)
+        end
+
+        it 'deletes group runner for one owned project' do
+          expect do
+            delete v3_api("/runners/#{project_runner.id}", user)
 
             expect(response).to have_gitlab_http_status(200)
           end.to change { Ci::Runner.specific.count }.by(-1)
@@ -97,8 +124,14 @@ describe API::V3::Runners do
     end
 
     context 'unauthorized user' do
-      it 'does not delete runner' do
-        delete v3_api("/runners/#{specific_runner.id}")
+      it 'does not delete project runner' do
+        delete v3_api("/runners/#{project_runner.id}")
+
+        expect(response).to have_http_status(401)
+      end
+
+      it 'does not delete group runner' do
+        delete v3_api("/runners/#{group_runner.id}")
 
         expect(response).to have_gitlab_http_status(401)
       end
@@ -120,7 +153,7 @@ describe API::V3::Runners do
       context 'when runner have one associated projects' do
         it "does not disable project's runner" do
           expect do
-            delete v3_api("/projects/#{project.id}/runners/#{specific_runner.id}", user)
+            delete v3_api("/projects/#{project.id}/runners/#{project_runner.id}", user)
           end.to change { project.runners.count }.by(0)
           expect(response).to have_gitlab_http_status(403)
         end
@@ -135,7 +168,7 @@ describe API::V3::Runners do
 
     context 'authorized user without permissions' do
       it "does not disable project's runner" do
-        delete v3_api("/projects/#{project.id}/runners/#{specific_runner.id}", user2)
+        delete v3_api("/projects/#{project.id}/runners/#{project_runner.id}", user2)
 
         expect(response).to have_gitlab_http_status(403)
       end
@@ -143,7 +176,7 @@ describe API::V3::Runners do
 
     context 'unauthorized user' do
       it "does not disable project's runner" do
-        delete v3_api("/projects/#{project.id}/runners/#{specific_runner.id}")
+        delete v3_api("/projects/#{project.id}/runners/#{project_runner.id}")
 
         expect(response).to have_gitlab_http_status(401)
       end

From 850e327c70660a3935ca00c3d836f04695a408d3 Mon Sep 17 00:00:00 2001
From: Alexis Reigel <mail@koffeinfrei.org>
Date: Tue, 12 Sep 2017 13:08:21 +0200
Subject: [PATCH 015/129] use INNER JOIN instead of LEFT JOIN

as we're using UNION now we can use INNER JOIN.
---
 app/models/ci/runner.rb | 17 ++++-------------
 1 file changed, 4 insertions(+), 13 deletions(-)

diff --git a/app/models/ci/runner.rb b/app/models/ci/runner.rb
index cfed4a2eeea..a488d253f19 100644
--- a/app/models/ci/runner.rb
+++ b/app/models/ci/runner.rb
@@ -29,22 +29,13 @@ module Ci
     scope :ordered, ->() { order(id: :desc) }
 
     scope :owned_or_shared, ->(project_id) do
-      project_runners = joins(
-        %{
-          LEFT JOIN ci_runner_projects ON ci_runner_projects.runner_id = ci_runners.id
-        }
-      ).where(
-        %{
-          ci_runner_projects.project_id = :project_id
-        },
-        project_id: project_id
-      )
+      project_runners = joins(:runner_projects).where(ci_runner_projects: { project_id: project_id })
 
       group_runners = joins(
         %{
-          LEFT JOIN ci_runner_groups ON ci_runner_groups.runner_id = ci_runners.id
-          LEFT JOIN namespaces ON namespaces.id = ci_runner_groups.group_id
-          LEFT JOIN projects group_projects ON group_projects.namespace_id = namespaces.id
+          INNER JOIN ci_runner_groups ON ci_runner_groups.runner_id = ci_runners.id
+          INNER JOIN namespaces ON namespaces.id = ci_runner_groups.group_id
+          INNER JOIN projects group_projects ON group_projects.namespace_id = namespaces.id
         }
       ).where(
         %{

From 32a9c85bd9a320984a17fa29cd6aaa3b45e0bf4c Mon Sep 17 00:00:00 2001
From: Alexis Reigel <mail@koffeinfrei.org>
Date: Mon, 25 Sep 2017 13:34:45 +0200
Subject: [PATCH 016/129] revert support for v3 api

---
 lib/api/v3/runners.rb                |  1 -
 spec/requests/api/v3/runners_spec.rb | 57 ++++++----------------------
 2 files changed, 12 insertions(+), 46 deletions(-)

diff --git a/lib/api/v3/runners.rb b/lib/api/v3/runners.rb
index 24e10128b79..c6d9957d452 100644
--- a/lib/api/v3/runners.rb
+++ b/lib/api/v3/runners.rb
@@ -54,7 +54,6 @@ module API
 
           forbidden!("Runner is shared") if runner.is_shared?
           forbidden!("Runner associated with more than one project") if runner.projects.count > 1
-          forbidden!("Runner associated with more that one group") if runner.groups.count > 1
           forbidden!("No access granted") unless user_can_access_runner?(runner)
         end
 
diff --git a/spec/requests/api/v3/runners_spec.rb b/spec/requests/api/v3/runners_spec.rb
index c9a05407857..c91b097a3c7 100644
--- a/spec/requests/api/v3/runners_spec.rb
+++ b/spec/requests/api/v3/runners_spec.rb
@@ -8,16 +8,10 @@ describe API::V3::Runners do
   let(:project) { create(:project, creator_id: user.id) }
   let(:project2) { create(:project, creator_id: user.id) }
 
-  let(:group) { create(:group).tap { |group| group.add_owner(user) } }
-  let(:group2) { create(:group).tap { |group| group.add_owner(user) } }
-
-  let!(:group_runner) { create(:ci_runner, description: 'Group runner', groups: [group]) }
-  let!(:two_groups_runner) { create(:ci_runner, description: 'Two groups runner', groups: [group, group2]) }
-
   let!(:shared_runner) { create(:ci_runner, :shared) }
   let!(:unused_specific_runner) { create(:ci_runner) }
 
-  let!(:project_runner) do
+  let!(:specific_runner) do
     create(:ci_runner).tap do |runner|
       create(:ci_runner_project, runner: runner, project: project)
     end
@@ -57,17 +51,9 @@ describe API::V3::Runners do
           end.to change { Ci::Runner.specific.count }.by(-1)
         end
 
-        it 'deletes used project runner' do
+        it 'deletes used runner' do
           expect do
-            delete v3_api("/runners/#{project_runner.id}", admin)
-
-            expect(response).to have_http_status(200)
-          end.to change { Ci::Runner.specific.count }.by(-1)
-        end
-
-        it 'deletes used group runner' do
-          expect do
-            delete v3_api("/runners/#{group_runner.id}", admin)
+            delete v3_api("/runners/#{specific_runner.id}", admin)
 
             expect(response).to have_gitlab_http_status(200)
           end.to change { Ci::Runner.specific.count }.by(-1)
@@ -91,31 +77,18 @@ describe API::V3::Runners do
 
       context 'when runner is not shared' do
         it 'does not delete runner without access to it' do
-          delete v3_api("/runners/#{project_runner.id}", user2)
+          delete v3_api("/runners/#{specific_runner.id}", user2)
           expect(response).to have_gitlab_http_status(403)
         end
 
-        it 'does not delete project runner with more than one associated project' do
+        it 'does not delete runner with more than one associated project' do
           delete v3_api("/runners/#{two_projects_runner.id}", user)
           expect(response).to have_gitlab_http_status(403)
         end
 
-        it 'deletes project runner for one owned project' do
+        it 'deletes runner for one owned project' do
           expect do
-            delete v3_api("/runners/#{group_runner.id}", user)
-
-            expect(response).to have_http_status(200)
-          end.to change { Ci::Runner.specific.count }.by(-1)
-        end
-
-        it 'does not delete group runner with more than one associated project' do
-          delete v3_api("/runners/#{two_groups_runner.id}", user)
-          expect(response).to have_http_status(403)
-        end
-
-        it 'deletes group runner for one owned project' do
-          expect do
-            delete v3_api("/runners/#{project_runner.id}", user)
+            delete v3_api("/runners/#{specific_runner.id}", user)
 
             expect(response).to have_gitlab_http_status(200)
           end.to change { Ci::Runner.specific.count }.by(-1)
@@ -124,14 +97,8 @@ describe API::V3::Runners do
     end
 
     context 'unauthorized user' do
-      it 'does not delete project runner' do
-        delete v3_api("/runners/#{project_runner.id}")
-
-        expect(response).to have_http_status(401)
-      end
-
-      it 'does not delete group runner' do
-        delete v3_api("/runners/#{group_runner.id}")
+      it 'does not delete runner' do
+        delete v3_api("/runners/#{specific_runner.id}")
 
         expect(response).to have_gitlab_http_status(401)
       end
@@ -153,7 +120,7 @@ describe API::V3::Runners do
       context 'when runner have one associated projects' do
         it "does not disable project's runner" do
           expect do
-            delete v3_api("/projects/#{project.id}/runners/#{project_runner.id}", user)
+            delete v3_api("/projects/#{project.id}/runners/#{specific_runner.id}", user)
           end.to change { project.runners.count }.by(0)
           expect(response).to have_gitlab_http_status(403)
         end
@@ -168,7 +135,7 @@ describe API::V3::Runners do
 
     context 'authorized user without permissions' do
       it "does not disable project's runner" do
-        delete v3_api("/projects/#{project.id}/runners/#{project_runner.id}", user2)
+        delete v3_api("/projects/#{project.id}/runners/#{specific_runner.id}", user2)
 
         expect(response).to have_gitlab_http_status(403)
       end
@@ -176,7 +143,7 @@ describe API::V3::Runners do
 
     context 'unauthorized user' do
       it "does not disable project's runner" do
-        delete v3_api("/projects/#{project.id}/runners/#{project_runner.id}")
+        delete v3_api("/projects/#{project.id}/runners/#{specific_runner.id}")
 
         expect(response).to have_gitlab_http_status(401)
       end

From 4b1b2f3b104df455d5d3265adca92dd09e079ee9 Mon Sep 17 00:00:00 2001
From: Alexis Reigel <mail@koffeinfrei.org>
Date: Mon, 25 Sep 2017 15:28:33 +0200
Subject: [PATCH 017/129] add Ci::Runner#group? method

---
 app/models/ci/runner.rb       |  4 ++++
 spec/models/ci/runner_spec.rb | 24 ++++++++++++++++++++++++
 2 files changed, 28 insertions(+)

diff --git a/app/models/ci/runner.rb b/app/models/ci/runner.rb
index a488d253f19..6ffa9372c6e 100644
--- a/app/models/ci/runner.rb
+++ b/app/models/ci/runner.rb
@@ -139,6 +139,10 @@ module Ci
       !shared?
     end
 
+    def group?
+      runner_groups.any?
+    end
+
     def can_pick?(build)
       return false if self.ref_protected? && !build.protected?
 
diff --git a/spec/models/ci/runner_spec.rb b/spec/models/ci/runner_spec.rb
index 5a851a3d559..b9aafa63493 100644
--- a/spec/models/ci/runner_spec.rb
+++ b/spec/models/ci/runner_spec.rb
@@ -642,4 +642,28 @@ describe Ci::Runner do
       expect(described_class.search(runner.description.upcase)).to eq([runner])
     end
   end
+
+  describe 'group?' do
+    it 'returns false when the runner is a project runner' do
+      project = create :project
+      runner = create(:ci_runner, description: 'Project runner').tap do |r|
+        create :ci_runner_project, runner: r, project: project
+      end
+
+      expect(runner.group?).to be false
+    end
+
+    it 'returns false when the runner is a shared runner' do
+      runner = create :ci_runner, :shared, description: 'Shared runner'
+
+      expect(runner.group?).to be false
+    end
+
+    it 'returns true when the runner is assigned to a group' do
+      group = create :group
+      runner = create :ci_runner, description: 'Group runner', groups: [group]
+
+      expect(runner.group?).to be true
+    end
+  end
 end

From d0842d20758e2f33d44b41a250d361853abe47f4 Mon Sep 17 00:00:00 2001
From: Alexis Reigel <mail@koffeinfrei.org>
Date: Mon, 25 Sep 2017 15:28:49 +0200
Subject: [PATCH 018/129] disallow group runners to become project runners

---
 lib/api/runners.rb                | 1 +
 spec/requests/api/runners_spec.rb | 6 ++++++
 2 files changed, 7 insertions(+)

diff --git a/lib/api/runners.rb b/lib/api/runners.rb
index ef4ec3f4800..84d33879c38 100644
--- a/lib/api/runners.rb
+++ b/lib/api/runners.rb
@@ -206,6 +206,7 @@ module API
       def authenticate_enable_runner!(runner)
         forbidden!("Runner is shared") if runner.is_shared?
         forbidden!("Runner is locked") if runner.locked?
+        forbidden!("Runner is a group runner") if runner.group?
         return if current_user.admin?
 
         forbidden!("No access granted") unless user_can_access_runner?(runner)
diff --git a/spec/requests/api/runners_spec.rb b/spec/requests/api/runners_spec.rb
index 5a2d607960e..ab807e399a4 100644
--- a/spec/requests/api/runners_spec.rb
+++ b/spec/requests/api/runners_spec.rb
@@ -658,6 +658,12 @@ describe API::Runners do
         expect(response).to have_gitlab_http_status(403)
       end
 
+      it 'does not enable group runner' do
+        post api("/projects/#{project.id}/runners", user), runner_id: group_runner.id
+
+        expect(response).to have_http_status(403)
+      end
+
       context 'user is admin' do
         it 'enables any specific runner' do
           expect do

From 677291b6a7fea19f5b35638918b3cd0008dc8d15 Mon Sep 17 00:00:00 2001
From: Alexis Reigel <mail@koffeinfrei.org>
Date: Mon, 25 Sep 2017 16:32:24 +0200
Subject: [PATCH 019/129] add group_runners_enabled to ci_runners

---
 ...2221_add_group_runners_enabled_to_projects.rb | 16 ++++++++++++++++
 db/schema.rb                                     |  2 ++
 2 files changed, 18 insertions(+)
 create mode 100644 db/migrate/20170925142221_add_group_runners_enabled_to_projects.rb

diff --git a/db/migrate/20170925142221_add_group_runners_enabled_to_projects.rb b/db/migrate/20170925142221_add_group_runners_enabled_to_projects.rb
new file mode 100644
index 00000000000..8df7be39ee1
--- /dev/null
+++ b/db/migrate/20170925142221_add_group_runners_enabled_to_projects.rb
@@ -0,0 +1,16 @@
+class AddGroupRunnersEnabledToProjects < ActiveRecord::Migration
+  include Gitlab::Database::MigrationHelpers
+
+  DOWNTIME = false
+
+  disable_ddl_transaction!
+
+  def up
+    add_column_with_default :projects, :group_runners_enabled, :boolean, default: true
+    add_concurrent_index :projects, :group_runners_enabled
+  end
+
+  def down
+    remove_column :projects, :group_runners_enabled
+  end
+end
diff --git a/db/schema.rb b/db/schema.rb
index b2c37a65ccf..43befa6d3b1 100644
--- a/db/schema.rb
+++ b/db/schema.rb
@@ -1568,12 +1568,14 @@ ActiveRecord::Schema.define(version: 20180418053107) do
     t.boolean "merge_requests_rebase_enabled", default: false, null: false
     t.integer "jobs_cache_index"
     t.boolean "pages_https_only", default: true
+    t.boolean "group_runners_enabled", default: true, null: false
   end
 
   add_index "projects", ["ci_id"], name: "index_projects_on_ci_id", using: :btree
   add_index "projects", ["created_at"], name: "index_projects_on_created_at", using: :btree
   add_index "projects", ["creator_id"], name: "index_projects_on_creator_id", using: :btree
   add_index "projects", ["description"], name: "index_projects_on_description_trigram", using: :gin, opclasses: {"description"=>"gin_trgm_ops"}
+  add_index "projects", ["group_runners_enabled"], name: "index_projects_on_group_runners_enabled", using: :btree
   add_index "projects", ["id"], name: "index_projects_on_id_partial_for_visibility", unique: true, where: "(visibility_level = ANY (ARRAY[10, 20]))", using: :btree
   add_index "projects", ["last_activity_at"], name: "index_projects_on_last_activity_at", using: :btree
   add_index "projects", ["last_repository_check_failed"], name: "index_projects_on_last_repository_check_failed", using: :btree

From 81c0c57acd0f065bc5b80902ee664256d4c3241f Mon Sep 17 00:00:00 2001
From: Alexis Reigel <mail@koffeinfrei.org>
Date: Mon, 25 Sep 2017 16:46:03 +0200
Subject: [PATCH 020/129] exclude group runners on projects that disabled it

---
 app/models/ci/runner.rb       | 9 ++++++---
 spec/models/ci/runner_spec.rb | 8 ++++++++
 2 files changed, 14 insertions(+), 3 deletions(-)

diff --git a/app/models/ci/runner.rb b/app/models/ci/runner.rb
index 6ffa9372c6e..2f4342b79aa 100644
--- a/app/models/ci/runner.rb
+++ b/app/models/ci/runner.rb
@@ -35,13 +35,16 @@ module Ci
         %{
           INNER JOIN ci_runner_groups ON ci_runner_groups.runner_id = ci_runners.id
           INNER JOIN namespaces ON namespaces.id = ci_runner_groups.group_id
-          INNER JOIN projects group_projects ON group_projects.namespace_id = namespaces.id
+          INNER JOIN projects ON projects.namespace_id = namespaces.id
         }
       ).where(
         %{
-          group_projects.id = :project_id
+          projects.id = :project_id
+            AND
+          projects.group_runners_enabled = :true
         },
-        project_id: project_id
+        project_id: project_id,
+        true: true
       )
 
       shared_runners = where(is_shared: true)
diff --git a/spec/models/ci/runner_spec.rb b/spec/models/ci/runner_spec.rb
index b9aafa63493..933bd6e5f23 100644
--- a/spec/models/ci/runner_spec.rb
+++ b/spec/models/ci/runner_spec.rb
@@ -83,6 +83,14 @@ describe Ci::Runner do
       expect(described_class.owned_or_shared(specific_project.id)).to eq [specific_runner]
     end
 
+    it 'does not return the group runner if the project has group runners disabled' do
+      specific_group = create :group
+      specific_project = create :project, group: specific_group, group_runners_enabled: false
+      create :ci_runner, :specific, groups: [specific_group]
+
+      expect(described_class.owned_or_shared(specific_project.id)).to be_empty
+    end
+
     it 'returns the shared group runner' do
       group = create :group
       runner = create :ci_runner, :shared, groups: [group]

From d6167a9214b3a3c13850cdac9895c9d7577ddf25 Mon Sep 17 00:00:00 2001
From: Alexis Reigel <alexis.reigel.ext@siemens.com>
Date: Wed, 4 Oct 2017 09:27:27 +0200
Subject: [PATCH 021/129] split up Ci::Runner.owned_or_shared scope

---
 app/models/ci/runner.rb       | 32 +++++++++++++-------------
 spec/models/ci/runner_spec.rb | 42 ++++++++++++++++++++---------------
 2 files changed, 40 insertions(+), 34 deletions(-)

diff --git a/app/models/ci/runner.rb b/app/models/ci/runner.rb
index 2f4342b79aa..b7af33c0480 100644
--- a/app/models/ci/runner.rb
+++ b/app/models/ci/runner.rb
@@ -21,17 +21,17 @@ module Ci
 
     before_validation :set_default_values
 
-    scope :specific, ->() { where(is_shared: false) }
-    scope :shared, ->() { where(is_shared: true) }
-    scope :active, ->() { where(active: true) }
-    scope :paused, ->() { where(active: false) }
-    scope :online, ->() { where('contacted_at > ?', contact_time_deadline) }
-    scope :ordered, ->() { order(id: :desc) }
-
-    scope :owned_or_shared, ->(project_id) do
-      project_runners = joins(:runner_projects).where(ci_runner_projects: { project_id: project_id })
-
-      group_runners = joins(
+    scope :specific, -> { where(is_shared: false) }
+    scope :shared, -> { where(is_shared: true) }
+    scope :active, -> { where(active: true) }
+    scope :paused, -> { where(active: false) }
+    scope :online, -> { where('contacted_at > ?', contact_time_deadline) }
+    scope :ordered, -> { order(id: :desc) }
+    scope :belonging_to_project, -> (project_id) {
+      joins(:runner_projects).where(ci_runner_projects: { project_id: project_id })
+    }
+    scope :belonging_to_group, -> (project_id) {
+      joins(
         %{
           INNER JOIN ci_runner_groups ON ci_runner_groups.runner_id = ci_runners.id
           INNER JOIN namespaces ON namespaces.id = ci_runner_groups.group_id
@@ -43,13 +43,13 @@ module Ci
             AND
           projects.group_runners_enabled = :true
         },
-        project_id: project_id,
-        true: true
+          project_id: project_id,
+          true: true
       )
+    }
 
-      shared_runners = where(is_shared: true)
-
-      union = Gitlab::SQL::Union.new([project_runners, group_runners, shared_runners])
+    scope :owned_or_shared, -> (project_id) do
+      union = Gitlab::SQL::Union.new([belonging_to_project(project_id), belonging_to_group(project_id), shared])
       from("(#{union.to_sql}) ci_runners")
     end
 
diff --git a/spec/models/ci/runner_spec.rb b/spec/models/ci/runner_spec.rb
index 933bd6e5f23..a073af7c4b2 100644
--- a/spec/models/ci/runner_spec.rb
+++ b/spec/models/ci/runner_spec.rb
@@ -49,7 +49,23 @@ describe Ci::Runner do
     end
   end
 
-  describe '.owned_or_shared' do
+  describe '.shared' do
+    it 'returns the shared group runner' do
+      group = create :group
+      runner = create :ci_runner, :shared, groups: [group]
+
+      expect(described_class.shared).to eq [runner]
+    end
+
+    it 'returns the shared project runner' do
+      project = create :project
+      runner = create :ci_runner, :shared, projects: [project]
+
+      expect(described_class.shared).to eq [runner]
+    end
+  end
+
+  describe '.belonging_to_project' do
     it 'returns the specific project runner' do
       # own
       specific_project = create :project
@@ -59,16 +75,11 @@ describe Ci::Runner do
       other_project = create :project
       create :ci_runner, :specific, projects: [other_project]
 
-      expect(described_class.owned_or_shared(specific_project.id)).to eq [specific_runner]
-    end
-
-    it 'returns the shared project runner' do
-      project = create :project
-      runner = create :ci_runner, :shared, projects: [project]
-
-      expect(described_class.owned_or_shared(0)).to eq [runner]
+      expect(described_class.belonging_to_project(specific_project.id)).to eq [specific_runner]
     end
+  end
 
+  describe '.belonging_to_group' do
     it 'returns the specific group runner' do
       # own
       specific_group = create :group
@@ -80,7 +91,7 @@ describe Ci::Runner do
       create :project, group: other_group
       create :ci_runner, :specific, groups: [other_group]
 
-      expect(described_class.owned_or_shared(specific_project.id)).to eq [specific_runner]
+      expect(described_class.belonging_to_group(specific_project.id)).to eq [specific_runner]
     end
 
     it 'does not return the group runner if the project has group runners disabled' do
@@ -88,16 +99,11 @@ describe Ci::Runner do
       specific_project = create :project, group: specific_group, group_runners_enabled: false
       create :ci_runner, :specific, groups: [specific_group]
 
-      expect(described_class.owned_or_shared(specific_project.id)).to be_empty
-    end
-
-    it 'returns the shared group runner' do
-      group = create :group
-      runner = create :ci_runner, :shared, groups: [group]
-
-      expect(described_class.owned_or_shared(0)).to eq [runner]
+      expect(described_class.belonging_to_group(specific_project.id)).to be_empty
     end
+  end
 
+  describe '.owned_or_shared' do
     it 'returns a globally shared, a project specific and a group specific runner' do
       # group specific
       group = create :group

From 8dad45a82228a6f1c87f919063d96c8b20a567e2 Mon Sep 17 00:00:00 2001
From: Alexis Reigel <alexis.reigel.ext@siemens.com>
Date: Wed, 4 Oct 2017 13:55:34 +0200
Subject: [PATCH 022/129] add method CI::Runner.project?

---
 app/models/ci/runner.rb       |  4 ++++
 spec/models/ci/runner_spec.rb | 26 +++++++++++++++++++++++---
 2 files changed, 27 insertions(+), 3 deletions(-)

diff --git a/app/models/ci/runner.rb b/app/models/ci/runner.rb
index b7af33c0480..586740a4a2a 100644
--- a/app/models/ci/runner.rb
+++ b/app/models/ci/runner.rb
@@ -146,6 +146,10 @@ module Ci
       runner_groups.any?
     end
 
+    def project?
+      runner_projects.any?
+    end
+
     def can_pick?(build)
       return false if self.ref_protected? && !build.protected?
 
diff --git a/spec/models/ci/runner_spec.rb b/spec/models/ci/runner_spec.rb
index a073af7c4b2..308db9e8e68 100644
--- a/spec/models/ci/runner_spec.rb
+++ b/spec/models/ci/runner_spec.rb
@@ -660,9 +660,7 @@ describe Ci::Runner do
   describe 'group?' do
     it 'returns false when the runner is a project runner' do
       project = create :project
-      runner = create(:ci_runner, description: 'Project runner').tap do |r|
-        create :ci_runner_project, runner: r, project: project
-      end
+      runner = create :ci_runner, description: 'Project runner', projects: [project]
 
       expect(runner.group?).to be false
     end
@@ -680,4 +678,26 @@ describe Ci::Runner do
       expect(runner.group?).to be true
     end
   end
+
+  describe 'project?' do
+    it 'returns false when the runner is a group prunner' do
+      group = create :group
+      runner = create :ci_runner, description: 'Group runner', groups: [group]
+
+      expect(runner.project?).to be false
+    end
+
+    it 'returns false when the runner is a shared runner' do
+      runner = create :ci_runner, :shared, description: 'Shared runner'
+
+      expect(runner.project?).to be false
+    end
+
+    it 'returns true when the runner is assigned to a project' do
+      project = create :project
+      runner = create :ci_runner, description: 'Group runner', projects: [project]
+
+      expect(runner.project?).to be true
+    end
+  end
 end

From eba1a05f153335cb41bbf9396c7e88336a6b6be5 Mon Sep 17 00:00:00 2001
From: Alexis Reigel <alexis.reigel.ext@siemens.com>
Date: Wed, 4 Oct 2017 13:57:50 +0200
Subject: [PATCH 023/129] ensure_runners_token on read instead of write

1. we don't want to migrate all existing groups
2. we generate the token when showing the runners page, as this is the
   first time that the token will be used.
---
 app/models/group.rb | 8 +++++++-
 1 file changed, 7 insertions(+), 1 deletion(-)

diff --git a/app/models/group.rb b/app/models/group.rb
index c34c913a16b..95e2c3a8aab 100644
--- a/app/models/group.rb
+++ b/app/models/group.rb
@@ -47,7 +47,6 @@ class Group < Namespace
   validates :two_factor_grace_period, presence: true, numericality: { greater_than_or_equal_to: 0 }
 
   add_authentication_token_field :runners_token
-  before_save :ensure_runners_token
 
   after_create :post_create_hook
   after_destroy :post_destroy_hook
@@ -296,6 +295,13 @@ class Group < Namespace
     refresh_members_authorized_projects(blocking: false)
   end
 
+  # each existing group needs to have a `runners_token`.
+  # we do this on read since migrating all existing groups is not a feasible
+  # solution.
+  def runners_token
+    ensure_runners_token!
+  end
+
   private
 
   def update_two_factor_requirement

From 4ccf734e380d498a2322153c9a4fa09a38447094 Mon Sep 17 00:00:00 2001
From: Alexis Reigel <alexis.reigel.ext@siemens.com>
Date: Wed, 4 Oct 2017 13:59:51 +0200
Subject: [PATCH 024/129] show group runners on runners page

---
 .../projects/settings/ci_cd_controller.rb     |  4 ++
 .../projects/runners/_group_runners.html.haml | 19 +++++++++
 app/views/projects/runners/_index.html.haml   |  4 ++
 app/views/projects/runners/_runner.html.haml  |  2 +-
 spec/features/runners_spec.rb                 | 40 +++++++++++++++++++
 5 files changed, 68 insertions(+), 1 deletion(-)
 create mode 100644 app/views/projects/runners/_group_runners.html.haml

diff --git a/app/controllers/projects/settings/ci_cd_controller.rb b/app/controllers/projects/settings/ci_cd_controller.rb
index d80ef8113aa..05d545e97a7 100644
--- a/app/controllers/projects/settings/ci_cd_controller.rb
+++ b/app/controllers/projects/settings/ci_cd_controller.rb
@@ -67,10 +67,14 @@ module Projects
 
       def define_runners_variables
         @project_runners = @project.runners.ordered
+
         @assignable_runners = current_user.ci_authorized_runners
           .assignable_for(project).ordered.page(params[:page]).per(20)
         @shared_runners = ::Ci::Runner.shared.active
+
         @shared_runners_count = @shared_runners.count(:all)
+
+        @group_runners = ::Ci::Runner.belonging_to_group(@project.id)
       end
 
       def define_secret_variables
diff --git a/app/views/projects/runners/_group_runners.html.haml b/app/views/projects/runners/_group_runners.html.haml
new file mode 100644
index 00000000000..dbdfda740e3
--- /dev/null
+++ b/app/views/projects/runners/_group_runners.html.haml
@@ -0,0 +1,19 @@
+%h3 Group Runners
+
+.bs-callout.bs-callout-warning
+  GitLab Group Runners can execute code for all the projects in this group.
+  They can be managed using the #{link_to 'Runners API', help_page_path('api/runners.md')}.
+
+- if !@project.group
+  This project does not belong to a group and can therefore not make use of group Runners.
+
+- elsif @group_runners.empty?
+  This group does not provide any group Runners yet.
+
+  = render partial: 'ci/runner/how_to_setup_runner',
+           locals: { registration_token: @project.group.runners_token, type: 'group' }
+
+- else
+  %h4.underlined-title Available group Runners : #{@group_runners.count}
+  %ul.bordered-list
+    = render partial: 'projects/runners/runner', collection: @group_runners, as: :runner
diff --git a/app/views/projects/runners/_index.html.haml b/app/views/projects/runners/_index.html.haml
index f9808f7c990..3f5119d408b 100644
--- a/app/views/projects/runners/_index.html.haml
+++ b/app/views/projects/runners/_index.html.haml
@@ -23,3 +23,7 @@
     = render 'projects/runners/specific_runners'
   .col-sm-6
     = render 'projects/runners/shared_runners'
+.row
+  .col-sm-6
+  .col-sm-6
+    = render 'projects/runners/group_runners'
diff --git a/app/views/projects/runners/_runner.html.haml b/app/views/projects/runners/_runner.html.haml
index 6376496ee1a..6d61da40f5b 100644
--- a/app/views/projects/runners/_runner.html.haml
+++ b/app/views/projects/runners/_runner.html.haml
@@ -26,7 +26,7 @@
         - else
           - runner_project = @project.runner_projects.find_by(runner_id: runner)
           = link_to 'Disable for this project', project_runner_project_path(@project, runner_project), data: { confirm: "Are you sure?" }, method: :delete, class: 'btn btn-danger btn-sm'
-      - elsif runner.specific?
+      - elsif runner.project?
         = form_for [@project.namespace.becomes(Namespace), @project, @project.runner_projects.new] do |f|
           = f.hidden_field :runner_id, value: runner.id
           = f.submit 'Enable for this project', class: 'btn btn-sm'
diff --git a/spec/features/runners_spec.rb b/spec/features/runners_spec.rb
index df65c2d2f83..f34aeb5bd5e 100644
--- a/spec/features/runners_spec.rb
+++ b/spec/features/runners_spec.rb
@@ -181,4 +181,44 @@ feature 'Runners' do
       expect(page.find('.shared-runners-description')).to have_content('Disable shared Runners')
     end
   end
+
+  context 'group runners' do
+    background do
+      project.add_master(user)
+    end
+
+    context 'project without a group' do
+      given(:project) { create :project }
+
+      scenario 'group runners are not available' do
+        visit runners_path(project)
+
+        expect(page).to have_content 'This project does not belong to a group and can therefore not make use of group Runners.'
+      end
+    end
+
+    context 'project with a group but no group runner' do
+      given(:group) { create :group }
+      given(:project) { create :project, group: group }
+
+      scenario 'group runners are not available' do
+        visit runners_path(project)
+
+        expect(page).to have_content 'This group does not provide any group Runners yet.'
+      end
+    end
+
+    context 'project with a group and a group runner' do
+      given(:group) { create :group }
+      given(:project) { create :project, group: group }
+      given!(:ci_runner) { create :ci_runner, groups: [group], description: 'group-runner' }
+
+      scenario 'group runners are available' do
+        visit runners_path(project)
+
+        expect(page).to have_content 'Available group Runners : 1'
+        expect(page).to have_content 'group-runner'
+      end
+    end
+  end
 end

From d588adff1a3ce87355c8b5ac09a77e6fc63fe89a Mon Sep 17 00:00:00 2001
From: Alexis Reigel <alexis.reigel.ext@siemens.com>
Date: Wed, 4 Oct 2017 15:51:23 +0200
Subject: [PATCH 025/129] don't filter group runners by project flag

the scope `Ci::Runner.belonging_to_group` does not filter out the
runners where the projects has `#group_runners_enabled` set to false
anymore.

it didn't show up in the runners UI anymore when group runners were
disabled. this was confusing.

the flag is only relevant when selecting appropriate runner for a build.
---
 app/models/ci/runner.rb       | 10 +---------
 spec/models/ci/runner_spec.rb |  8 --------
 2 files changed, 1 insertion(+), 17 deletions(-)

diff --git a/app/models/ci/runner.rb b/app/models/ci/runner.rb
index 586740a4a2a..9efafa8681f 100644
--- a/app/models/ci/runner.rb
+++ b/app/models/ci/runner.rb
@@ -37,15 +37,7 @@ module Ci
           INNER JOIN namespaces ON namespaces.id = ci_runner_groups.group_id
           INNER JOIN projects ON projects.namespace_id = namespaces.id
         }
-      ).where(
-        %{
-          projects.id = :project_id
-            AND
-          projects.group_runners_enabled = :true
-        },
-          project_id: project_id,
-          true: true
-      )
+      ).where('projects.id = :project_id', project_id: project_id)
     }
 
     scope :owned_or_shared, -> (project_id) do
diff --git a/spec/models/ci/runner_spec.rb b/spec/models/ci/runner_spec.rb
index 308db9e8e68..0cc52acd44d 100644
--- a/spec/models/ci/runner_spec.rb
+++ b/spec/models/ci/runner_spec.rb
@@ -93,14 +93,6 @@ describe Ci::Runner do
 
       expect(described_class.belonging_to_group(specific_project.id)).to eq [specific_runner]
     end
-
-    it 'does not return the group runner if the project has group runners disabled' do
-      specific_group = create :group
-      specific_project = create :project, group: specific_group, group_runners_enabled: false
-      create :ci_runner, :specific, groups: [specific_group]
-
-      expect(described_class.belonging_to_group(specific_project.id)).to be_empty
-    end
   end
 
   describe '.owned_or_shared' do

From 8d61d33d37f7b8f99eae73e4ba0b48fbe35a80dc Mon Sep 17 00:00:00 2001
From: Alexis Reigel <alexis.reigel.ext@siemens.com>
Date: Wed, 4 Oct 2017 17:11:53 +0200
Subject: [PATCH 026/129] use .owned_or_shared for #assignable_for?

instead of having the explicit logic duplicated from the scope we can
use the scope instead.
---
 app/models/ci/runner.rb       |  2 +-
 spec/models/ci/runner_spec.rb | 24 +++++++++++++++++++++---
 2 files changed, 22 insertions(+), 4 deletions(-)

diff --git a/app/models/ci/runner.rb b/app/models/ci/runner.rb
index 9efafa8681f..8a6de26164d 100644
--- a/app/models/ci/runner.rb
+++ b/app/models/ci/runner.rb
@@ -227,7 +227,7 @@ module Ci
     end
 
     def assignable_for?(project_id)
-      is_shared? || projects.exists?(id: project_id)
+      self.class.owned_or_shared(project_id).where(id: self.id).any?
     end
 
     def accepting_tags?(build)
diff --git a/spec/models/ci/runner_spec.rb b/spec/models/ci/runner_spec.rb
index 0cc52acd44d..1456c44dbf6 100644
--- a/spec/models/ci/runner_spec.rb
+++ b/spec/models/ci/runner_spec.rb
@@ -236,6 +236,13 @@ describe Ci::Runner do
       build.project.runners << runner
     end
 
+    context 'a different runner' do
+      it 'cannot handle builds' do
+        other_runner = create :ci_runner
+        expect(other_runner.can_pick?(build)).to be_falsey
+      end
+    end
+
     context 'when runner does not have tags' do
       it 'can handle builds without tags' do
         expect(runner.can_pick?(build)).to be_truthy
@@ -277,7 +284,7 @@ describe Ci::Runner do
 
       context 'when runner cannot pick untagged jobs' do
         before do
-          runner.run_untagged = false
+          runner.update_attributes!(run_untagged: false)
         end
 
         it 'cannot handle builds without tags' do
@@ -290,7 +297,7 @@ describe Ci::Runner do
 
     context 'when runner is shared' do
       before do
-        runner.is_shared = true
+        runner.update_attributes!(is_shared: true)
         build.project.runners = []
       end
 
@@ -300,7 +307,7 @@ describe Ci::Runner do
 
       context 'when runner is locked' do
         before do
-          runner.locked = true
+          runner.update_attributes!(locked: true)
         end
 
         it 'can handle builds' do
@@ -325,6 +332,17 @@ describe Ci::Runner do
           expect(runner.can_pick?(build)).to be_falsey
         end
       end
+
+      context 'when runner is assigned to a group' do
+        before do
+          build.project.runners = []
+          runner.groups << create(:group, projects: [build.project])
+        end
+
+        it 'can handle builds' do
+          expect(runner.can_pick?(build)).to be_truthy
+        end
+      end
     end
 
     context 'when access_level of runner is not_protected' do

From d8675bd45f6f9b5af701343fbff7650f49559048 Mon Sep 17 00:00:00 2001
From: Alexis Reigel <alexis.reigel.ext@siemens.com>
Date: Wed, 4 Oct 2017 17:37:05 +0200
Subject: [PATCH 027/129] select group runners also in build queue service

---
 app/services/ci/update_build_queue_service.rb | 16 +++--
 .../ci/update_build_queue_service_spec.rb     | 62 +++++++++++++++----
 2 files changed, 62 insertions(+), 16 deletions(-)

diff --git a/app/services/ci/update_build_queue_service.rb b/app/services/ci/update_build_queue_service.rb
index 152c8ae5006..4fb03d2fa1b 100644
--- a/app/services/ci/update_build_queue_service.rb
+++ b/app/services/ci/update_build_queue_service.rb
@@ -7,11 +7,19 @@ module Ci
         end
       end
 
-      return unless build.project.shared_runners_enabled?
+      if build.project.group_runners_enabled?
+        Ci::Runner.belonging_to_group(build.project_id).each do |runner|
+          if runner.can_pick?(build)
+            runner.tick_runner_queue
+          end
+        end
+      end
 
-      Ci::Runner.shared.each do |runner|
-        if runner.can_pick?(build)
-          runner.tick_runner_queue
+      if build.project.shared_runners_enabled?
+        Ci::Runner.shared.each do |runner|
+          if runner.can_pick?(build)
+            runner.tick_runner_queue
+          end
         end
       end
     end
diff --git a/spec/services/ci/update_build_queue_service_spec.rb b/spec/services/ci/update_build_queue_service_spec.rb
index 0da0e57dbcd..74a23ed2a3f 100644
--- a/spec/services/ci/update_build_queue_service_spec.rb
+++ b/spec/services/ci/update_build_queue_service_spec.rb
@@ -8,21 +8,19 @@ describe Ci::UpdateBuildQueueService do
   context 'when updating specific runners' do
     let(:runner) { create(:ci_runner) }
 
-    context 'when there are runner that can pick build' do
+    context 'when there is a runner that can pick build' do
       before do
         build.project.runners << runner
       end
 
       it 'ticks runner queue value' do
-        expect { subject.execute(build) }
-          .to change { runner.ensure_runner_queue_value }
+        expect { subject.execute(build) }.to change { runner.ensure_runner_queue_value }
       end
     end
 
-    context 'when there are no runners that can pick build' do
+    context 'when there is no runner that can pick build' do
       it 'does not tick runner queue value' do
-        expect { subject.execute(build) }
-          .not_to change { runner.ensure_runner_queue_value }
+        expect { subject.execute(build) }.not_to change { runner.ensure_runner_queue_value }
       end
     end
   end
@@ -30,21 +28,61 @@ describe Ci::UpdateBuildQueueService do
   context 'when updating shared runners' do
     let(:runner) { create(:ci_runner, :shared) }
 
-    context 'when there are runner that can pick build' do
+    context 'when there is no runner that can pick build' do
       it 'ticks runner queue value' do
-        expect { subject.execute(build) }
-          .to change { runner.ensure_runner_queue_value }
+        expect { subject.execute(build) }.to change { runner.ensure_runner_queue_value }
       end
     end
 
-    context 'when there are no runners that can pick build' do
+    context 'when there is no runner that can pick build due to tag mismatch' do
       before do
         build.tag_list = [:docker]
       end
 
       it 'does not tick runner queue value' do
-        expect { subject.execute(build) }
-          .not_to change { runner.ensure_runner_queue_value }
+        expect { subject.execute(build) }.not_to change { runner.ensure_runner_queue_value }
+      end
+    end
+
+    context 'when there is no runner that can pick build due to being disabled on project' do
+      before do
+        build.project.shared_runners_enabled = false
+      end
+
+      it 'does not tick runner queue value' do
+        expect { subject.execute(build) }.not_to change { runner.ensure_runner_queue_value }
+      end
+    end
+  end
+
+  context 'when updating group runners' do
+    let(:group) { create :group }
+    let(:project) { create :project, group: group }
+    let(:runner) { create :ci_runner, groups: [group] }
+
+    context 'when there is a runner that can pick build' do
+      it 'ticks runner queue value' do
+        expect { subject.execute(build) }.to change { runner.ensure_runner_queue_value }
+      end
+    end
+
+    context 'when there is no runner that can pick build due to tag mismatch' do
+      before do
+        build.tag_list = [:docker]
+      end
+
+      it 'does not tick runner queue value' do
+        expect { subject.execute(build) }.not_to change { runner.ensure_runner_queue_value }
+      end
+    end
+
+    context 'when there is no runner that can pick build due to being disabled on project' do
+      before do
+        build.project.group_runners_enabled = false
+      end
+
+      it 'does not tick runner queue value' do
+        expect { subject.execute(build) }.not_to change { runner.ensure_runner_queue_value }
       end
     end
   end

From 7584d03ab12133ab6a64b473ece56b72612abad8 Mon Sep 17 00:00:00 2001
From: Alexis Reigel <alexis.reigel.ext@siemens.com>
Date: Thu, 5 Oct 2017 09:55:01 +0200
Subject: [PATCH 028/129] allow disabling/enabling group runners per project

---
 app/controllers/projects/runners_controller.rb     |  6 ++++++
 .../projects/runners/_group_runners.html.haml      | 10 ++++++++++
 config/routes/project.rb                           |  1 +
 spec/features/runners_spec.rb                      | 14 ++++++++++++++
 4 files changed, 31 insertions(+)

diff --git a/app/controllers/projects/runners_controller.rb b/app/controllers/projects/runners_controller.rb
index c950d0f7001..87c19eeed3e 100644
--- a/app/controllers/projects/runners_controller.rb
+++ b/app/controllers/projects/runners_controller.rb
@@ -52,6 +52,12 @@ class Projects::RunnersController < Projects::ApplicationController
     redirect_to project_settings_ci_cd_path(@project)
   end
 
+  def toggle_group_runners
+    project.toggle!(:group_runners_enabled)
+
+    redirect_to project_settings_ci_cd_path(@project)
+  end
+
   protected
 
   def set_runner
diff --git a/app/views/projects/runners/_group_runners.html.haml b/app/views/projects/runners/_group_runners.html.haml
index dbdfda740e3..785abba945b 100644
--- a/app/views/projects/runners/_group_runners.html.haml
+++ b/app/views/projects/runners/_group_runners.html.haml
@@ -4,6 +4,16 @@
   GitLab Group Runners can execute code for all the projects in this group.
   They can be managed using the #{link_to 'Runners API', help_page_path('api/runners.md')}.
 
+  - if @project.group
+    %hr
+    - if @project.group_runners_enabled?
+      = link_to toggle_group_runners_project_runners_path(@project), class: 'btn btn-warning', method: :post do
+        Disable group Runners
+    - else
+      = link_to toggle_group_runners_project_runners_path(@project), class: 'btn btn-success', method: :post do
+        Enable group Runners
+    &nbsp; for this project
+
 - if !@project.group
   This project does not belong to a group and can therefore not make use of group Runners.
 
diff --git a/config/routes/project.rb b/config/routes/project.rb
index 2a1bcb8cde2..382d5b1e3c7 100644
--- a/config/routes/project.rb
+++ b/config/routes/project.rb
@@ -410,6 +410,7 @@ constraints(::Constraints::ProjectUrlConstrainer.new) do
 
         collection do
           post :toggle_shared_runners
+          post :toggle_group_runners
         end
       end
 
diff --git a/spec/features/runners_spec.rb b/spec/features/runners_spec.rb
index f34aeb5bd5e..dcd06a4015d 100644
--- a/spec/features/runners_spec.rb
+++ b/spec/features/runners_spec.rb
@@ -219,6 +219,20 @@ feature 'Runners' do
         expect(page).to have_content 'Available group Runners : 1'
         expect(page).to have_content 'group-runner'
       end
+
+      scenario 'group runners may be disabled for a project' do
+        visit runners_path(project)
+
+        click_on 'Disable group Runners'
+
+        expect(page).to have_content 'Enable group Runners'
+        expect(project.reload.group_runners_enabled).to be false
+
+        click_on 'Enable group Runners'
+
+        expect(page).to have_content 'Disable group Runners'
+        expect(project.reload.group_runners_enabled).to be true
+      end
     end
   end
 end

From 743c32270e2913a19999bd32d6208e80dd62dc2a Mon Sep 17 00:00:00 2001
From: Alexis Reigel <alexis.reigel.ext@siemens.com>
Date: Thu, 5 Oct 2017 13:29:21 +0200
Subject: [PATCH 029/129] select group runners also in register_job_service

---
 app/services/ci/register_job_service.rb       | 47 ++++++++---
 spec/services/ci/register_job_service_spec.rb | 79 +++++++++++++++++--
 2 files changed, 111 insertions(+), 15 deletions(-)

diff --git a/app/services/ci/register_job_service.rb b/app/services/ci/register_job_service.rb
index 0b087ad73da..000ae3539e3 100644
--- a/app/services/ci/register_job_service.rb
+++ b/app/services/ci/register_job_service.rb
@@ -17,6 +17,8 @@ module Ci
       builds =
         if runner.shared?
           builds_for_shared_runner
+        elsif runner.group?
+          builds_for_group_runner
         else
           builds_for_specific_runner
         end
@@ -69,16 +71,33 @@ module Ci
     private
 
     def builds_for_shared_runner
-      new_builds.
-        # don't run projects which have not enabled shared runners and builds
-        joins(:project).where(projects: { shared_runners_enabled: true, pending_delete: false })
-        .joins('LEFT JOIN project_features ON ci_builds.project_id = project_features.project_id')
-        .where('project_features.builds_access_level IS NULL or project_features.builds_access_level > 0').
+      builds_for_scheduled_runner(
+        running_builds_for_shared_runners,
+        projects: { shared_runners_enabled: true }
+      )
+    end
 
-        # Implement fair scheduling
-        # this returns builds that are ordered by number of running builds
-        # we prefer projects that don't use shared runners at all
-        joins("LEFT JOIN (#{running_builds_for_shared_runners.to_sql}) AS project_builds ON ci_builds.project_id=project_builds.project_id")
+    def builds_for_group_runner
+      builds_for_scheduled_runner(
+        running_builds_for_group_runners,
+        projects: { group_runners_enabled: true }
+      )
+    end
+
+    def builds_for_scheduled_runner(build_join, project_where)
+      project_where = project_where.deep_merge(projects: { pending_delete: false })
+
+      # don't run projects which have not enabled group runners and builds
+      builds = new_builds
+        .joins(:project).where(project_where)
+        .joins('LEFT JOIN project_features ON ci_builds.project_id = project_features.project_id')
+        .where('project_features.builds_access_level IS NULL or project_features.builds_access_level > 0')
+
+      # Implement fair scheduling
+      # this returns builds that are ordered by number of running builds
+      # we prefer projects that don't use group runners at all
+      builds
+        .joins("LEFT JOIN (#{build_join.to_sql}) AS project_builds ON ci_builds.project_id=project_builds.project_id")
         .order('COALESCE(project_builds.running_builds, 0) ASC', 'ci_builds.id ASC')
     end
 
@@ -87,7 +106,15 @@ module Ci
     end
 
     def running_builds_for_shared_runners
-      Ci::Build.running.where(runner: Ci::Runner.shared)
+      running_builds_for_runners(Ci::Runner.shared)
+    end
+
+    def running_builds_for_group_runners
+      running_builds_for_runners(Ci::Runner.joins(:runner_groups))
+    end
+
+    def running_builds_for_runners(runners)
+      Ci::Build.running.where(runner: runners)
         .group(:project_id).select(:project_id, 'count(*) AS running_builds')
     end
 
diff --git a/spec/services/ci/register_job_service_spec.rb b/spec/services/ci/register_job_service_spec.rb
index 8a537e83d5f..138ef673527 100644
--- a/spec/services/ci/register_job_service_spec.rb
+++ b/spec/services/ci/register_job_service_spec.rb
@@ -2,11 +2,13 @@ require 'spec_helper'
 
 module Ci
   describe RegisterJobService do
-    let!(:project) { FactoryBot.create :project, shared_runners_enabled: false }
-    let!(:pipeline) { FactoryBot.create :ci_pipeline, project: project }
-    let!(:pending_job) { FactoryBot.create :ci_build, pipeline: pipeline }
-    let!(:shared_runner) { FactoryBot.create(:ci_runner, is_shared: true) }
-    let!(:specific_runner) { FactoryBot.create(:ci_runner, is_shared: false) }
+    let!(:project) { create :project, shared_runners_enabled: false }
+    let!(:group) { create :group }
+    let!(:pipeline) { create :ci_pipeline, project: project }
+    let!(:pending_job) { create :ci_build, pipeline: pipeline }
+    let!(:shared_runner) { create :ci_runner, is_shared: true }
+    let!(:specific_runner) { create :ci_runner, is_shared: false }
+    let!(:group_runner) { create :ci_runner, groups: [group] }
 
     before do
       specific_runner.assign_to(project)
@@ -167,6 +169,73 @@ module Ci
         end
       end
 
+      context 'allow group runners' do
+        before do
+          project.update!(group_runners_enabled: true, group: group)
+        end
+
+        context 'for multiple builds' do
+          let!(:project2) { create :project, group_runners_enabled: true, group: group }
+          let!(:pipeline2) { create :ci_pipeline, project: project2 }
+          let!(:project3) { create :project, group_runners_enabled: true, group: group }
+          let!(:pipeline3) { create :ci_pipeline, project: project3 }
+          let!(:build1_project1) { pending_job }
+          let!(:build2_project1) { create :ci_build, pipeline: pipeline }
+          let!(:build3_project1) { create :ci_build, pipeline: pipeline }
+          let!(:build1_project2) { create :ci_build, pipeline: pipeline2 }
+          let!(:build2_project2) { create :ci_build, pipeline: pipeline2 }
+          let!(:build1_project3) { create :ci_build, pipeline: pipeline3 }
+
+          it 'prefers projects without builds first' do
+            # it gets for one build from each of the projects
+            expect(execute(group_runner)).to eq(build1_project1)
+            expect(execute(group_runner)).to eq(build1_project2)
+            expect(execute(group_runner)).to eq(build1_project3)
+
+            # then it gets a second build from each of the projects
+            expect(execute(group_runner)).to eq(build2_project1)
+            expect(execute(group_runner)).to eq(build2_project2)
+
+            # in the end the third build
+            expect(execute(group_runner)).to eq(build3_project1)
+          end
+
+          it 'equalises number of running builds' do
+            # after finishing the first build for project 1, get a second build from the same project
+            expect(execute(group_runner)).to eq(build1_project1)
+            build1_project1.reload.success
+            expect(execute(group_runner)).to eq(build2_project1)
+
+            expect(execute(group_runner)).to eq(build1_project2)
+            build1_project2.reload.success
+            expect(execute(group_runner)).to eq(build2_project2)
+            expect(execute(group_runner)).to eq(build1_project3)
+            expect(execute(group_runner)).to eq(build3_project1)
+          end
+        end
+
+        context 'group runner' do
+          let(:build) { execute(group_runner) }
+
+          it { expect(build).to be_kind_of(Build) }
+          it { expect(build).to be_valid }
+          it { expect(build).to be_running }
+          it { expect(build.runner).to eq(group_runner) }
+        end
+      end
+
+      context 'disallow group runners' do
+        before do
+          project.update(group_runners_enabled: false)
+        end
+
+        context 'group runner' do
+          let(:build) { execute(group_runner) }
+
+          it { expect(build).to be_nil }
+        end
+      end
+
       context 'when first build is stalled' do
         before do
           pending_job.update(lock_version: 0)

From a5f5a27df5d3055612fc8c2686ef3b9ab20bd85e Mon Sep 17 00:00:00 2001
From: Alexis Reigel <alexis.reigel.ext@siemens.com>
Date: Thu, 5 Oct 2017 13:53:18 +0200
Subject: [PATCH 030/129] include group runners in Project#any_runners?

---
 app/models/project.rb       | 18 +++++---
 spec/models/project_spec.rb | 87 ++++++++++++++++++++++++++-----------
 2 files changed, 73 insertions(+), 32 deletions(-)

diff --git a/app/models/project.rb b/app/models/project.rb
index cec1e705aa8..9a096ba1a7b 100644
--- a/app/models/project.rb
+++ b/app/models/project.rb
@@ -1298,20 +1298,26 @@ class Project < ActiveRecord::Base
     project_feature.update_attribute(:builds_access_level, ProjectFeature::ENABLED)
   end
 
-  def shared_runners_available?
-    shared_runners_enabled?
-  end
-
   def shared_runners
-    @shared_runners ||= shared_runners_available? ? Ci::Runner.shared : Ci::Runner.none
+    @shared_runners ||= shared_runners_enabled? ? Ci::Runner.shared : Ci::Runner.none
   end
 
   def active_shared_runners
     @active_shared_runners ||= shared_runners.active
   end
 
+  def group_runners
+    @group_runners ||= group_runners_enabled? ? Ci::Runner.belonging_to_group(self.id) : Ci::Runner.none
+  end
+
+  def active_group_runners
+    @active_group_runners ||= group_runners.active
+  end
+
   def any_runners?(&block)
-    active_runners.any?(&block) || active_shared_runners.any?(&block)
+    active_runners.any?(&block) ||
+      active_shared_runners.any?(&block) ||
+      active_group_runners.any?(&block)
   end
 
   def valid_runners_token?(token)
diff --git a/spec/models/project_spec.rb b/spec/models/project_spec.rb
index 2675c2f52c1..9657e5011b1 100644
--- a/spec/models/project_spec.rb
+++ b/spec/models/project_spec.rb
@@ -1139,44 +1139,79 @@ describe Project do
   end
 
   describe '#any_runners' do
-    let(:project) { create(:project, shared_runners_enabled: shared_runners_enabled) }
-    let(:specific_runner) { create(:ci_runner) }
-    let(:shared_runner) { create(:ci_runner, :shared) }
+    context 'shared runners' do
+      let(:project) { create :project, shared_runners_enabled: shared_runners_enabled }
+      let(:specific_runner) { create :ci_runner }
+      let(:shared_runner) { create :ci_runner, :shared }
 
-    context 'for shared runners disabled' do
-      let(:shared_runners_enabled) { false }
+      context 'for shared runners disabled' do
+        let(:shared_runners_enabled) { false }
 
-      it 'has no runners available' do
-        expect(project.any_runners?).to be_falsey
+        it 'has no runners available' do
+          expect(project.any_runners?).to be_falsey
+        end
+
+        it 'has a specific runner' do
+          project.runners << specific_runner
+          expect(project.any_runners?).to be_truthy
+        end
+
+        it 'has a shared runner, but they are prohibited to use' do
+          shared_runner
+          expect(project.any_runners?).to be_falsey
+        end
+
+        it 'checks the presence of specific runner' do
+          project.runners << specific_runner
+          expect(project.any_runners? { |runner| runner == specific_runner }).to be_truthy
+        end
       end
 
-      it 'has a specific runner' do
-        project.runners << specific_runner
-        expect(project.any_runners?).to be_truthy
-      end
+      context 'for shared runners enabled' do
+        let(:shared_runners_enabled) { true }
 
-      it 'has a shared runner, but they are prohibited to use' do
-        shared_runner
-        expect(project.any_runners?).to be_falsey
-      end
+        it 'has a shared runner' do
+          shared_runner
+          expect(project.any_runners?).to be_truthy
+        end
 
-      it 'checks the presence of specific runner' do
-        project.runners << specific_runner
-        expect(project.any_runners? { |runner| runner == specific_runner }).to be_truthy
+        it 'checks the presence of shared runner' do
+          shared_runner
+          expect(project.any_runners? { |runner| runner == shared_runner }).to be_truthy
+        end
       end
     end
 
-    context 'for shared runners enabled' do
-      let(:shared_runners_enabled) { true }
+    context 'group runners' do
+      let(:project) { create :project, group_runners_enabled: group_runners_enabled }
+      let(:group) { create :group, projects: [project] }
+      let(:group_runner) { create :ci_runner, groups: [group] }
 
-      it 'has a shared runner' do
-        shared_runner
-        expect(project.any_runners?).to be_truthy
+      context 'for group runners disabled' do
+        let(:group_runners_enabled) { false }
+
+        it 'has no runners available' do
+          expect(project.any_runners?).to be_falsey
+        end
+
+        it 'has a group runner, but they are prohibited to use' do
+          group_runner
+          expect(project.any_runners?).to be_falsey
+        end
       end
 
-      it 'checks the presence of shared runner' do
-        shared_runner
-        expect(project.any_runners? { |runner| runner == shared_runner }).to be_truthy
+      context 'for group runners enabled' do
+        let(:group_runners_enabled) { true }
+
+        it 'has a group runner' do
+          group_runner
+          expect(project.any_runners?).to be_truthy
+        end
+
+        it 'checks the presence of group runner' do
+          group_runner
+          expect(project.any_runners? { |runner| runner == group_runner }).to be_truthy
+        end
       end
     end
   end

From 6077c569a6cc323c5eab09486e5254c5f96ce601 Mon Sep 17 00:00:00 2001
From: Alexis Reigel <alexis.reigel.ext@siemens.com>
Date: Thu, 5 Oct 2017 14:25:31 +0200
Subject: [PATCH 031/129] denote group runners on admin runners page

---
 app/views/admin/runners/_runner.html.haml |  4 ++-
 app/views/admin/runners/index.html.haml   |  3 ++
 spec/features/admin/admin_runners_spec.rb | 41 +++++++++++++++++++++++
 3 files changed, 47 insertions(+), 1 deletion(-)

diff --git a/app/views/admin/runners/_runner.html.haml b/app/views/admin/runners/_runner.html.haml
index e1cee584929..f1e0e3b5ad6 100644
--- a/app/views/admin/runners/_runner.html.haml
+++ b/app/views/admin/runners/_runner.html.haml
@@ -2,6 +2,8 @@
   %td
     - if runner.shared?
       %span.label.label-success shared
+    - elsif runner.group?
+      %span.label.label-success group
     - else
       %span.label.label-info specific
     - if runner.locked?
@@ -19,7 +21,7 @@
   %td
     = runner.ip_address
   %td
-    - if runner.shared?
+    - if runner.shared? || runner.group?
       n/a
     - else
       = runner.projects.count(:all)
diff --git a/app/views/admin/runners/index.html.haml b/app/views/admin/runners/index.html.haml
index 9f13dbbbd82..1a3b5e58ed5 100644
--- a/app/views/admin/runners/index.html.haml
+++ b/app/views/admin/runners/index.html.haml
@@ -16,6 +16,9 @@
         %li
           %span.label.label-success shared
           \- Runner runs jobs from all unassigned projects
+        %li
+          %span.label.label-success group
+          \- Runner runs jobs from all unassigned projects in its group
         %li
           %span.label.label-info specific
           \- Runner runs jobs from assigned projects
diff --git a/spec/features/admin/admin_runners_spec.rb b/spec/features/admin/admin_runners_spec.rb
index 8de2e3d199b..b0aa2e8b588 100644
--- a/spec/features/admin/admin_runners_spec.rb
+++ b/spec/features/admin/admin_runners_spec.rb
@@ -59,6 +59,47 @@ describe "Admin Runners" do
         expect(page).to have_text 'No runners found'
       end
     end
+
+    context 'group runner' do
+      it 'shows the label and does not show the project count' do
+        group = create :group
+        runner = create :ci_runner, groups: [group]
+
+        visit admin_runners_path
+
+        within "#runner_#{runner.id}" do
+          expect(page).to have_selector '.label', text: 'group'
+          expect(page).to have_text 'n/a'
+        end
+      end
+    end
+
+    context 'shared runner' do
+      it 'shows the label and does not show the project count' do
+        runner = create :ci_runner, :shared
+
+        visit admin_runners_path
+
+        within "#runner_#{runner.id}" do
+          expect(page).to have_selector '.label', text: 'shared'
+          expect(page).to have_text 'n/a'
+        end
+      end
+    end
+
+    context 'specific runner' do
+      it 'shows the label and the project count' do
+        project = create :project
+        runner = create :ci_runner, projects: [project]
+
+        visit admin_runners_path
+
+        within "#runner_#{runner.id}" do
+          expect(page).to have_selector '.label', text: 'specific'
+          expect(page).to have_text '1'
+        end
+      end
+    end
   end
 
   describe "Runner show page" do

From 6bd3cb044d11ee7d81195191d7cb15ff2f96e8d6 Mon Sep 17 00:00:00 2001
From: Alexis Reigel <alexis.reigel.ext@siemens.com>
Date: Thu, 5 Oct 2017 14:26:36 +0200
Subject: [PATCH 032/129] different text on admin runner page for group r.

---
 app/views/admin/runners/show.html.haml | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/app/views/admin/runners/show.html.haml b/app/views/admin/runners/show.html.haml
index 37269862de6..ae5f860d0d1 100644
--- a/app/views/admin/runners/show.html.haml
+++ b/app/views/admin/runners/show.html.haml
@@ -19,6 +19,9 @@
     %p
       If you want Runners to build only specific projects, enable them in the table below.
       Keep in mind that this is a one way transition.
+- elsif @runner.group?
+  .bs-callout.bs-callout-success
+    %h4 This runner will process jobs from all projects in its group and subgroups
 - else
   .bs-callout.bs-callout-info
     %h4 This Runner will process jobs only from ASSIGNED projects

From 9b836b83bcabb4b977afc0e06897c4f1509215b0 Mon Sep 17 00:00:00 2001
From: Alexis Reigel <alexis.reigel.ext@siemens.com>
Date: Thu, 5 Oct 2017 20:53:24 +0200
Subject: [PATCH 033/129] support group hierarchies for group runners

---
 app/models/ci/runner.rb       | 11 ++++-------
 spec/models/ci/runner_spec.rb |  9 +++++++++
 2 files changed, 13 insertions(+), 7 deletions(-)

diff --git a/app/models/ci/runner.rb b/app/models/ci/runner.rb
index 8a6de26164d..b220ece3092 100644
--- a/app/models/ci/runner.rb
+++ b/app/models/ci/runner.rb
@@ -31,13 +31,10 @@ module Ci
       joins(:runner_projects).where(ci_runner_projects: { project_id: project_id })
     }
     scope :belonging_to_group, -> (project_id) {
-      joins(
-        %{
-          INNER JOIN ci_runner_groups ON ci_runner_groups.runner_id = ci_runners.id
-          INNER JOIN namespaces ON namespaces.id = ci_runner_groups.group_id
-          INNER JOIN projects ON projects.namespace_id = namespaces.id
-        }
-      ).where('projects.id = :project_id', project_id: project_id)
+      project_groups = ::Group.joins(:projects).where(projects: { id: project_id })
+      hierarchy_groups = Gitlab::GroupHierarchy.new(project_groups).base_and_ancestors
+
+      joins(:groups).where(namespaces: { id: hierarchy_groups })
     }
 
     scope :owned_or_shared, -> (project_id) do
diff --git a/spec/models/ci/runner_spec.rb b/spec/models/ci/runner_spec.rb
index 1456c44dbf6..ba0db43a1e7 100644
--- a/spec/models/ci/runner_spec.rb
+++ b/spec/models/ci/runner_spec.rb
@@ -93,6 +93,15 @@ describe Ci::Runner do
 
       expect(described_class.belonging_to_group(specific_project.id)).to eq [specific_runner]
     end
+
+    it 'returns the group runner from a parent group' do
+      parent_group = create :group
+      group = create :group, parent: parent_group
+      project = create :project, group: group
+      runner = create :ci_runner, :specific, groups: [parent_group]
+
+      expect(described_class.belonging_to_group(project.id)).to eq [runner]
+    end
   end
 
   describe '.owned_or_shared' do

From d66941002ed946b6266642515a91284dec4105c6 Mon Sep 17 00:00:00 2001
From: Alexis Reigel <alexis.reigel.ext@siemens.com>
Date: Mon, 30 Oct 2017 16:17:17 +0100
Subject: [PATCH 034/129] dry up: extract method

---
 app/services/ci/update_build_queue_service.rb | 26 ++++++++-----------
 1 file changed, 11 insertions(+), 15 deletions(-)

diff --git a/app/services/ci/update_build_queue_service.rb b/app/services/ci/update_build_queue_service.rb
index 4fb03d2fa1b..ab81766abf3 100644
--- a/app/services/ci/update_build_queue_service.rb
+++ b/app/services/ci/update_build_queue_service.rb
@@ -1,26 +1,22 @@
 module Ci
   class UpdateBuildQueueService
     def execute(build)
-      build.project.runners.each do |runner|
-        if runner.can_pick?(build)
-          runner.tick_runner_queue
-        end
-      end
+      tick_for(build, build.project.runners)
 
       if build.project.group_runners_enabled?
-        Ci::Runner.belonging_to_group(build.project_id).each do |runner|
-          if runner.can_pick?(build)
-            runner.tick_runner_queue
-          end
-        end
+        tick_for(build, Ci::Runner.belonging_to_group(build.project_id))
       end
 
       if build.project.shared_runners_enabled?
-        Ci::Runner.shared.each do |runner|
-          if runner.can_pick?(build)
-            runner.tick_runner_queue
-          end
-        end
+        tick_for(build, Ci::Runner.shared)
+      end
+    end
+
+    private
+
+    def tick_for(build, runners)
+      runners.each do |runner|
+        runner.tick_runner_queue if runner.can_pick?(build)
       end
     end
   end

From a2a7ad291f64a5db74c1bc21fb556e6e8862d0f3 Mon Sep 17 00:00:00 2001
From: Alexis Reigel <alexis.reigel.ext@siemens.com>
Date: Wed, 8 Nov 2017 10:21:54 +0100
Subject: [PATCH 035/129] add project_settings (Project#settings)

---
 app/models/project.rb                         |  8 ++++++++
 app/models/project_settings.rb                |  3 +++
 .../20171030155459_create_project_settings.rb | 12 +++++++++++
 db/schema.rb                                  |  7 +++++++
 spec/factories/project_settings.rb            |  5 +++++
 spec/models/project_spec.rb                   | 20 +++++++++++++++++++
 6 files changed, 55 insertions(+)
 create mode 100644 app/models/project_settings.rb
 create mode 100644 db/migrate/20171030155459_create_project_settings.rb
 create mode 100644 spec/factories/project_settings.rb

diff --git a/app/models/project.rb b/app/models/project.rb
index 9a096ba1a7b..dadd0755848 100644
--- a/app/models/project.rb
+++ b/app/models/project.rb
@@ -232,6 +232,14 @@ class Project < ActiveRecord::Base
 
   has_many :project_badges, class_name: 'ProjectBadge'
 
+  has_one :settings, -> (project) {
+    query = where(project_id: project)
+    query.presence || begin
+      ProjectSettings.create(project_id: project.id)
+      query
+    end
+  }, class_name: 'ProjectSettings'
+
   accepts_nested_attributes_for :variables, allow_destroy: true
   accepts_nested_attributes_for :project_feature, update_only: true
   accepts_nested_attributes_for :import_data
diff --git a/app/models/project_settings.rb b/app/models/project_settings.rb
new file mode 100644
index 00000000000..b126f66fafa
--- /dev/null
+++ b/app/models/project_settings.rb
@@ -0,0 +1,3 @@
+class ProjectSettings < ActiveRecord::Base
+  belongs_to :project
+end
diff --git a/db/migrate/20171030155459_create_project_settings.rb b/db/migrate/20171030155459_create_project_settings.rb
new file mode 100644
index 00000000000..eeb449505b8
--- /dev/null
+++ b/db/migrate/20171030155459_create_project_settings.rb
@@ -0,0 +1,12 @@
+# See http://doc.gitlab.com/ce/development/migration_style_guide.html
+# for more information on how to write migrations for GitLab.
+
+class CreateProjectSettings < ActiveRecord::Migration
+  DOWNTIME = false
+
+  def change
+    create_table :project_settings do |t|
+      t.references :project, index: true, foreign_key: { on_delete: :cascade }
+    end
+  end
+end
diff --git a/db/schema.rb b/db/schema.rb
index 43befa6d3b1..b199342dc15 100644
--- a/db/schema.rb
+++ b/db/schema.rb
@@ -1504,6 +1504,12 @@ ActiveRecord::Schema.define(version: 20180418053107) do
 
   add_index "project_import_data", ["project_id"], name: "index_project_import_data_on_project_id", using: :btree
 
+  create_table "project_settings", force: :cascade do |t|
+    t.integer "project_id"
+  end
+
+  add_index "project_settings", ["project_id"], name: "index_project_settings_on_project_id", using: :btree
+
   create_table "project_statistics", force: :cascade do |t|
     t.integer "project_id", null: false
     t.integer "namespace_id", null: false
@@ -2185,6 +2191,7 @@ ActiveRecord::Schema.define(version: 20180418053107) do
   add_foreign_key "project_features", "projects", name: "fk_18513d9b92", on_delete: :cascade
   add_foreign_key "project_group_links", "projects", name: "fk_daa8cee94c", on_delete: :cascade
   add_foreign_key "project_import_data", "projects", name: "fk_ffb9ee3a10", on_delete: :cascade
+  add_foreign_key "project_settings", "projects", on_delete: :cascade
   add_foreign_key "project_statistics", "projects", on_delete: :cascade
   add_foreign_key "protected_branch_merge_access_levels", "protected_branches", name: "fk_8a3072ccb3", on_delete: :cascade
   add_foreign_key "protected_branch_push_access_levels", "protected_branches", name: "fk_9ffc86a3d9", on_delete: :cascade
diff --git a/spec/factories/project_settings.rb b/spec/factories/project_settings.rb
new file mode 100644
index 00000000000..90240ee6de0
--- /dev/null
+++ b/spec/factories/project_settings.rb
@@ -0,0 +1,5 @@
+FactoryBot.define do
+  factory :project_settings do
+    project
+  end
+end
diff --git a/spec/models/project_spec.rb b/spec/models/project_spec.rb
index 9657e5011b1..e0f442a334c 100644
--- a/spec/models/project_spec.rb
+++ b/spec/models/project_spec.rb
@@ -115,6 +115,26 @@ describe Project do
         expect(subject.boards.size).to eq 1
       end
     end
+
+    describe '#settings' do
+      it 'creates lazily a settings record when the project does not have one associated' do
+        project = create :project
+        expect(ProjectSettings.count).to eq 0
+
+        expect(project.settings).to be_a ProjectSettings
+
+        expect(ProjectSettings.count).to eq 1
+      end
+
+      it 'returns the associated record when the project has one associated' do
+        project = create :project, settings: create(:project_settings)
+        expect(ProjectSettings.count).to eq 1
+
+        expect(project.settings).to be_a ProjectSettings
+
+        expect(ProjectSettings.count).to eq 1
+      end
+    end
   end
 
   describe 'modules' do

From dd785467393610a73da6e9fd8413bca685d9356c Mon Sep 17 00:00:00 2001
From: Alexis Reigel <alexis.reigel.ext@siemens.com>
Date: Wed, 8 Nov 2017 13:08:13 +0100
Subject: [PATCH 036/129] project#group_runner_enabled -> project_settings

---
 app/controllers/projects/runners_controller.rb   |  2 +-
 app/models/project.rb                            |  5 +++++
 ...2221_add_group_runners_enabled_to_projects.rb | 16 ----------------
 .../20171030155459_create_project_settings.rb    |  2 ++
 db/schema.rb                                     |  3 ++-
 spec/factories/projects.rb                       |  9 ++++++++-
 spec/models/project_spec.rb                      | 12 ++++++++++++
 7 files changed, 30 insertions(+), 19 deletions(-)
 delete mode 100644 db/migrate/20170925142221_add_group_runners_enabled_to_projects.rb

diff --git a/app/controllers/projects/runners_controller.rb b/app/controllers/projects/runners_controller.rb
index 87c19eeed3e..992e42d9348 100644
--- a/app/controllers/projects/runners_controller.rb
+++ b/app/controllers/projects/runners_controller.rb
@@ -53,7 +53,7 @@ class Projects::RunnersController < Projects::ApplicationController
   end
 
   def toggle_group_runners
-    project.toggle!(:group_runners_enabled)
+    project.toggle_settings!(:group_runners_enabled)
 
     redirect_to project_settings_ci_cd_path(@project)
   end
diff --git a/app/models/project.rb b/app/models/project.rb
index dadd0755848..3daedc2b47d 100644
--- a/app/models/project.rb
+++ b/app/models/project.rb
@@ -249,6 +249,7 @@ class Project < ActiveRecord::Base
   delegate :members, to: :team, prefix: true
   delegate :add_user, :add_users, to: :team
   delegate :add_guest, :add_reporter, :add_developer, :add_master, :add_role, to: :team
+  delegate :group_runners_enabled, :group_runners_enabled=, :group_runners_enabled?, to: :settings
 
   # Validations
   validates :creator, presence: true, on: :create
@@ -1893,6 +1894,10 @@ class Project < ActiveRecord::Base
     []
   end
 
+  def toggle_settings!(settings_attribute)
+    settings.toggle!(settings_attribute)
+  end
+
   private
 
   def storage
diff --git a/db/migrate/20170925142221_add_group_runners_enabled_to_projects.rb b/db/migrate/20170925142221_add_group_runners_enabled_to_projects.rb
deleted file mode 100644
index 8df7be39ee1..00000000000
--- a/db/migrate/20170925142221_add_group_runners_enabled_to_projects.rb
+++ /dev/null
@@ -1,16 +0,0 @@
-class AddGroupRunnersEnabledToProjects < ActiveRecord::Migration
-  include Gitlab::Database::MigrationHelpers
-
-  DOWNTIME = false
-
-  disable_ddl_transaction!
-
-  def up
-    add_column_with_default :projects, :group_runners_enabled, :boolean, default: true
-    add_concurrent_index :projects, :group_runners_enabled
-  end
-
-  def down
-    remove_column :projects, :group_runners_enabled
-  end
-end
diff --git a/db/migrate/20171030155459_create_project_settings.rb b/db/migrate/20171030155459_create_project_settings.rb
index eeb449505b8..ebbe4c64fbd 100644
--- a/db/migrate/20171030155459_create_project_settings.rb
+++ b/db/migrate/20171030155459_create_project_settings.rb
@@ -7,6 +7,8 @@ class CreateProjectSettings < ActiveRecord::Migration
   def change
     create_table :project_settings do |t|
       t.references :project, index: true, foreign_key: { on_delete: :cascade }
+
+      t.boolean :group_runners_enabled, default: true, index: true
     end
   end
 end
diff --git a/db/schema.rb b/db/schema.rb
index b199342dc15..9bb5c9d3c97 100644
--- a/db/schema.rb
+++ b/db/schema.rb
@@ -1506,8 +1506,10 @@ ActiveRecord::Schema.define(version: 20180418053107) do
 
   create_table "project_settings", force: :cascade do |t|
     t.integer "project_id"
+    t.boolean "group_runners_enabled", default: true
   end
 
+  add_index "project_settings", ["group_runners_enabled"], name: "index_project_settings_on_group_runners_enabled", using: :btree
   add_index "project_settings", ["project_id"], name: "index_project_settings_on_project_id", using: :btree
 
   create_table "project_statistics", force: :cascade do |t|
@@ -1581,7 +1583,6 @@ ActiveRecord::Schema.define(version: 20180418053107) do
   add_index "projects", ["created_at"], name: "index_projects_on_created_at", using: :btree
   add_index "projects", ["creator_id"], name: "index_projects_on_creator_id", using: :btree
   add_index "projects", ["description"], name: "index_projects_on_description_trigram", using: :gin, opclasses: {"description"=>"gin_trgm_ops"}
-  add_index "projects", ["group_runners_enabled"], name: "index_projects_on_group_runners_enabled", using: :btree
   add_index "projects", ["id"], name: "index_projects_on_id_partial_for_visibility", unique: true, where: "(visibility_level = ANY (ARRAY[10, 20]))", using: :btree
   add_index "projects", ["last_activity_at"], name: "index_projects_on_last_activity_at", using: :btree
   add_index "projects", ["last_repository_check_failed"], name: "index_projects_on_last_repository_check_failed", using: :btree
diff --git a/spec/factories/projects.rb b/spec/factories/projects.rb
index 1761b6e2a3b..ad33d09f78a 100644
--- a/spec/factories/projects.rb
+++ b/spec/factories/projects.rb
@@ -15,14 +15,18 @@ FactoryBot.define do
     namespace
     creator { group ? create(:user) : namespace&.owner }
 
-    # Nest Project Feature attributes
     transient do
+      # Nest Project Feature attributes
       wiki_access_level ProjectFeature::ENABLED
       builds_access_level ProjectFeature::ENABLED
       snippets_access_level ProjectFeature::ENABLED
       issues_access_level ProjectFeature::ENABLED
       merge_requests_access_level ProjectFeature::ENABLED
       repository_access_level ProjectFeature::ENABLED
+
+      # we can't assign the delegated `#settings` attributes directly, as the
+      # `#settings` relation needs to be created first
+      group_runners_enabled nil
     end
 
     after(:create) do |project, evaluator|
@@ -47,6 +51,9 @@ FactoryBot.define do
       end
 
       project.group&.refresh_members_authorized_projects
+
+      # assign the delegated `#settings` attributes after create
+      project.reload.group_runners_enabled = evaluator.group_runners_enabled unless evaluator.group_runners_enabled.nil?
     end
 
     trait :public do
diff --git a/spec/models/project_spec.rb b/spec/models/project_spec.rb
index e0f442a334c..ed28cd50e4d 100644
--- a/spec/models/project_spec.rb
+++ b/spec/models/project_spec.rb
@@ -3640,4 +3640,16 @@ describe Project do
       it { is_expected.not_to be_valid }
     end
   end
+
+  describe '#toggle_settings!' do
+    it 'toggles the value on #settings' do
+      project = create :project, group_runners_enabled: false
+
+      expect(project.group_runners_enabled).to be false
+
+      project.toggle_settings!(:group_runners_enabled)
+
+      expect(project.group_runners_enabled).to be true
+    end
+  end
 end

From d4bda7c1a5b4c11526cc0b4f62bd4e83eebfb01f Mon Sep 17 00:00:00 2001
From: Alexis Reigel <alexis.reigel.ext@siemens.com>
Date: Thu, 9 Nov 2017 15:19:25 +0100
Subject: [PATCH 037/129] use union for Project#any_runners?

---
 app/models/project.rb | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/app/models/project.rb b/app/models/project.rb
index 3daedc2b47d..220fd17fbc2 100644
--- a/app/models/project.rb
+++ b/app/models/project.rb
@@ -1324,9 +1324,9 @@ class Project < ActiveRecord::Base
   end
 
   def any_runners?(&block)
-    active_runners.any?(&block) ||
-      active_shared_runners.any?(&block) ||
-      active_group_runners.any?(&block)
+    union = Gitlab::SQL::Union.new([active_runners, active_shared_runners, active_group_runners])
+    runners = Ci::Runner.from("(#{union.to_sql}) ci_runners")
+    runners.any?(&block)
   end
 
   def valid_runners_token?(token)

From 316ccb64a738d376de57b9df76dbec732f0d9eff Mon Sep 17 00:00:00 2001
From: Alexis Reigel <alexis.reigel.ext@siemens.com>
Date: Thu, 9 Nov 2017 15:30:08 +0100
Subject: [PATCH 038/129] add `active` scope only once, inline methods

---
 app/models/project.rb       | 14 ++------------
 spec/models/project_spec.rb |  1 -
 2 files changed, 2 insertions(+), 13 deletions(-)

diff --git a/app/models/project.rb b/app/models/project.rb
index 220fd17fbc2..c5e61193c04 100644
--- a/app/models/project.rb
+++ b/app/models/project.rb
@@ -225,8 +225,6 @@ class Project < ActiveRecord::Base
   has_many :project_deploy_tokens
   has_many :deploy_tokens, through: :project_deploy_tokens
 
-  has_many :active_runners, -> { active }, through: :runner_projects, source: :runner, class_name: 'Ci::Runner'
-
   has_one :auto_devops, class_name: 'ProjectAutoDevops'
   has_many :custom_attributes, class_name: 'ProjectCustomAttribute'
 
@@ -1311,21 +1309,13 @@ class Project < ActiveRecord::Base
     @shared_runners ||= shared_runners_enabled? ? Ci::Runner.shared : Ci::Runner.none
   end
 
-  def active_shared_runners
-    @active_shared_runners ||= shared_runners.active
-  end
-
   def group_runners
     @group_runners ||= group_runners_enabled? ? Ci::Runner.belonging_to_group(self.id) : Ci::Runner.none
   end
 
-  def active_group_runners
-    @active_group_runners ||= group_runners.active
-  end
-
   def any_runners?(&block)
-    union = Gitlab::SQL::Union.new([active_runners, active_shared_runners, active_group_runners])
-    runners = Ci::Runner.from("(#{union.to_sql}) ci_runners")
+    union = Gitlab::SQL::Union.new([runners, shared_runners, group_runners])
+    runners = Ci::Runner.from("(#{union.to_sql}) ci_runners").active
     runners.any?(&block)
   end
 
diff --git a/spec/models/project_spec.rb b/spec/models/project_spec.rb
index ed28cd50e4d..9c78f7b8bd6 100644
--- a/spec/models/project_spec.rb
+++ b/spec/models/project_spec.rb
@@ -63,7 +63,6 @@ describe Project do
     it { is_expected.to have_many(:build_trace_section_names)}
     it { is_expected.to have_many(:runner_projects) }
     it { is_expected.to have_many(:runners) }
-    it { is_expected.to have_many(:active_runners) }
     it { is_expected.to have_many(:variables) }
     it { is_expected.to have_many(:triggers) }
     it { is_expected.to have_many(:pages_domains) }

From 1acd8eb740dd070a5290d8a36c03e1b6f9691dba Mon Sep 17 00:00:00 2001
From: Alexis Reigel <alexis.reigel.ext@siemens.com>
Date: Thu, 7 Dec 2017 17:21:16 +0100
Subject: [PATCH 039/129] ci runners: assigned to either projects or group

---
 app/models/ci/runner.rb       | 11 +++++++
 spec/models/ci/runner_spec.rb | 57 +++++++++++++++++++++++++++++++++++
 2 files changed, 68 insertions(+)

diff --git a/app/models/ci/runner.rb b/app/models/ci/runner.rb
index b220ece3092..3a3f41cdf35 100644
--- a/app/models/ci/runner.rb
+++ b/app/models/ci/runner.rb
@@ -50,6 +50,7 @@ module Ci
     end
 
     validate :tag_constraints
+    validate :either_projects_or_group
     validates :access_level, presence: true
 
     acts_as_taggable
@@ -227,6 +228,16 @@ module Ci
       self.class.owned_or_shared(project_id).where(id: self.id).any?
     end
 
+    def either_projects_or_group
+      if groups.length > 1
+        errors.add(:runner, 'can only be assigned to one group')
+      end
+
+      if groups.length > 0 && projects.length > 0
+        errors.add(:runner, 'can only be assigned either to projects or to a group')
+      end
+    end
+
     def accepting_tags?(build)
       (run_untagged? || build.has_tags?) && (build.tag_list - tag_list).empty?
     end
diff --git a/spec/models/ci/runner_spec.rb b/spec/models/ci/runner_spec.rb
index ba0db43a1e7..fb724f682a5 100644
--- a/spec/models/ci/runner_spec.rb
+++ b/spec/models/ci/runner_spec.rb
@@ -19,6 +19,63 @@ describe Ci::Runner do
         end
       end
     end
+
+    context 'either_projects_or_group' do
+      it 'disallows assigning to a group if already assigned to a group' do
+        group = create(:group)
+        runner = create(:ci_runner, groups: [group])
+
+        runner.groups << build(:group)
+
+        expect(runner).not_to be_valid
+        expect(runner.errors.full_messages).to eq ['Runner can only be assigned to one group']
+      end
+
+      it 'disallows assigning to a group if already assigned to a project' do
+        project = create(:project)
+        runner = create(:ci_runner, projects: [project])
+
+        runner.groups << build(:group)
+
+        expect(runner).not_to be_valid
+        expect(runner.errors.full_messages).to eq ['Runner can only be assigned either to projects or to a group']
+      end
+
+      it 'disallows assigning to a project if already assigned to a group' do
+        group = create(:group)
+        runner = create(:ci_runner, groups: [group])
+
+        runner.projects << build(:project)
+
+        expect(runner).not_to be_valid
+        expect(runner.errors.full_messages).to eq ['Runner can only be assigned either to projects or to a group']
+      end
+
+      it 'allows assigning to a group if not assigned to a group nor a project' do
+        runner = create(:ci_runner)
+
+        runner.groups << build(:group)
+
+        expect(runner).to be_valid
+      end
+
+      it 'allows assigning to a project if not assigned to a group nor a project' do
+        runner = create(:ci_runner)
+
+        runner.projects << build(:project)
+
+        expect(runner).to be_valid
+      end
+
+      it 'allows assigning to a project if already assigned to a project' do
+        project = create(:project)
+        runner = create(:ci_runner, projects: [project])
+
+        runner.projects << build(:project)
+
+        expect(runner).to be_valid
+      end
+    end
   end
 
   describe '#access_level' do

From 9bed8de9100a394257a4a55e8b87bcfd015f0fbd Mon Sep 17 00:00:00 2001
From: Alexis Reigel <alexis.reigel.ext@siemens.com>
Date: Tue, 19 Dec 2017 15:12:21 +0100
Subject: [PATCH 040/129] simplify runner selection

don't differentiate between the different runner types, instead we rely
on the Runner model to provide the available projects.
scheduling is now applied to all runners equally.
---
 app/models/ci/runner.rb                       | 18 +++++
 app/services/ci/register_job_service.rb       | 70 ++++---------------
 spec/models/ci/runner_spec.rb                 | 67 ++++++++++++++++++
 spec/services/ci/register_job_service_spec.rb | 41 ++++++++++-
 4 files changed, 137 insertions(+), 59 deletions(-)

diff --git a/app/models/ci/runner.rb b/app/models/ci/runner.rb
index 3a3f41cdf35..9139e5c830b 100644
--- a/app/models/ci/runner.rb
+++ b/app/models/ci/runner.rb
@@ -94,6 +94,24 @@ module Ci
       self.token = SecureRandom.hex(15) if self.token.blank?
     end
 
+    def accessible_projects
+      accessible_projects =
+        if shared?
+          Project.with_shared_runners
+        elsif project?
+          projects
+        elsif group?
+          hierarchy_groups = Gitlab::GroupHierarchy.new(groups).base_and_descendants
+          Project.where(namespace_id: hierarchy_groups)
+        else
+          Project.none
+        end
+
+      accessible_projects
+        .with_builds_enabled
+        .without_deleted
+    end
+
     def assign_to(project, current_user = nil)
       self.is_shared = false if shared?
       self.save
diff --git a/app/services/ci/register_job_service.rb b/app/services/ci/register_job_service.rb
index 000ae3539e3..64549ea3ce2 100644
--- a/app/services/ci/register_job_service.rb
+++ b/app/services/ci/register_job_service.rb
@@ -14,14 +14,7 @@ module Ci
     end
 
     def execute
-      builds =
-        if runner.shared?
-          builds_for_shared_runner
-        elsif runner.group?
-          builds_for_group_runner
-        else
-          builds_for_specific_runner
-        end
+      builds = builds_for_runner
 
       valid = true
 
@@ -70,62 +63,27 @@ module Ci
 
     private
 
-    def builds_for_shared_runner
-      builds_for_scheduled_runner(
-        running_builds_for_shared_runners,
-        projects: { shared_runners_enabled: true }
-      )
+    def builds_for_runner
+      new_builds
+        .joins("LEFT JOIN (#{running_projects.to_sql}) AS running_projects ON ci_builds.project_id=running_projects.project_id")
+        .order('COALESCE(running_projects.running_builds, 0) ASC', 'ci_builds.id ASC')
     end
 
-    def builds_for_group_runner
-      builds_for_scheduled_runner(
-        running_builds_for_group_runners,
-        projects: { group_runners_enabled: true }
-      )
+    # New builds from the accessible projects
+    def new_builds
+      filter_builds(Ci::Build.pending.unstarted)
     end
 
-    def builds_for_scheduled_runner(build_join, project_where)
-      project_where = project_where.deep_merge(projects: { pending_delete: false })
-
-      # don't run projects which have not enabled group runners and builds
-      builds = new_builds
-        .joins(:project).where(project_where)
-        .joins('LEFT JOIN project_features ON ci_builds.project_id = project_features.project_id')
-        .where('project_features.builds_access_level IS NULL or project_features.builds_access_level > 0')
-
-      # Implement fair scheduling
-      # this returns builds that are ordered by number of running builds
-      # we prefer projects that don't use group runners at all
-      builds
-        .joins("LEFT JOIN (#{build_join.to_sql}) AS project_builds ON ci_builds.project_id=project_builds.project_id")
-        .order('COALESCE(project_builds.running_builds, 0) ASC', 'ci_builds.id ASC')
-    end
-
-    def builds_for_specific_runner
-      new_builds.where(project: runner.projects.without_deleted.with_builds_enabled).order('created_at ASC')
-    end
-
-    def running_builds_for_shared_runners
-      running_builds_for_runners(Ci::Runner.shared)
-    end
-
-    def running_builds_for_group_runners
-      running_builds_for_runners(Ci::Runner.joins(:runner_groups))
-    end
-
-    def running_builds_for_runners(runners)
-      Ci::Build.running.where(runner: runners)
+    # Count running builds from the accessible projects
+    def running_projects
+      filter_builds(Ci::Build.running)
         .group(:project_id).select(:project_id, 'count(*) AS running_builds')
     end
 
-    def new_builds
-      builds = Ci::Build.pending.unstarted
+    # Filter the builds from the accessible projects
+    def filter_builds(builds)
       builds = builds.ref_protected if runner.ref_protected?
-      builds
-    end
-
-    def shared_runner_build_limits_feature_enabled?
-      ENV['DISABLE_SHARED_RUNNER_BUILD_MINUTES_LIMIT'].to_s != 'true'
+      builds.where(project: runner.accessible_projects)
     end
 
     def register_failure
diff --git a/spec/models/ci/runner_spec.rb b/spec/models/ci/runner_spec.rb
index fb724f682a5..512a490d289 100644
--- a/spec/models/ci/runner_spec.rb
+++ b/spec/models/ci/runner_spec.rb
@@ -776,4 +776,71 @@ describe Ci::Runner do
       expect(runner.project?).to be true
     end
   end
+
+  describe '#accessible_projects' do
+    let!(:shared_runner) { create(:ci_runner, :shared) }
+    let!(:shared_project) { create(:project, shared_runners_enabled: true) }
+
+    let!(:project_runner) { create(:ci_runner) }
+    let!(:project_project) { create(:project, runners: [project_runner], shared_runners_enabled: false) }
+
+    let!(:group_runner) { create(:ci_runner) }
+
+    let!(:parent_group) { create(:group) }
+    let!(:parent_group_project) do
+      create(:project, group: parent_group, shared_runners_enabled: false)
+    end
+
+    let!(:group) { create :group, runners: [group_runner], parent: parent_group }
+    let!(:group_project) do
+      create(:project, group: group, shared_runners_enabled: false)
+    end
+
+    let!(:nested_group_project) do
+      nested_group = create :group, parent: group
+      create(:project, group: nested_group, shared_runners_enabled: false)
+    end
+
+    it 'returns the project with a shared runner' do
+      expect(shared_runner.reload.accessible_projects).to eq [shared_project]
+    end
+
+    it 'returns the project with a project runner' do
+      expect(project_runner.reload.accessible_projects).to eq [project_project]
+    end
+
+    it 'returns the projects with a group and nested group runner' do
+      expect(group_runner.reload.accessible_projects).to eq [group_project, nested_group_project]
+    end
+
+    context 'deleted' do
+      before do
+        shared_project.update_attributes!(pending_delete: true)
+        project_project.update_attributes!(pending_delete: true)
+        group_project.update_attributes!(pending_delete: true)
+        nested_group_project.update_attributes!(pending_delete: true)
+      end
+
+      it 'returns no projects' do
+        expect(shared_runner.reload.accessible_projects).to be_empty
+        expect(project_runner.reload.accessible_projects).to be_empty
+        expect(group_runner.reload.accessible_projects).to be_empty
+      end
+    end
+
+    context 'builds disabled' do
+      before do
+        shared_project.update_attributes!(builds_enabled: false)
+        project_project.update_attributes!(builds_enabled: false)
+        group_project.update_attributes!(builds_enabled: false)
+        nested_group_project.update_attributes!(builds_enabled: false)
+      end
+
+      it 'returns no projects' do
+        expect(shared_runner.reload.accessible_projects).to be_empty
+        expect(project_runner.reload.accessible_projects).to be_empty
+        expect(group_runner.reload.accessible_projects).to be_empty
+      end
+    end
+  end
 end
diff --git a/spec/services/ci/register_job_service_spec.rb b/spec/services/ci/register_job_service_spec.rb
index 138ef673527..0c343425392 100644
--- a/spec/services/ci/register_job_service_spec.rb
+++ b/spec/services/ci/register_job_service_spec.rb
@@ -179,6 +179,7 @@ module Ci
           let!(:pipeline2) { create :ci_pipeline, project: project2 }
           let!(:project3) { create :project, group_runners_enabled: true, group: group }
           let!(:pipeline3) { create :ci_pipeline, project: project3 }
+
           let!(:build1_project1) { pending_job }
           let!(:build2_project1) { create :ci_build, pipeline: pipeline }
           let!(:build3_project1) { create :ci_build, pipeline: pipeline }
@@ -186,6 +187,36 @@ module Ci
           let!(:build2_project2) { create :ci_build, pipeline: pipeline2 }
           let!(:build1_project3) { create :ci_build, pipeline: pipeline3 }
 
+          # these shouldn't influence the scheduling
+          let!(:unrelated_group) { create :group }
+          let!(:unrelated_project) { create :project, group_runners_enabled: true, group: unrelated_group }
+          let!(:unrelated_pipeline) { create :ci_pipeline, project: unrelated_project }
+          let!(:build1_unrelated_project) { create :ci_build, pipeline: unrelated_pipeline }
+          let!(:unrelated_group_runner) { create :ci_runner, groups: [unrelated_group] }
+
+          it 'does not consider builds from other group runners' do
+            expect(described_class.new(group_runner).send(:builds_for_runner).count).to eq 6
+            execute(group_runner)
+
+            expect(described_class.new(group_runner).send(:builds_for_runner).count).to eq 5
+            execute(group_runner)
+
+            expect(described_class.new(group_runner).send(:builds_for_runner).count).to eq 4
+            execute(group_runner)
+
+            expect(described_class.new(group_runner).send(:builds_for_runner).count).to eq 3
+            execute(group_runner)
+
+            expect(described_class.new(group_runner).send(:builds_for_runner).count).to eq 2
+            execute(group_runner)
+
+            expect(described_class.new(group_runner).send(:builds_for_runner).count).to eq 1
+            execute(group_runner)
+
+            expect(described_class.new(group_runner).send(:builds_for_runner).count).to eq 0
+            expect(execute(group_runner)).to be_nil
+          end
+
           it 'prefers projects without builds first' do
             # it gets for one build from each of the projects
             expect(execute(group_runner)).to eq(build1_project1)
@@ -198,6 +229,8 @@ module Ci
 
             # in the end the third build
             expect(execute(group_runner)).to eq(build3_project1)
+
+            expect(execute(group_runner)).to be_nil
           end
 
           it 'equalises number of running builds' do
@@ -211,6 +244,8 @@ module Ci
             expect(execute(group_runner)).to eq(build2_project2)
             expect(execute(group_runner)).to eq(build1_project3)
             expect(execute(group_runner)).to eq(build3_project1)
+
+            expect(execute(group_runner)).to be_nil
           end
         end
 
@@ -247,7 +282,7 @@ module Ci
           let!(:other_build) { create :ci_build, pipeline: pipeline }
 
           before do
-            allow_any_instance_of(Ci::RegisterJobService).to receive(:builds_for_specific_runner)
+            allow_any_instance_of(Ci::RegisterJobService).to receive(:builds_for_runner)
               .and_return(Ci::Build.where(id: [pending_job, other_build]))
           end
 
@@ -259,7 +294,7 @@ module Ci
 
         context 'when single build is in queue' do
           before do
-            allow_any_instance_of(Ci::RegisterJobService).to receive(:builds_for_specific_runner)
+            allow_any_instance_of(Ci::RegisterJobService).to receive(:builds_for_runner)
               .and_return(Ci::Build.where(id: pending_job))
           end
 
@@ -270,7 +305,7 @@ module Ci
 
         context 'when there is no build in queue' do
           before do
-            allow_any_instance_of(Ci::RegisterJobService).to receive(:builds_for_specific_runner)
+            allow_any_instance_of(Ci::RegisterJobService).to receive(:builds_for_runner)
               .and_return(Ci::Build.none)
           end
 

From c585004b59e5fbd5e925dacb7259916240d1cf5a Mon Sep 17 00:00:00 2001
From: Alexis Reigel <alexis.reigel.ext@siemens.com>
Date: Tue, 19 Dec 2017 16:40:19 +0100
Subject: [PATCH 041/129] restrict projects ci controller to project runners

---
 .../projects/settings/ci_cd_controller.rb         |  9 +++++++--
 app/models/ci/runner.rb                           |  7 ++++++-
 .../projects/settings/ci_cd_controller_spec.rb    | 11 +++++++++++
 spec/models/ci/runner_spec.rb                     | 15 +++++++++++++++
 4 files changed, 39 insertions(+), 3 deletions(-)

diff --git a/app/controllers/projects/settings/ci_cd_controller.rb b/app/controllers/projects/settings/ci_cd_controller.rb
index 05d545e97a7..72a9b74767f 100644
--- a/app/controllers/projects/settings/ci_cd_controller.rb
+++ b/app/controllers/projects/settings/ci_cd_controller.rb
@@ -68,8 +68,13 @@ module Projects
       def define_runners_variables
         @project_runners = @project.runners.ordered
 
-        @assignable_runners = current_user.ci_authorized_runners
-          .assignable_for(project).ordered.page(params[:page]).per(20)
+        @assignable_runners = current_user
+          .ci_authorized_runners
+          .assignable_for(project)
+          .ordered
+          .belonging_to_any_project
+          .page(params[:page]).per(20)
+
         @shared_runners = ::Ci::Runner.shared.active
 
         @shared_runners_count = @shared_runners.count(:all)
diff --git a/app/models/ci/runner.rb b/app/models/ci/runner.rb
index 9139e5c830b..42871163017 100644
--- a/app/models/ci/runner.rb
+++ b/app/models/ci/runner.rb
@@ -27,9 +27,13 @@ module Ci
     scope :paused, -> { where(active: false) }
     scope :online, -> { where('contacted_at > ?', contact_time_deadline) }
     scope :ordered, -> { order(id: :desc) }
+
     scope :belonging_to_project, -> (project_id) {
       joins(:runner_projects).where(ci_runner_projects: { project_id: project_id })
     }
+
+    scope :belonging_to_any_project, -> { joins(:runner_projects) }
+
     scope :belonging_to_group, -> (project_id) {
       project_groups = ::Group.joins(:projects).where(projects: { id: project_id })
       hierarchy_groups = Gitlab::GroupHierarchy.new(project_groups).base_and_ancestors
@@ -46,7 +50,8 @@ module Ci
       # FIXME: That `to_sql` is needed to workaround a weird Rails bug.
       #        Without that, placeholders would miss one and couldn't match.
       where(locked: false)
-        .where.not("id IN (#{project.runners.select(:id).to_sql})").specific
+        .where.not("ci_runners.id IN (#{project.runners.select(:id).to_sql})")
+        .specific
     end
 
     validate :tag_constraints
diff --git a/spec/controllers/projects/settings/ci_cd_controller_spec.rb b/spec/controllers/projects/settings/ci_cd_controller_spec.rb
index 7dae9b85d78..1cf395b0328 100644
--- a/spec/controllers/projects/settings/ci_cd_controller_spec.rb
+++ b/spec/controllers/projects/settings/ci_cd_controller_spec.rb
@@ -17,6 +17,17 @@ describe Projects::Settings::CiCdController do
       expect(response).to have_gitlab_http_status(200)
       expect(response).to render_template(:show)
     end
+
+    it 'sets assignable project runners' do
+      group = create(:group, runners: [create(:ci_runner)], parent: create(:group))
+      group.add_master(user)
+      project_runner = create(:ci_runner, projects: [create(:project, group: group)])
+      create(:ci_runner, :shared)
+
+      get :show, namespace_id: project.namespace, project_id: project
+
+      expect(assigns(:assignable_runners)).to eq [project_runner]
+    end
   end
 
   describe '#reset_cache' do
diff --git a/spec/models/ci/runner_spec.rb b/spec/models/ci/runner_spec.rb
index 512a490d289..3e85e3c92e3 100644
--- a/spec/models/ci/runner_spec.rb
+++ b/spec/models/ci/runner_spec.rb
@@ -136,6 +136,21 @@ describe Ci::Runner do
     end
   end
 
+  describe '.belonging_to_any_project' do
+    it 'returns the specific project runner' do
+      # project
+      project_project = create :project
+      project_runner = create :ci_runner, :specific, projects: [project_project]
+
+      # group
+      group = create :group
+      create :project, group: group
+      create :ci_runner, :specific, groups: [group]
+
+      expect(described_class.belonging_to_any_project).to eq [project_runner]
+    end
+  end
+
   describe '.belonging_to_group' do
     it 'returns the specific group runner' do
       # own

From bfc694f5117aa12a2224b567a74f196c320a6d75 Mon Sep 17 00:00:00 2001
From: Alexis Reigel <alexis.reigel.ext@siemens.com>
Date: Tue, 19 Dec 2017 18:04:33 +0100
Subject: [PATCH 042/129] show group runners setup only to group master

---
 .../projects/runners/_group_runners.html.haml |  7 +-
 spec/features/runners_spec.rb                 | 90 ++++++++++++-------
 2 files changed, 63 insertions(+), 34 deletions(-)

diff --git a/app/views/projects/runners/_group_runners.html.haml b/app/views/projects/runners/_group_runners.html.haml
index 785abba945b..a9dfd9cc786 100644
--- a/app/views/projects/runners/_group_runners.html.haml
+++ b/app/views/projects/runners/_group_runners.html.haml
@@ -20,8 +20,11 @@
 - elsif @group_runners.empty?
   This group does not provide any group Runners yet.
 
-  = render partial: 'ci/runner/how_to_setup_runner',
-           locals: { registration_token: @project.group.runners_token, type: 'group' }
+  - if can?(current_user, :admin_pipeline, @project.group)
+    = render partial: 'ci/runner/how_to_setup_runner',
+             locals: { registration_token: @project.group.runners_token, type: 'group' }
+  - else
+    Ask your group master to setup a group Runner.
 
 - else
   %h4.underlined-title Available group Runners : #{@group_runners.count}
diff --git a/spec/features/runners_spec.rb b/spec/features/runners_spec.rb
index dcd06a4015d..b396e103345 100644
--- a/spec/features/runners_spec.rb
+++ b/spec/features/runners_spec.rb
@@ -187,51 +187,77 @@ feature 'Runners' do
       project.add_master(user)
     end
 
-    context 'project without a group' do
-      given(:project) { create :project }
+    given(:group) { create :group }
 
-      scenario 'group runners are not available' do
-        visit runners_path(project)
+    context 'as project and group master' do
+      background do
+        group.add_master(user)
+      end
 
-        expect(page).to have_content 'This project does not belong to a group and can therefore not make use of group Runners.'
+      context 'project with a group but no group runner' do
+        given(:project) { create :project, group: group }
+
+        scenario 'group runners are not available' do
+          visit runners_path(project)
+
+          expect(page).to have_content 'This group does not provide any group Runners yet.'
+
+          expect(page).to have_content 'Setup a group Runner manually'
+          expect(page).not_to have_content 'Ask your group master to setup a group Runner.'
+        end
       end
     end
 
-    context 'project with a group but no group runner' do
-      given(:group) { create :group }
-      given(:project) { create :project, group: group }
+    context 'as project master' do
+      context 'project without a group' do
+        given(:project) { create :project }
 
-      scenario 'group runners are not available' do
-        visit runners_path(project)
+        scenario 'group runners are not available' do
+          visit runners_path(project)
 
-        expect(page).to have_content 'This group does not provide any group Runners yet.'
-      end
-    end
-
-    context 'project with a group and a group runner' do
-      given(:group) { create :group }
-      given(:project) { create :project, group: group }
-      given!(:ci_runner) { create :ci_runner, groups: [group], description: 'group-runner' }
-
-      scenario 'group runners are available' do
-        visit runners_path(project)
-
-        expect(page).to have_content 'Available group Runners : 1'
-        expect(page).to have_content 'group-runner'
+          expect(page).to have_content 'This project does not belong to a group and can therefore not make use of group Runners.'
+        end
       end
 
-      scenario 'group runners may be disabled for a project' do
-        visit runners_path(project)
+      context 'project with a group but no group runner' do
+        given(:group) { create :group }
+        given(:project) { create :project, group: group }
 
-        click_on 'Disable group Runners'
+        scenario 'group runners are not available' do
+          visit runners_path(project)
 
-        expect(page).to have_content 'Enable group Runners'
-        expect(project.reload.group_runners_enabled).to be false
+          expect(page).to have_content 'This group does not provide any group Runners yet.'
 
-        click_on 'Enable group Runners'
+          expect(page).not_to have_content 'Setup a group Runner manually'
+          expect(page).to have_content 'Ask your group master to setup a group Runner.'
+        end
+      end
 
-        expect(page).to have_content 'Disable group Runners'
-        expect(project.reload.group_runners_enabled).to be true
+      context 'project with a group and a group runner' do
+        given(:group) { create :group }
+        given(:project) { create :project, group: group }
+        given!(:ci_runner) { create :ci_runner, groups: [group], description: 'group-runner' }
+
+        scenario 'group runners are available' do
+          visit runners_path(project)
+
+          expect(page).to have_content 'Available group Runners : 1'
+          expect(page).to have_content 'group-runner'
+        end
+
+        scenario 'group runners may be disabled for a project' do
+          visit runners_path(project)
+
+          click_on 'Disable group Runners'
+
+          expect(page).to have_content 'Enable group Runners'
+          expect(project.reload.group_runners_enabled).to be false
+
+          click_on 'Enable group Runners'
+
+          expect(page).to have_content 'Disable group Runners'
+          expect(project.reload.group_runners_enabled).to be true
+        end
       end
     end
   end

From 1a009f1bdb4d75dd511df5f15705fcf8ee9d20dd Mon Sep 17 00:00:00 2001
From: Alexis Reigel <alexis.reigel.ext@siemens.com>
Date: Wed, 20 Dec 2017 09:38:58 +0100
Subject: [PATCH 043/129] update MODELS_JSON with new Project#settings attr

---
 spec/lib/gitlab/import_export/all_models.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/spec/lib/gitlab/import_export/all_models.yml b/spec/lib/gitlab/import_export/all_models.yml
index 897a5984782..ad599c8c38a 100644
--- a/spec/lib/gitlab/import_export/all_models.yml
+++ b/spec/lib/gitlab/import_export/all_models.yml
@@ -258,7 +258,6 @@ project:
 - builds
 - runner_projects
 - runners
-- active_runners
 - variables
 - triggers
 - pipeline_schedules
@@ -286,6 +285,7 @@ project:
 - internal_ids
 - project_deploy_tokens
 - deploy_tokens
+- settings
 award_emoji:
 - awardable
 - user

From cc4bc22ae49582652413d45aa2f5b39dd2a15a82 Mon Sep 17 00:00:00 2001
From: Alexis Reigel <alexis.reigel.ext@siemens.com>
Date: Wed, 20 Dec 2017 10:08:54 +0100
Subject: [PATCH 044/129] runner can't be assigned to more than 1 group

therefore we don't need the api check.
---
 lib/api/runners.rb                | 1 -
 spec/requests/api/runners_spec.rb | 9 +--------
 2 files changed, 1 insertion(+), 9 deletions(-)

diff --git a/lib/api/runners.rb b/lib/api/runners.rb
index 84d33879c38..1a05bed3465 100644
--- a/lib/api/runners.rb
+++ b/lib/api/runners.rb
@@ -199,7 +199,6 @@ module API
 
         forbidden!("Runner is shared") if runner.is_shared?
         forbidden!("Runner associated with more than one project") if runner.projects.count > 1
-        forbidden!("Runner associated with more that one group") if runner.groups.count > 1
         forbidden!("No access granted") unless user_can_access_runner?(runner)
       end
 
diff --git a/spec/requests/api/runners_spec.rb b/spec/requests/api/runners_spec.rb
index ab807e399a4..89e21ba9914 100644
--- a/spec/requests/api/runners_spec.rb
+++ b/spec/requests/api/runners_spec.rb
@@ -29,8 +29,6 @@ describe API::Runners do
 
   let!(:group_runner) { create(:ci_runner, description: 'Group runner', groups: [group]) }
 
-  let!(:two_groups_runner) { create(:ci_runner, description: 'Two groups runner', groups: [group, group2]) }
-
   before do
     # Set project access for users
     create(:project_member, :master, user: user, project: project)
@@ -49,7 +47,7 @@ describe API::Runners do
         expect(response).to include_pagination_headers
         expect(json_response).to be_an Array
         expect(descriptions).to contain_exactly(
-          'Project runner', 'Group runner', 'Two projects runner', 'Two groups runner'
+          'Project runner', 'Group runner', 'Two projects runner'
         )
         expect(shared).to be_falsey
       end
@@ -422,11 +420,6 @@ describe API::Runners do
           end.to change { Ci::Runner.specific.count }.by(-1)
         end
 
-        it 'does not delete group runner with more than one associated group' do
-          delete api("/runners/#{two_groups_runner.id}", user)
-          expect(response).to have_http_status(403)
-        end
-
         it 'deletes group runner for one owned group' do
           expect do
             delete api("/runners/#{group_runner.id}", user)

From e13026a378f186c3ef2b08720fa8420ead972f0f Mon Sep 17 00:00:00 2001
From: Alexis Reigel <alexis.reigel.ext@siemens.com>
Date: Mon, 26 Feb 2018 15:10:48 +0100
Subject: [PATCH 045/129] use more efficient AR length check methods

---
 app/models/ci/runner.rb | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/app/models/ci/runner.rb b/app/models/ci/runner.rb
index 42871163017..afd892658dc 100644
--- a/app/models/ci/runner.rb
+++ b/app/models/ci/runner.rb
@@ -252,11 +252,11 @@ module Ci
     end
 
     def either_projects_or_group
-      if groups.length > 1
+      if groups.many?
         errors.add(:runner, 'can only be assigned to one group')
       end
 
-      if groups.length > 0 && projects.length > 0
+      if group? && project?
         errors.add(:runner, 'can only be assigned either to projects or to a group')
       end
     end

From 9447e5c27d8f840eaf4eee9635a5149ab36d93b6 Mon Sep 17 00:00:00 2001
From: Alexis Reigel <alexis.reigel.ext@siemens.com>
Date: Mon, 26 Feb 2018 16:20:29 +0100
Subject: [PATCH 046/129] extract method to adhere to "tell, don't ask"

---
 app/models/ci/runner.rb                       |  6 +++++
 app/services/ci/update_build_queue_service.rb |  2 +-
 spec/models/ci/runner_spec.rb                 | 26 +++++++++++++++++++
 3 files changed, 33 insertions(+), 1 deletion(-)

diff --git a/app/models/ci/runner.rb b/app/models/ci/runner.rb
index afd892658dc..d65395380d6 100644
--- a/app/models/ci/runner.rb
+++ b/app/models/ci/runner.rb
@@ -217,6 +217,12 @@ module Ci
       end
     end
 
+    def invalidate_build_cache!(build)
+      if can_pick?(build)
+        tick_runner_queue
+      end
+    end
+
     private
 
     def cleanup_runner_queue
diff --git a/app/services/ci/update_build_queue_service.rb b/app/services/ci/update_build_queue_service.rb
index ab81766abf3..05dbebc4f8d 100644
--- a/app/services/ci/update_build_queue_service.rb
+++ b/app/services/ci/update_build_queue_service.rb
@@ -16,7 +16,7 @@ module Ci
 
     def tick_for(build, runners)
       runners.each do |runner|
-        runner.tick_runner_queue if runner.can_pick?(build)
+        runner.invalidate_build_cache!(build)
       end
     end
   end
diff --git a/spec/models/ci/runner_spec.rb b/spec/models/ci/runner_spec.rb
index 3e85e3c92e3..23e18efea70 100644
--- a/spec/models/ci/runner_spec.rb
+++ b/spec/models/ci/runner_spec.rb
@@ -858,4 +858,30 @@ describe Ci::Runner do
       end
     end
   end
+
+  describe '#invalidate_build_cache!' do
+    context 'runner can pick the build' do
+      it 'calls #tick_runner_queue' do
+        ci_build = build :ci_build
+        runner = build :ci_runner
+        allow(runner).to receive(:can_pick?).with(ci_build).and_return(true)
+
+        expect(runner).to receive(:tick_runner_queue)
+
+        runner.invalidate_build_cache!(ci_build)
+      end
+    end
+
+    context 'runner cannot pick the build' do
+      it 'does not call #tick_runner_queue' do
+        ci_build = build :ci_build
+        runner = build :ci_runner
+        allow(runner).to receive(:can_pick?).with(ci_build).and_return(false)
+
+        expect(runner).not_to receive(:tick_runner_queue)
+
+        runner.invalidate_build_cache!(ci_build)
+      end
+    end
+  end
 end

From 92cbf9453a4435976bfe77cafd0f8c5f57833e59 Mon Sep 17 00:00:00 2001
From: Dylan Griffith <dyl.griffith@gmail.com>
Date: Thu, 26 Apr 2018 10:39:04 +0800
Subject: [PATCH 047/129] Switch to using ProjectCiCdSetting for
 group_runners_enabled and remove ProjectSettings

---
 .../projects/runners_controller.rb            |  2 +-
 app/models/project.rb                         | 14 +++--------
 app/models/project_settings.rb                |  3 ---
 .../20171030155459_create_project_settings.rb | 14 -----------
 db/schema.rb                                  |  9 -------
 spec/models/project_spec.rb                   | 24 ++-----------------
 6 files changed, 6 insertions(+), 60 deletions(-)
 delete mode 100644 app/models/project_settings.rb
 delete mode 100644 db/migrate/20171030155459_create_project_settings.rb

diff --git a/app/controllers/projects/runners_controller.rb b/app/controllers/projects/runners_controller.rb
index 992e42d9348..b9bbe7115c4 100644
--- a/app/controllers/projects/runners_controller.rb
+++ b/app/controllers/projects/runners_controller.rb
@@ -53,7 +53,7 @@ class Projects::RunnersController < Projects::ApplicationController
   end
 
   def toggle_group_runners
-    project.toggle_settings!(:group_runners_enabled)
+    project.toggle_ci_cd_settings!(:group_runners_enabled)
 
     redirect_to project_settings_ci_cd_path(@project)
   end
diff --git a/app/models/project.rb b/app/models/project.rb
index dddc7fb2b27..19024b4ea85 100644
--- a/app/models/project.rb
+++ b/app/models/project.rb
@@ -236,14 +236,6 @@ class Project < ActiveRecord::Base
   has_many :project_badges, class_name: 'ProjectBadge'
   has_one :ci_cd_settings, class_name: 'ProjectCiCdSetting'
 
-  has_one :settings, -> (project) {
-    query = where(project_id: project)
-    query.presence || begin
-      ProjectSettings.create(project_id: project.id)
-      query
-    end
-  }, class_name: 'ProjectSettings'
-
   accepts_nested_attributes_for :variables, allow_destroy: true
   accepts_nested_attributes_for :project_feature, update_only: true
   accepts_nested_attributes_for :import_data
@@ -253,7 +245,7 @@ class Project < ActiveRecord::Base
   delegate :members, to: :team, prefix: true
   delegate :add_user, :add_users, to: :team
   delegate :add_guest, :add_reporter, :add_developer, :add_master, :add_role, to: :team
-  delegate :group_runners_enabled, :group_runners_enabled=, :group_runners_enabled?, to: :settings
+  delegate :group_runners_enabled, :group_runners_enabled=, :group_runners_enabled?, to: :ci_cd_settings
 
   # Validations
   validates :creator, presence: true, on: :create
@@ -1879,8 +1871,8 @@ class Project < ActiveRecord::Base
     []
   end
 
-  def toggle_settings!(settings_attribute)
-    settings.toggle!(settings_attribute)
+  def toggle_ci_cd_settings!(settings_attribute)
+    ci_cd_settings.toggle!(settings_attribute)
   end
 
   def gitlab_deploy_token
diff --git a/app/models/project_settings.rb b/app/models/project_settings.rb
deleted file mode 100644
index b126f66fafa..00000000000
--- a/app/models/project_settings.rb
+++ /dev/null
@@ -1,3 +0,0 @@
-class ProjectSettings < ActiveRecord::Base
-  belongs_to :project
-end
diff --git a/db/migrate/20171030155459_create_project_settings.rb b/db/migrate/20171030155459_create_project_settings.rb
deleted file mode 100644
index ebbe4c64fbd..00000000000
--- a/db/migrate/20171030155459_create_project_settings.rb
+++ /dev/null
@@ -1,14 +0,0 @@
-# See http://doc.gitlab.com/ce/development/migration_style_guide.html
-# for more information on how to write migrations for GitLab.
-
-class CreateProjectSettings < ActiveRecord::Migration
-  DOWNTIME = false
-
-  def change
-    create_table :project_settings do |t|
-      t.references :project, index: true, foreign_key: { on_delete: :cascade }
-
-      t.boolean :group_runners_enabled, default: true, index: true
-    end
-  end
-end
diff --git a/db/schema.rb b/db/schema.rb
index 7eebe94a8a6..233423aaa90 100644
--- a/db/schema.rb
+++ b/db/schema.rb
@@ -1511,14 +1511,6 @@ ActiveRecord::Schema.define(version: 20180425131009) do
 
   add_index "project_import_data", ["project_id"], name: "index_project_import_data_on_project_id", using: :btree
 
-  create_table "project_settings", force: :cascade do |t|
-    t.integer "project_id"
-    t.boolean "group_runners_enabled", default: true
-  end
-
-  add_index "project_settings", ["group_runners_enabled"], name: "index_project_settings_on_group_runners_enabled", using: :btree
-  add_index "project_settings", ["project_id"], name: "index_project_settings_on_project_id", using: :btree
-
   create_table "project_statistics", force: :cascade do |t|
     t.integer "project_id", null: false
     t.integer "namespace_id", null: false
@@ -2200,7 +2192,6 @@ ActiveRecord::Schema.define(version: 20180425131009) do
   add_foreign_key "project_features", "projects", name: "fk_18513d9b92", on_delete: :cascade
   add_foreign_key "project_group_links", "projects", name: "fk_daa8cee94c", on_delete: :cascade
   add_foreign_key "project_import_data", "projects", name: "fk_ffb9ee3a10", on_delete: :cascade
-  add_foreign_key "project_settings", "projects", on_delete: :cascade
   add_foreign_key "project_statistics", "projects", on_delete: :cascade
   add_foreign_key "protected_branch_merge_access_levels", "protected_branches", name: "fk_8a3072ccb3", on_delete: :cascade
   add_foreign_key "protected_branch_push_access_levels", "protected_branches", name: "fk_9ffc86a3d9", on_delete: :cascade
diff --git a/spec/models/project_spec.rb b/spec/models/project_spec.rb
index 265941acbe7..7392b75e37c 100644
--- a/spec/models/project_spec.rb
+++ b/spec/models/project_spec.rb
@@ -123,26 +123,6 @@ describe Project do
         expect(subject.boards.size).to eq 1
       end
     end
-
-    describe '#settings' do
-      it 'creates lazily a settings record when the project does not have one associated' do
-        project = create :project
-        expect(ProjectSettings.count).to eq 0
-
-        expect(project.settings).to be_a ProjectSettings
-
-        expect(ProjectSettings.count).to eq 1
-      end
-
-      it 'returns the associated record when the project has one associated' do
-        project = create :project, settings: create(:project_settings)
-        expect(ProjectSettings.count).to eq 1
-
-        expect(project.settings).to be_a ProjectSettings
-
-        expect(ProjectSettings.count).to eq 1
-      end
-    end
   end
 
   describe 'modules' do
@@ -3595,13 +3575,13 @@ describe Project do
     end
   end
 
-  describe '#toggle_settings!' do
+  describe '#toggle_ci_cd_settings!' do
     it 'toggles the value on #settings' do
       project = create :project, group_runners_enabled: false
 
       expect(project.group_runners_enabled).to be false
 
-      project.toggle_settings!(:group_runners_enabled)
+      project.toggle_ci_cd_settings!(:group_runners_enabled)
 
       expect(project.group_runners_enabled).to be true
     end

From 77c72c688d70104c776bbb76d3490ec53e10a56d Mon Sep 17 00:00:00 2001
From: Dylan Griffith <dyl.griffith@gmail.com>
Date: Thu, 26 Apr 2018 13:23:35 +0800
Subject: [PATCH 048/129] Increase PipelineSerializer query limit count to
 support new group runner queries

---
 spec/serializers/pipeline_serializer_spec.rb | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/spec/serializers/pipeline_serializer_spec.rb b/spec/serializers/pipeline_serializer_spec.rb
index f51c11b141f..e88e86c2998 100644
--- a/spec/serializers/pipeline_serializer_spec.rb
+++ b/spec/serializers/pipeline_serializer_spec.rb
@@ -118,7 +118,7 @@ describe PipelineSerializer do
         it 'verifies number of queries', :request_store do
           recorded = ActiveRecord::QueryRecorder.new { subject }
 
-          expect(recorded.count).to be_within(1).of(36)
+          expect(recorded.count).to be_within(1).of(44)
           expect(recorded.cached_count).to eq(0)
         end
       end

From a39e994064e76e9dcf86067ef5f4173de31ed731 Mon Sep 17 00:00:00 2001
From: Dylan Griffith <dyl.griffith@gmail.com>
Date: Thu, 26 Apr 2018 13:32:13 +0800
Subject: [PATCH 049/129] Exclude group_runners_enabled in project
 import/export

---
 lib/gitlab/import_export/import_export.yml | 1 +
 1 file changed, 1 insertion(+)

diff --git a/lib/gitlab/import_export/import_export.yml b/lib/gitlab/import_export/import_export.yml
index 0d1c4f73c6e..f1978d06884 100644
--- a/lib/gitlab/import_export/import_export.yml
+++ b/lib/gitlab/import_export/import_export.yml
@@ -107,6 +107,7 @@ excluded_attributes:
     - :last_repository_check_at
     - :storage_version
     - :description_html
+    - :group_runners_enabled
   snippets:
     - :expired_at
   merge_request_diff:

From 85e04cde4155cc4d998764a031fe5cea454c2a84 Mon Sep 17 00:00:00 2001
From: Dylan Griffith <dyl.griffith@gmail.com>
Date: Thu, 26 Apr 2018 13:36:14 +0800
Subject: [PATCH 050/129] Remove spec/factories/project_settings.rb since model
 no longer exists

---
 spec/factories/project_settings.rb | 5 -----
 1 file changed, 5 deletions(-)
 delete mode 100644 spec/factories/project_settings.rb

diff --git a/spec/factories/project_settings.rb b/spec/factories/project_settings.rb
deleted file mode 100644
index 90240ee6de0..00000000000
--- a/spec/factories/project_settings.rb
+++ /dev/null
@@ -1,5 +0,0 @@
-FactoryBot.define do
-  factory :project_settings do
-    project
-  end
-end

From 0f9f5e82ad5c4898e7c206ff0d574a3e141f3433 Mon Sep 17 00:00:00 2001
From: Dylan Griffith <dyl.griffith@gmail.com>
Date: Thu, 26 Apr 2018 14:43:17 +0800
Subject: [PATCH 051/129] Fix spec/models/user_spec.rb for
 #ci_authorized_runners

---
 spec/models/user_spec.rb | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/spec/models/user_spec.rb b/spec/models/user_spec.rb
index 79447a65e94..df2e547ce28 100644
--- a/spec/models/user_spec.rb
+++ b/spec/models/user_spec.rb
@@ -1897,7 +1897,7 @@ describe User do
       let(:group) { create(:group) }
       let(:another_user) { create(:user) }
       let(:subgroup) { create(:group, parent: group) }
-      let(:project) { create(:project, group: subgroup) }
+      let!(:project) { create(:project, group: subgroup, runners: [runner_1]) }
 
       def add_user(access)
         group.add_user(user, access)

From ff219759303dc03f66bb1a160aafa2fca7ac9308 Mon Sep 17 00:00:00 2001
From: Dylan Griffith <dyl.griffith@gmail.com>
Date: Fri, 27 Apr 2018 08:05:46 +0800
Subject: [PATCH 052/129] Tag runner_spec tests for subgroups with
 nested_groups

---
 spec/models/ci/runner_spec.rb | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/spec/models/ci/runner_spec.rb b/spec/models/ci/runner_spec.rb
index 23e18efea70..1df11fdedf4 100644
--- a/spec/models/ci/runner_spec.rb
+++ b/spec/models/ci/runner_spec.rb
@@ -166,7 +166,7 @@ describe Ci::Runner do
       expect(described_class.belonging_to_group(specific_project.id)).to eq [specific_runner]
     end
 
-    it 'returns the group runner from a parent group' do
+    it 'returns the group runner from a parent group', :nested_groups do
       parent_group = create :group
       group = create :group, parent: parent_group
       project = create :project, group: group
@@ -824,7 +824,7 @@ describe Ci::Runner do
       expect(project_runner.reload.accessible_projects).to eq [project_project]
     end
 
-    it 'returns the projects with a group and nested group runner' do
+    it 'returns the projects with a group and nested group runner', :nested_groups do
       expect(group_runner.reload.accessible_projects).to eq [group_project, nested_group_project]
     end
 

From 329d535bbcf8ceafd3b000c5cd224173f441310b Mon Sep 17 00:00:00 2001
From: Dylan Griffith <dyl.griffith@gmail.com>
Date: Fri, 27 Apr 2018 08:56:13 +0800
Subject: [PATCH 053/129] Add extra spec for Project#any_runners? to test block
 properly

---
 spec/models/project_spec.rb | 15 +++++++++++++++
 1 file changed, 15 insertions(+)

diff --git a/spec/models/project_spec.rb b/spec/models/project_spec.rb
index 7392b75e37c..ab0694e6890 100644
--- a/spec/models/project_spec.rb
+++ b/spec/models/project_spec.rb
@@ -1165,6 +1165,11 @@ describe Project do
           project.runners << specific_runner
           expect(project.any_runners? { |runner| runner == specific_runner }).to be_truthy
         end
+
+        it 'returns false if match cannot be found' do
+          project.runners << specific_runner
+          expect(project.any_runners? { false }).to be_falsey
+        end
       end
 
       context 'for shared runners enabled' do
@@ -1179,6 +1184,11 @@ describe Project do
           shared_runner
           expect(project.any_runners? { |runner| runner == shared_runner }).to be_truthy
         end
+
+        it 'returns false if match cannot be found' do
+          shared_runner
+          expect(project.any_runners? { false }).to be_falsey
+        end
       end
     end
 
@@ -1212,6 +1222,11 @@ describe Project do
           group_runner
           expect(project.any_runners? { |runner| runner == group_runner }).to be_truthy
         end
+
+        it 'returns false if match cannot be found' do
+          group_runner
+          expect(project.any_runners? { false }).to be_falsey
+        end
       end
     end
   end

From 3f00f19d37aec52ea6c06c93db240e72ba08a460 Mon Sep 17 00:00:00 2001
From: Dylan Griffith <dyl.griffith@gmail.com>
Date: Fri, 27 Apr 2018 09:01:58 +0800
Subject: [PATCH 054/129] Remove timestamps from ci_runner_groups table

---
 db/migrate/20170301101006_add_ci_runner_groups.rb | 2 --
 db/schema.rb                                      | 2 --
 2 files changed, 4 deletions(-)

diff --git a/db/migrate/20170301101006_add_ci_runner_groups.rb b/db/migrate/20170301101006_add_ci_runner_groups.rb
index 73a135b0ee1..3954f6ffb87 100644
--- a/db/migrate/20170301101006_add_ci_runner_groups.rb
+++ b/db/migrate/20170301101006_add_ci_runner_groups.rb
@@ -9,8 +9,6 @@ class AddCiRunnerGroups < ActiveRecord::Migration
     create_table :ci_runner_groups do |t|
       t.integer :runner_id
       t.integer :group_id
-
-      t.timestamps_with_timezone null: false
     end
 
     add_concurrent_index :ci_runner_groups, :runner_id
diff --git a/db/schema.rb b/db/schema.rb
index 233423aaa90..b1cc7fd56d2 100644
--- a/db/schema.rb
+++ b/db/schema.rb
@@ -446,8 +446,6 @@ ActiveRecord::Schema.define(version: 20180425131009) do
   create_table "ci_runner_groups", force: :cascade do |t|
     t.integer "runner_id"
     t.integer "group_id"
-    t.datetime "created_at", null: false
-    t.datetime "updated_at", null: false
   end
 
   add_index "ci_runner_groups", ["group_id"], name: "index_ci_runner_groups_on_group_id", using: :btree

From 3c3e14430ba14ae45ec758d263ba882ddf32f76f Mon Sep 17 00:00:00 2001
From: Dylan Griffith <dyl.griffith@gmail.com>
Date: Fri, 27 Apr 2018 09:04:24 +0800
Subject: [PATCH 055/129] Remove unecessary index on ci_runner_groups.runner_id

---
 db/migrate/20170301101006_add_ci_runner_groups.rb | 4 +---
 1 file changed, 1 insertion(+), 3 deletions(-)

diff --git a/db/migrate/20170301101006_add_ci_runner_groups.rb b/db/migrate/20170301101006_add_ci_runner_groups.rb
index 3954f6ffb87..1c4430981a9 100644
--- a/db/migrate/20170301101006_add_ci_runner_groups.rb
+++ b/db/migrate/20170301101006_add_ci_runner_groups.rb
@@ -11,11 +11,9 @@ class AddCiRunnerGroups < ActiveRecord::Migration
       t.integer :group_id
     end
 
-    add_concurrent_index :ci_runner_groups, :runner_id
-    add_concurrent_foreign_key :ci_runner_groups, :ci_runners, column: :runner_id, on_delete: :cascade
-
     add_concurrent_index :ci_runner_groups, :group_id
     add_concurrent_index :ci_runner_groups, [:runner_id, :group_id], unique: true
+    add_concurrent_foreign_key :ci_runner_groups, :ci_runners, column: :runner_id, on_delete: :cascade
     add_concurrent_foreign_key :ci_runner_groups, :namespaces, column: :group_id, on_delete: :cascade
   end
 

From 8d8139862aee97d7fadc0563e7df9842f5bd46ac Mon Sep 17 00:00:00 2001
From: Dylan Griffith <dyl.griffith@gmail.com>
Date: Fri, 27 Apr 2018 09:15:54 +0800
Subject: [PATCH 056/129] Rename `runner.belonging_to_group(project.id) ->
 runner.belonging_to_parent_group_of_project(project.id)`

---
 app/controllers/projects/settings/ci_cd_controller.rb | 2 +-
 app/models/ci/runner.rb                               | 4 ++--
 app/models/project.rb                                 | 2 +-
 app/services/ci/update_build_queue_service.rb         | 2 +-
 spec/models/ci/runner_spec.rb                         | 6 +++---
 5 files changed, 8 insertions(+), 8 deletions(-)

diff --git a/app/controllers/projects/settings/ci_cd_controller.rb b/app/controllers/projects/settings/ci_cd_controller.rb
index 72a9b74767f..6ddbefacae0 100644
--- a/app/controllers/projects/settings/ci_cd_controller.rb
+++ b/app/controllers/projects/settings/ci_cd_controller.rb
@@ -79,7 +79,7 @@ module Projects
 
         @shared_runners_count = @shared_runners.count(:all)
 
-        @group_runners = ::Ci::Runner.belonging_to_group(@project.id)
+        @group_runners = ::Ci::Runner.belonging_to_parent_group_of_project(@project.id)
       end
 
       def define_secret_variables
diff --git a/app/models/ci/runner.rb b/app/models/ci/runner.rb
index d65395380d6..6904aca5e68 100644
--- a/app/models/ci/runner.rb
+++ b/app/models/ci/runner.rb
@@ -34,7 +34,7 @@ module Ci
 
     scope :belonging_to_any_project, -> { joins(:runner_projects) }
 
-    scope :belonging_to_group, -> (project_id) {
+    scope :belonging_to_parent_group_of_project, -> (project_id) {
       project_groups = ::Group.joins(:projects).where(projects: { id: project_id })
       hierarchy_groups = Gitlab::GroupHierarchy.new(project_groups).base_and_ancestors
 
@@ -42,7 +42,7 @@ module Ci
     }
 
     scope :owned_or_shared, -> (project_id) do
-      union = Gitlab::SQL::Union.new([belonging_to_project(project_id), belonging_to_group(project_id), shared])
+      union = Gitlab::SQL::Union.new([belonging_to_project(project_id), belonging_to_parent_group_of_project(project_id), shared])
       from("(#{union.to_sql}) ci_runners")
     end
 
diff --git a/app/models/project.rb b/app/models/project.rb
index 19024b4ea85..8e2145a4aa3 100644
--- a/app/models/project.rb
+++ b/app/models/project.rb
@@ -1297,7 +1297,7 @@ class Project < ActiveRecord::Base
   end
 
   def group_runners
-    @group_runners ||= group_runners_enabled? ? Ci::Runner.belonging_to_group(self.id) : Ci::Runner.none
+    @group_runners ||= group_runners_enabled? ? Ci::Runner.belonging_to_parent_group_of_project(self.id) : Ci::Runner.none
   end
 
   def any_runners?(&block)
diff --git a/app/services/ci/update_build_queue_service.rb b/app/services/ci/update_build_queue_service.rb
index 05dbebc4f8d..c991f04ab30 100644
--- a/app/services/ci/update_build_queue_service.rb
+++ b/app/services/ci/update_build_queue_service.rb
@@ -4,7 +4,7 @@ module Ci
       tick_for(build, build.project.runners)
 
       if build.project.group_runners_enabled?
-        tick_for(build, Ci::Runner.belonging_to_group(build.project_id))
+        tick_for(build, Ci::Runner.belonging_to_parent_group_of_project(build.project_id))
       end
 
       if build.project.shared_runners_enabled?
diff --git a/spec/models/ci/runner_spec.rb b/spec/models/ci/runner_spec.rb
index 1df11fdedf4..fbf9539e698 100644
--- a/spec/models/ci/runner_spec.rb
+++ b/spec/models/ci/runner_spec.rb
@@ -151,7 +151,7 @@ describe Ci::Runner do
     end
   end
 
-  describe '.belonging_to_group' do
+  describe '.belonging_to_parent_group_of_project' do
     it 'returns the specific group runner' do
       # own
       specific_group = create :group
@@ -163,7 +163,7 @@ describe Ci::Runner do
       create :project, group: other_group
       create :ci_runner, :specific, groups: [other_group]
 
-      expect(described_class.belonging_to_group(specific_project.id)).to eq [specific_runner]
+      expect(described_class.belonging_to_parent_group_of_project(specific_project.id)).to eq [specific_runner]
     end
 
     it 'returns the group runner from a parent group', :nested_groups do
@@ -172,7 +172,7 @@ describe Ci::Runner do
       project = create :project, group: group
       runner = create :ci_runner, :specific, groups: [parent_group]
 
-      expect(described_class.belonging_to_group(project.id)).to eq [runner]
+      expect(described_class.belonging_to_parent_group_of_project(project.id)).to eq [runner]
     end
   end
 

From 0077679ae88793b200bdcf69d2ca7e4d15e6f7fa Mon Sep 17 00:00:00 2001
From: Dylan Griffith <dyl.griffith@gmail.com>
Date: Fri, 27 Apr 2018 10:05:51 +0800
Subject: [PATCH 057/129] Bring back shared_runners_available? method since it
 is overriden in EE

---
 app/models/project.rb | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/app/models/project.rb b/app/models/project.rb
index 8e2145a4aa3..5c9bf8c61dd 100644
--- a/app/models/project.rb
+++ b/app/models/project.rb
@@ -1292,8 +1292,12 @@ class Project < ActiveRecord::Base
     project_feature.update_attribute(:builds_access_level, ProjectFeature::ENABLED)
   end
 
+  def shared_runners_available?
+    shared_runners_enabled?
+  end
+
   def shared_runners
-    @shared_runners ||= shared_runners_enabled? ? Ci::Runner.shared : Ci::Runner.none
+    @shared_runners ||= shared_runners_available? ? Ci::Runner.shared : Ci::Runner.none
   end
 
   def group_runners

From 87740df2ba7153439c30544f299b235632717738 Mon Sep 17 00:00:00 2001
From: Dylan Griffith <dyl.griffith@gmail.com>
Date: Mon, 30 Apr 2018 09:39:47 +0400
Subject: [PATCH 058/129] Revert fair scheduling for all builds

Per discussion in https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/9646#note_65730532 this logic is being optimized elsewhere and it will simplify things if we make less changes to this code right now.
---
 app/models/ci/runner.rb                       | 18 -----
 app/services/ci/register_job_service.rb       | 47 +++++++++----
 spec/models/ci/runner_spec.rb                 | 67 -------------------
 spec/services/ci/register_job_service_spec.rb | 51 +++-----------
 4 files changed, 43 insertions(+), 140 deletions(-)

diff --git a/app/models/ci/runner.rb b/app/models/ci/runner.rb
index 6904aca5e68..40d828b8414 100644
--- a/app/models/ci/runner.rb
+++ b/app/models/ci/runner.rb
@@ -99,24 +99,6 @@ module Ci
       self.token = SecureRandom.hex(15) if self.token.blank?
     end
 
-    def accessible_projects
-      accessible_projects =
-        if shared?
-          Project.with_shared_runners
-        elsif project?
-          projects
-        elsif group?
-          hierarchy_groups = Gitlab::GroupHierarchy.new(groups).base_and_descendants
-          Project.where(namespace_id: hierarchy_groups)
-        else
-          Project.none
-        end
-
-      accessible_projects
-        .with_builds_enabled
-        .without_deleted
-    end
-
     def assign_to(project, current_user = nil)
       self.is_shared = false if shared?
       self.save
diff --git a/app/services/ci/register_job_service.rb b/app/services/ci/register_job_service.rb
index 64549ea3ce2..55d0273847c 100644
--- a/app/services/ci/register_job_service.rb
+++ b/app/services/ci/register_job_service.rb
@@ -14,7 +14,14 @@ module Ci
     end
 
     def execute
-      builds = builds_for_runner
+      builds =
+        if runner.shared?
+          builds_for_shared_runner
+        elsif runner.group?
+          builds_for_group_runner
+        else
+          builds_for_project_runner
+        end
 
       valid = true
 
@@ -63,27 +70,39 @@ module Ci
 
     private
 
-    def builds_for_runner
-      new_builds
-        .joins("LEFT JOIN (#{running_projects.to_sql}) AS running_projects ON ci_builds.project_id=running_projects.project_id")
-        .order('COALESCE(running_projects.running_builds, 0) ASC', 'ci_builds.id ASC')
+    def builds_for_shared_runner
+      new_builds.
+        # don't run projects which have not enabled shared runners and builds
+        joins(:project).where(projects: { shared_runners_enabled: true, pending_delete: false })
+        .joins('LEFT JOIN project_features ON ci_builds.project_id = project_features.project_id')
+        .where('project_features.builds_access_level IS NULL or project_features.builds_access_level > 0').
+
+      # Implement fair scheduling
+      # this returns builds that are ordered by number of running builds
+      # we prefer projects that don't use shared runners at all
+      joins("LEFT JOIN (#{running_builds_for_shared_runners.to_sql}) AS project_builds ON ci_builds.project_id=project_builds.project_id")
+        .order('COALESCE(project_builds.running_builds, 0) ASC', 'ci_builds.id ASC')
     end
 
-    # New builds from the accessible projects
-    def new_builds
-      filter_builds(Ci::Build.pending.unstarted)
+    def builds_for_project_runner
+      new_builds.where(project: runner.projects.without_deleted.with_builds_enabled).order('created_at ASC')
     end
 
-    # Count running builds from the accessible projects
-    def running_projects
-      filter_builds(Ci::Build.running)
+    def builds_for_group_runner
+      hierarchy_groups = Gitlab::GroupHierarchy.new(runner.groups).base_and_descendants
+      projects = Project.where(namespace_id: hierarchy_groups).without_deleted.with_builds_enabled
+      new_builds.where(project: projects.without_deleted.with_builds_enabled).order('created_at ASC')
+    end
+
+    def running_builds_for_shared_runners
+      Ci::Build.running.where(runner: Ci::Runner.shared)
         .group(:project_id).select(:project_id, 'count(*) AS running_builds')
     end
 
-    # Filter the builds from the accessible projects
-    def filter_builds(builds)
+    def new_builds
+      builds = Ci::Build.pending.unstarted
       builds = builds.ref_protected if runner.ref_protected?
-      builds.where(project: runner.accessible_projects)
+      builds
     end
 
     def register_failure
diff --git a/spec/models/ci/runner_spec.rb b/spec/models/ci/runner_spec.rb
index fbf9539e698..d6ce97a9b28 100644
--- a/spec/models/ci/runner_spec.rb
+++ b/spec/models/ci/runner_spec.rb
@@ -792,73 +792,6 @@ describe Ci::Runner do
     end
   end
 
-  describe '#accessible_projects' do
-    let!(:shared_runner) { create(:ci_runner, :shared) }
-    let!(:shared_project) { create(:project, shared_runners_enabled: true) }
-
-    let!(:project_runner) { create(:ci_runner) }
-    let!(:project_project) { create(:project, runners: [project_runner], shared_runners_enabled: false) }
-
-    let!(:group_runner) { create(:ci_runner) }
-
-    let!(:parent_group) { create(:group) }
-    let!(:parent_group_project) do
-      create(:project, group: parent_group, shared_runners_enabled: false)
-    end
-
-    let!(:group) { create :group, runners: [group_runner], parent: parent_group }
-    let!(:group_project) do
-      create(:project, group: group, shared_runners_enabled: false)
-    end
-
-    let!(:nested_group_project) do
-      nested_group = create :group, parent: group
-      create(:project, group: nested_group, shared_runners_enabled: false)
-    end
-
-    it 'returns the project with a shared runner' do
-      expect(shared_runner.reload.accessible_projects).to eq [shared_project]
-    end
-
-    it 'returns the project with a project runner' do
-      expect(project_runner.reload.accessible_projects).to eq [project_project]
-    end
-
-    it 'returns the projects with a group and nested group runner', :nested_groups do
-      expect(group_runner.reload.accessible_projects).to eq [group_project, nested_group_project]
-    end
-
-    context 'deleted' do
-      before do
-        shared_project.update_attributes!(pending_delete: true)
-        project_project.update_attributes!(pending_delete: true)
-        group_project.update_attributes!(pending_delete: true)
-        nested_group_project.update_attributes!(pending_delete: true)
-      end
-
-      it 'returns no projects' do
-        expect(shared_runner.reload.accessible_projects).to be_empty
-        expect(project_runner.reload.accessible_projects).to be_empty
-        expect(group_runner.reload.accessible_projects).to be_empty
-      end
-    end
-
-    context 'builds disabled' do
-      before do
-        shared_project.update_attributes!(builds_enabled: false)
-        project_project.update_attributes!(builds_enabled: false)
-        group_project.update_attributes!(builds_enabled: false)
-        nested_group_project.update_attributes!(builds_enabled: false)
-      end
-
-      it 'returns no projects' do
-        expect(shared_runner.reload.accessible_projects).to be_empty
-        expect(project_runner.reload.accessible_projects).to be_empty
-        expect(group_runner.reload.accessible_projects).to be_empty
-      end
-    end
-  end
-
   describe '#invalidate_build_cache!' do
     context 'runner can pick the build' do
       it 'calls #tick_runner_queue' do
diff --git a/spec/services/ci/register_job_service_spec.rb b/spec/services/ci/register_job_service_spec.rb
index 0c343425392..7d3c43eeaf7 100644
--- a/spec/services/ci/register_job_service_spec.rb
+++ b/spec/services/ci/register_job_service_spec.rb
@@ -195,56 +195,25 @@ module Ci
           let!(:unrelated_group_runner) { create :ci_runner, groups: [unrelated_group] }
 
           it 'does not consider builds from other group runners' do
-            expect(described_class.new(group_runner).send(:builds_for_runner).count).to eq 6
+            expect(described_class.new(group_runner).send(:builds_for_group_runner).count).to eq 6
             execute(group_runner)
 
-            expect(described_class.new(group_runner).send(:builds_for_runner).count).to eq 5
+            expect(described_class.new(group_runner).send(:builds_for_group_runner).count).to eq 5
             execute(group_runner)
 
-            expect(described_class.new(group_runner).send(:builds_for_runner).count).to eq 4
+            expect(described_class.new(group_runner).send(:builds_for_group_runner).count).to eq 4
             execute(group_runner)
 
-            expect(described_class.new(group_runner).send(:builds_for_runner).count).to eq 3
+            expect(described_class.new(group_runner).send(:builds_for_group_runner).count).to eq 3
             execute(group_runner)
 
-            expect(described_class.new(group_runner).send(:builds_for_runner).count).to eq 2
+            expect(described_class.new(group_runner).send(:builds_for_group_runner).count).to eq 2
             execute(group_runner)
 
-            expect(described_class.new(group_runner).send(:builds_for_runner).count).to eq 1
+            expect(described_class.new(group_runner).send(:builds_for_group_runner).count).to eq 1
             execute(group_runner)
 
-            expect(described_class.new(group_runner).send(:builds_for_runner).count).to eq 0
-            expect(execute(group_runner)).to be_nil
-          end
-
-          it 'prefers projects without builds first' do
-            # it gets for one build from each of the projects
-            expect(execute(group_runner)).to eq(build1_project1)
-            expect(execute(group_runner)).to eq(build1_project2)
-            expect(execute(group_runner)).to eq(build1_project3)
-
-            # then it gets a second build from each of the projects
-            expect(execute(group_runner)).to eq(build2_project1)
-            expect(execute(group_runner)).to eq(build2_project2)
-
-            # in the end the third build
-            expect(execute(group_runner)).to eq(build3_project1)
-
-            expect(execute(group_runner)).to be_nil
-          end
-
-          it 'equalises number of running builds' do
-            # after finishing the first build for project 1, get a second build from the same project
-            expect(execute(group_runner)).to eq(build1_project1)
-            build1_project1.reload.success
-            expect(execute(group_runner)).to eq(build2_project1)
-
-            expect(execute(group_runner)).to eq(build1_project2)
-            build1_project2.reload.success
-            expect(execute(group_runner)).to eq(build2_project2)
-            expect(execute(group_runner)).to eq(build1_project3)
-            expect(execute(group_runner)).to eq(build3_project1)
-
+            expect(described_class.new(group_runner).send(:builds_for_group_runner).count).to eq 0
             expect(execute(group_runner)).to be_nil
           end
         end
@@ -282,7 +251,7 @@ module Ci
           let!(:other_build) { create :ci_build, pipeline: pipeline }
 
           before do
-            allow_any_instance_of(Ci::RegisterJobService).to receive(:builds_for_runner)
+            allow_any_instance_of(Ci::RegisterJobService).to receive(:builds_for_project_runner)
               .and_return(Ci::Build.where(id: [pending_job, other_build]))
           end
 
@@ -294,7 +263,7 @@ module Ci
 
         context 'when single build is in queue' do
           before do
-            allow_any_instance_of(Ci::RegisterJobService).to receive(:builds_for_runner)
+            allow_any_instance_of(Ci::RegisterJobService).to receive(:builds_for_project_runner)
               .and_return(Ci::Build.where(id: pending_job))
           end
 
@@ -305,7 +274,7 @@ module Ci
 
         context 'when there is no build in queue' do
           before do
-            allow_any_instance_of(Ci::RegisterJobService).to receive(:builds_for_runner)
+            allow_any_instance_of(Ci::RegisterJobService).to receive(:builds_for_project_runner)
               .and_return(Ci::Build.none)
           end
 

From 8604dbe9f6768a8bb44bf1e1b144f7fd216f3641 Mon Sep 17 00:00:00 2001
From: Dylan Griffith <dyl.griffith@gmail.com>
Date: Mon, 30 Apr 2018 10:25:26 +0400
Subject: [PATCH 059/129] Fix up db/schema.rb changes leftover and comments out
 of date

---
 db/schema.rb                               | 2 --
 lib/gitlab/import_export/import_export.yml | 1 -
 spec/factories/projects.rb                 | 6 +++---
 3 files changed, 3 insertions(+), 6 deletions(-)

diff --git a/db/schema.rb b/db/schema.rb
index b1cc7fd56d2..db1e41e00b3 100644
--- a/db/schema.rb
+++ b/db/schema.rb
@@ -450,7 +450,6 @@ ActiveRecord::Schema.define(version: 20180425131009) do
 
   add_index "ci_runner_groups", ["group_id"], name: "index_ci_runner_groups_on_group_id", using: :btree
   add_index "ci_runner_groups", ["runner_id", "group_id"], name: "index_ci_runner_groups_on_runner_id_and_group_id", unique: true, using: :btree
-  add_index "ci_runner_groups", ["runner_id"], name: "index_ci_runner_groups_on_runner_id", using: :btree
 
   create_table "ci_runner_projects", force: :cascade do |t|
     t.integer "runner_id", null: false
@@ -1573,7 +1572,6 @@ ActiveRecord::Schema.define(version: 20180425131009) do
     t.boolean "merge_requests_rebase_enabled", default: false, null: false
     t.integer "jobs_cache_index"
     t.boolean "pages_https_only", default: true
-    t.boolean "group_runners_enabled", default: true, null: false
   end
 
   add_index "projects", ["ci_id"], name: "index_projects_on_ci_id", using: :btree
diff --git a/lib/gitlab/import_export/import_export.yml b/lib/gitlab/import_export/import_export.yml
index f1978d06884..0d1c4f73c6e 100644
--- a/lib/gitlab/import_export/import_export.yml
+++ b/lib/gitlab/import_export/import_export.yml
@@ -107,7 +107,6 @@ excluded_attributes:
     - :last_repository_check_at
     - :storage_version
     - :description_html
-    - :group_runners_enabled
   snippets:
     - :expired_at
   merge_request_diff:
diff --git a/spec/factories/projects.rb b/spec/factories/projects.rb
index 3d2810bfdba..aed5eab8044 100644
--- a/spec/factories/projects.rb
+++ b/spec/factories/projects.rb
@@ -24,8 +24,8 @@ FactoryBot.define do
       merge_requests_access_level ProjectFeature::ENABLED
       repository_access_level ProjectFeature::ENABLED
 
-      # we can't assign the delegated `#settings` attributes directly, as the
-      # `#settings` relation needs to be created first
+      # we can't assign the delegated `#ci_cd_settings` attributes directly, as the
+      # `#ci_cd_settings` relation needs to be created first
       group_runners_enabled nil
     end
 
@@ -52,7 +52,7 @@ FactoryBot.define do
 
       project.group&.refresh_members_authorized_projects
 
-      # assign the delegated `#settings` attributes after create
+      # assign the delegated `#ci_cd_settings` attributes after create
       project.reload.group_runners_enabled = evaluator.group_runners_enabled unless evaluator.group_runners_enabled.nil?
     end
 

From 5652ff953cba9773edbcb677908fe3f18b103be3 Mon Sep 17 00:00:00 2001
From: Dylan Griffith <dyl.griffith@gmail.com>
Date: Mon, 30 Apr 2018 10:43:29 +0400
Subject: [PATCH 060/129] Rename Runner#group? -> #assigned_to_group? and
 Runner#project? -> #assigned_to_project?

---
 app/models/ci/runner.rb                      |  6 +++---
 app/services/ci/register_job_service.rb      |  2 +-
 app/views/admin/runners/_runner.html.haml    |  4 ++--
 app/views/admin/runners/show.html.haml       |  2 +-
 app/views/projects/runners/_runner.html.haml |  2 +-
 lib/api/runners.rb                           |  2 +-
 spec/models/ci/runner_spec.rb                | 16 ++++++++--------
 7 files changed, 17 insertions(+), 17 deletions(-)

diff --git a/app/models/ci/runner.rb b/app/models/ci/runner.rb
index 40d828b8414..da1107951bf 100644
--- a/app/models/ci/runner.rb
+++ b/app/models/ci/runner.rb
@@ -137,11 +137,11 @@ module Ci
       !shared?
     end
 
-    def group?
+    def assigned_to_group?
       runner_groups.any?
     end
 
-    def project?
+    def assigned_to_project?
       runner_projects.any?
     end
 
@@ -244,7 +244,7 @@ module Ci
         errors.add(:runner, 'can only be assigned to one group')
       end
 
-      if group? && project?
+      if assigned_to_group? && assigned_to_project?
         errors.add(:runner, 'can only be assigned either to projects or to a group')
       end
     end
diff --git a/app/services/ci/register_job_service.rb b/app/services/ci/register_job_service.rb
index 55d0273847c..647bceb3b36 100644
--- a/app/services/ci/register_job_service.rb
+++ b/app/services/ci/register_job_service.rb
@@ -17,7 +17,7 @@ module Ci
       builds =
         if runner.shared?
           builds_for_shared_runner
-        elsif runner.group?
+        elsif runner.assigned_to_group?
           builds_for_group_runner
         else
           builds_for_project_runner
diff --git a/app/views/admin/runners/_runner.html.haml b/app/views/admin/runners/_runner.html.haml
index f1e0e3b5ad6..6670ba6aa89 100644
--- a/app/views/admin/runners/_runner.html.haml
+++ b/app/views/admin/runners/_runner.html.haml
@@ -2,7 +2,7 @@
   %td
     - if runner.shared?
       %span.label.label-success shared
-    - elsif runner.group?
+    - elsif runner.assigned_to_group?
       %span.label.label-success group
     - else
       %span.label.label-info specific
@@ -21,7 +21,7 @@
   %td
     = runner.ip_address
   %td
-    - if runner.shared? || runner.group?
+    - if runner.shared? || runner.assigned_to_group?
       n/a
     - else
       = runner.projects.count(:all)
diff --git a/app/views/admin/runners/show.html.haml b/app/views/admin/runners/show.html.haml
index ae5f860d0d1..ab2c9ad1e57 100644
--- a/app/views/admin/runners/show.html.haml
+++ b/app/views/admin/runners/show.html.haml
@@ -19,7 +19,7 @@
     %p
       If you want Runners to build only specific projects, enable them in the table below.
       Keep in mind that this is a one way transition.
-- elsif @runner.group?
+- elsif @runner.assigned_to_group?
   .bs-callout.bs-callout-success
     %h4 This runner will process jobs from all projects in its group and subgroups
 - else
diff --git a/app/views/projects/runners/_runner.html.haml b/app/views/projects/runners/_runner.html.haml
index 6d61da40f5b..d2598f3be07 100644
--- a/app/views/projects/runners/_runner.html.haml
+++ b/app/views/projects/runners/_runner.html.haml
@@ -26,7 +26,7 @@
         - else
           - runner_project = @project.runner_projects.find_by(runner_id: runner)
           = link_to 'Disable for this project', project_runner_project_path(@project, runner_project), data: { confirm: "Are you sure?" }, method: :delete, class: 'btn btn-danger btn-sm'
-      - elsif runner.project?
+      - elsif runner.assigned_to_project?
         = form_for [@project.namespace.becomes(Namespace), @project, @project.runner_projects.new] do |f|
           = f.hidden_field :runner_id, value: runner.id
           = f.submit 'Enable for this project', class: 'btn btn-sm'
diff --git a/lib/api/runners.rb b/lib/api/runners.rb
index 1a05bed3465..11c31917fc5 100644
--- a/lib/api/runners.rb
+++ b/lib/api/runners.rb
@@ -205,7 +205,7 @@ module API
       def authenticate_enable_runner!(runner)
         forbidden!("Runner is shared") if runner.is_shared?
         forbidden!("Runner is locked") if runner.locked?
-        forbidden!("Runner is a group runner") if runner.group?
+        forbidden!("Runner is a group runner") if runner.assigned_to_group?
         return if current_user.admin?
 
         forbidden!("No access granted") unless user_can_access_runner?(runner)
diff --git a/spec/models/ci/runner_spec.rb b/spec/models/ci/runner_spec.rb
index d6ce97a9b28..fb9dcce9a7c 100644
--- a/spec/models/ci/runner_spec.rb
+++ b/spec/models/ci/runner_spec.rb
@@ -748,47 +748,47 @@ describe Ci::Runner do
     end
   end
 
-  describe 'group?' do
+  describe 'assigned_to_group?' do
     it 'returns false when the runner is a project runner' do
       project = create :project
       runner = create :ci_runner, description: 'Project runner', projects: [project]
 
-      expect(runner.group?).to be false
+      expect(runner.assigned_to_group?).to be false
     end
 
     it 'returns false when the runner is a shared runner' do
       runner = create :ci_runner, :shared, description: 'Shared runner'
 
-      expect(runner.group?).to be false
+      expect(runner.assigned_to_group?).to be false
     end
 
     it 'returns true when the runner is assigned to a group' do
       group = create :group
       runner = create :ci_runner, description: 'Group runner', groups: [group]
 
-      expect(runner.group?).to be true
+      expect(runner.assigned_to_group?).to be true
     end
   end
 
-  describe 'project?' do
+  describe 'assigned_to_project?' do
     it 'returns false when the runner is a group prunner' do
       group = create :group
       runner = create :ci_runner, description: 'Group runner', groups: [group]
 
-      expect(runner.project?).to be false
+      expect(runner.assigned_to_project?).to be false
     end
 
     it 'returns false when the runner is a shared runner' do
       runner = create :ci_runner, :shared, description: 'Shared runner'
 
-      expect(runner.project?).to be false
+      expect(runner.assigned_to_project?).to be false
     end
 
     it 'returns true when the runner is assigned to a project' do
       project = create :project
       runner = create :ci_runner, description: 'Group runner', projects: [project]
 
-      expect(runner.project?).to be true
+      expect(runner.assigned_to_project?).to be true
     end
   end
 

From 3dbcc02db0c1fda22044a743158d4ba9e4eda637 Mon Sep 17 00:00:00 2001
From: Dylan Griffith <dyl.griffith@gmail.com>
Date: Mon, 30 Apr 2018 11:28:33 +0400
Subject: [PATCH 061/129] Add changelog for group runners

---
 changelogs/unreleased/feature-runner-per-group.yml | 5 +++++
 1 file changed, 5 insertions(+)
 create mode 100644 changelogs/unreleased/feature-runner-per-group.yml

diff --git a/changelogs/unreleased/feature-runner-per-group.yml b/changelogs/unreleased/feature-runner-per-group.yml
new file mode 100644
index 00000000000..162a5fae0a4
--- /dev/null
+++ b/changelogs/unreleased/feature-runner-per-group.yml
@@ -0,0 +1,5 @@
+---
+title: Allow group masters to configure runners for groups
+merge_request: 9646
+author: Alexis Reigel
+type: added

From 0d30b00de807df550bec947751c098317c5bb79f Mon Sep 17 00:00:00 2001
From: Dylan Griffith <dyl.griffith@gmail.com>
Date: Mon, 30 Apr 2018 17:00:28 +0400
Subject: [PATCH 062/129] Start persisting runner_type when creating runners

---
 app/models/ci/runner.rb                       |  6 ++++++
 ...430101916_add_runner_type_to_ci_runners.rb |  9 +++++++++
 ...runner_type_for_ci_runners_post_migrate.rb | 20 +++++++++++++++++++
 db/schema.rb                                  |  3 ++-
 lib/api/runner.rb                             |  6 +++---
 5 files changed, 40 insertions(+), 4 deletions(-)
 create mode 100644 db/migrate/20180430101916_add_runner_type_to_ci_runners.rb
 create mode 100644 db/post_migrate/20180430143705_backfill_runner_type_for_ci_runners_post_migrate.rb

diff --git a/app/models/ci/runner.rb b/app/models/ci/runner.rb
index da1107951bf..cdd28407172 100644
--- a/app/models/ci/runner.rb
+++ b/app/models/ci/runner.rb
@@ -67,6 +67,12 @@ module Ci
       ref_protected: 1
     }
 
+    enum runner_type: {
+      instance_type: 1,
+      group_type: 2,
+      project_type: 3
+    }
+
     cached_attr_reader :version, :revision, :platform, :architecture, :contacted_at, :ip_address
 
     chronic_duration_attr :maximum_timeout_human_readable, :maximum_timeout
diff --git a/db/migrate/20180430101916_add_runner_type_to_ci_runners.rb b/db/migrate/20180430101916_add_runner_type_to_ci_runners.rb
new file mode 100644
index 00000000000..8c8009f28fb
--- /dev/null
+++ b/db/migrate/20180430101916_add_runner_type_to_ci_runners.rb
@@ -0,0 +1,9 @@
+class AddRunnerTypeToCiRunners < ActiveRecord::Migration
+  include Gitlab::Database::MigrationHelpers
+
+  DOWNTIME = false
+
+  def change
+    add_column :ci_runners, :runner_type, :integer
+  end
+end
diff --git a/db/post_migrate/20180430143705_backfill_runner_type_for_ci_runners_post_migrate.rb b/db/post_migrate/20180430143705_backfill_runner_type_for_ci_runners_post_migrate.rb
new file mode 100644
index 00000000000..8509222edc2
--- /dev/null
+++ b/db/post_migrate/20180430143705_backfill_runner_type_for_ci_runners_post_migrate.rb
@@ -0,0 +1,20 @@
+class BackfillRunnerTypeForCiRunnersPostMigrate < ActiveRecord::Migration
+  include Gitlab::Database::MigrationHelpers
+
+  DOWNTIME = false
+
+  disable_ddl_transaction!
+
+  def up
+    update_column_in_batches(:ci_runners, :runner_type, 1) do |table, query|
+      query.where(table[:is_shared].eq(true)).where(table[:runner_type].eq(nil))
+    end
+
+    update_column_in_batches(:ci_runners, :runner_type, 3) do |table, query|
+      query.where(table[:is_shared].eq(false)).where(table[:runner_type].eq(nil))
+    end
+  end
+
+  def down
+  end
+end
diff --git a/db/schema.rb b/db/schema.rb
index db1e41e00b3..4a541b3ac81 100644
--- a/db/schema.rb
+++ b/db/schema.rb
@@ -11,7 +11,7 @@
 #
 # It's strongly recommended that you check this file into your version control system.
 
-ActiveRecord::Schema.define(version: 20180425131009) do
+ActiveRecord::Schema.define(version: 20180430143705) do
 
   # These are extensions that must be enabled in order to support this database
   enable_extension "plpgsql"
@@ -479,6 +479,7 @@ ActiveRecord::Schema.define(version: 20180425131009) do
     t.integer "access_level", default: 0, null: false
     t.string "ip_address"
     t.integer "maximum_timeout"
+    t.integer "runner_type"
   end
 
   add_index "ci_runners", ["contacted_at"], name: "index_ci_runners_on_contacted_at", using: :btree
diff --git a/lib/api/runner.rb b/lib/api/runner.rb
index 49d9b0b1b4f..67896ae1fc5 100644
--- a/lib/api/runner.rb
+++ b/lib/api/runner.rb
@@ -23,13 +23,13 @@ module API
         runner =
           if runner_registration_token_valid?
             # Create shared runner. Requires admin access
-            Ci::Runner.create(attributes.merge(is_shared: true))
+            Ci::Runner.create(attributes.merge(is_shared: true, runner_type: :instance_type))
           elsif project = Project.find_by(runners_token: params[:token])
             # Create a specific runner for the project
-            project.runners.create(attributes)
+            project.runners.create(attributes.merge(runner_type: :project_type))
           elsif group = Group.find_by(runners_token: params[:token])
             # Create a specific runner for the group
-            group.runners.create(attributes)
+            group.runners.create(attributes.merge(runner_type: :group_type))
           end
 
         break forbidden! unless runner

From e98438d4efdf3aebabe5938979f4924cf7cb47a8 Mon Sep 17 00:00:00 2001
From: Dylan Griffith <dyl.griffith@gmail.com>
Date: Mon, 30 Apr 2018 17:10:07 +0400
Subject: [PATCH 063/129] Revert changes to User#ci_authorized_users to defer
 group runner API changes to later

---
 app/models/user.rb       | 16 ++--------
 spec/models/user_spec.rb | 66 ++++++++--------------------------------
 2 files changed, 15 insertions(+), 67 deletions(-)

diff --git a/app/models/user.rb b/app/models/user.rb
index 0c5c0fef9d4..b0668148972 100644
--- a/app/models/user.rb
+++ b/app/models/user.rb
@@ -995,17 +995,10 @@ class User < ActiveRecord::Base
 
   def ci_authorized_runners
     @ci_authorized_runners ||= begin
-      project_runner_ids = Ci::RunnerProject
+      runner_ids = Ci::RunnerProject
         .where(project: authorized_projects(Gitlab::Access::MASTER))
         .select(:runner_id)
-
-      group_runner_ids = Ci::RunnerGroup
-        .where(group_id: owned_or_masters_groups.select(:id))
-        .select(:runner_id)
-
-      union = Gitlab::SQL::Union.new([project_runner_ids, group_runner_ids])
-
-      Ci::Runner.specific.where("ci_runners.id IN (#{union.to_sql})") # rubocop:disable GitlabSecurity/SqlInjection
+      Ci::Runner.specific.where(id: runner_ids)
     end
   end
 
@@ -1194,11 +1187,6 @@ class User < ActiveRecord::Base
     max_member_access_for_group_ids([group_id])[group_id]
   end
 
-  def owned_or_masters_groups
-    union = Gitlab::SQL::Union.new([owned_groups, masters_groups])
-    Group.from("(#{union.to_sql}) namespaces")
-  end
-
   protected
 
   # override, from Devise::Validatable
diff --git a/spec/models/user_spec.rb b/spec/models/user_spec.rb
index df2e547ce28..3f2eb58f009 100644
--- a/spec/models/user_spec.rb
+++ b/spec/models/user_spec.rb
@@ -1787,12 +1787,14 @@ describe User do
 
   describe '#ci_authorized_runners' do
     let(:user) { create(:user) }
-    let(:runner_1) { create(:ci_runner) }
-    let(:runner_2) { create(:ci_runner) }
+    let(:runner) { create(:ci_runner) }
 
-    context 'without any projects nor groups' do
-      let!(:project) { create(:project, runners: [runner_1]) }
-      let!(:group) { create(:group) }
+    before do
+      project.runners << runner
+    end
+
+    context 'without any projects' do
+      let(:project) { create(:project) }
 
       it 'does not load' do
         expect(user.ci_authorized_runners).to be_empty
@@ -1801,38 +1803,10 @@ describe User do
 
     context 'with personal projects runners' do
       let(:namespace) { create(:namespace, owner: user) }
-      let!(:project) { create(:project, namespace: namespace, runners: [runner_1]) }
+      let(:project) { create(:project, namespace: namespace) }
 
       it 'loads' do
-        expect(user.ci_authorized_runners).to contain_exactly(runner_1)
-      end
-    end
-
-    context 'with personal group runner' do
-      let!(:project) { create(:project, runners: [runner_1]) }
-      let!(:group) do
-        create(:group, runners: [runner_2]).tap do |group|
-          group.add_owner(user)
-        end
-      end
-
-      it 'loads' do
-        expect(user.ci_authorized_runners).to contain_exactly(runner_2)
-      end
-    end
-
-    context 'with personal project and group runner' do
-      let(:namespace) { create(:namespace, owner: user) }
-      let!(:project) { create(:project, namespace: namespace, runners: [runner_1]) }
-
-      let!(:group) do
-        create(:group, runners: [runner_2]).tap do |group|
-          group.add_owner(user)
-        end
-      end
-
-      it 'loads' do
-        expect(user.ci_authorized_runners).to contain_exactly(runner_1, runner_2)
+        expect(user.ci_authorized_runners).to contain_exactly(runner)
       end
     end
 
@@ -1843,7 +1817,7 @@ describe User do
         end
 
         it 'loads' do
-          expect(user.ci_authorized_runners).to contain_exactly(runner_1)
+          expect(user.ci_authorized_runners).to contain_exactly(runner)
         end
       end
 
@@ -1860,21 +1834,7 @@ describe User do
 
     context 'with groups projects runners' do
       let(:group) { create(:group) }
-      let!(:project) { create(:project, group: group, runners: [runner_1]) }
-
-      def add_user(access)
-        group.add_user(user, access)
-      end
-
-      it_behaves_like :member
-    end
-
-    context 'with groups runners' do
-      let!(:group) do
-        create(:group, runners: [runner_1]).tap do |group|
-          group.add_owner(user)
-        end
-      end
+      let(:project) { create(:project, group: group) }
 
       def add_user(access)
         group.add_user(user, access)
@@ -1884,7 +1844,7 @@ describe User do
     end
 
     context 'with other projects runners' do
-      let!(:project) { create(:project, runners: [runner_1]) }
+      let(:project) { create(:project) }
 
       def add_user(access)
         project.add_role(user, access)
@@ -1897,7 +1857,7 @@ describe User do
       let(:group) { create(:group) }
       let(:another_user) { create(:user) }
       let(:subgroup) { create(:group, parent: group) }
-      let!(:project) { create(:project, group: subgroup, runners: [runner_1]) }
+      let(:project) { create(:project, group: subgroup) }
 
       def add_user(access)
         group.add_user(user, access)

From dad35d6284edfb5c5555e028405d7dc8e984b2f4 Mon Sep 17 00:00:00 2001
From: Dylan Griffith <dyl.griffith@gmail.com>
Date: Mon, 30 Apr 2018 17:14:39 +0400
Subject: [PATCH 064/129] Remove redundant scopes in
 Ci::RegisterJobService#builds_for_group_runner

---
 app/services/ci/register_job_service.rb | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/app/services/ci/register_job_service.rb b/app/services/ci/register_job_service.rb
index 647bceb3b36..138bab88059 100644
--- a/app/services/ci/register_job_service.rb
+++ b/app/services/ci/register_job_service.rb
@@ -90,7 +90,7 @@ module Ci
 
     def builds_for_group_runner
       hierarchy_groups = Gitlab::GroupHierarchy.new(runner.groups).base_and_descendants
-      projects = Project.where(namespace_id: hierarchy_groups).without_deleted.with_builds_enabled
+      projects = Project.where(namespace_id: hierarchy_groups)
       new_builds.where(project: projects.without_deleted.with_builds_enabled).order('created_at ASC')
     end
 

From d8dd25a60e7c96a24d33cfe1b93be09085a1b86c Mon Sep 17 00:00:00 2001
From: Dylan Griffith <dyl.griffith@gmail.com>
Date: Mon, 30 Apr 2018 17:25:49 +0400
Subject: [PATCH 065/129] Introduce Project#all_runners and use in
 Ci::UpdateBuildQueueService

---
 app/models/project.rb                         |  9 ++++++---
 app/services/ci/update_build_queue_service.rb | 10 +---------
 2 files changed, 7 insertions(+), 12 deletions(-)

diff --git a/app/models/project.rb b/app/models/project.rb
index 5c9bf8c61dd..8abbb92da62 100644
--- a/app/models/project.rb
+++ b/app/models/project.rb
@@ -1304,10 +1304,13 @@ class Project < ActiveRecord::Base
     @group_runners ||= group_runners_enabled? ? Ci::Runner.belonging_to_parent_group_of_project(self.id) : Ci::Runner.none
   end
 
+  def all_runners
+    union = Gitlab::SQL::Union.new([runners, group_runners, shared_runners])
+    Ci::Runner.from("(#{union.to_sql}) ci_runners")
+  end
+
   def any_runners?(&block)
-    union = Gitlab::SQL::Union.new([runners, shared_runners, group_runners])
-    runners = Ci::Runner.from("(#{union.to_sql}) ci_runners").active
-    runners.any?(&block)
+    all_runners.active.any?(&block)
   end
 
   def valid_runners_token?(token)
diff --git a/app/services/ci/update_build_queue_service.rb b/app/services/ci/update_build_queue_service.rb
index c991f04ab30..674782df00e 100644
--- a/app/services/ci/update_build_queue_service.rb
+++ b/app/services/ci/update_build_queue_service.rb
@@ -1,15 +1,7 @@
 module Ci
   class UpdateBuildQueueService
     def execute(build)
-      tick_for(build, build.project.runners)
-
-      if build.project.group_runners_enabled?
-        tick_for(build, Ci::Runner.belonging_to_parent_group_of_project(build.project_id))
-      end
-
-      if build.project.shared_runners_enabled?
-        tick_for(build, Ci::Runner.shared)
-      end
+      tick_for(build, build.project.all_runners)
     end
 
     private

From e2b62f6e4441fe5fd0f721d5a824c62c7f40e013 Mon Sep 17 00:00:00 2001
From: Dylan Griffith <dyl.griffith@gmail.com>
Date: Mon, 30 Apr 2018 17:27:21 +0400
Subject: [PATCH 066/129] Remove API changes for assigning group runner to
 project

Since we are going to handle the API stuff later we can just leave this as error case since the model validations will stop this
---
 lib/api/runners.rb | 1 -
 1 file changed, 1 deletion(-)

diff --git a/lib/api/runners.rb b/lib/api/runners.rb
index 11c31917fc5..5f2a9567605 100644
--- a/lib/api/runners.rb
+++ b/lib/api/runners.rb
@@ -205,7 +205,6 @@ module API
       def authenticate_enable_runner!(runner)
         forbidden!("Runner is shared") if runner.is_shared?
         forbidden!("Runner is locked") if runner.locked?
-        forbidden!("Runner is a group runner") if runner.assigned_to_group?
         return if current_user.admin?
 
         forbidden!("No access granted") unless user_can_access_runner?(runner)

From 1a6d9789db04c3caa4f15ea76399c417f310a6a7 Mon Sep 17 00:00:00 2001
From: Dylan Griffith <dyl.griffith@gmail.com>
Date: Mon, 30 Apr 2018 18:13:16 +0400
Subject: [PATCH 067/129] Remove unnecessary API specs for group runners since
 we do not have API support yet

---
 spec/requests/api/runners_spec.rb | 79 +------------------------------
 1 file changed, 1 insertion(+), 78 deletions(-)

diff --git a/spec/requests/api/runners_spec.rb b/spec/requests/api/runners_spec.rb
index 89e21ba9914..f22fec31514 100644
--- a/spec/requests/api/runners_spec.rb
+++ b/spec/requests/api/runners_spec.rb
@@ -47,7 +47,7 @@ describe API::Runners do
         expect(response).to include_pagination_headers
         expect(json_response).to be_an Array
         expect(descriptions).to contain_exactly(
-          'Project runner', 'Group runner', 'Two projects runner'
+          'Project runner', 'Two projects runner'
         )
         expect(shared).to be_falsey
       end
@@ -149,16 +149,6 @@ describe API::Runners do
 
           expect(json_response['projects'].first['id']).to eq(project.id)
         end
-
-        it "returns the group's details for a group runner" do
-          get api("/runners/#{group_runner.id}", admin)
-
-          expect(json_response['groups'].first).to eq(
-            'id' => group.id,
-            'web_url' => group.web_url,
-            'name' => group.name
-          )
-        end
       end
 
       it 'returns 404 if runner does not exists' do
@@ -188,29 +178,12 @@ describe API::Runners do
       end
     end
 
-    context "runner group's administrative user" do
-      context 'when runner is not shared' do
-        it "returns runner's details" do
-          get api("/runners/#{group_runner.id}", user)
-
-          expect(response).to have_http_status(200)
-          expect(json_response['id']).to eq(group_runner.id)
-        end
-      end
-    end
-
     context 'other authorized user' do
       it "does not return project runner's details" do
         get api("/runners/#{project_runner.id}", user2)
 
         expect(response).to have_http_status(403)
       end
-
-      it "does not return group runner's details" do
-        get api("/runners/#{group_runner.id}", user2)
-
-        expect(response).to have_gitlab_http_status(403)
-      end
     end
 
     context 'unauthorized user' do
@@ -219,12 +192,6 @@ describe API::Runners do
 
         expect(response).to have_http_status(401)
       end
-
-      it "does not return group runner's details" do
-        get api("/runners/#{group_runner.id}")
-
-        expect(response).to have_gitlab_http_status(401)
-      end
     end
   end
 
@@ -301,12 +268,6 @@ describe API::Runners do
           expect(response).to have_http_status(403)
         end
 
-        it 'does not update group runner without access to it' do
-          put api("/runners/#{group_runner.id}", user2), description: 'test'
-
-          expect(response).to have_gitlab_http_status(403)
-        end
-
         it 'updates project runner with access to it' do
           description = project_runner.description
           put api("/runners/#{project_runner.id}", admin), description: 'test'
@@ -316,16 +277,6 @@ describe API::Runners do
           expect(project_runner.description).to eq('test')
           expect(project_runner.description).not_to eq(description)
         end
-
-        it 'updates group runner with access to it' do
-          description = group_runner.description
-          put api("/runners/#{group_runner.id}", admin), description: 'test'
-          group_runner.reload
-
-          expect(response).to have_gitlab_http_status(200)
-          expect(group_runner.description).to eq('test')
-          expect(group_runner.description).not_to eq(description)
-        end
       end
     end
 
@@ -335,12 +286,6 @@ describe API::Runners do
 
         expect(response).to have_http_status(401)
       end
-
-      it 'does not delete group runner' do
-        put api("/runners/#{group_runner.id}")
-
-        expect(response).to have_gitlab_http_status(401)
-      end
     end
   end
 
@@ -376,14 +321,6 @@ describe API::Runners do
             expect(response).to have_http_status(204)
           end.to change { Ci::Runner.specific.count }.by(-1)
         end
-
-        it 'deletes used group runner' do
-          expect do
-            delete api("/runners/#{group_runner.id}", admin)
-
-            expect(response).to have_gitlab_http_status(204)
-          end.to change { Ci::Runner.specific.count }.by(-1)
-        end
       end
 
       it 'returns 404 if runner does not exists' do
@@ -420,14 +357,6 @@ describe API::Runners do
           end.to change { Ci::Runner.specific.count }.by(-1)
         end
 
-        it 'deletes group runner for one owned group' do
-          expect do
-            delete api("/runners/#{group_runner.id}", user)
-
-            expect(response).to have_gitlab_http_status(204)
-          end.to change { Ci::Runner.specific.count }.by(-1)
-        end
-
         it_behaves_like '412 response' do
           let(:request) { api("/runners/#{project_runner.id}", user) }
         end
@@ -440,12 +369,6 @@ describe API::Runners do
 
         expect(response).to have_http_status(401)
       end
-
-      it 'does not delete group runner' do
-        delete api("/runners/#{group_runner.id}")
-
-        expect(response).to have_gitlab_http_status(401)
-      end
     end
   end
 

From f48f40bf267fd0f35ba09fd3b8f30e17c0789327 Mon Sep 17 00:00:00 2001
From: Jose <jivanvl@hotmail.com>
Date: Mon, 30 Apr 2018 16:24:47 -0500
Subject: [PATCH 068/129] Add variables table to the new pipeline form

---
 .../pages/projects/pipelines/new/index.js      |  6 ++++++
 app/views/projects/pipelines/new.html.haml     | 18 ++++++++++++++----
 2 files changed, 20 insertions(+), 4 deletions(-)

diff --git a/app/assets/javascripts/pages/projects/pipelines/new/index.js b/app/assets/javascripts/pages/projects/pipelines/new/index.js
index 9aa8945e268..b0b077a5e4c 100644
--- a/app/assets/javascripts/pages/projects/pipelines/new/index.js
+++ b/app/assets/javascripts/pages/projects/pipelines/new/index.js
@@ -1,6 +1,12 @@
 import $ from 'jquery';
 import NewBranchForm from '~/new_branch_form';
+import setupNativeFormVariableList from '~/ci_variable_list/native_form_variable_list';
 
 document.addEventListener('DOMContentLoaded', () => {
   new NewBranchForm($('.js-new-pipeline-form')); // eslint-disable-line no-new
+
+  setupNativeFormVariableList({
+    container: $('.js-ci-variable-list-section'),
+    formField: 'variables_attributes',
+  });
 });
diff --git a/app/views/projects/pipelines/new.html.haml b/app/views/projects/pipelines/new.html.haml
index 8f2142af2ce..61b470a0c75 100644
--- a/app/views/projects/pipelines/new.html.haml
+++ b/app/views/projects/pipelines/new.html.haml
@@ -1,5 +1,6 @@
 - breadcrumb_title "Pipelines"
 - page_title = s_("Pipeline|Run Pipeline")
+- settings_link = link_to _('CI/CD settings'), project_settings_ci_cd_path(@project)
 
 %h3.page-title
   = s_("Pipeline|Run Pipeline")
@@ -8,17 +9,26 @@
 = form_for @pipeline, as: :pipeline, url: project_pipelines_path(@project), html: { id: "new-pipeline-form", class: "form-horizontal js-new-pipeline-form js-requires-input" } do |f|
   = form_errors(@pipeline)
   .form-group
-    = f.label :ref, s_('Pipeline|Run on'), class: 'control-label'
-    .col-sm-10
+    .col-sm-12
+      = f.label :ref, s_('Pipeline|Create for')
       = hidden_field_tag 'pipeline[ref]', params[:ref] || @project.default_branch
       = dropdown_tag(params[:ref] || @project.default_branch,
                      options: { toggle_class: 'js-branch-select wide git-revision-dropdown-toggle',
                                 filter: true, dropdown_class: "dropdown-menu-selectable git-revision-dropdown", placeholder: s_("Pipeline|Search branches"),
                                 data: { selected: params[:ref] || @project.default_branch, field_name: 'pipeline[ref]' } })
       .help-block
-        = s_("Pipeline|Existing branch name, tag")
+        = s_("Pipeline|Existing branch name or tag")
+
+    .col-sm-12.prepend-top-10.js-ci-variable-list-section
+      %label.label-light
+        = s_('Pipeline|Variables')
+      .help-block
+        = (s_("Pipeline|Specify variable values to be used in this run. The values specified in %{settings_link} will be used by default") % {settings_link: settings_link}).html_safe
+      %ul.ci-variable-list
+        = render 'ci/variables/variable_row', form_field: 'pipeline', only_key_value: true
+
   .form-actions
-    = f.submit s_('Pipeline|Run pipeline'), class: 'btn btn-success', tabindex: 3
+    = f.submit s_('Pipeline|Create pipeline'), class: 'btn btn-success js-variables-save-button', tabindex: 3
     = link_to 'Cancel', project_pipelines_path(@project), class: 'btn btn-default pull-right'
 
 -# haml-lint:disable InlineJavaScript

From 36cdd1e7179aedee7af42d100a208fc1c01e6c63 Mon Sep 17 00:00:00 2001
From: Dylan Griffith <dyl.griffith@gmail.com>
Date: Tue, 1 May 2018 13:11:57 +0400
Subject: [PATCH 069/129] Use group_type? where possible during transition
 period

---
 app/services/ci/register_job_service.rb       | 2 +-
 app/views/admin/runners/_runner.html.haml     | 4 ++--
 app/views/admin/runners/show.html.haml        | 2 +-
 spec/services/ci/register_job_service_spec.rb | 2 +-
 4 files changed, 5 insertions(+), 5 deletions(-)

diff --git a/app/services/ci/register_job_service.rb b/app/services/ci/register_job_service.rb
index 138bab88059..8f8a5fbb2b0 100644
--- a/app/services/ci/register_job_service.rb
+++ b/app/services/ci/register_job_service.rb
@@ -17,7 +17,7 @@ module Ci
       builds =
         if runner.shared?
           builds_for_shared_runner
-        elsif runner.assigned_to_group?
+        elsif runner.group_type?
           builds_for_group_runner
         else
           builds_for_project_runner
diff --git a/app/views/admin/runners/_runner.html.haml b/app/views/admin/runners/_runner.html.haml
index 6670ba6aa89..6e76e7c2768 100644
--- a/app/views/admin/runners/_runner.html.haml
+++ b/app/views/admin/runners/_runner.html.haml
@@ -2,7 +2,7 @@
   %td
     - if runner.shared?
       %span.label.label-success shared
-    - elsif runner.assigned_to_group?
+    - elsif runner.group_type?
       %span.label.label-success group
     - else
       %span.label.label-info specific
@@ -21,7 +21,7 @@
   %td
     = runner.ip_address
   %td
-    - if runner.shared? || runner.assigned_to_group?
+    - if runner.shared? || runner.group_type?
       n/a
     - else
       = runner.projects.count(:all)
diff --git a/app/views/admin/runners/show.html.haml b/app/views/admin/runners/show.html.haml
index ab2c9ad1e57..3b5fedfb058 100644
--- a/app/views/admin/runners/show.html.haml
+++ b/app/views/admin/runners/show.html.haml
@@ -19,7 +19,7 @@
     %p
       If you want Runners to build only specific projects, enable them in the table below.
       Keep in mind that this is a one way transition.
-- elsif @runner.assigned_to_group?
+- elsif @runner.group_type?
   .bs-callout.bs-callout-success
     %h4 This runner will process jobs from all projects in its group and subgroups
 - else
diff --git a/spec/services/ci/register_job_service_spec.rb b/spec/services/ci/register_job_service_spec.rb
index 7d3c43eeaf7..256d0027d72 100644
--- a/spec/services/ci/register_job_service_spec.rb
+++ b/spec/services/ci/register_job_service_spec.rb
@@ -8,7 +8,7 @@ module Ci
     let!(:pending_job) { create :ci_build, pipeline: pipeline }
     let!(:shared_runner) { create :ci_runner, is_shared: true }
     let!(:specific_runner) { create :ci_runner, is_shared: false }
-    let!(:group_runner) { create :ci_runner, groups: [group] }
+    let!(:group_runner) { create :ci_runner, groups: [group], runner_type: :group_type }
 
     before do
       specific_runner.assign_to(project)

From 7e0325896081152e7dd5033342ee4f1b485a76ea Mon Sep 17 00:00:00 2001
From: Dylan Griffith <dyl.griffith@gmail.com>
Date: Tue, 1 May 2018 13:22:25 +0400
Subject: [PATCH 070/129] Remove N+1 query from
 app/views/projects/runners/_runner.html.haml

---
 app/views/projects/runners/_runner.html.haml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/app/views/projects/runners/_runner.html.haml b/app/views/projects/runners/_runner.html.haml
index d2598f3be07..385e2f8d1c2 100644
--- a/app/views/projects/runners/_runner.html.haml
+++ b/app/views/projects/runners/_runner.html.haml
@@ -26,7 +26,7 @@
         - else
           - runner_project = @project.runner_projects.find_by(runner_id: runner)
           = link_to 'Disable for this project', project_runner_project_path(@project, runner_project), data: { confirm: "Are you sure?" }, method: :delete, class: 'btn btn-danger btn-sm'
-      - elsif runner.assigned_to_project?
+      - elsif !(runner.is_shared? || runner.group_type?)
         = form_for [@project.namespace.becomes(Namespace), @project, @project.runner_projects.new] do |f|
           = f.hidden_field :runner_id, value: runner.id
           = f.submit 'Enable for this project', class: 'btn btn-sm'

From b7b823246602d6821f1773274ee6017c9f46e93f Mon Sep 17 00:00:00 2001
From: Dylan Griffith <dyl.griffith@gmail.com>
Date: Tue, 1 May 2018 13:26:18 +0400
Subject: [PATCH 071/129] Simplify AddCiRunnerGroups migration

---
 .../20170301101006_add_ci_runner_groups.rb       | 16 ++++++----------
 db/schema.rb                                     |  4 ++--
 2 files changed, 8 insertions(+), 12 deletions(-)

diff --git a/db/migrate/20170301101006_add_ci_runner_groups.rb b/db/migrate/20170301101006_add_ci_runner_groups.rb
index 1c4430981a9..558e4d08b8f 100644
--- a/db/migrate/20170301101006_add_ci_runner_groups.rb
+++ b/db/migrate/20170301101006_add_ci_runner_groups.rb
@@ -5,19 +5,15 @@ class AddCiRunnerGroups < ActiveRecord::Migration
 
   disable_ddl_transaction!
 
-  def up
+  def change
     create_table :ci_runner_groups do |t|
       t.integer :runner_id
       t.integer :group_id
+
+      t.index [:runner_id, :group_id], unique: true
+      t.index :group_id
+      t.foreign_key :ci_runners, column: :runner_id, on_delete: :cascade
+      t.foreign_key :namespaces, column: :group_id, on_delete: :cascade
     end
-
-    add_concurrent_index :ci_runner_groups, :group_id
-    add_concurrent_index :ci_runner_groups, [:runner_id, :group_id], unique: true
-    add_concurrent_foreign_key :ci_runner_groups, :ci_runners, column: :runner_id, on_delete: :cascade
-    add_concurrent_foreign_key :ci_runner_groups, :namespaces, column: :group_id, on_delete: :cascade
-  end
-
-  def down
-    drop_table :ci_runner_groups
   end
 end
diff --git a/db/schema.rb b/db/schema.rb
index 4a541b3ac81..88e9b3bd65b 100644
--- a/db/schema.rb
+++ b/db/schema.rb
@@ -2096,8 +2096,8 @@ ActiveRecord::Schema.define(version: 20180430143705) do
   add_foreign_key "ci_pipelines", "ci_pipeline_schedules", column: "pipeline_schedule_id", name: "fk_3d34ab2e06", on_delete: :nullify
   add_foreign_key "ci_pipelines", "ci_pipelines", column: "auto_canceled_by_id", name: "fk_262d4c2d19", on_delete: :nullify
   add_foreign_key "ci_pipelines", "projects", name: "fk_86635dbd80", on_delete: :cascade
-  add_foreign_key "ci_runner_groups", "ci_runners", column: "runner_id", name: "fk_d8a0baa93b", on_delete: :cascade
-  add_foreign_key "ci_runner_groups", "namespaces", column: "group_id", name: "fk_cdafb3bbba", on_delete: :cascade
+  add_foreign_key "ci_runner_groups", "ci_runners", column: "runner_id", on_delete: :cascade
+  add_foreign_key "ci_runner_groups", "namespaces", column: "group_id", on_delete: :cascade
   add_foreign_key "ci_runner_projects", "projects", name: "fk_4478a6f1e4", on_delete: :cascade
   add_foreign_key "ci_stages", "ci_pipelines", column: "pipeline_id", name: "fk_fb57e6cc56", on_delete: :cascade
   add_foreign_key "ci_stages", "projects", name: "fk_2360681d1d", on_delete: :cascade

From 0e5c1a89f0b6ecf88fc340194d292fccbde99782 Mon Sep 17 00:00:00 2001
From: Dylan Griffith <dyl.griffith@gmail.com>
Date: Tue, 1 May 2018 13:44:35 +0400
Subject: [PATCH 072/129] Fix spec/features/admin/admin_runners_spec.rb + test
 style improvements

---
 .../settings/ci_cd_controller_spec.rb         | 20 ++++++++++++-------
 spec/features/admin/admin_runners_spec.rb     |  6 +++---
 spec/models/ci/runner_spec.rb                 |  8 ++++----
 3 files changed, 20 insertions(+), 14 deletions(-)

diff --git a/spec/controllers/projects/settings/ci_cd_controller_spec.rb b/spec/controllers/projects/settings/ci_cd_controller_spec.rb
index 1cf395b0328..a91c868cbaf 100644
--- a/spec/controllers/projects/settings/ci_cd_controller_spec.rb
+++ b/spec/controllers/projects/settings/ci_cd_controller_spec.rb
@@ -18,15 +18,21 @@ describe Projects::Settings::CiCdController do
       expect(response).to render_template(:show)
     end
 
-    it 'sets assignable project runners' do
-      group = create(:group, runners: [create(:ci_runner)], parent: create(:group))
-      group.add_master(user)
-      project_runner = create(:ci_runner, projects: [create(:project, group: group)])
-      create(:ci_runner, :shared)
+    context 'with group runners' do
+      let(:group_runner) { create(:ci_runner) }
+      let(:parent_group) { create(:group) }
+      let(:group) { create(:group, runners: [group_runner], parent: parent_group) }
+      let(:other_project) { create(:project, group: group) }
+      let!(:project_runner) { create(:ci_runner, projects: [other_project]) }
+      let!(:shared_runner) { create(:ci_runner, :shared) }
 
-      get :show, namespace_id: project.namespace, project_id: project
+      it 'sets assignable project runners only' do
+        group.add_master(user)
 
-      expect(assigns(:assignable_runners)).to eq [project_runner]
+        get :show, namespace_id: project.namespace, project_id: project
+
+        expect(assigns(:assignable_runners)).to eq [project_runner]
+      end
     end
   end
 
diff --git a/spec/features/admin/admin_runners_spec.rb b/spec/features/admin/admin_runners_spec.rb
index b0aa2e8b588..3465ccfc423 100644
--- a/spec/features/admin/admin_runners_spec.rb
+++ b/spec/features/admin/admin_runners_spec.rb
@@ -61,10 +61,10 @@ describe "Admin Runners" do
     end
 
     context 'group runner' do
-      it 'shows the label and does not show the project count' do
-        group = create :group
-        runner = create :ci_runner, groups: [group]
+      let(:group) { create(:group) }
+      let!(:runner) { create(:ci_runner, groups: [group], runner_type: :group_type) }
 
+      it 'shows the label and does not show the project count' do
         visit admin_runners_path
 
         within "#runner_#{runner.id}" do
diff --git a/spec/models/ci/runner_spec.rb b/spec/models/ci/runner_spec.rb
index fb9dcce9a7c..fa540f8d4fd 100644
--- a/spec/models/ci/runner_spec.rb
+++ b/spec/models/ci/runner_spec.rb
@@ -21,8 +21,9 @@ describe Ci::Runner do
     end
 
     context 'either_projects_or_group' do
+      let(:group) { create(:group) }
+
       it 'disallows assigning to a group if already assigned to a group' do
-        group = create(:group)
         runner = create(:ci_runner, groups: [group])
 
         runner.groups << build(:group)
@@ -42,7 +43,6 @@ describe Ci::Runner do
       end
 
       it 'disallows assigning to a project if already assigned to a group' do
-        group = create(:group)
         runner = create(:ci_runner, groups: [group])
 
         runner.projects << build(:project)
@@ -189,9 +189,9 @@ describe Ci::Runner do
       # globally shared
       shared_runner = create :ci_runner, :shared
 
-      expect(described_class.owned_or_shared(project.id)).to match_array [
+      expect(described_class.owned_or_shared(project.id)).to contain_exactly(
         group_runner, project_runner, shared_runner
-      ]
+      )
     end
   end
 

From 00328abbb1974f9599361daea72196de77afd387 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Matija=20=C4=8Cupi=C4=87?= <matteeyah@gmail.com>
Date: Wed, 2 May 2018 16:06:47 +0200
Subject: [PATCH 073/129] Update feature spec to search for Create pipeline
 button

---
 spec/features/projects/pipelines/pipelines_spec.rb | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/spec/features/projects/pipelines/pipelines_spec.rb b/spec/features/projects/pipelines/pipelines_spec.rb
index 705ba78a0b7..b4374323a50 100644
--- a/spec/features/projects/pipelines/pipelines_spec.rb
+++ b/spec/features/projects/pipelines/pipelines_spec.rb
@@ -517,7 +517,7 @@ describe 'Pipelines', :js do
           end
 
           it 'creates a new pipeline' do
-            expect { click_on 'Run pipeline' }
+            expect { click_on 'Create pipeline' }
               .to change { Ci::Pipeline.count }.by(1)
 
             expect(Ci::Pipeline.last).to be_web
@@ -526,7 +526,7 @@ describe 'Pipelines', :js do
 
         context 'without gitlab-ci.yml' do
           before do
-            click_on 'Run pipeline'
+            click_on 'Create pipeline'
           end
 
           it { expect(page).to have_content('Missing .gitlab-ci.yml file') }
@@ -539,7 +539,7 @@ describe 'Pipelines', :js do
               click_link 'master'
             end
 
-            expect { click_on 'Run pipeline' }
+            expect { click_on 'Create pipeline' }
               .to change { Ci::Pipeline.count }.by(1)
           end
         end

From e21aa8905f68a309a8888a26955491fb654f92cc Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Matija=20=C4=8Cupi=C4=87?= <matteeyah@gmail.com>
Date: Wed, 2 May 2018 16:07:57 +0200
Subject: [PATCH 074/129] Add CHANGELOG

---
 ...ariables-when-executing-a-manual-pipeline-from-the-ui.yml | 5 +++++
 1 file changed, 5 insertions(+)
 create mode 100644 changelogs/unreleased/44059-specify-variables-when-executing-a-manual-pipeline-from-the-ui.yml

diff --git a/changelogs/unreleased/44059-specify-variables-when-executing-a-manual-pipeline-from-the-ui.yml b/changelogs/unreleased/44059-specify-variables-when-executing-a-manual-pipeline-from-the-ui.yml
new file mode 100644
index 00000000000..8854eeb5fba
--- /dev/null
+++ b/changelogs/unreleased/44059-specify-variables-when-executing-a-manual-pipeline-from-the-ui.yml
@@ -0,0 +1,5 @@
+---
+title: Enable specifying variables when executing a manual pipeline
+merge_request: 18440
+author:
+type: changed

From d03cd7b40a15b1b92717cbe9de42107d84ff0a36 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Matija=20=C4=8Cupi=C4=87?= <matteeyah@gmail.com>
Date: Wed, 2 May 2018 16:26:01 +0200
Subject: [PATCH 075/129] Search for "Create for" in feature spec

---
 spec/features/projects/pipelines/pipelines_spec.rb | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/spec/features/projects/pipelines/pipelines_spec.rb b/spec/features/projects/pipelines/pipelines_spec.rb
index b4374323a50..6e63e0f0b49 100644
--- a/spec/features/projects/pipelines/pipelines_spec.rb
+++ b/spec/features/projects/pipelines/pipelines_spec.rb
@@ -557,7 +557,7 @@ describe 'Pipelines', :js do
         it 'has field to add a new pipeline' do
           expect(page).to have_selector('.js-branch-select')
           expect(find('.js-branch-select')).to have_content project.default_branch
-          expect(page).to have_content('Run on')
+          expect(page).to have_content('Create for')
         end
       end
 

From 2261188f48dff25c5bfbbca739c5f570849155f4 Mon Sep 17 00:00:00 2001
From: Dylan Griffith <dyl.griffith@gmail.com>
Date: Wed, 2 May 2018 16:42:12 +0200
Subject: [PATCH 076/129] Rename Runner#invalidate_build_cache ->
 Runner#pick_build

---
 app/models/ci/runner.rb                       | 2 +-
 app/services/ci/update_build_queue_service.rb | 2 +-
 spec/models/ci/runner_spec.rb                 | 6 +++---
 3 files changed, 5 insertions(+), 5 deletions(-)

diff --git a/app/models/ci/runner.rb b/app/models/ci/runner.rb
index cdd28407172..4d4aff4c830 100644
--- a/app/models/ci/runner.rb
+++ b/app/models/ci/runner.rb
@@ -205,7 +205,7 @@ module Ci
       end
     end
 
-    def invalidate_build_cache!(build)
+    def pick_build!(build)
       if can_pick?(build)
         tick_runner_queue
       end
diff --git a/app/services/ci/update_build_queue_service.rb b/app/services/ci/update_build_queue_service.rb
index 674782df00e..41b1c144c3e 100644
--- a/app/services/ci/update_build_queue_service.rb
+++ b/app/services/ci/update_build_queue_service.rb
@@ -8,7 +8,7 @@ module Ci
 
     def tick_for(build, runners)
       runners.each do |runner|
-        runner.invalidate_build_cache!(build)
+        runner.pick_build!(build)
       end
     end
   end
diff --git a/spec/models/ci/runner_spec.rb b/spec/models/ci/runner_spec.rb
index fa540f8d4fd..6ad37417623 100644
--- a/spec/models/ci/runner_spec.rb
+++ b/spec/models/ci/runner_spec.rb
@@ -792,7 +792,7 @@ describe Ci::Runner do
     end
   end
 
-  describe '#invalidate_build_cache!' do
+  describe '#pick_build!' do
     context 'runner can pick the build' do
       it 'calls #tick_runner_queue' do
         ci_build = build :ci_build
@@ -801,7 +801,7 @@ describe Ci::Runner do
 
         expect(runner).to receive(:tick_runner_queue)
 
-        runner.invalidate_build_cache!(ci_build)
+        runner.pick_build!(ci_build)
       end
     end
 
@@ -813,7 +813,7 @@ describe Ci::Runner do
 
         expect(runner).not_to receive(:tick_runner_queue)
 
-        runner.invalidate_build_cache!(ci_build)
+        runner.pick_build!(ci_build)
       end
     end
   end

From 0970e7b9608d6ada1c0fe45242ea092ea91068aa Mon Sep 17 00:00:00 2001
From: Dylan Griffith <dyl.griffith@gmail.com>
Date: Wed, 2 May 2018 17:43:20 +0200
Subject: [PATCH 077/129] Rename RunnerGroup -> RunnerNamespace

---
 app/models/ci/runner.rb                       |  6 +++---
 app/models/ci/runner_group.rb                 |  8 --------
 app/models/ci/runner_namespace.rb             |  9 +++++++++
 app/models/group.rb                           |  2 --
 app/models/namespace.rb                       |  3 +++
 .../20170301101006_add_ci_runner_groups.rb    | 19 -------------------
 ...20170301101006_add_ci_runner_namespaces.rb | 19 +++++++++++++++++++
 db/schema.rb                                  | 12 ++++++------
 8 files changed, 40 insertions(+), 38 deletions(-)
 delete mode 100644 app/models/ci/runner_group.rb
 create mode 100644 app/models/ci/runner_namespace.rb
 delete mode 100644 db/migrate/20170301101006_add_ci_runner_groups.rb
 create mode 100644 db/migrate/20170301101006_add_ci_runner_namespaces.rb

diff --git a/app/models/ci/runner.rb b/app/models/ci/runner.rb
index 4d4aff4c830..0b47b71a267 100644
--- a/app/models/ci/runner.rb
+++ b/app/models/ci/runner.rb
@@ -14,8 +14,8 @@ module Ci
     has_many :builds
     has_many :runner_projects, dependent: :destroy # rubocop:disable Cop/ActiveRecordDependent
     has_many :projects, through: :runner_projects
-    has_many :runner_groups
-    has_many :groups, through: :runner_groups
+    has_many :runner_namespaces
+    has_many :groups, through: :runner_namespaces
 
     has_one :last_build, ->() { order('id DESC') }, class_name: 'Ci::Build'
 
@@ -144,7 +144,7 @@ module Ci
     end
 
     def assigned_to_group?
-      runner_groups.any?
+      runner_namespaces.any?
     end
 
     def assigned_to_project?
diff --git a/app/models/ci/runner_group.rb b/app/models/ci/runner_group.rb
deleted file mode 100644
index 87f3ba13bff..00000000000
--- a/app/models/ci/runner_group.rb
+++ /dev/null
@@ -1,8 +0,0 @@
-module Ci
-  class RunnerGroup < ActiveRecord::Base
-    extend Gitlab::Ci::Model
-
-    belongs_to :runner
-    belongs_to :group, class_name: '::Group'
-  end
-end
diff --git a/app/models/ci/runner_namespace.rb b/app/models/ci/runner_namespace.rb
new file mode 100644
index 00000000000..3269f86e8ca
--- /dev/null
+++ b/app/models/ci/runner_namespace.rb
@@ -0,0 +1,9 @@
+module Ci
+  class RunnerNamespace < ActiveRecord::Base
+    extend Gitlab::Ci::Model
+
+    belongs_to :runner
+    belongs_to :namespace, class_name: '::Namespace'
+    belongs_to :group, class_name: '::Group', foreign_key: :namespace_id
+  end
+end
diff --git a/app/models/group.rb b/app/models/group.rb
index f21008e5f75..f493836a92e 100644
--- a/app/models/group.rb
+++ b/app/models/group.rb
@@ -29,8 +29,6 @@ class Group < Namespace
   has_many :labels, class_name: 'GroupLabel'
   has_many :variables, class_name: 'Ci::GroupVariable'
   has_many :custom_attributes, class_name: 'GroupCustomAttribute'
-  has_many :runner_groups, class_name: 'Ci::RunnerGroup'
-  has_many :runners, through: :runner_groups, source: :runner, class_name: 'Ci::Runner'
 
   has_many :uploads, as: :model, dependent: :destroy # rubocop:disable Cop/ActiveRecordDependent
 
diff --git a/app/models/namespace.rb b/app/models/namespace.rb
index c29a53e5ce7..5621eeba7c4 100644
--- a/app/models/namespace.rb
+++ b/app/models/namespace.rb
@@ -21,6 +21,9 @@ class Namespace < ActiveRecord::Base
   has_many :projects, dependent: :destroy # rubocop:disable Cop/ActiveRecordDependent
   has_many :project_statistics
 
+  has_many :runner_namespaces, class_name: 'Ci::RunnerNamespace'
+  has_many :runners, through: :runner_namespaces, source: :runner, class_name: 'Ci::Runner'
+
   # This should _not_ be `inverse_of: :namespace`, because that would also set
   # `user.namespace` when this user creates a group with themselves as `owner`.
   belongs_to :owner, class_name: "User"
diff --git a/db/migrate/20170301101006_add_ci_runner_groups.rb b/db/migrate/20170301101006_add_ci_runner_groups.rb
deleted file mode 100644
index 558e4d08b8f..00000000000
--- a/db/migrate/20170301101006_add_ci_runner_groups.rb
+++ /dev/null
@@ -1,19 +0,0 @@
-class AddCiRunnerGroups < ActiveRecord::Migration
-  include Gitlab::Database::MigrationHelpers
-
-  DOWNTIME = false
-
-  disable_ddl_transaction!
-
-  def change
-    create_table :ci_runner_groups do |t|
-      t.integer :runner_id
-      t.integer :group_id
-
-      t.index [:runner_id, :group_id], unique: true
-      t.index :group_id
-      t.foreign_key :ci_runners, column: :runner_id, on_delete: :cascade
-      t.foreign_key :namespaces, column: :group_id, on_delete: :cascade
-    end
-  end
-end
diff --git a/db/migrate/20170301101006_add_ci_runner_namespaces.rb b/db/migrate/20170301101006_add_ci_runner_namespaces.rb
new file mode 100644
index 00000000000..7e7df2f4d22
--- /dev/null
+++ b/db/migrate/20170301101006_add_ci_runner_namespaces.rb
@@ -0,0 +1,19 @@
+class AddCiRunnerNamespaces < ActiveRecord::Migration
+  include Gitlab::Database::MigrationHelpers
+
+  DOWNTIME = false
+
+  disable_ddl_transaction!
+
+  def change
+    create_table :ci_runner_namespaces do |t|
+      t.integer :runner_id
+      t.integer :namespace_id
+
+      t.index [:runner_id, :namespace_id], unique: true
+      t.index :namespace_id
+      t.foreign_key :ci_runners, column: :runner_id, on_delete: :cascade
+      t.foreign_key :namespaces, column: :namespace_id, on_delete: :cascade
+    end
+  end
+end
diff --git a/db/schema.rb b/db/schema.rb
index 88e9b3bd65b..ef9d299580b 100644
--- a/db/schema.rb
+++ b/db/schema.rb
@@ -443,13 +443,13 @@ ActiveRecord::Schema.define(version: 20180430143705) do
   add_index "ci_pipelines", ["status"], name: "index_ci_pipelines_on_status", using: :btree
   add_index "ci_pipelines", ["user_id"], name: "index_ci_pipelines_on_user_id", using: :btree
 
-  create_table "ci_runner_groups", force: :cascade do |t|
+  create_table "ci_runner_namespaces", force: :cascade do |t|
     t.integer "runner_id"
-    t.integer "group_id"
+    t.integer "namespace_id"
   end
 
-  add_index "ci_runner_groups", ["group_id"], name: "index_ci_runner_groups_on_group_id", using: :btree
-  add_index "ci_runner_groups", ["runner_id", "group_id"], name: "index_ci_runner_groups_on_runner_id_and_group_id", unique: true, using: :btree
+  add_index "ci_runner_namespaces", ["namespace_id"], name: "index_ci_runner_namespaces_on_namespace_id", using: :btree
+  add_index "ci_runner_namespaces", ["runner_id", "namespace_id"], name: "index_ci_runner_namespaces_on_runner_id_and_namespace_id", unique: true, using: :btree
 
   create_table "ci_runner_projects", force: :cascade do |t|
     t.integer "runner_id", null: false
@@ -2096,8 +2096,8 @@ ActiveRecord::Schema.define(version: 20180430143705) do
   add_foreign_key "ci_pipelines", "ci_pipeline_schedules", column: "pipeline_schedule_id", name: "fk_3d34ab2e06", on_delete: :nullify
   add_foreign_key "ci_pipelines", "ci_pipelines", column: "auto_canceled_by_id", name: "fk_262d4c2d19", on_delete: :nullify
   add_foreign_key "ci_pipelines", "projects", name: "fk_86635dbd80", on_delete: :cascade
-  add_foreign_key "ci_runner_groups", "ci_runners", column: "runner_id", on_delete: :cascade
-  add_foreign_key "ci_runner_groups", "namespaces", column: "group_id", on_delete: :cascade
+  add_foreign_key "ci_runner_namespaces", "ci_runners", column: "runner_id", on_delete: :cascade
+  add_foreign_key "ci_runner_namespaces", "namespaces", column: "group_id", on_delete: :cascade
   add_foreign_key "ci_runner_projects", "projects", name: "fk_4478a6f1e4", on_delete: :cascade
   add_foreign_key "ci_stages", "ci_pipelines", column: "pipeline_id", name: "fk_fb57e6cc56", on_delete: :cascade
   add_foreign_key "ci_stages", "projects", name: "fk_2360681d1d", on_delete: :cascade

From d188c7a26f0c9abf3bf04a8ae48dc3bebda6d169 Mon Sep 17 00:00:00 2001
From: Dylan Griffith <dyl.griffith@gmail.com>
Date: Thu, 3 May 2018 08:16:31 +0200
Subject: [PATCH 078/129] Fix db/schema.rb for add_foreign_key
 ci_runner_namespaces namespace_id

---
 db/schema.rb | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/db/schema.rb b/db/schema.rb
index ef9d299580b..1806eeed80e 100644
--- a/db/schema.rb
+++ b/db/schema.rb
@@ -2097,7 +2097,7 @@ ActiveRecord::Schema.define(version: 20180430143705) do
   add_foreign_key "ci_pipelines", "ci_pipelines", column: "auto_canceled_by_id", name: "fk_262d4c2d19", on_delete: :nullify
   add_foreign_key "ci_pipelines", "projects", name: "fk_86635dbd80", on_delete: :cascade
   add_foreign_key "ci_runner_namespaces", "ci_runners", column: "runner_id", on_delete: :cascade
-  add_foreign_key "ci_runner_namespaces", "namespaces", column: "group_id", on_delete: :cascade
+  add_foreign_key "ci_runner_namespaces", "namespaces", column: "namespace_id", on_delete: :cascade
   add_foreign_key "ci_runner_projects", "projects", name: "fk_4478a6f1e4", on_delete: :cascade
   add_foreign_key "ci_stages", "ci_pipelines", column: "pipeline_id", name: "fk_fb57e6cc56", on_delete: :cascade
   add_foreign_key "ci_stages", "projects", name: "fk_2360681d1d", on_delete: :cascade

From 80bcb376caafe9b5b1cf33e850df71a207510285 Mon Sep 17 00:00:00 2001
From: Dylan Griffith <dyl.griffith@gmail.com>
Date: Thu, 3 May 2018 08:46:58 +0200
Subject: [PATCH 079/129] Again fix db/schema.rb for ci_runner_namespaces

---
 db/schema.rb | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/db/schema.rb b/db/schema.rb
index 1806eeed80e..8e79469d956 100644
--- a/db/schema.rb
+++ b/db/schema.rb
@@ -2097,7 +2097,7 @@ ActiveRecord::Schema.define(version: 20180430143705) do
   add_foreign_key "ci_pipelines", "ci_pipelines", column: "auto_canceled_by_id", name: "fk_262d4c2d19", on_delete: :nullify
   add_foreign_key "ci_pipelines", "projects", name: "fk_86635dbd80", on_delete: :cascade
   add_foreign_key "ci_runner_namespaces", "ci_runners", column: "runner_id", on_delete: :cascade
-  add_foreign_key "ci_runner_namespaces", "namespaces", column: "namespace_id", on_delete: :cascade
+  add_foreign_key "ci_runner_namespaces", "namespaces", on_delete: :cascade
   add_foreign_key "ci_runner_projects", "projects", name: "fk_4478a6f1e4", on_delete: :cascade
   add_foreign_key "ci_stages", "ci_pipelines", column: "pipeline_id", name: "fk_fb57e6cc56", on_delete: :cascade
   add_foreign_key "ci_stages", "projects", name: "fk_2360681d1d", on_delete: :cascade

From 1f7f29b7321c9cba5526ab991246f3178330b9cd Mon Sep 17 00:00:00 2001
From: Dylan Griffith <dyl.griffith@gmail.com>
Date: Thu, 3 May 2018 08:47:41 +0200
Subject: [PATCH 080/129] Style changes to spec/models/ci/runner_spec.rb

---
 spec/models/ci/runner_spec.rb | 70 +++++++++++++++++------------------
 1 file changed, 35 insertions(+), 35 deletions(-)

diff --git a/spec/models/ci/runner_spec.rb b/spec/models/ci/runner_spec.rb
index 6ad37417623..744972deb4d 100644
--- a/spec/models/ci/runner_spec.rb
+++ b/spec/models/ci/runner_spec.rb
@@ -107,16 +107,17 @@ describe Ci::Runner do
   end
 
   describe '.shared' do
+    let(:group) { create(:group) }
+    let(:project) { create(:project) }
+
     it 'returns the shared group runner' do
-      group = create :group
-      runner = create :ci_runner, :shared, groups: [group]
+      runner = create(:ci_runner, :shared, groups: [group])
 
       expect(described_class.shared).to eq [runner]
     end
 
     it 'returns the shared project runner' do
-      project = create :project
-      runner = create :ci_runner, :shared, projects: [project]
+      runner = create(:ci_runner, :shared, projects: [project])
 
       expect(described_class.shared).to eq [runner]
     end
@@ -125,12 +126,12 @@ describe Ci::Runner do
   describe '.belonging_to_project' do
     it 'returns the specific project runner' do
       # own
-      specific_project = create :project
-      specific_runner = create :ci_runner, :specific, projects: [specific_project]
+      specific_project = create(:project)
+      specific_runner = create(:ci_runner, :specific, projects: [specific_project])
 
       # other
-      other_project = create :project
-      create :ci_runner, :specific, projects: [other_project]
+      other_project = create(:project)
+      create(:ci_runner, :specific, projects: [other_project])
 
       expect(described_class.belonging_to_project(specific_project.id)).to eq [specific_runner]
     end
@@ -139,55 +140,54 @@ describe Ci::Runner do
   describe '.belonging_to_any_project' do
     it 'returns the specific project runner' do
       # project
-      project_project = create :project
-      project_runner = create :ci_runner, :specific, projects: [project_project]
+      project_project = create(:project)
+      project_runner = create(:ci_runner, :specific, projects: [project_project])
 
       # group
-      group = create :group
-      create :project, group: group
-      create :ci_runner, :specific, groups: [group]
+      group = create(:group)
+      create(:project, group: group)
+      create(:ci_runner, :specific, groups: [group])
 
       expect(described_class.belonging_to_any_project).to eq [project_runner]
     end
   end
 
   describe '.belonging_to_parent_group_of_project' do
+    let(:project) { create(:project, group: group) }
+    let(:group) { create(:group) }
+    let(:runner) { create(:ci_runner, :specific, groups: [group]) }
+    let!(:unrelated_group) { create(:group) }
+    let!(:unrelated_project) { create(:project, group: unrelated_group) }
+    let!(:unrelated_runner) { create(:ci_runner, :specific, groups: [unrelated_group]) }
+
     it 'returns the specific group runner' do
-      # own
-      specific_group = create :group
-      specific_project = create :project, group: specific_group
-      specific_runner = create :ci_runner, :specific, groups: [specific_group]
-
-      # other
-      other_group = create :group
-      create :project, group: other_group
-      create :ci_runner, :specific, groups: [other_group]
-
-      expect(described_class.belonging_to_parent_group_of_project(specific_project.id)).to eq [specific_runner]
+      expect(described_class.belonging_to_parent_group_of_project(project.id)).to contain_exactly(runner)
     end
 
-    it 'returns the group runner from a parent group', :nested_groups do
-      parent_group = create :group
-      group = create :group, parent: parent_group
-      project = create :project, group: group
-      runner = create :ci_runner, :specific, groups: [parent_group]
+    context 'with a parent group with a runner', :nested_groups do
+      let(:runner) { create(:ci_runner, :specific, groups: [parent_group]) }
+      let(:project) { create(:project, group: group) }
+      let(:group) { create(:group, parent: parent_group) }
+      let(:parent_group) { create(:group) }
 
-      expect(described_class.belonging_to_parent_group_of_project(project.id)).to eq [runner]
+      it 'returns the group runner from the parent group' do
+        expect(described_class.belonging_to_parent_group_of_project(project.id)).to contain_exactly(runner)
+      end
     end
   end
 
   describe '.owned_or_shared' do
     it 'returns a globally shared, a project specific and a group specific runner' do
       # group specific
-      group = create :group
-      project = create :project, group: group
-      group_runner = create :ci_runner, :specific, groups: [group]
+      group = create(:group)
+      project = create(:project, group: group)
+      group_runner = create(:ci_runner, :specific, groups: [group])
 
       # project specific
-      project_runner = create :ci_runner, :specific, projects: [project]
+      project_runner = create(:ci_runner, :specific, projects: [project])
 
       # globally shared
-      shared_runner = create :ci_runner, :shared
+      shared_runner = create(:ci_runner, :shared)
 
       expect(described_class.owned_or_shared(project.id)).to contain_exactly(
         group_runner, project_runner, shared_runner

From a6c9db61779c71fd0a7f0f317fba13f8931ab954 Mon Sep 17 00:00:00 2001
From: Dylan Griffith <dyl.griffith@gmail.com>
Date: Thu, 3 May 2018 09:38:19 +0200
Subject: [PATCH 081/129] More style improvements to
 spec/models/ci/runner_spec.rb

---
 spec/models/ci/runner_spec.rb | 81 +++++++++++++++++------------------
 1 file changed, 40 insertions(+), 41 deletions(-)

diff --git a/spec/models/ci/runner_spec.rb b/spec/models/ci/runner_spec.rb
index 744972deb4d..21d7d616a3c 100644
--- a/spec/models/ci/runner_spec.rb
+++ b/spec/models/ci/runner_spec.rb
@@ -309,7 +309,9 @@ describe Ci::Runner do
   describe '#can_pick?' do
     let(:pipeline) { create(:ci_pipeline) }
     let(:build) { create(:ci_build, pipeline: pipeline) }
-    let(:runner) { create(:ci_runner) }
+    let(:runner) { create(:ci_runner, tag_list: tag_list, run_untagged: run_untagged) }
+    let(:tag_list) { [] }
+    let(:run_untagged) { true }
 
     subject { runner.can_pick?(build) }
 
@@ -319,7 +321,7 @@ describe Ci::Runner do
 
     context 'a different runner' do
       it 'cannot handle builds' do
-        other_runner = create :ci_runner
+        other_runner = create(:ci_runner)
         expect(other_runner.can_pick?(build)).to be_falsey
       end
     end
@@ -337,9 +339,7 @@ describe Ci::Runner do
     end
 
     context 'when runner has tags' do
-      before do
-        runner.tag_list = %w(bb cc)
-      end
+      let(:tag_list) { %w(bb cc) }
 
       shared_examples 'tagged build picker' do
         it 'can handle build with matching tags' do
@@ -364,9 +364,7 @@ describe Ci::Runner do
       end
 
       context 'when runner cannot pick untagged jobs' do
-        before do
-          runner.update_attributes!(run_untagged: false)
-        end
+        let(:run_untagged) { false }
 
         it 'cannot handle builds without tags' do
           expect(runner.can_pick?(build)).to be_falsey
@@ -377,8 +375,9 @@ describe Ci::Runner do
     end
 
     context 'when runner is shared' do
+      let(:runner) { create(:ci_runner, :shared) }
+
       before do
-        runner.update_attributes!(is_shared: true)
         build.project.runners = []
       end
 
@@ -387,9 +386,7 @@ describe Ci::Runner do
       end
 
       context 'when runner is locked' do
-        before do
-          runner.update_attributes!(locked: true)
-        end
+        let(:runner) { create(:ci_runner, :shared, locked: true) }
 
         it 'can handle builds' do
           expect(runner.can_pick?(build)).to be_truthy
@@ -748,55 +745,57 @@ describe Ci::Runner do
     end
   end
 
-  describe 'assigned_to_group?' do
-    it 'returns false when the runner is a project runner' do
-      project = create :project
-      runner = create :ci_runner, description: 'Project runner', projects: [project]
+  describe '#assigned_to_group?' do
+    subject { runner.assigned_to_group? }
 
-      expect(runner.assigned_to_group?).to be false
+    context 'when project runner' do
+      let(:runner) { create(:ci_runner, description: 'Project runner', projects: [project]) }
+      let(:project) { create(:project) }
+
+      it { is_expected.to be_falsey }
     end
 
-    it 'returns false when the runner is a shared runner' do
-      runner = create :ci_runner, :shared, description: 'Shared runner'
+    context 'when shared runner' do
+      let(:runner) { create(:ci_runner, :shared, description: 'Shared runner') }
 
-      expect(runner.assigned_to_group?).to be false
+      it { is_expected.to be_falsey }
     end
 
-    it 'returns true when the runner is assigned to a group' do
-      group = create :group
-      runner = create :ci_runner, description: 'Group runner', groups: [group]
+    context 'when group runner' do
+      let(:group) { create(:group) }
+      let(:runner) { create(:ci_runner, description: 'Group runner', groups: [group]) }
 
-      expect(runner.assigned_to_group?).to be true
+      it { is_expected.to be_truthy }
     end
   end
 
-  describe 'assigned_to_project?' do
-    it 'returns false when the runner is a group prunner' do
-      group = create :group
-      runner = create :ci_runner, description: 'Group runner', groups: [group]
+  describe '#assigned_to_project?' do
+    subject { runner.assigned_to_project? }
 
-      expect(runner.assigned_to_project?).to be false
+    context 'when group runner' do
+      let(:runner) { create(:ci_runner, description: 'Group runner', groups: [group]) }
+      let(:group) { create(:group) }
+      it { is_expected.to be_falsey }
     end
 
-    it 'returns false when the runner is a shared runner' do
-      runner = create :ci_runner, :shared, description: 'Shared runner'
-
-      expect(runner.assigned_to_project?).to be false
+    context 'when shared runner' do
+      let(:runner) { create(:ci_runner, :shared, description: 'Shared runner') }
+      it { is_expected.to be_falsey }
     end
 
-    it 'returns true when the runner is assigned to a project' do
-      project = create :project
-      runner = create :ci_runner, description: 'Group runner', projects: [project]
+    context 'when project runner' do
+      let(:runner) { create(:ci_runner, description: 'Group runner', projects: [project]) }
+      let(:project) { create(:project) }
 
-      expect(runner.assigned_to_project?).to be true
+      it { is_expected.to be_truthy }
     end
   end
 
   describe '#pick_build!' do
     context 'runner can pick the build' do
       it 'calls #tick_runner_queue' do
-        ci_build = build :ci_build
-        runner = build :ci_runner
+        ci_build = build(:ci_build)
+        runner = build(:ci_runner)
         allow(runner).to receive(:can_pick?).with(ci_build).and_return(true)
 
         expect(runner).to receive(:tick_runner_queue)
@@ -807,8 +806,8 @@ describe Ci::Runner do
 
     context 'runner cannot pick the build' do
       it 'does not call #tick_runner_queue' do
-        ci_build = build :ci_build
-        runner = build :ci_runner
+        ci_build = build(:ci_build)
+        runner = build(:ci_runner)
         allow(runner).to receive(:can_pick?).with(ci_build).and_return(false)
 
         expect(runner).not_to receive(:tick_runner_queue)

From 67f25c6259553e30e921de3d4d72d3e97d06d327 Mon Sep 17 00:00:00 2001
From: Dylan Griffith <dyl.griffith@gmail.com>
Date: Thu, 3 May 2018 09:44:45 +0200
Subject: [PATCH 082/129] Style improvements to spec/models/project_spec.rb

---
 spec/models/project_spec.rb | 15 +++++++++++++--
 1 file changed, 13 insertions(+), 2 deletions(-)

diff --git a/spec/models/project_spec.rb b/spec/models/project_spec.rb
index ab0694e6890..08e42b61910 100644
--- a/spec/models/project_spec.rb
+++ b/spec/models/project_spec.rb
@@ -1138,7 +1138,7 @@ describe Project do
     end
   end
 
-  describe '#any_runners' do
+  describe '#any_runners?' do
     context 'shared runners' do
       let(:project) { create :project, shared_runners_enabled: shared_runners_enabled }
       let(:specific_runner) { create :ci_runner }
@@ -1153,21 +1153,25 @@ describe Project do
 
         it 'has a specific runner' do
           project.runners << specific_runner
+
           expect(project.any_runners?).to be_truthy
         end
 
         it 'has a shared runner, but they are prohibited to use' do
           shared_runner
+
           expect(project.any_runners?).to be_falsey
         end
 
         it 'checks the presence of specific runner' do
           project.runners << specific_runner
+
           expect(project.any_runners? { |runner| runner == specific_runner }).to be_truthy
         end
 
         it 'returns false if match cannot be found' do
           project.runners << specific_runner
+
           expect(project.any_runners? { false }).to be_falsey
         end
       end
@@ -1177,16 +1181,19 @@ describe Project do
 
         it 'has a shared runner' do
           shared_runner
+
           expect(project.any_runners?).to be_truthy
         end
 
         it 'checks the presence of shared runner' do
           shared_runner
+
           expect(project.any_runners? { |runner| runner == shared_runner }).to be_truthy
         end
 
         it 'returns false if match cannot be found' do
           shared_runner
+
           expect(project.any_runners? { false }).to be_falsey
         end
       end
@@ -1206,6 +1213,7 @@ describe Project do
 
         it 'has a group runner, but they are prohibited to use' do
           group_runner
+
           expect(project.any_runners?).to be_falsey
         end
       end
@@ -1215,16 +1223,19 @@ describe Project do
 
         it 'has a group runner' do
           group_runner
+
           expect(project.any_runners?).to be_truthy
         end
 
         it 'checks the presence of group runner' do
           group_runner
+
           expect(project.any_runners? { |runner| runner == group_runner }).to be_truthy
         end
 
         it 'returns false if match cannot be found' do
           group_runner
+
           expect(project.any_runners? { false }).to be_falsey
         end
       end
@@ -3592,7 +3603,7 @@ describe Project do
 
   describe '#toggle_ci_cd_settings!' do
     it 'toggles the value on #settings' do
-      project = create :project, group_runners_enabled: false
+      project = create(:project, group_runners_enabled: false)
 
       expect(project.group_runners_enabled).to be false
 

From dcb67951a817db262ddcd3b777fafc4e1995fc04 Mon Sep 17 00:00:00 2001
From: Dylan Griffith <dyl.griffith@gmail.com>
Date: Thu, 3 May 2018 09:45:09 +0200
Subject: [PATCH 083/129] Make assertions about runner_type in
 spec/requests/api/runner_spec.rb

---
 spec/requests/api/runner_spec.rb | 13 +++++++++----
 1 file changed, 9 insertions(+), 4 deletions(-)

diff --git a/spec/requests/api/runner_spec.rb b/spec/requests/api/runner_spec.rb
index 5ea110b4d82..27f5dff7901 100644
--- a/spec/requests/api/runner_spec.rb
+++ b/spec/requests/api/runner_spec.rb
@@ -40,6 +40,7 @@ describe API::Runner do
           expect(json_response['token']).to eq(runner.token)
           expect(runner.run_untagged).to be true
           expect(runner.token).not_to eq(registration_token)
+          expect(runner).to be_instance_type
         end
 
         context 'when project token is used' do
@@ -50,8 +51,10 @@ describe API::Runner do
 
             expect(response).to have_gitlab_http_status 201
             expect(project.runners.size).to eq(1)
-            expect(Ci::Runner.first.token).not_to eq(registration_token)
-            expect(Ci::Runner.first.token).not_to eq(project.runners_token)
+            runner = Ci::Runner.first
+            expect(runner.token).not_to eq(registration_token)
+            expect(runner.token).not_to eq(project.runners_token)
+            expect(runner).to be_project_type
           end
         end
 
@@ -63,8 +66,10 @@ describe API::Runner do
 
             expect(response).to have_http_status 201
             expect(group.runners.size).to eq(1)
-            expect(Ci::Runner.first.token).not_to eq(registration_token)
-            expect(Ci::Runner.first.token).not_to eq(group.runners_token)
+            runner = Ci::Runner.first
+            expect(runner.token).not_to eq(registration_token)
+            expect(runner.token).not_to eq(group.runners_token)
+            expect(runner).to be_group_type
           end
         end
       end

From 49cbe576229b7e4003575e04006cc4132c3c0060 Mon Sep 17 00:00:00 2001
From: Dylan Griffith <dyl.griffith@gmail.com>
Date: Thu, 3 May 2018 10:59:38 +0200
Subject: [PATCH 084/129] Remove Runner#belonging_to_any_project since this is
 no longer needed

---
 .../projects/settings/ci_cd_controller.rb         |  1 -
 app/models/ci/runner.rb                           |  2 --
 spec/models/ci/runner_spec.rb                     | 15 ---------------
 3 files changed, 18 deletions(-)

diff --git a/app/controllers/projects/settings/ci_cd_controller.rb b/app/controllers/projects/settings/ci_cd_controller.rb
index 6ddbefacae0..177c8a54099 100644
--- a/app/controllers/projects/settings/ci_cd_controller.rb
+++ b/app/controllers/projects/settings/ci_cd_controller.rb
@@ -72,7 +72,6 @@ module Projects
           .ci_authorized_runners
           .assignable_for(project)
           .ordered
-          .belonging_to_any_project
           .page(params[:page]).per(20)
 
         @shared_runners = ::Ci::Runner.shared.active
diff --git a/app/models/ci/runner.rb b/app/models/ci/runner.rb
index 0b47b71a267..2dfd038d5a8 100644
--- a/app/models/ci/runner.rb
+++ b/app/models/ci/runner.rb
@@ -32,8 +32,6 @@ module Ci
       joins(:runner_projects).where(ci_runner_projects: { project_id: project_id })
     }
 
-    scope :belonging_to_any_project, -> { joins(:runner_projects) }
-
     scope :belonging_to_parent_group_of_project, -> (project_id) {
       project_groups = ::Group.joins(:projects).where(projects: { id: project_id })
       hierarchy_groups = Gitlab::GroupHierarchy.new(project_groups).base_and_ancestors
diff --git a/spec/models/ci/runner_spec.rb b/spec/models/ci/runner_spec.rb
index 21d7d616a3c..cc4d4e5e4ae 100644
--- a/spec/models/ci/runner_spec.rb
+++ b/spec/models/ci/runner_spec.rb
@@ -137,21 +137,6 @@ describe Ci::Runner do
     end
   end
 
-  describe '.belonging_to_any_project' do
-    it 'returns the specific project runner' do
-      # project
-      project_project = create(:project)
-      project_runner = create(:ci_runner, :specific, projects: [project_project])
-
-      # group
-      group = create(:group)
-      create(:project, group: group)
-      create(:ci_runner, :specific, groups: [group])
-
-      expect(described_class.belonging_to_any_project).to eq [project_runner]
-    end
-  end
-
   describe '.belonging_to_parent_group_of_project' do
     let(:project) { create(:project, group: group) }
     let(:group) { create(:group) }

From dc439a3b42d6d376ca0b0853b0aab3b401922e5f Mon Sep 17 00:00:00 2001
From: Dylan Griffith <dyl.griffith@gmail.com>
Date: Thu, 3 May 2018 11:02:51 +0200
Subject: [PATCH 085/129] Add comment in _runner.html.haml about hacky runner
 type check

---
 app/views/projects/runners/_runner.html.haml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/app/views/projects/runners/_runner.html.haml b/app/views/projects/runners/_runner.html.haml
index 385e2f8d1c2..0d2c0536eb5 100644
--- a/app/views/projects/runners/_runner.html.haml
+++ b/app/views/projects/runners/_runner.html.haml
@@ -26,7 +26,7 @@
         - else
           - runner_project = @project.runner_projects.find_by(runner_id: runner)
           = link_to 'Disable for this project', project_runner_project_path(@project, runner_project), data: { confirm: "Are you sure?" }, method: :delete, class: 'btn btn-danger btn-sm'
-      - elsif !(runner.is_shared? || runner.group_type?)
+      - elsif !(runner.is_shared? || runner.group_type?) # We can simplify this to `runner.project_type?` when migrating #runner_type is complete
         = form_for [@project.namespace.becomes(Namespace), @project, @project.runner_projects.new] do |f|
           = f.hidden_field :runner_id, value: runner.id
           = f.submit 'Enable for this project', class: 'btn btn-sm'

From 7bc24ec2e524b55402fa5caeb64e75e02f97ddc5 Mon Sep 17 00:00:00 2001
From: Dylan Griffith <dyl.griffith@gmail.com>
Date: Thu, 3 May 2018 11:03:19 +0200
Subject: [PATCH 086/129] Extract constants in
 20180430143705_backfill_runner_type_for_ci_runners_post_migrate

---
 ...705_backfill_runner_type_for_ci_runners_post_migrate.rb | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)

diff --git a/db/post_migrate/20180430143705_backfill_runner_type_for_ci_runners_post_migrate.rb b/db/post_migrate/20180430143705_backfill_runner_type_for_ci_runners_post_migrate.rb
index 8509222edc2..9186a729a40 100644
--- a/db/post_migrate/20180430143705_backfill_runner_type_for_ci_runners_post_migrate.rb
+++ b/db/post_migrate/20180430143705_backfill_runner_type_for_ci_runners_post_migrate.rb
@@ -3,14 +3,17 @@ class BackfillRunnerTypeForCiRunnersPostMigrate < ActiveRecord::Migration
 
   DOWNTIME = false
 
+  PROJECT_RUNNER_TYPE = 1
+  INSTANCE_RUNNER_TYPE = 3
+
   disable_ddl_transaction!
 
   def up
-    update_column_in_batches(:ci_runners, :runner_type, 1) do |table, query|
+    update_column_in_batches(:ci_runners, :runner_type, PROJECT_RUNNER_TYPE) do |table, query|
       query.where(table[:is_shared].eq(true)).where(table[:runner_type].eq(nil))
     end
 
-    update_column_in_batches(:ci_runners, :runner_type, 3) do |table, query|
+    update_column_in_batches(:ci_runners, :runner_type, INSTANCE_RUNNER_TYPE) do |table, query|
       query.where(table[:is_shared].eq(false)).where(table[:runner_type].eq(nil))
     end
   end

From bf790c26c58e214c27132e7a54fdf4a4cc77bdaf Mon Sep 17 00:00:00 2001
From: Dylan Griffith <dyl.griffith@gmail.com>
Date: Thu, 3 May 2018 13:39:20 +0200
Subject: [PATCH 087/129] Use factory in specs for ProjectCiCdSettings

---
 spec/factories/project_ci_cd_settings.rb | 10 ++++++++++
 spec/factories/projects.rb               |  8 +-------
 2 files changed, 11 insertions(+), 7 deletions(-)
 create mode 100644 spec/factories/project_ci_cd_settings.rb

diff --git a/spec/factories/project_ci_cd_settings.rb b/spec/factories/project_ci_cd_settings.rb
new file mode 100644
index 00000000000..2e85b54e245
--- /dev/null
+++ b/spec/factories/project_ci_cd_settings.rb
@@ -0,0 +1,10 @@
+FactoryBot.define do
+  factory :project_ci_cd_setting do
+    project
+
+    initialize_with do
+      # ci_cd_settings are automatically created when a project is created
+      project&.ci_cd_settings || new
+    end
+  end
+end
diff --git a/spec/factories/projects.rb b/spec/factories/projects.rb
index aed5eab8044..e0e72e7f2ce 100644
--- a/spec/factories/projects.rb
+++ b/spec/factories/projects.rb
@@ -14,6 +14,7 @@ FactoryBot.define do
     # Associations
     namespace
     creator { group ? create(:user) : namespace&.owner }
+    ci_cd_settings strategy: :build, factory: :project_ci_cd_setting, project: nil
 
     transient do
       # Nest Project Feature attributes
@@ -23,10 +24,6 @@ FactoryBot.define do
       issues_access_level ProjectFeature::ENABLED
       merge_requests_access_level ProjectFeature::ENABLED
       repository_access_level ProjectFeature::ENABLED
-
-      # we can't assign the delegated `#ci_cd_settings` attributes directly, as the
-      # `#ci_cd_settings` relation needs to be created first
-      group_runners_enabled nil
     end
 
     after(:create) do |project, evaluator|
@@ -51,9 +48,6 @@ FactoryBot.define do
       end
 
       project.group&.refresh_members_authorized_projects
-
-      # assign the delegated `#ci_cd_settings` attributes after create
-      project.reload.group_runners_enabled = evaluator.group_runners_enabled unless evaluator.group_runners_enabled.nil?
     end
 
     trait :public do

From af15b6f0e144762a38591c53b970e312c35fe65f Mon Sep 17 00:00:00 2001
From: Dylan Griffith <dyl.griffith@gmail.com>
Date: Thu, 3 May 2018 14:37:01 +0200
Subject: [PATCH 088/129] Fix Project#group_runners_enabled as it was doing
 nothing

---
 app/models/project.rb                         |  7 ++++-
 app/models/project_ci_cd_setting.rb           |  2 +-
 app/services/ci/register_job_service.rb       |  5 +++-
 spec/services/ci/register_job_service_spec.rb | 28 +++++++++++--------
 4 files changed, 28 insertions(+), 14 deletions(-)

diff --git a/app/models/project.rb b/app/models/project.rb
index 8abbb92da62..50c404c300a 100644
--- a/app/models/project.rb
+++ b/app/models/project.rb
@@ -234,7 +234,7 @@ class Project < ActiveRecord::Base
   has_many :custom_attributes, class_name: 'ProjectCustomAttribute'
 
   has_many :project_badges, class_name: 'ProjectBadge'
-  has_one :ci_cd_settings, class_name: 'ProjectCiCdSetting'
+  has_one :ci_cd_settings, class_name: 'ProjectCiCdSetting', inverse_of: :project, autosave: true
 
   accepts_nested_attributes_for :variables, allow_destroy: true
   accepts_nested_attributes_for :project_feature, update_only: true
@@ -331,6 +331,11 @@ class Project < ActiveRecord::Base
   scope :with_issues_available_for_user, ->(current_user) { with_feature_available_for_user(:issues, current_user) }
   scope :with_merge_requests_enabled, -> { with_feature_enabled(:merge_requests) }
 
+  scope :with_group_runners_enabled, -> do
+    joins(:ci_cd_settings)
+    .where(project_ci_cd_settings: { group_runners_enabled: true })
+  end
+
   enum auto_cancel_pending_pipelines: { disabled: 0, enabled: 1 }
 
   chronic_duration_attr :build_timeout_human_readable, :build_timeout, default: 3600
diff --git a/app/models/project_ci_cd_setting.rb b/app/models/project_ci_cd_setting.rb
index 9f10a93148c..588cced5781 100644
--- a/app/models/project_ci_cd_setting.rb
+++ b/app/models/project_ci_cd_setting.rb
@@ -1,5 +1,5 @@
 class ProjectCiCdSetting < ActiveRecord::Base
-  belongs_to :project
+  belongs_to :project, inverse_of: :ci_cd_settings
 
   # The version of the schema that first introduced this model/table.
   MINIMUM_SCHEMA_VERSION = 20180403035759
diff --git a/app/services/ci/register_job_service.rb b/app/services/ci/register_job_service.rb
index 8f8a5fbb2b0..a7d8ad93f38 100644
--- a/app/services/ci/register_job_service.rb
+++ b/app/services/ci/register_job_service.rb
@@ -91,7 +91,10 @@ module Ci
     def builds_for_group_runner
       hierarchy_groups = Gitlab::GroupHierarchy.new(runner.groups).base_and_descendants
       projects = Project.where(namespace_id: hierarchy_groups)
-      new_builds.where(project: projects.without_deleted.with_builds_enabled).order('created_at ASC')
+        .with_group_runners_enabled
+        .with_builds_enabled
+        .without_deleted
+      new_builds.where(project: projects).order('created_at ASC')
     end
 
     def running_builds_for_shared_runners
diff --git a/spec/services/ci/register_job_service_spec.rb b/spec/services/ci/register_job_service_spec.rb
index 256d0027d72..8063bc7e1ac 100644
--- a/spec/services/ci/register_job_service_spec.rb
+++ b/spec/services/ci/register_job_service_spec.rb
@@ -2,13 +2,13 @@ require 'spec_helper'
 
 module Ci
   describe RegisterJobService do
-    let!(:project) { create :project, shared_runners_enabled: false }
-    let!(:group) { create :group }
-    let!(:pipeline) { create :ci_pipeline, project: project }
-    let!(:pending_job) { create :ci_build, pipeline: pipeline }
-    let!(:shared_runner) { create :ci_runner, is_shared: true }
-    let!(:specific_runner) { create :ci_runner, is_shared: false }
-    let!(:group_runner) { create :ci_runner, groups: [group], runner_type: :group_type }
+    set(:group) { create(:group) }
+    set(:project) { create(:project, group: group, shared_runners_enabled: false, group_runners_enabled: false) }
+    set(:pipeline) { create(:ci_pipeline, project: project) }
+    let!(:shared_runner) { create(:ci_runner, is_shared: true) }
+    let!(:specific_runner) { create(:ci_runner, is_shared: false) }
+    let!(:group_runner) { create(:ci_runner, groups: [group], runner_type: :group_type) }
+    let!(:pending_job) { create(:ci_build, pipeline: pipeline) }
 
     before do
       specific_runner.assign_to(project)
@@ -152,7 +152,7 @@ module Ci
 
       context 'disallow when builds are disabled' do
         before do
-          project.update(shared_runners_enabled: true)
+          project.update(shared_runners_enabled: true, group_runners_enabled: true)
           project.project_feature.update_attribute(:builds_access_level, ProjectFeature::DISABLED)
         end
 
@@ -162,7 +162,13 @@ module Ci
           it { expect(build).to be_nil }
         end
 
-        context 'and uses specific runner' do
+        context 'and uses group runner' do
+          let(:build) { execute(group_runner) }
+
+          it { expect(build).to be_nil }
+        end
+
+        context 'and uses project runner' do
           let(:build) { execute(specific_runner) }
 
           it { expect(build).to be_nil }
@@ -171,7 +177,7 @@ module Ci
 
       context 'allow group runners' do
         before do
-          project.update!(group_runners_enabled: true, group: group)
+          project.update!(group_runners_enabled: true)
         end
 
         context 'for multiple builds' do
@@ -230,7 +236,7 @@ module Ci
 
       context 'disallow group runners' do
         before do
-          project.update(group_runners_enabled: false)
+          project.update!(group_runners_enabled: false)
         end
 
         context 'group runner' do

From 0ae300578139c0e71e8748b6106f673e4b3d19c8 Mon Sep 17 00:00:00 2001
From: Dylan Griffith <dyl.griffith@gmail.com>
Date: Thu, 3 May 2018 14:54:08 +0200
Subject: [PATCH 089/129] Order builds by id instead of created_at in
 RegisterJobService

---
 app/services/ci/register_job_service.rb | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/app/services/ci/register_job_service.rb b/app/services/ci/register_job_service.rb
index a7d8ad93f38..4291631913a 100644
--- a/app/services/ci/register_job_service.rb
+++ b/app/services/ci/register_job_service.rb
@@ -85,7 +85,7 @@ module Ci
     end
 
     def builds_for_project_runner
-      new_builds.where(project: runner.projects.without_deleted.with_builds_enabled).order('created_at ASC')
+      new_builds.where(project: runner.projects.without_deleted.with_builds_enabled).order('id ASC')
     end
 
     def builds_for_group_runner
@@ -94,7 +94,7 @@ module Ci
         .with_group_runners_enabled
         .with_builds_enabled
         .without_deleted
-      new_builds.where(project: projects).order('created_at ASC')
+      new_builds.where(project: projects).order('id ASC')
     end
 
     def running_builds_for_shared_runners

From 794ac6c5421e04056dfd336559786fb166c9fa0a Mon Sep 17 00:00:00 2001
From: Dylan Griffith <dyl.griffith@gmail.com>
Date: Thu, 3 May 2018 15:38:55 +0200
Subject: [PATCH 090/129] Revert "Use factory in specs for ProjectCiCdSettings"

This reverts commit bf790c26c58e214c27132e7a54fdf4a4cc77bdaf.
---
 spec/factories/project_ci_cd_settings.rb | 10 ----------
 spec/factories/projects.rb               |  8 +++++++-
 2 files changed, 7 insertions(+), 11 deletions(-)
 delete mode 100644 spec/factories/project_ci_cd_settings.rb

diff --git a/spec/factories/project_ci_cd_settings.rb b/spec/factories/project_ci_cd_settings.rb
deleted file mode 100644
index 2e85b54e245..00000000000
--- a/spec/factories/project_ci_cd_settings.rb
+++ /dev/null
@@ -1,10 +0,0 @@
-FactoryBot.define do
-  factory :project_ci_cd_setting do
-    project
-
-    initialize_with do
-      # ci_cd_settings are automatically created when a project is created
-      project&.ci_cd_settings || new
-    end
-  end
-end
diff --git a/spec/factories/projects.rb b/spec/factories/projects.rb
index e0e72e7f2ce..aed5eab8044 100644
--- a/spec/factories/projects.rb
+++ b/spec/factories/projects.rb
@@ -14,7 +14,6 @@ FactoryBot.define do
     # Associations
     namespace
     creator { group ? create(:user) : namespace&.owner }
-    ci_cd_settings strategy: :build, factory: :project_ci_cd_setting, project: nil
 
     transient do
       # Nest Project Feature attributes
@@ -24,6 +23,10 @@ FactoryBot.define do
       issues_access_level ProjectFeature::ENABLED
       merge_requests_access_level ProjectFeature::ENABLED
       repository_access_level ProjectFeature::ENABLED
+
+      # we can't assign the delegated `#ci_cd_settings` attributes directly, as the
+      # `#ci_cd_settings` relation needs to be created first
+      group_runners_enabled nil
     end
 
     after(:create) do |project, evaluator|
@@ -48,6 +51,9 @@ FactoryBot.define do
       end
 
       project.group&.refresh_members_authorized_projects
+
+      # assign the delegated `#ci_cd_settings` attributes after create
+      project.reload.group_runners_enabled = evaluator.group_runners_enabled unless evaluator.group_runners_enabled.nil?
     end
 
     trait :public do

From dd74237ddc8bef97e45757caf2e91f157e7dd7d2 Mon Sep 17 00:00:00 2001
From: Dylan Griffith <dyl.griffith@gmail.com>
Date: Thu, 3 May 2018 17:08:06 +0200
Subject: [PATCH 091/129] Split migration to add and index
 namespaces.runners_token

---
 .../20170906133745_add_runners_token_to_groups.rb  | 10 +---------
 ...150427_add_index_to_namespaces_runners_token.rb | 14 ++++++++++++++
 db/schema.rb                                       |  2 +-
 3 files changed, 16 insertions(+), 10 deletions(-)
 create mode 100644 db/migrate/20180503150427_add_index_to_namespaces_runners_token.rb

diff --git a/db/migrate/20170906133745_add_runners_token_to_groups.rb b/db/migrate/20170906133745_add_runners_token_to_groups.rb
index 54d0fddd5e3..852f4cba670 100644
--- a/db/migrate/20170906133745_add_runners_token_to_groups.rb
+++ b/db/migrate/20170906133745_add_runners_token_to_groups.rb
@@ -3,15 +3,7 @@ class AddRunnersTokenToGroups < ActiveRecord::Migration
 
   DOWNTIME = false
 
-  disable_ddl_transaction!
-
-  def up
+  def change
     add_column :namespaces, :runners_token, :string
-
-    add_concurrent_index :namespaces, :runners_token, unique: true
-  end
-
-  def down
-    remove_column :namespaces, :runners_token
   end
 end
diff --git a/db/migrate/20180503150427_add_index_to_namespaces_runners_token.rb b/db/migrate/20180503150427_add_index_to_namespaces_runners_token.rb
new file mode 100644
index 00000000000..d6c4a5c432c
--- /dev/null
+++ b/db/migrate/20180503150427_add_index_to_namespaces_runners_token.rb
@@ -0,0 +1,14 @@
+# See http://doc.gitlab.com/ce/development/migration_style_guide.html
+# for more information on how to write migrations for GitLab.
+
+class AddIndexToNamespacesRunnersToken < ActiveRecord::Migration
+  include Gitlab::Database::MigrationHelpers
+
+  DOWNTIME = false
+
+  disable_ddl_transaction!
+
+  def change
+    add_concurrent_index :namespaces, :runners_token, unique: true
+  end
+end
diff --git a/db/schema.rb b/db/schema.rb
index c88d6f3f9e9..177ad0bf23e 100644
--- a/db/schema.rb
+++ b/db/schema.rb
@@ -11,7 +11,7 @@
 #
 # It's strongly recommended that you check this file into your version control system.
 
-ActiveRecord::Schema.define(version: 20180430143705) do
+ActiveRecord::Schema.define(version: 20180503150427) do
 
   # These are extensions that must be enabled in order to support this database
   enable_extension "plpgsql"

From b8abe0c980d12a48dc7b25cb8f3d560b89b5dcd2 Mon Sep 17 00:00:00 2001
From: Dylan Griffith <dyl.griffith@gmail.com>
Date: Thu, 3 May 2018 17:09:16 +0200
Subject: [PATCH 092/129] Remove unnecessary disable transaction in
 add_ci_runner_namespaces

---
 db/migrate/20170301101006_add_ci_runner_namespaces.rb | 2 --
 1 file changed, 2 deletions(-)

diff --git a/db/migrate/20170301101006_add_ci_runner_namespaces.rb b/db/migrate/20170301101006_add_ci_runner_namespaces.rb
index 7e7df2f4d22..deaf03e928b 100644
--- a/db/migrate/20170301101006_add_ci_runner_namespaces.rb
+++ b/db/migrate/20170301101006_add_ci_runner_namespaces.rb
@@ -3,8 +3,6 @@ class AddCiRunnerNamespaces < ActiveRecord::Migration
 
   DOWNTIME = false
 
-  disable_ddl_transaction!
-
   def change
     create_table :ci_runner_namespaces do |t|
       t.integer :runner_id

From 15b10c344b1b909b2a90331926aa4082cd86045b Mon Sep 17 00:00:00 2001
From: Dylan Griffith <dyl.griffith@gmail.com>
Date: Thu, 3 May 2018 17:15:32 +0200
Subject: [PATCH 093/129] Dont remove duplicates in Runner.owned_or_shared
 since its not necessary

---
 app/models/ci/runner.rb | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/app/models/ci/runner.rb b/app/models/ci/runner.rb
index 2dfd038d5a8..23078f1c3ed 100644
--- a/app/models/ci/runner.rb
+++ b/app/models/ci/runner.rb
@@ -40,7 +40,10 @@ module Ci
     }
 
     scope :owned_or_shared, -> (project_id) do
-      union = Gitlab::SQL::Union.new([belonging_to_project(project_id), belonging_to_parent_group_of_project(project_id), shared])
+      union = Gitlab::SQL::Union.new(
+        [belonging_to_project(project_id), belonging_to_parent_group_of_project(project_id), shared],
+        remove_duplicates: false
+      )
       from("(#{union.to_sql}) ci_runners")
     end
 

From cb49d68c4fe565cc4fdc3a326c45e3ded548cd24 Mon Sep 17 00:00:00 2001
From: Dylan Griffith <dyl.griffith@gmail.com>
Date: Thu, 3 May 2018 17:17:01 +0200
Subject: [PATCH 094/129] Use smallint for runner_type since its an enum

---
 db/migrate/20180430101916_add_runner_type_to_ci_runners.rb | 2 +-
 db/schema.rb                                               | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/db/migrate/20180430101916_add_runner_type_to_ci_runners.rb b/db/migrate/20180430101916_add_runner_type_to_ci_runners.rb
index 8c8009f28fb..42409349b75 100644
--- a/db/migrate/20180430101916_add_runner_type_to_ci_runners.rb
+++ b/db/migrate/20180430101916_add_runner_type_to_ci_runners.rb
@@ -4,6 +4,6 @@ class AddRunnerTypeToCiRunners < ActiveRecord::Migration
   DOWNTIME = false
 
   def change
-    add_column :ci_runners, :runner_type, :integer
+    add_column :ci_runners, :runner_type, :smallint
   end
 end
diff --git a/db/schema.rb b/db/schema.rb
index 177ad0bf23e..a37e6edc8d1 100644
--- a/db/schema.rb
+++ b/db/schema.rb
@@ -480,7 +480,7 @@ ActiveRecord::Schema.define(version: 20180503150427) do
     t.integer "access_level", default: 0, null: false
     t.string "ip_address"
     t.integer "maximum_timeout"
-    t.integer "runner_type"
+    t.integer "runner_type", limit: 2
   end
 
   add_index "ci_runners", ["contacted_at"], name: "index_ci_runners_on_contacted_at", using: :btree

From 8e7b12aeaed2b67bf4dfafa0c95a09e6a8620a8a Mon Sep 17 00:00:00 2001
From: Robert Speicher <rspeicher@gmail.com>
Date: Thu, 3 May 2018 10:45:13 -0500
Subject: [PATCH 095/129] Remove a warning from
 spec/features/admin/admin_users_spec.rb

---
 spec/features/admin/admin_users_spec.rb | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/spec/features/admin/admin_users_spec.rb b/spec/features/admin/admin_users_spec.rb
index 8f0a3611052..8fc57f4b4c3 100644
--- a/spec/features/admin/admin_users_spec.rb
+++ b/spec/features/admin/admin_users_spec.rb
@@ -285,7 +285,7 @@ describe "Admin::Users" do
     it "lists group projects" do
       within(:css, '.append-bottom-default + .panel') do
         expect(page).to have_content 'Group projects'
-        expect(page).to have_link group.name, admin_group_path(group)
+        expect(page).to have_link group.name, href: admin_group_path(group)
       end
     end
 

From 322b5d129c3bebee10fedc1e908ce9aa4b7c23a0 Mon Sep 17 00:00:00 2001
From: Robert Speicher <rspeicher@gmail.com>
Date: Thu, 3 May 2018 10:45:28 -0500
Subject: [PATCH 096/129] Use limited_counter_with_delimiter in the admin user
 list tabs

This drastically reduces page load times at gitlab.com scale.
---
 app/views/admin/users/index.html.haml | 14 +++++++-------
 1 file changed, 7 insertions(+), 7 deletions(-)

diff --git a/app/views/admin/users/index.html.haml b/app/views/admin/users/index.html.haml
index 0ef4b71f4fe..10b8bf5d565 100644
--- a/app/views/admin/users/index.html.haml
+++ b/app/views/admin/users/index.html.haml
@@ -42,31 +42,31 @@
         = nav_link(html_options: { class: active_when(params[:filter].nil?) }) do
           = link_to admin_users_path do
             Active
-            %small.badge= number_with_delimiter(User.active.count)
+            %small.badge= limited_counter_with_delimiter(User.active)
         = nav_link(html_options: { class: active_when(params[:filter] == 'admins') }) do
           = link_to admin_users_path(filter: "admins") do
             Admins
-            %small.badge= number_with_delimiter(User.admins.count)
+            %small.badge= limited_counter_with_delimiter(User.admins)
         = nav_link(html_options: { class: "#{active_when(params[:filter] == 'two_factor_enabled')} filter-two-factor-enabled" }) do
           = link_to admin_users_path(filter: 'two_factor_enabled') do
             2FA Enabled
-            %small.badge= number_with_delimiter(User.with_two_factor.count)
+            %small.badge= limited_counter_with_delimiter(User.with_two_factor)
         = nav_link(html_options: { class: "#{active_when(params[:filter] == 'two_factor_disabled')} filter-two-factor-disabled" }) do
           = link_to admin_users_path(filter: 'two_factor_disabled') do
             2FA Disabled
-            %small.badge= number_with_delimiter(User.without_two_factor.count)
+            %small.badge= limited_counter_with_delimiter(User.without_two_factor)
         = nav_link(html_options: { class: active_when(params[:filter] == 'external') }) do
           = link_to admin_users_path(filter: 'external') do
             External
-            %small.badge= number_with_delimiter(User.external.count)
+            %small.badge= limited_counter_with_delimiter(User.external)
         = nav_link(html_options: { class: active_when(params[:filter] == 'blocked') }) do
           = link_to admin_users_path(filter: "blocked") do
             Blocked
-            %small.badge= number_with_delimiter(User.blocked.count)
+            %small.badge= limited_counter_with_delimiter(User.blocked)
         = nav_link(html_options: { class: active_when(params[:filter] == 'wop') }) do
           = link_to admin_users_path(filter: "wop") do
             Without projects
-            %small.badge= number_with_delimiter(User.without_projects.count)
+            %small.badge= limited_counter_with_delimiter(User.without_projects)
 
   %ul.flex-list.content-list
     - if @users.empty?

From ed9b285b0e1bbbfe88f685cdebd22227f37b97b9 Mon Sep 17 00:00:00 2001
From: Dylan Griffith <dyl.griffith@gmail.com>
Date: Thu, 3 May 2018 18:02:38 +0200
Subject: [PATCH 097/129] Fix constants in
 backfill_runner_type_for_ci_runners_post_migrate.rb

---
 ...05_backfill_runner_type_for_ci_runners_post_migrate.rb | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/db/post_migrate/20180430143705_backfill_runner_type_for_ci_runners_post_migrate.rb b/db/post_migrate/20180430143705_backfill_runner_type_for_ci_runners_post_migrate.rb
index 9186a729a40..38af5aae924 100644
--- a/db/post_migrate/20180430143705_backfill_runner_type_for_ci_runners_post_migrate.rb
+++ b/db/post_migrate/20180430143705_backfill_runner_type_for_ci_runners_post_migrate.rb
@@ -3,17 +3,17 @@ class BackfillRunnerTypeForCiRunnersPostMigrate < ActiveRecord::Migration
 
   DOWNTIME = false
 
-  PROJECT_RUNNER_TYPE = 1
-  INSTANCE_RUNNER_TYPE = 3
+  INSTANCE_RUNNER_TYPE = 1
+  PROJECT_RUNNER_TYPE = 3
 
   disable_ddl_transaction!
 
   def up
-    update_column_in_batches(:ci_runners, :runner_type, PROJECT_RUNNER_TYPE) do |table, query|
+    update_column_in_batches(:ci_runners, :runner_type, INSTANCE_RUNNER_TYPE) do |table, query|
       query.where(table[:is_shared].eq(true)).where(table[:runner_type].eq(nil))
     end
 
-    update_column_in_batches(:ci_runners, :runner_type, INSTANCE_RUNNER_TYPE) do |table, query|
+    update_column_in_batches(:ci_runners, :runner_type, PROJECT_RUNNER_TYPE) do |table, query|
       query.where(table[:is_shared].eq(false)).where(table[:runner_type].eq(nil))
     end
   end

From 980fb6fb26a360894bba7444d0020381ab825c8d Mon Sep 17 00:00:00 2001
From: Jose <jivanvl@hotmail.com>
Date: Thu, 3 May 2018 12:10:57 -0500
Subject: [PATCH 098/129] Adjust copy text and classes

---
 app/views/projects/pipelines/new.html.haml | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/app/views/projects/pipelines/new.html.haml b/app/views/projects/pipelines/new.html.haml
index 61b470a0c75..81984ee94b0 100644
--- a/app/views/projects/pipelines/new.html.haml
+++ b/app/views/projects/pipelines/new.html.haml
@@ -20,12 +20,12 @@
         = s_("Pipeline|Existing branch name or tag")
 
     .col-sm-12.prepend-top-10.js-ci-variable-list-section
-      %label.label-light
+      %label
         = s_('Pipeline|Variables')
-      .help-block
-        = (s_("Pipeline|Specify variable values to be used in this run. The values specified in %{settings_link} will be used by default") % {settings_link: settings_link}).html_safe
       %ul.ci-variable-list
         = render 'ci/variables/variable_row', form_field: 'pipeline', only_key_value: true
+      .help-block
+        = (s_("Pipeline|Specify variable values to be used in this run. The values specified in %{settings_link} will be used by default.") % {settings_link: settings_link}).html_safe
 
   .form-actions
     = f.submit s_('Pipeline|Create pipeline'), class: 'btn btn-success js-variables-save-button', tabindex: 3

From 11f38dd12abedf17c09098170de295ce0b533d3b Mon Sep 17 00:00:00 2001
From: Dylan Griffith <dyl.griffith@gmail.com>
Date: Fri, 4 May 2018 07:25:36 +0200
Subject: [PATCH 099/129] Make add_index_to_namespaces_runners_token migration
 reversible

---
 ...0180503150427_add_index_to_namespaces_runners_token.rb | 8 +++++++-
 1 file changed, 7 insertions(+), 1 deletion(-)

diff --git a/db/migrate/20180503150427_add_index_to_namespaces_runners_token.rb b/db/migrate/20180503150427_add_index_to_namespaces_runners_token.rb
index d6c4a5c432c..4c4e576d49f 100644
--- a/db/migrate/20180503150427_add_index_to_namespaces_runners_token.rb
+++ b/db/migrate/20180503150427_add_index_to_namespaces_runners_token.rb
@@ -8,7 +8,13 @@ class AddIndexToNamespacesRunnersToken < ActiveRecord::Migration
 
   disable_ddl_transaction!
 
-  def change
+  def up
     add_concurrent_index :namespaces, :runners_token, unique: true
   end
+
+  def down
+    if index_exists?(:namespaces, :runners_token, unique: true)
+      remove_index :namespaces, :runners_token
+    end
+  end
 end

From af9432643dd49fde165cf2dd2bdfb956c5cbfddf Mon Sep 17 00:00:00 2001
From: Ash McKenzie <amckenzie@gitlab.com>
Date: Fri, 4 May 2018 15:56:46 +1000
Subject: [PATCH 100/129] Ensure we're using Rails, not Sidekiq::Rails

---
 config/initializers/forbid_sidekiq_in_transactions.rb | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/config/initializers/forbid_sidekiq_in_transactions.rb b/config/initializers/forbid_sidekiq_in_transactions.rb
index 4603123665d..deb94d7dbce 100644
--- a/config/initializers/forbid_sidekiq_in_transactions.rb
+++ b/config/initializers/forbid_sidekiq_in_transactions.rb
@@ -27,7 +27,7 @@ module Sidekiq
                 Use an `after_commit` hook, or include `AfterCommitQueue` and use a `run_after_commit` block instead.
                 MSG
               rescue Sidekiq::Worker::EnqueueFromTransactionError => e
-                Rails.logger.error(e.message) if Rails.env.production?
+                ::Rails.logger.error(e.message) if ::Rails.env.production?
                 Gitlab::Sentry.track_exception(e)
               end
             end

From 7f107539ab78c120b99c10570ccc5301c14c035f Mon Sep 17 00:00:00 2001
From: Winnie Hellmann <winnie@gitlab.com>
Date: Fri, 4 May 2018 07:42:44 +0000
Subject: [PATCH 101/129] Clarify location of Vue templates

---
 doc/development/fe_guide/style_guide_js.md | 8 ++++++--
 1 file changed, 6 insertions(+), 2 deletions(-)

diff --git a/doc/development/fe_guide/style_guide_js.md b/doc/development/fe_guide/style_guide_js.md
index 677168937c7..04dfe418dbe 100644
--- a/doc/development/fe_guide/style_guide_js.md
+++ b/doc/development/fe_guide/style_guide_js.md
@@ -310,7 +310,7 @@ Please check this [rules][eslint-plugin-vue-rules] for more documentation.
     }));
   ```
 
-1. Don not use a singleton for the service or the store
+1. Do not use a singleton for the service or the store
   ```javascript
     // bad
     class Store {
@@ -328,9 +328,11 @@ Please check this [rules][eslint-plugin-vue-rules] for more documentation.
       }
     }
   ```
+1. Use `.vue` for Vue templates. Do not use `%template` in HAML.
 
 #### Naming
-1. **Extensions**: Use `.vue` extension for Vue components.
+
+1. **Extensions**: Use `.vue` extension for Vue components. Do not use `.js` as file extension ([#34371]).
 1. **Reference Naming**: Use PascalCase for their instances:
   ```javascript
     // bad
@@ -364,6 +366,8 @@ Please check this [rules][eslint-plugin-vue-rules] for more documentation.
     <component my-prop="prop" />
   ```
 
+[#34371]: https://gitlab.com/gitlab-org/gitlab-ce/issues/34371
+
 #### Alignment
 1. Follow these alignment styles for the template method:
   1. With more than one attribute, all attributes should be on a new line:

From b570bd464426d948c847111e3ad9415d8ba4325d Mon Sep 17 00:00:00 2001
From: George Tsiolis <tsiolis.g@gmail.com>
Date: Thu, 3 May 2018 16:00:01 +0300
Subject: [PATCH 102/129] Inform the user when there are no project import
 options available

---
 app/views/projects/new.html.haml                             | 4 ++++
 ...er-when-there-are-no-project-import-options-available.yml | 5 +++++
 2 files changed, 9 insertions(+)
 create mode 100644 changelogs/unreleased/inform-the-user-when-there-are-no-project-import-options-available.yml

diff --git a/app/views/projects/new.html.haml b/app/views/projects/new.html.haml
index b66e0559603..81e6129ccda 100644
--- a/app/views/projects/new.html.haml
+++ b/app/views/projects/new.html.haml
@@ -105,6 +105,10 @@
                     %hr
                       = render "shared/import_form", f: f
                       = render 'new_project_fields', f: f, project_name_id: "import-url-name"
+            - else
+              .nothing-here-block
+                %h4 No import options available
+                %p Contact an administrator to enable options for importing your project.
 
 .save-project-loader.hide
   .center
diff --git a/changelogs/unreleased/inform-the-user-when-there-are-no-project-import-options-available.yml b/changelogs/unreleased/inform-the-user-when-there-are-no-project-import-options-available.yml
new file mode 100644
index 00000000000..c14f21fc644
--- /dev/null
+++ b/changelogs/unreleased/inform-the-user-when-there-are-no-project-import-options-available.yml
@@ -0,0 +1,5 @@
+---
+title: Inform the user when there are no project import options available
+merge_request: 18716
+author: George Tsiolis
+type: changed

From 337ceb17a405f5136a7499f4580d8cd81061f580 Mon Sep 17 00:00:00 2001
From: George Tsiolis <tsiolis.g@gmail.com>
Date: Fri, 4 May 2018 11:33:29 +0300
Subject: [PATCH 103/129] Move import project pane to a separate partial

---
 .../projects/_import_project_pane.html.haml   | 51 +++++++++++++++++++
 app/views/projects/new.html.haml              | 49 +-----------------
 2 files changed, 52 insertions(+), 48 deletions(-)
 create mode 100644 app/views/projects/_import_project_pane.html.haml

diff --git a/app/views/projects/_import_project_pane.html.haml b/app/views/projects/_import_project_pane.html.haml
new file mode 100644
index 00000000000..4bee6cb97eb
--- /dev/null
+++ b/app/views/projects/_import_project_pane.html.haml
@@ -0,0 +1,51 @@
+- active_tab = local_assigns.fetch(:active_tab, 'blank')
+- f = local_assigns.fetch(:f)
+
+.project-import.row
+  .col-lg-12
+    .form-group.import-btn-container.clearfix
+      = f.label :visibility_level, class: 'label-light' do #the label here seems wrong
+        Import project from
+      .import-buttons
+        - if gitlab_project_import_enabled?
+          .import_gitlab_project.has-tooltip{ data: { container: 'body' } }
+            = link_to new_import_gitlab_project_path, class: 'btn btn_import_gitlab_project project-submit' do
+              = icon('gitlab', text: 'GitLab export')
+        %div
+          - if github_import_enabled?
+            = link_to new_import_github_path, class: 'btn js-import-github' do
+              = icon('github', text: 'GitHub')
+        %div
+          - if bitbucket_import_enabled?
+            = link_to status_import_bitbucket_path, class: "btn import_bitbucket #{'how_to_import_link' unless bitbucket_import_configured?}" do
+              = icon('bitbucket', text: 'Bitbucket')
+            - unless bitbucket_import_configured?
+              = render 'bitbucket_import_modal'
+        %div
+          - if gitlab_import_enabled?
+            = link_to status_import_gitlab_path, class: "btn import_gitlab #{'how_to_import_link' unless gitlab_import_configured?}" do
+              = icon('gitlab', text: 'GitLab.com')
+            - unless gitlab_import_configured?
+              = render 'gitlab_import_modal'
+        %div
+          - if google_code_import_enabled?
+            = link_to new_import_google_code_path, class: 'btn import_google_code' do
+              = icon('google', text: 'Google Code')
+        %div
+          - if fogbugz_import_enabled?
+            = link_to new_import_fogbugz_path, class: 'btn import_fogbugz' do
+              = icon('bug', text: 'Fogbugz')
+        %div
+          - if gitea_import_enabled?
+            = link_to new_import_gitea_path, class: 'btn import_gitea' do
+              = custom_icon('go_logo')
+              Gitea
+        %div
+          - if git_import_enabled?
+            %button.btn.js-toggle-button.js-import-git-toggle-button{ type: "button", data: { toggle_open_class: 'active' } }
+              = icon('git', text: 'Repo by URL')
+  .col-lg-12
+    .js-toggle-content.toggle-import-form{ class: ('hide' if active_tab != 'import') }
+      %hr
+        = render "shared/import_form", f: f
+        = render 'new_project_fields', f: f, project_name_id: "import-url-name"
diff --git a/app/views/projects/new.html.haml b/app/views/projects/new.html.haml
index 81e6129ccda..5beaa3c6d23 100644
--- a/app/views/projects/new.html.haml
+++ b/app/views/projects/new.html.haml
@@ -57,54 +57,7 @@
         .tab-pane.import-project-pane.js-toggle-container{ id: 'import-project-pane', class: active_when(active_tab == 'import'), role: 'tabpanel' }
           = form_for @project, html: { class: 'new_project' } do |f|
             - if import_sources_enabled?
-              .project-import.row
-                .col-lg-12
-                  .form-group.import-btn-container.clearfix
-                    = f.label :visibility_level, class: 'label-light' do #the label here seems wrong
-                      Import project from
-                    .import-buttons
-                      - if gitlab_project_import_enabled?
-                        .import_gitlab_project.has-tooltip{ data: { container: 'body' } }
-                          = link_to new_import_gitlab_project_path, class: 'btn btn_import_gitlab_project project-submit' do
-                            = icon('gitlab', text: 'GitLab export')
-                      %div
-                        - if github_import_enabled?
-                          = link_to new_import_github_path, class: 'btn js-import-github' do
-                            = icon('github', text: 'GitHub')
-                      %div
-                        - if bitbucket_import_enabled?
-                          = link_to status_import_bitbucket_path, class: "btn import_bitbucket #{'how_to_import_link' unless bitbucket_import_configured?}" do
-                            = icon('bitbucket', text: 'Bitbucket')
-                          - unless bitbucket_import_configured?
-                            = render 'bitbucket_import_modal'
-                      %div
-                        - if gitlab_import_enabled?
-                          = link_to status_import_gitlab_path, class: "btn import_gitlab #{'how_to_import_link' unless gitlab_import_configured?}" do
-                            = icon('gitlab', text: 'GitLab.com')
-                          - unless gitlab_import_configured?
-                            = render 'gitlab_import_modal'
-                      %div
-                        - if google_code_import_enabled?
-                          = link_to new_import_google_code_path, class: 'btn import_google_code' do
-                            = icon('google', text: 'Google Code')
-                      %div
-                        - if fogbugz_import_enabled?
-                          = link_to new_import_fogbugz_path, class: 'btn import_fogbugz' do
-                            = icon('bug', text: 'Fogbugz')
-                      %div
-                        - if gitea_import_enabled?
-                          = link_to new_import_gitea_path, class: 'btn import_gitea' do
-                            = custom_icon('go_logo')
-                            Gitea
-                      %div
-                        - if git_import_enabled?
-                          %button.btn.js-toggle-button.js-import-git-toggle-button{ type: "button", data: { toggle_open_class: 'active' } }
-                            = icon('git', text: 'Repo by URL')
-                .col-lg-12
-                  .js-toggle-content.toggle-import-form{ class: ('hide' if active_tab != 'import') }
-                    %hr
-                      = render "shared/import_form", f: f
-                      = render 'new_project_fields', f: f, project_name_id: "import-url-name"
+              = render 'import_project_pane', f: f, active_tab: active_tab
             - else
               .nothing-here-block
                 %h4 No import options available

From 1d74a0e93a8d60b44bc02e4eef8175f5c2170232 Mon Sep 17 00:00:00 2001
From: Fabio Busatto <fabio@gitlab.com>
Date: Fri, 4 May 2018 09:48:53 +0000
Subject: [PATCH 104/129] Resolve "Reconcile project templates with Auto
 DevOps"

---
 ...ile-project-templates-with-auto-devops.yml |   5 +++++
 lib/gitlab/project_template.rb                |   6 +++---
 vendor/project_templates/express.tar.gz       | Bin 5608 -> 4866 bytes
 vendor/project_templates/rails.tar.gz         | Bin 25004 -> 25151 bytes
 vendor/project_templates/spring.tar.gz        | Bin 50938 -> 49430 bytes
 5 files changed, 8 insertions(+), 3 deletions(-)
 create mode 100644 changelogs/unreleased/36762-reconcile-project-templates-with-auto-devops.yml

diff --git a/changelogs/unreleased/36762-reconcile-project-templates-with-auto-devops.yml b/changelogs/unreleased/36762-reconcile-project-templates-with-auto-devops.yml
new file mode 100644
index 00000000000..8169b18f875
--- /dev/null
+++ b/changelogs/unreleased/36762-reconcile-project-templates-with-auto-devops.yml
@@ -0,0 +1,5 @@
+---
+title: Reconcile project templates with Auto DevOps
+merge_request: 18737
+author: 
+type: changed
diff --git a/lib/gitlab/project_template.rb b/lib/gitlab/project_template.rb
index ae136202f0c..08f6a54776f 100644
--- a/lib/gitlab/project_template.rb
+++ b/lib/gitlab/project_template.rb
@@ -25,9 +25,9 @@ module Gitlab
     end
 
     TEMPLATES_TABLE = [
-      ProjectTemplate.new('rails', 'Ruby on Rails', 'Includes an MVC structure, gemfile, rakefile, and .gitlab-ci.yml file, along with many others, to help you get started.', 'https://gitlab.com/gitlab-org/project-templates/rails'),
-      ProjectTemplate.new('spring', 'Spring', 'Includes an MVC structure, mvnw, pom.xml, and .gitlab-ci.yml file to help you get started.', 'https://gitlab.com/gitlab-org/project-templates/spring'),
-      ProjectTemplate.new('express', 'NodeJS Express', 'Includes an MVC structure and .gitlab-ci.yml file to help you get started.', 'https://gitlab.com/gitlab-org/project-templates/express')
+      ProjectTemplate.new('rails', 'Ruby on Rails', 'Includes an MVC structure, Gemfile, Rakefile, along with many others, to help you get started.', 'https://gitlab.com/gitlab-org/project-templates/rails'),
+      ProjectTemplate.new('spring', 'Spring', 'Includes an MVC structure, mvnw and pom.xml to help you get started.', 'https://gitlab.com/gitlab-org/project-templates/spring'),
+      ProjectTemplate.new('express', 'NodeJS Express', 'Includes an MVC structure to help you get started.', 'https://gitlab.com/gitlab-org/project-templates/express')
     ].freeze
 
     class << self
diff --git a/vendor/project_templates/express.tar.gz b/vendor/project_templates/express.tar.gz
index 06093deb4591a50f3dc7461cc0ad822965367b9b..8dd5fa36987a8d349b4029c39d02b5c08dbafd81 100644
GIT binary patch
literal 4866
zcmV+d6aDNTiwFRWAnaNI1MOK0G}K$$pGYCMqtKyK3^MLB<1#3rP(tp?b&Q!mhPjy;
zV_YVVyDloZq%+;zCD%j=A$Kz6a$Hg&ic*M_q`tpOZ>R5k-#P1B>%8y!*6O#`teL&{
z^X&b5p69psp81cOI)zI11+a8A&j1pR06_i$z(HthYJPeL@%=kW3$6`8XdqD<a0Cje
ziGsipNG%i`A`Sm1$b63g8XZHGmWEKtWcvSR_gCZpPa!MKKuUY#>C&Ie&#$Yijr4>g
z;5fJ!Mpsu$Lq|gwh0xH(A>cYFFR%$9Feojo7fzZAc+u2-01S?%PQ=jY0QK*??lUnm
z=I6II+G7q9-~wNpPV+O_$?XWCdbj|jR=;SbGcntrOLVuJ$c77);~9?o$CMDFoLF_r
zl9R-*iM!+CQbk#_nj5fCHb)n}6ag(0wL9;g@UR>o+f1@@9vO5X=C#?QeqluNaW}!A
zCJm2;ZSnKFnfBghXqiU;ncHH}rnP~!W}Q1yHghABt)U5rYandynsZcIEjaD!`+-Bx
z%hNJmq$-{W#if-&&}`IW&Nx{>=5mDVFK(f3uc>yM=aFig3q{=nJ+B6wIQILa>+<EM
zDQ?y#@jN`iPK^Tj`48W9b~(-FEG{Gl>L2~Z{cwx6KE@NWmftKbNFZ6g>!GefZyKww
zctN>Ozk6t#x73DS^vN^qb7#);Yswm&FdEUY`_Om0x~+YSU#QdK@4jtP=+?+Hw$^8p
zPN#K9ySTF^a~C9=^<sCrS47`CjQ(hu9}9!EsjHf)diCFY*|V!+(mY3kt@z-PPHI?Z
zLP4X72#?`_Xv_zfn5jpbe}8?&DbT;2rC)JHY8+}M(*>mEjW-Hhd#FKg|808PExkSR
zMJ4;ZFU+(u10gcPLDi+YOg3OwN4gIesD7@@J9hV4IB}}-@t|kFwa1>y_5;7F+)EI3
z5|z_Sd-Ga$JhT1o9>VF+P`Pbsf>jMAF!d9$DQKn4ypn!S#vx(fd%9Iu5l_z?bRl}|
zSWn#;(VOW&bv*O7krUx_FtY9mY*-=no^{6t0Yv16=vO;2(q+SLXpe?)r=tVv6xjCj
z{aZ?w7T&=w95E8y5&djdlzXX3H&yGD=X^BZ3Esk!Ld#RV$@^_@dxjT_ROz}fUW{7c
zx339p-MOh^?-_-%1gVI6vCP3(eVcbZ0U3ruSz7+jEKDucj#<8%YuQ6wtD-$gC9Hc|
zGL&EL#k=&B*(4yoaoy2671T!ih5Gqw4`+#+Ar1zCt_qE{w#j-%W&P~ewHu@Aj%)Zm
z@w9e$`oz_O5$|{^yJ6f(OhR+c&kqax*v2a?{L@_j<XENF&`bO)*FeTYhRb}edGd=%
zR<qDi(S!$^UUXm?&#b%3%m=qPsc7rIc$zqKjj=Z8#Ln{BV4}oj<dKvH=YsxeGp<4I
zM>3m<3#jMg@>!DxBI2AK&i<F(3VN@b5HEyP)jmw#5KI3JvG|}@zP~akj(f-qga4SI
zp4wy}y4<)|7`?c;Y04+hEx-K3#-UzCxD?-QzPC@Q0@Pkg*TCfY*eW^yD<t7CyAYVQ
zSWNrCwNZz#HD~wl@+_7GH|Hq>s|L70<D0|$=59Li+B>8w_e{vG6{v6!z(4nk9Mn1T
zpq>>n6gFhJj}SjMdf^f6Z1&84t@`f3xE6s3*2ER*sC^d>nI*EFo9_$GA98MzY>ABa
zR!}dG8fCHc3oaPEbUsxp+|*<5|4?U=kan;~%J}LKlK5Cj+rfDGWWn;B<2zESLTgE1
zTbzC{CihA#^*rou17mBZ2@F=*6m*~1?N)+n5ZhaV$XB_)v$U@9wXua({PMji;hFKw
z=w>5cA)Oi?ciFd=rkp{YL;gVQ(aP(mKH}YB7KH_Eep?ia(;l2B2W_l99sWY|w|86<
z1rfeFcJ`0@fT7#bF}m#CF%xz1r11;$bkfVv)0T~dyqD!s6$Khca%1Mk)}Qul4ldop
zWJlYzgL_1zYDsy)RMJ{*TbH>&M$W^d?+t7B`^D!Omzvv}4ZnSKGf6Sk^!S45i;m9D
zU7E@fDb_siO>ulehHsU9cPqw-3~^`YO59)e^4earWB0VVqfmiBPQ7*gWJsg4UzqRv
z!j{LDm(1VSsn+h_N__OFYrA<hk`K*0NPqi*fV~d%3TB-li-$TKy)yOD$bBZijGEwd
zLnAHSlKW~C%COrnau{J;fpNa0t|&TYa!nI`%b7UVZl2Sc%ctBjkphrJOT}~eB$l!m
z^#k!$^J*rsb6V<+S2N!Ay2wtiIc2I@@S^y%!os$b-gouuY>saoarH{Nd0lxtlD{(f
zjSF?QIoD;uu~J;{jV&QdL@cP*;YQrfKF4TAc=H2USa;pMuHVvyBBICVJ%%UZ=*fDf
z-Rtfw&xtBO%q*&<<hbY%J%U<C+4Ak%Pds&fZjdOT(0VICH~CEyYT%Wea<SKY$X>?p
z=d@Xlz3Z509cR=fK6ZoTYx#`x%=F96bbI6HeIHUH!#>>7(|z83>Eg(S@Y^GhbP<Ue
zExx*q?9QS7(Gy*TeD&c2CmxI5*gXi$=T*Ot;#j>cy-z&2Ar+^Vifq&?Ze{p4oK>&4
z-DjYGe~^5bTg=xdqG-+MTLPu!08>}@Zt*s&Szi2DBOgoua4zw!-(w9obAkk<W>)Z0
zITqY2_I1>5xJdPqa{0JN&YgbDb*+t?v+o#s?{6s^=iU_Zz~|XM)5Hhs2E)7$mLJ=L
z3IA=rET6UHXjPO@+H{s6>kxC9Cu_s8^r<nqh>dSEk7n<N6`ML-Y?B{Mno&98j4|xd
zQmGy8GnKR$)x5(SuRsesG@N}yYFmi(`5Dg~j>=haOWuciffTXnMU|Pi;X=N|ElH-+
z;XeB_dWDj?FYy;2kXoDPv3N+T40~i3-pDfTT<#dkwR>0I@lM@iFU|Tc6p=?J`9@J!
z2acKBZpbr9ZD31UEepzSf4VMu&s%25&6vVin`=TBgF6iFuqKW-i&iq|?a5_AVm>?#
zS;;)&HJwR6**ILhtM5az(%03@YFR(9l$gx13MT32I*4W<1{*>-i3ek2-BRoWcMU5|
znN~R(DTth-8yj{zYuyw)tEfnX{aPxRlwR6@RY@v&huM&D0Let_*Xf^XeMGOp#nqDy
z*!9nUmRNsMUaqUK;j&*|J68+R+Ov7IMN;4Mu9oS&=w9{$N2U+`fwAVQO?I>1=wths
z*rBa+)g2j6jbedza(?&Gb<Vc8GU9KSq%LkgdHZnh#nfH1h+np4PgLYRxX)f6T6W0L
z;Dio^;gYefwpnnklP=ZEsO<*pc;!^U*gR=-35T_Q_N->a<^!y#^&H-@2}p3BS(<8E
zj4RQv15li+;S`oeub(U*(=baYS}2yyh}%(?grAgq6mx+3PJwIA^^j6^XxQPJs(8*$
z<BN`t2hY5lX+Zh!w+}wyQp@l1YQ11zi=*Q{lm0NbS04BFPA2woSIL+^;0XJ=ySkza
zYlc)lIv#YUif2iLd{C4;`qA!6t*vJA26=ajXOGaG!*vEV=j&2it>)s=hsjxQkkfJG
z(X^US8Mhg-`@Ub?dG|(1*v3lKdq@tA7(AETdVQw3!N?U~e_(M<l*+`d%FRqR@nl^>
zy|hToH0wyr93$zO_Pwhd%<gvM)@(yBpPTXi7g)chOw>_EmzKgTp4#+YEA}<^FN|)w
z7hh!TC8yoF{dz3Z@mXt!Ql=HR<(Z#^aiPO;TW8N2T5q!D=pEOZ3dRPum*R|$aZ?ZM
zMGYm#O{Hl`>N_82z~4TRWG^B5nI^}QoWn#DC@{6-%k=i^(Lx7!9v3O#I_rMIRakC2
z9l~2<1l?OTpyy+*qgSbTbGAEwtPeF<7L(n4F*Ec+NKNP#*7B|Xn};LUI^lK(WtK)h
zmnqV2z3ly3*xdlg$>st#Gy=jEJ(}3Y?ioGS)061A?zXo|Y(nzl_*{F;fw21o(OzcA
zH4(_#D?)u)TwlK>!qoCQ%zDk$)V$7!5`NORn;M$RP!E2M4I!xr+91zCAg}m^l5VYI
zvd!D9^6Yb;*jmH(S(vqUm{-`swP3l$>-aOrpC%tt+<bPEJq)&(wB0*fPU*UY{FAIq
zrAZhw^GQ-x3U0f?GnkGzu>HvdY?HzhvFGAB;y|_&t(WRAA92T`lhdkRYHO_xryv7q
z+-4BSF%KEf+_hgRwse@A72IuC@?z3_2fGN7PBA5KPJ16|LcjaDL&cBCYh&lkcD5I=
zJ&k+XQ8r!D`LmFF+LOTGOXfWXUh1uZlsuNws1{(dRTD~tBH;qYZ$cZ1e7w=sxw6mP
zU$3|J$II=@JuNNQ6IOIdAZ2`RU^*qi=y}H`*+P$ZxMtkE;$*tbQ5~HzW0e@YiZ^@U
zrH%pdE=#pLETV2mwWMF^{a7oMbgVES`rra*ECRJVckM=HrnB9zmY8j-r>Dm+F}fUe
z`%k(`PI5gsZ!;q{=<dtU+S<B5rFJrobyxB=w`2aEt&`m0Tbb+~?aZ_O5ej6yzpqWn
z?gL)_W?t^^8l*LDjP_J*5`3NBGaB)}YE$&9jzocIV;*VLtumOd18Y>$1VZc-^UV0B
zq-LsW_rP?`^yxJXh;2QW%p7DNoa$|21j!p%L2hMjh`%nxWLqY*^WT;hF?n;iaY|EU
zbbXXs<phdOykiN?^ko@doPV_AS{ZI+XXh5R!C~5^sJ%RI?0$2NNW5X1S#QnAD87S4
zY(0*-Yq854A#;C>B*3u<KAT_B$Wx>j%nv=7<Z78+8nL}2n-rbyMA6I{p1n5t=9k7<
zH*VwGTtfF=-NK$IHknk`mU?+nbfUC5iXC93O2EBtOx_lc^5*O<xw!soH2YMQ+SI$0
zVV2&!p|W&>P3fyUMIl^a939mwr9-chPskYCc)9QQ<vDbU_^OjfO&MBo;7HZGmW8&f
zH5-KuUPLOjnO*5nS6!1Y>c-i%w1l}e_A+{_+BDg*Fb#I5M-Zai1P?6Z0rgz~GrME1
z=-Befd}MTgTdP&4<GxM~H-9Qc5r*45s5F)>E}@W}6Tvhs=g%`SSu_c5l#iFsYBanQ
zk#5g3?t9&X%21Vnv{!FATe|jd&6tEs8O!7v;Nc(1(`{Y6k;gB;$luoMG2*NSfkcUW
zRfB0TIff7lhYN5Ax}Q>&mSGxg<1Vntj}bqmvaFvgpt9?^+zxy43oer#z=YAJl4uFz
z6pP_qbeX)d*%%#1Kd$59vlg>WBh2M<hgq|icUHGo$NVnL$lG<gsL`6hgeV+S+|D}r
zpyfh$=Sa6$Sp8$j)TC27a_m3-EB^luwXe^Ad}(CTKeNVPJpVzWv=9)420}{{sfk2r
zYOg&1L24s@JpcK3AOwm7Xjm$qLdTOyP(4xrfuI6q;AwbIJONJ+LK6T6K!EDORiGFu
z)(6i3a8Nxj41oryK(Tl<9=Ga3^TAL79GV(HA^}ty8X#dj2`jdAY5-{J8Gt9?&{#49
zpkllMG!^g$n5&+j$1nr}IS}oQr=z_9I@afpj&wW`AP3N)dK%hrkO>7K;qWAHG!7sD
zbl@u=N`NN;k41lSp{-6pz|iR6dK5AZPbX7@&{!V;>xcHj;6JhZ%m7O!(J^?C_X;sQ
zjSiZ9$Dd3h1bv}M1gKyHcrP>sPXP#^7n&A;#R9;}l3$4UV88@0=>V04A)xUzS^$8i
zQ!!XSfV#RO74Q!LKw=osllD!v{%nFkydVB6Q#_bNk{8|^O~KH8R(t=99oR(U@HA`y
zjRqE$h6bwxMn@wPzO5jIiYL)mGWpqUl@%D3-}f271klN7EQW*y2<X-PuVw&@9J*?*
z0{vVSG(e@2zsCEG#?U@=A}A;*bfq?)00DG%aZ`a3!Gh4}<WG~Wv_GZo%V!!1PoV(x
zFD)uKKZdqC_T}^fBOrQ$!UH=)pew4>1Sx+`?iU4Xg2JJZ1E^TwlWH}-w&+0=P(x7b
z&l7>P0%)KTR%{R|P!gGr_rhZ_pO}A{33SC$0Sq0KI|kGw6bVP5RN=a+aFjhlLl3U4
zr-@KQp-|2%Q&Dh#%Wic(&!E+X@gxR*C5uE*sjFH1(nlxz0i^HxR$`^BuJi|u{h<$F
zQt+S(zUf&B7OM9-XW+75)`MbjL_En5U}A_A0-%N^6TjqzgdwgZYvnM6vREs1`&K!t
zHTjn=R+@Aw-rM_gZN3>q)4;8W3m|+gGC*bEv8yc~GTHB66{drQS;-C+)SnOV-}>no
z@9)&$1*S8A3akdE@vo6D%|Fsc|4}MP_^ST?WME}G{z><$M*n2!^MUjy1Ana|q}Jb4
z(Pz7Fj=Ap_W3m2+^IuKf(Ztry%<8~Dc*p$3{l7B0^8b$}7zR=cwQ~Q%Q7Gh(`~Tko
oxEfMTga1Fx;s<`<2Y%oOe&7dw;0J!-2mT%SFT8TI4ge?s0OX^&jQ{`u

literal 5608
zcmV<E6&LCsiwFRORh?P@1MOI6R8!lwjv#`es7O<!MX4erv`_>^0qMPoKnTeO0wD=0
z5UC0RQbnXnuz<89NLN9cg3^l=5k#dUih_kMa)XN3bKZIPo*(brJKh-1F*5dEWzO}@
zZ+?5Nj71>g-2oI?#+iacV*$|LVo<s%DJX0_VQ@w0&(Dol7*q)gg2}@a7337;U<z;$
z6eb5(fP#dfe-E7B8-+wh5`~39Zg`w8@?XsRcjNz0ZNIR$oUki~Ec{IXU}Z%(3=UV6
zLpm$M;7F7b3<b!e;V8Jg5>gqipoo-5p<oK~Do9}>;6jph1CVHvtS6F028e&%RaaY6
z3k){ZJZ?Y-z(D`)N!6y(vMx2>x~apZJ>{?6{+KmDyqcE@S`ZV%{xoclHaBG&=2Wyc
zU!j+9(nX~^DfWreg#|mY=q;96=B6rUC?@MeCykCVXdT;r@}iBXW*pJponaj8-X=aI
zd#&l@o~R1zIpSHaT@i8Nd{TSEN!v${4O?!P+Sh5ZOj_P67KaSZ5ej?}GOxxG!Y?)~
zo|kk)V;-(atslQrvnD{`JgA#5R=W4v$tysf^Q%htlXL6S!uwMXG6a66giTOS>{Jyw
ze|RdlvH9Ujn#CE0zJXP~N?b~1>`Y6^jN$95yM+Psm=fuBS3rZ%UhmhGR&YnaE?oz%
zNBWX%F)UIG356O;D=)PuI%dbBRt^X{<g6I6QENW=^t{c_*MI7Oz0uKM7!?>`6YOgB
zpm&waG%Q2oV%YZG{h8Bx;X62Oudwti-i%3j^;wjd?H!Q#X#Pc8mR9Y~H}2Sdmy3KR
zd@L=7`Nq>8w)W)s#8-AteZ=w+;4w1~v$8Z@lR~Z@@ko}>6nmbcxDZ$AIwUiYb#n0V
zA`jE;<)?cR69UCT-e15^KbI>UD-T`muC+-N_Pg8tvKtl`YubKiXy+_BmF<C(4u?wt
zw?$og53gOX)uD<VIRxEKL3H&hrH4|M^*ldUh|+X$)=*H~)4yLm^_0r)wBh9|Bm4-7
zqQGni2qsBTAbQ?A+HNpi*55~S?hR7hLa-y?rfPC2v>_Yz@{sJ4%=-?l^$lIEgDhNB
zj-;XHekuNQ!fNf_@zGZ=r0Vu9TUkN;DE--==RU>{m_6|BxxtpYGVZQsygcmXXasI^
z<Dixsv+fnD^x<?JuS@5wmU}E2C-kvs<tDj<S6BZnG0ZKn__%>u13rCeba6)-!yt04
zilzF*wCmJsY7toP`rAR3h#{SpQy2XntZ4{mD*l%9nD;JQBYLPG<$KexbKfa&v`VS$
z!KI^`)^|DdEI3Pwv)CsWwAF5#Fr$akpL9`etJ(RjFA7X?9S@Cu5p#=FlX)}+Ywx0X
zit0Vd(_bo**S4784aCzXukG^N-~A~W>iFpS6Igkf>um(r61TCp-r86+WoRuKmJqws
zmH@xK9DJX*<MExWR#5hAVSVpa<t(S-R1PXFJxUY&0J>9qQC)k%IaTkH*p^*hBkYIk
z4CVTQ6|;<aU%ZHf&wYf?eyov!Y_ka0V1AWFK)X6bNAonRY**6P+rBb>%+1AaJTL5i
z<orNb;7t>O^HU;s+4cx<y*rb#-Q3Ns&(EPPl$t+TRij&exqj|pk7qBlSK1r0!mBNe
zVl($=oD50}dUB=K{nOsq>pm<y;&HWcL0w(r=_zgXq;CK@9thI`(wr9_ZIgh;@ny<X
zH6G2;?~cst3B7aY5&x3U>_ouHl(YJC`wlZ1J{h>uB~rS;cM)825Q}n23-RrKuw#p-
zWX7Gx;=3Oe2puP?@<Os-@MU^+^<I*Vw63_rbSuFlq;&;yaa;KNsGL)Y5k#9o|E*)?
znwQF0i+Y~*x=cwuSoiNc&3A28bk+Rc;^6?$-BPWdG%%Hx82yz!(Cq1lFPH|(jk<%+
z+gvS9!%|?1rcXj@?+mk6u`|lo<OL^0B=RQc>Qa~m!|bBklrKay(&Eru?Pp(pdBuNT
z-73F)2aT8KP5-^qD3zod$1@P~Y)P?T#w$DPaW<s>pnC+rRDSpp`vYDUu);##E-Fo4
z0Sc9enROX-N;m5nb{lo{-fU|}rp&C!F1=RbPS(zNS^5$|E3BW-EP1puL$0as@xy*A
zS$OD3anEhR{(;G7c-}z0!~Vpnl^fyi`KH<tOiaEfAF^RZ9NHq8TeuNgI91-l=68#p
z3(QKp8HG)CTiQ^${udWIRPs7z?uC^jD&D0|eo=mAoBJiWVSJ|HljXHN%ct4Y*p=Uq
zpFK~0YUo!tz4oXiC+Jk0$$3epEIpOfX10=vzT{Z<La%&M(-`Fx-`mCcmu0@^gEKyN
z$M-siRlhNQOG>LD``%COUW*|uPt82FYhy4oO-i+MZ0o|_7g_K_4wPS5(W!#8y)-Y4
zzOBvxVlcuxmIza6F&ESfw!(HcuC8%0_DA4W-fn%%r8xsArD7koMxm2XYoEkaE*|v!
zkn&lmmNs1P#ngJ`+FO=mB7R(z%+cEz@W#TNdxYyBc!eZlrHrHrdK2~{+RELI!pWbs
z?Ix$U;-8ebd~#yl_F8WE41fDveD|KqLJhn4ZYP1Yx7_#i;0`^E%nB1Ri1LC|$mmxD
zq#Jd+N|hRGa!;H-WXr*QNu;mJ%4mPkS&fsbfr)vd_UlPi*Smvq%<fs2#@nBV<g58v
z1V!1IyvhCeXw*wU`*MN{#cA&K+VcD9`P1H<pD{NKQ4V5fqDS429FAV-jB9(BCt{SI
zal~>Dmhrde<dMUZ_3?}ZEO-_#X7eR_#eWQ*5TN=cwX6DVr1sN{BwwrbV()?ccP;}p
zL7;-YIgg8WQfWr9_c$Iv*|Zk}Lr<ud4Gg5%^6^!QY=gs$OgT>!GizM^jr~HqjYj37
zp$1Dri%ALi4d&qW_>dD5TUn;A@zO@TJsY(08o2KYRk>fxgvAy_8+4uj=%%vAz{R9K
znlnG8+RKeUv!84AmYNE$0)eM)rp~vGb-P4}@5+j88x&t$ly462cy`sp_SmDPEkQ~_
zkoMp=&U=;IN_meLn(N(|eUW^`!L7oWN(;5n#65%VtXk#v%Vd*?-!Uy3_SnLYZ6)N)
zu6{X(2uof4h>@jP0sVyi`!Rm7ne>5yk$2R%*rfu}jQZQA_XdRmu8_nA-+O!OUZItx
zN0$5^EfBjB6%C%2@-NA3kuNN!wBz(V3T{qt7v`@OEGLt{Bq{dIR_;n^?zB$Vus~5X
z_oWU>1fGhI>>ki4l0AXunRz@`dn2aF%Gg`L7NdSLKS`ARG9tpLfc?@`m(Rg2uz#!8
zxvHi{cAgVAjTS!LD3dRlpmA1)wHY1nK9;7e{}2*0Z3H|^G7_%XK|S5yq@Q-#`1ZPT
zh?1rE8Y%N&nU>X3Cud5)Tjz{MOoYua<E{7t38;YV?nvh1{Gg%h%D!w%tWWNRAsvfb
zI&2-C@*UOdNMorot=Rw=*W2B~DunLpt3}A!)p|#An($w!j@vzbYni-UHliQ)`siYs
zU%bxa7nL^CTucTtGz$4>InsxFU<{%;HlS-1`)Y~C=6EOjW28hjlc#RfeeEEvvxbKU
zj~?;FTUJSG`}>;;Wri0Q^Ki?7gze)C)(x5W<pkY6V~qx{SAnBCnlDdkrI&_S!;~&b
zeF)AZqVA<gD`;k>s7CUzCM!19)w`{fS5Fv9jS1zP?|9AUtaN_+TW>W^Rxiz$jWLJ2
zmV?7%zSu_xXA*|TbL!74AO{U^+jg(21w6w(DGklrGv=I=!u!Oo4{k3EeG+=t_UYiQ
zFChLCnO6$8eA^J=idGV`vaU_8dNpgy>oua`<S*&*OCDqL4hC3WP|bVx>$g$#J=^j=
zu?M=ddiCJ#38$R)r^vgCyZN%)kGkqNl}#{m`8{`gt*aCNeA{4<tIh4`<H$2<pUQ3q
ztXi8C#+E#~jNNY)_8U_cYjnoU_<`WvOE;pjk4Y5iSY2xo9ZZ;$j<iD_?NyYn8}8TH
zYdEUV&JrO`3bGx}uHYB)6TUL%oYN_Nna7Cbg{lvMdv;lRZs`n%yXU?Ho!K*P`k8$k
ziHz65MaKMF^PHA#`O8p|8W>HZ)b!kOxP6aCUQCBd^gF%&tA+TH>FuNN(t&6LbJjfV
z<ObSalQs7JVpH2fk1tXE?uFe7H!J73=G%6pJ>XSLBWI;IxiztjgWHX%AuExIr=}xe
zmzmYIE_FAOiMonHRul8UYJ6g+i7!q)*NQU}HrU|b8E+FF?vP~ZqcJQsqf=$ADZVqE
ztaY@<PVpZ5Wl2d-iL)i_2^l3%OQrY|)%1pTP;lCcXJ>cSxp9_5d1Moh&>p<m!^<2e
zdZ7DO!*3pWtqe_arp}F{O?%ayyA*XEhxXAHIz{>sU%a=Jnq@btj*eM|g%1gStZvJk
z(hLV$@i%*-w%M82W=7N(Col8G)d%)nOV)S~6A;RNbtmunGa9phneEXd7nBL!r!s}=
z8rip=R3W-(wp0YfRL)SwKjHX_I|G>CUsed_GY&Y%+{rTj3gnxomwG5Q%-++Z4Uqg;
z(|M~TlzIC0xV&C$;X={=%=2nx37F{vFT;$9E8+|v?QNy1{euE)sv<fMYhAOpwn<r;
zYk+&{Tl!u&RR=!xftkI($=X_1`)QEF2dBp;rsMk=t3(W*ckXa^w6{mxsu_}Ax3;k(
z@?`P)eUaQ7wQiALXReUQD(YzX`X!=c`2LZaEBBL|O+KE_7{+HU%FUj~kEYi6i#W{T
z9d!j9Sx%heH4o=~;IwyW<j9)?f_LW{8#L`P4~&<$oRfZ4TgFADS;e(}`&YCU8CIU*
z7SK?89l&;RH66{%&U^Xpj8b3GD6L|M4P}<p*2M8N3k_CnwT{p_T3Db*Xr1=YJuU#~
zW^VCoYJ%rF%$?Jz6x(?qEJ5B{vl(8ll!oNv8;}&|Qig&JGe^X&PtDt_MF>Je5y4Tr
zc`K5zsJ9OFwS`N8Pr$Eh+Nq5fSi{1P&uK(OMlrr@pA_S6Qyje~Fw)_Cu-%51>?;*h
zRMV21)_K*`M7uC6Ju;8VSpLbvJ)434#lk=gp`-CFwBFI^-rjiUZS}6w;jxL!6CYc{
zjDwzGIs2%7<vT%J^Evvn7=HZYk&wx2)9W*kk#R}k#O_kJm>HVMl=YoQ`QfD5&E(QS
zpbub<gxYOXnn8<6o@MT&xv7M%p<Z*F!5wp`qC{@dHt>y!sYF{zzRO&e5)#V^Vy@W-
zr0(*HPG;SZnwFs6m`un@LW_yNmQdya#3o-!aEVWHzv0Q@0kTh$`iNel!R>|}oz1c(
z=B7$ef}9VDQ4a))b`o*U-TDJ!Q=5TaL07Ak3zg(P*o_T28CJY_$u;s3Vr5U8w1+2)
znS~wA&XUdi5_+nwY__;#4~Jvwq>t})gI?ozs#`$CWBl^fY*gBz*kX<lD4W)z|3lC1
zETPr8`(HcGGn;y04(R4y5<buyRCt{&Y2xF+Y*MV|n>Mcfx13hcjp$F3(-~$_%F5$f
z(qR^N7LP+qtSJ$vR_oLZ&sFd@W#sp**Ks67-=c)tEOd?s!;j@|-F=X1XK~gDDRk)4
z?8J5NZfljNarS$s8J=G;o8umIbO#3rHtQ$VO`i|w+B?r^ee<~BG~*dTDow4Gdf6*j
z9FOsGH!D77?Bb>8;<(ZvEMGC&TgAmbpV2!S{JDxN^g~-bTc{S3Fub-*Ld7azbgwqZ
zvxD0?llcc<x`(7%WV>7S4fOyP|NUgFS;>d?LO+I}PUS=SB|{$)FNkPaxj5>(GifDy
ze&}G5IS9F999gx}w9ryovwO#pw;{i^=;gP`9y%+r+o4lqbro4V{w`EdW)^RKD^((;
zmmPFP9cEI-M3+Q?gkHOWq;=ER=_8~1EzKq!*18>?jNoK~qy(C8P-;AzhgUp1Czz^p
z8=R-Dy{zr~P&7g`>*3Ms!5NlJ6Yh7Nh~9^IL9NyME|+ZmOA!;$N#i#d2AIGjc`D7z
z6?tIMWpGQM(}<l62y~9erJBxzb~KFR43v%0$MNDJVG*jP5MzPa%`l#e(rfCuY|<KU
z4yak;-!f>c0k1T<ibHv|k_?A6$Rc^;@57X>Js4unyf=LRXoR|!9vJZcx5L$~)nQL|
zc;{(cDtu^)rGmtxCB-nwa#UJc^QTa+;E{%+dJyL*<L7r<l69!GErOtt^;CvWTjF@Q
z7^wQsX0KO|q0*v2PvesE<8=npE}FFT2ky}FOhi*@9?lr2fw{DcRtAL!s=*+^!L1nA
z6xNNv<VdfKbx9Db1>-K3rES@Kea}8M2%uBXF|DrKT#T~*Z{Jt_vj1Bne82y7C*g5_
z*Bbx&{ue3-SA_j^|Esid|EoZM{JQ`B511bW4UkYo41tWn;~=Uy3KlC3@y3ua&KN9)
zd>VlTya6mk6)Fuu5>aj#ZvYKZbwOfDfHVY!L156EE+jW35kMn|6dVp9k`Mq6>5Sc&
zOD0n2Q=KUoEE<8rdjmwID}W#Zt^jq@^V=8_i^cmOTrp&X3qVG>{oav`@dWS`GDKBg
z2}(yo0B~pw&J}?MumBnOfrmhG#$r&2uP&s`09Yi6Oka<HCt=8V;%NlR4M2GyT#%Tr
z=)NI9;c;XnhK_p!7=}cqPx}LYJPv#MJ48=_NY4P{f*@cB0G95BAW={#0N7aaI}kS{
zod7BsAmWf%1cpSS00=S>iShu5n=29lFA6{hhNOFveq!s-0{CD&Fh7uD=p^D?Fs=v!
zlI*tG`)BCrO#~W4LQzO0dSOWjdUfd8k?`1`D@Y(>aO4dpzqxIqqG#ptM+T4-G9H0K
z;!pq<vC01?1N6)xo71Hs->QNDh(!F4e1Fmy!j0@n7Ze1tQ5$CfOLsoyAPw=P7lcH{
ze+{<L{z}{TcM=XmAOPg=Eh0TWlC(MYegC3o;OR^k9=+2KvY|=^I^=KUepj#pT{t8>
zg@^*as#g9-i+q|u*AT??TOc|t3W=_SjX5xB2o6uixL{DougJegqPwDq0Fq3XJCd$R
zh#Y-4I|NlZ1ch6|<W-?cstPa}I2>-b5sHBROY=74IiKEK7=!c1Y_RA_SL!B<-}}gT
z4*>UvzKvW7n=AcJW54SIs00jM1wZv{Bnwgf#u<It@9RO3Xip68C_qJe60m>_3h()y
z7aY=agDfH*Plf~pY}D;%<!sjEpSsv+l8G2s*Kf7?X%Io8e~M@d_D7KcqBjP$*>c0<
zJ^oo?GQBVx>=5bta|8ZIKN;!z2Q|3R>7)>W&BWyYIr6>vd)SEIOGOU4slPuN*!Ud(
zq<d4Ne=_uKL;90}f3G4r#lNPaZ}WcI=Ki=?K*0a9|66ODTj-e>|E*`tzd8RmM(O9j
zoB}-!IYs!!`459B!hfCr{|ST2$jQiq|Jx{j*)RKLzwDR&vS0R}w0{8UNz&s0C;$Lz
C*d;&!

diff --git a/vendor/project_templates/rails.tar.gz b/vendor/project_templates/rails.tar.gz
index 85cc1b6bb783a43c2e2295c5d06b6ab0c5960229..89337dc5c31abd82b8df58186ddcb17604f0bcf7 100644
GIT binary patch
literal 25151
zcmV(xK<K|8iwFQ=AnaNI1MU5DbZ5=BC=AE8ZQHgwwr$%^$F`jgJGQNkZQC7Noj3hp
z?|sg<-}jz>?!Dt1W6v=%@+-}ntg2aSRV_Mtdq+D<6C-CjLl;|PYZHL~4Z!dTY%DB)
z{Qrdi_MeS`k&P9Ak(r5|nStpu$qc~2$i&LZ20*~@zk`_n4lYj4295*-0FHKc&i`Na
z{#WJye+t9|u1o}G7S05JsvnAjk<EaamBWbXQy&HlY^I#7EXIs1#%w06jGTrnCI-d^
z46IBn9IOP6CZ<mG=ARi(^fm@g&L)ok^QPjWf+A2*@`A!rp9BDX{^`X-xo0Iua>Mm8
zzz95M^>It#9;iVQvZ0aLZnua<Ck=mReI!@guDs;s7Rj@2ND)XYBAH|?(u_wZ(<R<v
z(fYw|a2M0nbOsn}DpzLDt9-thTzcub3TuiK2%pBIof2+@TaZ42AL*rVMxGWWM~?gm
zY!S{-P(kdT#mvIMz|5#HEj2|mB0V)mFKHs5q^Q?fDZsz6hnDKqUk$TzYtsG-Ls+)1
z<TS_Rq=-pn<~oHi`!vFC;Af?D9gL7ooEwWPppu`On42}hU^6u}m%9!MxA0!A>&@#b
zmOH|#;PbtWK<x{<o?7QR3fLs2S&84WZ)<0s`zxG`4R-nM`vwk!X!uI0KD6F|Tm#Aq
zx7zZ_LSj98xiD%(B~ha^%vS-z+PtqjmcMvQs?}cl<jl^<B=~6$^|;TcX~L`(P4NPA
z)qCsB+}d5v8pvNO)8EgamTsLw<ZlyiZ)ch2?js~IyDoR(%FwhP795L%PBYKAJnL^O
z_ynT9em6kyXn5WHL67uJch1rK`KE+Vsz$pTH=lqs+(7N6w;uG%ZW|V;H}i%!``KlU
zxCdbT_=vQjem7%kJDvXQx?0E4S%k2(7fAGDqoB#{941RD1#T8fi|vN2>vhYDSOWE<
z4mTN?i>{!dqpP83nXamXFJ6Dt?AyH5w@6uu=K%+rJF5u#4|Fa}LrFmkMOjm(K>J+o
z?#qGb3h#r_WF&CA@+*(dlVA!830gXXr;(0w)7VR|v2?d3=T6Pq4VD6i8hom3t*;BH
z2rG5-9Z7FQ6;J>(DSNRUr0!WVih{NzgfJbqP+y$F8b*6~`G-C583KMx<V|B>F2kmF
z@D`_2a5mPCsVL8&KSe@3E=u~a9>$a&Bdm3Dcg`5lG`EmekcCL&IJI0T#MB`73r6YV
z-h*u^ag=E4%!6*aV$2sMzSFcAuKIn2jTN%?s6d5Ci?<Pmx6QH_^kxyj$F8jj$4d@R
z8*@=!@#B1kPOPVceX?^36w~hnhbENZrsWMvGwFR%BLqV5s!`Z9`g(TnzXnotZ6vi}
zl+7M+B*z@64$=(jr8>8i@67ue^rk;Mdc5!qT1zRIUjw5VZjj+iVr;Dci()Q@D7WPH
z`xav4e0}pNew8kg2K_ZnQ(EsHzqB&kxJ)_~<;qu~B5AVN=0I=sJf?ofE+XbyG+4~k
z3&r)QN>nYCRaj@<^$Q2ZD7}c#<Z+Bmhpg&zhdqVKCw4LVvYBENt6vbi=A;ITIqQDk
z>A`-@p>;+8x@SeJ$k?s3A#|Rp!R!WV_E3AB7s58#04yDU1Dpk00pmsS7mTmh{DCxL
z|9!)n?`4hqEv_RH%Umu&d~!UK{ZhgB3q9hg4MdD8I=ZhlJTBb4`qqL<Nk488@>a!@
z4|mg6pV`yy%nJRLal{CBbVL8(%2CT><4zIzRb!bU*Z1lSvx&N@GUg`_ma;Db3xpkr
zZRFD-Kv0c9RZxwwR`;CyN#%9+@u}sB#P?hD+Zs*_+KX9_w1gZ|-)_b6JrO_*BJ)HL
zDz_`6@9l{LHyu=x7R$3nT^Oe#bGPd>_+qR1`xLsC_6Ull`#1^ixbH|49-%_cOk1;r
z7MsspsKj=riER*p4*-xvB9)GvzBTJqvt#+t{2<}F@aOn4eyjL%K-2Ra$Zj^vh6WMz
zS6%Dm%3|2nurgEl6XJmv*X{U293^JOm%JIyGhnK#0!YsuMWbo4Ee}E^)TPKCMBqw&
zR5MM~<7U@-K^h1n$trX;C`|;hUfI2_{qan49v+)2q8om(tySGjuK>YyVt+*Ljqp4f
zaBx+EpS96S$Bp}<R{F&1>|Hw^P{~*tyo(-bb9kMmH1Jz<BBvzs8`SQtzuwtfJl?5$
zbDRL{LVlGi9zOYC?~x}<>lFd4>0>=(D`%`I^f@3SSnu;uCULi;(rSrd+i#XJRyrsz
z`od&}XM!dby^m7;G@w3?k&nT<#DO=!AJom)I)SI-8E$&+s*+`@2)qx-ZbjCGMlNnC
z3=(wK+?;C6o%+_?X91;)kqMGFegD9)E!>g?KOT75fr~38u><FIHfzB*SrL_Bwxx+p
zAQ3+?^rf9voUpkf7{6yPRDl^jp1@*4%nkk8eQ#~t<BfoL-8!1|)|oH3Qk|XGK!p^9
z9AMG_H4cbE3oy$;%V%l@ZaGG0f{X8G^YNVet`9-_83!BGq9Ds+ni%@QCZSid#db@K
z*%-#i!!RdvN7mJVf?p+Abt}*9`uX$ob$f~1$-7Rl7;lIRkOy&k)iKkLK_R5)2x?M)
zz@0DQbb?Mi>Ogo1dcz4`kw41DMuuLk$i}TZ2c4PfJ+tYv>b7p(XU4TsX>OfUb-!4B
zNwYdK;&cp)`0B-J8+^S^+_rK&L}sRz)}kQaD75*7DeA?~woutEAieu^ZfZ~$WF(s&
zFGF0mGwL0;-mfAWd(bAyi#a@p*WNrBT>yNNNq`5(;R`RqgZUlD*Bh>1{Q9n<P?QZi
ztYdwvbHt`4%b>9Yp=LsUh|c1EvUr7Q$?SF5=U^mSraj)?ZJIIm$=v5`*%>o9gEURc
z?dp_`eqer<1wV6Ip51BdnH%HZhhIL7VJ+(owyb`wWCLrM-+u7IQF}*tMLxmDu#OhJ
z);!U}quj$cEFCU`zWw6+<+Q2t0pQxcyVg7n<epWjzGnM5KKLxD9nSy~nNXg;Ah7_h
zuG#>T$i_)U@?o~wyIDx(6G+Bnhx&SjKJHlhXb{M;aiDNI9ge5({PMUajM(#U@-D32
zJLh=Vy)RemSKhQUr&i>%*7eu9Ye1^r$>pFci@&a-8V&jJrJO|yoqoQp@lMnQ8NV|e
zSZV0VF)a3%7k0tmWdlk_+czUc_@5~O@8_BB@pvWsplzkJ>clovosyZhnD1Rn&QjGL
zob|&}QC{V#j4gnEb487C`lu2UYsQ6!#v5c&Aly!A)P|>Cd{NA2d6Q5x309}R;7Y%w
zKYoUsFSCVHaIw|lE1LxtLZi~X$uQ$YyS@OVj)k)}a<VpKMj1g#8y=P&?LJHUIbBvu
zoC03hV(Fs6mcyobct*)tdB|h}PtG;@t9pNb^fiU!2?H4<;0Ju1?6Vpe4mETVxDMW&
zNaI&lcGBw;2*|83>qSRZ{$PP=z(%G-hQFqW!Q?!L=_04!(=#+P$J|$D#N^ZQsEguP
zZ$3N}IFrzUSB9WvucO+ad{<_xXhWLwoVb|hP4CdzY;X>PT|fhp@U7wF(<}^nV!)8Y
zauwFuzkm)06R<^>TwJ)5_3d<&%8JdW-WK2G52_g`ZVo=9b99LZ4hg9{;H4!e;MH(%
zDa-GskNg&gjo#Iu@C4COp3*okAoX?_vvmcFZQYq2;+Q|{^hP7tdKT$mCAsnw94E64
z-yL*QoMG}!@asnuNYL^W*rsCT<wy!!XHY;8%NI(;R)WYO;Ib!A8H;=oB0kMNgY=_f
zrf^IBcXN)~0&3y{A&nHiA?{q0li5V38qxqcd3x3L3v(CRL-I5oCi&g0%;e}G3lnQ$
zLWN{%F_LK8gu4OHeEP)6Z1rZ;D-gx_^l=Xrt!)I?GL69t`5Bcm#|M$%%=ac+`5A5Q
z6ynRA7W6b8L8huI&`TIjSVdTBJGnjLZKI5AK|0w=GgxHebK_uyNSyr!>BWG}fcg+V
zvxuOCZ&D4RF5bpxuPZso&EQ0xWfpe%ja~L#bWKcj<4oCf(GhwN)+#d<v&=R#{i0vT
zJHo;@$`8~7BJb*oY-$aXk*SR=Pg)M{lZ&v+B<~<MFRMv&-Yr#%A;2o7xiY}frXkZc
z4hn@g_950C>ULCoNP`!vG!>FW?T`YH;X~W1jEV=w9|_?pmHn_-5cX@a@UrIK$--<)
zWcK-t-sh=WNo`qXgwmh;M6kkRU{G8Lv1M(WsU=qD(k41O+*BKpFLd{&G97YrMDQ>W
zU4O&`hNL;3p8kk>5Ujsb?6?h%lL5m6?StyD_z4Z-z`<=Q*zc|F<Z5|`f#1e$N5uIc
zl-H7y&K@uaf<Iv(ydqo!8hnn>UhC*^Y6AVR5{eA?P1z}BNYYnOp4Xr@DSB}?1XQss
z%&xa===+{p#wnX2dFlYXn4`kIgT~K8$!`rzp)x~sgEdL&jNk$a<Z#ksdHcQ*ljXNM
z>2z^#Q)0lF*4sB1Yd;tl?C)4Gc=3&ICh4YYW@_RIC=naJ;byLa=#D&iWPt-)bHtb0
z`zSSp_jJO%Iov1kYSO#=-E?A<(@NX1QDfqv{>+CuH-`J#CeQAMnl)BGMEA%%iChpm
zx4|J`iGH}ANKYe}y)s0UdnAkLC?}$02SA{SX%5(^Sur7REM9<2J;UU5#sN!er|wqJ
z@@2Yx2y=Zu3}4J^{Km<v(}QIs!RZ;^dseuSO(rv>GM!{j(Q|vZajwV%cCQ!=M4Es$
zU<?dwCV0Kp=D1S1=Dm}QW#uuc&7!rMaQppsD-6v&=El?$oCjq)#-4cLCqxH0Z`QaK
z`H&^EpNB~9=Euu@Y-}#Scet~U=*;tAN#xjV<k;4h&amhQ&HO@z++1uYME8|)Z5(P@
z3hz{*`Qx{OAVmYeXg_O4jW59zz#1o(N^9>Z=qD$`&d~GJcNB#OGK_;;Cof1TvW-=0
zW?ZN%eX)2+2=7+0d;n^}JgSwHvg9s|Xo!b2ctk*&W#5wtU*67}{r0-)`TRT{ubG$>
zzxz%Szn_vs_`bS&{Q9-a^Xq71sk;#K#yKnD*iT19L#~_XGv14rv+8Gn8N7T(3D8zm
z-+i?$2v)$bPTK5)lg%fii!re-D%kRM{8hmT>so(6{{EJ8!xK8EzU7aT)liFw0dB`i
z{3M`e%`rCF8GZ)4uYMM0V>x|g`lPcY??YF8RP=mSYW8p~TAGrf?ix~AH5LLE{QXdi
z&`26t1z8>|!o+vwR^QDe1sA+@-Cke_5$ilJ$9JEyHX8T>kqWAqS$6H-4gP0H%Ql6x
zWjt#6(08GmEcaHBTK=+kz%JOwD=wy9Ks$UsI>5I>A~Vc0*38x2iYm4n{z~TOeT~SD
zLG0)6WYwv(^nf^w=F}q%ZUQBs^L@bqExr}Im=`RvGs-+*;2|dDAB9JA_IqtasFAI0
zTDLlGc<~x6wd1}3xXeEq>)}2_m>5B%00tP*N8Z6)gWezh%<iD{+aOpBM%I>E0=9O^
z!F0DDUVgLNKY3lXkgTC8k}ffk7{VRJl(AO)Y?Ht7OTy{)y^XYqxbd}uC6Zo6;we0X
zKM;$KkSf#wgMh|5?%`&B4@fbDr(#Mtjqw+x4xg20kJwR+o@^bM5=GKOwh~nn<JL?w
zzMvGVv_yoibV{{6yr4guAJ*&kYhmxmSJ19P_>7_%0f2%Bc6a9!48i8OV#DRS$~RUB
zx!=#>h;?(5ORaCEd!Q1Sk#27kogy%;3)M&|@p#<z6GKG@P1nXh&b%j<1e5oVl2Hzh
z_6yNanR$MB8gGc`JO+?r()J}pmoqyxd(;Xln-m_Rd{w3?Ral?P7&~0MqVlZM_*zKS
zzSuT~fU5B<F$i-rgyz{=(n2o7u<mx-haX<QB=gweFMdR38c_K(-eXp=)-Bm>vg&aD
z^Kc=-DMdp}NM*m|t9F~yl!BR@UkEGdmvU(ha@&ZG#+zP}uz<Sp`5Qy9rboW!qa5+v
z>|boMls=C8S<It)<Ujxboz}Tk5P$K$|JKnk?i{j4Ur0)h+wOFIZuJ<k+!>nDFV%gV
z`4!dpkgT`_joF+|fs2FEexoh>=dMG2G>O_pyQ?%zJ^^(tO)W<&MSWgjTJO2BkA8B(
zGQVgMNwI8h&Zy2#DJ6o+AZapZ=^$olselTr4y>hE8@}$konj8vSew)3QgyC2z_SjQ
zSP9TS_A`cM#>b?kXz6Cgs7#mB(7n$st1>oo&eFLE!!?}vX%8>K01%nr3mU=Pv*wnX
zRfb2#$71LyC1q5m=jNuyWu)b34`)NeON`Nq$Wr&wRRT!rk;afB6C;_RB_mMp>g-FY
z=t{>WXeY&GKuaa*=njDZntu>EeETN>(_^wSwEFIBk261I(5pGU+^njoW7`~#CFHI|
z0G0;esTtg}fPZg50hUAlqmeib#qfx<EX~OH)Z8cG=AI8bYyMXyD{sxR{8#ajRw(ek
zF7pWaOq`6A<fw(k?u)bVl0Rp=H>=ZM2i`NO+^lamOp$>J<i#h&$H$~5C{3re^PTM#
zx7%E}R|fY?u_db3-Okf6=F@KGv-aQCl{@#}8XD%6!IJTtklN`VzvDdnK275@=UDkv
zs%Qd;#|h-u(z<8aB=p*@F~Ede`al738)GY;@#%*eo*MvrTDZ}hN5-U4B~U3s-aHii
zEYkT3$T!XMe0%hT8@wABdO6U(XMj1pZ#-TA_>@cx1G3ngBITw>f?1z3o?Lm-VtEWr
z*1rURyh&45$vOvsc2OWQZk+=>UbND$FikFy)boNadj}ow+M`T+{(bmX+A1>KV%r$$
zaLlPl!im>T#>AOIh|1P3x{f6yP#aLDVxVcSK?4kr@>%;s>HQlxa&ebVQ94!8$Qvkh
z9%M=O&UX}>5n@3>SoAr57vi`&pci837~CYn>rH}{-EwyxdPyyeOrR<INm%bqAbNpl
z{BN9#pfhPIw}3b6TQ5Ow%h>~0@ZVheK*#zdglub#&fzLR&5GKF#TvL(J*`ZS52(ZP
zXZ;g&AKZ!VuCy(4bYT&Ac-J@h`Ff7>H1{)|xVZ(e!Ebk|98t(qXXP$u&f6*w6X+S%
zV0kR6&u=(PwRAKoTOa!Ul76vXy&J-zy{|Q;meW)%xRS5WETG%CjK|NNsq{yxzIudY
z@}q*h;k2N+XQ{;TI`%Q31bO8eO10O*$9>ap5mYo*^p9Io52Q&aheYq$Ag1OgVYYmD
z|Jm%R6IvPbgZt<F3{w45`3WY%7efSAhigZ%yW>(CG~_QGw@-)n>5M%b9aKibS}wSJ
z-T|s`<XjOEL3=>FR7d8(De-+rbYNv^B#9NRNR$|ERMUYKA##a!fxr#9WCt&($y;E3
zQcNp~$!}hrhaYRp;Hx`&gizs4ui?rn_i@@QRoLrP#$Ax-t~n0f1;0?S*YPH#l3z6%
zgA=Xv%&66@8uzE{k95S5i*!TrWpWytT8!Tz!_qyI>S5ipaHDH~?~jT+`VLC`Jl}-9
z1{Rl&vOQ%3Lskpd8rVuS<=JR=Ltjq@3RK>SXLKkOra_m_K%CeFO;64;Yhm3N#>+26
z?M*OKI*1xhf4vB>niKb5r2^C|O?Pc>i<js3y$5iPqmUVm16gIOOpYx2r6M~t=L#aZ
z483PM*7pXX!Nz}bs4L<j;=J|403w<q`k1y__z@iAo8(6U=)ZMgDLOjS7KG;Q@;pQ1
z?xX7CCH`G>loc#JZ9@nJ&76$HtlZ2pH5kPs^43wpp@ev^H66zA{pc#@2)L_mZ~&5L
z0*pqQ-|kmyOUwu(^6CxB4IHxf9)KcPHs5tvCXmvSf}pW3u1)`N$((df5(>R7beO>0
zPY$~VzB-$mhP88a{8JLEl`@)=*}}PPBt1r2cM@6BUr~XOU53-6L}GNaxv7AZ4BtY+
zTz2q?lYujf)ltpzFhNNP0*7;~?n|%blu1!)zrQx5bB*w$PQnjmhG=O*l?N)94Z&@W
zmPPfoY3E=|<19B4)LUv955A(h6J2yV!BhH;Ezf<O+6k&y?N)b@NRH`sMNUA`gD6mX
z>BKqrsaLf_SkE7$dBAXlZ^qXxBs9J*^;16nUGeAO809kq0Nf&rF-H_-j%1kUxf<T_
z7lAUKOEON$tzHj#r<;gyYxXryB<NL-KYEO)-kZ3v{KZ(O0|nVqeW~y8_jz%vfF9|W
z5EKrr+072+T?&LI9Zf=;6`zelde+b`WS_@HqtQFdc*~H{tK4Cz4;!Z-pGVC>_WQ;b
z4BN~~4o!BkFH7icSa)CjB%^P``mU}ZF-Pv+>!3f)FNP7Sp8)~HtJ`p_Fs#}w6CMNw
zf|C9Q5pptNCL7|HPtY2!sX7r)Qo&c19SMEk?-&^r?G;y^RrE9J?1B}8S}MsQBr=EL
z5K|=Jz8+8Oowh$YW0w762~xlN;HGQ$yjBIeSDD0^mb_Hq#zVJ30%h(XT@Y$dJp}A`
z(TlM4$h3MNIrtaz4{GvCRRI0H<Om4J8s8sC7=P<{+8-#)QU<%H+**yeCHCl|+fSq%
zb(3;<Tl)?Jpf!t7Rt@q`BmHxJn4y+5Y*9_pm>;jXU92UAwryX|HfrlS|6W6=timU+
z;3#40iziO_p@#1B_=c%Q-GxqRODoO!aU^^R4A9?2IMw}$a%@75azaAI{-1X5Br82C
zaiI7)3rWz>soMY9mqLw#y>!T!riNf}WknWJq+o>7tzwG+27q1()<7fZ{{+v}n3N1y
zIQ23G2U$O=x(1<f#UF??75_v;G>hw43i0n8F;Z@FikfnCYD9u|_LJppnlMz&^VcbX
zd1sUBf}od1U%$hf3=9B&AbA}}O9frVz(b^>z(k;>%C!+XJoYtl$Ad1bp#d1e!<3Rk
zlB1*I{Pbt1FZ+{;b66>S=o_9sc7be1Hx$pv0DG})&#l1jSyF#e{4cEhg8;?fau7qU
zt8<j3kv)){klFzPa7{)9Zvy$d8HC(~#N?EW%YSL|PgKHTPLvddg~gP{hed^|04t>)
zl-dL^0NK14Emi+^7>b+{pP&@~gY%ZucW+5)Rb!K_5LWoHOD*fLOo!t@LJ?sPOIb%>
zTdIUzx9X~aT$=Acn_rF`Kfqs^ij_YUWdKMaDPlSS|DBF*|G>TbCm-M4pnkOev)W&b
z-2ZD8?<z>VDxiN)=BV6n8r6GR4@<{Ansu}mYas0@MMvnZ<D@_V9CZ<l+kyU#Xm3a5
z{*Wo%2#pkI-5<84)cV^b0Ms|&ZodKl`@Uqx$Nw~j>0#Bn4s*_E2cg2mQ(%LSP$_s2
zbO3-fHN=yq&&8o=Bqvl40Rn)RUhRgf$JfHJliM&+H3U^P9)f3|7_tQhhP_}<aJ6z0
zIbsV=3P^VK-e<kajnaBR2po&iugff2J?PlEN#$3&tb2(NI$YrTzhqgo16l#)Y>2rF
z|Gm2CC1ob*C4c)Sg1Vz;@a0k85Bek6XS;z1r^<-zny~=@2$Y1|+XSV^n~49H$4vlg
zW`r|cApb^M(0?FT_*-DX_J0Ws1tmhsY4#2&F+wT=DN$-Su{Xm8RWd^IFH!16VHXsF
z{59xg4UE3cCK!g?v4fI5z<Q6Bo8o6)nN3CLq-LXoW`0#k`qN98oU33iR$rrYRc80@
zvzwK)K&9zfO#uMvUvbHb|E-_SjZutD%t+CGa;^sV?(*IO`El9|ts$$bx9Tt=6FG*E
z&&STlOx_6b?e5M*ud@|>uzqth<u#T3K11%Tx|pzRHeo&jsYdY@-pfwUZLNT5<nSP3
zspHHTt)9FQ0Kn~%^=lKVdscMZp9=}ME+QBTXjE<}9SUX`8tG&S7+9A~Dn{{luUWCA
z2uS*_^?Ij-g*uLlsnj_^<#qWk`BKPlR3OY@6e~;yy83(bWGDO8u0r5`)Y!%pm=}T-
zhlQCv+j0c<au`%1bR$jo!$uOvTy<E>ZK_qGfj|1#+C;8NVHu3y?$p?S21W56Yl>aO
z<6v;g`Sw5uJT&diHf7|14MpXC<?mL`bPf~L%|7X7>=b3n{T8%)<=(}9kZ6wC_!$!O
z#tOoJhQz^_zaoy1=tzv!klE=+HQ=>*;JzD-U{DOU_|dEHmg>E}=xWw?Yfmk_tLE?V
zWx0w$>2o=rLqR_b*v@#+9CN-ls~izBiPDv^BnS~_t4QN7TJ<2x9O)w0W<M+7pxmXf
zI6#rW9OIZ=diU6I5h68i1G4rGZ4(nN8P56T&Nwbb+)o$Nve%2}2t`V#h%jk(Jp*YS
z3sdvDXVoh-s(c@po{&(GZ`=a{z_<oBD*Kn%Y+OpBa{3>-PRs7}G+`~Tc6?azQ%iLL
zgW^b`GzS1+o`p|o`5a8@DQhCf=~d_@RfeaOASB1fDODS0=xaXF8o7c8e24oJEjz1<
zIMsyIh=j=#$C<bDcrAKVN`{N;3N`)v2a#owIfQ~jQd+vwI6|lE+!lCAq^liYXCJ3d
ze9@zw&VWu!z)$56?8fVzXqtG|x>=<n;gaL@4|RHFxMX@+T1r~|w40^oI-XHpcl^ZI
z_kQ`<)EqGrQwC5_(R7a!nC^SH&du4^vz)Mq3+k%&HfFkXI&N4M1<kkw^@LG`TE7jI
z@W7B)G;RLZC>5n=U2&vxCS_3*Lj}A*?8}9D+Q`epC+q2DVvo-95Za{+5CCXf9o|lG
z_besVd3sv9S-H{iIk^dHB?>B;vVF&U=txyJsC%bthiEsqdzafg2bEZr@1?aW_G9A`
z3sRL7;^R``^x`xl)ACDmb8d1IGQbh#XA}cNpTX?lkd@=XK6x<(z~KGYLm^bM<in!<
zLNq`X!SvG%ZGhD<3g#As&lP73qb(34g6L;VArBQ8^b;9D1Q00PF!C<NjhBYlW5~2a
zY~;LFJdQ$9=K84ngAc6<t(Lb|v@3A_*Oz+^B<ine-d}-5S)Q_a!9OP)9ZMtY5h0#a
zRt`6g?8nK<Bz;V(zE+n9A_@Il$Yp}vQUc`|b*Q}b)oWs`UBbn$Yem0|Dp4He+pC;5
zF3un_KSDzX(6K6~IA^!bB;S%CNV?&gB?Dv`ntsMysh%ih+@AqE&qWlO%*{WEmV^5-
zXy7$|MhmRby%C>0h+IBLpusDsC(tk77ZSMNfD4%xyEZYp)@6quZ($44tE75XFH&!n
zz4#9b+ZNimrvWlY5=wH)I&Xu7dWACuBc*mnyG$<S)6~D`Bft&K@dZ^X%-8zMX0Mc+
z7G2^CrJC<UStiI+_v&~JV#b(A+w|EQZB<qJOK;q4sUxCL(s=`SZvLR@=6NMN8uUdo
zX4Tc7Xf25>BEjR18?->a1sM_**X!hV&vH>3`wX%XI&P^KAN*Zsh93dM5J4cObqxzo
zz6k*O6D=_*gd0C2P_eu}(owEBU_X*2FxNA;moFG*25hmdTF=02D={<0@+Uk%yybCA
zE4cYH+Zd;!^a1PmjHpFb_Jq3!nHw~W1lm{4DT>&@x?33yUOc?MoLpaHx(2K6$dN~t
zF<VWPM|6j_sje>FhcE_%Ll}iE(=T2I+4YC?dNbzk9Ds@#`DoL3r*FVr*lZ=@RQMho
zZP_Cz3-{VKuQRYjFnW+UaAeA-pr~DW&jSYBt%~N+0}?{vH(K;+*ciqjGmt%!DXSd2
zN%{+h6GHG$iZh)Ek^QL1&QxUtYDWRKcYK+VkFFYHMd7*$5wnCbPR<pk``Wx5n3Fe6
zQowa*??hY)c?@31uubhfK@KuZJbKx|ax~vHH&-#pUcr&8(?iY}Hl_5dd;J)=Fpk$3
zbra=BD+=w9cq(}j(oYr;c2ik|&VmF^ugON57UN?S+4?0yUv;Mlr|EOma0)EM8mw1q
zh62FCK&#6I64^7yWSwD?ZTl1J%Na;LPrd>(y(8Zv^_&#4ua>rBB+vX<a?5LkQp>V}
zW?Gu)njD7hV|i*IkY3c>D0qgK#nsKLM}zHePB#@67auAQ$kC~&AHZLvcskqh-Lqum
z$7DZ4iH;-ckOu^TWT$FnLI*){oVe{xuIr{+@t?ao>}3=mG1-Nv;ME<m>Dk!_I;fn=
zjV`FI$U+rUqO}8NR+wIEh+NgMfw8@9z+lvsu>r%JUNMu-D5^DZd>Bv&u^BZ>G*s~&
zP;ewLe)$X_)IxB=nSCom4I_e@eYVB2Q0j)A!h5f}+yxOtZ82#E=61O0C9km#H{Sq&
ze7;~qm@Inb<&1p{dd{k#l`cOYT6GvXCAaH#Pc*vWrUf{%tWWVKyPhnMJU}V=H;iDL
zC1+xP+a+er0uYMc22ah>iz{$!lY?egm;MgwiyXKyMREe)Azw{2_wc>wfRUMv(_?`#
zo53~tiMIMG&CHRnZ*GEuyv>pIw#=AW>+*+xCZ<w##`y$aJhP~;U*&xjYCZF(ha||^
z%`+ejUj9O<-w1U3jO?k;zX=HiNR`jx#l_`^^JX^MTkrAvhuv&olDA6%-XC%>cY9n$
zFO};^I4of{6SE7^Y>*K7P?I4I2i7Xr)k;9^CDCSV^Xl;~P!ld9FyIq<rFn;cB~&k9
zz`i8#%*A%_^4sED-{9@@wY56_B2con+88fGyd|_|iM-}Y9aIclNNIwln#qpw+JI``
z#^KX{%dCH7w5jdm@XFh9+uy^X{!!8G*9+(o67v4bl6u&Ja6W#=9`PG5^3s(%3uHnB
znejGqpIcU0C=!dQW`#M{$O}W<SWju%@rL)0g!djeR84MH<_lFT`$7uRs5#8OGU2jm
z?a&1j?B0cM`ydHLe)g2ieJwd(K+&XRF(oT>bhWDm9$3C=NPeT1)rzq9sqBzK`I5po
zn|l+jO(lRU;gjs7dBii-ElbmiT7Q=a^%O?zs|oZh70oFip|WQdWqZ*QwY$W0eIS%!
zL(A<^_RCBwt+rpp1(%+7VRAT9GOs<e_bz@f;X?q={K_cUy}b7&Cw0K;@Rxj|bTx77
zgP2Aiga^dfi65I+O#MLWWh2<=PM2hiRAv_bqMbM*5=A%C=j;;OYuW#MJJBP;Zzb=X
zf~_6Qm4fBGlClWKl_`c6t9~A?sgBK#pWe9{H;825@%rppB8GBw(L>@Fwu5zvp%YJ;
z(p=VcO!k??w9oWrnV?g%HbkwuFy&dkV!7d2K7)>Kir+L88;XDw`jHd(u`Jj@VF7*@
z-2qm0=G-r0Jt9(Oq*Dx^?`1F3^P#se9VAUC1sGzo6#UE_++vG1axEty_!uc^Fp0sp
z+c9y)1J0-i{1G-S&wS>QD@B;Nw{cXI_}_vcm)<%XdPz>a4L2SSh}(@i4&pm#eb2xF
zr1YQbK3BIgQGe}Lc?Xk*$R_y-{v3u?vqa1?<c@!O4T(N+mV3MqX_m=SrOb<;xXwF}
zQk$&4?dv|QfpdzG#IqKx^>^QjG=?kXDlvXyVO)nb$%D&qTu{kDH%Bjj3HiZdDl=4z
zlKXMz3@}YdH&=rHZ`aeGF$Bk|gKzO`{lS~nIA%JL+__h+(Rt2B2tu;N^D`*{DR(YO
z)@z01fl+~gTxH+*p;ngniiSMtNVo)Nsb_L4Ck)hi#5dcF7ik#RxsTQ0FV>bFjDEDz
z3JR8zmbwzAhO&&}rMi~7O#P4Qo0Yba89u8KYi1BXO(<`6U7bRy<RoY$q$O!WFt~|Z
zccU!VCOs#mJX{u-7xtS-*|CKdiVl-a&<>6cfTF=#XDL_Qo7e6(Cr`=EZkCcR-|A1j
z_d$_?2?SKt#|bPr4lM9;H+_or+*)JiDIas){F0y*Qqof)9gR#?EEO07>!zKEvq>(&
zJEqpC_(^kH+ZycaSVc5seH{&DEg1v%F62^WJ7m&adav)T(#NDX`Pg|4ztK@sOvr$6
zTAXCwMz6e#tff0gEOxEkl{>CA$A*5BjJT1KQj8RgfXh5@ce&k?2%a6(SaP*=lk50C
z@(aG~drKY#Gd*sh`L7$c*K~Bcjb*1&{`&~eqf7j=CEY+usu6lg>Cm7>llMCG?vHbq
z%W2*YPW}GE>5D>c900AKv-#Z=?pZ2|g0|}nFdeU`Adbr{;vE8Cb)$4OQ6L;;@DUi0
z&Pj<P=|pX6J$xvtYgh1K)aUIvnDb}1MkT8yA){kK+Sw7;T(WcM^-G3Je=?HNZ}yC-
zHUamFIQb6@QUIB`=X>mnJpRI0jLstO@zzw>bWdn=dKqA5?|_668@w<Gb1ozqlU|X_
zXP}{~1v47)c`QFn6MvPNJl~K?oRgz+q1<Y-bu}k?lBstFAT*%7a?(How+6WaUJNm4
zq2fZ=2Fqc_Hrj;`An@2PJ#8hQ4P({tpIHdI8CW@ICr`)OJynzCNJvpJ-s4uflVIr5
zh3I;W-C#S1Pxl}xB6az3L5Z(H%D!jf2Oe?>5~-Lc&WR9q>outeF)HN$<zWO|@sxek
zD))mMBFz8^|A4WXy)|bPeNB@sKNQ?PaQbWweHG3ef%ir~pIpGtse-H?9>NN1q7=Gs
zM%$FTr9HZucIZ3D9RG})UVyts(2t*)d0+KbGjT_2t+vR|D)wx<VLn}TvKJ~q00U&Z
zU5;_u0NT(efG%EAUpJo)ajeYmC9rDk0t=MS8w|H&@(MN)Whrx6FG4uyI}K;i5D%i8
z^c)<e8_9`HV`=ijHyvooy{MO=tVr6VvK7k4aH20$@wkFX1*P1MwIvLi{-~2E44N$S
zUd}&(7xV+Ck$!PI`iBy_7n}=eW%T~^Lj`&ax(Sq2qs;`nWoF9J3+hdn^9SEExdUw+
z5c6(>{v11_d!c{`QA8ho2Zb@d%ODBHE0>!hibRI5MjT_K;GnwXhyCKUKo(qcqCYb4
z_y+ADpvM6ir}-lwJa8Po8iF$I<0dTtPo=i^qXM#V0yS#HVVOnCTy9AtRx};*eD!^Y
zhHfKXb_ep#=^&~#uaNnhX-ecm#sp<Y-ik^n)2x>>5!ui4?7$y{VRoq<fTRRG`Zc)j
zS+JvDn#vde0H#4bc<y$$VF9Q`MFd7^6o3&)5rhJ&etmFvrK%KQM{+M2d&jM5FU*5#
zF^T<pAeFJ%uPbDXzCyNIs*s%gVooRms-pI_-fL+6dK)NQle=;mUbX>I4*drb<?GGD
zuT^~hbB!!ZTr#dv-rn1Oase|F>)|t!)N%V4&Km4}jjwasmE2PPumFhCEx9*#I@NLc
zB5Ul+rD{JEd+SeU_{Ru~uw*6W=J)~{6V97KA4n%f3}oe-)`GTh;NH!|erSVcQ|4ae
zv(*u^-(3;H<Q!yDYc^R58{`Fz)pe{L;1tx4A&$Aq8G(7bFTbG3kqw{^af%Dt8TUd%
znYr}rV|VHu_Otk<`mA#fu-hAXe0z?W@dvB(Fp@zEzB}Or&WbU1Lz+GKaJzEckVaY1
z6Q*wWZn6vKML|jMQ9-F|<28NTeAIPoNYF~A0Bi-eF7o9x8eg=coki)!pTE=gM$*7r
zvT}QIkcwqwcqMxa^HQ)VJ%4+D2NoF425fBj43(2r-|g1e5Z*WZ274`1U29D4pqGPO
z)l*!p{9Vrz?u;<NQd1_85X0xiN2}O>`fYJ5Mr5-JG!xW-+&o=eY_u1|97o@ObM*c-
zHWsy6d%KDyw`KY$o}Ta$lVo(`v!sFEGEVj-k=WC~TV6)^o9QVPRrY4hSgoM4gOum;
z1r<#v+uchR-?VCIM$TG_T1+$h%B**cA7iH5LPw2hWjT4|X1k~n^a73QDovYZI@>SU
zH%U}GguIW-o+fBu`vSE{y7=u6^DYnf#FEF=Bv&tDZ|#KcxmC@n_@qiU_=~x+rDz7W
zpRpC^kg+IkJ_NWt;aXIUdqnEZ#8&2JUSG1ITnyh?e#{l%*mbg@z7L#hvPa=U9=DXo
z7^vQ8-pdT1l<(LG6-q9EqJ%wY7$(aYNNw-WV@Ip~SVep{$4$mbvh4^0fP(=FAhTa)
zW5|s+E3P+}he0egm%sM}C>1`w86={68ow{kW|fsSUQ~&^M(L^JYM4+c4bY^Vy6pvJ
z*rzQSYR;Xm&)qVyf)n*I^K`x0J$SxZ7zsTXysbAQmzyeaJE8X!@tZrpBpdebk3QFA
zBLwf;8{+ioJkr05CvIP)gO4I-+=o`4aMM0+JiHmr$g)XOrEz}5!|shq8a^8~OChK^
zQU?XwDMFJ}Mh4`WcQnC1d3Cp90R0}wVP)GE3whu(5rU-)uE{#8J^29MjJ10L9t@i<
z`UW#&#c_=&;M!@K9`#0nk8VArNLsk##wS2G<M17|!3?3?@-8<ahXB5H$bLZD9?8b5
zjO*Ziu?^{I6AddpsT6Tf9D_LK=LRO@h1kHgaZZmcINLXTQS=f!2>VnVCeMvig74)U
zDpm46@pbfA(W4SbIm!c+Hsw8zT-iv}v|dg)!wmXW60F#-oU3uQ{+5k9Q~o^jwlny_
zHlkF!*l)rG!V^};8A>?BH*H5>nBv3J%X;B%5r=v@;+sZ~EhI-GBk*{=?fDme4RYPT
z+4tPfU=1XBcAAnSipbA3Q@b)#S(;GIw@?UBM6CTp8mt*1wuU<H_};1_pi=dHPC&v_
z&UQ3V-BzO3RHxh0nb6FKr%n1xsv}E@Ye}2!p_MjFQ3vee%mVfI(sM0&MZtk%Mg|Br
z1&(1}Sy~Y)w_uC{YL5lASkseddv`vJoX60k&J}&w>2wq+be@7rN3s}V*U5lLR^zqt
zSrHX7QNQTJ9RcI-3#Kb|k7b6r@Nvj6vyUTWv3J_AfCxbmk&6~s%b^yQgQ)$@38erf
z96#N4YvcL)XIEF)P;d3;e-bv&9xSI|&CQoe<&276&x<j>P#82gw<Zi%b72AE<Qpiv
zO{Vx{O|6Isz2592Q%l?rl!VAc*Iq?If##lT#!>iVqS;s{hbK<%$s+Y)#2VBZpg7y;
zU}su@)rjfc#GR+@EFabWl2~{W{1{b9JTL0fO9FHinV~f;jGt5kV+W6b1#{Im#a>gs
zi&>RWU(&wlmQnAe{l2pOO9I(~ziL{h<&tmbWzF17hQzTTOSSwkkA~W+pJYN&oTq?U
z;MbPbxxPWwp;3|ms7sjPhOjUN|6yD_U3GlUI^}Ck@2-r(k24WKGd=I5Caa&a<4Dj?
z#vYTCx(~I4G(CCAVxXm~$9>PrC#vUQx=PaEZok&*QvsB)Nid%gU&f;aO|HlM`AeIu
zIAR$QczIhno_F@&R**R4iuW1;pw_a-(>pdK47$2Aa-m}{`{Tb`fIOoDqFtq5@LGf`
z=r8f}iHsGj@zOtET`#o1FAdlYg&N>~(BZ>>N$h9NZJbVx`2gOe9CN6F_`L^rH6kai
zKrte&^5^E`zpk(Ms3d7=CTJw1=_MxsBa(`!z7tE7J2_BNyC0gQ7?T|us}}7t0n-$Q
z(j-AH6%2y{xVzGR6odbBtu8?;H8DazEHgp<$9_MW_uKw^Vzp?@kM?4IYqzVKl@^8p
zg#5ZZ3jQLNRuX1@_`<6VN-N0z#b-%&G|_R+mkXz<?xl}n0o0U2w7`kox+kk!MFX7<
z)jpG|4K+<)dj7ORZ~%^9O!wWPe@qa6o>q8OgW2sT`#J%@i?xgvotWQ=>gt5nGB0i@
z6b~hFt_g9o^%^qIwd##>-1|_)a{IJ7p7{;G!A0W4!g2A~I#7-5Y4X9z*s>pWhLzWG
za`7>IcHoC=iWU||wcH}-=nL^2%8LEiCPOgsmr-GH=|!bM&(7dja2FN*kDIW5LT_XA
z;&>mjhcDQH^tq`FUsg#jkft^B$Rfn2Y0W|O;=UrF^SrY-jYj;!L`c-;Af@2&=nz-B
zB1k$Pc229;m&V~{OK(GHMuF0;%Lf68yL3wj^AT}G$g41-YmoEK8&H_f0ec|zOwvS2
zFrDr?Dg;oI%8OzHX8&=L#4(e@b&j+o)B(E>JaC4mpI>1JA{UBq16ClyLb?mI?Epc3
zYU&(l6qGZp6!yI9eB4Z%(C9Rw`5lC$05{JuORdmN7aynF)+V8wq;SSV)D8`$bgq8v
z$V{=HwL*pT(Lk(pP)2d8Jzp&%MR?0D55bb#lcFk;=u)`m*8yGZ+(n41)jTbNvhQfS
zT12k(XgA@RMkJeIDA<-G%%p?z>=?q(q4arqzTIf9<5#;!XZ9P6UBzy@{^DnVZq{rU
z2)Ydw;C@R5&4*SIr1J~VpATI~%QL^!JQa}b^!-b;oGtv`pV1diNlS6CUJpb^-U7C0
zWL|R(bGYA`S@A0U7W=w%bQE-_=D4WyDZ@(#Iva0q!e$egV(*w3bB9#&2!v=0sBaO;
z2-9_Sbf)=K!H_75>Wb|tht2fHt}tNH%v*7|^UtqZW^Rc5OWR(WkXS`}#ltgGvXfVA
zBdY0t9ENIqD70I>aBEg1r<iCYM-wT5FP65T{EVPf$iP!7?porKV^Xn%mcM&I{UwNz
z_;3cZdmc19?@@K50A4x>vLR&K;6uZ3^4f1N6jtd8R|*<;3(`>W)$=sB2_MJTaRbw1
zT3v1?0_3h^K?9$~++e#PSh2zw;n%Z2#RFh@d;C*T{B-2~RSG<F*qFrG&oRY^?_jT*
zi04|Zu*Dei%Op&~U+Qj8x!S76TCt#9)whE&-xAJwZP74<x%L@2gzn9sgG>$?{Q{ip
zJP2fDhjO4(a)*F_1|dshkPpdaCQja*1~wsVNqUHI*G^5n7c(4LR4oaPaO#os1H7_m
zb!-JBZ<aLP0x_;q@qIZ@EZ3onPi;c=FJBlOU@cuC)4{p*WnD%@U*MW?p2ch@hzNDj
z?7+153*qF{Sk|Cxxu;6-B-1V}-jrttWe{R5$!vq$2R5tU%*8#^{spdoeYP~{Zxgjv
zb>yIwT1Ph}@^I%>J8zVo+TQM#e1Q+)$=@6A&0q68d@aeg(EUnuAKZ2S>Gav3PQNCG
z(0QZ=lNI>0@7uH%VGjk&5M&mYgaM^s1WBISzT~R=h>2UO;(Y!`r=6)pcwI8yY2^9A
zcxE*_zT4<>TxoG_vHVO67qxaL!`Pw~)dq9^5z7K&h9@QkOB(}pft03&_a=rFWf{0k
z^inXLi;lUY)j4IA_O!93r1~CVN3Piv$irxI9Her)xUN=-B*2u*y1CBY&Xj5>22&VW
zT!s9g<WaB+;jsWZicdN6Y@=o$1+f5HUR80c6Jx;&)RX5UtNeiwNpl`|Oop;f#IME1
z95BARqvWcrt(?TVMH>WOggq#K4_aT_yR3i*2sQ|iyteO%qbUctU$(5DAAe+ir{uD1
z(Bsf^NK$x}X1V0>R|p1wniEs&4FnQvHcn|2P9YxJ#=3?c<qZ+410RVeaFXa{V6N6o
z68D1Vt;Rkgj<Pq9k#~w@Shks@=7wRey=T=`C=y)N!Ig%z=SY4u@h9bwI5`SH8wKlB
zQvmhK-0MEhZVYR1;<~iKRj!63z>ca`CJ{}B8iwUPrma*KDC-G<;v{brn_0G@i)BN^
zDLiw-=g(c&*<6>sZBCtAx!3u%c8^c42a3*kiJ2zPoab7h@BL;8yen!Vsq<umTzWOW
zXO4i7?dY1d4A}V0Y>fWn)ILRWDR@kRQTJ#>Y;w5&Nw?S-T8HBSp>+T<3~f^-OndIV
z#o~xyn>WHb-ZsN-XI`k0O_713NneL;9Rz2!eTn^&&p&(o%cQc7=Eyh9Ch36j73G}e
zj1w-EUqX)TlC7D#TRt6=CG}$~6Dq$>4<9_aUNXLw0xMoyZB?T3gLnpVNkiLZP{4|)
z&7JfRv6HtwXbIdW0(p1lNwhccaK16vWm_ZSL4$jrI35}EeARQUiU6-tp3VQkvYLTq
ztp1gS=PQ6g&>T%qV<pTls$8xmi3@k?lnZ#1hp&%F2L)5>k9kkLNZpHRRA&SEG1kRw
z;{><pg+H=Gav!bv34l%GOQ+j+a5|RrgQ#IooN7788?HnabnJC#;S-(<k3?AXt_Rxl
zW~hFcGF^1eY^f}$Pn2Sib{B70!}t9_mE+9SR4g{C8$L%ehVsWGeWj=2JA@FEE-<Ve
z?K+~NM)@hfGf{#*ci{jc113HG3tu2r^xJtPw@yB2<Z{1+mvg)*UV+V=P1?L0Mlp^V
zmeHGtLF7f{F^l=e5~Bce<4997>NHDm|H@9GRzWkDV5w#Acm{-{<94OhnRqG^oQ}k^
z4z|a4!x{q-)=kuPjT(6_Urtpu)iElu(fAlt>G>bO<ZJFz>gyo^S@BW4XmY>s&nMcH
zjQLI;O=cFAdaU_wDwq#vJ7JBTrCz6QyviB9tlHoo#lz?)P>~2VK$zi{vu!}mot$$z
zL9yNxhtZqrF8D8@94j;|XROUb(jYwrOYPx}6OYm^%i;y_rnTb-Tv&DpQam-1lrOE;
zp=-Lzb}L2&liCi>QqXMl?5)h#nQ*cPG-+6rqSPs0Be5E^_yXpT+b4C+-@2xIKjCVj
z7bfF`0jH@0h9+hqWqk2*(-CQeiM@J~K;l0sHyGus$H@$6j|7EdjFYk@hU&W;_+FRX
zhPO|tBQF8vyE`xfE+=ekjVi^kI(iT|GA1aV3AJ+)omp~^;at$s=hEK?Q5kR2%C@<H
zio@+S&cZUr&ORl=rB-C=zEnaCWB}IjQ6g4Jm2JdEKkjCpmBcZ7bL2P18amPR>u7%^
zks1Wn<qZfE<|EVDa>9YvB86Nfr6a~!)4^m_NcY=uwm|p+Fqqw(!@>+=s3X@>+R?TF
zSGDUAiyDuG+guW|Wf@dKBy&q(kSmkR{P4`N2;b$wEr}n7QM0=--N}ZS%-q}Ik)9=2
zrF}RUL`!Is#AVqg9P0PA-hiQ*8r?-5N)K|1=zIiz&6Q%OHhI<~yU8HCvm0vx=Y9w;
zvyk^OY#_>QnJoRU{yS7F_nsC{%Y8h}Z(l0kYkXd6*V%Za>j)v-e{e*e=Ulv}2N!FN
z$|n9WGXzUj-M(a}p9{95x+DCNr9Fd#oQY7J6x-$o4-}cGC1Ay$-f^l|uW1+4T!*S4
z!LN#cxZ82ij%<akB7t%YCyQlZCg`1|3|H(K>Nvytlf}f4DV?$-wV6`Ub=R2+qcieN
zgc#-+eciHv`2i7qaeK1M=YuP^bEx*|<~?*}WLtWl?qdAHFNdRs-6?}$5-ehc!D=Xh
zvM!VmkNJjWlw`cArz~)-&RSveE2TQ6A~c&$dJ%dZ&Nr0Y;I46XN;%0^iUaN<ou%4u
zet_RQWDV+F+_QpJKBq4(gpMOM>qKEX+DKjC7J)VG%^g6|St&UnnM&d=#X`K)IxCd-
z%WTpE<rx1(bVxEcSJMY!_(gC=*NgzSrYDqWDTkxn!}0kN>U?a^eMN6?q=fM7EsqNe
zeH?sm2<4yb#gz4XIR!?NUX#ipB+`6}{hsY1Q(8_c2Hh~y!9@r|ol}%CIM5#7G~&K?
zw=+a;IdLdTBprzlv6yKRZb$}~A~3!7g>)6C6Hx~a0|;&t9@r6Rg53lw0$v89uX}ID
z57`u1N)47?p;j~x+Ezj#w4tTiH~=?j4J|cDVfB?)7#mfy!~5=b5uM;Okkr!>)E+qM
z$It?C4NUV6@98uasqe59bs77Dh8<=&EW)n0>WiwI3zJT*SG3EaAV<~9$s;73BhJ<b
z*eFqfEe6DGkZ(!xirr^)^~V8K%T(BZOys#LvQ2o*o)%@-MPpe?TtUb*e)DsM5<{b9
zkm9DN4Bk@B$7Ly>4rEgk<rAa~=%~6b;GNZftS~{M(<JC96~A2zq^d1PVsEGyL<8sJ
zWj|rDBMfoHdkd;Z>z14msl3UZA7T%qz@)ji-;EkFpQ!;TBG=t1*M==sDy$;JjB&+o
z;ZOf4DF<H5sb4$+zd+o`De5em@M^O)s3v@W#fDg0e{(kjn;%S?f6iSBdtKS*g*y>w
z$GjcnEcf9lg5h1&>_jIOUB#<$CIx`MCYV`4XdC~SIt3heVv~REoHxj36FkBi0l<u8
z-3ai#;5rST?6JNnbO=C91=?uT;2>%Y;mIw4*h66eHKbD%8Y~Pn0a0v6-Ph=Q6+I&o
ziwyPU$nRI&fhyEGJV0w5Z$g5wi?atjRTVG`$CsLY$Z5Eh_oHpd3Teb##kzoaFL10;
zu^vVH=^1+s-gBKbgx4A1r{G?|yH`ug?p(58O$QO1mesAY2VKC=$8z(r`07HfALa?C
z3+_L}^_5FCFau&$J?tC%6!cS-O^54;II)q-qj7fTP^&5&b8uq^z_X<QtgVOEYI}RE
zda9}5HAEff+MWp}no5cDMuP1@AFPiUJSFja@jPl#{`NvW4CQgXHC<;mIWAH?9H?V^
z*QuU{sU&*uagl9Jf=!aV(W=@(*5l@FuQBX}vMBWFqF~8LAA<Hf(9v5Gbs_fu;(f`8
z&&XCvf>!d6cjb;d?tB{`>W0svbxlgCkCq-&%;_kYf==n^WN9hEC~s^}tvGZx_h$_`
zOeU7_$FgZQk0FFnNlD4fQc+0BN`9c59TpyvmZ15&h-eP1v*-E{maA!;PbPb{GOE%0
zZ2&9)I*MEBN_ab1I$9{0N|<;H@=eDl6X>KqRzz^`xa3JIUQOawoyHEG>Y&L5oQ+OR
zO4EX!QjJQFk5mM-@KKE&JMMH}eZRe3!>_D5^K{%P&?ZwB)-;ucoUR597Y%PMB~X?1
z_4G8=<r2?alICwcJwIZ(=t!?UlYFd@U0G%Km$ymxu;45m$wL5sHG-|bpW>zsj}qgV
zOUXIoYTh&6^v9G>ZcT43y(UctE!7WpBQZ5KXU5ZYW!~`hk;rj;WBVXZ&4U_?M1n@R
z04U#lA7XO&=#H%|XCLBkIoe}jzjPZ=0ANUK>2HB`&ytB2gbNTr5q`|d4*|`<fa{U%
z^vC-uo!3JG?00h%=;-xD)ixvd;k{`fTf7{JOrFfia@j<M<Wy|XYxjnkLFzITm+d*I
z7kp7vVRtco>q*lHrLow9DeSDYQ35-8=3rBo34GlUrpxKj#ADcyiqKfL)tCpL7rYrv
z>RuYxgA1R(#~5u*B7yb$lY`TEd%ls&`<PN-Z}32WoAE^UAUff>IA;^NdscM3pj`j&
z_s!l>Q^@9J1i&880m7ikMMz0x6Bk;_%UNO)oJ~G*j4KBagnp)QO#RByL%R}30Fy%i
z<p~bs>r()O_kZ)}iK1Q6{;JEu{w0hS+<ZBXDgv}45uOIEFg=3-Bw`2b6zx2Rj4^jp
zUj&;uh!2+>2g_+QKZ4yD8HLNN<wsgbnWlBW7b`RzvnBLFXB##1yP%aoC1?4}cp?*V
z6U#;qgrz-(R`T5kVI5tMDezRMb4AM#Z?I0)WDWcsT7~&)5et|wB_tzP(H;7&;V#J?
zk%CK~t45B}sLJNUf)Z_~)Xax2mz|sJ$t?a`UWj(h3rahx*Q;V>ZW+|FY*)6HT;Ob$
z2PuzF0{Q&VII)jHz!qM0vpp-FlGW78l()E;zKS;>l=22w1EzbHPb{zPZ;83(?xJGW
zagra;5<8z64<p$i&&UamG6og%dKF<Yt`<QPChU4`aqk4@l_NL?#F-Lfl2!tdw#Msg
zQ8WPxIr5<H2csf;owi>DHMiA}^>KvGEL))&mFwz!ky7L*^FLCEVzB6B<=;KBY^EB*
z+{@Te<T10ZkTQ}dvR_Ap6Fo0qDmSQpXT+``N0xXw<>kS-_HREDcWa0^qSqF}G&H2`
zpH!fGdK12A1cg5lyFaJiv-8ct>(Gz{t_q6z;S$o@UO1z)tOS~q3Nz7|OVVfvWFt{k
zGcx1%)czPRklSW=UmN$<AmX0Ys3a3R$AHlJs20_P9%oNP(hw?cuaCHTAhcjTSnGK1
zV7Tudb>09)^N~IBW#s~pP?acEJ%@ejGCFtZ3Xkv}kq}u#TH^-{@I4~Z4`MNn#^WK_
zV{t8J0b3g&BV4rd1uVY2T0B9|I6{tc<EH(=5lawJzJjUof*12!0DlYy`?)U>`Y&l(
z#m$@YKa1JK>LSp3<D8u9x&UR$F4K(5oXj$v#8osbdGZUs)*c_XyU3!UWFmDgFOWVK
z-azAxuD!m>ctk21Ngqs9h|Nc0)ut~noTzH1MnJ!VO0hRlqJh8G2fqLOs?yuv;l1su
z9)*e({S&vpAb{!{b9G(@h+Y89GiL7=GQvmW_zjX(`ytFbbqbuG0_}J*d2H%nVLt59
zZf;T$4~O=o7gUD4)py`BM!@!STs?)L0#bH8?EwMC642(WiA=8?9PMN(&}(e^!vuk9
zV2#}BmiVPTPB+uhjD4O53+bK<C0^4$W&u1L^2#ZeAEJPn$`G)gQAh4?XEGP$G4Fl7
zDVqWAL$+P_ZwTAq(gwYicNuNF1jxGG9@j4~q;FY<%;{e<J#RU}S-OZIEi#fsc_&Yw
z{i}a{*&VFV@_w*&pBzrHBDFnoI9T30MW=B4deQ*@`xGXltuP~u@S`6TkOnaRHn5Io
z5ZW=;_a@(p`C6C}iEF2q<%!vN5d0C~O-x^AF*OV?^0Vc8Q~M@vY+vRji|sOrCS2Y~
zqr^S~4Y((3oDwN!I^})FI2oG(vC1rJa(S6;EE_wY@84gDqoC766|Pv*Kx}jxxXj<w
z>8tL;?zxcCN3Ub`ZhzS%^xX(5^2l3>63I}ARAy!Y50=VGbST7fcDTOXT`sMadwBq<
zps1<V{eG}J&Ir{ffFQQRSMt=WxC{)z<_WBYsFAp0tY2S0E{){qh1^)<bJYn<2a=hz
z4MckTJw}BrIDWEF9gNDWhXS_*m9K`-p?I1FT)T+m!p&AWD%(sb8taRr;u=FUFxn(0
z{px~hsjwnuGa{kXht~#?8FcO9xQ%lP(&`kK_sp%GC(oX5*^D*fIo<?ze1w=(GlhFr
zWxSx(AEW6jDtuc!n&fCzr%g?Nl~t_K_KzDw`yzrh8R+-x`Zeo<pKV%1ex9>l89V6+
z^+*W<lw<{v<RcN{o&<x-$V)&EhMnAm_k4ZN0_PhWFmj6l7C~m{-=%ahGJr+*kDu#%
zK*$M))jzV1Hw)3K`R!?tipSw*)8!v9zTZx|NntcCeLDn^nq-z~69pzq;YtO+#G!Pc
zqEZW1-?H2~Hrm>y1PLqG5&^=U@NFS5$)ntZ584pj*pFLW7%yrW=_kloJhPCQd05iP
zst!l53Ak0}Nfq;cwF`|~0IA?Rbktt2enXmgC3bKEUNCoL;4&CMc9Zf@X)~M<zzWVZ
zc~98gK^tF}I5c)8?G1I%jY0Mr$T9E9|2oj5Yv~2KGnH+LaebOb<I3qznw(Q+`oWJs
zS9)a;dw6bA@50G47og|&wu#mO>7Ioe-TC`Po1jO&!BQQCmHOVvA2E3jVWOGJO;RIk
zd$uL7&$d0ud6@_mLgMF?A*$^D3EmPlW>lg6MPjnBDH`$a#kFT(+J++EaG~jC&8a<9
zK{JtBa5@@Op6u_es^-1~%Gv6|?p$mr98XyK&SJm+q~SRbz9R>zoqq>xvt-j~#QPlZ
z<7#CG7!X8Wy$8jY1QOxHL;%A=fDl515QO6CH|_a2H_baCN4M&mVyG!QbJBh4xz`bI
zh(JsrOkDDp-4Trwl0o>tNSb^N_rYL4W;Bi>R9s`>?s)HHuvbJ^WXrV_-(oZEJ<s!>
z>wJeC5}$RUmt9ZV8k}&Ff$yJjqzO*o7P;ZDzG7)3wcNOpA4-diZcvX{K%0LXdcReQ
zgzv}J4uEfspe{JbQkYJ6cGRTGh$z-z=Rj<3lmXPX=pJW|Y|45Wp44-xa(wIueZ$JZ
zo<DdGE^=+yhRfZcbb7I*c=kl&Tk>b1rkE9xKvV?n(l#wp!&2vYvd<TEvRd@}s(M;<
zN<9u&6X0MijJ3OaKBan3cpnVHF0U~x5`2svT3Bw7|1ZZrCg#e=Ck$HL$jTZy9tvKj
ze#)Y?TMdy#K+DAg0nF{gir28ZXPG3-#C%RFqFb-11(m9xrIv%(5$c-)cc|BZ*+2Gv
zv`<Rc4n_AZF}niM$QMa6Vd~|!E@?gC5Sc*0a3S3F@oC2@cvh&OBi&P3fJuXpCIZus
zWF#XMfEh&XeDPYg23%?6qoFE5l_8!)0L`v!AHPBs9tY>}NGs|Is>oAR*;(>6gc(V4
z76_5^jwXcn5;(%bQIg{<n0ewK-$6YvsBawHLYrtaT-a#td%nBi#lKr`ta{Ocs==lZ
zTWP!r-@!AlBb8aD%S1Ta4tde8>w9kO3mqb#W-ss2a({cu0Eiy<k~9vaBk>w8L_jId
z>xXLaeonP4?L&4>LZ66WmI%LiboQr>s%_QleBy2=KIrH9v4C{;U>K#eP2Dk_Wl&MC
z4MFkfUVoi&ucTgR1{{T`t|>(%<9|UrfClGJ97}3x6b$`9KVX|Kpj6Aq`@@>u;MJ=;
zv^AusPBSZcIvt&qlybcf7hS6EdS!Vl^80nO>uwchefelRoU86)#rUCk8itre)5?Ud
zW6|J2OT(UN`@5g&j%GlCr{U#dAo?02D%gUS8&8wnbKIy2n(X<oWE-BajLG!raWN5K
z!!)=1lj0?sOvHu3EizmU8gZkVdzOu|j2$xLADhu9MFc1+1ay@gK`cn3)2bFy+e!CT
zX7#F_54*86fY)2;*KH>$vr4D9-5!?{*!aCJ)}YFLU%xa93n;K|Uwsk57r;b7zzP)-
zI=6;aE|wNB3-aZ-tXQZYL0o5p7_>ixHfLl}MKXmLwI&Snx<l}UCTk+)@{{bTWGah>
zq56i(|I7|NF@e`Wm2Dq!$wDM>$6<Ta%g$yANh)L_Q`t20El3}dOc~YygeZ~FfZSQ+
z3RksERasRlRb*-##|n{k<W4&2vU|+NyKEE$(oW<$O7d9fH0g<OI4Y6S^B%f)k)b+(
z=!=@V2D!uviIE)@w#?VZnvOTF@_750lJe)lqs)oa=jMs?p#?`@UuGZ3?(oUnP^qi^
zo3oM+*|1$1G!A(xt}`LVmQ=EJ>dFyS{OPZ(6$=Kz<Mi-rxwy`89nIwA<kIN|1Rv4I
zx_Xti$ih{`2~)2HE0kt3k%yeH=$v9O{AHdOV7P^NO5xn|O?zc09~rRehGUVNZC(*-
zy+Be{N<q}P5^Us!jYyn^XWyWLgz@fpeNJnop||s#nuIQArnd8okBi<83GLw=p-*dy
z;tIwb3J6qZI9V2Q(y!u=xhkm;Q7||8K~fA^Ruk1?lZFOJXrbbd<ajFO%GHs|0vnlT
zAMj$Nu(53C*drcTQ(u>_J0Onoc1YX3ows>z+&kZDG_-Z-E>z184tBj9UnaIMbTrxF
z;)%C{*W=>QL$fciBc^L)y&lA(wDHLpdBBs1N-2yjAb~73*H8d6q$_bc=`8p@UIyTt
z<ZhIRc9O(_v5Hw>b|s#zkC}Psg)V|14Kq{h4BC0MG1a+IuVxVYtOjJ`lQ;3ScaB7F
zhtRan9s*5_&aFqat=5E7QIk5@`5@3KxLGp$AVq<0H3WaIr4){nWyffZZd;hQ%lzVc
zhHiS@E2#%{&w~E_Ja|#+U*ESJrKgpkU6i7fq)`(eIZ~7tm!nmXr~mUD+``oFb1(8o
zKv3uhN5lik-*$f=-2>Qc!1>w@=AK16QVS=*fbex^LusAJz??Tq0j7k`QhwqdMd7k)
z;K|Rg)eZFPp$&%$3Eb^z7v8WaYP>L=hIc;-h(-g>O{Aca8GC8`Zb@e`jlJLv1)Ja*
zr(I_OhE}I?zYY&h9qD}I=Q2H6Nx=%65yp3_8UZsHWft1V&J;Ha_Mss)q&AchZb5<G
z_M)Qyrn2yENbSfeW6UM#a3sap=Y_;4hGb?OAgGVuY^2AHoVyX&iRJ2f7t3~fLGjMj
zVQP~8u+~BiiBn(nR;uNRDRaTPmJj&=We4~TDPWo(2-{qkkE>#E`iE#(MUSU7WY;g<
zGaWq<e^99HK#YbIkx|@psb&wX{DT>f((UDKVy}W`#G(5V<J`j75yQ2`NkiwKk%%RR
zdu72heNr5>*<6@Z(iB<YFKxlVj(L)|FwTym6xXLlH=C}mU$~BV-M;OE>%qnNma)&v
zJ4pfZlyI)nu4LbyP`*7ifr)lIvEDN(Kcx(w7(QfZGODr4m=;rx%z$-~dwox@M8UMX
z{K&Lpv{j2&OHL+A&Fyx65~IIV9yUUUSPX2tp#m$t^Jf~H+;_@P{ISy0=jJf$3N(=>
zyq`9i9a}UM!gNw=_3~iN8^!rJ>OS$pz%j;`e~ZEtjqXK|kOA%AUs#_zlJ0hj1tUr4
zbF`18=p65NgRW_+K@(dL&|PmfKICLo`p;v!6ta`z6EgGEl7{lgFttr#-zg_LoNwB9
zvxfUAampoOzC|c1DMbic7H-jMIyGGs(||X}Z+Km=QSTM=m4O3f9%KKgWp~fgNno`5
z)OzsaE2;<&2_Q~EeRGU1SK$V<#_k5>Ot_k)<gVY=m+Wj1%qV7()4e^f^_g5wG%O>-
zzNJPgIb<_cHO}epb@JKi-bx4BrOH`}QSS^br;}Az{<5vgt_I61sG;gcIr5I6mliTn
zT$WEO{iL$nUq)KY)G}T7<@ENb=a{`_1XKhfSE%XDe=4?36A{Lsw~5ciZhAR#Vz4CM
z$UH5!J*A_6@gGVnaN&mGX7H1sx4*Yq5S-G3nt+^xWH+4&OP5g>)SF_7aD^1u5LqX1
z#yXE+s)rRo=q?4c)KR+gIi50mx~$t?)jt4&PxS#$($Iu*W*ZwHwdb>?jgin^M#hV8
z$~uQz^kzn_!PCCxxVi;IWF}Rkwwg-&vA>x&on_U^5`<OHT~ehu_?(W%rErIhwt6u$
zNn4fVbE%oof!VamNwTq<S2|Udv<qFr5gBx$O;hCHv7XPd-~}SDauei^+Di|?o#v4e
z%jsYGK6XT9K)h|W^;K=r(AIN=ps?I8)L{9+T&rO3`VmbAJ{7+zHs)?GJ^%)IW^!E+
z4X*yi>p=TO*A)=Dq86d09eFydXFz^hezh$^H}yD$!d>fp3m#>o(jt4b+nF6E&E^R{
zb%Jxd4*mBF^^Ct4pQ5k4gQ-o!Vwwj4@!t_}S!j?z^V0^94Gp|hb4CJ!TDW8S6%|%~
zF<<g~#Fng3li_1<jUnNPNr>_J3w@o48ZX#KG9$Z9h)cueP80Cp9g83?@K3tlu?b-h
z-V0CBZ;@A5Z{O&0Z{m$gQl&7^2l>`mZnz-IhvI&0bx*;l=*S_yc}H46a3a&W=QogC
zf3S|G$GGXE$OFFE)%BGEeJTQ*ry|wXil@VyP+=c$VuWHZy^igPZ<oGH&yQZ|p7(`_
zes8IXZF4fof@N~4j=HYH$!R_4y}CKmTh+>qe^uRw<{QX=y=rHIR1%yVv`VWvQHRI2
zDSm&{XDKE;{VQq`37VNvDmVam5++3#uzObdp`yI}sMNTON}Zy-q{PI8+ALr=3W`Yz
zY06g+sR&7>ULnd-(9hwx)MF&QbWq^>RI^Hx4uH%INw5g%AMVJ&$T0K!)S|((Z-?%=
zToUbG1Ekh72al4;WoeTfV^A3*Q^0r5>E;l%hgWZ41-C{uDlQ!O&Bjr8;e|9T41sxN
z8V2?1J4ti8xtoM5$hD(OEA3}@R%IDOK|$FvTM1ta#}HdnN8cP<K?O@kUt2+62g?Xu
zL0zu?`qo%eyEgZUm3A#B9gq2FVL8tL^4)1EaUV@XOm)n-o{|a*e#-7b_3Fa>pk8mQ
zl?2dytAzAI5Y%ch8KoF*{W2&3MJ=cIHY@k6PL+}02hBQPsmb61$OO!#YH^ohZ1Nm%
z@=6}!q+%L462j#31!lD(e|ddL+E>+xC=Lxkke<Ni>(XG!$zJ!-;N$Vt5j<sTJRZ-$
z-#45AOyfL3p~F)Q3Lu97@ASvT0x7yr97hgo1pGF0h>x?as|kM8ukX%yrUot*0fQTw
zWyW!7OL_riqm53K%{{)+(Vo~><m9h~Nq9@2%9JYWIA}e9I@w=kR(m0TeGij5%H+?u
zMKLsuVUvdbm@WU6H8uySfW1{eUUgM^$Js@%3LBoiseEDKo#4AQ++&ObX`(k2VyTeQ
ziV@O?VUC1L8W4No2@=f|ZN0g%_OtOiNy4N@8GbfD6pG^-@<4u~W_hd|RN{<=aFbc1
z4MR_bPd@_lHg?ID*FwIxMM6Qe02DvXgMMQIkZkJM!Gs+KGn2#yqf6pQVK7zH7TD4%
zXEyH6+S(f0PiF<qKmwS6mj{DdzY9ejgO)gKsZx)@Z;DT|d!jpTrOxX9py&ZFE>K1h
zJRMwtdEYjeGabLVDGOmBJjLTBRy;pbv;-YOdhR^!($D6Exa9kssXxO~E(zK%UUXg)
zs0SB}78}RV3^I{8o=2CJb(ge>`W)0ETLjD8;_UHh>OS*b3>~yRf8gGLt)G59qE&ot
z$lPw^v!rW%RjzUct*Wm6X#B+z`Et*YabM24l3v-!AyC-TczdCxQhvA$X>=7Q30<qq
zB6fgAJB$-Cp*iwhuD)I^Mqhv2D^<@{Mr&a$QCXm|zz3_#OyE)6#hpis2Jb}V2YlQO
zt&kX8C=e(IQQ;z^IW0n<)svscDJ|44m8IZ&0nzRoju&B;vwMDi-gZkO7kKB`j6jm%
z-9BT)h-Z8{nO*uE+iec4+XT;9D(3^|qn`plAUz)J*8`{^8uzTV!S)2VfF?&rF+*L?
zG9eS+QXvmRT?tF5I4V^N$q7jrFb5Xts3^7&ty(5bOqrZ<%k*fy)|_bHkZ-uDKp4v?
z%g<!0WP&KEC?-G)Df`p{uoRz5G1`&gaVhYzV&mfd(o_m#l9VDU5;F1<G<4u(*(S4c
zFaQE44)UL1!L+{#cug}4Xj64B^HeAka`079D2fqMw1A9D&(utaPfx9q&&g2Bm)A{#
zH@5tAa%-4oV-v91MDqF!q!O7aG5&u0I%X|SfIA72ySm@^35;>WeI-B<nb}m4HiYk7
zvj_FX69VD^7Pfy*P)}PwL^JzA1thl_+1Tl(<gBL3$D&F1nrjweuW5felVEHMlfihi
zDkxeG<k|aWoWY)O^bY7vjfABP_21tlP(?#0F%eBKK}#1dCrcx{@cRk~4hi%71t<0i
zFZ^Qj$wRFPTiT}P$-nLtkc_x-a#W0rz;wO;j=%9xShm8oZK+j!40q2}zhFgJHp@gU
zDH*94iK$&Bx6AA07{7w}d`x+(1uR=)8H(#qF(N)e34od3Dsr-2*yD2MS{FGq!Iq%i
zdb!HT7#1<!kuZNpR6~6IeN<+Ayw^_F)>qOJjt?{rp{J||0ZDhe$G-&wg-4b9&03T!
zSQYYV(Cus;w#AeF9-JOvSUb$76Vg3PWwaKmj{!w&hgZ(wB<owi++fi$_A!~F;foPn
zp~bjN(92y@!5Ai-UT?bupbM(z(AP8tE+cQ}GM0Uu!FDRCwkl1=EjDLYD6X09M<2wA
zs+XQOc$gXG{XiBzHA7L61U4;8s*}M1z9f?n(tA*B#pi$%Uyg^)qE7fgmUR4v5w`sj
z(ErgbU&3Jle_pdS|Fr+sk&yqEl{KILlrX=G)R|8ba_1etSe~d#&wAm0o}2#U)V19f
zp#wnqOqy2v`_{YI+TRZlMBIEp%Lk>pdxjNRq!#l9;z#6*glWDa>L>~&bjR+~X>hE2
zwE&~~(Nde2)wES?!*X$=bEeI}bBv<qDwaVp-?d9Q=f$emCmA)-&bLh7mMUwrMA>7+
zm^Z{Xt6-70<tfrZy2(j!74o*er_yt4WZcNU&@|9NtrcRJH=z-a>wfb`^m?x@4D}=T
zOJTc5FPv5zwzli~oCI4Pa-2+Mn7)Dhk3{juon&L<614v>7m@*3Gh@5dA^qNG=C%60
zkLL9r5sVUm;%Fys(1+@8FN#wI**m<bO%q3ILW;}Tf{#BE7wdX7vBrrbXLn=b?ul2@
ze@(J=;_5|^9$$wNHD!p2+<#(CPf)7d4C2>>kNY<0c!m9jFP_loQfhT>5ge%)Hh7X`
zuCD1v!w5F%^P%bgC7U4Z!d!$dzQM`4Nw1XwNkeX8<{hWa%Von7&;3ZVNqBWoWop=U
zCI$$*rfgJCM$e%310(7i?R>BeY8u-<Ynlk>Gz=AF$l)3PBUFf@WDoW=EN-FE;vJ9z
zVSaLQ6%-_OG`71AF1MCQ-2dHA9{dOX1?c|q{SQkgJKO&~ef)oa|AT><fr$lxk(rT|
z<?|Oa3)AoKe=xE9=ldW3N5G57*u=@m(Zb%@!p@e6%htu(nuf^L!pXwW!rH>wL(kg8
z)x?^Ji-Cs7z|qLu!qvo>h|AQ#+R225$jCy^!uandPUZ%VCdPV>F1EHNj!t?ewg!gQ
zzw0_Xx_nkObg{5D)-$qmHE}dBGtqN2F*9-hyXBu{2G-VgZhB@G&U&UM&PL|{wV|_x
zjftI$GZ7av8^b3h_9nK*7Pe-3#wOM#&L;n$$KJ)z+QLZhk0wrkBd|7ba{lbk-p<Lw
z+0M~J&&b@w$V$)Dz~T?;{-nUj&eqw$;*;**gjqN_e^&c%^xN55d;CSBjfvwY2NtG!
z_7?Ug)}O8PoLr2IOiX@v`4=JP2A=|OcQ$dfHL%vRaB^}n(Q|e*FtRdn{JTd-69*TQ
zPr?j7TRQ!VwEi6eHw!C^e^6@iDMVXS3o|`?184KUbN?N6pGiGq3nwENC#O%vI_Z6C
z=aV}pJL`YdpuMAot@Ce5{@Ltrsy?~0`tK4jaB;TNGcvF>GO^bCTmFAb;FEKrzpK*_
z{izi_6Gun8f8qC!p7lPJXl&s8X(z@Orl$W&-#<wD7i-irceeR7JtCstS~N7V{;Z^>
zLqlZqsX8ZTyFa@9o&H0>fBkl{wXnB0asDgi_(_R@)8A!(jdP#8+8BPC=x3%E(Qo@@
zV*KRpPd)r)>@1%)=49vMXk_w-fiwOi<?LbqX>LUFe`5Ni%f;!_X#T2WYv*iXYGGvX
z2kC!dV*XT_qsbo}8+@8C5fcL=J1qkzEd#qUBRdxhBNqz`9UCK~=5JK?#{Z*wf8#Us
z_`72ZTUU$U0=M}z>c0j4SDv$-m5J?t%lpl%{og(P7jyhCc_!}m7N2VSmz>|s5^?=0
zw9jt;>W|34*v7(Ez{K6a#@^b5&dAQ@FS*zn*!&jO?{SmJ$LF`={?*9-R?0t3=y%fD
z(ZbB^Pv!hep`O#H*BZN6|3k|rj;<C)f2Yjt?5zH&V&_lA{FaX6r>UBo{Qu-T8<_n!
zb1?lBr;DS>zcBW9$zRF;O19pAH5Dd?zYXx;6#Vwwf0O;Uk^Y;aKgX_rQ}DmEB34GG
z|B)5_RqtO$#Q)xzkI(<@Iq5&}e-7yARYet*B;;iOH}>(rSpWSl{r&wn7Ir39CN`GO
yd`1R#Hm3iq|Nc(^1053`Gt~cWD*glif&ajN;6Lym_z(P_g#QQQjCI`rcmM!3ocjs@

literal 25004
zcmV(tK<vLCiwFRyRh?P@1MR(aP$tWkFN)K+ySux)HSX@vxZ8)jYva<mySr;+jk~);
z<L)$%-e>PKXXfp9Xa2eO#)~*Bg7~P^CBMvCD=V|g9$;r_V&p_`=xl3jZ36Vag&04G
zot5?XFB1nF<G=oX5E}<OBRdci3lkeF3nMcND+>@K6Eg=J3lJgW{~mV!GdVjt82|_g
zfz0h}Jq-RA<^H?;|DO^Gp$jvinS~SKKL7yDY-q&9X=r3%Y{16OZp^}E%F4>h!o^|4
z$!u(BYGh($z{bpFWWvl&2rw~qWH2`|Fm`0HF>rJ;0sPOaN{9-5hK5!U5|RF30OaFO
zGgH_tBRE0wB2NRT|H3Q6mEz4zU#5+skNzudUdfsuet88y*wd|%yz3@;Dz{ppPpNb+
zlyHwyzz{iArULAb^<`Q~O>#4zh|u;(a#z<OCKZrcV=)r}|Hsj1km>?ZEHDfWzYEde
zUmM3U3E#od_1AY91RY3aeQQ`D?c>QMPdA!vf)QWm41kO67K-2BVbw^nvdDZ{B68i-
zz#s3G>r7MVFX0G+ingVSZxmk^e*i(0^{g37#-mA&+)B;frdW+Dt84F6#FEPWaGy~g
zH;;bJla6r-)+VA7MR~nqx|Gz@7D7xGKQ_^%MGK+e4mqhS;I{x){UP=ZB6wXF;U|-n
zNjXUyPxIV`EAATKs*eF--JYXlS{Tv*ujt`-Le2LgoZ~hq2(k?D?l59k9LP7^s>7$k
z6ZqpN?GpBVs}zK$U|=>0(^ccQQDwo|y2_ZPW}Z2APOhj^Ru<)*Aqt1j_1fQT-pyxU
zI`W}DFV2wZtR2*U$5O2l0265?)0z|SIHQa1QLI2GkP*_*Y;By0XzMNS91mprnXAC?
zvrF}IR(CI-=||5!^x^<!{rWOr+NoB19UR>{f%&1(maSH_%qAG1(@yl5aoU21&sD5-
zb0H1Mf%lUDP8FENOD`6N9;;=(t8<jwL7eG|A(aXBd<5C87fF>rGq@4n6%zIyw>n7P
z)l*l?*(T<Z?yHM$0;C?T(MgiC*ZCHC;#>z+W1p?iPI;=Lv!B1Sh1t?>R`TiY9v@{(
zcmPSYVGlcBh?2H6PCx7>Z@3m1XSw7Tlt*{1o7L^WuQ(3w&oLCD&!sr$b_!k;mJqVJ
zs{@#fP!ktpC~;N|M8><+i<YZ>c%B(iCqB0;E>xS08&1<y#DjV<jm}Mj0~p9j=*q4n
zOo$WHcSldlv%IPp#ASBmUh@9L`rzfq72)^V?ak!E&=kGS_|A1<>k8+eL+dz0*YsIo
zYZMe)XJ+ZzZlCzXML*BWh1Ptr$cl95yL8E#;#5Krug;k3tw{(Vz<iwEqmO=jjyx!P
zzr!3mrB)$BxID?vnFOXL60E_)hYI+T@{GNKbdQjfqS#(U?v}yA%E-vVq&Ou#Njoev
zIm#eq(&Fgk*cE;{Ke%g^p~sW$c6oZhbSEehRF=_Cy1pmVIkJWeai(g;MM3T4#qouD
zI7O=f<F&qM7_MxFkBx(lg(AsdWxeC@p;@=X$51_`YOTv}2liKHMTyic;5wlmE3MP;
zK9sHLof~u9>Fm3HOtL5h0=m#Vcq@0?W83k55o7;7>Uh|>4_CJ*MLXcJZ}#|_fwbv6
zDw%0<0G$_-z_gO_g^oe7y8OgO1-vR{Q^XuI6A(yne*j2GjFLB#GJ0qYz~kG)yWEcQ
zQPoo`261{~>W`d91u9?1ZOFbeuf>R_PR`5y)WB%`x!1kdj)pO(&OD`%i}selvVm{j
zjTuzA&j)SM8>hVG2#6$vmYDHY4MxNW6#dDaDUQU#9`0ZFE^aLl!Kox++h-86=s1xV
z=P9?+e;%}J`i6>*z=RpgnIeO}M76Ft11B7G?eOWV;~K7zn0HjeQKx55<g|YNxmD2P
zeBx5~^~X4SyiV)I3KLVw4K#8>J<6=|U0uY@4Q7!Bsivk=Ll-X*MXy#jql)hYHkvsi
zY9jf*F*(bpht``HxwWAY^(q}Ihs!4D?8S7wuz>iv9psReO(u+m##D}WX1CYwDYjiS
zjP_xI5+_?=HFZJbQKcKD>#sG`KtPC^mmV!dZW*cyqjLR>upNgqk@qz-5#*4zFOU*C
zQ$9T-7Hh1r<YWl7otI~v<HTF2p1ds4hd>y_DbkuZnx(0))Ri=j^MJ^&y(()*R5WHH
zGW1IZfVEy!6j~;voan}$N!0sNR7eNEL#QSVET|$hs)THx@ZfK3<TBdHeuaWiFj!No
za%O{-Kv?RAh8!Chi-YDn9VQC`=fA8Xup2kGP(=KZfun%IPO$F13H)Jb1szREfcOyx
zG0DvgFwZ;UG~;dat3v=UNVwf9FnKsSJZF?Ey6Z}dUw8}K6HujG_7Dokz(U9?x_b8S
z2GDG4a|UI`IJ7d2e_g@~yj_HFbP43V8wGC!#x$7)XPA#(;5Y5~b3>_qOUe%IOuG0?
zvj}(6s6d3>MnA2h2GwW)4O)nrVC;{mWLHq$IYIBZll}<tw%97z`df){x>mi6s38|O
zH1NcAy2iars#R(hSfHshM=qK(2NhzL$O%hCeeYdOZ7X_Y9fw?pd<4gYQpSu9#jj&o
z*?QzbsCi37BtU9GnRWs|sFrgxE$*X8@w?3qDNnsrI9dS#HU8f)w~PxveY$lETCPw}
zx))MGn{v#zB5}CLRchr^3U^M{-^ne$PWXn_CRVhfP;6VxDjKTS_mJk9!f$>ebG77W
zGuvzm<shuO4%TQdwTHGbs9F7ZKqu?gv@bbAn1f*Cjps1Yt!Ci`$FAD>&LkII>c%t_
zl`q>6<`!==O9pD?MX9^XkuC2l?t;ON=#f2o;yV}{gOOb2g5AmB{>{tl-UnZ|68dy<
z_9c9TI*N{oQ?3~@mW!ukhV2mRE50Ip;)MSzu<n;)kUCGdj3`wbyH$3?Usd`JHHszR
zhWnN4K>5S52g)!NG&|@ojHnQzStjJjl9!Y`$8B%-_@&89=6+`hLnIgHt%vwoLrr?b
zd#i}Jbn^1v+Ae79DjNFxnrc65ik$ZM;}=((yue3#U1KJyqRcNnAsB78piOVOi_Zj#
zL({Puip27YPlDO&Y|(z*16;U02mDP*BKTE_Y#dSZzP!+i<k!)r_q8vSU<0cL+fz8n
z=D>lYT0-dn@A0o(qZ|d&LH1eLO+;7iz3cU*?{u_`ah+ob+kX?@j}t@;q6<J4N(?|?
zU+9a1_4vW1s8#(eScT0e&=`f;8RRH<<a!jU?Zs}~PV0lmr`BAq8X=u)6wnmr|NKH4
zhW-O{QmmRmwUPtddu)K03ql%~Wbld5#gMGi#UH^UVgVkXY2gmdzR|k@jhI)&YZ9G5
zucNrtOe?+XdC&vQGP9mP2V^rX2Zt0svCe*7QABSjad@7%MqNZ&L(G%Cr@Jv7ZpV)~
zWItn?nGnJN^_2A-^7L&R38VV!*RWrXC(_zhH-b}Pkmo5#Ji6gIvfy|$821{3Vslz`
z)7VR&(8C#8yoC!5zfGzV6xBeE;*ZYyoJwWQl~{ojsQG#YrORJH-Q&W<lHKU1dSqRU
z9tl93tieIiM{pReUMN_YibMSn6|9MSCzYr=RZD!uZvZ~5v`nx$jfk;LxFturllrwz
zU130DE=#E$WA#IJN!$iuqwqEpCgH_>?tDpnn-!cPQdU>x$a0m<y!VKv7)JSl+D`k2
zheAu=N}Cgp^dQM96fLOImU~~m!9?nDTCS5ulj_9t(S1dOimjJryj7T!LJfSL`RZrM
zM8)7&cucGp)v?ru5bG%1`szvqw}QFuZ&8aGT?R;JPcM(7C(c^FvJ$q5c~{^CWvM|`
zsCq!o6_pUgrzPDfnKfehs}PBc4v0OUr2(njUK90ZoH)AZwCfu*7oi)IxKVp+5?JEp
zjF-R8*ENV4fgdTS$*40*9-SFi>H@zJcQi9p6_qnoWfwMJGBG6%*t@0>B)`34PFUG8
zr~N#NL>oP6?&ugo=}o#}qTu>$8Z*jS5kSO8*!FWAze^pxB^(m8Olc@|C{XeJ!a#9^
zM={;y>B^-RLkO_{wU}5*dcx2<{E_RmG^)<iuxmH07C6Kg!>b;mak=J|4dDWX5XR))
zD8jt2*{vz8J0`^elTdyz+lhm+Dz}q8bY%C=J0n}ao}j!S{;<6a#4V#zL(^_m4AEz?
zdMh6!h*c8rThySScDapTKU^A^H>+DkK_eA?t@N|Uk=@1lDI00w638{Fk*TXo^hG+>
z^W@#3B%*zt8C@%^i_L1-Xg$lu{-kyt2GZ^-ODP5%Re#|t$)~!!!V3Dj4&v`lNMzHe
zcte#%!x1lEo{5f1Ek_P`Q+~Ok6)0K<$B<%Fv{2Y+0G<UK_@lomUc+}bOqv%u*?CKq
z<5RlxmUs}l(h^wAkqmYYylfo@K1Us>jTWi}k*$W(A<<Pfze&`v6t@z$6&ZBkS#T{K
zn@JCEc_$Yw<Gj^Fx}0@Ei>l3j>q@bvP=wtc*`yqpHZPX9=ejUg#V%*j{!U1UEIG$}
zx8T(^y_x#3h<XR++Ke_@AMx$GidI5X9$8b98Cj`ZO|f$ZYGg8GHC7;nKjH3YBS5f!
z$i#yjMtlO^VS%lP=!Vfe97tM)C1|cAq%U=Xb#CM3yp_Irr@`Pi6BA7UanM0`UU>bQ
zle_3w?P(kKTPWo8vd~S)ZZJm-5HK>5x`2!YvbbU+i{S{`L{mje(6MaE4ap3hp_K7j
zVymp1NVAczU|dnSpSRb~e`cjv?hf{!FMk6-V^a|Tri?ETVZNgtBg@M!oIgv@yD-Ox
z)C)i73-dncjo?OECSuxrXU7p1{vyPfIZ9j5HI{=6UMy<`;3brk4hI@v<Kb`lCgyk{
zDUSiYaMep5%^SBP7fF|*{9Prlmy1I<2ihXnxd@K5tJP|DB+2oFw170+I9y$8OA=e$
zkzmgc0<m<|Kg1Qck~aSWH)Be<8Z$2Tr!l_W1z0&8giI_N8eJ(GD+*5fm<PTsn0ss-
zj-jrg<UYf(ySs$d!p!*1QDlCu)T)gnHYn^1sZqLh@mfsGjti2mc@(~J>DbLof~S1%
zeJfK*ESWY4**N&jxrVzHOc}D-#=wJu_`^=k*vc5|E2|uOpOqNGhzTmgOn;WWlZs9T
zNhx&*?n5c`chx>uieW%9s16aVNWEo2m*S%i*)()g%RAxaLg%t|l4EH-(~%8}d}Yz9
zNNjk*(S-j<aN6J(+ZS{rd60bsYb4Wc?v~Rfw4XWGhjfzFG0Z%`@@bCl>d9MOKYJk4
zmbXF_=v2?6dYdFzEbWnBPDEpPsug?%E6LcobtI9k7m?BAfe8Aj3c0c>@O5>w&d-ds
zpG=7-9e6I(6!R!!I+Qq&Gg#(&4TJaRhILn!I;kBj0&HzezrZex!!7nB3(O>41_#hK
zR(>`H;fBFpmqJ}Zr<n~S*N|tsh}z4Z@&4YGuYbCF=vGknC3$Iod*<ZQBDVFoQc(Pg
zhm-6@$%>~*2@Cd<Qe2wLi-HgT@<ovz@{2U&=M##g%D@fY$bk@^_yPe^D1HKdQ=3|n
zH8fFOS2+!$&o2DY1o(4-XoezPOLOCwZBE9Wcuq4p$t4Eg%<w(EA&z^0QC>Uz6!ahT
zD@vCkjJJ=MEHlNybUH^7SyVL{t>Cix;ixwKydgMQy(zbiPT!b~V8^xJ>q^qzO5qcX
z?*`VxDDS))VOyfxs$1hC&XO&`Bvl2bPiaM*f-S}OxIGOhY+EF(HTAhwy{7@vOC!Jr
zetdl-fV8aOj`d`7k0(T(!Nd8?%<ex~0t&Hbnl5eymIdp_pBgcoEZ^<(vU}mn@0)23
zkR@L{VK_-Yxf{PASd=Oe&>??x1V0b~2|u-ap1Rt4<9X%EJf1=<L_J4O<FM~gL^u)!
z<3_q=wVRVgT-y_b&yC_4=?6Fg63;w_EI=`P&~vc;YCz-|doE)y{6F=A4D2;ua4cpo
zEPn4M=zc3y$}YKRf7<g+hU_P5q;Sj7jq9{sXM_!Q6#)0AmyENzSPmeU2tlQsX$QwM
zPpw58N~Bh5wa?;DtV%~;|9o}m#mh^tN4WneCHFmx9)()=GJY5O(}Ny?L(n0C=Rn*7
zYQ@&#KwjFO2WHVxL3Squt|!Lg_i6iRc#;TL<_rpamnffUHXWDsaaQ-cIPh2sdzfn(
z5Nsig=RJoZ#wJElrjo-UI)eIaKBGtF$K(To*i7OB_oY$zw%O6xX-K9>hD#?`$CtON
zlj!*{N1$SjUNGF72qNn*G~bdmwi`5Va7+*jjrUUhhT}dRRMt%vBvtn%2DoZG1jes~
zv@&{Ty^#0U_n^a6w0wuMskv)253FuKr{PU<0EOvav3hl6X+<NK>PM-)A-#Li-op?`
zUNb)aK}Vf-=+w3So}D#r2m9-d<qlC^b!jNA)bwirYW3V_s&02}IC{O^Pu(zR@iaVP
z^-{GN+q%o3_1b<*Rf@9(Ro&KQiNb4XW?7<+4rdE&^AFw+z?xI53H9)98M4tr$N`M7
zq7Qrn*#_SS{aM_=8MeT%8I7zhwFPbMl7i`P-aUP1wodt6w2`f0C=)NRkQu`PVk+3n
zzP3rZ0#fjLy|2S<pI!M|Ari<gKm6S%$a@meVKT)UP%!Wqz%E{TNx(Nl1Zw8^<7j^&
zn(!F~j)-lgsEOA8Nl|2d6f046F&?cH<8vypN=qb|O2=f&gL8(Hxgq^--xiLJJVl)<
z#E($@k1%&<XD;3_WFtg(gBl&+CHey`fLIT2qrp*HAp%N62q0#tr)Me06c}||Mmi7(
ziC}$QQ?g{8{^Xlk{lr}o|Jo6s_nMJ0muCoZu@0p~8=TF<>GRZ#O*wvSacnXaQZgbj
zP6br@sWXEm%K5$M{nx!!>j}U$)PsOw6;?4WDO+WX(APRQ*)zg(2CUDUgW)xf({tTv
z5+}^b){uNDViMMCu<fn<R=Wsqal%%Qj>|07gj7Y;2YRTG=K<IG{?<%G8PG72=)6-j
zq)kI06F^BhDnkc}ZNGG&m+AAgQM?^z@vPO&o)LGi1O^l{V+~jJ=}*c35vqr*G8B+e
z;I%tmomo9ZEOmya^+|UhrTd{7ACMOnqqCUPD{^yE*{`={p6)o*N0F+Zx4X!|<`L4=
z($;deQr71bq-?K5y5iymkB_2nbdzomVAL=jeg7eks5(HF#8o<gRaz>j3cTs#Tw(3m
zaBHMPBW-$JwCj>Uzzho1y34Ot4D!!KlOfr$Q5k7E`sq<>)1?#)uQSW4w2iEjRBobh
zO-BK`g9`{CBxZ#CMhLfz*~Mnnq2aO7Xa*`NS=Fi8*~u|k8F{*cnb7cJWAsAu<UI`4
z0MdHoQRJ@)UzuT~BG7K@>`STXOUESXCM0CROQq=P4?uvL2Z<eW|AT?4Q8`(<FK+A)
z)2Ff+)m)ygR#h}HZ4O70@|T~17W)xs7~L{Je=p4f=R*Fok_0W~(6Edg?eN&-><8oa
ztNpl7Co2}yA#!Lg7d*`-nl@PPSi&mg6y*B_0duI6TF*k^y3dO*Y>wG2zRLU2HeIXM
zhCpD@!&u?&?xkD<uxZkX@N&>P&9)TnZfn*g!$~hycqpJiQd6{G%`|QqHu1H#I83l1
z54_<1@NzJR4H!p=tXRl7((!y-nQrKKno6Q0A)8%ut;wu{{y1)6PdA6+T#yX@;HM&-
zUv^SI8yraF06U|QM1m>vqe{DP6=2mQ4xvyVvYwj26!$3mp=i?;Q?bkYp<CsMN>pV8
z4&^NfD2)|=N9J=)pSTPY_sXKia2B}Xoh=;bXSHXBy4i1?DQL}VE@I|JB|>X%7SqHY
z7pn3jS2J97SfK@tN%X3EFa0$Y2&KGPH6xQWWBe-sd@5*m!d@k!X)i7(CuIIM&=yQd
zP0-i)du<>y=>`s|_A4>|<kuPW!J;0P3`fxH<{lV@U2*ehXCYS8c`rZShi?9DJQoV4
zSCJ!TgMm8x_*m^zjdoD0@0z9bbx3E?Nj@Abx6g2&6@Lm!F7jo4;^R$DE9L+NlYeM-
z?LOb;E<t}fUz>oR8vNeT5`jA~to6Ll*VamF6|_e)<^n3eV%5$Yy{wk3CRO!zNl@qu
z_o^}eJ<oUc{+g=1GMWqE@sj8>Zz*rw@(j9(b3NRG?v|k%%LnLXL=E!HHk59!MTpJ)
z(juf}tmGfNs1Zn;N&$t@vra-IK+0ly|90B!p&MEmJ;-x9H;r8XSpE|WQQQ!b&EX0l
zc6(Gxi;g1Rar1a^m&(+`*+Fe2qV0^w?-ig1Pr)4#5wr`!M}24x`Yo>akRGBeg*2g}
z6`2atm3k_$B1AsHE)cXKn|%KnEol>?SDJZQDe2X-^Wc4T336pyp9ng<=_Oo6^)6Ot
zxe8~E+PDkq%q7dAJO39N&Kmx>bkd7vV{n3%z8Q_WRpZ{I{h_V|N}*mTfoxVoQ;YE%
zR9LD<VmZj)qF$Pw-n0d=d8<6f(75}s`e;#L2Lp8(TVDqRNCkk5&`A3a(2_90etz)+
z=K&4beG5PpDx2#%C=>kF@(odQO+ts^{(>d(j5HKxOZXt3rH=w`6>?=JI|Y0D@aR+u
zyOk=6ip9dIZ8$YrMsET|%3n#5h(ngky;yQ&qq!-cjGVwi(p+xfkc*KkgAJf=c@VFx
z{0Wz9v`+lH<)lera-Y8rlv9n!gKqqw3S*QEk?K9Q^SaO$XUl@d>XcKkrE!KUDcTK<
ztUG^U-A_FXdZA;6^-YgG-P&>L7@bzP&tEyG)|9w_MfW4Y8DtV>-6mhu58yloM{+>n
ziC&GbT1aVqoa-mO{k!7MATi6Q`+;~qFGL?wmI27I&aySV;?4tQJr-phlUhCRbB;HV
z;8*Qy9!W8(9tL}isNb5nvHiu^rUHf7lYMAz3HJE#sz4qX77-N>tU1gM6rA&gCjcg)
z%}P&3Aw8?;=W<VDqEQ%~Wqf5Q7*%etGzX27P){S~V0*oz^M-9^#Rn!kI2XkXHf%dD
zzEV*)VZE1^P*}saZxtYa-SPqgGRF4$<Hue*9{2hSGE^Y$s5Vz3Zb;m_==Tz+MqH&G
zURO(CfwX53%c{Zt!{QSXW24gJ(=<|sEozCHb7M6(3$<i0w(U!qMr~bZB{f7Us{9Iy
z07+9Hd<mj=bqw!^S1fg!E(|JLIvK9_Ly-$mpuR4m$?lIPN5|!<#wAtl{{uvhaxx>5
z`$`HD6Oy#_YWDx=OR+}LUM6HzOH(MgvLXZdt5AgUjZ%vsCXjwHc7G%I|D>JCQE6F-
zaGE7bPVzo94NW5Bia#3CQu;?j#4~t+l23n!>aX$>lQdK#lf#m9Gan+y8cg1%^K5RX
zZp?$K##C$`9cS**F@2~LJg04MF0aE7Vw_A0k^;O+yE#FZ*S0BcZ^U~sIvh)QY+OQi
zjA~er<=W7@3QSzCVLDFTuFFf{%C)H<qY(hqsmXy@`*BB89c6;{V}u3j>8u{&36Q=c
zD(o)_UJ7E(`K5=eix6E94ZJLaJ#W5(akfp}3y)&_jIyHxNde>tS45e9qRD=j`Q~3f
z;P2;!vigAhz}ETejuf~C#w|lMvKGFV5mDs9Cz$LPv7r!Sjq^67u*cNYE&ZA<8Fha*
zN*kj_-K%vm^0<AGh8Hh%yA)M{C$1$Om*`~gdkd&b@~=6P$;K&}(-P_=)Lj=pR;4uN
zO@}Bk(4g9pyqft8Q%b(%iq(mgc|i_i{G)kZY-_bE#%({2v3v$}MC0CKH0(2<XAmA3
zzWZFzzt!{PhleEbhmKp4-@K$`)Qn9wL)Z{TFSM=0(jAUKfrj+aW;%iY&e%79RNavp
zm)-^eDshD#toqvt>g(i){O|TPdRh-k$K0EBwHIoj?5RYD8LVTa!GQpJh{o+76{Y_H
znSW`1L|*AP0_lforNQg|K%jE#Z{PrFti#{@e~BYIHuew5Obw~kb(nKSIS3ad9D^FX
zhe{)WVE_T8s3ZMs`Y^cYS1#xtLPQ`>{n~XGcfW$LpEqHm>WFIUyo68Q(d6@tjJv@e
zkm}{6@+1~qlu#TR-=Fj=*GubxKjB)8_${$&_h8^;CzfCCu<a&%(&dKy@=K0YC!iHr
z-iCyy0Q_%xV~~=aV37Jff)O<U9>Eufy@L#ga8Gvq_l}hjnKh&RK%Y?KZ*Jn1zg|aR
zu_jaEWuUg$uFJVxwJeLp(>&<%kV62en-NWSf&GoPVE$-a@h^o1+yALBRMZG%$C+E?
zgb3*f<OJ!RgzsrKXi^bUf2vYH5+^_Juc;}cf8=%M!yR`z+2?NCpSP%^`bFDZ_4N6@
zi}W56sD}!Uy6A5Q>+C4y@c6Ve-G|b-v^OeTmu_~<C`u29XRGWyX!x}!5cBvsm{=$p
zKjq%un&@}7Vhq%8Y<zo3rnpO!KdCMvDw~O)i$JbXx<T-?(|29XXC6M-k67$DF-EVa
zXaoXk9b;#1MRm)Fie*CRB}5E<_yvs%`?aY3JN>bBD81Y`RIzAvq5o{byI!mc3PrK!
z!$u%O4*JV(71uoEw1d2A?lq#Y^C$9f%4KGQ`7Z*<j0+p<3iZ_WnKYx7Q{VMh@UgT)
ztPn@b9zXk2^iB~0q+MEyg(FBKNi^ZC*9q10#ElG4bn{vyL1C?Y9_yvedeiuh+9O-V
z0bh)X$NX@3iOlW9ZO?Lk8eEP)0>8Q!Qs1m5@ba*DGbM;JJ5q_)zW%DksQhGd*Z2{e
z@x=%se8gtK7r!D7k?Bc|)loPYMl=z0c;QP7hA}AzT6`Hac1rbMp7pfqyLBe#-_-JU
z`7>O^pucbf&Y)rL`)#M)X^*&GnpF>pm__N!SmT9BGF4>=7OZ-ZWDoUFYBQe{aZzu-
zu{uDL!XDw8TzK`^aT6goZUM7>|FK0vv}ic%n>`I!jJTUBqT{HS$P)f4^X)UUR@W1V
z_K^q;pIb(~Vxwxwn9R7OqC(>?2oUBKs8I?0KdjEdrYb=_E<G%1BH_8rRK0q#-h0;@
zLwnO)FQ>RL<6-?tQ86(kRe21t(`9xOviPfu9e-ypmu_6)gPm@_ZcD(aN(fHl)pitZ
z99!Lta-m4^QR=$}g9>~SgB%?d-Io&1YvL<8pUdwe2n1<Kv@I#D%@ndoML9W?EDV|3
z%^SIk+8(~^D2mhG1J3HMgJiQN#ktf{FiObMN?2;V4zucv+w@(TFW+6ScJw<qGN8|L
zsi{%EUSq<aaX<8(CVZ;iLQ|bZ)z$~UX!Umldh^mdsQrMmvf3O29sP{_$k?p>IE^wT
zwQSiQ;11@ink)33<CQ~{tLvTf&8>rKjA}_~t*ZU#nB=^4C8flebU1?q?eLVs;_NIW
z@x$C2YffTYw6GVigu7P<xw@Q>VFZYRFoHR|ii47co|K#=k^)v@Y1J?|kh~UUcFRWq
zY!l673&Mmb`r))HKnDh$q9A?-1_?L(di%|lkCw#!hiQk{@L8=yETxj{)nWHLKY9~-
zEnlr@SK!<)@jFgr8ov}TKTuKD$4oxRkC|K7(#U#PnD>~C)0H#xVWKke3l?>6tMfgv
z<d++$CBmIjLX~I@=$zD*D-!G-q6NRz!e2&}r~rlbD#!KnlTYdIp`ra4*p-u9Gh1d-
zuZf>XyWyLq0^}H*PNOf?ek!Nkoq#&cMiiRN&OM5jL;5mm;y1#%Ww1qkkNA+`^TksH
zI)b7`Jj2pm0ioM9q_Am`OB0hzU1s>vCXNt;YO+W50?lUGv;TmIZGnwj3NXu8A}KC8
zr!BBh&v52o<mB!s=ZVEU+WNOVMED=G{6Uq9bG80*naky-g%<?E$>w{|mhlQS-*r6)
zu%b<5Y<g{tHmfTAW!A4ZHIPuL=)FKYHwJ0Dd0&VQ2Yk?t+4R1Qw-$dbB*o{69k4*T
z0sA2;p<mDMmf@@{YlXvv*m<HJc@}s&Q*i-|B5Xleh?r0mDr_(<Wu)z-u5`EUV)4Am
zGgHN3yW5LjFrChEF+N6bdV>1eHf<Vp@QI&|@8*%uBBm!Z43dO<k0CeHmPvFSVxl3=
zM(L9)>T`xjBpqR~V8hhvo)G7vB~@M%L`P$-Ve_iZ+vDXW7|v4kUeb4h;QZcfIZRcv
z2(s!jHt$!uxx4kZ9}mu*hBDjm!UV)F_4_#64+aBYU?W}Kd?2PZ2$FBAP3!$#n@++|
z(7Ug1?3SRY3%=B+R%2ohr0`On8N?UTGSP4S%mD@a+4xnE0+<Mzpm8~{ex=`<@r%rP
z(s)_HCN($&SqPz*0I_5N3>TB>`PyIv(o!L&U&4&12-^z#qQa2`4t6P1tO|c>2Jog4
zq=%nyLZsz%-+WR7d5%DQ5J^{0vX`JAZ_ewWw4>Y^4_}my*FeOzBDfc#_?5-wdop%s
zAZpzpLvMOKQ&Jw>F;z<Hh=_wrTEK~;5@Ke4+OiirJ41`{5xN{sj!1_l;JSYHr4d<?
zmH5lNtEPb%s03v4M!A0m`hlT~Bt1%~qltEm+~dqG65nwec9ysMN*YjED}DanyFIU=
zSxjng6SP))v3G7%zO}3EEeMf8waM3Bk<&GMk8wVmji<@PP}#tDhI)b-x8*B=odJoH
zb^^ByS%p!#K1RfjLz<9#M8PD-Y84^}Aqm{rtqtz0rdo;99bJwx%J=BZ0yN0#j+oTU
z%za%nE|o@Sv{n@1ib>Jhelsg9&s8MuYPi6d?`@zEG?g&{LtLKG6HcgVHSqkH(1<Z<
zHH);=aUIa`q_Dnuj9@gv@FMBG%Rd^1g|vEYi{zj+3_C@3U-WqLBZ%9gQw+@Q@KTFk
zVjQk>fk3>)aXy(Wc;;k{z7KfJsG^rHJsnte7&#`j>vfMey5gk-09e;1`I20IE)Cy9
zEBiML<CrC-<K*s;uw?)VM{PkSXXwY~1KQ+aI5cERz<p2x*C$DTB6KKJ6VKk46z(&z
zuyeW3Gi5TmBt6nqU#6G=_<Lu^DJj|jY&T`bEZP@?{^?lC)oEwr{BbOzKE9QARcKv|
zAHybI)@qFrG34SIt$sPsMS8ar((6;9zaWvcge^FUbiJOUw<>|0?CkqSTxUBJ9WcRQ
z{xr))N7|jGy3*R+%Gp#DqO?G5n84TQPrPAXPQApw(s&Ku;~OP2EGT3ZKe;A)R8b8s
zC{zpHGd>{;1$}8i)%1j%ep#zoee3e{a&rqnzo&59y)-dpeWdwR+!nEPS+qR;LqKG4
zecktE#aVk06`xR+Dqq)zKb*6GE>L;r7NNSD(1YOS;JDpN`*Ej|jJ(2kaaX_|aZW;L
zRnG>C`(w;d<82d5yAxM!|13cv#d01JjPt`_nlF`7Al_xp=tYV`K-Yz+lM}x<&`3O`
z8>bCsQfAq;O#%r;Rz`N<7Ljn4Kufc#Kep;C;ZDr(OStt+W+rODDN!Y?Jt`Rdyz*pn
zjCKi3cT|Y_yp#C-)8gVxdyoSu7D-o<-J=rlb=Wmz_B!{AJ3n{r<2|vd!*y#})<77o
zM_f(Xqn?CruEagL!duk5NCDB4K&*I!PX(eKDyBee<1MF?z}(a94~eqQI0(@o>ptYS
zN%C!nZ;w6~WpKvBp?fVlyEojg;7p?68#Nz3lTECURo`!a;|VQ|#~h^3bg>6M*m#u+
zuMpLRIhqdJwG`Ld#0K-_VpJG`=aeuD%!5E)YrT|7blyWrA{+6C%Lu%)vW@GrO}%e0
zh1)%!R0n)W20pColh()`sQH=KT-y*eLE+f}(fck<PcUrGKz^|%@MQ#gzcDc!fw+dZ
zjSB;$J9HKRIPVetMycOeJcwHi+C-CMwQZSU<E0<oD6ww{s{dt7!=5C)NxUTm3>6cX
zSxXEu%a13Bm29vc^_{THK9?U85@wXqX-tGVsck=jJ>$@o62n?43pu?DqnU-bZ+DHj
z^|aXsh&9pVt?uKNF8fE+1^fBIE0`=qF40%$bO=t}5-G!wC+_hjB<iP={KNU@X4woi
zs+_p-tDJpl^@-}6-tL1Mc*h7Sd~2avf49xA#_*-w#m0}UOlxo^Iq+$KdDScobByxm
zkU>^c*&ns2+3&YbKvP8Yvn9BH>l6QucvLN0`gc2P&1O>1CX^zm6JYKFDKLdq$oCJE
z{Sq;~(01O~NtSO)ro%a65YSP{q-f1Ts3m`g(DUVE;|5>aUbY;LEx)-l$W^{^zP#O;
zc(y%s_)$wq(n`um(T0?)mMOm+-3i6D%eFU=-BV<AQh(P_gHcURQ~#!!n4O%S2HCVg
zwd~fsdb=@kOksAtn0WD8f9$mfjsi+3sHQQtRoi|ek)u}i$deuIXN4l%){P%=>`ys5
zHcC4zGd5fyMMrH~a=hYkqx^lJC!6g~zEu>uZP|L?4MFi+LUu+<g4Wnp%gbybiXDon
zuD#cr)&X-u^Q3HyM#(6&lp~6eTzo>q7N1SiW|Qr>MaUG1LGs}zry!9e)cxdd1?YjO
zCf&A-5x$Ss0T<doI$`MXDBZeFw>V1jcINi-=Hd<Q1v}CwOH7@#SyZ&{EsNBOQYHu5
zvy%))pd*-XW`s;LQ8Ui$b1r-rJ=cStj~J+_@!35^f%~I7HQUHOB6=l0yER7G^*5SN
z#x3L$UPG}1NAa{mO~hyTl*ngB(qG|4@$BF33cbVtc(6-zyD#x*0@PGpQ~*Y9;?oUL
z>qTb|e!onJojQau{*Hh}8*9iQs6!B$0Y+dGw?TK(L2cg{9h7}2Vg5==eO}3RF1}eA
zI6II)gIaA&Wc)ajRHm0?O4zSbWz!OXO}_aI%*M@AuXcAEmuJaB`u(;O(@^GKh71e@
zKLHgVqXu|F03|qnaxhiMAo!-iI$p@vTu|VuEwTi~FV9~Q$zoVl`7TItMNDWI+n5y7
zC_Pc=RK!BvVv|s!OHA%oA16@xq$TXK!4TfOn@it5v)C0k%uFot9gvjnEeI`d`UMMo
z`fAu8#6=u-<GHVdI1&&i2G|FszQ@@&nRrJ@3{;V03@>;8c@{z+{F9~iThz%pJTJ-Z
z^RM705k?6g;OWouh_48r=8avVTF_^D4J}<5i>vtFfi{9>U}`?b8{JqZbT1<+#1x<W
zm4BaV>@Ac|f5WH7uSdjy(mhL1i?Ao)Q2q}1Dl<;gmJM@XEcnjtiHsE^yQ656<y>dI
z2Cp4V+8?ztRx@osjeUM)G<|8JXR=F_x~`&!I#LY0i%+916zhdHqbfmSNM-356{Xb?
zOa*%vFK1AKr<$vS{+Q(=6`?_xV8P!#BQ|ova+XGEbG_@5tdUnLj?T`01bp(DfR!0Q
zsb~`74aF>t=kkbV-B1#?kL=!PTj+FCek#RljH0@qfZR*efVnDjbmG#t`^oC5DGAo0
z@uRa7;AB0xmm*9++2!@V4eD9ViPZXgJtRr(;`gqvxAX3utp;hHCFW<Cr68A-MPn;}
z<Kdl#pNz2dbkoR4;d2rrRUD_jn><Q&8T14zd12t!=j&JN?IbZrGo1Pwt&eB4xeqhk
zCJp%)2^6GGayBBpQUIG-%oCHW$Y?R~TQwervIsA#QYy-3OA?z1xIE#7g0{1wo|)jH
zui)M}mDgmQOpQ94t(}wKij-f?>MfLISn?Ok+}Nx#GgZk^=B*2FE2zFX>^g2a#_19Z
zJ?!@sUE$dms@0RnZ~ZFk^7PR!z$tXB@5JDzz3N^pWRinWYLXK0lqy$K9n)yutY=5W
zr?l0QAK}@lNu;4+u{({9EXuT?W9v<hyIUm6M&EZkOr$@;(5zM^tL=lr;}~EX1GJ*s
z>?=PPy<j7S>#*X3=WQoyByqEF*(+H#_7?ZAAiY`B?$5xea>)VXnv;Ub_AIL~X2&MP
zTQd%|MSf<a)SCBC+~D|WjgGEkxH>;^v=xV`J?6pSM^;!}p0DFpi!3MCj@YwRov6p}
zC0g9wCBHCZwx54B|9ZA;=+6IM)8XUj%q^f9NiZvL8}O?zR3Os+I;uiOS^7+wu)`~L
zrWq8{JCe1C|E|uKdVBx6#|AaNTkK7Tgr!l9dGjTXEvX>Mct<-F&dvkySZ~H2j<{5h
ze3ZklE)!h>;umOp-{e0OgTSrqr!~}&sCvVcx0a}+OtzS%mNeCz@ZF)DFu!S5%XQE%
zo6s|ukRIr=3Z;>B+&2gYrYKH_0k`iAS0e{;DH()%Zb((-*p45c#MKPpXARb_m)w@1
z7D>h`b~;HsOKPtkemYBJIR8V>Za)5*L(e(i?5F#-U9>c0r?=;LAXgf1VT{J>$hMU;
z`6#&|Vg$`X1rh#e5+r+oGR!4j=Pr^XNhbe&0oj-HA&#G(yi2j{SyHue?~s5apuntQ
znen{sr4lfwRn_i(NoDB#U;#*<M^au<Bi(|5u^=4FoYr|{?r?EHMKQ)?HeVFATYI!)
zj$@5Y4FprGR(0V%EJ%s%Nm2vKh*U0&3eTt@<%rH1@j#6vsI`oFTv8pnAR0T(Zfy8S
zjKOuF4!(UYxomrx%3v3L3w{1cysmPYYn}ypRliBxjk+10aHfd5vvy!S2tcgaU#KR$
zSLo3oo=CY%U<osmTHWT#5ZO1|wR^H{vv~a?LDCFv3JOEo1R$(!;Ebs_qXkO8fN0Ma
zuB>*H@`jhj6WXItd0Y2wB3!twArRM~W#e-?>r_1fB;hACv&z{e>BAqjRO-mJ;FFMG
z!SzYA!j|Wpw3U^mMob7H6F{x|K0nwOQwG)6Mws;RDaga7!J+b7Z_v!TE^J8c!$Pjs
zH4>T)Oesj@&a8@vR&R0->6>h=<5Ck!l3a(YATl%ZzE#9mP8mFNt!dEWoiPfsBNyu8
zXoohX0aYk9*YUXeE_Ce%BIk8oL1vC&C^ConXzb;>d?unjC_2C*WIabq#M3$LnPz9D
zr6Ew=Yd8<W)uUG;q?K6Na*3$7z|=XSSqsUw=dw*?<5p-xQVUmgR>(<W@<BbM>Cc)%
zBkaDP;n7Hmu*fD;5W=g|XjVW8@(V9$-IT_Sxkx3lsd3Z)wjF`ggJlfl&ziJct7#03
zkj62Sw#wcR0*t8=`0P0UjJPl$wP?6_h3&}ghSbr{4VtpF73)t>B)^%ig1muto!~cS
zj13^<PSv0EO=FNt?r~>3XZWO`apAU8a2E}8v+EN-fvXq8r??Ar&4WCK$g&Z<hTGY5
z&M&Jm>b>Nj+~Aqk=;CJe>fn{KaFzYqz=@6b?B&h^r&oi0KIvU>nU$)Sou!{OUM-(2
zvNiBiHB!dY#>ank->bHzwS_yp>K&M^;tjv%k9C{NVR;!v%3%rBPf}xJRBHd~eC<+8
z(b106N<}e9jRQv{7E+gxNR~S~P|>&@n0zxPKQLA+++hZ#EeNGegj&oW0ta$)p?fd-
zm#4~-bkgI)3`4TxG{4ttKUw=0EH$0(Bfn5GEM`W^!-q~Ldsux^)Ko~!R!Y-}PtAr@
zI(q%NH#=+wYDm7=Io@fAN@i<a{|u&LAZf|8RMC~vDIb+dab^+CVVJHw({p$4l^_7r
zXTtE>=JIhXQT=Ya#*WzeLIZJSpxyJ$A0N&-a6!^<1G=3HM#qx0Hdi8~Kur(q>7k3L
zF`8WxbkFdj%5<ZH<Hq#1BvLjC`a5=I-Bs1}#+_*jiSl7}Sk=#PM|N9@L=dZ4oO5$y
zUcJc1#CgafL`}yZax70I;v@O;GJ}c(ZL7UML>yJWyaU2SkofEF3=EUQ*QY;Uj2tFp
zlh`1;LYd<!poo%|z_WJHNC<{eygoY|B;q`qeU_>7kyNPR<dyi&gE(Sp$UUaX2=XJ#
zxoG1DU2s5hBqcELUb}9QB3|4nIAwVX%vmr(B4@;kiLrVf#ZOV9Qt^EVIk+uL80^a1
zp~@y|GP#Cgz2*K!Bs*R%geyy+6v}eUjp^?%9p5RDY{FZB+_2w--y$vSBd1Wf9#a^~
zM7n>*R#ez5ijfgom;fj3b`W<uAAfnOVv+on5IeYs^L!ITerMVA^qPKa4|h@!`}1e5
z1{L(7Z>K}|={4&4!lm|Y%kZT8gH_)o`TnAWyFqaSY|B71Zf7GdPHJ?FvM2q0@UA+X
z>~deYXIr-0^_5DuU0<)4U*O7y23WE?8%ZCpV#sCbXXG<{u+#fo<fZ9ft{$o=c8qg}
z+PB`mZ$F!hl#Ay`A)J!aPPK2IRD~WRyJ>eHB^4Q1UIkR)MZBl`t9Wq4bV|_-r(7I%
zgBJRDwT1(Odd5%HiP;LmM@VgXn#8^p(S@{L?z-0d2)?ELiiUVusnzkXD>F39H*h?S
ztf3k7tA|{ApfMB=%M4s<Tm}*3?xlInXC&WObKJG);XTe%c{&QbB^GRsO&>#qk$G;y
zq<&mtV<2h-R+1MSwXNhk=!2!y?4LgX_~Jg+mg6R!>|F*Q5wS@cY$jB=u6LYxgnCha
zPvAD-W(gu?;lx#pl=3j$rsPT#?}NEt_?{Bbkir{JT)xu-J~}=N3@QeGR{Z73UHNB4
z&95o6oz+4g;XsGB2^2zsL&n8Xb-+aO4bK+>v%o{`8s?~m31LEV<$=Qzow~*gvg;WM
zVtcmir84ry)q=0g7mINO4harNCf*i`SffY-s??bo_*Z3@j&*?ay0z=OV<`cY4g5Cz
z-E<Jl+_YJ^q;v`b&XYUU>H3j<=N~&cr0^(<S{YQh_x{DQ`XhK;D9f`11FG`#-ya_A
zXx3dnc@S`G>>C)r`R^uGocmInBvI9!eYkU(YT6&}9IDS|HKznY27GvACmciok;E*q
zu7}VbI^Ie^5$TGlNI16S@_fkKgLh~m9+$&IO$TZ2#M8tXPclzw)THq$w(dxdO+r$W
z=CSG_s_H#Oo>^i!qEr3#p0?_7p&D8x8oym56Y5@P-a@I8Y8e&Uaufh{VS#1_j;!J*
z<_6lbJktG$TI|)_lAs(G4Gj<mwRMu^<)vA%*Cp0x6bZEvK;>tPf`^e=aPY;_ASXI?
z#*t64;3YOCHSET$`k?w}-5zC?2*$}yKNJ(J%Stv^C#HwQ?>p2Qo!_t|jZV?0L76I$
zQk17BE2)QQLce$i0nH(@3IEjG0NmP4b~npGihfrrUz=%5%ZD8?QM`#p!7S(w70|6=
z<E1ocpy;%ut;6MnSQYEe>FA4<xToY|l0Z^soERI0CsUdbnk-#t10vDUI5ROoglHdk
zHwiT$cdGhMQ^qRQZqrc(1Yg`=MOy<#LG`9HrG#CLuVOsB0sV@R!3GfrFZVUGvNk4p
z==U-z0!6YQ$zn6GkDDqtcyjW@LIY+CE3c`y4RaWM2yHLZ8S0`FWDiukIv<9k!`uDt
zVM6<8`l?Px>)7F<>(0Z8fLs^-P+N%)EN<IZMf@d>+6UQFFC6h};zBm$!2DbPuaeR>
zbBLccXtZQjtAOUwDT{>+OOHyGq?c0#_3|sIXy|6~eoe2cbJz*^hn@<`TO~$rr=XKu
zAQya5CcZ)*mSpQ9jP{Aoo2<Uz*Zb<_!`0o2%wT6*eKWiWdv>CV;<I{ZGLDd?HySl2
zUA&5@9b9$oWgNGPnEHI6cvt|W&tSe#2|F2<xG1tbBY=MY$h<c(C<H{FD*WwXETllR
z(l%)t&U7H&7?;g&Dz1~Zr=ybXS6LP}hr~G+ch#NT0kAz%zSnIk53Y<B;T2BsQ?0-5
zBm1Q&2e-M!t$u78Ja!dkk&>ezgbbc;zVsWG+jM@A75LA3bH|LILnt+z;2d+;gsJjv
zG!YSOlT9#b6(Z(lvzZ*n?G@VjoM;Jq>ijYe1j{W4?t>`WA*_%IqQ`DS*B!tt)b|2)
zk0~UW<dv}d+%NPR>`L~6!5rBWH`@*%vJf(3zX$}AO-jd}GRvlpOqRY6+)KoD*6N}h
zG3QOIj&+@Z$TO6Y4GNxE5BG<tnLO=lXlc@wV@dX;v&nF*yeiZ<hGedK#3aT5_@c5Y
z1m?b4fg2fPmh^IW&cMYaOuj%zOS_8AK0cc~o4o(JN$i3*+TgCx`w~xU6!e7>1A~W-
zZjZN{Z#P~EKZCySX>EA$hF{Qm1pcH{{<AUCBm=bGs^?qDj&u`A2M46lMWFgLwm29x
zb~|xC`$!E&*%d5=j}-}w&6jYV+!^H6@f)W(Ssk;C^spw~at$iu(gT~qH@8V(9a4Ll
z7%8-M>ZeQm6S$0Ut}ys7U)*#k9n5I58v3vi0Q&^nSIRQ4*6MJ&XUwCuk}d5zJ3GLw
zJ4gW#2jdx-s?N1lknU2&Qt<)VEoA*i7Lk#;wx7h>-3-56Iw00c`$hQQte`uMBwdvy
z$?ZgbF$fBYirBMlsF#KNktJZdA{K7fG?dp6o76u8=xY*7!M}JfogUJHiX1Hb1s{d7
zF$J-3W!#<n)L-Ad3l&UO|8%%Fd?0RzxA~mU<dray9>BprnovQl2TM(tPJISSq4+M8
z(~Aw1`r<SNJJ#=zCP!MtOPMN{_69XNAivV5v%7ZOHi)=wd`|TA7*-UG&4sO-h{59?
zw})Vat0u_%ZO*5;u+`&cv>GmRq2(7Z*s1qok?ZoU5jb{}LI19~1_RDHIMb)Wthg`&
zU7Hyw?U9fhb;gJGA`kwZ4$~k=v%$)-dTgq#%#<&FxzhWy4ox%ow7np#uj2V@EeR0N
zPgVP^@lis8T!WhT2xFUgyhq)tYxE8fjN+ZLqepM!U!7D>u<63XF&NaN!(~4gsl;GE
z0fV8NHT$XAvU|3Aj$=3SZOoHL4Bi?+8GJ_9Z4&@3i>KV0@s~u|^bC_v82Ro;pg<q8
zF|JH*THo65>6}h%LLqk(R_hp-Z62WMJ)z6tKEc1UfVE!He4!Wq#FJseu;HDO9SP5F
zd-VOZZxRI(e=LJM?2u%@I-}8OII=F32%qJeb%b=Rsi!QErutYxF2-L&I$oMx_ay17
zF_$nE|CCNrZM=jOF?D$7OxMZMRQKm~{O2ZHw~SzwTH7^F#IrXvN4afs1N%yUzAa=9
zb+Atvtm;rYmJ2(<#AxuX>7uc|-5doAaW;g@V!aU;;~g9^j&|ONM#*GuW?$u}TTl^x
z<(d{T=^}OJ$?HVKAPCph+(1r}$VN_55P+b)1X~QBy6qjM%*3%IQ9&id%(ZUV{=C`H
zVOyC*Q8u9JzdCY^VEG}eR{{-v$$?S!ND|7D^tn}xyEx6F&xs_eNKxW0815~dT66)P
zI1sEyc|?E8Jaq^|3fw!pV{4CZlJ`QpyoohSY;#CV`*foWDA&qi8J$C@-Pubvv;c8K
zg$zfW&;1%ECQ9<%k0{kf2*s10;$R7BiYVlKig!a*J0eO>`dIovKyX@@Wuh${5~Jc1
z%vs6a$a-7*XQuC*FF@c#%Sf?tN!Hm)Of~3m%SPAv4U;K)i>_%(Tb1Ea=iLzt^dsNW
zFf#SH&6^c-zk$U}sp32z<`^3z`BT4nN>aTxAUjNz2|r+04SMA&LAbA9*7MC8$5a?0
z({mGcluF#p29i6NBfC1)2&qAC2!uG5dWPi&iu?9zhHe&^=kh;29Pi=~N{J;uJ8Vb(
zutr*vt(;(`oSjOA6>mr2)f;=CpAJ78(mcGyI}EeUO6<&C*LPYss3v+_#rd?_`TVOm
zl@Wskc1KZ0GVt92?lp$~W;RjIsieg$qkd&bdSt2)38&NCv4F|H5r@bvOq?YU&S2=Z
zu?&N8dRg%8K_|u;JLLPFDd=7WIvmZ5@&l7PDVS>_#sE}R8|sl=?snJ=wEJtc!I*T9
z4dP86sS2&f_ejCxnp`iXOWXOjh-o5X3^P(XG}{50A!gpsZ8lkU3CZ*9Alq=zRiFDp
zj+7p`T*Oj*&Bn|IOMad660AJAD8`+{1uj}&ubl^xdn@r_Lb<45j_=BKoJp5t3(Sr!
z6_IEj9_yrshjFp*OYN<KSZwJvCwF#whr*evp(DhOFK6j<*Oj#;;w%8#H^kKMkap*y
zoyMChbMrcO#j%tauU{iy!^#yg#><z5zpusE<&j!-+}Td(tte3~i$TH7V!X|E#bn8o
z)3_<1;jvl^CC8G)sK0~SYuZv&Vf;6H#v(rAK50ohsXulCeUiz_?DBiKAK6K2i?f?M
zF)FsJe=+?uud9=xr39<Aw?4OM-_|i)IAA}LRxR+2N3&xZDTG=|N@jwdN=im9ieX|*
za$H)D4&)@PA*|Jo|3z4>x^5+t<^f<-rT421xQv8LK!As(k+X}lk&=apq8@rDx`Z}=
zH2A$Ye`3<kx1p`-WH>kmkg5P@k;+9TsE$F3PIgcfpuzR@^Jl92PeL0#mbbmK=Iq&)
z8`Hrmn)P~a6RS-y;YO2#!u<mBz*l&eX>8MzY*#I0tSGl4I=)3`+aJRnpe#Amjx3JK
zyVBG!O5dR`B*w<3OnEy_P21j{<9YWVZGMT<3!#0(AVViy16J#Ni80yv<x60sZWrxq
zKl#JJcH<%}9|(dq7yb7NDqkei?~Q6;FCB)8(1OD5g4|m~L&WJz@w@fs^nyMy7Dr+%
zD`yTQ*2=x$Qa3r#y6nM<`YIhHqw-&psK$AC$@?;xL#s|4D%pz7E=l+42UGz?@FUEM
zI5HW1-_}Et+Ai%aVF=q6#ZhmN#C>|TR+Ena9k1n4DI)Cb4(DC`kQ_Ko6mA(&aYFKc
zJg#~}`$j$|D+uv$1{4NE@tKTNE@8f<yqq;U-pS-W%eb;1QTX&5=j5*}ee_ESL<o6A
zaNgiB{$5201pilm-blJ-9X~x*4)HKLNb{vw>Im?T1O!_2g48rdu!wDlWAw8ua;EH!
zFQ0K(g81<$aIqaX@*+5lQBb+fS_V@>%CxNeJlSC2SuA1pJKJbj-h`|KE4j+2#}b%H
znpoF+K3UphYA4;k6V=i8n1W7rI#sm%;0xBRny5jzMXxYlDP)BZp@L%KF1*FKG29`&
zC02Cqb<xaH9#P%6pI4^ql%9Uq<F<2^`#D4KniHZ^^NiY#=J}#jnOz3GB-fRxEgv|O
z;ZDZu9Zxa$V~oUGF<=wFy4jwMUfF7LdD2Tl?2D=wFto}#cLSDNhIb5~?Qe~_X78Y3
z)p1cA&5$^q7!M)apiIjPjW7ij@p%?vGp!WD5XJ9!Zt`pg=aeG?0%A=`u*fPw$XesR
zXj3);3j=u3_JYw+JdfMYgPPlF$a^_Mr<bhIjmq_O#if-5$o&r$BN;6^*#veDEt{!-
zVC|-DEAg6HS4bNv5ZkXI!Hb@iFP0lrzcJxdP@qUYAM^3zUir5lO1L&e95Uz#V;LIK
z^-U<!Kfa2bH-aPl6uUd4*|qb@!tc<O0<8*)9&`@*-d-@Ryrc}Cl?*%Hm`&Pf2x22y
zRWm&8``G>vCz#!4cUK$x+JNx;bPJQM2otQxgD*6QCMdxcsIEs4`Vn?XlTXE5E$p!5
zmE-f$_)Hua!7%6smJf@VI;JPZ$<m#veG?Ck56hy(R+(fI9^Y4^gkA$p_(yBpVrdq7
zl|80dS(|>b$_yF`1=%fZ8$0ikl4p`gnAA|kOSTj+8{GzO^H&Xqs=Kf|ZsgRFs~G*8
zUpDc**Fs9X3Ra@TvXq}I(=$K^O64Rw6l1tLTwZT47FWwX-9c1Q)z#`?Ke!%ag6<VW
z6x-%6e*CVq1p0~H15_JHGhx~IOMU&A3^KqIrLo5QvJ;dZEIn}xgzTmyT9rIFZlXW~
zg4(l(60aDIzlO-6Xo?k5r;zmA)m9}k(@Z!DTO6RY%GeBwK7qxsGOt!DqJ-6qL?r$0
zxlU{bQ@b!`<Ma)AWs=)#`o_+Kch{$E+8XH$e;g++LQJ}u(k-Jh?$3wAFK7sDap+Pb
zRh>39eN|R5Mq7i|hW3SotFka}SM{sb`KN8##J(Ogo@v{ui1o<vf>h-BP!z)v5*~yD
zODKyV_lBK3M0fnXPl9Lb>#*_*0Tw}K7$wqrm}#J*dq+?8Jzx|>LmKZHM;is`)dKdk
z$VFrDGpP#qm?bw8uF{xIi@672(i1GQZK9y$-?)<@FL0?GsHxS1H8w3bkBl~VsKCO?
zwLgR4jr+6^n&eRJA_T3AuJ6Sz%#Rhe4EGVHEu2`$PTw!;W>kk`)CAn9@Ft6Sz1W4u
z&VyC(9{_aLs$Y@EUq~DrLFdf@jNAtOD6Z1(s%?hjg4n_7CU5aO+vsC!k_W~vWZy#_
z^rBHb`?Jh@^8EUn^ejE0wkI<!F|UqOXkEDc$&#|lOy30vW=k(EVh+ws>Yce*X9M(o
zUpLS@pxiRhqB?&+cMf{sA1KvTT(18<F&LfW5GI<g(j+~+x@%kf@?_hSl#`BFAuMr5
z6{5!BAMYhuV@4h7UnnLA_f0d-t*G_{LdWoPE*=bnoH>oV8hAQ#3vNf_w@3S1tEyS?
zKzUm|xb5?G#iMacpBbFDQ(E4Aky{F|+POF2HcNKRM*NQnA+}bopAqr%i`Rg}qF@3-
z*k|Cd5D>)BAVlFfh7Egut_|}}sFBV3rf3?f&a71LdY(0;Yho~yPbSWJOKwQU@kw9;
z;!-Al;og`WM@+_%L`tiyJRNVHjP^<xO6=K|5}WL%-_LUVXFK1Zen`wXGsvwaZVrq)
z$|Cel189Tec|KorT3@oZky)-^D*Q<K8r7f?F^@j?`s3|J`71&nj!pnVYXnXHeum;y
zsuMtqIxV6|lY<kfxltBa$D(_T<!e*M^U#F8a~0sB5BwE73ukWsEx6F7VGBNcoyzgq
zlJdy|oqy4vk%n^Svm}xdc$bc8p*pq(@1uR5kfYUtub<j+;W5n^d`*CZwFvgk&e^2e
z9noDd7>9!9(C6SIjL?E|gS>y)s60OV`&oO7D|uNX=Y9V3<f$BbyVVc!2pIV|5TMyT
zIEflIw+xf`>F8NTMA6L`wERjn@KVbGoCu8#!CSN|;LO3@!S)H6+8<H9i!3f6v<ih%
z%vk!_t&7@^xWp!(V7U=*d--)@6g?_bF_7=5Eg)pT$Pz#qhSQRe^C1i(x5Yh|tbvys
z`Dv;1(PT*`5WzDm+s7`^M8+UF-BSvCf+}*9RJRv>3}J^8odiSVy`qQ^JOvN2ah2t{
z@~0mK#<tP+4eA>QHqpo14CmLId!KI4`3P>;8mpeQp=)p`#g-ed!?*Fx>&RqR=+hBT
zwnCnD>Uy6VdqaOvOmUR=XuG{WrU6Bbc}f`v(vx})6(FJ(<@7-}cs(UsmiD4JC1Q+6
zut<iVKREf*Mb@_JcRup8lkE5L4$dQ=+#5zJZ_#v2Wf)Y{>wKboaI3#cyHnOEFawQ5
z($JD7mi0fU>qm$8Cy61mGzx~fXXv+06;!Te;v2N)FnICo4s8wTsng0xno7kWBcodD
z#lw)UyINk_{91C=?6OmZRbM{R4)3D3P%(BOk%B2E*|a>a2PhoaZ)w;yZGZDs+tv!m
z_b|Lz2*g-LLW7vscI9oddx{+~L6<ull4`>jku{k*J}M#xZkXb6dsMnWmyI|#xIuxh
zK_{t;1^$S+RKMHea3FS`(2(Efx)^*C`>KZv7QBOL9<cy#OkpdJ?CQE8ZJxXquVXWp
z_rAeFN>{nla5qdGYPZqh&f+OW5F)2o3hVBoO|E7l68(<31UVCe8a!BAR^rk`5@dn0
zgf-8f{jkt<vrNUuDs$p=usG*nZVf($*x;U*!+uH?`E6_p?erDRkH^M|<CD2)<}>X(
z%vA4b$$YS~+-SNOI5w~RtowBo-bw^?(M+0_09-T;G&*ChwI7loxyX!KBWS`!>s+Il
zhK(+*hulSrn#fn?PQ;`Kfjw4!F_VCvbOo;{MBcDeVu2#+UE>J7_hDlztwbS_X|m)6
z)e`G(wd#d<GC3ShjxQE^EcO#}-@ZO{uT}f#zBYM0TDaG{x%vX+eElajCu5F|t_H3q
zu_!kVK~M^v?Q}IL?hHf4*PCMJA=!<i=8jv8x0BP)^e;{X-8c31^q@`rb6+`fU$$+Z
z5V53iCA!8YP0KUc@Y0i6*9h5>A0_9c+3XP=GgLbE7w(aruN#erm5HA`8f-y5D+_yi
zSIoET@D!Rj3+mCn4&W=JQvH}Yf~yjv-vQ!0&ZJxRym$1_@AH`MZiU(j%mBg4`T}rS
zwq-Qr;`~vx28F_<<h^;U1P=H8hgn~*SOVA6y`Z~PMQ@H@hmK^kj~+a@0v?~G^78bo
zrhy2F#h{pxo?{Dv$4?CVd$x?PBgLK*C{YA<8&y>ow$%dk$sEm#-QtDa(#JlLyX546
zDP2_>)N4zDStC%GLWh-bcFR1E<Ih@<_KJlDb(~=S+L1O5K-|h!p=Zc1H-&O}HG4r>
zXrRSkSSg*U*mfwrvaSp6^2#cih4==x+ne5^&tdtv@g8$NU1B%R$Ih&FQrGEewVt-r
z+hV+Q)r;uy^fY&pf<|Ou`)sh`RG?XB@yaY<qJ9N&@oew$QWUpRqgs@*)RWe%q~j>%
zP>vIQ%h2gatuC;~ZN(5KbHqPOg_+sLLBKSaGccw$pt+&QF|kriP#AOaCzX@4k^xtx
zTr(T5=dJq%?--y_vog|yPneUnBKWAH;L#NiX-^JMsVoCqU9~|x{CequCP0*Q|8#`*
zQ_CfeUFXe>-P;46QH6Ch8>e=t+aiNK%8O8CHK3Wl1X~rf|4NTgW+|?`yH53>q2!9#
zn{;-&UyCuK;NY0JmHggq5>(ob|Lp9>@Ch&mlyd5VB(i&h)P=tP5F#@r-qjZqeg`&y
z$DzqPRf_lheZ~;hAzWdKOh+b@OjIZKnp9idNr~JxS<GCX2nIfX3zyyW^xc8tS0BjZ
zaS6y~fhk+<%=_Ihm9}nkZ62lU#qbgu4Y>#*oJBbc>vXRsaxAdOQLlyOK9pAgTANRj
zo!L7O$1|x!<3|*PH~z=QF|esleFvpbddhVk5_0lKkmQs>r7)Twg_jQn6|Tje9Pv7!
zl~&&%Tg{=0(jDQZ&Bf>7j~o<5j0K9OK;$ED-k?32gAT@)1`=?CRd~s6ppvkLy)y?L
zmPwmLRu8JtUpy^G-8hxL#l9w`8<xQ@LWvlTWO-1<35fh4a}j_Q<!0%Wcgt{Axv(PP
z_`Scx&||xWfoNS{>nyEl>Q;wR+|!;aSV4+7N-X+PON(?_{rv&2(y`y7db43>%+t<v
z;}mTTxj=+;2$;CA!Z1Xc^RonM4C?j`$`b(i<x2*ikPiT=BK^p;u`S@mkyLD?CLiT;
zl_(AvhuEH-g0p)c7vzw|CV!OT6MForM|3ZuOY{sJ=$j!1vX_#Nv>EbXI|Q37BKb`<
z?BnU99!iL}5P#Wls$E2u{`|Q#*Vq$nWUWd_xXQ?sS}+Oq80ynXdN9#7(P=eSPcpqV
zLc-372rE<zBKo~;F6gr-d?D|7l0%B_C3O}iFU=aA$yzdYB7>~okCL^-EK%NX8FcOu
z)F>qYZI!Nu^Mm(23i`{!lblBfamNs@HWDL;Z`vLYRXq+Ch1;V*Oqc;rITWF@SihpP
zHQzASKnkO2m41RmG8Hs51inrWY(4BbY9Y_Yw;Z7OrLBXW=mwVA;aG3FlKPxWPaTj+
z%T`MSWXoa54B$S6i^rP^o8jppGiT?L$Qsb=pP=!QpiMwlB3I@fOJLi~Df|@5#Xi}H
ztn3$qUx?PacM+shU4_FftW7Y|ch(hIN*x@T7+F|Yahj1@kIE-Iw!(!F8ZVI%QR0AG
zcq^HPMlDiiTZs-6V--{G12%0O>7dk4BA1b!i>MXOud%5xFDR|;%S97r9+oJHDnVUn
zv#dOmT|^*R$d9wh2airFiFMjc7kY>iteQB&J}JT~Q>3&QC+uHplDK1>OG1^BkVI}p
z=m&3>P3?Q>p{LKvOO-_)GhjNl;y}XXb&o9O(#PECSm=o4H&Hsk9&#|>i&B7a8;0+2
zXAgM;xwJG@zhu(O)~(Kbzn^)s$fP7VFac(CJ82r&d?zvstBZQE=S_dV5`BKYiiZ_`
zqC?Z&$8bWrYjpQ|xc6Loz5kJIcg`;0z4H3&(!lZE{$+RlU|j$5K6GB7j<bBH8^SGv
zZkP$)j}TUHI#bz+DGr!7lA>fOEKov9G|J6&n)BB~dZ#MTx8`luRL*g$M~|FXSuwdr
z<8VA>WaC=E5CeQ>cAv4>NVcW4>Q(@<qL)8EVBJOBq03vcuM+>=oXn>5Kh8~3%1ua&
z%g)hA87iQ_);5KeP>pvuUAOOK4E0grmP^6rMkpyOM+jLKY|?2tHk}vILN>>(dtR;5
z>=yBtK?0>8;SAPtxMk?ZGuh!V!3ICPpnc{g1;)*<Z;saEE?9@r+*ya34p*0w+VR~K
z&&&kFiew=@-re<Fo6hD!$2KzTU2LS5M=?`V=b9?1Q^-v9Qr_1oRmn(*d}C}mo~XL?
zmuppVF<4qg3)L{nQUHKoSja|lTRtxLk;!d|54V`9r@QRQ>+jOcvUpAlstSHxreQEY
zRcf0eCW^*rlbDU!@C0ySvL;;1J}$I9recWu|47Mq=7Hs5^p#|=zq6Vbn$(9Lhnj`r
zFr5xdmDLc^pJa`2ff8K*yhiAReHOu74=0G&T?%Zet9<KyG->vDQMa}7Wgi3~*&8xZ
zQw!ROeROQZp5K-(T2f~T1wXDS;|zYmiv_I)U+0SR@&*`*g-o5sYBFVTZzE?a!>W}v
z2)mxAxJqf@DHWev@fHVt<$QXAt}4;{LMy%lt7(OcbbTkMbh0XO2d0?wYtXq4ZJ~qv
zS{~=TCzyijb&wm{cZN?qDem85xcp1sMh~eCNVcpt{nQr>Z9Rqw3(9>%4VLcBwexqc
z9?)eGk_oC}qHlNO0$@R>C)R|};p?wG_jR82T!3LJY7tx7QKm9_`W2=WR@x%;l8?So
zx@n(nBA~8UT4auNJ8{6K*gPU6k8^F+VYp@3#4!DinnYjt29leG#I*K-;z|(lSZR^L
z^HTaz3=KThvW5eKT6m)SloXeLv0Mna#}qHqkP~2Xk0RrWNs96N3;T^nj^*zmn~~qd
z$EM)%qzJn6jYg2<`zKy)+k|ig?}mT-(xRZD(Z1g0*2EW?s77h<1uVC*+;Co$AJy&1
z>W-303BW0_aZ8p@_*1rX*S9~Zet!*JpJ~Hei5GIAtILlPV=@AVw<6irinqgyNO2E;
ze3)`KwT}Ife}|z<-<Lu8j_;Y6VRx~KePbfgf^}lCj;5}|(Qz&4t-3kgOU=qvU`4~5
zHW%zay?f*D56-6gp(T={n;9iT0zoEXQMP^5DL+tBP#BROlU1!#QlOR`ryG)_m5gGb
z9GR4orB|E*9!5ts`34N`5B>Xa;df!GQt(oDs#5pi)Y1XLt7EMyEqWm13=FwK<bMuL
zMkdDT-zNtRrhGc|&g2v6b{n9ypE!AyO)g5C<e7rXn3w}fxTcyz)bC%sKowmZ)v390
z5jGk}+(hP6urUSaRA?DBs&A#t>1VIwFQHZsFRXN)+}KoP4TXf{%4{WlEC3<4rU0KT
zTOmbDfRC+^kAr1|o{%1QUwvzgsa>1f_;S0pqptg0l!&}X0L9Lfw1l^oA(jSKY)^3o
zr2tiTfkt&fUeI?htL1p`JgfNB0x+~{F<Iqko-bw4KuX$<Z*5j?8J()bwyTW4H}8<c
z2apSzOV{EpM%&~#;N}$H$4W;xaK?uz<O$AbfBoetp17x`8Br7(fG9JL!{4RJnw7cc
zt;x^pqbqdG+;}vWMzCi%4V=RD6O|rcDJX#A6J)199yVCvUBVbjSR-)m^Z^0xmYx>m
zVc!=wrW18Y=?GZ7&<r!q3tO^tXd4|2;!K{g^^W$0-a<!zZ7iZ2hGgbsIlzE*KiWiJ
zm09h%!qpvY@(8m((<bGQDNLIbjE77GKem`G<b00SFL7!sGTTnh`c*gx98Kl(^KXPD
z*6<I}4rB>l&`71i%F9N`!-iRs&M6=q1wWB#C+X_Vjdh-k*GS_h+{*|u1)xy@t0?_>
z30mbbuFwh7nj%eRjW&!u72bV_EL%9mo1XJ|UKa8BQG(C{wD(^c<3Z$-NB76=Fj<%-
z*O{CXh6{qJBR3%ySGY3qwpUkI(NCQewE_uY1D@{<YJJa@bPZZ!aimM#2Xd7jXLd!m
zT}z!b{J}8-o}HnMB6vHv19NiMS<(Tyt}4Qqh>vmj2^CLIlr2FAP#)WlI}9^fA<lW;
zCmK(1REt9P3+J6zgc`y5BSps1v;)kffU~HwvhLzGQSbd)6pLWl8{A!fExjlH^B?<d
zPw#lw5NpSNhjdCW4e48r{Fd~sFDg|o;8oSt?~T7$zdqkFrrniuEvHsCatao-G~S$R
ztCk-uK^a}fO2O2su!`-Y(+%N9jB5>-$k*4aM}PS;=9#Q-E2}-fnxG=snD33<WhVF_
z;q1n%O^g5Y^B_X(HJz{+d?*MwCvm|7lQ|t?pw*+V`!OB#4z;DwTR!p5E3PL|hLc-f
zUd~oa0ykvm=(J#>;q4w%#IQ$PD!E<iEc;Csoa;F6Nix?x*MqO305AhSoZmil5UpFr
z>OgzEYd{m=_nUP*%7jgPN`>7G^&~B!W2x0BrN*UXAskp`A|u&Dv}>8Muw=8wEK{TO
zTeG5kLUQqvK`@t4m!8Pg$c0doQB6SRzwOZo!ck64%F+!FjY&g}78w`ql_paflYT3t
zCMBmRM#lh6l4~+6hX5jU<fJ%-2&VhZz)Ol*K%1IdnTKMTu!E1HVqvtfk_A+3YPwc@
zTxxQaLROl3o`PN?g0bbtAh(8XHa3BnNua1tLoSw`6cgyPuVc~X0=ktXy{-FwjC+*l
z!;wJ!JiVbRV~EhXY7g#%FATy9Dq{Z>uaUBLfNnNO4I;nswXxGx*-2fEpH++gCEF~*
zUd#S?I^Nh8HjU|eMM$(9#N)g87^6MW$SugLIw@-z+TS1GuA-%v9FJm<q@xd)m!p-N
z|9xtnQ_}oy-jQS6lc30a;y`=cmaeIJ;?JYpQW4jV0Hv=HSRLJ%ay#9GiZ>5pfmywI
zli~=j^liY3N#8UTm9!GI#<l?7$QR2AU&o?{#N|^rvF*84c}_olmK3v;10F*B+bLQ|
z#rPnppa{bsFI-&J*3cB*#}RO&tmJq}<rf5`1|AZ72?7b<KajKK?zJc2s()1F=rDQ4
ztj}*9!I+wL@CgX|;Ok2#lv{@CNbT><`(oRC@(w>Uasy@u3XgD($dwGAjpz$3#$<z@
zZ=3Q*vEcQ;w@U&$qiOx{OHt%D@^UI;-NPMdr<QK3(qh_VcXEN|p5A)!MjEer?s-Lk
zomSZkWaU>k6#X2}u5C&EbD*C;(IkZI4jf16Dd49M=Y3~kCqf`=DnY|A`(6?F|L7e+
zB4GiMbNw0dk&k=-eDTxc@Am|E=8=YAjV>1JUbz$LcP_Jan4w!)y*3CO13?Xtey{%>
z*hT;IL=XoCRCq+Kp%CL#W@m&}dAM=BVY|qCR?0TSCf_Q>?Rq_8PTWdj7zZ+}!9fW$
zLxlBD#jlbk<nA00w)WX{i`QdqqUp1Ykpt#QM@1;WJu$%K`T~LoY|n(WjbuPHnxPoH
zZ=v_W{Y7fT0N1k@mJ-p`d1Y#8`!^s@WA^x5u>X;yD4>K25~E|1bf!}}c~169TW!uf
z%LBWnIFeOsu4gHjK-Mfc&K*d9yy{E(!)^I}ybBb+jCi=SSyV^kvS~wPrK8cGH9TRs
z?&U)EYXoDl`=-|oram3x5hgLK?EsnG*MxnCsg>JQ$F?B(Kqt72*$C1;7)?*!&Th?@
zg2zLzFBpbw0n{!+w1G;FPK`4L-|Poklj1c8ukt~wtAvsGrm$w9TQPqk+s<Gn3FnO)
z_+T7pZZ2k-ZM4#@5@C$)kV~ZK7L4Inv|r1!xM-XSz;Dc^dG=MJrKk<Xdy@^b`fCLj
z|NJ%C>6hE6CZXpIN)&FeQoh1epqNu?QERRWaroc?b@^uW_J8mF|Mq`=|H0DH&h~#-
zAOGv`KQOW|GPC~6_aB&lfB%7%<=@|b_&-9P#KtC$MgR+YCks1UVs2Y!Yin9!7Yj!V
zLknvQCwF~o6BiR}Vs1uSVgrDYxrK{~F)_EPfwiLvEwPb>zJ>8$RUFL?04B!z0B2iU
z6M&<>iLHU5_3yGy0OyaQhRzn&#`;EfE+zm2GZTG)iJ6JpUp4=cXJBn@=c;dJ;iPYB
z;$&q0pDQ|9*qGQkI}vlUurq#eVsBz=Y+-ArZ){?1;$-qqe(aqMtu2i7|ES{lR|D1t
zj!qx_+1oi<IN1T*^^MF;jI8uc4J`iP?jIZ&+1WZ7SbXsPn=uPVr;lR)g?~F+Yxh4{
zv@rpENMK>AZ*O65V*OD|-_hB~$i(D#mwz&1Zt$T1HzyN-t%0?^g`=ahiM|uSz{tu3
z@K=uj69;FL55^2WYC8Ulw*IaGR|_kPe{yQ^p+s9#3p0It11IypQvZ&-k4t@H3r8bo
zN5>DtI_iH|=R-P2JL`Y7pgq9C*6Ft<|55EPu0Eu)`mY)=aCWlOH!`p_GO^bGOaFgq
z;6rlazlzfm|HCT!CIEolzsUPX&-x!mG&XShz=^Sisp-G+_fMAo1&#XVPBtIVBPRZB
zMMD$ok3!nIw8S<argL<%`=i_6*MBJZ&;K25E$r=0oc_E5d~jmm_*dSaGu?-*HijP%
z{YdmA{*7N|rVr`<VTV7#&ia8dM>}VLk;xwbXZq)rle_%~+=vza(b5NB&W<0T`Lm3z
zos)&Bg^|G@tpC{(%ZJGTCVxn5@Bv?9=8uVwj**Lwkwb-vgPWC!o0XNGory{7cT@Jp
z|D$q$wP)!5SH~8%E*8HPZu0@^zZCvwnv<QCiS2($`z@>eUp@UNIR2+J6E}N{53~JC
z%5Pzbx&NWGk8c0$kJ!N2#==(6#Ld9Q-r9uT$j;_Zz1SMq{8kpg&d!P0+xxfS{uN|@
z8Rb79^!w5YU}0wV599nxroQ9Hs5N%B{->2q04^3re_ff|*;)OEiJd+S^IJQB52%`(
z{J+wj49xxu985pd=?pOW7s39@`SbEWv#tN1p~B4g7Xbez<M+t@o8-Sh`Zrnsn7jTa
z<G)1_8x!;Y2t|LE`<EH<zjo&B{eSzO^l$n<M{1%<%98SO|6BX`Z~VXCxgY)?Gb;x(
z8#6oWM>-P|6D!BR{lEVc#7NIf&jS5_n~Q(bzv<ufZ~8a=oBmDzrhn7_Df)i^r?rVO
H0C)fZKlHJU

diff --git a/vendor/project_templates/spring.tar.gz b/vendor/project_templates/spring.tar.gz
index e98d3ce7b8f93a5d3c835cd21c66159845ed5309..31c90d0820fbf95aaf84cfa1de8be7eec383a10c 100644
GIT binary patch
literal 49430
zcmV(yK<B?7iwFR?8|+#D1Jt)utT;>*?RRY3KL2Cewr$(CZQHhO+qP}n_iJz3q<v`n
zav%E3o~%h`CRxc!_Ri4K**n@<nix6L8oJmTTbls<FM$3(Secpscm0q5t1>XLGO{rP
zFfcK)G0`)yFfp(J&@(WyurUA-(EqP6^MA+1$=Se>fB?YJ&d&M&>E8d_`TtKLCU9jW
zFtczb_@D7Zv6>ij&>NZ3voNzT7;+e}(;IWJGP1H7v#~HR8nc<Q8?Z66u``;m5;&Te
zI?<V%7#KUz*%&xEn>hY|e=05_APfa1FCZlKp8=r%7FHsZdv?lH1Kc110>FGuUHc9w
z9C;?j(o9K~p8eubqW{|d$KMOO_t(+@%*Wxx#!6RmyEL!9Aa(BH<an-*GX_KyO=xfD
zgumBHNUl9D5hvTkGV8}VtoASl!jeZ|(hq}%XI<sD7(<-T@*8yW*RJ>mj#DiCX&sz<
zHWM>FJrje%ywn`^g!J4Louo;-rx&8u;0|^TrI#$$tdG*;u*=j55i&4={QMNnl+nId
z>%?8@qSi=D<zYpp_a@TA8hj~+APl6Vi}Qoa%9M=3di$-FuG}CcenA;jm7*a^UBj4W
z4HzXO8;c4+rot@355+xy$JMdY??9;)ulHNM7HR1kJPQa(T^bB?ki)CXUSoF;?{q0v
zU?d*fqF|BHslW=#@!6%y@hScJ<V&;NyTWBx-?)sP{cXnyRZI5}fh-NJq^UXj_V=l|
znEd=}2Pa%Y=28#ZR2>x%z-X1`QV)WAHj8W*+#o&7_7AGaPCORfHvj|}hPu9(t)Zkm
z7SR~W!&@;t+Se@a4lbp{SY$op55fa+G7|JFv%NK%X)XzXi;h~_RS6|F3~7%Gj)wR~
zKtq6|Y%x5&TjOWqopfS%t~IK(sS19VwtOOxtF!}2CR+^Y*Z#&IMvBmV*=0MQ^%==s
zy1vafSzHtRk+f6})0HtZ1w*S8PHK1oictUSP0-N8o7k*b4jeRngAFGkdgM3w?~Dph
zA<%yjF#rICJQfZI1}+nUEqqxik$`HMD59n2@D%A-GkmSz?f{J0!Il+({hw)$%TP<r
zEYZ+OQj?3*EKW&M8>TxA+MT3k5e@`4a9iT_XrN~JZjZq<P|%W3f-90{RE)rAMY(}%
z&s-%e%jbB1UWJZ|1twKz0#@#jR(0l~yJu&20VmT=H4<!h*=)7`SG}z^xBr`Vxox#}
zY`Na8W<Q<IPJiuH|5dw{txl?7s-P-hDkKC%N{e73$SV_wi;EKw5D?}6dGr6Q91kmp
zoEIODVDkH;m=OH>f<e6NwW0p`Au9Ya6=uhGC%30ZQubuKOJ*ZH0}vOkOZB56h8ByM
z9lE%nI_DP<!zzpp;BYM$p6)nNVQqd4zuvsj{I(I&aS>OLv9lgk)r&+HeJTkd^ujlh
zHd{!G#NQWTk`Kj1AfDsT@r6%QFfUzIq?sdqyvB}1gVQG54r%5FJs-VE2lWzpWpf+8
zSbgL%s(A)$;tqyJ9?cXy$hZS4dY$X?{0n)z<QaKf^W=8fI!Oze<(X@#f}6|tW7<rH
zOVWNt$7bgHjZg^wn=Ys6pIN@$OGIA%i?Owky925RW7qiA3MT)JnD^^<zLf<42UjZd
zi=y80%c~CRq3H=q`q9%tmr^pr!sNWnsMz?|%8?41N^B7d3D&8#5qeRff>lA`u^B;Z
zp?T?`fvNF{KR<R{K{{qufnj`JK5`z*_iJPyiS^mO?bnleg%1w?sn+Di_}7LJ_<;`B
z52$Z#@M%{-^y8=Sx5xYXC$iu7q~iOHE=c_+EWW<GJF;;?#}B7(QFaJq@5ta%$kqzT
z&Q(?(*Hs{%{~8=zh;Hg1h>w|w@go^*@8bWBn6it{FCJ}#Ly`<9rDm{{IG^E|v)(U=
zcvtbaMIuy#%KwNLy~vL3HXOfhvtme`a!I}Ct$9&$+PS6TrqdFC_V*M0DRoJ_hhSE}
zn>;WmWsO!O<U?B16Ik~v!D;LiWR1kZ+Q+v}n<LT=TMc`IdX@32U8>|`fOS1NMSB1u
zeawpOZ-cTES3p1V&8Z0-O^@L!0t++Y%@HJ#tCn-wy`tqnlp~Y8ZhvP|u?sf#f^$<g
z90@J^Hjhp|0}|O~I~kG7W<fkDV8~QX)gg_pSvW>ABjpNVl+X8sFd^Pm9t@#wWkvr+
z8V37QeCzzq5kJO2O0Am~fptf<7JA}huBA&1gcb_9Cy@){)N*LJsxwW@*9b6#(*SGr
zq92IKs+Xb%=FX}-f*Oez)T!<;(LLsOq3cMe0C+EoDfG9HtCt_k17llc)wm34gKIiT
zcAaN+aaVXK20cj98@7;Bc?u&v#W_kHY~|Nl(xwDQcverBrFxN_DujhNDQh|kBHlQf
zN+^>rC0flidB+BBXinF`qQU-lj2~_SyvlgV8vk`2iR%nU>7pDzqdbx?H&_K8wk1>G
zWzj;YBeqo-A%Kiu5+9R+3Uo2ILf%|{D_wJ&(<<=qVxduHRACq!8lhwth`4A|gqS>G
zvFIO;yH`tN6B1MYn@q}-#jeb0MNWmGMfuCuN_>P=ZnP;@@yh3vcCz(kEs!AYL4E(F
zrp)EHV#NgJ*i{fxhO~=vN{ryE$&jzlL-}kWTz;>{c+?$zUU+eml!gN=txWuKBu9%<
z1cxx{@=CkC6B^u2s_p4i;|kIwvmGZY_NZuUq;fEa;IfMQ{svuw!)w$GGS_7;6z6&c
zj+ubX`*WnFafK8D)}cqBLrCQLGC2jH4RA1+3wE7~taYa8Uw92Zbz^*kS%}*v!!UNM
zt3sO;GIlMES!2lPQ}#_b**pKaME$unq`W~j!()Yx9hs2%dq}O+WnZ;A5c^s8;iYoJ
z&R*~KYPLXh6hpSG+1bSTLh>?JAR*R>0V&B!1`|)Tr4pqx7ZkiT)whtTb}}X&f}7;#
zoECeV_}6Qk?+Xs<WKqxKQ`Ih%#-BM~1rNbPLJISWQndt5O^Vvn@;O;YotfdH5wrql
zZ#rtgv{7vAl7{L(#-)F%bjBgWVu(X?k$eKJyMea#qvT9*JWGL?nuczQL4utK?Y_nI
zG;>v+pseD~T%}W-^_t0H=MGs}4?st_nl{?!I`Gr?6FdP=D7#~ojhr4rPGa4j)+B#7
zp<0Qo;193)C~ZgIVVN!k+s=?U+PD)^tYc`72}dYhRfOehlW$_sa-f)r3}Q2(;dT7e
zP0XcQ^;slk9R;A9Tpqi*2a{}a1*^5d+t-OfQJC9g*w#A&VT)|8w%hntve{&iKa)T3
z(1NDED+7DhBd<s;KtEq;kz&Nlrrng);h4rJ+?rrw&sS><`yzse`(RW!iD5XeK(^XP
zA4tm84^9DPpl!Ob2OV6WXLQ1cE?<(mhkh7BF<Zd$qmdBf-L%Fv)&^T5SE}XQ!ZJ4x
zITt*H`s4|75M&rra^jH{=J4-QukvQ{$xQJ{6qn-`Ei1QZ%TL`!v07uG;m>B@Q8!0y
znGzoK*w0uI9`!ukthV;M1E(~PGcrIqSPnc>f_mS<uySgo?`mj%etjn|C%1s>cO~M!
z>V2E}nBJ`K8v@Y<43lVN60<i$RDMN~SDp+O0686=8l?qjEzUcu<HI*k`q@2SfA3qu
zbk#o55J7-|n1X*v5vm_#$TXIgVD>Ezh%IhyO%34b>6{6b?wnoeo0PwHZy#!NLrUW-
zBZJGcBa0aOhJSR(x=Gb$an!+BozRQaORc5Vns;lD+!bY&yF=S~vEea+i#SE8>Xik7
zkm;sq4A8{CsjY1kkqGZ1`k6mME0UJPleG&Q*X&zPsUsWLC&jb60O4(Vpg@-Woq}Iu
zB1P_KAh}!d>)E0&r*@YuMnE#5Av2<2hY!*^TT<*r7P+(**R1Yx*md0Z$=Y0Jfdcm;
zCbSa8UV$zo81pN>ltBGWWF_}z`rk+3Yzdl?+bj;k;MJH#(WWlq`g<8v-eGIx+!5dF
zjS}(cRu%N{y@D0ca?B`lQPCK{l9jQyGQ?*s(~hq;;f#k+dV5V>1BUY;-jpOW5#|v_
zl0Vy$WwRZw@6btLJ~j(@1%nvfp~2Qp1c}J(Vm;QLS)dbn`2G`=9fVTN;x8_Mxygu}
zXZv<1bNGv4_k8PfL`pE@?oHu5Q1TaQmv69q8hfXUpA%XJT#9KMD)W+y5h&b!!Kowj
zPF9>K<R)W2C|auUR@-9(xpe1*IRZPVxhg@Q`gPW1kEaza5Fv3&2ret)*);Auwo9m8
z9EbpFyu&N&9mQ!9g}}Z9rfC<Fp)082rU^xfztS87sOJT)!N5DI)FS+&F6kP;{pUpr
z%%)U+`EJOqW`0v#^Bqm?eL<aXxYzVLUw#zhQ*i|mTow!Ghq9Z7W(KSerE?^PuSCH*
z2_)FN#kSB`z6^R>e>Gw9!4IVfej`wD`G3V>(SNCUzjf>bi`ZtEGj_}=E#}(IgeK%@
z>#XtQg<XvRFo9Ga<gDOGZagKt<KsX|qw8GpFZPt34zwgH>Oxqh#TzC1v9%zf()SRk
zV}*C)PDXCMx5%TeX=D#?I))k|nqYGhwQiSEZxgd#*?oUBi*o~O)#lFRy{f6*pwVSP
z{lSw;Fzi@s4<0Zu>`-d~&m)veS^9epmojw@;7R(6r`al@Pm!Ws7mSWg8aND~4hsP{
zt*f9qo<y(F)Uz<z7fBoG*VB-`h6RulEWX4!n~XU*razk3SORUm`db31Mn{EkXKfWO
zCF1XB6)c2yOQnu?idsu$;zUHhy3QH6W*Sy~_W^m>Gha8niU;l1&QW(O14KtltJjP<
zCdLDYX%V0y<~r3g{;m6{N$BXx#<r~3kQ?U4)@*}{WNG#Cx$zk|4KvcINtNoQO)brw
z+njXi^Ly4I0Ov!BN=cO{H3D)g+?{TfEDd<OSh<U8T;d5i{Y)21*}Ze1>Xk}|y6M}j
zv!0SVA+hs?z~0-&VnRJ1Ua&hGj?lCEiu|<Tb?wfJa9Ak9*zy@}NyYBk_lDR5|MIM`
zviUE1cjm)29$qP+&Z4F<Hr%w^eh9o&Kpn;jnD{gX_OBtF-jLYvwx<S&8ZR$tSbI*1
z*j-f{>(EUi*r^|xFf22az}$1G;j=U-vjfm{<7lZkF@kARK`u&e^_kQV9i$PT(g}6C
ze)SOwcqYOx4wGzk!#&11khjT~mRXQCk?`0>npQI=qSo5(wd~6mYoG5Thnrse!Jt~N
z0ryCQERc-m<d2w?%0+!FYvnPYLd(KIz#0e0HYf{{SR6oUHX@v7F22Dw29n-MhR>!V
zY2XL-{O~yD@F*On)6j9WZ%lCt(S_4oDtn|Gp_!!-z(0avK3nFMxs7orA)wzm<Gts(
z%LdoP)~>3vg84nwWN#yja_EF1RG(s$c#vHdb}9-x9Upbw_S-AV4)U#y>kZ1VI9J(1
zYnpZS&x}Onn#Bt`kz6v9fCsQdXmWRJ%FQCp;i(`1tL&a41-ZQ+UbMpoDJ(TxM`5L?
zUJmH%H^huGmkM!j^{vD&(&vNrj@BGxlTK7`4j4x=JWF?UH0Y1j&(8YwwO~g0=3#tG
zGTzxsskNKyKlNu;_rxHhCePOyLHtyDOhvQAq$}X(_6|=|N5+S9Nw3*CG93O9s=R=$
z$Mt3YIFgX~Z{a%F#W`hu2D+p=q2IZYA%pzv2W^em<Gd}gq-Z=XVhLjajg`r@=!h6!
zCiGZSg#<Xw7W#YbMuLc}rj`UO3pInSI^^_EG|%$RJIfG$C1N>Ec}zm7GiY&HDOYiP
zLby6XObzuPu`VKL*$9i~dx&f)FAVQMuUHNPUo}<F0sM|CyNEaRif4~^mrPmj{34Pn
zV3H%?e;N?}sSM~1Fu{PG`e|Q2NWsk=ga8%j98dM{)PDnbkzL$=&K-#BD4j<c!7V>`
zc4L5I{b~|0Pr;YSHHDu145+~?tAenxNN%{1$AWr&q;hs-+8|`H@~z#&a*4!Uw|UIu
zXxcUu?t-vk+gjc06BbGH%gPEKxsbh2so%8G-ShU~I?sRuN!ZJI2LRVv=t+5Jy8-Xm
zz#{hGg593qyY9mtO^j|wd$a<!Re=xmOVe(wMfC;;57u6t{9eYo*!d6Me8zof@TQ?=
z{L@<<*)WJ#TTFb5nh0f2R7>>v@QMHgi0(6sG~t>ZB52>bmoei{<8iQhcF}jbhl49U
z1s)Be>BW4V8Vv4;^KY%&)z3c9xKp&-B{aluzXN@@6qbyo!@i?wy}zu|^Dqa3){Coy
zIW_&nF#w9A4><`iawG<UNT%YN>>y_!{DPUoJsvl!@2<iAF+=jok|b`hh>-HqIzQaN
zc=8Fapx(SVLwStGlmv3EHCAuOMaB)e-_feKl?OX+G?>^|Sr7GeWMa&<#C>oaaH00Y
z6(rr|;4zz|kjZ(FSi2F(Y#9RsQ;kpQt3P4Yo#B-U4zeHl6&d$J%=sCch#B>sl)Ptw
z(Q@NFwzVfZzN~p{+g>Nray!KFyIVrk%ALIK;nEbzsI$J#ap8m>QIA<v<!jpFwK$yT
zJ>pKQhv#K@A~<{Iw84u6w@wrz8b-F?CXr^m%O6KhyCzh3?UQb$%lyEdT+XGk0{~C)
zTlT?D@!RIv5Y9Z4JJ$&1+we@i93|CcpfI)m_Huh8x@1v!2ODz8l)%wM^rL3v%u8O}
z`7Tn^bL&6y{2?aPU=Mmc4Jy?=dX+020o?Dc)9;d8O9LfFyU@ZDxU|#_Q`8EE_d#P6
z_m+bHwppu#IVy{C1B1t8*sExwP1fUfn=kr>`Gl+k8Debk*(%{Zpc-VxsuiOL<>D3I
zh$o|mEG!0lAeZg=i0d=3M*e;uL*m`<#6Qlmf6*S&c9yB1(8LCM*QbGq#XW-61H%VQ
zvW`1@A#}@D^~G`}kz(}4s*wrA!GFvmO56jMJirdhr#{T{BMqRH9+YZ&<a85O{W0)u
z2l*O35P$-A=L7}=)x+@PdJ0gDv+{x<$j86`JD#riUC8)Dr=vyNg5RSH$N1EV&&Id|
z1PKtB<6RQUCXm4TwiQ{>Zm=nJZHS%vVuH~iQ;*CZ`J2l9{+e%sCgJ(3l*d>a#7y8Q
z;WJRbY}Z85PuvJEE>xrC#KZ?iW<@uWq!aC?R{og=2~hDr4kNkVyM4l&Sj->0M?~Mq
zrUiV_4PMJD0Vmoc(O5wd(Y=5CIh5XFj0-s2r*QogK%!ZqkSnhY?xme<RX$QZa<*uC
z^{$|E27GP92*lNkzxp$LyvO(RlmAV^D8A0t0bphQlY-*Nl*g;As?~F-hGu7Y*Z9YW
zWmF$65Mtn87Hv!~aY%?g5iTy?LJ&kys!*@N$l=HngrEh#CW>`We#^*(x>a60h`d$|
z#40{$Gil8hsRLg-=QuER&3HrEIZ5qs`@~*3pFoHD=-Rq%$0^&`qtw^5=f-=x=o)aj
z@&Wh}_@dO{t{PuRAP{sJl<0L}o|?{}A0o+2<#dk74G3qIpxzcg)<vE@juwwFY_M+Y
zzEiYLn@{1)!kw{;P1lZ=iq0jY)5_V@QRB&hkdr}|Rz5*PR;I&|nJjyv7=5b4(oORC
z8ocqcll)bAxEWo33*P_g^v*D#78n^h<*PZh30-*Eh<ixD1UK95%FsR%6L6NqhK_6^
zMg_hEnrL)2T;^BacpLOmF1zgMZ?@x3y^AuGp^%+&PEqxe=HeeBm=95`lQkAd+z!N3
z2Q`?+MBhOjnkO&@QZ|Fw5AF%XOzMW7bU(u(qHzA%xzMtBYwh{9w188&z_yG-i_#7Q
zGrQ#3kpEB|=6^C~s9{yShat^QODJ?Mt=6M`N;KEf=8Hvs%DdhL8<t_Yc@qHb<4Kl@
zD!8N`99fK(69*xbZ!dSIHlatrVjOmAyEUnRZVjVA$3b7PIW!g!hcjO@hA!MKFLfg9
zo?v2(m?J`73j5fEwF*)XT4;eIRk?9|z2n(-Q@o9-?dIqs_i*dAQNIe!LEZZYhEcGN
z8ml?|jFS9kkS;SE`Nf3J3+r1sa@fZtY_?+Stl+C1+-+l`ypm3OSc)DWdz#Mu6y<Y#
zis;6M%19Da*kr1nJPM1ndJDv=$xs}b@kvgO5HQ9-m7fAdE|E2oU}oe^$8F!98s1g9
zl!l#X<5`GEMYhyIwd0v#qH;7b#X!9`n1Z^%(c$9+@%P|5Yl-bxzg?#iSK>@K{qm+H
z+7&q%a&@9;P-=k7f^6Uwpmvhc5xKkp>oi20wTIIzTdk>|c9flOP;xRZK%JF<Nc7sG
zr5~m{c!$ft<W6(r58?<0{V$codKnnDx4!HVNGkHylF|%n*PJBYX9E?KS?O?4@m0{a
zdEMCXeA(P?&MGsna%fN#8~O}2_j@W-8NRr&{U^CqDg9rd8mvBjiRPuuuQzdHd(?rm
zMgfYm@L`FUFFAylfEfAMI$1Io5C_y5g$}U2+KB4%kU`rEph3JcC01j1$TRhz8x`aU
zbqTFQMqTtf$=<`LI0S3O2;r1ndlodjm><8BhFt<>M^0K8$!$8&PiXs`394h3SQih`
z1<e^vG68{bx+yDG`X?h@y}W4+Nd?sgWFgyIP)r5RWPu~cZT`A+NjW+-|B7!=0mSxx
zmIKi)N)_Wcag+yQ9MoLeULQ_)4u0p>^G;u4!7(gD{V<`_7}p)0!mR7`4<+yldq%~X
zfFsI31-qB~_MuC7|2TmMv+R~%Nrf({kI6RNU*XMep>_U3{%CJd3G;Rs1cf(?3$I3T
zQ+YM-!2mSq=dODC?4U?5EuK)D#a%vIBK(dcN}af|p@2-QlXRJGumyi(s;sL0H+=j|
zZ&FhU90k3`X{^--OICeH5H|2APHCNI&B4@@<=yj2-K64Sy`BBk1fPm;i+)$|8oftX
zb^Yv0r_P0(Soe*ToxXjvj_|EZzvl|n6uNlZdMGHjCI9hnhdNip01`)Px-&|6&CJ7g
zS|=!<VAC?0(Jdyxke;hN!P7i2^OL-Zj6Q||)yP2KDcO2)oj__Ah|GX%Zj;Be)m&tR
zMW%i0h`|WPqtj2@(J9KLUDQyrEm{PL_Y9QWeI}l-CKxN^+ab7a$+~;>q|^rHj6SYl
z4Qgrs2ioft5=BS{iMiWyFfN~*Wiv<exI|8lXMb8FYufK1&=I~?J2}W=zd8+eDX1o=
zT#;n_FPpR<TbIIQl$X(Vub%OQ0AE5}K@vjd01!yyHRT`iC6jl>a4<cApm>8Yb2v0!
zTbb|zH6r4u9Z`p_wcmZPoBQ;WO4Pvh80F<I>HE#sB662Cy$>|Hp0j+mP=X)SA}!OA
ze^cwX`|rc5*n(buZ>a#^RNy>K1Bd+nF|?+-_SU%hjDI?pyCUeXsob__bD6D2W+Zye
zUsqZU|2m6fsF|BNac!nn6~kXz>$IkvO@iEYo1H3|RcLOqj%L-@%rAW>ke?l&d7HYh
zVf^F*+c}<F+iG^Ca63#;4BEw&VOYV{BsxFyVU<S4DXA&bRCDqqxrK(tMr3NTJo$ql
zD-8%NKi^5)HBEAQ1m6W%k4`mYQaZY0P;5>}CMp6S${V-p)>VsGczYBYW)6LnAOK-@
z9Tv)q;Z)dYEU<eBbd%Jv94s^Hg|r(iw0POaYY7jrRR^b-2j^9dU_HZWQyS&`;8ws&
zxY$o+gpZ>l%<}f#!omD?Ah3%_x+AYQ>#IlG4yapgl8mjSQ#*)2<wi4e8FBWEd9bNS
zjmS0)zxl)TOlK-&@qvqM(Dnwem_p0`fOja6kDX%`Wbq_-=xBz%yOUWp>`K&S{q~S!
z%hb4{a`rh>YMQZZ$`n5(Fe)Y#SGGmBHvD+nssx=)6t#nQNS**tvpprdmcce=(4+0V
ze9#7(CaoBBwMmzPMWV-QqU;96tMA&*BPOXIz+&L8x+irfRIN^dZcLxFP|Rf#(!@uV
z%>2@{fp=q~25C)XE=;%uy)2|L3pqNY7U)3UM|!2wnq+9o^?PpL(MUkoCu!T67F%g*
zTS!_BGn7GZ4KseXF4fzrK{@YULEvhs>g`=qW=BvZiU=>7u}_*%@Y<WI0c+d!CVbT-
z8EKGO?Kw&Qr5Xk9XT8axk-kWKqz&1`J%v<chazvS)t-vIP)Say1w%USUzv*S7JCpy
zrSYGl4SaHYGu;|*G$RTdOv@R2YQ16gP8WNA%OiWw^9`j+w6yPPpPLXDEhQv8gT@}P
zo?@31boFd&d)jMg+ImWcrRw9aYVWM2n_H8rJ{VQx^Xe#TFlcQg8?>IVDP(Hs%)f|I
z>(pWyUt!TmKA`cPAaVX!7$B&h*CrzT8`S4H+BsUy;_yZGDBTLjcEhL2<o>a=F_}va
z&w&YgGA11-d6*uQ!+HTha_arfsWRQ-C<h4#Rb>m%WuKJ4uAHyL1U}?FncWQ*kAnmp
zH^6Q_2_CY@!(HmT+Gu7*ifxWWl=I>EE~YX*GaEo#$&sNE*nT35QqDevXaw(~Nxs=~
zSf<(O@$Gr<Dd2KBpYHn-t33a4*I1Pozpbq7X?)g<NqrlX{ad^}XeD++<K951t!V{$
zRNECbPa)pct+sULg3P?E>q46e*nyr+`jIhVmI>=0kIw7P)DV($=UvePMp8S3T4K&L
zdO9NxK@KT)Wo>@eLTlDWghmE0cKt>KRIHvu$4e^C*!r1+uj}LQAmc<{a}>7Y|J#2q
zzK-YRJAwHnD6+L&lffpcBy|%8SW;PHzXF^@>MIK+&$7u>YfkRJFp$~^*wkE61~ZPb
z49Skit17(&Ld^-dq?_jA-Al%?tTgxd@sFWLV4yW5;NXx}<w)XSm-<&$tGN%s{*m<U
z2_!kNKSgv%N{w2gXubJHHBH%7Cz~`FS0OITW6d7nw6VY8_!{__SnwIhXN!39A~Y1K
z36^O94_566*4*ZP0n)@O#~M*ceIQIRx1bI)N2ZSF9x@W?Lkn_N&3@%9p{<Qdx{@w3
z2R~Yc2UCoDGxA@fj0g2g&tX%|VFQ^X<~O3Sp>4kP-vKYXL7-dxBl8Z?$F$+|39-kz
z!s{-P&yq?Qc1jo(_#)CSa0ofXAWs~QFyaqjyg09^pl%9-H-EgOGaA}ui6cM?)^x@Q
z@+lMt?~RqS?aS}d)wzHCg<jYEuDRbSx^9liE!QD~4DESSyWYjjr@P!Jo4F42ahvQo
zyex^K*2(O^*2M1<Xs7#{WgAmZyg1AxiKFz}?`0&p124ZE+Q>qOd+rSlbqphN+E!6<
zhK)mALyhcGfD*BR{lov=<nw}mpt4m_aN@*2c`<cW<>Jjvsq9>=*h>-Qp9F8i_xrGL
z%CSw39(P%-#<$5n1FI-`o#iUxtbX*3&*5jw5np|dZUcB@PT9Gdr>jpwZHx2qRw>vv
zrE5}M>=|N93Ab0;?)cc#sjk5`=XJ97J7s;<(P6@X^*-<M_eGtq%9g-AuE_3LRbZ|!
zgz+wuR=%7a!CRH|S^gr1&bG4l#&7(97CI7ENN)aub{mVfS5z8fSC9z7NNawOPkEOG
zG?V`4_e;^CFqFEOc@zm-ky650ZDz8hv-oLRm6}{2S4A1cnR+{)bG<fs12T(UU+nmn
zhs&k^<G~_1jc@u9Y<?B^fz24<?%xP_)t30~BlnDYx-k&e6a+98ApZ=ws%FQ&<U=-S
zz`D0jadu91X1$isBIdrSypD@^drgnrvr$&1So2h-X`Ka`B7E|1EIts>vcxvb_wrjG
z#*{J^a*fc8+FgVw(-t2vMk1ne@?S8L2kKeDg_CB(Frf*h>&PAM+12AZ(SB~@qDNjg
z^j;5a85AH`ds0!tVGWHB?kDTw9#ufohY`H&S5nkRo^*g*81HWYHjr6|slRvxU-fJ>
zRE>@~X&?|VsWHb`qxdh*RF1Gu&b6|$J0T}=tS19IfLaD>X~8`J4)3{Q0|FROs4=73
z*Y&Je&s7UEDseS?{o<rQ;}qeOXTC<6RqbT~_{;&i+APy0nlGd06)*?a^}kh6q1?pu
z8Y5%*u40)fV5QN+8-#NYuRgfzf}RdT$t6CF*)d2(voaTs2T#;c9f4Sk6`x@5f!ize
z{hl;#KttV+?Ot33q(x-Co>;Bv+IvpgoDygeYCuK#IVj}Fz48os^^S+gN#OGEsR+11
zL*iLNTMl+2lM`$cRIyZIrc=~8vX_1jGXGvZG`rz#H{-*y)I)If!!FILXwFHbqxCUy
zZSeI&BoWuNC8Q1KILUQl18H@V8eJn?tTl<d)XFC=xE#dv+4m|hOZslSB^7y1EU-*L
z29OgLC}fg6c5j$ZU5m%xkY{C(Bllr_SC>dqd0?ho-Pr)Z>Lb@L>vM@J`0^Iy<xXQL
zWF${QmFQ#;5);v83Wp@h%A5Sp+>CEII1|iwb0g|ys16FUI+ZR}D(c=21N^^++LHJ)
z04zK}h;XdGJV)zLzsZJ^-%#dXvimp6Aioq?W<qa!-y)wcv15`F>3^Juiv7d}uqB}q
zhN1R`heSB;IQbK&_)Di7fjJXSC)#LYC7Tv*iq>iUHbXNKOH1HOTG^<cX`XxG3d!D|
zU2LV9wZ64<)?dBPz1Q9Eet#~UQu*z#V4ov<1WR(b`90~7HY37gn!pOph&JGsvSMMq
z>P8r6Lq4;A=70!@k?$;y?T9gWHVlQDc7F@8dk~^M9Ro$Uo2aaZB{aPUJXlZ-kPJY7
zkIOJmn;Xpt%aNnHnUI>0Ow5nqhjV!{;qng)v#^l$DXG#AHK^)#3*?IE!M6H1+q~8&
zV>VURuSB*S&rVU;-N7QfG7(%1eDLq`h5!+;;L<KOpm<0nq}U<Q7=5TOM>RwYwxc+>
zgD_Ah#-BxqQdA}%DB%Y+m#dP9E+##h2P%y_QE(nYML@~5rb%NOQp)OXALH20R}v{#
zvLl;uy?N6l{!7%FBTU4=JA21zm9X?W`c&<WE;%6=+$8UviOB&BPkFMF3<;b0*^2vG
z7vX4`PwUWl+P3JH)gO>}StWOqUOO4X-xY#h!{(%!L1?uG_B=S^?o}+pt=%DvR2Ra|
z(;=GvZBpuWVAstI3|rp=X6Uk>BP)1CLBi;aq(1boD%x20`*}8b{}LUp0LVh{`^d7A
znb@Cuyrqa{oJV#ut;89_*3K(4touE{;ysItwWc_NR)CMG$22&=+I>Jj$6-Ck@OI|!
zvpHiJCEFIXB>V`JbKnS5Buh0%To(tpi`pHC<X$)nJ5_U_R(?EX*|1$@td=GH^P+86
zlof2Q3yn`6A8kj4y;#w%?IK!Dp$fswkU;T8U6TlL<Fy5HDu<-<<0#IeyZx<=%@jFB
zz6F3Sb#ZKV%J`<6U#@~+LsFq(sRr)iP6}gnmj%&B2szRj=(D1cBea*D646Nss8F$P
z<(CZ#IM95AC9#i^2LgZ!F>(YWlmRRyGGlWl=Wiv|I<!Q3<P@7>QyyT1O$$$`C9>Ab
zX^JGg%_+DNV`h`~+$A|VYb$lCp7-UR#M*c0@xDdggUb=0NOcZx?Tf<YpBp=phw)kO
zWEsC#3JZRR70Ib~ju>nqyPO-xJW&Zb77zE(cj5tFa&Xc(c<SP#kytr9jh}4B%qlH)
zGQ@$1Uk$W=8)QYHuar6Uei1Mg-?le_t6vdn8FRskwgwJ_iKU!Q!EhfIogqBPFF&kx
zHNlEN`cXg;gAp<ASW5*Ol~t3$)+bjx<Gc$wW*~*O?Eh>W2RN0JHMCuNVQXoZtxduH
z1ub;m0tN2){`s$Tr?@NpLsq~xq{5LRo1HEd64u8eq4GhE>CnNqk!}@RQ|PM^6DuCo
zjja8^p!&$4gkcNvHSbV|R-0<kYJ07JscBsWWk_t=(){8ySou<oZ7=v^b`n?UaveEB
zetDt8k-x~E&bSbSA6`D0daQ2v&{=Gzb7cNP%yHHyg8A@Yy$jtkpreXLr##O=taFDn
zhw*_!-p`c4p{by$py&WPcx8Et<0Z&+#T>BUfD6vKfG?}&$byv<yUs#clG59+UB*>3
zT`D0D?m6cV4nbn%wcJ7GKMPkn2-r!5=sv0yXd7TTiM?Jp@!Y^g#0toAJ|d;9f(e5~
zeX(u0TyD1`ya{r@md!};rDnNZaV$8`&D#M5r~0*gVfAgb&_W9)$M(AzIG`#wS}H0f
zpT@-V7yZ?3YfGqAMjpb}iU9P>hlz2cqz9cL8XZi)<*LgI&ZT$v_h#1_Xmx%%ms}&d
z&ev4(iNTLy?bx5Y=7nMYtL}^`L&+SFN9@`8!6*XtU?GyMQ4<_4fqP+dvOB?xft9f=
zT*S?qW5u6J&lnvoCWYK)<>n5In&ckKp;@nW?QKZAt^caQ^T@l=Q@dbNEB60Eg{fJ<
z1_}f;5Yc@E*}VsP5Xu8(b)S6!$*57%wBZou{9W)^u2bw$do%~)3{46)W5#r&clDIG
z*GO?=HuoWZO*GFd98?gZzkjDUs6h9w;|QEpF-<Q~^Kio4ksR{?DkfqND_A?_9)ltq
z@NlmAjc82)Dy$=>xmoMdLFuuP%(xRs00M`qMzT9O?D3Qwcr8l6i(G&sd!c;xOP~LK
zdGxY5mr&TQ&>Qk?xkL)2(r@Wx09TlK{5OtNn;RVoG0J4;T4HjI^YRt6IK<6H++5$u
z-GwR#Rky+1X6!-4d2*017cMJ;|F?^ZNXsU<(9MYb8F5G35qSM;o9vY~%D1b366n*>
zDZWOXkUhSn)H&tM83h|JjE6{b2<jN#HQcWz6*`%d$^a?#Q-ji<Gvyo_G7r#XLpy&7
z7`dO$N_WX(Hi!9de@+XFH6G+1mq7oIy<3gP$}4&-PUr5nxWO|znQB?&5*Bdb_C#^2
zlplhQ0%A<_gvn4qzls6+xwFk0wc7TzhG$9_`(8k~3r5mp{<<G4-BOTjQArRMcEZRx
z(-}ExCtu_~UGP9*NA9Yq8f?B3D=c)PMWgxaGU_I;g)-+YXv5jc-@81Pt7%91bWaj{
z=c_=b+qEgrJfyfoj~OI>-=3qSe!se5Yy$OV*Qr7l&^ez$H%|haortq1p_7ei^T_q(
zB_z=qi(uC&8Kums2pjSWNDUpNfMI&d5@&$VOg?SFH>Fvuj`2ybq#|4Bu6RfGFFu{t
zQ@NU@!9VQ0lik%`<b3O%(;*#ByjuD@WGlnnGKcs4ej+S`2?Ll=hZOb^0F#MW@ScQC
zCYi=MP_8$Nc!Lg}euxfP?V(;!HT~I<v=Y$3YBl2;$gnbge{gjf-rJcp-rZyV*_Pee
zrjvg>hW>2Q$CX#{uLxOkF6%^hWCQhhFO>UcxqIwHL2DU|kL!KDKxYiQ#1RhdD|kSM
zw5r^8`7CyibuZw6*Xz90uD+l!fsOg&vV(i?Lkyuq_LKnZAb&KQW3^WqBLTm_Pw6oQ
z%TZ0I-R5nqQ!#W)5g`|Ru0^UqGWbh(c2PI-qejZDS`n!lL`Pt@+(dXY22Z7p;~RFQ
zU!!k7n#glb$vObjRga|97jCkY6(m@h(%Xq5Tle2bxa&>CZxlbeFP1MX`U})s4YMW&
zQ_E|hl4Nxt%Egw}yNm*za3Q!+IFP3adPi_>MLV8U+|}bNyUpOyiV+Bf-(<YUVin`#
ztp(XMsA;=X0#(W!Tg~>^`V??Q9+~h}`h0EA^vn6jw<AB_8n|CLfA02|57uSc7KG9i
z{4acO6~ha?D(^NlV<lhW%BuVne@ijsxhM^w$1gY-Z_2TpmX0j+SuB2*qGm@Q`T^*0
z$k^7=FUX!S3bf@lVCB-WQenKBQtxRJ3;GK^Nr9B5OVtUH&PQ%NV{WokA4q}gO=U#~
zn#JY*bXV)*JW%44hY9mG0`&Iey+a5`d8*kpj}C+OD2`0x%`?Jort!peY+(ki*m3Fo
zK0QFY<HbjVBJv|#&EtI|cznr8X-4D#2O+{uIRv)QB`gCJw^MKmCQQI~%D|%2rR3yL
zn5Yi94BoNnvG+tU8$1Q<W3B#sz*&A^2pc7tke!GpF45cAdp?I%FwF73k7G)MI6Ar2
zy~0qRDZ<P?+D6@2J`QkW#rCfm2Mt^eKM4#LL^%3Uo}u=yU!(&nAT65U>}+YPC~K)~
zapUVK0JegZ89JF1u^PJ6mtROX!=xt^xn#JvjI&N8R%VSH0gzyPDh6#|8AV1of>Ckg
zIMat7Y!2%S8>`KBQ>QbpGvnH#-W$RzNqp=}Lk!TMCtVpMqxy8+n3EG9A0Z54<GllT
zrLkUgdc2co(GZ-l)E&b4ummNX8MGW^ET_Ge0_7%S3yC;sIc8?fp}wNzJy{?u<cUbr
zP!_{?4TAI}1kdyRUveb)A8k)%@e7rZFVoh(>g=}An@qzUq0XcyyV1t>YI**yz-~s$
z)G?E=*%DkYcy;mkb;bK4mI??FFmk>Mu@ql~T&MEmQ)`kNF4kW@c(O8iAIIb7xOe5s
z5E2VM8+cU^m2d`cIGncq#@jjrl)X+YzBd`~LYmXE;nlTMi!EXxHZ!Ys+yKFBup84O
zm@o1~%KcPeEhq6lh+fY~qUzOC{=W94h<6$>G&XT2I&;4u5Vo4`PGt)`_VG-YlOm^D
z)I+}Yh%aWM%`t-L86|lye3xLm-ar#|<|`b-7-a-ucQe~&i+amg!w(~Jp7pr=;k;<O
zOS!PqznGAWHh46B@hi&{>(GyAD0XB#@<B|y3QkS{I~Xh<UvQOu#j=-?EL83fEgAb8
zvyx6<0Kg9a@1)H6-?o)wJyNk3Hos(a5<RO7Wld-O^JiG0%Zv!&PJ~BO`FMy>&l3r@
zJpi%nQDtYj0$dh0*n8F~YH!7@5H}CZx}8RmM`4`UK=k0b!Wi9}2VpIRUq!%)x0{=`
z4BI*Irn9%KyIZ!`Jc&9ie#iO8OxtHv^BJXpj!vlxTI$>=s(Jmb$A;ClL65L91^C>p
z`@TsSJ#Cv3<Jb-LMf;{t%Ndse>p4#*sM9L6Bw=~xK~Z#JX7b7LlqmZ7K+;*UL`$0`
zuIB-F0&{fS4K%0IyOH<7l>r26+$UHyy|7hfVSeRh=HSVKfV3H%SK!7S?e4YaH0l?k
zXqGX9;g^{rr7S_3ExCDh(#~mly@9H#hY*eXl{<tT_18hbGm)X8+^r7ii;O^;=}q55
z8GBrp?>Jog0+HbD7;oQnJSbY~i5ASu<g!Rua-H;R6CHs9qT?}z7JnG?uG@U<43x|!
z*`}g#RY$zK+STyA3yUV=P#)p-!D7B03t670rHX?$3<HQ-%DCy-o9yoJk?#T{Dh?s|
zf*oZI`_!lhQmCf$&e}9!>+eG%3NF$jON?fd-{}Pl`~8uU!fCHAyBNufNC)?jKg$x-
z+Oh!Zk%MP?>YffE6lJ(`>vtCWe<7|++8{A~Mcp_5&6;(lKR6P3$Nj4X^zd~wftC79
z1Kht&4VdeKtv{8bUkcI0HtVfEbr*f1K`o3hb|-eY<gQlc$WZ<tGuu>MvIf+)sumDN
zkv&~DcSNR+HS?!UtmQl$N3is0%48@R1N>pp1am7%4#%d&keDz59k2FojG+=!LnK5@
zWZ>|8jJ}%%|6nKmUiQSvg!gfONYDH@HnoWb$9W9?FD2;eYp*sG)4UH1XC@dGw=2vw
zMvdXN`GcwC98H<?U$KboABRw*2+jS@SK9W8jg4$sK>))d5@FvR<GWGs0>I`B`7+V2
z<_@6jmuUJ!%1tYrxpxC<5}h1G#rw)7XJW7{eA3>YLz6HYVQ2SZExN}7)$64rT~H!g
zO7Y)+;<jQ59>!O^JR^o@1)yt9k=<RinbKXVp+GA#N=W{>hoJ>d!h2EFV<<8CdV-WW
zFO3bC299)-HlL9Hcxw++lKS*mD2qSSIn@2VT+(1q&_UPWcNG+c3SGX4PZlea3`x21
zZw#IY{imT|9{YpB<ezvL0@5Xm0DJ4ckJJu}JWqO$@ppMc%M?%=L|C0^G12G<sk#Ya
zn6<Y*$Jw$9PHPzSE6t^w0+k%LH4qQ?o4J(A-I(ja9F9uqkgI-GyCNFFU{BnvAvffB
zI1hbccO~5D5+TfQcR-GWU4sJArq&503d`Lbtml>5f!%>44Igz<xc1`m<d#<N={Kfc
zkHl273noSPNX&tVp~`2rhwN%6TAwOOOf@~D(C10}V2V55mdby|;UYi=DpAqghQyXA
zAJnbos;7{04<UFJsI;yqbp?7!fbnOFn%!0dbe?%xfOrDSEpB-dN9$Ee8omo)b?`@@
zcbt7vLYvTl!s~F^Vj4UDWf%|!au)_mPdX9t<1Wo7fDy}=IY{cDC-or2r*-Oa7o0SY
zxJUk@d5xe(V<;iz*!cOU-T^{-C84>RV^#zX_$Xldj-v5&544Gg;pIslumjP0)Aa+=
zB-n{yw}2q6$M&@)va`J77cCP6i)XBN3mR%J+cqe^Dyr0+5$uqQUw+`Wtc?q#7-Jt#
zh^6a5ec8R{2mKJv6g?|ec%0fI+DS{M5>)zo{Eb<h`X+OVus;<vD?g7S<5+qTD?(^H
z?KWm@d}~C*!J<IQa9{weX1Y7Dg>qpHg*_cV-R|OJ4j^KPmE)w=M$u=iwc2{1;__3*
zoFc=<R(j&2WLDUtpixR){)-+76q8o0Pk=(PBnKH*PA^BX<+?w+46B7N4VsGNvRhwS
zGegLO88=VKbn`q$YCv_*5sb0C#^e-v1ZSMFT`7sYgNzf{Nl(1MLUXWaenr&3&*oX`
zv1*{GWOv)XnR?pkSSHCWVeMO-xm8KD%R_V$`%JUN&2(Kn&S;?<xq>!_1`0p<3-Cf(
zWrn^r+B)gq)DpHA31Wlya`4nbqMVznyz_haq6ITU6naCZ8>pDII~$JnQ`e1ju0cAN
z)MiG$eL(WPyWkvHSfbUar3M0=zSm~Y8x^(Y%S+#N+#}NI6TpTSp+NQUy@WG7!{gR=
z%ZMkZ^~2p(gay8Yz*y&>-Tc{XA#9Zf;PW{gWefv&;*wL&3loreX7K^99)ModW!;0Z
zByt0v_Rb!3NXt;$xs9Eqw??t{*hOuOpYsm8l+?VmCn?)atW<<3DoSLztt!dg#);n`
zjn8|x3&mHi1aT)>?oqV@?<OUbx`}arpmcRt0F14A=9PeGYg@Nd*a~)a38f;&N|ZFB
z4%w^jdt`+2{4&4yW@7`)6~_1mGg2m?Q7kyKnOpm8DEHt;os=x_!N=`)<g=HU%5e<(
z3EhYIeUm=qZT<*C;P3DH>%f8X#m8~_*IB5Gq;K}<r`?>H3Kt1hs)s}V&hI7A5x=fT
zNK}lZ2wi^Cr~s+0Y+hi9e(lRi%`sH~`LO-$vXYYdbJTy#V<%?-Zwy%{I46_6;zeu0
zU9O-7UiKlaH5=o$cNbT;(AkTh&A?X8N}gS+gZT25?lw|y!f*#Y-=tFzmWb2Nsf0J}
zy@uV5SEAHOy>c}{Yh9ObyQEIX0EhfC{soJvtxlJJw%?c(x390dy^W&Ji<PEnhGf4^
zD;4q>dMY&|hIZ{uvL!!yY^<LVVyl(txZZ-wWEj%Kn4u0x{j_(6RTv62sH=h7kF*_<
z`|8NeJJooUc=~lAr&Nh21b0#uPEB6%RqDwF6h{Y5@H8nV-DJ&D_>Z|XI>f(SZ!KcX
znnYrx2E-AqZ4~4l%?jqjqHBbNZvmWoI<*`DE=x$nzsF>{7|<>@+<v_wJ`DzEnpIoV
z;WLp$4T-s7InCioVoA_(IggBXCM;hV>WX-!4+sgBiLukhyj@3|(n3vCd3(4<Hi4!*
z)JLM4XQuh!B2*HNNmD93vyP?Vd?|CfdYLPaz`!0d`<d0I38lE|_!(upF*E*|^`V>l
z?C832C805ax^^u;>$b{aS_l8l0a!T|P`V)!7Y%f~O6Fz?^I$qwun4{k<Ag4)U*hAI
z)e@97oB$bAq5o(3o<j0CqQ%=~IpdQmOy9QAR3!S9jy5izJMU(IdHvaifCB1;nOs)5
z+ZC^a*4Z5fKw_X=MhXh}7>G)6p&N*sl#;JTfmJ>EnwIRJBQHz&-h8p)y4&($b)kL@
zRy6H`=)%QCwJBZ=^NY*i?M<QyAo@Y-%})Ur@{}}SRi<b~XWO;NrV_*YI7a!p4Q-?U
zG`@+wLu(WJZW2LHM77q%js?YK=cWAa$VcI<jax|pPKwuN`IB44S#_6tRE8yVL4&%G
zW|n*v({>6~fyy!1FzDCgP#bd_Z85-c(Xpwq&*{#r!1)}lt;s}~^+-qeTD|P1uywxy
ztve=z04rWwt<b3>4>U%P<q)z^OhE8wIo<l4vg&DJMY()^Mn*brpbYd8KzE|H<_1!C
zGQq+(*d&-l^vS!9ZjRiC%Oq|L;^)Qaz2qsSD3`oGbF4AwA-*6)hKOaiG1TmQt&cyD
zMTXX)07ueD$X7|&zj~aiS!lI}C6@)1ssqpw02bY)@(jLNDmtGI2;g%W8Q0G9K%lq<
z6c;2^@Z_>}DI11g-c?-HZbDr8HJTrDslAEQJ6x(hVoT~+N(TO|8#!0s!x{;dbB|g(
zxnM7dt%n(?WmI*|01xz+BU2=l7EP}~0da>%*3eq{o9PC-eVOY%BEC<=_o<*Sa_TlP
zcr*>6$u$&rHP!T>l$1MD*xnfdWGdr;uQxGN8>fp)*d+kJ*74?|)GJsg-!HUpV+icA
z7B5{;F1N>b;Y|Ps(wmK1V5?D<sj0jC3Ad7p{lHq>^6NCJ4Bf*&$J&Nj{Xw2@(7t;(
zW+mZ!1Zt6C3<FiFfR;(-!<?M?N=N?6_#*7%p!Ev`i<$dJ011?Ey1n{z-oO@-$Kf;{
z?bD+`KmRQ))?oSRd?K0S6p;vNF)x3&pXW&DqU<Xyq5}bb`(rB>phIE{e(h^?oVQWL
zq9?3rTbqTj__n)m%~;pr55)IV)Yw~Og)}@h^bwJ!SBcy<^jFiPuV4I*dbWDP9SU-U
zdCKL#r_@Ei6i?ynn`!D9og9EaGC*00U6la^A>5lG1W{cGNU$0hJB@lxe5ev++tt|M
zq{3EIfmEOjc9Y?G9PNrZ&As1}PZ`mDB3`7Zd&ozHV6Ltnn)UXPFY)7>w71?{9;fcF
zpA$$U2-X;mK##o6p2Gyuc&APQ(t2{Y7ME@vE3=y&sVWz4s$G-YZcV-r2^g({2Sl3~
zv$f4fv%FKMY33ZsA5uksRDmv$?t=#cJ&z@2#iCo@r@H1-Ng!1di_wOo>rY)>!dZ4i
zfOE^WivF%{!I6lJ^b56Oh!hs-u6x^t%LU;(4&~wIq|9$4NNAs=pL$9@jq6`LB>NGf
zFWs$k%QMj{vMClUN<*YkH?y!$B*M0y>KP{N+1bzzFO;ae;niCn|My<+PqFg-nzv?T
ze;-)h^<0fb)Ld<wY4rW`q&~4;;wG}gAWn6qd6T89(yxk5yDQ=^<E|d=8Kg^}Ut^w<
zJK0l!1h(V&f4AYS8``*B#NerJ{(DAAt(Z}Nksj7aPl5}1ayh*7+-D#;>3Ck_bdB?F
zHM!0=Dl1iC&2~_x6rSgV=iVmxOR;o-l=+Bs#g+!JHm6>oz^6F1+scsab{ia2^;cX_
zLrX<5j<|;xn}+bCM<gAw>t@aBu6y!^hZx0BsA*2KVN!0+2mLYRer!lO-_ze%geLZ;
z`$jUodDs-Xo!vQ*c10x#AkphgrcdYtSz;VbD9OGFa%%sODwq?;i$^KxtTCjy2(C>}
z?0kF=l#HQaM*}oxkLTFDc*wkI2;odiWw0$c0FcgQn)<RQG7j^F$B2>F1v%D;eY=DF
zG`a5|4J2G8DX39A8H=K8pl96~r5<uzQFFVqyd%FN*hc#RE<n-0j<}uMz55I9Fm?f_
zoViDzPi4~}oFN~}YUbDQvsF$m`)D=$k{)&lkaACjfF!R#-RNxYE`q~e%+Wc17vt)W
z1J~+(u<$#EeTq>LhSLx2JBsKI&eA3jOE#d~l|gl!0}vfXYzthB40BlrTw!I(HSV~p
zyngDb`Cd2(qk^sqesv@YmH`EW4FyAp1u^-#wMbQ%<-wZuk2N3Xj_Jk$c8~d2w#2N*
z(<znhYZ|8&kOl~!!}EI&l;stH?BxvU=jM@5-SMXlHCj<f1gEg)<zY_VQAQh-mkli;
zXvzszpqT9BB^>i#misT|39V1wrL~b+*T00RY>)();@@SL4TbO7e9lAO3H~zycwzyH
zG+?y<o^?B&efPIszWyNu5Dy0gBK#4DocG(u@G!zH9i#L2hBu4?OKz8}!pw_6wnz>D
z)n!mg2~gS4)t$cFYz-c6B%HIl4$(Ngz6eGbaI;O6UZG)Gw9d-#qG=Yey(-w{)UsjU
ziz_Kdd9}HvS4;Oc63uK1Vg7e8;yAYDvEtEsc3^a(wTFG2wgoQMj?t_@p*6bQ)0);C
zSl#kbRJ$-f*mKs(T<cU@_mMQk?FCCn-|YE187(60Vwp;9ExkKwXr+HSySA7f^f%=_
zs3y=CDU1=!t)Z@7ct;Syz|0W7sntlMI>wIgeCgyVrayBhMar2&iU_^pscW>XR%Z*1
z({%NS((<{9NaYqY$w}-wp9}!sI-A<BIdsugR}@*&zyThV3r|+>M4QM>{49%vYxV2G
zTE>F(4VBtmG6i)FzV>DD9j1;g`xU*9`8w9$Z{jY#io&6oi7Zb{)AIBUqO>BRT_Lb>
zpPQ$8C?i|gdV)r#U^_G+B%?5NR5}x@j0c6S<d`loKTdF)a_TVAyqS^6kfL(jsNfG#
zWM=K`$6@6{XzG$(-aCYfN0(VzuddI_<N!jP{P892&ab@R<uZA<Ibfsa0`N@ur<#Kp
zn^0}012lC)#{5OwW|`?ElQ55fb+yH)(Co=1jfBViS>8HKV9>tM#=YJJze737^QrB8
z2o>JW4Orv7JtE0YMv0T(eA2iLGj$Gz-`Vn$D(bXY;S)3cnLIwB=h$9FSaCGy?afO6
zxdPlEb-4`XV9&m#`Z~Dgy&&Zm!PE}!DMV+L%jttB$u(-L<OS=)>2sx?8umF!(;To5
zcF8Ya8z<KEsGJTwOz(k+T@^GMV-f}Q-3`M$NFjmRWEFdQ)-t(W(xBdmxFm{T=JIP$
zL$V8@z$9iwEx58dhe52iU{GaQOi9Fi<ze{J?l@ClHi%2fj5HfjHz95F$TVf6^+itL
zKD7=7zid5M8MeHwvYE@;WLQmjdNlYxQdRKrL&tlFiDLOJKyi}zE#t#Zk9Cw95+G4%
zeZs{TH5KDvBll$4YLEx;;{FnhuU`?l#IWJm6NO;wF<6J$oj(b1LCV$gV>D6lCSv)W
zMy{eU!Nq6OfEm*JC$OajD%SdXo=K~e(J=jgU|p8+Kk1m3HtCvvUH)~Ga~8{E_d2~}
zLZ(`kF%{hvk9(H<OkL%&yWtHd$a@|OFpqPQ+6AaQ$=!d(1%pDq)e!0in}mED<mCeB
z1srplj86#<oJC^$x`nZ2q%!f!CAvY)_sfN7*~7B5;T|w=eSz%bV^?|7Y(fab{pOPB
zcX}UP&Pvq0+vQ6w0@sXT!Qc}su{C3~n(#C=5lz8BArrfSYxL`2FBuJf&uDHN;_s?s
zKG)a?>U&B_Oe3ESZ4Us-P71aD72d#Bql1_B?+zG?rfP$;^iB*VpHwqsXJP+lC(_nX
zgM-#!E-DQ9rJx6r3C3>~A!3b!t6u1CXLK8PY_!-b{wsgwb&8Am__?kktmdz&Ec4bQ
z^|Ojh4mqWf4$$tkhL-5>Qp$2LPLun<mRX;nd6&ze>{Z|t%~^sqdtTPc{awdynN6+E
zU4mV4`#4zFDniX^H!sDT6aphc?hH~4cq61XK>amH?lP8gV9NNA0xC?RW^n^;QZG5o
zBr~XRvp|IWz3s=IN=WRl@}%wSh|+Wi#2qQ-diFHlwFRfBi}NXNzIZ~#K7z{-SpuJ#
zqhAC;f_2pViN)Z#=Q6LKwzAqe*wm^*dx&mk5tF2J4W5;-<r)<0;!*-(-6BiUOW+)0
zYtyZCd8d)5nG3Ega)&L9DaK*0q(d0@4MLKj;<Bf@D^#${ugyvbaV5Wo5Rn3t#hkI+
z`oYmQIbtpBa6-f)BW&7jy0*smMJY?44v972fJr+k1Fut&B|y0*0BRas&|sTx?xM`b
zLY7#!XYxTq&5+pW7jEQpEzEl{j$l6f?%B-8)gpwb1$W|&uT|pllWV=WsaeDO{FikD
zG`Kl@<A9(>s0$|n;=z;ZM~OP;xig>v)n<gMgZx;#cyDC>@`14vgG<~pf7+o8sHqvx
zE*IHax2xbB)+@blx04ASv_o<aBhiVFO*^%!zJPo*J7fy~xp1k|=MszH3Al!}Q*+am
zXY?zZ>$K<*>w7g%^mB?y7HQ=^Ibt-`(!$Jq0C3}f)+sWf!n&7+;SmPXcF!O0u!H@;
z+^As{-ggv<<czLFu{$Uq>S|T}G77|`>2(F9;XWsug(cTGhwzmwJ%<hLVW@L$%(<$5
zvdlO#;GFE6JThqT@9^LgJK_b&*4i?as)xl}5;}eO>v=`E85-2CeZj|YGl=eF7Z&gR
zc|Os$k%#qXvl?Hv7jSa`lLPOq03pWO7sXS0AIEM#mq+rZ)pnelIU$U#K3NzgMwm$u
zdohtSfKq?yzPmH80`h<iROkE){F9dbBP?i?Kbb9@1@MfTS};gkj=fTt2-S17JY$S5
z0Tfxg$GJ*UMN<GPz|ub5eM{ZPcqH2i8=Q#BJ0v%J^Fw8@>vQ*^jM*lBnu*H0I9h?C
zm2=F_{P5{9zU$a)0_O(zcJag(|9Fc5W~j)@)ObX73PudqJ^@{($g4&q=q-Qn)OFKm
z1g7|IOPE#dZSIG}|Bg-r-KM$MSrM`&%=1cY2R3e+gY@W%UeM{nEFY@sC=1D~JNZWE
z1vqN~Rvb8ToF$Zlg75Y;r(U-AA+i}USh70TY9UWt9w!y$$GE`OD@6GUm0hPq@F>Gy
zgkzG&K42^*Nq-TbjN;4Sp!Lr7I8{wuMi9TNO2?=rU*H@QIqfBwzfL?K-m(q6FCYAp
zEm;ai;(hv=qFpBLTbk5=+*_WTwg|otTA_B2)X2X@+Y=fh<sxo;_>W{K1nsh(5&l3?
z-5myns5c&J&>$<zNIhrcXJ_`;$F%)$R^;Q0d1_E@B-LQ-=M%!{3b70{hz1NbtQ8mC
zQKe70tkgX&j(~DFZqoQF*y@_*dx4j?ng+~M83gkrn*beZXREOF+b1j^I^=iv(5+AI
zy>EE-$(&G(8w3G?<&n>3f8c|x!N~Y$jw<c9%kl8b?~@5|sPFY2g9CbFV;y51OG;}!
z^P8eTTjtk^Sgv(4gt`=f6JFuC!k7)Ja7Lsd)AO(K^xw(iqNZqOH!9(P2Ho~Z+zRgi
zN&<8Rc#IVHMGVn<hy2u<g=PXtCJ?XMrjA`%MjB@N05&i0p4}yJAp$SGDtV5{Te7wN
zK<8KyFtp=p=Zd_hbs{MbmI+R^wZ=-~jnayM3fjR6BJJ|3p%ut6eTd<m1v*J9d0fMQ
zFxWK+y!5iIejI^lS(62Y+3Iut*TJ>`EF}&^a{sx!u)iH)_(hMVv$_9u&_0OIvxW-B
z4rJL(v6qquc)Nu(p=@1LENJ@2M8l#<pAr|>`}9K*C^Z0_5qdC!n`~Q;PB~EnhM9L8
zX-LdrEq>HJBX9~O?EZ3zvq<wA(9Phmf6*uKzw;SqUp?2ZVWkE1h=tN!v*eac1V!3g
z+yW5bl`8kMeihT0#^7FZdpUp{ikRW1Ln_6g4`~~}ucJi0$ZPaO9y{goF9g9AkdJ-4
zzG|s*E5Yr5A%%w&j6vnVkpr?-L}^!h+}8tHM7Rv$-n_G9ocObJ6|H9kTO6H^3}A6%
zGfrrV*5yG?FGA0w2NCQkW3Nf?Il^!qng8l!(YWLV^N9Ve-|*CSfJqrQ2V%2smX0->
zmK{8yr>`9e88olaZ_x?vYp8!}BvQyI(`15YknC!XW^K2{i^qA$7FTh{XFZ~y&~<U+
zwn^Y;5ee`E*3=<HIJi1b2~KAUvmY4M+Qn$q^&v`Tu<sSZ=3_dQ{es9nc;%o(6>^{Z
zXa8{u6zMA+Hxq$!3vK#FTFy6azuh}_B(;(OQmA_IP-vQduJi_pE*Eu5D+3`L8&Ib`
zCe>PEO2N$`xPqp0+}bT1ifA0iby8g_tNyGc^ul)oL$bJVXFk|XvI42TPx<t%Ci$gY
z_8+=hQy&xd2wJ@^LT}Pz(uVD#$nlC){j#$q5<1$*8vY}RKwD$+o|K#_V@^7st3>Jk
z+bQHuCgft3TM@~8lu1YjZ?p;g8jcs8l^3nO$~g%j8pKZa-V^LfzNHLx@T6{fqg%9%
zLDlB_%`b&{kSmt>?jyb7+v@rAI;~WxX|5OceGk>FL)5Y(0ue?4v(nrgEyxv}`h!?k
zZ>-ZBENhTv2}qXQc6GqU*$wXF@_N)M<$^x^@i9F`U#1#dg22?*9+$gGNX?ybV0=j(
zGGKl3ZPV0(F6P0KY7el55=zM;C~BxJCpjc+tzOPB%uz_FhA6SP=(v%rIfxg;RSu+C
zvPLs0uOD2ES6~YIg(6c*079&1Q-T{RG&arcI_A!?b*C~M2DGJb{72_3#lMSxg#}b|
zlT}w;qe}BSrPNO{jiDO+I<J1I@1{}c=QF@r{DX95mUwZYY*N0jWh_AmRu+%tH0c_-
zRnXW!>C-WBJ_zjgZYO8JgxY{w?qpBcBaBw_SsHo3J+ve}gJ(4C|Ea`B$ZKyFfo3HT
zJ#nw31i>m)?%xB{@1vEc&bH|P27Cke_)Xqp6b1J%1gPj5C`iwiIoBJtf3k>^QteLe
zvz`>rN++%=4CxQGLti_xZe>KoQh4ZD%dM&$)py4VK;V@_NH5HdQa49?=1FKZ`w7*X
zdjGE{6RwH#h{Lp0-nJ=IZzH1N#<Dtz&vh2JB||>E(0z{}VA)Pki3>C6WFfLcay4gV
zrr0>ZUH_ZbchATM{SL|iWB}uzL}E-X5w>ZLC+ncU7uas;SN7g4@nK`HfH>vW0e;df
zbW*|qm-`>6M^dv92ajYu3y!2Z5!DB<E_WGfTtL>&)sB*9#>2WfCD9DPj;yd9z?bI1
znYXhh5wpZ2P!&;T*J$$<kgV3Vo8V}1xELjgZURbR_XoTs?Y*H$hxHngEQj(kr{T~$
z1sx00UA(-BrCFLrR4qsIifW2M#9f;K;8y*|JWjmwTtFaJl(p2(5F_DQ>6%i0o5h~}
zGWZIFSM<ipHd?%=XfpYY^pIAkJzkw$6OBJHJhS4{Hx<d5`5n6mQ_gubrpdqfc~|&1
zo_)?mfjlG$*m~2UdzbEftKvz5_=QVcHns_854YCG*7Tatq!nAy)WVLG+}40a)(rDh
zt=5L3^omM%^oN2Xm?tT(S35=_m0sZzlF*}S4B6xM2qAZZ4ICmPuf!uTb(}FQ6f9rv
z(`bUk3Elw1>lS@wn#Xh#^J0y-CUOmo;gg;hA5cd0`T{oOPn5Kj#jr;oBGB`Uxex+o
zJss>J@TY?+|I`PcFo0KR>nDpX`>zxu>2qC+4q@wsre2tLN2glf9X5~r+7Qjl+f}@S
zPJA;EK3VU3^H|QD^g4lH^-mvu@ho`wKwW<JAc!LElE8UYah%6P)KgC$C<DMBTD?`T
zo`8!&gcbx*kUu=dzU)ocGmu3ImQFC$g}?!`PKOaJ*w@X1<?K_*Cy!CcGFlTlOQM{?
z{Uf?CStx!fF0p{3yq=Ne06gJsKaYe5tDi#*j6H0wztkt~H|Tb+ZT`9z^wA=lq}VLc
z^2|-&jDI9=OKczU+hMMTNC2pz&!M~5`spEdG=w~6c(##I*33nDq;cwr2dzYNe0Ga4
zvB0@;VRQlA*ljYu0zInDZOf<1vCRzi?8nHOC|jq@NA>l6z<kl%y_K>i%bfUJq>S)z
z^ju#7|9u(tLMv?@KU5%J4%`+St3sa`#^2Q9o4E(jYXCukG6O#N5{dsvNuby>JJ!?J
zIiuRKGuHpi*x0ya`EC7w$IjEnGo1i=lgSmI(ae>L)e!)L=p7I35e8czoeC~QB5B0!
zpfHiT=@9f3dEm^Mk-qOba?94Tvfz7kcz1LNZhklp(({rfI2eV`8ZFqJP{#X8(8poX
zwSBDf!0w-5=x)Ajq7(;8BDBmbh!gA!;(37d5}Huiq`<Krk`L{Es_F=fs?B%M#U~xv
zpE<oDx9m8|AVECm4Htt9Y7|huL66ZJ9nhb{;C_s{MNV)*l=MQ#x6Bm7dNAKGKt%O4
z_4a}2FW04<)!-C6fYj*C+$e$u4W?NO8A48u&k~Xd3d~KSL#r%P6PEeTlPtL4xs61h
z<uB3$^bv(sD<mQDNvSuKRh7Aon?$HQMB_@dZzkKwD2GW{M74;h3lxY}M<)h!P*Ds@
zDK40EDFbU^HCbh|Y54%yQw)tU(q=(4f0RfT4ehRtmMdebW*q%6?`J|;BtEba;xX^}
zFyn9b==c4mEG8m3{V;2}y5O7NQm>GY-E<j&8X@(`<C2vlIrdfEhDk>}wH%HMUQWoq
zYcN7lg4`Fpeat1=Hk4AAPJec$?AQs=UsHVrKh%+ZV*=coh=wITIGP_o<P*gRHE6@|
zVPN2Gd>WUdB~TL8<?~U6DPYp0!<`C#5bz~_)td6&A5-wW+jdgH1Rywz?6$zgO|*FG
zEJU`;Mb(k>S^8Kvl|CatkIZ%nk~ljM%bP|bZfLMinWwaqM@4*F&y#B@A56n#Wk-df
zO>*)nEf`(QOu2JVMkL4Bn-|tByD>WT7q2f{mU7C?*TkLP{xM5W6AkfgH+i30?aztO
zw0A2?+I1m+I^!Or*E6MaYiL>ev(RWQxNa_#NCpZjzwpVcP#2s871riZP4RUmr<ep8
z7}PQySsBze9Xc7L8jW6n=)JyO@8|ID8ai|X{h83?y>63S@PS=@j|CY_|Ah`5|5BM!
zYFdt4^6?(bj{_k2Ox|3kTn-8b3*}UPr+7?=`;_Mceb^tNoiCO`9|<YiDPkA!V0rGI
z=EygrXL9oPJ=WmO;9Y0(nnsT`X3?yumM-R)y1M>#vg^XxK7aFH54g?DATDGzm4J`d
zPns-_(Hll3?Yu4Mb!I0_RxK`NX0wBlP8b)P$~vQIrDqZ3+|U~qg{WO(4CxhGEaDEN
zv$0taW=nLoL03yB6rkJ3%dK2wD89-&ke{z`bvRbOTWlIqON&~f1+O<2V~(3|-!eNI
z?@?BXV~ad}APeBtz+uF$E-3{jMRSi41~a_%0|mW_P=yjH&@ApmlO6lXg<{MA%S$Cv
z*xZ;Hhf;oe;-F!+Q3Z6JQG`)1vx^C<80lXSgfZ5oM@dz&O4McQL&<k?K*}Y|6djyX
zuZLJA>b0pCFjk=;@XFSGfAu=qF0TcKbBM!#KD7b9VVG&|?;}R$!I3#NkoK|f@AJ3c
z2BGOs{!_>La113N5-QfvwHv;l;%HNWpz-akOq#$VhmT#5lwBM4pJZG~IHnZzbrY#}
z*C*d-ifv8B;l+KN*KI`aSECIclxUGNGf;2OzG5TW?5v6BjtMsiSA3jAVM&k3F0C#A
zQL1*p+J$lu6-l53J78px4Z&1#eXPpcHKo<l!ErnKJZ%&}y^zzmYx-?RQN(yed@B)X
zE~eXb*t0ObAS?Q(VX1Ly1)N7#<+*r}2FlrFpYY>Y8wdc#RqJ$$m}ibPFDk!Cai?fh
z@z~TXzab<IlS2^Le~rMo*y5quVevaY*UtE{mEUX<LY(_C_Yh_29wz9tGy*#Av(;35
zxx^tnGQuXS{bP=w(uL1;7?m%_4{z1`5t5Q$T4wc)_=$z~Pm9qpB`Q@A_1IH>ouP4U
zft;TkSkBg2`J(+C1K~5FCJIwNV(MuDfA6?Qm+xO}rj+d+hZk7=!B&mp#Zpjsepm&U
zn&-^BNDP`3jYW#`9gjxM`{WF$@1z%dad5_?qDmtesh8KVa~5NpR*?=G$-idFu6r*-
zLq}D5I0h1R{FmDM+hXScd+J6l$oHY8mcL8M;5+UI$e;4O;U$7_!gYk65gx(_Py_rf
z;H*94wU}$P<gQ>Jm8G4p`hnPwaH37&xJ%rKtF1ua@LQyn-;2}~ydOk%^-8aN*qp^*
zoV~Nxm)~&d{E7L$V2C^Hv^AQXu(2V$AUs2S`}{-~2%w`}Wv92{`=zoEe<ub;UyxL1
zV)?>T?W{w|Q`t+h3LD46wRn^}U6yfF69!#3X5*Sl(jf<W6aFPF-troS(47Rg??_Ty
zL1VOm!cY1=3?j}5Ye1BQ?{O#O(Qsy^<Ryf!TX<q+GF^q#dvv+t<>_Fv^zF6`l_yL6
zs86$1qw1e^k*I)trO0RF3alVsQvN(bF`_*9ALw>$k$FT0r7`5nGFRrb&RK^ovdeEK
zoLakT-?X&fw<cn@!@)g?CtSI37~U+yF3=XPYO;$o9~P0^fdG9w_fNJQE4uF5x?^45
z0M2%>lcpHHgr&y<X+6jAT<*%t{sYoSP!ruW|COLXppjA=XQ>{29cG!Px;m8cR;!f5
zv<hHnU$?`=Sg2!?-1IGvnm*R$_I@?<!i82{E`1!*VIqpev9co*5JxpYp?}cF^m)v8
z&k7UgoP$@F_p7>W#`8Qz>dS5G_F6y;0<GmFW0kYn>f{W|wW76Jig;Nk)OEf;RL6~#
zD-wi(fPg3bfA}haf27Bg*zBAc>`2h*zY<A>XtA=hlC+_J4=;NT?wTrBbxT`$q|D39
zNt8FYJ(SJNE_^OT!xp)eq=|q<L9i4<wKZ4GZHjmI-JzgBBrrS|Z6OM>*!@H0VBzEL
z*f^$RN@=^&vZYL1O)Xvg^r3}7zYecj63wu{m(p<xR@1D!N#s{5W@m-i(BqB8!f8`D
zN!6b6)~2{#bLvgA#>>`ZB-WLPq52@eHjaV`SWU5Ma}=)$8Y0Hq5szvsST}9_V4qAK
zL+9xBnlxey5DKk5$iCej-ZGh><mgzz0L2+lu;v5T2$Cm~;Xph2{L%x0x22u#u%R|A
zLWviwGe*`0h06Xb?Q-0rfxKZ<c5W_M>*2YWu5fHYe+pQ`M$^q9K5hBL!7HsxAq9&S
zAp#dd3lXJMC7071J0W&`ZNs66C!s;X{cqnp+F0w#Vfr3K=>ru-0R;S8GpkGR-q>y`
zGuq8AF4>tq@%_-(>O}hMd?Fx$&YZTs#7s^kD<TuSsAwgSB3pprNPs-cEJzh|<3dkk
zkycYCL)*hwCxhAq%qRU8-^5@8C6UG})kiv~M}co!jPN+KwFv5OW@ptc;i$`0#yrT8
z$N~^2R6M=&$x>NnB4tWaCPjNXk&X31xpy~gA$l4aT=DMSGqFJEJ<To1Vh*l-Ag_|q
zdFEsdMh%i{;!H(uXL=0Jp?Qd|y|+_3<~hPD4w@psOxYSO;7yls6E)>%bxM%o)96~(
zoP$}TvBgf>^X02C_+;eIps|9$zyh#%*RuPPR{kgDl{x)LfFChc!H#0WISk;L829EZ
z)xDTdk`cR&ZOI0|yN%C16t<E&6|v0X`1#c0YFmJPz`4B)d!L}B6aZE9VfKcRh&y)W
zaoN+r(hpv5n4j%t{w%~QZdZH=Xglx`sire@yg*ca9&x&$Z~GZ_QSDCBB-8xbCmtRJ
zGg<EIg&)$hSDCpV-LUR9zI7Hz@P@IhGYI*a|B`#(?1^DQ$1H^KP!Cy+xwy^BL30PM
zgig^af`T7txmbjeC8y(uT{?yBEmc`_B45Kj!gxL=Spc#LjSs&n9kM3=<s{G@(sd?%
z6-mTFv7R?$87L)|PJrP9Rf}b$J^va$x4SJyp2m?7eTa#I{)R>W(j;X6nl`a-h{9<A
z7(7o!lxkvQ!GNN`BQ69&ab2s-XDKUYG6IU9(rX$Oaa4_1eIlL<wUWuE8~Z}^(j_~X
zl6ASmw&!rTTzQ(F?yM}Yyj+}JU(?Pv@ZcKD@655HRFEP<Q^=%x79O8QLCEF6tvE{6
zh;LXbp1Ar{x(@PvWKoxWRh-uxd-9AXVkAU!!2l5niOlj4#v+-4ZJ=aU4|pviZW0pA
z?qpjoNpaG!4KhZ7S@0>U5)(%gXrN3O5-3FES{vI-qaV0DC=<}z>N+_#X`EL7^Ui$i
z@|v0>IWTp!sZl2ks+j?!_D=`OykR|_M(B%vlU+192TkAa&wkXM$11Fp)DV91@R9;;
zVZa6%%C$sJk|FX}gAwcB4B6Yzdrl~;YYArMMv})#J$)?iU(i6bv3w_fVGvCN*x~@%
ztKZgu)EM~3>e%gy>hDd%Qb3RSv`HzFGP4<=LWyi5j1dbe&PJEUO+acBhh*!wC&wK@
zPTrKmTo}zqj(%jbIw4!1%hxTZC+iBaP<OE1oN{jAS=`@hGMPIjqFXK_+0LqLFe+Vt
zC8?*ZjlqDCndTVTVYAtdF5EYqHaHMIs+uIsmyhQu`b{xXSJvo)7@x-;pC2XV#P*uR
z(lJj~^RshvaA_OMcYI|;Y+)jM9@xu$tp#=c=HzVj{g#bL(ueG&+dmsoi7LvIBRx6E
zmi6zGd~tv`SmG2|Uts{TDzyWHNiPT-dzVZ-FGhf(hb}(%3!n%<>X>=lAFj=$2jlBv
zLtlZ{omdqul`dYTOx~nK<KtO;A(d5X)j{d^$kA|XpEe@p1DbIR9si;#E~zJ4Lwr9Y
zjm}n!tQO-{qeEcG=u)-qM=dQH(e6ekYJ~ONtFsTHe{hjV>RV~##qW;{h~&=)2t-Eu
z21n+X&EirLas%dIYII>YC&*Z!UL7O~EE0nsMIcPx8p0BFCQb$CXN%;tKaj^Mijd_|
z;EvjDcD4m%j8ms&%_R7iIMpdDI*45+qA22m_%`uurlrYkYl`LV=$8h4{6Ry7WYYI5
zfw6dp|H&|)8kcu{eDlej<QT1V5ed3lC557^W1n)`xB+SNmgC6d)Pelo@<V7LoU~RE
z?+`B`Z1l9_#BlPTP+Qz#Nidw@SCbGpU6?vn%e+zL!=!Q3uMlxOsMCkXhe~OCM$4lQ
ztfYV8j3quG5R%xLGpNBbK-eO3q1Hm7t^l+N_*jL<;1QyTS!3ltnlRJXEX8kjB+3Hv
zR9bfS-T@U6c*{R&MB#GT^O3o<OQ&Ge2J!cbc_h%(Ylsj%?yQqAZ5&Z3aMv5x6y44t
zUH>=#n$ms_PrrcsIX3>LxNte0+^oV|ZXSRPMzD-#f1`s~enkJSb%O1gED>f>!!FIb
zNysj(pbbvk8(3{gy%ss;CuBAP(*zxIX;^}>UI?}hdpN`ULDZ%K0SZayb`o+Vj6S5j
zKWi&<Fb_rkQ%W|NPBPBshLgpkR#GKRb+7hG1ziX~Bi>d$7tAXVdZu^&?j@+b{f^90
zonM>ATYuF7+O$@stto{rc`%O5ua!6wqtT^*v#}4<;H#9Yj0yq^ns{Lo1wm=Fa|Fb@
zO`-uGRW<s5=(Rx2)UroTSUC=I5u_GZu}s6iNxQDj{E`qO%kE)t3qs{y+<~stb#*rM
z_9DG}>r%j}_6}5S@wH07C#G2wMt3ijJwE@ClWNGIz+u)t)}MLX<I}fF`2t$O6IhGY
zSv38OgILRX8t<;EwS=vR*Vo_U6Z~`^Rl_xUT50}4%rZCvlTX`aC<yO(Po+fhx4g@J
zC|YsrkSYV@5Szd^w9Xke`H^h)AO3S*;a%xh_A@oLgp{j5)G2f6F8CBcPeURep^UQw
zLA;=xW7z#A%5aM$mV1Sc{70q)zaEBpSI)CfrHTW5)XX24&aM20(Mo&C;44meXF^Us
z2)xf4clMj`aWLxN7$IxRY6!>^*||P-hYHGf$i^O<Yh+FxS@2Dv&J_I>dfvp5I(R(O
zEuV6=f}(TV4($q3C&RI+&YjuHTQA)zk*iF7NZH4mck<TX6OtX`JBfRVnV*U}L7RBF
zOC&~eCeUL(^Q>E2$;TBAwnPV9Hgd&8IL2=czenlUj<V%G5t%8sotK2=PF|_YUzcbh
z>!egK-6T`DL4*8s+w}MwBBMCyjCt-m&zcU}y-wjnP?H+GTU1x!IX=lN+-8~Q)ryty
zLh%gK`%p(XeiFB~bHitW3h|m382Q+TuN(}MElpybBW;~SolT=Hlbnr9V?FcxJ-yri
z&{v(T_E{7N>g%1^%89Op-u5n5K1t;cR&Xw1Qk;-DsgI<T-7^tJkL6?|yP><j^S}dB
zB;mF6)O+G;Qe*dYR)7r)quVOyaQ)kX_2KQq+y8RVv0p9}_<rEw9v77UT9}tIVFwil
ze|hHmsp!%%U$n(OM<TJmc@XGEeRq<RGLbS7!7kr9QlcJtiJ{t2kQt~S{MvZDDVME|
z=icB%3<~!^b`{?}eu&>mwIf99m5fP)xtd7h1c`QF9CDzp)V#4JdR0w)Uo0X9`fwZl
zeD3G``qlTbjIu_Rk>L0b2?mRMqnF;u7*d@|SWkji#GIhUjEBO>fn+7;3f~5S%)CIO
zBW^;9aTsiNJjkMSp|EQ6WoqWYwX(@WxYU!nVqpy9>?ik-PdC42M~6O*hr0-%V|_8M
zi~6A5K!0G~hWPJ8rhL^QrQ(zAnk-QsHuD+SPp#4-J_Xs&3=;XkwQ%0vpk4Iu?AGc|
zXXXyMAtdmdHQUht2AeH<++tUHCu<Ll^U91bTSvV#TBF|#80N)ixc%P)$wE8(jUxQ7
z(kHyRX5MImgPveVtn_?dHw9934B#}K1gP|ILL9L^;!59mdD67-PdZl!1rvd<kp+L;
z%$%-8r>KP_10@Ce<1<|=1yLroeBK*8lg8VEE2^onrt}d4)<4;r+&fD3*_OARI=<L!
zT&w|n!rD^JY$eii*>>&rRUEtIdvw>hc15KWQfXLlm1A)3-zxN<rgNF-M>(MCpRt-J
z#lPM<$&Jm9jb9qTzhB{rjsA^eJM<n!KBupOz|R#Ol3_+zLt*ASI+b4<15-k}>3CfT
z=W!fCz8UuTiSBkKtVpR5(Gk#g8q=iA#nk|PKhx{v9dSKQlpO=Me`ot#d)T{A_H=%3
zRw80WO-i_od1PHqZ$(=(W3LKsmNj{2un_SpI$i`u{4SHMo0oy60lL)P9`fK|x<XA&
zrdI;)NQbp7)X^OlL##hWuA?gzSI*9mQ4cNdX5kZ53a&E`9LWUsr6m4|_zbimHYe7^
z#yQivr!>%iN0wL^n^`>mCFoAl)OB1)5)|Vw&#vLs&G-R)@A^#@x*6rc2L7m{jog=5
zf*mKOh}|1L!6FZ{F7pF}tNG5m(~GXb$pIw|!8b3&6VGq-;rahQr%|<3!K50#e@F7s
zu}vp*p+N#tmRZ?y)F(aC3gMx5-%QZO0jg4i;Q`O38M#)uhl7D+e&Qq|Z6%VRJSiRc
z_j%MKucfXWrI^M~2!k)>1eDX<ec`cjnJL3Q3570uQVdB@UV1N$Ny-CgWHLQLgttr}
zFZ=PY69#NY_j74=Yp60n9}#IZ<C&*MuJ+{wejxUYJ~dJ5$ek}Hm>`r^Y4W7|bI=u5
znVaXWv~TZ<0hTwF;V_!bFQH3vs#KXIra@C10+jQs?=s_Wb~NRTXPYRVS@<^FSI(B8
z#3`Sv(^4xM(`eAq>{GLv)6#6zR7z8_0v<^|2gqW{qqp&D(G%duq+6h0;0wte`@)KP
z!AZ93We;Z~`uZc2U7Ek@57(+z6u>&u@iW@0F0JTcoGZna2rM}E`6cr*PHlIW>55{x
zDdVgr%l9MPeE(V$|0OG^8yc~Y`O+p#S4V4G${PomPwiobv&0U8<ZvHf;=Bd@<Ec`2
z`4@2JNQqss#ETf?GM?15J~3L#twjR|G=EJ)2LmgSzXWHn(3s(OBnl|&PKkv*4nC1x
zohkmkm8+f%Bq0?s7>Pp%b^Dv9;eKb6MA)U;iKk8#%rfG=qcSeAEeP+npX8j(i`!Hs
zW`nO#2LMYd>6>u~?-bNNs>0?{c25MMRiL{M$9=j1eB%DusgCgd&XKLSblHm)s~6#H
zNhIE^FZtth0X)Jtf_!->dE0~wJ8~Vwu^a(g>^^UHR6am0z_t-$Lm)&2I)<^2k|J{+
z^?dTu))FA@iw|HC9y3>9zJ<oz#k|^RqR}B?3mdlPbk=CYs8D^XGn+eJz&CLeJ&=nN
zO%=>(wQ$m8o3vA5GvUKzepPNOSCC+aNNKk)$LS*GU*-sJRX8K*JNlVyBCA#ko<mVr
zTFIETc|bg{V{{F5G;0Xu+An3yrwsX=vpa=Ba{8~Gc$Q)vfvh!G&w3(5$*(!b^k(&w
zROX&BjAaobMJS=}orvElEGLNzut&d;Wp{HXjt#>>$hy%aYr>#NlCE5}IkzBdBA>hg
z)(t>mZ?U3GbQrJX^P-?3Zjtl@mm#r1I}I}h8e0+zkKAcq=gdq^m9{z^<~<dNsj2Mn
zjQ(C$vwkh~WqP*`ldq!IL34Z-g*V!_Pm71XD+vqwU&gW-H!V$s*9YX$B8G%DQ~&+J
zVstaEAlM;SF5)trWY*b>c_@7)Fv`ra$xiaCR5mDX=F)4C66v|nhz?vr{?i$m`KCyx
z7Z}=*E&TcH#6FelSVPl4Fty&?jT=`pP<aJ+1Ld_)3sEsPF$VDLP4AK4Y(_KTS%P}Z
zOtp9%jamN>u!cuLTvz=1`=}6p77lzDbX@qAysXDL8uQ=s24N~=L%~Jtl@uGp7(N-D
z_9X}m!mt`Y6L~y5!@P)O29ykwG7<Q}W<h+C3VZ`~tV#q%MX`!%0rXBse=~#|5vh7O
zAr!n$HL{f%FHM2(qKTozH;GgtCDh|;)k7x$N4@ktOO@BzPjl7I*6PbTNXsy`<wI?g
zL0RqOE<A_J3bn%Lun0B05H%r_H%dp}8kbho9pttB*wlVK=2{bz+w#V#b>=Uit@P}~
z(*qPw`4ako>#q2_BrWfNs!;3<;!V_XXIzVMe2E#$8PIXvMB5<WP!pgdXGwR+>wn1T
zNusMTsTrOGZ5HEfR*qqAPvUxN=!_BbnA`A9DTJt#@IsR&JRksEAeR&1!!nL%Pff(%
zjw38zXi?uC&lY!IDoH8&;$iHv-z@*4xg2c+J~Ty;7Uq#2L{tAt&CTAHJ7xOe&zE`B
zGqUD5KW~G#RySUAmU~nEk_9lLu2=iyroF}7*lg45u4}68tW)nYcvtECdpZPN|D=Jw
zIJ?7m!C-?J8C&vKhXXWpiZeM!k7-TT?m#r#wLz~60&)xtvkJ{rBog|lTHXJ^*DKZ!
z9IiDc(2d9AF}WD-&JTg%4df7)FjLqx=Ej$JSGj!Win=7*zQKp)Oz9av(}xSBfXY?G
z%j>};JcewW&msZt0y$ZS#MaMGzMmk#Ew;CdG=<++E7<xX+TaPgL0gRyc|YAr7dGXA
z?b7GQ5j}OsyDaFQxBJ%}f$f&V-~3#(M0&{8P5zea8To$sYK=^&v$KE0r~8mQ{EIgH
zCJt97{*W?@^r9#znl+o{O^y-et>$6BsP}{sz7{GDpK0FMvWm$VTi0ZCfERP2EqxU3
z!%>HO>;!V3il()dSf0*}Nzj@&kaE25+;XUUclq!dKI<K1j-GekCb>czIyKG9mF)7V
zYsp=w38hmT*jW6m%4Aj9=3#=WUdG8bHSSt7-<^qTPt2)!WxxE$U_KenaW#$MJp3E-
zp$)EUy<+^O4G{T*>{aBPO7QLY8>f_r?FeL#N?7{ij)f-0;}VXbhOn7X)BC7k`T&3%
z4NRCcVPDb<Lzx&Bck^8du%$~{Jk0nzRu7RIsin-SMhH6M*(S=MN(CzLvc}W+&)%Ax
zrW$G_shINfY2Ev&$|?R8&Fm2fyCuyjtSXqOD98r?#%~c<I&m34wI6Rz3gdgFG}s)r
zN>Y*HC~igPY8is5UMH)XP1ao2)&#Ay0{hI91gq7K9-(&ttfDU7woVFUK^j<p&`55O
zs>y7#q2k?b4>BaXChS*0FVo503yQ5;#xyRa&ssKKE|YS})j}z%VB^IPDn5(Ka-|zl
zM(WF~wPKt1=F6s!T1R~wbxk4!Es@fVh{;?!9YY4j6@q>)`6J;<i)Z3&fF0QyQUX%-
zxMu@CqUa5(awzG?hfS?~QvkY?0e{*9%2uD#fEoA#s5MUji(TV!lI6}H-Vd@Z;GxCA
zx?h-nfnsV%GlNG8d7LLytDNaBYgfwsS`n~Fl-}96;pewH3o#BdFm5&zn{nQ&iOX~d
zP15&@&nu-qqiJ-<<4b|UWC1KmOPfC?FgAE+3qAzR)-nAvdu6*g*CP?Sco6j;B*2gW
zJA%0t4gq8j73CWsH&$p2z`i>B_cf0i3K0a(1n)i<Xyny<DDTGZK9b-Esa5VDnH9}9
zsCtOc#q|el@P$v_j>(?+O*h!8A#z4X;*O>!uau}D5O)4v1yUmYm`92dOn)I^fSj5R
ztU0G$QNr3Pqf?-lvOA#b2bO>qPW18dB-5Uz$R?#M+qX+o?Zk7!zGK|d)uY=}vI<nP
zeGo<f6N;b`xV6DGQPA~%sD(fNhlGlRU%iO1L!oE0Rv>Su!KKS@;BB$F6n^oFOLeQ_
zX->=pQ&a~;$9ZQIC~@}Xp8&P%VjU|Liamg)xoN%4sl42zIuvlptRv?Uc{LXp7P!P*
zhare@CTQRfVR6hXoF{~^f;S=-7y&DsLq!%{rm4`+AVd#YMP0>uQ_5?+SQAl434+aI
zEh;Hv@tzJR6uIG)j(vFwrJktknPJ_Z_DEvn&(RM5`fw99YF&epBPYF(LF;N#@U4SD
zoMIZS+t%`)#H%7Q0!34ARNjmF6|>Qcd}H|5>>Sr<n(o^O_oKKJvQGHLsStw{73-y4
zX>}q-*Htx4&`LD4ymTBWX#&Gk$zEbJ>OXT-bu6csQHA&=48;9$IF^*%K8<o_J2W~a
zi)QrGm}@wY^H%07KDTKrxyV(-FghgHFR~Eg>O330`k_b#RvLFLR(+kDVZ#=C+8t7y
z*iu@;qya8(JVN^ktN|V4Fc%)XneB2-tSAq7=IQ>Dbbpu_<;e|p3icxg;NMFE4$P;^
zi}nNMFP`5(0*_yp2p*6~DH}#Zutpw6YlSBCS4EaCR_$hQ*h*5jYiN#pdW-!?h&Vlt
z>CB?Tm|(vOIfSWXBj_S9pkZ&lWi!Q$1)1k5gs?H{@Xl)_qg@NQOms(GCuEZGLKSYF
zZW4Y8o@BGuj{r=(7EELt@`gM0TmCt_<J`EVq8eJj3o4z{v>wZnwlhh+%FlYqaPz`l
zmRvkRA(@4<W~?L=<yeYf1L$;`UwXgQhev*ueFRzY9wdIjM@00<Cvx1!_AfH!@9sfc
zC6O5RSB@S<ibgXhoPOe6JY^Wh-a_gjjLKsp0%UFV<>qH+Yktee+!-=`L#}%e?-|*O
z)f=n)U|#eeliE@SMH?O*4_}^~{<k@kv_8Nj$&Ch}2}qiu4MyC^M@)=hOEH=b6m?t*
z)Jgv;jA{g1Ov^eLW9p=3j&qbIea!1I6wtwt3y7SrW&J3SR#er*_hUBorw!^9<%h@x
z**@C@!Bc7kfzLM@L%u-?XehZgSfEDMd4aXV2xZ1-A-ckp@S(G+l(4~>nAGnbUg(gO
zGdpl*owm9W#LS0G80gSXNRt!%=%pGX8L&YpBk&))6xJ#~kPV~%vLK7<mRKBp5q@$K
zKR6gQB7h8R`}>(_IG7o|Me;zZca_oM%|~5>+drm7*J#A78V^r}=QrU%Vo_rT^km;0
z8e%z<^x@9vhV7){2knMT@^?gT3nSY_%;0}J?eT2=#FT3w$?FZx>Y~$lrE0*Uu$)NB
zunxaCMXXp4Nj}AZCi%6@kG}0~3Cf)nC`ac8QfX=IjTNg49m6!P)T_1Srp*UL14Vhr
z)KgOwS*u70K(?TFRKwOa?xgL!!mMnZ>LnDL3CRfX-SN`gAyCS`1-^;TyOWAqcUh`@
z)@h}rl3fwx5<p4OAsfg3LJ9=}UiD%$narMLfAAMl3a_nSUw8L03Xu+$>OFZN`BI`u
zIrdy;%Lo6m!a#uCvEtu>yK4W5xR!--N7{Z{=UzhMZhOxW7)zp<liEA^`uC`w)q8ZX
zrj>V%F)fM=DM5suu5XY7;P`aq75&5Bd|ShKg#V@1n_J9KDQ#1f#I}#z1fkcQJ#Y^p
zCnJtZKOfbwuKLDJ&AbBWu}QD%sa=YumQ^^5Ua=dKYoakqNs4)04}s+q5?dbVNpWa0
zBGz>XjXv%M5;>N>3dKpP#b^&JsQzygcTT2J$UE?NC<et2YV!%t2lzK0cm9{0_ea`=
zLN&Qg^GN)T(=4GKOh0w(MR)ip<(UdgR#iv<axZ2r4rRY?*NWJo;IX0H1p4$ckS7!x
zbpLTwL9ZRI7<wUDY5Tq%#k$#Xf>Vb#atd^T<qGz-=en$+Eb-5b!&HT{VYfg<mSo)+
z)9J9#b6Gkj%IKl86{EK&jl*re3RCYNZax$guY{ReBUOUvSZcaS12pG_fzE({u-_%L
zVDNt}G~)_gEQwx7^MZH1Y`o@+l2%l}m1;Om16}#&bv9swwl1I^IqKUvGN&jUsCxff
z(F=<L5X9%#`r^I_308D^EgkXXxF@!zLEx-1`NDkWiIm9$NnWD`T57I`o{LeYP7H3x
zL)eS41pZ7-jN4J)Jos8?$0O^ts>2sFtUD67Vu+!p+`MVqh~C|CWvFhm1U)aL{Aara
zmwl{gR}yldy9VYiYNk`BLMaYd#^r{=6A=bPah@>M9aaHyPZ=26`AcIHb2)mWLRSkP
zE5_sLvZt~&33DR~z^OZL0`23cL5vRlSG6}5#sQuI+&>-I1e^P>j*U(5gp`iN2N;O*
zcWlYzFNooC&-dOf>y1yF|KbkRMKY5{MfF5qe(pdXx>-iKmv1Dsk10Mekg?3b^Uw0U
zG~V(eyBDsT$|v+y7A=(;;_T{*1&y~s1vmx*9&%^m^%GfWX$$?P+tDjvDcCre==d&3
zQk)gcSxKd&n$(o1VNkoJU#XT|4akj#(CSKV$FD^Q!ccsv6)A?d0_}OnM4uL5S7<d}
zvAk0<vr7}AcJOo@NaE=#R}8(#3Q>=5(Nv6IGzV%Jz%0^r(>ao59D2T2@T^P#>^&iB
zvt*Lx{`dLxU7+{h28_o?NBGDsTFgwbKt<@%MB;+$d`)w|;nw&w`-(P*m)BQ3p%0@N
zW_0cs0Co#44M`>@t<7XvYP*3eP|BmytGxL%Cbu+hYXUE#&7czSA;04t@c}e{_d-LW
z-3wmPfY8Q(&IDkULoQ<drX$Kln!b%mI;wlbpl_vjD_Qlv!WIs#M@Jx12r~pSX9R=7
z-H37kL9b0WFBnJ3uE6bV61~nY)j%pYoHuUgz&~P`4M>n2l8xduw0F>zvWj10i)ho_
z0&Q^-K*3}UI1Pk!ECT#clPK{IDY(Yu9%^>yPn%P#C-CHxPfnAJ$p{^YAe&Y2v)W6k
z3EuZ+S+t@IE1aYZt?gQC4dKa$pEqr~i#7XeJ3)oTS+sLv1PD!3`XP#BiO>x9X_Pm@
zkO^0=I{=%Y%KTC6P&xYJ$$d{;8{p3!-;+DB`(xs=G!S@j9!#75xFLCkR^q|E$uv?b
z=3N!f!c|bb36AdXrdgz0zfh~G7#hVYX0;L~70k`v1+yfEZvrePCw^NIP4!1qffov*
z>krC~9*37)4*w@FX(v&y$-ggdcuU03!mB)eGpN_UsNCPZX~txe-*XFRy(KtgWY|X?
zK^YG~Cn&Z0a%Ga@kVeO--a-Teu7c-(6{({aR?2+m)wFS(%$@8`Lbq*$<=9q~;rr~0
zO8;uJR%*R&H!7|+cXad!UIyUCGqyn8r!bx%q;O@`!4HqUz=AK3(yJqpWfOKif}gsj
zCec;qy)l&Arr)C^C-7}h3$I8K2E+Cw3<OU@aKal-CK<7~e#WVehWbLHo9u+m=UUS;
z3hFq>j5g>Im};N=(Q^+YgoFmGm$-tFQ21;#>c3e#QhJ^x>CZcrp>0WlRlT-mg|v5L
zx12mKa)`_1v~;PoGo=4OQ|YV{=TiBL5?0etcxgeexBE2@<2O$$+O_vNR;;_@xX81t
z@FmiP1BoIQ5${B_yY>X}pG!AhasO#_sySH|P}zDt91U|$(nCF`Eo@8*^$TSP#nNs>
z4zO|?gdpycorPpRrnna7=h&Zs{G8iF;8JO+qFV6%#P?2iReC$tw8qIrtW82fTZ;Py
zry>=cXc*^!Kk}+nniXkM#~dQifJ(>%ZuomcP`HM-=^=eK;DQqt5XZr?EdY^}4qp*g
z|AfhKXSv5BC=rTv9pMYo*K2h3agCW2CfVx#&4ZVWi=X{;?v`mO+U{gdux@*T>3D|{
zR@(X2_+TN7VNdHP$8dFfLYT$GnC-5cw9iej>Z5A$e*G{Wg809P5^N$(`?Epp;dF^q
zcYY0gR>L`68nlW>*)jR(1002;a<%3)@0tn6%#TESmLAN_6E3A);q<Ff<GOdJb(50m
zwDj{<zmJ}WaGV3E3s7@)s&2zM17|IlN+pp-Mb(OOY`=;B!g4a^62>zbB|G~5-KYKl
zKBnz8q2{>1|2%x%`#pR8`t9BQtv%<m+jNcp5xc9JMlFd@0OB|e((TCwj@Rdcfa-zd
z@eh}(YZTEY_1KeVkeLpnJ(!Y%sAg~CLZD9?pwPy8@JR3!?OaSo(WOxwotzxP;)T!d
zri)MG9#Q968UsiL-h^cua_KU8S~pm^<!zM$aiUCJG#SH@#45X4*3%Fsju03i?Z`Ls
zi2IJWjHKn06%QO`X5Q6>w{M!z%}e5}7ZTj2K)m=)dK-B)Dg*a8m3g=yeuvoG4ukjG
zVd}y|BN6c`TDQsZ1dWgF`;hXCB@T;(`80%crbM|N+hmk(#$T@81^zU|K=vmu=i$Y8
z@f}dAYf0D0I0&~2555RN!opOhpW~gbFNMTwKx%|PXT5*<ldh{fzE0O#j?6}&{&@Fj
zjp`!p)=y3$Ytnq|xHR{(*s|YOAv9U%OnK;<t_wbKsHLTw5QgTFkhUHKH;}D~y1$iT
zv&z69o_5j)Ua^b5wK|bi+G{2X@#MZOF@0^8Es-5<Sk?Okzvf@y-0WyLfeKgNaxKbV
zw|#HrXq}LPN*mHghPto^TBm4uz4_&-mvD$CXC>;#U#{cqhk|nN90WbUB7RJE^i^FT
z$atAowcMkKF<{kYc`<2P=M<aN+L)^=m5e6m_6#{2D!JIe_%=x&0Q~5dvOLjk+@DsX
zIDd$-F8>^z%bf1LQKM>A`C;_JR(*?MmX^j!(#p2LM=e$ZgZ2o4BZTD#qwre>-VJPs
zTd%j9?i6?M{B<Jp7s7`9fqZ_KMqT-^MZW?v4mLnm!K5G}!u93cGBb^gHgk<M{5Za0
zkL?*yWs9%>)XNA<XsoLd4;AOmk6K`oatwNGdSy2-Zz&kjq#H4Udgf~`-Z1|d4XC_C
z!kDZ+Ji3(mM`H`Y*k_R`ihT;zOE95sM2yCh+C{-2REvDmFU9b)@WXCc$X;m}1->eZ
zE_)G&{GJBItZ|1S{LCP5jEoW^=DV7H)^?&78B0>4{hI+*l|?X#3L=ix@06z*zeGZ)
z-|+K5QzbV#80tun6Ht;y3COK`VeH~0Y}pseAgVaGcOe%PD5U^9K*YaM!DYr>wX6Z!
zP}e!^P9DB5C3YMQ>XcrnlqGHP$k&`?zG~3u<GueM?YDJQom;l{iMva15ALpk;O?#)
zhYcHd4est5Ah^3*aJK-#A-Dt!?lh<BoVr!j_4WOF^tj!l$H?yw_FgvEv*vvEdSBeV
zlX^6cM^Xg?iOR5v!s~a=PoT*AN@nuX+_hg*$u`cwAxt03_`v9mKdbBJvNz$I8eKc9
zAR$E=(%z%aV%s)~ZeGOOv)zrDvRz^dw(@t4TLQJ;5p3GT9XA)v7FIIZT{@xwQ(j6U
zkcJoN2xyy8wh*wR4+5iCSy#XVV2=SM{QbIi1_@I$)l_4?quU3e{()zBd6&rx?={x;
z*{k7Q=MoPB(9aohLg@~z!e}vs884|=T%q$#njXPILe51M1pItNn4x)wvGaE1U!L6d
z#cM-7>Ovo#gU@`hSU!HB{0iT=>j32`vkewYy@xmbBynVleF6CFT=z}W$=uzlvGs?I
zpM)#NZ4_92VWU4z)0uYX__48~w)10zP^YTA!ib`kR~8-U=Ny(V+<gSr(gQeabiE1!
zYQ<r5%_Jv`q6&3K@ICQ|uUi7nm{^G0HQx0^HMfdf(25Jzy|{X@&8!B&+_qirh&~&P
zkH$v04p&2dokL!pNQgaOnlQDGB0d<}j6O$_@}6Ga&j{6e+>;>IeA=&#=?31%x>vxT
zRCZ*&>~h<Be{g{lkK+nqMv;-SPg69Y0)G#MMYK=C2#3)kKF+mnA;(8?@_L-v{E-$A
zjnTq3)4N;|o`573C^J*g=4x}Y+BCoPj=sA|zv>3qzOIGxGQ8_JOEeVf;VbLbwz=qY
zx&C}1=wIJ=?b&l1%Ta}#_YN%&pi*N$ST@PUDP2hts@xRZx46#5Xsy*%S`pyt(gSD7
zdicwZ#1HOs3?%A6Gh!JDv)5OIuymd;JsCRiv&~i8%b_qNemA4<-%pPr8fO$#4Z~;7
z>n^xy1g<9>hX0Zj2$Vx*(AJq`@sHBHYZ9Ps*K<p9^nR%m6LNZdmlVER$vN+6RT%?-
zcU5|J1doFLCPZ}3aG2Q|(^mrhxQIS1ZA!-!J1r2TF|YOo|2SLS(X$y>{&l7-=7x<F
zztuW=)f~vQ7Mh~KEs?oibyttnMoGji!$4Yq4hc5x_$xR=70w9)xrtR@)MT}RgM9pb
zRDzDE)uJD=5`nmzrUcI{cY<nU|A7)Cb4CtQ1<Egai6`~by~bRlp!n{gHKC*%)<f}@
zi9njR;Z<eBl_D^jp{#h_Gv=jQk~Td<KYfOMUD3gh@N|gvLDV0>2Biy7AF|~b)pfQ!
z7~lcfx&~C?GjJJE6cUt#%#p>jKAHW4pEqlh2$02l$+&SlT*#0rOdx*9;0&rWp<%VM
z_HWiS%VCNbv@qO%E(54c(-Ps&h7l9lA?z;3S1fktd{rsgagIs>ws)mF!a48wTUqp|
z;2Pl9oZhKSmWI0cdJe*2Oszla%L@sannbH%)*^B7$SkNK!zP2%AEhWWpU8h0n{Jn0
z>g89WGAP85EYC%gnTXfvtr?HfTjJ&~YVPFIJJDf*B#~)UqlG5CSRDT@)E~r9A})-N
zsX8u3iEiSJJF06OM_Hqc4v;}=9W01J-p1tq70jQLmfs_u%k5^+c%}p<*7!x1x|M<b
zb89bG;YU&MT62jnI2jS*nF=4IP4so9I(FNqSrdqPn+96NpXp*f<05ycK!&C7O|Ih_
z2;!&5(&a`p`JeT~eOY+<shRgBa_UrhS?KfpazlH>#=q@7J3f|nXT_yA?1+gY9cQ>>
zsb!?_buZDdvg+tbMYAb6^{JqBoqQvdU+Q1o1Ab<hriZA(5I@-|MTUfR3}O*T&drCS
zYTHXTWbidxcn3%Fb3iAT2^b%$d`#?J;mh;(g3UnS42|jJBYR`;T!GYa@{zMJlCjQ-
zsdfyBTLuCVGt716ReeQUVxZO38W#?Y0m{wIt@+2>-`l~pfOc!r7HH(tw_7iuowCKt
zzLVF&{B%02H9g(Qv0bxzek1l-a30{IF6?sRhG<4f^-0O1d8t@iXm*cJiHy)L!jBCl
zL+{5f-@(nY$=Q#>dAq@)0-DjCor`*0y9sSZ;BZ!h!WkU011+4(3HqbyyR3SQPcI5{
zWtw}?+$~4#<oJ4P3ZH}q`HrM$1ChMD=~c$>n>Chd+A^o9j1Bn6#aXD2V+4Gc?HR8q
zsKBnPMN1#Z+7l7djZoc31ua%yDqCh&Qcc~1DLkPjPp0WSAcw~1xu*?%2SH|&V^=b;
zg-2zTF1#|?OiK0B3PWrfu2?h@J(AyLuw+ALhdM@O1VjzPvJaH5Du^pSr^9uanD}>i
z3j)(_#?oBQEFTbJWlFcW%yu$Ll-uv^4^zdmt_JIc_k?ohNFDFq>BiwVi2L_OBX^jm
zIWk_UD&xYtf@p2<&HFjw;l3B})-9s!eT)CJ;!%9tc0XAl8@_VlVmCs$6*<eXQL+%6
zn664Gy3(n4Gj{QFBi=zMso;|bc=+xaNHxU%1wxa-zZ67R79?3ZSZsMM8kJ_@B9B9m
zd$Hp>6;H_Qc}@Cm)VCsZ=AoCTflWba(m$$>06d>(-!v<Ez{eP+FE(VTM`rTfRK>E0
z%|1e@M86{kPnJoJyVy?V(xrVH`&qols`-}N&3pl^1M-)l=El|NrteU$;-!aC+A@@!
zSp(T-yA^nTBU1X#Tvg1ybu?xolv4C=qBd)KRqd>NQubj4X6LsZ%{^))dRn?{Lskv7
z=><y_wRcLEJfkr(wo9@u%g+E}hy7|ye(P>C%&7@g3!mu@Y`-pjALc$Znc$f2h^H+w
zhjG^^!dtQnVFNp78ME77Nxv8N%V!pokMmD9?UtOC%{z?=FWz<zPc8(jJ%Jslh?C|o
z8quU*oClWCiR%Or!wXK*J>q0PW4Qp#Ta?&hh-U4>wtw-j?y$NSRgBER1Sk4a#gm_E
zv8H@pxcSNPEyj?FKYnW@ieJTt;0rQ%lk_N^{wln6yBuFtCX<HJf)#JY4m(~1MC!Yr
zy-UuSSmtF-B#%Fi0tFI>4`Yl(bV?T*8b$;OjG~igPN?@Y0mCipQsy)}SRmRRe;bCh
zY<AYo&O&?(pUAx$Dbv1>N$WvuV63brpvI{3&%W;OZj^cMZ5EAh>7<EU@Gv=n^Qn6$
z=hD#^P~j4Mb6ZoB`N`q@`_@tbZin_%&2>xDBxGmZabK>%a%LCLO#a;YwA_|h7>TXa
z5LKe?9}R8qyGgjGE!R6S6HWbZrTuv*^Pbe9Y?0R-3%D5g=qMe@tB+Dd;JxShEl8GN
z!~uRVJglldcJhk44p4z5iIil?ca7lX_4Z{V&gPbTH2fFxOoL;zNjCRQK_!7{+F&Kc
z*y$4)h?XIT)EIS;Rqn5RoX*)LwAsB>b9Pj6v(Trm{K0;;k?#~PV8fG~;yAdVaiX_u
zjEM!6T&Sz|>+0drRvxsWV{XNRx=h=s*5gG1li9zX%HIph8^Uv0A*YUDh195x#5peO
z5#UT7C`~BXd|#7x_EZG!vlb^n*|N(pf0r?O3}?m<`+4t<KJjiv@z`P~!STDfMlf|E
z^GC$imTkMRgl<Y}ytw41F!!7V4=kU~Ms!J*9ML=;{8~pW;ewTEH!Ox^U5!^kHuPYl
z&sHH0q!>k(KRt;s)!_Fy2tTFCd~P0*5mr~#uyN?j?`PMb!s}@@r4Gme3v}GoLKiP9
zW0viAlNe>o8}f5iu%d%?%3cC_%rcBp@)_kwi#knzPyTslOu02*FI?#y<eHAp1v{;0
z_a$z+!Fk~w=gPGWd<XlS-8PNabYp44=Yf7_p0%<iWHMrlE<2X;JM$8182VD@ExWJT
z2;BfYXXx2nZN1D(13bZ7vo&tBxIs}vR#r@TNz)adqNyl*rmgfFN(}<-Um;MGE@!f1
zUFJt-jE7Bf7NU8l!#X#qTwp6^p<OWVtQ6HN*<=hJuJBzqy~nWp<fjX8v-R>(y>7}L
z<g8qnx5vsAbhIZ+>cbCXRP`h>k!2#AY#)7jf4+!fjymGSC>P|(TYG|h@5<l_B&L3i
zy@$IBm7hbu&08j(Vh6S0y85>#pCS$ljN21G!VPFf+{mEDLyqKHhjtO@_Vja;tFRa4
z(fZi1ZF;a|;*ZN-dJu985EdpT-)GYzHXB0Q^H#wXOjFIQsgvO!WEd7>Wl=2wrjr<Z
zGua%KZY~F*Ft8e<x-q9G#HT!)c3S1pL4;R(qTB|%!YS20^>LOc<;#Vg2uVW~mjYwD
zjm?%}p_+~~h>iyUr}B0c$;ZWG9%z}snXWq8y|%QEZ2pm5s?(bW#J-Fq0wjTcjkrn)
z?hUD3abH|~c*o-UZ`iooe<fWZ8iYPm2RI&AnI7kk1`OiU4v+G+(+1IsBd0f|WDCpn
z>{0HHVPv^v8=$dNW3Hn1SEsE@d0iXbN}-0>P+hyX7e*~~>)~%Dl8@xXnE9&SfF#VG
zlYZW#!#Tr-Ta(N@QdA{I<H(Lhi((DtCQZ)a2U6O$ps{tHZsJ_X1@3HLb3ktZIi<3H
z0*hU3yqb)hS0LSK;U=B2P@qw8bznU{D4@*&=qu^h+KUnOA*QQ#*9jbSB&m4y_hz|d
z)l_SWvO!q~mvUWRJe22?UxxebQX90Cw1t2H4HKRoh4~NSE|WM5y`BCu4IR9y;ILa@
z6)*k$l<|53ML0H$Snm*PY7(I|NL;TDP0pG-4c;U3$7r`UsCb*`*Dq#KaGtV9uePSh
zr8#9`$UNO}n3P?Wu}M~;g?pVC9>7fhiilF`V{q4D_q9p}9k%lc1+~h+t%mF$vgh8p
zcg8i7E)K~x6Z$$gOXV{9L*3eeeKuNL%VV`peo5->Wz?+|XXiM8*~HwK`TzjivLcu(
z)|eUh8oOBq`^AUo%$&Mu0n0pma`XXURprE_gvdGE`?GlSYBl@o_P|ctsLu%&ADJ_c
z@E+O4VIIBzSR8lp#PR7Tit;uPoeQLoh+FLL>{7C{d3}dRsYj)_r_+ujJnP4~Li-a|
zw>au@_p1vGPRuFinl$!rUXR|z)0~$-iPFY7M<0g2(`+*Sq8e+=7y4<g!1%+QfZHZ4
zi5UnKG^!@m`33hmala1DL}B8-OQ-dzXR6qB4ysEI?~6eEPj44Kp$1xf5M8r#EjNl7
z+fzEiS0Yv|hPnCJgATB3+;(UJ&J=FKSn{Ai+AWB}{g_OL)-L*Ev$BT^NQ+_an*sxH
zQJS2W7-OF)-wFc#9t9{tW5}3H6H_x$4oJmpv7KwpFY9RIHrLOqMNjJA{buI&*8&+6
zdA;z~8LB#5Ph5#33*$P6Y3UUT5C9H^)o`)9L4f!PoxxFEnf~jIYLs?hHU62uaYV4f
z!Ehx>`_HgsoaP6wh6R!CdMAC32>5JH$E-*xE<9p^Jp`R??bomGn^#sAtGTA^=+M*!
z4qm+{Fh>Gxbh<Lbc{p;~LTN~fxM<EIg?*wKu(^DUldQ(K+S!uvIB#%#3X0p+<$kJG
zMWe5mQ1A~7$zAa;v#}`5XG@z8t;Mq+fuL&k*J^H^X@){^>}1XOVF%ZJHHO1DTp-V(
z6x+;kn<WS~0_GVb&x77~+m4HQ>}8yuk6t<H76>Zbj+uyMD|Ry665^E{pKmJPL8>sC
zq7XWtwBK|zat{e3`uE>3cT>H0GBET=TvCgp$vI|@M)3>HKco0!gZR$W>gc^=sT*zf
z^`~kTS$y8K$^-`Pgdc3Wu=n_y3Ez|*v$!{NvvkKgZS&SYRmFC)ehs?el82W6_BxJk
zrYevcA-T<lREXc#Q-S7}K~Swi+-<O{Sy)j;u}A~pT2r6RdHUSg5>)4{Nio8^$)DQ!
z*uPiKJ9af%R=cIxHWZn2(nK$VEVsDC%N0^ht37O9HV8L$u&sZI6w!I1#xsKAlUZ4`
zo@7NI+4Mg9M9I^=Z(gh!`CA=np{0dxf2IxEKx=RfZb*%ROJ^uD`jlG-=8g&$E1izP
z$D;$wih5J@+2PEFkMap$eZLFFHqD9$n9@}%?G1OkD^BH{gv~`k>gx>j*sfr7KOu`k
z;j41-vaXl&HTDzx4v$!Bsq;oJO)QZxq#c^?VF?O2z2h(Vs_jGQOu)QJ(|*)+&I_M#
zs!0sVJ;q1NxAI~A5gSI30Q)e$LbVC%ntSP8UZiZV<;e1SJVu+XU1RxXE8{W^<-Ln`
z6w1)8!SdEGJO}sN6g%{sF%peWZDhXMw^j{YZEQZtlk6ykW%Ki930e9+4hexpFoJ%A
z1}nphXcLS$?5sZQOg2Qw{2W=|zb9!Q4L+XA!r^}`o{MqL9XG(F2d1>Nx`e(5`mP2f
zN*aBQeIM>+6BbOxYb65yc<$4<Je1uxP$niy(<gv+#MvP-5%^WGsW!OE#Huyac(XB~
zBV}COq7+ImtLby(e%AV72{lruG0zctrH?belc?);cE177T>)y8@{Fsu&k*p;d%cpJ
zWbMWGG~8uxuL%Jhsvu;G`6T?Q3*Gq2(qf0iTz9YA1KR7;M}mXPSF8akaK^F)18h-U
zocvII!2TH^h*+Z_TEH9&^6;HXL>j?QfIj_)Zi{re?UMHAtXNYmR{A{q+|P<PFhcWt
z2(wR_p|s&USg;(COp%ED1HIy7RMm^YwtLTQ$Z$_89OOKAoQ!T4YAx*}2i6ZK;L5%2
zL2Os&xmS6OJ*uPPeB;^@vQ7@36c@rmV*U%B8{!>vX53RyhwenDPR1u+m*&Jhtqm_E
zG3ULO40*>2OJvHBxCgP<PIj*NWH(goM#k&>^G{l!5=*VPdqfjRdMCs<?iY*n=5n?7
z@$-JPV9|DRe6Hgpn6=e)xU;k?*ahv*b0(#AU}Fz(MJEoD^K$uqrE6U=^dErI{VJ#0
zLuWT!6Q#UAVFBqT2*v2qin>2=(@XHwXv;;>Sjh6l-ahUM2|Zx$FitAiF@^I8{Aws;
z0k&1Qw=+%&kunG!S_zg5Ta5eyF%$oh0y{TfX_5tT{#^yk<$@7<buT`{PtNB+a-c<T
zaF0jN4TVs;T{w;D1QpMfhOj-^C)4XBhqdcspX}$+YEFh$>Br#v&p?u(a8r#_nI_8+
zA@WH^ML~YZJ!+o~1)MDuggeldFD`1U0vQTjknlJLWI2Y`{fi9TYm1)9h7>hOtmSY-
z?MQ?}aZay44Bll=s^T*RjHyk=-B-f`DU6g0S(tCl?z56gY)ZYB7ABlx;rv;1kYqt@
zBO{`V`)PLfa!5lD%~d=&OW$!gHhKC+G;q8F$hy#i%kl;t)<U3Zs*OBSKAn|{;KHvQ
z_7I*%*{m0Cu;&K8$2_{HYUVZ?la*dW?rSNd-&U^-Rb?~pX!p&vgVEMskv{%7t&@hv
zb<#T*W=@#S>Kime2azjVa59j~kuXncjn&=ZzJd9<4_$1sZh*BTSG`s;!}e>s)!>$g
z&RS&~%7L|)uYP_~YXok+hIu*zmtn63FNGZkA3oXEn4-93%;YHMs0p<;Z29R}Xg8Yn
zndkHnZbUzS2m>(imT^k8PAIfrx=$Ov*&;&odtL@Ki)0zNzLH9Vxi`YtxT5xe;>n8(
z<z1KBQ4rqPPDz9Q)5@+eYm{<zyMo0tt1WIm8Qr9DfTNS!rY%5`YirN?*_-8i!R?+M
zlKP!#Yjd*dR5eQV`_u}<PWTq?KG~c`S~h*^daLWN1*N_xse|}vHra@qU5TOOz-_Rc
z=sPY)v733)bs9V$^X7%ym2y_w8gs-VVOg(Rjo@PgPt}&MR^ysd>;y2%I9^E>`ZdzS
zeOd>!=o*4FT;)5|cejxWKTd+579U#LHuA@XRyzb{j4r-PWX9-Y?aHeTt_WObaXxZ*
zW1;MRXehO}c=^J(iEkwrm>WEpq2d!3G3Ii5@8GGwAE@NDau+X&2+k!$;Fd+}F&r1d
z+H54IliY?#FzH)oVCGFXK0*{@Ur$|0w9Ga^keEl`wnZi%Gm$C6l<Crz^hG$!-0Eir
zH|q>TmY}!oFwT3fR+KSQmt|x0Y;Hot^_FFx4_Sx`Es@+{&j&ZEyKcG@{sxAqCtc!~
zg!++FWYCc{yvIg4{vQ%GDtEGVREK&($Ung;<@fmOA1htUO7EQp({y)g?bg?JQb-U%
z-?qXJgc}~U-N~5GKROJix>2#Xm526vU=LwEkCtu{!iI}_H_r~EI*hPEd-o!l3v8u`
zeAvb`L)A=srA!^aW1_}1;bEWpg@_!9|M)DAQc!k~xRZjOdDnXG`QR5?Ln$0G1tss7
zJhSu_mvG;IcYJ&72g}HGu#UFO=7k+{4;B>a&jH3FcvRFTO#RT6OCN{Inuw)`5yURZ
zQ64gXN^5_YHVB49yop>C@5D+E?_|e74nhvIk{MJgmO|!Y8v^!yp1WuVDVc!Bt|NkT
z=cor02A^i+-0+5a_*uGoH|rw+_kzl_u~XVRWS^WdGJC;kW2sXmGI8quGD-*4umsSq
ze`?ftV4IraiaT6-d_2QAM<e|AToD-n5)L+r1#CS3Bs~t#GDQ{{swJW%v&Kb=%@zE(
zxaH%4`$@8pTF6mQDiu0T>iE#qrj~>n^-penq<u9IRpv?eY#i_GxI^xgNR_v3l5dfS
zyJtc^LiTR8WJWLZ2cu8J2<Ru<1?<8{#X+fV$eo{HAR;p996|+9wboDthEQc_gm5JF
zk0X4Cr=`>^QC1ofc>-e`F^-viZkBk2YBMc~+zu0(#oc@^@t~xa2&U;;_6~_O=2w9$
zBPMex`tjQlrnW!<%p^_bt5YZKi4R*XFh!RIvQ?6?C1hw!+MSwfmU_)@5t`AQ5&Sps
z%iondWq3G}C8w9gxSF;yhMU(mJ`qhdPrH+pd+0Uo<Kjr>KE&;o`rLZ0eL?G$f6<ph
zLvsttVJy;ny*5VJAuhbTW$%*)laU6n?0y%Z5uU(5s;Spgi?8w%=)Y5A&^+e-Wu9;T
zlTSV=RH>_B4Eqxs9e6>#w)b|*(O$+^QfGaO{Xpp0K#AGBmGVsW3+|G_ImxI(RWqXx
zi;OZQ`0;m25yanzzKB@i=SW)3;4t(mhzXTdWZ3&kv0HxMa8bc>&p*oux8rXyC1-ne
zA<pKAo^JfWHUg4+rZ1icsop$j3%C7x_x#T4NucsQ<OKg|o{KGK*nO=q{Js>t(Bwe4
zkA@TpxeEnNc{n(Ei)P$taetvF*#qa471&X;Bd>p0&Xs}Dj*>nFu2H|wNJaDcf&HsD
zxMUCu4`b^`Bj)sD;aFwmUNi2F8`6-ZKz*cnIq<wtGU+Wcn7}ONn6fmLnvZ7N>%(<Q
zr;^B;*~Ahn;eH4oYaxPA>k^q3KBA9?L1yR^9IBj@fp=2sBZ&rPBexppp{MDDF96ag
zhSvt9dviFU;zfe`1~e8d(C-txiPP`CtEp0#m?t>)1~(k(m<w#Lhl7=H&9G=CMIvJa
z8v@s?vvzEjqiL>XO;PF|2}Nl|WjfMy(~jmqD$=J%<p_t%ix5iR4d-(rGv_2aYbMkZ
zyM01~G+QK!pN~bzW9QaVoTcFAFA5-cP4e4z<ycnhen@WjGnw1CC0etb3aCUySAK4v
z#iOyQ(n|hl(FIn&-toi6_C@O=$d+9XPY?XiIe;$I&x|0d96SGj^(MIxZi^dN*u16n
zkYAO;nV=XM9MYXHI~&rYGK9V(t`2E__^^Wrk%UT(!XC*7T=V6C?NHdQ6B#y}3$Ymy
zR;wTH<VP}|z7n*nKLBH;QjNJF!_E>1p+rw7IS^8OcOxb-*3kk!&dECvH!}o;Rp$gx
zBexhkRN>g!`?Y_;K__sFD_PFn+S(e729?V9E5%|ZZPq&J>W|F?&Fi7VouZc55Qu$Q
zK&9?MQT7VY+2gVAV|(}|26Nst2QD1ktKyVG$4hhH(E4ESoe+EAL~L>jCB{d%hY%<x
zZ~BsxhO&(<M8*LpOj#pxYq5usd8*;{sPyy&Lc~*Hkrbq}cUPZ#?eF9j#XDS|x~7Ll
z`XkBlieoD~Y)A=-`ot`i4luZP$^4H!k7+`b5s4e<X&c+oOdib@I`NWW=Dtv4-xE3Z
zy1Aeu-}5Fns5^_*nY%Ui*>ah4rk3>wjP-soIYT?Kt_Gm_s-AzLK$#2`PNb%x?0ikp
zo$;!4K#(Zn*ob|ibqp$X;2DqRl_=@E+apWM96!3y5K=GKZQv;oX)SoEk*)0E?yq03
zquO%C4o9{Mus>7ySdI`693jwQ{}?b-uAGw$nra~9p%~H2r;yPl<4ss1k!}N(fEW<!
zjR_x}zUN^%8^t=Wa3L<RjW~EJc~d5pq#&zwbN$3!7hT;?ZCOuArIHgn_r&S4w*F3q
z;~A0<Xq1V{iiyp=9QbBgSAhf%1c#~r@QmrHP_R~(40>4{CoEeQq!nSR)Q+y>Eba2k
zTg`0Nos3%uaqsYXnw}6(32o`Ve#y&qv4^99gZrr%D<1LOzWzz)?!+Qnh%|5_4C9LQ
zeHfGkfe8S&OI|YxZN~ImT8u@Fag0l&=T1o`q+_)pln0+T?{h>3RCFi_i8&sooIOE=
zJ=^N$Bjo8s6zU6^;IK_Q3KhuDxGU946V{c|6}Mqg_<hD&YAbuq$z{OwE(Nlcd`Qb3
zA1+xx&V(Gji;<~|k372AlAB+H19)IYJ~MZ`(tUs07D@mX=AuDBvYD_Bd2Yg-Rc{`4
zDgRaHnBAl)UY^R1YpH2ZXI->vXrEZxwulg&K|{J@V$%BRGKnp{?ryNKQBJtQT=B<R
zihknHlJ5r|N_@61b`i9$;QfcFyhDmr$a1MvcXKq-!=~HN0~q)}s+Ogi^BcE}_A&J3
z4>u-)XxeU1173(UpKZR~8GLQoh92U_GYUbTv2T6;GI}Xn8gNiM)|J90NvHVAKiz@B
zzLl9+`u-;}@)E7*8CTvlt<>Tze#Wy=1xLmNH3#->gs|WTetW+>O5vZ+Mp;GdQp+h>
zI$5*epNq!rze=R+-QNCsk(!iCgdKjX5bS<-*)&O~;*Hl?U_hQ9m~P8!Un~*+&Y`G|
zn6#gUo<!0MP|F1YB(fRnHYa4N>?guQ5-N>292OZtLpLKG`GWL>A>|Ku72mtj6(oc>
z2!-(d)ug5sIXl0ru&eW4(QMe?G~yH0<s;|GYYMF|IbCsCVBhsEK@Y-v1cV!s$mM0N
z*`=2=o=5HW9)C1E!%qagLXm#Z5x9_$_*X)RVo(U)zm5Up?_ND5N1n><bG;spbL!_7
z$8BPN#3sw4?%D0mz5Hr{l7C5$%8icRwmaQz`u4B~CNBB>X;M)Ud>V>%aOxAs+|AI5
z8We=R@GBH42=wL5be9IS4N+4!!_C%2?ZGGh;=X@G^<&4<9Lb)8`)S`{xfuDN#OXtg
z$ICW91S&)?*qk5A;%gE3tImh7rx2xEq02|HIFxao92Zk_uhAfsTLh%1*dEznSO^jD
z_nAQ#nA#40f%#p@^RI;uExiIC;*L0fDXJBIYJc!juiSWe1Vjo|$xgz)e@Q;APO11b
z>Zxay3=;<3bGI@7;ZxaD%Q-1QoFmLo4&&-W(yx|5yz{h`&1Y3;<Qxd%1?)UXhzf+K
z=HOXhuCpHy6Z{kyucwNu)Dzx%lAG8{><*N#j>!qdHAB8TTOVr-(*ar~o3uBzkzD5%
z4C+r~-}e=bVu^B>{0+a4ep)Viq}{3Ar$t1AQoNqhmKCBDa0Nk~mT6T24hkNy9v7(;
z!QjTqZV|`Ha<+&GETzFV7m+^|Vs5COny|m8B()7Xe2vv!n0+U3;}8dB1s*!U+-T^D
z;G4yS>ODqs>{|%zS3TV(H2r}Zb#NuCdYKbILTwiT=C7^yNxAou<n&j*fUq)YLH<zn
zD7w$6cUBX$fa8ZwUtz&5)zxhf-jCC{PnWXneJ?d>0y0HEU?IvMU$5t~iW`PtrwaWo
z=l#2R^tWjrex0>{wI0_V&f(vGNji6*B}fCye%SZreCZQ-v;@Q<hUF$aYc_q$aU?$b
z*a@@s{_WrP4@1RsL;NJhALs4@08I;&)bQZ<nKUP{#apqj@g^IuuGd1OvyW9>Fz#8h
zBMeNmqjGeNBjZzujH9&^G_<rdP2U!nWf+IK=f>n2WG80Fm}M4V>!YrO$NK~NccRq7
z;F9tYH*tTaAK~T09R>tDC$e2$m9ZhVfX#_em3ET5XC=oATlcXb1)tqx2k2>NZ9UrN
z2hXrB8g>Q~C5g%FVT>)xNW4BLacDc?ADfR&JzRbM#u2PZh%V?;Qw5&4?nVP8cpgkA
zouF#H?FsoI1-BH&)$iPR7g?4@FlAx(;{InI_OD+fX&L2d+!}lgml0l~rnb#;D~og)
zbaB4JDK8%MKFwo^JB!w41)sCTN~VQ*6?Z(0bz#3@U=e~$h+Ka<yB&wL{NUj*k2fnH
zvfKiBLKJ26y;$DB-Zg#ey(C3~#ozGJ!?;71m|9-QU#!c|Y+D?Dy<$41o-Mh^khqx{
zH=oj7hq7nz%a%|D_!H8Vgs{Ul`fLnP=y{~o)0)DeR2-<hNGtB|;R|zN*Xz18!*nox
zNC>kset}#f9`tQUf^^TS)Ut6}mcn?MtUef40~JTr_>j0x2|7xGvf>thKu{~ttq0a}
z_<_jc@kY{Q@4Gi<*)cHE<kt)mQbjTjPY)N0y&A5+_!5Y@d?*DepWwXsw_JWrj874y
zWTnKEo=87GpN*9q(W8;JaKOJOhu;cw&3LZY?=4rulEfIV{Q^WHXO6+ZUM+%uCqf_B
zuO-c!to%j)OIMPFXR+73AaI5TE`1HP!L0AsC26|f`)Q8Y`47>g(s#aJVI$)L;1E^w
zVeXO$5qDu{aABw3(cvm$MC`|_d18#)FJrIF2#u-FXxO^a9P9N1%_T;*#?ig5;2jrN
zMcr~-KY|fcuQ<ELB44U8&_rO$G%}bbdSC4@_*W@e^C3c_dyHpkHwl0v_>P$NH;03@
zvbZV<&?Ux8(dilv<wz%t#~fYXd!HiYR}hptd}yxnMM-sisKm$OA|%OIvO;F|k%fd_
zSZ9(N&yA(F%`>CfBjm;;#&n@!(X@BwScj~igan`{Y*y&;F6vSFwL?h`0&hy!+z#aH
zH%`xHTpo|~Z@01axxG5g_siCfRGTHK*Cv6FWosutPNFihnGK(&PqR+rgUapWyt8PV
zz^q`7r4Cb7Xcqj~`z0i&3UHzzP>aO3)uJe)w_!`k72?v>W<NR!aB^J5W6YAWdKC2B
zk2BqB;w)A(FCzXT%@;kQ7NNXykgyZml9%$LOIr#$+;y;X5u6EBda%sLplV#_7UG0G
zYr|nIQ^xgbnv4$(SkLjzl@{0)P?7+-rOX>MxhASnTy5DW4wue&=~8SsllP(_yt_y*
zzb~D~b7ro7FwBCdEMgO;+)_^caoFjOc6AuAhlv+2LxE|!jiF2Teyw(_zpF#Oo(KVh
zv2TVr)mlQlz)Xd&PWcgpXO%;CHJLLNgF#9DAyWO@d7^(zr&szhury99df>A{ymNdk
zwI9~L)%NZ4^K$~xGwR8h@EKH5ln5&q0`&5C00WZqE|c<S;n?WYr*yeeD2fM}#@9Gi
zedUonp@TFZJasy;6iYFeboXn$97=HhQT?U9Z!|RQeCjbSYZEuwE_>I{a$v8L3fGZa
z^M_HL(K6NK?UpR^E^N8FKyv6;v&Fa)H8z$gvEkh##=%QctF-3r2xhfI8wBpD6WIYw
zKO~DZ390hDK*AtmYQVZdGk>)!EvB&;35m)6mo*QsXk>c-g^7z&^w{fT!gUsN2q&_x
z&sNZCUCFWE$~VZAVX1mHX$4@(BtOL(HyIPN_~pSJXt>{k^q&P<)I}JNvVL5<{TPE{
zKW2Tg<^Tf-4zs`%v_|cJ6VKedMA}euzqW&TMM3dhsYZn$UCHN{F3O8n-RZ5{LN8Ux
zbxe?S<jSm7P>A{#rU_1lY|)bLa$qWuK=Et;c*-Y^om^K&C@grcm)^pCsf_&fxT_9c
zV2}o5h?7!uq_rlYC>TTZds~QyITjd_m7C1>D0nU#UTax1m%FE7#?K1Qgo3%#fd>YV
zU}cX*3lxdL+S~S-R$%WGK)K9bb_5D88=Jk$Uxqo%*)>RK@>p1~F0PEN!~)C(H$5P&
z<Z@xsDiM4^QSdG%xLZG_r?^60@j9Z(nl%_gm-8r=T><k3vlB6oN9N6KAI8}!i@^i)
z%G#@&4mlkj=JPp_G%voE*;>+DvvTQ*{@};auafN)v)($qqzMNgryBlHjot*EqIytX
z+HI%9Ei}etM0h1>icrur=Gv9Q`M>|hT<_`2tHcaYVOj<4Snx??T~V<jr1yAuhW(0k
z97L*|M2p6R#7<Kq&o-9I2saJrfly5QBIvrDGcs8kb`u6`g3gF01t-Rm$TM)T=LDh7
zxP=7_RFWviyS^xNP&OJi9uFm>o~3bTm_b3jNv0cyN>X`D4-4pezq8Y^bOzw6UQZ5U
zSQr)2FvAA*CA2dI{Ce8&G&8(o<{85~t>}MF%kQ!_Jot2>HVIHleh->azip5;2x|>O
ze%QyS13_s?B)|K}D&K<m15Ayjh|Az6N^NYatTI98`2gCLNVkLg=X>rVDLdD$m&})s
zWOn(ToWtQ;>iy<=7=jDylRZrQX=lu1U1B1bMQp2ANqBpY4m4O{C^!0j6CL|7A1k(6
zD=5vqgClrbcKUyM+Ng}NXxa!BHp29oJL1sz55sJyu9*d<q7Os`?yl~DeQX@d11hc$
zPF~5$*)mS?3w<N~srX6zlG5X}$D8bubesJX*f6Olr8?sBYEomD4(Ulf%peCfPBDS!
zo=$Xy>)39AQrz4O%}-C`tTrwP$D_s#z1*c=$q=pcVr#|T^a}#UvAY*3xtIJzBZaBX
zBgQ4mclGQGUQ<+_FF`731gQ+XDOZJ~gnZTtUdmdXr(CoASt%;Dd~|DNb$pk*G-1<o
zom#Yql$*US2iIeLlq55a?-j-5tZh=&2oseBzswRnfq}j!x4zp$(9@8VK=qHHc%kdl
zZ26kxTSPGkT43EmP6D`j?H51ycwCz7@938=gw5k#7BN$k&ohNgNj~8sWew3?H4;Q{
zKp4{B3V8i^=Lfdk)n6-t_w`(hk>{v1)t(=>)Ln)h+sk`_8{mULH!iiO(J&pJl@MXF
zYE%2gS%sVpps{)=8Z_2tQ;QVH^7RnR&FhX3cGU<nu_*<b87cb7AFmIlBQQE!|G{7t
zwAc=NPWLXQ6!h#l;xpwwZlHg>d(|pHEvm4HPiB8VK)Yg7<4(LgI<=&=ujVnIhl7j+
zSlL~gJlfmGaxr<*Y2AgzP4GrWa|L|PYmVv*-m3O0I$rMvaxz<YzdqY_&rHfdmfSkv
z-MTKsyiWG!e6L-_HL+mw?awvm-?zWET+O<F(6x+<^>2+V-(aWsoHdF`jj;tE6^H&}
z;`g-^-ad-@var{Cp&kmd9t5G?l}B80l%8FiNK*#<Vcj7AbW0NA$W8A__*k@Lhpe#D
zIe6}2pPnNLA;&M?wS%;~4O$}3>>bTrG8kg^TDz@Gq~F_QFWWeAyzy0|5BDm=O)k&G
zr7w)doi05N-JST9-1lDo`PArW**c~^Q`Vep@}Zzy*$hmKznyHRdNb0!YC)p;Nfl|^
z9N7EZ4YPV|@tNq#DgTt+sN3{_u|Ii#y>}ehmU*Rv7Tov1PyXUK%V*8nz@W*q{A0Ec
zB^Tb$$>g+O+>n=y$ID%MVWeB$Nd~PsYaiQH=+bVN9jBj-_{>5Vr^FhchWYa<)QVlL
zk~a~V_uHarz)V}&<@?^ZggtX4rM|0EbgD6UH*_?jm_E3%;B%g&>+tO)t8qi**C*cO
zSBRzxyQR7o2=}ZBEgQw{x0kk4fU<RVYPu@Ru{YoD4ki_=Ebaw4e~>mj?a^ZP^pBQK
zo6xvVpVZe}kI{ad77!g?7=^9qpDBJ&Pmg55?L7qC)iOzKSB80LoI}aL?^3`DS+Kr@
z@6@fb4Q$HT)&(Vtn4b^CR&_xLIzqE;OBm2;$#&q3Rj3))(*7dl<nyn@+PD6k9E^zO
zP=y>dI4jKTS13h~98MGUp05^rmtq|Q8dT^RLP=*LO+G9jD{Sgs^L-Lmc|cQ+l3X|M
z-n+Q}s1~YqqJ@rFJcg?nOUYTCUk!IY8W`n4&8;p~c~D;9Y#35Tb7gnR>)nGWF<!O4
z0(dRmT>!zRGZ?9!4?>(Tr0rAkMNd{<s?{)5?Ud8px=zmu(Q!H|vn3hwk;aYPa2gh-
zaLb%uYNdGG9)sG~+T{38Wg7X)13$D62*iH*ft77HvSvohj3Bp`Ly*U^8%b0{xE8qt
zk*%<lB2z|R%<4Z0!hT1p>k{RyOp&kOOcmHzofdopJx*30Vg87YL{7l;Y>DRb!<VI#
zctd`39aZ!b2N4u{l;}aU<a3WR3-RVG_FcYE)bVXk$p(1Ly{OX@rzRG{13gWT0I;Xx
zCXlp&Sug%li$Off$h;g`*FkFpr;1HPX>wi%OYH<gUmlI!TG^@sTjGvJVj=6b@WVZ(
znpL#uO>ey&TC!ZSeQF;i{k9~HG35nUNiRNjk0lJV9Jaob@AlNw{k1#pSK0zLE^ogB
zQ~TLhlvqc3dnHEk?T(`*9p&A@=G%sfMki|MfJz$ej4#iS$t+hEJ(j+Qie3wsxo#gM
z?gLVxrZCg9rvaaVcPcLKPc)^u>X!`81&aaJ6;=)vc3T_bJ+-}zn1!1p?tA<n-;Y_S
z4W^2@3Q&9l{=`=-LZ=%^H?}q)xBjv4MZBE*IJgH%_ch)kmn%Iai)pkg)4!cQ^_1GX
zw$vbi2Jtf!zZfHS(9FbOf!jmhs^GJ~OiqH$IwSU2gkIS<*-;O&Z3_cegetVX^(s|R
z4Rjq;H(901rTZ(7kdPfLh7XC{o)M~vb`hv>4LvvyW+Z{Gy3LU8yMX3X15?Wm{g+-2
zXipjO5U8rs%bhK;S-QR#!2lQx)cNT)Qo`JN+58F!Ddd>z7&h%Ax{i6JysvF&vNhSw
z)kFjWsG#(v+{T_?$mO)jqV{eaBDM7fS`o8xY<Jvz%?;o_eKd`mi116!JBK*W_AH2m
z&n{bv)kKfhg#zxotZekXn0a|<?6TvEDlX2^svn{()$+;km0UQ~<8L)IF^CvGixUrG
zs)HjBNrR|Z>Oh6ffuqK@5pi3`(QZGCKdC?G0_$6U4E`)Q#cG%WI1tWl3aY_n<lBBT
zG-0isB<XzCBR=saSG23N#msW?r=_})W{gZA3fkn!x*dG}%3tlsKTxYVoMhxF9x@>(
z5JE@=C(N^&tS8FkpoW%vE~{-;eDF2pC#9cJ9Z=+iu@Pj2NbF0R@vw<y{&JFgHd``V
zEMIz)<)u~h>vDoKA>R!BPVbo+N=AC#rj`S!^=(hWCx9LSW$aj-CVhr$ueaOx*&K?R
zwwUVMsw6|Brc&tRXMsGAO6_FRo3`bsDshf|^`xo|ju3s>q23X@v7_&-jiak#uQg~(
zeV9j%_w>~Xq-@H*pTVJg2M&<5Ir=6s;gPY3w?o>j3v<zbt-pVMWspU-4^V!E<I-5z
z5!-0P(DGo*q`wbB-$rA&;yLlNcUUXXeAN4a*~D^k*5dK*VNIo|;pgJ%17&?V=RU%-
zE=vK_70o)0IN7%Zh3Jigvgz{L{R|lPBzE{AZehC!S-><&(E4YN>wFXBs)Nv;&$%de
z{7w7w=aM3a+kVkwvPh+|hylPY5@EZl>zjud!PW)E>sAw&c#=dNm`Z3N81$v~g$EKE
z6%#|F(}Rr<8d-inzg<6&^NCO$2ewmaXZ(ydaufvsGaK7rM}-t(n#2cBs32AzNMBC9
z3_7ZtrH6FaG;XyV)D!ts&om^cPd5+EPRRXIjOW#8cNl)%cCUFp*hG4hO+)g!Gdd)H
zmu==fxJ){6$LQFT%hBcVpR55JE{EzCa+uq+GH~bOLE%L4zPHnVL<pag_hu&`-;Aw-
z>7KexNF09LeZB+?qg7#Q8xy`>vlC4|?#D=<Kk|kL0M(f%7__j@OkUXCyHTG<-oq)A
zUI`+9DnB10(ljUktf6>{se0r8S@+d;t{p`L_0z}i-IR@Cx{(JiSL*^u@iYu$yjM&9
zvBuTh?{&0pQJ;TYoZcQCa40xvPvS8lE6}sS9?y3DGVYX?Wlb8P+Qk$FK4&;~pwi?k
ztHU-o+j#d6b<g(CAbz!BLA2fEwnVo@Hl@oJbgyT8GPm*!iu#USd>;dMN0P##M;Fsn
zV?J{SZ;ea$3PLRhyuu>qfQ+wyKGR8%W#BrQzibz*vjM{hUq!58+6*RRU7dW&8?&q{
zH6GVF;6elAg^>3;jk;YhA$!H2bJZRWjxWxyHgJ6~bego>vl`WUVwPFZJ|tG#JH;Ze
z5Yw5~EtjcP_PZ)CX>?|o`hCREZ4zDVK3k+hi#V`C?es8T??~rnhwm0rqg)E)3a+63
z6^3F0;X-x!#XxZ@X9|!I`^yL4p>X#dn=G1srgTTGMl@b|Kd}{E(lFP@LWBDIS&GMx
zp)ms#L$In@(>5#LZaRn7kV7eM9vzy#_RG8%x2Y&$56cIqii*CSG^MIIJDRuJdADVF
z@k34^<_l5rjGrc3=!K?I_5+#)P8Xc8H6y__qawSuGEbOH@>lKs{+8(`t?=<L$)c3J
zKY3Za39XKfViE>!L+`hK&azu%laMVQC{#Gi9coxkP8QJvA`xQxU&5;h<%$q@ixPYX
z;SRsoC1fxp4XRy8%ZzE0;N8pMTSXFDX!DR*c~8nve4@XOVe+}q-VPoHQy`@3@c|<8
z!FPO;7P9VkT0V?D1U=NG-4vp>gkUVRhql%bq+q--NlVf0Rw=)aOGr+^p2;nst(aqe
zFTIMSMLkgZO$A&7W}7y4Hg~Lu#>vVwpFNE@miM|jYU#E2N?OmTplU&lOM~;~-Hdz|
z#Y#kHZuSxSKm%fI>g?<f&5GQ~Uzo>Y*@VoK-rElbYXHQt^4(hBk=Km?XeXDCkhW}u
zviQcEKJz*o$AkL|_%~WyceLqW-yyyFT0e3>qP`}7^<ER=Pd#2AZ1z58iBO<UlK2G1
z9k?=D1?ir}&I$$*yxKo55VCd~^{Ur)NB^=-GNQi0EzbP8tAXMh6oY<(j$ZHi>&{U4
zJG<r}!Fq0{wNeYVZT%<>TCjK@qT+n0KciIi*NMU8#X1_C4se|s+0mD|Wv3ZzQX1Az
zz6D9r$pYvkW$BE6{c-QDGebNdn+M-6E6QasR;lNugbhYRjh|Ho{%53}C%uq<6KVyb
zjfQ4}owc=UpS=sK#8qN%D6r0S6zMMzf6kkW=wA)UQiHMn$?tYK+Nt@PmdmgS#Nzil
zTy|Fln@T{YuKp`z(%h<d$U_#sxbJ{?#it3J1{j6!2TL9%m&9P{21p3Gf24wgg@v6}
z*<N~L!i|AuctlQtVPt%2c1(sr)>Ml@?d0Ou3FEHhvYpN=j)3`P6ZaV;SiU}HbPb++
zR&Z>sLLUoS$o?H|j2x}V9(Wy8#9S#N5qjT1YmtUcj*BY|#!>tBdn9bx{m0j{SEet#
z+fs&$)(;XSM2G$Y%`(~~+H5sZeB!l60tlXMHCZlGS=T0B+yScQeVdj;(gzBgBAur;
zxEvv0@#=S3xYgXW0;+>=G4kupc}q{TRn{Gcdne;dc&>M0290FSH3VDW`(jnpoAWz{
za1qN(bACpbp?JXbg@548Oem$x6Oi`v%!bPRAtr+AQeI{){A5$GH2D>01zccxx*|7L
z@gv@>j1D|EicZn=)8)6wlUW^IuBvWRim1yk|CJ}Hf65U(%_y@JBi)D`qq#fR?aZ+}
zPBpKWn{^d^Y@5S@wBorK*n#&u3l{e*NU%4+|524cEECd#yYv%}HH04pr&gy9!PcwS
z=ZJwCEIk?F$3Gha=A{O*=emv%{wI_RvdQT2q+`hr10<L)8a&*;`yph!6E>Mj4=Ka3
z{!(dk;X}l6)mmLW*hVOd#J~6fX3*44{7gqZ<;<%7#b6tFXh6k%$PX6hj0i0JU-|)2
znvse2``=7qnf=h)tiS6hHmRZ>ZMLy=w0|}90TS$P0{dePr+Zd%g0O7gN3`InH9+l6
zQa}`row%j=htg!+bDB(3P!kvb&(i|+g4Z=^{JD}a;&;6}oy;C~-!r#n7?g3;AO$m*
ztI=gDfMrRQAE3WurPNqunGLgCTs`t|Od9z$IJl*h`;$Hxu3eC&;WuLulTjNR_IwnM
z`IWxeq?$GQMDW~g-qQE9Y6BwG%zvb}j^xF%rVn8P&{2z)_OQGteB34%NDH9t@N<Y+
ztf7Rx3;|k0rgSgE^0pDjKJoxH_uF}!7QdLJ;j*5~fWUj)5ie~?Nur<IE7%frCm!_Q
z=Y%Jyh+%RPG^K!GD-SV0RG@#mzh2rpdNGeT$K1{IX8bgpca^@H*m}!$kkH&v0!YT6
zSeE2G8X%}EJk2*qpfzDbpSN5<*ciibsUe`%|Fjl>5}5oXRb3+S%N+=Ddo{z@OzWbs
z8)>>VDshJtKzRWjEZ)@{koarnPU(!uM_yIf+c~2l4Sv!6WiHJ{V#FQrrAb*6_uOz5
z-_@#k9Zc7b)9w-hEz*xROz<3&N{^0<#xv@aW(Djw|Bqo}ws*9%GBa^zvU0Ms{h!%`
z<qa+lj=z1r@$a8(+?=dntn93u9BdqHtQ@RhEUav7oE%`JEdMid{uLJ|XCp^aQZPq5
zJLmtadH>z`|4;EEH#KuIaRk~s1MO_d`D|T4AO><*pcBv-2m(5L06=E0W*~At76x)7
zM-xk+tC=Y|pScmp$&7*A1PB0{{<Xx((#X-w6yWG$Yis7{1TeETG6wxI*V)nKZK|;g
z5M&B4v2!(ZG_o)QIGS0Qx&O8D?_)+FkewUA0_Y4dH*+?z{MUufKpQhV7iV%lb}p7T
zCH7{vra)T@fT<bC%-QT8dhA_{K|mA0-<CN26#!)9<ovduy`2-#+0M}eU}9-zVhu1i
z0{%_i-xZkH**Y5m-*o>W4Cv(iHtpZ^+u4FV{*-8A=J<93pgF)EXm193TLo}(F)=YS
z`(w*Lg;*NBCBWU;%+b~e1OPfYxtIZ*9gR$^%^d&Q(b3Go#q3R((c4O=f6CT>3g8B`
z2L3}S@GXh9=0FR8y^*u!U%mfH-CGl23Uo4YadLVqtP|j^I&Y_QvIG5d1??Syw$6WK
z^6$(3QuTH!>wnLHk&Ck(z{JSb#0&)ZEB}9G;O*q(e@$l~|9e#cW{!?_|2XeIc?@9b
zZ1ZL)a`HcFV{8U`Tdb?kKyLF^5GQB5zXkiF{kOFJ`Q6DDXm4-k{AbJYExwV{Ut@pX
zUT-I`F@7`NTc;QKAFgD7ll=GO{^?+jH{&?jxj34b{mr#(|7baT*uQy*T<PzD-ekEr
zy*c5JIjjuiwsy`ybD)XQ-<1Cu=`FO0qnVNOo867xJW0;R!phCa!pr#fF2~Bw$HMjI
zQYH>oUY$Qe*_-}v&HF2!vBzH<18rS_e`L|-&8dH7@y|YIJ8LuBf9w0>toDEH^e-O!
zmp(Ihd*GW3{;B7W!;<s;J!fy*{<$Byk*N*P_M@4*k&QjbjLF2#=Fhy?8rl4jtUoS8
zavz^R>h{mh`Ku=X<%>U>&W=C}i@(?Ap9TR=Z$Cv-7tlY7Z06_+H2JG#X=i8sUln$K
zE6g9+aeVWirP=?f-`U9G-`rsSmQEK(v%e0;_Fp4^Hvd&N;9sr6#`2f{{=>i@Kga*j
z{g-q9fB3?E{U!emKHT5cF}M9~{b|?wbHA5ozq@b#`Qy*{JO6#oNIlY8b*YQ%fAjen
z|DXN*fBePm&+~hmXZKF-?VkPj?a%Xv&Yu1B`{)1vY&t$UK5sbw$FKfzHoxxk?E8P7
XneYEeEc5=;{|wEsS|1rcFfafBf}yZE

literal 50938
zcmV(yK<B?7iwFS8Rh?P@1Jt)utT0Rvrg?1Jwr$(CZ5!XQZQHhO+qP|M{>fxFyEnUg
zGZ*`$J8yNmDyfUg+i3?Udn;387dj(XI};mIfd4Hp{0AEg%l}kHc2<V}tNs_UFfy^S
z0x&W&va&F-F#UG~U|?io|1X_@;eSs%|94!ST@0NF2mmbX?Ys>CAM*a+?*D%ZF@YNs
zfw`p%!T%ZnC?i%gP6k$XV?#D(V|GR+V>Tmp6B8pgRwE-O6EjmIV+JNBQzl~uBLXK=
zGiQ1WQ$rJHdRs$h7gMMI@1+u=f+A2*3WCDY|1|*g-^R}n^~f$snu@IwLlHguCpuGu
zovZ5aVvmx~2$oegV3!_H1%MryHqid@>4IdMsu|l{QpCDm)N>kvKp<7=lmsExDB=M)
zSttckAV75Jp>o(A+)*AbLX}RKC&3OJafFh4&m_MegMbPJAtiw%-8){=h~R{3D2YU9
z_-I=D1!+=Dv;<Fn*MG&G?oVCOKX=LZ*TCBgNk(1ad$qX-2+xV=M3v}Se*_Y1Y{y&j
z=1KNfR)ke~)&s=<%eB*N0}rAGFxz@!>4=o!=M2WMkGGjsYuQ;~>EXvd;{#TK>kcoj
z2@|^oshRQik9m_=>rG4g;mTtvx)Sp51O{UvOWs-*o8Hty;lcIAToQv=8NQ^qP*sep
z&tAKP^Dwc`oh4=pNtpdlYlqQJ?2^G?cb2BA@4H1aP<G<cKd)d=`Qga8{K3<GpTqS^
zrIF=fLE_)#YZpL9!V>3eX2GN&%>1Bu&d?8vsUEiU;y-MtI-I<CS=1|mD|9-J&wVFV
zicxd;h4o1E-7E>SmILOXnn{2a<1mGKz8rdaiUf>CazZIqpTJ~TIm+B+qM*)fpJzd}
zn>lv1!&X*Z@-74zO4lc5U>Wb9^(>=|oTQ!;ok)<?Fga0K8?^HeKG=@d=<c1#kZ@!A
z%i<4e37shSosh5Y7i`o1Umq7V7p<1wG}_x^kT#~-Aae|T&9%`lE}6koTVqO8>%ILd
z>B939v5Qt^r<K#GXh8bchn8I%@i}N8Yq;i<qRs4mMZ3<0@5bURlX1J|`VKRZ(2cw(
z2jSJC_QFe)1?C0J`N6A&s?{Z?J;|1>ZKu~13ywG^Aa#mm^cAObRb}0qBa{tlvb&nY
zH$g8P@9XNS3?_nYd>#qLe^z1CQrT(mmZ;rz$4d@&I*GIi`iGJj$0QLY3K8Ia{BV^6
zyA5@iPfk6|`<K&hOvQPZE`zF}ODJ$tjY&q%(C{D?A+G56&l4q>Ql;E-ian*BS8B&t
zvpE4dC*F#TTW>b{%j9>CzGsFg2yW^utf)vFz4Rq}UQ<A@31`)EuX=pZmHII6sL6G~
zA7hwHU+?tB7_i0+$Xv}IG6J$r-?kUqK^I>|!5_#v{kq+$a30w?QQUBY3<#j!c}CtM
z$9?QbLIMN4*DqK!q!^%O`>!C5z<TUOo<4?P>L^B1qt@8fQ^cH98YYmV;BdiYV~86V
z57E&4Tqci^t`HItO|!-{Oey}eT&WQ>R3Unn>LNN{J+uxn6>RO*b?e?i!XJkhYF{Wz
z0=9gCPD-E^Ee-WaTf=5&o7{g-sAt)R@1)+9L*BW3z@MUISx_F?Dbuo0K#VW~2R`x%
zJp__|HlUc>vy6*!%LZeE2<W@Jfb#pV18+9S0ZvBpvhl;xG}2a_iX%cu?Zr5hxg|7&
ztYh}x(Xf?#C02L%?c42_?Yk>nYsT1DAj$DeM&pQZ=ZHIc>a0nAIa&HvleoUXZ=mK4
z%qJCy9@)$+3=GVSiu2NQG!rs&Q}j}%^Pj%A>}fqZH)Z^n+}Xz;!>uGd)(j%$laexv
zva`!o(=&z;x}CjdkV9geZ_{(8vI!&8w>_eHvM~Mvg7j@PaR>jd28~<VIIZCHt(PjV
zpt+6l8y=~a^9j_&(e>4Pwo$;yLm<KEsY-b~RJ`|#&W~2xQLB7?!Ks+oSycft6=xBC
zDDMS2u8x&|2THB^{=L;}la{W*vx1P+rNOWSIlj8?HFo##O_yQ?M&hwA3Kbcj3a+3W
zpIxc~<WRM8k+OfzG_iNkWtpezYOz$6-2YL9D@R2oVv^|6@s3|OW-wi0`(45`)YZhw
zZ^{7z)I>Y>cEEdN)5`tN0fE`^i7d2}kevkxEP$ag6}K~%QpgmGwH&#T%%Zs?-kOt-
z7e|5xXQkDvizY<4f<%9mb-WCMQCM?b;q9biq=0$EnLsXz2V~`lX3Xyv>~V<C@Y?{%
z<!6B?mmpe=W31?x%!c%t&Zt3mn%%8@b>cm7v4%J(zs6$E-VQBLX-~Qy`zpPg0?$!O
zTNV}mYneS~p&VSN$eOACw-+5fn(zypsjC27Z|spBqcUKJ&5qD>MGfW#04yqrDhmw)
z^iP2XUBZexq^9+JLfX;X-O_OabRs3cZ;rU7@kH2vR|1an>9mKvySR^dsb{mHDDKf+
zskXGPil2W*rcO&wA&(eZWLUZfHP5Um2TIJAW^5$-JaIKAqM3bF2`8+dk!UEus?UA3
zDiaI8{4_v!Mh-ic^v_^ywOt}SMz~}3h;Win+1y3kn}0L28CUsGpu%`@SJXbE+TOH6
zdt~-bo$6upSw|MaLB$T9O01TWP-IjwE<Yj~$2Ivm4}ZcD&N~v=dI_f-$*3stR^-mw
zM7UU8Tda0F8-7dY$@gRKX6UJ{Z&e<;6QN2d8ivQivPbPz>$Pw8i7oSZC}4OpOigU-
z`<1BZ0({E7*Oqg9TL`W~@FMnvF|JjtG+)QY;fRu-DzUn(h#MK18*c574j<n)`!hS~
z3Po&m1-(UC=_ct~V<nz8wO^Fb5fV02{egc{zaI@s5CJFc6rP|;9U&R}h=~xU?VS+w
zJfWh-q|f=O0{jkZNe#sZk+8D&Jd|0e6frWn@C$Bb@I2d*mUZAQsoy8B$57EsiNjcN
zm2Rn~s>&!EO0DtNfkzQgBAXY19rnt^4F<h97RcHy!VQN=0grp)19+RWAE@K{xSw6q
z{<gPU%G(SSDNy*H&}f0eI7A9aZ<J1%R*rS}66Y%7gSj60tVz0aqOflkT<3l0V%=er
zxqLHvbg<2%>$TYwPa+LR3OvqntDk87&{lV8B^BP{U}z@otZt8wpMUrF;k&-OuctjT
zh27HxJf)MVOC)gDo9)Ou>um5wPE&bE5fqaJ3nrAIw83%`(u5?nhQ}8<AMB}?Gu#*+
z^T~V_YH<j~VTdx;-GS(|@dgPnZMS#9VLTVGfp%3{Gs>|POFv|xk^|oJEgM%<^)P)H
zq`EK`IM2JC>!8k;Z=(@Iu*`T>MvU#u;2BLTIw)JVgGo4^#V<hAzk6i>=0ao#HCi5j
zw<~ORLC2H}Ur-^$?tVfgBbMCkQVHwOh);Ir8P=fi?8d?>*7->3{-xZx>W+=bGXO1^
zmEl`ZJ5~4c<~scs#zE}i?;bBt?;sLtf<>xq0_#pE5oKB8DepK6Y7cN+g@B_F=sz=L
z1ON(oEF2CDTqX+Lw1w~EtYDy*vT^rQjDKkK`I9PP0oXo<^C|%QKYeptmPUGJiI!f9
zhC+gNaY~BDDBXF`{v<Vva3HXO#|p1U6E(wkdkm(5l8#~$T!}QJVgx2kRC78*`lVMV
z`NMZfZ)}{{V(ID+Abx<PvojCfBRjhbIGJv$kzl*acB}Qj)!S-&`#-hIeXF%&%k6G8
z`{{Ic`fIQHuiCwAby5{m6;%;aF(DvQMidi4L4`m<LV|#RfGGd(pTN(`@vutBdGYZG
zrhq?+DZ#HV7{t4N8|t4QqT(NOVRn3Xa(j9tRZq5uR5rph0CC~EbUzwmXtAjIp{pyZ
zOMU?{tm5bZ4)=25>5els*5=3X>&+YOZyO;!H*p0y2is9qy=Y|7r?N0YFMJbev!#q^
z{CyE7#ZXKH;yL~tfA};d%hFXvng!CwYwSogI9<Z+kXCNc^U<43P%n{pHjmMZ^+z6)
zx>v9k?qF!-(M-XEtOuZy_qiS~S;*TZ@5tkt7mw@KNm|G(?_5h2++4mN^JX$!lFlnS
zHVgl6gktdDbUAJR%<}DCBJ%2AjGd+Y9Z)?Ohvu(#FvV}gykEb|tsDS2xN@0a6wQ`j
zUUg6pZBJ0rkG?Ltw6ZxCCf8*~#Rgd`XDVnav1KSESf}<z=tYGpRt2T!W(2XN)}^B+
zrsgO9{Mc~?>6m#1hRJ#P$ayUPudzcU)@S>+Ur**0J~;TNdXqcTUmHf?2Rd9opn;9y
zr+op@kDub-9^dPq=ziams_!?t5Y3;6#QN^;$i@l10Gxqk*&&dF6QgS(dn+IZcUgH{
zSAj(SYjAKOx|x3<K4v1uk5sUOtN%A*$}YZuM6@vuNiv+Yy5Umde1=obdcP3jUB%xP
ziEs_7z$0GtA_unnaQwRMiV<<jCC%PHt&5V=&Mj4U-In;Xzn|z&=}Y201oQgc<bgqH
z8?+)}AJUqhz`9>aE)(Y<8zfG)KK^yO9MN{zYS<gptBhBjQe_`Qtn0}sx&siIV>WDm
zTa=x+0)~-qE-m0_1`Ib*SeS`_oI#Sg>N%I)E831kIkL&?4tJ&%yI^B4I5%a(k<fB)
z^XL>aAdy{mlM%V>mc)~SM$F~Z9Wv-zg<~W$(rysO`TS1^6B1qJ!4MkO)(mf?VX!~N
zw=VCT@nejnG<s<fSa;NGp(m~u+Iqx5XrYjMlDQzxEr&*{y3@q`jQ~S94Y1ZP27#Dt
z`YHNg9&9QjsF8R<of?i4-D7?idQS9;fcIjU!hZ|7`uVZEFm^@Ojmwa>xMq{&*Ll_#
zcZG-I(1RqsVGB8xr!X>8T%$C>)_$!eZOU+jXZ7@1Y8Tn5!dQrta%Q6-5{;v&gtGb4
zV%5x(ckJLs7W5sgnjCM(_~E9&t4x<{@n6@GxGr#1t}5{}DkJ&wgH_;RTe1b-mMw(3
z;#-9gg2?zK@i7^wKo@f>6wT$gGBvk3t%7713yrd)io@8@2qn8f#6_E;#1sjOMPxW0
z-YtzyNX+?fvME!RyRxShITc2h<u6|=@e$Iw(Pmi1E1y$3$u^U<Kti|&_5GJxvX|dV
z6%&|aS3yV_GOj8qF+#7VL%u!_<+Fuw`MsLsQFjb^;l)YPnvSq^vhmB2oGr=`oFb^p
zEA0->XmB^FcBfN~D@c<p_FSmgqhhU*D#4sW%c>sx8}tc|uTe9|+?TmfT<aA$=7P5G
z&yiLp719V;hn|6sA(7|H6qJCrz`<ay*mbIMHkoFB;WhX)jqwfUA?}-u!`Q8Eifz)!
z*tN9gjUl5?**D?j?*iwN_2)K_3Wn8;j}^N1<iZy3A+^$%ebpL39B18!mnscAd%fGM
z*@DqgjM;MLXA|cO$;()Qgjgenq$DdD%)HT7%2Y1gQ1CX?-@;}($(VQu?oyj`+8k{X
zU$1e#FF2@^MLmyCRl87{e-``|yaW#kDJ(0>)si?hDe6zl=j0uA=0=Og(288W>8JtI
z#<8(WnrdWBOJr*FCLzP(h(mLc{DQ5!fp+zy6wGkEOM#eLM(#>MLY)ZhzQqi*b5&lT
zY!WWqrBht>TFGJOj#*g`Ku5S*wmRp!@YDAbya7)ryJMA&T%N+t;@w_0B!4%d+KFu7
z53l(sZAaf>nXU!fE|54nxD(QBV`xqZM<`uYgyn0KZ{pDMpqPn_;xnP)bpq2(ET!7@
zStMm01)!VUp1ZjRlkD;ZtF^$}*NH(<nA_yoHami0i|lT8+xXUU+2oKvlRxm#LT0`z
z1A8_juShLGKVNB);>62l-Bi`#m?kGYT43VOS8I&>qC$uJVAME?VK}cqb~;BNNGjD2
z&H-hhZF;c>9o(O1^dg6@Us8I9ei*_rTfhpVkr3nEbS5=6hFhXnYUMm4vNsPo7rcZ9
z6bW+><QP-(5|I@a@bA*E3g!yQ%<)N-m*bW#E4OINPu)ea+GC*M&*tAzH%IK5lAa9M
z&sY(j^}O9|b`HA(r?ihVvOqalj=WPs`rpB@^6I4T>S%s`eJ3v`w}9(+B@(_GeVh51
z|JdF)1fvTWC(+0yXK#k6{fZ*5ycjJ3ayq;;OAF9iTy|E+hi{$?vU|S%-nT^Pt9_y&
zf&c+Ah5nKv)IP|OX|1fl99kR^Tin~48o<-jxe_WpxVq9esebL>KGf%il*d;_2A5|?
z7BTjX{^*hQlB&()Xo9gip%-bET1%_7?$#c8D#|K%hqm)#!(##$af(tkDhmQ3)6LKr
zp^1M}TiYlj5#B`&GJk|uq^yW1YZo@IIkucrM>eicif8oz!rSygfvoyFg}%l_i#*Uk
za<}5wv&CLc?Jrx5fn-BNX2ie_A7pg5q&bQ#bLlLv**xU2>v-;yb-2$01@A>o=_HH2
z16@fl=2v{Ffcl%rOYY4LzK_7!6SN|?Ssg{dt1*kB&0Hl6_A;pdg{@KWM0~F|O2(&K
zS1`c$3ROVMv!KXFMPmR<RmR@R5}&n9JH6V5GaW+d?=^J|7|nzHqavA!u!u00`q`E$
zo9%FWhfV_Xv0cC`7{urf4YqM6NJQok@3Ha90-eai_n)BZAe3&FcyR^HO-AH8+qXZN
z!(R-$=U<;AQid7#XbR_rQn*mRe1qlJ+&f+ToX|GpR!ZAYotIjSK;h{NP92$dw&p^i
zFdg$j(N=@E-X0ssr9UUk5!^w|RSo(ysIwt|JgsPf2#Hfha9xqeruEpdTSD#PL<CUh
z8(vxOC{B|s1okB`OS_N?T|o^uODIbGmEjyfJuh$z2Hr`f5fvD9P1gkOKQB^bF{Ad&
zcSmkD_nYFL?`Uf83+jBsy=Kt;@}nG|iYtiVwp=(rl-o2iH)MM#og*=NB?{I}Ai>@(
zwu8p<Wz^sLs|iyGekeuo8-aq$|0@oQ{!7LCt>YM2#5TvAv1dtXvCwHIG^IdWXN#vO
z>}mvn38eO<U;{^T=PltI9|uw%UFVK}aiHpSq$5$)5XLGk-Y7AMtpy2{xraa<E4&+b
zHg@m5MILoaBY$|)HPRH-0-KYpb-$E;o0#>^?)#%%oEuoHws4{7RZHy#jV=r751v$p
z;lNsZ@PvWkfLaT99-&&wGT3vxl&y0FPcm3M%~lP4iWKX*U~+2G#9;(=TnM;nT?N(k
zB6^LcnT5%|NZLrho`&=_DuA3|^(D^PWXj1g`_a0_5^U==*b+oFJ}QJeYpZZAk$6X|
zU?sF)Ds{S3(q1Z)AR_wJbIHIp*R<}t56Huw`MTj#I%v0XiMm@EAUaxFy=KZWH5oWe
zivSI=(5;^FZ{0^tLPu9Iv17xA+^{gQVINc?PpenRjnBYon2||Ms?;cLYH8-$=AuuZ
z-?Iq;I3H3{PO3zy5tLuy>2$ATZNS^b%3W0FmPp9yXTDI*?wteGs8l}GOW$Uj^^(#J
ziJdP5{<m!+F5L6s4ZE}91U+k@BtQpV*Y2_ihlL`7t&riKRP3R1Z-hNSmS>HXEpXAh
zGas(`@Jb1F7B!8r;jYv6L*T6n>Nrlo%&$4He+}XMhQyAyJvBhoczH?7)^ke4;ilGD
zhi)3dLG#FrVU?i_=8;PSpQTBa9e}16M@P+t5loi~a#3<?z^snwD1-QvPN>`UYk*L|
zI}v_ym}I9H?m5nhyiKvR%!;&$gvTM;w3;yywbpj8?NGj0`+OHU-1OQH2Gx2ExJMdf
ziDW#daKx-!F6LuZtAP0wS{4oh);K`EK~<2%>Ih1^5#cg(@eQ^ykn~P6d^QzH3qPpu
zhsQaGN9j17hK{3iV}?_RE|TV2*(1{k%_4&U{t*oG*)p%fV}d&g0sYPu|8JhBY;a9{
z?W#H}SinnN?l!V0hh79i?I}i?7uj`Tr=qaa=~2&pzrC{TAm7HM-mnadYn45;rdiM6
z%vemmS)!m5$u%<xcmPY3Hg~tC+&t0(o*DwM%Kj-*i09wKi%!@erIl9eD6BN~%K=0E
zhPZL&QX%fGfwja%`h3vd(VC-N(uvy50n<o^SLu$fCd0AD*;&7VHp~eBJdAHi#ydwT
zjZSm@r@_qXo;YOG<oP-ih@WbYnOK&%Oa=Vh-r;HL$oOzB=`{yuh9eoF>I>L<Twmso
z6A6j`7OtaxoO9-9plhl#`kgyDGRV(<(AJ0p&f5}eissWImIwyWSebl_uBgdnLXQn~
zNPzQfp}+TTB#7v0YDvJda5LDdV^04>^DN)Ii!9++B9`-%=OmN{qc*p-N)_iPgqt(O
z)KLEs+aiLtt%z8@r|6c-!tf6Ciq$aiRa5mG!0)Jvt3*SuMD}=h$&}5`FCwWTCItfi
zry=2=>VW<LGYr_NpU&ljG~C=l2vC9U@l^j#{WpL&`Ni$$+<}Cy@_Cdo-12j0HwGxy
zuNDEz6nu$%Q|QUhfI7U28VEb9)P_4nEU5QKDpyCQEkYI>|Jpq)w`kmTo99f9mR&>P
zE(kleo%Ou|VUdi0oSe{+EBX7B#!VajJzo#5%M3V>q=Wpw0N`3ned&MM?!Y^?u!udl
zV7KS@Zu_uD6QkSFo~?jwRp0~tGISejQN6*zgSA&Dzn8JD_Wpx6pK%|Wd}*i|WcsTk
z8;0@fi-~Vh6QLZ5>WMxd-VuNR(S7ETrrfhb1npb*vgQJ5ypGn-t_IHcaB!ukz@tI5
zy_m04gTWnf{;hSp2HEEscS`oVghu%7ccAZ9B2uyR*mtz8_m@@ro)$pR`f+tIr)Hlx
zhCp!)AtwRGPQ)M($<*AF9TXgcUodmH$K&Sp-8I-h=1AUIQp63G5z^k;=Z6~@Pd?!l
zG@BP^D38&YQb2CCCK~Oy$haZ*JKFVj3Sh^Lh7<d$>!Dsw%uKmfxDQSPt~7qQLZrK#
zyylaXvN;cuYd3<KEn{F{YVj$3^(Sn4GkmhaK@KCoqT}9(IX`0)F{A$`rS4f_wB5Om
z?Hq`XFKZs#w%5tE-4Aj6?v@a>b0@ERxV1zx>TIraT)Ch}G-4Lj_?x!)EDz`Tj(F1Q
z;rSS!2+p3lZ1Ez&Z4$+ahLIh%No1Jr^2d?Wt_d~V`ea(^Ge2-AmvgD@0l-uImVK~O
z{I+>FL^99h&ox8&H@s3WM@h99Da~xYz1`o4E?E`d!G;_&C2_P6{b-oD@{$*KzKhiL
z-TRNceuxP*If5QfgG%*|UgZl%0QY<A47#M&(m;vPF0}CkFRk>#l(d84ebAUB{z=1s
z+pg8Y9F;}6gTZ4m?o~9=CF}FJ&lml|d_vZN3^6tMY?bgGP!F<T)rvEKa`TC7#FH~X
z78Zj&P{{Rs#Pu24Ab-D)A@S{Z;vZ)@yyy(+xX9K|Xki1r8_+_;;vT{3gW&@v*~Fc_
z5V~ip`C_?|NHh6j)yM|o;6G*&CGG)B9bgCL(;Vjckp|Go3`#dWa=DAB{TTYTgM5u1
z2tt8-Z~=pX>SOqEKLx18S$jhe<m2D}9Zy&ME@b?n)6=1C!SB(BV|?nyXJgy}f&>W8
z@hu5w6G&ox+lemdG}xB9HN;MRF~ew*YeZ&`{7vP4f6X^RlkomkDqt)PVkU5w@EdAe
zwrimnByNNk7pl{7Vd4WLv!NSH(TjD{sQgTW1gQEShml<G-9F(>Eas2hBcg9)(*eHd
z1+V3mfD`SJXs)1$>fJy79Lj7l#RVMhQ@VW$BGE2U%9mFL_tH(asvM~uxmY&6{;QyO
z0eo%42*lNozxp$JyvO(RQ}|87D8A0t1z=<QlZN8VRKTmOs?~R_hUQ>=*CgY|GOmvn
z3^DXCi#B19JS4=P2$zs(AqXNURjk)!;&kE-LePd^6T`ZvxMku--6}60L|!WfVv`uO
zowQ+()P=8|a~hbsX1by3oTPEQed4H`PoPJAbZgzV=aOseQSNKnbLYEVbPKp#`2hR~
zd{J)jP>U}l5DdBuO7uRkNKI!n2$5o;c0Nbs0fe(o&}fSv>!QdWM~g=oHe9#!*eP14
z%cpc<<;mE^rf)|}Mdy~)ZRKj}sPW=N$jP8jE1#exFVp4BOqM%Qiayn4?IwAA4c>U!
zN&c!l+>9>21@C`#erFs|4~&eQ^3|H!gf6^n#62WnhMVnnV{9LZ2{=n)M@Kdlrv_gF
zO*Fn5F7qpIybXFOms|GoH{bD~*+m)3P|Qv_r>uHObM+4q%7-Y{%^C|NZU^G6gBna@
zX6T>^%@Z60DVss;2loPEA$3Pjx}V_`RXqRfTxeOmwek8|TEMAXU|+_eLurSBnO*W~
z$bTpf^FJ9g(zGt#!;s;iBNRTDQSZ??C7Nq#^Tnb#<y-H94a>0Fya|Bz@gmPe6<X2=
zjx0vYiGvW%caT3*pU@{@H3>Vl+nQ8Fw}DZl=VU0@92yIV!<nxcLl@~*kUkOdNH8@)
z%n_w1g?((oS_P>GEwsduuG~1j-tlU?Dc;7^ad+~Of4KGDs9%NVr0M+w!zfrsjn$fd
zMoIoNOqU&w{9;DugY~T(IqYK=F<-HBQS{Xb?zS~mSxF~7EJcrxJx%9%it;%=MRaFJ
zWg-bGY%<eG9)(3(y#->^Vl0l#_@tmf2pD6e&QF1&kjxrMFgN~3&*RXZ8s1g9l!l#X
z>s5$IO}^AYz2lW(s(Lgr#YnR^n1Z^%+2P|1@%P|1YlZDpzg?#qSK>lA{qm+P))hGz
za&@9)SZavNifrf|pnj6k5xKkp>pVo4wTIIzSFL4`c9flOSaLEhNRyR-Nc7sGZ4jn6
zc!$f#>_L0u58?y{O_oYxvkVN|TVM7FBprEcMP&}PYe5q4vw;fAqI@{0^eSZ6yl!H2
zzHDJXXPuc>IW#DS4Sj~1`#lw^0$<$N{*&CQoK6;~4r{<rqID_z`;WM>J?g+kvjD|K
z<gmosmjc3DP@H0HojjQvh!g6JQWw}keMD_}$gu4N&@f(w3aha@<e6sBof`6lri9Kh
zqb~ZLWba{A0)nk#gmB8fJqsFM+)uz+(>{T!BPT74<Tf4XC$xRe6xAt9yo;CUg7%Cy
znSekf-HZ(@{ga8lUcsz}q=I?_vXK2PD5e5uvcQS+Hh*2Fq#T__V8u760AhPT%aLdo
zrHW~sILZ?-4r(rKuMa0Y2fuUcd8aS2;24&%ewa{tjQfsWan^16hYEOwBctL>&<TZ1
z(f;MWedrS2KThz$JiFyrO0i4&W3mnRS7ftWcwL}SAo?Guq(wUng5sOyg?FQbnS%Pi
z!2mSq=dOB&?4U?*ZQfAZ#a(_oBK(dcD&4rTp@2;5lXTf`umyh;>a42$H+=lef23xT
zIEwm>(^#twR%`}NAnf2#Tr#@PT7#)4%e&{5dP&8@`aAon2|g9ymi=zvHTsWk8V1>w
z&YcT6u^t;KJAM0T9pPJ-e$N%CDfIDn^-xgmOa9~Ej&*K`0VGZ|^k-D?TA7FKbk0yd
z!DeN$qg%{?Aw5@lLZ^9P7AJWV8GVccYLS7yQ*!kZx`8yV5SanjJf@FltGUPsi_H5r
z5rYv-N2i~5qf=B#yQrb$TXYDL?-?k$`^>ywO)%ETw?lB<Qg!zlNvRDi8GYQrnlv*0
z4|LZlBubEul5@A^VB9`A%jQlLafw`<&;E4AHgw-Xpd<XP_VSR$es!80(ojv#xuVJV
zU$$vKcCLlVC@-V!-aX?90ltK|LL`JN0U(ejYbrkyOQ!Ei;b8iLLGgxR7I0{McCz6G
z>O{m*J7SJqYrp$oH}~l$m8gO1F)GVlGWVOWMHH@U`X6ZYJ!kpsp#(puMcQT~WK-+6
z`|rbQ*h1cZZ>a#^)Zn~L1BU|sF?42n4mP;?On<tUyQ1i?sXTUPbD6D2<|O*fUsu`<
zWSzw^G%U?rxVBTPO5rc9b=p%dra>Nh&CZo9s<by*N3$Ah7MH#g$j?sCd`(^0Fn;oZ
z?VQi8Z8ba6xE-b_hV2q6Fl^xJlAWLVu*xIjR5Vm+YB_mQJi<d`BeFGFUIIaom4*aX
zpYNpYTBbQYLhpiXN2i*yDIMK0D7Ggg6BU6E<&9f)>uN=;d_9T{GlxFP5P&edjtk|*
zaH{OIme@T6dPy2sj#e4<!a5C>+I$@2wS<S*YJ*cOgY#;}uwLPGDUI@ea4TRX+#IK}
zBF9k?=6U<>;b8u{5ZFZ|-I3Ru_0^+o2Q;m=Nha1ZsU1Y1@}rr#OgMWcyx7#F#^jqu
z-vVL!W-}FX_`pTBXnTWK%%Np}z&n)4$1bsoa(GfZ^t40Y-N|g4_9Yr}etXEVW$N5f
zIs05GHO*MIWlEot7!?yrE8AjQ8-BcPRYESNN;<(iBu@aS*<Mmz%U~Nb=+XAxK4=3?
zlh%xSI;2a%qS0eDQTBrp)pu>@5tB3zU@>r4-IIC~YSyPfH)c=TC>F8_X%eH#=6-29
zz`HR~gLI~{7p6Qy-j*_$g`AyH3-loGBfZjTO|rD*20gd$Xe6NPlXUIOi><V^EhMc*
z87iQ+Mj5|bml|!=pj>yaAaJ$R^$u<+vm>aIMT8g4*e6XWc<oKqfVJ)V6Ta$FOteU?
z4qPN;sm6i(S#R=aq%Sg_X+ySgPazfAp~zcnwWs1Q)KXLG!H`b-S7ze7#hye_X#%Hc
z1D`zqm~Txsnh`||r{zt&wBN9Lr;EM56_EeU^ADv;wzTi+oSPCCEhQv8gT@}Ponn_0
zboFfOcsXcl*?CEYr5fO`>g=qgTiB4QJs4Ny^XaN+GHP!m8@8UXD`sly&cBG!=+<JH
zTw&2lJ)rTQAaVUz8X{<%*Cry64I1zs?HsLUarz>AmTrY(yW>-5^88rYn$9JM=fDI#
znUIc?JWLPDW4(YNIrskNRGDpYmV<<Ys<8*?aZD;)SI$>r0w407%<cwD#6bd%8)7$~
z1P@u};V$)EZ8WnW#WqJG%KLDB7gL*@nGc|?<jB$rZa<Mnsbn8QG=g{0Cf{s1F4OMx
z`1ZW_6mYwqPxpO^SDycPXs#+q+*VfhG(Ky^q`nQx{Vm=ev=Td`@oXT}*0h2=s_%+f
zq!4fGRa?1mLuOvqb)n4!>_E>Z{m7cK$cFWgN9T2CY6{DH@U3VABdH%kEwN-8Kb;YW
zAcqvYu{A$yqc!UwLL-A0yL}@9Dpk*+<0TbmZ2io^*Yyc>kaHogIf>W{{Ovy%U&r(D
zpTPVQ6xms=$zl^#lDdlkEU7MWTmeoZ^_7KEWZ7n_Hz)UB7)oyhY-+8jfSE*Dg=EL$
zRh3=>q2>f!(ob{q?Iq(_Ra$ud_{T6HFwz+jaB|A1aVBwcNRyS-YVAXCd?bB)0Z9$)
zPZ1rG(x8?o*=)X1Pg8Z($t4ZORY=J3+HgcTZ|rY4y#_ue7JLTs+aaF32oFVSfn^%P
zgH=0$HMe<OfHbkmvqcor9EecPEoi{Zk!#?2gp5S`(1Dy)b6mMd>gb@7uB403!H-tq
z!4%`(jQnSm@t}U`IqYgV>>zW*0>+fKbj`Q^JK$wE2=uFe<o`kpFm3sLLL9KJ@VZMB
zvZND+ofAd{zld}S977H<C=!Pwj0FOiF3xKzXqv*{EgmoFjfZww;|P#~wOlZQd<rGN
zdt>G8`trN<bnhR3q1Uy(YwmZ7uA5_W%XP^iLwnxTuXi!?=`T0RX0F40+$TE@FH2%*
zbTd1!web4{+v&e%*~c^zFAg(F;;8)gdznb?z{@X(HnPy+o_j+>ox+Hmw^dbLVB=8N
zP$Rn(p+s$A|L}h|`Mu#EsO?l0ow@K&Ud-IoxcPEZDmxb|_ELldCc)eA{XQ(6bL^6%
z$6Z&e@olruz$!{!XSs{Gsvmvha|GCPBvzlJ+W_8JQg*K9>FbkF+v0rwsTORT(Ko3r
z_6)J7ggYp2cYN&WR@Y!#@HyM~owB{^>M~=%{yXpS_eGtq%9g}EuE_3LRb;6zg!xw{
zqjEVrg10K=v;0L2oo#LN55MsPTKGsrF}e8*+I=kAK}mUxLs2pWBdz&CA>~~T&|HSh
z@0YSeaVT{$^C%LwBBg|@+T3(Wck$D#DmA%4zKSY}EA@6h=X!1O24ohyzS!w450~5E
z$CFiR8sF?A*y1Yi1Dh$r!@m*msx9%|NB$Z0bYmc_DF|RHK;ap1Ro$Lr$%lN<kZo_D
z^6Z@Y%w{d2MciXkWgQpq_L>2?XQQl2sphFn%O(plMdXBREIts>s>CkL_ww5S#*8W!
za*fcO#zT}S(+(dnMlzyuk}Md>6ZNd%!da_fn9!8UZR8I3?CNoyXg{}c(KD|bdannz
z3<?meJ*g<+u!hzL_mgdLk2;{~!x&!fD=F$DPbNS<jPEx98_2xF%wHmczj`(rsz%p>
zG!O`w)P!@aQQ{Y8Do4a8=UT<ZgOH0j){Bt?Ks^JswBQ~9hwoge0Raps)Pza>>v~qa
z=c<JTmAIOtesR*DX^Qa4D_^tBy7saFeC7aMeU|wW&6mmR3Ye4onrszRI5#o9#@Ixm
zt5|jlSb6mD2I1V(yASTVpr^w~YKb3Xb_`O<yv&vJ!3#B1S1=Z1#V7dR!0i?Keoq<?
zppo9kb}z0X(ju~cPptNI?L8M=P6@Oq4WN?3929coUU`OsM#n?sByf57R0Q0h5%Dac
z9VZ8o=?S(es(30f^C{{a`Afeixqq)dn*H#$yUAf$>LIwsVV71_G}k23(fXK#4*2>Z
zlBiqS64HiCoYXq8p^OGejh-<s)|%v9YUL9*Tn=LT?0c2B6+<`PlB$9h7FebbBghFW
z6f#L3$3K`)J<G@6kY^Q;BadMNH`ho~1z_e}z1aZ3>La%=n{&x3`0^Iy<xUeQWF#*_
z)#zjp5>v5eO2;Is%A5Sp+>CE|I8)4b3uBsPs18c<I@K;UYMR~-L;Syn+LHJ)04zK}
zh;XdGJSUq_zsZJ^-%yrc^7}WcAioq?7Q%lHzC}J?;>RQ<GGttbO8vx!uqC0AMxhQy
zheS9YIQbK&_)Di7fjJY-Cpu{2C7YJ+N;YZzwnH<LOH1HO+S#aHX<mEbipl>zyVy%J
zYkh0!ZN7S+d#}6S{r+6Jr1RTf!9GX!2$tk=^Lx@EZAV1Lw15?x5pBV(<ix{zHH<ON
zhJ0rKEC3M@Bi~t_+7V;$Y#9r+?Ee;G_aMZ2ItGexH&NLROK5u!c(I@wAQ^%F9+zRB
zHaD6PmLo^?G9k4fnOPpe59jh^!xbJDW?>=gQ&MFfYEU)o7buj_gY67(w)t#O#%!x>
zUWx2DpPi$yyMsmfWFxp4`QhIci~u5F!DU=+LGh4ENU=kpG5Sznj%tV)?M88M2VtO2
zOg@VcrKwFnP{I#tE?1=xT}^v34^$g>qToD*i-3}A&6376rByWCKgO|Lt|U{g<VH5*
zdh@19{Fi97Mwp3#clM6cDq$IP4XE22U2{S%cu3wm6O#iNpYr4;851`1vz7L>FT&9>
zpVp!AbnMWrsy`s{vP$kIy>~K(zbk~ihb>4mgV1UX9e8mhJgQhlTDwD-s4qlZrbD#+
z+oUz>z^<Da8MnR%%+ck%Mpp2Of<(}nNPQSyRdulL_w#J?$Pyi|0LVk|`^dABnK_<&
z{z((fxQy&(T1zm6t({k9*z|jX#d{SOYfo_otpFd>jA?R$wflg6j>CG5;qA=dXLH3c
zNwqC#OZpM0<iHW8NR?`hxGfIw6tz1N$-i(FcB<t-t^9b&v17Z*S}#la=SADCs3_WA
z7n+<rKH80nc(b8h+efsTK^20TBZ1<Jxg`<e#_I^?R1Qh!$5Ea|cl+Czm@9FKehUIy
z>EYP!l<`kDzgz{uhNMEnQV-n4ofO9EEeoNK5OSt7GGs*~N9Zg&C!&)QP@`hqDl8io
zaH9E$NMRo(4+H=eV&n)#r~p_=X2#}B&fiL@cW8_D$SXC&raZuim=&JTNM@~<(-uko
zv!LWojG0Z^^N`}=s;$(mdfu0R5^vvO!21?`4=zW1BGo;-btno~cy8=S9>!<8lVkc`
zDJ=LMR-&NZIbyVf>~d)w^Fk%$Ts+)E--!o!$-znE<gJU3Mq=aYG<mWeGq1GL&5!^h
zel^toZIBa#zEa`R|3$!5dfVOvu6{+RWy%FB+8Q_zA(nPN1;c$<bb;`sxcsou(*i33
z=|=%Y3`WGbV=EPGR8dO?Tc2F*jQdx}IRh!Y<?v_gG{B{jtf}ML3tLOKY-0vS7PQcL
z3lzBH`{%#Xo#LTLhOCHfM2#a&K0941EMkB~LhXYZ)1ixRE7K~zrr1{_E?zvU7g_s(
zLH&_G3Bw-bYtf+rtv=PF-S%4lQq#H$%9z-+rS-*SxbmeI+g|X;;w+)q<u-DJ{PIGN
zqi~TuopB)qKfHW0^;q5Tp}W{j@5J(jnB!tV1oPp)dKbE7NKYM&PIaDxSmyz00pkOQ
zyq_tFLt8;xLD>Ox@XGoW$48LqhB;u#2^XAm0bf?lnFT8^ew~G~B(1++yNs)3wp2n9
z+;c7v9D>BeXSIVYa2Bq75U`U9(S1}a*fzj=5_`RH;<bT`h!v3Kazsj31rr8~`eN5`
zx!i6~coXDtEtiqtOT&7*;#6>+o3{fBPW@~3!sgp*sf`v)f$euOa6nydyi`<5F^!4m
zFZQd~)|ODKf;@z+9RcW<4-?}~#Q-`(G&-1o%UzcjoXg<h|Bpj=pw;E+TxyNzI$ulK
zCk8);tz&=gnh%EMuevj)3?*|w0kLQ22crnola)xSMqOyQ1n!01+5QAC23FRpa1l3a
zjtze*J!5pVm=toGjfW>NYLaIxhjzWzt+yfVw*IRI&ol2vU;Tnvz1aT;6{cnZ8z>Oa
zP*m>`WcMEEK{yYT&13cjB%?-I%a&7w>vzF(xlXA^{m}x5D>NzCoCVXJ!OctZUNgm=
z#lna9HPIrka8Oa0;r^Y$umb&G9cSRIs#$u8x~DVdj?|bZP%#llSi#yU&lnW>fTv5%
zZ$xVfP+=W0?af-3E=rHBRK}fP0uVS<HIn_wVUL&8z-v(gUgQEC`3u#vU;6y_%cHmL
zxuoKDh5nFl%Oz4EwLwcKBe>$sBiT4oZEkcV#3-}9TZ!p4&dXQO;t&rzadUkqPZz2@
zRNV$kn~5h8*U3S?e7Kw_{@*StA|1QbLN^okXT%*{N8t6ZU9xxDDF3d(NuW<hr^Fgf
zLiYHQa_5u_R}^f#2p%HsA*fS$*KohObm(MGDkG%yPYp_c&Xh}N$UH!kE#3SjVB~%}
z8~r7#`5Y$M{+u=zTRg};E`h-xN4Gk!wRiMbobKIiaf4TMGWD|PB`n~=?TOM<sQ?5$
zCB&H43A2%)K@}tPb7z|kYPH>K4eyj5_PwA=7mSqY{B=K8x|I<5qOuSy?1ZsPrVDb^
zPQK`Uy3m2*j{H?oHQ0P7R#@mni)QoJWz<bx3sufr(1we(|G)BB?xr1;(>*Edov#Af
zZnvg9i;&_DeHM`TeFx5x`u*yLu?f_dUFQlpK$m<*y*x>54kE6egidzm%_Fy$mykpk
zEP`F<WRx=NB5cSjAa!(*0><enE1Us-bA_}8-;`$YI;JO~l8S8MyW$<WzxZ@IFO_Q6
z2LG`0P7XH*(etf)F2{5@iE5eekgW_4s~o=b`-!j&W(;6LT~gRb08D0Lp?eZ`*<@Oq
zK>6M*;thIuh9P=n^@n;Pwe)8v(n>%>>(z{FAfw9o{lV2`_<t^>@gAP@&vqOxww(gw
zF$`yuK5l$Ue?`brb6F>PBO9p4d!alx%iUuqirULy{M_&J1-fI{B~EZ?U%>;qq*dj1
z%V)8BY<mF*eBS4!_VopY3G6H%mmNHNAL0lda;F4f2l=DfoU6Sm7zy|Ve#(z2SWfD?
z?Y3`Yol2owN(i~&b1l*ZQo&z(vx|C>A2rhM)k;X!Ai9FH<)$K=F?gzNoZqk`{hEFI
z(L`Qz$~FO*Zu%spzHpPJY#_lZRR5eQv-QY6!rg8nexn4?eX)FD(O;n6YFM-|m|I>0
zm8Gf!Q7*Q$-(?l)MGC=<!-2d^(K~{3E86j-<E|cGIcx`yR*XR?{U+l*7ps^aZ!O8E
zLCxBo6R1<>*lV`O)~A3g^2kN5(&uY?reDrKzMTa4*TDV41#-8)e6TLlwjh+J;D6zJ
zs~BGx)cCfcnJW1cS5_6K1X_wA&&6l~J%7Q$_)?DLwRPp7&tmbjl(ahf&<{X|L&mm_
zenIv`P@t`@0V|h|l?&t5m3vQ<SkYe?ND8E_T&qrqbU$+InR1h*`#=iZZYnD}&@3<a
zr@LAg=YbNZJWW})5umpx?;S%p%Tvv-d370eMsZ{lZ=Ml$GfgJ0V+%9r#E(nw_Za}%
zoi08al#n0cY98+!!Q)F#N;4t{I0+GM$|10YFJT#>c$|Y%Fku3=QwA2DFQq1j!o+kb
zWbuy8j{i*rv%^!uKGqt%2b|>xhOkqS3)_o&;S#-#z2|dU2g4li`#7aENT5?#-zyIF
znIX*VqixiU<>LT1R&4*8bJD`q2#~;FL4>0p<r(Sx`b9dT0@9%g&CZs#im{c-6*s<)
z0$?jjo1>FU6RV?3fBA)UGfsLzQAmaVlXcOJ#LBFZCjb(PPsO0?E2GQ^M=&mq9B2N}
zhs|MoVP~`5Zt8U5b75Lr)PF;GC5exHX@~(D^rA0gV$ztd8*_H%=O=_gY`k{_uQbt*
zPLFr?DjI?lk-kGXAC{zoGl!OkjOB9BR;1cwY9WyzEyv8PIW$m`x+f2Wg**{$8p>k)
zu0fEQgy4O?|4WVp|D)@vEPkOD_GRAMSDW1yev@suBh;Pr;xOLWUM<hx72M58nL1_`
zF<*k~1+Ok1zpi*+#8L$z0!GePC6?xokndD^d}>W{$Hn@~2TxX^=;M6c9RF9jGK9p6
z&kkM{L@koR7Y?W6u<^Fe2<4y~i~o<DZz0Wj+34!pxy24K5SxWfCvJdXHrSo{5zH5P
zBISN6u$GH>A4I=rBvI|^DSuyQQuJRMF*G)DCOS*M5D>Py-cDr;JofQSm$MR=delR{
z&4@2%qU|w)*clZ?FMO9!yZ%5EP39{c;}}&0VRtk8W{XD4Si=t!a-Pk&!r{DFyKA|K
zGg(YXMjJeufy9;7iB0H7G!zFi9>pN0eFYa6fISSBk1x3DzEauCNERy3hqkQ4jd@9@
zF92YN|94X6{BPUJu|BEz3%g%3I*Gn@hKiPp!TB?+@MT7XNGHOhnL<27sMm=k`yPOJ
z_Na=Bd;u;iJM2B%6wN=Stq^xl%(|UM(MJ)S*g*8)xxyH|ng<bW#a|`BiMN}ZwhX&D
z@TRl3th-zG*F4EOECHwa$4t9tRErtqfR0Y-3ObtHDC&8Gt;dGdwL#CYGDY~@t^2-7
z7=0bv5|h{sjYWs1PpcW%0h>85W~kFDv?LJ)mO(Le5f+Nc@sucr`9RWH@kA@zCGO_|
z4+0Bx+zmA6)4P%P!Ic378{8*Yb^Wka6%hfIWtQN{f`GIc-B;ko9i8sA<}{iYqG;AJ
z!{L{iBIPV0+AaBc4bskO1^t1ls)rEG`;|L{9gWvPz%$XIq1>$w=!=X%+UZT-Ls<u0
z*Y7x7h62&x?U;YQ>3C3dG!reDm&s+3uoSxK*QUCH1w_YViY@*y7G1ab*cm99O>#{|
z<7!TLb+xPEdl!~X#G$+*?SsYqJC<_1PfHaCZy1IUwN!D_vp3n@;UnJ##?+j`@C7?6
znhvQ^52R2{=bg1_z&789M3mg5MOGNiroYn*mJa(PC56-8UG_0j7m<!0A%9jSsI_GQ
zG$RMk3^Y9*!YC?m=Qi)G4rC#2%sL=3eMQ|j|GhQq%ztns3Qqf13+UnNXo4&CnTEK3
zo0>4!1zUfrMZc6{iETDpeHyL?!h_lvVI0mJaLHY*ERmrCKjwC+dgKkLZB;EGOrm>w
z>>h~B9cva(n^?<vI8I>c(NxJ$vWED>VhI-3Qk+griy<*#g1X-A-55h9W=2Sen8?84
z`51jS3;w~*2E81KlL_zR{*YezaqQ|73r_PG0$<9|)z{u_C}w#d7%t2(s_s{qYfPHM
zZSx0H$vIlG=fC0++dqz>#t~Zkov(E56B`@ZazX$`MI<7=J0^Fd{|W$`GZf0ix|%zH
zvR|SZ4yiV+apv9)X-IT)5S8vLmt2U!vhYcJdk#&*Y(-o=inZw<3)HTcj`To@=%^%q
z$t3K=6Fg0>_;^Q*&I&-+nj*Wq=rU!x)Ixz)WR;Qpa}PrcoJIDcXvR=t^7VzNa$Xu6
zE)AXNCv86=$@ppyQ<D1hS*eOY(>XQ#y<O8_PtZZv;CB_3gbQ82h))(PlZ;4t@NW#C
z2>qv_U>^H}!W5o(83WR#iU51-zK_%oi@Z*HkMVc;Ldz6U8bsM#=rGaf38}jYVOVsw
zKgZd#3QlVn4Js{UngW#_w>1$D_nWzu%iUS(!5oiD>5;2`)w&`Y!C+6^Z6G(~dASaK
zVRt3n=@TI=Zg)VAMBIV`(Wcf3Bn!*k9c|{7+kriRBaI$)Q@Hoy^5mCR?-@3xUXR4p
zvI{1~_DC#%h@r}7wukI%Ct9B>NzAmoqR{6_`(TPY-j>RL#^EAB1}ag}+=s-Ms2((I
z<g2HUat|T+6sfhZsPqJTNr3TZikjV519YGHSb=y0%Pntt6G!V+OB%ilV0H0FpLbk*
zQbL>1fWqr=*<%_z$ubNH19=LAWhR}81aOz;6TpZS${eM1(UW=*;?p|yc?wRNM?50Q
zXkQ~}&=^ZdIX8aDG&(>?uOzirbIgmt0Urg;-cdB4?twP(Fuc7e0(Kx;Z@PX!nuIzL
z>=zJZ^x40*M0b{V{Gw%pVDU`!Z$U#X<k|)$R>hQ?GlCs+@yid~mvwM~lwus>39<AX
zX)e3h{GcDgnWJaL3y)J<#5(E7Rf9@@kH0aCQ{QAy5%#BoW)<d9WSvScVnqq<rrpPE
zOm2;7Iaw7+84nDB)y;MXwooo?ps=Uor`uh9EC57}uyUN$+bH`?v{zdXR9%0{SW;x!
z*-KA+l+6o!6g5j}%74)#fnw5%4G2&um*gSC${FM-x7_w;mtnQ>Wk6GrTzBg$Yi0;}
zG2`Z`m~WoPNDZm)IfF5l*O;9nkKjx)wkxHOcaU)cI~j-<SZNOyEv|_A_u0KlJy#8t
zl<jZZH&ahLoyw$mByD_)Gq);<c6o_TVxMWZc$lw?$C)hkB3IDn&_LlQe*s=dtIW~2
zMq4NSn_9y5B0+5NUJjmGNK|rjRd#;wUbJCmh(d43^#YZ$c4x!Ue(JiB&NWHrlG@BE
zwhu_YcNbg&3rn;cwbem@)A!mO_@biLeEAr<j(bEqeFE6=A{40~zL#)@XL#M)Zkh1p
zwSRcpim<?!5SZ%xvztGgEk&%;0DL}&qfB4`Ph4}#`CtMv&n!RSH3HC!x@>wdmPBvh
z)809P4(S+cJGZfu^w%iY9=m8v@N?c_my(*7_N3&xiIs~G#l(oLw$-F~+PLr=Wbpa!
zcA@yol_Bn=$~~)A;N7K#Q#Ud050tO&3V^ZI&b$*4?d<Ay3R}UhE}>M#*@%)xG$4C5
ze2<J#o?qto-fV4wxx<*=U`EOWHH(F2HgjvAjpQHvXp)izKlpk4j(qkKQ#p@8KcV{&
zzi-lq{#iVN5cvDM{W@}@eDQOh{&g1WAsLuI`sp-hrou&nmFnYAybE{>cEqnM5fT+6
zDM6Q?G%7;ss8|#jp<nxQ(Qr-`Kt60gyRM{U{v7om^V-V*DnQl08^W7F)(OqYX0LeD
zS@M)CYJ-=3$Y{^TxbNM?)h%@P;%76mSF=%Mm+B(Ee5JdO)SEKiLC-ho7KA0@v~wxr
zP5)cN?#3%o?xb0{nxM0(%ePz7pl5_bei{FQ#njQD&p+F5Op4n#P}|-{G2p{W(=tbL
zSf`T?c?><3o)Jg8{ztN<FnVlakP%|1o#?dQg34?Z(!`XZ0Z8+-cZO9M3N@&wiQA8~
z9g_R%#KSk$c$9ehbs?`@i6;zqQWZ`^QSnvk#SIik4^8kiDK67w!&*qjQW_oN->$zF
zF=j&|IZ^}Sgw{3+a*t*W^I_RFLc+fQPBWcajsTY>Eb8B5I$aEC9~<tl-VmP#gEP&h
zqviOSNTQC!(y*N7_$0X`<g}bePB#;lF9LN%ywV4Rgv!j+X=~B0t3zd}E~c_QTqBo2
zTOR5oS<O4sd~gve1;?x<9iCao+Hk&<IbFTXokw8k0Ga*FX4`~PTy^}6vfY>&|IGH#
z&2x5i-MEs_m_SpzmY;Q7<v6X2|K<p+k_sr(5Q&Qhx?LrEGlh9D9V=7>Uxsl)pVlw=
zam!`}$`($5464}wvwTk}bsW+1&viNDlRC`6uF*_1`jwt8E}tjwW`Je=*_D72>V<_u
zPNdrnuY=CT0|r2Hpj=iO3iud^T4<pgh=-JlzebTwBl((+oXm-jwR~^B*l68-`LMds
zpav_NZb59};-cCNuZHEtb@28k(G(E<Aob>_fE#&A2CynqtfI5+T69yHaeW-4eBG9=
z(SI7>)WNZ}iDNg3peLeQ`(nqE^0M<%VRz)CaMsqnqyQ(yd$at>z2dC8%Ofho3c8>{
zLs%<Ip^AAsg}OlX7;G5y>v5=!rH!r_;JE16%*5w(XIAihj?T_>BFtu_qkFAhZd1gj
z-;mA&lTnZjudP=2)QJ}wqsM9pSvV#j__LgTeNIK~w6LOFp*|xc9XC)G`Us#qQAcY7
zsXLiq;TvocOfvf9T~{wh{=;<=HwN+ZV)S0>luC?S!GI;!1oRMJ2qHt&s@nu=cD~lf
zAILI8`%sWGX(Z&UB#f*cr)m~jy<y390j25ybOeA^Z>c<kf0mlwrvn1`Tvpbt^E?nJ
zZUMy=2^BoKY+c%x@t1EESFM{6mtl?e$3l8<;`9!ex{uh3CYFj(VCzQS&G)cIQuW-k
z)?Pl?8)EBW25K2qLo2`&{pH9E38h8Ldr(lq@sTaGR^ev4!G2%%x{rwe6Y+g2=!=4;
z4GbPlQ+RR>#Y0^!Jt!sR&J4D9Mi80WB;e~!9M#tO;u3ZVz^`?@xhVAt*4g(9?b`$b
zd#uG<50u;e@m*vSz>)N3qZZhDlyz$AE`P$kq+&m?7PtI5jXFc`@Xx8XVb)-f_ZzhD
z9*#v><Q{=WbQr@>jXI!ZlI1WbXTH)&pfbJ)`#5O*0>N_T{t-YDC7gb*KAkVHMf7nv
zjaTRNDA3P;OPeiNVLG2k_Bcf}LPp%%-~Hz~(xoW-3XAAKP{85Xnic4f*it~}8Xf0t
z6tU<DYue6sAuPV_?prI?ZTJK6{S-C!7FjV3PaS<kwCPncw+;Q(?C9$kzoVYLo^Xef
z0%4wN`R^%p(J#eI<oafsW=1y$;Ex<oPI6auKv5X?W(Yw{4+0Xb2F6~qUJD<p1levi
zHaMxU6;&`5D1*avcpgWmVoq!Cx8ze+Y@dh^De4~bQ8AditA}>IedJ5x_$KYG_m<bW
z`|IZf(inm*hBMGJue0YcK`h?6Q;@Wt!o9_{Ti4qBW=Fcpm4|xQ^tM}zKSUBnyWj!Q
zHpYBy^U*x-)OngEN9u=E$sbj)OSJpofk5ALNkysXmhY*q`BVx>&D3(V;pqBPPmgex
z0}<fdYOSKbt6OL!A|w4my%-{eRi^9SuHkY)<c?EixH&2F+ZYnsC+Vl2ieK~k7Z1r{
zgy>6e>)h&0?23Gf6^qIUY1G|3>=TKwt*3g18GCj%w8I-E>TY=Tme>Ei_ur>@`F_n?
zGqS%AEZ=&r<|1mYj_ox1{&`ZLcrS4i`C$;3hVs1W(pBkK#isog@s~+g56=wJrO&Sk
zZ^@n9DL?}IaXi^=c<Y7^E;liFs=NQ5aZ)R0)L*2h4bqd)LY{mM-#pJ5NKQJQ_c(py
zyn9Wq%Z=(vRamn<lo_ShIpO&~Q~ae^dO)gtMEYVYLs;8WZ&2V<oZ4*_NDliAPU`wA
zZm6N9q8KOK!;4KL_|YShj@WhcW(~JJ1*1cZVkp!!=h-l6cb9|y7z#gjB;D`nZ!AJn
z2eW-++1@;CO1;kR97y}3k_3?Gb!M|C^nomK&L)&(-voJeGNcNY#PQ-$Dta3X8E%4W
zvlDwC-veb6XxPyJt=Z!_c5hztf3$>fW~H*&mYe`c=dw+G*%KLu`66S)$m>F!Ys9|Y
zL4I01_m75>Zc>yqC|*oO(KXPs9!$~?Ic})A-C6%4zarR2`;K^A+W++z++pkjPPy=m
zKA*~^LAXFZmetI!;b*I!T=vmv^(8&*5Fq8A3Ij=9fx6S%-dzNTy;z`g{w~JV9|x}0
z`(WXB4Eq$LA`GV=I&>7#ADpF4AeL-Ed8mNux&$CPj@T8r8XM)Z4Y<L|mTTVeRC)i@
z)9}A=5=I4G75wT-7Ayk_1se&45DQ@n@Mx2&vM7Kx8yssr&K=W_1MD6PtZa$fjHgqn
zIMg&wD<TaLK8NS`9;hfN0XfJUG0e>)pL*a=8)>$pkO)m-&nv*3yrYaZs4N><LC}^H
ztUxi_D@Z!!zbyA(DiGS7yvyhyv#o!LP}?F2GRMEmEgOm4v-_Nfyc7J_1mKA!DAIuO
z{(IK#boSlfdinZ?FhD#U5QxY}9CF@oALGLak4%j2-y7aA3M_?vvMLK70{J2Z092P@
zB^5wrLsxhDa<dJ1xUopi>N-T@@cJScVZhBcQF?`@Rna;d<BOJg!1k(8mvhU8LocqB
zJk{0amVPb$+ekEv8HB~(!HCn?mgkCR>)C<viS{1$aoQHRcsoY3BBl1|c28?sb6|DL
zM^Wv<_+ZajD@(0&ZQV!G6puG7Aw#p*>twX3h^tj9jg8Fiq>;73<?PyGdeGn0zd?1u
zzDN;_U>;2kjlw&E2u2ph@J;PTTD36_e3wgSFL8sJJ84p`98yH+6)!#GW%W8cXq=|2
zN0gS&O+;$<m`N^TxA|lM_}1CfeyyR4uDYVgk_Jxjpj>$JdS|*s9^z*?BwXuXSGF=%
zq;IIy?vg2}Yw)!%%kMA^Y`L%KeazRf{(e&riB%L%rA%Z6V%nCcZxH1bNu3J8jr-g@
zwL@9C!qyWsaz(qL31L~qp`+57SQR`dY-Oi($@y`D+mutsiRR6WM8*`=<3>e)h$3?v
z7e7vGS3)z_?DF0rR6P33(s~U8K4wP{;^dDn84m%K{VvzZyUhVxbyt9A!aubf#Mp#t
zb6udR6LOX>x;Cp!XW4{#1gxtqCdFniW*H<rme2CmVFJVUg*Kk`F8Cd)QQl7-mqV!V
zb{@c*f7>Hc9OP6u`OPPd+b~n-VECOaKdEBQixoaG)1S%X6Z%f=RfH8sga7`qF?_B7
zH%MPDLpeHdY^l8tuKin(_KRR{2lo=Dx6bAA!IR=1wNv(n_2Kfl(nt;aoTP0I*ay25
zP^gU)Z+cWo2OehdM8vKN8jUfH0{ZTTVHu>9L~XK;Jw0og+%9R*Xhd8RLoj#!HLM}o
zg-~P`H>MF<*_^{5R$nlzvMQz`V!84(dTDo>sV^JErD8#vji{TDv3+Eoveo{gAn=%4
zhk{?WnX3$2-d5erWot63COkbFd>^SQ`1qmcJH$k>`WB=-N&J@e;b6czN(~8+EVMb{
z=8u|+akQ0xvT8NV19<Ux3C1_5h+JaaaO#Odu=5<O!|cwV1h^pOZuv2uD0maK`c9)z
z)tunww{5@->HQPj(gqc8eLc^lQ_g6Z{y(rO%lKb(Ov{*dO}{Sxy34zW=W%$S-Z3Ln
zugaQ<?MlQwOMRxUa@*hVg%jjGj|Eu7xk~Q>RG#GSKjVTyA>V2WcY{qrz76tm1M~up
zIZwu?ga^(dv47pd*fCL?dgl_|pyvDKLbU8*S=sUoShT)C_VIJ5K4~=}gyDX3OZGdz
zk1l5=YTfPfrxt;0#js-Vi<j7$Gg(h~nVE{EV4#qT-@rBcb#Ro72ES)Cw+#t&)v=sw
zZUpr`r6i_N%!alH0A(kI+Wd-aV5`%^%lLN(j73wo!CC!F45gS<H{xLB_~sze(Nu?n
z)?_Iv4Ed#G0Fn*HZxtnCi-N0O=x%3nA9rfB+$;Vof8}$Ii~0Dut|F`!sHrUbr%&o<
z9hn?*N-Gnf(`y4Q+25s{<!F*7|A8&LK12I1pF!2D$R(Du1Z)1hteyM2j@>ewTAjND
zyW;+Fu&!N%n$vDkiZ>|?MuglMq!jQ*NMnflYna?+BJIeW@gWUVm_)<s4%(zqa+pbO
zSmADo2>E;4k3E%;*k9#E*VhrH<pGF0Qq2AAWwL7rPFWY{Q`~&<go=Fxmm#_YJ~PL#
z2!aIbr1cYv!F$hbQ9o^My>qasU4`}#-OMU3MdcPeD{03)DBi`b48pcWo}{0^HN@Vg
zSLymrt3W#!Tv_A+TNqP}!%|6)Fzy?KBuUNfKz&!JXrEu3l@Q`aaSb6V4JL;<W3}~z
zqhor+R@mW;h(%7=wA*xTgYSz{mOdR4Yq0^7c2Wjjrz%H)a!ml#G`OJ2KHc0!m5qfg
zx$eO1gNB+RxzR7u$nRE|_hJ&ka`xS`nUAYY2vG~}%oks)%<CuLdT~>;hWAO9bptfG
zIeg=YpiZa<Ckf)oo9ah}I_I@Bpb6DxjH-+LSi5*{Z1M7eu@i$!+%kXKp#rF-70)3b
z*;==&=n~c|vv0qX2_3XUat|ZfiI7b<wW_gzd^9^`2LHKmsoUooi{J&ghP6|3)0JoZ
zE0^oM=o#yKHBa<&ib)=6?J+rGJk`>|!g2s`<A2sEI-$z8mxkdP2GVvf5bwBy{lL<w
zX&v5o6p7@5u1vW*s1WLAUHvi&#H{6g1*GXQCzpjK-#CZxl`J!d4ee>9du_tCs&TT+
zG&10l?3+9?Xh?Q=@QEGqf@Ei7l}g>i`cDcvefaBnMWh)T)V_Ve$7nN%{$v*x@BMi`
z(XNq~?Ps$ZU#=H$a{!YQ@2vnK#>N-LOJ*O(em|F2>Za9hoQEYLjJ-Zt1SLj<SqOVE
zkt=}8VClZQGp_>jfE-l!{0sb(j^iUNXjCAXJ)9NrjD|)iNJpNdQiKTAYqdOMj6MMr
zS*ORPN=j8r5G%mSA>Ct3!^dPK+Zh|2i27ehZusVh>R{LB?n4=iZTvJd^}ph1MaovL
zF?)-{r^ooNWA6!^8{FH)6FdClEk>B3B5N~~5w$58aa@N4blD>B8quJ){J~SVO`j2%
z;=3&oHubl;9}@pNdQEiO=3W;i$d)j#EAbuJxM@z(qbmj>=L_?EsH&qZB=hd%8{HS+
ztOZyJ;K*^-P)<tz+tZwSx!#A!X2f8r>RjuEJP8GyRFof+0z2;zl`B*Z-4dar41ZD1
zNnVG5v6Li(MSwEOFT;b@JG<jlbq!e|{H`ip<Cc8Eb4=v4mtcW9iF|mgHt@cD@Jse&
zX&A}(>1WDz*|={RQvdOP3Osa0@O{vVwR@z-{w+FQ&=4sXapS{(Bs(E!m-S5W2TB?q
zFepU5@lb<?Sy{#!IU7Gav%fxO?T53XA73m}gYqM(hGRdU5XM)CWuQT{V5niOxadx*
zeJW+89&vF5RKszTCRf4M*R<aYe0<fkU|uR9m?zl;=ukUbg{|K{VfoM@zq^O-ee&;p
z!?RBogyK9P2nei?{I>f8ALI?jCO>o3X}?`ghhKi5%z#6EulE?7&>I`;80%Ql+UuF$
zlm$Anzs|(+t&<@%r2t&;ipLcu>`;X>q79i|e~qVPCyR?(Vwv5jgaexN+aqx+d;=&6
z&=ue@(mWS2MDHC6Q)`x52_%_7eCnIJ_GKAqnCS!9e0+QMm&An#d<<$7Ii_#PHVy-w
zV@1HwPOF_O3R*Uaq`X+BIMp_qD~UJCD}t(M2P=ql%d1A#Ajb?LMt7FzB&`&24Fe)z
z*C6mR%XS8F1Y%`PmXzkJ&-q^m+k&uEI1tJG=L#bJ_JrXVJz6dn{?|eKAU@BUsu(+v
zWi!Rz%AVlumNJBLby2aP=^qmfi>7_b+}!We4@ICf0C2|W!3gehZ9Tf>L=70`|Jq1H
zVh(HZqwbl2Q>b9~mrGnko7aGD28aENK7q;3XIy;s-MWUA7tkXXN_WkZTQU)p=x%Wf
zK!8`OJkI)6&0-pZdnp{`0dgo~hMNwlm4-fKZ2i8D67?gm(Gz*?Rm#5*gjPU4_U-$s
zrOT~_w#h;Y4=I^~%7G&X<f@3$uJ(AY2eOE88N>ha&60EB&(c@4o)K(ub~-VF#f{B4
zqbb>x2RXk8KaU<naHNdACcWo~z;$Gj)ybi8D+uKg``f(XsqX-jGHnjTX5B0uYc(x9
zdO=TLI}tK!U8CQk6WrI({M1OMkW;0}2G1bb*Bs5-ZA%o7^O7&F;*QUHMn9qJ;l^!~
zz|SHQ;0LT}K!|d3cb*cQ&J<=pFsZkT(`gt$l+0k?D~8R-bgK9TQF!vnLy0NoKKIX(
zaS0X~C?7Wyf$|7%`bJvKH*UY(J9Q+rk^@qzdGk_gnSHMG28k^fb;_s!A)6S|q&+6p
zT474V%^|pfrgPrfFC2<$9>;Z3U#h76tR(cpcLPJRy7FW`*iW(nsl8A6^sOfOrCjzO
zy4lbi6ZQyMzb-;=GGNk$?V`x@iB|n`uqP5a*~%G_kwl=avHqKsnkr*SI-jdV>Hga(
z<VhyvW|LnL&3u$iNC$7U4g4C87n@ZOtG&uO2_PE8PX4zi)RlZo73%0k)AUBaXcvR3
z!~dIK3iBXeEcx9>dc(if^XGk9san%qFXH<is#S-mZBGOuf&gZ%wK-alD>n59v98fr
zr$1QMAj2AvEVb?Ch>f!w+{f+xs9VYnefZ;Jc8b1CJ-7scX`nMMf0K}!JLAaok~(C_
z_T<~9r43!oizVG2U<W0fl0{I|P+LxNNZ4AvoMDusm{1K-VtLVVBUN({FNCWSNV{Z%
zW?Ei9xEim>9P|rCuABgbSkJBuH&ke1mfLmAlVj&WZ8QvM$IwVd?;<U*i+_a$RCAM6
zS6!n<`#PoEPcn_67W_J|acSVLS?K38z*YQ%bY-4+aiL;bzOQW}NeEUJkL5h+7P(c>
z*gxshF>yW!?EY>qZ^(?=fLiYCK-eRKR`XdJdB8KYBr}6&Jna9e%umSYU><>HEf_s<
zudEEgCS2~{1Jv)Mou|RR=>G<M1NZn%(PJD1_b>#g<Q6Ezz@9nR8?}G3h?7$7LE*EW
z6wXF3p(X<954FQkJF;$VOvGAv=vB+3rV`b6#|A*)okPeV!h=#bM|b8$Xg&K0)th=x
z){_a>#C61JR;pmvl&QZF(Qso`oy6}pi`$Z+5MJo9M-Z@VFQm+k8FaD`*&(%>vocd`
z65wI*P3OC3Y>R#eWe75WK_;0PlS_ncmgB`X=<f}-Tl$r~H%olj*efVOwRM1>Gz*=S
zFu?8c2kM#BY|P0kRnLker9njf0j$SUh8h=;wR5$j?3MAbZb3yf1F$0}Vh`}8b#V62
zMT>|<@)4+tD6?y{`3gu*``TS-v^ZRxibO8~C9wMg-iq$tNVLOd4M~nuWtq!p=$(?D
z73nTs!PLq;O*5*Nvw1}=#W3Qo%@A;_{$m~|US%#I5G%??dS{4<aIJJrIls+v&tVyS
z1;RUeV`UpH-b*Z*;znjjyVC)$PQHoOpBSD+>FJxA<jmrZLzFq^JQ~xKEPmb%{*8B^
zYf&%{NfNf+Z0O##JKwr^k|2KJ5|^EQ!o}0Q^|3X*CNycqPAs*sBPF*rV394uB2~M!
zp(wqg(gXdWpa|wk+WXa>Nm#X4q=Y2&s2W4=xIIGHgJ1)P$k;pa2uuTK3=0Lzm*+H^
zAaQ~(!05WgK!x@(-PEF3Gp>n36Jz+K=fww<3BA669r+U_EoCw6(T521JYz0|fJI*y
zdkFmLpvph>!6yvh724*>a?9Z>#aQNC&$2_rW}&GU=H1D;)^~^9Gru-O>+*IL@1PUk
z9E4x)-@QdFS5A7JV6eugkAOrLJba*@07no+kxohAyqW~g<00y)7cZ0{;18Yts&`Mo
zMIk~9f*8mjo>E`-rrR0Fq9ki4nA$?%fO)6m2o~(?X2EjysnnC_C}bI(DZLd@&fxwL
zeV81SfHb#wKv7=L$Z`Ol$hMzn!h`kCAqK`CHuqoZlg=A-yZ5$0T?_hXk!@0JmRNb_
zrf&ur$=ee9NBnk}n-LNKYUp$5?zKUBh&?SKuQ{GwWRwj{Q66cWM&dy$(Hy`1B1|lB
zZd@3BKsR=q?5|*tT65d-sY+}!V?D<)vKGqLDa%oPeIGD?G*54(oar(bJ~t^7JRAe}
zSHOQ?M*YxAJEsp-$d?26#m1`8C&uwN_4sC<0rVO`P@v3!5B@~rKT;AXj?9kr^mVSN
zcI=GxKXZ0=ZaD!v|KG9mwDC-5K)z%OrDrq?m0}G9z#s;vLkEPx7D(rU3(-hg3416^
zq;7fyeI;Hv3l^mByN=wlwX7`o9$mg2U4ok*&V%&4WJyjYk+Vii4ri3{z7q6tSacm9
zn>?`lCm8yhFWV@kfszPqb4%g`hk|%sApL|URCZ}_tcT=7`=6>h!lG)69dwCFCyr;X
ze~?@DoMn(8Uh_taL54MoDBqyR=#7r(&tY&s#@(VPxFE{<ArxEYN?|>iZx|qA`da$?
zKn$1b(k|+7N*zGz4Cd~XL4$_VY=w*=C&y<ANdyHJrqQ8QR;dZg{O3uQ-0(ccV$TW}
z=>Z0aB5D;<kocrD8!BolJSI(|)ShB-B|0~gZRAwLB&=fEL^K78M606{1G=avhNYAj
zEV)#HwXj-ja@lnJ030bsCKze6AX-1lB#TD&*T&10F;z28ewg<&p{$Z0*a-2M_xzag
zH+u~Gep8kckz9V5wcK6s&2On!$j9z_OhAp01{870Dv_M~YVO0NBVO8$#|1AZ<li+I
zp(sHf3;%p9B-=KWQ<qMEcBbq(2+&_seT6<WkbPqU+?$AoB|kWuA3zim#R)a(!th~W
z;B9>xm!l<75;YX^QAH?W(xbzj3w{vrC4beM^4=d)@cy;!q=E@Ta245aflHWb^VV64
zZkLN`Am_98v27}UMt~lf?-C?&bs&~EjYQngVxO{1=_HSe`nH}Y*HS&0h0Do}ia?v@
z<WpHPxtg2t<e-d5jd3(DtXXwqbQ&yPU$!jelv}JxIKPpx$V?Lr@ozW%JGI`Q6QynM
zR+6&sLjH8YJw~r*PUq3ow(@7C)n0JhTquzW6jFKNS5T!XI0-7O&7q#+?@UfH4Kg&W
zWj?YttZh1UHcT}hy#UdFeY@Vz;oCKG><0QXWx#vgCb{4TyZRmrGMxSk9XS4_HlxzA
z8n@!-JD48_K=PTqxlFkn6bcs3sr*jyoRIJ-&j<Q&I6^yLEQLN2R<c*ZF5t!T+C9xt
zXhzTE;_G{?!JEOm&g3(T9&5~^T~RAt%rSFw`|IS;gR^`77Pua8pP4~i$Z9G9AFZD>
zT^wUDib~pfThQ;!PMEA(T*}Pm03)3+DK?XHLDNppBFMR6Fe(aBzr+~QFSK059Y|+q
zw<OG#>}-RsmPsf;cZio?xyVp@RdA#@U*Ya>s(iQHG@_9avqB4AZ!E?fx7faAaWdJX
zs*=DKefmHa#H)eBh+SP$4or&X86ym4eCr1adK0A%B~qka+=(VX_LC3Am;qLhPNcNG
zF*OOL`t-s<!)&7t=sKeeqgmz<7g04fxF85)s!NZOu40p{%QS#e=;VZyPnan>IHy?;
zu};))(<or7LP6k@tNZ@yb+%hx3k>I!fd71I1AN0U*V^AljLd^0cWxl<<JjL9Xul0Y
zGngdP!1{0sB_I+m*3`2fzMtZ3Q-z@Q?X66jz@mVUU67Jn8}^@MT1hyj67qEyt@bdW
z*l3DvO~v8EeVo^8MDJIp3m%kgkvBKgXwSZ4C*SO>iRXz4Hw;&LoJ3(wkH{{qE&x%k
zcEs9+augFypaMH!Vw4NPRCRl-%G))g)7QmuKl(gv6hys{*Su@`ZAVeUctm_F5o|7|
z-*nuwG`k=#BGa_eJhcYSBd_vWJV*oOYH~>UajFdj0OPK8K1Iy4z?v6RSfspDGOl=R
zYF5|~mVwD32<*Q`;96|)RO_((9iMAw`q;{EHVq-p{g``*vhoNMa$Xt%9rxL4D!yFe
z6d4&|m(%&Nz)$JI=RS<emluGy?)?Z!$uBLl{zm-7LL<{=a!QFx6+%7sQdnnfTw9<J
z-~pDmb5XfyKgU4$OsI*%REU^*TEO2s?$P5Xi_Mg_yW{i*t3TMPQMy<P3eOL#;8ypV
zc^8dAlcu#yQMu#Qta+cD0rj2q<|q!%cvMnt1S9qK9(KuMYSS*#MI#|=mg>6qHZpQj
zV}N5M(ZGMHy}vDX32>lk)P{T?T59>blnTD%d4T*W&l_GM2q#=e=o#T9i~u#n?*h)+
zGg*tdMoaDr_EBBh`Klj?{Rk)86p6dUjkwwh^bNm7TKT<5O~Ly?<j|<}&WFue{KeTj
zdwuy0m&u=){|kn=!%kbH%?TSD!VAJP!gt6|bcFyq%2jcG8@^vE`|x*WWby?`bs<(L
zJk`lMlsc8WB(Jb_I$VoKxzl4EM>S>Cb7wKBsU#h8WH1$2(&j6#Q4HNlaQ}`Z#T7C^
z8z}r_*ux;=im(AhN%$UjMjj1kQBGb$__~EBRw36@Oua{!FJ7JwHc#Jf%TRr?GKl&#
zUp21&Sr?58$XAYhHmSf0@+B3>BNQjfga3hU#}=JOWK<qQt}Jt7N$Z?-+#<jHX2z+t
zul7w#`+aL7c0U~4lYGLJ4~OB)GU@_t;jSjXNb_M8%^e6Zu=n_6&#|WOuB|)P;|t(w
z2Rmts;ZIn4ERfN63eV-KyzD<9eFQbtOY>g|3IrM{wRMs1G0<g^ZK|t78E>^tIZUen
zcJXyTOpJv(Cdp0T@~r7&TW;@Hw<ug_)#En6Asr^7OdKmaG6iu`2NWiQK4!>cxqDWe
zIOiI?y1ZZ2V>g-SHP%>eTX)a~ViasGCmE}p&DNk`T&@+X)mFmGI-#la{h>Z?tXz>K
z3<Lx`5%|Mb4g4cLp2X(h%HTkPPXComDnyHwo0Xyq{d;)XbM(+sy{cQ<$|Gf2UQVLA
zx$U89W^v_rB^tKOr6NrPEDD099ICCkYHm}yyYCJK1tNjry=V(jl*8^HDhCT6_rS(6
z8&gi(m60oD=5A`~5?}}|1p0M+)s}3A1-_JtQ?#CD<4dBrQZ+v-#D*SkEEY+d!bz(3
zQm`?@^`6scnl)LrAt$k^L<}_m0k(A#O2BH0O`D^9P0$oI*^YQrU%|R*69D^U?ie~p
zchI60Uw}|-?LqeK?)WF02}*&E6%0_E0R?L@aE%~!A{7p_lP@4MAaq;W=>Z#R%PO3B
z!8T)TQ&6blztS$xBNoUPMs4rzinSh|i|Gc(9`vV(HEcZH9OBcKPaM3`x)f5dSP>$4
zA-oV#N?md}y|EKw-`6%Aig*$l6x{#zy`zJ*t`cV8Nt8ZNQ4~NRur;%~1pg1)U3EsM
z+0`{WvnReE`dWj?V4YtSB+!M+&X<_knPf$DViy&y1X6ShFdPYxcbOHbVs2dcX)Mxu
z%5-RZ`08X(hk)gz-}0LnY@j64WTpB@_w*?6ZHoyWXSNnW<IVi6x+NTSnc9RGITBeA
z;)I&FcRpD<%UrZfS=zK{PdBo$J}CF@hCM`IGlM(c<KIjy5PDB@3$nPQTOY`)RCJyN
zd4q9-)S3iyk^7lG<8x>pqFe9nl&(dNh^nKOC@^!jW(#=JCEP?!Ia-}EWcW0?whh-{
z)@W?8v(9|^Y79O(#WQHE5HPSHEZ();zLd59NqJ>XKN8?aOjWRxxJV8ocqYcZ1#5LL
zCX`gfZev@r;qPwaa}TARlx{^Viv)f?jfDCZU>|U9FXP@PC@CdC6+@VVQ6%DyeR*8=
zG_cHr_Z#MCySYCrv8wwOKLXkgd_=0*3_TwZb)RRP9_ZVCMqO09vkb|!fX<1hXTeOC
z$9mz1%<NTW?ngJQhplg&B@(<*EZYo1ekNIR@0$ZLOz4=UFdph5n+Z3Mc{ynA;Fa(x
zT18Os106T32(r|4{IF}Mh=Y|HTTbL_xMvve$0RF2HlfMkSEXat1X)f3{ULp4(pQmW
z92DDmGnS!pV(A1JK2WuIM%weQ(Q~`|V&rKY3DJkR80c?U^e=5f_ODqJ$A%c3CV=7d
zR79y3HWmyh3OwRMAQbnt>U@@pQYI6i#3_T8aS><Li1jDpxo|7FT)K%bL@#}^qZxUZ
z2W)!|r|XrM+3C*8^2*D_+4VKud;>48iNekt8%hN!A~dCJs#oFhX%vKf4%~{9bdAJ@
zmC}iuPo>)+|3?;0*;mDR&9N8nXd*^JG&c+ok+A42FJUZ_IoJkDX7zygBH|_?!R$`9
z)si$9E&Cu-6qqHyk{U5_G=V0{gb{&aM6QjAgADqC>w^jbgPoqUQ<LUtHQB$+$1d-w
zIg$f2C)*kg!l0TNFdF}Kpv)V#<7tGx=r_4V({s@D{r>Dny?Ly{N-0f|Cr@u_&=y8)
zkfB^F<Rn=le{~q~{>_lR4gKeYvbvUFHXbAeoYd3D^8N))L|dzO;ul7-G=MEmpuPHS
zO-RiFGB&4fH&p+Bw5$aTm`|HjqA4?*0jgBUrXm=zpc3r#X*>j^wsA;yetYsf5fl_n
zIV^?I{1oU%wyP6z^|}1r^7?Xa5DRq&+s!HGmR`mEt)`Q?W1@QHvQq7ADu$yn^;c5*
zDmoa97@28KksY?1-RL5H!)b#9;iGCvBK-MyUSi*rBXwnsu88q@9P#;4($4I!Nvs|7
z<TXD#HwTw?vHZtZ#>AGUa_51)JlEP#*Kf`)#@}z*h$MZ;-g^DB5tXQ7yg4$Hlk8b!
zpA?G&e8G~Zzy^u~h*hZ_7|i-X;Mlw58hJ5-ls)wExnBT90Mf@S<Nk1Mrac&67aInO
zd>+JVXsPt^s$~kMC7K`45(}wp(yNZjzei3+Tl;hoDId^GW9ax7RdGo@(V7zb8EN!(
z+T^tuubLf#L&leCZ9nR1(TMgpx=|x+=iZ%t5dDLTMAF~NBQJh`<Uk~UK0qL{GB-G~
zzwDNmQji-k2UDX9yE#E7g7q38QDBi60w{uE3N{c{s55b@I6qq?r~QGv&QXM{kAinJ
z?z6KkAY)v*Eo-L1x5TN=S<yipvJpiQ7sR)TXEQBL?psr=Z%4nh=;IHXsw9)XUkOab
zI|5He`82qE>*JeG9wf(TrHe?=)v76!T^;*W(<Ti_o41@to~Mo!_f{Xm3*n@-N_dBO
z31OqB9VbSUWWsH6hb6&qMqf?B;Phb{SS|C$l@F69O~1m#@u1Eho*$~E?HMhPKCn{$
zg)>(8fIvv%XD*<I%K%}E$c5Sqg?fU}rr={0o`Xk-qUMd2WVB&suUSgp97t3J6sdF^
z9K8doqVQIKGKeDOa_1v+X_wBys0|YD74t}-sn-x8`aD@DVLCWsP~dJiZYg@5Lwf#i
z{xzljoL+tb_jBw5O>yD!y17|}w>-Q68BAaq&Hly*u>y$xUF!tfGg+c6q()s@b(4@?
z+Cdv!xHqsmQu;0ODo@Dl1ZD}k6f&>`W4#dU9S(3t_k*ZS1%i}PF6|@~NEm%cdw(|8
z7GR!A0;g2$FrDOF%?&4uN3EpFS{mN%lZtu}e#U&Q`mUH)APmg!0^Lhcd;1-kqq@Jg
zjko@419WMv%3D*4T?$~FnO`e$B*vplWV5jkG~laLt4xZ53tD(#69qwObaMp6yG>#N
zA5}F5f9SP9%`|dH&R98)@)4w#SFy~)ze&4pE&@^zBg-CPa0|la-aLVBG<9{h3=X2b
z{Oi)dsSb|RZSl3rzb9r{6UKKhl|4RW$VoNiP~b3YAM4M2?eXbbrThV{;0bKS8mwA=
zCP8fFyp4BP)!HJ~#Ov$t@d<u<k80tXJ*~845VMR<z!cN=8Hyr1|E5x+1X|wZKa{L_
zbV*eJa)?dg8(Qa#n*2yM`wz)nR`^!>Rs77%tRUqp5OvF3y9+)A(bJHKN2ucLK@cyf
z<`{Q>i89<HiRE9RBgx2>;n%}3@5*`isnu|RkD3Jn(|J_hFk0y@8GR)P?@TEu27&k4
z;?8~(J`P6x8zbcG*o**qBRkip?odJb57{|lbB!%%A`8ALHJGEnLeHBxQwNV{x)oBc
zR#0?r+o9b+>SQ@LHFz>x`RZj_C39714ypS1@=o6RdqT29d?#@)G4oSVC+HF{cZtMF
z&IEfbW}fwGEBU#@!ItQO%SNu43C9F%;P<Hf+EKPVCL%NCxAT&)JSZyl1nLqk<(!r4
zWtwE`HfWKbZkrx|Lu8c(T`<pm=h@OhyVogw2x?M;cZ=#Oyv8T_MB1$Kyj!snUMQbo
zdLQZt$4}zcc5e7BQ6XOQ0wW*$@Ku6gvSmnYa%60BXtHT_WRtUTX>DeHzo&QmANs13
z)jx{@L4E&awsN6sqqn__mrqiAfEAoenieM{P8uL7XZK8mF<?2{%5CVa?>z9r6iIq7
zJ@uZrnbz1pofTli!sxZiJ6`{GV14}a;p=}n=-4k84tziG^oR>ee=W>QnXre7gTFj;
z`&4r6m@nGmm?M$g-#iF(r@1@HNtsBQh~QA@94XO=yu?uJD98*n2!3rm-jvVQ!1HKu
zCI*FjAis+59zVqIq}~yx^G?R3#avCKb%sPcFbO%(P;TDX61%D<zAqLP2YtAWem?he
zdHw49SVmc+&PZ?~LxREL+3003Hi6Wj7SWgF6SW|yG3TXpb|hKJxx%+aAh#&c?1-C?
zW*P>Y9S^cBT_~*De3_a#aI0+c6e;zhsaP1pIQz*x<k!ou+0kW4<K-y==vZHj>!LYm
zH#8WSw<Z4jkS$+zOsV)}za~#qfX#dc_EWF4j88%KGlxVza4Vd5Fl-n5JG-^M)1A3P
zZU_ndX3IA6zrkjY9=F_;*~!{N<GM2E&(_r_jn?cp2Znj^8Ez+gAX#YVxKV=tRsMvx
z(8?Q4aMTy-h?SYo>!w7Cjscvemjsm=PKYBmKwRk?FHf2l`AO#vp=2iTHMSIpo0-$I
z>=d(<Vx*!(e|)BIr6kIvQOJ9PXV!dMa6>gS(ULhrz#@~Y$-Se}m~DC6spF5$#>E=I
zC#)^i%2p;VmuuH)U&XOczDIY9YgbZEA(epzS3L&j`K?0#X*!pUev}8Q{u!%zQu^zy
zliJwq*!ZOd{QDJ|*y!Ilwny(#;&=Wk2>e{pB^hRdH4<UDqgVZ<H8dlnpN`jqa2dxD
z;-BG&pXhE^#)_045gP$*r!`B;TwDz>@H4wk-jUGfLfJ87Cp+8c-oxH~a-jEfw-yyI
zYEs5!$|LV`ek<CV8GBW9x2nlIgN2A+(e)-U7I2+p+q?`k3(%wK_EZ1|(-UrLGP@G=
zKsu~trHSsa9Af)1b{k!(xN>oUjCyGCFb|)gR&<+r;7lfPC?)Yv#Al=nu|2UNHp!XR
zJEevGJF>#U*v#VfFF|*fp{e6WlB67md3Fo0ZpIJbe>Z5V(90+fHuOgwZREMc66!cH
zL+sx02^M{rb)6p=T+MgconCYcP7Ww(2)=nCo_Ky^2+t?`oJQ4F1Cws}{vF9j$2ObL
zg9ZsmS!QF;(U|m1D};yMeKSRu0H{h0h6g;CVd7rp84d=L{fU!|w3AGN@}hDS*yq)V
zyq3Oll4c%1Aq>8h7gR~}@P)_5WuXfDBow~vNiiZpdFj10At?`_mCf`55!o_@yzIxn
zP8hHo-Or`dtD(*SeMF?yif5S`x!RW({DIgr{?tOLqj0&HV1`g$rOlJ+&p}sQWoe$b
z*15ea23X!yfx~FFxP&grsZwK>oCZy82vEtdzRQfi+0l|WnQfwcX64^(UpZTXlAwC7
zPD`z5Oru3db4bl<PD`^@S1nD+3V0;>93YRSh~CDlMNfbqlWBo|fiI+R>I*CC1t;0A
zmphz|=<AP6c5VKuKU}L?Q3UHu$Ioc1y0m71aj6tvBCzD#7m&)!IJMhdrZ0-+p^CGf
zEZ>iC_x)>8B1=}(FfwK(_oYjiu8!8RQZNaynA*b(XN?^K$>BM^#CZ!M<E_$gB?~xn
zqQb6N;zNva9ZzanpBOFW(WZq1n!l!{hk=#MUxG7SXw2|C5(AX;pu)l)2cO8U&XoAx
z%GF2)l9Y}ZjKraby8TVl^tiK4BJ5J@#M7V-W*zyrqdG3QEd=krpX8Fvhuc&oZi}y2
z2LMYd<(qK`?;O-Vs><$Kc25MMU7)uQ$8)*?eB$xhse$nQ&Y7*WblHm)s~_QFMI_N|
zAob&O0X)J#f_!->b=!msJ8~Vwxf}so>@jbCR6al>$i5L`OCU@QI)<^2k|KK^^?dTu
z))FA$iw|HK9y3>9v4zIc#j@IHs@WlF2OGBLeAZ~oq*#5bJDWRRz&~*mJ&=nNO&!c-
zy>QZGm$Xx1JK@7@aaC?7UyxvqNM*k;$K@*SU*-gFT{t7<JNlVyDyLowo<mtzTFI2P
zc|bg{V|)#DG;0Lq)-P?suLAj;vpa=Ba!S@tJWIKbK;D|GZ!?jh?AM%QcC-3PDtpfq
z#<~cRBAih7P9)$QmXpK{*ke%0y1O|O$ByABY}06(HDOpJMPIJgoLi7Jkx$V8>kgo}
zw^&goHjG#Dc~Q_1w@CVd%b3`plZKfBjV*<RN8voLduFb#MpvB<^PURC+*EdW#&9pE
zRlgScGQC@e$zM_Hs5L%|!WZq^r_IaIm4pRNma%NkLq{9o{Q-Hjh#_gi+<$+t7~PC3
z1a`=si?|FYm38)F5z0^rj52d<x|94Woehecx%673OnNRnq6?Rh|8z!fu_@Z=4Td&k
z2Y)_0u}|$b*3d)-rrw*oapPtVs-Wm$sInGnDJIS?&Iq2p`ETSmo5@^cmY^OpQ#~F>
zbJqU@tl?1z*A2h^J}N|jl@s3;9T$EjFY9rR*5bFkL4?}GNN5pzCB@b#hF?~<eF*}C
zFs#PUQ~?jqC@&(J5hcU4OcZ{wSqPt`0^d*rs}g}pNxY(35WUmM-yGpaRJtBc7zM9W
zoqT1+TTAe}XksYwO)`~88TGhY?a&#(Nk4thO7(U2(?YGYwfeFS(khI7`B2AnP);Yg
z3(xVgLcQ=gEJ7VGL|xeQjmpWl#<dl72YGEjHnm@$rPkE+w!Cp_o#hK?D?K~$^Z><6
zp@bpex-0%JN&8<wRVa1_@h0lH3$EojzT}M64CuICqFs=0s438qi<AfCH5oE`lGrLt
zYK9j<o8>sWwNse;lZ3uHI#a|v<~F=@3L)wwyzrzcF9-lP$mIn1u&mSBQxoyG(+KMq
zTGV&Pv*q2FYEp`UL>PzMH!E2*x07AKhn6VP!aUN0Sn6M?h56fZr))p``7*CYM%EnH
z=WX!T>c(r%a&M|%vLHs(^=hB|^gnTTcDwYt>zZnNo7B4uzEyhvo(>_mKN+AeuI?~C
zFxVg_rk4EG;Q&qD;!Lj5V>;8dI}ojQ9nh<SfE+`ktU_~D$%H=YR*ygM^@{Za$7{_A
zbd&LTOm4=z^Fv^GLwUp{%oKLbx$z~wRc_z8qAsbnZ}6cxGX|#5^x*<&pmJ4-@_H~y
z&mp_!vq*ruKrXf+@%8hQ?<WXw%kAwVEs^)t3iiH;Hh6+=&{pF_zE2O*g-r!u`}DbS
zL@&MZE=&67?f!KqVEg6pH$PWx(H;s7)4%0<CjMXkT4Ph1?Cjt0=|1ER|Dp}QiNlqN
zKcvhe{U}PxX02ug(_=&h>v`BOnmrMOuZ4=kXWBRRtYUJe)-_pO;Kf{MD<8%CaMa-*
zd%@hNqG=sv)~9n560{~xq?~_u?m0BQyZm?!pY@KiN6$NNliZ;Vomv*<%J%s*wG?jC
zgfgiO?5uv)WpZll^DseGFXQB!ns=?4?=Hl(Cl=Iva$kPrFrSR)xLPJ~p8gH_(1zEw
z-ZB0%hKK?|4yy9bCHVFNjZ@0R_5^ZAC9M5%$HJ2maS2CIL)gry>3!5NeE`6XhNjF~
zurKL_q0EenyZLSe*fJ$8p5_7_tB1&qG}7i(BLp4s>=R{BrGgcBS>tH}XKzi;Qw=pz
z)Xe$$bRPZG<&<PaGkXLg?n!fstBR(oigLlf@ms`|&fF$X?Z=ywBKY1Z4Yr4^Qq-h4
zN?Xyn+D2e%*U4(;lQoyMH9_laz&`UN!Roc6N9Y{@tEh{&t&@UTkcKuNv{D<S>ayGH
zsCakVgN(^;3Hue$%k=X1LgK4dF^x;<vsR6l%cR`$wNOf`*m&`SO3z|)-08+tkp{AB
zt=Ja5`Eu!_Hc{WkU6TkwOQiH8;<A^{$B=<>g`l5H{z$ko5}7y~U`KXFRDjey9@&78
zDEfnHoXQ6AVN)yLlz<-Oz@H9)a@FUwV1~W`>dh0t;@5aw<hk>Q_k-*UcxZ939v5a`
zpqQF6EZ~vCp63bGs%Lu3I+gOj)&#7QrFXXO`1!3a!c2pVOq<Qb=3Mvc60#k_lMKBQ
z^UA5uXqw&e_|l*-SpZ8iG8T^sOb!3Cg&u-t>zK*RU)e9t^+|*;9>n|y2{0tVj$m#@
zLI62J#rOv(OcWafu&>U@zUEOwA%eh};XUR8jlFvh72G*IMiTrWwafh@v!eM2)eiBw
zx&MF-zwjyAF*!27=?7aiMbGF-JkZn?loJ&N!_MEUKuTmD^GH#G87?FZkyF!wwdQmx
zO4wRubqn-Ub_ewQz!K2Hi9SA_WZTn}*riqE`gUonoq10<c1&8jdh~iqR)I>k55fpw
zLJ?F0w>G#Z3cB78weiRQkWi8Es}~V=DD`dE3KZ-$x%C7L|5<J>g<rhlQs1h2Sr9YB
z6x9LIbKMySN}hfBCqV7G+QdqSVh^BcZQ5*esVq0C4Fz1X=*oLWUd;uD1un7FVF+QI
z2^soBSRS*8<Ow6J;Ejj}M!<^XP?JZOX({$I3Nt`f(NwYBl=7J@)<o1%fnf96h)Ky>
zzNf<pM{YQ$V_%*^X(Z}-W!UtmJ(3vvbGF03KHNl&+SH)r$jdBb(7BlweCr|*r<g_S
zwY9t_@u`ZAK+)D4m-nK6#ccE<-x$3$yTmn`rTaF*{U|MktP_55DaIg0#d_;hTAzs1
zcU27&v=R+1FC7O;nZhtva+KJP`p+Cy9n0%yR3Uze0P%brjwNNcPotdK4UJC8p&9=)
z<{Ay;yp{P%%x&69Epitzjt<H9i!Ow?xy(kdekf6cmBw9*S6}C5*s{l-c83%vwv?7I
zYl177jL>}oYeL63&V|QrX1iV!D=7e;d3n4f-5(}KdGUaqg8hgC`1g{41M}<gq5VMl
zOXN3@z~k2?f(Im0$%WAptWku~S)&R6RgtHQSGzkHwUX5B8d>0;-eNxzB2JHEy0Gdp
zB{-}?4q+<W3b_gnXgb(z*-o)wLFRc0BW#R1zVjK&>eK=*6W!6&37clTP={Njn}%P4
zC)uv`BLEYx1rynYyx~s$mVeIfxHN95s)ZKtfy(4Gt;e#a?M%|F3b0)=-n{UXB^OUn
zN@d}!nJCLfIh7*V0y>}Om)>vn;Za;=A3;{U2T5G;6A?Y~iyrr}lSQWd-96~2CKAK`
z$}^xy(`w~}GfccoqzuD2SV}*HQG0GgfUK>)-2Cip&2RZwxIm_F$afFoJtJGQ{lh9h
zm=_~sR$t1XY{P@&<<FBh__kn{F#wn(xzPkP1xYiq#fTgEh=~zuDMr(UqKQj^I_Y19
zQHx-YX;}wjN}aUIaf#Amh<QDR0y-FS1(El)sviZ?j;fmYe$1x%v_+kw`VhS!-)Em7
zcuI{R@cBk#%r`6n4W+OF3)IXyFR*bOp~@I7L|2>=IdoBz7BM^%m;SxO3mvj{;Q-F8
z)6p=7nE8+m10DJaX>x`iy;Nr+2R0040{-KW##$8svSspL7GhP~5|3jj!cR^T00*N%
z1dxSoe?Joo2Qz1|Odd%6S7m&7^HJB}PR6|G7LAxy<LRaN{3a4eEM~%pp6r`LODu1i
zKHM4Iu$@%=pwo~^@s7x2X>7NM8BDg*9?#xSOtl7*yx!2PAvTRystzm$%Y~!@>-dXP
z#D?{d<Wmf2nqSNE=-b|wpwd}^a&&GeotDPYSh2d$F-+@5vsznj)_g!TP?U#EGc`q-
zwTgrQWCwajJ#16sLE6qI!p6>}Q9`+ykc<G|9WTQZ0;S?x;G6ioJE^37m!-yUlU7P9
z)fGV@36vBavT^J$tXLrET`x|X$>LS^2Y(^0_}cpQb$1`580l!G(US*~FD;go<G^jc
zd_a~J1_JDX75@(0RZAx7Ru;+=Y4>fDdkKlV{cn!IL<+@%)WO-;zenw?-m`-(t-NcD
zc~Nvo86xy_eS-o3$EPc=hzxu4Z4KiQ{+C97ZZSi(v`tA0+aYojgh6Zez$1i$oH#1|
zd{on>>KivT^9rEHHodN=b}5=hPVp>y#ePh_iPktJDdu%O1eRY|e0iWJ#j(klSkEyu
z`nVfN^jPL96ep<`qdlyk`oAFVoLsYzZ{Y7x9Et<f_7k2T@NYcs{4Y80kF*PgdUBoi
zk@y{_SyCsMVd~hM{_s)SD;1W!s*nKWUff0k%3<BU6|qCnb3>&G^yy_FPdGH_{^O{E
zK_^@(^g^oA?tMFoZL{M9rw(uA6zBrW4eV>rZCO)AlFXdbOqHu)w?I{nWZeYQ`LNJy
zStcgR_@S~DqqirG(|x`QQ=bes9}0?3(p<ffIzenKHQlrUn(M+)cR*0Y?-E)l_&*EH
zxI!0CVi4B4;9D;nulb^)6BBf!9!}FlSNVCJ4cMTo3#dnq`gV!TDGCRw-v3te#-aoS
z@%gp6xGzG26`Nj5M?5+1iLGf6JgZE;u$XxwW%fi;&}@O0p6g-YW|FNFhuiTK@n$N4
zKT{XyaWb$7zSiCG%zCZr@C6O)j>N4PVyr2*XxcVr@Nilgs@p6<&kHI4*)GB57%SS9
zf*k0sfw_yC>6EQdjsuo;y<zl1gaJ{SCrtH#RfODA0fu(@(%i&cj^3!y)5gb&@qD`M
zsccQc+=v2j?#`P)`}k=Pr$_%)>y3qRgl7czPX{)|=J~5*XBRplr6=(L2BP{MTQdC%
zV!Yh*y?4)g<JS?mxC3>S%A{3QJ26n0J5YdbmR0HHA4%<Fj!z6^Dl_!@vpO%0x4Ovg
zh3lsF34N7AOQnH0ySidU<7-d_j)8!O+?ja&L>6A!Lci&D@(x%EHVGy=z6+9)U;}ee
zRxPO}HREj<)M@EguH{e%a;GJ<zLMYZYY~Ppl2~d*is7q3d)_fMpaa+yUX52O@07~y
z(t@ZRJRJv;e7edNM=!EQ)aPF`6BiK6ff@!dk96B~iDVszp6?YpD-#5JPl(zqnPk2H
zeLj5`>?PZP@%-orAGt+~nJE^m2wj>;TyUGOY3?`L8h-#yK(fE)SkVFT_Wp_|^kEXm
zjL!W6z;2<VCCS93vz;tUZ8vlSN_kX%Rj`=G<dMN`P2fZPAMLkgP^DY8ri;6K;*z+#
zL*nl4?hAK!cXvxHad&sO1QK^AvBaHbSM6P=>U4FVj_7;tjT@2A556^R%rVFNuK6vj
z`;<U;zBpWvY{P!(n5|8)y~Qu+6<Y4q83iu4&q1zPaX>px)wecDLw5`B^C|OcBCps|
zSjDAtZw){RW`RQG3TITf7*zHr?6U6QgWxRM5ICPoWYF25?oHuA@WN~BB_n}bh6c<2
zyj-}5@c_P1Qu=0W5oMZ_uPrVDESRK$pn;TzO-K-85-I*Dg;1B&NyFjvWPM<D4Vkq6
z#AT8`7On#oX#E57u<Ar=l<%QI7Na2D3O6xbYpn{PAw2f$^<JC)c+u|ER#4&l6vhz=
z5|k!7LqBDbL`b^Z1lm1O@Td#-1(0=MS>6y%h#bS-*p>&LHR#j2&;Etj<sL~%Di|Up
z?<eb?*nWA1CX&9*u~brOmJJn;uRp-?M>#uQ>Zef7eM79qqiGe(S=5S{RX(kB&6*`L
zz7S$FJASbd(Nw=e7r3P)K7FKW?X<tm;q<%qly(&L9D9G}L9|4E`ua0h-wfvNJu>HQ
zbAl<!<n749NpB7T6&3zUM^MHc*bzpp=9}{8!r(fG$gZzQ2Hg2KWTh!X$5zVxM-_Cj
zTr6!IjzZ_necy1bsKT~56qU%TG8d{m&zDPouB_|m5#IJ9jHIuEyNzRALrLMuszdJV
zc|rsoqoh?tpvuN?xCdQ#NR45t%y?lbH%~l7N{$j(qksKLiqsdnDPbUZ5R4mEyFbQ+
z&HXw;z1!a%993^CY(CwTnx0?HNp7^vfW%yN?T4AO6D}mwS24#Ogo4Iztx@yB)|%XT
zBgt^orVMLC3aaY4IwhpN5wq&(ew<BGBB!NGt(`9Y4xU19l`x(1r6B%CDjFXh_~}}Y
z=1$zoL1~Nj7Uu$>BbJ*Y(~3YMO*nu!{5$f6h<5v?Ai+)X@*N(TMw^<WRX(+i=daxX
zt}zCfo7CCmF`*uzbfFl!<%nK39)n=y4f4a_jH_gquX)*a`(Up}*5P>6TB_(4{I79c
zW9?;L4wX%@a^Z_((6E-`zCkG{`TH8i*^pO!DrIH`nl#ZnNVMP*^1#b}UQm=SVa<9d
zPqlcEMENAK@a(f7pNj{65>>p0%J5{m#ULpWiM8(%2r|@Yw0Cn4n|w{Q(S4tREE*9%
zd~Mq((NeTo&lqJ}^MKIt3Lz@9^{Mp6MjFPM&`*ly?(l#zi;gziSTbpu9%a)<*W!DA
zW!eGryA>r|L7DJlhuXw#7pZ7_?tQ92a6B<+5|6ZH_SOg54MXQ{%5B&%6ONu4jPfYn
zo}M9^OZ|!4qeg@0){)vlO0Lt`!&mVzbQH{a1f(uN!`-I3hTsI6IbST5NE#VgCCa&W
zFa8G4#gs!7$8413;PZZ&@(O&Fx>=8&?e_5c>-p06#`Dd0^WuH+CWphiedL|QP1Q7V
zPJ|K|*RhX&Q!ZenCI<{$4=ne~K(V?;0bOFJ9Ys31=>WzrQwlKEtQ9;c%rOHrx)^s}
z3EqPB<FQEkRLb4`{T+Dxu&IqS@d><Lnp{g`AgO?}&<sOvU1kqJt(9x;YB2~G+W2w3
zF~a8<Wmn4@TB3wOLIad_`8r;4pOMDF)I9RS-rbChi|VkJ6%+ayN!+Ecgy+dnw?1QD
zMxJ%bpq-8-?ru9T!FDzSkUh4abP-`ui1`!&&2qefBg0$Xq`bok10tc`wP9Szk*<5z
z>BTE?CyN&WueH(8JxTMq_|cyH+f?dW(v>py!cD?`w?feHaAj#n_y<dK!EqYU8eun?
z56^z2OX?1H6IGUjQ{m{ZUY%M)x+ohpW8<irw2$k~4Lz(j9GB%t^?>YgcU{vZ!D~*n
z)HD;KklfFtP1`}W<cp$i_r*ADGKf0|Z43cFIYjT99LdY<G!uk)bMEJupI1ue$aj~m
zYP^H)@{V!O)-@c#h0D&lzssLCzpQ3!?URB_8!|+MICBI5k~KW<eRI`|I7O2(6ZGRw
zmT<R1z<JiU1AoCIKaRC_mmed^c$$|tUZROHVpnH+GHU{|3r(u5&DE8PhLUnR`<)Dx
zoUP$}>ZP}VUUiFEuj!XB4=T`{9>v(^Uw4mW4mR&;(6!2avAW>PU&KBY7sp7_$u=TJ
zey;!p?-YVW3e5{b`(hbz(Yq`TSZXm{FKp#~Z$tg^6+ZMG?CGUA@~1a@)EzKWUoCVw
zTrx5;LU;B#3-jPm1NUI<tHV9c@TLKEmiW?Zjf}8_#*!LIe__tdki{ob&OY}Q&#YRO
zRRts3G$ST(k37xqXDqKqy(+g6a3()~T{)NdMd1j+*=3R|iaiO{NHC)>hY!V(+D5`5
zRfxPW%te1;{Q|#iA^TIqDBw;}bl#IB`0XGtdXXm->2(r`b8v_RInTxPsj3aLz*v$B
zgKQF9RTjx4GLR%jzfGQY<OBt&X4%&rLzTj4yT3JFPC!W-%|EC5mZ_bKsBuduow)SK
z&Y40`pqN$#j|K0CWhKb6y3S5V(!gagiNjD}oAhj%ENP>Ap5_?K&svRczDqZ+q+Zq2
z(Nw-byfSpW@cO;WGce-*Z?pMnZW`~YM4K1DAjZ#STtL)@IVxIt%uU$F2DeU%aBxxj
zl#hsW=r)Z)+gI^+Ob?^ROxLJ<t=wG`<`x<lINR27r_IH4MU`~6*A564DR18*;6@gy
za44G*c3{w>j{>9D7*~M<AW!waaSv$O>LyIjR+EkUjO`wU`UhTo%D+xt{H(fu$XpHW
zGM{)9fP6`d8A^3*8AgdBKzmKb-~wJ?)btD#5^^ad%j4%QNDt02f}X!8^Y-F;C{i2h
zUKjf86nx>0#_)xgv<JFz-yY0Eau+C;{NU5fi|C0l`juXeQ{8tpM^iV;#?~!sKT#K!
z`zWCLqDFtrrVEYEiBm&44X5V_{!S$s*-<%5&nzmy&v`T-sK*Gj<tJdq=z2vM#ERqQ
znkiNYIYsi0;75Gko*f=1R5aM#8n1f1ntM4maJfaRJ}m9nW=7p$cAG9YSno~RXF~%l
z`<r3E&S6gvIN08=O{f|t5xn}=W3Q2foafh%v;4L0j|8wazK69j-4>6rZWYjHl^t1c
z`|LJeyv|S}acm*<2$JG<X>z(`z@Nd;@D2%Rp-@^xCfGL2q`64W-cK`|zfkH$qqH#1
z_N`QeC%}mZO3oIxxmcgAH7zV-P<J=!RNYy$Z>S@@jqE$j;SGnn`$)OAZ7+FWZ@gad
z`PcW~di37MvQ)w6V<6@0Dc0Bxl})j+N>mbrDl`T6FKw{VTB&!HRs^^>_d=O79{;i>
z@Po>U0Yw~ahAktY_w0cQOXv97o1qCk*Ic!`5(+`!cQ^L=^UOG`VMbxq2z2Ix)}pIw
z;6}o6_%AV@Kxsr84b3SA|0uPGCLYRmZPz3RueUm3e#d8wr11Sp)&&R4${0Op7x`BQ
z;3)9#{CJl%$C<4${olZ!myky!jH&2iXLy2C7nHwZpJuB#cr;_lyw8@!+%XYiw^~K7
znOe}Tho;D~i)L<AJ=DXsk>asS(hwFRg96Ps{0h!cf^r0bZ(`IDGFoe3A)fdgm7pnP
zx#R~gk0au$Cdx6#o}d&ta3oJlpOFh!f$)o3^hM?TpfS%ND874moj>W0@mQo~GLWKe
zWKBVTwHSzEI4fT3f_}M{piNufPlx7EOK9i|G!<-p5IHZ<kVGNkQ?@j%isp_x4YXdi
zmM&TNEL27mi6|*9ePqd;cjmxQ&US4Q4!lSo5j$3gGZ9>c5y+M#=8y^<5?U+cz;;cu
zG^(I(3(aFrnV#YdB_8%%7(SjY%>Gh*#Zq@}kK(sIr>GQ*_O5gXD5pJtOS4`@EM4rH
z^9RML(okm~k0B_O>5XR{8Ge3aqiAK+S~xZi$wg&&$YfyZlN1H|Ga26TnRbcgK5lt3
z-69mR@;oHT$#~7anu#dwWp?i3=1wl{Gff6i0?9^YN^sn(rHLQ>13@(3L<F!=l_rEq
zk&V2t#<UFMNNW_3^(5h1hYDlhcTw4Y1#{=774(YavAgOvUdRIpH-42OZ>3?*Y3*Yx
z`XU5eYbyE`Gb2JIQ<hi4NJn$JW50cdF#(^mX|Pq~l`7UFE^?0ypkMmg=r*naCw^u;
zU3yfF`&C=Shk=uuoc>TWw@!(ZfjZwWFSJ*9;`_m?!*gkOR$O|+p0EhqX@(n`az+YQ
z_c8?|qo%faG?TnzzamoC*>_x-<$<*WiyWF6YLFTfk+Z#0cu+`(AO@b~yaF(?wu5AS
z8XuEI3@C!1gPM7C7V)79r}$nKJ{%uEuxW6dz)>B&rS5cJE8sfLzOWWW($+cB)sDll
zOM<|nhPkZ1tE_5>4z?OwVL>6$fVsN5HgA3Wy&qZ+XtyG40f#^Txb*_sNn1SaIyucu
z&u6k))6*Rt+SRHTHe+A;7WAA|1f0)YVNFQMeC5rWmrFGG=MK2!iEwQr{Fo3jw72%T
zj_y{BF1CsmY=?>qDaQ8puIjODCpBm-MzR`YFQDM<DWROtke`h)vg%QM-(=^@)DFPe
zTTa@Ev9;G_effvDPQ)n#;k>%36(=5>RhMhpGH1vPb-9Q|7|2g!czjmuXm3c!fNraW
zN}q_@6JgQ~5Z%W3%vRqjTV_{NjopGtJiw;TW~kgjhbI=;XY_rB047u8H<FM=CuNn+
zoRZme^7S*a!%V6!XcVHoVm~C&q(bM0JH{k=g!IF*kK}JE@GElCp*oC={5!n(EYj}A
z)0{8NpI~AoOLy2z_A<UHv_IM%rwV7?4Al!9@aN7GIy_)##bGyy`1eJ_cbKL*(B3F1
zU_rY8D6O$g2Uww@eiU-nEg>9ykM~`5FS&1foGO$GUp;fS9VOj~oMYMiwiuk4u0$%d
z+Npgve)V%R-kv|H(AOO}eE$NV6k_)VqDJFi3cxK35-S}lF~1dxN;7ko!NkeC+H;wX
z$EEkUCBzu>sR*5Y>f>l&l9iwGkE+7~F5oyc&PpEiHbm%;4H@p0oWhu{SP`^7geesr
zaA4ucGRk!m-pgFRwrgX)h<9Hz-EqBJD5SK9|2o{<xE9^?1I$IF^f*dGl9V-TFxzCm
z;*;N~xQ-KB6@6bFg^3`kIJK*g^}2RdJ0q94T^NqZ<$XtUuQGwQx)#&0WkYRx;c`Xo
zgS<J%Sd662vXt}6s~*1nVKpkZRksQ1^rVuR_e=-6Uzd(IeLs?9a7=f^%MOwKgi93e
zJ<*kbuC0@#$$g)g-y8GwD}&LOg%|5~bJoh{y~cz$FI)Q;XPmX(zz#&%DbqLAXu_{f
zgDc4Rb$qblg=gvRaZ)*G&U&UT@=P&!b9Q07zqr@-7~P61M&}`d6aC5JiO<y;Q*svX
zezJUz(I?}M-x-bKR`kaC3J=^QF-E1c25r?Y%~h32rz*c_$yu?-{3!w?72{{$vQs9S
zX;~A&^VUfqPvXdNjDetL>0(2}C?AeNbn@&O`C+EsNXv$}Da9TdfO5~@nkFrqnQ^<b
z2;0m%@}NfCxc^JiMi3JaBcl<ZF{(Vr#|`67f#cD7$?%>^0>9-GDyzjp>cQEiMD!I{
zxG2~B&h%74aya*)mAD?eeS50fhPiPPypz_158F^Vy|YIqciuu;UP~;5=uT>g5?=RK
zL)+(W0`?j6jZV}=WB+>ze-6_87ZorY_;rUuHX1G}QU~JdlN3Q{uLW*1f@KI1JwFHz
zMkQ}s896O`u)uGLq(sRNjlkvgc4dN2rsf9}+*dMmL*tZ5){jj=-vZM#fWDQWr%z_U
znui>dqtt;`xxI6-I%R*O%<dzbw<VLF13!1+4)&{!#E`v$3{P^5V_^fwjNY*}#OITD
zCa*fItA|EfebNArxfcoQGHxT=h!@hE%Kr6I{+UlkADYb)K6Ml=q(*r(&S6Cx2XpF3
zep1%@$GU`*hn&SBV@U#-4YMTu4@raPaC+>ppO0?HlNhUVr)GNz4nIs)gUJ)=zreP(
z?AnGUbdy?ric4+^bIV<HNAvD%L>6Pn70Tzpu5~~YC|sR!MWad9Qhn!RLJl^_u?(>%
zL@74^>4Ar;41K_Y>zgK-(>y9EprWK|ZQofiz^qF4skhabJRlb+&|zO4S){CtUTVNq
zbc`u~*w01Qk_yr>dl}$9M>9ssWsoZ&<T&#q`R9Wn>CQsEK&4ZVOFA|i<czlM*SMJm
zr$r3b)mv-m4(55=T?)^c#?pkG!2u_Z^|EDnB7CzhTZZxn({JPu)TK^4wmsP}-Fly#
zz~}Nbv@@@DKk?n0th1ZM4GHNpGNQ_e8LxU5Pe<9&?WEt4s^Vz;3IQW^zK|O4GCeV&
zJ#LaV6Usjy(Y#A#16nl+?SjCtlvAl>lGJ^=!FJj98b|Y!nJL7|)-FKwyeoT>wsfZ7
z9WR&F)R_8KAATI8q%E2WFB#cn^X$X<^GyhK%;8gvLSep)l?TA*p$r;Fbo$r$XQ-P{
znR(><{1yCZW<U#;i+_9aIqVS6gdP4f)Sz0#og`vB=xCl*XcvxF?*KcoB6D#*rMETH
zwmU;6_Jq{6J1#p9Zc$?LV>Tshvp%>TXBAZ84B70u3K8~EhJFcJ7TL1iOcHHhCX<8w
z-SrR{3R+`SH|or!$h1e(UaJf;0QcrVh+TJIAf?*7KF%DWe5I%pCTY0hnrB?AvDrK<
zRLy|`*5OFcvAkVT?0M;w16(q2wyTcvpe^kSlYeBF(#*Clz7H({4?&<`BbI!ETSIDB
z+*fCB&hfZ`J0|w_Ur9Hxx}mS+0S>2C#;18>0Yli7BV%0cltGjt@aat{*#gqN2c-Ms
zC|S<gx=0MwsB4G=)oB~zp0@_~;)o&EWVdeZMNy00+SogZ#G|<}CO%4c08x|Iq@Rz-
zP)?BHRs^%pBvpygm{Q}>LTE#INmKLKfuuGqNKBpQ+n86<fqT2REa00Ktm4@}ElOOh
zJ(~=iRzck;p{AVB5Wo?zG$Gx2Ws&Cfs4J=0+e=_|KxV4;H*oAV#mG2y4(8aTl$C0V
zvjJI0*V0{{9Hf_1Uq=RPQybLfHTW$88YVs5iwd4ZoTo4s`#Sw+8#*|ZfFXB)D&7VL
zNaMA6iZQKe(J)|ZY7)Uz30!WDjV_uybw9&%$7r-RD0&&`)GuX`u%0tVueGK~r#WV!
zNWR>$7?s_WF^N?ng?paqA3@Cgiinc$r*YF{_OVO`9Jh1v2enE<t%V#OGv__Hb;dOl
zE)7dJ<N7!?i|5h$gWcN#<rplj=QCO*za{nc(Q4I-FtZ#%Y@=>Y^XdWZSmMl=sLoD!
zj^C{T{o;akqEFp6gQOohJK@!{ta7B2hh-h<`&qJmvzFbnJGj?2=6#07MdZXGa6oi*
zoKNjP9>-oXd3x?kQr-rjat8GlbdBAgTTYfRt?zIzb*~ihaNKi%X8bZ=WOv5s8b@C4
zc5{WoiaPC7lg9kr^VzFphV}X<UfKlf*we@lif!6oWaEtm{69@)X}3&q*sa5o=q)Vx
z45|q=e?jFW9@Zfl$xc3YX|}%fPM5gMgLO%N`pOgk)61EQzkw1PK-KJ2%Z?z-^pXzK
zgU6^&Grtgf)B$vh)eersn!=77OB@tPxdT#k7?Ww=+C_b8QucHOYBs`tSEvgtM3MUz
zW9U8YQ-Pz?D+|VF2pW@VWNaeD0xFj+ymzbibpvU_`u26L_(kQ1-|YP1dLV5gr{|{)
znyL<$GZ*~GqPWfxN^03c7(M%<YN*)#AielW&7m<Z$${I=YJ_%+YU~St!-!znqmfF2
z_Mc(Nn9Wa~4U2-^^^Q6$5zyJJ4q1`nY@hIX4q!BQHQswZH?OWPRkKaoQX#4E9KCx@
zqK*bwYj$OZbFk#Lg;Ed{vr$|`3V27;ptE@!CRtAGv@<1tV!gxkE-YzRk^ZSv6^*>{
zjf8t}So(&0g^59SAzQ+9cs-u^1OQfZxL$MbL@^wSX)9&I4LP*oqdF4C;tYBTCf8<)
z)hvp$8L&Vbc^UM%+h#)8{UGD~a_q)YtB_Cje%wenTdtGl9{1C?)5~pz2T(;?V+35M
zv-Z1=M)qL=SpR`L`fjq%j=K8piOb4y6uGDL(FlH_1s5b=tzj{YEl)l>l)6%8-}+W7
zN?~)RRVL7|Cu}ikK|W%uC45(K$YS5l%hDR}w8`J_t%~hr><PMKlL43c{yu?hqQsLL
zA-2l|SA^Z)TY==4fm5xB->ti^R#Z_%vP7ZBwyrXl`;ybx5>)4<Ml#B|&7Io$JaACX
zIes%%R=XqDHXNCI)<i7{FTJ$P$re&gsWD<&HUu?&w5xLs7twj8%rT1KompADkz`37
z+4MR4Oy0w-e?hnz{(Bu^k-3@HK&Ca)U~6y<R!EJmb7v?#^0aFQ>YgGRBbBD^my;v&
zih5(@xsl9<FER-|K0o+ko909UjH#;S4@SD(<fe1a!sequbu<TiZB|jbU*Ltnu$9<2
z88^zg8VB%wMn=umRXC%UCzlCm(vD3J(D-;9F}MqRG`w-0aOk%w+E1D;IiVBI)$l>t
z$GIrER(Us`(INP7(2wIQl$yY9*_Sc$Bc=MxM^`rDQQB;58_Ty_X;&ynADuO#5Qgt{
zS9X4VvUj^ru|>`uCs6fmBl6L>w`^c*WAaX(Vn!$`TUanj$kOq)PY5iA;PV^OT^(6M
znxw^KX7pyJv&MtxX36^TBT3_A==od<3j0gRe2i1xgf1$zMM_JnbLeLapS6HQF@v7i
z&*7fdVZmgamV&^~m)?yl!`c0VWx_%f{XA$VtQ~@rfjxXpwZT<JmaU<N+l>hwDHAGY
zrC{1wO*xT=SsTaS$l*E-IZlu(y`8ung<Nj42Xr|e3K63eW?j6zhb=C=HY$k;*57>2
z!<`QfnqYvz3PX12&%$52kPUCl&GraPwGO)7!99Jy;2d4QqYa7!)0Qpjq6=wZ7KG~P
z9bV`K;j0!#^O&N69%Cp*q~ZM3)1l_=HcOY@{nq}P6>F@{NS$w&mm_xv!M|_-Gxw4i
zN*TU~2FVgh7YTbf*e5bhR=pH#bMV>*5A~wRLd@~NO6z*1+|oXJWc73gtkBmU#B_6+
zcaz`Pt28FUHK8FY<!J9gawWho?7!%-Dbg`-!afal?1p#lXn5AMJTKy5rGF)cy5PC2
z&pBT7O|lG*eF%O1Z109kYE#j6bfV6`;H(8KvDA{iS15s?Z&H}$aj95)K2PHiJAbPM
zjk1#^r;Zh8&PL1r!Q8fRAF#i`nv~Xojy}j1oj63y$>!5T)w-(hKM1DPBdyd+Wjj(6
zrEoZD2I|TOM(f;)csO|1hx5{C!$#6r#PHS5F75^nIbi-cPCVElh4lpZW;kOJvQ?|E
zGfp0sGzb}79+C}RnD`1d6Z@G2J+DB1iUD>3qXOc3(Ez!+51ZyE>uVsfg;`&4uY2zu
z34gk6IEC>f8OM#PfE|&q@okd*`fZ7K_Ul+RD^07!bMRx11wl}_vFf>GlX(a~@f58b
zA2;X$x%Z|l<_-eP17ODo3$ay}2!Sd{U;+iS97X-{O%m$8MO$!FoE#wBay+VhBFG{)
zuRRb3?R+3!kwXGuY@PAYqhBbFl5!;l@x9q?PE4LjzR%puh*db8J8K@4D2QovRA}ii
z&Gu0mZuqIWiUV``2PVrlNB^iQrdI$_7gBIp{*e882slNxfqRPYMX4Yb^y+ah?s=5;
zM$sm7Uf^fclSi^<c7t&#iFNq?mNM#HmC8^hCew~~pFCR#4V_hq(=RicX-I5mee+?a
zxao{OL9<jKc~XUEgLy0o3xrl^-5qY5s5$+}!c%pFj2(F@wPG1IJ?WN1JMNn6m2C(|
zR-QgO1xc+DSoNx==`?KmeP)~_wk%xOL_6bhB4RO9W2j?B<QkCW=i{N>NE#O&Gs9RB
z1Kc4r7J>J)(@J&xp#u{A8qm#V5o$m3Gr$?d%7As`6&p;wV8$opGzR6)-keDvx|C0X
zK8^2vYtVUF-4|etQmAg1HG5^W!73o4nlcP<aCF_a(UW7_Ik0;5V)#*be_#uz@?hNB
zoUAlmjZpnLwL-rWx`n-8Dz}l6Nr$}N^0ue2)aNX92ph>d8+N-ZF_hS17brLSfz3hq
zZh>%v;*+;&^Wyz#IipRDDQvNTl;^!_@TsncQcI8Jgqk=r4uk@xXOfvtjl@X5`Vl3v
zDjx+~`5yVheWdKxS@6r!Q%l=s!36(W2hXg*RgY+9j1JnqjMC65&utd#Gm94*!ai?9
zsh!!|SK4iCOX<M8;Gqmf@34q*=krH<51qq6dC%2{crjRDHhvt}EK2v0xDdu>17XeN
zHdve~pE_L=FRF=AycoNB@=ClFrb(Q{eCoCxBAJ-UOhLL#=eDG;0$HY(KQq`FXKAwd
zylh4=KeM$Wj2k<z7$Rr0<HByVtZ?vV!OFHovID&y-6`$6YEAm<>LZ?YiCp9AL{1Zd
zN7itj8sz%(CaPBMWos%8_l6MrLdh5O`s<v^-%3dwoCi~McdGB#*LISK;(_0{LJx-P
zpR_$lnl3!s52d=2F}Rk8_PL`EqrHxmZsS6R3wbrqjUd{OGJ$*b!I|>xqzLlvqM9J8
zrM;7;PCU?&qZ)BAPyd32kHmg{l|d*hJ4)P3LC$<=z4UnU3#}m)2$=?x@k^dv?!m%6
z^xvP@9p7RYoe9>|klenqh3`cJL;N{NTMUhe*o3MRx_a$xUs)5e{4@&NB{s%E<WFkl
z@7xALllW;e55X(3(%mcBA&>=^#pK&8A{j#weTg*=^C8DWw7s}wz;o9L&ZSe-lM#(~
zGkjinLp}5yRlTd#i5~l+;*6nV8V0;~?l_Sh-;AO7xjc~w`9K+|y;4{LVBbGAY9g>r
zS#H%0Dm^})W`d;=`bVCiq#hh5I)NEvJogkeCdUd%77?O3tQfuORf_cu^n{4{^O4(G
zGQV=jNl+>oGG^+;@btF2s51Fab{)7wWdK>`S@&EV=iG#S-n3wqmrasSv7nnrLIF(n
zezjOeA3d*u?+6U?*=`}Tz)49^sw;e_F9b+LCY60C52E@yBF`|QBn3aFn9ga0&&Z6p
zvN^(PLn23Dj04Ikz4zTR2Y+p*IiBlrLbHgg_w^?*iDjG_s+NOeJk^CYi`7x1`4pY_
z-3VhF3m()YHTs)#M~z9|ofe4V>q4n2vDj}!NOT&VYU}3O&8`t@(X0{NchD<86gnk2
zSdztNR)pD_b}~kq*EfCfrkiKn2+G~Hn+~xs#qyrw_Dj9*J=eb?^~t>Hh$A7n2IbNg
zYro$b!tCJ}J=`<*O8`kq=rQd7;Gqzh#6GF1*H(_N^5YqJP^M8k<@{w@VEU6wCMi_D
zt6?17mx&6vuwKJ!H|69YqleH*$Luf=JT_2tE`PN=Q{{^NThY8&RFRU20q+v6<Tvd2
z2l)v6AH!b-EwOXOEN3xk`ecRq%PKPLe8ic}e{4D{qPZ1ZWQ5ytw-^&My*uM)vqaA{
z@-mGAq+h8^763|jPZ|Pkzc5}gEMIskKZ8zkpXWQ<u!cR>3P2x<L-S7!hI^}u6A(L-
zP?U!Q6St_vjg<@(c@RCZPFn(<G&^wmhvnYr8tlpIkYE`Mc#l>zUmn@LdjX3DF>uhf
zeleg=KNW~oQ0OyZ@3<ojNea|~TaX6M4<(Y=A%Y0ZqK_#{Q>^)7vb!--Cx0#mua=E3
zx*F~W^Q9If2(d1aZt)B9SQu!A4$iUSSs8FAsScb_U^aZKt~PR-X859B8p+7|phRCT
zD_Fc>Q2(Inq8ajIf){@J!w+R8@^7XI4t>E5Cz_@_yBpy^-`Hju)RQ9NQG)d?)~&Mk
ztXHBbZl#P7>Yj0hD1{_D(zMb}<^hTl=O^Vb$16)9@;~$!aw9Y6MLTOIl@q(YLxa>>
zL`z;z1&L$l*HfItp%$(RLHCUc+V-Ux*6Oyzb_eK8tz8qX7|wYVqoONw+UGt|SXZeh
ze=+L<s^93?vbK3szY4Np*8ZdoeC!lJ73yb#6IG60aKw0*Tm-eljwN8)(t6CTMB;=~
z0uK!8#+987>RuT_-4Ry@w=i<tfd@-Krc7c7=MAj(cEofn;Mxffnau{<3=63~@ab$T
z`IC-3xQo9Y%4(%DePM>JIVQ|EZO!CBP?7!3n8a8IGw3)+uRyHK5CB@8BQ%BdQtWVr
zLuX&lz@oio;0{}|w40Tc6%Yj?nNJVNQYB^92I1P)c7odN@bO-8OKb?pp_E>w)=_cx
zD#yk1sn2tJ_%#ZB{tOEi6x6%iv~0&)bN}$hP~QVTbKqobatbNR7pSKYFgh>lZ)Xi<
zn>(<ygN~?D2E<mvPooQDBO6ia>5I6q=K_K$a2FUiIem5yGIAmvE-zg(!=nR{#GguH
zD?6+Saq;?v&E=0!*!PM2Pd!d4LKI-}8>lH8+mVc(O=UYjB}2@AB}ae6bLew*Muvan
zOm0wd60S3KZS1#UGi6OJ8weQh`)YK7bY@kphvcJl`IQ7=DpVkmoPxCTJw<EQv(g?$
zw3uZx_Jz_RsMMZgBAQe5TmQoWQCjB2$(1U<O1V}8N1<SA;aiPVWiR_c{YD+xjthD?
zyk&shh3uDdn0Sj(98Kmg0mJ1AxygX(1|klUQSAZ}Ni8DIgk=JWHo!Lk4NScu?z7{M
zd^9J6Sf^Ds*hQvMdk=Xp(xh)G@QU4RKe0B1)(%r!Hd0c_q=hd%FuSa*evn~$gcRsC
zN=9YH#O7TOemAeHfP=OGhN$O#MfH#^TrW!oye&=OmaXtn3er_-MAxyFcKPM6Wj1R~
z#Vv-ob$GwbOp2t0wshaV<>xuuK~X?K{gjIpiFj?_@YQ@cGt1^D44e!@xgq=<1}2JQ
zq=(fdqn3m;YkVmo%%Ds=&ZgS?ATJrxu~rz$fz6qp6OjQH9ZEo8`UzFq4kyBnX>I!%
z^n5Z3@r{UY#JU}U4B%(jm1?O5=|bv))vzS+Ib%JwmAU5ZI$&m>1m036q~(DNi)a9I
zQkvS?z}VSa23dI7)vv)GI54Ato;_avaUg96Api|^NjD(bL_m``FJa!YFCV>>`=)c;
zcFOouzT%!ssc~;-U9?hYzi`^FAU~CEL%Ks^(#F~ffep3Rez1T+Zn*Az$(LG^0sI`X
z&x23jymzklVbpJ+{fEiCLP`{g^2n6-b5+yBX4;SgXt=*9m8F_;8@7z~)ASdNG$sNl
z+V0N--tg33t-n9$_O$GR4|9Jq2!WrqYkmDXb}dyJa8x_qmBJ)OCHKxf(}BXglbKlh
z`6oR5GNs1_TmCJj_|iRg#;ZXEOU5KQ3;KP803R>6onJnwz|U8MtYT*Im6R;atU2JE
z;t9JR(UgPx`(JP3Q__i$BOeMu9%h%#5Om7jd0qqt<of|>wY>Mo;$iO{3uy{V_^E1(
zCcRmxJHr43w_{!B`HdC)1UU#oC16LwA|oiMW+fuu;9gL~{h@B+`!>6R_+f{@V1B$C
z)wIHA7jzYMbw0|OjQATz_>x^ev!1=DQ2G#4m6Qec-`?Z&!hD8-xg&^NSy7)`e!Jj!
z)@bkbNBX4ii_^y+=?5Nx1qzCN!w)MA2IKYXRBr;~-Cb<-rQ9yh^XW9Vetv1fI(92I
zSqkyMc7OiuR|}ZTTY6Mpbo8$6`F_*)rvo4nu~*+IIXU1NFvg*2UzYj1;WK405Icc)
zFhT&}>xJ<?1z;DXrf!y<sfpa3OXSV%@Puq@&)gKwj)nc@(0-)^{^*+{Z;kugE;k4w
zNFUI=AHvdmG4Q)4Z_hbM=}zd%Nh~I5oCnL*^!$4?0O1}6?j^QYDi{((5cqRu&=snN
zy<cEKSMtJp(Njww4{zKF>n}OwBH#8WPnF8er)RxL{wk>{$j@)d=hZ0{zGEKRmdOxd
z;Jpu<3%tH%FD;jZIB^aT!@0C;Pf5R8hCW@Ut!}?6fy3v5;4h-*gMw7Ryfg>T`LJDV
zflP9fpuC^Ut&vZ9X^U;6%QM@PzB?o*l++CS?CpH1(NEV?|F%teR~yN8X-1>+GXCRG
z&L9>qZ`oh}$C&R*@iXOK?I9&B5}4fWw1yNvDUS;P?7U39Qtznn3GI1_Ob!TYyzCx!
zf+%+fAIDq*XnP6Xw+MAp>D-9<Gby1>(D8e$#^M|X&z*f7m?d!NAbq302aHb^9irDb
z!KqJ?#emZJF0SzwV${)%l+tx>00Fse1dzXmwy#3pHNp9>0v-Vc!oq^#>M>;RF|Vv9
za2^NVP9Fij9i_Ehz^ASAdEaX(=Ki;uG#<&~El7~^=l9$BtdfRd$mt?~^9BEI4xL@f
zr(YNCJysJMBe~p%Z%LPKb2w>0*-wW)tZ)51&*pk@uwi)#uWC)-a~<$6zH~zDeE#^i
zop-ooewdrU@XP!|fL_xgDLFLoV<yE}Y{^dSd%V%+yUQ&<;oNgo7ld1u)F=%d<(M=T
z?dZfbEbUnBBn2fUMbr01dP&+5_W5xc8mY;-aeB!`$oi-ofr){DfxRf@FsP&g*lnzz
z=_jA^ppFBAof4U@Z_1cpTY%;!$qKp=-Lhn2$`Se*;6&WJ`|QB2AC_iDdcJ6|Zt<kJ
zS?*HYy<4ed@}^aLIbEcqKqrk=Z=p5KE%;&c@K9I#*^zeU2S09vQC65N`wdf;VsPT@
zE{|eKU^W!&F0|;!u&ARs7{(0cTSrMO7G1PO-WLvN0M$dLG7J;u!DaL<4jVwU5BJqc
zOlIBlt3@Q)Kl<@!^2eL@vSx(9ubd8wmnIo)b^>#9YyWCU0(Hx(RJV3q5l4BOsy-S~
z29!kAcoVox^ErqCvf`GuK*(jOHUeu|`~XDppGMQ99=kW^m{CyDWY%>PQUx=P&yN>N
zJR5Gm`rrsV^Ogb>&M@EnTdsQ&<5T!Z8A(wkCetr3=VHZ1wJ9Xb?6Dt-p?AVuGG6O-
z`pT8j#84(`zgoZ%)5oBouN6aM2vWxls7r7rD}2@Y+La{gQR2D4XE93wmA;PHVAB8V
znlRn(^9)Pu0&g^-#Dh-{WMo_b6s%GK#6uD;>^|fy7UVPr6_y-I#9_R$2g-!q3i|3S
z|G3Jms*MZ9srG<{sp#m=1hVH1w8PSxkZZ2X7a)A{RVSBN_-kbviU?H6MjGQpubVv@
z|0;PaE?7`x_lYcxCLUlIpHbt1=5U}^1{ZlAs>FD4DlPrtT#1B<n3LN_uXC7!3Y>C#
z-sUPFgjAQON^CSXT!I35OL%&3DNyjm4Lb3OyjXIZd=rWTTy|7^RA&kXH9IGk4bb{2
zP(1|M?FwzqC2calb}+Fai@VZw*CUzw&GU;{=jRih`(1P$cF#`J!?N`grDiem^(l+z
zvh}mAv#5-0di|G~^Q`mupmMu7uPn+YAWMi-@#9oQibX%>0a3B(Ld+--#A1<M<tWnV
zUC2^m*|>D&xi5}9tSmS2D0762?uEUN6Lj}#m`m04OR&EP3xrO{1xau0MQw$5WW+tG
z(w2jc_w8++`DO#<pUewT$Qn1;`B@<^+AwL$6tFy-rs6{bHgbLPBzX3D<V69lDGP>l
zE{Vz{H#>HTBc-#RS|poJ#C=FG7+2}#kEIKroan2c^s}Hzi<tyScN9{$jyv6uZjJ*E
zP(Q^>lAs#zqG(ZlUauV==<1NE$Adwk?VrU@wGtI6G*RTLQ+Nh^vdksAnaZ7xK_MmP
zja2!5ndl$W>6w0NQ5vTnJ(wdK?-U<P?uT}0xqJWm`kH|Eig-3IZ~;~vCCJDI1HSS@
zj|R?ZpH3l1AU68^C0)7{jO0nO@jXsSM`1Ld|0vD-lM0n^in*|Jy4$UGE-5hgn9g$l
zcM1w-E|nPP^~t+z=Y!i<X`pv8+1tpSh2yBsXvu2gc5?<9XQn(Y3u5qhlcl(C%1jJV
z!Xx`9v_sc~mTAqq5%kK()-deTXHtWxesE@KqT=QGfw)2V<a!&r&D_;4l&FTn1O!Hh
zU)S9|qv5Ij7bmYukz;R9aW@!DK^%#?axB4>yOLwSmv0g&K$7)tQ}RF(iTTDFHW}hG
z_~k<#sk+?*bY6K{R0L^HvbJtrx5mMkPZ{5=Sb+5SMi?LpTcZxYi)3zJ!)+?N-P(e@
zBOv&!RwIHCt`=}h6z9h)?e*2|AeSoUIV6ZVuw~ZD%0_(;Qv)V~H)~0EJ~HM>Ao+E8
zI_(|DOsplz9~L~{M{VY|Tt@tU+EoY5Gem(h%t|UW+FFxP9E>9Lqb<bU6b%T@(pB<D
z6f~PPr<Ih6^TW#sZH}xHE??eE;E^sUP}y_wB1vMf#;#qaB@l)zAdlYD7Dv{3bGvWl
z>j;Y}vnt_iJ_7^V)s3O0aDXY_wmYb$bRI-nC5#Us3fkESYiDa_nl04jQ%5vWvnoyK
zN<PVoi{66n++@u2iD`2i?*ubx32<P3S$lQUF{}O4LIDe$+Eq`PjXAXyBb%1c7B{9&
zl~kv&)z0xXMYtY(s{WQz^fure(Vg_#b~hbru`wni!ZS%tkc6T!&$blG|MPeHdJi8?
zd3rrXx;4O_8JB3*4H+X$dat`j*sn;3A-KvZq-a!7^fYDSY(w#kaN~ep5V^Fkd@d`w
zqf@0}cVUo5$h1h}P{Is}9D_#(jvy+uJ7^Yx@}lLRZm){$6%0lUCqjwH=P2B0W)WcT
zlBq_(k`$lQ!veZK@9lLgU+A$_ZzKoNERG4PnxF&v6WZwle!U!an&>~!bBupFuNZhu
zE9kP)Kk~g&p3;*~{tTE^xo?ot4Qma8e>%jb0)VNDCS!bIlxcz80#aruX4AckQXZc!
zt4z>*Jpy;Z)9PUV`I)^~+}5S*E%WUQk!?XI>qz*H%7Cdh3g6<!R4*NO+6Dc1m#`pe
zG1J;j(x-!GdkVBLggc%7$&N#aFBLnj6{MzK!4aG-djmf`tQE%@)U5f78X@{k9WW{U
zM<8}n*G&Rbkq4s!_t*A-zBG>KTgYt;P2EUK+t5yP^M5D&Dd($kP3nH$>qT@;xXbJd
zG(zY>ssg*Rmekm#NqANdF~mZSS%Twnpc!4^GQM9ZA2&Zs@zcXFtBnoB;iPd>J8$_{
zGDz!!@Op_C^&*d9?EY0s-ZeMgXi=)usNuJjhkE8k&uKD`w;)9%oKzall$)Y4TrMkF
zPX+bPbGA9|tQ5ssE~@piI<D(|im;jaPIby-((OLyqucR*Qi9pW&vL@jR@SM?xQPmU
zU+3^%fB-*|TQLq`v{l7K5&a`b-l+Q3T6&Uvib;k5i;O$)NqVlHhb6DQ?$<_#dphNd
zVGCH-#q{LF3v?mVVlP;5S;JH}jW`i3Ao|qzJf2$^en7ij1GS=`dM?#zIZjGb?YOZ@
z-6WaOJ-rs$^}J!ICd3a^8)m|@5+aP&tZTnIDH1d3sjeLh1&#Mx*TMxd^c(}ZdOqMn
zt{H$PHl={m!$rUNf9i+m2#n6wdD2}2EVV;kQemW&0$x2vy{FwKbahVmZ(4cCg=Cko
ziR>N+DOas)-0=6urkB+ZmE9NeG2!9#R`-{uP7V&yoQ+;ITlXQc61?D%T=a7Co1^-J
zcd9*$PdB<PSm~|0-(PLJXQw1Vzunt^x_4QOd7tXb{ZYGyWn@O@GmvM>eQ0-UzLxd)
zq-7o#>)#q#zR66IlQo7)j<N$C6^Hz0<k!;)Z5Ks;UDW5bSPuqT4*=2V%EzxbNzblL
zq$so4vTBfdxhDv5V5j!LeJ)<Mg_m9J9J+M3OV1Spk>(cZ+JoEQ1uWxd_KoE&>kiX<
zuHRQCQXgzHmu;Ro-1#U|hkKS`C6{MnQ5VHx&6J*o?oawA_kWgoJvTU6v5KkBlrkln
zdMYeeFaZ+gZYP?p-i~yuS`=-5QG(kwwdi~8hFCi_%fY*GEI4O2=r%s09Y{Xh=$nAI
zp<nHw1ok=dles$0@?N*n)ot=9|B~%Z%J%8!RC3xccF=3u)0HmmFv1<LB;D5B^)Ky;
zRB87s4l}O?TqdDQ)547}Bi#8F$|WwA$=k5>hi%amK*p`iGX0-h!d_XDQZee}9BXtj
zhEGQ2(uXz|y)Tor?7yF7HEs(2^5sl^2WhIXU9M{Zam$)ix0c)e_|bN*r(l(xny$of
z>czFchf2mMg>^;D9i#zGd9su}v(?gR9UABBtFrELinMiJh<AKt5VopwA;+td9?5{!
zcdYkNODDct8Ro8f2_^}>PXftr#`qS#SGUGAxGiZ@7nCe$dN~+d)dj-m0M4{4s!OFV
z)qy!)p=?-7`HPU1%fAxs&?+Z67#7LC3O;IRPJrI8NSqozoFeKoS1tNJ$p#8IpvWVH
zl*&kgc!Wnvz}T(k#}t;rpqex(u~z=0SINLhEm-Sh3l+Xd3|k4BypsyIGS))0MU*=^
zyNY<_QF)=0en=U`jqN$7S1+vSMAgQs-h1i(A^<X-#z5(E2;_1x?U0l!daCkTxrU}{
zubkrEWoC|_iq%1ZDM_D;FmC*gRlg{OUGnl;J;nY06wtojCe3{=*~nEM$lE^16Z>@w
zE!%c<-Gq`JMtVILC!b+I60Zh#J#rZ&TXs1`vW&Wf(SHhnjzOs99Ob1zQlQgJ7T8#w
z7JLUjK~x@L`iu-mj6?Toj^w=M!_bMpDYLzSDCEn62ZkIabQCT2+UvxCzdeWkP{1E`
zdf)qP6FBBk$nk|$4GrdrnxdD-qPOBMkg$PXJN{aoMkLC>v>aZ`UVRj^ib+s@YC#iC
z`3yuy28r29!LkBf^npTjG3&jE_YqauGFs@auih3ZSvuJ+wV#xFSB%1t^os3UA2xcg
zIRw2lx{jmI?)1y!ts7PkWg!!rm*0`G-P}7utb>f5JgvxX$H}s$!v0Y6eM3c~BRP0L
zC51-D*H_SFh8we9bDv{5&&BIJS6<P_fK;$))b#8by&Q`NMQ67ciqbrlYZ|A*r2wl6
zOZy7jolTM6+CEy;qHO}V1MV-M$IX<7QiWZ3NWNSA#Fi^YrW#E*w9+NE+FJZ7QqF!F
z+zY4m9&eV%mL8HtH`bNu-%g!+PVQA(svAH7n?uJfOp6{gJ2_P7`qaP1_v$a1n_#^`
zi#{HqUG`mS%$;c0OxFdb3h7{@N(oQ{UI*4qRH=CF_Rhi2ZwrayO(1<>fM}#q3@BPh
z4$g-dO`xi7)2I5uqxRB3*Rn_bwT}hdLsBFJtg7^SZ%25Js{f5I00ISZVWy1`H?Ll*
zpaMi3KIS%tN#lg7V?jQ@rwvJ}CcC*B4~GX4kiMMP*!v5<oHAL+&Xq;5wq92~VlIy9
zft{<l0oc2rqH!A*df93381vPR0T%bwc}K1q@7bz|$8DdHiMkIpKOc!%YC=xY*(q9y
zH_BYOfCyXOnMEc3UR4bRk0wV1e+X3t7=Bm+K*mr9C~6KIGqj0_+c}MP-7@r5dCjw^
zZ`~UDS$K}tFs)~gJHO4R43$w}^IhMFv381}^Hm%F%!^pgw$cVQ%h{ij>`sC<G664W
zn<MLf=(UHt+JSqpR&6B7z(XWtQko|OmkdgPV=Y-*h|XRaDeqEB!=&V>C*>!ppFy34
z;2CWrz!DbUhcM%58_o3XEbn6O+gyoE>0OqmdhxI8N!Ek{6XXZ&S9&l>i3RIg77O+7
z2cq5q)G!F+ry>;Tvup=_-9E3TVC0k~WZ&1sXd2bzL!Wba^4%*nl8x`$R-&pzSPoT^
zsy10dbfkv+Ms3GWelRwUtqH%^AT9T!o;W;GS0@lMDfr|7gZT^|!D+DcPoYA?qv7v{
zv{@D9A^+O={Q6EK1#cIi@D9bMy0|C2*@mL-&Xh_07=*lwM03M&=4WTWUa0o0y@lGu
zaCXt+j`6gvSlsY)>HLYbzMS<C=2eTK5bTCxgF=MpdxC8A=26*9dF^2a1alHI^f0@C
zZG@EG3_;LF4$EzU5q#BAXm3s)f-QH`;libu;PI|s^tcpUX)J7j#SVdhZPo4FQw(40
zqTFq(k#jsjq9#NoI6nmPa{J;F0fnNGzQOs?Ca-Fi-_P&2PsCh;WT%1cBpMk%qYWH{
z^ei$P+aSmIWn-E|hR(=9R-Xvp&OLQIs+%Q-wboVd)$LUhxs)zcMaj>%k4?^q{Zb4U
zlqvUUe%*Jkdpuc3dJ)Zla=OvlC;yOY<~+JiI&(wmIFQcOV)37<0U9X>>*lwg-?r3s
zW8*+zMeusG)p>>qpO^7s#v$I0t%B&DzE4OTdES4$)*C^pLe((DeZOVKn|eNsk+^*3
z3=gnSp`WBtN53$7V|MFCd>#D^r9gPY2k%>cIgF=fN}QuAcaExb=bxkXZZqGGAc*Mu
z<wrMZW0+Rtk@L+44_rJ2%{b@HvVW{$HT!2x^?StEt*i6<lOq;cdyT12bnvp&OpvE@
zUB3)FC8QXWM#=V3g)Ck(96Asw3KUczo13k@28O%m24-P<tQlZ!w%N^*ZQzZmviaQV
zX<tk&J%XZspqD(xKs^woFlbZ7G}V~SK0sSxQN05Y%k|zN;d23ow?AL0M2Rx698KSL
z3pbc7!f@XOtsvTTr(#_ky~`W3tSVKXH&~!T1LOJO4>}FHol!yiL|*fhpN>wiE^jum
zyiqip)ZMZgm1S&K8Q^$_y9KY;73=8X{CB?gGXcJ|K}e~cmMux|3^ajB#LW5XX+{{C
z325HbWQz0gUBx#%PUeq{;x~*Mb3%(bVWCi<rkn12puD+1;Cn;c?)XvDHpi(49DSGW
zi*B@>P$#;RSIif#1E#von7p`H65|4><2raTEJN!ovR3kQtUYhr4ZLkkVx*~uQBX&t
zn}8TF^aRz~Z=_2HIqP(4Mr#Y<N}puM_bW8?b6{Nx7RT{>EY!l<yBxqGHT<Yk<e%e+
z2M-RUP)5jVl#PP5u1^-H(WFF6sLuiIAI=|=SyyOyaOT!~Y4P2vxFrF@Sr2E8;o5+i
z)G%Y)ms047U*erj4v=sv&L|z&WDs0wtSBUdEn-aeO8)NfLkyxSA>=!;7&+{rQ1rNl
z#a?yM#%z()IZICX&DOVG;TC#p0kNEWg5&Hv<X2(-xy`xd8yChiDFQoq&MH?#M+0^m
zvKJk+c<nKrqA+q&YFgN@0uqTDrMcp0tjzkANutRqFf~kAV(wWGI;t8uiX_z8JvVL>
zwe2PoKG1XI7BD2vt;Kb9Wp#^TRXf;ql}oTI@St;3JhHNKfm*czOoMVY=*|v2tOq!Y
z_a|?b>bf+sw^DEK7&K{-pxAbaTk3`c*B6mLo=my<npL}pJNo2C-Pmkf?zL9CSGwP;
z-44dzG}P+6aTc#?`w2O+<#BmHl?GPlszBYcm>GdUg4YHncp%cxzul8fZ=5pHsHPvi
zPkGO_wIGS0);LL6+C%r3jEmB*Nabj%KYwdZt6sGo;F-3k1v+BKnkoSMGf2fiop8wX
z-06?E`y2ksH!Z321MFlWGmMEXR$wX2B8<aS4AK$|W(GIDT-64#TO;$n^Y3xdiw@L_
z_{!iwakaQbRlt9S+I!Isp_fK!Eh&%5vHNzUVUd6E>)UZ9Cn``r18mn<kUyu*M+~e5
zWGROTt!bTG9cI@hT!y8(uC$-T*6@pQ0*x%f8CL%lF=>9yD+CAwx}PSJ?SMBFl{VL-
zW0Yrh;0gmMb_7;E?~h8bFfcGPD%eR(PP)=ijEqXl(u___&y7pcNEy57yYftF`DXYV
zxZh^ai&hoQHCxd`ek?_i0c!@7`L98B%L<N>g6U&G3R%onny3rd16lv(2AaBKm{CmB
zFdD?89JjHq-hK&w9`gQc@<IZk5M8oKP-pZ>AzW6&1}N$l7sX+Q_(?zO98|-3n;|TP
zGrXV1rjsDL(0GZ}mpTbm%B6Fb^BZ^#^$-pi8$bMID=qt2yy1ZN@`K?He4Zu<Bf7*+
zx=d(FR5{|YKX*=CKukGGWm)wZv9X%(m%$gy*9um78HQdw%u3s$um5pS@qaobHN_ac
zI4#wvG_9!{+x_gR3}!W_r>j*Jb!?mck%Zi(Fwl_~h8crf7AVjM!2c-g-!wlUx0w2A
z0&)=X(l~;Q?7=!$e)^3UsPG4D{=Wzs4nDS_qF0F8eb=4wroJsAc$rvE2~?s7Z~Z?B
zsyc3KpL$4#Va-vKLG4s$0WwFLYXvmF4`1*vf<oLm^Y0?wvi=-nexl;^Ws}C#f8K!u
z%G!XjFZy2!3M)ZNNBQG#sxIZIAsX|%4!8+yX>`C|ztFUz(*fNaqY<{Fxn-He@*)O&
zXliz@<}|QR#*V=fBWu2+Ejb8t#(I`dHuP>|jU~KzpL4(4p&WSHC~vI5UwB(EB&${S
zAt{=={LwEi&VIM~_;O!P>8WGC$vxQ+dRW3IeQjTa?<d^Bz*@wjvW(wGYJC{+nQCR8
z^q#8Sx5pQLE^q9CTR8B>Qgk~j7ev{E-`2st%*Tj^d!e`ATn{~e7H8Yz`+_Ft_jL-u
z*w4<CoyLAD;ZmzjTIL4au>~&&<W6tl|Agq4l{tD7Y%e%Fa4Z9aMh?ac@PGRJN2gPS
zeZa~9P*M0?CJ<gR*qHNS9$&3Km}AFWu!7l)W4sZ*cqGto{-4Iq!Pe5m$cfI<(bnd_
zYY&DG*jQNpcrvoHGW_%N5180l8G#s?8ChAFSeO`D7=aiVnOHs^gbe>(3H>w9j!p&+
zgoHrmwl*FH|C@RL)%gEU@gz1jaWrzUuyeAowISxRaRvZrh+QlkEetIH7EbPZ023Dz
z05KN>4Y7fPk-3G7i7_#ksR6*zgofD2LeIkZuO*J=1`a01dJfJuHYN^^dL}johJZij
zIypFhOf_`202u2T*}9lG7?_#pIhdH4xc#;A?_&l4fUT>ZnT3;{sfm-3`M)l7vamL>
zb#@}=VrFCb$i&XX#@NEfOwZT^VB%!*k9_Q$4FMKLdVgEu_*VdcfuqyMes;Ew7EZPf
z?s`V%CPr3zrUn*&%kJ+P7}?r58CZPe{YPRJj!qxb{!{+8HURfOQ?xd5_&9-ush*vM
zoeAJ$m7b%sk&%hXA6x#Jh`GT>0o<HS9Bd2#dKQk3&L(<J4hBY6CJuk?=wM>+Z1Rzq
z!N*F+f2!8M3*c&DW$}+pEk259V`^chXJ_DK{#Wn6%kHD8XKdkU<m~A9A*`d`hdLjp
zbF>Bgvx0UG7B)_QRPyi3{>tj(R964F0tU`bwt7YeHby1@y}#=JR|P&!PW;z&8sfjJ
zqG#gZVEd2r{*%Y_%$=-13`I=*hc<>LfRDvmIyA)AAA&eK+5RoqAML-D?a$ASHWqev
zCQg6096sV3IQ}*E=l%6@0&Bw$<9&2`693^!=8u&BUfe$&%<^FzM_XqHBa^?mmgyfY
zCwIFK4-w1%J<vy5&W;~W_+t(u4Y7@_lZB~;k-^_G|1;7@Xd?#`1E&wW8+>?@nCas-
zqh;WvWnfokWaeUE`*0~83nQoIAEE4w|BvSV70=N9uZ=BiTrB>mqV<PU|El7jeNMJk
zCN}@6?~k+E{k7A-c<f*LOx)}&K3womJ%1dQnCtH~``Gr+{fG^Wtu1W6n7A2O+W}1I
zjBKs{tc#6-^&iD@u(fp}_V)fmw|{odUz+@fFaBscIarvP{au@X8q{<A_$nGZ1O6eh
ziGz!U(O)fdTU)FDP}u21m_MrH@ZmpmlmDsT$-wMCxxw_KoX!p=e;thJKSus+{%hKL
z|7sN`hQIvxZwCJOI{usPzdZVHhW>sb{hNXR(nZW1O#eqN`g7htU333=GjH$z#r>};
zqNpSxC;Q*}j`=U%|9^~ry#JY4*qK<F*w~pr-v5k@tgOG^|Nn2mK*vPK4D<hW7Qgw;
zZ+`Qe-~8q`zxmB?e)F5({N^{m`OR;B^PAuN<~P6j&2N75o8SEA|Azkotz)O10Pp|+
D6C-Cz


From c6e394bb8499b470b9d2a0c03c8ce7fd023fa08a Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Matija=20=C4=8Cupi=C4=87?= <matteeyah@gmail.com>
Date: Fri, 4 May 2018 12:35:36 +0200
Subject: [PATCH 105/129] Improve variable comparison

---
 spec/lib/gitlab/ci/pipeline/chain/build_spec.rb  | 3 ++-
 spec/services/ci/create_pipeline_service_spec.rb | 5 ++---
 2 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/spec/lib/gitlab/ci/pipeline/chain/build_spec.rb b/spec/lib/gitlab/ci/pipeline/chain/build_spec.rb
index 17f15ac3b27..85d73e5c382 100644
--- a/spec/lib/gitlab/ci/pipeline/chain/build_spec.rb
+++ b/spec/lib/gitlab/ci/pipeline/chain/build_spec.rb
@@ -44,7 +44,8 @@ describe Gitlab::Ci::Pipeline::Chain::Build do
     expect(pipeline.tag).to be false
     expect(pipeline.user).to eq user
     expect(pipeline.project).to eq project
-    expect(pipeline.variables.size).to eq variables_attributes.count
+    expect(pipeline.variables.map { |var| var.slice(:key, :secret_value) })
+      .to eq variables_attributes.map(&:with_indifferent_access)
   end
 
   it 'sets a valid config source' do
diff --git a/spec/services/ci/create_pipeline_service_spec.rb b/spec/services/ci/create_pipeline_service_spec.rb
index 24717898c33..9a0b6efd8a9 100644
--- a/spec/services/ci/create_pipeline_service_spec.rb
+++ b/spec/services/ci/create_pipeline_service_spec.rb
@@ -557,9 +557,8 @@ describe Ci::CreatePipelineService do
       subject { execute_service(variables_attributes: variables_attributes) }
 
       it 'creates a pipeline with specified variables' do
-        expect(subject.variables.count).to eq(variables_attributes.count)
-        expect(subject.variables.first.key).to eq(variables_attributes.first[:key])
-        expect(subject.variables.last.secret_value).to eq(variables_attributes.last[:secret_value])
+        expect(subject.variables.map { |var| var.slice(:key, :secret_value) })
+          .to eq variables_attributes.map(&:with_indifferent_access)
       end
     end
   end

From 3fe555a751274538390b3f61b2cc5ff576d62785 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Kim=20Carlb=C3=A4cker?= <kim.carlbacker@gmail.com>
Date: Fri, 4 May 2018 10:45:20 +0000
Subject: [PATCH 106/129] Add note about rebase/squash duplication in Gitaly

---
 lib/gitlab/git/repository.rb | 9 ++++++++-
 1 file changed, 8 insertions(+), 1 deletion(-)

diff --git a/lib/gitlab/git/repository.rb b/lib/gitlab/git/repository.rb
index 84d37f77fbb..2ec720a93b9 100644
--- a/lib/gitlab/git/repository.rb
+++ b/lib/gitlab/git/repository.rb
@@ -20,6 +20,9 @@ module Gitlab
         GIT_ALTERNATE_OBJECT_DIRECTORIES_RELATIVE
       ].freeze
       SEARCH_CONTEXT_LINES = 3
+      # In https://gitlab.com/gitlab-org/gitaly/merge_requests/698
+      # We copied these two prefixes into gitaly-go, so don't change these
+      # or things will break! (REBASE_WORKTREE_PREFIX and SQUASH_WORKTREE_PREFIX)
       REBASE_WORKTREE_PREFIX = 'rebase'.freeze
       SQUASH_WORKTREE_PREFIX = 'squash'.freeze
       GITALY_INTERNAL_URL = 'ssh://gitaly/internal.git'.freeze
@@ -1671,10 +1674,14 @@ module Gitlab
         end
       end
 
+      # This function is duplicated in Gitaly-Go, don't change it!
+      # https://gitlab.com/gitlab-org/gitaly/merge_requests/698
       def fresh_worktree?(path)
         File.exist?(path) && !clean_stuck_worktree(path)
       end
-
+      
+      # This function is duplicated in Gitaly-Go, don't change it!
+      # https://gitlab.com/gitlab-org/gitaly/merge_requests/698
       def clean_stuck_worktree(path)
         return false unless File.mtime(path) < 15.minutes.ago
 

From 8cbabe43be4def12b2bbfdd02f66137cbd2a4851 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Kim=20Carlb=C3=A4cker?= <kim.carlbacker@gmail.com>
Date: Fri, 4 May 2018 11:27:08 +0000
Subject: [PATCH 107/129] Update repository.rb

---
 lib/gitlab/git/repository.rb | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/lib/gitlab/git/repository.rb b/lib/gitlab/git/repository.rb
index 2ec720a93b9..60ce8cfc195 100644
--- a/lib/gitlab/git/repository.rb
+++ b/lib/gitlab/git/repository.rb
@@ -1679,7 +1679,7 @@ module Gitlab
       def fresh_worktree?(path)
         File.exist?(path) && !clean_stuck_worktree(path)
       end
-      
+
       # This function is duplicated in Gitaly-Go, don't change it!
       # https://gitlab.com/gitlab-org/gitaly/merge_requests/698
       def clean_stuck_worktree(path)

From 3417221ee6d3b8b0b6a895821a9fdff307359063 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Matija=20=C4=8Cupi=C4=87?= <matteeyah@gmail.com>
Date: Fri, 4 May 2018 13:31:20 +0200
Subject: [PATCH 108/129] Add pipeline variables feature spec

---
 .../features/projects/pipelines/pipelines_spec.rb | 15 +++++++++++++++
 1 file changed, 15 insertions(+)

diff --git a/spec/features/projects/pipelines/pipelines_spec.rb b/spec/features/projects/pipelines/pipelines_spec.rb
index 6e63e0f0b49..d404bc66ba8 100644
--- a/spec/features/projects/pipelines/pipelines_spec.rb
+++ b/spec/features/projects/pipelines/pipelines_spec.rb
@@ -522,6 +522,21 @@ describe 'Pipelines', :js do
 
             expect(Ci::Pipeline.last).to be_web
           end
+
+          context 'when variables are specified' do
+            it 'creates a new pipeline with variables' do
+              page.within '.ci-variable-row-body' do
+                fill_in "Input variable key", with: "key_name"
+                fill_in "Input variable value", with: "value"
+              end
+
+              expect { click_on 'Create pipeline' }
+                .to change { Ci::Pipeline.count }.by(1)
+
+              expect(Ci::Pipeline.last.variables.map { |var| var.slice(:key, :secret_value) })
+                .to eq [{ key: "key_name", secret_value: "value" }.with_indifferent_access]
+            end
+          end
         end
 
         context 'without gitlab-ci.yml' do

From d0c854bd2e21bd810c1982536645927d5b0f7fd0 Mon Sep 17 00:00:00 2001
From: Semyon Pupkov <mail@semyonpupkov.com>
Date: Fri, 4 May 2018 16:34:58 +0500
Subject: [PATCH 109/129] Replace commits spinach tests with RSpec analog

https://gitlab.com/gitlab-org/gitlab-ce/issues/23036
---
 features/project/commits/commits.feature      |  96 ---------
 features/steps/project/commits/commits.rb     | 192 -----------------
 .../commits/user_browses_commits_spec.rb      | 194 +++++++++++++++++-
 spec/features/projects/compare_spec.rb        |  69 ++++++-
 4 files changed, 254 insertions(+), 297 deletions(-)
 delete mode 100644 features/project/commits/commits.feature
 delete mode 100644 features/steps/project/commits/commits.rb

diff --git a/features/project/commits/commits.feature b/features/project/commits/commits.feature
deleted file mode 100644
index 3459cce03f9..00000000000
--- a/features/project/commits/commits.feature
+++ /dev/null
@@ -1,96 +0,0 @@
-@project_commits
-Feature: Project Commits
-  Background:
-    Given I sign in as a user
-    And I own a project
-    And I visit my project's commits page
-
-  Scenario: I browse commits list for master branch
-    Then I see project commits
-    And I should not see button to create a new merge request
-    Then I click the "Compare" tab
-    And I should not see button to create a new merge request
-
-  Scenario: I browse commits list for feature branch without a merge request
-    Given I visit commits list page for feature branch
-    Then I see feature branch commits
-    And I see button to create a new merge request
-    Then I click the "Compare" tab
-    And I see button to create a new merge request
-
-  Scenario: I browse commits list for feature branch with an open merge request
-    Given project have an open merge request
-    And I visit commits list page for feature branch
-    Then I see feature branch commits
-    And I should not see button to create a new merge request
-    And I should see button to the merge request
-    Then I click the "Compare" tab
-    And I should not see button to create a new merge request
-    And I should see button to the merge request
-
-  Scenario: I browse atom feed of commits list for master branch
-    Given I click atom feed link
-    Then I see commits atom feed
-
-  Scenario: I browse commit from list
-    Given I click on commit link
-    Then I see commit info
-    And I see side-by-side diff button
-
-  Scenario: I browse commit from list and create a new tag
-    Given I click on commit link
-    And I click on tag link
-    Then I see commit SHA pre-filled
-
-  Scenario: I browse commit with ci from list
-    Given commit has ci status
-    And repository contains ".gitlab-ci.yml" file
-    When I click on commit link
-    Then I see commit ci info
-
-  Scenario: I browse commit with side-by-side diff view
-    Given I click on commit link
-    And I click side-by-side diff button
-    Then I see inline diff button
-
-  @javascript
-  Scenario: I compare branches without a merge request
-    Given I visit compare refs page
-    And I fill compare fields with branches
-    Then I see compared branches
-    And I see button to create a new merge request
-
-  @javascript
-  Scenario: I compare branches with an open merge request
-    Given project have an open merge request
-    And I visit compare refs page
-    And I fill compare fields with branches
-    Then I see compared branches
-    And I should not see button to create a new merge request
-    And I should see button to the merge request
-
-  @javascript
-  Scenario: I compare refs
-    Given I visit compare refs page
-    And I fill compare fields with refs
-    Then I see compared refs
-    And I unfold diff
-    Then I should see additional file lines
-
-  Scenario: I browse commits for a specific path
-    Given I visit my project's commits page for a specific path
-    Then I see breadcrumb links
-
-  # TODO: Implement feature in graphs
-  #Scenario: I browse commits stats
-    #Given I visit my project's commits stats page
-    #Then I see commits stats
-
-  Scenario: I browse a commit with an image
-    Given I visit a commit with an image that changed
-    Then The diff links to both the previous and current image
-
-  @javascript
-  Scenario: I filter commits by message
-    When I search "submodules" commits
-    Then I should see only "submodules" commits
diff --git a/features/steps/project/commits/commits.rb b/features/steps/project/commits/commits.rb
deleted file mode 100644
index 959cf7d3e54..00000000000
--- a/features/steps/project/commits/commits.rb
+++ /dev/null
@@ -1,192 +0,0 @@
-class Spinach::Features::ProjectCommits < Spinach::FeatureSteps
-  include SharedAuthentication
-  include SharedProject
-  include SharedPaths
-  include SharedDiffNote
-  include RepoHelpers
-
-  step 'I see project commits' do
-    commit = @project.repository.commit
-    expect(page).to have_content(@project.name)
-    expect(page).to have_content(commit.message[0..20])
-    expect(page).to have_content(commit.short_id)
-  end
-
-  step 'I click atom feed link' do
-    click_link "Commits feed"
-  end
-
-  step 'I see commits atom feed' do
-    commit = @project.repository.commit
-    expect(response_headers['Content-Type']).to have_content("application/atom+xml")
-    expect(body).to have_selector("title", text: "#{@project.name}:master commits")
-    expect(body).to have_selector("author email", text: commit.author_email)
-    expect(body).to have_selector("entry summary", text: commit.description[0..10].delete("\r\n"))
-  end
-
-  step 'I click on tag link' do
-    click_link "Tag"
-  end
-
-  step 'I see commit SHA pre-filled' do
-    expect(page).to have_selector("input[value='#{sample_commit.id}']")
-  end
-
-  step 'I click on commit link' do
-    visit project_commit_path(@project, sample_commit.id)
-  end
-
-  step 'I see commit info' do
-    expect(page).to have_content sample_commit.message
-    expect(page).to have_content "Showing #{sample_commit.files_changed_count} changed files"
-  end
-
-  step 'I fill compare fields with branches' do
-    select_using_dropdown('from', 'feature')
-    select_using_dropdown('to', 'master')
-
-    click_button 'Compare'
-  end
-
-  step 'I fill compare fields with refs' do
-    select_using_dropdown('from', sample_commit.parent_id, true)
-    select_using_dropdown('to', sample_commit.id, true)
-
-    click_button "Compare"
-  end
-
-  step 'I unfold diff' do
-    @diff = first('.js-unfold')
-    @diff.click
-    sleep 2
-  end
-
-  step 'I should see additional file lines' do
-    page.within @diff.query_scope do
-      expect(first('.new_line').text).not_to have_content "..."
-    end
-  end
-
-  step 'I see compared refs' do
-    expect(page).to have_content "Commits (1)"
-    expect(page).to have_content "Showing 2 changed files"
-  end
-
-  step 'I visit commits list page for feature branch' do
-    visit project_commits_path(@project, 'feature', { limit: 5 })
-  end
-
-  step 'I see feature branch commits' do
-    commit = @project.repository.commit('0b4bc9a')
-    expect(page).to have_content(@project.name)
-    expect(page).to have_content(commit.message[0..12])
-    expect(page).to have_content(commit.short_id)
-  end
-
-  step 'project have an open merge request' do
-    create(:merge_request,
-           title: 'Feature',
-           source_project: @project,
-           source_branch: 'feature',
-           target_branch: 'master',
-           author: @project.users.first
-          )
-  end
-
-  step 'I click the "Compare" tab' do
-    click_link('Compare')
-  end
-
-  step 'I fill compare fields with branches' do
-    select_using_dropdown('from', 'master')
-    select_using_dropdown('to', 'feature')
-
-    click_button 'Compare'
-  end
-
-  step 'I see compared branches' do
-    expect(page).to have_content 'Commits (1)'
-    expect(page).to have_content 'Showing 1 changed file with 5 additions and 0 deletions'
-  end
-
-  step 'I see button to create a new merge request' do
-    expect(page).to have_link 'Create merge request'
-  end
-
-  step 'I should not see button to create a new merge request' do
-    expect(page).not_to have_link 'Create merge request'
-  end
-
-  step 'I should see button to the merge request' do
-    merge_request = MergeRequest.find_by(title: 'Feature')
-    expect(page).to have_link "View open merge request", href: project_merge_request_path(@project, merge_request)
-  end
-
-  step 'I see breadcrumb links' do
-    expect(page).to have_selector('ul.breadcrumb')
-    expect(page).to have_selector('ul.breadcrumb a', count: 4)
-  end
-
-  step 'I see commits stats' do
-    expect(page).to have_content 'Top 50 Committers'
-    expect(page).to have_content 'Committers'
-    expect(page).to have_content 'Total commits'
-    expect(page).to have_content 'Authors'
-  end
-
-  step 'I visit a commit with an image that changed' do
-    visit project_commit_path(@project, sample_image_commit.id)
-  end
-
-  step 'The diff links to both the previous and current image' do
-    links = page.all('.file-actions a')
-    expect(links[0]['href']).to match %r{blob/#{sample_image_commit.old_blob_id}}
-    expect(links[1]['href']).to match %r{blob/#{sample_image_commit.new_blob_id}}
-  end
-
-  step 'I see inline diff button' do
-    expect(page).to have_content "Inline"
-  end
-
-  step 'I click side-by-side diff button' do
-    find('#parallel-diff-btn').click
-  end
-
-  step 'commit has ci status' do
-    @project.enable_ci
-    @pipeline = create(:ci_pipeline, project: @project, sha: sample_commit.id)
-    create(:ci_build, pipeline: @pipeline)
-  end
-
-  step 'repository contains ".gitlab-ci.yml" file' do
-    allow_any_instance_of(Ci::Pipeline).to receive(:ci_yaml_file).and_return(String.new)
-  end
-
-  step 'I see commit ci info' do
-    expect(page).to have_content "Pipeline ##{@pipeline.id} pending"
-  end
-
-  step 'I search "submodules" commits' do
-    fill_in 'commits-search', with: 'submodules'
-  end
-
-  step 'I should see only "submodules" commits' do
-    expect(page).to have_content "More submodules"
-    expect(page).not_to have_content "Change some files"
-  end
-
-  def select_using_dropdown(dropdown_type, selection, is_commit = false)
-    dropdown = find(".js-compare-#{dropdown_type}-dropdown")
-    dropdown.find(".compare-dropdown-toggle").click
-    dropdown.find('.dropdown-menu', visible: true)
-    dropdown.fill_in("Filter by Git revision", with: selection)
-
-    if is_commit
-      dropdown.find('input[type="search"]').send_keys(:return)
-    else
-      find_link(selection, visible: true).click
-    end
-
-    dropdown.find('.dropdown-menu', visible: false)
-  end
-end
diff --git a/spec/features/projects/commits/user_browses_commits_spec.rb b/spec/features/projects/commits/user_browses_commits_spec.rb
index b650c1f4197..35ed6620548 100644
--- a/spec/features/projects/commits/user_browses_commits_spec.rb
+++ b/spec/features/projects/commits/user_browses_commits_spec.rb
@@ -1,6 +1,8 @@
 require 'spec_helper'
 
 describe 'User browses commits' do
+  include RepoHelpers
+
   let(:user) { create(:user) }
   let(:project) { create(:project, :repository, namespace: user.namespace) }
 
@@ -9,13 +11,68 @@ describe 'User browses commits' do
     sign_in(user)
   end
 
+  it 'renders commit' do
+    visit project_commit_path(project, sample_commit.id)
+
+    expect(page).to have_content(sample_commit.message)
+      .and have_content("Showing #{sample_commit.files_changed_count} changed files")
+      .and have_content('Side-by-side')
+  end
+
+  it 'fill commit sha when click new tag from commit page' do
+    visit project_commit_path(project, sample_commit.id)
+    click_link 'Tag'
+
+    expect(page).to have_selector("input[value='#{sample_commit.id}']", visible: false)
+  end
+
+  it 'renders inline diff button when click side-by-side diff button' do
+    visit project_commit_path(project, sample_commit.id)
+    find('#parallel-diff-btn').click
+
+    expect(page).to have_content 'Inline'
+  end
+
+  it 'renders breadcrumbs on specific commit path' do
+    visit project_commits_path(project, project.repository.root_ref + '/files/ruby/regex.rb', limit: 5)
+
+    expect(page).to have_selector('ul.breadcrumb')
+      .and have_selector('ul.breadcrumb a', count: 4)
+  end
+
+  it 'renders diff links to both the previous and current image' do
+    visit project_commit_path(project, sample_image_commit.id)
+
+    links = page.all('.file-actions a')
+    expect(links[0]['href']).to match %r{blob/#{sample_image_commit.old_blob_id}}
+    expect(links[1]['href']).to match %r{blob/#{sample_image_commit.new_blob_id}}
+  end
+
+  context 'when commit has ci status' do
+    let(:pipeline) { create(:ci_pipeline, project: project, sha: sample_commit.id) }
+
+    before do
+      project.enable_ci
+
+      create(:ci_build, pipeline: pipeline)
+
+      allow_any_instance_of(Ci::Pipeline).to receive(:ci_yaml_file).and_return('')
+    end
+
+    it 'renders commit ci info' do
+      visit project_commit_path(project, sample_commit.id)
+
+      expect(page).to have_content "Pipeline ##{pipeline.id} pending"
+    end
+  end
+
   context 'primary email' do
     it 'finds a commit by a primary email' do
       user = create(:user, email: 'dmitriy.zaporozhets@gmail.com')
 
-      visit(project_commit_path(project, RepoHelpers.sample_commit.id))
+      visit(project_commit_path(project, sample_commit.id))
 
-      check_author_link(RepoHelpers.sample_commit.author_email, user)
+      check_author_link(sample_commit.author_email, user)
     end
   end
 
@@ -26,9 +83,9 @@ describe 'User browses commits' do
           create(:email, { user: user, email: 'dmitriy.zaporozhets@gmail.com' })
         end
 
-      visit(project_commit_path(project, RepoHelpers.sample_commit.parent_id))
+      visit(project_commit_path(project, sample_commit.parent_id))
 
-      check_author_link(RepoHelpers.sample_commit.author_email, user)
+      check_author_link(sample_commit.author_email, user)
     end
   end
 
@@ -44,6 +101,135 @@ describe 'User browses commits' do
       expect(find('.diff-file-changes', visible: false)).to have_content('No file name available')
     end
   end
+
+  describe 'commits list' do
+    let(:visit_commits_page) do
+      visit project_commits_path(project, project.repository.root_ref, limit: 5)
+    end
+
+    it 'searches commit', :js do
+      visit_commits_page
+      fill_in 'commits-search', with: 'submodules'
+
+      expect(page).to have_content 'More submodules'
+      expect(page).not_to have_content 'Change some files'
+    end
+
+    it 'renders commits atom feed' do
+      visit_commits_page
+      click_link('Commits feed')
+
+      commit = project.repository.commit
+
+      expect(response_headers['Content-Type']).to have_content("application/atom+xml")
+      expect(body).to have_selector('title', text: "#{project.name}:master commits")
+        .and have_selector('author email', text: commit.author_email)
+        .and have_selector('entry summary', text: commit.description[0..10].delete("\r\n"))
+    end
+
+    context 'master branch' do
+      before do
+        visit_commits_page
+      end
+
+      it 'renders project commits' do
+        commit = project.repository.commit
+
+        expect(page).to have_content(project.name)
+          .and have_content(commit.message[0..20])
+          .and have_content(commit.short_id)
+      end
+
+      it 'does not render create merge request button' do
+        expect(page).not_to have_link 'Create merge request'
+      end
+
+      context 'when click the compare tab' do
+        before do
+          click_link('Compare')
+        end
+
+        it 'does not render create merge request button' do
+          expect(page).not_to have_link 'Create merge request'
+        end
+      end
+    end
+
+    context 'feature branch' do
+      let(:visit_commits_page) do
+        visit project_commits_path(project, 'feature')
+      end
+
+      context 'when project does not have open merge requests' do
+        before do
+          visit_commits_page
+        end
+
+        it 'renders project commits' do
+          commit = project.repository.commit('0b4bc9a')
+
+          expect(page).to have_content(project.name)
+            .and have_content(commit.message[0..12])
+            .and have_content(commit.short_id)
+        end
+
+        it 'renders create merge request button' do
+          expect(page).to have_link 'Create merge request'
+        end
+
+        context 'when click the compare tab' do
+          before do
+            click_link('Compare')
+          end
+
+          it 'renders create merge request button' do
+            expect(page).to have_link 'Create merge request'
+          end
+        end
+      end
+
+      context 'when project have open merge request' do
+        let!(:merge_request) do
+          create(
+            :merge_request,
+            title: 'Feature',
+            source_project: project,
+            source_branch: 'feature',
+            target_branch: 'master',
+            author: project.users.first
+          )
+        end
+
+        before do
+          visit_commits_page
+        end
+
+        it 'renders project commits' do
+          commit = project.repository.commit('0b4bc9a')
+
+          expect(page).to have_content(project.name)
+            .and have_content(commit.message[0..12])
+            .and have_content(commit.short_id)
+        end
+
+        it 'renders button to the merge request' do
+          expect(page).not_to have_link 'Create merge request'
+          expect(page).to have_link 'View open merge request', href: project_merge_request_path(project, merge_request)
+        end
+
+        context 'when click the compare tab' do
+          before do
+            click_link('Compare')
+          end
+
+          it 'renders button to the merge request' do
+            expect(page).not_to have_link 'Create merge request'
+            expect(page).to have_link 'View open merge request', href: project_merge_request_path(project, merge_request)
+          end
+        end
+      end
+    end
+  end
 end
 
 private
diff --git a/spec/features/projects/compare_spec.rb b/spec/features/projects/compare_spec.rb
index 1fb22fd0e4c..7e863d9df32 100644
--- a/spec/features/projects/compare_spec.rb
+++ b/spec/features/projects/compare_spec.rb
@@ -7,16 +7,19 @@ describe "Compare", :js do
   before do
     project.add_master(user)
     sign_in user
-    visit project_compare_index_path(project, from: "master", to: "master")
   end
 
   describe "branches" do
     it "pre-populates fields" do
+      visit project_compare_index_path(project, from: "master", to: "master")
+
       expect(find(".js-compare-from-dropdown .dropdown-toggle-text")).to have_content("master")
       expect(find(".js-compare-to-dropdown .dropdown-toggle-text")).to have_content("master")
     end
 
     it "compares branches" do
+      visit project_compare_index_path(project, from: "master", to: "master")
+
       select_using_dropdown "from", "feature"
       expect(find(".js-compare-from-dropdown .dropdown-toggle-text")).to have_content("feature")
 
@@ -26,9 +29,58 @@ describe "Compare", :js do
       click_button "Compare"
 
       expect(page).to have_content "Commits"
+      expect(page).to have_link 'Create merge request'
+    end
+
+    it 'renders additions info when click unfold diff' do
+      visit project_compare_index_path(project)
+
+      select_using_dropdown('from', RepoHelpers.sample_commit.parent_id, commit: true)
+      select_using_dropdown('to', RepoHelpers.sample_commit.id, commit: true)
+
+      click_button 'Compare'
+      expect(page).to have_content 'Commits (1)'
+      expect(page).to have_content "Showing 2 changed files"
+
+      diff = first('.js-unfold')
+      diff.click
+      wait_for_requests
+
+      page.within diff.query_scope do
+        expect(first('.new_line').text).not_to have_content "..."
+      end
+    end
+
+    context 'when project have an open merge request' do
+      let!(:merge_request) do
+        create(
+          :merge_request,
+          title: 'Feature',
+          source_project: project,
+          source_branch: 'feature',
+          target_branch: 'master',
+          author: project.users.first
+        )
+      end
+
+      it 'compares branches' do
+        visit project_compare_index_path(project)
+
+        select_using_dropdown('from', 'master')
+        select_using_dropdown('to', 'feature')
+
+        click_button 'Compare'
+
+        expect(page).to have_content 'Commits (1)'
+        expect(page).to have_content 'Showing 1 changed file with 5 additions and 0 deletions'
+        expect(page).to have_link 'View open merge request', href: project_merge_request_path(project, merge_request)
+        expect(page).not_to have_link 'Create merge request'
+      end
     end
 
     it "filters branches" do
+      visit project_compare_index_path(project, from: "master", to: "master")
+
       select_using_dropdown("from", "wip")
 
       find(".js-compare-from-dropdown .compare-dropdown-toggle").click
@@ -39,6 +91,8 @@ describe "Compare", :js do
 
   describe "tags" do
     it "compares tags" do
+      visit project_compare_index_path(project, from: "master", to: "master")
+
       select_using_dropdown "from", "v1.0.0"
       expect(find(".js-compare-from-dropdown .dropdown-toggle-text")).to have_content("v1.0.0")
 
@@ -50,15 +104,20 @@ describe "Compare", :js do
     end
   end
 
-  def select_using_dropdown(dropdown_type, selection)
+  def select_using_dropdown(dropdown_type, selection, commit: false)
     dropdown = find(".js-compare-#{dropdown_type}-dropdown")
     dropdown.find(".compare-dropdown-toggle").click
     # find input before using to wait for the inputs visiblity
     dropdown.find('.dropdown-menu')
     dropdown.fill_in("Filter by Git revision", with: selection)
     wait_for_requests
-    # find before all to wait for the items visiblity
-    dropdown.find("a[data-ref=\"#{selection}\"]", match: :first)
-    dropdown.all("a[data-ref=\"#{selection}\"]").last.click
+
+    if commit
+      dropdown.find('input[type="search"]').send_keys(:return)
+    else
+      # find before all to wait for the items visiblity
+      dropdown.find("a[data-ref=\"#{selection}\"]", match: :first)
+      dropdown.all("a[data-ref=\"#{selection}\"]").last.click
+    end
   end
 end

From 4019c8c256eae72665a2e4b1ffc68891f41f448c Mon Sep 17 00:00:00 2001
From: Bob Van Landuyt <bob@vanlanduyt.co>
Date: Tue, 24 Apr 2018 11:19:58 +0200
Subject: [PATCH 110/129] Add `enforce_terms` to `application_settings`

Add a flag to applications settings to enforce users to accept terms
before using the GitLab instance
---
 ...24090541_add_enforce_terms_to_application_settings.rb | 9 +++++++++
 db/schema.rb                                             | 1 +
 2 files changed, 10 insertions(+)
 create mode 100644 db/migrate/20180424090541_add_enforce_terms_to_application_settings.rb

diff --git a/db/migrate/20180424090541_add_enforce_terms_to_application_settings.rb b/db/migrate/20180424090541_add_enforce_terms_to_application_settings.rb
new file mode 100644
index 00000000000..306cd737771
--- /dev/null
+++ b/db/migrate/20180424090541_add_enforce_terms_to_application_settings.rb
@@ -0,0 +1,9 @@
+class AddEnforceTermsToApplicationSettings < ActiveRecord::Migration
+  include Gitlab::Database::MigrationHelpers
+
+  DOWNTIME = false
+
+  def change
+    add_column :application_settings, :enforce_terms, :boolean, default: false
+  end
+end
diff --git a/db/schema.rb b/db/schema.rb
index a37e6edc8d1..3d85ffbfee0 100644
--- a/db/schema.rb
+++ b/db/schema.rb
@@ -158,6 +158,7 @@ ActiveRecord::Schema.define(version: 20180503150427) do
     t.string "auto_devops_domain"
     t.boolean "pages_domain_verification_enabled", default: true, null: false
     t.boolean "allow_local_requests_from_hooks_and_services", default: false, null: false
+    t.boolean "enforce_terms", default: false
   end
 
   create_table "audit_events", force: :cascade do |t|

From cf37bef287d7dd5d2dce3e2276489767b8c0671f Mon Sep 17 00:00:00 2001
From: Bob Van Landuyt <bob@vanlanduyt.co>
Date: Tue, 24 Apr 2018 11:37:41 +0200
Subject: [PATCH 111/129] Add `Term` model to keep track of terms

That way we can link a users acceptance of terms directly to a terms record.
---
 app/models/application_setting/term.rb        |  5 +++++
 .../application_settings/_terms.html.haml     | 22 +++++++++++++++++++
 ...134533_create_application_setting_terms.rb | 13 +++++++++++
 db/schema.rb                                  |  6 +++++
 4 files changed, 46 insertions(+)
 create mode 100644 app/models/application_setting/term.rb
 create mode 100644 app/views/admin/application_settings/_terms.html.haml
 create mode 100644 db/migrate/20180424134533_create_application_setting_terms.rb

diff --git a/app/models/application_setting/term.rb b/app/models/application_setting/term.rb
new file mode 100644
index 00000000000..1f3d20e2b75
--- /dev/null
+++ b/app/models/application_setting/term.rb
@@ -0,0 +1,5 @@
+class ApplicationSetting
+  class Term < ActiveRecord::Base
+    validates :terms, presence: true
+  end
+end
diff --git a/app/views/admin/application_settings/_terms.html.haml b/app/views/admin/application_settings/_terms.html.haml
new file mode 100644
index 00000000000..39a3fb147bd
--- /dev/null
+++ b/app/views/admin/application_settings/_terms.html.haml
@@ -0,0 +1,22 @@
+= form_for @application_setting, url: admin_application_settings_path, html: { class: 'form-horizontal fieldset-form' } do |f|
+  = form_errors(@application_setting)
+
+  %fieldset
+    .form-group
+      .col-sm-12
+        .checkbox
+          = f.label :enforce_terms do
+            = f.check_box :enforce_terms
+            = _("Require all users to accept Terms of Service when they access GitLab.")
+          .help-block
+            When enabled, users cannot use GitLab until the terms have been accepted.
+    .form-group
+      .col-sm-12
+        = f.label :terms do
+          = _("Terms of Service Agreement")
+      .col-sm-12
+        = f.text_area :terms, class: 'form-control', rows: 8
+        .help-block
+          Markdown enabled
+
+  = f.submit 'Save changes', class: "btn btn-success"
diff --git a/db/migrate/20180424134533_create_application_setting_terms.rb b/db/migrate/20180424134533_create_application_setting_terms.rb
new file mode 100644
index 00000000000..f29335cfc51
--- /dev/null
+++ b/db/migrate/20180424134533_create_application_setting_terms.rb
@@ -0,0 +1,13 @@
+class CreateApplicationSettingTerms < ActiveRecord::Migration
+  include Gitlab::Database::MigrationHelpers
+
+  DOWNTIME = false
+
+  def change
+    create_table :application_setting_terms do |t|
+      t.integer :cached_markdown_version
+      t.text :terms, null: false
+      t.text :terms_html
+    end
+  end
+end
diff --git a/db/schema.rb b/db/schema.rb
index 3d85ffbfee0..18c15dcd22f 100644
--- a/db/schema.rb
+++ b/db/schema.rb
@@ -40,6 +40,12 @@ ActiveRecord::Schema.define(version: 20180503150427) do
     t.text "new_project_guidelines_html"
   end
 
+  create_table "application_setting_terms", force: :cascade do |t|
+    t.integer "cached_markdown_version"
+    t.text "terms", null: false
+    t.text "terms_html"
+  end
+
   create_table "application_settings", force: :cascade do |t|
     t.integer "default_projects_limit"
     t.boolean "signup_enabled"

From 3d6d0a09b65f032bbe1bd5ad4736dd764195bbe1 Mon Sep 17 00:00:00 2001
From: Bob Van Landuyt <bob@vanlanduyt.co>
Date: Tue, 24 Apr 2018 18:28:04 +0200
Subject: [PATCH 112/129] Store application wide terms

This allows admins to define terms in the application settings.

Every time the terms are adjusted, a new version is stored and becomes
the 'active' version. This allows tracking which specific version was
accepted by a user.
---
 app/helpers/application_settings_helper.rb    |  4 +-
 app/models/application_setting.rb             | 19 +++++++
 app/models/application_setting/term.rb        |  8 +++
 .../application_settings/update_service.rb    | 15 +++++
 .../application_settings/_terms.html.haml     |  6 +-
 .../admin/application_settings/show.html.haml | 11 ++++
 doc/api/settings.md                           |  6 ++
 spec/factories/terms.rb                       |  5 ++
 spec/features/admin/admin_settings_spec.rb    | 12 ++++
 spec/models/application_setting/term_spec.rb  | 15 +++++
 spec/models/application_setting_spec.rb       | 15 +++++
 spec/requests/api/settings_spec.rb            |  6 +-
 .../update_service_spec.rb                    | 57 +++++++++++++++++++
 13 files changed, 174 insertions(+), 5 deletions(-)
 create mode 100644 spec/factories/terms.rb
 create mode 100644 spec/models/application_setting/term_spec.rb
 create mode 100644 spec/services/application_settings/update_service_spec.rb

diff --git a/app/helpers/application_settings_helper.rb b/app/helpers/application_settings_helper.rb
index 3fbb32c5229..1bf98d550b0 100644
--- a/app/helpers/application_settings_helper.rb
+++ b/app/helpers/application_settings_helper.rb
@@ -248,7 +248,9 @@ module ApplicationSettingsHelper
       :user_default_external,
       :user_oauth_applications,
       :version_check_enabled,
-      :allow_local_requests_from_hooks_and_services
+      :allow_local_requests_from_hooks_and_services,
+      :enforce_terms,
+      :terms
     ]
   end
 end
diff --git a/app/models/application_setting.rb b/app/models/application_setting.rb
index 862933bf127..a734cc7a26b 100644
--- a/app/models/application_setting.rb
+++ b/app/models/application_setting.rb
@@ -220,12 +220,15 @@ class ApplicationSetting < ActiveRecord::Base
     end
   end
 
+  validate :terms_exist, if: :enforce_terms?
+
   before_validation :ensure_uuid!
 
   before_save :ensure_runners_registration_token
   before_save :ensure_health_check_access_token
 
   after_commit do
+    reset_memoized_terms
     Rails.cache.write(CACHE_KEY, self)
   end
 
@@ -507,6 +510,16 @@ class ApplicationSetting < ActiveRecord::Base
     password_authentication_enabled_for_web? || password_authentication_enabled_for_git?
   end
 
+  delegate :terms, to: :latest_terms, allow_nil: true
+  def latest_terms
+    @latest_terms ||= Term.latest
+  end
+
+  def reset_memoized_terms
+    @latest_terms = nil
+    latest_terms
+  end
+
   private
 
   def ensure_uuid!
@@ -520,4 +533,10 @@ class ApplicationSetting < ActiveRecord::Base
     errors.add(:repository_storages, "can't include: #{invalid.join(", ")}") unless
       invalid.empty?
   end
+
+  def terms_exist
+    return unless enforce_terms?
+
+    errors.add(:terms, "You need to set terms to be enforced") unless terms.present?
+  end
 end
diff --git a/app/models/application_setting/term.rb b/app/models/application_setting/term.rb
index 1f3d20e2b75..e8ce0ccbb71 100644
--- a/app/models/application_setting/term.rb
+++ b/app/models/application_setting/term.rb
@@ -1,5 +1,13 @@
 class ApplicationSetting
   class Term < ActiveRecord::Base
+    include CacheMarkdownField
+
     validates :terms, presence: true
+
+    cache_markdown_field :terms
+
+    def self.latest
+      order(:id).last
+    end
   end
 end
diff --git a/app/services/application_settings/update_service.rb b/app/services/application_settings/update_service.rb
index 61589a07250..d6d3a661dab 100644
--- a/app/services/application_settings/update_service.rb
+++ b/app/services/application_settings/update_service.rb
@@ -1,7 +1,22 @@
 module ApplicationSettings
   class UpdateService < ApplicationSettings::BaseService
     def execute
+      update_terms(@params.delete(:terms))
+
       @application_setting.update(@params)
     end
+
+    private
+
+    def update_terms(terms)
+      return unless terms.present?
+
+      # Avoid creating a new terms record if the text is exactly the same.
+      terms = terms.strip
+      return if terms == @application_setting.terms
+
+      ApplicationSetting::Term.create(terms: terms)
+      @application_setting.reset_memoized_terms
+    end
   end
 end
diff --git a/app/views/admin/application_settings/_terms.html.haml b/app/views/admin/application_settings/_terms.html.haml
index 39a3fb147bd..724246ab7e7 100644
--- a/app/views/admin/application_settings/_terms.html.haml
+++ b/app/views/admin/application_settings/_terms.html.haml
@@ -9,7 +9,7 @@
             = f.check_box :enforce_terms
             = _("Require all users to accept Terms of Service when they access GitLab.")
           .help-block
-            When enabled, users cannot use GitLab until the terms have been accepted.
+            = _("When enabled, users cannot use GitLab until the terms have been accepted.")
     .form-group
       .col-sm-12
         = f.label :terms do
@@ -17,6 +17,6 @@
       .col-sm-12
         = f.text_area :terms, class: 'form-control', rows: 8
         .help-block
-          Markdown enabled
+          = _("Markdown enabled")
 
-  = f.submit 'Save changes', class: "btn btn-success"
+  = f.submit _("Save changes"), class: "btn btn-success"
diff --git a/app/views/admin/application_settings/show.html.haml b/app/views/admin/application_settings/show.html.haml
index caaa93aa1e2..8cb5bba8f63 100644
--- a/app/views/admin/application_settings/show.html.haml
+++ b/app/views/admin/application_settings/show.html.haml
@@ -47,6 +47,17 @@
   .settings-content
     = render 'signin'
 
+%section.settings.as-terms.no-animate#js-terms-settings{ class: ('expanded' if expanded) }
+  .settings-header
+    %h4
+      = _('Terms of Service')
+    %button.btn.js-settings-toggle{ type: 'button' }
+      = expanded ? 'Collapse' : 'Expand'
+    %p
+      = _('Include a Terms of Service agreement that all users must accept.')
+  .settings-content
+    = render 'terms'
+
 %section.settings.as-help-page.no-animate#js-help-settings{ class: ('expanded' if expanded) }
   .settings-header
     %h4
diff --git a/doc/api/settings.md b/doc/api/settings.md
index 0b5b1f0c134..e06b1bfb6df 100644
--- a/doc/api/settings.md
+++ b/doc/api/settings.md
@@ -53,6 +53,8 @@ Example response:
    "dsa_key_restriction": 0,
    "ecdsa_key_restriction": 0,
    "ed25519_key_restriction": 0,
+   "enforce_terms": true,
+   "terms": "Hello world!",
 }
 ```
 
@@ -153,6 +155,8 @@ PUT /application/settings
 | `user_default_external`                  | boolean          | no                                            | Newly registered users will by default be external                                                                                                                                                                                                                                                                                                                                                                                                        |
 | `user_oauth_applications`                | boolean          | no                                            | Allow users to register any application to use GitLab as an OAuth provider                                                                                                                                                                                                                                                                                                                                                                                |
 | `version_check_enabled`                  | boolean          | no                                            | Let GitLab inform you when an update is available.                                                                                                                                                                                                                                                                                                                                                                                                        |
+| `enforce_terms`                          | boolean          | no                                            | Enforce application ToS to all users                                                                                                                                                                                                                                                                                                                                                                                                         |
+| `terms`                                  | text             | yes (if `enforce_terms` is true)              | Markdown content for the ToS                                                                                                                                                                                                                                                                                                                                                                                                                 |
 
 ```bash
 curl --request PUT --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" https://gitlab.example.com/api/v4/application/settings?signup_enabled=false&default_project_visibility=internal
@@ -195,5 +199,7 @@ Example response:
   "dsa_key_restriction": 0,
   "ecdsa_key_restriction": 0,
   "ed25519_key_restriction": 0,
+  "enforce_terms": true,
+  "terms": "Hello world!",
 }
 ```
diff --git a/spec/factories/terms.rb b/spec/factories/terms.rb
new file mode 100644
index 00000000000..5ffca365a5f
--- /dev/null
+++ b/spec/factories/terms.rb
@@ -0,0 +1,5 @@
+FactoryBot.define do
+  factory :term, class: ApplicationSetting::Term do
+    terms "Lorem ipsum dolor sit amet, consectetur adipiscing elit."
+  end
+end
diff --git a/spec/features/admin/admin_settings_spec.rb b/spec/features/admin/admin_settings_spec.rb
index 7853d2952ea..b74643bac55 100644
--- a/spec/features/admin/admin_settings_spec.rb
+++ b/spec/features/admin/admin_settings_spec.rb
@@ -85,6 +85,18 @@ feature 'Admin updates settings' do
     expect(page).to have_content "Application settings saved successfully"
   end
 
+  scenario 'Terms of Service' do
+    page.within('.as-terms') do
+      check 'Require all users to accept Terms of Service when they access GitLab.'
+      fill_in 'Terms of Service Agreement', with: 'Be nice!'
+      click_button 'Save changes'
+    end
+
+    expect(Gitlab::CurrentSettings.enforce_terms).to be(true)
+    expect(Gitlab::CurrentSettings.terms).to eq 'Be nice!'
+    expect(page).to have_content 'Application settings saved successfully'
+  end
+
   scenario 'Modify oauth providers' do
     expect(Gitlab::CurrentSettings.disabled_oauth_sign_in_sources).to be_empty
 
diff --git a/spec/models/application_setting/term_spec.rb b/spec/models/application_setting/term_spec.rb
new file mode 100644
index 00000000000..1eddf3c56ff
--- /dev/null
+++ b/spec/models/application_setting/term_spec.rb
@@ -0,0 +1,15 @@
+require 'spec_helper'
+
+describe ApplicationSetting::Term do
+  describe 'validations' do
+    it { is_expected.to validate_presence_of(:terms) }
+  end
+
+  describe '.latest' do
+    it 'finds the latest terms' do
+      terms = create(:term)
+
+      expect(described_class.latest).to eq(terms)
+    end
+  end
+end
diff --git a/spec/models/application_setting_spec.rb b/spec/models/application_setting_spec.rb
index ae2d34750a7..10d6109cae7 100644
--- a/spec/models/application_setting_spec.rb
+++ b/spec/models/application_setting_spec.rb
@@ -301,6 +301,21 @@ describe ApplicationSetting do
         expect(subject).to be_invalid
       end
     end
+
+    describe 'enforcing terms' do
+      it 'requires the terms to present when enforcing users to accept' do
+        subject.enforce_terms = true
+
+        expect(subject).to be_invalid
+      end
+
+      it 'is valid when terms are created' do
+        create(:term)
+        subject.enforce_terms = true
+
+        expect(subject).to be_valid
+      end
+    end
   end
 
   describe '.current' do
diff --git a/spec/requests/api/settings_spec.rb b/spec/requests/api/settings_spec.rb
index 015d4b9a491..8b22d1e72f3 100644
--- a/spec/requests/api/settings_spec.rb
+++ b/spec/requests/api/settings_spec.rb
@@ -54,7 +54,9 @@ describe API::Settings, 'Settings' do
           dsa_key_restriction: 2048,
           ecdsa_key_restriction: 384,
           ed25519_key_restriction: 256,
-          circuitbreaker_check_interval: 2
+          circuitbreaker_check_interval: 2,
+          enforce_terms: true,
+          terms: 'Hello world!'
 
         expect(response).to have_gitlab_http_status(200)
         expect(json_response['default_projects_limit']).to eq(3)
@@ -76,6 +78,8 @@ describe API::Settings, 'Settings' do
         expect(json_response['ecdsa_key_restriction']).to eq(384)
         expect(json_response['ed25519_key_restriction']).to eq(256)
         expect(json_response['circuitbreaker_check_interval']).to eq(2)
+        expect(json_response['enforce_terms']).to be(true)
+        expect(json_response['terms']).to eq('Hello world!')
       end
     end
 
diff --git a/spec/services/application_settings/update_service_spec.rb b/spec/services/application_settings/update_service_spec.rb
new file mode 100644
index 00000000000..fb07ecc6ae8
--- /dev/null
+++ b/spec/services/application_settings/update_service_spec.rb
@@ -0,0 +1,57 @@
+require 'spec_helper'
+
+describe ApplicationSettings::UpdateService do
+  let(:application_settings) { Gitlab::CurrentSettings.current_application_settings }
+  let(:admin) { create(:user, :admin) }
+  let(:params) { {} }
+
+  subject { described_class.new(application_settings, admin, params) }
+
+  before do
+    # So the caching behaves like it would in production
+    stub_env('IN_MEMORY_APPLICATION_SETTINGS', 'false')
+  end
+
+  describe 'updating terms' do
+    context 'when the passed terms are blank' do
+      let(:params) { { terms: ''  } }
+
+      it 'does not create terms' do
+        expect { subject.execute }.not_to change { ApplicationSetting::Term.count }
+      end
+    end
+
+    context 'when passing terms' do
+      let(:params) { { terms: 'Be nice!  '  } }
+
+      it 'creates the terms' do
+        expect { subject.execute }.to change { ApplicationSetting::Term.count }.by(1)
+      end
+
+      it 'does not create terms if they are the same as the existing ones' do
+        create(:term, terms: 'Be nice!')
+
+        expect { subject.execute }.not_to change { ApplicationSetting::Term.count }
+      end
+
+      it 'updates terms if they already existed' do
+        create(:term, terms: 'Other terms')
+
+        subject.execute
+
+        expect(application_settings.terms).to eq('Be nice!')
+      end
+
+      it 'Only queries once when the terms are changed' do
+        create(:term, terms: 'Other terms')
+        expect(application_settings.terms).to eq('Other terms')
+
+        subject.execute
+
+        expect(application_settings.terms).to eq('Be nice!')
+        expect { 2.times { application_settings.terms } }
+          .not_to exceed_query_limit(0)
+      end
+    end
+  end
+end

From 82eeb72c8c03727540b902d40e7e657d0a5ecb4c Mon Sep 17 00:00:00 2001
From: Bob Van Landuyt <bob@vanlanduyt.co>
Date: Wed, 25 Apr 2018 10:55:53 +0200
Subject: [PATCH 113/129] Add model to track users accepting agreements

---
 app/models/term_agreement.rb                  |  6 ++++
 .../20180425075446_create_term_agreements.rb  | 28 +++++++++++++++++++
 db/schema.rb                                  | 14 ++++++++++
 spec/models/term_agreement_spec.rb            |  8 ++++++
 4 files changed, 56 insertions(+)
 create mode 100644 app/models/term_agreement.rb
 create mode 100644 db/migrate/20180425075446_create_term_agreements.rb
 create mode 100644 spec/models/term_agreement_spec.rb

diff --git a/app/models/term_agreement.rb b/app/models/term_agreement.rb
new file mode 100644
index 00000000000..8458a231bbd
--- /dev/null
+++ b/app/models/term_agreement.rb
@@ -0,0 +1,6 @@
+class TermAgreement < ActiveRecord::Base
+  belongs_to :term, class_name: 'ApplicationSetting::Term'
+  belongs_to :user
+
+  validates :user, :term, presence: true
+end
diff --git a/db/migrate/20180425075446_create_term_agreements.rb b/db/migrate/20180425075446_create_term_agreements.rb
new file mode 100644
index 00000000000..22a9d7b574d
--- /dev/null
+++ b/db/migrate/20180425075446_create_term_agreements.rb
@@ -0,0 +1,28 @@
+class CreateTermAgreements < ActiveRecord::Migration
+  include Gitlab::Database::MigrationHelpers
+
+  DOWNTIME = false
+
+  disable_ddl_transaction!
+
+  def up
+    create_table :term_agreements do |t|
+      t.references :term, index: true, null: false
+      t.foreign_key :application_setting_terms, column: :term_id
+      t.references :user, index: true, null: false, foreign_key: { on_delete: :cascade }
+      t.boolean :accepted, default: false, null: false
+
+      t.timestamps_with_timezone null: false
+    end
+
+    add_index :term_agreements, [:user_id, :term_id],
+              unique: true,
+              name: 'term_agreements_unique_index'
+  end
+
+  def down
+    remove_index :term_agreements, name: 'term_agreements_unique_index'
+
+    drop_table :term_agreements
+  end
+end
diff --git a/db/schema.rb b/db/schema.rb
index 18c15dcd22f..ef090da5438 100644
--- a/db/schema.rb
+++ b/db/schema.rb
@@ -1824,6 +1824,18 @@ ActiveRecord::Schema.define(version: 20180503150427) do
 
   add_index "tags", ["name"], name: "index_tags_on_name", unique: true, using: :btree
 
+  create_table "term_agreements", force: :cascade do |t|
+    t.integer "term_id", null: false
+    t.integer "user_id", null: false
+    t.boolean "accepted", default: false, null: false
+    t.datetime_with_timezone "created_at", null: false
+    t.datetime_with_timezone "updated_at", null: false
+  end
+
+  add_index "term_agreements", ["term_id"], name: "index_term_agreements_on_term_id", using: :btree
+  add_index "term_agreements", ["user_id", "term_id"], name: "term_agreements_unique_index", unique: true, using: :btree
+  add_index "term_agreements", ["user_id"], name: "index_term_agreements_on_user_id", using: :btree
+
   create_table "timelogs", force: :cascade do |t|
     t.integer "time_spent", null: false
     t.integer "user_id"
@@ -2212,6 +2224,8 @@ ActiveRecord::Schema.define(version: 20180503150427) do
   add_foreign_key "snippets", "projects", name: "fk_be41fd4bb7", on_delete: :cascade
   add_foreign_key "subscriptions", "projects", on_delete: :cascade
   add_foreign_key "system_note_metadata", "notes", name: "fk_d83a918cb1", on_delete: :cascade
+  add_foreign_key "term_agreements", "application_setting_terms", column: "term_id"
+  add_foreign_key "term_agreements", "users", on_delete: :cascade
   add_foreign_key "timelogs", "issues", name: "fk_timelogs_issues_issue_id", on_delete: :cascade
   add_foreign_key "timelogs", "merge_requests", name: "fk_timelogs_merge_requests_merge_request_id", on_delete: :cascade
   add_foreign_key "todos", "notes", name: "fk_91d1f47b13", on_delete: :cascade
diff --git a/spec/models/term_agreement_spec.rb b/spec/models/term_agreement_spec.rb
new file mode 100644
index 00000000000..a59bf119692
--- /dev/null
+++ b/spec/models/term_agreement_spec.rb
@@ -0,0 +1,8 @@
+require 'spec_helper'
+
+describe TermAgreement do
+  describe 'validations' do
+    it { is_expected.to validate_presence_of(:term) }
+    it { is_expected.to validate_presence_of(:user) }
+  end
+end

From 17b25bd263edaae70d5dae5fb035f5c28f9bb0cd Mon Sep 17 00:00:00 2001
From: Bob Van Landuyt <bob@vanlanduyt.co>
Date: Wed, 25 Apr 2018 16:54:26 +0200
Subject: [PATCH 114/129] Make the user dropdown reusable

We will reuse the the dropdown, but exclude some menu items based on
permissions.

So moving the menu to a partial, and adding checks for each menu item here.
---
 app/helpers/users_helper.rb                   | 22 ++++++++++++++++
 app/policies/user_policy.rb                   |  6 +++--
 .../header/_current_user_dropdown.html.haml   | 22 ++++++++++++++++
 app/views/layouts/header/_default.html.haml   | 17 +------------
 qa/qa/page/menu/main.rb                       |  7 ++++--
 spec/helpers/users_helper_spec.rb             | 25 +++++++++++++++++++
 spec/policies/user_policy_spec.rb             | 18 +++++++++----
 7 files changed, 92 insertions(+), 25 deletions(-)
 create mode 100644 app/views/layouts/header/_current_user_dropdown.html.haml

diff --git a/app/helpers/users_helper.rb b/app/helpers/users_helper.rb
index 01af68088df..517268175e6 100644
--- a/app/helpers/users_helper.rb
+++ b/app/helpers/users_helper.rb
@@ -23,9 +23,31 @@ module UsersHelper
     profile_tabs.include?(tab)
   end
 
+  def current_user_menu_items
+    @current_user_menu_items ||= get_current_user_menu_items
+  end
+
+  def current_user_menu?(item)
+    current_user_menu_items.include?(item)
+  end
+
   private
 
   def get_profile_tabs
     [:activity, :groups, :contributed, :projects, :snippets]
   end
+
+  def get_current_user_menu_items
+    items = [:help, :sign_out]
+
+    if can?(current_user, :read_user, current_user)
+      items << :profile
+    end
+
+    if can?(current_user, :update_user, current_user)
+      items << :settings
+    end
+
+    items
+  end
 end
diff --git a/app/policies/user_policy.rb b/app/policies/user_policy.rb
index 0905ddd9b38..ee219f0a0d0 100644
--- a/app/policies/user_policy.rb
+++ b/app/policies/user_policy.rb
@@ -8,6 +8,8 @@ class UserPolicy < BasePolicy
   rule { ~restricted_public_level }.enable :read_user
   rule { ~anonymous }.enable :read_user
 
-  rule { user_is_self | admin }.enable :destroy_user
-  rule { subject_ghost }.prevent :destroy_user
+  rule { ~subject_ghost & (user_is_self | admin) }.policy do
+    enable :destroy_user
+    enable :update_user
+  end
 end
diff --git a/app/views/layouts/header/_current_user_dropdown.html.haml b/app/views/layouts/header/_current_user_dropdown.html.haml
new file mode 100644
index 00000000000..24b6c490a5a
--- /dev/null
+++ b/app/views/layouts/header/_current_user_dropdown.html.haml
@@ -0,0 +1,22 @@
+- return unless current_user
+
+%ul
+  %li.current-user
+    .user-name.bold
+      = current_user.name
+    = current_user.to_reference
+  %li.divider
+  - if current_user_menu?(:profile)
+    %li
+      = link_to s_("CurrentUser|Profile"), current_user, class: 'profile-link', data: { user: current_user.username }
+  - if current_user_menu?(:settings)
+    %li
+      = link_to s_("CurrentUser|Settings"), profile_path
+  - if current_user_menu?(:help)
+    %li
+      = link_to _("Help"), help_path
+  - if current_user_menu?(:help) || current_user_menu?(:settings) || current_user_menu?(:profile)
+    %li.divider
+  - if current_user_menu?(:sign_out)
+    %li
+      = link_to _("Sign out"), destroy_user_session_path, class: "sign-out-link"
diff --git a/app/views/layouts/header/_default.html.haml b/app/views/layouts/header/_default.html.haml
index e6238c0dddb..dc121812406 100644
--- a/app/views/layouts/header/_default.html.haml
+++ b/app/views/layouts/header/_default.html.haml
@@ -53,22 +53,7 @@
                 = image_tag avatar_icon_for_user(current_user, 23), width: 23, height: 23, class: "header-user-avatar qa-user-avatar"
                 = sprite_icon('angle-down', css_class: 'caret-down')
               .dropdown-menu-nav.dropdown-menu-align-right
-                %ul
-                  %li.current-user
-                    .user-name.bold
-                      = current_user.name
-                    @#{current_user.username}
-                  %li.divider
-                  %li
-                    = link_to "Profile", current_user, class: 'profile-link', data: { user: current_user.username }
-                  %li
-                    = link_to "Settings", profile_path
-                  - if current_user
-                    %li
-                      = link_to "Help", help_path
-                  %li.divider
-                  %li
-                    = link_to "Sign out", destroy_user_session_path, class: "sign-out-link"
+                = render 'layouts/header/current_user_dropdown'
           - if header_link?(:admin_impersonation)
             %li.impersonation
               = link_to admin_impersonation_path, class: 'impersonation-btn', method: :delete, title: "Stop impersonation", aria: { label: 'Stop impersonation' }, data: { toggle: 'tooltip', placement: 'bottom', container: 'body' } do
diff --git a/qa/qa/page/menu/main.rb b/qa/qa/page/menu/main.rb
index df93a5fa2d2..d3562effaab 100644
--- a/qa/qa/page/menu/main.rb
+++ b/qa/qa/page/menu/main.rb
@@ -2,12 +2,15 @@ module QA
   module Page
     module Menu
       class Main < Page::Base
+        view 'app/views/layouts/header/_current_user_dropdown.html.haml' do
+          element :user_sign_out_link, 'link_to _("Sign out")'
+          element :settings_link, 'link_to s_("CurrentUser|Settings")'
+        end
+
         view 'app/views/layouts/header/_default.html.haml' do
           element :navbar
           element :user_avatar
           element :user_menu, '.dropdown-menu-nav'
-          element :user_sign_out_link, 'link_to "Sign out"'
-          element :settings_link, 'link_to "Settings"'
         end
 
         view 'app/views/layouts/nav/_dashboard.html.haml' do
diff --git a/spec/helpers/users_helper_spec.rb b/spec/helpers/users_helper_spec.rb
index 6332217b920..9f67277801f 100644
--- a/spec/helpers/users_helper_spec.rb
+++ b/spec/helpers/users_helper_spec.rb
@@ -27,4 +27,29 @@ describe UsersHelper do
       expect(tabs).to include(:activity, :groups, :contributed, :projects, :snippets)
     end
   end
+
+  describe '#current_user_menu_items' do
+    subject(:items) { helper.current_user_menu_items }
+
+    before do
+      allow(helper).to receive(:current_user).and_return(user)
+      allow(helper).to receive(:can?).and_return(false)
+    end
+
+    it 'includes all default items' do
+      expect(items).to include(:help, :sign_out)
+    end
+
+    it 'includes the profile tab if the user can read themself' do
+      expect(helper).to receive(:can?).with(user, :read_user, user) { true }
+
+      expect(items).to include(:profile)
+    end
+
+    it 'includes the settings tab if the user can update themself' do
+      expect(helper).to receive(:can?).with(user, :read_user, user) { true }
+
+      expect(items).to include(:profile)
+    end
+  end
 end
diff --git a/spec/policies/user_policy_spec.rb b/spec/policies/user_policy_spec.rb
index 6593a6ca3b9..a7a77abc3ee 100644
--- a/spec/policies/user_policy_spec.rb
+++ b/spec/policies/user_policy_spec.rb
@@ -10,28 +10,36 @@ describe UserPolicy do
     it { is_expected.to be_allowed(:read_user) }
   end
 
-  describe "destroying a user" do
+  shared_examples 'changing a user' do |ability|
     context "when a regular user tries to destroy another regular user" do
-      it { is_expected.not_to be_allowed(:destroy_user) }
+      it { is_expected.not_to be_allowed(ability) }
     end
 
     context "when a regular user tries to destroy themselves" do
       let(:current_user) { user }
 
-      it { is_expected.to be_allowed(:destroy_user) }
+      it { is_expected.to be_allowed(ability) }
     end
 
     context "when an admin user tries to destroy a regular user" do
       let(:current_user) { create(:user, :admin) }
 
-      it { is_expected.to be_allowed(:destroy_user) }
+      it { is_expected.to be_allowed(ability) }
     end
 
     context "when an admin user tries to destroy a ghost user" do
       let(:current_user) { create(:user, :admin) }
       let(:user) { create(:user, :ghost) }
 
-      it { is_expected.not_to be_allowed(:destroy_user) }
+      it { is_expected.not_to be_allowed(ability) }
     end
   end
+
+  describe "destroying a user" do
+    it_behaves_like 'changing a user', :destroy_user
+  end
+
+  describe "updating a user" do
+    it_behaves_like 'changing a user', :update_user
+  end
 end

From 3629dc338fbe6c351ce89a94caa4c238965ee33a Mon Sep 17 00:00:00 2001
From: Bob Van Landuyt <bob@vanlanduyt.co>
Date: Thu, 26 Apr 2018 13:28:24 +0200
Subject: [PATCH 115/129] Display terms to a user

When terms are present, they can be viewed on `/-/users/terms`.
---
 app/assets/stylesheets/framework.scss         |  1 +
 app/assets/stylesheets/framework/terms.scss   | 37 +++++++++++++++++++
 app/controllers/users/terms_controller.rb     | 19 ++++++++++
 app/views/layouts/terms.html.haml             | 30 +++++++++++++++
 app/views/users/terms/index.html.haml         |  2 +
 config/routes/user.rb                         |  7 ++++
 .../users/terms_controller_spec.rb            | 23 ++++++++++++
 spec/features/users/terms_spec.rb             | 16 ++++++++
 8 files changed, 135 insertions(+)
 create mode 100644 app/assets/stylesheets/framework/terms.scss
 create mode 100644 app/controllers/users/terms_controller.rb
 create mode 100644 app/views/layouts/terms.html.haml
 create mode 100644 app/views/users/terms/index.html.haml
 create mode 100644 spec/controllers/users/terms_controller_spec.rb
 create mode 100644 spec/features/users/terms_spec.rb

diff --git a/app/assets/stylesheets/framework.scss b/app/assets/stylesheets/framework.scss
index 360dcb6afef..9bd35183d8a 100644
--- a/app/assets/stylesheets/framework.scss
+++ b/app/assets/stylesheets/framework.scss
@@ -61,3 +61,4 @@
 @import 'framework/stacked_progress_bar';
 @import 'framework/ci_variable_list';
 @import 'framework/feature_highlight';
+@import 'framework/terms';
diff --git a/app/assets/stylesheets/framework/terms.scss b/app/assets/stylesheets/framework/terms.scss
new file mode 100644
index 00000000000..0e9bdba034c
--- /dev/null
+++ b/app/assets/stylesheets/framework/terms.scss
@@ -0,0 +1,37 @@
+.terms {
+  .panel {
+    .panel-heading {
+      display: -webkit-flex;
+      display: flex;
+      align-items: center;
+      justify-content: space-between;
+
+      .title {
+        display: -webkit-flex;
+        display: flex;
+        align-items: center;
+        padding: 2px 8px;
+        margin: 5px 2px 5px -8px;
+        border-radius: 4px;
+
+        .logo-text {
+          width: 55px;
+          height: 24px;
+          margin: 0 15px;
+        }
+      }
+
+      .navbar-collapse {
+        padding-right: 0;
+      }
+
+      .nav li a {
+        color: $theme-gray-700;
+      }
+    }
+
+    .panel-content {
+      padding: 0 $gl-padding;
+    }
+  }
+}
diff --git a/app/controllers/users/terms_controller.rb b/app/controllers/users/terms_controller.rb
new file mode 100644
index 00000000000..778e388ff5a
--- /dev/null
+++ b/app/controllers/users/terms_controller.rb
@@ -0,0 +1,19 @@
+module Users
+  class TermsController < ApplicationController
+    before_action :terms
+
+
+    layout 'terms'
+
+    def index
+    end
+
+    private
+
+    def terms
+      unless @terms = Gitlab::CurrentSettings.current_application_settings.latest_terms
+        redirect_to request.referer || root_path
+      end
+    end
+  end
+end
diff --git a/app/views/layouts/terms.html.haml b/app/views/layouts/terms.html.haml
new file mode 100644
index 00000000000..09c4567a362
--- /dev/null
+++ b/app/views/layouts/terms.html.haml
@@ -0,0 +1,30 @@
+!!! 5
+- @hide_breadcrumbs = true
+%html{ lang: I18n.locale, class: page_class }
+  = render "layouts/head"
+
+  %body{ class: "#{user_application_theme} #{@body_class}", data: { page: body_data_page } }
+    = render 'peek/bar'
+    .layout-page.terms
+      .content-wrapper
+        %div{ class: "#{(container_class unless @no_container)} #{@content_class}" }
+          .content{ id: "content-body" }
+            .panel.panel-default
+              .panel-heading
+                .title
+                  = brand_header_logo
+                  - logo_text = brand_header_logo_type
+                  - if logo_text.present?
+                    %span.logo-text.hidden-xs
+                      = logo_text
+                - if header_link?(:user_dropdown)
+                  .navbar-collapse.collapse
+                    %ul.nav.navbar-nav
+                      %li.header-user.dropdown
+                        = link_to current_user, class: user_dropdown_class, data: { toggle: "dropdown" } do
+                          = image_tag avatar_icon_for_user(current_user, 23), width: 23, height: 23, class: "header-user-avatar qa-user-avatar"
+                          = sprite_icon('angle-down', css_class: 'caret-down')
+                        .dropdown-menu-nav.dropdown-menu-align-right
+                          = render 'layouts/header/current_user_dropdown'
+              = yield
+    = yield :scripts_body
diff --git a/app/views/users/terms/index.html.haml b/app/views/users/terms/index.html.haml
new file mode 100644
index 00000000000..49fdab84069
--- /dev/null
+++ b/app/views/users/terms/index.html.haml
@@ -0,0 +1,2 @@
+.panel-content.rendered-terms
+  = markdown_field(@terms, :terms)
diff --git a/config/routes/user.rb b/config/routes/user.rb
index f8677693fab..bc7df5e7584 100644
--- a/config/routes/user.rb
+++ b/config/routes/user.rb
@@ -27,6 +27,13 @@ devise_scope :user do
   get '/users/almost_there' => 'confirmations#almost_there'
 end
 
+scope '-/users', module: :users do
+  resources :terms, only: [:index] do
+    post :accept, on: :member
+    post :decline, on: :member
+  end
+end
+
 scope(constraints: { username: Gitlab::PathRegex.root_namespace_route_regex }) do
   scope(path: 'users/:username',
         as: :user,
diff --git a/spec/controllers/users/terms_controller_spec.rb b/spec/controllers/users/terms_controller_spec.rb
new file mode 100644
index 00000000000..74d17748093
--- /dev/null
+++ b/spec/controllers/users/terms_controller_spec.rb
@@ -0,0 +1,23 @@
+require 'spec_helper'
+
+describe Users::TermsController do
+  let(:user) { create(:user) }
+
+  before do
+    sign_in user
+  end
+
+  describe 'GET #index' do
+    it 'redirects when no terms exist' do
+      get :index
+
+      expect(response).to have_gitlab_http_status(:redirect)
+    end
+
+    it 'shows terms when they exist' do
+      create(:term)
+
+      expect(response).to have_gitlab_http_status(:success)
+    end
+  end
+end
diff --git a/spec/features/users/terms_spec.rb b/spec/features/users/terms_spec.rb
new file mode 100644
index 00000000000..34e759bc56a
--- /dev/null
+++ b/spec/features/users/terms_spec.rb
@@ -0,0 +1,16 @@
+require 'spec_helper'
+
+describe 'Users > Terms' do
+  let(:user) { create(:user) }
+  let!(:term) { create(:term, terms: 'By accepting, you promise to be nice!') }
+
+  before do
+    sign_in(user)
+
+    visit terms_path
+  end
+
+  it 'shows the terms' do
+    expect(page).to have_content('By accepting, you promise to be nice!')
+  end
+end

From 65bea3f7d0bf30b5f9a9b3f94567474d3c8f7cbc Mon Sep 17 00:00:00 2001
From: Bob Van Landuyt <bob@vanlanduyt.co>
Date: Fri, 27 Apr 2018 14:44:23 +0200
Subject: [PATCH 116/129] Add `accepted_terms` to users

This will act as a cache, otherwise we would need to load the
`term_agreements` for a user on each request.

Using this field the result we're interested in is loaded when the
current user is loaded, without causing an extra query.
---
 ...180426102016_add_accepted_term_to_users.rb | 23 +++++++++++++++++++
 db/schema.rb                                  |  2 ++
 2 files changed, 25 insertions(+)
 create mode 100644 db/migrate/20180426102016_add_accepted_term_to_users.rb

diff --git a/db/migrate/20180426102016_add_accepted_term_to_users.rb b/db/migrate/20180426102016_add_accepted_term_to_users.rb
new file mode 100644
index 00000000000..3d446f66214
--- /dev/null
+++ b/db/migrate/20180426102016_add_accepted_term_to_users.rb
@@ -0,0 +1,23 @@
+# See http://doc.gitlab.com/ce/development/migration_style_guide.html
+# for more information on how to write migrations for GitLab.
+
+class AddAcceptedTermToUsers < ActiveRecord::Migration
+  include Gitlab::Database::MigrationHelpers
+
+  DOWNTIME = false
+
+  disable_ddl_transaction!
+
+  def up
+    change_table :users do |t|
+      t.references :accepted_term,
+                   null: true
+    end
+    add_concurrent_foreign_key :users, :application_setting_terms, column: :accepted_term_id
+  end
+
+  def down
+    remove_foreign_key :users, column: :accepted_term_id
+    remove_column :users, :accepted_term_id
+  end
+end
diff --git a/db/schema.rb b/db/schema.rb
index ef090da5438..277b14ef7ed 100644
--- a/db/schema.rb
+++ b/db/schema.rb
@@ -2024,6 +2024,7 @@ ActiveRecord::Schema.define(version: 20180503150427) do
     t.string "preferred_language"
     t.string "rss_token"
     t.integer "theme_id", limit: 2
+    t.integer "accepted_term_id"
   end
 
   add_index "users", ["admin"], name: "index_users_on_admin", using: :btree
@@ -2239,6 +2240,7 @@ ActiveRecord::Schema.define(version: 20180503150427) do
   add_foreign_key "user_interacted_projects", "projects", name: "fk_722ceba4f7", on_delete: :cascade
   add_foreign_key "user_interacted_projects", "users", name: "fk_0894651f08", on_delete: :cascade
   add_foreign_key "user_synced_attributes_metadata", "users", on_delete: :cascade
+  add_foreign_key "users", "application_setting_terms", column: "accepted_term_id", name: "fk_789cd90b35", on_delete: :cascade
   add_foreign_key "users_star_projects", "projects", name: "fk_22cd27ddfc", on_delete: :cascade
   add_foreign_key "web_hook_logs", "web_hooks", on_delete: :cascade
   add_foreign_key "web_hooks", "projects", name: "fk_0c8ca6d9d1", on_delete: :cascade

From 10aa55a770c2985c22c92d17b8a7ea90b0a09085 Mon Sep 17 00:00:00 2001
From: Bob Van Landuyt <bob@vanlanduyt.co>
Date: Fri, 27 Apr 2018 14:56:50 +0200
Subject: [PATCH 117/129] Allow a user to accept/decline terms

When a user accepts, we store this in the agreements to keep track of
which terms they accepted. We also update the flag on the user.
---
 app/assets/stylesheets/framework/terms.scss   |  8 +++
 app/controllers/users/terms_controller.rb     | 43 ++++++++++++++--
 app/helpers/users_helper.rb                   | 17 +++++--
 app/models/user.rb                            |  6 +++
 .../application_setting/term_policy.rb        | 30 +++++++++++
 .../users/respond_to_terms_service.rb         | 24 +++++++++
 app/views/layouts/terms.html.haml             | 11 +++-
 app/views/users/terms/index.html.haml         | 12 ++++-
 .../users/terms_controller_spec.rb            | 36 ++++++++++++-
 spec/factories/term_agreements.rb             |  6 +++
 spec/features/users/terms_spec.rb             | 27 +++++++++-
 spec/helpers/users_helper_spec.rb             | 12 +++++
 .../application_setting/term_policy_spec.rb   | 50 +++++++++++++++++++
 .../users/respond_to_terms_service_spec.rb    | 37 ++++++++++++++
 14 files changed, 307 insertions(+), 12 deletions(-)
 create mode 100644 app/policies/application_setting/term_policy.rb
 create mode 100644 app/services/users/respond_to_terms_service.rb
 create mode 100644 spec/factories/term_agreements.rb
 create mode 100644 spec/policies/application_setting/term_policy_spec.rb
 create mode 100644 spec/services/users/respond_to_terms_service_spec.rb

diff --git a/app/assets/stylesheets/framework/terms.scss b/app/assets/stylesheets/framework/terms.scss
index 0e9bdba034c..c73274540ac 100644
--- a/app/assets/stylesheets/framework/terms.scss
+++ b/app/assets/stylesheets/framework/terms.scss
@@ -33,5 +33,13 @@
     .panel-content {
       padding: 0 $gl-padding;
     }
+
+    .footer-block {
+      margin: 0;
+
+      .btn {
+        margin-left: 5px;
+      }
+    }
   }
 }
diff --git a/app/controllers/users/terms_controller.rb b/app/controllers/users/terms_controller.rb
index 778e388ff5a..32507bdb7b1 100644
--- a/app/controllers/users/terms_controller.rb
+++ b/app/controllers/users/terms_controller.rb
@@ -2,18 +2,55 @@ module Users
   class TermsController < ApplicationController
     before_action :terms
 
-
     layout 'terms'
 
     def index
+      @redirect = redirect_path
+    end
+
+    def accept
+      agreement = Users::RespondToTermsService.new(current_user, viewed_term)
+                    .execute(accepted: true)
+
+      if agreement.persisted?
+        redirect_to redirect_path
+      else
+        flash[:alert] = agreement.errors.full_messages.join(', ')
+        redirect_to terms_path, redirect: redirect_path
+      end
+    end
+
+    def decline
+      agreement = Users::RespondToTermsService.new(current_user, viewed_term)
+                    .execute(accepted: false)
+
+      if agreement.persisted?
+        sign_out(current_user)
+        redirect_to root_path
+      else
+        flash[:alert] = agreement.errors.full_messages.join(', ')
+        redirect_to terms_path, redirect: redirect_path
+      end
     end
 
     private
 
+    def viewed_term
+      @viewed_term ||= ApplicationSetting::Term.find(params[:id])
+    end
+
     def terms
-      unless @terms = Gitlab::CurrentSettings.current_application_settings.latest_terms
-        redirect_to request.referer || root_path
+      unless @term = Gitlab::CurrentSettings.current_application_settings.latest_terms
+        redirect_to redirect_path
       end
     end
+
+    def redirect_path
+      referer = if request.referer && !request.referer.include?(terms_path)
+                  URI(request.referer).path
+                end
+
+      params[:redirect] || referer || root_path
+    end
   end
 end
diff --git a/app/helpers/users_helper.rb b/app/helpers/users_helper.rb
index 517268175e6..e803cd3a8d8 100644
--- a/app/helpers/users_helper.rb
+++ b/app/helpers/users_helper.rb
@@ -38,13 +38,24 @@ module UsersHelper
   end
 
   def get_current_user_menu_items
-    items = [:help, :sign_out]
+    items = []
 
-    if can?(current_user, :read_user, current_user)
+    items << :sign_out if current_user
+
+    # TODO: Remove these conditions when the permissions are prevented in
+    # https://gitlab.com/gitlab-org/gitlab-ce/issues/45849
+    terms_not_enforced = !Gitlab::CurrentSettings
+                                .current_application_settings
+                                .enforce_terms?
+    required_terms_accepted = terms_not_enforced || current_user.terms_accepted?
+
+    items << :help if required_terms_accepted
+
+    if can?(current_user, :read_user, current_user) && required_terms_accepted
       items << :profile
     end
 
-    if can?(current_user, :update_user, current_user)
+    if can?(current_user, :update_user, current_user) && required_terms_accepted
       items << :settings
     end
 
diff --git a/app/models/user.rb b/app/models/user.rb
index 4a602ffbb05..a9cfd39f604 100644
--- a/app/models/user.rb
+++ b/app/models/user.rb
@@ -138,6 +138,8 @@ class User < ActiveRecord::Base
   has_many :custom_attributes, class_name: 'UserCustomAttribute'
   has_many :callouts, class_name: 'UserCallout'
   has_many :uploads, as: :model, dependent: :destroy # rubocop:disable Cop/ActiveRecordDependent
+  has_many :term_agreements
+  belongs_to :accepted_term, class_name: 'ApplicationSetting::Term'
 
   #
   # Validations
@@ -1187,6 +1189,10 @@ class User < ActiveRecord::Base
     max_member_access_for_group_ids([group_id])[group_id]
   end
 
+  def terms_accepted?
+    accepted_term_id.present?
+  end
+
   protected
 
   # override, from Devise::Validatable
diff --git a/app/policies/application_setting/term_policy.rb b/app/policies/application_setting/term_policy.rb
new file mode 100644
index 00000000000..648932ddba9
--- /dev/null
+++ b/app/policies/application_setting/term_policy.rb
@@ -0,0 +1,30 @@
+class ApplicationSetting
+  class TermPolicy < BasePolicy
+    include Gitlab::Utils::StrongMemoize
+
+    condition(:logged_in, scope: :user) { @user }
+
+    condition(:current_terms, scope: :subject) do
+      Gitlab::CurrentSettings.current_application_settings.latest_terms == @subject
+    end
+
+    condition(:terms_accepted, scope: :user, score: 1) do
+      agreement&.accepted
+    end
+
+    rule { logged_in & current_terms }.policy do
+      enable :accept_terms
+      enable :decline_terms
+    end
+
+    rule { terms_accepted }.prevent :accept_terms
+
+    def agreement
+      strong_memoize(:agreement) do
+        next nil if @user.nil? || @subject.nil?
+
+        @user.term_agreements.find_by(term: @subject)
+      end
+    end
+  end
+end
diff --git a/app/services/users/respond_to_terms_service.rb b/app/services/users/respond_to_terms_service.rb
new file mode 100644
index 00000000000..06d660186cf
--- /dev/null
+++ b/app/services/users/respond_to_terms_service.rb
@@ -0,0 +1,24 @@
+module Users
+  class RespondToTermsService
+    def initialize(user, term)
+      @user, @term = user, term
+    end
+
+    def execute(accepted:)
+      agreement = @user.term_agreements.find_or_initialize_by(term: @term)
+      agreement.accepted = accepted
+
+      if agreement.save
+        store_accepted_term(accepted)
+      end
+
+      agreement
+    end
+
+    private
+
+    def store_accepted_term(accepted)
+      @user.update_column(:accepted_term_id, accepted ? @term.id : nil)
+    end
+  end
+end
diff --git a/app/views/layouts/terms.html.haml b/app/views/layouts/terms.html.haml
index 09c4567a362..b04dbc595a5 100644
--- a/app/views/layouts/terms.html.haml
+++ b/app/views/layouts/terms.html.haml
@@ -3,11 +3,18 @@
 %html{ lang: I18n.locale, class: page_class }
   = render "layouts/head"
 
-  %body{ class: "#{user_application_theme} #{@body_class}", data: { page: body_data_page } }
+  %body{ data: { page: body_data_page } }
     = render 'peek/bar'
     .layout-page.terms
       .content-wrapper
-        %div{ class: "#{(container_class unless @no_container)} #{@content_class}" }
+        .mobile-overlay
+        .alert-wrapper
+          = render "layouts/broadcast"
+          = render 'layouts/header/read_only_banner'
+          = yield :flash_message
+          = render "layouts/flash"
+
+        %div{ class: "#{container_class}" }
           .content{ id: "content-body" }
             .panel.panel-default
               .panel-heading
diff --git a/app/views/users/terms/index.html.haml b/app/views/users/terms/index.html.haml
index 49fdab84069..614dab57331 100644
--- a/app/views/users/terms/index.html.haml
+++ b/app/views/users/terms/index.html.haml
@@ -1,2 +1,12 @@
+- redirect_params = { redirect: @redirect } if @redirect
 .panel-content.rendered-terms
-  = markdown_field(@terms, :terms)
+  = markdown_field(@term, :terms)
+.row-content-block.footer-block.clearfix
+  - if can?(current_user, :accept_terms, @term)
+    .pull-right
+      = button_to accept_term_path(@term, redirect_params), class: 'btn btn-success prepend-left-8' do
+        = _('Accept terms')
+  - if can?(current_user, :decline_terms, @term)
+    .pull-right
+      = button_to decline_term_path(@term, redirect_params), class: 'btn btn-default prepend-left-8' do
+        =  _('Decline and sign out')
diff --git a/spec/controllers/users/terms_controller_spec.rb b/spec/controllers/users/terms_controller_spec.rb
index 74d17748093..50e818a4520 100644
--- a/spec/controllers/users/terms_controller_spec.rb
+++ b/spec/controllers/users/terms_controller_spec.rb
@@ -2,6 +2,7 @@ require 'spec_helper'
 
 describe Users::TermsController do
   let(:user) { create(:user) }
+  let(:term) { create(:term) }
 
   before do
     sign_in user
@@ -15,9 +16,42 @@ describe Users::TermsController do
     end
 
     it 'shows terms when they exist' do
-      create(:term)
+      term
 
       expect(response).to have_gitlab_http_status(:success)
     end
   end
+
+  describe 'POST #accept' do
+    it 'saves that the user accepted the terms' do
+      post :accept, id: term.id
+
+      agreement = user.term_agreements.find_by(term: term)
+
+      expect(agreement.accepted).to eq(true)
+    end
+
+    it 'redirects to a path when specified' do
+      post :accept, id: term.id, redirect: groups_path
+
+      expect(response).to redirect_to(groups_path)
+    end
+  end
+
+  describe 'POST #decline' do
+    it 'stores that the user declined the terms' do
+      post :decline, id: term.id
+
+      agreement = user.term_agreements.find_by(term: term)
+
+      expect(agreement.accepted).to eq(false)
+    end
+
+    it 'signs out the user' do
+      post :decline, id: term.id
+
+      expect(response).to redirect_to(root_path)
+      expect(assigns(:current_user)).to be_nil
+    end
+  end
 end
diff --git a/spec/factories/term_agreements.rb b/spec/factories/term_agreements.rb
new file mode 100644
index 00000000000..557599e663d
--- /dev/null
+++ b/spec/factories/term_agreements.rb
@@ -0,0 +1,6 @@
+FactoryBot.define do
+  factory :term_agreement do
+    term
+    user
+  end
+end
diff --git a/spec/features/users/terms_spec.rb b/spec/features/users/terms_spec.rb
index 34e759bc56a..a33f0937fab 100644
--- a/spec/features/users/terms_spec.rb
+++ b/spec/features/users/terms_spec.rb
@@ -5,12 +5,35 @@ describe 'Users > Terms' do
   let!(:term) { create(:term, terms: 'By accepting, you promise to be nice!') }
 
   before do
+    stub_env('IN_MEMORY_APPLICATION_SETTINGS', 'false')
     sign_in(user)
-
-    visit terms_path
   end
 
   it 'shows the terms' do
+    visit terms_path
+
     expect(page).to have_content('By accepting, you promise to be nice!')
   end
+
+  context 'declining the terms' do
+    it 'returns the user to the app' do
+      visit terms_path
+
+      click_button 'Decline and sign out'
+
+      expect(page).not_to have_content(term.terms)
+      expect(user.reload.terms_accepted?).to be(false)
+    end
+  end
+
+  context 'accepting the terms' do
+    it 'returns the user to the app' do
+      visit terms_path
+
+      click_button 'Accept terms'
+
+      expect(page).not_to have_content(term.terms)
+      expect(user.reload.terms_accepted?).to be(true)
+    end
+  end
 end
diff --git a/spec/helpers/users_helper_spec.rb b/spec/helpers/users_helper_spec.rb
index 9f67277801f..b18c045848f 100644
--- a/spec/helpers/users_helper_spec.rb
+++ b/spec/helpers/users_helper_spec.rb
@@ -1,6 +1,8 @@
 require 'rails_helper'
 
 describe UsersHelper do
+  include TermsHelper
+
   let(:user) { create(:user) }
 
   describe '#user_link' do
@@ -51,5 +53,15 @@ describe UsersHelper do
 
       expect(items).to include(:profile)
     end
+
+    context 'when terms are enforced' do
+      before do
+        enforce_terms
+      end
+
+      it 'hides the profile and the settings tab' do
+        expect(items).not_to include(:settings, :profile, :help)
+      end
+    end
   end
 end
diff --git a/spec/policies/application_setting/term_policy_spec.rb b/spec/policies/application_setting/term_policy_spec.rb
new file mode 100644
index 00000000000..93b5ebf5f72
--- /dev/null
+++ b/spec/policies/application_setting/term_policy_spec.rb
@@ -0,0 +1,50 @@
+require 'spec_helper'
+
+describe ApplicationSetting::TermPolicy do
+  include TermsHelper
+
+  set(:term) { create(:term) }
+  let(:user) { create(:user) }
+
+  subject(:policy) { described_class.new(user, term) }
+
+  before do
+    stub_env('IN_MEMORY_APPLICATION_SETTINGS', 'false')
+  end
+
+  it 'has the correct permissions', :aggregate_failures do
+    is_expected.to be_allowed(:accept_terms)
+    is_expected.to be_allowed(:decline_terms)
+  end
+
+  context 'for anonymous users' do
+    let(:user) { nil }
+
+    it 'has the correct permissions', :aggregate_failures do
+      is_expected.to be_disallowed(:accept_terms)
+      is_expected.to be_disallowed(:decline_terms)
+    end
+  end
+
+  context 'when the terms are not current' do
+    before do
+      create(:term)
+    end
+
+    it 'has the correct permissions', :aggregate_failures do
+      is_expected.to be_disallowed(:accept_terms)
+      is_expected.to be_disallowed(:decline_terms)
+    end
+  end
+
+  context 'when the user already accepted the terms' do
+    before do
+      accept_terms(user)
+    end
+
+    it 'has the correct permissions', :aggregate_failures do
+      is_expected.to be_disallowed(:accept_terms)
+      is_expected.to be_allowed(:decline_terms)
+    end
+  end
+end
diff --git a/spec/services/users/respond_to_terms_service_spec.rb b/spec/services/users/respond_to_terms_service_spec.rb
new file mode 100644
index 00000000000..fb08dd10b87
--- /dev/null
+++ b/spec/services/users/respond_to_terms_service_spec.rb
@@ -0,0 +1,37 @@
+require 'spec_helper'
+
+describe Users::RespondToTermsService do
+  let(:user) { create(:user) }
+  let(:term) { create(:term) }
+
+  subject(:service) { described_class.new(user, term) }
+
+  describe '#execute' do
+    it 'creates a new agreement if it did not exist' do
+      expect { service.execute(accepted: true) }
+        .to change { user.term_agreements.size }.by(1)
+    end
+
+    it 'updates an agreement if it existed' do
+      agreement = create(:term_agreement, user: user, term: term, accepted: true)
+
+      service.execute(accepted: true)
+
+      expect(agreement.reload.accepted).to be_truthy
+    end
+
+    it 'adds the accepted terms to the user' do
+      service.execute(accepted: true)
+
+      expect(user.reload.accepted_term).to eq(term)
+    end
+
+    it 'removes accepted terms when declining' do
+      user.update!(accepted_term: term)
+
+      service.execute(accepted: false)
+
+      expect(user.reload.accepted_term).to be_nil
+    end
+  end
+end

From 7684217d6806408cd338260119364419260d1720 Mon Sep 17 00:00:00 2001
From: Bob Van Landuyt <bob@vanlanduyt.co>
Date: Fri, 27 Apr 2018 16:50:33 +0200
Subject: [PATCH 118/129] Enforces terms in the web application

This enforces the terms in the web application. These cases are
specced:

- Logging in: When terms are enforced, and a user logs in that has not
  accepted the terms, they are presented with the screen. They get
  directed to their customized root path afterwards.
- Signing up: After signing up, the first screen the user is presented
  with the screen to accept the terms. After they accept they are
  directed to the dashboard.
- While a session is active:
  - For a GET: The user will be directed to the terms page first,
    after they accept the terms, they will be directed to the page
    they were going to
  - For any other request: They are directed to the terms, after they
    accept the terms, they are directed back to the page they came
    from to retry the request. Any information entered would be
    persisted in localstorage and available on the page.
---
 app/assets/javascripts/issuable_form.js       |   2 +-
 app/assets/stylesheets/framework/terms.scss   |  30 ++-
 app/controllers/application_controller.rb     |  33 ++-
 app/controllers/concerns/internal_redirect.rb |  35 +++
 app/controllers/users/terms_controller.rb     |  18 +-
 .../application_setting/term_policy.rb        |   6 +-
 .../admin/application_settings/show.html.haml | 104 ++++----
 app/views/layouts/_flash.html.haml            |   4 +-
 app/views/layouts/terms.html.haml             |  13 +-
 app/views/users/terms/index.html.haml         |   1 +
 changelogs/unreleased/bvl-enforce-terms.yml   |   5 +
 doc/administration/index.md                   |   1 +
 .../admin_area/settings/img/enforce_terms.png | Bin 0 -> 51979 bytes
 .../settings/img/respond_to_terms.png         | Bin 0 -> 205994 bytes
 doc/user/admin_area/settings/terms.md         |  38 +++
 locale/gitlab.pot                             | 248 +++++++++++++++++-
 .../application_controller_spec.rb            |  63 +++++
 .../concerns/internal_redirect_spec.rb        |  66 +++++
 .../users/terms_controller_spec.rb            |  24 ++
 spec/features/admin/admin_settings_spec.rb    |   9 +-
 spec/features/users/login_spec.rb             |  39 +++
 spec/features/users/signup_spec.rb            |  25 ++
 spec/features/users/terms_spec.rb             |  45 ++++
 spec/policies/global_policy_spec.rb           |   2 +
 spec/support/helpers/terms_helper.rb          |  19 ++
 25 files changed, 736 insertions(+), 94 deletions(-)
 create mode 100644 app/controllers/concerns/internal_redirect.rb
 create mode 100644 changelogs/unreleased/bvl-enforce-terms.yml
 create mode 100755 doc/user/admin_area/settings/img/enforce_terms.png
 create mode 100755 doc/user/admin_area/settings/img/respond_to_terms.png
 create mode 100644 doc/user/admin_area/settings/terms.md
 create mode 100644 spec/controllers/concerns/internal_redirect_spec.rb
 create mode 100644 spec/support/helpers/terms_helper.rb

diff --git a/app/assets/javascripts/issuable_form.js b/app/assets/javascripts/issuable_form.js
index bb8b3d91e40..90d4e19e90b 100644
--- a/app/assets/javascripts/issuable_form.js
+++ b/app/assets/javascripts/issuable_form.js
@@ -30,7 +30,7 @@ export default class IssuableForm {
     }
 
     this.initAutosave();
-    this.form.on('submit', this.handleSubmit);
+    this.form.on('submit:success', this.handleSubmit);
     this.form.on('click', '.btn-cancel', this.resetAutosave);
     this.initWip();
 
diff --git a/app/assets/stylesheets/framework/terms.scss b/app/assets/stylesheets/framework/terms.scss
index c73274540ac..dadfaf1c3f9 100644
--- a/app/assets/stylesheets/framework/terms.scss
+++ b/app/assets/stylesheets/framework/terms.scss
@@ -1,4 +1,12 @@
 .terms {
+  .alert-wrapper {
+    min-height: $header-height + $gl-padding;
+  }
+
+  .content {
+    padding-top: $gl-padding;
+  }
+
   .panel {
     .panel-heading {
       display: -webkit-flex;
@@ -7,17 +15,15 @@
       justify-content: space-between;
 
       .title {
-        display: -webkit-flex;
         display: flex;
         align-items: center;
-        padding: 2px 8px;
-        margin: 5px 2px 5px -8px;
-        border-radius: 4px;
 
         .logo-text {
           width: 55px;
           height: 24px;
-          margin: 0 15px;
+          display: flex;
+          flex-direction: column;
+          justify-content: center;
         }
       }
 
@@ -31,15 +37,19 @@
     }
 
     .panel-content {
-      padding: 0 $gl-padding;
+      padding: $gl-padding;
+
+      *:first-child {
+        margin-top: 0;
+      }
+
+      *:last-child {
+        margin-bottom: 0;
+      }
     }
 
     .footer-block {
       margin: 0;
-
-      .btn {
-        margin-left: 5px;
-      }
     }
   }
 }
diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb
index 8ad13a82f89..2caffec66ac 100644
--- a/app/controllers/application_controller.rb
+++ b/app/controllers/application_controller.rb
@@ -13,12 +13,14 @@ class ApplicationController < ActionController::Base
 
   before_action :authenticate_sessionless_user!
   before_action :authenticate_user!
+  before_action :enforce_terms!, if: -> { Gitlab::CurrentSettings.current_application_settings.enforce_terms },
+                                 unless: :peek_request?
   before_action :validate_user_service_ticket!
   before_action :check_password_expiration
   before_action :ldap_security_check
   before_action :sentry_context
   before_action :default_headers
-  before_action :add_gon_variables, unless: -> { request.path.start_with?('/-/peek') }
+  before_action :add_gon_variables, unless: :peek_request?
   before_action :configure_permitted_parameters, if: :devise_controller?
   before_action :require_email, unless: :devise_controller?
 
@@ -269,6 +271,27 @@ class ApplicationController < ActionController::Base
     end
   end
 
+  def enforce_terms!
+    return unless current_user
+    return if current_user.terms_accepted?
+
+    if sessionless_user?
+      render_403
+    else
+      # Redirect to the destination if the request is a get.
+      # Redirect to the source if it was a post, so the user can re-submit after
+      # accepting the terms.
+      redirect_path = if request.get?
+                        request.fullpath
+                      else
+                        URI(request.referer).path if request.referer
+                      end
+
+      flash[:notice] = _("Please accept the Terms of Service before continuing.")
+      redirect_to terms_path(redirect: redirect_path), status: :found
+    end
+  end
+
   def import_sources_enabled?
     !Gitlab::CurrentSettings.import_sources.empty?
   end
@@ -342,4 +365,12 @@ class ApplicationController < ActionController::Base
     # Per https://tools.ietf.org/html/rfc5987, headers need to be ISO-8859-1, not UTF-8
     response.headers['Page-Title'] = URI.escape(page_title('GitLab'))
   end
+
+  def sessionless_user?
+    current_user && !session.keys.include?('warden.user.user.key')
+  end
+
+  def peek_request?
+    request.path.start_with?('/-/peek')
+  end
 end
diff --git a/app/controllers/concerns/internal_redirect.rb b/app/controllers/concerns/internal_redirect.rb
new file mode 100644
index 00000000000..7409b2e89a5
--- /dev/null
+++ b/app/controllers/concerns/internal_redirect.rb
@@ -0,0 +1,35 @@
+module InternalRedirect
+  extend ActiveSupport::Concern
+
+  def safe_redirect_path(path)
+    return unless path
+    # Verify that the string starts with a `/` but not a double `/`.
+    return unless path =~ %r{^/\w.*$}
+
+    uri = URI(path)
+    # Ignore anything path of the redirect except for the path, querystring and,
+    # fragment, forcing the redirect within the same host.
+    full_path_for_uri(uri)
+  rescue URI::InvalidURIError
+    nil
+  end
+
+  def safe_redirect_path_for_url(url)
+    return unless url
+
+    uri = URI(url)
+    safe_redirect_path(full_path_for_uri(uri)) if host_allowed?(uri)
+  rescue URI::InvalidURIError
+    nil
+  end
+
+  def host_allowed?(uri)
+    uri.host == request.host &&
+      uri.port == request.port
+  end
+
+  def full_path_for_uri(uri)
+    path_with_query = [uri.path, uri.query].compact.join('?')
+    [path_with_query, uri.fragment].compact.join("#")
+  end
+end
diff --git a/app/controllers/users/terms_controller.rb b/app/controllers/users/terms_controller.rb
index 32507bdb7b1..95c5c3432d5 100644
--- a/app/controllers/users/terms_controller.rb
+++ b/app/controllers/users/terms_controller.rb
@@ -1,5 +1,8 @@
 module Users
   class TermsController < ApplicationController
+    include InternalRedirect
+
+    skip_before_action :enforce_terms!
     before_action :terms
 
     layout 'terms'
@@ -46,11 +49,18 @@ module Users
     end
 
     def redirect_path
-      referer = if request.referer && !request.referer.include?(terms_path)
-                  URI(request.referer).path
-                end
+      redirect_to_path = safe_redirect_path(params[:redirect]) || safe_redirect_path_for_url(request.referer)
 
-      params[:redirect] || referer || root_path
+      if redirect_to_path &&
+          excluded_redirect_paths.none? { |excluded| redirect_to_path.include?(excluded) }
+        redirect_to_path
+      else
+        root_path
+      end
+    end
+
+    def excluded_redirect_paths
+      [terms_path, new_user_session_path]
     end
   end
 end
diff --git a/app/policies/application_setting/term_policy.rb b/app/policies/application_setting/term_policy.rb
index 648932ddba9..f03bf748c76 100644
--- a/app/policies/application_setting/term_policy.rb
+++ b/app/policies/application_setting/term_policy.rb
@@ -2,17 +2,15 @@ class ApplicationSetting
   class TermPolicy < BasePolicy
     include Gitlab::Utils::StrongMemoize
 
-    condition(:logged_in, scope: :user) { @user }
-
     condition(:current_terms, scope: :subject) do
       Gitlab::CurrentSettings.current_application_settings.latest_terms == @subject
     end
 
-    condition(:terms_accepted, scope: :user, score: 1) do
+    condition(:terms_accepted, score: 1) do
       agreement&.accepted
     end
 
-    rule { logged_in & current_terms }.policy do
+    rule { ~anonymous & current_terms }.policy do
       enable :accept_terms
       enable :decline_terms
     end
diff --git a/app/views/admin/application_settings/show.html.haml b/app/views/admin/application_settings/show.html.haml
index 8cb5bba8f63..3c00e3c8fc4 100644
--- a/app/views/admin/application_settings/show.html.haml
+++ b/app/views/admin/application_settings/show.html.haml
@@ -8,7 +8,7 @@
     %h4
       = _('Visibility and access controls')
     %button.btn.js-settings-toggle{ type: 'button' }
-      = expanded ? 'Collapse' : 'Expand'
+      = expanded ? _('Collapse') : _('Expand')
     %p
       = _('Set default and restrict visibility levels. Configure import sources and git access protocol.')
   .settings-content
@@ -19,7 +19,7 @@
     %h4
       = _('Account and limit settings')
     %button.btn.js-settings-toggle{ type: 'button' }
-      = expanded ? 'Collapse' : 'Expand'
+      = expanded ? _('Collapse') : _('Expand')
     %p
       = _('Session expiration, projects limit and attachment size.')
   .settings-content
@@ -30,7 +30,7 @@
     %h4
       = _('Sign-up restrictions')
     %button.btn.js-settings-toggle{ type: 'button' }
-      = expanded ? 'Collapse' : 'Expand'
+      = expanded ? _('Collapse') : _('Expand')
     %p
       = _('Configure the way a user creates a new account.')
   .settings-content
@@ -41,7 +41,7 @@
     %h4
       = _('Sign-in restrictions')
     %button.btn.js-settings-toggle{ type: 'button' }
-      = expanded ? 'Collapse' : 'Expand'
+      = expanded ? _('Collapse') : _('Expand')
     %p
       = _('Set requirements for a user to sign-in. Enable mandatory two-factor authentication.')
   .settings-content
@@ -51,8 +51,8 @@
   .settings-header
     %h4
       = _('Terms of Service')
-    %button.btn.js-settings-toggle{ type: 'button' }
-      = expanded ? 'Collapse' : 'Expand'
+    %button.btn.btn-default.js-settings-toggle{ type: 'button' }
+      = expanded ? _('Collapse') : _('Expand')
     %p
       = _('Include a Terms of Service agreement that all users must accept.')
   .settings-content
@@ -62,8 +62,8 @@
   .settings-header
     %h4
       = _('Help page')
-    %button.btn.js-settings-toggle{ type: 'button' }
-      = expanded ? 'Collapse' : 'Expand'
+    %button.btn.btn-default.js-settings-toggle{ type: 'button' }
+      = expanded ? _('Collapse') : _('Expand')
     %p
       = _('Help page text and support page url.')
   .settings-content
@@ -73,8 +73,8 @@
   .settings-header
     %h4
       = _('Pages')
-    %button.btn.js-settings-toggle{ type: 'button' }
-      = expanded ? 'Collapse' : 'Expand'
+    %button.btn.btn-default.js-settings-toggle{ type: 'button' }
+      = expanded ? _('Collapse') : _('Expand')
     %p
       = _('Size and domain settings for static websites')
   .settings-content
@@ -84,8 +84,8 @@
   .settings-header
     %h4
       = _('Continuous Integration and Deployment')
-    %button.btn.js-settings-toggle{ type: 'button' }
-      = expanded ? 'Collapse' : 'Expand'
+    %button.btn.btn-default.js-settings-toggle{ type: 'button' }
+      = expanded ? _('Collapse') : _('Expand')
     %p
       = _('Auto DevOps, runners and job artifacts')
   .settings-content
@@ -95,8 +95,8 @@
   .settings-header
     %h4
       = _('Metrics - Influx')
-    %button.btn.js-settings-toggle{ type: 'button' }
-      = expanded ? 'Collapse' : 'Expand'
+    %button.btn.btn-default.js-settings-toggle{ type: 'button' }
+      = expanded ? _('Collapse') : _('Expand')
     %p
       = _('Enable and configure InfluxDB metrics.')
   .settings-content
@@ -106,8 +106,8 @@
   .settings-header
     %h4
       = _('Metrics - Prometheus')
-    %button.btn.js-settings-toggle{ type: 'button' }
-      = expanded ? 'Collapse' : 'Expand'
+    %button.btn.btn-default.js-settings-toggle{ type: 'button' }
+      = expanded ? _('Collapse') : _('Expand')
     %p
       = _('Enable and configure Prometheus metrics.')
   .settings-content
@@ -117,8 +117,8 @@
   .settings-header
     %h4
       = _('Profiling - Performance bar')
-    %button.btn.js-settings-toggle{ type: 'button' }
-      = expanded ? 'Collapse' : 'Expand'
+    %button.btn.btn-default.js-settings-toggle{ type: 'button' }
+      = expanded ? _('Collapse') : _('Expand')
     %p
       = _('Enable the Performance Bar for a given group.')
       = link_to icon('question-circle'), help_page_path('administration/monitoring/performance/performance_bar')
@@ -129,8 +129,8 @@
   .settings-header
     %h4
       = _('Background jobs')
-    %button.btn.js-settings-toggle{ type: 'button' }
-      = expanded ? 'Collapse' : 'Expand'
+    %button.btn.btn-default.js-settings-toggle{ type: 'button' }
+      = expanded ? _('Collapse') : _('Expand')
     %p
       = _('Configure Sidekiq job throttling.')
   .settings-content
@@ -140,8 +140,8 @@
   .settings-header
     %h4
       = _('Spam and Anti-bot Protection')
-    %button.btn.js-settings-toggle{ type: 'button' }
-      = expanded ? 'Collapse' : 'Expand'
+    %button.btn.btn-default.js-settings-toggle{ type: 'button' }
+      = expanded ? _('Collapse') : _('Expand')
     %p
       = _('Enable reCAPTCHA or Akismet and set IP limits.')
   .settings-content
@@ -151,8 +151,8 @@
   .settings-header
     %h4
       = _('Abuse reports')
-    %button.btn.js-settings-toggle{ type: 'button' }
-      = expanded ? 'Collapse' : 'Expand'
+    %button.btn.btn-default.js-settings-toggle{ type: 'button' }
+      = expanded ? _('Collapse') : _('Expand')
     %p
       = _('Set notification email for abuse reports.')
   .settings-content
@@ -162,8 +162,8 @@
   .settings-header
     %h4
       = _('Error Reporting and Logging')
-    %button.btn.js-settings-toggle{ type: 'button' }
-      = expanded ? 'Collapse' : 'Expand'
+    %button.btn.btn-default.js-settings-toggle{ type: 'button' }
+      = expanded ? _('Collapse') : _('Expand')
     %p
       = _('Enable Sentry for error reporting and logging.')
   .settings-content
@@ -173,8 +173,8 @@
   .settings-header
     %h4
       = _('Repository storage')
-    %button.btn.js-settings-toggle{ type: 'button' }
-      = expanded ? 'Collapse' : 'Expand'
+    %button.btn.btn-default.js-settings-toggle{ type: 'button' }
+      = expanded ? _('Collapse') : _('Expand')
     %p
       = _('Configure storage path and circuit breaker settings.')
   .settings-content
@@ -184,8 +184,8 @@
   .settings-header
     %h4
       = _('Repository maintenance')
-    %button.btn.js-settings-toggle{ type: 'button' }
-      = expanded ? 'Collapse' : 'Expand'
+    %button.btn.btn-default.js-settings-toggle{ type: 'button' }
+      = expanded ? _('Collapse') : _('Expand')
     %p
       = _('Configure automatic git checks and housekeeping on repositories.')
   .settings-content
@@ -196,8 +196,8 @@
     .settings-header
       %h4
         = _('Container Registry')
-      %button.btn.js-settings-toggle{ type: 'button' }
-        = expanded ? 'Collapse' : 'Expand'
+      %button.btn.btn-default.js-settings-toggle{ type: 'button' }
+        = expanded ? _('Collapse') : _('Expand')
       %p
         = _('Various container registry settings.')
     .settings-content
@@ -208,8 +208,8 @@
     .settings-header
       %h4
         = _('Koding')
-      %button.btn.js-settings-toggle{ type: 'button' }
-        = expanded ? 'Collapse' : 'Expand'
+      %button.btn.btn-default.js-settings-toggle{ type: 'button' }
+        = expanded ? _('Collapse') : _('Expand')
       %p
         = _('Online IDE integration settings.')
     .settings-content
@@ -219,8 +219,8 @@
   .settings-header
     %h4
       = _('PlantUML')
-    %button.btn.js-settings-toggle{ type: 'button' }
-      = expanded ? 'Collapse' : 'Expand'
+    %button.btn.btn-default.js-settings-toggle{ type: 'button' }
+      = expanded ? _('Collapse') : _('Expand')
     %p
       = _('Allow rendering of PlantUML diagrams in Asciidoc documents.')
   .settings-content
@@ -230,8 +230,8 @@
   .settings-header#usage-statistics
     %h4
       = _('Usage statistics')
-    %button.btn.js-settings-toggle{ type: 'button' }
-      = expanded ? 'Collapse' : 'Expand'
+    %button.btn.btn-default.js-settings-toggle{ type: 'button' }
+      = expanded ? _('Collapse') : _('Expand')
     %p
       = _('Enable or disable version check and usage ping.')
   .settings-content
@@ -241,8 +241,8 @@
   .settings-header
     %h4
       = _('Email')
-    %button.btn.js-settings-toggle{ type: 'button' }
-      = expanded ? 'Collapse' : 'Expand'
+    %button.btn.btn-default.js-settings-toggle{ type: 'button' }
+      = expanded ? _('Collapse') : _('Expand')
     %p
       = _('Various email settings.')
   .settings-content
@@ -252,8 +252,8 @@
   .settings-header
     %h4
       = _('Gitaly')
-    %button.btn.js-settings-toggle{ type: 'button' }
-      = expanded ? 'Collapse' : 'Expand'
+    %button.btn.btn-default.js-settings-toggle{ type: 'button' }
+      = expanded ? _('Collapse') : _('Expand')
     %p
       = _('Configure Gitaly timeouts.')
   .settings-content
@@ -263,8 +263,8 @@
   .settings-header
     %h4
       = _('Web terminal')
-    %button.btn.js-settings-toggle{ type: 'button' }
-      = expanded ? 'Collapse' : 'Expand'
+    %button.btn.btn-default.js-settings-toggle{ type: 'button' }
+      = expanded ? _('Collapse') : _('Expand')
     %p
       = _('Set max session time for web terminal.')
   .settings-content
@@ -274,8 +274,8 @@
   .settings-header
     %h4
       = _('Real-time features')
-    %button.btn.js-settings-toggle{ type: 'button' }
-      = expanded ? 'Collapse' : 'Expand'
+    %button.btn.btn-default.js-settings-toggle{ type: 'button' }
+      = expanded ? _('Collapse') : _('Expand')
     %p
       = _('Change this value to influence how frequently the GitLab UI polls for updates.')
   .settings-content
@@ -285,8 +285,8 @@
   .settings-header
     %h4
       = _('Performance optimization')
-    %button.btn.js-settings-toggle{ type: 'button' }
-      = expanded ? 'Collapse' : 'Expand'
+    %button.btn.btn-default.js-settings-toggle{ type: 'button' }
+      = expanded ? _('Collapse') : _('Expand')
     %p
       = _('Various settings that affect GitLab performance.')
   .settings-content
@@ -296,8 +296,8 @@
   .settings-header
     %h4
       = _('User and IP Rate Limits')
-    %button.btn.js-settings-toggle{ type: 'button' }
-      = expanded ? 'Collapse' : 'Expand'
+    %button.btn.btn-default.js-settings-toggle{ type: 'button' }
+      = expanded ? _('Collapse') : _('Expand')
     %p
       = _('Configure limits for web and API requests.')
   .settings-content
@@ -307,8 +307,8 @@
   .settings-header
     %h4
       = _('Outbound requests')
-    %button.btn.js-settings-toggle{ type: 'button' }
-      = expanded ? 'Collapse' : 'Expand'
+    %button.btn.btn-default.js-settings-toggle{ type: 'button' }
+      = expanded ? _('Collapse') : _('Expand')
     %p
       = _('Allow requests to the local network from hooks and services.')
   .settings-content
diff --git a/app/views/layouts/_flash.html.haml b/app/views/layouts/_flash.html.haml
index 05ddd0ec733..8bd5708d490 100644
--- a/app/views/layouts/_flash.html.haml
+++ b/app/views/layouts/_flash.html.haml
@@ -1,8 +1,10 @@
+- extra_flash_class = local_assigns.fetch(:extra_flash_class, nil)
+
 .flash-container.flash-container-page
   -# We currently only support `alert`, `notice`, `success`
   - flash.each do |key, value|
     -# Don't show a flash message if the message is nil
     - if value
       %div{ class: "flash-#{key}" }
-        %div{ class: (container_class) }
+        %div{ class: "#{container_class} #{extra_flash_class}" }
           %span= value
diff --git a/app/views/layouts/terms.html.haml b/app/views/layouts/terms.html.haml
index b04dbc595a5..a30d6e2688c 100644
--- a/app/views/layouts/terms.html.haml
+++ b/app/views/layouts/terms.html.haml
@@ -4,17 +4,15 @@
   = render "layouts/head"
 
   %body{ data: { page: body_data_page } }
-    = render 'peek/bar'
-    .layout-page.terms
-      .content-wrapper
+    .layout-page.terms{ class: page_class }
+      .content-wrapper.prepend-top-0
         .mobile-overlay
         .alert-wrapper
           = render "layouts/broadcast"
           = render 'layouts/header/read_only_banner'
-          = yield :flash_message
-          = render "layouts/flash"
+          = render "layouts/flash", extra_flash_class: 'limit-container-width'
 
-        %div{ class: "#{container_class}" }
+        %div{ class: "#{container_class} limit-container-width" }
           .content{ id: "content-body" }
             .panel.panel-default
               .panel-heading
@@ -22,7 +20,7 @@
                   = brand_header_logo
                   - logo_text = brand_header_logo_type
                   - if logo_text.present?
-                    %span.logo-text.hidden-xs
+                    %span.logo-text.hidden-xs.prepend-left-8
                       = logo_text
                 - if header_link?(:user_dropdown)
                   .navbar-collapse.collapse
@@ -34,4 +32,3 @@
                         .dropdown-menu-nav.dropdown-menu-align-right
                           = render 'layouts/header/current_user_dropdown'
               = yield
-    = yield :scripts_body
diff --git a/app/views/users/terms/index.html.haml b/app/views/users/terms/index.html.haml
index 614dab57331..c5406696bdd 100644
--- a/app/views/users/terms/index.html.haml
+++ b/app/views/users/terms/index.html.haml
@@ -1,4 +1,5 @@
 - redirect_params = { redirect: @redirect } if @redirect
+
 .panel-content.rendered-terms
   = markdown_field(@term, :terms)
 .row-content-block.footer-block.clearfix
diff --git a/changelogs/unreleased/bvl-enforce-terms.yml b/changelogs/unreleased/bvl-enforce-terms.yml
new file mode 100644
index 00000000000..1bb1ecdf623
--- /dev/null
+++ b/changelogs/unreleased/bvl-enforce-terms.yml
@@ -0,0 +1,5 @@
+---
+title: Allow admins to enforce accepting Terms of Service on an instance
+merge_request: 18570
+author:
+type: added
diff --git a/doc/administration/index.md b/doc/administration/index.md
index b472ca5b4d8..5551a04959c 100644
--- a/doc/administration/index.md
+++ b/doc/administration/index.md
@@ -40,6 +40,7 @@ Learn how to install, configure, update, and maintain your GitLab instance.
 [source installations](../install/installation.md#installation-from-source).
 - [Environment variables](environment_variables.md): Supported environment variables that can be used to override their defaults values in order to configure GitLab.
 - [Plugins](plugins.md): With custom plugins, GitLab administrators can introduce custom integrations without modifying GitLab's source code.
+- [Enforcing Terms of Service](../user/admin_area/settings/terms.md)
 
 #### Customizing GitLab's appearance
 
diff --git a/doc/user/admin_area/settings/img/enforce_terms.png b/doc/user/admin_area/settings/img/enforce_terms.png
new file mode 100755
index 0000000000000000000000000000000000000000..e5f0a2683b57f4af25bdf42b41a6660526110568
GIT binary patch
literal 51979
zcmbTcWl&r}*EKo>0t9yp4#C~so#3t^$l&g7!8JI8yXypZ*TI6jy9IYH&+~q_>i&A`
ztJ^g-eQKuroV{1?wO60+j!;&VMn)h&0002UvN95?000~a0D#VhhyM6w&*YR50QmH(
z{9Rr0{r#PZi3w0GySKMzXJ_~R{_ybr&dg}|{`mK8t#In`J!SE>U6a^>jscJ$Orc(T
zP^vFlxVpZ+Zb;8~{{H^&-{r_hhxe<i*N^Xw=h;jqMr|99lEmq|_s4N2Ch?88_oc^o
zK-$MWZ5|#UB^a4%c3wkl?KUqTw~J)g^F3|tz26^Kobnc4AO8K(BzeBrdflm;TUf2~
zv_5!!udk~uE3bM#?tFjPKiFCWcy##D&_`0y9UPt<{;|TcXzRItFWP)&X7GA{KYIT+
zaNgnCYlTBERH9tB)7aYTZELr_v1ikJ^0R5TzN$QH<7I8{N}zHJ($z4RtxBR-`}FVZ
zb-r+BYVzOXL%kAN|3L5UNYuZxt(j=KbbjjLk%{T;OFO&p>+AdDtJ}WDvZ3Rb^R2(v
z%MFKvdG#}g{eQO}w}%fV>&Vqh3kwTRdLs5~be(dWnHd6))&@hs%Wpf)Zx=I%r`II9
zO}$&U0=Wz2HEqoFQ5L`I>POZxoourk2j<`3JL3&U_qJ_>>4s9ATF&1$W`}Z?o+c{X
z8-pzW3_?Ji%fHkq!EIxUBOP`vJ3@IA&87r1fz0y1Ix<G~O4P^(=O;)t12{#wM?G2Z
z_ST5>iw1%f0I|<mnOWcT5;vM-X@bV-M1srW+`F7OBFa0O%0hV!{UZcv{Ku|syi>hR
z71s{87(LrVdJgUWOnD|0+1aOoy_8bbDcs#XjAJ|I>f>BA=u@ws>bEabCQh5nayW}t
z=|nvZG_}R!C+J0z_Q3wprqXsPL(0CTRB~2;!S1D<NG2&gRqJ0B^Vh)<fr(!Bm81Mt
zCBqB#_JExE<-WqC^(HolQYF_s^*ZVLbT94PzLBD+TApt#J3GbBDlt<JFtv_=s^4Y2
zRQU0e+RFTKuBs(wJPPAcf%DmbrNu5UcBtGnfZz1oaXVlzwQ+w~uIkOkRr~uwThF3x
z%Few1*~Lkt4t15RV}oSnN`7pEctMXapsFHp%-$eA&_{^Y==AK2(^?Av7#fk45LNeB
zKJ5woAO|2I_q7bS?9+cP|Nj-EyYo}-Vwza!hl^BD9ULoCB>uD_M}Mc5b(y9l`W#JN
z(lWNFB}WR{b4oa4V}IuY4i$_F%$EpKvVWVRm%EbN%nld4_v_9V<8#_U=_?lpwiB6;
zYwSuJFB5|9u>Th}C49HkloK1J`}X0CE{$lgPO9WbuZGx^am%FmnRo~Qpp2MYT&UbD
zC)<<F1pv%)=|p7u70Ir0!5t(eVZ~WV`pY_Ka<rxZ0NueDEtZNmb91E4F(GbP)^b~E
zoxYl9hZ6q%sY4*250oxsPcNSv=FG11c*gjq{LwP|RmGijJu;9F4*rsqE@W~_`hB#T
z{HMynz31VoH{%~ab~?|gb!wc!{qxDzfK3OCF^vS+6wQv?hrPLYB&efuHE@)rm#$bz
zBhm~zYC1DhfPw-9+<VZ1*m(@C<e%<+*3x*fBD#bb1UhbvDG;fT?imS}N)rBKY&#Z2
zTJD$FbmlodI?lsUj;euk;v)UM(V8fFsTr;|F4+eTsM25)e$Psi(vU$CVRl9cuO&Ht
zYoi6(hAK2G1!s!=t{VkU24_hx<sagH&{`};(Qaois4T86`rBoq;|Fvr`7LBRbdBIz
zAlDZIA=g;H4!J#z?Rc>L-)oCG6MuKsqa#0ZgmsLs6ZYnbd0m8?B`3XDHK&+}N_4WR
z&gYAkuP-i#Pjx2d-b3e22mFeW9aNTf*e9x~1h?L^5mNlpKG!$bt2@M&%;ooqvroPU
z7FmryL0VOiQcBCb7mvdy7Yt*$PXH0se|{X#jdgoP8(vp5@7O1x2j9dSoF;*+BKo(;
zL7Qf|-Y?gJoQ1oqMq`};mFIpXZDkaoXWaW!omJVvGkmTPQ<w#FNRz-kr=GEJw7~|C
za7tdM$@`>@CoXB~2b%HU1xO%00*&~G+)8p`+B8>DN0WA7%LAxJiSakh7I_rxbQ|aL
z;L>w1A^l=YY3%v)Z*F=}KH(w2zKj*(PhXisO((`KO1r9%?%I-J00ETSj~2v}y+h^<
zyNT=q(lEO&?muo|)dyFv2b?y%7QO1f_!*HU*-`Dpwe8#RI(ynL<WPU{eHrdmMu&`A
zZxGMx|1n_B&tGb`tcrGH`~m=s^qou#=$r0$vZ&m%=UX@2HrTsk;Z}1NU%w(-ItzjS
z_!uvEk{hLlL@d|td%%&GH>0_CGA!`98ZcqD=XD-Jao?gmIgJaOYow*WzMKZ7o2HMq
zT0`a6e@{QB1En%8vehRz%>`?|-qe6;a`Tt8d;T5m(r*laeiG@+ZI{Rb014p>1-#+|
zpi?2laSO!`lN>)f8^~srlhV?n)P$y|09i*XA1B5F2MM;X!--`jEkfG2s29#x%29Ap
z@?CLD_ubbY=<Fa=F4DY??4z;yMEw58!hBw7eOHG74qlReRTH^wGR6<&cK%t|Wm&d$
zt%zrru;oAIkKKH!Y{@4F+d)%+u4!YFH}W77jV$iI)jC8nYO#|zQT3k;zSS@!^Zh~!
zgBV!;$ZpQYhFBF_bxRK=^}ibd0F?M~(#{=&Y?K;sI;IlW;Q_v0L$GuPL+O2Npp{`1
zH(Tm^3(b{*`oJ{;5{TTAZDX5tS7GvBNOTXJsTD;i<nIRkYu&U!Jks`~)xv*bg+qWC
zLO;Vh*tgCG+VcaC8eum;2>Xm1(Li-}e7t+h;_-uHC*>AytOthJdSV%p5qPMlo>gA&
z=ui{|h%%C3-N0>Kj1NFVhYCD{R(`0AXg--2q*JX33+9}%&H7-c(t*|<W3ldxEputm
zO;kjx`dH?M|CMbcF4iQYzrSmqe}e*S@_W0#VMyW)LcRFbW)+F^X|BoH#5k#7j18;u
zGq!<O82F<x5MoB{+74^QN6(*g!|n2e6%T8}gJ|IMOZ_U}Vo48t&G*xFq_yaOHg)Fw
zD0JOlTFB|_V83`4n%*Xf+n>jxt6Q38fSpD2t`1>3)!o>&04}YJ)B3<6a4w@m1gbwZ
zsL*NcTx{oX*?mL*$g|Tslli<9et}P{YBK1otzOeU#f53f7LZurfyrUvRMn^&=qtph
zf?IU$W<aQyjW|ry>`IyOuXg9)#sGy;^@mfWR=>V<CF2gQb@`h+n{P2G5SMSI5B#l%
zj{>Imw)E!dOpj|g%UOpv6a4TOrFmPAkplbs%gQ<yu@nuBKJEWXTN><{xru6G;^qQ6
zb6mrx>3qPPuU4?7WhgFZluWhi62G-)X};3`_2=~I4##tW#eTZoGtbY>S5+TEnQfLP
zi~YYfdk`zr<9Yn{;T1uUXV&esIAI?lq`gz$bbfx`&z}LfnT8Gsu$b3=V5H*WsGhd4
zBgva);QsX23v8`s;38-N<al;p^>_DI%cR@f`KHl0A3HgRoVvTRW14EQ&#*so%CSS_
z@FcRLb~V@F8rv!Xeoyl(y|eTFu(wdHK1p8Ir5OMSCqLgBs>s+ViH!axe7mHpE(K2O
zAu6dy9Z9nTa>S*Xe=C<BJmUTdUOnbX_Kk4Cln6%sV_s&x_jV{`K7to5vva4sSI4I2
zNoWI4OP_EyeM;EF<@yqC{Xyh#0_3oba8Zc}(Vu2Bg{9HJ+fQlj*h+qQ9l4-q5pSj=
zMH^m2T{GgHky)7JPgS}_@pdL%q50|DP6i#$=diycRqV(;^WT%DrI;C-EGCr5*vGS`
zGl?strp8JiAyt&bcF+I`^rp)lHIiU~9d`35-{QNR=DhFDar>vQIy$cqNfX{I)e!T&
z#Y$u|u>@{&vzV;OcZRA8&Mq^4rM;nqwO_zaYfUZilzVe}|3eoWA;j%3O+Ta1Nz~`8
zolO-vQE85hh)FK0u%v$U<&U^4?zy~<t{3h<w>pivwcjb=K9;-=w=Jw>Tdxv=)YRWw
z4tL7WfaS<+8YW!c$EIznlQd^8(D`$vfR+2(V;x`erpHNAhcLX888X%FsoCBXnMS6^
z%OggpCq~IhblUBSc8n+>F;j8`?=jFeJNz4K4U~Wn4^f0uiKIMxF@!w=iJcdCc8?{&
z2WaUC>VXwPs_lL1CY0i&rEs?b+Z%6l7Q_SBT9%I3vJu!LcLu%td#R@MlG)I>mqS)Z
z;P*ZXRUwU5pEYq3+4T;6RU%gdr5qxGo=%8w#_Jp{We1m>>HLN4G{oF*P&Uha^=+!%
z7px~M0D%RBGsQ@N$LUMdoPMSqBM~CS>{mbe@HQMAwMhszmfKKY?5Bs!Nhw08<W?&q
zt_T{qA6U4h3`-g=b<9fKiI|VuG+#P<6(uDlclfzouJ)_X+D56Oiifq+UG0uqik=6p
zCop(jZ=ad4x&rN$T>qm(Dj#5v-7jgO{+n1E+TSkMXQTv4!>XdBb&ab{3$({P?z5Nv
z_%188mj^PWM@y3QmFOuIkiz<yoHh7xxVw7lfq+>doFbiJt`h8einE%M&Iz1L=QP4h
z4zs%UXNX>r79W#7cuc>lh~hR0=Y$4Re#bODj(dja9OwDyecTbv@dGO->+_QO&-&J4
zQa)MfW8r+{ASeK!x5N7GA31PEcVEEoBom7Ovh>4RR%P18%)7I4&W!kIeYK3ks_uv&
zA0Gf9wc+r_6f4m2>qo6Rn`VI4-nQU6m^q>=dgYgSOe4gA6zrgVBs2hW2nh+Q?;6gS
z;9PZKW4owj69s5aG$}*wDfWj4oy&ZtWwyZCh{_svn3Y%H3TqZpnMW=%0D#8yvcH_c
z0Ev(4<wH|o33}E&WMlCKW#PFnK!f?nW7LuHlA^7^N{$J&r2jQN<OkKgYy$f>q8L&g
zv7mc$i3?8w@BCtpfN?fHgk!MPJKE3Tz~iLF<11_b@m7+7`Y#=J06=8%BkbAqxFSx$
z5=kYxw1m^bI%gCh@?!|7ga7t<A^{uXqW*4FZL>RNmfKRpo6`QJeqI#9gIx*un1lk*
zxL)QDm%NOBY`o%DrAUj1A1*C!PfE-dw6TNs#*Vu85@zV?CD}U&^mN4~;9?5;=^798
zWywb8)T=PPBdZ^7vXR1pALDwt)wEBblWo0Pr@c_1YO8ohHB3EwW=1Xk?Q$Y|Uj&=B
z#qo*nOmrU7*POzHdhs8JK^T77R;tyS2z~j|g%yX?E);um%#+`4Q(9h%TDkrTlsab}
zOJZvm;WOg;l-G%8#;2%{Y-ko5<KumJjoCNZRq^2AxFq&djfcn2L20Yn!S>}7S^6_b
z(AgN)x)*~4(}bCenhIDIiv5uu0E~owgb;Loz7JdBL;e$9;WUgGem?N-{jn$?u^`r<
z|4{UU-xCx3A8-8WUdX*&K6;70m~Y`O6?`lqplu5yb`28~ef*2|uJa&yceshm?`E?s
zf+neQ(<9B)UAsBegR?o?^C$N^vdvd3!&0bk37ZA}itRnYU(P20@kmiWE?obASC_CA
zv431=5dh;(E}dzb2k)=|k2sBnlA;cM5LB9lhTbSrw~X}dpLQU0H~h+7vb5qoDgpni
z|ALa?=7rBI#N6X<m}w=O5~4)BIk>LVC4w&D=tJyfZIa1|lbvtm?B?!nMDJ$oj_U?T
zwHOi+xQKuNi$??dmb;C59QXG5+{gTWeWK+&`!KKM`cd@WZKM4jn0<N=bh{fDD91fC
zicoe!+rto559(1GE0R+A%{3?;aagwgZwuEJN8@EA^BH3f_Z_D6h&f(R&RL%uHn_*=
z!B=7(ZSM)W>7S2HJllY5Nudlbr_7ZO3u8)rUs3bJmq<=hkg~EVN}bRM_67D1D3lYK
z+?#mxy-Chl^%(zP!-(Z&L&E7Dbw(h*^bzkO$gNJ4@Xjqg$7N2_6vb_;^-GMbgh6vL
znF6~yC{cBi=N&e9OZY%Z&Ux+p)u#1;jBiFsRkJXH+&6*_o>?&b@Enbv?MeWB4MSKw
z?<aY1En@0Mmujh{_TTYjp#A@O;K7Ti<v!9VBaS60sYG39M2o#izLVL2a8x?yifN{Q
zaL;89wB?{(Z8dp)zUD!Te2DxUa+dX+q4KQv*9}{}7XIe#bG!0oXWV`=$hm&A+rhF4
z<8O&I<c3WMbFd9BCW)p?wShOXJ_R*@gl?8}c&k&~;_z0(GV*UOwKI;rK(=E;#FE5P
zJ9AboGnK;i*-&+_?}95K=5T7f)WA9c^;S!f(_^+jD+iHxrJG>Pd>k>DTRjx3s)-X%
z@Y3u=!^)E8qVK_7#q}qSua-mR@@|LyjnI7mq#7#*ew%(?{TCo^spaj9uYY{`tMrXl
zU7_xImO39i^VKSHE4ZpjMo7W)4{N30%y<OdkHfrjttwr_?VfM*r)h?bn4X3xh)9l`
zYwd^qeYxEX0<LIvh<WWH8knp$&u(|FdC%N<NTGiKmV<*k?P>*-OIn%%uZ28gGlZVv
zwg|0p5yIkkDQG;`FtDqYtJq{OZUzd7N&6})pR7Zac?J8}E%47z3==XNk9Sqz99Kmr
zF`HTSSTZ#mS%)<~2@7lma|A=_5a<ZU`ZjQ?P`j5?djI(1_XiE?HTINQ$*6*$2_IKR
zbzANmoeEx=E&ul!W~M;-&%T5yku$gal)P!+b2nEOv6JKMdPRfkyUpL#65Uk<bfq4V
zZ~8y=m=gTeOy8%EuEqT=H6w)P?oZ?5Fg$ENr|>LIxF*;hIVRX(6@1CmIFQG6>oRTl
zjXYRIaoKL;aV$d-r<U3bUq)rDZ{HG4$?xP9MwQqIO@I{oy*GK^D#^%DKbu5`=|TtO
ztfn;fTw65^G<F&RqA5GfeGNI|`z&)U;j~04z?+=3rB5s&>nIXA!tX?5Aj*;)mpCT1
z`;^78qG(qK12e#+$T8-Wqtv8Oxr!ScAB6e#3Y$1w6yY+%CWoTp!UwmpTSCor7D3Jb
z3#s)~`=Cl~O>{TDs;qoW(dqCI9i3hWR71UTEO}*F{!OJv3-m}SynU#|1ouh4as`S<
z_HsDGS_p|`dn?Cu>}r>#=DWqQOfWZ8s5)j$oTO*cQkQ4WiV;g8oDBFW3MDp1<Hz>u
zv+fA~a6De4Z1Rnav!Md$E59Z#DMS%0k8PqBXRYMG>X@a;+W0JRgzD>RS*@0BF&V!I
zzz0VqszpeaAoM5ysyYj%SGW6avn##V)n!}T-J4X_Y2-FCqBSr)>)MPdjeuN>`=<uW
z%G7auUc$v5!UFZl1lL;R8>sx?FOLJ3IU;&TJ%1~TyY;&tJ?;83r=~A9I;V4cHW3bf
zPFQ%+<N1u2f$hbiHnZgtqbF$*A1N`R%29)_atV_n@!uzPBBB9q_!Y8N;;$qjG8#l~
zVTU)hQmfO3A$J(I46~&c^|nsGZ;ErnvTlNe4xKUSB`xh(!!4{ORWzs!$&Aum`BQ+i
zU;6?=opymbtsDmpwf25PHt4?%j<B-%W-NrH=FAjjIMJaYXWOK$C&C4H{}U4w5X@~4
zUif@Hn|S`J)4;ahH5}qfc0FU%a;xFoVndDA*E^a;V>>Rtt>Q~bWUg^q49|9zH^da-
z##*;5ivD)C*hUXyI~*__$rxeECoWac5fc9ViYG?n@#N)yr7aILI0$f2=Ou;3f+L$C
z{k1mTD17Q3b2w3zLcwZ#7Wd1CwaUE^|7>>GNlxb=*K^4<OgYTX;n#2FAHsZOs11h7
z)O2t#C`zT1@SEVDv?LP0;jn{M@-0<=`+%hG&KXohNAkY2Vp|THH=M5o%W)&(0U?U=
zjru=bbu>J@Jp1Ph@%?7+OSbWnr)Ha)YsPQG9$+;wV=ik@&dY+9V1X=nGsyDncD3<w
zRPo#UQJ>XKf6mhhgE+w&Wi&`moA*3~!R<UV=`ig6mJ@arvOlrGfxeW?A`+X(7*ThR
zf=X=Ej|}lUy1vqdvV7ZU-*4k~S$K&Fze4w7RAH51C~iAF->n2aLv{ut_GDz(S4j;=
z`j`EyO~X`)iW%I5^Cj&Ub_k&e+M;F!5nE3_L3$0doxn>$YP!Gw6boU~XXbNgO$65v
zl3JuKG4U=bzD#1tZ(hbTKr$Mr3CPOEI7-u>+Ml*xJY+b@Am1=gSRWx{YOuj%kXjBC
z!wB!f_OI9r8+W&<K+A>*{|E})n{D~Zc*qpr-p}K2^A%G89l}Y#;pcX?5K33L5w%QA
zAZ=^)CIIo6c@X8*5F}4!Xu&j{ByJHc;FT`YxD;3y)gByYj9k||GUFr068IXc&Nyo!
zJZPOu&1(9~uZ4Y%zN0V<&xLIyPd!Wr2en=6lwUL1&6jF)@)XT8R2E#FuU|-N*$5`^
zgc>QKgbWZ2W1mzH3mT;@P54Km%I^6yj?6^EVI`*GV3RVqriV6$&^LqFVD}fTmi0H-
zW^6tN3sD~IS5qM|%cTxlio}kZo{vB2?35)H0XfH~Ci{qnT>l2%OLv^-WSqGk>Tqs+
zW;Ipf)6i;H=MVd2EdI_<9s+G=gaY;Hi3s1fUV!#WUeN8p?Q-(9S0MH%<rGch(Gc_-
z?(g62u`*d_S)n4_k*=d?aT54KI!OE0aZkR7L&VYqwGP)!GLYd^K9;DAM#AH`gH_(`
zOBGck=o|5`T}F$-B_kG?ctcAjd?tv%N-x=)sT|fk$yqTIghgHwB>8)<(8Ev)V0aCa
z_-FkwpsB{`bH5vj>3#Q0OcDOqe1n(gn6P9fG}ZC0zM@Cx`o7u17KNUi<b8b~Ir;?u
zztb>&ilBkgF&H^}M4CFg`|BBo@~&?K^z<CAo}RHrV&x;jahyfj!1)ibd}O;gxaThf
z-<XwX>E}f<OLK|>#I?@C*eu^RK}4Zv2r2ut@+Z78{MuVHm7s+-w;5mFh^8M0+kMG_
zGtou6icoc1g%W>120TjV^FCU4&4$3cS8XvcFx{QBaP?V+(*Q)z-5r<D)8FNM$P5|Y
zvFWYOfB0-UAGy1L_54MS5MTd#HXu}Vrn0Iu`1mWzR@EjDs;_dXh#a!VVL6Bq?j<(O
zC2&jdO9~}#ZdV6v!`m|sLWT`yK1v0iwp}Ie@0;o185OOqu@L=xy?~Zihu?rrk$x7=
zQcVOZyJG*7z+d1)P(E#b=c-k~WhN(~F5(rftBYweK^BCzQ8IpcMs7GM6$S+0;}~&T
z4&v+p!ro@a^=7fV$RWDFeKK&UTMab7eWigYFbJaHxeK^_a17hB7#LB7juZ9lDPt~k
zTwk%+SqfiW{07Zg6>gVqYqYV*pEyqwL=)?d8T~9e<e1S%BP&4`uF~TuScZqY8crdK
zHx=DXjD;(u4EyDr906k?s+3~e%|U!R>QGeRQ1k`h2Vf=^<hebuA~8^Rk1Gw7d1apX
zqj784k$Thh<G5o11qB7?29DExs-J=soi-celg?yEnGl`(cWF$d!vJ!fdk>XX^J7Y?
z$O_}K^zWn)cD-jH7Z&FvQAckgsd_%KrS2dYhJMMpc_h3ugEC{~J@|G}9C05<0S!{p
z;P{-fzLr#|5^69%0EFdaewBpNk}vu<800uRuF1K89Vw|dYr~vfuL|ZF;nV1x9HCTY
zZ#<|o<;fD?d*GfQA8ZaSeXRDgAxDlrObHYDv}!s>+p+UIVz={W#Crcj|F)OfnEt<{
z;NalTuOblTf%Ur9jRj=i_dSb5zBSv-tgEd0S?KFLpvU<#<=S@}!$ROb-d@ocbBKgB
zqgfWlA9qzg&ao`Ne=-rEJk{C4zIk1Avb5nm%9#bVasp;OTwE1NOa%eITqeTOF<pGH
z{poc=XWSy<%-5HE;?=dQg4uEE_xuvqY-0vId5F!e5BMCRaa0WQwX_%mCa*0SG$7kp
z=Ce_yZsni(@eZwW*Iljue*Rvrb@yWcw1k(c2>DC%eehpTVxb>!H8e+6{UCx$X=oyj
zLqq<GYH*0xM>@7r_`LPK^^})~hsWbp6!NR*QLspt3O*-H4qPK&vf%rzN>)w(&Fu%{
zcOv8EO{=;R++OH@Dl6@XiZ8RP)$o2w8?D|hl-871onnyjRb9Q^i;G$Hj`P#E?Z3*s
zVvrpv8bSLDo@#Ytt9F}yXHGPR6pJ#q4ay#VyA6k@zvr&@V&1mOBusya)k<}q5<AZL
zx#f>c2-vbg9g-e}+64uvA)xz;_Pq&;d<;<6S!LQRp<{wAozBz+pZw^en^lT$l2`VL
z#y*W!W~cu-@^d&ln3X9D#EQDFH5+~2vO*tAQZ!;wejI&|3a4BB{U6oW0id9{tG|kl
zKh0S`;YWF+gFg+G*JS^R`j3p^6Y=P)7B+q0z3m%~LJ+BzNkCyQsKg!WiiBY{+M<@d
zj|P%*MbgXjH-C1uvwOkfccQLX<E7I#^4=M<3=cX(F4E<_3X99>g<*~DdqLCA&IgJD
zE>dRq(sc|guEZAJ32vNzdM>M!DyIi4RdyXam_m_+9^v%=I#tf|e7lglCo?Dp`ST5W
zqj{nb5SB1*6ANu@3p)y@2;bedekqHA1}QF|$ngXSUL<sU;XLpbubKnZzez|#K6v&H
z2)27{p?!g-KwF3(!b~afVLActVqQ7rzZ5)`ni1>&MN~`W?`_Y_vJbLUwPet`P{#vW
zI6zJ3I?S4{x=mtcp~dm^X3RYqj*0Ck0-N)M6549jx2KNeH6!JGi+PPN)Avo6beEAm
zkq3`O`j<pt`iYw^dTEcVnHAyBG!Av%wq#w)Vf@D=3b+O}hqQ4rYel?^3KS;s2o%>s
z;I6!jBlG%20%2=YAGV2E+waPvv8k7eBTJhSapz)!6|FlQ@Oz*%J)5#LJ~<*>(0>7P
z4Sq?fg@@J){jAcGjov<Ua(P-LdUq482Bn5cTT;fP;hw5Yv6PY7dqVQ!3z@z}jGL>8
z`yi|M`%f>mzrFubqTnb5Gq@BWQgE(wB@JFwttdclZW`x;d;VcAPTM;DbKNvaME=s&
z<8{aCKl`Yr?mr`we3gEran6DV|LM2W>HYrvx9*GJ_VhByPck!!$KfwdW|mbdV@ghe
z1p8RC6zg#9L~biS7k4?|wF)~VBf$^7U2s;vYp%m@w5O-%CuxE2n;8+M;;!=FpCTeE
zU<xBRIJmHPOuFYo-J+$8x99~Uek7z9(+d<^089`mz$pm9K|P>*2D@hp4&fRhCht=u
z#f#RzoOCLtrX|xXU_fZhKY4V|PYHZUD8v9;-7p$OM>o!We!)&)0Pyy?jd6k1^<%~5
zf68SY9Nd5Rqeb3oVsgv>w^I9m-SU6COF7;D*$W56zgtt3{;y5{mnZgCzqWHBOG5$t
zQ5CW>OqS=WG^7mff+GvmEsW_iN}(HU+=}>Ipx5wh^Hxx{@xp`iP;N<WaP32gZYkmO
z;k~AU&9Ma{I!?a%2Vclv8!S_~Q8ICS-I)BTu(J33w0@t_0gNDp5Bm7rOOArtbtLCU
z(H;8obz$K0r4Q&(xkVSDRA;)F;rWfWc3M$0cbrdFtMzbPU{04-VMG^IJQcX6uZ%FR
zPuPSUc1g)mf_$m}dEf?cgrq{(YN@nUqQfjOxRGz)FPA|&zM+yE$s;1WU=y<M&-2zW
zNA-@qmXy|}`x8NZ=@RbLbH;?}Q9xH{%$3ZIy}@j`TmbMmprCtqclLSYCU2AUo(MT8
zyzBS%ti`$`S>FceDN<a+Ar-_a-!s{{7d~&Mu{KSd45fx}BfpBR#rZ(cNfqv{?Ws60
zH3f1qNa4@v#!^Oc{Hc*}+qyg1vlbVggsWQm;Oy|NhP+Xv-HB^xs~&M6hILOQ%Xur!
zd)HsSQpC)};)4EyVxH>Ewx;hIR&|8)Uf`R9dGbo)q`MP_{$sBh$VL`y1u?fDA0OXc
zr{Fs=nf^`c@rSd?#aJ3Z;J|B0&aY5^7S3FpZs;I;ul}kLVjccqHcyScJ~c>PD@u?a
z4EzH$6t-`w*@Kes$<FH)Dvr6#b%d#nU8T|mlfokpyAEFOu$jz(r~zsA!(2rFtgKO%
zc&y!+iT4)o(N;}S&<Uj4>s<%(YH)2VHLX!R-zw96;d)U4<6`^-e;Fr0pG6nfi}l5?
zMGdJkG^<(^Hro3y-hXEoYuxG(Hmfofjl+?Ro|_mqaY;U`F_{Q?$vm;&I45Mw$jh}_
z5C;^bVt?x(wwwZ)B$JJ3CW*<ZSdcKKsQsk}iyRvd)<-6QLg=RJ2B6y8icx79r_J*N
zkH2wYNg5!3(#i#B>_~9Wyx6J%zomH6W~gdG7khAW7OO*`4~q&XJ21jv=2FD8*m5&H
zV)y%_Q_Ik<g-F*%ihd&DCUU?m80!Ob{cwfsBNd7!l%3@GNKEp+<SbLl2ZSkW!y5#V
zm!FoA_1rT~D?Xt)`r0k^Yap0lXBg&EE>s>=)H9SKA-sn23LuVAC%{#g<1i!UxOVO~
zDn%UkY;b0$+j*UqwHl)P^~MFvRBVLTlm)eO>ecvk?w0W#w;xXVFSX4qmPgVEBrf02
zhBmv@P0co5E&oxW|HdgMABaOQNvu+uj8K)U%}9r!(L>NvG)m4?1#diuP|AP}MUji{
zPVq&P0))po-G3H#1&z6*<nJ+&^_a;$zNmL|(Doz0y=CliB0YWeB3s9fLPCapaYkT@
zOoHt@Xh8K<qD6MHSg;&3<ltL@#g1i<+R>^F15EX%o(@d$fdko_3u6tb6LNr+bs67_
zdaN|)XFUz-3|m&*##Nf3qguYtv~@;yLH+>mmaFUbnw@)b6KR|;LD7gTkxx|7`E1<z
z4|PZRFgp8Wgy&`>=|TC!VkNbOp)dxa9F8{FX1eFt@~?;M!s>z-5e95>ucS)8fjZde
zKah;2@_z5D06&Z9Ng0g0z7cp1rt0(c+nY`iS;<94zSPlFmg7CA)M5-!F}^!BR9~B{
zHX;jV%tBlmQlC*=jpQS0I+{m|S6LCXcy9dVcqLgxkQfg3MZ6cQh>2DA`O3Uo^)U8t
z8wTa_5L;@>t<)ZRWx!nr&NjAjwA*&*WMaQuf*2veVlJrB>LB}6ksp^Yo)`lg$yjl{
z&IjL<Y9bw>l&Dq!(EEY3tTh}vq)?j7j01xAIABGCC}W>;nZ3+AXhp1K&!R{1FD}W2
zp>dls**B5ItA9XBP4b)4Tk6P<eh&(SJXmy)SSSPx?pnG}Io)BlVvB+J`nB?(IvC2T
zITC;0D-3vLcER6A|HezP1?Gh`72L}k#n<>7ehRDHTjgZU`hIsT#ESRwj^Es|Jc+!j
z_sTrOApfn};p6p5Du&>|wFYWbBr4fqi!6Omk?-5AcU6+Lnl9J9*Nuh@*k?!v-1OnG
z<kBDn9-X`p-NteP_Ypd8W}J;PYPKvXVJ0M^ap89M+H^vv=KCtT!2HXM4{V|5(l~gG
z2$~=jczu=L&!Z@H+*gRNxl**c%E)Fv=WWaF;I*Q=Bs<W?IPs{8QyKZ0*DWT(c0i%%
zYT&9BTWnPlw{tPk;-`~7fU_Aa@Q>k<?+%JnT<^xhdM{O?_7_{GRIKk$a&0+{!w-xU
z7n{Ogw+QDhAB&b)(P&2YH89NwlUjwAN6m-lxBFwdO7V^9S%UpqkFT%B`FS4cC_*d>
zpw60{PK-6Zs8MTv{Hou040`?{*yiO@#gJCMU-AgozSsIzEYO4XudJL7Mb$C&YV5nE
zyI}Vj&@{}}vChcEdhhG;=f1JmZAgS;W<S;1-HevaIjh#<4dGg@kxc+pyI#LmL&D@~
zOunslW$UV79+@NDS}OD4ZzFf?l_K>s`>AQ@!wSY07fX9P1EIpDjcW~?*)b>QrgH9y
z|KN<OTI89l7ry?p@DTy&;4|$6EV0_0tb{@|ap!RM50u})<ON>XfbvuG?8u`PkQ5cf
zV<z#}aTDyeh?5?yqAgfi`14~rl79DN^xaVlsbJgkggQZ#oOkdhO<aYRn0E20gXc|y
zj9^BvI}|_LZ8Q-A6N%&-zEBNEn})b(KB3ID?wJhqkMUc>eMBTSZ+O228rlAbhH2=*
z-)3o3H$3mgUtk!^d`M9|#<0AhBNbK++l$J%(RLK@-b3fuIP2xFib0HF?Zv9uq~ix<
zPR#cSRtBNrI%fk~-$$mkZoY*139W1yGx8&v3cVw7=BP{|FLHC`bRZ%gak$(lOin@E
zMrP@F4^x4W%LcIfcRtv9qTF{skt6>PG`u5yOUD6PAZw;#S1EpC)q+M241&qNO#=Zu
zOIr_-()4LGOJI*HG7o8#d5k(J=g*)cJ<nrL`Hp+{h&DpUr4YvwHN2DXh9wkiy+<xK
zY*V)XntK04-m3d(h@z>!yRYu{H*|cVE)IU!@n0-zb@N7=Q0$L(Mm$;tlDY|G%78S^
z1#QhUrxGSejj?Q~M4$R+67>@1E+2~LCQ7*Mgr`r}OTwC!_YZSHN)wub1zKivZQ)~M
zS!ShKcgEB%eTmr^S>mX&#KDmcR{GPUUK)P8-J{2~@l!CG!P-VbJP&)eP=<Ix3waqO
zQ`fvtRDp;k67oId5;7D>rKr(J|GKKk@AQ=K<k@qturM~gqnz<EtM`UB@YqdOg`znq
z%p8yxU6NZ|^_0Xw%qC_>BixZmm8N4=O<-h)W0m_FyUulH$SG!auW@wS825C-%ALSK
zFE0)CQGjpNSNxM9tIYhLlW3N1$eEEHVpAOIbbcP6#3iwezhSf>Asl!ocu@(gpE*%X
z0>28^B2WC~{TITK@k=p|i%|Y@Z2_za!b>$DBfvTIn56Wx)g3j4-#~w2S;cioIcvnt
z6d^yGX`;X9q9I3gS&Mn*JaaJ-;3%Xsv}rPA-j^Cd*DAbSkO}b?D_S~##JiEk@RPcM
zd@y1LJ`l?t{@-hNcRZRmoD@04o3-AmHYLYgVG4p~SsXMJkaxUlK!;C}3Y<vC<8Mke
zxkVF+lW_pq{~+?LTA_z%Wt{F-&xjNSe%a`R3)V>jF0n^Yx!Id4<2C5gXXBDXs-g5_
ze~l&s{f+d|Z-MhIXjn{i3qDozQ;(TLM3wI&-66J@^U7)EEF!a35*-z3SWaG*IjOY5
zvVBP9_$8pJ*VW>{mznXZU*b%@$spS@vpXyX|08Pr0Qjk65g8fn2aTIiy4DdUe7HxV
z$%Or-ycwH&pV*j#1N7Ad8PJE`QXn0!jc-3VlHm{+Y<J0DGdzilX0=NUB*!rb*uQ0P
z?BD@!c1PsEcwwkG{+QsR^k1ZNP0qxF?lDmYmZ6tqN>NMf^$ysmhDuJyG2=8ye%VPJ
z<{|RnuXqwv*{N(8s0g@=zR8@?*J;CcnkH!Rz*2ew*lrA$z8_p(7`z)YEu^+)<*X2R
z6QOel%l%WVF#RV>;Zic9XXlM94CO!bOPBF{uJ#s(Xo?X=3W%mu@G+`fAu`~<*XSAP
zm~m)iV#^|oPgWS@Iad((pqb0D?kAnoBq^8MO;jpK^w0CeIxJNIZ*9v)WNq0|>XV_I
zj_tmmMV^(f<NN(eF=Jex`&ORWCgy42sL9hG?(Aq^ol`Y1=4ayzZ*5DG5eFyrXD5qU
zg1>y{s`Dn7hk#@=#lXM?k!Fr(=$*)6HsOV!-p?tK5U1ujB9`8IzKBHYG*v83joBBq
zTdie(WD41LgPy1C-5`3%f88VD*`2xmEjnQ{c8U+DQ|sIFptVAU4y8+kCo3~K@mQ%|
zW#KGmVV?eH)>ku}gJ1B6>(_Q_DgPsKv0s0J6852p3kDtTE;C9z4tXpG7c2KzJpPDA
z>QKJSoD#@r^z6c?1dezqIq{#n%1YJg;{!@W_xMIIzI1cH;kKz0K)WTvU?-(7pj0C<
zwaN!(4lBD`*O`J0ZNv(fIMJ9OABiRv3z(HG4YKER2%r$Px#wA(C%V@8u>_qNa10n0
zVHBzK6Oij$obA2|rd&@3hCLS+EfpOQU2ygzw`qU96qQA=<$C@c%~AM$A_Z{`qtV<_
z?&hfSgVJ6?Db1|qrX0CMWMaCa%)>%lloGtO&dnTAzy`u}Hfe!KJ0C9r=GdP6WICH{
za_nA;q2Iuvfam0cyR9NmG~=GJZknvXP{V;1%xqK4{fUNp;8QatEaM1WfUD*%=1Rz4
zg$d7fnZB9tE!V_>3Zh!d{lF|10}nCNQ~q^T&?D~Yhe%g}e#?M`Yexk7p*XE*phDV0
zzdp~w5!tN<;^qlL=rl7e`m^=kI5R3fQM6d^Ghxl+oKT>m<MR9LQoD^M1BIJ@fG+Oj
z!19xSm$~t(8Wv^@5+E=#j&lf2fBVGpQB(HQ8vbdHtP`!9f&v+S*<?F;38n6F&1Su*
zNQ9%2`Q|34{qZD2HvjrigkKN{)`;b76!(`atKgZcXZ&V$!6Y<Jo9JT>zL5c&bdTR0
zRW<8{Wms2lW|e|Yqm%A~6zTSBgN8fP-slz?4qQdna3`<7BQwo?O<`a09EfxE<LpF~
zEH1y)sIBmfb7xVUN-pUNZ-hid`z*Y<$PJ+WS5<n8mPoXf(R(zP+SChLW(1@ZCJVAg
z^$#53)+K@nxQf#}QAxBF^+!ZDa_Hwd;itpKr$5ud?B+Fc@UQw=O1(Z7E)@@ref5G9
zscI}tt1#~}{gg71PbSJUx`BoGCE{zF5?ZlsKB!4vOq+AAgw87Kd;~tf_ZJCAWY<B3
z-QS9}1hby5&tD~fePmX^(EIehNhSyM(Cf!Wh@4OP6HcD~-A(4&Qv^TNgVk&_k@g(6
zjm1;idwAgwkS+8b``KnYF9~uRQgj2W-+O!Nry}JIe%eJLXGkzZx>wxn{;jjSX~oNs
z!yUWXWIs{S9U8}m@ZH;x^B<+_PbC?r*ODu^tCwh+m5w(23zLsJ2}Ea#)AgUnwbb_|
zq&mUE>_DFq&7%L2-wz!iNvjTbHy?i{V9$%?$m#1GXxeBGHQv$th!-d?AuG?7;l>u)
z=IUuSXJ}`$yC#J{VzI!W21Cm`XYsk!JEy{>yaUWM|0dPtK6V@jGxR_<YOV5W5E613
z>tYF)BMSCcIYk=$?~B;0oPLm%rBNh(by%V7=_;JGEPvAOJvisn>^M8HnIO@W38Sf{
z7f1C6bNDvBqm3{p*dNw^??;Wp7V2_NxkVYKBe14LOI8Y($uo~Mc9m7#0gYEDSpk{4
z^w@8sDC(s_7?k@>=H@F!y<1^7nE1_f(q;i79Ws0EMi{Yi4OgWIm7PVEY6Z;uIxYq`
zwCTOnlb>v8H9hfa7h<Aw>J}^hI<!LI77@#Bp-cH>*ctFF@8EzM{fl-Py|1HOB?(MT
zEzr<U>VLiyC0jh$dEZ_$n4<@RfQLhow03$cX*pjxH~-+ae*T#EPiw%2e0G_0_t%6O
zvv&OZTsIZZ=ASH*XHZYQK)VE+P0z{%`;O76tOCG_Uc2UPgpi~g4&F<uO?*sDzl_q_
zx;eJ5{@zbjz?dzC^QIP{!RN;{kyVLTw;Op@s~EhB`}9v=9~*x6@U^GHp8^-J8j8?Y
z0wdO@P%D56Xu|d%4CY9VbaZ^vb=&x2?TqU+#I`iALfCZ>`nLtl4H_x2PRHu{^t9+S
zLb()d#g;35KiPdTURpBvtd=!8QSjZ4%iecxOQM(xU49+DT3Fln6G?#OG)9S)dP4Z0
zxQC1>cr6j&v2S3W%6fllr#gF3Z*9GKG><XsM-nw!DZa2S301+0qm49HPcDzN`w89G
z^x#FctjS2E&fsUKSfT>$_L`@+iI7VC_Y}6++ee>GCx>sy>b5qXPa~_E!BGx}Po?f_
zgZ4#ORGWsOz|uO4?Y+-AiW-JJ%-YK}p}|hQ)_>9r(UjwA!8nnzY3cZIsWmpNt>|<#
zNt3B50|NIZan+as)@YV&6P4<iEk6DNA~aof_!m^CS4A@_W0v+|chRv({WNYE>R$;L
z5lA_~rt3ao%#~JR=)~Ic226CLapMu!c7Db^$?w5!At%dpC}R)rJ9i5?Ii2YCm^jOC
zz>9Mgw9q^NKw9n}Oo-iQ^fGA&7YAJC%_#~GLg~02{8rw3Bsx5VyeUzd5WfwaPl3PU
z;T}CLBiYgwb=cR7{xmWpqnz#$z;V^Z#Kb^e+G*<RFPs4>d3J4+Zf^E}8(bgym^l(N
z$=EwQn0%1{h}0a25NF4(4$Uhi=wBUE0uCKfBLiQx+5ojKCFS*aezzOY!lokG`aZw9
z{9pk_#8;;dDLw@M?;_~`r}hB53ks_ks62dYPY*apqM%R-ilFVM{iTY~Oj?$g5i9#m
zK|)OdVfLv4b_Rf9QaS^SS1wq?!!^LeG)b%{70;)tqVH9d!Q>7Nd6(bty!RtUJ?P13
zG#>TnM84i%^PXrqSmoW|zhAp&!9)7b;jI6uYJG?Iu6ph$635I2aL-zPS9xa+XCWX(
z;}+nm>C(KvadTu65#@J<XU<%nL-&K+N89fg1G}_?duq>k7CaeFXs^N_@L&`MY8e;(
zI6}AR{|#)_*1AXCnJ&ED^Fe2MHxg_OqVcl`(4{#m9f;)qKHqQ=5#tdkARl@XM!8>r
zTZyrqIX!rdl`v^mWBfQi^y#@eY|HV!j@oC3!tA0r#a$8t_lD2ebShy*jPEHQWJMB6
zjJN^&Yi~-$l#2UPTtaYTAZSIp9*P!J@)$Tg@|Se@rOgFFxn;lVVBtM+bJ^Lm02sU_
zC`yY&y;@Rtd5ik&f~RO61KOa1-O!vD_<@A)KZvV3;NVeHVdid6&$-b1&t&?gRC;&T
z63w(ok=3f&!A2!5280}X58dBOYB_p1z90qZd3UICWQ$fN9&OC=mdz2$z3_Uz@=Jg0
zZd7$vLmwL;^3{=0%&E>K{Tc&$pI$_eg2489f1+yv`am$BHvIhmjQY-&^1{FQYdH4}
zl_pc9*r8*+*p=^BMrI1wYFxXKnP`A}F5kMRYvmL3Hs-H&SoN*$Xv^;>aMu<>KW#36
z3kufWYMa1d`lo#Fo4cN0S#kvh3$Q*p7HX<}5N4@1=6^?}xU!N#akDN3f~CO?P{{65
zBPj}vfvzrYUh6y<w7)>-E6^GEIS>gcgXlJ?vrJwuH1SajUMd{ih701?tp+nnB9r6A
zYYwE6I)3^&{WEdJ&TJG%7DT9nyYaBC0>P}RFSFl^rG8qOy|*^Ij;#7q9!F2_7AR6y
z-pdpGdA^dwL-|1tK8h{`dV=8DFw1tsrJbatrI~x^j<8_dv2cF-AdEKbdnEiep|#sp
zg<;{f(q-=rJ##$$SYMASOAoFHCVQq8{`O2n6(?0}Hh|S*soBeV_;8gtZC%C0vop<n
zdroZL$VQ#u?cH6vWK>El(J-I?-bN5g@Aun#prjP>XLPdH&<^w3Rxi^el7Gr7E~e^!
z^2zzh#ffh#A#*;-mJ?zlt0!w)&eNS|F|aJgp>u#}U3{(*wqEOW^UV%&%X~32n3y1=
zm^mtR^IRTUQ!d&qXUQ>0Iq<r>jGGOY@7uDpB-QQZ5ZSUE24m9=!ufVX-xa?q0{LPK
z0<kNJGgpjR62Fb0KBlavM;AG|`#?#>tB3U(DhK2Og%sQr;+n!2JrP6Sja+AFQ=@Fq
zE#ItP8_L`45)=-o^;Y4oER1Ihf!K|$rLOGWiWvj5KAnf(`O{eP%!Kz!OuI0j<nz+V
z4?H7fzCB=9?kr%_J9;D=O+dfXcNopuu&5*Euip3DvqcP>mEqeEmC$sn+=VSTYCp{0
z!juY{)Z>w#a1A9uQTwsLgu3&x#{C;`A)c-L^TibenvTJ3_x`0x8|#@DGmjjAiUFsR
zrXf|q`kTiHXDMNY1jnreRN*shJ!m8@kcR}Nr^5b~JIgh!CPWEdE@75o=LavR^@XXN
z(++_sU&z|67679BIVsBKyYcMIzV7>w_SJi(%+NB!Ltb~s&99W#q#Ul>=gyO>1GYwu
zeoMc~dUa7qe$kZ4f1Lp7=8td6)tn0K@s1jW=oDsNP31W+_`cDrFuhaV=gS<;QtwDt
zovB~O!w0BNT@L)lJV~P6c99(_;WKQ_l=$MbHB)vcgM{HjX>UQP35K6hT@Fv~)!WGQ
z&?Vzkdk?7)?F%ucl#1df{JP=k954@$&~(-FK!Bi%M6QY3RD&yZ!piIT*?tXSZ|T7&
z+ebvzyM+AQlWlH6H@#&vjF3SI2Y`6UBc5?TakKZC)0;S-#Vx*aXLxr*X>U8|Dj3Tu
zo0yN|e0yWcT`2Nec|$#30^+mmZ4R~mkMicVTV~go>jzI!7#~v1i(K-hU5)1!oNkA0
zwEU6U!6A}oCh*IMOf+b=@?e>***RK>2E2$`cRiA~g~^$xA$(K<c{R+pt2*OeSe^SB
zmm{WFt{y~_42SX?=Sr3&=Ed{J56y<k>-|m+D=xfpIOP5z$MWY8rwQXs)jRh`thvzV
zY5!Jzwu7eF=`bld|8s2{27-d<0TKcl!NG9@F%(_UKUW+L%orN3QaqjGPnNQ_b+uxd
z_ptQ&`!bALE10^3W}OAqBpW|-LbYp9&f@G@bYmiZVF3+<(azq0ekAaVm154xsDZ?;
z8AP8N7hyHEC=<(|s9z;3gDPzlAoStyP=0)JDqug4NaE_Nbsfi7YKIQ?ye38!{)=Y}
z;*|oE&X#jil#5%o{e*&I&av8`n3AhDOw$a?*J7(Dfl=j1p~odJNvHS3PW+&T-y!Rb
zf9urCe(`xSzH$^Z2n!VHrm*0q{wH%E_c&#;%Jq{9s<1hJ!Th$2<WY`{58E=xDk69u
zFcER%5g^>*s2}!gtgJn|Kb~N>pEo{b7Dqn4+c9KzT#D9l8!rfd_Ul1Tb+un>j|C?c
zj@H+O1_enp;b#6UP}3EeXuRG2k#E=mnsQH{T5v8<8h_%ptuYsv)_lsxWvc*D_zuDI
zMO8rmj#UrHq2%Po&MQlC8DzI-2EqFUJ4UGd1(_|fs1Qj~XM|V|gGD}@hzp;6FdV!B
zr=@i<sJ7dj_~g{E%8>K`#l*{)NH#Lmr#4CmpKtP^Y<X77(hD!IE*ZR?EIFc)(&dr}
zMHjd$&ghEh8asNX^1q4ShX>B&rth1V&6%i7mz{l6qqK3QkEG5-bydHX%O%Ag&3?D!
zVQ|mS!wSQ|Y>;}K;iel>>*z=OAiO9chDG8J4|o;<p8qO<B*X%(pi0bYV)yAOyR&$I
zqfU@S%EC(XUriEd3!16WlE06ZV0@U8L2b6(g+=-yo*{^m<7dVt8LO4<^<eGKV2b@3
zF2p7e{mW9{41~c@zh$Knzp$0OB6!9K^r28xeS0ID)^A^eT0Z1be9nlZ?#eU?tiPP$
z{D(r-m4Yp4F}$b@pEqplX{4>Z=RrJWTg!nA?jvbQs;X>?em7g`CKe_@`1B2h>iRrW
z>`}ElfKP;=Y6!;h?K?#c>i1THsH|kG>bpFjiXq|R{qZPH9PB3k*upM@+3%X$^cX`T
zyhyy~%)zF`s?JWce}MR0<Tmb~<-BkI=zN@4W3blhS)5XOq+Pmj(t#O+3Q!G-64b9F
z*Df#0u)fm=_b9v4NJh|=Qy4xLHBq%nrYJ&g-$5YxAPU}|Yh7^hzE`~J-YlWMsHWiv
zoufTywJWv;l@0~Q$YpPKmFm2EJ7aWwEeJGS;cIG2`J78`wH{U%4C)cjjXKNSe*w<w
z%M|TvB`bqtLGzUd1Voe5UR*>p;3N{lGg_;Z*FQObHumb{tTMhsUcfR1`&{08;XTT}
zcu^!o1H>6eW7Uy!vjQYpJTphExwwDQqYmfbi47tLX;4u&nio7zeQ0FIG!SxuWstRB
zSf<o~!QZoM-q&wCEZ;c{t9#;v_4>eiD9Ui~1%Jyt<3}8oW7yX8_rwjiy4k2VsFaF;
z`3WH_)cnukBU@&EjMsN+*G?}$^f(hx_ONuHaNa<+4<9GBw1RcY&pz89O)IQR3@(zF
zE-dOFIwsL&zF*XIED@iC5sPtaYNg3IpwIr_d?h&GfNkwj^k6w!@MShyp)T6gYF(R{
zhJgROYhERFPB@{&ERwBPFzT>kAkGf9s~T%09sYLVh{y$>9JPVc|3lqdMa30#`-8Yk
zaF;*`5+t|<4ess|tZ{AJg9mqM+}&M*OOOt3!L4!kVAJ{TT{H7?|1&SMW~N{I)akXW
z&z7p%yUyOfLYg^nwJBLi;cUB5UFn?x69^{{b@u#-`PqrAR-O^o@GFBX<Tnwu>3a{d
zG7>Pi=Rm$rVOa>s4XSsc#cd%1!|NLP0^P2cgt{!FbDMu|h{HYyiQY{u(kGcN+HZuM
z@=Y2LQf@Mgd3f)1c<UXm^}u*h@c4UNtMk#MYS}rAprQL7f9P@!a<0UiB-wIH!Vxa8
z)D#7)k;x7@)ITbgd*PT--$h57`LCpM<R}U+E+3wRWqZaSkJ|FAvcxEr0xIkXovX_D
z*H&YMKYZI^AJ_e;C+F*lW+rLf_30h9_xpachryLx(MQK5&~a9_D+Dt7UeaY-k%{-*
z4KQ2I5A~-SF*48n3Wq}7IU7L?o?SBeADd48&6pnhcK(~+%^Op<ell%`e?9vBbWlH-
zKk<HFEM66A$dY^$=NcVqgX+T|5F_$)%I)NU(g$@;$}infX$%yKRiMiaOfj&0r_4R+
zX*4Xit^LgiBe1-V$PS6t;ON*IwGWwn$C$c6ZTp*xE8LsDYI3}r5=9Mp$TW1S83`?P
z)hWmpk7QK`rwHR)aIQ}-)ls4iOJwi4T1eg!MtQ#r0=*3M6q$>!pBdbw(SbmZN*)~C
zJ53*D1R#r6LSjJo$esMk_2I1yR~sehXkZ=)vn8Wv9A$QO`$YP3Z61>|)sTCq-mo#c
zd&mmfkCjgw@I-0TNR)f#a=aV)K!B}ynEE=O`+_Z-@bo?<6CN7M4B#Z05%nlpvnPO{
zwfhf`yN;4$beU?60ayp?6l3_xH$ivAvX9S|2h3#|7YFN&Q<f41fZ~|JsmnCm1EMSd
z(iOLdP8)2yGpcHY(Y@pdbZN{qps^KnlsXzpU8c&9MS33%Rp{8jhuiB$+cFn=S<!p!
z6woI>l(tXkM?}l|gMX3AOrkqnjol~>Zy5rPksb(Q5a!6EsFzL2ydfiPCU%V_fG&c{
zCp|wJ?rZCxB(|TmJg+i*Ux)=mS0&Y{wSMZ12D!V;B||5zMK}j}4s=7=hegZ7^AM;o
zHcIBIo|T3%IwRP?@tsR+QF5pSH;?jvuNimO&V|eLcnEgPIMU#snV=D&Ai3u$5uvQ5
zDx$2-aA&YsekAC2L1XMWkKNA4p?5iy`-_$a!~;DTl+uz%SWC@nT<ZU~8qdlYh6?7X
zGnp^_WVc_hJ9OXXU69XwB9~r_tSYA_uxpDnSyb^8yY{0BKhaxxuwq`%GnRe(21#rb
z+|jcSRfot@-C?f@H!0@$o(z?ee>hLzEVT@w^Lqq7(|*PzN&gsu4trVfsA>}E)*uQM
z7Z-0re9;9RSsC%`-K;-c(Z&{)`x61bWD%~-vrhL`=k$<z^KLn?$LgO4iEZ_C<$w=#
zu0XJC9?i~u5D|{kdjYYjUmNuItTL{a#o1!j$=l0kd6F$;$3K6eNW9qDsQ!709hhp3
zs$)IS6U(GvUPd)Kq{g<{l$yCeG%FLTFP1mN(m48ZJk+*USR=YAIqgQTJM+&kSPbNR
zsTsJCOzy;1Z7&8@`jwrE%lA|Zr;_>9$9x%Mm`Jo)>}o;8Rt6h5rR1CY>7f>fc^q#~
z&xy05W(DF!_|Q`z&Y{{sW=TkKx&}%T`YTuU1oj5fV#Nz_LEL7EkAbI<(NuEoV%;!I
zdKDVm#;NTzzjX^6@k;1Y8h9hP)phP3k2QyHLI-tkLG=&DmLYsr$Qts`^c7qCM$_gA
zXYWWb!tPNlW9M%yW-~2f$tyGdJliQc6vpHESt6-5H!tq$l=*zm5dEsCsQ3!r;pFDt
z&@lC#b71nSQy)8soc1@DlM`~Szy;3wrIWl}?F$-X(j9&I5ZAmD7+Vg~TDu6*C{G|6
z)$-JnhxEyn_DV$yQwZ3U1FKCNzbS2y-0XZSx{<&4k>-NGHbwd%O&$eLzx$5!RCgX%
zB$pQ(8xguQaZ&T#Z6u}lTba@zRDn>N#0b7oG7ZibF!|SXr%{?6*8D$O!v|Xi(AFh2
z^Ta>m|K8U4-@l&0l;kM?*=Bj{;R*U*CVl;{f2{K$>QP2eCGXupXz`3Eyx;sz{T;!h
zb@N>of``ZA=GphnGbJZ+YB4NP>UaI$dr?`R(I+M{4_!T$w{ai*Srra%PMgxs&%q9@
z|EEo#|Kai?_u^xV!<x6`wxy<z_g4QHF|?TSnbT(fvQn&PVTxRwDJxD*<L3edFdS(q
z<tshNL!{Q}2nN2CjN?HOLpJDv1`j_=jYlZh)Vq_v`LjeT3>@lfzMH}L%QGLM7XHe|
z=J@hgefk<6MzmsrKg8JKZ!rjc?{zEDoI47=bl&k01Vk;?(E2;uaDfEP(GvyLcp<&0
z5oi!A($l|@CD<G~@-415<xa)U<PJ?|9ZtT5LKz82DhYR&op&QDmx`mDVdGXpVP{EK
zDtH)!<J!$qnH)MutNf@lAkv*uweDN~hybm()KIav^`J2`zqJ>)`_%u_zS!1mctRn%
z%KsWNL>xCidyoAwLh5Hy@Flmx{nL$S#`eltZibTo*Sism8{zaq(<%K~+r}e2?N%*p
zL#?QS4_?cAR{hUS^28ms6X}M*w<q#0O^Fq;32o<9f48dzX2uW_d?uvtj%m^bx2kPK
z(zR*cxOF*mecR+yDBYeRV0DQP$QB{Kg?op<&`0j(-GH@RL$z+#M}1Y_yG<@m?9sQ5
z)*nSbeiEV_eyg3QgPIk!?=XMs=u&q7Qki&7{8$~4_*jO@j@n`fPo<PGWwMRLOdUr*
zUj{Y(8=T2WlCvf=D~3l9cbW|-EuQ0My2cP0&pPchkC%8yhQK!pCiA2<{g2TK+A_<u
z(bc-6rQd|!4|b8CkvA_6F;}=@v1*C^l;gczwCKtq8rDN2fZPwx&pjQmEY1JQxK$X*
zp*~Nki-ZCph-z@{*U}_*e2i#llV<02_r&ffadN;x$NyxcMHOaoCE4hyl~Z*i&!DqN
z9`A|*C}e)d_FD0i-d<Q@NIB>1{IzWVKIh1Mhr52YyK+uIwd`|GX}lU;A)rIgC?(kp
zY7i2VKzIrVBFaP7HbWcM7KQXnp7*PPK1OR|BF4@PXEnYM)3Kj%;w0Hli&^cqxoD`T
zeMc>b5ygi6NSVhrpYtU+K%Kyi%<0#9m6%Fly$?k{cQ5pg4}$R*Fas1F9?k<;LAjnR
zH^8{D3=dKU@>s~WxGj-Tl1TH%>sut@V^OHJ;Y?R~_;{p!02Ls$D&GC59=HY^{My;h
zoS<~v`UHrN={hOV&&k60!V0+iZaeI?vhZn564CC*Oz|jh_?n>3Yn1%K?@-SfmWJt*
zYNDAA;(3AIPfNeii=L4civD6R#lpAyHDEe$WHX)LNMEnPdfBGc0$S%g)3yRJ2_d~g
z6r7nCwm*;;X#o{_g<}^RL`H|}He=r&t)Y)5A;BqaXtws-1(+F1W+W%PypHuJL4KH!
zNw8F1^xk}2FJdQBz1B8bO(7QDQtdBYn@r7c(g_^Lh*u;(GE{^PlD=Wuir+>HVi?{4
zet)xmRhr)S@^9F4)zTIRt-rJsX4QW)c|AB9+#Ndt@#_B&nV9^&%N;v=j&7U-2NPHu
z3lT8eT`V&KK3K5Z+gy!e@%W8hp(}EIx{s<lBSx13B4?MqOr)i_90nF@r2IxL)%;86
z6z9_!wjP(G*)PReYAmSMu?NmfTXg$6zci_tjR}$ZhS`>uVluhRMBp+#(Fys2Z)u**
zUa8?|$f1)SH#chZZG9cfMg2x$EC^b79atL;h@}}Zv@E_{nqW(rm*mvM)4H5x^#nR!
zEwznhph$97c0h(K`poCc=<1jSRBt!nI1}Yv0=SlR6I%Hyi+mPYUY^c(dw0)Tk~-OS
zTQ)mbvKRCFpQo40DGa!zCnUJwVR~C7frwk`Tmm4@Vku6{7<60dAmVeR&WPiq4#;Q6
zZ3?ArE_tWYNc2A~*}0rA4td5NIVx(72^ALG=+g$0MNC<2I(+ZI%LZJ?mj8eSHhl^*
zl58!o3j<<mV*q14fH(cV*bZV13f2HBrUqO04yVUobZuR4pOaggPZRkxqHr6v4Qr20
zQc8<X`%9TEU!ZTEt$?N#>m76C`j!&RI(!14V9tMdDHm(|phsNWyOik(CS_lHwtJWB
zHB51U3Im9r`2O!$sUh5X_QsN<fT0ITI*WSU-$H3i<l_-(#t{0jZlj5jYrT*{exlX|
z*}ndSX>!nye*!*_gp698NUCzjjb~~DUOKF5xbCM5(JeGT533ip>q3*wnBQQr4xPC6
z&&z{UyXTZ_$eTl^&P|ft<hMhJuzy%p`OAqw#Zi553(n*vd%ADr-J@WrB_JbNtmfrC
zeriahN6xo$$mzmd`mAed_TS7D7U(kngWo!^`nbj~tgqvvl2!Zt6=Vg$aNy{2ogaGL
zuv(=q>c1AK#r=B)AOb5H=dYgTT29gQdEopof+M4EnnrE?fR}IT`?hBgLX}3EV=~92
z<UC;8r+l5BTcJC=hWY^?ob|}2JhyOOg@uSNEd{g!m~#<PiZp(Ju7DDf*X9WYYl~1h
zkLfBx0$y9w7u6U*_K2m1H@FyN#nry@+bG<B5Gl{;Y~@ykc2Bal9Lh){0Xe()#<)!6
z6yRx2LoV$Bp(ZE-4Y-zP|D(MXiOE`|q$Dt_=iw9bvq;8qWKnVc(~mau5;Ta*=Tbcb
zzS3EizSHkO1*WxApn5EdEyW|%Ijfi!kSxR(ZnbGDE;Q8|`eI6}&#yKkmrE%Wturom
zQrEIEc-0!9mTLZT+7=GQBJ<UvOOZYOF|Wtkggoo!0`jqV98P)g0e^W%p<!ec2{b$O
z7fgs^;aTQdve;=#4;bUf9GomI)ejOe?)+$Q#|tt3vCE-PmAFf}k%?DWl-*VTdsXpE
zX;<09!O~I4PoNG^Sl%wWi?%6hZy;3B5sG9eZ&yyyB*&Rl(ax44^mCMc2`avsasxr-
z96ZDWvfG5(3aUctTKAPdUPx;AIWt~vwF|UJuba4E9zn_{EA_I7V)%$tx=3UyJiHH>
zC?zX_VW#ke)Dadsp>)KysCrR95E*{=OT%AEKW*kDVKR5F9$Zlh?#Mq~@A185wA}AO
zM)t}#YT~3D;ElTiaA6*L;tt2J@8P_eL9l@=*)he}Lr;Hu2x01~E3GZ8kOFZjl}qN=
ztl?pJJY3(dyr1rFoYtW;>HqLy(ieb9=4iE|fT_^ct81U^M1l!DNj+$9zej=@l86IW
zkOX=ctS}0EfsvGKRd@A-iHvk8J-C3uCs<RO-hyRd>c}n_fLGCQ6_gA|&MP}`kHo?j
zRh>S?r=WZ=KUXr!MA`Wq`$qY}dadlE+Yd>z19A8vErkmEBdx`mKYGmt&WA(Qk!|@_
zhN6f=hO1(Ts$UpTC|BPRNOm1aI?@;oM!gb!JQs9N=be=id;j}Ou6(A~hP9Wn@wz!c
zTqDodklvUrCn5qZx%PPXcnA+i_4}1uw(n0*8X6{*?wX`pB4r5)#IZ%UtK01#5oMx}
z9ZKCsUvO{;7>pN37o+HD3gGsR1s=UGB_#f*&R)UW+TnVYp%D>fc}F+7zgizUR9b4k
zhb`nSm4q@^n-x<5Ct-9{m?R`56s|W6e7_MBB1j^^Hx3a>=X$U^<H>HtS!20sqTt}*
z%znumk_JtEqTy5#mawCRSwVKLM~ldz)L?nELly{$h={PJ{I$KWwcRbV$=Z@CFzZ_=
zXf~=XD!qb_Oeib-w-$qdhK8oZi#m!b+$u$8m(qw#^%UR2jBaZAEjGOqKtp2+dOO?R
zVTk)NfmsNaxt5s*z{H4+{+Ti|4rtM9Af<eUq2vjv0K*=lH6y`yCY}nptg%a%qqC&;
zUYb9>78V#xc4@(3=7+d7*y*HIiQwbQe}m#1Jn0&tDoN~$DKyF=E}P`*gOK6rifJ15
zagymXh=xq8a>?NZZY8zVVZ7muPxw=N<&sZkO4lQQ$N(bUD3<v)ONAc~2+RqDh%9!T
z7}9XXB_t>Zxb{hrOIyBJuTzBWN%jBB4iZq0yD5Gw&W7mS@W-oYhqIx-zS7fHC$UVM
zCDvp1{LEmGkl1BW0M-bNrc(9pyN(NNYRb#I{L}|Ym+>~yDvEk3OD>|8#pOuHbf9KY
zar;&A=N)$xa%->{`T@C8OgDc+B0Fed{>&XGW^tuu8?hfU2CmR>G~-&Gm6r*^=4nSn
z{L)VcXz!@-$eT~-b#c{J8!?Q1G@RD#{hc21x0t`g(lsI-{>ZaQj>|Td7Oan#SdT<}
zm;-6J{To-F5M|R^Wt=tw)#8^>Yj=W??>~;d?mq!QQF@7^FKp{@o=GaI6t&mhu*5bS
z#1>dfs;!W8>jmVG@SMS{)><MQH028W^G}e*+YEXts@+oXe}t4-rNe_XPoXgq&9wrO
zj*2cv%<+gBD{DKDX=Kmy81tI3Tcb7PB&RE`u|9hcYP4!nK)II9gOUz&buub#6?X^Q
zL?EoqK38kp&@Hzp33d(#3g^&+B?Z7k8C;#`pzuf`VEZ3^Je&k+b}&DruY4c@vXYT~
zk@~q##s%%Uv4`vJxzn0*BC01MqAS|^w=)jbwC?b1uj|k8hHzW8h&!$jX4KAt;oiX6
zE@op8Jv`kiHy(}`;cS+fyuezBcInKTbl~LS&GO7@>36U$`l?p>+>eEm6A(PS5)jC&
z42l}C5@v?#RaK!es@Iq6Xx~cTi+h&25=Nu^#{t2fx5vFsX8|NI0}|_N-O|}T#|=*S
zc+AeQyfGFI9Z_CrvnK_BwvJiG*lfHf+3WO_UZWSk-)+nVRIi#A+H=HCCHz=75Je!1
z6Jwb}j=N&x1WW<dhaFm{Kwf1iImYaXDaU6GHz&Z95Ln>n&g~iTc}-3xT%PJlBq{uF
zuE}w%=96PKuy=p6x_tM55ZGoVI(Y3k2i6LYhUSW}WO?YzZJ3K9TJ|=+cKO`lyz*|O
z!S{cLau5lE|J$ZT&eOeKKqy&QjdT0$?3bR^`6u=n;pLomdc<*CBWx*&UGAQxcKwvF
zZJ6i*vT)t1py_Q;x?Rvv-n|KKqmJYSB|;<k+cjy|r+eo*1te3i<)<(9f=`=@Juf8W
z)~`cDH%E4EJZl?m7wX4PkAJClmiK)-E^a+PYx%hq*2JJ6?@N1}AMadP-SN2lxwv!-
zml+Ey62%G=#?_AS#)+T|Yf}m<rx`iW!<>*>zqT$Pe_nlt2FRC}=9RN1o=Yo#s|T(I
zV3&kuFkn<Gjx~fR16AhTDk!l<%Z>yz<B+K}+_Ec1;NMkrD9!J{qG%eH9$mtORMe>7
zdcufnE|z<Lfyw{>7TF`9HuhgsK^*evAw(u`Md1YN#N=1%`UR$R#zSrd{{N{4>62Sy
zqA2l@$#d3_g0399zo<+lGnzPB!DsPAVFQVHmH14;vjSGpj)<DFsHlvOs>v6K_3-<T
z_V`<xuicx$H6!pa(JqGci#xC|QtdTK$CofLg$9eGP(cT()*SCbCEd%g=;k6s3G*%a
zSfHH}8|L$vTed+QG7RxvhtmHAc~jRV_^6S2Ze`Ju*`2#G_-5<nMzde?a7$%@4FiUG
zVKlF2n2PSnnoiHd3--G7@tC&y1AhX$vg{SLdO^4Qrv}kVi+P{=W6@*ogrJJE(6shk
z%2(~jP}ts8nQPo(Y01-JT?2u{v78#qp5*~gj)eW45eLoA6y5VX;&C{N%A@e5=JHRr
zH1?WnSd*sgLgX|RJmzX<@8t8Ai54~|IRo3{A#~9j9lvH47qU0xRuAM9ck7CTNaTUC
z&HjwEi=6_W`c+kV2|<ubqWRdR+ayS%%j<1uDgR0D?udCSS2W$yO(=ne58P(vPvA>T
zMFiYK7MI7TYRrDM)R}MZPkHP=_*v;&)guzv@QT*Y;j$!?>hD@NQ70qW<6nG7c^G5@
zMTA)5a}$4Hz~)ZR`)Ct{gGu$-U$y6fZ3%eRKCmjd5=yGwa`s3U;y01aZ^?7$IJw&H
z5n4%WqvUdRvP3J#|FmUNi*y#)Sy^U~jjzJVm4V(4Q<zi%7%uO5-8ZYP0BCB7h`k`&
zu!c`u_T9ct@4V7+$EiXK7Z(G|_#a1=LxN0;udoJm_i)>(V%1KwL_U>4M(D|!@8WHg
z_6+r9aOV^Z;wt!+D*$5eq&Ny756R+N_{D&5lN^_Jeua5w<ftW;MpbFHuunEQ-IX03
zB?00pU~IQVt`W)$_tY2`RRZ)%Ud?hLv-9a%&1r{59}V+5<P(_8IlB>L$Q|cuGGRG|
zpjgUjB)4NfrB|Si+wE^$$*Fp7aHbaGm(U%7W7GLeEye=76P=Tskv)HqtxcEzA0%nu
zf+laR25Dpkh_fEalzUOl(Oo4vhX!B>RJ7AXiP~fqEIE95&Od{^zVrAsdoWkiNr9%d
zt?=0bxF}(AN|^ON%Y+g=_lRUfv^<H_`&(-vc9rSbJ&fD=&c&<M#51DUJ7QJfRU-ZS
zCo46I&7I$j+H=oHFcTPF&8b?~hM9eP?71LbUyMP)ah-cMKWv!CoowT-H8VWe*Ss}A
zVVXKI;*ip(sbI&6inFx7;Ihjg0##8XH*Djd@Db<^5ja@1K#Olb@8?dc12N1m^OB<1
zrls;m%2(8W`TB(g>@VM#iDsQOLK)lPOHU!dH&ei2cWYf47?l!Oiv9ugvloH6ZS(!4
zY(}U^(^t(%hEPhd@hp~W^Q&aIv>V3Uc;RO44E~t`?(_lv6Cy%*Qvv%m5rUYg1Xxzl
zpXMQhs2$^@0UvPQ_W%L^OX0mDwy!L%yAe{{V;Ja@Y+;S_q1EL3E?S-3HP^8|+G}2F
zPkgiKG|~;Yi2=<nOmKwrk;#RpDm%H`(y>3`xiIgO=J7ypm!@P1os99x{J7M|JJBi#
z`NS9%zL{depLlrE-z+P+m3O-g*Yb&4z?N!2^f!#f%O#jxAB>ZWpbE8D_ZHAsEw1i=
zQco`9A02fpi+#azsux<obP^z}G=iK&YD(vSCbV@#;G>MX%}mT}*Vay=fT`t944KA?
zOTj<oM^br6*5b^GWcA$YZXhrTY);a}hkt1Xex2*pxQ?+JLLOU9d@z+=riYm_t;`^w
z)o$7)?pgb;oYEM^=HrhC)BVYLAwRT9%yV_(_32LwZ0~S<u^3ttG#&Tn#&&tTB`e$C
zs~JE4fQX|l0UzpWz<-!iR;6`QZTU!_0GhNf|B0;pG$5!SX+@fuJZ9K{kER5<3%l99
zVU6qWPW)>`APwfqCP*jt$0yKfXCsyaTNoO{ke^nZHxyj%v!Miijws__9#t+{GfF6S
zIvQi$Y&8Gy2i;E2!ORG2^%38=q0znJc!?iTwStm%&ov=wpcc-YwUF+byoyy8UwV|`
za?Y2n29XVJ2Ae{kD6$kHU{|77A2gW8?hsAI!pDMk!5H2rZOgrpvG-WdSL3;$^d8=<
zb@!7YxlOR*_Rw3#ds}LC@b^4o+sFm@UgSu$i~RX$<V{Ey@7;6=8yxwUvmtejnh|Xv
zx=84L@>8*C_x$faNB~JQNUj#yGlCc~nksN6iLJPKaoL2gz~lRLSRK{|rlgK=HO%!=
zj#-mghICBNjS|0gU}h}V*7R=jgAFTSG!ON`n_3@iCsYA!bWT{(uqtOgEP)Lu-7J%3
zwku&z^>n(C^`7U?l$a|b&R%>*fG4qm<k?Ly7O(=2Tm-s7EU1vZ%`7MQV>1$Qux;)(
z6wjpSo*i}m%f}iJmEvh<J!;VB1{`j(bVy~Pg|(l*2Yv-^n%YJ)MIGg@cL{63U`1}C
z<~>%gl?Qn$M(Kox!|6*MV0f4cr(7m7ajA5}eASNi5GYYA)Tc#ZYS?_hbn^?>{q3Xq
zX`jHc0ux~a{fY}RqxX>dHQZhyER4Uw?YHOea5f8K%Lk0xtPfmJOFtI)Sjy1quSonv
zl>_n`R@}!j1{=LH`q{TrqtFtm0>3z<!<J6*9gM`Q1;3Hj5la-dFwh^susTb_&K)KV
z&jtv?N59Gkd?nTnZ~ry)x<s7{YKHNoPpJmzYe!x38R$x3Q84sLHEB%D*Yo6_C8x&>
zd5V4^E)zq48k1gE6a5`9N8|z3EI<XciSJBA9$XE`AqLzQGqhnCgA3mXxR0MLf?KFj
zSPLLUA4QO#nTc=8;$q(Sz^g=^Cnh&MItq|t+i@2nVZIm?f~56rTHK1Mv<%?VqTXM#
z>NeTfWkyYoebl<9N(CkSn%#6UX%LDphlr{uI7OC4*=hnmQ7@{3zyD`k<8sq;KWg_%
z_f;*cUR+vE!D_%`S3s_r91s8c!*~{4FSHx(+WNa4VQ8U{)PK%{_`GF+^lymJ)*H0$
zPWtf9=9iQTd6<NKS&ilmP%l1fg3)VkqP}kneMx812ZyLXE&GUSyXnJc*kB<HA(TdR
zpg>xB)f(4V{Qiz=njNPZM}hQfRKYB$b9RzuyKF1H2x3k+-1MA}^QWh+1Ba)l*_oGU
z6?fS?H0Xk@us2PuY#2Mor+%sMl!)nzFrPQd;;y4k?Z5FJy{OC<=!j<8K$_1?Dj(OK
z|Dq4!?5R3q#6*EIN<Gzq-^g@KQhEOB9+i$Bq}^-SHi1~iT43GnFwM*OiShBW3NpK1
z7N0StM$9YQ@i*t+Il^~#fJU=^%-c0LLZ5AC()b;M*j(1cZu?Co@VroHd>s+MFIsDC
z8M|n6=T5fPJf{Jq^^UhHHkFU+k2g8~JdfdVarIf)<zTTu)>ns!H_$nbT}$L1QL)3_
zzQEsq&p`$p^H=RuC_5X^j(avn{8m}sT=$=xkf3rZgLRsQ&4AC!jAhIN{A9GRuK}U6
za69hm4)iii58CjoEE6f~P9t1FR}Yl}$On26?(hjsxqHN|u^K0|Q#c>?SkPlCS&_XV
zx216K<T}r9Zn89pFq{>UI(W|jwI*<@qTPwaq5O}cOBDjoGukRwtXJF58tf!f1?~ac
zB}HUP(H9le%zF;og!O&+sGTx?$1o2=M=bN$RwRyja*W7JWgOvsRzldJZ^P!=V9T{l
z9q=A`G>0J7Bz9Sjhu-_|plWwLaFnMm&AXV49u061_2++<Y<&3QwZJ>#a5LvEZNQy0
zo~Kg@MV5BUYxJpX$BgcPZL1S<|1qg@HEqDu-+LF@)AxBk`ev|WAh06O`5Jq|&z*DQ
zr2+QBA8;y?-&cw-hp}(ECJ3`h7dm3Xn~gkBB#Cvidfe#%AK1}`{>O0!QMDPlu#IJn
z^p{2>0ltZ10@Dzy`<Va|elP{zc=G;H_UY*)eBi68#*}(B-fm}xP&<&EerDMZ4!3gI
z&a%Qw=!`k;c4a#Kal9SsWg-2uORv{GX@ULa0ycsI#C4>*;+KKmgmD8LfxVkI1}DY`
zLh2Pi?%f503H_v>g|{fI#?rC`T_zcs2gn#baRXU#Al`x+1f(b-Cb*1#;XQRAETig%
zf*pI?ZqI&fX6wqmI%RPxsC2!?Cx^f?Pwgnov?Yk9icu|LqtD_SC#BucAP4t(x1SaA
zt#W8fj}z;jk5#3$iPIyx^j3r&cjoB?HnZCA*3&y_ykGy!l~EO#nB)lcLF-gZsS=9g
z;v1UvZ^#UE*@S@r+{Hx=$?Dg{)oE?n(3ZyBNk0J}S=dLmkhZpg!k7&crU$3Gk&j<s
zvSkz>WGH_)3*^PO%Gu{7bnBHzMDBmjxdRUD(Zd{;qvb^IT~eYucUI${Hy}|iK87R*
zyvoXXVga`38^GY*0q093(ATX!zi4)SvG;w9;&(IgBbA?#K7GXZO-g%dVHkcjRHdC9
zCAE{KN?i`>miC$rE+pnOA}L<?3`m<-3ivjgTRO8EIXnU72o{GsE^v3n8%U+W^E+{!
z?&o`g@P=rN<CqYqQE6llyt#QgeCz!F0@09e*htvzuxIe(*)?JZJ#C>p9SsrL2hv|y
zOqcllB!&Vsf*%9M4c-j+CBHOX%0)=mU)9Mh#d^0CZvC4T<8jPOH7p0|m2D_LRss0M
zm{5Y^E22FGi`}jYpq3Ew_MUcK$vXS_V!n#Ec9c;KdP~D%aD}ltsTM=pSYyEQXp1*i
zZl3wS$z-pfetrL2R8xz(9zE2lpe|ytwl8f`GJ@(zMs?;7w5u*CVo7{KQFHc;fS1@i
zg!huNw*USON+%wfxZo~#ybFD-5PZ7o)8vIwbm(nHIlYxb$Gf9+C{k~rSbD%>V|~a1
zEYYDSj8gG=axC(u#$ToXe>cMGjYk+TB~<al&LsgVCmdgJ?3pF-CDbDF$YhF_iezl*
z0f+!>UDbw&69!c5nTZfll!0viH*G|tq-$b`B@6<cA^qVc^z4?R;}6g<`CYPWb`dnH
z4oa*^y77b&Rhe;1ghtIMave%D&>&k(c2O1@R8un?3dll(=>Pk~6l5Yw_X|ZbA`9Kl
z9W7ErPn&kYo7VI+El$6uW<q?%lm()J+U0DDWVSCNbkaVujJJnJfi*`u*?MFm<Xvat
z*H-Vdv|l&U^M7m@=~iC#kfbbp(`$dS@j1(F9zgd9C@X$mQ92!cnei@2Zwpuwd+fhf
zcd6PRTk~;s6SYi$_|*<ryt?fOM_v-t1NK)<D;fIvy77QYTi?|8vh=VN?K5){Ni$~>
zXJ^oV1`*8siHay_jxf-3h$#uw{$NU=Qn{)rfm>$-t$T<_3oMI&pcamh+MyG+x)Jkb
zzg!!9g!FV8r!DVsRWlqs<Mk_9x<fJ@KVGk7yxb|s5H0@w<J~M1rSn$y4Q%i4&xlua
zeH4(5<0c+K-XX(mZeSclA7%Uc)%V9D$}|yeE=&6_iI4$y`C;}lB(RiJS||p{&BE_p
z{oOdC!!7llS1SqElU~x+ewxF3kk%Od>2g$v)trl^l%yDf(P@*+F>-ZAsC7b>1ty2d
z6viQIw!Hoy*GrWPg^+=fILKPFwxOHXga>WmTO+hzH`Mx4C2~RfK`z9E=y9|14w|Vf
zx6&KZi3&s0L#Fa<Q&{lgpD*Pi2AntBzydujz|=|YMDg7ZH!0>i402(AE)P8^DXF(^
zXjf|=$WPg=ltKY(=|PHGXqPqo!pwF*6D@U-z(nd<9$-em=tD_*Lc(+pTQGns#h+H@
zI5Cw9^woBSi7AIoyujsZmr-l7p(Vy-Y?%g_qbTs*oI-1%<?1R%ox$1GYpBr`w)oe1
zhW0v-BRkQjWv%rV^5c><Koo~8DTkvbAJ>{#BUe#>dwud4b#yhn$EZlJfz63md|k+l
zlHh8#i!Q2LQ`hPA5UFo#v+7+)*>M`>B9*SDt>ur^6ip3l0*r5!$;sTsEc+p4!c}?(
z*QN0S7oQvWuWDQ}Z^V#&ju#?Zq_snr7p4fUR|ADz$C)VC(h)$aI3ASN%Rag|T?XGt
zx5m9@(ws6OgpO>w=;qeCTU|Wnd5qSK^Oaz%yI=>BE*5(Dk8$*fwsLw4_>r%$$zh)z
z$CjIu!*$gnv7F?0C$G>zwkHgJPR^Xlz#Dlg*qjtb0RE4#imubg@ek=UzYfOY#Tw%p
za)xvGPr@PVuK7)Z*3v&ty$nknVn?$WT#!yh8!(>Vd+1qps}SYtR&747(?ea@2*VS3
zxxKbyz$Np0p54(m<99_(cwin76`#XKo587(WFg|y)AdQ-o)*Xb2U5IayK5ldgnsec
z5}S;4Kj*Bo*o%3!vNRc|O|o&@yoZ@<Cw>*CpQE%#%ImgXXxmvjS13YhwZD?Pfd-Lo
z)p6nW9NNk#JH{_OnUZQ(gI1nMxoZ}}G(qp!DFp(*KAe@ZhiGa{NhagoA(xPkg?NbA
z8=_ja4wrX{bn?<UQp4`(0t_m%sOKja4`Qtt-%pDs2iEZ;ciU=0`BnB-#1FrE*L{bM
z4so!9=d;B8U%NwMN;mhpPmiRaTkD!Qn8~qZ&M`C!X4jFKU%!6kc}--e=>#^2%uf4C
z@f}T;ro=G<b2A%*wTccMI8H5L_Z(XCHht$%xc7kUQk)5ot~nu+9Zm>bY2|e9>PpqU
zn1A2z0O?HK+~GC5wU=xp&5|B8vSw<2OCjD=aErGBVIM5~=7bWJu1@*O-hDTY<>g&*
zUW<k}k$1ttu}0uQhNHsQZrs~`&xh^GaGc{;$x>rdIr%X8AM)40bce)*|FQwItQ(1!
z@jQ7@x-#_`^9dYgP*92-r0N>3nz2YqK2LpllBRST(U?;xJ{>rJ#Q#cYI<i`j-u)|^
zAG6yEGO7S%@kDS@12ZUymc3qivYVT`(*4TQ#Z$Fk<9AkIwbAG1sx8f45H*E8O{vHp
zx=;FEfkk4)ym&hFqtlvxwnpotTw0Y%?{iDpuF!kF;g1Yd&Kk%_xOATino0_E?smfI
z>E}B}&9S&=ODf9D6+2=eZ4<vJ49Xl%CTW2T4NSHIsb(FWY*LUJ!ynwLCtZHiU)ogM
z#PO>XZe&~ucYTC+6JnTkFDR!Js@3=(3TM$Q)>*Kdl+72yRNw30T4<;|d44r)xQTuz
zow~qUd;+g;6LwaC(>l~;^=jj6dh0AY;;l<Up(oFW7_v)UC6_Fm@6=l{;3qT^Jgrc}
zN@q68q$wu&nD}!$9N@?%WR?17EkPx<+3YC7BMR3xe2XWC!brp_Rn_zMjHWV#G~Hbc
zO;Q~DjxaL6;19CUR^&3-z|m^{pC|xnsU50eLl$eq@o^;X(>h@U!jhylh>5x_766)1
z{De2A9(O?7+sLsO4Z@?t&M%P~|1a~RQuc!$oRVs*ah~U&_Y?i;qa77aFH4IczjXgy
zE9*R(Vh9<27W(!l9r5pvms>x-W}YA&se)C6Ycq!iA}2hh_##>8oM;@C)k_<JGsUt^
zUH7x=0!(F;gAxO)yq5$?*un8V^KjFdG&+CEGvARe+m*8jJkNyA!n;i;$9=Ag(0_mN
z{(J;?4TUT2*|Xw4<|4~V&-{+VLZI-`Y~LqOc5_e`U5mfwRK9;6Yb)^mQ}<MDpVgT}
zVh8H(YLIe}^0wi3Dp0eL_mnR>Gc8+EUpnR`5ks(LI0SjEA=7MW7sBJM&LBR#CGVnq
z%wLAf89J@tv7K*G&~RL`+J73G5i^$GKKmK{a|bENqg)rM6aA_gXHz%BMJh$|{tRnC
zj~^Tp9gP7Rxlf|qcixk{MyRs5tMDJw{TrVY);PRP+JR=MNLOD_BH0vY9CXbOJwZ#O
zD!a$-NAQFvtZrP7vL+v@A~IdCvb9TVMUVWhf6+Ium<mgp9OODxyBkSPN~$yZ1M8m3
zp_r)+&N``mYFl~&38AugTJ7jpePrkM-?$3BU+AT$R7X<WTzR=QW3n>fYTWFYcGT50
z{xpsH>r;e4UKMl1ei|<KVJh5yZCsZRqa~JWDh$G#PhGNpKiv5BK6tTV+qI5r8=vU%
z$B!PWU|6qdjLFXhkAxLRNOqxHo9d(>b}*UhG3WW0)H$g@ON$B;#QeM;uRI(aR+N_e
z_h5#Zsc7yVHb~7j)%9JR3(u}aA`{W_xEE|h<-1CjY9cT;9f$3r1mhw8*H`+HP`>#6
zJoXW<JsIc`ZX-A!6%u;WD+tdVrWd2Mdz#jQ+q>3}t)zq-9)o)H+{rS&LR2fa2jPy~
zOw+JI%S^wB!1*jJVj^5&rUy)|lfsNGe*3Y%u+WdNL^*#us<IhRSQ@ili8U_Bhkfit
z9(O6lISi0jX{W=TCoyp^UBvFNxFi*zJ`=6wCkO!u_q=(};~H~WzLb$hPj27i{6Ng`
zIQN)Z)e{G>cE$az%?u?OL?iz`$BDK`m(h%j35tR0`mN<RC+IO**V-??sL3*cD!*DM
zgBY4b1%Ivmrt-^KONo6qX?^gN53~#VC_&)kT=&U?=O)~y!&l;UMeJQA7H1ONbo4Vd
z7m&6t_4TuO_9_dw0*0&cMw|iSP9RM{ZZb?qLJiCSyjuO9nyz|O14b>#{}PVe42Nw9
z)O;s)d(sA_U7BAWNlHyc69<y_8RT}~*2Mz0-9Nb@e0NRR@EhE6o--!=NR>G>yQ+DC
zQk0{rWi|AE!ZH{@OB)Q44+a=T)S00p=X)h0|0IFtSY7X<GoXMG7fqT!Ji92KIrHWA
zpW(lFS(uNpIt%b8XdPV^ki;MqK6X)oo=kTnIXlLX8w5b@@@5j8q%tvp8#PCqR8>-O
zX71Jje-zQi`6uDCv9%q=Lo0xV5M5sF6&KeIVpEpFsZ0bl*9Q447<BOX0<=eviUV}H
z5&d%lk-%xVV2kAKG&>`%du$EGFui^=DNe*$|A&W)(dM82R>Dy*#$C&qTn#1Lr1*nh
zzluqmX7VgfdjZmZ*_REZ=?bG;KQT;CoDV&YhUgU=6W6EAO_7Id?tJC+NMUV7Drk?D
z;}pGc_vf-&KfEo55LT!Ct>M4vs0wB->mFlV>^nX1ztAhu=s4xRmGmj(h1v#}{%zlT
zrsB}=36%|G+l{;Wgc2`NBWD@Y4L24QkzJk>+>J5;rkmDSh;gDvByRAhuesUmkA0l~
z%?=z`r;}&5y-#cLYRo(!Ymk%{WX<?h!uE@y^mQdu`U5?4i2Dg!o&qA{5#f8;rq<#D
z>40KMAEjhgCHfblnf5~I##xlw^#{E_DPaJF&KPts?Z&}yxb+hx4lr29E*iM~*U5&f
z5ccjr%tQldn2prban2o*R;FJzn<wUvOiGcI5DQ5P9IG}7q&Q70^~a}PLm2u8E`Rms
zuQ9V=V8FVm{KqtIG^T9&d;d*hY_K4b_Dj;PlOZMZ8cXBd8V@11-^AB78N8;3;?h8R
zA)LTbH@Ldu9tK~oo$>b)dkZ^BJIaL`JhlRcCl|&tu-^UmR#U6dS8CwTwab#D-9Bd-
z1%<i}v$1Wt+0C|8$}wnQx3ltNjlb@U@4yxh{MZJU^s>avnBZ>Axdb-uR;!=p=KQK!
z>hqczK_5(4&U7YD4GxgO4RR+&&f&a6R*;P;_kfI9A;(zH>1eYU+Uv^?p@NULO#-~}
zU01P!H-?;w6fgwN<_WzxGD3w9yz`yV5&LR-UL{_OQt-JOdCk_$K%W@{f9UM2_YCV~
z@J#gN3`?aC3jq&Z6(4$E%va?`EZ6sP8rc%Ea?AI7-WK@N$3O3kPmq&-_~o@x@C=Ox
z9H0WKM&Fj`ha034)rf4y;4ThB_VN6f_7J1ViSMqrngZaQgXtf6+wQySpzrw@ykPb$
zy2iVOX!eIoa(a+RtxesEmM#r|5hg~N$b((zfO^VuEYpZHie*)9_dSlmZSu)%rb=?S
zEt1`{GJ|YptnaNQ+ejoH!iPV6F13*ah}~ltoWYDbrIQCf7{>l_rd@xPQXjr48`<%t
zKpttp&c7?aBIq2PArC)8zQ7J<acQdr6m2}~{797_@JO-vD#|-}q4ik@vCWzG`j5`8
zmqU!B1@&Vz2Y-8!?fqyYbZf)<wQxqk<2NY><#_G6C$8d=;0YW~bA63M+490IpONZq
z)Qp|hkdOAQp=`1WsQx!o3KjNcO^u-kh??HBcs@zf-gtAGc44h;P<zPVWM4dT4@Z&I
zl|e~_8cb}Exp<2-fiCs4-QLh`MsHWHvGf?b_UNzPVq@d%%|=W18|@56eqN>hlQ1o_
zTF-m1XQ;<z@Cuemr#dt<GNtNVj?=XLr~L+Xs)LRlTZTbNUr>vDgwuFu1>-$wOL|kt
zHJ>}V!MKerwsy9T$3Rn~ybNqKQ}efKC5EN)7z2%a6_WYl>#Ai8tQTz-Hv=T=$|+6S
z)AI_W@Czh1Z4geNS6%H3FK4{3)E06G(64hn-u_z<^~|$naRy_ghy8a<V<9dIveH0r
z_VxKlL$EJQx9()Epm5hPzO$Z6F4>~;HAfYkBdVQoggRP2UBI_`#8j6y10H~)+|3z;
zX2gx&z*sneYsXJ_6GD;>7Iex?F>igy>xD&I(htgJQOV#%7To;6Lu5O?`GmLH?Do+L
z-y8T#2h3LE?>NS{mIC0pB0M`@F>&rfK>2Nt);4}_%<Ed$Z$H#mkC7U@ti(7W>2>nt
z4iqZ}g{by1qf!M7c;*Zao#%hTV&GQ1sUqQ}>}_81;DGXHfhG8tn8=zCAps(?=c{Qt
zku(93r;aF8wI`g+`z>x&QGSViP|4@&48Rz-IiP(2{Ol=+?v4;<Sd$}i)_b_9Lmy@i
zMi&u21lC9uZsG?Ruj;h_aYcU7rxe~l?uCRgEhP5<-8}gO#Dplnd2C;&Z<0w#mi!(5
z5*o0c?(8FGG|mzr`k)o5YOJGqpfFYOTaLMt;#~r@if;7UbMB9i^PB8h@eRBlVcM8g
zIsOAEXI9D6>@-VA@V&;dbluw);X{|WqA{S@&Ue1bXwlrXGqbu{ZKr&EsfX?(qv^uq
zKsmg4^a+e~WV9;Lw9+e=-jq1Q2jrBORLyWp6Rsh?9pg*cy)W9JX<p^)b93kj5HC5r
zOBKJ}lg$37aH8ycP7Ls8E)&IK3=-12JAdSxTt}%BWK3(T?1TH<X)48lpjQ!VAe}{y
z{csIN#7L|3uRub=VtF4CvAD2D(pQ<_*S#x(rayfxMGs7F#r1__m{G@cZ1~ylz0-3N
zN4{rX?lK-E+da=1Tksm=-g`EYJcjWN54Qah#N?+rc%tXr469Ka@ck+z_D%vc<h4b#
z8D2JOVy#4*%;oqST5IgvrTWgFQkCA>2n7mz00qrT1_-0}2gnx9GtT@*k8b2YM`p|g
zaHR6H&M>1eiv8DZ)QkI*UXO@?=+vR8<lC7al#g64U-kdHpMN`%W;E4G3GV;3Df$2A
z<>5|Ot}<uH8(c1S|9OvCv2XF?x0Ai*`VSi{Ob0LM-VCk7^Q12^e_p-*qyQ<zoTiTM
zFEu^h=zeYWz?fxB-QU4H#0lYsoYNeA_#Gf=GGjhQn%arOecQ#{^K`f-j%fv8{xU^%
zeHy=O+f)5Eq}jluO0-9sqNuTKiiy+w``BN%UB-X%Yo!R@Io5gripxWz#%R*WUz1YN
zwJ)cpA_A!!BXZI<o*z)kmHw8g7iD7?@%JEC;GW*&$^sA9DKC7I?-JDs(uBy%jJcjV
zwMWV4UW{dc^2N0=5oKljYGuN7$q)m`K4H_}>UoZSNNd5iV%J;v=e1v3%G)CJAcLTB
zf#@Oj`EJy>J<GSsMz}&0@s0%HBYf+9bn{=Iw<A<@Rrpc`W}<rzf(m~~WOo&D_0!-X
zgOPE$6=}fyZw*`nf^_)JI~r)~e{R$(>IJ^?v(<AI&exinBb{CjOul_hci6qy{|U*p
zn)(q7!2O)+@S<&rD1{T^O6xbr2rXw_7BOZk#o><i`w9Xgs|{&x4A&|EZ7;rWI7Otv
z&1CV{Xx6I@giJP%n`P(ffToYM#mG7Ku;U`1rN<%v*kF_4{D^-bD_fi~^0#s(TJ?2y
z<TdCWiCbjTbv)!k_FDBEy9%T~cnI=~N1HKtSm7<+T5K&Qd48=R@t9xne8WT;uk}%E
z!-UtX=b}fPVSZ{tct3V@Q<_y<>HhOU{m()cC(@pr*A+en@1Uzz&*JnR&Va!0I4_}_
zuyiKF6?X%DEXxx$OXBAaFB=3Frs~RN=QeBMDy<Rz;GgjV$2JR9+&y{7H`X@4baYm^
ztL(w-h{1h+_IRWw=vem<8DRcjDN$<hSR06YG4=C)tB;Jvc?gHq;*VB|QiZe@c%GLg
zl&kOS&+z+hrOmFTy~d06fR#RP{!GrhH7hTsDhk_q7wDNeOvam?6rA%73t5lc-3M-g
zy6p>^`@P<7VUea2A7Wo-SlIF9IrXfA|L{L$5(i}1v{r;=67-xUBWd`$8k)&O@trXQ
z_TmRbM!NBH&A__(NYEUY9kq<%=IPICu)<O3V<GZFmqr28tF~%120Tr_6(@J6j)VaL
zr_9n%-aD!W)>u>r{lHWRj(rM!Fu(mPhs7|B`k+ocz|V+9XMX~lxRyRX<_ul62_lg)
z3HG~-z@rmEL^=E}(-@qZ{)vS!3E-n;n+>^FCG%7C8izgMQ4<Vktf3z8w#%3fAmj43
z)Z6t{Fc)B`i^u4c-)7WRDJnk@JSce}G%&hHC}u9PujdmAa@(uNZ}Bm+4x{0XMMNg*
zyd>U3Z903&>ZP4@@2#skWyU@U8Qc+VClm<yAvmuvE(ZEJe?(^es?^k#z?Z`F6#?cc
z(YlFgiG2lcsbrwHb67K0Az+VjwxHU|Ta`Zc<*FpN@3Os%8EjRIQLvX&U>b|i+9QpW
zUFF`OhQa;0NR-O9kyn8qchDK1M2TMrq*Q}2pUJK|j5v?2@Vlf3Ror>e+O9s%6Qh!#
z#Hdu&LO5;<2o)l>#O;*)5MN89v*Si0gaa&h1-?`PNwa<|61I(RVRTNOZzmpaa##((
zw3Y+Q-PDd&0znwsn%q0*p9V~}`JKz>_p>affoO#~KX601M2q;hVwMM-;W9u7mCC6i
zhFYR_E~*Ll_;r2g_k~wL!=9`Caj)#}2vg-f3E~3Z*okM1j2}f7yS0PKGEYhe-5u@7
z?(E!96_@(58@ST^l{O>y`8JzB6!O0lllg+R<aLH0N12gTe=c<_5URj>$WHLyI-dIz
z0Njc@Wd_(W+*!iJ%0OZ0o=b#S9}%C_^vy(TG0g#Q69e%2#9%(YlOFhuCf~?jM7D}u
zr_erPpGBF1`hH1fAuh_@O}CVNr_r!BOG{vzfZ>}jW-8>9%nzgcRPpDhgwYcvG=38K
z=dxYytUhxFH{<)D3ApMN8M1VJTA7~5LeH#f;J);ATCTdzLI*N-JZ%nMsO*~+p?Myr
zz$24t&;``tI|)QLEKxqm*0wW{#1Heca7WaMXfV3)w%|!!{3tX0EfP0tY4aVKJ|9{v
zszl$n5HpkyfnU+Zl0#r<@Tc`*aB%g+t!VI7#nt1*aU`ilx4&PBd+jA410XAxCVY!V
z@Zy^XuWUK`P<(PA;5=Y*qJ5{5ki~%Lk~o4clfpJmxc)}8`*?6$l7}^Y@+Mma$hiHh
z*8h)!!-n<Fgd~eRCqs2}_-qt*dVIbK=4{AhM#gsdgG%v$!OLnHcfK(*cle(o`zcft
z)YE5AZ)dMzXVvk#{9((mm2hwlMG0u7;gq`q{+(wE(RmUa0YmW_u(%&=$?B`C+Ssr_
zS5jwfKfRn%hgs!8s$PSt_#G@|y{a3VKP_OByIEyB`}Y|frDqhj+|X^DDq0W*EUPds
zBVqKpbXobFJ4cs3ZPoT1y}gO9Lwh6VesNQFVdHK=s>LY)XXDOoWNyTn6}jiLm7zi#
ze0<FrIo_hnL^JSEb4b8)eDD-V=JlIwguz6NNbYyT{&8}0<AYyiH1SU&kDWw~)};O`
zeYrnMyLVpob6@t;6kLs(Ew5KZ*!9x+mg-s#hQBF~+GqY|p>)T5W|*@>mf?Al84N@n
z30F_&J;oV#Kt&o_jlO<1Szyf$AjfOh{jf>G1`5)~6<`tzVvGv`?UZ|AaV~#hBUt`*
zaxVO8?cSS@K+QhaRh|>>&&ZUX;4IgP7SsCvpcT1&jba`6mgOx?NiIw%4VKGnit*|<
z8!3B4$^mB4U{)1b_!}U5G9H*mrmj+<iS4(lK;txyrcDQ1dyH~j{bMC@9k|nyKrG{H
zMJxHYJ^;9prX$<?SH^drbsm8b&^7J5FrgA-@|E7Kpn6MDurJ0+a;Bm*0#`!sCD&r|
z)TczGFqZootnzk~04ePH2fCONK=HJZe^jl1mzgdsNd#JUN$&lACULNHKP5lylNKrC
zz*{~(q2pJ^pCin$WGyLx8?xtbJMM~hH{Ob^7>#AtbJnBw-2t<ttD{pM>;f@sym^qW
zj0ymaSrjQ%i@h6$+6j^#=lw>?aLt9VnRv-3oz_b^acMf4&wB|fz%Sg3F+;$o;rJMZ
zkh1|&CIqvZA=PW&hZu$^)P3Imj7}zC=NBKGoW_!%=22oBEvRX#iI!TD(-w*3%uv+v
z8%k#nz}2k`%c9LZCY@Ll`H*n%<J**mi-X7Xm=SrsI%lkQhe7-UL-nSOLV0L12-QH&
zGZN-Gg>aX~P3pfE8k^z^m=)qSkQU_Hd_7o2F3ip9-ekC1nYbIIPi0vnLR{b3s*|N?
z0ddX-amVQjXW`t|CPH68wd<$xBC_q{U0M7K)wqpQu(*iFUXIHQTB$4l8)<JD6j#u-
zi$d@Omk`|DWpE4b?hu>-26qeY?l!o)TkzmI=s<!dKp;2-*KjBAdvBepd;XmIPXE|d
zv-j@R-OIXn&+7FcP-@#dc|L>kSs%`#iCT4+Ty1sa@%*oS@N%v|pW`jQ_#FJeSre5h
z4KFUR3a0xWk*w~{3K$SguwZLWqt6ZWrM%Pep=aT>1JTch20t3MAjh#c=}EYndtFeK
z=1Vv|sff9D=&rn1iz@}zCv@QGY0fLxsU2XV?(@0vAZ_}3kV?d3+9N~j5HYPZ)BoZK
zSrDm}GG6h$V@N=$(^b_$f{K{RPj<%KKP^WXgze<Vf<L*8zO7ao_PhTa73J)u(raP3
zVzGZHOMMYr0we&;Wo6#yX2^cn^pCm;em=rOFk}L@+BnAHA%{Gq<G=sG2<%bOYBjym
zKVLH@(f3t)wwHA3IDQ`<4d~LJ>EQ5AB<uu8Ef;{p;5F;VqVg*qb~e5zrD?IP-pYmk
zNV(bUl%=xYx-pr|F2$w&E|aX@`bKRohMa!LWeCHissu<IU5u#uI@9>$7u@NuX8eL~
zW(=bnd5l<C!U@;vt_E~KEhcLB7s-#_<Ye?sVcX&Cmi2U31(;d9LyKG7`7KArQKV(3
z(K5_52EAfM`$g=k*hTLir9eQwg2_N;_;F!1f0s|aCDnq_OZZP3>cjzfO>wk-eFKm3
zZuJx|1$eGQ5|JpV<wJVoTGh0+q$xJJ<?6%Fws?gDI1~W94PqRUMt_jWtxD;y*BIA>
zQuV6{`!Qv&g1>-0dE1SL=bEOKaw84$zlqsS2fHs)>CvUB-vtNRL&Cuf8$zY4E!W{t
zRu4WQ15hN={#*Yd3%kRSJRE3dC2)a{9iW#{3|xl)`WcW`fj?FW3?09OvLfx&w5?gh
z(T78O>3BVy_`>hAsva0*Anf*n=PWpWXkAUr7m5#6T_ONIJ5Ynb6T!nt)LcXG`;{wn
z%5+?ac1cyvL~HTZrPqLQ`nr_7VW+{bb8db!6>3{fF2L2%LDmov#YfAAxUavL$`(nx
z9>Cz2l52^Jp$`HuS62;lb>m6k7<QkzLQ_7Fswi?jWo>oWdRemWnck2`))w(6L63X1
z;p6(eVT5;L+##U>wuy=ur3K)ph&SncGH7XKz)g5K{|*In5fGnVwaPu;mf;6HU5i05
zb!K(y4#tE6HbaKOijN@3sbKFGnQ2>I2J*S34QIgt4ZzydaO1{MCe?V*zJICFx>!}U
z`m@Q1!jl5kyL%?|c~>e*TvR|<^?NCe*}S@939z}y$vBGc?uNcEsRf;n7Kz$w{1E=`
z15TYn>aW}7-)G+fy@)_SW<wK?us?(QRE^GT0rW^d=6<gg!*@mxi6uZD#mn)1U{ACu
zJ4|Z4O^7{kxS+&x;A$e5-?ZqF-&o~-;J}>NaoNl{Gl(7sATKb*e`p4<HvM}n{}Xq|
z%~6P+4Idkn)-icIn^p=N_t$IpLj18(pnr#ic+nPGUAypA<$FX^P@h<54lk!~r`gu}
zZ=N((lLD}H2p%J7A8&6yoO`b(Sg-8;8edM8fgKczp6STP(w}*{)u1=@)_gH7OEbss
z*Q=vO0!`4*-=rLb=pB@w)UiP?T^X^>73ONGRS6|ARR+k>o|VKDbZvEM&a3yFwQ4Vk
zR+;^c0Oe*>vJA?>bU8@~41aDo3`IK0U+DAi%0+y@Q|Gmz9<J(#`z4xk%XlELz-`LI
zXwuq_imb=Rs{Q14nb;Rlfe29QZWG09uRaIE!0-%$M9PIZBjF7t%-?{{#srWz)mvLK
ztu%)5wi<8|rZ7Rbqmi-mKk0-x5hi!iiuRq9JVrF7qySU^cVF@sf_wTE4Uyxm;iY1|
zP}F4n_Dd)!NLzy^7x*YeI%4RP*CfaCLpn`2$iT3ychsP7JUIVxm+5c7H{9<@gY=!_
zT0GV6KJfM>_*%;H5M{Mwg^PS*3a?6)8bN&D2eY_^x~f&#A9Ltt@Ih1_+M$SA<Y<6#
zEq9O3b@!O46>=OLr?W)HNN_1iWyWPJyZ0QSWK8)sF;U^`MgjZjE?_Qz&|TE@WXR>0
z)%r{0gg>xzxXVAIN^sbn7x2}!O645+y&8l8Pj#}=xEp~WYYX=@8~Eb`>RYCGC5S3R
zmtkSkFM*JD*;9fO5aaCWP**^B|A*W^+x7$3BhGcH4FYClWfCnuz97Dg9Z3&9B&hQI
z-`kXGrxF=>6^9SzB<xo*8V3Zu?{rdYj0?c8bs8F1jc0v`0nYlC1vdE$y=<{~nIdrR
zUxMtGz9hgVYdME~QQPs&Mf!tuMgm8Yqpr<9j)FY%Z|cF=x~*Pe;27|ap^-h9UdX2r
zQ}hOMLIa@j<))TWnlcddI5X|YL<?*N;UwDZDfudcFh?x!Yxb_u)1-;t1q-po4BQ&%
zfOYp;|He4dxU1*x^9m&KgX;`T@4a+}?=sUztRiA<zYOJsCIVc~7Tz`N<rWxrK4_fd
zAu@}Im6Ay*nYfNC=59#|XM#DnB-L(BWO!7t^r|tNCiHCFt77b#;?*FmVCOG(gFRLV
zDpvLT2Deid-(twuY(9kbJDh)dE;n2lC5RYf#AWeRjRiM<>+2*R9J7Q6;E_IN8&j(E
zdJpP)wY}|?+|bi^)$Thf{!{>#N{9v9d}$0U=wAjmPM-E(nw-z$b&MP8&x0VL3GWoA
zKphr+O5FFF8)Usq7DSDwe?}W^qC2!I>>pkT05sfcnJC?PyM#aV`7o4`C%CwFE&D``
z{o5P^jD*a7WW6_{Qh|6hsS#I_db*^~*fV6W$yW(xg5Q0UEvg4&BmC-YDVLIf2$$lD
zF*-sKx4hvC$|&$ILRIg4;3KfMw<u_mgrZ4*4e)27fvnXW%T-=}SNq98{<@p)FluIt
zFOyxUwPR+>z4f32_I3MuA$mE`q!NuABFY9w54;Cea9m<xSD_krcX_-rRB%rcGjMIF
znZ}|sgrb`Y+?e?jG1)|%9}r8zv0i!ci4^y_amxTLed*pnS=mw~t5WDu0db{V5#noq
zrSdq7sL1D-nQDD)XkdYw=T2+18+zs3y{5JE(0J?+(TIQ((^aIulSaygUsUpjo74Kw
zH&Gq3D}q$wDSGGHgoJ=HKRcB#gfDYYNFU!7m*Rp{Id4+bTSJYI_kTzdu&cVq1~p&(
zl8^GA??g5w^Je!hK8eJcO{Xp7fmcgX@%O?t>sr#(=OV-P`F3c$Y)JjB{Ij&Xb)U9f
z+u5uAA(~%x&r6^C7g1=%tEu}ZCgScvxf4`KZwl%-v_Hdz_5|)6F82sxNx1(9siK(V
zw(P1z8-@iWu&mNX?#vcH?9F|bKg|8W$KTFGfnDF!T3!s%EF`;z#<A!=c(_m;>~*Ym
zN0-E;=A$zRT(wwM=GT(pcy)Eqw4-=HPAV1U3w$v=r0@_L%{-nL2x2vP>N|B5(j*g}
zYq6_{ws;GE>NsU+W1m)?s}E6OK8@wST1YFTME{O@2g^yaD`omZPil{%S9JR3fuAr$
z9N7EtqUTe9SM9kn5|I=)`)6Ye8YWo5&L5n}v=f(9yBnwi?4sU9o_9A!Mqjr5y(xGj
zY;oXNCe2n{`e8(&#4EHqJ{(N&{CUI7+TTzWTq;9AES>m{g(YgwSjl=%k(K~COzE8-
za20WqA}Ul{0pmTiq@4)_l!|dxXH{hCN08CX_Py1}hPxK%NnJ!-c~d>LEv}nEe(dkx
zk)MgCt!_BYyHA_q7i_|mewxr`;!kG{k?sERW9dUsm#hPSUj4#QS{60A&4<WDj@_Xt
znZ@x*@OJ?*(Q1;`)hY0waXG$OEw<Cu$uDZcu^;m&2eoBk$eJ4N2B?77+@i?Kq>0->
zh<fYm#T7-B&0@3a+gGIMZ*L=1hq~hpwCN0<gF<vkI$lh-s{}v7JoN`Oz&S3|_}DuX
zcjw;bNKGmS|1Uxl<(i9*iVWz%#4G0c%aUX0!z(;fr_uN;0UCfo{zBN_yK#{dKhpJ?
zbrNHu=X)`x4tCjrnKz2w$Ks!iIw%Y8u>G)hY+VmdM15T80;1G4ZP%`MG3H+RBhY{U
zn!H38WT-r?+GjQ$ZCNbn&?xxUxSyC+73A2z>f`g8vTI{vLK^=H@z@!^AT+8x(?T5|
zy}N3v0v5sQ)Wi+MG=^4hcdQF43GecF=*=Y?m}_rwPLm)V7&Z0^;Qz2b4U8pF9R5ui
zMQ8<NYN#z;I!7!TtpbkRK5_RIBo^YrO(Z)p9A5kj^ITVe<t%^&aC)U;{wJ<8zijwl
zxaa@n<4WMRII^?d;QS?Y<LOmTjH0e{3{5i!P}n2%Gw|lL`F1!Vv$ys1OD{<wD{0aL
zr;kcK!1CNMsFb<nKA*Q|xdHLeiOo|>X~{{;Qmd+?9P1;tk{xq|CXV*!kx-dxjgRUd
zV`5`D@YDHIs~8#IuE;}+?&IlW$K*JPcTr3!pd5dZ=x1lnRn;nOyw4RQ99AC!Y|kzC
zX9R8bXU_||cv|Zc+>F9-PC{iO@|U+JCF<*ZQKF24OZT-=0fe&{_Zr3;fRmw=*ReMd
zH&TkZ!uOU779D>(iMeSQwrxt~*prpvK<{c_?QdD6{aLm4c5Hm%9#|7{g{cVr1`qAp
zu-S%5n?Hy0D}Hq3ozP93`Q$Q*Or`G4KwJfDh7{He??5I8`6W8Dfi%C)76-;X{1YX+
zkYtWZp%z0p_1@B$ym^k+RSr$jJ`P&A=>+1D)cWwpV(0RJz{oGGdDU(YNaPY?N(Qq@
z;NU9VS7nCoGM(sL%c-X0VWB%^uGm#LN8Yb1a4v){TnuqwjVnw{K{z=`b(0qAf=b&i
z1s=VejLe{`miwO`q%EhMz}4MLtG(T=U($ge|LoWm@b3~+RU{FE_yU`iFZxA~+GCox
z!GIeP6s~4hiccT>KSR+A%bDb(Ux@S;mnCOXUqNHh!tH!|Xs#MFB;^t$7)=1U4WwtU
z)m`6e6a`X%uz&!Fy!g*8W%ZXHF_k0}Ve8&3LBQ2thiPrDi*{_CSOa#U`EHwa<OSSJ
zZSFlkXI_m~%_Tl_H_7LD2FzQz(Gy;%h{mtNn^$$7&zYIvt4eEQ1)09Un<OMM$N<er
zf?-ht@^|83O2Rz*AeEmk(377(s~%pt`&Afc%r$tVDxfo?2u8iBS&%<G_htMwRR#~E
zeCF2BJcqZ1;Z-?dT0D|JU)2@pxIyHj>7Th>S;*70|4YR8*O*om`45JXt895FQ|Wpp
z0?6?D^U$n|t&CJw-o223N}ZjF<uKl|l-~=95OKFq1C7CP4>1Wv>ENe{XA{Pa29CSe
z(!|0(B{KeLTviZ}n~f`u<Xc@mN*egxC;MlQQAosY-x`DP3{u4mELQbWQtBJnGY8Fq
zIsFX-#NPI^Md&Hvdiahr-jS7iJIY0g6oiEx-<n_Xg%zaR;26w3*7_-dKLXO$3(~m-
z`+3Y?Vh_d7(LzU&FL5<m(N3yT<w=aZ>baXcTE(d{8`CshmEP)(6AQ>CRDl>cUnz60
z3mb7W+_gTuF*6P>Ou3mHOJw+U`e|+5n5-o#m@ihA<;K?5n1u(&j3pi9r^(0BW`o~s
zZz8w521EYZSV!8d4o3(=<ucRUp!5t@oBskT|4v5^Ct4Pt$nKV_ydZNkf&10)KwVrO
zQl_5vCyW)<1b|_q5|v(z>&66a*_h6fS{c%C*R1-u+Du0n8|#L?3V+Jwn>|pkGbbd(
zRx?XiFbsjb1UCM-gJTylg3}1l$P;%8atK7^YCR*%bi^)EZqv40(R^l=h0rd&cN1qH
zxNTRJBP?LL`z-=700(<<Rm2xW^LfeOhfee0->YJ=Z#X?gD61c2NqR>&qN`n$%*DJd
z@?eZGX|q6Qk}9YdIH8)Rug<uf%_-UW>Qt=WF-lYDtKv*K?C-q_&3g@1HjshNkbZ2*
zP$^$jMa!EWc5bV-{t&3QOfH*YN6K;sw@;Cv6ZITxw3FrjizcAIvdE4F^H&0;cv|;(
z&0O-<{?Ual@Qm8?uTXks(03YJqhhG$b|<b+YrxpKd?57OK8fQy_8sO7xX(Nz-}x;A
zcOT#DDDREFn?D(qozv#x{EBy9Gh+KlUS(kaoY0<38Ln)LNqZAToRh53Y?K)$<ppEs
zlt%X|2s{%Q2Oi$asbEO`6+<-o<xQ{(2K&n93EPlanw&m}eJsh3ZXh=easyU)`%f=p
zatd*g<-d6(2u>G9I{eOg$N$aUS`v@xY4aurZNr@1SP06IiIx?Q1KlRpm%#(b)gAD0
zY3Iy4nO|T=-V;c`lE36p65j^!?b^TxM=3bTbfs^as6id<hOOjaM-aK^<!h>Mm2krn
zc|zE(lB7R{YD)scPDv(K;KY@Too2-XB;L<0Z`a448LG6MP~9%SQG}lxHZSZ~DTtbL
z*sD#|<O!JYsn~KhE&?)h{Ov3U+E#K3eAq{`T@lkk5GAz=`K-?7e3RWehi5^WWzors
z5>*#o3dB^lk5$uByOcS~X*kU&o*mp`>I>xXHnK5qKcX0mY<BtGH~fxp^Bm?03Am*V
z^$dD=nMYW|f9&KOGZR(^J0;%KKioEsN+e-p`Ev^ec?BF7uo#V6H`79AtPJff6F=$s
z4pT|Fsnv4Y7pr>Pe7Cti^)9|}sz4v}yW7wfRA36St9Ua|({Pf+tVliZoxTo#CoItQ
z!st<KE{@&MBY{!aSo$iiXy(?lOgT4ppoT@SmzB2jai%H2(Y^9D@LI}K<MqQl;^&Hr
zmC<jJo+3)M<t|sa)fb>8L3c-oRU8fvIaA4#>H@c@@oJ*wz;?Gf!Xt|A67Yjuw+zH2
z@-<UULQwOM0{6rce_OqK=yUvyg0<26*&rqPiJcsw-i(D$ylY>yciECTN`cVF7O56&
zA1#X_J$o$;IKtqI%Wv#;#?A0*5lJP~lkOyO74hH3bT{+`O^Lpp#>M>b4_-+r-Qt_m
zp)LaEGW)Va3m|wuY2-KowQFR_rf^=v)1EatrBsK;9r!CPq@*o4iQu#yk4>3OV@9;K
z0%R}xZjPf{uc=^<(CtZAkR&uw^zKjsMfCd;DyoOg7H&oG-4osAlt7~zhQ#eDhAA$D
zBfHrrCMz7AqYOv(iUJP!3zw#<%DC5LE2~``<s3tmnEZ!NOE$B-#4aysTK#8Wo)X(6
zM+e%LyHRg#nY-@74wJ4&i=CNY0;Z<JP;6Dg+D!fTaBFnhd(nIQ0t$z}+y|{ZIK|Zk
z;NI}uZvFx%A)AVX6ctx}j2#F*v@X2FIuBBn^IR%OX(}j<Me7ibu{jnR^+M;@itw!L
zh8^J!0^YiS5|2;xsQ62PI>#42Bfp`gvd61qNX47NJ381kYpHbBi5#DO1u?DOumQ0a
zH57jsjpFG@t(;<f3{0Zd$)wZ*iER>U^?F7vI#k*%Yo%%M*c)JCuA<68NDsEz%RQ-l
zDpX84?QJ`~i61qwirE(7=q>}5xA^VDL52_<N5M;mAC0j2EKR|8WHh#!ON?~ksDV7b
zGN}rY5<A%`oQY=oa`anu0VhpJ)@Tz364$31Hn}3kud$K&e1Ncmi+u44=^vz5NcL)p
z@L8p}U;7Mq-6k%@B{_dq5DR?@q`==_``$t$4PvT(U}Cfnd0^mmRWId}iREt9e1k^y
z*Nv&*K`<e&zzRBZvJH(lWVXvV+kw`#7F`$=?W;(&@v&1zQTNdyttzJcWb&0M2y3ZN
zuhA)r&48~AOICUMg~nY8^rJ9OqD`~ttkdYR-Q0#omI9GC2a9V>awPQ3HLmigHVbw*
zhd=6RV7;$l1us&J1_)9cl+Al!xZ*S&KOa%GW(oIQLzTHPW-GAb^hoIY+H^D8FWz5&
z<PBV<K|rcNmuUdRUh&|5R|%kgh*0LVH8eYQn~DWOl?kz%nHL{xHLbq{y1i+O+*4-!
zES?w}l*t=Xhnm{obNFZlt*g}*!HUS?qZPIU6;$`z*R>L2@Vw%y@ixlZGB8G!fx}?l
zEH;ER9@XVPx=<ihH&wm*h+q37g`C?^>8y>}U}XX$N<EwoDdcSXK{0Boa+v^RoQ})U
zO9^RVUf$BxdfJ%7wUUS2S6yfOX6vpd(N+R`th)@>Fb&XPI`ARYNKaq?3v~#gOB|R+
zs#}!UqJnoiP!SalCklRyGwf@1&Lpn@Ax^J`5{h2<^w7a}b(+Og5i2)6UdXNhzy?m&
zLlY#+Dm8`8{PtR>WUgjVSsFr@t#q?`?Clz5LBAZxIMWt#GE;3J=lPc7wEh+~Gl)~M
zI8-}4LQ{jD03{@lUNHG9)O^btN=jww0_w=NXRMr^cNUY))!}$%hEs*0>Y{CGzo&TQ
zYYen?rWX?*!VT8uDL~e}jWr}4BUhjwbuw_uZ<Ep;(%?a{pblF;tjcjh&u632)Nudh
zQ<XD`Sfm7^cTD2ii)0$E5|j#|soY1c1cK$1rm%Nx46b7^335iRKN^f;z5V$eabI28
zQiz2JAeR^h?o$v)`x)gz3>x#PUZ73}PtF;u?n6n5hyYsDq&wX239OVML8%{v>FR@{
z=LKVdXxwGM@?6vVQKgB_Ja9FB*h25e?%`?-IS9HRG`Z=sq#=mDMH<|?{By03pFs7H
z2ip7jlRMQskr+8_y2PlEWICDvzU4~RJ1AX?kJHrVRwj~#e0&4j==55ctS0J6;bsf7
zo&)IBA52U8(6T_E&uS$@RS>SQwL7mBU^+AiRdz;5Z}WN)>l?GxRRlHI$t-**YlLk^
ze+<mbQNX1Ae&lkVC<3a`FBE$deZOTtC*E{0WCdkSSoWW|uTrA`M44#koZPNJaLWut
zmPPYUydh8ARM2?)TX}A#VMEwrfNw~n6=T?Ue3nC7KS(}$kr&GP8rqZcuGBhrIJ+g{
z310jRPZ^?2AH2$ezc0rrlQXBtjaPQZV;!mCp8OR@orgsz7+gF9QVNwRBoPJQ@G9$`
z(lCnvk+#!*J!zU(sK`QDEAaRix9przQ%9b|avXWv*^mHfg$R4W-q}JkJv61j_!z0<
z+Yf#2f%>x%ADDRU$mBmlHizFcbj&0EMOC7-Hlr=nx{~27EKt;LcCYUC@4S)6ObgB2
z`<cAy0-Y&h@XEwh>YRTjSB22k$6jHZXPbB>K6J-D$*y3m&x$v|GzJQ{JVL=O$GoWx
z!OM<lha1ewb{d2Kl~Ru$2Sz}014WvK4#ukXMe#9NqVlx`4tfqBUJd)9BUjOUFYY{+
zevElc*Ba42c{kj)4V|HPILxupMxw%V%6~5-otdX;V_}dgofP{^OWi%WP$5xh5!b;p
zTa=~($Vt&QW?geMsi6u{hj4B+*f)|D=7AwXJFUwpPR>hJ0hfr<ccQ~pU82AOX!IIx
z8>eh;7=|yck$Ezkwa>Jh%Y>`|XuoQhnEIMXKhsTcM@<&e%^yvn+cy&TMx*sdTtj>b
zUY|~MEZz5@w|{PeDuDD_2>9U{rL~5GW!&LI9E!Z3EZ>)vTvXKSXIQYnj75U76#Y_(
z^8^;?#svEZAOJV;jHYbm2(uFCs!p(;H4hrZyui!cy{satwf+cE&ZULM`$bJ2T#M(y
zt#UJ^OlkUpnL)Bh4$@plr_4wIlm{ZM?<NSHRj`!;Oq4Kd!HCBz=WQf<cW;kL_p*X+
z*_jPA%*X?KW>`Gjf|?#$_iPIvRVGw}Wm|~A`cTqQ<ummpPG|O9kE*_95%xdKo{#BM
zqh;vM|KE%zD)}r))^moWTeJFw%w7;+IX%hW$wpr4A8^8ZePXF67RzL$-$vuK&Uda;
zj7WwBaL<A3|Cn{U*@2Z7^xWj~Wclva9FHl(h+wN(AXdyPn>!wifXF>XIe-}YWM0X7
z)Dd~94UL}=eceKeTfW`ai3g8Xs<Hau3uh4vdmSOEK%Q{hW->?>(@@8_90dTD_O<?n
z(Suf{GZ`F3Z?8}9w`OndmauGGK*)E|mPww^;d4KjsstzIqA^Fk$;e35MYN)Py+@#|
z9p1L}>y}^Q1rH0oj9L0}^T6gO4C@8G5{yGisu07|M3jhEpjPGjdd9gdSMM-ho87?7
zlZrkxKDFV~a|gDM*mX_UzAsjh;Dj7*J$cs`{2psT0V^6(08hGc^dHMLPpXPtw&z|X
z4W0_fBHv`E%!{7e&vJ|}1FW&`aU5>~$MqE$K>OT>r2^PLDwn9@;VNkEY|z&1!AxN-
z6WMSfdE65mAAbgZ*>Gr5jtrwJLJuX?B-c~f{=*SpqVubj*uYg{ly_fUD|hit1IFYE
zLHuiWzkgTZHfU{xcmq|x6nR6Ou1XLwOdGRwpHjS$yP~hLD!X>rh{zY0&(-v&5R(j4
z*(lxA*sMdQxZ}^3b0&7GNlS*8pA9VK=x2KTrp;`f(en$$>~6Up^V$|l_m<{cXAz2^
zpEGThVjs7N$II25op?B->LN;kk==;M??RTEp5&KGqt({ty%p0*Q$w&{DCcfT_JWUC
zUswcUF{b-#@(zDEcT=?am1dzy>P=r>KYiriI;Ys@hJTc)nahF_wLjiOw5->>G<dDl
zBza;rytSDMH_^^#v@k@)#Mb8*pzy8fR|`aYbB91H=Ynp1hQ2<<y3`$ael|q1RCL-o
zg@rkP+~anc^9X3HqKCp;C~@O5^r$#1!`45}gZ@Ou1*S!^Hs+V^XjHChFUp^d3$7Wf
z7Kpii{zVf-$sotl6125srmA7Y6Q7$u8gm|R<EX&AYFL(Cu*La4L}<mrRGyJ@`bs`w
zWO&MdLm2SoYt_BNgSHZCnbfn9VfEZuLdp-c?B12vj#nw;uQi40qXNIt%)D16FvuJD
zwA*Y9+wCfpJn3Dr-tu-PO|9={|5sxeNC7tSQ&ZaB`*UnZH>kxTFRd8iYrVZp@A`0p
zt+-ih*omD@C#Izo@sO6M-oZ~HzC*uO;`CW4{#tisoj9d^=Xd3|I$9zU$fZw$Sw+~P
zTKq0wY25g{94U3PnX&zq`_8?-yIyL8Q_JR8eZ1pHwTNIr^>_PDi~?`MD{+#?f+X59
zFO97sUNkfQFa_z~^hBFu2ojqA@pifbAhC#IfBGmbw0q9ak|9YW3~**!MTlqcE-n-B
zUQ>3vpXOi*nlxJd;Yi)yR0;|2wf$+Z5!wqDG-ANd9`Jk<jAm(vCjjztnZWq>_Hju}
zLcwr#I5^9jRAfQp>Ws|I^(jWe$e@>*GXzG1)Gata?+@m`Qi?7JQ5AIT4TBY_OzO&2
zrpg3w7g(9l{KfmPo&UUL5Ss_A%;Vb{gq3a6|1Cwp|0MC9<+-w9DQbzpU-CsVvh=T3
z9xX+93-X9DG_XzAk%VX=X<_cvurHJ#+$_|c2H3KZ(c(Q4KU8W2Ndz@?ENp$S7KKp6
zclM)rxS3900lv&CC!f`c-Ldzihu*UP`Rf)*EItyR#^2-3L(>>F!VU6hdbzE{HFf5f
zv*O^CPm{C2;5z<!)X0|1=o(xa3;J=h=-V@Vw7(hm<<aA%T{e)qj~kDK1Cen`a2|Z|
zlsgsa?Fh|e%ow$fB-qxi8{D_H78W~`Tk~{_wYVhzseTWu{$`Y8%Vzl6+)>&g8%4tk
ziMk*P*B~tV>SLu7L2P}_t0*}1tz~ANN)D^It)ztrPPa6)wS~Ev3h0K8+zN;y9B{xa
zXg7cS9`l6{Y@|C*K60Z@&0_DOu`_qcJ<J1!_o8u%jNO59);ZKDmSNSg6z**b$PAY^
z(UlZr=)_=frCD-j*9(^U2=UaZ4)QJrj78d7)Ni5CEwyy>{p<~7LES%#iVb!2w=b;s
z^YKSqKXo%`kQ)(>B9yv~6#${?QLnaYXMDin5kwAK1xv*>=7!mnc6;l>jbrx|QCIuN
zirtY+TR)sZai-p~9!?Bh*9~F^&8*ZdEUx|tACF4S=i_v<Ox(p>dA##Ug(R~HAVfW=
zJ8!u@piujNy+OVWrOZ-Zx%54=r8!6@>!<C)sGCmY=PZlwaGk?f;9h0kH@!8!1Jx2E
z1huIOB=X23tX5lF<x_jeKG<ZKya#Pz-H^u>+jcH{vy;9X#ixnt@vu!PQ$hD?rJJFj
zPGvI@dkVSF8!gIa`jQTy)^ib^%BPmE(D;aYW1LiGE0c1(<TztGtzW<z?za5;j%fGy
z^BYcaZijwoT9TpxW6IrIUvEw%Lp9q>x)rw(c3%|pI1_3>P>Z<Fxj;I8xlJ{52n4Z@
z6=W#0XHDHlZg#+3ongScRm8SmVIb+VCF5;c{zko2;|ne*&Vfn|=jf`;{!lYXKc&>O
zeX;VR>HOC_MO=(XTk{TJg5R%smHNbY@_C43p~Ro>;03Ypx{R)iQ3ULQwq7FoBly=}
zJmJav;q--@9;Gqd#t4~T|Kc~6u@hVsCDCs;Q4HVA1$w;v{mNjZJUhce?&!3`kr-d}
zlZ2mrQkDAQSBlY(Q6lEi>ooCq!#5r`k>iX7RCjNX&i7^|6E!znm$B(ekJ^0{KAY1F
z#m}fNQ(=op43>PWp`=TA8{n?)Qc57f5^Fp+bSCs&nn%mrSYwg<`xfhn>Bo=z^e(Du
zkIZ6kq?q2(wODErWsz%7Gp{)Kj?If&%GO_8Yi7z%7n)Kx9l+puGDMYh&_MKdPdaa_
zkOrvV*Va$sM>>nKZ*?}(Pv+3Q_w<fTzx@PtYDNpfKobx7CXrkDC6m29T1OD1XCFX(
zfrR1LNXrHG77uLoc5K!lF!y1w>Qn?sX0<!iu&Z>ckmM>h$Cxp#Notf~WEp;xsFgrM
zEG-EJNJ?O1OP}$lgbRlTf6#~~lt!cVi5askLBnF^IEv#Cd;B@`+2--?$AHc1C(D+j
z2l4|!o8QlO`OY@8GgMz+3E=^irTZ83d-I?#2Y!1^micc?s(5B@ntDuJ`1wAccn});
z{lH$N*rkKhBwgFssort)3cXU;Yr^3ZIIduh3U~|)tda2cwRIh+*w@(G971Wf2DI%@
zV23#>@qMZ+|DGo4zL1~vtl=wPv`#A{>&lM{`%1eD%f4sYbAe85)RT(+#QejF%lM|y
zR!>@U<7Mo`C?ksD$W5K#8|g>!H?{$~@6`Ge;g#OK@%)2+hzl5`z0zpS-fdvBS=j$0
zrFilE>+mNWS;$1J8W-Dv>g%y*17ZxgJog(IL7gYVevn{_9}K5bP9-U>b15t%-$t{n
zT;7!3HC$^5t)3%<o(o}FT<}s#m{1h~LoP}T_CP__!_-aJtr?S_{ATn!W}YI0OzqyE
zWXnvXp$t@U{#tcdQ)$Q{)7cN95GrnDPP-~eBt(lx&RBc((Nr==H#yctV4K(0uKad$
z<aC|#tIfNP{d<$;WK%OvtG2h2b=8=@)?oERWHenS*{9+Qk$wz5u?<6$D;21N12^AB
zGCV*{r^ZTQBvHRfBL_bOtkgEKbf177XD7CSZU5oB3MAJNnmSj9pajU}$`unW2{T+<
zDo*DV`i{yAQCMpd=SY>jBWX=oie3&^&#b}D7p*<IQ>)gy!$M71EX;>u(R*1E`sH>6
zPFkHJb-QN1r`6&wG^e#t;9B}hhbKaU7c~}#e<++_fg@fvV%TXd61pf4IBwa|QkL~v
z&9i!%=96gZwmNhbUdC|Y$60(g9hJcEm@p3TGaOpeawq1FrO*b=U6ujvOk^Qb`c-sP
zl67QS5FNL;F5%u9nf%AkA72`;D3MW<<xs1-2(^1mk03E_!bEzXb2St0Bh_3sXF<*w
zYPF{ocmz)Jh9Q4X7-t8w0-^EEpAM+pG0ocG?9>j$X1rz?s7-2xX~vNAa%o`G5Ay<J
zm4OmR7fBkNG=$QCjkHhG5(ss8=_BILnbp#CS75M`(ieX=fd_<*Y=v5`QT05GBLn&&
z`m&fYoI(y`wgxOs=qzcWPdInNIJi8#(;t`Xq*62%Li=fKybSF~%x_iMSbF^#-c&{$
zETy*v+lh5@Eh<W@a88oabei}2FQpP~8h@HUq;<spbET<Cve`u!N_iZo-8y33lI?)_
zJBvDf?VbHiV1VjRC+ad1W2T=rqX<*GKY_=-&l9sR(~@5jcPK$lp1$2mZSFM@icVbK
zQ9A8KzyXe`SI@UQ15UZ7!LP8OWT08zFd-S?+VNFZ2tqG1mcC>ycd6iAXn4}~_`yh1
zQzaJ}pwzOuTor=n#^I-<j7|8H$j!4)Y?04Q9Vle!(HacfdOO%2DWUm>a@u#Z(8E){
zU-_X=33PUD0$9{O`jAuARkPl+_H?#hW1YL*9k&DLCLg{~9n(!2`K`C-iz+SBofM^z
zQ@qH#R$Unm<iU{d2frlUO6B7e_GRVjg;*sK6zJ#EtbX>Wa>&#x<0esP4#mZ!h9DGL
zaNl)DwdQ&RAAIag%GDK0U+*BO61EK9u>3GkkbgUTKsXSVHwwk9DOYrAE&`e?_o}}1
z7ybR_i;aLdL4yeWtOHW*7_T_>V!bd9@1GQa19U=1c<IHf=T4W=sHhoCLG-EC`D;~G
z*6B!7wmoz;zeg;Qr6~9|u^iy=z(j+8a410J_33_o4_~q2X+9(qCNlw&ID7xxdzgaA
z<v!UrLO(+{LskEDmi@7LB-`5${GE(iI?U!kmF%qfb65<VwVB+<%(_aZ)VL|slgY8Z
zxJWKsE=9dq67WrW=OkZT-j;F_H_V1y>#J@iwa@JCc$J_rp8fY@IY>)(yu(dkPcw6u
z0ZNi0Y~xjvskB~;lTt=YfXF_Za1@qdEKbh@D^$%uI695FYcv#GT|)<W3V<1k7B&J1
zGuZ~UN{|hJ^|EcbSB(8_kAEZ49raGm1%LqBw_0m`RnY$a(LBy>9j|sFvp(_B!7jfH
zI1>iyb*)O}sBvP36o7a27d;M78@8%)0PmrsW4%0Zy0qyxbWzeD;Q2Jb>`Xs#z+cV_
z^O@0D5tMqn5DPg(E_l}LIb;l@?PkDTp(N#z*QnyR=J?0`$<+L}QDtK$Re~Z<AGleo
zRy(ufPsp<=Wq%H-Fk6HCRgRz!8`HDN_%NP^uqr#ExN6e1>UT@&uvM>~zk{VU3jLt&
z9xMV2Px=duM`>Bryb?uls|4<3_(Q@?h#qC(WScr#XXnqzKSGKJvj{E%!bOIoX^lXb
z1OsKk&M12lkTz6eLNq%5R4M9s{QBRU&CZ$=C_*!u86ysAT3VHYgD~C6{x~^ePERb*
zq*p6m5tBpvUfg&DmZhayFo4Sy^jAl{)kRCQ6$-6@Q-DOAOd>e{x07FnYaX4oc>dGD
z&(ac*erUW*ImmT9xtYgANeNP#A+%aKA!U8wtmW?6M?a6Gcq+C2FdanzZ%M=Ch|(x-
z#viw4ZDw7)2+}3%_@%;PymK>;R<<qzNbD9N#dx~-z?WkMBh#nlckgTC-87cgMIDdX
zUN@bkkWva1sd!<u*TL<f4>V{v*=aQ@0dHb?q6>;Se!0~wLn;LlAHT)ODT0V>HdNs2
z<l5{;7Z&X^^O&}H$uE?s2?Cx7@e=Xe+m<C@qTdJ7L*oOCY_h~mpq$grP*O2lk)NmX
zdFqp_@6VcQWb^k`A^0P~V1!>pZ$P)OJvlBV=8GP2GJqvK50y8lq8d6fC4OChAD`fE
ztp~V^CeyujzbaVH>;0jD{dMJXUJ$5;1PGh;{o#0PXSXt$2!;&kuZ*A!E>e-pilGg}
zs|KV=PM<f`JlXQqJmVCQEhk{Ke%4ep(KKXis@=@1C8x8gGvCfS@0ToIkZdoLj!3gY
zo)-z6cMd9Qo3J)JjEi|MfRGB#$tBWgg(30cboRz+T_N86bt%p0q;Zv`Ghp4^)=3b8
z<bZKT%!u@ZdttJA(*{BeTIeb(-N)HH;rCc9%aeoj4o<3k$0ch#Kij2P7o!dBn2%Wa
z@FF&ECGDR*<duiYTq>7uF1jePpklJ?cfIV$1bt4+6<PVczZc^a(kTW>1?LioG|S;h
zwr^gOn*a`R+{6I!4u#Hf!pz4kX_C<R2ZT-lD~k?pSX}IU+0?;c^oC<Jp4~!!4_XAD
zdwL8qHXa{`aBW}<&7(V2YC5jCw85)Azvt4da5!B67t!k3_*6q;V#t3-%9D^-84C+o
zVlr-%>m`f9W1h4)#B2oVR<3Hf&ru>nNh#;B)mst0#(aYGcFHyFs#X)VmdB#+kgIe*
zLNaB>ZB!v<Wb4S5!!4?HkKFkJ?JrVY0T3^5)r{4bxXq>t8Q6&;UZd?*IyPaa(H-WV
z+<m@yYY!Gx$cLOUex@C&iCI6W!?~C_t9})mee=4PNvDXp7h>8KcRVJ|1`E{y-?@v0
z0uD4@A7c|}k=Doj#@3;9-N)E==O!FSCtxaEx=iNDiH<szzjC3;CBK_9dXDmk^{lH+
z+`1zABq%SQqUwR~yxh`1MF4uD6L)A>_h#H^keL?1!_PwwC=8SS2toZzrt#z-{J%sD
zIpReDRZt?&!8DcR4Jh-ga9U=+(AQ@b(xdDy>KATK2llmQuSN6T7bVRrZ3o23Wboj)
zlVNN3)(PRN*q;wVP9XoN%?<a@FTO9GZ_13CJf`4TTbsqwNr`)oWJYt$+YEkmd+iWJ
z5c&g1rd<{J4s#P`F?W+hgCI@@L|$Kvf25zb0uLB@GO2_(JyH`uNP@J(@`p`oSvCdD
zIA$<zIG~g9@Vxb#k<E~9-Q?nPDCzI2hO%Sy3sgu&!BLspHTRRmSdJNw)o=u1=rkp8
z#QFD>+V1#TE0B|f_kXITGpC&0jbhv-Fh5sW;9nilfK;&2PxLnhyqwAplmXp%q(B`j
zrv}2-3C764F!6mlB%!_k+VTF`MGepsi~!KW4zo6czr=(G+(k0`F}2F<ylV<J5@ESD
zn?G8T{ZmJDY4|XYcs@TSfZ`^Db;u4$VE#H!y@uNdH)pAd`Q^*dtyKF|NFQ;_eNj*E
z_-vMVUGUtL{~E6jJl*(-?~Th|@r-B<ZENjMn$43>MPZE@c;80#es#G0_WgkN?s#+0
zJtf&x6Z=kSk5&j~2-~LkaLk?yV*aB(lS^+ve+}SO0wR!2L1PC$ii=pnxhR7*7?KL(
zE&=THL9!}4Rlp@eym|#E=JI%)FS*)N(D!c-C{OAFEI%Ew$gyuD^wKB%M;ltRduVFF
z%hl(E&{rWOuA+UohlpUX|BrFa#KLX&x%Jty+LhbJKigYZBWrG~;>DhfSGxKgKHZCf
z@wEq@#9X@7s5tMXA-}i7I{ZhzesF`ow!AhxE#@du$_;ZxXwUaYuUm`Idgc&{JC@zu
zzWfO=JEH4zLSyzt(v&saj!9cXwp^0hlH4_5shgU`X==W=-tcI#siY9MR<T3A`@rvL
z*?m#w-z#8GHr8rJ%u#dH!@iG=MH6!Cbjpcyq4Kt+`J&g8n5|WBlqLdV7pLUE;Zlqb
zQ;)%Sf{JSElzn=?8{w~duAP+ImO%51Jv_ZxnzTE=HF=>GcZ(}u6iAm@TXsy9x0m*A
z`^)Lm7(a%3q$v_P;*9>L*6vWR!!@OotL(38#VObppWpdketzHc=nm<oXEyXhZxs*h
z<L143E7p*L2kL2@#S#xLU%gtP%omv=ACi4ucUhG}F^sequ@CZm$E{Xs6m2R?0m|0g
zZQCs=S_<XdG~QTiU8!FBVDk^##Ly=OBq^$UyeSPGzt&1fG)B5zF@NzYB}Q*eWLcY)
z=6FqFb4o#u5if?fqLh4qltX0IYAsDK%P0EsTwHEJu0wkI__boCj_FTyHQ;Y{vl9Q7
zcRVAJh|p&>gfzD&NqAVk5lqc><Ptb^HJnrU4Y7j;67K~Sst6yO?kQ>%RJ2*@A_PXg
zNsQ0S@`+)ol&Bx5F?@e`zZqCgs`D*P(im5nP-|56O#}Wc<32C*MYb6>!CNYOa8Csa
z^v(F&6%3xbNN3m;(n6xNRO0{2^W+%=?FxopvR=jCQk<PUokwxE{t+I3*=Cm|9C*yI
zgi#SjMuy9X4$69RVu8S^M@i-6>Q^>s9c{x`DVgp&ElKw%eyW7Rz??FQXMWfA&v;iK
zr~CQ9fiAW8J2<ZBJ@YlOuq0#>trPoaGArTCTsfvsupHs^$2@Yp|NS<w%<=xc$-V~l
zR1_6~%ka?xszKnIk`K8}|KCQ2T%2!#1kK&TnGf9mC592n?X80TG&9a^RPZL)I^NnT
ziu*jt`b_g1)6E4Ot25(OAW7p?-qQzt-ez_<&Vl9`oa12?nmOw&J`G%ZxFR9Cc1Hv_
z9fg+}^#4D+)kQ&cq4ku`M!Ii6!o9A^BZ;H0?xZs!`KoYXR#gdOqUk~6wIyNBdxG{!
zTTKvdy-f1=3LMQ)Ud5_Ih8KyLF+*u(BrR^4`XQNG3DCAAzGjs!_cX079@{hCBZc1&
z_qpR<UzJEUx6pHxk-OOq_pQ}{FWzT8Qm6)0jc#4=Sw+^C4ULm*!->7luPUF7YM&}$
zOXo?t)#KLO{6$JpTuD?ameReVyNLW*{fjM*#!kK;CgT0Xpsl|~0Dk$TaBRtmspY(D
zBj?E{)@5Z>s_?ou75h&rXzLn~f6tE0K({@gW@u`1uq9Cq=#(M*YiFM&A$shd2^+!`
z=kG~eqD(vzjQIc*Q+sapjDIZ3ScvJ3>UjU`PRQ%Yi;(Ue{)A_PGI-~o>1h9bV7Jk~
z?1T3QO{d|}eELS#RG|!6%t+)1$c>gG$@u@`<An7#K~3G=yf1F^Rtv(v-plDJh`xS{
z<gFyW+}rW%<wW&&Lq~);-k<nu)k)lM9S=iNY$Al>=UjP@#U~LZJh+pce1}@jzooc5
zvO#aH`DTvqSIWTt1CLgjHxmXtRN=|83@xT!3r}_o4onY2R`cscC`XQfFVzN+-gkby
z(*DOMfg4@&Utd600zy-fb8HIaj`4dzD{Dk8_*Uh)k~!WcT|YpeExk*{+bU*}NDzHE
z_To?JTb8`ZC&ye;f#U#Alj{`{1J|R+!$gi0mUW%fRTPpaAsGm8zdbuitj7l=W{c$|
z2Ny%VyTHk@l@e7QMz_A4;e6|{F;nYKKug&0N#F)Dt~UB|_+nao;h|*+Tz`0{r+B{s
zH6C+#ws7Y~XER9B{x^~_6p)E2jw3R`t%Ni6<Z6`AZtoA;!kLCnM>9?yu_(XR9vpJ*
zQ>u#(A!mI0T_lIh3tlOeKggXbt<}XQw24MNzOx$^S#Wt9wA3@z8jc23khU*XgT{DX
zzUYoe+{gp)BvI{rnu_{-Yl)rE_i<tP)$5$)k+l5ZF;Ce*z!<{(Cc??duZ(Z{=nN*<
zpBzlY*&QOaJPQh{B??y1M;!IM1~6Gx4lC4=N6VR@8i4bN@et$X>;KaAkcOn#?MD2x
zTh2{Bv=wvXsn%})scf}h9p(C{!Qf$8gk*)|-+{+>GWd~x`J2Wk0iDVo`ngj8DDVfm
zY8FmbB{*(LrC3=<%euGPw_B<v9vNViv{9^rN>#Ri1CRoa`Urd0?XRbqXzYT)gQ-V^
z@8)i2UAVEs2MEf?Oa3hUK;e(>=?1NUA{9Mb3Do!rKt}mRKr1AVyta`$Fd9|(GXvri
z*|a79`~B?6dhO|IgUVK650sqh)i<dKKjyj?I021Qq>qiuc_76f_8sNNkDx7Dw*Q#S
zUp#1_K9&=c@2i0BmG1YuLFtBbkSHK%XzRDCf$fR_J697uT#yZO$_>SKX-nbhh)Mv!
zJ~F6_tJ0%lInQZoN<JT>8O*Xpi1j-?1e{p~{AUx1YtHjeT?j3wtNo4jd^r%%vhk>o
zX~La{a4<HqVUh63jp4=WIh|>^ylY6^BdEi<A)^fp<IqeV9(TstIXEjX^(bZiE6luk
zg+K#asVM88B%NP6=DKwu^GEi*Lg;jo3zA3(Y{9rCk6eO;Whm3jU+$aY!6|ir^nTC2
zaNDZ_BDk}Ehap@}W#0Dx+$A`Xl9KWV`IY_S6|Ye9i|lZWQ3Y^$b@{U>;MjX%cQ8@L
zv(DC89fA5B19Roul)mi>^UX48s_9r|=uH`nZEvlw9gl_M_;#_5cM5Z_wVNzj<odtC
z98lRd+HKhEj47(bvex*VvY)9b#Eo0;<DIdJsAyLef_37NO(I1hbeM<A6>t=aZXgQ*
zi~M;r>CRriudT(1u%-NYWWe>53@f!DatoFau}-c4Sr$h156)9H&CQ!v94uuv3r~US
z{a$B1qn#@Dym$07=|kL?nPD-OP4I}_Wei}-n>&yyJ>iOxdpDlQCjQinkM)}0__kT-
zTj5O_Dwx54wPH>#%By{7_+-r#lId)&xMn!`OE2p1Ju6X_(zizzwN(pbgz{gXO{nL<
z7Fm{l^-Ak6m~}jW;Q~eZ+tg>XGynsZ%pYy7gQC~5lIZ6?gm;&;PZ2fz{-jlhDXsqm
z{>qXAfXJDB6JKnucyMyuzeq7J`%92B9AJOeP*$xa7m2dLfqqxN5VG>GL$C_}rx)?>
zVF)l-Nf-+9>o-|-o&Rwmxcw>dpQ&)-wH-(Me@sRvf=swghcUW@Q7Grv`uRaHpFAUi
z8kUC){5%|HSP&*YaaagLvWUz?jyYSv%WT(wn*8tOE6NPV&4AL4He8Wtoa(R$@d^^0
zA&<y!>&gO0cDVU$tpRKD^^-~r3H!*zY2(^ebP0Dqa>%X&?Ad!e<Y2~sU}I%Oa3%6Q
zaMCG2xM*q!9JUM?o-&pfK?48(=mk@itDDaaOJzjCru-@U!-0K<kdC`YuAWQpIxX1E
z!aF|5x4mO4_q2T!*kPA7KKwEBXG#~w{H1g!CXa*p;s{CM_o;CQ$@S?b5>)=!*G`||
zXE6k{2*U`&xDCi1!YnL%6pF5&J)dP`t;>x#r>;mq(~kn11>_I<NN`27mgNuo^P7T?
zQZOLgsz3TLV7`DtJ%!Z1TjxXt9ymBpas~)LMgEfq;o%Cv4jHa!Y`3hdr;>c#h%gka
zviqga@ZMWt<@iA_=i0B+uP<-(^wy`#n#({q@kL>AL8et8u`*y?H0Qw{#A94TVg1|H
z|Fh8+S>yA3A8)F~hjr+(6RedYE^=k}<nlvF3bJnFW9naz%u}92FJ~dI(qjvvS*9mt
zE+^B=IgaawtvhWYK`%OM9kq|Gm>ac$+GN1~Es@hSAe@90v~tx?@3RH_C1udtQ_-2u
z-?OB0V{WhmG<8E6s$wqtQu6MH7f%$7kPP$KmpPccil{(~dA369iwV|C3%4%Z>)vOZ
z)Wm|`ZSlPqz+cbPplne+ZT<!~@IFI(;4$$wwO>Go>al=|hvBhd?(y*5P|d|z0U7yX
zuVB1x%79YoWS62EjERsUUT2;)_eCLtoB9^EJ+;2izWHjI?L-xGlN^PHWLX0S_=FmM
zj!rKhQEKNwZj4XHg`m3}&04jalEM04ehVG{2>xZ3TZ4uW!Zd3hJ%d;8T&9q<H1!wd
z`JS;t;!4cfK2ye7|5lEw*l_0Hx5jP0dlVx$6QP+kA@yL#j(}pbV;30Q(mv<5DO%k;
zG8}K*qA^X}U7l?>DQ(&|r?55wASIyvnnSGLmnX?7YH@k%X*2_JIz8{Lkh;zJVqy1J
zTj-+Vi|)51T_V{KuX-;<*sxSec)#V&V4jhqtOV3+#)anGlj)6mbei3?KS7OxzB$+x
z<PEqA_RP34LBRO0OyyldGaGwb@mc?dfUkHJ){R0H7L>0KzB*OwF04;@<h6GW0N;>Z
zhS`Z3ie>NHHl2rZ!SsuFBxs4W{}Q9Ne0|A;!zf5)WAm<^G$Lb#=H>c}&Ex2s(<mEA
zcZ>gdBkaHo7?_}~c(r2Ql0$#RihuyeJGR2R-cr9PCDT^%*sYJe|KfHA^Z0FUy5Czk
z6jDLp_PXOK%(}9!&*IOGOK_gUFceW~m<8KLf_c4%JOr$?BS@=SMzL~-v>&b=UI5pB
zKS}#9ZBcW(|GqOaO6n{ZWc}GMxRD8bsTN-A?uQ9V*+;f2{+}*!9RVS;-`Jm%t4mS*
z4#L#8r2@V=h_=&uIS}1#tS+)C9raje>-NO08MGGc8>n18qS5F*@J}haTW5Eb_xv-y
z1PztecAn3jq~~4Ff5>SZ$Cu8{iL!6B7CMl7(heWwDknY7$r~=$m`-x-FkPM103#i|
z$D@o8lHqWV0n$5Qln4eo+&n43ZiSe&wB~)z=ZCdNp|^wSi-yPEk0Z2RnZTYs-oj1O
z)fY#9u;cuSw*73)F#e$!FoF+e3apU-XQI<(s~?=G2>ca4&o2Hv@cxh4k^gsmm)7=8
zT3r3+xvzTtCvTC>&k80UJpO0N>WOy`=-C&k#C$t@Tl{fd1OqUkJU@N0>%J*7!z`!F
zbrVxAzs#96ZQJFC2CGaxFPGeYxA6a-`1)zFpB)u}`7dYk@<v96S%;TbrnfF{5aT|!
z{gLD?hK978A5C^&HtE{*r!fVXY(A*GDVk*(X?9)=!YP^6&3e!Nw;(W;*l=3UP5XO2
zywEz&zjg+&1bL8o<D-c*Fe)pwfU&_~-3q)Wd_yn_v!VXY4M*Ms20SbWH5hspo#|Si
z@#*_!3#Y@|(md9@YX|~b;sq?hHGrk}0#L~f7f?-KZYj?2rAY1kvyROS3uex_{mft%
zW5$cyhGF}-8E#enTUdDSUJg>7f`{2~TTVs@B+v2d|1DuRJSu@w4e@EJ95c-7ev5<D
NdAj<!taD0e0szINVA22p

literal 0
HcmV?d00001

diff --git a/doc/user/admin_area/settings/img/respond_to_terms.png b/doc/user/admin_area/settings/img/respond_to_terms.png
new file mode 100755
index 0000000000000000000000000000000000000000..d0d086c34984babb77b24ea40f4f45e6181fa9b6
GIT binary patch
literal 205994
zcmbSxbzD@<8}Hd==~_w}7EtMw&ZRq4LK;y?X+)YuX(R-ch6U;FPHB)%0qK%%>Am>A
z@9+M9@Aq>)pL2H4%+t>^b7m$~OG6PKhYAM(0DNU7xo7vc`$w!CEVTQZn5|DG0D!Nw
z)U@UAfBt`<t*s4(LS0>5ouB{V;^I0!Ia%M>xVkt#JiP=;lpC9x&hAh@e*8e)9dU6Q
z6&4om?(FOx9HK5K9oaZWE>Mixr3eH9V%@ZnXC(b??ruKw>(4V2cFsm!y7~EeX=!N#
zL*v`iq0-XQ*&9^XISL3sadOL|?$$*`g)J>Cs&(n*IJq`&Zeu5o7gtse5BIs*{pbzK
zU%Ys6w^TYlKBcOzIy^G^XEx*AyLa35PTZVtFGiCS6BAJfon@=nc6N5R$3I(J+pf>H
zg^|-ozgMfPYJ!7;dU|?ZzBHXZx_n)`R-wt@?d|Q$!annJ+P-6(T_QUc{&+e?IcMpz
zHO=ncVrBh{J&U{RM;9F(9a`lpY4bOIGYj8$ZvFZWx7Ow}rq1Tq4ze;cVY=Rn8Om{S
zaZJI3p^w?r5#<i)4Qu%-!270+zVc6>KAldMes_CPzjt@mmyq|2zWp^N5F>@qeiTtV
z)$U9@7OoNw0JT#a12yq!Y3UM0^F{BqE|z-lo@o{eF`xGZZ7lw%ZK#ot7`WT0j~zH-
zl{Q;!On&N`a>hl<29Ik9Geflkz!>>RnNO#$`pQ(-QmNfKvS}jAlnw56vpt^wO7e8R
zVRd%)iCso^egOp~)#uNjf%G|hDK=jT)-Urn^PPp6?Nd(qgHa|T0!~d<Vbw)5dw}y`
zy=z15YpT?mfyjcUp{*;_OMuoeexoh;CJm4%Sh*SL9_*?TGyJg7*UN_J2z0e@vuXq_
z#2DKlID{hRM{B~Yo>kWW&`Mo?k<c{c!_yG#+FlTu`D0_Ssw`soh*k>)`1PyG$vx3C
z$PV-@&G2<CX}8tkcdq_vWYgjqlvy`0+8fdILYEl`zx(Fa6tLZ=lRah#XV+h@$Z-_}
z%0i^2^#saRA!~UAW24V%o)-_uPe!o<mFOw>6egiRViOYmY895JauN5AByoMF@f?H=
zC8y_q%qebfr6&K<P&>n`;36U113+U?Q<js~cAwpC_y3zF2;^-(c|Q2><NqJb&Uazx
zW>BmT$P<)i&$qRTha6#A@=xe_f<yja2-b!@RF28Y$-x^^N*o6P2!$ie7QHEPkaEmJ
zWv@aH{_Uo-rYx>k6;lSb#nn@SyHR4#6z2U~e);I?7i#{#VK%@2*WkMBJw|;*2OOGm
zhsv$xmZ8E=((lkPSJp9RST|lbW5mQ)$fTew<?|Gri~W=`;l4yr|EM0}<d}EnX)AUW
zd><+Q;b?NScl4ZN_}z5!F_ZjAm{Dz-9(xmQYHRCrVxoH--PjcUoKi|lv4^PNiE3gd
z8ic;6U~|*e+4}Z56$<^^WHCEM9W$@=r#h)rI7alo(OupH_7RG8YgfcSul=SQ1gAZ<
z-y^p7>p6T}YsFSh&t5fxNc)~u8pw=t#OSUP$^C`5@@k)W-FaGrh17-(-eiP<P(6_b
z$*$qcW>=kqgz^BW3>HH`bh^4)VZy4}+mzJosKM)2`wI*m{oF`B+}rBROH;qQ_wf5h
zP?=s%;&C>oGI6i+`V%MjJxMKJW6Or)!pZP#YMrgSe<(qZ8Ge6^wD<*bE-JZ%N3WDI
zC!7A_pj-10{KuJx8Yb+YvldEs9}J_t!Q_xyBUs*;1PAX!|B}aI;NG~6Uo!r)raK(Z
z>8~KtM>$D{iK?7;Mf}s*H^OOGvTwg?8(@8GyhSTrekQ9vCGK5k(~MYbdoUC77YCyr
zcLeo!JsNhYBL}^d#@S3+2`<S(>bYNkKq_M~pnnOqQHNS|b&EE0ZL@E%_*CG#e(uk$
z73ux%;4z)taGcQw`rGK@?PKvR+?!9N+?{>NizQXEHQR>0?naZ6)zO+yuC6T@81Jz{
z=AHEPZl!}wsbCOU>~e1Df1J~D)o@9wO_OA>f0@(tR3-}RFSRAi#1_WsT~V29HWpF1
z;D|^vynpo~Yu``ba_)rEhWc+C1fhjTmt>8Xv@uv7cWZ)ML8p0504GgJz}Hz&RuA(Z
zGHcpoRYh1uBHbh{OlS07?<?m7@z5NN;#TT{Qv)c2xIyQnjX6=Hh6^axZgk=wMAp-S
z){ONidUb=rd{god6&y7z`R}Rw?LD9SH^057*d`dDYNuuAIiHBN5xr}oDIIMv2<g2|
zpc3!<J1oA{a|}02BjR&<Nv&_H3I6HO6y$Xn+~fIIS_g)NKs$ea+f#3hltd#+#+63;
z%A(7cpJ7-Z{$3%CK_+_ToYB7#Hv@8Bv-r%L=Ca(>>AN187k@Qz)O*Tr+@#7=nAAS3
z%>TjlOj4UyppJh1`DR0x00lq<k%r!1ovWDerzwA;f<G8u{c@<@&K~u}T_f;~9f(Cn
z;dy2z{G~L)$eJO^Ly04x8dCSF%#a>ER00LBw{tKkbpQJIy*E2=*ORCHQg~VA1pc$W
zPYSHAK+(y!q`Z6Qt2}s`wp;It=?PV`aVzH54ixW;Ma;v?)}~pllGcnrFDd>sl4c(#
zcYkm_7S%3yxO0j~F_E7o6roSgjS!~s{bt+htA5X-u5k0!P={n_o>>EoWY6IPi5EGw
zO)+o8CBGdOzSe;i;=T=?ndCaJJTEhYRdL3)jKMqxbJB*_`1Ov27S(YTD>pwp^&9BE
zin<4+yU@kt)jozdSe<FT&DVJz>h)U_nmtxmeiw|b_2(a2Eo0Bd63?Ebf<ldEF>6bx
zB(S7!7KF-i^}BrT{s{3dZl8yE4#jr_lvtx_--YIBvwcy?ewHs(^5xdsVBIIK|D9xD
zmC!BGpk7q#`KD=ZZmjiH&ca|4CKYms_pcBad@jm=+Ml%uOFZJ8XRz6zOzw^hh}8=B
zTC^Ty+jpkCqd2j2u&a8ihVWEGg8;zcyRX01JvL3TvTU9c$$V^%^1F=E^}DFHAnSQs
zbE7lBX@6pD+Xb;go5HZld6xf=JPT#I;U;G!%u!D{gtSJfva<ITZ|3}NHiS5JX(CIg
zCz=A+_w!xE9>eDx?Gaz~T^Ros@|cGXDYimY6BP*_y-p$K0S1GtGjE8pzC2c9Wu3H}
zbs0PK_K;m_GIH`t@OTNX0=@O`pg$i<*9&67TeXO0sbVhu7y^xuc`XGRg$61;%+ytp
z<HuqAE;JMJLFocAr)*_aGs?#QoOlslky>dvynH15q;cvlv1n81Ps>TNz8ANcUd6D_
zun5zAwF(h<c@)cQWuCG)9E;#V1-wde7>|0iT#!y*u7w#g<JFdpUaK3r?3-F50vE%^
zfLYEtkQNsFi}QL>!yiw?uhWOSb)Z;Ac>8+nd6*JN9747kq(>Jh?^NZ*vEPix$5jDO
z($f3x@>uYT@rUsP>(2E?T&AJPJ-^w$PNW12LqH*8nhRGo0GLCKd<jo(0*Y|l7-Ea}
zJK4A~kl335&C)&t_?n9P)VcocoJRXZz4i&~&0!*diJU?wI(OWk5htUCpIc{l1Ft8j
z4Q(vxTHA8OeJoG5fjuw}WQZou=-<9H-mK!{b1KczP{eiv)W?yxj*b(d^%9pw)Lt$X
z4E>~s_SFvc_S7bM1K4A%1lEk50^RPV{mWOR{?_?p!1yG_ao&X)9(>YOmIvb{#&(xD
zGVogJosKLf7M0M00cT^RxO3l>Up{`LMiN?;Y9|nPG@m8F{h!(g&eOgN!ncPZ$@&1e
zKfL`6cCO6>!it=oMil0z^8ySDx44pepO8DQ#o*f5AK>Wr;g|#USp9#cZ!%4b;61NH
z<2CgbqDRxx!_E6npe6P7gQ{O_6IuQ^2B;T#M+Y6`tXa)PJu__fvO#4v@1s@Wb^>d(
zr9W8y8J!w<h3GXkm)_6v0+YN?;>HNy&Y9v6jFCt9hX>~8#>KavZ`{$PDZRG$c`@*=
zYKUN@@qL#|ro&-`)}@MRljoWF=?lDq*ngdfBJ?SsBg{Oy92+S%vLetz&O>Hn*$5;C
zYF-vNW9Bv9#s;@}xU@Wh&EC*<3`ESaNxXXa%LP$nUF5EDibnwdG1<PvX7v8%<^Sjn
zH@zE49uD&&L~8}UiNO7FlHgdi`aB=sM&h_=lBI5-Ncpq^zP6w97uX$1Mq=h#mJ$%?
zrdas=p+SbLyL1rs<ZQ|fhk!y#OK!)c+wA=6$^LcTadBgpW;ZG^SUd<BARUNl4)jyz
zZ5)1NWg(Q<Y1gW=8E(3iDu)BxOUsAram$Ac&3Ue5ToM$DbVl1PM#GV6jEZSTfd(Uk
z)n>nFk%a0lt@jFiB1NdM3p)cUgl~P$GyV;d%c=REC?gdoEcC$+OAJwX#?Wt&-I+oj
z86;iH`i`*luA3Ig=lj4f=ri;q512Pf=G21>`?$CIm_sgo`ZH|!>kBS_o`w)wT4bsE
zNsZ%vA&JB{AFLE<K*gFOyvNkJ_n+j6KWLC;#&UD9JU86ID)DBTkRub)kRmcd&-m~w
zr*E+#sqxOxVo}=jOi8nq2F$J5_&_7d6tp^iQ5}5{JKeS>_Q{?ve#^B<kHmyCSqyW_
zh(wqgA}l7xd?n8dT)yA|5?2?EUTAub{>{|;$fb6&ZDfsj(}TvY@c6K^-G}wIGfV=u
z4?J3QMZ@|yU37@!2&Yv=t^nGPtNfxJx5C7+E-@*k9OWYeZa%6-a`0jie4(#6Cm6YY
zeCV&(*5zW3MkArpQ`>+BRWzmp>jfmk7uNpe^?rhO<uZsrU>T_27bgQl`4M%vof1gk
zHL_T1y|@}AM+>`{rfOMSyCeLAIMg(uYh~<?r-k3rZ-aPs-FDn3xXW<nryn0yyW4Xy
zr(P&V5@7tHadhCRtM2tdP^6&+v{v`#1m6Blg(G^ide3j?nlDSR+HkF(Cw%}&Lw;wx
zdH~IV%@n8Kq!xPIri*^Xdyf!)A&z$$>~UGfkJ_B1@AQDjX|@F3bf~o)`RF|_k9iXJ
zqEXjh?5CVYRm!W~)w3N%2l`0g^@%N9an}}_;N6p@5)xVv7RgAnqr2-egJVl0+L|@v
z3x|fW|C!gZ^McpqlZUA7=~qz*EGv@^nhR?p|J|LhLJOn23);;F<hZBHlsqXyE`uq>
zdOGiU-`V_ndyuCiuX$8Vi_}zKdwxlCvhu^K|3rxE(3QUdni)+S=CRecb@57XX?Adw
zmf4^l6B~=L9~4sd!kzN1Lm;XTk^fH}zcV{fld;F^;7MVi{<=UH#Y)sAlcU9$*n>w&
z94HqQ_>e(X=5t0g>t{YL`3x4>iV7mu?<&t!^h4izn;a~=dC{EA_@M4wN*siJMYdY!
z7q7iNCszIbC{gS=nzL(aFiRi8aI~y7U--Ba8~NTCTLV&NfSU(ash=!b7<vc}tN@V-
zW+_6jc)bG6Qb&~^%Bk&{<cz#s#n}4(F$H&7a%l9qPD88DjGo=zyr+%ABVp<jh1pvX
z&@2n+sscnbMFztqOQ41kHZpcd(V3UO;CK+;g~FxY8+M}ex1;<f%=+BX<PqEhk48ny
z2$XTVH12@yEw4*YhYGqnDF;L(4zAR;)!=zzm>D`8@Z#-e?zX3&Fid7Fr-7dziHj~A
z={MH$pZf^as>RmmNsR2qF@aR1dJw=i7L=7M2t9-|uXi||JEQAg&VJa`HG)C1v6n{d
zyYw^WoFB%e5snn|n_|c?-)myn&4+4JWftk|P8=#&l&?z$@SR45^pu_-xr9?Ug2-gp
zXm9KZ7CECv68Wgm`StG1N_t8UN9N8(4D(l^@@;XS+n5^PSg7iz89WE!j>OfB=WzOP
z!&P(C4Wr|(FtpRQaiNx-0d(no0YpZJ6^zOM7{mMs)qZB)o>0bOFOJquoQ0*u)PPrF
zkE!hi7P-W?)@lW@wc5L;*V2ChKI`02g1`*#ZcJ);x+!M@@14;9JGaY?u1Pb!V(0Wr
zC;G_l2Sc{GzCtfH&*YXJsRzhVvE%)Z<CTD&@15J~>}l2nFYGYg0SY^%7evlP{JQ&q
z${-5=$2xbHG^ULk7sakkTB6&e7cU+li=?7^eH{;H9iGq|UC82VozbYb<=o{yhO@*=
z86s{9sbIJz%C7}C4bw$i|J?n=uv+|`D?*Pu(wLI=gB^kKj%{m?{Hy)uYr#}rdfaH^
zf^+;*$>}O@FWtUD4du%wkUz@%BXD+I0X#C{JSU$|)BhVA=H(Z;Pa2~-teq~7YvEsZ
zZ--ORS>hidrLwVPP^?jhPknDn;!5>*gU@mqb~H=;Bp<*qHE-BJ$4ZD2KSi|83KHX5
zipS1B>p)cQSEq((o`vG{ki6YI0{pBl@l?a(?KJUqJM>b}tf{*4i-gA#rEYIP4Q>MJ
zMFvPq<$O!{u2ea2DP#=p5mLLwy|Y#LPbSMskNL~8NBUnAmo|AcNmon1py&0Iv%`|m
z{>-Vs@(?4flIrF3d46@Et0UDVKA&_z<jkY&BU&*2`Ghf=>!s_Lc_0H=$JyHZ%)Ta8
zPb@mMW0#{b3??O%PT+q#W2i$leU=JD{MNQpOF41-6@B~>Oq%?ugH)KCKKl55s+j3K
z^glNRC$iHDn{!B0E>o^J9>t$58=#Tu!D)7Vscr;sSqaw*Wtin}30bt5tPn34Q4`RB
zt0~*1B9nvDI#5F_dY+~(tO;C#HIk}?F!`!;uk7Sl%Up={`)j>Mo1XEb=dT_xuWuTG
zEz_i0opDk+2wbY+|K<*giC}+Dwx<cBJ&_=nvN_VPn*;t60edaQk4-R%c@$qqxUHFr
zu@!sd@JQVZhi2_hRC`V5L15Rku)+a9*Hs8La$Mx6pAtf2Q!c)ZmU8S{&$s7$+c+aX
zBXgZ?ESsgIFDYfA;!j^7R@_%8>=XXWjn)DCr$i9A;tmZ&!Di}VIG77f26x4q2YGxr
zFb*69CrNz=W5xQEU}=rFZY$)yvxtq|r20in&SH-U1GO_ERf25pT$o?htl9o_?w%q?
zmVddX+2Y;S6|r?&sFwzxR`!_r=_7Vmu_GUx%l@xC(RoE|S=~hNwS50D_Xva6Ek8#e
z;k?~XI1InIFObJ1!+y3{1OYpKT8I?~iXAd|!VAQ+l}<3JceqUzO)qg*>zO3HX8S(2
z{lQzVLj?rbE;keTl<1mMBuMc`*XCyvl|`V2rzTHw-aqr*Rmh`3H39Vu<2-~y&KCdI
z&9!ynM~_Pp8?r@ueG$`NmoDWI?zAKEkK5ZjN~;-6K%F=f&>s4wD|%8`L)<5JWF6pK
zgjfNGX!snn9i}sfJ~MTm4}*Cex{30`Nn4GcASKhWM&5|lZcaVl+psX0MolaQ(nGAe
za>4vo3|7w?j}A;E>fSsvM==yJ!|A45ozT|2x$YE0Z)s6JO#kHNi<{yf<ORzLm;5#%
zTSd<EE7Vx%rQH~L%hT`Rt;G-<AgT<!HGqqt@=<!#1Q{ZJ9xt1Ip&3v5`t(fm#?saG
z-Ez2I`o(bg1?RhKDhB5koFOD=<r52rb|c1qGir^s-w2f2P{E^~s3)<gDUTQ%eZE)o
z&Yc~eI~38YZ-A|}I7nMCZu6?F=f^>r<@ns4Qs^!7eBL4;0>y#;k?2d&`1Fd^S~~il
zz*+GNz<(W#A)&8D3V-1sOgA_*1OlzRgP#R6-1JL3ii0Edfbtv2j$asR4I?koa9>pJ
zu97`X7VZLd2ZM*Dm$0!$CK68!59$V&J7$3D&R{mq{RvT|5ip6-R;?5|e!P}%Fcg0c
zyy5K6e2%Tv*HKlXMTCqQO8RhXZ9u*bLbJKm0l&r`{f5!o`cTvx?e(?SMt#V?!w@D-
z7vft|@E?)Zv6MJ0XiX&`-NGR?54^eP`nI%0muKpVRG0_kkK|~fXHsb_#*!`QT9Vv2
zuJ94m;h%4H)=QP`P>Arj2M$e7i8mWuk3-tMVXh+l@?Crdpe~vsZ@HUqaGqUt{$sB4
z!Js!Y{Le=7FCWD_65J7Iwtxqd<Vg1ndTgla>NbX5w4d?^wf{<-!<%5$v|h&)jehDT
zvraGr8zDxzzmtGn%%<76D69(EnhE+4HR5A_`x104XZ_QA@0vIdOaUk!1e7-VHVbQ^
z?+|w$9%l)9nKrW#Xtyt1s3x!OUu^cLuYI2Zx(XfbTc04E(T%E|t}BC@EoZB&RmbDU
zGbPdl^5t=VYo<&UTYHUaCW1Fd(H)yCcB4>#BL1rZwa!aI_NIpT<(HjIM0NE2Mvy#V
z=x@R~!YQc<;PwN5Tdo<{Z4Dk#aX+Fok;6_%yPGaUjf0)xelmts^;e!l+n-OV!;e5M
zwUdP@x?bbtua;R>>zG$q9leQ+hKl-fHOWB*H<rg`rx7npSFEnu2?Nl3Ng%aXXIs1(
zp3dK1ZTv3G)cIc-bUT;xmtmQpJ6WR3b>(Aj3G{vdQxe80xobwiTGc+VAu(9E5R&_T
z6~NJ;_AxWA<-kORdR<%pKxnqS?awiTF>$VzSHBTTFZ(M;g({VtQY1oh+ni<>^YQYA
z=h&AD)}{7Zvz}BWFOoh$UZEa;O5l0f86VN@VG=a`HE}fE{@*FoN^5X4(2cM@3;wbx
zOg9goq(SfN5P(Ne3l&JZ<H_9OF1Ztpl#*l|zq8sS6w%@bmW%HuAid+IVJFm^XPEW%
z%RA8=E$vdxej`9No(gh%ykr8h6*j4p{uSVSBjqq7mTbs;zsNRlLl^DNTsV1vfIMuA
zpiv5h3PUlRpt$-_^lqweE6+#G+OH_{KJ-lO4wYQ;_R<Uda$#`7HexSzP2}T!-M;@?
ztWk+Y@?YE~-K4!4h~QD=&`HvS;esK*A=_ARSq%QujutgYCl#y<h5^q*U8=yN(vjF8
zS{*yd*P_2C*A*VfI0nQH;vl!bt)5V0M~}}%r4zC*N%|5`wg2I8YOKP7cQh8x=e_QD
z6%Uz~49jE*%iOw}e09k55|r~3mWM6fQkRt^B<^vugd_topgA9Y<EeN_G(tcPDh8}d
z02$nXQcrJ}p&_xaPaU~~vqMc1Rf_xr!-AN?1mM05bA^PZrhe}4bo-(txfX?POR%*L
zB9el9_M53py2<GOg&)2zZT)`Nlq9_o{>Vg1<Ta(!R!TBD+)^ICi&kq)kkuvSf<EGd
z0SChw2Y+0Aj<FrQNG=Nhg7LxpO^}7yMwff!>ND3bR7k_hEW1>%%l%*BtYf3y*!tl2
zPMm=G#M}&_5`z(cpdu%O%U)^Tfa?7|**$Lj_MZ}FJ-HFwPZ-#YOEithXD=`ty(2<I
z9>0M<XR7<veI^xN@fH1+0>c0uUWoDskIbtk@D5W_3y@Lhl$?%Ai`s@tlv<V)JO{gq
z9S&0brfC_&T-N9koG~sr`^Nsj&}D=o5`|Z$==Lu|@0(v9eCmbq;^6J_{sp-D$@2y*
z=18DwYtugz;U>!@yflnKktH&Y-3mx4A+o?qKyQG=4A0od?Rl3J#`$L_d+Uz%!pQ<~
zc+!)K6hkkz@TD5mkl@UTSYA$cj9pmgU+1xem8k6{23Q&hdIfK5GYwDjt(z1~ziYKp
zC5CmSm-6t+!>{ac&wpk>t(rGz0H@nz0Lov)%~r;GRINUD%x4z3v!&rr-DkS)U#x0_
z*rgJtM=e#okj{GzPY%O|CN_y<F{D8#>L-&QWHzj<{)>Z|T0GsC*cM+<A%iyF0y3gp
zcls^S_FKetn3ntKRlhaz#IO-YxB*>~R{r=9&(jNqc5t`sEBsN7%O62!di|;q=VTxI
zTi>qsS6cRS$x)3(@ez~;d+)=Iz<L&?D^v^69F(Z$lw`#6KPq0S@{{|WIuf&`IC#5{
zQ6UvSA?mQ~hY$$3p=0zSWKtVoy<q{~MHJ4GD)Aa?mqjolza<OTjM7LOnpNpzV#k@2
z3->EZOQJCfEvvND+!z28QaJvekhSlP?sd)e3^rZ&8>@d|Iv?)hRsRjgSKSUm-c+v^
z;Lqv{2CO0x-rxZHNxv3UvLHOcpv{LIHIE5Up1r47rDlqANQ=mC%M{s2EImFO9M=N}
zNNBZ7I8$0$jbSXyn1ki22RuVp72ed$zae~^Ncq1UuwE1_cq;H|fTPYrBZ)s5MP~o|
zsRAqTi=GdO%M2H*UKIE)SqR=5{R2$6?$yi66WA4LP-W!oQ7OKEg}u3AJStl71;F1c
z4!(k^B^a=-)%`qj13~Z7W~T!7$ZbDV5uLuiH6)dPN-96ilwW2^1`U7bn5ll|d!(o<
z+31}&F<}DqD#Bfu>b?p7LbIav1_B_xMF>OSVXKQ#at%$e@skIaClZWAiQR6JW-ClK
z`5>8ow4`O7G_oGU(g5PS^;IxT8>I#}ZusmpfKNd*KUsp=`L7jwO#8W6Ti|<5YFxpx
z1BR2Q+QlGI$fJiaM(9t)+Q($iej<tHJrmz0pdsbqi=r@^(?g4*QkFGK*-Lbu*gt@|
z`sUvE7WGL_GxG3dJ4WNBUe3+)wvCng*Kk8R5PZIVpvf;qssC!j#G#(QEApQbW*}#F
zgg3#rHk2yxhG>f|Sd|#DHJKcYsRq3v0uw{Vu(moGFx&-|5n5pW1JEgeJwk-QLumL>
zt^2WWqAPUemdL6L4cXkJsF1)g#1<AmL>k?F;~>SET~S&v0{A&n)=IiupFGrI`qY$Z
zjQlSRP}EYS%luN#(|q1IClCm=z?V_-SVBy=;%^Ihn3N!zC~d8hpWDE`Z$4Pb^#i>!
z!h4L*FYN6>qlH=ivSxdpwX1epl>)i2BM#g`#b-l_B^6o&jc-d#&7OVOT#aY07V$M+
zk)u<(xbNscBzw_AiaRcNo4hM|U*qji;=SLUlEybT09*|qn<PkDMkG@x2bX`13c~jR
zP%oiHPYc@0SML)KtitQ}^L>bws5N+EZ_VF%PLa($l0&1ktAd!BZ+q|4p>LGzs5t)Z
zlb_daeA^^<XT7W4;~nG=<d+P#|3)NVu~v*hTAZ#B&jX#USY&tMURF&iSsES4>WGlY
zDi0jvAj9S-2)Pe<tT741gF6<KI25qyh-|@azp(_F6l}=TlOJgh;%~;qTs(eBE?jCD
z_2gJU=)>wS%5;gG8Fc&nmO!|`X@kW<43|+#oPgthDwCfo;otE2KCz~x`Nb4Q$f|d8
zFw6=l(~e})lY;PlmTG3Pta1h54d5YdAOo^>h&u+!JBQkO_v@%G+tTJy_18IO?xt2!
z6+Oa+zJd+XIl4WFWg<6z?R}RZWd&YaP3I$8nSVOcd|e=LSAXJ%{y*O`m2NvTgQO>8
zF5*yDa*o?)0=_Hum2g$iecFUc{n?OooYMv_At6|6<ZZ=N$lPI+NVDH?XHYjG58?1q
z2t4k{V>Oh2vB`r@{^@C8bEUowHP#2myHwnIgiSsx8RiLC@&e@Td^zNQ93ghlabm%w
zkY)XtWT3`e@idrY@KaSG{8^}Ib0e_~mJ_29kb${2@@z&NyH^Lhsn|7u65evHbkP`k
zNDFTQ%Y2a{A%{DZ@d*C-W+3dfWz-$1&L||#1bX;)anQ+Nfxy4e@P=<f4=I3F@Fw67
zuxA5|f@f$eMIrVvkZ_~tGVzXJPOOh58YQ%k<819D{_g&UR4(;QQ|iM@{FKmqyzk7>
zAt&!5G0wJUH_=K#!5C0mq{H)jro3U4s?Xw{eY%|L>c`xuE3}Gm`lom7I4+X=or~m0
zbjTqMY=(C7Mp_>IZWzGaGHk{8{s|o_nYck=Ka&}*GNI@$lEaH$GFPv2<Ct2zxpRVE
zc82tQz1!=vME{-m_Uo(SrOV70<>p;sWbC@)3O}N1D8|r~HLMA;AJ$4^=G7wjFhk@=
zC|)hnB!T0o;6(@;aySOH_@bpDR(c<`G;b?|iDhFABL`l_^-a<Rr(o~z;ON_Q50<BP
z!x08O=JC`#Isccs294yb4B|zD&TcekqcStXVv!~d{WRYmE{v8JFHNsFB8`>{Ozw4o
z!5~*W4l)_FUC<+%ZP3x#SAHt9ld{ynB=t)!j|&$mtZxZ8fbvo-$|vtX;=bfgy7Ccm
zuLfV#-A|)JXpuj_RMr>C@0Fe-ZUEc13{WT2k`by?cIhU;{B#*DX#SIG<I4^MeP02I
zQ}a(r*dMejti|U+6p-N0g*w7(_(Q7>ivO6T=*7{RxoXKp&x~nMn?Kmuj3MCl1E}|9
z!KC6BDSx!M76=v|3<@W|fe%wzwY+dRNc;LFw{g$YY3?CK*U!2t21)w401tNIM3&qt
zi@3vI(AA}s1s+lJg%{R0J0i0}o7{5;9eYO_NBDW$*Za<RI(o+MCUx{~jVF&X6pzZy
z@x((1YIeTy>O8<L$g;bv@oq=QLfWK`G-^p5alpRI5BCy`1RLi7J|2w_qxEZf8x%*4
zrs|4yW2P-81^?l7SL;vNUc*skT`uS&rW}?<Yl(pI)@P@S>s`4=lU44^i1`NO@cEUi
zdPehmY+A2f@-}O!IiZ}E|H&aS*(ht>N%11Z&}s;;9ew1e?n3e!of|TZRtjEGhVKHG
zZo(ta-%~G|V`AOVCxQ51fjW&G4hom*7fbY}*SC+43yeyqOp;K_Xq4E~XfH?kDZ*9D
zjlWzdl#>ORd2+GieTr**oA)9gGwOUmqF8M4x<~UJ=1u2jlfVJ&95wNQV2Qfz+R!hv
zRqd}`?v1mke7nA=5sS|+v-|Vzxy*{?WCpkwmI=m&rJ+wGvihS3&_TuEOeJ7)VfZpB
za+u3+1{5}pS=UndEZ6u4cPSUU-f(cg_vjSK`)M(K3A!cbXG&jvp+zs|zj7g9lLFnj
ztC>!%3F#41Pn=D*bw#lQW?JgWBq`P=9!pwQ1xHfsBMQ9(w+jkO8nz2s;~R3-e-)+p
z8ztD#NGVdiy<Bx-$$fy^J6_{W(h@|2#1VzpqffMASfz--7xEW7$+WfspJhsT<pd~6
z@6x4}Rp+wq;^>uxHoKLJ>7x-lb3e1r!(j<#p@(my8>$caUq0n6aQZ`W?VIGWdB<N%
zDD=Mg@8OZh-M<D`YT^_+mK4m|DC$785h4(K1sp6|SQP@$mio4Yw(E_ChGhXv4rV-B
zS`mQ{HT0(kV`N1gc;ZipYhzb+>tayv^Bl6hl72f{e}ShLoBXH+U+2OQo3jvcLXjb8
zzd*T`to!#Q49T14DjsjJSR{EcE+oW79?;ecssTSu(?i=q-}T|?F1Wo;PJClDumgcI
zgc8^v1R=J<Ab_GyH}{-9#*K8fK<|vsx;8B8-#Wa%qck*G{Zn@Q`44;~vP^DmL^81S
zWTqlfR<OA#nfh|3MhAv_&(YkOpU|#xPvN`3W~KM(L-StQV1%B#szCHhyIwZO88I?(
zH_+OHdnebUpDvpU!*5x{n4J+O#h@OHk!dTe`EB1z*IV=RI*1JBmdE?sswUHQ*$$38
zEsKwx_L<z73$M;%DV56t7Zr?7cGZINBI3S*s;ub;vi~uxvd7!$Y*O#&XWou@UsB6Y
zw~mN{+kPG}IGUQS5wauaK~#GZ@P%YUsSJ#;htN_`54iWH?gdvZeu9MX&7i71*e-qm
zorP#e_F>=i{I~Uqaqp8}S)bHdJmoz7s39e1mqK$k++>&S_jeTNbDpcIl`nirPq^9%
zCJY&RoD{4o_?^ws)RI;bqr|uTF5j?)AjKBh&x_gquI}n3+SaQjpgBeghS(BY)Yd@@
z>v<0gV7o1`$yVP$Ay<$%9exk$ianC5Rxw_5@St?obI5|qiIeVNb<d{uI{wvfpuxx8
zgs?I5HskuDy#KpFg4SdVgQMRq9D**63*MUJa74IOB8+Zb`$i`Sh2fWm2+4BL8WND%
zo=E$`o&pCQ*{|cU=sO_H)$FDxb63Y@KhY2*-gFfS_O|ks%mp0VqX#Hb!tZ0WGcK`K
z=obg_BvI-lw)x47`h3`T$8opWg6*L?1wAZm%hl|_rdO*<Aul)-Dx$$Zz~uuUbh4E=
zZh>zVl&st%zpVIU)lD<Gweq9JbTqjzot-xv-x3eQw{BzFny1Z3f(q`A7rky`=8|UP
z;)7!~6L!+U!D6e}BQ?<Pk)n>49H1);7ror;LmK6D6vm<}Hk1%y;=={!y&&ZDh!DCM
zl<1|>`cV`_t}!l4^vm;87IU0)U`#FL!fMD-bcXuRpMy?n+Sea$VOR#7!^@7sGz2}r
z$E+g2ONaZ8RCc4ju5-&<*<bKUkSb)PRnOf>Vem2f0a>7v7|C6OvGs`=j>Y})ehNVX
zD}k350iR7pt1qLbqc_`*9%5OxXBPx+q0f@Of0|Y}^_a)Nptrj~w`YoXy^>usoA7E?
z4CH*zFL-srx_at<I!#I_99pAAGsjZHwAZ(#|BNQ~R`(suDV_!X5NwXq`2eJU2D|E*
z1|~P8>qx57f9Zi3v7xhssX#DTPMDtgXv+QKp>T=JOl0g){cyAk{X6)upIlrL+U#TF
z=7GY82?g}SO!>3Awu=}3s)&2O9m^Luco+-*a1eNx_479ZwJ(?nsjAZh;~#{5RgB+=
z&>+E`x}eXl*$+XYh41m9qNJ>Re<%vzoqjKXhd5g7iNrhYjTP1K@vN?)*z#;66$Ou-
z#MY6QPvh?w+o&E<J^Q7SvY<z&mA1A16pb1Fm!V@wN+xjWf53;_thsD%_u_jdg7)nA
zqws=W=O^JG=vY<lSA>OVmM#yH0PH|$-pzz5guvbkEN9c!PR=-uKm%R<^fQZ|zoIxS
zdjp^FtE0QD?OV#<ACLlzHdN_i1+FD1a+eKupBrXcL>7LK=JffGtx^gS&`0t1l!a|%
z*GyI)C>RT6w%2|G%5ldJy~;@|jLt7Cp)h{rF*}Hr99-}od*nF@%>8T%AqNuGjESzp
zuZKcKp|_9CN$nrEQ@-I#V0<{H>%*CFr}@}{m`?AjOk%}px%V|us4BisJRtJdxaF}V
zq_D*mj;%zyH&@Y~KPmXy>@OV8AbBdquSj7&1S#qUYmg9buxO#Q&sLf{(ObhH4GwUy
zz*0-@$zmN45hG|2!H*r;OGt0e{Oz{?ic(+i;yWkKFROx0{>+mx0{XlM27Q-Id$d0%
zs;RCt{&lF9urdh8jdM&8^-<6gb*pV+@w7SVXsBKIYk-0q$Gc%|gcVW1M`m~x4$XE{
z9$W@r7?%x7g0$c}*WY+<0l$FxrSSX6>1jWgH;9w?o&1LNF<O7k*xAc)6Nikzc+YiA
zm)Bi*X%p||p?_6$k_i~l*EFlaYyP&RimTONl#>mX<5i5!^=_V>{AQkDYO>K`&M*)-
z*1b}{(Xr^~$Mc7?bBo}0K^oCXb0;tD$N>FT?p6>ER1f*C>^l=o;6BbqeK|gWiEjN%
z?Z6MYKw#g?L<k(sLMm%MS-t>l*^1GpBt(XE4l!t8*3ovYpG0HZ4SA|vh+E~2ErQ~G
zJ5Dq+P<ahsDnVPjPvyv1*bgtUUUo_?rcbNV=cE`;-V4HYz@^Adj&C3%)`p)L8W-nP
zyy2DnmL79i+tBw#l+X3~;-c)wS1dBy<?P*3L2jq4jt#GsFGq%3o4_+)5FBG)5S>^d
zGlYWMh&5Fie25Qr^g}oU1kOL7@l;c67?U5e5-%Hw#iG5f^{P~aD!b+DP$D0hir&*&
z>f*6y3>#=CQKMyZd-C*~!qMv<-E>7`+Xe>SZ}fk2X%tYU<ny6(?U6n$B_~^*aQUY;
zSm~d;Rh+6|uk3nsw)>;A{01p|fFGta(|^vHSX9tOO2yqp@D%ox4Ke+2Xl?bg^*~)a
z^nd>JSSsg~@Zy*X*5M0eL&0e1N=A@Q64)n1$lVgHie~DYvf(v0M?@T8cOQeGOfbJX
zAMw8X#5)DY?etX&%Ett8kH(#`DI$7Ss|>2GJO&DEDTBVdMNE}7K63b(L1S>7{=_}~
zif|aw>Fj)5CFH`vF!cO-hJ^(A`;!`DulV0o7mkc;s*TmRz9Ly<S9{WgmG)hJrfS%M
zMh(FOe8*DKM67K;%QdAH`@t>6L|Ay6Duz{BQX+YCHcWr8VDIs#N6OC!vCN~zh5yk9
zo1~_v@Qd@ju&x`sa&!YNddM(h6&vc@O^VfOlZqDnw&Rg5NP`s|d>4dsx?K)L#3DrT
z1xNgf0PJ^VLW3u-IZ!=q=vFCgJFh5$(8Xm}q*nYQ6n<Ea<z0uc1h#W6UB{Fha$QB4
z!E+3B#9YiNqaVXxj_wSK>f?xLO@YYRB41Ng|5b@5g-$ErJE{-RWTtqnPbD56&Od<B
z4!U=XeheQd=GBMsR>^HMT2vEjjC>MT%u2-GIp$R;y<o`#3b!e+&w-QzSTNOTtYT%b
zEB)HhBH_#ONPPYIQbiMcw51sNcS8_3>wZD!gztXOh!I;Wb)C>ED?kzU0xeU1X&3hm
z_Q)ofl$j}JYlePX>X%?6DHMTL!>ckjmM!?(-P;x)tJb#v+q%?^u;__N{OCXk@LLOI
zy-ZtMi}`8WPn^v2<t>{nV#C8h&?gRK-JWhf{M#j8@ubv^;$D--YwioI1(M*^yx*XV
z!`dci5Dr6gy}MQ-v-i(UX&h2IHH0@_o3kkyl6Ll$h7{_z;qC7%Ls5qjc*23wlyhKT
zRA(c5SGxOq9s~IfRhfmaX$Wvtqmk(XS)UJx5iS)Lj)1dgK|%@$l@T`K{zDhUuojFE
zX1KQB7BP}OA5f1?SeL4)KT7|+x2uL|N*MGfu_ex0^+H$q^81yFj{oUrRDkvG6cO2*
z+*+fovT)sULFA<_;*%ui5ER9LAAa~&J?sb3y72X%qxGG8C3$RTbI~M!lxj57@>@7O
zUT6vUwNJ6XVlQ=`rtH%2;<Y3#1*Za<L#cnaG4J{I>Z|f&n@4q6P5t~|&kqY(3ijUP
zV1Aq+2_+A=b{Y07lkuude#(Co=;S9E^4<?HFC{okrIsJH)s*&WpA;#O6{g`%rqkl%
zA~C!9$aMlaw1$GwF^OP!h~pFm_!X(Jrx%3XwZ)NovvqI-CV8~sC0U7)seYHw1wTF2
z5-$$8w3pT5QgINjhs-|vfB?${v+VFAQHSG-AmU$NAH#)lBiW!w={VS0cDztc#8Pkt
zJ|YAqE{H6?(*iZ959v<|?Fbv9q{m+_&Ly9$)jXt>M*}~5gF)$V46rDoC`;mYuA<u~
z?!vh{>{`n(;#9DsiQE)!gDIm~2TFeQ#Yyw5Eg*r=byr>Qx7Cet8izY)Z#w2;FVD`1
z_w7qc=N2jx$UkRS7CY8e-1f~E@*z5(#<^FICdj=viI~@5G$YfkesuARDveN+mCA&3
zMrd~*>=lk#nWXTQvAUU;hN87f2o|16y^dNdYppq?i}vHQg{Z#mmVYgzZs%Yh6=_ON
zmvJSw`K$e|YIB>rPPE4rD|q$Ii8javuOe;^&(1h5ak#7Ii^a$8myq7t{a2j5(-4;E
zCd_Nam`U%?=i9^yS+<gGQ97_4dUpD!;%pNTmQ!}e%Mg2$qHa4_@KC~Spm7~RbiOFM
zMoB{(36fqA+*trS<a1m+hU9IC&KQ6Lpy(gSSxxVcAVE1+q&FFa_)(wnx7riC`#kht
zTEn{a9UIs~pV7WM=o|5CAX;ozs}g+hy@$&zxca8|@Y12FvgeDbN3q!3<~T`dO+=X8
zWXk1R!NsW=R&h#tNbg*{J10E#7Lxbt0OPwyIlAWgt#UwB^BBl8DABW;Hzf0cyUbIg
ziOlEdKFyPwtGJFiw;vLfH$s~t5oa3yhth=hnfP|z<V4<OKj36YLGk+EP6l;`aqx>@
zhi}bE?Y4^ksAHwG!0GplDN|S8eQa84Xd{et#0u_s$_9VxpsFp8SmCI-`@mOev0xLC
zWOy6eQ#=>(@Xh$Sg*aX)Sl`Svm<U;YRV1K9f;3+5*AT-!9>4Rst8`0ORkcZ6ekg36
z0oZMWvrzdz`ReAQHNU3HH%hdy2K^e)mB#;+sq6oIIe8tjr5FSF>u<eT+AakLTiGJ4
zz*&Fosg<IZeQduaWq7uHcXBvmO&o7BA6kTFUeb34pHZFuaQBhZIC-t`4+6w6+m%y?
z>NS4unPKcACo;6)QzFv<sCzx3Pp%9Gi{2H*(;6Y{OQcf0;x6vAz2a)Z&#-wM-!H1n
z5k>1#z;VP^i-R>t1@`P-=-oKSzre1a+2og`S-eUkAhgIylf$`Im35!17`&cdP>>!q
z7E>4G#;1yH6zGc3<AU>r&#CoKWXhv?7giokMp@bI5F#d#c<5X9A5n53oB2qcU&wSy
z@Afl)dKzCWy^zu6Jbi>CcpiP&Wo2N;OIP@2_S_zf{24rzJ3|mvA|;?q`nt7}<6;|3
zYO$IvK!1u{7sh@67=EL@H1W&wSIeJILMIa+zz{Cd+!LV@j{bKm;BZsbrdG2LjHx7q
z%fik2qt?}P;TpUHqe1q%j!)uD1+k(H%=8t~!I;RqGAt#1$iqkQ;Ryf3OLs5bufP%8
zOdk9-_J}4mi0UC)6zBfS%cvB<uIDA@BMa*bQP{UILI*d_-?M(e0|Ts@aN8DLb2f+)
zISC_oJZ@AHs860~hAC3*ZNZs`JVY5W;+d0GvGvJ)v>iRK1AXhvqPiRZZd5Wn)5@Qh
z@NGU1BBMJ(kDi2D@sR))G;Kw5^ekpO_eit9I46v<%l%?5_>T=(rotn%c1pD>T7?{z
z3ZxzLRP*>=pzAG(;eYBgvAr%qr8ahql-uuO2Ge|BcJwZ1b#(e_e~X^z2kxsEO6_&S
zwK^LKe#~?6yTK1Nvr)PvCk|Grys*X5nlT`gc=%^eO*rdCwal3)yyA)`xO8Hng%BYM
zlj0?UsbVJic*ixx1!Il0`WY8HEZ%y&JKGdvgExeHg1dj^SuU<jTDw)18Lbz3LjSq2
z?MSL);E<eK(?52g&HshAD#8X2QHPz%yR@a|w>xmd0rKo3M#{%j9NUYd+6OaHZJJ3O
zS<%{tm|5|UgfeUJo~LvR7n#?(xSMgWePhLm=ISzfe-Z87hddVX*$7-f^(_3{5!RG@
znSe^4J)eE?`H@$0oW*(=e`LV1zM)(g<LB4mUm8hEq8aN?(P8tjb&M@&zkP?gBN_~c
zD<JIX$aZs$Cous1YvAC3Z{LrZv_xUti^~NOON08Mat=pUcrdp=8bx+4&>OirFH3or
zFj=ZIISE9Q_YisENbGiMG=6hi1w3ketnjLOx?ddeXJeWje(+L2v)0huuX!b{A*3KG
z64Dg)N2f8d=bhwHUM7J%jlP>rMTT?2+d22_y%CD~U%vawML5oDMY!*kCps@Dl{9#k
zYq`=p3FuajSg&~3#Fb10`+8U~@hL<-%@PY2X35^siS|g;iVd5~K8eF3TlYaF*yAa+
z--y%HuGS#1S6xI4Ceahsu(7Om*B2TK8_X3>#(?O77V5c-ApY7*^3<IA9uU^%5j8~Q
zdd@Od;?+sz?^TNgN)+%+m`ss}pkS9=5iesWrbR!BfcDgDRK8SQ6AdOda0f-XD7r<x
zZ!{4ai7uW__bU0b<4M~%I_X(*v6b;MhtdhkW&R-g)*Fb6NFe42oMRt<Bz^cU)Vzxt
z2bFx>)c#33l-oZ%f9eI?Wn7Yr2GLUWyZX{^ai+r89C*E;YCV%65uPj*{heV;(8|Oq
z#|b;73fucOiWhf&l;5#aiV;Jpm1ty<3Qf-EC=#C_S`ZWbwap3BDoyS?DCRDzm;n|f
zZ^CE!M}LR4R~S|~3G<_UFN9g3xq@4g9~Fe4?GZ2?kh)Uv$gn;!K?Uwwd)gbL+3)jW
zvd{!Rcu4q=8OSpc@|-b%Zd1HIW7To^CJQ8y5~`p4K!5maOuuzw%Ufk~7)R&kQ&_Pj
zX>}2FDxpXfkgJKbe8*lL=0aumuwHjTN{kuy%`V;4zb6B)!DYo+No(nCo{vcF)yZQY
z<Y>QRwy3pG22<$z#4f3%Gk+?EaV@oPwW#)({+nR9Si#h24Bcui{^TeHJEXJB;}Ale
zo!kFtqmfq_{!*2OgG4&w$tj@C(Rin9FV_9Rp8qE`ow}I~lc$y9jNtBVrMehX<NcBU
zDbQ@bWTz;<=(jOI>rTn1YE)h0NoQ5697>*C+wYVDc=_Q5Lm<pXC+O!F!VD~u?&;Bp
zN0JEbsf9$=mioR5)XlXijYz;&jBy>Fxx0gLD{2t3MQ(gLue!we00c=3rJs64wg6q>
znEPV?yTh}<h+ZeMgbGlZBCI=xJGtFLfUy4SYd*fXvw{nYQUcwA108E%Ys>sIYKN-M
z9^FX3NtO}#kR+Qus__yyy=6YN@i`tBTD&>!V_pOy)JA2q8Yumaa>jFZRlb>JnJ`}s
ztWc<H#&Q1v#aJ&5y+<sVV~i})p+T;A#o$Zy8$dbq{;0`Z=lT@E#b)HSlyHtI$TF1Q
z@v$w26FkV}HM=);i8e0x9m7Zb&w?Og{Si(3XQFK$GUkffi@RqDbGPIs@ic4n?+^vA
z$|Zm1@qweSe^ND6=ijQE=K40yetZwW9U3gmBX3^f@8w0c3`eZH1?zq#>qR6`U;xd$
z9c!=AK4lRP4|(H1>pNzLK9Uv~lI}7l$S{t2KID!?mct(0{2eE-{*gkEnQ?icew$z9
zYix0JkYg4-6Y&W$%Wfo~Er>S8Usq=>FC1;#b-1Ty{FgE(FzJJ0b;sTY@}AdAznqoD
z>LNK4@-J$^mht18{O)^g)~XhO_VD?`A9E!G*%xd!zJ$h8p>@*UckiBHvwW8?3f+&s
z0E}Gm!e)fyc05txOu-|rB3lQrUmjBjfe0?oH=a~LS0eLx1Nu&ITz>`|e~zYnwO62Q
z0Wk~dv%#?72OKxKiY(mWC~-jki9yE$%6@}MCQ*~XLhr?d((g73nD-xsuKX3tehpYd
ziV%$$!7xg|XA%1J{=i8>TAC3MtzKIE=Op$_6&JqW#}k15gDxbdHDgB2j;nNu7w#-*
zp}g~f+y6QQ6O>Ae2JwG-w?F~g05aZ}<44o^TW!C^r@=%%EDvmaQg7`#ePhKRj_plB
z`zVxYZIC>o27ez3;U!es%(Cfohv6Yz%=Ik5rV5z!(s$hhDo(G!$Yhz>7H7JZ85ARQ
z%bhr2nPrmOUsX|-2@nX+8E_vH7S?&*YK!ABG9k;Dc4h}<Cftrd(;81%9}t+tcBYG|
zx~N{KvHezn%WY4Pt6P>-JRNTCTU>%>;Cg&tD<n{v?hT+oe+cqHg`gA7%E3+YA8Tk_
z-s3fDj_;ocIL4YX!rfbqY<0v7HZEa&M#_%Q&`-|u1yeW>T;^*&-PLiXw4bRzf7V}f
z?IYGLG{A&6%3FndjIa!}2Z*{B_j%`HaAJ6@ewX)(Fr<^st(UBJ%MOYG<h*rDj<Y;u
zJ4YNzNXamf>o6;^bc@&I*))g=Ysyp;1kn}*bAT>Ta3UXo#Rv8N#t<tAyEfvu)GIeq
zcdHAgL9F3tUOpyCa<CV1ne20xOc$%myA_RbEBYQoj|kV`WVZgu{ruDO;tJ#OeqX0G
zsNXK19e(u`mr<xMcf*#>Z)?@1V~!XCt*J*s6h+hQ24_J@D`|6Qlc$4Mm9~E@Bz8(y
z!zylu(X>PuzXVl)Qgj>S6aZ#ycyPFZ2{xJtz5{81I3ETJr?!V1Usuuq4bq`|%0au*
z_eLEUDer8=zn<r}Ahf20bTPir5}D8SKN;=?Z?67|#xTUK10$AzcJP=3M2_P4EiYW=
zF{aYs1=J4$V88F7Vm$`kX(``4A@Nu$k^+wyy(HMe4CK6{<nQu-AbU0yx|VLZN=Boj
zz=zv#GZtkk^#pBXw+ISvYL0tk=hv_wUQdq>yIGWZ?cYI!2B3%O^okke$-LI5d{C(W
z@$9PKUMrZcKNIuVlLD}FdRmz{qFwC9WNG<xitGp)DN!RHH&X51kkS^U^xbimE9?78
zwr--0Xf8;9?ji7W=K+_@FG-`J-!M9bd<_@0iwXCU!Nas@<u?suwB{IOk{Y5DpVY$Q
ztF$6bo6$bWsjk%KRnmn?0b1)@8&4Vh;HzewvtHz828^lI#>Dv^;#Wb1IpcY&{!bo@
zlm#xOd`h;?Kn>C%z7qT&>fSP{>gH=0{+*!f5Yll71(EI$ICM#a5&}wtNQd-6Qc$`i
zkF=z8hXT?af;573NGkary#Ckyto43)-!ISoJnQDeVb=U+X2;B)*|TS6?=2kck0Jo7
zguk^tYeKrk^b2bVeK`i|qr|-i-D3N>C42@B#e#XbJJt&b2(f}W%A`6VB^L^&7pc~A
zBtD<=1Hx}synZt|$zTS5<&L71@pu#awfdbS9-?_s^)NWnBsmik5pU0dkGi*EjW?`V
zF`TP<o+Jp6nT|5qdtxcQ{>p)EbGQz&3DvU?tu(oht<*2|(TiD^EO+G61^nt-g=!!B
ze3=(fM0TckWqmf9=!9(jBLg1U40leEP|0b;roO{TI7xHDmvBmi1#c0#@#Pu>L?y9M
zM9TmpL9IVCyc1BqS$B*EeTlvg4QGy-!wjDgMKE{*EGs@cqYI$MacO2es@D(}hE%N5
zaef<9!@UnuyR&nh42Q_$fa8Kbd-8UQAYX|9WdJNT$Ol6Fv|+s|A-+m}ntY?@It)g|
zj(GucB_v;DwM%4A2+Eqy2P!y{NAhd~>VE<PRZ3Y!Kl6*-)%A=@{rWk!lk{<=!#MEL
zb&_#H86pLxX_A^}By;}u`REJjNw&(5kNKN|EX^LfEiE?>MTVcY(6*4|E}MNHC(K{%
z$@RrnnKs?UZ*qp5AHVSqp<)8r*xUY$9S1$lI^b|J2O(58*?VR)Db6KST;Gm7_~IE#
zBwx-L*L?yAJU4};@mNJay~7ie4e!zQVVoyO4}P!4^U$W3PG@+>WZ+_l3Z(hTh){nf
z3}A7L8P}u>vbV5!b}^)`zjz37TALSMRv?^AVoHW`aPgv7`Otw2NBg_yEgRWS@(MTu
z`}rIItv}~gC$i(IB{Trjo|eqAx48Z*hXq<K^eyoZNtVOd2soVA;@)pXa7@Cn)X1?^
zED<m!iYT<>A|_a@HCW;R!!MrU%+=*vYb5MFJ7v=Y*`n8DNCi|w1kqi)#z6dMgedXA
z`W{cjra2f6k8whZT)SaIAxhdKQnsM?bs+EI7-$qEh9G_O$dL59dW;gmtKLZif+a`a
zb%K1MGXZcowPUrQcgGzbZaNgsWr-z@n6DUjb4Zl6bEV&*0|qIN1wzd3(XsrgV?Ko6
zlyE;+o;7ec)e+(fj0fDjapsJ>*&i!7xyriVpKTxo1fD%zm5kXBg5rX-Cahi0l&I}1
z%56*7jot_s&}?uI$f{x?iZWmje^sQi=6&03CqB#{K`hfH6yu2w-7iI5-8*|E_&L%r
zJ=`arK6(=UG0pf}*cvbJg)-Hvghlxnupm19ju|%8W!?b^`W!)p|DZh#3h!}dFZ%d|
z$bkR|PmMJpq;m$o*k{xdzB6L)t;1+rqc5e82XysgUhaDXV5*%BCz;1Idq1@Sm_tm=
zZiyQZOsFI<9ZNK#;X>{CQu@Xx`8`O<<IO(RK-1QF%PT3076l0mWG-YPi6X*xuOO>j
z5C|S$C<)s;`FSct_Dj|YnQ4iW9!$qi215E0?AhG>JeJBLCcIk<-Sep+f?YksNsn{H
zy>#Gjy?Q1%LuB9Yu-KaOHS3bJIUJrVCPyeziQLor&;yt7|N3imzpELl-iN+$IM)6K
zj+RqUV9({}{>2s|*!J&Xdk9N>J26nfg6(TOo8E&JaCF~apVZ`OEL2)jF$Z1?7Nd(;
z<G&sill;D)dRMxq>v@g=vwC1yu&2os34g?4%0$3D=Gp{a%tC5QZ-9?g+Ns>zqv0{l
zUDS|ZTY&5~78Jn1N4nVEE$vZA9l>}K{eS?d(7Y5%d~%#{*Qw`wJ_v>VYb}VE$GSYG
zy9pZpmV1Y=m}Dw)S>@rk*AmCfN8Q&8{p~vqU-5ZpL5QO4_lio`a8M6iZc(nEUiiXm
z;%ctXNiloC>&WH)kKchlw8*FA5nUkcDrq|Qk6sbYn3~W6+y)p=$h&U?Wn~*rK|$nN
z_?V2udCtK34+0h8=wmN80Q!pYj_$)l(DW0nyZ4>k%KNYp8`^|#n41?P(W=<FxET`V
zq=s9*N`f|ZetR-{QvM<@t)gD6?{Hn^H9Wbg*V5SvYvXv~?lqqD`+@|6H>}dXO;(ZO
zaZqWGALnh=#q%87@fsZ46tk6+8hG+;S1V1vn1&Bf_A&vOj)ozDWBHr`>VIGY=3r#?
z>2Pm>mU19~V$BV_ur^1YUk@-M_%N{_EL9VZJp5Gx!BRqZ8IIB+(b%&WrL?Xj_2a?t
z-|KUe1xi6J<F0YsX(xYR1AxW!vF^DPH#~h^<D2Cu7Lf5MNJ3le0fA79{}8o(5r0F^
zsTCMr9XD1>84&RTECKwY3;e=*Pnylh6akL8<K6>P@h$w-;}z3MNr2ZLNRPCG0GkTr
zqbl{(-+1JgaF)iDfg<PM!@x*FN)99<)9P7k&pS<Nl@$80=%r0S03}{;-n#}^_4D4S
z|4CqUGd80ALV{o(Q~<{`OZRl3u;7wT{v^m9$=!?&KYpilDr9HOfZNKINm9G<ai0Yg
zbyU?(+>@JDgq!1gg)q9oU&3<-$OL+cNfI+zef6<c?6@Pd(BxE;P?bM8h$crq{S_Rv
za`SQ~?LL7=7KF=znvJ0LGq__s4)=@^e7<(EAMj_d*s=Bc`l6iXCTyxpbg!57JIsm*
zun}c%G7gNmkOfG15gM^kwp2jHJIzJ$3{3TXpyf(<bokFK5ExJoISzC~{#GcI7(qV(
zPmChgyotLPGK4GO5N!AT9gbkHlogQ@`-`0xrKhec*P?_mqAwr|Hy0n51PJ!1Xg)+G
ztSS^1(4nviN307WPP+9PBKloVtgs5d{OR&G*7<BSr+vLW4MiO58Z&LR1enaHJ0PZn
zu6N#s*u2aB<Mw7FP4UDKaisf@z95ohChpe=JD~K`785R7sU6kMung!GXUD(vKnfh8
z?;KPE0=?cC4H%5)_X-98_ee2)U#tFxllGGo{D|JgRp9fM^Ttu$Ma^3ejDSaA&3^KJ
zC!<Fy3pH-GN~$=BLrk@B-`XRN32}r^eQFwj?Gi-b*A^|H-m=x2JaDc9bXMs9H9DwZ
zsV;@u`1VO6%CJV>moa2xB9r{6?b!>H#@vOsi)@SKDK*pOt$_23#7kl%Nka4vWc9_9
z%YI?6ksI#Bt7~R7AMYH6Q^M_o?V^w_8NY;013mqJI3|z{Ics<efClKtFgKS{YiF_<
zd1T2&h&?~--yC1Fu8Sb}2<D{dA)Tjp#D+oMPgaI6ma<wP0?PMVAZ{C=`OlCzsV^XH
zx)k#2<!G-f8Y!(dn)`(3`NrX1whH7ie`ddtrUZ~6<?6Dr7NKM=W89Txf+0_LB@sYI
z;@%D21LWu?B?|FbO~=%ST+a76MrU&hK)g-OcY~&0MvTW|l#RPnnw4SSRkQ+ri$S*C
zARlx_<)0lC`mu3-T$g+uD&^AG!YORgHjyNRiOmOzv9eGyp<~<xb($fyIe}g;Xezq-
zd(yCjWe@AF!BW{DIi)SE4#|}R?DF^{OK$)<zekOD_DLeI#YlkQBhpV?jr5J!sheg<
z@@_Nq9sxJjW+cJ~D3Zg6;q~x>VPr3De)4p}L5M^U^6PIAr5B&iTkN53qs8OnK+ljI
z3<etV(@|&G@S72na;_p~x1GuT>>)h(d9!ilNzpfssv818ML_QdiO3>v&&_^8hot?V
zW?mC*dPwkz({owI&?caP49e0agIvuiv5D;2F=%~GJ^y4Gj*VH@mp;}6a<<P*F25KJ
zD*=#(8EZfbCv4+Z3&h+1O^c<}MleE;T(OuGM;H<*k;M2K-2ElmYV-EQalMJx`$ln?
z*ZYW#w04Bca-9aB2nXTS%AK{&(Cd6{ejg^_ZrTPV%>8jZV;k=Msmsj@iZZhBll|z$
z*~H;QR3^6B_jM{?5x_QBy0?)~*`8+$&Hu9LrZ2Y^|MR8ucTO7B=XmLMXc<x`Q+k#D
zmG>2(JjJ7%U`ZG-9c>;Rl2~$n3I*V00=NAW$IJ*3ZCCokQiE@>q$|%K-5j7oc+LX*
zAVlC19VzYeSmDersLML#137xaatjx+#Hw2R2qd&uzF;-1+0}uS5+doFWG#shkhzDk
z7+j-Pfj@-VKD^+?bCZ-D04G<pssUtOyj2;8l7d0;mgc9C%%L&HV{43;9PYtqJ|I-2
zNm^ztbSR?A&2gnVZ`s>e(P8S6TS>4`WWx0Rji6azM6Fj9y|H4}=%I**ZEDw46&O}4
zOUE;&HF?ek{9(<ie<Uq)9gwrLJ=H$H#(Cs~#n$EnxfZ#De=Whm@NuyfO9%Ijy3MB1
zpHMgcVxdSl_7@k?7d<6Y#!!II&AXKatr9!~eFnWgCLA#uCV?C$je@}7&G_~cz%7HL
z9?~g+5|>AS{eRmQa>c!1#_Bn7^j=BeJB<FdD0SJOM-h$d&!WZokxGALBMsE^?a?A7
zc5u>-I<<Y)<RCBNV5DElA=ogk-vL1NQuC13YDqQ}4PW>n=N{Nq?-=Re!(RGs#S+M0
z0C_L;C6xobWvmq^KYjffA1O)X^7<_lWcFHRyCn4Pk4!xZ5t7|38`j;$19O0Vb?3PN
zmg4f~dWF(Diq%9bVC?N%85TzKZ-Su&=bHQClpKaY+|euDWKkeNUL3piETwmLy|L_b
zIz~&`2KkqpQ4s9+XReQk-WA+~nQ?$kp*Qd2QYE$LG9^&z6gDEbXFo##He$7LWp@Hd
zgt7m0Z%)u753iuMZxhZ+vEWasR<N5Z#uR+M_&ZO-&bhF{NoX|Rl5U@^0LI5#$8vxR
z`ch=lieUAJEwY*zyM@WdJq;#T8{cO@!!RB~|0t>0)4IZG!l<k$aRzjFqJeQSwYMgf
zK{~tGrbu8j$B%_Q3!WFo)XcqzIs95LwGG;^Ui=O3A8*%NUazv8$wlbf7tIW&smIbg
zydr^KigNmwaVNL?<#sXb0WHktNR;&(kk|^)@_-gj0QQ>z!^YZ;gOI^k!Fo=OmQMEf
z=iDnNCI1{L2K<(qov>dy;8s5*B1{>lbjnNk?MrcT60sFE6E8{!vFPNzW?$=1J0#h@
z2SOf;+S<)Lj<$*=M%oO{dK(N_Z@t82w(&EyPxDr~IDg1e+%@?f8{y#Ut7Bgtp8vg=
zeAA+^i0V|0lS1pFnri9!xpU&zExIKw!AA*Jsx0i{lgN^npKwxb-ePoV%5h@t9{OT^
z!cP0}v#ZSO2hqi8<t8^_zQA2Q9}5s$S_o@7T3#JiYo9YRGG}w(9D#PTBYd<5*T+B5
zBRe0$CgSkF{2Y{TdHRThG1HKy)gXr3wx`>wGwxVl70AAbBa4*0@1c`5=9UFTOi0h&
zskK#Jq#5)-pB{S70Sb4p;C&*S{es%3mF^3!%7)3ybwLLzEVx%tYGl4Vucb0<V)UgW
z&AZuh^T>)vfSj@AFYxRWj9r$vyYI$tR(co(j30NjJPx}uiF<B(+-L!X2bqy$1Selc
zEm=9mkU5M#-a07>$&d-jH^B%iUe`69Is(Hy@FK{r3(wxmpp^8iyMYas!IX!no1Wq*
zxh-Lp{%X}=B)C+$xJDs)qqobXP<ydKL|N%nR}jb_v4%Z9%Mr$EbQJ&to0~r`1*Xw1
zJ<ztfg%C;zaoFWHFTze};0A4i&DA3bvJJ+{9S(+@u2|$nUJCz_iW3>Uj^30T50w!m
z9w{84#$@lKA<2K%$-0P*z_dv^ym1YnSYdE|{gx1RMW?-afLTEMPFuBH@+#1^Dl}<V
zKBvr|D5!9>gW!^p6EN89pf((Nq$!>C&CM;OZH(gM;Gu_*Y6ZdD2K0t|i3g#|lC!r>
z$otInZ2E|^U-2C+Xf}$OH?)2XACVgS3!a4yWLKcxb?tYV=V8D_iC!!`VO_$#`=%9b
zO!3t2(`S6!6Z95^`*HVt_E-S;esYFFD00D2IxL_<hC^cG{hC-Bio7HM-BCql+_ao>
zuN{5qo=xi5e)>R(fR;{kN72fR=e>*S)1)K5GC{A4V>+OoOpA}IX4nas22Q&khY`K(
zGVgnjrcDan^n@z1Xpje>C-eE}*L_)Z5ElEaAH#0k@Ur!{hof*O6@*h(kRNt{%lAlY
z50Y!tFHh=gs{Z)3gTg7#K~1|Znr}O`CeZT|GD+3fDAM1Gb{;#-PQaKrf+PStaKRtM
zix|vR8Urz1fzYd>gL8hYGXnHV2?i@ddp6XiRDy@xm>&>?;2uQtR`&>#5MzhGNa(*_
z?U1Af#77x{yfF|TZ}iN1r#^Q{nS@;w==Gt&5yO~Cv5&m~D$%d1HK+^WduZ@nI<j^_
z#`6(P|GR9AQoAF1w%*xhXAh+_{hgn>o#LL9+|=49uIYCcYo;{Si{pQHnD3r`ni5*V
z)q(U^%d0%_Hp#M|Rdltk3&^w_?)VVo+(g)NzvhYb#dMmX=7L)t-&35X@HGadW9IVE
z4e}?l-*(%hZQ746huC|8Y3%|^S%0wh`84=VcjK(SwjUWj8Hv>N^lS2LVu}=+gu1$M
zqxN)HLsz@9{A%VRSyv)N3ff-MO6!XZ&r5r-VXo-3D*~*gY<#9OEHm5su2=Qu`-7i;
z3wwX!_5ve=T@uw;n#bo*bb2J#Z*tr$gK-`-aMC=6GOR$b36eNN8ZOldUPS9Xalw9>
zENvh$1sVxIyFDROWxlIel?i(I>?t&PZ?hZ4>mNn;r~=sY0<k&LW?g7;v;R~CdXCR>
z?s0bn@CKW+rL9;pnMF6vFF<hj7kV(9S_v&ivZsHs_DV^8RPYG=^_llBG{~XYTQZh(
zN*r-6@3h--u)Y&^Jutl~qky$xTndqsTFSBx2YL7ZHI0fR7@PqY@;7(~quvPqWk9R6
zya>khE5qi%4Y=uEN{EopXZE`!BK)Ct%9u##NGQ-rHuRe3=_f3>Tfx~Y-mCF9T9*{$
zyB*tBS%dQAA}!f=0*ypf6P05e%?$5~dc+iKDZH?(y|t>#O%-EbWF-A~*TTE4qi6iM
z=B2mmdD1J%EUe}qZZ!6gi-FLM_TvL>-hjI%YFc+(#@O_96f7jOO3drW;G%~ovEu7r
zwFVrcQo}6c(z|OK7euFZPSd%u7k}8wX9|;#pOm!8kBU?d#YGYgjNQpK@rG5eF87;{
zEyBg`jC<Ozf1+2k&CUAyiaS{numZ_fB=?!pN(LMJhHsoz5^TwrYv#o6-RNjpV!~NM
z-gLk9|GJb;%F(I*q4)<!WXU=f%6`HYlcEQT*!%U0<mR_f1UE}VV8dHQ27|DBr57$w
z?#ic<E4wRB4zr3J(KfXCcKljTGhJ=1Y<)ARO}$@>A2h+M^cC2QPEBs_-PZzOy&C`{
zX1EVxm;!PfH3jn4*aljLY2h}B7CuMo(ext&DHvR;k3;Q&5#ZAGy66+}4+hs1T*8g`
z2_mbVCVI;9#6jjDOB*I`SNMqPDUxv3_pvZ{U=ZK6r^@@2wmX%zSDZ2))sZHJXk}yW
zfHv;U$u<4m`Rw*zmZP)s<;GQ`TJuI$4e=bRfrxawRjJ>x1tW>JNor5GO#xJHM^>kE
z92I*nFCgY{aCufm&qhW6nn|DMX;n{iqoQPy|F3aJzw^4RR+075c-snW{P?6rDA4na
z^F7Nj6bM8Py#=j!Z_9rLhyffdHtl<azoNcEaILCv5~D2wbxyV1&d>U2@CB};$qi8U
z0_^G^h7BC7YH8T98|n5ANt-D9M~i4m+5Kw+=`6~*{g@~CuS<X31(frY1!>=f>K(RS
z(^y)(yr2mdw7N0ZzbxOr!9+kN4M+^sN8P-8y${5FtmA(Oz~r9)5{D<fSu3=77wih+
z_U^tHt4UTNYY=R&c}k14bl_1X3>3kkK&-Hp9HcPmYpf{}kK~$f(ePKyN^MS4ePk#v
z68l~5bz>HD)<$4#GgXQwfPVBmruO-&-+L-UDkEJBm?z74?t4T7(v^9eEON;p+Egby
z)f>#xqxJ%P;^lQ@bP`m2_$SBe#y9D+Xd=`UW;$Aw|6w%ZG8>5tPr<&!3jRWiYQ=KH
z5=FrMM?l`M+>qY)5l<wrlxA|(S5xR?>@q*FI~7;+?&TsNSE-{vv=sHZS0mLdx%{=D
z#XVHb`kzFj|A?<GA5qSR1`>3i(V=eAH`~$#O!0c<&*f{=Wr6$d(PoF`BFCyo=;xb9
z5*8p^kdFFH$qgZae5((rdV5tvLTgJMyc-T2PWUv{f5-aXUH~m3;`TXQ*E9+n_0c5n
zI^3?Cy8hE>FYKFRe9t933@Q&(7YfW}02h#K;Qo}Ee1m>`N+k#zN`bh|Dkn<W0Usc_
z0}h<1kJn2PTprM;6>9v4?S+nE;IEFF2Y#2YZZIfbuDLIrJpX)i$cx-DV_NFz)?|T>
z5GD0*w$Yk#M=HlW81GoN8Y>WMZm?PAY0>)QN?D^y10~!#a~%9#cQyo_YMd#bD){tW
z_{1%H&hJjWo8}+a1VmUTtBkyBkb;x)J?gO1Gn#r}hSsE|wY2TjU-qjKUrAA)jHKV6
zLuH<eFgYAA>4H*Q|BKJgfqNua8^7*2Bgr0t8zX7qZIEM1I#ecx+dRMjvl^ovcBlAl
z2F#e48SilFXOG!mmCbQfXJv1!@N!ht(dKlVKB4@66z-8jSWL%6NvH{X``YEKSw*iW
z3*JL_2jNL5hA^8UDGaptxjXLu5;f}LZ;B^OoGB!I8W$4Wt`)nrpS1`w+gdLXMG%Fq
z5@DmfRNOTV-K0=HBluhX!($#Mu;5Z0aT3pQiuTwLNRg6KSp6d>dP`43zL~umVvHx`
zjL2I@sO`@Zz#DZP)N`IV&Q3B!KTzb={R*4hsr{e3i^(Ql!jYE@L;f*KfW!*gA0ZAl
zF5_wp<hVXW9MQ$@$EJIZ#F}`5*Z}S@jP>0N?DR3d9*)oIB-Ww85uKWOB;S~mJd>;v
z`$HwT9Ruw!^)myX0!UX3Q>Eo983s|rj2wYlU#+>F$)vtaeiuaNKwbaGNxI@@#$0k1
zWalNa3cO!-TptF#wnd6%A_4ZI>Wj^7B$h=1$o)Z+?)yn@H|aO+R}Az-%5A9Z$lcE_
zULD7clz45hV+F*oju|g|S#c&}FvYE_)^uWAI5RkE=+YT<I*e#-nBKxt40tUZERV4=
zGfl@dw&bf*gB{vVtkJ!zc8oDX>O-%KcAjTKk7jN=h|fyK?=`qE#ZhNmnWhJ_#jTI!
zlT~{}D#H}QPIV!|*ek$g8dk5y`oMdA66k&2rz5}PjU8$d39G+#G)rj_4DQhy#WmtW
z5!Ti|`zHF-7$qr_-hJ@Y&EIA`oy7wNLchNX7eP?10yP=V;s`(T`<zZ(s7(~q?)^fh
zR(gsM^Mp1_J?T4p)36JvYP_kM-bn)y)BNk`5IO9pw{B=JpA-V@gN$iUmF(N_p68*|
z2?I&TkafBgdpK{daP^ix@jMBbZw^f{P+I~{?t%Lxur>n0gd@)Ma598S4lXt;sB#=B
zb~TQlcNkvk?sfP+=9SVbr~3OND|ZIxGI=TNtf(@0)e{~SwNcITy>b<VI_PvAzq$2*
z%VU;5snGw7=xaL;PGEo6cA$IQ@iY91N1Fi1K{s3fiMxS>83WUfo-0yaIPlyU1Iva*
z6p?W*4azMc^+s@}V7krKDA^9mmuK*HknRq~|AHp;U0#hQ3Bro2Xm@H#=e=_6$!B-P
zbW-)PE{yMtdtlxUqi}=A;(WyH!?GJmw3U7XBXC4`&YEqF<%a`v+CRGvH;O!1;fsWf
z6i+k(_w#ja7vvr(7W!3b6d3!C=21U{iBMDZNaqIo$OE>lk;r_U{YWpeiJv~W$g?a^
zX=DC<?Mn+bsDoZ9+NOnO?%O228g8SKU;GS@)^<R@uGzmRzPp4R!Dxi6$SdOu98my?
zHe~1rrm_ZLOI07)3$pWp@H$O^zOdELS5OPZBf7ZqFdg|6TAxRLf$~h%!!^Q`aUH}r
zWv&>s1x8{Q%r`1j!;@>oB94GbJ$=MquA2PR(<=taf#oe;?ZhWy<!auyz^WOw^-<bk
zNT!>j`=LN1fzki$!V!a=gCDxLHF|dqsFBDf)GWuPt(?v$;y*!#gH!#KX1f-r?jtI4
zxv_EjEMnhY4&GTdqGc3pQhrY?8ZaMpEyONf^s6t)9qoEv^Dn6hE;^+G;2~P!UxykE
zlO5#zX`zwS^c-P*y>mPmIU`htm&_`k8LM&OU^X#tGH0YNV3`JS+nJI52}t<ZJ)HAO
z9CIHXmr$VAbk5Kg6h3qfS5+#Jx9j~gOnR7SMd8l+Ky+RIjt0U&A@P&4;`18&<jVB6
z;vzp@oZG4BnH$+f(f7o<@SIvIngt7#|Fd~r@~6LH65S#64A;wymnyUzLGKg-51N@(
z?@0K0xFNYXur?&++NlUNS&=0dl`6JP+@W+Rvo^Ka#D4tcUZLr}_;#3XfA}Zivwps^
zK#S=GVxdVVe|lK;>^L-$?r59+uQTXa7m1r#knWe5(CG13mIC*ODu(c$s(z-U3N+W3
zjFFnczUW?Gsr%txjRTFL_>kAC2h0$T{9wS;JQYRQfrznsyj70WRA$|6hXce+9d*7B
zywO<VCBCE09s^DLQt?Q~sl4lZ=h@OVk)yTe>Lo^bsp7M=Vm~nq-F?rr|6owju<-4u
zGU$?9uu6Ef+r^_?(f2OiCpC4tp4is##cAR(JaU(5fv=kS)9a)zzY2yG5+QDuA_$=>
zHI<KcTR3c}#*g3W(hQdU+aG$wy#QS&{2o6l=K0k|`pxKzBs-HRS^Jba4-clg1nPE9
z!v3l}^O==%l{_>~ksT(0`v-8VC2zyZooy9fN%RUKk2WWa2_T_tzP|yuKYWbirX`AC
z51=<C#=_2WX_?JWsBM}wd%R$m<x;C}tE1Kdf9V-}A%!X9#sx1_te*{fut!3-`s}>>
zv+JVL(AfNrV&`Me??*Y9hC@MrXG9wI0EYl4eT-S$H#x((v~!-PL-0ChO6=ElgV#s|
zgUc^0-)XGX1ftah;Z-UB{jxjKcmkLq(y#~Q^K?<>!j`E~JI@pbsa|)FPq&6OE8QWy
zueB1nf3?vaW(tAVOoAjk@1RUIx(7htW#9uKm*!^EYf7$t?&}7mfbj2CY>JFG$%)>d
zzJCkobpH{o$9LJA9b<3qmGpWgw&}!`SaSU<t2*=FfwAdi=+JuydCc$>Qjpa!OdM9I
zPOZq*{)Z9fKt=GL9xhoAW@)949`Y##B<OgsdcH8|AeHDIW|&GXaH(z_o&NHc^b_pH
zkkdsNjp**z(3Oxf&Mzv41yr#$$OaIUg=AN(BqaU)6ME7lqyI7DB+F;^OtU6>TgyoH
zHSt?qpLXyn7YzfrBXd}izX<E|f>RzqhhCWiu#cPYksET(pB{+hN`k<NnBQcI-oIpF
z@H1C=j-9NKMEdMbg5bn?rhTr&`C8cTxhuQQ`q~eF-IjlL8`1A;O)Zzzo9awX-ACc3
zpA*N)wj-qPL-uKU!-ScW{RuEl+q?9ZYGE5oqKJIJEAilZs^Uw?^Ou~8ZhXIwa;>^V
zt@^%&)d3~cO>inA-du-S?kroWWarCm!)w{Ee|_Pl4J0w>$}ACclq?D#Gu~wO)7reC
z%lq1JF1j+vH_2v*;0rABr$&~48%~E<;KC+Yv5p1clo{@dF*LltcgqJ8M(a(9#{JZ$
z8J8R;7qg7i-VV?H<J3!s8jopjU^6PIInZ&NYMm2X|AR+I&MB(2rduat)S~TKZ5c3_
z4q<`)F8R<1Pu70r`)exwOF4a5#o9x;)VpC8%{zo&_|t;kc4K_3+c=BIE+8ZYcWV<n
zj0Qb!k|bo1^!<IX+`;gkl_Jj+D05<ZVitBGAf^6o={tn4$nCH*BJ$ZpXq%nJ5@)hf
zMbJPtRxhaNX1b)^xu>@PFHYAkd~76rzc7@Ce3fbR4Ao-F&RZnrmgAq9qLOq((-B7W
z7r^+zPtp$sTI-~9T?&Y5^u1H<<tnHNDI2fxdSr$jR|o5>EaSFoUKb<}TOniHGW@d^
zT~Ej1y2f<BSX}y#4Uo{(S~A7@;u1$|0|S?3yBnPEU&J-q9dmnZU-aOlXEt~Hsoxkp
z8WdJvNb`QOH-lq!pWvQ-d!1c2G1s*hk`}f8cQ&}4eD92}0}@yPGj--@2kVqj1mjfO
zHoXqpG1@hJ_&LN4{ZA_ZNeBS&Eus;000OxykQe|Uosj4sDnfMF0-lar&+Jwr2(;6F
zd@SrtKk>h@3}CB{5<P3g06=qF=+iQQuKVAUMC{B4qOk;!@PKV;u4rKTFKz@_==cWz
zT}iV=LbP{z0D%56B69KS488R=Z~vDA|9wfhompN2fEORFne?iDB)z6(2<2SFkK`l=
z0JB#}H2IYDaC9$)-qIbueA_4gf7ua!X8?fj+$Qfz54YQ`0|8%O`HZGvg&TT80DKpU
z7B6I>yAaS0x4z9(0b>J{3V{1MC_4@S1EIu-dGvP{B!GMl)%2u?v*W;lXOy6cjK4*H
zqlXhUnnA(OuZ@`@GKLi5m`(~n=@Bq`TZ12LgD!Rt1O?KG5!(+D0_eI+ZvjJe+sf#1
zVhtS;BZ8@+0g5mqr@W9hBnY6L3RFD=k&8!z9>PYs)5BAtFyQ}Glfi!CQ?@h_V4h3Z
z`dp7}j*6xE-cw$9Euk*<{fbWYpG6C^iM<aFA;*H*OhQs%4X3-@{>aSEH}e8Q4YTrd
zH~cu?rnwIyT^Fdp8>Qx0*v^*JD}NLU<`&q|GV|c6h9V5{@%e4G^p#G=c0wgO1Qhbg
z)_Uv9ZNsjz3QQ)Xb_XGBrB9&UOHaK{>!bwD*c_qH%v;-BNV&!~S|%jPKi?6e#-h=B
z?q%rj%yTm;x^M5qT<uYBumxhHIzK^z>nl+>BE{*OLS~p~d4B8MI+%yYU|PIWSVD*!
z4yX`_Bf=lxr6P;-t(F{$BdA2svi()?L<sqIsHN}cmcx}ah#2t(jVEsih9(-45U3lU
z7CmKD*uB6*`5g~**+&yKRPU-_K{d^$K{8JbMxg1US$51;OK2*2zfCm(Vym+c>#)?%
zuu&8LqNAh!sGS#rjv*2yx`?GIb(w#<yM3x^u95ly`47@5=nYtU8EqQU{1$0i=Y}4?
zCLB~i;XsRgtlz*VEIHtAC>^{rF+{EXz0{AFowq27tjHZcJnJBg(MrrJwf$bozxywP
zpOZS}(`NkJR?&)4d?Xz;@w^GSTu|aTAt-^;0||RVE&{T4=)Sj<5{M2pqL>~&khV)0
z^Skl1k~dw_ApjdCS8>bBb{vr-k$HtYw4m*XCK5P;EKI+8*5%KXfj8$Q(f6=G3DoGu
zbP#~V<M>2Zos&$#PQ8k!Lss1VD=Oj?@>)*|4W^}iJgP=)JH!ECiPL3_^IG8L-Zm$9
zrMO`BcZqvQlCIlc2j5#lcZk2<JzvbdBbTYBOB4;BIM)Q3$4KTpnb^x$Xx=r;tBW0l
z)h_(<53tkqz(xt65lm6X8mT)$T@HI6$ZGs?lMr`OM2psex@clc{&429KyrppLFhl7
zzUc<|`56)w$!>oh-`BZv6`if;irDX(kIYCy3mLGV5Wm3l``+L(I@Xo1DscA=9sJUA
zf6sX~^fQ3Z@R|XG=-0D58!(HV)ei?t-rGw|vMi8=v>9X)?FVzBk;!jtC_%*@9H`AG
zNaf9W#S4Dzr)1izXSO*!6^U0ES6Y5{M5qFhJs86IQqP3KTVXZwPVj;Z`z_=j*?E+|
zDsD)cwwbfXg02{P$2aT&PKVr|`{dA(-#n0D$r{WNKl{tF`U}?UyM$^>15d{EanRFB
zyOM1psn7d+@+aXv0)oYr?{=nQl5|`heGWizf*=9O0pNp1Dag$lQs^RyT$vO08k{@s
zdzXF?1V1PSa9tiend6X@e@>}ToC6r{)GmA1p^@Q%8{*H3Hn7yFYT2?EB|H=d+idD#
ztfs9&{#S!E>y6NnjAk<{4G9rv5r{>|I)qLCo1?w}=y=J%$P_IH&o(*?7-$fpTFTl_
zM%{|?v*}zrX1zb-k6`ouB}dc#imTzgyZ&VwV0bADNW6O2P@3Vprk6y9Mxo<F^pLme
z01=Z4i|O617;<aSj3e!99)(+Sc0sFLsQiGEq`-{4Y7EU39}x<~b>znkcQX0se#qKa
zA;~-(d^Vf_@QlsP>MVfeCQDaCs-`%X9?XZwIRs|sN(T$8pc^vX1zCtf*vi7!w$iag
zN3SS%X8KE-pPRH)^knM&T510M0Nn)KEh&Osra%<4$>c6OYnOav74m0(fC#2fdJ0G;
z>pNI!J`);K9I$5yw((E~G9rq^2~)R1IpF{hDtD7oWOdW6l9tGJ-*jq)1C@=IC@nKg
z>?^wf*p@S>0c^uvK0Rq9Q2dFn364w^k6Nr6*vA9_*$;^?X|*<O0n1)ps@i}#jOsgJ
zn_M)!wtHh{HxFuuFg5Mx7wRN2*a|PYBDk<oKWl!R$=wbk*=#+|(mKC5mzrMfSw)q|
zcm`~cz~ft5No`$kjy@rWPKPskZiwJg)ACwwu3Sh5?7x_*s^wYU6mE$GtDUA7Zs9|P
z!8X<Zz}xG8&xs1U{!>GdGpo2nuC=@iI=0<3SO>Ggk?0wbtdv@LMoQ%{kq@LxA6J?u
z2N+XWAxFyJxE<_nTHqCKW@U}B|8BBr#M0!)y<PDR95%Yum>*myeiYF20;t}QFe1yy
z_z@f5<i!3MP>d|nAWU=TztE3+cmW|lg^$AEe`T4_w}-k{H<9S({m*2zq=ycY5o6j+
z$TIxD6&q(5C^RRfG|tAl=8jCb2;t&Cs*XjW=m2D%vaG`m0{o^~iFZ#cdo!!{RU}9d
z-y*2s$1j-Z=B2v6N&_>|ZSGZqA$&~&$erERdWelG8c7}=F~O_&mz7%;Qfpn9F<y5^
zwV9D+c>kbzVTh?YF6Co8X}{e3n*vMIW{>;{Fhh`^hhEAUNAq3%9||2wsqEC?!#N4S
z8;xk$^;gSn@-s&Kw3E7?O7zRD;z#bRi~--@pQxk7B*umxGgp%QNa`IsvXaOJ2{dy3
z?Juv$SrIM>TU1*g4K%ajGy_y!8Munp2jUg0#sR~@L2pLj`jh8Py={;)Z5YvV);#_u
zqS11%Gl9`^8<D@Hw6ps*A<sx-1aiz5Tlo_^9f^LFRom5e4^MaUVr$Kd5+-DIgB@Ur
zZ1&af>b8UFm1I-9)pbo)XaE@$G;nP(A!JecHkkT+{Ryq*M9I5-?u#9-3tE)E2Zmb}
z9_rM2`yTmxO;$M**Q^yc@~5$;G3VDSMgT5+(y_On^~!)?f3oA_1p`PIn+87C82)3<
z9pm`;k~!*RddG_f5t(0SZ(b_O6ItwB#oIcMsk!bU!cPFerQBO65V9colPeuMEa=Gl
z3J_Ciq{!6C`2Kp9bMs8)Oq~cmDn+=(6T+r2_|>L@0F`k80F}Dmi1lu~4Jb5qJ7U|g
zQAcJFIh6va=E>SQmpWf+RN6wl@tmCXSnaNbYb_dBllAW}B`?Lsl|6em4!VEF1AvR3
zXV*B^$o6*KUWXJh0^`#yTyzko@~zTWVSt#h5F(cat<8PGM$OFtvA0?wE;G`_8Vv@m
zy0N_l`Z5S$_tB~yiU-W*`QKhxYG?KXK|2qb>}N)m*G)GuT_Mu7B~4V>8&XTW;6gMi
z%C{OUGx9qc*ITsz?`68zAJQKf9ss|OyuUwms{%3gGk}0c&U4l1WG_1T_WvWfV!lYI
z0ssIk{KWAkzI-h#j3EtuaYDp=uH*=<Ju{<~>#u`i4Di(dIhoiO9-3$+3W+EQcwx>~
z83L2Sa{Ag}PyovARR93%^fY&Bc&a@V_@9yqJKd$s3uKD`Z!q~^=Aj;>geNA3q{PTz
zlgH|AzBCTY>xU&5K4SvmJm(`__~AOl#I=7||IT^N0xdZ#R3Jd$t8+YhxW-yQff34X
zH4h<#TpTfgFsBusnE{BE(LDLzSGZFwlQ=E8{AMAuDbl5J&sDTkD!)n%1W>*MCu9-8
zDx$1AE9pO(WK0J(8eF*=0DwXcu!hF7<OfwnVVH3usqaJ)dTFpmN2x&P=6=8^lzf`p
z+W0pw`=31Y<MRdgyn?kJjE!H1-*N$f4Y7%)!}b-Z$Wub+XKR!Zk}Ka|8EB9C3-UuK
z1*$PKLDFG+$jskQDl0*n485_;`ui=``wpsLwsi7BZT`scyuQe&m=BDB4NMo@Lh2Ou
z@qC*j1PgJ#gbn-K2gV!-C0NM|3cwi=WJ=*?6cpk9M!B2~Aj>G?H91k$>9=Z<K09jn
zOv;UY+qjl02;>vmLf5N%S&@&z`xU(Fa63CNg`&31f!mOmW`H|`HL_661SCM=HqsRT
zsz=>3akw404Yk+_Y)K9QT4}!MdmFlbMwl9P|L-r&5NtXrw10JU7%ZPak?U3n+0got
z=CyGQ#>nAfa`1CDlgr`YMOij<P|Ra_O2m9O72Hmz6o?S4!G@lgC>9^Ts}pR!!>Lgq
zqP2ZjvW1i^tHADMCUfum-BLwjuZP^alj#<p7TZqIK0H5P|Ae<2cvrPfr_B;DKnE^-
z9>8GD-zkXx1X-Or)Zxtr%<A_A2MPNiqoS{r&|xVz@OY4o(fo*sd_xdfRFx;w!{x}I
z>9W1PPre!Motw+|YV&>ac)+Lo0{(`{mr1rudxqx99CGIOW!U8#|4hw}v{Ni4_qFSN
z`B8aSj|y}EP^};TQqTgN8ypU4Mh>(%-`k>|bF}y%&kf^`_vw0j%`wmB<dHL%_qmL(
zZKYD<4MgFUCP|OpQRt97-7Er)R^fAe)ZPz#SWT}KawNX#h06p9X@w*%DlbWYMs?-;
zk>QOLGG8zG3?C)mYc-`eqNK_~i;3<GJ8DSbg$P9M<#}#adq`ZW-N${Gqvrs@MBumJ
zi1*i?Kn82Xr}>8vn>vmgmiNz!@*dAYZmUuLr&`e+M0Eadvih9I)BR0bK*XJfUgQfY
zLR798^09)kROcZs+}Q7_Fioiw*=;ql|5dHS%<cGO=xNzH@!smv#Rgm$1nt`MZIKjh
z<LGDqx}iV0&4@jsZeIEwe29mtVDiM<NPErlxr0as-Ro-qjxTp`p|uOYq$Zx-`DsX%
zRqd&nu)+4z>@d#{bB`j3tRg8W*=87Ho^<T?bRPOgh%{{-?UO3Jp3CcY7sw)b$B$Yi
zMttmgArO5U<3Lm4Z9bSH3va;sLKOu<k72<G(1c$)C|hU}8|74RKR(mkMI%T_oAn2W
z$2GGqN5LBlu88in2S1JAR0Ud3>nGC3<a1<de`9HymN0gz{Yq5BUJN?nKw~=r$J9J?
z#ti?ydIuo^+ODwjI5hh78rG98AjpyF@W9h=he3pJSm-lDDX1JUJYjL|y|Nk-M-JfZ
z(aXYI_fkTrOXhHH5eokgLSAS&V7xQfD$#KBe#o$2Wi>89%*YnFE25h42LJ8gv#tT?
zD-0NypTM-v0_d3I)kTB2giYU4x9E|u6B-}Wz<=9;YUV}iJKF7nK}7eyQ8@t8TO}CA
zONhc03TYFN8`(i<*AHTZ!z}Hm%V&-sxlze}M3<`X(SuF-KZEU~1F&rVEput{>Y3pN
zsW1}L>E5ScKgPlo{g@{}DaONZIH)S5fh3arAYM9V&ha&Rpr&^GNBr$DVNsLEkGww6
z;teigj!@An0#*$%DGAmg8o*leS9h?DvEN9}{l%g!`J`Jh3Hnz|c7gA~abmXYy)(94
zuhN0nPrf!mOI>8eNPm+a;J}|6@*^?tU@e~=u*)4swun!u{bPsfmb5@5KI^l|R!<I5
z(F>=HVG4zXhD*H2jcS(u`cN^ea9CTgc2leD-GTeB7QJi7NI>?hY4<ucfT;-NMWYQS
z6a2_Ig(%#Y9v;9S`#4|0u=|w8;2!^KQ=q|iJI$U2y;1l~jMzk5t9Vav;XY*T&p_39
zL@47Mz%C%30TGQ}vHz>7`^ehzeG@CgS=HTmHKaNwth)sSz=%KzlD8I+Wb_5%1O@&R
zD|YC}BCt{~3;-*P$gyrhnAsK?VlkI*G<3EZS7KN1`nMdY^VV8S4EqN#+Rh|-L=Rr2
zgN+nPAg9LI9|OksN#Ou+%@5VwLfe=gJqNK68Pcc@ewA*z;Xp?0fvQLP&?@SGp^kw*
zs#6^_)3g;3cRXBPAL^WCJH)3%=<uG-L)fweZ^SPKn|L*3Fo2~vY}E0s*#rzx`f8Y_
z^s+3k+$D|yQD^eVD-;KQ!zU$%6=Ps)7+$mLW{)Nv@edcts1cPD5j4tcc@5^7b^Dp8
z+J_LE)hJ%ecT;Pu-`@9#f~sQ`j3FBZS2$d7<UK>taObYgX|&Zf5Kv)2+uQDoAnB#(
z9bb~H=)L{;_&cP>KgfAx?5W%k4ys0AiyGlz7a)TGIH?)p-AeB!<DetD(t_Fib^ylw
zB_NLGM1flTWlGmvKnk89#z@9vj|STLqL#ce38Vu5MZ|tHP)Q_At-Piu3s(AR=o~V!
zP<_aPHZ{He52;@u8<A7B+LbyV9;u8cdP=1bpuUf3gj!p(@|ko|x?YsFR)Kp=6pS14
ztEO%Bf%(nRdhc$-7sKeT=R(^H|AW6h51DquXsS<&l|if2#;6RtKQNOz_A*vgh>rWD
zqbFAa`Pk4k?Brz1=V}1(9&fV>`?IVd$b+;fQ(Rn(=$a=w683Bd0Zv*_&GXwXl>l!%
zesQLKf5LM?C*bi`6$GUNs@B`~c?Kj>nTKGFB-XM+0pKage@53UV8*5)zAvq|emHl6
z1o5YQe9f61dD;RgJVv#4xGMp@3Pz7^E0F!CLKeW@ym5frBQ@8K86#+Dm-8;6IfD0R
z3#7-S+vN{C8*;VcB_Z10z!muqi61q9UY!oB8;X}sJZsM(J$+BMT<f&Os1Q%~7NMFR
z<qSJ_d62nITQqp+t<m5DT}~~rycS^G$?)!Jc>4fuzEYz4vv6fbY%Y!hmHo#kZE?-_
zmf;+{P|{;6+X&^7%k^Q=QY!n8^>bkjWA8+fD^;NETm!Tz)W7;AciWtmpL35djrKip
zqyjy+L#U2Nh1)omx?w=ZLu5V!U0HL9dD_LX#MKEXfjrE^qUjOPUix2cjK~K{Sv){h
zHL3ac+J_~G-z;vVd`(TheAO6Wm^*Nk<yxft1pngVbTWB#m=)bvOG#75pR;n4o9|Ru
zBeH!b1;e{D(v*<)n<XG(7&AQ1A%XZREV|qH?5LhPRiNKYKjT#DG;Oaz!&R{V#AP%$
zU;;mS-r-wIbMM8N)TKW|ZCb(S0#itPwWp@TD}EtF!d>+Cq>oK_bOz9hdkX;UIq3Z-
zL{6Cx3>3a~Aw}!FcYCn`6kng38@e#d|GmO(({({4=uH;X?8=BnHkPw<x%=Kb02rba
z-u6Y>jA5e>E1au_&?gxGb27iQ(j}lNg2T2Kzf(roGj<Mx(w!ZqY>_sV#OTA7b*l`_
z@Ov~M;D1VHaK=Tq8g2NBh<~_s^!>+5uhJ6kW%Ip@Wir!(e;@-z*m!?ey6+m4AgWN!
z+GjwX_W6c~w@Uldw?F<xcZAG`X}VLhD!C;(e&%m)fMn8MDWcbm%;&D-?#I9fwPt1j
zKn#Cs*c9_dj@(;7pJAe`r{~=0BoH>F`{>iP5q^7z#wdDt^&3z0#IivpBy6lm1pD48
zzS3^GP$CR2!UWLAwEtuZ#$X2WRZpZA1(h<tBWD*(h<ab#`L5jzRIXhE_o??!eWSvO
z0X%yHO!(b`76NT3Z^>=l5Fv&NRCb}soJ)yC3IG!TLP~%&&qg7^LNid*NHR5dU;RY@
zL^F5Vo|+u*Rbmmw&t-HWfJ+{&joc!g2IMNZ^wFHb0b6j)^D1N`7Km-(Zm4$u%nnIl
z^%4tkwUFnF-fA+UH#TUp;`M+=&(+SREone3zdm-U5~EprvQ-@LTAsl&sti6;G;|_C
zO6o?miGqMZY{dL6xfaC8t)Tvw4B(g<<Iu8OiZp8+2@!k0i${aV1Grz2An(y#je?Ns
zOo00>>*9?8?;_FZNPuO3+214cZv{ax41^8r5TmysXm<8;0U@or&8IBDn|i78!3D!s
z<dY(5P&fbuPX7f;ft;vH@OthDhRKQ5BNyi&asU`<@-GNW0GIB*m##G=MvCEU$MYrS
zy}9cdycLnDR_673ErFCbcdSu0=;I|DiL<UGia%Oc8D8G?1=iaA-!4Qkl1+v+%9uje
z9<Dn-jGp7Z2P4>uZj^2|&2GL&fZiM<PxX4QB-5V+ID0;G_$~&lS-w%haL=|Vb6(X|
zrz!4yY$wlta_{ELH$x(JqE+8#yzf*1J}JA3lcQL5-}ZfB&?N^HRhEN={jw4tVaI&;
z%o?nDOwDe75#wjl6cDvgDNRnJ=t49*x!`uM>f~43;+2@MK+M}F6}1+(!cDvV$B_dj
z0}@wpLCd;%U!$WYQgR{OR)1o~*H^PhT^)-vm_=PX>(lDBKU8gol^fd0*A=(C)W*3P
zOmCT*{4s9Ua#J#J%s2G&{)3~=_&JwEeQ}aU!(CzXx>U<!6gkhe4ly|NN<Xj{Smo?A
z{|aNZ-1|{_|6D-@v~hUisqlQ0H!^Etl!;4EpHBDZbFLb}x)fSJ=TwR=<J>SsrXiMx
z38yoH6h_5Cc}9P>-WeIXRXN0A!Cmt|P75`B@%izMpyjcma3Ih=EDdb^m8w~wI)<s#
z4ieL*DZd;<Spc$mEb7ksesY<VTPVzmDL$U;XB6I`a?X#9X!avfrJt_~_|9U}4J{!Q
z7c%}IpNb^Ej%D{sVDc-E*n7=gbk0<%+fW+ded+rv^aJ~O4D;|K>CC}TQMx;Qrhd*{
zHu?!W^z3>s%2bAoi{h*mUGlO6w#<M=x2qqEKeY3HCZ3Fh;ARn=k?N734@PE3$I6GT
zY0c9l&RUudVhY)@HVIgh&x^k^)sQpNt2Pq{me!ZveM3(b%iKQe(K#acUCXk~ow*1l
zi?sVQ#EG_iBurYkEONZT;JgC)>{ZMJpSO2dQ>%6u(kreat3LNv%Jp3|!dNS^tn<!F
zkJ7DI9w5f-TAgu6G~vZtWIqqyBZNQ(FV|Kd;KsCGrUJ$BSp}-a5WZX`-1xT~pG+C2
zWxHb7F&V(q)L>rno@&t|>r@=l_tWdiW$NrhH9TP+x{nQXypmLUmK!+Z!G6e~uZ8e8
zf;7JsF<f--Z9sRAqzrMY=H=nmmrZ5!Q;Y~l&iHH%2BznHAKHaJRkZ5P>pP=kzXm1s
zPr_mtdGR}rq2#DCbey;W{sv>@P~~ITueI~>&91(tQyB=JVoFDOh)w+629j2=KvK+J
zeoQ|hwiC`s5v)D63?Yg4f`dY9eU5UnW9B|&7rg2_@~}Gl@ccU*!Kx+u)$J%31=J|Y
zLxdvuD?9mp0zltwb4H)bV0fVb<5~~c2AjRgd9MUmz>xxe>Dgn%#)Ci3t&eOZ{08t2
zuX=#`TrPJk6SLJk#P(l9DX#aaTz-c*RWKKq#$<wndsLgEQ9y(825U_25B6ctQ8)4&
z+;&OQQm_Cyp$k8|H!U2&e3nNa{~A0&dk5h~Qu*OQRPMYH^0-~`o#&$-BcxfQ9x|rN
z&1*Ra10DD|QR<|h=TZ4H(3aR!Naw@&SqvNA*Ce5Kc)_A;R!J?y5o%gd>W>YhUtlsc
znn^wo(r1Y^$K1M$D1QIxcWRpuH%Jg~<n)l~Gco4mA4@Xm=$MJLvfB@Lq4dv<QJCz-
zT%sHr)wr50WG+vWx(1@?#GcyWjTBX;DpNMMs4k1&XG3smRZ#k?k2DStYSZ8x`?U7!
z1b`~3s5)Z%OP&rt%2FNM^)SJ(X`RofqVl~Mv96O+UhGjt);@SDXY^S$g&yp7J}EK(
z-fMv!VHmUC1*d#l^nv5ebIN>*Pv{xC3}lwsy9*Z3Zdi?AC%1F%hQTwi_simlhu?kk
zcOvC&GL%f6-E8!Dt#?Y!x+oJ3eWfNBglGR8*0wP~X#+!T`<u)9;1ufCr57G39c79i
z1%4I6paI|e1d*;6Fs?907GZIge`c4I2ZcJRETA3MQA^10Z}I4P9;T4NP)UU%Oc^G#
zA*}u9p<i%K|C~5tY?w2&$!{w;j{my)eic&vL<XF-4|rjZh_c`=g#0u@kkJQ!V3Y(0
zo42hU&RuuR7P>am33c#XAu$TKod{q@j~+t92@^5cJnTf#o*!{aM15n=NsBxhDSeSq
zQ2rM+jNN0qr%=i%qkMfD*JDzY&K)L$j}gw_`0uw;LEbv8F~^-_g|ibnzTBaiN`0Z|
zA>Cr)-B-fcqkI(X0J#{`8<D*40J3`%p>W2**!7swuq9-k^vld5&Im8Oi|o?XB6%5~
zo(aMJSa*e-G-O1}yAarH$1g(o>2{;za{K)kmcCH7O8!cH_WPfpY#p32MCa_{{||L<
z6&2UBeGBi#Y1|1AXx!Z)kVb>MyE_3wAVCs3xVuYm4IbRxJrE?gLy$ml{rY$AJ?EbB
zALDztkN35E)ZW!qbIrB7YOT49DI~H&P15yB8`fV7GIsfB6l^LW;0O_{6XsAz<`COn
zO;vD~U1Z6T^w^#1p*5l_A+cb#XIu)fH(yD-QQ-br+CeF~ndycep;7Ajvq9bsLrqZ&
zvqKK;xJPa&-=I+8W`h~Z#baPWVe^x{=M7pc<prJ~QnvlIZ#95idKVGY(bosJGt__E
zS>GF&oo!(;%a)20DDOrPq^*>Jw69k+DxS(OBHU5u?ufvKXxEt^-uAUyvUB;$mFF{A
zFIfuN*(v3idKP3as6^6BrR;t!*|9UvPCG9iWdN6BJFhRRYHf4vqY@YmJ~^e1zE0BE
z9)+dO0}@hJuqvp>{~P293+b#IArX4NM78~JhQN0NmL(hLG<${vmhs<!4NC#6Z9bC~
zu+*S}Bv&(#>~tm>X#XM?Qs_FqRfegyh^<;2QA33XpzT@7+K06eE66vS^xO@cXwhi%
zkBv@3yPrK+=Sf0LJv5~|lbAw~>QuuGVGtJa)U{iE|4*fHAJK4I7|zW=lIWRcAtTT9
z&^wPFUYCafE+s1S|4jn~oFJOxSJK{^LX7~jIR&G&P8%QER98~LWTbBJyTmX<f_2^o
z(;l2-gg~4k-A@}(u#ETeuW43fhQgLxr2O!Di6tf3*<?rEySmjX)+=|9rBDSWm5bf?
z8RmJm<CYpw*rB>TJ=)r4$(SrEt-Yysk`4;0AILx?TQGEM*rM+1YZF)l6V&}?qZ4gP
zLTmd+JgXmR@Buj+)HuWumTJ4n2-VCQ)xFh)VuM&FTea-eVCe}LM*P7I;7Oz#6;L{#
z#}Sj#`9Xp32E9>KcgYBDx;I*E2A*`k1hrB_h>}N-t;V0OmqdcYH`c2c*5u_=>8qSj
zi5esMT(3G{T$CDGQ@82Ewi*iGm)HN<mu%qE?eaB@CaXLTsHmziKw^roN2=6BfUD^?
z@N!_9AiHWvEVC9iX~U`y1}hM>Zs02LgwPHMO_h9iz-|d-r(r{?SmH2L%d-k79WVBQ
zD~!)tv@rymr*?E9%z8ATgnBW2Mv%@>6%_LQnGpbBHAvQB;C65nrFzQ2BBLefHH8RZ
z2KA&;JrUOfB^Ezc;G};=2(e<0eMMI#|K*=okbEf-YFg{eSZ0P2FnhB=>qz9%aeKLx
zUjLim2~<HE=;zf2<wIdZ#1M}>V;GHY<>QPtNMw-&yAXJ1N&a1!?e}sE0%1WTc&gQ|
z07l(3Y=R6~dtgAuNza#b<!uBG<gBgKRvDpTxa~xca8HEcf0pS#d>d8_On+0T0YB!m
zL&?=^#sx>ud}?m5`JpeEDOsTCd@!Sr=+<nScNt_kb)^SL^J+%?(AGz?7X!FS40&gm
zRzW8vAcyGiaWz)er`lIa*IV9LQ>lDvh}(kCx`kThCLDWb)lDA=kTMhRk?o*h9FRl1
z5x3rHK}B;LBgKDHr7yA^eRV>X%9=80rf~j8Y-L;H5kgAbfWnsyWIN0(pFm(k#V#77
zcUUMz$3cHHd451h(N@bEQ(3}I=RNYBwu5acBD``s7SmMYY`6~&m>gji;<>Hpxh4W!
z2pSJs?ApU`k<=JG%w24dzkKr>*dH9rLux2{isR;{o!&tzX|VYnfT1?OK?d1Py8%zF
zJ03q@vxCSs-w0&94!jG0k+zB|(%bNnvtJ6?&Jso5Xptb^X_ol~^CRNoi^p40sN)PK
z7IV+?;zT{|Z3yQo45-KTBMEPxELfLt*HWVKndO>Du+(Oo+k4#07QpRqMMg_sqlc1;
z!<VF$0{yihgD@U^>#6>;^`@Xa+T^HMYG@_J`$alvhIh+-C033Ej4Mp^l?u$t$R{#Y
zElV;b3CVsX%Tt84zhv{&u-#$vqYMW@OG0;u6sNx_ZXDbQmJ;>ul)#jHZ~6<$vAnGw
z&P_UPa(lN$pHC<|{NW;zbRB0uMVOxu0>Q5wNpd0y*;8o0h!4Zr7x6#rYY3yso$~6S
zho<skcL<<Qbu^UW7o<|<0lDdz+gnI-MkO@K2FjaDdEE-8zW&&UAK8Da_ix1XB_(-v
z<b<b{{Mrgbn<%EPN1p=U3+WhNq!9|)MS~;Bf@lR#zRni9+B|H(eooBiXB&eEIC(|4
z8<(EcDTQ|e8;e19Bso+^S>54>T!g_?n+5hHGS%PRN~Lr?G$owes6#OfNoLv&&67L6
zjCx_7h3)E}Kx*ti8@eOXg1@@xG|Lwa3-{7f*{6#!v#neU%_szYMGiGjZG<83&u#F+
zqe(ZS9Pi=cYbhwq48sc2iZn#EVW@#R=ZWR)C^=`AGh)F^MGgJvzcxuWu*cZ+g759u
z@h{dzf^#)JB`hotDY0@9n!BZk31^`1MkIuVt69}(Q+ksVH**+`1^fQ=Ea|`46YFbs
zCo6A>?lxLhsh?x#V+mJrz_?=#K6O6}gfP_1rFG;BWMGNsORcA8i3^b*V5GrbjCwGW
zm*VgMkKhA{rLdWa9v5Ocd@yMZw^el(o0Pn!7L83yLovdBo)*I5^IQZvoRk+jv|F@2
z<orI9m~#01EISt(dHZ`J>(M2LL{3b<56JW7IQ%cTVVpv?)epz?-VVedksjd+sK<&h
z9Wpq%q^tar=QF4Ic-4YYi;SZEtmt0$?ylC4IBAgoq(`rv`FtTi^9e%WcVnaQR%rty
zx!1$1VkzsNv*(?a;e`0%|Ewno<n&F?QW-NeNo(xeFx`rx*BjV_G)p)O_@_sy>Quvk
zqwm~J(@o;J1VX_ri;AUQ&~?@1vX?aB%P8e+Ba_AAX;)B&HK}(0q+9hQL_=$TkR#f?
ztw+{pzbNygx;_pMeJ%P_Id+|@^wWnt%l&vl<7ye1t@&2M9V`4#F_5~ujd!j>*y~>*
z*AJSV6P9GkWe5Q!g9#MGL8{O~URQCjp++V$Q!M|lEq&z*P1v3HZvV)V@#GOMZrr}|
zEe#~td=*TbqZ={_kM8@7VRkMj=x`IHNq{y2(~VBF1cA;(3tQ6&f!oqnMwcQhk#w0m
z%vR)kl_fMw1_+B1lcYSZbTk>jw2sLOXCBggDUJ8t#6;r~G{Lle=PK<!Pt0;BsBr=s
zn)vI2-i&eV%#{d%eyqfx5o+>=li#xO#Vw4Tph2!Nc<sf-;hz_9DiXqoeWK|~VIfD5
zZbk}!3(B)>1k4PP@8-<^R7a?FF6~G<V?t21nFr33oA<*HZGP48b$SGi58JI<8{^c1
zV_!RHQ=}9?b46KTF|xJFm~R#o%yNHcomVYvNjKOeO3|Lnf$*y7`n6#Q=ofx1$Z}Ru
z#bC#4Pbn1*3pf-p{tJp_B&E#En4lhd+t=;1(AkusSw@*}0J3XMd+KW?*h7F;&Y$CL
ztRS7tFVfg~yk+DUsYJ#SNec6SI5wLs2`dl+)un6Eo8fp{QJ3(ZF$)tsV=I&>=Tz_*
z?nLp|`jjC-xF`k!Lt$+4ZbT3k36%a4V;EP5ruo6@*>&6)+->cOnSs1LZZL8G8Z9F;
zbtVoL0HC}iFYUuW(ZB%?W-4k+t}}rjGrxX;0X^QdDTbOfhC4$#kbE#4O%|xu+(Ix{
z`X||#RqOAqSU5Mt=cAfDSS$#;?K__^I!#J}8GMc8M0jR#k<b|0f4aRJ?cB8sCJ7K)
zBt<~dl3(GkWh{J01R;yY{Bm}Jj$0uCYiYGamDwQZ<r>TQ_jWZSSyA`z<mzQk?)64G
zH0%~vwdWfMM5|CPGc>n9(m{n&bY<^D`Aipd)NRUcRpq4r4%{1ZmnmSjvP>b^00?~4
zVC?yw)6D?P;Gpuwa-<g@f2$fd6TgqBA*|fhAgXpY7_>RX>lbw4{*=k{2&o`<ZC7TU
z=AL#tmFoRjV20o^%cd^TvwQ2?7GC$_qTO`R{&%{cvYJtEEB<@OxY=JeogOdOP;obS
z;@;(Z!WUZom!`YY`4_^*?|5hYSX*t_vTmgYrZ1}pUVrKtmo{D@S`~2|VyHraBZ2m&
zv+aM`1$|EE8_ZFYuc#M(AA614!h2ucol>7}a<L(LBmH?wmGfyermUObKDyp|63JG>
z_)Ij=`Mpep5a|k`&Age_*141Eu%g#BNrRE<J6H7mnggK<lJ)ZQ;}>WPV?QMk-TtwS
zHA@L1-o<$v<`dhqN&SeA>_^Z>!rn>+5w^Tr^nwWHv#4Ls{iEAH<t2x_$=L=~@a^F0
z%U@iWy-<KcQexQ_VXpMmo3f+VG6*EW67vYm`)@;0J3q$OGePIzsaNu{NVx#kkH<nJ
zSi+VKy8zTG9`6eR67b!98Gddj&F}(`2?}tD4k~;6-+dLxnHK;b>AKUTAAyCNX4N--
zg>5PwawCpI1y2z%a9=L(M+sHpfwzunTT+YZc)qLv0k5x)bKo~UC|^?j<`Y2X6=*$s
znHjcxP`X7lz%0`JhYF%}Jp71%KuGZT|D6vh{zp2M(8EH(KS%sqHd*kZ3NrW+Klj_8
zx4`uO--pnJ#t-lg^GujsIBx6LJ(ZT!;W;$n{y`*lczJes^i0Iz{(^0g1*W{hAQ`op
z8zlcIGuvG2YQCs~+H>J$qpoU#T6t35jLYZrAoE4BqcmZkqSR1xcLL8>h|&Tzvj5zD
z_f<Eei+%;sWa!btuh5w+7M25FP6Bbt8&!DDF^qW;I425#JE$(1%EjJIW`)kAkMXt5
z%(+%8UvWrPBVMV~(cgPD>6fa_l5ug9huIp}VaIFrcs+kUO_qqyL?q?%&bJChe`krm
z;1I=!7QWnrMxL2ux%FG-MtWVY-blA7wY7Al{h+(hyHtgrphS0m7*h$A_vUcCj!7rq
zd;zItZIbQ#K2fIUj?EUnOO};CL&}|F$~TMyD855gx_{#8=XRfE_s($tkn<B(xc+d}
z#PbUFDR+p;s@~gDe~?+9mnCZi>AlS-sO^Wh&SOnKd;H`IJrTaD-?Ny&Y{fpj=3;&a
zUYAGsI67!1!Pc=<?x4w!<D{Ju77;HTU(RRRf&#OB9<#?bD8DN%?F0tbh4J$*jFx(_
z)Nal&aTke<XzyT*H8RHLm4;O9{R4q~12)Y+EzH}diuz!}&o;$E$;+a+w6i!q^LK{Y
zczw^InvF3Zg_WDNeVW_xy|x9G45kE9m(+4ABqERti|h=M5SZoAcj9yq@Cb5XC<IJs
zXjFAznml|oizFrqHKoXKe7>lGK2C<uZhLMbdnfO_OF+NUd8zhS#O_nG(z4RlzM@{2
zwGIjZ>6gB0UqjJXe{eIJlrRY4MR~EL{U9c&SY=a3@zV(({^Q$0mcAU_&W(A+$vS*6
zJ#fq&+!?`|SR`T>!^nwV*wZN6_D6@|@|6eEC0qvfQ7e=k(-4qPGbkY4Hd-oN#J$2-
zrT*%Ezn2)c6Nx2h(i_RQ3_>Me%5Rj%&l`=)M+2fhhp)o#eyo_6-yCT=6!U6mokzYD
z;5K#m@I?M@Z|T|{ASz8#BuNoIV~_F3m~T3%RagsO=Sc>|e&2oKTxX8bma?)<5bt~r
zBmm_+qtl<2XVrWE2)w&?`91-k{r2yBzYb*|sRbNck@jQ^tF3NJwBij))k4Ps0LUYk
zF>mPN^9ATMFt;@jG%bd9PMe<}dHN(g0+M-Uhc@Skm75S7!q|0Qwr07}BS7(j)Gn~q
zq-m8l#CzsqGAcY|!)+vIdC<fh1OA%g29INZtF@9D(tL}S>A4o3p#`s};-;6Z{f-7a
zn%Xrn$Lv#m*I&F?vXFgTT`1$L4_vtUBkX~3_&2i#faU1_R{quV2c&j$aq}J~_xhZ>
z_hRG<eWm0NN@FMuz<0;&jmnf4SKvxz&UoLv*zEQ6?&>4UF7Xr&!-u6CQeDMmj5fI-
z|5xtI4qMFDhp}p9VdU1T7-41lFY<%`Qok$)ArhHH(>ilW{T_D86cv|ZLdz8Y&cI4~
zdZT-96ikXm{BeYB@Dqf|eaL@wsMICw$9e7XPYE94tUHDe7+`QM&)qiiHPOj;tE>Ty
zZ4l9Su>?9sfyUrIwla36re57V%38w7S4PdaJb`Ta#Ir;TjK3^@M<YnBGa#~Q`mr1M
zD`nFMoz>Um+9X9wa{OK!5ALL4pY~r!3H8&{_{!j15a28}C&3(3Zn!%>+j;6%8yN3v
zvRfOGsZE}=fpS{Q)`uSWt6up8rO^IE+Co#k<&p7NxEmWk`rIDjcHdh7=5XKmTKu*p
zH)Hup)Rr@{ADR2-*NlgoEoW{@<~K3#T_=PNl6=h1w}<D$M0HIk+#8&;A8s^U<lFBo
z!CrhGdVfV7=6f}}^qDAsdG`@JY0FzG;(S~~>!&P2-`4O@^Fx6)+}aFdCTOq?aT)(o
z`L(&=8MPI#TwJq#M!mYo6}%3Z^D;+FWF*^O6La)g1Q3}IhIAPp+3bxRNiqPn^fYll
zXbe+(i~j?8X*lG^l++W=z5j|8+Am77(aly42VJC|A7<x#riaph47c3b)hL`<Q5pWN
z#@={_$k|f$gdH?bY#rUIQ0NE?6A$&^^SaYJq8GXQ_9z?ED|kMyo^%hp)-7fbg|{Q|
z$?2yz>JmTo0cTAygvu8M7}|+xzaKex`;=8Adjgv&L;mZDH&P5CEK^j&7*HVvt3Vi0
z9ZD>eNy5*NuI==){0pjno&8|5*l5NQaR)q2uP&w)5IZCyP*1*SYE1qTnkbjG%aUHz
z7ZP%$8X@(=uvK;}N$3p+bY>&0|J+N>xotRm|9nuU8YCCiXV;HWa!W}nu0GLMQy{xP
zl{@f?Qx-1gU;6D)A3ycpaSl4KF5#pxDo`VdJ^Uc~I3Lb;nVI+bzUD$OS)7@r<vfBz
zZ2yRph2=FmiMS6w0|nDvI7*vN9n#3mFzvn@i8g0JZVvrp)2N#&@uzvej*|TVy$4_Q
z-fobcC+3fJ)AujK*9*Q%l1>rbRTbs)-LWF-(Rj5!@;xRLoP*dBvjXFkR9>ck3qaod
z*zor)`116G85zX>P7VX?;joZG|CEuy<MDBP-%MXs60bf_2kR4!s*^qn9^jv)(pCip
ztR|AwevG=kp#bSO`^=4|B9qMhRjJ3+6xc0_biS-d@b&|b`y6SrH#A;(7r!Eccc+cg
zKqA^E{av<CC+lS7i5Y2rY;ofaW@fM{2@Ctmrl`sf!o6j>u>O2jA&V;X=uL|;wxiSP
z@Uh^b!8UQSIV*S6KGQYn$>Y74&PCr8*L}5X9YGPcJ$5Qa=#Gtk%mM;_sRMc0R%*TH
zG@=1vxY#pTpq8I{3p7560D_pqoOnMW7k!*6ozaQYlIBd<A$^+7?DkwLP?&zn)Y2Fs
zuza|dX8P;XdAw=lG!P;eK+Y$Hf(jadwJm`prME2OZIKkam3y#B%dUq|Yz)@*onSNw
zn*lWu1O|_`8n0SkxRL@{XGYKD)ee@bEt52sn%{Eb>OaY(J_rAY%J2$ZsnnzFUnR7v
zbB~A2pxixLj|HU;b86?kv26+8(52MFXxpFAR^orL^*I#esa%S!%>908pR<)KZDAv-
z&QNesfx0@K_ZXZdurCtR5x|TlaONW;#e+_nX}3rm_~A^P<250H&YBxb$q#WBOVDqK
zkUK#hT?#klz0bq0P`n~ANjZG(SqNJZ$~HakF2np7))XRu>lAvzI#;oS^i~)gV!NZH
zDRlq!n~wz@y}Xm%OEg#$Cuu;Y4Wj0P%s`ajU1I#~-$Oo3xz$jfrD82^#2k5MGUCsf
z(ZXg9c`5uF_%m_=_VTg^;fObgp`h3|2H@|N)a4MpfRCZ_@t^nIq8wYB>F0O>1O(tc
z){=Ve*cS{m*hjGW`nuQCB4zJ%>J$^I7s~oMIOeAtmMo7@QZ&Ncrv~@*ccvmgv$pLw
zK8{s$N<D07$UgMc_3fMKO}?A#Q~wq$9#s5hd>&uzc`c=^rMvx_i?p1Zq-eHHx~?1D
zDaWZwlfCzSS)XCpbKID*v}PkrkfGe1vDO7`gh7ZbO+TEIHau!H`U`itF&jrIEgX($
zDM%55K<v$%+f<6T9~kxnzK-W-(NJjMV7BXq)2QJC)dppO;Zo^?nt7OzUO0C?{KjV_
zGt2WhTIds8N{>A&%FaJP2hw&kD7MX#h(GbCtkR5fKbDFG9M^qAz2*GNxi?K!7<Vjg
zJ#2w7>J&q1hB@}_B}9)8C4tNGsj8erPi}?_!z6Rf0+A38m+GN4)oGJ)(L%N>m*yFT
zAXxkUy1+I0IpM99ld07I<X5&7%~xQ5&g5&)FMHehOV@k8zapo$4`)`z!IN_z9a<|e
zaEdBp3{UTkl)GeHBW~Zg>wGXTiFMnG;##K^>Y<x&ez(!UzMpe2djoaHHgaOrjR8p&
zqD$_m%2cW}vIk=;cd@tVdc)WQhrvw?Z8!Q8Pb<wstF6pq&p6itWe>YvN!;rtVS(>T
z+dg1eaF+j2ZfQbS$DdSp*SS8}7-7OP(C@hMKtrs?WqW(yo1zS~a_vdKLTvqYomEGN
z2x$tZE%7xY6khy-F%VA$xP4Z`8Zm4+jzuD*z-Fk*>~0gnki!egkq=*Q6&Lxyt)t8)
z`Ax?wGdooQ0b|jCGp7}4nQ{yT<2E6w)_K*WlP&VfJJiA@M`iY9cri#T_Nj^DCxS*$
z-Q|#^N%0#r=a$iXRA9-Kd5<fRnA_;aXZc7I36}1DMa2mZeO{ji5X~Miy+;`8mKKZF
zo`}t51KywAMsOvb{M5N+&wYUceHFw7>ng9H+;y4q7OQeBtqUaMS2Zj*TxX}UB0NEt
zm|lM$U-{PMTS$gH4MJU(rEtc94wF7pp&+WjoRo8fxoPl?i{waM^Qg~SufP*_(dBI8
z@w5`f*E0%-xhclg7`ut)oV42+q3Obay_B1PaMyh|Y|Oz_R*=3fFGoG9h8O}=PuR^J
ztYb;a!0~YCe(AHV8TG#DT>(4l$xNp8w6FK$FJ;j`u}C~T3lv=))Jy?4znLDw2y5IH
zxw(SdBgpG54MW52`DdjGkzi%6`L87ewWS?UfIEyIzbCn07g7g0kbc^EowO-|G!1*h
zl}-}E7b8dp3{_LsAnVVs?~p{+M^FysaVQ_H_$Qz^_`iE(9+fCNTE|4mA&`y}RTV~G
zvC}DBC1>3m*HcKgywP+=`DOnj<+Z9~H1%rNMN?^)de0gLX*1h3^V1D-L(py}5JPE&
zNq~S57%H0@c+~~nX(lX7%(qAq7|s`N53zC+kHAushWc`OaxeAGdEtuva2$vA%Age2
z2}g-}y=ea#BwlA~c~90uAua>hU1<I*c$GI7_uq^RY|=<F*))sJn~=ntOyklV4nfSl
z0Xwx(s6-5<dG@s#<iR3N+7BM;u>%MxQ&69N9BXm01`Cc!k*K|D9<#NM$@#0KAgL4i
zcnDyD)OwQp&&7}dgufv+wbHG(YfYsNgJ|!(!PT1Jqv7HMj@~g*!oT%+1N|asgtLLn
z!;J6f>z0~*89oJff|O+%32v<nils2egiE;rfVvf3$s@M+cBtEy+v*nzROojA_RAxI
z8=)<jVNjcrLbviOk@Nsn^|;6y7sSRxE<|mjo#qqj6`j45A924W=eo{Pib>AvCy}7O
z-=~9~chFDnj-^)*Nb!hz{`wGh4qQ9)G1)<3)o3lhHAE#ag4y2(40!D{A+!G3WDYs$
zLyG}mDnn`lfP-yL{uk93m>v{G4FK+kd+A+H7I&L&nX*UloAT}hb2&S-o&Zr<!Og_*
zdyq4z21QLtUZ4kDH}7yd)SURktL9(ijFJGuZi*s{#16jfx~Le_smYymsJ3lj^Qury
zK4WxNls@wyGUFaFLZ^TU<^qtVG~P?H49woXjGEc!uAH|k><}_LiB@oW?3dT!0e=_6
z>6sFmtcf^-o#8=4wE6L-{--JQ9f58w0!=R94l8I7^ZV2#nre$J8ZbRx@irCHfIIJC
z*!>LD?)gXlBW-(uX6|Q#i&tdC_17!idv`8HQ(?jUlNF|*&qBJZ_T1$m&fT4rA{|B_
zXbGIn{QB@eA<nEqm0iscyy~hilu_ad1^yhaY#&TY4x>P?FdKdhRR55=cFPGJm3Z@p
zqL1ACWzjvI-<aa+;i6>j@ibx-XbGMmjH#4*(Ugvj+2@v0gSd*SWImgWJII5f@egu8
zxFIZK4<=q^fS^xe=qMOtw6+2OPoS`GI4}ioQT{R~R5rfH7fHmknfE;9noAy8w%8*)
z+oFTb9>y{-)rT$EPW(KA0g*DHV`Sd47`xGH?L3H}7&|cxr5_uz(a6am-%(b<r=37S
zfu@+pf23|KSx2K)`iVI{C?f7IiOHWGfPw3gF0cBVYh-ahC^GGO**)>Fe3FiiTU_X2
z*B*J0V!ILjW*JLnBUbkko0|ZD!H`vYL+Pi8XrrP80VvTJ;_Gy}Ofj*hSuzBTu~8&^
zeC1x_<*L&I0YvSd$tx5zdua(^Xl)f0M*4K<-{vte62N-V&@8Gua1H^riSW8gD!>#^
zEMVQ^kQiB*hD{fkVL)J@3#q1P832@%!rCyf1OR_ObQ$(@gW*W}DYUYdnjx%PV_I@R
z!Uv{~qSO1z<OyHkgDABWy}RbA)lv%elPhz8yb^@@*>y535>BJB{b4$fcSt^OFK@A5
ztG`pI;GQ<Z2)5)3@#S?_y$7j9x!NN@l=Knp5Lf&HYnq+|upc`|$2#B<fyH<E)mS=m
zl51H@z1GywTi)3~I5lR9{^5OTL`Wh*8Qn=%L-Yri)u0MH7;+*)G*<ZuDd&|LnIGLc
z&z<IH&0s3v8-$T;hC-OI;pGqSqpB`Y)okaAQR_bS@Xv0Q`JaK2gDT2%vHw6T+^8CW
z#2NuW{0sj~PhVtYG^byi%m#!Vcuxi=yixO;xL8)GPW58mIow=To-pV%sgk76+c@bt
z+mrl2W3W~q{O?$E1Odd-fZ9%w0<b<AX2HHNb0q$sXp;OCSTG*#i#sveNDS>N@b>Vy
z%1Zx=oI>I<JDpNS&%8yAz}a${<Zk2gT%+YN)U^67{Y{Y>>gV^tQuah!*pkMvb0m&7
zKjw8ybUGF_H=5@w-nWhCZz_l9rX5ME^;yoFCAOoDW_&`+63*7{%@o7@p4t?hfkw~F
z;r2C&qOA#gM?2IQX&jP*6Ix#3D*tQ|b}rDSREo@B3&IWV3rkA(Zsh@~MQqjRV4|;2
zhU8ASGMh>cQ}Dj{0{&5<%E=Lh<#5D*cc_I6oHt%0LbRq0)JQN`1#K;!g}9g_tDMun
zz4&`|r^0<rTg#;ws7YEsgba|Xxgh2&^%K}el5+uS1dsk4#DGO6qSRS?YQW$n{6sa+
z1W8X|{KwdH?`qn!jyAH}L(Io|4Ea*=WrLcZg+<}2GUa5Bv;y_&>Ub3>WX?$lZ|#gA
z5I5SNp>}-guK9NX<YqJud?R^bIqUHdhM7=q{QTGF5g&Fxk1S8Lhm5+*lmFcfxmxj=
z<guN|6yEbm7G?*-wB|!N7w#Tq5%}LeD6BYurUF}JH2}F)eiO)S-YW?jp(oSN)ectW
z=hbrGc7hT=3!m*N=yQRhsEN8AV-TUkcUo0+d~5Wp-*UaMo7Md$N=W+8yfzwiL!64?
z-Kp4{$;OzAqL+33gg6hZz-KtBs}ITbESoNxtgfHLjxus)tUR}Jx0wkoL-~AJqf5$)
zcUp#HhF*y2DysoN7(o+qBUNYi8zrR8L6;kv#m|DyOLe20$~x&t#k$+A56&6H)2e3^
z^$a=*Lk=~03>A=1;_qGWalDS@5h2Pi6@P0ddUFL7(cYo@^Me5Vb^`Q>3o*oG4RN5B
zLQ<A|E4*%;@0<$x&#vb6L@wJ5f<c@XypvoK$mA317k@7Xi8L#8pl3jN^}z=P0BcKo
zKCc_rG+V9&4gCdT>*aabp*r)v2|eXN&NH+21fXsAig{9&3kxx8gn_5U-TMRozAPic
zE2mt#W-|O6Cd%@h41#===%)##qP*5Qvfl(IuQIBaUEbu!y$DLkBlNyBMAftx5q`6l
zGhN7t&C4vhzTY(Km!#zMLcRye9E6N1M!kxzO4hf!)VCP+>dZtBwM75aatm3-6BQJj
z7*|3kt!xcIXi@A3UX(W{OmIms4S^t{Y>!8;yga1XidqdZKtLkqDWKM>^DN~i6Lv~X
zEuB~n3e_gR-Ui`P-E4r=q~4RFiU<fY<G|#?P0ax-KGRRl5~i$7nj&0!5OMWaKs;kU
z8_>5O9mlzSF{(XpF5f(yEc*$mN{kZF|CFator(@CKws@H;!&r_CNb#40dPw#;vT3G
zGLf9p9EH<F`5m<tdJ1_k?^V>I-}gNX_#?kzx1>ZlG5gp4v-pL)v{lv8qy%~liMiS7
zHuoqY=omE!()^Vy!`FczNRuoh>!*i0vq|A@G2q=2K@%!dd0rwoAXpz~J`e$d@<+Aw
z;w56TpEz(XToBbzPm`zd{oxI$cAW7Gw*7R#2vF4#0PTL2(2?ZEb4B1ij|mW#g&sY1
z7soh5>U-hU!oLb+OcPO{Dych~$bhnMSth7#>Z3+Sl%Dy$i@q*y{H+eRW^K2m^44KQ
zu07%rL);ElTIRcN)M->69N&*0zEviP|C~YA?-yv)tbn*sB{1o^XW1sFG?s_&=I32!
z`^$SyKaOS<RNQEW+9i#31gFv=V%BW)NQvbf=YC8P`{kgfpsvyiM&5k+O-c3w^Fa;-
z(SR3sB=o@h|Ak<{o^Cd*3VEGL{I?33Sq_J}litpiyMxrEe~WXbId*;UTvuTx2b%w&
z1A+OFB7+dVzTx62&Nqi3Q$yUNPDGdmQ0unci43JBw{)P0?WcLS%{Ena7O~R|$i;v8
zLxYP1WvHOFJ!k*ka$a}@QseQTr^JE9U#8)}Hs=UESYexbCVm6}k;$WMvXW33b>LcQ
z!|Tsy@E)j-K{D`Qo*=RKe#J@B40$N&ZYF-WqgX#O_!|Qg1`zfF8-Vn^M1ta&<>dPp
z;zh|azI<1^m$^;}2p<oFpp{1w0AVFM5X-^5Of&NVGZ7Kyi@j>+0}vX3M)<OkMo^(9
zFJ4tq14s!HK;U_%uQo9N){$=UyU_*IYLzL;0AcfFRU&}ztn?j9iR6~Nmw<n7_mox<
z8j-k>^M^psb4mlypMC2ut>~CU4@~H7JT4dC3Ryc((mSLf;WiVW^Qn!G_IjuUcEiRW
z-lkmKWt6#`OuZt@^PtFdP#9B07U;egHfIR?Q#df&{(b`Q>+$A~QfJ+dpKK){I4~y+
zBT}Gd5mJv_DTWDqAQnP_OTt^fr~QnP8IBBg`I7%0J=jNp^G5>0-J?L;J8KYxWEF@#
z$DJEcL$b7dO(=TL#7XZ?xPYKb40!YRP@n1yH$K0`pb-7VcI+I0JONNgRG6YY)xzG`
zx_nU#gCM~sB>xha*M9rWRWPP)6e}~dhLBP|xy<gm|9eioCEGufy^0GsH(Z|yUu-Ah
zj3vc6^P)FTW-uVKu`=w%;*m$VSE-5`syu$s3{<cXLI8#uEnb9ohzpHmYbU4!z=6`#
zM7Mm<Djm=gT<WIt5gc)2$2{#6a#1~{)kU_A8`VerSsMTD$bSz6DHan3hLXhUkU5M9
z0Eokd+wC#w5Gr)x2NZk4j%tEfXv{Wes0d@6If7CR-gFe#-5q=Zg7&!lI+vfo{=0qt
zSZugn-iwY1aZG4HRw?E+{wtH}m(2p$ZEEgdss#-soI4>kkcIDZo^HU(^f*q?tp9+b
zIGPrii4C#PKh1VTFIQGIzQ0UKRYxB&rvs5Vkeb$QO^$J$GWV|<eBk)@d8Dc5MIw+i
zxDE;b%*1dxbs+H!ZfyBpd>DNAu7FEQke@bjI04m*Q3C%l^mkDvK_CDagcFXT_v{b~
zV!~_?!ESKLXGv9MiVUxtW$fm6Uo#W5aX;zIp!d+mh-dm@^=`*^#R@J+cdSV#{ll$v
zW9_X4F*0XNoZ`u^(g*@S-HX3d!953XIne)T0W)9X<u{P1leanuf!f6DrH~{t;}?)*
zYBVEKSegY*r0=;3ZsZT%M4~r~fZXiQcVn}hec7DWMtb%a$Qa^e<lT-qfBS<W<>KyH
zkj$KYhYf7!<uV}-PE=Tr3T~SPLsB~JE++1vTtVYq+cCZUe)Z|)5=M~QMgR@v`(;GP
zS~z*-hSo!&1yy-^q$IFU`Zjs7AZ7||yr7OvAHDsB-;noqL_a-{l!y7-Hl;R--c`e}
z?t~(BI&~#ZeC@EiitDd0sKUn*Br^?k<#~M$Y-YwXs0eV^x>-TI#=8!}RfH!=eJ>Ud
zshbvHL~|@W;RUHR+-`>)^r$W6g(T+s0tMQs@BPhu7(K0l9H<P^T}T}PQvA<^>dM|P
zf)gh)2-0Lf8AMZGMZU+%YTQ+f^@IMGQ8x=nGFnmlo(!z?y)~5XW;c{>pW)y4j|jFA
z(dGsv-o}N|W!f9GI9WtQax`|2)49J;=l?=;lJM5x_<P&bwcA7Kf-0cR2sl(=;$!z0
z<j~|*?sy|c(U54dW=pXk%W|_M-UgA@jBUL9Ya?5kVX(PkR(vm*S#;Rs@A&r*=Su+U
zl;{Oc17LNoS!c0_=sV<anGJh=H}^8JX&^?`FeZ@P>0v9(_pP)Fqg+K+@#A5*oSyAI
zMN71GHZM@15jYV10gw~X!+WW>F!D=LHRDKT9P3KaUT{GInB~WR?fJ<ZkdqVz3gXyH
zSCAAyIV;}n&uDL}n`1pNfgUV@8+imVE;2MZqPUOYv^lj5`jH#6YA;UK0}%kZH^1<u
zACc)UM|E{86L$=2JzCLJeDs+4kjyWc6>cb^<W9eMZHJc}8gYv>)sX^LUN6DGC#CP9
zTJIt)-qEKB&>MCdIhiDbpy-;#f1j&QFY2mK265tAY+wq!7gB>_z<Gt<O}J!tHk{Af
z5bD~>3{}cV2eXzDu0+wGQsb%G`}nEvaRx<+uSN@v=2{%}fSESQ>rrqbMP8hDv|W`^
zIRo5h-*y)I;o7ua<zV2(4{NHQqKJNDfB?9)No&zx_<(q9KyBlwbduV+E{pug2_WRk
zejv?5&P+F-mKsqL2WI?J$(@!rayje)!je$v^SVKed%&>>#Ye+(6d19sbNnjL2Ffpf
zQ^v9LQUn--`2P;c24zc*y{`BQ^H+Bi`jU@FH+`;>xdi*}-5cGtX^07q`qIdme&;Vu
z&$$<`vA(>dP)yM`Fz)e#P%5&!EIu$;(xv4X-MEh`V^;UsfhX{$@?K^+JG4@*&DDlk
zjXNHa2@KH{{v5q&cxxuBeJb&|ZZzyI+kTwx!}aylfRN;KnhDlmYw5e@GAt}#Q;~uL
z)>C(c$Behq%~o$GMU67%tL3XcCAC{i0DUqg>^y<FTiX`UXsscclEzPl_>|NfEx%nh
z@<h+xuU@@%e!o?Ec`kV-Q_>qhE6lRgfOBy!Ce}hNIHGdsWfDklw8pP@y^T^q2TWO%
zGAGFL_~HZ9nzHfpXs6z<vyoz#eA-PN)};I9iu*UV;Sagvi^YO<aeA{KhQcWN)leOF
zJk@bvWb=)&i3nNFkBxXk04_-`w&I@^>H8d=>+kfS*j1M$)8(?13WuDKi2N^C@(6G2
zo^0Pt$?B2s(r68qQc||$`{`LM&8RZ~;bhTH7c7;FX8FDd&4(iiwe=@U{4o&<O=u=Q
zMI&=T@T&USJHiKc-Q*>r@W_Ek-rM3R(tbCuAON=_a1lpS>8<Wb0+N%~uTtu56?s%x
z--(&9+1hVrO^H;DUBxDA%$L`2&$THt6I$H$4=l-n@d+Wsf-~x{d?o0|yX&{;k(F19
zB1;$4UK1D`b5b3#KPcaWBze48Mr29?RF`B*I{pEl+jgTR1R0i2%YQQX1@0I)P+jWm
zDIAPsUY;@`0cu6Jbhs^3_|^L$Yxo<&W($)RWlD+#BBbld<q-cxVW{)r&E#d)<M`@A
zYa3mLttMY7wM(qlm#mhHtMrTTjQ)D`u>H43d*>9$(FpZduv&d1x9jY>MAzrjpjK|3
zl-Z8VmI_UyN_f0iQcN**AR+(lQG{v1jS#MSu~sDoX{D(%Xa3RL#q^>CD!9j0Y6o_(
znu&Rb<BHrCsA1|(NV)1&EGI1`k!5*5(=#f6D)44&CxI#!vo>*Qld>j@)Q1ikzwY^{
zcpowqG!qcI{*kb9Xl^2~7q`!lb({jbM$>JeW^Vq_#^$j6O7zxVG|g<~ZdLjt``<8m
zys;uOdg_lUfX*)lZDZLlUn&1y7*nIcE&^u6%D?sTZGv#?GHnsO0HlNTNU<0?P^^g)
z7^@`0Q4V3aHYv$$M^>?V)y*NsKM8_l`~1RvxIL#S&-HGnFPqjn63QfL;B%6g-Kh3$
z_%4u<<5!|R;xw*lB#~278Vi-NNkk|Bh_HrJ`(5)T93H4}?|fsfa9MJ$?Tq%##hw7?
zCR!pD=F2G-qLT;aorsrg)sfEpsSr{?ek%CX;=qH#oZX2w2bZ~4B-GtpAH^g`)wm7Y
zGh{aJDQAy%hp;-{Id=}Zo4ERF>9KpmJzKev979RoLVm-yn?Hs&%1|fk=u#2^d`vU4
zBx1$ja@nV_T_K;tcSAf&$#;=DyipIf#kyU-8dq2Nb4d;R=GH>gQxcH$2|l2fgA8$b
z^qVOUha{GkbdH~EMJjgic?&jbasjPuMZxT_Kq-cH-9YGzdEYFq(PA)=exoIfsFizG
zU<A}LFP@gQ9uAo_md0#p(;wlVS{KQ2%$=H5T^Nixhor5n4_40ifjRsnxFQOFRX#RI
zlJZZ)C{liK;pA4*Z_aIT_Pb0D+3Ir2x9m0zan3Bs94BHHWRA$VEKp08AITS2=k!+8
zP5G0h*u1zyUmW|@k-j?CcRNeuPm)^fdvd{OV*8HIeu`M_e>gl%-kGPgsL!KVH@Vmw
z#d^3na2S6_wu{SozubuHfqg4mCk`%nT;QcY0H;)0LVc<}8w;gi;?74+@_oBtzN4l8
zi+W#6WMRyw+}P<|Z-!CIiN)(!8jU!4Q)EE(dd6VUJkNoIIiU&!!JwL-@J(W-KTQ&0
zl#;h?PfS_*S=;vj)vh(DtvQ43Qh<np2!3tLtD)X(eWwHBZTo3|`*cj@3mfuJEGK#P
z$RbXJuk_{`84{(nkr&Rgn0}x_g6dYy_F=pFO;+7aU4Py(A<gM>v-oX`Cuez-01e`J
zlt#a~(#p1An>;8%bS40`SUy`Ly+;MJUaYcJnW{VpYXs9E3)gBr9>HSP>qBl_2J0Oz
z(W`1$_p(^_u6AvV#AbSk)XJBh1A^a@1bKLgh2oF)Ukxh!{j5ZOJ8mpmmsaQ9Kby?l
z*3W>@gX#2QKa|*CnXiss<zsILx<Yk-kO0@5=w;N0#hu{j9~N@7E8(q_^Tpq(@So!6
zknH2?d^0xj4h*tRa}OwQvtFe~L7K1g`ra5WeQp!}#v$!uE0cWNbEs=$aA^jz@a4^>
z*a-=f{p#-TXd|kyjgfYh%AwaBFP@9YQpS*fnP9{2=&1}vNH(>v*U4!y$4nj9o?!1K
zn4+*%HO5|)z1P;R6p&w0+5$fbmJ%0?Gv4J<q;gQ~v3cvgpd3Ad;6_<$Sp8ba7ddOu
z!9cl5)5}>ZgQTl>=>*=P!V_(1kbmsW)n?Cm2+bs97_etDvrp8^pPL9xQ9BR*<C1It
z%O#ikl25CZmz7R>zit;QJf!-gt}9i$gLHWEEkjF%vVYSY_4KO-?{I&X1{JYF*7MNZ
zv3a`5FWy2WhVXiGVz#M*^p7^=6XBNc4i4a&+iVoqN}N~vBUoYy8t){RK3%CPk~+M`
zD}1Y9K!&A#HPEw1lnsye9U}Ozti~7=XElEisLV?eMTBh<I~vJU>sFHL;x0l4kv0l*
zTJ?OSHP~JW2{`@^4|6!KRA8CJ>o41Gq}8)}ml^N-btbjWi2dVP3a2#{JQ5E#^$11L
zv%IA#_9bHaW}Kh;bIk0OgmxXv8!vy!0K~xPy~a(EuSWbkno-|KHhsST`b*;TA$ErA
zUs_uM1^RMuEsW(B=8wopP+U&4u0qx`?6=+sDQ~^OxrUPvlinOE<y2hJZhKpv+vf)M
zDr&F4A~D->fBQGDQ7<TSXhcPhDaJCylTG+O?O%Aj7^B?jxgl)Vs;RH+yFn!77%3~B
z=*-zK)M%gN$nI^<A(s?EXtZ+8YjwPp_j1W@XCwbaeMGcs+TZfxo8;ot#=`l#kIK8_
zeoYAaqw^wZ`O`pu%nL}Mbd+2I<<6>n40Dbm)|83^>_HQe4`ij<$EO^);A9)XfO}g-
zRN2uFzqZfF5H?3aqgJP#kw(10;e%q;+Me6NXk-wrazW{=HZWX#ej4R*T35#{=qXq-
z#Ru`it3lvN`5TDF$3lDg@fAYI!amW;=5;*l`4^p=geoK-C&ZfOG`#;cQoX8vYu&D<
zxq~0Kd0|#@Yu(s(u{GtcTM4vC@O^LY(9#|^>yiDGRYrUY+*#TY{Ydda+xegIIR6?C
zS6`tE9#=j}1xd=y!qo_3Nd*LJEdMoKxNHGDm$EPVU%wWv_7Db7yA=KRAm8sU*DP2_
z62Kspg&BC`9kaBAw6dFj6u4oDLKeTDA&Dv|G<Kv%1xa*TmQ~cp2U*lGBT>gwK>W*@
zfNRi~zSPkP<EKv41#8<7^P*J$+~%6-myjE2cz!H^Eah(bQWW|p44z#IfP;4jL_A^Z
z1pM%s5@L==c^m=Vj1F+61SZmS^4|*}f7O4ct;WSC__GEPDZAt!eFZbSx8-oDA@SR9
zc((P$&`3RpPZaX6DOa;;4>p^$MBIwa)=hC-9DU+-<!u&b!uEb11{UzNS-5XNgBcp-
z<NGY$GjH`^cd57sJXIqib+*lg4hzq{;oj8p5Q$ywF`g@Xz|a2XKzk$HKc*z8;pW(?
zaof`RuvRr$mRwAiZDg~sx%tB6zyPAspv&hW7H>YR9N#DC5?2tf7s+KEUu{U<4k93h
z{WC?A%SycY%a<<%=D}5=c*=7F>xgO}bDgt?nJtBZ6~{qEzM-m+s!MD8Uux`}3gY_k
zHtw%_Z{M>`UWKP&c5sR>pL%X(7wRWVpp_k*aS*>KRJsni!1h7$L)ZooV?EZ6jO|C2
z)d`>Q41dM`PUSTjnPRQvrm-x-=fOym*^PWbV?~*VnU>_mB1NZ}#*-Wwhg0wXvaR@Q
zmG%8-tEI=s`Zd+^_0jjM^y?1C72ZFSfL9{J`6*s^*K1AavD4?uLS}rvmX(JGRlEtu
z&$j+#n`IsBQ9LQnxLFnT^rtQDHBAUQa<dz+Igm2M-ah?&_=d)tzi{G5=T{c~5EEYV
z7qxPHOy?Db5`LDoA8=V-!Fse2@j8WP3AgFd#lkbrIN<Le*B(J=Kh85|?3+>=Kg8K}
zzxJBnw(9M&(~mdLjlkby`;pjy4JxV6Q4+>mXWy6}FYgD*a<sn6BwE|Sx}H>9$>YKA
z)oTX&dbe=?^CbJcYF4PkV%Z!|jiz&%P8XLS&xkHE7DST}3<0Ue8CD<!Q_l~7kDRun
zB{)Y!IL~%WoGa7@K55pYs?YJLXm061(Nxayp0$bD_!(oH=jH=Ma(1*Kc}-wv{Vk}E
zqsxl{5y$KZ#1WyWnfQ&)o&a^qr6!p~(1(RU)y74hQppVPt#4HbKivp6UNoBaXlJHt
z&R@lZCLHxROSSxUzV2bLK_DMA^%X-<5~cQS9?2=+^4bo#`6q*M!$j@*+(^+N3ZCbn
z0wNafLhDKt;!Dvi*4z9|0}fZ87ixQpICYL-Q$&0M^LW3)L;Az7n;U1M8{|2gA$}-B
z`FwFMF?OC^_&43FUt`!ej0k#POJNJ8Va3=8pnLB2OqLSR+{H<2c$I?2m)Wp8rEE73
z=oS;}5izM#U0P=!qW2Cea@+C;j!cz%4OP?+sxwpLZe%=(l$X=%3w~J>yy0s)=9$LA
zI6zzZ?n&`-rc+m*%$(Dm0OU3&8Ncpd(f)*)m65c85Ly%7T)jlgp6w)$`t~@NCKO3b
z_e~!g&jK?zglBJAR2Jt&(7EiGC<6z93ObMF?#sPJD}0DRl)r;8QsQm-gY<RnbU#I9
ztqQMcA5op*S2ASJF8(RL%6Htob*?Z0u)1nN{0--VjD-2rnlo+v(%z9?LS0d`v*;6a
zQ$Lpfn%e)8*-HUjXVEgp_cU9+@iERBeFF%oTf`<4TV5-;HwpGgmQCx%bxDdv)iS{Q
zzM@DoIPplxoYIlG+fnnrT2koS13tb`(WL_h>q53s-2BOC0Pmt%)(+|-uV6e4Hivo9
z-YvA^z9#B~_L^E!5c=1uHlowuwTP+JS$ue)nmM}HEBQKsgIfC0A<ESslnq8o*lMC*
zz-_cT;AH^a$Mf2oE+af9`lW{KI~mCL_kGg%h!Si4BG=CwpVvK=yB(nxc@3l?hxiSB
z9I;;mC@DK}IzTL+Z){<&6bNpwLS=<VNz-$|U%Hd*FUyfD|9oH=nU)RU@)jT{c6;o3
zoe|E!D4*~25$tC)+~jq|eaz0alA41&x&FiBOb0<y9tY7i3#^3lGWT2k<w5LIRxkqg
ze48|ktMm<>1R|M?sT>9An{Js4=ZwQR@wjl;BD1f^4z^9Kh~A__a4(0jMJ`oF$4JfV
z(}(J>LcDLO#FJBW=T;N;7@xW(&PYIX$V}U}%|Vc;9_npWdlQq#B+o_RqKKAnA(&CX
z??JakQ~te+;y|t$RNIAzR{m`aWymGzHH=kW?(CD3o-MO&FsQ5-(bI<@ODF!7v57uY
zdP`=qp&4wn-I*U9bKw0A0Rp!~snknmh#+TpWAo+g@6U=lPPBMsp!i{`D7Q1+-*0vl
zea}!F&vZ5a&ptG{TPqa;Wm!<<RU%fbx3Iu=0hP^s%R%P+cgUgRGk65@fKfmZ-Sg)h
zW6gCkCRT2B!$>I)bi;Qfa+4A`F>5Gm0MY9QUMOW@n6HnttNS&+&j;U-X$C!~<BhYO
zecLX_=>V#$_svPdquGq#jo8%tYh7ea$zEclr&Y}Rd3H3FVy954#NR$7jd&abB$MQ)
z*%di1+i99hvFmOqM5HG%d%8Q(EUlmU9dHqJXRkbduh^ET09ocUcYIM#G9c8q=pbl0
zsD<Y<{$r}>^u-Zw{20Zu8@LGxQR<+0#JEag=0}}iZ<^g(EDkh)gTFXB`+|<<L`gS$
z<XF7RS8q2tVxCI+HE8l^$_*79EW}8?C29XN@e(!O;|WTJSx@bvS;*(1)tsb{%`__u
zX@1AtJe$5SQ#BZ+_r2qyr4di|3rkacgr)S5!8^ZZpN-j8_9S(ROKFy{XF0D@XTc56
z7MtE7SQEe6iAQI+vISWt`M3&Y2+F=uXLw55+e2`=42zohd;54o>{vUV&fZHldAZ9^
zzCvk*VJM+UsxOU`IVgSI3X`(rqjx5K6jM`tgzNW6)xHkT(I=Ur;|ny6GTD5OL&_7)
z?G9%B&L>gY>u(y9+vOR@cR<FjFjDPS>GAsV(_m8aCM`_?$Y3ymky`BK!`z+vZM<IF
zZ`4yT4$6lixgksWy!zWXr{P)~UOft9hA)U#jA~y#3@UsfhnP>gW5)!$h24}axQ&z;
zfi}Nu!R@lEa*>2gT0(UVXU14_fh;z)MCL%lxTnYy^a1<s+RNub<p!nXW+NMP&Sbpp
zhc0<hK~-L)`gGEl^3#SuJ0k(h?^JnjB+Oo5XJ0hVE_iC}R?Cn{4zWN!bzG0kNY<le
zcX)?^q<s>LRgDKuB=8avJ|Sp|F-%r}_FGJ-#1je=GZ2fiuk-$O%5kq`b0SJgWeMs&
z>MSM4ajtSo(OM`_W;_8t`x;8u1QW#iA*}PIy>}+WhLAB<rcj6VZW%cYg={r%(qltj
zq-iEzGQ~3cOtJhHjeTV0iO&+H@ztnnGdeLw4x09x?*qDAp{vG1T`F3#ZnFucbWaIO
z0z5ewzoqb#_&p>^=K1`;4$8C6=3Tf9TNRKRk{YdB#743l#1V4HNB^ds)3<LtopXJq
zxP^s_u}NsB)r;-Q5B+pQp<Mim!QlE`ddilB<{RRW5l$Hm)XF!w(^-((6{#1rbt1=$
zxqL0Evs6O?6br)MEBV%pc-v$vz?sz(^)pLh@jt}MV*3A4_f}DHb>Ek00fk%P?(XhZ
zxCPhXuE7H#SPHk`?(XgoT!RO9cMlQ>5=htg_5J_4Z{It5jJ|L8wH{8LGv``!t#kI?
zYcA}Cwjy<?V%MmAgR<vIivcr(9v@XNqKlIKae&;z%!pc?*(;lySr78aipQk@3tp(D
z3(D=GDDEun;{*6F;P2~_na>*<`d~b#v3UOx{|{?AxNrD^J)Y!;G~%Z({D08a)5lTM
zZ8BRJPBy%9S5tb_@n!%*ikVXpJ*Q1xvBAgc&BEGCFqJTs`|-=Gg)^s5jZ05?b`VN1
z3_55VFo5FxhaT4`$XXj8bhPNRyig+6Ok`p9X)}Gb9j&!xsXBF!adfD|2VXP@f9XLz
z8ytor9I{aXkG{^7mESW;kMU8z5fFeHbCz4w*+sj7a@UyJ7bjK^H$rrxE>iThu)In;
z=&!bua?n^@)0l!a`d$^)@?ZV|4<uQ#+wR@9wjOMD<RRA2583ace&P&9vM!>7Hf4b2
z&9FS?-?GJxCls6QIDD%9Xwtf(EtX2}qpM@ShyC^_V~YwQ2tkZ<WP5eqly*Xy1jxfJ
zkdsOLo}n@NH-}(JlJ7Vx6J_l8lWP*;_TtgM!DzZ~HYoMo<F~h}m~H$DQM=#jgKDX)
z{J<t45^*P!9O?OizT!pln<I)L9HGLxMK*Fp8^1g>XTJLU@%j(?D!2;(cz;Z?%8#$@
z3+T5fcBO@hezM^hWWxL#_D=r7@+ph~!+K!21Nw}S!{5Ts4-2AHX<xpuX7B~PlakNA
zQWD4%OUI5yvf)wQVIZc&qKrqdW4vcz4Ag;J2tuXos}WmvbiwpQa^sH1qM=L5|6LrG
zQu`(BolF5aJD@;7(G{D!(wuni`ihP)aG>?Jgb9IBqC&Gbio`45s~M9y?8Fl?<TNgc
zM8Hj3;lv@_xhr_a7`j=vwbKE|{aGZ}#uPV-zDRpPhgpb(lD*2=je(Q5sM_syInMf-
zpVY|Sn%x1SZXJY?ht!IVk^dnjUD!X5P}R!55oT|lt*u-B>>p<Q_L@C}+#<&Ly58Ft
zFB~!VV$)jKahjUu2FjPQcs?Qwv!%)DDbNZz*nw+&H<}cgG?!-qV+WzdiNXI#jrw<V
zk^eN1te>%$ffG}k&<Qf<`gA)EkZbW&bKwwXF9o8pl;rXw7l>={0sF1ST0s0&rqnXv
z*K9Pm7}fn!YGUvkn=5%Q!GHA`J&m8N>jY#q9^+R2pwV&LD1;?{jv9@pqLsFx${5S$
zk{(enWt6tTw2GikcxTNx4;?zy<-Idp)U@=|(#h1e14C*x&;85q4gVzr-#X}~zilz!
zx>o@W2tYB65*~|k;*Hn|F!J$>WxW&-l)pi3Y@KN8A2VI1NI!1Q(NwKmCkIp@ux9j9
z<4s7X2b3Vsw4ne%l#_11FsZ@q2<=PjBi1wlc4(cyiLo)$RrSA$DGsP8U`Hu31#2Vd
zYnqfa9jOhsw|7mxZyo28RnwB1L(;*on+w5m2$GG}j_P)<B!ewh|LsWY>a@c+n1Gn7
zG-%Vv7_KLnl?-R~(RsZ|d5;l28E6h2(hGl!j75nw$bv;FtYS096iwEuEh(Fi@&%H!
zgCJ_M$Jnb|+Ac%|h~R|#{c;X7M+#dkP}FjFp!K()v}{_Ly_k~9(QlIxi%E}p2pA#y
zuICmR<U8$FFj~+bViDSHkO@eb-@NH_$+YnA!@ULVXH83IQ3N9+_hLo@USAY^A=q#9
z0qFoLCiMx-pFPSD1221nSYrR)fFm5rvIrZ*fhIWlQo>&co*6qPsMKJh*iCzR`_L$y
ze0>-Itc(X~8sPI13ye?T#AW?XIKgk49L;$u>ju@_@%Z9Lf^Ezn6C7=^%W0&at2K`;
zwqK`hUawBP4udn&$q!H3I%Nr2gz->$JR3h8v5Px-Oc!%ujMGqN$}5(Pp5rQ!!<@0H
zx#Odd?XO*nHmixG{4TtS15s*S;pA_$+NKR@C;=I@1@8b)4N4L)x5zU~?w(VAurjhJ
zIFvCFznS;>i?Lw}AD9&&?gu>b`B1bBzXG1VeTfG&>`&>zBZE3;Xuz5?|A3SY_`Dyu
z%?tkmVLG515y%PWmq3_TY7f~Cmw~+b7mI<Bzu-uyLRyuCd7dmw)F5kT54bzW$njSp
zCc1C914$L-?%+f=f7ZWOrE!Rx`gmn{1`)^zk*8<>z_bIRbV1H`6g#>PS!+B&ow=}Q
z)6+xeoG^ryPuxTP!TUWAk^ht@PiWOoS}l5&x@|H6S@Q$`iA5FOd(ZgzKFO4E9yn)`
z+Rss+kvE(kzJ(^LK|WGVU!GZ7#o#Q49Tf;WigDpg872ZUZnNoJ^*fT+A1)FFl_CKZ
zqo<>t5A(osomBG6U0P(#PspTr=CIm6$k`TsHMjBVGuVO-bwSEI|Kj6a0F5TrdSI+)
zk-Z8TTi`rCFXmrn7z+Yn<sC-dm8wwWcoFhP6|HK_ogkhe@6tQQo$qE+13#sx!GFc)
z$n!&bBPpg}!;SyIY{z227~mZ8zQDs4YfTBneJtG@1@iu$Ep(_f-cA{g97<iQN$stE
zsD7_kzbwU00@Db8en&Zl3(V(*K~Zjir~9zw+8AotT~3Bi*sAq78P@ck+%f$z0y*BD
z`NEk&krBVXAlvwT#o4mbMC$27yg+=SdPGht-0piMOLM}(Nf0AU<vE??j8eriQ*ym{
z7;?PbrC)DO`fy9bXT}8!E&n{P5@Zldo6-dmW7DYPiwnnhji^z|g(ciAd|i0t_~{uo
z1w33+?GU8+Bw%1sHr!kyW%YJ_?ApW}2Jd46Et1e}290```tfkEVK^XxZ+kX|aXwBE
zIVc8rup0!lqtS^qR_NK+Ns@~_VZSBhg*o{6N%T6aRG$LrI+ABd5N50h@^1>F{wD?5
zm2fD<a%otHaG&CPf$Xe5#3#lraQK_D)Eg`~{lWoEmy)fvYBqYCrFBU&9hr`1*~#`*
z6>$$Vzt0Sm{mks^zejDX#q`qW@xeB$^A(0|GXtPkRQ5FV51rg`uMVFf_EEA^%lQcK
zh-Yby(+{_@p^ifaCE}vuP%GN3;p0_b@^S(!xqc_Ht}Lz_$Zcs*<GJWjDnilgFf?>3
z=m|CF<|6mwN?&|bf7i$UAZ99~QuHsp#X7~I8GuMU?=bn6g3smN{zN9q*p!;ilC@mH
zxP4DfYH9n7vQ~hagN~Fg=Y-VydS+Ef@)`BN_zuy4^?HY%1!He>(=l9H%EVI<d^_H`
zb!=O%b#^x-A^6HBy9lX?y8)vJuDZ~FeTf4!@bx%HH`b^x`-Nyn$id##D?_|Vd0=_d
zn7^~rZrhKlS0@Kw1${5?1pKd%EB*s{V#(cQN__nFxdQNHTYe2L`C353{p-x>%pX=F
z0~evI#zxZjXV{cEDikJqTB;;d<^nfuPROvd9vtudNi(=b#04tG_k@|71Bu%nKR)q4
z^0~iRFG~6r;XJ#79IW5}rPC@=&QKQvE+EB68O^w@)7MZj0hF*QojAmn-E=bMsiV{~
z`fXWU)~l8PM2a|ro<fsg|2x-G^72uj0_mJg9Iut4?uV*e&2k1zFC?&<&<UrAn|jpQ
zQz{N(WNoUy`Tb$6fa(~>u%>!!<p=6<0R&PT;oWwm_43+iB85CJ_wz}mxn>KEdp4hI
zo2UL%ZKiwS(8PC{<0dK<BR~ZPC*ftNlw#g^3}v+JykY|*lHmk_+&l&rBlf=ENadNZ
z@;|$WIj1;f%;#z7<57Y4aNIOH?Jz;Z1bA*p@sE}>M8;OKN0hWOkXKzuuzH-bm<aId
zw@>+pq@NTa&-IaE)8+9rc|x$msGeJ)?lY(F{>_f%7)G4q2x0r!cOo&sBl9$XVjl?{
z3=H=TW7e_MEg6zJDGS(-AWpdynX=6H9~mBg26N^epmV8$=b##sFJ4fY)(T7a2Z0v$
z*H4;D7^TN7MlrdQ4}?Os@N5%l(=`4(CO7aE;cOQ29OBU^Y|X<2x2n$h)M0Bh^)`b^
zL?Z?W)NHjYOcWD-Wc6h%-%3Z=y@t0r#*x)6b8@Rgaz8Qi=mH=B^kwB0IVb)UW#m_R
zeSW_0KCc}lgm`GmJ(V9^p0{_uevbgav{g0GvfyL*Yccnkm^HQl^b3!=w5rO^D$~-o
zH~eeRW{R|q^PT(L8&4cld{s)6`p>t+u*r-4k|)raZb4kySwfXtGo-CQS*5W*&cG)R
zvLMAX*}_5(b))~2DNIT<u(b60Nb35M>BuREVAW60)TLQilu;baK~WZa6_-qZd+pG^
zjD}mO8Y&an2of3>2mBpwdnScvp25VA(riZ&I36o|lfIG4X=7=OFR+<Gis##g!at9Q
zAAvusN&_P#{#|b+6cGZ*@UBVPm%7afK^sN^ZOfALr~op_R6l)(>$Q)%hq+VS0__87
zV_*Z&qJ|>@bbrYI1AP?~dhPAy+COb`H<?u*9n{|6EI5R!!d_Qy=XxCC33+g!wfq>@
zt66_~1gm8TYbGFBHr&$dm0H{|=ZsV@xlFvt^Lbv)q*xCYFYI&s`_c`qq|{*8>$Uni
zfJo;*)SxyJDVpYtP9wqaWpC;^D4;-Uzx{ay;rHtG(t5^sE_$WFa&d6`8a^&fa5s7-
zR~S|`D3)UI$&{?H;KY;}x2)!CF&ORtN=mJQQ<mat{=rm(?mkgyXL-LnT*p@LF)(+5
z(bRMpg#V0Y`?2Mn{CQ)Jn%nWw-QiPHi{0`_Ov4E}h4Vl%c8OukavP?hYst>Ni!^d2
zi4AUwMZTKlhx&pw);Kt1V(v+oUb(LAG7Np3@i9jZQ5bA|rE$1{wl_*V_d;jawOn??
zWCJVxXi=~w0tyRGD}Eh1?L_{3PHYV}(=o3CI=-p)5b;sIei4*YwX3?LNf)dY($mdD
zs)p$U=`-I)9tRFOaFUMos&om0dV$GhB)z`7L9it45tQG-8;cx*faNiM2ZR{Fdo3w}
zLe}WiyEWn@+A6qzDv+qDqF6~Wd<C(UB<b;^4MFBl5H~Ih>@BnJBr|OOYJ<Rc63joP
zOiPH93_{ZHoWZv<y3`21SMNjuu>(-CVV-{{JU}To*2XB&D6n`^X1gf-O{LghxiJ0&
zucpV#hBDm8{p4Q53|&`&jPq5=jSK6fv|07%SHfLbOpQ|~(P9i37w1zlFHF95EM@VP
zPNMv%W(?JcR7!y@N^n;CsqLZ3XNt{fHwXB}Dqt|H#Jr`wTwPJgXPj<V7m@hLJExIQ
zj6o=L=>1#KZC8nLDg{<BnK@CWj6WbG8AHWXD4_O7H90Snpwmy|2lSwMrfL)maEa35
z#^W9}+C#3TD#ImSwRd8Ocw1WSERKCj&NJBJP_jj#2QwC0MHX2E7cHUvGO0COv6Q!N
za6&#L{5$qvo0}fg)lZ}>egvN<7Z2iCOExvTF#8xbm{vd9+Od!Y<4H*kxPbphqa(pD
zcXFGnLAARK@iYqAuHE}`w_xjabwmqwF^01Pp__bfLNZwbz3UT;LdwPMk48=(2vWS5
z<(=#|N)77%`J;YQcFGs|9i}va4$s~F$K&2CnhW_@UJJhNyw7N=e`_dxAr5HZ)iD5<
z=6B*75Ru-|DK}tqNJ2ci@JS>JhLQbQ^X?uZ2IfP^zp#Q3R#?V7MoQ<VpYu-}eJef*
zsr|WL`0j^ZU1sm#9?zAFvgL@wgJPRkqad*MAe!|5cJ1zGhe`g|n!Gh@CkgTO0a5m!
zsXv<D_qK`J)Yy1z@od*_IZPuz0EP)6jY%*Tw9th#Mmdk995fJ31=I+ND>Lh#|5t>r
zyhY7!STVp2DL_}()W06lix5%DX+p>5Tks0}^B9T5Fc<&JB>Rv@Aqda(lrTC-g&*n~
zw!cw5516(3$2IK#CqLG^Aksls9Fc~e+xWw%4Uuj<{y!Lmh4^>s*;69z0p37xa7wAl
zyNGsQ!$3F0=qs6W+So&KphQM2EK5ssdpumO7&S@<TiXH{mOL=)0&}Z)(AY4tHv!V8
zeYbO)fMLAv?ib6ipW5`PLO@{&Q!!Tu81WH_Rv{oMBq}tTERxMJGD@rxN+P%Wn{*g~
zmy(Wi_WcRBH%Trf&YH<&-`21nFYg^Wsvv<n(r<S9X;0K>%(f<|{R#veT5rt-S^hrQ
zPV3#NWC+sD(u#NYwAk)|xx5V+Y>l%#EZcj1Lor>AoqB$dUjHSMn~@}9%8ey$r1y8m
ze(m9scR!Y{KZ|Fn?qNKB@_$ZM>K0J$BEFTU2_&Ql?qA4Qmg1ZnX89^H6(Cl<7<IOs
zm0tArKFsw1)OK<zjf-rVvtI~Hqt4inMlbzbq>KT6P7(oAE4}g*Mp<3Sz^HFMFt%0z
zE~I27XW(XFi-7aM5nHjEC(B=}2^!hJ-V2UDZZk;wgV6)Rw!GEH1ES3bGpALcnO`^2
z%mnPq8_SiMH32-1zZ<)ZgWlehIW)gLN`5iugO1jXeH8mxlBD2FvNQZ65x9pdhFrH<
zfL_SwG#QpB71_;8G)G|!1z}sjS8v@=7Ay42P|f<1cZUjAKkPESN*4dhtqrmPQgMQu
zWlXu*hk4y(GgkF#4j>hXOUfY7Op}v3Uqf9|L0!uNpaP7{r<Z{*x(OZ`lGvH_@DiMC
z>Rixu@u7P0JMsLPBgFILbCyt3XJQXrvV|y@du%xh?x6ntv#lRlx1q`1;@5p5)&L5J
ztXVU=k%rPQvxVUDfef04r)`)9OJ;}x1=rd3%^$cgYbsOGmg!VWV`HmahH$c2sjFep
zJON|4NUnJr5PCiDa#Mmu-h#F)WJjzxnq9eBi^cR6%DIsf-t~*XMX|vCy{~}J^8HkQ
zdJhu+ngF<d!V=w-GD8HJV*KsDoyOyXhhu+{<>T&0e$fHcjBaRZ-cB!3A{{Nn&Jag$
zqa$q=;u2djL0m`m{`!xY{WSN`7AO@4DF^hIih0$);9ee(MyZDjIIQ5wib9Pe%U8bk
z+Y|c)_ifa<h+zRg+33WMk<ztUjY~AP1+BH*>$@ukqEH?gQ_^f1!K+7k7sIRH(D)-V
z4nJBPz>emW-wPo0S8cg8u_)VPy-#ocldP-CIwp9)%)($Y-vHE$x;12RS&UZdrkrtU
zdQI(EO~I)U`?PFt7M;kV10(A478`EOy`#T}t{bJ+R-cA*dX5$aw;5Gt<l-Y-V?^Af
z`lzYuv<OI{Gbx(J(lJUZdqqM|`IS?bh3z-}aIBA_Q~pv<%Vonq8z3r#-$zR2S~#z4
zFZ6^QNl2&PsX=yjVcFrzSWk)F=VPgOc*297rg<qtorosZAgV!{6iu8P>X9uP9iBhx
zj!TjrLQe_nN&BhjT4jk^p6@jBRK`$WK-$aP@g1qq+k(BEqPK>ntKzq{^yMxdJ$7Of
zq#*coEa|(%BL)nqDY|NSc8I<Nu508`9A+x3EC-G)jfsG45kN^5YfN>5h4ApX*fX-v
zZ?T5xf;Yr!vr(NNq0P+U58W{${v@mrmOC@E=p1bMW5Pe7XT;?WQ;a$;^`0N`uF?B}
zqVdOjQl{SZR9STBSC3Y<8M0Ql(aWLz<0^@?Dux-mnC>{Psg0HTG#(zdexok(d7V4-
zfD~Z#i)w#t+$EmDN%PU<fXh$ukC&j%NsxX}9OmkT{}l}ABj!P60m1jeniG>7C4SuB
zpwbo;PlT20t_)PnDyy%6L!@1?mrIXJ5NaYKKM+Bl^Pv=KL^h$DFe`b8FjKUA?L9p;
zQ@;{7qM}1>wTTzMLaLzww+3$)ip43E{{`;(1P4@k4kr&6JfFoT&^O81hB&{ljqAW(
z3ZK-)mQAuXl<YXHKJkLtkCtAapA|vq#BZRNgp8VRv8=&RCb*-IC4cgFRF&o$uBu=y
z>GKT^)_lwo2ayB=KjiK;$@%56b=Qt{Hq8_IX`&@d1Z$(?wfwP3VrsbuxjU|1P@NGn
zXx^UrwfgG(T%~v9#Qzv$cQ@b+?F4*zetR;Mm;nJ>dg~cS&jK?tM~8__`Y~ACf*vI8
zLS8L|P{i+FU9y(4cE`LIuqZ$6U+b_{iZNCiaug18aYmp6oC*wtU$vu|AZ9V$B(%fT
zgGJTbNiOcOQpFYXAoKlCdq1OZB?YjYU(b4MWxnbGb_eK^*}c3^zEr)tXelxefMrDD
zON-ZYfEg;qQ}3h8$n&le`f~yw(N2t|pgLO$_}1i9^+=;g)NgMOUu5*-TvJY-A)3k5
z(@{xkOm%)Kqo7#k+o8U>r7LPR!#lPNj%rB_u(Uh%*U~~M8a7B2#i<CGX#}T;8RGtF
z*LjAwGuyJkD?JLawJgiSu>YO?e*8Ki(wUP(?PprhWJOb>QCy3SXRD^y0i0Qzv3n*Q
zz%anRVBWn?!)*}x)03QBiBvt{a2@*<^F@!dO>sy_Gzp8J_a`F(x$YR_cX+i(*NpOr
zMcW&Vh{G!c4m4ptXZ7sRv%&BV9voroFkQ(Q^L>C6zfk`r)LECenI%4!l6%{|=53TQ
z-;wX8NN@2zFrzM`^mi6yQnq=4c3Yf1FR6s~kqd-owdfx)dO1`27!q9hm~_FH1ShI%
zJcNY<o2rj)tby<I@wNKKBrgW+xBW^^9+D-o1mE9YI6co!J<^dOFa`Bh?_qUw+ffG~
z-bV*`QZ15v=93Gbs%WCt4j*Y?2tp3&^Fl6fx8Rj5rFXvxBY5;$68tQd{ejH;8v-dw
z@a~Y_VT=MdxhHURlhIEn+6pt~O!hOM(+7Y$YFWwi_GPkm3Tl8C^_T#YJk{KSeMCK@
z;hJh3-Pd27X{eNCk>%68=3Qxe;eam61tTew3V2YKE*K`wDj-iFL%N87a?e4AQb=}?
z*qMx)Y1z}jq@Qtl{#&xIWEx&$`tALOfm7lM@5#52MC|h=9AZ9%mOdY;g~Z27zAi?}
zz+@y#EsekgXeEgI@0DN{7p$-$DDZK8a5uIr&lP@#cD}mCc9b-eEPI>D2{?L+r<Urx
z?I55b=vV#Nez8DnWL_flu;Y}M<wkE?!moe7{)g>oKe2dfk;OL4cFE0R1b!xnVWKs?
z#ha1_`OSTGtBAg?hw)tRmBsqJ>$f$rPeRnJSA)L-E#cNiE8WJnZh`#0(EQ*#(hqi9
zTt;^KbV<IOt;`~}E7?vcp{4=Xtp*WziGyN`x}J4s^C#ZC>~87-eW-<K40ip@qbT<L
z`+ocrYgYYa#f2M09`W9-wkGoQO=t-E0?1jm7rJ^se4bTY7|NE~H&*$rh89|<d4j7=
zguj&Ja9q^%DiUz(g`|?<4H5>pW*ruc=>Euxn_cuTl+pD}UJIV-<-yP$e);-JT%&w;
zK#Cu<=*7~OB_#E??8}RJ6W#}X)|~6cCJG~C^7pr^NFVE{w%AAwWjvNjp8YN}5jgoy
zYG>>%1U^^8HT|S#$G}A~YqmLjcwJF9E9<U2KK=QD;NQ5~zB#S9d*93Bn|N}@ak1)$
zC9}iKzA|{jO~NLJW92|i;NlIlzB)YiP~!V;z2vTO=gB$zSK*4?iER8O?l!}|hCE~=
zrZLPR;i5pJdn@9CsR?n_bO;f$E!C{;?;Jdj{p*7$T;9WZ2kw{TB9Q$VuMFWhKj6-L
z0P&W1Apj=XcLi-oxN1NQ_MC31<7;M0CP7H1@+eCSz+xVSaVK%|=N-L=-7i=fqZmf0
z!hE6<(RCS%CR&+I%t_Vd9KUa7XKO0@!CgcWX2o@Q-qEr~J8RDgm#&$FeVS@PH$u1o
zdycFTeK@f+!*~tUq<*I$8!Br6-A6I^38MLxK~4u?PIGm88G4O-za_^8sV_EfJHZ39
z?Iz3w2-Pg_&kpNah><V38afv%lN#$Ttkx{hCFu5w8US)?Qo@oN)GGTxS@ljlnr^Ez
zjwOPk(K?ezEn=ym^AwXsiYe!AZ4>A7_FEe4qScA-BgT-w<AKBx*JfamET!?f{0}7i
z^Gti@h!6%_9x4e~EWTJ?hcyvZjm8Gc*3eV1mU|$~l%1>Yd8;n6+-r9lT}W$080UPL
zI1%XM(K9mE3x8-tP+sJm+AOs1KbiLTqwcuh<Kj!YhzEQ`<PVN{)Sy2G=w23Vi0>i2
zwxLd3hnYIZHBjJz#YrUnV6>Ck#G@Owu3Mr#|4v-D(Glg?oSPd_=ch+Qq+m#G!nB;e
zU+v*s?){Q8agvi~xth!cUhdTU2uGX2LY`kE?O<dM_RulwbNE!V!?2pZ2#RQa_z>(n
z$VLqh`UG6r6!epgzAz+S?5MeI!Nn#8Y{2fFi?K<Drn?Xn4l6Kh|8mErR>=uNy7S6J
z4#syLKrROiY>wN(@NR@Wjn|ys`zWbNp130mrQ(CF3?OjqV}FLSCJSa!L2i77lvJ{o
zXo@+}U%L)z55K7@v!th;3!N@SpqjOOV2Bp#IaqQ?vML+<fTmNZ82M3Iie_ZTydf9V
zBGco5&VeEdl^`5V4fFq5g7Co6x3vIn<asho_IX%^-|==u)W3cSw#|y=%}5;TvG&8Y
zyTiv<=`W2(QAH=WQf4TW$L)g19ZN0)#ZdWqpV|3186C%X6|RQI>4Uyqw;2<g@4}L}
zY`GbE>&L^$w;>5wvg|(F!GyrWPwa(v`G3Wz{1JK_M((}66G)Rzr3818R<95V61e!N
zn?NE@a2LAdI_1oS_a2rFf*@0_s)kDW=cu2DfB>v6{=Dm<QS_Qk?}^E8)o<ZRK?j@K
z7_MQ~W^z-QzH$Z%etfmM-WX=81Ie%B2TMuAao_nJfQ?oe_fYe{W+;;}5)$QlIR!rp
z69H&udEKUrfTSo>(<L`1ow^SqW!3iXJ~VZ$MMZd?u?9|`__J?N@cV&4HpWr&VLKS$
zS2J%|q3R}pDyNq~BxV*zb0C4$df|T&o`ckgShxmf(!UGX!B<eyGF}TwHA8P1r@vF|
zIXz@#171sp*o%<SWp{#IZrWjy^lc1fQS&q0>73hDiV}im-e;34qf+v-^}!Ih1nf;6
z%|N>f!I<3S!V&;1MS5fjtq5D4S@QX7aTWW_^L+BY71wgIX3rY!sy+Abzpg#0iP)!0
z1mjSyt?j8D8vMqHiQ#GEvCTD^nHm4nor-dOgM}X62b_kLe=dea`k|OD-aF?ccI4e*
zm{^4m7QC0E;?{Zl`NPpixFu9|qT4%g^Vq<5nL<A-NhK}PkdoXr&fg5VVP2j*wNQ1a
zL$1@Ye<bS@D*-vaRmlDoeZoUyP7_Wo{7hoi0C~x!<wgGd2aycY9VK3#c+tJGtgPF{
zGaj5=PF*v+(0wzB*NOhm2o&#+K<Hfu9I@^pWEYRs`?`M8@bPb@*U*k)htR?GwN?4K
z^?FM&az`l9cuT@Gj_kr_&^+KClnEwfnhX?jSg)+&+YTKKY;V*UA^>yJ@GHU<8?OTp
z65D3G?Ngg|ICARYO;n8l61Zk%Jq|3Nej?B)Zs<|*Fx2Vdc;^(sgQ(wo`LYHf1I~W0
zus2qu7!~f~X@u*bj+)eduN)D_(fb|={3%y}MF8HwGK2P$cvu&P&U*uGmplE)Wf&f=
zNbR8xr|gS~2nh5_|M1KVjNo)CD+)n``?&$R0yuqTfy~VNYqAwcmXoeDG(%M#melp;
zh+)eL<AH)&HAz)zb{rsbbF84$IDd;W(jjgRHFmYAWh(J&QEZ$CBquAh^*~=ZFj<sw
zG@|$ak#V!YY^0(JMmC6M@lQa>V|cgYc}-=+fW%(1%6f6G!NQPXjRH>9f^Shnq63@?
znh80e2t6t)lhJNLYGH%~#zIp?0SO3mBgsxpuVeZZDKcybRXjqe@J5pS*RZ_p(x<Sx
z7ZKkU#OBtK*Mynet5u%6nu&||FO$_78re74?a);QB#yvAmn1~+gJ;`r4Pv|ZK;JDI
zMBKV&<-svJe4mXNVBBZQu2feuUmfIfSnZR)z4dpSgg$l7UpHJ&$1Lgm6BdCze*%^K
z*O%&zO4;b-vUe1y#E0bhH3Cz4UlL*Bc|(T$`bwCoaU0Zzup^YT6RdJ#lO+7Ulu*OO
z8^O7s-NNPj|EX$GRVmSwIuQLJ<7{gAV|OTR1`u%%JCI;a_PVPTi@pN{r#4P-dq;k(
zp!_pX`ib0f4`vs(oW<49OIu=6Z&RU0xP@Jy2-uh98mC(T)OJ?G1%hdhS;()^@Oukg
zrCgP5DH}-93Pn4xKptB6Wy~@ZzoO$oXrN<2bBJynM$`Ud)icF+Mr2@eJpx#XaGM$n
z8(>V2B{4-TVJ!n<umZ>&z*6e4QBu1tnEuF`0Vt@*2w#2^ELLn#V2hm{&w10Y`#}dG
z#_8d8H1dcU!Gt73Cvj^NtyPPvA?;SJ<r64`a)a>EWvv0)g&T0%7IJQKFrc3O5$}no
zRd5*r0IM_Zfm&x0I(#i9*Ck=~XyS?o1)^Rhj$U^%^i{&ujuJ3_-x)FS5eOcRdDzv*
z1pM4P3=9nxiVrxyebRylGq5B2P~?gNDlh&VCF^`HR)MALNCkU-h5-dQ0BDhmLljEB
z{Y|IEh*EBHu57UD^%sWC7bWRKhFl!F|KYDyDT#(<&B!D_;S**MW&>cegZ%-&UVbxr
zERs02D|o|z4AQb#gw#n@0Wz@Y2vB61$@6nx0TG2l8#Qo|6o9c9_^=&Ba3QAdM$@GC
z>zkwQF)0EQ)uIT;-6EWzT#h}UID}yJAZHXFtgo=70FaqM#zEv`6>g}+2PFue5o{G=
z+<c@8XoZPipq3M<fr&?ZvVB62=bqB59G|fvL5FCQ?7>&h5Frg)i~~--Ku;{HM-s{I
z!+=a$Yj&{P*HCg2DpLDkr1QE#TEnAl7ZrXt*n-l~#yR9TP7yA@<$WjX$8zYDh0X8i
z%U=y%&{+c~es@Mh&sVcYo0)dgxeB;Hm&cU8v?p8iePdU~NBCenIuhT?$F6yr#R@P$
zt?VmS-a(6&_#$=$P6Q~_(y1F4A0mL?um!0sYQz(7`G`QypuY>)?f$s>&|rlJ`xgXq
zUYb_SdBWw-vaUA?dy*Id&rs5F;B0#2AMMZRT)W;Ez{KlH!iFmE;3FuOS1LMJ0!DfC
z|0qdKgJBu=u?3myuI2ayJWW3)w3bLOl%~Hio9LVVBn2pEA7Zy}5Yh!gK&6x_-uEGh
zKf63Cn2FH`Z#jx5iBTaZA(6qv_;8dOZ21_+<)+@z!b9_+?Otm{g`UXS3x#s)kJy6#
z?4hn2o$P+Y)fGv-Z9sNC`)=;$RfM#@3jPID{Q?2doJA>xHGua;;|hkEtH}-;SK<T|
z0fa6Y45dC9KyV^FM&IjA>hT=&1$tf2gq~9(Fz`JxntwM}RswXqVHJxzk06XXl3=ah
z=M1sa_GMpRapVC&66L|O@zAinZW3jET@sySpAB=_>><t;Pn<zfxkK{PWIYd%?_LB(
zeJ0nq*or|V2(W_@(A@`!ScYVO3rQsb?7BsXjg9#!$l&jSok4D@42|?(6+tGS@2z*!
zQ6Zox_wZjW@&1XVF_>n6kV(J_Ax_az*~_I1bzBhOgfAJh0^ZDtfQ0~T43nDNM~n1g
zDmIgPP^znfcWo021RI260}?kqd?j?)4oHXLa{Eh{SD8+A67JxQ9k7ASKRPrfRW_E3
z8C!>Ad1Pe?pBIDxO#RweId4X~uW^>RqA{&(Ay4GPA@b09s(=g?L*wN4G%%nX&KNoe
zeKZJ)u|C<fM(;H~)EBvUs6b|bsE`ghXo0(8_9)Lxc<J1O>Bj$}K`ozax5|c1*j^Bz
zxq8H0qZh{S_yecl=(gnljhG}mM!*1|*CVI<sNdUBdJDaZwVM%+vgd;>z)Cqd;mU)z
z2U|svuc|<}mSdK8MPXpw)@5-%jXVHAJEocgKw?OSNNW&Z=rjbmmG)0V^(A`!qHt|D
zMeIDDSO<>s;9SwZp1>gO;&?bTX3dD(dVQ6cprVMGwAif+ThD?9F!1Lp>MjRxGU50x
zJs&y;Y0)!)_~I?In!iLAJ3DoZPg>PjY62aSUMt+3JISC{Y)kZ^(6&esj}SQoj^qQs
z%`u>~pFHw`mQ*MUdV39=zp#O+mN=4~CRw|4v0rgeH(2IU9$_{^-sP5k2tlQ+Ro^5$
z4~|b;(SCvBwcP@CMCvqoc64aw%qM3i02C@gu)N=mh(9!#C1wc&3Um1YLH8Wrt1${}
zwgmVyl6KAHfMD(1jR@hzjRk)y*%mgR`?a0Pg>Qmje`E#Z#deSPHxjWLznZOhr3lA*
z7`ucANMffXRM`y0n3mR19Pu(#@S)SBELgDy69EyGo^xg*|LPVxBt$R;Nl==1-pp{H
zr8reFMmN`NT0hP-9)Tps2ssAX)W0-BH5*`e9iAsa^*xAp<w@y0rC@6BGxb8$V-!EV
zk7TWsEhTPrhDkEa%!PahV)@X!!UDj_Ob|Tkv{<V71LOu@{)d(6h6nRJp!~JZ^A>$Z
z`Npq%sep|Lqo=Rmjl*oM5GFpSf7!ZBVy}Mjcer70zam`#0NTZwT&#7WhW81<#EXU3
zTfiKPg@ySrkcK>KoZw+fr34VTx@FZkH%mWw3+5t#%P=>6(VfCe^HxzM@%f^N9@c;V
zAVDD;Iv~-}G3BPq9!i~KToV%vY@`H4>E%T!PQ9UBlG$x_!6z(~dT)HzTlR-XEO?N&
z#t46g6(Q|^o0oP%gLqF-o?#m}18_wat-pik{1kvh0sE1~Y+0B#IG?20q9<a6Tgko-
ztqM_+g*>ZTdDgfl0~kqlI@rP<Ruq8U=~xFVwAY{=zU5GyzccMBP3lU;RX5USM>wS_
zqjDX9J(Qh#n-(&EpPHI=WE%^X#8h=>i^U4h?hfwp6d`PYBAyh4+{vpKUEVJWDzfAM
zh%71{`Cn^3pQhu2+8<k0ztKryH*`dR`pFCeuoljHJ&IA4m_19JsW*Kq!pDGOnZt8^
zf1culY3s$mf^z-ycDz#U!sLe=r0*y{sv}#5ZO3ATM3MUnpdCttiE!$aOqQZRhLGp=
zsl$c=3fia<gF<I|(DH`-Z<stv^I}Mmt;O;AS6eF;r7)xmEbXTq3WnW#ennUyd>ZGG
z{kSJHb)FNf&a`e+G7PPK9C!}Heii8VK}Mm|U`Bi%XoBaj{#*YthO{k1RBW-=B&vbM
zJ4aF7D>$8i_dCK3zWZaWJCeyTAAIckI`jH{84fPqfAo<t$+F=Bm{hUZ4iF}rwY7s8
zTNik8mB{PrmkK?s=hz_$9|vPLm!4O~(7c;r`R9JZvWHF;YVWzNGe6)huKm?3Yn>O_
zj%cVql_I8mt_a)K*YU%&eY6)vvDHA>AQh&jmcsK6shI#wwtI2v#RaaFvmel*w$^vp
znxB*!MT0z%*+#=88b}YY8-?fO?y#s&wf3a3EVcMWzE7;LitQ50euwrGeYU)gYzZ;b
ze3j>pDt{f8XGB{+9F`b%lfc)z<ZPndpjuhZvq29;u|VMH?k`TKjisR~P_}e`bS8Dh
z5iIx^tp$&Coon6lwzkKv!8i64g(w;vS~OC*nnm($QQ+A}OQgUN+6B&19?@SZGewEd
zxJ6JV;6rH!mL%^s(?%px4@)WCLv`SqmpBH50UwA{5G+MFMeC+HTXv(}Oq@b=5SPd8
z6NOXSAcGbS6JL%G3inv3>yjn2DG33UVZ+S2sb(-xVv5vhIb;mk9U>pa+@IFWdo=6M
z5=Q+?FQLj~ad6_OF0+ocU6Xe%^b0gcOTr!Ou7)TmYWN+?IKb|q=${Uep6i~lfvIXY
z8qOZ(vr`)QzOzVg`}sywG+}^rRCQ&`m2(iro)PYsU+}N=$F&}xJTX{|UDB)On_`L1
zS=juPPSXhMUMb5TE8z_U>za`v3A_!fv8k0VYbTuy{QU+mthrQ`=X<&OX2<L#!_tf8
zox{RU-riAxF~8P#3#Upo11+s)r+P{q_W!cvie=oS5A+-B?$6z?8mkt8s&}v9s>f+R
z{yGy`5>@ww?)B}weZ3y~)(w_1^yPUsxL*aPUkmW6gBln574q+q<t$lsg^>0Nw%xTv
znZT8^7s#%neY9|gx?3d6vjhQ)i0SJ$7-R+<$hGk1&C0HTqz1wb9?0dp+WcNdLL&@3
z^y#hhR;T`6yU;P&Q;g{k1fLMcm`K)oGU`{yFJJ9_XB31()r&ieTKBqz$>GPHF?wR{
zPn1`U$KgSGoVz`?G1Qmt<^4wrOG4u@x>L|-Nwy}+7py;)g4PUN@$3?b$!_h%|Lb+(
zwWYEjO>|KJ0n<Qakn0e_sOHQY(GmHg8C8hs!`B?(jn`a@kx#exovkIV-+^&_cI`)W
zyh(g(#Xl{8Tv5oUEY)SOw`a(UbsN0<!h5aouXTi?hZ5M|9QQ21?5gP_*j&}|wfh=>
zI4a?Xc8%^?Tq=W)l#tw*x%!9-XGg{*Eq`gZEpeyJ-XfP;c4K^lDY$>wx?uCIR<}H0
zfwl&2UrWEB?IR%4CDiCvj>lvB<;G|JNLz!R{tmtRM<8ncBM?Nxt8rK!M=Np329Y}m
zaD{8LYyCWMS;7Oog~AOB`6Wde)`mwdXnMqwp5>lMZG2IwM+LjBMhqfhIRPSHJhEbF
zkH&L+{09z)r~dRI0Hu$!J*L^_`so=16`$~b<R~kJ;JOfxx48P>&4?byo*NRhMNQ{8
zYNyTJ1}4ide*&ZPQed06+^wD6f0t<V_~1`yd?REbrYPSIcJi9^SW#G)#^6(0{!OAS
z)~3_(SPMWy*V@@#I};LmRvFf<5m;}&s+A)f<lxzuLqUd$cP-W<f?>{ls?R*v@=eTe
z0a<{M?BR{vHnf^E$(~8i%9xx13<}*O%blK~G_a6OofKn_FuYv_bKe!HjyA~D%<0t#
zXQ$qLemPU$tCU%6kU(-|6aR&L6nFn2N4Jm|r^(rfLB(z(1&V9X61LLRan%|G`rh^i
zF2^rQr%TGh{);j$2Bx#Yw-u4&{Hg4@VT1P<iSwLgmh-vs!v4itena)w_Mqv-CKt*8
z7z95f{SG!-MKqECL}G~}8i)czqWlvi8mezkmkVaa!)0}HM<0YRR=iu`<eB&)uwst*
zY4R<^Wny%fCs=c{1@><fg*yDxX<6vy(WicV`xW*ADW`Kzz-c%dXw-cHW!qN#aN;h|
zMa4G|rkqK2GS%7tV5drq5JGEUu0PxYS4oLL$;100O}(JilMwPt8Ue{l$l;j8=Hf-z
z=T4<otpBf^M896}V-bP-qou!+=L*WFfSPOq7I?gO{ENx~Y##*jP+Nrn_RfOm>g&R2
z;Abj0U?XWuOXuz59dW#btT2t8*~?C`J)UDLV@I)8BF~soH{#f|0oCWNqk}QQi31jW
zR(G8Bsq-Ke%}v*l|M@OBq6*0a>jk53CJ+ID>p+;3sUEUq=*|*K(E0WnVblkzp&yt3
zhkIin|If`S(79S!p2U=yAAkVYk&gFeFok1sfdAc(13j;uyx8z=fWI^drGkysvR4>g
zo!xLZX2{+HEo%``R4c_%66!J_Al_d@u9%#hh@6y|HT@NReMVjUz3l?7cGH#i#zD{)
z=xE-Ws`KT@|I?PTne;9BE;MaAVD_^}&i{~65+wePh%NdatuYt5JVI0WXjUr=2SWox
znyk0H8i>r4=CG0@5*JbWmsOLgY2S1-v;VV<ic~9z66@fd+!veA`8R^UQr@ti8%lrw
zs2YZE85a;(f_iYW)BeP&+xvV(G)JW9opHi&HzR<pK(Utg%eicmyD8O-_9+;qk|jl4
zduubZqMRr_-n}BsVZcwRxgV#fguVIu->H<|EOWgNWr_B(Q2fEzqeLenk}qDypKO2z
z&w?kr*eKsGm87|r*p7Z`>}tP1{I7>8Am?gn22+_WZq*4OSyh@oA<oj?&6r{nDz+2t
z@@LvSL=!6h?0@_wPG7_Ri-)(|;fMlnFdH#gBtFgv=aXXP4cF(YW7o0x@4ZA>^g@y|
zL;YTP!!+|>fo?Lb?l9Pr)5*6vJH-X!Jg_-mNT1it8kHG~vnKVT8k|24#xLm=ZdGv4
z%B#3IZ-oDYZE68|1Kw5M>gL*%gYAv(#qu{6e;++x>;Uw?O`fTwJQ5Jj#I4}P5ZmI#
z(10)movA;C7U_4cu86k@EPL#Ve56a$BN1WBMg|mi|NT~`4QxabN3d3<ATsehHGT}<
z=06R-6qOe~Qg8{f4K=E0$V53>mN3oY*Dz7BtFScOhepj}SG7VEipq<l<miaG@J$I7
zLBW)nj6I5eKnp)Q6q&E|BeoWQ^0{uJDa3wfcfVf#@nUaUOn3emfSjRvJl%2Z|D%IP
z%Lo6j*0`%3M)((@{%hQM`8vj(jH_M_$Ct8W(yzasPOBD6E5k(%wue<>wGXxdhw1MZ
zG-APtd02mne9&25f4PX%u#@D!dw&k+n#o)<Ev$&u4u!0ibiuK`_`Odi`plQ1**6JL
z72hXZkZ4P%C7Hp@@$#xjF--fZX`~K*j!Q)xf}JBP;ahm41KdYB|D)Mwc4zlus8Ivs
z_sPOmQm)PtcnTSOVuK?-9g}Ptg3pYqB(S*0*Vk^MM`g%A+K@A3q=#Kl+1S{cA_6iA
zAJ~{q_E_tq`3#R+Ey1IAhEOvq8&8%g9YsIgiLUoPq7wc3o^ZH3A9FVscNlEgENWNp
zY?4kU@y7_ci5-dU!mGhy{f^eqt=229uEempRSiD|Eab@ek0s}|83?m1lOtZ@)tZ(A
zw^#4DCvngST(|l@^6-w=KjZbdAf;KNpB<nG@}^7c@35NTyYqfMjIW<@u(-3%1oA?v
z&ES))GENy(j-t30R#sNDA0HE&;#5ikyW?{FALvL5qvn-W$txC*Cb5nQ8;LUnL`H=`
zLTm<M{54@7K6WMbB*ecIc79Pz1CzM?B9k?mQg&uYF|5WAlsJnsgd|z|+4a91QSJ?#
zSyJg^>U|F~gbVEN5NCCyAf}WdkF*~tM?FAS@22?|SZWdZE>~056>oJl-2ftyu5Q7(
z#lzBvqN`sI?zdTjJJY#KR^6OeMC)Z78w6p@+&;TGkJB`DD<s2NU$n<D$LoF%Md95=
zDm7cFq-B5H+Cs-}MCTKwqTM@snc)3|n-YDc^jsoH&WX}CTsC3l`&$yNz|}QP#NQ-b
zRKtktOQcDxhENq?eS_6hHm-{Zb<2*LN=M|X`Yt9#uk*g;`okYrTJHn9>I=S<<2B1R
zj@8rHESXPXVCXED&`uba3+ShR*5yxlo_oJ1G_Sk{`D<hN|CYWZj^Pt7E-KF4Fi5o-
z6B|f9n_G#3#LsGD&oxIe^lFW&DcABfYJA}$ui^Cu2B)=<EcS`le==nCKD#fCu%aC7
zw+GBIzf_xj$EBzjLf2fVRn2l=bd+szHrGp2L;(5=FP`I5u&Z{^2hp16s<(q}=>Ew5
z?v~0#vqs>Gms6CBaYg-d_nK(5=>D}ikZ|K*5;a`hzcY>$1NA{JeHbn_tRXT!9xKPR
z168?dl7KhziPJ8gu-}Z1evI2^-|nDZ_Nx>-+7YY~7fM`IwZPiCVQFrP%bqm8WbYdA
zx6NvHhl-UnEFU<KlA=R5sq$H-3+1Z3N7jD!!j>rW4}}o5iFMO9o%X^HY?jcKakup<
z1Mv%*fH<_GUlfzTr3n^m?l`J-rK1_?^)5q7QlDD={hB}-d1Qo%ibJj0$-x8u>=*yH
zCp#x(daC;dc1mFW!G0Zi{3JFS+W0+g*BL?)b%i-@LYXimJ!PaE?mw~g6&g#T1Zi$s
z#Z{Ch<*Aq5W#h*`Mw!CAl-R6SH62es?LCf-Li8rB->;uB)y>hF{=A@MZuAT#!p*Gg
zjX{q)hkXR3!@jb;d2EQkn!_eB!N-;Otcmt^NB6wwz@TxYlzgzJ+Jv=w)UCsxUgS#h
z4)1ZV<)~eRi@IAtKtlP;r%A?wu!*fb0#UTrzYzmw5YPW9QlQ-+l<dV^zw&&-CqyDv
zp*2^@^7e1owN`8G;)w7)Wbo@WUyE@t-!57<?c$>*!VatYNDOIK60gG3B@&Q_($5X0
zzbR>VW|~P1K$WL@|Bb?Oknf6AQqvwvJz;ac_6Js!A6AS!5rMqp+<Q1E&?TaoD%2_{
z@j#OL##A|6eB}Ft_h_!X#L@Bk2SjRIrhT+WgZce$co<8xNmfK%B)qlbp{Pl4HbN*Y
zs$-c#PS<Nl9q%~RlcpjK$HPQF2NkKun=<|VbKT-9f6t~GUB4aGaw^nq{JE6^gD)e`
zyd=JK(Y52&jG0}+EB_ygyT>Cn>F)>|Ym)1g)#PObhg_qr3ae0D?2f8y+fz2e+$9t|
z--06O?i1KG=hL+k(2}kV3H~9Mw97q?Q}}8h{a<qNM#{tgK2y3t&d8nwz(O|I?}Y}&
z<5iBGwkt>^LVc}q+^c6VC;Zjf<M`jY{!j_|X_5Q9gk8SyzMOuWc^b54;Be+BBxh$>
zD%*O!*4L^t`tq~u-tptH>&uz#{?WM}hht@Fqg!#m7~A8ZR{ce%{pxMbA@z;$*iM~*
zv-qNpeSYr&KV81^Uq~$)M{N7po_W#C=P&z5aEZ;GHPozrtVw?2t!Q;AtPAK`=0jxP
zTU~I(37X<xjT@uBw$#i%D1<t;;GJD26oenFl~2=M)O?zZ3dx0&J)@9J*AA@{*nRh%
z;`Pscu*TS>KL1r}BnKyxb@FKScbea;+@2dwD}3Zw4KmbfGhPx-rcY0Zp=@2~6#SV=
zQkncWy6j1tgDO>NE`6wPtzY-ISa3XxmSp%EFfmt~cl|Qx$mxhip;ZIYq9lHvP4~9j
zwdoSYXYN66Rc@SP!$8Dh>+^9^ddwUeO~U4`_Zz-4Go3|@ShVVHlt!XMzYpE_V+(bz
zIdKKR#TtnkCAV*{_1xhI5$H5H{0i~$RQ@wHMfK1n^hs={9Xnops)DPh2Wy62sIvt`
zaWY&oco+$hg-bE@CZ(Dgk$qB;XF?;teSCTzW%oy{0bk`(%Gj6a8*|^Vsj)allG}sK
zV^Jwdlg1-O1>|s7`8#NU#W6d|%l!J$Iq&god^r7CbF2~?WQ?oC%~Q{kS`BLH$#2pb
zJE2v^f`QzVmgU1rBePNG>*UOpWPXBnz?Kf){>WP4uDltDflDS;+wO+TQ`wZYyvzqF
z|LW)kK~9=Yq81Tlc(`B>F~px011B>p>>cKRZ%II(RS`iv=3j*$=^6h=%w-5kMZGsX
zQEE7t8Q?cm`(SyAn|I{XX@#j6&hFVJYG^XFM?N;y%DoK?vVCR%;TS)d*%h$CrjAD{
z?V41buc@Wr1eZF{=+CJzC|<A#Q?GN7l;=x0S9LBJ4^(CUIUBBbcLKl18L6Sxo>uQ7
zG7bNB@5z>;seejpMpe@BJhVBlw+g5c1z{5B_3&P(yX&r}eDvokN0I2PMB9W<LB4o4
zXUN9j9Lv*U3MHc|)5NGWk-?)cKB?#}w_utuDq@af-o`O5Pl1!;QPiJ*R;FQ?U|E)H
z7w`ew6e5)4Kj8V?#%wMNz2mOm9ryw?-`CHwfP1PIjMg#up3}8;#5>AK=2@AOt6l0u
z(N54g!Ek$uTc-uf|DcP4T`mY>Cr{F}U&AFr2if!1!1!$ZG5m}n0H)J&G^Zfv@L`#d
z71Gp?e;#E;5hSiM_)b`&I;+#?S3%E3fq;&^FVnB|PS+re`MtZjYNok-;GPWk=eq|;
zi=d$e&s>O@9^)xZP^q0q8XxB>KZ8W!htVXpl44XuSjpOPP{r3F;r5~@{IX$j>nZME
z-+pCpl|_OnbUvo%Q6(w=wbEVD+5~7ktBnDt2#mdVWqUJVW8CLN!wjm6Ny*%+e@`5m
zhe!(rP2&+U&T4ok*^D{~{{AiUMf#14c0v9dB^4x5spuOz5aHMd#l#8n;e?U;2MewR
zeGJ$BC`rDL{2RJ@Y=(?Y?8$xBQz!?)Mx1Hq@}#Hd>CC)HF?FA&^G_bu<`j+k-`IaX
zB|n70s|6xNlq<BR4Tsi`_G+oe)7b)KmGTU=z<-g)Hu!x~l0SXZtAsCl*EFieo%;cz
zTBP~0g6vZ5iz-Uq&=!;4%UEk6%q>`j&(314p?89e3#hL1+n~YLFmaF@Yz?oiW}>9f
zxk#q`P0hu_HRfz<+rDQ#L^lu@rYM89+MXBev$KYT(EE69xgxE5xilpH(S3AV^&i5~
z<NKR1^YHM9ez5c!x`Gapg3;zR%Q%EC%JBe5;s3N5<N{Ptb||613PCX=(J90~OAl5y
zaKM;SesFI1zUrte9B>-&->7@bpt!oNU9`JtT!ICc#@$^4jZ1*w65I*FAxMIBaCZq7
z8iHGJ2=2k%HMqN5IK1CEd+)FAsathV)va4~|MZVutJa!Bo@b06J?9w2)E?=KjOQBD
zDZJ>2*fBEltm=k{Lxh}R_nbD+$U_rLdQ;+Zi?z-n0~m`onNg{$_Wb_G$%D&~rbm$=
zzZ~E|g_r+JpkYe*!um!cHbPDK@q*eG#>nQ+m-=)$mBG%6I=Ro}!JiFOXO<7kDJez@
zo$wRHyNr~MQ=`9_vZK=)1{idN1k5WwxRSr@96r?^9tyFFcaZu;`FF-xi5IF$xkt^0
zH8eyLsvkKHb4om5@~j1d+CoJO5R{BfBR}6FM0+7<p7gZ=2e=aYhHxTSe*lBBpB{F6
zJ=<q+z5sHI+NLpEs_j!vZhYRq{gIEzs4?nb_uzS)Ht=HB-T3FrQ333Cf5X%j96l}2
zzI#|EKWA-weaUvDZ(laO`3*y_^<Gct6aI`B=xqRIY-IO%ym)2EfP-2UFpY1j?(?yf
z3X3jJX_lmnn%G|RBU#s0qp#$e{$}syZp3W;@YAVBV%DGe8jq0HZPOgrsN#c#02M_0
zCRJR-NUQjYd>#@wtV64bukxqr_7?goSFKP#G`OS|=szkcvl$g85xiGet<Df2eJd@N
zx&5g%|Bb`FbS$)|!-)&U@!Bis;^7eKB`q01`A`G@MZW~tySn{hPRdN%QO6nX9f(*o
zT0#QYgB9bb126K@z?iBm4?0#A+zAyJI#o`lR_s9~FR8FeKw!oX0zVew^&H)?{V7v^
zmLcH}+L{snl|M`;WLXmLRo610oQts)Jn$i?BS?Q3ubi>3IiY$+?$!ErpBa8f%o~s>
zX!H+a85-U+BBB!*eAZIaSNt)wT{N#)q17aB(+$U^`bZDWF~5j^0W0Ip7r!5EZ{z+k
zEg#n7&AS<kU{HX|8$=F1XsD<yj5#vyC1a?H^+QNB&yQOMM9H?tXL{;#T?L2dX)c#{
zPhT$JYsHzYza|~Rj0L#PdBBJ3Im);DuX(m)O|UQd;$Ahqsh>>Jig7{UMFXuN*@#6a
zKZd=bDj7v_vy?)pxv{Z>rzu{K{Q|B#!rIf8L&t-<42@uSFF-6&V$ZmTnKc*7ZgG@g
z{sY0>y+|ZR3#XsUcGsBKeD$q=SGy6JN!gbG<c&EpTru7R%>E-KWQ&|^pQ=>;C=rWA
zef@_2S55-tjIh?pMPF;}{sOr8$bKX9Q)$fDXO*Wt9Bp=AsBXnQgb!euUre$N9+IQ)
zcYsy-C#42jHUJeHIJx8uf=D3g10)a+w3>aUco#N)1_vfmdg!z}XJ1~%3`6k%8Xq)~
zAd2sY^50jNjrUD(zoMZ>jCv~cD=h(N;$Psv&tsns;18v3E(?8Bvbzulln|!jPqcXC
z>4a%<1mUERk*5qajF-%kU3~-k(EGjG@z+*zPB8>Rw)H}pFYPYlNFdz3ksBP><p)6p
zjM2|HDIXJ+x#RV&QM{nEv^4$lRXSDF78X`9j5ORvhn`STY?*=2oShNKxEvIj4^M((
zzF7x?>{X3f$l@s%O*c)WcT20pbin&XwQ?Zy8G~9Zz?9G7!Q&?gyt|yB9UQ$F01kZv
z;t#T&ZuAHA8yY<DcvyNAd5g!1*(188jy&j7@^r5_ZKNa{mBC1lblcJiX`$2<_dL2V
zunm+D@Ad;a74%jUG<7S2I!5yCqbJENDxC_<1~ih5?TU=5dXYr~U8NK2I;7&4Y?@SY
z!~PwFiv5AkoL>o6gQMD=fdj&i+#>?U)8c?~>)BOc-8te)FtX_7s*0Ugy~4p}?>C1C
z>7cf@1MFgd>A;~`rXbqyIG{w%Kqdn!kmijJE+kI7*c8z%+C{Mcw`s_`0#jUiXw*4a
z{-dy}HNKzP4hPg3M7xzWcHbCOJ;S{8!*ZPg6&ro|Cp{EA%usjxp27r&T~8qc!1w&}
z=#kqEM%1y@XctV?F!3;djX!l3O<a~i4l=%IWQ9mLG*EK>g1r`nu-2g+!`mcc-$in0
zL3?)B%mc%<Smgo9jf$EM)uSK~_pFs4aisU2!HRCzBpe5RiZ7^-(^O2~9ro_)L8L5a
zT2}STtYYc*4?X$qSJAle!rS|066ETmkd+85XHc&8^f$vkHA4IHC>Zs2BsSbhNiM%#
zA>Q*7ogp~GHFq-mvm7e6Tjaa13CZna2Q2m_(gC=Te3=#Rbpo#9n%5v&F?K~5Tvk+1
zOa2VQmpjLpsFQjr1{*#itG{d5=5zIDf7;q7WmM*UQSiM}u$*B3*(;jGns!+07`|ZH
z9@IF+ULX6hgUJc~0xUn^*MRFZuafr#7MjxPhen2O=#7>Uto-tk{Hjuh{gwCev2A8H
zVIB8Nr<Ss-9#rg%vl}=q)K6r94@&o!7R}DT!r|$CoA>t%f3@QZtSP>&nG|PGpzlJ*
zewkm}{t2~>U@}YRF9W;?b$co8U*cop_HFK^2hJAhm7KtRVj3v*_a=LBMxkhM-&KHM
zsueV49V}1KS;eQq<I+HBh3!-MP*h3B&z)|@RE5Dky(9^nnxKX9@2{OUI3@yoQf`^w
z6V^i-C6S%U{OKiOv{nzFg-Axe`}8~*kOG5-h$&`e&4ejGVPlhGb1HOqceqLH_W64X
zGt0sX&Asu!b(;w(6U^Mf#q#J}Sq(ky(1bckSod!kRP5<c+7c9|@0Bt*oPfwd?0hG2
zd6?bw@8ND!)uV;l#reEnmNMb`az5-m1k;=VI%o&22bQ7RaPKaLTz7J!%siONc+w}n
zrTJApEjX0U*|kSFH+Vjcfa!Tnu_Cg~RJ(xzXl4{{=MQUlpG^u<nMhAwqesCYEqa;@
z47v(|-*pqDA-DUCDT>zUL%4EhLQt?pnZTj8X*_=^62ZHUa=(xYyR*7)90OWd51I&k
zKd*WVmdzo3kwZ^^Y@T<Yt?{*#m(kHn>bZRj3iMyhkE0y4@+n%%3m_MCIMKg}2jnfK
zExM!koWbS}@oohE^a<iWJMX59sew_)$iEwtL!dditJ7|%^&NErH7a-ytSYd5))f1S
zGQOMTJ<9J=R!vFHtD1NwqKJCi88dtm*61t6+uESqWO`s4@~eAHy-#-CwezT@4~FZc
zO7Z;){#VmE0m385Q9pLN*y(MxU|fUt6*$-lEu*zKs(l%2&i1tVbo&;hc3HG$>#B{O
zb_#Lq_Oj_>ZkmCBu;}D9r*ww^Hnz-~IdZS4FhmsKKg7Y{03@>U($H`}bC!6S>9pSe
zo+;NeUr3Q^y@@(dra=|1S(fI>2<(*nIm?$|e#}iCFjyj(gNShcZImuLmxTWJcS9?b
z0U>BMt(;nWXy#hz+(gyfbAk<dvWSL_GBVV4&6^H-jLsMqqMl$%mDT}Q|9g=HS1_B~
z+{}s=(P>1!rQmQTJ>+l1ysmj?X;y_Vtl(HZ<o;f^Q`WX^nlkWB8T)ogMG&LJD@pK=
z_!xvRs#-B=7zB<B`I#@c5%c3eFlxPlOl{~{FS0e+_!ZsH)bCk?63H9ZUr8>TS#ytg
z&e44wD95!H0UVx2z0a(0#Zgltv<fL6iEpx)OxYPNuDlZc4*1hoSH$+@<xH8OX<g#@
zDP^gTkZ30ctp*W=A-}HKcj87w5e6CacEG&U0_7?mS7i5%Ju#uiwkU~mS4z0oSiGPX
zdFkW4i$BxvnR(}`mwFbQVF*&i)m@y7{M7HIJZy*!-Uy}nct9ySy27=~Ym<|F4ekp&
z_qJu5-LMYVHlCFvD3m|3p2@p)25l~6q-)ZMC^<&%LZZ#bc(<@6N}0JLx>!pnmux!L
zeb}R5pzX-!xmUk0XLCkW#6=sHkm}=USCq2d&YWWUu<S%9LHA>7I3QYK>Mm!J9J0V-
zHXZ8_q*=1Yn4QX();#Y+@6P`*zpX7D)XiA!-{$Y-3(SVX)PpNf7}U8Agr;>-V+|2f
zy`oCbzD=E+|B@fHMKM2JQYvkDKQ^O!awrf__Pa>ZHkiij?cll<9wu_O;v-)4w!aJ$
zQ1Sk~!X<Kc+9$%fUxnpg6Q8~5<T)G{>&lLn6Y-6hF;2;i&XKdR-q0XtFX&WXDAtaB
z`1}x{s^7^?!e9C%it<V8ld&HR?V^Z{_f_*%+F4Wf%lznrE^y)T{IMdekUsNFXDEo}
z-_a=CGfJ@gDj}<B<=Qvx7qZb7c`u^T^YGS`4OaLeTF|uCNBFDo4~}*jG#+PBy6?DH
zt?`<5!M)yIeoK>Wsz$vyfy;byu(8qe!F+)DxOQUANjvrKo=CxPWC@Y`eA}Ad<7Q*{
zVNMV(M65k+o?kK8ndx*OY@;@}?i<>;Q|V32WS=iE0OF1(()x~o5;+4&d1~TT?z#NB
zC3W_6s;KuQt<W3v51bKf(2PT|)&-G<4Uj^0wajLW3P2)w_XZ@yXx|ciI}31M;@QWk
zuK=Jqt%A+ENh9F;3$}Dm*&ZVm)J$!9{KF*btmkCg*l``FBc=dRzTStsa4!5wYHKm)
zh_7D>IQc9IDG`7vkYKM@#W)JuIO>Bs8h(2QnmC=*1`t((b7{&#1khCHUw<grioSWX
zvH>S6qDCDv)4VV*%JNs3w_rb)8oCaKT(bHuYwNK9Tih-3A5`ho7#{6&;TxYbC+;~{
z=L?<xX-~kZ-BRi?YEqcfp=b}L^HRaP5JQe#G6G>`M>q%hxKgL=NAag68Sa_%cXm{Y
zs$81py4Ffip|UF_Bckqgqz5J?)9qBuLaQL2zoLqu%laP%2%77o)J8PXWlEC*d*yOr
zQsn9G&gSn|-QsZI{m0_u$J3INJ$1AD8DU{v++!3a)dG0yr#tn@*UQ&CNKq=t>w~*T
zUMU#q$M0oc$oBV%L)_Crakr|qA)!OZ;KO2$zKG<wgWHO5lvXY7K`htOu6?GqqtZ}$
zbsPEvGjqkzJ4cT$4lUfpLCG*oen}TU`T+ig#hUVx$vE#B7{NEOqtf2i?5??R`wGYP
z<N`ag>KPJN4-72Mqyw@2qwbvKkEeUW>KV1IqZY1zx!z(4+qx51cB1+}4?CGkgTR^p
zIEB%hr2@TeiHCiVXY6VZ@n^t4PN9*LWChq^9+x2d4c}YNLA1Ik(c-hBl3!-uqYxm=
z8O_5{ZO=GOcn-vD7!f6#jD^;HC*|sxYAaNb#0!}SB63@ibc!zvCU`kx4b#<hb2Fbf
zdu!+BfyE;KGJf>v!7K{vm3mWiJP|g#6M{C1{CgYT2{tf-vNBuM&N87Js@b<2I7ys^
z7FDhH(XrXq7Lh?WHo+Q5ea+L41dHBXV@fxz8R!&-QhenjM))C*WJYKVISEsjrj27O
zfvh6?mKycHf_6b!Dx_tWo$|R`FulD;(46jF`6r39_6Aa<Or9|e<}G8EuR2@Tda@Oo
z-@H+R%&pHM2|m6eD??9u8^Ha*nGXt%?nED~QmyVPOpij89-5WJ%zM1eBD^X3M%Ntb
zbG(3CxifFi8x=V(T$eKbCNk6jr*nD!g8q9vpAPLvuvI$u`#AxBKMZbvx68M$^Rqu+
ziUG6t^|;6*zl~F^Z7psN76E#{p)GIWIIIk}?UPE(eZuWet>Br`QAe=qkIzrGar9cn
z^lF9iS4Ch-M3yJU&zh7AkpArGFY35jF6vQf8Aa>-;oMDQ;2KM4Rz)5vyI!HO;fZxu
zotJ{z*|cw{;68i|jw%$*HRy;@hU&BD`ayFjgG<^xO)W%DNMrmtp0?6$Z8k&9JLaui
z4_w%an4&`b{X|<One_X@yD2sj8#RrPWgXQuK}Om)UC+g<5bRF1wSCqbP00?l*_QiK
z4s@eI;%P79vtNoO(-n$yRcmvV{lH~jvRYQ|(BkRYTMihrwy0;}f$ECVpx<=PYx?6n
zCt=RpgLe~>zb^?~XG(ilztP&|Ucc=vyt9drRKzd3Leu-hWII9Zhxl(OzFW7p1-~>|
zdh$DSGjR)`>ul$|f2FsOKlO-c4SfvSete4Qd`!ai6IpWd91`ET;IET20b6c8%kJC>
ztch10F}zsj<R#PErTO9!IRV8F1m0q!?^!%RibVaB-xEnl3X5RQd4A=kfON0)qI-fK
zcnRE%+CLK2%=HpcrTbKG+)RIM7yTxn@#x4@6oF_nckGi<tyN!q3UVW&29Q={Eb77j
z79@OnY_ql&6DNJz8aB^-W*~qo=U@o9L6JhM-1T9y0Xw!O_pNtYEUn_-+pUzff63>C
z1e91vd1#Eh`S_sWf5pA5mwQ>^OHpQQZN!o8<Y%pN;r93EAWwW`eK8`VFfl}Np-hgo
zcXnF)>S3$KR;z{N9gDB4SSlHQ$>rlw{y-kn&WfRu*urB;&tV;P^WC`N=t#4#sISl7
z=lXJ;YTnG}4+QI(u&IANZQ`X-i3Nthct1cbo&pG<HE#%0K?;q(L;*mEyOiCyp^3S2
z06;&HLrwxPhxX0OG_hVMyqC5qbbBvtQ@DfEcP(Iy3Ng19t5}LJJ3X*NuN>_$Wa_Zj
zcm9w1pO~&jYmuP%a{|P>+hJz95pM&DMyaJSIv8y~;Df>?)ERZj2!Mzs_#M3}*k=?_
zR(yLf3tJ67j`T!mQqV0v0WJrw(6xLg5=YaGpG+g00}saY5*LcV6P5@RJ0ImL^y?rw
znx=kB1df}jrB&=gU#qWn?oMK6+p2Y+L6oiZR}cWQM1=8jGkx{v?rf1wXIj(B_GSej
zYx-Rp+;u&4XMygV`9falvq~Hz4@Ux3c=>^<#`W;0wCOn=L}nv`HmrU6(F}kINkV5-
z>dUkQ(}@zfP~_RN9i}n%XW^1q<8ZIY$LO~orHxuM@^{b6vq{aC1eW@qqoclUX2>GM
zda^1Ulr?Or#^8Trxamu%yHiw;Dn=~62NUu?-$Gu-Oz+}5<e>huzLw9@3sw~0;ZOyK
zd3wru0PVoApl^IrzlMd^>{!qUQtG9~v9_;@7Tb+M_Or?SxkAZ67wUc#e!W<to-;*~
z<`3Ji%wioA_&lQmzB8x*=qur%bem2r>_CN|6sA3?gt+*OdoA>Y1rI~j#P@Ic0bb5z
zC9gYX;l9!rq|a6-qWXE^UpXIXaw`9PKHM#i$gDMJGVAdt|I%etVRB;Df#xpL;r|rS
z@)c3W&ZG;?UE&cQ+Sb0A8RbeQKp`W+v3=(>x_zj`otp3^b=FRsF<vzHxfC!_(&OZp
zyqeJ=RYu9HJ#KXI_O%!yAqp4`HK?fJP8`)52J%Z;XO0VdcW`;w|J(N3u~4I6hjy0P
zdBf20!YFLLC!#=e3W0FTNcXcS-?q?6-%6Bw%KjS#x9-b^8CR)MXSzMUA;-&7SHHwh
z><dgkYL5+g^F&uZc&O(5#l9(){^hdE!VU}n^~L2N;Ei;EK0USqk98MYzWlFq87KST
zMKTys?9*F<3p8+DQhh{{bwQ!QFBh5CGp1A%`iWRk6NA3K+rh9~A7AeDVd<5@5(`he
z>-ZDr>Tf?kssvw_X7>M-&o^V35Qvud=6VkAY^-tX{fG<gpTALJ+0yqAeY=#z^9La0
zU=UY$KdEpl{Z#rEf{lWY<`1}^{V(B@HrsGqqit2U$<hqpeRTS!62;0|5rsuV_%XB0
zdSAu>zisz3G=Qz})GAenFytGhoU~l@(>A?sv6G2W3bEmMt;jxEwFbqBo61Ie-Os3}
zD1Ifq>?s`}{?U+4SKZtEsvmQQMUU6la&AUCdNID%If)h?;YWb?@(9(_pRB_gf`Fq(
zwZj@k_acX%WDT#B0VXS4HOx#-r-j3p6Xgh(wr-rs@k$Ryb_cNG3a`!Fb*dq|(!|WM
z!zQ^S1+unzfe*S4enk5mRU3m~PF4$PB_f(H#nLn_B;0PLtB$DF8u`vgZ=zI9QTQ$0
zjL)+iT};#D`~LFjzGvt!XL)~$>zw!L!Wo%&z+=8vNw!(X25%+H^xD?M>@>0~Z09%I
zz55s>mPqBLScYca*c19;no?!*{HMrVgI=$7J8;6ka<Sm^fG6M1kE64&Uw4J%<bP8s
z!Kx5!MqV)R@+aO10P!z<zaI@mB-9iw$tIe6L-``yYCw}4k&Jzy#l%%uJk~v`xQZqR
zFFi)0a!Au-i%~^M-q9aXl}{wFXb0Gh4aN>XC(G2b4;4r(s#YoxrRat^>0C7QNMCGN
zNAG8OlnoP&otcE9KQ00=zVOD$4CYm9e?`r@Da}taP}B#!lpE(l%jzvj;5og4oE?;@
zFF%rGQE=ppi^IVv@_l{Z77l)D%5Y34JYI&JOg6BWyM-+fH>~wo{!ogI)gEzJ5Ev~8
zkBmqrPn7&#E;F*;Vs?~ZU=10PsQd0nrsDnR91(hl`u%;d$p2K)67Fe@?W?iw)I`VS
zO68EVGh%N%$U6NGoiv*qve)^GrO2SK&};|_+%MA!iSblG;gM9$PZ;f7AQ#PLYvSn3
zRN%;69Dw@b@XMnCHXc+*Mox%gVLL*suzg=$sMnJ1b)bQ^qGKfjuPkxMVNX6@$Yh&a
zLWYgwvqH=5F~ST-W965yR-W=J`GY<1*p~B*#5>i_W!vg58fA3JF|H|IV}WI#G`r+Q
zZRg2Oi<0?_jEn|^U&L#o8^GA+451HCK;~9~vs-6i;04J<GThcf_JH3#Q39neQqNmO
zW*4AjGZ^&oMnjx?gIDmAzoY>z6re$@!9w~hPuRBC!vdR`cS=){7UYh4t(52MZV{7&
zSOb(D3h9QK8zTY(=ZC*d9ZL5utlcRQ3!GJ+k<hGnRt>fu8x}jPlv|E8%$Ao8TlTi|
zpPQ#0ARlwTb2B+e{Ew22YDx2z4OS{i^0*vOJq3SQUzfGl^xn>7R&tfCdknLl@J0_q
z!J#{5>R%6*=^Ea;@wK^*YW@Rutbc<&A-4^uP*!BB`U_s+8NotMvFmZxqDaZLD&$Ab
z8wy}ebRF5B{DLj8Y6wox$6RSS=^COhfVtIv_k0)D2kEjmR^^MNCAi3y8ycm#7y%~0
zz!L?r^6l5V!`|te-4sKzGCOC^6g(g_QFbB6e0*s|54xoSvue=Euy*tU@zj>8gO4(1
zG+eWWETJr)D_HSIX~+%)2NqQwW`D%}7h9F6&71;AYY()$B<i*d%0@+5mhw^ujpoJ=
z31UhDoI#?Jvb~p_^=(siFvQqd$5?x#%C%5l_cvD6C+=q`>NW1wy}6hm6v;i}dCL%q
z9+Tp9v?1Zw&UwQNL4kv_wem0cR$40_Ku}QMA`QW#^jpet^f%K(?x7@vcFxhjY#O3-
zHEfQ(X36c2r-p}J{L{apU^{!%GZlrpEfQtStrT~8K)|4{lG51FXW=yr)jy8$j{?-p
z;pUU7yjN2$I`Xe-IdUw^nH6_lL+8eSW%vtWOpX}2<&w!nteYjh`-BU<+~dPI{(R->
zn%C-%6YN}L2Hb?-k7_-#!m6$~=Ob4NTR;62UsmLlntJtJ`iqXdhmYP}#)s_pvKgA8
z?hJm7?#yr&WRumjU;?pqEmPRRXCZV*Oc|(xI8t^BB|I?@aeukkN>X0mpSVB*1)>6z
zdx;(_IpG2r%Gl7dLNkVb5v5$5P>9msD9Z0ccHRRK1dCgZkFDwZGXp%N5e9ih+YA=7
z)Wl~-cx{LyJXj3h$py`TU{zk@^spYpSk7w{2!?gWAS<U%;pN8NZ03^|`N4OqBz#0#
z1UF~b$3f>j+PyA`=YMo0_1|>_G6vNb&$2OQ6lVQuwwbFiCA2Rj;d8nFp+TPo=zN$f
zvq3~f0D_|+!s{KM6OV<w9G*c0(9E{$UY!_$#-FKW#3D_qIi69Zc_Dr*utw!lwflvF
zN01GtG?vz)vxmNy0Of4srvrWjj~?4az2oN!{IcwsUQAugm%r(Tfphg%vo`i~E!}9L
z7y};~P=K^{8=yYa_UoC?$uo|x^nTzGqd;`&zj=XU`?3J})buk^Wx9a7M<k{S>^0T(
zZ`5yWF<4u0k+aD(Osk`9|JpjdWfgH<VziVvCgaxmAj<vjf2s@|>p`YMEAD{9^~X9Y
zb4J1$NE_+=7TOh8XlOcX6_rV!?lqfPO9lLyBeRRf6AK&&0<hdiRkZbeg+f$qP(ZuJ
z3>iSQN9FiuSu#-qkxg?tRE^iem5M?is1akmDbWynQg`KvP26FQ@qqpImb2-NsN*}9
zgVRh4Fgko!@hj3DqAGgLuFMj-lt@FG3XRyjOL!3a_=e&yvor)4Y5;lSG}_e2CLUDD
z0HEgoA*)xHd-(%JnAHpB&KY1u0=~Boh}a<kLh9?^o^E)l>au$aZHSK!wIckwdXv%V
zts;-GovHj*%4N9MTj)_B&w?4AzDwL@ov4ueKktJu(BTbS%jaOKR#w{QMk(n>aGxI1
zZs}ZFsm+cu;tTDsQT=z?|N4x$!T~Gfzea=jiYKtboWvy1;M{GDu#uS}jRL!Q=fahl
z4{wLxI|FMnj<3#8AhzS^?hL?0d%c7PBb~2Vub~+~iq8Ojn-{M8H66Vc!0tL$SZ?AN
zhb=B5p3RF?V!&?HQ*;RNvlgPTrLPoVJbtjXubYC+{mC;X5*%Cnd>d8Sy+-hVFO;`k
zg^bP$5Vu#H0NTty=tgkBt^ja`{UwL6_R%n(2DP~QRWgOI-%>iy@wgrcH>PZUQZ|Ze
z-pj{``xdW*=A1CgnaxEkML{L$C6nEpX52?JK-0!J@GkTmomxEhJc4rh$*{VtDW!=#
z=eVU-Oq_G)d+n^zmrS1er%c!Dh47pyEM{0SxgkQXW_<TaDF1`NZqmFFjmxD<x&U!6
z)eJEi<q0~xnaZ``oz*#ulg&sp(S5+@$?uZPM)<hU)6O!)faY~0^Jt=rW^AvIFsrR_
z@?4WNTG-<@?^SY*`I#8y6=pN&H=dd}jA~^a{|=4p3DtNGZL`U~@0HUAO1gr`cRCtP
z6{s$t{}x%@!_e;mjjRAi<NR2g5Ikv@=1!J}>rD%Tb|LC-9i|^Wpf0)?WVFS8jKdiH
z=np`<>_WZbs6WMAs-?er{+b2w>O}?FkP&zaZTb-UBB~$}5kQ@@?n<a-)DjmY5LIh`
ze1s(`#@~{2p_F)L<VcJIm3Vh9_a?3J!^xm=ZtJ`hmnMo0k;9c#!$z7vt$?)TKos~_
z9MnuWfaJ9;+hEd_YY!+*4=`NgKYZSa3NNApZVD89){VE?DPQf4di4thR18ea47~?7
zAnpYonFllabK<PIRh0#nkYY%ELNF>`>y5LcFKHhqp@<U)D#<7@{*YyOZbShUa2W-v
z<9ix(ts`h$-EeS5SOdZ58^d+Hgc1$Tr&bFQ5d~+Kh7lH?M$74+aBqfQ8Vxf{G%a-s
zIDt?`SXBV18>?vWmOc?2Y-kk<NEQNOWq`RIP|B#;;=P7WN0+~B%TQSNkZvm5sDm8$
zC9%H0%Lp%jA6Av<9)9?6Hm4(1@L?AICdzv6+qPS}c5OyMnX(>0K@LDU(y(}N>VQW8
z-S#q<sB@PGN+<lqdC~)5a_JU0A}|0g1Z2V_L80kVuEPPdY@DESU!IY20?Ud)6=@m3
z8O~v9xZbhoE=BWF-LfE%my^6|E79~`<*E#)^F7&n^GKTU$Vu#&YL~#jl&lvaxIS1e
zN58?28Z#5O3IN2#qeROJp{TkGa`6BYNX{8q1UU8xPp<m(Pbp?lfitgVA|)Y9kW2Z~
zi&~Db58GU@XJ`ia!S`$3UsCjMkyv44;^>goIaIh&%ivxayE)RI`%l5&MXCLH7y}HI
zo`eNJ#3l_Wor7!j6LC3=io<YF;lel{RFO{MG1`V7V>lM&bB&aL$U8ZXz&rL0XpjW~
zv=b*z0QDox<;~#mU>yMn#j>Wc@_-H<@<6|Op>2n?H_&fysKLnc;{Li~6D|2?XMB$D
zTO;el-bladyq0*Hx93WC2ZLi#{xI@SbYExUEz1^0?L^{X^ZUctV6Gy8vh{hpH)g8>
z2Qis4P$IdU)D)yix3<;|;rkmr*k8SmowbyB-Pv5D1b%C`0Y`8PQXL3cTra;ld)d%6
zSWPlT!ibBkpxp5_iSWHXrTk(3)4{7vh-OQJE>og2Tm0IW9`YM^Ws(#>*X|lZk%u{w
z{SdqpLx(le3V=VmIdGG7g9e4Yb=lD4a`$NB?@-WU@B5^d6Zo`Msa<ZAsu$P@W(wp*
znO4GoaV(^NJJy6pAcHepqCur27$vE=d9qqDMsDL|82pCxg9k`n(53klaZHc_=F<H9
z3j8txz^1zFTWavPUQnM(Z3hD>#U=S;t;U)u1FUzR@^M>Dhqx!m<2e+MU+-pVoMqpa
zvGY&ZZnH6{!3MVYHL0mvdX7A~5|JqBhKa%ZgEWF7uj|vqcKRRMnVe8?&BhtF6H`1_
z6g>W`GEEVh!SSnwVZ0B4HgJeHF!0amIvFZNh0bf~?}d$jWJ%OHq0<qalxN;=l~qMT
zwXdSfr(b;q&sMewT2Tq0w?`eL4WvHi-rXgofW{xePnhGpB5tdd!;!UgFFgmPm&n9*
z796BZy<W&A?LXx5NX~`yvpQ3(F1LX8lXvuf=dvDb(zX1L$x}Q<m<w@2zr&YD6vwTM
zfsRKZO{r=;)`_^A`TVEMiU<)y;zPFb3yl+u74(F%upg%*2Fvz4f%V(0T-ElONEy<i
zKE_*R(O*fGIMcamTTy1+^}WfG`8ix}`L`p#m`KLH_{s1GCFW(DCQ4ZxtBk=jzhi5r
z(>!VzH8~?+%Lhwv-A13g5Yfo*AHPc`X1?xSxOmzv;C;OX;JT80oZ*7g@~8wfWfTw|
za-&=RT{p~|;5e2Jw@^AeC@?P&*EJawlB%>rsay0VSG4d;<sA_U+|k0jrbe-vAB{)w
zY9tqS??Ns|;Y$xbpxM}$1Os34l};9i=Z*$fuT;#Xjo??8U15YN={|UFUsyLuiNrS?
zE~EB-G@I%lM|b9~2Dkelr@wwo@1tSFjNMq7y?BNs!liy|xN*hiF!BYW!ENPc0Zd7B
zcOp4d3Cc+nH@2yot7+SlMZreL#8G*kb*i=$^-3>iTd_K$p`yf@sJQP#QuTEhl-HFE
zGj|GZC<Pn~N1Ze%jBOo?FAHU`UbYV=gK8PLi_B86u{YThFy}$V_yR&2@+q|RNv1z&
zc~XOaT^(!0!8{9=&}4hN(JfD#X^WOO@00ByQJC|Ms|<0Nq-b<<Wi8cvs^y*KLc|j+
zuWX4gC77H~YIYg+T;8ts%Wtq#bv1vfrb<_NR4(sg^a7Kas80$Tf^r!Z*|Pr^+gKLG
z{3U-((mRlO61SO`<!&C^$Qq6}A6S!+Bq}c;SPfWV{-ATvy)l$tcwVDVoX;4ZL;J#1
z_y5IIYCz4Gniyc<2S~y{jLT!Dv_6QMQ*Fn+R;7(@8os`6XyuyA7=9kmBGUZ<650vy
z4qb+D67kv&qcwm){fH2G{Aj7z@36qwmE5XNNpBP;`IM(?`e{#&E*~x<eeSYutr;r;
zTLlQxxwhzIU6;GSPfJ-3XMZnsRHMu-#Y1Mh(EdihGs;*=Z`%2t4%T0~O)|wq_y$B*
zbr*(87xU5d9+_39`i&@W+-$Un3@-0))%I3aovc-}ye}`fvc7Tq?0Ee*q#jKE&3SIg
z9gwICJD&tn#}i8!`mCbw0Ssgte(}FNi2J3;+lwMFzX!nSj|2cnXqGHqmPE?~0@y@4
zC1he@#|@zX;9Q-`|Gf2ozxi;!J^=Tnx(haY(kGRQV+*|f^?!5#@BjHxz5fsIl>Xn_
zcmw`Kx>l<oNGH6s0Ur?*IN*iy&ZGSQ<x5zF>vOX`$dv52araBHRWn(MFeZ0Ent)Xc
z%dA54ll)P(*-hF@EHXEi-PD<yRsTEJ5*v#x--&bUE2<|LywtIG$8-a3?^a!kB!2^S
z3j1f&uo6bk@Z2~8I7OER0Qi6NQhj8zW`(Xp%-zRdx`U@x#wF&A)mw(;+5(E4Y#r`b
z<_w+)%%NRlrCzdtO%&*c+$-!Q?sMw>2P1tQ5#qT__N6|hG7h)ng%k;c{RwR&mZ`j_
z&5{Yt6oQFiSwe09*@e8us@DK)(Ae$E>R(>gT_8UzBSIW6l=-QgW#N^f@Bjb>YIubS
z-T%o>4*t3BGnobew^IY6C|^V$loz?s5>LM8&LA~R-E*fpkxXf2CT>qhhW`Y^Ww~S?
z78@qO5Wo!%tT%=N(qNgZMYcyjzTmsAs(x;i+^B6@yqwLM{vGlx0Z_yW3gWGl`$7%)
zG%WzIbcnbf4N-?sE=%e!{(6N30|9LwcY*%;vJ1C_jj7A?HM2pCu{ZI1in?FEB>rlc
z$a7Rbr!j2Mp6I4H3IR-MwE--$O7jGr1(Mo|^B06id^iF4|5DEc{q%EQn`6Ds^^xTh
z&G`Ej<xewN>Zm()%a$60ek(Gr<%N`V0L(mVfUwST9D|C%caHl25l8GOF|UCeYcV2#
zA{c)50~y7E_yf*<!fsQ%zhA*SYGX7hFr;?+{VFrl5GO#vz3fUX@nzNCpOGMUcw0p)
zgoODT7g-3ZohAT5s(-03Lf=p!DZ}S)2@5h41~$xPAR$2r>7{3Tt|Wkjk`&f>p4h;Z
znI<l_YKega!~2(!YHo8V>l49o<@O41?O%-nwuxcKXIW8#Vn7?GJvr8_0`-fm=Xqfu
zN;~nt)b`z+wAOK})v~2ZIcv}IbbYS$<B5PmJTcun^z}!&(a=wO^_MsndRE=)^n?7e
zwNX;O^AR$;Z+R@&1q-w26ylxOlppQl2Gd>@uQPar#T69Us$9Q`zQ42cH1jEEr^7yw
z0H}8apdNCj@B`l5V+vGqOmG7-y-cg*3DTjZ#|5g+XLJgs-@olDJD+`@;zfptE1j>Q
zCc5P-IVXIcXcus{YpZ&o)faHz(QQM=u&tL&=6lsliR`??W#boLs=G+qItiYOs|q-~
z3`Dq9MS(ugi3E^qB|$L6r6mSCzqQ+0h2iNmjCV%{2cbG=S8*OLr!`z+8jP4{+)7`t
z&Z=c(`A^{f6xwfjDjNZ&I~1oS++*>IinwFOZdG~?_}&2@PH*aB(+|Ujz8?RLS&qF{
zny`3R|L%#nNnlf@iJpPIm9Ob0?odHr8sF~X$1pdjX)~l&YD(!woELfFu1@3OxOrlo
zM#PPj()~eNWykZ<W^4P+=ulkcTWhZiWO@ce0@>x^Ca1^H>9#d`Zn*{X7(oYX8yBQZ
z#jLU*p-QX@A(6`|%nKeqx%fBES?#GU8=E1iQl=?)@~h9}iVv^6a~Yv6%2%R^1|S7k
zhNYcLFbkOmDlDB$7sn>wOT|y`Z!`nRkD>)c>%h#jP({Iu)s_#)Ks?04`X@{WQ4jgt
z1ZssoT(5Kuw3P0%-aCm^DFS~Ih2H5n$9I0wXF+ebmn|>$JT>{3i`qu;7Da<<(r-9F
zh2mu7RP@ckY7>oG<6$D{!|S4Z)o)IW6+yZ3s2#C*4wbq_$Sly&XhQ@GFWOmj)sS$(
zi<wt1gDsR5zQjM$q0;>AhetEvW*cGnEk<L?BMkJPNXY=jdq0pa1ehtOWisEhN_Gk1
z{5nBmRp`}Ar(VrU+}Lrrow2(5nUY4$V<psTs#MfxogOm5RQvw<JJUD3*z5IF!I!fR
zK}(gu9vvkpY-tWQ{Gl!WEd)iCha12FPz6CsKXyV~lW`ow3l9uUc4CjnEHra_nr>;7
z>oR<Yx@bnrzzUrS5hFt|i7Z$(4`h!9e3cNnwuY)B+Rw}|CZ4&8f7JSBol=qF8l|E{
z2$j=>FK<67(2wY4V+2q=H`k;OwO*H%Bj7dM`gb|7N;Liek<o?yWaqWKkz&wM4nQa@
zt|Vzy^5a`Wqq<8^4mD$JxR^qOziNWn&44+Zl#6G}!5~g2aa9iS0TS+Y>P#{d4pncI
zqXzY-@yX%|ZrYhiUDXT%pecucN~BU{#*xgq;P~Rq+7EJ*LP8hRV$dclvyYXuEug$8
z*|h4L2=sv3+Iqka)lNCAyG*GrBaVs36-6^`4PT?+BVZE8qy2_AA4OuB_IGds0l1KZ
z4jX4Q?a-6mt2qG&=`kBa7YDMYIPrX^h6|BVL<`PvdVpl~oO9~}Kf522KnBgvcBvVY
z%u<ROL5Wax)wb93W3M<9%XH6{-oo6Oe!AM&3leKdcp($G!4saNe)V<3)Y-7saEsZp
zAA3{$j;WxOl!Z}Sli?(#^=xiIVUh7~RS6*Y-QIz=fJ<91bEp=1B0KxhWlz2VDhr60
zOAEIH1_p-f?D!vJVKO`gU{5K#uwJ_40q)cka6-;msduD^E2yFCNx6S7UiJ}&ClX-@
zt<At#lXW`K#;VO{0eTb>a%i3qWESmqJ)khIg!;L?iw`jgaLKcg5ehV<f>JNa$K$B{
z@Nt+UQe1@pd}ltA-ZO{dw%eCg&2~Z!J(Bc6e!Ve-((<)xgYg&G61Yzi7Fz?@opu>S
z>FypgQ+i7?{)47<E{JoU6IuErl0QH}$%$$pvdAIc@iipOhGCTtFRvyTkl7Xwy9Adf
z1Edvk;5`30%+Ig?au|YlPhWu%R&$W(^q11`$lsVQ@fwD5Ma9WYZ>6fk62qw!^)-qU
zGb1e?;QhVIWQT(8HO7PHTi8UmQ+#JIPLdwnDZ`!MaYVDgmb6f4HY@8#YXAH=Mc>q%
zE1Bbv)R@%M*1LMC72G^i$IwYitm^`CYRJi_#UwhcK3VR5*%Fj#-@E1<!Q*5LnSQ#L
zec^=CwnFD2L2Hb_v63wfG{WqI%YwK+!Ji}jC~qTrf7ngP%nxw{^o>^CovhGh**!w7
z#)yZlt!KX(V#9gE25xA$50%|d)UtyqHJ)f4ed&?Qb0iEjVDa%obsI5Nxq$<)q(q~}
zcvyNeLvuWUNnMhYop#BrvKg!m`%d13)OW5cIx$DoYcf+>6Q*`+(iLYh_3E=Rdw4uO
zxo+zE7xd1F{ZAf4jz9_6wWfDLFu>lB+S;}~MQXFWJBYQ^(p&HsL{`tB6s0XiVl~~9
z@x1AG+~=blQVZ{C1)|r3+lU;M$wLalcAi+aa={HLTHfhK;(ckMBb<Jnb{fB`lX%`t
z`J*;{fp6l%eS0}i9ndN31z#F)O>+;qC?b<cQKc&qaz={(RuOxreNvUbv9Tg_m@7EX
z$&K-wv|WM7A7HAYesFU_O!<WjJF9CWJ)YJ3UiLNIte2$8pUw|g?R3OZaikc*!I%v?
zkmTl`T!b1+(-T0&@c4YL%o4FB?*DJMh~Zsw)G(cKLHTo~HrM{v0zaL2%X@84&=ZM7
zX-<FSm=5|@IQEPWk<qbE(@fj<_Txv$m(2Z=?(+!|c8;YvT;DdCmuZ7^KY6Lq7E0+x
zey)V5;)s4D<iBEM82*$rreE2CCEzt>05VGRO(N`KRZC$8suphz6mWjoMKvJaAl|BR
zO19a@JL!yMPGFmr!k<*pY5f90!)B-PP!(0dP9kd|lz=%XoF9Sky=+FcdrKn_d^Zq+
zPYyu2h6;pMsqp}+7uzNV>c7CT{XcMIc9_)+O9Lw=;ek=a2VyFj`8(fr?hD5=9oH@?
z!`$5fc?<Ymc!a<f8E=u|5}a&M#(3DfT{RW$hPYZ*#H}*UV*9PiG7il%I-ukc<J$Mv
zaHG3sGYo@bH%#VkMBL&n+|!9m1P@IYZB-09fMV^TOr9u)sWvq1tbr`oVQrSBK`J_C
z>7svzx$I~l3BL@Orl7ZP8ZSvnh{Eo@o=m&S4t*<~>M;*{XVxySs4WFcWZ64p)p+5<
zViF9xHG+t(*A<}4!#O@^^6&My@Ma1k<Gnb<P#pnBoZ{7tQAr6Lw0EeOYNs!Z`1#hS
z=-WQgIMep@Y*(3Tk~=fU4tW+YmYefr2S=8L(;p{w$|V1iud&N=Fn92ZKc%W+c+zn`
zr*eftKiwZWOzOnEM~q=@RM>kq>n)GKs{jP>C6S1YMw)~T2|-$2oYM7VZBd{#UHKnE
za47N{wv6?hd+;2Rm>NreJ$kJ7II9zE5aGKa6LcZT&GdhHnzPW_HL+mC7Tte@80Q0%
zcA30~pkw<PY*oK^GbuyE=wTR>K>Wn;qGEsRd>3v#nD+E=i$s+*X9tSL;nDYCjQm^2
zi*bbuu`mQeUEI06{#PD&aDvPN22|A;s6XWkS28L)pR@Aw5cLNEc0rc}sP%LQJwzxx
z^4`1Hqdw>TGi4((uLvWT0$zGe3C8ol>>!PE#^U_~=wnDsjK*7HNN(Jry2KTU>Q{=w
z;)7G*zPR;{G2DMr48Xrq3|0z5IrDQdURaW%HKL7*oC(iGf0!lD`p?Sk9>n4Wf)}lt
zFc+q7VnTYI5rw@uC~D7~(=I$73vp62);{+mWKjV?H`tK7x#-1L&302}`3%cg`qW#B
z?7)a(V<E=xt}aOcn`v&N3i9E!H$trM3EMw_C2r@_FgODwT`j7*h0Fy!=!#m8*XyXD
zJX~)DWwr`8NEBKF0QNy=nUtp)Xt}efv7hNOvn*{voAPHSHvg3<!2Sd9@`AX#2>Dy~
zNJeP0_AU{y2F;Jf^iSOh8#F*4(MExqagNgh_-HfC-;=4jYy3wAG{vAY>PJbWTI4nh
zh8Nnh14k4^3UL8iu<d;LMv`CPDIx@GF%@bA2ow|#=)bCEou~p_1!;5-ktoQOrEe}G
z%3o(LAZV)>8z?9m)xPL79x>D$vCqtlsub|%e`UX#34hOjoF~Z}!e+t&s3#DoHcEEr
z$f@Ko4L(f5t;nvc{;Y#O=9&9d`zjusl@FtG0+G0?wp9Vf-zg!*+l2qJnn13etZq}o
zzJ?N4#FNL*!1EkM#$yQd4OKfzQT(PHN-P7Wr+X~`aoiq6%K&c$43`1)SUIBqqnLdj
z+iDL@V;X1}H8kFjm4Y1_<^BdZ5UF1G%aF!TVD)*?1Lhu_jiw5#;{K%o!(D?DrT(J^
z8@qvScIUAmC8B;rj<kJHw-S!q-#kEn%!zWPvBJ6WYlu(#XGI>@YCu0~ArrLqH6&uI
zr}E!u9%pm&;>tlE>qLP|#~%ZPx<b%nFAU$oK5w&%2v0;}w5O=F{yis$d;EAoSGDXQ
z-5<3~ROB8XOgca#V0>3<oQtiu1s(BZD#LPwA>I36<7pKwmZ3$?p$uiL$tweJl?Y^E
zn*N!~6EKAbM~_W*is(59{kPPLz`rmVU<$m-m7Jtn<Fj|0B!RPi6)6W!Acns3YAF3~
z8C)5S96X-g){0aZW-I7R`BV69TQGp>7g&(x4E|{r&|$bK@!5Bl(+s2-xwiNv{$_c`
zaioMpLKh_rGxWO~X6!c$L)ahI8(jo^MFee)Vq=9re?P+58J1cRN6frX|KkJ$e_u|w
zQmMRzZSUso_n;(Bn<+v#xNQ0Q4Vdw(E^5XXbc4+a%cZdxnuIPR{~5^F2lTO`IpZB5
zp>aT_F!+5Rwo6fa&OSPFj~)xqX)&n<y`L$=2#<qhbGm+}XNm020X0D|K#eOfi(gtR
zPBI@&^{KvnPhkeJ&%ztr2$-g*_^xiCaAlR620H+w{1<M*|KlF)>lkXvuzOHVvkk82
z0qa+*qZ2^(Zd(c<%C+)7q=jcjjTEKxR4TH?{VVI*$MV3?0bbc~fEt7ftsOC^Kt{2j
zRCUEX<6K(wZ3Ee<^&9h1iCEaA_Xp~qM~2VU5!>QlJe<FE_Fh6af^t)^#p9-mHeExa
zG$$huma=?fv6q(sJxUJFzXucBaTy@VBn>QNn%!G$AQ^zD{}=-CUXw@_JzR^+`VH)-
zooZir#Fu=2)MmI<%uf=?(kBIo2V)zgFAdoF^#BvwSFjFj#;c22Bo@E<djbJY3XyEL
zpVjE{)E)x75#~qkYv8C<7n7urg4ldfsBnOpd2b;3zuFB*-ayK2f4~_BP$8y>Ws^4Q
z6Ty*Iad|sjMwS4>sWDv|E(A8_oPSV{0sMi)5T8~hwGXgddt*GR$)MIgNQxrs*Pq3)
zF<rUQMMeNo(C3edYwu-;(36;R51)~v!C$6EDd*cfN48SKG;-Owp{~9WY>(Yr61_(u
zHdqm=H?|1UZyh{6Y$^!UeQ5hzl+a;te8L~>f3`z0HWWA!E_dh1ARDdSig(%>_f2=R
zMiq|Mfp*+;)q&f$MFTA4HfL?~3|LvUT10TvNA!=DH%Le*dJh?=HicoNaHP?el~H5!
zyu+Shu>De}Z6&=kf?LOqndnBsOa>8ZDtnbZE6=i;8S1xUgqKTP>fq3YicH^EWKwdx
zDQT?Swy%Fwk?)Ee+tz^_v$C-UpL~WJU0`xIw~au5?YBRV7~6RJ8lHkvr2G#s$0C32
z3Q7ee#WK?rHKu$3VkfSf*#HGFHc<b&5M!vu1)mfT?4lkuzzEW$-!;1QGhB$iF_L}2
z?ngqIAD=ITh<JGja6x$`)}Q-HvdU1A7zZ9pUk%FbFiIoMT2?D9{n^y_&yw$8#=wps
z=dfJwzaI`%x@m{&V0o5y<8o@Hm(%KeUn4gz1N50xYyZ-Z&ZhB~KKVx$8n^nkz%Q4O
zsSt`5Sg@~O%)$sdAaXWRwABGNRvjB(&n@pH6YKnC^Y%hrWb(Qe2}KGw{QBCa0$1IV
zcKVW=4iK+y5P1(<6oGVkqWw3YqR5y`rbZQup%ot(e32~j8!1Goz3=`~LBol$ua#tE
z4UeQBuy#_*C>~q3+df#*6a|#ju6tlj{nZ#We41}TO18DU;msWVEdHwo(L#iPy5lW+
z^VB*L3cAe~`Ml|0ToWx(H5mLkucMda!U*2BYx?wi+Xtt1Szs!|!ctU_N&R%bWqQ!9
z@Rg$4XhlAL*|gtzGX=N6ipRK0xqlcTze{BBl+n3v=mt=QdB{XOzR~}!117GQo5H?1
zTjiNaZR!L_;9-yll5X))P0Ok)b7+7dOg%lSAP1se9uuV9@k$|RuTPkQ=~}x*GieN&
zAbmui<#y97L7WAwLg%^awanS!p)N>x%*CYb%Q8l@T__z}iK`X=-=|cgVREdavF?wU
z*o-5?X=V4rUvG*i1fX*rVqe~N8TlQzh=2S(Fthf%NF*dC5k-4&IAMC-dkxz6=0~;X
z;+ZHlBw13_cVJZJXG&}ByciTd=jLmzsu4l=r`TahFJ176<Jl1W?lm0vu5P)-D(|rE
zB$}6oI(&t@?scR#qW^~P)(1yEjw=X8fY~_uqzs`H?COS5WVT9iLvP#UQk0zs%JqKg
zJO1Ah_$)Z}v^!zh`+c$5uZJiu&rG2I-2Bhw?T}d$y4(Tz;yp`60Bs(aYaikNq7?Jv
z;@z>hD1^39T7*Dvj6aFV8xUnvg|~@G0;`dkzmG6fk7;G4X^A1U>HrFcC7L`|$nQp#
zon%c7s*^#+<Z$BE879)~0VNPya=Xs!m{+H_jexIiY_xivWcUal29;XE1zoAX?a)_B
zQK|U2V(cvzp<`epr80K#Nd!wtY<v@)C57m5C9+Uy$*Noam*wcf)CirrIKP8<pfS<I
zK<?wWN+c4q{g0i>kC!ss&~N8!<GBdmDq8TX-+iwcN|jj<&RT!sM+zmt@?72OM+&W*
z-kBUgwac!~jnUMQawj({`gSI>rOV3meQ#u8D2llfoKsx1nZ6PxPY9dYsvF{#msHbt
zCHwq3-39Y)8#)#(4H-7-lMjQwSFa3GsL>#~b@2IMK%}1F>1(b8E5A%&e1Q6)YI&e0
zu|iUd5-O}Tku{jiDII7*^v<6cF86yIKzu_-pIMo(i#?}J3c;>tIR+vG=5{@-1ktfM
zGyPmEvKMQL1LjbTmTCyYyx*yze?*1sAh>G&!gq14%r}9MLVn?|f9>{C>f|4Fd!TDe
z?s?(pQs(WB0AipXKyOCxSOM3%Y9IPDXDUG3v9;Y)CpvR#HNAXjG?XZX7+yv5QjamF
zu(*^ZGk5SKuK6hd9XhpQB1`{=2efWpcpyi;ipZsX_?f7;`ake!bDQW(BF<YOZY#mW
zMlsHmi<@NVGwnnT=j#8S<1$e-@c8aeVIn)-%1Cet3kJ4))5yk?Tf802CQc~E3aaX|
zE?UKh^DW7xjzDW_isi+b)W-o{ID?B=b_o3dI!fjM>S=RS3$1|4i@AD~P!Oz$FyP#(
zVa<_27Ijzau(=hPSjA4UQhy9*WmPAZa1agPo{CLp%60N-`-=H8d@ulmt=YV+ZpW|l
znH!4#iF|H{QAe^khW1a4!@mT=?D8b|H?5r!z9an~w7qpuTyL{3I%sePcXxNU!3pjV
z+=9CV3o!WL?vP*!?(V@MBv^0>?(V_Q<ooS!?_KxQsZ(|DzWm43JMUW4{q)n_YjyW)
zgV8uFlr|FdJn-G|y24^C{$tECtDfh;SgKx;7BRQ99L}i{A|zyp)}#8odrWw_QAJ^<
zx6q{I4z9>OVEHnbE~;`@A!LZdvrx<LCb-#)N{5Fw0snL-+73i+{>H_H9yz|J4jF0G
z-8B)3WFDYvQ0Jsx6!1NEYx=Zo<SDcT#-M0GlX9>8tB4Vw0T3FS%h)9FB-9aAd)t(f
zV@cOgix2MZ@q*D9gM5d-3}$~zzPlSls#+|jt(QU9Or2vr>~(#_n!R;Dsgm-sOQbq@
zOqfnLklZV_@b>ApVE6PU&74DnSi!eVnu!%ZD8P2{lS?8)>%thJaD>{=oBy<*ryCxE
zpBFwY%e=Z`$;g=S#fkJTd8!^uD9C?mQ2OR9y7uoB=pZ9C94gjvL%b!+INLGO6*;Ee
z-ZR<c<7c#Go;A8fi^se+{hxf^_e@C^-2U0v`9i5W_bf}!ctOnm5Tjc<r1{4CV~&c*
zQLgb96d-xEqq3g47r_ZH<|{te=)O)^#Q|s8kv~TeM?n9V*{~`vn<YCmt#&ragZ_@8
zR|Fv>%-5$=UqV?Q5Q1^|HgC2$_&V{B=3o~F3<WAwuk`=cD?`F1i5oZQHmb`ULVJXX
zEgaltf-HtgwyZeJ8LQZB>29fQ?g5T{ykzXbvIe6S#iy#>ALcUjilIXP>o46Pp%;+D
z`&TRl-N+nqgwviVHDlATqlAR_|FGcjTeQ_yCdRfBE8Z(_CJZ-PQG`q83Zc%w;u_KK
zF3^~&zm#stQlnv%wqMilTJ-<4hQS;Aoy<fibUCN}pNP>ojqtzZHdgc`_xBs&y1Rsf
zJogklprC~g?;ONJMx=aMv#c-(3Mo*?fYt&VdxR0zt|K4UewzkVf84~g_BgbM%awgs
zJcSUC%qqZI2UDn<5$p3@<v|Xr-G1=xauAt(*;^i7tFi(I1n)%9@q=a#ld&p(Uccv=
zfu8rYe9~$B>hD8*(z71;;D+D|GHWxBLI*Zk!N*$ht#(d$Uu`Xq3GM{}R5hL1<IsU=
zR`39zT-(7oB1DlJ7JyW=;%NgXLq`My2-9$GZ-6OGhQ1T;V-#3j1Zcd4j*>M`%{g@h
zm(oICnsa_v@#Y6<CqsLk2zS1UkWey@LK~xE-GAl%&uzP#5+K3|0|0<1=X#pBa2KT@
zpAG--Lv8;*zA5h;PwP3xmD!N65KRAAUAfo-IksYwk-E)0cCcD|AC(voRd1ztTg95>
z_<qcQS|*Tkhl2Bp*V`v{V=JId@ARtwvF&a=PiRkQPt;?t`%D2lORgCA(Zr~-L^~=p
zB~^1OY!~714(N2iWkeSrk+2p!#>00nH*Y{QTSK{X3JhcjO7vqIbQ!dlI+$K6IQ^+q
zE&;gCAqGm^S9RBZe^NqDeO;0nBSpaC-F0Rc_rRp^yPr=ITPY@6B+o~CTbM{(=kol3
z#oWIpJ)>8gqe&(k!K~8~5vwcl?NEmTdSajWR`R8WO0lwR8n1P<HuDGv-~ABo!MVd#
zK>I2cWl$iVf|$hY+?vb7jYb)vAer2B-C@1H3?iP4L$OZqcL~p)G*oQ^Kp=`?K*K!8
z-u?@>{(HgT7pHvwtCeKw&0m=fZGV2SeXOntB3p!IJQ=wKyjQ>upMgYDS50&EdK2kn
zrY*F8>e8vVUGQ*Z4>N!1ozXTfyTmI##LPa$jX8L+G?!1}zR{V^q~>PaLCt4=djapw
zSa)TDJM!5SL32VN-8P#VLy)X`D9jR%4KMDFx%~br&BwE7ucjJy(na_>=}*C-M>KBy
zeyS-=x(<CN$UOa5{1XTGDREn+(hero@{fM{Wpqy_HuUzM|Ks+ikVGZlhTb!yXTHnK
zu+mr?_$*%@MXD!c=3KPAh0+AD7u1*GpE%HymT8{7sus7uHlT}dZz0ap3d=1U6)2~@
zQ6X9>7#R1^*!F^+%qLe)jlp*G+)A7hr*ls{?Vh_CuGo4~Q(dFg3Mk*#p<uz5=N+at
zOWS})X?WuJ*b83z;h-czt896?yU8<uUdOtF6U0SVkD&gLbOQ4|krt%{%R$z%Q4tP>
zOTJ{&7yegJJmU<kZ5f1hYFv&X8=|a3^rCITrTHF|wv7+^sjaadIh*+eTN>g?qZJre
z6(s2@8i<0Y9t3lpfeU1PJp;%d$o=-Z;P@)j3{aG)7XuL`%M|cZ8_*IjXP0v@YBW2J
z)(|%`8me;bQ)kN!9<zmE(;YY>`)i{;`xi~s@Qxq}4~W=!<2Mh=??i8eyqQmD*J`oi
zG`$`^gtW2QGEl&SQ1ijTB(he8um-5DFtgnhSkCDF@iDhG6N-s6A3zC)w7k?U7@r+A
z(xtTrZr{QC;<lz7(>8)|gfDS2=pWXfUCSJ?RQ2j<1_W(*JDC>y$TThb%Pj(3s7U^p
zENI3afL_#X-Q0>NLP_$ARmA*{3lBNK@&2<W<2syrGz|va>XE74FhN)q)cc=Lkz|QF
z@_FGp)h{e%oyaojdW6x0G%T-`<`A(%c{(T;7)5DY_LjV!{<tr5Wgq|}u18U5Ui^v(
z?cOwyLR?#sT1)zlnrk3}#X#;pwAw-Qu$?4n?069+>KmdD^tqy>qPnQ3V;T7AwdaH{
zjVkYrsewF-$nDuU|4o5ku=4B`T5d1W=k`0bO}q_wt#KKZJ@!68hJKGLT4t@X%(xa*
z4y5RP#^I|Kp<9}gk)cn}!fzF9KNVZXddTy-V+<rAJK?+=nNvc^^hcAow*O57ij4kf
zpp%sTQ!i?$;J4rLvn{-mt|gdT$t?9SgatF3oqL`bBR#Fo-_q=gQ_}GA8DP}ay~2~p
zCVf`1qOSuF>S-{Iy7<^;A=2iJN#bD3;0rC%MC$vJQ?Jj=J-Kk9fHpp-wLl5aP-G6<
zpTq2l5;O~|LhDG}@%<XwN)sVeQtAB(8h2%Zxtb{*e_`<xYiL!;TQLJ(w~g{(r`NTk
zhL)UZ=gEWLqPL)4j%aRaj3#|pxb&izJsnXpdOY?<h^3rL9DaFrjharI2An^Y#PT;1
zxtO(iMPmD-GVd5UghjDZlaQ`-A?*Y<pwSB_wl+v)_NSmMw3u>+4TpO8Ug3y+^r9uZ
zpUNZvwWH%*Gg&?+)jaLkd&+v@HhUd#u!vzY1q1|bF)u~E@CAEDQg|Fu*Fq2dXuTBD
zt!B$WhH$#snXwfdW{SHfozA!1ezO?kVWHvf=*8i&<(UR>v+~j&MVWR8E|ZW;I%@=&
zGGX_d0_wJmc9hfMv?HqI1*G}NI8{Tp$LdHS=LykZd$H2xM_}ep22@-Iq}}30zD<&q
zV$Lo*yj6im@<ihL%$scVFAK?{?h2W5><Z~JA2Ral<koo-Ye+>)@Ch>>F0G;zmqLcu
z@n4>d&J@v)aD+Apn2diS|2LkRhTIwyi}3ZHRd8AwfVM1G`>e=&kO$9vD>i>^UVd0&
zamsNV@;Wwld&Xe?R*es^Z(Ank-LEX<yZwA~&}i&B05{`=eOEjeJ;-V~D<`tDO}wP&
zQ0RWPad_L}G=ZCV1dDc!W{uOh9wWO0%eR9{H#Sh1@E0Hv8%=0zU|2*s)YV<q26L|&
zB+<ZuWo{s_z3F|xa#=5K?8V^M{#(^a*jl~(?-AW)8OT$b@^2E5cCR7I(4*R-T=XyK
z+Q=7jC*2xmIMZ<LB5gnEE6>QIPs9w;-#Be<E^=581laZ7iM%n?Y<DNtuYFCO+D*F3
zYwB!>yVi?3c~OfoLBcT{;0Krz$l}Q(O%+@*4B1B8QGAYMjF&guDBlN*@$U7bQtF+o
zj;z&`a}DA7*Qw%=S=}a1X9$&;!*rMxiwIhS$ChZa{d@jFK-4WpoNZB_7H$zLDcSU!
zeqoj(%Pt~201-Z6^36bvu`nuzdVnczlo?@N_Hi_rY>(Nd-U9S~!B4UBE_&w(bu1X^
zwG^pzPP%>7fc2|;$T!6jPTR$Sbj*S9kC+PR?|%6GjL>v^OD;q!LxWe$5OvHhvPB<f
z*6n_tYhY${IF>@kY==r7YWU~sibWnlWCM@M^e4i9)Akgkv?kr}V<wF<Bx6{Wke+&r
zYJS@6?Zx7-3?iSG1XnMQh`6jOp6Qg#`JD{9C@SD~bGzk47c#=Le71`^e@f6O;Bp#$
zwv<3b&?jg)-Ts{EGKapv^gaU9R_j|y!46r3Wj;D{d!0kw3emDPJp98k<aGC%uxj#`
z%$gA?$7W+1=M*4?{1eR`yS!oZ#m>m7i09c&H(#d8H&zkf<FMh@p2r2UrH#-Nx$Lag
z-of2$HqpwYycLmNQ$RS{Knj7ZL()h=-Qdp_9KBw99U1kWXO6%sSVpguk9Y!IY9`Jr
zoEVjcvU7=g<tZ;7?{dIzP&shWItH(w{m_W9w2!c|P{3-N3hW7-@*iNV{IY6|2d?9O
zNwe`O)5$NHLu^BG&V<?aKV}IrS0~h37Y}$Dt!oYX{<y;oR%&1|<N8BqEQHRw5cGY&
zl)ls6qYCj9EW%zlrTbMtfR|d?5o_6O;}n4b-Q<>4C*c6JDQ??+O7m$Q_)D6GH0K9g
zggpL2Iq2ugtk_Dgp`{4`YngEOVYy^%bd6({(2{0)2q8;!`}(=N$JL{T-74(U>A3}l
zr(IE+%>(#D$}yqQJ!u7p(=&ILXkq59taurrdTL5jK4YM#FbZ{>F`80kteNrnEvr`)
zFBpA`>e&x@&KWPPac<QTb__~2P|O|I@0^OhA8z}e#fqSxW`0x^gK2+afbjaRoAlqf
zgR8fV{Ulx%p5;2E4h7$JoCPOUSZpo`NzCc`3w>&e?Px@DcLS7fAW*(h!yYyMFr-4<
z`*CMosOej)i7BlTt2w?XV$1oSjjvGtwUjN#UkDoiKOi{wCr!uyN07Q*n;mbhn5tgC
zzoRm(0sk{XqW`iume}C(^%Oi0((m4lxj%6e&Ie!ur#-j!ngE`zU)@(>?N@e4$9WUS
zd3P~nI=I8H5St-KN^xU<!}<DT+d2IC=7@z4y{Ai)I+g@VxO|AHy0Q8iwPpmzg=Ugi
zBn!162zY}OxKpN2Q&}}O<EO(sDZcH8{?&IR3mHszzki*H@!b6;($ul<=?ee()mM~3
z<Ah+QvOcHTM1md^y}<18t5&MH&Sa)q_iPyeFaJFr|K22UU?_qBLkae_mejNU10_8u
z7(`I0s#*}><R+)bKVxest0RMXa9c*W*wq<2z;?RCQquLEQg3i7PMA0mV1|5en&u#p
zm|+%^4$#0w{PZ+Qyx_5bo!^<aSs3AOZ`&s$t)cmgu9=)uSDY2Ti<iLw-h_%JY(tkG
z#A-@9%08H!<<KYtcV8mwVy-qZKUR~cS-%w#(B(5T&@6aMgHGp}g6u}{{AQC=U}g+U
zOl_XV_wCiw`nP!!f;+1(dYv@lG7hq^*SF?<CK+W!X<y!S2nbgvE|#8V0;WEW)(BJx
zBx;H&%H$!pf88$ShAFImGHHLif#0Ejo>~4OytqhyF4zFtd&Rz&31AaslOY7+XQRDn
z?sep(G8<bJS#eolMJ4imYMV0e**b!5ITl(Q_5i<+`>q~h`Ny3}9$i2X=3^H>E4hhi
z;k0tUr7dOsbksD_!0cEyk+-Tc*rK$oWi%7O)y*TSNe84M!=~b@RkH5<RobM-tTqLE
z7~>@*?`aq8bRNGTVN<fWv8Z9=scDi2qX|3nsNev`Zjag}ERa0s@^h{vdUL|Y3#Y<C
z;mo>Oyu)jwLk|*eT%$f;dfzc<ad0WB;LaYAzi=e<YYvXt0Vb>Dsv$j(th|h0E@FMA
zk%OZnM~4fBx$k9(fP`k}yEC7MC0Q?RZ+iu4i?fvja&5Pl%y2$V6Al+lIhA^z9G~ve
z5u%&(6)XG7{<4!LY;jC?VZbc!_fZ{j1$FX5f3;#dK^IuV#+OfpK%e^7337P~V|tKf
zd#PzxFfq@Rdg_d4)YK1*+ei1Jz33vnlTV$N;Tv<bpn|8c_;lQoRU<pZ*(Z{ZGECnG
zO-?mQ?P5#sGHSGApB3PaoHP*FS~u?BmqkgHw49kGkHu(U&}4B<b(@%Mi1QR`I4Xci
zE$xSRVcPfOh;t3d^akLOc1iAUtnauGd3)Z_<@0<m5dN#^--!S_eUxpwpE!C}8X{VS
zPqsy4%-H!P(qUBQ1*7{MQ{E?)h+V`|(Z*bw9jGh31Mm<N6UzlY<V4n?5TyQ$HKT$J
zIR;MNFxfABRMd*ZEfXz>YE#PvmX*)h@Q{M9<MfuW1AkQ4iWMp4glVNLtTKLZ!bA^A
z??h3TbIi#`?r|-zlhp;Kw>d~W6y)>h2em$ABw^?OmN$S)omAl+Lb@?M^kQ!znlyyA
zTl)q!a7V}E_ol6OJ`b`tDu8Ds%Rm24oyQRLa;=&VtiM>i5AE1#eVjf(2C8Lze$hH#
z!9S_w689M}&?^g;<u|JLwcM|XsaQ<&4e&?%ebAL$-+i1;knmYgmh<h%k!Z&bXl+iw
z`#i2GewJ%r=0rvrOdTwjl1;a?g(=oJ=a8^WLW#HI=>?rAI~p{_lEOlkWprt8hwPXC
z`tVqyBxO7G;2+)hErr+;ndUugV_Q;VkzraCVqx)DCDywe4N+lX4$1y1Ww6x!aZV&k
zfP~QcE-{-1<!j@9XK{7gis1CZ4}!2fyy3unDtZt*PIP~R6<s26C@Txv0i+{@bf$CG
z&ZNNVZOl*pN=0z@g2}=S&M(z<g5L@(ORV%D&Nbmc0j4WgE-?02o<b^^km^HhN|maP
z6OkX3T5nl!%F-CgxL}sJWC*eGvtwVd0|;!`q#c#P%}c+}EoEV4I0VvzAK(>O?P-I!
z{!uJF1K4f2);5+v=_*4d0>ZfCe<-AjOW^%g>e7VB9&}-kL%EN?;pT-5{12N=1k5g1
zNIOaf)UoeD*xB;Ye`7t`DDfCl?8YJH^<MPN_Qa+FZp5dF^TV7Ah2$9BCESOIj*QCp
zqWKGCUwfN{{Ak~O1`Hb82Izks)6F~edoPH?nk<|M*l5f{pU6E6;^4^-mL)|b+QGo=
z=r(!0*`n^HrIPSc8QTcRxjnxyc*|hVU;(SGlE32){y>P63JCT{jF9Yk<%V&u_Mwfo
zMecUJZ{9L=oO<+!NUgu+{RXd)0GkESNUc8LR3A#p$p6c^1y8s`vHiADuu#HX=5wK=
z2Qjp*h1XHoamwInl49p5HT~fU&=A<kr}06sbuxf!wA-GKkz<+eZrKLz8bT+GP5fH{
z_D}`r<4W({1F^B_G)3qXU9!^2sL_y7Rpf%Ax?>t{v!^?2w$1=aZhmcKFgM7PIL`Dr
zJRk3W;t@N$!xDO{=+B(u8Waok$ii`5S)yIFkNUqaEh}#2h6!=TBG195^j3%%_{N@P
z4y)}_Gs!<gaCDioKMlL2AJFo1L5Y6f$A=*cJO5omBO+r#g>5_*0aa>Ro!B*D&QDI5
zONZu(sq{B#N!NQ5Ex64cQ}Sk_#yJ2s9R-u~L6AK1WQcLg6WOn|qqWzm1nRw?od9Hd
z<PUXWWAAn7t((gg!1^LUoP0%CzRwUfD<_^$2ogcB-n5|Y=sYeq$(-(PI$s-{G-RNx
z`TAQI)tby)+}A2Ku+gtPC{R~aaq>BoU;0Y~CwN0M0lkGbxqu`@X>F=OEF4OK;`vC%
z$X$4(EA6^$rKXfMiO+!Ej}Cvn9BOP*D1!}77}mC|gA!Hqn}uLdup+_=M%OulY+whB
zp;J1$J|ZFmq1YwmTiJ%^JY8z-I^U|HEAx)9rF2E~M2Y;63y_Uw`4?*Im|)x^trXCX
zLx|`>Q$EBvlyif%G8rE#H=HWFm#vS{g+sT(D}soaU=9O{`9R34GM2HE<(tMW%$${F
zcPhw}n-TD(ZYV3$oxNkbO&@c=zemSU^lcZ0(Nqrn<LR(gauvqpO2dyegwF|2dOp;&
z#2Eu03O{>qJ+`sB(09~u96DN$H9fi%oC(mu*+*3jJDOYEU7strK+W46O1sfo=jFCj
z1&`?D!pbWFhfF&f7p_X}QAlOYzl|2cq?|_|tI>g={$pqEK11HY62-_87I$n}0ZTN8
z2)IsxAIIb>KdTz7<?nX9#|zY^LWjmSnR5z4yeh$PP*9#f+LV0zN2u@mJmqHSK{QQT
z>xDU`f6DaGt;8Xo2c^pS{K~<Gq&SpvP`b#ejAM8)lt8Gy5&&6|n*83tZA~g?az!%@
z^q6r?!I^B;fI15AI<F-TP9QA^DNbpY34HfmUF)sedsz5YYEh`%xo8nTIAG@s`+vC<
zRs$C*p*mVNt@4+A3y%7RRy~gNUt;!%C2ac1h!;F89013g?3D~CW2lqu2y}|d9=#~g
z)v{>N2#TNh#Ra1|<3eG7<ekCXZ$QK^NyvlY#B?owBgM!_+e>Nw@Bv26<ay>}5Twj#
zjD#w$k_>{ZP8MA8B#mj|+NT$9@97k<41E>2-CjXKbeZ(_v2X|;Vx-~};;Lqj%LP+!
z;32$N_?OJVDa|5D_D>$jKt5xsN8Pd&BAd=I72qv-xeB;>mdzk9^l~!!>Ns5?F-X7B
zr{i7Z3VbiR|3#xQk^+`(z7{APD6atiGo9$3Y5$VkiY!%v47^VhaK{PjszZhq47(3m
z6LzsdK2!z)qCcq_-;*%6B3nPVUgK)8^2*tl@JqHH9<mS-ZCF7#DPy6eQKkltjsLO$
z-wUC$fR!0~-QU4Ym()O<S*AxKm*F>qMq7Het)s}cE2RRuyt)2_Xkp`&B%%X86E(?D
zeMm<W)x2f&j5*gYN=^iXCn|g(!Ok}m)i#la9e`q=KOcPs%Gbt?=(gWvIFXI=u>LE;
z8X}xB*{+Dj>m<g`m-U+|THA$Jkeue%xpnB4oK9ALKD*&JA|=vATb0>9_mqXz{@5g=
zZFD@NU%j3)S1quf<FlLUfR>VRA$!wTx}Y%?1>$@wIMys{Qf_}jWj!^Lbk&759kq1z
zS;)g69_mGarDyuA<lGi9<MwSX;v_A-&ZdP<wa*n_Rgi(L(aUC6i|5A8Wruie5etQM
zAl&e8DHi4#DNR~8pOv8;qqA&A;Q5)bxwl#ooK7Iner|D}qB1TZa@7k$xWtTMS5(wo
zKwL)m-_YPjT#L-cO+pOK@XAsrC0&A$V3lhS?*Ow+EyNqnv8R^0Jt~$loQdq`0l}ts
za>IDmvIL5we`$W0qYFY;$^!$#=qK*A^B6s;g3`NhyK#dJF(Wx*DT$eR;9p>gjwU2B
zK7_!~vhor=e-VelCOg?HaS1)C(IJ1jl+}~hf$H#J2Z-O&i+JNk;uyh^;r@?3S?cqe
zicZ-}<RD7fs8=_wr=+JJZR`DIf2zUQd0O0dS)VXPQZ5(^h1g?g#OQUaxWh*aLR0dz
zgIm%!Zu#j{>)^Rd-&?^0QUv=^*rBUS2}}WLc$dd0)&fgOOXy)PyS;l+A0UQrkQ2Lq
z3zVKkKk%U&Hejks+~^y+v?-cu|0)smb}Wk#y6X7lD@+fH#5eWGWsNwyBWtPFuw3gT
zVeRpq4>b9#)oBmPs}x>+tUm5}Br@iW#ixkR`O!1_)g%T!1wJWYH!T~JliqEc&KsK!
z^Qb6*3tBqrmw%v@0`=0;`NE{L$!gV;V23E)#GvtU9LiDY&kdb35r7w}AAb$<K)SRI
zaQV5RzvJ6jjL2TxT7hahTX|0jBbs0tm+ysL7Da;u)O-JmFX9P!xHhP|ou|DSL%edi
zdb^T_JgHEi835L(tb3~Q?Je2erD&G9mFMA13^Hg8K=L|Yy`f{W97gxo{+w{_0!pTy
zR__~YS7yY(a4H^*%s}tH)z=mJja{WhA(b|fN+H#CkdVV+HQ{VoJK-}Ox)B%AiT!RW
z@2iz7(pA+~Mmf}me|!VTOq5g~A3d0|J%;8m`sDiit)Wkh+=X)&#<CQ`+n-36V&dT)
zkBsbV+WafLUgx+$PF(s<bctEuCo^5Zaa^GchB`6QzRgJWw*gb1l;1{+MQx0IF{;`?
zgoa{z5wdtbe)VUt0ZWKbTrmC?VBECr1zK1d!^-?)*<<GlX@nNA1Brx-Rd2zE$7$ak
z6u^Y(`_qVx!6Fu~MvPYHr%IQf1ML4da1he)=1Hk1ykz0WEa?vOn@P5ci{dyFsVmQ#
zzQ!RZ=12Z8sfpn1yE`<y<`Ol1Th1<rg<mppIcnGb6+@dwt%zRhk*5EHzLAzrA3>JB
ze)g|^oubVtPJASK<Uu$m$%L92q0%i=3kGjJ8fXTk1b!LGMox@MfEU)ail>mNU**le
z_)d+tIx%ChhR0?%T`*<U1C>Qu%a;t*MtHGT{*@p2gCG++S*oxULy1pOf1GBJbKLH0
z=od3>85M1prn+r~-=cn=K>J*(N_gt7vt(k|_b9%{nA$_jqbzteg$94A7NZMmHGk`-
z(qY~r!Rmr<TnynQ?5rGv-((y}D2Q{=xF^`*oPGL0)Mas&;)RKw-%$HGR{$>XCy5Z<
zh$s8uH>w{k@oPJTiG}c9^ppU$zkI!zDEJueyczNR$JJMJ2a$@x+fN6lKmY0%jndqa
z`$6g4xMjzXH-FyJ`${}Pp*~JCvfh#wL?u2s#>5&bOQc?tkVwAm#uUbp;vN^Fw+D?`
z2=VQLdy7|ak0qQrOvN~EzxnI@+veZ<{LP{SX{9a92!2q)l-KDosyX_06tIWUwKoPk
z&3G>-Gh68v@CYEA<RSkTbw?2Pa!7E9mS<kL)%^B9n%=zkt*zgQqsj7HekPwZ`TVBl
z2Zn}T0aw8N^6x%VcU#^Mo1qzpTm^?(U42z>vdYg^1J)d-`EjNbGbU5Qnzlm+cpn@t
zgzQhi9(%P9-Otx(7b|4!6J<;gf4RsM7N>dcSyz+aER2&&&Seu1q!c>Efk!tiaJ|9x
zom@9L8P9<i?Ka#$#q^>O)GGc)K!!z`52DFy`7m>K$&Y-rz*Y%@wsIkp$P-I1*Gt>F
zZ^Z#g(TCdvzEcHj2)RlO4A+txTGNeEZ1(G$o{20j4#DxZ$U?pp@28)Y*qTdwO~(;s
zsRmL`)Yg^)YX~rP861bc^!C5C=EnK*7b*s>S_b}t9Vb>~jqmjr`>7KnmWg%P=sS7t
zlFp^>D<T4D3~k7*&Hg53eaQUeJ-T6z>h{DD&);iTD=#n^snHQRj<^d1R|0v*emiLi
zqr2Dcy4)9w8kOEQU`BYlVq8Y+WYM@Rbc*`a`WF?fd~ch){~9bU0L{&e^_oG!P?sTz
zXzT2n#ESO`)3`0iNl}0)?Dms#kiDU~T<T!)oYUj5QMxe5%Cn3IF_DuW>Ndu`<r@YA
zDBgZe4)!%AN?P(h5nt`CsVz({DW}=Gc1Id3V3a<5KQCP~f-xY`m!Z@)S9p{M7>e`T
zz(Sd685uCAtk?8LTz#0kef;FzNj{!*m#q#LjrBJY_{$fdSkDn4_9%N67M7|aFFEsH
zNY$}NKp_R@KkRVwm<dftllp|(O!<x0)eBJpS^bQr3Py3C{w0{u?c2(WZ<Y1J)_(U(
z+r{baxI?wjv(Lv%z^awrd?tmed?lB>M8HwCkc+U}eSz2*>!gIYafQ-;&T@&R*`BXG
z0{p!CocBZS!OmXgg@2Aib(EszN#E4I0TMQ$?8{I+4e#)XKEuR^dWqLP>f<xhmRThC
z9oks65cqwkPY0jagc+lKrspIty!3fW?UH$&Vc8Rg_V~1U*zxVhwwQn9>uxsM#x=V0
z5POIB*6P%@E|LRMsHeZxt8C^|-H?cZ1rq!p=UIsxt%(QT1a8EEUOV}o%|(TZ?~_eo
z=?cf~VW4zw8{v)vY3zH%DE*?V$M8r`M08{cK(<VoGR@|jl$hnF!B(aN#KHk}yYxp5
zdsHbuYJAt|M^^=HS$ECMSvkqXrXMU<&0hU>OrcF}|7*dAy@^O4azI-Jm&Co3uo>}A
zyk5(<<;_7KSN-ym-Wi|t_Nw%)MgPs%I`%DM)y1dqY>}26;P>7w+El%YIQG!8G58en
ziA<H<*c}U0P(>;#>}TWb^Nro#Cwz4@{&gt%BRa7ZzEtZ+M6ZgJ{J)-$#Xys8l-~PF
zNYvab8O`88<olBD+ss|<pQ^?1rH|0oK8cW^739XFUT+T$AGxtBe_#VO?N@ll0+hdz
zgZI==cw0*U##sbghYFg#JK|oY$c7lhSO1lxF?)Y^-b?TN09%{6mf{5oJ6&mvw8Tk1
z26fa3lYkdq5-DnN^5w8a&epg4NdK`Hq1)=qa7%mWk*fZj2mD&kPq!;WWX$f8?w1NO
zg9iLZFYAC40ad|Pz7DrL<lz=<?Dj+WyCB|5ygQC2KimdNT5{KQZ!&M^220nJN#wte
z5>BZHAz|dw{;J)R;#5>r8*9C}e7o1z{Ux~Azt*kOss9C6%~*wh{xaVygyxw1^L(k8
zFex!H@toxGgF3W39}KDta<F8q4+l!T$#rv{vjf}KV*$Pq?OEp`Lg-0g0RLkjf)?85
z39|YGG1h|y)J&!08>)=!ts|Cf`H$J%p;aUN+uc;wPW2osOT~y-79MOnnw3gzYv1W=
zMo>F}9JHyIAw9hwfnpxkpZGr1{Tg4qc<#(xgjSABT=|dBTz?c1Gqi4PjS@bEDbzd+
zU4yiHn;OzuED?y^77OksyyNgiG+uPvGdj-MY2o*~y-{n#AhTzFw;-qwfk0k(&_Ei)
zVjykBfOC>MGQy3w#oBbihMJ^KnS8qL)^HBTxiKFb>{AxZO#S&e;LN`4QS_!lR{g1|
z3qu}eHzWMQ{lTS;59<PjZ2D13H8Xr)#F)s@LFk&Ke5Hg8LT;2(&$-V8DmSn04dvxr
z-@9)|)=;-P{uH6^l*NA?l#-Fr?j{5m#zQwr{kzHS&Y#F>5x4bp++T|qn1^2oc>(C&
zN-CZLHY%p5FB{f3q~H}U`W6T-2IysaL@b$xn)*;LhU5?r`rD@uDSEK7nW@Xw0f*^w
znLW1|Fr^04b1txxwuqF})XWag=5AL(TjZ3?Rhdu0l4+qQkF`&sX-9P1db+w8uGtIx
ztK`%DaFM>_e5xtIg(MEx<E89XN`}wP1Z2J41gy-t1Dttb4xj~-S64)IxWpPVJQR@g
z*pk%*){qlp1POR0O4;3pBpy0F@A2jw8Hk0ICWe?_`p*SD$AZGh_ILozjU(d}0OsE@
z_7jwX50fSzn2{|FyZC!Y;{6|{aFW_}78r-dIhM?Nwg-awP6R?!?;sl{TA`x{svh=6
z=&85vWxwLHYfjN(_t+Y^99q*q;0zsXESg|Qj)_<Dt)km!M=^aeEV=!KwojXjt#uaK
zkACZ^U%rM$=J^#J<OiqP{TYSU-9uM(OfVlK`ec`sJ|XSfOw__;)5eCtWW=X!gnaZ2
zo(-8kk)Ve%{d-GWfP2rUc2!0XxZ5lOHkX#RR0yQhkrN<Gb_dX4f@(vqKl=t*9o@nR
zd}Ca*g!(1s-U!FoOpop+YeZaMi5B;bIP78O{7p7-X|$VDo7-}pYGt`jEpJTNmoK~a
z9Pj3n)r(}TIz|zUk5ZT3FJ?6h(v?T796a*RmCXo{%}k_=lPN3+*$A=Oz#X>hS9n>-
zk+>Er^%vEC@bQIVbSR#?K$=6YyBwMXYzK-p;S}ily}*l=&BkLx@mb#s!1Y>zllgLO
z17qv3HEzHEc!b8wMmnojWdo=L8V~BNL?IBwHTG`4Yi}a@MsHltAoCTrj3I6}Q~XQa
z=F&kUQ8URNaU6Tugo^YKyYgp*Q<JPZlU>^2ilfFYKI|pb;@bh`_rze&`yM9`c?RCN
z*?k<kD<&T`Z&L1nqbaPOnF9*0lldVNJ-C{~Rcs1gbYJ4!?$)4<;Hb%0>1X_}U%58&
zc|xOX??8RyLSuG9E=wo0&Fr7+-c@dWdxNE-{nezze3qN%TG*+TivZlX&-L?`X<8ic
z*>dj;rp(x4=bxYb5_3h=si<a{Ax3mP3XqYJ*$IQ$XYk*<@s|b;UO)@f6#JsH83hy}
zzYRn7O|FS){UGFgibx@)R2qdn`=X3gg>;HiK9WEe(eurzAM;$NZSRchj~)Wa10R=H
zg?Jh|Mt^?f7O}a)m<J>|-q!)l#R3|H3I9Aw`Vy8f^oQ2@RMR+lG=y9`Z*W2~0+HH6
z34ThI#vf!f;wWp(L{c)MBcwef7Z7V928mR#c!k24C2v>Zo8qz@EUVgIqly_58^IeN
zt)Dw*p-HpNFKso6{>Y?d;o^da;eHMiTy?1?;Oc6PVY3ldqsU`e`pv!q?haSSJd`cU
z@zOjriw0yV<aTUOclW4s&!gvY2E(b|OYeu4W4>54qcs&$_+6NU?F!R17sOkVs|iA0
z)WJwpVW}**`JMfIAX>vfRuG@TK$VTt!iQg60YDU@Gjv$tFb&^O^+vkrIrb5LvS0G;
zL@*(DKFQ70&&oulW7ql^l2yB-pKck&MfD>!P3gWTTs=<#MfJR&|A^<FfHkw<`lFVI
z02Tx39n9X@l2_yA+|C2K%InbNcf+#%qJ*VQowSXq7aidl>FTuwKI-gmNUgx2^V-Th
zRX9YDJ4l!b`>n{8Zl#KnlNJN8q>z{_89~004q%1mCw=g-Ez!FP;s`1}efDWawBM!_
zXQx71K%_~+GbSKD1<vrb4zobFaX<(br5Axdh(>GZqd6`tyvBj(Y|FIA%!?0uIx6>9
zW5XH2>z!}RNQs{Y@pWWj>YtUD%8lEsWCclbB0hnp=E9pv&ie7T;&@gF{3Q-aU=*WR
zr_dowd7L6}1T)_h!l~lqbxhaBktWUFJcRL2VRBaQr|ZKo2a4iSN+D6b!u&Vs8kZl;
zAx+}Gp~SsG0QVYbTNVPSmPt5a!|Xk$htnmcW#cm80dn9*qhkYj*sz9nK3J<qqC0Ig
z<zIq?y?B;PS`W{)<d!sAo|Y<^9S4X6tXTOpn0!Bw)I%4h*QWy+b-~A51^*J0|9^-n
z{b>kIy&WLta+&qvS5xUwDZoyufnFsJuxRg?<q2cIsI%NQyTarO;8g9neR+p7>9_2S
zFmih}42!#5J$0rBKO*;aU+y#KXd@?M9`e8;z1rAbxC9R6qYon}3@G)T97X;21~Fwa
zUC;rZVC?TSZ5aEeciU4|L6yrbrolY#H4#el$NbSeWVHI|a+(}|8E@MljC8|h(1V=3
z+OYq8(OY-4Dsx^(?-Uu;uN0|=ZPeW!U?qJTXL02V+{6>iRrD`5{^v@-e_yGG0mSqc
z7$HPw47Mk@)~`vWMPg)vqLBrZX*PxCiT{I*ZCX>j?<?mYJQzi_5FmoBit?{~<CS&T
z0My&SN>12R?1KqATdQ2pz)6fHYq&^<<cRK*KxSmAGZ$LP+5`qVR3m|Zq{#4}Qv3>_
zV^JnPHiP+<8%l8eCmkROoz`Cm8&=TvwU_^WCBV*MONR4VgJcm8(5Nte-*pn6nM6F=
z*wK{I+d~O5mwS&nZB|ojSKHJxCVSZAjq!HXAa(b*GatT~vP!5EjobJSOG%K-%@<z(
zKJL{e-i7f13G`+>sF+>P1O2PKpXMJ{>j?CgM4*V;UW<fH^=?IkSdF@%0Mm~|?N@w4
z0+DWt6vi6TT25u%LvUgG=6zMyb3W;U&z~oU{s7C_w3tDB;~xgJA-S1Le|F#Uyq{8%
zu})}Zp{{d4wf^a|IriZX0!)a|&8LNhKqNjCAnD$Dd-j`g)I#!@k;CtAq9wu}Z0BNU
zFbkGO)<Z7cnTd5fRm-~<z6pstTT~5}44?qT5e=WHW@h7B$Oj|UY5pRyH{g?m7q`j0
zgKwL=#<P1r)O@L4#s9+`l%QnOkC2|foT>Jpu3^CSBb%`(CYs)f3WQ)6h76r<hN8Z$
z+BD7WF`4+L!b((&GYj^(!u1V;Q6^<#uC%O|J)2vFR0D9x^6}tdZmRY7FQa0$V;9jl
zj{G_D3jdQy+e>|K!y?gYAq$!mzRmk}>PdzlgP9=O5kwJ$5Y5RRC)#|D)uwjZ?^*<s
zi$3pfFKj)0xM`YR)QPLmKR}T^(u0Y>c;<=@98IQx&gPv);BxRXG(D9TPtWaJ@Xdom
z-gUCNE8a}pPWJ5O^#8gh)XYrytqq1|D}-=i<d1Q<>qov@m8>1v^oD~@NbX#ajD4lt
za}o{5(sd9ISKyHiSH0cDr~TZy5T~<tTWtL4G4CI@INV&4un9l_C5L*7t6vQ~JBAlh
z-|s5BuEx!ylfDz5C6%YyLq0eXqPum5x}*?#Ge%_6S}ZNAllc)&Wm+dt@P(2|)L!mx
zWj}f<j-E067yk8aO{1&;QTD}oRZ2Oy_|5&vw1O9_Aj}{KDDfu-QT*Gcf-Xs>$}STP
z*fq@+X0vrx?+CTaH2G|7ktz<fJ>2=U=+mO{NJ}-_tm$kNm;>LMlBL;=Y)k5_x~PA#
z{^DW+zf`SRu{7UhkQP0rTl%hS8j}Y4g;h1P<=SV~Lu>BhL!jY^1x3QC{ToD`Aq_G8
zpMSCN9`J7oI|k95i!XiF^#A0iMv>%4+K2NODq{bJ%6AZ03gx8VM#Nc`9zp)^oxhU(
z`_8ja)!*C=Qw{?bhLHdAZJ0Xv@~>}Z9laHxZWD7Yee^&S^JVzte?&?JRV&iJFX?_C
zSE^s2_^<7Nn(U!D?h#P0l721_0$oJ)9`TL9zuXM;gH4?OJwf`PONRdcNU;7ddjfAy
z78-*oA+WYs1dEh2AvkZwwZpiWdj+|M&|5L}DAh4FiBRy$Fz7;%*?|@t)`Y)N**lk)
z^PZKtK|I+xhd%&Ge;XTq+B%o>z{$`<J0Ez9+RDb!fLYMih{@R9ufjYatG`VS|8ExC
zQPRvw<jkJ5h4q}6^Wj~;T=KPE-@M*>5c5k!C;Ys+2Dkj$@!yvp7CQ;DVQIJY7Vl=)
zw66Q&W^(03B(b*HLLbfi`^8ox&PCy)c$vPX0E)a;d}}h65}a>sCgXzCSX;eEQ<sLe
z#vgfQj}~I+VF>m{W6|#%nk|$xDr^n;;u5uGWy00jZrGfPkv37WAc|3`EyQn8;2A9n
zkr-(y%ecDfqTzu!mNGb7Z{ng%pVxCASKR$>k2#fwPMuSH#cNkZyiWs8Jxoq>7l}4c
z6))g0*sJ-nu@zAA73D86)I;10M@Z{ju69qKnjMF(TZ5FqOR-!OzIc$pU%!C~eqCI8
z#yB~V+~KdyZKv+lq9(k%O9yWF#1v#htnBGn>l~ccCZj88$@N{0tQRMSiyCkU(d1<G
zvA6>gUS~Znd7l_9w-R#H@S9rQg;**y+RDmA*AurJaTzF5aa|WOJ^7u*SAVPt3#f^R
znGX!v{YqE;(1!NPAr9w6`o!YBHNm2a|KVaei`{{jkNKq-Q0_^42B2ePi2i|P6Q>&5
z<hAQ}clL_;T2XDC5L}VBXo5iPRNelL&jkMlBa~`WGOMp=<FdId(2^YWLEyuUDyHdv
zaR~n*k#DR80m$`>0-Bc?t`my_ia#C)>O%&upU_1wii}7ze*u0NdV_=|Yv309qH@@Q
z@57}aO9c#hhRdgD8D$G$+NAW&?a*Xc43bC;WWb)Ki@?~QqnJ#y<lYyGyx^z2A@h8y
zfx#xZw=k)c;>q4%>{OB|p}tdd`nzcR+yU59{*)kN5$+?~2EAYf`IX-ZUw`{J&$(Rq
z4zPpk*M11^E*ifSorkNk|3L{Qk~O=jbotEQmsYsW0oE^Qws>n^v-w`~by|vpL0msr
zVR(*yCZyK<)PZ|wMe>z3dw;BT3!6;uy}Pci^c93(E&R7sf|7FNwl)iR#N2W+Snu2Y
zAJ!|J#}{`k*yV;-d7J#9VYrZGQ$JdqkDbfF%}s+Mrr`f3=`pMvWia^^ZyU6*J`cOr
zP(_x~1O`6r^pcJZtaz%(s_R)3-4p~<h$qI0W*KB6{_FVOKenwZI04~G`=ho2AM>ba
znw5!JIUZ;Oq6N4(<EY7=#s^L56L1=ka9(2a5nc7Ay3JB2;)2o=w#oA0cVsk#`b;fh
zJIB0*_GXIrM={yK)unC1v`W);*(|7yg-PSvzM2G)qf5PH<&&(#zrNY(;6%;O%xE()
zC-GkJ@%?_XD)_BeDB!|p5C2l0Ej9YbV{*5ITDV=#37Fp7gJ-BW(5|J)?Pp{Wp?mZF
zJY0C|$_C;*#jrWgV1a9{2YOrbG0`{**@$htcfQncjn&Q;rZ_`XK8hR*MUc2(NIJd0
z?hBt%8PP0CBWx1dGjX=E*ISJuZsjd^T=C6ODt7QkNoqxUvNWdoA&Uy@aOOQ{9VB^v
zmoVa`BOPwdT@6G{nTsfnGND4uaItZfGRWK{)i5@b#d-zO#e4-<i=3^&G|izH06gn8
zSkSLuqjxu{T39caN>F-@%bv^*{&Px2#>31eAK9*}#Gz&Lg;}h7T+t9tYGPwTSFfy&
z#~r44cY4|(LA^l3fEGc0hsO5}qok0Ac6=*`<!;jjYW^c8v8B7bFhM(Psm-jZXUY*L
z+2fB!n!7W%gxcevRrr08p`!cYpWlsVmhKuOc_x-`$2}rk8-s7r%%sotPM@%)Cl*@F
zzXgPPnmukvl{I^$#-sC=OwCe^Pu}7E%)D+dNI20G)|PnDzpaQrvo}cb9e&B<Z@G!L
z;8+mI9wtW}4-9gnb>#C4!ymf>h-sK6J_IW5jtM}PRU3NaAI}TWE?my#vnesnXKT`7
zz2IevxRFLVZQuL2qc^i#f8C%Z7Ccy#r%Ffo0aF?(uEhGQWEq8{(Hls=VoTr|X06?B
zH~k=ElRh{A$tI(DKcDXwdZj4b&S#0f&>BWNmQ+QzkS6L<#J8;Du&O;Qw}15eF|<J*
zor;jW8CyNM&jiCU=wKgsONNdAytvJcs~P}dID9vk-}A^++%$TPyOBFJwy}^6*`W6i
zWXUp=t)5^}M-ephBr<R%9LVFLI&OcEuISo>H}C(mciMX;#Bl^W;<gefZfKJpK9~kq
zLfjlJ(HCP@C))rBTY-yoT<JZNtzA$=-|c13|2C?S`3C%29~`0}A{o%#Ib<kX9@oo>
z`7{Y{p_&h~c?Xk+8b?3wkqU1S7D?(r1>rI+%T;c&$(|1jD^^tUlj(ZH8B*O?_>ISg
zablY@ohY_fjGahH*rB%Ho@4TWNtyOlR|l{Pi`_iLDa>|6$|NPG%x3ZxR`$E9$cr@l
zx|Oa)<(@$E{&2o5wV^A_fQKXvT|ldR={XZ#GHmH(QYTz$el8=kd?QiAaX0;wsOlru
zd4n4Q5Zqz(%zt-PHL&^-Sj#k9@Js;r<JPepKBTL#A3(9N3MXdL2-i#uu!6UZX&5n&
zxtPBIi!wQ#eRRP3m}Sl0`cVeUtcFXEBr?)BeJOSkquj?rm`ofN@dDRN0fiN%b=5xn
z2VrC#8P2$I4I>0<#x5*~)ajfsJSkwAQ$j2x-UFK$Kx0P17)6HB{^JK-PO$SvaldL<
zQ?P^>=l2$tHT5Aiott!>6RCcBEHk}Jexk^<a{%mI_8^*P_#4Bw3UAFhK#LRuVz2MF
z&Pk71l-Z?Vu29~6c6~_UYsTBk#Tvt^<HHENyYB@l;I+jK$My490RY3}m~0#!t{>}j
zhE?>{#*rPfPN7;CoMCT41K@%xEpgmf3H89re6=Va30i{+7Yc<iS+|L<`$$=vHQ_{4
zQIQ~4yuG5JPr-tkLvpQnDZ&(cj+bcRZ#XAt?A}oZCnn-xb8)4KBAD+^XCNcLO-rAF
z_+gsW4I#8D`F};T%<2V9Z6((gHz0~s-omDR>XW%l*dqXW3u5CgwVCP|U`!;{T0sn?
zAnKMarlH`JcTr7&PJPQ=d1_*_C%H)(Ut}WXq#lqGfE!xE|H%`+Sa~#02$IZ=uRi1^
z@5qnx+6D;O!Q+i+&v9Y|1mx^4o0lH>?`_|_eg#E3Zj}pLN~m?I5~$vCb-;DadSae<
z)Le~A6Y-qyuk6+Bk)C9K;3ix&c0?DIU=WPHAoS^K46x%PYw(be>`~PD#XG+-0KRRI
zc_d;7vzksCT|7-Px(8+_KZIA?p*P}??l<qT-U3?IyVv%*qr46K<tUk55H+1HL{(NX
z+&4z=X(U?^g}K?cv4n>MHG9bY^HLrg!x<;#5J%+ffXTsgVjhIt+dL_ynC<K;=;+Wn
zO5f020?!mUAN@V<?ZO*mZ0O%HSrr7hz_0B$WFXpO8l*W#dv4&EpYZT_qxYFYlImGL
zwZZ!uIhnV1pW?34JrAdt=@pLU6|G*qU4Ng++|ukfD``pYaNC2T`docC?rg&XL&d~e
zhMKQ3m+^Tu_#xusgpuvy4Hp~!bNHw%qoc&d;K6~^T-ABy`etf3-p0Rx<%Q*x&i$4G
zsf^lNtSUcSH_=~~39vAwV|$P4xDuc-tcuWqu_8op2?Fw?P2LOYqPN19qK}3P9k#+=
zYN6}?l9OoFJtJ<?)_0t$lnU8Tp<?2vthu)Rg6N|_keE0M`3bjfP|u;SN6!hw<z+EY
zf2z!UggZcaUF>M|v+5&D?P6$m_G8Q`K+2YYwI`clk{#z(!$v|DqQb)YHH!0H1r73L
zw!eU?Y&w}-;|yk+$6s1hE1b)Q6LbxM(53M$n5X^qOw5|XJpkd(TtBnxG#X~M$UTKH
zKl7$y;L^f2TR#NXiZUyW)Lx^X=dwN=KabDifJRg*Ozq&moW87Qylqp5UCwI6N!rwW
zDwjwrU}<;bG<m7=388gQnxUpxjkNDHx2pf=(o%Tin?IooeXct=AJuQ0ka;7Qb?h=A
zK~f&7)|x-K=0G&-uZyGB%8x(Eo!x$`rG$JSQDH}=RPx~GTDCj*8mcnNUbvPiLFW$~
zaGqNlp!-a|(Shh$Flc*NB`KiXLqIUXYSq;tId9M5sVksC<3-yCw$(=To&A|-tiY{c
zt;oI7btV6kp;dRVv-9&(7ivI!P9G|n!`INs0aNL`zZhDGx)~B$Bwt38bDXcOs9N`Q
zr*da%lKb#wJk<J=$eEwxT4VLlj+JaZOm)5|Ofl^&0&p~>;`hXHz$L3p!|Yc7K8MP9
z0qDEGrtZVs?{(N3#=Thm_*k|#uTF(%RXW><)+HCNJTC|ZV0N&Ttry_}tlRK>idg)y
zB`^^k4lQP_1eB%=7i0@JEair<T|!)GEuaYw5(S12rvHSM!HctNR~&GSDPAx@AE7h`
zNzv2rW7d4ABswZoUT;*R!4Wi`5We-+B3-I6JO&<}M;@hp^-J5;a3;lemqG<<eav%@
zRoQ}_2@n4dpHpkom)e2q^A9I2(uk&`SfhW?-$7s&3y&&B%^!TW!jI(<shW1Tjh88n
zETs#d9O@<`A0$$;rUSit$M`Nv#bCr0Ut^I|^_6%+6O-44j!O!rXvQab-sNNL0yoK`
zqIY^pR(fP-I$MhPc>EXNaN;W4f6H0XQ70l$GfN^Q*=}NS@Lup|`^Z?HD|AwqM#<0E
zK1o_$69hGucN0^%bXT9cp^NZ12hjfbpyqv3aYm+7QxZQXp9_aOWt2J$`SL=?82BRI
zGv~0d9$JuKhiXJpKvEHG;LWrg048}(s4+tRBP00-eudD2Ledzp8ghjPuj?6s>;tX0
zrgc-3%?a-hJ??+_A#HSKp=1mjX4G%-$)8MDlE<dQRR0f^Vd0xSAGhI28uU~!iLog}
zmI73R0J;jhl@s@(KrGsT@v1kWT6|dIo~vL(ze%<OsRDiytB8`zT-o1zHl4Cm2a@}>
zv}O5P7Tn8u=6!UI3KXT)^h2iy?Q`$K2uxn|Hbt-4euDQ$rv+tes)9kN!sv;*3L;w_
za3=jXh3>(v;IFecDQ0G<B)sF7hY%MSAW?+esxnJ&$0xR5i_>VXu(Z`XBYm!)4Ke>9
zGxJ)}FnmL*3XcbVA+!=yi?Q+N02*ZY5G~dK$n4cgs%WSTKkK>{vdj54@wNXfq0d>U
zb)U%rM_|aU3!0VJ;&Sx8dAU-hiJXF~oWlR?6mfj}w9FIE)jyf>mK>J7qz!CFTVstu
zZIqQC3s%w;k)(4c`BuL2BfYFG842Ht=UB;CLmDl;65OW+p;ZN&EJVB4^T|cwVT|<>
zMzx18CfnE76ZnM&<ns@K<mmt|R7lutnVzn+n`!#+0!S$lnSdtoP11bG*FsUbYYurN
zqtD|*&=WqLJJFK?(fm>Zx^If2fFpXBOm}E!3tSF+SG&*x{>i-L`N{wmIeF}m6GP+e
zLe_TJ=D|m|;kSq!xBrW}w~UHo-P%RFae_NR8+W%rkj5>zhT!h*5*l}RNpK4gf;$Ns
z+}$m>1b4WdwbtJI`_6a&+%fJMXPo}mRn=8<zEj`oIiH#9)zw%UBL_K}U}?Xel<u2|
zNY^_YCl#?C{p{S??d{#LhT>oDW$-~)%zW3ac8?I}+wq7Qmmoz=_U8v(XtANI+jWP?
zp(+w;X_5{_DuQb=SiIeo2<7PA;n>&i{YN;<;r7;G!HvjG96l}wX4jLLe7m{0?`YTz
z?K?LO>`f*QV_xQY0!UM#K5Xgr)zG1dBYXlflF0G--0^^jyeeK*WUG7w6|Yz(dY!Yw
zUx=(+&6egSeeYFCk3RsQ=vK=k$wbUNy-W!7K-I4_X*x3g=aD^87O`$H!5@AV)d@;l
zhj?smYpIh~;zdc$U5+l^wen*tURuF(_@`3_tDE8w#}}-^al5js<^%NRh6QYLe8{<(
z4F`)#u`?ot-e{G6!#{V68Q&UP{<*%oTfG<J6g*^39Sj+=Vg(TnMAZ&bko|_cgwsu2
zL}pA_0%)3ru&A|GORxuY<oBmhTYu}U!Bh5pmDqzEe>a&q4DqW}-uR|VLe*_6%kzHW
zV{#Uc_8Su4%mS)Q>hXy{Swv|uzX(akAa*Ng5%D3_C@|8JR?Y+tW`%3c;QMKlRiNJQ
z?t512*GF*vjxaslNgTss!ZtVaGwuLcNFj|F8>|b<iuPf~UGHEmQ<))0N6HXA5azdI
zf5EIrd=txSa#PeakcP>G4Oj45EAs{%QclM&4(Pn4$+Ahhda=TM?Se*q&X`5P+vA}`
zFidc2T{5HZruj}x$Y{F?uaV>&B2;Rj*tyLFTUJcByQ0k-5lU)5NTRGZ?QBG0B$AzB
zf+r;y;}O8$<$kGiT3NLpv!Tt`<#B8=m&IPQfF<;QtPBg(|4UQ?KT5aX!)60IU1#PA
zWg)ngM_Rh1KMdmA)f9j()QJQ8fpAF0NEAE^JyJB%n((C25<-wYL>FpJQRbJ=<P4<`
zW=gu^iNTS)7$RIx8eg=2{K6%m)K>hB`bOdhP1&b)>}E6oZjx!nVvHLc>?NLL2enEN
zT59EAhKE$aa$sLlrKkDF@On8ods4p^hhF2p$-c2d`wUxH0H1^&i+e>8wT=L7kHPW*
z{SgG`ph*vOz>G|H!&)#7=wr?=Evkcut+Y)z`u&$K7TidzpD=hqX}55DOX2|sGw1A&
zqR8XqYwMF#4W+{7YY`pcH;-HNKt@KO!A{h3&&k?yCn6UL4ydBTWzUEas0tMTy+LVG
z1(}jx`14pu3>{ckMG=zDhvmJAJf3I>lWfZNG4uQMCrkl#Hv-?KAULF%9&$7~aM-&y
z&<R&n9`KWsFcm(Q-Y7AzEu7qX8lQb&T#;zNgY|>hxj`4$pqtF+1&JTfUJGOzFtMSF
zMacmHh@VsrvW+8VT@w*=4kv?1HIlDn-bm_xA68~YYGSYg_!h-3GAt1-l&a}|A<N!_
zymc%rfcNIytnt$?PiwGAE7adLVRpXpROAN21O;FhZHMB3j{5`xf%lP=2Aic62t%6S
z4F+)HqbpU)kE#Ok6N}bYVZSyBUmMDQ;Xi|uF*iVVtuvhLOvvx(r)&~UhxUAxUSaJ5
zB)M_SIAGN1lmv(Kt%>xA7Qx8lJ)u7q=3j1)uO01FV7AAv`imIYZfIcDLYL)PxV^}d
z0eK8bC*`QrX#%-lh`8atmcl(^;rdNHcr0jjNFpo0>~KH%Qct)*rlD>+>}-}hl0JOn
z)0VqvX=vyVC&^~D-nQy-UlUKH?Ada{Wyoa%Xq|`H$5M}tV%q)ca|ilQXk!ny95Fcz
zogSlZmAay4nU$M(mvBF8L+EV0Q>wc3Luy#KVCq{q`vxKyI#gU5Fb)|^+K7O>{>G5Y
zc1KY*AO$_Z1;w)>Ya>oVk$=S!rf`6kS1#<wzM%y2cnmFr`%=B_^`Vlj=z2XyZ<Wb)
z#$LPe+Ptk$@%01$Gf`9p`7NQwW_czG7Bi+`1|(Ph;F|=EB9vTrXyYKjO)`(oX_{UR
zLN6F1YaHeLnyHUh^9^&Di7D`d>Iec3h%`mQHo<hNBP>Ua;7>d$EMu!fnis=?_SO8I
zC%l8^38HJrPG}Ft4}JZOJ@T-~n8ozWb5S7MwykS8q~HtUgv9lylIXeuI3&W-^BqKD
z>w;}2Z8%^UfDUXqSfi2N_4OXbQt<W{At(x@K23?F9tf2HsTe*r_#-6n^o@6E($%Yh
z*+H@@<p3yb558$9>&>%9nL$HcK_mh;Xfq}loeqqc2|LWWx+W{(-AlrNOO1@leq;QR
z^WA_O9*35HsT{KM2BV{dm3R~g+}Av3@RHg>#z<GLUMH6J(_gh-C@D0$woqWP5rFkt
zZ6sy)KoV0itBR0b5t67;ufJLR_H%|(6o@1riW+Uj5wByoBZ5AJ4I;I6><r8#axa6E
zQRK@6Sp6{uNlaJvK<{nKh(jUc10l_%POOv8y~;2ar;gIB3jbS})Gzv;bC*{6;<@8m
zJW#I#^27#ug#9ZBGz|0D{_S@5B6I&O7n#ZUl-$O+p-IyCLP4p}1!GFMJLLFSIdtU>
z*bB)jf&)t<dz!y&VV-hbI4SO5k={I?Tgp`WE(h=!sQl4O?Z~bVc|2VyjZA)qbH1Er
zbvMk#XKTi}ASX)}8MEP{VI<<gTPKX0(jF&-4QIIiH_DxU3N<Uj+D~N6?e~yQj;s-y
zuSoUrL00_7c_&K!obw-i*l}8+*3y}ekslYFw-JJj=^cA94urdut;Bqv@BY=G_Pu<n
zDd`k8Mx#PYj@|gKzeAqZzPQGBvUA2_#^j%v4%Dveec5K;WUGon-#uCEJ8xx63;k=Y
zhTTYw<k+__d3|^2pt$>bTwHeV-!agE7l`x`mOhN*HR+ePjpE73H%xk#t)x5QYe_%g
z8@>qwY1?Xhv9blRpeECTKfbn=j$jUoc>^9YTvNv}zcFHyuf831FmxT7*s)a5Nd@dH
z2cdimF1&G0Q2R97g6`@EjTi`)<FxVAq@=1}UP<MX0YoyrV)~=*Bl*%7PZ9Q!e>-3B
zXl6SRUOX70zi<5EP}o3Svk4huV3qg={tZ_+C3yN6FR!Yd4~-y}{ham0he!x}OkEv?
z`BG4$2r0poT@Vkm6A5Fs_Or{@59#Lo*$?%eT53xlKEf0hU_-8?6~R}CXbLSfp&m9+
zffjf4P}V)XBQl1Wz7KbSP-aF<5?0qUvN3rqST@Yq`!o&Pw?U;tl!Z6ntjsI6;#78Y
zNs6?4J=nn~aC%3|w}_PaQA8jK8`R3QD>FCv^eu1G{K|NimxKJ%jrc*-?NIWq>aGw*
zOGH{rnt908+gc-H`9`J{9s~8t^hr-tjpJ0u_P06WIIxCP(-Zm&NcFjY344*{QtGJB
z*{>0g2E2d`Z6hB&1MERfw6i0x`{UZU_dp_=C0xLjyG_sQ?$G=#Go)<1<9Rs9<doZ|
zxahFbO+~zmKCv*I+{=r@6BXh->-HAEcVs_{6A}R|jakF)D;JR(5nl_^Cu6QV_|40e
z6(OM2kpimmlm_N}?mDc4-FEjSX(%yMN9pu7><lS$&0<28GUV}O$wU@jZgmbb?0XW|
zOA3j*_TQ{ed5C!goI(O7;pjhXHb^|0F6)-@iIE<!m{6&!puU>?{+1FLs9Zbtwkk7~
z7L08jT<j$@o7t8Ym3>e*>y~?1-cQR53gZQS+B-0$J^<F#JI0WuEg5#Q+g#rw!*lH_
zI4s$JKa%_2W$v|Ccz=<0{B72$1Zy~T+U%2?e7;TUsdEoJ916VBF=jgmG)Ke0>=dz#
z5N;-r=lmzxi#3FFP#(z(SObcX<AY0-Q<N`yBWmb<!FkZ+f`n=a2c)4;!>0&2C`fcB
zA<l4*-Qo$6K=I^D_>*H8L30eF^Z(+8`;ek9VDOt#joIPvF;RWgVUjDa44wnEpGujN
zU~ij`&iBLKK-~fH88%M&>!*l;F?5rY$4T7Z?-Pln<14$g*1pFURm~QX5e#;lZqTlq
z*1^YZAhEHSbr#K>kl0Ni-FoPoSX!UUgWvY#7c{K*k|8BLtF4y!@OQ%IDp`j#CF6yG
zWM$1i(**sR@PRq0#o#T<bD?Ti;RC~!;;ZB4SRO_2;R`qxtWaMc;okBDNL0)P;NEI_
zf2i-8s3{kSWEi<fS=q4+G>YgC(&sWUeJ{aq3IFYxpc^+tTNfh*Q8(|iW`7VlfQVys
z^T2W~G3-<>z+jkVyZNcAgv@{w7J!<idl-EoNuZpECwBl4li+}2;lc`;a*tPPs5=!j
z5?wQa!-y;;bx#Ofa{9}ZZ1jR;?s^Q#Bzdbhwm~?ALC=6csUp7dgeQiR@ah|*_K)8o
zwK9;E!c;l@C&h!a>xoT7PyQ-vd`JG?5TsOML3r4iOg4Dk#4hZVemlU29jt$x_a&Z@
z!K4Z-q;uy3@Q>9a?oxx(*K6T5ioWR*Qo-7mStqu~l))jPm*gh`QfX#XC%Q<m_Sa=p
z3@ov>g_A=5<G|lYm99+ceRw?c{jO=THdI{TQX*vWqGbA|x2UWW4F&P(U0O-s)McaV
zQd-11#~QQ4?;JcWMtk2=#^vz(HyCoE*X1EsqL(O|v90W_qtC~Da|9KSzx$`Om>+gS
z7W%$a#9Na`zRJsfIQFQW6Z$27KDe7bZy&KagI&zmp4c*UnW&(ZF8A6u_H5C!D$Ss)
zU}s2oqBhK1*Uh2PzsgzSYiARjZwuTW?eE<I{d9n<DnrjYD&6G>)%>-pJnxO~Ozr7f
zOv<~pF0HwH0TbLN>1z<Kn)<}d?Wj8zJ~nh$x7P<uYHph{Ijy^fiO{Z6;s<Kx<^plQ
z?W@h1SEY}+T^5^qHV>USUwYf{urm`*)GJbGEV+tn4c3IK?xA2lt=+dxog5=Oet%7_
zrqF2c>#AH`@oTOne5f}&M<K=E`-jfA8q)QjN{2sZWe^bxK53%ElF{q6;=igP&C%NR
z!87La)zV#S>A|6l44B@lfkoo+RD2<jCi7aA=bDHbzW7UP;B~-gBYt8H0+nuPl$|dr
zt1E2Nrd-7F;#uGZ{2CYm!U%7G_GQD6X0uby5GlWB9vnjB^z_P27GF-7-v;GELz;O@
zQ0qG4sB59Qk->~^xFLxk&^a8s(f=!2jHg<0Bb#WZmaS+@vx5z=u4zbl0ED(3f3|=L
z)8BPDQIo63XZGVn*bUL2X%caN_G5l%$^6C_DW`pp_D7AnaFp)x?v1h;b<#g5jTZ({
z<qO;XcU>|z=E(QCzjUNNBs$R~K4T%;Cz2)VtmB`Wi6JGu`!!aU(zrO{oAU5<b-u|(
z{MpFVXub7>--iq%j(M=PuDsT#MIaznR?CA<Pk|;_0x>oVt3&s!WMC($B3{xkk=mv5
ztT{9Egd|d+*s2<~7b~3)zlG$d+n7pPwSMc{5xij*MOA1}SI2^U7EhH-M)-9?^0~Ie
zulnPA=w_SOK3kXcoTa5_9!*~*X*VCCn~TU8GQ{(;jTyyC)E?_uSsmxWFa(nC2~Jma
zEFG{#gZIsJ)3cu#Mu4tAZF^BHF0xeNXH$V~hRW4w-GLUBZz7O~<mu>U%ua261f(CQ
zut$j`se|&SL)*L|TUgTU9f5uk`3QM}f+6L}ZsTRS)Hsm|x(W?^p%OHjI}Zf}(Xozo
zNNR)AVJu?H7S34zPIl|uq6yX5+7VRO-~>ZMhOW`$0rf1)Hfz^`lZV^WSgAZ3;D_0|
zVVs()4ipgwkqjy^OIf`v+o!H=gM1-t+R~V*7)xQD&Q+Z;%EcxZE=kP4_AJLFR5kV1
zKETFronxPv3}h#47MUz>;4H_#o=@v5dw)t6=&C73)!_ryh&&E|ywK+BeL18KPMyAj
z3{P4S9;<MPmb-bBaO(V6)fuN;Y;@t$`1gJ9)5_EIIZN<LZm@S26%Lp1Ti;37tbn~&
z%H4v^>iZ6-Wq}QYYvpe|^OgEzRZ(KM^LgC-JTBI_-v#1XWKBisl(fE0nSi;T4aA@5
z_>@%^_y&<aKf`jDaKiuA!dv|ur?tGSv)qBk2PbP(H?@wbrb?Jtb`d>)ZlH{c*=7*r
z^K$Nz*p48$F^nus;d6$_r$M6j=rWPn(sA|sFwsBix-_G!ct|=a93PA_{{clu;=$d%
z_|=~mRpy&7_*4SLZgry%CE=xW;V+R^q@<*>&|=}9<dfw`^1rux98%B&e?E_6m~Z(i
zWB(#AoP+Z3&!&Iqe6y8X4?h@dL?Rl?zt-WW1QHw=6(FgsVuXTx+2096Y0x#MHL&eL
zx{Q~>4FvSj^Bvnlpp%sVKcMKJP{>bND10bk!E#+Kkn&GGjY)ErJ1>|T3JGcmg#?Ad
zi&8@?Yob-`7Z(5tf6zlY1{I)?p^4BM8+NH?D=6mZAE42HZrT!$HTH7Das2pW?)0ho
zDQn$ucU9jka`O%31?&6P+pKpsM2*Ynzp$H=1PL>GvV*sYlH|Yc2O~90;P%xg%iDYX
z1{F#adSYQnc!7RJeD8FqTqB!uH1Df4Cte%tes42-)IRrIS@L9;!y_Rf`xB7t3N0lc
z!5dJ@1TrUS&NlrJ1s9*bbi9ME)_*-q1c#dHKRTmYR(I}z_Xf5<+IGMUx_s6Ys9;%W
zo5l1y7IFwLY|~vMbPl=q@XuLYT4<#@e%C*@pFRg#0wCS~1wUr>|Jw;XS#j2^W0l>3
z4j<kR$*=gz(#Z5i`f81qi|Q(QA0(xv_tjL4wdA|QJZx{>?<{h5zP^*cp^u#0e3gfF
zIB)r;YMJ4-__w>~Pa>6-#Z(y2x!GcudEjC-)0?%XD52dxoEZkk#Mu{<5g{U$B(f<c
zJvYU;rehkO!kYHQ;6H6509fU7Ck#v;E$WzTD@4cp5p_dH&kh5YRo3nM$i->`>nS0X
z_J{TB45uFo{165!l>(0~N5UNcA%h~9;I|^9<Q<xfQfy)SBy85Rq;PyY3xZp@&P+Fe
z0;$1o*W)tHT(CckMUvbekBvsnJmaLoKR~oQ&c8c$)XJGMK@jC_$F*I(NDfrfD&d&O
zEy%6s^v12HuN<S4FrW*?vW28>ZXjcGQ+>RtU+(ijAo3`senlBkn;}5{3JVJh3K5>W
z4Q<1){wj0ef@oO$9sortG=C7SlMna9M-w<k+G(oZOT#CAZMn5G!4H>_U@Rs;e^|Af
zZ7a>Zr8a4zz86eXWUGI8yHt&9^l7~368)0bILHi;+n8Tb5HrzHJz2r}3qKfpS+QsK
zFsyoGZ$F&nOY=KU*lLE%gJsMf=TjrvaNkB5dy(PNHfUSO#HlerP8iy;vJ+X@u@4ZK
zBN2g7N6ZCM(34!ODe8KRmH_2xJn#39MfrL@A3yc~@O*T4wImTcG(f0KtSM7g;#&>S
zp)E)Q3;83XaC@5<08F{w|K!8-%3&A|UIgw%5HgJ%s5&9b1AWsy&(Px!%S|+6(D6`q
z-7F<4%`(f1gax$Uz!^q;*VHaP_QPBx@DaDuh{7!%tB~2pd-Q;6^ko(yBry)!l+#RE
zHbe@)6V)=U0dPjyoCC!L^iq7C@6?0KRWoKVYY!f-l^iVY7S=<;If98Fh&qA{hOu!J
z?Xf<|0a`w|?jFO($loEkQl?lR3IKj-N{CMxx1fT%7q<vFt9;GyA;s2ntgb~4m1a6$
zYKv*w#s;HNftIo1sD~y4RX1Yq$j+W96&f>^d6vxpl=)RhEAlqe%D9NXF`R~+1acYb
z0~<I|Wr_+&*Lo$f$luheU{y!r8C(G)3vMk{qVm^UBLguC@wJ5UTa;CL2<XEj?T-|7
z=|93Ljmqv~XK+tp$qGEZ;EycJ3h*^Y#fuCy10j(VfL?NI2uLn(H=K6>Z<t??5^%P7
z*U}JXNop`4FREAu=uv1Lu9%^j0@RhOW%Bf0%7vgGI*RnOkc_@s)@ugJG<xXBa)z<p
z+``7&Tcx0ak84;y@V>cAKm(K5hmsbD3aQE#w%cvKOj$g;4tRU*lT$A^XF>6cA^yPt
zT>nyFAbrSZs$zU5JtBEHQ0q0jf0fpGg#^I*T!(+n`dGBhr^c*p!V0BhB%9xbp_;bD
zjUIzVF@+Rz?X(odPXXKusg^^`g{ddu6sHF4f4vmie}~TX4vnF`mxh>c-(g{ER`D^Y
zP(!>*_~^$9`JcxI{{2|X5X9V()sjSD|5r2&a7$fz$|tzIUs0{06|`3Nv;Hh>0ILcH
zF2H_5=_IgJ<#d~#4Un-*t#8LJE{ED9YjsA440bMfml^=<Z&uuNF8RaJzgLq32`pva
zr&$Z-=(y?;K&|)q6VP)n@<KUBd<yD<RlX$!@&49CG>-Z6E4hEkAVm<yW9-|w^!iR1
zB8ch5nO)Mhaq3`*MxOzrHU0`Qm-k#LXhq*1;Os4h4SCfeTSfyY`&FehP~n!pDZPFK
z!b98)f5(aloxF@E28a}y28bq$jbXWG2A$*qxIbhf$}0t~e~0ZM4o1lR>MAgTRw7Or
z{csawG(`I@ecV=f;B8RhTQo4kWHXF_E#S*r>U!}`=<*uDQ?_u*W6Np-GFcy5pi`$Q
zEDD=lcGZX>a8(~(v%ho44$hLuf`N(mk549J(1(Kq0F*i4a&N`aFrm9Jl7#n6H@rvO
z^Y<;PwKC^nQ^#2dO9;7|qvAEFXy8$+j7G4$q5H*YZH_D#d&F%?GqL8)(~-mEkE8|h
zBg^|QbM{jM6=Uvd%7DbHx64gkpY57+@;6|WJG0z2@b8K{PsTw77aE73a=6-pfZf|U
z2ya1vJH&`M|Ieny`WYTZhQ9}xVWBHR75a~|rQA?X$GvU2M9b0faVe>_5mGsmEG3_^
zYHaR9Ac-JgiNkp~Rh0ouDlEWM0-d$+Mr>w(6x4Mqbu{Ra<3e6h^A45E_WlOSP|mFK
zpFGGMM=9g*HI<1<!78r=#oXb%S7a3J?rC>gl)K<1Ie>u~Hwbc#wwyaNeg5LJ%sI@4
z3Z*5Q5Jvei4*@A3_hYQ1a6)EYKwiSMn4kI)zL)c|rHs{myp~_2@SW86MtK9kU<G9n
zjy7LK5yeu>ve+4XZf^t2TgNvb0N!Pg{pm__wR4*&7^)I7b&v6WuIP!o`OD>2iQhl#
zuCp&ZWv($}>{$UOi-aw9p?0UXG{tSd{ohDPVK@405m9<7pGAx9GGI4LO8Q%$%6px)
zx??NUti>uxWyl_<wJkqPbMe%T0chFC;H>yaIrkN9`CC$#knYA)Ja>zx4S@4$rRSvS
z*rIm%S*_<I87Tjvug*+%*T9DERQ#pv^{V>foa+}mj}hJlaO}^P_!PG6s~Rr(MgF*f
zv*J=#`7~(#tvH<-M$wqo&oJWR=cUONmAjY^+>)v7t2GI$d@n*Wv=<qLchkq4_g(nv
zFi@*e2LS1xm0{r~<kFRSuD1GK50zErSO#Zi^)EHl3##OBQyeK#W4oKsanMn)!D-YF
zED}w{PXc<*U9gE`emS<b#gd$uwIOR|r3p2XQm5H0Weyp@V<df1*yg)$K_R8Ku&<e~
z=p<HwK8i8mAJvJ;bP48r;ekpJ?54XMZS==?L65<~U_uY6&-9KEh7y6oCrkOI`>7nK
z(Eiu!Bz6v)UC4i%lR!_DrbcCPpz?q*X|kcCvH`h+>zlMEP<B+h_@SM;fG?=5_M7Pc
z?eq@D|0q&#{J(Yf_<v@kBmEDi5dUwlyw8O?KtO=@%WR*rDGJ3$^fz0}6;pr-Q)q(E
zH98`IhN-{{1Ni^%Aasno05Y5?$xm|Qrirff(vcL)(orcK%AHr(CY?E5;}@*Sf}v*-
zzW8P-K{VO#quM{wtSNZ}Zx=UZ9G&(%8oycA{)vvMY7E_<KybP@`UKn|@slDJ5)=OI
zL~%dMJIxj+YM6&+GUiR{SwZhO=!ayL&Ltjzw~~OGI8sm{o-kG9oX*X=9GaR<O};PE
z{K~Cy4>c277ONL*n-`}iGw>z|2hs5UKCUc$gItp19{~+W;OlDG;N&g~iRwx59Il8`
zA%I>f*Fi-3EAUc_vtPi+79?;$@qw>QsHF%14JO|22tZM^{<^yKGQ1_;auIesOJJs6
z21hhh=p`R^7450T5Curzw3TfXOA&YtI}QRY{9)+TCoCJGuaSJli?GUe+<@Z)XZzIH
z%8T@Yd`c=nh`<m%z)Q)Q^%yai3J&xz4-}IN;M$a1QpdoS{Q$83QuYc<4QQ#AcJX!e
z9W%#!byK)p!<&P)aKF{0Z21S^9ulx$7`jlZ^U>OepS|8=wBDkXvH*Ba%jhVL83A5y
zJS8Xc)jg&v30ROop|YfIa%9i{_B5Scput36-HXd~&Po{$hg}^asQIggL)!U>I^g_(
z(;J5CuV*?&B^(HbJ#ImBwK{T0EG85c@vX^<=AVh*JzZi(6d6m|*dM++ic_OthR|$x
z@rFpA;xm}7g3QRa`jwI`nmIUNYuUdEQ_p2*-F?9Uw!RFrN?-WAPZw@O4EJJgAT(uh
zkcdh0s4=GPK(vLhhcd_&n?W*LXmtV<RHym65%$QUzZ<?N+0eeQG?I6-zhK!yiZM=s
z#$-_}q2WbG-mP`JLrT8lz8G~tm|}B?^?!c&BEys9Rm_Dt6^b@~xgi7|HmUB#EIWGs
zAw}<S)T5U!O87I+E>aPd4+*CHaaRjEE2P7nFx?oy=W6`(j9E<Uqg_wFkJiFaqIRkF
z=Zgsy84I$U?A_1hY!R`c`0%he^GZYl0~M2W0*c|rw_k*pL5_$ktY#4CJjE@N{mI@-
zV>((WYMgS>Pb9tK<3(N$v!L?+H|%>0F44yv)y7}Z`c{*gviyZ%+(}}}3i*@HoI;I0
zQbV~z|C>7mr2d=sku%m@dGB9o3r(&W`uv12o;oZ>qE-&bDJIS~&Sv8X{c@8Svkses
z@j%X4x;;m;t8JshA>w@%dcxg80YbcZj%kWXjUCFCt5-Vm(eG)QSVcYh=JpYX9=*?5
zK0Mc!(?EH_t{;+{P}<yAcHh1}m>y%~hQ&~3)nw<9x-$A$?8Vx{-?Bi&#lj#l!dyOz
z{RyF;m2!SQ6$NaApF=_GUmhFv;B9l0OoivIFx9e%T}43ZAjf+w8m?4B84(hxMsBBA
z>8p2e1&75HbF-<n)mASl%ik<V6tPxJ6M@X{$;uX-ym1y(Y#2X>&ynQgAOc+kqW`i8
z^j`#IOVdwl?j}nmp3se!;s~p-RS5GV8smAOSn$8DBByhK&b|xVjeC6p{j{e|#@QQE
zikff5B(*3x5=6Owy~1NpjYZ0$tE!`(n83`R93%Nq9c-E;uwS8iL}QGBD0P{jWlszL
z!Gty0>F4JXJIK52ycia_I`gyFC_YjR_DnXa1Ol^`nX~Yv*cb2_OYB`}zi#(n!VKxv
zPT$8@yPH_l40Ni$gefB^(LzgoQm{)<<H(yl2u;^$%$?VcZ_<uzj0tzj4Pm+cJTWjY
zv~4-S^~O_9n<O(k5yo1JSDzkO@pu(nYSmV-c)`}S8KFS$lvia80{umUl7K#0##=8Y
zu?iF|!(5H@40Zlj@TE^(%9Q$UP-a{s163~Y4I!4FGT*~TOF(gnybLAC<9G7o{cRyf
zA?k0Uuw&jomhY-*?_iTxUyoNyP1Ui!gZYeiMrqBe`b%RPw-Qs3$Huin@69w~qPW|G
zVW?jNm4>-?1Qp;`C^&t<uaTS>6nf|M4VWqLx3TX1Jl}VqYH2i~qX?Grvv|M`^2hKf
z>^f<m1K2^0OtN7<9R}DH9*7mG6FkKRuVv^Mh&905`~!U4Xn^?)Nt`BED4{2;R~Ivr
zJDeV3G_)7!Yjp)v-9xzPo}UoH`!R7>iE3|)EYOJ$noPf6p<z~{{J<8^;XWo<FkkhV
zR;!izxo9r!54wXVZgz3AQ6uP*D=7vB!d<U@w1p7v{Om-qJorrp+Nqw;&mkc&PIuEY
zK%MiL6?0$DO2J$(F9c=|p<_=NGrau`k~-gOM?fM--j=`AtjX#hkC%`VC(gwtPgM9r
z**97xl9@2NfCn^8AuJaPZu4pvi+A@3;j<wD6a^!b@7+~cRv%A>+lpu-V>M`~iGtG&
zO-JCZsgu=zKnV$b4NsiA-|YiQ|7jfcQM0M75BF-UtNUsN*}7nJ&(`m1fb<RXlUmF3
zD_B!;lnX(TuLC8K=LdC9BB2{JO_ttCpi7c5DpRSwRRiAlnxC@F7HBy#y?M*obw$;<
zD1XsJxfZZOF%kDHEmdR>2|ntSeAKKSHm(1DyVt|v=ZWpoJO>~(oJ+vjftOobXI3ni
z7n<^1)Dq?Y^6m2c(Azf826FF4@jG5JOuX<p-LS3O24&N?F;r7hR(UD#?wKc$`AbB;
zi3WRa%r1L0Mw2MJNeJe8yKmzpve?Z9&#R^}02WvC>9q-L54#9DFIX+?2EY*~F$XXr
zfN7gSL_B<p@#Xql>4M<dY%vwjVH1{*)DH4P)lTF^Fpyvmoug(^G(|&8b|)3l$jX=x
zRHV_>S^tbhnr8L(7v6xIYeiHr7Z0@x)K;;PD}O54|2DrqggT}EXt`5c+)_F638+|_
zpSA@?KOxZnAT}6=JDT~;+<?Cq1FJc0dkg5^(T80Pf}P|7*Rg_0IYn^Ex6Rl<D9pc4
z$6SMjYozIH>Bbz18KDgJLMHV55zN_scRR~I?TQH3h40)Q?l!R=(96I|jG1P?dq&6X
zesrA&D3Gqg_6TCLz)FZnY|dajV$66bli|-yu;{>eYc#$$=pzDsSa<~BnKQFTs4{+9
zuWM<M-yk(qJtcLmn@f+tMp|fGWcXRO*r{)iCaca}M;~95rzTR)<>nI)OBZ|Ct+rO`
zSOWA`nfeGhx*j#In;;ABR0ext;CEhJkp~>k!LL&+X*d3!TgN1Zo=UuJ8?N-uX-0W}
z{spRicsK*t+GZS7by1^NqUh-Tp3t<1D7F@8OlXe#uSglu034);h0~Do_e1<;L<!+h
z_l>dc59%&SKq$3j`8J$~D=xStgxzJ;=3*G(!I&~4#_v@E984AxNnLBN@}<%EM5jE#
zW<{S#2Fs13BXCul*}2D{f=l)Ad)lJ=gbSQnMaZjtF#heVp{j>yMs-!EJN1w__oH6A
z#23v0-?SLD#sjm%zTEF}g0Nr@YkKI~O9q1w!q9?Rt4@vp-zi3|+H+VT#q$6TRIXRN
z;HkeA${*gc0w@sJ3GC`Sy?1}m>-Z`%3Sjv_suMMe&8pGDyNq3%XEbBk6V`I92y5Cx
z14YLfop|-CH<FNyiYQS+T0C41To<bNR1r9w&$C*R;OBWzV07~uB+aw=jmL~nFv{i1
zZd}QYgpQDUJ=X>j>IVGu`D)qMd-z9lZ&aZCjBel!w^RO}Hpd6;O4!-kt|R<k*g1C<
z0(6enpADh9KTHo*4e~##k@#W{UkdSul~SMUN53t|oT7&{t&cK(WRP30Uu_8x9ff@Z
zMlQ30(4$TQ$_829xX56WqERpcPYd(Z=*nGphA#*2y-dkJ>%3XBfb1CNKmfuoWv#LM
zV-itjOP!vJ2&D!Dv;j2WY``8;5NiCd#@1%jeLPdhw6@jk@x<De@X-lhP349e@{bDj
z8dNx_(>9WVy2ATEt}rj!00^@*X|P5^il?K(hCKYX1^Fi-XuRR=DdT9?Xg+-^-usQ*
zQE#)1O(nE=tL6p*0iPURaMMZ1qLO$bHd-JrSQ<DkP+u$8{}?E&oC)-Ug#+f0SUw`{
z_&VaxRb5|W)B<|VSp+yUtp3P6ys(?VuJvOHJM-L?n8looeykq@0$pTmJ=4)$_3V>;
z^Bl?o2uy&D9)gD1&0g@YxF{pl0dKGQLRj^FjZ|gHvCSoqf!qorLlO{S8q{lKUj8b_
z=|)+6)dBL^oXrM#90AEkvh<1jFE^2xD)+|&<`qPNqfcScEvQhH`JiD`V3R3wUV>;k
zO_bV$2&ALcI)UfJltTE^?m!;m8aF*%U;+=aeU<)0iaG#BPv$)bFBr8uI`E%Nk?Qpw
zX|4ryxbbV1axzhkrMxX!<{@$uNbEgA|22*I*%B@doAO}ZiRdgeA7beyF@xOGOiUzO
zz6R-(xN9P3nB3pi;N=!kkG}^pmI%@!OGd2lWFp$ZPFJBMxW1_r5}08w-Ts89B&jGQ
zpc#FLK@7rj?=jwLCGJKDH%eE5M%;hW<2|~t;~7$ky{92pKWV|=Fh5&!;<*S+P{(zb
z0G*BUfcYQs*fr0?fOc8_MZlGOegVS-C%8`WxB{E==MBdy;C+-6f{bmEobfABLEVNq
zUhq>3z`7rX8_SQ=%Vh-*B%t|@6?uH#VLL`+OYF}Q_!9ifYecbl2k1?eS#ISKyj)iS
z+LJ=uy&k9QVYmkY$20>frRgs<9>Q<GaEjvkhlhs3QzR@5W7B<g?538ALBZMT5<%Ho
zt&EUggA~OX?L_Rn?`R(V1?H&>>0VaCIrQMunmAFD<S3)!HeKAVz`cVfFXYPsiZxZD
zVbbk;b4PN3vq$^h*Y`ih@awz=`PQYXP{9`VIq-bh7s~F;%LBH2Ee`;`lB1krIyswu
zM2#2HG|Y+Cf8L`D@9p(5hCrvqTZ99>eNEBg9SwYYf15Mwqt~Li6ip{)lV+x)<u><p
zencjDeyc*Wxuy+Uw=kj*D5K%jWs;9v{pEsE!~k~NWcy_Mis}&lV%r?HN4AA5#uyc|
zq}EB3h11^xy%ng#X8@bbyo2Yiizn_^QiY6T3C@>wFIfh59l~r=)BtSu`XjRzwCvw@
zTK}%)0bgqayU1paDk=v%F$r7ti9ou$bO<t-!Ni!bm$&^yppA~(ND8ixV=-sbBgwpT
zNsoTY`WZsy{JpSqY93aKOIaXW4o{Odr%+9_nu;6q-_v#od+~8ujs1!@|ARaeD0%s3
z4iyOf9mO$K#_NThhcZF)&IuOeIJM&91h7sT>(L3{f)BX3Z>oz_ZHp}8@IXgB8t#fb
ziX?YL1{#wLryd;OKoGYC>i8Cw4J7zslPPq%&EJmBLE=7B@O;I#$jYCuvN`djl3ntx
z;A8Fj{2<^CS>X2v$A-hn6ltR(18NVFj$Qyi)rCsc2?i=A)qj;}TQ&{Sq^8R__YxO>
z_3PZA_S2p6bnH*neUUwIzA+IQd6g|k*wU8?I!%1*i3deE(z0%u8;=-y8T39C!NBWU
zctK^Pmi~$FY`aWNGEUaX;XrJ-4TK(mkZ=uxOcPtj=3Z9X>CGYj+k%nIB!_$&<V(Kv
zs&AS``!5+V`jdkI{+w^>@T26o-E~d5!*k}!ml;WIK(X?D4c0rayG|O%3Thv2w|p6w
z;X~Wc8vVNTzXSW)dr7p=;td$dvVa1eC4@n5ZSl0u<fm-Eq_TBmb)k;z<-c=WhE(?<
zClTdbg?g+f^L{Z5{v?WR7MJo(Lj4Lppr?)YQW#18(H90iWL%$y)TbLTA=g0uF%Tq3
zV+<i9eGf~$Okm&?eMXIWbE=iNXf}aUt3q-x`BwOAA?%Q<&58RNCEXMYDrP7hsTsNA
zR|%O10c$>~loLMs#W5)a%Q%&h=cWP&KJY)pxBf-Ea~POtE^mgU9-;qmM|}6Fegts0
z(=3I15LmVOIuf^q<2-+J;|Y#2J@2(1U~4?!n=%_KZ`=U;{7-3b;k4}}+CefViXR^l
zES#&CSYN;$aa89W=$8APkrVs-rxY{)lY#2>=rMW?0!5<a``V&2frCUTJ9B+eoW1k7
ziJ!jcN=Aw92$s5cdA=d~mBaDR*a~9-uEX_9R;yvna~6F5-J!kmvV@I9Ak9RfOaYZ?
zz?ndn1s*4#|5_MndSe!>)z@Yi=7<?S6FVNTbtT(y<S7Oyx_q<4i))ulDzsNx`sMk3
zsbQ$Os|xMnyJJ<8Dy`Fm^^d7j%{*~j7Ldf;h?<{rzp)P<95eJ1QxBEGnsBz^Ladl0
z1&rAU{7Lm)GPqPJQ~qC=DkNgwa;}mhZXjE1A9~v=VY4ZX+C4o{_!6<<5qf~)@nwk!
z#KTE6`t6zMb6SsOO7UKIWX%1o(9RnMJ=-2a&}3i1KDp;Xm*UGfV1dSILR}IIw&%b$
zTZ7W&T4<cT(MlzY-!ii^IvvBJsuBUoT&}9%JMg<0;fLM~)|=~)vTn3(R#WtA6cr=#
z%sF^=3}K=Tf=D4=0-~v}v=6?O1K0Ha?VLDJU31R;Rr)xls?KhKBN2|psi5CVexC(<
z=ffVw%7$1dF)a60=+P7_9wf;1ADuh9bdBgZiL=f@*|hmKAS{()Hs+{ssDWF#I=)`&
zaNmnMwM8*;j5huy{r5_YW;#d%GTgSR-!~sGpK%@UbY8H5P^Bv+H?T2M^Gg>`!Fw`_
zvh*$hSR=n#z#*xDidj%=q*?Z^o!lPQ_hjBa)*BWVmx`ozPQri-{HiFU=re%@`wiL`
z&-CvHo^lMQ$>TU$m`?rI4w-++5sS9P&}G>n(u%4k3d8EML(dwM@r(0od#!mv=V6Hj
zlOhS^K@R7&FhVEAVtJLUQgyaYtnW*)C4_z7lOJUWiUcG%IYcT=uYcpfZ7e_??cU#x
z_6yL$j!G6!Ti-vi-9QA)3i`SPbzpgFg{H66&GoBrCKWbeD3eI(;48@&hnnqQK<ZM^
z_w@{4Mga?MyklSV%r_gd3RVI9GtEZ`mNuU<t2VprT<0XCo`Ey?c+2D2tPrcCyEB}j
zo!^;}>9mm%DdQ7v6{PB{QtyUn=dZb!(Rp<)RQ@4r;J=WCjABQjo_pXZkW)y5?1pCY
zK=L!e-U70m@RidEw|BC0WCp%s8kGH>K|5X5HONoF%cpe#P@Q-*p)HYt5I(UWSe~lr
zyX1_XY5r|0*)%~LE&f%VB%whsnX1F(Ts`sJYg+SAb2s1-XErAXo775H^E~vm=H>BM
z*a&0eB9eM!dq*cw)pP&?PrIh9IWmcX3gwKPIl2fm6#RCD#!}b6W9dw|U4FoVYd{LE
zZ8oc&M%W_t!k56>1!T7mM4(^S^#j;}qIOiX-BJ~1Y}&t7aWkFUZYH64ZzIRh_eK#>
zeUyXT;0i_Ia?qFlcYSudxmFDb?J_JDka##bPFwZf`mgqvv5=V3e0V6aJ8nQhWxO2T
zR$nTQrKIXOKHe8`sGiT5T0bn$mMXI4@qV$M<qPjh7jmMdPq3!p3d<n`iFyh^V}Zcm
zvA{Ys%gV4}7Ic!R*~fGL_DXmv7}>65r=@3t;UrSt${xb_J(P|~W2mVd`A{40jhe!3
zkCgd!$V7lw(m8HICN~e53>A|uBF?;%5Tr?$qp|L5+12+D!r!3m!1lQ|vg$SH7Y3@!
zFP=){iW$V+M9eCKRR#uH^DrpoN1PX)Dj+I+MlCEN9sojh(Pc$-W(9V)GXL5d`FnKa
z<xk%8^;(I1Om7*JWlYPq4>tZJ1fK~xpmW$OfY>KdRhgTkbS=4A(<~o7yziEtI23i6
zHALH{*9n<mtCIZvGByvXv{Y0dH}%@)>F;6MvZW<++SN2Q{m^K|B_nDI=bKakI7BU&
zV|Ov1>4|UT)z}eAOCVf7=vWeOEt&JtwP9eiKly3~h_INlP8p=bS|HG-Y~KBl5MJCk
zs<8^VzyvK@I{wBpEKe`)SUSU{$WEs2R{kx1(E{Fhzq08WVYQg%btvMIOR4_j7_a$L
z$gAvl9{CF1>|BF;-H$ydj-Qwa4H@S7M!()}u5S~XWtTsqV&0TqL#MI*uPWsRtJrdA
z+J5noBQ{z5#2qF3jW%58?b9IP2E!W`v7w#`M;_hYulJJrp`ulD{Gv(l4n7CIShg!V
zdRtS*t4l?EOfJh+{=b}dmhjKcpv-{=(Onz*8Kqt+2_ac=AjUnU#2dy&%p2?bp{*|E
zVLFr=`_CNuK7F`zW88FXBud;JRb0sP(t~`iyZG6vmoA`zw{-WWt@PWvo^xxi*sb=l
z=h<W23A-xa=10E?-hl6i@W2N46x$`%YiZ2SnEw&jN4aPpCFDS5MAUHy&IH6|q(G3a
z<iB&Ma&nhGmQQe^r68!B;qo{zrk0UjVE^bTU&lRv)>VjBbB_e(mp|!@sO9h$H(%Fx
z=~)2sjpVZwQrCAe)cD`zJ|55xIm{lwHzewV0N&D|mQpMR>=(f|URzlVpzpP97)(E`
z21oS&s{i^H35&GO{mY!~uWB#tULc%frgJU9U$tEon*f+M3e5{qf0c*L-YsLCE{U{%
z^e2D^H#gJ&eaVF{$@8OWoP&20U~t6kpXxBq!4cQLtH*Mqow@$0E~774e)mtI*dRUM
z)c@{F)BaD4p6(#6lfaX70=!_-#nKCYjaEA!EEbC-6HfviJL53QE#xB&Qci&LgLN0b
z##6r1!9@xjS}aVc#m>)*QLZbK3;|uf&hHj{ZLy<p>b$%1u=@MOPQv1(?ez)&?k6f2
zJ+T<*|8)@bpdH#{M+79@|4(0Qbg8DJA`VTbHhU1`EH7`lXSAQHy%NPbN6j-(OH)=#
z<G5RRN!xAR!?D>rH1nrllON;}t=M>UDL69U-ur}RCyu|14gOAA-kL>|Z^$dHbIB!5
zHX@-fvwVo(=V&BG{V+UKHXvDa>m?u$oLpOm@MZ&H8aHRcf5ts$3!goG%y@^!enUp-
za}K}5CvoB1QM{n3Hf(~cbM}OmMC&wk^AsLeM;XVR_VUXhzd`Nv2~Cc;ez-$gESlW_
zg^wb2eQAo5#weh9jjDv2+ifrGJ3O}6bAxF&$?K$Ht0zl@b1{~SZzTqV-66;cM_g<r
zQUs*Tzga4a0Qc;GBJxo{fV`7+u=j|@O`T7@;kmos>5@+*vnQulLil#9U+SLYh{hBr
zK;zNQn$PM|kTX|UF|~ALx_XgAJhQ#PC(ChT2hCdHzKH3wmmqhhh1W*-?jk5JW1Kd4
z!$A}u0Tjoa)D)NDph{@M%uTyc^7=fn$nDqkUjAK>uY?T)L>LvkAI1e<SB)mZ(ly)J
z#b6~!zbiU{<No$yFy5KAsZ;}2(D)Fp)$2jiY%=HmE~<Bo3s+~QvLY$Ku%t#}#MBuu
zNZ=X0$Y>0B#b+eiP>i>q7TV6+BOcVL)O!`at3#QWu}muiErZi2OXdJb{`7P0n8A}m
zfz~<o%cst!sG$);e!%~Sh_m>NG(pO%Yt#$9$&J11nQ^gx(xnDlbns+mo!SLZ#>8e@
z;mT*nf#TZb69)K&mm-TDFaw|Xv4fuwvK{DDfD4Oh3XhOm*Zmsgxc|bl`I>7i;Z5U>
z5ZX-2;e|~2$!A>*9xiOZhs3nf0_TTkPw+>Z=}(7Wo`<hgxU9c80aW$Q$+n1}hE|(j
zG<hYR9^>Y@N-CRJCAWyakfrF?eU{{um?^z^z*0-*ptvGDi^i@BMdk|b@gc+>Q>mK3
zjEn7i;7FvTPm!X0q&$nN6%jhr@mOiyUG=Uv_NOU+_}o6Hvs+Prt+(bfwp!B6U&35a
zv?#;%L~y_xqT}_mjSv;cs3j^tWSh@sk%5xc1a4%wB+PB)ZmO9YXJPW5n^m?76ym>f
zn5W?vG7T6y4dJSZGMCGYLSl#rKOmcgD;>BNWlj^dDndDbCkU6YmR4@}Ksj_!#HBZk
zWfhWQ+n&LZKCaGy=PLF_$&%u01KJ|nHH_wgrE=<$j9#fXYXUx8>9m=RkfA}6&_QlY
zAA9dWL0Umx^hArD{`9ADO-Hf|yL;{a-ct{Nj*(z~rjZucc=SSJ#f%}zDrmy+lNC?-
z5tYyZidRkD*M07a%hwg|02osXM_J}AESoA#EUao|2^j7dtT}+>Fpc#X7GE;{@NbiG
zhSBC#C7d{dMbb61-J|;e2mQ<fpX)l+v&?P$MnBFV7g9t136^O7=kr<WA~kVEDu469
zT-M$1Hv+u(JFC4@lN4lO^~KJr2@hz3udrOY$*KGMIU1_gkR#(Le}1STbeR<WN%0^?
z=GR(#6`v|1p!AS<>|9nxCdWi$z^1^Q#agI6_iK+^BOd>1PMGasCv>ZAlVQyCkqZ1=
zfK{I#5{ufl^=7d<oVkz=4Jh!@lO%6G4$xvwwWREXA5_DkR%WMt!O3`GlJq?85Dm!K
zkUJn0(^}rUv=ZDsk_AShIYyN`&p2EW_!JO-T)hDc(!0nelr!5Ox2J@dJk6Q^n$cU`
zE$4Grn_LeL!&zTR_&!Fia6;yWAO<<Fq7F%+r<;`Pr%Ek7^V4j5!DaGE7R19K5?t|O
zwRqa}d%mR-YN<;6#rhJux4~IVw~)arpu9Kh7+anrUe~&5<=UVw6z1kpwDp;pFWp$R
zM134NKyV{d9>w4&NHPuwFW5gMeO3BQe(w6Yv|9R`xlV|jgI8g+0(MzJEW17*uPVLZ
zekdIZix`CP>*m+ASqDApv_aUINAV;xhFRk+Js5Y><bssfE;R&8`L2i;l-c8p$!n81
z+tIxDqdr-e33s;N-JcImO!Z#y=CJ4mwUOf{RE$Up^+tM-2xSVB%msP|&~$DcrYSa}
znLa0GbB)$bAcJrjSFFR@1}7u;aU(c84HPI5lRqaA^}%fh1NL7po92CHiEiI%qofoI
zhqHX9`U;Fpm!Hn2I-jE^)sii^IjT)ll@7RU%?X>=nlcZFUq0TwkUYtU>ld>{XWL8%
zuRSkcQ75#v7VsL<2WBUcC#|ciFEvI*<MA`DnQF)?TO<aao(-{wi9*P0-N)k`FBS1w
z<0GTwtU>|E^qsTO@-EX8TH{^eahGAcZv*!G-H{EuRQOXf^~^pQFcUX_tN{pPFR}C6
zn7<iAuGmnUyr12lA{_Q&*jjwk+_NsLb^IlWPA6uoPF{|T<m}bSaLZTwUgW!ExuBpn
zne6!QEI`uM2Sy?BI4(?>I-D?;qydAf`~+c7{eh{oTv3oQGH6kKO~jPHT9AJgW0Shp
z^E8!8koewkc5j`eg3-~mxf3(DCixYAp7rOwS&Cf>R#@NU-+acUGopw->#uzvku##?
zd`Xkm9^+VmnFXmXE>a3O8H^WvBPvEl1u_5)9z$V4gonMxuwkO&3|DdQ9zw0GrQM*E
z8>3HJQQW#~#xkq%a{@r-qpKLiRh<x#L5qvym2Dw`LBb9rOb2z`{1d0mY691SVLlEL
zP<3C0Yg;2#^OIsiKMyDsR&FK*3#QQAF)75mq4ZnhJ4p!%qy)f-e-95B%OxVyrH5C&
zis;TJY5Ocd%D?0{TE|f0cGoFJ2g8$v*vi%R+piAm9n|j|uh%~!zG<T;b{P<6^3Q*T
zxveCVHOA9X&tmZ4OWxr)yi<U5KA)!^>EY`)ymQ=v?q_7RrtoRmf4N@cNjZhwXT4>+
zJpeYXc!eWORNU@VWW>BS6VNH~1t&Km!0fX~#UNu<EzwgI1Do4j2RAuUKq?qwh$H^t
zM!`yeg7oL!UZhpp8p8dgk$UV_sbv<UW4wTk-qxbkmv>Sf-0=;2b-X;%1i^yBKf`OU
z^-{^U)F2zgJ&r9EYhjx5n)4%sj)E-wWs|q7usL=Lto(QDzee@l>=CMblb1SRnH&`6
zkqGG1Zsqn9h@A%b%L1d?MV208bhE$Bzx`Al-h<4f)FHBPUXg?`d{<DOW8=H7lI@U-
zG;RYs^w@6E%c(?X&8k#T9Dnt`{kamuMdx!QA`_u}cx>O$)ZUx=@@cJs1I4)SEpb}D
zGAJcJ8<U}RTIVQ!tnWKcYb%A3$}HIQI?h!Fm0*pZk55IuS1%hPDZiHs$yOFpDphP0
zEI)gyyCOTBQllEPzGQ9cHrsIM!DTBRs@){8i;FFIo67b&>zzqTUnr1Lvh;ae*klS0
z&!}yqn<_OGD_3vIDG1iI`!$?!0x$9tyH~EuuV(WqlR!<gw(gy<MPCB-g=pEc1AKD#
zl>G)TmA84n;4I*B!ZN2<Sz-xU<jFff4SVD6m5n)A=znl`=wkad9Ky?37nEE+)e#C1
z>QJX7<ve%Wf*qq<j#}(|+t#_8@GdEh#FL#-fj4~*4jWED$T}G6R(`lLPRKGNCKul}
z9RqV7cV9vAqnZZ9gg$8djCe^(z+obfKT7Mu;&P;wDnJ<B*9X@I>E6F@iNRG|`NWXL
z0Z0F&?k{Zx;~MFpSBBCmUWQpplSuaBH!td^{yy>)v3JjJk&8@Nf4lTxbi(_a3RW(Q
zPupJmo(2JMb7xb$rtwr>n^)oP64NZnrJIV&Z@&x8;&U#}M1u*N8Ht{VnB4|?rkFiF
z;)NQLapBffME2I&#UP5<{pFijw1X}@8sppW#<W>@OKg`{dg$#7vR9TK-&LNzeBU|t
z>U~R$zD!|~ERQ}iKlJI-YLZq7jaTayUF0;f`T=e%1|v)|o`SD;{|P#pdz796gxB*d
zYNG|PGX%~L6{g~6QrhekLyDL9*$WLRZju%?jBh7MpPEm9S{02s-4oe&Ii(1ULNXjL
z?mv!Bf7ukbVgG+<d#ixBp5G7j?Bee3E=5}0S==3pwYa-GWeY7<tOZK3qQ%|ay|_zp
z_u^9IZofbK-?#g6A6L#yCdo`b$>b!v&YDG$c)`9KhNlXL0m``x%MrPX;GS*&=rCQ*
zKF&T$1ymp8fY63Rx44HSP22c~Eijef_m_;n2|!==Hdj%^;?D?t<3NQuxY0T&*d?g^
zt>gpWx?D%~m-#sDn0Wj~f5Kx;5{WVf0uGnhW!|LmZJjMUM!RzOJCb+=eG(gXO3-kZ
zh|6w+2(@?kB$rfP<9<BRsy5w%9x|56+&^>h<gp7b3n*Z)w{u?`FEdUvJ3fCO75B3r
zV!eKWHQHZLVvK{2BTWyvpmN1f@A;L@2lAtH*;}*-YWrEB=UcpW778R!s^Db$?|Bq7
zC1tc5eP?VmYd-b5fm=r+_|ZU`9a}DVASDeR9*37_ofKvfKA?t7L#8dM?i9mu!%1y|
z+lq6Y=cwSr<<#*%WXsD*xV}MF7k13W(sIa}Ap4DNkNKfdp2k1|8X6^uE~j-$f6j%@
z9S|8mlv@;^@|}`bxB9$jlkCY-_hRV|KU`_8+R&(%iRj02i}?OwS>E``&U4J1hyj?s
z!Z8zBz5j&A5CsE?P|ID&%vNJD%%<i%JPby>MA!oQ*S5r}CTnEuk15Dd<pI;J4%avn
z?evsl9^yaBiU?`yylMf5ZzhZe9@jtNsavC9U;j*H!0M&@D?-{?=xvB3w%ODaXHiTf
zKyddGt)K8)qz4UDhq6Gs)5%7|6HFgz%FNDaPR|m3Qsk>amnDP6vPdg3k{cV--bxW~
z9P14dp>6Ji{}O?^NqrX008xKKOVQVjue^KdP7l0+U3zn<`bBYjdVndE_(Z#CIG2N`
z3K=0ZKYj_|_;u@}*(9^oR3p4(rKRPImWS?$Z;)n&H_AAIdG^@O1MTOW&St0dJ$rS@
zRzp7>Fhab?k7mb8k9+IIOsGG~ShAG0WfNW2rnmH}7?r-KfpCRaZGOLAgqJ5q+t!Zx
znj@%ED#IYHAf3!upO1EkL@0oPbFjD9;Di(tC<X=%4T(oqTom>!VqRhsup3A+fHtbT
z2Eu-(2YcWsX|dV9@n0j<I;WqCX38gBq=qDXAXu{tD;Ihutse@THsQ}Z$8u`s6lHtD
zf2xA3C3%E{w;8OeV_&(q#e)yGHfPTMV65)@u6fqD-r7*-mc*AA1)G4Ox8#!7JcV?r
zuTB83TkXcavi&s4N6}k~_&3H@Nk<sgoBjbiqFK`6yVL|!fzF+Xnv;FE2TzQv+S?7q
zrvh2%^#<3FCGR!#NcXEJT<SzelO+>Xz;#39JCiOwWOe5h^d7fVtbob>2@;SHmPb*5
ze-#xM9|=7qo7fI-fH<dF(P&zE?+c~HP!VIiSn?a25yW?{f;wThGjD9c@^T+N)#Ct(
zT<lL_76d!{RW5tSSV_A*KXwIBRw$zX$`Az{PsuCwof$(dKLtQY<VuxtF54&>L3gTB
zA0g~BDy5}0!}}k08+OCMW?o6P$ZYyz96s58zyzs(cm+S7pJ0($2=;_+c(_+Ne4sB9
zzcxx@fo(+<+d+-}pHx<OA3j&VLCK?Q)_RW$?!k4F2!s!J!+1bM0{6LG4}vA3fXcot
zHX~%7=J~a6A{G%5l%hAI>J=ialHuo2VB7dq83HR+1-X+-fOE+u=Q@XVy=9AETE1l0
z?G`gM>Gv47<u>DV^!^b|`MR9bxQ~J!GHWurnycM`!l>qeR*jRNrl|luLN<>z@u>o4
ztC53>xOgO>K;=vMakDA8-S?^l60q^jo=`2KCfGNu<Hsk9=pkS+oHwU;HvA&eVGWFs
zU{oXoWNf(FFig|%mr;N4Ty9_p9k-<~nN{exr)Vn2YamBJB;5{-uYDf{_nTz2$pMjH
zU;c#&?AY>t{|T86H}fvG0g>5^Ln9SPx6t(<VgZETJ*{(MQ^!2=f<5$@tO6E<#F66+
zxn)KQzKd{E%tg5bSX8ls&XHuTet#|w0nYX>!xz-%u`~H)a<Hj2Gz3mFXdo0wM<OBY
z{vKJdZqJs@s>cBiaX@0y#}ptidH+bn7?Z@e7G*qUsA6boy?$(9k)aszV(i`T{xYN9
zv9_!;O7E_qCo}7cehLuS0%PYvNAWQgKD@qN&mX>*WsF|$g;v_vmqi%>j&0^)to)1f
zq*1tZR=QxFE9^{2AMrBg0|op*ZY=VSX?5$e<$et=HH4A%NeJY2Qt53q-@)?whi6`l
zD)pnX-v_C8v+&FX)40^!A*pOzE#PZAf-{ANaB5mm%5%6qly(QVw!U*kLDWsGWyYz$
zaq023abu0A<CWan^>aM@fEd^sMZKP*_f9b&K(POLR&I?A#HBX;0U2A5i?8(Ndl6d+
zpHIlA%^9lqhTHI0IMn0(e3Wfd$1mnq>t?$JF<^b}T$Zb;A^!W(dE4tHew6Rcv%LGq
zt!k|0pv<DBtF<lds?f-KhQa<vH+IOo1(nhW?1((12d}s715zT?9;T(8^VXV0DR>7#
z@EpoeY`V=x*(c^}ZJ8;>I_3|uSU!hFWzRSb5=`o!T)onzp`&mT$<we|&@9oL*sVT~
zugk3wTXe!Dlbz?kLP4Z_Kc(@?AN(QglFlXbwDfR3VnPILomQBmrB=cyYWFeVSZ>XP
z{}Pq8Hnt=AuNRd9^P*nE066eJ0KVwnbKLT~C#1GDzoJXj@i(+-1>W>el?rwf9t~ty
z2&T{PUu-M6-R>|g@`8rG59^mGy0-ZXkNfMHV2nR`;lT^dEy8CB7%4!9Q}zK6xWrN&
zW2RCYsf?ts4h8%Lffsq)MWXO>b}$=Ovgwqbouo`So3Hs-dD*EO_`52PZmSd6qjga(
z%B1t^hYGd}N}?YLXyf`iOCj$xULQBJw}G%gN|y3WofDK@{)Iv9{ZMUOr9%Mv{FJ>+
zj3e?J;6u|ZJ&x}Rg;2brornc^8fj?FH?kh+@fq5+Hj?mnm4WP_`C!<R?CffUK&-e+
zLX&NY1)+fjBICa18>>Cdut(xvWiOfVp*ZqOWR?$cf0~MaTsi%)^?^@fT*DLvyKIFA
zG?_}B;FV#GHbPm8(xqz4y{4S4MGD`j5NklA_7yQ-YaWA;hAp#ZO|t?;5^d1rud`!U
z_wt&Q;Ebjr9Q%K|$-9fp_id#;U7YCRb@)$3;gqkAA%WH}mXc0-DYYJ&2li95sg<FM
zOMlK2=W>wMiyeeZlw9%O{J<Bzo+*B7faNSR@u#k;`uIhsV})-c((`L<>IFdeIK>_%
zZlx^x6CA8t4}Zh0TdiXSj!JyhOKGTjFgz+(Or<bEfh5%8*|ZgdkFI;k1S_T3h#wTZ
zp9w`+skc@uaOmcn7uk_vo_DO!UmwW}f(KFUIt$&)FwN70gh~kJaMOyn;y&kZbh7K|
zk&@CwE@x(_Wvsl|BVm3v<DKYn%k!#fFE!cg_3jhZq1uNo1j`~q9n#@mZWaO;Nouu8
z!W*W@IqDo%(4-mjlrW#rwVi4#sXx#Y=ApM4q-Gk=6RhDJqB5k-0O``PP^vREVj0TE
zrcOr!FZh#Me$f|Np;4|n^%pQNIYF<M-y3qQc-57M1uVCGd@W*D-&yxBDba(tmP~d}
z$N19QX-3Fj!>(fLI{8M~KB-bmI8Elr!h(-5L2=RI5o+4ick=y3|J;Tq&JYB5*nU9x
zpNMLAk-aDu&l}%SHp$22FITp?ZmU(HfKU4zej0r^sN1!<7ZRp{?9T_L!6bF75~eGZ
zXE(i46!25*OPgQ?FG~>o3GMUQEVCqiy+Un?65>7Vu_nri_e5FeuX_W1?o1ItLo2Bb
zuUAs_5`jBPj1~rs`S5-DBr@Nb9PG@l(D!ZUL|NA=XMO_*@W?2KWHMdab|W2<@bGg&
znY6r->uG(Ei}{)~^WIPDg#lm6k=zc7=G34C29%AJckg%4)`rpe|9qd}lzjBLgO#Vu
zs$yCExXS6>T<7+Cn0^q|dpnyN1a8kO3oLWpZjE?{k(kJI7WXwL4unk&nbfs7>)dRq
zcqKY&`?jjZ*3$0_9)A1beJaQ5SGQv?Bj3iO>YB}!7}VM*eU2itmqcT^+5;$wzLJ5*
z<!-4h$hBVp{Z|j_NiF^x{3wehqQGcXnQsJEj2809)yNkz>Gg5t>K{U&;9_*lxR+Ii
z{aa|Za3D+HI0+bsyif~!TBE)BKW^~rf1bvL0TRQPpFWJLx|I6iu>Lg;z#^Tn!0PCs
z*wUyrrz9^dqC{V|LJu+n4XZB=$>G@yTs@`tq+TtfVSV?-Ie;v+7V!MPgb#~Hpd8m!
zBcm}h-02n(Wu=h(vVujGYFb}^945fQA^h)&_z89*&M2UW3!TirkC}}EP)-I<ZbD`p
zij*3evG!jQ)^)wge*#(;)KM#?lz5H3ulJJz+;HS57&!FObGd9N_7&Iu#P9AtK2JWE
zKQYF;y?;RmVIysT9G~&%e*_wNH_3Boi(p2AYlR<ryho6DpLtzh!aE^DB`B~b36DJa
z;d9jmpSnE_>!}BvowPq`YZF7Jkm|d_cQf0@QqWs$a>h=`c96C8YzH34vx1ikmJD=!
z^I1q#_!h2<LvyA<B(6K<kuCfd?)MZ@=1zi`?Dw7!A|2)&e_>p^rpqsFw4X57sAH7S
zI<rH|PE2hb2Tb!sD(JI}OkXMm8~o!Iu&Z72if@S=qaE0Ht%k273H`o$K|XU05JY2t
z$R5R@I4DNmL<LL3b&QaJW^ocMeW}$o!{|>`TDl?hX@-&{=AI!7^fi2zIk}X~WEMN5
zginQlz!!niDAYr0S6)0i6B9uYYa1;tpU}ITfr`jDoyll!6%TOmuUxs2xFohxv2@As
zy{L)<Md277V;cI9<W3dBg9XVYdsuQ44vs0#|9o}(7`+P{@QRTlcMxOr1tHT5YRImL
z7X|;V8~O2%i{<{eKXXW&Ztrqy;IM1w*aMU<kV8a3SlG&+uO*vv%Ho&dDb3|(m8P1?
z`>S6yhOGL(@D^__yNNu%p_-n^ky)NgE_Im~-+g#a6}xKX%=OsciMU4Zb@j~(h$K*=
zGP9Jp4|>ZvDBIDlq1mdh3e77RJ;zefOkLiCC-|sydKnc}*j0~N>l~v+xI<2yQ@g>Y
zVfv)PPK5HvS#6Td&uyojex0z4NQS{Ox9=J=l^K{8KZ~lW_#Pvf=wsRa%o{;eQg|?C
z(L^DV#+qM7ztm&P3O9n`LfOi^$}+ub11wqhg|}{Tc_p70T}gAT=f@3!e44fOsOBx>
zES3THjFh+UtHmILT4&>>gbE$Aoa$Mjra#&g2|+8BG4`KBFOlLBm6l#*%o~d)TyI%~
zS5<SZM<MkD@P-h%lX(2gJ&YTk-`c$9G8PGc)77pyynTA)d;3F)rMy%WYE!dh5*u~@
zYi-_Q@!S<jf6Y&^05djDrE130Prn0hYLm02DJ_%7cMU*+U9EewC4P8yR(7;zLv3E-
zluA^K*Oc&+O!jl%!y4<P96;A7=e8G_j}k^!Js4A5p3@~H{{|K=zU-J>Bo7w!B@cOX
zHU%FPEi~UnLViSC)oGc7=VG|=kH=wDRkP@!Smx<xDiuppqRBG2@^l~7$Cl;%io0P1
z7T~e*FGbynY`|sCM*ZI*?>UO2)Q710n)AD1g=e?b1C1It4=?{YNN;jpS*k-b{JtVn
z@NrBhv(fc1tymh*YG6Dqv9_Wm-PvgeUDD>j-pNH`>rcwP8!v}u_m>g7%Xz=S;B%~$
z)Wq>N18_qf+7%0X!cPM7iqp2mqX2WQYOz9uY~w%nSxpDkGFs;Gq_yx^EH`}GjXifC
z(Fc+!dP4nj@|?M8RVB6-d>T>$N$sF*v-KE)6h3Jdg%jlg^RZYIo@ZyCWXg&&hw!OP
zDkB)-XmGD~wx-KXeUA#!XG@<OzOr)d8>{6G{cd4S+iD9Qf^*j)6)041anIYUCBd70
z>n*tyf)OZNp^!m+?RbQ@%*e`CQrx{3X&%=A7bLh~?6<n}l!n4Vmj3>-fPZTc7BP$T
zg;f<+Y)ytYwLwJ6S^)dQu@W|ghb#W?KIiG290ZCCzja>YI-!1kv8G$)8-7Bs-${kV
z^egPSUt_U6`VocpN%eP&9;{vj!~gjI8IXC1jcey4@p#51{PPxNheogZDR6W9>8>Xz
zB&#yPy1RqR=nF3=%X$zo?7#mvK6iTvU%=}-DI@*Bq~7wacl{YvOo8!NOHWqBnsFnc
zpJ6Z!(V4Knw?irf8v#@kPEfVAmEy9|p@ZE7ZYE2TK*3Z{K#41Wa>a2Ve1@K2W!xyv
zoA8hgpGb`a{RWcWK+hKdjs2&nTf=8`AJh!0KR1<8`wh<&$$VkucZHG1dILL`;^Kn8
zMSV(a>%9tGqS4gF$f#Kdk$psq@1*7tO7rSLE+K9gW)9GTztw515>jFL2ipI%eHu~`
z`sc4eCdoD<EEOT~pT1CT@vxdUim;kDHnNQhu&e}ze;P;q%B==v|E*+`qTw_NBk7;c
zQq27O|NjhYeSN$ZYD)bf+XTmlVAPdizrD}{8Vlvs>WR#s$$-(Px`GU>S(5+Fm6#ZW
zH9c;L+O&c#M#vYo#3a{$vMHFH;ep>=F{v;T_Y%*xQ~@Z>NdZdc-QSNI!gqp1KnL<}
zJQFL}2F5Ty%Y?E7aiD{mDTfxi16!)D?Ear-06=VP*T9Bcz-D=ovjv9?eA~9bhaV5%
zgLwF1W}*Qm_@J6J4D57xY@i|<F!)Ot7#WzC1z@dTrI|qRfCC-$D{QoQ01VXOKz_o;
zQ2;=|5_0A?j0}1x0Cj{PcY}?F3jsR#z&3)gC7@6PCS?B}c040cI1l#nx(W8q>Xii>
zeJL6y03`+C?}9e|j>8LP9);`qJGdRZdKyyr-x;ToGX=1))nH^4;6Pj{slUT$Q>TM&
zh(JVOBWKD2y}nQ%*mRI+Ao2n@`%A-r2Q=RuHcAc8e)**KCPsNcYI&2;B1$uY#MR&C
zjhz|Kmx<|G9@d5#UV}qf9oCxgNHnnqs0=<4`~=dA-~#w;j0Wu<d<I%t<hI+jkei*+
z+I0J<#*LR8yEoXlj2Fv|yJ_z)c-<qZk<aVjBkpk`Swpe;CEz|#hjUG+2%liXOJF06
z12nB`=-3+^PGp($f#nLnwjHRQ;xuirS_@aJ`+Y>dUtn90H*so^_9pW2R;gk1p!9ho
z8APBlTjbEiapzv#U%As>#v@+SJ#(v>^kD~6BWJ^tQcFX*A>qvpj!-Lb3-u3@mmN~m
z8cF(yI-Bw=eYfkVEGiBifF{cbO(xr`aBiD0C{6Y)39)+w+&EO-R5z~rm2F4I&;iRm
zK65{sWpt{aW~vd~cCNZ7rOLLGdOJUd^p|zR+0-tIbN4(D8#OFtsVEa9DIfs%q2VW$
z36$}xt<Q``5(%b`RKk6rX$q_PI3ZN`bC1{tK9SYirdhIH8}m&$C=P5X=&uR91_Euv
z-dQl)A6-qO6DkeOBW>sQjUwxW2t+#^k^fE*arpg39rGpU+XXBLqXag*1|kNwCOnLj
z-mXi)j8*W@^!++Z5>GguCtI_OA;BNXguyvIrm~BRPZA-|GH}!UWQ*|MHdvgYJqX>Q
z^`B0>JIA?R%kUO1ssi${@8%JuM0@nN0tMsLXt3f{41_$@CnRg%%`3x%GYu0JekTca
zkLA;RP%vca)<0&j;HLFlkULb{NmUld`t#Dee)PC!-4EvNr|axGa6A-j7YjJQnHg&X
zYKkMvS|3~K5anAVg>rGYxBYVvnfvFlR1!%t-GM_G%fh*ApxBtB0F6_Q6EyoQZQ?uD
z0l!Mu_^22fQV4=rz&lZ~Cb7@y%b(|}i|-~5N#2g}C7dknyi~UD5Ob3Cr}g8LVLo;}
zt;T+H>DPKD%wUmy6=6cd`)*rNDy_)V`ts<Q;Bsp5#Ns7!o8xQ7c;?*EL>@?GqC4}Y
zS%WH^?GXK?YEHv19A`3ZZ_NqB6|e6jOt=e6m#rSWY~(9`(3;zWmOpp$FP8>&?vnjp
z{%Tx7l~W7mFvTTdjF0rR#-06G?{A2*nZ^IZ0cyqrbXqvcxN0>jAkm4C((>V~GL*4Q
zNyjc58TNnt=_Dm<c&kPCqI?y{dVizGM&NiMysuTRtn-eJr=axwo((t0$59ch_SGYu
zpp*^a4>Kg&6jVVi)gpGXBfS$BBhGIlB#(I#p4V_}b<0>|xPv_-!Vin2l-8FuuCxWG
zo3(LvV@#Jd@^=14YML621-Xj}PL(UHxMXq3`a7mAUQMy`)<dksZGq*s?fea(Mb!a3
zQ>Yo1KUb%Glg?Kh#02*6f9;xFqBM}?FWF^a1l|WBs%WN#WMeopqek?1^q{#u*#cOm
zj#OF}{iq$gorC-aZd0$){jrbqJYCrxSwLsAM5}%U=p&G<1Ig%E$w#Q5N_2VVfz1mf
zlF;6pL`+!IZnY?E6-Q811=b?6iRq<Rhr>KnLC3el?6jTP29KD;?lOj)h^F`$;~zU;
zmko<`E*#J#EDEg+bF8b3LJ{yd+A&BR!NP?illQd&IcE0u4htry2%Otj3v*X1i{zLy
zKOMLEG;G?oB(v3j<Stfqa@|KCQ{qxMWCYpPVYXM&BcR=<>Gy{CsfH`cFwEq6e7Y*k
zK6smp&nq54tX7OP%B1l!;8L!M-!Ak1Q&3-=gy)Q~B%8d3>$(=YerT7ZO9E`87raMA
z-beVm`84<-*&wln&0R+e2O4c6j<F`x-vi7|S*4C0#(H!*Na{0p!(+k*$$9dVV{MFm
zylXmj2qsk$0};8Lc;IiR7X-?*gTDu3I^<5?^c2Raw3*8#O?aoa{W57aW8gX?la$To
zBX<H#G+`kXB_YF#jum~mxigy5+Wqt8kDhY_te`VeS>>pH8)>PSVEd<osdBMh$Kw!A
z<Hc`Lw>QX_%7iS%f?_168=~bHC$D0Wn&<O+xcxT-Uoyb)VCVt&-mj2)`3dqcI7_Pf
zR%5*p&uM%SjgG{Z@yrklj`)U1Gi`L~*^tGU_#6(aV}icPv8imDj`e-ajZGX;$l&x<
zGB7S1i3Yq!+L~9LRDQ!<$!sP~2Ev0$NYPmeHTm>pr`S7;^tO_t`uQ;7$mS1RqQoiY
z_I5d?L|X_cZ=Ha8<>q9Y%#RWO2*Qypu$b8~ASq?AR0hr>&W0@T^SBq`jl@UU@Zj|;
znq@MN)?I&-5oLj^Z=s)`1+yzcECZ_9x^1i)A#GLOC*rQ!8syJRPO8H3ebo3Gulb03
z9ip4nk!5rBsyS};YWN@_k$TiA_cjD*XE+#fMdLO+g<pzl8EXs2dgN?K34+E`Y$h4S
ziY9JDqR*IuF24)9TVMauNA&umxAc7s%h1buH_iW~G4+@8si-%+1Tzi}L=rj;pd|ia
z14+lXMn64&pd$5n6r5xptuz`eS<bD6ewW1Xb+h2h(XPYNyy;Iojd!|LD*RPz6H3H9
zZ?yvw^Em4UgKE~z@wGz~kN-?xF;z&t;Mx?CvLe1V1z**)%^>i+vfic@cKxFAiQceu
zc7BFz!TY@CTpDk}uSv^t)vnK%haH_9ah`AnyGFS}7pWIs{jDu{Ao-Gr*y<fUNZT`h
zE@hTc4U>&$-8*Kv)WJj2mBEq&B`zF|P8B%&i0_Y-xcy9GbJaZOOWHnE^?t9gh4x#J
zzeAnB!DW%D17i%kfzZ!czgEGdQ2j-xueu_IB4qO!OE06B#{J;h$TeslYd*|Iuw-8q
z`3CsnN3ZLB`>`rpek~6AO%|QtWUqc!IoKUu3L0Xp{qwNB*z?`y3Ue__AgvXJ^rb8y
zV-F=gFg@el%gd6^0SrT)8c6~;!%WbE)m^25^i6q;ICX^~e8^HxKVm%`kH33K)I0rL
zU+22lhcr#{e!1bL>Od{u=kGRkd1t@S4a%A_^0watiWt(nM-kg2;~oM##7FAD6>C~2
z>^3cg+QS;xP>Pb%UB&(gSukDzr<ZI`b<?a^@_XoP01k);GIf5Ug#$UJ7m<vWN|3er
z9o)*6chJ7nPKQGk8vTi^Vb3aY$*ns*luXQxAmooYdSU8i_Amzj`uQlIFd4oOLf3;_
z|BeXussD)(OLW+N1_vLbzNRl<g}CcChdw@@oKNt=+W{dN(bISd;g|)JL0PW?^V`BB
zq)O+%W4<;qvfT)Yj8&mT9IF@^HUxC!Ku_@V9baeU#Wcy`i6GZ3E*RepT4Je~<*!_a
zqwbnuY0m#g0hK{D$yO0OI%9!n)!(PyrH3vH^dIykvEV}7ZK3@fGv6MSD#13X&z(@w
z=v}L-)Q5#rA8P1)vPt=~TRviKSLCpOMX33*L9CX+$5)QtrSY4y*PxbwV!nIcIMJz;
zZ1CR4PnC}C2hN&34oLHGHan^&Rk&H6yj;tM-+_$?x&sZ%Z*s$Hs<J*l^E$oXZbs_i
z=r_98N>ZV5P6Ti_vB`^3nhmK>8yc14jn8}YX~~EmG^LcpVHx^i3K~CDqdt>-)fOgO
z>~`|tj^tDZJ|`ZVGI?eaAC4CxJ)ggZ61J|XSD4D(d|{iAz02G%j}PnQCby&_z|s+w
z$&yAKMMY3|cOv>KMIyIgUVng3)$7whk}HMz9uGciBODOw|4d4q^(BD?DvQP##rfks
z^>IA1v7XB9drO4zghvTUoL|F<J0$e6q2N7v0SXahG0)`fVYVt?=MrEM`}J~#|2X>6
zT(3blxJ$(V`}+zM4Xo8N%+xZl-b=QPmZ>W4%EoN4+WBcf+~b7UROtsBX$(e)yQL80
zGx`Ztl8%+e2Q~|@>_a_J&*Md9gaDm!0AQLv1zr3WDq|c*?SV?x9%kJgFS@RTL>%Vu
zJGnPQsf)<{^J_BO<sN~5E5%QjS8iAmq;Q*YLUKzl@F9yN9)Due*iCG9th(Y^VCY#<
z8a@u2ninEz$)W}DrY?|_7K{8IP2nA5pfN?GE}_tq`o&dO0w}W4KpT>OON!su=k*;@
zb{U-W`l!35Hm4<@B%);&F(9b3cjUKCG~c}ykz{RCdwkkRNzHF<Zte*9teh`)F@oNt
z0n+vsf>#&+Lz;{-=jqjA=wp)H%0EmTgGJ|;aNBB3{^7CS*IF<3&74hxz1}N_=S}tc
zBCJc?!I1Gqd`@UXkQg7v1#=k7w3CjrM|gD@{Nf9h7O5i#X@qgUl?7LDILAf`R$%wP
z7S2^C3ECn*XSk)iGfNdXe9ZyfQGMcG6Bat6@T)*nTXm`%As%5v4pyh7g?<1ELAb0x
zS<tAphB6nk3II~gC^v+0b&J=!ZvfA=K}2nmVB<*sDOoE;9Ehg|sK?HF175vuR-Dxz
z_p}eOf`IyvC9U!644rwtF5n4@a?|f_wtPfu2NJj33lzhLTsFGaK76Lozs81N3Sz2x
zm-@zspiZ^Ri+~e45Yz$;sqDR(YA?MxVx1qGxj5z-zqP#i?cf6XfT@vylNGZ<LI<sB
zofWBbtmjG;6^RaT_(}`)B8T@eC)G4I{}I1jD2T7?K=Vo!_!uM@uiY>E=e~jDz#Rwn
zB56VtGBu5~9rVMH+W~lwBuHqUgaD#Vtx*Ojrj%L?qmP(zX1RAuf_jE_ZOygQo1;il
zkaxWj8KA@P3ypAw)wCd<qz^_#sr*A(5X8$16=j<w3rTHYL~G``>8%n<=GG+G=4-lR
zU>dHj%Z02EO>{M$N%gZctyt8#+WXC?B^pm*@_lHAs$}_cxdThgpZb1AB4zx;bX($$
z^e%p(bC~F`hd}3@%i?h3*f<bk3{QfHG<_L5Oo~bg8FTK}0586HA-0-N1Nq`~jKMuB
zl{Akwvh^2(>Q^LITk;y9nzAwH5rMW%tG)UVM?%=KhVdV}x;>4cF0Mj0=fp}2omGKn
z%8s^B#D^@XSSb#SWXkRR*l%Ef?saQCtDgw*uMFP+&7xtiz&3U$ARcGNfjnM$H8CT=
zQTa=&>iJ#(xFXrfqjG%*`tg^Zdg$biEWEnj-l`1E`EHf^fCr5vpFpNl&y2)`nUYg5
zPmWX>V<d8BBTtRx9{#bk192r-UMFmNni=yZmImP2^I=JcnL*qfp+=agbb1)&eVnq|
za=Fc9NGi3e$gTP-_V=k%;$=)XInyGKrrJO!bFyL2Nqz<@MZgFm0adC<)NM$<@XhYy
zF0g$qLaqR5^*ZuX8QB!}i<vfp!aqkWfCoyx)#jh2TO#iFzoLVwIE)AIRR5^B?E*M|
z*Mu91h84Ou5vw*MAZjd<++-lLr~mfxOWR7dpC<+pL>446IX}6<x-?7<q!CYf6Rv`9
z`l^epN!2NOQnSKRkCX_BAWa(glMYu0Gc!0KX(vQOgFg9LXxT60a(*p}SUiZw(Y(Kt
zQ>?8I5~0(t9KY)hS3mjTuH};=qPmXv5MYLY0CGI<Vl6lMhUv;T`>e@SMkE@k=q-O5
zi{@|$yNhg|)>DYO_3|%!dd%6`6RHvoQNu`)&~Qp;|JWxhQrt6B>}yu(dIQXp3=0|i
zmE@i|c|LrMruDC1TQ;7KD;Itoc9PorRm@s5Gj|97jAFgFnb+Y|j(caOu)VMb4*#Cn
zWLn|3rN>_OC~}IClPu=og9G|N^h&2e;G*2?cjJvyacR-r{FW*4@x3h?#wIhxw=M>H
z&Lb+VLo5cYIE%Npzm(ntKleDm9$N8s4PO^tiV`d_guPqDBMqQ{G~wvAznvps6O3g7
zdgu58Kd!5CMg-EaU8u(~-YyC>2fUFP9){~gh!a#<P)~~B-;C<7DNR3~twO*)vCUSZ
zFAgsN%s{4LuCW)L(KUCU!f_x9@)gAULI?^YuaI(VBjrbb`MiI=$Hy*A9jF_FMpkfA
z<OzsH!LXyZ*z2F2kMUg#Cm&~aWUD0XHK(<HwTtpKcT~igVx7qh%lzsZj326&P<zfw
zGMI!zLL-g$U;H*`pSo9v_NP|_X~25o2LX{;vpov67@se(Y-44bTT=ytjIW6D8wsj>
zyay&L6lxygaq?GE(NByyf6a#k%zV(o%*PLwXX2yonjGsLg>kkw?I?9-3_S_22`|$o
zR)VWrDQ`>m{61vy&#&_&(Qo=3PS``=ELeG^_3VB>`hg;_Y&W19l4s{aZk5End4w?X
zq`MxSXZ9-8eJ)dIi#IJcK9%Yn`Yf)M7?69ABjOybLB~SJk|qij;Z;M5MTm9r{l=%=
zib~13T8cl&eH@+GQgTc;wIDV&TztubaQ$MWI3hWRhbH!16PKqDkHi`Lj_x3wUnJ=8
z9kt3CLmT(+?%v`R1xe=s;_dFoDL(OOL9Gb~^$)t^3$w#8_Ej6IesRj&1j%pJ7~y(-
zX^dt{w1#UAOfd3rLfT6%v$$p%va_+`C|s_~Zyj;DmkD~_Zr_(Ev2qDLz5NGsycZaI
zOyT&dRpmcXVGztexScfSC&U<G`(O^vD_NBdTYy@NP$~Mo3PjUUiwo;Ouf(&Ar$&}k
z2nTS%xrp)wY?jEG%yiMwuiRHD1CLyzg)AGAb&7wB_a1WfwhPonkvz>zP1X5NqYkt#
z&+i#{*EM|9?SE4XmK|5t7ogh;c}-o@KOQ)?q$Ibl-o4q)jCay*vGG{$Y>`BX^bI4V
zt3}4iP=n9Sn*cri4c#;7cNqK?z7c(__3tEH=fv}o2sHuz?ih(U25OkRrTz;S^npaR
zF_}3cm$$NsBYsJv_!TdxhM2qqX^6IG?w}X<G9M*e3+2Fj;DhM3o(~|;y3FIaU8dOl
zED02tZ3;!E?v(q-HW9+kYGP$xsfDjaVq|4v+Ww^8>mCxI-Jd6vtar!)>e9elNNd*J
z!HTV(D$geXhF=Akut6R%bTF-BDEtQ4jbt?a(7!=P$<*)^GeOCOS@5QN@Bzk;w6}ou
zJCHmjF)Qp8B>%5%U_+(OZ^G719BV5N>IpuQ@U&Wdt(7y1HCtVf&?|B@_C~%nEA4Dr
z+^4H&fv%aQ)(}Q6GUb18!tgnG?|G2b7q|6q(C$sae^FvuH5m4Op#=5^G(sH6bEWrb
znF{R1wf^UbZY*4`9?hkByRaHX8N5}gTFv4KdCeDM3eo|>Hi6>5L6Nk#l5c7XK2g&m
zV-k9}FyniC_A1=lINGpLeaElk{3RuP+wby^{$lFZiu=j!_H~j_3<))S1T26Hl+i%R
z`_Zw3rD1VhU=AA+V~&U{K??-{s68@u|0`IW6bAwT9lY>yo8Lf^amdsFuto~&pgj!G
z$iqUsfC~m_OTY?>O%G;<6!*vO!U~sCL!Y?+{`~v~;HC6&und&bV!LA0bdCNq<z}ii
z^UHoRjVDOkriRWM0B-wn{xzi=BUBRuBaiSHg(ZCSj6$U{k=8sfxU|WucWHdeDOmxd
zPp--nVH|NGt>keE1H%*!fV%&iKtVi63NEjY*BwMMTcs_hFqfgaLwh{iUbi`Vx||YJ
zTW>oy&BkN=^~2#I9{{9D0fK*5KbQ<mCKQZhzMJ*tN%RZdbu6}=dm=)VsZ)73SJgjF
z0vV}AQcpVmzfWWV2Tu2;dXqWSdyDRj&C%aK{CYXV>y*$u$bz1kOj`}BjXU~pc5X=n
zBNVNajkM`fpXG&!W{D;j#`jzTwze^~Ts%cqsHldXWP!Jjaf6qb+tFvnJ9hWW*-EWv
zpVL@;5>$6p_O~q-?qg^5@P3Mu#oV+huf%TEdRO&_a-U^c+&SuH#aH>%72182H|`y-
zwC|xL;!h-<IW^X!U~w2h9FOv(+UY&rYJJ>^s&8u&|2`Pif=+ak9OFPl5-we~gm+9Z
z`I%=`5eaYs{abcS-~v$^hSc~Ko8k3cGtr55y6SAs1B}dZFAd|UXD-8DcL9ftsXcRo
zR3f(`hsScWXy3UOrteI>wU&i?BMQ%s1$2{*L)ue51#XmA4*0c-H|M!LV>!awfqrDG
zbDZ+Nss7*CN2wA$zH_Y*Sa2Ih!t@6C@7y+5K5W+-TWj}v&%W&0`<gE&pY>-+-3_Eq
zJkszYPRcl;l1#_R`&f>Xb`MFmm2WE^d?YQb*Y|RhSorbWc#e!$$q$d6r%Xvtd*0vh
zc^W7s4YCn^Rv~bb(rvXY@+~b+YGiivFEAIOF>gwmjqs(!$UKR8VHO*3m^!}DH38|@
zA~X4Te`x&tn%-c31TyKP8^-`s?GDhtbv_N5di8e{qWlfo5~X0g5Z$>#MoUR4C$y=h
zUo;D;v@a-`@Uu;puPS}yn91wKv<cn*hr^^$Tf&4qFQIypsVP1j$a3?i-7(}pPEwxx
zyR3?Dr?CEvEYp@-Ed|Ezyg-Z#bpPl`@_e6<c4~P=dGjCw_jfa<N&Z_;vw+CaI~u5i
zRe>dnKJM(?$!Hl9RFbF$j@2ly*Z;O^hB5ewJ%t_X&u0GBqjCQ1w&nbqG;oz{_Li54
z$th<R5PG}add-(?s@)5u{CLJ<UfePi_jsM%Tsv9Qe@XsB?s@{YkAp=2y{S16#?{oI
z4y6f<y7x8KHSBg+nRoXD_5_?$wCTl)@w}v5^);^p4*$T}j6Y?I&J@{aO#X-o{mIYm
z3;fuzFHcZ##1?FM@rE5r$nU#dH&*{{lkl_fp?T$eg-z_f;A*L1gLgX!SUZ*b_wp8i
z`@WUs)*<XZ5G;cB{oN5`Iyr6?d$y-*O?b;x-RqLMmJbO@(b(q(xLL>=9J$Q9VBh^W
zJ`vJR4H7Ik+bfAm!WXIfQzG2EY(qY2r}=uDM=-P9_=oS0$OYRM>>RpN8)0Y*<#=Re
z*hG1e%*oy`=YWxUj4i>(izQHQZ<e<$57dJ=P{dXdU{?;39~-S1Sr=LLJBR?~a*JMJ
z<y`ph;xBxBzY7z|FBurkypVw})gYcByI5mXYR80i-*_(N+bmn!oUT8T1g)odsjK&w
z@HxFaidg<wnT>;LLNhE%NGer<^*vLS)S}Rx`>=_-R_~#1i8dKBA8b~j!xW}wdT<}u
z9*IC6oj$V<8@g*ni>MLZHUoP>&Zx7SCFf7y+Q9P9rby#1!q7{-S<=+JIiq;H^98kR
zVX~+fJz)9vWiMVrNcST^YAX3xbN@4>AU?!h6K?N~!&r^z#Lzh1rxU!2g<N#JlN-Jz
zCHQ52lRtsUnx`+IT|cC)dr&jyEep)K@||#7CwLV3gTAc_B@$GrTTcV190z(AynI1U
z`W0dW_bVAi0dK?(3t&QA{VT-34B-ZO==gVF#tpr6j5I0U-BX3Hq-!qR`tclLw@hl4
z+op{b_Vb-rxDD+UCFBC_9fOL91Csg?mq%vsNsNi`>W`#&`uw27S+|i&V_#0JF5rub
zU#M1J|E_V4=d5;dSbi&yAJ-8Wc4EQ7PK{ZBMrjm&T=}#8;m_?*3hGsvGEu%isN%X)
z%6R(?&2F;YLYkjFzMO<62jsg<!KP0VzB?cY<cdLzsQW|#seLcS5lLQ(K|a5~+R*6r
zaAaBuH_(LM>ge7%-}Uy_7YvHo*0!nXS%g%2a_oiHN-r4$5WVsFobIQzsIk+T<jd)i
zt-1WIz*{nAQMRO?cWdGQ=mzA!tl;s`t?*AKpiU&nHn`DrL+Wwo_Oe*ueE)IwC7n{X
zB3iIU%-)t4FhcmlUHei54?NI@9`C=loUgEyC9xWR%l$)wPgnZ|bUL9)^qB_57D(pz
zi^l6}*5yhQhM8idzcv~JyJ|}rNFG|kYC3|Iyt3G0%I|UKbe3%NHlkyzjY+r~B<kPn
z_St?}t|VRN814~+iIWkOTVN71WQo(rV=m)C=HM=qw{!gS<<u87C8T9DP33^4ANdq%
zOIo&m=PlGr56RyHzT}-WDSUgr3_SC=oQ~%7-f&N<(^Plcg_*f$G1zHQ0+Rgt3ng=9
zI<nX7sa|}+79*!#wTM5`Qgm7vLXoOs=mvMb!oS0D`Pc{7^x}Ofmon94N}gAa-Y??T
z@X!dG?>;&8Xe;09j)T1;0N~*d%$!#uBJ1CagA3SeJGp7|)a<<H9C@`YoDHw0Y}wZp
zbQ;q&75tj_%O{<8*?9m!01CK~+e71iyu*js(--lq6M+k=V12<YYHYh3x_*>LmnJ=X
z@T%-$UwH3Z;o!mO#-xU!9a3tG!d1la1V1Vee)RjsCP7Jm5Pe$=Lf@+yvh7e1(1Gyp
z9eI@l3}HkZ<XDv{-q25RRof5G%iUdbZ7k#Buv|^Ukd6%vbi4~TTrm~G_-Z_v2>?Lg
zK_4<;yV>EtsOj(4{{Q~rcSx)Ib3{($#;y1(!NifiOwFuMPUw@Nh~9;~^pb^%1i4jB
zxu_U6I+5D!$ZcAV0SUJU-8R{{RMOdeytRzMpLxXi^p$dGqYbh<VRs1=#t&KI0@iKr
z>s}{EO(Gr?A{kV5!$-f|Peph61dUHbL#UA@q~O&%{)Q>zVBP`@e!|n(gafDoFfSAz
z_iqpg22$Z+aS_m8tSw3VZ-|;n17=?P8zq;Q1|C;!QWo#C7}(N2|LNa+jV-8s{fz-R
zxMC6;gzp0LKA4%6h#(=YIXOA4>0c|zTlDqsDqY<NT+j5F{fmDO2E<>eNQ=&H=!w6*
z`%o(#DTd{(|5HKXlsTTK)l_IEcTf70%C9I%rOBl+rzY0Ro2gXFZFSFWoavyS(SIVm
z^dfbNU#FYzbm`D2!DtWv5A6v*&@#m%Z0jE8R}4mmcW7b-$eLXktj+173-7U(sjRAZ
zx>F-m?|xZ0#Rx~-wjKDg3jKx%6O{kd;;fl~*2;6l3Yk($uU?tgbBy*i&$_w!MulJQ
zca!C5J^Ea{T+kNXB0|s-@Y<>j&7j%Q#&l<VE+M1JkG8M8xv>!HD?8A2HEd6Jco+9b
zBY_<pj+_bo>upHrHvx*5*H5zAC#je#(j3iSzP@*!ZFDQ7%RapgYaNKI7Sq{ucQ`I2
z$)1c$y|+u7)O-r^f(vgpQrT9u=FnN?(3EC>A@}_tTH~xY6yQp?JLlDKH9xG3GsY)u
z0>R6ck%&h1g*FE0z2iTLorr1V%OnnVRw9$oL%OiYphkXnmj)2XVWAw<!SiV#v1F7M
zT1LHiH7aUL+cY##_2B-Th=!IKtzeCXi1+pz9;GLO`i4hQ2^#^!(EM{jdT!@|GFLll
zrd-@9hYTPS&UKom60g$V6+00))$|~Y*{uj9uMC`M7o<%3ywmXcR<JY_t3>z$`gJv0
zJ;a+8<l({>(5*fFSwt_a*L+v^q|uk*v>7$H!VKr%nnM4R4$3jc0VNgSUam^1t`NcP
zS1L_ZqF5kbi!MVzqi(<jBX?Ay<$ty5$E~BFhGOUUuuH?u1_dL-$Em&pGb{FA*sEU(
z@NO}^nz$9GJ62lU@h;=|5bV^Q+-{n!HY?;Q@fGG5|Nf6=(tpB($jD6+L|f*(eFwJL
z^@u!_`ZBP%+%1p85633Nlbk#}tTUM*Z#|iOlU{QqujC`F5hU=?;w<>Au9VNqW3G#r
zH8!VOUuX4O6L_POFMI038K$b6%i8z3wCTr&%G7$UDI)ueqQm~vuHIDc(o&o7;)B`y
zYVmGn2wthx)5zEO>l>6m+^=TlQx0l4BaKpv>W`P=J4%Ecg$X#lSU@~$<jq_y?{TAN
zBbAwUhx%;LLGb-WIB%`p4av({1nz$AM=or^?MIrs&e@sEAmn|5>?zg^#+Z8^Y?Y3V
zWsKz(ll}4KshIx4mZGX_p}x;;gB0LkO_pfiSrV;b`^Mfzy1T)yDLQQN$HTXtH+hCp
znWP0a#58>Hap$4y+U^P;^UW^#UZ=Gc;1qxF^sw*M3wZZ&wK%=W+_}dX&HPtH;jH#y
zWvohLyl8<Q*;|#V{aNLF%P$q_Irm6XUO)TJIJ%=zYpD&ttBZRSc6yMxea8H4L~U;a
zb8<6j|8s&6azNEZfHGc$@xU#&j*%(OzIL5Cv#E|O&XX<I^3gdY-Yg$-hW#fbUn_Z?
z=HgIidJ1kToQ4Te%#XWb(hBz@t~y*!-zsrq<KXzd8ztKhw5WE>Z~DAeaz4!~5>97N
ze`02J^U2FxS3NQIge(aVlnRkKHZ<gx9y}4x__Vx#p>7`2hYw-hww^PUTmff+-aUYB
z`qbQyjW$*~2JFnzTBG49d-P@W4ulnlo4u-a2W5yL5i=t6rCCg*Rt|j4h{-AkR_uy7
zmzf9OCdQ@EY2U59OgqSWYv{Tn^HvUB)_f1y2abE<tpjrAkwoue!F}(|BaI8b&mcj>
z63RnX^Mr*GK7trS^BEO(<XoCh^yalcJB&je|Kkt?^ct6fyj+ALM=KAoV;cJ9e$8y1
zI55>*)^gq$C`~p;E67fnAu$?;UPHxz;uV^-C}bPdT+22?Rj*8|y75iX-Oli`z_GRc
z{3XAIOqVV@w{;wjn6fnI>l2#MKMl{tk|($5+-VF|>45{PVU4Cg=}8R?%>rir(0Q9~
zeG~qThxMUdwk}OU#xaOzSz4$1^vwn3M3O6-+g|1}g$9=R^)cOaYqF8h`elJXTr6R1
zo3cd=V>19Q=gAA_e5G-)D)nHx+Bxo}Q>ByJ9l<xE$bJTJe6z5wSQ8ZRe^!o~GSlnI
zeV1j`P#VOTheqv_&2!>dAScxxe0p$r(}Cz64s&VJnF@qtc`mU-!ZY~M^Zf)8Se2H%
zjtTfF&)Mug)SL!07m{YJ`=b5s!*A&{G9fxOCn5tg>#A4s6)~ywmfwr_J(i<XrX!_)
z<rWAoXq+(Nez@VCm^#>_49FTGi=2CRzC<UEYq^DR4YPMJ!}l+HS49k}c_PHe!dLN5
z2HRM$Z81g($8Eije%P~mkPW0S(mdI~eE8DRR{%Q4gBbT7=f9Y913xI>wuhg3ap|_q
z97r=oKI}6E%#~=v^;v(bq^&S#SSeZ;A#DGa0ihKKEzOP(#=Y`CD$Q)$FtR9iKz<UK
zEaaM{9L{*ltIX38`<66|)98oQXk6=x51{MSZV|<p4@?pOs&;R?q8s@8$zt_?A@RMN
z-z65=BIC;lZ8Odf9-Od|X9Z1nND&`x`MzHGyhz2+iWt7zz_|4fPq|i;&Zyys@2&O7
z{eurAK7}&%P;VS!#A>ygybQX9@$&Lj3G4+Q7a=yl*(H2h`0V~j!!h{vB!YTbrW^9a
zhG#V^+M{>QGv*t!xxFj5STc;og%@LH;+SZbIXfv*$@koBGbU5pXuf}=ULfiJfD1M~
zfaa4?`~?H@0PfE*90-*#3n#wn2b<J*E=uqCR!+C1$eckW_XuI@(LHmOf%uJ?zMbm;
zBZI>iP!q%vQ@OyY(kBPS$w4~j`iHv|yz9^R3-sP~7@K{_Ja!RwFP|xYme!jnn61LT
z;x%pJPaD%BG?*sN(GLe$cXMo)1mt-|xc2f*DUsU5%P=Oat1W$2aP#k2Uykg_pk%%;
z9?MvfBF<eI$HRDY*D4Pp6XZ7|9+6cSr6zqxGs*xJQRRg;N6AE!<iw8HF)^4Ssox+5
z7@RoJ@fB!&$MS_&AI&@;!91eoO$CS7G6Z;})w_;QdgLg?J6=2BGreT5MJf{hVs?r2
z%Xy0EI}Iibc1f=N&j?{d0){``pCDV}LCQyR9kNd_(OZKSLdR~-3aS1?{s<ZJZG`4^
ztN1Ey`XXm4CAu_z-0Lm1w6wI{2u+&~ob{b}z{w<=naJ=A1%gRdo32}>o9AsJ8)%jU
z!-)im9kMsV8m8c8;oVk*vMEx$#Y7#|#3`!VGcwMWuOEE<RL0^0!-CFzLJ&HH^zuo~
zdC+hmNVhp*;&vq{yXsjZc6E`b8M9xG9KXt%`4x-)R*1p>F1=Hd{#>L3mOqmmuqlv{
zYUWBp-H7?^Ni1;%wYmK$kOWMor5FOqpPFL+Ku4kEsV4E1&OHU>{&tIwffT#wtV5MA
z5mlhy9{CM@roFeGEFtropmN$M4y@_?QT0S~|E|XyQ!@${<X~*royfl-OST=959i`f
zWv-eKpW8QJx6%iLuc~|JZdH~kt)K1|v;O%tux{#{CGKoGjqCn$3V}>rKt5OnlsioQ
zKF~lHA9Wh3_OnW&2K9TdWj2eH($=__dsEx$QEyUe3tbnYxLc7|!+^=wPF?4U(#BJK
zG(rgPqMY!E`_SVP!m4;gB$vPX=JJckH3C9n7UN)|jF+T-*;&TPN|v05{a=>JrRfTU
z40xijcL^a)TGeRO?ix8*<WVo8UmyrOKho5q<lGgGVnYN&>}K=#GlN>JX-5y@s7CnQ
zwAd%h7bVY{++Xg<j|vGazJ4b{`qx1I7h)5#LOa&{<u`}xJ4#naK3>6kD`UBjhKf)O
zn%R=GWca;N(^9&?hWHSd+Oi!%bssS)7{Z*ELs_8HZ`n22<_KhF8tiN0Q|XNuL$899
zqxqd9T<?AGFns!3#bs;kdC1>!DQ>3#i@EUQPu%U^nVo_wknEx;k{taKAQJnkd-#IM
zx%Vbb{g4w*OIg73di}T8FC7l8*||dh1Ky$H*LQr=Ii^PYUX|{lSab!HH8vemz9`fJ
zyjUO$4!fDmeH@iezm`haE;~O0GyAKL)S`Ic*(F6i-)wP0DMN4hR+GvUTHQ{}U`b3Z
zn1<LN*8aC}4roW>*a-FkevJou@)8mazq=M#o}yqQfwN3gj{b{0S72-h!SSyOcc}qm
zp!AG#sQGA+8P)Y*dOySKqW-9fB)lrWHK>Z902I&^wqv(izUo35izrt<tE|2{v5~Q~
zCwtmJ_rYI)J(OhAE0#%0Y>w<#(4>m7ebfY-1h9M}+8VA(1NiS?h#gSMlV8Jfbmn6_
zz9aQOgQT2!hF>f@4LbQN9t+6YAlBM;`wE|O<*Z}4I)QTkrTYd~pG`nu>-Er-HV$Y?
zmM}UffxF-inYw|Y$5T|_3)*6j*FA|~EnHU?RVR|O3A<&LK<1!@KAD{c7!`$Q3p}Zz
z$8&$GF#Z%w>8!<^rLRFu5US#QQL`!|lTaS^X$U-6(Ia2DmxQfn`WX?I0AEit)dh#}
zGK5eAvCM8N&(eKIST}aJRW?AsyzoLFe`@%b|A`>Kz^eDDD4zQzdYq;*DlQ}wu^5Go
zyKgY~YKJb__cb&wYTd?L>zmeWCS}#UqHO)=wIQ~V!h8>d4UF-r={|%2%+M;8UHD}A
zw_5~|0B`J=Y<WLrj%J}>GNIbf=i#jtgGQR~bsK=LGJ%U1f9AuD|2(3C=vzQEP|swM
zS;$Wn4Pd<?N+KMw$=6iUQFz)a9*j)r)VnGP3=+xkZ0VF$u-c1DcjHRPBvg{9%1VV2
zyEDKtMzwMf;?kzIMZxZPfu@L{&1v^G{&_aL?jy?!8rFh%nA4)Cj-IC>nx|N{ZRV6+
z@cohg{qBXG_>@gF3-Y`}u={pzo(dA1j7EY_CYX6=kA(WiH+*_1`9nk^*|jgpmLZY`
zZSvE{43H41#i;TB!`oYi#kDkTqcelMhv04@xcd+sg1aX`aJS&@o&dpvyL*t}5Zv7*
zxCD1OEBo2+^M2pobDit_oS8Mfs;lp+?yj!8`mHL_h}z;ik`J!uMC0B4#!d-CG1a>&
z7M3xE*Yy|UTl|k-+d%~8ifzZjqkhGZIL85dRr1B5NqPJMW*n$qdsYz<-UT+q9HBY0
z1qi~i*3<e=BD@D7*~J+xA}US_eT?Q)5>W?>KNXz4s~lKmGd-{@8`bUWHDE#1r0|Pl
zt1P0%afFL=Qx+G~8(>G}rBF+vE3!w?c{LG7VOpx#MKoMI0g+a)jKI9#W7BZIDp2!t
zuyjXxCkWlhEm*h2ZI>*?63tKpW!IA+&Oua57v)fRYMPK1i-xwwW3q?IYM>zoeJ>*%
z8^6NY((8Xr;O^1?-<ko~2&0D=jGp<f)rtd|IoLX-*P1HquC*(&F7y7NuIf;<TAeRC
z69Xw@w#Qs~X4^|oN!R=<qQSiJUqmWON*t-+FuCsp-|G&A2ox#r_Kaw1549NOs?2^~
z^AkNxevyV@A1@62z6OU66?71+nUi%<<uHhR*(3ejcc<?vBBXUseaPQ^Aq_pF#&K0S
zh!(l9_CJ)<&G;Nh`lUD1+3t?&i55Lv+HRa8dF+yU1!p$dq}jn)&V?TcNYc>MdIwK@
zf5YGq49bD^IJTV|NLNrIQ!-V;tExY0^R3ObcKEOlGe^-b0~Y_OoY!jQDiH(v%5rWV
z#z?l-v-F%gXuY<nBuH^fSyZ4;4~vC{Wt5vI`^T<$6xoioP!fflulUTOP&75IZ^WuE
ziOz6}SY!=bp~R_^$AiCdOG33~L)CHSxhM;G@-nmFd9I+FU@oct+lt&J3eRBE9cpc{
zjh9O$U!3E3vVN|5@y8?TJghrg<bnf94zePG|9c#6NwVTH%GgsC7mV)ny^Qd9yFcQ$
zPX`9x<_qT83f77<imO(D*on>ZN3>#HHjHq24;)n)9bqwfc7?b_f-eyUD6J%^Q?%wB
z6si+T^Yzlfs_?{b4XNScF8c^I-plI*;&8C4Ba_#3pMGz977OHt6nQ}tG`dq?pQhUQ
zHLpPt$?emU8fsJL-FhP_2_KR9gVSIzhCfRv<%6&REcWHV>(R7Qq`&E$1#X6o7Io;}
zh^0W8ro_$$osZ{gql?qC^@L@ygA@80{ZMtQi+UbeR{D2$dSQd{)q9Cd>YdIhZy|+9
z-Ae)I3lTZ=XHYn$;Rz0?EE|J3D6w5s_%S{4@W6|}RHdFoRQ6}fLYtqwYR`7)M(z!^
z^TKNbmj?K;w%T{;Q&f27a06^UEw8RhwQZ^=vrHXsG%x)lW?20+XyW*2_nIbN-3iIr
zx8QBQ-J57ZHg4%}Hm1Tf#(2Y22b0}}LLtIo1u1n1jor7nGHs!db|ey+bTLdN?T+DS
z?fBV=Y`*p=O%xx*)r!5SaMmJ>qwVwH)cC+OMV3%Cm8-yG6pTE1-jb$?-D#Ei=2sM-
z;Co|Z&oV8Ci%9{b7KQ1tS1b|cr;JfctiK6?(#=F_@!yTBWyQsUUh~=wgz;~n?W-ZV
zmoR@;5gRA7$mdqjX-x&iifdk((&HDV$y1vCQRaD5#5)Z~H2NC{Ds`gr^5=aLNmYe@
z^Oq6%=icc=q{-#7K187#Y!)tI<c!&F)KK#`GaS%}oE|tlD4Wz6h@m&HgA%cL)x@zf
zF;k5_rQRoGN?^m5HsyWuEUqZsu-_+j976ds$)Bqxi9|E#EyrIRb_NI5XQw-oCtDr;
z*DSdwiMrG*<Tv^q`o&3kCJ>?=ayNG**Kj7*HQ`{n9B~DECd7Y<c&M0Zk-g*N=g{LP
za2ddD7VC!#M!>s*j*F0;6PJQwVk-}MImJzj8-t_g$zny`0Z32&A75Pbp4l%UK(zR<
zJ#w+-TKG_;r%AZhBRxgis$`ip(sq=XUgmAfdz2KUhT~tf0~TEt+>90zWfO4Z63UxF
z$XUs`W_}4qK(6TL04LJHH4w@9$IBO4IsM#)VRg^@o^q$z9qZB{(0y%s4u?DdGzZcD
z0h%(H`fg6s?^!blw0LvKlvt73;I3llw9`@=sT7m7+wJs3UIGB~-{%K0Tu<ghI_RUi
zPO&w`hlr8$4SEAiS;J|L$j|ZX+T*tRFW%cP@!XBdV?zx&^vPD>+dnq?R1^FW(2I?I
zL1Hc(YqzO+{cya%Md$~*HwG&5B9SNC)f0n;Dg4}Oz?5>pDU%JX62Qm$3Y_DNOM(*r
z-v0jo>dWzrpBE3&Ie#O`4nj3)(Zyjpx+}>M1$hl{UwRs*C!4DlXL`wkaeECvsF#t4
zp^2yj!DkzV(;|O~z)oCe!DjG(ok*)Ljl1-E>4T-$IKH9RX{YB-%ap;cf?46G5!2KQ
znb*xLDGysmg6WEX(p&xs6pN!_Wrh6>bh2TAQ*C;fzdh%{B9)LMc9luO(r^Ba7rz(x
zGgWwbyem}q0b&<}S&|`B`*$lPes#(NHkQCik%Gze_Qb_-wehd-e0VHDE?#L`xdj6O
z8_wUYjMfUdxNx>+SWek?Ff7H_i4-tlKQ>T7a2@^znQ1AZ9ED%Z#kaS5XeLoJJk;(S
zlan*gj82x{xpgzi=os7*Fr|9R_tPeaS|M|Mi7i+VsX)qk;k9^UI7+bg%IJHls1k}|
z87R}&a_$2cR-&_T2@ni7<)VaQ{f&GZQ9?MK4#F(eF{P{gUs5V@CRj$qhN6ByoiFfh
z%|!GunBguFsaUGu8<J2pw^h;Nx4r0A<U8W^V2IO<lpFr;o9l4YabZ>6%X(!{)cp%J
zp|$L9^Bn)%{AD|`5&@Qru)|Dmo_9f-A6eDco1srg6Hk_soM;;5sqg%33wyKk3rblb
zb?d)ok2PMB7@!y2<5wZlHrZe4%!sEcmlY{s_oB~wyzhOC4RK*blY7HJ5`V+J5#fkR
zqBt4?E6myjoYifgR1qg94{68RzO|{qkq6IweFp&}c{9TnVdCofeI+)ooiTy~^1pJ@
z)U*mbC@~c$>dSgmeV*}=1IULV;(nAd0QI1knjhk9UYAqi^Wi5%$hf?G1jZ^sLa|xj
zhS0kFb<u{^<UT6<ik^*^-2J=OZ6hbE2B8XH_dO$T^_g2ZVbu)jwbo`AbL|)N-tl;f
zH%vN=A&Vqn9agW8Yv#RfrWYT2@fE}rG0aL!4irC?4Pu3j-(_Ejtu%Q&J%tOY@x@8!
zwYV>bN6uV|zH8?v5%{um<}dbm5>Y9YRvN-;IL68OWL)miMUY!n<fxu}3~648<D=MX
z4^1)O4vLvCm?+s9y=rdhdERn15s@s>!A8_p%+Y6{it2;}#k@MUoc%H+akf+~y5e*5
z+mF3^qZ4^rE}wL3f*0rdaxJsZEZlzyQs=s6uHK8EEM-d+JZ(>z8}<6n?qQUMA|qAQ
z>|-~=%=Zx4eI(7O%1-;ty;8z^>ij>o@!wngTja`U4|?X0Cg#t7a>kqOpLI<C)vGw!
z|5#3V1gO6C-8yZ4cscE9()pyMGacJwo@(I3@+5Xnrqica88Swayov~N^=Ccl*PSGd
zJ4C}&3Ax`$%mShv@(uEc5#nMpFIrB634Ll)^?Y_56i*ZG{begu$*=tk+>3IFed)I|
zLR9SH#Rg=IEe<FWW8E27!cWLIuZr7O;0e(CQyLwK2syv<sZ5vr5XepWi291$IEJN%
z@3jmh(rWoU5nq^Uhsrr1lk?@cy?D`rRH)q=1+z%dLJd8;c`%HPC6+T4i>KRsM8sL?
z*ur{L{#-NH(=>6{R{EH$&osKPfVqeo$$RGB@OAd_5nuy=Lty!P*c2azINpjTo|tiQ
zLtY+fLy;4>Urn9(ps}LXFpE=InjXa*v(?B-m)xVoEkpI@3Zx$6>vr=?d~Jqz;1b0X
zF;oW+F;my^hzSwXY&l~o3?rt#Zht59VVC1~wYAjJ$giTyU>IZZ(PpI~bBleNoET3z
zxjFioB&O}BmdnVqs72YjQI`U%;v}alyXQMI4BG9K5dI_BEkXHjwVc88HK=U<9OTkz
zskH+GP2E=fvSU_Y-c+XTM)YsrOce=ZpA-3TxVvA!h2B~p7*0;<p{TkUKjyPN9o(h2
zd{Ai@2(&AyoKx=IJ>2(20XEO6bEPEPb#O&gKcn^dwu(18d8zsq{C`Zmky=L1<$I|T
ztuIvmWi#xHBCJ>7OG-uT>Uk0}e{l43xsg=YESifjjX&mT`tnQlxUnHU5F_#auTfG$
z)Fhp0yZKKI%Hw-BShlJ^d&45iVMUAc^w32t;~(`}hPGj&^@h|trJKj@T3eFrw%E-M
z>lWAQXCzgs`&-lU=PdCaB9C7jNKS_GOVP)CkJ$2Ou%&4T3|rlMWC}zfa@d%lHroYr
zLDQ|*Dm$<ZGR^tEIq+9V3fn1&Wk!BT50-u{ivz23qMkZuo>NOC1nD`S4Mb|1VgCk7
z`8do1r5SP~yr1e=uST!o+)C|M`94tK%0n8mPWZ%A^E$f;OXO)Ux^!M3Ohgg_c3gUt
zV`x!ljM{k=LzoeWo@O-PGFMsCC$6M3*7y3rQhNeF4O+-esrYq?HuJLoItek39I=+*
zzorxd8qpn~gvr8F1TFzByeQU8H(PJmoWai7wmtFr<<fvS&0p*oEu6lUIe4)+kEmjT
zsKm!ICD_AASiciC6kV9kKl@>f&E&@?tpR_r<sH?I_H`^F%o)u!0!=hYE`bKki}$(1
zXnp9-R9oCZ7Xj;-ono%<`x-`Z$%D|zh1(z|A#9bPPNpTyP~uP*j@R{tgOUh!%S$5P
zV6Hm&q#rZ$$&_Tvo)#cMnPnQ~tf?0mWNLpn4~TvJF)F)5^(F0AO9p@F9@;|nyd}3N
z3U2$Z4GG^l7cWi=KD+}WM0@|8`zA2S%~E>dO1V^*WCn(K&5YB9f>h;4ku;n5c67wR
zZKOb%*T5NPzcItn(3Lwl`q{+VZz1U*lJ#zWZ|Jj!`P)*NcR+1N<|Z1^Wp;Mg+vE*Q
z4aeue?;kB$ZfbGnj#^TQe)iO!y*H-&p2IjY8T7tBNVkl4c*{(EU3vim8(($c0TdAH
zO4jsylaylUHpT8$*>)<Z;^-L;cUH9|9xQ^9yS%HgvGCzGMG1m?g9bqSRP;(=tL#E4
zZAS-Pn;>K3Q&z9TtE?X`JmeM6xoiuv%x+UdJNHMKY8H!W-r2YiqyS9!|Dv1_QkR$N
zN^~e1OWupRsI^%BJU@U!f5H7a@rZ{Zsm&5%pXs=T3Cgtpt-%QoX2&?#bAZ_6jpT^w
z?K(=q8xL+zZg)bav+}bTWSpV8<9t5nV?d=1i&OKmvTqsi83<DezZ;0E=06}|!lxPf
z4YTgxk@HIER~!X{ctZDm^UqN*;oH85=<FpR5jwR0;H(2JeB|6E6E0e{sGFds!Z`^H
z{I?$#C>v~PCE9mC@gqP;0j!aj;D~=t*5l0)F-wGp)i|MkvZ&xL9V9YA0%6O&;w>%8
zYDSsuDID^>gh~+8d`IFj(&~ql2Od}7(%$5Bq~Ca1G>i5IR5=Dha}VyKVQ+rj(48!F
z7wYD830QE<3lM=1)bGN*i|gN$DFqledV14?+5dW_AD~)BDYThRXUb~Ak&pKju!xGs
zD?8d>&J3pdyo2$`1)@wtKL%RfC`nF-OWqi|;hq?yj5B=$Y3H&v<w)6K_^esJ;d5CN
zx)J0~{K{n?7Ra1XDT4<~0dSoDv%rwygx&j=*91v;ckr4X+HZI^@^Z#)0AB-(IP*^W
zS0MvbDWtps<baSV@KhoG0xHbegk^j!3JDtWU6Fwq2yLg+>9vBDN+)fx_vpyAOr|k?
zg<A6)>n+TP7NGtRtgNL3tNiK;z4GA=3uMf$JIt4hnb__4F@|^S=O}R`lC7WMT<#&4
zKOD~x<Nm6?&phDA7h^Ib-0R?)zvmFOF#q)lQ6K`tZZc1hI@L#5X^Xr4)eeg)8mOK=
z4B9DvR$I39Y$MTJ;i4Dp-dmBR;Lz)Fks_d0;EyluzT0$AnMXn^;`T>v$9w-ljn(6I
z7X$c!5pBrtS)P>E9ozm_oM_H&72sU}E@J#VIML*Of`lAV*G<<aSiJS$Zdm7wl9~J=
zCN~%&N4LYPq@cOej2zwF7i0anr~;EJ07N~yQz#`XVpMqpnto+1U<_`Z+>}mJTdmc%
zN&4%+dT!+ZP&fT`{=@Dwo&)vd?xt+~;9q3)*b`c&bx$6~y?;O%j|}o!$)UIr5@xgk
zck$eQP&Gdx6A&_vH8)%K{a{@;$_O>L&#e~qAH5w4`+TwU=*`3504II3XKNIv^JnM8
zTAus^p*==GJJ2w5-M$A7yEkbxf#eu7mcgJKck5GngSaqrj2K?wtE?4`mv!yQ%lkuw
z71*o!exWY)wR|YJrrW#?kH5$jLtbWX(&&#TTz@lBRi8<$sSfFdv*~8Y5)*_PvCI0u
z8-pAQXgZO~ZmwnT5@$e-!~KV!I?j}L%EI7H!L%dq?+&!yamqr!2BiE>g%z&lYkZ?`
zMBY8ec986AFkWM#U{<P=SR1zQjeE{FG#96`Si6T_9t6=qrGo|R41TbFPdn8iCfO=_
zr2g)aW)1Fw9V-hrY_j8`AY2}CggdgBe+X#Wtw`o*j5U9V;B%^|h6PP{7;SXDA9ZQ?
z<=OC&)AThRTJ=^V!k@ugM9ix`RgdTSoK)fHU)(gnP+hXd&=!9_N#}F=`DE<hZ9pYT
zHTqfHMj>Yco+NFG_{YD>5C)WCBQCeJRbBX*hO7dB>aJ~vjlR1jh41sM`CCG!U(N!8
zw@Y1kYj$F8kIV^A7|);nDCp!OcCp6zhS$8qpk&6!Pf%7;vll@8(izN(j4h#rfQ?1t
z0EUSO$by#$)Kpdq3?MvR7lp;U+>}A3mqp(kh+pe0_9+}@<g&nK*DAh#5kP(KQCjj{
zOl04u6r2D9rgxYIQ51+n;t1-QaLzF`hE_L0zZ>-mhBT+!cTvpziN2rPeC0Z{ao7+S
zrUuPm=y0LvJvHFjDmLQ>N~T{W<$AQ^l%w29l5%Mr+_jjv?1uoCoR+wqgm#>;<x~-2
zf3g-M(G$dg@e@ba{+&hzmd40kJLcP$vbUXGN*AR4F%{7OHgCD2CN0_;LZf)OIW2Dc
zc7gZgGKJhO=!K!g8zuTu$X6uF!`-U!llS1-ZI;BL=>gFf&CtYt7OosA`Yqw14Vho7
zq3Hn{nA{sSt4A3oC|LywdhuPadNfY&=hbq}Xy~D;Lj7aM%BQ&W++FwCU}CB}<~0{G
z$Dz<;`J44|htJ!La6D4hT9$cq<35kM?i7DCh=xU$6YaVitv{~iKO&W*Y-tcK+Bvdl
z+|A`gr2140mbWQagg&*zgyi!qcpvJK)PJ5kunoHxN^6<=qZ*Cj)w>dha`!pj4swNF
z$M~Coz|cmwc7KNKcj0CTrviqtoZ@PZWSV_5BUzIV*K4uN-y`w|;XM1<afKu^XA<%{
z`}-&8+h*&v)-Dqy#v5Zp*9C?Z4Ni2ApYm5&51z;Dm0Wn1Q{vaJtH+XWY-70^Gq<tF
zE-SOICh1dHh0I6l^objrI4V&=355R+uo^^Zs?E~HO2W64nXQ&nsr>p?!j}hK!t8t1
znQv7YCAL&fXhPg~SH%W|Z+Jh{tNgfB`@~Mf*=6hes7IVO${O-{_p<-fWHCWJdv3f$
z`5}|AYHxSZh=)?GzvVpS$tu~wD&o^a>XJh|0(2kC4_gWi(@2&cRG%oMH!ft+$uPxM
z|Csr>KahI!eMg!H{+XYL?i@5-omzGA6}!0}?q?t4aTWxG2&IAk{i6^_=1XXa!G5w;
zg}tyhR?C-_hQ*B$5@e{*gI(FzMS2Em725Zn+XQML5V#1n2>k9n4GQ#^{4c@#=WNsq
zIH@B^*Ky0CH|Lbo+DrSpyofO4Sr(Oofyf|oP$IB$4P&?hnKUqIe0x1i;b`0HZaOWz
zWNm8qt6;`z6}VPax6FkA)bZjEO5nBh!&E&7BLeA(pAn(qx$uZ=Sbjj3pXL7_A9kXS
z4kzv4K_E;&*;qpI9<@;rCwu$YBL}`hY;<(S$wlaB`_JNJi~WNGc3<LplsN)GGSL0V
zYDOzJR)_<TO>IERFNUtH#|ZDh;9zm^t{0E1Kr)SRE)4Gmt^Nch2Ui)l2M(@Y4GVBA
zd!qT2%)yh_A8eG%0#?OOH#-9_+QwS<mkMT}Js<nlcE?S>4m&=vU$i3e4}<)Z0<fS@
z4@+GiG77fY&MF_ti{Di(P;a~3TamS4E8pfmpA>~T;e!4O1V>`(*CFSRNM1;6ixOC$
z4FA#sim+R`k2X*K5Z-{3As%RRCN(v{Wfl10mjeo*Y7qF6tOFI(jo~$zQ|UT%WAHY#
z;WiZBx!sS-9d6t@Cn*-+<r}uVgH?HYku2~y2uLJig@H9d76<V?o$0yJG<K9B0Z*on
z%^Vm8(NiS^c{pPLk6}VPLkP%EzbZoL&q`_?9$Qm&vNI0K%F=K0blPM?7G?J}=y7F*
z)$h(M+qO^?7pUVIY`<Qc)C+u8)n1tXg$>8U|4Vc9_O5q!w{?lv(W}`dI&O17LtvG=
zlKrQS_ww@m^t|&JGreD3qWGtP8D&nYx}VufrA&WC1mkihgCQ(;Kt&`hmCJ6U**8XO
z>LTVu>QM=<<?mSIi)2Ogt`)dP)Kw}9#Vb6FJcAsa$Qf!?PA)9Dys$|0Ll?f?6M@y1
z@t{-T-v}7_`u}$5|7cZGV()R++fmOn)G`o8+?j2G;LCyog;3ta-G_}hicIy`C~uD3
zU=#mSA607}_7H&w5{ih~sJ3qJ>F#tD_u=x)-)8CWaeXE$gS%+bX;oDD-;pfqaoGSl
zLfPPiWavcGJt3vqgbOYZmHeykxWD>7mjY=Y&vaoKiq@*=QEf<_AK!oMLshaX#U#!;
zg(r|Gv^alFfsVz+`=G0NXR7>pY?()~elbATLi4?C+Z?#(p+R$~4B2dYMoD`E>>MT_
zOJ)`k4FWhx0A`5(V&)l<yga5WFsLdf1#EmBs!iU^TypEG5FAA~O2PI439a6fpjVr&
zW-$7#1C04Od8aA1(C0NzeJ#*gMcu-D|A_^Y#@G@-YXSr||3_dsQ123c!PNdMZB}+x
z=H7Eea)pdeHas2zGh?_3iCyI;ifHP!5&gvb$E}3^jJ}B_t6(bu368!_6h!j20_5!8
zJ9JFB_it0fB>t)az*FE~Jc&U1btH6BB0?BkeZbT)s+U=>tKz@?nih|vZIn;vh%ukC
z^iDE!iUkoe>-BP4VP=L@=K6tT-;;aTq}3_}R-*$PqyND$pi?2$NYbEprD21-IOizj
zZBDt*r*nG_(lQ#6#Aic!>0EOKvjs#;y||=#imK9}GfQ+a<1W;!T0n3AMK}wjpMO)>
zS)-7hnvLQ`01D&E&!VYvN$zX2_h+njzgL-Z@D#=&%@+qs)AfZ{Z=A}$l~7D9Rt6|d
z3$%im^`RRuzX5zOrz_ks)+9KQV%ErDxTDqKT#&~v8AqgEfG@eMw>7TQZU!gO0hDpf
z=;w-)u_aMD<8TKV1|7UI$4{NyNArG$J-A})vJa^pTE_ZEI?;dh#R8#sNRG^DP2kAW
z!WgAic^AR50X-;(4$72lu8*_yKvpMA&PZ$TaL@eD3*zerxM9K!FE$SE2Kd|jtR2oQ
zooKrHX%6;s>-)H(_I*}Nvyc1U*#9FpwCg`|{|*ALG?xFw8k|L1S)`<0iC!M{G2k%T
z6pzWt$&n8&{wSxc{AJ`!{61tN9dV*NA$i)XCaH!VU1Y&XcLZj8%aK@n!n2`%-=t0)
zA<jW8!nM4*qG+qecvRr9up;);+`#HJP@Wr?EQw_?;px>+IoVvR+V)<Zk9wFs2>&=R
zT<L$Tozkzz+K3<NI==K>W6)%0WRry+yNmdO;S-;@jxDI1dXDs@2&Sit51glHhkBHd
zRD$zuuajzv_*Zyl@=$d~jjdU{Sw&nF$=^}=Uk}o=g2?B}rFxqcw@D}Cq0KnI`prSS
zE@h5toHll%(VH82t{8!s3qv)h@Mq?a)RSMZEttwnWHZ;!KrO3bWtW7;J^`llpkiB;
z!B4lLKDUy}6-JY{_fczR0Ij+Y^*;vg_K&^DfS!#0#Av5Q<bZ$$Xg33rgprPJH6dxi
zE7|wJ$|OkTOHZc~WKkMVw4@ZVmj({sfpwiW09n7;6sz%#f=khSXQh!5u>o>6&ltX~
z;`xg_+V+>#A(H#uow~2{NCA04%jf|gWS4_8J?H<#cEEM2)ZAQ6jUQHxWL;eFn(wGH
zZsz6bh}@Hd08XJKItTQ0Ko-<n;U#pWrXG^_+bcGHev)Scp$YIAejq~mVNhpbHCh(l
zu>-wWO*udQu`iheP?-({=1ffn2PncS&EXJy#b|FImBvkz6MzGh3Ol~{5gt)E+6F{3
z`4I=OpkZ>qD1ZR@_Z#5nT10Yy^a%VD&`A}LZ4J-{Z~x&*0@TR=Pk#7_+bXmK@O5tg
zeQhr;bo=K(Nf6U>sxO1sxy7@T=#jKnniqLk710n5PE2S?@x6488&?y>%kI;DbRGyq
zj0wFB1;oNr1(g?(%4%`v;)PE+dX(&r9QB(z-^{=LVfeNIIfDf~qBms8c7A#Rt?*NV
zuc;c>%>AZgQNz_izBJ#p&YxHJUW^&8$Z0O}OsI9>ho(puFyKs#qk)!j4MF-}s*VUU
za1fMzRDVvma|r0^uvQn8@JN_&RUQX7ABE)0RZ+EU)I{mt)LG4KC~;jVGy63^2<zHg
z+&_<6SW3cI<u}BzfYRT?#sR$1&cbAf`ITpd@G_{mZ0;*JjQQERLib1a6%2<&wIvjn
z1+?7EmV={^ZuSDJlH#$>)iw>FuvT*csT}nm$MU>O<jk5|n7v?ZC@@d>0|NfWgnlvM
zfF1uZ^x%1+YM?r^po~ub>yx1BlU8EGZuAz$jI#~ml7qojfH8<EtahIe93*m-v81>x
zfeUbJ2fnPa^puqwq3layA;D@Zi8JBj=|Q#iY-EW}XH{D3rSa%RiHIl+7G-l~bXBZo
zisb7X!Z|IBOK3zFwOFF7i;B-gw{kJO?M>TjSv_4fXRm6w(#N`8&3pwe1a^-&`3y}*
zAAu-0m>M|!ic_t@ggz`SS`$2&+2~heoUn^0e7aC`m@*mj=GMGIm&e0b{LHW(o%vl@
zXoPV=d3|+O$hGa~kFl7k3;DX799#BTOWPseZStRIvOYdbK+YFq->4=oS$NTKC$G(y
z5!K_~_-wa_sI^CRRZrYcM;xkCs#9dQ$i(cnLD!34pV*EM=B*`q;W%%;+u3D)=QOM@
zkJuB4y=BnZK#;e#rt|g`7kxNDH-^J3pYUt~xH2!IZcA!sm%$uZq-dsS5Q4L|iM8)u
z&?YUqsFz>wUSHHM6h{;YqjsU~a{8((FFS+%Ers0MijD5IK9^*9c(#{JedNd4B+=$f
zCQ4RgRk@kr&$h<25ib5gl#F?pNK$8ITJnR1(?I$0C}7qtlfcR+H4P>EPR6B($(Kpl
z(C3+PZ*ZsYc_HGuIa1^f6N-kV6|dbpPE`9hRSHua#N+{-{PojlBWCI3_&m&6CwzZV
z2yxQbJfZ-B>wICO<tcDoe=xO~z(PJ7!FAN&Y`=DBlW5b8s;p2=*^0T)p<X>f>5InD
z?Iw$)Zay>cil2FVqRs!JUZxx*LOb566C!CAb$=ULf7(qTiITOIdl`_L)resQ{(b*P
z$98ihcLUuRrfI+GCu45>p6O)PNj{%+7HtojqN(7s{#wu4xtxkpG*#9|l0V6qXeWIn
ziG4N#9a&AijzwsHRS@!S7}iYbw%U(tP91x8#d_?|4z2pFL=7~Q&#AjA7Aj&pTK4hu
zMc@!c0*D=whk<l1|6)iEzz~0_br?P37sUiqCsod{JoG#As}YSwz50a&M`Dg$_j>wx
z&D7bq+4*i0m=lFV=s56ys8fA5H$PHmA><4VlejYJz7mRfIOwy+gpm91Ov$@AylFGV
zpE&Es6E&G@ke~86a;g?k$!x$SaQImEX{E{rS-da`bRJT#?M;JltZB$z-mqZ!WnO@(
zo5aP1$`qAR-qK589yyUUDrW!O;R*03XME+b$uA{d^)d1?;Y|XOlAElE)amyr2m}fV
z^>bJgZ;~$#f(u6!uc$c$Q#{z=1@Fb)4%torVKE@?Wqn(;;aPmt)za9mc<CPIVlwf;
z7FB5><61D#hfD{nN~U+2)om;r6`>E76m4_c(idzs*j^?OeZ?(Y+*&`;a+Tk)GL+*@
z(Yq6ZWmQ)yADg2)oC=3%2V|DO0_Ot(h~%QciLTyPc{HV;D-Lyde5FjuMG=+AiRH?c
zQuZgYS4(2miJ3JnvRp<fo6zxZ^7i05eFi&F@gMNfUTU&uTO>2SgUhf&MyLT?d4drM
z5)_jaTt|ASWVLy`g;h&azI2IN)>&V|$8&<%4B123k{P(N?7v<N<h9Q4$eJ8>W>|eE
zy(4>rP^F^$oTEJ;^SV#1o6``F9tmDHR9^Pv9z(r~<e`pIkZ_m~wq~PfB43{YRtd%@
zWLvnkuS8EQh+x!W*7&)Ib4xSrbt_KoW{Pa?uA35u%N?@F7X0c&H2ml8*XpoD(S+WE
z3>_ciBbvYxKC1q;1h!qRf)Z$OD7v|rHr&NpXqah42SL%7^8}f?wICc?$$!lX2{?}X
z{q-$u+!wefX}L-T!4yI}9cxlu+#y~=l!bB;3<5Be@u*iF5K0UTUwO7N-Pq48K(kyX
zGJ>PkWp$Y2aBzEPFs}tSa*DJ_>jZywk(rVD*|-Zx`es;1vm$}n8n%~iXHtkvI@xL?
zL6k%x+F?Kb{z8m3^I9tY(JlxbV$1o13o%a_h4@e$VU}X^=Z0~XAHiq}>t+J@tRnz<
z-8gaSi&VD@%y(O$w)pwX4w)wPsZ8&R{g_IJpk8r)x;umZJfV1+;+xO17foRG7yITc
z$6Md@S2X|7*8mUzDGCY$lAshOsr>4)Rxt-K=f}0_R6Q<@sh3OkkuVDno-9*DWO8j#
zhDxfvAj7Hv(G2V{kG_7@<U!%PW`-PgcoKnSvxzci=iaS2v^bXwTeVS?EIeerrd0E}
zmBnI)X>Vt2@5OpGaA7ZoUElm(RS1T$<1NMHb*J*2?`yql@5-@@YZEJb0V&aQm?8Ly
z7Ln`d9lMj+MqV_yZNgCo6DjOgui$DlfdMzAZo08UE7iohsr~-k&J}3T=hTVIPygvL
z>yZO&-1VpYZ<9Ovq8?U1;Jj3tR8z;$IL-_+qViBIJz75sH2`?WgaxR4z^Q!`O{sB}
zVFXR2nS9LvoDxMtZ%Tb;PEYFP&1us8Z7(il4<|2=-kDDtq%DLGC8}|Qpv1&>Ke4@8
z%)&%bV#U@j*RQl^*{bc)cda*Zb7|JK(2C4|)Rl+#*_K?1#xP!<GDIy4%pLY+;zQ%L
z7><S~>qE+exxiw6W5?86Y!u=&nv<J<ClA?4+7u<Jq?U_3PR<5(HRr5oXoqELb<^QF
z!E|>xMSl?*mDBm(-gqXsEI4aAD!nA&NN#E~F#(iBz#C5g#~WfnX|eQAei^7BW<f0k
z$0X!Egv}2nVt7AK^gg|9XjN;QAWn*_#E_N5XZ9<ZM9TWETM_Q`LKWd3bIo$6utb2$
z6F}5I7`Z$&tCAX|%G>OI#M-M>sTJuSLPOVD_0fKA&Ti%R7Rk-pQuO=h`okv253_lw
z%oh{S=yd(l=exU=61d45?`eO05tdVP-AH_Fk-RDtEHWMWQ~mk;qH(_?+c*S*co;FF
z)#k`8a}M|}drqeskgOeAt)JqX8yI1p;YZ&LBWp$EgUk&eN6>o!k48tBgn{pG`Ux;<
zk*|UL4M!ObNdMdC1au0iPmrQ`a|y3~SR|2BJ^wOkIzOdIY&H^+a~qAHRiME~Ojzeu
z^hGqAZzj3lV3ralk+Zg2FZWVyM5l48zikm9>(}9D%!h5GZv6=TyzDD>I82Y_V!z!{
zz5(e!EIui|PCSJ5@a&$S4@NT`2nj8{@bJK!FBE7#$EUN!I8=03QpO5gvD{1c2SH5V
z_0p+Ry>aC9QgPt17ph{;2W`%p(D>ahL)8>xFeeCY(E`_o^fB=MGglk^GgmJlWl83!
z>%ijKTll}7eFl7r*24-aX84<fZGyRv2zZ<U{2zIQX82=6i|^=Ql_G^KoBB!mPjRp5
zHZVh)?hBIWwL$JTgwY*HzEN*e>a_+dd&e$_Ho^r^@uADUH+h^qgkG<G1a9F}-6{;)
z7N3F5V}LPlp9|&ueg(=gq6)%vI%y1oODWSuNoet2vH_?XhJ{qXdYZ*YipcKotb9vM
zY7b6WOdW<Bk4SK$8Wp~juGxXA)}0i|_AOnkjD*NiHoFwEM=46>9{#PyN)9ofpa9$n
z^MC><8#yPlvYZ^P0%>D|Q$jY;E=Ax=86ED@{3VK`#A4iAztauO35KVL5FWqXx-7p|
za-dd~+>Z9(n|p_YH1GcLH=oHL+WMq)9^zzNMtGv1^g!93q56qzx$c900G)ft<2t~J
zIHiEf;x)71kCz`IPVics$y@*tJh|KXTj^E`=eU+yFWRrz-=r1SeOJ|rp7Pe~ia!aG
z5$dPZdOif;R>!<0tRPx<ux6~aiaHA<Y+lGSvYr2tE=%M0ss<kW?N88wG#^hwC~33>
z?6|BNaXvVdocG`|{Vy#TSZ(qDJA&jhG71N?sf{M-dkeFzt@+ih?o%)uLO~MWC?@g0
zd6d&h4a%Ou4v;<V2%T(3G5SHIW_HLYkn>8$N@tY=K+wh8YpR)<F9{HOvD0NTJ04}R
zAe5~0nLc}Ov{E&*XfTUiwh1_>5QZeYh{#M*9<g<UXY{h9DyGAVVs>&bix_e8n#SE-
z?uhoyvL9MEEauG%0snbeWfWg2ZX|pytuffdU|(#F16=sVl(#L&Gxy`sS+}RuC5Bl{
z-a`k*pS}(x(cq6*T(0A=G5@SBpn^*XoF7Yw{}@bi$o*juF8<1sfd<_JW_>@djn>xh
zOwO%5EG%PY@yG&CgS4fkrB8WH%CC864?Q{V??3Q^)e=%bZ>agOfP6Gj*zugd1@rX2
z=7T&!b|Uo-aNZE1^X}SOTw`@Kcfo3N7pXxI)6Wy#gW8>t32Tg(J13Yj77)p+B9h!Y
z^6#!vcA{aw!eN?_@b0EAX1mGF(AxHk!G3$NevOzFN9C9N5)E6GI}{DyNb8QG#}5t?
z6~*IN#)5u$@s7dI`2AdDt3>hZEmIj)B)k(0%DY?QSZ$XO2RgjZ-9p_uTnBPH`M6`?
zdk(9rD5ODn)%PW}Khy?+Tc3T~GY3;~QYt|<(L&zpe~S=->-ORZ$tjWmd#>WKe(-v?
z`#Y4kgYQ&9i3c@pjjr36xARVkb#_mq7<Rm3P5OeuRXF-9?Kl_f=d|jnIqV6s(ePfn
zq74?5EMa5)g}Lxui@@qH^GptCbl%6!$HG3S4W5&_>(b&pt}hWVc`XUD)*I**6@gH#
zOu;Cg_hfe`1#jnkw*>m;ah2Z!%b<o|s1Yay0t)L*eAmC`ImP@%ZFybSfDFNn`XBfH
zO?7FgV+zS)`)*2Dy<7bDhuTu4Xme;vu>`Q!?cp&}cxh_OXgAIQB%<EM4eYK_AwDv8
zXprr_!QV35HV@ffhv~g+t)Ib@d)-QoN)+k#jhwhfx<%e0s!+>+HyZE$fj$9B*6`VC
z^A6#fMdJZgaZ)qBXJW7jLcbT+rt_it3w@E*ABQsIJ-Jb?KkSCb9XOnP_6OikP1S@A
z&E;_G-S$6T3>d9-KO|fG6r-YH2(;_X@An5<u1b9sF!kd}r$^BF6RH_gy#Jc=S>Th6
zJgrmrRQZA0&bl>XQFU+!L@V-NI~4xUt_L}*UGbJXX^3jR>8dioMj>TGw8kaX1xyi{
zWy+({K8SADQP!@9eN;5;rmOq&?Z117ynkj*pxhE6gTGT!GN_sP$6?{>_c>$VVf<$p
z@U+)h!~7loi{}AHCdXI`G6ygT0idS*2h@(mh*@a7n|EuUKJC!#E~dZs7f6hgP^wMC
zcuMMjGrIP1Z&sH>pL6+Ur4UZ`9~508cz!-#6vzDqe#~@xr0yoptN4LSg0Ipit|q9J
zkor2BS_{7{?@f^w%dB@N93!j)0vvu_7#v>b_ILy(WpIFy)*B<_95+l@7E;0Fxi#l>
zVMLpEmm^bucBkj4|2*ydB;Hy2UHC$A3G!E1gec{i-uf=Y>k<8=f3BjbURvte%e!Y6
z$Myb-r!-rjAw2TF@Q|!u1O!q-hG3$KVqorZMSw2XBBK5YPrgHhhKK>*1%ZH|5vV{E
z$gB78gVMnQ;U^F)8YFIG90ryj*jWO#u`DqCP(w+{$C3UX4T0VVf=qb-N`MFjK7AmB
zCGXBgKy-fhH<k^WA_ozm3qiARAb%rk$?)KQ`#mru1Je)q)WP|`uf!xwq9eoKh<kfv
z_X-5s2>!Q8Q`oHQg`W;*H`~YQua)(EbzU-z4iYo)vXv#dzBm}aRhECy;pgYqaSYf-
zkjj|RqC8)G-rDu@H!npDZRX%)U<QHSq5S*KVMORq*lM`4t`diW+exc~_D(Ln?r&6^
zFbsuFPNXpusb^x&(r+i>$P$*8W$iyi(d_hm1uivJ6Ix{@lA5_S?ViY}%P$$faQ83@
zrdg(QDCS1V@`|GDhQ(<~IxB-fL9hN*QVN#eH_Q<hj>f7_zl(qGaMgsoAo}pyGrE24
z8&!vl!=~!|%u~7(zmU3kyC(ZIgXlmmd8B_etJqNIMfD=C;$4UkMyrkYJsR6jBjUWM
zNrt4Dx#!&lI1ZD+3l<iX9rCYkUW`DgQju>vPo@=Z%V-wso1cs6*SK!N)6Lm-;p|R=
zol0K$-8PqGXD`_h&N#NvVw8wfv=cT})-g6#91D+B9^7w*X7*1ELgIAfSC)nylu56S
zvt!hVERMLb2zkO&VL?zWivNt>lnAL`o_n2hPEp)_<I6Nws);%aNS-Q{`5Ak)FKMH=
zz)j(D{;NnGm%5ermAG4q%(sHt4bE#7f<$(oa<8orNwKKW$gh@tNFYB)3Xnen0Ei?u
zu(?OuI=^B~Ks|;DyFwDr;>6ls^HoM*uF0bCjh}61?eS%CHqm-V<18gcOGeM{7}Jdb
z{9PGmE)0Nge&FlV(E9xbPa+fMY2CQb{uOe?SmToJ*nPdw`?2|ieeG2Pdyj^Jvl7kV
zprxsqva&J7dLFF$#p|Y3-ony`pe?Vjv1i>QMuwg8btkwHCj1#Ia~Tf&TLvqPd1Ws(
zYQCQf=;*ZC)_;^QxVqCg5*5N1?nhq~#N?!U@oO%>ol9(2nyWliG^2W2QBd49%_sb%
zdUsD!+0ZMlxfxJ=SUOiJi?{1Q<jHffCrJ^%zh5_q1U<N73@y=!U!-IyS@7M5=Cm=U
zku6W>jVKN*@qHp}vT`+yI$3PU@F|FzURmE-VAd*G8;$7ro!|I{rAPLfhCP~3E{b|#
zmp@#Q&#LOjDx3|{cS(1<^V<*MG1L_<7GcjbXrNoNe}^od4ct#L@DMT1wK<{6H!t=*
zvU^Ey^#vV@181crXU!*47e4=)uUW#HWliGO5AW6XU}4cZ1Nf|@&Z|4uG>OREeynq*
zbSjh^FZH=3p;ux#q2d$%I;7qSFnm)Nr9E5;mfKBV(Jr6bi9EC~<+6r$X=Maad?C2$
zJAsYGRBGL8qlD{pW59pYY96p;ZW1h~<!waza#zm37R0Tc<y2G}v>%}V;adwTthiWr
zZHNNp8Tg(m%~(D%weysHW+05ucc{etGp_e3b@PwcQsS2yqDkBe>T$;3iUuA;cQWPm
zs}-^9?9~z)S?Md^?pIAb>6`Tus>BVLKu~Q=zmC7|X($<V8TqsJDY^u?3!njzwD9yL
zP-^L}Ol!R_b!Fl#3f8Ey)g76AQ%@s-Wx?2nD_WIIIRVY}gM1OUR>H!eZli;$7;&a%
zac!bZ+`fuli^_ajPkA6#WSJsv;EA)Y9A&A#JozrbVRoH7Jms|ecA_n_Mq?)GLVcGy
zsiKHoQRw`}vq&AoMM_@e;SFPpNIJ7$!`T<(dJ*m{m0|0cqt~@FZkxaK1TQ0*ejK(N
zu!mo}Uyrl5KO5w%nE#1=XoQ&S@6ubrxJq^lg!!IIlfDeB`Cgzf=DiFLo(RnMkR+}g
zI=RLiTHfeV;A?Mw%a9?89qvPLsu9-|->_*d7Z_Syw(+dU{B1p-{a_i3ZE94({kDwN
zIU$&`SR&_Rz0vCNa}*uJlNjXt!E@lE1Se&&&1WJax;8euMydyIaNP6uBV1(o@o-91
z#ObiAX~m&?%<Da%n(C{WOY?6`+U&Abmdrm&trgxD^XS~M1J@D!TuIDKL0wkXzS9-e
z3%9n<QtW=`g*^L1B>HvGqgf<!R=&xsae1|qJ35)g%2&Fm{TU-02=Vhqc8ak&u7pew
zGI?*d5LDJeCKkkAKVRcMt+Ecm^)(ccxumy4Sl=jgXw3fL;Rhjyjl*KYLAlNUqtW^1
z$OK)ZdvURY_4*V2(rywVN?$PpQCe|@;_dFa@8{Ph=&xUnj`Gv@xAzA0<G1Y>SKrPv
z1r{jX;(OEHF^TKCb88!eKW+uHy;n2=MDu3Bg+=X!#nfy>kmtli(C_>6O0yJ31D&#X
zHwu2{T$69B&ei`k7PZd)9rtylxwwj_e1YRcw2P!k*y`I|vfJIU+O8eoj+HsdPxs;!
zVdw3$jDBC4-e5%w>TGQ6!HkimG5h5a_+rEj!$b6cV?m!ejWAU{Bqaj08&@g2N<8TH
zkh{&fLB3wvtZh9qK<_bSeB-AQa}8q1r{;o~cTXEjs_UUIR?0K<==PWD_oe~$vxKyq
zC61yC%Skk2g*#pbCkal-SYHSP^tO>-3N&m|Ft+4B{$6^#O|X;XRgmp$|6?C&T9I5H
zM-=3AaQ+EKmxW54Oh(L0m&}!6v1wD{%_~J5=!Jwzq<FWJ&)U|SiQlK}^l$IqNOfBx
zZ<O`zZVrX`KL7Yhhp#HOjj?$lrA7))uvQ*0KfUWZ_!KM3);7*64?^O2R$VvY?%5zw
z0o_f7i7F{b5bVmom%>{^-_i`Pcee#6Y>fG6kZ2Xs558dGK^dex{Ss8Z5`ya>Ttu3Q
zOSgK5vKMhg3zJWYnayZ==aCVbh*^*N;@wt9p7Z5=r8FjEXI;)<Sgr|8i9*S{U2%n5
zp8A6j%v@dM9VvmAh83i&3@2W0pFQbYe2MFUy>P~E!PXEoY(wtmo_*)pxU_`uh+o!}
zmW^C3<ujpHlp*3OkrLfA=jx;{N2Lr2vXZoT5&qvl<UVq0JAi*@ia-#OR^;kp#h#*g
ze*yh<2Kt+>{@ycig(e;%oqC2so`SaHr}&?)viBC(kjS4{HXU*}TGjpl5mJP5Ll`2y
z!s0<A#DH#20^Q`?ix?h8GsFK78iTzKnWyvXP%(PG&+?mGc$IF8Frf6g#4ur$Udngn
zJ)=Te=KQt;6y*K8jf(55kg7;P!(5>x@=H$tNj}49*b_*UqX+T&a}dRH2r}VrL{rK-
zCaj{$7#<otA0OpY3#v2?Rs5o?Dlrza)a}g}nKp5h-7v35D};U{2RL7UtXU!G<BcU~
z2Yp@e6M7Ft&T=Z4@FwNhs2g&7q_PQ-{bn`wlVV>ToJT)s4bT$@CrHWj6Y?ZM8R{mp
z89%6VYDG{F$f(}%%(cYi7+nJ!xih9|n;~U><MezR5s9Pk8vMI<S(TE-cIhE6d6xTY
zGj%`vVsW8`;RilTE(6B`m}0~2Z|_ROX1n*8g;xkhpBDU@;~@PjAw{R`qgu7~9`$s9
zv+5*|^}YQH9?Z+xJ-{C4!_7aF8ME2_?psNOu<N``sK0#-mi<u_ft2+pH*e8~tNow;
zVD8q-fqyIJ5~&ea?}qrDQR~-hrDfrrYqOi8!?ruoB$BmXTrd3@g98|G91?JGo8v&=
z>he@U8;Wx$KX1fzV;<n*j5kIz5ry8~S$LwR_{T~i32~0b9lzS-j$|Adr+IWLU$jkA
z{*8|L=gYeNP9ZP+hM_ciox9uNbxdDPpZy!6(_vSjoVlf7d7?CEz<e_>&lk|NOk%91
z(D1<J+D@i#=@Pg`6!(R4Iw;c8Q~>%bPOUw~2x4B3>w0Efl>s`>SC-UC4^#o^A40IK
zaA4*$LK&|xVI`EYb0N|W<`{7*Ix6&j0jsshweby!A04_AK$bvWM-^(U?WdE?09D60
z{ej6l2TJ29waUkWQ#*s>0ST$$6yIQw2ZfyeUMCwH;>+enz6Kpao|C|&ec#h+j47tt
zfG{}7H4&345{2BC^GtNI-4Ha8*StfpD~70a%Od<TJI_qw8*vT`Dnj^>BvvCqllw&o
zdV6baJVQ$~$87;WZx{1blbvW-+Is8AHt*K`=Ii@hk(E%}Lxb~dyF+W6M=FVRxjWY;
zZnoTS0pB5j6R?)}FSe9H(U?hB?|tZ-3F{0GjN!&rE2zJ%ToODk2T)c<?5PTFYOHI1
ztV#UaF={NET_&n;@4G~Xa!T#DLZFCQpR^Za2;*V!pI00ps2KWc9ZPm@upoqxHMTl@
z{YL|E&{Ww2D-af(Y0JCM#ezuR-vHJ-eb01K_rpKE$?M3_*BEYpO~m(-R9gThJG^UU
zM%n(LbM?S=2b=i~LG;qC1H!Rr<$UgwaPQJ&6k6XPo&!xS7O&jwuidhVSPDsB!eCGr
z4T{=Wl%YOm%I<v0kz^5Dqu2dn-GMe-Tn>FLP`v$LcP9z%`SjFNa=MwpxQ|%UY!(nh
z66ArKxU#_&9j%AnuCb);IbHY3c~%(58)azYxk>bwY>t$&beg|dXIEpb)NRE%j@ZYY
zNcRQ~8bb~4s$klX!NI|I*8t^GC&(8u>l`CcUYkQ4k-UQ9a24r-1qU|nG*;!=&DhxZ
zb%&d8GJzZSQamudnCHZ?X`JET$J9jp6xS6P9Na+$n<OM5b?`bviau$Y^(1BELZANu
zFNL2tuu7mZSxrvczjdoS(P3l^4SnN!QpnNO{`om8!t7JP(#PQ{4XUZ8_R~m`K2*0<
z49*q{G=v!9vWKVdy2vuG5~KQtca*-lY9=JAi^JoWZ(=Nqhru8>gc#>?jzq=F9a_yt
z{lH%Mz%5p?rAgRUx#gEpClXBxRy($UY`$oAJu>DBT}LW?4!wh!55uv-X;EZ>7uLCY
zg!w;hViE|$rh^3wjrjsDJXaX(PtrfMhT_y7B?_<&*WX!F%6XbB)pWYzYQLWt;4wN3
z)kl0`jUWmJMG$OzDBqeX;NZ+uU;XN5#{t7?WOaNd?zBm^<ht&CD~}0fBcm*CGY<k`
zKL-OG@UT311mgwPsQB%uQ$umkHqWn-s5sVcMKK)#w`WW{S}is9)ZVk6>V9xoRg&MY
zVHKh@pmTA%p2izSlM<8kaN{y>%_YwlS70f@YEphYem#rgkyANv{;}13cCR1+M_9ZF
zq(Zz1lb7%fxMNUs+VvL4-3M^2TTbnZu5sC|zO{#_1Zl0QVH#VKeFihWXcm`9F(_NQ
z4kJrqM82Y2x3;6Nu3j<2EZMIv)V%#khWz4{dTnpA!{}p0WW!Sevv#rYsiZ$Ce1Ttq
zg(>biWw^GTbKRevH1f0JRpcyQ;S9V!_bl1AQhWUaMGW)jv~bH7j^<y#L$(ax$E>gy
zKbsqw(aHfXgq0xreTjgD^$L>S63#G&2>sK;F2=PfRjr7WY2RufVF%Kv76?|LI)3jS
z`z>Hcx{_|@HNy9;p*LcnZ47bEF^^$bBDzYkqfJ>;7&G<XM(iQ9!lUQolombWprACX
zt1rJbv1@lp%ola<ID8UeGTONDFA$38BiOB!!3mCa2+|BR`<T$Ffp%q84qW)G?nlz$
zD0HVaZ*W!P?6Avj;><K>$iP$g`%V$oglC#?2-Nc#G(74TnVZ|S6qrYz8ua|6Vbayv
zAzu|Q$eZSCcG-r~SQNowzb`K)iU*Y53%%(vHQ|;l_|D%#Zx@BDm<vl}5U2di*WAGD
z1Xt>4QxjpBr!O3lGi;;=$|pVstH{dez>U8U2%d9tym@9S(=`0>vTwXTsax>FS>C=4
z3exAz;!ho&`;CI8q)gh=>0<!+Ek<A}s>S~w2ayAz_ol`qzuTQ9u{&~0QLKDu2O@Az
zxP^2)C~)J!AByKe=b@DdO~B&9^nYF&j+}KlA=oW)wx#RXv50aY5}gJk9lRBBF~=M`
zCJW|tych}On6mSTOUt3Rko+H~TLh9N8$qiabrUiBV**2X&QkYsSzSdrD$(iAp&(zY
z1foHFv1e8S*69CTjsn-l_+~~<=@tByIRZKBh4e2-v4KTS4*g4&(@U9rj|1_q%$_6`
zYTop~2xNjBhHnRWl<03%5Wm4tAy3GnysJTc7L_1=43x{xQpI<`G=tNh?(Gd+Cr_}|
zzvuP%+|G#R4f%hVd&{`0zUO~*pF@LmNq0*(2ppuO8)+#8>Fzj4x0G}@h%|_lw3LK^
zba#W&;obWAe82zS@4jC5$-PhR!}B_Otu-@i*6dlc-!mg2zHrM=zhHEA=n$(4l+wU^
zYCyR2A4rm#6cAw!g5CerWX}x+@cRFtlVKoy5)(urf+*_0RoqFT&&kQCK@|eSR$vi#
zApuzU-@5PCsMJoja2)V_1HdE>Y;6Wi0tiJKOWAG_LjZuefBx0%hFX=a4}lQmdffj!
z@^10m!WLYF^q)nn^#OLbyLxc;H~-9D_69QPy?(zA4odoWP%+XwyHBcM`Bi4Rf2arj
zzpu5cb$7Ctme!pezUitR4I^7kbsjo4ek1-bUV1f&8a0@R88n<{g@i0N+?38gxNa@b
z&8CB^u>Z4)JRSU_mz|4M$UarunTgfUxI5|jx4aYqRu|XFFDOfHe|uN27g=y<O?Vw&
zz8<A$0E@Lg|5tRR5Z74@iCFgq)y9far+`{*!x#;p{rlC<D#lGRN>%@4?37B^L5zXQ
zr-*9I`OUK~oFLQ)2>*Aq2!xNDY{BVe+0rk1wpHtKfkA^#Ce^-I<ZY@IVcUJTkY63G
zPK}m2%ewS%aEoOB*&+*QsrUKMiTk+OsWaY%dmAc_D`lI-mb1Bo5QpL*^WHE*j^^bm
zpY4_r5pr0;Bp6{NfLg`1-P*hniCh<Ypl|mzEr<#<!04sHGz-d1IOsA&?XHZ9>FJ~X
zOkzWzUnyat)QS;QJw$zwpRtFAxcCe8?NMa*^X(>=Lh=H()sv~q{byn#R9`Zd#Vz~(
z=+A3tDTR(WW;}}iUS#6pq%T8D!F;W;qeQZ3d)TjC2FpSbVsA@-1psMe^8w@@4vPJc
zx+JCn>BJ@3E_rly`Yn%-cy;B6T-uDhiqdzR(XEFt@AnIY2BMe{cGSQjU=iwnhv=V;
z`uYN|ViA~g-t&9RsR}%+(BEUM8a6z!$Lcxd#OmVo1|y}9=s@fpsLr-XYTPNdfv>y8
z?8#c>v9z_1$tV5atQ$FZoR{Z3ASOZxK6cupfg#yw5RnI}IS)Pz(`lj0Qf0%*6Mx=Y
z^2Nk}X5LWLwb|;314VIS^4LiSL`(cRDQoHPRyRM@|HaJb=`$*zep6-jXs_V(d-f!T
z+p^{hH(%D{8#261|5pk?$SuKJvp|Ct5C9nV-{o!^lD#YRZ6cCH%dw9cOO!Z$Cq~77
zPc0`^`tX)*HL33o)`P_)es4^<_+o+Q^a2O=SLW`}uk(1@X~>5sa)J+K)}M|Jp9c+F
z03jPBk=x7CC0^O!88vwXvG{XdEg0dHemYYV*a7~+8cge|y_xn=7NY&5&e^^bJ@=f+
zEI&-D%G^~me>DIAU;x4q!Sl<=3*qCu4+*J9JX%rJ<X@z+v`9ZF?ts!<eO!pZ1mI%-
zXG0Rcs~O!1de(}TV}fU@?_UD9pTJehW5b?-f$7K4uYXL%fD%A4xI2GU{S@TG1oL0o
z=;1`myi?#n#Ie~gpwR(8Ux8FWcZN;=wMPGW^1oooKh%M(fdO49faD)D6)@ABGR>IJ
z6}|p)Z8P~12d#0rdXO|b`;=A^hjfL2N{m25uVSHknYLE>xql}{q(YlXGP*GiE;?(Z
z*4SHG=8#+?=EE-Z{7+*cIbU41G6yz=CKIT?fBk6?%xFHE=`<z5>i`m!J4p>!AP2$Z
zs()!@=10xN1M!k4_<yJY8}>m<dq4!}UGSe!JzOIQV08k4yAm|;|26ctBCseiLtMm7
zBjC#=1OD|61%gNdJ{Ukq4!i8bzT01WEND+2Gf^nk`ZXU6*pLKvQkq&u)(@(1kkPS&
zmhdF!8IUXl=1t_FW97z>KPd_L`tbPmR-|i`OhI+9FqqH2#dCm-*+zs`MH^2~0?m4Y
z8DH`K`VSl%Mu~{?2}I*QkXArktJ0E9ylMpDk=VJjrhb~1R4)8!N1Xd!Nw>{01~8B^
zMnoJ76ObWoM}VSKfoUfPZP*;EJ+<Mrrz^xYsX0bgXZY1{_V6nrG#Uz#ViK>MWm6SA
zaNNc-AP|EWwo=7?!+^>^%(<OlqWV0VHbv!hg4X)O6`-Gad3|>68v;H`jSWTR16k=n
z$H<*$3t=B0o?i_uFU|(>>BOOQ%JJe=)DgYw5eWB~@x<zQ2c4&A+nU#6h{-_+DWP;P
z@xyND+SFZQx1P10>ucXcw3X4^D-n*aKRjQY%+?Z6n`7w~Hz1Di)$XV4*Ss(Zkop|L
z<5RKse8J#)r1eovpeOA`Ge?37$&e?K+7oe;Uh!#uz6M=N2!YTrMwa*Y7hczoK%oIp
zRD!=GqEol<dWiJ<e^a27_n5);l?^C;RVkXsXhXT98n%%UeNV)$Q}KpOm`z@KC__(A
z(mtR*e*c~EZj@5Ix#4M6k$0P*o!{iAN6mp8=NT_zUPS{F21jcBVZ%Veg;U5}n*NLI
zKOcE;U@Kt8%2h=!kPl*LhdWs|K7BPD$NhbmNVVfc-Y&i!EYupK6s5P5h4VW5wXh!d
zVkOFTsHjS{Z#>42EkdnuuOF5=oZI0$d@e7RGgq&lO56X?+Rirrkx9m5G0BYUq1{F-
z`ZPZ_qD{<<NX*<gbO8uZh+=;dO*)hcp^sD8Ew1(eD5eODek7NG<N$~`LVr|-)f1UH
z>ALQL4<+v1$;XiJ1M_dniC@^ayhj0Rx=1?{l?M{oAzx6lQG1qrVtU%O^2>_NY#W1>
zPrhmWQBTSja*>0fL1jwR4Dw^!67tfQ-3t_M(9$Ogt|?w@@w#uxB3R>gfrMwxkY7Px
zi8^Y!b^Ao&#*C9#pp+a+=-?nB&eU*fgg<(fkMLZ!uZv})JdG1i=6-Qm><1mZSZ@z&
zz=jvTkuhUo%#=e?@l8CiQ84eDwhB$N$@5>)cf{YL+n!`4h{?40ys!$J$?$*8F?>#+
zlEN>|zXYL2_Ly8Mk9qYJf!Swd2@))~@;}$3MR=~d)A}YYmEz}{$(O@KPcBh&Whs!(
z1CYnGPxGy%`lM|W6>^K_H=2!QS?GsY=@om7*}6)n@}pl^bMDDueavQ6BB~e!_F~IF
zzadaBI#y7gTc>~>dJD>%lZ*l&92kRIzro}d8U?NjKoGG&bsGhbCF%Rm6D;>lzm?WM
zC5V+e^rk|RF4uI=FP;wh$fjM4bJhnJy=+6%aJNK>6>y%$DU;iBwP{{XrWQZP%5^!i
zj|SPX+WHF70^d`>I|K+K$3OE@e?Cc~uoFR&MWuFg)cE-l;khV*j%r8pCK3*X=T{9!
zB=ttc1uD@#Q4VZdcTKsRL9w>QT@u*r;^QGtWVLfth!)##P5|()^WfwZ4F20ysDD(n
z&Naq4-AuBXT)Mf4FAFol=Bv>L9xjnIfwNJ3t%(#fMgpcDj!bQr@%#5%m*O31rb@DM
zPcfHA*Ean|g-0{>{C&0r5pt!0JW%<&Zbkr}H_rL%{bpMmf-r-k&3y00Kzl>?x4nI-
zGcm_}i0{~W%SmC@H?x=i9$(+CKO=#W8Re0}9^kvHp+GqYZ@VV)*rz_AHiHMW#ZX8v
z9xn`a{}SPAA$GkdAJVs3j-fmCc1)h*_71*-JA#-PnV~xeOMfDmxs5w~_*vV#Z@))1
zSaT%Hv8fMJ{c0q9r2y^sY4sYf`+66N(h+u2hhH8j)xSPkxYeWptr(mu9P9#gaSI`6
zHXD-b_wl8Bax%|L1p6MTl3Fu^z4wIbLn5(eT>#}I;#eWtjd)C9It8_;nX3?Xu4~y6
z%{Tq$*m?P6Q^16eLDfZ=1A6WrkBCJf#*Xkb;uvHcn+$^;pM8_V@sDj_2HPlA-=ODO
znV9HKi}w2<Ak;*~8U{2h7NztoJ03=TJ(sf&=<hQr2ahtb+>4&$cjN@Kb?qM7{*S2b
z!rL-JRXbc1MM2ro$u1d+E}Tz?A2=^PZQ&dFF>=@7RDUjQ**mEK?9MYTO^xopWGgwf
z134d8O4#o&$+>^R<6><D?3zc3)7J?Ss)n|mj4*;2kUuFC&mu^ugQrvh8M&epm8O@&
zc=L6q7rkx}i}&-J*0NFk{sa&U*Zo(?$U`cN#{)SC7CI@aWPV$%^4L8|kfb;=8I<1P
z=!%j&h{a25eK!(O7Ev>P_+;xESo*w3m4KBq$NWz=3>1|C><^{$62hnFj9*9n=}dmI
zx50iaUo-!x_j<}S%}xe5Y^%)i&XA~Q`gtYK<m1<)aGS?aJ6FUcKA3wOb?!&{<R|jw
z+xiN|wlvzkU6B-nqPz{67k3q-KR(|H%zQqP_fhWHksK)<e6!KiDPFZ)TpOLG<<%qX
zu26JO6}6S2J&Zlun)m^HFaDth%mGB4CWnm_dn8)4u>DG)kH{+b!5W)B>!m64`{+Ji
z*{GDY6hp6ftblPoUf#@nYa!@<9{L*6Fu!D2<)6k^Lnjb{H5jeFe2i%XZZ8~o3--_I
z+M|Qtym}FPPx9l}5=Km@u-kKspj&gI#Rm>g<EZG@2!EFr1_d$Qfd}iL7i(KLZSv^F
zCc3Aflid>ruUvl#3qEf`*m;Y=tk1ecblD^=_}K^r%*UeM09$YA1_;874VMp|eg5Sf
z8E$C24Y~$VxG?rV&AY6zas!6PW*`7uhYqd}rl|z~`i%s7Y*wPs(oJye-%edtWdE;z
z?6CQ4Uy{iX_MQf;dAl<DF*iJynN79hX0U0x;+=SF_k-QWeTa4}Vfy7H?E_GD6$Fn#
zBqNYUrHA55N6eTI;2S`>S(VEfXx~3J;D1cTC;O+6n6S_2-Oiz#<!AP9_RiwiA=gf$
z&6k;J8~!fa3+zsxki*gNiC~YqxgK>Vkv;((xQ`ICu3#h_e8vGqY+u^cHH(*1?wwqZ
zGz+UikL}Oni4}D4gq#wMGK^xi)HIUy{UjMfRP%%2UVNj(qbEb*&xCZ`X*isJi3iGx
z2Gy5!3WQ9&oMw5At;|;%$8RZ(sw7Aj1Bi8P&DpRGt9kR@l7E!%wM?I}k$M<e5(Fr5
zL0V)$e+Mtj2A;~5MhLOcQp)~hUxpAh<)r@Do3|hNr1S!5XpsZPfsyjcb7yqURVhJS
znZiEo%s?i#1M+67zTB683-6HH5-BjNANM+#TS$Q~2_77{_w+cI^+nff$zT5P>%}8K
zV4@~|*!Dtp^CEIz28fN**OU7u6Lb-lUD35mg%m|4kcFFf%Ck_T2Fiwj<v+4{wFP~i
zWu_yJa3ZDX-NKC1mKFtUvTJ-I?>O!OU~Nq(o;y)BP}{BEsR-+}2&M<%ll=D&B2X-$
z2?p_RzBlmph_omoep1A9ZUSa9`x6ypJ%Hy1=DhUlDUh0_cMxM7jofr%yYes`c1G6o
zNC+xjff^;a=LrcnO{EP*Qj6&3hbes;HU!G*4qNt3;!;^G`q;u+yH>XbI5I-bDY}T)
z1>l(2T6z|OY4ryyM&_lN6@;*e(+^X$P%g83m(Afvy}bt91WqF8O+GG8Xw(h@<t)Ye
z37o>{8#2I^(`gwhETbh7%1rmVOz>uVRfYHDr*iF9IR^C^>MfP%(+kaT@IE{E11;1v
z)hy&+dQyjVf$=+^KyO_kZ{B3wt6`6~$DHu@d&Nb8jQcYedy!FH>y3q<5OE~)6V8g)
z?MnuGX3(qAQz&R1sgDflA$%?h%777A)dYGkg^QQW#w`RYLGOQ+0IX2Su+az6`WC>d
z-AH5trU=_V-KQ)TQRWuA=`WbwQIid4d3~e#DrIj)>?}{^ByKUz0+IhfAr`YlP9&s9
zh#$N!#5>JzsHS3>w}h>GLy{K8@nVd3@emsrmN9Pn&Bwo!v>@Q`)-O8MSUpMR?h7rT
z3&PgRYJO$sU3fj?>1tv0?Q6=;De>yAf#OsIM_#CU46<yl<}cMAvq_r!M_D&njeRyb
zUcOJrqWB-Z{`xg!-lN`x@7FJbbt{rVFD|T?*43>>;hJiqamqdUw*%K_qx}YEbe?oh
zo=-__9_v@V?jAAF+l%Jc_putN(Mn;*pPsdm)N-6aX&AXky99G{>F~<5iamrVD56y(
z0<tX;=93R8;RP*~?QLdpv{{rSd?o4XNH|E^IT<~3t~UxlaQDBNv)D{ZPw=Fa<gG1#
zig_>U){JH=dwwimj*mSqN@+7&Z|tS{j-j;kaj0n|5fO|5>j%JXssRV`^$E*!<d2}i
z0?a3rA7hENF4P_(Qq79}60qF{e>YhY1M3W>_fwiroovZAW*#%)t}B%epv6iu!5h_9
zM@L<i>;^mtaMIg4HeE9#jRpJ>zsgte3OIYeG}^{g`mXSf4}&3EfzRRt6Z~_=3xHu7
z2(-*bGOOZyW;^*t)13YJ!(fa~t!vgJ)*1zGI)A#9i%leJfiar#tQHLik4v9O7LH4`
z$s@iu3yZ&mlB(uOVE{YA8ca4Opxv_DPA*HHG66-dBwez1AD!AkZE9ic8-?>>IU0r6
zhV(<|$ACwV1|*H_p&9D;K8XsaLO$=7xHpwMYtD!r!86YPpEF(vK%~FhrDKuW)L}<M
zlO#;0rg}myPek(^ITlU6KdWF0HbSiJc%6|%7@6ibTfQm+>|1@!WQBVh)Z%(Q=e-m(
zFDRtLV`Hb2O8GEUNpEJX=TBj_m87Uh#8h4m(B4+(ZBdW#XhVXHvckuPuTd$BWNX$f
zdd%o=+3L+K1=`WC<Srb>n=q&Sep)^9(@_nx?%Q9fRqHC1rX#kAIy<P&0iLC7GGQeE
z&yaY|CMBp$`My54>vnOQJB*3hc3DpiH+hu6mU}UHd+7(9XfI%uZ<6QADTHx8T%+_i
z3@%mVx@%%$sSku^G?lZZEeP6W9AdYM1P_0Es!0grvvG+0q7vyP&P-Oatt;-pmwdJD
zClG5{aWdgw@o^vj8j~{C448tOAsf|eYiT{HvTC|1K-3<<6qtW^!^{LvXem{sXFB80
zJfQN}pTYkfw}2>6aFdg%Ww2>qN-C4GB#6Xq+*iW`3Y`5v0=FoJT8Z$(4p&ysCcQlk
z?YOZZ_2sWi-*0d#QyHcl(Gz!2dK;*m&2LKc)F4~`7>L4?lO6tnO1(GYzF-=oprHi`
zt}T7T@nmF0$%x~7CW2>r^cRh%<MU|-tEGl$73)*DaxS(FO!raKUuHwBygn$BRFh(+
zZ}<n%mFcCv0PNxwQMaE16jb%vy>t`Ly?8k^#%|u4NyT=1l9@Y}e=m&ih>Iq3KM&X9
ziohoU8@Q-w>WgJ`em|aMn^m)hC;TEbHRC9LUY<Qt%)3%Wl)x(e8~Lb{To-T~O0L3U
zc<{=>>?wyh{}POSCfjPj9mIip5GPn_ZGW=SU(9vm>;aY*obeORoI3TzB>Wx2tX*ZO
zTQ#I?!do8Tpus|U#&S%>mn<m5@vH_gdt4lD3ej3~#Kgg8<t2u>c69&&ic-^gMS7KC
z{k!#<o|L*f>Eq#vtsG7oKWK<?^qtCMZbHfr+n}Y>asay|zf|2YWehN98vqR_%AJ3h
zO^W8zh!U$-6#gKweHtLxyshLjzAme5*f0*`q`KAK{qC2-^5{GfeQx~TH=U=+hM@ek
zR{y7@Q$@<OccDUF47DLkSmV%--Iju_O59v!g<b)#m>yjAF9*q9LyNyjDUk_bg6SHa
zx!jQ*%XO<;{TFcs@A96x81t3`XUN(EF{@TjTYr*I^D^|2r8^}b?D}GA|L&u4zRY42
z3>?|H)6^)dOG4dLjwklQMg&b2>3>Ys*>5!J-x{$3x8E}iEa~A`J)4Ji%{e@Q+vQIh
zA&q^zZ?@Tmhwq>}hDSDhQOy>*xUdQf1Fffi^$qSs)$3M>ma*;`I(K!NAZCUQ5D<S|
z9yBIr-Y#3W6WWn{<WN6Kp8Zw-E6Z=+Oq~4y$8hL&!kzDewV)x2j~D}sDp-N(T-fRt
zQxdk&Qi%*TL|RdzuVhB<bL010qz(54WHR0mk0mQ)0vJKLwXp0T&hs{&X?=vu#JwR$
zKA=l;V!!jna1Os&2PL3vR%C1U)L}6qZkd%_*XAg|i`4q=GWJ=lj<WsRboD!*#B$rn
z(pHwQG=KcG|6!!85Z`H7i6cN<OLiC99~r8!W>AB5;tyAx_2}T<2aTTDFi7DOo7@AZ
z-=&F1vapAzS?b7nQGH-<@}-+qDx)1?7vC@Un=jr3b2Ord4D$0h_Oy#o>u2TWL+aB#
z`*}?aKg^M+0eQLyILdC0OU;e_np@9S?!yWv<`gI{0vw+k37=jD2rL-B^L5s(OjWPV
zLrm`4OBFs|h}h@waU8Z>=gj{#DL8o}mvDUaC6U6~{%yuzZl0W#I-nc(`2TUM{%Zj?
zeiOh3P#l~-F%@u&h(fKh<(r1)B6#Gj{a_I364ON6rrRzlQi#?uA*?}aBmev90Vn+3
z5_Vy<mHXjdzT|IE))nhVX)>cGuUh!SA(?w3vPZJ<d1@4S{=yhgGL@v{!!NZy=`5oA
z3dA+yuRLb&tG0&O>CFA1;p9!;L{G|#UdJ2OVKW^cFWR7CA1HZ^WD2KL=LURBGm)6k
zl#k-v7`vQxR8@On@@`_L=$FAjD4v$ce(Ia^jYF?gk3-V^BjW5H20lNj$^hC3eiMbi
z%(BU!W4-j!T!_2=pKsYb=X0cYzZp>{t*WZoY+kDaVzjo!EO1If0deSay&_abc=-Iw
z9H88krsc+}6l!(7wojCCv&uO#M*Ql$`6pEdJ(e0EZ%#nO^Al&JL4HGM-Jz}sZ)$LC
zmoh$8(LiQMxx9i7@&dl|!=G|)(|0u4kme9iR;Kq{_f9iTz=-1(gW5UR>4_oGjHKs<
z^o~>uOmTh9bQxt6EZQEMDTcaeU|RQe{@q;#U!IP-GyY8U-m-GJ4j`7_TG@&z0D9+`
z|MAX2$ILEI{!I>OSW=N7^<n;*mb)J+fmH$X@3=7BGf93SNkp93@&fRH@Qw4JhNzQa
zY6I-?xRcTaSr@YQ{k*m4FOSNok>1%#BR$iw%q;Y;JW=tyE!`=JN5nB|Nv*JrfRWh+
zC_}B>p2h)@GdT(IZMGE34MtvapS15H0$ZFXA(Q^`KW#tQSqa&-sAn}y<WDJ^%|TH^
zkT8G8l0ng^8A@HJwLMYRcpN;B>`RrqEfrV7mboo%LcM=WLw)i#7^_L9Ix@7hfij0k
zx;&Eq<qU-b`Om`knkgZZL>u^@(6P6Y%Ca-}IJ=Q>10eNCCu0r?EjtXBY*qd1574jo
zM(M?<_Kxt!$2X|C#GOk+!p%!^Kv|;w^(8|bVEtWIiW9!)Hf|*?45#bdpJ}2jucCnj
zPbcVTrI%HxNVR&3Z?mRJzIuD)6d#C)Q?IT?w6>hJfqrY@tKjo2e6u(KGjexJJ`T&1
z@#j!Ai&G3Nb_|}Jx;|`7s2IzeR_<QUuMDZ5O2#-;IZ3fRLkAgGu;&;oYGHUxmWHeg
zH|=A*3Dy5?AQD0moAp;a?_1=xk=~sZe{vA+=29B(0^{?mq|}T`=(sSUpgH>shi>_7
zF{3I9!&c9lGF({THQCAz$v7Eghe#Y6esjX<<1r0p8}vf%6b)n3I#IX@J5eHX6VUrG
z4IL#5i=QESys6N#Iq8g4G;)-zq17;il}5Vl28Cmwb4;R~%V?=h5;whg`3qwwO?V`_
zpD(R%XCwXhF$>>7o8UGh*Y9r&qB$CM^Vd!S+&7QLJ8fy>wNRQLmdxatZZ}}wXAY3B
z^7OJ*=MFKfbP_$cwIlYUo+t?z`i3RzJ6BU_36Su0M9linbSfW9_BWwwnzZ9JamZ(A
zM>VEO0g4kAKYqr}mq(YAGC<#zBVVe#To|&kI>GzYPRBT}90Ev-ad19K+uQ?s+B5@}
zhCc~Ee7+of$Q1Suq6eHv+H^X6<ob3E>@_)0?}khoo6>AK+g{Ys@aG<~JgDK}(64^|
zBvoP}GB4+mS#mNUtrtd%-7Kj5nd+->n>2=&Gt2#=$sPB6iR$RU!@P&f>%J&^@0UD4
zS$=u*>G6z<n=cNQ<yPjsu`JuU?BZ|zxf|A;10gx-{mBJs2ibF~Y%L1-FU}CRap(dn
zDqu|veYaVSjJl>J5AfKW8>t)rc6P}MAw<e$VEfwCtvymY^xgO8s}i=~@t-(Q+&YIi
zk;vZfhAe)g@sp%{sZF0#a4H_L24U9S?)*_5;S33PiF|&%N)zcOo2>q#z!PBAjCu2*
zGQVoHG7;3qN%?^VNqbS*tjvR)-GW$%+eO3krYM~_h_!sy<mYDdiLwPopA(JlSU<7m
z6M+9Cixcwm4-@julO9qR-l)i*Q>1qRK0QM1k(lp<A2BUsDW0N#^D0^@y~S2oDA;E7
z2K^oWvQ?lkfTh#^7yug3Azz(!5fGiqnSoPb#QbjsApy9eauTY^Z1Js+<Bcst9pnXT
z=0CDbD|M4Luv%_gMxd;hnlu}lZnfR%dX_X)V)H&Qs3vxW{Rl#*pa_sZ6V6;J>&b3P
z?ULx35}1kG<W%1N>e8says*VZu`ab1v+%?DxJ)g<%6I+pBx$*LsI-E{fFi7J@V(j8
zySCU{ac>$qeUhmO8L@}>Guq?XX|=7V#Y`)^xEwtYe<3apB)bdNhI6`j4`?SFW=#+=
zii4idIZ*R0Q@w6=_S#v2YcABTQ`@prOg`vw!%8;V*ZVN~a>sTyN_gY)im<Ouba}wQ
zap>?RBJJFcM7xyj<YK0MD3f8I5N}Cj`F3CP2H_t0xpD$dXV7+|LYw+!K&uaH&3ATh
z`_S>|BZ;SFd)7+#it*=4<~6tiz~mD|>LF81oSw3`Ku>L%Rz?}?8~)9QWSzv<SDCR|
z*5382d`5~zXZA=^Eq!hu%=j(1cx>M=P#K@lkG|)e8dc5V&2v+fSWd<MtR^)i%aSbJ
zludI%>QehdhsZ%%WiylXOdR%9w@G9<sWF^$_{A@Ji5KkwWudJ)Bg(&C^QBFG?MP}f
zbOzucM$JO_1LUo4GB)g_V+F8arJgr=5$N*rFs*3=*^UplwKy-73%e!xo<W5;hXx9i
zDx<>Qcau_w<3rUbt`mWcbcst_DM4*_rNxy)>o5R>QJ}(pqkvNi(EwAp#@$rwB-Go%
z2UlFam@l?mKT9D}8<rvgYGF9=Ct>_B945qE5$E_DUP5Dx^9I%wt)h-BJAQ2e2kT`<
zFc|0trV0JkvVU@j=BWWaEE_oWzX?WU{|fP+>?2z+`{)lV;JV<KFSy-*7oY||Ayk8T
zOMj2zKS@oEl0Yr_G$5JzPx_I-e|Z9fg}}`J<D%|Dbq9eq4-Sgr2iE-Hlc+E^;14<O
zh`B@f87_?JeIEE!+H-OlEbCo8ThXWdVkBw2zrPvhYcisf7`nLpWc#6&oJfw_&`UCa
zE6eh7vJan6z#LdX0Yi)UFL1%oqM0+8<ZmjYW_Zw-n_B5g{FY|C(dLzrLidE7Z6K^*
zI-eP-cbbZYfj^|QSHB=)PFK_BgR)Hk{e66b>=2_asZB^}ZfMWdnmLv4iN7WGrG4>G
z?O5u_$L*hvyGO%WX}o@Es;|F&phl&I^~P-gXxD{Yh|JIUDxKE@0gBtv8!NhHDcN%d
z@OrF0MAPVm=3dP!jg{f>ol!y2Zj+lQLV!tSE-H-sM6}$$`UQ8hiZx;a6PWw^Kd0N_
z&Yv?xD$Qj5T_=9G(K1g+UFUsNald(@a&(`3NPW{#^Ga<Ixmcc(7E`w4`QsW@R8Q#p
zpM`xE7|;Kv%H0G|3&Wm?<3jX{fl9^c`ii11_9tPr%C1$F&iORb1$!4<OwO3N=VG_J
zwx~;q{EuvianF|nUZoz@qzExoe{ctT?*1W2<}ZKJh*rYTdf&Tx_cZoL@eUb-5x3zw
zrSrufGC4{Pk;kb-RJTJsFSxj3#O=800@(H7)13=o+9#OnSGp5VPEC_T5DmCt(;Jk3
z3)7CQ7>J-hQ`d+d)?z5<=n;c-d5nx0eOsRm;>Tw)r(nmoJbiUAXj@xc6Hw)2`pjh^
zT|q}Vb9oPK4CYddL7Y#)&hBCq=2`i0ok*RXN8);>W3D}Am||wel%UNYVPl}~5HP@n
z#F>=D=P^gpCA1ptY0^is{Bt_u{zq3?Q%QPr5pupxGNFB8VNmJvA)R*t!?^R-n(yP0
z9|t=zeeb19+MM_1T6ncxPO}Eed3T0xe)a98rwjjznq_Oo%`ae3;q`RG9RFk%&4uIl
z<ExUQc1Jdr4feR^p!uy<e(~#bucV^6LoK>G6+xq|!m}fFzXqttS;D<f@}KnXaDb2|
z0j!6S_!c*pAZ&g24WroUuRDU}Sw6^|y!2?9z?szxR?=L8xZrI;fg2TEp+0CK*-x?f
zQ+>!6oAV6B;$)r-N$sNz>>^<emGlOub3m}`n)~(RX)@PcI*zu8PR9+2mbU1M4~~?|
z-c(yww9@y1lPg&lhQ>9?4UwK;;o~z#th&;n&xGcoorfp&GDEm!Lqk2}j+(izg;Tz!
zYJH@XrX#QV`0wubhW*uUIAZDXH(*@M)HwTc8TEwpx0|8x#fm-cvcL;CZDGoRe}1-}
zg4o3_|M{&;)wj@aZ^EI3Zs|2u>vZDW(eS+{7JRLPH{zQgr%*`oAx2{6ypumy<bK*b
zAh)`#ev|*OS-?w3*dba(#)=oT_nu2v(wmhrYZOzuirH~dIVz$paD}*g@40O%{h6@e
zU9i+ENc8K+1x`$OQkY|WvWp!VCorv=7=p~(z0<0Qb`Nji)Y9jn;R0G(!@X_~>SAlt
zsir$S9Th@I{Zg&fESO<JrxOw?dMErycXJ+i@=9UcWqq%fnPmh2-5;vI`_qM+D_N9p
zkjsDa_@&RDCVLO;*g-c3hrb3erJ*=bDN3=eTk0_<6f<M9DOY4^4Q~*ss`-%}GUi$f
zbOvy+;@e_mxf@d{7$hwBLoN7%#$gz-h&$cY8Y<h9D0U>*n>2J@eW*c5Ryb~>^EKLP
zh_<EG=eduwIN4E9p%a$tsATD@5v>F-Qqe3Y+e+suD8HYpy3YBANj7C5Y{U}O^{1Lr
z-;7U2Rqg-|&E&!kKkvj2(Z{e&nLeUajL2`UYX2z^{(sJIp$X#isxNfXx4)bpcmhOY
zMMu?&iHE6l_9axi1LoAbv13lweL4hy&^i@0;`7$01p?w0mL|<2Z;4|>@jsCq?;9T>
z(2kodAy>*F4s(rR5OlHibo8Gvc|dr=bQ%%z^OrH(`((U1!<2Dx#gIBA{c`0D_mf++
zuN4I89&t?ieF$RkLN_-yeKBx6zI%|U&msrbp9bqu<mSsc!-IV_xS*4RQENVS=d`!7
zvy8gR!9yR!bUDq%u;#ql{8&ER>89RlDqihOhDy_Nm#GfraYVL?ho66;kBrrrrz-~1
zMxuAuEwMJ4<tj^vKAjDtBFF-Xz|nM^+cy_re}n-8XKO#%i=tu^EMlil^`(Feo1m{f
z%V~>|Bp*Q-?OhW>(pl3CYxETn<i=HC6(^U`KTgLYN9*|T+--i}_J5y+Ka$LNVc(fQ
zJDQ(6+TcXOIj9Gpi7>oe4V#kuIe9jB@9a(0!?gW0`WEG`3H9Bq5}B9MeoW>O(r_ng
z_x;c#$+hVatA&|R{RH6j>lK>=Eu^05Fb^v<{0$Ehs@zH~+Sn@(-yM^jGa={9$6vAf
zGhb<pH~*`fqW`fS`t7JNvY5CLh)(ybP~gq6$)yvO`6rIN=EA~m{9FYocr{E=vaR?7
zbc27rpKvn${?qkm%m$u}Al%T~lsDAY&Vovx=C)2IkV+>Aa_5Gjzl_66w}%oEnxI;5
zWC_{jo+XlmlH5}g<r;6+I-`7qJ8rEBkr6Bn@s!~jiu~tY75mpXm>}-JJ!~WK)vk>B
zID%|Xa6ff>bf{=ib;!U!2wsoP<{=@Lj@r{@*0^wcz~-EBb1jqPELJI~=^jbJPweie
zoAjQ3B7S5S0qsdRy)lCZ2R7Aura^<_)qMmYYYOL1O4@#IH_uh(eFsMgbDt#c$w`2U
z4HnAKI(Uxt?wu;SEZke0b=+U8EJe?2q5gJ!l5@r6GE~*V2<&(PzWWxsNVr>waB>OD
zZ84sH0eGOelEhJHYQf8w;<2yW#Yeyh4RvO=Vz7{TScMl=EFYsz&IkiaxJOJVj-d{O
z)XYh59bFB;Pg|4mZ9ZXloLe4rH@T|O{*3ZEI^ahMjRm^emOMq*xo`ATjrVz4^`E4A
zP_Ngd{?+S3;)NVZ&MOrm-?w<u*F?3b0uD2>)ubglns5!2ooe!zFu1kmtHZ$!5kn;H
zS~MIR^b1M&Ia1??1&p=Ed318;48blgBvfdZgq_7f>`BXH{U<<gJN)xGDtGw@=wztg
zqz^y2k}JNedeBd&Oma5{TTp=GC<1AH4KSw{HFD=3i@r^bG_b8g=dWWreRIrBU;Z@=
zk^k;qIEPWac%Q!B%Mh5K!KwUhr*eKb@e~ZcBRncg>WB}H6&g5?vCG?nLVGZ-_8#5e
zep_qu^Q>%th@A+M4%$Edw9ZkNCXnBd)!1-f`DM#d!Qd@ZR$O;y*p`9Fg5HbER-P^{
z#Bd~t0?NWI)dW+aGcE*ryb~B_+le)oFSiogH}%!2$#huf_r05&z%li>$?i=>%LvyP
z*3H<@j%RWB_-dd1$`>NQnv><{-4^KYgv*}lFX690Y<m1DrvM6@R_3p;A43UfR+f$$
zzu)&55T;Kabs}W;1fbG>4|ThY5^+GqZc2Lsw#ML~XwoKa4S{&7nqfAR^JeIQS(xmw
z8lzoKGn>evVJ=<xqkU16CB$#hujV0<p6~JJrC`T{sZav=Eut>G+O23cw2iq$dz$OS
z9X-2o$BFY{M%Ik$J`^BHjJ#)cR}~PSh5W6o0FNXXfZ(0Uo1&^oh2MDKt2?T_kv$3Y
zm0(eJP5mM$us<e#7n4P2P0>wL$3G)?Y9l6s3+rvK*zk!#LUjwAj<>(xEPfQW@?rF3
zZ9HzrvB9{nr9ORxd4C-zFhZqBxb*hX1JPFJ!xhHy!DG|MKTM=}CIXVJhyzaC!?F!L
z8{Zx-S)u;w)hoa$MBY_dya_yQ8pYn4D9Bg{MPa03{CK>S;MeyE!6D#8aI}MQT9R65
z=i$edh{t$oyr_i|tJQOlr+(~<uR$I_DNDm2UTr_9uc3Ae#lAG7jSi7{{+u|NPsdb~
zq#C2I4`%!18B9%;+89=i(@E!vAsV-icGry|j!}Wde0#v_FTMz`ZE?7KwIyh7fgoK>
z3i)Lc;N~W5*i%vIexCnOd%vo7N{7{Adeg!wsF(fuscnkn9f|sr+PYMDfEihX0V{&-
zl3&lo7{ZeO(T@9ERpgujQ)BUin@b6Wj%br<*qo~1QeQVF7YL7``?J6^2%p?7n*>$m
zft$+@W0Pt!=aoI5R?%7^r!h*vH|yeH;rbWiUKAM&EKjQrc1lYG((@#Y&^0J~K0gFZ
z7~=^J^+9_jF>;$Oc7NU*qJhxV$Fo4ZJb<){IV?$bFs!Lqy?BJyzYq2(czbo>w(D_u
zaWgbfhyYdxRS<w#;KAzdt{(gCY<-l_Z)v{zp?$J{JeU782IWf&4LlNT!j=dkM9ab5
z{yQlIm_p56vxR@9hXZhHL^Y?sGXOAtXsHkxH4hp!kPAkIGcj?}K%Bl>48ZygIa~=u
zoR-Q0gq8@>j3DS<i|+r^v}5eI?v4mFINd-sDr{{;``K@0Bb0;hOIF3GY&sTzi6Hve
zmM#1__~{hB$PCN)(?t%1{J0kYb|5MANT|R}4746>GgqsF>zoAuG8{-&E?_r0cHT7*
zAq}VPxV*{*&cRV{l5ve;04${!;W=avBz;1J?%S<;AOOev;gZu&j8vL~iKDk4eI+Ic
zz(Tgg+F4-t;Iaw0z!$FA40mwG0aU=`alf)C*wM}c5yWh-7iVGO$n!vf$9+!U|Ik7L
z0l->RZ@{?|q5&Y(X`%iPv9bWrEo46jN}HYzgp!jB9{%5_g-hJJe^`?y2!UMDa2VnU
z^q7sy5=H3FgwK?l<W*C@e;Y|ns~ZuXWn#`7la=+MXl9R0*EX*xc{I;an+TC9em}b|
z<(Lf`_-;Vy+ufZexe3>xvb#Gx{Lgxw%!0GC5ZXTkAr~xISfYeK|3h)Kb7B?+HSHgk
z{{QtbK@#qEyKl=&0r!K$ZY;UIH@83czE4ejKRdTRZ&&-6)ovj0)Ah1Dzi=wl!(M2+
zgD%IN=qJ^H$+h+6g?HlR)_#B8E7@(u246?h_#OT8&rxCDA4)KhIbdW37n<|?FEx1m
zdhSH>=+y0XGbpIdMl5@V-t3p`s_bq$RWb>3R=luon_7KNAy(C3d@z^DF-4V4NI5l>
zVKj4?rN5l~du8C)+Ly)ZfObBL&?e07IggjOv95D^!~XQW-MeM_aXGq{XYU1V+KdPD
zjLUgN&yDkKrVcs8oiB=a`vL`Tqa=Qp7$Y<Z+TDw5{Z_Y;XlVPGn65{+wan9lFy?Xb
z@mw&HHS#xZRLX>In8~TSW98dI!baxLR<(Ae(l%PvtX73AgfggS=;4TVYFtDzeCcpm
zB>vNT1z%}%n6fWY5_V*j)m<+4O>f+ikAGc1@8z(0lTOoKCiauMET3bqyKl{xf}$>#
zcZv^>)Hq_24oGX}sttKx|2*4McN17l{XUt}!qGzOQ`jN@_InI>q9tLU+FW#UbBN&_
z4+UAPM;bj{Wv@`bo3X$z;%=%ZMCl)<^<yYo0n5YLF!8>uYQmU-XGYi>)e}L!Bhr-k
zxd9W}m6{{<<5vn&{tGzF7EV&qEi@#=pHVx878lG!UibF081MjLOTB95*!-pC1S%iX
z*Xw(#CEfBwnPBTL&n)52Zwf7bgbQ@@xDzv4`f}Yic+d9`Z=2L;D8~J28VKj!y5}~s
zd%{fmbG+jue;52ZvsH96ZRQ&B+2f+Zh?F<r+A?p&bz1rjzx9c=<7>-hPX?H+OhGMI
z3niD1h(yM{k=@sMzT0jx$2;t1^!>^4Ymm}RRNq-Z-X*9ngrf^vTTy;CRnuT?EeQ-P
zNF4`Y@n5JZGQmDu$67)WgZ3mnRN#Fb8>7JH#PhNUV1%7qjwf&IxjZ$jMDSN=d{jo?
z&HG(>W##p)8@u&FMrcwS7D*7ApAy=;_ae0pPpee=Vsa@bqX=VKkx`TGDtOw}CUl{$
zbIeAR3#LjAklM*qLUT%{_on6#eLmmlAveTtx2srF@pDf(uX$n3d|I_=?>?{byctY_
zI0=~!M%1sNGOkJZYPjSfgO}2($m3_z?GblOhNn~PjzZjxKky6YRC7mN#*;?hMAW~D
z{b8l?J*gc+%dU(NB7bb;>8RH*+e`J*d$&!ZIw$*+$JVf7fnnKbgV)+sTFzYJ!FEwf
zyUfKe^*G4A+iGVTZ<RydkyY@C#N+k8b;~86r*S2RwxJ*Af&*PuUC8TR;eG2VdDxfs
z-S4zOmm?3Wv8!=a_+c+Qt~3;^g3Xl(H6*c%iF*u9noet!3nFHBBek&1IifRwV%Q3)
zK<|1Y^al{HToUE2ULL2;jk#9vo4tBke+{&JL?LA(r6nC5A&I)M{lU-1kMB!=DB=-$
z*f6E(oN!Fp7-nN4_AabLE(THwDXA4OzU3jK)o0|(sn~0FuN6>lk-TMX2(?`W;Z_c1
z;u~HZf_T2qM3r|lkT0hF&0ob#D1``-88~Sh;8A1E5)>i*E}LcJW}Vhs8UOrh(tzGU
z%>8@=ai@d+zdP{4F?+`0!-xD9zT%A7f*-4C$ssu;OjTyJLMOE~&Q_vL=oi}C@y-K}
zh(uCSH;?8~BKrpCno2ou29?DZnVOy4N!fgiH}?8_g=Z8iDeEgmF3A#pF6d=s7gVXf
zo&Fhm(K27fjW@KI^O!Bs!9miaO6>KA*2#%$u3ZQw@zLGS%oVq~)pbj!%bFdkXHzpz
zgW@QTA2Y?_$LzL#gH5}u$8oOjl(EtFrFQduXcoCbVrm+TwnZt3OFZT)3~wQ7CPi44
z2;w3Nm}(lD*|m2>o^4i1tBwikrxl}!FyFQ-E+8(~M=_8)%Kc7EFybsU(~#j??|3=n
zXx7tcBPgb*68$BZqV6MGaEOp^*qZ$&H?fMb2n7zS;$bmaxF)(r&0%Ik$&oinUyBO$
z5RzkqteVy;LOz<B0#UUX`WR64L!(I2`l9!uW-?U<^)p59&%As4aSR!#dv()>{sO?M
z@w3~=U{T)KFhr{GOErq6wiVno5{JeD#Q+jPp-Gnh{w{b%t`RJqp9A5ci8e!WSI5Sy
zHrpS=(#x%n39~O%i}oO1RiH`xIDf^?(rBcufO-e-s!NHKae!=2Fu3$9V%(1KWd`M`
z!RE^I7IeXU2U1=94Z^{_Uibv8kZ12uSX6y2iBqhVzLRHXJ%rQtnYwJ4;b?N=x^j~J
z3Xy`kw$#jwztRiWLDFBt56C%VD(hZSdl+AOON4MM3p|3QB1n`%bSEW~p*%e3)(L<l
z23FdKbe$blpV;^6W;jL^Hd#o<N7f4^lLl$6B<`KmB-8TBdc+paP`(F-0A%JAS%pPJ
ztHi)huZUHtT^8wKZ_SLk^9)B0->>N@>US<5e{{>1^&o|bc=r~SOz~O1$CNgv>}F}i
z37s%VRljlZ36+zvWKOb&=Ev*GDlwDk=ZbBd;GMqHj6>UO<!HLugjoE>apjKj>3SzP
z_6xJ~e!V5?EDmS3c-;V@bC25aB>1gf2PVR4z>L@pGWzy{*lIX-)@BB9UG@d<)Rixm
zaK01+d(YUQ?P-jn;~2sjU;0Xw?L0R^bCpb&g=|NlYa-p1<I)G~g=<oOGAzAKNmbEc
zw0fM{rN*F!R&?VLI-f67q-_&x>j-8(g{ZJxZEMTwegr<Ow)Y~K8g-nFakYW&8I@ta
zRE<1GOa7^OznI8h5ISklf6SJm&U8uaa6>?JdB<XEkY;vjZY}ja;bl+tt<42{6s!i?
zQi^h_TT`wYMZj!l-X9lEY{)|Y-L0FPSeu3B1OcEs@a~7jlB|AnX3^>oSEC)x=dTv{
zsu&Q5jL?p3%-R%TUF2JKl27wC-7A28*Z<M)$7S1t1E-AWg5gBj`B38aM=xHS%awj{
zcb05oeXGh`Vwb>>bB?sKrjbd|cto=5bI|i>J!GaLh!#o9f_{=7(&d<mH(suXTCVaL
zM)M`A0UGyWo9`%buQH`|7u<N<=@3mw1Hk~=*j36MNv<I&3qLM(dwUeaj^>bkYb?=H
zsZEu!`<+3j&h5Ec;%(ll(UY|flAU>*9?H^|nCpDC+|TwyRbmJjfdfBO7a9^7?LQXS
zP4SP-C2zN@B^9hEMcy{#@5bMM)IP~>)3_TSyL+|5zOQpM7k9R_wH5EcA^Pxy6z#1j
zma);ahvmQp`XN(?XF*nQ7NvFuQPM$AYumAk8KSP?f!F#<348nlO*&xufKVdj`g3T7
zDRof%4v~#uTuWZit1t5rw5RqtF7>v<_nM=9yuK*ZxsNxi&n&x$CxUU!v%IlLhA}!y
zOA4Io<#e^9<O$T_logG~UA^rzWKuo)GmY*KA&=$1Y*23R7ROb-rE(kRSwzm=r54JG
z5+%SxEDh6II<HorW6yNZHujkcVMEfWK-@W`iQI~Ow)_rhRZ-PgC>PGg=j|&>V>Z?u
z=7^JlT!|-Y?!%Ysw9_#8=G}Y0Q@^JQs5>;1s8l@R#@4l4V<i};)K?!cyAWi!{5e13
zhE<d2VTt>HdrZ%SsnZ**R1?hIkheRas=h2VHMZS9Pn#Xje9`&soEnX-asN#@42^7l
z(F6^VdC2WmMuJ23`r1S#7t~Z@hS$Mi?uy*V1lCJp?P0027?Jn6is`p0Gkq7Q2}VBh
zG{o!Tl9_A8W~InEgT~D$@ivK*(3ns9<ohK9?QW^isD$pXy=G_Uw-E=(oKG~=12JCO
z7Vxh|pQ;fHO$sW<wc56P)~-e8WP5?RcqN?KcLQ~-VNtOY(Ct?5Y9mn!1$B=V$pX~9
zr`jnRUbSyRATm==v<!*0`Us&~AH+_+F2wZvJ!?Bp6rAFCOh2}m*k)k;zdRbhOAFBm
zcK-?|r#`}AOsyXx_Re9QDq8Lag(}78ziIjWGJoK7nmrL1<QvHodEr>eHsfG?x^HD8
zaW&!kz4H~{(@pj7VnYqy6!@pRkA-!ky&oS`;Dvg*+d8;4o(Q|3iIjg+sI!9IxxdV-
zZ6WB;pBXZ|sN%!z$iEFkg$A=FqZE^-)3PD|+!jw)X<Ui>#5c{BJ{SMFi_GZTXHO~)
z1qCRdgPy55nvo0|&Q`9Tu4vW=R5iCywiI7{nD0_N*`b1}k5j!%UBhd^_ixgHw#ChS
zc+K0&aEAHNBFzw4v(#TEVWRoLY&(v|=hcF-K>T3TV~1?_3#lXOAw<;MGwteZ)*wmd
zm0H;yXODsMwN->?Vjo2|6;SV?2{UQ+OtHW<=(rTVdg)8mNlvC6g#y#V&Ash*6hf*g
zCqoP3GA}p2yTL+xB{>d#Ec^lkG69;X0+e*X2#U!by@4r@-ivooOG$5ng!r78d1eMe
zmWZnMeqSJY_<l!Q4y_9j_2^N706A@=9A0kZNL8I-ltEXXiCeYa)E813&U-QRN7DRi
zWecHFWJvQ=zG-iXF>#+%pwP(+I=r`e`_P=N$W)SsDp*RSq23olWLP4lgpBkM7Put@
zttZeXQVD8*^r?`b>K)xtwd5pk^rM=WD6i0&ZDD+n+9`6Q{HHP%TVgxQvE{fcz4~xD
z{9N4yrYQqXFW!T<lH}9QU@J&r2<h(x34|m?x}uME)!U!-&@<eTql_9dV)y-??R;F}
z5t7zoWj@|7yUI^(h`@CBh4K;pl<1KN8C~Dxd0AWcYRSLT$ejKq7mZTCH_e7c4<knn
z29}u=m+!mdfV0~$X;d}NZ?&)SAo?NqXpCb}6wO<WyRZ!Xmuufi&2EcS<>B6WNC)bO
zUt9TL@!>VGuAz0r^7vfWx{b73SQquNbR%vRjizT8XgFO1s=IMtXOvL7yY^aBOz{>1
z2iO)2rYZB|x{5X1a|jjTgWCSYzV3sE?e1gYA!s<p^W*x3l6iJd9pBhzMK^u>7)o)F
zhzc>2{D3F&^B{r-=C7EBJUd%*TWail_y8y($-uw*+|4%k_&<;Y<F;LCW34VMs>32D
zVens|`&z$Y*~8-;)~y<2Ms@JP;Hge3unX0ed>b!;kE-^0Uw6<+{Vf+nAA#ySL)=3-
zQnwOZI`Tp*%)1mRtjo^vh26W92TCO5r<ko;vd52yUbmkVbt&RWqpKR;l(ilwi3BT<
zeF`|Vu*>gBvR-9DkEwU`o42h3a0Qkyv*2zmj4<jt6-uF3M#Q0}UwR9LT&dqT^g;#S
zgho^bi6HR_@Ikte#4}Mwnyn)rj>l0?%-Fvaps77Q!vFJTD*Nk_An-O3PcZzSYuThc
z{D45z!Rq1en%KBuH2LH1+KZjs;{hgBp({gA$k>6Gi=K;QB>VpHcZ)DDrq*v3Sbm@J
zdY23k*xj2vF);~rH&}?5XZ*W5Um`-fp3aId57N!U9;@jQLej^6_)npEydUN}`e=<*
zjAlbqOk>&0cVv7)r3gPM(w_G>jguGmbtz@IJDNF|t>feo%E%B2`vmD`NLPg)Y=nRR
zrisXGm~?#op!vHpu6kX|>Qf5=cOY1MkaimR;0=WwTL$Ly3|g2Ym-w|oV@!l`um1=Z
z)|S??7w*E=`!yF6TKe}u&7eXH0n`;UX51@E%%Y9JQID=}(QmPxc$-^1A8}`RHt){1
zLE%Vg4qp!5`kobY0(4cduV$#%(g9@*DG#)O{kH(SL6r4r1vyktbqEG$$N+Z#zC_|4
zPFY4Kz}H8t0HqEABmqfb-qRZoqTrF0D6f2YoaJa_m_)4v*U_po|5z&Y9SM?-@c27T
zXjc)VVP!mjwd@}c1&WZ39Iv(I9YuKbWLGgHg+3g$)8i|{<KFucku+rxiHo7CzLOtP
z`arxvY2a&$J)luoNec_7#Q+t6q0lpJ4HIMP5uMZ%Sd}Ks6!gZ&yf1BP$yP%0<>1nB
zcBByF4-B3JkjQ>N!?vk`413~7gH4?eaq|Df4boA^B3(+}@%fByMVSRt_*BOO5>q}q
zH*ay~4vV9UxFhwdvA4xOeORdsypkLeb0{@hdF!EoyoO7Sss&@3ir3A)>Vf4WqW%z;
zgcq-w31VHxlFkM^g>+5U&HB*@NbU%+`b(-I?ii6GQ?P;`WlH+*p~3UJ)T(7U4p)s>
zc3sY^&%=M!N75|^YK|eIV)d0AXv78&eY_K#MpW;nQG`OC$)UfBKt#<tGkGiu`7}P0
zxdmQ1JOULD!0l4}&vvzA>kq9;pdq5>%<XrQH(Z@lbm?n(NE;X-{58|x6LKgbR88N@
z)?m9&E1SsRQ~$Y8*vTU@FS-e^<nZH2D5L}I+XwFmOTHfc(m-NDW0S%BfO|HvT<`^6
z5?Dgz+xHE>UCUGc?Q`jb+Y}WQUfjk~&~MBSwL<!UNvE6Ob72LgFJShz{IW|R$CKv8
z>(G9^mCxN~9U4zVl>38aMFu$^4QC4Py&|o)=0z#)mzpsoY1~}Th5jjnEbv%vg11nX
z|K3799Mt-+En!$$y}iu7-#XTRP<3yf;pg1jX8vE)y=7EfThlJujW*u6hX#TL3+~Xk
zYaqD0TY%t=B)BHHTd?2~0t9yn?k<7g9vp6G@Av!8Irsj%W1K607(IHhR?k_p<f&S<
zo@!;MZ+ziJXd|K}ZNx=+1JHW1YcOJY7og%>u;FPAQt1rfu{Nj#jaL~<)YP3Q(m*j3
z3U_MqA<zd>McDX{wLth-=c{%T=C<4;Luz+IV50IAXnc?f3FNDa@r6bTKljrcQ2b>*
zu`CkN+`WuE>`NRS(Clau1lDusBhg1p;n}QWxc0e${We_Jw7vpE7Bq_gCVbaGcz~Za
zmw**YLg0Vv^Zep(G1MNB<jmlrHq7k{2E^pP&ayQt=$Qc(y9-rq+91^HV196KCDS3_
zE^0sM2l!S`Ajt^|j7rVt>sjDIk|Q~ogDd!jJ^?tesUrcsU*7Ms2FI6>ew56Vhv_6Z
zAiO)ol(Urv=A*^SKz|^~ZHeZsTH!)cKjG&-*Z!x5<4o@G92USPL+j*BtWEgs+`#k9
zSLl~{q~^&QPVzdRbB)!$P}8VmUr&4YfS0o9=AXn{R!#~L6JKAh90s^qAi$N6jCZFr
z=|%%L_fmg-yd94oI!}c<T-iBZSp`r0$%K@Dr;7+8^k8DF-ag=mC=(Y>`(k8X*2iuo
zxOfuP*$YGgO7+)IzqR{eWR6z`AQT2+#GF<qcF8WXLkF|ueTAV1<d$Yr5Z3#5REOrU
zB6@@#@%5z~DT4)SjqM{-_a0U3D_n?UiON$=3$n_;vb1YPW?S*dx+Zad50HJO5YG>1
zcEF&h4&^Ka#cLzlhqPY)1);W(H@dhGxHln2PWY<7o*e$fl{G@&g;gev4xIesRQ(tT
zbWl=hLypz*&RKeeK#;L1(sw8@HF(=cb};&yrpNYM$Ba14<xD-I8CiuI+NVbh{%NR1
z&UN58#OfjdyvvdM*M0b)sRbUIV?WfhSe2J)Zhy3OI#0cJMUysS33owmA^wK8CHGZ$
zh^{V=j?+N(>iVAcSUB6@jD<~+1&B@*ri#JNNQVzuMcPnz2nK{S1u`W9@;u{6wuD^^
zR_cedDOie<N*{?oZFS+R@CW_SrUL54vEm=L%8jzMmHqIy1ctegV>k!H=2^|~H~GZF
zeHP;ivcg}~*Zpz3L~qx&qk+zaDst9PrTe(~xNBXvocP?av^lQIK&<dXg-#Za^F~?@
zUZw$9=Q@(eu87P|6J%hCe-QzI%=$l2(15C=V=D*dicUq3pIfmHe2=T`84eBr8Hh|9
z@p}AwHkt^9>W4vD2jX~dt6$6@NAmf|Eg@0Qc<5kn%1NUoLSc91gw~}lyRS=8>fnBO
z`oG}bd$RYXhiB-2;NhPVX<*s-Y69h0Y--SfW;s{yeIx?0-ulvURjK?t{7|P=ByoQD
zD-Ne!hU|@u2rqfIfbbq`{TpAdXi!ZVJT0)JhT<Is%n*pIegUudFCxaJv~a%Ey_!{A
z#cVMFcj;wpBiZ~{rP#+fw3z_@%*^ymscjWDFDye>6Fd|vRH9ogO;!opc(vQ+Qa*0#
z)#>7+^X!YM^?>*G9Yzl_9T_(H(7G@f^6&?5IfQhoq4g!aM#{1C){h<!@&l`pNA3#e
zY!&fR`QE7Z^rdfQMuY3_HQB>ev6VyOD0XQaKnwH7L5LBC1T%!WiVz(&azkGrHlsuE
zY$tyxbZN7(GdVliHB{woQEiK8gmqcXt*tUrxR>J(nT|q+)||=<-Wn`kf&&k8ob&l7
z-g*5@c?BU8#6%@nr3wPuoybBL>X;OUUm<R8=ucs|S#7aY6{#SSPgboSMvk@3i~jbm
z+tt6XsSdw+ZCWINhhi!trjqD-MWF%Hksw(?@x{hl4w#jL`z`sw90eG6q<^)$NO(W`
zY(W{cCg!yP9wbe-w6ae2EfvKcqqrFw*g53KV71VhMqWX+1}>xuWftkS1n$M)p(17I
zMHTpOq@aiPYpsNy<T@YVEwsD2<wv-LtaZK7oR0rs?Em~$9Mm8y+V324B;@GPg!KpE
zx<M9}pDym;3nAp%B3{L$mH4`!s}Q6I0)K6y{yKCmTW+<RSlurhBLgG0#}PI<?%RZW
zyt~2jLj?$QU;(Y4kn`pL1nA)7$O%T@NFJf)BoPEh8uybcw*+j=+-(!19xnY<JEqoY
zHfctSTA(~OOds{fAwOg#YlC7Tg*SR<*W*?pz)bkR8D4HA&0N^n=?HPdsElVT3W+C1
zV;G>^@*)9`5#%{s5lG?2iZ)5#n$NcnuW=^WC4PPTqa#2y2KX+jvlDYp3@InX$ks$h
zF2)-EcDjD$Hj5O1TlRXx#rNJLF-%(csF$NDM1|rbgOS%y`{p_uJ6b63t0NrQ>{CG0
zVOyJFD=5jR`df?)vk+>|)@pCDQRrRa8*e8~p~IZ(QLt*QJko&KS?0_2$&u%qKTL70
zN`{=G8fa<~*4ZL2a$S?>IH|E#W5(KUL|<KAY!W>{2Sk;qq3?UGd~YI^+5c9X3iH4J
zcud$=lvrW}pT1E>k|R%#f7nBk%hUO5$q4^odXJukc_i{QfHWubiif9#eaL~P>|cBK
zY_TUFzWYPAq0-v$EP20LN`kOG)3FHoPZD>kp?ikDrx*iI;0VaA^dD$6m&EplADI~#
z(gvKu>(wGT*&1srXy#jWJ6>-D&IO#&Xs+4v(tBQ#ALTi|M2nxr)G#$!-z^yUFD)QL
zQ`_(=e~MCWdBNK?1-~DeQ*neiToHgT40p|3b2Oc`&c7@ohmfpPJc4v0|0i3AKNS-6
z89O5S{`q91XpO>eLA@|If_8*T;+5Z+zkSW!xx>ICvUUVDv6{D0S<cxm#(F%JH@->c
zWh&aQN1|3!$!LP1XqOHV&CEQJz|CwF(+zLyiBJsW)+g#j03~f?@Eoxx8?V;FcyM`Y
z-tx-~I|T0Gy(s%yTm+=@g>ngby&Poso*%ywDMbpE)Lav?|7`N(IgPKV);TReV-s4|
zO`fKa!n5d1G<4LoDl*ul*$#>Ck&*SgYXV>T&zYm0F_s_ZVcJXGhR^%l!vQ$MyK+@B
z_PGwrnEALDqL5V#R+l(k3G2xhIO8tyYZ}Ete$;J0MOVV~o!{jk87qAfMG7}T5%mr-
zVAHDT$qO$(0fWGpW9AF<RDYn9!vs-O|CF35B>igVsPTHq4h`VdX1oz<zC8rG+WH=(
zf#I*1b63?^f|G}onT#N?=Eq8zCa(Et_I7W>P`rREJCpz9a`|K>nntYG)S7U^p8(gq
ztu8n<)S|zRd`kL+uWZ3L052@}^_uZ_W!x&+1Tr|onUM&uvl=4~Y*I*2V4u>(Pb0ZG
zrf1+*FL^j4o`xXEiD!3%{=7*{5l$IhPJg}?9+X)Dh9~YJvO7*Je=|9S)pu~e9yUWX
zgar@AbN~GekYjVjJ?f~Rer;7F*Upo*4XcvtE%u69UKzn5>tx>bms(`$0KeLt66mh=
zJOu$Cm9ScVEKaVQ)3OZDY;1RJi&Vu6#^#II<Q4CE7cBQVnZ@IGgpQ6a$bp!$X1a1I
zO|zaWrbObtCGcTw#b##j&BO?8q8~`sQd#fAOt6=Oke_oslw=3LVmQw{Eu0RHPYjl8
zhkv278zMJaQZ>jZlJpCu&6H*9tz0Aw@%24kwH^NjARW}p@9#w1{?XlrmXS?c9N8rI
zx6C8BzOcrswgFgZ|5<tNyJ7NBLEa7+>`lDtZ@?iKjQH?M36eEOsu8_t)?_{l66~2T
z_X)~Vn6IhZwyxVPks$RHBzhCjYdbiLQZ+?=dgq7WGJz(swH0ES${keS>9CS!9f!c(
z!K~j`EM9$rz^`F#>_8<8Koxe}xUIh6T?U7#>S<L{Gnd{j0uON@Tl+#tUB;Eoc?g_M
zE@Di6y>IIV6l><;DPZZ~7zf499JwjG+z0scib_;89W>shLPbWk&TbpvcG8}4nr>Pp
zt%#seS3)#iDB@2T6S-G-O!|aNn9FV-j+Jq}6X|c@GMcZ~4bN-x^Px2lbEqvuLw9yb
zHi4xp1)aSHoX`SVZ+UaiNSY%ke_558=|IyW-l!JohE;mF@tJs`uLfseV}}Xig(eJk
zC5!AwR{IbJTrac&2Vk+_H1uVdT7+9tYBJ^0cB_Sy-4IV{46a3!YfVKic`SM2$lZa~
zbq-ig-L<zwzpoB$kJe(Kxaznv8#Mn9FOqa;-&6R72_Hj&K9j#jmm+(~j{|#(E_G74
zC=KWCOD1E#fa@ewq98&72%osMMs>I{YKN~*&~X;l^vRZ<pE5!k_a(XOhD1d;<TK4Y
ze<OjoRHw{Yh?Cax4WKAK1_$!N35l4E;HYsaSRrp+!MMAgAvJXCJ(um5YpaLnP>F`D
z<?rr42T4CoHGah*8{~AfPHi+Ru%LJzD;H2_ExY2))vNd;iZQvcZ|8tbyHD}@_*uB(
zrzej0kBR3)))SKO{qxg&XI)#bxEYo5gOcfThL3`%x1G?G10VeBIUYJ~1Ei~;Ijc+_
zPx7{nwc6UHBrOW@q)q2@6A?PSva2lPyR<;ZTa_#napA>+1Cf#0WidtXPN=c=0@!2u
zt>%HRy=q+<6}@bmexmV|dM4$ecrOuiGjuPiifg#dW3;qX$FRtBx@D~-YEemY(M1uf
zKD2f5<blIP-g4MTZ|m1SRFe6dzq*JcskCFQXzwa-$q87HEw}^kyDe*lF1lI0o_fX?
z?Js-QB>oXa*kuF*OmbY>xC7m#AhkI?<hUV2%Ip1(SKc$;y7|5;k2h~VkVBq15Rp<!
zaJL|Q(4UxX4>YRGY=io~>jJi%?g`|OoDvgumb%MX!aX~Zw%7NoLm0it3HWE7e!Ezj
zqLmoQ>#m<$ue(|}Mn`+#V~5$)X|cy1vBsA>UCP!`K;7#ojMi3r70mI`$<JkN50DT>
zkz?~*5NGtsR&#vk23EZAALaCnK{x}9LB0${w$e@;*RdbgwbGc9B+*v%gB|ESo38eA
zgdJ`7il}<0k<Q<HP5UuUmxNr9FiM^KtP9eA6VWAR>D*%U7Qz=#v2miO;)1$Fka1x1
zEgt=ebfsTdu}u@T$6)R&weU4v=<u?~q1uhTETS8`(;z%VwoG1a4tDfwae2+!W*JG#
zuo+@;J$nw#^{!>p3GP=v&t6-Ju>G%l0s*3BNQ7ffd_iau?pyGIN9%YzaO$+rn4>W#
z@FB~J({P3yHBN56wtocyXSW#~U%r8J*)&PTz+X9`ll*_+qHX1v_YF4!yyo%388I;e
z&yTzK?w=F+qHx>-90m0c0x05a+-GtDdsYS=9PH^EJl~3|3@PaH=q0Vre_!4>yIB?z
zIz8ODIhmNBD5<iOA6{%C$QQ=RWY3`F?9<bAyAu|j^Y9J8$+DKui)2Q)yH0<QhSbHJ
zCUA^(pK3b9j;FmA4&a=dqd(Y4YPvtGa;lHJs@IMl^&?s3yV;d#{HEkISUlxxmARct
zH9Ef26<b{Ja@t}*<%N9QvO+v_`$Eg)YFXs#2U--InfD@*HmxPv1onDG9;|kDi22hc
z>yc96s7SCTcP?JNcn~9-4Y#;K2c4^>D;*i(=Wq<Ch?b@vo9F<JvnZ|$%<H42{=Ma;
zd}NWau<UGKEAQPEt8Cw~v?(gI3wd4MPSA@6(RdMC^h=D);6bR+&{WFmng8Oj?c0kt
zD{LRq6DI?mUEe@HZj$CAghXZ0$u>>DuNPqxx;O;#)*E}~a@5rwB3w(3rx`xuVeMCQ
zE#dZUXZ&=isBs7g&l)}Dd#e=xMLWPvWS-!+eu8WUW1lhS%xmb|{i}SxDY|XcN2fa0
zI{sgv0>GLI@^oboSQryKj(fgrP-lbe5!H<(3m=7S^bkV|mR>c)a?JZI-68kP!jJqZ
z$a9>VqlMQ9rmL*#(L!LStnggZs~kiUX$?ciWb;g?sM##Js&GQ5`W=i~*H!W@&Sy27
z;<CzrWBOr2eT^(<gJJqDuQCjK2&rD;B>@shj?pbM!pteu;!hX=Ywhh*$LoD({9sG_
zlGlDhgla7)U~qI0K17Fyl-Z!*8H!!t-qlf%=5M;Helnt#^J2~BDFc@9r0arCk9d@8
zYbNFBX!;goo)AqfMt)E1TN4vl{0vhqsIylknHHsaUA?Xg;u4&``;s0Sy}~lG{nb{+
z>6tXqrV;}6XWD_*Wyl)0@tDD%d5j`bLs{l=pWnFS2vb#S>3SQOuXE0cp(MM&KHw~R
z1Rx&f=stV9pj&0(_@x7YW%w;Gfn{jVGrh_{iGO}j+EKvl+O&Ifj0T6a@dO+woQ!eS
zJHFgT$MlJ+g}rj(TT$s3&8R-{F?32Nvjm!{clJdV>=Df^Ew$(cuY?(X<rVprB<kbl
zrY3H2iP#-dll9DXG=B0Qbb1$wujRIu_Z3?tpsS|Lqm1)&vpfk$nEpW8<neJ+IPJQu
zzQTJZkea4&DOZMf-(GhtB_1_1_-uaCQ#}UZ5up$jZ*jyIJyYMqjZg2jO<lm6%)KP-
zERAyF7=0qb45~&~9?<DiaOmS(c?E3Mp@Q;SA4)w%ER?UJ4xlTFTjcQlcs@Hwx^k7x
ztl-C?26n(D(_PU>5WTMd*%=1}M7*8a2Nh`21+p+)#`EIkeDP1<8D>f)V?dl)Bvr*%
zg7LFz>^JQB@ayHJ!UXo^4j;~5kXTB!OTOs^C)0UYg4MveSya7TP-GP1J&Lp6T_a}6
z&sRT$gg-C)nK#a>B8-V;>V9S7Sv!f<=1Yg&^zJYnTbyJ>pS`mj6=6M=U-4XWx!51+
zeA2cT>zKSA&o2ieO#7L7mS(+$DIWEgzct4Mf8G1U^!~;6<wp&P_4g}h<^E~2xGK{R
zK@K%PKrFo2V5`kK!ZnSy{9Yc;ZW7~U(0FSxSCntWp+k=UNtx)`9W*&+*m$VY|C-55
zvB_pUB2J}`v>^R*l)`HS&+G1Hp|JKya$&K#1G{$*8<9kRkWFh#yQz3nf6XMia^rqq
zFGfhFFryInf+?+=r@{qKKr%$pKqx1*$bKR?<*s1F)StF>+IXR9089YX*fhM3p-L;i
zaM^K1#{^V7Xg1!sr!z2*iXki1+3DY+o3Apah~0J?i7duW5Hqh?AS_F-hpaZdc$G5d
zUUcn6&it<JcZRdHaU(|*5C6eo&8sw);0WHSwj;!{;_rHXX}re2c%r9b$v#MZ!p%8i
zX8L`1)HFIS7No%@9a?v+Z`3$T-lT~I;?2XsBM2Q_$a~u~CEHh{1k=$9lY~HTBiDOM
z$)YKqsFppF;wpZPB`L*G>`?EPVfz-K)39$yH#T|sC}jMUnbYbjy$M#v>#W>=GgD=O
zZQn>Io>tiQ`zAlKX>m`DCelm~WvDY|49BfjaM`5c<d?yB@Uhnl`#2&wQ}!=L)?Nf@
z+qY0Aow!)c!ooODnJFZAcC_nVBr#(5Q_X2W*}g9)gR;adctqXWEX-P&>dJ_RQ@6cZ
zt5xT8hKM1LQ13ogQK6U31-Xnd8~Ez=fZT34Dpv>Hjvx2z!Ofq+VmFh65B!Ve(96vd
zcP<mdLB1`H&XERf*@pGQU=5MS)TKI@y&?qKw%BRaD10Nzj*$xL?Am2m`lyGG(7)e^
zY?|T6!F(F@-s&x{QP(L<`y}Olz))8iCN-#hM@^XKFRS&C-itN<WL}P}9DyS3r{r8V
zh`X=iS;Q%}=QC2qZ<^~C;v9c<gM9nIvW{M0pUeJkx*#JIx0f|mD1Uc>iR<&JDpX@B
zE2mE~Mh0GU>9~~%0mX;UvC<AZV+^_dKveve6yz8Si0OA0j9q~NfU?@p<xYeQ#5tM`
zP#6moM&V*6EQW3q8j6nz3AT0o;_q8oGWP~^oy9qC!R6Hhe;zmK*+N@laOE1VMZXyC
z#(G;22?X-A8u|mhRx*O@vr?fjAvOdWAWr(4O+6%jZF%Z;u@)vE<3@r$^u4TmwIo;$
z>)0A!F(Vx5>_bSVA@El7nmMieou<~3!hTc?dl|?^{_iPw#Rik-plYC>gk~~cC6Nf2
zzRdbnFJs<T!p)pZ@Ksh8MPpJ{sK6EhgcN?!szGhVbA5$;`k}5Z7R@pC4!?!DPFS<K
zD!~fZbyhSAD{Q>!i(fx|Q80k8B>z21Nyj=(8m(V*+g+;V^}UCOPF09Cq~_#t`PZLx
z5hK6b&q|FbF$R~P=4j!sM%dQiS2)uT^9DTc(QtL~W;)ld-8$}(aW%vS#5>KYUa=ZQ
zqCcH<eyOvUPOk7iEVK>y@aINzTGD>uj_Z2a#Hz(28_cgU2k$K$>cu*4aRZYs9o=yJ
zx!k`{Nw)=HIxB||j#4_BRu4#q0|e-dx!f1_tJlE;heBd3Q%=>6Cf?N#zxdYJBT%wz
zl-c=O@9Pa$>i6jlxl|0;2eW=?S%sPPFS+1+M8Fa>QJLF9J#Fck>;GzS(Do7DSED^O
zXMMadUk6u^3;AQS?u>iOd5UGl%Sw@@$w(Ay)>=u|{z^+lhvFD|W0PO|b}nmH?bynJ
zA{Fi*+F!ynE2Ri&j50*p+@cA4VoVpjapu{^$lq`RM~{osqhy`jrniyHlSY+bPs<1O
zSfd$7HRTt19#7`$mmH0=S+xBl^$n?jAGLG$6%eS+3h%MX+P>Yq#nN5Jfy68tP3ol8
z;y2k`tXxWQ2Od<6&eC=NLis-nqMw4xPBPKhmK`5?=rg_6v|Ao_Q>Y>Hq2f?(Sn#2m
zG9QltYM3@>!udOXBw0r<V<o<?21kBu>IHoCzFt3mMjEhrGgW1Ke|<Akl-Lar(Ds-o
z_W+A)>&sReY<}#v#W#PP`Ne()e;U61CXq1B+##wV$Pv%}O-0+y4S&<u=8t+~Zi1S)
zMdttdnQ{U%Bv5=xzruRl37ZmWL|x{r%?NRl6>?_q%<loH-km5#PB9ua^z&{KI!8IF
z^S8=`H_$)<`W}ia2G94iUr$usjLy<FbYITD(sh`f&YL}{Tl2mB84lOP-$DN(HmTSS
z7TyVxcD<(L2sBU+h>sz6<Q65|@DPN*V93g=-E1{3s8QfZrG2nx{V=r<I=&VZ3HZ*0
z!S%<%Pce+6DOg#XB-6ZxkQlCIIc@tVB+Uw-_yg^VhLzJ}nc)S(c<WeGgzY51dh$Pr
zYGF{2n(W6fyXH7YryuCJL1#7EwMhfX<H~m&j%RDX8k?T#hn(OO#g6(fEKbf)qsu~1
zdd1#VZ~+CK0v*!|afKeHBiMiSf3IU*8e_ZQF>>_qIx*QxWp~NiRa}47=+69(yxt^A
zH2*|L;=1l9a5lv!oUf{v9CaASXK^1(QF;0HW)v5}0;lN#DB6b$Dte9ue9v$f-tz9m
z9{jrKz&`)R_hX-f_KsCgxEruyw9xsWK_)<d{HmK2A5t+GKK3Vx;N9bbj_QI3sfrH&
zY5F&X8$SsUh?g4OY@Bfb`&VZ5f<S9>#OLB}YX1EYQ0fDnzL*vw_*qt~shsk_8eG0d
zGiVCsFBSxD#wfvRhl2-)=oB)ltwqHS(sl`eUB%N?7O{iLbnDl~8pb(WQ#P_R1KLY(
zJ*4(hlY`t`w%qBV_!1iF*nzb%H3^%#D)!uDjCyrQm(sVvn1w}gLZYhpi9!5h_Jn3{
z53p;dfCz<V5@`iu5&ry)Rd1-rXsWf!QisR-KR7YGT7!cxV9dWdU=eFGEb((lOmLl^
zo?foaaf83H_eIb^@AA&o!3ycBKWy!mH5Bk&lJXJ2sDK1YTdjycw!bn@wXkNm-peXU
z6!YyvnJVr`Xl5G>I~f&(_s5_DlSADc+Qwg`0S0N@HIb2#Q&l;_F<hdk+CKHBv)a54
z7vr#L+`C&<j&-TykqO$&uYK65_T&6^A-v%G06fxV<a!!L%w|9cZ9|f$^&xc$8*W8x
z6GFiIP;1F7%+|ccWu%hIV*+gR?X!yolp;LLH@yEHil+92NP?XT#)q6zieKz3g5vch
zf&iwtU&*@yFp2~30%*U(CaosF;i_>;6w~rUaR0}lwq$y5#NclDwKvVVyzdPNhMC~!
zue-+Nty6e1`h8^BOoB%iN^G_4SD(uAfakHl#l|BpUSakrVC`z6f}Jf8LJ8@AQx=cj
zE3`39%MdEVPMNOsM=83i&etTNp?iA%HD_pY0kMpfQ!~K?%Qu-I@HT;W3zt=?zm-76
zgbmGHx@9iAh#+r#vgj<Sut+lo#V_v)IBG~%N0NRQMfHI<Nnl^~(1xyFbPmNusy)K&
z7U8-VDc7$U0!8NjH>XJy*o0hZBIDyLwGK?(5QH0y$XYMtbC~yKa=U%_!9th{D7weR
z+@tVbHTqUB1s9D7<=ihp4=)vpptqm|BN~s3iQ`7{&yjeL%uRmrX<4L!2A`t=4kBja
zK2Us4ZvU+i?N6K}E#h+$wwoX)PKToC+b2*(tsnRCmZwj?ckT5J;*Maf)`!ZVwgFC8
zT8XUltMU}k(5UkvlW^>$#_H|7x$lqLde+U8U7e?)>3KGn;ka{t`<RK%qt(}LQ$}x6
z0YUjlh|X3Bq3zgU^N}yAb2Boq@ehYA*4I%PAu?=YCxwcB+GOD9`m|F=Bm&ek2YRU9
zf5E}qm-Y%@wQ0L<d2vNXwdJAJXusz0$6tFgvh*)HwkXiQ&BjL6t;`O%9r&^OFq14l
zGoG4ZxhA^9CaUj>%RMM^w!$;2BLxD_0M}zEr10pnR}EEd@iFZD(&8b|GUEgl#$P)3
z0@EpERKRvg2fsk82wHRwWyBaHK3s?hzLbug@n369A84>5{jC@miv_pFcgZyWam*1b
zrx|gP|3Cww_rwm~DUR&<YnnBKPC}t4KUx_7XH(<`YFzvGM+|bE+X9Sx9+>68x$nd}
z%C0#f60l`m!gI?k38i%%!>=Q!#*u(Q4iy-ZI>PkMHCFnG)1u^c8Adq!^KW`dt~`;V
z+H6VE(Tl<tfm*K`4AaYk*#4f1oky*k^m~f(xau|bt#VP))-y9n&={abW>+K$s04$m
zZ@2RU^{(EK{-y#V{IGk<!|VZpZMim<K#bU%*#D6?EgXJl#~N(66|<$7!RH8_;~)ep
zGiGg3xiQKGRc*Txy~)N7gUCPWVf@$@(+JTcRO;y7d74O1i~vK*3VaG6iHx25sZ%><
zrJv!lT`Sw4_{fcLRn%Why=1>E)SxYu$Dm=)(v$`#f8+0i_gM|w#`NKThls;0-dR9c
z{R`{3fs@`wrQn&KKl9t-#mIjlmypxXH%6Uz%EaUW)OtU@O#ClGrIduZyhP|BejH_I
zpg=zqsiZ;*zb8G==1?})yn{d|_xk#ffRjJe4C$etJVC&_Blk<!?JRhp5bCO&bC-}r
zLnzFcRzy_SO$Y3qA=)BHB~xEve+HOhRDD?s7|D&)qIygeXw{-=xjWV^m>1m}??#b=
zy{%vt`ntpmMwothWAjo0CYPbUR+$5^Ri0Iaz4PZP3uZ-QkHQG!^?>W@cZd){k32qv
z5<Ab1k7AvL25JzZH`)f;vim+#y1wPi8O9oeiy-9z(?e5x>G%Z=d_`Uu0dJtV0mZdp
zk$Ja8mIUEJo{$-B3z2}4FWoA1QOFAX5+KlNT}LFj-CHD}1oJEU&jNP|^Jxp!0aLw7
zPlvvys{Fr%kb$pq)rAo?O<dHUSzY>Zq5(0-x0ni{fSEZ}uVfL?smm+O_yAZg8v;Q&
zGao~A#UU6Wlnz&XhoaT22=U-E{3Mk3i-I)LmOtg6eC{AVAQ3ZV+u?=IL5VF$HJtsw
zb#MTiR~%Qj-&N-dmS(rvqBU}BgyZJ!EY&(3a5H#B1B#r3E;4s2(kdH9AKQ_C8nSwQ
zzaTb83Wpo{(LAe*dm4aAnH~+yfUHF&boOFy@#tu<s}~KN5sy(TDc>@vzs`0*7ZJ7m
zCF2id*d43SV3pkOI>||_V$B>$Zok@(K<Zr>VbQ1_Tx1#WE)NmW?%#gyc}prX(gbGd
zC}bE;rUX~;o}uI^vY1;M?&0;f9L?cD^_PDI7k=({N5r2+RR7oY`Z<#y@abX>u(uZl
zGvM@kp(AKQ3;x0K`LW7ir|%xPUugZ7RT18~C!b9&jI+5kTz^tU$I*;)G(|va&h-SB
z#Q~%bJcs{yz?-6YgUQh111b2g@X*`UZiz64$w2W=8thp0L+8ksUs;aFZM}|69?+XY
zIlHS`-9jq=+Af-PTD!kM&E+fu*{y&rJ#@x8`AYKcsNPaL8epmg(P%MlfHy)o1fRx(
zbJZ}fi+gi`60FLwOL|b#e&cE^E@aZG>l-bcqw!m(#5tsuwU9fF2AWAQfJdo2m5)&;
z@X{a{kbqWd(vx=@my8B3FLQxnd0S3|;hAfOfIYa{>1G>>2H0Gh;VCmVjj*}1>S^@j
zQ%!wDU@$w}ZQjwv4AFydtQOu?w2Agxlg!6CW&RWGf@FfpqY;#g(7@#XL9cnbC>fxF
zC=xkEssk2IWk!U;^HvR05ByM*Z-Z=ArK#gPzg5lpk5R<GMBqNkM5^l(=cArw!4a$4
zKRIzzi9h)vxk2Kv?AC#<?;$bJZFGI5U_(HQ9;&}QlYTFraNufzK+rau8C`@;<Y$9S
zQcE7I9z^SLrV*}+`NBXA$tD(eS`PNmeCf3I%F&tOLe$7D>|-L59N$6)z&2^+cugnl
znrPGC+m!gtTJ8%mm}7N_Rq+AYZwXy`Td4(3zINOt6UlrlU(d8#Uj%M#&%6e=hHm3!
zou6L5Q~uvNk)(2fWU<=V5_Z?$7w0=KvSmUXtIuerIX!#n5w`7kmI~;haOOxNT*yO5
zD8@YHPa`iwaX&mAd#>XpC73Xe_y#IhpnqjU`fn9mP6e3f5^FNSJAYMQ7B-p<JS4dc
z@HjFp_J_cFr4qKcS{smd(iOBdcXXBM*SAiRN-*PsW07v1`X!0Vp3Bociht22!P={E
zn-t3|-ZX%?r4p>fc#xtMtFfdi?#xzs8z(d-p`~K>-9H!;ep*Xq8$OAEngss8Zr4xU
zKG{sw=k34v(z9<0$p`ReLzw;5HoTwtR^k<Xy};e4`I`2I_sDSb7_lNZux}gntnx#Z
zA5?C6M#p*u8vhyh56FzrGY-9*CuoiI4fS34;(KlK3<A%Z#j%hzx>XDhD#7R%el~xZ
znHh6fTJOEjXT;C_kt2k1Eibmpb3R(EX<tk0ZUB#aBN``}7s_AI)aZuWj?ou>cp_Lh
zU9%^)JZupy=Bn)Yi)n{=6{5vE)m~3R%P~*hQR?~^A1EH%b+Zz(BwyVGozhHyOj2A%
ztZznXh77-qPF3w%!X>tXgc{MbGIL141Y5)Ay~Kk70*b12RfzBK1KT?MXQwL3aZvxH
z<ptypz33-LaxIVdZCF#n2OEVhk{X5DF+~YEzPHg&a|&W+C)+VHeT4+-u^vr*Yp95y
zJKk)+-0(KQd){0ukC{~ziQe&xUk1Ec$iw1Fy2SA(->H$NzML)RW}Sp0KRl|sU@!Z1
z!`)jvZyqvnG(W-91Sil;ixRtpqs%OcbLt1$<STxy?sw%aqR-Xl0hOIUcnO4DtnI%X
z1!VaO#cjWa{?ww3bf%Otl3>XCHc|AMHv-T}oC-+znkdkP!ISkomM6T{e^XEI<axrl
zT5u8YO=Ipqxh89rU27_rGHhNh6JF?`Z7bnXtYL^L_3K2LgjYJYY-ujzD{#>E&60K-
z;F;!1l5UIgkpVCno?m3Z^9xF6{str5RhOYVWul7}BN6v&OZyd`BO%k|_EGuku>uHG
zNbDb!`f5^OQ+xp%w011WQe`rw{L+)6+mQlZ&(b**4Izk&aiG}wm|_W2o1PjgQDB5S
zS+u}zMUB@YEAc?lv;3s-RjE&4{<nNNajNYBgQ{!=hTn3f-3o+56KJj6Klg@|-bC?f
zKCN&)xbca8j+>nK7WWW85MSAL;0_T`Djx}S4tvABmJBq`rQ`_!6rdjSHly6pz}3K}
z4>jbzdGlrQ$m>Z+EJ^MZ#c~OPNMwrO5xfPJU$7oQ9EMM=rvF8|OK~pA(w<k=8)i=k
zJl72K3L1W_bgDYgO9xae8M%f$KZ53W(8l3~`$Bm3NSljrj>EMs%c4w-wDM?!VXG|T
zH(SBa9{Cd4P|U_naHz&*$baJr1hSL>%t@nrGP=HJ#fQ9|*#O%qRlY)gfm^jfm*7Re
z1@9s8qs7{zKpFU6h8WJb4{^ie%}N4_W#}ySh;3ph!Q|eS7%lDG$P8W7oF&lry)BD?
z(J1u3Be8kew6UAlc>i)Bg0_-AT1qz-kMy3#mZ+wmN#_>^Cs>~9Ai5ZhKPcc0>A7%m
z@9Xjg=af0=p#MPCR4f=(oKE|mnHoXp+qRIx?S6H(w7?h0z{T5tF+;*n+&H$8TI1SZ
zIX9oq${*P>tl0<Xo4+HL=hqN^!*lmm-}&>qx7zmjt}Z6Wx?7=CMEIdDAGx%)F#s}|
zII_7vn^70>gz=*{0R8M>s>uE*$@(;|ca<;62SnslD2G1c5p=LBx<76I1x15v&4V0;
zm;~+P+=b2XPYy===SAGDD(4aB8o?+}SEmyJ5#>s}#;`|%eD3$!7=4FCqS}{E=P2A;
zYXR-;8fkOudVzwhhYY7BRqtc6{QCFKu6sn198QuCS4sPRll_ij`NWw&SbUS_EmFq2
z#1&N$BmSPE;xGWFQ+`83Ze4$mihoW>7}z|(?C6~|pWpq8O~QV2UU!O&o#(QMD1Pg4
z)ge#?LkPdMW+AI`Z`q)+NZXOkI8UMBN$qJClpYA6oorYI0MC(ZH~&QDHT5=Q;UtOC
zo|$r1jMl^T1gWZ_i8E&%c%0j!yOk?c1g|x)fyD|7b6Gc>=h4_xEH>)zci45AaKS^N
zfMBUV!?FCIZ9}@5(*QMP=%_uB7p9E8v8-B%_dXcs`g+wXugh3250u0d22Ej^2ZDgs
zgpiWa+UPk*HU~UphspO4FSZr~)G!9oXAsN%VjY9075pd8YUtC&hWt9QDAe($d~zw4
zJ49GlwO%yjglDd7@Y5_MzQ(f@P_WpJD%9<HQEZaLJ^+0Q2jc_WL65%xyT1l5GKo0K
zO@*8WYEmbIQwyGYu*1@i!_pjki@&bD<EXn7InkNpezjIgU&M=fLM1B>doo)yGV%)V
z0>nP!j`5$IB)M|;bkTk9?PAphkq4}TFci-4<Rc_r3en*XPJXOa|C}^DE2A#Q#QcQS
z*BQ~z-)HfY<Kj{0NBVG@`%mHa-I0+`qINLwTxh6rY?%48d4B4v7)*wbT<)cb%BB9<
z8zbVszPzb*W?)4*r}h2mUy8qZJu^BTS7%To<zH}SvF>w3dyQ0iM(vTJoGi9-@kfJ$
zgA2!?eSSjI>s`C-IyX@F>^5hujwG~C?EY-s-rx7-CoxU|lI_ifk;n5NoM{n!uOba7
z8j_MNwR~?CFSTtj*5226+l*f>V_zSeK%RIuT(-w5d^DKmxQm&CC2XEuwl3jQVrD!t
zE=%^8IxAU)=vw<zv@Y3ro})@Pmv|@+*4G0M{JH({D_9=_OR7sZGxHbA`mMNsYF%p?
z<s75UML0=%$d>vFzH?v7Pi3OsFum#uQo42^iX`@dy*uc}4;=bzl38`!)%C4=4c~`<
zAJy|(`B!zSi>%rs`SOTrO4|2qp`W+4xuwV~ut{0?h{b)6=<1eHk6Xoqm|@Ux%5zE~
zC3&<r!*jfE+6QcRjNHW`%cmE6b?nZR;;IiCo32l)h%NdH+{-M7(<ks0$I0gd8Kh_W
zfaFY|yoEZjpYTUOCjZ5F{U!gf==*19)n0@W)F)41ecOXh{TOdD;e9THl%nX*;s!u1
z@d(;2R$|7BJouQwD?ypB*T!Vi-xh8-H;9_d=Dwe^FECrNW8|tVIgHrdVrbuIU$t?b
zAYJxUy`<WG=C4i}LptGEVsYplTzejT`F#%;t_N?b%zLuvh%*i!eSW1ZE)-8j>ar7w
ztg%1O{t5|0Hnhs2TxJT~I7~F3wElB6Tm#DnABlxu1iqMOcNQ6UsH-MaG*U@ggZz6l
ze2)AGrUio4RQRwivc!yOb@%|pa9sG<L324LjlYtkffJd)VyVB&Q}VzEuadwCIt4#&
z(|b(A=OLQGDMNpg{O`G_G$5M4<<XUGHS1b6Ig+o{SLxM4#?rN-zy23hu}sC5x2?A>
z+x?ylWp8)6+sVXsB1M|%Q)Z)Qm6ELJiDLt^=j2tS0Z_yL96x%0`0(5p0aUkJhgk&k
z<6$q)ZyZZKaG8sia*m~v))mqF4wKaRrPUvN=5Rl!TFS~#&zgF$dq`!DB2JZ@B=YV3
zI$V^nW%bFp@4I)_wk8r_x)(m#7cPV^F46o>ZQuQ+4Dy@w+Rg`0lS5DoxyMp(H7x5m
zxL!^56AA@9I`|jdI;_01jcA8wTv<!bnpy;X&*6rDlp?lDi*hw6qI5WEm1fL-G$^Ab
z(7(Du;gzt%B_|6_&Xv$aFbYOOLPV2O3nd1t$+aSxpC*Qrw9*;n)AymqOb}CLHMG0y
z)LD(03PJ@7D%V1$Ml*k0f14HLxX*C^BY;zg?lIR_>vfUkWej!OED#3{Z_Q=eraNSe
zzQ;Ad3h@Cd5!!Zmk52zAh0kHm*Nh~~U6j2BFwGP`Jkx&B+nMn5o%?F;_)(YZ;LW)-
zZBv<x6XNGbx7o2TFMr>DJVUcu8kw_NPCFa?x~1X83cfU5Fm`nt(gq^4#2LGvR&hgF
z)`Y6;cQrK$q}5+ZW2qe#_`*JyX{-V^QqI<sioZHK$A~D9<SIlQMI==oH^&b)-3*EY
znUBtMIHA(N|E}rWSq4k3;_qd4ob-sH%v=i}ZlX$^Gi@Y3x{BdeZXreV$$yaLVdMC<
z7s~<l_f(0LP5*qpi{sQI#&x63gwP*MPLBV(!#L6^nEa_El}mk`Zs4GdivxXA4$3WS
z6}d4%&LLO{xE(ab<&3P|3zJ~WT_aZaxiO?c)Qqc!=JVIsoK**Kt+(FXTA9e~4@ZxE
zztVpV_1IL)%RMZ$No{_8?U85jvlTu-ne(XxSmyr@CtkyFh#W$KZ>>&5G9_Q$vF<2z
zw;;aAP{*^v(|gzuTghYri#-|AwNDw7F6L3ywWH+gbEFB3MKz*gW2mz~a_5fPGVNX$
z>Y@}l@xCkHu-)&u$Z!x-PSKsQqJeZB=|xIW<j)Sj>6#Vacc~BHo&NeX$g~VISwg*@
zc#(D}k&LiX-(l>+?^t2D0QXu&<MYmFMC(l8JhR*xTjD5J7YotOKkvAGJgFEY>189=
z8Kb=&sfvxIXbIhb-`N>Hww^H39~I&e&QPf7AeILfLt{;{4Q*4dt}T8vk*N8EU_5oK
z4D_TV^UvCCo?{IF3>WTOJ=P-6bQ@FjC%TqfvIx@2cN^5efv?(J(!=tknhhwFExob{
zHRHXd)d?(H)e$xCf4_hfrE8kNY)a>pgv8iXC+?=spmynwsdx?&%v_&hfq5wl_zeME
z^%21+kntvApGt!|(#CZk+SG)o9qM~&6Jo)!wRcs>LhlC^Xx<AGCAc~jPRa1|92E2+
zASrT>I4H=f%Qnkf4@6{5n7-t|8*iBYtO=1wLZqg&&!0_dLqyN6$^Fp)AvJOf1;rvr
z((;qWXbvE6w|$5}yEFJYo$|z3CIIQi<1lgQ1dp(OO<_c_+A{c4D6rV%hlm+&ZvCI_
zZhjx^*=S8hH&g8;W_78I$M;6TEto}4(}pX2A1M#CA?_HcQ6~RE8-`LsNt)|;lKHSq
z3aPtoTWQ?LyLVFg{>x-1Yuh^PtAFljQ_<!SdGZ9pp8&}p=~(NOgiRi0UM?vOve#?P
zJ)q#YbNx6Ktku@}%k8fsHF;hI4W1vEQpMPvZ#UtzKzGBT(4MKm8Suu}sj|G$`|7fz
zT*9kO%g0ly>5*1nL>^mG;Uu4@_q%iz%AXbh;(SCmvY*J^XZ>HOyb&A_+LlxeNPa%o
z)VD>Z(ZrO}U3frc-K*I#5^Xvxr-;!Wp=r)dG!RLfJ<P=HaAXQD$j!rn%%WOyYfux%
z-$(YmYrZ2b>nh=p=0OD=C=n2OEO@@W9TN2#4LzWX60h?R*>-EDt8y?jIyOmU`{f5t
zamEhzX>?E`j$yZmS{@?W3AoDJ_8f`1&|?f2A{=z5(qC5Wdhx|VE#fypF`3kNqJITS
z{NDmaMq&J2@F?N{Tg@+GC+gm$1{q!o`A?bGqkmy@+ISFsbPHfZ+|C^6{<zU?6LgT-
zL3FpA{u5{90`=fj|1o;-;f+v)P3{54f*jI|t?H#o4&zY7m1K7m8|9yE1RwUEmX0^W
zIiT#O@9r6qs$7ouHOo7Z<7CYU-lKqY(O!7Dv!P2aq%*rNP%H2C{B{>0g)M0y$#O(9
zJ6p)e{3Dgu`^@-~f|W|9xhbvbh}&V^i-^BE;RC8`N#00qPzrdx6;a(7mz#c-<&52x
zotrK4Y0%8Xk7;SF!a=#WS87C=QW%+|c(YZ~Q#3MK>LXg{uVC%Z|0f{~&SQ;Z*q;^n
z+rX;#nJr-^QXd_6(58Y|@oyZTJKafhIaPybC8dWIf0K4RkdPd_N0F?6fdtDCS>5n&
z^Umu$I;~i0)er?uVC!aPm|&!>Ps=h-T<<^nk)yz5PYFJALWK<KGOR)nsT+;O_1`1u
zC~uAL%oleMMug|*=6N;YhKPO+D@Z{94$B0lrS`9=cRC0nZ(@xz)=O}AsH^|5;K(IF
z7=+|lQfBeeU5twJ%Z3y1nEM$wj#M~IEW3Aq_gZgddkaZe2z&j~O_aXJTJ`5o_7T5|
zHc4%Df?r}WWVw3(#3BnNlmV47rMN$JCV2z);%fj?rY9O!XmOSyx|sYZ1_#uZC39s|
zdUQF>A=>|z*n4-m-UfFqEk&tfB01xt^_+k-w|>Qpf-(VErrPND&Q=T)oIK!)QX=qR
z_oQpt>7cjQyrU;~PI!X?!mGBDvEYc-xxWaQ4B+=?LwqSMr9M7>6mt9X+vJKJm-Igh
z&jrCpd^7cl_E!xG=vz!D0@#bi{`=)N)oUo2Evi!?q`yGS=lZ1ma+~_D(xT0By9aZK
zDm~jFL4ShgHlawy%>)*T5Cm46TXI_~B6n|08(Xp+ptT^jXnVVwR}K$(?GpbL@-zmc
z)W~BCun@T!egZoA$Em6%ZH!8Q>Cv){8!jVpI}$efGj=rZ7qP=l*i;FzLan=k%K4*p
z5PKeTF(ssgvk^#N^#{}I)eKti^piuF5Y$Z`;7>*5Kd5g%FyTw4a91iN=%ydcQ9#I^
zXy1zwD~o&}95OQjW%IUtYQH#V4ep2C=zSI+NdBJ0D!}*CJ`b`A_~E%2OoMnSW2#O&
z4Pc7Qj~23n*-@<^7HWRtAk8(OGx9yMOu_n6GN=tJvxnXE-*gw>mYQ|opY3{0QO-Ha
zXZ=tKQk37o|MA7xeF6*29G^!dgba#QeY&0!KTf#dfTm@93Bl2~<o^1)4=~u1Dt-IG
z?=?AJS<E1yLiV}kYZJoDNOcF;>3Y*hPWxN<hb#vD?YE5z<d9Nm2ZE2=aqh`f7hnV5
zEsCoO4r!v9|7&?E=O`e06nM-TT0`L54R#Jf?5sUCH3?;xIJC3v@(hr(<6Tgm&CVnL
zE%=HLdiJeD9_|X)07dXuBw}%0A59Lwbx@<fROXaHe2E_tckk==9(#!d6P(0!aoKaq
zNW>OJtqe*_(dHXBJ@7;1Zq#2dbV$=*c;yJw5pM<3*n63Py3DY^5gPEwP!{^%I4iig
zBS;5v`WJa_jR+FZ*VUzApgR!M^}-&t$z5tnA|N!K0U;T6-P?|Ygjox7+B*PcAP^K>
z1r6ONg{-Cr-Yn44(3j{zK5-O3NP_19D^Z0YGc2`~*HBIlC%$JJhR>1dT%2E>$eobx
zBuF3$MP~S%4oBoA>bi(8se)lAehZx6YPBW-^2i;-p2j!l1=$8)f%zi`AE>0&KilP@
zl>C_xfhzEPhmT>tKuS0J)&7Sft}|OX8<g`J`i_yqG}zRJ{)A&*IM9=tXnH~UfqvQy
zH{+Dw(r5L|?;EF+v7J)&Y8N2kwNLb)TT;lBBZsRetMSq)flEmnkh6QEJI!~}X@Wwj
zgbVOI8&4dytJ=b(+HgC_gx9Ig5{yB8&)6Db4a-MxGfpF6gn6IYVO!{M9};a9q9OjH
z1u|U(#|`G3PzF6of1FLBe_TrvCsadx@C~k(AHqyD7u0CS_<3W6x8ScX;QyB{e2TJ!
z$$T|@8djTVCKKZPSzmv75vA7Kk><6W!B2}g?Xry`>Hk{?!e^98;*j@EwQ@bMXzk``
zDDQ66S?|6ANGJW3%<ZJTb(K}V;_)(jjdk>3RnZ;5-XJW7NZ{bczP(MHcZV(o-(<RY
z)$TIX>+Czvh0mcC`mNB~g`C@k%3%>h12byM`@sYnesqP!pw8q^sJ2F6YnU4JSpPGL
z8x~`}u{)&OO+AZLZ`Sz(FtL}B7rMfxd`Ul3Ljpnne*OB`zsD>49}TmG6(S6+p+9R<
zd?7AT$+znxg(P@uE(e&vHSM!2+?V`=y6rTco^iXSQEYlx@9!fq)lgqt|EegzKIa<w
z&F5|u)<RxSv1IcG=WBG!C;L$2>^RZXJ$Z7@;u(UGHN#C){S{XlQBPu2Y+V|6$AF@t
zN9Rt$5S!F5+_IGWPQfa7+sNO2@fm*W*=@p)Ru~*t-}ljARmOcoL>gAP2Y4T+BAhd#
z7)ubuC^fkVx9xvm!%)w<sF23aT;{sX4H@Vr31!<S!tB(+LPCyI;nSCbN5A2LcGWQI
zF@oKYcvg32eOkC#!=V-<AL44MoGAKCeWu(~&zly@9c%vKqW|@H&!6MoPy7hW*?YI7
z_D4ovK(H$YQjXKydpc|I{<6M$iOia>(J{9@q`%iaeD|oJ%Bank^3V6y(=SDoB%Oja
z{xtme3PW?t8)?Oc7#A&0#VcY}o1zw|FGBh8fUe%jVg%T?qYQOUf!D__rjK`TrXPQ|
z`r4`veo9@^CF<#HuCuQp>nqleuW~sGP|P$1W+UL*aRbB_omMaEO`LNFY|NyH@Ek_I
zS4K@NCWQd;{%S!aV=0N=zZkqq4pXLA+0kfJvKGVE0NdU--Rh}11TG#|j?hUFr-2UX
zvyDj=q4dZ>K2(m^V_E^0%sDv!=)%4f!TfOOMYEjv&AfA(W3&YRHxYAU7aHHmKO3*_
z?xVP<4%_Is=HS9&-1=`HL}$x}CvG_Od9%;r<mH=mp~M(`j3xa2<&Y5>W!wEvKNJ;4
z)Wu2zG=?%WR_VM<=vU{&#ZDxpX%aYzCH&1LdenI}14HxBKtZz;7?J0TLb!(FE1~B!
z7L#Q7NyPE^Z{&&PUCe3JzmUA}_=JbgEH5na$MPPYMg1aV2^PC3WoLh5C7Qz^eH)e~
zBvlGQF95WLPoO1pkn~>W%Y5pj8?ZM6_h5zFyWpE~k&VcxzXlO$)7*8LM>^h&EnoXb
z@n;T?eeV#{7{>Zk4a|RQBy&i4IqbxF5I6I2cg^=r=HqGwq}OFW&;u}{ruW@+1SMS0
zo7A=SPTzs1{MXRbubE+Us@peb^3VJ2)nH%i$67>_kCQ`K=Dg79q2chB2xGtj;gi#5
z>96hy>b^boz$M^oN!wo^ImjV)zbt!3H=8qNyO-83c7@I+IsMv<-&r&nXJ#A&Ml}BO
zV;O0<-G63PPyzL}_`{>E^8od~+^{j~PLm7&?|%%K{}zG=e>nxo>`|XwGJ!Sp=DP<O
zB;5fC;L`V9w-}f|2w$spX2$=ozLfgEY)SyI9_?PIf++O~{wB^(e!c^4DE9*B|1V#{
zs-44R021Pu$QjVwK!(dT0<s7N`a1pY2w$2GlCi(k#I?uWRAa!oV8r#|tIxPlIM?t%
zGdloAjZpHJtQbz*OhOC$hl?0ar_AyH#V>zbt{FLze+*)bBr-*z=`fs>TaF(xX>p=1
zCy9)I^m9=mbmw@#umHf7htCKa1?3((z=@9Go3TPtgOfB%;lU}MxeyrPlA!s^T}=x7
z4Bt0=+8tm#8ZZPWX_kYFz(xjO2`6cO3FofnriInQNtzSkl-TLG(El5^6%k<|9*cAJ
zs5G3rBZAKSyRPvGj<~aRM~VwQXw{EbOYHv;X#ZUVrSh#i*Uoz(`|B~idje>~fBt=Z
z_iTOVhOGUqhc8<0;=dcR89@AfJcdznhiFs53bXrnk-5~Ur(#H8+xfrSf2?-CE>o9Q
zC;7;3)@kZO(MQuK5g`pFK_IJcObVZm8i0ANi-g-A9v*2dgs+Q$W`X458maZzXw+i9
ziI^j3zSd{LM?s@ZbNYUOm)ig~5QNMOQA!yB1Pi6;Kn6-lI>1WcLXM9|Y=XdS!m+?S
zaEao%0f>>nST(?WIQ2JF0((6ekWUTwknkgr8vq)Bq1-(v;py<Lq6xq-5W+vgz1$}N
z0)!gXMI0~zhPz7m0sU|IF)TCNF+OMMp8E>tg5P5|D?7h~*>f6=`aSUe$AYl(xo<u0
z$N!x0xi*}I9q%!|oo#kvxT|aXKYIJlaJas%?=v%c)aae)1VKoGFiN6CZ;28jM2!-?
z&kzYhj1okh5k!lK5)wU8gCKhEq7yah%yY*7{&2tdhv)t9UiZ7N^T9ZKukzb#@4ePO
z=j=6H|N1M3*Hq@vm%En;`=&u>0pSND!LWkna-j*>FdAiJ)zEI-MpYZA2HEF5sqm<-
z<@CIrPS}^T(%jA{ZWH?gx?-hz#w51By+6BAJm3Op5dvZ117UHX&NB_l7=3+@omeku
z`sn25iH9km9pbuim$R*u5>fX_57<;~IdRtrES4Bk{JRzk%!gA@dy{e@aT}Q<y;@3i
zO}NNr2U8wrZ-(PIx93CV)O>!wocDL(`vv;%_{N2~_1^{d-Fp`v$uOrOFGO=?>_PZL
z@${RXJ?wvLMrxd7TzhmkriJW(e-vo!?q=o=dqa(pSQR$TZZoZ*yG|ZLeyPvuCE?1<
zyL4OwQ13>eu0)`IRNcYMm0cHkk;sK6HyrS`mQoirF47I=@{;E$g<2KTphgIIXK5xE
zMF%MyUVc1uS-R1xv*T2m_fcb2$;EgojXT)k<_Gd!dl5Lgsjtg8)j})<r}TsMv`L1D
z&_N!~J^GU&Q-C8j;=qRi|4J8;x}d-nIG9~SnLvme{*;K9)JgdEhNiHs5=*2_F`eY8
zWDq@O`fl1j{gA^t;o1t*Ai;}4QwmEW1(TQeO8h@sM<-?}wCmVp@18Zqn;^d=6V+Gr
zbXQxs<Yxah7>a2qaQGI*d^%oR3e!6YcYO39mb)<LRZ}%3wHUk$u*~PSrni@;kSu7*
zdvYccZQ%rqoYowtd)}Qtj5J!*Ktvi%$3kP6`O|&W<Y6bDql6!+hOu~Mo5<KTaO(5=
z4p-knUWv?rT<(k_i31aaP%9}DkmQAC9k8@|xl(i}EnPb(21HwQ_p~0A6)+XPjebzR
ze=nd-^HHev+}Fal`9@XyCX_i4FF7ZT7~^EwgL7JQgZoc6DY2qIo30V72#<?A?%pQp
z%fFr*LqNZw9NVnzYUB0ITys$a*_0|~>}3)!4;^G-iecSm--#*l73d!c-c%K*!K`rG
zBf~weKzYHOC8}}PApOlh4BN8pGKw3%WEs4E{3cTS=k}MOtKYOLpo2%nz|>oXt`Dc(
zx#VMOe`>hbCs+;3SCTX{-&&sk63TP^WpRC2u4i+&v_8r$bmt@RET1tkV#BaV*E!?4
zSzm|n{riZ@R|Fl3Wlu`JH?0wiJ(_vK0db1qKG_O2UYpzBO5{@i0zkZ^IGKf0pX8a2
zT@~&BMB(yNCYpJfyYN@FXPdp`RX8Tl?q>#RcW$Qk^N`G+yKmpelo6MY$$!-+d|hxU
zcDCE>Mv=M=)%Z&r9$2;YO<uo2QvuJe?)@w9c$FT2bV-!}pMflrD;ql46RB~>;K1>D
z-r$40lN>sICjzs#rgYSpKnYi7t#_*H5~+u_`Z3e0N%EJz{&X;`eY0UJ+HRA3A6c^#
zbhCZ#gcokB>3!nKHXh^l_+De~0BJ<#IxW{ViH9M}<kW7?B7Ks24Gfn$w2PjIdZdIL
zT1TDexx@$XXI!B>BG)T<beSNbz_Q1##`Qs$ibt?wR(#{Y^`h1A7-CT<-R(v4I6WOz
zd<Kzl67YPeYdsyxZdG)b6ZzZJzC2WP{Q@5Kl;q+NnLF;fnA;<Ht^0Udv{1yD@iOMN
zg#BV_9Fybrk?A@uX7lg`8^q};W0G*fQCLG1b9uJ;A!ByvF~Q1>il#Co?+RDkROm3O
zI6^1H_Ua0M3jc`cC!zSvN78Nj@ivlt<xORr#-mZ6nwf{e^TxuK(|zXjx9e;}qlN!{
zG?G4qnAzA`XB&v4eARl=7N2UHMldx3uQgx^X%Tm(bPBzh1}j<>OsJwcJkI<!C-VIX
zBg0?t+JE|$@)dsFn=n$BVzW-Bke|y0`9Wwk2`}h3>+G@PyD`mM2yNtt_@KvoWrY(T
za#r3|6QIgVcXSb#xfldkPk11jwnA55vp+4_+zv6k<d~F|lyueom+F7?^JIaF&64D(
zogvQ|w57K52%>luw9ONlmxK;EnUzuIyLsOl3M1uczwy8iAaepUEkIQvDu2N0GS_h0
zU~VjX1oTJj0qux>9Uq8q%tIA28m@bhfPVCzZZT&RaEJO9jQ0&K4HuZ~g*z;qlv)85
z#S94;PjFP+i-5MopCLJu9%f#Xk5=isbtQMVnN<YNE2{vRf7cb??v^xX8AH(F%{ra)
zce4d&gbWJl7coK>Aywv52s#=}@047Fe8(QxOx`CD48YH~8ULDZd9{!%hSSwA>cE3u
z-9kk~;hQn?$77Ern^V`4lptiTp`OfMzKI4-bv$s-?i?jIF;V!@c!Q|BJ#cIY`5yI^
zK8Kdue75f8o{0JEWXy0jRCQ61bV{2B)A4`I2h@<Y;VhHD08bW~wnPH!^OxR=mod`(
z_8FWyk#G?uB?yb-$kR4L0+J(Xb)<R@LuhuPuqb?*mn2w_RGE0KVjorBRIiJmPZ&O0
z)DG*5@8{T`H>k6TH@xC*b#{75gZi@0;3=AxOYS|1-eQ~-T=^Ca1fS34iaIIeu~gqF
zohYEMu*wYN(#cI;AMMh1c7#Z7QuH^q{UTyxkiBuhhSzl9k+{AkWKFy4w(ad4Q)G;A
z;ohiJ;#nv_IPmDkJlli`lH)zM`di>xtjs#w)KiwHoj;Px96xEqx~3Tvt?>7}zdkw~
z{=oJX1TsHr>60yJgzULFfNJCVPcSY+EB9=RO-izIEDCxKAjcn!mcFj}9SEh8TZIP%
zK|{Qe{ZQ5RV9L_y^l0^xBt7?~p*6p~)xQLS&p+SbpG(RQffRYVmVedz?7>V*JyJNv
zvn66|hU~~6Tw^dt36tjv4Mu5H@Vk@vPoAwNe$$Nv{7t+woI~24Z(lJA<_f&!lD2WD
zVAM`Ch-U50h9riMV@+=5b1~eGcWRIKE4h)aXCm@F86#J{bP6k#2aOY5{J#O(;Y%o3
z*dVD$@p6!?_0KB$xvS>QzD@O83<&^5{&H#3`I^xCaz*ON7GsS8@I0dms(KfIOpmLj
zXQXA1l2HKj^GKj7_v2`j0P?zt7FGYvtV@BXBs5%=Ob@+!k3Q{P%V3jpxktFQ`Kj03
z-6X_M{LwUf`oap4(fhE^1(kq*{<eSy^}C3FU;m0!s4c!&`&iacQnI92#Z4t5Z&qm*
zRy!@z4wS!<={|Vht5QT0*g-Em{$?cQWmt3;CQeQ&p!kl2jfvs6N3>0%x1Q`TgDbg(
z?S2Dq>xYHoFH0R2RWM8KT-H!1t@*wfnf%;Y?8Dz`gQmgcrFZi5C%{jgvK@|G2?7+e
zh?pz0q@OV7g|K!c@5dk5M%t(_ALfMmZ;f+4KwdSK();HBDYZoHx!7ntt^euIf%SJ%
z^|{|-1^<28E2LD6<}i@591x{Uv#^moBaki{DOmT75%w+~3QuS$HjY+8>PQm@)8-U=
z2u!iL{BAG3-9j<A<2U6toeRDpNv3ym+w<6>!FE-tC;jY1DVEhG4K}0x;G6!SDBFao
znDT4>e`j}Wg@a|hUG~$pGHW@m^&?yn{|?>nrT!1k2w&?%x`_9YMSDr$>Vtl(I|M72
z<b2)x;nc0qzC>n9vxbqB#XqGQj+Z>lweQ+>qEXTy)@)*uBo>dqv3JxUJdK)D#Czyq
z7=#S3xsBAtiDcAGQ{CXZaPaXV3h6;0pjeNX3=RzBaQ#4rnK+(oe2V2let85_y^44F
zA96O?n5N8eS`g`N6X-4f6RqHVf0_$d`+_oC6a7W}fRD`n+qd3Jy5~J5q%Qe%5yo+4
z`%Ak&kxt=EpT6X9iwx87Ply#4FMx4=B5Z%U1#=KUp4eSPfAG5t*HJM0g@x<MRuOs2
z1ZK(4DIWYwp$^AsoeY;{k5y}g#fkUiF+q;+zoN_g!y%B3EPPPe$9U?a1*W(~Uh8gj
zwuP&&KW+z*Qc#CX;z)d6qzoGPx;*?k7&Ohs0A|aOcle0ao}f>biW&^EfSWwXVSl6p
z7!NfuLn?c~EeS9P?IFQ<b8z9K4)?o2$sX_vAKL!^Aqj3Sw5tNm*FgX2=AE@`5(tCP
zZ1jj&v<Rgj53=7M`4%sVBvcU84!@7^|L{-K85p3qC}+C|NUTGE0*{X0kjLY}5I}QM
z1;hr-^!t(+JVE6_GYovK=))YC><JkDgHH(T?1u!wmX?PDKobiG7XZxK&rpJOz+J0j
zb1D!2$~k;3R!TgH|K6WU8xx^;o=7glx{??QOg8L}1b<QBW&SVy`FJMQ1>BkABDp)d
zZzVy`6~8Mt(7IX)*gD`jlT&~S$7SPjlDrNFPn&s31d7tphX;e1g$n?<RPadtua$3B
zLuy=MU^71i@-ULf;WnO5HYDu;PXx`0Nj-LfU6;GSd=FN+w@%c7CrKse`{uF)`3q}0
ziLZ>-hmDpLPKAjwUi;QsH|=4Y>%Hw1C^}3GsT;CW15(2bl5G0D>0^aVu7OA*LBY=f
zSt0n71Xc_RVTAu34RaV{<-$vGlNBBeaeB5iGXt>GV=itkKq~n#Ph64Z?^(G3;E@rs
zoP!R-?1n6Yf`X6}>kV7X6RkKyFSvXGL_J{p=S0fVc(SLEO0?p@G?28y9|sOgU>{b1
zhCiud#R!st!2L;w8a-}c#azCF2T+U=GpUUkb44ER3DARlW<#My{B;oFU%7ZTF~oX_
z+Cjn+OB8yxf^blsR_GfEF?b19euro!PXt~XK`2;!ArF|C5#{?SzYa1!4cEg9F$c(A
zg=^nOW_iK}6+YlmMX<w9?^82;ffNx@Z*NRJjC}{EBb>cUo`98#f8Bj~5?9pbEWu}H
z7N^0b5X8CZ%*v@t`PUKv-nt-bj)?@ZY1;P4HRo9mn9*H~B{+2e*c`~Ky7=pE60qz3
zFfoNEXBq@}4HSU-SBn0`7U8cgfYyBf=gb&$*x+w62bRz}C@}!YQ^1$_2Av6<+<Z*;
z7^L7dh;lZB@+(Cl+=X%FLsqUuDL%ZP0STC3#t0%`5p{^TgSH_Jyrx-k;!Mtfj6WhO
z@VoS}hUlXl0p1cneSwTKQuOUHV^Ev+$TTO|8`?O$LB4fH)_gi6*K0vb+asOKXMOHb
zLV^*L0089llE8(q;U6849Ap@I*qcijP_=pH&!v=*7dzB(0Ej#t#Nm)!@6_YcWUGl3
z-1^1@;O$%5bWV<Mjo!xIIU@zt?ac+opAr>J12483AY|uYihJPN$xnM^C!f0zZjcp2
z7do5<(Zn?l122}HXO(9-d%?-OY3TUq3xU`oHa~<&upKRJhuoElZwMJocAovd!184P
zB;xKJ@R>mDswp%j%h(RtNlw>EBuE9>M1KffM_o`TE4>=(tg=Mj*WO4{`Hfs}3|KNR
zxC8TwhS!sUnhTO)NZ_rPzZ94xXF{Az-a^Qh$n|33n-5`hHIu*#3rKJ(6mNSyR>4mQ
z1TXh(kn0sWR;5E;<v&H<{R$xy!l^?0A)v`L3+?K9bkI2LQd+PkOT&x1fjqX#MQXjT
zL|ePj3D^W=Y`!84ID4`k>yrWQppsV`VTNOAXEpqA`8@dxTA4a)A5>S!b`Z4XW9d`I
zr8i~ED1al>`N^%NbvES3SBjiq=E>hK%fMLa=xq}9<Mu0hH%V87RXFa|Ooco>{#YFQ
z5JUsOQYfx1RjeK^BzL}zD2Db$YtNpv178!{*cyoh2Nidh=H^Xy>`CE6w;>cNJ^q~o
zQ#VBt>}q~!=d7DFnje?pI}Pbu`!nTz{65YnP_t$#$+q)phPH8!Khw)%FPYGZhfv#N
z)f?%Jl|(C*UnwT<+;>3AFhYJjDo<swF}CoKAl9e>(Ey(&=8B9xCq|nH6&l${i<UEY
z8`l8=(*!zVaujiDocZl4{?PFmBAo^oaVQy$x;#`=Q{*<!5ncy0-;|qkR*=ksu4Oyg
z`KO{8lve_){s87x<$v>-EhS_lVr<YE!TP1=3Z{l!oyWgJ^7iFEBUqdom$ZG&?E;g5
zxaW8+{%U?E(mYx2407y#a967JL?96QiZE_xzoLRPV>^rsdpHrF99u{~j~aVGux|vR
zFlNw&+XPYc@X`iwJqE`L@P~35&bvCOXfuF|u>_1c#gOBMdbR0It3F0#veoo)uQMLQ
z7MVMS0dGb~E1CLxO>}}UJlYG#IFAZW{Y8vN0ijWp(_ULrJ>w<Cja6?jJf|h&BE&F-
zj+3o)sj+aK2KW)~*Fa8=u3$>bpb0|0$&kD!T3Sl?DCehcg3V`9dF@Bl?*i2odkOo#
zysZ&IF5WqdkJj&wOm8yI_a^jG2%y)CR6G>e5Qm-&t8(=!t_M@Uj~Im*|Lv{bZo5X_
zjK8|kJqu;M6}maAh&BxmH^R7ZKDY_cO5`wwtEA|A){Z$zN#X8TKrN%)FURdbJIJwQ
z7ShL(nEQNjQ?#HINZtF_eWDL^Cn46Og2<YC$ax`nJ<$q=jZPQ3b{$@yh<r?#YibO~
zQfAmy5NOt{Ch`;Fl}G=$^y;$=)(<CTCCQ`<KfQ-kCNR4-R^tC`v$sXk@tA&s81ge^
zkHEGLvStD|l&6uti}CMJ1Y0%<2=C>}U|WV1)9Rrs&b0)BY*1cnsxN)OG20o-WDP{N
zm8^pmgH>=ZCM&3*3bV`BmDH@G0B1~~E+v9<n}2?5#Ey)Wt4<8bO9xL2fmQY>Eb|PY
zaC)!B@`2$G5D(p*b{VC}V&r#6c>U!LK8jo5Q~>y)%VUmIViX(BmAVzrp$^p$GD1Bq
zrL7}rxDFzGq5!$|X1T@pyX6x4r|+!S>yHkLPsp#3;Z=<gK}lfQ7EpU<iTO_;eHfZ0
zv?at=?A#D3e-`eEr2G)tqHF#zsE`JPx#Ea67W#@_uN$6)G<#xLv=_(p()!}M_0-}B
zJJjXIl41k7-U0>dw)sK!iy*Qu?!cE9E@4WD)CU}qb+BC$y893z$~Fdv!OB;5=DT<a
z+}{p%zb}g^@jh|f)fGg}bHmSxR@hj%SZ@Wu!aEm?CxF(Y0e*}hUEF>6Ic0}RU*|b3
zr6BSj)^BGvroMU5N>GPemuf%0?>H8Wt8UGtNz}hPY@jsChAmyvo{ghZkQho<#cI5)
z+BuS1LwG>wK!bsP{{-wN+pQ7L+B)W=2cE&+h+uM_&%TrkwFpMz<*MuV(RDi;ljTGh
z#{5;R_95;|k(%9-<>^}xg?CMA!=s0v6RD%NZn>w}ovm&_*AV2cZarZW9u&OYaIksP
z`cqBk`)N@1RYv&Z1(Y^?`<Ma4>3>qTAAyNV_9Lp|a1El>YakOehAZIS&imwz)0Om4
zw{U^W5+MKUP>y{Xo4cC-;YxK7LB{GfAlpFb;3&tM`T$s6Z4{EN)dO001UL!u-(vMi
zG%`b(!og-p(%%#cAzSGjAB~(h5L@@Azf)okFJts!xu4}1STGL&@0VyVT0M@?HhR4c
z<kmf(=sgyP6#?#WYGo2`+kn{3<7T&PNKsmEV;(zv<}0Cksue`qUYJ}=g*_9-D8jXk
z3?eYlde%TII8Fz$18`B6$A(*7C44BwHN<1c;0(ko=u#X}qP;XcUyWXGnqZL@?6VOs
z>hJmeu7oFxZlX39vr|Crm6L>aPTDrkpNhq3V1xnwI|2<^?)ldLXRdvvHZ>XSjGoX-
zJbi)H&{sTtMV~dlmOAKGL-j8PXX$5=>`Zlm##O%JerII2@pl^cWAdAMR=`-Z)USRM
z_^TDip5!&j8nS{|_&J$i3OsO}oNn4?oC}nA)^XQ#<fKY}Yi!{+TK=rVJkKsS7XDmn
zRzWm}NZl%H6lhIHju#_$#kl;Pt02cZ7z=1rW70P}QpDjkdc0L29Jlkv`~UE?UjCrD
z4TK+(5GdlBmN`Wgp<4-VkX_|AxwJ8!zQ<JN()}*TH@}SG4VTpWk9hc!;fIyB=GyId
zNiN_%wyes*1^%r?Cy3*smaR^SFoz@?*PwZ#@RS@Phm(DtRl1v}-rsJi6Y7;hJ-)&u
z%b?|IVqt9qc+Up8J#LTyz7%5pVUQ^ZDz**mLe(`Ebf=-Y-n|<%9S8$g<Vkze!|{qw
zKWqDS;3MKA*&mbjpi9gh(OkD<U9K`jw>~a=aFt<QZk;OW`ni{GW9(m?AB1<6<Ytr{
za{hJ!XxODcz+PD7(UZdpzK>N5NUh#d;NlGJY%eAVjJkvGMI@sz=P#ARtv>^eKu0Ap
zSAqD>j+(O<X<UW@ELVDD_YYlo#r${jH@ac9HGT|LzZ{tEVYbNWinzqXnIiG+^93dB
z#9tflze%5;Cxkn~;v6qw9%<;jLMc{={?r&fad9N+TtJEHXAfCKoV;(L6a+hpS+L<(
z@`>KcOFV(Enu?ES2-dd=swZ)aw6pUJTtDoa97Vqs+MNiw_aHvv-pikV>3Il0xsh6|
zev^1^hs0<@UyI{;9qpA1ix1c8U9OJD-T9O}tu`~<v+o&f0X%%u%nlbohgB+DOYKmH
z4+1|vK@&Iwf~Sa#+BxeN4|h6f^*)5|`y6gagCYRfvU>jFderS=bM{c8Q^X+Pf1Y>=
zqlaUYf$tsvzH;y3km;>a!bJ)_dE&V=U1jRiPZ*IyBO*%$wnVFq%(++t3F^B-W)9G8
zT-|i9<4YmK8rRD5G*6xUM_Mw!YZTuGdA*7R3$BoO{Jr0ZCu=_^3K4W>?u20TzQm1_
z=xG)$NKItRK~v;>imun9#mJM0^(y@#7wip-7Scn78c^qYgRUfqRcX^hvU&vv4+lg)
z<7|vIbaE7unU`qS^tH;xF|5*PNs1=!1nqV#J7^On{K6r$wjCa7{x%xUgP)CnKMGq0
zN38jUwk$aQLBd?1<M@#4uL78*DHd?aAX@&}yGy6nKp`DO+EaLoV3(sKD=U%n&udHk
z!UW8gx+5HpIHAebm7&6N_s3AUMN)T}y8-mT5<y4GXa<lud>`_{dbD>L`BCx-yrim(
z&>*#E-gJhV1}x8_iEq91d(ZB)UTm1>>20#vD+`gOAnl{<l!qAHndip%k*WKLRggQ-
zK)qeMCS#XChZmfB8P0rIZsoI^9VQAizBtSGjA!3Q#L{m8ujrU>-f?k}BQWB)+t18(
zYaKcNq9BtATF5_2d)s1Oo8}qy6|l^2udFjV7|2Y(4*buQejcMtG?6{K0#CAl);VHU
zp{lN3C0aTvNS+P+8Jz{Y3g*4&dpP#$`Pe_q88PQZ>3#Q_6vpK4J6imPQCkwj3kk_w
zGlMak?i`TRThNm&_BeZZG_@dtwg>%WC2R#hc>}=o9o9{89aqHezVlEVZoeTrC*+-B
z)(NL#Y@$IL1>MBw&g)RJTpM^6q(p`5S9fS_2{vRSd?o6laaA9`(^T_hxz<oo={!0J
ztG20}1}wk1gRStq946}0E_R<LZWnz#GMoD>>F!VwEWl3cL+!rgw(ut2z#@-`>3^=f
zA8~EvZrHCNu1w?nusjX7{Gl0}jzkvk&VJ0co1&DNI!NQ5`MXmrR=^MWX?2MYs<A!(
zr=?^Um?^H6#nA1yH1<5$O0;iW+Ht$Wf%~-!sIT9LVO}%qMIyCqg2@~*A%&;W?Z`^P
zw8~9s-|d%+M~!#&!50a^YcO9VxQ>#u#>(Ky=c!fB-OOiap~95#4k_wRe{!TwRagBR
zZ|LI63=<D#PZB0+KtkteRu%lR8rP}!F9MC`=-i%Kbl>UXs#|$t4QGDAFlk?#<0y9T
z^I`-|-&^3vSTJ0I(BOwankeZ7YF0$sLAkUwXqIMl$_zqIi*{C30pis!hT~YuF@%@F
z(yStiUa`jwaQ3TL>_*%Z_-8oquf08f;E1kN9Jk9y1RPa-0gNBi7+lVes5+ceY`n^Y
z*-;o=y&8UxBy=|kUNuB&Q#t&u<k!XW0X)sFDS5>}*Y!uu;!5*Tb^e|rY?UCclCiAz
zSR!b&s<sDdfU~i9Nv%FX8}QWA%qoYtiu(dz&hh~Z#NMlQChTG@;^kpG-Ta58cEqdh
zjL9i&JvONk`r<C6k$5lUM-W{{K~)#ZK^HW~vq#(H<&)vrTufsRCUI@g8d0q&EF_my
z>I#H4WPaFvcRKOrg#b<WnQTxBR6oiD+R<}o&y$w@U~y9r-VYEKvosGCW~0R&4R=dO
z-kHq}XsaZeLTREji;M(6Ja+=K>?rNmLk!M#_IZ470Cxyv>xk6L79VTI3_)fHyhb73
zd~rkY^@+e27jV0aI3aZMIOhoU*vHW~4zzF;-q_D=^9OW+H+7U!=@5^vujx=Maz`@#
zgR@~bCoH(jh`H-K-T01M3GNqlU?39f@NrrnI>ygsvs!p|ZDSKha=$s7D1kH(Ev~_F
zF#^A&_#4~EokX5+zzo~-*;X&>z2CS27fqjhejm;frS2@!`w`Zk5#V&dqAuIjC1ZIp
z0Q?GXi))wYBw1qjH&K5Tqjt-9mZ<zyju&n~G+u{hAmw38m(`7aib4HJJS@S4@L+Kl
zDqR#aes!#Rp6K79y7Oo6_!D&HB$3*KuyPDY`UoLo4H4)w7iHhu<<`w+h!y(>vRbDM
zOs9#hZSu^a;hDy9`ziVz_g`1wBxur~JR{k*UBz$<O>{%!HTJPls``$^1ro@a9L=)C
zkn8o>)ZK&pa(zl&WChuZZ0Bz=%sgLT&i;--tXId89mc6PbeEO)B7OtT7`)4h#U%%P
z&PYAaRt3|_c|6p18*HdM%^;g@Ftd=SrASIM%+f(eyeTDWksGfNGO$p4{c22MNJzbv
zJ~S>h!UcCr0V4LLfn=9@@N(P@c$wFZTJ&c)P3Q;WgxJQ-wwMd(Qe<Zlb5pukiPI5v
zfN*p=jbQR04v$|(vD?ZN5kwuR=X)f!+#NeD7b_8vBI&yo-`wkSwz`c4L$(Ut8Gycv
z|Gxg2tkDe78~>ZVSwGA%XCI5?yUsYglr9*|7%#9Ha)!ub*`~2PuVVP(_fU7QR+miy
zF6bAc^#r>E)Qce`33v^FKNVWpFVM3>!F#AFtl@Rh^Gas3YhSYxPWk1CzEM42_ovj#
zZi6Rv-4Db2FhEnUL@@dOPrvu+y7kzdBb)s(HMH+G^zt1~<LGwuA1l7T%Op!g#y(Un
z{{Vz*ee-Z7tL`+)yA}&VlkF{<9JrNNX<UicbVm8Ym2nTA$r6lRVhH%~k5T2^#^z6-
zcUW(u*aX4X65yL%Q*S;)oua+rbHh5A2P^|MIv(h>L42$VG+7<?2!3^8dKm^;JVk#E
zc%kwQ`eWxhhrWw1W7tYA=SP0d5Lnd9E<s0!7XB{qlYAW_Np|aCpkRs9UuYQd#DF}D
zu&4$1wSqOwDDef9hf5VKEh53sW%h6BL@`BVTuVAQmZfvv3U}ViuduhcD`FK5CdJTX
zEY$A8^9N?#xD~!t|G3-g?UjYq|Izc)ZA~=z!z+dFX4US0T;T6buJj#t!(aG(HfrI*
z*GHaK+;)*d`-quy(%GSK1=5E6rpUrESECAp2>7@6Dki(qiS2~Jad>A90Jgp}I3=O&
zRu?4B;<pvBIn(8+7wgJ#cTfrM$V26w)JkGPWe!}LRDQ3Iey2|S2X5!FcYM86X9bTR
zx)%ntepl{d7=uUijXoQlJCf61N{xi)n9ucJu^N-7RK8F)`h%iom-5sRS8P~nm(G#U
z54F$yBtuMeMeq15)Z9oahuCR^Q7q5DXD%UN7afFqy#({Cd=#*39`px|*jWw2^4zzn
z^@iq}{8`B^sQx}geO-+)ogf@v*)Q)G+4KE{xmX>0tq7)AM7P0;o^JG=MPDAZ^lx9U
zqM%8cW$oN6`abFx`XcG&jaH2rXXt4{$QbUXqYxq0<}t{C8RC8UgJ($_ZY23)l_3%B
zi}+9ZF0OOy*9DEKFF6_4=nX4K6rW%RG>hJ`=RXi@9#kE>^pQODy&;ByVj=AZ$DV4-
z(+lSc(=3fHIhQ`$=&1_vJf2=ql-*z$Yxj~ZHee0s^8M^jBKtT_=Rz8H8~K<6ow|+3
zzn)|(V0n_=&JV+uyqS#utQ1Yhy1%n1_LBIabWzjyyXT)@LVZr*n?;1KFG_zAIQSox
z<xGqf%#o-^yLTU6AMIC-gkMZcpNJ6pc_wPi17o@^q0den`S<4;sDPoryCp>t#e?C=
zhE;#g5}WV~1<j7~^Anoebg~B$LjxRE3#5Gyx56qaKRvBn37+h%&e0i5lj=~t=n_t^
z?hUj{<{z71t+s#HH@>kSDt;<|x=4QAkD<d*+!J$a!stTIBRcfSii?vFA>FP{zbK9^
zdg(@eruw$Hxul*O)YeIPnX^Kkn+LyiV((#@E_t5lr*8+lKWC>37`;xNv~Tz)1sm)Q
zgp~QJ-P38lMhDM1!>K*L+hUwHIAD$RPVsadHtD>yPx|_@H~`EjpJ_#TePGOaHoCRz
ze0owr)pJ5pkn-%R<H=PE=dgVcxj*1}jT<zdM<fw|Yq8g*Oq|TI`IIiwuJ`+aMw~S`
z*#zZw#7Hj5d>%Sb7cses!$eswd25SrZMG->sITYCqk)3ERn$p7dxmIWip4Oo&Ljl4
z%==p$`t!hku1I~et4mWH1id(_E*3lz95ui5EthmW;BMLD8+18-Y0xL$KUz3`O|+EX
ze|htrC`bz-;OcRV3Mf>3I&^R7$VlS$Iu}C#+13kZDx>nWaa4(<R!!!GiyhyX>ThV2
z<yw(8=Hw4%aQR&7f1<RXIJ+ePZ<nc7vuJGT{4s6A5AsGBb$iMvOr4%vD2mIbcn4<s
zzCJeQD>W5)bC_OQHuD$k7ON-QUvJO&yRHu%zOkt)KT34l+2_|AGLFr)m^rNJqQjd)
zym;r2rHWKhsY7sw<7)DzU%!$3@R#4CzqOFy6PR0pUEIZgCotn2V{KSx(||MD<#Y!g
zOj*nu(U1s<IJ}8;C^w^hZ@&(@8@w5k>=NMG`Z?An$}=_(@9$7mnYm7%7M>TRC}L&J
zf<rtDld}%D!G#3uA&S?>YFi_<l4}+=KV$9R-EcntJw(t!4UVLSJeQ}&ze5t&A1u-K
zw8Wl#?GAmHEF93Y{C%lj3Ey|Ln<;ZzHCZ76@K;nTLDK;=f?{glZ-Yr;L0Hhv#h+gl
zop$Hs({oB}r$(8z8JnAL5i6x$qXhe*w{odBZ^GaEw-Qz!g-ljFofXwrEU7t{e1~`-
zQ$h_Wj@IT(RarB|eE)sgxc{4m+Ck%4I#IFBlH9Vmwp^{5o3gqI1aRw2{+yd0oM27R
z+4Y)A-cM`8G5C$7BBR_bc{Y1)Pw+qmz#THdYkurCIh=IptXR_a%;3wyyzahs=DL}S
z?qk;+bI!D~s0;MmY<rUJZfGeC$!@$6TDiO2a9f4E`C;Io|5KhWnUMtiy7<Rxv@IrC
ze8V(9wi(VI!Z1q0crY#s45>+=!+Lz$Uw^)&k-+<7Br_I%knZPGYo)8WY39bj9K!Nz
zDyez4jUMxqXq}Ip<L_8>(Z7oL(6LXkS<$kH;z61VqPla(P3`fQsHu=Y(e|7DuPjSP
z)(-;eElY9F8uvQwiZfja9Zu$Z%}T*du8-!>v{Ha?hi5a42jnU)Ep+3+G5GDntCGh-
z&f(Fw4=`WOG+0w`WZ+GWtO-HgcjlW9aEsM<2NecT0l#{cTG?SV;JsshO4VnR`wZ(k
zvNJh7^6?{wej!Gxp4o<1K!uU%9szykhg1!xDP1}r<mg*JQ4i9TbjQAOFoRsdbFG^0
zj`ibE%R2ty5bYWkDF0WrdQbG;do(4j6g7C?|NP7_sty+barkC9lf~V3T2NgP{H$zv
zMicLmZmDTakD_)>WlCOCWd^)+{#~JK+qrqoN|q#)S0f<^%|rcIeoB<1Zl(P9*O3|S
z6R}f|%&q9?q?v?^)=F&sZU_;zM~KBvUGA)-`}z|*d;bjGdmcV*dt+IpsH_(?;E`<N
zMBaNn5m+|}$kR>btbz~0@rZdvd}o7uEa^+gEIoeo9XI!|=UyXM)~DN?z`d7?Q+`gS
z7zO+0=^&<TA4^B8i<M5arkvS`G4hqwRW-&J#{DXbh+C)q>j^QwC`V~)@L61Rkkf}H
zIiWMw2>3<+nzP}~W_&k!(Cz)1C*8J(Z=Jyh?E=mDHyS>6lhun+_J9N1^Oz!Nqr&y>
z0s{e_>d>a;bI;WY&CllL126emz=!c^;&qva8$3FpM)><yBkzeoHU8H!JHf$*|GESq
kIl+yy{$H#AJ1t}c@Iv|}8AN;cVj<PIqoev!`BB*a03<X1djJ3c

literal 0
HcmV?d00001

diff --git a/doc/user/admin_area/settings/terms.md b/doc/user/admin_area/settings/terms.md
new file mode 100644
index 00000000000..8e1fb982aba
--- /dev/null
+++ b/doc/user/admin_area/settings/terms.md
@@ -0,0 +1,38 @@
+# Enforce accepting Terms of Service
+
+> [Introduced](https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/18570)
+> in [GitLab Core](https://about.gitlab.com/pricing/) 10.8
+
+## Configuration
+
+When it is required for all users of the GitLab instance to accept the
+Terms of Service, this can be configured by an admin on the settings
+page:
+
+![Enable enforcing Terms of Service](img/enforce_terms.png).
+
+The terms itself can be entered using Markdown. For each update to the
+terms, a new version is stored. When a user accepts or declines the
+terms, GitLab will keep track of which version they accepted or
+declined.
+
+When an admin enables this feature, they will automattically be
+directed to the page to accept the terms themselves. After they
+accept, they will be directed back to the settings page.
+
+## Accepting terms
+
+When this feature was enabled, the users that have not accepted the
+terms of service will be presented with a screen where they can either
+accept or decline the terms.
+
+![Respond to terms](img/respond_to_terms.png)
+
+When the user accepts the terms, they will be directed to where they
+were going. After a sign-in or sign-up this will most likely be the
+dashboard.
+
+When the user was already logged in when the feature was turned on,
+they will be asked to accept the terms on their next interaction.
+
+When a user declines the terms, they will be signed out.
diff --git a/locale/gitlab.pot b/locale/gitlab.pot
index 17917b1176f..728c3605131 100644
--- a/locale/gitlab.pot
+++ b/locale/gitlab.pot
@@ -8,8 +8,8 @@ msgid ""
 msgstr ""
 "Project-Id-Version: gitlab 1.0.0\n"
 "Report-Msgid-Bugs-To: \n"
-"POT-Creation-Date: 2018-04-24 13:19+0000\n"
-"PO-Revision-Date: 2018-04-24 13:19+0000\n"
+"POT-Creation-Date: 2018-05-02 22:28+0200\n"
+"PO-Revision-Date: 2018-05-02 22:28+0200\n"
 "Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
 "Language-Team: LANGUAGE <LL@li.org>\n"
 "Language: \n"
@@ -84,6 +84,9 @@ msgstr ""
 msgid "%{openOrClose} %{noteable}"
 msgstr ""
 
+msgid "%{percent}%% complete"
+msgstr ""
+
 msgid "%{storage_name}: failed storage access attempt on host:"
 msgid_plural "%{storage_name}: %{failed_attempts} failed storage access attempts:"
 msgstr[0] ""
@@ -92,6 +95,9 @@ msgstr[1] ""
 msgid "%{text} is available"
 msgstr ""
 
+msgid "%{title} changes"
+msgstr ""
+
 msgid "(checkout the %{link} for information on how to install it)."
 msgstr ""
 
@@ -101,6 +107,41 @@ msgstr ""
 msgid "- show less"
 msgstr ""
 
+msgid "1 %{type} addition"
+msgid_plural "%d %{type} additions"
+msgstr[0] ""
+msgstr[1] ""
+
+msgid "1 %{type} modification"
+msgid_plural "%d %{type} modifications"
+msgstr[0] ""
+msgstr[1] ""
+
+msgid "1 closed issue"
+msgid_plural "%d closed issues"
+msgstr[0] ""
+msgstr[1] ""
+
+msgid "1 closed merge request"
+msgid_plural "%d closed merge requests"
+msgstr[0] ""
+msgstr[1] ""
+
+msgid "1 merged merge request"
+msgid_plural "%d merged merge requests"
+msgstr[0] ""
+msgstr[1] ""
+
+msgid "1 open issue"
+msgid_plural "%d open issues"
+msgstr[0] ""
+msgstr[1] ""
+
+msgid "1 open merge request"
+msgid_plural "%d open merge requests"
+msgstr[0] ""
+msgstr[1] ""
+
 msgid "1 pipeline"
 msgid_plural "%d pipelines"
 msgstr[0] ""
@@ -136,6 +177,9 @@ msgstr ""
 msgid "Abuse reports"
 msgstr ""
 
+msgid "Accept terms"
+msgstr ""
+
 msgid "Access Tokens"
 msgstr ""
 
@@ -367,6 +411,9 @@ msgstr ""
 msgid "Assignee"
 msgstr ""
 
+msgid "Assignee(s)"
+msgstr ""
+
 msgid "Attach a file by drag &amp; drop or %{upload_link}"
 msgstr ""
 
@@ -669,9 +716,39 @@ msgstr ""
 msgid "CI/CD configuration"
 msgstr ""
 
+msgid "CICD|An explicit %{ci_file} needs to be specified before you can begin using Continuous Integration and Delivery."
+msgstr ""
+
+msgid "CICD|Auto DevOps (Beta)"
+msgstr ""
+
+msgid "CICD|Auto DevOps will automatically build, test, and deploy your application based on a predefined Continuous Integration and Delivery configuration."
+msgstr ""
+
+msgid "CICD|Disable Auto DevOps"
+msgstr ""
+
+msgid "CICD|Enable Auto DevOps"
+msgstr ""
+
+msgid "CICD|Follow the instance default to either have Auto DevOps enabled or disabled when there is no project specific %{ci_file}."
+msgstr ""
+
+msgid "CICD|Instance default (%{state})"
+msgstr ""
+
 msgid "CICD|Jobs"
 msgstr ""
 
+msgid "CICD|Learn more about Auto DevOps"
+msgstr ""
+
+msgid "CICD|The Auto DevOps pipeline configuration will be used when there is no %{ci_file} in the project."
+msgstr ""
+
+msgid "CICD|You need to specify a domain if you want to use Auto Review Apps and Auto Deploy stages."
+msgstr ""
+
 msgid "Cancel"
 msgstr ""
 
@@ -825,6 +902,9 @@ msgstr ""
 msgid "CircuitBreakerApiLink|circuitbreaker api"
 msgstr ""
 
+msgid "Clear search input"
+msgstr ""
+
 msgid "Click any <strong>project name</strong> in the project list below to navigate to the project milestone."
 msgstr ""
 
@@ -1128,6 +1208,12 @@ msgstr ""
 msgid "ClusterIntegration|properly configured"
 msgstr ""
 
+msgid "Collapse"
+msgstr ""
+
+msgid "Collapse sidebar"
+msgstr ""
+
 msgid "Comment and resolve discussion"
 msgstr ""
 
@@ -1411,18 +1497,18 @@ msgstr ""
 msgid "CreateTokenToCloneLink|create a personal access token"
 msgstr ""
 
-msgid "Creates a new branch from %{branchName}"
-msgstr ""
-
-msgid "Creates a new branch from %{branchName} and re-directs to create a new merge request"
-msgstr ""
-
 msgid "Cron Timezone"
 msgstr ""
 
 msgid "Cron syntax"
 msgstr ""
 
+msgid "CurrentUser|Profile"
+msgstr ""
+
+msgid "CurrentUser|Settings"
+msgstr ""
+
 msgid "Custom notification events"
 msgstr ""
 
@@ -1465,6 +1551,9 @@ msgstr ""
 msgid "December"
 msgstr ""
 
+msgid "Decline and sign out"
+msgstr ""
+
 msgid "Define a custom pattern with cron syntax"
 msgstr ""
 
@@ -1563,12 +1652,18 @@ msgstr ""
 msgid "Directory name"
 msgstr ""
 
+msgid "Discard changes"
+msgstr ""
+
 msgid "Discard draft"
 msgstr ""
 
 msgid "Dismiss Cycle Analytics introduction box"
 msgstr ""
 
+msgid "Domain"
+msgstr ""
+
 msgid "Don't show again"
 msgstr ""
 
@@ -1734,6 +1829,9 @@ msgstr ""
 msgid "Error updating todo status."
 msgstr ""
 
+msgid "Estimated"
+msgstr ""
+
 msgid "EventFilterBy|Filter by all"
 msgstr ""
 
@@ -1761,6 +1859,12 @@ msgstr ""
 msgid "Every week (Sundays at 4:00am)"
 msgstr ""
 
+msgid "Expand"
+msgstr ""
+
+msgid "Expand sidebar"
+msgstr ""
+
 msgid "Explore projects"
 msgstr ""
 
@@ -1797,9 +1901,6 @@ msgstr ""
 msgid "Fields on this page are now uneditable, you can configure"
 msgstr ""
 
-msgid "File name"
-msgstr ""
-
 msgid "Files"
 msgstr ""
 
@@ -1901,6 +2002,9 @@ msgstr ""
 msgid "Got it!"
 msgstr ""
 
+msgid "Group ID"
+msgstr ""
+
 msgid "GroupSettings|Prevent sharing a project within %{group} with other groups"
 msgstr ""
 
@@ -2023,6 +2127,9 @@ msgstr ""
 msgid "Import repository"
 msgstr ""
 
+msgid "Include a Terms of Service agreement that all users must accept."
+msgstr ""
+
 msgid "Install Runner on Kubernetes"
 msgstr ""
 
@@ -2199,6 +2306,9 @@ msgstr ""
 msgid "Loading the GitLab IDE..."
 msgstr ""
 
+msgid "Loading..."
+msgstr ""
+
 msgid "Lock"
 msgstr ""
 
@@ -2229,7 +2339,10 @@ msgstr ""
 msgid "March"
 msgstr ""
 
-msgid "Mark done"
+msgid "Mark todo as done"
+msgstr ""
+
+msgid "Markdown enabled"
 msgstr ""
 
 msgid "Maximum git storage failures"
@@ -2244,6 +2357,9 @@ msgstr ""
 msgid "Members"
 msgstr ""
 
+msgid "Merge Request:"
+msgstr ""
+
 msgid "Merge Requests"
 msgstr ""
 
@@ -2253,6 +2369,9 @@ msgstr ""
 msgid "Merge request"
 msgstr ""
 
+msgid "Merge requests"
+msgstr ""
+
 msgid "Merge requests are a place to propose changes you've made to a project and discuss those changes with others"
 msgstr ""
 
@@ -2313,6 +2432,9 @@ msgstr ""
 msgid "Move issue"
 msgstr ""
 
+msgid "Name"
+msgstr ""
+
 msgid "Name new label"
 msgstr ""
 
@@ -2387,6 +2509,9 @@ msgstr ""
 msgid "No file chosen"
 msgstr ""
 
+msgid "No files found."
+msgstr ""
+
 msgid "No labels created yet."
 msgstr ""
 
@@ -2675,12 +2800,27 @@ msgstr ""
 msgid "Pipelines|This project is not currently set up to run pipelines."
 msgstr ""
 
+msgid "Pipeline|Existing branch name, tag"
+msgstr ""
+
 msgid "Pipeline|Retry pipeline"
 msgstr ""
 
 msgid "Pipeline|Retry pipeline #%{pipelineId}?"
 msgstr ""
 
+msgid "Pipeline|Run Pipeline"
+msgstr ""
+
+msgid "Pipeline|Run on"
+msgstr ""
+
+msgid "Pipeline|Run pipeline"
+msgstr ""
+
+msgid "Pipeline|Search branches"
+msgstr ""
+
 msgid "Pipeline|Stop pipeline"
 msgstr ""
 
@@ -2714,6 +2854,9 @@ msgstr ""
 msgid "Please <a href=%{link_to_billing} target=\"_blank\" rel=\"noopener noreferrer\">enable billing for one of your projects to be able to create a Kubernetes cluster</a>, then try again."
 msgstr ""
 
+msgid "Please accept the Terms of Service before continuing."
+msgstr ""
+
 msgid "Please select at least one filter to see results"
 msgstr ""
 
@@ -2798,6 +2941,9 @@ msgstr ""
 msgid "Programming languages used in this repository"
 msgstr ""
 
+msgid "Progress"
+msgstr ""
+
 msgid "Project '%{project_name}' is in the process of being deleted."
 msgstr ""
 
@@ -3041,6 +3187,9 @@ msgstr ""
 msgid "Request Access"
 msgstr ""
 
+msgid "Require all users to accept Terms of Service when they access GitLab."
+msgstr ""
+
 msgid "Reset git storage health information"
 msgstr ""
 
@@ -3053,6 +3202,9 @@ msgstr ""
 msgid "Resolve discussion"
 msgstr ""
 
+msgid "Retry"
+msgstr ""
+
 msgid "Retry this job"
 msgstr ""
 
@@ -3115,6 +3267,9 @@ msgstr ""
 msgid "Search branches and tags"
 msgstr ""
 
+msgid "Search files"
+msgstr ""
+
 msgid "Search milestones"
 msgstr ""
 
@@ -3219,6 +3374,9 @@ msgid_plural "Showing %d events"
 msgstr[0] ""
 msgstr[1] ""
 
+msgid "Sign out"
+msgstr ""
+
 msgid "Sign-in restrictions"
 msgstr ""
 
@@ -3360,6 +3518,18 @@ msgstr ""
 msgid "Specify the following URL during the Runner setup:"
 msgstr ""
 
+msgid "Stage all"
+msgstr ""
+
+msgid "Stage changes"
+msgstr ""
+
+msgid "Staged"
+msgstr ""
+
+msgid "Staged %{type}"
+msgstr ""
+
 msgid "StarProject|Star"
 msgstr ""
 
@@ -3410,6 +3580,9 @@ msgstr[1] ""
 msgid "Tags"
 msgstr ""
 
+msgid "Tags:"
+msgstr ""
+
 msgid "TagsPage|Browse commits"
 msgstr ""
 
@@ -3488,6 +3661,12 @@ msgstr ""
 msgid "Team"
 msgstr ""
 
+msgid "Terms of Service"
+msgstr ""
+
+msgid "Terms of Service Agreement"
+msgstr ""
+
 msgid "The Issue Tracker is the place to add things that need to be improved or solved in a project"
 msgstr ""
 
@@ -3665,6 +3844,12 @@ msgstr ""
 msgid "Time between merge request creation and merge/close"
 msgstr ""
 
+msgid "Time remaining"
+msgstr ""
+
+msgid "Time spent"
+msgstr ""
+
 msgid "Time tracking"
 msgstr ""
 
@@ -3837,6 +4022,9 @@ msgstr ""
 msgid "Todo"
 msgstr ""
 
+msgid "Toggle Sidebar"
+msgstr ""
+
 msgid "Toggle sidebar"
 msgstr ""
 
@@ -3861,6 +4049,12 @@ msgstr ""
 msgid "Trigger this manual action"
 msgstr ""
 
+msgid "Try again"
+msgstr ""
+
+msgid "Unable to load the diff. %{button_try_again}"
+msgstr ""
+
 msgid "Unlock"
 msgstr ""
 
@@ -3870,6 +4064,21 @@ msgstr ""
 msgid "Unresolve discussion"
 msgstr ""
 
+msgid "Unstage all"
+msgstr ""
+
+msgid "Unstage changes"
+msgstr ""
+
+msgid "Unstaged"
+msgstr ""
+
+msgid "Unstaged %{type}"
+msgstr ""
+
+msgid "Unstaged and staged %{type}"
+msgstr ""
+
 msgid "Unstar"
 msgstr ""
 
@@ -3978,6 +4187,9 @@ msgstr ""
 msgid "Web terminal"
 msgstr ""
 
+msgid "When enabled, users cannot use GitLab until the terms have been accepted."
+msgstr ""
+
 msgid "Wiki"
 msgstr ""
 
@@ -4200,6 +4412,9 @@ msgstr ""
 msgid "Your projects"
 msgstr ""
 
+msgid "ago"
+msgstr ""
+
 msgid "among other things"
 msgstr ""
 
@@ -4223,6 +4438,12 @@ msgstr[1] ""
 msgid "deploy token"
 msgstr ""
 
+msgid "disabled"
+msgstr ""
+
+msgid "enabled"
+msgstr ""
+
 msgid "estimateCommand|%{slash_command} will update the estimated time with the latest command."
 msgstr ""
 
@@ -4422,6 +4643,9 @@ msgstr ""
 msgid "personal access token"
 msgstr ""
 
+msgid "remaining"
+msgstr ""
+
 msgid "remove due date"
 msgstr ""
 
diff --git a/spec/controllers/application_controller_spec.rb b/spec/controllers/application_controller_spec.rb
index fe95d1ef9cd..f0caac40afd 100644
--- a/spec/controllers/application_controller_spec.rb
+++ b/spec/controllers/application_controller_spec.rb
@@ -1,6 +1,8 @@
 require 'spec_helper'
 
 describe ApplicationController do
+  include TermsHelper
+
   let(:user) { create(:user) }
 
   describe '#check_password_expiration' do
@@ -406,4 +408,65 @@ describe ApplicationController do
       end
     end
   end
+
+  context 'terms' do
+    controller(described_class) do
+      def index
+        render text: 'authenticated'
+      end
+    end
+
+    before do
+      stub_env('IN_MEMORY_APPLICATION_SETTINGS', 'false')
+      sign_in user
+    end
+
+    it 'does not query more when terms are enforced' do
+      control = ActiveRecord::QueryRecorder.new { get :index }
+
+      enforce_terms
+
+      expect { get :index }.not_to exceed_query_limit(control)
+    end
+
+    context 'when terms are enforced' do
+      before do
+        enforce_terms
+      end
+
+      it 'redirects if the user did not accept the terms'  do
+        get :index
+
+        expect(response).to have_gitlab_http_status(302)
+      end
+
+      it 'does not redirect when the user accepted terms' do
+        accept_terms(user)
+
+        get :index
+
+        expect(response).to have_gitlab_http_status(200)
+      end
+
+      context 'for sessionless users' do
+        before do
+          sign_out user
+        end
+
+        it 'renders a 403 when the sessionless user did not accept the terms' do
+          get :index, rss_token: user.rss_token, format: :atom
+
+          expect(response).to have_gitlab_http_status(403)
+        end
+
+        it 'renders a 200 when the sessionless user accepted the terms' do
+          accept_terms(user)
+
+          get :index, rss_token: user.rss_token, format: :atom
+
+          expect(response).to have_gitlab_http_status(200)
+        end
+      end
+    end
+  end
 end
diff --git a/spec/controllers/concerns/internal_redirect_spec.rb b/spec/controllers/concerns/internal_redirect_spec.rb
new file mode 100644
index 00000000000..a0ee13b2352
--- /dev/null
+++ b/spec/controllers/concerns/internal_redirect_spec.rb
@@ -0,0 +1,66 @@
+require 'spec_helper'
+
+describe InternalRedirect do
+  let(:controller_class) do
+    Class.new do
+      include InternalRedirect
+
+      def request
+        @request ||= Struct.new(:host, :port).new('test.host', 80)
+      end
+    end
+  end
+  subject(:controller) { controller_class.new }
+
+  describe '#safe_redirect_path' do
+    it 'is `nil` for invalid uris' do
+      expect(controller.safe_redirect_path('Hello world')).to be_nil
+    end
+
+    it 'is `nil` for paths trying to include a host' do
+      expect(controller.safe_redirect_path('//example.com/hello/world')).to be_nil
+    end
+
+    it 'returns the path if it is valid' do
+      expect(controller.safe_redirect_path('/hello/world')).to eq('/hello/world')
+    end
+
+    it 'returns the path with querystring if it is valid' do
+      expect(controller.safe_redirect_path('/hello/world?hello=world#L123'))
+        .to eq('/hello/world?hello=world#L123')
+    end
+  end
+
+  describe '#safe_redirect_path_for_url' do
+    it 'is `nil` for invalid urls' do
+      expect(controller.safe_redirect_path_for_url('Hello world')).to be_nil
+    end
+
+    it 'is `nil` for urls from a with a different host' do
+      expect(controller.safe_redirect_path_for_url('http://example.com/hello/world')).to be_nil
+    end
+
+    it 'is `nil` for urls from a with a different port' do
+      expect(controller.safe_redirect_path_for_url('http://test.host:3000/hello/world')).to be_nil
+    end
+
+    it 'returns the path if the url is on the same host' do
+      expect(controller.safe_redirect_path_for_url('http://test.host/hello/world')).to eq('/hello/world')
+    end
+
+    it 'returns the path including querystring if the url is on the same host' do
+      expect(controller.safe_redirect_path_for_url('http://test.host/hello/world?hello=world#L123'))
+        .to eq('/hello/world?hello=world#L123')
+    end
+  end
+
+  describe '#host_allowed?' do
+    it 'allows uris with the same host and port' do
+      expect(controller.host_allowed?(URI('http://test.host/test'))).to be(true)
+    end
+
+    it 'rejects uris with other host and port' do
+      expect(controller.host_allowed?(URI('http://example.com/test'))).to be(false)
+    end
+  end
+end
diff --git a/spec/controllers/users/terms_controller_spec.rb b/spec/controllers/users/terms_controller_spec.rb
index 50e818a4520..a744463413c 100644
--- a/spec/controllers/users/terms_controller_spec.rb
+++ b/spec/controllers/users/terms_controller_spec.rb
@@ -36,6 +36,30 @@ describe Users::TermsController do
 
       expect(response).to redirect_to(groups_path)
     end
+
+    it 'redirects to the referer when no redirect specified' do
+      request.env["HTTP_REFERER"] = groups_url
+
+      post :accept, id: term.id
+
+      expect(response).to redirect_to(groups_path)
+    end
+
+    context 'redirecting to another domain' do
+      it 'is prevented when passing a redirect param' do
+        post :accept, id: term.id, redirect: '//example.com/random/path'
+
+        expect(response).to redirect_to(root_path)
+      end
+
+      it 'is prevented when redirecting to the referer' do
+        request.env["HTTP_REFERER"] = 'http://example.com/and/a/path'
+
+        post :accept, id: term.id
+
+        expect(response).to redirect_to(root_path)
+      end
+    end
   end
 
   describe 'POST #decline' do
diff --git a/spec/features/admin/admin_settings_spec.rb b/spec/features/admin/admin_settings_spec.rb
index b74643bac55..f2f9b734c39 100644
--- a/spec/features/admin/admin_settings_spec.rb
+++ b/spec/features/admin/admin_settings_spec.rb
@@ -2,10 +2,13 @@ require 'spec_helper'
 
 feature 'Admin updates settings' do
   include StubENV
+  include TermsHelper
+
+  let(:admin) { create(:admin) }
 
   before do
     stub_env('IN_MEMORY_APPLICATION_SETTINGS', 'false')
-    sign_in(create(:admin))
+    sign_in(admin)
     visit admin_application_settings_path
   end
 
@@ -86,6 +89,10 @@ feature 'Admin updates settings' do
   end
 
   scenario 'Terms of Service' do
+    # Already have the admin accept terms, so they don't need to accept in this spec.
+    _existing_terms = create(:term)
+    accept_terms(admin)
+
     page.within('.as-terms') do
       check 'Require all users to accept Terms of Service when they access GitLab.'
       fill_in 'Terms of Service Agreement', with: 'Be nice!'
diff --git a/spec/features/users/login_spec.rb b/spec/features/users/login_spec.rb
index 9e10bfb2adc..94a2b289e64 100644
--- a/spec/features/users/login_spec.rb
+++ b/spec/features/users/login_spec.rb
@@ -1,6 +1,8 @@
 require 'spec_helper'
 
 feature 'Login' do
+  include TermsHelper
+
   scenario 'Successful user signin invalidates password reset token' do
     user = create(:user)
 
@@ -399,4 +401,41 @@ feature 'Login' do
       expect(page).to have_selector('.tab-pane.active', count: 1)
     end
   end
+
+  context 'when terms are enforced' do
+    let(:user) { create(:user) }
+
+    before do
+      enforce_terms
+    end
+
+    it 'asks to accept the terms on first login' do
+      visit new_user_session_path
+
+      fill_in 'user_login', with: user.email
+      fill_in 'user_password', with: '12345678'
+
+      click_button 'Sign in'
+
+      expect_to_be_on_terms_page
+
+      click_button 'Accept terms'
+
+      expect(current_path).to eq(root_path)
+      expect(page).not_to have_content('You are already signed in.')
+    end
+
+    it 'does not ask for terms when the user already accepted them' do
+      accept_terms(user)
+
+      visit new_user_session_path
+
+      fill_in 'user_login', with: user.email
+      fill_in 'user_password', with: '12345678'
+
+      click_button 'Sign in'
+
+      expect(current_path).to eq(root_path)
+    end
+  end
 end
diff --git a/spec/features/users/signup_spec.rb b/spec/features/users/signup_spec.rb
index 5d539f0ccbe..b5bd5c505f2 100644
--- a/spec/features/users/signup_spec.rb
+++ b/spec/features/users/signup_spec.rb
@@ -1,6 +1,8 @@
 require 'spec_helper'
 
 describe 'Signup' do
+  include TermsHelper
+
   let(:new_user) { build_stubbed(:user) }
 
   describe 'username validation', :js do
@@ -132,4 +134,27 @@ describe 'Signup' do
       expect(page.body).not_to match(/#{new_user.password}/)
     end
   end
+
+  context 'when terms are enforced' do
+    before do
+      enforce_terms
+    end
+
+    it 'asks the user to accept terms before going to the dashboard' do
+      visit root_path
+
+      fill_in 'new_user_name',                with: new_user.name
+      fill_in 'new_user_username',            with: new_user.username
+      fill_in 'new_user_email',               with: new_user.email
+      fill_in 'new_user_email_confirmation',  with: new_user.email
+      fill_in 'new_user_password',            with: new_user.password
+      click_button "Register"
+
+      expect_to_be_on_terms_page
+
+      click_button 'Accept terms'
+
+      expect(current_path).to eq dashboard_projects_path
+    end
+  end
 end
diff --git a/spec/features/users/terms_spec.rb b/spec/features/users/terms_spec.rb
index a33f0937fab..bf6b5fa3d6a 100644
--- a/spec/features/users/terms_spec.rb
+++ b/spec/features/users/terms_spec.rb
@@ -1,6 +1,8 @@
 require 'spec_helper'
 
 describe 'Users > Terms' do
+  include TermsHelper
+
   let(:user) { create(:user) }
   let!(:term) { create(:term, terms: 'By accepting, you promise to be nice!') }
 
@@ -36,4 +38,47 @@ describe 'Users > Terms' do
       expect(user.reload.terms_accepted?).to be(true)
     end
   end
+
+  context 'terms were enforced while session is active', :js do
+    let(:project) { create(:project) }
+
+    before do
+      project.add_developer(user)
+    end
+
+    it 'redirects to terms and back to where the user was going'  do
+      visit project_path(project)
+
+      enforce_terms
+
+      within('.nav-sidebar') do
+        click_link 'Issues'
+      end
+
+      expect_to_be_on_terms_page
+
+      click_button('Accept terms')
+
+      expect(current_path).to eq(project_issues_path(project))
+    end
+
+    it 'redirects back to the page the user was trying to save' do
+      visit new_project_issue_path(project)
+
+      fill_in :issue_title, with: 'Hello world, a new issue'
+      fill_in :issue_description, with: "We don't want to lose what the user typed"
+
+      enforce_terms
+
+      click_button 'Submit issue'
+
+      expect(current_path).to eq(terms_path)
+
+      click_button('Accept terms')
+
+      expect(current_path).to eq(new_project_issue_path(project))
+      expect(find_field('issue_title').value).to eq('Hello world, a new issue')
+      expect(find_field('issue_description').value).to eq("We don't want to lose what the user typed")
+    end
+  end
 end
diff --git a/spec/policies/global_policy_spec.rb b/spec/policies/global_policy_spec.rb
index 5b8cf2e6ab5..ec26810e371 100644
--- a/spec/policies/global_policy_spec.rb
+++ b/spec/policies/global_policy_spec.rb
@@ -1,6 +1,8 @@
 require 'spec_helper'
 
 describe GlobalPolicy do
+  include TermsHelper
+
   let(:current_user) { create(:user) }
   let(:user) { create(:user) }
 
diff --git a/spec/support/helpers/terms_helper.rb b/spec/support/helpers/terms_helper.rb
new file mode 100644
index 00000000000..a00ec14138b
--- /dev/null
+++ b/spec/support/helpers/terms_helper.rb
@@ -0,0 +1,19 @@
+module TermsHelper
+  def enforce_terms
+    stub_env('IN_MEMORY_APPLICATION_SETTINGS', 'false')
+    settings = Gitlab::CurrentSettings.current_application_settings
+    ApplicationSettings::UpdateService.new(
+      settings, nil, terms: 'These are the terms', enforce_terms: true
+    ).execute
+  end
+
+  def accept_terms(user)
+    terms = Gitlab::CurrentSettings.current_application_settings.latest_terms
+    Users::RespondToTermsService.new(user, terms).execute(accepted: true)
+  end
+
+  def expect_to_be_on_terms_page
+    expect(current_path).to eq terms_path
+    expect(page).to have_content('Please accept the Terms of Service before continuing.')
+  end
+end

From 39916fdfeddfd75279d13fa976fdb07f3b9b0e26 Mon Sep 17 00:00:00 2001
From: Bob Van Landuyt <bob@vanlanduyt.co>
Date: Wed, 2 May 2018 20:25:21 +0200
Subject: [PATCH 119/129] Reuses `InternalRedirect` when possible

`InternalRedirect` prevents Open redirect issues by only allowing
redirection to paths on the same host.

It cleans up any unwanted strings from the path that could point to
another host (fe. //about.gitlab.com/hello). While preserving the
querystring and fragment of the uri.

It is already used by:

- `TermsController`
- `ContinueParams`
  - `ImportsController`
  - `ForksController`
- `SessionsController`: Only for verifying the host in CE. EE allows
   redirecting to a different instance using Geo.
---
 app/controllers/concerns/continue_params.rb   |  4 +-
 app/controllers/sessions_controller.rb        |  9 +---
 .../concerns/continue_params_spec.rb          | 45 +++++++++++++++++++
 spec/controllers/sessions_controller_spec.rb  |  2 +-
 4 files changed, 50 insertions(+), 10 deletions(-)
 create mode 100644 spec/controllers/concerns/continue_params_spec.rb

diff --git a/app/controllers/concerns/continue_params.rb b/app/controllers/concerns/continue_params.rb
index eb3a623acdd..8b7355974df 100644
--- a/app/controllers/concerns/continue_params.rb
+++ b/app/controllers/concerns/continue_params.rb
@@ -1,4 +1,5 @@
 module ContinueParams
+  include InternalRedirect
   extend ActiveSupport::Concern
 
   def continue_params
@@ -6,8 +7,7 @@ module ContinueParams
     return nil unless continue_params
 
     continue_params = continue_params.permit(:to, :notice, :notice_now)
-    return unless continue_params[:to] && continue_params[:to].start_with?('/')
-    return if continue_params[:to].start_with?('//')
+    continue_params[:to] = safe_redirect_path(continue_params[:to])
 
     continue_params
   end
diff --git a/app/controllers/sessions_controller.rb b/app/controllers/sessions_controller.rb
index f3a4aa849c7..1a339f76d26 100644
--- a/app/controllers/sessions_controller.rb
+++ b/app/controllers/sessions_controller.rb
@@ -1,4 +1,5 @@
 class SessionsController < Devise::SessionsController
+  include InternalRedirect
   include AuthenticatesWithTwoFactor
   include Devise::Controllers::Rememberable
   include Recaptcha::ClientHelper
@@ -102,18 +103,12 @@ class SessionsController < Devise::SessionsController
     # we should never redirect to '/users/sign_in' after signing in successfully.
     return true if redirect_uri.path == new_user_session_path
 
-    redirect_to = redirect_uri.to_s if redirect_allowed_to?(redirect_uri)
+    redirect_to = redirect_uri.to_s if host_allowed?(redirect_uri)
 
     @redirect_to = redirect_to
     store_location_for(:redirect, redirect_to)
   end
 
-  # Overridden in EE
-  def redirect_allowed_to?(uri)
-    uri.host == Gitlab.config.gitlab.host &&
-      uri.port == Gitlab.config.gitlab.port
-  end
-
   def two_factor_enabled?
     find_user&.two_factor_enabled?
   end
diff --git a/spec/controllers/concerns/continue_params_spec.rb b/spec/controllers/concerns/continue_params_spec.rb
new file mode 100644
index 00000000000..e2f683ae393
--- /dev/null
+++ b/spec/controllers/concerns/continue_params_spec.rb
@@ -0,0 +1,45 @@
+require 'spec_helper'
+
+describe ContinueParams do
+  let(:controller_class) do
+    Class.new(ActionController::Base) do
+      include ContinueParams
+
+      def request
+        @request ||= Struct.new(:host, :port).new('test.host', 80)
+      end
+    end
+  end
+  subject(:controller) { controller_class.new }
+
+  def strong_continue_params(params)
+    ActionController::Parameters.new(continue: params)
+  end
+
+  it 'cleans up any params that are not allowed' do
+    allow(controller).to receive(:params) do
+      strong_continue_params(to: '/hello',
+                             notice: 'world',
+                             notice_now: '!',
+                             something: 'else')
+    end
+
+    expect(controller.continue_params.keys).to contain_exactly(*%w(to notice notice_now))
+  end
+
+  it 'does not allow cross host redirection' do
+    allow(controller).to receive(:params) do
+      strong_continue_params(to: '//example.com')
+    end
+
+    expect(controller.continue_params[:to]).to be_nil
+  end
+
+  it 'allows redirecting to a path with querystring' do
+    allow(controller).to receive(:params) do
+      strong_continue_params(to: '/hello/world?query=string')
+    end
+
+    expect(controller.continue_params[:to]).to eq('/hello/world?query=string')
+  end
+end
diff --git a/spec/controllers/sessions_controller_spec.rb b/spec/controllers/sessions_controller_spec.rb
index 55bd4352bd3..555b186fe31 100644
--- a/spec/controllers/sessions_controller_spec.rb
+++ b/spec/controllers/sessions_controller_spec.rb
@@ -265,7 +265,7 @@ describe SessionsController do
     it 'redirects correctly for referer on same host with params' do
       search_path = '/search?search=seed_project'
       allow(controller.request).to receive(:referer)
-        .and_return('http://%{host}%{path}' % { host: Gitlab.config.gitlab.host, path: search_path })
+        .and_return('http://%{host}%{path}' % { host: 'test.host', path: search_path })
 
       get(:new, redirect_to_referer: :yes)
 

From b14719ea04f29888e2bbbdccda872d3cb4e70ae7 Mon Sep 17 00:00:00 2001
From: Dylan Griffith <dyl.griffith@gmail.com>
Date: Fri, 4 May 2018 14:16:41 +0200
Subject: [PATCH 120/129] Partially revert
 ebcd5711c5ff937bf925002bf9a5b636b037684e to fix runner pages

As described in https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/18738 there is a problem and the larger fix may take longer so we can just revert this small change for now
---
 app/views/admin/runners/_runner.html.haml | 2 +-
 app/views/projects/runners/show.html.haml | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/app/views/admin/runners/_runner.html.haml b/app/views/admin/runners/_runner.html.haml
index 99fbbaec487..6e76e7c2768 100644
--- a/app/views/admin/runners/_runner.html.haml
+++ b/app/views/admin/runners/_runner.html.haml
@@ -33,7 +33,7 @@
         = tag
   %td
     - if runner.contacted_at
-      = time_ago_with_tooltip runner.contacted_at
+      #{time_ago_in_words(runner.contacted_at)} ago
     - else
       Never
   %td.admin-runner-btn-group-cell
diff --git a/app/views/projects/runners/show.html.haml b/app/views/projects/runners/show.html.haml
index 322152cfaca..f33e7e25b68 100644
--- a/app/views/projects/runners/show.html.haml
+++ b/app/views/projects/runners/show.html.haml
@@ -62,6 +62,6 @@
       %td Last contact
       %td
         - if @runner.contacted_at
-          = time_ago_with_tooltip @runner.contacted_at
+          #{time_ago_in_words(@runner.contacted_at)} ago
         - else
           Never

From 5d003f3d1dfcc5f743c6c1bcd17e84bf4646bf78 Mon Sep 17 00:00:00 2001
From: Douwe Maan <douwe@selenight.nl>
Date: Fri, 4 May 2018 14:47:47 +0200
Subject: [PATCH 121/129] Ensure web hook 'blocked URL' errors are stored in as
 web hook logs and properly surfaced to the user

---
 app/services/web_hook_service.rb                            | 2 +-
 .../unreleased/dm-webhook-catch-blocked-url-exception.yml   | 6 ++++++
 spec/services/web_hook_service_spec.rb                      | 2 +-
 3 files changed, 8 insertions(+), 2 deletions(-)
 create mode 100644 changelogs/unreleased/dm-webhook-catch-blocked-url-exception.yml

diff --git a/app/services/web_hook_service.rb b/app/services/web_hook_service.rb
index 809ce1303d8..7ec52b6ce2b 100644
--- a/app/services/web_hook_service.rb
+++ b/app/services/web_hook_service.rb
@@ -41,7 +41,7 @@ class WebHookService
       http_status: response.code,
       message: response.to_s
     }
-  rescue SocketError, OpenSSL::SSL::SSLError, Errno::ECONNRESET, Errno::ECONNREFUSED, Errno::EHOSTUNREACH, Net::OpenTimeout, Net::ReadTimeout => e
+  rescue SocketError, OpenSSL::SSL::SSLError, Errno::ECONNRESET, Errno::ECONNREFUSED, Errno::EHOSTUNREACH, Net::OpenTimeout, Net::ReadTimeout, Gitlab::HTTP::BlockedUrlError => e
     log_execution(
       trigger: hook_name,
       url: hook.url,
diff --git a/changelogs/unreleased/dm-webhook-catch-blocked-url-exception.yml b/changelogs/unreleased/dm-webhook-catch-blocked-url-exception.yml
new file mode 100644
index 00000000000..6fcb16a3445
--- /dev/null
+++ b/changelogs/unreleased/dm-webhook-catch-blocked-url-exception.yml
@@ -0,0 +1,6 @@
+---
+title: Ensure web hook 'blocked URL' errors are stored in as web hook logs and properly
+  surfaced to the user
+merge_request:
+author:
+type: fixed
diff --git a/spec/services/web_hook_service_spec.rb b/spec/services/web_hook_service_spec.rb
index 2ef2e61babc..7995f2c9ae7 100644
--- a/spec/services/web_hook_service_spec.rb
+++ b/spec/services/web_hook_service_spec.rb
@@ -67,7 +67,7 @@ describe WebHookService do
     end
 
     it 'handles exceptions' do
-      exceptions = [SocketError, OpenSSL::SSL::SSLError, Errno::ECONNRESET, Errno::ECONNREFUSED, Errno::EHOSTUNREACH, Net::OpenTimeout, Net::ReadTimeout]
+      exceptions = [SocketError, OpenSSL::SSL::SSLError, Errno::ECONNRESET, Errno::ECONNREFUSED, Errno::EHOSTUNREACH, Net::OpenTimeout, Net::ReadTimeout, Gitlab::HTTP::BlockedUrlError]
       exceptions.each do |exception_class|
         exception = exception_class.new('Exception message')
 

From e178b0a2876092546a85d2bd2df169184f551361 Mon Sep 17 00:00:00 2001
From: Lin Jen-Shin <godfat@godfat.org>
Date: Fri, 4 May 2018 00:39:50 +0800
Subject: [PATCH 122/129] Ignore knapsack and rspec_flaky

---
 .gitignore | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/.gitignore b/.gitignore
index e1561c9db9a..c7d1648615d 100644
--- a/.gitignore
+++ b/.gitignore
@@ -68,6 +68,8 @@ eslint-report.html
 /shared/*
 /.gitlab_workhorse_secret
 /webpack-report/
+/knapsack/
+/rspec_flaky/
 /locale/**/LC_MESSAGES
 /locale/**/*.time_stamp
 /.rspec

From 6386b412342a64ee34f81695231a0014c84cc2f5 Mon Sep 17 00:00:00 2001
From: Mark Fletcher <mark@gitlab.com>
Date: Fri, 4 May 2018 13:55:16 +0100
Subject: [PATCH 123/129] AutoDevOps Docs fix invalid external link

---
 doc/topics/autodevops/index.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/doc/topics/autodevops/index.md b/doc/topics/autodevops/index.md
index 882ddf4d2c5..5254e6e3d9a 100644
--- a/doc/topics/autodevops/index.md
+++ b/doc/topics/autodevops/index.md
@@ -389,7 +389,7 @@ If you have installed GitLab using a different method, you need to:
 1. [Deploy Prometheus](../../user/project/integrations/prometheus.md#configuring-your-own-prometheus-server-within-kubernetes) into your Kubernetes cluster
 1. If you would like response metrics, ensure you are running at least version
    0.9.0 of NGINX Ingress and
-   [enable Prometheus metrics](https://github.com/kubernetes/ingress/blob/master/examples/customization/custom-vts-metrics/nginx/nginx-vts-metrics-conf.yaml).
+   [enable Prometheus metrics](https://github.com/kubernetes/ingress-nginx/blob/master/docs/examples/customization/custom-vts-metrics-prometheus/nginx-vts-metrics-conf.yaml).
 1. Finally, [annotate](https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/)
    the NGINX Ingress deployment to be scraped by Prometheus using
    `prometheus.io/scrape: "true"` and `prometheus.io/port: "10254"`.

From bc7ea2d4386f5624676e7a2ffb196de19d52910b Mon Sep 17 00:00:00 2001
From: James Lopez <james@gitlab.com>
Date: Fri, 4 May 2018 12:42:58 +0000
Subject: [PATCH 124/129] Add ci_cd_settings delete_all dependency on project

---
 app/models/project.rb                                     | 2 +-
 ...import-is-broken-due-to-the-addition-of-a-ci-table.yml | 5 +++++
 spec/models/project_spec.rb                               | 8 ++++++++
 3 files changed, 14 insertions(+), 1 deletion(-)
 create mode 100644 changelogs/unreleased/46049-import-export-import-is-broken-due-to-the-addition-of-a-ci-table.yml

diff --git a/app/models/project.rb b/app/models/project.rb
index 50c404c300a..eb092ee742d 100644
--- a/app/models/project.rb
+++ b/app/models/project.rb
@@ -234,7 +234,7 @@ class Project < ActiveRecord::Base
   has_many :custom_attributes, class_name: 'ProjectCustomAttribute'
 
   has_many :project_badges, class_name: 'ProjectBadge'
-  has_one :ci_cd_settings, class_name: 'ProjectCiCdSetting', inverse_of: :project, autosave: true
+  has_one :ci_cd_settings, class_name: 'ProjectCiCdSetting', inverse_of: :project, autosave: true, dependent: :destroy # rubocop:disable Cop/ActiveRecordDependent
 
   accepts_nested_attributes_for :variables, allow_destroy: true
   accepts_nested_attributes_for :project_feature, update_only: true
diff --git a/changelogs/unreleased/46049-import-export-import-is-broken-due-to-the-addition-of-a-ci-table.yml b/changelogs/unreleased/46049-import-export-import-is-broken-due-to-the-addition-of-a-ci-table.yml
new file mode 100644
index 00000000000..77e4bb50082
--- /dev/null
+++ b/changelogs/unreleased/46049-import-export-import-is-broken-due-to-the-addition-of-a-ci-table.yml
@@ -0,0 +1,5 @@
+---
+title: Resolve Import/Export ci_cd_settings error updating the project
+merge_request: 46049
+author:
+type: fixed
diff --git a/spec/models/project_spec.rb b/spec/models/project_spec.rb
index 08e42b61910..ce9783db062 100644
--- a/spec/models/project_spec.rb
+++ b/spec/models/project_spec.rb
@@ -101,6 +101,14 @@ describe Project do
       end
     end
 
+    context 'updating cd_cd_settings' do
+      it 'does not raise an error' do
+        project = create(:project)
+
+        expect{ project.update(ci_cd_settings: nil) }.not_to raise_exception
+      end
+    end
+
     describe '#members & #requesters' do
       let(:project) { create(:project, :public, :access_requestable) }
       let(:requester) { create(:user) }

From 7425f2b32217f71f99ff8642664a6642dfaeff87 Mon Sep 17 00:00:00 2001
From: James Edwards-Jones <jedwardsjones@gitlab.com>
Date: Mon, 23 Apr 2018 00:05:12 +0100
Subject: [PATCH 125/129] Backport IdentityLinker#failed? from GroupSaml
 callback flow

---
 app/controllers/omniauth_callbacks_controller.rb | 2 +-
 lib/gitlab/auth/omniauth_identity_linker_base.rb | 4 ++++
 2 files changed, 5 insertions(+), 1 deletion(-)

diff --git a/app/controllers/omniauth_callbacks_controller.rb b/app/controllers/omniauth_callbacks_controller.rb
index 40d9fa18a10..ed89bed029b 100644
--- a/app/controllers/omniauth_callbacks_controller.rb
+++ b/app/controllers/omniauth_callbacks_controller.rb
@@ -82,7 +82,7 @@ class OmniauthCallbacksController < Devise::OmniauthCallbacksController
 
       if identity_linker.changed?
         redirect_identity_linked
-      elsif identity_linker.error_message.present?
+      elsif identity_linker.failed?
         redirect_identity_link_failed(identity_linker.error_message)
       else
         redirect_identity_exists
diff --git a/lib/gitlab/auth/omniauth_identity_linker_base.rb b/lib/gitlab/auth/omniauth_identity_linker_base.rb
index ae365fcdfaa..f79ce6bb809 100644
--- a/lib/gitlab/auth/omniauth_identity_linker_base.rb
+++ b/lib/gitlab/auth/omniauth_identity_linker_base.rb
@@ -17,6 +17,10 @@ module Gitlab
         @changed
       end
 
+      def failed?
+        error_message.present?
+      end
+
       def error_message
         identity.validate
 

From 4f04aeec80bbfcb025e321693e6ca99b01244bb4 Mon Sep 17 00:00:00 2001
From: James Lopez <james@jameslopez.es>
Date: Fri, 4 May 2018 17:22:06 +0200
Subject: [PATCH 126/129] fix missing space

---
 spec/models/project_spec.rb | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/spec/models/project_spec.rb b/spec/models/project_spec.rb
index ce9783db062..c88510020c8 100644
--- a/spec/models/project_spec.rb
+++ b/spec/models/project_spec.rb
@@ -105,7 +105,7 @@ describe Project do
       it 'does not raise an error' do
         project = create(:project)
 
-        expect{ project.update(ci_cd_settings: nil) }.not_to raise_exception
+        expect { project.update(ci_cd_settings: nil) }.not_to raise_exception
       end
     end
 

From cf76c8575beae985951e12066037db6c34941d19 Mon Sep 17 00:00:00 2001
From: Douwe Maan <douwe@gitlab.com>
Date: Fri, 4 May 2018 15:32:02 +0000
Subject: [PATCH 127/129] Fix typo in changelog entry

[ci skip]
---
 .../unreleased/dm-webhook-catch-blocked-url-exception.yml       | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/changelogs/unreleased/dm-webhook-catch-blocked-url-exception.yml b/changelogs/unreleased/dm-webhook-catch-blocked-url-exception.yml
index 6fcb16a3445..c4f8f7acca6 100644
--- a/changelogs/unreleased/dm-webhook-catch-blocked-url-exception.yml
+++ b/changelogs/unreleased/dm-webhook-catch-blocked-url-exception.yml
@@ -1,5 +1,5 @@
 ---
-title: Ensure web hook 'blocked URL' errors are stored in as web hook logs and properly
+title: Ensure web hook 'blocked URL' errors are stored in web hook logs and properly
   surfaced to the user
 merge_request:
 author:

From bddbcaefc2389e4c61763472cecbea150f10cd75 Mon Sep 17 00:00:00 2001
From: Tiago Botelho <tiagonbotelho@hotmail.com>
Date: Wed, 2 May 2018 14:35:04 +0100
Subject: [PATCH 128/129] Backports every CE related change from ee-44542 to CE

---
 app/controllers/import/base_controller.rb     |  11 ++
 .../import/bitbucket_controller.rb            |   6 +-
 app/controllers/import/fogbugz_controller.rb  |   5 +-
 app/controllers/import/github_controller.rb   |   5 +-
 app/controllers/import/gitlab_controller.rb   |   5 +-
 .../import/google_code_controller.rb          |   5 +-
 app/models/project.rb                         | 154 +++++++++++-------
 app/models/project_import_state.rb            |  55 +++++++
 app/services/projects/create_service.rb       |   2 +-
 .../github_import/advance_stage_worker.rb     |   9 +-
 .../refresh_import_jid_worker.rb              |   5 +-
 app/workers/stuck_import_jobs_worker.rb       |   9 +-
 ...180502122856_create_project_mirror_data.rb |  20 +++
 ...5054_add_indexes_to_project_mirror_data.rb |  17 ++
 ...ta_from_projects_to_project_mirror_data.rb |  38 +++++
 db/schema.rb                                  |  14 +-
 lib/api/entities.rb                           |   1 +
 .../populate_import_state.rb                  |  39 +++++
 .../rollback_import_state_data.rb             |  40 +++++
 lib/gitlab/github_import/parallel_importer.rb |   3 +-
 lib/gitlab/legacy_github_import/importer.rb   |   3 +-
 spec/factories/import_state.rb                |  38 +++++
 spec/factories/projects.rb                    |  32 +++-
 .../import_export/import_file_spec.rb         |   2 +-
 .../populate_import_state_spec.rb             |  38 +++++
 .../rollback_import_state_data_spec.rb        |  28 ++++
 .../importer/repository_importer_spec.rb      |   4 +-
 .../github_import/parallel_importer_spec.rb   |   4 +-
 spec/lib/gitlab/import_export/all_models.yml  |   1 +
 ...om_projects_to_project_mirror_data_spec.rb |  56 +++++++
 spec/models/project_import_state_spec.rb      |  13 ++
 spec/models/project_spec.rb                   |   6 +-
 spec/requests/api/project_import_spec.rb      |   5 +-
 .../create_from_template_service_spec.rb      |   2 +-
 .../projects/imports/new.html.haml_spec.rb    |   3 +-
 .../advance_stage_worker_spec.rb              |   6 +-
 .../refresh_import_jid_worker_spec.rb         |  20 ++-
 spec/workers/repository_import_worker_spec.rb |   8 +-
 spec/workers/stuck_import_jobs_worker_spec.rb |  12 +-
 39 files changed, 610 insertions(+), 114 deletions(-)
 create mode 100644 app/models/project_import_state.rb
 create mode 100644 db/migrate/20180502122856_create_project_mirror_data.rb
 create mode 100644 db/migrate/20180503175054_add_indexes_to_project_mirror_data.rb
 create mode 100644 db/post_migrate/20180502134117_migrate_import_attributes_data_from_projects_to_project_mirror_data.rb
 create mode 100644 lib/gitlab/background_migration/populate_import_state.rb
 create mode 100644 lib/gitlab/background_migration/rollback_import_state_data.rb
 create mode 100644 spec/factories/import_state.rb
 create mode 100644 spec/lib/gitlab/background_migration/populate_import_state_spec.rb
 create mode 100644 spec/lib/gitlab/background_migration/rollback_import_state_data_spec.rb
 create mode 100644 spec/migrations/migrate_import_attributes_data_from_projects_to_project_mirror_data_spec.rb
 create mode 100644 spec/models/project_import_state_spec.rb

diff --git a/app/controllers/import/base_controller.rb b/app/controllers/import/base_controller.rb
index c84fc2d305d..bcb856ce3f4 100644
--- a/app/controllers/import/base_controller.rb
+++ b/app/controllers/import/base_controller.rb
@@ -1,6 +1,17 @@
 class Import::BaseController < ApplicationController
   private
 
+  def find_already_added_projects(import_type)
+    current_user.created_projects.where(import_type: import_type).includes(:import_state)
+  end
+
+  def find_jobs(import_type)
+    current_user.created_projects
+        .includes(:import_state)
+        .where(import_type: import_type)
+        .to_json(only: [:id], methods: [:import_status])
+  end
+
   def find_or_create_namespace(names, owner)
     names = params[:target_namespace].presence || names
 
diff --git a/app/controllers/import/bitbucket_controller.rb b/app/controllers/import/bitbucket_controller.rb
index 61d81ad8a71..77af5fb9c4f 100644
--- a/app/controllers/import/bitbucket_controller.rb
+++ b/app/controllers/import/bitbucket_controller.rb
@@ -22,16 +22,14 @@ class Import::BitbucketController < Import::BaseController
 
     @repos, @incompatible_repos = repos.partition { |repo| repo.valid? }
 
-    @already_added_projects = current_user.created_projects.where(import_type: 'bitbucket')
+    @already_added_projects = find_already_added_projects('bitbucket')
     already_added_projects_names = @already_added_projects.pluck(:import_source)
 
     @repos.to_a.reject! { |repo| already_added_projects_names.include?(repo.full_name) }
   end
 
   def jobs
-    render json: current_user.created_projects
-                             .where(import_type: 'bitbucket')
-                             .to_json(only: [:id, :import_status])
+    render json: find_jobs('bitbucket')
   end
 
   def create
diff --git a/app/controllers/import/fogbugz_controller.rb b/app/controllers/import/fogbugz_controller.rb
index 669eb31a995..25ec13b8075 100644
--- a/app/controllers/import/fogbugz_controller.rb
+++ b/app/controllers/import/fogbugz_controller.rb
@@ -46,15 +46,14 @@ class Import::FogbugzController < Import::BaseController
 
     @repos = client.repos
 
-    @already_added_projects = current_user.created_projects.where(import_type: 'fogbugz')
+    @already_added_projects = find_already_added_projects('fogbugz')
     already_added_projects_names = @already_added_projects.pluck(:import_source)
 
     @repos.reject! { |repo| already_added_projects_names.include? repo.name }
   end
 
   def jobs
-    jobs = current_user.created_projects.where(import_type: 'fogbugz').to_json(only: [:id, :import_status])
-    render json: jobs
+    render json: find_jobs('fogbugz')
   end
 
   def create
diff --git a/app/controllers/import/github_controller.rb b/app/controllers/import/github_controller.rb
index eb7d5fca367..f67ec4c248b 100644
--- a/app/controllers/import/github_controller.rb
+++ b/app/controllers/import/github_controller.rb
@@ -24,15 +24,14 @@ class Import::GithubController < Import::BaseController
 
   def status
     @repos = client.repos
-    @already_added_projects = current_user.created_projects.where(import_type: provider)
+    @already_added_projects = find_already_added_projects(provider)
     already_added_projects_names = @already_added_projects.pluck(:import_source)
 
     @repos.reject! { |repo| already_added_projects_names.include? repo.full_name }
   end
 
   def jobs
-    jobs = current_user.created_projects.where(import_type: provider).to_json(only: [:id, :import_status])
-    render json: jobs
+    render json: find_jobs(provider)
   end
 
   def create
diff --git a/app/controllers/import/gitlab_controller.rb b/app/controllers/import/gitlab_controller.rb
index 18f1d20f5a9..39e2e9e094b 100644
--- a/app/controllers/import/gitlab_controller.rb
+++ b/app/controllers/import/gitlab_controller.rb
@@ -12,15 +12,14 @@ class Import::GitlabController < Import::BaseController
   def status
     @repos = client.projects
 
-    @already_added_projects = current_user.created_projects.where(import_type: "gitlab")
+    @already_added_projects = find_already_added_projects('gitlab')
     already_added_projects_names = @already_added_projects.pluck(:import_source)
 
     @repos = @repos.to_a.reject { |repo| already_added_projects_names.include? repo["path_with_namespace"] }
   end
 
   def jobs
-    jobs = current_user.created_projects.where(import_type: "gitlab").to_json(only: [:id, :import_status])
-    render json: jobs
+    render json: find_jobs('gitlab')
   end
 
   def create
diff --git a/app/controllers/import/google_code_controller.rb b/app/controllers/import/google_code_controller.rb
index baa19fb383d..9b26a00f7c7 100644
--- a/app/controllers/import/google_code_controller.rb
+++ b/app/controllers/import/google_code_controller.rb
@@ -73,15 +73,14 @@ class Import::GoogleCodeController < Import::BaseController
     @repos = client.repos
     @incompatible_repos = client.incompatible_repos
 
-    @already_added_projects = current_user.created_projects.where(import_type: "google_code")
+    @already_added_projects = find_already_added_projects('google_code')
     already_added_projects_names = @already_added_projects.pluck(:import_source)
 
     @repos.reject! { |repo| already_added_projects_names.include? repo.name }
   end
 
   def jobs
-    jobs = current_user.created_projects.where(import_type: "google_code").to_json(only: [:id, :import_status])
-    render json: jobs
+    render json: find_jobs('google_code')
   end
 
   def create
diff --git a/app/models/project.rb b/app/models/project.rb
index 50c404c300a..41cad31ecf1 100644
--- a/app/models/project.rb
+++ b/app/models/project.rb
@@ -67,6 +67,9 @@ class Project < ActiveRecord::Base
   before_save :ensure_runners_token
 
   after_save :update_project_statistics, if: :namespace_id_changed?
+
+  after_save :create_import_state, if: ->(project) { project.import? && project.import_state.nil? }
+
   after_create :create_project_feature, unless: :project_feature
 
   after_create :create_ci_cd_settings,
@@ -157,6 +160,8 @@ class Project < ActiveRecord::Base
   has_one :fork_network_member
   has_one :fork_network, through: :fork_network_member
 
+  has_one :import_state, autosave: true, class_name: 'ProjectImportState', inverse_of: :project
+
   # Merge Requests for target project should be removed with it
   has_many :merge_requests, foreign_key: 'target_project_id'
   has_many :source_of_merge_requests, foreign_key: 'source_project_id', class_name: 'MergeRequest'
@@ -385,55 +390,9 @@ class Project < ActiveRecord::Base
   scope :abandoned, -> { where('projects.last_activity_at < ?', 6.months.ago) }
 
   scope :excluding_project, ->(project) { where.not(id: project) }
-  scope :import_started, -> { where(import_status: 'started') }
 
-  state_machine :import_status, initial: :none do
-    event :import_schedule do
-      transition [:none, :finished, :failed] => :scheduled
-    end
-
-    event :force_import_start do
-      transition [:none, :finished, :failed] => :started
-    end
-
-    event :import_start do
-      transition scheduled: :started
-    end
-
-    event :import_finish do
-      transition started: :finished
-    end
-
-    event :import_fail do
-      transition [:scheduled, :started] => :failed
-    end
-
-    event :import_retry do
-      transition failed: :started
-    end
-
-    state :scheduled
-    state :started
-    state :finished
-    state :failed
-
-    after_transition [:none, :finished, :failed] => :scheduled do |project, _|
-      project.run_after_commit do
-        job_id = add_import_job
-        update(import_jid: job_id) if job_id
-      end
-    end
-
-    after_transition started: :finished do |project, _|
-      project.reset_cache_and_import_attrs
-
-      if Gitlab::ImportSources.importer_names.include?(project.import_type) && project.repo_exists?
-        project.run_after_commit do
-          Projects::AfterImportService.new(project).execute
-        end
-      end
-    end
-  end
+  scope :joins_import_state, -> { joins("LEFT JOIN project_mirror_data import_state ON import_state.project_id = projects.id") }
+  scope :import_started, -> { joins_import_state.where("import_state.status = 'started' OR projects.import_status = 'started'") }
 
   class << self
     # Searches for a list of projects based on the query given in `query`.
@@ -663,10 +622,6 @@ class Project < ActiveRecord::Base
     external_import? || forked? || gitlab_project_import? || bare_repository_import?
   end
 
-  def no_import?
-    import_status == 'none'
-  end
-
   def external_import?
     import_url.present?
   end
@@ -679,6 +634,93 @@ class Project < ActiveRecord::Base
     import_started? || import_scheduled?
   end
 
+  def import_state_args
+    {
+      status: self[:import_status],
+      jid: self[:import_jid],
+      last_error: self[:import_error]
+    }
+  end
+
+  def ensure_import_state
+    return if self[:import_status] == 'none' || self[:import_status].nil?
+    return unless import_state.nil?
+
+    create_import_state(import_state_args)
+
+    update_column(:import_status, 'none')
+  end
+
+  def import_schedule
+    ensure_import_state
+
+    import_state&.schedule
+  end
+
+  def force_import_start
+    ensure_import_state
+
+    import_state&.force_start
+  end
+
+  def import_start
+    ensure_import_state
+
+    import_state&.start
+  end
+
+  def import_fail
+    ensure_import_state
+
+    import_state&.fail_op
+  end
+
+  def import_finish
+    ensure_import_state
+
+    import_state&.finish
+  end
+
+  def import_jid=(new_jid)
+    ensure_import_state
+
+    import_state&.jid = new_jid
+  end
+
+  def import_jid
+    ensure_import_state
+
+    import_state&.jid
+  end
+
+  def import_error=(new_error)
+    ensure_import_state
+
+    import_state&.last_error = new_error
+  end
+
+  def import_error
+    ensure_import_state
+
+    import_state&.last_error
+  end
+
+  def import_status=(new_status)
+    ensure_import_state
+
+    import_state&.status = new_status
+  end
+
+  def import_status
+    ensure_import_state
+
+    import_state&.status || 'none'
+  end
+
+  def no_import?
+    import_status == 'none'
+  end
+
   def import_started?
     # import? does SQL work so only run it if it looks like there's an import running
     import_status == 'started' && import?
@@ -1480,7 +1522,7 @@ class Project < ActiveRecord::Base
   def rename_repo_notify!
     # When we import a project overwriting the original project, there
     # is a move operation. In that case we don't want to send the instructions.
-    send_move_instructions(full_path_was) unless started?
+    send_move_instructions(full_path_was) unless import_started?
     expires_full_path_cache
 
     self.old_path_with_namespace = full_path_was
@@ -1534,7 +1576,8 @@ class Project < ActiveRecord::Base
     return unless import_jid
 
     Gitlab::SidekiqStatus.unset(import_jid)
-    update_column(:import_jid, nil)
+
+    import_state.update_column(:jid, nil)
   end
 
   def running_or_pending_build_count(force: false)
@@ -1553,7 +1596,8 @@ class Project < ActiveRecord::Base
     sanitized_message = Gitlab::UrlSanitizer.sanitize(error_message)
 
     import_fail
-    update_column(:import_error, sanitized_message)
+
+    import_state.update_column(:last_error, sanitized_message)
   rescue ActiveRecord::ActiveRecordError => e
     Rails.logger.error("Error setting import status to failed: #{e.message}. Original error: #{sanitized_message}")
   ensure
diff --git a/app/models/project_import_state.rb b/app/models/project_import_state.rb
new file mode 100644
index 00000000000..1605317ae14
--- /dev/null
+++ b/app/models/project_import_state.rb
@@ -0,0 +1,55 @@
+class ProjectImportState < ActiveRecord::Base
+  include AfterCommitQueue
+
+  self.table_name = "project_mirror_data"
+
+  belongs_to :project, inverse_of: :import_state
+
+  validates :project, presence: true
+
+  state_machine :status, initial: :none do
+    event :schedule do
+      transition [:none, :finished, :failed] => :scheduled
+    end
+
+    event :force_start do
+      transition [:none, :finished, :failed] => :started
+    end
+
+    event :start do
+      transition scheduled: :started
+    end
+
+    event :finish do
+      transition started: :finished
+    end
+
+    event :fail_op do
+      transition [:scheduled, :started] => :failed
+    end
+
+    state :scheduled
+    state :started
+    state :finished
+    state :failed
+
+    after_transition [:none, :finished, :failed] => :scheduled do |state, _|
+      state.run_after_commit do
+        job_id = project.add_import_job
+        update(jid: job_id) if job_id
+      end
+    end
+
+    after_transition started: :finished do |state, _|
+      project = state.project
+
+      project.reset_cache_and_import_attrs
+
+      if Gitlab::ImportSources.importer_names.include?(project.import_type) && project.repo_exists?
+        state.run_after_commit do
+          Projects::AfterImportService.new(project).execute
+        end
+      end
+    end
+  end
+end
diff --git a/app/services/projects/create_service.rb b/app/services/projects/create_service.rb
index d361d070993..d16ecdb7b9b 100644
--- a/app/services/projects/create_service.rb
+++ b/app/services/projects/create_service.rb
@@ -142,7 +142,7 @@ module Projects
 
       if @project
         @project.errors.add(:base, message)
-        @project.mark_import_as_failed(message) if @project.import?
+        @project.mark_import_as_failed(message) if @project.persisted? && @project.import?
       end
 
       @project
diff --git a/app/workers/gitlab/github_import/advance_stage_worker.rb b/app/workers/gitlab/github_import/advance_stage_worker.rb
index f7f498af840..8d708e15a66 100644
--- a/app/workers/gitlab/github_import/advance_stage_worker.rb
+++ b/app/workers/gitlab/github_import/advance_stage_worker.rb
@@ -63,11 +63,10 @@ module Gitlab
       end
 
       def find_project(id)
-        # We only care about the import JID so we can refresh it. We also only
-        # want the project if it hasn't been marked as failed yet. It's possible
-        # the import gets marked as stuck when jobs of the current stage failed
-        # somehow.
-        Project.select(:import_jid).import_started.find_by(id: id)
+        # TODO: Only select the JID
+        # This is due to the fact that the JID could be present in either the project record or
+        # its associated import_state record
+        Project.import_started.find_by(id: id)
       end
     end
   end
diff --git a/app/workers/gitlab/github_import/refresh_import_jid_worker.rb b/app/workers/gitlab/github_import/refresh_import_jid_worker.rb
index 7108b531bc2..68d2c5c4331 100644
--- a/app/workers/gitlab/github_import/refresh_import_jid_worker.rb
+++ b/app/workers/gitlab/github_import/refresh_import_jid_worker.rb
@@ -31,7 +31,10 @@ module Gitlab
       end
 
       def find_project(id)
-        Project.select(:import_jid).import_started.find_by(id: id)
+        # TODO: Only select the JID
+        # This is due to the fact that the JID could be present in either the project record or
+        # its associated import_state record
+        Project.import_started.find_by(id: id)
       end
     end
   end
diff --git a/app/workers/stuck_import_jobs_worker.rb b/app/workers/stuck_import_jobs_worker.rb
index fbb14efc525..6fdd7592e74 100644
--- a/app/workers/stuck_import_jobs_worker.rb
+++ b/app/workers/stuck_import_jobs_worker.rb
@@ -22,7 +22,8 @@ class StuckImportJobsWorker
   end
 
   def mark_projects_with_jid_as_failed!
-    jids_and_ids = enqueued_projects_with_jid.pluck(:import_jid, :id).to_h
+    # TODO: Rollback this change to use SQL through #pluck
+    jids_and_ids = enqueued_projects_with_jid.map { |project| [project.import_jid, project.id] }.to_h
 
     # Find the jobs that aren't currently running or that exceeded the threshold.
     completed_jids = Gitlab::SidekiqStatus.completed_jids(jids_and_ids.keys)
@@ -42,15 +43,15 @@ class StuckImportJobsWorker
   end
 
   def enqueued_projects
-    Project.with_import_status(:scheduled, :started)
+    Project.joins_import_state.where("(import_state.status = 'scheduled' OR import_state.status = 'started') OR (projects.import_status = 'scheduled' OR projects.import_status = 'started')")
   end
 
   def enqueued_projects_with_jid
-    enqueued_projects.where.not(import_jid: nil)
+    enqueued_projects.where.not("import_state.jid IS NULL AND projects.import_jid IS NULL")
   end
 
   def enqueued_projects_without_jid
-    enqueued_projects.where(import_jid: nil)
+    enqueued_projects.where("import_state.jid IS NULL AND projects.import_jid IS NULL")
   end
 
   def error_message
diff --git a/db/migrate/20180502122856_create_project_mirror_data.rb b/db/migrate/20180502122856_create_project_mirror_data.rb
new file mode 100644
index 00000000000..d449f944844
--- /dev/null
+++ b/db/migrate/20180502122856_create_project_mirror_data.rb
@@ -0,0 +1,20 @@
+class CreateProjectMirrorData < ActiveRecord::Migration
+  include Gitlab::Database::MigrationHelpers
+
+  DOWNTIME = false
+
+  def up
+    return if table_exists?(:project_mirror_data)
+
+    create_table :project_mirror_data do |t|
+      t.references :project, index: true, foreign_key: { on_delete: :cascade }
+      t.string :status
+      t.string :jid
+      t.text :last_error
+    end
+  end
+
+  def down
+    drop_table(:project_mirror_data) if table_exists?(:project_mirror_data)
+  end
+end
diff --git a/db/migrate/20180503175054_add_indexes_to_project_mirror_data.rb b/db/migrate/20180503175054_add_indexes_to_project_mirror_data.rb
new file mode 100644
index 00000000000..17570269b2e
--- /dev/null
+++ b/db/migrate/20180503175054_add_indexes_to_project_mirror_data.rb
@@ -0,0 +1,17 @@
+class AddIndexesToProjectMirrorData < ActiveRecord::Migration
+  include Gitlab::Database::MigrationHelpers
+
+  DOWNTIME = false
+
+  disable_ddl_transaction!
+
+  def up
+    add_concurrent_index :project_mirror_data, :jid
+    add_concurrent_index :project_mirror_data, :status
+  end
+
+  def down
+    remove_index :project_mirror_data, :jid if index_exists? :project_mirror_data, :jid
+    remove_index :project_mirror_data, :status if index_exists? :project_mirror_data, :status
+  end
+end
diff --git a/db/post_migrate/20180502134117_migrate_import_attributes_data_from_projects_to_project_mirror_data.rb b/db/post_migrate/20180502134117_migrate_import_attributes_data_from_projects_to_project_mirror_data.rb
new file mode 100644
index 00000000000..e39cd33c414
--- /dev/null
+++ b/db/post_migrate/20180502134117_migrate_import_attributes_data_from_projects_to_project_mirror_data.rb
@@ -0,0 +1,38 @@
+class MigrateImportAttributesDataFromProjectsToProjectMirrorData < ActiveRecord::Migration
+  include Gitlab::Database::MigrationHelpers
+
+  DOWNTIME = false
+
+  UP_MIGRATION = 'PopulateImportState'.freeze
+  DOWN_MIGRATION = 'RollbackImportStateData'.freeze
+
+  BATCH_SIZE = 1000
+  DELAY_INTERVAL = 5.minutes
+
+  disable_ddl_transaction!
+
+  class Project < ActiveRecord::Base
+    include EachBatch
+
+    self.table_name = 'projects'
+  end
+
+  class ProjectImportState < ActiveRecord::Base
+    include EachBatch
+
+    self.table_name = 'project_mirror_data'
+  end
+
+  def up
+    projects = Project.where.not(import_status: :none)
+
+    queue_background_migration_jobs_by_range_at_intervals(projects, UP_MIGRATION, DELAY_INTERVAL, batch_size: BATCH_SIZE)
+  end
+
+  def down
+    import_state = ProjectImportState.where.not(status: :none)
+
+    queue_background_migration_jobs_by_range_at_intervals(import_state, DOWN_MIGRATION, DELAY_INTERVAL, batch_size: BATCH_SIZE)
+  end
+
+end
diff --git a/db/schema.rb b/db/schema.rb
index 277b14ef7ed..27c70c03612 100644
--- a/db/schema.rb
+++ b/db/schema.rb
@@ -11,7 +11,7 @@
 #
 # It's strongly recommended that you check this file into your version control system.
 
-ActiveRecord::Schema.define(version: 20180503150427) do
+ActiveRecord::Schema.define(version: 20180503175054) do
 
   # These are extensions that must be enabled in order to support this database
   enable_extension "plpgsql"
@@ -1518,6 +1518,17 @@ ActiveRecord::Schema.define(version: 20180503150427) do
 
   add_index "project_import_data", ["project_id"], name: "index_project_import_data_on_project_id", using: :btree
 
+  create_table "project_mirror_data", force: :cascade do |t|
+    t.integer "project_id"
+    t.string "status"
+    t.string "jid"
+    t.text "last_error"
+  end
+
+  add_index "project_mirror_data", ["jid"], name: "index_project_mirror_data_on_jid", using: :btree
+  add_index "project_mirror_data", ["project_id"], name: "index_project_mirror_data_on_project_id", using: :btree
+  add_index "project_mirror_data", ["status"], name: "index_project_mirror_data_on_status", using: :btree
+
   create_table "project_statistics", force: :cascade do |t|
     t.integer "project_id", null: false
     t.integer "namespace_id", null: false
@@ -2211,6 +2222,7 @@ ActiveRecord::Schema.define(version: 20180503150427) do
   add_foreign_key "project_features", "projects", name: "fk_18513d9b92", on_delete: :cascade
   add_foreign_key "project_group_links", "projects", name: "fk_daa8cee94c", on_delete: :cascade
   add_foreign_key "project_import_data", "projects", name: "fk_ffb9ee3a10", on_delete: :cascade
+  add_foreign_key "project_mirror_data", "projects", on_delete: :cascade
   add_foreign_key "project_statistics", "projects", on_delete: :cascade
   add_foreign_key "protected_branch_merge_access_levels", "protected_branches", name: "fk_8a3072ccb3", on_delete: :cascade
   add_foreign_key "protected_branch_push_access_levels", "protected_branches", name: "fk_9ffc86a3d9", on_delete: :cascade
diff --git a/lib/api/entities.rb b/lib/api/entities.rb
index 086071161b7..a9bab5c56cf 100644
--- a/lib/api/entities.rb
+++ b/lib/api/entities.rb
@@ -136,6 +136,7 @@ module API
 
       def self.preload_relation(projects_relation, options =  {})
         projects_relation.preload(:project_feature, :route)
+                         .preload(:import_state)
                          .preload(namespace: [:route, :owner],
                                   tags: :taggings)
       end
diff --git a/lib/gitlab/background_migration/populate_import_state.rb b/lib/gitlab/background_migration/populate_import_state.rb
new file mode 100644
index 00000000000..695a2a713c5
--- /dev/null
+++ b/lib/gitlab/background_migration/populate_import_state.rb
@@ -0,0 +1,39 @@
+# frozen_string_literal: true
+
+module Gitlab
+  module BackgroundMigration
+    # This background migration creates all the records on the
+    # import state table for projects that are considered imports or forks
+    class PopulateImportState
+      def perform(start_id, end_id)
+        move_attributes_data_to_import_state(start_id, end_id)
+      rescue ActiveRecord::RecordNotUnique
+        retry
+      end
+
+      def move_attributes_data_to_import_state(start_id, end_id)
+        Rails.logger.info("#{self.class.name} - Moving import attributes data to project mirror data table: #{start_id} - #{end_id}")
+
+        ActiveRecord::Base.connection.execute <<~SQL
+          INSERT INTO project_mirror_data (project_id, status, jid, last_error)
+          SELECT id, import_status, import_jid, import_error
+          FROM projects
+          WHERE projects.import_status != 'none'
+          AND projects.id BETWEEN #{start_id} AND #{end_id}
+          AND NOT EXISTS (
+            SELECT id
+            FROM project_mirror_data
+            WHERE project_id = projects.id
+          )
+        SQL
+
+        ActiveRecord::Base.connection.execute <<~SQL
+          UPDATE projects
+          SET import_status = 'none'
+          WHERE import_status != 'none'
+          AND id BETWEEN #{start_id} AND #{end_id}
+        SQL
+      end
+    end
+  end
+end
diff --git a/lib/gitlab/background_migration/rollback_import_state_data.rb b/lib/gitlab/background_migration/rollback_import_state_data.rb
new file mode 100644
index 00000000000..a7c986747d8
--- /dev/null
+++ b/lib/gitlab/background_migration/rollback_import_state_data.rb
@@ -0,0 +1,40 @@
+# frozen_string_literal: true
+
+module Gitlab
+  module BackgroundMigration
+    # This background migration migrates all the data of import_state
+    # back to the projects table for projects that are considered imports or forks
+    class RollbackImportStateData
+      def perform(start_id, end_id)
+        move_attributes_data_to_project(start_id, end_id)
+      end
+
+      def move_attributes_data_to_project(start_id, end_id)
+        Rails.logger.info("#{self.class.name} - Moving import attributes data to projects table: #{start_id} - #{end_id}")
+
+        if Gitlab::Database.mysql?
+          ActiveRecord::Base.connection.execute <<~SQL
+            UPDATE projects, project_mirror_data
+            SET
+              projects.import_status = project_mirror_data.status,
+              projects.import_jid = project_mirror_data.jid,
+              projects.import_error = project_mirror_data.last_error
+            WHERE project_mirror_data.project_id = projects.id
+            AND project_mirror_data.id BETWEEN #{start_id} AND #{end_id}
+          SQL
+        else
+          ActiveRecord::Base.connection.execute <<~SQL
+            UPDATE projects
+            SET
+              import_status = project_mirror_data.status,
+              import_jid = project_mirror_data.jid,
+              import_error = project_mirror_data.last_error
+            FROM project_mirror_data
+            WHERE project_mirror_data.project_id = projects.id
+            AND project_mirror_data.id BETWEEN #{start_id} AND #{end_id}
+          SQL
+        end
+      end
+    end
+  end
+end
diff --git a/lib/gitlab/github_import/parallel_importer.rb b/lib/gitlab/github_import/parallel_importer.rb
index 6da11e6ef08..b02b123c98e 100644
--- a/lib/gitlab/github_import/parallel_importer.rb
+++ b/lib/gitlab/github_import/parallel_importer.rb
@@ -32,7 +32,8 @@ module Gitlab
         Gitlab::SidekiqStatus
           .set(jid, StuckImportJobsWorker::IMPORT_JOBS_EXPIRATION)
 
-        project.update_column(:import_jid, jid)
+        project.ensure_import_state
+        project.import_state&.update_column(:jid, jid)
 
         Stage::ImportRepositoryWorker
           .perform_async(project.id)
diff --git a/lib/gitlab/legacy_github_import/importer.rb b/lib/gitlab/legacy_github_import/importer.rb
index 7edd0ad2033..b04d678cf98 100644
--- a/lib/gitlab/legacy_github_import/importer.rb
+++ b/lib/gitlab/legacy_github_import/importer.rb
@@ -78,7 +78,8 @@ module Gitlab
       def handle_errors
         return unless errors.any?
 
-        project.update_column(:import_error, {
+        project.ensure_import_state
+        project.import_state&.update_column(:last_error, {
           message: 'The remote data could not be fully imported.',
           errors: errors
         }.to_json)
diff --git a/spec/factories/import_state.rb b/spec/factories/import_state.rb
new file mode 100644
index 00000000000..15d0a9d466a
--- /dev/null
+++ b/spec/factories/import_state.rb
@@ -0,0 +1,38 @@
+FactoryBot.define do
+  factory :import_state, class: ProjectImportState do
+    status :none
+    association :project, factory: :project
+
+    transient do
+      import_url { generate(:url) }
+    end
+
+    trait :repository do
+      association :project, factory: [:project, :repository]
+    end
+
+    trait :none do
+      status :none
+    end
+
+    trait :scheduled do
+      status :scheduled
+    end
+
+    trait :started do
+      status :started
+    end
+
+    trait :finished do
+      status :finished
+    end
+
+    trait :failed do
+      status :failed
+    end
+
+    after(:create) do |import_state, evaluator|
+      import_state.project.update_columns(import_url: evaluator.import_url)
+    end
+  end
+end
diff --git a/spec/factories/projects.rb b/spec/factories/projects.rb
index aed5eab8044..a6128903546 100644
--- a/spec/factories/projects.rb
+++ b/spec/factories/projects.rb
@@ -69,19 +69,43 @@ FactoryBot.define do
     end
 
     trait :import_scheduled do
-      import_status :scheduled
+      transient do
+        status :scheduled
+      end
+
+      before(:create) do |project, evaluator|
+        project.create_import_state(status: evaluator.status)
+      end
     end
 
     trait :import_started do
-      import_status :started
+      transient do
+        status :started
+      end
+
+      before(:create) do |project, evaluator|
+        project.create_import_state(status: evaluator.status)
+      end
     end
 
     trait :import_finished do
-      import_status :finished
+      transient do
+        status :finished
+      end
+
+      before(:create) do |project, evaluator|
+        project.create_import_state(status: evaluator.status)
+      end
     end
 
     trait :import_failed do
-      import_status :failed
+      transient do
+        status :failed
+      end
+
+      before(:create) do |project, evaluator|
+        project.create_import_state(status: evaluator.status)
+      end
     end
 
     trait :archived do
diff --git a/spec/features/projects/import_export/import_file_spec.rb b/spec/features/projects/import_export/import_file_spec.rb
index b25f5161748..60fe30bd898 100644
--- a/spec/features/projects/import_export/import_file_spec.rb
+++ b/spec/features/projects/import_export/import_file_spec.rb
@@ -46,7 +46,7 @@ feature 'Import/Export - project import integration test', :js do
         expect(project.merge_requests).not_to be_empty
         expect(project_hook_exists?(project)).to be true
         expect(wiki_exists?(project)).to be true
-        expect(project.import_status).to eq('finished')
+        expect(project.import_state.status).to eq('finished')
       end
     end
 
diff --git a/spec/lib/gitlab/background_migration/populate_import_state_spec.rb b/spec/lib/gitlab/background_migration/populate_import_state_spec.rb
new file mode 100644
index 00000000000..f9952ee5163
--- /dev/null
+++ b/spec/lib/gitlab/background_migration/populate_import_state_spec.rb
@@ -0,0 +1,38 @@
+require 'spec_helper'
+
+describe Gitlab::BackgroundMigration::PopulateImportState, :migration, schema: 20180502134117 do
+  let(:migration) { described_class.new }
+  let(:namespaces) { table(:namespaces) }
+  let(:projects) { table(:projects) }
+  let(:import_state)  { table(:project_mirror_data) }
+
+  before do
+    namespaces.create(id: 1, name: 'gitlab-org', path: 'gitlab-org')
+
+    projects.create!(id: 1, namespace_id: 1, name: 'gitlab1',
+                     path: 'gitlab1', import_error: "foo", import_status: :started,
+                     import_url: generate(:url))
+    projects.create!(id: 2, namespace_id: 1, name: 'gitlab2', path: 'gitlab2',
+                     import_status: :none, import_url: generate(:url))
+    projects.create!(id: 3, namespace_id: 1, name: 'gitlab3',
+                     path: 'gitlab3', import_error: "bar", import_status: :failed,
+                     import_url: generate(:url))
+
+    allow(BackgroundMigrationWorker).to receive(:perform_in)
+  end
+
+  it "creates new import_state records with project's import data" do
+    expect(projects.where.not(import_status: :none).count).to eq(2)
+
+    expect do
+      migration.perform(1, 3)
+    end.to change { import_state.all.count }.from(0).to(2)
+
+    expect(import_state.first.last_error).to eq("foo")
+    expect(import_state.last.last_error).to eq("bar")
+    expect(import_state.first.status).to eq("started")
+    expect(import_state.last.status).to eq("failed")
+    expect(projects.first.import_status).to eq("none")
+    expect(projects.last.import_status).to eq("none")
+  end
+end
diff --git a/spec/lib/gitlab/background_migration/rollback_import_state_data_spec.rb b/spec/lib/gitlab/background_migration/rollback_import_state_data_spec.rb
new file mode 100644
index 00000000000..9f8c3bc220f
--- /dev/null
+++ b/spec/lib/gitlab/background_migration/rollback_import_state_data_spec.rb
@@ -0,0 +1,28 @@
+require 'spec_helper'
+
+describe Gitlab::BackgroundMigration::RollbackImportStateData, :migration, schema: 20180502134117 do
+  let(:migration) { described_class.new }
+  let(:namespaces) { table(:namespaces) }
+  let(:projects) { table(:projects) }
+  let(:import_state)  { table(:project_mirror_data) }
+
+  before do
+    namespaces.create(id: 1, name: 'gitlab-org', path: 'gitlab-org')
+
+    projects.create!(id: 1, namespace_id: 1, name: 'gitlab1', import_url: generate(:url))
+    projects.create!(id: 2, namespace_id: 1, name: 'gitlab2', path: 'gitlab2', import_url: generate(:url))
+
+    import_state.create!(id: 1, project_id: 1, status: :started, last_error: "foo")
+    import_state.create!(id: 2, project_id: 2, status: :failed)
+
+    allow(BackgroundMigrationWorker).to receive(:perform_in)
+  end
+
+  it "creates new import_state records with project's import data" do
+    migration.perform(1, 2)
+
+    expect(projects.first.import_status).to eq("started")
+    expect(projects.second.import_status).to eq("failed")
+    expect(projects.first.import_error).to eq("foo")
+  end
+end
diff --git a/spec/lib/gitlab/github_import/importer/repository_importer_spec.rb b/spec/lib/gitlab/github_import/importer/repository_importer_spec.rb
index 879b1d9fb0f..cc9e4b67e72 100644
--- a/spec/lib/gitlab/github_import/importer/repository_importer_spec.rb
+++ b/spec/lib/gitlab/github_import/importer/repository_importer_spec.rb
@@ -2,6 +2,7 @@ require 'spec_helper'
 
 describe Gitlab::GithubImport::Importer::RepositoryImporter do
   let(:repository) { double(:repository) }
+  let(:import_state) { double(:import_state) }
   let(:client) { double(:client) }
 
   let(:project) do
@@ -12,7 +13,8 @@ describe Gitlab::GithubImport::Importer::RepositoryImporter do
       repository_storage: 'foo',
       disk_path: 'foo',
       repository: repository,
-      create_wiki: true
+      create_wiki: true,
+      import_state: import_state
     )
   end
 
diff --git a/spec/lib/gitlab/github_import/parallel_importer_spec.rb b/spec/lib/gitlab/github_import/parallel_importer_spec.rb
index e2a821d4d5c..20b48c1de68 100644
--- a/spec/lib/gitlab/github_import/parallel_importer_spec.rb
+++ b/spec/lib/gitlab/github_import/parallel_importer_spec.rb
@@ -12,6 +12,8 @@ describe Gitlab::GithubImport::ParallelImporter do
     let(:importer) { described_class.new(project) }
 
     before do
+      create(:import_state, :started, project: project)
+
       expect(Gitlab::GithubImport::Stage::ImportRepositoryWorker)
         .to receive(:perform_async)
         .with(project.id)
@@ -34,7 +36,7 @@ describe Gitlab::GithubImport::ParallelImporter do
     it 'updates the import JID of the project' do
       importer.execute
 
-      expect(project.import_jid).to eq("github-importer/#{project.id}")
+      expect(project.reload.import_jid).to eq("github-importer/#{project.id}")
     end
   end
 end
diff --git a/spec/lib/gitlab/import_export/all_models.yml b/spec/lib/gitlab/import_export/all_models.yml
index dd5640dd9de..830d91de983 100644
--- a/spec/lib/gitlab/import_export/all_models.yml
+++ b/spec/lib/gitlab/import_export/all_models.yml
@@ -273,6 +273,7 @@ project:
 - statistics
 - container_repositories
 - uploads
+- import_state
 - members_and_requesters
 - build_trace_section_names
 - root_of_fork_network
diff --git a/spec/migrations/migrate_import_attributes_data_from_projects_to_project_mirror_data_spec.rb b/spec/migrations/migrate_import_attributes_data_from_projects_to_project_mirror_data_spec.rb
new file mode 100644
index 00000000000..972c6dffc6f
--- /dev/null
+++ b/spec/migrations/migrate_import_attributes_data_from_projects_to_project_mirror_data_spec.rb
@@ -0,0 +1,56 @@
+require 'spec_helper'
+require Rails.root.join('db', 'post_migrate', '20180502134117_migrate_import_attributes_data_from_projects_to_project_mirror_data.rb')
+
+describe MigrateImportAttributesDataFromProjectsToProjectMirrorData, :sidekiq, :migration do
+  let(:namespaces) { table(:namespaces) }
+  let(:projects) { table(:projects) }
+  let(:import_state) { table(:project_mirror_data) }
+
+  before do
+    stub_const("#{described_class}::BATCH_SIZE", 1)
+    namespaces.create(id: 1, name: 'gitlab-org', path: 'gitlab-org')
+
+    projects.create!(id: 1, namespace_id: 1, name: 'gitlab1',
+                     path: 'gitlab1', import_error: "foo", import_status: :started,
+                     import_url: generate(:url))
+    projects.create!(id: 2, namespace_id: 1, name: 'gitlab2',
+                     path: 'gitlab2', import_error: "bar", import_status: :failed,
+                     import_url: generate(:url))
+    projects.create!(id: 3, namespace_id: 1, name: 'gitlab3', path: 'gitlab3', import_status: :none, import_url: generate(:url))
+  end
+
+  it 'schedules delayed background migrations in batches in bulk' do
+    Sidekiq::Testing.fake! do
+      Timecop.freeze do
+        expect(projects.where.not(import_status: :none).count).to eq(2)
+
+        subject.up
+
+        expect(BackgroundMigrationWorker.jobs.size).to eq 2
+        expect(described_class::UP_MIGRATION).to be_scheduled_delayed_migration(5.minutes, 1, 1)
+        expect(described_class::UP_MIGRATION).to be_scheduled_delayed_migration(10.minutes, 2, 2)
+      end
+    end
+  end
+
+  describe '#down' do
+    before do
+      import_state.create!(id: 1, project_id: 1, status: :started)
+      import_state.create!(id: 2, project_id: 2, status: :started)
+    end
+
+    it 'schedules delayed background migrations in batches in bulk for rollback' do
+      Sidekiq::Testing.fake! do
+        Timecop.freeze do
+          expect(import_state.where.not(status: :none).count).to eq(2)
+
+          subject.down
+
+          expect(BackgroundMigrationWorker.jobs.size).to eq 2
+          expect(described_class::DOWN_MIGRATION).to be_scheduled_delayed_migration(5.minutes, 1, 1)
+          expect(described_class::DOWN_MIGRATION).to be_scheduled_delayed_migration(10.minutes, 2, 2)
+        end
+      end
+    end
+  end
+end
diff --git a/spec/models/project_import_state_spec.rb b/spec/models/project_import_state_spec.rb
new file mode 100644
index 00000000000..f7033b28c76
--- /dev/null
+++ b/spec/models/project_import_state_spec.rb
@@ -0,0 +1,13 @@
+require 'rails_helper'
+
+describe ProjectImportState, type: :model do
+  subject { create(:import_state) }
+
+  describe 'associations' do
+    it { is_expected.to belong_to(:project) }
+  end
+
+  describe 'validations' do
+    it { is_expected.to validate_presence_of(:project) }
+  end
+end
diff --git a/spec/models/project_spec.rb b/spec/models/project_spec.rb
index 08e42b61910..e41212b1e03 100644
--- a/spec/models/project_spec.rb
+++ b/spec/models/project_spec.rb
@@ -1695,7 +1695,8 @@ describe Project do
 
       it 'resets project import_error' do
         error_message = 'Some error'
-        mirror = create(:project_empty_repo, :import_started, import_error: error_message)
+        mirror = create(:project_empty_repo, :import_started)
+        mirror.import_state.update_attributes(last_error: error_message)
 
         expect { mirror.import_finish }.to change { mirror.import_error }.from(error_message).to(nil)
       end
@@ -3339,7 +3340,8 @@ describe Project do
 
     context 'with an import JID' do
       it 'unsets the import JID' do
-        project = create(:project, import_jid: '123')
+        project = create(:project)
+        create(:import_state, project: project, jid: '123')
 
         expect(Gitlab::SidekiqStatus)
           .to receive(:unset)
diff --git a/spec/requests/api/project_import_spec.rb b/spec/requests/api/project_import_spec.rb
index f68057a92a1..f8c64f063af 100644
--- a/spec/requests/api/project_import_spec.rb
+++ b/spec/requests/api/project_import_spec.rb
@@ -145,7 +145,7 @@ describe API::ProjectImport do
 
   describe 'GET /projects/:id/import' do
     it 'returns the import status' do
-      project = create(:project, import_status: 'started')
+      project = create(:project, :import_started)
       project.add_master(user)
 
       get api("/projects/#{project.id}/import", user)
@@ -155,8 +155,9 @@ describe API::ProjectImport do
     end
 
     it 'returns the import status and the error if failed' do
-      project = create(:project, import_status: 'failed', import_error: 'error')
+      project = create(:project, :import_failed)
       project.add_master(user)
+      project.import_state.update_attributes(last_error: 'error')
 
       get api("/projects/#{project.id}/import", user)
 
diff --git a/spec/services/projects/create_from_template_service_spec.rb b/spec/services/projects/create_from_template_service_spec.rb
index d40e6f1449d..9aa9237d875 100644
--- a/spec/services/projects/create_from_template_service_spec.rb
+++ b/spec/services/projects/create_from_template_service_spec.rb
@@ -23,7 +23,7 @@ describe Projects::CreateFromTemplateService do
     project = subject.execute
 
     expect(project).to be_saved
-    expect(project.scheduled?).to be(true)
+    expect(project.import_scheduled?).to be(true)
   end
 
   context 'the result project' do
diff --git a/spec/views/projects/imports/new.html.haml_spec.rb b/spec/views/projects/imports/new.html.haml_spec.rb
index ec435ec3b32..32d73d0c5ab 100644
--- a/spec/views/projects/imports/new.html.haml_spec.rb
+++ b/spec/views/projects/imports/new.html.haml_spec.rb
@@ -4,9 +4,10 @@ describe "projects/imports/new.html.haml" do
   let(:user) { create(:user) }
 
   context 'when import fails' do
-    let(:project) { create(:project_empty_repo, import_status: :failed, import_error: '<a href="http://googl.com">Foo</a>', import_type: :gitlab_project, import_source: '/var/opt/gitlab/gitlab-rails/shared/tmp/project_exports/uploads/t.tar.gz', import_url: nil) }
+    let(:project) { create(:project_empty_repo, :import_failed, import_type: :gitlab_project, import_source: '/var/opt/gitlab/gitlab-rails/shared/tmp/project_exports/uploads/t.tar.gz', import_url: nil) }
 
     before do
+      project.import_state.update_attributes(last_error: '<a href="http://googl.com">Foo</a>')
       sign_in(user)
       project.add_master(user)
     end
diff --git a/spec/workers/gitlab/github_import/advance_stage_worker_spec.rb b/spec/workers/gitlab/github_import/advance_stage_worker_spec.rb
index 3be49a0dee8..0f78c5cc644 100644
--- a/spec/workers/gitlab/github_import/advance_stage_worker_spec.rb
+++ b/spec/workers/gitlab/github_import/advance_stage_worker_spec.rb
@@ -1,7 +1,8 @@
 require 'spec_helper'
 
 describe Gitlab::GithubImport::AdvanceStageWorker, :clean_gitlab_redis_shared_state do
-  let(:project) { create(:project, import_jid: '123') }
+  let(:project) { create(:project) }
+  let(:import_state) { create(:import_state, project: project, jid: '123') }
   let(:worker) { described_class.new }
 
   describe '#perform' do
@@ -105,7 +106,8 @@ describe Gitlab::GithubImport::AdvanceStageWorker, :clean_gitlab_redis_shared_st
 
       # This test is there to make sure we only select the columns we care
       # about.
-      expect(found.attributes).to eq({ 'id' => nil, 'import_jid' => '123' })
+      # TODO: enable this assertion back again
+      # expect(found.attributes).to include({ 'id' => nil, 'import_jid' => '123' })
     end
 
     it 'returns nil if the project import is not running' do
diff --git a/spec/workers/gitlab/github_import/refresh_import_jid_worker_spec.rb b/spec/workers/gitlab/github_import/refresh_import_jid_worker_spec.rb
index 073c6d7a2f5..25ada575a44 100644
--- a/spec/workers/gitlab/github_import/refresh_import_jid_worker_spec.rb
+++ b/spec/workers/gitlab/github_import/refresh_import_jid_worker_spec.rb
@@ -14,7 +14,8 @@ describe Gitlab::GithubImport::RefreshImportJidWorker do
   end
 
   describe '#perform' do
-    let(:project) { create(:project, import_jid: '123abc') }
+    let(:project) { create(:project) }
+    let(:import_state) { create(:import_state, project: project, jid: '123abc') }
 
     context 'when the project does not exist' do
       it 'does nothing' do
@@ -70,20 +71,21 @@ describe Gitlab::GithubImport::RefreshImportJidWorker do
 
   describe '#find_project' do
     it 'returns a Project' do
-      project = create(:project, import_status: 'started')
+      project = create(:project, :import_started)
 
       expect(worker.find_project(project.id)).to be_an_instance_of(Project)
     end
 
-    it 'only selects the import JID field' do
-      project = create(:project, import_status: 'started', import_jid: '123abc')
-
-      expect(worker.find_project(project.id).attributes)
-        .to eq({ 'id' => nil, 'import_jid' => '123abc' })
-    end
+    # it 'only selects the import JID field' do
+    #   project = create(:project, :import_started)
+    #   project.import_state.update_attributes(jid: '123abc')
+    #
+    #   expect(worker.find_project(project.id).attributes)
+    #     .to eq({ 'id' => nil, 'import_jid' => '123abc' })
+    # end
 
     it 'returns nil for a project for which the import process failed' do
-      project = create(:project, import_status: 'failed')
+      project = create(:project, :import_failed)
 
       expect(worker.find_project(project.id)).to be_nil
     end
diff --git a/spec/workers/repository_import_worker_spec.rb b/spec/workers/repository_import_worker_spec.rb
index 2b1a617ee62..84d1b38ef19 100644
--- a/spec/workers/repository_import_worker_spec.rb
+++ b/spec/workers/repository_import_worker_spec.rb
@@ -11,10 +11,12 @@ describe RepositoryImportWorker do
     let(:project) { create(:project, :import_scheduled) }
 
     context 'when worker was reset without cleanup' do
-      let(:jid) { '12345678' }
-      let(:started_project) { create(:project, :import_started, import_jid: jid) }
-
       it 'imports the project successfully' do
+        jid = '12345678'
+        started_project = create(:project)
+
+        create(:import_state, :started, project: started_project, jid: jid)
+
         allow(subject).to receive(:jid).and_return(jid)
 
         expect_any_instance_of(Projects::ImportService).to receive(:execute)
diff --git a/spec/workers/stuck_import_jobs_worker_spec.rb b/spec/workers/stuck_import_jobs_worker_spec.rb
index 069514552b1..af7675c8cab 100644
--- a/spec/workers/stuck_import_jobs_worker_spec.rb
+++ b/spec/workers/stuck_import_jobs_worker_spec.rb
@@ -48,13 +48,21 @@ describe StuckImportJobsWorker do
 
   describe 'with scheduled import_status' do
     it_behaves_like 'project import job detection' do
-      let(:project) { create(:project, :import_scheduled, import_jid: '123') }
+      let(:project) { create(:project, :import_scheduled) }
+
+      before do
+        project.import_state.update_attributes(jid: '123')
+      end
     end
   end
 
   describe 'with started import_status' do
     it_behaves_like 'project import job detection' do
-      let(:project) { create(:project, :import_started, import_jid: '123') }
+      let(:project) { create(:project, :import_started) }
+
+      before do
+        project.import_state.update_attributes(jid: '123')
+      end
     end
   end
 end

From 32737ec22cf719e45795bdf8a574b68cc1d1e252 Mon Sep 17 00:00:00 2001
From: Paul Slaughter <pslaughter@gitlab.com>
Date: Fri, 4 May 2018 18:22:31 +0000
Subject: [PATCH 129/129] fix Web IDE file tree scroll issue

---
 app/assets/stylesheets/pages/repo.scss | 1 +
 1 file changed, 1 insertion(+)

diff --git a/app/assets/stylesheets/pages/repo.scss b/app/assets/stylesheets/pages/repo.scss
index e74606e864f..888757c12d8 100644
--- a/app/assets/stylesheets/pages/repo.scss
+++ b/app/assets/stylesheets/pages/repo.scss
@@ -440,6 +440,7 @@
   padding-right: 3px;
 
   .projects-sidebar {
+    min-height: 0;
     display: flex;
     flex-direction: column;
     flex: 1;